fixup commit for branch 'unlabeled-1.40.6'

1576 files changed, 0 insertions, 619275 deletions

diff --git a/dbm/.cvsignore b/dbm/.cvsignore
deleted file mode 100644
index f3c7a7c5d..000000000
--- a/dbm/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/Makefile.in b/dbm/Makefile.in
deleted file mode 100644
index 13779b989..000000000
--- a/dbm/Makefile.in
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#
-
-DEPTH		= ..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-DIRS		= include src
-
-ifdef ENABLE_TESTS
-DIRS		+= tests
-endif
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/include/.cvsignore b/dbm/include/.cvsignore
deleted file mode 100644
index f3c7a7c5d..000000000
--- a/dbm/include/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/include/MANIFEST b/dbm/include/MANIFEST
deleted file mode 100644
index 5626a3e87..000000000
--- a/dbm/include/MANIFEST
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# This is a list of local files which get copied to the mozilla:dist directory
-#
-
-cdefs.h
-extern.h
-hash.h
-hsearch.h
-mcom_db.h
-mpool.h
-ncompat.h
-ndbm.h
-nsres.h
-page.h
-queue.h
-search.h
-watcomfx.h
diff --git a/dbm/include/Makefile.in b/dbm/include/Makefile.in
deleted file mode 100644
index 86fb8f157..000000000
--- a/dbm/include/Makefile.in
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#
-
-DEPTH		= ../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE		= dbm
-
-EXPORTS		= \
-		nsres.h \
-		cdefs.h \
-		mcom_db.h \
-		ncompat.h \
-		winfile.h \
-		$(NULL)
-
-EXPORTS		:= $(addprefix $(srcdir)/, $(EXPORTS))
-
-PRIVATE_EXPORTS	= \
-		hsearch.h \
-		page.h \
-		extern.h \
-		ndbm.h \
-		queue.h \
-		hash.h \
-		mpool.h \
-		search.h \
-		$(NULL)
-
-PRIVATE_EXPORTS	:= $(addprefix $(srcdir)/, $(PRIVATE_EXPORTS))
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/include/Makefile.win b/dbm/include/Makefile.win
deleted file mode 100644
index 07fba1859..000000000
--- a/dbm/include/Makefile.win
+++ /dev/null
@@ -1,60 +0,0 @@
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-
-
-#//------------------------------------------------------------------------
-#//
-#// Makefile to build the cert library
-#//
-#//------------------------------------------------------------------------
-
-!if "$(MOZ_BITS)" == "16"
-!ifndef MOZ_DEBUG
-OPTIMIZER=-Os -UDEBUG -DNDEBUG
-!endif
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..
-
-!ifndef MAKE_OBJ_TYPE
-MAKE_OBJ_TYPE=EXE
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// install headers
-#//
-#//------------------------------------------------------------------------
-EXPORTS=nsres.h cdefs.h mcom_db.h ncompat.h winfile.h
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/config/rules.mak>
-
-CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT
-
diff --git a/dbm/include/cdefs.h b/dbm/include/cdefs.h
deleted file mode 100644
index 63c2f624a..000000000
--- a/dbm/include/cdefs.h
+++ /dev/null
@@ -1,165 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: NPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Netscape Public License
- * Version 1.1 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is 
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the NPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the NPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Berkeley Software Design, Inc.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)cdefs.h	8.7 (Berkeley) 1/21/94
- */
-
-#ifndef	_CDEFS_H_
-#define	_CDEFS_H_
-
-#if defined(__cplusplus)
-#define	__BEGIN_DECLS	extern "C" {
-#define	__END_DECLS	}
-#else
-#define	__BEGIN_DECLS
-#define	__END_DECLS
-#endif
-
-/*
- * The __CONCAT macro is used to concatenate parts of symbol names, e.g.
- * with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo.
- * The __CONCAT macro is a bit tricky -- make sure you don't put spaces
- * in between its arguments.  __CONCAT can also concatenate double-quoted
- * strings produced by the __STRING macro, but this only works with ANSI C.
- */
-#if defined(__STDC__) || defined(__cplusplus) || defined(_WINDOWS) || defined(XP_OS2)
-#define	__P(protos)	protos		/* full-blown ANSI C */
-#define	__CONCAT(x,y)	x ## y
-#define	__STRING(x)	#x
-
-/* On HP-UX 11.00, <sys/stdsyms.h> defines __const. */
-#ifndef __const
-#define	__const		const		/* define reserved names to standard */
-#endif  /* __const */
-#define	__signed	signed
-#define	__volatile	volatile
-#ifndef _WINDOWS
-#if defined(__cplusplus)
-#define	__inline	inline		/* convert to C++ keyword */
-#else
-#if !defined(__GNUC__) && !defined(__MWERKS__)
-#define	__inline			/* delete GCC keyword */
-#endif /* !__GNUC__ */
-#endif /* !__cplusplus */
-#endif /* !_WINDOWS */
-
-#else	/* !(__STDC__ || __cplusplus) */
-#define	__P(protos)	()		/* traditional C preprocessor */
-#define	__CONCAT(x,y)	x/**/y
-#define	__STRING(x)	"x"
-
-#ifndef __GNUC__
-#define	__const				/* delete pseudo-ANSI C keywords */
-#define	__inline
-#define	__signed
-#define	__volatile
-/*
- * In non-ANSI C environments, new programs will want ANSI-only C keywords
- * deleted from the program and old programs will want them left alone.
- * When using a compiler other than gcc, programs using the ANSI C keywords
- * const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS.
- * When using "gcc -traditional", we assume that this is the intent; if
- * __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone.
- */
-#ifndef	NO_ANSI_KEYWORDS
-#define	const				/* delete ANSI C keywords */
-#define	inline
-#define	signed
-#define	volatile
-#endif
-#endif	/* !__GNUC__ */
-#endif	/* !(__STDC__ || __cplusplus) */
-
-/*
- * GCC1 and some versions of GCC2 declare dead (non-returning) and
- * pure (no side effects) functions using "volatile" and "const";
- * unfortunately, these then cause warnings under "-ansi -pedantic".
- * GCC2 uses a new, peculiar __attribute__((attrs)) style.  All of
- * these work for GNU C++ (modulo a slight glitch in the C++ grammar
- * in the distribution version of 2.5.5).
- */
-#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5
-#define	__attribute__(x)	/* delete __attribute__ if non-gcc or gcc1 */
-#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
-#define	__dead		__volatile
-#define	__pure		__const
-#endif
-#endif
-
-/* Delete pseudo-keywords wherever they are not available or needed. */
-#ifndef __dead
-#define	__dead
-#define	__pure
-#endif
-
-#endif /* !_CDEFS_H_ */
diff --git a/dbm/include/extern.h b/dbm/include/extern.h
deleted file mode 100644
index 8eabc81fe..000000000
--- a/dbm/include/extern.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)extern.h	8.4 (Berkeley) 6/16/94
- */
-
-BUFHEAD	*__add_ovflpage (HTAB *, BUFHEAD *);
-int	 __addel (HTAB *, BUFHEAD *, const DBT *, const DBT *);
-int	 __big_delete (HTAB *, BUFHEAD *);
-int	 __big_insert (HTAB *, BUFHEAD *, const DBT *, const DBT *);
-int	 __big_keydata (HTAB *, BUFHEAD *, DBT *, DBT *, int);
-int	 __big_return (HTAB *, BUFHEAD *, int, DBT *, int);
-int	 __big_split (HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *,
-		uint32, uint32, SPLIT_RETURN *);
-int	 __buf_free (HTAB *, int, int);
-void	 __buf_init (HTAB *, int);
-uint32	 __call_hash (HTAB *, char *, size_t);
-int	 __delpair (HTAB *, BUFHEAD *, int);
-int	 __expand_table (HTAB *);
-int	 __find_bigpair (HTAB *, BUFHEAD *, int, char *, int);
-uint16	 __find_last_page (HTAB *, BUFHEAD **);
-void	 __free_ovflpage (HTAB *, BUFHEAD *);
-BUFHEAD	*__get_buf (HTAB *, uint32, BUFHEAD *, int);
-int	 __get_page (HTAB *, char *, uint32, int, int, int);
-int	 __ibitmap (HTAB *, int, int, int);
-uint32	 __log2 (uint32);
-int	 __put_page (HTAB *, char *, uint32, int, int);
-void	 __reclaim_buf (HTAB *, BUFHEAD *);
-int	 __split_page (HTAB *, uint32, uint32);
-
-/* Default hash routine. */
-extern uint32 (*__default_hash) (const void *, size_t);
-
-#ifdef HASH_STATISTICS
-extern int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
-#endif
diff --git a/dbm/include/hash.h b/dbm/include/hash.h
deleted file mode 100644
index 454a8ec42..000000000
--- a/dbm/include/hash.h
+++ /dev/null
@@ -1,337 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)hash.h	8.3 (Berkeley) 5/31/94
- */
-
-/* Operations */
-
-#include <stdio.h>
-#include "mcom_db.h"
-typedef enum {
-	HASH_GET, HASH_PUT, HASH_PUTNEW, HASH_DELETE, HASH_FIRST, HASH_NEXT
-} ACTION;
-
-/* Buffer Management structures */
-typedef struct _bufhead BUFHEAD;
-
-struct _bufhead {
-	BUFHEAD		*prev;		/* LRU links */
-	BUFHEAD		*next;		/* LRU links */
-	BUFHEAD		*ovfl;		/* Overflow page buffer header */
-	uint32	 	addr;		/* Address of this page */
-	char		*page;		/* Actual page data */
-	char     	is_disk;
-	char	 	flags;
-#define	BUF_MOD		0x0001
-#define BUF_DISK	0x0002
-#define	BUF_BUCKET	0x0004
-#define	BUF_PIN		0x0008
-};
-
-#define IS_BUCKET(X)	((X) & BUF_BUCKET)
-
-typedef BUFHEAD **SEGMENT;
-
-typedef int DBFILE_PTR;
-#define NO_FILE -1
-#ifdef macintosh
-#define DBFILE_OPEN(path, flag,mode) open((path), flag)
-#define EXISTS(path)
-#else
-#define DBFILE_OPEN(path, flag,mode) open((path), (flag), (mode))
-#endif
-/* Hash Table Information */
-typedef struct hashhdr {		/* Disk resident portion */
-	int32		magic;		/* Magic NO for hash tables */
-	int32		version;	/* Version ID */
-	uint32		lorder;		/* Byte Order */
-	int32		bsize;		/* Bucket/Page Size */
-	int32		bshift;		/* Bucket shift */
-	int32		dsize;		/* Directory Size */
-	int32		ssize;		/* Segment Size */
-	int32		sshift;		/* Segment shift */
-	int32		ovfl_point;	/* Where overflow pages are being 
-					 * allocated */
-	int32		last_freed;	/* Last overflow page freed */
-	int32		max_bucket;	/* ID of Maximum bucket in use */
-	int32		high_mask;	/* Mask to modulo into entire table */
-	int32		low_mask;	/* Mask to modulo into lower half of 
-					 * table */
-	int32		ffactor;	/* Fill factor */
-	int32		nkeys;		/* Number of keys in hash table */
-	int32		hdrpages;	/* Size of table header */
-	uint32		h_charkey;	/* value of hash(CHARKEY) */
-#define NCACHED	32			/* number of bit maps and spare 
-					 * points */
-	int32		spares[NCACHED];/* spare pages for overflow */
-	uint16		bitmaps[NCACHED];	/* address of overflow page 
-						 * bitmaps */
-} HASHHDR;
-
-typedef struct htab	 {		/* Memory resident data structure */
-	HASHHDR 	hdr;		/* Header */
-	int		nsegs;		/* Number of allocated segments */
-	int		exsegs;		/* Number of extra allocated 
-					 * segments */
-	uint32			/* Hash function */
-	    (*hash)(const void *, size_t);
-	int		flags;		/* Flag values */
-	DBFILE_PTR	fp;		/* File pointer */
-	char            *filename;
-	char		*tmp_buf;	/* Temporary Buffer for BIG data */
-	char		*tmp_key;	/* Temporary Buffer for BIG keys */
-	BUFHEAD 	*cpage;		/* Current page */
-	int		cbucket;	/* Current bucket */
-	int		cndx;		/* Index of next item on cpage */
-	int		dbmerrno;		/* Error Number -- for DBM 
-					 * compatability */
-	int		new_file;	/* Indicates if fd is backing store 
-					 * or no */
-	int		save_file;	/* Indicates whether we need to flush 
-					 * file at
-					 * exit */
-	uint32		*mapp[NCACHED];	/* Pointers to page maps */
-	int		nmaps;		/* Initial number of bitmaps */
-	int		nbufs;		/* Number of buffers left to 
-					 * allocate */
-	BUFHEAD 	bufhead;	/* Header of buffer lru list */
-	SEGMENT 	*dir;		/* Hash Bucket directory */
-	off_t		file_size;	/* in bytes */
-	char		is_temp;	/* unlink file on close */
-	char		updateEOF;	/* force EOF update on flush */
-} HTAB;
-
-/*
- * Constants
- */
-#define DATABASE_CORRUPTED_ERROR -999   /* big ugly abort, delete database */
-#define	OLD_MAX_BSIZE		65536		/* 2^16 */
-#define MAX_BSIZE       	32l*1024l         /* 2^15 */
-#define MIN_BUFFERS		6
-#define MINHDRSIZE		512
-#define DEF_BUFSIZE		65536l		/* 64 K */
-#define DEF_BUCKET_SIZE		4096
-#define DEF_BUCKET_SHIFT	12		/* log2(BUCKET) */
-#define DEF_SEGSIZE		256
-#define DEF_SEGSIZE_SHIFT	8		/* log2(SEGSIZE)	 */
-#define DEF_DIRSIZE		256
-#define DEF_FFACTOR		65536l
-#define MIN_FFACTOR		4
-#define SPLTMAX			8
-#define CHARKEY			"%$sniglet^&"
-#define NUMKEY			1038583l
-#define BYTE_SHIFT		3
-#define INT_TO_BYTE		2
-#define INT_BYTE_SHIFT		5
-#define ALL_SET			((uint32)0xFFFFFFFF)
-#define ALL_CLEAR		0
-
-#define PTROF(X)	((ptrdiff_t)(X) == BUF_DISK ? 0 : (X))
-#define ISDISK(X)	((X) ? ((ptrdiff_t)(X) == BUF_DISK ? BUF_DISK \
-				: (X)->is_disk) : 0)
-
-#define BITS_PER_MAP	32
-
-/* Given the address of the beginning of a big map, clear/set the nth bit */
-#define CLRBIT(A, N)	((A)[(N)/BITS_PER_MAP] &= ~(1<<((N)%BITS_PER_MAP)))
-#define SETBIT(A, N)	((A)[(N)/BITS_PER_MAP] |= (1<<((N)%BITS_PER_MAP)))
-#define ISSET(A, N)	((A)[(N)/BITS_PER_MAP] & (1<<((N)%BITS_PER_MAP)))
-
-/* Overflow management */
-/*
- * Overflow page numbers are allocated per split point.  At each doubling of
- * the table, we can allocate extra pages.  So, an overflow page number has
- * the top 5 bits indicate which split point and the lower 11 bits indicate
- * which page at that split point is indicated (pages within split points are
- * numberered starting with 1).
- */
-
-#define SPLITSHIFT	11
-#define SPLITMASK	0x7FF
-#define SPLITNUM(N)	(((uint32)(N)) >> SPLITSHIFT)
-#define OPAGENUM(N)	((N) & SPLITMASK)
-#define	OADDR_OF(S,O)	((uint32)((uint32)(S) << SPLITSHIFT) + (O))
-
-#define BUCKET_TO_PAGE(B) \
-	(B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[__log2((uint32)((B)+1))-1] : 0)
-#define OADDR_TO_PAGE(B) 	\
-	BUCKET_TO_PAGE ( (1 << SPLITNUM((B))) -1 ) + OPAGENUM((B));
-
-/*
- * page.h contains a detailed description of the page format.
- *
- * Normally, keys and data are accessed from offset tables in the top of
- * each page which point to the beginning of the key and data.  There are
- * four flag values which may be stored in these offset tables which indicate
- * the following:
- *
- *
- * OVFLPAGE	Rather than a key data pair, this pair contains
- *		the address of an overflow page.  The format of
- *		the pair is:
- *		    OVERFLOW_PAGE_NUMBER OVFLPAGE
- *
- * PARTIAL_KEY	This must be the first key/data pair on a page
- *		and implies that page contains only a partial key.
- *		That is, the key is too big to fit on a single page
- *		so it starts on this page and continues on the next.
- *		The format of the page is:
- *		    KEY_OFF PARTIAL_KEY OVFL_PAGENO OVFLPAGE
- *		
- *		    KEY_OFF -- offset of the beginning of the key
- *		    PARTIAL_KEY -- 1
- *		    OVFL_PAGENO - page number of the next overflow page
- *		    OVFLPAGE -- 0
- *
- * FULL_KEY	This must be the first key/data pair on the page.  It
- *		is used in two cases.
- *
- *		Case 1:
- *		    There is a complete key on the page but no data
- *		    (because it wouldn't fit).  The next page contains
- *		    the data.
- *
- *		    Page format it:
- *		    KEY_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
- *
- *		    KEY_OFF -- offset of the beginning of the key
- *		    FULL_KEY -- 2
- *		    OVFL_PAGENO - page number of the next overflow page
- *		    OVFLPAGE -- 0
- *
- *		Case 2:
- *		    This page contains no key, but part of a large
- *		    data field, which is continued on the next page.
- *
- *		    Page format it:
- *		    DATA_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
- *
- *		    KEY_OFF -- offset of the beginning of the data on
- *				this page
- *		    FULL_KEY -- 2
- *		    OVFL_PAGENO - page number of the next overflow page
- *		    OVFLPAGE -- 0
- *
- * FULL_KEY_DATA 
- *		This must be the first key/data pair on the page.
- *		There are two cases:
- *
- *		Case 1:
- *		    This page contains a key and the beginning of the
- *		    data field, but the data field is continued on the
- *		    next page.
- *
- *		    Page format is:
- *		    KEY_OFF FULL_KEY_DATA OVFL_PAGENO DATA_OFF
- *
- *		    KEY_OFF -- offset of the beginning of the key
- *		    FULL_KEY_DATA -- 3
- *		    OVFL_PAGENO - page number of the next overflow page
- *		    DATA_OFF -- offset of the beginning of the data
- *
- *		Case 2:
- *		    This page contains the last page of a big data pair.
- *		    There is no key, only the  tail end of the data
- *		    on this page.
- *
- *		    Page format is:
- *		    DATA_OFF FULL_KEY_DATA <OVFL_PAGENO> <OVFLPAGE>
- *
- *		    DATA_OFF -- offset of the beginning of the data on
- *				this page
- *		    FULL_KEY_DATA -- 3
- *		    OVFL_PAGENO - page number of the next overflow page
- *		    OVFLPAGE -- 0
- *
- *		    OVFL_PAGENO and OVFLPAGE are optional (they are
- *		    not present if there is no next page).
- */
-
-#define OVFLPAGE	0
-#define PARTIAL_KEY	1
-#define FULL_KEY	2
-#define FULL_KEY_DATA	3
-#define	REAL_KEY	4
-
-/* Short hands for accessing structure */
-#undef BSIZE
-#define BSIZE		hdr.bsize
-#undef BSHIFT
-#define BSHIFT		hdr.bshift
-#define DSIZE		hdr.dsize
-#define SGSIZE		hdr.ssize
-#define SSHIFT		hdr.sshift
-#define LORDER		hdr.lorder
-#define OVFL_POINT	hdr.ovfl_point
-#define	LAST_FREED	hdr.last_freed
-#define MAX_BUCKET	hdr.max_bucket
-#define FFACTOR		hdr.ffactor
-#define HIGH_MASK	hdr.high_mask
-#define LOW_MASK	hdr.low_mask
-#define NKEYS		hdr.nkeys
-#define HDRPAGES	hdr.hdrpages
-#define SPARES		hdr.spares
-#define BITMAPS		hdr.bitmaps
-#define VERSION		hdr.version
-#define MAGIC		hdr.magic
-#define NEXT_FREE	hdr.next_free
-#define H_CHARKEY	hdr.h_charkey
-
-extern uint32 (*__default_hash) (const void *, size_t);
-void __buf_init(HTAB *hashp, int32 nbytes);
-int __big_delete(HTAB *hashp, BUFHEAD *bufp);
-BUFHEAD * __get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage);
-uint32 __call_hash(HTAB *hashp, char *k, size_t len);
-#include "page.h"
-extern int __big_split(HTAB *hashp, BUFHEAD *op,BUFHEAD *np,
-BUFHEAD *big_keyp,uint32 addr,uint32   obucket, SPLIT_RETURN *ret);
-void __free_ovflpage(HTAB *hashp, BUFHEAD *obufp);
-BUFHEAD * __add_ovflpage(HTAB *hashp, BUFHEAD *bufp);
-int __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val);
-int __expand_table(HTAB *hashp);
-uint32 __log2(uint32 num);
-void __reclaim_buf(HTAB *hashp, BUFHEAD *bp);
-int __get_page(HTAB *hashp, char * p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap);
-int __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap);
-int __ibitmap(HTAB *hashp, int pnum, int nbits, int ndx);
-int __buf_free(HTAB *hashp, int do_free, int to_disk);
-int __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size);
-uint16 __find_last_page(HTAB *hashp, BUFHEAD **bpp);
-int __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val);
-int __big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current);
-int __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx);
-int __big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set);
-int __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket);
diff --git a/dbm/include/hsearch.h b/dbm/include/hsearch.h
deleted file mode 100644
index ff58b1c15..000000000
--- a/dbm/include/hsearch.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)search.h	8.1 (Berkeley) 6/4/93
- */
-
-/* Backward compatibility to hsearch interface. */
-typedef struct entry {
-	char *key;
-	char *data;
-} ENTRY;
-
-typedef enum {
-	FIND, ENTER
-} ACTION;
-
-int	 hcreate (unsigned int);
-void	 hdestroy (void);
-ENTRY	*hsearch (ENTRY, ACTION);
diff --git a/dbm/include/mcom_db.h b/dbm/include/mcom_db.h
deleted file mode 100644
index 252a9b268..000000000
--- a/dbm/include/mcom_db.h
+++ /dev/null
@@ -1,450 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: NPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Netscape Public License
- * Version 1.1 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is 
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the NPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the NPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*- 
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)db.h	8.7 (Berkeley) 6/16/94
- */
-
-#ifndef _DB_H_
-#define	_DB_H_
-
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-#include "prtypes.h"
-
-#include <limits.h>
-
-#ifdef __DBINTERFACE_PRIVATE
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#else
-#include "cdefs.h"
-#endif
-
-#ifdef HAVE_SYS_BYTEORDER_H
-#include <sys/byteorder.h>
-#endif
-
-#if defined(__linux) || defined(__BEOS__)
-#include <endian.h>
-#ifndef BYTE_ORDER
-#define BYTE_ORDER    __BYTE_ORDER
-#define BIG_ENDIAN    __BIG_ENDIAN
-#define LITTLE_ENDIAN __LITTLE_ENDIAN
-#endif
-#endif /* __linux */
-
-#ifdef __sgi
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN      4321
-#define LITTLE_ENDIAN   1234            /* LSB first: i386, vax, all NT risc */
-#endif
-
-#ifdef __sun
-#define BIG_ENDIAN      4321
-#define LITTLE_ENDIAN   1234            /* LSB first: i386, vax, all NT risc */
-
-#ifndef __SVR4
-/* compat.h is only in 4.1.3 machines. - dp */
-#include <compat.h>
-#endif
-
-/* XXX - dp
- * Need to find a general way of defining endian-ness in SunOS 5.3
- * SunOS 5.4 defines _BIG_ENDIAN and _LITTLE_ENDIAN
- * SunOS 5.3 does nothing like this.
- */
-
-#ifndef BYTE_ORDER
-
-#if defined(_BIG_ENDIAN)
-#define BYTE_ORDER BIG_ENDIAN
-#elif defined(_LITTLE_ENDIAN)
-#define BYTE_ORDER LITTLE_ENDIAN
-#elif !defined(__SVR4)
-/* 4.1.3 is always BIG_ENDIAN as it was released only on sparc platforms. */
-#define BYTE_ORDER BIG_ENDIAN
-#elif !defined(vax) && !defined(ntohl) && !defined(lint) && !defined(i386)
-/* 5.3 big endian. Copied this above line from sys/byteorder.h */
-/* Now we are in a 5.3 SunOS rather non 5.4 or above SunOS  */
-#define BYTE_ORDER BIG_ENDIAN
-#else
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif
-
-#endif /* !BYTE_ORDER */
-#endif /* __sun */
-
-#if defined(__hpux) || defined(__hppa)
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN      4321
-#define LITTLE_ENDIAN   1234            /* LSB first: i386, vax, all NT risc */
-#endif
-
-#if defined(AIXV3) || defined(AIX)
-/* BYTE_ORDER, LITTLE_ENDIAN, BIG_ENDIAN are all defined here */
-#include <sys/machine.h>
-#endif
-
-/* Digital Unix */
-#ifdef __osf__
-#include <machine/endian.h>
-#endif
-
-#ifdef __alpha
-#ifndef WIN32
-#else
-/* Alpha NT */
-#define BYTE_ORDER LITTLE_ENDIAN
-#define BIG_ENDIAN      4321
-#define LITTLE_ENDIAN   1234 
-#endif
-#endif
-
-#ifdef NCR
-#include <sys/endian.h>
-#endif
-
-#ifdef __QNX__
-#ifdef __QNXNTO__
-#include <sys/param.h>
-#else
-#define LITTLE_ENDIAN	1234
-#define BIG_ENDIAN	4321
-#define BYTE_ORDER	LITTLE_ENDIAN
-#endif
-#endif
-
-#ifdef SNI
-/* #include <sys/hetero.h> */
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN      4321
-#define LITTLE_ENDIAN   1234
-#endif
-
-#if defined(_WINDOWS) || defined(XP_OS2)
-#ifdef BYTE_ORDER
-#undef BYTE_ORDER
-#endif
-
-#define BYTE_ORDER LITTLE_ENDIAN
-#define LITTLE_ENDIAN   1234            /* LSB first: i386, vax, all NT risc */
-#define BIG_ENDIAN      4321
-#endif
-
-#ifdef macintosh
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#define BYTE_ORDER BIG_ENDIAN
-#endif
-
-#endif  /* __DBINTERFACE_PRIVATE */
-
-#ifdef SCO
-#define MAXPATHLEN 	1024              
-#endif
-
-#include <fcntl.h>
-
-#if defined(_WINDOWS) || defined(XP_OS2)
-#include <stdio.h>
-#include <io.h>
-
-#ifndef XP_OS2 
-#define MAXPATHLEN 	1024               
-#endif
-
-#define	EFTYPE		EINVAL		/* POSIX 1003.1 format errno. */
-
-#ifndef	STDERR_FILENO
-#define	STDIN_FILENO	0		/* ANSI C #defines */
-#define	STDOUT_FILENO	1
-#define	STDERR_FILENO	2
-#endif
-
-#ifndef O_ACCMODE			/* POSIX 1003.1 access mode mask. */
-#define	O_ACCMODE	(O_RDONLY|O_WRONLY|O_RDWR)
-#endif
-#endif
-
-#ifdef macintosh
-#include <stdio.h>
-#include "xp_mcom.h"
-#define O_ACCMODE       3       /* Mask for file access modes */
-#define EFTYPE 2000
-PR_BEGIN_EXTERN_C
-int mkstemp(const char *path);
-PR_END_EXTERN_C
-#endif	/* MACINTOSH */
-
-#if !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2)
-#include <sys/stat.h>
-#include <errno.h>
-#endif
-
-/* define EFTYPE since most don't */
-#ifndef EFTYPE
-#define EFTYPE      EINVAL      /* POSIX 1003.1 format errno. */
-#endif
-
-#define	RET_ERROR	-1		/* Return values. */
-#define	RET_SUCCESS	 0
-#define	RET_SPECIAL	 1
-
-#define	MAX_PAGE_NUMBER	0xffffffff	/* >= # of pages in a file */
-
-#ifndef __sgi
-typedef uint32	pgno_t;
-#endif
-
-#define	MAX_PAGE_OFFSET	65535		/* >= # of bytes in a page */
-typedef uint16	indx_t;
-#define	MAX_REC_NUMBER	0xffffffff	/* >= # of records in a tree */
-typedef uint32	recno_t;
-
-/* Key/data structure -- a Data-Base Thang. */
-typedef struct {
-	void	*data;			/* data */
-	size_t	 size;			/* data length */
-} DBT;
-
-/* Routine flags. */
-#define	R_CURSOR	1		/* del, put, seq */
-#define	__R_UNUSED	2		/* UNUSED */
-#define	R_FIRST		3		/* seq */
-#define	R_IAFTER	4		/* put (RECNO) */
-#define	R_IBEFORE	5		/* put (RECNO) */
-#define	R_LAST		6		/* seq (BTREE, RECNO) */
-#define	R_NEXT		7		/* seq */
-#define	R_NOOVERWRITE	8		/* put */
-#define	R_PREV		9		/* seq (BTREE, RECNO) */
-#define	R_SETCURSOR	10		/* put (RECNO) */
-#define	R_RECNOSYNC	11		/* sync (RECNO) */
-
-typedef enum { DB_BTREE, DB_HASH, DB_RECNO } DBTYPE;
-
-typedef enum { LockOutDatabase, UnlockDatabase } DBLockFlagEnum;
-
-/*
- * !!!
- * The following flags are included in the dbopen(3) call as part of the
- * open(2) flags.  In order to avoid conflicts with the open flags, start
- * at the top of the 16 or 32-bit number space and work our way down.  If
- * the open flags were significantly expanded in the future, it could be
- * a problem.  Wish I'd left another flags word in the dbopen call.
- *
- * !!!
- * None of this stuff is implemented yet.  The only reason that it's here
- * is so that the access methods can skip copying the key/data pair when
- * the DB_LOCK flag isn't set.
- */
-#if UINT_MAX > 65535
-#define	DB_LOCK		0x20000000	/* Do locking. */
-#define	DB_SHMEM	0x40000000	/* Use shared memory. */
-#define	DB_TXN		0x80000000	/* Do transactions. */
-#else
-#define	DB_LOCK		    0x2000	/* Do locking. */
-#define	DB_SHMEM	    0x4000	/* Use shared memory. */
-#define	DB_TXN		    0x8000	/* Do transactions. */
-#endif
-
-/* Access method description structure. */
-typedef struct __db {
-	DBTYPE type;			/* Underlying db type. */
-	int (*close)	(struct __db *);
-	int (*del)	(const struct __db *, const DBT *, uint);
-	int (*get)	(const struct __db *, const DBT *, DBT *, uint);
-	int (*put)	(const struct __db *, DBT *, const DBT *, uint);
-	int (*seq)	(const struct __db *, DBT *, DBT *, uint);
-	int (*sync)	(const struct __db *, uint);
-	void *internal;			/* Access method private. */
-	int (*fd)	(const struct __db *);
-} DB;
-
-#define	BTREEMAGIC	0x053162
-#define	BTREEVERSION	3
-
-/* Structure used to pass parameters to the btree routines. */
-typedef struct {
-#define	R_DUP		0x01	/* duplicate keys */
-	uint32	flags;
-	uint	cachesize;	/* bytes to cache */
-	int	maxkeypage;	/* maximum keys per page */
-	int	minkeypage;	/* minimum keys per page */
-	uint	psize;		/* page size */
-	int	(*compare)	/* comparison function */
-	    (const DBT *, const DBT *);
-	size_t	(*prefix)	/* prefix function */
-	    (const DBT *, const DBT *);
-	int	lorder;		/* byte order */
-} BTREEINFO;
-
-#define	HASHMAGIC	0x061561
-#define	HASHVERSION	2
-
-/* Structure used to pass parameters to the hashing routines. */
-typedef struct {
-	uint	bsize;		/* bucket size */
-	uint	ffactor;	/* fill factor */
-	uint	nelem;		/* number of elements */
-	uint	cachesize;	/* bytes to cache */
-	uint32		/* hash function */
-		(*hash) (const void *, size_t);
-	int	lorder;		/* byte order */
-} HASHINFO;
-
-/* Structure used to pass parameters to the record routines. */
-typedef struct {
-#define	R_FIXEDLEN	0x01	/* fixed-length records */
-#define	R_NOKEY		0x02	/* key not required */
-#define	R_SNAPSHOT	0x04	/* snapshot the input */
-	uint32	flags;
-	uint	cachesize;	/* bytes to cache */
-	uint	psize;		/* page size */
-	int	lorder;		/* byte order */
-	size_t	reclen;		/* record length (fixed-length records) */
-	uint8	bval;		/* delimiting byte (variable-length records */
-	char	*bfname;	/* btree file name */ 
-} RECNOINFO;
-
-#ifdef __DBINTERFACE_PRIVATE
-/*
- * Little endian <==> big endian 32-bit swap macros.
- *	M_32_SWAP	swap a memory location
- *	P_32_SWAP	swap a referenced memory location
- *	P_32_COPY	swap from one location to another
- */
-#define	M_32_SWAP(a) {							\
-	uint32 _tmp = a;						\
-	((char *)&a)[0] = ((char *)&_tmp)[3];				\
-	((char *)&a)[1] = ((char *)&_tmp)[2];				\
-	((char *)&a)[2] = ((char *)&_tmp)[1];				\
-	((char *)&a)[3] = ((char *)&_tmp)[0];				\
-}
-#define	P_32_SWAP(a) {							\
-	uint32 _tmp = *(uint32 *)a;				\
-	((char *)a)[0] = ((char *)&_tmp)[3];				\
-	((char *)a)[1] = ((char *)&_tmp)[2];				\
-	((char *)a)[2] = ((char *)&_tmp)[1];				\
-	((char *)a)[3] = ((char *)&_tmp)[0];				\
-}
-#define	P_32_COPY(a, b) {						\
-	((char *)&(b))[0] = ((char *)&(a))[3];				\
-	((char *)&(b))[1] = ((char *)&(a))[2];				\
-	((char *)&(b))[2] = ((char *)&(a))[1];				\
-	((char *)&(b))[3] = ((char *)&(a))[0];				\
-}
-
-/*
- * Little endian <==> big endian 16-bit swap macros.
- *	M_16_SWAP	swap a memory location
- *	P_16_SWAP	swap a referenced memory location
- *	P_16_COPY	swap from one location to another
- */
-#define	M_16_SWAP(a) {							\
-	uint16 _tmp = a;						\
-	((char *)&a)[0] = ((char *)&_tmp)[1];				\
-	((char *)&a)[1] = ((char *)&_tmp)[0];				\
-}
-#define	P_16_SWAP(a) {							\
-	uint16 _tmp = *(uint16 *)a;				\
-	((char *)a)[0] = ((char *)&_tmp)[1];				\
-	((char *)a)[1] = ((char *)&_tmp)[0];				\
-}
-#define	P_16_COPY(a, b) {						\
-	((char *)&(b))[0] = ((char *)&(a))[1];				\
-	((char *)&(b))[1] = ((char *)&(a))[0];				\
-}
-#endif
-
-PR_BEGIN_EXTERN_C
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-extern DB *
-#else
-PR_EXTERN(DB *)
-#endif
-dbopen (const char *, int, int, DBTYPE, const void *);
-
-/* set or unset a global lock flag to disable the
- * opening of any DBM file
- */
-void dbSetOrClearDBLock(DBLockFlagEnum type);
-
-#ifdef __DBINTERFACE_PRIVATE
-DB	*__bt_open (const char *, int, int, const BTREEINFO *, int);
-DB	*__hash_open (const char *, int, int, const HASHINFO *, int);
-DB	*__rec_open (const char *, int, int, const RECNOINFO *, int);
-void	 __dbpanic (DB *dbp);
-#endif
-
-PR_END_EXTERN_C
-
-#endif /* !_DB_H_ */
diff --git a/dbm/include/mpool.h b/dbm/include/mpool.h
deleted file mode 100644
index a2fb62b9f..000000000
--- a/dbm/include/mpool.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)mpool.h	8.2 (Berkeley) 7/14/94
- */
-
-#include <sys/queue.h>
-
-/*
- * The memory pool scheme is a simple one.  Each in-memory page is referenced
- * by a bucket which is threaded in up to two of three ways.  All active pages
- * are threaded on a hash chain (hashed by page number) and an lru chain.
- * Inactive pages are threaded on a free chain.  Each reference to a memory
- * pool is handed an opaque MPOOL cookie which stores all of this information.
- */
-#define	HASHSIZE	128
-#define	HASHKEY(pgno)	((pgno - 1) % HASHSIZE)
-
-/* The BKT structures are the elements of the queues. */
-typedef struct _bkt {
-	CIRCLEQ_ENTRY(_bkt) hq;		/* hash queue */
-	CIRCLEQ_ENTRY(_bkt) q;		/* lru queue */
-	void    *page;			/* page */
-	pgno_t   pgno;			/* page number */
-
-#define	MPOOL_DIRTY	0x01		/* page needs to be written */
-#define	MPOOL_PINNED	0x02		/* page is pinned into memory */
-	uint8 flags;			/* flags */
-} BKT;
-
-typedef struct MPOOL {
-	CIRCLEQ_HEAD(_lqh, _bkt) lqh;	/* lru queue head */
-					/* hash queue array */
-	CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE];
-	pgno_t	curcache;		/* current number of cached pages */
-	pgno_t	maxcache;		/* max number of cached pages */
-	pgno_t	npages;			/* number of pages in the file */
-	uint32	pagesize;		/* file page size */
-	int	fd;			/* file descriptor */
-					/* page in conversion routine */
-	void    (*pgin) (void *, pgno_t, void *);
-					/* page out conversion routine */
-	void    (*pgout) (void *, pgno_t, void *);
-	void	*pgcookie;		/* cookie for page in/out routines */
-#ifdef STATISTICS
-	uint32	cachehit;
-	uint32	cachemiss;
-	uint32	pagealloc;
-	uint32	pageflush;
-	uint32	pageget;
-	uint32	pagenew;
-	uint32	pageput;
-	uint32	pageread;
-	uint32	pagewrite;
-#endif
-} MPOOL;
-
-__BEGIN_DECLS
-MPOOL	*mpool_open (void *, int, pgno_t, pgno_t);
-void	 mpool_filter (MPOOL *, void (*)(void *, pgno_t, void *),
-	    void (*)(void *, pgno_t, void *), void *);
-void	*mpool_new (MPOOL *, pgno_t *);
-void	*mpool_get (MPOOL *, pgno_t, uint);
-int	 mpool_put (MPOOL *, void *, uint);
-int	 mpool_sync (MPOOL *);
-int	 mpool_close (MPOOL *);
-#ifdef STATISTICS
-void	 mpool_stat (MPOOL *);
-#endif
-__END_DECLS
diff --git a/dbm/include/ncompat.h b/dbm/include/ncompat.h
deleted file mode 100644
index c95b327fe..000000000
--- a/dbm/include/ncompat.h
+++ /dev/null
@@ -1,232 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)compat.h	8.13 (Berkeley) 2/21/94
- */
-
-#ifndef	_COMPAT_H_
-#define	_COMPAT_H_
-
-#include <sys/types.h>
-
-/*
- * If your system doesn't typedef u_long, u_short, or u_char, change
- * the 0 to a 1.
- */
-#if 0
-typedef unsigned char	u_char;		/* 4.[34]BSD names. */
-typedef unsigned int	u_int;
-typedef unsigned long	u_long;
-typedef unsigned short	u_short;
-#endif
-
-/* If your system doesn't typedef size_t, change the 0 to a 1. */
-#if 0
-typedef unsigned int	size_t;		/* POSIX, 4.[34]BSD names. */
-#endif
-
-/* If your system doesn't typedef ssize_t, change the 0 to a 1. */
-#if 0
-typedef	int		ssize_t;	/* POSIX names. */
-#endif
-
-/*
- * If your system doesn't have the POSIX type for a signal mask,
- * change the 0 to a 1.
- */
-#if 0					/* POSIX 1003.1 signal mask type. */
-typedef unsigned int	sigset_t;
-#endif
-
-/*
- * If your system's vsprintf returns a char *, not an int,
- * change the 0 to a 1.
- */
-#if defined (__sun) && !defined(__SVR4) /* SUNOS */
-#define	VSPRINTF_CHARSTAR
-#endif
-/*
- * If you don't have POSIX 1003.1 signals, the signal code surrounding the 
- * temporary file creation is intended to block all of the possible signals
- * long enough to create the file and unlink it.  All of this stuff is
- * intended to use old-style BSD calls to fake POSIX 1003.1 calls.
- */
-#ifdef	NO_POSIX_SIGNALS
-#define	sigemptyset(set)	(*(set) = 0)
-#define	sigfillset(set)		(*(set) = ~(sigset_t)0, 0)
-#define	sigaddset(set,signo)	(*(set) |= sigmask(signo), 0)
-#define	sigdelset(set,signo)	(*(set) &= ~sigmask(signo), 0)
-#define	sigismember(set,signo)	((*(set) & sigmask(signo)) != 0)
-
-#define	SIG_BLOCK	1
-#define	SIG_UNBLOCK	2
-#define	SIG_SETMASK	3
-
-static int __sigtemp;		/* For the use of sigprocmask */
-
-/* Repeated test of oset != NULL is to avoid "*0". */
-#define	sigprocmask(how, set, oset)					\
-	((__sigtemp =							\
-	(((how) == SIG_BLOCK) ?						\
-		sigblock(0) | *(set) :					\
-	(((how) == SIG_UNBLOCK) ?					\
-		sigblock(0) & ~(*(set)) :				\
-	((how) == SIG_SETMASK ?						\
-		*(set) : sigblock(0))))),				\
-	((oset) ? (*(oset ? oset : set) = sigsetmask(__sigtemp)) :	\
-		sigsetmask(__sigtemp)), 0)
-#endif
-
-/*
- * If your system doesn't have an include file with the appropriate
- * byte order set, make sure you specify the correct one.
- */
-#ifndef BYTE_ORDER
-#define	LITTLE_ENDIAN	1234		/* LSB first: i386, vax */
-#define	BIG_ENDIAN	4321		/* MSB first: 68000, ibm, net */
-#define	BYTE_ORDER	BIG_ENDIAN	/* Set for your system. */
-#endif
-
-#if defined(SYSV) || defined(SYSTEM5) || defined(__sun)
-#define	index(a, b)		strchr(a, b)
-#define	rindex(a, b)		strrchr(a, b)
-#define	bzero(a, b)		memset(a, 0, b)
-#define	bcmp(a, b, n)		memcmp(a, b, n)
-#define	bcopy(a, b, n)		memmove(b, a, n)
-#endif
-
-#if defined(BSD) || defined(BSD4_3)
-#define	strchr(a, b)		index(a, b)
-#define	strrchr(a, b)		rindex(a, b)
-#define	memcmp(a, b, n)		bcmp(a, b, n)
-#define	memmove(a, b, n)	bcopy(b, a, n)
-#endif
-
-/*
- * 32-bit machine.  The db routines are theoretically independent of
- * the size of u_shorts and u_longs, but I don't know that anyone has
- * ever actually tried it.  At a minimum, change the following #define's
- * if you are trying to compile on a different type of system.
- */
-#ifndef USHRT_MAX
-#define	USHRT_MAX		0xFFFF
-#define	ULONG_MAX		0xFFFFFFFF
-#endif
-
-#ifndef O_ACCMODE			/* POSIX 1003.1 access mode mask. */
-#define	O_ACCMODE	(O_RDONLY|O_WRONLY|O_RDWR)
-#endif
-
-#ifndef	_POSIX2_RE_DUP_MAX		/* POSIX 1003.2 RE limit. */
-#define	_POSIX2_RE_DUP_MAX	255
-#endif
-
-/*
- * If you can't provide lock values in the open(2) call.  Note, this
- * allows races to happen.
- */
-#ifndef O_EXLOCK			/* 4.4BSD extension. */
-#define	O_EXLOCK	0
-#endif
-
-#ifndef O_SHLOCK			/* 4.4BSD extension. */
-#define	O_SHLOCK	0
-#endif
-
-#ifndef EFTYPE
-#define	EFTYPE		EINVAL		/* POSIX 1003.1 format errno. */
-#endif
-
-#ifndef	WCOREDUMP			/* 4.4BSD extension */
-#define	WCOREDUMP(a)	0
-#endif
-
-#ifndef	STDERR_FILENO
-#define	STDIN_FILENO	0		/* ANSI C #defines */
-#define	STDOUT_FILENO	1
-#define	STDERR_FILENO	2
-#endif
-
-#ifndef SEEK_END
-#define	SEEK_SET	0		/* POSIX 1003.1 seek values */
-#define	SEEK_CUR	1
-#define	SEEK_END	2
-#endif
-
-#ifndef _POSIX_VDISABLE			/* POSIX 1003.1 disabling char. */
-#define	_POSIX_VDISABLE	0		/* Some systems used 0. */
-#endif
-
-#ifndef	TCSASOFT			/* 4.4BSD extension. */
-#define	TCSASOFT	0
-#endif
-
-#ifndef _POSIX2_RE_DUP_MAX		/* POSIX 1003.2 values. */
-#define	_POSIX2_RE_DUP_MAX	255
-#endif
-
-#ifndef NULL				/* ANSI C #defines NULL everywhere. */
-#define	NULL		0
-#endif
-
-#ifndef	MAX				/* Usually found in <sys/param.h>. */
-#define	MAX(_a,_b)	((_a)<(_b)?(_b):(_a))
-#endif
-#ifndef	MIN				/* Usually found in <sys/param.h>. */
-#define	MIN(_a,_b)	((_a)<(_b)?(_a):(_b))
-#endif
-
-/* Default file permissions. */
-#ifndef DEFFILEMODE			/* 4.4BSD extension. */
-#define	DEFFILEMODE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)
-#endif
-
-#ifndef __sun
-#ifndef S_ISDIR				/* POSIX 1003.1 file type tests. */
-#define	S_ISDIR(m)	((m & 0170000) == 0040000)	/* directory */
-#define	S_ISCHR(m)	((m & 0170000) == 0020000)	/* char special */
-#define	S_ISBLK(m)	((m & 0170000) == 0060000)	/* block special */
-#define	S_ISREG(m)	((m & 0170000) == 0100000)	/* regular file */
-#define	S_ISFIFO(m)	((m & 0170000) == 0010000)	/* fifo */
-#endif
-#ifndef S_ISLNK				/* BSD POSIX 1003.1 extensions */
-#define	S_ISLNK(m)	((m & 0170000) == 0120000)	/* symbolic link */
-#define	S_ISSOCK(m)	((m & 0170000) == 0140000)	/* socket */
-#endif
-#endif /* __sun */
-
-/* The type of a va_list. */
-#ifndef _BSD_VA_LIST_			/* 4.4BSD #define. */
-#define	_BSD_VA_LIST_	char *
-#endif
-
-#endif /* !_COMPAT_H_ */
diff --git a/dbm/include/ndbm.h b/dbm/include/ndbm.h
deleted file mode 100644
index 7ad5f1a23..000000000
--- a/dbm/include/ndbm.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)ndbm.h	8.1 (Berkeley) 6/2/93
- */
-
-#ifndef _NDBM_H_
-#define	_NDBM_H_
-
-#include "mcom_db.h"
-
-/* Map dbm interface onto db(3). */
-#define DBM_RDONLY	O_RDONLY
-
-/* Flags to dbm_store(). */
-#define DBM_INSERT      0
-#define DBM_REPLACE     1
-
-/*
- * The db(3) support for ndbm(3) always appends this suffix to the
- * file name to avoid overwriting the user's original database.
- */
-#define	DBM_SUFFIX	".db"
-
-typedef struct {
-	char *dptr;
-	int dsize;
-} datum;
-
-typedef DB DBM;
-#define	dbm_pagfno(a)	DBM_PAGFNO_NOT_AVAILABLE
-
-__BEGIN_DECLS
-void	 dbm_close (DBM *);
-int	 dbm_delete (DBM *, datum);
-datum	 dbm_fetch (DBM *, datum);
-datum	 dbm_firstkey (DBM *);
-long	 dbm_forder (DBM *, datum);
-datum	 dbm_nextkey (DBM *);
-DBM	*dbm_open (const char *, int, int);
-int	 dbm_store (DBM *, datum, datum, int);
-int	 dbm_dirfno (DBM *);
-__END_DECLS
-
-#endif /* !_NDBM_H_ */
diff --git a/dbm/include/nsres.h b/dbm/include/nsres.h
deleted file mode 100644
index f3f4e2d1a..000000000
--- a/dbm/include/nsres.h
+++ /dev/null
@@ -1,41 +0,0 @@
-#ifndef NSRES_H
-#define NSRES_H
-#include "mcom_db.h"
-
-__BEGIN_DECLS
-
-/* C version */
-#define NSRESHANDLE void *
-
-typedef void (*NSRESTHREADFUNC)(void *);
-
-typedef struct NSRESTHREADINFO
-{
-	void *lock;
-	NSRESTHREADFUNC fn_lock;
-	NSRESTHREADFUNC fn_unlock;
-} NSRESTHREADINFO;
-
-#define MAXBUFNUM 10
-#define MAXSTRINGLEN 300
-
-#define NSRES_CREATE 1
-#define NSRES_OPEN 2
-
-
-
-NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo);
-NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo);
-void NSResCloseTable(NSRESHANDLE handle);
-
-char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id, 
-	unsigned int charsetid, char *retbuf);
-int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id);
-int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf);
-int NSResAddString(NSRESHANDLE handle, const char *library, int32 id, const char *string, unsigned int charset);
-
-__END_DECLS
-
-
-#endif
-
diff --git a/dbm/include/page.h b/dbm/include/page.h
deleted file mode 100644
index faf2b815b..000000000
--- a/dbm/include/page.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)page.h	8.2 (Berkeley) 5/31/94
- */
-
-/*
- * Definitions for hashing page file format.
- */
-
-/*
- * routines dealing with a data page
- *
- * page format:
- *	+------------------------------+
- * p	| n | keyoff | datoff | keyoff |
- * 	+------------+--------+--------+
- *	| datoff | free  |  ptr  | --> |
- *	+--------+---------------------+
- *	|	 F R E E A R E A       |
- *	+--------------+---------------+
- *	|  <---- - - - | data          |
- *	+--------+-----+----+----------+
- *	|  key   | data     | key      |
- *	+--------+----------+----------+
- *
- * Pointer to the free space is always:  p[p[0] + 2]
- * Amount of free space on the page is:  p[p[0] + 1]
- */
-
-/*
- * How many bytes required for this pair?
- *	2 shorts in the table at the top of the page + room for the
- *	key and room for the data
- *
- * We prohibit entering a pair on a page unless there is also room to append
- * an overflow page. The reason for this it that you can get in a situation
- * where a single key/data pair fits on a page, but you can't append an
- * overflow page and later you'd have to split the key/data and handle like
- * a big pair.
- * You might as well do this up front.
- */
-#ifndef PAGE_H
-#define PAGE_H
-
-#define	PAIRSIZE(K,D)	(2*sizeof(uint16) + (K)->size + (D)->size)
-#define BIGOVERHEAD	(4*sizeof(uint16))
-#define KEYSIZE(K)	(4*sizeof(uint16) + (K)->size);
-#define OVFLSIZE	(2*sizeof(uint16))
-#define FREESPACE(P)	((P)[(P)[0]+1])
-#define	OFFSET(P)	((P)[(P)[0]+2])
-#define PAIRFITS(P,K,D) \
-	(((P)[2] >= REAL_KEY) && \
-	    (PAIRSIZE((K),(D)) + OVFLSIZE) <= FREESPACE((P)))
-#define PAGE_META(N)	(((N)+3) * sizeof(uint16))
-
-typedef struct {
-	BUFHEAD *newp;
-	BUFHEAD *oldp;
-	BUFHEAD *nextp;
-	uint16 next_addr;
-}       SPLIT_RETURN;
-#endif
-
diff --git a/dbm/include/queue.h b/dbm/include/queue.h
deleted file mode 100644
index 40d32ccb6..000000000
--- a/dbm/include/queue.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/* 
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)queue.h	8.3 (Berkeley) 12/13/93
- */
-
-#ifndef	_QUEUE_H_
-#define	_QUEUE_H_
-
-/*
- * This file defines three types of data structures: lists, tail queues,
- * and circular queues.
- *
- * A list is headed by a single forward pointer (or an array of forward
- * pointers for a hash table header). The elements are doubly linked
- * so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list after
- * an existing element or at the head of the list. A list may only be
- * traversed in the forward direction.
- *
- * A tail queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list after
- * an existing element, at the head of the list, or at the end of the
- * list. A tail queue may only be traversed in the forward direction.
- *
- * A circle queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list before or after
- * an existing element, at the head of the list, or at the end of the list.
- * A circle queue may be traversed in either direction, but has a more
- * complex end of list detection.
- *
- * For details on the use of these macros, see the queue(3) manual page.
- */
-
-/*
- * List definitions.
- */
-#define LIST_HEAD(name, type)						\
-struct name {								\
-	struct type *lh_first;	/* first element */			\
-}
-
-#define LIST_ENTRY(type)						\
-struct {								\
-	struct type *le_next;	/* next element */			\
-	struct type **le_prev;	/* address of previous next element */	\
-}
-
-/*
- * List functions.
- */
-#define	LIST_INIT(head) {						\
-	(head)->lh_first = NULL;					\
-}
-
-#define LIST_INSERT_AFTER(listelm, elm, field) {			\
-	if (((elm)->field.le_next = (listelm)->field.le_next) != NULL)	\
-		(listelm)->field.le_next->field.le_prev =		\
-		    &(elm)->field.le_next;				\
-	(listelm)->field.le_next = (elm);				\
-	(elm)->field.le_prev = &(listelm)->field.le_next;		\
-}
-
-#define LIST_INSERT_HEAD(head, elm, field) {				\
-	if (((elm)->field.le_next = (head)->lh_first) != NULL)		\
-		(head)->lh_first->field.le_prev = &(elm)->field.le_next;\
-	(head)->lh_first = (elm);					\
-	(elm)->field.le_prev = &(head)->lh_first;			\
-}
-
-#define LIST_REMOVE(elm, field) {					\
-	if ((elm)->field.le_next != NULL)				\
-		(elm)->field.le_next->field.le_prev = 			\
-		    (elm)->field.le_prev;				\
-	*(elm)->field.le_prev = (elm)->field.le_next;			\
-}
-
-/*
- * Tail queue definitions.
- */
-#define TAILQ_HEAD(name, type)						\
-struct name {								\
-	struct type *tqh_first;	/* first element */			\
-	struct type **tqh_last;	/* addr of last next element */		\
-}
-
-#define TAILQ_ENTRY(type)						\
-struct {								\
-	struct type *tqe_next;	/* next element */			\
-	struct type **tqe_prev;	/* address of previous next element */	\
-}
-
-/*
- * Tail queue functions.
- */
-#define	TAILQ_INIT(head) {						\
-	(head)->tqh_first = NULL;					\
-	(head)->tqh_last = &(head)->tqh_first;				\
-}
-
-#define TAILQ_INSERT_HEAD(head, elm, field) {				\
-	if (((elm)->field.tqe_next = (head)->tqh_first) != NULL)	\
-		(elm)->field.tqe_next->field.tqe_prev =			\
-		    &(elm)->field.tqe_next;				\
-	else								\
-		(head)->tqh_last = &(elm)->field.tqe_next;		\
-	(head)->tqh_first = (elm);					\
-	(elm)->field.tqe_prev = &(head)->tqh_first;			\
-}
-
-#define TAILQ_INSERT_TAIL(head, elm, field) {				\
-	(elm)->field.tqe_next = NULL;					\
-	(elm)->field.tqe_prev = (head)->tqh_last;			\
-	*(head)->tqh_last = (elm);					\
-	(head)->tqh_last = &(elm)->field.tqe_next;			\
-}
-
-#define TAILQ_INSERT_AFTER(head, listelm, elm, field) {			\
-	if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\
-		(elm)->field.tqe_next->field.tqe_prev = 		\
-		    &(elm)->field.tqe_next;				\
-	else								\
-		(head)->tqh_last = &(elm)->field.tqe_next;		\
-	(listelm)->field.tqe_next = (elm);				\
-	(elm)->field.tqe_prev = &(listelm)->field.tqe_next;		\
-}
-
-#define TAILQ_REMOVE(head, elm, field) {				\
-	if (((elm)->field.tqe_next) != NULL)				\
-		(elm)->field.tqe_next->field.tqe_prev = 		\
-		    (elm)->field.tqe_prev;				\
-	else								\
-		(head)->tqh_last = (elm)->field.tqe_prev;		\
-	*(elm)->field.tqe_prev = (elm)->field.tqe_next;			\
-}
-
-/*
- * Circular queue definitions.
- */
-#define CIRCLEQ_HEAD(name, type)					\
-struct name {								\
-	struct type *cqh_first;		/* first element */		\
-	struct type *cqh_last;		/* last element */		\
-}
-
-#define CIRCLEQ_ENTRY(type)						\
-struct {								\
-	struct type *cqe_next;		/* next element */		\
-	struct type *cqe_prev;		/* previous element */		\
-}
-
-/*
- * Circular queue functions.
- */
-#define	CIRCLEQ_INIT(head) {						\
-	(head)->cqh_first = (void *)(head);				\
-	(head)->cqh_last = (void *)(head);				\
-}
-
-#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) {		\
-	(elm)->field.cqe_next = (listelm)->field.cqe_next;		\
-	(elm)->field.cqe_prev = (listelm);				\
-	if ((listelm)->field.cqe_next == (void *)(head))		\
-		(head)->cqh_last = (elm);				\
-	else								\
-		(listelm)->field.cqe_next->field.cqe_prev = (elm);	\
-	(listelm)->field.cqe_next = (elm);				\
-}
-
-#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) {		\
-	(elm)->field.cqe_next = (listelm);				\
-	(elm)->field.cqe_prev = (listelm)->field.cqe_prev;		\
-	if ((listelm)->field.cqe_prev == (void *)(head))		\
-		(head)->cqh_first = (elm);				\
-	else								\
-		(listelm)->field.cqe_prev->field.cqe_next = (elm);	\
-	(listelm)->field.cqe_prev = (elm);				\
-}
-
-#define CIRCLEQ_INSERT_HEAD(head, elm, field) {				\
-	(elm)->field.cqe_next = (head)->cqh_first;			\
-	(elm)->field.cqe_prev = (void *)(head);				\
-	if ((head)->cqh_last == (void *)(head))				\
-		(head)->cqh_last = (elm);				\
-	else								\
-		(head)->cqh_first->field.cqe_prev = (elm);		\
-	(head)->cqh_first = (elm);					\
-}
-
-#define CIRCLEQ_INSERT_TAIL(head, elm, field) {				\
-	(elm)->field.cqe_next = (void *)(head);				\
-	(elm)->field.cqe_prev = (head)->cqh_last;			\
-	if ((head)->cqh_first == (void *)(head))			\
-		(head)->cqh_first = (elm);				\
-	else								\
-		(head)->cqh_last->field.cqe_next = (elm);		\
-	(head)->cqh_last = (elm);					\
-}
-
-#define	CIRCLEQ_REMOVE(head, elm, field) {				\
-	if ((elm)->field.cqe_next == (void *)(head))			\
-		(head)->cqh_last = (elm)->field.cqe_prev;		\
-	else								\
-		(elm)->field.cqe_next->field.cqe_prev =			\
-		    (elm)->field.cqe_prev;				\
-	if ((elm)->field.cqe_prev == (void *)(head))			\
-		(head)->cqh_first = (elm)->field.cqe_next;		\
-	else								\
-		(elm)->field.cqe_prev->field.cqe_next =			\
-		    (elm)->field.cqe_next;				\
-}
-#endif	/* !_QUEUE_H_ */
diff --git a/dbm/include/search.h b/dbm/include/search.h
deleted file mode 100644
index ff58b1c15..000000000
--- a/dbm/include/search.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- *	@(#)search.h	8.1 (Berkeley) 6/4/93
- */
-
-/* Backward compatibility to hsearch interface. */
-typedef struct entry {
-	char *key;
-	char *data;
-} ENTRY;
-
-typedef enum {
-	FIND, ENTER
-} ACTION;
-
-int	 hcreate (unsigned int);
-void	 hdestroy (void);
-ENTRY	*hsearch (ENTRY, ACTION);
diff --git a/dbm/include/watcomfx.h b/dbm/include/watcomfx.h
deleted file mode 100644
index 3020e9de9..000000000
--- a/dbm/include/watcomfx.h
+++ /dev/null
@@ -1,26 +0,0 @@
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#ifndef __WATCOM_FIX_H__
-#define __WATCOM_FIX_H__ 1
-/*
- * WATCOM's C compiler doesn't default to "__cdecl" conventions for external
- * symbols and functions.  Rather than adding an explicit __cdecl modifier to 
- * every external symbol and function declaration and definition, we use the 
- * following pragma to (attempt to) change WATCOM c's default to __cdecl.
- * These pragmas were taken from pages 180-181, 266 & 269 of the 
- * Watcom C/C++ version 11 User's Guide, 3rd edition.
- */
-#if defined(XP_WIN16) || defined(WIN16) 
-#pragma aux default "_*" \
-	parm caller [] \
-	value struct float struct routine [ax] \
-	modify [ax bx cx dx es]
-#else
-#pragma aux default "_*" \
-	parm caller [] \
-	value struct float struct routine [eax] \
-	modify [eax ecx edx]
-#endif
-#pragma aux default far
-
-#endif /* once */
-#endif /* WATCOM compiler */
diff --git a/dbm/include/winfile.h b/dbm/include/winfile.h
deleted file mode 100644
index 1fd54d578..000000000
--- a/dbm/include/winfile.h
+++ /dev/null
@@ -1,106 +0,0 @@
-
-/* ---------------------------------------------------------------------------
-    Stuff to fake unix file I/O on windows boxes
-    ------------------------------------------------------------------------*/
-
-#ifndef WINFILE_H
-#define WINFILE_H
-
-#ifdef _WINDOWS
-/* hacked out of <dirent.h> on an SGI */
-#if defined(XP_WIN32) || defined(_WIN32)
-/* 32-bit stuff here */
-#include <windows.h>
-#include <stdlib.h>
-#ifdef __MINGW32__
-#include <sys/types.h>
-#include <sys/stat.h>
-#else
-#include <sys\types.h>
-#include <sys\stat.h>
-#endif
-
-typedef struct DIR_Struct {
-    void            * directoryPtr;
-    WIN32_FIND_DATA   data;
-} DIR;
-
-#define _ST_FSTYPSZ 16
-
-#if !defined(__BORLANDC__) && !defined(__GNUC__)
- typedef unsigned long mode_t;
- typedef          long uid_t;
- typedef          long gid_t;
- typedef          long off_t;
- typedef unsigned long nlink_t;
-#endif 
-
-typedef struct timestruc {
-    time_t  tv_sec;         /* seconds */
-    long    tv_nsec;        /* and nanoseconds */
-} timestruc_t;
-
-
-struct dirent {                                 /* data from readdir() */
-        ino_t           d_ino;                  /* inode number of entry */
-        off_t           d_off;                  /* offset of disk direntory entry */
-        unsigned short  d_reclen;               /* length of this record */
-        char            d_name[_MAX_FNAME];     /* name of file */
-};
-
-#if !defined(__BORLANDC__) && !defined (__GNUC__)
-#define S_ISDIR(s)  ((s) & _S_IFDIR)
-#endif
-
-#else /* _WIN32 */
-/* 16-bit windows stuff */
-
-#include <sys\types.h>
-#include <sys\stat.h>
-#include <dos.h>
-
-
-
-/*	Getting cocky to support multiple file systems */
-typedef struct	dirStruct_tag	{
-	struct _find_t	file_data;
-	char			c_checkdrive;
-} dirStruct;
-
-typedef struct DIR_Struct {
-    void            * directoryPtr;
-    dirStruct         data;
-} DIR;
-
-#define _ST_FSTYPSZ 16
-typedef unsigned long mode_t;
-typedef          long uid_t;
-typedef          long gid_t;
-typedef          long off_t;
-typedef unsigned long nlink_t;
-
-typedef struct timestruc {
-    time_t  tv_sec;         /* seconds */
-    long    tv_nsec;        /* and nanoseconds */
-} timestruc_t;
-
-struct dirent {                             /* data from readdir() */
-        ino_t           d_ino;              /* inode number of entry */
-        off_t           d_off;              /* offset of disk direntory entry */
-        unsigned short  d_reclen;           /* length of this record */
-#ifdef XP_WIN32
-        char            d_name[_MAX_FNAME]; /* name of file */
-#else
-        char            d_name[20]; /* name of file */
-#endif
-};
-
-#define S_ISDIR(s)  ((s) & _S_IFDIR)
-
-#endif /* 16-bit windows */
-
-#define CONST const
-
-#endif /* _WINDOWS */
-
-#endif /* WINFILE_H */
diff --git a/dbm/macbuild/DBM.Prefix b/dbm/macbuild/DBM.Prefix
deleted file mode 100644
index bace25e50..000000000
--- a/dbm/macbuild/DBM.Prefix
+++ /dev/null
@@ -1,33 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s): 
- */
-
-//
-//	DBM.Prefix
-//
-// Global prefix file for the non-debug DBM project.
-//
-//
-
-
-#include "MacPrefix.h"
-#include "DBMConfig.h"
-
diff --git a/dbm/macbuild/DBM.xml b/dbm/macbuild/DBM.xml
deleted file mode 100644
index 375068925..000000000
--- a/dbm/macbuild/DBM.xml
+++ /dev/null
@@ -1,4326 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>DBM.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>DBM.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBM.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>100</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>DBM</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBM.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MoreFiles.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MoreFiles.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>DBMDebug.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client_debug:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>DBMDebug.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBMDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>Inline</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__initialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__terminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>100</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>DBM</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBMDebug.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MoreFilesDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MoreFilesDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>DBM.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>DBM.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBM.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBM.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>DBMDebug.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::src:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:client_stubs:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>DBMDebug.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.p</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pas</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppu</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW Pascal PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>DBMDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>Pragma</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>DBMDebug.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash_buf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hsearch.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_bigkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_func.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_log2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>h_page.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>DBM.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>DBMDebug.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>DBM.o</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>DBMDebug.o</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <GROUP><NAME>dbm</NAME>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>db.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>h_bigkey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>h_func.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>h_log2.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>h_page.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>hash.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>hash_buf.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>hsearch.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>macstubs.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>Netscape Libraries</NAME>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSStdLibStubs</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <GROUP><NAME>Optimized</NAME>
-                <FILEREF>
-                    <TARGETNAME>DBM.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>DBM.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>DBM.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MoreFiles.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <GROUP><NAME>Debug</NAME>
-                <FILEREF>
-                    <TARGETNAME>DBMDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>DBMDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>DBMDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>MoreFilesDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-        </GROUP>
-        <GROUP><NAME>Apple/Other Libs</NAME>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>MSL_ShLibRuntime_PPC.Lib</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>DBM.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>InterfacesStubs</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/dbm/macbuild/DBMConfig.h b/dbm/macbuild/DBMConfig.h
deleted file mode 100644
index e7ec911c6..000000000
--- a/dbm/macbuild/DBMConfig.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s): 
- */
-
-#define __DBINTERFACE_PRIVATE 1
diff --git a/dbm/macbuild/DBMDebug.Prefix b/dbm/macbuild/DBMDebug.Prefix
deleted file mode 100644
index 7d40bdad3..000000000
--- a/dbm/macbuild/DBMDebug.Prefix
+++ /dev/null
@@ -1,32 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s): 
- */
-
-//
-//	DBMDebug.Prefix
-//
-// Global prefix file for the debug DBM project.
-//
-//
-
-#include "MacPrefix_debug.h"
-#include "DBMConfig.h"
-
diff --git a/dbm/macbuild/macstubs.c b/dbm/macbuild/macstubs.c
deleted file mode 100644
index bbfe69a54..000000000
--- a/dbm/macbuild/macstubs.c
+++ /dev/null
@@ -1,8 +0,0 @@
-
-// Hack to define a never-called routine from libdbm
-#include "mcom_db.h"
-
-int mkstemp(const char* /*path*/)
-{
-	return -1;
-}
diff --git a/dbm/makefile.win b/dbm/makefile.win
deleted file mode 100644
index 27470574e..000000000
--- a/dbm/makefile.win
+++ /dev/null
@@ -1,38 +0,0 @@
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-
-DEPTH=..
-
-#//------------------------------------------------------------------------
-#//
-#// Specify any "command" targets. (ie. DIRS, INSTALL_FILES, ...)
-#// (these must come before the common makefiles are included)
-#// 
-#// DIRS          - There are subdirectories to process
-#//
-#//------------------------------------------------------------------------
-DIRS = include src
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)\config\rules.mak>
-
diff --git a/dbm/src/.cvsignore b/dbm/src/.cvsignore
deleted file mode 100644
index f3c7a7c5d..000000000
--- a/dbm/src/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/src/Makefile.in b/dbm/src/Makefile.in
deleted file mode 100644
index d65e0f8e7..000000000
--- a/dbm/src/Makefile.in
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#
-
-DEPTH		= ../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-LIBRARY_NAME	= mozdbm_s
-LIB_IS_C_ONLY	= 1
-
-ifeq ($(OS_ARCH),WINNT)
-LIBRARY_NAME	= dbm$(MOZ_BITS)
-endif
-
-CSRCS		= \
-		db.c \
-		h_bigkey.c \
-		h_func.c \
-		h_log2.c \
-		h_page.c \
-		hash.c \
-		hash_buf.c \
-		hsearch.c \
-		mktemp.c \
-		ndbm.c \
-		strerror.c \
-		nsres.c \
-		$(NULL)
-
-ifeq ($(OS_ARCH),WINNT)
-CSRCS		+= memmove.c snprintf.c
-else
-ifeq (,$(filter -DHAVE_MEMMOVE=1,$(DEFS)))
-CSRCS += memmove.c
-endif
-
-ifeq (,$(filter -DHAVE_SNPRINTF=1,$(DEFS)))
-CSRCS += snprintf.c
-endif
-endif # WINNT
-
-LOCAL_INCLUDES	= -I$(srcdir)/../include
-
-FORCE_STATIC_LIB = 1
-
-include $(topsrcdir)/config/rules.mk
-
-DEFINES		+= -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG)
-ifeq ($(OS_ARCH), Linux)
-DEFINES         += -D_BSD_SOURCE
-endif
-
-ifeq ($(OS_ARCH),AIX)
-OS_LIBS		+= -lc_r
-endif
-
diff --git a/dbm/src/Makefile.win b/dbm/src/Makefile.win
deleted file mode 100644
index 060a8c48b..000000000
--- a/dbm/src/Makefile.win
+++ /dev/null
@@ -1,96 +0,0 @@
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-
-
-#//------------------------------------------------------------------------
-#//
-#// Makefile to build the cert library
-#//
-#//------------------------------------------------------------------------
-
-!if "$(MOZ_BITS)" == "16"
-!ifndef MOZ_DEBUG
-OPTIMIZER=-Os -UDEBUG -DNDEBUG
-!endif
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..
-
-!ifndef MAKE_OBJ_TYPE
-MAKE_OBJ_TYPE=EXE
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
-#//
-#//------------------------------------------------------------------------
-LIBNAME=dbm$(MOZ_BITS)
-PDBFILE=$(LIBNAME).pdb
-
-#//------------------------------------------------------------------------
-#// 
-#// Define the files necessary to build the target (ie. OBJS)
-#//
-#//------------------------------------------------------------------------
-OBJS=                         \
-    .\$(OBJDIR)\db.obj  \
-    .\$(OBJDIR)\h_bigkey.obj  \
-    .\$(OBJDIR)\h_func.obj   \
-    .\$(OBJDIR)\h_log2.obj   \
-    .\$(OBJDIR)\h_page.obj   \
-    .\$(OBJDIR)\hash.obj   \
-    .\$(OBJDIR)\hash_buf.obj   \
-    .\$(OBJDIR)\hsearch.obj   \
-    .\$(OBJDIR)\memmove.obj   \
-    .\$(OBJDIR)\mktemp.obj   \
-    .\$(OBJDIR)\ndbm.obj   \
-    .\$(OBJDIR)\snprintf.obj   \
-    .\$(OBJDIR)\strerror.obj   \
-    .\$(OBJDIR)\nsres.obj   \
-    $(NULL)
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
-#// (these must be defined before the common makefiles are included)
-#//
-#//------------------------------------------------------------------------
-LIBRARY	= .\$(OBJDIR)\$(LIBNAME).lib
-LINCS = -I..\include
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/config/rules.mak>
-
-CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT -D__DBINTERFACE_PRIVATE
-
-install:: $(LIBRARY)
-    $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
-
-
diff --git a/dbm/src/db.c b/dbm/src/db.c
deleted file mode 100644
index e4b1fff8f..000000000
--- a/dbm/src/db.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)db.c	8.4 (Berkeley) 2/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef __DBINTERFACE_PRIVATE
-#define __DBINTERFACE_PRIVATE
-#endif
-#ifdef macintosh
-#include <unix.h>
-#else
-#include <sys/types.h>
-#endif
-
-#include <errno.h>
-#include <fcntl.h>
-#include <stddef.h>
-#include <stdio.h>
-
-#include "mcom_db.h"
-
-/* a global flag that locks closed all databases */
-int all_databases_locked_closed = 0;
-
-/* set or unset a global lock flag to disable the
- * opening of any DBM file
- */
-void 
-dbSetOrClearDBLock(DBLockFlagEnum type)
-{
-	if(type == LockOutDatabase)
-		all_databases_locked_closed = 1;
-	else
-		all_databases_locked_closed = 0;
-}
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-DB *
-#else
-PR_IMPLEMENT(DB *)
-#endif
-dbopen(const char *fname, int flags,int mode, DBTYPE type, const void *openinfo)
-{
-
-	/* lock out all file databases.  Let in-memory databases through
-	 */
-	if(all_databases_locked_closed && fname)
-	  {
-		errno = EINVAL;
-		return(NULL);
-	  }
-
-#define	DB_FLAGS	(DB_LOCK | DB_SHMEM | DB_TXN)
-
-
-#if 0  /* most systems dont have EXLOCK and SHLOCK */
-#define	USE_OPEN_FLAGS							\
-	(O_CREAT | O_EXCL | O_EXLOCK | O_NONBLOCK | O_RDONLY |		\
-	 O_RDWR | O_SHLOCK | O_TRUNC)
-#else
-#define	USE_OPEN_FLAGS							\
-	(O_CREAT | O_EXCL  | O_RDONLY |		\
-	 O_RDWR | O_TRUNC)
-#endif
-
-	if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0)
-		switch (type) {
-/* we don't need btree and recno right now */	
-#if 0
-		case DB_BTREE:
-			return (__bt_open(fname, flags & USE_OPEN_FLAGS,
-			    mode, openinfo, flags & DB_FLAGS));
-		case DB_RECNO:
-			return (__rec_open(fname, flags & USE_OPEN_FLAGS,
-			    mode, openinfo, flags & DB_FLAGS));
-#endif
-
-		case DB_HASH:
-			return (__hash_open(fname, flags & USE_OPEN_FLAGS,
-			    mode, (const HASHINFO *)openinfo, flags & DB_FLAGS));
-		default:
-			break;
-		}
-	errno = EINVAL;
-	return (NULL);
-}
-
-static int
-__dberr()
-{
-	return (RET_ERROR);
-}
-
-/*
- * __DBPANIC -- Stop.
- *
- * Parameters:
- *	dbp:	pointer to the DB structure.
- */
-void
-__dbpanic(DB *dbp)
-{
-	/* The only thing that can succeed is a close. */
-	dbp->del = (int (*)(const struct __db *, const DBT *, uint))__dberr;
-	dbp->fd = (int (*)(const struct __db *))__dberr;
-	dbp->get = (int (*)(const struct __db *, const DBT *, DBT *, uint))__dberr;
-	dbp->put = (int (*)(const struct __db *, DBT *, const DBT *, uint))__dberr;
-	dbp->seq = (int (*)(const struct __db *, DBT *, DBT *, uint))__dberr;
-	dbp->sync = (int (*)(const struct __db *, uint))__dberr;
-}
diff --git a/dbm/src/h_bigkey.c b/dbm/src/h_bigkey.c
deleted file mode 100644
index 855f10725..000000000
--- a/dbm/src/h_bigkey.c
+++ /dev/null
@@ -1,713 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_bigkey.c	8.3 (Berkeley) 5/31/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hash
- * DESCRIPTION:
- *	Big key/data handling for the hashing package.
- *
- * ROUTINES:
- * External
- *	__big_keydata
- *	__big_split
- *	__big_insert
- *	__big_return
- *	__big_delete
- *	__find_last_page
- * Internal
- *	collect_key
- *	collect_data
- */
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef DEBUG
-#include <assert.h>
-#endif
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-static int collect_key __P((HTAB *, BUFHEAD *, int, DBT *, int));
-static int collect_data __P((HTAB *, BUFHEAD *, int, int));
-
-/*
- * Big_insert
- *
- * You need to do an insert and the key/data pair is too big
- *
- * Returns:
- * 0 ==> OK
- *-1 ==> ERROR
- */
-extern int
-__big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val)
-{
-	register uint16 *p;
-	uint key_size, n, val_size;
-	uint16 space, move_bytes, off;
-	char *cp, *key_data, *val_data;
-
-	cp = bufp->page;		/* Character pointer of p. */
-	p = (uint16 *)cp;
-
-	key_data = (char *)key->data;
-	key_size = key->size;
-	val_data = (char *)val->data;
-	val_size = val->size;
-
-	/* First move the Key */
-	for (space = FREESPACE(p) - BIGOVERHEAD; key_size;
-	    space = FREESPACE(p) - BIGOVERHEAD) {
-		move_bytes = PR_MIN(space, key_size);
-		off = OFFSET(p) - move_bytes;
-		memmove(cp + off, key_data, move_bytes);
-		key_size -= move_bytes;
-		key_data += move_bytes;
-		n = p[0];
-		p[++n] = off;
-		p[0] = ++n;
-		FREESPACE(p) = off - PAGE_META(n);
-		OFFSET(p) = off;
-		p[n] = PARTIAL_KEY;
-		bufp = __add_ovflpage(hashp, bufp);
-		if (!bufp)
-			return (-1);
-		n = p[0];
-		if (!key_size) {
-			if (FREESPACE(p)) {
-				move_bytes = PR_MIN(FREESPACE(p), val_size);
-				off = OFFSET(p) - move_bytes;
-				p[n] = off;
-				memmove(cp + off, val_data, move_bytes);
-				val_data += move_bytes;
-				val_size -= move_bytes;
-				p[n - 2] = FULL_KEY_DATA;
-				FREESPACE(p) = FREESPACE(p) - move_bytes;
-				OFFSET(p) = off;
-			} else
-				p[n - 2] = FULL_KEY;
-		}
-		p = (uint16 *)bufp->page;
-		cp = bufp->page;
-		bufp->flags |= BUF_MOD;
-	}
-
-	/* Now move the data */
-	for (space = FREESPACE(p) - BIGOVERHEAD; val_size;
-	    space = FREESPACE(p) - BIGOVERHEAD) {
-		move_bytes = PR_MIN(space, val_size);
-		/*
-		 * Here's the hack to make sure that if the data ends on the
-		 * same page as the key ends, FREESPACE is at least one.
-		 */
-		if (space == val_size && val_size == val->size)
-			move_bytes--;
-		off = OFFSET(p) - move_bytes;
-		memmove(cp + off, val_data, move_bytes);
-		val_size -= move_bytes;
-		val_data += move_bytes;
-		n = p[0];
-		p[++n] = off;
-		p[0] = ++n;
-		FREESPACE(p) = off - PAGE_META(n);
-		OFFSET(p) = off;
-		if (val_size) {
-			p[n] = FULL_KEY;
-			bufp = __add_ovflpage(hashp, bufp);
-			if (!bufp)
-				return (-1);
-			cp = bufp->page;
-			p = (uint16 *)cp;
-		} else
-			p[n] = FULL_KEY_DATA;
-		bufp->flags |= BUF_MOD;
-	}
-	return (0);
-}
-
-/*
- * Called when bufp's page  contains a partial key (index should be 1)
- *
- * All pages in the big key/data pair except bufp are freed.  We cannot
- * free bufp because the page pointing to it is lost and we can't get rid
- * of its pointer.
- *
- * Returns:
- * 0 => OK
- *-1 => ERROR
- */
-extern int
-__big_delete(HTAB *hashp, BUFHEAD *bufp)
-{
-	register BUFHEAD *last_bfp, *rbufp;
-	uint16 *bp, pageno;
-	int key_done, n;
-
-	rbufp = bufp;
-	last_bfp = NULL;
-	bp = (uint16 *)bufp->page;
-	pageno = 0;
-	key_done = 0;
-
-	while (!key_done || (bp[2] != FULL_KEY_DATA)) {
-		if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA)
-			key_done = 1;
-
-		/*
-		 * If there is freespace left on a FULL_KEY_DATA page, then
-		 * the data is short and fits entirely on this page, and this
-		 * is the last page.
-		 */
-		if (bp[2] == FULL_KEY_DATA && FREESPACE(bp))
-			break;
-		pageno = bp[bp[0] - 1];
-		rbufp->flags |= BUF_MOD;
-		rbufp = __get_buf(hashp, pageno, rbufp, 0);
-		if (last_bfp)
-			__free_ovflpage(hashp, last_bfp);
-		last_bfp = rbufp;
-		if (!rbufp)
-			return (-1);		/* Error. */
-		bp = (uint16 *)rbufp->page;
-	}
-
-	/*
-	 * If we get here then rbufp points to the last page of the big
-	 * key/data pair.  Bufp points to the first one -- it should now be
-	 * empty pointing to the next page after this pair.  Can't free it
-	 * because we don't have the page pointing to it.
-	 */
-
-	/* This is information from the last page of the pair. */
-	n = bp[0];
-	pageno = bp[n - 1];
-
-	/* Now, bp is the first page of the pair. */
-	bp = (uint16 *)bufp->page;
-	if (n > 2) {
-		/* There is an overflow page. */
-		bp[1] = pageno;
-		bp[2] = OVFLPAGE;
-		bufp->ovfl = rbufp->ovfl;
-	} else
-		/* This is the last page. */
-		bufp->ovfl = NULL;
-	n -= 2;
-	bp[0] = n;
-	FREESPACE(bp) = hashp->BSIZE - PAGE_META(n);
-	OFFSET(bp) = hashp->BSIZE - 1;
-
-	bufp->flags |= BUF_MOD;
-	if (rbufp)
-		__free_ovflpage(hashp, rbufp);
-	if (last_bfp != rbufp)
-		__free_ovflpage(hashp, last_bfp);
-
-	hashp->NKEYS--;
-	return (0);
-}
-/*
- * Returns:
- *  0 = key not found
- * -1 = get next overflow page
- * -2 means key not found and this is big key/data
- * -3 error
- */
-extern int
-__find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size)
-{
-	register uint16 *bp;
-	register char *p;
-	int ksize;
-	uint16 bytes;
-	char *kkey;
-
-	bp = (uint16 *)bufp->page;
-	p = bufp->page;
-	ksize = size;
-	kkey = key;
-
-	for (bytes = hashp->BSIZE - bp[ndx];
-	    bytes <= size && bp[ndx + 1] == PARTIAL_KEY;
-	    bytes = hashp->BSIZE - bp[ndx]) {
-		if (memcmp(p + bp[ndx], kkey, bytes))
-			return (-2);
-		kkey += bytes;
-		ksize -= bytes;
-		bufp = __get_buf(hashp, bp[ndx + 2], bufp, 0);
-		if (!bufp)
-			return (-3);
-		p = bufp->page;
-		bp = (uint16 *)p;
-		ndx = 1;
-	}
-
-	if (bytes != ksize || memcmp(p + bp[ndx], kkey, bytes)) {
-#ifdef HASH_STATISTICS
-		++hash_collisions;
-#endif
-		return (-2);
-	} else
-		return (ndx);
-}
-
-/*
- * Given the buffer pointer of the first overflow page of a big pair,
- * find the end of the big pair
- *
- * This will set bpp to the buffer header of the last page of the big pair.
- * It will return the pageno of the overflow page following the last page
- * of the pair; 0 if there isn't any (i.e. big pair is the last key in the
- * bucket)
- */
-extern uint16
-__find_last_page(HTAB *hashp, BUFHEAD **bpp)
-{
-	BUFHEAD *bufp;
-	uint16 *bp, pageno;
-	uint n;
-
-	bufp = *bpp;
-	bp = (uint16 *)bufp->page;
-	for (;;) {
-		n = bp[0];
-
-		/*
-		 * This is the last page if: the tag is FULL_KEY_DATA and
-		 * either only 2 entries OVFLPAGE marker is explicit there
-		 * is freespace on the page.
-		 */
-		if (bp[2] == FULL_KEY_DATA &&
-		    ((n == 2) || (bp[n] == OVFLPAGE) || (FREESPACE(bp))))
-			break;
-
-		/* LJM bound the size of n to reasonable limits
-		 */
-		if(n > hashp->BSIZE/sizeof(uint16))
-			return(0);
-
-		pageno = bp[n - 1];
-		bufp = __get_buf(hashp, pageno, bufp, 0);
-		if (!bufp)
-			return (0);	/* Need to indicate an error! */
-		bp = (uint16 *)bufp->page;
-	}
-
-	*bpp = bufp;
-	if (bp[0] > 2)
-		return (bp[3]);
-	else
-		return (0);
-}
-
-/*
- * Return the data for the key/data pair that begins on this page at this
- * index (index should always be 1).
- */
-extern int
-__big_return(
-	HTAB *hashp,
-	BUFHEAD *bufp,
-	int ndx,
-	DBT *val,
-	int set_current)
-{
-	BUFHEAD *save_p;
-	uint16 *bp, len, off, save_addr;
-	char *tp;
-	int save_flags;
-
-	bp = (uint16 *)bufp->page;
-	while (bp[ndx + 1] == PARTIAL_KEY) {
-		bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-		if (!bufp)
-			return (-1);
-		bp = (uint16 *)bufp->page;
-		ndx = 1;
-	}
-
-	if (bp[ndx + 1] == FULL_KEY) {
-		bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-		if (!bufp)
-			return (-1);
-		bp = (uint16 *)bufp->page;
-		save_p = bufp;
-		save_addr = save_p->addr;
-		off = bp[1];
-		len = 0;
-	} else
-		if (!FREESPACE(bp)) {
-			/*
-			 * This is a hack.  We can't distinguish between
-			 * FULL_KEY_DATA that contains complete data or
-			 * incomplete data, so we require that if the data
-			 * is complete, there is at least 1 byte of free
-			 * space left.
-			 */
-			off = bp[bp[0]];
-			len = bp[1] - off;
-			save_p = bufp;
-			save_addr = bufp->addr;
-			bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-			if (!bufp)
-				return (-1);
-			bp = (uint16 *)bufp->page;
-		} else {
-			/* The data is all on one page. */
-			tp = (char *)bp;
-			off = bp[bp[0]];
-			val->data = (uint8 *)tp + off;
-			val->size = bp[1] - off;
-			if (set_current) {
-				if (bp[0] == 2) {	/* No more buckets in
-							 * chain */
-					hashp->cpage = NULL;
-					hashp->cbucket++;
-					hashp->cndx = 1;
-				} else {
-					hashp->cpage = __get_buf(hashp,
-					    bp[bp[0] - 1], bufp, 0);
-					if (!hashp->cpage)
-						return (-1);
-					hashp->cndx = 1;
-					if (!((uint16 *)
-					    hashp->cpage->page)[0]) {
-						hashp->cbucket++;
-						hashp->cpage = NULL;
-					}
-				}
-			}
-			return (0);
-		}
-
-	/* pin our saved buf so that we don't lose if 
-	 * we run out of buffers */
- 	save_flags = save_p->flags;
-	save_p->flags |= BUF_PIN;
-	val->size = collect_data(hashp, bufp, (int)len, set_current);
-	save_p->flags = save_flags;
-	if (val->size == (size_t)-1)
-		return (-1);
-	if (save_p->addr != save_addr) {
-		/* We are pretty short on buffers. */
-		errno = EINVAL;			/* OUT OF BUFFERS */
-		return (-1);
-	}
-	memmove(hashp->tmp_buf, (save_p->page) + off, len);
-	val->data = (uint8 *)hashp->tmp_buf;
-	return (0);
-}
-
-
-/*
- * Count how big the total datasize is by looping through the pages.  Then
- * allocate a buffer and copy the data in the second loop. NOTE: Our caller
- * may already have a bp which it is holding onto. The caller is
- * responsible for copying that bp into our temp buffer. 'len' is how much
- * space to reserve for that buffer.
- */
-static int
-collect_data(
-	HTAB *hashp,
-	BUFHEAD *bufp,
-	int len, int set)
-{
-	register uint16 *bp;
-	BUFHEAD *save_bufp;
-	int save_flags;
-	int mylen, totlen;
-
-	/*
-	 * save the input buf head because we need to walk the list twice.
-	 * pin it to make sure it doesn't leave the buffer pool. 
-	 * This has the effect of growing the buffer pool if necessary.
-	 */
-	save_bufp = bufp;
-	save_flags = save_bufp->flags;
-	save_bufp->flags |= BUF_PIN;
-
-	/* read the length of the buffer */
-	for (totlen = len; bufp ; bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) {
-		bp = (uint16 *)bufp->page;
-		mylen = hashp->BSIZE - bp[1];
-
-		/* if mylen ever goes negative it means that the
-		 * page is screwed up.
-		 */
-		if (mylen < 0) {
-			save_bufp->flags = save_flags;
-			return (-1);
- 		}
-		totlen += mylen;
-		if (bp[2] == FULL_KEY_DATA) {		/* End of Data */
-			break;
-		}
-	}
-
- 	if (!bufp) {
-		save_bufp->flags = save_flags;
-		return (-1);
-	}
-
-	/* allocate a temp buf */
-	if (hashp->tmp_buf)
-		free(hashp->tmp_buf);
-	if ((hashp->tmp_buf = (char *)malloc((size_t)totlen)) == NULL) {
-		save_bufp->flags = save_flags;
-		return (-1);
- 	}
-
-	/* copy the buffers back into temp buf */
-	for (bufp = save_bufp; bufp ;
-				bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) {
-		bp = (uint16 *)bufp->page;
-		mylen = hashp->BSIZE - bp[1];
-		memmove(&hashp->tmp_buf[len], (bufp->page) + bp[1], (size_t)mylen);
-		len += mylen;
-		if (bp[2] == FULL_KEY_DATA) {
-			break;
-		}
-	}
-
-	/* 'clear' the pin flags */
-	save_bufp->flags = save_flags;
-
-	/* update the database cursor */
-	if (set) {
-		hashp->cndx = 1;
-		if (bp[0] == 2) {	/* No more buckets in chain */
-			hashp->cpage = NULL;
-			hashp->cbucket++;
-		} else {
-			hashp->cpage = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-			if (!hashp->cpage)
-				return (-1);
-			else if (!((uint16 *)hashp->cpage->page)[0]) {
-				hashp->cbucket++;
-				hashp->cpage = NULL;
-			}
-		}
-	}
-	return (totlen);
-}
-
-/*
- * Fill in the key and data for this big pair.
- */
-extern int
-__big_keydata(
-	HTAB *hashp, 
-	BUFHEAD *bufp, 
-	DBT *key, DBT *val,
-	int set)
-{
-	key->size = collect_key(hashp, bufp, 0, val, set);
-	if (key->size == (size_t)-1)
-		return (-1);
-	key->data = (uint8 *)hashp->tmp_key;
-	return (0);
-}
-
-/*
- * Count how big the total key size is by recursing through the pages.  Then
- * collect the data, allocate a buffer and copy the key as you recurse up.
- */
-static int
-collect_key(
-	HTAB *hashp,
-	BUFHEAD *bufp,
-	int len,
-	DBT *val,
-	int set)
-{
-	BUFHEAD *xbp;
-	char *p;
-	int mylen, totlen;
-	uint16 *bp, save_addr;
-
-	p = bufp->page;
-	bp = (uint16 *)p;
-	mylen = hashp->BSIZE - bp[1];
-
-	save_addr = bufp->addr;
-	totlen = len + mylen;
-	if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA) {    /* End of Key. */
-		if (hashp->tmp_key != NULL)
-			free(hashp->tmp_key);
-		if ((hashp->tmp_key = (char *)malloc((size_t)totlen)) == NULL)
-			return (-1);
-		if (__big_return(hashp, bufp, 1, val, set))
-			return (-1);
-	} else {
-		xbp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-		if (!xbp || ((totlen =
-		    collect_key(hashp, xbp, totlen, val, set)) < 1))
-			return (-1);
-	}
-	if (bufp->addr != save_addr) {
-		errno = EINVAL;		/* MIS -- OUT OF BUFFERS */
-		return (-1);
-	}
-	memmove(&hashp->tmp_key[len], (bufp->page) + bp[1], (size_t)mylen);
-	return (totlen);
-}
-
-/*
- * Returns:
- *  0 => OK
- * -1 => error
- */
-extern int
-__big_split(
-	HTAB *hashp,
-	BUFHEAD *op,	/* Pointer to where to put keys that go in old bucket */
-	BUFHEAD *np,	/* Pointer to new bucket page */
-			/* Pointer to first page containing the big key/data */
-	BUFHEAD *big_keyp,
-	uint32 addr,	/* Address of big_keyp */
-	uint32   obucket,/* Old Bucket */
-	SPLIT_RETURN *ret)
-{
-	register BUFHEAD *tmpp;
-	register uint16 *tp;
-	BUFHEAD *bp;
-	DBT key, val;
-	uint32 change;
-	uint16 free_space, n, off;
-
-	bp = big_keyp;
-
-	/* Now figure out where the big key/data goes */
-	if (__big_keydata(hashp, big_keyp, &key, &val, 0))
-		return (-1);
-	change = (__call_hash(hashp,(char*) key.data, key.size) != obucket);
-
-	if ((ret->next_addr = __find_last_page(hashp, &big_keyp))) {
-		if (!(ret->nextp =
-		    __get_buf(hashp, ret->next_addr, big_keyp, 0)))
-			return (-1);;
-	} else
-		ret->nextp = NULL;
-
-	/* Now make one of np/op point to the big key/data pair */
-#ifdef DEBUG
-	assert(np->ovfl == NULL);
-#endif
-	if (change)
-		tmpp = np;
-	else
-		tmpp = op;
-
-	tmpp->flags |= BUF_MOD;
-#ifdef DEBUG1
-	(void)fprintf(stderr,
-	    "BIG_SPLIT: %d->ovfl was %d is now %d\n", tmpp->addr,
-	    (tmpp->ovfl ? tmpp->ovfl->addr : 0), (bp ? bp->addr : 0));
-#endif
-	tmpp->ovfl = bp;	/* one of op/np point to big_keyp */
-	tp = (uint16 *)tmpp->page;
-
-
-#if 0  /* this get's tripped on database corrupted error */
-	assert(FREESPACE(tp) >= OVFLSIZE);
-#endif
-	if(FREESPACE(tp) < OVFLSIZE)
-		return(DATABASE_CORRUPTED_ERROR);
-
-	n = tp[0];
-	off = OFFSET(tp);
-	free_space = FREESPACE(tp);
-	tp[++n] = (uint16)addr;
-	tp[++n] = OVFLPAGE;
-	tp[0] = n;
-	OFFSET(tp) = off;
-	FREESPACE(tp) = free_space - OVFLSIZE;
-
-	/*
-	 * Finally, set the new and old return values. BIG_KEYP contains a
-	 * pointer to the last page of the big key_data pair. Make sure that
-	 * big_keyp has no following page (2 elements) or create an empty
-	 * following page.
-	 */
-
-	ret->newp = np;
-	ret->oldp = op;
-
-	tp = (uint16 *)big_keyp->page;
-	big_keyp->flags |= BUF_MOD;
-	if (tp[0] > 2) {
-		/*
-		 * There may be either one or two offsets on this page.  If
-		 * there is one, then the overflow page is linked on normally
-		 * and tp[4] is OVFLPAGE.  If there are two, tp[4] contains
-		 * the second offset and needs to get stuffed in after the
-		 * next overflow page is added.
-		 */
-		n = tp[4];
-		free_space = FREESPACE(tp);
-		off = OFFSET(tp);
-		tp[0] -= 2;
-		FREESPACE(tp) = free_space + OVFLSIZE;
-		OFFSET(tp) = off;
-		tmpp = __add_ovflpage(hashp, big_keyp);
-		if (!tmpp)
-			return (-1);
-		tp[4] = n;
-	} else
-		tmpp = big_keyp;
-
-	if (change)
-		ret->newp = tmpp;
-	else
-		ret->oldp = tmpp;
-	return (0);
-}
diff --git a/dbm/src/h_func.c b/dbm/src/h_func.c
deleted file mode 100644
index 5819efe23..000000000
--- a/dbm/src/h_func.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_func.c	8.2 (Berkeley) 2/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-#if 0
-static uint32 hash1 __P((const void *, size_t));
-static uint32 hash2 __P((const void *, size_t));
-static uint32 hash3 __P((const void *, size_t));
-#endif
-static uint32 hash4 __P((const void *, size_t));
-
-/* Global default hash function */
-uint32 (*__default_hash) __P((const void *, size_t)) = hash4;
-
-/*
- * HASH FUNCTIONS
- *
- * Assume that we've already split the bucket to which this key hashes,
- * calculate that bucket, and check that in fact we did already split it.
- *
- * This came from ejb's hsearch.
- */
-
-#define PRIME1		37
-#define PRIME2		1048583
-
-#if 0
-static uint32
-hash1(const void *keyarg, register size_t len)
-{
-	register const uint8 *key;
-	register uint32 h;
-
-	/* Convert string to integer */
-	for (key = (const uint8 *)keyarg, h = 0; len--;)
-		h = h * PRIME1 ^ (*key++ - ' ');
-	h %= PRIME2;
-	return (h);
-}
-
-/*
- * Phong's linear congruential hash
- */
-#define dcharhash(h, c)	((h) = 0x63c63cd9*(h) + 0x9c39c33d + (c))
-
-static uint32
-hash2(const void *keyarg, size_t len)
-{
-	register const uint8 *e, *key;
-	register uint32 h;
-	register uint8 c;
-
-	key = (const uint8 *)keyarg;
-	e = key + len;
-	for (h = 0; key != e;) {
-		c = *key++;
-		if (!c && key > e)
-			break;
-		dcharhash(h, c);
-	}
-	return (h);
-}
-
-/*
- * This is INCREDIBLY ugly, but fast.  We break the string up into 8 byte
- * units.  On the first time through the loop we get the "leftover bytes"
- * (strlen % 8).  On every other iteration, we perform 8 HASHC's so we handle
- * all 8 bytes.  Essentially, this saves us 7 cmp & branch instructions.  If
- * this routine is heavily used enough, it's worth the ugly coding.
- *
- * OZ's original sdbm hash
- */
-static uint32
-hash3(const void *keyarg, register size_t len)
-{
-	register const uint8 *key;
-	register size_t loop;
-	register uint32 h;
-
-#define HASHC   h = *key++ + 65599 * h
-
-	h = 0;
-	key = (const uint8 *)keyarg;
-	if (len > 0) {
-		loop = (len + 8 - 1) >> 3;
-
-		switch (len & (8 - 1)) {
-		case 0:
-			do {
-				HASHC;
-				/* FALLTHROUGH */
-		case 7:
-				HASHC;
-				/* FALLTHROUGH */
-		case 6:
-				HASHC;
-				/* FALLTHROUGH */
-		case 5:
-				HASHC;
-				/* FALLTHROUGH */
-		case 4:
-				HASHC;
-				/* FALLTHROUGH */
-		case 3:
-				HASHC;
-				/* FALLTHROUGH */
-		case 2:
-				HASHC;
-				/* FALLTHROUGH */
-		case 1:
-				HASHC;
-			} while (--loop);
-		}
-	}
-	return (h);
-}
-#endif /* 0 */
-
-/* Hash function from Chris Torek. */
-static uint32
-hash4(const void *keyarg, register size_t len)
-{
-	register const uint8 *key;
-	register size_t loop;
-	register uint32 h;
-
-#define HASH4a   h = (h << 5) - h + *key++;
-#define HASH4b   h = (h << 5) + h + *key++;
-#define HASH4 HASH4b
-
-	h = 0;
-	key = (const uint8 *)keyarg;
-	if (len > 0) {
-		loop = (len + 8 - 1) >> 3;
-
-		switch (len & (8 - 1)) {
-		case 0:
-			do {
-				HASH4;
-				/* FALLTHROUGH */
-		case 7:
-				HASH4;
-				/* FALLTHROUGH */
-		case 6:
-				HASH4;
-				/* FALLTHROUGH */
-		case 5:
-				HASH4;
-				/* FALLTHROUGH */
-		case 4:
-				HASH4;
-				/* FALLTHROUGH */
-		case 3:
-				HASH4;
-				/* FALLTHROUGH */
-		case 2:
-				HASH4;
-				/* FALLTHROUGH */
-		case 1:
-				HASH4;
-			} while (--loop);
-		}
-	}
-	return (h);
-}
diff --git a/dbm/src/h_log2.c b/dbm/src/h_log2.c
deleted file mode 100644
index 4d8b0a715..000000000
--- a/dbm/src/h_log2.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_log2.c	8.2 (Berkeley) 5/31/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#include <stdio.h>
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-#include "mcom_db.h"
-
-uint32 __log2(uint32 num)
-{
-	register uint32 i, limit;
-
-	limit = 1;
-	for (i = 0; limit < num; limit = limit << 1, i++) {}
-	return (i);
-}
diff --git a/dbm/src/h_page.c b/dbm/src/h_page.c
deleted file mode 100644
index e11ad9451..000000000
--- a/dbm/src/h_page.c
+++ /dev/null
@@ -1,1290 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(unix)
-#define MY_LSEEK lseek
-#else
-#define MY_LSEEK new_lseek
-extern long new_lseek(int fd, long pos, int start);
-#endif
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_page.c	8.7 (Berkeley) 8/16/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE:  hashing
- *
- * DESCRIPTION:
- *	Page manipulation for hashing package.
- *
- * ROUTINES:
- *
- * External
- *	__get_page
- *	__add_ovflpage
- * Internal
- *	overflow_page
- *	open_temp
- */
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-
-#if defined(macintosh)
-#include <unistd.h>
-#endif
-
-#include <errno.h>
-#include <fcntl.h>
-#if defined(_WIN32) || defined(_WINDOWS) 
-#include <io.h>
-#endif
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <unistd.h>
-#endif
-
-#include <assert.h>
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-extern int mkstempflags(char *path, int extraFlags);
-
-static uint32	*fetch_bitmap __P((HTAB *, uint32));
-static uint32	 first_free __P((uint32));
-static int	 open_temp __P((HTAB *));
-static uint16	 overflow_page __P((HTAB *));
-static void	 squeeze_key __P((uint16 *, const DBT *, const DBT *));
-static int	 ugly_split
-		    __P((HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int));
-
-#define	PAGE_INIT(P) { \
-	((uint16 *)(P))[0] = 0; \
-	((uint16 *)(P))[1] = hashp->BSIZE - 3 * sizeof(uint16); \
-	((uint16 *)(P))[2] = hashp->BSIZE; \
-}
-
-/* implement a new lseek using lseek that
- * writes zero's when extending a file
- * beyond the end.
- */
-long new_lseek(int fd, long offset, int origin)
-{
- 	long cur_pos=0;
-	long end_pos=0;
-	long seek_pos=0;
-
-	if(origin == SEEK_CUR)
-      {	
-      	if(offset < 1)							  
-	    	return(lseek(fd, offset, SEEK_CUR));
-
-		cur_pos = lseek(fd, 0, SEEK_CUR);
-
-		if(cur_pos < 0)
-			return(cur_pos);
-	  }
-										 
-	end_pos = lseek(fd, 0, SEEK_END);
-	if(end_pos < 0)
-		return(end_pos);
-
-	if(origin == SEEK_SET)
-		seek_pos = offset;
-	else if(origin == SEEK_CUR)
-		seek_pos = cur_pos + offset;
-	else if(origin == SEEK_END)
-		seek_pos = end_pos + offset;
- 	else
-	  {
-	  	assert(0);
-		return(-1);
-	  }
-
- 	/* the seek position desired is before the
-	 * end of the file.  We don't need
-	 * to do anything special except the seek.
-	 */
- 	if(seek_pos <= end_pos)
- 		return(lseek(fd, seek_pos, SEEK_SET));
- 		
- 	  /* the seek position is beyond the end of the
- 	   * file.  Write zero's to the end.
- 	   *
-	   * we are already at the end of the file so
-	   * we just need to "write()" zeros for the
-	   * difference between seek_pos-end_pos and
-	   * then seek to the position to finish
-	   * the call
- 	   */
- 	  { 
- 	 	char buffer[1024];
-	   	long len = seek_pos-end_pos;
-	   	memset(&buffer, 0, 1024);
-	   	while(len > 0)
-	      {
-	        write(fd, (char*)&buffer, (size_t)(1024 > len ? len : 1024));
-		    len -= 1024;
-		  }
-		return(lseek(fd, seek_pos, SEEK_SET));
-	  }		
-
-}
-
-/*
- * This is called AFTER we have verified that there is room on the page for
- * the pair (PAIRFITS has returned true) so we go right ahead and start moving
- * stuff on.
- */
-static void
-putpair(char *p, const DBT *key, DBT * val)
-{
-	register uint16 *bp, n, off;
-
-	bp = (uint16 *)p;
-
-	/* Enter the key first. */
-	n = bp[0];
-
-	off = OFFSET(bp) - key->size;
-	memmove(p + off, key->data, key->size);
-	bp[++n] = off;
-
-	/* Now the data. */
-	off -= val->size;
-	memmove(p + off, val->data, val->size);
-	bp[++n] = off;
-
-	/* Adjust page info. */
-	bp[0] = n;
-	bp[n + 1] = off - ((n + 3) * sizeof(uint16));
-	bp[n + 2] = off;
-}
-
-/*
- * Returns:
- *	 0 OK
- *	-1 error
- */
-extern int
-__delpair(HTAB *hashp, BUFHEAD *bufp, int ndx)
-{
-	register uint16 *bp, newoff;
-	register int n;
-	uint16 pairlen;
-
-	bp = (uint16 *)bufp->page;
-	n = bp[0];
-
-	if (bp[ndx + 1] < REAL_KEY)
-		return (__big_delete(hashp, bufp));
-	if (ndx != 1)
-		newoff = bp[ndx - 1];
-	else
-		newoff = hashp->BSIZE;
-	pairlen = newoff - bp[ndx + 1];
-
-	if (ndx != (n - 1)) {
-		/* Hard Case -- need to shuffle keys */
-		register int i;
-		register char *src = bufp->page + (int)OFFSET(bp);
-		uint32 dst_offset = (uint32)OFFSET(bp) + (uint32)pairlen;
-		register char *dst = bufp->page + dst_offset;
-		uint32 length = bp[ndx + 1] - OFFSET(bp);
-
-		/*
-		 * +-----------+XXX+---------+XXX+---------+---------> +infinity
-		 * |           |             |             |
-		 * 0           src_offset    dst_offset    BSIZE
-		 *
-		 * Dst_offset is > src_offset, so if src_offset were bad, dst_offset
-		 * would be too, therefore we check only dst_offset.
-		 *
-		 * If dst_offset is >= BSIZE, either OFFSET(bp), or pairlen, or both
-		 * is corrupted.
-		 *
-		 * Once we know dst_offset is < BSIZE, we can subtract it from BSIZE
-		 * to get an upper bound on length.
-		 */
-		if(dst_offset > (uint32)hashp->BSIZE)
-			return(DATABASE_CORRUPTED_ERROR);
-
-		if(length > (uint32)(hashp->BSIZE - dst_offset))
-			return(DATABASE_CORRUPTED_ERROR);
-
-		memmove(dst, src, length);
-
-		/* Now adjust the pointers */
-		for (i = ndx + 2; i <= n; i += 2) {
-			if (bp[i + 1] == OVFLPAGE) {
-				bp[i - 2] = bp[i];
-				bp[i - 1] = bp[i + 1];
-			} else {
-				bp[i - 2] = bp[i] + pairlen;
-				bp[i - 1] = bp[i + 1] + pairlen;
-			}
-		}
-	}
-	/* Finally adjust the page data */
-	bp[n] = OFFSET(bp) + pairlen;
-	bp[n - 1] = bp[n + 1] + pairlen + 2 * sizeof(uint16);
-	bp[0] = n - 2;
-	hashp->NKEYS--;
-
-	bufp->flags |= BUF_MOD;
-	return (0);
-}
-/*
- * Returns:
- *	 0 ==> OK
- *	-1 ==> Error
- */
-extern int
-__split_page(HTAB *hashp, uint32 obucket, uint32 nbucket)
-{
-	register BUFHEAD *new_bufp, *old_bufp;
-	register uint16 *ino;
-	register uint16 *tmp_uint16_array;
-	register char *np;
-	DBT key, val;
-    uint16 n, ndx;
-	int retval;
-	uint16 copyto, diff, moved;
-	size_t off;
-	char *op;
-
-	copyto = (uint16)hashp->BSIZE;
-	off = (uint16)hashp->BSIZE;
-	old_bufp = __get_buf(hashp, obucket, NULL, 0);
-	if (old_bufp == NULL)
-		return (-1);
-	new_bufp = __get_buf(hashp, nbucket, NULL, 0);
-	if (new_bufp == NULL)
-		return (-1);
-
-	old_bufp->flags |= (BUF_MOD | BUF_PIN);
-	new_bufp->flags |= (BUF_MOD | BUF_PIN);
-
-	ino = (uint16 *)(op = old_bufp->page);
-	np = new_bufp->page;
-
-	moved = 0;
-
-	for (n = 1, ndx = 1; n < ino[0]; n += 2) {
-		if (ino[n + 1] < REAL_KEY) {
-			retval = ugly_split(hashp, obucket, old_bufp, new_bufp,
-			    (int)copyto, (int)moved);
-			old_bufp->flags &= ~BUF_PIN;
-			new_bufp->flags &= ~BUF_PIN;
-			return (retval);
-
-		}
-		key.data = (uint8 *)op + ino[n];
-
-		/* check here for ino[n] being greater than
-		 * off.  If it is then the database has
-		 * been corrupted.
-		 */
-		if(ino[n] > off)
-			return(DATABASE_CORRUPTED_ERROR);
-
-		key.size = off - ino[n];
-
-#ifdef DEBUG
-		/* make sure the size is positive */
-		assert(((int)key.size) > -1);
-#endif
-
-		if (__call_hash(hashp, (char *)key.data, key.size) == obucket) {
-			/* Don't switch page */
-			diff = copyto - off;
-			if (diff) {
-				copyto = ino[n + 1] + diff;
-				memmove(op + copyto, op + ino[n + 1],
-				    off - ino[n + 1]);
-				ino[ndx] = copyto + ino[n] - ino[n + 1];
-				ino[ndx + 1] = copyto;
-			} else
-				copyto = ino[n + 1];
-			ndx += 2;
-		} else {
-			/* Switch page */
-			val.data = (uint8 *)op + ino[n + 1];
-			val.size = ino[n] - ino[n + 1];
-
-			/* if the pair doesn't fit something is horribly
-			 * wrong.  LJM
-			 */
-			tmp_uint16_array = (uint16*)np;
-			if(!PAIRFITS(tmp_uint16_array, &key, &val))
-				return(DATABASE_CORRUPTED_ERROR);
-
-			putpair(np, &key, &val);
-			moved += 2;
-		}
-
-		off = ino[n + 1];
-	}
-
-	/* Now clean up the page */
-	ino[0] -= moved;
-	FREESPACE(ino) = copyto - sizeof(uint16) * (ino[0] + 3);
-	OFFSET(ino) = copyto;
-
-#ifdef DEBUG3
-	(void)fprintf(stderr, "split %d/%d\n",
-	    ((uint16 *)np)[0] / 2,
-	    ((uint16 *)op)[0] / 2);
-#endif
-	/* unpin both pages */
-	old_bufp->flags &= ~BUF_PIN;
-	new_bufp->flags &= ~BUF_PIN;
-	return (0);
-}
-
-/*
- * Called when we encounter an overflow or big key/data page during split
- * handling.  This is special cased since we have to begin checking whether
- * the key/data pairs fit on their respective pages and because we may need
- * overflow pages for both the old and new pages.
- *
- * The first page might be a page with regular key/data pairs in which case
- * we have a regular overflow condition and just need to go on to the next
- * page or it might be a big key/data pair in which case we need to fix the
- * big key/data pair.
- *
- * Returns:
- *	 0 ==> success
- *	-1 ==> failure
- */
-
-/* the maximum number of loops we will allow UGLY split to chew
- * on before we assume the database is corrupted and throw it
- * away.
- */
-#define MAX_UGLY_SPLIT_LOOPS 10000
-
-static int
-ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp,
- BUFHEAD *new_bufp,/* Same as __split_page. */ int copyto, int moved)
-	/* int copyto;	 First byte on page which contains key/data values. */
-	/* int moved;	 Number of pairs moved to new page. */
-{
-	register BUFHEAD *bufp;	/* Buffer header for ino */
-	register uint16 *ino;	/* Page keys come off of */
-	register uint16 *np;	/* New page */
-	register uint16 *op;	/* Page keys go on to if they aren't moving */
-    uint32 loop_detection=0;
-
-	BUFHEAD *last_bfp;	/* Last buf header OVFL needing to be freed */
-	DBT key, val;
-	SPLIT_RETURN ret;
-	uint16 n, off, ov_addr, scopyto;
-	char *cino;		/* Character value of ino */
-	int status;
-
-	bufp = old_bufp;
-	ino = (uint16 *)old_bufp->page;
-	np = (uint16 *)new_bufp->page;
-	op = (uint16 *)old_bufp->page;
-	last_bfp = NULL;
-	scopyto = (uint16)copyto;	/* ANSI */
-
-	n = ino[0] - 1;
-	while (n < ino[0]) {
-
-
-        /* this function goes nuts sometimes and never returns. 
-         * I havent found the problem yet but I need a solution
-         * so if we loop too often we assume a database curruption error
-         * :LJM
-         */
-        loop_detection++;
-
-        if(loop_detection > MAX_UGLY_SPLIT_LOOPS)
-            return DATABASE_CORRUPTED_ERROR;
-
-		if (ino[2] < REAL_KEY && ino[2] != OVFLPAGE) {
-			if ((status = __big_split(hashp, old_bufp,
-			    new_bufp, bufp, bufp->addr, obucket, &ret)))
-				return (status);
-			old_bufp = ret.oldp;
-			if (!old_bufp)
-				return (-1);
-			op = (uint16 *)old_bufp->page;
-			new_bufp = ret.newp;
-			if (!new_bufp)
-				return (-1);
-			np = (uint16 *)new_bufp->page;
-			bufp = ret.nextp;
-			if (!bufp)
-				return (0);
-			cino = (char *)bufp->page;
-			ino = (uint16 *)cino;
-			last_bfp = ret.nextp;
-		} else if (ino[n + 1] == OVFLPAGE) {
-			ov_addr = ino[n];
-			/*
-			 * Fix up the old page -- the extra 2 are the fields
-			 * which contained the overflow information.
-			 */
-			ino[0] -= (moved + 2);
-			FREESPACE(ino) =
-			    scopyto - sizeof(uint16) * (ino[0] + 3);
-			OFFSET(ino) = scopyto;
-
-			bufp = __get_buf(hashp, ov_addr, bufp, 0);
-			if (!bufp)
-				return (-1);
-
-			ino = (uint16 *)bufp->page;
-			n = 1;
-			scopyto = hashp->BSIZE;
-			moved = 0;
-
-			if (last_bfp)
-				__free_ovflpage(hashp, last_bfp);
-			last_bfp = bufp;
-		}
-		/* Move regular sized pairs of there are any */
-		off = hashp->BSIZE;
-		for (n = 1; (n < ino[0]) && (ino[n + 1] >= REAL_KEY); n += 2) {
-			cino = (char *)ino;
-			key.data = (uint8 *)cino + ino[n];
-			key.size = off - ino[n];
-			val.data = (uint8 *)cino + ino[n + 1];
-			val.size = ino[n] - ino[n + 1];
-			off = ino[n + 1];
-
-			if (__call_hash(hashp, (char*)key.data, key.size) == obucket) {
-				/* Keep on old page */
-				if (PAIRFITS(op, (&key), (&val)))
-					putpair((char *)op, &key, &val);
-				else {
-					old_bufp =
-					    __add_ovflpage(hashp, old_bufp);
-					if (!old_bufp)
-						return (-1);
-					op = (uint16 *)old_bufp->page;
-					putpair((char *)op, &key, &val);
-				}
-				old_bufp->flags |= BUF_MOD;
-			} else {
-				/* Move to new page */
-				if (PAIRFITS(np, (&key), (&val)))
-					putpair((char *)np, &key, &val);
-				else {
-					new_bufp =
-					    __add_ovflpage(hashp, new_bufp);
-					if (!new_bufp)
-						return (-1);
-					np = (uint16 *)new_bufp->page;
-					putpair((char *)np, &key, &val);
-				}
-				new_bufp->flags |= BUF_MOD;
-			}
-		}
-	}
-	if (last_bfp)
-		__free_ovflpage(hashp, last_bfp);
-	return (0);
-}
-
-/*
- * Add the given pair to the page
- *
- * Returns:
- *	0 ==> OK
- *	1 ==> failure
- */
-extern int
-__addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val)
-{
-	register uint16 *bp, *sop;
-	int do_expand;
-
-	bp = (uint16 *)bufp->page;
-	do_expand = 0;
-	while (bp[0] && (bp[2] < REAL_KEY || bp[bp[0]] < REAL_KEY))
-		/* Exception case */
-		if (bp[2] == FULL_KEY_DATA && bp[0] == 2)
-			/* This is the last page of a big key/data pair
-			   and we need to add another page */
-			break;
-		else if (bp[2] < REAL_KEY && bp[bp[0]] != OVFLPAGE) {
-			bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-			if (!bufp)
-			  {
-#ifdef DEBUG
-				assert(0);
-#endif
-				return (-1);
-			  }
-			bp = (uint16 *)bufp->page;
-		} else
-			/* Try to squeeze key on this page */
-			if (FREESPACE(bp) > PAIRSIZE(key, val)) {
-			  {
-				squeeze_key(bp, key, val);
-
-				/* LJM: I added this because I think it was
-				 * left out on accident.
-				 * if this isn't incremented nkeys will not
-				 * be the actual number of keys in the db.
-				 */
-				hashp->NKEYS++;
-				return (0);
-			  }
-			} else {
-				bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
-				if (!bufp)
-			      {
-#ifdef DEBUG
-				    assert(0);
-#endif
-					return (-1);
-				  }
-				bp = (uint16 *)bufp->page;
-			}
-
-	if (PAIRFITS(bp, key, val))
-		putpair(bufp->page, key, (DBT *)val);
-	else {
-		do_expand = 1;
-		bufp = __add_ovflpage(hashp, bufp);
-		if (!bufp)
-	      {
-#ifdef DEBUG
-		    assert(0);
-#endif
-			return (-1);
-		  }
-		sop = (uint16 *)bufp->page;
-
-		if (PAIRFITS(sop, key, val))
-			putpair((char *)sop, key, (DBT *)val);
-		else
-			if (__big_insert(hashp, bufp, key, val))
-	          {
-#ifdef DEBUG
-		        assert(0);
-#endif
-			    return (-1);
-		      }
-	}
-	bufp->flags |= BUF_MOD;
-	/*
-	 * If the average number of keys per bucket exceeds the fill factor,
-	 * expand the table.
-	 */
-	hashp->NKEYS++;
-	if (do_expand ||
-	    (hashp->NKEYS / (hashp->MAX_BUCKET + 1) > hashp->FFACTOR))
-		return (__expand_table(hashp));
-	return (0);
-}
-
-/*
- *
- * Returns:
- *	pointer on success
- *	NULL on error
- */
-extern BUFHEAD *
-__add_ovflpage(HTAB *hashp, BUFHEAD *bufp)
-{
-	register uint16 *sp;
-	uint16 ndx, ovfl_num;
-#ifdef DEBUG1
-	int tmp1, tmp2;
-#endif
-	sp = (uint16 *)bufp->page;
-
-	/* Check if we are dynamically determining the fill factor */
-	if (hashp->FFACTOR == DEF_FFACTOR) {
-		hashp->FFACTOR = sp[0] >> 1;
-		if (hashp->FFACTOR < MIN_FFACTOR)
-			hashp->FFACTOR = MIN_FFACTOR;
-	}
-	bufp->flags |= BUF_MOD;
-	ovfl_num = overflow_page(hashp);
-#ifdef DEBUG1
-	tmp1 = bufp->addr;
-	tmp2 = bufp->ovfl ? bufp->ovfl->addr : 0;
-#endif
-	if (!ovfl_num || !(bufp->ovfl = __get_buf(hashp, ovfl_num, bufp, 1)))
-		return (NULL);
-	bufp->ovfl->flags |= BUF_MOD;
-#ifdef DEBUG1
-	(void)fprintf(stderr, "ADDOVFLPAGE: %d->ovfl was %d is now %d\n",
-	    tmp1, tmp2, bufp->ovfl->addr);
-#endif
-	ndx = sp[0];
-	/*
-	 * Since a pair is allocated on a page only if there's room to add
-	 * an overflow page, we know that the OVFL information will fit on
-	 * the page.
-	 */
-	sp[ndx + 4] = OFFSET(sp);
-	sp[ndx + 3] = FREESPACE(sp) - OVFLSIZE;
-	sp[ndx + 1] = ovfl_num;
-	sp[ndx + 2] = OVFLPAGE;
-	sp[0] = ndx + 2;
-#ifdef HASH_STATISTICS
-	hash_overflows++;
-#endif
-	return (bufp->ovfl);
-}
-
-/*
- * Returns:
- *	 0 indicates SUCCESS
- *	-1 indicates FAILURE
- */
-extern int
-__get_page(HTAB *hashp,
-	char * p,
-	uint32 bucket, 
-	int is_bucket, 
-	int is_disk, 
-	int is_bitmap)
-{
-	register int fd, page;
-	size_t size;
-	int rsize;
-	uint16 *bp;
-
-	fd = hashp->fp;
-	size = hashp->BSIZE;
-
-	if ((fd == -1) || !is_disk) {
-		PAGE_INIT(p);
-		return (0);
-	}
-	if (is_bucket)
-		page = BUCKET_TO_PAGE(bucket);
-	else
-		page = OADDR_TO_PAGE(bucket);
-	if ((MY_LSEEK(fd, (off_t)page << hashp->BSHIFT, SEEK_SET) == -1) ||
-	    ((rsize = read(fd, p, size)) == -1))
-		return (-1);
-
-	bp = (uint16 *)p;
-	if (!rsize)
-		bp[0] = 0;	/* We hit the EOF, so initialize a new page */
-	else
-		if ((unsigned)rsize != size) {
-			errno = EFTYPE;
-			return (-1);
-		}
-
-	if (!is_bitmap && !bp[0]) {
-		PAGE_INIT(p);
-	} else {
-
-#ifdef DEBUG
-		if(BYTE_ORDER == LITTLE_ENDIAN)
-		  {
-			int is_little_endian;
-			is_little_endian = BYTE_ORDER;
-		  }
-		else if(BYTE_ORDER == BIG_ENDIAN)
-		  {
-			int is_big_endian;
-			is_big_endian = BYTE_ORDER;
-		  }
-		else
-		  {
-			assert(0);
-		  }
-#endif
-
-		if (hashp->LORDER != BYTE_ORDER) {
-			register int i, max;
-
-			if (is_bitmap) {
-				max = hashp->BSIZE >> 2; /* divide by 4 */
-				for (i = 0; i < max; i++)
-					M_32_SWAP(((int *)p)[i]);
-			} else {
-				M_16_SWAP(bp[0]);
-				max = bp[0] + 2;
-
-	    		/* bound the size of max by
-	     		 * the maximum number of entries
-	     		 * in the array
-	     		 */
-				if((unsigned)max > (size / sizeof(uint16)))
-					return(DATABASE_CORRUPTED_ERROR);
-
-				/* do the byte order swap
-				 */
-				for (i = 1; i <= max; i++)
-					M_16_SWAP(bp[i]);
-			}
-		}
-
-		/* check the validity of the page here
-		 * (after doing byte order swaping if necessary)
-		 */
-		if(!is_bitmap && bp[0] != 0)
-		  {
-			uint16 num_keys = bp[0];
-			uint16 offset;
-			uint16 i;
-
-			/* bp[0] is supposed to be the number of
-			 * entries currently in the page.  If
-			 * bp[0] is too large (larger than the whole
-			 * page) then the page is corrupted
-			 */
-			if(bp[0] > (size / sizeof(uint16)))
-				return(DATABASE_CORRUPTED_ERROR);
-			
-			/* bound free space */
-			if(FREESPACE(bp) > size)
-				return(DATABASE_CORRUPTED_ERROR);
-		
-			/* check each key and data offset to make
- 			 * sure they are all within bounds they
- 			 * should all be less than the previous
- 			 * offset as well.
- 			 */
-			offset = size;
-			for(i=1 ; i <= num_keys; i+=2)
-  			  {
-				/* ignore overflow pages etc. */
-				if(bp[i+1] >= REAL_KEY)
-	  			  {
-						
-					if(bp[i] > offset || bp[i+1] > bp[i])			
-						return(DATABASE_CORRUPTED_ERROR);
-			
-					offset = bp[i+1];
-	  			  }
-				else
-	  			  {
-					/* there are no other valid keys after
-		 			 * seeing a non REAL_KEY
-		 			 */
-					break;
-	  			  }
-  			  }
-		}
-	}
-	return (0);
-}
-
-/*
- * Write page p to disk
- *
- * Returns:
- *	 0 ==> OK
- *	-1 ==>failure
- */
-extern int
-__put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap)
-{
-	register int fd, page;
-	size_t size;
-	int wsize;
-	off_t offset;
-
-	size = hashp->BSIZE;
-	if ((hashp->fp == -1) && open_temp(hashp))
-		return (-1);
-	fd = hashp->fp;
-
-	if (hashp->LORDER != BYTE_ORDER) {
-		register int i;
-		register int max;
-
-		if (is_bitmap) {
-			max = hashp->BSIZE >> 2;	/* divide by 4 */
-			for (i = 0; i < max; i++)
-				M_32_SWAP(((int *)p)[i]);
-		} else {
-			max = ((uint16 *)p)[0] + 2;
-
-            /* bound the size of max by
-             * the maximum number of entries
-             * in the array
-             */
-            if((unsigned)max > (size / sizeof(uint16)))
-                return(DATABASE_CORRUPTED_ERROR);
-
-			for (i = 0; i <= max; i++)
-				M_16_SWAP(((uint16 *)p)[i]);
-
-		}
-	}
-
-	if (is_bucket)
-		page = BUCKET_TO_PAGE(bucket);
-	else
-		page = OADDR_TO_PAGE(bucket);
-	offset = (off_t)page << hashp->BSHIFT;
-	if ((MY_LSEEK(fd, offset, SEEK_SET) == -1) ||
-	    ((wsize = write(fd, p, size)) == -1))
-		/* Errno is set */
-		return (-1);
-	if ((unsigned)wsize != size) {
-		errno = EFTYPE;
-		return (-1);
-	}
-#if defined(_WIN32) || defined(_WINDOWS) 
-	if (offset + size > hashp->file_size) {
-		hashp->updateEOF = 1;
-	}
-#endif
-	/* put the page back the way it was so that it isn't byteswapped
-	 * if it remains in memory - LJM
-	 */
-	if (hashp->LORDER != BYTE_ORDER) {
-		register int i;
-		register int max;
-
-		if (is_bitmap) {
-			max = hashp->BSIZE >> 2;	/* divide by 4 */
-			for (i = 0; i < max; i++)
-				M_32_SWAP(((int *)p)[i]);
-		} else {
-    		uint16 *bp = (uint16 *)p;
-
-			M_16_SWAP(bp[0]);
-			max = bp[0] + 2;
-
-			/* no need to bound the size if max again
-			 * since it was done already above
-			 */
-
-			/* do the byte order re-swap
-			 */
-			for (i = 1; i <= max; i++)
-				M_16_SWAP(bp[i]);
-		}
-	}
-
-	return (0);
-}
-
-#define BYTE_MASK	((1 << INT_BYTE_SHIFT) -1)
-/*
- * Initialize a new bitmap page.  Bitmap pages are left in memory
- * once they are read in.
- */
-extern int
-__ibitmap(HTAB *hashp, int pnum, int nbits, int ndx)
-{
-	uint32 *ip;
-	size_t clearbytes, clearints;
-
-	if ((ip = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
-		return (1);
-	hashp->nmaps++;
-	clearints = ((nbits - 1) >> INT_BYTE_SHIFT) + 1;
-	clearbytes = clearints << INT_TO_BYTE;
-	(void)memset((char *)ip, 0, clearbytes);
-	(void)memset(((char *)ip) + clearbytes, 0xFF,
-	    hashp->BSIZE - clearbytes);
-	ip[clearints - 1] = ALL_SET << (nbits & BYTE_MASK);
-	SETBIT(ip, 0);
-	hashp->BITMAPS[ndx] = (uint16)pnum;
-	hashp->mapp[ndx] = ip;
-	return (0);
-}
-
-static uint32
-first_free(uint32 map)
-{
-	register uint32 i, mask;
-
-	mask = 0x1;
-	for (i = 0; i < BITS_PER_MAP; i++) {
-		if (!(mask & map))
-			return (i);
-		mask = mask << 1;
-	}
-	return (i);
-}
-
-static uint16
-overflow_page(HTAB *hashp)
-{
-	register uint32 *freep=NULL;
-	register int max_free, offset, splitnum;
-	uint16 addr;
-	uint32 i;
-	int bit, first_page, free_bit, free_page, in_use_bits, j;
-#ifdef DEBUG2
-	int tmp1, tmp2;
-#endif
-	splitnum = hashp->OVFL_POINT;
-	max_free = hashp->SPARES[splitnum];
-
-	free_page = (max_free - 1) >> (hashp->BSHIFT + BYTE_SHIFT);
-	free_bit = (max_free - 1) & ((hashp->BSIZE << BYTE_SHIFT) - 1);
-
-	/* Look through all the free maps to find the first free block */
-	first_page = hashp->LAST_FREED >>(hashp->BSHIFT + BYTE_SHIFT);
-	for ( i = first_page; i <= (unsigned)free_page; i++ ) {
-		if (!(freep = (uint32 *)hashp->mapp[i]) &&
-		    !(freep = fetch_bitmap(hashp, i)))
-			return (0);
-		if (i == (unsigned)free_page)
-			in_use_bits = free_bit;
-		else
-			in_use_bits = (hashp->BSIZE << BYTE_SHIFT) - 1;
-		
-		if (i == (unsigned)first_page) {
-			bit = hashp->LAST_FREED &
-			    ((hashp->BSIZE << BYTE_SHIFT) - 1);
-			j = bit / BITS_PER_MAP;
-			bit = bit & ~(BITS_PER_MAP - 1);
-		} else {
-			bit = 0;
-			j = 0;
-		}
-		for (; bit <= in_use_bits; j++, bit += BITS_PER_MAP)
-			if (freep[j] != ALL_SET)
-				goto found;
-	}
-
-	/* No Free Page Found */
-	hashp->LAST_FREED = hashp->SPARES[splitnum];
-	hashp->SPARES[splitnum]++;
-	offset = hashp->SPARES[splitnum] -
-	    (splitnum ? hashp->SPARES[splitnum - 1] : 0);
-
-#define	OVMSG	"HASH: Out of overflow pages.  Increase page size\n"
-	if (offset > SPLITMASK) {
-		if (++splitnum >= NCACHED) {
-#ifndef macintosh
-			(void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
-#endif
-			return (0);
-		}
-		hashp->OVFL_POINT = splitnum;
-		hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1];
-		hashp->SPARES[splitnum-1]--;
-		offset = 1;
-	}
-
-	/* Check if we need to allocate a new bitmap page */
-	if (free_bit == (hashp->BSIZE << BYTE_SHIFT) - 1) {
-		free_page++;
-		if (free_page >= NCACHED) {
-#ifndef macintosh
-			(void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
-#endif
-			return (0);
-		}
-		/*
-		 * This is tricky.  The 1 indicates that you want the new page
-		 * allocated with 1 clear bit.  Actually, you are going to
-		 * allocate 2 pages from this map.  The first is going to be
-		 * the map page, the second is the overflow page we were
-		 * looking for.  The init_bitmap routine automatically, sets
-		 * the first bit of itself to indicate that the bitmap itself
-		 * is in use.  We would explicitly set the second bit, but
-		 * don't have to if we tell init_bitmap not to leave it clear
-		 * in the first place.
-		 */
-		if (__ibitmap(hashp,
-		    (int)OADDR_OF(splitnum, offset), 1, free_page))
-			return (0);
-		hashp->SPARES[splitnum]++;
-#ifdef DEBUG2
-		free_bit = 2;
-#endif
-		offset++;
-		if (offset > SPLITMASK) {
-			if (++splitnum >= NCACHED) {
-#ifndef macintosh
-				(void)write(STDERR_FILENO, OVMSG,
-				    sizeof(OVMSG) - 1);
-#endif
-				return (0);
-			}
-			hashp->OVFL_POINT = splitnum;
-			hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1];
-			hashp->SPARES[splitnum-1]--;
-			offset = 0;
-		}
-	} else {
-		/*
-		 * Free_bit addresses the last used bit.  Bump it to address
-		 * the first available bit.
-		 */
-		free_bit++;
-		SETBIT(freep, free_bit);
-	}
-
-	/* Calculate address of the new overflow page */
-	addr = OADDR_OF(splitnum, offset);
-#ifdef DEBUG2
-	(void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
-	    addr, free_bit, free_page);
-#endif
-	return (addr);
-
-found:
-	bit = bit + first_free(freep[j]);
-	SETBIT(freep, bit);
-#ifdef DEBUG2
-	tmp1 = bit;
-	tmp2 = i;
-#endif
-	/*
-	 * Bits are addressed starting with 0, but overflow pages are addressed
-	 * beginning at 1. Bit is a bit addressnumber, so we need to increment
-	 * it to convert it to a page number.
-	 */
-	bit = 1 + bit + (i * (hashp->BSIZE << BYTE_SHIFT));
-	if (bit >= hashp->LAST_FREED)
-		hashp->LAST_FREED = bit - 1;
-
-	/* Calculate the split number for this page */
-	for (i = 0; (i < (unsigned)splitnum) && (bit > hashp->SPARES[i]); i++) {}
-	offset = (i ? bit - hashp->SPARES[i - 1] : bit);
-	if (offset >= SPLITMASK)
-		return (0);	/* Out of overflow pages */
-	addr = OADDR_OF(i, offset);
-#ifdef DEBUG2
-	(void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
-	    addr, tmp1, tmp2);
-#endif
-
-	/* Allocate and return the overflow page */
-	return (addr);
-}
-
-/*
- * Mark this overflow page as free.
- */
-extern void
-__free_ovflpage(HTAB *hashp, BUFHEAD *obufp)
-{
-	uint16 addr;
-	uint32 *freep;
-	uint32 bit_address, free_page, free_bit;
-	uint16 ndx;
-
-	if(!obufp || !obufp->addr)
-	    return;
-
-	addr = obufp->addr;
-#ifdef DEBUG1
-	(void)fprintf(stderr, "Freeing %d\n", addr);
-#endif
-	ndx = (((uint16)addr) >> SPLITSHIFT);
-	bit_address =
-	    (ndx ? hashp->SPARES[ndx - 1] : 0) + (addr & SPLITMASK) - 1;
-	if (bit_address < (uint32)hashp->LAST_FREED)
-		hashp->LAST_FREED = bit_address;
-	free_page = (bit_address >> (hashp->BSHIFT + BYTE_SHIFT));
-	free_bit = bit_address & ((hashp->BSIZE << BYTE_SHIFT) - 1);
-
-	if (!(freep = hashp->mapp[free_page])) 
-		freep = fetch_bitmap(hashp, free_page);
-
-#ifdef DEBUG
-	/*
-	 * This had better never happen.  It means we tried to read a bitmap
-	 * that has already had overflow pages allocated off it, and we
-	 * failed to read it from the file.
-	 */
-	if (!freep)
-	  {
-		assert(0);
-		return;
-	  }
-#endif
-	CLRBIT(freep, free_bit);
-#ifdef DEBUG2
-	(void)fprintf(stderr, "FREE_OVFLPAGE: ADDR: %d BIT: %d PAGE %d\n",
-	    obufp->addr, free_bit, free_page);
-#endif
-	__reclaim_buf(hashp, obufp);
-}
-
-/*
- * Returns:
- *	 0 success
- *	-1 failure
- */
-static int
-open_temp(HTAB *hashp)
-{
-#ifdef XP_OS2
- 	hashp->fp = mkstemp(NULL);
-#else
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
-	sigset_t set, oset;
-#endif
-#if !defined(macintosh)
-	char * tmpdir;
-	size_t len;
-	char last;
-#endif
-	static const char namestr[] = "/_hashXXXXXX";
-	char filename[1024];
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
-	/* Block signals; make sure file goes away at process exit. */
-	(void)sigfillset(&set);
-	(void)sigprocmask(SIG_BLOCK, &set, &oset);
-#endif
-
-	filename[0] = 0;
-#if defined(macintosh)
-	strcat(filename, namestr + 1);
-#else
-	tmpdir = getenv("TMP");
-	if (!tmpdir)
-		tmpdir = getenv("TMPDIR");
-	if (!tmpdir)
-		tmpdir = getenv("TEMP");
-	if (!tmpdir)
-		tmpdir = ".";
-	len = strlen(tmpdir);
-	if (len && len < (sizeof filename - sizeof namestr)) {
-		strcpy(filename, tmpdir);
-	}
-	len = strlen(filename);
-	last = tmpdir[len - 1];
-	strcat(filename, (last == '/' || last == '\\') ? namestr + 1 : namestr);
-#endif
-
-#if defined(_WIN32) || defined(_WINDOWS)
-	if ((hashp->fp = mkstempflags(filename, _O_BINARY|_O_TEMPORARY)) != -1) {
-		if (hashp->filename) {
-			free(hashp->filename);
-		}
-		hashp->filename = strdup(filename);
-		hashp->is_temp = 1;
-	}
-#else
-	if ((hashp->fp = mkstemp(filename)) != -1) {
-		(void)unlink(filename);
-#if !defined(macintosh)
-		(void)fcntl(hashp->fp, F_SETFD, 1);
-#endif									  
-	}
-#endif
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
-	(void)sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL);
-#endif
-#endif  /* !OS2 */
-	return (hashp->fp != -1 ? 0 : -1);
-}
-
-/*
- * We have to know that the key will fit, but the last entry on the page is
- * an overflow pair, so we need to shift things.
- */
-static void
-squeeze_key(uint16 *sp, const DBT * key, const DBT * val)
-{
-	register char *p;
-	uint16 free_space, n, off, pageno;
-
-	p = (char *)sp;
-	n = sp[0];
-	free_space = FREESPACE(sp);
-	off = OFFSET(sp);
-
-	pageno = sp[n - 1];
-	off -= key->size;
-	sp[n - 1] = off;
-	memmove(p + off, key->data, key->size);
-	off -= val->size;
-	sp[n] = off;
-	memmove(p + off, val->data, val->size);
-	sp[0] = n + 2;
-	sp[n + 1] = pageno;
-	sp[n + 2] = OVFLPAGE;
-	FREESPACE(sp) = free_space - PAIRSIZE(key, val);
-	OFFSET(sp) = off;
-}
-
-static uint32 *
-fetch_bitmap(HTAB *hashp, uint32 ndx)
-{
-	if (ndx >= (unsigned)hashp->nmaps)
-		return (NULL);
-	if ((hashp->mapp[ndx] = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
-		return (NULL);
-	if (__get_page(hashp,
-	    (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) {
-		free(hashp->mapp[ndx]);
-		hashp->mapp[ndx] = NULL; /* NEW: 9-11-95 */
-		return (NULL);
-	}                 
-	return (hashp->mapp[ndx]);
-}
-
-#ifdef DEBUG4
-int
-print_chain(int addr)
-{
-	BUFHEAD *bufp;
-	short *bp, oaddr;
-
-	(void)fprintf(stderr, "%d ", addr);
-	bufp = __get_buf(hashp, addr, NULL, 0);
-	bp = (short *)bufp->page;
-	while (bp[0] && ((bp[bp[0]] == OVFLPAGE) ||
-		((bp[0] > 2) && bp[2] < REAL_KEY))) {
-		oaddr = bp[bp[0] - 1];
-		(void)fprintf(stderr, "%d ", (int)oaddr);
-		bufp = __get_buf(hashp, (int)oaddr, bufp, 0);
-		bp = (short *)bufp->page;
-	}
-	(void)fprintf(stderr, "\n");
-}
-#endif
diff --git a/dbm/src/hash.c b/dbm/src/hash.c
deleted file mode 100644
index d984c5f30..000000000
--- a/dbm/src/hash.c
+++ /dev/null
@@ -1,1260 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash.c	8.9 (Berkeley) 6/16/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#if !defined(macintosh)
-#ifdef XP_OS2_EMX
-#include <sys/types.h>
-#endif
-#include <sys/stat.h>
-#endif
-
-#if defined(macintosh)
-#include <unix.h>
-#include <unistd.h>
-#endif
-
-#include <errno.h>
-#include <fcntl.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <unistd.h>
-#endif
-#if defined(_WIN32) || defined(_WINDOWS) 
-#include <windows.h>
-#endif
-
-#ifdef XP_OS2_VACPP
-#include "types.h"
-#define EPERM SOCEPERM
-#endif
-
-#include <assert.h>
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-
-/*
-#include "extern.h"
-*/
-static int   alloc_segs __P((HTAB *, int));
-static int   flush_meta __P((HTAB *));
-static int   hash_access __P((HTAB *, ACTION, DBT *, DBT *));
-static int   hash_close __P((DB *));
-static int   hash_delete __P((const DB *, const DBT *, uint));
-static int   hash_fd __P((const DB *));
-static int   hash_get __P((const DB *, const DBT *, DBT *, uint));
-static int   hash_put __P((const DB *, DBT *, const DBT *, uint));
-static void *hash_realloc __P((SEGMENT **, size_t, size_t));
-static int   hash_seq __P((const DB *, DBT *, DBT *, uint));
-static int   hash_sync __P((const DB *, uint));
-static int   hdestroy __P((HTAB *));
-static HTAB *init_hash __P((HTAB *, const char *, HASHINFO *));
-static int   init_htab __P((HTAB *, int));
-#if BYTE_ORDER == LITTLE_ENDIAN
-static void  swap_header __P((HTAB *));
-static void  swap_header_copy __P((HASHHDR *, HASHHDR *));
-#endif
-
-/* Fast arithmetic, relying on powers of 2, */
-#define MOD(x, y)		((x) & ((y) - 1))
-
-#define RETURN_ERROR(ERR, LOC)	{ save_errno = ERR; goto LOC; }
-
-/* Return values */
-#define	SUCCESS	 (0)
-#define	DBM_ERROR	(-1)
-#define	ABNORMAL (1)
-
-#ifdef HASH_STATISTICS
-int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
-#endif
-
-/* A new Lou (montulli@mozilla.com) routine.
- *
- * The database is screwed.  
- *
- * This closes the file, flushing buffers as appropriate.
- */
-static void
-__remove_database(DB *dbp)
-{
-	HTAB *hashp = (HTAB *)dbp->internal;
-
-	assert(0);
-
-	if (!hashp)
-		return;
-	hdestroy(hashp);
-	dbp->internal = NULL; 
-}
-
-/************************** INTERFACE ROUTINES ***************************/
-/* OPEN/CLOSE */
-
-
-extern DB *
-__hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags)
-{
-	HTAB *hashp=NULL;
-	struct stat statbuf;
-	DB *dbp;
-	int bpages, hdrsize, new_table, nsegs, save_errno;
-
-	if ((flags & O_ACCMODE) == O_WRONLY) {
-		errno = EINVAL;
-		RETURN_ERROR(ENOMEM, error0);
-	}
-
-	/* zero the statbuffer so that
-	 * we can check it for a non-zero
-	 * date to see if stat succeeded
-	 */
-	memset(&statbuf, 0, sizeof(struct stat));
-
-	if (!(hashp = (HTAB *)calloc(1, sizeof(HTAB))))
-		RETURN_ERROR(ENOMEM, error0);
-	hashp->fp = NO_FILE;
-	if(file)
-		hashp->filename = strdup(file);
-
-	/*
-	 * Even if user wants write only, we need to be able to read
-	 * the actual file, so we need to open it read/write. But, the
-	 * field in the hashp structure needs to be accurate so that
-	 * we can check accesses.
-	 */
-	hashp->flags = flags;
-
-	new_table = 0;
-	if (!file || (flags & O_TRUNC) 	|| (stat(file, &statbuf)  && (errno == ENOENT))) 
-	{
-		if (errno == ENOENT)
-			errno = 0; /* Just in case someone looks at errno */
-		new_table = 1;
-	}
-	else if(statbuf.st_mtime && statbuf.st_size == 0)
-	{
-		/* check for a zero length file and delete it
-	 	 * if it exists
-	 	 */
-		new_table = 1;
-	}
-	hashp->file_size = statbuf.st_size;
-
-	if (file) {				 
-
-#if defined(_WIN32) || defined(_WINDOWS) || defined (macintosh)  || defined(XP_OS2_VACPP)
-		if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
-			RETURN_ERROR(errno, error0);
-#else
- 	if ((hashp->fp = open(file, flags, mode)) == -1)
-		RETURN_ERROR(errno, error0);
-	(void)fcntl(hashp->fp, F_SETFD, 1);
-/* We can't use fcntl because of NFS bugs. SIGH */
-#if 0
-    {
-	struct flock fl;
-	memset(&fl, 0, sizeof(fl));
-	fl.l_type = F_WRLCK;
-	if (fcntl(hashp->fp, F_SETLK, &fl) < 0) {
-#ifdef DEBUG
-	    fprintf(stderr, "unable to open %s because it's locked (flags=0x%x)\n", file, flags);
-#endif
-	    RETURN_ERROR(EACCES, error1);
-	}
-    }
-#endif
-
-#endif
-	}
-	if (new_table) {
-		if (!init_hash(hashp, file, (HASHINFO *)info))
-			RETURN_ERROR(errno, error1);
-	} else {
-		/* Table already exists */
-		if (info && info->hash)
-			hashp->hash = info->hash;
-		else
-			hashp->hash = __default_hash;
-
-		hdrsize = read(hashp->fp, (char *)&hashp->hdr, sizeof(HASHHDR));
-#if BYTE_ORDER == LITTLE_ENDIAN
-		swap_header(hashp);
-#endif
-		if (hdrsize == -1)
-			RETURN_ERROR(errno, error1);
-		if (hdrsize != sizeof(HASHHDR))
-			RETURN_ERROR(EFTYPE, error1);
-		/* Verify file type, versions and hash function */
-		if (hashp->MAGIC != HASHMAGIC)
-			RETURN_ERROR(EFTYPE, error1);
-#define	OLDHASHVERSION	1
-		if (hashp->VERSION != HASHVERSION &&
-		    hashp->VERSION != OLDHASHVERSION)
-			RETURN_ERROR(EFTYPE, error1);
-		if (hashp->hash(CHARKEY, sizeof(CHARKEY)) != hashp->H_CHARKEY)
-			RETURN_ERROR(EFTYPE, error1);
-		if (hashp->NKEYS < 0) {
-		    /*
-		    ** OOPS. Old bad database from previously busted
-		    ** code. Blow it away.
-		    */
-		    close(hashp->fp);
-		    if (remove(file) < 0) {
-#if defined(DEBUG) && defined(XP_UNIX)
-			fprintf(stderr,
-				"WARNING: You have an old bad cache.db file"
-				" '%s', and I couldn't remove it!\n", file);
-#endif
-		    } else {
-#if defined(DEBUG) && defined(XP_UNIX)
-			fprintf(stderr,
-				"WARNING: I blew away your %s file because"
-				" it was bad due to a recently fixed bug\n",
-				file);
-#endif
-		    }
-		    RETURN_ERROR(ENOENT, error0);
-		}
-
-		/*
-		 * Figure out how many segments we need.  Max_Bucket is the
-		 * maximum bucket number, so the number of buckets is
-		 * max_bucket + 1.
-		 */
-		nsegs = (hashp->MAX_BUCKET + 1 + hashp->SGSIZE - 1) /
-			 hashp->SGSIZE;
-		hashp->nsegs = 0;
-		if (alloc_segs(hashp, nsegs))
-			/*
-			 * If alloc_segs fails, table will have been destroyed
-			 * and errno will have been set.
-			 */
-			RETURN_ERROR(ENOMEM, error0);
-		/* Read in bitmaps */
-		bpages = (hashp->SPARES[hashp->OVFL_POINT] +
-		    (hashp->BSIZE << BYTE_SHIFT) - 1) >>
-		    (hashp->BSHIFT + BYTE_SHIFT);
-
-		hashp->nmaps = bpages;
-		(void)memset(&hashp->mapp[0], 0, bpages * sizeof(uint32 *));
-	}
-
-	/* Initialize Buffer Manager */
-	if (info && info->cachesize)
-		__buf_init(hashp, (int32) info->cachesize);
-	else
-		__buf_init(hashp, DEF_BUFSIZE);
-
-	hashp->new_file = new_table;
-#ifdef macintosh
-	hashp->save_file = file && !(hashp->flags & O_RDONLY);
-#else
-	hashp->save_file = file && (hashp->flags & O_RDWR);
-#endif
-	hashp->cbucket = -1;
-	if (!(dbp = (DB *)malloc(sizeof(DB)))) {
-		save_errno = errno;
-		hdestroy(hashp);
-		errno = save_errno;
-		RETURN_ERROR(ENOMEM, error0);
-	}
-	dbp->internal = hashp;
-	dbp->close = hash_close;
-	dbp->del = hash_delete;
-	dbp->fd = hash_fd;
-	dbp->get = hash_get;
-	dbp->put = hash_put;
-	dbp->seq = hash_seq;
-	dbp->sync = hash_sync;
-	dbp->type = DB_HASH;
-
-#if 0
-#if defined(DEBUG) && !defined(_WINDOWS)
-{
-extern int MKLib_trace_flag;
-
-  if(MKLib_trace_flag)
-	(void)fprintf(stderr,
-"%s\n%s%lx\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%x\n%s%x\n%s%d\n%s%d\n",
-	    "init_htab:",
-	    "TABLE POINTER   ", (unsigned long) hashp,
-	    "BUCKET SIZE     ", hashp->BSIZE,
-	    "BUCKET SHIFT    ", hashp->BSHIFT,
-	    "DIRECTORY SIZE  ", hashp->DSIZE,
-	    "SEGMENT SIZE    ", hashp->SGSIZE,
-	    "SEGMENT SHIFT   ", hashp->SSHIFT,
-	    "FILL FACTOR     ", hashp->FFACTOR,
-	    "MAX BUCKET      ", hashp->MAX_BUCKET,
-	    "OVFL POINT	     ", hashp->OVFL_POINT,
-	    "LAST FREED      ", hashp->LAST_FREED,
-	    "HIGH MASK       ", hashp->HIGH_MASK,
-	    "LOW  MASK       ", hashp->LOW_MASK,
-	    "NSEGS           ", hashp->nsegs,
-	    "NKEYS           ", hashp->NKEYS);
-}
-#endif
-#endif /* 0 */
-#ifdef HASH_STATISTICS
-	hash_overflows = hash_accesses = hash_collisions = hash_expansions = 0;
-#endif
-	return (dbp);
-
-error1:
-	if (hashp != NULL)
-		(void)close(hashp->fp);
-
-error0:
-	free(hashp);
-	errno = save_errno;
-	return (NULL);
-}
-
-static int
-hash_close(DB *dbp)
-{
-	HTAB *hashp;
-	int retval;
-
-	if (!dbp)
-		return (DBM_ERROR);
-
-	hashp = (HTAB *)dbp->internal;
-	if(!hashp)
-		return (DBM_ERROR);
-
-	retval = hdestroy(hashp);
-	free(dbp);
-	return (retval);
-}
-
-static int hash_fd(const DB *dbp)
-{
-	HTAB *hashp;
-
-	if (!dbp)
-		return (DBM_ERROR);
-
-	hashp = (HTAB *)dbp->internal;
-	if(!hashp)
-		return (DBM_ERROR);
-
-	if (hashp->fp == -1) {
-		errno = ENOENT;
-		return (-1);
-	}
-	return (hashp->fp);
-}
-
-/************************** LOCAL CREATION ROUTINES **********************/
-static HTAB *
-init_hash(HTAB *hashp, const char *file, HASHINFO *info)
-{
-	struct stat statbuf;
-	int nelem;
-
-	nelem = 1;
-	hashp->NKEYS = 0;
-	hashp->LORDER = BYTE_ORDER;
-	hashp->BSIZE = DEF_BUCKET_SIZE;
-	hashp->BSHIFT = DEF_BUCKET_SHIFT;
-	hashp->SGSIZE = DEF_SEGSIZE;
-	hashp->SSHIFT = DEF_SEGSIZE_SHIFT;
-	hashp->DSIZE = DEF_DIRSIZE;
-	hashp->FFACTOR = DEF_FFACTOR;
-	hashp->hash = __default_hash;
-	memset(hashp->SPARES, 0, sizeof(hashp->SPARES));
-	memset(hashp->BITMAPS, 0, sizeof (hashp->BITMAPS));
-
-	/* Fix bucket size to be optimal for file system */
-	if (file != NULL) {
-		if (stat(file, &statbuf))
-			return (NULL);
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(VMS) && !defined(XP_OS2)
-#if defined(__QNX__) && !defined(__QNXNTO__)
-		hashp->BSIZE = 512; /* preferred blk size on qnx4 */
-#else
-		hashp->BSIZE = statbuf.st_blksize;
-#endif
-
-       	/* new code added by Lou to reduce block
-       	 * size down below MAX_BSIZE
-       	 */
-       	if (hashp->BSIZE > MAX_BSIZE)
-       		hashp->BSIZE = MAX_BSIZE;
-#endif
-		hashp->BSHIFT = __log2((uint32)hashp->BSIZE);
-	}
-
-	if (info) {
-		if (info->bsize) {
-			/* Round pagesize up to power of 2 */
-			hashp->BSHIFT = __log2(info->bsize);
-			hashp->BSIZE = 1 << hashp->BSHIFT;
-			if (hashp->BSIZE > MAX_BSIZE) {
-				errno = EINVAL;
-				return (NULL);
-			}
-		}
-		if (info->ffactor)
-			hashp->FFACTOR = info->ffactor;
-		if (info->hash)
-			hashp->hash = info->hash;
-		if (info->nelem)
-			nelem = info->nelem;
-		if (info->lorder) {
-			if (info->lorder != BIG_ENDIAN &&
-			    info->lorder != LITTLE_ENDIAN) {
-				errno = EINVAL;
-				return (NULL);
-			}
-			hashp->LORDER = info->lorder;
-		}
-	}
-	/* init_htab should destroy the table and set errno if it fails */
-	if (init_htab(hashp, nelem))
-		return (NULL);
-	else
-		return (hashp);
-}
-/*
- * This calls alloc_segs which may run out of memory.  Alloc_segs will destroy
- * the table and set errno, so we just pass the error information along.
- *
- * Returns 0 on No Error
- */
-static int
-init_htab(HTAB *hashp, int nelem)
-{
-	register int nbuckets, nsegs;
-	int l2;
-
-	/*
-	 * Divide number of elements by the fill factor and determine a
-	 * desired number of buckets.  Allocate space for the next greater
-	 * power of two number of buckets.
-	 */
-	nelem = (nelem - 1) / hashp->FFACTOR + 1;
-
-	l2 = __log2((uint32)PR_MAX(nelem, 2));
-	nbuckets = 1 << l2;
-
-	hashp->SPARES[l2] = l2 + 1;
-	hashp->SPARES[l2 + 1] = l2 + 1;
-	hashp->OVFL_POINT = l2;
-	hashp->LAST_FREED = 2;
-
-	/* First bitmap page is at: splitpoint l2 page offset 1 */
-	if (__ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0))
-		return (-1);
-
-	hashp->MAX_BUCKET = hashp->LOW_MASK = nbuckets - 1;
-	hashp->HIGH_MASK = (nbuckets << 1) - 1;
-	hashp->HDRPAGES = ((PR_MAX(sizeof(HASHHDR), MINHDRSIZE) - 1) >>
-	    hashp->BSHIFT) + 1;
-
-	nsegs = (nbuckets - 1) / hashp->SGSIZE + 1;
-	nsegs = 1 << __log2((uint32)nsegs);
-
-	if (nsegs > hashp->DSIZE)
-		hashp->DSIZE = nsegs;
-	return (alloc_segs(hashp, nsegs));
-}
-
-/********************** DESTROY/CLOSE ROUTINES ************************/
-
-/*
- * Flushes any changes to the file if necessary and destroys the hashp
- * structure, freeing all allocated space.
- */
-static int
-hdestroy(HTAB *hashp)
-{
-	int i, save_errno;
-
-	save_errno = 0;
-
-#ifdef HASH_STATISTICS
-	(void)fprintf(stderr, "hdestroy: accesses %ld collisions %ld\n",
-	    hash_accesses, hash_collisions);
-	(void)fprintf(stderr, "hdestroy: expansions %ld\n",
-	    hash_expansions);
-	(void)fprintf(stderr, "hdestroy: overflows %ld\n",
-	    hash_overflows);
-	(void)fprintf(stderr, "keys %ld maxp %d segmentcount %d\n",
-	    hashp->NKEYS, hashp->MAX_BUCKET, hashp->nsegs);
-
-	for (i = 0; i < NCACHED; i++)
-		(void)fprintf(stderr,
-		    "spares[%d] = %d\n", i, hashp->SPARES[i]);
-#endif
-	/*
-	 * Call on buffer manager to free buffers, and if required,
-	 * write them to disk.
-	 */
-	if (__buf_free(hashp, 1, hashp->save_file))
-		save_errno = errno;
-	if (hashp->dir) {
-		free(*hashp->dir);	/* Free initial segments */
-		/* Free extra segments */
-		while (hashp->exsegs--)
-			free(hashp->dir[--hashp->nsegs]);
-		free(hashp->dir);
-	}
-	if (flush_meta(hashp) && !save_errno)
-		save_errno = errno;
-	/* Free Bigmaps */
-	for (i = 0; i < hashp->nmaps; i++)
-		if (hashp->mapp[i])
-			free(hashp->mapp[i]);
-
-	if (hashp->fp != -1)
-		(void)close(hashp->fp);
-
-	if(hashp->filename) {
-#if defined(_WIN32) || defined(_WINDOWS) || defined(XP_OS2)
-		if (hashp->is_temp)
-			(void)unlink(hashp->filename);
-#endif
-		free(hashp->filename);
-	}
-	if (hashp->tmp_buf)
-	    free(hashp->tmp_buf);
-	if (hashp->tmp_key)
-	    free(hashp->tmp_key);
-	free(hashp);
-	if (save_errno) {
-		errno = save_errno;
-		return (DBM_ERROR);
-	}
-	return (SUCCESS);
-}
-
-#if defined(_WIN32) || defined(_WINDOWS) 
-/*
- * Close and reopen file to force file length update on windows. 
- *
- * Returns:
- *	 0 == OK
- *	-1 DBM_ERROR
- */
-static int
-update_EOF(HTAB *hashp)
-{
-#if defined(DBM_REOPEN_ON_FLUSH)
-	char *      file       = hashp->filename;
-	off_t       file_size;
-	int         flags;
-	int         mode       = -1;
-	struct stat statbuf;
-
-	memset(&statbuf, 0, sizeof statbuf);
-
-	/* make sure we won't lose the file by closing it. */
-	if (!file || (stat(file, &statbuf)  && (errno == ENOENT)))  {
-		/* pretend we did it. */
-		return 0;
-	}
-
-	(void)close(hashp->fp);
-
-	flags = hashp->flags & ~(O_TRUNC | O_CREAT | O_EXCL);
-
-	if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
-		return -1;
-	file_size = lseek(hashp->fp, (off_t)0, SEEK_END);
-	if (file_size == -1) 
-		return -1;
-	hashp->file_size = file_size;
-	return 0;
-#else
-	int    fd        = hashp->fp;
-	off_t  file_size = lseek(fd, (off_t)0, SEEK_END);
-	HANDLE handle    = (HANDLE)_get_osfhandle(fd);
-	BOOL   cool      = FlushFileBuffers(handle);
-#ifdef DEBUG3
-	if (!cool) {
-		DWORD err = GetLastError();
-		(void)fprintf(stderr,
-			"FlushFileBuffers failed, last error = %d, 0x%08x\n",
-			err, err);
-	}
-#endif
-	if (file_size == -1) 
-		return -1;
-	hashp->file_size = file_size;
-	return cool ? 0 : -1;
-#endif
-}
-#endif
-
-/*
- * Write modified pages to disk
- *
- * Returns:
- *	 0 == OK
- *	-1 DBM_ERROR
- */
-static int
-hash_sync(const DB *dbp, uint flags)
-{
-	HTAB *hashp;
-
-	if (flags != 0) {
-		errno = EINVAL;
-		return (DBM_ERROR);
-	}
-
-	if (!dbp)
-		return (DBM_ERROR);
-
-	hashp = (HTAB *)dbp->internal;
-	if(!hashp)
-		return (DBM_ERROR);
-
-	if (!hashp->save_file)
-		return (0);
-	if (__buf_free(hashp, 0, 1) || flush_meta(hashp))
-		return (DBM_ERROR);
-#if defined(_WIN32) || defined(_WINDOWS) 
-	if (hashp->updateEOF && hashp->filename && !hashp->is_temp) {
-		int status = update_EOF(hashp);
-		hashp->updateEOF = 0;
-		if (status)
-			return status;
-	}
-#endif
-	hashp->new_file = 0;
-	return (0);
-}
-
-/*
- * Returns:
- *	 0 == OK
- *	-1 indicates that errno should be set
- */
-static int
-flush_meta(HTAB *hashp)
-{
-	HASHHDR *whdrp;
-#if BYTE_ORDER == LITTLE_ENDIAN
-	HASHHDR whdr;
-#endif
-	int fp, i, wsize;
-
-	if (!hashp->save_file)
-		return (0);
-	hashp->MAGIC = HASHMAGIC;
-	hashp->VERSION = HASHVERSION;
-	hashp->H_CHARKEY = hashp->hash(CHARKEY, sizeof(CHARKEY));
-
-	fp = hashp->fp;
-	whdrp = &hashp->hdr;
-#if BYTE_ORDER == LITTLE_ENDIAN
-	whdrp = &whdr;
-	swap_header_copy(&hashp->hdr, whdrp);
-#endif
-	if ((lseek(fp, (off_t)0, SEEK_SET) == -1) ||
-	    ((wsize = write(fp, (char*)whdrp, sizeof(HASHHDR))) == -1))
-		return (-1);
-	else
-		if (wsize != sizeof(HASHHDR)) {
-			errno = EFTYPE;
-			hashp->dbmerrno = errno;
-			return (-1);
-		}
-	for (i = 0; i < NCACHED; i++)
-		if (hashp->mapp[i])
-			if (__put_page(hashp, (char *)hashp->mapp[i],
-				hashp->BITMAPS[i], 0, 1))
-				return (-1);
-	return (0);
-}
-
-/*******************************SEARCH ROUTINES *****************************/
-/*
- * All the access routines return
- *
- * Returns:
- *	 0 on SUCCESS
- *	 1 to indicate an external DBM_ERROR (i.e. key not found, etc)
- *	-1 to indicate an internal DBM_ERROR (i.e. out of memory, etc)
- */
-static int
-hash_get(
-	const DB *dbp,
-	const DBT *key,
-	DBT *data,
-	uint flag)
-{
-	HTAB *hashp;
-	int rv;
-
-	hashp = (HTAB *)dbp->internal;
-	if (!hashp)
-		return (DBM_ERROR);
-
-	if (flag) {
-		hashp->dbmerrno = errno = EINVAL;
-		return (DBM_ERROR);
-	}
-
-	rv = hash_access(hashp, HASH_GET, (DBT *)key, data);
-
-	if(rv == DATABASE_CORRUPTED_ERROR)
-	  {
-#if defined(unix) && defined(DEBUG)
-		printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
-	  	__remove_database((DB *)dbp);
-	  }
-
-	return(rv);
-}
-
-static int
-hash_put(
-	const DB *dbp,
-	DBT *key,
-	const DBT *data,
-	uint flag)
-{
-	HTAB *hashp;
-	int rv;
-
-	hashp = (HTAB *)dbp->internal;
-	if (!hashp)
-		return (DBM_ERROR);
-
-	if (flag && flag != R_NOOVERWRITE) {
-		hashp->dbmerrno = errno = EINVAL;
-		return (DBM_ERROR);
-	}
-	if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
-		hashp->dbmerrno = errno = EPERM;
-		return (DBM_ERROR);
-	}
-
-	rv =  hash_access(hashp, flag == R_NOOVERWRITE ?
-	    HASH_PUTNEW : HASH_PUT, (DBT *)key, (DBT *)data);
-
-	if(rv == DATABASE_CORRUPTED_ERROR)
-	  {
-#if defined(unix) && defined(DEBUG)
-		printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
-	  	__remove_database((DB *)dbp);
-	  }
-
-	return(rv);
-}
-
-static int
-hash_delete(
-	const DB *dbp,
-	const DBT *key,
-	uint flag)		/* Ignored */
-{
-	HTAB *hashp;
-	int rv;
-
-	hashp = (HTAB *)dbp->internal;
-	if (!hashp)
-		return (DBM_ERROR);
-
-	if (flag && flag != R_CURSOR) {
-		hashp->dbmerrno = errno = EINVAL;
-		return (DBM_ERROR);
-	}
-	if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
-		hashp->dbmerrno = errno = EPERM;
-		return (DBM_ERROR);
-	}
-	rv = hash_access(hashp, HASH_DELETE, (DBT *)key, NULL);
-
-	if(rv == DATABASE_CORRUPTED_ERROR)
-	  {
-#if defined(unix) && defined(DEBUG)
-		printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
-	  	__remove_database((DB *)dbp);
-	  }
-
-	return(rv);
-}
-
-#define MAX_OVERFLOW_HASH_ACCESS_LOOPS 2000
-/*
- * Assume that hashp has been set in wrapper routine.
- */
-static int
-hash_access(
-	HTAB *hashp,
-	ACTION action,
-	DBT *key, DBT *val)
-{
-	register BUFHEAD *rbufp;
-	BUFHEAD *bufp, *save_bufp;
-	register uint16 *bp;
-	register long n, ndx, off;
-	register size_t size;
-	register char *kp;
-	uint16 pageno;
-	uint32 ovfl_loop_count=0;
-    int32 last_overflow_page_no = -1;
-
-#ifdef HASH_STATISTICS
-	hash_accesses++;
-#endif
-
-	off = hashp->BSIZE;
-	size = key->size;
-	kp = (char *)key->data;
-	rbufp = __get_buf(hashp, __call_hash(hashp, kp, size), NULL, 0);
-	if (!rbufp)
-		return (DATABASE_CORRUPTED_ERROR);
-	save_bufp = rbufp;
-
-	/* Pin the bucket chain */
-	rbufp->flags |= BUF_PIN;
-	for (bp = (uint16 *)rbufp->page, n = *bp++, ndx = 1; ndx < n;)
-	{
-
-		if (bp[1] >= REAL_KEY) {
-			/* Real key/data pair */
-			if (size == (unsigned long)(off - *bp) &&
-			    memcmp(kp, rbufp->page + *bp, size) == 0)
-				goto found;
-			off = bp[1];
-#ifdef HASH_STATISTICS
-			hash_collisions++;
-#endif
-			bp += 2;
-			ndx += 2;
-		} else if (bp[1] == OVFLPAGE) {
-
-            /* database corruption: overflow loop detection */
-            if(last_overflow_page_no == (int32)*bp)
-    			return (DATABASE_CORRUPTED_ERROR);
-
-            last_overflow_page_no = *bp;
-
-			rbufp = __get_buf(hashp, *bp, rbufp, 0);
-			if (!rbufp) {
-				save_bufp->flags &= ~BUF_PIN;
-				return (DBM_ERROR);
-			}
-
-            ovfl_loop_count++;
-            if(ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS)
-    			return (DATABASE_CORRUPTED_ERROR);
-
-			/* FOR LOOP INIT */
-			bp = (uint16 *)rbufp->page;
-			n = *bp++;
-			ndx = 1;
-			off = hashp->BSIZE;
-		} else if (bp[1] < REAL_KEY) {
-			if ((ndx =
-			    __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0)
-				goto found;
-			if (ndx == -2) {
-				bufp = rbufp;
-				if (!(pageno =
-				    __find_last_page(hashp, &bufp))) {
-					ndx = 0;
-					rbufp = bufp;
-					break;	/* FOR */
-				}
-				rbufp = __get_buf(hashp, pageno, bufp, 0);
-				if (!rbufp) {
-					save_bufp->flags &= ~BUF_PIN;
-					return (DBM_ERROR);
-				}
-				/* FOR LOOP INIT */
-				bp = (uint16 *)rbufp->page;
-				n = *bp++;
-				ndx = 1;
-				off = hashp->BSIZE;
-			} else {
-				save_bufp->flags &= ~BUF_PIN;
-				return (DBM_ERROR);
-
-			}
-		}
-	}
-
-	/* Not found */
-	switch (action) {
-	case HASH_PUT:
-	case HASH_PUTNEW:
-		if (__addel(hashp, rbufp, key, val)) {
-			save_bufp->flags &= ~BUF_PIN;
-			return (DBM_ERROR);
-		} else {
-			save_bufp->flags &= ~BUF_PIN;
-			return (SUCCESS);
-		}
-	case HASH_GET:
-	case HASH_DELETE:
-	default:
-		save_bufp->flags &= ~BUF_PIN;
-		return (ABNORMAL);
-	}
-
-found:
-	switch (action) {
-	case HASH_PUTNEW:
-		save_bufp->flags &= ~BUF_PIN;
-		return (ABNORMAL);
-	case HASH_GET:
-		bp = (uint16 *)rbufp->page;
-		if (bp[ndx + 1] < REAL_KEY) {
-			if (__big_return(hashp, rbufp, ndx, val, 0))
-				return (DBM_ERROR);
-		} else {
-			val->data = (uint8 *)rbufp->page + (int)bp[ndx + 1];
-			val->size = bp[ndx] - bp[ndx + 1];
-		}
-		break;
-	case HASH_PUT:
-		if ((__delpair(hashp, rbufp, ndx)) ||
-		    (__addel(hashp, rbufp, key, val))) {
-			save_bufp->flags &= ~BUF_PIN;
-			return (DBM_ERROR);
-		}
-		break;
-	case HASH_DELETE:
-		if (__delpair(hashp, rbufp, ndx))
-			return (DBM_ERROR);
-		break;
-	default:
-		abort();
-	}
-	save_bufp->flags &= ~BUF_PIN;
-	return (SUCCESS);
-}
-
-static int
-hash_seq(
-	const DB *dbp,
-	DBT *key, DBT *data,
-	uint flag)
-{
-	register uint32 bucket;
-	register BUFHEAD *bufp;
-	HTAB *hashp;
-	uint16 *bp, ndx;
-
-	hashp = (HTAB *)dbp->internal;
-	if (!hashp)
-		return (DBM_ERROR);
-
-	if (flag && flag != R_FIRST && flag != R_NEXT) {
-		hashp->dbmerrno = errno = EINVAL;
-		return (DBM_ERROR);
-	}
-#ifdef HASH_STATISTICS
-	hash_accesses++;
-#endif
-	if ((hashp->cbucket < 0) || (flag == R_FIRST)) {
-		hashp->cbucket = 0;
-		hashp->cndx = 1;
-		hashp->cpage = NULL;
-	}
-
-	for (bp = NULL; !bp || !bp[0]; ) {
-		if (!(bufp = hashp->cpage)) {
-			for (bucket = hashp->cbucket;
-			    bucket <= (uint32)hashp->MAX_BUCKET;
-			    bucket++, hashp->cndx = 1) {
-				bufp = __get_buf(hashp, bucket, NULL, 0);
-				if (!bufp)
-					return (DBM_ERROR);
-				hashp->cpage = bufp;
-				bp = (uint16 *)bufp->page;
-				if (bp[0])
-					break;
-			}
-			hashp->cbucket = bucket;
-			if (hashp->cbucket > hashp->MAX_BUCKET) {
-				hashp->cbucket = -1;
-				return (ABNORMAL);
-			}
-		} else
-			bp = (uint16 *)hashp->cpage->page;
-
-#ifdef DEBUG
-		assert(bp);
-		assert(bufp);
-#endif
-		while (bp[hashp->cndx + 1] == OVFLPAGE) {
-			bufp = hashp->cpage =
-			    __get_buf(hashp, bp[hashp->cndx], bufp, 0);
-			if (!bufp)
-				return (DBM_ERROR);
-			bp = (uint16 *)(bufp->page);
-			hashp->cndx = 1;
-		}
-		if (!bp[0]) {
-			hashp->cpage = NULL;
-			++hashp->cbucket;
-		}
-	}
-	ndx = hashp->cndx;
-	if (bp[ndx + 1] < REAL_KEY) {
-		if (__big_keydata(hashp, bufp, key, data, 1))
-			return (DBM_ERROR);
-	} else {
-		key->data = (uint8 *)hashp->cpage->page + bp[ndx];
-		key->size = (ndx > 1 ? bp[ndx - 1] : hashp->BSIZE) - bp[ndx];
-		data->data = (uint8 *)hashp->cpage->page + bp[ndx + 1];
-		data->size = bp[ndx] - bp[ndx + 1];
-		ndx += 2;
-		if (ndx > bp[0]) {
-			hashp->cpage = NULL;
-			hashp->cbucket++;
-			hashp->cndx = 1;
-		} else
-			hashp->cndx = ndx;
-	}
-	return (SUCCESS);
-}
-
-/********************************* UTILITIES ************************/
-
-/*
- * Returns:
- *	 0 ==> OK
- *	-1 ==> Error
- */
-extern int
-__expand_table(HTAB *hashp)
-{
-	uint32 old_bucket, new_bucket;
-	int new_segnum, spare_ndx;
-	size_t dirsize;
-
-#ifdef HASH_STATISTICS
-	hash_expansions++;
-#endif
-	new_bucket = ++hashp->MAX_BUCKET;
-	old_bucket = (hashp->MAX_BUCKET & hashp->LOW_MASK);
-
-	new_segnum = new_bucket >> hashp->SSHIFT;
-
-	/* Check if we need a new segment */
-	if (new_segnum >= hashp->nsegs) {
-		/* Check if we need to expand directory */
-		if (new_segnum >= hashp->DSIZE) {
-			/* Reallocate directory */
-			dirsize = hashp->DSIZE * sizeof(SEGMENT *);
-			if (!hash_realloc(&hashp->dir, dirsize, dirsize << 1))
-				return (-1);
-			hashp->DSIZE = dirsize << 1;
-		}
-		if ((hashp->dir[new_segnum] =
-		    (SEGMENT)calloc((size_t)hashp->SGSIZE, sizeof(SEGMENT))) == NULL)
-			return (-1);
-		hashp->exsegs++;
-		hashp->nsegs++;
-	}
-	/*
-	 * If the split point is increasing (MAX_BUCKET's log base 2
-	 * * increases), we need to copy the current contents of the spare
-	 * split bucket to the next bucket.
-	 */
-	spare_ndx = __log2((uint32)(hashp->MAX_BUCKET + 1));
-	if (spare_ndx > hashp->OVFL_POINT) {
-		hashp->SPARES[spare_ndx] = hashp->SPARES[hashp->OVFL_POINT];
-		hashp->OVFL_POINT = spare_ndx;
-	}
-
-	if (new_bucket > (uint32)hashp->HIGH_MASK) {
-		/* Starting a new doubling */
-		hashp->LOW_MASK = hashp->HIGH_MASK;
-		hashp->HIGH_MASK = new_bucket | hashp->LOW_MASK;
-	}
-	/* Relocate records to the new bucket */
-	return (__split_page(hashp, old_bucket, new_bucket));
-}
-
-/*
- * If realloc guarantees that the pointer is not destroyed if the realloc
- * fails, then this routine can go away.
- */
-static void *
-hash_realloc(
-	SEGMENT **p_ptr,
-	size_t oldsize, size_t newsize)
-{
-	register void *p;
-
-	if ((p = malloc(newsize))) {
-		memmove(p, *p_ptr, oldsize);
-		memset((char *)p + oldsize, 0, newsize - oldsize);
-		free(*p_ptr);
-		*p_ptr = (SEGMENT *)p;
-	}
-	return (p);
-}
-
-extern uint32
-__call_hash(HTAB *hashp, char *k, size_t len)
-{
-	uint32 n, bucket;
-
-	n = hashp->hash(k, len);
-	bucket = n & hashp->HIGH_MASK;
-	if (bucket > (uint32)hashp->MAX_BUCKET)
-		bucket = bucket & hashp->LOW_MASK;
-	return (bucket);
-}
-
-/*
- * Allocate segment table.  On error, destroy the table and set errno.
- *
- * Returns 0 on success
- */
-static int
-alloc_segs(
-	HTAB *hashp,
-	int nsegs)
-{
-	register int i;
-	register SEGMENT store;
-
-	int save_errno;
-
-	if ((hashp->dir =
-	    (SEGMENT *)calloc((size_t)hashp->DSIZE, sizeof(SEGMENT *))) == NULL) {
-		save_errno = errno;
-		(void)hdestroy(hashp);
-		errno = save_errno;
-		return (-1);
-	}
-	/* Allocate segments */
-	if ((store =
-	    (SEGMENT)calloc((size_t)nsegs << hashp->SSHIFT, sizeof(SEGMENT))) == NULL) {
-		save_errno = errno;
-		(void)hdestroy(hashp);
-		errno = save_errno;
-		return (-1);
-	}
-	for (i = 0; i < nsegs; i++, hashp->nsegs++)
-		hashp->dir[i] = &store[i << hashp->SSHIFT];
-	return (0);
-}
-
-#if BYTE_ORDER == LITTLE_ENDIAN
-/*
- * Hashp->hdr needs to be byteswapped.
- */
-static void
-swap_header_copy(
-	HASHHDR *srcp, HASHHDR *destp)
-{
-	int i;
-
-	P_32_COPY(srcp->magic, destp->magic);
-	P_32_COPY(srcp->version, destp->version);
-	P_32_COPY(srcp->lorder, destp->lorder);
-	P_32_COPY(srcp->bsize, destp->bsize);
-	P_32_COPY(srcp->bshift, destp->bshift);
-	P_32_COPY(srcp->dsize, destp->dsize);
-	P_32_COPY(srcp->ssize, destp->ssize);
-	P_32_COPY(srcp->sshift, destp->sshift);
-	P_32_COPY(srcp->ovfl_point, destp->ovfl_point);
-	P_32_COPY(srcp->last_freed, destp->last_freed);
-	P_32_COPY(srcp->max_bucket, destp->max_bucket);
-	P_32_COPY(srcp->high_mask, destp->high_mask);
-	P_32_COPY(srcp->low_mask, destp->low_mask);
-	P_32_COPY(srcp->ffactor, destp->ffactor);
-	P_32_COPY(srcp->nkeys, destp->nkeys);
-	P_32_COPY(srcp->hdrpages, destp->hdrpages);
-	P_32_COPY(srcp->h_charkey, destp->h_charkey);
-	for (i = 0; i < NCACHED; i++) {
-		P_32_COPY(srcp->spares[i], destp->spares[i]);
-		P_16_COPY(srcp->bitmaps[i], destp->bitmaps[i]);
-	}
-}
-
-static void
-swap_header(HTAB *hashp)
-{
-	HASHHDR *hdrp;
-	int i;
-
-	hdrp = &hashp->hdr;
-
-	M_32_SWAP(hdrp->magic);
-	M_32_SWAP(hdrp->version);
-	M_32_SWAP(hdrp->lorder);
-	M_32_SWAP(hdrp->bsize);
-	M_32_SWAP(hdrp->bshift);
-	M_32_SWAP(hdrp->dsize);
-	M_32_SWAP(hdrp->ssize);
-	M_32_SWAP(hdrp->sshift);
-	M_32_SWAP(hdrp->ovfl_point);
-	M_32_SWAP(hdrp->last_freed);
-	M_32_SWAP(hdrp->max_bucket);
-	M_32_SWAP(hdrp->high_mask);
-	M_32_SWAP(hdrp->low_mask);
-	M_32_SWAP(hdrp->ffactor);
-	M_32_SWAP(hdrp->nkeys);
-	M_32_SWAP(hdrp->hdrpages);
-	M_32_SWAP(hdrp->h_charkey);
-	for (i = 0; i < NCACHED; i++) {
-		M_32_SWAP(hdrp->spares[i]);
-		M_16_SWAP(hdrp->bitmaps[i]);
-	}
-}
-#endif
diff --git a/dbm/src/hash_buf.c b/dbm/src/hash_buf.c
deleted file mode 100644
index d1193de6f..000000000
--- a/dbm/src/hash_buf.c
+++ /dev/null
@@ -1,414 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_buf.c	8.5 (Berkeley) 7/15/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hash
- *
- * DESCRIPTION:
- *	Contains buffer management
- *
- * ROUTINES:
- * External
- *	__buf_init
- *	__get_buf
- *	__buf_free
- *	__reclaim_buf
- * Internal
- *	newbuf
- */
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#include <errno.h>
-#include <stddef.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef DEBUG
-#include <assert.h>
-#endif
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-static BUFHEAD *newbuf __P((HTAB *, uint32, BUFHEAD *));
-
-/* Unlink B from its place in the lru */
-#define BUF_REMOVE(B) { \
-	(B)->prev->next = (B)->next; \
-	(B)->next->prev = (B)->prev; \
-}
-
-/* Insert B after P */
-#define BUF_INSERT(B, P) { \
-	(B)->next = (P)->next; \
-	(B)->prev = (P); \
-	(P)->next = (B); \
-	(B)->next->prev = (B); \
-}
-
-#define	MRU	hashp->bufhead.next
-#define	LRU	hashp->bufhead.prev
-
-#define MRU_INSERT(B)	BUF_INSERT((B), &hashp->bufhead)
-#define LRU_INSERT(B)	BUF_INSERT((B), LRU)
-
-/*
- * We are looking for a buffer with address "addr".  If prev_bp is NULL, then
- * address is a bucket index.  If prev_bp is not NULL, then it points to the
- * page previous to an overflow page that we are trying to find.
- *
- * CAVEAT:  The buffer header accessed via prev_bp's ovfl field may no longer
- * be valid.  Therefore, you must always verify that its address matches the
- * address you are seeking.
- */
-extern BUFHEAD *
-__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage)
-/* If prev_bp set, indicates a new overflow page. */
-{
-	register BUFHEAD *bp;
-	register uint32 is_disk_mask;
-	register int is_disk, segment_ndx = 0;
-	SEGMENT segp = 0;
-
-	is_disk = 0;
-	is_disk_mask = 0;
-	if (prev_bp) {
-		bp = prev_bp->ovfl;
-		if (!bp || (bp->addr != addr))
-			bp = NULL;
-		if (!newpage)
-			is_disk = BUF_DISK;
-	} else {
-		/* Grab buffer out of directory */
-		segment_ndx = addr & (hashp->SGSIZE - 1);
-
-		/* valid segment ensured by __call_hash() */
-		segp = hashp->dir[addr >> hashp->SSHIFT];
-#ifdef DEBUG
-		assert(segp != NULL);
-#endif  
-
-		bp = PTROF(segp[segment_ndx]);
-
-		is_disk_mask = ISDISK(segp[segment_ndx]);
-		is_disk = is_disk_mask || !hashp->new_file;
-	}
-
-	if (!bp) {
-		bp = newbuf(hashp, addr, prev_bp);
-		if (!bp)
-			return(NULL);
-		if(__get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0))
-		  {
-			/* free bp and its page */
-			if(prev_bp)
-			  {
-				/* if prev_bp is set then the new page that
-				 * failed is hooked onto prev_bp as an overflow page.
-				 * if we don't remove the pointer to the bad page
-				 * we may try and access it later and we will die
-				 * horribly because it will have already been
-				 * free'd and overwritten with bogus data.
-				 */
-				prev_bp->ovfl = NULL;
-			  }
-			BUF_REMOVE(bp);
-			free(bp->page);
-			free(bp);
-			return (NULL);
-		  }
-
-		if (!prev_bp)			
-		  {
-#if 0
-			/* 16 bit windows and mac can't handle the
-			 * oring of the is disk flag.
-		 	 */			
-			segp[segment_ndx] =
-			    (BUFHEAD *)((ptrdiff_t)bp | is_disk_mask);
-#else   
-			/* set the is_disk thing inside the structure
-			 */
-			bp->is_disk = is_disk_mask;
-			segp[segment_ndx] = bp;
-#endif
-		  }
-	} else {  
-		BUF_REMOVE(bp);
-		MRU_INSERT(bp);                 
-	}
-	return (bp);
-}
-
-/*
- * We need a buffer for this page. Either allocate one, or evict a resident
- * one (if we have as many buffers as we're allowed) and put this one in.
- *
- * If newbuf finds an error (returning NULL), it also sets errno.
- */
-static BUFHEAD *
-newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp)
-{
-	register BUFHEAD *bp;		/* The buffer we're going to use */
-	register BUFHEAD *xbp;		/* Temp pointer */
-	register BUFHEAD *next_xbp;
-	SEGMENT segp;
-	int segment_ndx;
-	uint16 oaddr, *shortp;
-
-	oaddr = 0;
-	bp = LRU;
-	/*
-	 * If LRU buffer is pinned, the buffer pool is too small. We need to
-	 * allocate more buffers.
-	 */
-	if (hashp->nbufs || (bp->flags & BUF_PIN)) {
-		/* Allocate a new one */
-		if ((bp = (BUFHEAD *)malloc(sizeof(BUFHEAD))) == NULL)
-			return (NULL);
-
-		/* this memset is supposedly unnecessary but lets add
-		 * it anyways.
-		 */
-		memset(bp, 0xff, sizeof(BUFHEAD));
-
-		if ((bp->page = (char *)malloc((size_t)hashp->BSIZE)) == NULL) {
-			free(bp);
-			return (NULL);
-		}
-
-		/* this memset is supposedly unnecessary but lets add
-		 * it anyways.
-		 */
-		memset(bp->page, 0xff, (size_t)hashp->BSIZE);
-
-		if (hashp->nbufs)
-			hashp->nbufs--;
-	} else {
-		/* Kick someone out */
-		BUF_REMOVE(bp);
-		/*
-		 * If this is an overflow page with addr 0, it's already been
-		 * flushed back in an overflow chain and initialized.
-		 */
-		if ((bp->addr != 0) || (bp->flags & BUF_BUCKET)) {
-			/*
-			 * Set oaddr before __put_page so that you get it
-			 * before bytes are swapped.
-			 */
-			shortp = (uint16 *)bp->page;
-			if (shortp[0])
-			  {
-				if(shortp[0] > (hashp->BSIZE / sizeof(uint16)))
-				  {
-					return(NULL);
-				  }
-				oaddr = shortp[shortp[0] - 1];
-			  }
-			if ((bp->flags & BUF_MOD) && __put_page(hashp, bp->page,
-			    bp->addr, (int)IS_BUCKET(bp->flags), 0))
-				return (NULL);
-			/*
-			 * Update the pointer to this page (i.e. invalidate it).
-			 *
-			 * If this is a new file (i.e. we created it at open
-			 * time), make sure that we mark pages which have been
-			 * written to disk so we retrieve them from disk later,
-			 * rather than allocating new pages.
-			 */
-			if (IS_BUCKET(bp->flags)) {
-				segment_ndx = bp->addr & (hashp->SGSIZE - 1);
-				segp = hashp->dir[bp->addr >> hashp->SSHIFT];
-#ifdef DEBUG
-				assert(segp != NULL);
-#endif
-
-				if (hashp->new_file &&
-				    ((bp->flags & BUF_MOD) ||
-				    ISDISK(segp[segment_ndx])))
-					segp[segment_ndx] = (BUFHEAD *)BUF_DISK;
-				else
-					segp[segment_ndx] = NULL;
-			}
-			/*
-			 * Since overflow pages can only be access by means of
-			 * their bucket, free overflow pages associated with
-			 * this bucket.
-			 */
-			for (xbp = bp; xbp->ovfl;) {
-				next_xbp = xbp->ovfl;
-				xbp->ovfl = 0;
-				xbp = next_xbp;
-
-				/* leave pinned pages alone, we are still using
-				 * them. */
-				if (xbp->flags & BUF_PIN) {
-					continue;
-				}
-
-				/* Check that ovfl pointer is up date. */
-				if (IS_BUCKET(xbp->flags) ||
-				    (oaddr != xbp->addr))
-					break;
-
-				shortp = (uint16 *)xbp->page;
-				if (shortp[0])
-				  {
-					/* LJM is the number of reported
-					 * pages way too much?
-					 */
-					if(shortp[0] > hashp->BSIZE/sizeof(uint16))
-						return NULL;
-					/* set before __put_page */
-					oaddr = shortp[shortp[0] - 1];
-				  }
-				if ((xbp->flags & BUF_MOD) && __put_page(hashp,
-				    xbp->page, xbp->addr, 0, 0))
-					return (NULL);
-				xbp->addr = 0;
-				xbp->flags = 0;
-				BUF_REMOVE(xbp);
-				LRU_INSERT(xbp);
-			}
-		}
-	}
-
-	/* Now assign this buffer */
-	bp->addr = addr;
-#ifdef DEBUG1
-	(void)fprintf(stderr, "NEWBUF1: %d->ovfl was %d is now %d\n",
-	    bp->addr, (bp->ovfl ? bp->ovfl->addr : 0), 0);
-#endif
-	bp->ovfl = NULL;
-	if (prev_bp) {
-		/*
-		 * If prev_bp is set, this is an overflow page, hook it in to
-		 * the buffer overflow links.
-		 */
-#ifdef DEBUG1
-		(void)fprintf(stderr, "NEWBUF2: %d->ovfl was %d is now %d\n",
-		    prev_bp->addr, (prev_bp->ovfl ? bp->ovfl->addr : 0),
-		    (bp ? bp->addr : 0));
-#endif
-		prev_bp->ovfl = bp;
-		bp->flags = 0;
-	} else
-		bp->flags = BUF_BUCKET;
-	MRU_INSERT(bp);
-	return (bp);
-}
-
-extern void __buf_init(HTAB *hashp, int32 nbytes)
-{
-	BUFHEAD *bfp;
-	int npages;
-
-	bfp = &(hashp->bufhead);
-	npages = (nbytes + hashp->BSIZE - 1) >> hashp->BSHIFT;
-	npages = PR_MAX(npages, MIN_BUFFERS);
-
-	hashp->nbufs = npages;
-	bfp->next = bfp;
-	bfp->prev = bfp;
-	/*
-	 * This space is calloc'd so these are already null.
-	 *
-	 * bfp->ovfl = NULL;
-	 * bfp->flags = 0;
-	 * bfp->page = NULL;
-	 * bfp->addr = 0;
-	 */
-}
-
-extern int
-__buf_free(HTAB *hashp, int do_free, int to_disk)
-{
-	BUFHEAD *bp;
-	int status = -1;
-
-	/* Need to make sure that buffer manager has been initialized */
-	if (!LRU)
-		return (0);
-	for (bp = LRU; bp != &hashp->bufhead;) {
-		/* Check that the buffer is valid */
-		if (bp->addr || IS_BUCKET(bp->flags)) {
-			if (to_disk && (bp->flags & BUF_MOD) &&
-			    (status = __put_page(hashp, bp->page,
-			    bp->addr, IS_BUCKET(bp->flags), 0))) {
-			  
-				if (do_free) {
-					if (bp->page)
-						free(bp->page);
-					BUF_REMOVE(bp);
-					free(bp);
-				}
-				
-				return (status);
-			}
-		}
-		/* Check if we are freeing stuff */
-		if (do_free) {
-			if (bp->page)
-				free(bp->page);
-			BUF_REMOVE(bp);
-			free(bp);
-			bp = LRU;
-		} else
-			bp = bp->prev;
-	}
-	return (0);
-}
-
-extern void
-__reclaim_buf(HTAB *hashp, BUFHEAD *bp)
-{
-	bp->ovfl = 0;
-	bp->addr = 0;
-	bp->flags = 0;
-	BUF_REMOVE(bp);
-	LRU_INSERT(bp);
-}
diff --git a/dbm/src/hsearch.c b/dbm/src/hsearch.c
deleted file mode 100644
index fb8a58bad..000000000
--- a/dbm/src/hsearch.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hsearch.c	8.4 (Berkeley) 7/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef macintosh
-#include <sys/types.h>
-#endif
-
-#include <fcntl.h>
-#include <string.h>
-
-#include "mcom_db.h"
-#include "hsearch.h"
-
-static DB *dbp = NULL;
-static ENTRY retval;
-
-extern int
-hcreate(uint nel)
-{
-	HASHINFO info;
-
-	info.nelem = nel;
-	info.bsize = 256;
-	info.ffactor = 8;
-	info.cachesize = 0;
-	info.hash = NULL;
-	info.lorder = 0;
-	dbp = (DB *)__hash_open(NULL, O_CREAT | O_RDWR, 0600, &info, 0);
-	return ((int)dbp);
-}
-
-extern ENTRY *
-hsearch(ENTRY item, ACTION action)
-{
-	DBT key, val;
-	int status;
-
-	if (!dbp)
-		return (NULL);
-	key.data = (uint8 *)item.key;
-	key.size = strlen(item.key) + 1;
-
-	if (action == ENTER) {
-		val.data = (uint8 *)item.data;
-		val.size = strlen(item.data) + 1;
-		status = (dbp->put)(dbp, &key, &val, R_NOOVERWRITE);
-		if (status)
-			return (NULL);
-	} else {
-		/* FIND */
-		status = (dbp->get)(dbp, &key, &val, 0);
-		if (status)
-			return (NULL);
-		else
-			item.data = (char *)val.data;
-	}
-	retval.key = item.key;
-	retval.data = item.data;
-	return (&retval);
-}
-
-extern void
-hdestroy()
-{
-	if (dbp) {
-		(void)(dbp->close)(dbp);
-		dbp = NULL;
-	}
-}
diff --git a/dbm/src/memmove.c b/dbm/src/memmove.c
deleted file mode 100644
index 70eb1e5d2..000000000
--- a/dbm/src/memmove.c
+++ /dev/null
@@ -1,150 +0,0 @@
-#if defined(__sun) && !defined(__SVR4)
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Chris Torek.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)bcopy.c	8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#else
-#include "cdefs.h"
-#endif
-#include <string.h>
-
-/*
- * sizeof(word) MUST BE A POWER OF TWO
- * SO THAT wmask BELOW IS ALL ONES
- */
-typedef	int word;		/* "word" used for optimal copy speed */
-
-#define	wsize	sizeof(word)
-#define	wmask	(wsize - 1)
-
-/*
- * Copy a block of memory, handling overlap.
- * This is the routine that actually implements
- * (the portable versions of) bcopy, memcpy, and memmove.
- */
-#ifdef MEMCOPY
-void *
-memcpy(dst0, src0, length)
-#else
-#ifdef MEMMOVE
-void *
-memmove(dst0, src0, length)
-#else
-void
-bcopy(src0, dst0, length)
-#endif
-#endif
-	void *dst0;
-	const void *src0;
-	register size_t length;
-{
-	register char *dst = dst0;
-	register const char *src = src0;
-	register size_t t;
-
-	if (length == 0 || dst == src)		/* nothing to do */
-		goto done;
-
-	/*
-	 * Macros: loop-t-times; and loop-t-times, t>0
-	 */
-#define	TLOOP(s) if (t) TLOOP1(s)
-#define	TLOOP1(s) do { s; } while (--t)
-
-	if ((unsigned long)dst < (unsigned long)src) {
-		/*
-		 * Copy forward.
-		 */
-		t = (int)src;	/* only need low bits */
-		if ((t | (int)dst) & wmask) {
-			/*
-			 * Try to align operands.  This cannot be done
-			 * unless the low bits match.
-			 */
-			if ((t ^ (int)dst) & wmask || length < wsize)
-				t = length;
-			else
-				t = wsize - (t & wmask);
-			length -= t;
-			TLOOP1(*dst++ = *src++);
-		}
-		/*
-		 * Copy whole words, then mop up any trailing bytes.
-		 */
-		t = length / wsize;
-		TLOOP(*(word *)dst = *(word *)src; src += wsize; dst += wsize);
-		t = length & wmask;
-		TLOOP(*dst++ = *src++);
-	} else {
-		/*
-		 * Copy backwards.  Otherwise essentially the same.
-		 * Alignment works as before, except that it takes
-		 * (t&wmask) bytes to align, not wsize-(t&wmask).
-		 */
-		src += length;
-		dst += length;
-		t = (int)src;
-		if ((t | (int)dst) & wmask) {
-			if ((t ^ (int)dst) & wmask || length <= wsize)
-				t = length;
-			else
-				t &= wmask;
-			length -= t;
-			TLOOP1(*--dst = *--src);
-		}
-		t = length / wsize;
-		TLOOP(src -= wsize; dst -= wsize; *(word *)dst = *(word *)src);
-		t = length & wmask;
-		TLOOP(*--dst = *--src);
-	}
-done:
-#if defined(MEMCOPY) || defined(MEMMOVE)
-	return (dst0);
-#else
-	return;
-#endif
-}
-#endif /* no __sgi */
-
-/* Some compilers don't like an empty source file. */
-static int dummy = 0;
diff --git a/dbm/src/mktemp.c b/dbm/src/mktemp.c
deleted file mode 100644
index 574eb9fe5..000000000
--- a/dbm/src/mktemp.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- * Copyright (c) 1987, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)mktemp.c	8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifdef macintosh
-#include <unix.h>
-#else
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-#include <fcntl.h>
-#include <errno.h>
-#include <stdio.h>
-#include <ctype.h>
-#include "mcom_db.h"
-
-#if !defined(_WINDOWS) && !defined(XP_OS2_VACPP)
-#include <unistd.h>
-#endif
-
-#ifdef XP_OS2_VACPP
-#define ENOTDIR EBADPOS
-#include <process.h>
-#include <dirent.h>
-#endif
-
-#ifdef _WINDOWS
-#include <process.h>
-#include "winfile.h"
-#endif
-
-static int _gettemp(char *path, register int *doopen, int extraFlags);
-
-int
-mkstemp(char *path)
-{
-#ifdef XP_OS2
-	FILE *temp = tmpfile();
-
-	return (temp ? fileno(temp) : -1);
-#else
-	int fd;
-
-	return (_gettemp(path, &fd, 0) ? fd : -1);
-#endif
-}
-
-int
-mkstempflags(char *path, int extraFlags)
-{
-	int fd;
-
-	return (_gettemp(path, &fd, extraFlags) ? fd : -1);
-}
-
-char *
-mktemp(char *path)
-{
-	return(_gettemp(path, (int *)NULL, 0) ? path : (char *)NULL);
-}
-
-/* NB: This routine modifies its input string, and does not always restore it.
-** returns 1 on success, 0 on failure.
-*/
-static int 
-_gettemp(char *path, register int *doopen, int extraFlags)
-{    
-#if !defined(_WINDOWS) || defined(_WIN32)
-	extern int errno;                    
-#endif
-	register char *start, *trv;
-	struct stat sbuf;
-	unsigned int pid;
-
-	pid = getpid();
-	for (trv = path; *trv; ++trv);		/* extra X's get set to 0's */
-	while (*--trv == 'X') {
-		*trv = (pid % 10) + '0';
-		pid /= 10;
-	}
-
-	/*
-	 * check the target directory; if you have six X's and it
-	 * doesn't exist this runs for a *very* long time.
-	 */
-	for (start = trv + 1;; --trv) {
-		char saved;
-		if (trv <= path)
-			break;
-		saved = *trv;
-		if (saved == '/' || saved == '\\') {
-			int rv;
-			*trv = '\0';
-			rv = stat(path, &sbuf);
-			*trv = saved;
-			if (rv)
-				return(0);
-			if (!S_ISDIR(sbuf.st_mode)) {
-				errno = ENOTDIR;
-				return(0);
-			}
-			break;
-		}
-	}
-
-	for (;;) {
-		if (doopen) {
-			if ((*doopen =
-			    open(path, O_CREAT|O_EXCL|O_RDWR|extraFlags, 0600)) >= 0)
-				return(1);
-			if (errno != EEXIST)
-				return(0);
-		}
-		else if (stat(path, &sbuf))
-			return(errno == ENOENT ? 1 : 0);
-
-		/* tricky little algorithm for backward compatibility */
-		for (trv = start;;) {
-			if (!*trv)
-				return(0);
-			if (*trv == 'z')
-				*trv++ = 'a';
-			else {
-				if (isdigit(*trv))
-					*trv = 'a';
-				else
-					++*trv;
-				break;
-			}
-		}
-	}
-	/*NOTREACHED*/
-}
diff --git a/dbm/src/ndbm.c b/dbm/src/ndbm.c
deleted file mode 100644
index 03d5cf381..000000000
--- a/dbm/src/ndbm.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)ndbm.c	8.4 (Berkeley) 7/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * This package provides a dbm compatible interface to the new hashing
- * package described in db(3).
- */
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(XP_OS2_VACPP)
-#include <sys/param.h>
-#endif
-
-#if defined(__linux)
-#include <linux/limits.h>
-#endif
-
-#ifdef __OS2__
-#include "dirent.h"
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#include "ndbm.h"
-#include "hash.h"
-
-/*
- * Returns:
- * 	*DBM on success
- *	 NULL on failure
- */
-extern DBM *
-dbm_open(const char *file, int flags, int mode)
-{
-	HASHINFO info;
-	char path[MAXPATHLEN];
-
-	info.bsize = 4096;
-	info.ffactor = 40;
-	info.nelem = 1;
-	info.cachesize = 0;
-	info.hash = NULL;
-	info.lorder = 0;
-	(void)strcpy(path, file);
-	(void)strcat(path, DBM_SUFFIX);
-	return ((DBM *)__hash_open(path, flags, mode, &info, 0));
-}
-
-extern void
-dbm_close(DBM *db)
-{
-	(void)(db->close)(db);
-}
-
-/*
- * Returns:
- *	DATUM on success
- *	NULL on failure
- */
-extern datum
-dbm_fetch(DBM *db, datum key)
-{
-	datum retval;
-	int status;
-
-	status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0);
-	if (status) {
-		retval.dptr = NULL;
-		retval.dsize = 0;
-	}
-	return (retval);
-}
-
-/*
- * Returns:
- *	DATUM on success
- *	NULL on failure
- */
-extern datum
-dbm_firstkey(DBM *db)
-{
-	int status;
-	datum retdata, retkey;
-
-	status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST);
-	if (status)
-		retkey.dptr = NULL;
-	return (retkey);
-}
-
-/*
- * Returns:
- *	DATUM on success
- *	NULL on failure
- */
-extern datum
-dbm_nextkey(DBM *db)
-{
-	int status;
-	datum retdata, retkey;
-
-	status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT);
-	if (status)
-		retkey.dptr = NULL;
-	return (retkey);
-}
-/*
- * Returns:
- *	 0 on success
- *	<0 failure
- */
-extern int
-dbm_delete(DBM *db, datum key)
-{
-	int status;
-
-	status = (db->del)(db, (DBT *)&key, 0);
-	if (status)
-		return (-1);
-	else
-		return (0);
-}
-
-/*
- * Returns:
- *	 0 on success
- *	<0 failure
- *	 1 if DBM_INSERT and entry exists
- */
-extern int
-dbm_store(DBM *db, datum key, datum content, int flags)
-{
-	return ((db->put)(db, (DBT *)&key, (DBT *)&content,
-	    (flags == DBM_INSERT) ? R_NOOVERWRITE : 0));
-}
-
-
-extern int
-dbm_error(DBM *db)
-{
-	HTAB *hp;
-
-	hp = (HTAB *)db->internal;
-	return (hp->dbmerrno);
-}
-
-extern int
-dbm_clearerr(DBM *db)
-{
-	HTAB *hp;
-
-	hp = (HTAB *)db->internal;
-	hp->dbmerrno = 0;
-	return (0);
-}
-
-extern int
-dbm_dirfno(DBM *db)
-{
-	return(((HTAB *)db->internal)->fp);
-}
diff --git a/dbm/src/nsres.c b/dbm/src/nsres.c
deleted file mode 100644
index e383d58e5..000000000
--- a/dbm/src/nsres.c
+++ /dev/null
@@ -1,307 +0,0 @@
-#include "watcomfx.h"
-
-#include "nsres.h"
-
-#include <stdio.h>
-
-#include <stdlib.h>
-
-#include <string.h>
-
-struct RESDATABASE
-{
-	DB *hdb;
-	NSRESTHREADINFO *threadinfo;
-	char * pbuf[MAXBUFNUM];
-} ;
-typedef struct RESDATABASE *  RESHANDLE;
-
-typedef struct STRINGDATA
-{
-	char *str;
-	unsigned int charsetid;
-} STRINGDATA;
-
-
-typedef unsigned int CHARSETTYPE;
-#define RES_LOCK	if (hres->threadinfo)   hres->threadinfo->fn_lock(hres->threadinfo->lock);
-#define RES_UNLOCK  if (hres->threadinfo)   hres->threadinfo->fn_unlock(hres->threadinfo->lock);
-
-int GenKeyData(const char *library, int32 id, DBT *key);
-
-/* 
-  Right now, the page size used for resource is same as for Navigator cache
-  database
- */
-HASHINFO res_hash_info = {
-        32*1024,
-        0,
-        0,
-        0,
-        0,   /* 64 * 1024U  */
-        0};
-
-int GenKeyData(const char *library, int32 id, DBT *key)
-{
-	char idstr[10];
-	static char * strdata = NULL;
-	size_t len;
-
-	if (strdata)
-		free (strdata);
-
-	if (id == 0)
-		idstr[0] = '\0';
-	else
-	{
-		sprintf(idstr, "%d", id);
-		/*	itoa(id, idstr, 10);  */
-	}
-
-	if (library == NULL)
-		len = strlen(idstr) + 1;
-	else
-		len = strlen(library) + strlen(idstr) + 1;
-	strdata = (char *) malloc (len);
-	strcpy(strdata, library);
-	strcat(strdata, idstr);
-
-	key->size = len;
-	key->data = strdata;
-
-	return 1;
-}
-
-NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo)
-{
-	RESHANDLE hres;
-	int flag;
-
-	flag = O_RDWR | O_CREAT;
-
-	hres = (RESHANDLE) malloc ( sizeof(struct RESDATABASE) );
-	memset(hres, 0, sizeof(struct RESDATABASE));
-
-	if (threadinfo && threadinfo->lock && threadinfo->fn_lock 
-	  && threadinfo->fn_unlock)
-	{
-		hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) );
-		hres->threadinfo->lock = threadinfo->lock;
-		hres->threadinfo->fn_lock = threadinfo->fn_lock;
-		hres->threadinfo->fn_unlock = threadinfo->fn_unlock;
-	}
-
-
-	RES_LOCK
-
-	hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info);
-
-	RES_UNLOCK
-
-	if(!hres->hdb)
-		return NULL;
-
-	return (NSRESHANDLE) hres;
-}
-
-NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo)
-{
-	RESHANDLE hres;
-	int flag;
-
-	flag = O_RDONLY;  /* only open database for reading */
-
-	hres = (RESHANDLE) malloc ( sizeof(struct RESDATABASE) );
-	memset(hres, 0, sizeof(struct RESDATABASE));
-
-	if (threadinfo && threadinfo->lock && threadinfo->fn_lock 
-	  && threadinfo->fn_unlock)
-	{
-		hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) );
-		hres->threadinfo->lock = threadinfo->lock;
-		hres->threadinfo->fn_lock = threadinfo->fn_lock;
-		hres->threadinfo->fn_unlock = threadinfo->fn_unlock;
-	}
-
-
-	RES_LOCK
-
-	hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info);
-
-	RES_UNLOCK
-
-	if(!hres->hdb)
-		return NULL;
-
-	return (NSRESHANDLE) hres;
-}
-
-
-
-void NSResCloseTable(NSRESHANDLE handle)
-{
-	RESHANDLE hres;
-	int i;
-
-	if (handle == NULL)
-		return;
-	hres = (RESHANDLE) handle;
-
-	RES_LOCK
-
-	(*hres->hdb->sync)(hres->hdb, 0);
-	(*hres->hdb->close)(hres->hdb);
-
-	RES_UNLOCK
-
-	for (i = 0; i < MAXBUFNUM; i++)
-	{
-		if (hres->pbuf[i])
-			free (hres->pbuf[i]);
-	}
-
-	if (hres->threadinfo)
-		free (hres->threadinfo);
-	free (hres);
-}
-
-
-char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id, 
-	unsigned int charsetid, char *retbuf)
-{
-	int status;
-	RESHANDLE hres;
-	DBT key, data;
-	if (handle == NULL)
-		return NULL;
-
-	hres = (RESHANDLE) handle;
-	GenKeyData(library, id, &key);
-
-	RES_LOCK
-
-	status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
-	RES_UNLOCK
-
-	if (retbuf)
-	{
-		memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE));
-		return retbuf;
-	}
-	else 
-	{
-		static int WhichString = 0;
-		static int bFirstTime = 1;
-		char *szLoadedString;
-		int i;
-
-		RES_LOCK
-
-		if (bFirstTime) {
-			for (i = 0; i < MAXBUFNUM; i++)
-				hres->pbuf[i] = (char *) malloc(MAXSTRINGLEN * sizeof(char));
-			bFirstTime = 0; 
-		} 
-
-		szLoadedString = hres->pbuf[WhichString];
-		WhichString++;
-
-		/* reset to 0, if WhichString reaches to the end */
-		if (WhichString == MAXBUFNUM)  
-			WhichString = 0;
-
-		if (status == 0)
-			memcpy(szLoadedString, (char *) data.data + sizeof(CHARSETTYPE), 
-			  data.size - sizeof(CHARSETTYPE));
-		else
-			szLoadedString[0] = 0; 
-
-		RES_UNLOCK
-
-		return szLoadedString;
-	}
-}
-
-int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id)
-{
-	int status;
-	RESHANDLE hres;
-	DBT key, data;
-	if (handle == NULL)
-		return 0;
-	hres = (RESHANDLE) handle;
-	GenKeyData(library, id, &key);
-
-	RES_LOCK
-
-	status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
-	RES_UNLOCK
-
-	return data.size - sizeof(CHARSETTYPE);
-}
-
-int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf)
-{
-	int status;
-	RESHANDLE hres;
-	DBT key, data;
-	if (handle == NULL)
-		return 0;
-	hres = (RESHANDLE) handle;
-	GenKeyData(library, id, &key);
-
-	RES_LOCK
-
-	status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
-	RES_UNLOCK
-
-	if (retbuf)
-	{
-		memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE));
-		return data.size;
-	}
-	else
-		return 0;
-}
-
-int NSResAddString(NSRESHANDLE handle, const char *library, int32 id, 
-  const char *string, unsigned int charset)
-{
-	int status;
-	RESHANDLE hres;
-	DBT key, data;
-	char * recdata;
-
-	if (handle == NULL)
-		return 0;
-	hres = (RESHANDLE) handle;
-
-	GenKeyData(library, id, &key);
-
-	data.size = sizeof(CHARSETTYPE) + (strlen(string) + 1) ;
-
-	recdata = (char *) malloc(data.size) ;
-
-	/* set charset to the first field of record data */
-	*((CHARSETTYPE *)recdata) = (CHARSETTYPE)charset;
-
-	/* set data field */
-	memcpy(recdata+sizeof(CHARSETTYPE), string, strlen(string) + 1);
-
-	data.data = recdata;
-
-	RES_LOCK
-
-	status = (*hres->hdb->put)(hres->hdb, &key, &data, 0);
-
-
-	if (recdata)
-		free(recdata);
-
-	RES_UNLOCK
-
-	return status;
-}
diff --git a/dbm/src/snprintf.c b/dbm/src/snprintf.c
deleted file mode 100644
index 498778572..000000000
--- a/dbm/src/snprintf.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#ifndef HAVE_SNPRINTF
-
-#include "watcomfx.h"
-#include <sys/types.h>
-#include <stddef.h>
-#include <stdio.h>
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#else
-#include "cdefs.h"
-#endif
-
-#include "prtypes.h"
-
-#include <ncompat.h>
-
-/* The OS/2 VAC compiler doesn't appear to define __STDC__ and won't let us define it either */
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-#include <stdarg.h>
-#else
-#include <varargs.h>
-#endif
-
-int
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-snprintf(char *str, size_t n, const char *fmt, ...)
-#else
-snprintf(str, n, fmt, va_alist)
-	char *str;
-	size_t n;
-	const char *fmt;
-	va_dcl
-#endif
-{
-	va_list ap;
-#ifdef VSPRINTF_CHARSTAR
-	char *rp;
-#else
-	int rval;
-#endif
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-	va_start(ap, fmt);
-#else
-	va_start(ap);
-#endif
-#ifdef VSPRINTF_CHARSTAR
-	rp = vsprintf(str, fmt, ap);
-	va_end(ap);
-	return (strlen(rp));
-#else
-	rval = vsprintf(str, fmt, ap);
-	va_end(ap);
-	return (rval);
-#endif
-}
-
-int
-vsnprintf(str, n, fmt, ap)
-	char *str;
-	size_t n;
-	const char *fmt;
-	va_list ap;
-{
-#ifdef VSPRINTF_CHARSTAR
-	return (strlen(vsprintf(str, fmt, ap)));
-#else
-	return (vsprintf(str, fmt, ap));
-#endif
-}
-
-#endif /* HAVE_SNPRINTF */
-
-/* Some compilers don't like an empty source file. */
-static int dummy = 0;
diff --git a/dbm/src/strerror.c b/dbm/src/strerror.c
deleted file mode 100644
index d1ae2666a..000000000
--- a/dbm/src/strerror.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- *	The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by the University of
- *	California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)strerror.c	8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#include <string.h>
-
-#ifdef _DLL
-#define sys_nerr    (*_sys_nerr_dll)
-#endif
-
-#ifndef HAVE_STRERROR
-#ifndef _AFXDLL
-char *
-strerror(num)
-	int num;
-{
-	extern int sys_nerr;
-	extern char *sys_errlist[];
-#define	UPREFIX	"Unknown error: "
-	static char ebuf[40] = UPREFIX;		/* 64-bit number + slop */
-	register unsigned int errnum;
-	register char *p, *t;
-	char tmp[40];
-
-	errnum = num;				/* convert to unsigned */
-	if (errnum < sys_nerr)
-		return(sys_errlist[errnum]);
-
-	/* Do this by hand, so we don't include stdio(3). */
-	t = tmp;
-	do {
-		*t++ = "0123456789"[errnum % 10];
-	} while (errnum /= 10);
-	for (p = ebuf + sizeof(UPREFIX) - 1;;) {
-		*p++ = *--t;
-		if (t <= tmp)
-			break;
-	}
-	return(ebuf);
-}
-
-#endif
-#endif /* !HAVE_STRERROR */
diff --git a/dbm/tests/.cvsignore b/dbm/tests/.cvsignore
deleted file mode 100644
index a21fbfc35..000000000
--- a/dbm/tests/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-Makefile
-lots
-test.db
diff --git a/dbm/tests/Makefile.in b/dbm/tests/Makefile.in
deleted file mode 100644
index 96cbdf8b5..000000000
--- a/dbm/tests/Makefile.in
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/NPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s): 
-#
-
-DEPTH		= ../..
-topsrcdir	= @top_srcdir@
-srcdir		= @srcdir@
-VPATH		= @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE		= dbm
-PROGRAM		= lots$(BIN_SUFFIX)
-
-CSRCS		= lots.c
-
-ifeq ($(OS_ARCH),WINNT)
-EXTRA_DSO_LIBS	= dbm$(MOZ_BITS)
-else
-EXTRA_DSO_LIBS	= mozdbm_s
-endif
-
-LIBS		= $(EXTRA_DSO_LIBS)
-
-include $(topsrcdir)/config/rules.mk
-
-ifeq ($(OS_ARCH), Linux)
-DEFINES         += -D_BSD_SOURCE
-endif
diff --git a/dbm/tests/lots.c b/dbm/tests/lots.c
deleted file mode 100644
index 0b3191e74..000000000
--- a/dbm/tests/lots.c
+++ /dev/null
@@ -1,639 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: NPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Netscape Public License
- * Version 1.1 (the "License"); you may not use this file except in
- * compliance with the License. You may obtain a copy of the License at
- * http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is 
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the NPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the NPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* use sequental numbers printed to strings
- * to store lots and lots of entries in the
- * database.
- *
- * Start with 100 entries, put them and then
- * read them out.  Then delete the first
- * half and verify that all of the first half
- * is gone and then verify that the second
- * half is still there.
- * Then add the first half back and verify
- * again.  Then delete the middle third
- * and verify again.
- * Then increase the size by 1000 and do
- * the whole add delete thing again.
- *
- * The data for each object is the number string translated
- * to hex and replicated a random number of times.  The
- * number of times that the data is replicated is the first
- * int32 in the data.
- */
-
-#include <stdio.h>
-
-#include <stdlib.h>
-#ifdef STDC_HEADERS
-#include <stdarg.h>
-#else
-#include <varargs.h>
-#endif
-
-#ifdef HAVE_MEMORY_H
-#include <memory.h>
-#endif
-#include <string.h>
-#include <assert.h>
-#include "mcom_db.h"
-
-DB *database=0;
-int MsgPriority=5;
-
-#if defined(_WINDOWS) && !defined(WIN32)
-#define int32 long
-#define uint32 unsigned long
-#else
-#define int32 int
-#define uint32 unsigned int
-#endif
-
-typedef enum {
-USE_LARGE_KEY,
-USE_SMALL_KEY
-} key_type_enum;
-
-#define TraceMe(priority, msg) 		\
-	do {							\
-		if(priority <= MsgPriority)	\
-		  {							\
-			ReportStatus msg;		\
-		  }							\
-	} while(0)
-
-int
-ReportStatus(char *string, ...)
-{
-    va_list args;
-
-#ifdef STDC_HEADERS
-    va_start(args, string);
-#else
-    va_start(args);
-#endif
-    vfprintf(stderr, string, args);
-    va_end(args);
-
-	fprintf (stderr, "\n");
-
-	return(0);
-}
-
-int
-ReportError(char *string, ...)
-{
-    va_list args;
-
-#ifdef STDC_HEADERS
-    va_start(args, string);
-#else
-    va_start(args);
-#endif
-	fprintf (stderr, "\n	");
-    vfprintf(stderr, string, args);
-	fprintf (stderr, "\n");
-    va_end(args);
-
-	return(0);
-}
-
-DBT * MakeLargeKey(int32 num)
-{
-	int32 low_bits;
-	static DBT rv;
-	static char *string_rv=0;
-	int rep_char;
-	size_t size;
-
-	if(string_rv)
-		free(string_rv);
-
-	/* generate a really large text key derived from
-	 * an int32
-	 */
-	low_bits = (num % 10000) + 1;
-
-	/* get the repeat char from the low 26 */
-	rep_char = (char) ((low_bits % 26) + 'a');
-
-	/* malloc a string low_bits wide */
-	size = low_bits*sizeof(char);
-	string_rv = (char *)malloc(size);
-
-	memset(string_rv, rep_char, size);
-
-	rv.data = string_rv;
-	rv.size = size;
-
-	return(&rv);
-}
-
-DBT * MakeSmallKey(int32 num)
-{
-	static DBT rv;
-	static char data_string[64];
-
-	rv.data = data_string;
-
-	sprintf(data_string, "%ld", (long)num);
-	rv.size = strlen(data_string);
-
-	return(&rv);
-
-}
-
-DBT * GenKey(int32 num, key_type_enum key_type)
-{
-	DBT *key;
-
-	switch(key_type)
-	  {
-		case USE_LARGE_KEY:
-			key = MakeLargeKey(num);
-			break;
-		case USE_SMALL_KEY:
-			key = MakeSmallKey(num);
-			break;
-		default:
-			abort();
-			break;
-	  }
-
-	return(key);
-}
-
-int
-SeqDatabase()
-{
-	int status;
-	DBT key, data;
-
-	ReportStatus("SEQuencing through database...");
-
-	/* seq throught the whole database */
-    if(!(status = (*database->seq)(database, &key, &data, R_FIRST)))
-	  {
-        while(!(status = (database->seq) (database, &key, &data, R_NEXT)));
-			; /* null body */
-	  }
-
-	if(status < 0)
-		ReportError("Error seq'ing database");
-
-	return(status);
-}
-
-int 
-VerifyData(DBT *data, int32 num, key_type_enum key_type)
-{
-	int32 count, compare_num;
-	size_t size;
-	int32 *int32_array;
-
-	/* The first int32 is count 
-	 * The other n entries should
-	 * all equal num
-	 */
-	if(data->size < sizeof(int32))
-	  {
-		ReportError("Data size corrupted");
-		return -1;
-	  }
-
-	memcpy(&count, data->data, sizeof(int32));
-
-	size = sizeof(int32)*(count+1);
-
-	if(size != data->size)
-	  {
-		ReportError("Data size corrupted");
-		return -1;
-	  }
-
-	int32_array = (int32*)data->data;
-
-	for(;count > 0; count--)
-	  {
-		memcpy(&compare_num, &int32_array[count], sizeof(int32));
-
-		if(compare_num != num)
-	      {
-		    ReportError("Data corrupted");
-		    return -1;
-	      }
-	  }
-
-	return(0);
-}
-
-
-/* verify that a range of number strings exist
- * or don't exist. And that the data is valid
- */
-#define SHOULD_EXIST 1
-#define SHOULD_NOT_EXIST 0
-int
-VerifyRange(int32 low, int32 high, int32 should_exist, key_type_enum key_type)
-{
-	DBT *key, data;
-	int32 num;
-	int status;
-
-	TraceMe(1, ("Verifying: %ld to %ld, using %s keys", 
-		    low, high, key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
-
-	for(num = low; num <= high; num++)
-	  {
-
-		key = GenKey(num, key_type);
-
-		status = (*database->get)(database, key, &data, 0);
-
-		if(status == 0)
-		  {
-			/* got the item */
-			if(!should_exist)
-			  {
-				ReportError("Item exists but shouldn't: %ld", num);
-			  }
-			else
-			  {
-			    /* else verify the data */
-			    VerifyData(&data, num, key_type);
-			  }
-		  }
-		else if(status > 0)
-		  {
-			/* item not found */
-			if(should_exist)
-			  {
-				ReportError("Item not found but should be: %ld", num);
-			  }
-		  }
-		else
-		  {
-			/* database error */
-			ReportError("Database error");
-			return(-1);
-		  }
-			
-	  }
-
-	TraceMe(1, ("Correctly verified: %ld to %ld", low, high));
-
-	return(0);
-
-}
-
-DBT *
-GenData(int32 num)
-{
-	int32 n;
-	static DBT *data=0;
-	int32 *int32_array;
-	size_t size;
-
-	if(!data)
-	  {
-		data = (DBT*)malloc(sizeof(DBT));
-		data->size = 0;
-		data->data = 0;
-	  }
-	else if(data->data)
-	  {
-		free(data->data);
-	  }
-
-	n = rand();
-
-	n = n % 512;  /* bound to a 2K size */
-
-	
-	size = sizeof(int32)*(n+1);
-	int32_array = (int32 *) malloc(size);
-
-	memcpy(&int32_array[0], &n, sizeof(int32));
-
-	for(; n > 0; n--)
-	  {
-		memcpy(&int32_array[n], &num, sizeof(int32));
-	  }
-
-	data->data = (void*)int32_array;
-	data->size = size;
-
-	return(data);
-}
-
-#define ADD_RANGE 1
-#define DELETE_RANGE 2
-
-int
-AddOrDelRange(int32 low, int32 high, int action, key_type_enum key_type)
-{
-	DBT *key, *data;
-#if 0 /* only do this if your really analy checking the puts */
-	DBT tmp_data;
-#endif 
-	int32 num;
-	int status;
-
-	if(action != ADD_RANGE && action != DELETE_RANGE)
-		assert(0);
-
-	if(action == ADD_RANGE)
-	  {
-		TraceMe(1, ("Adding: %ld to %ld: %s keys", low, high,
-		    	key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
-	  }
-	else
-	  {
-		TraceMe(1, ("Deleting: %ld to %ld: %s keys", low, high,
-		    	key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
-	  }
-
-	for(num = low; num <= high; num++)
-	  {
-
-		key = GenKey(num, key_type);
-
-		if(action == ADD_RANGE)
-		  {
-			data = GenData(num);
-			status = (*database->put)(database, key, data, 0);
-		  }
-		else
-		  {
-			status = (*database->del)(database, key, 0);
-		  }
-
-		if(status < 0)
-		  {
-			ReportError("Database error %s item: %ld",
-							action == ADD_RANGE ? "ADDING" : "DELETING", 
-							num);
-		  }
-		else if(status > 0)
-		  {
-			ReportError("Could not %s item: %ld", 
-							action == ADD_RANGE ? "ADD" : "DELETE", 
-							num);
-		  }
-		else if(action == ADD_RANGE)
-		  {
-#define SYNC_EVERY_TIME
-#ifdef SYNC_EVERY_TIME
-			status = (*database->sync)(database, 0);
-			if(status != 0)
-				ReportError("Database error syncing after add");
-#endif
-
-#if 0 /* only do this if your really analy checking the puts */
-	 
-			/* make sure we can still get it
-			 */
-			status = (*database->get)(database, key, &tmp_data, 0);
-
-			if(status != 0)
-			  {
-				ReportError("Database error checking item just added: %d",
-							num);
-			  }
-			else
-			  {
-				/* now verify that none of the ones we already
-				 * put in have disappeared
-				 */
-				VerifyRange(low, num, SHOULD_EXIST, key_type);
-			  }
-#endif
-			
-		  }
-	  }
-
-
-	if(action == ADD_RANGE)
-	  {
-		TraceMe(1, ("Successfully added: %ld to %ld", low, high));
-	  }
-	else
-	  {
-		TraceMe(1, ("Successfully deleted: %ld to %ld", low, high));
-	  }
-
-	return(0);
-}
-
-int
-TestRange(int32 low, int32 range, key_type_enum key_type)
-{
-	int status; int32 low_of_range1, high_of_range1; int32 low_of_range2, high_of_range2;
-	int32 low_of_range3, high_of_range3;
-
-	status = AddOrDelRange(low, low+range, ADD_RANGE, key_type);
-	status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 1"));
-
-	SeqDatabase();
-
-	low_of_range1 = low;
-	high_of_range1 = low+(range/2);
-	low_of_range2 = high_of_range1+1;
-	high_of_range2 = low+range;
-	status = AddOrDelRange(low_of_range1, high_of_range1, DELETE_RANGE, key_type);
-	status = VerifyRange(low_of_range1, high_of_range1, SHOULD_NOT_EXIST, key_type);
-	status = VerifyRange(low_of_range2, low_of_range2, SHOULD_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 2"));
-
-	SeqDatabase();
-
-	status = AddOrDelRange(low_of_range1, high_of_range1, ADD_RANGE, key_type);
-	/* the whole thing should exist now */
-	status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 3"));
-
-	SeqDatabase();
-
-	status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
-	status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
-	status = VerifyRange(low_of_range2, high_of_range2, SHOULD_NOT_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 4"));
-
-	SeqDatabase();
-
-	status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
-	/* the whole thing should exist now */
-	status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 5"));
-
-	SeqDatabase();
-
-	low_of_range1 = low;
-	high_of_range1 = low+(range/3);
-	low_of_range2 = high_of_range1+1;
-	high_of_range2 = high_of_range1+(range/3);
-	low_of_range3 = high_of_range2+1;
-	high_of_range3 = low+range;
-	/* delete range 2 */
-	status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
-	status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
-	status = VerifyRange(low_of_range2, low_of_range2, SHOULD_NOT_EXIST, key_type);
-	status = VerifyRange(low_of_range3, low_of_range2, SHOULD_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 6"));
-
-	SeqDatabase();
-
-	status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
-	/* the whole thing should exist now */
-	status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
-	TraceMe(1, ("Finished with sub test 7"));
-
-	return(0);
-}
-
-#define START_RANGE 109876
-int
-main(int argc, char **argv)
-{
-	int32 i, j=0;
-    int quick_exit = 0;
-    int large_keys = 0;
-    HASHINFO hash_info = {
-        16*1024,
-        0,
-        0,
-        0,
-        0,
-        0};
-
-
-    if(argc > 1)
-      {
-        while(argc > 1)
-	  {
-            if(!strcmp(argv[argc-1], "-quick"))
-                quick_exit = 1;
-            else if(!strcmp(argv[argc-1], "-large"))
-			  {
-                large_keys = 1;
-			  }
-            argc--;
-          }
-      }
-
-	database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, &hash_info);
-
-	if(!database)
-	  {
-		ReportError("Could not open database");
-#ifdef unix
-		perror("");
-#endif
-		exit(1);
-	  }
-
-	if(quick_exit)
-	  {
-		if(large_keys)
-			TestRange(START_RANGE, 200, USE_LARGE_KEY);
-		else
-			TestRange(START_RANGE, 200, USE_SMALL_KEY);
-
-		(*database->sync)(database, 0);
-		(*database->close)(database);
-        exit(0);
-	  }
-
-	for(i=100; i < 10000000; i+=200)
-	  {
-		if(1 || j)
-		  {
-			TestRange(START_RANGE, i, USE_LARGE_KEY);
-			j = 0;
-		  }
-		else
-		  {
-			TestRange(START_RANGE, i, USE_SMALL_KEY);
-			j = 1;
-		  }
-
-		if(1 == rand() % 3)
-		  {
-			(*database->sync)(database, 0);
-		  }
-		
-		if(1 == rand() % 3)
-	 	  {
-			/* close and reopen */
-			(*database->close)(database);
-			database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
-			if(!database)
-	  		{
-				ReportError("Could not reopen database");
-#ifdef unix
-				perror("");
-#endif
-				exit(1);
-	  		}
-	 	  }
-		else
-		  {
-			/* reopen database without closeing the other */
-			database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
-			if(!database)
-	  		{
-				ReportError("Could not reopen database "
-							"after not closing the other");
-#ifdef unix
-				perror("");
-#endif
-				exit(1);
-	  		}
-	 	  }
-	  }
-
-	return(0);
-}
diff --git a/security/coreconf/AIX.mk b/security/coreconf/AIX.mk
deleted file mode 100644
index ce4849c2d..000000000
--- a/security/coreconf/AIX.mk
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX.
-#
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# There are two implementation strategies available on AIX:
-# pthreads, and pthreads-user.  The default is pthreads.
-# In both strategies, we need to use pthread_user.c, instead of
-# aix.c.  The fact that aix.c is never used is somewhat strange.
-# 
-# So we need to do the following:
-# - Default (PTHREADS_USER not defined in the environment or on
-#   the command line):
-#   Set PTHREADS_USER=1, USE_PTHREADS=1
-# - PTHREADS_USER=1 set in the environment or on the command line:
-#   Do nothing.
-#
-ifeq ($(PTHREADS_USER),1)
-	USE_PTHREADS =            # just to be safe
-	IMPL_STRATEGY = _PTH_USER
-else
-	USE_PTHREADS = 1
-	PTHREADS_USER = 1
-endif
-
-DEFAULT_COMPILER = xlC_r
-
-CC		= xlC_r
-CCC		= xlC_r
-
-CPU_ARCH	= rs6000
-
-RANLIB		= ranlib
-
-OS_CFLAGS	= -DAIX -DSYSV
-ifeq ($(CC),xlC_r)
-	OS_CFLAGS += -qarch=com
-endif
-
-AIX_WRAP	= $(DIST)/lib/aixwrap.o
-AIX_TMP		= $(OBJDIR)/_aix_tmp.o
-OS_LIBS		+= -lsvld
-ifdef MAPFILE
-EXPORT_RULES = -bexport:$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
-                sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' > $@
-
-ifdef BUILD_OPT
-        OPTIMIZER += -qmaxmem=-1
-endif
-
diff --git a/security/coreconf/AIX3.2.mk b/security/coreconf/AIX3.2.mk
deleted file mode 100644
index c93a00eef..000000000
--- a/security/coreconf/AIX3.2.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX3.2.5
-#
-include $(CORE_DEPTH)/coreconf/AIX.mk
diff --git a/security/coreconf/AIX4.1.mk b/security/coreconf/AIX4.1.mk
deleted file mode 100644
index 115ee8dc8..000000000
--- a/security/coreconf/AIX4.1.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX4.1
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-
-AIX_LINK_OPTS  += -bnso -berok
-#AIX_LINK_OPTS += -bnso -berok -brename:.select,.wrap_select -brename:.poll,.wrap_poll -bI:/usr/lib/syscalls.exp
-
-# The AIX4.1 linker had a bug which always looked for a dynamic library
-# with an extension of .a.  AIX4.2 fixed this problem
-DLL_SUFFIX = a
-
-OS_LIBS		+= -lsvld
-
-# override default value set in suffix.mk, for AIX 4.1 only
-DYNAMIC_LIB_EXTENSION = _shr
-
-# override default value in ruleset.mk
-ifdef LIBRARY_NAME
-    SHARED_LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION)_shr$(JDK_DEBUG_SUFFIX).a
-endif
-
diff --git a/security/coreconf/AIX4.2.mk b/security/coreconf/AIX4.2.mk
deleted file mode 100644
index 71280fdf7..000000000
--- a/security/coreconf/AIX4.2.mk
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# Config stuff for AIX4.2
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-OS_CFLAGS	+= -DAIX4_2
-DSO_LDOPTS	= -brtl -bM:SRE -bnoentry
-MKSHLIB		= $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm
-
-OS_LIBS		+= -L/usr/lpp/xlC/lib -lc -lm
-ifdef MAPFILE
-DSO_LDOPTS	+= -bexport:$(MAPFILE)
-else
-DSO_LDOPTS	+= -bexpall
-endif
-
-
diff --git a/security/coreconf/AIX4.3.mk b/security/coreconf/AIX4.3.mk
deleted file mode 100644
index 43ce77bc0..000000000
--- a/security/coreconf/AIX4.3.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX4.3
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-
-ifeq ($(USE_64), 1)
-# Next line replaced by generic name handling in arch.mk
-#	COMPILER_TAG    = _64
-	OS_CFLAGS	+= -DAIX_64BIT
-	OBJECT_MODE=64
-	export OBJECT_MODE
-endif
-OS_CFLAGS	+= -DAIX4_3
-DSO_LDOPTS	= -brtl -bM:SRE -bnoentry
-MKSHLIB		= $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm
-
-OS_LIBS		+= -L/usr/lpp/xlC/lib -lc -lm
-ifdef MAPFILE
-DSO_LDOPTS      += -bexport:$(MAPFILE)
-else
-DSO_LDOPTS      += -bexpall
-endif
diff --git a/security/coreconf/AIX5.1.mk b/security/coreconf/AIX5.1.mk
deleted file mode 100644
index daa999ba7..000000000
--- a/security/coreconf/AIX5.1.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for AIX5.1
-#
-
-include $(CORE_DEPTH)/coreconf/AIX.mk
-
-
-ifeq ($(USE_64), 1)
-# Next line replaced by generic name handling in arch.mk
-#	COMPILER_TAG    = _64
-	OS_CFLAGS	+= -DAIX_64BIT
-	OBJECT_MODE=64
-	export OBJECT_MODE
-endif
-DSO_LDOPTS	= -brtl -bM:SRE -bnoentry
-MKSHLIB		= $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm
-
-OS_LIBS		+= -L/usr/lpp/xlC/lib -lc -lm
-ifdef MAPFILE
-DSO_LDOPTS      += -bexport:$(MAPFILE)
-else
-DSO_LDOPTS      += -bexpall
-endif
diff --git a/security/coreconf/BSD_OS.mk b/security/coreconf/BSD_OS.mk
deleted file mode 100644
index e91c4a5d6..000000000
--- a/security/coreconf/BSD_OS.mk
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-#
-# Contributor(s): Kurt J. Lidl
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for BSD/OS
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER	= gcc
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-ifeq ($(OS_TEST),i386)
-	OS_REL_CFLAGS	= -D__i386__
-	CPU_ARCH	= x86
-else
-ifeq ($(OS_TEST),ppc)
-	OS_REL_CFLAGS	= -D__ppc__
-	CPU_ARCH	= ppc
-else
-ifeq ($(OS_TEST),sparc)
-	OS_REL_CFLAGS	= -D__sparc__
-	CPU_ARCH	= sparc
-else
-# treat the ultrasparc like a regular sparc, at least for now!
-ifeq ($(OS_TEST),sparc_v9)
-	OS_REL_CFLAGS	= -D__sparc__
-	CPU_ARCH	= sparc
-endif
-endif
-endif
-endif
-
-DLL_SUFFIX		= so
-
-OS_CFLAGS		= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wall -DBSD_OS -DBSDI -Dunix -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-ARCH			= bsdos
-
-DSO_CFLAGS		= -fPIC -DPIC
-DSO_LDOPTS		= -shared
-DSO_LDFLAGS		=
-DSO_LDOPTS		+= -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-
-ifdef LIBRUNPATH
-DSO_LDOPTS		+= -Wl,-R$(LIBRUNPATH)
-endif
-
-MKSHLIB			= $(CC) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-G++INCLUDES		= -I/usr/include/g++
-
-INCLUDES		+= -I/usr/X11R6/include
diff --git a/security/coreconf/BeOS.mk b/security/coreconf/BeOS.mk
deleted file mode 100644
index 4e8f3b239..000000000
--- a/security/coreconf/BeOS.mk
+++ /dev/null
@@ -1,79 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2002 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for BeOS
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-XP_DEFINE := $(XP_DEFINE:-DXP_UNIX=-DXP_BEOS)
-
-USE_PTHREADS = 
-
-ifeq ($(USE_PTHREADS),1)
-	IMPL_STRATEGY = _PTH
-endif
-
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-DEFAULT_COMPILER = gcc
-
-ifeq ($(OS_TEST),ppc)
-	OS_REL_CFLAGS	= -Dppc
-	CPU_ARCH	= ppc
-else
-	OS_REL_CFLAGS	= -Di386
-	CPU_ARCH	= x86
-endif
-
-MKSHLIB		= $(CC) -nostart -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
-	OPTIMIZER	= -O2
-endif
-
-OS_CFLAGS		= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wall -pipe
-OS_LIBS			= -lbe
-
-DEFINES			+= -DBEOS
-
-ifdef USE_PTHREADS
-	DEFINES		+= -D_REENTRANT
-endif
-
-ARCH			= beos
-
-DSO_CFLAGS		= -fPIC
-DSO_LDOPTS		=
-DSO_LDFLAGS		=
-
diff --git a/security/coreconf/Darwin.mk b/security/coreconf/Darwin.mk
deleted file mode 100644
index 59f5af8fd..000000000
--- a/security/coreconf/Darwin.mk
+++ /dev/null
@@ -1,76 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Darwin.
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-CC		= cc
-CCC		= c++
-RANLIB		= ranlib
-
-ifeq (86,$(findstring 86,$(OS_TEST)))
-OS_REL_CFLAGS	= -Di386
-CPU_ARCH	= i386
-else
-OS_REL_CFLAGS	= -Dppc
-CPU_ARCH	= ppc
-endif
-
-# "Commons" are tentative definitions in a global scope, like this:
-#     int x;
-# The meaning of a common is ambiguous.  It may be a true definition:
-#     int x = 0;
-# or it may be a declaration of a symbol defined in another file:
-#     extern int x;
-# Use the -fno-common option to force all commons to become true
-# definitions so that the linker can catch multiply-defined symbols.
-# Also, common symbols are not allowed with Darwin dynamic libraries.
-
-OS_CFLAGS	= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wmost -fpascal-strings -traditional-cpp -fno-common -pipe -DDARWIN -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-ifdef BUILD_OPT
-OPTIMIZER	= -O2
-endif
-
-ARCH		= darwin
-
-# May override this with -bundle to create a loadable module.
-DSO_LDOPTS	= -dynamiclib -compatibility_version 1 -current_version 1 -install_name @executable_path/$(notdir $@)
-
-MKSHLIB		= $(CC) -arch $(CPU_ARCH) $(DSO_LDOPTS)
-DLL_SUFFIX	= dylib
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
-                sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,_,' > $@
-
-G++INCLUDES	= -I/usr/include/g++
diff --git a/security/coreconf/FreeBSD.mk b/security/coreconf/FreeBSD.mk
deleted file mode 100644
index c07df1a6c..000000000
--- a/security/coreconf/FreeBSD.mk
+++ /dev/null
@@ -1,82 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for FreeBSD
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER	= gcc
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-ifeq ($(OS_TEST),alpha)
-CPU_ARCH		= alpha
-else
-CPU_ARCH		= x86
-endif
-
-OS_CFLAGS		= $(DSO_CFLAGS) -ansi -Wall -DFREEBSD -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-DSO_CFLAGS		= -fPIC
-DSO_LDOPTS		= -shared -Wl,-soname -Wl,$(notdir $@)
-
-#
-# The default implementation strategy for FreeBSD is pthreads.
-#
-ifndef CLASSIC_NSPR
-USE_PTHREADS		= 1
-DEFINES			+= -D_THREAD_SAFE -D_REENTRANT
-DSO_LDOPTS		+= -pthread
-endif
-
-ARCH			= freebsd
-
-MOZ_OBJFORMAT		:= $(shell test -x /usr/bin/objformat && /usr/bin/objformat || echo aout)
-
-ifeq ($(MOZ_OBJFORMAT),elf)
-DLL_SUFFIX		= so
-else
-DLL_SUFFIX		= so.1.0
-endif
-
-MKSHLIB			= $(CC) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-G++INCLUDES		= -I/usr/include/g++
-
-INCLUDES		+= -I/usr/X11R6/include
diff --git a/security/coreconf/HP-UX.mk b/security/coreconf/HP-UX.mk
deleted file mode 100644
index a6a392935..000000000
--- a/security/coreconf/HP-UX.mk
+++ /dev/null
@@ -1,76 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# Config stuff for HP-UX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CPU_ARCH   = hppa
-DLL_SUFFIX = sl
-CC         = cc
-CCC        = CC
-OS_CFLAGS  += -Ae $(DSO_CFLAGS) -DHPUX -D$(CPU_ARCH) -D_HPUX_SOURCE
-
-ifeq ($(DEFAULT_IMPL_STRATEGY),_PTH)
-	USE_PTHREADS = 1
-	ifeq ($(CLASSIC_NSPR),1)
-		USE_PTHREADS =
-		IMPL_STRATEGY = _CLASSIC
-	endif
-	ifeq ($(PTHREADS_USER),1)
-		USE_PTHREADS =
-		IMPL_STRATEGY = _PTH_USER
-	endif
-endif
-
-ifdef PTHREADS_USER
-	OS_CFLAGS	+= -D_POSIX_C_SOURCE=199506L
-endif
-
-LDFLAGS			= -z -Wl,+s
-
-MKSHLIB			= $(LD) $(DSO_LDOPTS)
-ifdef MAPFILE
-MKSHLIB += -c $(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
-         sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,+e ,' > $@
-
-DSO_LDOPTS		= -b +h $(notdir $@)
-DSO_LDFLAGS		=
-
-# +Z generates position independent code for use in shared libraries.
-DSO_CFLAGS = +Z
diff --git a/security/coreconf/HP-UXA.09.03.mk b/security/coreconf/HP-UXA.09.03.mk
deleted file mode 100644
index 7ac02ae2a..000000000
--- a/security/coreconf/HP-UXA.09.03.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# On HP-UX 9, the default (and only) implementation strategy is
-# classic nspr.
-#
-ifeq ($(OS_RELEASE),A.09.03)
-	DEFAULT_IMPL_STRATEGY	 = _CLASSIC
-endif
-
-#
-# Config stuff for HP-UXA.09.03
-#
-include $(CORE_DEPTH)/coreconf/HP-UXA.09.mk
diff --git a/security/coreconf/HP-UXA.09.07.mk b/security/coreconf/HP-UXA.09.07.mk
deleted file mode 100644
index 9fcf4c826..000000000
--- a/security/coreconf/HP-UXA.09.07.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 9, the default (and only) implementation strategy is
-# classic nspr.
-#
-ifeq ($(OS_RELEASE),A.09.07)
-	DEFAULT_IMPL_STRATEGY	 = _CLASSIC
-endif
-
-#
-# Config stuff for HP-UXA.09.07
-#
-include $(CORE_DEPTH)/coreconf/HP-UXA.09.mk
diff --git a/security/coreconf/HP-UXA.09.mk b/security/coreconf/HP-UXA.09.mk
deleted file mode 100644
index 813a16f40..000000000
--- a/security/coreconf/HP-UXA.09.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# Config stuff for HP-UXA.09
-#
-include $(CORE_DEPTH)/coreconf/HP-UX.mk
-
-OS_CFLAGS += -DHPUX9
diff --git a/security/coreconf/HP-UXB.10.01.mk b/security/coreconf/HP-UXB.10.01.mk
deleted file mode 100644
index 718ee1184..000000000
--- a/security/coreconf/HP-UXB.10.01.mk
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-ifeq ($(OS_RELEASE),B.10.01)
-	DEFAULT_IMPL_STRATEGY	 = _CLASSIC
-endif
-
-#
-# Config stuff for HP-UXB.10.01
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
diff --git a/security/coreconf/HP-UXB.10.10.mk b/security/coreconf/HP-UXB.10.10.mk
deleted file mode 100644
index 54a78e6e2..000000000
--- a/security/coreconf/HP-UXB.10.10.mk
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.10 and 10.20, the default implementation strategy is
-# pthreads (actually DCE threads).  Classic nspr is also available.
-#
-
-ifeq ($(OS_RELEASE),B.10.10)
-	DEFAULT_IMPL_STRATEGY 	 = _PTH
-endif
-
-#
-# Config stuff for HP-UXB.10.10
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
-
-OS_CFLAGS += -DHPUX10_10
-
-ifeq ($(USE_PTHREADS),1)
-	OS_CFLAGS	+= -D_REENTRANT
-endif
diff --git a/security/coreconf/HP-UXB.10.20.mk b/security/coreconf/HP-UXB.10.20.mk
deleted file mode 100644
index 5c14b9844..000000000
--- a/security/coreconf/HP-UXB.10.20.mk
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.10 and 10.20, the default implementation strategy is
-# pthreads (actually DCE threads).  Classic nspr is also available.
-#
-
-ifeq ($(OS_RELEASE),B.10.20)
-	DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# Config stuff for HP-UXB.10.20
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
-
-OS_CFLAGS		+= -DHPUX10_20
-
-ifeq ($(USE_PTHREADS),1)
-	OS_CFLAGS	+= -D_REENTRANT
-endif
diff --git a/security/coreconf/HP-UXB.10.30.mk b/security/coreconf/HP-UXB.10.30.mk
deleted file mode 100644
index ef52d1122..000000000
--- a/security/coreconf/HP-UXB.10.30.mk
+++ /dev/null
@@ -1,56 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.00, the default implementation strategy is
-# pthreads.  Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.10.30)
-	DEFAULT_IMPL_STRATEGY	 = _PTH
-endif
-
-#
-# Config stuff for HP-UXB.10.30.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk
-
-OS_CFLAGS		+= -DHPUX10_30
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.00, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
-	OS_CFLAGS	+= -D_POSIX_C_SOURCE=199506L
-endif
diff --git a/security/coreconf/HP-UXB.10.mk b/security/coreconf/HP-UXB.10.mk
deleted file mode 100644
index 77ca9bce7..000000000
--- a/security/coreconf/HP-UXB.10.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for HP-UXB.10
-#
-include $(CORE_DEPTH)/coreconf/HP-UX.mk
-
-OS_CFLAGS += -DHPUX10
-OS_LIBS   += -lpthread -lm
diff --git a/security/coreconf/HP-UXB.11.00.mk b/security/coreconf/HP-UXB.11.00.mk
deleted file mode 100644
index 0732202ae..000000000
--- a/security/coreconf/HP-UXB.11.00.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.00, the default implementation strategy is
-# pthreads.  Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.11.00)
-OS_CFLAGS		+= -DHPUX10
-DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.00, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
-	OS_CFLAGS	+= -D_POSIX_C_SOURCE=199506L
-endif
-
-#
-# Config stuff for HP-UXB.11.00.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk
diff --git a/security/coreconf/HP-UXB.11.11.mk b/security/coreconf/HP-UXB.11.11.mk
deleted file mode 100644
index 1789b7d7d..000000000
--- a/security/coreconf/HP-UXB.11.11.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2001 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.x, the default implementation strategy is
-# pthreads.  Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.11.11)
-OS_CFLAGS		+= -DHPUX10
-DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.x, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
-	OS_CFLAGS	+= -D_POSIX_C_SOURCE=199506L
-endif
-
-#
-# Config stuff for HP-UXB.11.11.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk
diff --git a/security/coreconf/HP-UXB.11.20.mk b/security/coreconf/HP-UXB.11.20.mk
deleted file mode 100644
index a638736c5..000000000
--- a/security/coreconf/HP-UXB.11.20.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2002 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On HP-UX 10.30 and 11.x, the default implementation strategy is
-# pthreads.  Classic nspr and pthreads-user are also available.
-#
-
-ifeq ($(OS_RELEASE),B.11.20)
-OS_CFLAGS		+= -DHPUX10
-DEFAULT_IMPL_STRATEGY = _PTH
-endif
-
-#
-# To use the true pthread (kernel thread) library on 10.30 and
-# 11.x, we should define _POSIX_C_SOURCE to be 199506L.
-# The _REENTRANT macro is deprecated.
-#
-
-ifdef USE_PTHREADS
-	OS_CFLAGS	+= -D_POSIX_C_SOURCE=199506L
-endif
-
-#
-# Config stuff for HP-UXB.11.x.
-#
-include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk
diff --git a/security/coreconf/HP-UXB.11.mk b/security/coreconf/HP-UXB.11.mk
deleted file mode 100644
index 5b489014f..000000000
--- a/security/coreconf/HP-UXB.11.mk
+++ /dev/null
@@ -1,73 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for HP-UXB.11
-#
-include $(CORE_DEPTH)/coreconf/HP-UX.mk
-
-ifdef USE_LONG_LONGS
-USE_HYBRID = 1
-endif
-
-ifndef NS_USE_GCC
-    CCC                 = /opt/aCC/bin/aCC -ext
-    ifeq ($(USE_64), 1)
-	ifeq ($(OS_TEST), ia64)
-	    OS_CFLAGS	+= -Aa +e +p +DD64
-	else
-	    OS_CFLAGS	+= -Aa +e +DA2.0W +DS2.0 +DChpux
-	endif
-# Next line replaced by generic name handling in arch.mk
-#	COMPILER_TAG    = _64
-    else
-	ifeq ($(OS_TEST), ia64)
-	    OS_CFLAGS	+= -Aa +e +p +DD32
-	else
-	    ifdef USE_HYBRID
-		OS_CFLAGS += -Aa +e +DA2.0 +DS2.0 
-	    else
-		OS_CFLAGS += +DAportable +DS2.0
-	    endif
-	endif
-    endif
-else
-    CCC = aCC
-endif
-
-OS_CFLAGS += -DHPUX11 
-OS_LIBS   += -lpthread -lm -lrt
-#ifeq ($(USE_64), 1)
-#OS_LIBS   += -ldl
-#else
-#OS_LIBS   += -ldld
-#endif
-HPUX11	= 1
diff --git a/security/coreconf/IRIX.mk b/security/coreconf/IRIX.mk
deleted file mode 100644
index 32e2a4a9a..000000000
--- a/security/coreconf/IRIX.mk
+++ /dev/null
@@ -1,124 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# The default implementation strategy for Irix is classic nspr.
-#
-ifeq ($(USE_PTHREADS),1)
-	ifeq ($(USE_N32),1)
-		IMPL_STRATEGY = _n32_PTH
-	else
-		IMPL_STRATEGY = _PTH
-	endif
-endif
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
-	CC		= gcc
-	AS		= $(CC) -x assembler-with-cpp
-	ODD_CFLAGS	= -Wall -Wno-format
-	ifdef BUILD_OPT
-		OPTIMIZER	= -O6
-	endif
-else
-	CC	= cc
-	CCC		= CC
-	ODD_CFLAGS	= -fullwarn -xansi -woff 1209
-	ifdef BUILD_OPT
-		ifeq ($(USE_N32),1)
-			OPTIMIZER	= -O -OPT:Olimit=4000
-		else
-			OPTIMIZER	= -O -Olimit 4000
-		endif
-	endif
-
-	# For 6.x machines, include this flag
-	ifeq (6., $(findstring 6., $(OS_RELEASE)))
-		ifeq ($(USE_N32),1)
-			ODD_CFLAGS	+= -n32 -mips3 -exceptions
-		else
-			ODD_CFLAGS	+= -32 -multigot
-		endif
-	else
-		ODD_CFLAGS		+= -xgot
-	endif
-	ifeq ($(USE_N32),1)
-		OS_CFLAGS	+= -dollar
-	endif
-endif
-
-ODD_CFLAGS	+= -DSVR4 -DIRIX 
-
-CPU_ARCH	= mips
-
-RANLIB		= /bin/true
-# For purify
-# NOTE: should always define _SGI_MP_SOURCE
-NOMD_OS_CFLAGS += $(ODD_CFLAGS) -D_SGI_MP_SOURCE
-
-OS_CFLAGS += $(NOMD_OS_CFLAGS)
-ifdef USE_MDUPDATE
-	OS_CFLAGS += -MDupdate $(DEPENDENCIES)
-endif
-
-ifeq ($(USE_N32),1)
-	SHLIB_LD_OPTS	+= -n32 -mips3
-endif
-
-MKSHLIB     += $(LD) $(SHLIB_LD_OPTS) -shared -soname $(@:$(OBJDIR)/%.so=%.so)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-DSO_LDOPTS	= -elf -shared -all
-
-ifdef DSO_BACKEND
-	DSO_LDOPTS += -soname $(DSO_NAME)
-endif
-
-#
-# Revision notes:
-#
-# In the IRIX compilers prior to version 7.2, -n32 implied -mips3.
-# Beginning in the 7.2 compilers, -n32 implies -mips4 when the compiler
-# is running on a system with a mips4 CPU (e.g. R8K, R10K).
-# We want our code to explicitly be mips3 code, so we now explicitly
-# set -mips3 whenever we set -n32.
-#
diff --git a/security/coreconf/IRIX5.2.mk b/security/coreconf/IRIX5.2.mk
deleted file mode 100644
index fbb4a137b..000000000
--- a/security/coreconf/IRIX5.2.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 5.2
-#
-include $(CORE_DEPTH)/coreconf/IRIX5.mk
diff --git a/security/coreconf/IRIX5.3.mk b/security/coreconf/IRIX5.3.mk
deleted file mode 100644
index b7134592b..000000000
--- a/security/coreconf/IRIX5.3.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 5.3
-#
-include $(CORE_DEPTH)/coreconf/IRIX5.mk
-
-OS_CFLAGS += -DIRIX5_3
diff --git a/security/coreconf/IRIX5.mk b/security/coreconf/IRIX5.mk
deleted file mode 100644
index 56bfb0ea5..000000000
--- a/security/coreconf/IRIX5.mk
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 5
-#
-
-include $(CORE_DEPTH)/coreconf/IRIX.mk
-
-ifndef NS_USE_GCC
-	ODD_CFLAGS += -xgot
-endif
diff --git a/security/coreconf/IRIX6.2.mk b/security/coreconf/IRIX6.2.mk
deleted file mode 100644
index e17a0c3b6..000000000
--- a/security/coreconf/IRIX6.2.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6.2
-#
-
-
-# catch unresolved symbols
-
-SHLIB_LD_OPTS += -no_unresolved
-
-include $(CORE_DEPTH)/coreconf/IRIX6.mk
-
-OS_CFLAGS += -DIRIX6_2
diff --git a/security/coreconf/IRIX6.3.mk b/security/coreconf/IRIX6.3.mk
deleted file mode 100644
index a684a1e11..000000000
--- a/security/coreconf/IRIX6.3.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6.3
-#
-
-# catch unresolved symbols
-
-SHLIB_LD_OPTS += -no_unresolved
-
-include $(CORE_DEPTH)/coreconf/IRIX6.mk
-
-OS_CFLAGS += -DIRIX6_3
diff --git a/security/coreconf/IRIX6.5.mk b/security/coreconf/IRIX6.5.mk
deleted file mode 100644
index 2341580b4..000000000
--- a/security/coreconf/IRIX6.5.mk
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6.5
-#
-
-# catch unresolved symbols
-
-SHLIB_LD_OPTS += -no_unresolved
-
-include $(CORE_DEPTH)/coreconf/IRIX6.mk
-
-OS_CFLAGS += -DIRIX6_5
-ifndef NS_USE_GCC
-OS_CFLAGS += -mips3
-endif
diff --git a/security/coreconf/IRIX6.mk b/security/coreconf/IRIX6.mk
deleted file mode 100644
index a401dc6f3..000000000
--- a/security/coreconf/IRIX6.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for IRIX 6
-#
-
-include $(CORE_DEPTH)/coreconf/IRIX.mk
-
-ifndef NS_USE_GCC
-	ifneq ($(USE_N32),1)
-	OS_CFLAGS  += -32
-	endif
-	ODD_CFLAGS += -multigot
-endif
-
-ifeq ($(USE_PTHREADS),1)
-OS_LIBS += -lpthread
-endif
diff --git a/security/coreconf/Linux.mk b/security/coreconf/Linux.mk
deleted file mode 100644
index 5c346e037..000000000
--- a/security/coreconf/Linux.mk
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# The default implementation strategy for Linux is now pthreads
-#
-USE_PTHREADS = 1
-
-ifeq ($(USE_PTHREADS),1)
-	IMPL_STRATEGY = _PTH
-endif
-
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-DEFAULT_COMPILER = gcc
-
-ifeq ($(OS_TEST),m68k)
-	OS_REL_CFLAGS	= -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH	= m68k
-else		
-ifeq ($(OS_TEST),ppc)
-	OS_REL_CFLAGS	= -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH	= ppc
-else
-ifeq ($(OS_TEST),alpha)
-        OS_REL_CFLAGS   = -D_ALPHA_ -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH	= alpha
-else
-ifeq ($(OS_TEST),ia64)
-	OS_REL_CFLAGS	= -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH	= ia64
-else
-ifeq ($(OS_TEST),sparc)
-	OS_REL_CFLAGS   = -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH        = sparc
-else
-ifeq ($(OS_TEST),sparc64)
-	OS_REL_CFLAGS   = -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH        = sparc
-else
-ifeq (,$(filter-out arm% sa110,$(OS_TEST)))
-	OS_REL_CFLAGS   = -DLINUX1_2 -D_XOPEN_SOURCE
-	CPU_ARCH        = arm
-else
-	OS_REL_CFLAGS	= -DLINUX1_2 -Di386 -D_XOPEN_SOURCE
-	CPU_ARCH	= x86
-endif
-endif
-endif
-endif
-endif
-endif
-endif
-
-
-LIBC_TAG		= _glibc
-
-ifeq ($(OS_RELEASE),2.0)
-	OS_REL_CFLAGS	+= -DLINUX2_0
-	MKSHLIB		= $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-	ifdef BUILD_OPT
-		OPTIMIZER	= -O2
-	endif
-	ifdef MAPFILE
-		MKSHLIB += -Wl,--version-script,$(MAPFILE)
-	endif
-	PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
-         sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-endif
-
-ifeq ($(USE_PTHREADS),1)
-OS_PTHREAD = -lpthread 
-endif
-
-OS_CFLAGS		= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR
-OS_LIBS			= -L/lib $(OS_PTHREAD) -ldl -lc
-
-ifdef USE_PTHREADS
-	DEFINES		+= -D_REENTRANT
-endif
-
-ARCH			= linux
-
-DSO_CFLAGS		= -fPIC
-DSO_LDOPTS		= -shared
-DSO_LDFLAGS		=
-
-# INCLUDES += -I/usr/include -Y/usr/include/linux
-G++INCLUDES		= -I/usr/include/g++
-
-#
-# Always set CPU_TAG on Linux, OpenVMS, WINCE.
-#
-CPU_TAG = _$(CPU_ARCH)
diff --git a/security/coreconf/Linux2.1.mk b/security/coreconf/Linux2.1.mk
deleted file mode 100644
index f7f7565ac..000000000
--- a/security/coreconf/Linux2.1.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.1 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-ifeq ($(OS_RELEASE),2.1)
-        OS_REL_CFLAGS   += -DLINUX2_1
-        MKSHLIB         = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-        ifdef BUILD_OPT
-                OPTIMIZER       = -O2
-        endif
-	ifdef MAPFILE
-		MKSHLIB += -Wl,--version-script,$(MAPFILE)
-	endif
-	PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
-       	 sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-endif
-
diff --git a/security/coreconf/Linux2.2.mk b/security/coreconf/Linux2.2.mk
deleted file mode 100644
index 4bdddebfa..000000000
--- a/security/coreconf/Linux2.2.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.2 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-
-OS_REL_CFLAGS   += -DLINUX2_1
-MKSHLIB         = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
-            OPTIMIZER       = -O2
-endif
-
-ifdef MAPFILE
-	MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
-        sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
diff --git a/security/coreconf/Linux2.4.mk b/security/coreconf/Linux2.4.mk
deleted file mode 100644
index b05d803a3..000000000
--- a/security/coreconf/Linux2.4.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.4 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-
-OS_REL_CFLAGS   += -DLINUX2_1
-MKSHLIB         = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
-            OPTIMIZER       = -O2
-endif
-
-ifdef MAPFILE
-	MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
-        sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
diff --git a/security/coreconf/Linux2.5.mk b/security/coreconf/Linux2.5.mk
deleted file mode 100644
index c116b1da8..000000000
--- a/security/coreconf/Linux2.5.mk
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.5 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
-
-OS_REL_CFLAGS   += -DLINUX2_1
-MKSHLIB         = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
-            OPTIMIZER       = -O2
-endif
-
-ifdef MAPFILE
-	MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
-        sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
diff --git a/security/coreconf/LinuxELF1.2.mk b/security/coreconf/LinuxELF1.2.mk
deleted file mode 100644
index 860787958..000000000
--- a/security/coreconf/LinuxELF1.2.mk
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 1.2 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
diff --git a/security/coreconf/LinuxELF2.0.mk b/security/coreconf/LinuxELF2.0.mk
deleted file mode 100644
index a85dfafa9..000000000
--- a/security/coreconf/LinuxELF2.0.mk
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Linux 2.0 (ELF)
-#
-
-include $(CORE_DEPTH)/coreconf/Linux.mk
diff --git a/security/coreconf/Makefile b/security/coreconf/Makefile
deleted file mode 100644
index fc9f73af2..000000000
--- a/security/coreconf/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-DEPTH		= ..
-CORE_DEPTH	= ..
-
-MODULE		= coreconf
-
-DIRS		= nsinstall
-
-include $(DEPTH)/coreconf/config.mk
-include $(DEPTH)/coreconf/rules.mk
-
-export:: libs
diff --git a/security/coreconf/NCR3.0.mk b/security/coreconf/NCR3.0.mk
deleted file mode 100644
index f29890d73..000000000
--- a/security/coreconf/NCR3.0.mk
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for NCR SysVr4 v 3.0
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-###
-NS_USE_NATIVE = 1
-
-# NS_USE_GCC = 1
-
-export PATH:=$(PATH):/opt/ncc/bin
-###
-
-RANLIB           = true
-GCC_FLAGS_EXTRA += -pipe
-
-DEFINES		+= -DSVR4 -DSYSV -DHAVE_STRERROR -DNCR
-
-OS_CFLAGS	+= -Hnocopyr -DSVR4 -DSYSV -DHAVE_STRERROR -DNCR -DPRFSTREAMS_BROKEN
-
-ifdef NS_USE_NATIVE
-	CC       = cc
-	CCC      = ncc
-	CXX      = ncc
-#	OS_LIBS += -L/opt/ncc/lib 
-else
-#	OS_LIBS	+=
-endif
-
-#OS_LIBS    += -lsocket -lnsl -ldl -lc
-
-MKSHLIB     += $(LD) $(DSO_LDOPTS)
-#DSO_LDOPTS += -G -z defs
-DSO_LDOPTS += -G
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-CPU_ARCH    = x86
-ARCH        = ncr
-
-NOSUCHFILE  = /solaris-rm-f-sucks
-
-# now take care of default GCC (rus@5/5/97)
- 
-ifdef NS_USE_GCC
-	# if gcc-settings are redefined already - don't touch it
-	#
-	ifeq (,$(findstring gcc, $(CC)))
-		CC   = gcc
-		CCC  = g++
-		CXX  = g++
-		# always use -fPIC - some makefiles are still broken and don't distinguish
-		# situation when they build shared and static libraries
-		CFLAGS  += -fPIC -Wall $(GCC_FLAGS_EXTRA)
-#		OS_LIBS += -L/usr/local/lib -lstdc++ -lg++ -lgcc
-	endif
-endif
-###
diff --git a/security/coreconf/NEC4.2.mk b/security/coreconf/NEC4.2.mk
deleted file mode 100644
index 03d257415..000000000
--- a/security/coreconf/NEC4.2.mk
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for NEC Mips SYSV
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = $(CORE_DEPTH)/build/hcc
-
-CPU_ARCH		= mips
-
-ifdef NS_USE_GCC
-CC			= gcc
-CCC			= g++
-else
-CC			= $(CORE_DEPTH)/build/hcc
-OS_CFLAGS		= -Xa -KGnum=0 -KOlimit=4000
-CCC			= g++
-endif
-
-MKSHLIB			= $(LD) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-RANLIB			= /bin/true
-
-OS_CFLAGS		+= $(ODD_CFLAGS) -DSVR4 -D__SVR4 -DNEC -Dnec_ews -DHAVE_STRERROR
-OS_LIBS			= -lsocket -lnsl -ldl $(LDOPTIONS)
-LDOPTIONS		= -lc -L/usr/ucblib -lucb
-
-NOSUCHFILE		= /nec-rm-f-sucks
-
-DSO_LDOPTS		= -G
diff --git a/security/coreconf/NetBSD.mk b/security/coreconf/NetBSD.mk
deleted file mode 100644
index fd7bd2ddf..000000000
--- a/security/coreconf/NetBSD.mk
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for NetBSD
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER	= gcc
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-CPU_ARCH		:= $(shell uname -p)
-ifeq ($(CPU_ARCH),i386)
-OS_REL_CFLAGS		= -Di386
-CPU_ARCH		= x86
-endif
-
-ifndef OBJECT_FMT
-OBJECT_FMT		:= $(shell if echo __ELF__ | $${CC:-cc} -E - | grep -q __ELF__ ; then echo a.out ; else echo ELF ; fi)
-endif
-
-ifeq ($(OBJECT_FMT),ELF)
-DLL_SUFFIX		= so
-else
-DLL_SUFFIX		= so.1.0
-endif
-
-OS_CFLAGS		= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DNETBSD -Dunix -DHAVE_STRERROR -DHAVE_BSD_FLOCK
-
-OS_LIBS			= -lcompat
-
-ARCH			= netbsd
-
-DSO_CFLAGS		= -fPIC -DPIC
-DSO_LDOPTS		= -shared
-DSO_LDFLAGS		=
-ifeq ($(OBJECT_FMT),ELF)
-DSO_LDOPTS		+= -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-endif
-
-ifdef LIBRUNPATH
-DSO_LDOPTS		+= -Wl,-R$(LIBRUNPATH)
-endif
-
-MKSHLIB			= $(CC) $(DSO_LDOPTS)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-
-G++INCLUDES		= -I/usr/include/g++
-
-INCLUDES		+= -I/usr/X11R6/include
diff --git a/security/coreconf/OS2.mk b/security/coreconf/OS2.mk
deleted file mode 100644
index 4b80a7f81..000000000
--- a/security/coreconf/OS2.mk
+++ /dev/null
@@ -1,250 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-MOZ_WIDGET_TOOLKIT = os2
-
-# Specify toolset.  Default to EMX.
-ifeq ($(MOZ_OS2_TOOLS),VACPP)
-XP_OS2_VACPP = 1
-else
-ifeq ($(MOZ_OS2_TOOLS),PGCC)
-XP_OS2_EMX   = 1
-else
-MOZ_OS2_TOOLS = EMX
-XP_OS2_EMX   = 1
-endif
-endif
-
-# XP_PC is for Window and OS2 on Intel X86
-# XP_OS2 is strictly for OS2 only
-XP_DEFINE  += -DXP_PC=1  -DXP_OS2=1
-
-# Override prefix
-LIB_PREFIX  = $(NULL)
-
-# Override suffix in suffix.mk
-LIB_SUFFIX  = lib
-DLL_SUFFIX  = dll
-OBJ_SUFFIX  = .obj
-ASM_SUFFIX  = .asm
-PROG_SUFFIX = .exe
-
-
-ifdef XP_OS2_EMX
-
-CCC			= gcc
-LINK			= gcc
-AR                      = emxomfar -p256 r $@
-# Keep AR_FLAGS blank so that we do not have to change rules.mk
-AR_FLAGS                = 
-RANLIB 			= @echo OS2 RANLIB
-BSDECHO 		= @echo OS2 BSDECHO
-IMPLIB    = emximp -o
-FILTER    = emxexp
-
-ifndef NO_SHARED_LIB
-WRAP_MALLOC_LIB         = 
-WRAP_MALLOC_CFLAGS      = 
-DSO_CFLAGS              = 
-DSO_PIC_CFLAGS          = 
-MKSHLIB                 = $(CXX) $(CXXFLAGS) $(DSO_LDOPTS) -o $@
-MKCSHLIB                = $(CC) $(CFLAGS) $(DSO_LDOPTS) -o $@
-MKSHLIB_FORCE_ALL       = 
-MKSHLIB_UNFORCE_ALL     = 
-DSO_LDOPTS              = -Zomf -Zdll -Zmt -Zcrtdll -Zlinker /NOO
-# DLL_SUFFIX              = .dll
-SHLIB_LDSTARTFILE	= 
-SHLIB_LDENDFILE		= 
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = copy $(LIBRARY_NAME).def $@
-
-endif   #NO_SHARED_LIB
-
-OS_CFLAGS          = -Wall -W -Wno-unused -Wpointer-arith -Wcast-align -Zmtd -Zomf -Zmt  -DDEBUG -DDEBUG_wintrinh -DTRACING -g
-
-# Where the libraries are
-MOZ_COMPONENT_NSPR_LIBS=-L$(DIST)/lib $(NSPR_LIBS)
-NSPR_LIBS	= -lplds4 -lplc4 -lnspr4 
-NSPR_INCLUDE_DIR =   
-
-
-ifdef BUILD_OPT
-OPTIMIZER		= -O6 
-DEFINES 		+= -UDEBUG -U_DEBUG -DNDEBUG
-DLLFLAGS		= -DLL -OUT:$@ -MAP:$(@:.dll=.map)
-EXEFLAGS    		= -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-OBJDIR_TAG 		= _OPT
-else
-#OPTIMIZER		= -O+ -Oi
-DEFINES 		+= -DDEBUG -D_DEBUG -DDEBUGPRINTS     #HCT Need += to avoid overidding manifest.mn 
-DLLFLAGS		= -DEBUG -DLL -OUT:$@ -MAP:$(@:.dll=.map)
-EXEFLAGS    		= -DEBUG -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-OBJDIR_TAG 		= _DBG
-LDFLAGS 		= -DEBUG 
-endif   # BUILD_OPT
-
-else    # XP_OS2_VACPP
-
-AS = alp.exe
-ifdef BUILD_OPT
-ASFLAGS = -Od
-else
-ASFLAGS = +Od
-endif
-CCC			= icc -q -DXP_OS2 -DOS2=4 -N10
-LINK			= -ilink
-AR		= -ilib /NOL /NOI /O:$(subst /,\\,$@)
-# Keep AR_FLAGS blank so that we do not have to change rules.mk
-AR_FLAGS                = 
-RANLIB 			= @echo OS2 RANLIB
-BSDECHO 		= @echo OS2 BSDECHO
-IMPLIB    = implib /NOL /NOI
-FILTER    = cppfilt -b -p -q
-
-ifndef NO_SHARED_LIB
-WRAP_MALLOC_LIB         = 
-WRAP_MALLOC_CFLAGS      = 
-DSO_CFLAGS              = 
-DSO_PIC_CFLAGS          = 
-MKSHLIB                 = $(LD) $(DSO_LDOPTS)
-MKCSHLIB                = $(LD) $(DSO_LDOPTS)
-MKSHLIB_FORCE_ALL       = 
-MKSHLIB_UNFORCE_ALL     = 
-DSO_LDOPTS              = 
-# DLL_SUFFIX              = .dll
-SHLIB_LDSTARTFILE	= 
-SHLIB_LDENDFILE		= 
-endif   #NO_SHARED_LIB
-
-OS_CFLAGS          = /Q /qlibansi /Gd /Gm /Su4 /Mp /Tl-
-INCLUDES        += -I$(CORE_DEPTH)/../dist/include
-DEFINES         += -DXP_OS2_VACPP -DTCPV40HDRS
-
-# Where the libraries are
-NSPR_LIBS	= $(DIST)/lib/nspr4.lib $(DIST)/lib/plc4.lib $(DIST)/lib/plds4.lib
-MOZ_COMPONENT_NSPR_LIBS=-L$(DIST)/lib $(NSPR_LIBS)
-NSPR_INCLUDE_DIR =   
-
-
-ifdef BUILD_OPT
-OPTIMIZER		= -Oi -G5
-DEFINES 		+= -UDEBUG -U_DEBUG -DNDEBUG
-DLLFLAGS		= /DLL /O:$@ /INC:_dllentry /MAP:$(@:.dll=.map)
-EXEFLAGS    		= -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-OBJDIR_TAG 		= _OPT
-LDFLAGS     = /FREE /NODEBUG /NOE /LINENUMBERS /nologo
-else
-OS_CFLAGS   += /Ti+
-DEFINES 		+= -DDEBUG -D_DEBUG -DDEBUGPRINTS     #HCT Need += to avoid overidding manifest.mn 
-DLLFLAGS		= /DEBUG /DLL /O:$@ /INC:_dllentry /MAP:$(@:.dll=.map)
-EXEFLAGS    		= -DEBUG -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE
-OBJDIR_TAG 		= _DBG
-LDFLAGS 		= /FREE /DE /NOE /LINENUMBERS /nologo 
-endif   # BUILD_OPT
-
-endif   # XP_OS2_VACPP
-
-# OS/2 use nsinstall that is included in the toolkit.
-# since we do not wish to support and maintain 3 version of nsinstall in mozilla, nspr and nss
-
-ifdef BUILD_TREE
-NSINSTALL_DIR  = $(BUILD_TREE)/nss
-else
-NSINSTALL_DIR  = $(CORE_DEPTH)/coreconf/nsinstall
-endif
-# NSINSTALL      = $(NSINSTALL_DIR)/$(OBJDIR_NAME)/nsinstall
-NSINSTALL 	= nsinstall             # HCT4OS2
-INSTALL		= $(NSINSTALL)
-
-MKDEPEND_DIR    = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND        = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend
-MKDEPENDENCIES  = $(OBJDIR_NAME)/depend.mk
-
-####################################################################
-#
-# One can define the makefile variable NSDISTMODE to control
-# how files are published to the 'dist' directory.  If not
-# defined, the default is "install using relative symbolic
-# links".  The two possible values are "copy", which copies files
-# but preserves source mtime, and "absolute_symlink", which
-# installs using absolute symbolic links.  The "absolute_symlink"
-# option requires NFSPWD.
-#   - THIS IS NOT PART OF THE NEW BINARY RELEASE PLAN for 9/30/97
-#   - WE'RE KEEPING IT ONLY FOR BACKWARDS COMPATIBILITY
-####################################################################
-
-ifeq ($(NSDISTMODE),copy)
-	# copy files, but preserve source mtime
-	INSTALL  = $(NSINSTALL)
-	INSTALL += -t
-else
-	ifeq ($(NSDISTMODE),absolute_symlink)
-		# install using absolute symbolic links
-		INSTALL  = $(NSINSTALL)
-		INSTALL += -L `$(NFSPWD)`
-	else
-		# install using relative symbolic links
-		INSTALL  = $(NSINSTALL)
-		INSTALL += -R
-	endif
-endif
-
-DEFINES += -DXP_OS2
-
-define MAKE_OBJDIR
-if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi
-endef
-
-#
-# override the definition of DLL_PREFIX in prefix.mk
-#
-
-ifndef DLL_PREFIX
-    DLL_PREFIX = $(NULL)
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
-    TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
-
-
-ifdef LIBRARY_NAME
-    IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).lib
-endif
-
diff --git a/security/coreconf/OSF1.mk b/security/coreconf/OSF1.mk
deleted file mode 100644
index 16ff9eccb..000000000
--- a/security/coreconf/OSF1.mk
+++ /dev/null
@@ -1,72 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1
-#
-
-#
-# The Bourne shell (sh) on OSF1 doesn't handle "set -e" correctly,
-# which we use to stop LOOP_OVER_DIRS submakes as soon as any
-# submake fails.  So we use the Korn shell instead.
-#
-SHELL = /usr/bin/ksh
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CC         = cc
-OS_CFLAGS += $(NON_LD_FLAGS) -std1
-CCC        = cxx
-RANLIB     = /bin/true
-CPU_ARCH   = alpha
-
-ifdef BUILD_OPT
-	OPTIMIZER += -Olimit 4000
-endif
-
-NON_LD_FLAGS += -ieee_with_inexact
-OS_CFLAGS    += -DOSF1 -D_REENTRANT 
-
-ifeq ($(USE_PTHREADS),1)
-	OS_CFLAGS += -pthread
-endif
-
-# The command to build a shared library on OSF1.
-MKSHLIB    += ld -shared -expect_unresolved "*" -soname $(notdir $@)
-ifdef MAPFILE
-MKSHLIB += -hidden -input $(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \
- sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,-exported_symbol ,' > $@
-
-DSO_LDOPTS += -shared
diff --git a/security/coreconf/OSF1V2.0.mk b/security/coreconf/OSF1V2.0.mk
deleted file mode 100644
index de7dab643..000000000
--- a/security/coreconf/OSF1V2.0.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V2.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OSF1V3.0.mk b/security/coreconf/OSF1V3.0.mk
deleted file mode 100644
index 623b2f971..000000000
--- a/security/coreconf/OSF1V3.0.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V3.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OSF1V3.2.mk b/security/coreconf/OSF1V3.2.mk
deleted file mode 100644
index 9d584b37b..000000000
--- a/security/coreconf/OSF1V3.2.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V3.2, classic nspr is the default (and only) implementation
-# strategy.
-#
-
-#
-# Config stuff for DEC OSF/1 V3.2
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
-
-ifeq ($(OS_RELEASE),V3.2)
-	OS_CFLAGS += -DOSF1V3
-endif
diff --git a/security/coreconf/OSF1V4.0.mk b/security/coreconf/OSF1V4.0.mk
deleted file mode 100644
index 164a6613a..000000000
--- a/security/coreconf/OSF1V4.0.mk
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V4.0, pthreads is the default implementation strategy.
-# Classic nspr is also available.
-#
-ifneq ($(OS_RELEASE),V3.2)
-	USE_PTHREADS = 1
-	ifeq ($(CLASSIC_NSPR), 1)
-		USE_PTHREADS =
-		IMPL_STRATEGY := _CLASSIC
-	endif
-endif
-
-#
-# Config stuff for DEC OSF/1 V4.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
-
-ifeq ($(OS_RELEASE),V4.0)
-	OS_CFLAGS += -DOSF1V4
-endif
diff --git a/security/coreconf/OSF1V4.0B.mk b/security/coreconf/OSF1V4.0B.mk
deleted file mode 100644
index 73f357d17..000000000
--- a/security/coreconf/OSF1V4.0B.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V4.0B
-#
-include $(CORE_DEPTH)/coreconf/OSF1V4.0.mk
diff --git a/security/coreconf/OSF1V4.0D.mk b/security/coreconf/OSF1V4.0D.mk
deleted file mode 100644
index 515c76d5f..000000000
--- a/security/coreconf/OSF1V4.0D.mk
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for DEC OSF/1 V4.0D
-#
-include $(CORE_DEPTH)/coreconf/OSF1V4.0.mk
-DEFINES	+= -DOSF1V4D
-
-OS_LIBS += -lpthread -lrt
-
diff --git a/security/coreconf/OSF1V5.0.mk b/security/coreconf/OSF1V5.0.mk
deleted file mode 100644
index 176ca0845..000000000
--- a/security/coreconf/OSF1V5.0.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V5.0, pthreads is the default implementation strategy.
-# Classic nspr is also available.
-#
-ifneq ($(OS_RELEASE),V3.2)
-	USE_PTHREADS = 1
-	ifeq ($(CLASSIC_NSPR), 1)
-		USE_PTHREADS =
-		IMPL_STRATEGY := _CLASSIC
-	endif
-endif
-
-#
-# Config stuff for DEC OSF/1 V5.0
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OSF1V5.1.mk b/security/coreconf/OSF1V5.1.mk
deleted file mode 100644
index b08ed99fd..000000000
--- a/security/coreconf/OSF1V5.1.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2001 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# On OSF1 V5.1, pthreads is the default implementation strategy.
-# Classic nspr is also available.
-#
-ifneq ($(OS_RELEASE),V3.2)
-	USE_PTHREADS = 1
-	ifeq ($(CLASSIC_NSPR), 1)
-		USE_PTHREADS =
-		IMPL_STRATEGY := _CLASSIC
-	endif
-endif
-
-#
-# Config stuff for DEC OSF/1 V5.1
-#
-include $(CORE_DEPTH)/coreconf/OSF1.mk
diff --git a/security/coreconf/OpenBSD.mk b/security/coreconf/OpenBSD.mk
deleted file mode 100644
index 14fa73489..000000000
--- a/security/coreconf/OpenBSD.mk
+++ /dev/null
@@ -1,62 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for OpenBSD 
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER	= gcc
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-CPU_ARCH		:= $(shell uname -p)
-ifeq ($(CPU_ARCH),i386)
-OS_REL_CFLAGS		= -Di386
-CPU_ARCH		= x86
-endif
-
-DLL_SUFFIX		= so.1.0
-
-OS_CFLAGS		= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DOPENBSD
-
-OS_LIBS			= 
-
-ARCH			= openbsd
-
-DSO_CFLAGS		= -fPIC -DPIC
-DSO_LDOPTS		= -shared -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX)
-DSO_LDFLAGS		=
-
-MKSHLIB			= $(CC) $(DSO_LDOPTS)
-
diff --git a/security/coreconf/OpenUNIX.mk b/security/coreconf/OpenUNIX.mk
deleted file mode 100644
index 22d953df3..000000000
--- a/security/coreconf/OpenUNIX.mk
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Open UNIX 8.
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = gcc
-
-CC         = gcc
-OS_CFLAGS += -fPIC
-CCC        = g++
-CCC       += -DPRFSTREAMS_BROKEN -I/usr/gnu/lib/g++-include
-# CCC      = $(CORE_DEPTH)/build/hcpp
-# CCC     += +.cpp +w
-RANLIB     = /bin/true
-
-#
-# -DSCO_PM - Policy Manager AKA: SCO Licensing
-# -DSCO - Changes to Netscape source (consistent with AIX, LINUX, etc..)
-# -Dsco - Needed for /usr/include/X11/*
-#
-OS_CFLAGS   += -DSCO_SV -DSYSV -D_SVID3 -DHAVE_STRERROR -DSW_THREADS -DSCO_PM -DSCO -Dsco
-#OS_LIBS     += -lpmapi -lsocket -lc
-MKSHLIB      = $(LD)
-MKSHLIB     += $(DSO_LDOPTS)
-XINC         = /usr/include/X11
-MOTIFLIB    += -lXm
-INCLUDES    += -I$(XINC)
-CPU_ARCH     = x86
-GFX_ARCH     = x
-ARCH         = sco
-LOCALE_MAP   = $(CORE_DEPTH)/cmd/xfe/intl/sco.lm
-EN_LOCALE    = C
-DE_LOCALE    = de_DE.ISO8859-1
-FR_LOCALE    = fr_FR.ISO8859-1
-JP_LOCALE    = ja
-SJIS_LOCALE  = ja_JP.SJIS
-KR_LOCALE    = ko_KR.EUC
-CN_LOCALE    = zh
-TW_LOCALE    = zh
-I2_LOCALE    = i2
-LOC_LIB_DIR  = /usr/lib/X11
-NOSUCHFILE   = /solaris-rm-f-sucks
-BSDECHO      = /bin/echo
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-#
-# These defines are for building unix plugins
-#
-BUILD_UNIX_PLUGINS  = 1
-#DSO_LDOPTS         += -b elf -G -z defs
-DSO_LDOPTS         += -G
-DSO_LDFLAGS        += -nostdlib -L/lib -L/usr/lib -lXm -lXt -lX11 -lgen
-
-# Used for Java compiler
-EXPORT_FLAGS += -W l,-Bexport
diff --git a/security/coreconf/OpenVMS.mk b/security/coreconf/OpenVMS.mk
deleted file mode 100755
index 8e9813b32..000000000
--- a/security/coreconf/OpenVMS.mk
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public License
-# Version 1.1 (the "NPL"); you may not use this file except in
-# compliance with the NPL.  You may obtain a copy of the NPL at
-# http://www.mozilla.org/NPL/
-# 
-# Software distributed under the NPL is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
-# for the specific language governing rights and limitations under the
-# NPL.
-# 
-# The Initial Developer of this code under the NPL is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation.  All Rights
-# Reserved.
-#
-
-#
-# Config stuff for Compaq OpenVMS
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-ifdef INTERNAL_TOOLS
-CC			= c89
-CCC			= cxx
-OPTIMIZER		= -O
-else
-CC			= ccc
-CCC			= ccc
-endif
-
-RANLIB			= /bin/true
-
-CPU_ARCH		:= $(shell uname -Wh)
-
-OS_CFLAGS              = -DVMS -DVMS_AS_IS -Wc,names=\(short,as\) \
-                         -DGENERIC_PTHREAD_REDEFINES -DNO_UDSOCK
-OS_CXXFLAGS            = -DVMS -DVMS_AS_IS -Wc,names=\(short,as\) \
-                         -DGENERIC_PTHREAD_REDEFINES -DNO_UDSOCK
-
-# Maybe this should go into rules.mk or something?
-ifdef NSPR_INCLUDE_DIR
-INCLUDES += -I$(NSPR_INCLUDE_DIR)
-endif
-
-#
-# XCFLAGS are the only CFLAGS that are used during a link operation. Defining
-# OPTIMIZER in XCFLAGS means that each compilation line gets OPTIMIZER
-# included twice, but at least we get OPTIMIZER included in the link
-# operations; and OpenVMS needs it!
-#
-XCFLAGS                        += $(OPTIMIZER)
-
-# The command to build a shared library in POSIX on OpenVMS.
-MKSHLIB = vmsld_psm OBJDIR=$(OBJDIR) $(OPTIMIZER)
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = copy $(LIBRARY_NAME).def $@
-
-
-#
-# Always set CPU_TAG on Linux, OpenVMS, WINCE.
-#
-CPU_TAG = _$(CPU_ARCH)
diff --git a/security/coreconf/OpenVMSV7.1-2.mk b/security/coreconf/OpenVMSV7.1-2.mk
deleted file mode 100755
index eb7d67a3f..000000000
--- a/security/coreconf/OpenVMSV7.1-2.mk
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# The contents of this file are subject to the Netscape Public License
-# Version 1.1 (the "NPL"); you may not use this file except in
-# compliance with the NPL.  You may obtain a copy of the NPL at
-# http://www.mozilla.org/NPL/
-# 
-# Software distributed under the NPL is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
-# for the specific language governing rights and limitations under the
-# NPL.
-# 
-# The Initial Developer of this code under the NPL is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1998 Netscape Communications Corporation.  All Rights
-# Reserved.
-#
-
-#
-# Config stuff for Compaq OpenVMS
-#
-
-include $(CORE_DEPTH)/coreconf/OpenVMS.mk
diff --git a/security/coreconf/QNX.mk b/security/coreconf/QNX.mk
deleted file mode 100644
index e2758c512..000000000
--- a/security/coreconf/QNX.mk
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2001 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for QNX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-USE_PTHREADS = 1
-
-ifeq ($(USE_PTHREADS),1)
-	IMPL_STRATEGY = _PTH
-endif
-
-CC			= gcc
-CCC			= g++
-RANLIB			= ranlib
-
-DEFAULT_COMPILER = gcc
-ifeq ($(OS_TEST),ppc)
-	CPU_ARCH	= ppc
-else
-	CPU_ARCH	= x86
-endif
-
-MKSHLIB		= $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so)
-ifdef BUILD_OPT
-	OPTIMIZER	= -O2
-endif
-
-OS_CFLAGS		= $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wall -pipe -DNTO -DHAVE_STRERROR -D_QNX_SOURCE -D_POSIX_C_SOURCE=199506 -D_XOPEN_SOURCE=500
-
-ifdef USE_PTHREADS
-	DEFINES		+= -D_REENTRANT
-endif
-
-DSO_CFLAGS		= -fPIC
-DSO_LDOPTS		= -shared
-DSO_LDFLAGS		=
diff --git a/security/coreconf/README b/security/coreconf/README
deleted file mode 100644
index dcacd2a85..000000000
--- a/security/coreconf/README
+++ /dev/null
@@ -1,563 +0,0 @@
-OVERVIEW of "ns/coreconf":
-
-    This README file is an attempt to provide the reader with a simple
-    synopsis of the "ns/coreconf" build system which was originally
-    fundamentally designed and built to accomodate Netscape's binary
-    release model.  Wherever possible, an attempt has been made to
-    comply with the NSPR 2.0 build system, including mimicing the
-    compiler/linker flags, and directory naming structure.  The reader
-    should keep in mind that the system builds binary releases of
-    header files, class files, libraries, and executables on numerous
-    flavors of UNIX and Windows operating systems.  Unfortunately,
-    no serious attempt has ever been made to incorporate an ability to
-    generate cross-platform binaries on an Apple MacIntosh platform.
-
-    Note that this file will not attempt to redefine or document the
-    architecture of this system.  However, documents on this subject
-    are available at the following URL:
-
-        http://warp/hardcore/prj-ttools/specs/release/index.html
-
-
-
-DEPENDENCIES of "ns/coreconf":
-
-    The "ns/coreconf" build system requires the specified versions of
-    the following platform-dependent tools:
-
-        UNIX Platforms:
-        --------------
-        gmake (version 3.74 or later)
-        perl 4.0 (NOTE:  perl 5.003 or later recommended)
-        uname
-
-        Windows Platforms:
-        -----------------
-        gmake 3.74 (must use hacked Netscape version)
-        shmsdos.exe (contained in Netscape gmake.exe)
-        nsinstall.exe (contained in Netscape gmake.exe)
-        perl.exe (version 4.0 for everything except testing;
-                  NOTE:  MKS toolkit perl 5.002 is broken)
-        perl5.exe (for testing;
-                   NOTE:  perl 5.003 or later recommended;
-                          MKS toolkit perl 5.002 is broken)
-        uname.exe (use nstools version)
-
-ENHANCEMENTS to "ns/coreconf":
-
-    With the advent of Certificate Server 4.0 using the ns/coreconf
-    build system, several changes had to be made to enhance
-    ns/coreconf support for building Java/JNI classes/programs, as
-    well as libraries slated to be released as binaries.  While the
-    following may not represent an exhaustive list of these changes,
-    it does attempt to be at least somewhat comprehensive:
-
-        (1) During the course of these enhancements, a total of
-            four files have been modified, and four new files have
-            been added.
-
-            The following files have been modified:
-
-                - command.mk:    removed old definition of JAR
-
-                - config.mk:     added include statement of new
-                                 "jdk.mk" file
-
-                - ruleset.mk:    allowed the $(MKPROG) variable to be
-                                 overridden by supplying it with a
-                                 default value of $(CC); augmented
-                                 numerous definitions to enhance
-                                 ability of ns/coreconf to produce
-                                 a more robust set of libraries;
-                                 added some JNI definitions; PACKAGE
-                                 definition may be overridden by new
-                                 "jdk.mk" file
-
-                - rules.mk:      separated the compile phase of a
-                                 program from the link phase of a
-                                 program such that a developer can
-                                 now strictly override program linkage
-                                 by simply supplying a $(MKPROG)
-                                 variable; augmented NETLIBDEPTH
-                                 to use CORE_DEPTH but retain backward
-                                 compatibility; added JNI section;
-                                 modified .PRECIOUS rule;
-
-            The following files have been added:
-
-                - README:        this file; an ASCII-based text
-                                 document used to summarize the
-                                 ns/coreconf build system and
-                                 suitable (paginated) for printing
-
-                - jdk.mk:        a file comprising most (if not all)
-                                 of the default Java related build
-                                 information; the definitions in this
-                                 file are only included if NS_USE_JDK
-                                 has been defined
-
-                - jniregen.pl:   a perl script used to create a
-                                 dependency for when JNI files should
-                                 be regenerated (based upon any change
-                                 to the ".class" file from which the
-                                 ".h" file was originally generated)
-
-                - outofdate.pl:  a perl script used to create a
-                                 dependency for when ".class" files
-                                 should be regenerated (based upon
-                                 any change to the ".java" file
-                                 from which the ".class" file was
-                                 originally generated)
-
-        (2) As stated above, the ns/coreconf build system now separates
-            the link phase of a program from its compilation phase.
-            While ns/coreconf still works exactly as it used to because
-            the $(MKPROG) variable is assigned $(CC) by default, a developer
-            may now override this behavior by simply supplying their
-            own unique value for $(MKPROG) on every platform.  This allows
-            a program compiled with $(CC) to link with external libraries
-            that may contain "C++" linkage.  Before this change, a
-            programmer would need to reference their own local copy of
-            rules.mk (see the ns/sectools/cmd/pk12util program for
-            an example of how this used to be accomplished).
-
-        (3) Currently, the ns/coreconf build system differs from the
-            NSPR 2.0 build system which utilizes an "_s" to denote
-            static libraries from import libraries.  In fact, the
-            ns/coreconf build system adds no prefixes or suffixes to
-            distinguish one version of static libraries from another.
-            Note that both the ns/coreconf build system as well as the
-            NSPR 2.0 build system do nothing to provide a method of
-            distinguishing 16-bit from 32-bit static libraries on the
-            same machine, either, since:
-
-                a) this might only provide difficulty during
-                   development, since static libraries always
-                   need to be embedded within a program
-                   (note this is highly unlikely, since libraries
-                    for different platforms are subdivided via
-                    a well-known subdirectory structure, and
-                    a developer may use multiple trees for
-                    development),
-
-                b) this maintains backwards compatibility,
-                   something very important since no legacy
-                   programs will need to change their link phase, and
-
-                c) Netscape as a company has dropped any plans
-                   of future development of 16-bit products.
-
-        (4) Since several members of the Hardcore Security group did
-            not favor NSPR 2.0's solution of adding an "_s" to static
-            libraries on Windows platforms as a method to distinguish
-            them from their import library cousins, a different solution
-            was proposed and has been recently implemented for ns/coreconf:
-
-                - a 16 has been added as a suffix to both dynamic and
-                  import libraries built on 16-bit Windows platforms
-
-                - a 32 has been added as a suffix to both dynamic and
-                  import libraries built on 32-bit Windows platforms
-
-            Since, the HCL release process currently only contains a
-            single instance of building a dynamic library,
-            ns/security/lib/fortcrypt/fort12.dll, the impact of this
-            change should be relatively small.
-
-            It should be noted that although this would additionally
-            limit the 8.3 namespace on 16-bit platforms, it is highly
-            unlikely that any future development will be performed on
-            this platform.
-
-        (5) The $(LIBRARY_VERSION) tag has been added to all non-static
-            libraries created on UNIX operating systems to alleviate
-            any future confusion for binary releases which utilize this
-            tag.  Again, it should be noted that this tag is only
-            utilized on non-static libraries, since more than one
-            version of the library may need to exist simultaneously
-            if multiple products are utilized.
-
-            Currently, only one HCL released library utilizes this tag:
-
-                ns/security/lib/fortcrypt/fort12.a
-                (e. g. - in this library, the tag has been set to '12')
-
-            Again, it should be noted that although this would
-            additionally limit the 8.3 namespace on 16-bit platforms,
-            it is highly unlikely that any future development will be
-            performed on this platform.
-
-        (6) The $(JDK_DEBUG_SUFFIX) extension has been added to all
-            library and program names to support debug versions of
-            Java programs (e. g. - java_g, javac_g, etc).
-
-            Once again, it should be noted that although this would
-            additionally limit the 8.3 namespace on 16-bit platforms,
-            it is highly unlikely that any future Java development
-            will be performed on this platform.
-
-        (7) Most (if not all) default definitions for java have been
-            encapsulated within their own file, jdk.mk, which is
-            always included by default in ns/coreconf/config.mk.
-            However, the definitions within this file are only ever
-            activated if NS_USE_JDK has been set to be 1.
-
-
-        (8) Two perl scripts (jniregen.pl and outofdate.pl) have been
-            added to the system to foster a more robust development
-            environment for composing Java and JNI programs
-            utilizing the ns/coreconf build system.  Both of these
-            perl scripts are related to resolving dependencies which
-            can not be accomplished through normal makefile dependencies.
-
-        (9) This file, README, was created in an attempt to allow
-            developers who have familiarity with ns/coreconf a simple
-            roadmap for what has changed, as well as a top-level view of
-            what comprises ns/coreconf.  This file was written in
-            ASCII (rather than HTML) primarily to promote simple
-            paginated printing.
-
-OVERVIEW of "config.mk":
-
-    This file contains the configuration information necessary to
-    build each "Core Components" source module:
-
-        include file name       Purpose
-        ===================     =======================================
-        arch.mk                 source and release <architecture> tags
-
-        command.mk              default command macros 
-				(NOTE: may be overridden in $(OS_CONFIG).mk)
-
-        $(OS_CONFIG).mk         <architecture>-specific macros
-                                (dependent upon <architecture> tags)
-
-        platform.mk             source and release <platform> tags 
-				(dependent upon <architecture> tags)
-
-        tree.mk                 release <tree> tags 
-				(dependent upon <architecture> tags)
-
-        module.mk               source and release <component> tags 
-				(NOTE:  A component is also called a module 
-				or a subsystem.  This file is dependent upon
-                                $(MODULE) being defined on the command
-                                line, as an environment variable, or in
-                                individual makefiles, or more
-                                appropriately, manifest.mn)
-
-        version.mk              release <version> tags 
-				(dependent upon $(MODULE) being defined on 
-				the command line, as an environment variable, 
-				or in individual makefiles, or more
-                                appropriately, manifest.mn)
-
-        location.mk             macros to figure out binary code location
-                                (dependent upon <platform> tags)
-
-        source.mk               <component>-specific source path
-                                (dependent upon <user_source_tree>,
-                                <source_component>, <version>, and
-                                <platform> tags)
-
-        headers.mk              include switch for support header files 
-				(dependent upon <tree>, <component>, <version>,
-                                and <platform> tags)
-
-        prefix.mk               compute program prefixes
-
-        suffix.mk               compute program suffixes 
-				(dependent upon <architecture> tags)
-
-        jdk.mk                  define JDK 
-				(dependent upon <architecture>,
-                                <source>, and <suffix> tags)
-
-        ruleset.mk              Master "Core Components" rule set
-                                (should always be the last file
-                                included by config.mk)
-
-
-
-OVERVIEW of "rules.mk":
-
-    The "rules.mk" file consists of four sections.  The first section
-    contains the "master" build rules for all binary releases.  While
-    this section can (and should) largely be thought of as "language"
-    independent, it does utilize the "perl" scripting language to
-    perform both the "import" and "release" of binary modules.
-
-    The rules which dwell in this section and their purpose:
-
-
-        CATEGORY/rule::         Purpose
-        ===================     =======================================
-
-        GENERAL
-        -------
-        all::                   "default" all-encompassing rule which
-                                performs "export libs program install"
-
-        export::                recursively copy specified
-                                cross-platform header files to the
-                                $(SOURCE_XPHEADERS_DIR) directory;
-                                recursively copy specified
-                                machine-dependent header files to the
-                                $(SOURCE_MDHEADERS_DIR) directory;
-                                although all rules can be written to
-                                repetively "chain" into other sections,
-                                this rule is the most commonly used
-                                rule to "chain" into other sections
-                                such as Java providing a simple
-                                mechanism which allows no need for
-                                developers to memorize specialized
-                                rules
-
-        libs::                  recursively build
-                                static (archival) $(LIBRARY), shared
-                                (dynamic link) $(SHARED_LIBRARY),
-                                and/or import $(IMPORT_LIBRARY)
-                                libraries
-
-        program::               recursively build $(PROGRAM)
-                                executable
-
-        install::               recursively copy all libraries to
-                                $(SOURCE_LIB_DIR) directory;
-                                recursively copy all executables to
-                                $(SOURCE_BIN_DIR) directory
-
-        clean::                 remove all files specified in the
-                                $(ALL_TRASH) variable
-
-        clobber::               synonym for "clean::" rule
-
-        realclean::             remove all files specified by
-                                $(wildcard *.OBJ), dist, and in
-                                the $(ALL_TRASH) variable
-
-        clobber_all::           synonym for "realclean::" rule
-
-        private_export::        recursively copy specified
-                                cross-platform header files to the
-                                $(SOURCE_XPPRIVATE_DIR) directory
-
-
-        IMPORT
-        ------
-        import::                uses perl script to retrieve specified
-                                VERSION of the binary release from
-                                $(RELEASE_TREE)
-
-        RELEASE
-        -------
-        release_clean::         remove all files from the
-                                $(SOURCE_RELEASE_PREFIX) directory
-
-        release::               place specified VERSION of the
-                                binary release in the appropriate
-                                $(RELEASE_TREE) directory
-
-        release_export::        recursively copy specified
-                                cross-platform header files to the
-                                $(SOURCE_XPHEADERS_DIR)/include
-                                directory
-
-        release_md::            recursively copy all libraries to
-                                $(SOURCE_RELEASE_PREFIX)/
-                                $(SOURCE_RELEASE_LIB_DIR) directory;
-                                recursively copy all executables to
-                                $(SOURCE_RELEASE_PREFIX)/
-                                $(SOURCE_RELEASE_BIN_DIR) directory
-
-        release_jars::          use perl script to package appropriate
-                                files in the $(XPCLASS_JAR),
-                                $(XPHEADER_JAR), $(MDHEADER_JAR), and
-                                $(MDBINARY_JAR) jar files
-
-        release_cpdistdir::     use perl script to copy the
-                                $(XPCLASS_JAR), $(XPHEADER_JAR),
-                                $(MDHEADER_JAR), and $(MDBINARY_JAR)
-                                jar files to the specified VERSION
-                                of the $(RELEASE_TREE) directory
-
-
-
-        TOOLS and AUTOMATION
-        --------------------
-        platform::              tool used to display the platform name
-                                as composed within the "arch.mk" file
-
-        autobuild::             automation rule used by "Bonsai" and
-                                "Tinderbox" to automatically generate
-                                binary releases on various platforms
-
-        tests::                 automation tool used to run the
-                                "regress" and "reporter" tools 
-                                on various regression test suites
-
-    The second section of "rules.mk" primarily contains several
-    "language" dependent build rules for binary releases.  These are
-    generally "computed" rules (created on the "fly"), and include
-    rules used by "C", "C++", assembly, the preprocessor, perl, and
-    the shell.
-
-    The rules which dwell in this section and their purpose:
-
-
-        CATEGORY/rule::                   Purpose
-        ===================               =============================
-
-        LIBRARIES
-        ---------
-        $(LIBRARY):                       build the static library
-                                          specified by the $(LIBRARY)
-                                          variable
-
-        $(IMPORT_LIBRARY):                build the import library
-                                          specified by the
-                                          $(IMPORT_LIBRARY) variable
-
-        $(SHARED_LIBRARY):                build the shared
-                                          (dynamic link) library
-                                          specified by the
-                                          $(SHARED_LIBRARY) variable
-
-
-        PROGRAMS
-        --------
-        $(PROGRAM):                       build the binary executable
-                                          specified by the $(PROGRAM)
-                                          rule
-
-        $(OBJDIR)/
-        $(PROG_PREFIX)%.pure:             build the "purified" binary
-                                          executable specified by this
-                                          rule
-
-
-        OBJECTS
-        -------
-        $(OBJDIR)/
-        $(PROG_PREFIX)%$(OBJ_SUFFIX):     build the object file
-                                          associated with the
-                                          makefile rule dependency:
-
-                                              %.c   = C file
-                                              %.cpp = C++ file
-                                              %.cc  = C++ file
-                                              %.s   = assembly file
-                                              %.S   = assembly file
-
-        $(OBJDIR)/
-        $(PROG_PREFIX)%:                  (NOTE: deprecated rule)
-                                          build the object file
-                                          associated with the
-                                          makefile rule dependency:
-
-                                              %.cpp = C++ file
-
-        MISCELLANEOUS
-        -------------
-        $(DIRS)::                         specifies a helper method
-                                          used by $(LOOP_THROUGH_DIRS)
-                                          to recursively change
-                                          directories and invoke
-                                          $(MAKE)
-
-        %.i:                              build the preprocessor file
-                                          associated with the
-                                          makefile rule dependency:
-
-                                              %.c   = C file
-                                              %.cpp = C++ file
-
-        %:                                process the specified file
-                                          using the method associated
-                                          with the makefile rule
-                                          dependency:
-
-                                              %.pl = perl script
-                                              %.sh = shell script
-
-        alltags:                          tool used to recursively
-                                          create a "ctags"-style
-                                          file for reference
-
-    The third section of "rules.mk' primarily contains several JAVA
-    "language" build rules for binary releases.  These are also
-    generally "computed" rules (created on the "fly").
-
-    The rules which dwell in this section and their purpose:
-
-
-        CATEGORY/rule::                   Purpose
-        ===================               =============================
-        $(JAVA_DESTPATH)::                create directory specified
-                                          as the Java destination path
-                                          for where classes are
-                                          deposited
-
-        $(JAVA_DESTPATH)/$(PACKAGE)::     create directories specified
-                                          within the $(PACKAGE)
-                                          variable
-
-        $(JMCSRCDIR)::                    create directory specified
-                                          as the JMC destination path
-
-        $(JRI_HEADER_CFILES):             used to generate/regenerate
-                                          JRI header files for "C"
-
-        $(JRI_STUB_CFILES):               used to generate/regenerate
-                                          JRI stub files for "C"
-
-        $(JNI_HEADERS):                   used to generate/regenerate
-                                          JNI header files for "C"
-
-    The fourth section of "rules.mk" primarily contains miscellaneous
-    build rules for binary releases.  Many of these rules are here to
-    create new subdirectories, manage dependencies, and/or override
-    standard gmake "Makefile" rules.
-
-    The rules which dwell in this section and their purpose:
-
-
-        CATEGORY/rule::                   Purpose
-        ===================               =============================
-
-        $(PUBLIC_EXPORT_DIR)::            create directory used to
-                                          house public "C" header files
-
-        $(PRIVATE_EXPORT_DIR)::           create directory used to
-                                          house private "C" header
-                                          files
-
-        $(SOURCE_XP_DIR)/
-        release/include::                 create directory used to
-                                          house "C" header files
-                                          contained in a release
-
-        $(MKDEPENDENCIES)::               for UNIX systems, create
-                                          a directory used to house
-                                          dependencies and utilize
-                                          the $(MKDEPEND) rule to
-                                          create them
-
-        $(MKDEPEND)::                     cd to the dependency
-                                          directory and create them
-
-        depend::                          if $(OBJS) exist, perform the
-                                          $(MKDEPEND) rule followed by
-                                          the $(MKDEPENDENCIES) rule
-
-        dependclean::                     remove all files contained
-                                          in the dependency repository
-
-        .DEFAULT:                         standard gmake rule
-
-        .SUFFIXES:                        standard gmake rule
-
-        .PRECIOUS:                        standard gmake rule
-
-        .PHONY:                           standard gmake rule
-
diff --git a/security/coreconf/ReliantUNIX.mk b/security/coreconf/ReliantUNIX.mk
deleted file mode 100644
index a3c79ce82..000000000
--- a/security/coreconf/ReliantUNIX.mk
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for ReliantUNIX
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
-	## gcc-2.7.2 homebrewn
-	CC          = gcc
-	CCC         = g++
-	AS          = $(CC)
-	ASFLAGS     += -x assembler-with-cpp
-	LD          = gld
-	ODD_CFLAGS  = -pipe -Wall -Wno-format
-	ifdef BUILD_OPT
-		OPTIMIZER += -O6
-	endif
-	MKSHLIB     = $(LD)
-	MKSHLIB    += -G -h $(@:$(OBJDIR)/%.so=%.so)
-	DSO_LDOPTS += -G -Xlinker -Blargedynsym
-else
-	## native compiler (CDS++ 1.0)
-#	CC   = /usr/bin/cc
-	CC   = cc
-	CCC  = /usr/bin/CC
-	AS   = /usr/bin/cc
-	ODD_CFLAGS  = 
-	ifdef BUILD_OPT
-		OPTIMIZER += -O -F Olimit,4000
-	endif
-	MKSHLIB     = $(CC)
-	MKSHLIB    += -G -h $(@:$(OBJDIR)/%.so=%.so)
-	DSO_LDOPTS += -G -W l,-Blargedynsym
-endif
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-NOSUCHFILE  = /sni-rm-f-sucks
-ODD_CFLAGS += -DSVR4 -DSNI -DRELIANTUNIX
-CPU_ARCH    = mips
-RANLIB      = /bin/true
-
-# For purify
-NOMD_OS_CFLAGS += $(ODD_CFLAGS)
-
-# we do not have -MDupdate ...
-OS_CFLAGS   += $(NOMD_OS_CFLAGS)
-OS_LIBS     += -lsocket -lnsl -lresolv -lgen -ldl -lc /usr/ucblib/libucb.a
-
-ifdef DSO_BACKEND
-	DSO_LDOPTS += -h $(DSO_NAME)
-endif
diff --git a/security/coreconf/ReliantUNIX5.4.mk b/security/coreconf/ReliantUNIX5.4.mk
deleted file mode 100644
index a5bca60a3..000000000
--- a/security/coreconf/ReliantUNIX5.4.mk
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for ReliantUNIX5.4
-#
-include $(CORE_DEPTH)/coreconf/ReliantUNIX.mk
diff --git a/security/coreconf/SCOOS5.0.mk b/security/coreconf/SCOOS5.0.mk
deleted file mode 100644
index b3370a1fd..000000000
--- a/security/coreconf/SCOOS5.0.mk
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SCO OpenServer 5.0 for x86.
-#
-
-include $(CORE_DEPTH)/coreconf/SCO_SV3.2.mk
diff --git a/security/coreconf/SCO_SV3.2.mk b/security/coreconf/SCO_SV3.2.mk
deleted file mode 100644
index 4683783ee..000000000
--- a/security/coreconf/SCO_SV3.2.mk
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SCO Unix for x86.
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-CC         = cc
-OS_CFLAGS += -b elf -KPIC
-CCC        = g++
-CCC       += -b elf -DPRFSTREAMS_BROKEN -I/usr/local/lib/g++-include
-# CCC      = $(CORE_DEPTH)/build/hcpp
-# CCC     += +.cpp +w
-RANLIB     = /bin/true
-
-#
-# -DSCO_PM - Policy Manager AKA: SCO Licensing
-# -DSCO - Changes to Netscape source (consistent with AIX, LINUX, etc..)
-# -Dsco - Needed for /usr/include/X11/*
-#
-OS_CFLAGS   += -DSCO_SV -DSYSV -D_SVID3 -DHAVE_STRERROR -DSW_THREADS -DSCO_PM -DSCO -Dsco
-#OS_LIBS     += -lpmapi -lsocket -lc
-MKSHLIB      = $(LD)
-MKSHLIB     += $(DSO_LDOPTS)
-XINC         = /usr/include/X11
-MOTIFLIB    += -lXm
-INCLUDES    += -I$(XINC)
-CPU_ARCH     = x86
-GFX_ARCH     = x
-ARCH         = sco
-LOCALE_MAP   = $(CORE_DEPTH)/cmd/xfe/intl/sco.lm
-EN_LOCALE    = C
-DE_LOCALE    = de_DE.ISO8859-1
-FR_LOCALE    = fr_FR.ISO8859-1
-JP_LOCALE    = ja
-SJIS_LOCALE  = ja_JP.SJIS
-KR_LOCALE    = ko_KR.EUC
-CN_LOCALE    = zh
-TW_LOCALE    = zh
-I2_LOCALE    = i2
-LOC_LIB_DIR  = /usr/lib/X11
-NOSUCHFILE   = /solaris-rm-f-sucks
-BSDECHO      = /bin/echo
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-#
-# These defines are for building unix plugins
-#
-BUILD_UNIX_PLUGINS  = 1
-#DSO_LDOPTS         += -b elf -G -z defs
-DSO_LDOPTS         += -b elf -G
-DSO_LDFLAGS        += -nostdlib -L/lib -L/usr/lib -lXm -lXt -lX11 -lgen
-
-# Used for Java compiler
-EXPORT_FLAGS += -W l,-Bexport
diff --git a/security/coreconf/SunOS4.1.3_U1.mk b/security/coreconf/SunOS4.1.3_U1.mk
deleted file mode 100644
index 1bea16fc3..000000000
--- a/security/coreconf/SunOS4.1.3_U1.mk
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS4.1
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-INCLUDES += -I/usr/dt/include -I/usr/openwin/include -I/home/motif/usr/include
-
-# SunOS 4 _requires_ that shared libs have a version number.
-# XXX FIXME: Version number should use NSPR_VERSION_NUMBER?
-DLL_SUFFIX = so.1.0
-CC         = gcc
-RANLIB     = ranlib
-CPU_ARCH   = sparc
-
-# Purify doesn't like -MDupdate
-NOMD_OS_CFLAGS += -Wall -Wno-format -DSUNOS4
-OS_CFLAGS      += $(DSO_CFLAGS) $(NOMD_OS_CFLAGS) -MDupdate $(DEPENDENCIES)
-MKSHLIB         = $(LD)
-MKSHLIB        += $(DSO_LDOPTS)
-NOSUCHFILE      = /solaris-rm-f-sucks
-DSO_LDOPTS      =
-
-# -fPIC generates position-independent code for use in a shared library.
-DSO_CFLAGS += -fPIC
diff --git a/security/coreconf/SunOS5.10.mk b/security/coreconf/SunOS5.10.mk
deleted file mode 100644
index afa7ed030..000000000
--- a/security/coreconf/SunOS5.10.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.10
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.10)
-	OS_DEFINES += -DSOLARIS2_10
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc 
diff --git a/security/coreconf/SunOS5.3.mk b/security/coreconf/SunOS5.3.mk
deleted file mode 100644
index e103d9f57..000000000
--- a/security/coreconf/SunOS5.3.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.3
-#
-
-SOL_CFLAGS =
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
diff --git a/security/coreconf/SunOS5.4.mk b/security/coreconf/SunOS5.4.mk
deleted file mode 100644
index fe24c33e0..000000000
--- a/security/coreconf/SunOS5.4.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.4
-#
-
-SOL_CFLAGS =
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
diff --git a/security/coreconf/SunOS5.4_i86pc.mk b/security/coreconf/SunOS5.4_i86pc.mk
deleted file mode 100644
index 35dfdb86a..000000000
--- a/security/coreconf/SunOS5.4_i86pc.mk
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 2.4 on x86
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
-	CC		= gcc
-	OS_CFLAGS	+= -Wall -Wno-format
-	CCC		= g++
-	CCC		+= -Wall -Wno-format
-	ASFLAGS		+= -x assembler-with-cpp
-	OS_CFLAGS	+= $(NOMD_OS_CFLAGS)
-	ifdef USE_MDUPDATE
-		OS_CFLAGS += -MDupdate $(DEPENDENCIES)
-	endif
-else
-	CC		= cc
-	CCC		= CC
-	ASFLAGS		+= -Wa,-P
-	OS_CFLAGS	+= $(NOMD_OS_CFLAGS)
-endif
-
-CPU_ARCH	= x86
-
-MKSHLIB		= $(LD)
-MKSHLIB		+= $(DSO_LDOPTS)
-NOSUCHFILE	= /solx86-rm-f-sucks
-RANLIB		= echo
-
-# for purify
-NOMD_OS_CFLAGS	+= -DSVR4 -DSYSV -D_REENTRANT -DSOLARIS -D__svr4__ -Di386
-
-DSO_LDOPTS	+= -G
diff --git a/security/coreconf/SunOS5.5.1.mk b/security/coreconf/SunOS5.5.1.mk
deleted file mode 100644
index f85932b59..000000000
--- a/security/coreconf/SunOS5.5.1.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.5.1
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.5.1)
-	OS_DEFINES += -DSOLARIS2_5
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc 
diff --git a/security/coreconf/SunOS5.5.1_i86pc.mk b/security/coreconf/SunOS5.5.1_i86pc.mk
deleted file mode 100644
index a8a111dde..000000000
--- a/security/coreconf/SunOS5.5.1_i86pc.mk
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 2.5.1 on x86
-# 
-
-SOL_CFLAGS	= -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH		= x86
-ARCHFLAG		=
-OS_DEFINES		+= -Di386
-
-ifeq ($(OS_RELEASE),5.5.1_i86pc)
-	OS_DEFINES += -DSOLARIS2_5
-endif
diff --git a/security/coreconf/SunOS5.5.mk b/security/coreconf/SunOS5.5.mk
deleted file mode 100644
index e83356f15..000000000
--- a/security/coreconf/SunOS5.5.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.5
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.5)
-	OS_DEFINES += -DSOLARIS2_5
-endif
diff --git a/security/coreconf/SunOS5.6.mk b/security/coreconf/SunOS5.6.mk
deleted file mode 100644
index 774d2b7a6..000000000
--- a/security/coreconf/SunOS5.6.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.6
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.6)
-	OS_DEFINES += -DSOLARIS2_6
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc 
diff --git a/security/coreconf/SunOS5.6_i86pc.mk b/security/coreconf/SunOS5.6_i86pc.mk
deleted file mode 100644
index 763c6810f..000000000
--- a/security/coreconf/SunOS5.6_i86pc.mk
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 2.6 on x86
-# 
-
-SOL_CFLAGS	= -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH		= x86
-ARCHFLAG		=
-OS_DEFINES		+= -Di386
-
-ifeq ($(OS_RELEASE),5.6_i86pc)
-	OS_DEFINES += -DSOLARIS2_6
-endif
diff --git a/security/coreconf/SunOS5.7.mk b/security/coreconf/SunOS5.7.mk
deleted file mode 100644
index dd676e2a9..000000000
--- a/security/coreconf/SunOS5.7.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.7
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.7)
-	OS_DEFINES += -DSOLARIS2_7
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc 
diff --git a/security/coreconf/SunOS5.7_i86pc.mk b/security/coreconf/SunOS5.7_i86pc.mk
deleted file mode 100644
index 6ece4defb..000000000
--- a/security/coreconf/SunOS5.7_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 7 on x86
-# 
-
-SOL_CFLAGS	= -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH		= x86
-ARCHFLAG		=
-OS_DEFINES		+= -Di386
-
-ifeq ($(OS_RELEASE),5.7_i86pc)
-	OS_DEFINES += -DSOLARIS2_7
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.8.mk b/security/coreconf/SunOS5.8.mk
deleted file mode 100644
index 95fc01090..000000000
--- a/security/coreconf/SunOS5.8.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.8
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.8)
-	OS_DEFINES += -DSOLARIS2_8
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc 
diff --git a/security/coreconf/SunOS5.8_i86pc.mk b/security/coreconf/SunOS5.8_i86pc.mk
deleted file mode 100644
index 58b66b503..000000000
--- a/security/coreconf/SunOS5.8_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 8 on x86
-# 
-
-SOL_CFLAGS	= -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH		= x86
-ARCHFLAG		=
-OS_DEFINES		+= -Di386
-
-ifeq ($(OS_RELEASE),5.8_i86pc)
-	OS_DEFINES += -DSOLARIS2_8
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.9.mk b/security/coreconf/SunOS5.9.mk
deleted file mode 100755
index 63a1a003b..000000000
--- a/security/coreconf/SunOS5.9.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.9
-#
-
-SOL_CFLAGS += -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-ifeq ($(OS_RELEASE),5.9)
-	OS_DEFINES += -DSOLARIS2_9
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc 
diff --git a/security/coreconf/SunOS5.9_i86pc.mk b/security/coreconf/SunOS5.9_i86pc.mk
deleted file mode 100755
index 8ad8d0ba5..000000000
--- a/security/coreconf/SunOS5.9_i86pc.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for Solaris 9 on x86
-# 
-
-SOL_CFLAGS	= -D_SVID_GETTOD
-
-include $(CORE_DEPTH)/coreconf/SunOS5.mk
-
-CPU_ARCH		= x86
-ARCHFLAG		=
-OS_DEFINES		+= -Di386
-
-ifeq ($(OS_RELEASE),5.9_i86pc)
-	OS_DEFINES += -DSOLARIS2_9
-endif
-
-OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc
diff --git a/security/coreconf/SunOS5.mk b/security/coreconf/SunOS5.mk
deleted file mode 100644
index 47ed8333f..000000000
--- a/security/coreconf/SunOS5.mk
+++ /dev/null
@@ -1,158 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Config stuff for SunOS5.x
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-#
-# Temporary define for the Client; to be removed when binary release is used
-#
-ifdef MOZILLA_CLIENT
-	LOCAL_THREADS_ONLY = 1
-	ifndef NS_USE_NATIVE
-		NS_USE_GCC = 1
-	endif
-endif
-
-# Sun's WorkShop defines v8, v8plus and v9 architectures.
-# gcc on Solaris defines v8 and v9 "cpus".  
-# gcc's v9 is equivalent to Workshop's v8plus.
-# gcc apparently has no equivalent to Workshop's v9
-# We always use Sun's assembler and linker, which use Sun's naming convention.
-
-ifeq ($(USE_64), 1)
-  ifdef NS_USE_GCC
-      ARCHFLAG= UNKNOWN 
-  else
-      ARCHFLAG=-xarch=v9
-  endif
-      LD=/usr/ccs/bin/ld
-else
-  ifdef NS_USE_GCC
-    ifdef USE_HYBRID
-      ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plus
-    else
-      ARCHFLAG=-mcpu=v8
-    endif
-  else
-    ifdef USE_HYBRID
-      ARCHFLAG=-xarch=v8plus
-    else
-      ARCHFLAG=-xarch=v8
-    endif
-  endif
-endif
-
-#
-# The default implementation strategy for Solaris is classic nspr.
-#
-ifeq ($(USE_PTHREADS),1)
-	IMPL_STRATEGY = _PTH
-else
-	ifeq ($(LOCAL_THREADS_ONLY),1)
-		IMPL_STRATEGY = _LOCAL
-	endif
-endif
-
-#
-# Temporary define for the Client; to be removed when binary release is used
-#
-ifdef MOZILLA_CLIENT
-	IMPL_STRATEGY =
-endif
-
-DEFAULT_COMPILER = cc
-
-ifdef NS_USE_GCC
-	CC         = gcc
-	OS_CFLAGS += -Wall -Wno-format
-	CCC        = g++
-	CCC       += -Wall -Wno-format
-	ASFLAGS	  += -x assembler-with-cpp
-	OS_CFLAGS += $(NOMD_OS_CFLAGS)
-	ifdef USE_MDUPDATE
-		OS_CFLAGS += -MDupdate $(DEPENDENCIES)
-	endif
-	OS_CFLAGS += $(ARCHFLAG)
-else
-	CC         = cc
-	CCC        = CC
-	ASFLAGS   += -Wa,-P
-	OS_CFLAGS += $(NOMD_OS_CFLAGS) $(ARCHFLAG)
-	ifndef BUILD_OPT
-		OS_CFLAGS  += -xs
-#	else
-#		OPTIMIZER += -fast
-	endif
-
-endif
-
-INCLUDES   += -I/usr/dt/include -I/usr/openwin/include
-
-RANLIB      = echo
-CPU_ARCH    = sparc
-OS_DEFINES += -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS
-
-ifneq ($(LOCAL_THREADS_ONLY),1)
-	OS_DEFINES		+= -D_REENTRANT
-endif
-
-# Purify doesn't like -MDupdate
-NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS)
-
-MKSHLIB  = $(LD) $(DSO_LDOPTS)
-ifdef MAPFILE
-    MKSHLIB += -M $(MAPFILE)
-endif
-PROCESS_MAP_FILE = grep -v ';-' $(LIBRARY_NAME).def | \
-         sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@
-
-
-
-
-# ld options:
-# -G: produce a shared object
-# -z defs: no unresolved symbols allowed
-DSO_LDOPTS += -G -h $(notdir $@)
-
-# -KPIC generates position independent code for use in shared libraries.
-# (Similarly for -fPIC in case of gcc.)
-ifdef NS_USE_GCC
-	DSO_CFLAGS += -fPIC
-else
-	DSO_CFLAGS += -KPIC
-endif
-
-NOSUCHFILE   = /solaris-rm-f-sucks
-
diff --git a/security/coreconf/UNIX.mk b/security/coreconf/UNIX.mk
deleted file mode 100644
index b47bb8ac4..000000000
--- a/security/coreconf/UNIX.mk
+++ /dev/null
@@ -1,92 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-XP_DEFINE  += -DXP_UNIX
-LIB_SUFFIX  = a
-DLL_SUFFIX  = so
-AR          = ar
-AR         += cr $@
-LDOPTS     += -L$(SOURCE_LIB_DIR)
-
-ifdef BUILD_OPT
-	OPTIMIZER  += -O
-	DEFINES    += -UDEBUG -DNDEBUG
-else
-	OPTIMIZER  += -g
-	DEFINES    += -DDEBUG -UNDEBUG -DDEBUG_$(shell whoami)
-endif
-
-ifdef BUILD_TREE
-NSINSTALL_DIR  = $(BUILD_TREE)/nss
-NSINSTALL      = $(BUILD_TREE)/nss/nsinstall
-else
-NSINSTALL_DIR  = $(CORE_DEPTH)/coreconf/nsinstall
-NSINSTALL      = $(NSINSTALL_DIR)/$(OBJDIR_NAME)/nsinstall
-endif
-
-MKDEPEND_DIR    = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND        = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend
-MKDEPENDENCIES  = $(OBJDIR_NAME)/depend.mk
-
-####################################################################
-#
-# One can define the makefile variable NSDISTMODE to control
-# how files are published to the 'dist' directory.  If not
-# defined, the default is "install using relative symbolic
-# links".  The two possible values are "copy", which copies files
-# but preserves source mtime, and "absolute_symlink", which
-# installs using absolute symbolic links.  The "absolute_symlink"
-# option requires NFSPWD.
-#   - THIS IS NOT PART OF THE NEW BINARY RELEASE PLAN for 9/30/97
-#   - WE'RE KEEPING IT ONLY FOR BACKWARDS COMPATIBILITY
-####################################################################
-
-ifeq ($(NSDISTMODE),copy)
-	# copy files, but preserve source mtime
-	INSTALL  = $(NSINSTALL)
-	INSTALL += -t
-else
-	ifeq ($(NSDISTMODE),absolute_symlink)
-		# install using absolute symbolic links
-		INSTALL  = $(NSINSTALL)
-		INSTALL += -L `$(NFSPWD)`
-	else
-		# install using relative symbolic links
-		INSTALL  = $(NSINSTALL)
-		INSTALL += -R
-	endif
-endif
-
-define MAKE_OBJDIR
-if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi
-endef
diff --git a/security/coreconf/UNIXWARE2.1.mk b/security/coreconf/UNIXWARE2.1.mk
deleted file mode 100644
index da6e2e895..000000000
--- a/security/coreconf/UNIXWARE2.1.mk
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for SCO Unixware 2.1
-#
-
-include $(CORE_DEPTH)/coreconf/UNIX.mk
-
-DEFAULT_COMPILER = $(CORE_DEPTH)/build/hcc
-
-CC         = $(CORE_DEPTH)/build/hcc
-CCC         = $(CORE_DEPTH)/build/hcpp
-RANLIB      = true
-OS_CFLAGS   = -KPIC -DSVR4 -DSYSV -DUNIXWARE
-MKSHLIB     = $(LD)
-MKSHLIB    += $(DSO_LDOPTS)
-DSO_LDOPTS += -G
-CPU_ARCH    = x86
-ARCH        = sco
-NOSUCHFILE  = /solaris-rm-f-sucks
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
diff --git a/security/coreconf/WIN16.mk b/security/coreconf/WIN16.mk
deleted file mode 100644
index 00121150c..000000000
--- a/security/coreconf/WIN16.mk
+++ /dev/null
@@ -1,209 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# win16_3.11.mk -- Make configuration for Win16
-#
-# This file configures gmake to build the Win16 variant of
-# NSPR 2.0. This file has the function of two files commonly
-# used on other platforms, for example: winnt.mk and
-# winnt4.0.mk. ... The packaging is easier and there is only
-# one variant of the Win16 target.
-# 
-# Win16 is built using the Watcom C/C++ version 11.0
-# compiler. You gotta set up the compiler first. 
-# The Watcom compiler depends on a few environment
-# variables; these environment variables define where the
-# compiler components are installed; they must be set before
-# running the make.
-# 
-# Notes:
-# OS_CFLAGS is the command line options for the compiler when
-#   building the .DLL object files.
-# OS_EXE_CFLAGS is the command line options for the compiler
-#   when building the .EXE object files; this is for the test
-#   programs.
-# the macro OS_CFLAGS is set to OS_EXE_CFLAGS inside of the
-#   makefile for the pr/tests directory. ... Hack.
-# 
-# 
-# 
-# 
-
-# -- configuration -----------------------------------------
-
-DEFAULT_COMPILER = wcc
-
-CC           = wcc
-CCC          = wcl
-LINK         = wlink
-AR           = wlib
-AR          += -q $@
-RC           = wrc.exe
-RC          += /r /dWIN16=1 /bt=windows
-RANLIB       = echo
-BSDECHO      = echo
-NSINSTALL_DIR  = $(CORE_DEPTH)/coreconf/nsinstall
-NSINSTALL      = nsinstall
-INSTALL	     = $(NSINSTALL)
-MAKE_OBJDIR  = mkdir
-MAKE_OBJDIR += $(OBJDIR)
-XP_DEFINE   += -DXP_PC
-LIB_SUFFIX   = lib
-DLL_SUFFIX   = dll
-
-ifdef BUILD_OPT
-	OPTIMIZER   = -oneatx -oh -oi -ei -3 -fpi87 -fp3
-else
-	OPTIMIZER  += -d2 -hc -DDEBUG
-#	OPTIMIZER  += -d2 -hw -DDEBUG
-#	LDFLAGS  += -DEBUG -DEBUGTYPE:CV
-endif
-
-#
-# $(CPU_ARCH) has been commented out so that its contents
-# are not added to the WIN16_?.OBJ names thus expanding
-# them beyond the 8.3 character limit for this platform.
-#
-#CPU_ARCH       = x386
-#
-# added "-s" to avoid dependency on watcom's libs (e.g. on _STK)
-# added "-zt3" for compatibility with MSVC's "/Gt3" option
-#
-OS_CFLAGS     += -ml -3 -bd -zc -zu -bt=windows -s -zt3 -d_X86_ -dWIN16 -d_WINDLL 
-#OS_EXE_CFLAGS += -ml -3 -bt=windows -d_X86_ -dWIN16
-OS_LIB_FLAGS   = -c -iro
-
-# Name of the binary code directories
-OS_DLL_OPTION = CASEEXACT
-OS_DLLFLAGS  =
-OS_LIBS      =
-W16_EXPORTS  = #
-ifdef MAPFILE
-# Add LD options to restrict exported symbols to those in the map file
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = copy $(LIBRARY_NAME).def $@
-
-
-#
-#  The following is NOT needed for the NSPR 2.0 library.
-#
-
-OS_CFLAGS += -d_WINDOWS -d_MSC_VER=700
-
-#
-# override the definitions of RELEASE_TREE found in tree.mk
-#
-ifndef RELEASE_TREE
-    ifdef BUILD_SHIP
-	ifdef USE_SHIPS
-	    RELEASE_TREE = $(NTBUILD_SHIP)
-	else
-	    RELEASE_TREE = //redbuild/components
-	endif
-    else
-	RELEASE_TREE = //redbuild/components
-    endif
-endif
-
-#
-# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk
-#
-ifndef LIB_PREFIX
-    LIB_PREFIX =  $(NULL)
-endif
-
-ifndef DLL_PREFIX
-    DLL_PREFIX =  $(NULL)
-endif
-
-#
-# override the definitions of various _SUFFIX symbols in suffix.mk
-#
-
-#
-# Object suffixes
-#
-ifndef OBJ_SUFFIX
-    OBJ_SUFFIX = .obj
-endif
-
-#
-# Assembler source suffixes
-#
-ifndef ASM_SUFFIX
-    ASM_SUFFIX = .asm
-endif
-
-#
-# Library suffixes
-#
-ifndef IMPORT_LIB_SUFFIX
-    IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
-    DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes
-#
-ifndef PROG_SUFFIX
-    PROG_SUFFIX = .exe
-endif
-
-#
-# When the processor is NOT 386-based on Windows NT, override the
-# value of $(CPU_TAG).  For WinNT, 95, 16, not CE.
-#
-ifneq ($(CPU_ARCH),x386)
-    CPU_TAG = _$(CPU_ARCH)
-endif
-
-#
-# override ruleset.mk, removing the "lib" prefix for library names, and
-# adding the "32" after the LIBRARY_VERSION.
-#
-ifdef LIBRARY_NAME
-    SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
-    IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
-    TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
diff --git a/security/coreconf/WIN32.mk b/security/coreconf/WIN32.mk
deleted file mode 100644
index 1c438cf64..000000000
--- a/security/coreconf/WIN32.mk
+++ /dev/null
@@ -1,198 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Configuration common to all versions of Windows NT
-# and Windows 95
-#
-
-DEFAULT_COMPILER = cl
-
-CC           = cl
-CCC          = cl
-LINK         = link
-AR           = lib
-AR          += -NOLOGO -OUT:"$@"
-RANLIB       = echo
-BSDECHO      = echo
-
-ifdef BUILD_TREE
-NSINSTALL_DIR  = $(BUILD_TREE)/nss
-else
-NSINSTALL_DIR  = $(CORE_DEPTH)/coreconf/nsinstall
-endif
-NSINSTALL      = nsinstall
-
-MKDEPEND_DIR    = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND        = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend.exe
-# Note: MKDEPENDENCIES __MUST__ be a relative pathname, not absolute.
-# If it is absolute, gmake will crash unless the named file exists.
-MKDEPENDENCIES  = $(OBJDIR_NAME)/depend.mk
-
-INSTALL      = $(NSINSTALL)
-MAKE_OBJDIR  = mkdir
-MAKE_OBJDIR += $(OBJDIR)
-RC           = rc.exe
-GARBAGE     += $(OBJDIR)/vc20.pdb $(OBJDIR)/vc40.pdb
-XP_DEFINE   += -DXP_PC
-LIB_SUFFIX   = lib
-DLL_SUFFIX   = dll
-
-ifdef BUILD_OPT
-	OS_CFLAGS  += -MD
-	OPTIMIZER  += -O2
-	DEFINES    += -UDEBUG -U_DEBUG -DNDEBUG
-	DLLFLAGS   += -OUT:"$@"
-else
-	#
-	# Define USE_DEBUG_RTL if you want to use the debug runtime library
-	# (RTL) in the debug build
-	#
-	ifdef USE_DEBUG_RTL
-		OS_CFLAGS += -MDd
-	else
-		OS_CFLAGS += -MD
-	endif
-	OPTIMIZER  += -Od -Z7
-	#OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
-	DEFINES    += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
-	DLLFLAGS   += -DEBUG -DEBUGTYPE:CV -OUT:"$@"
-	LDFLAGS    += -DEBUG -DEBUGTYPE:CV
-endif
-
-DEFINES += -DWIN32
-ifdef MAPFILE
-DLLFLAGS += -DEF:$(MAPFILE)
-endif
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-
-#
-#  The following is NOT needed for the NSPR 2.0 library.
-#
-
-DEFINES += -D_WINDOWS
-
-# override default, which is ASFLAGS = CFLAGS
-AS	= ml.exe
-ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES)
-
-#
-# override the definitions of RELEASE_TREE found in tree.mk
-#
-ifndef RELEASE_TREE
-    ifdef BUILD_SHIP
-	ifdef USE_SHIPS
-	    RELEASE_TREE = $(NTBUILD_SHIP)
-	else
-	    RELEASE_TREE = //redbuild/components
-	endif
-    else
-	RELEASE_TREE = //redbuild/components
-    endif
-endif
-
-#
-# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk
-#
-
-ifndef LIB_PREFIX
-    LIB_PREFIX =  $(NULL)
-endif
-
-ifndef DLL_PREFIX
-    DLL_PREFIX =  $(NULL)
-endif
-
-#
-# override the definitions of various _SUFFIX symbols in suffix.mk
-#
-
-#
-# Object suffixes
-#
-ifndef OBJ_SUFFIX
-    OBJ_SUFFIX = .obj
-endif
-
-#
-# Assembler source suffixes
-#
-ifndef ASM_SUFFIX
-    ASM_SUFFIX = .asm
-endif
-
-#
-# Library suffixes
-#
-
-ifndef IMPORT_LIB_SUFFIX
-    IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
-    DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes
-#
-ifndef PROG_SUFFIX
-    PROG_SUFFIX = .exe
-endif
-
-#
-# When the processor is NOT 386-based on Windows NT, override the
-# value of $(CPU_TAG).  For WinNT, 95, 16, not CE.
-#
-ifneq ($(CPU_ARCH),x386)
-    CPU_TAG = _$(CPU_ARCH)
-endif
-
-#
-# override ruleset.mk, removing the "lib" prefix for library names, and
-# adding the "32" after the LIBRARY_VERSION.
-#
-ifdef LIBRARY_NAME
-    SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
-    IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
-    TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
-
diff --git a/security/coreconf/WIN954.0.mk b/security/coreconf/WIN954.0.mk
deleted file mode 100644
index 24a44c1ff..000000000
--- a/security/coreconf/WIN954.0.mk
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WIN95
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
-	OS_CFLAGS += -W3 -nologo
-	DEFINES += -D_X86_
-else 
-	ifeq ($(CPU_ARCH), MIPS)
-		#OS_CFLAGS += -W3 -nologo
-		#DEFINES += -D_MIPS_
-		OS_CFLAGS  += -W3 -nologo
-	else 
-		ifeq ($(CPU_ARCH), ALPHA)
-			OS_CFLAGS += -W3 -nologo
-			DEFINES += -D_ALPHA_=1
-		endif
-	endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-DEFINES += -DWIN95
diff --git a/security/coreconf/WINCE.mk b/security/coreconf/WINCE.mk
deleted file mode 100644
index 035e3c884..000000000
--- a/security/coreconf/WINCE.mk
+++ /dev/null
@@ -1,207 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Configuration common to all versions of Windows CE and Pocket PC x.
-#
-
-ifeq ($(CPU_ARCH),x86)
-    DEFAULT_COMPILER = cl
-    CC           = cl
-    CCC          = cl
-else
-ifeq ($(CPU_ARCH),ARM)
-    DEFAULT_COMPILER = clarm
-    CC           = clarm
-    CCC          = clarm
-else
-include CPU_ARCH_is_not_recognized
-include _$(CPU_ARCH)
-endif
-endif
-
-LINK         = link
-AR           = lib
-AR          += -NOLOGO -OUT:"$@"
-RANLIB       = echo
-BSDECHO      = echo
-
-ifdef BUILD_TREE
-NSINSTALL_DIR  = $(BUILD_TREE)/nss
-else
-NSINSTALL_DIR  = $(CORE_DEPTH)/coreconf/nsinstall
-endif
-NSINSTALL      = nsinstall
-
-MKDEPEND_DIR    = $(CORE_DEPTH)/coreconf/mkdepend
-MKDEPEND        = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend.exe
-# Note: MKDEPENDENCIES __MUST__ be a relative pathname, not absolute.
-# If it is absolute, gmake will crash unless the named file exists.
-MKDEPENDENCIES  = $(OBJDIR_NAME)/depend.mk
-
-INSTALL      = $(NSINSTALL)
-MAKE_OBJDIR  = mkdir
-MAKE_OBJDIR += $(OBJDIR)
-RC           = rc.exe
-GARBAGE     += $(OBJDIR)/vc20.pdb $(OBJDIR)/vc40.pdb
-XP_DEFINE   += -DXP_PC
-LIB_SUFFIX   = lib
-DLL_SUFFIX   = dll
-
-ifdef BUILD_OPT
-#   OS_CFLAGS  += -MD
-    OPTIMIZER  += -O2
-    DEFINES    += -UDEBUG -U_DEBUG -DNDEBUG
-    DLLFLAGS   += -OUT:"$@"
-else
-    #
-    # Define USE_DEBUG_RTL if you want to use the debug runtime library
-    # (RTL) in the debug build
-    #
-    ifdef USE_DEBUG_RTL
-#	OS_CFLAGS += -MDd
-    else
-#	OS_CFLAGS += -MD
-    endif
-    OPTIMIZER  += -Od -Z7
-    #OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
-    DEFINES    += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
-    DLLFLAGS   += -DEBUG -DEBUGTYPE:CV -OUT:"$@"
-    LDFLAGS    += -DEBUG -DEBUGTYPE:CV
-endif
-
-# DEFINES += -DWIN32
-
-ifdef MAPFILE
-    DLLFLAGS += -DEF:$(MAPFILE)
-endif
-
-# Change PROCESS to put the mapfile in the correct format for this platform
-PROCESS_MAP_FILE = cp $(LIBRARY_NAME).def $@
-
-#
-#  The following is NOT needed for the NSPR 2.0 library.
-#
-
-DEFINES += -D_WINDOWS
-
-# override default, which is ASFLAGS = CFLAGS
-AS	= ml.exe
-ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES)
-
-#
-# override the definitions of RELEASE_TREE found in tree.mk
-#
-ifndef RELEASE_TREE
-    ifdef BUILD_SHIP
-	ifdef USE_SHIPS
-	    RELEASE_TREE = $(NTBUILD_SHIP)
-	else
-	    RELEASE_TREE = //redbuild/components
-	endif
-    else
-	RELEASE_TREE = //redbuild/components
-    endif
-endif
-
-#
-# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk
-#
-
-ifndef LIB_PREFIX
-    LIB_PREFIX =  $(NULL)
-endif
-
-ifndef DLL_PREFIX
-    DLL_PREFIX =  $(NULL)
-endif
-
-#
-# override the definitions of various _SUFFIX symbols in suffix.mk
-#
-
-#
-# Object suffixes
-#
-ifndef OBJ_SUFFIX
-    OBJ_SUFFIX = .obj
-endif
-
-#
-# Assembler source suffixes
-#
-ifndef ASM_SUFFIX
-    ASM_SUFFIX = .asm
-endif
-
-#
-# Library suffixes
-#
-
-ifndef IMPORT_LIB_SUFFIX
-    IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
-    DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes
-#
-ifndef PROG_SUFFIX
-    PROG_SUFFIX = .exe
-endif
-
-#
-# override ruleset.mk, removing the "lib" prefix for library names, and
-# adding the "32" after the LIBRARY_VERSION.
-#
-ifdef LIBRARY_NAME
-    SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
-    IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
-endif
-
-#
-# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
-#
-ifndef TARGETS
-    TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
-endif
-
-
-#
-# Always set CPU_TAG on Linux, OpenVMS, WINCE.
-#
-CPU_TAG = _$(CPU_ARCH)
-
diff --git a/security/coreconf/WINCE3.0.mk b/security/coreconf/WINCE3.0.mk
deleted file mode 100644
index ddf7a4c7b..000000000
--- a/security/coreconf/WINCE3.0.mk
+++ /dev/null
@@ -1,99 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINCE 3.0 (MS Pocket PC 2002)
-#
-# CPU_ARCH must already be defined to one of:
-#   x86, ARM
-#
-# This makefile defines the following variables:
-# OS_CFLAGS, and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WINCE.mk
-
-CEVersion  = 300
-CePlatform = WIN32_PLATFORM_PSPC=310
-
-ifeq ($(CPU_ARCH), x86)
-    DEFINES += -D_X86_ -D_i386_ -Di_386_ -Dx86
-    OS_CFLAGS += -Gs8192 -GF
-    OS_DLLFLAGS += -machine:IX86
-else 
-ifeq ($(CPU_ARCH), ARM)
-    DEFINES += -DARM -D_ARM_
-    OS_DLLFLAGS += -machine:ARM
-else 
-    include CPU_ARCH_is_undefined
-endif
-endif
-
-DEFINES += -D_WIN32_WCE=300 -DUNDER_CE=300
-DEFINES += -DWIN32_PLATFORM_PSPC=310
-DEFINES += -DUNICODE -D_UNICODE
-OS_CFLAGS += -W3 -nologo
-
-OS_DLLFLAGS += -DLL 
-
-LINKFLAGS = -nologo -PDB:NONE -subsystem:windowsce,3.00 \
- -nodefaultlib:libc.lib \
- -nodefaultlib:libcd.lib \
- -nodefaultlib:libcmt.lib \
- -nodefaultlib:libcmtd.lib \
- -nodefaultlib:msvcrt.lib \
- -nodefaultlib:msvcrtd.lib \
- -nodefaultlib:oldnames.lib \
- $(NULL)
-
-LINK    += $(LINKFLAGS)
-LDFLAGS += $(LINKFLAGS)
-
-OS_LIBS= coredll.lib corelibc.lib
-
-#DLLBASE = -base:"0x00100000" -stack:0x10000,0x1000 -entry:"_DllMainCRTStartup"
-DLLBASE += -align:"4096"
-
-#SUB_SHLOBJS =
-#EXTRA_LIBS =
-#EXTRA_SHARED_LIBS =
-#OS_LIBS=
-#LD_LIBS=
-
-#
-# Win NT needs -GT so that fibers can work
-#
-#OS_CFLAGS += -GT
-#DEFINES += -DWINNT
-
-# WINNT uses the lib prefix, Win95 and WinCE don't
-#NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/WINNT3.51.mk b/security/coreconf/WINNT3.51.mk
deleted file mode 100644
index b422b2b56..000000000
--- a/security/coreconf/WINNT3.51.mk
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 3.51
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-# It has the following internal variables:
-# OS_PROC_CFLAGS and OS_WIN_CFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
-	OS_PROC_CFLAGS += -D_X86_
-else 
-	ifeq ($(CPU_ARCH), MIPS)
-		OS_PROC_CFLAGS += -D_MIPS_
-	else 
-		ifeq ($(CPU_ARCH), ALPHA)
-			OS_PROC_CFLAGS += -D_ALPHA_
-		endif
-	endif
-endif
-
-OS_WIN_CFLAGS += -W3
-OS_CFLAGS     += -nologo $(OS_WIN_CFLAGS) $(OS_PROC_CFLAGS)
-#OS_DLLFLAGS  += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS
-OS_DLLFLAGS   += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS     += -GT
-OS_CFLAGS     += -DWINNT
diff --git a/security/coreconf/WINNT4.0.mk b/security/coreconf/WINNT4.0.mk
deleted file mode 100644
index 7fc5a54d6..000000000
--- a/security/coreconf/WINNT4.0.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 4.0
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
-	OS_CFLAGS += -W3 -nologo
-	DEFINES += -D_X86_
-else 
-	ifeq ($(CPU_ARCH), MIPS)
-		#OS_CFLAGS += -W3 -nologo
-		#DEFINES += -D_MIPS_
-		OS_CFLAGS += -W3 -nologo
-	else 
-		ifeq ($(CPU_ARCH), ALPHA)
-			OS_CFLAGS += -W3 -nologo
-			DEFINES += -D_ALPHA_=1
-		endif
-	endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-DEFINES += -DWINNT
-
-NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/WINNT5.0.mk b/security/coreconf/WINNT5.0.mk
deleted file mode 100644
index 303b98007..000000000
--- a/security/coreconf/WINNT5.0.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 5.0 (Windows 2000)
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
-	OS_CFLAGS += -W3 -nologo
-	DEFINES += -D_X86_
-else 
-	ifeq ($(CPU_ARCH), MIPS)
-		#OS_CFLAGS += -W3 -nologo
-		#DEFINES += -D_MIPS_
-		OS_CFLAGS += -W3 -nologo
-	else 
-		ifeq ($(CPU_ARCH), ALPHA)
-			OS_CFLAGS += -W3 -nologo
-			DEFINES += -D_ALPHA_=1
-		endif
-	endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-DEFINES += -DWINNT
-
-NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/WINNT5.1.mk b/security/coreconf/WINNT5.1.mk
deleted file mode 100644
index f9c7ed1c8..000000000
--- a/security/coreconf/WINNT5.1.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Config stuff for WINNT 5.1 (Windows XP)
-#
-# This makefile defines the following variables:
-# OS_CFLAGS and OS_DLLFLAGS.
-
-include $(CORE_DEPTH)/coreconf/WIN32.mk
-
-ifeq ($(CPU_ARCH), x386)
-	OS_CFLAGS += -W3 -nologo
-	DEFINES += -D_X86_
-else 
-	ifeq ($(CPU_ARCH), MIPS)
-		#OS_CFLAGS += -W3 -nologo
-		#DEFINES += -D_MIPS_
-		OS_CFLAGS += -W3 -nologo
-	else 
-		ifeq ($(CPU_ARCH), ALPHA)
-			OS_CFLAGS += -W3 -nologo
-			DEFINES += -D_ALPHA_=1
-		endif
-	endif
-endif
-
-OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE
-#
-# Win NT needs -GT so that fibers can work
-#
-OS_CFLAGS += -GT
-DEFINES += -DWINNT
-
-NSPR31_LIB_PREFIX = lib
diff --git a/security/coreconf/arch.mk b/security/coreconf/arch.mk
deleted file mode 100644
index 277232c0c..000000000
--- a/security/coreconf/arch.mk
+++ /dev/null
@@ -1,333 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" macros for getting the OS architecture     #
-# defines these symbols:
-# 64BIT_TAG
-# OS_ARCH	(from uname -r)
-# OS_TEST	(from uname -m)
-# OS_RELEASE	(from uname -v and/or -r)
-# OS_TARGET	User defined, or set to OS_ARCH
-# CPU_ARCH  	(from unmame -m or -p, ONLY on WINNT)
-# OS_CONFIG	OS_TARGET + OS_RELEASE
-# OBJDIR_TAG
-# OBJDIR_NAME
-#######################################################################
-
-#
-# Macros for getting the OS architecture
-#
-
-ifeq ($(USE_64), 1)
-	64BIT_TAG=_64
-else
-	64BIT_TAG=
-endif
-
-OS_ARCH := $(subst /,_,$(shell uname -s))
-
-#
-# Attempt to differentiate between sparc and x86 Solaris
-#
-
-OS_TEST := $(shell uname -m)
-ifeq ($(OS_TEST),i86pc)
-    OS_RELEASE := $(shell uname -r)_$(OS_TEST)
-else
-    OS_RELEASE := $(shell uname -r)
-endif
-
-#
-# Force the IRIX64 machines to use IRIX.
-#
-
-ifeq ($(OS_ARCH),IRIX64)
-    OS_ARCH = IRIX
-endif
-
-#
-# Force the older BSD/OS versions to use the new arch name.
-#
-
-ifeq ($(OS_ARCH),BSD_386)
-    OS_ARCH = BSD_OS
-endif
-
-#
-# Catch Deterim if SVR4 is NCR or UNIXWARE
-#
-
-ifeq ($(OS_ARCH),UNIX_SV)
-    ifneq ($(findstring NCR, $(shell grep NCR /etc/bcheckrc | head -1 )),)
-	OS_ARCH = NCR
-    else
-	# Make UnixWare something human readable
-	OS_ARCH = UNIXWARE
-    endif
-
-    # Get the OS release number, not 4.2
-    OS_RELEASE := $(shell uname -v)
-endif
-
-ifeq ($(OS_ARCH),UNIX_System_V)
-    OS_ARCH	= NEC
-endif
-
-ifeq ($(OS_ARCH),AIX)
-    OS_RELEASE := $(shell uname -v).$(shell uname -r)
-endif
-
-#
-# Distinguish between OSF1 V4.0B and V4.0D
-#
-
-ifeq ($(OS_ARCH)$(OS_RELEASE),OSF1V4.0)
-    OS_VERSION := $(shell uname -v)
-    ifeq ($(OS_VERSION),564)
-	OS_RELEASE := V4.0B
-    endif
-    ifeq ($(OS_VERSION),878)
-	OS_RELEASE := V4.0D
-    endif
-endif
-
-#
-# SINIX changes name to ReliantUNIX with 5.43
-#
-
-ifeq ($(OS_ARCH),ReliantUNIX-N)
-    OS_ARCH    = ReliantUNIX
-    OS_RELEASE = 5.4
-endif
-
-ifeq ($(OS_ARCH),SINIX-N)
-    OS_ARCH    = ReliantUNIX
-    OS_RELEASE = 5.4
-endif
-
-#
-# Handle FreeBSD 2.2-STABLE and Linux 2.0.30-osfmach3
-#
-
-ifeq (,$(filter-out Linux FreeBSD,$(OS_ARCH)))
-    OS_RELEASE := $(shell echo $(OS_RELEASE) | sed 's/-.*//')
-endif
-
-ifeq ($(OS_ARCH),Linux)
-    OS_RELEASE := $(basename $(OS_RELEASE))
-endif
-
-#
-# For OS/2
-#
-ifeq ($(OS_ARCH),OS_2)
-    OS_ARCH = OS2
-    OS_RELEASE := $(shell uname -v)
-endif
-
-ifneq (,$(findstring OpenVMS,$(OS_ARCH)))
-    OS_ARCH = OpenVMS
-    OS_RELEASE := $(shell uname -v)
-endif
-
-#######################################################################
-# Master "Core Components" macros for getting the OS target           #
-#######################################################################
-
-#
-# Note: OS_TARGET should be specified on the command line for gmake.
-# When OS_TARGET=WIN95 is specified, then a Windows 95 target is built.
-# The difference between the Win95 target and the WinNT target is that
-# the WinNT target uses Windows NT specific features not available
-# in Windows 95. The Win95 target will run on Windows NT, but (supposedly)
-# at lesser performance (the Win95 target uses threads; the WinNT target
-# uses fibers).
-#
-# When OS_TARGET=WIN16 is specified, then a Windows 3.11 (16bit) target
-# is built. See: win16_3.11.mk for lots more about the Win16 target.
-#
-# If OS_TARGET is not specified, it defaults to $(OS_ARCH), i.e., no
-# cross-compilation.
-#
-
-#
-# The following hack allows one to build on a WIN95 machine (as if
-# s/he were cross-compiling on a WINNT host for a WIN95 target).
-# It also accomodates for MKS's and Cygwin's uname.exe.
-#
-ifeq ($(OS_ARCH),WIN95)
-    OS_ARCH   = WINNT
-    OS_TARGET = WIN95
-endif
-ifeq ($(OS_ARCH),Windows_95)
-    OS_ARCH   = Windows_NT
-    OS_TARGET = WIN95
-endif
-ifeq ($(OS_ARCH),CYGWIN_95-4.0)
-	OS_ARCH   = CYGWIN_NT-4.0
-	OS_TARGET = WIN95
-endif
-ifeq ($(OS_ARCH),CYGWIN_98-4.10)
-	OS_ARCH   = CYGWIN_NT-4.0
-	OS_TARGET = WIN95
-endif
-
-#
-# On WIN32, we also define the variable CPU_ARCH, if it isn't already.
-#
-ifndef CPU_ARCH
-    ifeq ($(OS_ARCH), WINNT)
-	CPU_ARCH := $(shell uname -p)
-	ifeq ($(CPU_ARCH),I386)
-	    CPU_ARCH = x386
-	endif
-    endif
-endif
-
-# If uname -s returns "Windows_NT", we assume that we are using
-# the uname.exe in MKS toolkit.
-#
-# The -r option of MKS uname only returns the major version number.
-# So we need to use its -v option to get the minor version number.
-# Moreover, it doesn't have the -p option, so we need to use uname -m.
-#
-ifeq ($(OS_ARCH), Windows_NT)
-    OS_ARCH = WINNT
-    OS_MINOR_RELEASE := $(shell uname -v)
-    ifeq ($(OS_MINOR_RELEASE),00)
-	OS_MINOR_RELEASE = 0
-    endif
-    OS_RELEASE := $(OS_RELEASE).$(OS_MINOR_RELEASE)
-    ifndef CPU_ARCH
-	CPU_ARCH := $(shell uname -m)
-	#
-	# MKS's uname -m returns "586" on a Pentium machine.
-	#
-	ifneq (,$(findstring 86,$(CPU_ARCH)))
-	    CPU_ARCH = x386
-	endif
-    endif
-endif
-#
-# If uname -s returns "CYGWIN_NT-4.0", we assume that we are using
-# the uname.exe in the Cygwin tools.
-#
-ifeq (CYGWIN_NT,$(findstring CYGWIN_NT,$(OS_ARCH)))
-    OS_RELEASE := $(patsubst CYGWIN_NT-%,%,$(OS_ARCH))
-    OS_ARCH = WINNT
-    ifndef CPU_ARCH
-	CPU_ARCH := $(shell uname -m)
-	#
-	# Cygwin's uname -m returns "i686" on a Pentium Pro machine.
-	#
-	ifneq (,$(findstring 86,$(CPU_ARCH)))
-	    CPU_ARCH = x386
-	endif
-    endif
-endif
-
-ifndef OS_TARGET
-    OS_TARGET = $(OS_ARCH)
-endif
-
-ifeq ($(OS_TARGET), WIN95)
-    OS_RELEASE = 4.0
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-    OS_RELEASE =
-#   OS_RELEASE = _3.11
-endif
-
-ifdef OS_TARGET_RELEASE
-    OS_RELEASE = $(OS_TARGET_RELEASE)
-endif
-
-#
-# This variable is used to get OS_CONFIG.mk.
-#
-
-OS_CONFIG = $(OS_TARGET)$(OS_RELEASE)
-
-#
-# OBJDIR_TAG depends on the predefined variable BUILD_OPT,
-# to distinguish between debug and release builds.
-#
-
-ifdef BUILD_OPT
-    ifeq ($(OS_TARGET),WIN16)
-	OBJDIR_TAG = _O
-    else
-	OBJDIR_TAG = $(64BIT_TAG)_OPT
-    endif
-else
-    ifdef BUILD_IDG
-	ifeq ($(OS_TARGET),WIN16)
-	    OBJDIR_TAG = _I
-	else
-	    OBJDIR_TAG = $(64BIT_TAG)_IDG
-	endif
-    else
-	ifeq ($(OS_TARGET),WIN16)
-	    OBJDIR_TAG = _D
-	else
-	    OBJDIR_TAG = $(64BIT_TAG)_DBG
-	endif
-    endif
-endif
-
-#
-# The following flags are defined in the individual $(OS_CONFIG).mk
-# files.
-#
-# CPU_TAG is defined if the CPU is not the most common CPU.
-# COMPILER_TAG is defined if the compiler is not the native compiler.
-# IMPL_STRATEGY may be defined too.
-#
-
-OBJDIR_NAME = $(OS_TARGET)$(OS_RELEASE)$(CPU_TAG)$(COMPILER_TAG)$(LIBC_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJ
-
-ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16
-ifndef BUILD_OPT
-#
-# Define USE_DEBUG_RTL if you want to use the debug runtime library
-# (RTL) in the debug build
-#
-ifdef USE_DEBUG_RTL
-    OBJDIR_NAME = $(OS_TARGET)$(OS_RELEASE)$(CPU_TAG)$(COMPILER_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJD
-endif
-endif
-endif
-
-MK_ARCH = included
diff --git a/security/coreconf/command.mk b/security/coreconf/command.mk
deleted file mode 100644
index 96cddff68..000000000
--- a/security/coreconf/command.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" default command macros;                    #
-# can be overridden in <arch>.mk                                      #
-#######################################################################
-
-AS            = $(CC)
-ASFLAGS      += $(CFLAGS)
-CCF           = $(CC) $(CFLAGS)
-LINK_DLL      = $(LINK) $(OS_DLLFLAGS) $(DLLFLAGS)
-LINK_EXE      = $(LINK) $(OS_LFLAGS) $(LFLAGS)
-NFSPWD        = $(NSINSTALL_DIR)/nfspwd
-CFLAGS        = $(OPTIMIZER) $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
-		$(XCFLAGS)
-RANLIB        = echo
-TAR           = /bin/tar
-#
-# For purify
-#
-NOMD_CFLAGS  += $(OPTIMIZER) $(NOMD_OS_CFLAGS) $(XP_DEFINE) $(DEFINES) \
-		$(INCLUDES) $(XCFLAGS)
-
-MK_COMMAND = included
diff --git a/security/coreconf/config.mk b/security/coreconf/config.mk
deleted file mode 100644
index 01b633be8..000000000
--- a/security/coreconf/config.mk
+++ /dev/null
@@ -1,169 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# Configuration information for building in the "Core Components" source module
-#
-
-#######################################################################
-# [1.0] Master "Core Components" source and release <architecture>    #
-#       tags                                                          #
-#######################################################################
-ifndef MK_ARCH
-include $(CORE_DEPTH)/coreconf/arch.mk
-endif
-
-#######################################################################
-# [2.0] Master "Core Components" default command macros               #
-#       (NOTE: may be overridden in $(OS_TARGET)$(OS_RELEASE).mk)     #
-#######################################################################
-ifndef MK_COMMAND
-include $(CORE_DEPTH)/coreconf/command.mk
-endif
-
-#######################################################################
-# [3.0] Master "Core Components" <architecture>-specific macros       #
-#       (dependent upon <architecture> tags)                          #
-#                                                                     #
-#       We are moving towards just having a $(OS_TARGET).mk file      #
-#       as opposed to multiple $(OS_TARGET)$(OS_RELEASE).mk files,    #
-#       one for each OS release.                                      #
-#######################################################################
-
-TARGET_OSES = FreeBSD BSD_OS NetBSD OpenUNIX OS2 QNX Darwin BeOS OpenBSD
-
-ifeq (,$(filter-out $(TARGET_OSES),$(OS_TARGET)))
-include $(CORE_DEPTH)/coreconf/$(OS_TARGET).mk
-else
-include $(CORE_DEPTH)/coreconf/$(OS_TARGET)$(OS_RELEASE).mk
-endif
-
-#######################################################################
-# [4.0] Master "Core Components" source and release <platform> tags   #
-#       (dependent upon <architecture> tags)                          #
-#######################################################################
-ifndef PLATFORM
-PLATFORM = $(OBJDIR_NAME)
-endif
-
-#######################################################################
-# [5.0] Master "Core Components" release <tree> tags                  #
-#       (dependent upon <architecture> tags)                          #
-#######################################################################
-ifndef MK_TREE
-include $(CORE_DEPTH)/coreconf/tree.mk
-endif
-
-#######################################################################
-# [6.0] Master "Core Components" source and release <component> tags  #
-#       NOTE:  A component is also called a module or a subsystem.    #
-#       (dependent upon $(MODULE) being defined on the                #
-#        command line, as an environment variable, or in individual   #
-#        makefiles, or more appropriately, manifest.mn)               #
-#######################################################################
-ifndef MK_MODULE
-include $(CORE_DEPTH)/coreconf/module.mk
-endif
-
-#######################################################################
-# [7.0] Master "Core Components" release <version> tags               #
-#       (dependent upon $(MODULE) being defined on the                #
-#        command line, as an environment variable, or in individual   #
-#        makefiles, or more appropriately, manifest.mn)               #
-#######################################################################
-ifndef MK_VERSION
-include $(CORE_DEPTH)/coreconf/version.mk
-endif
-
-#######################################################################
-# [8.0] Master "Core Components" macros to figure out                 #
-#       binary code location                                          #
-#       (dependent upon <platform> tags)                              #
-#######################################################################
-ifndef MK_LOCATION
-include $(CORE_DEPTH)/coreconf/location.mk
-endif
-
-#######################################################################
-# [9.0] Master "Core Components" <component>-specific source path     #
-#       (dependent upon <user_source_tree>, <source_component>,       #
-#        <version>, and <platform> tags)                              #
-#######################################################################
-ifndef MK_SOURCE
-include $(CORE_DEPTH)/coreconf/source.mk
-endif
-
-#######################################################################
-# [10.0] Master "Core Components" include switch for support header   #
-#        files                                                        #
-#        (dependent upon <tree>, <component>, <version>,              #
-#         and <platform> tags)                                        #
-#######################################################################
-ifndef MK_HEADERS
-include $(CORE_DEPTH)/coreconf/headers.mk
-endif
-
-#######################################################################
-# [11.0] Master "Core Components" for computing program prefixes      #
-#######################################################################
-ifndef MK_PREFIX
-include $(CORE_DEPTH)/coreconf/prefix.mk
-endif
-
-#######################################################################
-# [12.0] Master "Core Components" for computing program suffixes      #
-#        (dependent upon <architecture> tags)                         #
-#######################################################################
-ifndef MK_SUFFIX
-include $(CORE_DEPTH)/coreconf/suffix.mk
-endif
-
-#######################################################################
-# [13.0] Master "Core Components" for defining JDK                    #
-#        (dependent upon <architecture>, <source>, and <suffix>  tags)#
-#######################################################################
-ifdef NS_USE_JDK
-include $(CORE_DEPTH)/coreconf/jdk.mk
-endif
-
-#######################################################################
-# [14.0] Master "Core Components" rule set                            #
-#######################################################################
-ifndef MK_RULESET
-include $(CORE_DEPTH)/coreconf/ruleset.mk
-endif
-
-#######################################################################
-# [15.0] Dependencies.
-#######################################################################
-
--include $(MKDEPENDENCIES)
-
diff --git a/security/coreconf/coreconf.pl b/security/coreconf/coreconf.pl
deleted file mode 100644
index 8471b0ead..000000000
--- a/security/coreconf/coreconf.pl
+++ /dev/null
@@ -1,156 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-sub recursive_copy {
-    local($fromdir);
-    local($todir);
-    local(@dirlist);
-    $fromdir = shift;
-    $todir = shift;
-  
-    print STDERR "recursive copy called with $fromdir, $todir\n";
-
-#remove any trailing slashes.
-    $fromdir =~ s/\/$//;
-    $todir =~ s/\/$//;
-    
-    opendir(DIR, $fromdir);
-    @dirlist = readdir DIR;
-    close DIR;
-
-
-    foreach $file (@dirlist) {
-	if  (! (($file eq "." ) || ($file eq "..") )) {
-	    
-	    if (-d "$fromdir/$file") {
-		print STDERR "handling directory $todir/$file\n";
-		&rec_mkdir("$todir/$file");
-		&recursive_copy("$fromdir/$file","$todir/$file");
-	    }
-	    else {
-		print STDERR "handling file $fromdir/$file\n";
-		&my_copy("$fromdir/$file","$todir/$file");
-	    }
-	}
-    }
-}
-
-sub parse_argv {
-
-#    print STDERR "Parsing Variables\n";
-
-    foreach $q ( @ARGV ) {
-	if (! ($q =~ /=/)) {
-	    $var{$lastassigned} .= " $q";
-	}
-	else {
-	   $q =~ /^([^=]*)=(.*)/;
-	   $left = $1;
-	   $right = $2;
-	
-	   $right =~ s/ *$//;
-	   $var{$left} = $right;
-
-	   $lastassigned = $left;
-	
-	   }
-	print STDERR "Assigned $lastassigned = $var{$lastassigned}\n";
-    }
-}
-
-
-# usage: &my_copy("dir/fromfile","dir2/tofile");
-# do a 'copy' - files only, 'to' MUST be a filename, not a directory.
-
-# fix this to be able to use copy on win nt.
-
-sub my_copy {
-    local($from);
-    local($to);
-    local($cpcmd);
-
-    $from = shift;
-    $to = shift;
-
-    if ( ! defined $var{OS_ARCH}) {
-	die "OS_ARCH not defined!";
-    }
-    else {
-	if ($var{OS_ARCH} eq 'WINNT') {
-	    $cpcmd = 'cp';
-	    	}
-	else {
-	    $cpcmd = 'cp';
-	    }
-	print STDERR "COPYING: $cpcmd $from $to\n";
-	system("$cpcmd $from $to");
-    }
-}
-
-
-sub old_my_copy {
-    local($from);
-    local($to);
-
-    $from = shift;
-    $to = shift;
-    open(FIN, "<$from") || die("Can't read from file $from\n");
-    if ( ! open(FOUT,">$to")) {
-	close FIN;
-	die "Can't write to file $to\n";
-    }
-    while (read(FIN, $buf, 100000)) {
-	print FOUT $buf;
-    }
-    close (FIN);
-    close (FOUT);
-}
-
-sub rec_mkdir {
-    local($arg);
-    local($t);
-    local($q);
-
-    $arg = shift;
-    $t = "";
-    foreach $q (split(/\//,$arg)) {
-	$t .= $q;
-	if (! ($t =~ /\.\.$/)) {
-	    if ($t =~ /./) {
-		mkdir($t,0775);
-	    }
-	}
-	$t.= '/';
-    }
-}
-
-1;
diff --git a/security/coreconf/cpdist.pl b/security/coreconf/cpdist.pl
deleted file mode 100755
index cea077990..000000000
--- a/security/coreconf/cpdist.pl
+++ /dev/null
@@ -1,195 +0,0 @@
-#! /usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-require('coreconf.pl');
-
-#######-- read in variables on command line into %var
-
-&parse_argv;
- 
-### do the copy
-
-print STDERR "RELEASE TREE / MODULE =  $var{RELEASE_TREE} $var{MODULE}\n";
-
-
-
-# 1
-if ($var{RELEASE} eq "") { exit; } # Can't do release here, so exit.
-
-# 2
-#if (! ($var{RELEASE} =~ /\//)) {   # if no specific version is specified in RELEASE variable
-#    $component = $var{RELEASE};
-#}
-#else {  # if a subcomponent/version is given in the RELEASE variable
-#        $var{RELEASE} =~ m|^([^/]*)/|;  
-#	$component = $1;           # everything before the first slash;
-#    }
-
-# 3
-$path = $var{RELEASE};
-
-
-# 4
-# find out what directory we would create for 'today'
-
-$year = (localtime)[5] + 1900;
-$month = (localtime)[4] + 1;
-$day = (localtime)[3];
-$today = sprintf( "%d%02d%02d", $year, $month, $day );
-
-# 5
-# if version is null, then set the version to today.
-if ($var{"RELEASE_VERSION"} eq "") {
-    $var{"RELEASE_VERSION"} = $today;
-}
-
-#6
-$version = $var{"RELEASE_VERSION"};  # set RELEASE_VERSION to passed in variable
-
-#7
-# if version is today, then we will want to make a 'current' link.
-
-if ($version eq $today) {
-    $create_current = 1;
-}
-
-#8
-# version can be a) passed in value from command line, b) value in manifest.mn
-# or c) computed value such as '19970909'
-
-
-$dir = "$var{'RELEASE_TREE'}/$path";
-
-#9
-if (! (-e "$dir/$version" && -d "$dir/$version")) {
-    print "making dir $dir \n";
-    &rec_mkdir("$dir/$version");
-}
-
-
-
-print "version = $version\n";
-print "path = $path\n";
-print "var{release_tree} = $var{'RELEASE_TREE'}\n";
-print "dir = $dir   = RELEASE_TREE/path\n";
-
-
-#10
-if ($create_current == 1) {
-
-# unlinking and linking always occurs, even if the link is correct
-    print "unlinking $dir/current\n";
-    unlink("$dir/current");
-    
-    print "putting version number $today into 'current' file..";
-
-    open(FILE,">$dir/current") || die " couldn't open current\n";
-    print FILE "$today\n";
-    close(FILE);
-    print " ..done\n"
-    
-}
-
-&rec_mkdir("$dir/$version/$var{'RELEASE_MD_DIR'}");
-&rec_mkdir("$dir/$version/$var{'RELEASE_XP_DIR'}");
-
-
-
-
-foreach $jarfile (split(/ /,$var{FILES}) ) {
-    print STDERR "---------------------------------------------\n";
-    
-    $jarinfo = $var{$jarfile};
- 
-    ($jardir,$jaropts) = split(/\|/,$jarinfo);
- 
-    if ($jaropts =~ /f/) {
-      print STDERR "Copying files $jardir....\n";
-    }
-    else {
-      print STDERR "Copying jar file $jarfile....\n";
-    }
-    
-    print "jaropts = $jaropts\n";
-    
-    if ($jaropts =~ /m/) {
-      $destdir = $var{"RELEASE_MD_DIR"};
-      print "found m, using MD dir $destdir\n";
-    }
-    elsif ($jaropts =~ /x/) {
-      $destdir = $var{"RELEASE_XP_DIR"};
-      print "found x, using XP dir $destdir\n";
-    }
-    else {
-      die "Error: must specify m or x in jar options in $jarinfo line\n";
-    }
-    
-    
-    $distdir = "$dir/$version/$destdir";
-    
-
-
-    if ($jaropts =~ /f/) {
-
-      print "splitting: \"$jardir\"\n";
-      for $srcfile (split(/ /,$jardir)) {
-
-#if srcfile has a slash
-	if ($srcfile =~ m|/|) {
-#pull out everything before the last slash into $1
-	  $srcfile =~ m|(.*)/|;
-	  $distsubdir = "/$1";
-	  print "making dir $distdir$distsubdir\n";
-	  &rec_mkdir("$distdir$distsubdir");
-	}
-	print "copy: from $srcfile\n";
-	print "      to   $distdir$distsubdir\n";
-	$srcprefix = "";
-	if ($jaropts =~/m/) {
-	  $srcprefix = "$var{'PLATFORM'}/";
-	}
-	system("cp $srcprefix$srcfile $distdir$distsubdir");
-      }
-    }
-    else {
-      $srcfile = "$var{SOURCE_RELEASE_PREFIX}/$jardir/$jarfile";
-      
-      print "copy: from $srcfile\n";
-      print "      to   $distdir\n";
-      
-      system("cp $srcfile $distdir");
-      
-    }
-    
-  }
-
diff --git a/security/coreconf/headers.mk b/security/coreconf/headers.mk
deleted file mode 100644
index ff2da9a7f..000000000
--- a/security/coreconf/headers.mk
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" include switch for support header files    #
-#######################################################################
-
-#
-#  Always append source-side machine-dependent (md) and cross-platform
-#  (xp) include paths
-#
-
-INCLUDES  += -I$(SOURCE_MDHEADERS_DIR) 
-
-ifneq ($(OS_TARGET),WIN16)
-    INCLUDES  += -I$(SOURCE_XPHEADERS_DIR)
-endif
-
-#
-#  Only append source-side private cross-platform include paths for
-#  sectools
-#
-
-INCLUDES += -I$(SOURCE_XPPRIVATE_DIR)
-
-ifdef MOZILLA_CLIENT
-    INCLUDES += -I$(SOURCE_XP_DIR)/include $(MOZILLA_INCLUDES)
-endif
-
-MK_HEADERS = included
diff --git a/security/coreconf/import.pl b/security/coreconf/import.pl
deleted file mode 100755
index 0bba3c820..000000000
--- a/security/coreconf/import.pl
+++ /dev/null
@@ -1,218 +0,0 @@
-#! /usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-print STDERR "import.pl\n";
-
-require('coreconf.pl');
-
-
-$returncode =0;
-
-
-#######-- read in variables on command line into %var
-
-$var{ZIP} = "zip";
-$var{UNZIP} = "unzip -o";
-
-&parse_argv;
-
-if (! ($var{IMPORTS} =~ /\w/)) {
-    print STDERR "nothing to import\n";
-}
-
-######-- Do the import!
-
-foreach $import (split(/ /,$var{IMPORTS}) ) {
-
-    print STDERR "\n\nIMPORTING .... $import\n-----------------------------\n";
-
-
-# if a specific version specified in IMPORT variable
-# (if $import has a slash in it)
-
-    if ($import =~ /\//) {
-        # $component=everything before the first slash of $import
-
-	$import =~ m|^([^/]*)/|; 
-	$component = $1;
-
-	$import =~ m|^(.*)/([^/]*)$|;
-
-	# $path=everything before the last slash of $import
-	$path = $1;
-
-	# $version=everything after the last slash of $import
-	$version = $2;
-
-	if ($var{VERSION} ne "current") {
-	    $version = $var{VERSION};
-	}
-    }
-    else {
-	$component = $import;
-	$path = $import;
-	$version = $var{VERSION};
-    }
-
-    $releasejardir = "$var{RELEASE_TREE}/$path";
-    if ($version eq "current") {
-	print STDERR "Current version specified. Reading 'current' file ... \n";
-	
-	open(CURRENT,"$releasejardir/current") || die "NO CURRENT FILE\n";
-	$version = <CURRENT>;
-	$version =~ s/(\r?\n)*$//; # remove any trailing [CR/]LF's
-	close(CURRENT);
-	print STDERR "Using version $version\n";
-	if ( $version eq "") {
-	    die "Current version file empty. Stopping\n";
-	}
-    }
-    
-    $releasejardir = "$releasejardir/$version";
-    if ( ! -d $releasejardir) {
-	die "$releasejardir doesn't exist (Invalid Version?)\n";
-    }
-    foreach $jarfile (split(/ /,$var{FILES})) {
-
-	($relpath,$distpath,$options) = split(/\|/, $var{$jarfile});
-
-	if ($var{'OVERRIDE_IMPORT_CHECK'} eq 'YES') {
-	    $options =~ s/v//g;
-	}
-
-	if ( $relpath ne "") { $releasejarpathname = "$releasejardir/$relpath";}
-	else { $releasejarpathname = $releasejardir; }
-
-# If a component doesn't have IDG versions, import the DBG ones
-    if( ! -e "$releasejarpathname/$jarfile" ) {
-        if( $relpath =~ /IDG\.OBJ$/ ) {
-            $relpath =~ s/IDG.OBJ/DBG.OBJ/;
-            $releasejarpathname = "$releasejardir/$relpath";
-        } elsif( $relpath =~ /IDG\.OBJD$/ ) {
-            $relpath =~ s/IDG.OBJD/DBG.OBJD/;
-            $releasejarpathname = "$releasejardir/$relpath";
-        }
-    }
-
-	if (-e "$releasejarpathname/$jarfile") {
-	    print STDERR "\nWorking on jarfile: $jarfile\n";
-	    
-	    if ($distpath =~ m|/$|) {
-		$distpathname = "$distpath$component";
-	    }
-	    else {
-		$distpathname = "$distpath"; 
-	    }
-	  
-	  
-#the block below is used to determine whether or not the xp headers have
-#already been imported for this component
-
-	    $doimport = 1;
-	  if ($options =~ /v/) {   # if we should check the imported version
-	      print STDERR "Checking if version file exists $distpathname/version\n";
-	      if (-e "$distpathname/version") {
-		  open( VFILE, "<$distpathname/version") ||
-		      die "Cannot open $distpathname/version for reading. Permissions?\n";
-		  $importversion = <VFILE>;
-		  close (VFILE);
-		  $importversion =~ s/\r?\n$//;   # Strip off any trailing CR/LF
-		  if ($version eq $importversion) {
-		      print STDERR "$distpathname version '$importversion' already imported. Skipping...\n";
-		      $doimport =0;
-		  }
-	      }
-	  }
-	  
-	  if ($doimport == 1) {
-	      if (! -d "$distpathname") {
-		  &rec_mkdir("$distpathname");
-	      }
-	      # delete the stuff in there already.
-	      # (this should really be recursive delete.)
-	      
-	      if ($options =~ /v/) {
-		  $remheader = "\nREMOVING files in '$distpathname/' :";
-		  opendir(DIR,"$distpathname") ||
-		      die ("Cannot read directory $distpathname\n");
-		  @filelist = readdir(DIR);
-		  closedir(DIR);
-		  foreach $file ( @filelist ) {
-		      if (! ($file =~ m!/.?.$!) ) {
-			  if (! (-d $file)) {
-			      $file =~ m!([^/]*)$!;
-			      print STDERR "$remheader $1";
-			      $remheader = " ";
-			      unlink "$distpathname/$file";
-			  }
-		      }
-		  }
-	      }
-
-
-	      print STDERR "\n\n";
-
-	      print STDERR "\nExtracting jarfile '$jarfile' to local directory $distpathname/\n";
-	      
-	      print STDERR "$var{UNZIP} $releasejarpathname/$jarfile -d $distpathname\n";
-	      system("$var{UNZIP} $releasejarpathname/$jarfile -d $distpathname");
-	      
-	      $r = $?;
-
-	      if ($options =~ /v/) {
-		  if ($r == 0) {
-		      unlink ("$distpathname/version");
-		      if (open(VFILE,">$distpathname/version")) {
-			  print VFILE "$version\n";
-			  close(VFILE);
-		      }
-		  }
-		  else {
-		      print STDERR "Could not create '$distpathname/version'. Permissions?\n";
-		      $returncode ++;
-		  }
-	      }
-	  }  # if (doimport)
-	} # if (-e releasejarpathname/jarfile)
-    } # foreach jarfile)
-} # foreach IMPORT
-
-
-
-exit($returncode);
-
-
-
-
-
diff --git a/security/coreconf/jdk.mk b/security/coreconf/jdk.mk
deleted file mode 100644
index 8189808c8..000000000
--- a/security/coreconf/jdk.mk
+++ /dev/null
@@ -1,627 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ifdef NS_USE_JDK
-#######################################################################
-# [1] Define preliminary JDK "Core Components" toolset options        #
-#######################################################################
-
-# set default JDK java threading model
-ifeq ($(JDK_THREADING_MODEL),)
-	JDK_THREADING_MODEL     = native_threads
-# no such thing as -native flag
-	JDK_THREADING_MODEL_OPT =
-endif
-
-#######################################################################
-# [2] Define platform-independent JDK "Core Components" options       #
-#######################################################################
-
-# set default location of the java classes repository
-ifeq ($(JAVA_DESTPATH),)
-ifdef BUILD_OPT
-	JAVA_DESTPATH  = $(SOURCE_CLASSES_DIR)
-else
-	JAVA_DESTPATH  = $(SOURCE_CLASSES_DBG_DIR)
-endif
-endif
-
-# set default location of the package under the java classes repository
-# note that this overrides the default package value in ruleset.mk
-ifeq ($(PACKAGE),)
-	PACKAGE = .
-endif
-
-# set default location of the java source code repository
-ifeq ($(JAVA_SOURCEPATH),)
-	JAVA_SOURCEPATH	= .
-endif
-
-# add JNI directory to default include search path
-ifneq ($(JNI_GEN),)
-	ifdef NSBUILDROOT
-		INCLUDES += -I$(JNI_GEN_DIR) -I$(SOURCE_XP_DIR)
-	else
-		INCLUDES += -I$(JNI_GEN_DIR)
-	endif
-endif
-
-#######################################################################
-# [3] Define platform-dependent JDK "Core Components" options         #
-#######################################################################
-
-# set [Microsoft Windows] platforms
-ifeq ($(OS_ARCH), WINNT)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
-		endif
-	endif
-
-	PATH_SEPARATOR = ;
-
-	# (2) specify "header" information
-	JAVA_ARCH = win32
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "linker" information
-	JAVA_CPU =
-
-	JAVA_LIBDIR = lib
-
-	JAVA_CLIBS =
-
-	JAVA_LIBS  = -LIBPATH:$(JAVA_HOME)/$(JAVA_LIBDIR) jvm.lib
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	#     currently, disable JIT option on this platform
-	JDK_JIT_OPT = -nojit
-endif
-
-# set [Sun Solaris] platforms
-ifeq ($(OS_ARCH), SunOS)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
-		endif
-	endif
-
-	PATH_SEPARATOR = :
-
-	# (2) specify "header" information
-	JAVA_ARCH = solaris
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "linker" information
-ifeq ($(USE_64), 1)
-	JAVA_CPU = $(shell uname -p)v9
-else
-	JAVA_CPU = $(shell uname -p)
-endif
-
-ifeq ($(JDK_VERSION), 1.1)
-	JAVA_LIBDIR = lib/$(JAVA_CPU)
-else
-	JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-endif
-
-	#     ** IMPORTANT ** having -lthread before -lnspr is critical on solaris
-	#     when linking with -ljava as nspr redefines symbols in libthread that
-	#     cause JNI executables to fail with assert of bad thread stack values.
-	JAVA_CLIBS = -lthread
-
-ifneq ($(JDK_VERSION), 1.1)
-ifeq ($(USE_64), 1)
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server
-else
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic
-endif
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)
-	JAVA_LIBS += -ljvm -ljava
-else
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -ljava
-endif
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	#     currently, disable JIT option on this platform
-	JDK_JIT_OPT =
-endif
-
-# set [Hewlett Packard HP-UX] platforms
-ifeq ($(OS_ARCH), HP-UX)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
-		endif
-	endif
-
-	PATH_SEPARATOR = :
-
-	# (2) specify "header" information
-	JAVA_ARCH = hp-ux
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "linker" information
-	JAVA_CPU = PA_RISC
-
-	JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-
-	JAVA_CLIBS =
-
-	JAVA_LIBS  = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	# no JIT option available on this platform
-	JDK_JIT_OPT =
-endif
-
-# set [Redhat Linux] platforms
-ifeq ($(OS_ARCH), Linux)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
-		endif
-	endif
-
-	PATH_SEPARATOR = :
-
-	# (2) specify "header" information
-	JAVA_ARCH = linux
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "linker" information
-	JAVA_CPU = i386
-
-	JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-
-	JAVA_CLIBS =
-
-	JAVA_LIBS  = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
-        ifeq ($(JDK_VERSION), 1.4)
-	    JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/server -ljvm
-        else
-	    JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
-	endif
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	# no JIT option available on this platform
-	JDK_JIT_OPT =
-endif
-
-# set [IBM AIX] platforms
-ifeq ($(OS_ARCH), AIX)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
-		endif
-	endif
-
-	PATH_SEPARATOR = :
-
-	# (2) specify "header" information
-	JAVA_ARCH = aix
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "linker" information
-	JAVA_CPU = aix
-
-	JAVA_LIBDIR = jre/bin
-
-	JAVA_CLIBS =
-
-	JAVA_LIBS  = -L$(JAVA_HOME)/$(JAVA_LIBDIR) -lhpi
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	# no JIT option available on this platform
-	JDK_JIT_OPT =
-endif
-
-# set [Digital UNIX] platforms
-ifeq ($(OS_ARCH), OSF1)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/classes.zip
-		endif
-	endif
-
-	PATH_SEPARATOR = :
-
-	# (2) specify "header" information
-	JAVA_ARCH = alpha
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "linker" information
-	JAVA_CPU = alpha
-
-	JAVA_LIBDIR = jre/lib/$(JAVA_CPU)
-
-	JAVA_CLIBS =
-
-	JAVA_LIBS  = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	# no JIT option available on this platform
-	JDK_JIT_OPT =
-endif
-
-# set [Silicon Graphics IRIX] platforms
-ifeq ($(OS_ARCH), IRIX)
-	JAVA_CLASSES = $(JAVA_HOME)/lib/dev.jar:$(JAVA_HOME)/lib/rt.jar
-
-	ifeq ($(JRE_HOME),)
-		JRE_HOME = $(JAVA_HOME)
-		JRE_CLASSES = $(JAVA_CLASSES)
-	else
-		ifeq ($(JRE_CLASSES),)
-			JRE_CLASSES = $(JRE_HOME)/lib/dev.jar:$(JRE_HOME)/lib/rt.jar
-		endif
-	endif
-
-	PATH_SEPARATOR = :
-
-	# (2) specify "header" information
-	JAVA_ARCH = irix
-
-	INCLUDES += -I$(JAVA_HOME)/include
-	INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH)
-
-	# (3) specify "-n32 linker" information
-	JAVA_CPU = sgi
-
-	JAVA_LIBDIR = lib32/$(JAVA_CPU)
-
-	JAVA_CLIBS =
-
-	JAVA_LIBS  = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi
-	JAVA_LIBS += -lirixextra
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm
-	JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava
-	JAVA_LIBS += $(JAVA_CLIBS)
-
-	LDFLAGS += $(JAVA_LIBS)
-
-	# no JIT option available on this platform
-	JDK_JIT_OPT =
-endif
-
-#######################################################################
-# [4] Define remaining JDK "Core Components" default toolset options  #
-#######################################################################
-
-# set JDK optimization model
-ifeq ($(BUILD_OPT),1)
-	JDK_OPTIMIZER_OPT = -O
-else
-	JDK_OPTIMIZER_OPT = -g
-endif
-
-# set minimal JDK debugging model
-ifeq ($(JDK_DEBUG),1)
-	JDK_DEBUG_OPT    = -debug
-else
-	JDK_DEBUG_OPT    =
-endif
-
-# set default path to repository for JDK classes
-ifeq ($(JDK_CLASS_REPOSITORY_OPT),)
-	JDK_CLASS_REPOSITORY_OPT = -d $(JAVA_DESTPATH)
-endif
-
-# define a default JDK classpath
-ifeq ($(JDK_CLASSPATH),)
-	JDK_CLASSPATH = '$(JAVA_DESTPATH)$(PATH_SEPARATOR)$(JAVA_SOURCEPATH)$(PATH_SEPARATOR)$(JAVA_CLASSES)'
-endif
-
-# by default, override CLASSPATH environment variable using the JDK classpath option with $(JDK_CLASSPATH)
-ifeq ($(JDK_CLASSPATH_OPT),)
-	JDK_CLASSPATH_OPT = -classpath $(JDK_CLASSPATH)
-endif
-
-ifeq ($(USE_64), 1)
-	JDK_USE_64 = -d64
-endif
-
-endif
-
-
-#######################################################################
-# [5] Define JDK "Core Components" toolset;                           #
-#     (always allow a user to override these values)                  #
-#######################################################################
-
-#
-# (1) appletviewer
-#
-
-ifeq ($(APPLETVIEWER),)
-	APPLETVIEWER_PROG   = $(JAVA_HOME)/bin/appletviewer$(PROG_SUFFIX)
-	APPLETVIEWER_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	APPLETVIEWER_FLAGS += $(JDK_DEBUG_OPT)
-	APPLETVIEWER_FLAGS += $(JDK_JIT_OPT)
-	APPLETVIEWER        = $(APPLETVIEWER_PROG) $(APPLETVIEWER_FLAGS)
-endif
-
-#
-# (2) jar
-#
-
-ifeq ($(JAR),)
-	JAR_PROG   = $(JAVA_HOME)/bin/jar$(PROG_SUFFIX)
-	JAR_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAR        = $(JAR_PROG) $(JAR_FLAGS)
-endif
-
-#
-# (3) java
-#
-
-ifeq ($(JAVA),)
-	JAVA_PROG   = $(JAVA_HOME)/bin/java$(PROG_SUFFIX)
-	JAVA_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVA_FLAGS += $(JDK_DEBUG_OPT)
-	JAVA_FLAGS += $(JDK_CLASSPATH_OPT)
-	JAVA_FLAGS += $(JDK_JIT_OPT)
-	JAVA_FLAGS += $(JDK_USE_64)
-	JAVA        = $(JAVA_PROG) $(JAVA_FLAGS) 
-endif
-
-#
-# (4) javac
-#
-
-ifeq ($(JAVAC),)
-	JAVAC_PROG   = $(JAVA_HOME)/bin/javac$(PROG_SUFFIX)
-	JAVAC_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVAC_FLAGS += $(JDK_OPTIMIZER_OPT)
-	JAVAC_FLAGS += $(JDK_DEBUG_OPT)
-	JAVAC_FLAGS += $(JDK_CLASSPATH_OPT)
-	JAVAC_FLAGS += $(JDK_CLASS_REPOSITORY_OPT)
-	JAVAC_FLAGS += $(JDK_USE_64)
-	JAVAC        = $(JAVAC_PROG) $(JAVAC_FLAGS)
-endif
-
-#
-# (5) javadoc
-#
-
-ifeq ($(JAVADOC),)
-	JAVADOC_PROG   = $(JAVA_HOME)/bin/javadoc$(PROG_SUFFIX)
-	JAVADOC_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVADOC_FLAGS += $(JDK_CLASSPATH_OPT)
-	JAVADOC        = $(JAVADOC_PROG) $(JAVADOC_FLAGS)
-endif
-
-#
-# (6) javah
-#
-
-ifeq ($(JAVAH),)
-	JAVAH_PROG   = $(JAVA_HOME)/bin/javah$(PROG_SUFFIX)
-	JAVAH_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVAH_FLAGS += $(JDK_CLASSPATH_OPT)
-	JAVAH        = $(JAVAH_PROG) $(JAVAH_FLAGS)
-endif
-
-#
-# (7) javakey
-#
-
-ifeq ($(JAVAKEY),)
-	JAVAKEY_PROG   = $(JAVA_HOME)/bin/javakey$(PROG_SUFFIX)
-	JAVAKEY_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVAKEY        = $(JAVAKEY_PROG) $(JAVAKEY_FLAGS)
-endif
-
-#
-# (8) javap
-#
-
-ifeq ($(JAVAP),)
-	JAVAP_PROG   = $(JAVA_HOME)/bin/javap$(PROG_SUFFIX)
-	JAVAP_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVAP_FLAGS += $(JDK_CLASSPATH_OPT)
-	JAVAP        = $(JAVAP_PROG) $(JAVAP_FLAGS)
-endif
-
-#
-# (9) javat
-#
-
-ifeq ($(JAVAT),)
-	JAVAT_PROG   = $(JAVA_HOME)/bin/javat$(PROG_SUFFIX)
-	JAVAT_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVAT        = $(JAVAT_PROG) $(JAVAT_FLAGS)
-endif
-
-#
-# (10) javaverify
-#
-
-ifeq ($(JAVAVERIFY),)
-	JAVAVERIFY_PROG   = $(JAVA_HOME)/bin/javaverify$(PROG_SUFFIX)
-	JAVAVERIFY_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JAVAVERIFY        = $(JAVAVERIFY_PROG) $(JAVAVERIFY_FLAGS)
-endif
-
-#
-# (11) javaw
-#
-
-ifeq ($(JAVAW),)
-	jJAVAW_PROG   = $(JAVA_HOME)/bin/javaw$(PROG_SUFFIX)
-	jJAVAW_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	jJAVAW_FLAGS += $(JDK_DEBUG_OPT)
-	jJAVAW_FLAGS += $(JDK_CLASSPATH_OPT)
-	jJAVAW_FLAGS += $(JDK_JIT_OPT)
-	jJAVAW        = $(JAVAW_PROG) $(JAVAW_FLAGS)
-endif
-
-#
-# (12) jdb
-#
-
-ifeq ($(JDB),)
-	JDB_PROG   = $(JAVA_HOME)/bin/jdb$(PROG_SUFFIX)
-	JDB_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JDB_FLAGS += $(JDK_DEBUG_OPT)
-	JDB_FLAGS += $(JDK_CLASSPATH_OPT)
-	JDB_FLAGS += $(JDK_JIT_OPT)
-	JDB        = $(JDB_PROG) $(JDB_FLAGS)
-endif
-
-#
-# (13) jre
-#
-
-ifeq ($(JRE),)
-	JRE_PROG   = $(JAVA_HOME)/bin/jre$(PROG_SUFFIX)
-	JRE_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JRE_FLAGS += $(JDK_CLASSPATH_OPT)
-	JRE_FLAGS += $(JDK_JIT_OPT)
-	JRE        = $(JRE_PROG) $(JRE_FLAGS) 
-endif
-
-#
-# (14) jrew
-#
-
-ifeq ($(JREW),)
-	JREW_PROG   = $(JAVA_HOME)/bin/jrew$(PROG_SUFFIX)
-	JREW_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	JREW_FLAGS += $(JDK_CLASSPATH_OPT)
-	JREW_FLAGS += $(JDK_JIT_OPT)
-	JREW        = $(JREW_PROG) $(JREW_FLAGS) 
-endif
-
-#
-# (15) native2ascii
-#
-
-ifeq ($(NATIVE2ASCII),)
-	NATIVE2ASCII_PROG   = $(JAVA_HOME)/bin/native2ascii$(PROG_SUFFIX)
-	NATIVE2ASCII_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	NATIVE2ASCII        = $(NATIVE2ASCII_PROG) $(NATIVE2ASCII_FLAGS) 
-endif
-
-#
-# (16) rmic
-#
-
-ifeq ($(RMIC),)
-	RMIC_PROG   = $(JAVA_HOME)/bin/rmic$(PROG_SUFFIX)
-	RMIC_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	RMIC_FLAGS += $(JDK_OPTIMIZER_OPT)
-	RMIC_FLAGS += $(JDK_CLASSPATH_OPT)
-	RMIC        = $(RMIC_PROG) $(RMIC_FLAGS) 
-endif
-
-#
-# (17) rmiregistry
-#
-
-ifeq ($(RMIREGISTRY),)
-	RMIREGISTRY_PROG   = $(JAVA_HOME)/bin/rmiregistry$(PROG_SUFFIX)
-	RMIREGISTRY_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	RMIREGISTRY        = $(RMIREGISTRY_PROG) $(RMIREGISTRY_FLAGS) 
-endif
-
-#
-# (18) serialver
-#
-
-ifeq ($(SERIALVER),)
-	SERIALVER_PROG   = $(JAVA_HOME)/bin/serialver$(PROG_SUFFIX)
-	SERIALVER_FLAGS  = $(JDK_THREADING_MODEL_OPT)
-	SERIALVER        = $(SERIALVER_PROG) $(SERIALVER_FLAGS) 
-endif
diff --git a/security/coreconf/jniregen.pl b/security/coreconf/jniregen.pl
deleted file mode 100755
index 8bdd24448..000000000
--- a/security/coreconf/jniregen.pl
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# Input: -d dir -j javahcmd foo1 foo2 . . .
-#        Compares generated "_jni/foo1.h" file with "foo1.class", and
-#        generated "_jni/foo2.h" file with "foo2.class", etc.
-#        (NOTE:  unlike its closely related cousin, outofdate.pl,
-#                the "-d dir" must always be specified)
-#        Runs the javahcmd on all files that are different.
-#
-# Returns: list of headers which are OLDER than corresponding class
-#          files (non-existant class files are considered to be real old :-)
-
-my $javah = "";
-my $classdir = "";
-
-while(1) {
-    if ($ARGV[0] eq '-d') {
-        $classdir = $ARGV[1];
-        $classdir .= "/";
-        shift;
-        shift;
-    } elsif($ARGV[0] eq '-j') {
-        $javah = $ARGV[1];
-        shift;
-        shift;
-    } else {
-        last;
-    }
-}
-
-if( $javah  eq "") {
-    die "Must specify -j <javah command>";
-}
-if( $classdir eq "") {
-    die "Must specify -d <classdir>";
-}
-
-foreach $filename (@ARGV)
-{
-    $headerfilename = "_jni/";
-    $headerfilename .= $filename;
-    $headerfilename =~ s/\./_/g;
-    $headerfilename .= ".h";
-
-    $classfilename = $filename;
-    $classfilename =~ s|\.|/|g;
-    $classfilename .= ".class";
-
-    $classfilename = $classdir . $classfilename;
-
-
-    ( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $headermtime,
-      $ctime, $blksize, $blocks ) = stat( $headerfilename );
-
-    ( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $classmtime,
-      $ctime, $blksize, $blocks ) = stat( $classfilename );
-
-    if( $headermtime < $classmtime )
-    {
-	# NOTE:  Since this is used by "javah", and "javah" refuses to overwrite
-	#        an existing file, we force an unlink from this script, since
-	#        we actually want to regenerate the header file at this time.
-        unlink $headerfilename;
-        push @filelist, $filename;
-    }
-}
-
-if( @filelist ) {
-    $cmd = "$javah " . join(" ",@filelist);
-    $cmd =~ s/\'/\"/g;  # because windows doesn't understand single quote
-    print "$cmd\n";
-    exit (system($cmd) >> 8);
-} else {
-    print "All JNI header files up to date.\n"
-}
diff --git a/security/coreconf/location.mk b/security/coreconf/location.mk
deleted file mode 100644
index 060bb47ee..000000000
--- a/security/coreconf/location.mk
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" macros to figure out binary code location  #
-#######################################################################
-
-#
-# Figure out where the binary code lives.
-#
-
-ifdef BUILD_TREE
-ifdef LIBRARY_NAME
-BUILD         = $(BUILD_TREE)/nss/$(LIBRARY_NAME)
-OBJDIR        = $(BUILD_TREE)/nss/$(LIBRARY_NAME)
-DEPENDENCIES  = $(BUILD_TREE)/nss/$(LIBRARY_NAME)/.md
-else
-BUILD         = $(BUILD_TREE)/nss
-OBJDIR        = $(BUILD_TREE)/nss
-DEPENDENCIES  = $(BUILD_TREE)/nss/.md
-endif
-else
-BUILD         = $(PLATFORM)
-OBJDIR        = $(PLATFORM)
-DEPENDENCIES  = $(PLATFORM)/.md
-endif
-
-DIST          = $(SOURCE_PREFIX)/$(PLATFORM)
-
-ifdef BUILD_DEBUG_GC
-    DEFINES += -DDEBUG_GC
-endif
-
-GARBAGE += $(DEPENDENCIES) core $(wildcard core.[0-9]*)
-
-MK_LOCATION = included
diff --git a/security/coreconf/makefile.win b/security/coreconf/makefile.win
deleted file mode 100644
index c3abce76b..000000000
--- a/security/coreconf/makefile.win
+++ /dev/null
@@ -1,100 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# An NMAKE file to set up and adjust coreconf's build system for
-# Client build.  Client build should invoke NMAKE on this file
-# instead of invoking gmake directly.
-#
-
-NS_DEPTH = ..
-include <$(NS_DEPTH)\config\config.mak>
-#include <$(NS_DEPTH)\config\rules.mak>
-
-#
-# Backslashes are escape characters to gmake, so flip all backslashes
-# in $(MOZ_TOOLS) to forward slashes and pass that to gmake.
-#
-
-GMAKE = $(MOZ_TOOLS)\bin\gmake.exe MOZ_TOOLS_FLIPPED=$(MOZ_TOOLS:\=/)
-
-GMAKE = $(GMAKE) PR_CLIENT_BUILD=1 PR_CLIENT_BUILD_WINDOWS=1
-
-#
-# The Client's debug build uses MSVC's debug runtime library (/MDd).
-#
-
-!ifdef MOZ_DEBUG
-GMAKE = $(GMAKE) USE_DEBUG_RTL=1
-!else
-GMAKE = $(GMAKE) BUILD_OPT=1
-!endif
-
-!if "$(MOZ_BITS)" == "16"
-GMAKE = $(GMAKE) OS_TARGET=WIN16
-!else
-
-GMAKE = $(GMAKE) OS_TARGET=WIN95
-!ifdef MOZ_DEBUG
-PR_OBJDIR = WIN954.0_DBG.OBJD
-!else
-PR_OBJDIR = WIN954.0_OPT.OBJ
-!endif
-
-!endif
-
-#
-# The rules.  Simply invoke gmake with the same target
-# for Win16, use the watcom compiler with the MSVC headers and libs
-#
-
-# this rule is needed so that nmake with no explicit target will only build
-# all, and not build all the targets named below in succession!
-default:: all
-
-# a rule like this one must only be used for explicitly named targets!
-all depend export libs install clobber clobber_all clean::
-!if "$(MOZ_BITS)" == "16"
-	set PATH=%WATCPATH%
-	set INCLUDE=%MSVC_INC%
-	set LIB=%MSVC_LIB%
-!endif
-	$(GMAKE) $@
-!if "$(MOZ_BITS)" == "16"
-	set PATH=%MSVCPATH%
-	set INCLUDE=%MSVC_INC%
-	set LIB=%MSVC_LIB%
-!endif
-
-show:
-	@echo "MAKEFLAGS = $(MAKEFLAGS)"
diff --git a/security/coreconf/module.mk b/security/coreconf/module.mk
deleted file mode 100644
index 6a9d49f59..000000000
--- a/security/coreconf/module.mk
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# The master "Core Components" source and release component directory #
-# names are ALWAYS identical and are the value of $(MODULE).          #
-# NOTE:  A component is also called a module or a subsystem.          #
-#######################################################################
-
-#
-#  All "Core Components" <component>-specific source-side tags must
-#  always be identified for compiling/linking purposes
-#
-
-ifndef JAVA_SOURCE_COMPONENT
-    JAVA_SOURCE_COMPONENT = java
-endif
-
-ifndef NETLIB_SOURCE_COMPONENT
-    NETLIB_SOURCE_COMPONENT = netlib
-endif
-
-ifndef NSPR_SOURCE_COMPONENT
-    NSPR_SOURCE_COMPONENT = nspr20
-endif
-
-ifndef SECTOOLS_SOURCE_COMPONENT
-    SECTOOLS_SOURCE_COMPONENT = sectools
-endif
-
-ifndef SECURITY_SOURCE_COMPONENT
-    SECURITY_SOURCE_COMPONENT = security
-endif
-
-MK_MODULE = included
diff --git a/security/coreconf/nsinstall/Makefile b/security/coreconf/nsinstall/Makefile
deleted file mode 100644
index 625d4bc77..000000000
--- a/security/coreconf/nsinstall/Makefile
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH		= ../..
-CORE_DEPTH	= ../..
-
-MODULE		= coreconf
-
-CSRCS		= nsinstall.c pathsub.c
-
-PLSRCS		= nfspwd.pl
-
-PROGRAM		= nsinstall
-
-
-include $(DEPTH)/coreconf/config.mk
-
-ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET)))
-PROGRAM		=
-else
-TARGETS		= $(PROGRAM) $(PLSRCS:.pl=)
-endif
-
-ifdef NATIVE_CC
-CC=$(NATIVE_CC)
-endif
-
-ifdef NATIVE_FLAGS
-OS_CFLAGS=$(NATIVE_FLAGS)
-endif
-
-include $(DEPTH)/coreconf/rules.mk
-
-# Redefine MAKE_OBJDIR for just this directory
-define MAKE_OBJDIR
-if test ! -d $(@D); then rm -rf $(@D); mkdir $(@D); fi
-endef
-
diff --git a/security/coreconf/nsinstall/nfspwd b/security/coreconf/nsinstall/nfspwd
deleted file mode 100755
index 339abead3..000000000
--- a/security/coreconf/nsinstall/nfspwd
+++ /dev/null
@@ -1,46 +0,0 @@
-#! perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-require "fastcwd.pl";
-
-$_ = &fastcwd;
-if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) {
-    print("$_\n");
-} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o)
-      && readlink("/u/$user") eq "/usr/people/$user") {
-    print("/u/$user/$rest\n");
-} else {
-    chop($host = `hostname`);
-    print("/h/$host$_\n");
-}
diff --git a/security/coreconf/nsinstall/nfspwd.pl b/security/coreconf/nsinstall/nfspwd.pl
deleted file mode 100644
index 339abead3..000000000
--- a/security/coreconf/nsinstall/nfspwd.pl
+++ /dev/null
@@ -1,46 +0,0 @@
-#! perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-require "fastcwd.pl";
-
-$_ = &fastcwd;
-if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) {
-    print("$_\n");
-} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o)
-      && readlink("/u/$user") eq "/usr/people/$user") {
-    print("/u/$user/$rest\n");
-} else {
-    chop($host = `hostname`);
-    print("/h/$host$_\n");
-}
diff --git a/security/coreconf/nsinstall/nsinstall.c b/security/coreconf/nsinstall/nsinstall.c
deleted file mode 100644
index 0c9915926..000000000
--- a/security/coreconf/nsinstall/nsinstall.c
+++ /dev/null
@@ -1,434 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** Netscape portable install command.
-*/
-#include <stdio.h>  /* OSF/1 requires this before grp.h, so put it first */
-#include <assert.h>
-#include <fcntl.h>
-#include <string.h>
-#if defined(_WINDOWS)
-#include <windows.h>
-typedef unsigned int mode_t;
-#else
-#include <grp.h>
-#include <pwd.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <utime.h>
-#endif
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "pathsub.h"
-
-#define HAVE_LCHOWN
-
-#if defined(AIX) || defined(BSDI) || defined(HPUX) || defined(LINUX) || defined(SUNOS4) || defined(SCO) || defined(UNIXWARE) || defined(VMS) || defined(NTO) || defined(DARWIN) || defined(BEOS)
-#undef HAVE_LCHOWN
-#endif
-
-#define HAVE_FCHMOD
-
-#if defined(BEOS)
-#undef HAVE_FCHMOD
-#endif
-
-#ifdef LINUX
-#include <getopt.h>
-#endif
-
-#if defined(SCO) || defined(UNIXWARE) || defined(SNI) || defined(NCR) || defined(NEC)
-#if !defined(S_ISLNK) && defined(S_IFLNK)
-#define S_ISLNK(a)	(((a) & S_IFMT) == S_IFLNK)
-#endif
-#endif
-
-#if defined(SNI)
-extern int fchmod(int fildes, mode_t mode);
-#endif
-
-
-#ifdef GETCWD_CANT_MALLOC
-/*
- * this should probably go into a utility library in case other applications
- * need it.
- */
-static char *
-getcwd_do_malloc(char *path, int len) {
-
-    if (!path) {
-	path = malloc(PATH_MAX +1);
-	if (!path) return NULL;
-    }
-    return getcwd(path, PATH_MAX);
-}
-#define GETCWD	getcwd_do_malloc
-#else
-#define GETCWD	getcwd
-#endif
-
-
-static void
-usage(void)
-{
-    fprintf(stderr,
-	"usage: %s [-C cwd] [-L linkprefix] [-m mode] [-o owner] [-g group]\n"
-	"       %*s [-DdltR] file [file ...] directory\n",
-	program, (int)strlen(program), "");
-    exit(2);
-}
-
-/* this is more-or-less equivalent to mkdir -p */
-static int
-mkdirs(char *path, mode_t mode)
-{
-    char *      cp;
-    int         rv;
-    struct stat sb;
-    
-    if (!path || !path[0]) 
-	fail("Null pointer or empty string passed to mkdirs()");
-    while (*path == '/' && path[1] == '/')
-	path++;
-    while ((cp = strrchr(path, '/')) && cp[1] == '\0')
-	*cp = '\0';
-    if (cp && cp != path) {
-	*cp = '\0';
-	if ((stat(path, &sb) < 0 || !S_ISDIR(sb.st_mode)) &&
-	    mkdirs(path, mode) < 0) {
-	    return -1;
-	}
-	*cp = '/';
-    }
-    rv = mkdir(path, mode);
-    if (rv) {
-	if (errno != EEXIST)
-	    fail("mkdirs cannot make %s", path);
-	fprintf(stderr, "directory creation race: %s\n", path);
-	if (!stat(path, &sb) && S_ISDIR(sb.st_mode)) 
-	    rv = 0;
-    }
-    return rv;
-}
-
-static uid_t
-touid(char *owner)
-{
-    struct passwd *pw;
-    uid_t uid;
-    char *cp;
-
-    if (!owner || !owner[0]) 
-	fail("Null pointer or empty string passed to touid()");
-    pw = getpwnam(owner);
-    if (pw)
-	return pw->pw_uid;
-    uid = strtol(owner, &cp, 0);
-    if (uid == 0 && cp == owner)
-	fail("cannot find uid for %s", owner);
-    return uid;
-}
-
-static gid_t
-togid(char *group)
-{
-    struct group *gr;
-    gid_t gid;
-    char *cp;
-
-    if (!group || !group[0]) 
-	fail("Null pointer or empty string passed to togid()");
-    gr = getgrnam(group);
-    if (gr)
-	return gr->gr_gid;
-    gid = strtol(group, &cp, 0);
-    if (gid == 0 && cp == group)
-	fail("cannot find gid for %s", group);
-    return gid;
-}
-
-void * const uninit = (void *)0xdeadbeef;
-
-int
-main(int argc, char **argv)
-{
-    char *	base		= uninit;
-    char *	bp		= uninit;
-    char *	cp		= uninit;
-    char *	cwd		= 0;
-    char *	group		= 0;
-    char *	linkname	= 0;
-    char *	linkprefix	= 0;
-    char *	name		= uninit;
-    char *	owner		= 0;
-    char *	todir		= uninit;
-    char *	toname		= uninit;
-
-    int 	bnlen		= -1;
-    int 	cc		= 0;
-    int 	dodir		= 0;
-    int 	dolink		= 0;
-    int 	dorelsymlink	= 0;
-    int 	dotimes		= 0;
-    int 	exists		= 0;
-    int 	fromfd		= -1;
-    int 	len		= -1;
-    int 	lplen		= 0;
-    int		onlydir		= 0;
-    int 	opt		= -1;
-    int 	tdlen		= -1;
-    int 	tofd		= -1;
-    int 	wc		= -1;
-
-    mode_t 	mode		= 0755;
-
-    uid_t 	uid		= -1;
-    gid_t 	gid		= -1;
-
-    struct stat sb;
-    struct stat tosb;
-    struct utimbuf utb;
-    char 	buf[BUFSIZ];
-
-    program = strrchr(argv[0], '/');
-    if (!program)
-	program = strrchr(argv[0], '\\');
-    program = program ? program+1 : argv[0];
-
-
-    while ((opt = getopt(argc, argv, "C:DdlL:Rm:o:g:t")) != EOF) {
-	switch (opt) {
-	  case 'C': cwd = optarg;	break;
-	  case 'D': onlydir = 1; 	break;
-	  case 'd': dodir = 1; 		break;
-	  case 'l': dolink = 1;		break;
-	  case 'L':
-	    linkprefix = optarg;
-	    lplen = strlen(linkprefix);
-	    dolink = 1;
-	    break;
-	  case 'R': dolink = dorelsymlink = 1; break;
-	  case 'm':
-	    mode = strtoul(optarg, &cp, 8);
-	    if (mode == 0 && cp == optarg)
-		usage();
-	    break;
-	  case 'o': owner = optarg; 	break;
-	  case 'g': group = optarg; 	break;
-	  case 't': dotimes = 1; 	break;
-	  default:  usage();
-	}
-    }
-
-    argc -= optind;
-    argv += optind;
-    if (argc < 2 - onlydir)
-	usage();
-
-    todir = argv[argc-1];
-    if ((stat(todir, &sb) < 0 || !S_ISDIR(sb.st_mode)) &&
-	mkdirs(todir, 0777) < 0) {
-	fail("cannot mkdir -p %s", todir);
-    }
-    if (onlydir)
-	return 0;
-
-    if (!cwd) {
-	cwd = GETCWD(0, PATH_MAX);
-	if (!cwd)
-	    fail("could not get CWD");
-    }
-
-    /* make sure we can get into todir. */
-    xchdir(todir);
-    todir = GETCWD(0, PATH_MAX);
-    if (!todir)
-	fail("could not get CWD in todir");
-    tdlen = strlen(todir);
-
-    /* back to original directory. */
-    xchdir(cwd);
-
-    uid = owner ? touid(owner) : -1;
-    gid = group ? togid(group) : -1;
-
-    while (--argc > 0) {
-	name   = *argv++;
-	len    = strlen(name);
-	base   = xbasename(name);
-	bnlen  = strlen(base);
-	toname = (char*)xmalloc(tdlen + 1 + bnlen + 1);
-	sprintf(toname, "%s/%s", todir, base);
-retry:
-	exists = (lstat(toname, &tosb) == 0);
-
-	if (dodir) {
-	    /* -d means create a directory, always */
-	    if (exists && !S_ISDIR(tosb.st_mode)) {
-		int rv = unlink(toname);
-		if (rv)
-		    fail("cannot unlink %s", toname);
-		exists = 0;
-	    }
-	    if (!exists && mkdir(toname, mode) < 0) {
-	    	/* we probably have two nsinstall programs in a race here. */
-		if (errno == EEXIST && !stat(toname, &sb) && 
-		    S_ISDIR(sb.st_mode)) {
-		    fprintf(stderr, "directory creation race: %s\n", toname);
-		    goto retry;
-	    	}
-		fail("cannot make directory %s", toname);
-	    }
-	    if ((owner || group) && chown(toname, uid, gid) < 0)
-		fail("cannot change owner of %s", toname);
-	} else if (dolink) {
-	    if (*name == '/') {
-		/* source is absolute pathname, link to it directly */
-		linkname = 0;
-	    } else {
-		if (linkprefix) {
-		    /* -L implies -l and prefixes names with a $cwd arg. */
-		    len += lplen + 1;
-		    linkname = (char*)xmalloc(len + 1);
-		    sprintf(linkname, "%s/%s", linkprefix, name);
-		} else if (dorelsymlink) {
-		    /* Symlink the relative path from todir to source name. */
-		    linkname = (char*)xmalloc(PATH_MAX);
-
-		    if (*todir == '/') {
-			/* todir is absolute: skip over common prefix. */
-			lplen = relatepaths(todir, cwd, linkname);
-			strcpy(linkname + lplen, name);
-		    } else {
-			/* todir is named by a relative path: reverse it. */
-			reversepath(todir, name, len, linkname);
-			xchdir(cwd);
-		    }
-
-		    len = strlen(linkname);
-		}
-		name = linkname;
-	    }
-
-	    /* Check for a pre-existing symlink with identical content. */
-	    if (exists &&
-		(!S_ISLNK(tosb.st_mode) ||
-		 readlink(toname, buf, sizeof buf) != len ||
-		 strncmp(buf, name, len) != 0)) {
-		int rmrv;
-		rmrv = (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname);
-		if (rmrv < 0) {
-		    fail("destination exists, cannot remove %s", toname);
-		}
-		exists = 0;
-	    }
-	    if (!exists && symlink(name, toname) < 0) {
-		if (errno == EEXIST) {
-		    fprintf(stderr, "symlink creation race: %s\n", toname);
-		    goto retry;
-		}
-		diagnosePath(toname);
-		fail("cannot make symbolic link %s", toname);
-	    }
-#ifdef HAVE_LCHOWN
-	    if ((owner || group) && lchown(toname, uid, gid) < 0)
-		fail("cannot change owner of %s", toname);
-#endif
-
-	    if (linkname) {
-		free(linkname);
-		linkname = 0;
-	    }
-	} else {
-	    /* Copy from name to toname, which might be the same file. */
-	    fromfd = open(name, O_RDONLY);
-	    if (fromfd < 0 || fstat(fromfd, &sb) < 0)
-		fail("cannot access %s", name);
-	    if (exists && 
-	        (!S_ISREG(tosb.st_mode) || access(toname, W_OK) < 0)) {
-		int rmrv;
-		rmrv = (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname);
-		if (rmrv < 0) {
-		    fail("destination exists, cannot remove %s", toname);
-		}
-	    }
-	    tofd = open(toname, O_CREAT | O_WRONLY, 0666);
-	    if (tofd < 0)
-		fail("cannot create %s", toname);
-
-	    bp = buf;
-	    while ((cc = read(fromfd, bp, sizeof buf)) > 0) {
-		while ((wc = write(tofd, bp, cc)) > 0) {
-		    if ((cc -= wc) == 0)
-			break;
-		    bp += wc;
-		}
-		if (wc < 0)
-		    fail("cannot write to %s", toname);
-	    }
-	    if (cc < 0)
-		fail("cannot read from %s", name);
-
-	    if (ftruncate(tofd, sb.st_size) < 0)
-		fail("cannot truncate %s", toname);
-	    if (dotimes) {
-		utb.actime = sb.st_atime;
-		utb.modtime = sb.st_mtime;
-		if (utime(toname, &utb) < 0)
-		    fail("cannot set times of %s", toname);
-	    }
-#ifdef HAVE_FCHMOD
-	    if (fchmod(tofd, mode) < 0)
-#else
-	    if (chmod(toname, mode) < 0)
-#endif
-		fail("cannot change mode of %s", toname);
-	    if ((owner || group) && fchown(tofd, uid, gid) < 0)
-		fail("cannot change owner of %s", toname);
-
-	    /* Must check for delayed (NFS) write errors on close. */
-	    if (close(tofd) < 0)
-		fail("close reports write error on %s", toname);
-	    close(fromfd);
-	}
-
-	free(toname);
-    }
-
-    free(cwd);
-    free(todir);
-    return 0;
-}
-
diff --git a/security/coreconf/nsinstall/pathsub.c b/security/coreconf/nsinstall/pathsub.c
deleted file mode 100644
index d13c541d0..000000000
--- a/security/coreconf/nsinstall/pathsub.c
+++ /dev/null
@@ -1,302 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** Pathname subroutines.
-*/
-#include <assert.h>
-#if defined(FREEBSD) || defined(BSDI) || defined(DARWIN)
-#include <sys/types.h>
-#endif /* FREEBSD */
-#include <dirent.h>
-#include <errno.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "pathsub.h"
-#ifdef USE_REENTRANT_LIBC
-#include "libc_r.h"
-#endif /* USE_REENTRANT_LIBC */
-
-char *program;
-
-void
-fail(char *format, ...)
-{
-    int error;
-    va_list ap;
-
-#ifdef USE_REENTRANT_LIBC
-    R_STRERROR_INIT_R();
-#endif
-
-    error = errno;
-    fprintf(stderr, "%s: ", program);
-    va_start(ap, format);
-    vfprintf(stderr, format, ap);
-    va_end(ap);
-    if (error)
-
-#ifdef USE_REENTRANT_LIBC
-    R_STRERROR_R(errno);
-	fprintf(stderr, ": %s", r_strerror_r);
-#else
-	fprintf(stderr, ": %s", strerror(errno));
-#endif
-
-    putc('\n', stderr);
-    abort();
-    exit(1);
-}
-
-char *
-getcomponent(char *path, char *name)
-{
-    if (*path == '\0')
-	return 0;
-    if (*path == '/') {
-	*name++ = '/';
-    } else {
-	do {
-	    *name++ = *path++;
-	} while (*path != '/' && *path != '\0');
-    }
-    *name = '\0';
-    while (*path == '/')
-	path++;
-    return path;
-}
-
-#ifdef UNIXWARE
-/* The static buffer in Unixware's readdir is too small. */
-struct dirent * readdir(DIR *d)
-{
-    static struct dirent *buf = NULL;
-#define MAX_PATH_LEN 1024
-
-    if (buf == NULL)
-	buf = (struct dirent *)xmalloc(sizeof(struct dirent) + MAX_PATH_LEN) ;
-    return readdir_r(d, buf);
-}
-#endif
-
-/* APPARENT BUG - ignores argument "dir", uses ".." instead. */
-char *
-ino2name(ino_t ino, char *dir)
-{
-    DIR *dp;
-    struct dirent *ep;
-    char *name;
-
-    dp = opendir("..");		/* XXX */
-    if (!dp)
-	fail("cannot read parent directory");
-    for (;;) {
-	if (!(ep = readdir(dp)))
-	    fail("cannot find current directory");
-	if (ep->d_ino == ino)
-	    break;
-    }
-    name = xstrdup(ep->d_name);
-    closedir(dp);
-    return name;
-}
-
-void *
-xmalloc(size_t size)
-{
-    void *p;
-
-    if (size <= 0)
-	fail("attempted to allocate %u bytes", size);
-    p = malloc(size);
-    if (!p)
-	fail("cannot allocate %u bytes", size);
-    return p;
-}
-
-char *
-xstrdup(char *s)
-{
-    if (!s || !s[0]) 
-	fail("Null pointer or empty string passed to xstrdup()");
-    return strcpy((char*)xmalloc(strlen(s) + 1), s);
-}
-
-char *
-xbasename(char *path)
-{
-    char *cp;
-
-    if (!path || !path[0]) 
-	fail("Null pointer or empty string passed to xbasename()");
-    while ((cp = strrchr(path, '/')) && cp[1] == '\0')
-	*cp = '\0';
-    if (!cp) return path;
-    return cp + 1;
-}
-
-void
-xchdir(char *dir)
-{
-    if (!dir || !dir[0]) 
-	fail("Null pointer or empty string passed to xchdir()");
-    if (chdir(dir) < 0)
-	fail("cannot change directory to %s", dir);
-}
-
-int
-relatepaths(char *from, char *to, char *outpath)
-{
-    char *cp, *cp2;
-    int len;
-    char buf[NAME_MAX];
-
-    assert(*from == '/' && *to == '/');
-    if (!from || *from != '/')
-	fail("relatepaths: from path does not start with /");
-    if (!to || *to != '/')
-	fail("relatepaths: to   path does not start with /");
-
-    for (cp = to, cp2 = from; *cp == *cp2; cp++, cp2++)
-	if (*cp == '\0')
-	    break;
-    while (cp[-1] != '/')
-	cp--, cp2--;
-    if (cp - 1 == to) {
-	/* closest common ancestor is /, so use full pathname */
-	len = strlen(strcpy(outpath, to));
-	if (outpath[len] != '/') {
-	    outpath[len++] = '/';
-	    outpath[len] = '\0';
-	}
-    } else {
-	len = 0;
-	while ((cp2 = getcomponent(cp2, buf)) != 0) {
-	    strcpy(outpath + len, "../");
-	    len += 3;
-	}
-	while ((cp = getcomponent(cp, buf)) != 0) {
-	    sprintf(outpath + len, "%s/", buf);
-	    len += strlen(outpath + len);
-	}
-    }
-    return len;
-}
-
-void
-reversepath(char *inpath, char *name, int len, char *outpath)
-{
-    char *cp, *cp2;
-    char buf[NAME_MAX];
-    struct stat sb;
-
-    cp = strcpy(outpath + PATH_MAX - (len + 1), name);
-    cp2 = inpath;
-    while ((cp2 = getcomponent(cp2, buf)) != 0) {
-	if (strcmp(buf, ".") == 0)
-	    continue;
-	if (strcmp(buf, "..") == 0) {
-	    if (stat(".", &sb) < 0)
-		fail("cannot stat current directory");
-	    name = ino2name(sb.st_ino, "..");
-	    len = strlen(name);
-	    cp -= len + 1;
-	    strcpy(cp, name);
-	    cp[len] = '/';
-	    free(name);
-	    xchdir("..");
-	} else {
-	    cp -= 3;
-	    strncpy(cp, "../", 3);
-	    xchdir(buf);
-	}
-    }
-    strcpy(outpath, cp);
-}
-
-void
-diagnosePath(const char * path)
-{
-    char *	myPath;
-    char *      slash;
-    int		rv;
-    struct stat sb;
-    char 	buf[BUFSIZ];
-
-    if (!path || !path[0]) 
-	fail("Null pointer or empty string passed to mkdirs()");
-    myPath = strdup(path);
-    if (!myPath)
-	fail("strdup() failed!");
-    do {
-    	rv = lstat(myPath, &sb);
-	if (rv < 0) {
-	    perror(myPath);
-	} else if (S_ISLNK(sb.st_mode)) {
-	    rv = readlink(myPath, buf, sizeof buf);
-	    if (rv < 0) {
-	    	perror("readlink");
-		buf[0] = 0;
-	    } else {
-	    	buf[rv] = 0;
-	    }
-	    fprintf(stderr, "%s is a link to %s\n", myPath, buf);
-	} else if (S_ISDIR(sb.st_mode)) {
-	    fprintf(stderr, "%s is a directory\n", myPath);
-	    rv = access(myPath, X_OK);
-	    if (rv < 0) {
-	    	fprintf(stderr, "%s: no search permission\n", myPath);
-	    }
-	} else {
-	    fprintf(stderr, "%s is a file !?!\n", myPath);
-	    rv = access(myPath, F_OK);
-	    if (rv < 0) {
-	    	fprintf(stderr, "%s does not exist\n", myPath);
-	    }
-	}
-
-	/* chop path off one level. */
-	slash = strrchr(myPath, '/');
-	if (!slash)
-	    slash = strrchr(myPath, '\\');
-	if (!slash)
-	    slash = myPath;
-	*slash = 0;
-    } while (myPath[0]);
-    free(myPath);
-}
diff --git a/security/coreconf/nsinstall/pathsub.h b/security/coreconf/nsinstall/pathsub.h
deleted file mode 100644
index 718c2206f..000000000
--- a/security/coreconf/nsinstall/pathsub.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef pathsub_h___
-#define pathsub_h___
-/*
-** Pathname subroutines.
-**
-** Brendan Eich, 8/29/95
-*/
-#include <limits.h>
-#include <sys/types.h>
-
-#if SUNOS4
-#include "sunos4.h"
-#endif
-
-#ifndef PATH_MAX
-#define PATH_MAX 1024
-#endif
-
-/*
- * Just keep sane lengths
- */
-#undef NAME_MAX
-#define NAME_MAX 256
-
-extern char *program;
-
-extern void fail(char *format, ...);
-extern char *getcomponent(char *path, char *name);
-extern char *ino2name(ino_t ino, char *dir);
-extern void *xmalloc(size_t size);
-extern char *xstrdup(char *s);
-extern char *xbasename(char *path);
-extern void xchdir(char *dir);
-
-/* Relate absolute pathnames from and to returning the result in outpath. */
-extern int relatepaths(char *from, char *to, char *outpath);
-
-/* NOTE: changes current working directory -- caveat emptor */
-extern void reversepath(char *inpath, char *name, int len, char *outpath);
-
-/* stats every directory in path, reports results. */
-extern void diagnosePath(const char * path);
-
-#endif /* pathsub_h___ */
diff --git a/security/coreconf/nsinstall/sunos4.h b/security/coreconf/nsinstall/sunos4.h
deleted file mode 100644
index 9bdae872c..000000000
--- a/security/coreconf/nsinstall/sunos4.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/* 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
- */
-
-#ifndef pr_sunos4_h___
-#define pr_sunos4_h___
-
-#ifndef SVR4
-
-/*
-** Hodge podge of random missing prototypes for the Sunos4 system
-*/
-#include <stdio.h>
-#include <stdarg.h>
-#include <time.h>
-#include <limits.h>
-#include <sys/types.h>
-
-#define PATH_MAX _POSIX_PATH_MAX
-
-struct timeval;
-struct timezone;
-struct itimerval;
-struct sockaddr;
-struct stat;
-struct tm;
-
-/* ctype.h */
-extern int tolower(int);
-extern int toupper(int);
-
-/* errno.h */
-extern char *sys_errlist[];
-extern int sys_nerr;
-
-#define strerror(e) sys_errlist[((unsigned)(e) < sys_nerr) ? e : 0]
-
-extern void perror(const char *);
-
-/* getopt */
-extern char *optarg;
-extern int optind;
-extern int getopt(int argc, char **argv, char *spec);
-
-/* math.h */
-extern int srandom(long val);
-extern long random(void);
-
-/* memory.h */
-#define memmove(to,from,len) bcopy((char*)(from),(char*)(to),len)
-
-extern void bcopy(const char *, char *, int);
-
-/* signal.h */
-/*
-** SunOS4 sigaction hides interrupts by default, so we can safely define
-** SA_RESTART to 0 (HP-UX is a counter-example -- its sigaction does not
-** hide interrupts but lacks an SA_RESTART option; you must use sigvector
-** and tweak the sigcontext from within each signal handler!).
-*/
-#define SA_RESTART 0
-#define SA_SIGINFO 0
-
-/* stdio.h */
-extern int printf(const char *, ...);
-extern int fprintf(FILE *, const char *, ...);
-extern int vprintf(const char *, va_list);
-extern int vfprintf(FILE *, const char *, va_list);
-extern char *vsprintf(char *, const char *, va_list);
-extern int scanf(const char *, ...);
-extern int sscanf(const char *, const char *, ...);
-extern int fscanf(FILE *, const char *, ...);
-extern int fgetc(FILE *);
-extern int fputc(int, FILE *);
-extern int fputs(const char *, FILE *);
-extern int puts(const char *);
-extern int fread(void *, size_t, size_t, FILE *);
-extern int fwrite(const char *, int, int, FILE *);
-extern int fseek(FILE *, long, int);
-extern long ftell(FILE *);
-extern int rewind(FILE *);
-extern int fflush(FILE *);
-extern int _flsbuf(unsigned char, FILE *);
-extern int fclose(FILE *);
-extern int remove(const char *);
-extern int setvbuf(FILE *, char *, int, size_t);
-extern int system(const char *);
-extern FILE *popen(const char *, const char *);
-extern int pclose(FILE *);
-
-/* stdlib.h */
-#define strtoul strtol
-
-extern int isatty(int fildes);
-extern long strtol(const char *, char **, int);
-extern int putenv(const char *);
-extern void srand48(long);
-extern long lrand48(void);
-extern double drand48(void);
-
-/* string.h */
-extern int strcasecmp(const char *, const char *);
-extern int strncasecmp(const char *, const char *, size_t);
-extern int strcoll(const char *, const char *);
-
-/* time.h */
-extern time_t mktime(struct tm *);
-extern size_t strftime(char *, size_t, const char *, const struct tm *);
-extern int gettimeofday(struct timeval *, struct timezone *);
-extern int setitimer(int, struct itimerval *, struct itimerval *);
-extern time_t time(time_t *);
-extern time_t timegm(struct tm *);
-extern struct tm *localtime(const time_t *);
-extern struct tm *gmtime(const time_t *);
-
-/* unistd.h */
-extern int rename(const char *, const char *);
-extern int ioctl(int, int, int *arg);
-extern int connect(int, struct sockaddr *, int);
-extern int readlink(const char *, char *, int);
-extern int symlink(const char *, const char *);
-extern int ftruncate(int, off_t);
-extern int fchmod(int, mode_t);
-extern int fchown(int, uid_t, gid_t);
-extern int lstat(const char *, struct stat *);
-extern int fstat(int, struct stat *);
-extern int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
-extern int gethostname(char *, int);
-extern char *getwd(char *);
-extern int getpagesize(void);
-
-#endif /* SVR4 */
-
-#endif /* pr_sunos4_h___ */
diff --git a/security/coreconf/outofdate.pl b/security/coreconf/outofdate.pl
deleted file mode 100755
index 1044639e8..000000000
--- a/security/coreconf/outofdate.pl
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#Input: [-d dir] foo1.java foo2.java
-#Compares with: foo1.class foo2.class (if -d specified, checks in 'dir', 
-#  otherwise assumes .class files in same directory as .java files)
-#Returns: list of input arguments which are newer than corresponding class
-#files (non-existant class files are considered to be real old :-)
-
-$found = 1;
-
-if ($ARGV[0] eq '-d') {
-    $classdir = $ARGV[1];
-    $classdir .= "/";
-    shift;
-    shift;
-} else {
-    $classdir = "./";
-}
-
-foreach $filename (@ARGV) {
-    $classfilename = $classdir;
-    $classfilename .= $filename;
-    $classfilename =~ s/.java$/.class/;
-    ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,
-     $ctime,$blksize,$blocks) = stat($filename);
-    ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$classmtime,
-     $ctime,$blksize,$blocks) = stat($classfilename);
-#    print $filename, " ", $mtime, ", ", $classfilename, " ", $classmtime, "\n";
-    if ($mtime > $classmtime) {
-        print $filename, " ";
-        $found = 0;
-    }
-}
-
-print "\n";
diff --git a/security/coreconf/platform.mk b/security/coreconf/platform.mk
deleted file mode 100644
index a4826d315..000000000
--- a/security/coreconf/platform.mk
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" <platform> tag                             #
-#######################################################################
-
-PLATFORM = $(OBJDIR_NAME)
diff --git a/security/coreconf/prefix.mk b/security/coreconf/prefix.mk
deleted file mode 100644
index efcdd3c44..000000000
--- a/security/coreconf/prefix.mk
+++ /dev/null
@@ -1,72 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" for computing program prefixes             #
-#######################################################################
-
-#
-# Object prefixes
-#
-
-ifndef OBJ_PREFIX
-    OBJ_PREFIX = 
-endif
-
-#
-# Library suffixes
-#
-
-ifndef LIB_PREFIX
-    LIB_PREFIX = lib
-endif
-
-
-ifndef DLL_PREFIX
-    DLL_PREFIX = lib
-endif
-
-
-ifndef IMPORT_LIB_PREFIX
-    IMPORT_LIB_PREFIX = 
-endif
-
-#
-# Program prefixes
-#
-
-ifndef PROG_PREFIX
-    PROG_PREFIX = 
-endif
-
-MK_PREFIX = included
diff --git a/security/coreconf/release.pl b/security/coreconf/release.pl
deleted file mode 100755
index 0a16727e1..000000000
--- a/security/coreconf/release.pl
+++ /dev/null
@@ -1,136 +0,0 @@
-#! /usr/local/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-require('coreconf.pl');
-
-#######-- read in variables on command line into %var
-
-$var{ZIP} = "zip";
-
-&parse_argv;
-
- 
-######-- Do the packaging of jars.
-
-foreach $jarfile (split(/ /,$var{FILES}) ) {
-    print STDERR "---------------------------------------------\n";
-    print STDERR "Packaging jar file $jarfile....\n";
-
-    $jarinfo = $var{$jarfile};
-
-    ($jardir,$jaropts) = split(/\|/,$jarinfo);
-
-    $zipoptions = "-T";
-    if ($jaropts =~ /a/) {
-	if ($var{OS_ARCH} eq 'WINNT') {
-	    $zipoptions .= ' -ll';
-	}
-    }
-
-# don't compress jar files containing classes since some java
-# implementations do not implement decompression correctly
-	if ( ($jarfile eq 'xpclass.jar') || ($jarfile eq 'xpclass_dbg.jar') ) {
-	    $zipoptions .= ' -0';
-	}
-
-
-# just in case the directory ends in a /, remove it
-    if ($jardir =~ /\/$/) {
-	chop $jardir;
-    }
-
-    $dirdepth --;
-    
-    print STDERR "jardir = $jardir\n";
-    system("ls $jardir");
-
-    if (-d $jardir) {
-
-
-# count the number of slashes
-
-	$slashes =0;
-	
-	foreach $i (split(//,$jardir)) {
-	    if ($i =~ /\//) {
-		$slashes++;
-	    }
-	}
-
-	$dotdots =0;
-	
-	foreach $i (split(m|/|,$jardir)) {
-	    if ($i eq '..') {
-		$dotdots ++;
-	    }
-	}
-
-	$dirdepth = ($slashes +1) - (2*$dotdots);
-
-	print STDERR "changing dir $jardir\n";
-	chdir($jardir);
-	print STDERR "making dir META-INF\n";
-	mkdir("META-INF",0755);
-
-	$filelist = "";
-	opendir(DIR,".");
-	while ($_ = readdir(DIR)) {
-	    if (! ( ($_ eq '.') || ($_ eq '..'))) {
-		if ( $jaropts =~ /i/) {
-		    if (! /^include$/) {
-			$filelist .= "$_ ";
-		    }
-		}
-		else {
-		    $filelist .= "$_ ";
-		}
-	    }
-	}
-	closedir(DIR);	
-
-	print STDERR "zip $zipoptions -r $jarfile $filelist\n";
-	system("zip $zipoptions -r $jarfile $filelist");
-	rmdir("META-INF");
-	    for $i (1 .. $dirdepth) {
-	    chdir("..");
-	    print STDERR "chdir ..\n";
-	}
-    }
-    else {
-        print STDERR "Directory $jardir doesn't exist\n";
-    }
-
-}
-
diff --git a/security/coreconf/ruleset.mk b/security/coreconf/ruleset.mk
deleted file mode 100644
index 8a9385c9a..000000000
--- a/security/coreconf/ruleset.mk
+++ /dev/null
@@ -1,237 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-#                                                                     #
-# Parameters to this makefile (set these in this file):               #
-#                                                                     #
-# a)                                                                  #
-#	TARGETS	-- the target to create                               #
-#			(defaults to $LIBRARY $PROGRAM)               #
-# b)                                                                  #
-#	DIRS	-- subdirectories for make to recurse on              #
-#			(the 'all' rule builds $TARGETS $DIRS)        #
-# c)                                                                  #
-#	CSRCS, CPPSRCS -- .c and .cpp files to compile                #
-#			(used to define $OBJS)                        #
-# d)                                                                  #
-#	PROGRAM	-- the target program name to create from $OBJS       #
-#			($OBJDIR automatically prepended to it)       #
-# e)                                                                  #
-#	LIBRARY	-- the target library name to create from $OBJS       #
-#			($OBJDIR automatically prepended to it)       #
-# f)                                                                  #
-#	JSRCS	-- java source files to compile into class files      #
-#			(if you don't specify this it will default    #
-#			 to *.java)                                   #
-# g)                                                                  #
-#	PACKAGE	-- the package to put the .class files into           #
-#			(e.g. netscape/applet)                        #
-#			(NOTE: the default definition for this may be #
-#                              overridden if "jdk.mk" is included)    #
-# h)                                                                  #
-#	JMC_EXPORT -- java files to be exported for use by JMC_GEN    #
-#			(this is a list of Class names)               #
-# i)                                                                  #
-#	JRI_GEN	-- files to run through javah to generate headers     #
-#                  and stubs                                          #
-#			(output goes into the _jri sub-dir)           #
-# j)                                                                  #
-#	JMC_GEN	-- files to run through jmc to generate headers       #
-#                  and stubs                                          #
-#			(output goes into the _jmc sub-dir)           #
-# k)                                                                  #
-#	JNI_GEN	-- files to run through javah to generate headers     #
-#			(output goes into the _jni sub-dir)           #
-#                                                                     #
-#######################################################################
-
-#
-# CPU_TAG is now defined in the $(TARGET).mk files
-#
-
-ifndef COMPILER_TAG
-    ifneq ($(DEFAULT_COMPILER), $(CC))
-#
-# Temporary define for the Client; to be removed when binary release is used
-#
-	ifdef MOZILLA_CLIENT
-	    COMPILER_TAG =
-	else
-	    COMPILER_TAG = _$(CC)
-	endif
-    else
-	COMPILER_TAG =
-    endif
-endif
-
-ifeq ($(MKPROG),)
-    MKPROG = $(CC)
-endif
-
-#
-# This makefile contains rules for building the following kinds of
-# objects:
-# - (1) LIBRARY: a static (archival) library
-# - (2) SHARED_LIBRARY: a shared (dynamic link) library
-# - (3) IMPORT_LIBRARY: an import library, defined in $(OS_TARGET).mk
-# - (4) PROGRAM: an executable binary
-#
-# NOTE:  The names of libraries can be generated by simply specifying
-# LIBRARY_NAME (and LIBRARY_VERSION in the case of non-static libraries).
-# LIBRARY and SHARED_LIBRARY may be defined differently in $(OS_TARGET).mk
-#
-
-ifdef LIBRARY_NAME
-    ifndef LIBRARY
-	LIBRARY        = $(OBJDIR)/$(LIB_PREFIX)$(LIBRARY_NAME).$(LIB_SUFFIX)
-    endif
-    ifndef SHARED_LIBRARY
-	SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).$(DLL_SUFFIX)
-    endif
-endif
-
-#
-# Common rules used by lots of makefiles...
-#
-
-ifdef PROGRAM
-    PROGRAM := $(addprefix $(OBJDIR)/, $(PROGRAM)$(JDK_DEBUG_SUFFIX)$(PROG_SUFFIX))
-endif
-
-ifdef PROGRAMS
-    PROGRAMS := $(addprefix $(OBJDIR)/, $(PROGRAMS:%=%$(JDK_DEBUG_SUFFIX)$(PROG_SUFFIX)))
-endif
-
-ifndef TARGETS
-    TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(PROGRAM)
-endif
-
-ifndef OBJS
-    SIMPLE_OBJS = $(JRI_STUB_CFILES) \
-		$(addsuffix $(OBJ_SUFFIX), $(JMC_GEN)) \
-		$(CSRCS:.c=$(OBJ_SUFFIX)) \
-		$(CPPSRCS:.cpp=$(OBJ_SUFFIX)) \
-		$(ASFILES:$(ASM_SUFFIX)=$(OBJ_SUFFIX)) \
-		$(BUILT_CSRCS:.c=$(OBJ_SUFFIX)) \
-		$(BUILT_CPPSRCS:.cpp=$(OBJ_SUFFIX)) \
-		$(BUILT_ASFILES:$(ASM_SUFFIX)=$(OBJ_SUFFIX))
-    OBJS =	$(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS))
-endif
-
-ifndef BUILT_SRCS
-    BUILT_SRCS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), \
-		 $(BUILT_CSRCS) $(BUILT_CPPSRCS) $(BUILT_ASFILES))
-endif
-
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-    MAKE_OBJDIR = $(INSTALL) -D $(OBJDIR)
-else
-    define MAKE_OBJDIR
-	if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi
-    endef
-endif
-
-ifndef PACKAGE
-    PACKAGE = .
-endif
-
-ALL_TRASH :=	$(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \
-		$(NOSUCHFILE) $(JDK_HEADER_CFILES) $(JDK_STUB_CFILES) \
-		$(JRI_HEADER_CFILES) $(JRI_STUB_CFILES) $(JNI_HEADERS) \
-		$(JMC_STUBS) $(JMC_HEADERS) $(JMC_EXPORT_FILES) \
-		so_locations _gen _jmc _jri _jni _stubs \
-		$(wildcard $(JAVA_DESTPATH)/$(PACKAGE)/*.class) \
-		$(BUILT_SRCS)
-
-ifdef JDIRS
-    ALL_TRASH += $(addprefix $(JAVA_DESTPATH)/,$(JDIRS))
-endif
-
-ifdef NSBUILDROOT
-    JDK_GEN_DIR  = $(SOURCE_XP_DIR)/_gen
-    JMC_GEN_DIR  = $(SOURCE_XP_DIR)/_jmc
-    JNI_GEN_DIR  = $(SOURCE_XP_DIR)/_jni
-    JRI_GEN_DIR  = $(SOURCE_XP_DIR)/_jri
-    JDK_STUB_DIR = $(SOURCE_XP_DIR)/_stubs
-else
-    JDK_GEN_DIR  = _gen
-    JMC_GEN_DIR  = _jmc
-    JNI_GEN_DIR  = _jni
-    JRI_GEN_DIR  = _jri
-    JDK_STUB_DIR = _stubs
-endif
-
-#
-# If this is an "official" build, try to build everything.
-# I.e., don't exit on errors.
-#
-
-ifdef BUILD_OFFICIAL
-    EXIT_ON_ERROR		= +e
-    CLICK_STOPWATCH		= date
-else
-    EXIT_ON_ERROR		= -e
-    CLICK_STOPWATCH		= true
-endif
-
-ifdef REQUIRES
-    MODULE_INCLUDES := $(addprefix -I$(SOURCE_XP_DIR)/public/, $(REQUIRES))
-    INCLUDES        += $(MODULE_INCLUDES)
-    ifeq ($(MODULE), sectools)
-	PRIVATE_INCLUDES := $(addprefix -I$(SOURCE_XP_DIR)/private/, $(REQUIRES))
-	INCLUDES         += $(PRIVATE_INCLUDES)
-    endif
-endif
-
-ifdef SYSTEM_INCL_DIR
-    YOPT = -Y$(SYSTEM_INCL_DIR)
-endif
-
-ifdef DIRS
-    LOOP_OVER_DIRS	=					\
-	@for directory in $(DIRS); do				\
-	    if test -d $$directory; then			\
-		set $(EXIT_ON_ERROR);				\
-		echo "cd $$directory; $(MAKE) $@";		\
-		$(MAKE) -C $$directory $@;			\
-		set +e;						\
-	    else						\
-		echo "Skipping non-directory $$directory...";	\
-	    fi;							\
-	    $(CLICK_STOPWATCH);					\
-	done
-endif
-
-MK_RULESET = included
diff --git a/security/coreconf/source.mk b/security/coreconf/source.mk
deleted file mode 100644
index 2eb9d1d7b..000000000
--- a/security/coreconf/source.mk
+++ /dev/null
@@ -1,188 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master <component>-specific source import/export directories        #
-#######################################################################
-
-#
-# <user_source_tree> master import/export directory prefix
-#
-
-ifndef SOURCE_PREFIX
-    ifndef BUILD_TREE
-	SOURCE_PREFIX = $(CORE_DEPTH)/../dist
-    else
-	SOURCE_PREFIX = $(BUILD_TREE)/dist
-    endif
-endif
-
-#
-# <user_source_tree> cross-platform (xp) master import/export directory
-#
-
-ifndef SOURCE_XP_DIR
-    SOURCE_XP_DIR        = $(SOURCE_PREFIX)
-endif
-
-#
-# <user_source_tree> cross-platform (xp) import/export directories
-#
-
-SOURCE_CLASSES_DIR     = $(SOURCE_XP_DIR)/classes
-SOURCE_CLASSES_DBG_DIR = $(SOURCE_XP_DIR)/classes_DBG
-SOURCE_XPHEADERS_DIR   = $(SOURCE_XP_DIR)/public/$(MODULE)
-SOURCE_XPPRIVATE_DIR   = $(SOURCE_XP_DIR)/private/$(MODULE)
-
-ifdef BUILD_OPT
-    IMPORT_XPCLASS_DIR = $(SOURCE_CLASSES_DIR)
-else
-    IMPORT_XPCLASS_DIR = $(SOURCE_CLASSES_DBG_DIR)
-endif
-
-#
-# <user_source_tree> machine-dependent (md) master import/export directory
-#
-
-ifndef SOURCE_MD_DIR
-    SOURCE_MD_DIR        = $(SOURCE_PREFIX)/$(PLATFORM)
-endif
-
-#
-# <user_source_tree> machine-dependent (md) import/export directories
-#
-
-#This is where we install built executables and (for Windows only) DLLs.
-ifndef SOURCE_BIN_DIR
-    SOURCE_BIN_DIR       = $(SOURCE_MD_DIR)/bin
-endif
-
-#This is where we install built libraries (.a, .so, .lib).
-ifndef SOURCE_LIB_DIR
-    SOURCE_LIB_DIR       = $(SOURCE_MD_DIR)/lib
-endif
-
-# This is where NSPR header files are found.
-ifndef SOURCE_MDHEADERS_DIR
-    SOURCE_MDHEADERS_DIR = $(SOURCE_MD_DIR)/include
-endif
-
-#######################################################################
-# Master <component>-specific source release directories and files    #
-#######################################################################
-
-#
-# <user_source_tree> source-side master release directory prefix
-# NOTE:  export control policy enforced for XP and MD files released to
-#        the staging area
-#
-
-ifeq ($(POLICY), domestic)
-    SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/domestic
-else
-    ifeq ($(POLICY), export)
-	SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/export
-    else
-	ifeq ($(POLICY), france)
-	    SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/france
-	else
-#We shouldn't have to put another directory under here, but without it the perl
-#script for releasing doesn't find the directory. It thinks it doesn't exist.
-#So we're adding this no-policy directory so that the script for releasing works
-#in all casese when policy is not set. This doesn't affect where the final jar
-#files land, only where they are placed in the local tree when building the jar
-#files. When there is no policy, the jar files will still land in
-#<dist>/<module>/<date>/<platform> like they used to.
-	    SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/no-policy
-	endif
-    endif
-endif
-
-#
-# <user_source_tree> cross-platform (xp) source-side master release directory
-#
-
-SOURCE_RELEASE_XP_DIR = $(SOURCE_RELEASE_PREFIX)
-
-#
-# <user_source_tree> cross-platform (xp) source-side release directories
-#
-
-SOURCE_RELEASE_CLASSES_DIR     = classes
-SOURCE_RELEASE_CLASSES_DBG_DIR = classes_DBG
-SOURCE_RELEASE_XPHEADERS_DIR   = include
-
-#
-# <user_source_tree> cross-platform (xp) JAR source-side release files
-#
-
-XPCLASS_JAR     = xpclass.jar
-XPCLASS_DBG_JAR = xpclass_dbg.jar
-XPHEADER_JAR    = xpheader.jar
-
-ifdef BUILD_OPT
-    IMPORT_XPCLASS_JAR = $(XPCLASS_JAR)
-else
-    IMPORT_XPCLASS_JAR = $(XPCLASS_DBG_JAR)
-endif
-
-#
-# <user_source_tree> machine-dependent (md) source-side master release directory
-#
-
-SOURCE_RELEASE_MD_DIR = $(PLATFORM)
-
-#
-# <user_source_tree> machine-dependent (md) source-side release directories
-#
-
-SOURCE_RELEASE_BIN_DIR       = $(PLATFORM)/bin
-SOURCE_RELEASE_LIB_DIR       = $(PLATFORM)/lib
-SOURCE_RELEASE_MDHEADERS_DIR = $(PLATFORM)/include
-SOURCE_RELEASE_SPEC_DIR      = $(SOURCE_RELEASE_MD_DIR)
-
-#
-# <user_source_tree> machine-dependent (md) JAR/tar source-side release files
-#
-
-MDBINARY_JAR = mdbinary.jar
-MDHEADER_JAR = mdheader.jar
-
-
-# Where to put the results
-
-ifneq ($(RESULTS_DIR),)
-    RESULTS_DIR = $(RELEASE_TREE)/sectools/results
-endif
-
-MK_SOURCE = included
diff --git a/security/coreconf/suffix.mk b/security/coreconf/suffix.mk
deleted file mode 100644
index 4366befc4..000000000
--- a/security/coreconf/suffix.mk
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" suffixes                                   #
-#######################################################################
-
-#
-# Object suffixes   (OS2 and WIN% override this)
-#
-ifndef OBJ_SUFFIX
-    OBJ_SUFFIX = .o
-endif
-
-#
-# Assembler source suffixes (OS2 and WIN% override this)
-#
-ifndef ASM_SUFFIX
-    ASM_SUFFIX = .s
-endif
-
-#
-# Library suffixes
-#
-STATIC_LIB_EXTENSION =
-
-ifndef DYNAMIC_LIB_EXTENSION
-    DYNAMIC_LIB_EXTENSION =
-endif
-
-
-ifndef STATIC_LIB_SUFFIX
-    STATIC_LIB_SUFFIX = .$(LIB_SUFFIX)
-endif
-
-
-ifndef DYNAMIC_LIB_SUFFIX
-    DYNAMIC_LIB_SUFFIX = .$(DLL_SUFFIX)
-endif
-
-# WIN% overridese this
-ifndef IMPORT_LIB_SUFFIX
-    IMPORT_LIB_SUFFIX = 
-endif
-
-
-ifndef STATIC_LIB_SUFFIX_FOR_LINKING
-    STATIC_LIB_SUFFIX_FOR_LINKING = $(STATIC_LIB_SUFFIX)
-endif
-
-
-# WIN% overridese this
-ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
-    DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(DYNAMIC_LIB_SUFFIX)
-endif
-
-#
-# Program suffixes (OS2 and WIN% override this)
-#
-
-ifndef PROG_SUFFIX
-    PROG_SUFFIX =
-endif
-
-MK_SUFFIX = included
diff --git a/security/coreconf/tree.mk b/security/coreconf/tree.mk
deleted file mode 100644
index 273a47c1e..000000000
--- a/security/coreconf/tree.mk
+++ /dev/null
@@ -1,80 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Master "Core Components" file system "release" prefixes             #
-#######################################################################
-
-# Windows platforms override this.  See WIN32.mk or WIN16.mk.
-ifndef RELEASE_TREE
-    ifdef BUILD_SHIP
-	ifdef USE_SHIPS 
-	    RELEASE_TREE = $(BUILD_SHIP)
-	else
-	    RELEASE_TREE = /share/builds/components
-	endif
-    else
-	RELEASE_TREE = /share/builds/components
-    endif
-endif
-
-#
-# NOTE:  export control policy enforced for XP and MD files
-#        released to the binary release tree
-#
-
-ifeq ($(POLICY), domestic)
-    RELEASE_XP_DIR = domestic
-    RELEASE_MD_DIR = domestic/$(PLATFORM)
-else
-    ifeq ($(POLICY), export)
-	RELEASE_XP_DIR = export
-	RELEASE_MD_DIR = export/$(PLATFORM)
-    else
-	ifeq ($(POLICY), france)
-	    RELEASE_XP_DIR = france
-	    RELEASE_MD_DIR = france/$(PLATFORM)
-	else
-	    RELEASE_XP_DIR = 
-	    RELEASE_MD_DIR = $(PLATFORM)
-	endif
-    endif
-endif
-
-
-REPORTER_TREE = $(subst \,\\,$(RELEASE_TREE))
-
-IMPORT_XP_DIR = 
-IMPORT_MD_DIR = $(PLATFORM)
-
-MK_TREE = included
diff --git a/security/coreconf/version.mk b/security/coreconf/version.mk
deleted file mode 100644
index 7d459a95f..000000000
--- a/security/coreconf/version.mk
+++ /dev/null
@@ -1,105 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Build master "Core Components" release version directory name       #
-#######################################################################
-
-#
-# Always set CURRENT_VERSION_SYMLINK to the <current> symbolic link.
-#
-
-CURRENT_VERSION_SYMLINK = current
-
-
-#
-#  For the sake of backwards compatibility (*sigh*) ...
-#
-
-ifndef VERSION
-    ifdef BUILD_NUM
-	VERSION = $(BUILD_NUM)
-    endif
-endif
-
-ifndef RELEASE_VERSION
-    ifdef BUILD_NUM
-	RELEASE_VERSION = $(BUILD_NUM)
-    endif
-endif
-
-#
-# If VERSION has still NOT been set on the command line,
-# as an environment variable, by the individual Makefile, or
-# by the <component>-specific "version.mk" file, set VERSION equal
-# to $(CURRENT_VERSION_SYMLINK).
-
-ifndef VERSION
-    VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-# If RELEASE_VERSION has still NOT been set on the command line,
-# as an environment variable, by the individual Makefile, or
-# by the <component>-specific "version.mk" file, automatically
-# generate the next available version number via a perl script.
-# 
-
-ifndef RELEASE_VERSION
-    RELEASE_VERSION = 
-endif
-
-#
-# Set <component>-specific versions for compiliation and linkage.
-#
-
-ifndef JAVA_VERSION
-    JAVA_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef NETLIB_VERSION
-    NETLIB_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef NSPR_VERSION
-    NSPR_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef SECTOOLS_VERSION
-    SECTOOLS_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-ifndef SECURITY_VERSION
-    SECURITY_VERSION = $(CURRENT_VERSION_SYMLINK)
-endif
-
-MK_VERSION = included
diff --git a/security/coreconf/version.pl b/security/coreconf/version.pl
deleted file mode 100644
index 47a71395b..000000000
--- a/security/coreconf/version.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/sbin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# Compose lowercase alphabet
-@alphabet = ( "a", "b", "c", "d", "e", "f", "g", "h",
-              "i", "j", "k", "l", "m", "n", "o", "p",
-              "q", "r", "s", "t", "u", "v", "w", "x",
-              "y", "z" );
-
-# Compute year
-$year = (localtime)[5] + 1900;
-
-# Compute month
-$month = (localtime)[4] + 1;
-
-# Compute day
-$day = (localtime)[3];
-
-# Compute base build number
-$version = sprintf( "%d%02d%02d", $year, $month, $day );
-$directory = sprintf( "%s\/%s\/%d%02d%02d", $ARGV[0], $ARGV[1], $year, $month, $day );
-
-# Print out the name of the first version directory which does not exist
-#if( ! -e  $directory )
-#{
-    print $version;
-#}
-#else
-#{
-#    # Loop through combinations
-#    foreach $ch1 (@alphabet)
-#    {
-#	foreach $ch2 (@alphabet)
-#	{
-#	    $version = sprintf( "%d%02d%02d%s%s", $year, $month, $day, $ch1, $ch2 );
-#	    $directory = sprintf( "%s\/%s\/%d%02d%02d%s%s", $ARGV[0], $ARGV[1], $year, $month, $day, $ch1, $ch2 );
-#	    if( ! -e  $directory )
-#	    {
-#		print STDOUT $version;
-#		exit;
-#	    }
-#	}
-#    }
-#}
-
diff --git a/security/dbm/Makefile b/security/dbm/Makefile
deleted file mode 100644
index 34cd6d899..000000000
--- a/security/dbm/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-coreconf_hack:
-	cd ../coreconf; gmake
-	gmake import
-
-RelEng_bld: coreconf_hack
-	gmake
diff --git a/security/dbm/config/config.mk b/security/dbm/config/config.mk
deleted file mode 100644
index 753364931..000000000
--- a/security/dbm/config/config.mk
+++ /dev/null
@@ -1,67 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# These macros are defined by mozilla's configure script.
-# We define them manually here.
-#
-
-DEFINES += -DSTDC_HEADERS -DHAVE_STRERROR
-
-#
-# Most platforms have snprintf, so it's simpler to list the exceptions.
-#
-HAVE_SNPRINTF = 1
-#
-# OSF1 V4.0D doesn't have snprintf but V5.0A does.
-#
-ifeq ($(OS_TARGET)$(OS_RELEASE),OSF1V4.0D)
-HAVE_SNPRINTF =
-endif
-ifdef HAVE_SNPRINTF
-DEFINES += -DHAVE_SNPRINTF
-endif
-
-ifeq (,$(filter-out IRIX Linux,$(OS_TARGET)))
-DEFINES += -DHAVE_SYS_CDEFS_H
-endif
-
-ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET)))
-DEFINES += -DHAVE_SYS_BYTEORDER_H
-endif
-
-#
-# None of the platforms that we are interested in need to
-# define HAVE_MEMORY_H.
-#
diff --git a/security/dbm/include/Makefile b/security/dbm/include/Makefile
deleted file mode 100644
index ba4dd8ddf..000000000
--- a/security/dbm/include/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/dbm/include/manifest.mn b/security/dbm/include/manifest.mn
deleted file mode 100644
index 886fedd98..000000000
--- a/security/dbm/include/manifest.mn
+++ /dev/null
@@ -1,57 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-
-VPATH  = $(CORE_DEPTH)/../dbm/include
-
-MODULE = dbm
-
-EXPORTS =	nsres.h   \
-		cdefs.h   \
-		mcom_db.h \
-		ncompat.h \
-		winfile.h \
-		$(NULL)
-
-PRIVATE_EXPORTS =	hsearch.h \
-			page.h    \
-			extern.h  \
-			ndbm.h    \
-			queue.h   \
-			hash.h    \
-			mpool.h   \
-			search.h  \
-			$(NULL)
-
diff --git a/security/dbm/manifest.mn b/security/dbm/manifest.mn
deleted file mode 100644
index 11f4f4237..000000000
--- a/security/dbm/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ..
-
-MODULE = dbm
-
-IMPORTS = nspr20/v4.1.2
-
-RELEASE = dbm
-
-DIRS =  include \
-        src     \
-	$(NULL)
diff --git a/security/dbm/src/Makefile b/security/dbm/src/Makefile
deleted file mode 100644
index 8fce98394..000000000
--- a/security/dbm/src/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-include $(CORE_DEPTH)/dbm/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/dbm/src/config.mk b/security/dbm/src/config.mk
deleted file mode 100644
index 370fd75d6..000000000
--- a/security/dbm/src/config.mk
+++ /dev/null
@@ -1,63 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG)
-
-INCLUDES += -I$(CORE_DEPTH)/../dbm/include
-
-#
-#  Currently, override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PURE_LIBRARY   =
-PROGRAM        =
-
-ifdef SHARED_LIBRARY
-	ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16
-		DLLBASE=/BASE:0x30000000
-		RES=$(OBJDIR)/dbm.res
-		RESNAME=../include/dbm.rc
-	endif
-	ifeq ($(DLL_SUFFIX),dll)
-		DEFINES += -D_DLL
-	endif
-endif
-
-ifeq ($(OS_TARGET),AIX)
-	OS_LIBS += -lc_r
-endif
diff --git a/security/dbm/src/dirent.c b/security/dbm/src/dirent.c
deleted file mode 100644
index 001a48c5c..000000000
--- a/security/dbm/src/dirent.c
+++ /dev/null
@@ -1,348 +0,0 @@
-#ifdef OS2
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-
-#include <dirent.h>
-#include <errno.h>
-
-/*#ifndef __EMX__ 
-#include <libx.h>
-#endif */
-
-#define INCL_DOSFILEMGR
-#define INCL_DOSERRORS
-#include <os2.h>
-
-#if OS2 >= 2
-# define FFBUF	FILEFINDBUF3
-# define Word	ULONG
-  /*
-   * LS20 recommends a request count of 100, but according to the
-   * APAR text it does not lead to missing files, just to funny
-   * numbers of returned entries.
-   *
-   * LS30 HPFS386 requires a count greater than 2, or some files
-   * are missing (those starting with a character less that '.').
-   *
-   * Novell looses entries which overflow the buffer. In previous
-   * versions of dirent2, this could have lead to missing files
-   * when the average length of 100 directory entries was 40 bytes
-   * or more (quite unlikely for files on a Novell server).
-   *
-   * Conclusion: Make sure that the entries all fit into the buffer
-   * and that the buffer is large enough for more than 2 entries
-   * (each entry is at most 300 bytes long). And ignore the LS20
-   * effect.
-   */
-# define Count	25
-# define BufSz	(25 * (sizeof(FILEFINDBUF3)+1))
-#else
-# define FFBUF	FILEFINDBUF
-# define Word	USHORT
-# define BufSz	1024
-# define Count	3
-#endif
-
-#if defined(__IBMC__) || defined(__IBMCPP__)
-  #define error(rc) _doserrno = rc, errno = EOS2ERR
-#elif defined(MICROSOFT)
-  #define error(rc) _doserrno = rc, errno = 255
-#else
-  #define error(rc) errno = 255
-#endif
-
-struct _dirdescr {
-	HDIR		handle;		/* DosFindFirst handle */
-	char		fstype;		/* filesystem type */
-	Word		count;		/* valid entries in <ffbuf> */
-	long		number;		/* absolute number of next entry */
-	int		index;		/* relative number of next entry */
-	FFBUF *		next;		/* pointer to next entry */
-	char		name[MAXPATHLEN+3]; /* directory name */
-	unsigned	attrmask;	/* attribute mask for seekdir */
-	struct dirent	entry;		/* buffer for directory entry */
-	BYTE		ffbuf[BufSz];
-};
-
-/*
- * Return first char of filesystem type, or 0 if unknown.
- */
-static char
-getFSType(const char *path)
-{
-	static char cache[1+26];
-	char drive[3], info[512];
-	Word unit, infolen;
-	char r;
-
-	if (isalpha(path[0]) && path[1] == ':') {
-		unit = toupper(path[0]) - '@';
-		path += 2;
-	} else {
-		ULONG driveMap;
-#if OS2 >= 2
-		if (DosQueryCurrentDisk(&unit, &driveMap))
-#else
-		if (DosQCurDisk(&unit, &driveMap))
-#endif
-			return 0;
-	}
-
-	if ((path[0] == '\\' || path[0] == '/')
-	 && (path[1] == '\\' || path[1] == '/'))
-		return 0;
-
-	if (cache [unit])
-		return cache [unit];
-
-	drive[0] = '@' + unit;
-	drive[1] = ':';
-	drive[2] = '\0';
-	infolen = sizeof info;
-#if OS2 >= 2
-	if (DosQueryFSAttach(drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen))
-		return 0;
-	if (infolen >= sizeof(FSQBUFFER2)) {
-		FSQBUFFER2 *p = (FSQBUFFER2 *)info;
-		r = p->szFSDName[p->cbName];
-	} else
-#else
-	if (DosQFSAttach((PSZ)drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen, 0))
-		return 0;
-	if (infolen >= 9) {
-		char *p = info + sizeof(USHORT);
-		p += sizeof(USHORT) + *(USHORT *)p + 1 + sizeof(USHORT);
-		r = *p;
-	} else
-#endif
-		r = 0;
-	return cache [unit] = r;
-}
-
-char *
-abs_path(const char *name, char *buffer, int len)
-{
-	char buf[4];
-	if (isalpha(name[0]) && name[1] == ':' && name[2] == '\0') {
-		buf[0] = name[0];
-		buf[1] = name[1];
-		buf[2] = '.';
-		buf[3] = '\0';
-		name = buf;
-	}
-#if OS2 >= 2
-	if (DosQueryPathInfo((PSZ)name, FIL_QUERYFULLNAME, buffer, len))
-#else
-	if (DosQPathInfo((PSZ)name, FIL_QUERYFULLNAME, (PBYTE)buffer, len, 0L))
-#endif
-		return NULL;
-	return buffer;
-}
-
-DIR *
-openxdir(const char *path, unsigned att_mask)
-{
-	DIR *dir;
-	char name[MAXPATHLEN+3];
-	Word rc;
-
-	dir = malloc(sizeof(DIR));
-	if (dir == NULL) {
-		errno = ENOMEM;
-		return NULL;
-	}
-
-	strncpy(name, path, MAXPATHLEN);
-	name[MAXPATHLEN] = '\0';
-	switch (name[strlen(name)-1]) {
-	default:
-		strcat(name, "\\");
-	case '\\':
-	case '/':
-	case ':':
-		;
-	}
-	strcat(name, ".");
-	if (!abs_path(name, dir->name, MAXPATHLEN+1))
-		strcpy(dir->name, name);
-	if (dir->name[strlen(dir->name)-1] == '\\')
-		strcat(dir->name, "*");
-	else
-		strcat(dir->name, "\\*");
-
-	dir->fstype = getFSType(dir->name);
-	dir->attrmask = att_mask | A_DIR;
-
-	dir->handle = HDIR_CREATE;
-	dir->count = 100;
-#if OS2 >= 2
-	rc = DosFindFirst(dir->name, &dir->handle, dir->attrmask,
-		dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD);
-#else
-	rc = DosFindFirst((PSZ)dir->name, &dir->handle, dir->attrmask,
-		(PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0);
-#endif
-	switch (rc) {
-	default:
-		free(dir);
-		error(rc);
-		return NULL;
-	case NO_ERROR:
-	case ERROR_NO_MORE_FILES:
-		;
-	}
-
-	dir->number = 0;
-	dir->index = 0;
-	dir->next = (FFBUF *)dir->ffbuf;
-
-	return (DIR *)dir;
-}
-
-DIR *
-opendir(const char *pathname)
-{
-	return openxdir(pathname, 0);
-}
-
-struct dirent *
-readdir(DIR *dir)
-{
-	static int dummy_ino = 2;
-
-	if (dir->index == dir->count) {
-		Word rc;
-		dir->count = 100;
-#if OS2 >= 2
-		rc = DosFindNext(dir->handle, dir->ffbuf,
-			sizeof dir->ffbuf, &dir->count);
-#else
-		rc = DosFindNext(dir->handle, (PFILEFINDBUF)dir->ffbuf,
-			sizeof dir->ffbuf, &dir->count);
-#endif
-		if (rc) {
-			error(rc);
-			return NULL;
-		}
-
-		dir->index = 0;
-		dir->next = (FFBUF *)dir->ffbuf;
-	}
-
-	if (dir->index == dir->count)
-		return NULL;
-
-	memcpy(dir->entry.d_name, dir->next->achName, dir->next->cchName);
-	dir->entry.d_name[dir->next->cchName] = '\0';
-	dir->entry.d_ino = dummy_ino++;
-	dir->entry.d_reclen = dir->next->cchName;
-	dir->entry.d_namlen = dir->next->cchName;
-	dir->entry.d_size = dir->next->cbFile;
-	dir->entry.d_attribute = dir->next->attrFile;
-	dir->entry.d_time = *(USHORT *)&dir->next->ftimeLastWrite;
-	dir->entry.d_date = *(USHORT *)&dir->next->fdateLastWrite;
-
-	switch (dir->fstype) {
-	case 'F': /* FAT */
-	case 'C': /* CDFS */
-		if (dir->next->attrFile & FILE_DIRECTORY)
-			strupr(dir->entry.d_name);
-		else
-			strlwr(dir->entry.d_name);
-	}
-
-#if OS2 >= 2
-	dir->next = (FFBUF *)((BYTE *)dir->next + dir->next->oNextEntryOffset);
-#else
-	dir->next = (FFBUF *)((BYTE *)dir->next->achName + dir->next->cchName + 1);
-#endif
-	++dir->number;
-	++dir->index;
-
-	return &dir->entry;
-}
-
-long
-telldir(DIR *dir)
-{
-	return dir->number;
-}
-
-void
-seekdir(DIR *dir, long off)
-{
-	if (dir->number > off) {
-		char name[MAXPATHLEN+2];
-		Word rc;
-
-		DosFindClose(dir->handle);
-
-		strcpy(name, dir->name);
-		strcat(name, "*");
-
-		dir->handle = HDIR_CREATE;
-		dir->count = 32767;
-#if OS2 >= 2
-		rc = DosFindFirst(name, &dir->handle, dir->attrmask,
-			dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD);
-#else
-		rc = DosFindFirst((PSZ)name, &dir->handle, dir->attrmask,
-			(PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0);
-#endif
-		switch (rc) {
-		default:
-			error(rc);
-			return;
-		case NO_ERROR:
-		case ERROR_NO_MORE_FILES:
-			;
-		}
-
-		dir->number = 0;
-		dir->index = 0;
-		dir->next = (FFBUF *)dir->ffbuf;
-	}
-
-	while (dir->number < off && readdir(dir))
-		;
-}
-
-void
-closedir(DIR *dir)
-{
-	DosFindClose(dir->handle);
-	free(dir);
-}
-
-/*****************************************************************************/
-
-#ifdef TEST
-
-main(int argc, char **argv)
-{
-	int i;
-	DIR *dir;
-	struct dirent *ep;
-
-	for (i = 1; i < argc; ++i) {
-		dir = opendir(argv[i]);
-		if (!dir)
-			continue;
-		while (ep = readdir(dir))
-			if (strchr("\\/:", argv[i] [strlen(argv[i]) - 1]))
-				printf("%s%s\n", argv[i], ep->d_name);
-			else
-				printf("%s/%s\n", argv[i], ep->d_name);
-		closedir(dir);
-	}
-
-	return 0;
-}
-
-#endif
-
-#endif /* OS2 */
-
diff --git a/security/dbm/src/dirent.h b/security/dbm/src/dirent.h
deleted file mode 100644
index 07a6c0ac8..000000000
--- a/security/dbm/src/dirent.h
+++ /dev/null
@@ -1,97 +0,0 @@
-#ifndef __DIRENT_H__
-#define __DIRENT_H__
-/*
- * @(#)msd_dir.h 1.4 87/11/06   Public Domain.
- *
- *  A public domain implementation of BSD directory routines for
- *  MS-DOS.  Written by Michael Rendell ({uunet,utai}michael@garfield),
- *  August 1897
- *
- *  Extended by Peter Lim (lim@mullian.oz) to overcome some MS DOS quirks
- *  and returns 2 more pieces of information - file size & attribute.
- *  Plus a little reshuffling of some #define's positions    December 1987
- *
- *  Some modifications by Martin Junius                      02-14-89
- *
- *	AK900712
- *	AK910410	abs_path - make absolute path
- *
- */
-
-#ifdef __EMX__
-#include <sys/param.h>
-#else
-#if defined(__IBMC__) || defined(__IBMCPP__) || defined(XP_W32_MSVC)
-#include <stdio.h>
-#ifdef MAXPATHLEN
-	#undef MAXPATHLEN
-#endif
-#define MAXPATHLEN (FILENAME_MAX*4)
-#define MAXNAMLEN FILENAME_MAX
-
-#else
-#include <param.h>
-#endif
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* attribute stuff */
-#ifndef A_RONLY
-# define A_RONLY   0x01
-# define A_HIDDEN  0x02
-# define A_SYSTEM  0x04
-# define A_LABEL   0x08
-# define A_DIR     0x10
-# define A_ARCHIVE 0x20
-#endif
-
-struct dirent {
-#if defined(OS2) || defined(WIN32)        /* use the layout of EMX to avoid trouble */
-    int            d_ino;                 /* Dummy */
-    int            d_reclen;		  /* Dummy, same as d_namlen */
-    int            d_namlen;              /* length of name */
-    char           d_name[MAXNAMLEN + 1];
-    unsigned long  d_size;
-    unsigned short d_attribute;           /* attributes (see above) */
-    unsigned short d_time;                /* modification time */
-    unsigned short d_date;                /* modification date */
-#else
-    char	   d_name[MAXNAMLEN + 1]; /* garentee null termination */
-    char	   d_attribute;		  /* .. extension .. */
-    unsigned long  d_size;		  /* .. extension .. */
-#endif
-};
-
-typedef struct _dirdescr DIR;
-/* the structs do not have to be defined here */
-
-extern DIR		*opendir(const char *);
-extern DIR		*openxdir(const char *, unsigned);
-extern struct dirent	*readdir(DIR *);
-extern void		seekdir(DIR *, long);
-extern long		telldir(DIR *);
-extern void 		closedir(DIR *);
-#define			rewinddir(dirp) seekdir(dirp, 0L)
-
-extern char *		abs_path(const char *name, char *buffer, int len);
-
-#ifndef S_IFMT
-#define S_IFMT ( S_IFDIR | S_IFREG )
-#endif
-
-#ifndef S_ISDIR
-#define S_ISDIR( m )                    (((m) & S_IFMT) == S_IFDIR)
-#endif
-
-#ifndef S_ISREG
-#define S_ISREG( m )                    (((m) & S_IFMT) == S_IFREG)
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/dbm/src/manifest.mn b/security/dbm/src/manifest.mn
deleted file mode 100644
index 80f2abfd0..000000000
--- a/security/dbm/src/manifest.mn
+++ /dev/null
@@ -1,61 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-
-VPATH  = $(CORE_DEPTH)/../dbm/src
-
-MODULE = dbm
-
-#
-# memmove.c, snprintf.c, and strerror.c are not in CSRCS because
-# the Standard C Library has memmove and strerror and DBM is not
-# using snprintf.
-#
-
-CSRCS = db.c	   \
-	h_bigkey.c \
-	h_func.c   \
-	h_log2.c   \
-	h_page.c   \
-	hash.c	   \
-	hash_buf.c \
-	hsearch.c  \
-	mktemp.c   \
-	ndbm.c	   \
-	nsres.c	   \
-	dirent.c	   \
-	$(NULL)
-
-LIBRARY_NAME = dbm
diff --git a/security/dbm/tests/Makefile b/security/dbm/tests/Makefile
deleted file mode 100644
index fe132e19c..000000000
--- a/security/dbm/tests/Makefile
+++ /dev/null
@@ -1,69 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-DEPTH		= ../..
-CORE_DEPTH	= ../..
-
-VPATH		= $(CORE_DEPTH)/../dbm/tests
-
-MODULE		= dbm
-
-CSRCS		= lots.c
-
-PROGRAM		= lots
-
-include $(DEPTH)/coreconf/config.mk
-
-include $(DEPTH)/dbm/config/config.mk
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET))) 
-LIBDBM		= ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX)
-else
-LIBDBM		= ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX)
-endif
-
-INCLUDES	+= -I$(CORE_DEPTH)/../dbm/include
-
-LDFLAGS		= $(LDOPTS) $(LIBDBM)
-
-include $(DEPTH)/coreconf/rules.mk
-
-lots.pure: lots
-	purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS)
-
-crash: crash.o $(MYLIBS)
-	$(CC) -o crash $(CFLAGS) $^
-
-crash.pure: crash.o $(MYLIBS)
-	purify $(CC) -o crash.pure $(CFLAGS) $^
-
diff --git a/security/nss/Makefile b/security/nss/Makefile
deleted file mode 100644
index d7373ed82..000000000
--- a/security/nss/Makefile
+++ /dev/null
@@ -1,176 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-ifeq ($(OS_TARGET),WINCE)
-DIRS	= lib	# omit cmd since wince has no command line shell
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-nss_build_all: build_coreconf build_nspr build_dbm all
-
-build_coreconf:
-	cd $(CORE_DEPTH)/coreconf ;  $(MAKE)
-
-#
-# NSPR has two build systems: autoconf and classic.
-# The build_nspr rule needs to work with both.
-#
-
-ifdef NSPR_AUTOCONF
-
-NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)/config.status
-NSPR_CONFIGURE = $(CORE_DEPTH)/../nsprpub/configure
-
-#
-# Translate coreconf build options to NSPR configure options.
-#
-
-ifdef BUILD_OPT
-NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize
-endif
-ifdef USE_64
-NSPR_CONFIGURE_OPTS += --enable-64bit
-endif
-ifeq ($(OS_TARGET),WIN95)
-NSPR_CONFIGURE_OPTS += --enable-win32-target=WIN95
-endif
-ifdef USE_DEBUG_RTL
-NSPR_CONFIGURE_OPTS += --enable-debug-rtl
-endif
-
-#
-# Some pwd commands on Windows (for example, the pwd
-# command in Cygwin) return a pathname that begins
-# with a (forward) slash.  When such a pathname is
-# passed to Windows build tools (for example, cl), it
-# is mistaken as a command-line option.  If that is the case,
-# we use a relative pathname as NSPR's prefix on Windows.
-#
-
-USEABSPATH="YES"
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-ifeq (,$(findstring :,$(shell pwd)))
-USEABSPATH="NO"
-endif
-endif
-ifeq ($(USEABSPATH),"YES")
-NSPR_PREFIX = $(shell pwd)/../../dist/$(OBJDIR_NAME)
-else
-NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME)
-endif
-
-$(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE)
-	$(NSINSTALL) -D $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)
-	cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; \
-	sh ../configure \
-	$(NSPR_CONFIGURE_OPTS) \
-	--with-dist-prefix='$(NSPR_PREFIX)' \
-	--with-dist-includedir='$(NSPR_PREFIX)/include'
-
-build_nspr: $(NSPR_CONFIG_STATUS)
-	cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-else  # NSPR classic build system
-
-build_nspr:
-	cd $(CORE_DEPTH)/../nsprpub ; $(MAKE) OBJDIR_NAME=${OBJDIR_NAME} 
-
-endif  # NSPR_AUTOCONF
-
-build_dbm:
-	cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
-
-	
-
-moz_import::
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-	$(NSINSTALL) -D $(DIST)/include/nspr
-	cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr
-	cp $(DIST)/../include/* $(DIST)/include
-ifdef BUILD_OPT
-	cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib
-else
-	cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib
-endif
-	mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib
-else
-ifeq ($(OS_TARGET),OS2)
-	cp -rf $(DIST)/../include $(DIST)
-	cp -rf $(DIST)/../lib $(DIST)
-	cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-else
-	$(NSINSTALL) -L ../../dist include $(DIST)
-	$(NSINSTALL) -L ../../dist lib $(DIST)
-	cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-endif
-endif
-
-nss_RelEng_bld: build_coreconf import all
diff --git a/security/nss/cmd/.cvsignore b/security/nss/cmd/.cvsignore
deleted file mode 100644
index 6329db22e..000000000
--- a/security/nss/cmd/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-.gdbinit
diff --git a/security/nss/cmd/Makefile b/security/nss/cmd/Makefile
deleted file mode 100644
index 5e716b9b3..000000000
--- a/security/nss/cmd/Makefile
+++ /dev/null
@@ -1,182 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-# These sources were once in this directory, but now are gone.
-MISSING_SOURCES = \
-	addcert.c \
-	berparse.c \
-	cert.c	\
-	key.c	\
-	key_rand.c \
-	keygen.c \
-	sec_fe.c \
-	sec_read.c \
-	secarb.c \
-	secutil.c \
-	$(NULL)
-
-# we don't build these any more, but the sources are still here
-OBSOLETE = \
-	berdec.c \
-	berdump.c \
-	cypher.c \
-	dumpcert.c \
-	listcerts.c \
-	mkdongle.c \
-	p12exprt.c \
-	p12imprt.c \
-	rc4.c \
-	sign.c \
-	unwrap.c \
-	vector.c \
-	verify.c \
-	wrap.c \
-	$(NULL)
-
-# the base files for the executables
-# hey -- keep these alphabetical, please
-EXEC_SRCS = \
-	$(NULL)
-
-# files that generate two separate objects and executables
-# BI_SRCS	= \
-# 	keyutil.c \
-# 	p7env.c \
-# 	tstclnt.c \
-# 	$(NULL)
-
-#	-I$(CORE_DEPTH)/security/lib/cert \
-#	-I$(CORE_DEPTH)/security/lib/key \
-#	-I$(CORE_DEPTH)/security/lib/util  \
-
-INCLUDES += \
-	-I$(DIST)/../public/security \
-	-I./include \
-	$(NULL)
-
-TBD_DIRS = rsh rshd rdist ssld
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
-	$(DIST)/lib/libdbm.$(LIB_SUFFIX) \
-	$(DIST)/lib/libxp.$(LIB_SUFFIX) \
-	$(DIST)/lib/libnspr.$(LIB_SUFFIX) \
-	$(NULL)
-
-#	$(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
-	$(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
-        $(DIST)/lib/libssl.$(LIB_SUFFIX) \
-        $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcert.$(LIB_SUFFIX) \
-        $(DIST)/lib/libkey.$(LIB_SUFFIX) \
-	$(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
-        $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
-        $(DIST)/lib/libssl.$(LIB_SUFFIX) \
-        $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcert.$(LIB_SUFFIX) \
-        $(DIST)/lib/libkey.$(LIB_SUFFIX) \
-	$(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
-        $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
-        $(DIST)/lib/libhash.$(LIB_SUFFIX) \
-	$(NULL)
-
-MYLIB	= lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS	= $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS	= $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) 
-
-REQUIRES = libxp nspr security
-
-CSRCS	= $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS	= $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS		= $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS 	= $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS	= $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-
-ifneq ($(OS_TARGET),OS2)
-$(OBJDIR)/%-us.o: %.c
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $@ $(US_FLAGS) -c $*.c
-
-$(OBJDIR)/%-ex.o: %.c
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(OBJDIR)/%.o: %.c
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(US_PROGS):$(OBJDIR)/%-us: $(OBJDIR)/%-us.o $(US_LIBS)
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $@ $(OBJDIR)/$*-us.o $(LDFLAGS) $(US_LIBS) $(OS_LIBS)
-
-$(EX_PROGS):$(OBJDIR)/%-ex: $(OBJDIR)/%-ex.o $(EX_LIBS)
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $@ $(OBJDIR)/$*-ex.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-$(PROGS):$(OBJDIR)/%: $(OBJDIR)/%.o $(EX_LIBS)
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $@ $@.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-#install:: $(TARGETS)
-#	$(INSTALL) $(TARGETS) $(DIST)/bin
-endif
-
-symbols::
-	@echo "TARGETS	= $(TARGETS)"
diff --git a/security/nss/cmd/SSLsample/Makefile b/security/nss/cmd/SSLsample/Makefile
deleted file mode 100644
index cf741f387..000000000
--- a/security/nss/cmd/SSLsample/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# do these once for each target program
-all default export libs program install release_export::
-	$(MAKE) -f make.client $@
-	$(MAKE) -f make.server $@
-
-# only do these things once for the whole directory
-depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show::
-	$(MAKE) -f make.client $@
-
-
diff --git a/security/nss/cmd/SSLsample/Makefile.NSS b/security/nss/cmd/SSLsample/Makefile.NSS
deleted file mode 100644
index 0a3545f4f..000000000
--- a/security/nss/cmd/SSLsample/Makefile.NSS
+++ /dev/null
@@ -1,58 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ARCH := $(shell uname)
-
-ifeq ($(ARCH), SunOS)
-	DEFINES  = -KPIC -DSVR4 -DSOLARIS -DSYSV -D__svr4 -D__svr4__ \
- -D_REENTRANT -DSOLARIS2_5 -D_SVID_GETTOD -DXP_UNIX -UDEBUG -DNDEBUG \
- -DXP_UNIX
-	INCPATH  = -I. -I../include/dbm -I../include/nspr -I../include/security
-	LIBPATH  = -L../lib
-	LIBS     = -lnss -lssl -lpkcs7 -lpkcs12 -lsecmod -lcert -lkey \
- -lcrypto -lsecutil -lhash -ldbm -lplc4 -lplds4 -lnspr4 -lsocket -lnsl
-	CFLAGS   = -g
-	CC       = cc
-endif # SunOS
-
-# The rules to build the sample apps appear below.
-
-server:
-	$(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS)
-
-client:
-	$(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS)
-
-clean:
-	rm -fr server client server.o client.o
-
diff --git a/security/nss/cmd/SSLsample/NSPRerrs.h b/security/nss/cmd/SSLsample/NSPRerrs.h
deleted file mode 100644
index bacdef6b2..000000000
--- a/security/nss/cmd/SSLsample/NSPRerrs.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, 	"Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, 	"Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, 	"The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, 	"Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, 	"Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, 	"Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, 		"Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, 	"function not implemented." )
-ER2( PR_IO_ERROR, 		"I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, 	"I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, 	"I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, 	"The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, 	"Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, 	"Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, 	"Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, 	"Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, 	"Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, 	"Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, 	"Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, 	"Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR, 	
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR, 	
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR, 		
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR, 	
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR, 	
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR, 
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR, 
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, 	"Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR, 	
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, 	"TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, 		"Unused." )
-ER2( PR_DEADLOCK_ERROR, 	"The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, 	"The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR, 	
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, 	"The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, 		"Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, 	"Unused." )
-ER2( PR_IS_DIRECTORY_ERROR, 	
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, 		"Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, 	"File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, 	"File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR, 	
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR, 
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR, 
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR, 
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR, 	
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR, 
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR, 	
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR, 
-"Directory is full.  No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR, 
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, 	"No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, 	"Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, 	"Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, 	"The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, 	"The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, 	"Object state improper for request." )
-#endif
-
-ER2( PR_MAX_ERROR, 		"Placeholder for the end of the list" )
diff --git a/security/nss/cmd/SSLsample/README b/security/nss/cmd/SSLsample/README
deleted file mode 100644
index 2c4c09110..000000000
--- a/security/nss/cmd/SSLsample/README
+++ /dev/null
@@ -1,43 +0,0 @@
-These sample programs can be built in either of two ways:
-1) is the NSS source tree, using the coreconf build system, and 
-2) stand alone (as part of the NSS distribution).
-
-The following makefiles are used only when building in the NSS source tree
-using coreconf.  These are NOT part of the distribution.
-
-Makefile
-client.mn
-server.mn
-config.mk
-make.client
-make.server
-
-The following makefiles are used only when building in the NSS distribution.
-These files are part of the distribution.
-
-Makefile.NSS
-nmakefile95.nss
-nmakefilent.nss
-
-
-The following source files are common to both build environments and are
-part of the distribution.
-
-NSPRerrs.h
-SECerrs.h
-SSLerrs.h
-client.c
-getopt.c
-server.c
-sslerror.h
-
-In the NSS 2.0 distribution, the sample code and makefiles are in a 
-directory named "samples".  The directories relevant to building 
-in the distributed tree are:
-
-./samples
-./include/dbm
-./include/nspr
-./include/security
-./lib
-
diff --git a/security/nss/cmd/SSLsample/SECerrs.h b/security/nss/cmd/SSLsample/SECerrs.h
deleted file mode 100644
index 2059df6a2..000000000
--- a/security/nss/cmd/SSLsample/SECerrs.h
+++ /dev/null
@@ -1,441 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* General security error codes  */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO,				SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE,			SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA,				SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN,			SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN,			SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS,			SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM,		SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA,			SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME,			SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER,				SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE,			SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE,		SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE,		SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER,			SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY,				SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD,			SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD,			SEC_ERROR_BASE + 16,
-"New password entered incorrectly.  Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK,			SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE,			SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY,			SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER,			SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT,			SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT,			(SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME,		(SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT,			(SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY,			(SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY,				(SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID,			(SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID,			(SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE,			(SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE,	(SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired.  Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED,			(SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired.  Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE,		(SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID,			(SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID,		(SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND,		(SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID,			(SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-   
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID,	(SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID,		(SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY,				(SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY,			(SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION,	(SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL,				(SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT,			(SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY,		(SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT,			(SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH,		(SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE,		(SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG,		(SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED,		(SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD,			(SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized.  \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD,			(SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED,		(SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO,			(SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND,		(SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO,		(SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN,			(SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR,		(SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL,				(SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED,			(SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE,		(SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY,			(SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID,			(SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM,			(SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE,			(SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN,				(SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY,			(SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED,			(SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION,		(SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION,		(SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED,			(SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED,		(SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR,		(SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR,		(SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR,		(SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM,		(SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES,		(SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES,		(SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX,		(SEC_ERROR_BASE + 78),
-"Unable to import.  Decoding error.  File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC,		(SEC_ERROR_BASE + 79),
-"Unable to import.  Invalid MAC.  Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM,	(SEC_ERROR_BASE + 80),
-"Unable to import.  MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import.  Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE,	(SEC_ERROR_BASE + 82),
-"Unable to import.  File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import.  Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION,	(SEC_ERROR_BASE + 84),
-"Unable to import.  File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import.  Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION,		(SEC_ERROR_BASE + 86),
-"Unable to import.  Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED,			(SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA,		(SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED,		(SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE,		(SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE,		(SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH,		(SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY,	(SEC_ERROR_BASE + 93),
-"Unable to import.  Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN,	(SEC_ERROR_BASE + 94),
-"Unable to import.  Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export.  Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY,	(SEC_ERROR_BASE + 96),
-"Unable to export.  Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, 		(SEC_ERROR_BASE + 97),
-"Unable to export.  Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ,		(SEC_ERROR_BASE + 98),
-"Unable to import.  Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export.  Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL,			(SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD,			(SEC_ERROR_BASE + 101),
-"Password entered is invalid.  Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD,		(SEC_ERROR_BASE + 102),
-"Old password entered incorrectly.  Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME,			(SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER,       	(SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-/* ER3(SEC_ERROR_UNKNOWN, 			(SEC_ERROR_BASE + 105), */
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, 		(SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, 			(SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, 		(SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, 		(SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL,	     			(SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
- 
-ER3(SEC_ERROR_CKL_CONFLICT,	     		(SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL.  Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, 		(SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID,		(SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID,		(SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT,			(SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER,			(SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION,		(SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE,	(SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE,		(SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST,		(SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR,		(SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER,		(SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG,		(SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST,	(SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS,	(SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT,		(SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED,			(SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER,	(SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE,		(SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE,	(SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE,		(SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE,		(SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
diff --git a/security/nss/cmd/SSLsample/SSLerrs.h b/security/nss/cmd/SSLsample/SSLerrs.h
deleted file mode 100644
index 06803b849..000000000
--- a/security/nss/cmd/SSLsample/SSLerrs.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* SSL-specific security error codes  */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER,			SSL_ERROR_BASE + 0,
-"Unable to communicate securely.  Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER,				SSL_ERROR_BASE + 1,
-"Unable to communicate securely.  Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP,			SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE,				SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE,				SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused						(SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT,				SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER,				SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,		SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION,			SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused						(SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE,			SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN,				SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING				(SSL_ERROR_BASE + 13),
-   defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED,				(SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ,				(SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT,				(SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT,				(SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT,			(SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT,			(SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED,				(SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG,				(SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE          , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED          , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING             , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG            , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG            , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST    , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO     , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO     , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE      , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH  , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST     , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE       , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY      , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH  , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED         , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER    , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT            , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE        , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST   , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO    , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO    , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE     , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST    , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE      , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY     , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED        , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER   , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT           , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE       , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE        , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE          , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT              , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong.  (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT            , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT    , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT   , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT       , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT       , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT        , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT     , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE       , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE           , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE    , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE   , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE   , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE            , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE            , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE          , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE            , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE            , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE       , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE       , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE        , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED   , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE              , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE     , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE       , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG         , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL       , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND          , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP        , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED       , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE      , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH             , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA	, (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND		, (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT     , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT       , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT            , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT         , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT          , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT         , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT    , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT      , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT        , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT         , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT      , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c
deleted file mode 100644
index 0953faeae..000000000
--- a/security/nss/cmd/SSLsample/client.c
+++ /dev/null
@@ -1,451 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- *  SSL client program that sets up a connection to SSL server, transmits   *
- *  some data and then reads the reply                                      *
- ****************************************************************************/ 
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-
-#include "sslsample.h"
-
-#define RD_BUF_SIZE (60 * 1024)
-
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-GlobalThreadMgr threadMGR;
-char *certNickname = NULL;
-char *hostName = NULL;
-char *password = NULL;
-unsigned short port = 0;
-
-static void
-Usage(const char *progName)
-{
-	fprintf(stderr, 
-	  "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
-	  "          [-w dbpasswd] [-C cipher(s)] hostname\n",
-	progName);
-	exit(1);
-}
-
-PRFileDesc *
-setupSSLSocket(PRNetAddr *addr)
-{
-	PRFileDesc         *tcpSocket;
-	PRFileDesc         *sslSocket;
-	PRSocketOptionData	socketOption;
-	PRStatus            prStatus;
-	SECStatus           secStatus;
-
-#if 0
-retry:
-#endif
-
-	tcpSocket = PR_NewTCPSocket();
-	if (tcpSocket == NULL) {
-		errWarn("PR_NewTCPSocket");
-	}
-
-	/* Make the socket blocking. */
-	socketOption.option	            = PR_SockOpt_Nonblocking;
-	socketOption.value.non_blocking = PR_FALSE;
-
-	prStatus = PR_SetSocketOption(tcpSocket, &socketOption);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_SetSocketOption");
-		goto loser;
-	} 
-
-#if 0
-	/* Verify that a connection can be made to the socket. */
-	prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT);
-	if (prStatus != PR_SUCCESS) {
-		PRErrorCode err = PR_GetError();
-		if (err == PR_CONNECT_REFUSED_ERROR) {
-			PR_Close(tcpSocket);
-			PR_Sleep(PR_MillisecondsToInterval(10));
-			fprintf(stderr, "Connection to port refused, retrying.\n");
-			goto retry;
-		}
-		errWarn("PR_Connect");
-		goto loser;
-	}
-#endif
-
-	/* Import the socket into the SSL layer. */
-	sslSocket = SSL_ImportFD(NULL, tcpSocket);
-	if (!sslSocket) {
-		errWarn("SSL_ImportFD");
-		goto loser;
-	}
-
-	/* Set configuration options. */
-	secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_SECURITY");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT");
-		goto loser;
-	}
-
-	/* Set SSL callback routines. */
-	secStatus = SSL_GetClientAuthDataHook(sslSocket,
-	                          (SSLGetClientAuthData)myGetClientAuthData,
-	                          (void *)certNickname);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_GetClientAuthDataHook");
-		goto loser;
-	}
-
-	secStatus = SSL_AuthCertificateHook(sslSocket,
-	                                   (SSLAuthCertificate)myAuthCertificate,
-                                       (void *)CERT_GetDefaultCertDB());
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_AuthCertificateHook");
-		goto loser;
-	}
-
-	secStatus = SSL_BadCertHook(sslSocket, 
-	                           (SSLBadCertHandler)myBadCertHandler, NULL);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_BadCertHook");
-		goto loser;
-	}
-
-	secStatus = SSL_HandshakeCallback(sslSocket, 
-	                                 (SSLHandshakeCallback)myHandshakeCallback,
-	                                 NULL);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_HandshakeCallback");
-		goto loser;
-	}
-
-	return sslSocket;
-
-loser:
-
-	PR_Close(tcpSocket);
-	return NULL;
-}
-
-
-const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection(PRFileDesc *sslSocket, int connection)
-{
-	int	     countRead = 0;
-	PRInt32  numBytes;
-	char    *readBuffer;
-
-	readBuffer = PORT_Alloc(RD_BUF_SIZE);
-	if (!readBuffer) {
-		exitErr("PORT_Alloc");
-	}
-
-	/* compose the http request here. */
-
-	numBytes = PR_Write(sslSocket, requestString, strlen(requestString));
-	if (numBytes <= 0) {
-		errWarn("PR_Write");
-		PR_Free(readBuffer);
-		readBuffer = NULL;
-		return SECFailure;
-	}
-
-	/* read until EOF */
-	while (PR_TRUE) {
-		numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE);
-		if (numBytes == 0) {
-			break;	/* EOF */
-		}
-		if (numBytes < 0) {
-			errWarn("PR_Read");
-			break;
-		}
-		countRead += numBytes;
-		fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n", 
-			connection, numBytes, countRead );
-		readBuffer[numBytes] = '\0';
-		fprintf(stderr, "************\n%s\n************\n", readBuffer);
-	}
-
-	printSecurityInfo(sslSocket);
-	
-	PR_Free(readBuffer);
-	readBuffer = NULL;
-
-	/* Caller closes the socket. */
-
-	fprintf(stderr, 
-	        "***** Connection %d read %d bytes total.\n", 
-	        connection, countRead);
-
-	return SECSuccess;	/* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-SECStatus
-do_connects(void *a, int connection)
-{
-	PRNetAddr  *addr = (PRNetAddr *)a;
-	PRFileDesc *sslSocket;
-	PRHostEnt   hostEntry;
-	char        buffer[PR_NETDB_BUF_SIZE];
-	PRStatus    prStatus;
-	PRIntn      hostenum;
-	SECStatus   secStatus;
-
-	/* Set up SSL secure socket. */
-	sslSocket = setupSSLSocket(addr);
-	if (sslSocket == NULL) {
-		errWarn("setupSSLSocket");
-		return SECFailure;
-	}
-
-	secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_SetPKCS11PinArg");
-		return secStatus;
-	}
-
-	secStatus = SSL_SetURL(sslSocket, hostName);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_SetURL");
-		return secStatus;
-	}
-
-	/* Prepare and setup network connection. */
-	prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_GetHostByName");
-		return SECFailure;
-	}
-
-	hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr);
-	if (hostenum == -1) {
-		errWarn("PR_EnumerateHostEnt");
-		return SECFailure;
-	}
-
-	prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_Connect");
-		return SECFailure;
-	}
-
-	/* Established SSL connection, ready to send data. */
-#if 0
-	secStatus = SSL_ForceHandshake(sslSocket);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ForceHandshake");
-		return secStatus;
-	}
-#endif
-
-	secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ResetHandshake");
-		prStatus = PR_Close(sslSocket);
-		if (prStatus != PR_SUCCESS) {
-			errWarn("PR_Close");
-		}
-		return secStatus;
-	}
-
-	secStatus = handle_connection(sslSocket, connection);
-	if (secStatus != SECSuccess) {
-		errWarn("handle_connection");
-		return secStatus;
-	}
-
-	PR_Close(sslSocket);
-	return SECSuccess;
-}
-
-void
-client_main(unsigned short      port, 
-            int	                connections, 
-            const char *        hostName)
-{
-	int			i;
-	SECStatus	secStatus;
-	PRStatus    prStatus;
-	PRInt32     rv;
-	PRNetAddr	addr;
-	PRHostEnt   hostEntry;
-	char        buffer[256];
-
-	/* Setup network connection. */
-	prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_GetHostByName");
-	}
-
-	rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr);
-	if (rv < 0) {
-		exitErr("PR_EnumerateHostEnt");
-	}
-
-	secStatus = launch_thread(&threadMGR, do_connects, &addr, 1);
-	if (secStatus != SECSuccess) {
-		exitErr("launch_thread");
-	}
-
-	if (connections > 1) {
-		/* wait for the first connection to terminate, then launch the rest. */
-		reap_threads(&threadMGR);
-		/* Start up the connections */
-		for (i = 2; i <= connections; ++i) {
-			secStatus = launch_thread(&threadMGR, do_connects, &addr, i);
-			if (secStatus != SECSuccess) {
-				errWarn("launch_thread");
-			}
-		}
-	}
-
-	reap_threads(&threadMGR);
-	destroy_thread_data(&threadMGR);
-}
-
-int
-main(int argc, char **argv)
-{
-	char *               certDir      = ".";
-	char *               progName     = NULL;
-	int					 connections  = 1;
-	char *               cipherString = NULL;
-	SECStatus            secStatus;
-	PLOptState *         optstate;
-	PLOptStatus          status;
-
-	/* Call the NSPR initialization routines */
-	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-	progName = PL_strdup(argv[0]);
-
-	hostName = NULL;
-	optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:");
-	while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-		switch(optstate->option) {
-		case 'C' : cipherString = PL_strdup(optstate->value); break;
-		case 'c' : connections = PORT_Atoi(optstate->value);  break;
-		case 'd' : certDir = PL_strdup(optstate->value);      break;
-		case 'n' : certNickname = PL_strdup(optstate->value); break;
-		case 'p' : port = PORT_Atoi(optstate->value);         break;
-		case 'w' : password = PL_strdup(optstate->value);     break;
-		case '\0': hostName = PL_strdup(optstate->value);     break;
-		default  : Usage(progName);
-		}
-	}
-
-	if (port == 0 || hostName == NULL)
-		Usage(progName);
-
-	if (certDir == NULL) {
-		certDir = PR_smprintf("%s/.netscape", getenv("HOME"));
-	}
-
-	/* Set our password function callback. */
-	PK11_SetPasswordFunc(myPasswd);
-
-	/* Initialize the NSS libraries. */
-	secStatus = NSS_Init(certDir);
-	if (secStatus != SECSuccess) {
-		exitErr("NSS_Init");
-	}
-
-	/* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */
-	NSS_SetDomesticPolicy();
-	SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-
-	/* all the SSL2 and SSL3 cipher suites are enabled by default. */
-	if (cipherString) {
-	    int ndx;
-
-	    /* disable all the ciphers, then enable the ones we want. */
-	    disableAllSSLCiphers();
-
-	    while (0 != (ndx = *cipherString++)) {
-		int *cptr;
-		int  cipher;
-
-		if (! isalpha(ndx))
-		    Usage(progName);
-		cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-		for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
-		    /* do nothing */;
-		if (cipher) {
-		    SSL_CipherPrefSetDefault(cipher, PR_TRUE);
-		}
-	    }
-	}
-
-	client_main(port, connections, hostName);
-
-	NSS_Shutdown();
-	PR_Cleanup();
-	return 0;
-}
-
diff --git a/security/nss/cmd/SSLsample/client.mn b/security/nss/cmd/SSLsample/client.mn
deleted file mode 100644
index 74930c5e5..000000000
--- a/security/nss/cmd/SSLsample/client.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS = 
-
-CSRCS =  client.c \
-	sslsample.c \
-	$(NULL)
-
-PROGRAM = client
-
-REQUIRES = dbm 
-
-IMPORTS = security/lib/nss
-
-DEFINES = -DNSPR20 
-
diff --git a/security/nss/cmd/SSLsample/gencerts b/security/nss/cmd/SSLsample/gencerts
deleted file mode 100755
index 80be66a43..000000000
--- a/security/nss/cmd/SSLsample/gencerts
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-# Script to generate sample db files neccessary for SSL.
-
-# Directory for db's, use in all subsequent -d flags.
-rm -rf SampleCertDBs
-mkdir SampleCertDBs
-
-# Password to use.
-echo sample > passfile
-
-# Generate the db files, using the above password.
-certutil -N -d SampleCertDBs -f passfile
-
-# Generate the CA cert.  This cert is self-signed and only useful for
-# test purposes.  Set the trust bits to allow it to sign SSL client/server
-# certs.
-certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \
-            -s "CN=My Sample Root CA, O=My Organization" \
-            -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \
-            -d SampleCertDBs -f passfile
-
-# Generate the server cert.  This cert is signed by the CA cert generated
-# above.  The CN must be hostname.domain.[com|org|net|...].
-certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \
-            -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \
-            -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \
-            -d SampleCertDBs -f passfile
-
-# Generate the client cert.  This cert is signed by the CA cert generated
-# above.
-certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \
-            -s "CN=My Client Cert, O=Client Organization" \
-            -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \
-            -d SampleCertDBs -f passfile
-
-# Verify the certificates.
-certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs
-certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs
-
-# Remove unneccessary files.
-rm -f passfile
-rm -f tempcert*
-
-# You are now ready to run your client/server!  Example command lines:
-# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R
-# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com
diff --git a/security/nss/cmd/SSLsample/make.client b/security/nss/cmd/SSLsample/make.client
deleted file mode 100644
index 3dd7705e3..000000000
--- a/security/nss/cmd/SSLsample/make.client
+++ /dev/null
@@ -1,78 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include client.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-#CC = cc 
-
-
diff --git a/security/nss/cmd/SSLsample/make.server b/security/nss/cmd/SSLsample/make.server
deleted file mode 100644
index 7969df798..000000000
--- a/security/nss/cmd/SSLsample/make.server
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include server.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/SSLsample/nmakefile95.nss b/security/nss/cmd/SSLsample/nmakefile95.nss
deleted file mode 100755
index 5684478cd..000000000
--- a/security/nss/cmd/SSLsample/nmakefile95.nss
+++ /dev/null
@@ -1,60 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# NSS 2.6.2 Sample Win95 Makefile
-#
-#
-# This nmake file will build server.c and client.c on Windows 95.
-#
-
-DEFINES=-D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS
-
-INCPATH=/I. /I..\include\dbm /I..\include\nspr /I..\include\security
-
-LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib
-
-CFLAGS=-O2 -MD -W3 -nologo
-
-CC=cl
-
-LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console
-
-server:
-	$(CC) $(CFLAGS) $(INCPATH) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS)
-
-client:
-	$(CC) $(CFLAGS) $(INCPATH) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS)
-
-clean:
-	del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj
-
diff --git a/security/nss/cmd/SSLsample/nmakefilent.nss b/security/nss/cmd/SSLsample/nmakefilent.nss
deleted file mode 100755
index 9d2d1ccc4..000000000
--- a/security/nss/cmd/SSLsample/nmakefilent.nss
+++ /dev/null
@@ -1,59 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# NSS 2.6.2 Sample NT Makefile
-#
-#
-# This nmake file will build server.c and client.c on Windows NT 4 SP3.
-#
-
-DEFINES=-D_X86_ -GT -DWINNT -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS
-INCPATH=-I. -I..\include\dbm -I..\include\nspr -I..\include\security
-
-LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib
-
-CFLAGS=-O2 -MD -W3 -nologo
-
-CC=cl
-
-LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console
-
-server:
-	$(CC) $(CFLAGS) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS)
-
-client:
-	$(CC) $(CFLAGS) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS)
-
-clean:
-	del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj
-
diff --git a/security/nss/cmd/SSLsample/server.c b/security/nss/cmd/SSLsample/server.c
deleted file mode 100644
index 83d80fb45..000000000
--- a/security/nss/cmd/SSLsample/server.c
+++ /dev/null
@@ -1,820 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- *  SSL server program listens on a port, accepts client connection, reads  *
- *  request and responds to it                                              *
- ****************************************************************************/
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-#include "sslsample.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#define REQUEST_CERT_ONCE 1
-#define REQUIRE_CERT_ONCE 2
-#define REQUEST_CERT_ALL  3
-#define REQUIRE_CERT_ALL  4
-
-/* Global variables */
-GlobalThreadMgr   threadMGR;
-char             *password = NULL;
-CERTCertificate  *cert = NULL;
-SECKEYPrivateKey *privKey = NULL;
-int               stopping;
-
-static void
-Usage(const char *progName)
-{
-	fprintf(stderr, 
-
-"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n"
-"					[-c ciphers] [-d dbdir] \n"
-"-3 means disable SSL v3\n"
-"-r means request certificate on first handshake.\n"
-"-f means require certificate on first handshake.\n"
-"-R means request certificate on all handshakes.\n"
-"-F means require certificate on all handshakes.\n"
-"-c ciphers   Letter(s) chosen from the following list\n"
-"A	  SSL2 RC4 128 WITH MD5\n"
-"B	  SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C	  SSL2 RC2 128 CBC WITH MD5\n"
-"D	  SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E	  SSL2 DES 64 CBC WITH MD5\n"
-"F	  SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a	  SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b	  SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c	  SSL3 RSA WITH RC4 128 MD5\n"
-"d	  SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e	  SSL3 RSA WITH DES CBC SHA\n"
-"f	  SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g	  SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h	  SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i	  SSL3 RSA WITH NULL MD5\n"
-"j	  SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k	  SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l	  SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m	  SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n",
-	progName);
-	exit(1);
-}
-
-/* Function:  readDataFromSocket()
- *
- * Purpose:  Parse an HTTP request by reading data from a GET or POST.
- *
- */
-SECStatus
-readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName)
-{
-	char  *post;
-	int    numBytes = 0;
-	int    newln    = 0;  /* # of consecutive newlns */
-
-	/* Read data while it comes in from the socket. */
-	while (PR_TRUE) {
-		buffer->index = 0;
-		newln = 0;
-
-		/* Read the buffer. */
-		numBytes = PR_Read(sslSocket, &buffer->data[buffer->index], 
-		                   buffer->remaining);
-		if (numBytes <= 0) {
-			errWarn("PR_Read");
-			return SECFailure;
-		}
-		buffer->dataEnd = buffer->dataStart + numBytes;
-
-		/* Parse the input, starting at the beginning of the buffer.
-		 * Stop when we detect two consecutive \n's (or \r\n's) 
-		 * as this signifies the end of the GET or POST portion.
-		 * The posted data follows.
-		 */
-		while (buffer->index < buffer->dataEnd && newln < 2) {
-			int octet = buffer->data[buffer->index++];
-			if (octet == '\n') {
-				newln++;
-			} else if (octet != '\r') {
-				newln = 0;
-			}
-		}
-
-		/* Came to the end of the buffer, or second newline.
-		 * If we didn't get an empty line ("\r\n\r\n"), then keep on reading.
-		 */
-		if (newln < 2) 
-			continue;
-
-		/* we're at the end of the HTTP request.
-		 * If the request is a POST, then there will be one more
-		 * line of data.
-		 * This parsing is a hack, but ok for SSL test purposes.
-		 */
-		post = PORT_Strstr(buffer->data, "POST ");
-		if (!post || *post != 'P') 
-			break;
-
-		/* It's a post, so look for the next and final CR/LF. */
-		/* We should parse content length here, but ... */
-		while (buffer->index < buffer->dataEnd && newln < 3) {
-			int octet = buffer->data[buffer->index++];
-			if (octet == '\n') {
-				newln++;
-			}
-		}
-
-		if (newln == 3)
-			break;
-	}
-
-	/* Have either (a) a complete get, (b) a complete post, (c) EOF */
-
-	/*  Execute a "GET " operation. */
-	if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) {
-		int fnLength;
-
-		/* File name is the part after "GET ". */
-		fnLength = strcspn(buffer->data + 5, " \r\n");
-		*fileName = (char *)PORT_Alloc(fnLength + 1);
-		PORT_Strncpy(*fileName, buffer->data + 5, fnLength);
-		(*fileName)[fnLength] = '\0';
-	}
-
-	return SECSuccess;
-}
-
-/* Function:  authenticateSocket()
- *
- * Purpose:  Configure a socket for SSL.
- *
- *
- */
-PRFileDesc * 
-setupSSLSocket(PRFileDesc *tcpSocket, int requestCert)
-{
-	PRFileDesc *sslSocket;
-	SSLKEAType  certKEA;
-	int         certErr = 0;
-	SECStatus   secStatus;
-
-	/* Set the appropriate flags. */
-
-	sslSocket = SSL_ImportFD(NULL, tcpSocket);
-	if (sslSocket == NULL) {
-		errWarn("SSL_ImportFD");
-		goto loser;
-	}
-   
-	secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet SSL_SECURITY");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, 
-	                       (requestCert >= REQUEST_CERT_ONCE));
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
-		goto loser;
-	}
-
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, 
-	                       (requestCert == REQUIRE_CERT_ONCE));
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
-		goto loser;
-	}
-
-	/* Set the appropriate callback routines. */
-
-	secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate, 
-	                                    CERT_GetDefaultCertDB());
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_AuthCertificateHook");
-		goto loser;
-	}
-
-	secStatus = SSL_BadCertHook(sslSocket, 
-	                            (SSLBadCertHandler)myBadCertHandler, &certErr);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_BadCertHook");
-		goto loser;
-	}
-
-	secStatus = SSL_HandshakeCallback(sslSocket,
-	                                 (SSLHandshakeCallback)myHandshakeCallback,
-									  NULL);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_HandshakeCallback");
-		goto loser;
-	}
-
-	secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_HandshakeCallback");
-		goto loser;
-	}
-
-	certKEA = NSS_FindCertKEAType(cert);
-
-	secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ConfigSecureServer");
-		goto loser;
-	}
-
-	return sslSocket;
-
-loser:
-
-	PR_Close(tcpSocket);
-	return NULL;
-}
-
-/* Function:  authenticateSocket()
- *
- * Purpose:  Perform client authentication on the socket.
- *
- */
-SECStatus
-authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert)
-{
-	CERTCertificate *cert;
-	SECStatus secStatus;
-
-	/* Returns NULL if client authentication is not enabled or if the
-	 * client had no certificate. */
-	cert = SSL_PeerCertificate(sslSocket);
-	if (cert) {
-		/* Client had a certificate, so authentication is through. */
-		CERT_DestroyCertificate(cert);
-		return SECSuccess;
-	}
-
-	/* Request client to authenticate itself. */
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
-		return SECFailure;
-	}
-
-	/* If desired, require client to authenticate itself.  Note
-	 * SSL_REQUEST_CERTIFICATE must also be on, as above.  */
-	secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
-		return SECFailure;
-	}
-
-	/* Having changed socket configuration parameters, redo handshake. */
-	secStatus = SSL_ReHandshake(sslSocket, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ReHandshake");
-		return SECFailure;
-	}
-
-	/* Force the handshake to complete before moving on. */
-	secStatus = SSL_ForceHandshake(sslSocket);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ForceHandshake");
-		return SECFailure;
-	}
-
-	return SECSuccess;
-}
-
-/* Function:  writeDataToSocket
- *
- * Purpose:  Write the client's request back to the socket.  If the client
- *           requested a file, dump it to the socket.
- *
- */
-SECStatus
-writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName)
-{
-	int headerLength;
-	int numBytes;
-	char messageBuffer[120];
-	PRFileDesc *local_file_fd = NULL;
-	char header[] = "<html><body><h1>Sample SSL server</h1><br><br>";
-	char filehd[] = "<h2>The file you requested:</h2><br>";
-	char reqhd[]  = "<h2>This is your request:</h2><br>";
-	char link[]   = "Try getting a <a HREF=\"../testfile\">file</a><br>";
-	char footer[] = "<br><h2>End of request.</h2><br></body></html>";
-
-	headerLength = PORT_Strlen(defaultHeader);
-
-	/* Write a header to the socket. */
-	numBytes = PR_Write(sslSocket, header, PORT_Strlen(header));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	if (fileName) {
-		PRFileInfo  info;
-		PRStatus    prStatus;
-
-		/* Try to open the local file named.	
-		 * If successful, then write it to the client.
-		 */
-		prStatus = PR_GetFileInfo(fileName, &info);
-		if (prStatus != PR_SUCCESS ||
-		    info.type != PR_FILE_FILE ||
-		    info.size < 0) {
-			PORT_Free(fileName);
-			/* Maybe a GET not sent from client.c? */
-			goto writerequest;
-		}
-
-		local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
-		if (local_file_fd == NULL) {
-			PORT_Free(fileName);
-			goto writerequest;
-		}
-
-		/* Write a header to the socket. */
-		numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd));
-		if (numBytes < 0) {
-			errWarn("PR_Write");
-			goto loser;
-		}
-
-		/* Transmit the local file prepended by the default header
-		 * across the socket.
-		 */
-		numBytes = PR_TransmitFile(sslSocket, local_file_fd, 
-		                           defaultHeader, headerLength,
-		                           PR_TRANSMITFILE_KEEP_OPEN,
-		                           PR_INTERVAL_NO_TIMEOUT);
-
-		/* Error in transmission. */
-		if (numBytes < 0) {
-			errWarn("PR_TransmitFile");
-			/*
-			i = PORT_Strlen(errString);
-			PORT_Memcpy(buf, errString, i);
-			*/
-		/* Transmitted bytes successfully. */
-		} else {
-			numBytes -= headerLength;
-			fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n",
-			        numBytes, fileName);
-		}
-
-		PORT_Free(fileName);
-		PR_Close(local_file_fd);
-	}
-
-writerequest:
-
-	/* Write a header to the socket. */
-	numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Write the buffer data to the socket. */
-	if (buffer->index <= 0) {
-		/* Reached the EOF.  Report incomplete transaction to socket. */
-		PORT_Sprintf(messageBuffer,
-		             "GET or POST incomplete after %d bytes.\r\n",
-		             buffer->dataEnd);
-		numBytes = PR_Write(sslSocket, messageBuffer, 
-		                    PORT_Strlen(messageBuffer));
-		if (numBytes < 0) {
-			errWarn("PR_Write");
-			goto loser;
-		}
-	} else {
-		/* Display the buffer data. */
-		fwrite(buffer->data, 1, buffer->index, stdout);
-		/* Write the buffer data to the socket. */
-		numBytes = PR_Write(sslSocket, buffer->data, buffer->index);
-		if (numBytes < 0) {
-			errWarn("PR_Write");
-			goto loser;
-		}
-		/* Display security information for the socket. */
-		printSecurityInfo(sslSocket);
-		/* Write any discarded data out to the socket. */
-		if (buffer->index < buffer->dataEnd) {
-			PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n", 
-			             buffer->dataEnd - buffer->index);
-			numBytes = PR_Write(sslSocket, buffer->data, 
-			                    PORT_Strlen(buffer->data));
-			if (numBytes < 0) {
-				errWarn("PR_Write");
-				goto loser;
-			}
-		}
-	}
-
-	/* Write a footer to the socket. */
-	numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Write a link to the socket. */
-	numBytes = PR_Write(sslSocket, link, PORT_Strlen(link));
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Complete the HTTP transaction. */
-	numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9);
-	if (numBytes < 0) {
-		errWarn("PR_Write");
-		goto loser;
-	}
-
-	/* Do a nice shutdown if asked. */
-	if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
-		stopping = 1;
-	}
-	return SECSuccess;
-
-loser:
-
-	/* Do a nice shutdown if asked. */
-	if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
-		stopping = 1;
-	}
-	return SECFailure;
-}
-
-/* Function:  int handle_connection()
- *
- * Purpose:  Thread to handle a connection to a socket.
- *
- */
-SECStatus
-handle_connection(void *tcp_sock, int requestCert)
-{
-	PRFileDesc *       tcpSocket = (PRFileDesc *)tcp_sock;
-	PRFileDesc *       sslSocket = NULL;
-	SECStatus          secStatus = SECFailure;
-	PRStatus           prStatus;
-	PRSocketOptionData socketOption;
-	DataBuffer         buffer;
-	char *             fileName = NULL;
-
-	/* Initialize the data buffer. */
-	memset(buffer.data, 0, BUFFER_SIZE);
-	buffer.remaining = BUFFER_SIZE;
-	buffer.index = 0;
-	buffer.dataStart = 0;
-	buffer.dataEnd = 0;
-
-	/* Make sure the socket is blocking. */
-	socketOption.option             = PR_SockOpt_Nonblocking;
-	socketOption.value.non_blocking = PR_FALSE;
-	PR_SetSocketOption(tcpSocket, &socketOption);
-
-	sslSocket = setupSSLSocket(tcpSocket, requestCert);
-	if (sslSocket == NULL) {
-		errWarn("setupSSLSocket");
-		goto cleanup;
-	}
-
-	secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE);
-	if (secStatus != SECSuccess) {
-		errWarn("SSL_ResetHandshake");
-		goto cleanup;
-	}
-
-	/* Read data from the socket, parse it for HTTP content.
-	 * If the user is requesting/requiring authentication, authenticate
-	 * the socket.  Then write the result back to the socket.  */
-	fprintf(stdout, "\nReading data from socket...\n\n");
-	secStatus = readDataFromSocket(sslSocket, &buffer, &fileName);
-	if (secStatus != SECSuccess) {
-		goto cleanup;
-	}
-	if (requestCert >= REQUEST_CERT_ALL) {
-		fprintf(stdout, "\nAuthentication requested.\n\n");
-		secStatus = authenticateSocket(sslSocket, 
-		                               (requestCert == REQUIRE_CERT_ALL));
-		if (secStatus != SECSuccess) {
-			goto cleanup;
-		}
-	}
-
-	fprintf(stdout, "\nWriting data to socket...\n\n");
-	secStatus = writeDataToSocket(sslSocket, &buffer, fileName);
-
-cleanup:
-
-	/* Close down the socket. */
-	prStatus = PR_Close(tcpSocket);
-	if (prStatus != PR_SUCCESS) {
-		errWarn("PR_Close");
-	}
-
-	return secStatus;
-}
-
-/* Function:  int accept_connection()
- *
- * Purpose:  Thread to accept a connection to the socket.
- *
- */
-SECStatus
-accept_connection(void *listener, int requestCert)
-{
-	PRFileDesc *listenSocket = (PRFileDesc*)listener;
-	PRNetAddr   addr;
-	PRStatus    prStatus;
-
-	/* XXX need an SSL socket here? */
-	while (!stopping) {
-		PRFileDesc *tcpSocket;
-		SECStatus	result;
-
-		fprintf(stderr, "\n\n\nAbout to call accept.\n");
-
-		/* Accept a connection to the socket. */
-		tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT);
-		if (tcpSocket == NULL) {
-			errWarn("PR_Accept");
-			break;
-		}
-
-		/* Accepted the connection, now handle it. */
-		result = launch_thread(&threadMGR, handle_connection, 
-		                       tcpSocket, requestCert);
-
-		if (result != SECSuccess) {
-			prStatus = PR_Close(tcpSocket);
-			if (prStatus != PR_SUCCESS) {
-				exitErr("PR_Close");
-			}
-			break;
-		}
-	}
-
-	fprintf(stderr, "Closing listen socket.\n");
-
-	prStatus = PR_Close(listenSocket);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_Close");
-	}
-	return SECSuccess;
-}
-
-/* Function:  void server_main()
- *
- * Purpose:  This is the server's main function.  It configures a socket
- *			 and listens to it.
- *
- */
-void
-server_main(
-	unsigned short      port, 
-	int                 requestCert, 
-	SECKEYPrivateKey *  privKey,
-	CERTCertificate *   cert, 
-	PRBool              disableSSL3)
-{
-	SECStatus           secStatus;
-	PRStatus            prStatus;
-	PRFileDesc *        listenSocket;
-	PRNetAddr           addr;
-	PRSocketOptionData  socketOption;
-
-	/* Create a new socket. */
-	listenSocket = PR_NewTCPSocket();
-	if (listenSocket == NULL) {
-		exitErr("PR_NewTCPSocket");
-	}
-
-	/* Set socket to be blocking -
-	 * on some platforms the default is nonblocking.
-	 */
-	socketOption.option = PR_SockOpt_Nonblocking;
-	socketOption.value.non_blocking = PR_FALSE;
-
-	prStatus = PR_SetSocketOption(listenSocket, &socketOption);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_SetSocketOption");
-	}
-
-	/* This cipher is not on by default. The Acceptance test
-	 * would like it to be. Turn this cipher on.
-	 */
-	secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-	if (secStatus != SECSuccess) {
-		exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
-	}
-
-	/* Configure the network connection. */
-	addr.inet.family = PR_AF_INET;
-	addr.inet.ip	 = PR_INADDR_ANY;
-	addr.inet.port	 = PR_htons(port);
-
-	/* Bind the address to the listener socket. */
-	prStatus = PR_Bind(listenSocket, &addr);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_Bind");
-	}
-
-	/* Listen for connection on the socket.  The second argument is
-	 * the maximum size of the queue for pending connections.
-	 */
-	prStatus = PR_Listen(listenSocket, 5);
-	if (prStatus != PR_SUCCESS) {
-		exitErr("PR_Listen");
-	}
-
-	/* Launch thread to handle connections to the socket. */
-	secStatus = launch_thread(&threadMGR, accept_connection, 
-                              listenSocket, requestCert);
-	if (secStatus != SECSuccess) {
-		PR_Close(listenSocket);
-	} else {
-		reap_threads(&threadMGR);
-		destroy_thread_data(&threadMGR);
-	}
-}
-
-/* Function: int main()
- *
- * Purpose:  Parses command arguments and configures SSL server.
- *
- */
-int
-main(int argc, char **argv)
-{
-	char *              progName      = NULL;
-	char *              nickName      = NULL;
-	char *              cipherString  = NULL;
-	char *              dir           = ".";
-	int                 requestCert   = 0;
-	unsigned short      port          = 0;
-	SECStatus           secStatus;
-	PRBool              disableSSL3   = PR_FALSE;
-	PLOptState *        optstate;
-	PLOptStatus         status;
-
-	/* Zero out the thread manager. */
-	PORT_Memset(&threadMGR, 0, sizeof(threadMGR));
-
-	progName = PL_strdup(argv[0]);
-
-	optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:");
-	while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-		switch(optstate->option) {
-		case '3': disableSSL3 = PR_TRUE;                      break;
-		case 'F': requestCert = REQUIRE_CERT_ALL;             break;
-		case 'R': requestCert = REQUEST_CERT_ALL;             break;
-		case 'c': cipherString = PL_strdup(optstate->value);  break;
-		case 'd': dir = PL_strdup(optstate->value);           break;
-		case 'f': requestCert = REQUIRE_CERT_ONCE;            break;
-		case 'n': nickName = PL_strdup(optstate->value);      break;
-		case 'p': port = PORT_Atoi(optstate->value);          break;
-		case 'r': requestCert = REQUEST_CERT_ONCE;            break;
-		case 'w': password = PL_strdup(optstate->value);      break;
-		default:
-		case '?': Usage(progName);
-		}
-	}
-
-	if (nickName == NULL || port == 0)
-		Usage(progName);
-
-	/* Call the NSPR initialization routines. */
-	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-	/* Set the cert database password callback. */
-	PK11_SetPasswordFunc(myPasswd);
-
-	/* Initialize NSS. */
-	secStatus = NSS_Init(dir);
-	if (secStatus != SECSuccess) {
-		exitErr("NSS_Init");
-	}
-
-	/* Set the policy for this server (REQUIRED - no default). */
-	secStatus = NSS_SetDomesticPolicy();
-	if (secStatus != SECSuccess) {
-		exitErr("NSS_SetDomesticPolicy");
-	}
-
-	/* XXX keep this? */
-	/* all the SSL2 and SSL3 cipher suites are enabled by default. */
-	if (cipherString) {
-	    int ndx;
-
-	    /* disable all the ciphers, then enable the ones we want. */
-	    disableAllSSLCiphers();
-
-	    while (0 != (ndx = *cipherString++)) {
-		int *cptr;
-		int  cipher;
-
-		if (! isalpha(ndx))
-			Usage(progName);
-		cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-		for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) 
-		    /* do nothing */;
-		if (cipher) {
-		    SECStatus status;
-		    status = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
-		    if (status != SECSuccess) 
-			errWarn("SSL_CipherPrefSetDefault()");
-		}
-	    }
-	}
-
-	/* Get own certificate and private key. */
-	cert = PK11_FindCertFromNickname(nickName, password);
-	if (cert == NULL) {
-		exitErr("PK11_FindCertFromNickname");
-	}
-
-	privKey = PK11_FindKeyByAnyCert(cert, password);
-	if (privKey == NULL) {
-		exitErr("PK11_FindKeyByAnyCert");
-	}
-
-	/* Configure the server's cache for a multi-process application
-	 * using default timeout values (24 hrs) and directory location (/tmp). 
-	 */
-	SSL_ConfigMPServerSIDCache(256, 0, 0, NULL);
-
-	/* Launch server. */
-	server_main(port, requestCert, privKey, cert, disableSSL3);
-
-	/* Shutdown NSS and exit NSPR gracefully. */
-	NSS_Shutdown();
-	PR_Cleanup();
-	return 0;
-}
diff --git a/security/nss/cmd/SSLsample/server.mn b/security/nss/cmd/SSLsample/server.mn
deleted file mode 100644
index 74226f08f..000000000
--- a/security/nss/cmd/SSLsample/server.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE  = security
-
-EXPORTS = 
-
-CSRCS =  server.c	\
-	sslsample.c	\
-	$(NULL)
-
-PROGRAM  = server
-
-REQUIRES = dbm 
-
-DEFINES  = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/sslerror.h b/security/nss/cmd/SSLsample/sslerror.h
deleted file mode 100644
index 8ad908569..000000000
--- a/security/nss/cmd/SSLsample/sslerror.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "nspr.h"
-
-struct tuple_str {
-    PRErrorCode	 errNum;
-    const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b)   {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SSL_Strerror(PRErrorCode errNum) {
-    PRInt32 low  = 0;
-    PRInt32 high = numStrings - 1;
-    PRInt32 i;
-    PRErrorCode num;
-    static int initDone;
-
-    /* make sure table is in ascending order.
-     * binary search depends on it.
-     */
-    if (!initDone) {
-	PRErrorCode lastNum = (PRInt32)0x80000000;
-    	for (i = low; i <= high; ++i) {
-	    num = errStrings[i].errNum;
-	    if (num <= lastNum) {
-	    	fprintf(stderr, 
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
-		        i, lastNum, errStrings[i-1].errString, 
-			num, errStrings[i].errString);
-	    }
-	    lastNum = num;
-	}
-	initDone = 1;
-    }
-
-    /* Do binary search of table. */
-    while (low + 1 < high) {
-    	i = (low + high) / 2;
-	num = errStrings[i].errNum;
-	if (errNum == num) 
-	    return errStrings[i].errString;
-        if (errNum < num)
-	    high = i;
-	else 
-	    low = i;
-    }
-    if (errNum == errStrings[low].errNum)
-    	return errStrings[low].errString;
-    if (errNum == errStrings[high].errNum)
-    	return errStrings[high].errString;
-    return NULL;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c
deleted file mode 100644
index 47b7d0d4f..000000000
--- a/security/nss/cmd/SSLsample/sslsample.c
+++ /dev/null
@@ -1,590 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sslsample.h"
-#include "sslerror.h"
-
-/* Declare SSL cipher suites. */
-
-int ssl2CipherSuites[] = {
-	SSL_EN_RC4_128_WITH_MD5,              /* A */
-	SSL_EN_RC4_128_EXPORT40_WITH_MD5,     /* B */
-	SSL_EN_RC2_128_CBC_WITH_MD5,          /* C */
-	SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
-	SSL_EN_DES_64_CBC_WITH_MD5,           /* E */
-	SSL_EN_DES_192_EDE3_CBC_WITH_MD5,     /* F */
-	0
-};
-
-int ssl3CipherSuites[] = {
-	SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
-	SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,      /* b */
-	SSL_RSA_WITH_RC4_128_MD5,               /* c */
-	SSL_RSA_WITH_3DES_EDE_CBC_SHA,          /* d */
-	SSL_RSA_WITH_DES_CBC_SHA,               /* e */
-	SSL_RSA_EXPORT_WITH_RC4_40_MD5,         /* f */
-	SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,     /* g */
-	SSL_FORTEZZA_DMS_WITH_NULL_SHA,         /* h */
-	SSL_RSA_WITH_NULL_MD5,                  /* i */
-	SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,     /* j */
-	SSL_RSA_FIPS_WITH_DES_CBC_SHA,          /* k */
-	TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,    /* l */
-	TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,     /* m */
-	0
-};
-
-/**************************************************************************
-** 
-** SSL callback routines.
-**
-**************************************************************************/
-
-/* Function: char * myPasswd()
- * 
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
-	char * passwd = NULL;
-
-	if ( (!retry) && arg ) {
-		passwd = PORT_Strdup((char *)arg);
-	}
-
-	return passwd;
-}
-
-/* Function: SECStatus myAuthCertificate()
- *
- * Purpose: This function is our custom certificate authentication handler.
- * 
- * Note: This implementation is essentially the same as the default 
- *       SSL_AuthCertificate().
- */
-SECStatus 
-myAuthCertificate(void *arg, PRFileDesc *socket, 
-                  PRBool checksig, PRBool isServer) 
-{
-
-	SECCertUsage        certUsage;
-	CERTCertificate *   cert;
-	void *              pinArg;
-	char *              hostName;
-	SECStatus           secStatus;
-
-	if (!arg || !socket) {
-		errWarn("myAuthCertificate");
-		return SECFailure;
-	}
-
-	/* Define how the cert is being used based upon the isServer flag. */
-
-	certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
-	cert = SSL_PeerCertificate(socket);
-	
-	pinArg = SSL_RevealPinArg(socket);
-
-	secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg,
-	                               cert,
-	                               checksig,
-	                               certUsage,
-	                               pinArg);
-
-	/* If this is a server, we're finished. */
-	if (isServer || secStatus != SECSuccess) {
-		CERT_DestroyCertificate(cert);
-		return secStatus;
-	}
-
-	/* Certificate is OK.  Since this is the client side of an SSL
-	 * connection, we need to verify that the name field in the cert
-	 * matches the desired hostname.  This is our defense against
-	 * man-in-the-middle attacks.
-	 */
-
-	/* SSL_RevealURL returns a hostName, not an URL. */
-	hostName = SSL_RevealURL(socket);
-
-	if (hostName && hostName[0]) {
-		secStatus = CERT_VerifyCertName(cert, hostName);
-	} else {
-		PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0);
-		secStatus = SECFailure;
-	}
-
-	if (hostName)
-		PR_Free(hostName);
-
-	CERT_DestroyCertificate(cert);
-	return secStatus;
-}
-
-/* Function: SECStatus myBadCertHandler()
- *
- * Purpose: This callback is called when the incoming certificate is not
- * valid. We define a certain set of parameters that still cause the
- * certificate to be "valid" for this session, and return SECSuccess to cause
- * the server to continue processing the request when any of these conditions
- * are met. Otherwise, SECFailure is return and the server rejects the 
- * request.
- */
-SECStatus 
-myBadCertHandler(void *arg, PRFileDesc *socket) 
-{
-
-    SECStatus	secStatus = SECFailure;
-    PRErrorCode	err;
-
-    /* log invalid cert here */
-
-    if (!arg) {
-		return secStatus;
-    }
-
-    *(PRErrorCode *)arg = err = PORT_GetError();
-
-    /* If any of the cases in the switch are met, then we will proceed   */
-    /* with the processing of the request anyway. Otherwise, the default */	
-    /* case will be reached and we will reject the request.              */
-
-    switch (err) {
-    case SEC_ERROR_INVALID_AVA:
-    case SEC_ERROR_INVALID_TIME:
-    case SEC_ERROR_BAD_SIGNATURE:
-    case SEC_ERROR_EXPIRED_CERTIFICATE:
-    case SEC_ERROR_UNKNOWN_ISSUER:
-    case SEC_ERROR_UNTRUSTED_CERT:
-    case SEC_ERROR_CERT_VALID:
-    case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
-    case SEC_ERROR_CRL_EXPIRED:
-    case SEC_ERROR_CRL_BAD_SIGNATURE:
-    case SEC_ERROR_EXTENSION_VALUE_INVALID:
-    case SEC_ERROR_CA_CERT_INVALID:
-    case SEC_ERROR_CERT_USAGES_INVALID:
-    case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
-		secStatus = SECSuccess;
-	break;
-    default:
-		secStatus = SECFailure;
-	break;
-    }
-
-	printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err));
-
-    return secStatus;
-}
-
-/* Function: SECStatus ownGetClientAuthData()
- *
- * Purpose: This callback is used by SSL to pull client certificate 
- * information upon server request.
- */
-SECStatus 
-myGetClientAuthData(void *arg,
-                    PRFileDesc *socket,
-                    struct CERTDistNamesStr *caNames,
-                    struct CERTCertificateStr **pRetCert,
-                    struct SECKEYPrivateKeyStr **pRetKey) 
-{
-
-    CERTCertificate *  cert;
-    SECKEYPrivateKey * privKey;
-    char *             chosenNickName = (char *)arg;
-    void *             proto_win      = NULL;
-    SECStatus          secStatus      = SECFailure;
-
-    proto_win = SSL_RevealPinArg(socket);
-
-    if (chosenNickName) {
-		cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
-		if (cert) {
-		    privKey = PK11_FindKeyByAnyCert(cert, proto_win);
-		    if (privKey) {
-				secStatus = SECSuccess;
-		    } else {
-				CERT_DestroyCertificate(cert);
-		    }
-		}
-    } else { /* no nickname given, automatically find the right cert */
-	CERTCertNicknames *names;
-	int                i;
-
-	names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(), 
-				      SEC_CERT_NICKNAMES_USER, proto_win);
-
-	if (names != NULL) {
-	    for(i = 0; i < names->numnicknames; i++ ) {
-
-		cert = PK11_FindCertFromNickname(names->nicknames[i], 
-						 proto_win);
-		if (!cert) {
-		    continue;
-		}
-
-		/* Only check unexpired certs */
-		if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE)
-		      != secCertTimeValid ) {
-		    CERT_DestroyCertificate(cert);
-		    continue;
-		}
-
-		secStatus = NSS_CmpCertChainWCANames(cert, caNames);
-		if (secStatus == SECSuccess) {
-		    privKey = PK11_FindKeyByAnyCert(cert, proto_win);
-		    if (privKey) {
-			break;
-		    }
-		    secStatus = SECFailure;
-		    break;
-		}
-		CERT_FreeNicknames(names);
-	    } /* for loop */
-	}
-    }
-
-    if (secStatus == SECSuccess) {
-		*pRetCert = cert;
-		*pRetKey  = privKey;
-    }
-
-    return secStatus;
-}
-
-/* Function: SECStatus myHandshakeCallback()
- *
- * Purpose: Called by SSL to inform application that the handshake is
- * complete. This function is mostly used on the server side of an SSL
- * connection, although it is provided for a client as well.
- * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake 
- * is used to initiate a handshake.
- *
- * A typical scenario would be:
- *
- * 1. Server accepts an SSL connection from the client without client auth.
- * 2. Client sends a request.
- * 3. Server determines that to service request it needs to authenticate the
- * client and initiates another handshake requesting client auth.
- * 4. While handshake is in progress, server can do other work or spin waiting
- * for the handshake to complete.
- * 5. Server is notified that handshake has been successfully completed by
- * the custom handshake callback function and it can service the client's
- * request.
- *
- * Note: This function is not implemented in this sample, as we are using
- * blocking sockets.
- */
-SECStatus 
-myHandshakeCallback(PRFileDesc *socket, void *arg) 
-{
-    printf("Handshake has completed, ready to send data securely.\n");
-    return SECSuccess;
-}
-
-
-/**************************************************************************
-** 
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
-    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
-    int             i            = SSL_NumImplementedCiphers;
-    SECStatus       rv;
-
-    /* disable all the SSL3 cipher suites */
-    while (--i >= 0) {
-	PRUint16 suite = cipherSuites[i];
-        rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
-	if (rv != SECSuccess) {
-	    printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
-	    	   suite, i);
-	    errWarn("SSL_CipherPrefSetDefault");
-	    exit(2);
-	}
-    }
-}
-
-/**************************************************************************
-** 
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
-	PRErrorCode  errorNumber = PR_GetError();
-	const char * errorString = SSL_Strerror(errorNumber);
-
-	printf("Error in function %s: %d\n - %s\n",
-			function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
-	errWarn(function);
-	/* Exit gracefully. */
-	NSS_Shutdown();
-	PR_Cleanup();
-	exit(1);
-}
-
-void 
-printSecurityInfo(PRFileDesc *fd)
-{
-	char * cp;	/* bulk cipher name */
-	char * ip;	/* cert issuer DN */
-	char * sp;	/* cert subject DN */
-	int    op;	/* High, Low, Off */
-	int    kp0;	/* total key bits */
-	int    kp1;	/* secret key bits */
-	int    result;
-	SSL3Statistics * ssl3stats = SSL_GetStatistics();
-
-	result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp);
-	if (result != SECSuccess)
-		return;
-	printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n"
-		   "subject DN: %s\n"
-	   "issuer	DN: %s\n", cp, kp1, kp0, op, sp, ip);
-	PR_Free(cp);
-	PR_Free(ip);
-	PR_Free(sp);
-
-	printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n",
-		ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
-	ssl3stats->hch_sid_cache_not_ok);
-
-}
-
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-void
-thread_wrapper(void * arg)
-{
-	GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg;
-	perThread *slot = &threadMGR->threads[threadMGR->index];
-
-	/* wait for parent to finish launching us before proceeding. */
-	PR_Lock(threadMGR->threadLock);
-	PR_Unlock(threadMGR->threadLock);
-
-	slot->rv = (* slot->startFunc)(slot->a, slot->b);
-
-	PR_Lock(threadMGR->threadLock);
-	slot->running = rs_zombie;
-
-	/* notify the thread exit handler. */
-	PR_NotifyCondVar(threadMGR->threadEndQ);
-
-	PR_Unlock(threadMGR->threadLock);
-}
-
-SECStatus
-launch_thread(GlobalThreadMgr *threadMGR,
-              startFn         *startFunc,
-              void            *a,
-              int              b)
-{
-	perThread *slot;
-	int        i;
-
-	if (!threadMGR->threadStartQ) {
-		threadMGR->threadLock   = PR_NewLock();
-		threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock);
-		threadMGR->threadEndQ   = PR_NewCondVar(threadMGR->threadLock);
-	}
-	PR_Lock(threadMGR->threadLock);
-	while (threadMGR->numRunning >= MAX_THREADS) {
-		PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT);
-	}
-	for (i = 0; i < threadMGR->numUsed; ++i) {
-		slot = &threadMGR->threads[i];
-		if (slot->running == rs_idle) 
-			break;
-	}
-	if (i >= threadMGR->numUsed) {
-		if (i >= MAX_THREADS) {
-			/* something's really wrong here. */
-			PORT_Assert(i < MAX_THREADS);
-			PR_Unlock(threadMGR->threadLock);
-			return SECFailure;
-		}
-		++(threadMGR->numUsed);
-		PORT_Assert(threadMGR->numUsed == i + 1);
-		slot = &threadMGR->threads[i];
-	}
-
-	slot->a = a;
-	slot->b = b;
-	slot->startFunc = startFunc;
-
-	threadMGR->index = i;
-
-	slot->prThread = PR_CreateThread(PR_USER_THREAD,
-	                                 thread_wrapper, threadMGR,
-	                                 PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
-	                                 PR_JOINABLE_THREAD, 0);
-
-	if (slot->prThread == NULL) {
-		PR_Unlock(threadMGR->threadLock);
-		printf("Failed to launch thread!\n");
-		return SECFailure;
-	} 
-
-	slot->inUse   = 1;
-	slot->running = 1;
-	++(threadMGR->numRunning);
-	PR_Unlock(threadMGR->threadLock);
-	printf("Launched thread in slot %d \n", threadMGR->index);
-
-	return SECSuccess;
-}
-
-SECStatus 
-reap_threads(GlobalThreadMgr *threadMGR)
-{
-	perThread * slot;
-	int			i;
-
-	if (!threadMGR->threadLock)
-		return 0;
-	PR_Lock(threadMGR->threadLock);
-	while (threadMGR->numRunning > 0) {
-	    PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT);
-	    for (i = 0; i < threadMGR->numUsed; ++i) {
-		slot = &threadMGR->threads[i];
-		if (slot->running == rs_zombie)  {
-		    /* Handle cleanup of thread here. */
-		    printf("Thread in slot %d returned %d\n", i, slot->rv);
-
-		    /* Now make sure the thread has ended OK. */
-		    PR_JoinThread(slot->prThread);
-		    slot->running = rs_idle;
-		    --threadMGR->numRunning;
-
-		    /* notify the thread launcher. */
-		    PR_NotifyCondVar(threadMGR->threadStartQ);
-		}
-	    }
-	}
-
-	/* Safety Sam sez: make sure count is right. */
-	for (i = 0; i < threadMGR->numUsed; ++i) {
-		slot = &threadMGR->threads[i];
-		if (slot->running != rs_idle)  {
-			fprintf(stderr, "Thread in slot %d is in state %d!\n", 
-			                 i, slot->running);
-		}
-	}
-	PR_Unlock(threadMGR->threadLock);
-	return 0;
-}
-
-void
-destroy_thread_data(GlobalThreadMgr *threadMGR)
-{
-	PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads));
-
-	if (threadMGR->threadEndQ) {
-		PR_DestroyCondVar(threadMGR->threadEndQ);
-		threadMGR->threadEndQ = NULL;
-	}
-	if (threadMGR->threadStartQ) {
-		PR_DestroyCondVar(threadMGR->threadStartQ);
-		threadMGR->threadStartQ = NULL;
-	}
-	if (threadMGR->threadLock) {
-		PR_DestroyLock(threadMGR->threadLock);
-		threadMGR->threadLock = NULL;
-	}
-}
-
-/**************************************************************************
-** End	 thread management routines.
-**************************************************************************/
-
-void 
-lockedVars_Init( lockedVars * lv)
-{
-	lv->count	= 0;
-	lv->waiters = 0;
-	lv->lock	= PR_NewLock();
-	lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
-	PR_DestroyCondVar(lv->condVar);
-	lv->condVar = NULL;
-
-	PR_DestroyLock(lv->lock);
-	lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
-	PR_Lock(lv->lock);
-	while (lv->count > 0) {
-		PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
-	}
-	PR_Unlock(lv->lock);
-}
-
-int	/* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
-	int rv;
-
-	PR_Lock(lv->lock);
-	rv = lv->count += addend;
-	if (rv <= 0) {
-	PR_NotifyCondVar(lv->condVar);
-	}
-	PR_Unlock(lv->lock);
-	return rv;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.h b/security/nss/cmd/SSLsample/sslsample.h
deleted file mode 100644
index ca6b6a489..000000000
--- a/security/nss/cmd/SSLsample/sslsample.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SSLSAMPLE_H
-#define SSLSAMPLE_H
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-/*
-#include "sslerror.h"
-*/
-
-#define BUFFER_SIZE 10240
-
-/* Declare SSL cipher suites. */
-
-extern int cipherSuites[];
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-/* Data buffer read from a socket. */
-typedef struct DataBufferStr {
-	char data[BUFFER_SIZE];
-	int  index;
-	int  remaining;
-	int  dataStart;
-	int  dataEnd;
-} DataBuffer;
-
-/* SSL callback routines. */
-
-char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg);
-
-SECStatus myAuthCertificate(void *arg, PRFileDesc *socket,
-                            PRBool checksig, PRBool isServer);
-
-SECStatus myBadCertHandler(void *arg, PRFileDesc *socket);
-
-SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg);
-
-SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket,
-                              struct CERTDistNamesStr *caNames,
-                              struct CERTCertificateStr **pRetCert,
-                              struct SECKEYPrivateKeyStr **pRetKey);
-
-/* Disable all v2/v3 SSL ciphers. */
-
-void disableAllSSLCiphers(void);
-
-
-/* Error and information utilities. */
-
-void errWarn(char *function);
-
-void exitErr(char *function);
-
-void printSecurityInfo(PRFileDesc *fd);
-
-/* Some simple thread management routines. */
-
-#define MAX_THREADS 32
-
-typedef SECStatus startFn(void *a, int b);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
-	PRFileDesc *a;
-	int         b;
-	int         rv;
-	startFn    *startFunc;
-	PRThread   *prThread;
-	PRBool      inUse;
-	runState    running;
-} perThread;
-
-typedef struct GlobalThreadMgrStr {
-	PRLock	  *threadLock;
-	PRCondVar *threadStartQ;
-	PRCondVar *threadEndQ;
-	perThread  threads[MAX_THREADS];
-	int        index;
-	int        numUsed;
-	int        numRunning;
-} GlobalThreadMgr;
-
-void thread_wrapper(void * arg);
-
-SECStatus launch_thread(GlobalThreadMgr *threadMGR, 
-                        startFn *startFunc, void *a, int b);
-
-SECStatus reap_threads(GlobalThreadMgr *threadMGR);
-
-void destroy_thread_data(GlobalThreadMgr *threadMGR);
-
-/* Management of locked variables. */
-
-struct lockedVarsStr {
-	PRLock *    lock;
-	int         count;
-	int         waiters;
-	PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void lockedVars_Init(lockedVars *lv);
-
-void lockedVars_Destroy(lockedVars *lv);
-
-void lockedVars_WaitForDone(lockedVars *lv);
-
-int lockedVars_AddToCount(lockedVars *lv, int addend);
-
-/* Buffer stuff. */
-
-static const char stopCmd[] = { "GET /stop " };
-static const char defaultHeader[] = {
-	"HTTP/1.0 200 OK\r\n"
-	"Server: SSL sample server\r\n"
-	"Content-type: text/plain\r\n"
-	"\r\n"
-};
-
-#endif
diff --git a/security/nss/cmd/addbuiltin/Makefile b/security/nss/cmd/addbuiltin/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/addbuiltin/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
diff --git a/security/nss/cmd/addbuiltin/addbuiltin.c b/security/nss/cmd/addbuiltin/addbuiltin.c
deleted file mode 100644
index 2b66e3b64..000000000
--- a/security/nss/cmd/addbuiltin/addbuiltin.c
+++ /dev/null
@@ -1,338 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Tool for converting builtin CA certs.
- *
- * $Id$
- */
-
-#include "nss.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-void dumpbytes(unsigned char *buf, int len)
-{
-    int i;
-    for (i=0; i < len; i++) {
-	if ((i !=0) && ((i & 0xf) == 0)) {
-	    printf("\n");
-	}
-	printf("\\%03o",buf[i]);
-    }
-    printf("\n");
-}
-
-char *getTrustString(unsigned int trust)
-{
-    if (trust & CERTDB_TRUSTED) {
-	if (trust & CERTDB_TRUSTED_CA) {
-		return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED";
-	} else {
-		return "CKT_NETSCAPE_TRUSTED";
-	}
-    } else {
-	if (trust & CERTDB_TRUSTED_CA) {
-		return "CKT_NETSCAPE_TRUSTED_DELEGATOR";
-	} else {
-		return "CKT_NETSCAPE_VALID";
-	}
-    }
-    return "CKT_NETSCAPE_VALID"; /* not reached */
-}
-
-static SECStatus
-ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
-{
-    SECStatus rv = SECSuccess;
-    CERTCertificate *cert;
-    unsigned char sha1_hash[SHA1_LENGTH];
-    unsigned char md5_hash[MD5_LENGTH];
-
-    cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname);
-    if (!cert) {
-	return SECFailure;
-    }
-
-    printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
-    printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
-    printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
-    printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
-    printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
-    printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
-    printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
-    printf("CKA_SUBJECT MULTILINE_OCTAL\n");
-    dumpbytes(cert->derSubject.data,cert->derSubject.len);
-    printf("END\n");
-    printf("CKA_ID UTF8 \"0\"\n");
-    printf("CKA_ISSUER MULTILINE_OCTAL\n");
-    dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
-    printf("END\n");
-    printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
-    dumpbytes(cert->serialNumber.data,cert->serialNumber.len);
-    printf("END\n");
-    printf("CKA_VALUE MULTILINE_OCTAL\n");
-    dumpbytes(sdder->data,sdder->len);
-    printf("END\n");
-
-    PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
-    PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
-    printf("\n# Trust for Certificate \"%s\"\n",nickname);
-    printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n");
-    printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
-    printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
-    printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
-    printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
-    printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
-    dumpbytes(sha1_hash,SHA1_LENGTH);
-    printf("END\n");
-    printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
-    dumpbytes(md5_hash,MD5_LENGTH);
-    printf("END\n");
-    
-    printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n",
-				 getTrustString(trust->sslFlags));
-    printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n",
-				 getTrustString(trust->emailFlags));
-    printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n",
-				 getTrustString(trust->objectSigningFlags));
-#ifdef notdef
-    printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/
-    printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-    printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-#endif
-
-
-    PORT_Free(sdder->data);
-    return(rv);
-
-}
-
-printheader() {
-    printf("# \n"
-     "# The contents of this file are subject to the Mozilla Public\n"
-     "# License Version 1.1 (the \"License\"); you may not use this file\n"
-     "# except in compliance with the License. You may obtain a copy of\n"
-     "# the License at http://www.mozilla.org/MPL/\n"
-     "# \n"
-     "# Software distributed under the License is distributed on an \"AS\n"
-     "# IS\" basis, WITHOUT WARRANTY OF ANY KIND, either express or\n"
-     "# implied. See the License for the specific language governing\n"
-     "# rights and limitations under the License.\n"
-     "# \n"
-     "# The Original Code is the Netscape security libraries.\n"
-     "# \n"
-     "# The Initial Developer of the Original Code is Netscape\n"
-     "# Communications Corporation.  Portions created by Netscape are \n"
-     "# Copyright (C) 1994-2000 Netscape Communications Corporation.  All\n"
-     "# Rights Reserved.\n"
-     "# \n"
-     "# Contributor(s):\n"
-     "# \n"
-     "# Alternatively, the contents of this file may be used under the\n"
-     "# terms of the GNU General Public License Version 2 or later (the\n"
-     "# \"GPL\"), in which case the provisions of the GPL are applicable \n"
-     "# instead of those above.  If you wish to allow use of your \n"
-     "# version of this file only under the terms of the GPL and not to\n"
-     "# allow others to use your version of this file under the MPL,\n"
-     "# indicate your decision by deleting the provisions above and\n"
-     "# replace them with the notice and other provisions required by\n"
-     "# the GPL.  If you do not delete the provisions above, a recipient\n"
-     "# may use your version of this file under either the MPL or the\n"
-     "# GPL.\n"
-     "#\n"
-     "CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$ $Name$\"\n"
-     "\n"
-     "#\n"
-     "# certdata.txt\n"
-     "#\n"
-     "# This file contains the object definitions for the certs and other\n"
-     "# information \"built into\" NSS.\n"
-     "#\n"
-     "# Object definitions:\n"
-     "#\n"
-     "#    Certificates\n"
-     "#\n"
-     "#  -- Attribute --          -- type --              -- value --\n"
-     "#  CKA_CLASS                CK_OBJECT_CLASS         CKO_CERTIFICATE\n"
-     "#  CKA_TOKEN                CK_BBOOL                CK_TRUE\n"
-     "#  CKA_PRIVATE              CK_BBOOL                CK_FALSE\n"
-     "#  CKA_MODIFIABLE           CK_BBOOL                CK_FALSE\n"
-     "#  CKA_LABEL                UTF8                    (varies)\n"
-     "#  CKA_CERTIFICATE_TYPE     CK_CERTIFICATE_TYPE     CKC_X_509\n"
-     "#  CKA_SUBJECT              DER+base64              (varies)\n"
-     "#  CKA_ID                   byte array              (varies)\n"
-     "#  CKA_ISSUER               DER+base64              (varies)\n"
-     "#  CKA_SERIAL_NUMBER        DER+base64              (varies)\n"
-     "#  CKA_VALUE                DER+base64              (varies)\n"
-     "#  CKA_NETSCAPE_EMAIL       ASCII7                  (unused here)\n"
-     "#\n"
-     "#    Trust\n"
-     "#\n"
-     "#  -- Attribute --              -- type --          -- value --\n"
-     "#  CKA_CLASS                    CK_OBJECT_CLASS     CKO_TRUST\n"
-     "#  CKA_TOKEN                    CK_BBOOL            CK_TRUE\n"
-     "#  CKA_PRIVATE                  CK_BBOOL            CK_FALSE\n"
-     "#  CKA_MODIFIABLE               CK_BBOOL            CK_FALSE\n"
-     "#  CKA_LABEL                    UTF8                (varies)\n"
-     "#  CKA_ISSUER                   DER+base64          (varies)\n"
-     "#  CKA_SERIAL_NUMBER            DER+base64          (varies)\n"
-     "#  CKA_CERT_HASH                binary+base64       (varies)\n"
-     "#  CKA_EXPIRES                  CK_DATE             (not used here)\n"
-     "#  CKA_TRUST_DIGITAL_SIGNATURE  CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_NON_REPUDIATION    CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_KEY_ENCIPHERMENT   CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_DATA_ENCIPHERMENT  CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_KEY_AGREEMENT      CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_KEY_CERT_SIGN      CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_CRL_SIGN           CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_SERVER_AUTH        CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_CLIENT_AUTH        CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_CODE_SIGNING       CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_EMAIL_PROTECTION   CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_IPSEC_END_SYSTEM   CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_IPSEC_TUNNEL       CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_IPSEC_USER         CK_TRUST            (varies)\n"
-     "#  CKA_TRUST_TIME_STAMPING      CK_TRUST            (varies)\n"
-     "#  (other trust attributes can be defined)\n"
-     "#\n"
-     "\n"
-     "#\n"
-     "# The object to tell NSS that this is a root list and we don't\n"
-     "# have to go looking for others.\n"
-     "#\n"
-     "BEGINDATA\n"
-     "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n"
-     "CKA_TOKEN CK_BBOOL CK_TRUE\n"
-     "CKA_PRIVATE CK_BBOOL CK_FALSE\n"
-     "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
-     "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n");
-}
-
-static void Usage(char *progName)
-{
-    fprintf(stderr, "%s -n nickname -t trust\n", progName);
-    fprintf(stderr, 
-            "read a der-encoded cert from stdin in, and output\n"
-            "it to stdout in a format suitable for the builtin root module.\n"
-            "example: %s -n MyCA -t \"C,C,C\" < myca.der >> certdata.txt\n"
-            "(pipe through atob if the cert is b64-encoded)\n");
-    fprintf(stderr, "%15s nickname to assign to builtin cert.\n", 
-                    "-n nickname");
-    fprintf(stderr, "%15s default trust flags (cCTpPuw).\n",
-                    "-t trust");
-    exit(-1);
-}
-
-enum {
-    opt_Input = 0,
-    opt_Nickname,
-    opt_Trust
-};
-
-static secuCommandFlag addbuiltin_options[] =
-{
-	{ /* opt_Input         */  'i', PR_TRUE, 0, PR_FALSE },
-	{ /* opt_Nickname      */  'n', PR_TRUE, 0, PR_FALSE },
-	{ /* opt_Trust         */  't', PR_TRUE, 0, PR_FALSE }
-};
-
-main(int argc, char **argv)
-{
-    SECStatus rv;
-    char *nickname;
-    char *trusts;
-    char *progName;
-    PRFileDesc *infile;
-    CERTCertTrust trust = { 0 };
-    SECItem derCert = { 0 };
-
-    secuCommand addbuiltin = { 0 };
-    addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
-    addbuiltin.options = addbuiltin_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
-
-    if (rv != SECSuccess)
-	Usage(progName);
-
-    if (!addbuiltin.options[opt_Nickname].activated &&
-        !addbuiltin.options[opt_Trust].activated) {
-	fprintf(stderr, "%s: you must specify both a nickname and trust.\n");
-	Usage(progName);
-    }
-
-    if (addbuiltin.options[opt_Input].activated) {
-	infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
-	if (!infile) {
-	    fprintf(stderr, "%s: failed to open input file.\n");
-	    exit(1);
-	}
-    } else {
-	infile = PR_STDIN;
-    }
-
-    nickname = strdup(addbuiltin.options[opt_Nickname].arg);
-    trusts = strdup(addbuiltin.options[opt_Trust].arg);
-
-    NSS_NoDB_Init(NULL);
-
-    rv = CERT_DecodeTrustString(&trust, trusts);
-    if (rv) {
-	fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
-	Usage(progName);
-    }
-
-    SECU_FileToItem(&derCert, infile);
-    
-    /*printheader();*/
-
-    rv = ConvertCertificate(&derCert, nickname, &trust);
-    if (rv) {
-	fprintf(stderr, "%s: failed to convert certificate.\n", progName);
-	exit(1);
-    }
-    
-    NSS_Shutdown();
-
-    return(SECSuccess);
-}
diff --git a/security/nss/cmd/addbuiltin/manifest.mn b/security/nss/cmd/addbuiltin/manifest.mn
deleted file mode 100644
index c664c2d6c..000000000
--- a/security/nss/cmd/addbuiltin/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-CSRCS = \
-	addbuiltin.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = addbuiltin
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/atob/Makefile b/security/nss/cmd/atob/Makefile
deleted file mode 100644
index ff6f06e7e..000000000
--- a/security/nss/cmd/atob/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/atob/atob.c b/security/nss/cmd/atob/atob.c
deleted file mode 100644
index 8d632b6bf..000000000
--- a/security/nss/cmd/atob/atob.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32 
-output_binary (void *arg, const unsigned char *obuf, PRInt32 size)
-{
-    FILE *outFile = arg;
-    int nb;
-
-    nb = fwrite(obuf, 1, size, outFile);
-    if (nb != size) {
-	PORT_SetError(SEC_ERROR_IO);
-	return -1;
-    }
-
-    return nb;
-}
-
-static SECStatus
-decode_file(FILE *outFile, FILE *inFile)
-{
-    NSSBase64Decoder *cx;
-    int nb;
-    SECStatus status = SECFailure;
-    char ibuf[4096];
-
-    cx = NSSBase64Decoder_Create(output_binary, outFile);
-    if (!cx) {
-	return -1;
-    }
-
-    for (;;) {
-	if (feof(inFile)) break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb != sizeof(ibuf)) {
-	    if (nb == 0) {
-		if (ferror(inFile)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    goto loser;
-		}
-		/* eof */
-		break;
-	    }
-	}
-
-	status = NSSBase64Decoder_Update(cx, ibuf, nb);
-	if (status != SECSuccess) goto loser;
-    }
-
-    return NSSBase64Decoder_Destroy(cx, PR_FALSE);
-
-  loser:
-    (void) NSSBase64Decoder_Destroy(cx, PR_TRUE);
-    return status;
-}
-
-static void Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage: %s [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    char *progName;
-    SECStatus rv;
-    FILE *inFile, *outFile;
-    PLOptState *optstate;
-    PLOptStatus status;
-
-    inFile = 0;
-    outFile = 0;
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    /* Parse command line arguments */
-    optstate = PL_CreateOptState(argc, argv, "i:o:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'i':
-	    inFile = fopen(optstate->value, "r");
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "wb");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-	}
-    }
-    if (!inFile) inFile = stdin;
-    if (!outFile) {
-#if defined(WIN32)
-	int smrv = _setmode(_fileno(stdout), _O_BINARY);
-	if (smrv == -1) {
-	    fprintf(stderr,
-	    "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
-	            progName);
-	    return smrv;
-	}
-#endif
-    	outFile = stdout;
-    }
-    rv = decode_file(outFile, inFile);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
-		progName, PORT_GetError(), errno);
-	return -1;
-    }
-    return 0;
-}
diff --git a/security/nss/cmd/atob/makefile.win b/security/nss/cmd/atob/makefile.win
deleted file mode 100644
index ecccc7bf3..000000000
--- a/security/nss/cmd/atob/makefile.win
+++ /dev/null
@@ -1,155 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = atob
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib 		# brpref32.lib 		# cert32.lib
-# crypto32.lib 		# dllcom.lib 		# editor32.lib
-# edpref32.lib 		# edtplug.lib 		# font.lib
-# hash32.lib 		# htmldg32.lib 		# img32.lib
-# javart32.lib 		# jbn3240.lib 		# jdb3240.lib
-# jmc.lib 		# jpeg3240.lib 		# jpw3240.lib
-# jrt3240.lib 		# js3240.lib 		# jsd3240.lib
-# key32.lib 		# libapplet32.lib 	# libnjs32.lib
-# libnsc32.lib 		# libreg32.lib 		# mm3240.lib
-# mnpref32.lib 		# netcst32.lib 		# nsdlg32.lib
-# nsldap32.lib 		# nsldaps32.lib 	# nsn32.lib
-# pkcs1232.lib 		# pkcs732.lib 		# pr3240.lib
-# prefui32.lib 		# prefuuid.lib 		# secmod32.lib
-# secnav32.lib 		# secutl32.lib 		# softup32.lib
-# sp3240.lib 		# ssl32.lib 		# uni3200.lib
-# unicvt32.lib 		# win32md.lib 		# winfont.lib
-# xppref32.lib 		# zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj  XP_ALLOC.obj  XP_HASH.obj   XP_RGB.obj    XP_WRAP.obj
-# CXPRINT.obj   XP_C.cl       XP_LIST.obj   XP_SEC.obj    netscape.exp
-# CXPRNDLG.obj  XP_CNTXT.obj  XP_MD5.obj    XP_STR.obj    xp.pch
-# EXPORT.obj    XP_CORE.obj   XP_MESG.obj   XP_THRMO.obj  xppref32.dll
-# XPASSERT.obj  XP_ERROR.obj  XP_RECT.obj   XP_TIME.obj
-# XPLOCALE.obj  XP_FILE.obj   XP_REG.obj    XP_TRACE.obj
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/atob/manifest.mn b/security/nss/cmd/atob/manifest.mn
deleted file mode 100644
index ed3717be6..000000000
--- a/security/nss/cmd/atob/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = atob.c
-
-PROGRAM	= atob
-
diff --git a/security/nss/cmd/bltest/Makefile b/security/nss/cmd/bltest/Makefile
deleted file mode 100644
index c99a3c017..000000000
--- a/security/nss/cmd/bltest/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
-#	-always-use-cache-dir $(CC)
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#EXTRA_SHARED_LIBS += \
-#	-L/usr/lib \
-#	-lposix4 \
-#	$(NULL)
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c
deleted file mode 100644
index 2d65a189e..000000000
--- a/security/nss/cmd/bltest/blapitest.c
+++ /dev/null
@@ -1,2376 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation.	 All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "blapi.h"
-#include "secrng.h"
-#include "prmem.h"
-#include "prprf.h"
-#include "prtime.h"
-#include "prsystem.h"
-#include "plstr.h"
-#include "nssb64.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "softoken.h"
-#include "nss.h"
-
-/* Temporary - add debugging ouput on windows for RSA to track QA failure */
-#ifdef _WIN32
-#define TRACK_BLTEST_BUG
-    char __bltDBG[] = "BLTEST DEBUG";
-#endif
-
-char *progName;
-char *testdir = NULL;
-
-#define BLTEST_DEFAULT_CHUNKSIZE 4096
-
-#define WORDSIZE sizeof(unsigned long)
-
-#define CHECKERROR(rv, ln) \
-    if (rv) { \
-	PRErrorCode prerror = PR_GetError(); \
-	PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \
-                   prerror, SECU_Strerror(prerror), ln); \
-	exit(-1); \
-    }
-
-/* Macros for performance timing. */
-#define TIMESTART() \
-    time1 = PR_IntervalNow();
-
-#define TIMEFINISH(time, reps) \
-    time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \
-    time1 = PR_IntervalToMilliseconds(time2); \
-    time = ((double)(time1))/reps;
-
-static void Usage()
-{
-#define PRINTUSAGE(subject, option, predicate) \
-    fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer");
-    PRINTUSAGE("",	"", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
-    PRINTUSAGE("",	"", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]");
-    PRINTUSAGE("",	"", "[-w wordsize] [-p repetitions]");
-    PRINTUSAGE("",	"-m", "cipher mode to use");
-    PRINTUSAGE("",	"-i", "file which contains input buffer");
-    PRINTUSAGE("",	"-o", "file for output buffer");
-    PRINTUSAGE("",	"-k", "file which contains key");
-    PRINTUSAGE("",	"-v", "file which contains initialization vector");
-    PRINTUSAGE("",	"-b", "size of input buffer");
-    PRINTUSAGE("",	"-g", "key size (in bytes)");
-    PRINTUSAGE("",	"-p", "do performance test");
-    PRINTUSAGE("(rsa)", "-e", "rsa public exponent");
-    PRINTUSAGE("(rc5)", "-r", "number of rounds");
-    PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer");
-    PRINTUSAGE("",	"", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
-    PRINTUSAGE("",	"", "[-p repetitions]");
-    PRINTUSAGE("",	"-m", "cipher mode to use");
-    PRINTUSAGE("",	"-i", "file which contains input buffer");
-    PRINTUSAGE("",	"-o", "file for output buffer");
-    PRINTUSAGE("",	"-k", "file which contains key");
-    PRINTUSAGE("",	"-v", "file which contains initialization vector");
-    PRINTUSAGE("",	"-p", "do performance test");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-H -m mode", "Hash a buffer");
-    PRINTUSAGE("",	"", "[-i plaintext] [-o hash]");
-    PRINTUSAGE("",	"", "[-b bufsize]");
-    PRINTUSAGE("",	"", "[-p repetitions]");
-    PRINTUSAGE("",	"-m", "cipher mode to use");
-    PRINTUSAGE("",	"-i", "file which contains input buffer");
-    PRINTUSAGE("",	"-o", "file for hash");
-    PRINTUSAGE("",	"-b", "size of input buffer");
-    PRINTUSAGE("",	"-p", "do performance test");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-S -m mode", "Sign a buffer");
-    PRINTUSAGE("",	"", "[-i plaintext] [-o signature] [-k key]");
-    PRINTUSAGE("",	"", "[-b bufsize]");
-    PRINTUSAGE("",	"", "[-p repetitions]");
-    PRINTUSAGE("",	"-m", "cipher mode to use");
-    PRINTUSAGE("",	"-i", "file which contains input buffer");
-    PRINTUSAGE("",	"-o", "file for signature");
-    PRINTUSAGE("",	"-k", "file which contains key");
-    PRINTUSAGE("",	"-p", "do performance test");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer");
-    PRINTUSAGE("",	"", "[-i plaintext] [-s signature] [-k key]");
-    PRINTUSAGE("",	"", "[-p repetitions]");
-    PRINTUSAGE("",	"-m", "cipher mode to use");
-    PRINTUSAGE("",	"-i", "file which contains input buffer");
-    PRINTUSAGE("",	"-s", "file which contains signature of input buffer");
-    PRINTUSAGE("",	"-k", "file which contains key");
-    PRINTUSAGE("",	"-p", "do performance test");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-N -m mode -b bufsize", 
-                                            "Create a nonce plaintext and key");
-    PRINTUSAGE("",      "", "[-g keysize] [-u cxreps]");
-    PRINTUSAGE("",	"-g", "key size (in bytes)");
-    PRINTUSAGE("",      "-u", "number of repetitions of context creation");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-F", "Run the FIPS self-test");
-    fprintf(stderr, "\n");
-    PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test");
-    fprintf(stderr, "\n");
-    exit(1);
-}
-
-/*  Helper functions for ascii<-->binary conversion/reading/writing */
-
-/* XXX argh */
-struct item_with_arena {
-    SECItem	*item;
-    PRArenaPool *arena;
-};
-
-static PRInt32
-get_binary(void *arg, const unsigned char *ibuf, PRInt32 size)
-{
-    struct item_with_arena *it = arg;
-    SECItem *binary = it->item;
-    SECItem *tmp;
-    int index;
-    if (binary->data == NULL) {
-	tmp = SECITEM_AllocItem(it->arena, NULL, size);
-	binary->data = tmp->data;
-	binary->len = tmp->len;
-	index = 0;
-    } else {
-	SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size);
-	index = binary->len;
-    }
-    PORT_Memcpy(&binary->data[index], ibuf, size);
-    return binary->len;
-}
-
-static SECStatus
-atob(SECItem *ascii, SECItem *binary, PRArenaPool *arena)
-{
-    SECStatus status;
-    NSSBase64Decoder *cx;
-    struct item_with_arena it;
-    int len;
-    binary->data = NULL;
-    binary->len = 0;
-    it.item = binary;
-    it.arena = arena;
-    len = (strcmp(&ascii->data[ascii->len-2],"\r\n")) ? 
-           ascii->len : ascii->len-2;
-    cx = NSSBase64Decoder_Create(get_binary, &it);
-    status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len);
-    status = NSSBase64Decoder_Destroy(cx, PR_FALSE);
-    return status;
-}
-
-static PRInt32
-output_ascii(void *arg, const char *obuf, PRInt32 size)
-{
-    PRFileDesc *outfile = arg;
-    PRInt32 nb = PR_Write(outfile, obuf, size);
-    if (nb != size) {
-	PORT_SetError(SEC_ERROR_IO);
-	return -1;
-    }
-    return nb;
-}
-
-static SECStatus
-btoa_file(SECItem *binary, PRFileDesc *outfile)
-{
-    SECStatus status;
-    NSSBase64Encoder *cx;
-    SECItem ascii;
-    ascii.data = NULL;
-    ascii.len = 0;
-    if (binary->len == 0)
-	return SECSuccess;
-    cx = NSSBase64Encoder_Create(output_ascii, outfile);
-    status = NSSBase64Encoder_Update(cx, binary->data, binary->len);
-    status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
-    status = PR_Write(outfile, "\r\n", 2);
-    return status;
-}
-
-SECStatus
-hex_from_2char(unsigned char *c2, unsigned char *byteval)
-{
-    int i;
-    unsigned char offset;
-    *byteval = 0;
-    for (i=0; i<2; i++) {
-	if (c2[i] >= '0' && c2[i] <= '9') {
-	    offset = c2[i] - '0';
-	    *byteval |= offset << 4*(1-i);
-	} else if (c2[i] >= 'a' && c2[i] <= 'f') {
-	    offset = c2[i] - 'a';
-	    *byteval |= (offset + 10) << 4*(1-i);
-	} else if (c2[i] >= 'A' && c2[i] <= 'F') {
-	    offset = c2[i] - 'A';
-	    *byteval |= (offset + 10) << 4*(1-i);
-	} else {
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-char2_from_hex(unsigned char byteval, unsigned char *c2)
-{
-    int i;
-    unsigned char offset;
-    for (i=0; i<2; i++) {
-	offset = (byteval >> 4*(1-i)) & 0x0f;
-	if (offset < 10) {
-	    c2[i] = '0' + offset;
-	} else {
-	    c2[i] = 'A' + offset - 10;
-	}
-    }
-    return SECSuccess;
-}
-
-void
-serialize_key(SECItem *it, int ni, PRFileDesc *file)
-{
-    unsigned char len[4];
-    int i;
-    SECStatus status;
-    NSSBase64Encoder *cx;
-    SECItem ascii;
-    ascii.data = NULL;
-    ascii.len = 0;
-    cx = NSSBase64Encoder_Create(output_ascii, file);
-    for (i=0; i<ni; i++, it++) {
-	len[0] = (it->len >> 24) & 0xff;
-	len[1] = (it->len >> 16) & 0xff;
-	len[2] = (it->len >>  8) & 0xff;
-	len[3] = (it->len	 & 0xff);
-	status = NSSBase64Encoder_Update(cx, len, 4);
-	status = NSSBase64Encoder_Update(cx, it->data, it->len);
-    }
-    status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
-    status = PR_Write(file, "\r\n", 2);
-}
-
-void
-key_from_filedata(PRArenaPool *arena, SECItem *it, int ni, SECItem *filedata)
-{
-    int fpos = 0;
-    int i;
-    unsigned char *buf = filedata->data;
-    for (i=0; i<ni; i++, it++) {
-	it->len	 = (buf[fpos++] & 0xff) << 24;
-	it->len |= (buf[fpos++] & 0xff) << 16;
-	it->len |= (buf[fpos++] & 0xff) <<  8;
-	it->len |= (buf[fpos++] & 0xff);
-	if (it->len > 0) {
-	    it->data = PORT_ArenaAlloc(arena, it->len);
-	    PORT_Memcpy(it->data, &buf[fpos], it->len);
-	} else {
-	    it->data = NULL;
-	}
-	fpos += it->len;
-    }
-}
-
-static RSAPrivateKey *
-rsakey_from_filedata(SECItem *filedata)
-{
-    RSAPrivateKey *key;
-    PRArenaPool *arena;
-    arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
-    key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
-    key->arena = arena;
-    key_from_filedata(arena, &key->version, 9, filedata);
-    return key;
-}
-
-static PQGParams *
-pqg_from_filedata(SECItem *filedata)
-{
-    PQGParams *pqg;
-    PRArenaPool *arena;
-    arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
-    pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
-    pqg->arena = arena;
-    key_from_filedata(arena, &pqg->prime, 3, filedata);
-    return pqg;
-}
-
-static DSAPrivateKey *
-dsakey_from_filedata(SECItem *filedata)
-{
-    DSAPrivateKey *key;
-    PRArenaPool *arena;
-    arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
-    key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
-    key->params.arena = arena;
-    key_from_filedata(arena, &key->params.prime, 5, filedata);
-    return key;
-}
-
-static void
-dump_pqg(PQGParams *pqg)
-{
-    SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0);
-    SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0);
-    SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0);
-}
-
-static void
-dump_dsakey(DSAPrivateKey *key)
-{
-    dump_pqg(&key->params);
-    SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0);
-    SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0);
-}
-
-static void
-dump_rsakey(RSAPrivateKey *key)
-{
-    SECU_PrintInteger(stdout, &key->version, "VERSION:", 0);
-    SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0);
-    SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0);
-    SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0);
-    SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0);
-    SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0);
-    SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0);
-    SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0);
-    SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0);
-}
-
-typedef enum {
-    bltestBase64Encoded,       /* Base64 encoded ASCII */
-    bltestBinary,	       /* straight binary */
-    bltestHexSpaceDelim,       /* 0x12 0x34 0xab 0xCD ... */
-    bltestHexStream 	       /* 1234abCD ... */
-} bltestIOMode;
-
-typedef struct
-{
-    SECItem	   buf;
-    SECItem	   pBuf;
-    bltestIOMode   mode;
-    PRFileDesc*	   file;
-} bltestIO;
-
-typedef SECStatus (* bltestSymmCipherFn)(void *cx,
-					 unsigned char *output,
-					 unsigned int *outputLen,
-					 unsigned int maxOutputLen,
-					 const unsigned char *input,
-					 unsigned int inputLen);
-
-typedef SECStatus (* bltestPubKeyCipherFn)(void *key,
-					   unsigned char *output,
-					   const unsigned char *input);
-
-typedef SECStatus (* bltestHashCipherFn)(unsigned char *dest,
-					 const unsigned char *src,
-					 uint32 src_length);
-
-typedef enum {
-    bltestINVALID = -1,
-    bltestDES_ECB,	  /* Symmetric Key Ciphers */
-    bltestDES_CBC,	  /* .			   */
-    bltestDES_EDE_ECB,	  /* .			   */
-    bltestDES_EDE_CBC,	  /* .			   */
-    bltestRC2_ECB,	  /* .			   */
-    bltestRC2_CBC,	  /* .			   */
-    bltestRC4,		  /* .			   */
-    bltestRC5_ECB,	  /* .			   */
-    bltestRC5_CBC,	  /* .			   */
-    bltestAES_ECB,        /* .                     */
-    bltestAES_CBC,        /* .                     */
-    bltestRSA,		  /* Public Key Ciphers	   */
-    bltestDSA,		  /* . (Public Key Sig.)   */
-    bltestMD2,		  /* Hash algorithms	   */
-    bltestMD5,		  /* .			   */
-    bltestSHA1,           /* .			   */
-    NUMMODES
-} bltestCipherMode;
-
-static char *mode_strings[] =
-{
-    "des_ecb",
-    "des_cbc",
-    "des3_ecb",
-    "des3_cbc",
-    "rc2_ecb",
-    "rc2_cbc",
-    "rc4",
-    "rc5_ecb",
-    "rc5_cbc",
-    "aes_ecb",
-    "aes_cbc",
-    "rsa",
-    /*"pqg",*/
-    "dsa",
-    "md2",
-    "md5",
-    "sha1",
-};
-
-typedef struct
-{
-    bltestIO key;
-    bltestIO iv;
-} bltestSymmKeyParams;
-
-typedef struct
-{
-    bltestIO key;
-    bltestIO iv;
-    int	     rounds;
-    int	     wordsize;
-} bltestRC5Params;
-
-typedef struct
-{
-    bltestIO key;
-    int	     keysizeInBits;
-    RSAPrivateKey *rsakey;
-} bltestRSAParams;
-
-typedef struct
-{
-    bltestIO   key;
-    bltestIO   pqgdata;
-    unsigned int j;
-    bltestIO   keyseed;
-    bltestIO   sigseed;
-    bltestIO   sig; /* if doing verify, have additional input */
-    PQGParams *pqg;
-    DSAPrivateKey *dsakey;
-} bltestDSAParams;
-
-typedef struct
-{
-    bltestIO   key; /* unused */
-    PRBool     restart;
-} bltestHashParams;
-
-typedef union
-{
-    bltestIO		key;
-    bltestSymmKeyParams sk;
-    bltestRC5Params	rc5;
-    bltestRSAParams	rsa;
-    bltestDSAParams	dsa;
-    bltestHashParams	hash;
-} bltestParams;
-
-typedef struct
-{
-    PRArenaPool *arena;
-    /* cipher context */
-    void *cx;
-    /* I/O streams */
-    bltestIO input;
-    bltestIO output;
-    /* Cipher-specific parameters */
-    bltestParams params;
-    /* Cipher mode */
-    bltestCipherMode  mode;
-    /* Cipher function (encrypt/decrypt/sign/verify/hash) */
-    union {
-	bltestSymmCipherFn   symmkeyCipher;
-	bltestPubKeyCipherFn pubkeyCipher;
-	bltestHashCipherFn   hashCipher;
-    } cipher;
-    /* performance testing */
-    int	  repetitions;
-    int   cxreps;
-    double cxtime;
-    double optime;
-} bltestCipherInfo;
-
-PRBool
-is_symmkeyCipher(bltestCipherMode mode)
-{
-    /* change as needed! */
-    if (mode >= bltestDES_ECB && mode <= bltestAES_CBC)
-	return PR_TRUE;
-    return PR_FALSE;
-}
-
-PRBool
-is_pubkeyCipher(bltestCipherMode mode)
-{
-    /* change as needed! */
-    if (mode >= bltestRSA && mode <= bltestDSA)
-	return PR_TRUE;
-    return PR_FALSE;
-}
-
-PRBool
-is_hashCipher(bltestCipherMode mode)
-{
-    /* change as needed! */
-    if (mode >= bltestMD2 && mode <= bltestSHA1)
-	return PR_TRUE;
-    return PR_FALSE;
-}
-
-PRBool
-is_sigCipher(bltestCipherMode mode)
-{
-    /* change as needed! */
-    if (mode >= bltestDSA && mode <= bltestDSA)
-	return PR_TRUE;
-    return PR_FALSE;
-}
-
-PRBool
-cipher_requires_IV(bltestCipherMode mode)
-{
-    /* change as needed! */
-    if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC ||
-	mode == bltestRC2_CBC || mode == bltestRC5_CBC     ||
-        mode == bltestAES_CBC)
-	return PR_TRUE;
-    return PR_FALSE;
-}
-
-SECStatus finishIO(bltestIO *output, PRFileDesc *file);
-
-SECStatus
-setupIO(PRArenaPool *arena, bltestIO *input, PRFileDesc *file,
-	char *str, int numBytes)
-{
-    SECStatus rv;
-    SECItem fileData;
-    SECItem *in;
-    unsigned char *tok;
-    unsigned int i, j;
-
-    if (file && (numBytes == 0 || file == PR_STDIN)) {
-	/* grabbing data from a file */
-	rv = SECU_FileToItem(&fileData, file);
-	if (rv != SECSuccess) {
-	    PR_Close(file);
-	    return SECFailure;
-	}
-	in = &fileData;
-    } else if (str) {
-	/* grabbing data from command line */
-	fileData.data = str;
-	fileData.len = PL_strlen(str);
-	in = &fileData;
-    } else if (file) {
-	/* create nonce */
-	SECITEM_AllocItem(arena, &input->buf, numBytes);
-	RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes);
-	return finishIO(input, file);
-    } else {
-	return SECFailure;
-    }
-
-    switch (input->mode) {
-    case bltestBase64Encoded:
-	rv = atob(in, &input->buf, arena);
-	break;
-    case bltestBinary:
-	if (in->data[in->len-1] == '\n') --in->len;
-	if (in->data[in->len-1] == '\r') --in->len;
-	SECITEM_CopyItem(arena, &input->buf, in);
-	break;
-    case bltestHexSpaceDelim:
-	SECITEM_AllocItem(arena, &input->buf, in->len/5);
-	for (i=0, j=0; i<in->len; i+=5, j++) {
-	    tok = &in->data[i];
-	    if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ')
-		/* bad hex token */
-		break;
-
-	    rv = hex_from_2char(&tok[2], input->buf.data + j);
-	    if (rv)
-		break;
-	}
-	break;
-    case bltestHexStream:
-	SECITEM_AllocItem(arena, &input->buf, in->len/2);
-	for (i=0, j=0; i<in->len; i+=2, j++) {
-	    tok = &in->data[i];
-	    rv = hex_from_2char(tok, input->buf.data + j);
-	    if (rv)
-		break;
-	}
-	break;
-    }
-
-    if (file)
-	SECITEM_FreeItem(&fileData, PR_FALSE);
-    return rv;
-}
-
-SECStatus
-finishIO(bltestIO *output, PRFileDesc *file)
-{
-    SECStatus rv;
-    PRInt32 nb;
-    unsigned char byteval;
-    SECItem *it;
-    char hexstr[5];
-    unsigned int i;
-    if (output->pBuf.len > 0) {
-	it = &output->pBuf;
-    } else {
-	it = &output->buf;
-    }
-    switch (output->mode) {
-    case bltestBase64Encoded:
-	rv = btoa_file(it, file);
-	break;
-    case bltestBinary:
-	nb = PR_Write(file, it->data, it->len);
-	rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure;
-	break;
-    case bltestHexSpaceDelim:
-	hexstr[0] = '0';
-	hexstr[1] = 'x';
-	hexstr[4] = ' ';
-	for (i=0; i<it->len; i++) {
-	    byteval = it->data[i];
-	    rv = char2_from_hex(byteval, hexstr + 2);
-	    nb = PR_Write(file, hexstr, 5);
-	    if (rv)
-		break;
-	}
-	PR_Write(file, "\n", 1);
-	break;
-    case bltestHexStream:
-	for (i=0; i<it->len; i++) {
-	    byteval = it->data[i];
-	    rv = char2_from_hex(byteval, hexstr);
-	    if (rv)
-		break;
-	    nb = PR_Write(file, hexstr, 2);
-	}
-	PR_Write(file, "\n", 1);
-	break;
-    }
-    return rv;
-}
-
-void
-bltestCopyIO(PRArenaPool *arena, bltestIO *dest, bltestIO *src)
-{
-    SECITEM_CopyItem(arena, &dest->buf, &src->buf);
-    if (src->pBuf.len > 0) {
-	dest->pBuf.len = src->pBuf.len;
-	dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data);
-    }
-    dest->mode = src->mode;
-    dest->file = src->file;
-}
-
-void
-misalignBuffer(PRArenaPool *arena, bltestIO *io, int off)
-{
-    ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE;
-    int length = io->buf.len;
-    if (offset != off) {
-	SECITEM_ReallocItem(arena, &io->buf, length, length + 2*WORDSIZE);
-	io->buf.len = length + 2*WORDSIZE; /* why doesn't realloc do this? */
-	/* offset may have changed? */
-	offset = (ptrdiff_t)io->buf.data % WORDSIZE;
-	if (offset != off) {
-	    memmove(io->buf.data + off, io->buf.data, length);
-	    io->pBuf.data = io->buf.data + off;
-	    io->pBuf.len = length;
-	} else {
-	    io->pBuf.data = io->buf.data;
-	    io->pBuf.len = length;
-	}
-    } else {
-	io->pBuf.data = io->buf.data;
-	io->pBuf.len = length;
-    }
-}
-
-SECStatus
-des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
-            unsigned int maxOutputLen, const unsigned char *input,
-            unsigned int inputLen)
-{
-    return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen,
-                       input, inputLen);
-}
-
-SECStatus
-rsa_PublicKeyOp(void *key, unsigned char *output, const unsigned char *input)
-{
-    return RSA_PublicKeyOp((RSAPublicKey *)key, output, input);
-}
-
-SECStatus
-rsa_PrivateKeyOp(void *key, unsigned char *output, const unsigned char *input)
-{
-    return RSA_PrivateKeyOp((RSAPrivateKey *)key, output, input);
-}
-
-SECStatus
-bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    PRIntervalTime time1, time2;
-    bltestSymmKeyParams *desp = &cipherInfo->params.sk;
-    int minorMode;
-    int i;
-    switch (cipherInfo->mode) {
-    case bltestDES_ECB:	    minorMode = NSS_DES;	  break;
-    case bltestDES_CBC:	    minorMode = NSS_DES_CBC;	  break;
-    case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3;	  break;
-    case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break;
-    default:
-	return SECFailure;
-    }
-    cipherInfo->cx = (void*)DES_CreateContext(desp->key.buf.data,
-					      desp->iv.buf.data,
-					      minorMode, encrypt);
-    if (cipherInfo->cxreps > 0) {
-	DESContext **dummycx;
-	dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *));
-	TIMESTART();
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    dummycx[i] = (void*)DES_CreateContext(desp->key.buf.data,
-					          desp->iv.buf.data,
-					          minorMode, encrypt);
-	}
-	TIMEFINISH(cipherInfo->cxtime, 1.0);
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    DES_DestroyContext(dummycx[i], PR_TRUE);
-	}
-	PORT_Free(dummycx);
-    }
-    if (encrypt)
-	cipherInfo->cipher.symmkeyCipher = des_Encrypt;
-    else
-	cipherInfo->cipher.symmkeyCipher = des_Decrypt;
-    return SECSuccess;
-}
-
-SECStatus
-bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    PRIntervalTime time1, time2;
-    bltestSymmKeyParams *rc2p = &cipherInfo->params.sk;
-    int minorMode;
-    int i;
-    switch (cipherInfo->mode) {
-    case bltestRC2_ECB: minorMode = NSS_RC2;	 break;
-    case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break;
-    default:
-	return SECFailure;
-    }
-    cipherInfo->cx = (void*)RC2_CreateContext(rc2p->key.buf.data,
-					      rc2p->key.buf.len,
-					      rc2p->iv.buf.data,
-					      minorMode,
-					      rc2p->key.buf.len);
-    if (cipherInfo->cxreps > 0) {
-	RC2Context **dummycx;
-	dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *));
-	TIMESTART();
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    dummycx[i] = (void*)RC2_CreateContext(rc2p->key.buf.data,
-	                                          rc2p->key.buf.len,
-	                                          rc2p->iv.buf.data,
-	                                          minorMode,
-	                                          rc2p->key.buf.len);
-	}
-	TIMEFINISH(cipherInfo->cxtime, 1.0);
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    RC2_DestroyContext(dummycx[i], PR_TRUE);
-	}
-	PORT_Free(dummycx);
-    }
-    if (encrypt)
-	cipherInfo->cipher.symmkeyCipher = rc2_Encrypt;
-    else
-	cipherInfo->cipher.symmkeyCipher = rc2_Decrypt;
-    return SECSuccess;
-}
-
-SECStatus
-bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    PRIntervalTime time1, time2;
-    int i;
-    bltestSymmKeyParams *rc4p = &cipherInfo->params.sk;
-    cipherInfo->cx = (void*)RC4_CreateContext(rc4p->key.buf.data,
-					      rc4p->key.buf.len);
-    if (cipherInfo->cxreps > 0) {
-	RC4Context **dummycx;
-	dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *));
-	TIMESTART();
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    dummycx[i] = (void*)RC4_CreateContext(rc4p->key.buf.data,
-	                                          rc4p->key.buf.len);
-	}
-	TIMEFINISH(cipherInfo->cxtime, 1.0);
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    RC4_DestroyContext(dummycx[i], PR_TRUE);
-	}
-	PORT_Free(dummycx);
-    }
-    if (encrypt)
-	cipherInfo->cipher.symmkeyCipher = rc4_Encrypt;
-    else
-	cipherInfo->cipher.symmkeyCipher = rc4_Decrypt;
-    return SECSuccess;
-}
-
-SECStatus
-bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-#if NSS_SOFTOKEN_DOES_RC5
-    PRIntervalTime time1, time2;
-    bltestRC5Params *rc5p = &cipherInfo->params.rc5;
-    int minorMode;
-    switch (cipherInfo->mode) {
-    case bltestRC5_ECB: minorMode = NSS_RC5;	 break;
-    case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break;
-    default:
-	return SECFailure;
-    }
-    TIMESTART();
-    cipherInfo->cx = (void*)RC5_CreateContext(&rc5p->key.buf,
-					      rc5p->rounds, rc5p->wordsize,
-					      rc5p->iv.buf.data, minorMode);
-    TIMEFINISH(cipherInfo->cxtime, 1.0);
-    if (encrypt)
-	cipherInfo->cipher.symmkeyCipher = RC5_Encrypt;
-    else
-	cipherInfo->cipher.symmkeyCipher = RC5_Decrypt;
-    return SECSuccess;
-#else
-    return SECFailure;
-#endif
-}
-
-SECStatus
-bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    PRIntervalTime time1, time2;
-    bltestSymmKeyParams *aesp = &cipherInfo->params.sk;
-    int minorMode;
-    int i;
-    /* XXX */ int keylen, blocklen;
-    keylen = aesp->key.buf.len;
-    blocklen = cipherInfo->input.pBuf.len;
-    switch (cipherInfo->mode) {
-    case bltestAES_ECB:	    minorMode = NSS_AES;	  break;
-    case bltestAES_CBC:	    minorMode = NSS_AES_CBC;	  break;
-    default:
-	return SECFailure;
-    }
-    cipherInfo->cx = (void*)AES_CreateContext(aesp->key.buf.data,
-					      aesp->iv.buf.data,
-					      minorMode, encrypt, 
-                                              keylen, blocklen);
-    if (cipherInfo->cxreps > 0) {
-	AESContext **dummycx;
-	dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *));
-	TIMESTART();
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    dummycx[i] = (void*)AES_CreateContext(aesp->key.buf.data,
-					          aesp->iv.buf.data,
-					          minorMode, encrypt,
-	                                          keylen, blocklen);
-	}
-	TIMEFINISH(cipherInfo->cxtime, 1.0);
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    AES_DestroyContext(dummycx[i], PR_TRUE);
-	}
-	PORT_Free(dummycx);
-    }
-    if (encrypt)
-	cipherInfo->cipher.symmkeyCipher = aes_Encrypt;
-    else
-	cipherInfo->cipher.symmkeyCipher = aes_Decrypt;
-    return SECSuccess;
-}
-
-SECStatus
-bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    int i;
-    RSAPrivateKey **dummyKey;
-    PRIntervalTime time1, time2;
-    bltestRSAParams *rsap = &cipherInfo->params.rsa;
-    /* RSA key gen was done during parameter setup */
-    cipherInfo->cx = cipherInfo->params.rsa.rsakey;
-    /* For performance testing */
-    if (cipherInfo->cxreps > 0) {
-	/* Create space for n private key objects */
-	dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps *
-						sizeof(RSAPrivateKey *));
-	/* Time n keygens, storing in the array */
-	TIMESTART();
-	for (i=0; i<cipherInfo->cxreps; i++)
-	    dummyKey[i] = RSA_NewKey(rsap->keysizeInBits, 
-	                             &rsap->rsakey->publicExponent);
-	TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
-	/* Free the n key objects */
-	for (i=0; i<cipherInfo->cxreps; i++)
-	    PORT_FreeArena(dummyKey[i]->arena, PR_TRUE);
-	PORT_Free(dummyKey);
-    }
-    if (encrypt) {
-	/* Have to convert private key to public key.  Memory
-	 * is freed with private key's arena  */
-	RSAPublicKey *pubkey;
-	RSAPrivateKey *key = (RSAPrivateKey *)cipherInfo->cx;
-	pubkey = (RSAPublicKey *)PORT_ArenaAlloc(key->arena,
-						 sizeof(RSAPublicKey));
-	pubkey->modulus.len = key->modulus.len;
-	pubkey->modulus.data = key->modulus.data;
-	pubkey->publicExponent.len = key->publicExponent.len;
-	pubkey->publicExponent.data = key->publicExponent.data;
-	cipherInfo->cx = (void *)pubkey;
-	cipherInfo->cipher.pubkeyCipher = rsa_PublicKeyOp;
-    } else {
-	cipherInfo->cipher.pubkeyCipher = rsa_PrivateKeyOp;
-    }
-    return SECSuccess;
-}
-
-SECStatus
-bltest_pqg_init(bltestDSAParams *dsap)
-{
-    SECStatus rv, res;
-    PQGVerify *vfy = NULL;
-    rv = PQG_ParamGen(dsap->j, &dsap->pqg, &vfy);
-    CHECKERROR(rv, __LINE__);
-    rv = PQG_VerifyParams(dsap->pqg, vfy, &res);
-    CHECKERROR(res, __LINE__);
-    CHECKERROR(rv, __LINE__);
-    return rv;
-}
-
-SECStatus
-bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    int i;
-    DSAPrivateKey **dummyKey;
-    PQGParams *dummypqg;
-    PRIntervalTime time1, time2;
-    bltestDSAParams *dsap = &cipherInfo->params.dsa;
-    PQGVerify *ignore = NULL;
-    /* DSA key gen was done during parameter setup */
-    cipherInfo->cx = cipherInfo->params.dsa.dsakey;
-    /* For performance testing */
-    if (cipherInfo->cxreps > 0) {
-	/* Create space for n private key objects */
-	dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps *
-	                                         sizeof(DSAPrivateKey *));
-	/* Time n keygens, storing in the array */
-	TIMESTART();
-	for (i=0; i<cipherInfo->cxreps; i++) {
-	    dummypqg = NULL;
-	    PQG_ParamGen(dsap->j, &dummypqg, &ignore);
-	    DSA_NewKey(dummypqg, &dummyKey[i]);
-	}
-	TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
-	/* Free the n key objects */
-	for (i=0; i<cipherInfo->cxreps; i++)
-	    PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE);
-	PORT_Free(dummyKey);
-    }
-    if (!dsap->pqg && dsap->pqgdata.buf.len > 0) {
-	dsap->pqg = pqg_from_filedata(&dsap->pqgdata.buf);
-    }
-    if (!cipherInfo->cx && dsap->key.buf.len > 0) {
-	cipherInfo->cx = dsakey_from_filedata(&dsap->key.buf);
-    }
-    if (encrypt) {
-	cipherInfo->cipher.pubkeyCipher = DSA_SignDigest;
-    } else {
-	/* Have to convert private key to public key.  Memory
-	 * is freed with private key's arena  */
-	DSAPublicKey *pubkey;
-	DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx;
-	pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena,
-						  sizeof(DSAPublicKey));
-	pubkey->params.prime.len = key->params.prime.len;
-	pubkey->params.prime.data = key->params.prime.data;
-	pubkey->params.subPrime.len = key->params.subPrime.len;
-	pubkey->params.subPrime.data = key->params.subPrime.data;
-	pubkey->params.base.len = key->params.base.len;
-	pubkey->params.base.data = key->params.base.data;
-	pubkey->publicValue.len = key->publicValue.len;
-	pubkey->publicValue.data = key->publicValue.data;
-	cipherInfo->cipher.pubkeyCipher = DSA_VerifyDigest;
-    }
-    return SECSuccess;
-}
-
-/* XXX unfortunately, this is not defined in blapi.h */
-SECStatus
-md2_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-    unsigned int len;
-    MD2Context *cx = MD2_NewContext();
-    if (cx == NULL) return SECFailure;
-    MD2_Begin(cx);
-    MD2_Update(cx, src, src_length);
-    MD2_End(cx, dest, &len, MD2_LENGTH);
-    MD2_DestroyContext(cx, PR_TRUE);
-    return SECSuccess;
-}
-
-SECStatus
-md2_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-    MD2Context *cx, *cx_cpy;
-    unsigned char *cxbytes;
-    unsigned int len;
-    unsigned int i, quarter;
-    SECStatus rv;
-    cx = MD2_NewContext();
-    /* divide message by 4, restarting 3 times */
-    quarter = src_length / 4;
-    for (i=0; i<4; i++) {
-	MD2_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
-	len = MD2_FlattenSize(cx);
-	cxbytes = PORT_Alloc(len);
-	MD2_Flatten(cx, cxbytes);
-	cx_cpy = MD2_Resurrect(cxbytes, NULL);
-	if (!cx_cpy) {
-	    PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName);
-	    goto finish;
-	}
-	rv = PORT_Memcmp(cx, cx_cpy, len);
-	if (rv) {
-	    MD2_DestroyContext(cx_cpy, PR_TRUE);
-	    PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName);
-	    goto finish;
-	}
-	MD2_DestroyContext(cx_cpy, PR_TRUE);
-	PORT_Free(cxbytes);
-	src_length -= quarter;
-    }
-    MD2_End(cx, dest, &len, MD2_LENGTH);
-finish:
-    MD2_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
-
-SECStatus
-md5_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-    SECStatus rv;
-    MD5Context *cx, *cx_cpy;
-    unsigned char *cxbytes;
-    unsigned int len;
-    unsigned int i, quarter;
-    cx = MD5_NewContext();
-    /* divide message by 4, restarting 3 times */
-    quarter = src_length / 4;
-    for (i=0; i<4; i++) {
-	MD5_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
-	len = MD5_FlattenSize(cx);
-	cxbytes = PORT_Alloc(len);
-	MD5_Flatten(cx, cxbytes);
-	cx_cpy = MD5_Resurrect(cxbytes, NULL);
-	if (!cx_cpy) {
-	    PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName);
-	    goto finish;
-	}
-	rv = PORT_Memcmp(cx, cx_cpy, len);
-	if (rv) {
-	    MD5_DestroyContext(cx_cpy, PR_TRUE);
-	    PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName);
-	    goto finish;
-	}
-	MD5_DestroyContext(cx_cpy, PR_TRUE);
-	PORT_Free(cxbytes);
-	src_length -= quarter;
-    }
-    MD5_End(cx, dest, &len, MD5_LENGTH);
-finish:
-    MD5_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
-
-SECStatus
-sha1_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-    SECStatus rv;
-    SHA1Context *cx, *cx_cpy;
-    unsigned char *cxbytes;
-    unsigned int len;
-    unsigned int i, quarter;
-    cx = SHA1_NewContext();
-    /* divide message by 4, restarting 3 times */
-    quarter = src_length / 4;
-    for (i=0; i<4; i++) {
-	SHA1_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
-	len = SHA1_FlattenSize(cx);
-	cxbytes = PORT_Alloc(len);
-	SHA1_Flatten(cx, cxbytes);
-	cx_cpy = SHA1_Resurrect(cxbytes, NULL);
-	if (!cx_cpy) {
-	    PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName);
-	    goto finish;
-	}
-	rv = PORT_Memcmp(cx, cx_cpy, len);
-	if (rv) {
-	    SHA1_DestroyContext(cx_cpy, PR_TRUE);
-	    PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName);
-	    goto finish;
-	}
-	SHA1_DestroyContext(cx_cpy, PR_TRUE);
-	PORT_Free(cxbytes);
-	src_length -= quarter;
-    }
-    SHA1_End(cx, dest, &len, MD5_LENGTH);
-finish:
-    SHA1_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
-
-SECStatus
-pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file,
-	      int keysize, int exponent)
-{
-    int i;
-    SECStatus rv;
-    bltestRSAParams *rsap;
-    bltestDSAParams *dsap;
-    switch (cipherInfo->mode) {
-    case bltestRSA:
-	rsap = &cipherInfo->params.rsa;
-	if (keysize > 0) {
-	    SECItem expitem = { 0, 0, 0 };
-	    SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int));
-	    for (i = 1; i <= sizeof(int); i++)
-		expitem.data[i-1] = exponent >> (8*(sizeof(int) - i));
-	    rsap->rsakey = RSA_NewKey(keysize * 8, &expitem);
-	    serialize_key(&rsap->rsakey->version, 9, file);
-	    rsap->keysizeInBits = keysize * 8;
-	} else {
-	    setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
-	    rsap->rsakey = rsakey_from_filedata(&cipherInfo->params.key.buf);
-	    rsap->keysizeInBits = rsap->rsakey->modulus.len * 8;
-	}
-	break;
-    case bltestDSA:
-	dsap = &cipherInfo->params.dsa;
-	if (keysize > 0) {
-	    dsap->j = PQG_PBITS_TO_INDEX(8*keysize);
-	    if (!dsap->pqg)
-		bltest_pqg_init(dsap);
-	    rv = DSA_NewKey(dsap->pqg, &dsap->dsakey);
-	    CHECKERROR(rv, __LINE__);
-	    serialize_key(&dsap->dsakey->params.prime, 5, file);
-	} else {
-	    setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
-	    dsap->dsakey = dsakey_from_filedata(&cipherInfo->params.key.buf);
-	    dsap->j = PQG_PBITS_TO_INDEX(8*dsap->dsakey->params.prime.len);
-	}
-	break;
-    default:
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus
-cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-    PRBool restart;
-    switch (cipherInfo->mode) {
-    case bltestDES_ECB:
-    case bltestDES_CBC:
-    case bltestDES_EDE_ECB:
-    case bltestDES_EDE_CBC:
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  cipherInfo->input.pBuf.len);
-	return bltest_des_init(cipherInfo, encrypt);
-	break;
-    case bltestRC2_ECB:
-    case bltestRC2_CBC:
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  cipherInfo->input.pBuf.len);
-	return bltest_rc2_init(cipherInfo, encrypt);
-	break;
-    case bltestRC4:
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  cipherInfo->input.pBuf.len);
-	return bltest_rc4_init(cipherInfo, encrypt);
-	break;
-    case bltestRC5_ECB:
-    case bltestRC5_CBC:
-#if NSS_SOFTOKEN_DOES_RC5
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  cipherInfo->input.pBuf.len);
-#endif
-	return bltest_rc5_init(cipherInfo, encrypt);
-	break;
-    case bltestAES_ECB:
-    case bltestAES_CBC:
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  cipherInfo->input.pBuf.len);
-	return bltest_aes_init(cipherInfo, encrypt);
-	break;
-    case bltestRSA:
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  cipherInfo->input.pBuf.len);
-	return bltest_rsa_init(cipherInfo, encrypt);
-	break;
-    case bltestDSA:
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  DSA_SIGNATURE_LEN);
-	return bltest_dsa_init(cipherInfo, encrypt);
-	break;
-    case bltestMD2:
-	restart = cipherInfo->params.hash.restart;
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  MD2_LENGTH);
-	cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf;
-	return SECSuccess;
-	break;
-    case bltestMD5:
-	restart = cipherInfo->params.hash.restart;
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  MD5_LENGTH);
-	cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf;
-	return SECSuccess;
-	break;
-    case bltestSHA1:
-	restart = cipherInfo->params.hash.restart;
-	SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
-			  SHA1_LENGTH);
-	cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf;
-	return SECSuccess;
-	break;
-    default:
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus
-dsaOp(bltestCipherInfo *cipherInfo)
-{
-    PRIntervalTime time1, time2;
-    SECStatus rv;
-    int i;
-    int maxLen = cipherInfo->output.pBuf.len;
-    SECItem dummyOut = { 0, 0, 0 };
-    SECITEM_AllocItem(NULL, &dummyOut, maxLen);
-    if (cipherInfo->cipher.pubkeyCipher == 
-             (bltestPubKeyCipherFn)DSA_SignDigest) {
-	if (cipherInfo->params.dsa.sigseed.buf.len > 0) {
-	    rv = DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx,
-				       &cipherInfo->output.pBuf,
-				       &cipherInfo->input.pBuf,
-				       cipherInfo->params.dsa.sigseed.buf.data);
-	    CHECKERROR(rv, __LINE__);
-	    TIMESTART();
-	    for (i=0; i<cipherInfo->repetitions; i++) {
-		rv |= DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx,
-				       &dummyOut,
-				       &cipherInfo->input.pBuf,
-				       cipherInfo->params.dsa.sigseed.buf.data);
-	    }
-	    TIMEFINISH(cipherInfo->optime, 1.0);
-	    CHECKERROR(rv, __LINE__);
-	} else {
-	    rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx,
-				&cipherInfo->output.pBuf,
-				&cipherInfo->input.pBuf);
-	    CHECKERROR(rv, __LINE__);
-	    TIMESTART();
-	    for (i=0; i<cipherInfo->repetitions; i++) {
-		DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, &dummyOut,
-			       &cipherInfo->input.pBuf);
-	    }
-	    TIMEFINISH(cipherInfo->optime, 1.0);
-	}
-	bltestCopyIO(cipherInfo->arena, &cipherInfo->params.dsa.sig, 
-	             &cipherInfo->output);
-    } else {
-	rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
-			      &cipherInfo->params.dsa.sig.buf,
-			      &cipherInfo->input.pBuf);
-	CHECKERROR(rv, __LINE__);
-	TIMESTART();
-	for (i=0; i<cipherInfo->repetitions; i++) {
-	    DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
-			     &cipherInfo->params.dsa.sig.buf,
-			     &cipherInfo->input.pBuf);
-	}
-	TIMEFINISH(cipherInfo->optime, 1.0);
-    }
-    SECITEM_FreeItem(&dummyOut, PR_FALSE);
-    return rv;
-}
-
-SECStatus
-cipherDoOp(bltestCipherInfo *cipherInfo)
-{
-    PRIntervalTime time1, time2;
-    SECStatus rv;
-    int i, len;
-    int maxLen = cipherInfo->output.pBuf.len;
-    unsigned char *dummyOut;
-    if (cipherInfo->mode == bltestDSA)
-	return dsaOp(cipherInfo);
-    dummyOut = PORT_Alloc(maxLen);
-    if (is_symmkeyCipher(cipherInfo->mode)) {
-	rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx,
-						 cipherInfo->output.pBuf.data,
-						 &len, maxLen,
-						 cipherInfo->input.pBuf.data,
-						 cipherInfo->input.pBuf.len);
-	TIMESTART();
-	for (i=0; i<cipherInfo->repetitions; i++) {
-	    (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut,
-						&len, maxLen,
-						cipherInfo->input.pBuf.data,
-						cipherInfo->input.pBuf.len);
-
-	}
-	TIMEFINISH(cipherInfo->optime, 1.0);
-    } else if (is_pubkeyCipher(cipherInfo->mode)) {
-	rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx,
-						cipherInfo->output.pBuf.data,
-						cipherInfo->input.pBuf.data);
-	TIMESTART();
-	for (i=0; i<cipherInfo->repetitions; i++) {
-	    (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, dummyOut,
-					       cipherInfo->input.pBuf.data);
-	}
-	TIMEFINISH(cipherInfo->optime, 1.0);
-    } else if (is_hashCipher(cipherInfo->mode)) {
-	rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data,
-					      cipherInfo->input.pBuf.data,
-					      cipherInfo->input.pBuf.len);
-	TIMESTART();
-	for (i=0; i<cipherInfo->repetitions; i++) {
-	    (*cipherInfo->cipher.hashCipher)(dummyOut,
-					     cipherInfo->input.pBuf.data,
-					     cipherInfo->input.pBuf.len);
-	}
-	TIMEFINISH(cipherInfo->optime, 1.0);
-    }
-    PORT_Free(dummyOut);
-    return rv;
-}
-
-SECStatus
-cipherFinish(bltestCipherInfo *cipherInfo)
-{
-    switch (cipherInfo->mode) {
-    case bltestDES_ECB:
-    case bltestDES_CBC:
-    case bltestDES_EDE_ECB:
-    case bltestDES_EDE_CBC:
-	DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE);
-	break;
-    case bltestAES_ECB:
-    case bltestAES_CBC:
-	AES_DestroyContext((AESContext *)cipherInfo->cx, PR_TRUE);
-	break;
-    case bltestRC2_ECB:
-    case bltestRC2_CBC:
-	RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE);
-	break;
-    case bltestRC4:
-	RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE);
-	break;
-#if NSS_SOFTOKEN_DOES_RC5
-    case bltestRC5_ECB:
-    case bltestRC5_CBC:
-	RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE);
-	break;
-#endif
-    case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */
-    case bltestDSA: /* will be freed with it. */
-    case bltestMD2: /* hash contexts are ephemeral */
-    case bltestMD5:
-    case bltestSHA1:
-	return SECSuccess;
-	break;
-    default:
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-void
-print_exponent(SECItem *exp)
-{
-    int i;
-    int e = 0;
-    if (exp->len <= 4) {
-	for (i=exp->len; i >=0; --i) e |= exp->data[exp->len-i] << 8*(i-1);
-	fprintf(stdout, "%12d", e);
-    } else {
-	e = 8*exp->len;
-	fprintf(stdout, "~2**%-8d", e);
-    }
-}
-
-void
-dump_performance_info(bltestCipherInfo *info, PRBool encrypt, PRBool cxonly)
-{
-    PRBool td = PR_TRUE;
-    fprintf(stdout, "#%9s", "mode");
-    fprintf(stdout, "%12s", "in");
-print_td:
-    switch (info->mode) {
-    case bltestDES_ECB:
-    case bltestDES_CBC:
-    case bltestDES_EDE_ECB:
-    case bltestDES_EDE_CBC:
-    case bltestAES_ECB:
-    case bltestAES_CBC:
-    case bltestRC2_ECB:
-    case bltestRC2_CBC:
-    case bltestRC4:
-	if (td)
-	    fprintf(stdout, "%8s", "symmkey");
-	else
-	    fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len);
-	break;
-#if NSS_SOFTOKEN_DOES_RC5
-    case bltestRC5_ECB:
-    case bltestRC5_CBC:
-	if (info->params.sk.key.buf.len > 0)
-	    printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len);
-	if (info->rounds > 0)
-	    printf("rounds=%d,", info->params.rc5.rounds);
-	if (info->wordsize > 0)
-	    printf("wordsize(bytes)=%d,", info->params.rc5.wordsize);
-	break;
-#endif
-    case bltestRSA:
-	if (td) {
-	    fprintf(stdout, "%8s", "rsa_mod");
-	    fprintf(stdout, "%12s", "rsa_pe");
-	} else {
-	    fprintf(stdout, "%8d", info->params.rsa.keysizeInBits);
-	    print_exponent(&info->params.rsa.rsakey->publicExponent);
-	}
-	break;
-    case bltestDSA:
-	if (td)
-	    fprintf(stdout, "%8s", "pqg_mod");
-	else
-	    fprintf(stdout, "%8d", PQG_INDEX_TO_PBITS(info->params.dsa.j));
-	break;
-    case bltestMD2:
-    case bltestMD5:
-    case bltestSHA1:
-    default:
-	break;
-    }
-    if (!td) {
-	fprintf(stdout, "%8d", info->repetitions);
-	fprintf(stdout, "%8d", info->cxreps);
-	fprintf(stdout, "%12.3f", info->cxtime);
-	fprintf(stdout, "%12.3f", info->optime);
-	fprintf(stdout, "\n");
-	return;
-    }
-
-    fprintf(stdout, "%8s", "opreps");
-    fprintf(stdout, "%8s", "cxreps");
-    fprintf(stdout, "%12s", "context");
-    fprintf(stdout, "%12s", "op");
-    fprintf(stdout, "\n");
-    fprintf(stdout, "%8s", mode_strings[info->mode]);
-    fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd');
-    fprintf(stdout, "%12d", info->input.buf.len * info->repetitions);
-
-    td = !td;
-    goto print_td;
-}
-
-void
-printmodes()
-{
-    bltestCipherMode mode;
-    int nummodes = sizeof(mode_strings) / sizeof(char *);
-    fprintf(stderr, "%s: Available modes (specify with -m):\n", progName);
-    for (mode=0; mode<nummodes; mode++)
-	fprintf(stderr, "%s\n", mode_strings[mode]);
-}
-
-bltestCipherMode
-get_mode(const char *modestring)
-{
-    bltestCipherMode mode;
-    int nummodes = sizeof(mode_strings) / sizeof(char *);
-    for (mode=0; mode<nummodes; mode++)
-	if (PL_strcmp(modestring, mode_strings[mode]) == 0)
-	    return mode;
-    fprintf(stderr, "%s: invalid mode: %s\n", progName, modestring);
-    return bltestINVALID;
-}
-
-void
-load_file_data(PRArenaPool *arena, bltestIO *data,
-	       char *fn, bltestIOMode ioMode)
-{
-    PRFileDesc *file;
-    data->mode = ioMode;
-    data->file = NULL; /* don't use -- not saving anything */
-    data->pBuf.data = NULL;
-    data->pBuf.len = 0;
-    file = PR_Open(fn, PR_RDONLY, 00660);
-    if (file)
-	setupIO(arena, data, file, NULL, 0);
-}
-
-void
-get_params(PRArenaPool *arena, bltestParams *params, 
-	   bltestCipherMode mode, int j)
-{
-    char filename[256];
-    char *modestr = mode_strings[mode];
-#if NSS_SOFTOKEN_DOES_RC5
-    FILE *file;
-    char *mark, *param, *val;
-    int index = 0;
-#endif
-    switch (mode) {
-    case bltestDES_CBC:
-    case bltestDES_EDE_CBC:
-    case bltestRC2_CBC:
-    case bltestAES_CBC:
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
-	load_file_data(arena, &params->sk.iv, filename, bltestBinary);
-    case bltestDES_ECB:
-    case bltestDES_EDE_ECB:
-    case bltestRC2_ECB:
-    case bltestRC4:
-    case bltestAES_ECB:
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
-	load_file_data(arena, &params->sk.key, filename, bltestBinary);
-	break;
-#if NSS_SOFTOKEN_DOES_RC5
-    case bltestRC5_ECB:
-    case bltestRC5_CBC:
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
-	load_file_data(arena, &params->sk.iv, filename, bltestBinary);
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
-	load_file_data(arena, &params->sk.key, filename, bltestBinary);
-	    sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
-			      "params", j);
-	file = fopen(filename, "r");
-	if (!file) return;
-	param = malloc(100);
-	len = fread(param, 1, 100, file);
-	while (index < len) {
-	    mark = PL_strchr(param, '=');
-	    *mark = '\0';
-	    val = mark + 1;
-	    mark = PL_strchr(val, '\n');
-	    *mark = '\0';
-	    if (PL_strcmp(param, "rounds") == 0) {
-		params->rc5.rounds = atoi(val);
-	    } else if (PL_strcmp(param, "wordsize") == 0) {
-		params->rc5.wordsize = atoi(val);
-	    }
-	    index += PL_strlen(param) + PL_strlen(val) + 2;
-	    param = mark + 1;
-	}
-	break;
-#endif
-    case bltestRSA:
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
-	load_file_data(arena, &params->rsa.key, filename, bltestBase64Encoded);
-	params->rsa.rsakey = rsakey_from_filedata(&params->key.buf);
-	break;
-    case bltestDSA:
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
-	load_file_data(arena, &params->dsa.key, filename, bltestBase64Encoded);
-	params->dsa.dsakey = dsakey_from_filedata(&params->key.buf);
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j);
-	load_file_data(arena, &params->dsa.pqgdata, filename,
-		       bltestBase64Encoded);
-	params->dsa.pqg = pqg_from_filedata(&params->dsa.pqgdata.buf);
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j);
-	load_file_data(arena, &params->dsa.keyseed, filename, 
-	               bltestBase64Encoded);
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j);
-	load_file_data(arena, &params->dsa.sigseed, filename, 
-	               bltestBase64Encoded);
-	sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j);
-	load_file_data(arena, &params->dsa.sig, filename, bltestBase64Encoded);
-	break;
-    case bltestMD2:
-    case bltestMD5:
-    case bltestSHA1:
-	/*params->hash.restart = PR_TRUE;*/
-	params->hash.restart = PR_FALSE;
-	break;
-    default:
-	break;
-    }
-}
-
-SECStatus
-verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode,
-		 PRBool forward, SECStatus sigstatus)
-{
-    int res;
-    char *modestr = mode_strings[mode];
-    res = SECITEM_CompareItem(&result->pBuf, &cmp->buf);
-    if (is_sigCipher(mode)) {
-	if (forward) {
-	    if (res == 0) {
-		printf("Signature self-test for %s passed.\n", modestr);
-	    } else {
-		printf("Signature self-test for %s failed!\n", modestr);
-	    }
-	} else {
-	    if (sigstatus == SECSuccess) {
-		printf("Verification self-test for %s passed.\n", modestr);
-	    } else {
-		printf("Verification self-test for %s failed!\n", modestr);
-	    }
-	}
-	return sigstatus;
-    } else if (is_hashCipher(mode)) {
-	if (res == 0) {
-	    printf("Hash self-test for %s passed.\n", modestr);
-	} else {
-	    printf("Hash self-test for %s failed!\n", modestr);
-	}
-    } else {
-	if (forward) {
-	    if (res == 0) {
-		printf("Encryption self-test for %s passed.\n", modestr);
-	    } else {
-		printf("Encryption self-test for %s failed!\n", modestr);
-	    }
-	} else {
-	    if (res == 0) {
-		printf("Decryption self-test for %s passed.\n", modestr);
-	    } else {
-		printf("Decryption self-test for %s failed!\n", modestr);
-	    }
-	}
-    }
-    return (res != 0);
-}
-
-static SECStatus
-blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
-               PRBool encrypt, PRBool decrypt)
-{
-    bltestCipherInfo cipherInfo;
-    bltestIO pt, ct;
-    bltestCipherMode mode;
-    bltestParams *params;
-    int i, j, nummodes;
-    char *modestr;
-    char filename[256];
-    PRFileDesc *file;
-    PRArenaPool *arena;
-    SECItem item;
-    PRBool finished;
-    SECStatus rv, srv;
-
-    PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
-    arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
-    cipherInfo.arena = arena;
-
-    finished = PR_FALSE;
-    nummodes = (numModes == 0) ? NUMMODES : numModes;
-    for (i=0; i < nummodes && !finished; i++) {
-	if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue;
-	if (numModes > 0)
-	    mode = modes[i];
-	else
-	    mode = i;
-	modestr = mode_strings[mode];
-	cipherInfo.mode = mode;
-	params = &cipherInfo.params;
-	if (mode == bltestINVALID) {
-	    fprintf(stderr, "%s: Skipping invalid mode %s.\n",progName,modestr);
-	    continue;
-	}
-#ifdef TRACK_BLTEST_BUG
-	if (mode == bltestRSA) {
-	    fprintf(stderr, "[%s] Self-Testing RSA\n", __bltDBG);
-	}
-#endif
-	/* get the number of tests in the directory */
-	sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests");
-	file = PR_Open(filename, PR_RDONLY, 00660);
-	if (!file) {
-	    fprintf(stderr, "%s: File %s does not exist.\n", progName,filename);
-	    return SECFailure;
-	}
-	rv = SECU_FileToItem(&item, file);
-#ifdef TRACK_BLTEST_BUG
-	if (mode == bltestRSA) {
-	    fprintf(stderr, "[%s] Loaded data from %s\n", __bltDBG, filename);
-	}
-#endif
-	PR_Close(file);
-	/* loop over the tests in the directory */
-	for (j=0; j<(int)(item.data[0] - '0'); j++) { /* XXX bug when > 10 */
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Executing self-test #%d\n", __bltDBG, j);
-	    }
-#endif
-	    sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
-			      "plaintext", j);
-	    if (mode == bltestDSA)
-	    load_file_data(arena, &pt, filename, bltestBase64Encoded);
-	    else
-	    load_file_data(arena, &pt, filename, bltestBinary);
-	    sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
-			      "ciphertext", j);
-	    load_file_data(arena, &ct, filename, bltestBase64Encoded);
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Loaded data for  self-test #%d\n", __bltDBG, j);
-	    }
-#endif
-	    get_params(arena, params, mode, j);
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Got parameters for #%d\n", __bltDBG, j);
-	    }
-#endif
-	    /* Forward Operation (Encrypt/Sign/Hash)
-	    ** Align the input buffer (plaintext) according to request
-	    ** then perform operation and compare to ciphertext
-	    */
-	    /* XXX for now */
-	    rv = SECSuccess;
-	    if (encrypt) {
-		bltestCopyIO(arena, &cipherInfo.input, &pt);
-		misalignBuffer(arena, &cipherInfo.input, inoff);
-		memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
-		rv |= cipherInit(&cipherInfo, PR_TRUE);
-		misalignBuffer(arena, &cipherInfo.output, outoff);
-#ifdef TRACK_BLTEST_BUG
-		if (mode == bltestRSA) {
-		    fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j);
-		}
-#endif
-		rv |= cipherDoOp(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
-		if (mode == bltestRSA) {
-		    fprintf(stderr, "[%s] Performed encrypt for #%d\n", __bltDBG, j);
-		}
-#endif
-		rv |= cipherFinish(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
-		if (mode == bltestRSA) {
-		    fprintf(stderr, "[%s] Finished encrypt for #%d\n", __bltDBG, j);
-		}
-#endif
-		rv |= verify_self_test(&cipherInfo.output, 
-		                       &ct, mode, PR_TRUE, 0);
-#ifdef TRACK_BLTEST_BUG
-		if (mode == bltestRSA) {
-		    fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j);
-		}
-#endif
-		/* If testing hash, only one op to test */
-		if (is_hashCipher(mode))
-		    continue;
-		/*if (rv) return rv;*/
-	    }
-	    if (!decrypt)
-		continue;
-	    /* XXX for now */
-	    rv = SECSuccess;
-	    /* Reverse Operation (Decrypt/Verify)
-	    ** Align the input buffer (ciphertext) according to request
-	    ** then perform operation and compare to plaintext
-	    */
-	    if (mode != bltestDSA)
-		bltestCopyIO(arena, &cipherInfo.input, &ct);
-	    else
-		bltestCopyIO(arena, &cipherInfo.input, &pt);
-	    misalignBuffer(arena, &cipherInfo.input, inoff);
-	    memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
-	    rv |= cipherInit(&cipherInfo, PR_FALSE);
-	    misalignBuffer(arena, &cipherInfo.output, outoff);
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j);
-	    }
-#endif
-	    srv = SECSuccess;
-	    srv |= cipherDoOp(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Performed decrypt for #%d\n", __bltDBG, j);
-	    }
-#endif
-	    rv |= cipherFinish(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Finished decrypt for #%d\n", __bltDBG, j);
-	    }
-#endif
-	    rv |= verify_self_test(&cipherInfo.output, 
-	                           &pt, mode, PR_FALSE, srv);
-#ifdef TRACK_BLTEST_BUG
-	    if (mode == bltestRSA) {
-		fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j);
-	    }
-#endif
-	    /*if (rv) return rv;*/
-	}
-    }
-    return rv;
-}
-
-SECStatus
-dump_file(bltestCipherMode mode, char *filename)
-{
-    bltestIO keydata;
-    PRArenaPool *arena = NULL;
-    arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
-    if (mode == bltestRSA) {
-	RSAPrivateKey *key;
-	load_file_data(arena, &keydata, filename, bltestBase64Encoded);
-	key = rsakey_from_filedata(&keydata.buf);
-	dump_rsakey(key);
-    } else if (mode == bltestDSA) {
-#if 0
-	PQGParams *pqg;
-	get_file_data(filename, &item, PR_TRUE);
-	pqg = pqg_from_filedata(&item);
-	dump_pqg(pqg);
-#endif
-	DSAPrivateKey *key;
-	load_file_data(arena, &keydata, filename, bltestBase64Encoded);
-	key = dsakey_from_filedata(&keydata.buf);
-	dump_dsakey(key);
-    }
-    PORT_FreeArena(arena, PR_FALSE);
-    return SECFailure;
-}
-
-/* bltest commands */
-enum {
-    cmd_Decrypt = 0,
-    cmd_Encrypt,
-    cmd_FIPS,
-    cmd_Hash,
-    cmd_Nonce,
-    cmd_Dump,
-    cmd_Sign,
-    cmd_SelfTest,
-    cmd_Verify
-};
-
-/* bltest options */
-enum {
-    opt_B64 = 0,
-    opt_BufSize,
-    opt_Restart,
-    opt_SelfTestDir,
-    opt_Exponent,
-    opt_SigFile,
-    opt_KeySize,
-    opt_Hex,
-    opt_Input,
-    opt_PQGFile,
-    opt_Key,
-    opt_HexWSpc,
-    opt_Mode,
-    opt_Output,
-    opt_Repetitions,
-    opt_ZeroBuf,
-    opt_Rounds,
-    opt_Seed,
-    opt_SigSeedFile,
-    opt_CXReps,
-    opt_IV,
-    opt_WordSize,
-    opt_UseSeed,
-    opt_UseSigSeed,
-    opt_SeedFile,
-    opt_InputOffset,
-    opt_OutputOffset,
-    opt_MonteCarlo,
-    opt_CmdLine
-};
-
-static secuCommandFlag bltest_commands[] =
-{
-    { /* cmd_Decrypt	*/ 'D', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Encrypt	*/ 'E', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_FIPS	*/ 'F', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Hash	*/ 'H', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Nonce      */ 'N', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Dump	*/ 'P', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Sign	*/ 'S', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_SelfTest	*/ 'T', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Verify	*/ 'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag bltest_options[] =
-{
-    { /* opt_B64	  */ 'a', PR_FALSE, 0, PR_FALSE },
-    { /* opt_BufSize	  */ 'b', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Restart	  */ 'c', PR_FALSE, 0, PR_FALSE },
-    { /* opt_SelfTestDir  */ 'd', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Exponent	  */ 'e', PR_TRUE,  0, PR_FALSE },
-    { /* opt_SigFile      */ 'f', PR_TRUE,  0, PR_FALSE },
-    { /* opt_KeySize	  */ 'g', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Hex	  */ 'h', PR_FALSE, 0, PR_FALSE },
-    { /* opt_Input	  */ 'i', PR_TRUE,  0, PR_FALSE },
-    { /* opt_PQGFile	  */ 'j', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Key	  */ 'k', PR_TRUE,  0, PR_FALSE },
-    { /* opt_HexWSpc	  */ 'l', PR_FALSE, 0, PR_FALSE },
-    { /* opt_Mode	  */ 'm', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Output	  */ 'o', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Repetitions  */ 'p', PR_TRUE,  0, PR_FALSE },
-    { /* opt_ZeroBuf	  */ 'q', PR_FALSE, 0, PR_FALSE },
-    { /* opt_Rounds	  */ 'r', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Seed	  */ 's', PR_TRUE,  0, PR_FALSE },
-    { /* opt_SigSeedFile  */ 't', PR_TRUE,  0, PR_FALSE },
-    { /* opt_CXReps       */ 'u', PR_TRUE,  0, PR_FALSE },
-    { /* opt_IV		  */ 'v', PR_TRUE,  0, PR_FALSE },
-    { /* opt_WordSize	  */ 'w', PR_TRUE,  0, PR_FALSE },
-    { /* opt_UseSeed	  */ 'x', PR_FALSE, 0, PR_FALSE },
-    { /* opt_UseSigSeed	  */ 'y', PR_FALSE, 0, PR_FALSE },
-    { /* opt_SeedFile	  */ 'z', PR_FALSE, 0, PR_FALSE },
-    { /* opt_InputOffset  */ '1', PR_TRUE,  0, PR_FALSE },
-    { /* opt_OutputOffset */ '2', PR_TRUE,  0, PR_FALSE },
-    { /* opt_MonteCarlo   */ '3', PR_FALSE, 0, PR_FALSE },
-    { /* opt_CmdLine	  */ '-', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
-    char *infileName, *outfileName, *keyfileName, *ivfileName;
-    SECStatus rv;
-
-    bltestCipherInfo	 cipherInfo;
-    bltestParams	*params;
-    PRFileDesc		*file, *infile, *outfile;
-    char		*instr = NULL;
-    PRArenaPool		*arena;
-    bltestIOMode	 ioMode;
-    int			 keysize, bufsize, exponent;
-    int			 i, commandsEntered;
-    int			 inoff, outoff;
-
-    secuCommand bltest;
-    bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag);
-    bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag);
-    bltest.commands = bltest_commands;
-    bltest.options = bltest_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = RNG_RNGInit();
-    if (rv != SECSuccess) {
-    	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-    RNG_SystemInfoForRNG();
-
-    rv = SECU_ParseCommandLine(argc, argv, progName, &bltest);
-
-    PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
-    arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
-    cipherInfo.arena = arena;
-    params = &cipherInfo.params;
-    /* set some defaults */
-    infileName = outfileName = keyfileName = ivfileName = NULL;
-
-    /* Check the number of commands entered on the command line. */
-    commandsEntered = 0;
-    for (i=0; i<bltest.numCommands; i++)
-	if (bltest.commands[i].activated)
-	    commandsEntered++;
-
-    if (commandsEntered > 1 &&
-	!(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) {
-	fprintf(stderr, "%s: one command at a time!\n", progName);
-	Usage();
-    }
-    if (commandsEntered == 0) {
-	fprintf(stderr, "%s: you must enter a command!\n", progName);
-	Usage();
-    }
-
-    if (bltest.commands[cmd_Sign].activated)
-	bltest.commands[cmd_Encrypt].activated = PR_TRUE;
-    if (bltest.commands[cmd_Verify].activated)
-	bltest.commands[cmd_Decrypt].activated = PR_TRUE;
-    if (bltest.commands[cmd_Hash].activated)
-	bltest.commands[cmd_Encrypt].activated = PR_TRUE;
-
-    inoff = outoff = 0;
-    if (bltest.options[opt_InputOffset].activated)
-	inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg);
-    if (bltest.options[opt_OutputOffset].activated)
-	outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg);
-
-    testdir = (bltest.options[opt_SelfTestDir].activated) ? 
-                 strdup(bltest.options[opt_SelfTestDir].arg) : ".";
-
-    /*
-     * Handle three simple cases first
-     */
-
-    /* Do BLAPI self-test */
-    if (bltest.commands[cmd_SelfTest].activated) {
-	PRBool encrypt = PR_TRUE, decrypt = PR_TRUE;
-	/* user may specified a set of ciphers to test.  parse them. */
-	bltestCipherMode modesToTest[NUMMODES];
-	int numModesToTest = 0;
-	char *tok, *str;
-	str = bltest.options[opt_Mode].arg;
-	while (str) {
-	    tok = strchr(str, ',');
-	    if (tok) *tok = '\0';
-	    modesToTest[numModesToTest++] = get_mode(str);
-	    if (tok) {
-		*tok = ',';
-		str = tok + 1;
-	    } else {
-		break;
-	    }
-	}
-	if (bltest.commands[cmd_Decrypt].activated &&
-	    !bltest.commands[cmd_Encrypt].activated)
-	    encrypt = PR_FALSE;
-	if (bltest.commands[cmd_Encrypt].activated &&
-	    !bltest.commands[cmd_Decrypt].activated)
-	    decrypt = PR_FALSE;
-	return blapi_selftest(modesToTest, numModesToTest, inoff, outoff,
-	                      encrypt, decrypt);
-    }
-
-    /* Do FIPS self-test */
-    if (bltest.commands[cmd_FIPS].activated) {
-	CK_RV ckrv = pk11_fipsPowerUpSelfTest();
-	fprintf(stdout, "CK_RV: %ld.\n", ckrv);
-	return 0;
-    }
-
-    /*
-     * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify
-     */
-
-    if ((bltest.commands[cmd_Decrypt].activated ||
-	 bltest.commands[cmd_Verify].activated) &&
-	bltest.options[opt_BufSize].activated) {
-	fprintf(stderr, "%s: cannot use a nonce as input to decrypt/verify.\n",
-			 progName);
-	Usage();
-    }
-
-    if (bltest.options[opt_Mode].activated) {
-	cipherInfo.mode = get_mode(bltest.options[opt_Mode].arg);
-	if (cipherInfo.mode == bltestINVALID) {
-	    fprintf(stderr, "%s: Invalid mode \"%s\"\n", progName,
-			     bltest.options[opt_Mode].arg);
-	    Usage();
-	}
-    } else {
-	fprintf(stderr, "%s: You must specify a cipher mode with -m.\n",
-			 progName);
-	Usage();
-    }
-
-    if (bltest.options[opt_Repetitions].activated) {
-	cipherInfo.repetitions = PORT_Atoi(bltest.options[opt_Repetitions].arg);
-    } else {
-	cipherInfo.repetitions = 0;
-    }
-
-
-    if (bltest.options[opt_CXReps].activated) {
-	cipherInfo.cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg);
-    } else {
-	cipherInfo.cxreps = 0;
-    }
-
-    /* Dump a file (rsakey, dsakey, etc.) */
-    if (bltest.commands[cmd_Dump].activated) {
-	return dump_file(cipherInfo.mode, bltest.options[opt_Input].arg);
-    }
-
-    /* default input mode is binary */
-    ioMode = (bltest.options[opt_B64].activated)     ? bltestBase64Encoded :
-	     (bltest.options[opt_Hex].activated)     ? bltestHexStream :
-	     (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim :
-						       bltestBinary;
-
-    if (bltest.options[opt_KeySize].activated)
-	keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
-    else
-	keysize = 0;
-
-    if (bltest.options[opt_Exponent].activated)
-	exponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
-    else
-	exponent = 65537;
-
-    /* Set up an encryption key. */
-    keysize = 0;
-    file = NULL;
-    if (is_symmkeyCipher(cipherInfo.mode)) {
-	char *keystr = NULL;  /* if key is on command line */
-	if (bltest.options[opt_Key].activated) {
-	    if (bltest.options[opt_CmdLine].activated) {
-		keystr = bltest.options[opt_Key].arg;
-	    } else {
-		file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
-	    }
-	} else {
-	    if (bltest.options[opt_KeySize].activated)
-		keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
-	    else
-		keysize = 8; /* use 64-bit default (DES) */
-	    /* save the random key for reference */
-	    file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
-	}
-	params->key.mode = ioMode;
-	setupIO(cipherInfo.arena, &params->key, file, keystr, keysize);
-	if (file)
-	    PR_Close(file);
-    } else if (is_pubkeyCipher(cipherInfo.mode)) {
-	if (bltest.options[opt_Key].activated) {
-	    file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
-	} else {
-	    if (bltest.options[opt_KeySize].activated)
-		keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
-	    else
-		keysize = 64; /* use 512-bit default */
-	    file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
-	}
-	params->key.mode = bltestBase64Encoded;
-	pubkeyInitKey(&cipherInfo, file, keysize, exponent);
-	PR_Close(file);
-    }
-
-    /* set up an initialization vector. */
-    if (cipher_requires_IV(cipherInfo.mode)) {
-	char *ivstr = NULL;
-	bltestSymmKeyParams *skp;
-	file = NULL;
-	if (cipherInfo.mode == bltestRC5_CBC)
-	    skp = (bltestSymmKeyParams *)&params->rc5;
-	else
-	    skp = &params->sk;
-	if (bltest.options[opt_IV].activated) {
-	    if (bltest.options[opt_CmdLine].activated) {
-		ivstr = bltest.options[opt_IV].arg;
-	    } else {
-		file = PR_Open(bltest.options[opt_IV].arg, PR_RDONLY, 00660);
-	    }
-	} else {
-	    /* save the random iv for reference */
-	    file = PR_Open("tmp.iv", PR_WRONLY|PR_CREATE_FILE, 00660);
-	}
-	memset(&skp->iv, 0, sizeof skp->iv);
-	skp->iv.mode = ioMode;
-	setupIO(cipherInfo.arena, &skp->iv, file, ivstr, keysize);
-	if (file)
-	    PR_Close(file);
-    }
-
-    if (bltest.commands[cmd_Verify].activated) {
-	if (!bltest.options[opt_SigFile].activated) {
-	    fprintf(stderr, "%s: You must specify a signature file with -f.\n",
-	            progName);
-	    exit(-1);
-	}
-	file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660);
-	memset(&cipherInfo.params.dsa.sig, 0, sizeof(bltestIO));
-	cipherInfo.params.dsa.sig.mode = ioMode;
-	setupIO(cipherInfo.arena, &cipherInfo.params.dsa.sig, file, NULL, 0);
-    }
-
-    if (bltest.options[opt_PQGFile].activated) {
-	file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660);
-	params->dsa.pqgdata.mode = bltestBase64Encoded;
-	setupIO(cipherInfo.arena, &params->dsa.pqgdata, file, NULL, 0);
-    }
-
-    /* Set up the input buffer */
-    if (bltest.options[opt_Input].activated) {
-	if (bltest.options[opt_CmdLine].activated) {
-	    instr = bltest.options[opt_Input].arg;
-	    infile = NULL;
-	} else {
-	    infile = PR_Open(bltest.options[opt_Input].arg, PR_RDONLY, 00660);
-	}
-    } else if (bltest.options[opt_BufSize].activated) {
-	/* save the random plaintext for reference */
-	infile = PR_Open("tmp.in", PR_WRONLY|PR_CREATE_FILE, 00660);
-    } else {
-	infile = PR_STDIN;
-    }
-    cipherInfo.input.mode = ioMode;
-
-    /* Set up the output stream */
-    if (bltest.options[opt_Output].activated) {
-	outfile = PR_Open(bltest.options[opt_Output].arg,
-			  PR_WRONLY|PR_CREATE_FILE, 00660);
-    } else {
-	outfile = PR_STDOUT;
-    }
-    cipherInfo.output.mode = ioMode;
-
-    if (is_hashCipher(cipherInfo.mode))
-	cipherInfo.params.hash.restart = bltest.options[opt_Restart].activated;
-
-    bufsize = 0;
-    if (bltest.options[opt_BufSize].activated)
-	bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg);
-
-    /*infile = NULL;*/
-    setupIO(cipherInfo.arena, &cipherInfo.input, infile, instr, bufsize);
-    misalignBuffer(cipherInfo.arena, &cipherInfo.input, inoff);
-
-    cipherInit(&cipherInfo, bltest.commands[cmd_Encrypt].activated);
-    misalignBuffer(cipherInfo.arena, &cipherInfo.output, outoff);
-
-    if (!bltest.commands[cmd_Nonce].activated) {
-	if (bltest.options[opt_MonteCarlo].activated) {
-	    int mciter;
-	    for (mciter=0; mciter<10000; mciter++) {
-		cipherDoOp(&cipherInfo);
-		memcpy(cipherInfo.input.buf.data,
-		       cipherInfo.output.buf.data,
-		       cipherInfo.input.buf.len);
-	    }
-	} else {
-	    cipherDoOp(&cipherInfo);
-	}
-	cipherFinish(&cipherInfo);
-	finishIO(&cipherInfo.output, outfile);
-    }
-
-    if (cipherInfo.repetitions > 0 || cipherInfo.cxreps > 0)
-	dump_performance_info(&cipherInfo, 
-	                      bltest.commands[cmd_Encrypt].activated,
-	                      (cipherInfo.repetitions == 0));
-
-    if (infile && infile != PR_STDIN)
-	PR_Close(infile);
-    if (outfile && outfile != PR_STDOUT)
-	PR_Close(outfile);
-    PORT_FreeArena(cipherInfo.arena, PR_TRUE);
-
-    /*NSS_Shutdown();*/
-
-    return SECSuccess;
-}
diff --git a/security/nss/cmd/bltest/manifest.mn b/security/nss/cmd/bltest/manifest.mn
deleted file mode 100644
index 4726d2a39..000000000
--- a/security/nss/cmd/bltest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-REQUIRES = seccmd dbm
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-PROGRAM = bltest
-
- USE_STATIC_LIBS = 1
-
-EXPORTS = \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	$(NULL)
-
-CSRCS = \
-	blapitest.c \
-	$(NULL)
-
diff --git a/security/nss/cmd/bltest/tests/README b/security/nss/cmd/bltest/tests/README
deleted file mode 100644
index 998639aee..000000000
--- a/security/nss/cmd/bltest/tests/README
+++ /dev/null
@@ -1,26 +0,0 @@
-This directory contains a set of tests for each cipher supported by BLAPI.  Each subdirectory contains known plaintext and ciphertext pairs (and keys and/or iv's if needed).  The tests can be run as a full set with:
-bltest -T
-or as subsets, for example:
-bltest -T des_ecb rc2 rsa
-
-In each subdirectory, the plaintext, key, and iv are ascii, and treated as such.  The ciphertext is base64-encoded to avoid the hassle of binary files.
-
-To add a test, incremement the value in the numtests file.  Create a plaintext, key, and iv file, such that the name of the file is incrememted one from the last set of tests.  For example, if you are adding the second test, put your data in files named plaintext1, key1, and iv1 (ignoring key and iv if they are not needed, of course).  Make sure your key and iv are the correct number of bytes for your cipher (a trailing \n is okay, but any other trailing bytes will be used!).  Once you have your input data, create output data by running bltest on a trusted implementation.  For example, for a new DES ECB test, run
-bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a
-in the tests/des_ecb directory.  Then run
-bltest -T des_ecb
-from the cmd/bltest directory in the tree of the implementation you want to test.
-
-Note that the -a option above is important, it tells bltest to expect the input to be straight ASCII, and not base64 encoded binary!
-
-Special cases:
-
-RC5:
-RC5 can take additional parameters, the number of rounds to perform and the wordsize to use.  The number of rounds is between is between 0 and 255, and the wordsize is either is either 16, 32, or 64 bits (at this time only 32-bit is supported).  These parameters are specified in a paramsN file, where N is an index as above.  The format of the file is "rounds=R\nwordsize=W\n".
-
-public key modes (RSA and DSA):
-Asymmetric key ciphers use keys with special properties, so creating a key file with "Mozilla!" in it will not get you very far!  To create a public key, run bltest with the plaintext you want to encrypt, using a trusted implementation.  bltest will generate a key and store it in "tmp.key", rename that file to keyN.  For example:
-bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
-mv tmp.key key0
-
-[note: specifying a keysize (-g) when using RSA is important!]
\ No newline at end of file
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
deleted file mode 100644
index 040a397d7..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-oJLgOzZ1GiWt3DGo2sPKaA==

diff --git a/security/nss/cmd/bltest/tests/aes_cbc/iv0 b/security/nss/cmd/bltest/tests/aes_cbc/iv0
deleted file mode 100644
index 4e65bc034..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-qwertyuiopasdfgh
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/key0 b/security/nss/cmd/bltest/tests/aes_cbc/key0
deleted file mode 100644
index 13911cc29..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/numtests b/security/nss/cmd/bltest/tests/aes_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 b/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
deleted file mode 100644
index 8d6a8d555..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
deleted file mode 100644
index d6818c1d0..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-PVuaCIiaKQhblgFCbVMTTg==

diff --git a/security/nss/cmd/bltest/tests/aes_ecb/key0 b/security/nss/cmd/bltest/tests/aes_ecb/key0
deleted file mode 100644
index 13911cc29..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/numtests b/security/nss/cmd/bltest/tests/aes_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 b/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
deleted file mode 100644
index 8d6a8d555..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
deleted file mode 100644
index 61dae3192..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-KV3MDNGKWOc=
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/iv0 b/security/nss/cmd/bltest/tests/des3_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/key0 b/security/nss/cmd/bltest/tests/des3_cbc/key0
deleted file mode 100644
index 588efd111..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/numtests b/security/nss/cmd/bltest/tests/des3_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
deleted file mode 100644
index 76dc820d3..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-RgckVNh4QcM=
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/key0 b/security/nss/cmd/bltest/tests/des3_ecb/key0
deleted file mode 100644
index 588efd111..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/numtests b/security/nss/cmd/bltest/tests/des3_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
deleted file mode 100644
index 67d2ad1aa..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-Perdg9FMYQ4=
diff --git a/security/nss/cmd/bltest/tests/des_cbc/iv0 b/security/nss/cmd/bltest/tests/des_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des_cbc/key0 b/security/nss/cmd/bltest/tests/des_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_cbc/numtests b/security/nss/cmd/bltest/tests/des_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
deleted file mode 100644
index 8be22fa5c..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3bNoWzzNiFc=
diff --git a/security/nss/cmd/bltest/tests/des_ecb/key0 b/security/nss/cmd/bltest/tests/des_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_ecb/numtests b/security/nss/cmd/bltest/tests/des_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/dsa/ciphertext0 b/security/nss/cmd/bltest/tests/dsa/ciphertext0
deleted file mode 100644
index 8e7150562..000000000
--- a/security/nss/cmd/bltest/tests/dsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg==
diff --git a/security/nss/cmd/bltest/tests/dsa/key0 b/security/nss/cmd/bltest/tests/dsa/key0
deleted file mode 100644
index e582eeb04..000000000
--- a/security/nss/cmd/bltest/tests/dsa/key0
+++ /dev/null
@@ -1,6 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s

-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA

-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc

-xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW

-ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv

-3hwP/HsuO0mLJgYU

diff --git a/security/nss/cmd/bltest/tests/dsa/keyseed0 b/security/nss/cmd/bltest/tests/dsa/keyseed0
deleted file mode 100644
index 6eea359db..000000000
--- a/security/nss/cmd/bltest/tests/dsa/keyseed0
+++ /dev/null
@@ -1 +0,0 @@
-AAAAAAAAAAAAAAAAAAAAAAAAAAA=

diff --git a/security/nss/cmd/bltest/tests/dsa/numtests b/security/nss/cmd/bltest/tests/dsa/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/dsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/dsa/plaintext0 b/security/nss/cmd/bltest/tests/dsa/plaintext0
deleted file mode 100644
index 48fbdb6fd..000000000
--- a/security/nss/cmd/bltest/tests/dsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=

diff --git a/security/nss/cmd/bltest/tests/dsa/pqg0 b/security/nss/cmd/bltest/tests/dsa/pqg0
deleted file mode 100644
index f16326ccc..000000000
--- a/security/nss/cmd/bltest/tests/dsa/pqg0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s

-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA

-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc

-xC6fb0ZLCIzFcq9T5teIAg==

diff --git a/security/nss/cmd/bltest/tests/dsa/sigseed0 b/security/nss/cmd/bltest/tests/dsa/sigseed0
deleted file mode 100644
index 05d7fd2d6..000000000
--- a/security/nss/cmd/bltest/tests/dsa/sigseed0
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=

diff --git a/security/nss/cmd/bltest/tests/md2/ciphertext0 b/security/nss/cmd/bltest/tests/md2/ciphertext0
deleted file mode 100644
index 22e1fc496..000000000
--- a/security/nss/cmd/bltest/tests/md2/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-CS/UNcrWhB5Knt7Gf8Tz3Q==
diff --git a/security/nss/cmd/bltest/tests/md2/numtests b/security/nss/cmd/bltest/tests/md2/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/md2/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md2/plaintext0 b/security/nss/cmd/bltest/tests/md2/plaintext0
deleted file mode 100644
index dce2994ba..000000000
--- a/security/nss/cmd/bltest/tests/md2/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-16-bytes to MD2.
diff --git a/security/nss/cmd/bltest/tests/md5/ciphertext0 b/security/nss/cmd/bltest/tests/md5/ciphertext0
deleted file mode 100644
index ea11ee523..000000000
--- a/security/nss/cmd/bltest/tests/md5/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-XN8lnQuWAiMqmSGfvd8Hdw==
diff --git a/security/nss/cmd/bltest/tests/md5/numtests b/security/nss/cmd/bltest/tests/md5/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/md5/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md5/plaintext0 b/security/nss/cmd/bltest/tests/md5/plaintext0
deleted file mode 100644
index 5ae3875e2..000000000
--- a/security/nss/cmd/bltest/tests/md5/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-63-byte input to MD5 can be a bit tricky, but no problems here.
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
deleted file mode 100644
index d964ef864..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3ki6eVsWpY8=
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 b/security/nss/cmd/bltest/tests/rc2_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/key0 b/security/nss/cmd/bltest/tests/rc2_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/numtests b/security/nss/cmd/bltest/tests/rc2_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
deleted file mode 100644
index 337d30765..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-WT+tc4fANhQ=
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/key0 b/security/nss/cmd/bltest/tests/rc2_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/numtests b/security/nss/cmd/bltest/tests/rc2_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext0 b/security/nss/cmd/bltest/tests/rc4/ciphertext0
deleted file mode 100644
index 004f13472..000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20k=
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext1 b/security/nss/cmd/bltest/tests/rc4/ciphertext1
deleted file mode 100644
index 6050da4c6..000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M=
diff --git a/security/nss/cmd/bltest/tests/rc4/key0 b/security/nss/cmd/bltest/tests/rc4/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc4/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/key1 b/security/nss/cmd/bltest/tests/rc4/key1
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc4/key1
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/numtests b/security/nss/cmd/bltest/tests/rc4/numtests
deleted file mode 100644
index 0cfbf0888..000000000
--- a/security/nss/cmd/bltest/tests/rc4/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext0 b/security/nss/cmd/bltest/tests/rc4/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext1 b/security/nss/cmd/bltest/tests/rc4/plaintext1
deleted file mode 100644
index d41abc7b8..000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!Mozilla!Mozilla!Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
deleted file mode 100644
index 544713b33..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qsv4Fn2J6d0=
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 b/security/nss/cmd/bltest/tests/rc5_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/key0 b/security/nss/cmd/bltest/tests/rc5_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/numtests b/security/nss/cmd/bltest/tests/rc5_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/params0 b/security/nss/cmd/bltest/tests/rc5_cbc/params0
deleted file mode 100644
index d68e0362d..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
deleted file mode 100644
index 133777dd0..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-4ZKK/1v5Ohc=
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/key0 b/security/nss/cmd/bltest/tests/rc5_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/numtests b/security/nss/cmd/bltest/tests/rc5_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/params0 b/security/nss/cmd/bltest/tests/rc5_ecb/params0
deleted file mode 100644
index d68e0362d..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rsa/ciphertext0 b/security/nss/cmd/bltest/tests/rsa/ciphertext0
deleted file mode 100644
index 943ea599a..000000000
--- a/security/nss/cmd/bltest/tests/rsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as=
diff --git a/security/nss/cmd/bltest/tests/rsa/key0 b/security/nss/cmd/bltest/tests/rsa/key0
deleted file mode 100644
index 1352fe986..000000000
--- a/security/nss/cmd/bltest/tests/rsa/key0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA

-IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39

-oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA

-EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ==

diff --git a/security/nss/cmd/bltest/tests/rsa/numtests b/security/nss/cmd/bltest/tests/rsa/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rsa/plaintext0 b/security/nss/cmd/bltest/tests/rsa/plaintext0
deleted file mode 100644
index d915bc88c..000000000
--- a/security/nss/cmd/bltest/tests/rsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-512bitsforRSAPublicKeyEncryption
diff --git a/security/nss/cmd/bltest/tests/sha1/ciphertext0 b/security/nss/cmd/bltest/tests/sha1/ciphertext0
deleted file mode 100644
index 1fe4bd2bd..000000000
--- a/security/nss/cmd/bltest/tests/sha1/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-cDSMAygXMPIJZC5bntZ4ZhecQ9g=
diff --git a/security/nss/cmd/bltest/tests/sha1/numtests b/security/nss/cmd/bltest/tests/sha1/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/sha1/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/sha1/plaintext0 b/security/nss/cmd/bltest/tests/sha1/plaintext0
deleted file mode 100644
index 863e79c65..000000000
--- a/security/nss/cmd/bltest/tests/sha1/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-A cage went in search of a bird.
diff --git a/security/nss/cmd/btoa/Makefile b/security/nss/cmd/btoa/Makefile
deleted file mode 100644
index 763faa253..000000000
--- a/security/nss/cmd/btoa/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/btoa/btoa.c b/security/nss/cmd/btoa/btoa.c
deleted file mode 100644
index d58805c65..000000000
--- a/security/nss/cmd/btoa/btoa.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32 
-output_ascii (void *arg, const char *obuf, PRInt32 size)
-{
-    FILE *outFile = arg;
-    int nb;
-
-    nb = fwrite(obuf, 1, size, outFile);
-    if (nb != size) {
-	PORT_SetError(SEC_ERROR_IO);
-	return -1;
-    }
-
-    return nb;
-}
-
-static SECStatus
-encode_file(FILE *outFile, FILE *inFile)
-{
-    NSSBase64Encoder *cx;
-    int nb;
-    SECStatus status = SECFailure;
-    unsigned char ibuf[4096];
-
-    cx = NSSBase64Encoder_Create(output_ascii, outFile);
-    if (!cx) {
-	return -1;
-    }
-
-    for (;;) {
-	if (feof(inFile)) break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb != sizeof(ibuf)) {
-	    if (nb == 0) {
-		if (ferror(inFile)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    goto loser;
-		}
-		/* eof */
-		break;
-	    }
-	}
-
-	status = NSSBase64Encoder_Update(cx, ibuf, nb);
-	if (status != SECSuccess) goto loser;
-    }
-
-    status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
-    if (status != SECSuccess)
-	return status;
-
-    /*
-     * Add a trailing CRLF.  Note this must be done *after* the call
-     * to Destroy above (because only then are we sure all data has
-     * been written out).
-     */
-    fwrite("\r\n", 1, 2, outFile);
-    return SECSuccess;
-
-  loser:
-    (void) NSSBase64Encoder_Destroy(cx, PR_TRUE);
-    return status;
-}
-
-static void Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage: %s [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    char *progName;
-    SECStatus rv;
-    FILE *inFile, *outFile;
-    PLOptState *optstate;
-    PLOptStatus status;
-
-    inFile = 0;
-    outFile = 0;
-    progName = strrchr(argv[0], '/');
-    if (!progName)
-	progName = strrchr(argv[0], '\\');
-    progName = progName ? progName+1 : argv[0];
-
-    /* Parse command line arguments */
-    optstate = PL_CreateOptState(argc, argv, "i:o:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  default:
-	    Usage(progName);
-	    break;
-
-	  case 'i':
-	    inFile = fopen(optstate->value, "rb");
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-	}
-    }
-    if (status == PL_OPT_BAD)
-	Usage(progName);
-    if (!inFile) {
-#if defined(WIN32)
-	/* If we're going to read binary data from stdin, we must put stdin
-	** into O_BINARY mode or else incoming \r\n's will become \n's.
-	*/
-
-	int smrv = _setmode(_fileno(stdin), _O_BINARY);
-	if (smrv == -1) {
-	    fprintf(stderr,
-	    "%s: Cannot change stdin to binary mode. Use -i option instead.\n",
-	            progName);
-	    return smrv;
-	}
-#endif
-    	inFile = stdin;
-    }
-    if (!outFile) 
-    	outFile = stdout;
-    rv = encode_file(outFile, inFile);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
-		progName, PORT_GetError(), errno);
-	return -1;
-    }
-    return 0;
-}
diff --git a/security/nss/cmd/btoa/makefile.win b/security/nss/cmd/btoa/makefile.win
deleted file mode 100644
index 28d3ee873..000000000
--- a/security/nss/cmd/btoa/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = btoa
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/btoa/manifest.mn b/security/nss/cmd/btoa/manifest.mn
deleted file mode 100644
index 8bbf6ee00..000000000
--- a/security/nss/cmd/btoa/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# MODULE is implicitly REQUIRED, doesn't need to be listed below.
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = btoa.c
-
-PROGRAM	= btoa
-
diff --git a/security/nss/cmd/certcgi/HOWTO.txt b/security/nss/cmd/certcgi/HOWTO.txt
deleted file mode 100644
index f02ad32fd..000000000
--- a/security/nss/cmd/certcgi/HOWTO.txt
+++ /dev/null
@@ -1,168 +0,0 @@
-        How to setup your very own Cert-O-Matic Root CA server
-
-***** BEGIN LICENSE BLOCK *****
-Version: MPL 1.1/GPL 2.0/LGPL 2.1
-
-The contents of this file are subject to the Mozilla Public License Version 
-1.1 (the "License"); you may not use this file except in compliance with 
-the License. You may obtain a copy of the License at 
-http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS IS" basis,
-WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-for the specific language governing rights and limitations under the
-License.
-
-The Original Code is Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape Communications 
-Corporation.  Portions created by the Initial Developer are 
-Copyright (C) 2001 the Initial Developer. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the terms of
-either the GNU General Public License Version 2 or later (the "GPL"), or
-the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-in which case the provisions of the GPL or the LGPL are applicable instead
-of those above. If you wish to allow use of your version of this file only
-under the terms of either the GPL or the LGPL, and not to allow others to
-use your version of this file under the terms of the MPL, indicate your
-decision by deleting the provisions above and replace them with the notice
-and other provisions required by the GPL or the LGPL. If you do not delete
-the provisions above, a recipient may use your version of this file under
-the terms of any one of the MPL, the GPL or the LGPL.
-
-***** END LICENSE BLOCK *****
-
-        How to setup your very own Cert-O-Matic Root CA server
-
-The program certcgi is part of a small test CA that is used inside 
-Netscape by the NSS development team.  That CA is affectionately known
-as "Cert-O-Matic" or "Cert-O-Matic II".  It presently runs on a server
-named interzone.mcom.com inside Netscape's firewall.
-
-If you wish to setup your own Cert-O-Matic, here are directions.
-
-Disclaimer:  This program does not follow good practices for root CAs.
-It should be used only for playing/testing and never for production use.
-Remember, you've been warned!
-
-Cert-O-Matic consists of some html files, shell scripts, one executable
-program that uses NSS and NSPR, the usual set of NSS .db files, and a file
-in which to remember the serial number of the last cert issued.  The 
-html files and the source to the executable program are in this directory.
-Sample shell scripts are shown below.  
-
-The shell scripts and executable program run as CGI "scripts".  The
-entire thing runs on an ordinary http web server.  It would also run on
-an https web server.  The shell scripts and html files must be
-customized for the server on which they run.
-
-The package assumes you have a "document root" directory $DOCROOT, and a
-"cgi-bin" directory $CGIBIN.  In this example, the document root is
-assumed to be located in /var/www/htdocs, and the cgi-bin directory in
-/var/www/cgi-bin.
-
-The server is assumed to run all cgi scripts as the user "nobody".
-The names of the cgi scripts run directly by the server all end in .cgi
-because some servers like it that way.
-
-Instructions:
-
-- Create directory $DOCROOT/certomatic
-- Copy the following files from nss/cmd/certcgi to $DOCROOT/certomatic
-        ca.html index.html main.html nscp_ext_form.html stnd_ext_form.html
-- Edit the html files, substituting the name of your own server for the
-  server named in those files.
-- In some web page (e.g. your server's home page), provide an html link to
-  $DOCROOT/certomatic/index.html. This is where users start to get their
-  own certs from certomatic.
-- give these files and directories appropriate permissions.
-
-- Create directories $CGIBIN/certomatic and $CGIBIN/certomatic/bin
-  make sure that $CGIBIN/certomatic is writable by "nobody"
-
-- Create a new set of NSS db files there with the following command:
-
-        certutil -N -d $CGIBIN/certomatic
-
-- when certutil prompts you for the password, enter the word foo
-  because that is compiled into the certcgi program.
-
-- Create the new Root CA cert with this command
-
-        certutil -S -x -d $CGIBIN/certomatic -n "Cert-O-Matic II" \
-        -s "CN=Cert-O-Matic II, O=Cert-O-Matic II" -t TCu,cu,cu -k rsa \
-        -g 1024 -m 10001 -v 60
-
-  (adjust the -g, -m and -v parameters to taste.  -s and -x must be as
-shown.)
-
-- dump out the new root CA cert in base64 encoding:
-
-        certutil -d $CGIBIN/certomatic -L -n "Cert-O-Matic II" -a > \
-          $CGIBIN/certomatic/root.cacert
-
-- In $CGIBIN/certomatic/bin add two shell scripts - one to download the
-  root CA cert on demand, and one to run the certcgi program.
-
-download.cgi, the script to install the root CA cert into a browser on
-demand, is this:
-
-#!/bin/sh
-echo "Content-type: application/x-x509-ca-cert"
-echo
-cat $CGIBIN/certomatic/root.cacert
-
-You'll have to put the real path into that cat command because CGIBIN
-won't be defined when this script is run by the server.
-
-certcgi.cgi, the script to run the certcgi program is similar to this:
-
-#!/bin/sh
-cd $CGIBIN/certomatic/bin
-LD_LIBRARY_PATH=$PLATFORM/lib
-export LD_LIBRARY_PATH
-$PLATFORM/bin/certcgi $* 2>&1
-
-Where $PLATFORM/lib is where the NSPR nad NSS DSOs are located, and
-$PLATFORM/bin is where certcgi is located.  PLATFORM is not defined when 
-the server runs this script, so you'll have to substitute the right value 
-in your script.  certcgi requires that the working directory be one level 
-below the NSS DBs, that is, the DBs are accessed in the directory "..".
-
-You'll want to provide an html link somewhere to the script that downloads
-the root.cacert file.  You'll probably want to put that next to the link
-that loads the index.html page.  On interzone, this is done with the 
-following html:
-
-<a href="/certomatic/index.html">Cert-O-Matic II Root CA server</a>
-<p>
-<a href="/cgi-bin/certomatic/bin/download.cgi">Download and trust Root CA
-certificate</a>
-
-The index.html file in this directory invokes the certcgi.cgi script with 
-the form post method, so if you change the name of the certcgi.cgi script, 
-you'll also have to change the index.html file in $DOCROOT/certomatic
-
-The 4 files used by the certcgi program (the 3 NSS DBs, and the serial
-number file) are not required to live in $CGIBIN/certomatic, but they are
-required to live in $CWD/.. when certcgi starts.
-
-Known bugs:
-
-1. Because multiple of these CAs exist simultaneously, it would be best if 
-they didn't all have to be called "Cert-O-Matic II", but that string is 
-presently hard coded into certcgi.c.
-
-2. the html files in this directory contain numerous extraneous <FORM> tags
-which appear to use the post method and have action URLS that are never
-actually used.  burp.cgi and echoform.cgi are never actually used.  This
-should be cleaned up.
-
-3. The html files use <layer> tags which are supported only in Netscape 
-Navigator and Netscape Communication 4.x browsers.  The html files do 
-not work as intended with Netscape 6.x, Mozilla or Microsoft IE browsers.
-The html files should be fixed to work with all those named browsers.
-
diff --git a/security/nss/cmd/certcgi/Makefile b/security/nss/cmd/certcgi/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/certcgi/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/certcgi/ca.html b/security/nss/cmd/certcgi/ca.html
deleted file mode 100644
index b9ffd8238..000000000
--- a/security/nss/cmd/certcgi/ca.html
+++ /dev/null
@@ -1,48 +0,0 @@
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-
-<form method="post" name="ca_form" action="mailto:jerdonek@netscape.com">
-<input type="radio" name="caChoiceradio" value="SignWithDefaultkey" 
-    onClick="{parent.choice_change(this.form)}"> 
-    Use the Cert-O-matic certificate to issue the cert</p>
-<input type="radio" name="caChoiceradio" value="SignWithRandomChain" 
-    onClick="{parent.choice_change(this.form)}"> Use a 
-    <input type="text" size="2" maxsize="2" name="autoCAs"> CA long 
-    automatically generated chain ending with the Cert-O-Matic Cert 
-    (18 maximum)</p>
-<input type="radio" name="caChoiceradio" value="SignWithSpecifiedChain" 
-    onClick="{parent.choice_change(this.form)}"> Use a 
-    <input type="text" size="1" maxlength="1" name="manCAs" 
-    onChange="{parent.ca_num_change(this.value,this.form)}"> CA long 
-    user input chain ending in the Cert-O-Matic Cert.</p>
-</form>
diff --git a/security/nss/cmd/certcgi/ca_form.html b/security/nss/cmd/certcgi/ca_form.html
deleted file mode 100644
index 43042cb64..000000000
--- a/security/nss/cmd/certcgi/ca_form.html
+++ /dev/null
@@ -1,385 +0,0 @@
-<html>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-    <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
-    <table border=0 cellspacing=10 cellpadding=0>
-    <tr>
-    <td>
-    Common Name:</td><td> <input type="text" name="name" onChange="{window.top.reset_subject('CN=', value, form)}"></p>
-    </td>
-    <td></td><td></td><td>
-    Mail: </td><td><input type="text" name="email" onChange="var temp;{if (email_type[0].checked) {temp = 'MAIL='} else {temp = 'E='}} ;{window.top.reset_subject(temp, value, form)}"></p>
-    RFC 1274<input type="radio" name="email_type" value="1" onClick="window.top.switch_mail(form)">
-    e-mail<input type="radio" name="email_type" value="2" checked onClick="window.top.switch_mail(form)"></td>
-    <tr>
-    <td>
-    Organization: </td><td>  <input type="text" name="org" onChange="{window.top.reset_subject('O=', value, form)}"></p></td>
-    <td></td><td></td><td>
-    Organizational Unit: </td><td><input type="text" name="org_unit" onChange="{window.top.reset_subject('OU=', value, form)}"></p></td>
-    <tr>
-    <td>
-    RFC 1274 UID: </td><td><input type="text" name="uid" onChange="{window.top.reset_subject('UID=', value, form)}"></p></td>
-    <td></td><td></td><td>
-    Locality: </td><td><input type="text" name="loc" onChange="{window.top.reset_subject('L=', value, form)}"></p></td>
-    <tr>
-    <td>
-    State or Province: </td><td><input type="text" name="state" onChange="{window.top.reset_subject('ST=', value, form)}"></p></td>
-    <td></td><td></td><td>
-    Country: </td><td><input type="text" size="2" maxsize="2" name="country" onChange="{window.top.reset_subject('C=', value, form)}"></p></td>
-    </table>
-    <table border=0 cellspacing=10 cellpadding=0>
-    <tr>
-    <td>
-    Serial Number:</p>
-    <DD>
-    <input type="radio" name="serial" value="auto" checked> Auto Generate</P>
-    <DD>
-    <input type="radio" name="serial" value="input">
-    Use this value: <input type="text" name="serial_value" size="8" maxlength="8"></p>
-    </td>
-    <td></td><td></td><td></td><td></td>
-    <td>
-    X.509 version:</p>
-    <DD>
-    <input type="radio" name="ver" value="1" checked> Version 1</p>
-    <DD>
-    <input type="radio" name="ver" value="3"> Version 3</P></td>
-    <td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td>
-    <td>
-    Key Type:</p>
-    <DD>
-    <input type="radio" name="keyType" value="rsa" checked> RSA</p>
-    <DD>
-    <input type="radio" name="keyType" value="dsa"> DSA</P></td>
-    </table>
-    DN: <input type="text" name="subject" size="70" onChange="{window.top.reset_subjectFields(form)}"></P>
-    <Select name="keysize">
-        <option>1024 (High Grade)
-        <option>768 (Medium Grade)
-        <option>512 (Low Grade)
-    </select> 
-    </p>
-  <hr>
-    </p>
-    <table  border=1 cellspacing=5 cellpadding=5>
-    <tr>
-    <td>
-    <b>Netscape Certificate Type: </b></p>
-    Activate extension: <input type="checkbox" name="netscape-cert-type"></P>
-    Critical: <input type="checkbox" name="netscape-cert-type-crit">
-    <td>
-    <input type="checkbox" name="netscape-cert-type-ssl-client"> SSL Client</P>
-    <input type="checkbox" name="netscape-cert-type-ssl-server"> SSL Server</P>
-    <input type="checkbox" name="netscape-cert-type-smime"> S/MIME</P>
-    <input type="checkbox" name="netscape-cert-type-object-signing"> Object Signing</P>    
-    <input type="checkbox" name="netscape-cert-type-reserved"> Reserved for future use (bit 4)</P>
-    <input type="checkbox" name="netscape-cert-type-ssl-ca"> SSL CA</P>
-    <input type="checkbox" name="netscape-cert-type-smime-ca"> S/MIME CA</P>
-    <input type="checkbox" name="netscape-cert-type-object-signing-ca"> Object Signing CA</P>
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape Base URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-base-url"></P>
-    Critical: <input type="checkbox" name="netscape-base-url-crit">
-    <td>
-    <input type="text" name="netscape-base-url-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape Revocation URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-revocation-url"></P>
-    Critical: <input type="checkbox" name="netscape-revocation-url-crit">
-    <td>
-    <input type="text" name="netscape-revocation-url-text" size="50">
-    </tr>
-    <tr>
-    <td>    
-    <b>Netscape CA Revocation URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-ca-revocation-url"></P>
-    Critical: <input type="checkbox" name="netscape-ca-revocation-url-crit">
-    <td>
-    <input type="text" name="netscape-ca-revocation-url-text" size="50">
-    </tr>
-    <tr>
-    <td>    
-    <b>Netscape Certificate Renewal URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-cert-renewal-url"></P>
-    Critical: <input type="checkbox" name="netscape-cert-renewal-url-crit">
-    <td>
-    <input type="text" name="netscape-cert-renewal-url-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape CA Policy URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-ca-policy-url"></P>
-    Critical: <input type="checkbox" name="netscape-ca-policy-url-crit">
-    <td>
-    <input type="text" name="netscape-ca-policy-url-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape SSL Server Name:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-ssl-server-name"></P>
-    Critical: <input type="checkbox" name="netscape-ssl-server-name-crit">
-    <td>
-    <input type="text" name="netscape-ssl-server-name-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape Comment:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-comment"></P>
-    Critical: <input type="checkbox" name="netscape-comment-crit">
-    <td>
-    <textarea name="netscape-comment-text" rows="5" cols="50"></textarea>
-    </tr>
-    </table>
-    </p>
-  <hr>
-    </p>
-    <table  border=1 cellspacing=5 cellpadding=5>
-    <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
-    <tr>
-    <td>
-    <b>Key Usage: </b></p>
-    Activate extension: <input type="checkbox" name="keyUsage"></P>
-    Critical: <input type="checkbox" name="keyUsage-crit">
-    <td>
-    <input type="checkbox" name="keyUsage-digitalSignature"> Digital Signature</P>
-    <input type="checkbox" name="keyUsage-nonRepudiation"> Non Repudiation</P>    
-    <input type="checkbox" name="keyUsage-keyEncipherment"> Key Encipherment</P>    
-    <input type="checkbox" name="keyUsage-dataEncipherment"> Data Encipherment</P>
-    <input type="checkbox" name="keyUsage-keyAgreement"> Key Agreement</P>
-    <input type="checkbox" name="keyUsage-keyCertSign"> Key Certificate Signing</P>
-    <input type="checkbox" name="keyUsage-cRLSign"> CRL Signing</P>
-    </tr>
-    <tr>
-    <td>
-    <b>Extended Key Usage: </b></p>
-    Activate extension: <input type="checkbox" name="extKeyUsage"></P>
-    Critical: <input type="checkbox" name="extKeyUsage-crit">
-    <td>
-    <input type="checkbox" name="extKeyUsage-serverAuth"> Server Auth</P>
-    <input type="checkbox" name="extKeyUsage-clientAuth"> Client Auth</P>
-    <input type="checkbox" name="extKeyUsage-codeSign"> Code Signing</P>
-    <input type="checkbox" name="extKeyUsage-emailProtect"> Email Protection</P>
-    <input type="checkbox" name="extKeyUsage-timeStamp"> Timestamp</P>
-    <input type="checkbox" name="extKeyUsage-ocspResponder"> OCSP Responder</P>
-    <input type="checkbox" name="extKeyUsage-NS-govtApproved"> Step-up</P>
-    </tr>
-    <tr>
-    <td>
-    <b>Basic Constraints:</b></p>
-    Activate extension: <input type="checkbox" name="basicConstraints"></P>
-    Critical: <input type="checkbox" name="basicConstraints-crit">
-    <td>
-    CA:</p>
-    <dd><input type=radio name="basicConstraints-cA-radio" value="CA"> True</p>
-    <dd><input type=radio name="basicConstraints-cA-radio" value="NotCA"> False</p>
-    <input type="checkbox" name="basicConstraints-pathLengthConstraint">
-     Include Path length:  <input type="text" name="basicConstraints-pathLengthConstraint-text" size="2"></p>
-    </tr>
-    <tr>
-    <td>
-    <b>Authority Key Identifier:</b></p>
-    Activate extension: <input type="checkbox" name="authorityKeyIdentifier">
-    <td>
-    <input type="radio" name="authorityKeyIdentifier-radio" value="keyIdentifier"> Key Identider</p>
-    <input type="radio" name="authorityKeyIdentifier-radio" value="authorityCertIssuer"> Issuer Name and Serial number</p>
-    </tr>
-    <tr>
-    <td>    
-    <b>Subject Key Identifier:</b></p>
-    Activate extension: <input type="checkbox" name="subjectKeyIdentifier">
-    <td>
-    Key Identifier: 
-    <input type="text" name="subjectKeyIdentifier-text"></p>
-    This is an:<p>
-    <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="ascii"> ascii text value<p>
-    <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="hex"> hex value<p>
-    </tr>
-    <tr>
-    <td>    
-    <b>Private Key Usage Period:</b></p>
-    Activate extension: <input type="checkbox" name="privKeyUsagePeriod"></p>
-    Critical: <input type="checkbox" name="privKeyUsagePeriod-crit">
-    <td>
-    Use:</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notBefore"> Not Before</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notAfter"> Not After</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-radio" value="both" > Both</p>
-    <b>Not to be used to sign before:</b></p>
-    <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="auto"> Set to time of certificate issue</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="manual"> Use This value</p>
-    <dd><dd>(YYYY/MM/DD HH:MM:SS): 
-    <input type="text" name="privKeyUsagePeriod-notBefore-year" size="4" maxlength="4">/
-    <input type="text" name="privKeyUsagePeriod-notBefore-month" size="2" maxlength="2">/
-    <input type="text" name="privKeyUsagePeriod-notBefore-day" size="2" maxlength="2"> 
-    <input type="text" name="privKeyUsagePeriod-notBefore-hour" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notBefore-minute" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notBefore-second" size="2" maxlength="2"></p>
-    <b>Not to be used to sign after:</b></p>
-    <dd>(YYYY/MM/DD HH:MM:SS): 
-    <input type="text" name="privKeyUsagePeriod-notAfter-year" size="4" maxlength="4">/
-    <input type="text" name="privKeyUsagePeriod-notAfter-month" size="2" maxlength="2">/
-    <input type="text" name="privKeyUsagePeriod-notAfter-day" size="2" maxlength="2"> 
-    <input type="text" name="privKeyUsagePeriod-notAfter-hour" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notAfter-minute" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notAfter-second" size="2" maxlength="2"></p>
-    </tr>
-    <tr>
-    <td>
-    <b>Subject Alternative Name:</b></p>
-    Activate extension: <input type="checkbox" name="SubAltName"></P>
-    Critical: <input type="checkbox" name="SubAltName-crit">
-    <td>
-      <table>
-      <tr>
-      <td>
-      General Names:</p>
-      <select name="SubAltNameSelect" multiple size="10">
-      </select></p></p>
-      <input type="button" name="SubAltName-add" value="Add" onClick="{parent.addSubAltName(this.form)}">
-      <input type="button" name="SubAltName-delete" value="Delete" onClick="parent.deleteSubAltName(this.form)">
-      </td><td>
-        <table><tr><td>
-        Name Type: </td></tr><tr><td>
-        <input type="radio" name="SubAltNameRadio" value="otherName" onClick="parent.setSubAltNameType(form)"> Other Name, 
-        OID: <input type="text" name="SubAltNameOtherNameOID" size="6"> </td><td>
-        <input type="radio" name="SubAltNameRadio" value="rfc822Name" onClick="parent.setSubAltNameType(form)"> RFC 822 Name</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="dnsName" onClick="parent.setSubAltNameType(form)"> DNS Name </td><td>
-        <input type="radio" name="SubAltNameRadio" value="x400" onClick="parent.setSubAltNameType(form)"> X400 Address</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="directoryName" onClick="parent.setSubAltNameType(form)"> Directory Name</td><td>
-        <input type="radio" name="SubAltNameRadio" value="ediPartyName" onClick="parent.setSubAltNameType(form)"> EDI Party Name</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="URL" onClick="parent.setSubAltNameType(form)"> Uniform Resource Locator</td><td>
-        <input type="radio" name="SubAltNameRadio" value="ipAddress" onClick="parent.setSubAltNameType(form)"> IP Address</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="regID"onClick="parent.setSubAltNameType(form)"> Registered ID</td><td>
-	<input type="radio" name="SubAltNameRadio" value="nscpNickname" onClick="parent.setSubAltNameType(form)"> Netscape Certificate Nickname</td><td></tr>
-        </table>
-      Name: <input type="text" name="SubAltNameText">
-        Binary Encoded: <input type="checkbox" name="SubAltNameDataType" value="binary" onClick="parent.setSubAltNameType(form)"></p>
-      </tr>
-      </table>
-    </tr>
-
-
-    <tr>
-    <td>
-    <b>Issuer Alternative Name:</b></p>
-    Activate extension: <input type="checkbox" name="IssuerAltName"></P>
-    Critical: <input type="checkbox" name="IssuerAltName-crit">
-    <td>
-      <input type="radio" name="IssuerAltNameSourceRadio" value="auto"> Use the Subject Alternative Name from the Issuers Certificate</p>
-      <input type="radio" name="IssuerAltNameSourceRadio" value="man"> Use this Name:
-      <table>
-      <tr>
-      <td>
-      General Names:</p>
-      <select name="IssuerAltNameSelect" multiple size="10">
-      </select></p></p>
-      <input type="button" name="IssuerAltName-add" value="Add" onClick="{parent.addIssuerAltName(this.form)}">
-      <input type="button" name="IssuerAltName-delete" value="Delete" onClick="parent.deleteIssuerAltName(this.form)">
-      </td><td>
-        <table><tr><td>
-        Name Type: </td></tr><tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="otherName" onClick="parent.setIssuerAltNameType(form)"> Other Name, 
-        OID: <input type="text" name="IssuerAltNameOtherNameOID" size="6"> </td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="rfc822Name" onClick="parent.setIssuerAltNameType(form)"> RFC 822 Name</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="dnsName" onClick="parent.setIssuerAltNameType(form)"> DNS Name </td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="x400" onClick="parent.setIssuerAltNameType(form)"> X400 Address</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="directoryName" onClick="parent.setIssuerAltNameType(form)"> Directory Name</td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="ediPartyName" onClick="parent.setIssuerAltNameType(form)"> EDI Party Name</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="URL" onClick="parent.setIssuerAltNameType(form)"> Uniform Resource Locator</td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="ipAddress" onClick="parent.setIssuerAltNameType(form)"> IP Address</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="regID" onClick="parent.setIssuerAltNameType(form)"> Registered ID</td><td></tr>
-        </table>
-      Name: <input type="text" name="IssuerAltNameText"> 
-        Binary Encoded: <input type="checkbox" name="IssuerAltNameDataType" value="binary" onClick="parent.setIssuerAltNameType(form)"></p>
-      </tr>
-      </table>
-    </tr>
-
-    <tr>
-    <td>
-    <b>Name Constraints:</b></p>
-    Activate extension: <input type="checkbox" name="NameConstraints"></P>
-    <td>
-      <table>
-      <tr>
-      <td>
-      Name Constraints:</p>
-
-
-      <select name="NameConstraintSelect" multiple size="10">
-      </select></p></p>
-      <input type="button" name="NameConstraint-add" value="Add" onClick="{parent.addNameConstraint(this.form)}">
-      <input type="button" name="NameConstraint-delete" value="Delete" onClick="parent.deleteNameConstraint(this.form)">
-      </td><td>
-        <table><tr><td>
-        Name Type: </td></tr><tr><td>
-        <input type="radio" name="NameConstraintRadio" value="otherName" onClick="parent.setNameConstraintNameType(form)"> Other Name,
-        OID: <input type="text" name="NameConstraintOtherNameOID" size="6">  </td><td>
-        <input type="radio" name="NameConstraintRadio" value="rfc822Name" onClick="parent.setNameConstraintNameType(form)"> RFC 822 Name</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="dnsName" onClick="parent.setNameConstraintNameType(form)"> DNS Name </td><td>
-        <input type="radio" name="NameConstraintRadio" value="x400" onClick="parent.setNameConstraintNameType(form)"> X400 Address</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="directoryName" onClick="parent.setNameConstraintNameType(form)"> Directory Name</td><td>
-        <input type="radio" name="NameConstraintRadio" value="ediPartyName" onClick="parent.setNameConstraintNameType(form)"> EDI Party Name</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="URL" onClick="parent.setNameConstraintNameType(form)"> Uniform Resource Locator</td><td>
-        <input type="radio" name="NameConstraintRadio" value="ipAddress" onClick="parent.setNameConstraintNameType(form)"> IP Address</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="regID" onClick="parent.setNameConstraintNameType(form)"> Registered ID</td><td></tr>
-        </table>
-      Name: <input type="text" name="NameConstraintText">
-        Binary Encoded: <input type="checkbox" name="NameConstraintNameDataType" value="binary" onClick="parent.setNameConstraintNameType(form)"></p>
-      Constraint type:<p>
-      <dd><input type="radio" name="NameConstraintTypeRadio" value="permited"> permited<p>
-      <dd><input type="radio" name="NameConstraintTypeRadio" value="excluded"> excluded<p>
-      Minimum: <input type="text" name="NameConstraintMin" size="8" maxlength="8"></p>
-      Maximum: <input type="text" name="NameConstraintMax" size="8" maxlength="8"></p>
-
-
-
-      </tr>
-      </table>
-    </tr>
-    </table>
-    </form>
-
-
-
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/certcgi/certcgi.c b/security/nss/cmd/certcgi/certcgi.c
deleted file mode 100644
index 5806307d8..000000000
--- a/security/nss/cmd/certcgi/certcgi.c
+++ /dev/null
@@ -1,2431 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Cert-O-Matic CGI */
-
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "cert.h"
-#include "cryptohi.h"
-#include "secoid.h"
-#include "secder.h"
-#include "genname.h"
-#include "xconst.h"
-#include "secutil.h"
-#include "pqgutil.h"
-#include "certxutl.h"
-#include "secrng.h"	/* for RNG_ */
-#include "nss.h"
-
-
-/* #define TEST           1 */
-/* #define FILEOUT        1 */
-/* #define OFFLINE        1 */
-#define START_FIELDS   100
-#define PREFIX_LEN     6
-#define SERIAL_FILE    "../serial"
-#define DB_DIRECTORY   ".."
-
-static char *progName;
-
-typedef struct PairStr Pair;
-
-struct PairStr {
-    char *name;
-    char *data;
-};
-
-
-char prefix[PREFIX_LEN];
-
-
-const SEC_ASN1Template CERTIA5TypeTemplate[] = {
-    { SEC_ASN1_IA5_STRING }
-};
-
-
-
-SECKEYPrivateKey *privkeys[9] = {NULL, NULL, NULL, NULL, NULL, NULL, NULL,
-				 NULL, NULL};
-
-
-#ifdef notdef
-const SEC_ASN1Template CERT_GeneralNameTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-#endif
-
-
-static void
-error_out(char  *error_string)
-{
-    printf("Content-type: text/plain\n\n");
-    printf(error_string);
-    fflush(stderr);
-    fflush(stdout);
-    exit(1);
-}
-
-static void
-error_allocate(void)
-{
-    error_out("ERROR: Unable to allocate memory");
-}
-
-
-static char *
-make_copy_string(char  *read_pos, 
-		 int   length, 
-		 char  sentinal_value)
-    /* copys string from to a new string it creates and 
-       returns a pointer to the new string */
-{
-    int                remaining = length;
-    char               *write_pos;
-    char               *new;
-
-    new = write_pos = (char *) PORT_Alloc (length);
-    if (new == NULL) {
-	error_allocate();
-    }
-    while (*read_pos != sentinal_value) {
-	if (remaining == 1) {
-	    remaining += length;
-	    length = length * 2;
-	    new = PORT_Realloc(new,length);
-	    if (new == NULL) {
-		error_allocate();
-	    }
-	    write_pos = new + length - remaining;
-	}
-	*write_pos = *read_pos;
-	++write_pos;
-	++read_pos;
-	remaining = remaining - 1;
-    }
-    *write_pos = '\0';
-    return new;
-}
-
-
-static char *
-PasswordStub(PK11SlotInfo  *slot, 
-	     void          *cx)
-{
-	return NULL;
-}
-
-
-static SECStatus
-clean_input(Pair *data)
-    /* converts the non-alphanumeric characters in a form post 
-       from hex codes back to characters */
-{
-    int           length;
-    int           hi_digit;
-    int           low_digit;
-    char          character;
-    char          *begin_pos;
-    char          *read_pos;
-    char          *write_pos;
-    PRBool        name = PR_TRUE;
-
-    begin_pos = data->name;
-    while (begin_pos != NULL) {
-	length = strlen(begin_pos);
-	read_pos = write_pos = begin_pos;
-	while ((read_pos - begin_pos) < length) {
-	    if (*read_pos == '+') {
-		*read_pos = ' ';
-	    }
-	    if (*read_pos == '%') {
-		hi_digit = *(read_pos + 1);
-		low_digit = *(read_pos +2);
-		read_pos += 3;
-		if (isdigit(hi_digit)){
-		    hi_digit = hi_digit - '0';
-		} else {
-		    hi_digit = toupper(hi_digit);
-		    if (isxdigit(hi_digit)) {
-			hi_digit = (hi_digit - 'A') + 10;
-		    } else {
-			error_out("ERROR: Form data incorrectly formated");
-		    }
-		}
-		if (isdigit(low_digit)){
-		    low_digit = low_digit - '0';
-		} else {
-		    low_digit = toupper(low_digit);
-		    if ((low_digit >='A') && (low_digit <= 'F')) {
-			low_digit = (low_digit - 'A') + 10;
-		    } else {
-			error_out("ERROR: Form data incorrectly formated");
-		    }
-		}
-		character = (hi_digit << 4) | low_digit;
-		if (character != 10) {
-		    *write_pos = character;
-		    ++write_pos;
-		}
-	    } else {
-		*write_pos = *read_pos;
-		++write_pos;
-		++read_pos;
-	    }
-	}
-	*write_pos = '\0';
-	if (name == PR_TRUE) {
-	    begin_pos = data->data;
-	    name = PR_FALSE;
-	} else {
-	    data++;
-	    begin_pos = data->name;
-	    name = PR_TRUE;
-	}
-    }
-    return SECSuccess;
-}
-
-static char *
-make_name(char  *new_data)
-    /* gets the next field name in the input string and returns
-       a pointer to a string containing a copy of it */
-{
-    int         length = 20;
-    char        *name;
-
-    name = make_copy_string(new_data, length, '=');
-    return name;
-}
-	
-static char *
-make_data(char  *new_data)
-    /* gets the data for the next field in the input string 
-       and returns a pointer to a string containing it */
-{
-    int         length = 100;
-    char        *data;
-    char        *read_pos;
-
-    read_pos = new_data;
-    while (*(read_pos - 1) != '=') {
-	++read_pos;
-    }
-    data = make_copy_string(read_pos, length, '&');
-    return data;
-}
-
-
-static Pair
-make_pair(char  *new_data)
-    /* makes a pair name/data pair from the input string */
-{
-    Pair        temp;
-
-    temp.name = make_name(new_data);
-    temp.data = make_data(new_data);
-    return temp;
-}
-
-
-
-static Pair *
-make_datastruct(char  *data, int len)
-    /* parses the input from the form post into a data 
-       structure of field name/data pairs */
-{
-    Pair              *datastruct;
-    Pair              *current;
-    char              *curr_pos;
-    int               fields = START_FIELDS;
-    int               remaining = START_FIELDS;
-
-    curr_pos = data;
-    datastruct = current = (Pair *) PORT_Alloc(fields * sizeof(Pair));
-    if (datastruct == NULL) {
-	error_allocate();
-    }
-    while (curr_pos - data < len) {
-	if (remaining == 1) {
-	    remaining += fields;
-	    fields = fields * 2;
-	    datastruct = (Pair *) PORT_Realloc
-		(datastruct, fields * sizeof(Pair));
-	    if (datastruct == NULL) {
-		error_allocate();
-	    }
-	    current = datastruct + (fields - remaining);
-	}
-	*current = make_pair(curr_pos);
-	while (*curr_pos != '&') {
-	    ++curr_pos;
-	}
-	++curr_pos;
-	++current;
-	remaining = remaining - 1;
-    }
-    current->name = NULL;
-    return datastruct;
-}
-
-static char *
-return_name(Pair  *data_struct,
-	    int   n)
-    /* returns a pointer to the name of the nth 
-       (starting from 0) item in the data structure */
-{
-    char          *name;
-
-    if ((data_struct + n)->name != NULL) {
-	name = (data_struct + n)->name;
-	return name;
-    } else {
-	return NULL;
-    }
-}
-
-static char *
-return_data(Pair  *data_struct,int n)
-    /* returns a pointer to the data of the nth (starting from 0) 
-       itme in the data structure */
-{
-    char          *data;
-
-    data = (data_struct + n)->data;
-    return data;
-}
-
-
-static char *
-add_prefix(char  *field_name)
-{
-    extern char  prefix[PREFIX_LEN];
-    int          i = 0;
-    char         *rv;
-    char         *write;
-
-    rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1);
-    for(i = 0; i < PORT_Strlen(prefix); i++) {
-	*write = prefix[i];
-	write++;
-    }
-    *write = '\0';
-    rv = PORT_Strcat(rv,field_name);
-    return rv;
-}
-
-
-static char *
-find_field(Pair    *data, 
-	   char    *field_name, 
-	   PRBool  add_pre)
-    /* returns a pointer to the data of the first pair 
-       thats name matches the string it is passed */
-{
-    int            i = 0;
-    char           *retrieved;
-    int            found = 0;
-
-    if (add_pre) {
-	field_name = add_prefix(field_name);
-    }
-    while(return_name(data, i) != NULL) {
-	if (PORT_Strcmp(return_name(data, i), field_name) == 0) {
-	    retrieved = return_data(data, i);
-	    found = 1;
-	    break;
-	}
-	i++;
-    }
-    if (!found) {
-	retrieved = NULL;
-    }
-    return retrieved;
-}
-
-static PRBool
-find_field_bool(Pair    *data, 
-		char    *fieldname, 
-		PRBool  add_pre)
-{
-    char                *rv;
-
-    rv = find_field(data, fieldname, add_pre);
-	
-    if  ((rv != NULL) && (PORT_Strcmp(rv, "true")) == 0) {
-	return PR_TRUE;
-    } else {
-	return PR_FALSE;
-    }
-}
-
-static char *
-update_data_by_name(Pair  *data, 
-		    char  *field_name,
-                    char  *new_data)
-    /* replaces the data in the data structure associated with 
-       a name with new data, returns null if not found */
-{
-    int                   i = 0;
-    int                   found = 0;
-    int                   length = 100;
-    char                  *new;
-
-    while (return_name(data, i) != NULL) {
-	if (PORT_Strcmp(return_name(data, i), field_name) == 0) {
-	    new = make_copy_string( new_data, length, '\0');
-	    PORT_Free(return_data(data, i));
-	    found = 1;
-	    (*(data + i)).data = new;
-	    break;
-	}
-	i++;
-    }
-    if (!found) {
-	new = NULL;
-    }
-    return new;
-}
-
-static char *
-update_data_by_index(Pair  *data, 
-		     int   n, 
-		     char  *new_data)
-    /* replaces the data of a particular index in the data structure */
-{
-    int                    length = 100;
-    char                   *new;
-
-    new = make_copy_string(new_data, length, '\0');
-    PORT_Free(return_data(data, n));
-    (*(data + n)).data = new;
-    return new;
-}
-
-
-static Pair *
-add_field(Pair   *data, 
-	  char*  field_name, 
-	  char*  field_data)
-    /* adds a new name/data pair to the data structure */
-{
-    int          i = 0;
-    int          j;
-    int          name_length = 100;
-    int          data_length = 100;
-
-    while(return_name(data, i) != NULL) {
-	i++;
-    }
-    j = START_FIELDS;
-    while ( j < (i + 1) ) {
-	j = j * 2;
-    }
-    if (j == (i + 1)) {
-	data = (Pair *) PORT_Realloc(data, (j * 2) * sizeof(Pair));
-	if (data == NULL) {
-	    error_allocate();
-	}
-    }
-    (*(data + i)).name = make_copy_string(field_name, name_length, '\0');
-    (*(data + i)).data = make_copy_string(field_data, data_length, '\0');
-    (data + i + 1)->name = NULL;
-    return data;
-}
-
-
-static CERTCertificateRequest *
-makeCertReq(Pair             *form_data,
-	    int              which_priv_key)
-    /* makes and encodes a certrequest */
-{
-
-    PK11SlotInfo             *slot;
-    CERTCertificateRequest   *certReq = NULL;
-    CERTSubjectPublicKeyInfo *spki;
-    SECKEYPrivateKey         *privkey = NULL;
-    SECKEYPublicKey          *pubkey = NULL;
-    CERTName                 *name;
-    char                     *key;
-    extern SECKEYPrivateKey  *privkeys[9];
-    int                      keySizeInBits;
-    char                     *challenge = "foo";
-    SECStatus                rv = SECSuccess;
-    PQGParams                *pqgParams = NULL;
-    PQGVerify                *pqgVfy = NULL;
-
-    name = CERT_AsciiToName(find_field(form_data, "subject", PR_TRUE));
-    if (name == NULL) {
-	error_out("ERROR: Unable to create Subject Name");
-    }
-    key = find_field(form_data, "key", PR_TRUE);
-    if (key == NULL) {
-	switch (*find_field(form_data, "keysize", PR_TRUE)) {
-	  case '0':
-	    keySizeInBits = 2048;
-	    break;
-	  case '1':
-	    keySizeInBits = 1024;
-	    break;
-	  case '2':
-	    keySizeInBits = 512;
-	    break;
-	  default:
-	    error_out("ERROR: Unsupported Key length selected");
-	}
-	if (find_field_bool(form_data, "keyType-dsa", PR_TRUE)) {
-	    rv = PQG_ParamGen(keySizeInBits, &pqgParams, &pqgVfy);
-	    if (rv != SECSuccess) {
-		error_out("ERROR: Unable to generate PQG parameters");
-	    }
-	    slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL);
-	    privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN, 
-					   pqgParams,&pubkey, PR_FALSE, 
-					   PR_TRUE, NULL);
-	} else {
-	    privkey = SECKEY_CreateRSAPrivateKey(keySizeInBits, &pubkey, NULL);
-	}
-	privkeys[which_priv_key] = privkey;
-	spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey);
-    } else {
-	spki = SECKEY_ConvertAndDecodePublicKeyAndChallenge(key, challenge, 
-							    NULL);
-	if (spki == NULL) {
-	    error_out("ERROR: Unable to decode Public Key and Challenge String");
-	}
-    }
-    certReq = CERT_CreateCertificateRequest(name, spki, NULL);
-    if (certReq == NULL) {
-	error_out("ERROR: Unable to create Certificate Request");
-    }
-    if (pubkey != NULL) {
-	SECKEY_DestroyPublicKey(pubkey);
-    }
-    if (spki != NULL) {
-	SECKEY_DestroySubjectPublicKeyInfo(spki);
-    }
-    if (pqgParams != NULL) {
-	PQG_DestroyParams(pqgParams);
-    }
-    if (pqgVfy != NULL) {
-	PQG_DestroyVerify(pqgVfy);
-    }
-    return certReq;
-}
-
-
-
-static CERTCertificate *
-MakeV1Cert(CERTCertDBHandle        *handle, 
-	   CERTCertificateRequest  *req,
-	   char                    *issuerNameStr, 
-	   PRBool                  selfsign, 
-	   int                     serialNumber,
-	   int                     warpmonths,
-	   Pair                    *data)
-{
-    CERTCertificate                 *issuerCert = NULL;
-    CERTValidity                    *validity;
-    CERTCertificate                 *cert = NULL;
-    PRExplodedTime                  printableTime;
-    PRTime                          now, 
-	                            after;
-    SECStatus rv;
-   
-    
-
-    if ( !selfsign ) {
-	issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
-	if (!issuerCert) {
-	    error_out("ERROR: Could not find issuer's certificate");
-	    return NULL;
-	}
-    }
-    if (find_field_bool(data, "manValidity", PR_TRUE)) {
-	rv = DER_AsciiToTime(&now, find_field(data, "notBefore", PR_TRUE));
-    } else {
-	now = PR_Now();
-    }
-    PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-    if ( warpmonths ) {
-	printableTime.tm_month += warpmonths;
-	now = PR_ImplodeTime (&printableTime);
-	PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-    }
-    if (find_field_bool(data, "manValidity", PR_TRUE)) {
-	rv = DER_AsciiToTime(&after, find_field(data, "notAfter", PR_TRUE));
-	PR_ExplodeTime (after, PR_GMTParameters, &printableTime);
-    } else {
-	printableTime.tm_month += 3;
-	after = PR_ImplodeTime (&printableTime);
-    }
-    /* note that the time is now in micro-second unit */
-    validity = CERT_CreateValidity (now, after);
-
-    if ( selfsign ) {
-	cert = CERT_CreateCertificate
-	    (serialNumber,&(req->subject), validity, req);
-    } else {
-	cert = CERT_CreateCertificate
-	    (serialNumber,&(issuerCert->subject), validity, req);
-    }
-    
-    CERT_DestroyValidity(validity);
-    if ( issuerCert ) {
-	CERT_DestroyCertificate (issuerCert);
-    }
-    return(cert);
-}
-
-static int
-get_serial_number(Pair  *data)
-{
-    int                 serial = 0;
-    int                 error;
-    char                *filename = SERIAL_FILE;
-    char                *SN;
-    FILE                *serialFile;
-
-
-    if (find_field_bool(data, "serial-auto", PR_TRUE)) {
-	serialFile = fopen(filename, "r");
-	if (serialFile != NULL) {
-	    fread(&serial, sizeof(int), 1, serialFile);
-	    if (ferror(serialFile) != 0) {
-		error_out("Error: Unable to read serial number file");
-	    }
-	    if (serial == 4294967295) {
-		serial = 21;
-	    }
-	    fclose(serialFile);
-	    ++serial;
-	    serialFile = fopen(filename,"w");
-	    if (serialFile == NULL) {
-	        error_out("ERROR: Unable to open serial number file for writing");
-	    }
-	    fwrite(&serial, sizeof(int), 1, serialFile);
-	    if (ferror(serialFile) != 0) {
-		error_out("Error: Unable to write to serial number file");
-	    }
-	} else {
-	    fclose(serialFile);
-	    serialFile = fopen(filename,"w");
-	    if (serialFile == NULL) {
-		error_out("ERROR: Unable to open serial number file");
-	    }
-	    serial = 21;
-	    fwrite(&serial, sizeof(int), 1, serialFile);
-	    if (ferror(serialFile) != 0) {
-		error_out("Error: Unable to write to serial number file");
-	    }
-	    error = ferror(serialFile);
-	    if (error != 0) {
-		error_out("ERROR: Unable to write to serial file");
-	    }
-	}
-	fclose(serialFile);
-    } else {
-	SN = find_field(data, "serial_value", PR_TRUE);
-	while (*SN != '\0') {
-	    serial = serial * 16;
-	    if ((*SN >= 'A') && (*SN <='F')) {
-		serial += *SN - 'A' + 10; 
-	    } else {
-		if ((*SN >= 'a') && (*SN <='f')) {
-		    serial += *SN - 'a' + 10;
-		} else {
-		    serial += *SN - '0';
-		}
-	    }
-	    ++SN;
-	}
-    }
-    return serial;
-}
-	
-
-
-typedef SECStatus (* EXTEN_VALUE_ENCODER)
-		(PRArenaPool *extHandle, void *value, SECItem *encodedValue);
-
-static SECStatus 
-EncodeAndAddExtensionValue(
-	PRArenaPool          *arena, 
-	void                 *extHandle, 
-	void                 *value, 
-	PRBool 		     criticality,
-	int 		     extenType, 
-	EXTEN_VALUE_ENCODER  EncodeValueFn)
-{
-    SECItem                  encodedValue;
-    SECStatus                rv;
-	
-
-    encodedValue.data = NULL;
-    encodedValue.len = 0;
-    rv = (*EncodeValueFn)(arena, value, &encodedValue);
-    if (rv != SECSuccess) {
-	error_out("ERROR: Unable to encode extension value");
-    }
-    rv = CERT_AddExtension
-	(extHandle, extenType, &encodedValue, criticality, PR_TRUE);
-    return (rv);
-}
-
-
-
-static SECStatus 
-AddKeyUsage (void  *extHandle, 
-	     Pair  *data)
-{
-    SECItem        bitStringValue;
-    unsigned char  keyUsage = 0x0;
-
-    if (find_field_bool(data,"keyUsage-digitalSignature", PR_TRUE)){
-	keyUsage |= (0x80 >> 0);
-    }
-    if (find_field_bool(data,"keyUsage-nonRepudiation", PR_TRUE)){
-	keyUsage |= (0x80 >> 1);
-    }
-    if (find_field_bool(data,"keyUsage-keyEncipherment", PR_TRUE)){
-	keyUsage |= (0x80 >> 2);
-    }
-    if (find_field_bool(data,"keyUsage-dataEncipherment", PR_TRUE)){
-	keyUsage |= (0x80 >> 3);
-    }
-    if (find_field_bool(data,"keyUsage-keyAgreement", PR_TRUE)){
-	keyUsage |= (0x80 >> 4);
-    }
-    if (find_field_bool(data,"keyUsage-keyCertSign", PR_TRUE)) {
-	keyUsage |= (0x80 >> 5);
-    }
-    if (find_field_bool(data,"keyUsage-cRLSign", PR_TRUE)) {
-	keyUsage |= (0x80 >> 6);
-    }
-
-    bitStringValue.data = &keyUsage;
-    bitStringValue.len = 1;
-
-    return (CERT_EncodeAndAddBitStrExtension
-	    (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
-	     (find_field_bool(data, "keyUsage-crit", PR_TRUE))));
-
-}
-
-static CERTOidSequence *
-CreateOidSequence(void)
-{
-  CERTOidSequence *rv = (CERTOidSequence *)NULL;
-  PRArenaPool *arena = (PRArenaPool *)NULL;
-
-  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-  if( (PRArenaPool *)NULL == arena ) {
-    goto loser;
-  }
-
-  rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
-  if( (CERTOidSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
-  if( (SECItem **)NULL == rv->oids ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  return rv;
-
- loser:
-  if( (PRArenaPool *)NULL != arena ) {
-    PORT_FreeArena(arena, PR_FALSE);
-  }
-
-  return (CERTOidSequence *)NULL;
-}
-
-static SECStatus
-AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
-{
-  SECItem **oids;
-  PRUint32 count = 0;
-  SECOidData *od;
-
-  od = SECOID_FindOIDByTag(oidTag);
-  if( (SECOidData *)NULL == od ) {
-    return SECFailure;
-  }
-
-  for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
-    count++;
-  }
-
-  /* ArenaZRealloc */
-
-  {
-    PRUint32 i;
-
-    oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2));
-    if( (SECItem **)NULL == oids ) {
-      return SECFailure;
-    }
-    
-    for( i = 0; i < count; i++ ) {
-      oids[i] = os->oids[i];
-    }
-
-    /* ArenaZFree(os->oids); */
-  }
-
-  os->oids = oids;
-  os->oids[count] = &od->oid;
-
-  return SECSuccess;
-}
-
-static SECItem *
-EncodeOidSequence(CERTOidSequence *os)
-{
-  SECItem *rv;
-  extern const SEC_ASN1Template CERT_OidSeqTemplate[];
-
-  rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem));
-  if( (SECItem *)NULL == rv ) {
-    goto loser;
-  }
-
-  if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) {
-    goto loser;
-  }
-
-  return rv;
-
- loser:
-  return (SECItem *)NULL;
-}
-
-static SECStatus
-AddExtKeyUsage(void *extHandle, Pair *data)
-{
-  SECStatus rv;
-  CERTOidSequence *os;
-  SECItem *value;
-  PRBool crit;
-
-  os = CreateOidSequence();
-  if( (CERTOidSequence *)NULL == os ) {
-    return SECFailure;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-serverAuth", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-clientAuth", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-codeSign", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-emailProtect", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-timeStamp", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-ocspResponder", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  if( find_field_bool(data, "extKeyUsage-NS-govtApproved", PR_TRUE) ) {
-    rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED);
-    if( SECSuccess != rv ) goto loser;
-  }
-
-  value = EncodeOidSequence(os);
-
-  crit = find_field_bool(data, "extKeyUsage-crit", PR_TRUE);
-
-  rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, value,
-                         crit, PR_TRUE);
-  /*FALLTHROUGH*/
- loser:
-  CERT_DestroyOidSequence(os);
-  return rv;
-}
-
-static SECStatus
-AddSubKeyID(void             *extHandle, 
-	    Pair             *data, 
-	    CERTCertificate  *subjectCert)
-{
-    SECItem                  encodedValue;
-    SECStatus                rv;
-    char                     *read;
-    char                     *write;
-    char                     *first;
-    char                     character;
-    int                      high_digit = 0,
-	                     low_digit = 0;
-    int                      len;
-    PRBool                   odd = PR_FALSE;
-
-
-    encodedValue.data = NULL;
-    encodedValue.len = 0;
-    first = read = write = find_field(data,"subjectKeyIdentifier-text", 
-				      PR_TRUE);
-    len = PORT_Strlen(first);
-    odd = ((len % 2) != 0 ) ? PR_TRUE : PR_FALSE;
-    if (find_field_bool(data, "subjectKeyIdentifier-radio-hex", PR_TRUE)) {
-	if (odd) {
-	    error_out("ERROR: Improperly formated subject key identifier, hex values must be expressed as an octet string");
-	}
-	while (*read != '\0') {
-	    if (!isxdigit(*read)) {
-		error_out("ERROR: Improperly formated subject key identifier");
-	    }
-	    *read = toupper(*read);
-	    if ((*read >= 'A') && (*read <= 'F')) {
-		high_digit = *read - 'A' + 10;
-	    }  else {
-		high_digit = *read - '0';
-	    }
-	    ++read;
-	    if (!isxdigit(*read)) {
-		error_out("ERROR: Improperly formated subject key identifier");
-	    }
-	    *read = toupper(*read);
-	    if ((*read >= 'A') && (*read <= 'F')) {
-		low_digit = *(read) - 'A' + 10;
-	    } else {
-		low_digit = *(read) - '0';
-	    }
-	    character = (high_digit << 4) | low_digit;
-	    *write = character;
-	    ++write;
-	    ++read;
-	}
-	*write = '\0';
-	len = write - first;
-    }
-    subjectCert->subjectKeyID.data = (unsigned char *) find_field
-	(data,"subjectKeyIdentifier-text", PR_TRUE);
-    subjectCert->subjectKeyID.len = len;
-    rv = CERT_EncodeSubjectKeyID
-	(NULL, find_field(data,"subjectKeyIdentifier-text", PR_TRUE),
-	 len, &encodedValue);
-    if (rv) {
-	return (rv);
-    }
-    return (CERT_AddExtension(extHandle,  SEC_OID_X509_SUBJECT_KEY_ID, 
-			      &encodedValue, PR_FALSE, PR_TRUE));
-}
-
-
-static SECStatus 
-AddAuthKeyID (void              *extHandle,
-	      Pair              *data, 
-	      char              *issuerNameStr, 
-	      CERTCertDBHandle  *handle)
-{
-    CERTAuthKeyID               *authKeyID = NULL;    
-    PRArenaPool                 *arena = NULL;
-    SECStatus                   rv = SECSuccess;
-    CERTCertificate             *issuerCert = NULL;
-    CERTGeneralName             *genNames;
-    CERTName                    *directoryName = NULL;
-
-
-    issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) {
-	error_allocate();
-    }
-
-    authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID));
-    if (authKeyID == NULL) {
-	error_allocate();
-    }
-    if (find_field_bool(data, "authorityKeyIdentifier-radio-keyIdentifier", 
-			PR_TRUE)) {
-	authKeyID->keyID.data = PORT_ArenaAlloc (arena, PORT_Strlen 
-				       ((char *)issuerCert->subjectKeyID.data));
-	if (authKeyID->keyID.data == NULL) {
-	    error_allocate();
-	}
-	PORT_Memcpy (authKeyID->keyID.data, issuerCert->subjectKeyID.data, 
-		     authKeyID->keyID.len = 
-		        PORT_Strlen((char *)issuerCert->subjectKeyID.data));
-    } else {
-	
-	PORT_Assert (arena);
-	genNames = (CERTGeneralName *) PORT_ArenaZAlloc (arena, (sizeof(CERTGeneralName)));
-	if (genNames == NULL){
-	    error_allocate();
-	}
-	genNames->l.next = genNames->l.prev = &(genNames->l);
-	genNames->type = certDirectoryName;
-
-	directoryName = CERT_AsciiToName(issuerCert->subjectName);
-	if (!directoryName) {
-	    error_out("ERROR: Unable to create Directory Name");
-	}
-	rv = CERT_CopyName (arena, &genNames->name.directoryName, 
-			    directoryName);
-        CERT_DestroyName (directoryName);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to copy Directory Name");
-	}
-	authKeyID->authCertIssuer = genNames;
-	if (authKeyID->authCertIssuer == NULL && SECFailure == 
-	                                            PORT_GetError ()) {
-	    error_out("ERROR: Unable to get Issuer General Name for Authority Key ID Extension");
-	}
-	authKeyID->authCertSerialNumber = issuerCert->serialNumber;
-    }
-    rv = EncodeAndAddExtensionValue(arena, extHandle, authKeyID, PR_FALSE, 
-				    SEC_OID_X509_AUTH_KEY_ID, 
-				    (EXTEN_VALUE_ENCODER)
-				    CERT_EncodeAuthKeyID);
-    if (arena) {
-	PORT_FreeArena (arena, PR_FALSE);
-    }
-    return (rv);
-}
-
-
-static SECStatus 
-AddPrivKeyUsagePeriod(void             *extHandle, 
-		      Pair             *data, 
-		      CERTCertificate  *cert)
-{
-    char *notBeforeStr;
-    char *notAfterStr;
-    PRArenaPool *arena = NULL;
-    SECStatus rv = SECSuccess;
-    PKUPEncodedContext *pkup;
-
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) {
-	error_allocate();
-    }
-    pkup = PORT_ArenaZAlloc (arena, sizeof (PKUPEncodedContext));
-    if (pkup == NULL) {
-	error_allocate();
-    }
-    notBeforeStr = (char *) PORT_Alloc(16 );
-    notAfterStr = (char *) PORT_Alloc(16 );
-    *notBeforeStr = '\0';
-    *notAfterStr = '\0';
-    pkup->arena = arena;
-    pkup->notBefore.len = 0;
-    pkup->notBefore.data = NULL;
-    pkup->notAfter.len = 0;
-    pkup->notAfter.data = NULL;
-    if (find_field_bool(data, "privKeyUsagePeriod-radio-notBefore", PR_TRUE) ||
-	find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) {
-	pkup->notBefore.len = 15;
-	pkup->notBefore.data = (unsigned char *)notBeforeStr;
-	if (find_field_bool(data, "privKeyUsagePeriod-notBefore-radio-manual", 
-			    PR_TRUE)) {
-	    PORT_Strcat(notBeforeStr,find_field(data,
-					   "privKeyUsagePeriod-notBefore-year",
-					   PR_TRUE));
-	    PORT_Strcat(notBeforeStr,find_field(data,
-					   "privKeyUsagePeriod-notBefore-month",
-					   PR_TRUE));
-	    PORT_Strcat(notBeforeStr,find_field(data,
-					   "privKeyUsagePeriod-notBefore-day",
-					   PR_TRUE));
-	    PORT_Strcat(notBeforeStr,find_field(data,
-					   "privKeyUsagePeriod-notBefore-hour",
-					   PR_TRUE));
-	    PORT_Strcat(notBeforeStr,find_field(data,
-					  "privKeyUsagePeriod-notBefore-minute",
-					   PR_TRUE));
-	    PORT_Strcat(notBeforeStr,find_field(data,
-					  "privKeyUsagePeriod-notBefore-second",
-					   PR_TRUE));
-	    if ((*(notBeforeStr + 14) != '\0') ||
-		(!isdigit(*(notBeforeStr + 13))) ||
-		(*(notBeforeStr + 12) >= '5' && *(notBeforeStr + 12) <= '0') ||
-		(!isdigit(*(notBeforeStr + 11))) ||
-		(*(notBeforeStr + 10) >= '5' && *(notBeforeStr + 10) <= '0') ||
-		(!isdigit(*(notBeforeStr + 9))) ||
-		(*(notBeforeStr + 8) >= '2' && *(notBeforeStr + 8) <= '0') ||
-		(!isdigit(*(notBeforeStr + 7))) ||
-		(*(notBeforeStr + 6) >= '3' && *(notBeforeStr + 6) <= '0') ||
-		(!isdigit(*(notBeforeStr + 5))) ||
-		(*(notBeforeStr + 4) >= '1' && *(notBeforeStr + 4) <= '0') ||
-		(!isdigit(*(notBeforeStr + 3))) ||
-		(!isdigit(*(notBeforeStr + 2))) ||
-		(!isdigit(*(notBeforeStr + 1))) ||
-		(!isdigit(*(notBeforeStr + 0))) ||
-		(*(notBeforeStr + 8) == '2' && *(notBeforeStr + 9) >= '4') ||
-		(*(notBeforeStr + 6) == '3' && *(notBeforeStr + 7) >= '1') ||
-		(*(notBeforeStr + 4) == '1' && *(notBeforeStr + 5) >= '2')) {
-		error_out("ERROR: Improperly formated private key usage period");
-	    }
-	    *(notBeforeStr + 14) = 'Z';
-	    *(notBeforeStr + 15) = '\0';
-	} else {
-	    if ((*(cert->validity.notBefore.data) > '5') || 
-		((*(cert->validity.notBefore.data) == '5') &&
-		 (*(cert->validity.notBefore.data + 1) != '0'))) {
-		PORT_Strcat(notBeforeStr, "19");
-	    } else {
-		PORT_Strcat(notBeforeStr, "20");
-	    }
-	    PORT_Strcat(notBeforeStr, (char *)cert->validity.notBefore.data);
-	}
-    }
-    if (find_field_bool(data, "privKeyUsagePeriod-radio-notAfter", PR_TRUE) ||
-	find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) {
-	pkup->notAfter.len = 15;
-	pkup->notAfter.data = (unsigned char *)notAfterStr;
-	PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-year", 
-				      PR_TRUE));
-	PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-month",
-				      PR_TRUE));
-	PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-day", 
-				      PR_TRUE));
-	PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-hour", 
-				      PR_TRUE));
-	PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-minute",
-				      PR_TRUE));
-	PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-second",
-				      PR_TRUE));
-	if ((*(notAfterStr + 14) != '\0') ||
-	    (!isdigit(*(notAfterStr + 13))) ||
-	    (*(notAfterStr + 12) >= '5' && *(notAfterStr + 12) <= '0') ||
-	    (!isdigit(*(notAfterStr + 11))) ||
-	    (*(notAfterStr + 10) >= '5' && *(notAfterStr + 10) <= '0') ||
-	    (!isdigit(*(notAfterStr + 9))) ||
-	    (*(notAfterStr + 8) >= '2' && *(notAfterStr + 8) <= '0') ||
-	    (!isdigit(*(notAfterStr + 7))) ||
-	    (*(notAfterStr + 6) >= '3' && *(notAfterStr + 6) <= '0') ||
-	    (!isdigit(*(notAfterStr + 5))) ||
-	    (*(notAfterStr + 4) >= '1' && *(notAfterStr + 4) <= '0') ||
-	    (!isdigit(*(notAfterStr + 3))) ||
-	    (!isdigit(*(notAfterStr + 2))) ||
-	    (!isdigit(*(notAfterStr + 1))) ||
-	    (!isdigit(*(notAfterStr + 0))) ||
-	    (*(notAfterStr + 8) == '2' && *(notAfterStr + 9) >= '4') ||
-	    (*(notAfterStr + 6) == '3' && *(notAfterStr + 7) >= '1') ||
-	    (*(notAfterStr + 4) == '1' && *(notAfterStr + 5) >= '2')) {
-	    error_out("ERROR: Improperly formated private key usage period");
-	}
-	*(notAfterStr + 14) = 'Z';
-	*(notAfterStr + 15) = '\0';
-    }
-	
-    PORT_Assert (arena);
-
-    rv = EncodeAndAddExtensionValue(arena, extHandle, pkup, 
-				    find_field_bool(data,
-						    "privKeyUsagePeriod-crit", 
-						    PR_TRUE), 
-				    SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD, 
-				    (EXTEN_VALUE_ENCODER)
-				    CERT_EncodePublicKeyUsagePeriod);
-    if (arena) {
-	PORT_FreeArena (arena, PR_FALSE);
-    }
-    if (notBeforeStr != NULL) {
-	PORT_Free(notBeforeStr);
-    }
-    if (notAfterStr != NULL) {
-	PORT_Free(notAfterStr);
-    }
-    return (rv);
-}    
-
-static SECStatus 
-AddBasicConstraint(void   *extHandle, 
-		   Pair   *data)
-{
-    CERTBasicConstraints  basicConstraint;
-    SECItem               encodedValue;
-    SECStatus             rv;
-
-    encodedValue.data = NULL;
-    encodedValue.len = 0;
-    basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
-    basicConstraint.isCA = (find_field_bool(data,"basicConstraints-cA-radio-CA",
-					    PR_TRUE));
-    if (find_field_bool(data,"basicConstraints-pathLengthConstraint", PR_TRUE)){
-	basicConstraint.pathLenConstraint = atoi 
-	    (find_field(data,"basicConstraints-pathLengthConstraint-text", 
-			PR_TRUE));
-    }
-    
-    rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, 
-					  &encodedValue);
-    if (rv)
-	return (rv);
-    rv = CERT_AddExtension(extHandle, SEC_OID_X509_BASIC_CONSTRAINTS, 
-			   &encodedValue, 
-			   (find_field_bool(data,"basicConstraints-crit", 
-					    PR_TRUE)), PR_TRUE);
-
-    PORT_Free (encodedValue.data);
-    return (rv);
-}
-
-
-
-static SECStatus 
-AddNscpCertType (void  *extHandle, 
-		 Pair  *data)
-{
-    SECItem            bitStringValue;
-    unsigned char      CertType = 0x0;
-
-    if (find_field_bool(data,"netscape-cert-type-ssl-client", PR_TRUE)){
-	CertType |= (0x80 >> 0);
-    }
-    if (find_field_bool(data,"netscape-cert-type-ssl-server", PR_TRUE)){
-	CertType |= (0x80 >> 1);
-    }
-    if (find_field_bool(data,"netscape-cert-type-smime", PR_TRUE)){
-	CertType |= (0x80 >> 2);
-    }
-    if (find_field_bool(data,"netscape-cert-type-object-signing", PR_TRUE)){
-	CertType |= (0x80 >> 3);
-    }
-    if (find_field_bool(data,"netscape-cert-type-reserved", PR_TRUE)){
-	CertType |= (0x80 >> 4);
-    }
-    if (find_field_bool(data,"netscape-cert-type-ssl-ca", PR_TRUE)) {
-	CertType |= (0x80 >> 5);
-    }
-    if (find_field_bool(data,"netscape-cert-type-smime-ca", PR_TRUE)) {
-	CertType |= (0x80 >> 6);
-    }
-    if (find_field_bool(data,"netscape-cert-type-object-signing-ca", PR_TRUE)) {
-	CertType |= (0x80 >> 7);
-    }
-
-    bitStringValue.data = &CertType;
-    bitStringValue.len = 1;
-
-    return (CERT_EncodeAndAddBitStrExtension
-	    (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
-	     (find_field_bool(data, "netscape-cert-type-crit", PR_TRUE))));
-}
-
-
-static SECStatus
-add_IA5StringExtension(void    *extHandle, 
-		       char    *string, 
-		       PRBool  crit, 
-		       int     idtag)
-{
-    SECItem                    encodedValue;
-    SECStatus                  rv;
-
-    encodedValue.data = NULL;
-    encodedValue.len = 0;
-
-    rv = CERT_EncodeIA5TypeExtension(NULL, string, &encodedValue);
-    if (rv) {
-	return (rv);
-    }
-    return (CERT_AddExtension(extHandle, idtag, &encodedValue, crit, PR_TRUE));
-}
-
-static SECItem *
-string_to_oid(char  *string)
-{
-    int             i;
-    int             length = 20;
-    int             remaining;
-    int             first_value;
-    int             second_value;
-    int             value;
-    int             oidLength;
-    unsigned char   *oidString;
-    unsigned char   *write;
-    unsigned char   *read;
-    unsigned char   *temp;
-    SECItem         *oid;
-    
-    
-    remaining = length;
-    i = 0;
-    while (*string == ' ') {
-	string++;
-    }
-    while (isdigit(*(string + i))) {
-	i++;
-    }
-    if (*(string + i) == '.') {
-	*(string + i) = '\0';
-    } else {
-	error_out("ERROR: Improperly formated OID");
-    }
-    first_value = atoi(string);
-    if (first_value < 0 || first_value > 2) {
-	error_out("ERROR: Improperly formated OID");
-    }
-    string += i + 1;
-    i = 0;
-    while (isdigit(*(string + i))) {
-	i++;
-    }
-    if (*(string + i) == '.') {
-	*(string + i) = '\0';
-    } else {
-	error_out("ERROR: Improperly formated OID");
-    }
-    second_value = atoi(string);
-    if (second_value < 0 || second_value > 39) {
-	error_out("ERROR: Improperly formated OID");
-    }
-    oidString = PORT_ZAlloc(2);
-    *oidString = (first_value * 40) + second_value;
-    *(oidString + 1) = '\0';
-    oidLength = 1;
-    string += i + 1;
-    i = 0;
-    temp = write = PORT_ZAlloc(length);
-    while (*string != '\0') {
-	value = 0;
-	while(isdigit(*(string + i))) {
-	    i++;
-	}
-	if (*(string + i) == '\0') {
-	    value = atoi(string);
-	    string += i;
-	} else {
-	    if (*(string + i) == '.') {
-		*(string + i) = '\0';
-		value = atoi(string);
-		string += i + 1;
-	    } else {
-		*(string + i) = '\0';
-		i++;
-		value = atoi(string);
-		while (*(string + i) == ' ')
-		    i++;
-		if (*(string + i) != '\0') {
-		    error_out("ERROR: Improperly formated OID");
-		}
-	    }
-	}
-	i = 0;
-	while (value != 0) {
-	    if (remaining < 1) {
-		remaining += length;
-		length = length * 2;
-		temp = PORT_Realloc(temp, length);
-		write = temp + length - remaining;
-	    }
-	    *write = (value & 0x7f) | (0x80);
-	    write++;
-	    remaining--;
-	    value = value >> 7;
-	}
-	*temp = *temp & (0x7f);
-	oidLength += write - temp;
-	oidString = PORT_Realloc(oidString, (oidLength + 1));
-	read = write - 1;
-	write = oidLength + oidString - 1;
-	for (i = 0; i < (length - remaining); i++) {
-	    *write = *read;
-	    write--;
-	    read++;
-	}
-	write = temp;
-	remaining = length;
-    }
-    *(oidString + oidLength) = '\0';
-    oid = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
-    oid->data = oidString;
-    oid->len  = oidLength;
-    PORT_Free(temp);
-    return oid;
-}
-
-static SECItem *
-string_to_ipaddress(char *string)
-{
-    int      i = 0;
-    int      value;
-    int      j = 0;
-    SECItem  *ipaddress;
-    
-
-    while (*string == ' ') {
-	string++;
-    }
-    ipaddress = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
-    ipaddress->data = PORT_ZAlloc(9);
-    while (*string != '\0' && j < 8) {
-	while (isdigit(*(string + i))) {
-	    i++;
-	}
-	if (*(string + i) == '.') {
-	    *(string + i) = '\0';
-	    value = atoi(string);
-	    string = string + i + 1;
-	    i = 0;
-	} else {
-	    if (*(string + i) == '\0') {
-		value = atoi(string);
-		string = string + i;
-		i = 0;
-	    } else {
-		*(string + i) = '\0';
-		while (*(string + i) == ' ') {
-		    i++;
-		}
-		if (*(string + i) == '\0') {
-		    value = atoi(string);
-		    string = string + i;
-		    i = 0;
-		} else {
-		    error_out("ERROR: Improperly formated IP Address");
-		}
-	    }
-	}
-	if (value >= 0 || value < 256) {
-	    *(ipaddress->data + j) = value;
-	} else {
-	    error_out("ERROR: Improperly formated IP Address");
-	}
-	j++;
-    }
-    *(ipaddress->data + j) = '\0';
-    if (j != 4 && j != 8) {
-	error_out("ERROR: Improperly formated IP Address");
-    }
-    ipaddress->len = j;
-    return ipaddress;
-}
-
-static SECItem *
-string_to_binary(char  *string)
-{
-    SECItem            *rv;
-    int                high_digit;
-    int                low_digit;
-
-    rv = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
-    if (rv == NULL) {
-	error_allocate();
-    }
-    rv->data = (unsigned char *) PORT_ZAlloc((PORT_Strlen(string))/3 + 2);
-    while (!isxdigit(*string)) {
-	string++;
-    }
-    rv->len = 0;
-    while (*string != '\0') {
-	if (isxdigit(*string)) {
-	    if (*string >= '0' && *string <= '9') {
-		high_digit = *string - '0';
-	    } else {
-		*string = toupper(*string);
-		high_digit = *string - 'A';
-	    }
-	    string++;
-	    if (*string >= '0' && *string <= '9') {
-		low_digit = *string - '0';
-	    } else {
-		*string = toupper(*string);
-		low_digit = *string = 'A';
-	    }
-	    (rv->len)++;
-	} else {
-	    if (*string == ':') {
-		string++;
-	    } else {
-		if (*string == ' ') {
-		    while (*string == ' ') {
-			string++;
-		    }
-		}
-		if (*string != '\0') {
-		    error_out("ERROR: Improperly formated binary encoding");
-		}
-	    }
-	} 
-    }
-
-    return rv;
-}
-
-static SECStatus
-MakeGeneralName(char             *name, 
-		CERTGeneralName  *genName,
-		PRArenaPool      *arena)
-{
-    SECItem                      *oid;
-    SECOidData                   *oidData;
-    SECItem                      *ipaddress;
-    SECItem                      *temp = NULL;
-    int                          i;
-    int                          nameType;
-    PRBool                       binary = PR_FALSE;
-    SECStatus                    rv = SECSuccess;
-    PRBool                       nickname;
-
-    PORT_Assert(genName);
-    PORT_Assert(arena);
-    nameType = *(name + PORT_Strlen(name) - 1) - '0';
-    if (nameType == 0  && *(name +PORT_Strlen(name) - 2) == '1') {
-	nickname = PR_TRUE;
-	nameType = certOtherName;
-    }
-    if (nameType < 1 || nameType > 9) {
-	error_out("ERROR: Unknown General Name Type");
-    }
-    *(name + PORT_Strlen(name) - 4) = '\0';
-    genName->type = nameType;
-    
-    switch (genName->type) {
-      case certURI:
-      case certRFC822Name:
-      case certDNSName: {
-	  genName->name.other.data = (unsigned char *)name;
-	  genName->name.other.len = PORT_Strlen(name);
-	  break;
-      }
-      
-      case certIPAddress: {
-	  ipaddress = string_to_ipaddress(name);
-	  genName->name.other.data = ipaddress->data;
-	  genName->name.other.len = ipaddress->len;
-	  break;
-      }
-      
-      case certRegisterID: {
-	  oid = string_to_oid(name);
-	  genName->name.other.data = oid->data;
-	  genName->name.other.len = oid->len;
-	  break;
-      }
-      
-      case certEDIPartyName:
-      case certX400Address: {
-	  
-	  genName->name.other.data = PORT_ArenaAlloc (arena, 
-						      PORT_Strlen (name) + 2);
-	  if (genName->name.other.data == NULL) {
-	      error_allocate();
-	  }
-	  
-	  PORT_Memcpy (genName->name.other.data + 2, name, PORT_Strlen (name));
-	  /* This may not be accurate for all cases.  
-	     For now, use this tag type */
-	  genName->name.other.data[0] = (char)(((genName->type - 1) & 
-						0x1f)| 0x80);
-	  genName->name.other.data[1] = (char)PORT_Strlen (name);
-	  genName->name.other.len = PORT_Strlen (name) + 2;
-	  break;
-      }
-      
-      case certOtherName: {
-	  i = 0;
-	  if (!nickname) {
-	      while (!isdigit(*(name + PORT_Strlen(name) - i))) {
-		  i++;
-	      }
-	      if (*(name + PORT_Strlen(name) - i) == '1') {
-		  binary = PR_TRUE;
-	      } else {
-		  binary = PR_FALSE;
-	      }  
-	      while (*(name + PORT_Strlen(name) - i) != '-') {
-		  i++;
-	      }
-	      *(name + PORT_Strlen(name) - i - 1) = '\0';
-	      i = 0;
-	      while (*(name + i) != '-') {
-		  i++;
-	      }
-	      *(name + i - 1) = '\0';
-	      oid = string_to_oid(name + i + 2);
-	  } else {
-	      oidData = SECOID_FindOIDByTag(SEC_OID_NETSCAPE_NICKNAME);
-	      oid = &oidData->oid;
-	      while (*(name + PORT_Strlen(name) - i) != '-') {
-		  i++;
-	      }
-	      *(name + PORT_Strlen(name) - i) = '\0';
-	  }
-	  genName->name.OthName.oid.data = oid->data;
-	  genName->name.OthName.oid.len  = oid->len;
-	  if (binary) {
-	      temp = string_to_binary(name);
-	      genName->name.OthName.name.data = temp->data;
-	      genName->name.OthName.name.len = temp->len;
-	  } else {
-	      temp = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
-	      if (temp == NULL) {
-		  error_allocate();
-	      }
-	      temp->data = (unsigned char *)name;
-	      temp->len = PORT_Strlen(name);
-	      SEC_ASN1EncodeItem (arena, &(genName->name.OthName.name), temp,
-				  CERTIA5TypeTemplate);
-	  }
-	  PORT_Free(temp);
-	  break;
-      }
-      
-      case certDirectoryName: {
-	  CERTName *directoryName = NULL;
-	  
-	  directoryName = CERT_AsciiToName (name);
-	  if (!directoryName) {
-	      error_out("ERROR: Improperly formated alternative name");
-	      break;
-	  }
-	  rv = CERT_CopyName (arena, &genName->name.directoryName, 
-			      directoryName);
-	  CERT_DestroyName (directoryName);
-	  
-	  break;
-      }
-    }
-    genName->l.next = &(genName->l);
-    genName->l.prev = &(genName->l);
-    return rv;
-}
-
-
-static CERTGeneralName *
-MakeAltName(Pair             *data, 
-	    char             *which, 
-	    PRArenaPool      *arena)
-{
-    CERTGeneralName          *SubAltName;
-    CERTGeneralName          *current;
-    CERTGeneralName          *newname;
-    char                     *name = NULL;
-    SECStatus                rv = SECSuccess;
-    int                      len;
-    
-
-    len = PORT_Strlen(which);
-    name = find_field(data, which, PR_TRUE);
-    SubAltName = current = (CERTGeneralName *) PORT_ZAlloc
-	                                        (sizeof(CERTGeneralName));
-    if (current == NULL) {
-	error_allocate();
-    }
-    while (name != NULL) {
-
-	rv = MakeGeneralName(name, current, arena);
-
-	if (rv != SECSuccess) {
-	    break;
-	}
-	if (*(which + len -1) < '9') {
-	    *(which + len - 1) = *(which + len - 1) + 1;
-	} else {
-	    if (isdigit(*(which + len - 2) )) {
-		*(which + len - 2) = *(which + len - 2) + 1;
-		*(which + len - 1) = '0';
-	    } else {
-		*(which + len - 1) = '1';
-		*(which + len) = '0';
-		*(which + len + 1) = '\0';
-		len++;
-	    }
-	}
-	len = PORT_Strlen(which);
-	name = find_field(data, which, PR_TRUE);
-	if (name != NULL) {
-	    newname = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName));
-	    if (newname == NULL) {
-		error_allocate();
-	    }
-	    current->l.next = &(newname->l);
-	    newname->l.prev = &(current->l);
-	    current = newname;
-            newname = NULL;
-	} else {
-	    current->l.next = &(SubAltName->l);
-	    SubAltName->l.prev = &(current->l);
-	}
-    }
-    if (rv == SECFailure) {
-	return NULL;
-    }
-    return SubAltName;
-}
-
-static CERTNameConstraints *
-MakeNameConstraints(Pair             *data, 
-		    PRArenaPool      *arena)
-{
-    CERTNameConstraints      *NameConstraints;
-    CERTNameConstraint       *current = NULL;
-    CERTNameConstraint       *last_permited = NULL;
-    CERTNameConstraint       *last_excluded = NULL;
-    char                     *constraint = NULL;
-    char                     *which;
-    SECStatus                rv = SECSuccess;
-    int                      len;
-    int                      i;
-    long                     max;
-    long                     min;
-    PRBool                   permited;
-    
-
-    NameConstraints = (CERTNameConstraints *) PORT_ZAlloc
-	                            (sizeof(CERTNameConstraints));
-    which = make_copy_string("NameConstraintSelect0", 25,'\0');
-    len = PORT_Strlen(which);
-    constraint = find_field(data, which, PR_TRUE);
-    NameConstraints->permited = NameConstraints->excluded = NULL;
-    while (constraint != NULL) {
-	current = (CERTNameConstraint *) PORT_ZAlloc
-	                       (sizeof(CERTNameConstraint));
-	if (current == NULL) {
-	    error_allocate();
-	}
-	i = 0;
-	while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
-	    i++;
-	}
-        *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; 
-	max = (long) atoi(constraint + PORT_Strlen(constraint) + 3);
-	if (max > 0) {
-	    (void) SEC_ASN1EncodeInteger(arena, &current->max, max);
-	}
-	i = 0;
-	while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
-	    i++;
-	}
-        *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
-	min = (long) atoi(constraint + PORT_Strlen(constraint) + 3);
-	(void) SEC_ASN1EncodeInteger(arena, &current->min, min);
-	while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
-	    i++;
-	}
-        *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
-	if (*(constraint + PORT_Strlen(constraint) + 3) == 'p') {
-	    permited = PR_TRUE;
-	} else {
-	    permited = PR_FALSE;
-	}
-	rv = MakeGeneralName(constraint, &(current->name), arena);
-
-	if (rv != SECSuccess) {
-	    break;
-	}
-	if (*(which + len - 1) < '9') {
-	    *(which + len - 1) = *(which + len - 1) + 1;
-	} else {
-	    if (isdigit(*(which + len - 2) )) {
-		*(which + len - 2) = *(which + len - 2) + 1;
-		*(which + len - 1) = '0';
-	    } else {
-		*(which + len - 1) = '1';
-		*(which + len) = '0';
-		*(which + len + 1) = '\0';
-		len++;
-	    }
-	}
-	len = PORT_Strlen(which);
-	if (permited) {
-	    if (NameConstraints->permited == NULL) {
-		NameConstraints->permited = last_permited = current;
-	    }
-	    last_permited->l.next = &(current->l);
-	    current->l.prev = &(last_permited->l);
-	    last_permited = current;
-	} else {
-	    if (NameConstraints->excluded == NULL) {
-		NameConstraints->excluded = last_excluded = current;
-	    }
-	    last_excluded->l.next = &(current->l);
-	    current->l.prev = &(last_excluded->l);
-	    last_excluded = current;
-	}
-	constraint = find_field(data, which, PR_TRUE);
-	if (constraint != NULL) {
-	    current = (CERTNameConstraint *) PORT_ZAlloc(sizeof(CERTNameConstraint));
-	    if (current == NULL) {
-		error_allocate();
-	    }
-	}
-    }
-    if (NameConstraints->permited != NULL) {
-	last_permited->l.next = &(NameConstraints->permited->l);
-	NameConstraints->permited->l.prev = &(last_permited->l);
-    }
-    if (NameConstraints->excluded != NULL) {
-	last_excluded->l.next = &(NameConstraints->excluded->l);
-	NameConstraints->excluded->l.prev = &(last_excluded->l);
-    }
-    if (which != NULL) {
-	PORT_Free(which);
-    }
-    if (rv == SECFailure) {
-	return NULL;
-    }
-    return NameConstraints;
-}
-
-
-
-static SECStatus
-AddAltName(void              *extHandle,
-	   Pair              *data,
-	   char              *issuerNameStr, 
-	   CERTCertDBHandle  *handle,
-	   int               type)
-{
-    PRBool             autoIssuer = PR_FALSE;
-    PRArenaPool        *arena = NULL;
-    CERTGeneralName    *genName = NULL;
-    CERTName           *directoryName = NULL;
-    char               *which = NULL;
-    char               *name = NULL;
-    SECStatus          rv = SECSuccess;
-    SECItem            *issuersAltName = NULL;
-    CERTCertificate    *issuerCert = NULL;
-    void               *mark = NULL;
-
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	error_allocate();
-    }
-    if (type == 0) {
-	which = make_copy_string("SubAltNameSelect0", 20,'\0');
-	genName = MakeAltName(data, which, arena);
-    } else {
-	if (autoIssuer) {
-	    autoIssuer = find_field_bool(data,"IssuerAltNameSourceRadio-auto",
-					 PR_TRUE);
-	    issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
-	    rv = cert_FindExtension((*issuerCert).extensions, 
-				    SEC_OID_X509_SUBJECT_ALT_NAME, 
-				    issuersAltName);
-	    if (issuersAltName == NULL) {
-		name = PORT_Alloc(PORT_Strlen((*issuerCert).subjectName) + 4);
-		PORT_Strcpy(name, (*issuerCert).subjectName);
-		PORT_Strcat(name, " - 5");
-	    }
-	} else {
-	    which = make_copy_string("IssuerAltNameSelect0", 20,'\0');
-	    genName = MakeAltName(data, which, arena);
-	}
-    }
-    if (type == 0) {
-	EncodeAndAddExtensionValue(arena, extHandle, genName, 
-				   find_field_bool(data, "SubAltName-crit", 
-						   PR_TRUE), 
-				   SEC_OID_X509_SUBJECT_ALT_NAME, 
-				   (EXTEN_VALUE_ENCODER)
-				   CERT_EncodeAltNameExtension);
-
-    } else {
-	if (autoIssuer && (name == NULL)) {
-	    rv = CERT_AddExtension
-		(extHandle, SEC_OID_X509_ISSUER_ALT_NAME, issuersAltName,
-		 find_field_bool(data, "IssuerAltName-crit", PR_TRUE), PR_TRUE);
-	} else {
-	    EncodeAndAddExtensionValue(arena, extHandle, genName, 
-				       find_field_bool(data, 
-						       "IssuerAltName-crit", 
-						       PR_TRUE), 
-				       SEC_OID_X509_ISSUER_ALT_NAME, 
-				       (EXTEN_VALUE_ENCODER)
-				       CERT_EncodeAltNameExtension);
-	}
-    }
-    if (which != NULL) {
-	PORT_Free(which);
-    }
-    if (issuerCert != NULL) {
-	CERT_DestroyCertificate(issuerCert);
-    }
-#if 0
-    if (arena != NULL) {
-	PORT_ArenaRelease (arena, mark);
-    }
-#endif
-    return rv;
-}
-
-
-static SECStatus
-AddNameConstraints(void  *extHandle,
-		   Pair  *data)
-{
-    PRBool              autoIssuer = PR_FALSE;
-    PRArenaPool         *arena = NULL;
-    CERTNameConstraints *constraints = NULL;
-    char                *constraint = NULL;
-    SECStatus           rv = SECSuccess;
-
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	error_allocate();
-    }
-    constraints = MakeNameConstraints(data, arena);
-    if (constraints != NULL) {
-	EncodeAndAddExtensionValue(arena, extHandle, constraints, PR_TRUE, 
-				   SEC_OID_X509_NAME_CONSTRAINTS, 
-				   (EXTEN_VALUE_ENCODER)
-				   CERT_EncodeNameConstraintsExtension);
-    }
-    if (arena != NULL) {
-	PORT_ArenaRelease (arena, NULL);
-    }
-    return rv;
-}
-
-
-static SECStatus
-add_extensions(CERTCertificate   *subjectCert, 
-	       Pair              *data, 
-	       char              *issuerNameStr, 
-	       CERTCertDBHandle  *handle)
-{
-    void                         *extHandle;
-    SECStatus                    rv = SECSuccess;
-
-
-    extHandle = CERT_StartCertExtensions (subjectCert);
-    if (extHandle == NULL) {
-	error_out("ERROR: Unable to get certificates extension handle");
-    }
-    if (find_field_bool(data, "keyUsage", PR_TRUE)) {
-	rv = AddKeyUsage(extHandle, data);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Key Usage extension");
-	}
-    }
-
-    if( find_field_bool(data, "extKeyUsage", PR_TRUE) ) {
-      rv = AddExtKeyUsage(extHandle, data);
-      if( SECSuccess != rv ) {
-        error_out("ERROR: Unable to add Extended Key Usage extension");
-      }
-    }
-
-    if (find_field_bool(data, "basicConstraints", PR_TRUE)) {
-	rv = AddBasicConstraint(extHandle, data);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Basic Constraint extension");
-	}
-    }
-    if (find_field_bool(data, "subjectKeyIdentifier", PR_TRUE)) {
-	rv = AddSubKeyID(extHandle, data, subjectCert);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Subject Key Identifier Extension");
-	}
-    }
-    if (find_field_bool(data, "authorityKeyIdentifier", PR_TRUE)) {
-	rv = AddAuthKeyID (extHandle, data, issuerNameStr, handle);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Authority Key Identifier extension");
-	}
-    }
-    if (find_field_bool(data, "privKeyUsagePeriod", PR_TRUE)) {
-	rv = AddPrivKeyUsagePeriod (extHandle, data, subjectCert);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Private Key Usage Period extension");
-	}
-    }
-    if (find_field_bool(data, "SubAltName", PR_TRUE)) {
-	rv = AddAltName (extHandle, data, NULL, NULL, 0);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Subject Alternative Name extension");
-	}
-    }
-    if (find_field_bool(data, "IssuerAltName", PR_TRUE)) {
-	rv = AddAltName (extHandle, data, issuerNameStr, handle, 1);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Issuer Alternative Name Extension");
-	}
-    }
-    if (find_field_bool(data, "NameConstraints", PR_TRUE)) {
-	rv = AddNameConstraints(extHandle, data);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Name Constraints Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-cert-type", PR_TRUE)) {
-	rv = AddNscpCertType(extHandle, data);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape Certificate Type Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-base-url", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, "netscape-base-url-text", 
-					       PR_TRUE), 
-				    find_field_bool(data, 
-						    "netscape-base-url-crit", 
-						    PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_BASE_URL);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape Base URL Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-revocation-url", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, 
-					       "netscape-revocation-url-text", 
-					       PR_TRUE), 
-				    find_field_bool
-				       (data, "netscape-revocation-url-crit", 
-					PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_REVOCATION_URL);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape Revocation URL Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-ca-revocation-url", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, 
-					      "netscape-ca-revocation-url-text",
-					       PR_TRUE), 
-				    find_field_bool
-				        (data, "netscape-ca-revocation-url-crit"
-					 , PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape CA Revocation URL Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-cert-renewal-url", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, 
-					       "netscape-cert-renewal-url-text",
-					       PR_TRUE), 
-				    find_field_bool
-				        (data, "netscape-cert-renewal-url-crit",
-					 PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape Certificate Renewal URL Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-ca-policy-url", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, 
-					       "netscape-ca-policy-url-text", 
-					       PR_TRUE), 
-				    find_field_bool
-				         (data, "netscape-ca-policy-url-crit", 
-					  PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_CA_POLICY_URL);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape CA Policy URL Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-ssl-server-name", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, 
-					       "netscape-ssl-server-name-text", 
-					       PR_TRUE), 
-				    find_field_bool
-				         (data, "netscape-ssl-server-name-crit",
-					  PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape SSL Server Name Extension");
-	}
-    }
-    if (find_field_bool(data, "netscape-comment", PR_TRUE)) {
-	rv = add_IA5StringExtension(extHandle, 
-				    find_field(data, "netscape-comment-text", 
-					       PR_TRUE), 
-				    find_field_bool(data, 
-						    "netscape-comment-crit", 
-						    PR_TRUE),
-				    SEC_OID_NS_CERT_EXT_COMMENT);
-	if (rv != SECSuccess) {
-	    error_out("ERROR: Unable to add Netscape Comment Extension");
-	}
-    }
-    CERT_FinishExtensions(extHandle);
-    return (rv);
-}
-
-
-
-char *
-return_dbpasswd(PK11SlotInfo *slot, PRBool retry, void *data)
-{
-    char *rv;
-
-    /* don't clobber our poor smart card */
-    if (retry == PR_TRUE) {
-	return NULL;
-    }
-    rv = PORT_Alloc(4);
-    PORT_Strcpy(rv, "foo");
-    return rv;
-}
-
-
-SECKEYPrivateKey *
-FindPrivateKeyFromNameStr(char              *name, 
-			  CERTCertDBHandle  *certHandle)
-{
-    SECKEYPrivateKey                        *key;
-    CERTCertificate                         *cert;
-    CERTCertificate                         *p11Cert;
-    SECStatus                               status = SECSuccess;
-
-
-    /* We don't presently have a PK11 function to find a cert by 
-    ** subject name.  
-    ** We do have a function to find a cert in the internal slot's
-    ** cert db by subject name, but it doesn't setup the slot info.
-    ** So, this HACK works, but should be replaced as soon as we 
-    ** have a function to search for certs accross slots by subject name.
-    */
-    cert = CERT_FindCertByNameString(certHandle, name);
-    if (cert == NULL || cert->nickname == NULL) {
-	error_out("ERROR: Unable to retrieve issuers certificate");
-    }
-    p11Cert = PK11_FindCertFromNickname(cert->nickname, NULL);
-    if (p11Cert == NULL) {
-	error_out("ERROR: Unable to retrieve issuers certificate");
-    }
-    key = PK11_FindKeyByAnyCert(p11Cert, NULL);
-    return key;
-}
-
-static SECItem *
-SignCert(CERTCertificate   *cert,
-	 char              *issuerNameStr,
-	 Pair              *data,
-	 CERTCertDBHandle  *handle,
-         int               which_key)
-{
-    SECItem                der;
-    SECItem                *result = NULL;
-    SECKEYPrivateKey       *caPrivateKey = NULL;
-    SECStatus              rv;
-    PRArenaPool            *arena;
-    SECOidTag              algID;
-
-    if (which_key == 0) {
-	caPrivateKey = FindPrivateKeyFromNameStr(issuerNameStr, handle); 
-    } else {
-	caPrivateKey = privkeys[which_key - 1];
-    }
-    if (caPrivateKey == NULL) {
-	error_out("ERROR: unable to retrieve issuers key");
-    }
-	
-    arena = cert->arena;
-
-    switch(caPrivateKey->keyType) {
-      case rsaKey:
-	algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-	break;
-      case dsaKey:
-	algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-	break;
-      default:
-	error_out("ERROR: Unknown key type for issuer.");
-	goto done;
-	break;
-    }
-
-    rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0);
-    if (rv != SECSuccess) {
-	error_out("ERROR: Could not set signature algorithm id.");
-    }
-
-    if (find_field_bool(data,"ver-1", PR_TRUE)) {
-	*(cert->version.data) = 0;
-	cert->version.len = 1;
-    } else {
-	*(cert->version.data) = 2;
-	cert->version.len = 1;
-    }
-    der.data = NULL;
-    der.len = 0;
-    (void) SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate);
-    if (der.data == NULL) {
-	error_out("ERROR: Could not encode certificate.\n");
-    }
-    rv = SEC_DerSignData (arena, &(cert->derCert), der.data, der.len, caPrivateKey,
-			  algID);
-    if (rv != SECSuccess) {
-	error_out("ERROR: Could not sign encoded certificate data.\n");
-    }
-done:
-    SECKEY_DestroyPrivateKey(caPrivateKey);
-    return &(cert->derCert);
-}
-
-
-int
-main(int argc, char **argv)
-{
-    int                    length = 500;
-    int                    remaining = 500;
-    int                    n;
-    int                    fields = 3;
-    int                    i;
-    int                    serial;
-    int                    chainLen;
-    int                    which_key;
-    char                   *pos;
-#ifdef OFFLINE
-    char                   *form_output = "key=MIIBPTCBpzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7SLqjWBL9Wl11Vlg%0AaMqZCvcQOL%2FnvSqYPPRP0XZy9SoAeyWzQnBOiCm2t8H5mK7r2jnKdAQOmfhjaJil%0A3hNVu3SekHOXF6Ze7bkWa6%2FSGVcY%2FojkydxFSgY43nd1iydzPQDp8WWLL%2BpVpt%2B%2B%0ATRhFtVXbF0fQI03j9h3BoTgP2lkCAwEAARYDZm9vMA0GCSqGSIb3DQEBBAUAA4GB%0AAJ8UfRKJ0GtG%2B%2BufCC6tAfTzKrq3CTBHnom55EyXcsAsv6WbDqI%2F0rLAPkn2Xo1r%0AnNhtMxIuj441blMt%2Fa3AGLOy5zmC7Qawt8IytvQikQ1XTpTBCXevytrmLjCmlURr%0ANJryTM48WaMQHiMiJpbXCqVJC1d%2FpEWBtqvALzZaOOIy&subject=CN%3D%22test%22%26serial-auto%3Dtrue%26serial_value%3D%26ver-1%3Dtrue%26ver-3%3Dfalse%26caChoiceradio-SignWithDefaultkey%3Dtrue%26caChoiceradio-SignWithRandomChain%3Dfalse%26autoCAs%3D%26caChoiceradio-SignWithSpecifiedChain%3Dfalse%26manCAs%3D%26%24";
-#else
-    char                   *form_output;
-#endif
-    char                   *issuerNameStr;
-    char                   *certName;
-    char                   *DBdir = DB_DIRECTORY;
-    char                   *prefixs[10] = {"CA#1-", "CA#2-", "CA#3-", 
-					   "CA#4-", "CA#5-", "CA#6-", 
-					   "CA#7-", "CA#8-", "CA#9-", ""};
-    Pair                   *form_data;
-    CERTCertificate        *cert;
-    CERTCertDBHandle       *handle;
-    CERTCertificateRequest *certReq = NULL;
-    int                    warpmonths = 0;
-    SECItem                *certDER;
-#ifdef FILEOUT
-    FILE                   *outfile;
-#endif
-    SECStatus              status = SECSuccess;
-    extern                 char prefix[PREFIX_LEN];
-    SEC_PKCS7ContentInfo   *certChain;
-    SECItem                *encodedCertChain;
-    PRBool                 UChain = PR_FALSE;
-
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-
-#ifdef TEST
-    sleep(20);
-#endif
-    SECU_ConfigDirectory(DBdir);
-
-    PK11_SetPasswordFunc(return_dbpasswd);
-    status = NSS_InitReadWrite(DBdir);
-    if (status != SECSuccess) {
-	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-    handle = CERT_GetDefaultCertDB();
-
-    prefix[0]= '\0';
-#if !defined(OFFLINE)
-    form_output = (char*) PORT_Alloc(length);
-    if (form_output == NULL) {
-	error_allocate();
-    }
-    pos = form_output;
-    while (feof(stdin) == 0 ) {
-	if (remaining <= 1) {
-	    remaining += length;
-	    length = length * 2;
-	    form_output = PORT_Realloc(form_output, (length));
-	    if (form_output == NULL) {
-		error_allocate();
-	    }
-	    pos = form_output + length - remaining;
-	}
-	n = fread(pos, 1, (size_t) (remaining - 1), stdin);
-	pos += n;
-	remaining -= n;
-    }
-    *pos = '&';
-    pos++;
-    length = pos - form_output;
-#else
-    length = PORT_Strlen(form_output);
-#endif
-#ifdef FILEOUT
-    printf("Content-type: text/plain\n\n");
-    fwrite(form_output, 1, (size_t)length, stdout);
-    printf("\n");
-#endif
-#ifdef FILEOUT
-    fwrite(form_output, 1, (size_t)length, stdout);
-    printf("\n");
-    fflush(stdout);
-#endif
-    form_data = make_datastruct(form_output, length);
-    status = clean_input(form_data);
-#if !defined(OFFLINE)
-    PORT_Free(form_output);
-#endif
-#ifdef FILEOUT
-    i = 0;
-    while(return_name(form_data, i) != NULL) {
-        printf("%s",return_name(form_data,i));
-        printf("=\n");
-        printf("%s",return_data(form_data,i));
-        printf("\n");
-	i++;
-    }
-    printf("I got that done, woo hoo\n");
-    fflush(stdout);
-#endif
-    issuerNameStr = PORT_Alloc(200);
-    if (find_field_bool(form_data, "caChoiceradio-SignWithSpecifiedChain",
-			PR_FALSE)) {
-	UChain = PR_TRUE;
-	chainLen = atoi(find_field(form_data, "manCAs", PR_FALSE));
-	PORT_Strcpy(prefix, prefixs[0]);
-	issuerNameStr = PORT_Strcpy(issuerNameStr,
-			       "CN=Cert-O-Matic II, O=Cert-O-Matic II");
-	if (chainLen == 0) {
-	    UChain =  PR_FALSE;
-	}
-    } else {
-	if (find_field_bool(form_data, "caChoiceradio-SignWithRandomChain", 
-			    PR_FALSE)) {
-	    PORT_Strcpy(prefix,prefixs[9]);
-	    chainLen = atoi(find_field(form_data, "autoCAs", PR_FALSE));
-	    if (chainLen < 1 || chainLen > 18) {
-		issuerNameStr = PORT_Strcpy(issuerNameStr, 
-				       "CN=CA18, O=Cert-O-Matic II");
-	    }
-	    issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA");
-	    issuerNameStr = PORT_Strcat(issuerNameStr, 
-				   find_field(form_data,"autoCAs", PR_FALSE));
-	    issuerNameStr = PORT_Strcat(issuerNameStr,", O=Cert-O-Matic II");
-	} else {
-	    issuerNameStr = PORT_Strcpy(issuerNameStr, 
-				   "CN=Cert-O-Matic II, O=Cert-O-Matic II");
-	}
-	chainLen = 0;
-    }
-
-    i = -1;
-    which_key = 0;
-    do {
-    	extern SECStatus cert_GetKeyID(CERTCertificate *cert);
-	i++;
-	if (i != 0 && UChain) {
-	    PORT_Strcpy(prefix, prefixs[i]);
-	}
-	/*        find_field(form_data,"subject", PR_TRUE); */
-	certReq = makeCertReq(form_data, which_key);
-#ifdef OFFLINE
-	serial = 900;
-#else
-	serial = get_serial_number(form_data);
-#endif
-	cert = MakeV1Cert(handle, certReq, issuerNameStr, PR_FALSE, 
-			  serial, warpmonths, form_data);
-	if (certReq != NULL) {
-	    CERT_DestroyCertificateRequest(certReq);
-	}
-	if (find_field_bool(form_data,"ver-3", PR_TRUE)) {
-	    status = add_extensions(cert, form_data, issuerNameStr, handle);
-	    if (status != SECSuccess) {
-		error_out("ERROR: Unable to add extensions");
-	    }
-	}
-	status = cert_GetKeyID(cert);
-	if (status == SECFailure) {
-	    error_out("ERROR: Unable to get Key ID.");
-	}
-	certDER = SignCert(cert, issuerNameStr, form_data, handle, which_key);
-	CERT_NewTempCertificate(handle, certDER, NULL, PR_FALSE, PR_TRUE);
-	issuerNameStr = find_field(form_data, "subject", PR_TRUE);
-	/*        SECITEM_FreeItem(certDER, PR_TRUE); */
-	CERT_DestroyCertificate(cert);
-	if (i == (chainLen - 1)) {
-	    i = 8;
-	}
-	++which_key;
-    } while (i < 9 && UChain);
-
-
-
-#ifdef FILEOUT
-    outfile = fopen("../certout", "wb");
-#endif
-    certName = find_field(form_data, "subject", PR_FALSE);
-    cert = CERT_FindCertByNameString(handle, certName);
-    certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, handle);
-    if (certChain == NULL) {
-	error_out("ERROR: No certificates in cert chain");
-    }
-    encodedCertChain = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL, 
-					    NULL);
-    if (encodedCertChain) {
-#if !defined(FILEOUT)
-	printf("Content-type: application/x-x509-user-cert\r\n");
-	printf("Content-length: %d\r\n\r\n", encodedCertChain->len);
-	fwrite (encodedCertChain->data, 1, encodedCertChain->len, stdout);
-#else
-	fwrite (encodedCertChain->data, 1, encodedCertChain->len, outfile);
-#endif
-
-    } else {
-	error_out("Error: Unable to DER encode certificate");
-    }
-#ifdef FILEOUT
-    printf("\nI got here!\n");
-    fflush(outfile);
-    fclose(outfile);
-#endif
-    fflush(stdout);
-    return 0;
-}
-
diff --git a/security/nss/cmd/certcgi/index.html b/security/nss/cmd/certcgi/index.html
deleted file mode 100644
index 0bd79f3ce..000000000
--- a/security/nss/cmd/certcgi/index.html
+++ /dev/null
@@ -1,956 +0,0 @@
-<HTML>	<!-- -*- Mode: Java; tab-width: 8 -*- -->
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<HEAD>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> 
-<SCRIPT LANGUAGE="JavaScript1.2">
-
-script_url = 'http://interzone.mcom.com/cgi-bin/certomatic/bin/certcgi.cgi'
-
-ext_page_ver1 =
-  make_page_intro('Version 1 extensions', "#FFFFFF") +
-  '<layer ID="ext1">' +
-  'Version 1 X.509 certs do not support extensions' +
-  '</layer>' +
-  '</body></html>';
-
-cur_page = 1;
-
-num_ca = 0;
-
-index_list = 
-  '0, your_certificate_index_label,' +
-  '0, netscape_extensions_index_label,' +
-  '0, standard_extensions_index_label,' +
-  '0, certifying_authorities_index_label';
-
-var main_page = 
-  make_page_intro('Your Key', "#FFFFFF") +
-  '<layer ID="main" SRC="main.html">' +
-  '</layer>' +
-  '</body></html>' ;
-
-add_index_list = '';
-
-max_pages = 13;
-
-ver = 3
-
-ext_page_array = new Array(max_pages);
-
-index_label = 'Options';
-
-your_certificate_index_label = 'Your Certificate';
-
-netscape_extensions_index_label = 'Netscape X.509 Extensions';
-
-standard_extensions_index_label = 'Standard X.509 Extensions';
-
-certifying_authorities_index_label = 'Certifying Authorities';
-
-add_sub_alt_name_index_label = 'Add Subject Alternative Name';
-
-function setSubAltNameType(form)
-{
-  with(form)
-  {
-    if (SubAltNameRadio[0].checked) 
-    {
-      return true;
-    }
-    if (SubAltNameRadio[3].checked || SubAltNameRadio[5].checked)
-    {
-      SubAltNameDataType.checked = true;
-      return true;
-    }
-    if (SubAltNameRadio[1].checked || SubAltNameRadio[2].checked ||
-	SubAltNameRadio[4].checked || SubAltNameRadio[6].checked ||
-	SubAltNameRadio[7].checked || SubAltNameRadio[8].checked)
-    {
-      SubAltNameDataType.checked = false;
-      return true;
-    }
-  }
-  return true;
-}
-
-function setIssuerAltNameType(form)
-{
-  with(form)
-  {
-    if (IssuerAltNameRadio[0].checked) 
-    {
-      return true;
-    }
-    if (IssuerAltNameRadio[3].checked || IssuerAltNameRadio[5].checked)
-    {
-      IssuerAltNameDataType.checked = true;
-      return true;
-    }
-    if (IssuerAltNameRadio[1].checked || IssuerAltNameRadio[2].checked ||
-	IssuerAltNameRadio[4].checked || IssuerAltNameRadio[6].checked ||
-	IssuerAltNameRadio[7].checked || IssuerAltNameRadio[8].checked)
-    {
-      IssuerAltNameDataType.checked = false;
-      return true;
-    }
-  }
-  return true;
-}
-
-
-function setNameConstraintNameType(form)
-{
-  with(form)
-  {
-    if (NameConstraintRadio[0].checked) 
-    {
-      return true;
-    }
-    if (NameConstraintRadio[3].checked || NameConstraintRadio[5].checked)
-    {
-      NameConstraintNameDataType.checked = true;
-      return true;
-    }
-    if (NameConstraintRadio[1].checked || NameConstraintRadio[2].checked ||
-	NameConstraintRadio[4].checked || NameConstraintRadio[6].checked ||
-	NameConstraintRadio[7].checked || NameConstraintRadio[8].checked)
-    {
-      NameConstraintNameDataType.checked = false;
-      return true;
-    }
-  }
-  return true;
-}
-
-
-function addSubAltName(form)
-{
-
-  with(form)
-  {
-    var len = SubAltNameSelect.length;
-    var value;
-    var i = 0;
-    while(!(i == (SubAltNameRadio.length - 1)) & !(SubAltNameRadio[i].checked == true))
-    {
-      i++;
-    }
-    if (i != 0)
-    {
-      value = SubAltNameText.value + " - " + (i + 1);
-    }
-    else
-    {
-      value = SubAltNameText.value + " - " + SubAltNameOtherNameOID.value + " - ";
-      if (SubAltNameDataType.checked) 
-      {
-	value += "1 - ";
-      }
-      else
-      {
-	value += "0 - ";
-      }
-      value += (i + 1);
-      if (SubAltNameOtherNameOID.value == "")
-      {
-	alert("Other names must include an OID");
-	return false;
-      }
-    }
-
-    if ((SubAltNameText.value == "") | (SubAltNameRadio[i].checked != true))
-    {
-      alert("Alternative Names must include values for name and name type.");
-    }
-    else
-    {
-      SubAltNameSelect.options[len] = new Option(value, value);
-    }
-  }
-  return true;
-}
-
-function deleteSubAltName(form)
-{
-  with(form)
-  {
-    while (SubAltNameSelect.selectedIndex >= 0)
-    {
-      SubAltNameSelect[SubAltNameSelect.selectedIndex] = null;
-    }
-  }
-}
-  
-function addIssuerAltName(form)
-{
-  with(form)
-  {
-    var len = IssuerAltNameSelect.length;
-    var value;
-    var i = 0;
-
-    while(!(i == (IssuerAltNameRadio.length -1)) & !(IssuerAltNameRadio[i].checked == true))
-    {
-      i++;
-    }
-    if (i != 0)
-    {
-      value = IssuerAltNameText.value + " - " + (i + 1);
-    }
-    else
-    {
-      value = IssuerAltNameText.value + " - " + IssuerAltNameOtherNameOID.value + " - ";
-      if (IssuerAltNameDataType.checked) 
-      {
-	value += "1 - ";
-      }
-      else
-      {
-	value += "0 - ";
-      }
-      value += (i + 1);
-      if (IssuerAltNameOtherNameOID.value == "")
-	{
-	  alert("Other names must include an OID");
-	  return false;
-	}
-    }
-    if ((IssuerAltNameText.value == "") | (IssuerAltNameRadio[i].checked != true))
-    {
-      alert("Alternative Names must include values for name and name type.")
-    }
-    else
-    {
-    IssuerAltNameSelect.options[len] = new Option(value, value);
-    }
-  }
-  return true;
-}
-
-function deleteIssuerAltName(form)
-{
-  with(form)
-  {
-    while (IssuerAltNameSelect.selectedIndex >= 0)
-    {
-      IssuerAltNameSelect[IssuerAltNameSelect.selectedIndex] = null;
-    }
-  }
-}
-
-
-
-function addNameConstraint(form)
-{
-  with(form)
-  {
-    var len = NameConstraintSelect.length;
-    var value;
-    var i = 0;
-    var min = NameConstraintMin.value;
-    var max = NameConstraintMax.value;
-
-    while(!(i == (NameConstraintRadio.length - 1) ) & !(NameConstraintRadio[i].checked == true))
-    {
-      i++;
-    }
-    value = NameConstraintText.value + " - ";
-    if (i == 0) 
-    {
-      value += NameConstraintOtherNameOID.value + " - ";
-      if (NameConstraintNameDataType.checked) 
-      {
-	value += "1 - ";
-      }
-      else
-      {
-	value += "0 - ";
-      }
-      if (NameConstraintOtherNameOID.value == "")
-      {
-	alert("Other names must include an OID");
-	return false;
-      }
-    }
-    value += (i + 1) + " - ";
-    if (NameConstraintTypeRadio[0].checked == true) 
-    {
-      value += "p - ";
-    }
-    else
-    {
-      value += "e - ";
-    }
-    value += min + " - " + max;
-    if ((min == "") | (NameConstraintText.value == "") | (NameConstraintRadio[i].checked != true))
-    {
-      alert("Name Constraints must include values for minimum, name, and name type.")
-    }
-    else
-    {
-      NameConstraintSelect.options[len] = new Option(value, value);
-    }
-  }
-  return true;
-}
-
-function deleteNameConstraint(form)
-{
-  with(form)
-  {
-    while (NameConstraintSelect.selectedIndex >= 0)
-    {
-      NameConstraintSelect[NameConstraintSelect.selectedIndex] = null;
-    }
-  }
-}
-
-
-function submit_it()
-{
-  save_cur_page(cur_page);
-
-  var array_string;
-  var subject = ext_page_array[0][22][0];
-  var serial = ext_page_array[0][10][0];
-  var ver1 = (ver == 1);
-  var ver3 = (ver == 3);
-  var serial_number = ext_page_array[0][12][0];
-  var notBefore = ext_page_array[0][20][0];
-  var notAfter = ext_page_array[0][21][0];
-  var manValidity = ext_page_array[0][19][0];
-
-  if (subject == "")
-  {
-    alert("The DN field must contain some data");
-    return false;
-  }
-  if (!serial & serial_number == "")
-  {
-    alert("No serial number specified");
-    return false;
-  }
-  if (ext_page_array[0][15][0])
-  {
-    var keygen = "<keygen name=\"key\" challenge=\"foo\">";
-  }
-  else
-  {
-    switch (ext_page_array[0][17][0]) {
-      case 2:
-        var keygen = "<keygen keytype=\"dsa\" pqg=\"MIGdAkEAjfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qsSWk9+/g3JMLsBzbuMcgCkQIVAMdzIYxzfsjumTtPLe0w9I7azpFfAkEAYm0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5UhklycxC6fb0ZLCIzFcq9T5teIAg==\" name=\"key\" challenge=\"foo\">";
-	break;
-      case 1:
-        var keygen = "<keygen keytype=\"dsa\" pqg=\"MIHaAmDCboVgX0+6pEeMlbwsasWDVBcJNHPKMzkq9kbCRK2U3k+tE15n+Dc2g3ZjDYr1um51e2iLC34/BwAAAAAAAAAAAAAAAAAAAAAAAAABbBhnlFN5Djmt0Mk8cdEBY5H8iPMCFMhUnFtbpjn3EyfH2DjVg3ALh7FtAmA2zWzhpeCwvOTjYnQorlXiv0WcnSiWmaC79CRYkFt5i+UEfRxwP1eNGJBVB1T+CPW6JGd4WhgsqtSf53pn5DEtv++O7lNfXyOhWhb3KaWHYIx8fuAXtioIWkWmpfEIVZA=\" name=\"key\" challenge=\"foo\">";
-	break;
-      case 0:
-        var keygen = "<keygen keytype=\"dsa\" pqg=\"MIIBHAKBgId8SiiWrcdua5zbsBhPkKfFcnHBG7T/bQla7c6OixGjjmSSuq2fJLvMKa579CaxHxLZzZZXIHmAk9poRgWl2GUUkCJ68XSum8OQzDPXPsofcEdeANjw3mIAAAAAAAAAAAAAAAAAAAAAAAAIE+MkW5hguLIQqWvEVi9dMpbNu6OZAhTIA+y3TgyiwA0D8pt686ofaL1IOQKBgAiZQC6UCXztr2iXxJrAC+51gN5oX/R9Thilln9RGegsWnHrdxUOpcm5vAWp1LU8TOXtujE8kqkm3UxIRhUWQORe9IxLANAXmZJqkw9FEVHkxj6Cy9detwT2MyBzSwS6avsf7aLisgHmI/IHSeapJsQ3NQa3rikb6zRiqIV+TVa6\" name=\"key\" challenge=\"foo\">";
-        break;
-    }
-  }
-  array_string =  build_array_string();
-  hiddens = "<input type=\"hidden\" name=\"subject\" value=\'" + subject + "\'> \n" +
-            "<input type=\"hidden\" name=\"serial-auto\" value=\"" + serial + "\"> \n" +
-            "<input type=\"hidden\" name=\"serial_value\" value=\"" + serial_number + "\"> \n" +
-            "<input type=\"hidden\" name=\"ver-1\" value=\"" + ver1 + "\"> \n" +
-            "<input type=\"hidden\" name=\"ver-3\" value=\"" + ver3 + "\"> \n" +
-            "<input type=\"hidden\" name=\"notBefore\" value=\"" + notBefore + "\"> \n" +
-            "<input type=\"hidden\" name=\"notAfter\" value=\"" + notAfter + "\"> \n" +
-            "<input type=\"hidden\" name=\"manValidity\" value=\"" + manValidity + "\"> \n" +
-            array_string;
-
-  var good_submit_page =
-    '<html>' +
-    '<BODY TEXT="#000000" LINK="#000000" VLINK="#000000" ALINK="#FF0000" BGCOLOR="#FFFFFF">' +
-    '<form method="post" action="' + script_url + '">' +
-    'Select size for your key:' + keygen + '</p>' +
-    '<input type="submit"></p>' +
-    hiddens +
-    '</form>\n' +
-    '</body>\n' +
-    '</html>\n';
-
-  window.frames.extensions.document.write(good_submit_page);
-  window.frames.extensions.document.close();
-  cur_page = max_pages + 1;
-  make_index(window);
-  return false;
-}
-
-
-
-function build_array_string()
-{
-  var j;
-  var array_string = '';
-  var pages;
-
-  if ((ext_page_array[3][4][0] > 0) && ext_page_array[3][3][0])
-  {
-    pages = 4 + parseInt(ext_page_array[3][4][0]);
-  }
-  else
-  {
-    pages = 4;
-  }
-  for (j = 1; j < pages; j++)
-  {
-    if ((j > 1 || (ver == 3)) && 
-	(ext_page_array[j].length > 1)) 
-    {
-      if (j < 4)
-      {
-	for (i = 0; i < ext_page_array[j].length; i++)
-	{
-	  if (ext_page_array[j][i][3].indexOf("radio") == -1)
-	  {
-	    if (ext_page_array[j][i][3].indexOf("multiple") == -1)
-	    {
-	      array_string +=  '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
-	    }
-	    else
-	    {
-	      for (k = 0; k < ext_page_array[j][i][0].length; k++)
-	      {
-		array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + k + '\" value=\'' + ext_page_array[j][i][0][k] + '\'> \n';
-	      }
-	    }
-	  }
-	  else
-	  {
-	    array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + '-' + ext_page_array[j][i][2] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
-	  }
-	}
-      }
-      else
-      {
-	for (i = 0; i < ext_page_array[j].length; i++)
-	{
-	  if (ext_page_array[j][i][3].indexOf("radio") == -1)
-	  {
-	    if (ext_page_array[j][i][3].indexOf("multiple") == -1)
-	    {
-	      array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + '\" value=\'' + ext_page_array[j][i][0] +'\'> \n';
-	    }
-	    else
-	    {
-	      for (k = 0; k < ext_page_array[j][i][0].length; k++)
-	      {
-		array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + k + '\" value=\'' + ext_page_array[j][i][0][k] + '\'> \n';
-	      }
-	    }
-	  }
-	  else
-	  {
-	    array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + '-' + ext_page_array[j][i][2] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
-	  }
-	}
-      }
-    }
-  }
-  return array_string;
-}
-
-
-
-function init_ext_page_array()
-{
-  for (i = 0; i < max_pages; i++)
-  {
-    ext_page_array[i] = '';
-  }
-}
-
-function ca_num_change(n,ca_form)
-{
- with(ca_form)
- {
-  n = parseInt(n,10);
-  if (caChoiceradio[2].checked)
-  {
-    if (n)
-    {
-      update_index(n);
-    }
-    else
-    {
-      update_index(0);
-    }
-  }
- }
-}
-
-function choice_change(ca_form)
-{
-  with(ca_form)
-  {
-    if (caChoiceradio[2].checked)
-    {
-      ca_num_change(manCAs.value,ca_form);
-    }
-    else
-    {
-      update_index(0);
-    }
-  }
-}
-
-function update_index(n)
-{
-  var add_string = '';
-  for (var i = 0; i < n; i++)
-  {
-    var j = i + 1;
-    add_string = add_string + ',1, \'CA #' + j + '\'';
-  }
-  top.add_index_list = add_string;
-  num_ca = n;
-  make_index(window);
-}
-
-function set_ver1()
-// redraws the extensions page for version 1 certificates
-{
-  ver = 1
-  if (cur_page == 2 || cur_page == 3)
-  {
-    sa_switch_pane(window, cur_page, cur_page);
-  }
-}
-
-
-function set_ver3()
-// redraws the extensions page for version 3 certificates
-{
-  ver = 3
-  if (cur_page == 2)
-  {
-    sa_switch_pane(window, 0, 2);
-  }
-  else if (cur_page == 3)
-  {
-    sa_switch_pane(window, 0, 3);
-  }
-}
-
-function reset_subject(marker, value, form)
-// Updates the subject field from a subordinate field
-{
-  with(form)
-  {
-    var field_sep = '", ';
-    var begin_index = subject.value.indexOf(marker);
-    if (begin_index != 0 && subject.value[begin_index - 1] != ' ')
-    {
-      begin_index = subject.value.indexOf(marker, begin_index +1);
-    }
-    var end_index = subject.value.indexOf(field_sep, begin_index);
-    if (begin_index > -1)  // is it a delete/change?
-    {
-      if (end_index == -1)  // is it the last one (includes only one)?
-      {
-        if (value.length > 0)  // do I have to change it?
-        {
-          if (begin_index == 0) // is is the only one?
-	  {
-            subject.value = marker + '"' + value + '"';
-          }
-          else    // it is the last of many
-	  {
-            subject.value = subject.value.substring(0,begin_index) + marker + '"' + value + '"';
-          }
-        }
-        else   //  must be a delete
-        {
-          if (begin_index == 0) // is it the only one?
-	  {
-            begin_index += 2;
-          }
-          subject.value = subject.value.substring(0,(begin_index - 2));
-        }
-      }
-      else  // it is the first of many or a middle one
-      {
-        if (value.length >0)  // do I have to change it?
-        {
-          subject.value = subject.value.substring(0,(begin_index + marker.length + 1)) + value + subject.value.substring(end_index,subject.length);
-        }
-        else // it is a delete
-        {
-          subject.value = subject.value.substring(0,begin_index) + subject.value.substring((end_index + 3),subject.length);
-        }
-      }
-    }
-    else  // It is either an insert or a do nothing
-    {
-      if (value.length > 0) // is it an insert?
-      {
-        if (subject.value.length == 0)  // is subject currently empty?
-        {
-          subject.value = marker + '"' + value + '"';
-        }
-        else
-        {
-          subject.value = subject.value + ', ' + marker + '"' + value + '"';
-        }
-      }
-    }
-  }
-}
-
-
-
-function reset_subjectFields(form)
-// updates all the subordinate fields from the subject field of a form
-// ************ move the strings to global variables, to make maintentance easier ****************
-{
-
-  update_subject_Field(form, 'CN=\"', form.name);
-  update_subject_Field(form, 'MAIL=\"', form.email);
-  update_subject_Field(form, 'O=\"', form.org);
-  update_subject_Field(form, 'C=\"', form.country);
-  update_subject_Field(form, ' L=\"', form.loc);
-  update_subject_Field(form, 'ST=\"', form.state);
-  update_subject_Field(form, 'E=\"', form.email);
-  update_subject_Field(form, 'OU=\"', form.org_unit);
-  update_subject_Field(form, 'UID=\"', form.uid);
-}
-
-function update_subject_Field(form, marker, update_field)
-//updates a single subordinate field from the subject field of a form
-// *************** need to deal with the two types of e-mail addresses **************
-{
-  with(form)
-  {
-    var field_sep = '", ';
-    var begin_index = subject.value.indexOf(marker) + marker.length;
-    var end_index = subject.value.indexOf(field_sep, begin_index);
-      if (end_index == -1)
-      {
-        end_index = subject.value.indexOf('"',begin_index);
-      }
-      if (begin_index != (-1 + marker.length) )
-      {
-        update_field.value = subject.value.substring(begin_index, end_index);
-      }
-      else
-      {
-        update_field.value = '';
-      }
-  }
-}
-
-
-function switch_mail(form)
-  // *************** I need to figure out if I want to delete the other type of e-mail address ************
-{
-  if (form.email_type[0].checked)
-  {
-    var del = 'E=';
-    var ins = 'MAIL=';
-  }
-  else
-  {
-    var del = 'MAIL=';
-    var ins = 'E=';
-  }
-  reset_subject(del, '', form);
-  reset_subject(ins, form.email.value, form);
-}
-
-function make_page_intro(title, bgcolor)
-{
-  var style = '<STYLE TYPE="text/css">BODY{' +
-    'font-family: Geneva,MS Sans Serif,Arial,Lucida,Helvetica,sans-serif;' +
-    'font-size: 10pt;' +
-    '}' +
-    'TD{' +
-    'font-family: Geneva,MS Sans Serif,Arial,Lucida,Helvetica,sans-serif;' +
-    'font-size: 10pt;}' +
-    '</STYLE>';
-
-  if (bgcolor == null) { bgcolor = "#C0C0C0"; }
-  return '<HTML><HEAD>' +
-    '<TITLE>' + title + '</TITLE>' +
-    '</HEAD>' +
-    '<BODY TEXT="#000000" LINK="#000000" VLINK="#000000" ALINK="#FF0000" ' +
-          'BGCOLOR="' + bgcolor + '">';
-}
-
-
-function make_index(window)
-{
-  with (window.frames.index) 
-  {
-    eval ('index_string = make_index_page(cur_page, ' + index_list + add_index_list + ' )');
-    fool1 = make_page_intro(index_label, "#FFFFFF") +
-      index_string + '</BODY></HTML>';
-    document.write(fool1);
-    document.close();
-  }
-}
-
-
-function save_cur_page(page_number)
-{
-  var len;
-  var j = page_number - 1;
-  if (frames.extensions.document.layers.length != 0)
-  {
-    with (frames.extensions.document.layers[0].document)
-    {
-      if ((page_number != 2 && page_number != 3 && page_number <= max_pages) || 
-	  ver == 3)
-      {
-        ext_page_array[j] = new Array(forms[0].elements.length);
-        for (i = 0; i < forms[0].elements.length; i++)
-        {
-	  ext_page_array[j][i] = new Array(4);
-          switch (forms[0].elements[i].type)
-	  {
-	    case 'radio': case 'checkbox':
-              ext_page_array[j][i][0] = forms[0].elements[i].checked;
-              break;
-            case 'select-one':
-              ext_page_array[j][i][0] = forms[0].elements[i].selectedIndex;
-              break;
-            case 'select-multiple':
-              len = forms[0].elements[i].options.length;
-	      ext_page_array[j][i][0] = new Array(len);
-	      for(k = 0; k < len; k++)
-	      {
-                ext_page_array[j][i][0][k] = forms[0].elements[i].options[k].value;
-	      }
-              break;
-            default:
-              ext_page_array[j][i][0] = forms[0].elements[i].value;
-          }
-	  ext_page_array[j][i][1] = forms[0].elements[i].name;
-	  ext_page_array[j][i][2] = forms[0].elements[i].value;
-	  ext_page_array[j][i][3] = forms[0].elements[i].type;
-        }
-      }
-    }
-  }
-}
-
-function reload_form(page_number)
-{
-  var j = page_number - 1;
-  with (frames.extensions.document.layers[0].document)
-  {
-    if (((page_number < 2 || page_number > 3) || ver == 3) 
-	&& page_number != 0 && (ext_page_array[j].length > 1))
-    {
-      for (i = 0; i < ext_page_array[j].length; i++)
-      {
-        switch (forms[0].elements[i].type)
-	{
-          case 'radio': case 'checkbox':
-            forms[0].elements[i].checked = ext_page_array[j][i][0];
-            break;
-          case 'select-one':
-            forms[0].elements[i].selectedIndex = ext_page_array[j][i][0];
-            break;
-	  case 'select-multiple':
-            for (k = 0; k < ext_page_array[j][i][0].length; k++)
-	    {
-	      forms[0].elements[i].options[k] = new Option(ext_page_array[j][i][0][k], 
-							    ext_page_array[j][i][0][k]);
-	    }
-            break;
-          default:
-            forms[0].elements[i].value = ext_page_array[j][i][0];
-        }
-      }
-    }
-  }
-}
-
-function sa_switch_pane(top_window, old_pane, new_pane)
-{
-  var ext_page_stnd =
-    make_page_intro(standard_extensions_index_label, "#FFFFFF") +
-    '<layer ID="ext" SRC="stnd_ext_form.html">' +
-    '</layer>' +
-    '</body></html>';
-
-  var ext_page_nscp = 
-    make_page_intro(netscape_extensions_index_label, "#FFFFFF") +
-    '<layer ID="ext" SRC="nscp_ext_form.html">' +
-    '</layer>' +
-    '</body></html>';
-
-  var ext_page_ca =
-    make_page_intro(certifying_authorities_index_label, "#FFFFFF") +
-    '<layer ID="ext" SRC="ca.html">' +
-    '</layer>' +
-    '</body</html>';
-
-  var ext_page_ca_exp =
-    make_page_intro('Certifying Authority Details', "#FFFFFF") +
-    '<layer ID="ext" SRC="ca_form.html">' +
-    '</layer>' +
-    '</body></html>';
-
-
-  if (old_pane > 0 && cur_page <= max_pages)
-  {
-    save_cur_page(old_pane);
-  }
-  cur_page = new_pane;
-  make_index(top_window);
-  if (new_pane == 2 || new_pane == 3)
-  {
-    if (ver == 1)
-    {
-      frames.extensions.document.write(ext_page_ver1);
-      frames.extensions.document.close();
-    }
-    else
-    {
-      if (new_pane == 2)
-      {
-        frames.extensions.document.write(ext_page_nscp);
-        frames.extensions.document.close();
-	reload_form(new_pane);
-      }
-      else
-      {
-        frames.extensions.document.write(ext_page_stnd);
-        frames.extensions.document.close();
-        reload_form(new_pane);
-      }
-    }
-  }
-  else
-  {
-    if (new_pane == 4)
-    {
-      frames.extensions.document.write(ext_page_ca);
-      frames.extensions.document.close();
-      reload_form(new_pane);
-    }
-    else
-    {
-      if (new_pane == 1)
-      {
-      frames.extensions.document.write(main_page);
-      frames.extensions.document.close();
-      reload_form(new_pane);
-      }
-      else
-      {
-        frames.extensions.document.write(ext_page_ca_exp);
-        frames.extensions.document.close();
-        reload_form(new_pane);
-      }
-    }
-  }
-}
-
-function make_index_page(selected)
-{
-  var n_strings = ( make_index_page.arguments.length - 1 ) / 2;
-  var table_background;
-  var command;
-  var indent;
-  var label;
-  var ret_string = "";
-    
-  ret_string += '<TABLE CELLSPACING=4>';
-  for ( var i = 1; i <= n_strings; i++ ) {
-    if ( i == selected ) {
-      table_background = 'BGCOLOR=#BBCCBB';
-    } else {
-      table_background = '';
-    }
-	
-    indent = make_index_page.arguments[(i*2) - 1];
-    label =  make_index_page.arguments[(i*2)];
-
-    if ( indent == 0 ) {
-      ret_string += ('<TR><TD COLSPAN=2 ' + table_background + '>');
-    } else {
-      ret_string += ('<TR><TD>&nbsp;&nbsp;</TD><TD ' + table_background + '>');
-    }
-
-    command = "'parent.sa_switch_pane(parent," + selected + "," + i + ")'";
-    ret_string += ('<A HREF="javascript:void setTimeout(' + command + ',0)">');
-    if ( indent == 0 ) { ret_string += "<B>"; }
-    ret_string += label;
-    if ( indent == 0 ) { ret_string += "</B>"; }
-    ret_string += '</A></TD></TR>';
-  }
-  if (selected == (max_pages + 1))
-  {
-    table_background = 'BGCOLOR=#BBCCBB';
-  } else {
-    table_background = '';
-  }
-  ret_string +=
-    '<TR><TD COLSPAN=2 ' + table_background + 
-    '><b><A HREF="javascript:void setTimeout(\'top.submit_it()\', 0)">Finish</A></b>' +
-    '</TD></TR>' +
-    '<input type="submit"></form>' + 
-    '</TABLE>';
-  return(ret_string);
-}
-
-
-function make_page(window)
-// Draws the initial page setup
-{
-  selected = cur_page
-  init_ext_page_array()
-
-  with (window.frames.extensions) {
-    document.write(main_page);
-    document.close();
-  }
-
-  make_index(window);
-
-}
-</script>
-
-</HEAD>
-<title>Cert-O-Matic</title>
-  <FRAMESET cols="150,*" BORDER=3 ONLOAD="make_page(window)">
-      <FRAME SRC="about:blank" NAME="index"
-           MARGINWIDTH=15 MARGINHEIGHT=10 BORDER=3>
-      <FRAME SRC="about:blank" NAME="extensions"
-           MARGINWIDTH=15 MARGINHEIGHT=10 BORDER=3>
-  </FRAMESET>
-</HTML>
diff --git a/security/nss/cmd/certcgi/main.html b/security/nss/cmd/certcgi/main.html
deleted file mode 100644
index 50e138aee..000000000
--- a/security/nss/cmd/certcgi/main.html
+++ /dev/null
@@ -1,105 +0,0 @@
-<HTML>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<HEAD>
-    <TITLE>Main Layer for CertOMatic</TITLE>
-</HEAD>
-
-    <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
-    <table border=0 cellspacing=10 cellpadding=0>
-    <tr>
-    <td>
-    Common Name:</td><td> <input type="text" name="name" onChange="{window.top.reset_subject('CN=', value, form)}"></p>
-    </td>
-    <td></td><td></td>
-    <td>
-    Organization: </td><td>  <input type="text" name="org" onChange="{window.top.reset_subject('O=', value, form)}"></p></td>
-    <tr>
-    <td>
-    <input type="radio" name="email_type" value="1" onClick="window.top.switch_mail(form)">MAIL=
-
-    <input type="radio" name="email_type" value="2" checked onClick="window.top.switch_mail(form)">E=
-    </td>
-    <td>
-    <input type="text" name="email" onChange="var temp;{if (email_type[0].checked) {temp = 'MAIL='} else {temp = 'E='}} ;{window.top.reset_subject(temp, value, form)}">
-    </td>
-    <td></td><td></td><td>
-    Organizational Unit: </td><td><input type="text" name="org_unit" onChange="{window.top.reset_subject('OU=', value, form)}"></p></td>
-    <tr>
-    <td>
-    UID= </td><td><input type="text" name="uid" onChange="{window.top.reset_subject('UID=', value, form)}"></p></td>
-    <td></td><td></td><td>
-    Locality: </td><td><input type="text" name="loc" onChange="{window.top.reset_subject('L=', value, form)}"></p></td>
-    <tr>
-    <td>
-    State or Province: </td><td><input type="text" name="state" onChange="{window.top.reset_subject('ST=', value, form)}"></p></td>
-    <td></td><td></td><td>
-    Country: </td><td><input type="text" size="2" name="country" onChange="{window.top.reset_subject('C=', value, form)}" maxlength="2"></p></td>
-    <tr>
-    <td COLSPAN=2>
-    Serial Number:
-    <DD><input type="radio" name="serial" value="auto" checked> Auto Generate
-    <DD><input type="radio" name="serial" value="input">
-    Use this hex value:&nbsp; <input type="text" name="serial_value" size="8" maxlength="8"></p>
-    </td>
-    <td></td> <td></td>
-    <td COLSPAN=2>
-    X.509 version:
-    <DD><input type="radio" name="ver" value="1" onClick="if (this.checked) {window.top.set_ver1();}"> Version 1
-    <DD><input type="radio" name="ver" value="3" checked onClick="if (this.checked) {window.top.set_ver3();}"> Version 3</P></td>
-    <tr>
-    <td COLSPAN=2>
-    Key Type:
-    <DD><input type="radio" name="keyType" value="rsa" checked> RSA
-    <DD><input type="radio" name="keyType" value="dsa"> DSA</p>
-    Intermediate CA Key Sizes:
-    <DD><select name="keysize">
-        <option>2048 (Very High Grade)
-        <option>1024 (High Grade)
-        <option>512  (Low Grade)
-        </select>
-    </td>
-    <td></td> <td></td>
-    <td COLSPAN=2>
-    Validity:
-    <DD><input type="radio" name="validity" value="auto" checked> 
-       Generate Automatically
-    <DD><input type="radio" name="validity" value="man"> Use these values:
-    <DD>Not Before:&nbsp; <input type="text" size="15" maxlength="17" name="notBefore">
-    <DD>Not After:&nbsp;&nbsp;&nbsp; <input type="text" size="15" maxlength="17" name="notAfter">
-    <DD>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
-    <FONT SIZE=-1><TT>YYMMDDhhmm[ss]{Z|+hhmm|-hhmm} </TT></FONT>
-    </table>
-    DN: <input type="text" name="subject" size="70" onChange="{window.top.reset_subjectFields(form)}"></P>  	      
-    </form>
-</HTML>
diff --git a/security/nss/cmd/certcgi/manifest.mn b/security/nss/cmd/certcgi/manifest.mn
deleted file mode 100644
index e065a8e1a..000000000
--- a/security/nss/cmd/certcgi/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header directories are implicitly REQUIREd.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = certcgi.c
-
-PROGRAM	= certcgi
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/certcgi/nscp_ext_form.html b/security/nss/cmd/certcgi/nscp_ext_form.html
deleted file mode 100644
index de939eecb..000000000
--- a/security/nss/cmd/certcgi/nscp_ext_form.html
+++ /dev/null
@@ -1,113 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
-<html> 
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-
-  <body>
-    <table  border=1 cellspacing=5 cellpadding=5>
-    <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
-    <tr>
-    <td>
-    <b>Netscape Certificate Type: </b></p>
-    Activate extension: <input type="checkbox" name="netscape-cert-type"></P>
-    Critical: <input type="checkbox" name="netscape-cert-type-crit">
-    <td>
-    <input type="checkbox" name="netscape-cert-type-ssl-client"> SSL Client</P>
-    <input type="checkbox" name="netscape-cert-type-ssl-server"> SSL Server</P>
-    <input type="checkbox" name="netscape-cert-type-smime"> S/MIME</P>
-    <input type="checkbox" name="netscape-cert-type-object-signing"> Object Signing</P>    
-    <input type="checkbox" name="netscape-cert-type-reserved"> Reserved for future use (bit 4)</P>
-    <input type="checkbox" name="netscape-cert-type-ssl-ca"> SSL CA</P>
-    <input type="checkbox" name="netscape-cert-type-smime-ca"> S/MIME CA</P>
-    <input type="checkbox" name="netscape-cert-type-object-signing-ca"> Object Signing CA</P>
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape Base URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-base-url"></P>
-    Critical: <input type="checkbox" name="netscape-base-url-crit">
-    <td>
-    <input type="text" name="netscape-base-url-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape Revocation URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-revocation-url"></P>
-    Critical: <input type="checkbox" name="netscape-revocation-url-crit">
-    <td>
-    <input type="text" name="netscape-revocation-url-text" size="50">
-    </tr>
-    <tr>
-    <td>    
-    <b>Netscape CA Revocation URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-ca-revocation-url"></P>
-    Critical: <input type="checkbox" name="netscape-ca-revocation-url-crit">
-    <td>
-    <input type="text" name="netscape-ca-revocation-url-text" size="50">
-    </tr>
-    <tr>
-    <td>    
-    <b>Netscape Certificate Renewal URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-cert-renewal-url"></P>
-    Critical: <input type="checkbox" name="netscape-cert-renewal-url-crit">
-    <td>
-    <input type="text" name="netscape-cert-renewal-url-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape CA Policy URL:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-ca-policy-url"></P>
-    Critical: <input type="checkbox" name="netscape-ca-policy-url-crit">
-    <td>
-    <input type="text" name="netscape-ca-policy-url-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape SSL Server Name:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-ssl-server-name"></P>
-    Critical: <input type="checkbox" name="netscape-ssl-server-name-crit">
-    <td>
-    <input type="text" name="netscape-ssl-server-name-text" size="50">
-    </tr>
-    <tr>
-    <td>
-    <b>Netscape Comment:</b></p>
-    Activate extension: <input type="checkbox" name="netscape-comment"></P>
-    Critical: <input type="checkbox" name="netscape-comment-crit">
-    <td>
-    <textarea name="netscape-comment-text" rows="5" cols="50"></textarea>
-    </tr>
-        
-    </table>
-  </body>
-</html>
diff --git a/security/nss/cmd/certcgi/stnd_ext_form.html b/security/nss/cmd/certcgi/stnd_ext_form.html
deleted file mode 100644
index ece9b2ff7..000000000
--- a/security/nss/cmd/certcgi/stnd_ext_form.html
+++ /dev/null
@@ -1,247 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
-<html>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-
-  <body>
-    <table  border=1 cellspacing=5 cellpadding=5>
-    <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
-    <tr>
-    <td>
-    <b>Key Usage: </b></p>
-    Activate extension: <input type="checkbox" name="keyUsage"></P>
-    Critical: <input type="checkbox" name="keyUsage-crit">
-    <td>
-    <input type="checkbox" name="keyUsage-digitalSignature"> Digital Signature</P>
-    <input type="checkbox" name="keyUsage-nonRepudiation"> Non Repudiation</P>    
-    <input type="checkbox" name="keyUsage-keyEncipherment"> Key Encipherment</P>    
-    <input type="checkbox" name="keyUsage-dataEncipherment"> Data Encipherment</P>
-    <input type="checkbox" name="keyUsage-keyAgreement"> Key Agreement</P>
-    <input type="checkbox" name="keyUsage-keyCertSign"> Key Certificate Signing</P>
-    <input type="checkbox" name="keyUsage-cRLSign"> CRL Signing</P>
-    </tr>
-    <tr>
-    <td>
-    <b>Extended Key Usage: </b></p>
-    Activate extension: <input type="checkbox" name="extKeyUsage"></P>
-    Critical: <input type="checkbox" name="extKeyUsage-crit">
-    <td>
-    <input type="checkbox" name="extKeyUsage-serverAuth"> Server Auth</P>
-    <input type="checkbox" name="extKeyUsage-clientAuth"> Client Auth</P>
-    <input type="checkbox" name="extKeyUsage-codeSign"> Code Signing</P>
-    <input type="checkbox" name="extKeyUsage-emailProtect"> Email Protection</P>
-    <input type="checkbox" name="extKeyUsage-timeStamp"> Timestamp</P>
-    <input type="checkbox" name="extKeyUsage-ocspResponder"> OCSP Responder</P>
-    <input type="checkbox" name="extKeyUsage-NS-govtApproved"> Step-up</P>
-    </tr>
-    <tr>
-    <td>
-    <b>Basic Constraints:</b></p>
-    Activate extension: <input type="checkbox" name="basicConstraints"></P>
-    Critical: <input type="checkbox" name="basicConstraints-crit">
-    <td>
-    CA:</p>
-    <dd><input type=radio name="basicConstraints-cA-radio" value="CA"> True</p>
-    <dd><input type=radio name="basicConstraints-cA-radio" value="NotCA"> False</p>
-    <input type="checkbox" name="basicConstraints-pathLengthConstraint">
-     Include Path length:  <input type="text" name="basicConstraints-pathLengthConstraint-text" size="2"></p>
-    </tr>
-    <tr>
-    <td>
-    <b>Authority Key Identifier:</b></p>
-    Activate extension: <input type="checkbox" name="authorityKeyIdentifier">
-    <td>
-    <input type="radio" name="authorityKeyIdentifier-radio" value="keyIdentifier"> Key Identider</p>
-    <input type="radio" name="authorityKeyIdentifier-radio" value="authorityCertIssuer"> Issuer Name and Serial number</p>
-    </tr>
-    <tr>
-    <td>    
-    <b>Subject Key Identifier:</b></p>
-    Activate extension: <input type="checkbox" name="subjectKeyIdentifier">
-    <td>
-    Key Identifier: 
-    <input type="text" name="subjectKeyIdentifier-text"></p>
-    This is an:<p>
-    <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="ascii"> ascii text value<p>
-    <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="hex"> hex value<p>
-    </tr>
-    <tr>
-    <td>    
-    <b>Private Key Usage Period:</b></p>
-    Activate extension: <input type="checkbox" name="privKeyUsagePeriod"></p>
-    Critical: <input type="checkbox" name="privKeyUsagePeriod-crit">
-    <td>
-    Use:</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notBefore"> Not Before</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notAfter"> Not After</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-radio" value="both" > Both</p>
-    <b>Not to be used to sign before:</b></p>
-    <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="auto"> Set to time of certificate issue</p>
-    <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="manual"> Use This value</p>
-    <dd><dd>(YYYY/MM/DD HH:MM:SS): 
-    <input type="text" name="privKeyUsagePeriod-notBefore-year" size="4" maxlength="4">/
-    <input type="text" name="privKeyUsagePeriod-notBefore-month" size="2" maxlength="2">/
-    <input type="text" name="privKeyUsagePeriod-notBefore-day" size="2" maxlength="2"> 
-    <input type="text" name="privKeyUsagePeriod-notBefore-hour" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notBefore-minute" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notBefore-second" size="2" maxlength="2"></p>
-    <b>Not to be used to sign after:</b></p>
-    <dd>(YYYY/MM/DD HH:MM:SS): 
-    <input type="text" name="privKeyUsagePeriod-notAfter-year" size="4" maxlength="4">/
-    <input type="text" name="privKeyUsagePeriod-notAfter-month" size="2" maxlength="2">/
-    <input type="text" name="privKeyUsagePeriod-notAfter-day" size="2" maxlength="2"> 
-    <input type="text" name="privKeyUsagePeriod-notAfter-hour" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notAfter-minute" size="2" maxlength="2">:
-    <input type="text" name="privKeyUsagePeriod-notAfter-second" size="2" maxlength="2"></p>
-    </tr>
-    <tr>
-    <td>
-    <b>Subject Alternative Name:</b></p>
-    Activate extension: <input type="checkbox" name="SubAltName"></P>
-    Critical: <input type="checkbox" name="SubAltName-crit">
-    <td>
-      <table>
-      <tr>
-      <td>
-      General Names:</p>
-      <select name="SubAltNameSelect" multiple size="10">
-      </select></p></p>
-      <input type="button" name="SubAltName-add" value="Add" onClick="{parent.addSubAltName(this.form)}">
-      <input type="button" name="SubAltName-delete" value="Delete" onClick="parent.deleteSubAltName(this.form)">
-      </td><td>
-        <table><tr><td>
-        Name Type: </td></tr><tr><td>
-        <input type="radio" name="SubAltNameRadio" value="otherName" onClick="parent.setSubAltNameType(form)"> Other Name, 
-        OID: <input type="text" name="SubAltNameOtherNameOID" size="6"> </td><td>
-        <input type="radio" name="SubAltNameRadio" value="rfc822Name" onClick="parent.setSubAltNameType(form)"> RFC 822 Name</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="dnsName" onClick="parent.setSubAltNameType(form)"> DNS Name </td><td>
-        <input type="radio" name="SubAltNameRadio" value="x400" onClick="parent.setSubAltNameType(form)"> X400 Address</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="directoryName" onClick="parent.setSubAltNameType(form)"> Directory Name</td><td>
-        <input type="radio" name="SubAltNameRadio" value="ediPartyName" onClick="parent.setSubAltNameType(form)"> EDI Party Name</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="URL" onClick="parent.setSubAltNameType(form)"> Uniform Resource Locator</td><td>
-        <input type="radio" name="SubAltNameRadio" value="ipAddress" onClick="parent.setSubAltNameType(form)"> IP Address</td></tr><td>
-        <input type="radio" name="SubAltNameRadio" value="regID"onClick="parent.setSubAltNameType(form)"> Registered ID</td><td>
-	<input type="radio" name="SubAltNameRadio" value="nscpNickname" onClick="parent.setSubAltNameType(form)"> Netscape Certificate Nickname</td><td></tr>
-        </table>
-      Name: <input type="text" name="SubAltNameText">
-        Binary Encoded: <input type="checkbox" name="SubAltNameDataType" value="binary" onClick="parent.setSubAltNameType(form)"></p>
-      </tr>
-      </table>
-    </tr>
-
-
-    <tr>
-    <td>
-    <b>Issuer Alternative Name:</b></p>
-    Activate extension: <input type="checkbox" name="IssuerAltName"></P>
-    Critical: <input type="checkbox" name="IssuerAltName-crit">
-    <td>
-      <input type="radio" name="IssuerAltNameSourceRadio" value="auto"> Use the Subject Alternative Name from the Issuers Certificate</p>
-      <input type="radio" name="IssuerAltNameSourceRadio" value="man"> Use this Name:
-      <table>
-      <tr>
-      <td>
-      General Names:</p>
-      <select name="IssuerAltNameSelect" multiple size="10">
-      </select></p></p>
-      <input type="button" name="IssuerAltName-add" value="Add" onClick="{parent.addIssuerAltName(this.form)}">
-      <input type="button" name="IssuerAltName-delete" value="Delete" onClick="parent.deleteIssuerAltName(this.form)">
-      </td><td>
-        <table><tr><td>
-        Name Type: </td></tr><tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="otherName" onClick="parent.setIssuerAltNameType(form)"> Other Name, 
-        OID: <input type="text" name="IssuerAltNameOtherNameOID" size="6"> </td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="rfc822Name" onClick="parent.setIssuerAltNameType(form)"> RFC 822 Name</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="dnsName" onClick="parent.setIssuerAltNameType(form)"> DNS Name </td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="x400" onClick="parent.setIssuerAltNameType(form)"> X400 Address</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="directoryName" onClick="parent.setIssuerAltNameType(form)"> Directory Name</td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="ediPartyName" onClick="parent.setIssuerAltNameType(form)"> EDI Party Name</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="URL" onClick="parent.setIssuerAltNameType(form)"> Uniform Resource Locator</td><td>
-        <input type="radio" name="IssuerAltNameRadio" value="ipAddress" onClick="parent.setIssuerAltNameType(form)"> IP Address</td></tr><td>
-        <input type="radio" name="IssuerAltNameRadio" value="regID" onClick="parent.setIssuerAltNameType(form)"> Registered ID</td><td></tr>
-        </table>
-      Name: <input type="text" name="IssuerAltNameText"> 
-        Binary Encoded: <input type="checkbox" name="IssuerAltNameDataType" value="binary" onClick="parent.setIssuerAltNameType(form)"></p>
-      </tr>
-      </table>
-    </tr>
-
-    <tr>
-    <td>
-    <b>Name Constraints:</b></p>
-    Activate extension: <input type="checkbox" name="NameConstraints"></P>
-    <td>
-      <table>
-      <tr>
-      <td>
-      Name Constraints:</p>
-      <select name="NameConstraintSelect" multiple size="10">
-      </select></p></p>
-      <input type="button" name="NameConstraint-add" value="Add" onClick="{parent.addNameConstraint(this.form)}">
-      <input type="button" name="NameConstraint-delete" value="Delete" onClick="parent.deleteNameConstraint(this.form)">
-      </td><td>
-        <table><tr><td>
-        Name Type: </td></tr><tr><td>
-        <input type="radio" name="NameConstraintRadio" value="otherName" onClick="parent.setNameConstraintNameType(form)"> Other Name,
-        OID: <input type="text" name="NameConstraintOtherNameOID" size="6">  </td><td>
-        <input type="radio" name="NameConstraintRadio" value="rfc822Name" onClick="parent.setNameConstraintNameType(form)"> RFC 822 Name</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="dnsName" onClick="parent.setNameConstraintNameType(form)"> DNS Name </td><td>
-        <input type="radio" name="NameConstraintRadio" value="x400" onClick="parent.setNameConstraintNameType(form)"> X400 Address</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="directoryName" onClick="parent.setNameConstraintNameType(form)"> Directory Name</td><td>
-        <input type="radio" name="NameConstraintRadio" value="ediPartyName" onClick="parent.setNameConstraintNameType(form)"> EDI Party Name</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="URL" onClick="parent.setNameConstraintNameType(form)"> Uniform Resource Locator</td><td>
-        <input type="radio" name="NameConstraintRadio" value="ipAddress" onClick="parent.setNameConstraintNameType(form)"> IP Address</td></tr><td>
-        <input type="radio" name="NameConstraintRadio" value="regID" onClick="parent.setNameConstraintNameType(form)"> Registered ID</td><td></tr>
-        </table>
-      Name: <input type="text" name="NameConstraintText">
-        Binary Encoded: <input type="checkbox" name="NameConstraintNameDataType" value="binary" onClick="parent.setNameConstraintNameType(form)"></p>
-      Constraint type:<p>
-      <dd><input type="radio" name="NameConstraintTypeRadio" value="permited"> permited<p>
-      <dd><input type="radio" name="NameConstraintTypeRadio" value="excluded"> excluded<p>
-      Minimum: <input type="text" name="NameConstraintMin" size="8" maxlength="8"></p>
-      Maximum: <input type="text" name="NameConstraintMax" size="8" maxlength="8"></p>
-      </tr>
-      </table>
-    </tr>
-
-    </table>
-  </body>
-</html>
-
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/certutil/Makefile b/security/nss/cmd/certutil/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/certutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c
deleted file mode 100644
index 3b89e394e..000000000
--- a/security/nss/cmd/certutil/certutil.c
+++ /dev/null
@@ -1,2742 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** certutil.c
-**
-** utility for managing certificates and the cert database
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "secasn1.h"
-#include "cert.h"
-#include "cryptohi.h"
-#include "secoid.h"
-#include "certdb.h"
-#include "nss.h"
-
-#define MIN_KEY_BITS		512
-#define MAX_KEY_BITS		2048
-#define DEFAULT_KEY_BITS	1024
-
-#define GEN_BREAK(e) rv=e; break;
-
-
-extern SECKEYPrivateKey *CERTUTIL_GeneratePrivateKey(KeyType keytype,
-						     PK11SlotInfo *slot, 
-                                                     int rsasize,
-						     int publicExponent,
-						     char *noise,
-						     SECKEYPublicKey **pubkeyp,
-						     char *pqgFile,
-                                                     secuPWData *pwdata);
-
-static char *progName;
-
-static CERTGeneralName *
-GetGeneralName (PRArenaPool *arena)
-{
-    CERTGeneralName *namesList = NULL;
-    CERTGeneralName *current;
-    CERTGeneralName *tail = NULL;
-    SECStatus rv = SECSuccess;
-    int intValue;
-    char buffer[512];
-    void *mark;
-
-    PORT_Assert (arena);
-    mark = PORT_ArenaMark (arena);
-    do {
-	puts ("\nSelect one of the following general name type: \n");
-	puts ("\t1 - instance of other name\n\t2 - rfc822Name\n\t3 - dnsName\n");
-	puts ("\t4 - x400Address\n\t5 - directoryName\n\t6 - ediPartyName\n");
-	puts ("\t7 - uniformResourceidentifier\n\t8 - ipAddress\n\t9 - registerID\n");
-	puts ("\tOther - omit\n\t\tChoice:");
-	scanf ("%d", &intValue);
-	if (intValue >= certOtherName || intValue <= certRegisterID) {
-	    if (namesList == NULL) {
-		namesList = current = tail = (CERTGeneralName *) PORT_ArenaAlloc 
-		                                  (arena, sizeof (CERTGeneralName));
-	    } else {
-		current = (CERTGeneralName *) PORT_ArenaAlloc(arena, 
-							      sizeof (CERTGeneralName));
-	    }
-	    if (current == NULL) {
-		GEN_BREAK (SECFailure);
-	    }	
-	} else {
-	    break;
-	}
-	current->type = intValue;
-	puts ("\nEnter data:");
-	fflush (stdout);
-	gets (buffer);
-	switch (current->type) {
-	    case certURI:
-	    case certDNSName:
-	    case certRFC822Name:
-		current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer));
-		if (current->name.other.data == NULL) {
-		    GEN_BREAK (SECFailure);
-		}
-		PORT_Memcpy
-		  (current->name.other.data, buffer, current->name.other.len = strlen(buffer));
-		break;
-
-	    case certEDIPartyName:
-	    case certIPAddress:
-	    case certOtherName:
-	    case certRegisterID:
-	    case certX400Address: {
-
-		current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer) + 2);
-		if (current->name.other.data == NULL) {
-		    GEN_BREAK (SECFailure);
-		}
-
-		PORT_Memcpy (current->name.other.data + 2, buffer, strlen (buffer));
-		/* This may not be accurate for all cases.  For now, use this tag type */
-		current->name.other.data[0] = (char)(((current->type - 1) & 0x1f)| 0x80);
-		current->name.other.data[1] = (char)strlen (buffer);
-		current->name.other.len = strlen (buffer) + 2;
-		break;
-	    }
-
-	    case certDirectoryName: {
-		CERTName *directoryName = NULL;
-
-		directoryName = CERT_AsciiToName (buffer);
-		if (!directoryName) {
-		    fprintf(stderr, "certutil: improperly formatted name: \"%s\"\n", buffer);
-		    break;
-		}
-			    
-		rv = CERT_CopyName (arena, &current->name.directoryName, directoryName);
-		CERT_DestroyName (directoryName);
-		
-		break;
-	    }
-	}
-	if (rv != SECSuccess)
-	    break;
-	current->l.next = &(namesList->l);
-	current->l.prev = &(tail->l);
-	tail->l.next = &(current->l);
-	tail = current;
-
-    }while (1);
-
-    if (rv != SECSuccess) {
-	PORT_SetError (rv);
-	PORT_ArenaRelease (arena, mark);
-	namesList = NULL;
-    }
-    return (namesList);
-}
-
-static SECStatus 
-GetString(PRArenaPool *arena, char *prompt, SECItem *value)
-{
-    char buffer[251];
-
-    value->data = NULL;
-    value->len = 0;
-    
-    puts (prompt);
-    gets (buffer);
-    if (strlen (buffer) > 0) {
-	value->data = PORT_ArenaAlloc (arena, strlen (buffer));
-	if (value->data == NULL) {
-	    PORT_SetError (SEC_ERROR_NO_MEMORY);
-	    return (SECFailure);
-	}
-	PORT_Memcpy (value->data, buffer, value->len = strlen(buffer));
-    }
-    return (SECSuccess);
-}
-
-static CERTCertificateRequest *
-GetCertRequest(PRFileDesc *inFile, PRBool ascii)
-{
-    CERTCertificateRequest *certReq = NULL;
-    CERTSignedData signedData;
-    PRArenaPool *arena = NULL;
-    SECItem reqDER;
-    SECStatus rv;
-
-    reqDER.data = NULL;
-    do {
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-	    GEN_BREAK (SECFailure);
-	}
-	
- 	rv = SECU_ReadDERFromFile(&reqDER, inFile, ascii);
-	if (rv) 
-	    break;
-        certReq = (CERTCertificateRequest*) PORT_ArenaZAlloc
-		  (arena, sizeof(CERTCertificateRequest));
-        if (!certReq) 
-	    break;
-	certReq->arena = arena;
-
-	/* Since cert request is a signed data, must decode to get the inner
-	   data
-	 */
-	PORT_Memset(&signedData, 0, sizeof(signedData));
-	rv = SEC_ASN1DecodeItem(arena, &signedData, 
-		SEC_ASN1_GET(CERT_SignedDataTemplate), &reqDER);
-	if (rv)
-	    break;
-	
-        rv = SEC_ASN1DecodeItem(arena, certReq, 
-		SEC_ASN1_GET(CERT_CertificateRequestTemplate), &signedData.data);
-   } while (0);
-
-   if (rv) {
-       PRErrorCode  perr = PR_GetError();
-       fprintf(stderr, "%s: unable to decode DER cert request (%s)\n", progName,
-               SECU_Strerror(perr));
-   }
-   return (certReq);
-}
-
-static PRBool 
-GetYesNo(char *prompt) 
-{
-    char buf[3];
-
-    PR_Sync(PR_STDIN);
-    PR_Write(PR_STDOUT, prompt, strlen(prompt)+1);
-    PR_Read(PR_STDIN, buf, sizeof(buf));
-    return (buf[0] == 'y' || buf[0] == 'Y') ? PR_TRUE : PR_FALSE;
-#if 0
-    char charValue;
-
-    puts (prompt);
-    scanf ("%c", &charValue);
-    if (charValue != 'y' && charValue != 'Y')
-	return (0);
-    return (1);
-#endif
-}
-
-static SECStatus
-AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts, 
-        PRFileDesc *inFile, PRBool ascii, PRBool emailcert, void *pwdata)
-{
-    CERTCertTrust *trust = NULL;
-    CERTCertificate *cert = NULL, *tempCert = NULL;
-    SECItem certDER;
-    SECStatus rv;
-
-    certDER.data = NULL;
-    do {
-	/* Read in the entire file specified with the -i argument */
-	rv = SECU_ReadDERFromFile(&certDER, inFile, ascii);
-	if (rv != SECSuccess) {
-	    SECU_PrintError(progName, "unable to read input file");
-	    break;
-	}
-
-	/* Read in an ASCII cert and return a CERTCertificate */
-	cert = CERT_DecodeCertFromPackage((char *)certDER.data, certDER.len);
-	if (!cert) {
-	    SECU_PrintError(progName, "could not obtain certificate from file"); 
-	    GEN_BREAK(SECFailure);
-	}
-
-	/* Create a cert trust to pass to SEC_AddPermCertificate */
-	trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust));
-	if (!trust) {
-	    SECU_PrintError(progName, "unable to allocate cert trust");
-	    GEN_BREAK(SECFailure);
-	}
-
-	rv = CERT_DecodeTrustString(trust, trusts);
-	if (rv) {
-	    SECU_PrintError(progName, "unable to decode trust string");
-	    GEN_BREAK(SECFailure);
-	}
-
-	if (!PK11_IsFriendly(slot)) {
-	    rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
-	    if (rv != SECSuccess) {
-		SECU_PrintError(progName, "could not authenticate to token or database");
-		GEN_BREAK(SECFailure);
-	    }
-	}
-
-	rv =  PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE);
-	if (rv != SECSuccess) {
-	    SECU_PrintError(progName, "could not add certificate to token or database");
-	    GEN_BREAK(SECFailure);
-	}
-
-	rv = CERT_ChangeCertTrust(handle, cert, trust);
-	if (rv != SECSuccess) {
-	    SECU_PrintError(progName, "could not change trust on certificate");
-	    GEN_BREAK(SECFailure);
-	}
-
-	if ( emailcert ) {
-	    CERT_SaveSMimeProfile(cert, NULL, pwdata);
-	}
-
-    } while (0);
-
-    CERT_DestroyCertificate (cert);
-    PORT_Free(trust);
-    PORT_Free(certDER.data);
-
-    return rv;
-}
-
-static SECStatus
-CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType,
-	CERTName *subject, char *phone, int ascii, PRFileDesc *outFile)
-{
-    CERTSubjectPublicKeyInfo *spki;
-    CERTCertificateRequest *cr;
-    SECItem *encoding;
-    SECItem result;
-    SECStatus rv;
-    PRArenaPool *arena;
-    PRInt32 numBytes;
-
-    /* Create info about public key */
-    spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
-    if (!spki) {
-	SECU_PrintError(progName, "unable to create subject public key");
-	return SECFailure;
-    }
-
-    /* Generate certificate request */
-    cr = CERT_CreateCertificateRequest(subject, spki, 0);
-    if (!cr) {
-	SECU_PrintError(progName, "unable to make certificate request");
-	return SECFailure;
-    }
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) {
-	SECU_PrintError(progName, "out of memory");
-	return SECFailure;
-    }
-    
-    /* Der encode the request */
-    encoding = SEC_ASN1EncodeItem(arena, NULL, cr,
-		  SEC_ASN1_GET(CERT_CertificateRequestTemplate));
-    if (encoding == NULL) {
-	SECU_PrintError(progName, "der encoding of request failed");
-	return SECFailure;
-    }
-
-    /* Sign the request */
-    switch (keyType) {
-    case rsaKey:
-	rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len, 
-	                     privk, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION);
-	break;
-    case dsaKey:
-	rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len, 
-	                 privk, SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST);
-	break;
-    default:
-	SECU_PrintError(progName, "Must use rsa or dsa key type");
-	return SECFailure;
-    }
-
-    if (rv) {
-	SECU_PrintError(progName, "signing of data failed");
-	return SECFailure;
-    }
-
-    /* Encode request in specified format */
-    if (ascii) {
-	char *obuf;
-	char *name, *email, *org, *state, *country;
-	SECItem *it;
-	int total;
-
-	it = &result;
-
-	obuf = BTOA_ConvertItemToAscii(it);
-	total = PL_strlen(obuf);
-
-	name = CERT_GetCommonName(subject);
-	if (!name) {
-	    fprintf(stderr, "You must specify a common name\n");
-	    return SECFailure;
-	}
-
-	if (!phone)
-	    phone = strdup("(not specified)");
-
-	email = CERT_GetCertEmailAddress(subject);
-	if (!email)
-	    email = strdup("(not specified)");
-
-	org = CERT_GetOrgName(subject);
-	if (!org)
-	    org = strdup("(not specified)");
-
-	state = CERT_GetStateName(subject);
-	if (!state)
-	    state = strdup("(not specified)");
-
-	country = CERT_GetCountryName(subject);
-	if (!country)
-	    country = strdup("(not specified)");
-
-	PR_fprintf(outFile, 
-	           "\nCertificate request generated by Netscape certutil\n");
-	PR_fprintf(outFile, "Phone: %s\n\n", phone);
-	PR_fprintf(outFile, "Common Name: %s\n", name);
-	PR_fprintf(outFile, "Email: %s\n", email);
-	PR_fprintf(outFile, "Organization: %s\n", org);
-	PR_fprintf(outFile, "State: %s\n", state);
-	PR_fprintf(outFile, "Country: %s\n\n", country);
-
-	PR_fprintf(outFile, "%s\n", NS_CERTREQ_HEADER);
-	numBytes = PR_Write(outFile, obuf, total);
-	if (numBytes != total) {
-	    SECU_PrintSystemError(progName, "write error");
-	    return SECFailure;
-	}
-	PR_fprintf(outFile, "%s\n", NS_CERTREQ_TRAILER);
-    } else {
-	numBytes = PR_Write(outFile, result.data, result.len);
-	if (numBytes != (int)result.len) {
-	    SECU_PrintSystemError(progName, "write error");
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus 
-ChangeTrustAttributes(CERTCertDBHandle *handle, char *name, char *trusts)
-{
-    SECStatus rv;
-    CERTCertificate *cert;
-    CERTCertTrust *trust;
-    
-    cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
-    if (!cert) {
-	SECU_PrintError(progName, "could not find certificate named \"%s\"",
-			name);
-	return SECFailure;
-    }
-
-    trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust));
-    if (!trust) {
-	SECU_PrintError(progName, "unable to allocate cert trust");
-	return SECFailure;
-    }
-
-    /* This function only decodes these characters: pPwcTCu, */
-    rv = CERT_DecodeTrustString(trust, trusts);
-    if (rv) {
-	SECU_PrintError(progName, "unable to decode trust string");
-	return SECFailure;
-    }
-
-    rv = CERT_ChangeCertTrust(handle, cert, trust);
-    if (rv) {
-	SECU_PrintError(progName, "unable to modify trust attributes");
-	return SECFailure;
-    }
-    CERT_DestroyCertificate(cert);
-
-    return SECSuccess;
-}
-
-static SECStatus
-printCertCB(CERTCertificate *cert, void *arg)
-{
-    SECStatus rv;
-    SECItem data;
-    CERTCertTrust *trust = (CERTCertTrust *)arg;
-    
-    data.data = cert->derCert.data;
-    data.len = cert->derCert.len;
-
-    rv = SECU_PrintSignedData(stdout, &data, "Certificate", 0,
-			      SECU_PrintCertificate);
-    if (rv) {
-	SECU_PrintError(progName, "problem printing certificate");
-	return(SECFailure);
-    }
-    if (trust) {
-	SECU_PrintTrustFlags(stdout, trust,
-	                     "Certificate Trust Flags", 1);
-    } else if (cert->trust) {
-	SECU_PrintTrustFlags(stdout, cert->trust,
-	                     "Certificate Trust Flags", 1);
-    }
-
-    printf("\n");
-
-    return(SECSuccess);
-}
-
-static SECStatus
-dumpChain(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
-          PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg)
-{
-    SECStatus rv;
-    CERTCertificate *the_cert;
-    CERTCertificateList *chain;
-    int i, j;
-    the_cert = PK11_FindCertFromNickname(name, NULL);
-    if (!the_cert) {
-	SECU_PrintError(progName, "Could not find: %s\n", name);
-	return SECFailure;
-    }
-    chain = CERT_CertChainFromCert(the_cert, 0, PR_TRUE);
-    CERT_DestroyCertificate(the_cert);
-    if (!chain) {
-	SECU_PrintError(progName, "Could not obtain chain for: %s\n", name);
-	return SECFailure;
-    }
-    for (i=chain->len-1; i>=0; i--) {
-	CERTCertificate *c;
-	c = CERT_FindCertByDERCert(handle, &chain->certs[i]);
-	for (j=i; j<chain->len-1; j++) printf("  ");
-	printf("\"%s\" [%s]\n\n", c->nickname, c->subjectName);
-	CERT_DestroyCertificate(c);
-    }
-    CERT_DestroyCertificateList(chain);
-    return SECSuccess;
-}
-
-static SECStatus
-listCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
-          PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg)
-{
-    CERTCertificate *cert;
-    SECItem data;
-    PRInt32 numBytes;
-    SECStatus rv = SECFailure;
-
-    /* List certs on a non-internal slot. */
-    if (!PK11_IsFriendly(slot) && PK11_NeedLogin(slot))
-	    PK11_Authenticate(slot, PR_TRUE, pwarg);
-    if (name) {
-	CERTCertificate *the_cert;
-	the_cert = PK11_FindCertFromNickname(name, NULL);
-	if (!the_cert) {
-	    SECU_PrintError(progName, "Could not find: %s\n", name);
-	    return SECFailure;
-	}
-	data.data = the_cert->derCert.data;
-	data.len = the_cert->derCert.len;
-	if (ascii) {
-	    PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER, 
-		        BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER);
-	    rv = SECSuccess;
-	} else if (raw) {
-	    numBytes = PR_Write(outfile, data.data, data.len);
-	    if (numBytes != data.len) {
-		SECU_PrintSystemError(progName, "error writing raw cert");
-		rv = SECFailure;
-	    }
-	    rv = SECSuccess;
-	} else {
-	    rv = printCertCB(the_cert, the_cert->trust);
-	}
-	CERT_DestroyCertificate(the_cert);
-    } else {
-	CERTCertList *certs;
-	CERTCertListNode *node;
-
-	certs = PK11_ListCertsInSlot(slot);
-	if (certs) {
-	    for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs);
-						node = CERT_LIST_NEXT(node)) {
-		SECU_PrintCertNickname(node->cert,stdout);
-	    }
-	    CERT_DestroyCertList(certs);
-	    rv = SECSuccess;
-	}
-    }
-    if (rv) {
-	SECU_PrintError(progName, "problem printing certificate nicknames");
-	return SECFailure;
-    }
-
-    return SECSuccess;	/* not rv ?? */
-}
-
-static SECStatus
-ListCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
-          PRBool raw, PRBool ascii, PRFileDesc *outfile, secuPWData *pwdata)
-{
-    SECStatus rv;
-
-    if (slot == NULL) {
-	CERTCertList *list;
-	CERTCertListNode *node;
-
-	list = PK11_ListCerts(PK11CertListUnique, pwdata);
-	for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list);
-	     node = CERT_LIST_NEXT(node)) 
-	{
-	    SECU_PrintCertNickname(node->cert, stdout);
-	}
-	CERT_DestroyCertList(list);
-	return SECSuccess;
-    } else {
-	rv = listCerts(handle,name,slot,raw,ascii,outfile,pwdata);
-    }
-    return rv;
-}
-
-static SECStatus
-DumpChain(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
-          PRBool raw, PRBool ascii, PRFileDesc *outfile, secuPWData *pwdata)
-{
-    SECStatus rv;
-
-    if (slot == NULL) {
-	PK11SlotList *list;
-	PK11SlotListElement *le;
-
-	list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,
-						PR_FALSE,PR_FALSE,pwdata);
-	if (list) for (le = list->head; le; le = le->next) {
-	    printf("\n\nListing certificates for %s:\n\n", PK11_GetSlotName(le->slot));
-	    rv = dumpChain(handle,name,le->slot,raw,ascii,outfile,pwdata);
-	}
-    } else {
-	rv = dumpChain(handle,name,slot,raw,ascii,outfile,pwdata);
-    }
-    return rv;
-}
-
-
-static SECStatus 
-DeleteCert(CERTCertDBHandle *handle, char *name)
-{
-    SECStatus rv;
-    CERTCertificate *cert;
-
-    cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
-    if (!cert) {
-	SECU_PrintError(progName, "could not find certificate named \"%s\"",
-			name);
-	return SECFailure;
-    }
-
-    rv = SEC_DeletePermCertificate(cert);
-    CERT_DestroyCertificate(cert);
-    if (rv) {
-	SECU_PrintError(progName, "unable to delete certificate");
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-static SECStatus
-ValidateCert(CERTCertDBHandle *handle, char *name, char *date,
-	     char *certUsage, PRBool checkSig, PRBool logit, secuPWData *pwdata)
-{
-    SECStatus rv;
-    CERTCertificate *cert = NULL;
-    int64 timeBoundary;
-    SECCertUsage usage;
-    CERTVerifyLog reallog;
-    CERTVerifyLog *log = NULL;
-    
-    switch (*certUsage) {
-	case 'C':
-	    usage = certUsageSSLClient;
-	    break;
-	case 'V':
-	    usage = certUsageSSLServer;
-	    break;
-	case 'S':
-	    usage = certUsageEmailSigner;
-	    break;
-	case 'R':
-	    usage = certUsageEmailRecipient;
-	    break;
-	default:
-	    PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	    return (SECFailure);
-    }
-    do {
-	cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
-	if (!cert) {
-	    SECU_PrintError(progName, "could not find certificate named \"%s\"",
-			    name);
-	    GEN_BREAK (SECFailure)
-	}
-
-	if (date != NULL) {
-	    rv = DER_AsciiToTime(&timeBoundary, date);
-	    if (rv) {
-		SECU_PrintError(progName, "invalid input date");
-		GEN_BREAK (SECFailure)
-	    }
-	} else {
-	    timeBoundary = PR_Now();
-	}
-
-	if ( logit ) {
-	    log = &reallog;
-	    
-	    log->count = 0;
-	    log->head = NULL;
-	    log->tail = NULL;
-	    log->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	    if ( log->arena == NULL ) {
-		SECU_PrintError(progName, "out of memory");
-		GEN_BREAK (SECFailure)
-	    }
-	}
- 
-	rv = CERT_VerifyCert(handle, cert, checkSig, usage,
-			     timeBoundary, pwdata, log);
-	if ( log ) {
-	    if ( log->head == NULL ) {
-		fprintf(stdout, "%s: certificate is valid\n", progName);
-		GEN_BREAK (SECSuccess)
-	    } else {
-		char *name;
-		CERTVerifyLogNode *node;
-		
-		node = log->head;
-		while ( node ) {
-		    if ( node->cert->nickname != NULL ) {
-			name = node->cert->nickname;
-		    } else {
-			name = node->cert->subjectName;
-		    }
-		    fprintf(stderr, "%s : %s\n", name, 
-		    	SECU_Strerror(node->error));
-		    CERT_DestroyCertificate(node->cert);
-		    node = node->next;
-		}
-	    }
-	} else {
-	    if (rv != SECSuccess) {
-		PRErrorCode perr = PORT_GetError();
-		fprintf(stdout, "%s: certificate is invalid: %s\n",
-			progName, SECU_Strerror(perr));
-		GEN_BREAK (SECFailure)
-	    }
-	    fprintf(stdout, "%s: certificate is valid\n", progName);
-	    GEN_BREAK (SECSuccess)
-	}
-    } while (0);
-
-    if (cert) {
-        CERT_DestroyCertificate(cert);
-    }
-
-    return (rv);
-}
-
-
-static SECStatus
-printKeyCB(SECKEYPublicKey *key, SECItem *data, void *arg)
-{
-    if (key->keyType == rsaKey) {
-	fprintf(stdout, "RSA Public-Key:\n");
-	SECU_PrintInteger(stdout, &key->u.rsa.modulus, "modulus", 1);
-    } else {
-	fprintf(stdout, "DSA Public-Key:\n");
-	SECU_PrintInteger(stdout, &key->u.dsa.publicValue, "publicValue", 1);
-    }
-    return SECSuccess;
-}
-
-/* callback for listing certs through pkcs11 */
-static SECStatus
-secu_PrintKey(FILE *out, int count, SECKEYPrivateKey *key)
-{
-    char *name;
-
-    name = PK11_GetPrivateKeyNickname(key);
-    if (name == NULL) {
-	/* should look up associated cert */
-	name = PORT_Strdup("< orphaned >");
-    }
-    fprintf(out, "<%d> %s\n", count, name);
-    PORT_Free(name);
-
-    return SECSuccess;
-}
-
-static SECStatus
-listKeys(PK11SlotInfo *slot, KeyType keyType, void *pwarg)
-{
-    SECKEYPrivateKeyList *list;
-    SECKEYPrivateKeyListNode *node;
-    int count;
-
-    if (PK11_NeedLogin(slot))
-	    PK11_Authenticate(slot, PR_TRUE, pwarg);
-
-    list = PK11_ListPrivateKeysInSlot(slot);
-    if (list == NULL) {
-	SECU_PrintError(progName, "problem listing keys");
-	return SECFailure;
-    }
-    for (count=0, node=PRIVKEY_LIST_HEAD(list) ; !PRIVKEY_LIST_END(node,list);
-			  node= PRIVKEY_LIST_NEXT(node),count++) {
-	secu_PrintKey(stdout, count, node->key);
-    }
-    SECKEY_DestroyPrivateKeyList(list);
-
-    if (count == 0) {
-	SECU_PrintError(progName, "no keys found");
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-ListKeys(PK11SlotInfo *slot, char *keyname, int index, 
-         KeyType keyType, PRBool dopriv, secuPWData *pwdata)
-{
-    SECStatus rv = SECSuccess;
-
-    if (slot == NULL) {
-	PK11SlotList *list;
-	PK11SlotListElement *le;
-
-	list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,pwdata);
-	if (list) for (le = list->head; le; le = le->next) {
-	    rv = listKeys(le->slot,keyType,pwdata);
-	}
-    } else {
-	rv = listKeys(slot,keyType,pwdata);
-    }
-    return rv;
-}
-
-static SECStatus
-DeleteKey(char *nickname, secuPWData *pwdata)
-{
-    SECStatus rv;
-    CERTCertificate *cert;
-    PK11SlotInfo *slot;
-
-    slot = PK11_GetInternalKeySlot();
-    if (PK11_NeedLogin(slot))
-	PK11_Authenticate(slot, PR_TRUE, pwdata);
-    cert = PK11_FindCertFromNickname(nickname, pwdata);
-    if (!cert) {
-	PK11_FreeSlot(slot);
-	return SECFailure;
-    }
-    rv = PK11_DeleteTokenCertAndKey(cert, pwdata);
-    if (rv != SECSuccess) {
-	SECU_PrintError("problem deleting private key \"%s\"\n", nickname);
-    }
-    CERT_DestroyCertificate(cert);
-    PK11_FreeSlot(slot);
-    return rv;
-}
-
-
-/*
- *  L i s t M o d u l e s
- *
- *  Print a list of the PKCS11 modules that are
- *  available. This is useful for smartcard people to
- *  make sure they have the drivers loaded.
- *
- */
-static SECStatus
-ListModules(void)
-{
-    PK11SlotList *list;
-    PK11SlotListElement *le;
-
-    /* get them all! */
-    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,NULL);
-    if (list == NULL) return SECFailure;
-
-    /* look at each slot*/
-    for (le = list->head ; le; le = le->next) {
-      printf ("\n");
-      printf ("    slot: %s\n", PK11_GetSlotName(le->slot));
-      printf ("   token: %s\n", PK11_GetTokenName(le->slot));
-    }
-    PK11_FreeSlotList(list);
-
-    return SECSuccess;
-}
-
-static void 
-Usage(char *progName)
-{
-#define FPS fprintf(stderr, 
-    FPS "Type %s -H for more detailed descriptions\n", progName);
-    FPS "Usage:  %s -N [-d certdir] [-P dbprefix] [-f pwfile]\n", progName);
-    FPS "Usage:  %s -T [-d certdir] [-P dbprefix] [-h token-name] [-f pwfile]\n", progName);
-    FPS "\t%s -A -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", 
-    	progName);
-    FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n"
-	"\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
-        "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-1] [-2] [-3] [-4] [-5] [-6]\n",
-	progName);
-    FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName);
-    FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", 
-	progName);
-    FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n" 
-	"\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
-    FPS "\t%s -G [-h token-name] -k dsa [-q pqgfile -g key-size] [-f pwfile]\n"
-	"\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
-    FPS "\t%s -K [-n key-name] [-h token-name] [-k dsa|rsa|all]\n", 
-	progName);
-    FPS "\t\t [-f pwfile] [-X] [-d certdir] [-P dbprefix]\n");
-    FPS "\t%s -L [-n cert-name] [-X] [-d certdir] [-P dbprefix] [-r] [-a]\n", progName);
-    FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n",
-	progName);
-    FPS "\t%s -O -n cert-name [-X] [-d certdir] [-P dbprefix]\n", progName);
-    FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n"
-	"\t\t [-k key-type] [-h token-name] [-f pwfile] [-g key-size]\n",
-	progName);
-    FPS "\t%s -V -n cert-name -u usage [-b time] [-e] \n"
-	"\t\t[-X] [-d certdir] [-P dbprefix]\n",
-	progName);
-    FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x]  -t trustargs\n"
-	"\t\t [-k key-type] [-h token-name] [-g key-size]\n"
-        "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
-	"\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"
-        "\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6]\n",
-	progName);
-    FPS "\t%s -U [-X] [-d certdir] [-P dbprefix]\n", progName);
-    exit(1);
-}
-
-static void LongUsage(char *progName)
-{
-
-    FPS "%-15s Add a certificate to the database        (create if needed)\n",
-	"-A");
-    FPS "%-15s Add an Email certificate to the database (create if needed)\n",
-	"-E");
-    FPS "%-20s Specify the nickname of the certificate to add\n",
-	"   -n cert-name");
-    FPS "%-20s Set the certificate trust attributes:\n",
-	"   -t trustargs");
-    FPS "%-25s p \t valid peer\n", "");
-    FPS "%-25s P \t trusted peer (implies p)\n", "");
-    FPS "%-25s c \t valid CA\n", "");
-    FPS "%-25s T \t trusted CA to issue client certs (implies c)\n", "");
-    FPS "%-25s C \t trusted CA to issue server certs (implies c)\n", "");
-    FPS "%-25s u \t user cert\n", "");
-    FPS "%-25s w \t send warning\n", "");
-#ifdef DEBUG_NSSTEAM_ONLY
-    FPS "%-25s g \t make step-up cert\n", "");
-#endif /* DEBUG_NSSTEAM_ONLY */
-    FPS "%-20s Specify the password file\n",
-	"   -f pwfile");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s The input certificate is encoded in ASCII (RFC1113)\n",
-	"   -a");
-    FPS "%-20s Specify the certificate file (default is stdin)\n",
-	"   -i input");
-    FPS "\n");
-
-    FPS "%-15s Create a new binary certificate from a BINARY cert request\n",
-	"-C");
-    FPS "%-20s The nickname of the issuer cert\n",
-	"   -c issuer-name");
-    FPS "%-20s The BINARY certificate request file\n",
-	"   -i cert-request ");
-    FPS "%-20s Output binary cert to this file (default is stdout)\n",
-	"   -o output-cert");
-    FPS "%-20s Self sign\n",
-	"   -x");
-    FPS "%-20s Cert serial number\n",
-	"   -m serial-number");
-    FPS "%-20s Time Warp\n",
-	"   -w warp-months");
-    FPS "%-20s Months valid (default is 3)\n",
-        "   -v months-valid");
-    FPS "%-20s Specify the password file\n",
-	"   -f pwfile");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s Create key usage extension\n",
-	"   -1 ");
-    FPS "%-20s Create basic constraint extension\n",
-	"   -2 ");
-    FPS "%-20s Create authority key ID extension\n",
-	"   -3 ");
-    FPS "%-20s Create crl distribution point extension\n",
-	"   -4 ");
-    FPS "%-20s Create netscape cert type extension\n",
-	"   -5 ");
-    FPS "%-20s Create extended key usage extension\n",
-	"   -6 ");
-    FPS "\n");
-
-    FPS "%-15s Generate a new key pair\n",
-	"-G");
-    FPS "%-20s Name of token in which to generate key (default is internal)\n",
-	"   -h token-name");
-    FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
-	"   -k key-type");
-    FPS "%-20s Key size in bits, (min %d, max %d, default %d)\n",
-	"   -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
-    FPS "%-20s Set the public exponent value (3, 17, 65537) (rsa only)\n",
-	"   -y exp");
-    FPS "%-20s Specify the password file\n",
-        "   -f password-file");
-    FPS "%-20s Specify the noise file to be used\n",
-	"   -z noisefile");
-    FPS "%-20s read PQG value from pqgfile (dsa only)\n",
-	"   -q pqgfile");
-    FPS "%-20s Key database directory (default is ~/.netscape)\n",
-	"   -d keydir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "\n");
-
-    FPS "%-15s Delete a certificate from the database\n",
-	"-D");
-    FPS "%-20s The nickname of the cert to delete\n",
-	"   -n cert-name");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "\n");
-
-    FPS "%-15s List all modules\n", /*, or print out a single named module\n",*/
-        "-U");
-    FPS "%-20s Module database directory (default is '~/.netscape')\n",
-        "   -d moddir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s force the database to open R/W\n",
-	"   -X");
-    FPS "\n");
-
-    FPS "%-15s List all keys\n", /*, or print out a single named key\n",*/
-        "-K");
-    FPS "%-20s Name of token in which to look for keys (default is internal,"
-	" use \"all\" to list keys on all tokens)\n",
-	"   -h token-name ");
-    FPS "%-20s Type of key pair to list (\"all\", \"dsa\", \"rsa\" (default))\n",
-	"   -k key-type");
-    FPS "%-20s Specify the password file\n",
-        "   -f password-file");
-    FPS "%-20s Key database directory (default is ~/.netscape)\n",
-	"   -d keydir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s force the database to open R/W\n",
-	"   -X");
-    FPS "\n");
-
-    FPS "%-15s List all certs, or print out a single named cert\n",
-	"-L");
-    FPS "%-20s Pretty print named cert (list all if unspecified)\n",
-	"   -n cert-name");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s force the database to open R/W\n",
-	"   -X");
-    FPS "%-20s For single cert, print binary DER encoding\n",
-	"   -r");
-    FPS "%-20s For single cert, print ASCII encoding (RFC1113)\n",
-	"   -a");
-    FPS "\n");
-
-    FPS "%-15s Modify trust attributes of certificate\n",
-	"-M");
-    FPS "%-20s The nickname of the cert to modify\n",
-	"   -n cert-name");
-    FPS "%-20s Set the certificate trust attributes (see -A above)\n",
-	"   -t trustargs");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "\n");
-
-    FPS "%-15s Create a new certificate database\n",
-	"-N");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "\n");
-    FPS "%-15s Reset the Key database or token\n",
-	"-T");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s Token to reset (default is internal)\n",
-	"   -h token-name");
-    FPS "\n");
-
-    FPS "\n");
-    FPS "%-15s Print the chain of a certificate\n",
-	"-O");
-    FPS "%-20s The nickname of the cert to modify\n",
-	"   -n cert-name");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s force the database to open R/W\n",
-	"   -X");
-    FPS "\n");
-
-    FPS "%-15s Generate a certificate request (stdout)\n",
-	"-R");
-    FPS "%-20s Specify the subject name (using RFC1485)\n",
-	"   -s subject");
-    FPS "%-20s Output the cert request to this file\n",
-	"   -o output-req");
-    FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
-	"   -k key-type");
-    FPS "%-20s Name of token in which to generate key (default is internal)\n",
-	"   -h token-name");
-    FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n",
-	"   -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
-    FPS "%-20s Specify the password file\n",
-	"   -f pwfile");
-    FPS "%-20s Key database directory (default is ~/.netscape)\n",
-	"   -d keydir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
-	"   -p phone");
-    FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n",
-	"   -a");
-    FPS "\n");
-
-    FPS "%-15s Validate a certificate\n",
-	"-V");
-    FPS "%-20s The nickname of the cert to Validate\n",
-	"   -n cert-name");
-    FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n",
-	"   -b time");
-    FPS "%-20s Check certificate signature \n",
-	"   -e ");   
-    FPS "%-20s Specify certificate usage:\n", "   -u certusage");
-    FPS "%-25s C \t SSL Client\n", "");
-    FPS "%-25s V \t SSL Server\n", "");
-    FPS "%-25s S \t Email signer\n", "");
-    FPS "%-25s R \t Email Recipient\n", "");   
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s force the database to open R/W\n",
-	"   -X");
-    FPS "\n");
-
-    FPS "%-15s Make a certificate and add to database\n",
-        "-S");
-    FPS "%-20s Specify the nickname of the cert\n",
-        "   -n key-name");
-    FPS "%-20s Specify the subject name (using RFC1485)\n",
-        "   -s subject");
-    FPS "%-20s The nickname of the issuer cert\n",
-	"   -c issuer-name");
-    FPS "%-20s Set the certificate trust attributes (see -A above)\n",
-	"   -t trustargs");
-    FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
-	"   -k key-type");
-    FPS "%-20s Name of token in which to generate key (default is internal)\n",
-	"   -h token-name");
-    FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n",
-	"   -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
-    FPS "%-20s Self sign\n",
-	"   -x");
-    FPS "%-20s Cert serial number\n",
-	"   -m serial-number");
-    FPS "%-20s Time Warp\n",
-	"   -w warp-months");
-    FPS "%-20s Months valid (default is 3)\n",
-        "   -v months-valid");
-    FPS "%-20s Specify the password file\n",
-	"   -f pwfile");
-    FPS "%-20s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-20s Cert & Key database prefix\n",
-	"   -P dbprefix");
-    FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
-	"   -p phone");
-    FPS "%-20s Create key usage extension\n",
-	"   -1 ");
-    FPS "%-20s Create basic constraint extension\n",
-	"   -2 ");
-    FPS "%-20s Create authority key ID extension\n",
-	"   -3 ");
-    FPS "%-20s Create crl distribution point extension\n",
-	"   -4 ");
-    FPS "%-20s Create netscape cert type extension\n",
-	"   -5 ");
-    FPS "%-20s Create extended key usage extension\n",
-	"   -6 ");
-    FPS "\n");
-
-    exit(1);
-#undef FPS
-}
-
-
-static CERTCertificate *
-MakeV1Cert(	CERTCertDBHandle *	handle, 
-		CERTCertificateRequest *req,
-	    	char *			issuerNickName, 
-		PRBool 			selfsign, 
-		int 			serialNumber,
-		int 			warpmonths,
-                int                     validitylength)
-{
-    CERTCertificate *issuerCert = NULL;
-    CERTValidity *validity;
-    CERTCertificate *cert = NULL;
-#ifndef NSPR20    
-    PRTime printableTime;
-    int64 now, after;
-#else
-    PRExplodedTime printableTime;
-    PRTime now, after;
-#endif    
-   
-    
-
-    if ( !selfsign ) {
-	issuerCert = CERT_FindCertByNicknameOrEmailAddr(handle, issuerNickName);
-	if (!issuerCert) {
-	    SECU_PrintError(progName, "could not find certificate named \"%s\"",
-			    issuerNickName);
-	    return NULL;
-	}
-    }
-
-    now = PR_Now();
-#ifndef NSPR20
-    PR_ExplodeGMTTime (&printableTime, now);
-#else    
-    PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-#endif
-    if ( warpmonths ) {
-#ifndef	NSPR20    
-	printableTime.tm_mon += warpmonths;
-	now = PR_ImplodeTime (&printableTime, 0, 0);
-	PR_ExplodeGMTTime (&printableTime, now);
-#else
-	printableTime.tm_month += warpmonths;
-	now = PR_ImplodeTime (&printableTime);
-	PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-#endif
-    }
-#ifndef	NSPR20  
-    printableTime.tm_mon += validitylength;  
-    printableTime.tm_mon += 3;
-    after = PR_ImplodeTime (&printableTime, 0, 0);
-
-#else
-    printableTime.tm_month += validitylength;
-    printableTime.tm_month += 3;
-    after = PR_ImplodeTime (&printableTime);
-#endif    
-
-    /* note that the time is now in micro-second unit */
-    validity = CERT_CreateValidity (now, after);
-
-    if ( selfsign ) {
-	cert = CERT_CreateCertificate
-	    (serialNumber,&(req->subject), validity, req);
-    } else {
-	cert = CERT_CreateCertificate
-	    (serialNumber,&(issuerCert->subject), validity, req);
-    }
-    
-    CERT_DestroyValidity(validity);
-    if ( issuerCert ) {
-	CERT_DestroyCertificate (issuerCert);
-    }
-    
-    return(cert);
-}
-
-static SECStatus 
-AddKeyUsage (void *extHandle)
-{
-    SECItem bitStringValue;
-    unsigned char keyUsage = 0x0;
-    char buffer[5];
-    int value;
-
-    while (1) {
-	fprintf(stdout, "%-25s 0 - Digital Signature\n", "");
-	fprintf(stdout, "%-25s 1 - Non-repudiation\n", "");
-	fprintf(stdout, "%-25s 2 - Key encipherment\n", "");
-	fprintf(stdout, "%-25s 3 - Data encipherment\n", "");   
-	fprintf(stdout, "%-25s 4 - Key agreement\n", "");
-	fprintf(stdout, "%-25s 5 - Cert signing key\n", "");   
-	fprintf(stdout, "%-25s 6 - CRL signing key\n", "");
-	fprintf(stdout, "%-25s Other to finish\n", "");
-	if (gets (buffer)) {
-	    value = atoi (buffer);
-	    if (value < 0 || value > 6)
-	        break;
-	    keyUsage |= (0x80 >> value);
-	}
-	else {		/* gets() returns NULL on EOF or error */
-	    break;
-	}
-    }
-
-    bitStringValue.data = &keyUsage;
-    bitStringValue.len = 1;
-    buffer[0] = 'n';
-    puts ("Is this a critical extension [y/n]? ");
-    gets (buffer);	
-
-    return (CERT_EncodeAndAddBitStrExtension
-	    (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
-	     (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE));
-
-}
-
-
-static CERTOidSequence *
-CreateOidSequence(void)
-{
-  CERTOidSequence *rv = (CERTOidSequence *)NULL;
-  PRArenaPool *arena = (PRArenaPool *)NULL;
-
-  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-  if( (PRArenaPool *)NULL == arena ) {
-    goto loser;
-  }
-
-  rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
-  if( (CERTOidSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
-  if( (SECItem **)NULL == rv->oids ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  return rv;
-
- loser:
-  if( (PRArenaPool *)NULL != arena ) {
-    PORT_FreeArena(arena, PR_FALSE);
-  }
-
-  return (CERTOidSequence *)NULL;
-}
-
-static void
-DestroyOidSequence(CERTOidSequence *os)
-{
-  if (os->arena) {
-    PORT_FreeArena(os->arena, PR_FALSE);
-  }
-}
-
-static SECStatus
-AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
-{
-  SECItem **oids;
-  PRUint32 count = 0;
-  SECOidData *od;
-
-  od = SECOID_FindOIDByTag(oidTag);
-  if( (SECOidData *)NULL == od ) {
-    return SECFailure;
-  }
-
-  for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
-    count++;
-  }
-
-  /* ArenaZRealloc */
-
-  {
-    PRUint32 i;
-
-    oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2));
-    if( (SECItem **)NULL == oids ) {
-      return SECFailure;
-    }
-    
-    for( i = 0; i < count; i++ ) {
-      oids[i] = os->oids[i];
-    }
-
-    /* ArenaZFree(os->oids); */
-  }
-
-  os->oids = oids;
-  os->oids[count] = &od->oid;
-
-  return SECSuccess;
-}
-
-SEC_ASN1_MKSUB(SEC_ObjectIDTemplate);
-
-const SEC_ASN1Template CERT_OidSeqTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN,
-	  offsetof(CERTOidSequence, oids),
-	  SEC_ASN1_SUB(SEC_ObjectIDTemplate) }
-};
-
-
-static SECItem *
-EncodeOidSequence(CERTOidSequence *os)
-{
-  SECItem *rv;
-
-  rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem));
-  if( (SECItem *)NULL == rv ) {
-    goto loser;
-  }
-
-  if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) {
-    goto loser;
-  }
-
-  return rv;
-
- loser:
-  return (SECItem *)NULL;
-}
-
-static SECStatus 
-AddExtKeyUsage (void *extHandle)
-{
-  char buffer[5];
-  int value;
-  CERTOidSequence *os;
-  SECStatus rv;
-  SECItem *item;
-
-  os = CreateOidSequence();
-  if( (CERTOidSequence *)NULL == os ) {
-    return SECFailure;
-  }
-
-  while (1) {
-    fprintf(stdout, "%-25s 0 - Server Auth\n", "");
-    fprintf(stdout, "%-25s 1 - Client Auth\n", "");
-    fprintf(stdout, "%-25s 2 - Code Signing\n", "");
-    fprintf(stdout, "%-25s 3 - Email Protection\n", "");
-    fprintf(stdout, "%-25s 4 - Timestamp\n", "");
-    fprintf(stdout, "%-25s 5 - OCSP Responder\n", "");
-#ifdef DEBUG_NSSTEAM_ONLY
-    fprintf(stdout, "%-25s 6 - Step-up\n", "");
-#endif /* DEBUG_NSSTEAM_ONLY */
-    fprintf(stdout, "%-25s Other to finish\n", "");
-
-    gets(buffer);
-    value = atoi(buffer);
-
-    switch( value ) {
-    case 0:
-      rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH);
-      break;
-    case 1:
-      rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH);
-      break;
-    case 2:
-      rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN);
-      break;
-    case 3:
-      rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT);
-      break;
-    case 4:
-      rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP);
-      break;
-    case 5:
-      rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER);
-      break;
-#ifdef DEBUG_NSSTEAM_ONLY
-    case 6:
-      rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED);
-      break;
-#endif /* DEBUG_NSSTEAM_ONLY */
-    default:
-      goto endloop;
-    }
-
-    if( SECSuccess != rv ) goto loser;
-  }
-
- endloop:;
-  item = EncodeOidSequence(os);
-
-  buffer[0] = 'n';
-  puts ("Is this a critical extension [y/n]? ");
-  gets (buffer);	
-
-  rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item,
-                         ((buffer[0] == 'y' || buffer[0] == 'Y')
-                          ? PR_TRUE : PR_FALSE), PR_TRUE);
-  /*FALLTHROUGH*/
- loser:
-  DestroyOidSequence(os);
-  return rv;
-}
-
-static SECStatus 
-AddNscpCertType (void *extHandle)
-{
-    SECItem bitStringValue;
-    unsigned char keyUsage = 0x0;
-    char buffer[5];
-    int value;
-
-    while (1) {
-	fprintf(stdout, "%-25s 0 - SSL Client\n", "");
-	fprintf(stdout, "%-25s 1 - SSL Server\n", "");
-	fprintf(stdout, "%-25s 2 - S/MIME\n", "");
-	fprintf(stdout, "%-25s 3 - Object Signing\n", "");   
-	fprintf(stdout, "%-25s 4 - Reserved for futuer use\n", "");
-	fprintf(stdout, "%-25s 5 - SSL CA\n", "");   
-	fprintf(stdout, "%-25s 6 - S/MIME CA\n", "");
-	fprintf(stdout, "%-25s 7 - Object Signing CA\n", "");
-	fprintf(stdout, "%-25s Other to finish\n", "");
-	gets (buffer);
-	value = atoi (buffer);
-	if (value < 0 || value > 7)
-	    break;
-	keyUsage |= (0x80 >> value);
-    }
-
-    bitStringValue.data = &keyUsage;
-    bitStringValue.len = 1;
-    buffer[0] = 'n';
-    puts ("Is this a critical extension [y/n]? ");
-    gets (buffer);	
-
-    return (CERT_EncodeAndAddBitStrExtension
-	    (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
-	     (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE));
-
-}
-
-typedef SECStatus (* EXTEN_VALUE_ENCODER)
-		(PRArenaPool *extHandle, void *value, SECItem *encodedValue);
-
-static SECStatus 
-EncodeAndAddExtensionValue(
-	PRArenaPool *	arena, 
-	void *		extHandle, 
-	void *		value, 
-	PRBool 		criticality,
-	int 		extenType, 
-	EXTEN_VALUE_ENCODER EncodeValueFn)
-{
-    SECItem encodedValue;
-    SECStatus rv;
-	
-
-    encodedValue.data = NULL;
-    encodedValue.len = 0;
-    do {
-	rv = (*EncodeValueFn)(arena, value, &encodedValue);
-	if (rv != SECSuccess)
-	break;
-
-	rv = CERT_AddExtension
-	     (extHandle, extenType, &encodedValue, criticality,PR_TRUE);
-    } while (0);
-	
-    return (rv);
-}
-
-static SECStatus 
-AddBasicConstraint(void *extHandle)
-{
-    CERTBasicConstraints basicConstraint;    
-    SECItem encodedValue;
-    SECStatus rv;
-    char buffer[10];
-
-    encodedValue.data = NULL;
-    encodedValue.len = 0;
-    do {
-	basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
-	puts ("Is this a CA certificate [y/n]?");
-	gets (buffer);
-	basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ?
-                                PR_TRUE : PR_FALSE;
-
-	puts ("Enter the path length constraint, enter to skip [<0 for unlimited path]:");
-	gets (buffer);
-	if (PORT_Strlen (buffer) > 0)
-	    basicConstraint.pathLenConstraint = atoi (buffer);
-	
-	rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, &encodedValue);
-	if (rv)
-	    return (rv);
-
-	buffer[0] = 'n';
-	puts ("Is this a critical extension [y/n]? ");
-	gets (buffer);	
-	rv = CERT_AddExtension
-	     (extHandle, SEC_OID_X509_BASIC_CONSTRAINTS,
-	      &encodedValue, (buffer[0] == 'y' || buffer[0] == 'Y') ?
-              PR_TRUE : PR_FALSE ,PR_TRUE);
-    } while (0);
-    PORT_Free (encodedValue.data);
-    return (rv);
-}
-
-static SECItem *
-SignCert(CERTCertDBHandle *handle, 
-CERTCertificate *cert, PRBool selfsign, 
-SECKEYPrivateKey *privKey, char *issuerNickName, void *pwarg)
-{
-    SECItem der;
-    SECItem *result = NULL;
-    SECKEYPrivateKey *caPrivateKey = NULL;    
-    SECStatus rv;
-    PRArenaPool *arena;
-    SECOidTag algID;
-    void *dummy;
-
-    if( !selfsign ) {
-      CERTCertificate *issuer = PK11_FindCertFromNickname(issuerNickName, pwarg);
-      if( (CERTCertificate *)NULL == issuer ) {
-        SECU_PrintError(progName, "unable to find issuer with nickname %s", 
-	                issuerNickName);
-        return (SECItem *)NULL;
-      }
-
-      privKey = caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg);
-      CERT_DestroyCertificate(issuer);
-      if (caPrivateKey == NULL) {
-	SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName);
-	return NULL;
-      }
-    }
-	
-    arena = cert->arena;
-
-    switch(privKey->keyType) {
-      case rsaKey:
-	algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-	break;
-      case dsaKey:
-	algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-	break;
-      default:
-	fprintf(stderr, "Unknown key type for issuer.");
-	goto done;
-	break;
-    }
-
-    rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "Could not set signature algorithm id.");
-	goto done;
-    }
-
-    /* we only deal with cert v3 here */
-    *(cert->version.data) = 2;
-    cert->version.len = 1;
-
-    der.len = 0;
-    der.data = NULL;
-    dummy = SEC_ASN1EncodeItem (arena, &der, cert,
-			 	SEC_ASN1_GET(CERT_CertificateTemplate));
-    if (!dummy) {
-	fprintf (stderr, "Could not encode certificate.\n");
-	goto done;
-    }
-
-    result = (SECItem *) PORT_ArenaZAlloc (arena, sizeof (SECItem));
-    if (result == NULL) {
-	fprintf (stderr, "Could not allocate item for certificate data.\n");
-	goto done;
-    }
-
-    rv = SEC_DerSignData (arena, result, der.data, der.len, privKey,
-			  algID);
-    if (rv != SECSuccess) {
-	fprintf (stderr, "Could not sign encoded certificate data.\n");
-	PORT_Free(result);
-	result = NULL;
-	goto done;
-    }
-    cert->derCert = *result;
-done:
-    if (caPrivateKey) {
-	SECKEY_DestroyPrivateKey(caPrivateKey);
-    }
-    return result;
-}
-
-static SECStatus 
-AddAuthKeyID (void *extHandle)
-{
-    CERTAuthKeyID *authKeyID = NULL;    
-    PRArenaPool *arena = NULL;
-    SECStatus rv = SECSuccess;
-    char buffer[512];
-
-    do {
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if ( !arena ) {
-	    SECU_PrintError(progName, "out of memory");
-	    GEN_BREAK (SECFailure);
-	}
-
-	if (GetYesNo ("Enter value for the authKeyID extension [y/n]?\n") == 0)
-	    break;
-	
-	authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID));
-	if (authKeyID == NULL) {
-	    GEN_BREAK (SECFailure);
-	}
-
-	rv = GetString (arena, "Enter value for the key identifier fields, enter to omit:",
-			&authKeyID->keyID);
-	if (rv != SECSuccess)
-	    break;
-	authKeyID->authCertIssuer = GetGeneralName (arena);
-	if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError ())
-		break;
-	
-
-	rv = GetString (arena, "Enter value for the authCertSerial field, enter to omit:",
-			&authKeyID->authCertSerialNumber);
-
-	buffer[0] = 'n';
-	puts ("Is this a critical extension [y/n]? ");
-	gets (buffer);	
-
-	rv = EncodeAndAddExtensionValue
-	    (arena, extHandle, authKeyID,
-	     (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE,
-	     SEC_OID_X509_AUTH_KEY_ID, 
-	     (EXTEN_VALUE_ENCODER) CERT_EncodeAuthKeyID);
-	if (rv)
-	    break;
-	
-    } while (0);
-    if (arena)
-	PORT_FreeArena (arena, PR_FALSE);
-    return (rv);
-}   
-    
-static SECStatus 
-AddCrlDistPoint(void *extHandle)
-{
-    PRArenaPool *arena = NULL;
-    CERTCrlDistributionPoints *crlDistPoints = NULL;
-    CRLDistributionPoint *current;
-    SECStatus rv = SECSuccess;
-    int count = 0, intValue;
-    char buffer[5];
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena )
-	return (SECFailure);
-
-    do {
-	current = NULL;
-	current = PORT_ArenaZAlloc (arena, sizeof (*current));
-        if (current == NULL) {
-	    GEN_BREAK (SECFailure);
-	}   
-
-	/* Get the distributionPointName fields - this field is optional */
-	puts ("Enter the type of the distribution point name:\n");
-	puts ("\t1 - Full Name\n\t2 - Relative Name\n\tOther - omit\n\t\tChoice: ");
-	scanf ("%d", &intValue);
-	switch (intValue) {
-	    case generalName:
-		current->distPointType = intValue;
-		current->distPoint.fullName = GetGeneralName (arena);
-		rv = PORT_GetError();
-		break;
-		
-	    case relativeDistinguishedName: {
-		CERTName *name;
-		char buffer[512];
-
-		current->distPointType = intValue;
-		puts ("Enter the relative name: ");
-		fflush (stdout);
-		gets (buffer);
-		/* For simplicity, use CERT_AsciiToName to converse from a string
-		   to NAME, but we only interest in the first RDN */
-		name = CERT_AsciiToName (buffer);
-		if (!name) {
-		    GEN_BREAK (SECFailure);
-		}
-		rv = CERT_CopyRDN (arena, &current->distPoint.relativeName, name->rdns[0]);
-		CERT_DestroyName (name);
-		break;
-	    }
-	}
-	if (rv != SECSuccess)
-	    break;
-
-	/* Get the reason flags */
-	puts ("\nSelect one of the following for the reason flags\n");
-	puts ("\t0 - unused\n\t1 - keyCompromise\n\t2 - caCompromise\n\t3 - affiliationChanged\n");
-	puts ("\t4 - superseded\n\t5 - cessationOfOperation\n\t6 - certificateHold\n");
-	puts ("\tother - omit\t\tChoice: ");
-	
-	scanf ("%d", &intValue);
-	if (intValue >= 0 && intValue <8) {
-	    current->reasons.data = PORT_ArenaAlloc (arena, sizeof(char));
-	    if (current->reasons.data == NULL) {
-		GEN_BREAK (SECFailure);
-	    }
-	    *current->reasons.data = (char)(0x80 >> intValue);
-	    current->reasons.len = 1;
-	}
-	puts ("Enter value for the CRL Issuer name:\n");
-        current->crlIssuer = GetGeneralName (arena);
-	if (current->crlIssuer == NULL && (rv = PORT_GetError()) == SECFailure)
-	    break;
-
-	if (crlDistPoints == NULL) {
-	    crlDistPoints = PORT_ArenaZAlloc (arena, sizeof (*crlDistPoints));
-	    if (crlDistPoints == NULL) {
-		GEN_BREAK (SECFailure);
-	    }
-	}
-	    
-	crlDistPoints->distPoints = PORT_ArenaGrow (arena, 
-	     crlDistPoints->distPoints,
-	     sizeof (*crlDistPoints->distPoints) * count,
-	     sizeof (*crlDistPoints->distPoints) *(count + 1));
-	if (crlDistPoints->distPoints == NULL) {
-	    GEN_BREAK (SECFailure);
-	}
-	
-	crlDistPoints->distPoints[count] = current;
-	++count;
-	if (GetYesNo ("Enter more value for the CRL distribution point extension [y/n]\n") == 0) {
-	    /* Add null to the end of the crlDistPoints to mark end of data */
-	    crlDistPoints->distPoints = PORT_ArenaGrow(arena, 
-		 crlDistPoints->distPoints,
-		 sizeof (*crlDistPoints->distPoints) * count,
-		 sizeof (*crlDistPoints->distPoints) *(count + 1));
-	    crlDistPoints->distPoints[count] = NULL;	    
-	    break;
-	}
-	
-
-    } while (1);
-    
-    if (rv == SECSuccess) {
-	buffer[0] = 'n';
-	puts ("Is this a critical extension [y/n]? ");
-	gets (buffer);	
-	
-	rv = EncodeAndAddExtensionValue(arena, extHandle, crlDistPoints,
-	      (buffer[0] == 'Y' || buffer[0] == 'y') ? PR_TRUE : PR_FALSE,
-	      SEC_OID_X509_CRL_DIST_POINTS,
-	      (EXTEN_VALUE_ENCODER)  CERT_EncodeCRLDistributionPoints);
-    }
-    if (arena)
-	PORT_FreeArena (arena, PR_FALSE);
-    return (rv);
-}
-
-static SECStatus
-CreateCert(
-	CERTCertDBHandle *handle, 
-	char *  issuerNickName, 
-	PRFileDesc *inFile,
-	PRFileDesc *outFile, 
-	SECKEYPrivateKey *selfsignprivkey,
-	void 	*pwarg,
-	int     serialNumber, 
-	int     warpmonths,
-	int     validitylength,
-	PRBool  ascii,
-	PRBool  selfsign,
-	PRBool	keyUsage, 
-	PRBool  extKeyUsage,
-	PRBool  basicConstraint, 
-	PRBool  authKeyID,
-	PRBool  crlDistPoints, 
-	PRBool  nscpCertType)
-{
-    void *	extHandle;
-    SECItem *	certDER;
-    PRArenaPool *arena			= NULL;
-    CERTCertificate *subjectCert 	= NULL;
-    /*CERTCertificate *issuerCert 	= NULL;*/
-    CERTCertificateRequest *certReq	= NULL;
-    SECStatus 	rv 			= SECSuccess;
-    SECItem 	reqDER;
-
-    reqDER.data = NULL;
-    do {
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (!arena) {
-	    GEN_BREAK (SECFailure);
-	}
-	
-	/* Create a certrequest object from the input cert request der */
-	certReq = GetCertRequest(inFile, ascii);
-	if (certReq == NULL) {
-	    GEN_BREAK (SECFailure)
-	}
-
-	subjectCert = MakeV1Cert (handle, certReq, issuerNickName, selfsign,
-				  serialNumber, warpmonths, validitylength);
-	if (subjectCert == NULL) {
-	    GEN_BREAK (SECFailure)
-	}
-
-	extHandle = CERT_StartCertExtensions (subjectCert);
-	if (extHandle == NULL) {
-	    GEN_BREAK (SECFailure)
-	}
-
-	/* Add key usage extension */
-	if (keyUsage) {
-	    rv = AddKeyUsage(extHandle);
-	    if (rv)
-		break;
-	}
-
-	/* Add extended key usage extension */
-	if (extKeyUsage) {
-	    rv = AddExtKeyUsage(extHandle);
-	    if (rv)
-		break;
-	}
-
-	/* Add basic constraint extension */
-	if (basicConstraint) {
-	    rv = AddBasicConstraint(extHandle);
-	    if (rv)
-		break;
-	}
-
-	if (authKeyID) {
-	    rv = AddAuthKeyID (extHandle);
-	    if (rv)
-		break;
-	}    
-
-
-	if (crlDistPoints) {
-	    rv = AddCrlDistPoint (extHandle);
-	    if (rv)
-		break;
-	}
-	
-	if (nscpCertType) {
-	    rv = AddNscpCertType(extHandle);
-	    if (rv)
-		break;
-	}
-       
-
-	CERT_FinishExtensions(extHandle);
-
-	certDER = SignCert (handle, subjectCert, selfsign, selfsignprivkey, issuerNickName,pwarg);
-
-	if (certDER) {
-	   if (ascii) {
-		PR_fprintf(outFile, "%s\n%s\n%s\n", NS_CERT_HEADER, 
-		        BTOA_DataToAscii(certDER->data, certDER->len), NS_CERT_TRAILER);
-	   } else {
-		PR_Write(outFile, certDER->data, certDER->len);
-	   }
-	}
-
-    } while (0);
-    CERT_DestroyCertificateRequest (certReq);
-    CERT_DestroyCertificate (subjectCert);
-    PORT_FreeArena (arena, PR_FALSE);
-    if (rv != SECSuccess) {
-	PRErrorCode  perr = PR_GetError();
-        fprintf(stderr, "%s: unable to create cert (%s)\n", progName,
-               SECU_Strerror(perr));
-    }
-    return (rv);
-}
-
-/*  Certutil commands  */
-enum {
-    cmd_AddCert = 0,
-    cmd_CreateNewCert,
-    cmd_DeleteCert,
-    cmd_AddEmailCert,
-    cmd_DeleteKey,
-    cmd_GenKeyPair,
-    cmd_PrintHelp,
-    cmd_ListKeys,
-    cmd_ListCerts,
-    cmd_ModifyCertTrust,
-    cmd_NewDBs,
-    cmd_DumpChain,
-    cmd_CertReq,
-    cmd_CreateAndAddCert,
-    cmd_TokenReset,
-    cmd_ListModules,
-    cmd_CheckCertValidity,
-    cmd_ChangePassword,
-    cmd_Version
-};
-
-/*  Certutil options */
-enum {
-    opt_SSOPass = 0,
-    opt_AddKeyUsageExt,
-    opt_AddBasicConstraintExt,
-    opt_AddAuthorityKeyIDExt,
-    opt_AddCRLDistPtsExt,
-    opt_AddNSCertTypeExt,
-    opt_AddExtKeyUsageExt,
-    opt_ASCIIForIO,
-    opt_ValidityTime,
-    opt_IssuerName,
-    opt_CertDir,
-    opt_VerifySig,
-    opt_PasswordFile,
-    opt_KeySize,
-    opt_TokenName,
-    opt_InputFile,
-    opt_KeyIndex,
-    opt_KeyType,
-    opt_DetailedInfo,
-    opt_SerialNumber,
-    opt_Nickname,
-    opt_OutputFile,
-    opt_PhoneNumber,
-    opt_DBPrefix,
-    opt_PQGFile,
-    opt_BinaryDER,
-    opt_Subject,
-    opt_Trust,
-    opt_Usage,
-    opt_Validity,
-    opt_OffsetMonths,
-    opt_SelfSign,
-    opt_RW,
-    opt_Exponent,
-    opt_NoiseFile
-};
-
-static secuCommandFlag certutil_commands[] =
-{
-	{ /* cmd_AddCert             */  'A', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_CreateNewCert       */  'C', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_DeleteCert          */  'D', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_AddEmailCert        */  'E', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_DeleteKey           */  'F', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_GenKeyPair          */  'G', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_PrintHelp           */  'H', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_ListKeys            */  'K', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_ListCerts           */  'L', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_ModifyCertTrust     */  'M', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_NewDBs              */  'N', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_DumpChain           */  'O', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_CertReq             */  'R', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_CreateAndAddCert    */  'S', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_TokenReset          */  'T', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_ListModules         */  'U', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_CheckCertValidity   */  'V', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_ChangePassword      */  'W', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_Version             */  'Y', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag certutil_options[] =
-{
-	{ /* opt_SSOPass             */  '0', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_AddKeyUsageExt      */  '1', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_AddAuthorityKeyIDExt*/  '3', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_AddCRLDistPtsExt    */  '4', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_AddNSCertTypeExt    */  '5', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_AddExtKeyUsageExt   */  '6', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_ASCIIForIO          */  'a', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_ValidityTime        */  'b', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_IssuerName          */  'c', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_CertDir             */  'd', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_VerifySig           */  'e', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_PasswordFile        */  'f', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_KeySize             */  'g', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_TokenName           */  'h', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_InputFile           */  'i', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_KeyIndex            */  'j', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_KeyType             */  'k', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_DetailedInfo        */  'l', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_SerialNumber        */  'm', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_Nickname            */  'n', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_OutputFile          */  'o', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_PhoneNumber         */  'p', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_DBPrefix            */  'P', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_PQGFile             */  'q', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_BinaryDER           */  'r', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_Subject             */  's', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_Trust               */  't', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_Usage               */  'u', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_Validity            */  'v', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_OffsetMonths        */  'w', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_SelfSign            */  'x', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_RW                  */  'X', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_Exponent            */  'y', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_NoiseFile           */  'z', PR_TRUE,  0, PR_FALSE }
-};
-
-int 
-main(int argc, char **argv)
-{
-    CERTCertDBHandle *certHandle;
-    PK11SlotInfo *slot = NULL;
-    CERTName *  subject         = 0;
-    PRFileDesc *inFile          = 0;
-    PRFileDesc *outFile         = 0;
-    char *      certfile        = "tempcert";
-    char *      certreqfile     = "tempcertreq";
-    char *      slotname        = "internal";
-    char *      certPrefix      = "";
-    KeyType     keytype         = rsaKey;
-    /*char *	keyslot	        = NULL;*/
-    /*char *      keynickname     = NULL;*/
-    char *      name            = NULL;
-    int	        keysize	        = DEFAULT_KEY_BITS;
-    int         publicExponent  = 0x010001;
-    int         serialNumber    = 0;
-    int         warpmonths      = 0;
-    int         validitylength  = 0;
-    int         commandsEntered = 0;
-    char        commandToRun    = '\0';
-    secuPWData  pwdata          = { PW_NONE, 0 };
-    PRBool 	readOnly	= PR_FALSE;
-
-    SECKEYPrivateKey *privkey = NULL;
-    SECKEYPublicKey *pubkey = NULL;
-
-    int i;
-    SECStatus rv;
-
-    secuCommand certutil;
-    certutil.numCommands = sizeof(certutil_commands) / sizeof(secuCommandFlag);
-    certutil.numOptions = sizeof(certutil_options) / sizeof(secuCommandFlag);
-    certutil.commands = certutil_commands;
-    certutil.options = certutil_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = SECU_ParseCommandLine(argc, argv, progName, &certutil);
-
-    if (rv != SECSuccess)
-	Usage(progName);
-
-    if (certutil.commands[cmd_PrintHelp].activated)
-	LongUsage(progName);
-
-    if (certutil.options[opt_PasswordFile].arg) {
-	pwdata.source = PW_FROMFILE;
-	pwdata.data = certutil.options[opt_PasswordFile].arg;
-    }
-
-    if (certutil.options[opt_CertDir].activated)
-	SECU_ConfigDirectory(certutil.options[opt_CertDir].arg);
-
-    if (certutil.options[opt_KeySize].activated) {
-	keysize = PORT_Atoi(certutil.options[opt_KeySize].arg);
-	if ((keysize < MIN_KEY_BITS) || (keysize > MAX_KEY_BITS)) {
-	    PR_fprintf(PR_STDERR, 
-                       "%s -g:  Keysize must be between %d and %d.\n",
-	               MIN_KEY_BITS, MAX_KEY_BITS);
-	    return 255;
-	}
-    }
-
-    /*  -h specify token name  */
-    if (certutil.options[opt_TokenName].activated) {
-	if (PL_strcmp(certutil.options[opt_TokenName].arg, "all") == 0)
-	    slotname = NULL;
-	else
-	    slotname = PL_strdup(certutil.options[opt_TokenName].arg);
-    }
-
-    /*  -k key type  */
-    if (certutil.options[opt_KeyType].activated) {
-	if (PL_strcmp(certutil.options[opt_KeyType].arg, "rsa") == 0) {
-	    keytype = rsaKey;
-	} else if (PL_strcmp(certutil.options[opt_KeyType].arg, "dsa") == 0) {
-	    keytype = dsaKey;
-	} else if (PL_strcmp(certutil.options[opt_KeyType].arg, "all") == 0) {
-	    keytype = nullKey;
-	} else {
-	    PR_fprintf(PR_STDERR, "%s -k:  %s is not a recognized type.\n",
-	               progName, certutil.options[opt_KeyType].arg);
-	    return 255;
-	}
-    }
-
-    /*  -m serial number */
-    if (certutil.options[opt_SerialNumber].activated) {
-	serialNumber = PORT_Atoi(certutil.options[opt_SerialNumber].arg);
-	if (serialNumber < 0) {
-	    PR_fprintf(PR_STDERR, "%s -m:  %s is not a valid serial number.\n",
-	               progName, certutil.options[opt_SerialNumber].arg);
-	    return 255;
-	}
-    }
-
-    /*  -P certdb name prefix */
-    if (certutil.options[opt_DBPrefix].activated)
-	certPrefix = strdup(certutil.options[opt_DBPrefix].arg);
-
-    /*  -q PQG file  */
-    if (certutil.options[opt_PQGFile].activated) {
-	if (keytype != dsaKey) {
-	    PR_fprintf(PR_STDERR, "%s -q: PQG file is for DSA key (-k dsa).\n)",
-	               progName);
-	    return 255;
-	}
-    }
-
-    /*  -s subject name  */
-    if (certutil.options[opt_Subject].activated) {
-	subject = CERT_AsciiToName(certutil.options[opt_Subject].arg);
-	if (!subject) {
-	    PR_fprintf(PR_STDERR, "%s -s: improperly formatted name: \"%s\"\n",
-	               progName, certutil.options[opt_Subject].arg);
-	    return 255;
-	}
-    }
-
-    /*  -v validity period  */
-    if (certutil.options[opt_Validity].activated) {
-	validitylength = PORT_Atoi(certutil.options[opt_Validity].arg);
-	if (validitylength < 0) {
-	    PR_fprintf(PR_STDERR, "%s -v: incorrect validity period: \"%s\"\n",
-	               progName, certutil.options[opt_Validity].arg);
-	    return 255;
-	}
-    }
-
-    /*  -w warp months  */
-    if (certutil.options[opt_OffsetMonths].activated)
-	warpmonths = PORT_Atoi(certutil.options[opt_OffsetMonths].arg);
-
-    /*  -y public exponent (for RSA)  */
-    if (certutil.options[opt_Exponent].activated) {
-	publicExponent = PORT_Atoi(certutil.options[opt_Exponent].arg);
-	if ((publicExponent != 3) &&
-	    (publicExponent != 17) &&
-	    (publicExponent != 65537)) {
-	    PR_fprintf(PR_STDERR, "%s -y: incorrect public exponent %d.", 
-	                           progName, publicExponent);
-	    PR_fprintf(PR_STDERR, "Must be 3, 17, or 65537.\n");
-	    return 255;
-	}
-    }
-
-    /*  Check number of commands entered.  */
-    commandsEntered = 0;
-    for (i=0; i< certutil.numCommands; i++) {
-	if (certutil.commands[i].activated) {
-	    commandToRun = certutil.commands[i].flag;
-	    commandsEntered++;
-	}
-	if (commandsEntered > 1)
-	    break;
-    }
-    if (commandsEntered > 1) {
-	PR_fprintf(PR_STDERR, "%s: only one command at a time!\n", progName);
-	PR_fprintf(PR_STDERR, "You entered: ");
-	for (i=0; i< certutil.numCommands; i++) {
-	    if (certutil.commands[i].activated)
-		PR_fprintf(PR_STDERR, " -%c", certutil.commands[i].flag);
-	}
-	PR_fprintf(PR_STDERR, "\n");
-	return 255;
-    }
-    if (commandsEntered == 0) {
-	PR_fprintf(PR_STDERR, "%s: you must enter a command!\n", progName);
-	Usage(progName);
-    }
-
-    if (certutil.commands[cmd_ListCerts].activated ||
-         certutil.commands[cmd_PrintHelp].activated ||
-         certutil.commands[cmd_ListKeys].activated ||
-         certutil.commands[cmd_ListModules].activated ||
-         certutil.commands[cmd_CheckCertValidity].activated ||
-         certutil.commands[cmd_Version].activated ) {
-	readOnly = !certutil.options[opt_RW].activated;
-    }
-
-    /*  -A, -D, -F, -M, -S, -V, and all require -n  */
-    if ((certutil.commands[cmd_AddCert].activated ||
-         certutil.commands[cmd_DeleteCert].activated ||
-         certutil.commands[cmd_DeleteKey].activated ||
-         certutil.commands[cmd_ModifyCertTrust].activated ||
-         certutil.commands[cmd_CreateAndAddCert].activated ||
-         certutil.commands[cmd_CheckCertValidity].activated) &&
-        !certutil.options[opt_Nickname].activated) {
-	PR_fprintf(PR_STDERR, 
-	          "%s -%c: nickname is required for this command (-n).\n",
-	           progName, commandToRun);
-	return 255;
-    }
-
-    /*  -A, -E, -M, -S require trust  */
-    if ((certutil.commands[cmd_AddCert].activated ||
-         certutil.commands[cmd_AddEmailCert].activated ||
-         certutil.commands[cmd_ModifyCertTrust].activated ||
-         certutil.commands[cmd_CreateAndAddCert].activated) &&
-        !certutil.options[opt_Trust].activated) {
-	PR_fprintf(PR_STDERR, 
-	          "%s -%c: trust is required for this command (-t).\n",
-	           progName, commandToRun);
-	return 255;
-    }
-
-    /*  if -L is given raw or ascii mode, it must be for only one cert.  */
-    if (certutil.commands[cmd_ListCerts].activated &&
-        (certutil.options[opt_ASCIIForIO].activated ||
-         certutil.options[opt_BinaryDER].activated) &&
-        !certutil.options[opt_Nickname].activated) {
-	PR_fprintf(PR_STDERR, 
-	        "%s: nickname is required to dump cert in raw or ascii mode.\n",
-	           progName);
-	return 255;
-    }
-    
-    /*  -L can only be in (raw || ascii).  */
-    if (certutil.commands[cmd_ListCerts].activated &&
-        certutil.options[opt_ASCIIForIO].activated &&
-        certutil.options[opt_BinaryDER].activated) {
-	PR_fprintf(PR_STDERR, 
-	           "%s: cannot specify both -r and -a when dumping cert.\n",
-	           progName);
-	return 255;
-    }
-
-    /*  For now, deny -C -x combination */
-    if (certutil.commands[cmd_CreateNewCert].activated &&
-        certutil.options[opt_SelfSign].activated) {
-	PR_fprintf(PR_STDERR,
-	           "%s: self-signing a cert request is not supported.\n",
-	           progName);
-	return 255;
-    }
-
-    /*  If making a cert request, need a subject.  */
-    if ((certutil.commands[cmd_CertReq].activated ||
-         certutil.commands[cmd_CreateAndAddCert].activated) &&
-        !certutil.options[opt_Subject].activated) {
-	PR_fprintf(PR_STDERR, 
-	           "%s -%c: subject is required to create a cert request.\n",
-	           progName, commandToRun);
-	return 255;
-    }
-
-    /*  If making a cert, need a serial number.  */
-    if ((certutil.commands[cmd_CreateNewCert].activated ||
-         certutil.commands[cmd_CreateAndAddCert].activated) &&
-         !certutil.options[opt_SerialNumber].activated) {
-	/*  Make a default serial number from the current time.  */
-	PRTime now = PR_Now();
-	serialNumber = LL_L2I(serialNumber, now);
-	if (serialNumber < 0) serialNumber *= -1;
-    }
-
-    /*  Validation needs the usage to validate for.  */
-    if (certutil.commands[cmd_CheckCertValidity].activated &&
-        !certutil.options[opt_Usage].activated) {
-	PR_fprintf(PR_STDERR, 
-	           "%s -V: specify a usage to validate the cert for (-u).\n",
-	           progName);
-	return 255;
-    }
-    
-    /*  To make a cert, need either a issuer or to self-sign it.  */
-    if (certutil.commands[cmd_CreateAndAddCert].activated &&
-	!(certutil.options[opt_IssuerName].activated ||
-          certutil.options[opt_SelfSign].activated)) {
-	PR_fprintf(PR_STDERR,
-	           "%s -S: must specify issuer (-c) or self-sign (-x).\n",
-	           progName);
-	return 255;
-    }
-
-    /*  Using slotname == NULL for listing keys and certs on all slots, 
-     *  but only that. */
-    if (!(certutil.commands[cmd_ListKeys].activated ||
-	  certutil.commands[cmd_DumpChain].activated ||
-    	  certutil.commands[cmd_ListCerts].activated) && slotname == NULL) {
-	PR_fprintf(PR_STDERR,
-	           "%s -%c: cannot use \"-h all\" for this command.\n",
-	           progName, commandToRun);
-	return 255;
-    }
-
-    /*  Using keytype == nullKey for list all key types, but only that.  */
-    if (!certutil.commands[cmd_ListKeys].activated && keytype == nullKey) {
-	PR_fprintf(PR_STDERR,
-	           "%s -%c: cannot use \"-k all\" for this command.\n",
-	           progName, commandToRun);
-	return 255;
-    }
-
-    /*  -S  open outFile, temporary file for cert request.  */
-    if (certutil.commands[cmd_CreateAndAddCert].activated) {
-	outFile = PR_Open(certreqfile, PR_RDWR | PR_CREATE_FILE, 00660);
-	if (!outFile) {
-	    PR_fprintf(PR_STDERR, 
-		       "%s -o: unable to open \"%s\" for writing (%ld, %ld)\n",
-		       progName, certreqfile,
-		       PR_GetError(), PR_GetOSError());
-	    return 255;
-	}
-    }
-
-    /*  Open the input file.  */
-    if (certutil.options[opt_InputFile].activated) {
-	inFile = PR_Open(certutil.options[opt_InputFile].arg, PR_RDONLY, 0);
-	if (!inFile) {
-	    PR_fprintf(PR_STDERR,
-	               "%s:  unable to open \"%s\" for reading (%ld, %ld).\n",
-	               progName, certutil.options[opt_InputFile].arg,
-	               PR_GetError(), PR_GetOSError());
-	    return 255;
-	}
-    }
-
-    /*  Open the output file.  */
-    if (certutil.options[opt_OutputFile].activated && !outFile) {
-	outFile = PR_Open(certutil.options[opt_OutputFile].arg, 
-                          PR_CREATE_FILE | PR_RDWR, 00660);
-	if (!outFile) {
-	    PR_fprintf(PR_STDERR,
-	               "%s:  unable to open \"%s\" for writing (%ld, %ld).\n",
-	               progName, certutil.options[opt_OutputFile].arg,
-	               PR_GetError(), PR_GetOSError());
-	    return 255;
-	}
-    }
-
-    name = SECU_GetOptionArg(&certutil, opt_Nickname);
-
-    PK11_SetPasswordFunc(SECU_GetModulePassword);
-
-    /*  Initialize NSPR and NSS.  */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix,
-                        "secmod.db", readOnly ? NSS_INIT_READONLY: 0);
-    if (rv != SECSuccess) {
-	SECU_PrintPRandOSError(progName);
-	rv = SECFailure;
-	goto shutdown;
-    }
-    certHandle = CERT_GetDefaultCertDB();
-
-    if (certutil.commands[cmd_Version].activated) {
-	int version = CERT_GetDBContentVersion(certHandle);
-	printf("Certificate database content version:  %d\n", version);
-    }
-
-    if (PL_strcmp(slotname, "internal") == 0)
-	slot = PK11_GetInternalKeySlot();
-    else if (slotname != NULL)
-	slot = PK11_FindSlotByName(slotname);
-
-    /*  If creating new database, initialize the password.  */
-    if (certutil.commands[cmd_NewDBs].activated) {
-	SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg);
-    }
-
-    /* The following 8 options are mutually exclusive with all others. */
-
-    /*  List certs (-L)  */
-    if (certutil.commands[cmd_ListCerts].activated) {
-	rv = ListCerts(certHandle, name, slot,
-	               certutil.options[opt_BinaryDER].activated,
-	               certutil.options[opt_ASCIIForIO].activated, 
-                       (outFile) ? outFile : PR_STDOUT, &pwdata);
-	goto shutdown;
-    }
-    if (certutil.commands[cmd_DumpChain].activated) {
-	rv = DumpChain(certHandle, name, slot,
-	               certutil.options[opt_BinaryDER].activated,
-	               certutil.options[opt_ASCIIForIO].activated, 
-                       (outFile) ? outFile : PR_STDOUT, &pwdata);
-	goto shutdown;
-    }
-    /*  XXX needs work  */
-    /*  List keys (-K)  */
-    if (certutil.commands[cmd_ListKeys].activated) {
-	rv = ListKeys(slot, name, 0 /*keyindex*/, keytype, PR_FALSE /*dopriv*/,
-	              &pwdata);
-	goto shutdown;
-    }
-    /*  List modules (-U)  */
-    if (certutil.commands[cmd_ListModules].activated) {
-	rv = ListModules();
-	goto shutdown;
-    }
-    /*  Delete cert (-D)  */
-    if (certutil.commands[cmd_DeleteCert].activated) {
-	rv = DeleteCert(certHandle, name);
-	goto shutdown;
-    }
-    /*  Delete key (-F)  */
-    if (certutil.commands[cmd_DeleteKey].activated) {
-	rv = DeleteKey(name, &pwdata);
-	goto shutdown;
-    }
-    /*  Modify trust attribute for cert (-M)  */
-    if (certutil.commands[cmd_ModifyCertTrust].activated) {
-	rv = ChangeTrustAttributes(certHandle, name, 
-	                           certutil.options[opt_Trust].arg);
-	goto shutdown;
-    }
-    /*  Change key db password (-W) (future - change pw to slot?)  */
-    if (certutil.commands[cmd_ChangePassword].activated) {
-	rv = SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg);
-	goto shutdown;
-    }
-    /*  Reset the a token */
-    if (certutil.commands[cmd_TokenReset].activated) {
-	char *sso_pass = "";
-
-	if (certutil.options[opt_SSOPass].activated) {
-	    sso_pass = certutil.options[opt_SSOPass].arg;
- 	}
-	rv = PK11_ResetToken(slot,sso_pass);
-
-	goto shutdown;
-    }
-    /*  Check cert validity against current time (-V)  */
-    if (certutil.commands[cmd_CheckCertValidity].activated) {
-	/* XXX temporary hack for fips - must log in to get priv key */
-	if (certutil.options[opt_VerifySig].activated) {
-	    if (PK11_NeedLogin(slot))
-		PK11_Authenticate(slot, PR_TRUE, &pwdata);
-	}
-	rv = ValidateCert(certHandle, name, 
-	                  certutil.options[opt_ValidityTime].arg,
-			  certutil.options[opt_Usage].arg,
-			  certutil.options[opt_VerifySig].activated,
-			  certutil.options[opt_DetailedInfo].activated,
-	                  &pwdata);
-	goto shutdown;
-    }
-
-    /*
-     *  Key generation
-     */
-
-    /*  These commands require keygen.  */
-    if (certutil.commands[cmd_CertReq].activated ||
-        certutil.commands[cmd_CreateAndAddCert].activated ||
-	certutil.commands[cmd_GenKeyPair].activated) {
-	/*  XXX Give it a nickname.  */
-	privkey = 
-	    CERTUTIL_GeneratePrivateKey(keytype, slot, keysize,
-	                                publicExponent, 
-	                                certutil.options[opt_NoiseFile].arg,
-	                                &pubkey, 
-	                                certutil.options[opt_PQGFile].arg,
-	                                &pwdata);
-	if (privkey == NULL) {
-	    SECU_PrintError(progName, "unable to generate key(s)\n");
-	    rv = SECFailure;
-	    goto shutdown;
-	}
-	privkey->wincx = &pwdata;
-	PORT_Assert(pubkey != NULL);
-
-	/*  If all that was needed was keygen, exit.  */
-	if (certutil.commands[cmd_GenKeyPair].activated) {
-	    rv = SECSuccess;
-	    goto shutdown;
-	}
-    }
-
-    /*
-     *  Certificate request
-     */
-
-    /*  Make a cert request (-R or -S).  */
-    if (certutil.commands[cmd_CreateAndAddCert].activated ||
-         certutil.commands[cmd_CertReq].activated) {
-	rv = CertReq(privkey, pubkey, keytype, subject,
-	             certutil.options[opt_PhoneNumber].arg,
-	             certutil.options[opt_ASCIIForIO].activated,
-		     outFile ? outFile : PR_STDOUT);
-	if (rv) 
-	    goto shutdown;
-	privkey->wincx = &pwdata;
-    }
-
-    /*
-     *  Certificate creation
-     */
-
-    /*  If making and adding a cert, load the cert request file
-     *  and output the cert to another file.
-     */
-    if (certutil.commands[cmd_CreateAndAddCert].activated) {
-	PR_Close(outFile);
-	inFile  = PR_Open(certreqfile, PR_RDONLY, 0);
-	if (!inFile) {
-	    PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
-                       certreqfile, PR_GetError(), PR_GetOSError());
-	    rv = SECFailure;
-	    goto shutdown;
-	}
-	outFile = PR_Open(certfile, PR_RDWR | PR_CREATE_FILE, 00660);
-	if (!outFile) {
-	    PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
-                       certfile, PR_GetError(), PR_GetOSError());
-	    rv = SECFailure;
-	    goto shutdown;
-	}
-    }
-
-    /*  Create a certificate (-C or -S).  */
-    if (certutil.commands[cmd_CreateAndAddCert].activated ||
-         certutil.commands[cmd_CreateNewCert].activated) {
-	rv = CreateCert(certHandle, 
-	                certutil.options[opt_IssuerName].arg,
-	                inFile, outFile, privkey, &pwdata,
-	                serialNumber, warpmonths, validitylength,
-	                certutil.options[opt_ASCIIForIO].activated,
-	                certutil.options[opt_SelfSign].activated,
-	                certutil.options[opt_AddKeyUsageExt].activated,
-	                certutil.options[opt_AddExtKeyUsageExt].activated,
-	                certutil.options[opt_AddBasicConstraintExt].activated,
-	                certutil.options[opt_AddAuthorityKeyIDExt].activated,
-	                certutil.options[opt_AddCRLDistPtsExt].activated,
-	                certutil.options[opt_AddNSCertTypeExt].activated);
-	if (rv) 
-	    goto shutdown;
-    }
-
-    /* 
-     * Adding a cert to the database (or slot)
-     */
- 
-    if (certutil.commands[cmd_CreateAndAddCert].activated) { 
-	PR_Close(inFile);
-	PR_Close(outFile);
-	inFile = PR_Open(certfile, PR_RDONLY, 0);
-	if (!inFile) {
-	    PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
-                       certfile, PR_GetError(), PR_GetOSError());
-	    rv = SECFailure;
-	    goto shutdown;
-	}
-    }
-
-    if (certutil.commands[cmd_CreateAndAddCert].activated ||
-         certutil.commands[cmd_AddCert].activated ||
-	 certutil.commands[cmd_AddEmailCert].activated) {
-	rv = AddCert(slot, certHandle, name, 
-	             certutil.options[opt_Trust].arg,
-	             inFile, 
-	             certutil.options[opt_ASCIIForIO].activated,
-	             certutil.commands[cmd_AddEmailCert].activated,&pwdata);
-	if (rv) 
-	    goto shutdown;
-    }
-
-    if (certutil.commands[cmd_CreateAndAddCert].activated) {
-	PR_Close(inFile);
-	PR_Delete(certfile);
-	PR_Delete(certreqfile);
-    }
-
-shutdown:
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if (privkey) {
-	SECKEY_DestroyPrivateKey(privkey);
-    }
-    if (pubkey) {
-	SECKEY_DestroyPublicKey(pubkey);
-    }
-    NSS_Shutdown();
-
-    if (rv == SECSuccess) {
-	return 0;
-    } else {
-	return 255;
-    }
-}
diff --git a/security/nss/cmd/certutil/keystuff.c b/security/nss/cmd/certutil/keystuff.c
deleted file mode 100644
index 317443a27..000000000
--- a/security/nss/cmd/certutil/keystuff.c
+++ /dev/null
@@ -1,411 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#include <sys/time.h>
-#include <termios.h>
-#endif
-
-#if defined(XP_WIN) || defined (XP_PC)
-#include <time.h>
-#include <conio.h>
-#endif
-
-#if defined(__sun) && !defined(SVR4)
-extern int fclose(FILE*);
-extern int fprintf(FILE *, char *, ...);
-extern int isatty(int);
-extern char *sys_errlist[];
-#define strerror(errno) sys_errlist[errno]
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "secrng.h"
-#include "pqgutil.h"
-
-#define NUM_KEYSTROKES 120
-#define RAND_BUF_SIZE 60
-
-#define ERROR_BREAK rv = SECFailure;break;
-
-const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
-    { 0, }
-};
-
-/* returns 0 for success, -1 for failure (EOF encountered) */
-static int
-UpdateRNG(void)
-{
-    char *         randbuf;
-    int            fd, i, count;
-    int            c;
-    int            rv		= 0;
-#ifdef XP_UNIX
-    cc_t           orig_cc_min;
-    cc_t           orig_cc_time;
-    tcflag_t       orig_lflag;
-    struct termios tio;
-#endif
-
-#define FPS fprintf(stderr, 
-    FPS "\n");
-    FPS "A random seed must be generated that will be used in the\n");
-    FPS "creation of your key.  One of the easiest ways to create a\n");
-    FPS "random seed is to use the timing of keystrokes on a keyboard.\n");
-    FPS "\n");
-    FPS "To begin, type keys on the keyboard until this progress meter\n");
-    FPS "is full.  DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!\n");
-    FPS "\n");
-    FPS "\n");
-    FPS "Continue typing until the progress meter is full:\n\n");
-    FPS "|                                                            |\r");
-
-    /* turn off echo on stdin & return on 1 char instead of NL */
-    fd = fileno(stdin);
-
-#if defined(XP_UNIX) && !defined(VMS)
-    tcgetattr(fd, &tio);
-    orig_lflag = tio.c_lflag;
-    orig_cc_min = tio.c_cc[VMIN];
-    orig_cc_time = tio.c_cc[VTIME];
-    tio.c_lflag &= ~ECHO;
-    tio.c_lflag &= ~ICANON;
-    tio.c_cc[VMIN] = 1;
-    tio.c_cc[VTIME] = 0;
-    tcsetattr(fd, TCSAFLUSH, &tio);
-#endif
-
-    /* Get random noise from keyboard strokes */
-    randbuf = (char *) PORT_Alloc(RAND_BUF_SIZE);
-    count = 0;
-    while (count < NUM_KEYSTROKES+1) {
-#ifdef VMS
-	c = GENERIC_GETCHAR_NOECHO();
-#elif XP_UNIX
-	c = getc(stdin);
-#else
-	c = getch();
-#endif
-	if (c == EOF) {
-	    rv = -1;
-	    break;
-	}
-	PK11_RandomUpdate(randbuf, sizeof(randbuf));
-	if (c != randbuf[0]) {
-	    randbuf[0] = c;
-	    FPS "\r|");
-	    for (i=0; i<count/(NUM_KEYSTROKES/RAND_BUF_SIZE); i++) {
-		FPS "*");
-	    }
-	    if (count%(NUM_KEYSTROKES/RAND_BUF_SIZE) == 1)
-		FPS "/");
-	    count++;
-	}
-    }
-    free(randbuf); 
-
-    FPS "\n\n");
-    FPS "Finished.  Press enter to continue: ");
-#if defined(VMS)
-    while((c = GENERIC_GETCHAR_NO_ECHO()) != '\r' && c != EOF)
-	;
-#else
-    while ((c = getc(stdin)) != '\n' && c != EOF)
-	;
-#endif
-    if (c == EOF) 
-	rv = -1;
-    FPS "\n");
-
-#undef FPS
-
-#if defined(XP_UNIX) && !defined(VMS)
-    /* set back termio the way it was */
-    tio.c_lflag = orig_lflag;
-    tio.c_cc[VMIN] = orig_cc_min;
-    tio.c_cc[VTIME] = orig_cc_time;
-    tcsetattr(fd, TCSAFLUSH, &tio);
-#endif
-    return rv;
-}
-
-
-static unsigned char P[] = { 0x00, 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76,
-			     0xaa, 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69,
-			     0xcb, 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c,
-			     0xf7, 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82,
-			     0xe5, 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e,
-			     0xaf, 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a,
-			     0xac, 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24,
-			     0xc2, 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02,
-			     0x91 };
-static unsigned char Q[] = { 0x00, 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8,
-			     0xee, 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4,
-			     0x8e, 0xda, 0xce, 0x91, 0x5f };
-static unsigned char G[] = { 0x00, 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a,
-			     0x13, 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5,
-			     0x00, 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef,
-			     0xcb, 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c,
-			     0x2e, 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba,
-			     0xbf, 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c,
-			     0x9c, 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08,
-			     0x8c, 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88,
-			     0x02 };
-
-static SECKEYPQGParams default_pqg_params = {
-    NULL,
-    { 0, P, sizeof(P) },
-    { 0, Q, sizeof(Q) },
-    { 0, G, sizeof(G) }
-};
-
-static SECKEYPQGParams *
-decode_pqg_params(char *str)
-{
-    char *buf;
-    unsigned int len;
-    PRArenaPool *arena;
-    SECKEYPQGParams *params;
-    SECStatus status;
- 
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-        return NULL;
- 
-    params = PORT_ArenaZAlloc(arena, sizeof(SECKEYPQGParams));
-    if (params == NULL)
-        goto loser;
-    params->arena = arena;
- 
-    buf = (char *)ATOB_AsciiToData(str, &len);
-    if ((buf == NULL) || (len == 0))
-        goto loser;
- 
-    status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, buf, len);
-    if (status != SECSuccess)
-        goto loser;
- 
-    return params;
- 
-loser:
-    if (arena != NULL)
-        PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-void  
-CERTUTIL_DestroyParamsPQG(SECKEYPQGParams *params)
-{
-    if (params->arena) {
-        PORT_FreeArena(params->arena, PR_FALSE);
-    }
-}
-
-static int
-pqg_prime_bits(char *str)
-{
-    SECKEYPQGParams *params = NULL;
-    int primeBits = 0, i;
- 
-    params = decode_pqg_params(str);
-    if (params == NULL)
-        goto done; /* lose */
- 
-    for (i = 0; params->prime.data[i] == 0; i++)
-        /* empty */;
-	primeBits = (params->prime.len - i) * 8;
- 
-done:
-    if (params != NULL)
-        CERTUTIL_DestroyParamsPQG(params);
-    return primeBits;
-}
-
-static char *
-SECU_GetpqgString(char *filename)
-{
-    char phrase[400];
-    FILE *fh;
-    char *rv;
-
-    fh = fopen(filename,"r");
-    rv = fgets (phrase, sizeof(phrase), fh);
-
-    fclose(fh);
-    if (phrase[strlen(phrase)-1] == '\n')
-	phrase[strlen(phrase)-1] = '\0';
-    if (rv) {
-	return (char*) PORT_Strdup(phrase);
-    }
-    fprintf(stderr,"pqg file contain no data\n");
-    return NULL;
-}
-
-SECKEYPQGParams*
-getpqgfromfile(int keyBits, char *pqgFile)
-{
-    char *end, *str, *pqgString;
-    int primeBits;
-
-    pqgString = SECU_GetpqgString(pqgFile);
-    if (pqgString)
-	str = PORT_Strdup(pqgString);
-    else
-	return NULL;
-
-    do {
-	end = PORT_Strchr(str, ',');
-	if (end)
-	    *end = '\0';
-	primeBits = pqg_prime_bits(str);
-	if (keyBits == primeBits)
-	    goto found_match;
-	str = end + 1;
-    } while (end);
-
-    PORT_Free(pqgString);
-    PORT_Free(str);
-    return NULL;
-
-found_match:
-    PORT_Free(pqgString);
-    PORT_Free(str);
-    return decode_pqg_params(str);
-}
-
-void CERTUTIL_FileForRNG(char *noise)
-{
-    char buf[2048];
-    PRFileDesc *fd;
-    PRInt32 count;
-
-    fd = PR_OpenFile(noise,PR_RDONLY,0666);
-    if (!fd) return;
-
-    do {
-	count = PR_Read(fd,buf,sizeof(buf));
-	if (count > 0) {
-	    PK11_RandomUpdate(buf,count);
-	}
-    } while (count > 0);
-
-    PR_Close(fd);
-   
-}
-
-SECKEYPrivateKey *
-CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size,
-			    int publicExponent, char *noise, 
-			    SECKEYPublicKey **pubkeyp, char *pqgFile,
-                            secuPWData *pwdata)
-{
-    CK_MECHANISM_TYPE mechanism;
-    SECOidTag algtag;
-    PK11RSAGenParams rsaparams;
-    SECKEYPQGParams *dsaparams = NULL;
-    void *params;
-    PRArenaPool *dsaparena;
-
-    /*
-     * Do some random-number initialization.
-     */
-
-    if (noise) {
-    	CERTUTIL_FileForRNG(noise);
-    } else {
-	int rv = UpdateRNG();
-	if (rv) {
-	    PORT_SetError(PR_END_OF_FILE_ERROR);
-	    return NULL;
-	}
-    }
-
-    switch (keytype) {
-      case rsaKey:
-	rsaparams.keySizeInBits = size;
-	rsaparams.pe = publicExponent;
-	mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
-	algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-	params = &rsaparams;
-	break;
-      case dsaKey:
-	mechanism = CKM_DSA_KEY_PAIR_GEN;
-	algtag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-	if (pqgFile) {
-	    dsaparams = getpqgfromfile(size, pqgFile);
-	} else {
-	    dsaparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	    if (dsaparena == NULL) return NULL;
-	    dsaparams = PORT_ArenaZAlloc(dsaparena, sizeof(SECKEYPQGParams));
-	    if (dsaparams == NULL) return NULL;
-	    dsaparams->arena = dsaparena;
-	    SECITEM_AllocItem(dsaparena, &dsaparams->prime, sizeof P);
-	    SECITEM_AllocItem(dsaparena, &dsaparams->subPrime, sizeof Q);
-	    SECITEM_AllocItem(dsaparena, &dsaparams->base, sizeof G);
-	    PORT_Memcpy(dsaparams->prime.data, P, dsaparams->prime.len);
-	    PORT_Memcpy(dsaparams->subPrime.data, Q, dsaparams->subPrime.len);
-	    PORT_Memcpy(dsaparams->base.data, G, dsaparams->base.len);
-	}
-	params = dsaparams;
-	break;
-      default:
-	return NULL;
-    }
-
-    if (slot == NULL)
-	return NULL;
-
-    if (PK11_Authenticate(slot, PR_TRUE, pwdata) != SECSuccess)
-	return NULL;
-
-    fprintf(stderr, "\n\n");
-    fprintf(stderr, "Generating key.  This may take a few moments...\n\n");
-
-    return PK11_GenerateKeyPair(slot, mechanism, params, pubkeyp,
-				PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/, 
-				pwdata /*wincx*/);
-}
diff --git a/security/nss/cmd/certutil/makefile.win b/security/nss/cmd/certutil/makefile.win
deleted file mode 100644
index 26cdc0651..000000000
--- a/security/nss/cmd/certutil/makefile.win
+++ /dev/null
@@ -1,155 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-PROGRAM = certutil
-PROGRAM	= $(OBJDIR)\$(PROGRAM).exe
-
-include <$(DEPTH)\config\config.mak>
-
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib 		# brpref32.lib 		# cert32.lib
-# crypto32.lib 		# dllcom.lib 		# editor32.lib
-# edpref32.lib 		# edtplug.lib 		# font.lib
-# hash32.lib 		# htmldg32.lib 		# img32.lib
-# javart32.lib 		# jbn3240.lib 		# jdb3240.lib
-# jmc.lib 		# jpeg3240.lib 		# jpw3240.lib
-# jrt3240.lib 		# js3240.lib 		# jsd3240.lib
-# key32.lib 		# libapplet32.lib 	# libnjs32.lib
-# libnsc32.lib 		# libreg32.lib 		# mm3240.lib
-# mnpref32.lib 		# netcst32.lib 		# nsdlg32.lib
-# nsldap32.lib 		# nsldaps32.lib 	# nsn32.lib
-# pkcs1232.lib 		# pkcs732.lib 		# pr3240.lib
-# prefui32.lib 		# prefuuid.lib 		# secmod32.lib
-# secnav32.lib 		# secutl32.lib 		# softup32.lib
-# sp3240.lib 		# ssl32.lib 		# uni3200.lib
-# unicvt32.lib 		# win32md.lib 		# winfont.lib
-# xppref32.lib 		# zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj  XP_ALLOC.obj  XP_HASH.obj   XP_RGB.obj    XP_WRAP.obj
-# CXPRINT.obj   XP_C.cl       XP_LIST.obj   XP_SEC.obj    netscape.exp
-# CXPRNDLG.obj  XP_CNTXT.obj  XP_MD5.obj    XP_STR.obj    xp.pch
-# EXPORT.obj    XP_CORE.obj   XP_MESG.obj   XP_THRMO.obj  xppref32.dll
-# XPASSERT.obj  XP_ERROR.obj  XP_RECT.obj   XP_TIME.obj
-# XPLOCALE.obj  XP_FILE.obj   XP_REG.obj    XP_TRACE.obj
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/certutil/manifest.mn b/security/nss/cmd/certutil/manifest.mn
deleted file mode 100644
index 8d93b0116..000000000
--- a/security/nss/cmd/certutil/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-CSRCS = \
-	certutil.c \
-	keystuff.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = certutil
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/checkcert/Makefile b/security/nss/cmd/checkcert/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/checkcert/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/checkcert/checkcert.c b/security/nss/cmd/checkcert/checkcert.c
deleted file mode 100644
index 0cd5e61aa..000000000
--- a/security/nss/cmd/checkcert/checkcert.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "plgetopt.h"
-#include "cert.h"
-#include "secoid.h"
-#include "cryptohi.h"
-
-/* maximum supported modulus length in bits (indicate problem if over this) */
-#define MAX_MODULUS (1024)
-
-
-static void Usage(char *progName)
-{
-    fprintf(stderr, "Usage: %s [aAvf] [certtocheck] [issuingcert]\n",
-	    progName);
-    fprintf(stderr, "%-20s Cert to check is base64 encoded\n",
-	    "-a");
-    fprintf(stderr, "%-20s Issuer's cert is base64 encoded\n",
-	    "-A");
-    fprintf(stderr, "%-20s Verbose (indicate decoding progress etc.)\n",
-	    "-v");
-    fprintf(stderr, "%-20s Force sanity checks even if pretty print fails.\n",
-	    "-f");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    fprintf(stderr, "%-20s Specify the input type (no default)\n",
-	    "-t type");
-    exit(-1);
-}
-
-
-/*
- * Check integer field named fieldName, printing out results and
- * returning the length of the integer in bits
- */   
-
-static
-int checkInteger(SECItem *intItem, char *fieldName, int verbose) 
-{
-    int len, bitlen;
-    if (verbose) {
-	printf("Checking %s\n", fieldName);
-    }
-    
-    len = intItem->len;
-    
-    if (len && (intItem->data[0] & 0x80)) {
-	printf("PROBLEM: %s is NEGATIVE 2's-complement integer.\n",
-	       fieldName);
-    }
-    
-    
-    /* calculate bit length and check for unnecessary leading zeros */
-    bitlen = len << 3;
-    if (len > 1 && intItem->data[0] == 0) {
-	/* leading zero byte(s) */
-	if (!(intItem->data[1] & 0x80)) {
-	    printf("PROBLEM: %s has unneeded leading zeros.  Violates DER.\n",
-		   fieldName);
-	}
-	/* strip leading zeros in length calculation */
-	{
-	    int i=0;
-	    while (bitlen > 8 && intItem->data[i] == 0) {
-		bitlen -= 8;
-		i++;
-	    }
-	}
-    }
-    return bitlen;
-}
-
-
-
-
-static
-void checkName(CERTName *n, char *fieldName, int verbose)
-{
-    char *v=0;
-    if (verbose) {
-	printf("Checking %s\n", fieldName);
-    }
-    
-    v = CERT_GetCountryName(n);
-    if (!v) {
-	printf("PROBLEM: %s lacks Country Name (C)\n",
-	       fieldName);
-    }
-    PORT_Free(v);
-    
-    v = CERT_GetOrgName(n);
-    if (!v) {
-	printf("PROBLEM: %s lacks Organization Name (O)\n",
-	       fieldName);
-    }
-    PORT_Free(v);
-    
-    v = CERT_GetOrgUnitName(n);
-    if (!v) {
-	printf("WARNING: %s lacks Organization Unit Name (OU)\n",
-	       fieldName);
-    }
-    PORT_Free(v);	
-    
-    v = CERT_GetCommonName(n);
-    if (!v) {
-	printf("PROBLEM: %s lacks Common Name (CN)\n",
-	       fieldName);
-    }
-    PORT_Free(v);
-}
-
-
-
-
-/*
- * Private version of verification that checks for agreement between
- * signature algorithm oid (at the SignedData level) and oid in DigestInfo.
- *
- */
-     
-     
-/* Returns the tag for the hash algorithm in the given signature algorithm */
-     static
-     int hashAlg(int sigAlgTag) {
-	 int rv;
-	 switch(sigAlgTag) {
-	   case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
-	     rv = SEC_OID_MD2;
-	     break;
-	   case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
-	     rv = SEC_OID_MD5;
-	     break;
-	   case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
-	     rv = SEC_OID_SHA1;
-	     break;
-	   default:
-	     rv = -1;
-	 }
-	 return rv;
-     }
-
-
-
-struct VFYContextStr {
-    int alg;
-    unsigned char digest[32];
-    void *hasher;
-    void (*begin)(void *);
-    void (*update)(void *, unsigned char*, unsigned);
-    SECStatus (*end)(void *, unsigned char*, unsigned int*, unsigned);
-    void (*destroy)(void *, PRBool);
-};
-
-
-static
-SECStatus
-OurVerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
-	      SECItem *sig, SECAlgorithmID *sigAlgorithm)
-{
-    SECStatus rv;
-    VFYContext *cx;
-    SECOidData *sigAlgOid, *oiddata;
-    int sigAlgTag;
-    int hashAlgTag;
-    int showDigestOid=0;
-    
-    cx = VFY_CreateContext(key, sig, SECOID_GetAlgorithmTag(sigAlgorithm),
-			   NULL);
-    if (cx == NULL)
-	return SECFailure;
-    
-    sigAlgOid = SECOID_FindOID(&sigAlgorithm->algorithm);
-    if (sigAlgOid == 0)
-	return SECFailure;
-    sigAlgTag = sigAlgOid->offset;
-    
-    hashAlgTag = hashAlg(sigAlgTag);
-    if (hashAlgTag == -1) {
-	printf("PROBLEM: Unsupported Digest Algorithm in DigestInfo");
-	showDigestOid = 1;
-    } else if (hashAlgTag != cx->alg) {
-	printf("PROBLEM: Digest OID in DigestInfo is incompatible "
-	       "with Signature Algorithm\n");
-	showDigestOid = 1;
-    } 
-
-    if (showDigestOid) {
-	oiddata = SECOID_FindOIDByTag(cx->alg);
-	if ( oiddata ) {
-	    printf("PROBLEM: (cont) Digest OID is %s\n", oiddata->desc);
-	} else {
-	    SECU_PrintAsHex(stdout,
-			    &oiddata->oid, "PROBLEM: UNKNOWN OID", 0);
-	}
-    }
-    
-    rv = VFY_Begin(cx);
-    if (rv == SECSuccess) {
-	rv = VFY_Update(cx, buf, len);
-	if (rv == SECSuccess)
-	    rv = VFY_End(cx);
-    }
-    
-    VFY_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
-
-
-
-static
-SECStatus
-OurVerifySignedData(CERTSignedData *sd, CERTCertificate *cert)
-{
-    SECItem sig;
-    SECKEYPublicKey *pubKey = 0;
-    SECStatus rv;
-    
-    /* check the certificate's validity */
-    rv = CERT_CertTimesValid(cert);
-    if ( rv ) {
-	return(SECFailure);
-    }
-    
-    /* get cert's public key */
-    pubKey = CERT_ExtractPublicKey(cert);
-    if ( !pubKey ) {
-	return(SECFailure);
-    }
-    
-    /* check the signature */
-    sig = sd->signature;
-    DER_ConvertBitString(&sig);
-    rv = OurVerifyData(sd->data.data, sd->data.len, pubKey, &sig,
-		       &sd->signatureAlgorithm);
-    
-    SECKEY_DestroyPublicKey(pubKey);
-    
-    if ( rv ) {
-	return(SECFailure);
-    }
-    
-    return(SECSuccess);
-}
-
-
-
-
-static
-CERTCertificate *createEmptyCertificate(void)
-{
-    PRArenaPool *arena = 0;
-    CERTCertificate *c = 0;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) {
-	return 0;
-    }
-    
-    
-    c = (CERTCertificate *) PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-    
-    if (c) {
-	c->referenceCount = 1;
-	c->arena = arena;
-    } else {
-	PORT_FreeArena(arena,PR_TRUE);
-    }
-    
-    return c;
-}    
-
-
-
-
-int main(int argc, char **argv)
-{
-    int rv, verbose=0, force=0;
-    int ascii=0, issuerAscii=0;
-    char *progName=0;
-    PRFileDesc *inFile=0, *issuerCertFile=0;
-    SECItem derCert, derIssuerCert;
-    PRArenaPool *arena=0;
-    CERTSignedData *signedData=0;
-    CERTCertificate *cert=0, *issuerCert=0;
-    SECKEYPublicKey *rsapubkey=0;
-    SECAlgorithmID md5WithRSAEncryption, md2WithRSAEncryption;
-    SECAlgorithmID sha1WithRSAEncryption, rsaEncryption;
-    SECItem spk;
-    int selfSigned=0;
-    int invalid=0;
-    char *inFileName = NULL, *issuerCertFileName = NULL;
-    PLOptState *optstate;
-    PLOptStatus status;
-
-	PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption));
-	PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption));
-	PORT_Memset(&sha1WithRSAEncryption, 0, sizeof(sha1WithRSAEncryption));
-	PORT_Memset(&rsaEncryption, 0, sizeof(rsaEncryption));
-    
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-    
-    optstate = PL_CreateOptState(argc, argv, "aAvf");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case 'v':
-	    verbose = 1;
-	    break;
-	    
-	  case 'f':
-	    force = 1;
-	    break;
-	    
-	  case 'a':
-	    ascii = 1;
-	    break;
-	    
-	  case 'A':
-	    issuerAscii = 1;
-	    break;
-	    
-	  case '\0':
-	    if (!inFileName)
-		inFileName = PL_strdup(optstate->value);
-	    else if (!issuerCertFileName)
-		issuerCertFileName = PL_strdup(optstate->value);
-	    else
-		Usage(progName);
-	    break;
-	}
-    }
-
-    if (!inFileName || !issuerCertFileName || status == PL_OPT_BAD) {
-	/* insufficient or excess args */
-	Usage(progName);
-    }
-    
-    inFile = PR_Open(inFileName, PR_RDONLY, 0);
-    if (!inFile) {
-	fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-	                 progName, inFileName);
-	exit(1);
-    }
-    
-    issuerCertFile = PR_Open(issuerCertFileName, PR_RDONLY, 0);
-    if (!issuerCertFile) {
-	fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-	                 progName, issuerCertFileName);
-	exit(1);
-    }
-    
-	if (SECU_ReadDERFromFile(&derCert, inFile, ascii) != SECSuccess) {
-	printf("Couldn't read input certificate as DER binary or base64\n");
-	exit(1);
-    }
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == 0) {
-	fprintf(stderr,"%s: can't allocate scratch arena!", progName);
-	exit(1);
-    }
-    
-    if (issuerCertFile) {
-	CERTSignedData *issuerCertSD=0;
-	if (SECU_ReadDERFromFile(&derIssuerCert, issuerCertFile, issuerAscii)
-	    != SECSuccess) {
-	    printf("Couldn't read issuer certificate as DER binary or base64.\n");
-	    exit(1);
-	}
-	issuerCertSD = (CERTSignedData *) PORT_ArenaZAlloc(arena,
-							sizeof(CERTSignedData));
-	if (!issuerCertSD) {
-	    fprintf(stderr,"%s: can't allocate issuer signed data!", progName);
-	    exit(1);
-	}
-	rv = SEC_ASN1DecodeItem(arena, issuerCertSD, 
-	                        SEC_ASN1_GET(CERT_SignedDataTemplate),
-				&derIssuerCert);
-	if (rv) {
-	    fprintf(stderr, "%s: Issuer cert isn't X509 SIGNED Data?\n",
-		    progName);
-	    exit(1);
-	}
-	issuerCert = createEmptyCertificate();
-	if (!issuerCert) {
-	    printf("%s: can't allocate space for issuer cert.", progName);
-	    exit(1);
-	}
-	rv = SEC_ASN1DecodeItem(arena, issuerCert, 
-	                    SEC_ASN1_GET(CERT_CertificateTemplate),
-			    &issuerCertSD->data);
-	if (rv) {
-	    printf("%s: Does not appear to be an X509 Certificate.\n",
-		   progName);
-	    exit(1);
-	}
-    }
-    
-    signedData = (CERTSignedData *) PORT_ArenaZAlloc(arena,sizeof(CERTSignedData));
-    if (!signedData) {
-	fprintf(stderr,"%s: can't allocate signedData!", progName);
-	exit(1);
-    }
-    
-    rv = SEC_ASN1DecodeItem(arena, signedData, 
-                            SEC_ASN1_GET(CERT_SignedDataTemplate), 
-			    &derCert);
-    if (rv) {
-	fprintf(stderr, "%s: Does not appear to be X509 SIGNED Data.\n",
-		progName);
-	exit(1);
-    }
-    
-    if (verbose) {
-	printf("Decoded ok as X509 SIGNED data.\n");
-    }
-    
-    cert = createEmptyCertificate();
-    if (!cert) {
-	fprintf(stderr, "%s: can't allocate cert", progName);
-	exit(1);
-    }
-    
-    rv = SEC_ASN1DecodeItem(arena, cert, 
-                        SEC_ASN1_GET(CERT_CertificateTemplate), 
-			&signedData->data);
-    if (rv) {
-	fprintf(stderr, "%s: Does not appear to be an X509 Certificate.\n",
-		progName);
-	exit(1);
-    }
-    
-    
-    if (verbose) {
-	printf("Decoded ok as an X509 certificate.\n");
-    }
-    
-    
-    rv = SECU_PrintSignedData(stdout, &derCert, "Certificate", 0,
-			      SECU_PrintCertificate);
-    
-    if (rv) {
-	fprintf(stderr, "%s: Unable to pretty print cert. Error: %d\n",
-		progName, PORT_GetError());
-	if (!force) {
-	    exit(1);
-	}
-    }
-    
-    
-    /* Do various checks on the cert */
-    
-    printf("\n");
-    
-    /* Check algorithms */
-    SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption,
-		       SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL);
-    
-    SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption,
-		       SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL);
-    
-    SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption,
-		       SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL);
-
-    SECOID_SetAlgorithmID(arena, &rsaEncryption,
-		       SEC_OID_PKCS1_RSA_ENCRYPTION, NULL);
-    
-    {
-	int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature,
-					       &md5WithRSAEncryption) == 0);
-	int isMD2RSA = (SECOID_CompareAlgorithmID(&cert->signature,
-					       &md2WithRSAEncryption) == 0);
-	int isSHA1RSA = (SECOID_CompareAlgorithmID(&cert->signature,
-					       &sha1WithRSAEncryption) == 0);
-	
-	if (verbose) {
-	    printf("\nDoing algorithm checks.\n");
-	}
-	
-	if (!(isMD5RSA || isMD2RSA || isSHA1RSA)) {
-	    printf("PROBLEM: Signature not PKCS1 MD5, MD2, or SHA1 + RSA.\n");
-	} else if (!isMD5RSA) {
-	    printf("WARNING: Signature not PKCS1 MD5 with RSA Encryption\n");
-	}
-	
-	if (SECOID_CompareAlgorithmID(&cert->signature,
-				   &signedData->signatureAlgorithm)) {
-	    printf("PROBLEM: Algorithm in sig and certInfo don't match.\n");
-	}
-    }
-    
-    if (SECOID_CompareAlgorithmID(&cert->subjectPublicKeyInfo.algorithm,
-			       &rsaEncryption)) {
-	printf("PROBLEM: Public key algorithm is not PKCS1 RSA Encryption.\n");
-    }
-    
-    /* Check further public key properties */
-    spk = cert->subjectPublicKeyInfo.subjectPublicKey;
-    DER_ConvertBitString(&spk);
-    
-    if (verbose) {
-	printf("\nsubjectPublicKey DER\n");
-	rv = DER_PrettyPrint(stdout, &spk, PR_FALSE);
-	printf("\n");
-    }
-    
-    rsapubkey = (SECKEYPublicKey *) 
-	             PORT_ArenaZAlloc(arena,sizeof(SECKEYPublicKey));
-    if (!rsapubkey) {
-	fprintf(stderr, "%s: rsapubkey allocation failed.\n", progName);
-	exit(1);
-    }
-    
-    rv = SEC_ASN1DecodeItem(arena, rsapubkey, 
-                            SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), &spk);
-    if (rv) {
-	printf("PROBLEM: subjectPublicKey is not a DER PKCS1 RSAPublicKey.\n");
-    } else {
-	int mlen;
-	int pubexp;
-	if (verbose) {
-	    printf("Decoded RSA Public Key ok.  Doing key checks.\n");
-	}
-	PORT_Assert(rsapubkey->keyType == rsaKey); /* XXX RSA */
-	mlen = checkInteger(&rsapubkey->u.rsa.modulus, "Modulus", verbose);
-	printf("INFO: Public Key modulus length in bits: %d\n", mlen);
-	if (mlen > MAX_MODULUS) {
-	    printf("PROBLEM: Modulus length exceeds %d bits.\n",
-		   MAX_MODULUS);
-	}
-	if (mlen < 512) {
-	    printf("WARNING: Short modulus.\n");
-	}
-	if (mlen != (1 << (ffs(mlen)-1))) {
-	    printf("WARNING: Unusual modulus length (not a power of two).\n");
-	}
-	checkInteger(&rsapubkey->u.rsa.publicExponent, "Public Exponent",
-                     verbose);
-	pubexp = DER_GetInteger(&rsapubkey->u.rsa.publicExponent);
-	if (pubexp != 17 && pubexp != 3 && pubexp != 65537) {
-	    printf("WARNING: Public exponent not any of: 3, 17, 65537\n");
-	}
-    }
-    
-    
-    /* Name checks */
-    checkName(&cert->issuer, "Issuer Name", verbose);
-    checkName(&cert->subject, "Subject Name", verbose);
-    
-    if (issuerCert) {
-	SECComparison c =
-	    CERT_CompareName(&cert->issuer, &issuerCert->subject);
-	if (c) {
-         printf("PROBLEM: Issuer Name and Subject in Issuing Cert differ\n");
-        }
-    }
-
-    /* Check if self-signed */
-    selfSigned = (CERT_CompareName(&cert->issuer, &cert->subject) == 0);
-    if (selfSigned) {
-	printf("INFO: Certificate is self signed.\n");
-    } else {
-	printf("INFO: Certificate is NOT self-signed.\n");
-    }
-    
-    
-    /* Validity time check */
-    if (CERT_CertTimesValid(cert) == SECSuccess) {
-	printf("INFO: Inside validity period of certificate.\n");
-    } else {
-	printf("PROBLEM: Not in validity period of certificate.\n");
-	invalid = 1;
-    }
-    
-    /* Signature check if self-signed */
-    if (selfSigned && !invalid) {
-	if (rsapubkey->u.rsa.modulus.len) {
-	    SECStatus ver;
-	    if (verbose) {
-		printf("Checking self signature.\n");
-	    }
-	    ver = OurVerifySignedData(signedData, cert);
-	    if (ver != SECSuccess) {
-		printf("PROBLEM: Verification of self-signature failed!\n");
-	    } else {
-		printf("INFO: Self-signature verifies ok.\n");
-	    }
-	} else {
-	    printf("INFO: Not checking signature due to key problems.\n");
-	}
-    } else if (!selfSigned && !invalid && issuerCert) {
-	SECStatus ver;
-	ver = OurVerifySignedData(signedData, issuerCert);
-	if (ver != SECSuccess) {
-	    printf("PROBLEM: Verification of issuer's signature failed!\n");
-	} else {
-	    printf("INFO: Issuer's signature verifies ok.\n");
-	}
-    } else {
-	printf("INFO: Not checking signature.\n");
-    }
-    
-    return 0;    
-}
-
-
-
diff --git a/security/nss/cmd/checkcert/makefile.win b/security/nss/cmd/checkcert/makefile.win
deleted file mode 100644
index ff1fe62a7..000000000
--- a/security/nss/cmd/checkcert/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = checkcert
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/checkcert/manifest.mn b/security/nss/cmd/checkcert/manifest.mn
deleted file mode 100644
index 9d5a99f73..000000000
--- a/security/nss/cmd/checkcert/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = checkcert.c
-
-PROGRAM	= checkcert
diff --git a/security/nss/cmd/cmdlib/Makefile b/security/nss/cmd/cmdlib/Makefile
deleted file mode 100644
index 0769c80a3..000000000
--- a/security/nss/cmd/cmdlib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
diff --git a/security/nss/cmd/cmdlib/cmdline.c b/security/nss/cmd/cmdlib/cmdline.c
deleted file mode 100644
index 84ad35be3..000000000
--- a/security/nss/cmd/cmdlib/cmdline.c
+++ /dev/null
@@ -1,474 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <string.h>
-#include <ctype.h>
-
-#include "cmdutil.h"
-
-static int s_indent_size = 4;
-
-void
-CMD_SetIndentSize(int size) 
-{
-    s_indent_size = size;
-}
-
-#if 0
-static void
-indent(PRFileDesc *out, int level)
-{
-    int i, j;
-    for (i=0; i<level; i++)
-	for (j=0; j<s_indent_size; j++)	
-	    PR_fprintf(out, " ");
-}
-#endif
-
-struct cmdPrintStateStr {
-    PRFileDesc *file;
-    int width;
-    int indent;
-    int linepos;
-};
-
-static void
-init_print_ps(cmdPrintState *ps, PRFileDesc *outfile, int width, int indent)
-{
-    ps->file = (outfile) ? outfile : PR_STDOUT;
-    ps->width = (width > 0) ? width : 80;
-    ps->indent = (indent > 0) ? indent : 0;
-    ps->linepos = 0;
-}
-
-static void
-print_ps_indent(cmdPrintState *ps)
-{
-    int j;
-    if (ps->linepos != 0) {
-	PR_fprintf(ps->file, "\n");
-	ps->linepos = 0;
-    }
-    for (j=0; j<=ps->indent; j++) PR_fprintf(ps->file, " ");
-    ps->linepos = ps->indent;
-}
-
-static void
-print_ps_to_indent(cmdPrintState *ps)
-{
-    if (ps->linepos > ps->indent)
-	PR_fprintf(ps->file, "\n");
-    while (ps->linepos <= ps->indent) {
-	PR_fprintf(ps->file, " ");
-	ps->linepos++;
-    }
-}
-
-static void
-nprintbuf(cmdPrintState *ps, char *buf, int start, int len)
-{
-    int j;
-    for (j=start; j<start + len; j++) {
-	if (buf[j] == '\n') {
-	    PR_fprintf(ps->file, "\n");
-	    ps->linepos = 0;
-	    print_ps_indent(ps);
-	} else {
-	    PR_fprintf(ps->file, "%c", buf[j]);
-	    ps->linepos++;
-	}
-    }
-}
-
-static void 
-nprintf(cmdPrintState *ps, char *msg, ...)
-{
-    char buf[256];
-    int i, len, grouplen;
-    PRBool openquote, openbracket, openparen, openangle, itsaword;
-    va_list args;
-    va_start(args, msg);
-    vsprintf(buf, msg, args);
-    len = strlen(buf);
-    /* print_ps_indent(ps); */
-    if (len < ps->width - ps->linepos) {
-	nprintbuf(ps, buf, 0, len + 1);
-	return;
-    }
-    /* group in this order: " [ ( < word > ) ] " */
-    i=0;
-    openquote=openbracket=openparen=openangle=itsaword=PR_FALSE;
-    while (i<len) {
-	grouplen = 0;
-	if (buf[i] == '\"') { openquote = PR_TRUE; grouplen = 1; }
-	else if (buf[i] == '[') { openbracket = PR_TRUE; grouplen = 1; }
-	else if (buf[i] == '(') { openparen = PR_TRUE; grouplen = 1; }
-	else if (buf[i] == '<') { openangle = PR_TRUE; grouplen = 1; }
-	else itsaword = PR_TRUE;
-	while (grouplen < len && buf[i+grouplen] != '\0' &&
-	       ((openquote && buf[i+grouplen] != '\"') ||
-	        (openbracket && buf[i+grouplen] != ']') ||
-	        (openparen && buf[i+grouplen] != ')') ||
-	        (openangle && buf[i+grouplen] != '>') ||
-	        (itsaword && !isspace(buf[i+grouplen]))))
-	    grouplen++;
-	grouplen++; /* grab the terminator (whitespace for word) */
-	if (!itsaword && isspace(buf[i+grouplen])) grouplen++;
-	if (grouplen < ps->width - ps->linepos) {
-	    nprintbuf(ps, buf, i, grouplen);
-	} else if (grouplen < ps->width - ps->indent) {
-	    print_ps_indent(ps);
-	    nprintbuf(ps, buf, i, grouplen);
-	} else {
-	    /* it's just too darn long.  what to do? */
-	}
-	i += grouplen;
-	openquote=openbracket=openparen=openangle=itsaword=PR_FALSE;
-    }
-    va_end(args);
-}
-
-void 
-CMD_PrintUsageString(cmdPrintState *ps, char *str)
-{
-    nprintf(ps, "%s", str);
-}
-
-/* void because it exits with Usage() if failure */
-static void
-command_line_okay(cmdCommand *cmd, char *progName)
-{
-    int i, c = -1;
-    /* user asked for help.  hope somebody gives it to them. */
-    if (cmd->opt[0].on) return;
-    /* check that the command got all of its needed options */
-    for (i=0; i<cmd->ncmd; i++) {
-	if (cmd->cmd[i].on) {
-	    if (c > 0) {
-		fprintf(stderr, 
-		        "%s: only one command can be given at a time.\n",
-		        progName);
-		CMD_Usage(progName, cmd);
-	    } else {
-		c = i;
-	    }
-	}
-    }
-    if (cmd->cmd[c].argUse == CMDArgReq && cmd->cmd[c].arg == NULL) {
-	/* where's the arg when you need it... */
-	fprintf(stderr, "%s: command --%s requires an argument.\n",
-	                 progName, cmd->cmd[c].s);
-	fprintf(stderr, "type \"%s --%s --help\" for help.\n",
-	                 progName, cmd->cmd[c].s);
-	CMD_Usage(progName, cmd);
-    }
-    for (i=0; i<cmd->nopt; i++) {
-	if (cmd->cmd[c].req & CMDBIT(i)) {
-	    /* command requires this option */
-	    if (!cmd->opt[i].on) {
-		/* but it ain't there */
-		fprintf(stderr, "%s: command --%s requires option --%s.\n",
-		                 progName, cmd->cmd[c].s, cmd->opt[i].s);
-	    } else {
-		/* okay, its there, but does it have an arg? */
-		if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) {
-		    fprintf(stderr, "%s: option --%s requires an argument.\n",
-		                     progName, cmd->opt[i].s);
-		}
-	    }
-	} else if (cmd->cmd[c].opt & CMDBIT(i)) {
-	   /* this option is optional */
-	    if (cmd->opt[i].on) {
-		/* okay, its there, but does it have an arg? */
-		if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) {
-		    fprintf(stderr, "%s: option --%s requires an argument.\n",
-		                     progName, cmd->opt[i].s);
-		}
-	    }
-	} else {
-	   /* command knows nothing about it */
-	   if (cmd->opt[i].on) {
-		/* so why the h--- is it on? */
-		fprintf(stderr, "%s: option --%s not used with command --%s.\n",
-		                 progName, cmd->opt[i].s, cmd->cmd[c].s);
-	   }
-	}
-    }
-}
-
-static char *
-get_arg(char *curopt, char **nextopt, int argc, int *index)
-{
-    char *str;
-    if (curopt) {
-	str = curopt;
-    } else {
-	if (*index + 1 >= argc) return NULL;
-	/* not really an argument but another flag */
-	if (nextopt[*index+1][0] == '-') return NULL;
-	str = nextopt[++(*index)];
-    }
-    /* parse the option */
-    return strdup(str);
-}
-
-int
-CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd)
-{
-    int i, j, k;
-    int cmdToRun = -1;
-    char *flag;
-    i=1;
-    if (argc <= 1) return -2; /* gross hack for cmdless things like atob */
-    do {
-	flag = argv[i];
-	if (strlen(flag) < 2) /* huh? */
-	    return -1;
-	if (flag[0] != '-')
-	    return -1;
-	/* ignore everything after lone "--" (app-specific weirdness there) */
-	if (strcmp(flag, "--") == 0)
-	    return cmdToRun;
-	/* single hyphen means short alias (single-char) */
-	if (flag[1] != '-') {
-	    j=1;
-	    /* collect a set of opts, ex. -abc */
-	    while (flag[j] != '\0') {
-		PRBool found = PR_FALSE;
-		/* walk the command set looking for match */
-		for (k=0; k<cmd->ncmd; k++) {
-		    if (flag[j] == cmd->cmd[k].c) {
-			/* done - only take one command at a time */
-			if (j > 1) return -1;
-			cmd->cmd[k].on = found = PR_TRUE;
-			cmdToRun = k;
-			if (cmd->cmd[k].argUse != CMDNoArg)
-			    cmd->cmd[k].arg = get_arg(NULL, argv, argc, &i);
-			goto next_flag;
-		    }
-		}
-		/* wasn't found in commands, try options */
-		for (k=0; k<cmd->nopt; k++) {
-		    if (flag[j] == cmd->opt[k].c) {
-			/* collect this option and keep going */
-			cmd->opt[k].on = found = PR_TRUE;
-			if (flag[j+1] == '\0') {
-			    if (cmd->opt[k].argUse != CMDNoArg)
-				cmd->opt[k].arg = get_arg(NULL, argv, argc, &i);
-			    goto next_flag;
-			}
-		    }
-		}
-		j++;
-		if (!found) return -1;
-	    }
-	} else { /* long alias, ex. --list */
-	    char *fl = NULL, *arg = NULL;
-	    PRBool hyphened = PR_FALSE;
-	    fl = &flag[2];
-	    arg = strchr(fl, '=');
-	    if (arg) {
-		*arg++ = '\0';
-	    } else {
-		arg = strchr(fl, '-');
-		if (arg) {
-		    hyphened = PR_TRUE; /* watch this, see below */
-		    *arg++ = '\0';
-		}
-	    }
-	    for (k=0; k<cmd->ncmd; k++) {
-		if (strcmp(fl, cmd->cmd[k].s) == 0) {
-		    cmd->cmd[k].on = PR_TRUE;
-		    cmdToRun = k;
-		    if (cmd->cmd[k].argUse != CMDNoArg || hyphened) {
-			cmd->cmd[k].arg = get_arg(arg, argv, argc, &i);
-		    }
-		    if (arg) arg[-1] = '=';
-		    goto next_flag;
-		}
-	    }
-	    for (k=0; k<cmd->nopt; k++) {
-		if (strcmp(fl, cmd->opt[k].s) == 0) {
-		    cmd->opt[k].on = PR_TRUE;
-		    if (cmd->opt[k].argUse != CMDNoArg || hyphened) {
-			cmd->opt[k].arg = get_arg(arg, argv, argc, &i);
-		    }
-		    if (arg) arg[-1] = '=';
-		    goto next_flag;
-		}
-	    }
-	    return -1;
-	}
-next_flag:
-	i++;
-    } while (i < argc);
-    command_line_okay(cmd, progName);
-    return cmdToRun;
-}
-
-void
-CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback usage)
-{
-    int i, j;
-    PRBool oneCommand = PR_FALSE;
-    cmdPrintState ps;
-    init_print_ps(&ps, PR_STDERR, 80, 0);
-    nprintf(&ps, "\n%s:   ", progName);
-    /* prints app-specific header */
-    ps.indent = strlen(progName) + 4;
-    usage(&ps, 0, PR_FALSE, PR_TRUE, PR_FALSE);
-    for (i=0; i<cmd->ncmd; i++) if (cmd->cmd[i].on) oneCommand = PR_TRUE;
-    for (i=0; i<cmd->ncmd; i++) {
-	if ((oneCommand  && cmd->cmd[i].on) || !oneCommand) {
-	    ps.indent = 0;
-	    print_ps_indent(&ps);
-	    if (cmd->cmd[i].c != 0) {
-		nprintf(&ps, "-%c, ", cmd->cmd[i].c);
-		nprintf(&ps, "--%-16s ", cmd->cmd[i].s);
-	    } else {
-		nprintf(&ps, "--%-20s ", cmd->cmd[i].s);
-	    }
-	    ps.indent += 20;
-	    usage(&ps, i, PR_TRUE, PR_FALSE, PR_FALSE);
-	    for (j=0; j<cmd->nopt; j++) {
-		if (cmd->cmd[i].req & CMDBIT(j)) {
-		    ps.indent = 0;
-		    print_ps_indent(&ps);
-		    nprintf(&ps, "%3s* ", "");
-		    if (cmd->opt[j].c != 0) {
-			nprintf(&ps, "-%c, ", cmd->opt[j].c);
-			nprintf(&ps, "--%-16s  ", cmd->opt[j].s);
-		    } else {
-			nprintf(&ps, "--%-20s  ", cmd->opt[j].s);
-		    }
-		    ps.indent += 29;
-		    usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE);
-		}
-	    }
-	    for (j=0; j<cmd->nopt; j++) {
-		if (cmd->cmd[i].opt & CMDBIT(j)) {
-		    ps.indent = 0;
-		    print_ps_indent(&ps);
-		    nprintf(&ps, "%5s", "");
-		    if (cmd->opt[j].c != 0) {
-			nprintf(&ps, "-%c, ", cmd->opt[j].c);
-			nprintf(&ps, "--%-16s  ", cmd->opt[j].s);
-		    } else {
-			nprintf(&ps, "--%-20s  ", cmd->opt[j].s);
-		    }
-		    ps.indent += 29;
-		    usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE);
-		}
-	    }
-	}
-	nprintf(&ps, "\n");
-    }
-    ps.indent = 0;
-    nprintf(&ps, "\n* - required flag for command\n\n");
-    /* prints app-specific footer */
-    usage(&ps, 0, PR_FALSE, PR_FALSE, PR_TRUE);
-    /*nprintf(&ps, "\n\n");*/
-    exit(1);
-}
-
-void
-CMD_Usage(char *progName, cmdCommand *cmd)
-{
-    int i, j, inc;
-    PRBool first;
-    cmdPrintState ps;
-    init_print_ps(&ps, PR_STDERR, 80, 0);
-    nprintf(&ps, "%s", progName);
-    ps.indent = strlen(progName) + 1;
-    print_ps_to_indent(&ps);
-    for (i=0; i<cmd->ncmd; i++) {
-	if (cmd->cmd[i].c != 0) {
-	    nprintf(&ps, "-%c", cmd->cmd[i].c);
-	    inc = 4;
-	} else {
-	    nprintf(&ps, "--%s", cmd->cmd[i].s);
-	    inc = 4 + strlen(cmd->cmd[i].s);
-	}
-	first = PR_TRUE;
-	ps.indent += inc;
-	print_ps_to_indent(&ps);
-	for (j=0; j<cmd->nopt; j++) {
-	    if (cmd->cmd[i].req & CMDBIT(j)) {
-		if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) {
-		    if (first) {
-			nprintf(&ps, "-");
-			first = !first;
-		    }
-		    nprintf(&ps, "%c", cmd->opt[j].c);
-		}
-	    }
-	}
-	for (j=0; j<cmd->nopt; j++) {
-	    if (cmd->cmd[i].req & CMDBIT(j)) {
-		if (cmd->opt[j].c != 0)
-		    nprintf(&ps, "-%c ", cmd->opt[j].c);
-		else
-		    nprintf(&ps, "--%s ", cmd->opt[j].s);
-		if (cmd->opt[j].argUse != CMDNoArg)
-		    nprintf(&ps, "%s ", cmd->opt[j].s);
-	    }
-	}
-	first = PR_TRUE;
-	for (j=0; j<cmd->nopt; j++) {
-	    if (cmd->cmd[i].opt & CMDBIT(j)) {
-		if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) {
-		    if (first) {
-			nprintf(&ps, "[-");
-			first = !first;
-		    }
-		    nprintf(&ps, "%c", cmd->opt[j].c);
-		}
-	    }
-	}
-	if (!first) nprintf(&ps, "] ");
-	for (j=0; j<cmd->nopt; j++) {
-	    if (cmd->cmd[i].opt & CMDBIT(j) && 
-	         cmd->opt[j].argUse != CMDNoArg) {
-		if (cmd->opt[j].c != 0)
-		    nprintf(&ps, "[-%c %s] ", cmd->opt[j].c, cmd->opt[j].s);
-		else
-		    nprintf(&ps, "[--%s %s] ", cmd->opt[j].s, cmd->opt[j].s);
-	    }
-	}
-	ps.indent -= inc;
-	print_ps_indent(&ps);
-    }
-    ps.indent = 0;
-    nprintf(&ps, "\n");
-    exit(1);
-}
diff --git a/security/nss/cmd/cmdlib/cmdutil.h b/security/nss/cmd/cmdlib/cmdutil.h
deleted file mode 100644
index 69d3f2657..000000000
--- a/security/nss/cmd/cmdlib/cmdutil.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMDUTIL_H_
-#define _CMDUTIL_H_
-
-#include <stdio.h>
-#include "nspr.h"
-#include "nssbase.h"
-
-typedef int 
-(* CMD_PPFunc)(PRFileDesc *out, NSSItem *item, char *msg, int level);
-
-
-/*
- * Command Line Parsing routines
- *
- * The attempt here is to provide common functionality for command line
- * parsing across an array of tools.  The tools should obey the historical
- * rules of:
- *
- * (1) one command per line,
- * (2) the command should be uppercase,
- * (3) options should be lowercase,
- * (4) a short usage statement is presented in case of error,
- * (5) a long usage statement is given by -? or --help
- */
-
-/* To aid in formatting usage output.  XXX Uh, why exposed? */
-typedef struct cmdPrintStateStr cmdPrintState;
-
-typedef enum {
-    CMDArgReq = 0,
-    CMDArgOpt,
-    CMDNoArg
-} CMDArg;
-
-struct cmdCommandLineArgStr {
-    char     c;      /* one-character alias for flag    */
-    char    *s;      /* string alias for flag           */
-    CMDArg   argUse; /* flag takes an argument          */
-    char    *arg;    /* argument given for flag         */
-    PRBool   on;     /* flag was issued at command-line */
-    int      req;    /* required arguments for commands */
-    int      opt;    /* optional arguments for commands */
-};
-
-struct cmdCommandLineOptStr {
-    char     c;      /* one-character alias for flag    */
-    char    *s;      /* string alias for flag           */
-    CMDArg   argUse; /* flag takes an argument          */
-    char    *arg;    /* argument given for flag         */
-    PRBool   on;     /* flag was issued at command-line */
-};
-
-typedef struct cmdCommandLineArgStr cmdCommandLineArg;
-typedef struct cmdCommandLineOptStr cmdCommandLineOpt;
-
-struct cmdCommandStr {
-    int ncmd;
-    int nopt;
-    cmdCommandLineArg *cmd;
-    cmdCommandLineOpt *opt;
-};
-
-typedef struct cmdCommandStr cmdCommand;
-
-int 
-CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd);
-
-typedef void 
-(* cmdUsageCallback)(cmdPrintState *, int, PRBool, PRBool, PRBool);
-
-#define CMDBIT(n) (1<<n)
-
-void 
-CMD_Usage(char *progName, cmdCommand *cmd);
-
-void 
-CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback use);
-
-void 
-CMD_PrintUsageString(cmdPrintState *ps, char *str);
-
-#endif /* _CMDUTIL_H_ */
diff --git a/security/nss/cmd/cmdlib/config.mk b/security/nss/cmd/cmdlib/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/cmd/cmdlib/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/cmd/cmdlib/manifest.mn b/security/nss/cmd/cmdlib/manifest.mn
deleted file mode 100644
index c9811a142..000000000
--- a/security/nss/cmd/cmdlib/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH	= ../../..
-
-LIBRARY_NAME	= cmdutil
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE		= seccmd
-
-DEFINES		= -DNSPR20
-
-EXPORTS		= cmdutil.h \
-		  $(NULL)
-
-CSRCS		= cmdline.c \
-		$(NULL)
-
-REQUIRES	= security nspr dbm
-
diff --git a/security/nss/cmd/crlutil/Makefile b/security/nss/cmd/crlutil/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/crlutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c
deleted file mode 100644
index 5ccddf446..000000000
--- a/security/nss/cmd/crlutil/crlutil.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** certutil.c
-**
-** utility for managing certificates and the cert database
-**
-*/
-/* test only */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#define SEC_CERT_DB_EXISTS 0
-#define SEC_CREATE_CERT_DB 1
-
-static char *progName;
-
-static CERTSignedCrl *FindCRL
-   (CERTCertDBHandle *certHandle, char *name, int type)
-{
-    CERTSignedCrl *crl = NULL;    
-    CERTCertificate *cert = NULL;
-
-
-    cert = CERT_FindCertByNickname(certHandle, name);
-    if (!cert) {
-	SECU_PrintError(progName, "could not find certificate named %s", name);
-	return ((CERTSignedCrl *)NULL);
-    }
-	
-    crl = SEC_FindCrlByName(certHandle, &cert->derSubject, type);
-    if (crl ==NULL) 
-	SECU_PrintError
-		(progName, "could not find %s's CRL", name);
-    CERT_DestroyCertificate (cert);
-    return (crl);
-}
-
-static void DisplayCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType)
-{
-    CERTCertificate *cert = NULL;
-    CERTSignedCrl *crl = NULL;
-
-    crl = FindCRL (certHandle, nickName, crlType);
-	
-    if (crl) {
-	SECU_PrintCRLInfo (stdout, &crl->crl, "CRL Info:\n", 0);
-	SEC_DestroyCrl (crl);
-    }
-}
-
-static void ListCRLNames (CERTCertDBHandle *certHandle, int crlType)
-{
-    CERTCrlHeadNode *crlList = NULL;
-    CERTCrlNode *crlNode = NULL;
-    CERTName *name = NULL;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    void *mark;
-
-    do {
-	arena = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
-	if (arena == NULL) {
-	    fprintf(stderr, "%s: fail to allocate memory\n", progName);
-	    break;
-	}
-	
-	name = PORT_ArenaZAlloc (arena, sizeof(*name));
-	if (name == NULL) {
-	    fprintf(stderr, "%s: fail to allocate memory\n", progName);
-	    break;
-	}
-	name->arena = arena;
-	    
-	rv = SEC_LookupCrls (certHandle, &crlList, crlType);
-	if (rv != SECSuccess) {
-	    fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName,
-	    SECU_Strerror(PORT_GetError()));
-	    break;
-	}
-	
-	/* just in case */
-	if (!crlList)
-	    break;
-
-	crlNode  = crlList->first;
-
-        fprintf (stdout, "\n");
-	fprintf (stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type");
-	while (crlNode) {
-	   name = &crlNode->crl->crl.name;
-	   if (!name){
-		fprintf(stderr, "%s: fail to get the CRL issuer name (%s)\n", progName,
-		SECU_Strerror(PORT_GetError()));
-		break;
-	    }
-		
-	    fprintf (stdout, "\n%-40s %-5s\n", CERT_NameToAscii(name), "CRL");
-	    crlNode = crlNode->next;
-	} 
-	
-    } while (0);
-    if (crlList)
-	PORT_FreeArena (crlList->arena, PR_FALSE);
-    PORT_FreeArena (arena, PR_FALSE);
-}
-
-static void ListCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType)
-{
-    if (nickName == NULL)
-	ListCRLNames (certHandle, crlType);
-    else
-	DisplayCRL (certHandle, nickName, crlType);
-}
-
-
-
-static SECStatus DeleteCRL (CERTCertDBHandle *certHandle, char *name, int type)
-{
-    CERTSignedCrl *crl = NULL;    
-    SECStatus rv = SECFailure;
-
-    crl = FindCRL (certHandle, name, type);
-    if (!crl) {
-	SECU_PrintError
-		(progName, "could not find the issuer %s's CRL", name);
-	return SECFailure;
-    }
-    rv = SEC_DeletePermCRL (crl);
-    if (rv != SECSuccess) {
-	SECU_PrintError
-		(progName, "fail to delete the issuer %s's CRL from the perm dbase (reason: %s)",
-		 name, SECU_Strerror(PORT_GetError()));
-	return SECFailure;
-    }
-    return (rv);
-}
-
-SECStatus ImportCRL (CERTCertDBHandle *certHandle, char *url, int type, 
-                     PRFileDesc *inFile)
-{
-    CERTCertificate *cert = NULL;
-    CERTSignedCrl *crl = NULL;
-    SECItem crlDER;
-    int rv;
-
-    crlDER.data = NULL;
-
-
-    /* Read in the entire file specified with the -f argument */
-	rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "unable to read input file");
-	return (SECFailure);
-    }
-    
-    crl = CERT_ImportCRL (certHandle, &crlDER, url, type, NULL);
-    if (!crl) {
-	const char *errString;
-
-	errString = SECU_Strerror(PORT_GetError());
-	if ( errString && PORT_Strlen (errString) == 0)
-	    SECU_PrintError
-		    (progName, "CRL is not import (error: input CRL is not up to date.)");
-	else    
-	    SECU_PrintError
-		    (progName, "unable to import CRL");
-    }
-    PORT_Free (crlDER.data);
-    SEC_DestroyCrl (crl);
-    return (rv);
-}
-	    
-
-static void Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s -L [-n nickname[ [-d keydir] [-t crlType]\n"
-	    "        %s -D -n nickname [-d keydir]\n"
-	    "        %s -I -i crl -t crlType [-u url] [-d keydir]\n",
-	    progName, progName, progName);
-
-    fprintf (stderr, "%-15s List CRL\n", "-L");
-    fprintf(stderr, "%-20s Specify the nickname of the CA certificate\n",
-	    "-n nickname");
-    fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
-	    "-d keydir");
-   
-    fprintf (stderr, "%-15s Delete a CRL from the cert dbase\n", "-D");    
-    fprintf(stderr, "%-20s Specify the nickname for the CA certificate\n",
-	    "-n nickname");
-    fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
-
-    fprintf (stderr, "%-15s Import a CRL to the cert dbase\n", "-I");    
-    fprintf(stderr, "%-20s Specify the file which contains the CRL to import\n",
-	    "-i crl");
-    fprintf(stderr, "%-20s Specify the url.\n", "-u url");
-    fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
-
-    fprintf(stderr, "%-20s CRL Types (default is SEC_CRL_TYPE):\n", " ");
-    fprintf(stderr, "%-20s \t 0 - SEC_KRL_TYPE\n", " ");
-    fprintf(stderr, "%-20s \t 1 - SEC_CRL_TYPE\n", " ");        
-
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    SECItem privKeyDER;
-    CERTCertDBHandle *certHandle;
-    FILE *certFile;
-    PRFileDesc *inFile;
-    int listCRL;
-    int importCRL;
-    int opt;
-    int deleteCRL;
-    int rv;
-    char *nickName;
-    char *url;
-    int crlType;
-    PLOptState *optstate;
-    PLOptStatus status;
-    SECStatus secstatus;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = 0;
-    deleteCRL = importCRL = listCRL = 0;
-    certFile = NULL;
-    inFile = NULL;
-    nickName = url = NULL;
-    privKeyDER.data = NULL;
-    certHandle = NULL;
-    crlType = SEC_CRL_TYPE;
-    /*
-     * Parse command line arguments
-     */
-    optstate = PL_CreateOptState(argc, argv, "IALd:i:Dn:Ct:u:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'C':
-	      listCRL = 1;
-	      break;
-
-	  case 'D':
-	      deleteCRL = 1;
-	      break;
-
-	  case 'I':
-	      importCRL = 1;
-	      break;
-	           
-	  case 'L':
-	      listCRL = 1;
-	      break;
-	           
-	  case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-	  case 'i':
-	    inFile = PR_Open(optstate->value, PR_RDONLY, 0);
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-	    
-	  case 'n':
-	    nickName = strdup(optstate->value);
-	    break;
-	    
-	  case 'u':
-	    url = strdup(optstate->value);
-	    break;
-
-	  case 't': {
-	    char *type;
-	    
-	    type = strdup(optstate->value);
-	    crlType = atoi (type);
-	    if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) {
-		fprintf(stderr, "%s: invalid crl type\n", progName);
-		return -1;
-	    }
-	    break;
-          }
-	}
-    }
-
-    if (deleteCRL && !nickName) Usage (progName);
-    if (!(listCRL || deleteCRL || importCRL)) Usage (progName);
-    if (importCRL && !inFile) Usage (progName);
-    
-    PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    secstatus = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
-    if (secstatus != SECSuccess) {
-	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-
-    certHandle = CERT_GetDefaultCertDB();
-    if (certHandle == NULL) {
-	SECU_PrintError(progName, "unable to open the cert db");	    	
-	return (-1);
-    }
-
-    /* Read in the private key info */
-    if (deleteCRL) 
-	DeleteCRL (certHandle, nickName, crlType);
-    else if (listCRL)
-	ListCRL (certHandle, nickName, crlType);
-    else if (importCRL) 
-	rv = ImportCRL (certHandle, url, crlType, inFile);
-    
-    return (rv);
-}
diff --git a/security/nss/cmd/crlutil/makefile.win b/security/nss/cmd/crlutil/makefile.win
deleted file mode 100644
index 1f1b627ff..000000000
--- a/security/nss/cmd/crlutil/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = crlutil
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/crlutil/manifest.mn b/security/nss/cmd/crlutil/manifest.mn
deleted file mode 100644
index 72fafb24a..000000000
--- a/security/nss/cmd/crlutil/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = crlutil.c
-
-# this has to be different for NT and UNIX.
-# PROGRAM	= ./$(OBJDIR)/crlutil.exe
-PROGRAM	= crlutil
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/crmf-cgi/Makefile b/security/nss/cmd/crmf-cgi/Makefile
deleted file mode 100644
index 23cb6f6b5..000000000
--- a/security/nss/cmd/crmf-cgi/Makefile
+++ /dev/null
@@ -1,81 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(DIST)/lib/crmf.lib
-else
-EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX) 
-endif
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/crmf-cgi/config.mk b/security/nss/cmd/crmf-cgi/config.mk
deleted file mode 100644
index bcbaa2804..000000000
--- a/security/nss/cmd/crmf-cgi/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY        =
-
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.c b/security/nss/cmd/crmf-cgi/crmfcgi.c
deleted file mode 100644
index 72199cfd5..000000000
--- a/security/nss/cmd/crmf-cgi/crmfcgi.c
+++ /dev/null
@@ -1,1124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#include "nss.h"
-#include "key.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "secmod.h"
-#include "cmmf.h"
-#include "crmf.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "cryptohi.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#define DEFAULT_ALLOC_SIZE 200
-#define DEFAULT_CGI_VARS   20
-
-typedef struct CGIVariableStr {
-  char *name;
-  char *value;
-} CGIVariable;
-
-typedef struct CGIVarTableStr {
-  CGIVariable **variables;
-  int           numVars;
-  int           numAlloc; 
-} CGIVarTable;
-
-typedef struct CertResponseInfoStr {
-  CERTCertificate *cert;
-  long             certReqID;
-} CertResponseInfo;
-
-typedef struct ChallengeCreationInfoStr {
-  long             random;
-  SECKEYPublicKey *pubKey;
-} ChallengeCreationInfo;
-
-char *missingVar = NULL;
-
-/*
- * Error values.
- */
-typedef enum {
-  NO_ERROR = 0,
-  NSS_INIT_FAILED,
-  AUTH_FAILED,
-  REQ_CGI_VAR_NOT_PRESENT,
-  CRMF_REQ_NOT_PRESENT,
-  BAD_ASCII_FOR_REQ,
-  CGI_VAR_MISSING,
-  COULD_NOT_FIND_CA,
-  COULD_NOT_DECODE_REQS,
-  OUT_OF_MEMORY,
-  ERROR_RETRIEVING_REQUEST_MSG,
-  ERROR_RETRIEVING_CERT_REQUEST,
-  ERROR_RETRIEVING_SUBJECT_FROM_REQ,
-  ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ,
-  ERROR_CREATING_NEW_CERTIFICATE,
-  COULD_NOT_START_EXTENSIONS,
-  ERROR_RETRIEVING_EXT_FROM_REQ,
-  ERROR_ADDING_EXT_TO_CERT,
-  ERROR_ENDING_EXTENSIONS,
-  COULD_NOT_FIND_ISSUER_PRIVATE_KEY,
-  UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER,
-  ERROR_SETTING_SIGN_ALG,
-  ERROR_ENCODING_NEW_CERT,
-  ERROR_SIGNING_NEW_CERT,
-  ERROR_CREATING_CERT_REP_CONTENT,
-  ERROR_CREATING_SINGLE_CERT_RESPONSE,
-  ERROR_SETTING_CERT_RESPONSES,
-  ERROR_CREATING_CA_LIST,
-  ERROR_ADDING_ISSUER_TO_CA_LIST,
-  ERROR_ENCODING_CERT_REP_CONTENT,
-  NO_POP_FOR_REQUEST,
-  UNSUPPORTED_POP,
-  ERROR_RETRIEVING_POP_SIGN_KEY,
-  ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY,
-  ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY,
-  DO_CHALLENGE_RESPONSE,
-  ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT,
-  ERROR_ENCODING_CERT_REQ_FOR_POP,
-  ERROR_VERIFYING_SIGNATURE_POP,
-  ERROR_RETRIEVING_PUB_KEY_FOR_CHALL,
-  ERROR_CREATING_EMPTY_CHAL_CONTENT,
-  ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER,
-  ERROR_SETTING_CHALLENGE,
-  ERROR_ENCODING_CHALL,
-  ERROR_CONVERTING_CHALL_TO_BASE64,
-  ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN,
-  ERROR_CREATING_KEY_RESP_FROM_DER,
-  ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE,
-  ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED,
-  ERROR_GETTING_KEY_ENCIPHERMENT,
-  ERROR_NO_POP_FOR_PRIVKEY,
-  ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE
-} ErrorCode;
-
-const char *
-CGITableFindValue(CGIVarTable *varTable, const char *key);
-
-void
-spitOutHeaders(void)
-{
-  printf("Content-type: text/html\n\n");
-}
-
-void
-dumpRequest(CGIVarTable *varTable)
-{
-  int i;
-  CGIVariable *var;
-
-  printf ("<table border=1 cellpadding=1 cellspacing=1 width=\"100%%\">\n");
-  printf ("<tr><td><b><center>Variable Name<center></b></td>"
-          "<td><b><center>Value</center></b></td></tr>\n");
-  for (i=0; i<varTable->numVars; i++) {
-    var = varTable->variables[i];
-    printf ("<tr><td><pre>%s</pre></td><td><pre>%s</pre></td></tr>\n", 
-             var->name, var->value);
-  }
-  printf("</table>\n");
-}
-
-void
-echo_request(CGIVarTable *varTable)
-{
-  spitOutHeaders();
-  printf("<html><head><title>CGI Echo Page</title></head>\n"
-	 "<body><h1>Got the following request</h1>\n");
-  dumpRequest(varTable);
-  printf("</body></html>");
-}
-
-void
-processVariable(CGIVariable *var)
-{
-  char *plusSign, *percentSign;
-
-  /*First look for all of the '+' and convert them to spaces */
-  plusSign = var->value;
-  while ((plusSign=strchr(plusSign, '+')) != NULL) {
-    *plusSign = ' ';
-  }
-  percentSign = var->value;
-  while ((percentSign=strchr(percentSign, '%')) != NULL) {
-    char string[3];
-    int  value;
-
-    string[0] = percentSign[1];
-    string[1] = percentSign[2];
-    string[2] = '\0';
-
-    sscanf(string,"%x", &value);
-    *percentSign = (char)value;
-    memmove(&percentSign[1], &percentSign[3], 1+strlen(&percentSign[3]));
-  }
-}
-
-char *
-parseNextVariable(CGIVarTable *varTable, char *form_output)
-{
-  char *ampersand, *equal;
-  CGIVariable *var;
-
-  if (varTable->numVars == varTable->numAlloc) {
-    CGIVariable **newArr = realloc(varTable->variables, 
-                                   (varTable->numAlloc + DEFAULT_CGI_VARS)*sizeof(CGIVariable*));
-    if (newArr == NULL) {
-      return NULL;
-    }
-    varTable->variables = newArr;
-    varTable->numAlloc += DEFAULT_CGI_VARS;
-  }
-  equal     = strchr(form_output, '=');
-  if (equal == NULL) {
-    return NULL;
-  }
-  ampersand = strchr(equal, '&');
-  if (ampersand == NULL) {
-    return NULL;
-  }
-  equal[0] = '\0';
-  if (ampersand != NULL) {
-    ampersand[0] = '\0';
-  }
-  var = malloc(sizeof(CGIVariable));
-  var->name = form_output; 
-  var->value = &equal[1];
-  varTable->variables[varTable->numVars] = var;
-  varTable->numVars++;
-  processVariable(var);
-  return (ampersand != NULL) ? &ampersand[1] : NULL;
-}
-
-void
-ParseInputVariables(CGIVarTable *varTable, char *form_output)
-{
-  varTable->variables = malloc(sizeof(CGIVariable*)*DEFAULT_CGI_VARS);
-  varTable->numVars = 0;
-  varTable->numAlloc = DEFAULT_CGI_VARS;
-  while (form_output && form_output[0] != '\0') {
-    form_output = parseNextVariable(varTable, form_output);
-  }
-}
-
-const char *
-CGITableFindValue(CGIVarTable *varTable, const char *key)
-{
-  const char *retVal = NULL;
-  int i;
-
-  for (i=0; i<varTable->numVars; i++) {
-    if (strcmp(varTable->variables[i]->name, key) == 0) {
-      retVal = varTable->variables[i]->value;
-      break;
-    } 
-  }
-  return retVal;
-}
-
-char*
-passwordCallback(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-  const char *passwd;
-  if (retry) {
-    return NULL;
-  }
-  passwd = CGITableFindValue((CGIVarTable*)arg, "dbPassword");
-  if (passwd == NULL) {
-    return NULL;
-  }
-  return PORT_Strdup(passwd);
-}
-
-ErrorCode
-initNSS(CGIVarTable *varTable)
-{
-  const char *nssDir;
-  PK11SlotInfo *keySlot;
-  SECStatus rv;
-
-  nssDir = CGITableFindValue(varTable,"NSSDirectory");
-  if (nssDir == NULL) {
-    missingVar = "NSSDirectory";
-    return REQ_CGI_VAR_NOT_PRESENT;
-  }
-  rv = NSS_Init(nssDir);
-  if (rv != SECSuccess) {
-    return NSS_INIT_FAILED;
-  }
-  PK11_SetPasswordFunc(passwordCallback);
-  keySlot = PK11_GetInternalKeySlot();
-  rv = PK11_Authenticate(keySlot, PR_FALSE, varTable);
-  PK11_FreeSlot(keySlot);
-  if (rv != SECSuccess) {
-    return AUTH_FAILED;
-  }
-  return NO_ERROR;
-}
-
-void
-dumpErrorMessage(ErrorCode errNum)
-{
-  spitOutHeaders();
-  printf("<html><head><title>Error</title></head><body><h1>Error processing "
-	 "data</h1> Received the error %d<p>", errNum);
-  if (errNum  ==   REQ_CGI_VAR_NOT_PRESENT) {
-    printf ("The missing variable is %s.", missingVar);
-  }
-  printf ("<i>More useful information here in the future.</i></body></html>");
-}
-
-ErrorCode
-initOldCertReq(CERTCertificateRequest *oldCertReq,
-	       CERTName *subject, CERTSubjectPublicKeyInfo *spki)
-{
-  PRArenaPool *poolp;
-
-  poolp = oldCertReq->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-  SEC_ASN1EncodeInteger(poolp, &oldCertReq->version, 
-			SEC_CERTIFICATE_VERSION_3);
-  CERT_CopyName(poolp, &oldCertReq->subject, subject);
-  SECKEY_CopySubjectPublicKeyInfo(poolp, &oldCertReq->subjectPublicKeyInfo,
-				  spki);
-  oldCertReq->attributes = NULL;
-  return NO_ERROR;
-}
-
-ErrorCode
-addExtensions(CERTCertificate *newCert, CRMFCertRequest *certReq)
-{
-  int numExtensions, i;
-  void *extHandle;
-  ErrorCode rv = NO_ERROR;
-  CRMFCertExtension *ext;
-  SECStatus srv;
-
-  numExtensions = CRMF_CertRequestGetNumberOfExtensions(certReq);
-  if (numExtensions == 0) {
-    /* No extensions to add */
-    return NO_ERROR;
-  }
-  extHandle = CERT_StartCertExtensions(newCert);
-  if (extHandle == NULL) {
-    rv = COULD_NOT_START_EXTENSIONS;
-    goto loser;
-  }
-  for (i=0; i<numExtensions; i++) {
-    ext = CRMF_CertRequestGetExtensionAtIndex(certReq, i);
-    if (ext == NULL) {
-      rv = ERROR_RETRIEVING_EXT_FROM_REQ;
-    }
-    srv = CERT_AddExtension(extHandle, CRMF_CertExtensionGetOidTag(ext),
-			    CRMF_CertExtensionGetValue(ext),
-			    CRMF_CertExtensionGetIsCritical(ext), PR_FALSE);
-    if (srv != SECSuccess) {
-      rv = ERROR_ADDING_EXT_TO_CERT;
-    }
-  }
-  srv = CERT_FinishExtensions(extHandle);
-  if (srv != SECSuccess) {
-    rv = ERROR_ENDING_EXTENSIONS;
-    goto loser;
-  }
-  return NO_ERROR;
- loser:
-  return rv;
-}
-
-void
-writeOutItem(const char *filePath, SECItem *der)
-{
-  PRFileDesc *outfile;
-
-  outfile = PR_Open (filePath,
-		     PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
-		     0666);
-  PR_Write(outfile, der->data, der->len);
-  PR_Close(outfile);
-
-}
-
-ErrorCode
-createNewCert(CERTCertificate**issuedCert,CERTCertificateRequest *oldCertReq,
-	      CRMFCertReqMsg *currReq, CRMFCertRequest *certReq, 
-	      CERTCertificate *issuerCert, CGIVarTable *varTable)
-{
-  CERTCertificate *newCert = NULL;
-  CERTValidity *validity;
-  PRExplodedTime printableTime;
-  PRTime now, after;
-  ErrorCode rv=NO_ERROR;
-  SECKEYPrivateKey *issuerPrivKey;
-  SECItem derCert = { 0 };
-  SECOidTag signTag;
-  SECStatus srv;
-  long version;
-
-  now = PR_Now();
-  PR_ExplodeTime(now, PR_GMTParameters, &printableTime);
-  printableTime.tm_month += 9;
-  after = PR_ImplodeTime(&printableTime);
-  validity = CERT_CreateValidity(now, after);
-  newCert = *issuedCert = 
-    CERT_CreateCertificate(rand(), &(issuerCert->subject), validity, 
-			   oldCertReq);
-  if (newCert == NULL) {
-    rv = ERROR_CREATING_NEW_CERTIFICATE;
-    goto loser;
-  }
-  rv = addExtensions(newCert, certReq);
-  if (rv != NO_ERROR) {
-    goto loser;
-  }
-  issuerPrivKey = PK11_FindKeyByAnyCert(issuerCert, varTable);
-  if (issuerPrivKey == NULL) {
-    rv = COULD_NOT_FIND_ISSUER_PRIVATE_KEY;
-  }
-  switch(issuerPrivKey->keyType) {
-  case rsaKey:
-    signTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-    break;
-  case dsaKey:
-    signTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-    break;
-  default:
-    rv = UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER;
-    goto loser;
-  }
-  srv = SECOID_SetAlgorithmID(newCert->arena, &newCert->signature, 
-			      signTag, 0);
-  if (srv != SECSuccess) {
-    rv = ERROR_SETTING_SIGN_ALG;
-    goto loser;
-  }
-  srv = CRMF_CertRequestGetCertTemplateVersion(certReq, &version);
-  if (srv != SECSuccess) {
-    /* No version included in the request */
-    *(newCert->version.data) = SEC_CERTIFICATE_VERSION_3;
-  } else {
-    SECITEM_FreeItem(&newCert->version, PR_FALSE);
-    SEC_ASN1EncodeInteger(newCert->arena, &newCert->version, version);
-  }
-  SEC_ASN1EncodeItem(newCert->arena, &derCert, newCert, 
-		     CERT_CertificateTemplate);
-  if (derCert.data == NULL) {
-    rv = ERROR_ENCODING_NEW_CERT;
-    goto loser;
-  }
-  srv = SEC_DerSignData(newCert->arena, &(newCert->derCert), derCert.data,
-			derCert.len, issuerPrivKey, signTag);
-  if (srv != SECSuccess) {
-    rv = ERROR_SIGNING_NEW_CERT;
-    goto loser;
-  }
-#ifdef WRITE_OUT_RESPONSE
-  writeOutItem("newcert.der", &newCert->derCert);
-#endif
-  return NO_ERROR;
- loser:
-  *issuedCert = NULL;
-  if (newCert) {
-    CERT_DestroyCertificate(newCert);
-  }
-  return rv;
-		     
-}
-
-void
-formatCMMFResponse(char *nickname, char *base64Response)
-{
-  char *currLine, *nextLine;
-
-  printf("var retVal = crypto.importUserCertificates(\"%s\",\n", nickname);
-  currLine = base64Response;
-  while (1) {
-    nextLine = strchr(currLine, '\n');
-    if (nextLine == NULL) {
-      /* print out the last line here. */
-      printf ("\"%s\",\n", currLine);
-      break;
-    }
-    nextLine[0] = '\0';
-    printf("\"%s\\n\"+\n", currLine);
-    currLine = nextLine+1;
-  }
-  printf("true);\n"
-	 "if(retVal == '') {\n"
-	 "\tdocument.write(\"<h1>New Certificate Succesfully Imported.</h1>\");\n"
-	 "} else {\n"
-	 "\tdocument.write(\"<h2>Unable to import New Certificate</h2>\");\n"
-	 "\tdocument.write(\"crypto.importUserCertificates returned <b>\");\n"
-	 "\tdocument.write(retVal);\n"
-	 "\tdocument.write(\"</b>\");\n"
-	 "}\n");
-}
-
-void
-spitOutCMMFResponse(char *nickname, char *base64Response)
-{
-  spitOutHeaders();
-  printf("<html>\n<head>\n<title>CMMF Resonse Page</title>\n</head>\n\n"
-	 "<body><h1>CMMF Response Page</h1>\n"
-	 "<script language=\"JavaScript\">\n"
-	 "<!--\n");
-  formatCMMFResponse(nickname, base64Response);
-  printf("// -->\n"
-	 "</script>\n</body>\n</html>");
-}
-
-char*
-getNickname(CERTCertificate *cert)
-{
-  char *nickname;
-
-  if (cert->nickname != NULL) {
-    return cert->nickname;
-  }
-  nickname = CERT_GetCommonName(&cert->subject);
-  if (nickname != NULL) {
-    return nickname;
-  }
-  return CERT_NameToAscii(&cert->subject);
-}
-
-ErrorCode
-createCMMFResponse(CertResponseInfo *issuedCerts, int numCerts, 
-		   CERTCertificate *issuerCert, char **base64der)
-{
- CMMFCertRepContent *certRepContent=NULL;
-  ErrorCode rv = NO_ERROR;
-  CMMFCertResponse **responses, *currResponse;
-  CERTCertList *caList;
-  int i;
-  SECStatus srv;
-  PRArenaPool *poolp;
-  SECItem *der;
-
-  certRepContent = CMMF_CreateCertRepContent();
-  if (certRepContent == NULL) {
-    rv = ERROR_CREATING_CERT_REP_CONTENT;
-    goto loser;
-  }
-  responses = PORT_NewArray(CMMFCertResponse*, numCerts);
-  if (responses == NULL) {
-    rv = OUT_OF_MEMORY;
-    goto loser;
-  }
-  for (i=0; i<numCerts;i++) {
-    responses[i] = currResponse = 
-      CMMF_CreateCertResponse(issuedCerts[i].certReqID);
-    if (currResponse == NULL) {
-      rv = ERROR_CREATING_SINGLE_CERT_RESPONSE;
-      goto loser;
-    }
-    CMMF_CertResponseSetPKIStatusInfoStatus(currResponse, cmmfGranted);
-    CMMF_CertResponseSetCertificate(currResponse, issuedCerts[i].cert);
-  }
-  srv = CMMF_CertRepContentSetCertResponses(certRepContent, responses,
-					    numCerts);
-  if (srv != SECSuccess) {
-    rv = ERROR_SETTING_CERT_RESPONSES;
-    goto loser;
-  }
-  caList = CERT_NewCertList();
-  if (caList == NULL) {
-    rv = ERROR_CREATING_CA_LIST;
-    goto loser;
-  }
-  srv = CERT_AddCertToListTail(caList, issuerCert);
-  if (srv != SECSuccess) {
-    rv = ERROR_ADDING_ISSUER_TO_CA_LIST;
-    goto loser;
-  }
-  srv = CMMF_CertRepContentSetCAPubs(certRepContent, caList);
-  CERT_DestroyCertList(caList);
-  poolp = PORT_NewArena(1024);
-  der = SEC_ASN1EncodeItem(poolp, NULL, certRepContent, 
-			   CMMFCertRepContentTemplate);
-  if (der == NULL) {
-    rv = ERROR_ENCODING_CERT_REP_CONTENT;
-    goto loser;
-  }
-#ifdef WRITE_OUT_RESPONSE
-  writeOutItem("CertRepContent.der", der);
-#endif
-  *base64der = BTOA_DataToAscii(der->data, der->len);
-  return NO_ERROR;
- loser:
-  return rv;
-}
-
-ErrorCode
-issueCerts(CertResponseInfo *issuedCerts, int numCerts, 
-	   CERTCertificate *issuerCert)
-{
-  ErrorCode rv;
-  char *base64Response;
-
-  rv = createCMMFResponse(issuedCerts, numCerts, issuerCert, &base64Response);
-  if (rv != NO_ERROR) {
-    goto loser;
-  }
-  spitOutCMMFResponse(getNickname(issuedCerts[0].cert),base64Response);
-  return NO_ERROR;
- loser:
-  return rv;
-}
-
-ErrorCode
-verifySignature(CGIVarTable *varTable, CRMFCertReqMsg *currReq, 
-		CRMFCertRequest *certReq, CERTCertificate *newCert)
-{
-  SECStatus srv;
-  ErrorCode rv = NO_ERROR;
-  CRMFPOPOSigningKey *signKey   = NULL;
-  SECAlgorithmID     *algID     = NULL;
-  SECItem            *signature = NULL;
-  SECKEYPublicKey    *pubKey    = NULL;
-  SECItem            *reqDER    = NULL;
-
-  srv = CRMF_CertReqMsgGetPOPOSigningKey(currReq, &signKey);
-  if (srv != SECSuccess || signKey == NULL) {
-    rv = ERROR_RETRIEVING_POP_SIGN_KEY;
-    goto loser;
-  }
-  algID = CRMF_POPOSigningKeyGetAlgID(signKey);
-  if (algID == NULL) {
-    rv = ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY;
-    goto loser;
-  }
-  signature = CRMF_POPOSigningKeyGetSignature(signKey);
-  if (signature == NULL) {
-    rv = ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY;
-    goto loser;
-  }
-  /* Make the length the number of bytes instead of bits */
-  signature->len = (signature->len+7)/8;
-  pubKey = CERT_ExtractPublicKey(newCert);
-  if (pubKey == NULL) {
-    rv = ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT;
-    goto loser;
-  }
-  reqDER = SEC_ASN1EncodeItem(NULL, NULL, certReq, CRMFCertRequestTemplate);
-  if (reqDER == NULL) {
-    rv = ERROR_ENCODING_CERT_REQ_FOR_POP;
-    goto loser;
-  }
-  srv = VFY_VerifyData(reqDER->data, reqDER->len, pubKey, signature,
-		       SECOID_FindOIDTag(&algID->algorithm), varTable);
-  if (srv != SECSuccess) {
-    rv = ERROR_VERIFYING_SIGNATURE_POP;
-    goto loser;
-  }
-  /* Fall thru in successfull case. */
- loser:
-  if (pubKey != NULL) {
-    SECKEY_DestroyPublicKey(pubKey);
-  }
-  if (reqDER != NULL) {
-    SECITEM_FreeItem(reqDER, PR_TRUE);
-  }
-  if (signature != NULL) {
-    SECITEM_FreeItem(signature, PR_TRUE);
-  }
-  if (algID != NULL) {
-    SECOID_DestroyAlgorithmID(algID, PR_TRUE);
-  }
-  if (signKey != NULL) {
-    CRMF_DestroyPOPOSigningKey(signKey);
-  }  
-  return rv;
-}
-
-ErrorCode
-doChallengeResponse(CGIVarTable *varTable, CRMFCertReqMsg *currReq, 
-		    CRMFCertRequest *certReq, CERTCertificate *newCert,
-		    ChallengeCreationInfo *challs, int *numChall)
-{
-  CRMFPOPOPrivKey *privKey = NULL;
-  CRMFPOPOPrivKeyChoice privKeyChoice;
-  SECStatus srv;
-  ErrorCode rv = NO_ERROR;
- 
-  srv = CRMF_CertReqMsgGetPOPKeyEncipherment(currReq, &privKey);
-  if (srv != SECSuccess || privKey == NULL) {
-    rv = ERROR_GETTING_KEY_ENCIPHERMENT;
-    goto loser;
-  } 
-  privKeyChoice = CRMF_POPOPrivKeyGetChoice(privKey);
-  CRMF_DestroyPOPOPrivKey(privKey);
-  switch (privKeyChoice) {
-  case crmfSubsequentMessage:
-    challs = &challs[*numChall];
-    challs->random = rand();
-    challs->pubKey = CERT_ExtractPublicKey(newCert);
-    if (challs->pubKey == NULL) {
-      rv = ERROR_RETRIEVING_PUB_KEY_FOR_CHALL;
-      goto loser;
-    }
-    (*numChall)++;
-    rv = DO_CHALLENGE_RESPONSE;
-    break;
-  case crmfThisMessage:
-    /* There'd better be a PKIArchiveControl in this message */
-    if (!CRMF_CertRequestIsControlPresent(certReq, 
-					  crmfPKIArchiveOptionsControl)) {
-      rv = ERROR_NO_POP_FOR_PRIVKEY;
-      goto loser;
-    }
-    break;
-  default:
-    rv = ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE;
-    goto loser;
-  }
-loser:
-  return rv;
-}
-
-ErrorCode
-doProofOfPossession(CGIVarTable *varTable, CRMFCertReqMsg *currReq, 
-		    CRMFCertRequest *certReq, CERTCertificate *newCert,
-		    ChallengeCreationInfo *challs, int *numChall)
-{
-  CRMFPOPChoice popChoice;
-  ErrorCode rv = NO_ERROR;
-
-  popChoice = CRMF_CertReqMsgGetPOPType(currReq);
-  if (popChoice == crmfNoPOPChoice) {
-    rv = NO_POP_FOR_REQUEST;
-    goto loser;
-  }
-  switch (popChoice) {
-  case crmfSignature:
-    rv = verifySignature(varTable, currReq, certReq, newCert);
-    break;
-  case crmfKeyEncipherment:
-    rv = doChallengeResponse(varTable, currReq, certReq, newCert,
-			     challs, numChall);
-    break;
-  case crmfRAVerified:
-  case crmfKeyAgreement:
-  default:
-    rv = UNSUPPORTED_POP;
-    goto loser;
-  }
- loser:
-  return rv;
-}
-
-void
-convertB64ToJS(char *base64)
-{
-  int i;
-
-  for (i=0; base64[i] != '\0'; i++) {
-    if (base64[i] == '\n') {
-      printf ("\\n");
-    }else {
-      printf ("%c", base64[i]);
-    }
-  }
-}
-
-void
-formatChallenge(char *chall64, char *certRepContentDER,
-		 ChallengeCreationInfo *challInfo, int numChalls)
-{
-  printf ("function respondToChallenge() {\n"
-	  "  var chalForm = document.chalForm;\n\n"
-	  "  chalForm.CertRepContent.value = '");
-  convertB64ToJS(certRepContentDER);
-  printf ("';\n"
-	  "  chalForm.ChallResponse.value = crypto.popChallengeResponse('");
-  convertB64ToJS(chall64);
-  printf("');\n"
-	 "  chalForm.submit();\n"
-	 "}\n");
-
-}
-
-void
-spitOutChallenge(char *chall64, char *certRepContentDER,
-		 ChallengeCreationInfo *challInfo, int numChalls,
-		 char *nickname)
-{
-  int i;
-
-  spitOutHeaders();
-  printf("<html>\n"
-	 "<head>\n"
-	 "<title>Challenge Page</title>\n"
-	 "<script language=\"JavaScript\">\n"
-	 "<!--\n");
-  /* The JavaScript function actually gets defined within
-   * this function call
-   */
-  formatChallenge(chall64, certRepContentDER, challInfo, numChalls);
-  printf("// -->\n"
-	 "</script>\n"
-	 "</head>\n"
-	 "<body onLoad='respondToChallenge()'>\n"
-	 "<h1>Cartman is now responding to the Challenge "
-	 "presented by the CGI</h1>\n"
-	 "<form action='crmfcgi' method='post' name='chalForm'>\n"
-	 "<input type='hidden' name=CertRepContent value=''>\n"
-	 "<input type='hidden' name=ChallResponse value=''>\n");
-  for (i=0;i<numChalls; i++) {
-    printf("<input type='hidden' name='chal%d' value='%d'>\n",
-	   i+1, challInfo[i].random);
-  }
-  printf("<input type='hidden' name='nickname' value='%s'>\n", nickname);
-  printf("</form>\n</body>\n</html>");
-}
-
-ErrorCode
-issueChallenge(CertResponseInfo *issuedCerts, int numCerts, 
-	       ChallengeCreationInfo *challInfo, int numChalls,
-	       CERTCertificate *issuer, CGIVarTable *varTable)
-{
-  ErrorCode rv = NO_ERROR;
-  CMMFPOPODecKeyChallContent *chalContent = NULL;
-  int i;
-  SECStatus srv;
-  PRArenaPool *poolp;
-  CERTGeneralName *genName;
-  SECItem *challDER = NULL;
-  char *chall64, *certRepContentDER;
-
-  rv = createCMMFResponse(issuedCerts, numCerts, issuer, 
-			  &certRepContentDER);
-  if (rv != NO_ERROR) {
-    goto loser;
-  }
-  chalContent = CMMF_CreatePOPODecKeyChallContent();
-  if (chalContent == NULL) {
-    rv = ERROR_CREATING_EMPTY_CHAL_CONTENT;
-    goto loser;
-  }
-  poolp = PORT_NewArena(1024);
-  if (poolp == NULL) {
-    rv = OUT_OF_MEMORY;
-    goto loser;
-  }
-  genName = CERT_GetCertificateNames(issuer, poolp);
-  if (genName == NULL) {
-    rv = ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER;
-    goto loser;
-  }
-  for (i=0;i<numChalls;i++) {
-    srv = CMMF_POPODecKeyChallContentSetNextChallenge(chalContent,
-						      challInfo[i].random,
-						      genName,
-						      challInfo[i].pubKey,
-						      varTable);
-    SECKEY_DestroyPublicKey(challInfo[i].pubKey);
-    if (srv != SECSuccess) {
-      rv = ERROR_SETTING_CHALLENGE;
-      goto loser;
-    }
-  }
-  challDER = SEC_ASN1EncodeItem(NULL, NULL, chalContent, 
-				CMMFPOPODecKeyChallContentTemplate);
-  if (challDER == NULL) {
-    rv = ERROR_ENCODING_CHALL;
-    goto loser;
-  }
-  chall64 = BTOA_DataToAscii(challDER->data, challDER->len);
-  SECITEM_FreeItem(challDER, PR_TRUE);
-  if (chall64 == NULL) {
-    rv = ERROR_CONVERTING_CHALL_TO_BASE64;
-    goto loser;
-  }
-  spitOutChallenge(chall64, certRepContentDER, challInfo, numChalls,
-		   getNickname(issuedCerts[0].cert));
- loser:
-  return rv;
-}
-
-
-ErrorCode
-processRequest(CGIVarTable *varTable)
-{
-  CERTCertDBHandle *certdb;
-  SECKEYKeyDBHandle *keydb;
-  CRMFCertReqMessages *certReqs = NULL;
-  const char *crmfReq;
-  const char *caNickname;
-  CERTCertificate *caCert = NULL;
-  CertResponseInfo *issuedCerts = NULL;
-  CERTSubjectPublicKeyInfo spki = { 0 };
-  ErrorCode rv=NO_ERROR;
-  PRBool doChallengeResponse = PR_FALSE;
-  SECItem der = { 0 };
-  SECStatus srv;
-  CERTCertificateRequest oldCertReq = { 0 };
-  CRMFCertReqMsg **reqMsgs = NULL,*currReq = NULL;
-  CRMFCertRequest **reqs = NULL, *certReq = NULL;
-  CERTName         subject = { 0 };
-  int numReqs,i;
-  ChallengeCreationInfo *challInfo=NULL;
-  int numChalls = 0;
-
-  certdb = CERT_GetDefaultCertDB();
-  keydb = SECKEY_GetDefaultKeyDB();
-  crmfReq = CGITableFindValue(varTable, "CRMFRequest");
-  if (crmfReq == NULL) {
-    rv = CGI_VAR_MISSING;
-    missingVar = "CRMFRequest";
-    goto loser;
-  }
-  caNickname = CGITableFindValue(varTable, "CANickname");
-  if (caNickname == NULL) {
-    rv = CGI_VAR_MISSING;
-    missingVar = "CANickname";
-    goto loser;
-  }
-  caCert = CERT_FindCertByNickname(certdb, caNickname);
-  if (caCert == NULL) {
-    rv = COULD_NOT_FIND_CA;
-    goto loser;
-  }
-  srv = ATOB_ConvertAsciiToItem(&der, crmfReq);
-  if (srv != SECSuccess) {
-    rv = BAD_ASCII_FOR_REQ;
-    goto loser;
-  }
-  certReqs = CRMF_CreateCertReqMessagesFromDER(der.data, der.len);
-  SECITEM_FreeItem(&der, PR_FALSE);
-  if (certReqs == NULL) {
-    rv = COULD_NOT_DECODE_REQS;
-    goto loser;
-  }
-  numReqs = CRMF_CertReqMessagesGetNumMessages(certReqs);
-  issuedCerts = PORT_ZNewArray(CertResponseInfo, numReqs);
-  challInfo   = PORT_ZNewArray(ChallengeCreationInfo, numReqs);
-  if (issuedCerts == NULL || challInfo == NULL) {
-    rv = OUT_OF_MEMORY;
-    goto loser;
-  }
-  reqMsgs = PORT_ZNewArray(CRMFCertReqMsg*,   numReqs);
-  reqs    = PORT_ZNewArray(CRMFCertRequest*, numReqs);
-  if (reqMsgs == NULL || reqs == NULL) {
-    rv =   OUT_OF_MEMORY;
-    goto loser;
-  }
-  for (i=0; i<numReqs; i++) {
-    currReq = reqMsgs[i] = 
-      CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqs, i);
-    if (currReq == NULL) {
-      rv = ERROR_RETRIEVING_REQUEST_MSG;
-      goto loser;
-    }
-    certReq = reqs[i] = CRMF_CertReqMsgGetCertRequest(currReq);
-    if (certReq == NULL) {
-      rv = ERROR_RETRIEVING_CERT_REQUEST;
-      goto loser;
-    }
-    srv = CRMF_CertRequestGetCertTemplateSubject(certReq, &subject);
-    if (srv != SECSuccess) {
-      rv = ERROR_RETRIEVING_SUBJECT_FROM_REQ;
-      goto loser;
-    }
-    srv = CRMF_CertRequestGetCertTemplatePublicKey(certReq, &spki);
-    if (srv != SECSuccess) {
-      rv = ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ;
-      goto loser;
-    }
-    rv = initOldCertReq(&oldCertReq, &subject, &spki);
-    if (rv != NO_ERROR) {
-      goto loser;
-    }
-    rv = createNewCert(&issuedCerts[i].cert, &oldCertReq, currReq, certReq, 
-		       caCert, varTable);
-    if (rv != NO_ERROR) {
-      goto loser;
-    }
-    rv = doProofOfPossession(varTable, currReq, certReq, issuedCerts[i].cert,
-			     challInfo, &numChalls);
-    if (rv != NO_ERROR) {
-      if (rv == DO_CHALLENGE_RESPONSE) {
-	doChallengeResponse = PR_TRUE;
-      } else {
-	goto loser;
-      }
-    }
-    CRMF_CertReqMsgGetID(currReq, &issuedCerts[i].certReqID);
-    CRMF_DestroyCertReqMsg(currReq);
-    CRMF_DestroyCertRequest(certReq);
-  }
-  if (doChallengeResponse) {
-    rv = issueChallenge(issuedCerts, numReqs, challInfo, numChalls, caCert,
-			varTable);
-  } else {
-    rv = issueCerts(issuedCerts, numReqs, caCert);
-  }
- loser:
-  if (certReqs != NULL) {
-    CRMF_DestroyCertReqMessages(certReqs);
-  }
-  return rv;
-}
-
-ErrorCode
-processChallengeResponse(CGIVarTable *varTable, const char *certRepContent)
-{
-  SECItem binDER = { 0 };
-  SECStatus srv;
-  ErrorCode rv = NO_ERROR;
-  const char *clientResponse;
-  const char *formChalValue;
-  const char *nickname;
-  CMMFPOPODecKeyRespContent *respContent = NULL;
-  int numResponses,i;
-  long curResponse, expectedResponse;
-  char cgiChalVar[10];
-#ifdef WRITE_OUT_RESPONSE
-  SECItem certRepBinDER = { 0 };
-
-  ATOB_ConvertAsciiToItem(&certRepBinDER, certRepContent);
-  writeOutItem("challCertRepContent.der", &certRepBinDER);
-  PORT_Free(certRepBinDER.data);
-#endif  
-  clientResponse = CGITableFindValue(varTable, "ChallResponse");
-  if (clientResponse == NULL) {
-    rv =   REQ_CGI_VAR_NOT_PRESENT;
-    missingVar = "ChallResponse";
-    goto loser;
-  }
-  srv = ATOB_ConvertAsciiToItem(&binDER, clientResponse);
-  if (srv != SECSuccess) {
-    rv = ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN;
-    goto loser;
-  }
-  respContent = CMMF_CreatePOPODecKeyRespContentFromDER(binDER.data,
-							binDER.len);
-  SECITEM_FreeItem(&binDER, PR_FALSE);
-  binDER.data = NULL;
-  if (respContent == NULL) {
-    rv = ERROR_CREATING_KEY_RESP_FROM_DER;
-    goto loser;
-  }
-  numResponses = CMMF_POPODecKeyRespContentGetNumResponses(respContent);
-  for (i=0;i<numResponses;i++){
-    srv = CMMF_POPODecKeyRespContentGetResponse(respContent,i,&curResponse);
-    if (srv != SECSuccess) {
-      rv = ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE;
-      goto loser;
-    }
-    sprintf(cgiChalVar, "chal%d", i+1);
-    formChalValue = CGITableFindValue(varTable, cgiChalVar);
-    if (formChalValue == NULL) {
-      rv = REQ_CGI_VAR_NOT_PRESENT;
-      missingVar = strdup(cgiChalVar);
-      goto loser;
-    }
-    sscanf(formChalValue, "%ld", &expectedResponse);
-    if (expectedResponse != curResponse) {
-      rv = ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED;
-      goto loser;
-    }
-  }
-  nickname = CGITableFindValue(varTable, "nickname");
-  if (nickname == NULL) {
-    rv = REQ_CGI_VAR_NOT_PRESENT;
-    missingVar = "nickname";
-    goto loser;
-  }
-  spitOutCMMFResponse(nickname, certRepContent);
- loser:
-  if (respContent != NULL) {
-    CMMF_DestroyPOPODecKeyRespContent(respContent);
-  }
-  return rv;
-}
-
-int
-main()
-{
-  char *form_output = NULL;
-  int   form_output_len, form_output_used;
-  CGIVarTable varTable = { 0 };
-  ErrorCode errNum = 0;
-  char *certRepContent;
-
-#ifdef ATTACH_CGI
-  /* Put an ifinite loop in here so I can attach to 
-   * the process after the process is spun off
-   */
-  { int stupid = 1;
-    while (stupid);
-  }
-#endif
-
-  form_output_used = 0;
-  srand(time(NULL));
-  while (feof(stdin) == 0) {
-    if (form_output == NULL) {
-      form_output = PORT_NewArray(char, DEFAULT_ALLOC_SIZE+1);
-      form_output_len  = DEFAULT_ALLOC_SIZE;
-    } else if ((form_output_used + DEFAULT_ALLOC_SIZE) >= form_output_len) {
-      form_output_len += DEFAULT_ALLOC_SIZE;
-      form_output = PORT_Realloc(form_output, form_output_len+1);
-    }
-    form_output_used += fread(&form_output[form_output_used], sizeof(char), 
-			      DEFAULT_ALLOC_SIZE, stdin);
-  }
-  ParseInputVariables(&varTable, form_output);
-  certRepContent = CGITableFindValue(&varTable, "CertRepContent");
-  if (certRepContent == NULL) {
-    errNum = initNSS(&varTable);
-    if (errNum != 0) {
-      goto loser;
-    }
-    errNum = processRequest(&varTable);
-  } else {
-    errNum = processChallengeResponse(&varTable, certRepContent);
-  }
-  if (errNum != NO_ERROR) {
-    goto loser;
-  }
-  goto done;
-loser:
-  dumpErrorMessage(errNum);
-done:
-  free (form_output);
-  return 0;
-}
-
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.html b/security/nss/cmd/crmf-cgi/crmfcgi.html
deleted file mode 100644
index e91923ece..000000000
--- a/security/nss/cmd/crmf-cgi/crmfcgi.html
+++ /dev/null
@@ -1,165 +0,0 @@
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-
-<html>
-<head>
-<title>CRMF Test Page for PSM</title>
-<script language=javascript>
-var request;
-//This variable must be set to the first value
-//in the select field "testType" in the form.
-var keyGenType="SigningOnlyRSA";
-
-var requestedDN = "CN=Javi CA Shack ID, O=NSS";
-
-function setTestType() {
-  var testType = document.crmfForm.testType;
-  
-  keyGenType = testType.options[testType.selectedIndex].value;
-}
-
-function setRequest() {
-  with (document.crmfForm) {
-    CRMFRequest.value = request.request;
-    submit();
-  }
-}
-
-function generateSignAndEncryptRSARequest() {
-    request = crypto.generateCRMFRequest(requestedDN,
-                                         null, null, null, "setRequest()",
-                                         crypto.algorithms.rsa.keyEx.keySizes[0],
-                                         null, "rsa-dual-use");    
-}
-
-function generateSigningOnlyRSARequest() {
-    request = crypto.generateCRMFRequest(requestedDN,null,null,null,"setRequest()",
-                                         crypto.algorithms.rsa.signing.keySizes[0],
-                                         null, "rsa-sign");
-}
-
-function generateEncryptionOnlyRSARequest() {
-    request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
-                                         crypto.algorithms.rsa.keyEx.keySizes[0],
-                                         null, "rsa-ex");
-}
-
-function generateDualRSAKeys() {
-    request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
-                                         crypto.algorithms.rsa.keyEx.keySizes[0],
-                                         null, "rsa-ex",
-                                         crypto.algorithms.rsa.signing.keySizes[0],
-                                         null, "rsa-sign");
-}
-
-function generateDSAKey() {
-    request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
-                                         crypto.algorithms.dsa.keySizes[0],
-                                         null, "dsa-sign-nonrepudiation");
-}
-
-function processForm(form) {
-  with (form) {
-    if (typeof(crypto.version) == "undefined") {
-      alert('You must be running PSM in order to use this page.');
-      return false;
-    }
-    if (NSSDirectory.value == "") {
-      alert('You must provide a path for NSS to use.');
-      return false;
-    }
-    if (dbPassword.value == "") {
-      alert('You must provide a password for the certificate database.');
-      return false;
-    }
-    if (CANickname.value == "") {
-      alert('You must provide a CA Nickname to use.');
-      return false;
-    }
-    //Now do the correct key generation.
-    if (keyGenType == "SignAndEncryptRSA") {
-      generateSignAndEncryptRSARequest();
-    } else if (keyGenType == "SigningOnlyRSA") {
-      generateSigningOnlyRSARequest();
-    } else if (keyGenType == "EncryptionOnlyRSA") {
-      generateEncryptionOnlyRSARequest();
-    } else if (keyGenType == "DualRSAKeys") {
-      generateDualRSAKeys();
-    } else if (keyGenType == "DSAKeyGen") {
-      generateDSAKey();
-    }
-  }
-  return true;
-}
-</script>
-</head>
-<body>
-<h1><center>CRMF Test page for PSM</center></h1>
-This page is designed to be used in combination with the executable
-produced by ns/security/cmd/crmf-cgi in a CGI environment.  In order
-to successfully use this page, modify its action to post to a a server
-where you have installed the crmfcgi executable and you'll be able to
-test the functionality.
-<hr>
-<form name="crmfForm" method=post action="http://www.cgi-site.com/cgi-bin/crmfcgi"> 
-<h2>Certificate Database information</h2>
-First, enter all the information for the CGI to use for initializing 
-NSS.  The CGI will use the directory entered below as the directory
-where to look for the certificate and key databases.
-<pre>
-Path for NSS Config: <input size=40 type="text" name="NSSDirectory">
-</pre>
-Enter the password for the certificate database found in the direcotry
-above.
-<pre>
-Database Password:   <input type="password" name="dbPassword" size=40>
-</pre>
-Now enter the nickname of the certificate to use for signing the 
-certificate issued during this test.
-<pre>
-CA Nickname:         <input size=40 type="text" name="CANickname">
-</pre>
-<h2>Now, figure out which type of key generation you want to test:</h2>
-<select name="testType" onChange="setTestType()">`
-<option value="SigningOnlyRSA">Signing Only-RSA
-<option value="EncryptionOnlyRSA">Encryption Only-RSA
-<option value="SignAndEncryptRSA">Sign and Encrypt Single Key -RSA
-<option value="DualRSAKeys">Dual Keys-RSA
-<option value="DSAKeyGen">DSA Key Gen
-</select>
-<input type="hidden" name=CRMFRequest value="">
-<hr>
-<input type="button" value="OK" onclick="processForm(document.crmfForm)">
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/crmf-cgi/manifest.mn b/security/nss/cmd/crmf-cgi/manifest.mn
deleted file mode 100644
index ceaf5a635..000000000
--- a/security/nss/cmd/crmf-cgi/manifest.mn
+++ /dev/null
@@ -1,61 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-CORE_DEPTH = ../../..
-MODULE	= sectools
-
-EXPORTS = \
-	$(NULL)
-
-CSRCS = \
-	crmfcgi.c \
-	$(NULL)
-
-
-REQUIRES = security dbm seccmd
-
-ifdef ATTACH_CGI
-DEFINES += -DATTACH_CGI
-endif
-
-ifdef WRITE_OUT_RESPONSE
-DEFINES += -DWRITE_OUT_RESPONSE
-endif
-
-PROGRAM  = crmfcgi
-
-USE_STATIC_LIBS = 1
-
-INCLUDES = 
-
-DEFINES = -DNSPR20
diff --git a/security/nss/cmd/crmftest/Makefile b/security/nss/cmd/crmftest/Makefile
deleted file mode 100644
index 5df669763..000000000
--- a/security/nss/cmd/crmftest/Makefile
+++ /dev/null
@@ -1,99 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include config.mk
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-OS_LIBS += -lsvld 
-endif 
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), SunOS5.6)
-OS_LIBS += -ldl -lxnet -lposix4 -lsocket -lnsl
-endif
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(DIST)/lib/crmf.lib
-else
-EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX) 
-endif
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-LDDIST = $(DIST)/lib
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(LDDIST)/sectool.lib
-endif
-
-lame:
-	echo $(CPU_ARCH)
-
-include ../platrules.mk
diff --git a/security/nss/cmd/crmftest/config.mk b/security/nss/cmd/crmftest/config.mk
deleted file mode 100644
index 7343609f8..000000000
--- a/security/nss/cmd/crmftest/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY        =
-
diff --git a/security/nss/cmd/crmftest/manifest.mn b/security/nss/cmd/crmftest/manifest.mn
deleted file mode 100644
index b27e4a3d8..000000000
--- a/security/nss/cmd/crmftest/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-CORE_DEPTH = ../../..
-DEPTH      = .
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE	= security
-
-EXPORTS = \
-	$(NULL)
-
-CSRCS = \
-	testcrmf.c \
-	$(NULL)
-
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm
-
-PROGRAM  = crmftest
-
diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c
deleted file mode 100644
index 42e02a38c..000000000
--- a/security/nss/cmd/crmftest/testcrmf.c
+++ /dev/null
@@ -1,1532 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "secrng.h"
-#include "secpkcs5.h"
-#include "pk11func.h"
-#include "pkcs11.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "key.h"
-#include "prio.h"
-#include "pqggen.h"
-#include "cmmf.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "prlock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "rsa.h"
-#include "secpkcs5.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-#include <stdio.h>
-#include "prprf.h"
-#if !defined(XP_UNIX) && !defined(LINUX)
-extern int getopt(int, char **, char*);
-extern char *optarg;
-#endif
-#define MAX_KEY_LEN 512
-
-int64 notBefore;
-char *personalCert      = NULL;
-char *recoveryEncrypter = NULL;
-char *caCertName        = NULL;
-
-CERTCertDBHandle *db;
-SECKEYKeyDBHandle *keydb;
-
-void 
-debug_test(SECItem *src, char *filePath)
-{
-    PRFileDesc *fileDesc;
-
-    fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, 
-			0666);
-    if (fileDesc == NULL) {
-        printf ("Could not cretae file %s.\n", filePath);
-	return;
-    }
-    PR_Write(fileDesc, src->data, src->len);
-    
-}
-
-SECStatus
-get_serial_number(long *dest)
-{
-   RNGContext *rng;
-   SECStatus   rv;
-
-   if (dest == NULL) {
-       return SECFailure;
-   }
-   rng = RNG_CreateContext();
-   if (rng == NULL) {
-       *dest = 0;
-       return SECFailure;
-   }
-   rv = RNG_GenerateRandomBytes(rng, (void*)dest, sizeof(long));
-   RNG_DestroyContext(rng, PR_TRUE);
-    return SECSuccess;
-}
-
-char *
-promptForPassword (PK11SlotInfo *slot, PRBool retry, void *cx)
-{
-    char passWord[80];
-    char *retPass = NULL;
-    
-    if (retry) {
-        printf ("Incorrect password.  Please re-enter the password.\n");
-    } 
-    printf ("WARNING: Password will be echoed to the screen.\n");
-    printf ("Please enter the password for slot \"%s\":", 
-	    PK11_GetTokenName(slot));
-    scanf ("%s", passWord);
-    retPass = PORT_Strdup(passWord);
-    return retPass;
-}
-
-PK11RSAGenParams *
-GetRSAParams(void) 
-{
-    PK11RSAGenParams *rsaParams;
-
-    rsaParams = PORT_ZNew(PK11RSAGenParams);
-
-    if (rsaParams == NULL)
-      return NULL;
-
-    rsaParams->keySizeInBits = MAX_KEY_LEN;
-    rsaParams->pe = 0x1001;
-    
-    return rsaParams;
-    
-}
-
-SECStatus
-SetSlotPassword(PK11SlotInfo *slot)
-{
-    char userPin[80];
-
-    printf ("Initialization of PIN's for your Database.\n");
-    printf ("------------------------------------------\n");
-    printf ("Please enter the PIN's for your Database.\n");
-    printf ("Warning: ALL PIN'S WILL BE ECHOED TO SCREEN!!!\n");
-    printf ("Now enter the PIN for the user: ");
-    scanf  ("%s", userPin);
-    return PK11_InitPin (slot, NULL, userPin);
-}
-
-PQGParams*
-GetDSAParams(void)
-{
-    PQGParams *params = NULL;
-    PQGVerify *vfy = NULL;
-
-    SECStatus  rv;
-
-    rv = PQG_ParamGen(0, &params, &vfy);
-    if (rv != SECSuccess) {
-        return NULL;
-    }
-    PQG_DestroyVerify(vfy);
-    return params;
-}
-
-CERTSubjectPublicKeyInfo *
-GetSubjectPubKeyInfo(SECKEYPrivateKey **destPrivKey, 
-		     SECKEYPublicKey  **destPubKey) {
-    CERTSubjectPublicKeyInfo *spki       = NULL;
-    SECKEYPrivateKey         *privKey    = NULL;
-    SECKEYPublicKey          *pubKey     = NULL;
-    PK11SlotInfo             *keySlot    = NULL;
-    PK11SlotInfo             *cryptoSlot = NULL;
-    PK11RSAGenParams         *rsaParams  = NULL;
-    PQGParams                *dsaParams  = NULL;
-    
-    keySlot = PK11_GetInternalKeySlot();
-    PK11_Authenticate(keySlot, PR_FALSE, NULL);
-    cryptoSlot = PK11_GetInternalSlot();
-    PK11_Authenticate(cryptoSlot, PR_FALSE, NULL);
-    PK11_FreeSlot(cryptoSlot);
-    rsaParams  = GetRSAParams();
-    privKey = PK11_GenerateKeyPair(keySlot, CKM_RSA_PKCS_KEY_PAIR_GEN,
-				   (void*)rsaParams, &pubKey, PR_FALSE,
-				   PR_FALSE, NULL);
-/*    dsaParams = GetDSAParams();
-    if (dsaParams == NULL) {
-        PK11_FreeSlot(keySlot);
-        return NULL;
-    }
-    privKey = PK11_GenerateKeyPair(keySlot, CKM_DSA_KEY_PAIR_GEN,
-				   (void*)dsaParams, &pubKey, PR_FALSE,
-				   PR_FALSE, NULL);*/
-    PK11_FreeSlot(keySlot);
-    if (privKey == NULL || pubKey == NULL) {
-        if (pubKey) {
-	    SECKEY_DestroyPublicKey(pubKey);
-	}
-	if (privKey) {
-	    SECKEY_DestroyPrivateKey(privKey);
-	}
-	return NULL;
-    }
-
-    spki = SECKEY_CreateSubjectPublicKeyInfo(pubKey);
-    *destPrivKey = privKey;
-    *destPubKey  = pubKey;
-    return spki;
-}
-
-
-SECStatus
-InitPKCS11(void)
-{
-    PK11SlotInfo *cryptoSlot, *keySlot;
-
-    PK11_SetPasswordFunc(promptForPassword);
-
-    cryptoSlot = PK11_GetInternalSlot();
-    keySlot    = PK11_GetInternalKeySlot();
-    
-    if (PK11_NeedUserInit(cryptoSlot) && PK11_NeedLogin(cryptoSlot)) {
-        if (SetSlotPassword (cryptoSlot) != SECSuccess) {
-	    printf ("Initializing the PIN's failed.\n");
-	    return SECFailure;
-	}
-    }
-    
-    if (PK11_NeedUserInit(keySlot) && PK11_NeedLogin(keySlot)) {
-        if (SetSlotPassword (keySlot) != SECSuccess) {
-	    printf ("Initializing the PIN's failed.\n");
-	    return SECFailure;
-	}
-    }
-
-    PK11_FreeSlot(cryptoSlot);
-    PK11_FreeSlot(keySlot);
-    return SECSuccess;
-}
-
-
-void 
-WriteItOut (void *arg, const char *buf, unsigned long len)
-{
-    PRFileDesc *fileDesc = (PRFileDesc*)arg;
-
-    PR_Write(fileDesc, (void*)buf, len);
-}
-
-SECItem
-GetRandomBitString(void)
-{
-#define NUM_BITS     800
-#define BITS_IN_BYTE 8
-    SECItem bitString;
-    int numBytes = NUM_BITS/BITS_IN_BYTE;
-    unsigned char *bits = PORT_ZNewArray(unsigned char, numBytes);
-    RNGContext *rng;
-
-    rng = RNG_CreateContext();
-    RNG_GenerateRandomBytes(rng, (void*)bits, numBytes);
-    RNG_DestroyContext(rng, PR_TRUE);
-    bitString.data = bits;
-    bitString.len = NUM_BITS;
-    bitString.type = siBuffer;
-    return bitString;
-}
-
-CRMFCertExtCreationInfo*
-GetExtensions(void)
-{
-    CRMFCertExtCreationInfo *extInfo;
-    CRMFCertExtension *currExt;
-    CRMFCertExtension *extension;
-    SECItem data;
-    PRBool prFalse = PR_FALSE;
-    unsigned char keyUsage[4];
-
-    data.len = 4;
-    data.data = keyUsage;
-    keyUsage[0] = 0x03;
-    keyUsage[1] = 0x02;
-    keyUsage[2] = 0x07;
-    keyUsage[3] = KU_DIGITAL_SIGNATURE;
-    extension = CRMF_CreateCertExtension(SEC_OID_X509_KEY_USAGE,prFalse,
-					 &data);
-    extInfo = PORT_ZNew(CRMFCertExtCreationInfo);
-    extInfo->numExtensions = 1;
-    extInfo->extensions = PORT_ZNewArray(CRMFCertExtension*, 1);
-    extInfo->extensions[0] = extension;
-    return extInfo;
-}
-
-void
-FreeExtInfo(CRMFCertExtCreationInfo *extInfo)
-{
-    int i;
-    
-    for (i=0; i<extInfo->numExtensions; i++) {
-        CRMF_DestroyCertExtension(extInfo->extensions[i]);
-    }
-    PORT_Free(extInfo->extensions);
-    PORT_Free(extInfo);
-}
-
-int
-CreateCertRequest (CRMFCertRequest **inCertReq, SECKEYPrivateKey **privKey,
-		   SECKEYPublicKey **pubKey)
-{
-    long serialNumber;
-    long version = 3;
-    char *issuerStr = PORT_Strdup ("CN=Javi's CA Shack, O=Information Systems");
-    char *subjectStr = PORT_Strdup ("CN=Javi's CA Shack ID, O=Engineering, "
-				    "C=US");
-    CRMFCertRequest *certReq;
-    SECAlgorithmID * algID;
-    CERTName *issuer, *subject;
-    CRMFValidityCreationInfo validity;
-    CERTSubjectPublicKeyInfo *spki;
-    SECStatus rv;
-    SECOidTag tag, tag2;
-    SECItem issuerUID, subjectUID;
-    CRMFCertExtCreationInfo *extInfo;
-    CRMFEncryptedKey  *encKey;
-    CERTCertificate *caCert;
-    CRMFPKIArchiveOptions *pkiArchOpt;
-  
-    *inCertReq = NULL;
-    certReq = CRMF_CreateCertRequest(0x0ff02345);
-    if (certReq == NULL) {
-        printf ("Could not initialize a certificate request.\n");
-	return 1;
-    }
-    rv = CRMF_CertRequestSetTemplateField (certReq, crmfVersion, (void*)(&version));
-    if (rv != SECSuccess) {
-        printf("Could not add the version number to the "
-	       "Certificate Request.\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 2;
-    }
-
-    if (get_serial_number(&serialNumber) != SECSuccess) {
-        printf ("Could not generate a serial number for cert request.\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 3;
-    }
-
-    rv = CRMF_CertRequestSetTemplateField (certReq, crmfSerialNumber, 
-				      (void*)(&serialNumber));
-    if (rv != SECSuccess) {
-        printf ("Could not add serial number to certificate template\n.");
-	CRMF_DestroyCertRequest(certReq);
-	return 4;
-    }
-    
-    issuer = CERT_AsciiToName(issuerStr);
-    if (issuer == NULL) {
-        printf ("Could not create CERTName structure from %s.\n", issuerStr);
-	CRMF_DestroyCertRequest(certReq);
-	return 5;
-    }
-    rv = CRMF_CertRequestSetTemplateField (certReq, crmfIssuer, (void*) issuer);
-    PORT_Free(issuerStr);
-    CERT_DestroyName(issuer);
-    if (rv != SECSuccess) {
-        printf ("Could not add issuer to cert template\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 6;
-    }
-
-    subject = CERT_AsciiToName(subjectStr);
-    if (subject == NULL) {
-        printf ("Could not create CERTName structure from %s.\n", subjectStr);
-	CRMF_DestroyCertRequest(certReq);
-	return 7;
-    }
-    PORT_Free(subjectStr);
-    rv = CRMF_CertRequestSetTemplateField (certReq, crmfSubject, (void*)subject);
-    if (rv != SECSuccess) {
-        printf ("Could not add subject to cert template\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 8;
-    }
-    CERT_DestroyName(subject);
-
-    algID = 
-   SEC_PKCS5CreateAlgorithmID (SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
-			       NULL, 1);
-    if (algID == NULL) {
-        printf ("Couldn't create algorithm ID\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 9;
-    }
-    rv = CRMF_CertRequestSetTemplateField(certReq, crmfSigningAlg, (void*)algID);
-    SECOID_DestroyAlgorithmID(algID, PR_TRUE);
-    if (rv != SECSuccess) {
-        printf ("Could not add the signing algorithm to the cert template.\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 10;
-    }
-
-    validity.notBefore = &notBefore;
-    validity.notAfter  = NULL;
-    notBefore = PR_Now();
-    rv = CRMF_CertRequestSetTemplateField(certReq, crmfValidity,(void*)(&validity));
-    if (rv != SECSuccess) {
-        printf ("Could not add validity to cert template\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 11;
-    }
-
-    spki = GetSubjectPubKeyInfo(privKey, pubKey);
-    if (spki == NULL) {
-        printf ("Could not create a Subject Public Key Info to add\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 12;
-    }
-    rv = CRMF_CertRequestSetTemplateField(certReq, crmfPublicKey, (void*)spki);
-    SECKEY_DestroySubjectPublicKeyInfo(spki);
-    if (rv != SECSuccess) {
-        printf ("Could not add the public key to the template\n");
-	CRMF_DestroyCertRequest(certReq);
-	return 13;
-    }
-    
-    caCert = 
-      CERT_FindCertByNickname(CERT_GetDefaultCertDB(), 
-			      caCertName);
-    if (caCert == NULL) {
-        printf ("Could not find the certificate for %s\n", caCertName);
-        CRMF_DestroyCertRequest(certReq);
-	return 50;
-    }
-
-    issuerUID = GetRandomBitString();
-    subjectUID = GetRandomBitString();
-    CRMF_CertRequestSetTemplateField(certReq,crmfIssuerUID,  (void*)&issuerUID);
-    CRMF_CertRequestSetTemplateField(certReq,crmfSubjectUID, (void*)&subjectUID);
-    PORT_Free(issuerUID.data);
-    PORT_Free(subjectUID.data);
-    extInfo = GetExtensions();
-    CRMF_CertRequestSetTemplateField(certReq, crmfExtension, (void*)extInfo);
-    FreeExtInfo(extInfo);
-    encKey = CRMF_CreateEncryptedKeyWithEncryptedValue(*privKey, caCert);
-    CERT_DestroyCertificate(caCert);
-    if (encKey == NULL) {
-        printf ("Could not create Encrypted Key with Encrypted Value.\n");
-	return 14;
-    }
-    pkiArchOpt = CRMF_CreatePKIArchiveOptions(crmfEncryptedPrivateKey, encKey);
-    CRMF_DestroyEncryptedKey(encKey);
-    if (pkiArchOpt == NULL) {
-        printf ("Could not create PKIArchiveOptions.\n");
-	return 15;
-    }
-    rv  = CRMF_CertRequestSetPKIArchiveOptions(certReq, pkiArchOpt);
-    CRMF_DestroyPKIArchiveOptions(pkiArchOpt);
-    if (rv != SECSuccess) {
-        printf ("Could not add the PKIArchiveControl to Cert Request.\n");
-	return 16;
-    }
-    *inCertReq = certReq;
-    return 0;
-}
-
-int 
-Encode (CRMFCertReqMsg *inCertReq, 
-	CRMFCertReqMsg *secondReq, char *configdir)
-{   
-#define PATH_LEN  150
-#define CRMF_FILE "CertReqMessages.der"
-    char filePath[PATH_LEN];
-    PRFileDesc *fileDesc;
-    SECStatus rv;
-    int irv = 0;
-    CRMFCertReqMsg *msgArr[3];
-    CRMFCertReqMsg *newMsg;
-
-    PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
-    fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, 
-			0666);
-    if (fileDesc == NULL) {
-        printf ("Could not open file %s\n", filePath);
-	irv = 14;
-	goto finish;
-    }
-/*    rv = CRMF_EncodeCertReqMsg (inCertReq, WriteItOut, (void*)fileDesc);*/
-    msgArr[0] = inCertReq;
-    msgArr[1] = secondReq;
-    msgArr[2] = NULL;
-    rv = CRMF_EncodeCertReqMessages(msgArr, WriteItOut, (void*)fileDesc);
-    if (rv != SECSuccess) {
-        printf ("An error occurred while encoding.\n");
-	irv = 15;
-	goto finish;
-    }
- finish:
-    PR_Close(fileDesc);
-    return irv;
-}
-
-int
-AddProofOfPossession(CRMFCertReqMsg *certReqMsg, SECKEYPrivateKey *privKey,
-		     SECKEYPublicKey *pubKey, CRMFPOPChoice inPOPChoice)
-{
-
-    switch(inPOPChoice){
-    case crmfSignature:
-      CRMF_CertReqMsgSetSignaturePOP(certReqMsg, privKey, pubKey, NULL, NULL, 
-				     NULL);
-      break;
-    case crmfRAVerified:
-      CRMF_CertReqMsgSetRAVerifiedPOP(certReqMsg);
-      break;
-    case crmfKeyEncipherment:
-      CRMF_CertReqMsgSetKeyEnciphermentPOP(certReqMsg,
-					   crmfSubsequentMessage, 
-					   crmfChallengeResp, NULL);
-      break;
-    case crmfKeyAgreement:
-      {
-	SECItem pendejo;
-	unsigned char lame[] = { 0xf0, 0x0f, 0xf0, 0x0f, 0xf0 };
-
-	pendejo.data = lame;
-	pendejo.len  = 5;
-	
-	CRMF_CertReqMsgSetKeyAgreementPOP(certReqMsg, crmfThisMessage, 
-					  crmfNoSubseqMess, &pendejo);
-      }
-      break;
-    default:
-      return 1;
-    }
-    return 0;
-}
-
-#define BUFF_SIZE  150
-
-int
-Decode(char *configdir)
-{
-    char           filePath[PATH_LEN];
-    unsigned char  buffer[BUFF_SIZE];
-    char          *asn1Buff;
-    PRFileDesc    *fileDesc;
-    PRInt32          fileLen = 0;
-    PRInt32          bytesRead;
-    CRMFCertReqMsg  *certReqMsg;
-    CRMFCertRequest *certReq;
-    CRMFGetValidity validity= {NULL, NULL};
-    CRMFCertReqMessages *certReqMsgs;
-    int numMsgs, i;
-    long lame;
-
-    PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
-    fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
-    while (1) {
-        bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE);
-	if (bytesRead <= 0) break;
-	fileLen += bytesRead;
-    }
-    if (bytesRead < 0) {
-        printf ("Error while getting the length of the file %s\n", filePath);
-	return 200;
-    }
-    
-    PR_Close(fileDesc);
-    fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
-    asn1Buff = PORT_ZNewArray(char, fileLen);
-    bytesRead = PR_Read(fileDesc, asn1Buff, fileLen);
-    if (bytesRead != fileLen) {
-        printf ("Error while reading in the contents of %s\n", filePath);
-	return 201;
-    }
-    /*certReqMsg = CRMF_CreateCertReqMsgFromDER(asn1Buff, fileLen);
-    if (certReqMsg == NULL) {
-        printf ("Error while decoding the CertReqMsg\n");
-	return 202;
-    }
-    certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
-*/
-    certReqMsgs = CRMF_CreateCertReqMessagesFromDER(asn1Buff, fileLen);
-    if (certReqMsgs == NULL) {
-        printf ("Error decoding CertReqMessages.\n");
-	return 202;
-    }
-    numMsgs = CRMF_CertReqMessagesGetNumMessages(certReqMsgs);
-    if (numMsgs <= 0) {
-        printf ("WARNING: The DER contained %d messages.\n", numMsgs);
-    }
-    for (i=0; i < numMsgs; i++) {
-        certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i);
-	if (certReqMsg == NULL) {
-	    printf ("ERROR: Could not access the message at index %d of %s\n",
-		    i, filePath);
-	}
-	CRMF_CertReqMsgGetID(certReqMsg, &lame);
-	certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
-	CRMF_CertRequestGetCertTemplateValidity(certReq, &validity);
-	CRMF_DestroyGetValidity(&validity);
-	CRMF_DestroyCertRequest(certReq);
-	CRMF_DestroyCertReqMsg(certReqMsg);
-    }
-    CRMF_DestroyCertReqMessages(certReqMsgs);
-    PORT_Free(asn1Buff);
-    return 0;
-}
-
-void
-GetBitsFromFile(char *filePath, SECItem *fileBits)
-{
-    PRFileDesc *fileDesc;
-    int         bytesRead, fileLen=0;
-    char        buffer[BUFF_SIZE], *asn1Buf;
-
-    fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
-    while (1) {
-        bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE);
-	if (bytesRead <= 0) break;
-	fileLen += bytesRead;
-    }
-    if (bytesRead < 0) {
-        printf ("Error while getting the length of file %s.\n", filePath);
-	goto loser;
-    }
-    PR_Close(fileDesc);
-    
-    fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
-    asn1Buf = PORT_ZNewArray(char, fileLen);
-    if (asn1Buf == NULL) {
-        printf ("Out of memory in function GetBitsFromFile\n");
-        goto loser;
-    }
-    bytesRead = PR_Read(fileDesc, asn1Buf, fileLen);
-    if (bytesRead != fileLen) {
-        printf ("Error while reading the contents of %s\n", filePath);
-	goto loser;
-    }
-    fileBits->data = (unsigned char*)asn1Buf;
-    fileBits->len  = fileLen;
-    return;
- loser:
-    if (asn1Buf) {
-        PORT_Free(asn1Buf);
-    }
-    fileBits->data = NULL;
-    fileBits->len  = 0;
-} 
-
-int
-DecodeCMMFCertRepContent(char *derFile)
-{
-    int         fileLen=0;
-    char       *asn1Buf;
-    SECItem     fileBits;
-    CMMFCertRepContent *certRepContent;
-
-
-    GetBitsFromFile(derFile, &fileBits);
-    if (fileBits.data == NULL) {
-        printf("Could not get bits from file %s\n", derFile);
-        return 304;
-    }
-    asn1Buf = (char*)fileBits.data;
-    fileLen = fileBits.len;
-    certRepContent = CMMF_CreateCertRepContentFromDER(db, asn1Buf, fileLen);
-    if (certRepContent == NULL) {
-        printf ("Error while decoding %s\n", derFile);
-	return 303;
-    }
-    CMMF_DestroyCertRepContent(certRepContent);
-    PORT_Free(asn1Buf);
-    return 0;
-}
-
-int
-DoCMMFStuff(char *configdir)
-{
-    CMMFCertResponse   *certResp=NULL, *certResp2=NULL, *certResponses[3];
-    CMMFCertRepContent *certRepContent=NULL;
-    CERTCertificate    *cert=NULL, *caCert=NULL;
-    CERTCertList       *list=NULL;
-    PRFileDesc         *fileDesc=NULL;
-    char                filePath[PATH_LEN];
-    int                 rv = 0;
-    long                random;
-    CMMFKeyRecRepContent       *repContent=NULL;
-    SECKEYPrivateKey           *privKey = NULL;
-    SECKEYPublicKey *caPubKey;
-    SECStatus        srv;
-    SECItem          fileBits;
-    
-    certResp = CMMF_CreateCertResponse(0xff123);
-    CMMF_CertResponseSetPKIStatusInfoStatus(certResp, cmmfGranted);
-    cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert);
-    if (cert == NULL) {
-        printf ("Could not find the certificate for %s\n", personalCert);
-        rv = 416;
-        goto finish;
-    } 
-    CMMF_CertResponseSetCertificate(certResp, cert);
-    certResp2 = CMMF_CreateCertResponse(0xff122);
-    CMMF_CertResponseSetPKIStatusInfoStatus(certResp2, cmmfGranted);
-    CMMF_CertResponseSetCertificate(certResp2, cert);
-    
-    certResponses[0] = certResp;
-    certResponses[1] = NULL;
-    certResponses[2] = NULL;
-
-    certRepContent = CMMF_CreateCertRepContent();
-    CMMF_CertRepContentSetCertResponses(certRepContent, certResponses, 1);
-
-    list = CERT_GetCertChainFromCert(cert, PR_Now(), certUsageEmailSigner);
-    CMMF_CertRepContentSetCAPubs(certRepContent, list);
-
-    PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, "CertRepContent.der");
-    fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, 
-			0666);
-    if (fileDesc == NULL) {
-        printf ("Could not open file %s\n", filePath);
-	rv = 400;
-	goto finish;
-    }
-    
-    srv = CMMF_EncodeCertRepContent(certRepContent, WriteItOut, 
-				    (void*)fileDesc);
-    PORT_Assert (srv == SECSuccess);
-    PR_Close(fileDesc);
-    rv = DecodeCMMFCertRepContent(filePath);
-    if (rv != 0) {
-        goto finish;
-    }
-    random = 0xa4e7;
-    caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), 
-				     caCertName);
-    if (caCert == NULL) {
-        printf ("Could not get the certifcate for %s\n", caCertName);
-	rv = 411;
-	goto finish;
-    }
-    repContent = CMMF_CreateKeyRecRepContent();
-    if (repContent == NULL) {
-        printf ("Could not allocate a CMMFKeyRecRepContent structure\n");
-	rv = 407;
-	goto finish;
-    }
-    srv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(repContent, 
-						      cmmfGrantedWithMods);
-    if (srv != SECSuccess) {
-        printf ("Error trying to set PKIStatusInfo for "
-		"CMMFKeyRecRepContent.\n");
-	rv = 406;
-	goto finish;
-    }
-    srv = CMMF_KeyRecRepContentSetNewSignCert(repContent, cert);
-    if (srv != SECSuccess) {
-        printf ("Error trying to set the new signing certificate for "
-		"key recovery\n");
-	rv = 408;
-	goto finish;
-    }
-    srv = CMMF_KeyRecRepContentSetCACerts(repContent, list);
-    if (srv != SECSuccess) {
-        printf ("Errory trying to add the list of CA certs to the "
-		"CMMFKeyRecRepContent structure.\n");
-	rv = 409;
-	goto finish;
-    }
-    privKey = PK11_FindKeyByAnyCert(cert, NULL);
-    if (privKey == NULL) {
-        printf ("Could not get the private key associated with the\n"
-		"certificate %s\n", personalCert);
-	rv = 410;
-	goto finish;
-    }
-    caPubKey = CERT_ExtractPublicKey(caCert);
-    if (caPubKey == NULL) {
-        printf ("Could not extract the public from the "
-		"certificate for \n%s\n", caCertName);
-	rv = 412;
-	goto finish;
-    }
-    CERT_DestroyCertificate(caCert);
-    caCert = NULL;
-    srv = CMMF_KeyRecRepContentSetCertifiedKeyPair(repContent, cert, privKey,
-						   caPubKey);
-    SECKEY_DestroyPrivateKey(privKey);
-    SECKEY_DestroyPublicKey(caPubKey);
-    if (srv != SECSuccess) {
-        printf ("Could not set the Certified Key Pair\n");
-	rv = 413;
-	goto finish;
-    }
-    PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, 
-		"KeyRecRepContent.der");
-    fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, 
-			0666);
-    if (fileDesc == NULL) {
-        printf ("Could not open file %s\n", filePath);
-	rv = 414;
-	goto finish;
-    }
-    
-    srv = CMMF_EncodeKeyRecRepContent(repContent, WriteItOut, 
-				      (void*)fileDesc);
-    PORT_Assert (srv == SECSuccess);
-    PR_Close(fileDesc);
-    CMMF_DestroyKeyRecRepContent(repContent);
-    GetBitsFromFile(filePath, &fileBits);
-    repContent = 
-        CMMF_CreateKeyRecRepContentFromDER(db, (const char *) fileBits.data,
-					   fileBits.len);
-    if (repContent == NULL) {
-        printf ("ERROR: CMMF_CreateKeyRecRepContentFromDER failed on file:\n"
-		"\t%s\n", filePath);
-	rv = 415;
-	goto finish;
-    }
- finish:
-    if (repContent) {
-        CMMF_DestroyKeyRecRepContent(repContent);
-    }
-    if (cert) {
-        CERT_DestroyCertificate(cert);
-    }
-    if (list) {
-        CERT_DestroyCertList(list);
-    }
-    if (certResp) {
-        CMMF_DestroyCertResponse(certResp);
-    }
-    if (certResp2) {
-        CMMF_DestroyCertResponse(certResp2);
-    }
-    if (certRepContent) {
-        CMMF_DestroyCertRepContent(certRepContent);
-    }
-    return rv;
-}
-
-static CK_MECHANISM_TYPE
-mapWrapKeyType(KeyType keyType)
-{
-    switch (keyType) {
-    case rsaKey:
-        return CKM_RSA_PKCS;
-    default:
-        break;
-    }
-    return CKM_INVALID_MECHANISM;
-} 
-
-#define KNOWN_MESSAGE_LENGTH 20 /*160 bits*/
-
-int
-DoKeyRecovery(char *configdir, SECKEYPrivateKey *privKey)
-{
-    SECKEYPublicKey *pubKey;
-    PK11SlotInfo    *slot;
-    CK_OBJECT_HANDLE id;
-    CK_MECHANISM     mech = { CKM_INVALID_MECHANISM, NULL, 0};
-    unsigned char *known_message = (unsigned char*)"Known Crypto Message";
-    unsigned char  plaintext[KNOWN_MESSAGE_LENGTH];
-    char filePath[PATH_LEN];
-    CK_RV            crv;
-    unsigned char   *ciphertext;
-    CK_ULONG         max_bytes_encrypted, bytes_encrypted;
-    unsigned char   *text_compared;
-    CK_ULONG         bytes_compared, bytes_decrypted;
-    SECKEYPrivateKey *unwrappedPrivKey, *caPrivKey;
-    CMMFKeyRecRepContent *keyRecRep;
-    SECStatus rv;
-    CERTCertificate *caCert, *myCert;
-    SECKEYPublicKey *caPubKey;
-    PRFileDesc *fileDesc;
-    SECItem fileBits, nickname;
-    CMMFCertifiedKeyPair *certKeyPair;
-
-    /*caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), 
-				     caCertName);*/
-    myCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert);
-    if (myCert == NULL) {
-        printf ("Could not find the certificate for %s\n", personalCert);
-        return 700;
-    }
-    caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), 
-				     recoveryEncrypter);
-    if (caCert == NULL) {
-        printf ("Could not find the certificate for %s\n", recoveryEncrypter);
-        return 701;
-    }
-    caPubKey = CERT_ExtractPublicKey(caCert);
-    pubKey = SECKEY_ConvertToPublicKey(privKey);
-    max_bytes_encrypted = PK11_GetPrivateModulusLen(privKey);
-    slot = PK11_GetBestSlot(mapWrapKeyType(privKey->keyType), NULL);
-    id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE);
-    switch(privKey->keyType) {
-    case rsaKey:
-        mech.mechanism = CKM_RSA_PKCS;
-	break;
-    case dsaKey:
-        mech.mechanism = CKM_DSA;
-	break;
-    case dhKey:
-        mech.mechanism = CKM_DH_PKCS_DERIVE;
-	break;
-    default:
-        printf ("Bad Key type in key recovery.\n");
-	return 512;
-
-    }
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_EncryptInit(slot->session, &mech, id);
-    if (crv != CKR_OK) {
-        PK11_ExitSlotMonitor(slot);
-	PK11_FreeSlot(slot);
-	printf ("C_EncryptInit failed in KeyRecovery\n");
-	return 500;
-    }
-    ciphertext = PORT_NewArray(unsigned char, max_bytes_encrypted);
-    if (ciphertext == NULL) {
-        PK11_ExitSlotMonitor(slot);
-	PK11_FreeSlot(slot);
-	printf ("Could not allocate memory for ciphertext.\n");
-	return 501;
-    }
-    bytes_encrypted = max_bytes_encrypted;
-    crv = PK11_GETTAB(slot)->C_Encrypt(slot->session, 
-				       known_message,
-				       KNOWN_MESSAGE_LENGTH,
-				       ciphertext,
-				       &bytes_encrypted);
-    PK11_ExitSlotMonitor(slot);
-    PK11_FreeSlot(slot);
-    if (crv != CKR_OK) {
-       PORT_Free(ciphertext);
-       return 502;
-    }
-    /* Always use the smaller of these two values . . . */
-    bytes_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
-                      ? KNOWN_MESSAGE_LENGTH
-                      : bytes_encrypted;
- 
-    /* If there was a failure, the plaintext */
-    /* goes at the end, therefore . . .      */
-    text_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
-                    ? (ciphertext + bytes_encrypted -
-		       KNOWN_MESSAGE_LENGTH )
-                     : ciphertext;  
-
-    keyRecRep = CMMF_CreateKeyRecRepContent();
-    if (keyRecRep == NULL) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	CMMF_DestroyKeyRecRepContent(keyRecRep);
-	printf ("Could not allocate a CMMFKeyRecRepContent structre.\n");
-	return 503;
-    }
-    rv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(keyRecRep,
-						     cmmfGranted);
-    if (rv != SECSuccess) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	CMMF_DestroyKeyRecRepContent(keyRecRep);
-	printf ("Could not set the status for the KeyRecRepContent\n");
-	return 504;
-    }
-    /* The myCert here should correspond to the certificate corresponding
-     * to the private key, but for this test any certificate will do.
-     */
-    rv = CMMF_KeyRecRepContentSetCertifiedKeyPair(keyRecRep, myCert,
-						  privKey, caPubKey);
-    if (rv != SECSuccess) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	CMMF_DestroyKeyRecRepContent(keyRecRep);
-	printf ("Could not set the Certified Key Pair\n");
-	return 505;
-    }
-    PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, 
-		"KeyRecRepContent.der");
-    fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, 
-			0666);
-    if (fileDesc == NULL) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	CMMF_DestroyKeyRecRepContent(keyRecRep);
-        printf ("Could not open file %s\n", filePath);
-	return 506;
-    }
-    rv = CMMF_EncodeKeyRecRepContent(keyRecRep, WriteItOut, fileDesc);
-    CMMF_DestroyKeyRecRepContent(keyRecRep);
-    PR_Close(fileDesc);
-
-    if (rv != SECSuccess) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	printf ("Error while encoding CMMFKeyRecRepContent\n");
-	return 507;
-    }
-    GetBitsFromFile(filePath, &fileBits);
-    if (fileBits.data == NULL) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-        printf ("Could not get the bits from file %s\n", filePath);
-	return 508;
-    }
-    keyRecRep = 
-        CMMF_CreateKeyRecRepContentFromDER(db,(const char*)fileBits.data,
-					   fileBits.len);
-    if (keyRecRep == NULL) {
-        printf ("Could not decode the KeyRecRepContent in file %s\n", 
-		filePath);
-	PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	return 509;
-    }
-    caPrivKey = PK11_FindKeyByAnyCert(caCert, NULL);
-    if (CMMF_KeyRecRepContentGetPKIStatusInfoStatus(keyRecRep) != 
-	                                                      cmmfGranted) {
-        PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	CMMF_DestroyKeyRecRepContent(keyRecRep);
-	printf ("A bad status came back with the "
-		"KeyRecRepContent structure\n");
-	return 510;
-    }
-#define NICKNAME "Key Recovery Test Key"
-    nickname.data = (unsigned char*)NICKNAME;
-    nickname.len  = PORT_Strlen(NICKNAME);
-    certKeyPair = CMMF_KeyRecRepContentGetCertKeyAtIndex(keyRecRep, 0);
-    CMMF_DestroyKeyRecRepContent(keyRecRep);
-    rv = CMMF_CertifiedKeyPairUnwrapPrivKey(certKeyPair,
-					    caPrivKey,
-					    &nickname,
-					    PK11_GetInternalKeySlot(),
-					    db,
-					    &unwrappedPrivKey, NULL);
-    CMMF_DestroyCertifiedKeyPair(certKeyPair);
-    if (rv != SECSuccess) {
-        printf ("Unwrapping the private key failed.\n");
-	return 511;
-    }
-    /*Now let's try to decrypt the ciphertext with the "recovered" key*/
-    PK11_EnterSlotMonitor(slot);
-    crv = 
-      PK11_GETTAB(slot)->C_DecryptInit(unwrappedPrivKey->pkcs11Slot->session,
-				       &mech,
-				       unwrappedPrivKey->pkcs11ID);
-    if (crv != CKR_OK) {
-        PK11_ExitSlotMonitor(slot);
-	PORT_Free(ciphertext);
-	PK11_FreeSlot(slot);
-	printf ("Decrypting with the recovered key failed.\n");
-	return 513;
-    }
-    bytes_decrypted = KNOWN_MESSAGE_LENGTH;
-    crv = PK11_GETTAB(slot)->C_Decrypt(unwrappedPrivKey->pkcs11Slot->session,
-				       ciphertext, 
-				       bytes_encrypted, plaintext,
-				       &bytes_decrypted);
-    SECKEY_DestroyPrivateKey(unwrappedPrivKey);
-    PK11_ExitSlotMonitor(slot);
-    PORT_Free(ciphertext);
-    if (crv != CKR_OK) {
-        PK11_FreeSlot(slot);
-	printf ("Decrypting the ciphertext with recovered key failed.\n");
-	return 514;
-    }
-    if ((bytes_decrypted != KNOWN_MESSAGE_LENGTH) || 
-	(PORT_Memcmp(plaintext, known_message, KNOWN_MESSAGE_LENGTH) != 0)) {
-        PK11_FreeSlot(slot);
-	printf ("The recovered plaintext does not equal the known message:\n"
-		"\tKnown message:       %s\n"
-		"\tRecovered plaintext: %s\n", known_message, plaintext);
-	return 515;
-    }
-    return 0;
-}
-
-int
-DoChallengeResponse(char *configdir, SECKEYPrivateKey *privKey,
-		    SECKEYPublicKey *pubKey)
-{
-    CMMFPOPODecKeyChallContent *chalContent = NULL;
-    CMMFPOPODecKeyRespContent  *respContent = NULL;
-    CERTCertificate            *myCert      = NULL;
-    CERTGeneralName            *myGenName   = NULL;
-    PRArenaPool                *poolp       = NULL;
-    SECItem                     DecKeyChallBits;
-    long                       *randomNums;
-    int                         numChallengesFound=0;
-    int                         numChallengesSet = 1,i;
-    long                        retrieved;
-    char                        filePath[PATH_LEN];
-    RNGContext                 *rng;
-    SECStatus                   rv;
-    PRFileDesc                 *fileDesc;
-    SECItem                    *publicValue, *keyID;
-    SECKEYPrivateKey           *foundPrivKey;
-
-    chalContent = CMMF_CreatePOPODecKeyChallContent();
-    myCert = CERT_FindCertByNickname(db, personalCert);
-    if (myCert == NULL) {
-        printf ("Could not find the certificate for %s\n", personalCert);
-        return 900;
-    }
-    poolp = PORT_NewArena(1024);
-    if (poolp == NULL) {
-        printf("Could no allocate a new arena in DoChallengeResponse\n");
-	return 901;
-    }
-    myGenName = CERT_GetCertificateNames(myCert, poolp);
-    if (myGenName == NULL) {
-        printf ("Could not get the general names for %s certificate\n", 
-		personalCert);
-	return 902;
-    }
-    randomNums = PORT_ArenaNewArray(poolp,long, numChallengesSet);
-    rng = RNG_CreateContext();
-    RNG_GenerateRandomBytes(rng, randomNums, numChallengesSet*sizeof(long));
-    for (i=0; i<numChallengesSet; i++) {
-	rv = CMMF_POPODecKeyChallContentSetNextChallenge(chalContent,
-							 randomNums[i],
-							 myGenName,
-							 pubKey,
-							 NULL);
-    }
-    RNG_DestroyContext(rng, PR_TRUE);
-    if (rv != SECSuccess) {
-        printf ("Could not set the challenge in DoChallengeResponse\n");
-	return 903;
-    }
-    PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyChallContent.der", 
-		configdir);
-    fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
-		       0666);
-    if (fileDesc == NULL) {
-        printf ("Could not open file %s\n", filePath);
-	return 904;
-    }
-    rv = CMMF_EncodePOPODecKeyChallContent(chalContent,WriteItOut, 
-					   (void*)fileDesc);
-    PR_Close(fileDesc);
-    CMMF_DestroyPOPODecKeyChallContent(chalContent);
-    if (rv != SECSuccess) {
-        printf ("Could not encode the POPODecKeyChallContent.\n");
-	return 905;
-    }
-    GetBitsFromFile(filePath, &DecKeyChallBits);
-    chalContent = 
-      CMMF_CreatePOPODecKeyChallContentFromDER
-      ((const char*)DecKeyChallBits.data, DecKeyChallBits.len);
-    PORT_Free(DecKeyChallBits.data);
-    if (chalContent == NULL) {
-        printf ("Could not create the POPODecKeyChallContent from DER\n");
-	return 906;
-    }
-    numChallengesFound = 
-      CMMF_POPODecKeyChallContentGetNumChallenges(chalContent);
-    if (numChallengesFound != numChallengesSet) {
-        printf ("Number of Challenges Found (%d) does not equal the number "
-		"set (%d)\n", numChallengesFound, numChallengesSet);
-	return 907;
-    }
-    for (i=0; i<numChallengesSet; i++) {
-        publicValue = CMMF_POPODecKeyChallContentGetPublicValue(chalContent, i);
-	if (publicValue == NULL) {
-	  printf("Could not get the public value for challenge at index %d\n",
-		 i);
-	  return 908;
-	}
-	keyID = PK11_MakeIDFromPubKey(publicValue);
-	if (keyID == NULL) {
-	    printf ("Could not make the keyID from the public value\n");
-	    return 909;
-	}
-	foundPrivKey = PK11_FindKeyByKeyID(privKey->pkcs11Slot,keyID, NULL);
-	if (foundPrivKey == NULL) {
-	    printf ("Could not find the private key corresponding to the public"
-		    " value.\n");
-	    return 910;
-	}
-	rv = CMMF_POPODecKeyChallContDecryptChallenge(chalContent, i, 
-						      foundPrivKey);
-	if (rv != SECSuccess) {
-	    printf ("Could not decrypt the challenge at index %d\n", i);
-	    return 911;
-	}
-	rv = CMMF_POPODecKeyChallContentGetRandomNumber(chalContent, i, 
-							&retrieved);
-	if (rv != SECSuccess) {
-	    printf ("Could not get the random number from the challenge at "
-		    "index %d\n", i);
-	    return 912;
-	}
-	if (retrieved != randomNums[i]) {
-	    printf ("Retrieved the number (%d), expected (%d)\n", retrieved,
-		    randomNums[i]);
-	    return 913;
-	}
-    }
-    CMMF_DestroyPOPODecKeyChallContent(chalContent);
-    PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyRespContent.der", 
-		configdir);
-    fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
-		       0666);
-    if (fileDesc == NULL) {
-        printf ("Could not open file %s\n", filePath);
-	return 914;
-    }
-    rv = CMMF_EncodePOPODecKeyRespContent(randomNums, numChallengesSet,
-					  WriteItOut, fileDesc);
-    PR_Close(fileDesc);
-    if (rv != 0) {
-        printf ("Could not encode the POPODecKeyRespContent\n");
-	return 915;
-    }
-    GetBitsFromFile(filePath, &DecKeyChallBits);
-    respContent = 
-     CMMF_CreatePOPODecKeyRespContentFromDER((const char*)DecKeyChallBits.data,
-					     DecKeyChallBits.len);
-    if (respContent == NULL) {
-        printf ("Could not decode the contents of the file %s\n", filePath);
-	return 916;
-    }
-    numChallengesFound = 
-         CMMF_POPODecKeyRespContentGetNumResponses(respContent);
-    if (numChallengesFound != numChallengesSet) {
-        printf ("Number of responses found (%d) does not match the number "
-		"of challenges set (%d)\n",
-		numChallengesFound, numChallengesSet);
-	return 917;
-    }
-    for (i=0; i<numChallengesSet; i++) {
-        rv = CMMF_POPODecKeyRespContentGetResponse(respContent, i, &retrieved);
-	if (rv != SECSuccess) {
-	    printf ("Could not retrieve the response at index %d\n", i);
-	    return 918;
-	}
-	if (retrieved != randomNums[i]) {
-	    printf ("Retrieved the number (%ld), expected (%ld)\n", retrieved,
-		    randomNums[i]);
-	    return 919;
-	}
-							  
-    }
-    CMMF_DestroyPOPODecKeyRespContent(respContent);
-    return 0;
-}
-
-char *
-certdb_name_cb(void *arg, int dbVersion)
-{
-    char *configdir = (char *)arg;
-    char *dbver;
-
-    switch (dbVersion) {
-    case 7:
-       dbver = "7";
-       break;
-    case 6:
-       dbver = "6";
-       break;
-    case 5:
-        dbver = "5";
-    case 4:
-    default:
-        dbver = "";
-	break;
-    }
-    return PR_smprintf("%s/cert%s.db", configdir, dbver);
-}
-
-SECStatus
-OpenCertDB(char *configdir)
-{
-    CERTCertDBHandle *certdb;
-    SECStatus         status = SECFailure;
-
-    certdb = PORT_ZNew(CERTCertDBHandle);
-    if (certdb == NULL) {
-        goto loser;
-    }
-    status = CERT_OpenCertDB(certdb, PR_TRUE, certdb_name_cb, configdir);
-    if (status == SECSuccess) {
-        CERT_SetDefaultCertDB(certdb);
-	db = certdb;
-    } else {
-        PORT_Free(certdb);
-    }
- loser:
-    return status;
-}
-
-char *
-keydb_name_cb(void *arg, int dbVersion)
-{
-    char *configdir = (char*) arg;
-    char *dbver;
-
-    switch(dbVersion){
-    case 3:
-        dbver = "3";
-	break;
-    case 2:
-    default:
-        dbver = "";
-	break;
-    }
-    return PR_smprintf("%s/key%s.db", configdir, dbver);
-}
-
-SECStatus
-OpenKeyDB(char *configdir)
-{
-    SECKEYKeyDBHandle *keydb;
-
-    keydb = SECKEY_OpenKeyDB(PR_FALSE, keydb_name_cb, configdir);
-    if (keydb == NULL) {
-        return SECFailure;
-    }
-    SECKEY_SetDefaultKeyDB(keydb);
-    return SECSuccess;
-}
-
-SECStatus
-OpenSecModDB(char *configdir)
-{
-    char *secmodname = PR_smprintf("%d/secmod.db", configdir);
-    if (secmodname == NULL) {
-        return SECFailure;
-    }
-    SECMOD_init(secmodname);
-    return SECSuccess;
-}
-
-void
-CloseHCL(void)
-{
-    CERTCertDBHandle  *certHandle;
-    SECKEYKeyDBHandle *keyHandle;
-    
-    certHandle = CERT_GetDefaultCertDB();
-    if (certHandle) {
-        CERT_ClosePermCertDB(certHandle);
-    }
-    keyHandle = SECKEY_GetDefaultKeyDB();
-    if (keyHandle) {
-        SECKEY_CloseKeyDB(keyHandle);
-    }
-}
-
-SECStatus
-InitHCL(char *configdir)
-{
-    SECStatus status;
-    SECStatus rv = SECFailure;
-
-    RNG_RNGInit();
-    RNG_SystemInfoForRNG();
-
-    status = OpenCertDB(configdir);
-    if (status != SECSuccess) {
-        goto loser;
-    }
-    
-    status = OpenKeyDB(configdir);
-    if (status != SECSuccess) {
-        goto loser;
-    }
-    
-    status = OpenSecModDB(configdir);
-    if (status != SECSuccess) {
-       goto loser;
-    }
-    
-    rv = SECSuccess;
-
- loser:
-    if (rv != SECSuccess) {
-        CloseHCL();
-    }
-    return rv;
-}
-void
-Usage (void)
-{
-    printf ("Usage:\n"
-	    "\tcrmftest -d [Database Directory] -p [Personal Cert]\n"
-	    "\t         -e [Encrypter] -s [CA Certificate]\n\n"
-	    "Database Directory\n"
-	    "\tThis is the directory where the key3.db, cert7.db, and\n"
-	    "\tsecmod.db files are located.  This is also the directory\n"
-	    "\twhere the program will place CRMF/CMMF der files\n"
-	    "Personal Cert\n"
-	    "\tThis is the certificate that already exists in the cert\n"
-	    "\tdatabase to use while encoding the response.  The private\n"
-	    "\tkey associated with the certificate must also exist in the\n"
-	    "\tkey database.\n"
-	    "Encrypter\n"
-	    "\tThis is the certificate to use when encrypting the the \n"
-	    "\tkey recovery response.  The private key for this cert\n"
-	    "\tmust also be present in the key database.\n"
-	    "CA Certificate\n"
-	    "\tThis is the nickname of the certificate to use as the\n"
-	    "\tCA when doing all of the encoding.\n");
-}
-
-int
-main(int argc, char **argv) 
-{
-    CRMFCertRequest *certReq, *certReq2;
-    CRMFCertReqMsg *certReqMsg;
-    CRMFCertReqMsg *secondMsg;
-    char *configdir;
-    int irv;
-    SECStatus rv;
-    SECKEYPrivateKey *privKey;
-    SECKEYPublicKey  *pubKey;
-    int o;
-    PRBool hclInit = PR_FALSE, pArg = PR_FALSE, eArg = PR_FALSE, 
-           sArg = PR_FALSE;
-
-    printf ("\ncrmftest v1.0\n");
-    while (-1 != (o = getopt(argc, argv, "d:p:e:s:"))) {
-        switch(o) {
-	case 'd':
-	    configdir = PORT_Strdup(optarg);
-	    rv = InitHCL(configdir);
-	    if (rv != SECSuccess) {
-	        printf ("InitHCL failed\n");
-		return 101;
-	    }	      
-	    hclInit = PR_TRUE;
-	    break;
-	case 'p':
-	    personalCert = PORT_Strdup(optarg);
-	    if (personalCert == NULL) {
-	        return 603;
-	    }
-	    pArg = PR_TRUE;
-	    break;
-	case 'e':
-	    recoveryEncrypter = PORT_Strdup(optarg);
-	    if (recoveryEncrypter == NULL) {
-	        return 602;
-	    }
-	    eArg = PR_TRUE;
-	    break;
-	case 's':
-	    caCertName = PORT_Strdup(optarg);
-	    if (caCertName == NULL) {
-	        return 604;
-	    }
-	    sArg = PR_TRUE;
-	    break;
-	default:
-	  Usage();
-	  return 601;
-	}
-    }
-    if (!hclInit || !pArg || !eArg || !sArg) {
-        Usage();
-	return 600;
-    }
-
-    InitPKCS11();
-    
-    irv = CreateCertRequest(&certReq, &privKey, &pubKey);
-    if (irv != 0 || certReq == NULL) {
-        goto loser;
-    }
-
-    certReqMsg = CRMF_CreateCertReqMsg();
-    secondMsg  = CRMF_CreateCertReqMsg();
-    CRMF_CertReqMsgSetCertRequest(certReqMsg, certReq);
-    CRMF_CertReqMsgSetCertRequest(secondMsg,  certReq);
-
-    irv = AddProofOfPossession(certReqMsg, privKey, pubKey, crmfSignature);
-    irv = AddProofOfPossession(secondMsg, privKey, pubKey, crmfKeyAgreement);
-    irv = Encode (certReqMsg, secondMsg, configdir);
-    if (irv != 0) {
-        goto loser;
-    }
-    
-    rv = CRMF_DestroyCertRequest (certReq);
-    if (rv != SECSuccess) {
-        printf ("Error when destroy certificate request.\n");
-	irv = 100;
-	goto loser;
-    }
-
-    rv = CRMF_DestroyCertReqMsg(certReqMsg);
-    CRMF_DestroyCertReqMsg(secondMsg);
-
-    irv = Decode (configdir);
-    if (irv != 0) {
-        printf("Error while decoding\n");
-	goto loser;
-    }
-
-    if ((irv = DoCMMFStuff(configdir)) != 0) {
-        printf ("CMMF tests failed.\n");
-	goto loser;
-    }
-
-    if ((irv = DoKeyRecovery(configdir, privKey)) != 0) {
-        printf ("Error doing key recovery\n");
-	goto loser;
-    }
-
-    if ((irv = DoChallengeResponse(configdir, privKey, pubKey)) != 0) {
-        printf ("Error doing challenge-response\n");
-	goto loser;
-    }
-    printf ("Exiting successfully!!!\n\n");
-    irv = 0;
-
- loser:
-    CloseHCL();
-    PORT_Free(configdir);
-    return irv;
-}
diff --git a/security/nss/cmd/dbck/Makefile b/security/nss/cmd/dbck/Makefile
deleted file mode 100644
index 7ca8f0630..000000000
--- a/security/nss/cmd/dbck/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
diff --git a/security/nss/cmd/dbck/dbck.c b/security/nss/cmd/dbck/dbck.c
deleted file mode 100644
index a3f1b9d54..000000000
--- a/security/nss/cmd/dbck/dbck.c
+++ /dev/null
@@ -1,1869 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** dbck.c
-**
-** utility for fixing corrupt cert databases
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-#include "cdbhdl.h"
-#include "certdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-/* placeholders for pointer error types */
-static void *WrongEntry;
-static void *NoNickname;
-static void *NoSMime;
-
-enum {
-    GOBOTH = 0,
-    GORIGHT,
-    GOLEFT
-};
-
-typedef struct
-{
-    PRBool verbose;
-    PRBool dograph;
-    PRFileDesc *out;
-    PRFileDesc *graphfile;
-    int dbErrors[10];
-} dbDebugInfo;
-
-/*
- * A list node for a cert db entry.  The index is a unique identifier
- * to use for creating generic maps of a db.  This struct handles
- * the cert, nickname, and smime db entry types, as all three have a
- * single handle to a subject entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct 
-{
-    PRArenaPool *arena;
-    int index;
-    certDBEntryListNode *pSubject;
-} certDBEntryMap;
-
-/*
- * Subject entry is special case, it has bidirectional handles.  One
- * subject entry can point to several certs (using the same DN), and
- * a nickname and/or smime entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
-    PRArenaPool *arena;
-    int index;
-    int numCerts;
-    certDBEntryListNode **pCerts;
-    certDBEntryListNode *pNickname;
-    certDBEntryListNode *pSMime;
-} certDBSubjectEntryMap;
-
-/*
- * A map of a certdb.
- */
-typedef struct
-{
-    int numCerts;
-    int numSubjects;
-    int numNicknames;
-    int numSMime;
-    certDBEntryListNode certs;      /* pointer to head of cert list */
-    certDBEntryListNode subjects;   /* pointer to head of subject list */
-    certDBEntryListNode nicknames;  /* pointer to head of nickname list */
-    certDBEntryListNode smime;      /* pointer to head of smime list */
-} certDBArray;
-
-/* Cast list to the base element, a certDBEntryListNode. */
-#define LISTNODE_CAST(node) \
-    ((certDBEntryListNode *)(node))
-
-static void 
-Usage(char *progName)
-{
-#define FPS fprintf(stderr, 
-    FPS "Type %s -H for more detailed descriptions\n", progName);
-    FPS "Usage:  %s -D [-d certdir] [-i dbname] [-m] [-v  [-f dumpfile]]\n", 
-	progName);
-    FPS "        %s -R -o newdbname [-d certdir] [-i dbname] [-aprsx] [-v [-f dumpfile]]\n", 
-	progName);
-    exit(-1);
-}
-
-static void
-LongUsage(char *progName)
-{
-    FPS "%-15s Display this help message.\n",
-	"-H");
-    FPS "%-15s Dump analysis.  No changes will be made to the database.\n",
-	"-D");
-    FPS "%-15s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-15s Input cert database name (default is cert7.db)\n",
-	"   -i dbname");
-    FPS "%-15s Mail a graph of the database to certdb@netscape.com.\n",
-	"   -m");
-    FPS "%-15s This will produce an index graph of your cert db and send\n",
-	"");
-    FPS "%-15s it to Netscape for analysis.  Personal info will be removed.\n",
-	"");
-    FPS "%-15s Verbose mode.  Dumps the entire contents of your cert7.db.\n",
-	"   -v");
-    FPS "%-15s File to dump verbose output into.\n",
-	"   -f dumpfile");
-    FPS "%-15s Repair the database.  The program will look for broken\n",
-	"-R");
-    FPS "%-15s dependencies between subject entries and certificates,\n",
-        "");
-    FPS "%-15s between nickname entries and subjects, and between SMIME\n",
-        "");
-    FPS "%-15s profiles and subjects.  Any duplicate entries will be\n",
-        "");
-    FPS "%-15s removed, any missing entries will be created.\n",
-        "");
-    FPS "%-15s File to store new database in (default is new_cert7.db)\n",
-	"   -o newdbname");
-    FPS "%-15s Cert database directory (default is ~/.netscape)\n",
-	"   -d certdir");
-    FPS "%-15s Input cert database name (default is cert7.db)\n",
-	"   -i dbname");
-    FPS "%-15s Prompt before removing any certificates.\n",
-        "   -p");
-    FPS "%-15s Keep all possible certificates.  Only remove certificates\n",
-	"   -a");
-    FPS "%-15s which prevent creation of a consistent database.  Thus any\n",
-	"");
-    FPS "%-15s expired or redundant entries will be kept.\n",
-	"");
-    FPS "%-15s Keep redundant nickname/email entries.  It is possible\n",
-	"   -r");
-    FPS "%-15s only one such entry will be usable.\n",
-	"");
-    FPS "%-15s Don't require an S/MIME profile in order to keep an S/MIME\n",
-	"   -s");
-    FPS "%-15s cert.  An empty profile will be created.\n",
-	"");
-    FPS "%-15s Keep expired certificates.\n",
-	"   -x");
-    FPS "%-15s Verbose mode - report all activity while recovering db.\n",
-	"   -v");
-    FPS "%-15s File to dump verbose output into.\n",
-	"   -f dumpfile");
-    FPS "\n");
-    exit(-1);
-#undef FPS
-}
-
-/*******************************************************************
- *
- *  Functions for dbck.
- *
- ******************************************************************/
-
-void
-printHexString(PRFileDesc *out, SECItem *hexval)
-{
-    int i;
-    for (i = 0; i < hexval->len; i++) {
-	if (i != hexval->len - 1) {
-	    PR_fprintf(out, "%02x:", hexval->data[i]);
-	} else {
-	    PR_fprintf(out, "%02x", hexval->data[i]);
-	}
-    }
-    PR_fprintf(out, "\n");
-}
-
-typedef enum {
-/* 0*/ NoSubjectForCert = 0,
-/* 1*/ SubjectHasNoKeyForCert,
-/* 2*/ NoNicknameOrSMimeForSubject,
-/* 3*/ WrongNicknameForSubject,
-/* 4*/ NoNicknameEntry,
-/* 5*/ WrongSMimeForSubject,
-/* 6*/ NoSMimeEntry,
-/* 7*/ NoSubjectForNickname,
-/* 8*/ NoSubjectForSMime,
-/* 9*/ NicknameAndSMimeEntry
-} dbErrorType;
-
-static char *dbErrorString[] = {
-/* 0*/ "<CERT ENTRY>\nDid not find a subject entry for this certificate.",
-/* 1*/ "<SUBJECT ENTRY>\nSubject has certKey which is not in db.",
-/* 2*/ "<SUBJECT ENTRY>\nSubject does not have a nickname or email address.",
-/* 3*/ "<SUBJECT ENTRY>\nUsing this subject's nickname, found a nickname entry for a different subject.",
-/* 4*/ "<SUBJECT ENTRY>\nDid not find a nickname entry for this subject.",
-/* 5*/ "<SUBJECT ENTRY>\nUsing this subject's email, found an S/MIME entry for a different subject.",
-/* 6*/ "<SUBJECT ENTRY>\nDid not find an S/MIME entry for this subject.",
-/* 7*/ "<NICKNAME ENTRY>\nDid not find a subject entry for this nickname.",
-/* 8*/ "<S/MIME ENTRY>\nDid not find a subject entry for this S/MIME profile.",
-};
-
-SECStatus
-dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile)
-{
-    int userCert = 0;
-    CERTCertTrust *trust = cert->trust;
-    userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
-               (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
-               (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
-    if (num >= 0) {
-	PR_fprintf(outfile, "Certificate: %3d\n", num);
-    } else {
-	PR_fprintf(outfile, "Certificate:\n");
-    }
-    PR_fprintf(outfile, "----------------\n");
-    if (userCert)
-	PR_fprintf(outfile, "(User Cert)\n");
-    PR_fprintf(outfile, "## SUBJECT:  %s\n", cert->subjectName);
-    PR_fprintf(outfile, "## ISSUER:  %s\n", cert->issuerName);
-    PR_fprintf(outfile, "## SERIAL NUMBER:  ");
-    printHexString(outfile, &cert->serialNumber);
-    {  /*  XXX should be separate function.  */
-	int64 timeBefore, timeAfter;
-	PRExplodedTime beforePrintable, afterPrintable;
-	char *beforestr, *afterstr;
-	DER_UTCTimeToTime(&timeBefore, &cert->validity.notBefore);
-	DER_UTCTimeToTime(&timeAfter, &cert->validity.notAfter);
-	PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
-	PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
-	beforestr = PORT_Alloc(100);
-	afterstr = PORT_Alloc(100);
-	PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable);
-	PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable);
-	PR_fprintf(outfile, "## VALIDITY:  %s to %s\n", beforestr, afterstr);
-    }
-    PR_fprintf(outfile, "\n");
-    return SECSuccess;
-}
-
-SECStatus
-dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile)
-{
-    CERTCertificate *cert;
-    cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL);
-    if (!cert) {
-	fprintf(stderr, "Failed to decode certificate.\n");
-	return SECFailure;
-    }
-    cert->trust = &entry->trust;
-    dumpCertificate(cert, num, outfile);
-    CERT_DestroyCertificate(cert);
-    return SECSuccess;
-}
-
-SECStatus
-dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile)
-{
-    char *subjectName;
-    subjectName = CERT_DerNameToAscii(&entry->derSubject);
-    PR_fprintf(outfile, "Subject: %3d\n", num);
-    PR_fprintf(outfile, "------------\n");
-    PR_fprintf(outfile, "## %s\n", subjectName);
-    if (entry->nickname)
-	PR_fprintf(outfile, "## Subject nickname:  %s\n", entry->nickname);
-    if (entry->emailAddr)
-	PR_fprintf(outfile, "## Subject email address:  %s\n", 
-	           entry->emailAddr);
-    PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts);
-    PR_fprintf(outfile, "\n");
-    PORT_Free(subjectName);
-    return SECSuccess;
-}
-
-SECStatus
-dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile)
-{
-    PR_fprintf(outfile, "Nickname: %3d\n", num);
-    PR_fprintf(outfile, "-------------\n");
-    PR_fprintf(outfile, "##  \"%s\"\n\n", entry->nickname);
-    return SECSuccess;
-}
-
-SECStatus
-dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile)
-{
-    PR_fprintf(outfile, "S/MIME Profile: %3d\n", num);
-    PR_fprintf(outfile, "-------------------\n");
-    PR_fprintf(outfile, "##  \"%s\"\n", entry->emailAddr);
-    PR_fprintf(outfile, "##  OPTIONS:  ");
-    printHexString(outfile, &entry->smimeOptions);
-    PR_fprintf(outfile, "##  TIMESTAMP:  ");
-    printHexString(outfile, &entry->optionsDate);
-    PR_fprintf(outfile, "\n");
-    return SECSuccess;
-}
-
-SECStatus
-mapCertEntries(certDBArray *dbArray)
-{
-    certDBEntryCert *certEntry;
-    certDBEntrySubject *subjectEntry;
-    certDBEntryListNode *certNode, *subjNode;
-    certDBSubjectEntryMap *smap;
-    certDBEntryMap *map;
-    PRArenaPool *tmparena;
-    SECItem derSubject;
-    SECItem certKey;
-    PRCList *cElem, *sElem;
-    int i;
-
-    /* Arena for decoded entries */
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (tmparena == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    /* Iterate over cert entries and map them to subject entries. 
-     * NOTE: mapSubjectEntries must be called first to alloc memory
-     * for array of subject->cert map.
-     */
-    for (cElem = PR_LIST_HEAD(&dbArray->certs.link); 
-         cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
-	certNode = LISTNODE_CAST(cElem);
-	certEntry = (certDBEntryCert *)&certNode->entry;
-	map = (certDBEntryMap *)certNode->appData;
-	CERT_NameFromDERCert(&certEntry->derCert, &derSubject);
-	CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey);
-	/*  Loop over found subjects for cert's DN.  */
-	for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
-	     sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
-	    subjNode = LISTNODE_CAST(sElem);
-	    subjectEntry = (certDBEntrySubject *)&subjNode->entry;
-	    if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) {
-		/*  Found matching subject name, create link.  */
-		map->pSubject = subjNode;
-		/*  Make sure subject entry has cert's key.  */
-		for (i=0; i<subjectEntry->ncerts; i++) {
-		    if (SECITEM_ItemsAreEqual(&certKey,
-		                              &subjectEntry->certKeys[i])) {
-			/*  Found matching cert key.  */
-			smap = (certDBSubjectEntryMap *)subjNode->appData;
-			smap->pCerts[i] = certNode;
-			break;
-		    }
-		}
-	    }
-	}
-    }
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return SECSuccess;
-}
-
-SECStatus
-mapSubjectEntries(certDBArray *dbArray)
-{
-    certDBEntrySubject *subjectEntry;
-    certDBEntryNickname *nicknameEntry;
-    certDBEntrySMime *smimeEntry;
-    certDBEntryListNode *subjNode, *nickNode, *smimeNode;
-    certDBSubjectEntryMap *subjMap;
-    certDBEntryMap *nickMap, *smimeMap;
-    PRCList *sElem, *nElem, *mElem;
-
-    for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
-         sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
-	/* Iterate over subject entries and map subjects to nickname
-	 * and smime entries.  The cert<->subject map will be handled
-	 * by a subsequent call to mapCertEntries.
-	 */
-	subjNode = LISTNODE_CAST(sElem);
-	subjectEntry = (certDBEntrySubject *)&subjNode->entry;
-	subjMap = (certDBSubjectEntryMap *)subjNode->appData;
-	/* need to alloc memory here for array of matching certs. */
-	subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena, 
-	                                  subjectEntry->ncerts*sizeof(int));
-	subjMap->numCerts = subjectEntry->ncerts;
-	if (subjectEntry->nickname) {
-	    /* Subject should have a nickname entry, so create a link. */
-	    for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
-	         nElem != &dbArray->nicknames.link; 
-	         nElem = PR_NEXT_LINK(nElem)) {
-		/*  Look for subject's nickname in nickname entries.  */
-		nickNode = LISTNODE_CAST(nElem);
-		nicknameEntry = (certDBEntryNickname *)&nickNode->entry;
-		nickMap = (certDBEntryMap *)nickNode->appData;
-		if (PL_strcmp(subjectEntry->nickname, 
-		              nicknameEntry->nickname) == 0) {
-		    /*  Found a nickname entry for subject's nickname.  */
-		    if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
-		                              &nicknameEntry->subjectName)) {
-			/*  Nickname and subject match.  */
-			subjMap->pNickname = nickNode;
-			nickMap->pSubject = subjNode;
-		    } else {
-			/*  Nickname entry found is for diff. subject.  */
-			subjMap->pNickname = WrongEntry;
-		    }
-		}
-	    }
-	} else {
-	    subjMap->pNickname = NoNickname;
-	}
-	if (subjectEntry->emailAddr) {
-	    /* Subject should have an smime entry, so create a link. */
-	    for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
-	         mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
-		/*  Look for subject's email in S/MIME entries.  */
-		smimeNode = LISTNODE_CAST(mElem);
-		smimeEntry = (certDBEntrySMime *)&smimeNode->entry;
-		smimeMap = (certDBEntryMap *)smimeNode->appData;
-		if (PL_strcmp(subjectEntry->emailAddr, 
-		              smimeEntry->emailAddr) == 0) {
-		    /*  Found a S/MIME entry for subject's email.  */
-		    if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
-		                              &smimeEntry->subjectName)) {
-			/*  S/MIME entry and subject match.  */
-			subjMap->pSMime = smimeNode;
-			smimeMap->pSubject = subjNode;
-		    } else {
-			/*  S/MIME entry found is for diff. subject.  */
-			subjMap->pSMime = WrongEntry;
-		    }
-		}
-	    }
-	} else {
-	    subjMap->pSMime = NoSMime;
-	}
-    }
-    return SECSuccess;
-}
-
-void
-printnode(dbDebugInfo *info, const char *str, int num)
-{
-    if (!info->dograph)
-	return;
-    if (num < 0) {
-	PR_fprintf(info->graphfile, str);
-    } else {
-	PR_fprintf(info->graphfile, str, num);
-    }
-}
-
-PRBool
-map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent)
-{
-    if (mapPtr == NULL) {
-	if (indent > 0)
-	    printnode(info, "                ", -1);
-	if (indent >= 0)
-	    printnode(info, "******************* ", -1);
-	return PR_FALSE;
-    } else if (mapPtr == WrongEntry) {
-	if (indent > 0)
-	    printnode(info, "                  ", -1);
-	if (indent >= 0)
-	    printnode(info, "??????????????????? ", -1);
-	return PR_FALSE;
-    } else {
-	return PR_TRUE;
-    }
-}
-
-/* these call each other */
-void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, 
-                       int direction);
-void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, 
-                          int direction);
-void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, 
-                         int direction, int optindex, int opttype);
-void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, 
-                      int direction);
-
-/* Given an smime entry, print its unique identifier.  If GOLEFT is 
- * specified, print the cert<-subject<-smime map, else just print
- * the smime entry.
- */
-void
-print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction)
-{
-    certDBSubjectEntryMap *subjMap;
-    certDBEntryListNode *subjNode;
-    if (direction == GOLEFT) {
-	/* Need to output subject and cert first, see print_subject_graph */
-	subjNode = smimeMap->pSubject;
-	if (map_handle_is_ok(info, (void *)subjNode, 1)) {
-	    subjMap = (certDBSubjectEntryMap *)subjNode->appData; 
-	    print_subject_graph(info, subjMap, GOLEFT,
-	                        smimeMap->index, certDBEntryTypeSMimeProfile);
-	} else {
-	    printnode(info, "<---- S/MIME   %5d   ", smimeMap->index);
-	}
-    } else {
-	printnode(info, "S/MIME   %5d   ", smimeMap->index);
-    }
-}
-
-/* Given a nickname entry, print its unique identifier.  If GOLEFT is 
- * specified, print the cert<-subject<-nickname map, else just print
- * the nickname entry.
- */
-void
-print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction)
-{
-    certDBSubjectEntryMap *subjMap;
-    certDBEntryListNode *subjNode;
-    if (direction == GOLEFT) {
-	/* Need to output subject and cert first, see print_subject_graph */
-	subjNode = nickMap->pSubject;
-	if (map_handle_is_ok(info, (void *)subjNode, 1)) {
-	    subjMap = (certDBSubjectEntryMap *)subjNode->appData;
-	    print_subject_graph(info, subjMap, GOLEFT,
-	                        nickMap->index, certDBEntryTypeNickname);
-	} else {
-	    printnode(info, "<---- Nickname %5d   ", nickMap->index);
-	}
-    } else {
-	printnode(info, "Nickname %5d   ", nickMap->index);
-    }
-}
-
-/* Given a subject entry, if going right print the graph of the nickname|smime
- * that it maps to (by its unique identifier); and if going left
- * print the list of certs that it points to.
- */
-void
-print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, 
-                    int direction, int optindex, int opttype)
-{
-    certDBEntryMap *map;
-    certDBEntryListNode *node;
-    int i;
-    /* The first line of output always contains the cert id, subject id,
-     * and nickname|smime id.  Subsequent lines may contain additional
-     * cert id's for the subject if going left or both directions.
-     * Ex. of printing the graph for a subject entry:
-     * Cert 3 <- Subject 5 -> Nickname 32
-     * Cert 8 /
-     * Cert 9 /
-     * means subject 5 has 3 certs, 3, 8, and 9, and corresponds
-     * to nickname entry 32.
-     * To accomplish the above, it is required to dump the entire first
-     * line left-to-right, regardless of the input direction, and then
-     * finish up any remaining cert entries.  Hence the code is uglier
-     * than one may expect.
-     */
-    if (direction == GOLEFT || direction == GOBOTH) {
-	/* In this case, nothing should be output until the first cert is
-	 * located and output (cert 3 in the above example).
-	 */
-	if (subjMap->numCerts == 0 || subjMap->pCerts == NULL)
-	    /* XXX uh-oh */
-	    return;
-	/* get the first cert and dump it. */
-	node = subjMap->pCerts[0];
-	if (map_handle_is_ok(info, (void *)node, 0)) {
-	    map = (certDBEntryMap *)node->appData;
-	    /* going left here stops. */
-	    print_cert_graph(info, map, GOLEFT); 
-	}
-	/* Now it is safe to output the subject id. */
-	if (direction == GOLEFT)
-	    printnode(info, "Subject  %5d <---- ", subjMap->index);
-	else /* direction == GOBOTH */
-	    printnode(info, "Subject  %5d ----> ", subjMap->index);
-    }
-    if (direction == GORIGHT || direction == GOBOTH) { 
-	/* Okay, now output the nickname|smime for this subject. */
-	if (direction != GOBOTH) /* handled above */
-	   printnode(info, "Subject  %5d ----> ", subjMap->index);
-	if (subjMap->pNickname) {
-	    node = subjMap->pNickname;
-	    if (map_handle_is_ok(info, (void *)node, 0)) {
-		map = (certDBEntryMap *)node->appData;
-		/* going right here stops. */
-		print_nickname_graph(info, map, GORIGHT);
-	    }
-	}
-	if (subjMap->pSMime) {
-	    node = subjMap->pSMime;
-	    if (map_handle_is_ok(info, (void *)node, 0)) {
-		map = (certDBEntryMap *)node->appData;
-		/* going right here stops. */
-		print_smime_graph(info, map, GORIGHT); 
-	    }
-	}
-	if (!subjMap->pNickname && !subjMap->pSMime) {
-	    printnode(info, "******************* ", -1);
-	}
-    }
-    if (direction != GORIGHT) { /* going right has only one cert */
-	if (opttype == certDBEntryTypeNickname)
-	    printnode(info, "Nickname %5d   ", optindex);
-	else if (opttype == certDBEntryTypeSMimeProfile)
-	    printnode(info, "S/MIME   %5d   ", optindex);
-	for (i=1 /* 1st one already done */; i<subjMap->numCerts; i++) {
-	    printnode(info, "\n", -1); /* start a new line */
-	    node = subjMap->pCerts[i];
-	    if (map_handle_is_ok(info, (void *)node, 0)) {
-		map = (certDBEntryMap *)node->appData;
-		/* going left here stops. */
-		print_cert_graph(info, map, GOLEFT); 
-		printnode(info, "/", -1);
-	    }
-	}
-    }
-}
-
-/* Given a cert entry, print its unique identifer.  If GORIGHT is specified,
- * print the cert->subject->nickname|smime map, else just print
- * the cert entry.
- */
-void
-print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction)
-{
-    certDBSubjectEntryMap *subjMap;
-    certDBEntryListNode *subjNode;
-    if (direction == GOLEFT) {
-	printnode(info, "Cert     %5d <---- ", certMap->index);
-	/* only want cert entry, terminate here. */
-	return;
-    }
-    /* Keep going right then. */
-    printnode(info, "Cert     %5d ----> ", certMap->index);
-    subjNode = certMap->pSubject;
-    if (map_handle_is_ok(info, (void *)subjNode, 0)) {
-	subjMap = (certDBSubjectEntryMap *)subjNode->appData;
-	print_subject_graph(info, subjMap, GORIGHT, -1, -1);
-    }
-}
-
-SECStatus
-computeDBGraph(certDBArray *dbArray, dbDebugInfo *info)
-{
-    PRCList *cElem, *sElem, *nElem, *mElem;
-    certDBEntryListNode *node;
-    certDBEntryMap *map;
-    certDBSubjectEntryMap *subjMap;
-
-    /* Graph is of this form:
-     *
-     * certs:
-     * cert ---> subject ---> (nickname|smime)
-     *
-     * subjects:
-     * cert <--- subject ---> (nickname|smime)
-     *
-     * nicknames and smime:
-     * cert <--- subject <--- (nickname|smime)
-     */
-
-    /* Print cert graph. */
-    for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
-         cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
-	/* Print graph of everything to right of cert entry. */
-	node = LISTNODE_CAST(cElem);
-	map = (certDBEntryMap *)node->appData;
-	print_cert_graph(info, map, GORIGHT);
-	printnode(info, "\n", -1);
-    }
-    printnode(info, "\n", -1);
-
-    /* Print subject graph. */
-    for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
-         sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
-	/* Print graph of everything to both sides of subject entry. */
-	node = LISTNODE_CAST(sElem);
-	subjMap = (certDBSubjectEntryMap *)node->appData;
-	print_subject_graph(info, subjMap, GOBOTH, -1, -1);
-	printnode(info, "\n", -1);
-    }
-    printnode(info, "\n", -1);
-
-    /* Print nickname graph. */
-    for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
-         nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) {
-	/* Print graph of everything to left of nickname entry. */
-	node = LISTNODE_CAST(nElem);
-	map = (certDBEntryMap *)node->appData;
-	print_nickname_graph(info, map, GOLEFT);
-	printnode(info, "\n", -1);
-    }
-    printnode(info, "\n", -1);
-
-    /* Print smime graph. */
-    for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
-         mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
-	/* Print graph of everything to left of smime entry. */
-	node = LISTNODE_CAST(mElem);
-	if (node == NULL) break;
-	map = (certDBEntryMap *)node->appData;
-	print_smime_graph(info, map, GOLEFT);
-	printnode(info, "\n", -1);
-    }
-    printnode(info, "\n", -1);
-
-    return SECSuccess;
-}
-
-/*
- * List the entries in the db, showing handles between entry types.
- */
-void
-verboseOutput(certDBArray *dbArray, dbDebugInfo *info)
-{
-    int i, ref;
-    PRCList *elem;
-    certDBEntryListNode *node;
-    certDBEntryMap *map;
-    certDBSubjectEntryMap *smap;
-    certDBEntrySubject *subjectEntry;
-
-    /* List certs */
-    for (elem = PR_LIST_HEAD(&dbArray->certs.link);
-         elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
-	node = LISTNODE_CAST(elem);
-	map = (certDBEntryMap *)node->appData;
-	dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out);
-	/* walk the cert handle to it's subject entry */
-	if (map_handle_is_ok(info, map->pSubject, -1)) {
-	    smap = (certDBSubjectEntryMap *)map->pSubject->appData;
-	    ref = smap->index;
-	    PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
-	} else {
-	    PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
-	}
-    }
-    /* List subjects */
-    for (elem = PR_LIST_HEAD(&dbArray->subjects.link);
-         elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) {
-	node = LISTNODE_CAST(elem);
-	subjectEntry = (certDBEntrySubject *)&node->entry;
-	smap = (certDBSubjectEntryMap *)node->appData;
-	dumpSubjectEntry(subjectEntry, smap->index, info->out);
-	/* iterate over subject's certs */
-	for (i=0; i<smap->numCerts; i++) {
-	    /* walk each subject handle to it's cert entries */
-	    if (map_handle_is_ok(info, smap->pCerts[i], -1)) {
-		ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index;
-		PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref);
-	    } else {
-		PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i);
-	    }
-	}
-	if (subjectEntry->nickname) {
-	    /* walk each subject handle to it's nickname entry */
-	    if (map_handle_is_ok(info, smap->pNickname, -1)) {
-		ref = ((certDBEntryMap *)smap->pNickname->appData)->index;
-		PR_fprintf(info->out, "-->(nickname %d)\n", ref);
-	    } else {
-		PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n");
-	    }
-	}
-	if (subjectEntry->emailAddr) {
-	    /* walk each subject handle to it's smime entry */
-	    if (map_handle_is_ok(info, smap->pSMime, -1)) {
-		ref = ((certDBEntryMap *)smap->pSMime->appData)->index;
-		PR_fprintf(info->out, "-->(s/mime %d)\n", ref);
-	    } else {
-		PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n");
-	    }
-	}
-	PR_fprintf(info->out, "\n\n");
-    }
-    for (elem = PR_LIST_HEAD(&dbArray->nicknames.link);
-         elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) {
-	node = LISTNODE_CAST(elem);
-	map = (certDBEntryMap *)node->appData;
-	dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index, 
-	                  info->out);
-	if (map_handle_is_ok(info, map->pSubject, -1)) {
-	    ref = ((certDBEntryMap *)map->pSubject->appData)->index;
-	    PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
-	} else {
-	    PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
-	}
-    }
-    for (elem = PR_LIST_HEAD(&dbArray->smime.link);
-         elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) {
-	node = LISTNODE_CAST(elem);
-	map = (certDBEntryMap *)node->appData;
-	dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out);
-	if (map_handle_is_ok(info, map->pSubject, -1)) {
-	    ref = ((certDBEntryMap *)map->pSubject->appData)->index;
-	    PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
-	} else {
-	    PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
-	}
-    }
-    PR_fprintf(info->out, "\n\n");
-}
-
-char *errResult[] = {
-    "Certificate entries that had no subject entry.", 
-    "Certificate entries that had no key in their subject entry.", 
-    "Subject entries that had no nickname or email address.",
-    "Redundant nicknames (subjects with the same nickname).",
-    "Subject entries that had no nickname entry.",
-    "Redundant email addresses (subjects with the same email address).",
-    "Subject entries that had no S/MIME entry.",
-    "Nickname entries that had no subject entry.", 
-    "S/MIME entries that had no subject entry.",
-};
-
-int
-fillDBEntryArray(CERTCertDBHandle *handle, certDBEntryType type, 
-                 certDBEntryListNode *list)
-{
-    PRCList *elem;
-    certDBEntryListNode *node;
-    certDBEntryMap *mnode;
-    certDBSubjectEntryMap *smnode;
-    PRArenaPool *arena;
-    int count = 0;
-    /* Initialize a dummy entry in the list.  The list head will be the
-     * next element, so this element is skipped by for loops.
-     */
-    PR_INIT_CLIST((PRCList *)list);
-    /* Collect all of the cert db entries for this type into a list. */
-    SEC_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList, 
-                          (PRCList *)list);
-    for (elem = PR_LIST_HEAD(&list->link); 
-         elem != &list->link; elem = PR_NEXT_LINK(elem)) {
-	/* Iterate over the entries and ... */
-	node = (certDBEntryListNode *)elem;
-	if (type != certDBEntryTypeSubject) {
-	    arena = PORT_NewArena(sizeof(*mnode));
-	    mnode = (certDBEntryMap *)PORT_ArenaZAlloc(arena, sizeof(*mnode));
-	    mnode->arena = arena;
-	    /* ... assign a unique index number to each node, and ... */
-	    mnode->index = count;
-	    /* ... set the map pointer for the node. */
-	    node->appData = (void *)mnode;
-	} else {
-	    /* allocate some room for the cert pointers also */
-	    arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *));
-	    smnode = (certDBSubjectEntryMap *)
-	              PORT_ArenaZAlloc(arena, sizeof(*smnode));
-	    smnode->arena = arena;
-	    smnode->index = count;
-	    node->appData = (void *)smnode;
-	}
-	count++;
-    }
-    return count;
-}
-
-void
-freeDBEntryList(PRCList *list)
-{
-    PRCList *next, *elem;
-    certDBEntryListNode *node;
-    certDBEntryMap *map;
-
-    for (elem = PR_LIST_HEAD(list); elem != list;) { 
-	next = PR_NEXT_LINK(elem);
-	node = (certDBEntryListNode *)elem;
-	map = (certDBEntryMap *)node->appData;
-	PR_REMOVE_LINK(&node->link);
-	PORT_FreeArena(map->arena, PR_TRUE);
-	PORT_FreeArena(node->entry.common.arena, PR_TRUE);
-	elem = next;
-    }
-}
-
-void
-DBCK_DebugDB(CERTCertDBHandle *handle, PRFileDesc *out, PRFileDesc *mailfile)
-{
-    int i, nCertsFound, nSubjFound, nErr;
-    int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime;
-    PRCList *elem;
-    char c;
-    dbDebugInfo info;
-    certDBArray dbArray;
-
-    PORT_Memset(&dbArray, 0, sizeof(dbArray));
-    PORT_Memset(&info, 0, sizeof(info));
-    info.verbose = (out == NULL) ? PR_FALSE : PR_TRUE ;
-    info.dograph = (mailfile == NULL) ? PR_FALSE : PR_TRUE ;
-    info.out = (out) ? out : PR_STDOUT;
-    info.graphfile = mailfile;
-
-    /*  Fill the array structure with cert/subject/nickname/smime entries.  */
-    dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert, 
-                                        &dbArray.certs);
-    dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject, 
-                                           &dbArray.subjects);
-    dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname, 
-                                            &dbArray.nicknames);
-    dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile, 
-                                        &dbArray.smime);
-
-    /*  Compute the map between the database entries.  */
-    mapSubjectEntries(&dbArray);
-    mapCertEntries(&dbArray);
-    computeDBGraph(&dbArray, &info);
-
-    /*  Store the totals for later reference.  */
-    nCerts = dbArray.numCerts;
-    nSubjects = dbArray.numSubjects;
-    nNicknames = dbArray.numNicknames;
-    nSMime = dbArray.numSMime;
-    nSubjCerts = 0;
-    for (elem = PR_LIST_HEAD(&dbArray.subjects.link);
-         elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) {
-	certDBSubjectEntryMap *smap;
-	smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData;
-	nSubjCerts += smap->numCerts;
-    }
-
-    if (info.verbose) {
-	/*  Dump the database contents.  */
-	verboseOutput(&dbArray, &info);
-    }
-
-    freeDBEntryList(&dbArray.certs.link);
-    freeDBEntryList(&dbArray.subjects.link);
-    freeDBEntryList(&dbArray.nicknames.link);
-    freeDBEntryList(&dbArray.smime.link);
-
-    PR_fprintf(info.out, "\n");
-    PR_fprintf(info.out, "Database statistics:\n");
-    PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n", 
-                          nCerts);
-    PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n", 
-                          nSubjects);
-    PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n", 
-                          nSubjCerts);
-    PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n", 
-                          nNicknames);
-    PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n", 
-                          nSMime);
-    PR_fprintf(info.out, "\n");
-
-    nErr = 0;
-    for (i=0; i<sizeof(errResult)/sizeof(char*); i++) {
-	PR_fprintf(info.out, "E%d: Found %4d %s\n", 
-	           i, info.dbErrors[i], errResult[i]);
-	nErr += info.dbErrors[i];
-    }
-    PR_fprintf(info.out, "--------------\n    Found %4d errors in database.\n", 
-               nErr);
-
-    PR_fprintf(info.out, "\nCertificates:\n");
-    PR_fprintf(info.out, "N0 == N2 + E%d + E%d\n", NoSubjectForCert, 
-                                                   SubjectHasNoKeyForCert);
-    nCertsFound = nSubjCerts +
-                  info.dbErrors[NoSubjectForCert] +
-                  info.dbErrors[SubjectHasNoKeyForCert];
-    c = (nCertsFound == nCerts) ? '=' : '!';
-    PR_fprintf(info.out, "%d %c= %d + %d + %d\n", nCerts, c, nSubjCerts, 
-                  info.dbErrors[NoSubjectForCert],
-                  info.dbErrors[SubjectHasNoKeyForCert]);
-    PR_fprintf(info.out, "\nSubjects:\n");
-    PR_fprintf(info.out, "N1 == N3 + N4 + E%d + E%d + E%d + E%d + E%d - E%d - E%d\n",
-                  NoNicknameOrSMimeForSubject, WrongNicknameForSubject,
-		  NoNicknameEntry, WrongSMimeForSubject, NoSMimeEntry,
-		  NoSubjectForNickname, NoSubjectForSMime);
-    PR_fprintf(info.out, "      - #(subjects with both nickname and S/MIME entries)\n");
-    nSubjFound = nNicknames + nSMime + 
-                 info.dbErrors[NoNicknameOrSMimeForSubject] +
-		 info.dbErrors[WrongNicknameForSubject] +
-		 info.dbErrors[NoNicknameEntry] +
-		 info.dbErrors[WrongSMimeForSubject] +
-                 info.dbErrors[NoSMimeEntry] -
-		 info.dbErrors[NoSubjectForNickname] -
-		 info.dbErrors[NoSubjectForSMime] -
-		 info.dbErrors[NicknameAndSMimeEntry];
-    c = (nSubjFound == nSubjects) ? '=' : '!';
-    PR_fprintf(info.out, "%d %c= %d + %d + %d + %d + %d + %d + %d - %d - %d - %d\n",
-                  nSubjects, c, nNicknames, nSMime,
-                  info.dbErrors[NoNicknameOrSMimeForSubject],
-		  info.dbErrors[WrongNicknameForSubject],
-		  info.dbErrors[NoNicknameEntry],
-		  info.dbErrors[WrongSMimeForSubject],
-                  info.dbErrors[NoSMimeEntry],
-		  info.dbErrors[NoSubjectForNickname],
-		  info.dbErrors[NoSubjectForSMime],
-		  info.dbErrors[NicknameAndSMimeEntry]);
-    PR_fprintf(info.out, "\n");
-}
-
-#ifdef DORECOVER
-enum {
-    dbInvalidCert = 0,
-    dbNoSMimeProfile,
-    dbOlderCert,
-    dbBadCertificate,
-    dbCertNotWrittenToDB
-};
-
-typedef struct dbRestoreInfoStr
-{
-    CERTCertDBHandle *handle;
-    PRBool verbose;
-    PRFileDesc *out;
-    int nCerts;
-    int nOldCerts;
-    int dbErrors[5];
-    PRBool removeType[3];
-    PRBool promptUser[3];
-} dbRestoreInfo;
-
-char *
-IsEmailCert(CERTCertificate *cert)
-{
-    char *email, *tmp1, *tmp2;
-    PRBool isCA;
-    int len;
-
-    if (!cert->subjectName) {
-	return NULL;
-    }
-
-    tmp1 = PORT_Strstr(cert->subjectName, "E=");
-    tmp2 = PORT_Strstr(cert->subjectName, "MAIL=");
-    /* XXX Nelson has cert for KTrilli which does not have either
-     * of above but is email cert (has cert->emailAddr). 
-     */
-    if (!tmp1 && !tmp2 && !cert->emailAddr) {
-	return NULL;
-    }
-
-    /*  Server or CA cert, not personal email.  */
-    isCA = CERT_IsCACert(cert, NULL);
-    if (isCA)
-	return NULL;
-
-    /*  XXX CERT_IsCACert advertises checking the key usage ext.,
-	but doesn't appear to. */
-    /*  Check the key usage extension.  */
-    if (cert->keyUsagePresent) {
-	/*  Must at least be able to sign or encrypt (not neccesarily
-	 *  both if it is one of a dual cert).  
-	 */
-	if (!((cert->rawKeyUsage & KU_DIGITAL_SIGNATURE) || 
-              (cert->rawKeyUsage & KU_KEY_ENCIPHERMENT)))
-	    return NULL;
-
-	/*  CA cert, not personal email.  */
-	if (cert->rawKeyUsage & (KU_KEY_CERT_SIGN | KU_CRL_SIGN))
-	    return NULL;
-    }
-
-    if (cert->emailAddr) {
-	email = PORT_Strdup(cert->emailAddr);
-    } else {
-	if (tmp1)
-	    tmp1 += 2; /* "E="  */
-	else
-	    tmp1 = tmp2 + 5; /* "MAIL=" */
-	len = strcspn(tmp1, ", ");
-	email = (char*)PORT_Alloc(len+1);
-	PORT_Strncpy(email, tmp1, len);
-	email[len] = '\0';
-    }
-
-    return email;
-}
-
-SECStatus
-deleteit(CERTCertificate *cert, void *arg)
-{
-    return SEC_DeletePermCertificate(cert);
-}
-
-/*  Different than DeleteCertificate - has the added bonus of removing
- *  all certs with the same DN.  
- */
-SECStatus
-deleteAllEntriesForCert(CERTCertDBHandle *handle, CERTCertificate *cert,
-                        PRFileDesc *outfile)
-{
-#if 0
-    certDBEntrySubject *subjectEntry;
-    certDBEntryNickname *nicknameEntry;
-    certDBEntrySMime *smimeEntry;
-    int i;
-#endif
-
-    if (outfile) {
-	PR_fprintf(outfile, "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$\n\n");
-	PR_fprintf(outfile, "Deleting redundant certificate:\n");
-	dumpCertificate(cert, -1, outfile);
-    }
-
-    CERT_TraverseCertsForSubject(handle, cert->subjectList, deleteit, NULL);
-#if 0
-    CERT_LockDB(handle);
-    subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
-    /*  It had better be there, or created a bad db.  */
-    PORT_Assert(subjectEntry);
-    for (i=0; i<subjectEntry->ncerts; i++) {
-	DeleteDBCertEntry(handle, &subjectEntry->certKeys[i]);
-    }
-    DeleteDBSubjectEntry(handle, &cert->derSubject);
-    if (subjectEntry->emailAddr) {
-	smimeEntry = ReadDBSMimeEntry(handle, subjectEntry->emailAddr);
-	if (smimeEntry) {
-	    if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
-	                              &smimeEntry->subjectName))
-		/*  Only delete it if it's for this subject!  */
-		DeleteDBSMimeEntry(handle, subjectEntry->emailAddr);
-	    SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
-	}
-    }
-    if (subjectEntry->nickname) {
-	nicknameEntry = ReadDBNicknameEntry(handle, subjectEntry->nickname);
-	if (nicknameEntry) {
-	    if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
-	                              &nicknameEntry->subjectName))
-		/*  Only delete it if it's for this subject!  */
-		DeleteDBNicknameEntry(handle, subjectEntry->nickname);
-	    SEC_DestroyDBEntry((certDBEntry*)nicknameEntry);
-	}
-    }
-    SEC_DestroyDBEntry((certDBEntry*)subjectEntry);
-    CERT_UnlockDB(handle);
-#endif
-    return SECSuccess;
-}
-
-void
-getCertsToDelete(char *numlist, int len, int *certNums, int nCerts)
-{
-    int j, num;
-    char *numstr, *numend, *end;
-
-    numstr = numlist;
-    end = numstr + len - 1;
-    while (numstr != end) {
-	numend = strpbrk(numstr, ", \n");
-	*numend = '\0';
-	if (PORT_Strlen(numstr) == 0)
-	    return;
-	num = PORT_Atoi(numstr);
-	if (numstr == numlist)
-	    certNums[0] = num;
-	for (j=1; j<nCerts+1; j++) {
-	    if (num == certNums[j]) {
-		certNums[j] = -1;
-		break;
-	    }
-	}
-	if (numend == end)
-	    break;
-	numstr = strpbrk(numend+1, "0123456789");
-    }
-}
-
-PRBool
-userSaysDeleteCert(CERTCertificate **certs, int nCerts,
-                   int errtype, dbRestoreInfo *info, int *certNums)
-{
-    char response[32];
-    int32 nb;
-    int i;
-    /*  User wants to remove cert without prompting.  */
-    if (info->promptUser[errtype] == PR_FALSE)
-	return (info->removeType[errtype]);
-    switch (errtype) {
-    case dbInvalidCert:
-	PR_fprintf(PR_STDOUT, "********  Expired ********\n");
-	PR_fprintf(PR_STDOUT, "Cert has expired.\n\n");
-	dumpCertificate(certs[0], -1, PR_STDOUT);
-	PR_fprintf(PR_STDOUT,
-	           "Keep it? (y/n - this one, Y/N - all expired certs) [n] ");
-	break;
-    case dbNoSMimeProfile:
-	PR_fprintf(PR_STDOUT, "********  No Profile ********\n");
-	PR_fprintf(PR_STDOUT, "S/MIME cert has no profile.\n\n");
-	dumpCertificate(certs[0], -1, PR_STDOUT);
-	PR_fprintf(PR_STDOUT,
-	      "Keep it? (y/n - this one, Y/N - all S/MIME w/o profile) [n] ");
-	break;
-    case dbOlderCert:
-	PR_fprintf(PR_STDOUT, "*******  Redundant nickname/email *******\n\n");
-	PR_fprintf(PR_STDOUT, "These certs have the same nickname/email:\n");
-	for (i=0; i<nCerts; i++)
-	    dumpCertificate(certs[i], i, PR_STDOUT);
-	PR_fprintf(PR_STDOUT, 
-	"Enter the certs you would like to keep from those listed above.\n");
-	PR_fprintf(PR_STDOUT, 
-	"Use a comma-separated list of the cert numbers (ex. 0, 8, 12).\n");
-	PR_fprintf(PR_STDOUT, 
-	"The first cert in the list will be the primary cert\n");
-	PR_fprintf(PR_STDOUT, 
-	" accessed by the nickname/email handle.\n");
-	PR_fprintf(PR_STDOUT, 
-	"List cert numbers to keep here, or hit enter\n");
-	PR_fprintf(PR_STDOUT, 
-	" to always keep only the newest cert:  ");
-	break;
-    default:
-    }
-    nb = PR_Read(PR_STDIN, response, sizeof(response));
-    PR_fprintf(PR_STDOUT, "\n\n");
-    if (errtype == dbOlderCert) {
-	if (!isdigit(response[0])) {
-	    info->promptUser[errtype] = PR_FALSE;
-	    info->removeType[errtype] = PR_TRUE;
-	    return PR_TRUE;
-	}
-	getCertsToDelete(response, nb, certNums, nCerts);
-	return PR_TRUE;
-    }
-    /*  User doesn't want to be prompted for this type anymore.  */
-    if (response[0] == 'Y') {
-	info->promptUser[errtype] = PR_FALSE;
-	info->removeType[errtype] = PR_FALSE;
-	return PR_FALSE;
-    } else if (response[0] == 'N') {
-	info->promptUser[errtype] = PR_FALSE;
-	info->removeType[errtype] = PR_TRUE;
-	return PR_TRUE;
-    }
-    return (response[0] != 'y') ? PR_TRUE : PR_FALSE;
-}
-
-SECStatus
-addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info, 
-            CERTCertDBHandle *oldhandle)
-{
-    SECStatus rv = SECSuccess;
-    PRBool allowOverride;
-    PRBool userCert;
-    SECCertTimeValidity validity;
-    CERTCertificate *oldCert = NULL;
-    CERTCertificate *dbCert = NULL;
-    CERTCertificate *newCert = NULL;
-    CERTCertTrust *trust;
-    certDBEntrySMime *smimeEntry = NULL;
-    char *email = NULL;
-    char *nickname = NULL;
-    int nCertsForSubject = 1;
-
-    oldCert = CERT_DecodeDERCertificate(&certEntry->derCert, PR_FALSE,
-                                        certEntry->nickname);
-    if (!oldCert) {
-	info->dbErrors[dbBadCertificate]++;
-	SEC_DestroyDBEntry((certDBEntry*)certEntry);
-	return SECSuccess;
-    }
-
-    oldCert->dbEntry = certEntry;
-    oldCert->trust = &certEntry->trust;
-    oldCert->dbhandle = oldhandle;
-
-    trust = oldCert->trust;
-
-    info->nOldCerts++;
-
-    if (info->verbose)
-	PR_fprintf(info->out, "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n\n");
-
-    if (oldCert->nickname)
-	nickname = PORT_Strdup(oldCert->nickname);
-
-    /*  Always keep user certs.  Skip ahead.  */
-    /*  XXX if someone sends themselves a signed message, it is possible
-	for their cert to be imported as an "other" cert, not a user cert.
-	this mucks with smime entries...  */
-    userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
-               (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
-               (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
-    if (userCert)
-	goto createcert;
-
-    /*  If user chooses so, ignore expired certificates.  */
-    allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) ||
-                         (oldCert->keyUsage == certUsageSSLServerWithStepUp));
-    validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride);
-    /*  If cert expired and user wants to delete it, ignore it. */
-    if ((validity != secCertTimeValid) && 
-	 userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) {
-	info->dbErrors[dbInvalidCert]++;
-	if (info->verbose) {
-	    PR_fprintf(info->out, "Deleting expired certificate:\n");
-	    dumpCertificate(oldCert, -1, info->out);
-	}
-	goto cleanup;
-    }
-
-    /*  New database will already have default certs, don't attempt
-	to overwrite them.  */
-    dbCert = CERT_FindCertByDERCert(info->handle, &oldCert->derCert);
-    if (dbCert) {
-	info->nCerts++;
-	if (info->verbose) {
-	    PR_fprintf(info->out, "Added certificate to database:\n");
-	    dumpCertificate(oldCert, -1, info->out);
-	}
-	goto cleanup;
-    }
-    
-    /*  Determine if cert is S/MIME and get its email if so.  */
-    email = IsEmailCert(oldCert);
-
-    /*
-	XXX  Just create empty profiles?
-    if (email) {
-	SECItem *profile = CERT_FindSMimeProfile(oldCert);
-	if (!profile &&
-	    userSaysDeleteCert(&oldCert, 1, dbNoSMimeProfile, info, 0)) {
-	    info->dbErrors[dbNoSMimeProfile]++;
-	    if (info->verbose) {
-		PR_fprintf(info->out, 
-		           "Deleted cert missing S/MIME profile.\n");
-		dumpCertificate(oldCert, -1, info->out);
-	    }
-	    goto cleanup;
-	} else {
-	    SECITEM_FreeItem(profile);
-	}
-    }
-    */
-
-createcert:
-
-    /*  Sometimes happens... */
-    if (!nickname && userCert)
-	nickname = PORT_Strdup(oldCert->subjectName);
-
-    /*  Create a new certificate, copy of the old one.  */
-    newCert = CERT_NewTempCertificate(info->handle, &oldCert->derCert, 
-                                      nickname, PR_FALSE, PR_TRUE);
-    if (!newCert) {
-	PR_fprintf(PR_STDERR, "Unable to create new certificate.\n");
-	dumpCertificate(oldCert, -1, PR_STDERR);
-	info->dbErrors[dbBadCertificate]++;
-	goto cleanup;
-    }
-
-    /*  Add the cert to the new database.  */
-    rv = CERT_AddTempCertToPerm(newCert, nickname, oldCert->trust);
-    if (rv) {
-	PR_fprintf(PR_STDERR, "Failed to write temp cert to perm database.\n");
-	dumpCertificate(oldCert, -1, PR_STDERR);
-	info->dbErrors[dbCertNotWrittenToDB]++;
-	goto cleanup;
-    }
-
-    if (info->verbose) {
-	PR_fprintf(info->out, "Added certificate to database:\n");
-	dumpCertificate(oldCert, -1, info->out);
-    }
-
-    /*  If the cert is an S/MIME cert, and the first with it's subject,
-     *  modify the subject entry to include the email address,
-     *  CERT_AddTempCertToPerm does not do email addresses and S/MIME entries.
-     */
-    if (smimeEntry) { /*&& !userCert && nCertsForSubject == 1) { */
-#if 0
-	UpdateSubjectWithEmailAddr(newCert, email);
-#endif
-	SECItem emailProfile, profileTime;
-	rv = CERT_FindFullSMimeProfile(oldCert, &emailProfile, &profileTime);
-	/*  calls UpdateSubjectWithEmailAddr  */
-	if (rv == SECSuccess)
-	    rv = CERT_SaveSMimeProfile(newCert, &emailProfile, &profileTime);
-    }
-
-    info->nCerts++;
-
-cleanup:
-
-    if (nickname)
-	PORT_Free(nickname);
-    if (email)
-	PORT_Free(email);
-    if (oldCert)
-	CERT_DestroyCertificate(oldCert);
-    if (dbCert)
-	CERT_DestroyCertificate(dbCert);
-    if (newCert)
-	CERT_DestroyCertificate(newCert);
-    if (smimeEntry)
-	SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
-    return SECSuccess;
-}
-
-#if 0
-SECStatus
-copyDBEntry(SECItem *data, SECItem *key, certDBEntryType type, void *pdata)
-{
-    SECStatus rv;
-    CERTCertDBHandle *newdb = (CERTCertDBHandle *)pdata;
-    certDBEntryCommon common;
-    SECItem dbkey;
-
-    common.type = type;
-    common.version = CERT_DB_FILE_VERSION;
-    common.flags = data->data[2];
-    common.arena = NULL;
-
-    dbkey.len = key->len + SEC_DB_KEY_HEADER_LEN;
-    dbkey.data = (unsigned char *)PORT_Alloc(dbkey.len*sizeof(unsigned char));
-    PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], key->data, key->len);
-    dbkey.data[0] = type;
-
-    rv = WriteDBEntry(newdb, &common, &dbkey, data);
-
-    PORT_Free(dbkey.data);
-    return rv;
-}
-#endif
-
-int
-certIsOlder(CERTCertificate **cert1, CERTCertificate** cert2)
-{
-    return !CERT_IsNewer(*cert1, *cert2);
-}
-
-int
-findNewestSubjectForEmail(CERTCertDBHandle *handle, int subjectNum,
-                          certDBArray *dbArray, dbRestoreInfo *info,
-                          int *subjectWithSMime, int *smimeForSubject)
-{
-    int newestSubject;
-    int subjectsForEmail[50];
-    int i, j, ns, sNum;
-    certDBEntryListNode *subjects = &dbArray->subjects;
-    certDBEntryListNode *smime = &dbArray->smime;
-    certDBEntrySubject *subjectEntry1, *subjectEntry2;
-    certDBEntrySMime *smimeEntry;
-    CERTCertificate **certs;
-    CERTCertificate *cert;
-    CERTCertTrust *trust;
-    PRBool userCert;
-    int *certNums;
-
-    ns = 0;
-    subjectEntry1 = (certDBEntrySubject*)&subjects.entries[subjectNum];
-    subjectsForEmail[ns++] = subjectNum;
-
-    *subjectWithSMime = -1;
-    *smimeForSubject = -1;
-    newestSubject = subjectNum;
-
-    cert = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
-    if (cert) {
-	trust = cert->trust;
-	userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
-	          (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
-	         (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
-	CERT_DestroyCertificate(cert);
-    }
-
-    /*  Loop over the remaining subjects.  */
-    for (i=subjectNum+1; i<subjects.numEntries; i++) {
-	subjectEntry2 = (certDBEntrySubject*)&subjects.entries[i];
-	if (!subjectEntry2)
-	    continue;
-	if (subjectEntry2->emailAddr && 
-	     PORT_Strcmp(subjectEntry1->emailAddr, 
-	                 subjectEntry2->emailAddr) == 0) {
-	    /*  Found a subject using the same email address.  */
-	    subjectsForEmail[ns++] = i;
-	}
-    }
-
-    /*  Find the S/MIME entry for this email address.  */
-    for (i=0; i<smime.numEntries; i++) {
-	smimeEntry = (certDBEntrySMime*)&smime.entries[i];
-	if (smimeEntry->common.arena == NULL)
-	    continue;
-	if (PORT_Strcmp(subjectEntry1->emailAddr, smimeEntry->emailAddr) == 0) {
-	    /*  Find which of the subjects uses this S/MIME entry.  */
-	    for (j=0; j<ns && *subjectWithSMime < 0; j++) {
-		sNum = subjectsForEmail[j];
-		subjectEntry2 = (certDBEntrySubject*)&subjects.entries[sNum];
-		if (SECITEM_ItemsAreEqual(&smimeEntry->subjectName,
-		                          &subjectEntry2->derSubject)) {
-		    /*  Found the subject corresponding to the S/MIME entry. */
-		    *subjectWithSMime = sNum;
-		    *smimeForSubject = i;
-		}
-	    }
-	    SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
-	    PORT_Memset(smimeEntry, 0, sizeof(certDBEntry));
-	    break;
-	}
-    }
-
-    if (ns <= 1)
-	return subjectNum;
-
-    if (userCert)
-	return *subjectWithSMime;
-
-    /*  Now find which of the subjects has the newest cert.  */
-    certs = (CERTCertificate**)PORT_Alloc(ns*sizeof(CERTCertificate*));
-    certNums = (int*)PORT_Alloc((ns+1)*sizeof(int));
-    certNums[0] = 0;
-    for (i=0; i<ns; i++) {
-	sNum = subjectsForEmail[i];
-	subjectEntry1 = (certDBEntrySubject*)&subjects.entries[sNum];
-	certs[i] = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
-	certNums[i+1] = i;
-    }
-    /*  Sort the array by validity.  */
-    qsort(certs, ns, sizeof(CERTCertificate*), 
-          (int (*)(const void *, const void *))certIsOlder);
-    newestSubject = -1;
-    for (i=0; i<ns; i++) {
-	sNum = subjectsForEmail[i];
-	subjectEntry1 = (certDBEntrySubject*)&subjects.entries[sNum];
-	if (SECITEM_ItemsAreEqual(&subjectEntry1->derSubject,
-	                          &certs[0]->derSubject))
-	    newestSubject = sNum;
-	else
-	    SEC_DestroyDBEntry((certDBEntry*)subjectEntry1);
-    }
-    if (info && userSaysDeleteCert(certs, ns, dbOlderCert, info, certNums)) {
-	for (i=1; i<ns+1; i++) {
-	    if (certNums[i] >= 0 && certNums[i] != certNums[0]) {
-		deleteAllEntriesForCert(handle, certs[certNums[i]], info->out);
-		info->dbErrors[dbOlderCert]++;
-	    }
-	}
-    }
-    CERT_DestroyCertArray(certs, ns);
-    return newestSubject;
-}
-
-CERTCertDBHandle *
-DBCK_ReconstructDBFromCerts(CERTCertDBHandle *oldhandle, char *newdbname,
-                            PRFileDesc *outfile, PRBool removeExpired,
-                            PRBool requireProfile, PRBool singleEntry,
-                            PRBool promptUser)
-{
-    SECStatus rv;
-    dbRestoreInfo info;
-    certDBEntryContentVersion *oldContentVersion;
-    certDBArray dbArray;
-    int i;
-
-    PORT_Memset(&dbArray, 0, sizeof(dbArray));
-    PORT_Memset(&info, 0, sizeof(info));
-    info.verbose = (outfile) ? PR_TRUE : PR_FALSE;
-    info.out = (outfile) ? outfile : PR_STDOUT;
-    info.removeType[dbInvalidCert] = removeExpired;
-    info.removeType[dbNoSMimeProfile] = requireProfile;
-    info.removeType[dbOlderCert] = singleEntry;
-    info.promptUser[dbInvalidCert]  = promptUser;
-    info.promptUser[dbNoSMimeProfile]  = promptUser;
-    info.promptUser[dbOlderCert]  = promptUser;
-
-    /*  Allocate a handle to fill with CERT_OpenCertDB below.  */
-    info.handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
-    if (!info.handle) {
-	fprintf(stderr, "unable to get database handle");
-	return NULL;
-    }
-
-    /*  Create a certdb with the most recent set of roots.  */
-    rv = CERT_OpenCertDBFilename(info.handle, newdbname, PR_FALSE);
-
-    if (rv) {
-	fprintf(stderr, "could not open certificate database");
-	goto loser;
-    }
-
-    /*  Create certificate, subject, nickname, and email records.
-     *  mcom_db seems to have a sequential access bug.  Though reads and writes
-     *  should be allowed during traversal, they seem to screw up the sequence.
-     *  So, stuff all the cert entries into an array, and loop over the array
-     *  doing read/writes in the db.
-     */
-    fillDBEntryArray(oldhandle, certDBEntryTypeCert, &dbArray.certs);
-    for (elem = PR_LIST_HEAD(&dbArray->certs.link);
-         elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
-	node = LISTNODE_CAST(elem);
-	addCertToDB((certDBEntryCert*)&node->entry, &info, oldhandle);
-	/* entries get destroyed in addCertToDB */
-    }
-#if 0
-    rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeSMimeProfile, 
-                               copyDBEntry, info.handle);
-#endif
-
-    /*  Fix up the pointers between (nickname|S/MIME) --> (subject).
-     *  Create S/MIME entries for S/MIME certs.
-     *  Have the S/MIME entry point to the last-expiring cert using
-     *  an email address.
-     */
-#if 0
-    CERT_RedoHandlesForSubjects(info.handle, singleEntry, &info);
-#endif
-
-    freeDBEntryList(&dbArray.certs.link);
-
-    /*  Copy over the version record.  */
-    /*  XXX Already exists - and _must_ be correct... */
-    /*
-    versionEntry = ReadDBVersionEntry(oldhandle);
-    rv = WriteDBVersionEntry(info.handle, versionEntry);
-    */
-
-    /*  Copy over the content version record.  */
-    /*  XXX Can probably get useful info from old content version?
-     *      Was this db created before/after this tool?  etc.
-     */
-#if 0
-    oldContentVersion = ReadDBContentVersionEntry(oldhandle);
-    CERT_SetDBContentVersion(oldContentVersion->contentVersion, info.handle); 
-#endif
-
-#if 0
-    /*  Copy over the CRL & KRL records.  */
-    rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeRevocation, 
-                               copyDBEntry, info.handle);
-    /*  XXX Only one KRL, just do db->get? */
-    rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeKeyRevocation, 
-                               copyDBEntry, info.handle);
-#endif
-
-    PR_fprintf(info.out, "Database had %d certificates.\n", info.nOldCerts);
-
-    PR_fprintf(info.out, "Reconstructed %d certificates.\n", info.nCerts);
-    PR_fprintf(info.out, "(ax) Rejected %d expired certificates.\n", 
-                       info.dbErrors[dbInvalidCert]);
-    PR_fprintf(info.out, "(as) Rejected %d S/MIME certificates missing a profile.\n", 
-                       info.dbErrors[dbNoSMimeProfile]);
-    PR_fprintf(info.out, "(ar) Rejected %d certificates for which a newer certificate was found.\n", 
-                       info.dbErrors[dbOlderCert]);
-    PR_fprintf(info.out, "     Rejected %d corrupt certificates.\n", 
-                       info.dbErrors[dbBadCertificate]);
-    PR_fprintf(info.out, "     Rejected %d certificates which did not write to the DB.\n", 
-                       info.dbErrors[dbCertNotWrittenToDB]);
-
-    if (rv)
-	goto loser;
-
-    return info.handle;
-
-loser:
-    if (info.handle) 
-	PORT_Free(info.handle);
-    return NULL;
-}
-#endif /* DORECOVER */
-
-enum {
-    cmd_Debug = 0,
-    cmd_LongUsage,
-    cmd_Recover
-};
-
-enum {
-    opt_KeepAll = 0,
-    opt_CertDir,
-    opt_Dumpfile,
-    opt_InputDB,
-    opt_OutputDB,
-    opt_Mailfile,
-    opt_Prompt,
-    opt_KeepRedundant,
-    opt_KeepNoSMimeProfile,
-    opt_Verbose,
-    opt_KeepExpired
-};
-
-static secuCommandFlag dbck_commands[] =
-{
-    { /* cmd_Debug,    */  'D', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_LongUsage,*/  'H', PR_FALSE, 0, PR_FALSE },
-    { /* cmd_Recover,  */  'R', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag dbck_options[] =
-{
-    { /* opt_KeepAll,           */  'a', PR_FALSE, 0, PR_FALSE },
-    { /* opt_CertDir,           */  'd', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Dumpfile,          */  'f', PR_TRUE,  0, PR_FALSE },
-    { /* opt_InputDB,           */  'i', PR_TRUE,  0, PR_FALSE },
-    { /* opt_OutputDB,          */  'o', PR_TRUE,  0, PR_FALSE },
-    { /* opt_Mailfile,          */  'm', PR_FALSE, 0, PR_FALSE },
-    { /* opt_Prompt,            */  'p', PR_FALSE, 0, PR_FALSE },
-    { /* opt_KeepRedundant,     */  'r', PR_FALSE, 0, PR_FALSE },
-    { /* opt_KeepNoSMimeProfile,*/  's', PR_FALSE, 0, PR_FALSE },
-    { /* opt_Verbose,           */  'v', PR_FALSE, 0, PR_FALSE },
-    { /* opt_KeepExpired,       */  'x', PR_FALSE, 0, PR_FALSE }
-};
-
-int 
-main(int argc, char **argv)
-{
-    CERTCertDBHandle *certHandle;
-
-    PRFileInfo fileInfo;
-    PRFileDesc *mailfile = NULL;
-    PRFileDesc *dumpfile = NULL;
-
-    char * pathname     = 0;
-    char * fullname     = 0;
-    char * newdbname    = 0;
-
-    PRBool removeExpired, requireProfile, singleEntry;
-    
-    SECStatus rv;
-
-    secuCommand dbck;
-    dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag);
-    dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag);
-    dbck.commands = dbck_commands;
-    dbck.options = dbck_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = SECU_ParseCommandLine(argc, argv, progName, &dbck);
-
-    if (rv != SECSuccess)
-	Usage(progName);
-
-    if (dbck.commands[cmd_LongUsage].activated)
-	LongUsage(progName);
-
-    if (!dbck.commands[cmd_Debug].activated &&
-        !dbck.commands[cmd_Recover].activated) {
-	PR_fprintf(PR_STDERR, "Please specify -D or -R.\n");
-	Usage(progName);
-    }
-
-    removeExpired = !(dbck.options[opt_KeepAll].activated ||
-                      dbck.options[opt_KeepExpired].activated);
-
-    requireProfile = !(dbck.options[opt_KeepAll].activated ||
-                    dbck.options[opt_KeepNoSMimeProfile].activated);
-
-    singleEntry = !(dbck.options[opt_KeepAll].activated ||
-                    dbck.options[opt_KeepRedundant].activated);
-
-    if (dbck.options[opt_OutputDB].activated) {
-	newdbname = PL_strdup(dbck.options[opt_OutputDB].arg);
-    } else {
-	newdbname = PL_strdup("new_cert7.db");
-    }
-
-    /*  Create a generic graph of the database.  */
-    if (dbck.options[opt_Mailfile].activated) {
-	mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660);
-	if (!mailfile) {
-	    fprintf(stderr, "Unable to create mailfile.\n");
-	    return -1;
-	}
-    }
-
-    /*  Dump all debugging info while running.  */
-    if (dbck.options[opt_Verbose].activated) {
-	if (dbck.options[opt_Dumpfile].activated) {
-	    dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg,
-	                       PR_RDWR | PR_CREATE_FILE, 00660);
-	}
-	if (!dumpfile) {
-	    fprintf(stderr, "Unable to create dumpfile.\n");
-	    return -1;
-	}
-    }
-
-    /*  Set the cert database directory.  */
-    if (dbck.options[opt_CertDir].activated) {
-	SECU_ConfigDirectory(dbck.options[opt_CertDir].arg);
-    }
-
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    SEC_Init();
-
-    certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
-    if (!certHandle) {
-	SECU_PrintError(progName, "unable to get database handle");
-	return -1;
-    }
-
-    /*  Open the possibly corrupt database.  */
-    if (dbck.options[opt_InputDB].activated) {
-	pathname = SECU_ConfigDirectory(NULL);
-	fullname = PR_smprintf("%s/%s", pathname, 
-	                                dbck.options[opt_InputDB].arg);
-	if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
-	    fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
-	    return -1;
-	}
-	rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE);
-    } else {
-	/*  Use the default.  */
-	fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION);
-	if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
-	    fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
-	    return -1;
-	}
-	rv = CERT_OpenCertDB(certHandle, PR_TRUE, 
-	                     SECU_CertDBNameCallback, NULL);
-    }
-
-    if (rv) {
-	SECU_PrintError(progName, "unable to open cert database");
-	return -1;
-    }
-
-    if (dbck.commands[cmd_Debug].activated) {
-	DBCK_DebugDB(certHandle, dumpfile, mailfile);
-	return 0;
-    }
-
-#ifdef DORECOVER
-    if (dbck.commands[cmd_Recover].activated) {
-	DBCK_ReconstructDBFromCerts(certHandle, newdbname,
-	                            dumpfile, removeExpired, 
-	                            requireProfile, singleEntry, 
-	                            dbck.options[opt_Prompt].activated);
-	return 0;
-    }
-#endif
-
-    if (mailfile)
-	PR_Close(mailfile);
-    if (dumpfile)
-	PR_Close(dumpfile);
-    if (certHandle) {
-	CERT_ClosePermCertDB(certHandle);
-	PORT_Free(certHandle);
-    }
-    return -1;
-}
diff --git a/security/nss/cmd/dbck/manifest.mn b/security/nss/cmd/dbck/manifest.mn
deleted file mode 100644
index 8424f819d..000000000
--- a/security/nss/cmd/dbck/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20 
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-CSRCS = \
-	dbck.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = dbck
diff --git a/security/nss/cmd/dbtest/Makefile b/security/nss/cmd/dbtest/Makefile
deleted file mode 100644
index 0d4b54c29..000000000
--- a/security/nss/cmd/dbtest/Makefile
+++ /dev/null
@@ -1,86 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-ifdef XP_OS2_VACPP
-CFLAGS += -I../modutil
-endif
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET)))  # omits WINCE
-ifndef BUILD_OPT
-LDFLAGS   +=  /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/dbtest/dbtest.c b/security/nss/cmd/dbtest/dbtest.c
deleted file mode 100644
index 047b86f28..000000000
--- a/security/nss/cmd/dbtest/dbtest.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * Sonja Mirtitsch Sun Microsystems
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** dbtest.c
-**
-** QA test for cert and key databases, especially to open
-** database readonly (NSS_INIT_READONLY) and force initializations
-** even if the databases cannot be opened (NSS_INIT_FORCEOPEN)
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "certdb.h"
-#include "nss.h"
-#include "../modutil/modutil.h"
-
-#include "plgetopt.h"
-
-static char *progName;
-
-char *dbDir  =  NULL;
-
-static char *dbName[]={"secmod.db", "cert7.db", "key3.db"}; 
-static char* dbprefix = "";
-static char* secmodName = "secmod.db";
-PRBool verbose;
-
-
-static void Usage(const char *progName)
-{
-    printf("Usage:  %s [-r] [-f] [-d dbdir ] \n",
-         progName);
-    printf("%-20s open database readonly (NSS_INIT_READONLY)\n", "-r");
-    printf("%-20s Continue to force initializations even if the\n", "-f");
-    printf("%-20s databases cannot be opened (NSS_INIT_FORCEOPEN)\n", " ");
-    printf("%-20s Directory with cert database (default is .\n",
-          "-d certdir");
-    exit(1);
-}
-
-int main(int argc, char **argv)
-{
-    PLOptState *optstate;
-    PLOptStatus optstatus;
-
-    PRUint32 flags = 0;
-    PRBool             useCommandLinePassword = PR_FALSE;
-    Error ret;
-    SECStatus rv;
-    char * dbString = NULL;
-    int i;
-
-    progName = strrchr(argv[0], '/');
-    if (!progName)
-        progName = strrchr(argv[0], '\\');
-    progName = progName ? progName+1 : argv[0];
-
-    optstate = PL_CreateOptState(argc, argv, "rfd:h");
-
-    while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-        switch (optstate->option) {
-          case 'h':
-          default : Usage(progName);                    break;
-
-          case 'r': flags |= NSS_INIT_READONLY;         break;
-
-          case 'f': flags |= NSS_INIT_FORCEOPEN;        break;
-
-          case 'd':
-                dbDir = PORT_Strdup(optstate->value);
-                break;
-
-        }
-    }
-    if (optstatus == PL_OPT_BAD)
-        Usage(progName);
-
-    if (!dbDir) {
-        dbDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */
-    }
-    dbDir = SECU_ConfigDirectory(dbDir);
-    PR_fprintf(PR_STDERR, "dbdir selected is %s\n\n", dbDir);
-
-    if( dbDir[0] == '\0') {
-        PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir);
-        ret= DIR_DOESNT_EXIST_ERR;
-        goto loser;
-    }
-
-
-    PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
-    /* get the status of the directory and databases and output message */
-    if(PR_Access(dbDir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
-        PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir);
-    } else if(PR_Access(dbDir, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-        PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dbDir);
-    } else {
-        if( !( flags & NSS_INIT_READONLY ) &&
-                PR_Access(dbDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
-            PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dbDir);
-        }
-        for (i=0;i<3;i++) {
-            dbString=PR_smprintf("%s/%s",dbDir,dbName[i]);
-            PR_fprintf(PR_STDOUT, "database checked is %s\n",dbString);
-            if(PR_Access(dbString, PR_ACCESS_EXISTS) != PR_SUCCESS) {
-                PR_fprintf(PR_STDERR, errStrings[FILE_DOESNT_EXIST_ERR], 
-                                      dbString);
-            } else if(PR_Access(dbString, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-                PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], 
-                                      dbString);
-            } else if( !( flags & NSS_INIT_READONLY ) &&
-                    PR_Access(dbString, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
-                PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR], 
-                                      dbString);
-            }
-        }
-    }
-
-    rv = NSS_Initialize(SECU_ConfigDirectory(dbDir), dbprefix, dbprefix,
-                   secmodName, flags);
-    if (rv != SECSuccess) {
-        SECU_PrintPRandOSError(progName);
-        ret=NSS_INITIALIZE_FAILED_ERR;
-    } else {
-        ret=SUCCESS;
-    }
-
-loser:
-    return ret;
-}
-
diff --git a/security/nss/cmd/dbtest/makefile.win b/security/nss/cmd/dbtest/makefile.win
deleted file mode 100644
index 5a60fd0af..000000000
--- a/security/nss/cmd/dbtest/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = dbtest
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/dbtest/manifest.mn b/security/nss/cmd/dbtest/manifest.mn
deleted file mode 100644
index e323f3011..000000000
--- a/security/nss/cmd/dbtest/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-# DIRS = 
-
-CSRCS	= dbtest.c  
-
-PROGRAM	= dbtest
-
diff --git a/security/nss/cmd/derdump/Makefile b/security/nss/cmd/derdump/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/derdump/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/derdump/derdump.c b/security/nss/cmd/derdump/derdump.c
deleted file mode 100644
index 603d5f772..000000000
--- a/security/nss/cmd/derdump/derdump.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "nss.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-#include "plgetopt.h"
-
-static void Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage: %s [-r] [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s For formatted items, dump raw bytes as well\n",
-	    "-r");
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    char *progName;
-    int option;
-    FILE *outFile;
-    PRFileDesc *inFile;
-    SECItem der;
-    SECStatus rv;
-    int16 xp_error;
-    PRBool raw = PR_FALSE;
-    PLOptState *optstate;
-    PLOptStatus status;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    /* Parse command line arguments */
-    inFile = 0;
-    outFile = 0;
-    optstate = PL_CreateOptState(argc, argv, "i:o:r");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case 'i':
-	    inFile = PR_Open(optstate->value, PR_RDONLY, 0);
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'r':
-	    raw = PR_TRUE;
-	    break;
-
-	  default:
-	    Usage(progName);
-	    break;
-	}
-    }
-	if (status == PL_OPT_BAD)
-		Usage(progName);
-
-    if (!inFile) inFile = PR_STDIN;
-    if (!outFile) outFile = stdout;
-
-    rv = NSS_NoDB_Init(NULL);	/* XXX */
-    if (rv != SECSuccess) {
-	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-
-	rv = SECU_ReadDERFromFile(&der, inFile, PR_FALSE);
-    if (rv == SECSuccess) {
-	rv = DER_PrettyPrint(outFile, &der, raw);
-	if (rv == SECSuccess)
-	    return 0;
-    }
-
-    xp_error = PORT_GetError();
-    if (xp_error) {
-	SECU_PrintError(progName, "error %d", xp_error);
-    }
-    if (errno) {
-	SECU_PrintSystemError(progName, "errno=%d", errno);
-    }
-    return 1;
-}
diff --git a/security/nss/cmd/derdump/makefile.win b/security/nss/cmd/derdump/makefile.win
deleted file mode 100644
index 9a9d4edef..000000000
--- a/security/nss/cmd/derdump/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = derdump
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/derdump/manifest.mn b/security/nss/cmd/derdump/manifest.mn
deleted file mode 100644
index c00df3509..000000000
--- a/security/nss/cmd/derdump/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = derdump.c
-
-PROGRAM	= derdump
diff --git a/security/nss/cmd/digest/Makefile b/security/nss/cmd/digest/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/digest/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/digest/digest.c b/security/nss/cmd/digest/digest.c
deleted file mode 100644
index b9987265b..000000000
--- a/security/nss/cmd/digest/digest.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "pk11func.h"
-#include "secoid.h"
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#include "plgetopt.h"
-
-static SECOidData *
-HashTypeToOID(HASH_HashType hashtype)
-{
-    SECOidTag hashtag;
-
-    if (hashtype <= HASH_AlgNULL || hashtype >= HASH_AlgTOTAL)
-	return NULL;
-
-    switch (hashtype) {
-      case HASH_AlgMD2:
-	hashtag = SEC_OID_MD2;
-	break;
-      case HASH_AlgMD5:
-	hashtag = SEC_OID_MD5;
-	break;
-      case HASH_AlgSHA1:
-	hashtag = SEC_OID_SHA1;
-	break;
-      default:
-	fprintf(stderr, "A new hash type has been added to HASH_HashType.\n");
-	fprintf(stderr, "This program needs to be updated!\n");
-	return NULL;
-    }
-
-    return SECOID_FindOIDByTag(hashtag);
-}
-
-static SECOidData *
-HashNameToOID(const char *hashName)
-{
-    HASH_HashType htype;
-    SECOidData *hashOID;
-
-    for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
-	hashOID = HashTypeToOID(htype);
-	if (PORT_Strcasecmp(hashName, hashOID->desc) == 0)
-	    break;
-    }
-
-    if (htype == HASH_AlgTOTAL)
-	return NULL;
-
-    return hashOID;
-}
-
-static void
-Usage(char *progName)
-{
-    HASH_HashType htype;
-
-    fprintf(stderr,
-	    "Usage:  %s -t type [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Specify the digest method (must be one of\n",
-	    "-t type");
-    fprintf(stderr, "%-20s ", "");
-    for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
-	fprintf(stderr, HashTypeToOID(htype)->desc);
-	if (htype == (HASH_AlgTOTAL - 2))
-	    fprintf(stderr, " or ");
-	else if (htype != (HASH_AlgTOTAL - 1))
-	    fprintf(stderr, ", ");
-    }
-    fprintf(stderr, " (case ignored))\n");
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-static int
-DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID)
-{
-    int nb;
-    unsigned char ibuf[4096], digest[32];
-    PK11Context *hashcx;
-    unsigned int len;
-    SECStatus rv;
-
-    hashcx = PK11_CreateDigestContext(hashOID->offset);
-    if (hashcx == NULL) {
-	return -1;
-    }
-    PK11_DigestBegin(hashcx);
-
-
-    for (;;) {
-	if (feof(inFile)) break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb != sizeof(ibuf)) {
-	    if (nb == 0) {
-		if (ferror(inFile)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    PK11_DestroyContext(hashcx,PR_TRUE);
-		    return -1;
-		}
-		/* eof */
-		break;
-	    }
-	}
-	rv = PK11_DigestOp(hashcx, ibuf, nb);
-	if (rv != SECSuccess) {
-	   PK11_DestroyContext(hashcx, PR_TRUE);
-	   return -1;
-	}
-    }
-
-    rv = PK11_DigestFinal(hashcx, digest, &len, 32);
-    PK11_DestroyContext(hashcx, PR_TRUE);
-
-    if (rv != SECSuccess) return -1;
-
-    nb = fwrite(digest, 1, len, outFile);
-    if (nb != len) {
-	PORT_SetError(SEC_ERROR_IO);
-	return -1;
-    }
-
-    return 0;
-}
-
-#include "nss.h"
-
-int
-main(int argc, char **argv)
-{
-    char *progName;
-    int opt;
-    FILE *inFile, *outFile;
-    char *hashName;
-    SECOidData *hashOID;
-    PLOptState *optstate;
-    PLOptStatus status;
-    SECStatus   rv;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    inFile = NULL;
-    outFile = NULL;
-    hashName = NULL;
-
-    rv = NSS_Init("/tmp");
-    if (rv != SECSuccess) {
-    	fprintf(stderr, "%s: NSS_Init failed in directory %s\n",
-	        progName, "/tmp");
-        return -1;
-    }
-
-    /*
-     * Parse command line arguments
-     */
-    optstate = PL_CreateOptState(argc, argv, "t:i:o:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'i':
-	    inFile = fopen(optstate->value, "r");
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 't':
-	    hashName = strdup(optstate->value);
-	    break;
-	}
-    }
-
-    if (!hashName) Usage(progName);
-
-    if (!inFile) inFile = stdin;
-    if (!outFile) outFile = stdout;
-
-    hashOID = HashNameToOID(hashName);
-    if (hashOID == NULL) {
-	fprintf(stderr, "%s: invalid digest type\n", progName);
-	Usage(progName);
-    }
-
-    if (DigestFile(outFile, inFile, hashOID)) {
-	fprintf(stderr, "%s: problem digesting data (%s)\n",
-		progName, SECU_Strerror(PORT_GetError()));
-	return -1;
-    }
-
-    return 0;
-}
diff --git a/security/nss/cmd/digest/makefile.win b/security/nss/cmd/digest/makefile.win
deleted file mode 100644
index e8ec27ca2..000000000
--- a/security/nss/cmd/digest/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = digest
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/digest/manifest.mn b/security/nss/cmd/digest/manifest.mn
deleted file mode 100644
index 8150b2c1d..000000000
--- a/security/nss/cmd/digest/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS	= digest.c  
-
-PROGRAM	= digest
-
diff --git a/security/nss/cmd/ilock/Makefile b/security/nss/cmd/ilock/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/ilock/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/ilock/ilock.c b/security/nss/cmd/ilock/ilock.c
deleted file mode 100644
index 3e2390b8d..000000000
--- a/security/nss/cmd/ilock/ilock.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape Portable Runtime (NSPR).
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1998-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: ilock.c
-** Description:  ilock.c is a unit test for nssilock. ilock.c
-** tests the basic operation of nssilock. It should not be
-** considered a complete test suite.
-**
-** To check that logging works, before running this test,
-** define the following environment variables:
-** 
-**
-**
-**
-**
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <plgetopt.h> 
-#include <nspr.h>
-#include <nssilock.h>
-
-
-/*
-** Test harness infrastructure
-*/
-PRLogModuleInfo *lm;
-PRLogModuleLevel msgLevel = PR_LOG_NONE;
-PRIntn  debug = 0;
-PRUint32  failed_already = 0;
-/* end Test harness infrastructure */
-
-PRIntn optIterations = 1; /* default iterations  */
-
-PRIntn main(PRIntn argc, char *argv[])
-{
-    PRIntn i;
-    {
-        /*
-        ** Get command line options
-        */
-        PLOptStatus os;
-        PLOptState *opt = PL_CreateOptState(argc, argv, "hdvi:");
-
-	    while (PL_OPT_EOL != (os = PL_GetNextOpt(opt)))
-        {
-		    if (PL_OPT_BAD == os) continue;
-            switch (opt->option)
-            {
-            case 'd':  /* debug */
-                debug = 1;
-			    msgLevel = PR_LOG_ERROR;
-                break;
-            case 'v':  /* verbose mode */
-			    msgLevel = PR_LOG_DEBUG;
-                break;
-            case 'i':  /* number of iterations */
-			    optIterations = atol( opt->value );
-                if ( 0 == optIterations ) optIterations = 1; /* coerce default on zero */
-                break;
-             default:
-                break;
-            }
-        }
-	    PL_DestroyOptState(opt);
-    }
-
-    for ( i = 0 ; i < optIterations ; i++ ) {
-        /* First, test Lock */ 
-        {
-            PZLock *pl;
-            PZMonitor *pm;
-            PZCondVar *cv;
-            PRStatus rc;
-
-            pl = PZ_NewLock( nssILockOther );
-            if ( NULL == pl )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-            PZ_Lock( pl );
-        
-            rc = PZ_Unlock( pl );
-            if ( PR_FAILURE == rc )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-            PZ_DestroyLock( pl );
-
-        /* now, test CVar */
-            /* re-create the lock we just destroyed */
-            pl = PZ_NewLock( nssILockOther );
-            if ( NULL == pl )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-
-            cv = PZ_NewCondVar( pl );
-            if ( NULL == cv ) {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-
-            PZ_Lock( pl );
-            rc = PZ_NotifyCondVar( cv );
-            if ( PR_FAILURE == rc ) {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-
-            rc = PZ_NotifyAllCondVar( cv );
-            if ( PR_FAILURE == rc ) {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-
-            rc = PZ_WaitCondVar( cv, PR_SecondsToInterval(1));
-            if ( PR_FAILURE == rc ) {
-                if ( PR_UNKNOWN_ERROR != PR_GetError())  {
-                    failed_already = PR_TRUE;
-                    goto Finished;
-                }
-            }
-            PZ_Unlock( pl );
-            PZ_DestroyCondVar( cv );
-
-        /* Now, test Monitor */
-            pm = PZ_NewMonitor( nssILockOther );
-            if ( NULL == pm )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-        
-            PZ_EnterMonitor( pm );
-
-            rc = PZ_Notify( pm );
-            if ( PR_FAILURE == rc )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-            rc = PZ_NotifyAll( pm );
-            if ( PR_FAILURE == rc )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-            rc = PZ_Wait( pm, PR_INTERVAL_NO_WAIT );
-            if ( PR_FAILURE == rc )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-            rc = PZ_ExitMonitor( pm );
-            if ( PR_FAILURE == rc )  {
-                failed_already = PR_TRUE;
-                goto Finished;
-            }
-            PZ_DestroyMonitor( pm );
-        }
-    } /* --- end for() --- */
-
-
-Finished:
-    if (debug) printf("%s\n", (failed_already)? "FAIL" : "PASS");
-    return( (failed_already == PR_TRUE )? 1 : 0 );
-}  /* main() */
-/* end ilock.c */
-
diff --git a/security/nss/cmd/ilock/manifest.mn b/security/nss/cmd/ilock/manifest.mn
deleted file mode 100644
index fcea16608..000000000
--- a/security/nss/cmd/ilock/manifest.mn
+++ /dev/null
@@ -1,44 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = ilock.c
-
-PROGRAM = ilock 
-# PROGRAM = ./$(OBJDIR)/ilock.exe
-
diff --git a/security/nss/cmd/include/secnew.h b/security/nss/cmd/include/secnew.h
deleted file mode 100644
index eb4c30acd..000000000
--- a/security/nss/cmd/include/secnew.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef __secnew_h_
-#define __secnew_h_
-
-#include <stdio.h>
-
-typedef struct BERTemplateStr BERTemplate;
-typedef struct BERParseStr BERParse;
-typedef struct SECArbStr SECArb;
-
-/*
- * An array of these structures define an encoding for an object using
- * DER. The array is terminated with an entry where kind == 0.
- */
-struct BERTemplateStr {
-    /* Kind of item to decode/encode */
-    unsigned long kind;
-
-    /*
-     * Offset from base of structure to SECItem that will hold
-     * decoded/encoded value.
-     */
-    unsigned short offset;
-
-    /*
-     * Used with DER_SET or DER_SEQUENCE. If not zero then points to a
-     * sub-template. The sub-template is filled in and completed before
-     * continuing on.
-     */
-    BERTemplate *sub;
-
-    /*
-     * Argument value, dependent on kind.  Size of structure to allocate
-     * when kind==DER_POINTER For Context-Specific Implicit types its the
-     * underlying type to use.
-     */
-    unsigned long arg;
-};
-
-/*
- * an arbitrary object
- */
-struct SECArbStr {
-    unsigned long tag;		/* NOTE: does not support high tag form */
-    unsigned long length;	/* as reported in stream */
-    union {
-	SECItem item;
-	struct {
-	   int numSubs;
-	   SECArb **subs;
-	} cons;
-    } body;
-};
-
-/*
- * Decode a piece of der encoded data.
- *      "dest" points to a structure that will be filled in with the
- *         decoding results.
- *      "t" is a template structure which defines the shape of the
- *         expected data.
- *      "src" is the ber encoded data.
- */
-
-extern SECStatus BER_Decode(PRArenaPool * arena, void *dest, BERTemplate *t,
-                           SECArb *arb);
-
-
-/*
- * Encode a data structure into DER.
- * 	"dest" will be filled in (and memory allocated) to hold the der
- * 	   encoded structure in "src"
- * 	"t" is a template structure which defines the shape of the
- * 	   stored data
- * 	"src" is a pointer to the structure that will be encoded
- */
-
-extern SECStatus BER_Encode(PRArenaPool *arena, SECItem *dest, BERTemplate *t,
-			   void *src);
-
-/*
- * Client provided function that will get called with all the bytes
- * passing through the parser
- */
-typedef void (*BERFilterProc)(void *instance, unsigned char *buf, int length);
-
-/*
- * Client provided function that can will be called after the tag and
- * length information has been collected. It can be set up to be called
- * either before or after the data has been colleced.
- */
-typedef void (*BERNotifyProc)(
-    void *instance, SECArb *arb, int depth, PRBool before);
-
-extern BERParse *BER_ParseInit(PRArenaPool *arena, PRBool forceDER);
-extern SECArb *BER_ParseFini(BERParse *h);
-extern SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len);
-
-extern void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance);
-extern void BER_SetLeafStorage(BERParse *h, PRBool keep);
-extern void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
-			      PRBool beforeData);
-
-/*
- * A BERUnparseProc is used as a callback to put the encoded SECArb tree
- * tree to some stream. It returns PR_TRUE if the unparsing is to be
- * aborted.
- */
-typedef SECStatus (*BERUnparseProc)(
-    void *instance, unsigned char *data, int length, SECArb* arb);
-
-/*
- * BER_Unparse walks the SECArb tree calling the BERUnparseProc with
- * various pieces. It returns SECFailure if there was an error during that
- * tree walk.
- */
-extern SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance);
-
-/*
- * BER_ResolveLengths does a recursive walk through the tree generating
- * non-zero entries for the length field of each node. It will fail if it
- * discoveres a non-constructed node with a unknown length data field.
- * Leaves are supposed to be of known length.
- */
-extern SECStatus BER_ResolveLengths(SECArb *arb);
-
-/*
- * BER_PRettyPrintArb will write an ASCII version of the tree to the FILE
- * out.
- */
-extern SECStatus BER_PrettyPrintArb(FILE *out, SECArb* a);
-
-#endif /* __secnew_h_ */
diff --git a/security/nss/cmd/keyutil/Makefile b/security/nss/cmd/keyutil/Makefile
deleted file mode 100644
index a2ed814be..000000000
--- a/security/nss/cmd/keyutil/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/keyutil/keyutil.c b/security/nss/cmd/keyutil/keyutil.c
deleted file mode 100644
index 65e6ad8b0..000000000
--- a/security/nss/cmd/keyutil/keyutil.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#include <sys/time.h>
-#include <termios.h>
-#endif
-
-#include "secopt.h"
-
-#if defined(XP_WIN)
-#include <time.h>
-#include <conio.h>
-#endif
-
-#if defined(__sun) && !defined(SVR4)
-extern int fclose(FILE*);
-extern int fprintf(FILE *, char *, ...);
-extern int getopt(int, char**, char*);
-extern int isatty(int);
-extern char *optarg;
-extern char *sys_errlist[];
-#define strerror(errno) sys_errlist[errno]
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-static SECStatus
-ListKeys(SECKEYKeyDBHandle *handle, FILE *out)
-{
-    int rt;
-
-    rt = SECU_PrintKeyNames(handle, out);
-    if (rt) {
-	SECU_PrintError(progName, "unable to list nicknames");
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-DumpPublicKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out)
-{
-    SECKEYLowPrivateKey *privKey;
-    SECKEYLowPublicKey *publicKey;
-
-    /* check if key actually exists */
-    if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) {
-	SECU_PrintError(progName, "the key \"%s\" does not exist", nickname);
-	return SECFailure;
-    }
-
-    /* Read in key */
-    privKey = SECU_GetPrivateKey(handle, nickname);
-    if (!privKey) {
-	return SECFailure;
-    }
-
-    publicKey = SECKEY_LowConvertToPublicKey(privKey);
-
-    /* Output public key (in the clear) */
-    switch(publicKey->keyType) {
-      case rsaKey:
-	fprintf(out, "RSA Public-Key:\n");
-	SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1);
-	SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent,
-			  "publicExponent", 1);
-	break;
-      case dsaKey:
-	fprintf(out, "DSA Public-Key:\n");
-	SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1);
-	SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime,
-			  "subPrime", 1);
-	SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1);
-	SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1);
-	break;
-      default:
-	fprintf(out, "unknown key type\n");
-	break;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-DumpPrivateKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out)
-{
-    SECKEYLowPrivateKey *key;
-
-    /* check if key actually exists */
-    if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) {
-	SECU_PrintError(progName, "the key \"%s\" does not exist", nickname);
-	return SECFailure;
-    }
-
-    /* Read in key */
-    key = SECU_GetPrivateKey(handle, nickname);
-    if (!key) {
-	SECU_PrintError(progName, "error retrieving key");
-	return SECFailure;
-    }
-
-    switch(key->keyType) {
-      case rsaKey:
-	fprintf(out, "RSA Private-Key:\n");
-	SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1);
-	SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1);
-	SECU_PrintInteger(out, &key->u.rsa.privateExponent,
-			  "privateExponent", 1);
-	SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1);
-	SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1);
-	SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent1", 1);
-	SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1);
-	SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1);
-	break;
-      case dsaKey:
-	fprintf(out, "DSA Private-Key:\n");
-	SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1);
-	SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1);
-	SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1);
-	SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1);
-	SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1);
-	break;
-      default:
-	fprintf(out, "unknown key type\n");
-	break;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-ChangePassword(SECKEYKeyDBHandle *handle)
-{
-    SECStatus rv;
-
-    /* Write out database with a new password */
-    rv = SECU_ChangeKeyDBPassword(handle, NULL);
-    if (rv) {
-	SECU_PrintError(progName, "unable to change key password");
-    }
-    return rv;
-}
-
-static SECStatus
-DeletePrivateKey (SECKEYKeyDBHandle *keyHandle, char *nickName)
-{
-    SECStatus rv;
-
-    rv = SECU_DeleteKeyByName (keyHandle, nickName);
-    if (rv != SECSuccess)
-	fprintf(stderr, "%s: problem deleting private key (%s)\n",
-		progName, SECU_Strerror(PR_GetError()));
-    return (rv);
-
-}
-
-
-static void
-Usage(const char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s -p name [-d keydir]\n", progName);
-    fprintf(stderr,
-	    "        %s -P name [-d keydir]\n", progName);
-    fprintf(stderr,
-	    "        %s -D name [-d keydir]\n", progName);
-    fprintf(stderr,
-	    "        %s -l [-d keydir]\n", progName);
-    fprintf(stderr,
-	    "        %s -c [-d keydir]\n", progName);
-
-    fprintf(stderr, "%-20s Pretty print public key info for named key\n",
-	    "-p nickname");
-    fprintf(stderr, "%-20s Pretty print private key info for named key\n",
-	    "-P nickname");
-    fprintf(stderr, "%-20s Delete named private key from the key database\n",
-	    "-D nickname");
-    fprintf(stderr, "%-20s List the nicknames for the keys in a database\n",
-	    "-l");
-    fprintf(stderr, "%-20s Change the key database password\n",
-	    "-c");
-    fprintf(stderr, "\n");
-    fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
-	    "-d keydir");
-
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    int o, changePassword, deleteKey, dumpPublicKey, dumpPrivateKey, list;
-    char *nickname;
-    SECStatus rv;
-    SECKEYKeyDBHandle *keyHandle;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    /* Parse command line arguments */
-    changePassword = deleteKey = dumpPublicKey = dumpPrivateKey = list = 0;
-    nickname = NULL;
-
-    while ((o = getopt(argc, argv, "ADP:cd:glp:")) != -1) {
-	switch (o) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'A':
-	    fprintf(stderr, "%s: Can no longer add a key.", progName);
-	    fprintf(stderr, " Use pkcs12 to import a key.\n\n");
-	    Usage(progName);
-	    break;
-
-	  case 'D':
-	    deleteKey = 1;
-	    nickname = optarg;
-	    break;
-
-	  case 'P':
-	    dumpPrivateKey = 1;
-	    nickname = optarg;
-	    break;
-
-	  case 'c':
-	    changePassword = 1;
-	    break;
-
-	  case 'd':
-	    SECU_ConfigDirectory(optarg);
-	    break;
-
-	  case 'g':
-	    fprintf(stderr, "%s: Can no longer generate a key.", progName);
-	    fprintf(stderr, " Use certutil to generate a cert request.\n\n");
-	    Usage(progName);
-	    break;
-
-	  case 'l':
-	    list = 1;
-	    break;
-
-	  case 'p':
-	    dumpPublicKey = 1;
-	    nickname = optarg;
-	    break;
-	}
-    }
-
-    if (dumpPublicKey+changePassword+dumpPrivateKey+list+deleteKey != 1)
-	Usage(progName);
-
-    if ((list || changePassword) && nickname)
-	Usage(progName);
-
-    if ((dumpPublicKey || dumpPrivateKey || deleteKey) && !nickname)
-	Usage(progName);
-
-
-    /* Call the libsec initialization routines */
-    PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    SEC_Init();
-
-    /*
-     * XXX Note that the following opens the key database writable.
-     * If dumpPublicKey or dumpPrivateKey or list, though, we only want
-     * to open it read-only.  There needs to be a better interface
-     * to the initialization routines so that we can specify which way
-     * to open it.
-     */
-    rv = SECU_PKCS11Init();
-    if (rv != SECSuccess) {
-        SECU_PrintError(progName, "SECU_PKCS11Init failed");
-	return -1;
-    }
-
-    keyHandle = SECKEY_GetDefaultKeyDB();
-    if (keyHandle == NULL) {
-        SECU_PrintError(progName, "could not open key database");
-	return -1;
-    }
-
-    if (dumpPublicKey) {
-	rv = DumpPublicKey(keyHandle, nickname, stdout);
-    } else
-    if (changePassword) {
-	rv = ChangePassword(keyHandle);
-    } else
-    if (dumpPrivateKey) {
-	rv = DumpPrivateKey(keyHandle, nickname, stdout);
-    } else
-    if (list) {
-	rv = ListKeys(keyHandle, stdout);
-    } else
-    if (deleteKey) {
-	rv = DeletePrivateKey(keyHandle, nickname);
-    }
-
-    
-    return rv ? -1 : 0;
-}
diff --git a/security/nss/cmd/keyutil/manifest.mn b/security/nss/cmd/keyutil/manifest.mn
deleted file mode 100644
index 40b938cac..000000000
--- a/security/nss/cmd/keyutil/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
-	keyutil.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-
-PROGRAM = keyutil
diff --git a/security/nss/cmd/lib/Makefile b/security/nss/cmd/lib/Makefile
deleted file mode 100644
index 0769c80a3..000000000
--- a/security/nss/cmd/lib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
diff --git a/security/nss/cmd/lib/NSPRerrs.h b/security/nss/cmd/lib/NSPRerrs.h
deleted file mode 100644
index 5e2cd793e..000000000
--- a/security/nss/cmd/lib/NSPRerrs.h
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, 	"Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, 	"Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, 	"The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, 	"Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, 	"Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, 	"Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, 		"Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, 	"function not implemented." )
-ER2( PR_IO_ERROR, 		"I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, 	"I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, 	"I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, 	"The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, 	"Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, 	"Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, 	"Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, 	"Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, 	"Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, 	"Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, 	"Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, 	"Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR, 	
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR, 	
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR, 		
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR, 	
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR, 	
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR, 
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR, 
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, 	"Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR, 	
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, 	"TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, 		"Unused." )
-ER2( PR_DEADLOCK_ERROR, 	"The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, 	"The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR, 	
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, 	"The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, 		"Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, 	"Unused." )
-ER2( PR_IS_DIRECTORY_ERROR, 	
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, 		"Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, 	"File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, 	"File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR, 	
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR, 
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR, 
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR, 
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR, 	
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR, 
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR, 	
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR, 
-"Directory is full.  No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR, 
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, 	"No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, 	"Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, 	"Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, 	"The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, 	"The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, 	"Object state improper for request." )
-#endif
-
-#ifdef PR_NETWORK_DOWN_ERROR
-ER2( PR_NETWORK_DOWN_ERROR,	"Network is down." )
-#endif
-
-#ifdef PR_SOCKET_SHUTDOWN_ERROR
-ER2( PR_SOCKET_SHUTDOWN_ERROR,	"The socket was previously shut down." )
-#endif
-
-#ifdef PR_CONNECT_ABORTED_ERROR
-ER2( PR_CONNECT_ABORTED_ERROR,	"TCP Connection aborted." )
-#endif
-
-#ifdef PR_HOST_UNREACHABLE_ERROR
-ER2( PR_HOST_UNREACHABLE_ERROR,	"Host is unreachable." )
-#endif
-
-/* always last */
-ER2( PR_MAX_ERROR, 		"Placeholder for the end of the list" )
diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h
deleted file mode 100644
index 41bb03101..000000000
--- a/security/nss/cmd/lib/SECerrs.h
+++ /dev/null
@@ -1,442 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* General security error codes  */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO,				SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE,			SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA,				SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN,			SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN,			SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS,			SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM,		SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA,			SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME,			SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER,				SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE,			SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE,		SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE,		SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER,			SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY,				SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD,			SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD,			SEC_ERROR_BASE + 16,
-"New password entered incorrectly.  Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK,			SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE,			SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY,			SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER,			SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT,			SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT,			(SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME,		(SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT,			(SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY,			(SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY,				(SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID,			(SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID,			(SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE,			(SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE,	(SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired.  Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED,			(SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired.  Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE,		(SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID,			(SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID,		(SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND,		(SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID,			(SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-   
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID,	(SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID,		(SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY,				(SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY,			(SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION,	(SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL,				(SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT,			(SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY,		(SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT,			(SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH,		(SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE,		(SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG,		(SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED,		(SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD,			(SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized.  \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD,			(SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED,		(SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO,			(SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND,		(SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO,		(SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN,			(SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR,		(SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL,				(SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED,			(SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE,		(SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY,			(SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID,			(SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM,			(SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE,			(SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN,				(SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY,			(SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED,			(SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION,		(SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION,		(SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED,			(SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED,		(SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR,		(SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR,		(SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR,		(SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM,		(SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES,		(SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES,		(SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX,		(SEC_ERROR_BASE + 78),
-"Unable to import.  Decoding error.  File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC,		(SEC_ERROR_BASE + 79),
-"Unable to import.  Invalid MAC.  Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM,	(SEC_ERROR_BASE + 80),
-"Unable to import.  MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import.  Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE,	(SEC_ERROR_BASE + 82),
-"Unable to import.  File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import.  Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION,	(SEC_ERROR_BASE + 84),
-"Unable to import.  File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import.  Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION,		(SEC_ERROR_BASE + 86),
-"Unable to import.  Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED,			(SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA,		(SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED,		(SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE,		(SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE,		(SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH,		(SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY,	(SEC_ERROR_BASE + 93),
-"Unable to import.  Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN,	(SEC_ERROR_BASE + 94),
-"Unable to import.  Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export.  Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY,	(SEC_ERROR_BASE + 96),
-"Unable to export.  Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, 		(SEC_ERROR_BASE + 97),
-"Unable to export.  Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ,		(SEC_ERROR_BASE + 98),
-"Unable to import.  Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export.  Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL,			(SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD,			(SEC_ERROR_BASE + 101),
-"Password entered is invalid.  Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD,		(SEC_ERROR_BASE + 102),
-"Old password entered incorrectly.  Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME,			(SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER,       	(SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, 	(SEC_ERROR_BASE + 105),
-"A sensitive key cannot be moved to the slot where it is needed.")
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, 		(SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, 			(SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, 		(SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, 		(SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL,	     			(SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
- 
-ER3(SEC_ERROR_CKL_CONFLICT,	     		(SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL.  Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, 		(SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID,		(SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID,		(SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT,			(SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER,			(SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION,		(SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE,	(SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE,		(SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST,		(SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR,		(SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER,		(SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG,		(SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST,	(SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS,	(SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT,		(SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED,			(SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER,	(SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE,		(SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE,	(SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE,		(SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE,		(SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
diff --git a/security/nss/cmd/lib/SSLerrs.h b/security/nss/cmd/lib/SSLerrs.h
deleted file mode 100644
index 06803b849..000000000
--- a/security/nss/cmd/lib/SSLerrs.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* SSL-specific security error codes  */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER,			SSL_ERROR_BASE + 0,
-"Unable to communicate securely.  Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER,				SSL_ERROR_BASE + 1,
-"Unable to communicate securely.  Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP,			SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE,				SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE,				SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused						(SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT,				SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER,				SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,		SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION,			SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused						(SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE,			SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN,				SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING				(SSL_ERROR_BASE + 13),
-   defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED,				(SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ,				(SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT,				(SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT,				(SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT,			(SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT,			(SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED,				(SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG,				(SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE          , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED          , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING             , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG            , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG            , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST    , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO     , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO     , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE      , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH  , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST     , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE       , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY      , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH  , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED         , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER    , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT            , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE        , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST   , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO    , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO    , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE     , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST    , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE      , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY     , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED        , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER   , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT           , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE       , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE        , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE          , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT              , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong.  (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT            , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT    , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT   , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT       , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT       , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT        , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT     , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE       , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE           , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE    , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE   , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE   , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE            , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE            , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE          , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE            , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE            , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE       , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE       , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE        , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED   , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE              , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE     , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE       , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG         , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL       , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND          , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP        , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED       , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE      , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH             , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA	, (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND		, (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT     , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT       , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT            , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT         , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT          , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT         , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT    , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT      , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT        , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT         , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT      , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/lib/berparse.c b/security/nss/cmd/lib/berparse.c
deleted file mode 100644
index c040ab2b1..000000000
--- a/security/nss/cmd/lib/berparse.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-typedef enum {
-    tagDone, lengthDone, leafDone, compositeDone,
-    notDone,
-    parseError, parseComplete
-} ParseState;
-
-typedef unsigned char Byte;
-typedef void (*ParseProc)(BERParse *h, unsigned char **buf, int *len);
-typedef struct {
-    SECArb arb;
-    int pos;			/* length from global start to item start */
-    SECArb *parent;
-} ParseStackElem;
-
-struct BERParseStr {
-    PRArenaPool *his;
-    PRArenaPool *mine;
-    ParseProc proc;
-    int stackDepth;
-    ParseStackElem *stackPtr;
-    ParseStackElem *stack;
-    int pending;		/* bytes remaining to complete this part */
-    int pos;			/* running length of consumed characters */
-    ParseState state;
-    PRBool keepLeaves;
-    PRBool derOnly;
-    BERFilterProc filter;
-    void *filterArg;
-    BERNotifyProc before;
-    void *beforeArg;
-    BERNotifyProc after;
-    void *afterArg;
-};
-
-#define UNKNOWN -1
-
-static unsigned char NextChar(BERParse *h, unsigned char **buf, int *len)
-{
-    unsigned char c = *(*buf)++;
-    (*len)--;
-    h->pos++;
-    if (h->filter)
-	(*h->filter)(h->filterArg, &c, 1);
-    return c;
-}
-
-static void ParseTag(BERParse *h, unsigned char **buf, int *len)
-{
-    SECArb* arb = &(h->stackPtr->arb);
-    arb->tag = NextChar(h, buf, len);
-
-    PORT_Assert(h->state == notDone);
-
-  /*
-   * NOTE: This does not handle the high-tag-number form
-   */
-    if ((arb->tag & DER_HIGH_TAG_NUMBER) == DER_HIGH_TAG_NUMBER) {
-        PORT_SetError(SEC_ERROR_BAD_DER);
-	h->state = parseError;
-	return;
-    }
-
-    h->pending = UNKNOWN;
-    arb->length = UNKNOWN;
-    if (arb->tag & DER_CONSTRUCTED) {
-	arb->body.cons.numSubs = 0;
-	arb->body.cons.subs = NULL;
-    } else {
-	arb->body.item.len = UNKNOWN;
-	arb->body.item.data = NULL;
-    }
-
-    h->state = tagDone;
-}
-
-static void ParseLength(BERParse *h, unsigned char **buf, int *len)
-{
-    Byte b;
-    SECArb *arb = &(h->stackPtr->arb);
-
-    PORT_Assert(h->state == notDone);
-
-    if (h->pending == UNKNOWN) {
-	b = NextChar(h, buf, len);
-	if ((b & 0x80) == 0) {	/* short form */
-	    arb->length = b;
-	    /*
-	     * if the tag and the length are both zero bytes, then this
-	     * should be the marker showing end of list for the
-	     * indefinite length composite
-	     */
-	    if (arb->length == 0 && arb->tag == 0)
-		h->state = compositeDone;
-	    else
-		h->state = lengthDone;
-	    return;
-	}
-
-	h->pending = b & 0x7f;
-	/* 0 implies this is an indefinite length */
-	if (h->pending > 4) {
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    h->state = parseError;
-	    return;
-	}
-	arb->length = 0;
-    }
-
-    while ((*len > 0) && (h->pending > 0)) {
-	b = NextChar(h, buf, len);
-	arb->length = (arb->length << 8) + b;
-	h->pending--;
-    }
-    if (h->pending == 0) {
-	if (h->derOnly && (arb->length == 0))
-	    h->state = parseError;
-	else
-	    h->state = lengthDone;
-    }
-    return;
-}
-
-static void ParseLeaf(BERParse *h, unsigned char **buf, int *len)
-{
-    int count;
-    SECArb *arb = &(h->stackPtr->arb);
-
-    PORT_Assert(h->state == notDone);
-    PORT_Assert(h->pending >= 0);
-
-    if (*len < h->pending)
-	count = *len;
-    else
-	count = h->pending;
-
-    if (h->keepLeaves)
-	memcpy(arb->body.item.data + arb->body.item.len, *buf, count);
-    if (h->filter)
-	(*h->filter)(h->filterArg, *buf, count);
-    *buf += count;
-    *len -= count;
-    arb->body.item.len += count;
-    h->pending -= count;
-    h->pos += count;
-    if (h->pending == 0) {
-	h->state = leafDone;
-    }
-    return;
-}
-
-static void CreateArbNode(BERParse *h)
-{
-    SECArb *arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
-
-    *arb = h->stackPtr->arb;
-
-    /* 
-     * Special case closing the root
-     */	
-    if (h->stackPtr == h->stack) {
-	PORT_Assert(arb->tag & DER_CONSTRUCTED);
-	h->state = parseComplete;
-    } else {
-	SECArb *parent = h->stackPtr->parent;
-	parent->body.cons.subs = DS_ArenaGrow(
-	    h->his, parent->body.cons.subs,
-	    (parent->body.cons.numSubs) * sizeof(SECArb*),
-	    (parent->body.cons.numSubs + 1) * sizeof(SECArb*));
-	parent->body.cons.subs[parent->body.cons.numSubs] = arb;
-	parent->body.cons.numSubs++;
-	h->proc = ParseTag;
-	h->state = notDone;
-	h->pending = UNKNOWN;
-    }
-    if (h->after)
-	(*h->after)(h->afterArg, arb, h->stackPtr - h->stack, PR_FALSE);
-}
-
-SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len)
-{
-    if (h->state == parseError) return PR_TRUE;
-
-    while (len) {
-        (*h->proc)(h, &buf, &len);
-	if (h->state == parseComplete) {
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    h->state = parseError;
-	    return PR_TRUE;
-	}
-	if (h->state == parseError) return PR_TRUE;
-	PORT_Assert(h->state != parseComplete);
-
-        if (h->state <= compositeDone) {
-	    if (h->proc == ParseTag) {
-		PORT_Assert(h->state == tagDone);
-		h->proc = ParseLength;
-		h->state = notDone;
-	    } else if (h->proc == ParseLength) {
-		SECArb *arb = &(h->stackPtr->arb);
-		PORT_Assert(h->state == lengthDone || h->state == compositeDone);
-
-		if (h->before)
-		    (*h->before)(h->beforeArg, arb,
-				 h->stackPtr - h->stack, PR_TRUE);
-
-		/*
-		 * Check to see if this is the end of an indefinite
-		 * length composite
-		 */
-		if (h->state == compositeDone) {
-		    SECArb *parent = h->stackPtr->parent;
-		    PORT_Assert(parent);
-		    PORT_Assert(parent->tag & DER_CONSTRUCTED);
-		    if (parent->length != 0) {
-			PORT_SetError(SEC_ERROR_BAD_DER);
-			h->state = parseError;
-			return PR_TRUE;
-		    }
-		    /*
-		     * NOTE: This does not check for an indefinite length
-		     * composite being contained inside a definite length
-		     * composite. It is not clear that is legal.
-		     */
-		    h->stackPtr--;
-		    CreateArbNode(h);
-		} else {
-		    h->stackPtr->pos = h->pos;
-
-
-		    if (arb->tag & DER_CONSTRUCTED) {
-			SECArb *parent;
-			/*
-			 * Make sure there is room on the stack before we
-			 * stick anything else there.
-			 */
-			PORT_Assert(h->stackPtr - h->stack < h->stackDepth);
-			if (h->stackPtr - h->stack == h->stackDepth - 1) {
-			    int newDepth = h->stackDepth * 2;
-			    h->stack = DS_ArenaGrow(h->mine, h->stack,
-				sizeof(ParseStackElem) * h->stackDepth,
-				sizeof(ParseStackElem) * newDepth);
-			    h->stackPtr = h->stack + h->stackDepth + 1;
-			    h->stackDepth = newDepth;
-			}
-			parent = &(h->stackPtr->arb);
-			h->stackPtr++;
-			h->stackPtr->parent = parent;
-			h->proc = ParseTag;
-			h->state = notDone;
-			h->pending = UNKNOWN;
-		    } else {
-			if (arb->length < 0) {
-			    PORT_SetError(SEC_ERROR_BAD_DER);
-			    h->state = parseError;
-			    return PR_TRUE;
-			}
-			arb->body.item.len = 0;
-			if (arb->length > 0 && h->keepLeaves) {
-			    arb->body.item.data =
-				PORT_ArenaAlloc(h->his, arb->length);
-			} else {
-			    arb->body.item.data = NULL;
-			}
-			h->proc = ParseLeaf;
-			h->state = notDone;
-			h->pending = arb->length;
-		    }
-		}
-	    } else {
-		ParseStackElem *parent;
-		PORT_Assert(h->state = leafDone);
-		PORT_Assert(h->proc == ParseLeaf);
-
-		for (;;) {
-		    CreateArbNode(h);
-		    if (h->stackPtr == h->stack)
-			break;
-		    parent = (h->stackPtr - 1);
-		    PORT_Assert(parent->arb.tag & DER_CONSTRUCTED);
-		    if (parent->arb.length == 0) /* need explicit end */
-			break;
-		    if (parent->pos + parent->arb.length > h->pos)
-			break;
-		    if (parent->pos + parent->arb.length < h->pos) {
-			PORT_SetError(SEC_ERROR_BAD_DER);
-			h->state = parseError;
-			return PR_TRUE;
-		    }
-		    h->stackPtr = parent;
-		}
-	    }
-
-	}
-    }
-    return PR_FALSE;
-}
-BERParse *BER_ParseInit(PRArenaPool *arena, PRBool derOnly)
-{
-    BERParse *h;
-    PRArenaPool *temp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (temp == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-    h = PORT_ArenaAlloc(temp, sizeof(BERParse));
-    if (h == NULL) {
-	PORT_FreeArena(temp, PR_FALSE);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-    h->his = arena;
-    h->mine = temp;
-    h->proc = ParseTag;
-    h->stackDepth = 20;
-    h->stack = PORT_ArenaZAlloc(h->mine,
-			      sizeof(ParseStackElem) * h->stackDepth);
-    h->stackPtr = h->stack;
-    h->state = notDone;
-    h->pos = 0;
-    h->keepLeaves = PR_TRUE;
-    h->before = NULL;
-    h->after = NULL;
-    h->filter = NULL;
-    h->derOnly = derOnly;
-    return h;
-}
-
-SECArb *BER_ParseFini(BERParse *h)
-{
-    PRArenaPool *myArena = h->mine;
-    SECArb *arb;
-
-    if (h->state != parseComplete) {
-	arb = NULL;
-    } else {
-	arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
-	*arb = h->stackPtr->arb;
-    }
-
-    PORT_FreeArena(myArena, PR_FALSE);
-
-    return arb;
-}
-
-
-void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance)
-{
-    h->filter = proc;
-    h->filterArg = instance;
-}
-
-void BER_SetLeafStorage(BERParse *h, PRBool keep)
-{
-    h->keepLeaves = keep;
-}
-
-void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
-			      PRBool beforeData)
-{
-    if (beforeData) {
-	h->before = proc;
-	h->beforeArg = instance;
-    } else {
-	h->after = proc;
-	h->afterArg = instance;
-    }
-}
-
-
-
diff --git a/security/nss/cmd/lib/config.mk b/security/nss/cmd/lib/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/cmd/lib/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/cmd/lib/derprint.c b/security/nss/cmd/lib/derprint.c
deleted file mode 100644
index 7f699dec4..000000000
--- a/security/nss/cmd/lib/derprint.c
+++ /dev/null
@@ -1,619 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-#include "secoid.h"
-
-#ifdef __sun
-extern int fprintf(FILE *strm, const char *format, .../* args */);
-extern int fflush(FILE *stream);
-#endif
-
-#define RIGHT_MARGIN	24
-/*#define RAW_BYTES 1 */
-
-static int prettyColumn = 0;
-
-static int
-getInteger256(unsigned char *data, unsigned int nb)
-{
-    int val;
-
-    switch (nb) {
-      case 1:
-	val = data[0];
-	break;
-      case 2:
-	val = (data[0] << 8) | data[1];
-	break;
-      case 3:
-	val = (data[0] << 16) | (data[1] << 8) | data[2];
-	break;
-      case 4:
-	val = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3];
-	break;
-      default:
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return -1;
-    }
-
-    return val;
-}
-
-static int
-prettyNewline(FILE *out)
-{
-    int rv;
-
-    if (prettyColumn != -1) {
-	rv = fprintf(out, "\n");
-	prettyColumn = -1;
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return rv;
-	}
-    }
-    return 0;
-}
-
-static int
-prettyIndent(FILE *out, unsigned level)
-{
-    unsigned int i;
-    int rv;
-
-    if (prettyColumn == -1) {
-	prettyColumn = level;
-	for (i = 0; i < level; i++) {
-	    rv = fprintf(out, "   ");
-	    if (rv < 0) {
-		PORT_SetError(SEC_ERROR_IO);
-		return rv;
-	    }
-	}
-    }
-
-    return 0;
-}
-
-static int
-prettyPrintByte(FILE *out, unsigned char item, unsigned int level)
-{
-    int rv;
-
-    rv = prettyIndent(out, level);
-    if (rv < 0)
-	return rv;
-
-    rv = fprintf(out, "%02x ", item);
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    prettyColumn++;
-    if (prettyColumn >= RIGHT_MARGIN) {
-	return prettyNewline(out);
-    }
-
-    return 0;
-}
-
-static int
-prettyPrintLeaf(FILE *out, unsigned char *data,
-		unsigned int len, unsigned int lv)
-{
-    unsigned int i;
-    int rv;
-
-    for (i = 0; i < len; i++) {
-	rv = prettyPrintByte(out, *data++, lv);
-	if (rv < 0)
-	    return rv;
-    }
-    return prettyNewline(out);
-}
-
-static int
-prettyPrintStringStart(FILE *out, unsigned char *str,
-		       unsigned int len, unsigned int level)
-{
-#define BUF_SIZE 100
-    unsigned char buf[BUF_SIZE];
-    int rv;
-
-    if (len >= BUF_SIZE)
-	len = BUF_SIZE - 1;
-
-    rv = prettyNewline(out);
-    if (rv < 0)
-	return rv;
-
-    rv = prettyIndent(out, level);
-    if (rv < 0)
-	return rv;
-
-    memcpy(buf, str, len);
-    buf[len] = '\000';
-
-    rv = fprintf(out, "\"%s\"", buf);
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    return 0;
-#undef BUF_SIZE
-}
-
-static int
-prettyPrintString(FILE *out, unsigned char *str,
-		  unsigned int len, unsigned int level, PRBool raw)
-{
-    int rv;
-
-    rv = prettyPrintStringStart(out, str, len, level);
-    if (rv < 0)
-	return rv;
-
-    rv = prettyNewline(out);
-    if (rv < 0)
-	return rv;
-
-    if (raw) {
-	rv = prettyPrintLeaf(out, str, len, level);
-	if (rv < 0)
-	    return rv;
-    }
-
-    return 0;
-}
-
-static int
-prettyPrintTime(FILE *out, unsigned char *str,
-		unsigned int len, unsigned int level, PRBool raw, PRBool utc)
-{
-    SECItem time_item;
-    int rv;
-
-    rv = prettyPrintStringStart(out, str, len, level);
-    if (rv < 0)
-	return rv;
-
-    time_item.data = str;
-    time_item.len = len;
-
-    rv = fprintf(out, " (");
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    if (utc)
-	SECU_PrintUTCTime(out, &time_item, NULL, 0);
-    else
-	SECU_PrintGeneralizedTime(out, &time_item, NULL, 0);
-
-    rv = fprintf(out, ")");
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    rv = prettyNewline(out);
-    if (rv < 0)
-	return rv;
-
-    if (raw) {
-	rv = prettyPrintLeaf(out, str, len, level);
-	if (rv < 0)
-	    return rv;
-    }
-
-    return 0;
-}
-
-static int
-prettyPrintObjectID(FILE *out, unsigned char *data,
-		    unsigned int len, unsigned int level, PRBool raw)
-{
-    SECOidData *oiddata;
-    SECItem oiditem;
-    unsigned int i;
-    unsigned long val;
-    int rv;
-
-
-    /*
-     * First print the Object Id in numeric format
-     */
-
-    rv = prettyIndent(out, level);
-    if (rv < 0)
-	return rv;
-
-    val = data[0];
-    i   = val % 40;
-    val = val / 40;
-    rv = fprintf(out, "%lu %u ", val, i);
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    val = 0;
-    for (i = 1; i < len; ++i) {
-        unsigned long j;
-
-	j = data[i];
-	val = (val << 7) | (j & 0x7f);
-	if (j & 0x80) 
-	    continue;
-	rv = fprintf(out, "%lu ", val);
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return rv;
-	}
-	val = 0;
-    }
-
-    /*
-     * Now try to look it up and print a symbolic version.
-     */
-    oiditem.data = data;
-    oiditem.len = len;
-    oiddata = SECOID_FindOID(&oiditem);
-    if (oiddata != NULL) {
-	i = PORT_Strlen(oiddata->desc);
-	if ((prettyColumn + 1 + (i / 3)) > RIGHT_MARGIN) {
-	    rv = prettyNewline(out);
-	    if (rv < 0)
-		return rv;
-	}
-
-	rv = prettyIndent(out, level);
-	if (rv < 0)
-	    return rv;
-
-	rv = fprintf(out, "(%s)", oiddata->desc);
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return rv;
-	}
-    }
-
-    /*
-     * Finally, on a new line, print the raw bytes (if requested).
-     */
-    if (raw) {
-	rv = prettyNewline(out);
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return rv;
-	}
-
-	for (i = 0; i < len; i++) {
-	    rv = prettyPrintByte(out, *data++, level);
-	    if (rv < 0)
-		return rv;
-	}
-    }
-
-    return prettyNewline(out);
-}
-
-static char *prettyTagType [32] = {
-  "End of Contents",
-  "Boolean",
-  "Integer",
-  "Bit String",
-  "Octet String",
-  "NULL",
-  "Object Identifier",
-  "0x07",
-  "0x08",
-  "0x09",
-  "Enumerated",
-  "0x0B",
-  "UTF8 String",
-  "0x0D",
-  "0x0E",
-  "0x0F",
-  "Sequence",
-  "Set",
-  "0x12",
-  "Printable String",
-  "T61 String",
-  "0x15",
-  "IA5 String",
-  "UTC Time",
-  "Generalized Time",
-  "0x19",
-  "Visible String",
-  "0x1B",
-  "Universal String",
-  "0x1D",
-  "BMP String",
-  "High-Tag-Number"
-};
-
-static int
-prettyPrintTag(FILE *out, unsigned char *src, unsigned char *end,
-	       unsigned char *codep, unsigned int level, PRBool raw)
-{
-    int rv;
-    unsigned char code, tagnum;
-
-    if (src >= end) {
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return -1;
-    }
-
-    code = *src;
-    tagnum = code & SEC_ASN1_TAGNUM_MASK;
-
-    /*
-     * NOTE: This code does not (yet) handle the high-tag-number form!
-     */
-    if (tagnum == SEC_ASN1_HIGH_TAG_NUMBER) {
-        PORT_SetError(SEC_ERROR_BAD_DER);
-	return -1;
-    }
-
-    if (raw)
-	rv = prettyPrintByte(out, code, level);
-    else
-	rv = prettyIndent(out, level);
-
-    if (rv < 0)
-	return rv;
-
-    if (code & SEC_ASN1_CONSTRUCTED) {
-        rv = fprintf(out, "C-");
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return rv;
-	}
-    }
-
-    switch (code & SEC_ASN1_CLASS_MASK) {
-    case SEC_ASN1_UNIVERSAL:
-        rv = fprintf(out, "%s ", prettyTagType[tagnum]);
-	break;
-    case SEC_ASN1_APPLICATION:
-        rv = fprintf(out, "Application: %d ", tagnum);
-	break;
-    case SEC_ASN1_CONTEXT_SPECIFIC:
-        rv = fprintf(out, "[%d] ", tagnum);
-	break;
-    case SEC_ASN1_PRIVATE:
-        rv = fprintf(out, "Private: %d ", tagnum);
-	break;
-    }
-
-    if (rv < 0) {
-        PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    *codep = code;
-
-    return 1;
-}
-
-static int
-prettyPrintLength(FILE *out, unsigned char *data, unsigned char *end,
-		  int *lenp, PRBool *indefinitep, unsigned int lv, PRBool raw)
-{
-    unsigned char lbyte;
-    int lenLen;
-    int rv;
-
-    if (data >= end) {
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return -1;
-    }
-
-    rv = fprintf(out, " ");
-    if (rv < 0) {
-        PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    *indefinitep = PR_FALSE;
-
-    lbyte = *data++;
-    if (lbyte >= 0x80) {
-	/* Multibyte length */
-	unsigned nb = (unsigned) (lbyte & 0x7f);
-	if (nb > 4) {
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return -1;
-	}
-	if (nb > 0) {
-	    int il;
-
-	    if ((data + nb) > end) {
-		PORT_SetError(SEC_ERROR_BAD_DER);
-		return -1;
-	    }
-	    il = getInteger256(data, nb);
-	    if (il < 0) return -1;
-	    *lenp = (unsigned) il;
-	} else {
-	    *lenp = 0;
-	    *indefinitep = PR_TRUE;
-	}
-	lenLen = nb + 1;
-	if (raw) {
-	    int i;
-
-	    rv = prettyPrintByte(out, lbyte, lv);
-	    if (rv < 0)
-		return rv;
-	    for (i = 0; i < nb; i++) {
-		rv = prettyPrintByte(out, data[i], lv);
-		if (rv < 0)
-		    return rv;
-	    }
-	}
-    } else {
-	*lenp = lbyte;
-	lenLen = 1;
-	if (raw) {
-	    rv = prettyPrintByte(out, lbyte, lv);
-	    if (rv < 0)
-		return rv;
-	}
-    }
-    if (*indefinitep)
-	rv = fprintf(out, "(indefinite)\n");
-    else
-	rv = fprintf(out, "(%d)\n", *lenp);
-    if (rv < 0) {
-        PORT_SetError(SEC_ERROR_IO);
-	return rv;
-    }
-
-    prettyColumn = -1;
-    return lenLen;
-}
-
-static int
-prettyPrintItem(FILE *out, unsigned char *data, unsigned char *end,
-		unsigned int lv, PRBool raw)
-{
-    int slen;
-    int lenLen;
-    unsigned char *orig = data;
-    int rv;
-
-    while (data < end) {
-        unsigned char code;
-	PRBool indefinite;
-
-	slen = prettyPrintTag(out, data, end, &code, lv, raw);
-	if (slen < 0)
-	    return slen;
-	data += slen;
-
-	lenLen = prettyPrintLength(out, data, end, &slen, &indefinite, lv, raw);
-	if (lenLen < 0)
-	    return lenLen;
-	data += lenLen;
-
-	/*
-	 * Just quit now if slen more bytes puts us off the end.
-	 */
-	if ((data + slen) > end) {
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return -1;
-	}
-
-        if (code & SEC_ASN1_CONSTRUCTED) {
-	    if (slen > 0 || indefinite) {
-		slen = prettyPrintItem(out, data,
-				       slen == 0 ? end : data + slen,
-				       lv+1, raw);
-		if (slen < 0)
-		    return slen;
-		data += slen;
-	    }
-	} else if (code == 0) {
-	    if (slen != 0 || lenLen != 1) {
-		PORT_SetError(SEC_ERROR_BAD_DER);
-		return -1;
-	    }
-	    break;
-	} else {
-	    switch (code) {
-	      case SEC_ASN1_PRINTABLE_STRING:
-	      case SEC_ASN1_IA5_STRING:
-	      case SEC_ASN1_VISIBLE_STRING:
-	        rv = prettyPrintString(out, data, slen, lv+1, raw);
-		if (rv < 0)
-		    return rv;
-		break;
-	      case SEC_ASN1_UTC_TIME:
-	        rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_TRUE);
-		if (rv < 0)
-		    return rv;
-		break;
-	      case SEC_ASN1_GENERALIZED_TIME:
-	        rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_FALSE);
-		if (rv < 0)
-		    return rv;
-		break;
-	      case SEC_ASN1_OBJECT_ID:
-	        rv = prettyPrintObjectID(out, data, slen, lv+1, raw);
-		if (rv < 0)
-		    return rv;
-		break;
-	      case SEC_ASN1_BOOLEAN:	/* could do nicer job */
-	      case SEC_ASN1_INTEGER:	/* could do nicer job */
-	      case SEC_ASN1_BIT_STRING:	/* could do nicer job */
-	      case SEC_ASN1_OCTET_STRING:
-	      case SEC_ASN1_NULL:
-	      case SEC_ASN1_ENUMERATED:	/* could do nicer job, as INTEGER */
-	      case SEC_ASN1_UTF8_STRING:
-	      case SEC_ASN1_T61_STRING:	/* print as printable string? */
-	      case SEC_ASN1_UNIVERSAL_STRING:
-	      case SEC_ASN1_BMP_STRING:
-	      default:
-	        rv = prettyPrintLeaf(out, data, slen, lv+1);
-		if (rv < 0)
-		    return rv;
-		break;
-	    }
-	    data += slen;
-	}
-    }
-
-    rv = prettyNewline(out);
-    if (rv < 0)
-	return rv;
-
-    return data - orig;
-}
-
-SECStatus
-DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw)
-{
-    int rv;
-
-    prettyColumn = -1;
-
-    rv = prettyPrintItem(out, it->data, it->data + it->len, 0, raw);
-    if (rv < 0)
-	return SECFailure;
-    return SECSuccess;
-}
diff --git a/security/nss/cmd/lib/dongle.c b/security/nss/cmd/lib/dongle.c
deleted file mode 100644
index 1c819ee51..000000000
--- a/security/nss/cmd/lib/dongle.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-#include "sechash.h"
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#include <netdb.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#endif
-#ifdef XP_WIN
-#include <windows.h>
-#include <winsock.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-#ifdef XP_MAC
-#include <unistd.h>
-#endif
-
-#ifdef XP_UNIX
-#include "prnetdb.h"
-#else
-#define PRHostEnt struct hostent
-#define PR_NETDB_BUF_SIZE 5
-#endif
-
-static RC4Context *
-sec_MakeDongleKey(void)
-{
-    RC4Context *rc4;
-    char hostname[64];
-    PRHostEnt hpbuf, *hent;
-    char dbbuf[PR_NETDB_BUF_SIZE];
-    int ipaddr;
-    struct stat s;
-    int found = 1; /* Whether /vmunix, etc. found */
-    unsigned char *buf, *totalbuf;
-    MD5Context *md5 = 0;
-    unsigned char digest[16];
-    unsigned int digestLen;
-
-    /* NOTE: Fix MAC and WIN to stat something comparable to kernel on UNIX */
-#ifdef XP_MAC
-    return NULL;
-#elif defined(XP_WIN)
-    return NULL;
-#endif
-
-    /* gather system data */
-    if( gethostname( hostname, 64 ) < 0 ) {
-	return(NULL);
-    }
-
-#ifdef XP_UNIX
-#ifndef NSPR20
-    hent = PR_gethostbyname(hostname, &hpbuf, dbbuf, sizeof(dbbuf), 0);
-#else
-    if (PR_GetHostByName(hostname, dbbuf, sizeof(dbbuf), &hpbuf) == PR_SUCCESS)
-	hent = &hpbuf;
-    else
-	hent = NULL;
-#endif
-#else
-    hent = gethostbyname(hostname);
-#endif
-    if (hent == NULL) {
-	return(NULL);
-    }
-
-    ipaddr = htonl(((struct in_addr *)hent->h_addr)->s_addr);
-
-    /*
-    ** /unix         IRIX & AIX & SCO
-    ** /vmunix       SunOS & OSF
-    ** /kernel/unix  Solaris
-    ** /vmlinuz      Linux
-    ** /hp-ux        HP-UX
-    ** /bsd          BSD
-    */
-    if ( (stat("/unix", &s) == -1 ) && (stat("/vmunix", &s) == -1) &&
-	 (stat("/bsd", &s) == -1) && (stat("kernel/unix", &s)== -1) &&
-	 (stat("/hp-ux", &s) == -1) && (stat("/vmlinuz", &s) == -1) ) {
-	found = 0;
-    }
-								      
-    buf = totalbuf = (unsigned char *)
-	XP_CALLOC(1, 1000 + sizeof(ipaddr) + sizeof(s) + PORT_Strlen(hostname));
-    
-    if ( buf == 0 ) {
-	return(NULL);
-    }
-
-    PORT_Memcpy(buf, hostname, PORT_Strlen(hostname));
-    buf += PORT_Strlen(hostname);
-    
-    PORT_Memcpy(buf, &ipaddr, sizeof(ipaddr));
-    buf += sizeof(ipaddr);
-   
-    if (found) {
-	PORT_Memcpy(buf, &s.st_mode, sizeof(s.st_mode));
-	buf += sizeof(s.st_mode);
-    
-	PORT_Memcpy(buf, &s.st_ino, sizeof(s.st_ino));
-	buf += sizeof(s.st_ino);
-	
-	PORT_Memcpy(buf, &s.st_dev, sizeof(s.st_dev));
-	buf += sizeof(s.st_dev);
-	
-	PORT_Memcpy(buf, &s.st_mtime, sizeof(s.st_mtime));
-	buf += sizeof(s.st_mtime);
-    }
-
-    /* Digest the system info using MD5 */
-    md5 = MD5_NewContext();
-    if (md5 == NULL) {
-	return (NULL);
-    }
-
-    MD5_Begin(md5);
-    MD5_Update(md5, totalbuf, PORT_Strlen((char *)totalbuf));
-    MD5_End(md5, digest, &digestLen, MD5_LENGTH);
-
-    /* Make an RC4 key using the digest */
-    rc4 = RC4_CreateContext(digest, digestLen);
-
-    /* Zero out information */
-    MD5_DestroyContext(md5, PR_TRUE);
-    PORT_Memset(digest, 0 , sizeof(digest));
-
-   
-    return(rc4);
-}
-
-extern unsigned char *
-SEC_ReadDongleFile(int fd)
-{
-    RC4Context *rc4;
-    struct stat s;
-    unsigned char *inbuf, *pw;
-    int nb;
-    unsigned int pwlen, inlen;
-    SECStatus rv;
-    
-    rc4 = sec_MakeDongleKey();
-    if (rc4 == NULL) {
-	return(0);
-    }
-
-    /* get size of file */
-    if ( fstat(fd, &s) < 0 ) {
-	return(0);
-    }
-
-    inlen = s.st_size;
-    
-    inbuf = (unsigned char *) PORT_Alloc(inlen);
-    if (!inbuf) {
-	return(0);
-    }
-
-    nb = read(fd, (char *)inbuf, inlen);
-    if (nb != inlen) {
-	return(0);
-    }
-
-    pw = (unsigned char *) PORT_Alloc(inlen);
-    if (pw == 0) {
-	return(0);
-    }
-
-    rv = RC4_Decrypt(rc4, pw, &pwlen, inlen, inbuf, inlen);
-    if (rv) {
-	return(0);
-    }
-
-    PORT_Free(inbuf);
-
-    return(pw);
-}
-
-extern SECStatus
-SEC_WriteDongleFile(int fd, unsigned char *pw)
-{
-    RC4Context *rc4;
-    unsigned char *outbuf;
-    unsigned int outlen;
-    SECStatus rv;
-    int nb;
-    
-    rc4 = sec_MakeDongleKey();
-    if (rc4 == NULL) {
-	return(SECFailure);
-    }
-
-    outbuf = (unsigned char *) PORT_Alloc(PORT_Strlen((char *)pw) + 1);
-    if (!outbuf) {
-	return(SECFailure);
-    }
-
-    rv = RC4_Encrypt(rc4, outbuf, &outlen, PORT_Strlen((char *)pw), pw,
-		     PORT_Strlen((char *)pw));
-    if (rv) {
-	return(SECFailure);
-    }
-
-    RC4_DestroyContext(rc4, PR_TRUE);
-
-    nb = write(fd, (char *)outbuf, outlen);
-    if (nb != outlen) {
-	return(SECFailure);
-    }
-
-    PORT_Free(outbuf);
-
-    return(SECSuccess);
-}
-
diff --git a/security/nss/cmd/lib/fe_util.c b/security/nss/cmd/lib/fe_util.c
deleted file mode 100644
index 646277e35..000000000
--- a/security/nss/cmd/lib/fe_util.c
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secpkcs7.h"
-
-void 
-fe_GetProgramDirectory(char *path, int len)
-{
-    PORT_Strcpy( path, ".");
-}
-
diff --git a/security/nss/cmd/lib/ffs.c b/security/nss/cmd/lib/ffs.c
deleted file mode 100644
index 3fce2c7c2..000000000
--- a/security/nss/cmd/lib/ffs.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef XP_PC
-
-int ffs( unsigned int i)
-{
-    int rv	= 1;
-
-    if (!i) return 0;
-
-    while (!(i & 1)) {
-    	i >>= 1;
-	++rv;
-    }
-
-    return rv;
-}
-#endif
diff --git a/security/nss/cmd/lib/filestub.c b/security/nss/cmd/lib/filestub.c
deleted file mode 100644
index 368b7284d..000000000
--- a/security/nss/cmd/lib/filestub.c
+++ /dev/null
@@ -1,1118 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define CMD_STUB 1	/* this is just a stub for security/cmd/*  */
-#define MOZ_LITE 1	/* don't need that other stuff, either */
-
-#if 0
-#include "stdafx.h"
-#include "dialog.h"
-#include "mainfrm.h"
-#include "custom.h"
-#include "shcut.h"
-#include "edt.h"
-#include "prmon.h"
-#include "fegui.h"
-#include "prefapi.h"
-#include <io.h>
-#include "secrng.h"
-#include "mailass.h"
-#include "ipframe.h"
-#include "mnprefs.h"
-
-#else
-
-#include <xp_core.h>
-#include <xp_file.h>
-#include <xp_mcom.h>
-
-#define ASSERT assert
-#endif
-
-#ifdef XP_MAC
-#include "prpriv.h" /* For PR_NewNamedMonitor */
-#else
-#include "private/prpriv.h"
-#endif
-
-#ifdef XP_WIN
-
-#ifndef _AFXDLL
-/* MSVC Debugging new...goes to regular new in release mode */
-#define new DEBUG_NEW  
-#endif
-
-#ifdef __BORLANDC__
-    #define _lseek lseek
-#endif
-       
-#define WIDTHBYTES(i) ((i + 31) / 32 * 4)
-#define MAXREAD 32767
-       
-MODULE_PRIVATE char * XP_CacheFileName();
-
-#define MAXSTRINGLEN 8192 
-
-#ifndef CMD_STUB
-
-/* Return a string the same as the In string 
-** but with all of the \n's replaced with \r\n's  
-*/
-MODULE_PRIVATE char * 
-FE_Windowsify(const char * In)
-{
-    char *Out;
-    char *o, *i; 
-    int32 len;
-
-    if(!In)
-        return NULL;
-
-    /* if every character is a \n then new string is twice as long */
-    len = (int32) XP_STRLEN(In) * 2 + 1;
-    Out = (char *) XP_ALLOC(len);
-    if(!Out)
-        return NULL;
-
-  /* Move the characters over one by one.  If the current character is */
-  /*  a \n replace add a \r before moving the \n over */
-    for(i = (char *) In, o = Out; i && *i; *o++ = *i++)
-       if(*i == '\n')
-            *o++ = '\r';
-
-    /* Make sure our new string is NULL terminated */
-    *o = '\0';
-    return(Out);
-}
-
-
-/*  Return some adjusted out full path on the mac. */
-/*  For windows, we just return what was passed in. */
-/*  We must provide it in a seperate buffer, otherwise they might change */
-/*      the original and change also what they believe to be saved. */
-char *
-WH_FilePlatformName(const char *pName)    
-{
-
-    if(pName)   {
-        return XP_STRDUP(pName);
-    }
-    
-    return NULL;
-}
-
-
-char *
-FE_GetProgramDirectory(char *buffer, int length)
-{
-    ::GetModuleFileName(theApp.m_hInstance, buffer, length);
-
-    /*	Find the trailing slash. */
-    char *pSlash = ::strrchr(buffer, '\\');
-    if(pSlash)	{
-	*(pSlash+1) = '\0';
-    } else {
-	buffer[0] = '\0';
-    }
-    return (buffer);
-}
-
-
-char*
-XP_TempDirName(void)
-{
-    char *tmp = theApp.m_pTempDir;
-    if (!tmp)
-        return XP_STRDUP(".");
-    return XP_STRDUP(tmp);
-}
-
-/* Windows _tempnam() lets the TMP environment variable override things sent 
-** in so it look like we're going to have to make a temp name by hand.
-
-** The user should *NOT* free the returned string.  
-** It is stored in static space 
-** and so is not valid across multiple calls to this function.
-
-** The names generated look like 
-**   c:\netscape\cache\m0.moz 
-**   c:\netscape\cache\m1.moz 
-** up to... 
-**   c:\netscape\cache\m9999999.moz 
-** after that if fails 
-** */
-PUBLIC char *
-xp_TempFileName(int type, const char * request_prefix, const char * extension,
-				char* file_buf)
-{
-    const char * directory = NULL; 
-    char * ext = NULL;           /* file extension if any */
-    char * prefix = NULL;        /* file prefix if any */
-  
-  
-    XP_StatStruct statinfo;
-    int status;     
-
-    /* */
-    /* based on the type of request determine what directory we should be */
-    /*   looking into */
-    /*   */
-    switch(type) {
-    case xpCache:
-        directory = theApp.m_pCacheDir;
-        ext = ".MOZ";
-        prefix = CACHE_PREFIX;
-        break;
-#ifndef MOZ_LITE        
-    case xpSNewsRC:
-    case xpNewsRC:
-    case xpNewsgroups:
-    case xpSNewsgroups:
-    case xpTemporaryNewsRC:
-        directory = g_MsgPrefs.m_csNewsDir;
-        ext = (char *)extension;
-        prefix = (char *)request_prefix;
-        break;
-    case xpMailFolderSummary:
-    case xpMailFolder:
-	directory = g_MsgPrefs.m_csMailDir;
-        ext = (char *)extension;
-        prefix = (char *)request_prefix;
-	break;
-    case xpAddrBook:
-	/*changed to support multi-profile */
-	/*directory = theApp.m_pInstallDir->GetCharValue(); */
-	directory = (const char *)theApp.m_UserDirectory;
-	if ((request_prefix == 0) || (XP_STRLEN (request_prefix) == 0))
-		prefix = "abook";
-	ext = ".nab";
-	break;
-#endif /* MOZ_LITE       */
-    case xpCacheFAT:
-	directory = theApp.m_pCacheDir;
-	prefix = "fat";
-	ext = "db";
-	break;
-    case xpJPEGFile:
-        directory = theApp.m_pTempDir;
-	ext = ".jpg";
-        prefix = (char *)request_prefix;
-	break;
-    case xpPKCS12File:
-	directory = theApp.m_pTempDir;
-	ext = ".p12";
-	prefix = (char *)request_prefix;
-	break;
-    case xpTemporary:
-    default:
-        directory = theApp.m_pTempDir;
-        ext = (char *)extension;
-        prefix = (char *)request_prefix;
-        break;
-    }
-
-    if(!directory)
-        return(NULL);
-
-    if(!prefix)
-        prefix = "X";
-
-    if(!ext)
-        ext = ".TMP";
-
-  /*  We need to base our temporary file names on time, and not on sequential */
-  /*    addition because of the cache not being updated when the user */
-  /*    crashes and files that have been deleted are over written with */
-  /*    other files; bad data. */
-  /*  The 52 valid DOS file name characters are */
-  /*    0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_^$~!#%&-{}@`'() */
-  /*  We will only be using the first 32 of the choices. */
-  /* */
-  /*  Time name format will be M+++++++.MOZ */
-  /*    Where M is the single letter prefix (can be longer....) */
-  /*    Where +++++++ is the 7 character time representation (a full 8.3 */
-  /*      file name will be made). */
-  /*    Where .MOZ is the file extension to be used. */
-  /* */
-  /*  In the event that the time requested is the same time as the last call */
-  /*    to this function, then the current time is incremented by one, */
-  /*    as is the last time called to facilitate unique file names. */
-  /*  In the event that the invented file name already exists (can't */
-  /*    really happen statistically unless the clock is messed up or we */
-  /*    manually incremented the time), then the times are incremented */
-  /*    until an open name can be found. */
-  /* */
-  /*  time_t (the time) has 32 bits, or 4,294,967,296 combinations. */
-  /*  We will map the 32 bits into the 7 possible characters as follows: */
-  /*    Starting with the lsb, sets of 5 bits (32 values) will be mapped */
-  /*      over to the appropriate file name character, and then */
-  /*      incremented to an approprate file name character. */
-  /*    The left over 2 bits will be mapped into the seventh file name */
-  /*      character. */
-  /* */
-    
-    int i_letter, i_timechars, i_numtries = 0;
-    char ca_time[8];
-    time_t this_call = (time_t)0;
-    
-    /*  We have to base the length of our time string on the length */
-    /*    of the incoming prefix.... */
-    /* */
-    i_timechars = 8 - strlen(prefix);
-    
-    /*  Infinite loop until the conditions are satisfied. */
-    /*  There is no danger, unless every possible file name is used. */
-    /* */
-    while(1)    {
-        /*    We used to use the time to generate this. */
-        /*    Now, we use some crypto to avoid bug #47027 */
-        RNG_GenerateGlobalRandomBytes((void *)&this_call, sizeof(this_call));
-
-        /*  Convert the time into a 7 character string. */
-        /*  Strip only the signifigant 5 bits. */
-        /*  We'll want to reverse the string to make it look coherent */
-        /*    in a directory of file names. */
-        /* */
-        for(i_letter = 0; i_letter < i_timechars; i_letter++) {
-            ca_time[i_letter] = (char)((this_call >> (i_letter * 5)) & 0x1F);
-            
-          /*  Convert any numbers to their equivalent ascii code */
-          /* */
-            if(ca_time[i_letter] <= 9)    {
-                ca_time[i_letter] += '0';
-            }
-          /*  Convert the character to it's equivalent ascii code */
-          /* */
-            else    {
-                ca_time[i_letter] += 'A' - 10;
-            }
-        }
-        
-        /*  End the created time string. */
-        /* */
-        ca_time[i_letter] = '\0';
-        
-        /*  Reverse the time string. */
-        /* */
-        _strrev(ca_time);
-        
-        /*  Create the fully qualified path and file name. */
-        /* */
-        sprintf(file_buf, "%s\\%s%s%s", directory, prefix, ca_time, ext);
-
-        /*  Determine if the file exists, and mark that we've tried yet */
-        /*    another file name (mark to be used later). */
-        /*   */
-        /*  Use the system call instead of XP_Stat since we already */
-        /*  know the name and we don't want recursion */
-        /* */
-        status = _stat(file_buf, &statinfo);
-        i_numtries++;
-
-        /*  If it does not exists, we are successful, return the name. */
-        /* */
-        if(status == -1)    {
-           /* don't generate a directory as part of the cache temp names.    
-	    * When the cache file name is passed into the other XP_File 
-	    * functions we will append the cache directory to the name
-            * to get the complete path.
-            * This will allow the cache to be moved around
-            * and for netscape to be used to generate external cache FAT's.    
-            */
-            if(type == xpCache )
-		sprintf(file_buf, "%s%s%s", prefix, ca_time, ext);
-
-            TRACE("Temp file name is %s\n", file_buf);
-            return(file_buf);
-        }
-        
-        /*  If there is no room for additional characters in the time, */
-        /*    we'll have to return NULL here, or we go infinite. */
-        /*    This is a one case scenario where the requested prefix is */
-        /*    actually 8 letters long!   */
-        /*  Infinite loops could occur with a 7, 6, 5, etc character prefixes */
-        /*    if available files are all eaten up (rare to impossible), in */
-        /*    which case, we should check at some arbitrary frequency of */
-        /*    tries before we give up instead of attempting to Vulcanize */
-        /*    this code.  Live long and prosper. */
-        /* */
-        if(i_timechars == 0)    {
-            break;
-        } else if(i_numtries == 0x00FF) {
-            break;
-        }
-    }
-    
-    /*  Requested name is thought to be impossible to generate. */
-    /* */
-    TRACE("No more temp file names....\n");
-    return(NULL);
-
-}
-
-PUBLIC char *
-WH_TempFileName(int type, const char * request_prefix, const char * extension)
-{
-    static char file_buf[_MAX_PATH]; /* protected by _pr_TempName_lock */
-    char* result;
-
-    if (_pr_TempName_lock == NULL)
-	_pr_TempName_lock = PR_NewNamedMonitor("TempName-lock");
-    PR_EnterMonitor(_pr_TempName_lock);
-
-    result = XP_STRDUP(xp_TempFileName(type, request_prefix, extension, file_buf));
-    PR_ExitMonitor(_pr_TempName_lock);
-    return result;
-}
-
-#endif /* CMD_STUB */
-
-/* */
-/* Return a string that is equal to the NetName string but with the */
-/*  cross-platform characters changed back into DOS characters */
-/* The caller is responsible for XP_FREE()ing the string */
-/* */
-MODULE_PRIVATE char * 
-XP_NetToDosFileName(const char * NetName)
-{
-    char *p, *newName;
-    BOOL bChopSlash = FALSE;
-
-    if(!NetName)
-        return NULL;
-        
-    /*  If the name is only '/' or begins '//' keep the */
-    /*    whole name else strip the leading '/' */
-
-    if(NetName[0] == '/')
-        bChopSlash = TRUE;
-
-    /* save just / as a path */
-    if(NetName[0] == '/' && NetName[1] == '\0')
-	bChopSlash = FALSE;
-
-    /* spanky Win9X path name */
-    if(NetName[0] == '/' && NetName[1] == '/')
-	bChopSlash = FALSE;
-
-    if(bChopSlash)
-        newName = XP_STRDUP(&(NetName[1]));
-    else
-        newName = XP_STRDUP(NetName);
-
-    if(!newName)
-        return NULL;
-
-    for(p = newName; *p; p++) {
-        switch(*p) {
-            case '|':
-                *p = ':';
-                break;
-            case '/':
-                *p = '\\';
-                break;
-            default:
-                break;
-        }
-    }
-
-    return(newName);
-
-}
-
-
-/* */
-/* Returns the absolute name of a file  */
-/*  */
-/* The result of this function can be used with the standard */
-/* open/fopen ansi file functions */
-/* */
-PUBLIC char * 
-xp_FileName(const char * name, XP_FileType type, char* *myName)
-{
-    char * newName    = NULL;
-    char * netLibName = NULL;
-    char * tempName   = NULL;
-    char * prefStr    = NULL;
-    BOOL   bNeedToRegister = FALSE;   /* == do we need to register a new  */
-                                      /*   newshost->file name mapping */
-    struct _stat sInfo;
-    int iDot;
-    int iColon;
-
-#ifndef CMD_STUB
-    CString csHostName;
-    CString csHost;
-    CString fileName;
-#endif
-
-    switch(type) {
-
-#ifndef CMD_STUB
-    case xpCacheFAT:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\fat.db", (const char *)theApp.m_pCacheDir);
-	break;
-    case xpExtCacheIndex:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\extcache.fat", (const char *)theApp.m_pCacheDir);
-	break;
-
-    case xpSARCacheIndex:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        sprintf(newName, "%s\\archive.fat", theApp.m_pSARCacheDir);
-        break;
-
-    case xpHTTPCookie:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	/*sprintf(newName, "%s\\cookies.txt", theApp.m_pInstallDir->GetCharValue()); */
-	/* changed to support multi-profile */
-	sprintf(newName, "%s\\cookies.txt", (const char *)theApp.m_UserDirectory);
-	break;
-#ifndef MOZ_LITE      
-    case xpSNewsRC:
-    case xpNewsRC:
-        /* see if we are asking about the default news host */
-        /* else look up in netlib */
-        if ( !name || !strlen(name) )
-            name = g_MsgPrefs.m_csNewsHost;
-
-        netLibName = NET_MapNewsrcHostToFilename((char *)name, 
-                                                 (type == xpSNewsRC),
-                                                 FALSE);
-        
-        /* if we found something in our map just skip the rest of this */
-        if(netLibName && *netLibName) {
-            newName = XP_STRDUP(netLibName);
-            break;
-        }
-
-        /* whatever name we eventually end up with we will need to register it */
-        /*   before we leave the function */
-        bNeedToRegister = TRUE;
-
-        /* If we are on the default host see if there is a newsrc file in the */
-        /*   news directory.  If so, that is what we want */
-        if(!stricmp(name, g_MsgPrefs.m_csNewsHost)) {
-            csHostName = g_MsgPrefs.m_csNewsDir;
-            csHostName += "\\newsrc";
-            if(_stat((const char *) csHostName, &sInfo) == 0) {
-                newName = XP_STRDUP((const char *) csHostName);
-                break;
-            }
-        }
-                        
-        /* See if we are going to be able to build a file name based  */
-        /*   on the hostname */
-        csHostName = g_MsgPrefs.m_csNewsDir;
-        csHostName += '\\';
-
-        /* build up '<hostname>.rc' so we can tell how long its going to be */
-        /*   we will use that as the default name to try */
-		if(type == xpSNewsRC)
-			csHost += 's';
-        csHost += name;
-
-        /* if we have a news host news.foo.com we just want to use the "news" */
-        /*   part */
-        iDot = csHost.Find('.');
-        if(iDot != -1)
-            csHost = csHost.Left(iDot);
-
-#ifdef XP_WIN16
-        if(csHost.GetLength() > 8)
-            csHost = csHost.Left(8);
-#endif
-
-	iColon = csHost.Find(':');
-	if (iColon != -1) {
-		/* Windows file system seems to do horrid things if you have */
-		/* a filename with a colon in it. */
-		csHost = csHost.Left(iColon);
-	}
-
-        csHost += ".rc";
-
-        /* csHost is now of the form <hostname>.rc and is in 8.3 format */
-        /*   if we are on a Win16 box */
-
-        csHostName += csHost;
-
-        /* looks like a file with that name already exists -- panic */
-        if(_stat((const char *) csHostName, &sInfo) != -1) {
-            
-            char host[5];
-
-            /* else generate a new file in news directory */
-            strncpy(host, name, 4);
-            host[4] = '\0';
-
-            newName = WH_TempFileName(type, host, ".rc");
-            if(!newName)
-                return(NULL);
-
-        } else {
-
-            newName = XP_STRDUP((const char *) csHostName);
-
-        }
-
- 		break;
-    case xpNewsrcFileMap:
-        /* return name of FAT file in news directory */
-		newName = (char *) XP_ALLOC(_MAX_PATH);
-		sprintf(newName, "%s\\fat", (const char *)g_MsgPrefs.m_csNewsDir);
-		break;
-    case xpNewsgroups:
-    case xpSNewsgroups:
-        /* look up in netlib */
-        if ( !name || !strlen(name) )
-            name = g_MsgPrefs.m_csNewsHost;
-
-        netLibName = NET_MapNewsrcHostToFilename((char *)name, 
-                                                 (type == xpSNewsgroups),
-                                                 TRUE);
-
-        if(!netLibName) {
-
-            csHostName = g_MsgPrefs.m_csNewsDir;
-            csHostName += '\\';
-
-	    if(type == xpSNewsgroups)
-		    csHost += 's';
-            csHost += name;
-
-            /* see if we can just use "<hostname>.rcg" */
-            /* it might be news.foo.com so just take "news" */
-            int iDot = csHost.Find('.');
-            if(iDot != -1)
-                csHost = csHost.Left(iDot);
-
-#ifdef XP_WIN16
-            if(csHost.GetLength() > 8)
-                csHost = csHost.Left(8);
-#endif
-
-	    iColon = csHost.Find(':');
-	    if (iColon != -1) {
-		    /* Windows file system seems to do horrid things if you have */
-		    /* a filename with a colon in it. */
-		    csHost = csHost.Left(iColon);
-	    }
-
-            csHost += ".rcg";
-
-            /* csHost is now of the form <hostname>.rcg */
-
-            csHostName += csHost;
-
-            /* looks like a file with that name already exists -- panic */
-            if(_stat((const char *) csHostName, &sInfo) != -1) {
-                
-                char host[5];
-
-                /* else generate a new file in news directory */
-                strncpy(host, name, 4);
-                host[4] = '\0';
-
-                newName = WH_TempFileName(type, host, ".rcg");
-                if(!newName)
-                    return(NULL);
-
-            } else {
-
-                newName = XP_STRDUP((const char *) csHostName);
-
-            }
-
-            if ( !name || !strlen(name))
-                NET_RegisterNewsrcFile(newName,(char *)(const char *)g_MsgPrefs.m_csNewsHost,
-                    (type == xpSNewsgroups), TRUE );
-            else
-                NET_RegisterNewsrcFile(newName,(char*)name,(type == xpSNewsgroups), TRUE );
-
-        } else {
-
-            newName = XP_STRDUP(netLibName);
-
-        }
-        break;
-    case xpMimeTypes:
-	name = NULL;
-	break;
-#endif /* MOZ_LITE       */
-    case xpGlobalHistory:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	/* changed to support multi-profile */
-	/*sprintf(newName, "%s\\netscape.hst", theApp.m_pInstallDir->GetCharValue()); */
-	sprintf(newName, "%s\\netscape.hst", (const char *)theApp.m_UserDirectory);
-	break;
-    case xpGlobalHistoryList:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        sprintf( newName, "%s\\ns_hstry.htm" );
-        break;
-    case xpKeyChain:
-	name = NULL;
-	break;
-
-      /* larubbio */
-    case xpSARCache:
-        if(!name) {
-            return NULL;
-        }
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\%s", theApp.m_pSARCacheDir, name);
-	break;
-
-    case xpCache:
-        if(!name) {
-            tempName = WH_TempFileName(xpCache, NULL, NULL);
-	    if (!tempName) return NULL;
-	    name = tempName;
-	}
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        if ((strchr(name,'|')  || strchr(name,':')))  { /* Local File URL if find a | */
-            if(name[0] == '/')
-            	strcpy(newName,name+1); /* skip past extra slash */
-	    else
-		strcpy(newName,name); /* absolute path is valid */
-        } else {
-	    sprintf(newName, "%s\\%s", (const char *)theApp.m_pCacheDir, name);
-	}
-        break;
-    case xpBookmarks:
-    case xpHotlist: 
-	if (!name || !strlen(name)) 
-	    name = theApp.m_pBookmarkFile;
-	break;
-#endif /* CMD_STUB */
-
-    case xpSocksConfig:
-	prefStr = NULL;
-#ifndef CMD_STUB
-	PREF_CopyCharPref("browser.socksfile_location", &prefStr);
-#else
-	ASSERT(0);
-#endif
-	name = prefStr;
-	break;		
-
-#ifndef CMD_STUB
-    case xpCertDB:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        if ( name ) {
-	    sprintf(newName, "%s\\cert%s.db", (const char *)theApp.m_UserDirectory, name);
-        } else {
-	    sprintf(newName, "%s\\cert.db", (const char *)theApp.m_UserDirectory);
-        }
-	break;
-    case xpCertDBNameIDX:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\certni.db", (const char *)theApp.m_UserDirectory);
-	break;
-    case xpKeyDB:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-	if ( name ) {
-	  sprintf(newName, "%s\\key%s.db", (const char *)theApp.m_UserDirectory, name);
-	} else {
-	  sprintf(newName, "%s\\key.db", (const char *)theApp.m_UserDirectory);
-	}
-	break;
-    case xpSecModuleDB:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\secmod.db", (const char *)theApp.m_UserDirectory);
-	break;
-    case xpSignedAppletDB:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-	if ( name ) {
-	  sprintf(newName, "%s\\signed%s.db", (const char *)theApp.m_UserDirectory, name);
-	} else {
-	  sprintf(newName, "%s\\signed.db", (const char *)theApp.m_UserDirectory);
-	}
-		break;
-#ifndef MOZ_LITE      
-    case xpAddrBook:
-#ifdef XP_WIN16
-	if(!name || !strlen(name) )
-	    newName = WH_TempName(type, NULL);
-#else
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	strcpy(newName, name);
-
-	/* strip off the extension */
-	{
-	char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
-	if(!pEnd)
-	    pEnd = newName;
-
-	pEnd = strchr(pEnd, '.');
-	if(pEnd)
-	    *pEnd = '\0';
-	}
-	strcat(newName, ".nab");
-#endif
-        break;
-    case xpAddrBookNew:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\%s", (const char *)theApp.m_UserDirectory, name);
-	break;
-    case xpVCardFile:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	strcpy(newName, name);
-
-	/* strip off the extension */
-	{
-	char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
-	if(!pEnd)
-	    pEnd = newName;
-
-	pEnd = strchr(pEnd, '.');
-	if(pEnd)
-	    *pEnd = '\0';
-	}		
-	strcat(newName, ".vcf");
-        break;
-    case xpLDIFFile:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	strcpy(newName, name);
-
-	/* strip off the extension */
-	{
-	char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
-	if(!pEnd)
-	    pEnd = newName;
-
-	pEnd = strchr(pEnd, '.');
-	if(pEnd)
-	    *pEnd = '\0';
-	}		
-#ifdef XP_WIN16
-	strcat(newName, ".ldi");
-#else
-	strcat(newName, ".ldif");
-#endif
-        break;
-    case xpTemporaryNewsRC:
-        {
-            CString csHostName = g_MsgPrefs.m_csNewsDir;
-            csHostName += "\\news.tmp";
-            newName = XP_STRDUP((const char *) csHostName);
-        }
-        break;
-#endif /* MOZ_LITE         */
-    case xpPKCS12File:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	strcpy(newName, name);
-
-	/* strip off the extension */
-	{
-	char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
-	if(!pEnd)
-	    pEnd = newName;
-
-	pEnd = strchr(pEnd, '.');
-	if(pEnd)
-	    *pEnd = '\0';
-	}		
-	strcat(newName, ".p12");
-	break;	
-    case xpTemporary:
-        if(!name || !strlen(name) )
-            newName = WH_TempName(type, NULL);
-        break;
-#ifndef MOZ_LITE        
-    case xpMailFolder:
-	if(!name)
-	    name = g_MsgPrefs.m_csMailDir;
-        break;
-    case xpMailFolderSummary:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	strcpy(newName, name);
-
-	/* strip off the extension */
-	{
-	char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
-	if(!pEnd)
-	    pEnd = newName;
-
-#ifdef XP_WIN16	/* backend won't allow '.' in win16 folder names, but just to be safe. */
-	pEnd = strchr(pEnd, '.');
-	if(pEnd)
-	    *pEnd = '\0';
-#endif
-	}
-	strcat(newName, ".snm");
-	break;
-    case xpMailSort:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        sprintf(newName, "%s\\rules.dat", (const char *)g_MsgPrefs.m_csMailDir);
-	break;
-    case xpMailFilterLog:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\mailfilt.log", (const char *)g_MsgPrefs.m_csMailDir);
-	break;
-    case xpNewsFilterLog:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\newsfilt.log", (const char *)g_MsgPrefs.m_csNewsDir);
-	break;
-    case xpMailPopState:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        sprintf(newName, "%s\\popstate.dat", (const char *)g_MsgPrefs.m_csMailDir);
-	break;
-    case xpMailSubdirectory:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	strcpy(newName, name);
-
-	/* strip off the trailing slash if any */
-	{
-	char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
-	if(!pEnd)
-	    pEnd = newName;
-	}
-
-	strcat(newName, ".sbd");
-	break;
-#endif /* MOZ_LITE       */
-    /* name of global cross-platform registry */
-    case xpRegistry:
-        /* eventually need to support arbitrary names; this is the default */
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        if ( newName != NULL ) {
-            GetWindowsDirectory(newName, _MAX_PATH);
-            int namelen = strlen(newName);
-            if ( newName[namelen-1] == '\\' )
-                namelen--;
-            strcpy(newName+namelen, "\\nsreg.dat");
-        }
-        break;
-	/* name of news group database  */
-#ifndef MOZ_LITE   
-    case xpXoverCache:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\%s", (const char *)g_MsgPrefs.m_csNewsDir, name);
-	break;
-#endif /* MOZ_LITE */
-    case xpProxyConfig:
-        newName = (char *) XP_ALLOC(_MAX_PATH);
-        /*sprintf(newName, "%s\\proxy.cfg", theApp.m_pInstallDir->GetCharValue()); */
-	sprintf(newName, "%s\\proxy.cfg", (const char *)theApp.m_UserDirectory);
-	break;
-
-    /* add any cases where no modification is necessary here 	 */
-    /* The name is fine all by itself, no need to modify it  */
-    case xpFileToPost:
-    case xpExtCache:
-    case xpURL:
-        /* name is OK as it is */
-	break;
-#ifndef MOZ_LITE      
-    case xpNewsHostDatabase:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	sprintf(newName, "%s\\news.db", (const char *)g_MsgPrefs.m_csNewsDir);
-	break;
-
-    case xpImapRootDirectory:
-	newName = PR_smprintf ("%s\\ImapMail", (const char *)theApp.m_UserDirectory);
-	break;
-    case xpImapServerDirectory:
-	{
-	int len = 0;
-	char *tempImapServerDir = XP_STRDUP(name);
-	char *imapServerDir = tempImapServerDir;
-#ifdef XP_WIN16
-	if ((len = XP_STRLEN(imapServerDir)) > 8) {
-	    imapServerDir = imapServerDir + len - 8;
-	}
-#endif
-	newName = PR_smprintf ("%s\\ImapMail\\%s", (const char *)theApp.m_UserDirectory, imapServerDir);
-	if (tempImapServerDir) XP_FREE(tempImapServerDir);
-	}
-	break;
-
-    case xpJSMailFilters:
-	newName = PR_smprintf("%s\\filters.js", (const char *)g_MsgPrefs.m_csMailDir);
-	break;
-#endif /* MOZ_LITE */
-    case xpFolderCache:
-	newName = PR_smprintf ("%s\\summary.dat", (const char *)theApp.m_UserDirectory);
-	break;
-
-    case xpCryptoPolicy:
-	newName = (char *) XP_ALLOC(_MAX_PATH);
-	FE_GetProgramDirectory(newName, _MAX_PATH);
-	strcat(newName, "moz40p3");
-	break;
-#endif /* CMD_STUB */
-
-    default:
-	ASSERT(0);  /* all types should be covered */
-        break;
-    }
-
-#ifndef MOZ_LITE    
-    /* make sure we have the correct newsrc file registered for next time */
-	if((type == xpSNewsRC || type == xpNewsRC) && bNeedToRegister)
-        NET_RegisterNewsrcFile(newName, (char *)name, (type == xpSNewsRC), FALSE );
-#endif
-
-    /* determine what file we are supposed to load and make sure it looks */
-    /*   like a DOS pathname and not some unix-like name */
-    if(newName) {
-	*myName = XP_NetToDosFileName((const char*)newName);
-	XP_FREE(newName); 
-    } else {
-	*myName = XP_NetToDosFileName((const char*)name);
-    }
-
-    if (tempName) XP_FREE(tempName);
-
-    if (prefStr) XP_FREE(prefStr);        
-
-    /* whee, we're done */
-    return(*myName);
-}
-
-/* */
-/* Open a file with the given name */
-/* If a special file type is provided we might need to get the name */
-/*  out of the preferences list */
-/* */
-PUBLIC XP_File 
-XP_FileOpen(const char * name, XP_FileType type, const XP_FilePerm perm)
-{
-    XP_File fp;
-    char *filename = WH_FileName(name, type);
-
-    if(!filename)
-	return(NULL);
-		
-#ifdef DEBUG_nobody
-    TRACE("Opening a file type (%d) permissions: %s (%s)\n", type, perm, filename);
-#endif
-
-#ifdef XP_WIN32
-    if (type == xpURL) {
-	HANDLE	hFile;
-	DWORD	dwType;
-
-	/* Check if we're trying to open a device. We don't allow this */
-	hFile = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, NULL,
-		OPEN_EXISTING, 0, NULL);
-
-	if (hFile != INVALID_HANDLE_VALUE) {
-	    dwType = GetFileType(hFile);
-	    CloseHandle(hFile);
-	
-	    if (dwType != FILE_TYPE_DISK) {
-		XP_FREE(filename);
-		return NULL;
-	    }
-	}
-    }
-#endif
-
-#ifdef XP_WIN16
-    /* Windows uses ANSI codepage, DOS uses OEM codepage,  */
-    /* fopen takes OEM codepage */
-    /* That's why we need to do conversion here. */
-    CString oembuff = filename;
-    oembuff.AnsiToOem();
-    fp = fopen(oembuff, (char *) perm);
-
-    if (fp && type == xpURL) {
-	union _REGS	inregs, outregs;
-
-	/* Check if we opened a device. Execute an Interrupt 21h to invoke */
-	/* MS-DOS system call 44h */
-	inregs.x.ax = 0x4400;	 /* MS-DOS function to get device information */
-	inregs.x.bx = _fileno(fp);
-	_int86(0x21, &inregs, &outregs);
-
-	if (outregs.x.dx & 0x80) {
-	    /* It's a device. Don't allow any reading/writing */
-	    fclose(fp);
-	    XP_FREE(filename);
-	    return NULL;
-	}
-    }
-#else	
-    fp = fopen(filename, (char *) perm);
-#endif
-    XP_FREE(filename);
-    return(fp);
-}
-
-
-
-/******************************************************************************/
-/* Thread-safe entry points: */
-
-extern PRMonitor* _pr_TempName_lock;
-
-#ifndef CMD_STUB
-
-char *
-WH_TempName(XP_FileType type, const char * prefix)
-{
-    static char buf[_MAX_PATH];	/* protected by _pr_TempName_lock */
-    char* result;
-
-    if (_pr_TempName_lock == NULL)
-	_pr_TempName_lock = PR_NewNamedMonitor("TempName-lock");
-    PR_EnterMonitor(_pr_TempName_lock);
-
-    result = XP_STRDUP(xp_TempFileName(type, prefix, NULL, buf));
-
-    PR_ExitMonitor(_pr_TempName_lock);
-
-    return result;
-}
-
-#endif /* CMD_STUB */
-
-PUBLIC char *
-WH_FileName (const char *name, XP_FileType type)
-{
-    char* myName;
-    char* result;
-    /*
-    ** I'm not sure this lock is really needed by windows, but just
-    ** to be safe:
-    */
-    /*	XP_ASSERT(_pr_TempName_lock); */
-    /*	PR_EnterMonitor(_pr_TempName_lock); */
-    result = xp_FileName(name, type, &myName);
-    /*	PR_ExitMonitor(_pr_TempName_lock); */
-    return myName;
-}
-
-#endif /* XP_WIN */
diff --git a/security/nss/cmd/lib/makefile.win b/security/nss/cmd/lib/makefile.win
deleted file mode 100644
index 92081a2f8..000000000
--- a/security/nss/cmd/lib/makefile.win
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include <manifest.mn>
-
-include <$(DEPTH)\config\config.mak>
-
-# include files are aought in LINCS and INCS.  
-# LINCS are generated from REQUIRES in manigest.mn
-INCS	= $(INCS) \
- -I..\include \
- -I..\..\lib\cert \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)\dist\public\security \
- -I$(DEPTH)\dist\public\nspr \
- -I$(DEPTH)\cmd\winfe \
- $(NULL)
-
-LCFLAGS = -DUSE_SSL -DEXPORT_VERSION
-
-PDBFILE	= $(LIBNAME).pdb
-
-# work around a bug in rules.mak
-LIBRARY_SUFFIX	= $(MOZ_BITS)
-
-include <$(DEPTH)\config\rules.mak>
-
-install:: $(LIBRARY)
-#    $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
-
-
-symbols::
-	@echo "LIBRARY_NAME	is $(LIBRARY_NAME)"
-	@echo "LIBRARY		is $(LIBRARY)"
diff --git a/security/nss/cmd/lib/manifest.mn b/security/nss/cmd/lib/manifest.mn
deleted file mode 100644
index 969596863..000000000
--- a/security/nss/cmd/lib/manifest.mn
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH	= ../../..
-
-LIBRARY_NAME	= sectool
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE		= seccmd
-
-DEFINES		= -DNSPR20
-
-EXPORTS		= secutil.h \
-		  $(NULL)
-
-CSRCS		= secutil.c \
-		secpwd.c    \
-		derprint.c \
-		secerror.c \
-		seccnames.c \
-		ffs.c \
-		$(NULL)
-
-OLD_CSRCS	= dongle.c \
-		  derprint.c \
-		  err.c \
-		  fe_util.c \
-		  ffs.c \
-		  filestub.c \
-		  secarb.c \
-		  secpwd.c \
-		  secutil.c \
-		  sslstubs.c \
-		  strerror.c \
-		  stubs.c \
-		  $(NULL)
-
-REQUIRES	= security nspr dbm
-
diff --git a/security/nss/cmd/lib/secarb.c b/security/nss/cmd/lib/secarb.c
deleted file mode 100644
index 176fcbf8b..000000000
--- a/security/nss/cmd/lib/secarb.c
+++ /dev/null
@@ -1,372 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-#ifdef __sun
-extern int fprintf(FILE *strm, const char *format, .../* args */);
-extern int fflush(FILE *stream);
-#endif
-
-#define RIGHT_MARGIN 24
-/*#define RAW_BYTES 1 */
-
-typedef unsigned char Byte;
-
-static int prettyColumn;	/* NOTE: This is NOT reentrant. */
-
-static char *prettyTagType [32] = {
-  "End of Contents", "Boolean", "Integer", "Bit String", "Octet String",
-  "NULL", "Object Identifier", "0x07", "0x08", "0x09", "0x0A",
-  "0x0B", "0X0C", "0X0D", "0X0E", "0X0F", "Sequence", "Set",
-  "0x12", "Printable String", "T61 String", "0x15", "IA5 String",
-  "UTCTime",
-  "0x18", "0x19", "0x1A", "0x1B", "0x1C", "0x1D", "0x1E",
-  "High-Tag-Number"
-};
-
-static SECStatus prettyNewline(FILE *out)
-{
-    int rv;
-
-    if (prettyColumn != -1) {
-	rv = fprintf(out, "\n");
-	prettyColumn = -1;
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus prettyIndent(FILE *out, unsigned level)
-{
-    unsigned i;
-    SECStatus rv;
-
-    if (prettyColumn == -1) {
-	prettyColumn = level;
-	for (i = 0; i < level; i++) {
-	    rv = (SECStatus) fprintf(out, "   ");
-	    if (rv < 0) {
-		PORT_SetError(SEC_ERROR_IO);
-		return SECFailure;
-	    }
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus prettyPrintByte(FILE *out, Byte item, unsigned level)
-{
-    SECStatus rv;
-
-    rv = prettyIndent(out, level);
-    if (rv) return rv;
-
-    rv = (SECStatus) fprintf(out, "%02x ", item);
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return SECFailure;
-    }
-    prettyColumn++;
-    if (prettyColumn >= RIGHT_MARGIN) {
-	rv = prettyNewline(out);
-	return rv;
-    }
-    return SECSuccess;
-}
-
-static SECStatus prettyPrintCString(FILE *out, char *str, unsigned level)
-{
-    SECStatus rv;
-
-    rv = prettyNewline(out);
-    if (rv) return rv;
-
-    rv = prettyIndent(out, level);
-    if (rv) return rv;
-
-    rv = (SECStatus) fprintf(out, str);
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return SECFailure;
-    }
-
-    rv = prettyNewline(out);
-    return rv;
-}
-
-static SECStatus prettyPrintLeafString(FILE *out, SECArb *arb, unsigned lv)
-{
-    unsigned char buf[100];
-    SECStatus rv;
-    int length = arb->body.item.len;
-
-    if (length > 0 && arb->body.item.data == NULL)
-	return prettyPrintCString(out, "(string contents not available)", lv);
-
-    if (length >= sizeof(buf))
-      length = sizeof(buf) - 1;
-
-    rv = prettyNewline(out);
-    if (rv) return rv;
-
-    rv = prettyIndent(out, lv);
-    if (rv) return rv;
-
-    memcpy(buf, arb->body.item.data, length);
-    buf[length] = '\000';
-
-    rv = (SECStatus) fprintf(out, "\"%s\"", buf);
-    if (rv < 0) {
-	PORT_SetError(SEC_ERROR_IO);
-	return SECFailure;
-    }
-    rv = prettyNewline(out);
-    if (rv) return rv;
-
-    return SECSuccess;
-}
-
-static SECStatus prettyPrintLeaf(FILE *out, SECArb* arb, unsigned lv)
-{
-    unsigned i;
-    SECStatus rv;
-    Byte *data = arb->body.item.data;
-
-    if (data == NULL && arb->body.item.len > 0)
-	return prettyPrintCString(out, "(data not availabe)", lv);
-
-    for (i = 0; i < arb->body.item.len; i++) {
-	rv = prettyPrintByte(out, *data++, lv);
-	if (rv) return rv;
-    }
-
-    rv = prettyNewline(out);
-    return rv;
-}
-
-static SECStatus prettyPrintEndContents(FILE *out, unsigned level)
-{
-      return prettyPrintCString(out, prettyTagType[0], level);
-}
-
-static SECStatus prettyPrintTag(FILE *out, SECArb *arb, unsigned level)
-{
-    int rv;
-
-#ifdef RAW_BYTES
-    if (prettyPrintByte(out, arb->tag, level)) return PR_TRUE;
-#else
-    if (prettyIndent(out, level)) return PR_TRUE;
-#endif
-
-    if (arb->tag & DER_CONSTRUCTED) {
-        rv = fprintf(out, "C-");
-	if (rv < 0) {
-	    PORT_SetError(SEC_ERROR_IO);
-	    return PR_TRUE;
-	}
-    }
-
-    switch(arb->tag & 0xC0) {
-    case DER_UNIVERSAL:
-        rv = fprintf(out, "%s ", prettyTagType[arb->tag & 0x17]);
-	break;
-    case DER_APPLICATION:
-        rv = fprintf(out, "Application: %d ", arb->tag & 0x17);
-	break;
-    case DER_CONTEXT_SPECIFIC:
-        rv = fprintf(out, "[%d] ", arb->tag & 0x17);
-	break;
-    case DER_PRIVATE:
-        rv = fprintf(out, "Private: %d ", arb->tag & 0x17);
-	break;
-    }
-
-    if (rv < 0) {
-        PORT_SetError(SEC_ERROR_IO);
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-static SECStatus prettyPrintLength(FILE *out, SECArb *arb, unsigned lv)
-{
-    int rv = fprintf(out, " (%d)\n", arb->length);
-    if (rv < 0) {
-        PORT_SetError(SEC_ERROR_IO);
-	return -1;
-    }
-    prettyColumn = -1;
-    return PR_FALSE;
-}
-
-static SECStatus prettyPrint(FILE *out, SECArb *arb, unsigned lv)
-{
-    int i;
-
-    prettyPrintTag(out, arb, lv);
-    prettyPrintLength(out, arb, lv);
-
-    if (arb->tag & DER_CONSTRUCTED) {
-	for (i = 0; i < arb->body.cons.numSubs; i++)
-	    prettyPrint(out, arb->body.cons.subs[i], lv + 1);
-	if (arb->length == 0)
-	    prettyPrintEndContents(out, lv);
-    } else {
-	if (arb->tag == DER_PRINTABLE_STRING || arb->tag == DER_UTC_TIME) {
-	    if (prettyPrintLeafString(out, arb, lv+1)) return PR_TRUE;
-#ifdef RAW_BYTES
-	    if (prettyPrintLeaf(out, arb, lv+1)) return PR_TRUE;
-#endif
-	} else {
-	    if (prettyPrintLeaf(out, arb, lv+1)) return PR_TRUE;
-	}
-    }
-
-    return prettyNewline(out);
-}
-
-SECStatus BER_PrettyPrintArb(FILE *out, SECArb *a)
-{
-    prettyColumn = -1;
-    return prettyPrint(out, a, 0);
-}
-
-/*
- * PackHeader puts the tag and length field into a buffer provided by the
- * client. It assumes the client has made the buffer at least big
- * enough. (8 bytes will suffice for now). It returns the number of
- * valid bytes
- */
-static int PackHeader(SECArb *arb, unsigned char *header)
-{
-    int tagBytes, lengthBytes;
-    unsigned long length = arb->length;
-    /*
-     * XXX only handles short form tags
-     */
-    header[0] = arb->tag;
-    tagBytes = 1;
-
-    if (length < 0x80) {
-	if ((arb->tag & DER_CONSTRUCTED) && (arb->length == 0))
-	    header[tagBytes] = 0x80; /* indefinite length form */
-	else
-	    header[tagBytes] = arb->length;
-	lengthBytes = 1;
-    } else {
-	int i;
-	lengthBytes = 0;
-	for (i = 0; i < 4; i++) {
-	    if ((length & 0xFF000000) || (lengthBytes > 0)) {
-		header[tagBytes + lengthBytes + 1] = length >> 24;
-		lengthBytes++;
-	    }
-	    length <<= 8;
-	}
-	header[tagBytes] = 0x80 + lengthBytes;
-	lengthBytes++;  /* allow for the room for the length length */
-    }
-    return tagBytes + lengthBytes;
-}
-
-SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance)
-{
-    int i, length;
-    SECStatus rv;
-    unsigned char header[12];
-
-    length = PackHeader(arb, header);
-    rv = (*proc)(instance, header, length, arb);
-    if (rv) return rv;
-
-    if (arb->tag & DER_CONSTRUCTED) {
-	for (i = 0; i < arb->body.cons.numSubs; i++) {
-	    rv = BER_Unparse(arb->body.cons.subs[i], proc, instance);
-	    if (rv) return rv;
-	}
-	if (arb->length == 0) {
-	    rv = (*proc)(instance, "\0\0", 2, arb);
-	    if (rv) return rv;
-	}
-    } else {
-	if ((arb->length > 0) && (arb->body.item.data == NULL))
-	    return SECFailure;
-	if (arb->length != arb->body.item.len)
-	    return SECFailure;
-	rv = (*proc)(instance, arb->body.item.data, arb->length, arb);
-    }
-    return SECSuccess;
-}
-
-static int ResolveLength(SECArb *arb)
-{
-    int length, i, rv;
-    unsigned char header[12];
-
-    /*
-     * One theory is that there might be valid subtrees along with
-     * still yet uknown length trees. That would imply that the scan
-     * should not be aborted on first failure.
-     */
-
-    length = PackHeader(arb, header);
-    if (arb->tag | DER_CONSTRUCTED) {
-	if (arb->length > 0)
-	    length += arb->length;
-	else {
-	    for (i = 0; i < arb->body.cons.numSubs; i++) {
-		rv = ResolveLength(arb->body.cons.subs[i]);
-		if (rv < 0) return -1;
-		length += rv;
-	    }
-	    arb->length = length;
-	}
-    } else {
-	if (arb->length != arb->body.item.len)
-	    return -1;
-	length += arb->length;
-    }
-    return length;
-}
-
-SECStatus BER_ResolveLengths(SECArb *arb)
-{
-    int rv;
-    rv = ResolveLength(arb);
-    if (rv < 0) return SECFailure;
-    return SECSuccess;    
-}
diff --git a/security/nss/cmd/lib/seccnames.c b/security/nss/cmd/lib/seccnames.c
deleted file mode 100644
index a1857dc0e..000000000
--- a/security/nss/cmd/lib/seccnames.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secrng.h"
-#if !defined(_WIN32_WCE)
-#include <sys/stat.h>
-#endif
-#include <stdarg.h>
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-typedef struct {
-    char *		name;
-    CERTCertTrust	trust;
-} certNameAndTrustEntry;
-
-typedef struct {
-    int numCerts;
-    certNameAndTrustEntry *nameAndTrustEntries;
-} certNameAndTrustList;
-
-SECStatus
-sec_CountCerts(CERTCertificate *cert, SECItem *unknown, void *arg)
-{
-    (*(int*)arg)++;
-    return SECSuccess;
-}
-
-SECStatus
-sec_CollectCertNamesAndTrust(CERTCertificate *cert, SECItem *unknown, void *arg)
-{
-    certNameAndTrustList *pCertNames = (certNameAndTrustList*)arg;
-    char *name;
-    int i;
-
-    i = pCertNames->numCerts;
-    name = cert->nickname ? cert->nickname : cert->emailAddr;
-
-    if (name)
-	pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(name);
-    else
-	pCertNames->nameAndTrustEntries[i].name = PORT_Strdup("<unknown>");
-
-    PORT_Memcpy(&pCertNames->nameAndTrustEntries[i].trust, cert->trust, sizeof(*cert->trust));
-
-    pCertNames->numCerts++;
-
-    return SECSuccess;
-}
-
-
-static int
-sec_name_and_trust_compare_by_name(const void *p1, const void *p2)
-{
-    certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1;
-    certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2;
-    return PORT_Strcmp(e1->name, e2->name);
-}
-
-static int
-sec_combine_trust_flags(CERTCertTrust *trust)
-{
-    if (trust == NULL)
-	return 0;
-    return trust->sslFlags | trust->emailFlags | trust->objectSigningFlags;
-}
-
-static int
-sec_name_and_trust_compare_by_trust(const void *p1, const void *p2)
-{
-    certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1;
-    certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2;
-    int e1_is_ca, e2_is_ca;
-    int e1_is_user, e2_is_user;
-    int rv;
-
-    e1_is_ca = (sec_combine_trust_flags(&e1->trust) & CERTDB_VALID_CA) != 0;
-    e2_is_ca = (sec_combine_trust_flags(&e2->trust) & CERTDB_VALID_CA) != 0;
-    e1_is_user = (sec_combine_trust_flags(&e1->trust) & CERTDB_USER) != 0;
-    e2_is_user = (sec_combine_trust_flags(&e2->trust) & CERTDB_USER) != 0;
-
-    /* first, sort by user status, then CA status, */
-    /*  then by actual comparison of CA flags, then by name */
-    if ((rv = (e2_is_user - e1_is_user)) == 0 && (rv = (e1_is_ca - e2_is_ca)) == 0)
-	if (e1_is_ca || (rv = memcmp(&e1->trust, &e2->trust, sizeof(CERTCertTrust))) == 0)
-	    return PORT_Strcmp(e1->name, e2->name);
-	else
-	    return rv;
-    else
-	return rv;
-}
-
-SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc *out, 
-                           PRBool sortByName, PRBool sortByTrust)
-{
-    certNameAndTrustList certNames = { 0, NULL };
-    int numCerts, i;
-    SECStatus rv;
-    int (*comparefn)(const void *, const void *);
-    char trusts[30];
-
-    numCerts = 0;
-
-    rv = SEC_TraversePermCerts(handle, sec_CountCerts, &numCerts);
-    if (rv != SECSuccess)
-	return SECFailure;
-
-    certNames.nameAndTrustEntries = 
-		(certNameAndTrustEntry *)PORT_Alloc(numCerts * sizeof(certNameAndTrustEntry));
-    if (certNames.nameAndTrustEntries == NULL)
-	return SECFailure;
-
-    rv = SEC_TraversePermCerts(handle, sec_CollectCertNamesAndTrust, &certNames);
-    if (rv != SECSuccess)
-	return SECFailure;
-
-    if (sortByName)
-	comparefn = sec_name_and_trust_compare_by_name;
-    else if (sortByTrust)
-	comparefn = sec_name_and_trust_compare_by_trust;
-    else
-	comparefn = NULL;
-
-    if (comparefn)
-	qsort(certNames.nameAndTrustEntries, certNames.numCerts, 
-			    sizeof(certNameAndTrustEntry), comparefn);
-
-    PR_fprintf(out, "\n%-60s %-5s\n\n", "Certificate Name", "Trust Attributes");
-    for (i = 0; i < certNames.numCerts; i++) {
-	PORT_Memset (trusts, 0, sizeof(trusts));
-	printflags(trusts, certNames.nameAndTrustEntries[i].trust.sslFlags);
-	PORT_Strcat(trusts, ",");
-	printflags(trusts, certNames.nameAndTrustEntries[i].trust.emailFlags);
-	PORT_Strcat(trusts, ",");
-	printflags(trusts, certNames.nameAndTrustEntries[i].trust.objectSigningFlags);
-	PR_fprintf(out, "%-60s %-5s\n", 
-	           certNames.nameAndTrustEntries[i].name, trusts);
-    }
-    PR_fprintf(out, "\n");
-    PR_fprintf(out, "p    Valid peer\n");
-    PR_fprintf(out, "P    Trusted peer (implies p)\n");
-    PR_fprintf(out, "c    Valid CA\n");
-    PR_fprintf(out, "T    Trusted CA to issue client certs (implies c)\n");
-    PR_fprintf(out, "C    Trusted CA to certs(only server certs for ssl) (implies c)\n");
-    PR_fprintf(out, "u    User cert\n");
-    PR_fprintf(out, "w    Send warning\n");
-
-    for (i = 0; i < certNames.numCerts; i++)
-	PORT_Free(certNames.nameAndTrustEntries[i].name);
-    PORT_Free(certNames.nameAndTrustEntries);
-
-    return rv;
-}
diff --git a/security/nss/cmd/lib/secerror.c b/security/nss/cmd/lib/secerror.c
deleted file mode 100644
index 857704b79..000000000
--- a/security/nss/cmd/lib/secerror.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-
-struct tuple_str {
-    PRErrorCode	 errNum;
-    const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b)   {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SECU_Strerror(PRErrorCode errNum) {
-    PRInt32 low  = 0;
-    PRInt32 high = numStrings - 1;
-    PRInt32 i;
-    PRErrorCode num;
-    static int initDone;
-
-    /* make sure table is in ascending order.
-     * binary search depends on it.
-     */
-    if (!initDone) {
-	PRErrorCode lastNum = ((PRInt32)0x80000000);
-    	for (i = low; i <= high; ++i) {
-	    num = errStrings[i].errNum;
-	    if (num <= lastNum) {
-	    	fprintf(stderr, 
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
-		        i, lastNum, errStrings[i-1].errString, 
-			num, errStrings[i].errString);
-	    }
-	    lastNum = num;
-	}
-	initDone = 1;
-    }
-
-    /* Do binary search of table. */
-    while (low + 1 < high) {
-    	i = (low + high) / 2;
-	num = errStrings[i].errNum;
-	if (errNum == num) 
-	    return errStrings[i].errString;
-        if (errNum < num)
-	    high = i;
-	else 
-	    low = i;
-    }
-    if (errNum == errStrings[low].errNum)
-    	return errStrings[low].errString;
-    if (errNum == errStrings[high].errNum)
-    	return errStrings[high].errString;
-    return NULL;
-}
diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c
deleted file mode 100644
index 8bc4eef14..000000000
--- a/security/nss/cmd/lib/secpwd.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-/*
- * NOTE:  The contents of this file are NOT used by the client.
- * (They are part of the security library as a whole, but they are
- * NOT USED BY THE CLIENT.)  Do not change things on behalf of the
- * client (like localizing strings), or add things that are only
- * for the client (put them elsewhere).  
- */
-
-
-#ifdef XP_UNIX
-#include <termios.h>
-#include <unistd.h>
-#endif
-
-#if defined(_WINDOWS) && !defined(_WIN32_WCE)
-#include <conio.h>
-#include <io.h>
-#define QUIET_FGETS quiet_fgets
-static char * quiet_fgets (char *buf, int length, FILE *input);
-#else
-#define QUIET_FGETS fgets
-#endif
-
-static void echoOff(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
-    if (isatty(fd)) {
-	struct termios tio;
-	tcgetattr(fd, &tio);
-	tio.c_lflag &= ~ECHO;
-	tcsetattr(fd, TCSAFLUSH, &tio);
-    }
-#endif
-}
-
-static void echoOn(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
-    if (isatty(fd)) {
-	struct termios tio;
-	tcgetattr(fd, &tio);
-	tio.c_lflag |= ECHO;
-	tcsetattr(fd, TCSAFLUSH, &tio);
-    }
-#endif
-}
-
-char *SEC_GetPassword(FILE *input, FILE *output, char *prompt,
-			       PRBool (*ok)(char *))
-{
-#if defined(_WINDOWS) || defined(OS2)
-    int isTTY = (input == stdin);
-#define echoOn(x)
-#define echoOff(x)
-#else
-    int infd  = fileno(input);
-    int isTTY = isatty(infd);
-#endif
-    char phrase[200];
-
-    for (;;) {
-	/* Prompt for password */
-	if (isTTY) {
-	    fprintf(output, "%s", prompt);
-            fflush (output);
-	    echoOff(infd);
-	}
-
-	QUIET_FGETS ( phrase, sizeof(phrase), input);
-
-	if (isTTY) {
-	    fprintf(output, "\n");
-	    echoOn(infd);
-	}
-
-	/* stomp on newline */
-	phrase[PORT_Strlen(phrase)-1] = 0;
-
-	/* Validate password */
-	if (!(*ok)(phrase)) {
-	    /* Not weird enough */
-	    if (!isTTY) return 0;
-	    fprintf(output, "Password must be at least 8 characters long with one or more\n");
-	    fprintf(output, "non-alphabetic characters\n");
-	    continue;
-	}
-	return (char*) PORT_Strdup(phrase);
-    }
-}
-
-
-
-PRBool SEC_CheckPassword(char *cp)
-{
-    int len;
-    char *end;
-
-    len = PORT_Strlen(cp);
-    if (len < 8) {
-	return PR_FALSE;
-    }
-    end = cp + len;
-    while (cp < end) {
-	unsigned char ch = *cp++;
-	if (!((ch >= 'A') && (ch <= 'Z')) &&
-	    !((ch >= 'a') && (ch <= 'z'))) {
-	    /* pass phrase has at least one non alphabetic in it */
-	    return PR_TRUE;
-	}
-    }
-    return PR_FALSE;
-}
-
-PRBool SEC_BlindCheckPassword(char *cp)
-{
-    if (cp != NULL) {
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-/* Get a password from the input terminal, without echoing */
-
-#ifdef _WINDOWS
-static char * quiet_fgets (char *buf, int length, FILE *input)
-  {
-  int c;
-  char *end = buf;
-
-  /* fflush (input); */
-  memset (buf, 0, length);
-
-  if (input != stdin) {
-     return fgets(buf,length,input);
-  }
-
-  while (1)
-    {
-#if defined (_WIN32_WCE)
-    c = getchar();	/* gets a character from stdin */
-#else
-    c = getch();	/* getch gets a character from the console */
-#endif
-    if (c == '\b')
-      {
-      if (end > buf)
-        end--;
-      }
-
-    else if (--length > 0)
-      *end++ = c;
-
-    if (!c || c == '\n' || c == '\r')
-      break;
-    }
-
-  return buf;
-  }
-#endif
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
deleted file mode 100644
index 6b9ab8e3c..000000000
--- a/security/nss/cmd/lib/secutil.c
+++ /dev/null
@@ -1,2593 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-#include "prenv.h"
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secrng.h"
-#include <stdarg.h>
-#if !defined(_WIN32_WCE)
-#include <sys/stat.h>
-#include <errno.h>
-#endif
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-/* #include "secmod.h" */
-#include "pk11func.h"
-#include "secoid.h"
-
-static char consoleName[] =  {
-#ifdef XP_UNIX
-#ifdef VMS
-    "TT"
-#else
-    "/dev/tty"
-#endif
-#else
-    "CON:"
-#endif
-};
-
-char *
-SECU_GetString(int16 error_number)
-{
-
-    static char errString[80];
-    sprintf(errString, "Unknown error string (%d)", error_number);
-    return errString;
-}
-
-void 
-SECU_PrintError(char *progName, char *msg, ...)
-{
-    va_list args;
-    PRErrorCode err = PORT_GetError();
-    const char * errString = SECU_Strerror(err);
-
-    va_start(args, msg);
-
-    fprintf(stderr, "%s: ", progName);
-    vfprintf(stderr, msg, args);
-    if (errString != NULL && PORT_Strlen(errString) > 0)
-	fprintf(stderr, ": %s\n", errString);
-    else
-	fprintf(stderr, ": error %d\n", (int)err);
-
-    va_end(args);
-}
-
-void
-SECU_PrintSystemError(char *progName, char *msg, ...)
-{
-    va_list args;
-
-    va_start(args, msg);
-    fprintf(stderr, "%s: ", progName);
-    vfprintf(stderr, msg, args);
-#if defined(_WIN32_WCE)
-    fprintf(stderr, ": %d\n", PR_GetOSError());
-#else
-    fprintf(stderr, ": %s\n", strerror(errno));
-#endif
-    va_end(args);
-}
-
-static void
-secu_ClearPassword(char *p)
-{
-    if (p) {
-	PORT_Memset(p, 0, PORT_Strlen(p));
-	PORT_Free(p);
-    }
-}
-
-char *
-SECU_GetPasswordString(void *arg, char *prompt)
-{
-#ifndef _WINDOWS
-    char *p = NULL;
-    FILE *input, *output;
-
-    /* open terminal */
-    input = fopen(consoleName, "r");
-    if (input == NULL) {
-	fprintf(stderr, "Error opening input terminal for read\n");
-	return NULL;
-    }
-
-    output = fopen(consoleName, "w");
-    if (output == NULL) {
-	fprintf(stderr, "Error opening output terminal for write\n");
-	return NULL;
-    }
-
-    p = SEC_GetPassword (input, output, prompt, SEC_BlindCheckPassword);
-        
-
-    fclose(input);
-    fclose(output);
-
-    return p;
-
-#else
-    /* Win32 version of above. opening the console may fail
-       on windows95, and certainly isn't necessary.. */
-
-    char *p = NULL;
-
-    p = SEC_GetPassword (stdin, stdout, prompt, SEC_BlindCheckPassword);
-    return p;
-
-#endif
-}
-
-
-/*
- *  p a s s w o r d _ h a r d c o d e 
- *
- *  A function to use the password passed in the -f(pwfile) argument
- *  of the command line.  
- *  After use once, null it out otherwise PKCS11 calls us forever.?
- *
- */
-char *
-SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-    unsigned char phrase[200];
-    PRFileDesc *fd;
-    PRInt32 nb;
-    char *pwFile = arg;
-    int i;
-
-    if (!pwFile)
-	return 0;
-
-    if (retry) {
-	return 0;  /* no good retrying - the files contents will be the same */
-    } 
- 
-    fd = PR_Open(pwFile, PR_RDONLY, 0);
-    if (!fd) {
-	fprintf(stderr, "No password file \"%s\" exists.\n", pwFile);
-	return NULL;
-    }
-
-    nb = PR_Read(fd, phrase, sizeof(phrase));
-  
-    PR_Close(fd);
-    /* handle the Windows EOL case */
-    i = 0;
-    while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++;
-    phrase[i] = '\0';
-    if (nb == 0) {
-	fprintf(stderr,"password file contains no data\n");
-	return NULL;
-    }
-    return (char*) PORT_Strdup((char*)phrase);
-}
-
-char *
-SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) 
-{
-    char prompt[255];
-    secuPWData *pwdata = (secuPWData *)arg;
-    secuPWData pwnull = { PW_NONE, 0 };
-    char *pw;
-
-    if (pwdata == NULL)
-	pwdata = &pwnull;
-
-    if (retry && pwdata->source != PW_NONE) {
-	PR_fprintf(PR_STDERR, "incorrect password entered at command line.\n");
-    	return NULL;
-    }
-
-    switch (pwdata->source) {
-    case PW_NONE:
-	sprintf(prompt, "Enter Password or Pin for \"%s\":",
-	                 PK11_GetTokenName(slot));
-	return SECU_GetPasswordString(NULL, prompt);
-    case PW_FROMFILE:
-	/* Instead of opening and closing the file every time, get the pw
-	 * once, then keep it in memory (duh).
-	 */
-	pw = SECU_FilePasswd(slot, retry, pwdata->data);
-	pwdata->source = PW_PLAINTEXT;
-	pwdata->data = PL_strdup(pw);
-	/* it's already been dup'ed */
-	return pw;
-    case PW_PLAINTEXT:
-	return PL_strdup(pwdata->data);
-    default:
-	break;
-    }
-
-    PR_fprintf(PR_STDERR, "Password check failed:  No password found.\n");
-    return NULL;
-}
-
-char *
-secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-    char *p0 = NULL;
-    char *p1 = NULL;
-    FILE *input, *output;
-    secuPWData *pwdata = arg;
-
-    if (pwdata->source == PW_FROMFILE) {
-	return SECU_FilePasswd(slot, retry, pwdata->data);
-    } else if (pwdata->source == PW_PLAINTEXT) {
-	return PL_strdup(pwdata->data);
-    }
-    
-    /* PW_NONE - get it from tty */
-    /* open terminal */
-#ifdef _WINDOWS
-    input = stdin;
-#else
-    input = fopen(consoleName, "r");
-#endif
-    if (input == NULL) {
-	PR_fprintf(PR_STDERR, "Error opening input terminal for read\n");
-	return NULL;
-    }
-
-    /* we have no password, so initialize database with one */
-    PR_fprintf(PR_STDERR, "In order to finish creating your database, you\n");
-    PR_fprintf(PR_STDERR, "must enter a password which will be used to\n");
-    PR_fprintf(PR_STDERR, "encrypt this key and any future keys.\n\n");
-    PR_fprintf(PR_STDERR, "The password must be at least 8 characters long,\n");
-    PR_fprintf(PR_STDERR, "and must contain at least one non-alphabetic ");
-    PR_fprintf(PR_STDERR, "character.\n\n");
-
-    output = fopen(consoleName, "w");
-    if (output == NULL) {
-	PR_fprintf(PR_STDERR, "Error opening output terminal for write\n");
-	return NULL;
-    }
-
-
-    for (;;) {
-	if (!p0) {
-	    p0 = SEC_GetPassword(input, output, "Enter new password: ",
-			         SEC_BlindCheckPassword);
-	}
-	if (pwdata->source == PW_NONE) {
-	    p1 = SEC_GetPassword(input, output, "Re-enter password: ",
-				 SEC_BlindCheckPassword);
-	}
-	if (pwdata->source != PW_NONE || (PORT_Strcmp(p0, p1) == 0)) {
-	    break;
-	}
-	PR_fprintf(PR_STDERR, "Passwords do not match. Try again.\n");
-    }
-        
-    /* clear out the duplicate password string */
-    secu_ClearPassword(p1);
-    
-    fclose(input);
-    fclose(output);
-
-    return p0;
-}
-
-SECStatus
-SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile)
-{
-    SECStatus rv;
-    secuPWData pwdata, newpwdata;
-    char *oldpw = NULL, *newpw = NULL;
-
-    if (passwd) {
-	pwdata.source = PW_PLAINTEXT;
-	pwdata.data = passwd;
-    } else if (pwFile) {
-	pwdata.source = PW_FROMFILE;
-	pwdata.data = pwFile;
-    } else {
-	pwdata.source = PW_NONE;
-	pwdata.data = NULL;
-    }
-
-    if (PK11_NeedUserInit(slot)) {
-	newpw = secu_InitSlotPassword(slot, PR_FALSE, &pwdata);
-	rv = PK11_InitPin(slot, (char*)NULL, newpw);
-	goto done;
-    }
-
-    for (;;) {
-	oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata);
-
-	if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
-	    if (pwdata.source == PW_NONE) {
-		PR_fprintf(PR_STDERR, "Invalid password.  Try again.\n");
-	    } else {
-		PR_fprintf(PR_STDERR, "Invalid password.\n");
-		PORT_Memset(oldpw, 0, PL_strlen(oldpw));
-		PORT_Free(oldpw);
-		return SECFailure;
-	    }
-	} else
-	    break;
-
-	PORT_Free(oldpw);
-    }
-
-    newpwdata.source = PW_NONE;
-    newpwdata.data = NULL;
-
-    newpw = secu_InitSlotPassword(slot, PR_FALSE, &newpwdata);
-
-    if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
-	PR_fprintf(PR_STDERR, "Failed to change password.\n");
-	return SECFailure;
-    }
-
-    PORT_Memset(oldpw, 0, PL_strlen(oldpw));
-    PORT_Free(oldpw);
-
-    PR_fprintf(PR_STDOUT, "Password changed successfully.\n");
-
-done:
-    PORT_Memset(newpw, 0, PL_strlen(newpw));
-    PORT_Free(newpw);
-    return SECSuccess;
-}
-
-struct matchobj {
-    SECItem index;
-    char *nname;
-    PRBool found;
-};
-
-char *
-SECU_DefaultSSLDir(void)
-{
-    char *dir;
-    static char sslDir[1000];
-
-    dir = PR_GetEnv("SSL_DIR");
-    if (!dir)
-	return NULL;
-
-    sprintf(sslDir, "%s", dir);
-
-    if (sslDir[strlen(sslDir)-1] == '/')
-	sslDir[strlen(sslDir)-1] = 0;
-
-    return sslDir;
-}
-
-char *
-SECU_AppendFilenameToDir(char *dir, char *filename)
-{
-    static char path[1000];
-
-    if (dir[strlen(dir)-1] == '/')
-	sprintf(path, "%s%s", dir, filename);
-    else
-	sprintf(path, "%s/%s", dir, filename);
-    return path;
-}
-
-char *
-SECU_ConfigDirectory(const char* base)
-{
-    static PRBool initted = PR_FALSE;
-    const char *dir = ".netscape";
-    char *home;
-    static char buf[1000];
-
-    if (initted) return buf;
-    
-
-    if (base == NULL || *base == 0) {
-	home = PR_GetEnv("HOME");
-	if (!home) home = "";
-
-	if (*home && home[strlen(home) - 1] == '/')
-	    sprintf (buf, "%.900s%s", home, dir);
-	else
-	    sprintf (buf, "%.900s/%s", home, dir);
-    } else {
-	sprintf(buf, "%.900s", base);
-	if (buf[strlen(buf) - 1] == '/')
-	    buf[strlen(buf) - 1] = 0;
-    }
-
-
-    initted = PR_TRUE;
-    return buf;
-}
-
-/*Turn off SSL for now */
-/* This gets called by SSL when server wants our cert & key */
-int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
-		       struct CERTDistNamesStr *caNames,
-                      struct CERTCertificateStr **pRetCert,
-                      struct SECKEYPrivateKeyStr **pRetKey)
-{
-    SECKEYPrivateKey *key;
-    CERTCertificate *cert;
-    int errsave;
-
-    if (arg == NULL) {
-        fprintf(stderr, "no key/cert name specified for client auth\n");
-        return -1;
-    }
-    cert = PK11_FindCertFromNickname(arg, NULL);
-    errsave = PORT_GetError();
-    if (!cert) {
-        if (errsave == SEC_ERROR_BAD_PASSWORD)
-            fprintf(stderr, "Bad password\n");
-        else if (errsave > 0)
-            fprintf(stderr, "Unable to read cert (error %d)\n", errsave);
-        else if (errsave == SEC_ERROR_BAD_DATABASE)
-            fprintf(stderr, "Unable to get cert from database (%d)\n", errsave);
-        else
-            fprintf(stderr, "SECKEY_FindKeyByName: internal error %d\n", errsave);
-        return -1;
-    }
-
-    key = PK11_FindKeyByAnyCert(arg,NULL);
-    if (!key) {
-        fprintf(stderr, "Unable to get key (%d)\n", PORT_GetError());
-        return -1;
-    }
-
-
-    *pRetCert = cert;
-    *pRetKey = key;
-
-    return 0;
-}
-
-SECStatus
-secu_StdinToItem(SECItem *dst)
-{
-    unsigned char buf[1000];
-    PRInt32 numBytes;
-    PRBool notDone = PR_TRUE;
-
-    dst->len = 0;
-    dst->data = NULL;
-
-    while (notDone) {
-	numBytes = PR_Read(PR_STDIN, buf, sizeof(buf));
-
-	if (numBytes < 0) {
-	    PORT_SetError(PR_IO_ERROR);
-	    return SECFailure;
-	}
-
-	if (numBytes == 0)
-	    break;
-
-	if (buf[numBytes-1] == '\n') {
-	    buf[numBytes-1] = '\0';
-	    notDone = PR_FALSE;
-	}
-
-	if (dst->data) {
-	    dst->data = (unsigned char*)PORT_Realloc(dst->data, 
-	                                             dst->len+numBytes);
-	    PORT_Memcpy(dst->data+dst->len, buf, numBytes);
-	} else {
-	    dst->data = (unsigned char*)PORT_Alloc(numBytes);
-	    PORT_Memcpy(dst->data, buf, numBytes);
-	}
-	dst->len += numBytes;
-    }
-
-    return SECSuccess;
-}
-
-SECStatus
-SECU_FileToItem(SECItem *dst, PRFileDesc *src)
-{
-    PRFileInfo info;
-    PRInt32 numBytes;
-    PRStatus prStatus;
-
-    if (src == PR_STDIN)
-	return secu_StdinToItem(dst);
-
-    prStatus = PR_GetOpenFileInfo(src, &info);
-
-    if (prStatus != PR_SUCCESS) {
-	PORT_SetError(SEC_ERROR_IO);
-	return SECFailure;
-    }
-
-    /* XXX workaround for 3.1, not all utils zero dst before sending */
-    dst->data = 0;
-    if (!SECITEM_AllocItem(NULL, dst, info.size))
-	goto loser;
-
-    numBytes = PR_Read(src, dst->data, info.size);
-    if (numBytes != info.size) {
-	PORT_SetError(SEC_ERROR_IO);
-	goto loser;
-    }
-
-    return SECSuccess;
-loser:
-    SECITEM_FreeItem(dst, PR_FALSE);
-    return SECFailure;
-}
-
-SECStatus
-SECU_TextFileToItem(SECItem *dst, PRFileDesc *src)
-{
-    PRFileInfo info;
-    PRInt32 numBytes;
-    PRStatus prStatus;
-    unsigned char *buf;
-
-    if (src == PR_STDIN)
-	return secu_StdinToItem(dst);
-
-    prStatus = PR_GetOpenFileInfo(src, &info);
-
-    if (prStatus != PR_SUCCESS) {
-	PORT_SetError(SEC_ERROR_IO);
-	return SECFailure;
-    }
-
-    buf = (unsigned char*)PORT_Alloc(info.size);
-    if (!buf)
-	return SECFailure;
-
-    numBytes = PR_Read(src, buf, info.size);
-    if (numBytes != info.size) {
-	PORT_SetError(SEC_ERROR_IO);
-	goto loser;
-    }
-
-    if (buf[numBytes-1] == '\n') numBytes--;
-#ifdef _WINDOWS
-    if (buf[numBytes-1] == '\r') numBytes--;
-#endif
-
-    /* XXX workaround for 3.1, not all utils zero dst before sending */
-    dst->data = 0;
-    if (!SECITEM_AllocItem(NULL, dst, numBytes))
-	goto loser;
-
-    memcpy(dst->data, buf, numBytes);
-
-    PORT_Free(buf);
-    return SECSuccess;
-loser:
-    PORT_Free(buf);
-    return SECFailure;
-}
-
-SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
-{
-    SECStatus rv;
-    char *asc, *body, *trailer;
-    if (ascii) {
-	/* First convert ascii to binary */
-	SECItem filedata;
-
-	/* Read in ascii data */
-	rv = SECU_FileToItem(&filedata, inFile);
-	asc = (char *)filedata.data;
-	if (!asc) {
-	    fprintf(stderr, "unable to read data from input file\n");
-	    return SECFailure;
-	}
-
-	/* check for headers and trailers and remove them */
-	if ((body = strstr(asc, "-----BEGIN")) != NULL) {
-	    body = PORT_Strchr(body, '\n') + 1;
-	    trailer = strstr(body, "-----END");
-	    if (trailer != NULL) {
-		*trailer = '\0';
-	    } else {
-		fprintf(stderr, "input has header but no trailer\n");
-		return SECFailure;
-	    }
-	} else {
-	    body = asc;
-	}
-     
-	/* Convert to binary */
-	rv = ATOB_ConvertAsciiToItem(der, body);
-	if (rv) {
-	    fprintf(stderr, "error converting ascii to binary (%s)\n",
-		    SECU_Strerror(PORT_GetError()));
-	    return SECFailure;
-	}
-	PORT_Free(asc);
-    } else {
-	/* Read in binary der */
-	rv = SECU_FileToItem(der, inFile);
-	if (rv) {
-	    fprintf(stderr, "error converting der (%s)\n", 
-		    SECU_Strerror(PORT_GetError()));
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-#define INDENT_MULT	4
-void
-SECU_Indent(FILE *out, int level)
-{
-    int i;
-    for (i = 0; i < level; i++) {
-	fprintf(out, "    ");
-    }
-}
-
-static void secu_Newline(FILE *out)
-{
-    fprintf(out, "\n");
-}
-
-void
-SECU_PrintAsHex(FILE *out, SECItem *data, char *m, int level)
-{
-    unsigned i;
-    int column;
-    PRBool isString = PR_TRUE;
-
-    if ( m ) {
-	SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-	level++;
-    }
-    
-    SECU_Indent(out, level); column = level*INDENT_MULT;
-    for (i = 0; i < data->len; i++) {
-	unsigned char val = data->data[i];
-
-        if (isString && val && !isprint(val)) {
-	    isString = PR_FALSE;
-	}
-	if (i != data->len - 1) {
-	    fprintf(out, "%02x:", data->data[i]);
-	    column += 4;
-	} else {
-	    fprintf(out, "%02x", data->data[i]);
-	    column += 3;
-	    break;
-	}
-	if (column > 76) {
-	    secu_Newline(out);
-	    SECU_Indent(out, level); column = level*INDENT_MULT;
-	}
-    }
-    if (isString) {
-	secu_Newline(out);
-        SECU_Indent(out, level); column = level*INDENT_MULT;
-	for (i = 0; i < data->len; i++) {
-	    unsigned char val = data->data[i];
-
-	    if (val) {
-		fprintf(out,"%c",val);
-		column++;
-	    } else {
-		column = 77;
-	    }
-	    if (column > 76) {
-		secu_Newline(out);
-        	SECU_Indent(out, level); column = level*INDENT_MULT;
-	    }
-	}
-    }
-	    
-    level--;
-    if (column != level*INDENT_MULT) {
-	secu_Newline(out);
-    }
-}
-
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
-	"................"	/* 0x */
-	"................"	/* 1x */
-	" !\"#$%&'()*+,-./"	/* 2x */
-	"0123456789:;<=>?"	/* 3x */
-	"@ABCDEFGHIJKLMNO"	/* 4x */
-	"PQRSTUVWXYZ[\\]^_"	/* 5x */
-	"`abcdefghijklmno"	/* 6x */
-	"pqrstuvwxyz{|}~."	/* 7x */
-	"................"	/* 8x */
-	"................"	/* 9x */
-	"................"	/* ax */
-	"................"	/* bx */
-	"................"	/* cx */
-	"................"	/* dx */
-	"................"	/* ex */
-	"................"	/* fx */
-};
-
-void 
-SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len)
-{
-    const unsigned char *cp = (const unsigned char *)vp;
-    char buf[80];
-    char *bp;
-    char *ap;
-
-    fprintf(out, "%s [Len: %d]\n", msg, len);
-    memset(buf, ' ', sizeof buf);
-    bp = buf;
-    ap = buf + 50;
-    while (--len >= 0) {
-	unsigned char ch = *cp++;
-	*bp++ = hex[(ch >> 4) & 0xf];
-	*bp++ = hex[ch & 0xf];
-	*bp++ = ' ';
-	*ap++ = printable[ch];
-	if (ap - buf >= 66) {
-	    *ap = 0;
-	    fprintf(out, "   %s\n", buf);
-	    memset(buf, ' ', sizeof buf);
-	    bp = buf;
-	    ap = buf + 50;
-	}
-    }
-    if (bp > buf) {
-	*ap = 0;
-	fprintf(out, "   %s\n", buf);
-    }
-}
-
-void
-SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level)
-{
-    int iv;
-
-    if (i->len > 4) {
-	SECU_PrintAsHex(out, i, m, level);
-    } else {
-	iv = DER_GetInteger(i);
-	SECU_Indent(out, level); 
-	if (m) {
-	    fprintf(out, "%s: %d (0x%x)\n", m, iv, iv);
-	} else {
-	    fprintf(out, "%d (0x%x)\n", iv, iv);
-	}
-    }
-}
-
-void
-SECU_PrintString(FILE *out, SECItem *i, char *m, int level)
-{
-    char *string;
-    unsigned char *data = i->data;
-    int len = i->len;
-    int lenlen;
-    int tag;
-
-    string = PORT_ZAlloc(i->len+1);
-   
-    tag = *data++; len--;
-    if (data[1] & 0x80) {
-	    lenlen = data[1] & 0x1f;
-    } else {
-	    lenlen = 1;
-    }
-    data += lenlen; len -= lenlen;
-    if (len <= 0) return;
-    PORT_Memcpy(string,data,len);
-
-    /* should check the validity of tag, and convert the string as necessary */
-    SECU_Indent(out, level); 
-    if (m) {
-	fprintf(out, "%s: \"%s\"\n", m, string);
-    } else {
-	fprintf(out, "\"%s\"\n", string);
-    }
-}
-
-static void
-secu_PrintBoolean(FILE *out, SECItem *i, char *m, int level)
-{
-    int val = 0;
-    
-    if ( i->data ) {
-	val = i->data[0];
-    }
-
-    if (m) {
-    	SECU_Indent(out, level); fprintf(out, "%s:\n", m); level++;
-    }
-    if ( val ) {
-	SECU_Indent(out, level); fprintf(out, "%s\n", "True");
-    } else {
-	SECU_Indent(out, level); fprintf(out, "%s\n", "False");
-    }    
-}
-
-/*
- * Format and print "time".  If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-static void
-secu_PrintTime(FILE *out, int64 time, char *m, int level)
-{
-    PRExplodedTime printableTime; 
-    char *timeString;
-
-    /* Convert to local time */
-    PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
-    timeString = PORT_Alloc(100);
-    if (timeString == NULL)
-	return;
-
-    if (m != NULL) {
-	SECU_Indent(out, level);
-	fprintf(out, "%s: ", m);
-    }
-
-    PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime);
-    fprintf(out, timeString);
-
-    if (m != NULL)
-	fprintf(out, "\n");
-
-    PORT_Free(timeString);
-}
-
-/*
- * Format and print the UTC Time "t".  If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-void
-SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level)
-{
-    int64 time;
-    SECStatus rv;
-
-    rv = DER_UTCTimeToTime(&time, t);
-    if (rv != SECSuccess)
-	return;
-
-    secu_PrintTime(out, time, m, level);
-}
-
-/*
- * Format and print the Generalized Time "t".  If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-void
-SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level)
-{
-    int64 time;
-    SECStatus rv;
-
-
-    rv = DER_GeneralizedTimeToTime(&time, t);
-    if (rv != SECSuccess)
-	return;
-
-    secu_PrintTime(out, time, m, level);
-}
-
-static void secu_PrintAny(FILE *out, SECItem *i, char *m, int level);
-
-void
-SECU_PrintSet(FILE *out, SECItem *t, char *m, int level)
-{
-    int type= t->data[0] & SEC_ASN1_TAGNUM_MASK;
-    int start;
-    unsigned char *bp;
-
-    SECU_Indent(out, level);
-    if (m) {
-    	fprintf(out, "%s: ", m);
-    }
-
-    fprintf(out,"%s {\n", type == SEC_ASN1_SET ? "Set" : "Sequence"); /* } */
-
-    start = 2;
-    if (t->data[1] & 0x80) {
-	start += (t->data[1] & 0x7f);
-    }
-    for (bp=&t->data[start]; bp < &t->data[t->len]; ) {
-	SECItem tmp;
-	unsigned int i,len,lenlen;
-
-        if (bp[1] & 0x80) {
-	    lenlen = bp[1] & 0x1f;
-	    len = 0;
-	    for (i=0; i < lenlen; i++) {
-		len = len * 255 + bp[2+i];
-	    }
-	} else {
-	    lenlen = 1;
-	    len = bp[1];
-	}
-	tmp.len = len+lenlen+1;
-	if (tmp.len > &t->data[t->len] - bp) {
-	    tmp.len = &t->data[t->len] - bp;
-	}
-	tmp.data = bp;
-	bp += tmp.len;
-	secu_PrintAny(out,&tmp,NULL,level+1);
-    }
-    /* { */SECU_Indent(out, level); fprintf(out, "}\n");
-}
-static void
-secu_PrintContextSpecific(FILE *out, SECItem *i, char *m, int level)
-{
-    int type= i->data[0] & SEC_ASN1_TAGNUM_MASK;
-    SECItem tmp;
-    int start;
-
-    SECU_Indent(out, level);
-    if (m) {
-    	fprintf(out, "%s: ", m);
-    }
-
-    fprintf(out,"Option %d\n", type);
-    start = 2;
-    if (i->data[1] & 0x80) {
-	start = (i->data[1] & 0x7f) +1;
-    }
-    tmp.data = &i->data[start];
-    tmp.len = i->len -start;
-    SECU_PrintAsHex(out, &tmp, m, level+1);
-}
-
-static void
-secu_PrintUniversal(FILE *out, SECItem *i, char *m, int level)
-{
-	switch (i->data[0] & SEC_ASN1_TAGNUM_MASK) {
-	  case SEC_ASN1_INTEGER:
-	    SECU_PrintInteger(out, i, m, level);
-	    break;
-	  case SEC_ASN1_OBJECT_ID:
-	    SECU_PrintObjectID(out, i, m, level);
-	    break;
-	  case SEC_ASN1_BOOLEAN:
-	    secu_PrintBoolean(out, i, m, level);
-	    break;
-	  case SEC_ASN1_UTF8_STRING:
-	  case SEC_ASN1_PRINTABLE_STRING:
-	  case SEC_ASN1_VISIBLE_STRING:
-	  case SEC_ASN1_BMP_STRING:
-	  case SEC_ASN1_IA5_STRING:
-	  case SEC_ASN1_T61_STRING:
-	  case SEC_ASN1_UNIVERSAL_STRING:
-	    SECU_PrintString(out, i, m, level);
-	    break;
-	  case SEC_ASN1_GENERALIZED_TIME:
-	    SECU_PrintGeneralizedTime(out, i, m, level);
-	    break;
-	  case SEC_ASN1_UTC_TIME:
-	    SECU_PrintUTCTime(out, i, m, level);
-	    break;
-	  case SEC_ASN1_NULL:
-	    SECU_Indent(out, level); fprintf(out, "%s: NULL\n", m);
-	    break;
-          case SEC_ASN1_SET:
-          case SEC_ASN1_SEQUENCE:
-	    SECU_PrintSet(out, i, m, level);
-	    break;
-	    
-	  default:
-	    SECU_PrintAsHex(out, i, m, level);
-	    break;
-	}
-}
-
-static void
-secu_PrintAny(FILE *out, SECItem *i, char *m, int level)
-{
-    if ( i->len ) {
-	switch (i->data[0] & SEC_ASN1_CLASS_MASK) {
-	case SEC_ASN1_CONTEXT_SPECIFIC:
-	    secu_PrintContextSpecific(out, i, m, level);
-	    break;
-	case SEC_ASN1_UNIVERSAL:
-	    secu_PrintUniversal(out, i, m, level);
-	    break;
-	default:
-	    SECU_PrintAsHex(out, i, m, level);
-	    break;
-	}
-    }
-}
-
-static int
-secu_PrintValidity(FILE *out, CERTValidity *v, char *m, int level)
-{
-    SECU_Indent(out, level);  fprintf(out, "%s:\n", m);
-    SECU_PrintUTCTime(out, &v->notBefore, "Not Before", level+1);
-    SECU_PrintUTCTime(out, &v->notAfter, "Not After", level+1);
-    return 0;
-}
-
-void
-SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level)
-{
-    const char *name;
-    SECOidData *oiddata;
-    
-    oiddata = SECOID_FindOID(oid);
-    if (oiddata == NULL) {
-	SECU_PrintAsHex(out, oid, m, level);
-	return;
-    }
-    name = oiddata->desc;
-
-    SECU_Indent(out, level);
-    if (m != NULL)
-	fprintf(out, "%s: ", m);
-    fprintf(out, "%s\n", name);
-}
-
-void
-SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, int level)
-{
-    SECU_PrintObjectID(out, &a->algorithm, m, level);
-
-    if (a->parameters.len == 0
-	|| (a->parameters.len == 2
-	    && PORT_Memcmp(a->parameters.data, "\005\000", 2) == 0)) {
-	/* No arguments or NULL argument */
-    } else {
-	/* Print args to algorithm */
-	SECU_PrintAsHex(out, &a->parameters, "Args", level+1);
-    }
-}
-
-static void
-secu_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m, int level)
-{
-    SECItem *value;
-    int i;
-    char om[100];
-
-    if (m) {
-    	SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    }
-
-    /*
-     * Should make this smarter; look at the type field and then decode
-     * and print the value(s) appropriately!
-     */
-    SECU_PrintObjectID(out, &(attr->type), "Type", level+1);
-    if (attr->values != NULL) {
-	i = 0;
-	while ((value = attr->values[i++]) != NULL) {
-	    sprintf(om, "Value (%d)%s", i, attr->encoded ? " (encoded)" : ""); 
-	    if (attr->encoded || attr->typeTag == NULL) {
-		SECU_PrintAsHex(out, value, om, level+1);
-	    } else {
-		switch (attr->typeTag->offset) {
-		  default:
-		    SECU_PrintAsHex(out, value, om, level+1);
-		    break;
-		  case SEC_OID_PKCS9_CONTENT_TYPE:
-		    SECU_PrintObjectID(out, value, om, level+1);
-		    break;
-		  case SEC_OID_PKCS9_SIGNING_TIME:
-		    SECU_PrintUTCTime(out, value, om, level+1);
-		    break;
-		}
-	    }
-	}
-    }
-}
-
-static void
-secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
-#if 0	/*
-	 * um, yeah, that might be nice, but if you look at the callers
-	 * you will see that they do not *set* this, so this will not work!
-	 * Instead, somebody needs to fix the callers to be smarter about
-	 * public key stuff, if that is important.
-	 */
-    PORT_Assert(pk->keyType == rsaKey);
-#endif
-
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1);
-    SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1);
-}
-
-static void
-secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &pk->u.dsa.params.prime, "Prime", level+1);
-    SECU_PrintInteger(out, &pk->u.dsa.params.subPrime, "Subprime", level+1);
-    SECU_PrintInteger(out, &pk->u.dsa.params.base, "Base", level+1);
-    SECU_PrintInteger(out, &pk->u.dsa.publicValue, "PublicValue", level+1);
-}
-
-static int
-secu_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
-		       CERTSubjectPublicKeyInfo *i,  char *msg, int level)
-{
-    SECKEYPublicKey *pk;
-    int rv;
-
-    SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
-    SECU_PrintAlgorithmID(out, &i->algorithm, "Public Key Algorithm", level+1);
-
-    pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey));
-    if (!pk)
-	return PORT_GetError();
-
-    DER_ConvertBitString(&i->subjectPublicKey);
-    switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) {
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	rv = SEC_ASN1DecodeItem(arena, pk, 
-	                        SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate),
-				&i->subjectPublicKey);
-	if (rv)
-	    return rv;
-	secu_PrintRSAPublicKey(out, pk, "RSA Public Key", level +1);
-	break;
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-	rv = SEC_ASN1DecodeItem(arena, pk, 
-	                        SEC_ASN1_GET(SECKEY_DSAPublicKeyTemplate),
-				&i->subjectPublicKey);
-	if (rv)
-	    return rv;
-	secu_PrintDSAPublicKey(out, pk, "DSA Public Key", level +1);
-	break;
-      default:
-	fprintf(out, "bad SPKI algorithm type\n");
-	return 0;
-    }
-
-    return 0;
-}
-
-static SECStatus
-secu_PrintX509InvalidDate(FILE *out, SECItem *value, char *msg, int level)
-{
-    SECItem decodedValue;
-    SECStatus rv;
-    int64 invalidTime;
-    char *formattedTime = NULL;
-
-    decodedValue.data = NULL;
-    rv = SEC_ASN1DecodeItem (NULL, &decodedValue, 
-			    SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
-			    value);
-    if (rv == SECSuccess) {
-	rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
-	if (rv == SECSuccess) {
-	    formattedTime = CERT_GenTime2FormattedAscii
-			    (invalidTime, "%a %b %d %H:%M:%S %Y");
-	    SECU_Indent(out, level +1);
-	    fprintf (out, "%s: %s\n", msg, formattedTime);
-	    PORT_Free (formattedTime);
-	}
-    }
-    PORT_Free (decodedValue.data);
-    return (rv);
-}
-
-static SECStatus
-PrintExtKeyUsageExten  (FILE *out, SECItem *value, char *msg, int level)
-{
-  CERTOidSequence *os;
-  SECItem **op;
-
-  SECU_Indent(out, level); fprintf(out, "Extended Key Usage Extension:\n");
-
-  os = CERT_DecodeOidSequence(value);
-  if( (CERTOidSequence *)NULL == os ) {
-    return SECFailure;
-  }
-
-  for( op = os->oids; *op; op++ ) {
-    SECOidData *od = SECOID_FindOID(*op);
-    
-    if( (SECOidData *)NULL == od ) {
-      SECU_Indent(out, level+1);
-      SECU_PrintAsHex(out, *op, "Unknown:", level+2);
-      secu_Newline(out);
-      continue;
-    }
-
-    SECU_Indent(out, level+1);
-    if( od->desc ) fprintf(out, "%s", od->desc);
-    else SECU_PrintAsHex(out, &od->oid, "", level+2);
-
-    secu_Newline(out);
-  }
-
-  return SECSuccess;
-}
-
-char *
-itemToString(SECItem *item)
-{
-    char *string;
-
-    string = PORT_ZAlloc(item->len+1);
-    if (string == NULL) return NULL;
-    PORT_Memcpy(string,item->data,item->len);
-    string[item->len] = 0;
-    return string;
-}
-
-static SECStatus
-secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier,char *msg,int level)
-{
-   CERTUserNotice *userNotice;
-   SECItem **itemList = NULL;
-   char *string;
-
-   SECU_PrintObjectID(out, &policyQualifier->qualifierID , 
-					"Policy Qualifier Name", level);
-
-   switch (policyQualifier->oid) {
-   case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
-	userNotice = CERT_DecodeUserNotice(&policyQualifier->qualifierValue);
-        if (userNotice) {
-	    if (userNotice->noticeReference.organization.len != 0) {
-		string=itemToString(&userNotice->noticeReference.organization);
-		itemList = userNotice->noticeReference.noticeNumbers;
-		while (*itemList) {
-		    SECU_PrintInteger(out,*itemList,string,level+1);
-		    itemList++;
-		}
-		PORT_Free(string);
-	    }
-	    if (userNotice->displayText.len != 0) {
-		SECU_PrintString(out,&userNotice->displayText,
-						"Display Text", level+1);
-	    }
-	    break;
-	} 
-        /* fall through on error */
-   case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
-   default:
-	secu_PrintAny(out, &policyQualifier->qualifierValue, "Policy Qualifier Data", level+1);
-	break;
-   }
-   
-   return SECSuccess;
-
-}
-
-static SECStatus
-secu_PrintPolicyInfo(FILE *out,CERTPolicyInfo *policyInfo,char *msg,int level)
-{
-   CERTPolicyQualifier **policyQualifiers;
-
-   policyQualifiers = policyInfo->policyQualifiers;
-   SECU_PrintObjectID(out, &policyInfo->policyID , "Policy Name", level);
-   
-   while (*policyQualifiers != NULL) {
-	secu_PrintPolicyQualifier(out,*policyQualifiers,"",level+1);
-	policyQualifiers++;
-   }
-   return SECSuccess;
-
-}
-
-static SECStatus
-secu_PrintPolicy(FILE *out, SECItem *value, char *msg, int level)
-{
-   CERTCertificatePolicies *policies = NULL;
-   CERTPolicyInfo **policyInfos;
-
-   if (msg) {
-	SECU_Indent(out, level);
-	fprintf(out,"%s: \n",msg);
-	level++;
-   }
-   policies = CERT_DecodeCertificatePoliciesExtension(value);
-   if (policies == NULL) {
-	SECU_PrintAsHex(out, value, "Invalid Policy Data", level);
-	return SECFailure;
-   }
-
-   policyInfos = policies->policyInfos;
-   while (*policyInfos != NULL) {
-	secu_PrintPolicyInfo(out,*policyInfos,"",level);
-	policyInfos++;
-   }
-
-   CERT_DestroyCertificatePoliciesExtension(policies);
-   return SECSuccess;
-}
-
-char *nsTypeBits[] = {
-"SSL Client","SSL Server","S/MIME","Object Signing","Reserved","SSL CA","S/MIME CA","ObjectSigning CA" };
-
-static SECStatus
-secu_PrintBasicConstraints(FILE *out, SECItem *value, char *msg, int level) {
-    CERTBasicConstraints constraints;
-    SECStatus rv;
-
-    SECU_Indent(out, level);
-    if (msg) {
-	    fprintf(out,"%s: ",msg);
-    } 
-    rv = CERT_DecodeBasicConstraintValue(&constraints,value);
-    if (rv == SECSuccess && constraints.isCA) {
-	fprintf(out,"Is a CA with a maximum path length of %d.\n",
-					constraints.pathLenConstraint);
-    } else  {
-	fprintf(out,"Is not a CA.\n");
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-secu_PrintNSCertType(FILE *out, SECItem *value, char *msg, int level) {
-	char NS_Type=0;
-	int len, i, found=0;
-
-	if (value->data[1] & 0x80) {
-	    len = 3;
-	} else {
-	    len = value->data[1];
-	}
-	if ((value->data[0] != SEC_ASN1_BIT_STRING) || (len < 2)) {
-	    secu_PrintAny(out, value, "Data", level);
-	    return SECSuccess;
-	}
-	NS_Type=value->data[3];
-	
-
-	if (msg) {
-	    SECU_Indent(out, level);
-	    fprintf(out,"%s: ",msg);
-	} else {
-	    SECU_Indent(out, level);
-	    fprintf(out,"Netscape Certificate Type: ");
-	}
-	for (i=0; i < 8; i++) {
-	    if ( (0x80 >> i) & NS_Type) {
-		fprintf(out,"%c%s",found?',':'<',nsTypeBits[i]);
-		found = 1;
-	    }
-	}
-	if (found) { fprintf(out,">\n"); } else { fprintf(out,"none\n"); }
-	return SECSuccess;
-}
-
-void
-SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
-		     char *msg, int level)
-{
-    SECOidTag oidTag;
-    
-    if ( extensions ) {
-	SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
-	
-	while ( *extensions ) {
-	    SECItem *tmpitem;
-	    SECU_Indent(out, level+1); fprintf(out, "Name:\n");
-
-	    tmpitem = &(*extensions)->id;
-	    SECU_PrintObjectID(out, tmpitem, NULL, level+2);
-
-	    tmpitem = &(*extensions)->critical;
-	    if ( tmpitem->len ) {
-		secu_PrintBoolean(out, tmpitem, "Critical", level+1);
-	    }
-
-	    oidTag = SECOID_FindOIDTag (&((*extensions)->id));
-	    tmpitem = &((*extensions)->value);
-
-	    switch (oidTag) {
-	      	case SEC_OID_X509_INVALID_DATE:
-		case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME:
-		   secu_PrintX509InvalidDate(out, tmpitem, "Date", level + 1);
-		   break;
-		case SEC_OID_X509_CERTIFICATE_POLICIES:
-		   secu_PrintPolicy(out, tmpitem, "Data", level +1);
-		   break;
-		case SEC_OID_NS_CERT_EXT_BASE_URL:
-		case SEC_OID_NS_CERT_EXT_REVOCATION_URL:
-		case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL:
-		case SEC_OID_NS_CERT_EXT_CA_CRL_URL:
-		case SEC_OID_NS_CERT_EXT_CA_CERT_URL:
-		case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL:
-		case SEC_OID_NS_CERT_EXT_CA_POLICY_URL:
-		case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL:
-		case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL:
-		case SEC_OID_OCSP_RESPONDER:
-		    SECU_PrintString(out,tmpitem, "URL", level+1);
-		    break;
-		case SEC_OID_NS_CERT_EXT_COMMENT:
-		    SECU_PrintString(out,tmpitem, "Comment", level+1);
-		    break;
-		case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME:
-		    SECU_PrintString(out,tmpitem, "ServerName", level+1);
-		    break;
-		case SEC_OID_NS_CERT_EXT_CERT_TYPE:
-		    secu_PrintNSCertType(out,tmpitem,"Data",level+1);
-		    break;
-		case SEC_OID_X509_BASIC_CONSTRAINTS:
-		    secu_PrintBasicConstraints(out,tmpitem,"Data",level+1);
-		    break;
-		case SEC_OID_X509_SUBJECT_ALT_NAME:
-		case SEC_OID_X509_ISSUER_ALT_NAME:
-	      /*
-	       * We should add at least some of the more interesting cases
-	       * here, but need to have subroutines to back them up.
-	       */
-		case SEC_OID_NS_CERT_EXT_NETSCAPE_OK:
-		case SEC_OID_NS_CERT_EXT_ISSUER_LOGO:
-		case SEC_OID_NS_CERT_EXT_SUBJECT_LOGO:
-		case SEC_OID_NS_CERT_EXT_ENTITY_LOGO:
-		case SEC_OID_NS_CERT_EXT_USER_PICTURE:
-		case SEC_OID_NS_KEY_USAGE_GOVT_APPROVED:
-
-		/* x.509 v3 Extensions */
-		case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
-		case SEC_OID_X509_SUBJECT_KEY_ID:
-		case SEC_OID_X509_KEY_USAGE:
-		case SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD:
-		case SEC_OID_X509_NAME_CONSTRAINTS:
-		case SEC_OID_X509_CRL_DIST_POINTS:
-		case SEC_OID_X509_POLICY_MAPPINGS:
-		case SEC_OID_X509_POLICY_CONSTRAINTS:
-		case SEC_OID_X509_AUTH_KEY_ID:
-            goto defualt;
-		case SEC_OID_X509_EXT_KEY_USAGE:
-            PrintExtKeyUsageExten(out, tmpitem, "", level+1);
-            break;
-		case SEC_OID_X509_AUTH_INFO_ACCESS:
-
-		case SEC_OID_X509_CRL_NUMBER:
-		case SEC_OID_X509_REASON_CODE:
-
-		/* PKIX OIDs */
-		case SEC_OID_PKIX_OCSP:
-		case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
-		case SEC_OID_PKIX_OCSP_NONCE:
-		case SEC_OID_PKIX_OCSP_CRL:
-		case SEC_OID_PKIX_OCSP_RESPONSE:
-		case SEC_OID_PKIX_OCSP_NO_CHECK:
-		case SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF:
-		case SEC_OID_PKIX_OCSP_SERVICE_LOCATOR:
-		case SEC_OID_PKIX_REGCTRL_REGTOKEN:
-		case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
-		case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
-		case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
-		case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
-		case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
-		case SEC_OID_PKIX_REGINFO_UTF8_PAIRS:
-		case SEC_OID_PKIX_REGINFO_CERT_REQUEST:
-		case SEC_OID_EXT_KEY_USAGE_SERVER_AUTH:
-		case SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH:
-		case SEC_OID_EXT_KEY_USAGE_CODE_SIGN:
-		case SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT:
-		case SEC_OID_EXT_KEY_USAGE_TIME_STAMP:
-
-	      default:
-          defualt:
-		/*SECU_PrintAsHex(out, tmpitem, "Data", level+1); */
-		secu_PrintAny(out, tmpitem, "Data", level+1);
-		break;
-	    }
-		    
-	    secu_Newline(out);
-	    extensions++;
-	}
-    }
-}
-
-
-void
-SECU_PrintName(FILE *out, CERTName *name, char *msg, int level)
-{
-    char *str;
-    
-    SECU_Indent(out, level); fprintf(out, "%s: ", msg);
-
-    str = CERT_NameToAscii(name);
-    if (!str) 
-    	str = "!Invalid AVA!";
-    fprintf(out, str);
-	
-    secu_Newline(out);
-}
-
-void
-printflags(char *trusts, unsigned int flags)
-{
-    if (flags & CERTDB_VALID_CA)
-	if (!(flags & CERTDB_TRUSTED_CA) &&
-	    !(flags & CERTDB_TRUSTED_CLIENT_CA))
-	    PORT_Strcat(trusts, "c");
-    if (flags & CERTDB_VALID_PEER)
-	if (!(flags & CERTDB_TRUSTED))
-	    PORT_Strcat(trusts, "p");
-    if (flags & CERTDB_TRUSTED_CA)
-	PORT_Strcat(trusts, "C");
-    if (flags & CERTDB_TRUSTED_CLIENT_CA)
-	PORT_Strcat(trusts, "T");
-    if (flags & CERTDB_TRUSTED)
-	PORT_Strcat(trusts, "P");
-    if (flags & CERTDB_USER)
-	PORT_Strcat(trusts, "u");
-    if (flags & CERTDB_SEND_WARN)
-	PORT_Strcat(trusts, "w");
-    if (flags & CERTDB_INVISIBLE_CA)
-	PORT_Strcat(trusts, "I");
-    if (flags & CERTDB_GOVT_APPROVED_CA)
-	PORT_Strcat(trusts, "G");
-    return;
-}
-
-/* callback for listing certs through pkcs11 */
-SECStatus
-SECU_PrintCertNickname(CERTCertificate *cert, void *data)
-{
-    CERTCertTrust *trust;
-    FILE *out;
-    char trusts[30];
-    char *name;
-
-    PORT_Memset (trusts, 0, sizeof (trusts));
-    out = (FILE *)data;
-    
-	name = cert->nickname;
-	if ( name == NULL ) {
-	    name = cert->emailAddr;
-	}
-	if ( name == NULL ) {
-	    name = "(NULL)";
-	}
-	
-        trust = cert->trust;
-	if (trust) {
-	    printflags(trusts, trust->sslFlags);
-	    PORT_Strcat(trusts, ",");
-	    printflags(trusts, trust->emailFlags);
-	    PORT_Strcat(trusts, ",");
-	    printflags(trusts, trust->objectSigningFlags);
-	} else {
-	    PORT_Memcpy(trusts,",,",3);
-	}
-	fprintf(out, "%-60s %-5s\n", name, trusts);
-
-    return (SECSuccess);
-}
-
-int
-SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    CERTCertificateRequest *cr;
-    int rv;
-
-    /* Decode certificate request */
-    cr = (CERTCertificateRequest*) PORT_ZAlloc(sizeof(CERTCertificateRequest));
-    if (!cr)
-	return PORT_GetError();
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena)
-	return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, cr, 
-                            SEC_ASN1_GET(CERT_CertificateRequestTemplate), der);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-
-    /* Pretty print it out */
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &cr->version, "Version", level+1);
-    SECU_PrintName(out, &cr->subject, "Subject", level+1);
-    rv = secu_PrintSubjectPublicKeyInfo(out, arena, &cr->subjectPublicKeyInfo,
-			      "Subject Public Key Info", level+1);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-    secu_PrintAny(out, cr->attributes[0], "Attributes", level+1);
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return 0;
-}
-
-int
-SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    CERTCertificate *c;
-    int rv;
-    int iv;
-    
-    /* Decode certificate */
-    c = (CERTCertificate*) PORT_ZAlloc(sizeof(CERTCertificate));
-    if (!c)
-	return PORT_GetError();
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena)
-	return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, c, 
-                            SEC_ASN1_GET(CERT_CertificateTemplate), der);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-
-    /* Pretty print it out */
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    iv = DER_GetInteger(&c->version);
-    SECU_Indent(out, level+1); fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv);
-
-    SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1);
-    SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1);
-    SECU_PrintName(out, &c->issuer, "Issuer", level+1);
-    secu_PrintValidity(out, &c->validity, "Validity", level+1);
-    SECU_PrintName(out, &c->subject, "Subject", level+1);
-    rv = secu_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo,
-			      "Subject Public Key Info", level+1);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-    SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1);
-
-    SECU_PrintFingerprints(out, &c->derCert, "Fingerprint", level);
-    
-    PORT_FreeArena(arena, PR_FALSE);
-    return 0;
-}
-
-int
-SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    SECKEYPublicKey key;
-    int rv;
-
-    PORT_Memset(&key, 0, sizeof(key));
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena)
-	return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, &key, 
-                            SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), der);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-
-    /* Pretty print it out */
-    secu_PrintRSAPublicKey(out, &key, m, level);
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return 0;
-}
-
-#ifdef HAVE_EPV_TEMPLATE
-int
-SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    SECKEYEncryptedPrivateKeyInfo key;
-    int rv;
-
-    PORT_Memset(&key, 0, sizeof(key));
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena)
-	return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, &key, 
-		SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate), der);
-    if (rv) {
-	PORT_FreeArena(arena, PR_TRUE);
-	return rv;
-    }
-
-    /* Pretty print it out */
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintAlgorithmID(out, &key.algorithm, "Encryption Algorithm", 
-			  level+1);
-    SECU_PrintAsHex(out, &key.encryptedData, "Encrypted Data", level+1);
-
-    PORT_FreeArena(arena, PR_TRUE);
-    return 0;
-}
-#endif
-
-int
-SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level)
-{
-    unsigned char fingerprint[20];
-    char *fpStr = NULL;
-    SECItem fpItem;
-    /* print MD5 fingerprint */
-    memset(fingerprint, 0, sizeof fingerprint);
-    PK11_HashBuf(SEC_OID_MD5,fingerprint, derCert->data, derCert->len);
-    fpItem.data = fingerprint;
-    fpItem.len = MD5_LENGTH;
-    fpStr = CERT_Hexify(&fpItem, 1);
-    SECU_Indent(out, level);  fprintf(out, "%s (MD5):\n", m);
-    SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
-    PORT_Free(fpStr);
-    fpStr = NULL;
-    /* print SHA1 fingerprint */
-    memset(fingerprint, 0, sizeof fingerprint);
-    PK11_HashBuf(SEC_OID_SHA1,fingerprint, derCert->data, derCert->len);
-    fpItem.data = fingerprint;
-    fpItem.len = SHA1_LENGTH;
-    fpStr = CERT_Hexify(&fpItem, 1);
-    SECU_Indent(out, level);  fprintf(out, "%s (SHA1):\n", m);
-    SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
-    PORT_Free(fpStr);
-	fprintf(out, "\n");
-    return 0;
-}
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-static int
-secu_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *, int);
-
-/*
-** secu_PrintPKCS7EncContent
-**   Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-static void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src, 
-			  char *m, int level)
-{
-    if (src->contentTypeTag == NULL)
-	src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
-    SECU_Indent(out, level);
-    fprintf(out, "%s:\n", m);
-    SECU_Indent(out, level + 1); 
-    fprintf(out, "Content Type: %s\n",
-	    (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
-					  : "Unknown");
-    SECU_PrintAlgorithmID(out, &(src->contentEncAlg),
-			  "Content Encryption Algorithm", level+1);
-    SECU_PrintAsHex(out, &(src->encContent), 
-		    "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-**   Prints a PKCS7RecipientInfo type
-*/
-static void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m, 
-			int level)
-{
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(info->version), "Version", level + 1);	
-
-    SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer", 
-		 level + 1);
-    SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber), 
-		      "Serial Number", level + 1);
-
-    /* Parse and display encrypted key */
-    SECU_PrintAlgorithmID(out, &(info->keyEncAlg), 
-			"Key Encryption Algorithm", level + 1);
-    SECU_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-
-/* 
-** secu_PrintSignerInfo
-**   Prints a PKCS7SingerInfo type
-*/
-static void
-secu_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m, int level)
-{
-    SEC_PKCS7Attribute *attr;
-    int iv;
-    char om[100];
-    
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(info->version), "Version", level + 1);	
-
-    SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer", 
-		 level + 1);
-    SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber), 
-		      "Serial Number", level + 1);
-  
-    SECU_PrintAlgorithmID(out, &(info->digestAlg), "Digest Algorithm",
-			  level + 1);
-    
-    if (info->authAttr != NULL) {
-	SECU_Indent(out, level + 1); 
-	fprintf(out, "Authenticated Attributes:\n");
-	iv = 0;
-	while ((attr = info->authAttr[iv++]) != NULL) {
-	    sprintf(om, "Attribute (%d)", iv); 
-	    secu_PrintAttribute(out, attr, om, level + 2);
-	}
-    }
-    
-    /* Parse and display signature */
-    SECU_PrintAlgorithmID(out, &(info->digestEncAlg), 
-			"Digest Encryption Algorithm", level + 1);
-    SECU_PrintAsHex(out, &(info->encDigest), "Encrypted Digest", level + 1);
-    
-    if (info->unAuthAttr != NULL) {
-	SECU_Indent(out, level + 1); 
-	fprintf(out, "Unauthenticated Attributes:\n");
-	iv = 0;
-	while ((attr = info->unAuthAttr[iv++]) != NULL) {
-	    sprintf(om, "Attribute (%x)", iv); 
-	    secu_PrintAttribute(out, attr, om, level + 2);
-	}
-    }
-}
-
-void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level)
-{
-    CERTCrlEntry *entry;
-    int iv;
-    char om[100];
-    
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm",
-			  level + 1);
-    SECU_PrintName(out, &(crl->name), "Name", level + 1);
-    SECU_PrintUTCTime(out, &(crl->lastUpdate), "Last Update", level + 1);
-    SECU_PrintUTCTime(out, &(crl->nextUpdate), "Next Update", level + 1);
-    
-    if (crl->entries != NULL) {
-	iv = 0;
-	while ((entry = crl->entries[iv++]) != NULL) {
-	    sprintf(om, "Entry (%x):\n", iv); 
-	    SECU_Indent(out, level + 1); fprintf(out, om);
-	    SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number",
-			      level + 2);
-	    SECU_PrintUTCTime(out, &(entry->revocationDate), "Revocation Date",
-			      level + 2);
-	    SECU_PrintExtensions
-		   (out, entry->extensions, "Signed CRL Entries Extensions", level + 1);
-	}
-    }
-    SECU_PrintExtensions
-	   (out, crl->extensions, "Signed CRL Extension", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Signed
-**   Pretty print a PKCS7 signed data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src, char *m, int level)
-{
-    SECAlgorithmID *digAlg;		/* digest algorithms */
-    SECItem *aCert;			/* certificate */
-    CERTSignedCrl *aCrl;		/* certificate revocation list */
-    SEC_PKCS7SignerInfo *sigInfo;	/* signer information */
-    int rv, iv;
-    char om[100];
-
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    /* Parse and list digest algorithms (if any) */
-    if (src->digestAlgorithms != NULL) {
-	SECU_Indent(out, level + 1);  fprintf(out, "Digest Algorithm List:\n");
-	iv = 0;
-	while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
-	    sprintf(om, "Digest Algorithm (%x)", iv);
-	    SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
-	}
-    }
-
-    /* Now for the content */
-    rv = secu_PrintPKCS7ContentInfo(out, &(src->contentInfo), 
-				    "Content Information", level + 1);
-    if (rv != 0)
-	return rv;
-
-    /* Parse and list certificates (if any) */
-    if (src->rawCerts != NULL) {
-	SECU_Indent(out, level + 1);  fprintf(out, "Certificate List:\n");
-	iv = 0;
-	while ((aCert = src->rawCerts[iv++]) != NULL) {
-	    sprintf(om, "Certificate (%x)", iv);
-	    rv = SECU_PrintSignedData(out, aCert, om, level + 2, 
-				      SECU_PrintCertificate);
-	    if (rv)
-		return rv;
-	}
-    }
-
-    /* Parse and list CRL's (if any) */
-    if (src->crls != NULL) {
-	SECU_Indent(out, level + 1);  
-	fprintf(out, "Signed Revocation Lists:\n");
-	iv = 0;
-	while ((aCrl = src->crls[iv++]) != NULL) {
-	    sprintf(om, "Signed Revocation List (%x)", iv);
-	    SECU_Indent(out, level + 2);  fprintf(out, "%s:\n", om);
-	    SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, 
-				  "Signature Algorithm", level+3);
-	    DER_ConvertBitString(&aCrl->signatureWrap.signature);
-	    SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
-			    level+3);
-	    SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", 
-			  level + 3); 
-	}
-    }
-
-    /* Parse and list signatures (if any) */
-    if (src->signerInfos != NULL) {
-	SECU_Indent(out, level + 1);
-	fprintf(out, "Signer Information List:\n");
-	iv = 0;
-	while ((sigInfo = src->signerInfos[iv++]) != NULL) {
-	    sprintf(om, "Signer Information (%x)", iv);
-	    secu_PrintSignerInfo(out, sigInfo, om, level + 2);
-	}
-    }  
-
-    return 0;
-}
-
-/*
-** secu_PrintPKCS7Enveloped
-**  Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
-			 char *m, int level)
-{
-    SEC_PKCS7RecipientInfo *recInfo;   /* pointer for signer information */
-    int iv;
-    char om[100];
-
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    /* Parse and list recipients (this is not optional) */
-    if (src->recipientInfos != NULL) {
-	SECU_Indent(out, level + 1);
-	fprintf(out, "Recipient Information List:\n");
-	iv = 0;
-	while ((recInfo = src->recipientInfos[iv++]) != NULL) {
-	    sprintf(om, "Recipient Information (%x)", iv);
-	    secu_PrintRecipientInfo(out, recInfo, om, level + 2);
-	}
-    }  
-
-    secu_PrintPKCS7EncContent(out, &src->encContentInfo, 
-			      "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-**   Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
-				  SEC_PKCS7SignedAndEnvelopedData *src,
-				  char *m, int level)
-{
-    SECAlgorithmID *digAlg;  /* pointer for digest algorithms */
-    SECItem *aCert;           /* pointer for certificate */
-    CERTSignedCrl *aCrl;        /* pointer for certificate revocation list */
-    SEC_PKCS7SignerInfo *sigInfo;   /* pointer for signer information */
-    SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
-    int rv, iv;
-    char om[100];
-
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    /* Parse and list recipients (this is not optional) */
-    if (src->recipientInfos != NULL) {
-	SECU_Indent(out, level + 1);
-	fprintf(out, "Recipient Information List:\n");
-	iv = 0;
-	while ((recInfo = src->recipientInfos[iv++]) != NULL) {
-	    sprintf(om, "Recipient Information (%x)", iv);
-	    secu_PrintRecipientInfo(out, recInfo, om, level + 2);
-	}
-    }  
-
-    /* Parse and list digest algorithms (if any) */
-    if (src->digestAlgorithms != NULL) {
-	SECU_Indent(out, level + 1);  fprintf(out, "Digest Algorithm List:\n");
-	iv = 0;
-	while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
-	    sprintf(om, "Digest Algorithm (%x)", iv);
-	    SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
-	}
-    }
-
-    secu_PrintPKCS7EncContent(out, &src->encContentInfo, 
-			      "Encrypted Content Information", level + 1);
-
-    /* Parse and list certificates (if any) */
-    if (src->rawCerts != NULL) {
-	SECU_Indent(out, level + 1);  fprintf(out, "Certificate List:\n");
-	iv = 0;
-	while ((aCert = src->rawCerts[iv++]) != NULL) {
-	    sprintf(om, "Certificate (%x)", iv);
-	    rv = SECU_PrintSignedData(out, aCert, om, level + 2, 
-				      SECU_PrintCertificate);
-	    if (rv)
-		return rv;
-	}
-    }
-
-    /* Parse and list CRL's (if any) */
-    if (src->crls != NULL) {
-	SECU_Indent(out, level + 1);  
-	fprintf(out, "Signed Revocation Lists:\n");
-	iv = 0;
-	while ((aCrl = src->crls[iv++]) != NULL) {
-	    sprintf(om, "Signed Revocation List (%x)", iv);
-	    SECU_Indent(out, level + 2);  fprintf(out, "%s:\n", om);
-	    SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, 
-				  "Signature Algorithm", level+3);
-	    DER_ConvertBitString(&aCrl->signatureWrap.signature);
-	    SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
-			    level+3);
-	    SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", 
-			  level + 3); 
-	}
-    }
-
-    /* Parse and list signatures (if any) */
-    if (src->signerInfos != NULL) {
-	SECU_Indent(out, level + 1);
-	fprintf(out, "Signer Information List:\n");
-	iv = 0;
-	while ((sigInfo = src->signerInfos[iv++]) != NULL) {
-	    sprintf(om, "Signer Information (%x)", iv);
-	    secu_PrintSignerInfo(out, sigInfo, om, level + 2);
-	}
-    }  
-
-    return 0;
-}
-
-int
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    CERTCrl *c = NULL;
-    int rv;
-
-    do {
-	/* Decode CRL */
-	c = (CERTCrl*) PORT_ZAlloc(sizeof(CERTCrl));
-	if (!c) {
-	    rv = PORT_GetError();
-	    break;
-	}
-
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (!arena) {
-	    rv = SEC_ERROR_NO_MEMORY;
-	    break;
-	}
-
-	rv = SEC_ASN1DecodeItem(arena, c, SEC_ASN1_GET(CERT_CrlTemplate), der);
-	if (rv != SECSuccess)
-	    break;
-	SECU_PrintCRLInfo (out, c, m, level);
-    } while (0);
-    PORT_FreeArena (arena, PR_FALSE);
-    PORT_Free (c);
-    return (rv);
-}
-
-
-/*
-** secu_PrintPKCS7Encrypted
-**   Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
-			 char *m, int level)
-{
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    secu_PrintPKCS7EncContent(out, &src->encContentInfo, 
-			      "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-**   Pretty print a PKCS7 digested data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src,
-			char *m, int level)
-{
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-    
-    SECU_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm",
-			  level + 1);
-    secu_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
-			       level + 1);
-    SECU_PrintAsHex(out, &src->digest, "Digest", level + 1);  
-}
-
-/*
-** secu_PrintPKCS7ContentInfo
-**   Takes a SEC_PKCS7ContentInfo type and sends the contents to the 
-** appropriate function
-*/
-static int
-secu_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src,
-			   char *m, int level)
-{
-    char *desc;
-    SECOidTag kind;
-    int rv;
-
-    SECU_Indent(out, level);  fprintf(out, "%s:\n", m);
-    level++;
-
-    if (src->contentTypeTag == NULL)
-	src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
-    if (src->contentTypeTag == NULL) {
-	desc = "Unknown";
-	kind = SEC_OID_PKCS7_DATA;
-    } else {
-	desc = src->contentTypeTag->desc;
-	kind = src->contentTypeTag->offset;
-    }
-
-    if (src->content.data == NULL) {
-	SECU_Indent(out, level); fprintf(out, "%s:\n", desc);
-	level++;
-	SECU_Indent(out, level); fprintf(out, "<no content>\n");
-	return 0;
-    }
-
-    rv = 0;
-    switch (kind) {
-      case SEC_OID_PKCS7_SIGNED_DATA:  /* Signed Data */
-	rv = secu_PrintPKCS7Signed(out, src->content.signedData, desc, level);
-	break;
-
-      case SEC_OID_PKCS7_ENVELOPED_DATA:  /* Enveloped Data */
-        secu_PrintPKCS7Enveloped(out, src->content.envelopedData, desc, level);
-	break;
-
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:  /* Signed and Enveloped */
-	rv = secu_PrintPKCS7SignedAndEnveloped(out,
-					src->content.signedAndEnvelopedData,
-					desc, level);
-	break;
-
-      case SEC_OID_PKCS7_DIGESTED_DATA:  /* Digested Data */
-	secu_PrintPKCS7Digested(out, src->content.digestedData, desc, level);
-	break;
-
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:  /* Encrypted Data */
-	secu_PrintPKCS7Encrypted(out, src->content.encryptedData, desc, level);
-	break;
-
-      default:
-	SECU_PrintAsHex(out, src->content.data, desc, level);
-	break;
-    }
-
-    return rv;
-}
-
-/*
-** SECU_PrintPKCS7ContentInfo
-**   Decode and print any major PKCS7 data type (up to version 1).
-*/
-int
-SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, int level)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    int rv;
-
-    cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
-    if (cinfo != NULL) {
-	/* Send it to recursive parsing and printing module */
-	rv = secu_PrintPKCS7ContentInfo(out, cinfo, m, level);
-	SEC_PKCS7DestroyContentInfo(cinfo);
-    } else {
-	rv = -1;
-    }
-
-    return rv;
-}
-
-/*
-** End of PKCS7 functions
-*/
-
-void
-printFlags(FILE *out, unsigned int flags, int level)
-{
-    if ( flags & CERTDB_VALID_PEER ) {
-	SECU_Indent(out, level); fprintf(out, "Valid Peer\n");
-    }
-    if ( flags & CERTDB_TRUSTED ) {
-	SECU_Indent(out, level); fprintf(out, "Trusted\n");
-    }
-    if ( flags & CERTDB_SEND_WARN ) {
-	SECU_Indent(out, level); fprintf(out, "Warn When Sending\n");
-    }
-    if ( flags & CERTDB_VALID_CA ) {
-	SECU_Indent(out, level); fprintf(out, "Valid CA\n");
-    }
-    if ( flags & CERTDB_TRUSTED_CA ) {
-	SECU_Indent(out, level); fprintf(out, "Trusted CA\n");
-    }
-    if ( flags & CERTDB_NS_TRUSTED_CA ) {
-	SECU_Indent(out, level); fprintf(out, "Netscape Trusted CA\n");
-    }
-    if ( flags & CERTDB_USER ) {
-	SECU_Indent(out, level); fprintf(out, "User\n");
-    }
-    if ( flags & CERTDB_TRUSTED_CLIENT_CA ) {
-	SECU_Indent(out, level); fprintf(out, "Trusted Client CA\n");
-    }
-#ifdef DEBUG
-    if ( flags & CERTDB_GOVT_APPROVED_CA ) {
-	SECU_Indent(out, level); fprintf(out, "Step-up\n");
-    }
-#endif /* DEBUG */
-}
-
-void
-SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level)
-{
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    SECU_Indent(out, level+1); fprintf(out, "SSL Flags:\n");
-    printFlags(out, trust->sslFlags, level+2);
-    SECU_Indent(out, level+1); fprintf(out, "Email Flags:\n");
-    printFlags(out, trust->emailFlags, level+2);
-    SECU_Indent(out, level+1); fprintf(out, "Object Signing Flags:\n");
-    printFlags(out, trust->objectSigningFlags, level+2);
-}
-
-int SECU_PrintSignedData(FILE *out, SECItem *der, char *m,
-			   int level, SECU_PPFunc inner)
-{
-    PRArenaPool *arena = NULL;
-    CERTSignedData *sd;
-    int rv;
-
-    /* Strip off the signature */
-    sd = (CERTSignedData*) PORT_ZAlloc(sizeof(CERTSignedData));
-    if (!sd)
-	return PORT_GetError();
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena)
-	return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, sd, SEC_ASN1_GET(CERT_SignedDataTemplate), 
-                            der);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-
-    SECU_Indent(out, level); fprintf(out, "%s:\n", m);
-    rv = (*inner)(out, &sd->data, "Data", level+1);
-    if (rv) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return rv;
-    }
-
-    SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm",
-			  level+1);
-    DER_ConvertBitString(&sd->signature);
-    SECU_PrintAsHex(out, &sd->signature, "Signature", level+1);
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return 0;
-
-}
-
-
-#ifdef AIX
-int _OS_SELECT (int nfds, void *readfds, void *writefds,
-               void *exceptfds, struct timeval *timeout) {
-   return select (nfds,readfds,writefds,exceptfds,timeout);
-}
-#endif 
-
-SECItem *
-SECU_GetPBEPassword(void *arg)
-{
-    char *p = NULL;
-    SECItem *pwitem = NULL;
-
-    p = SECU_GetPasswordString(arg,"Password: ");
-
-    /* NOTE: This function is obviously unfinished. */
-
-    if ( pwitem == NULL ) {
-	fprintf(stderr, "Error hashing password\n");
-	return NULL;
-    }
-    
-    return pwitem;
-}
-
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd)
-{
-    PRBool found;
-    PLOptState *optstate;
-    PLOptStatus status;
-    char *optstring;
-    int i, j;
-
-    optstring = (char *)malloc(cmd->numCommands + 2*cmd->numOptions);
-    j = 0;
-
-    for (i=0; i<cmd->numCommands; i++) {
-	optstring[j++] = cmd->commands[i].flag;
-    }
-    for (i=0; i<cmd->numOptions; i++) {
-	optstring[j++] = cmd->options[i].flag;
-	if (cmd->options[i].needsArg)
-	    optstring[j++] = ':';
-    }
-    optstring[j] = '\0';
-    optstate = PL_CreateOptState(argc, argv, optstring);
-
-    /* Parse command line arguments */
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-
-	/*  Wasn't really an option, just standalone arg.  */
-	if (optstate->option == '\0')
-	    continue;
-
-	found = PR_FALSE;
-
-	for (i=0; i<cmd->numCommands; i++) {
-	    if (cmd->commands[i].flag == optstate->option) {
-		cmd->commands[i].activated = PR_TRUE;
-		if (optstate->value) {
-		    cmd->commands[i].arg = (char *)optstate->value;
-		}
-		found = PR_TRUE;
-		break;
-	    }
-	}
-
-	if (found)
-	    continue;
-
-	for (i=0; i<cmd->numOptions; i++) {
-	    if (cmd->options[i].flag == optstate->option) {
-		cmd->options[i].activated = PR_TRUE;
-		if (optstate->value) {
-		    cmd->options[i].arg = (char *)optstate->value;
-		}
-		found = PR_TRUE;
-		break;
-	    }
-	}
-
-	if (!found)
-	    return SECFailure;
-    }
-    if (status == PL_OPT_BAD)
-	return SECFailure;
-    return SECSuccess;
-}
-
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum)
-{
-	if (optionNum < 0 || optionNum >= cmd->numOptions)
-		return NULL;
-	if (cmd->options[optionNum].activated)
-		return PL_strdup(cmd->options[optionNum].arg);
-	else
-		return NULL;
-}
-
-static char SECUErrorBuf[64];
-
-char *
-SECU_ErrorStringRaw(int16 err)
-{
-    if (err == 0)
-	sprintf(SECUErrorBuf, "");
-    else if (err == SEC_ERROR_BAD_DATA)
-	sprintf(SECUErrorBuf, "Bad data");
-    else if (err == SEC_ERROR_BAD_DATABASE)
-	sprintf(SECUErrorBuf, "Problem with database");
-    else if (err == SEC_ERROR_BAD_DER)
-	sprintf(SECUErrorBuf, "Problem with DER");
-    else if (err == SEC_ERROR_BAD_KEY)
-	sprintf(SECUErrorBuf, "Problem with key");
-    else if (err == SEC_ERROR_BAD_PASSWORD)
-	sprintf(SECUErrorBuf, "Incorrect password");
-    else if (err == SEC_ERROR_BAD_SIGNATURE)
-	sprintf(SECUErrorBuf, "Bad signature");
-    else if (err == SEC_ERROR_EXPIRED_CERTIFICATE)
-	sprintf(SECUErrorBuf, "Expired certificate");
-    else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
-	sprintf(SECUErrorBuf, "Invalid extension value");
-    else if (err == SEC_ERROR_INPUT_LEN)
-	sprintf(SECUErrorBuf, "Problem with input length");
-    else if (err == SEC_ERROR_INVALID_ALGORITHM)
-	sprintf(SECUErrorBuf, "Invalid algorithm");
-    else if (err == SEC_ERROR_INVALID_ARGS)
-	sprintf(SECUErrorBuf, "Invalid arguments");
-    else if (err == SEC_ERROR_INVALID_AVA)
-	sprintf(SECUErrorBuf, "Invalid AVA");
-    else if (err == SEC_ERROR_INVALID_TIME)
-	sprintf(SECUErrorBuf, "Invalid time");
-    else if (err == SEC_ERROR_IO)
-	sprintf(SECUErrorBuf, "Security I/O error");
-    else if (err == SEC_ERROR_LIBRARY_FAILURE)
-	sprintf(SECUErrorBuf, "Library failure");
-    else if (err == SEC_ERROR_NO_MEMORY)
-	sprintf(SECUErrorBuf, "Out of memory");
-    else if (err == SEC_ERROR_OLD_CRL)
-	sprintf(SECUErrorBuf, "CRL is older than the current one");
-    else if (err == SEC_ERROR_OUTPUT_LEN)
-	sprintf(SECUErrorBuf, "Problem with output length");
-    else if (err == SEC_ERROR_UNKNOWN_ISSUER)
-	sprintf(SECUErrorBuf, "Unknown issuer");
-    else if (err == SEC_ERROR_UNTRUSTED_CERT)
-	sprintf(SECUErrorBuf, "Untrusted certificate");
-    else if (err == SEC_ERROR_UNTRUSTED_ISSUER)
-	sprintf(SECUErrorBuf, "Untrusted issuer");
-    else if (err == SSL_ERROR_BAD_CERTIFICATE)
-	sprintf(SECUErrorBuf, "Bad certificate");
-    else if (err == SSL_ERROR_BAD_CLIENT)
-	sprintf(SECUErrorBuf, "Bad client");
-    else if (err == SSL_ERROR_BAD_SERVER)
-	sprintf(SECUErrorBuf, "Bad server");
-    else if (err == SSL_ERROR_EXPORT_ONLY_SERVER)
-	sprintf(SECUErrorBuf, "Export only server");
-    else if (err == SSL_ERROR_NO_CERTIFICATE)
-	sprintf(SECUErrorBuf, "No certificate");
-    else if (err == SSL_ERROR_NO_CYPHER_OVERLAP)
-	sprintf(SECUErrorBuf, "No cypher overlap");
-    else if (err == SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE)
-	sprintf(SECUErrorBuf, "Unsupported certificate type");
-    else if (err == SSL_ERROR_UNSUPPORTED_VERSION)
-	sprintf(SECUErrorBuf, "Unsupported version");
-    else if (err == SSL_ERROR_US_ONLY_SERVER)
-	sprintf(SECUErrorBuf, "U.S. only server");
-    else if (err == PR_IO_ERROR)
-	sprintf(SECUErrorBuf, "I/O error");
-
-    else if (err == SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE)
-        sprintf (SECUErrorBuf, "Expired Issuer Certificate");
-    else if (err == SEC_ERROR_REVOKED_CERTIFICATE)
-        sprintf (SECUErrorBuf, "Revoked certificate");
-    else if (err == SEC_ERROR_NO_KEY)
-        sprintf (SECUErrorBuf, "No private key in database for this cert");
-    else if (err == SEC_ERROR_CERT_NOT_VALID)
-        sprintf (SECUErrorBuf, "Certificate is not valid");
-    else if (err == SEC_ERROR_EXTENSION_NOT_FOUND)
-        sprintf (SECUErrorBuf, "Certificate extension was not found");
-    else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
-        sprintf (SECUErrorBuf, "Certificate extension value invalid");
-    else if (err == SEC_ERROR_CA_CERT_INVALID)
-        sprintf (SECUErrorBuf, "Issuer certificate is invalid");
-    else if (err == SEC_ERROR_CERT_USAGES_INVALID)
-        sprintf (SECUErrorBuf, "Certificate usages is invalid");
-    else if (err == SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION)
-        sprintf (SECUErrorBuf, "Certificate has unknown critical extension");
-    else if (err == SEC_ERROR_PKCS7_BAD_SIGNATURE)
-        sprintf (SECUErrorBuf, "Bad PKCS7 signature");
-    else if (err == SEC_ERROR_INADEQUATE_KEY_USAGE)
-        sprintf (SECUErrorBuf, "Certificate not approved for this operation");
-    else if (err == SEC_ERROR_INADEQUATE_CERT_TYPE)
-        sprintf (SECUErrorBuf, "Certificate not approved for this operation");
-
-    return SECUErrorBuf;
-}
-
-char *
-SECU_ErrorString(int16 err)
-{
-    char *error_string;
-
-    *SECUErrorBuf = 0;
-    SECU_ErrorStringRaw (err);
-
-    if (*SECUErrorBuf == 0) { 
-	error_string = SECU_GetString(err);
-	if (error_string == NULL || *error_string == '\0') 
-	    sprintf(SECUErrorBuf, "No error string found for %d.",  err);
-	else
-	    return error_string;
-    }
-
-    return SECUErrorBuf;
-}
-
-
-void 
-SECU_PrintPRandOSError(char *progName) 
-{
-    char buffer[513];
-    PRErrorCode err    = PR_GetError();
-    PRInt32     errLen = PR_GetErrorTextLength();
-    if (errLen > 0 && errLen < sizeof buffer) {
-        PR_GetErrorText(buffer);
-    }
-    SECU_PrintError(progName, "NSS_Initialize failed");
-    if (errLen > 0 && errLen < sizeof buffer) {
-        PR_fprintf(PR_STDERR, "\t%s\n", buffer);
-    }
-}
diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h
deleted file mode 100644
index e2db2f4c8..000000000
--- a/security/nss/cmd/lib/secutil.h
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _SEC_UTIL_H_
-#define _SEC_UTIL_H_
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "prerror.h"
-#include "base64.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secder.h"
-#include <stdio.h>
-
-#define SEC_CT_PRIVATE_KEY		"private-key"
-#define SEC_CT_PUBLIC_KEY		"public-key"
-#define SEC_CT_CERTIFICATE		"certificate"
-#define SEC_CT_CERTIFICATE_REQUEST	"certificate-request"
-#define SEC_CT_PKCS7			"pkcs7"
-#define SEC_CT_CRL			"crl"
-
-#define NS_CERTREQ_HEADER "-----BEGIN NEW CERTIFICATE REQUEST-----"
-#define NS_CERTREQ_TRAILER "-----END NEW CERTIFICATE REQUEST-----"
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-/* From libsec/pcertdb.c --- it's not declared in sec.h */
-extern SECStatus SEC_AddPermCertificate(CERTCertDBHandle *handle,
-		SECItem *derCert, char *nickname, CERTCertTrust *trust);
-
-
-#ifdef SECUTIL_NEW
-typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item, 
-                           char *msg, int level);
-#else
-typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level);
-#endif
-
-typedef struct {
-    enum {
-	PW_NONE = 0,
-	PW_FROMFILE = 1,
-	PW_PLAINTEXT = 2
-    } source;
-    char *data;
-} secuPWData;
-
-/*
-** Change a password on a token, or initialize a token with a password
-** if it does not already have one.
-** Use passwd to send the password in plaintext, pwFile to specify a
-** file containing the password, or NULL for both to prompt the user.
-*/
-SECStatus SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile);
-
-/*  These were stolen from the old sec.h... */
-/*
-** Check a password for legitimacy. Passwords must be at least 8
-** characters long and contain one non-alphabetic. Return DSTrue if the
-** password is ok, DSFalse otherwise.
-*/
-extern PRBool SEC_CheckPassword(char *password);
-
-/*
-** Blind check of a password. Complement to SEC_CheckPassword which 
-** ignores length and content type, just retuning DSTrue is the password
-** exists, DSFalse if NULL
-*/
-extern PRBool SEC_BlindCheckPassword(char *password);
-
-/*
-** Get a password.
-** First prompt with "msg" on "out", then read the password from "in".
-** The password is then checked using "chkpw".
-*/
-extern char *SEC_GetPassword(FILE *in, FILE *out, char *msg,
-				      PRBool (*chkpw)(char *));
-
-char *SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-char *SECU_GetPasswordString(void *arg, char *prompt);
-
-/*
-** Write a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to encrypt a password "pw" into a file "fd".
-*/
-extern SECStatus SEC_WriteDongleFile(int fd, char *pw);
-
-/*
-** Get a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to decrypt and return a password from file "fd".
-*/
-extern char *SEC_ReadDongleFile(int fd);
-
-
-/* End stolen headers */
-
-/* Just sticks the two strings together with a / if needed */
-char *SECU_AppendFilenameToDir(char *dir, char *filename);
-
-/* Returns result of getenv("SSL_DIR") or NULL */
-extern char *SECU_DefaultSSLDir(void);
-
-/*
-** Should be called once during initialization to set the default 
-**    directory for looking for cert.db, key.db, and cert-nameidx.db files
-** Removes trailing '/' in 'base' 
-** If 'base' is NULL, defaults to set to .netscape in home directory.
-*/
-extern char *SECU_ConfigDirectory(const char* base);
-
-/* 
-** Basic callback function for SSL_GetClientAuthDataHook
-*/
-extern int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
-		       struct CERTDistNamesStr *caNames,
-		       struct CERTCertificateStr **pRetCert,
-		       struct SECKEYPrivateKeyStr **pRetKey);
-
-/* print out an error message */
-extern void SECU_PrintError(char *progName, char *msg, ...);
-
-/* print out a system error message */
-extern void SECU_PrintSystemError(char *progName, char *msg, ...);
-
-/* Return informative error string */
-extern const char * SECU_Strerror(PRErrorCode errNum);
-
-/* Read the contents of a file into a SECItem */
-extern SECStatus SECU_FileToItem(SECItem *dst, PRFileDesc *src);
-extern SECStatus SECU_TextFileToItem(SECItem *dst, PRFileDesc *src);
-
-/* Read in a DER from a file, may be ascii  */
-extern SECStatus 
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii);
-
-/* Indent based on "level" */
-extern void SECU_Indent(FILE *out, int level);
-
-/* Print integer value and hex */
-extern void SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level);
-
-/* Print ObjectIdentifier symbolically */
-extern void SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level);
-
-/* Print AlgorithmIdentifier symbolically */
-extern void SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m,
-				  int level);
-
-/* Print SECItem as hex */
-extern void SECU_PrintAsHex(FILE *out, SECItem *i, char *m, int level);
-
-/* dump a buffer in hex and ASCII */
-extern void SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len);
-
-/*
- * Format and print the UTC Time "t".  If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level);
-
-/*
- * Format and print the Generalized Time "t".  If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m,
-				      int level);
-
-/* callback for listing certs through pkcs11 */
-extern SECStatus SECU_PrintCertNickname(CERTCertificate *cert, void *data);
-
-/* Dump all certificate nicknames in a database */
-extern SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc* out, 
-                           PRBool sortByName, PRBool sortByTrust);
-
-/* See if nickname already in database. Return 1 true, 0 false, -1 error */
-int SECU_CheckCertNameExists(CERTCertDBHandle *handle, char *nickname);
-
-/* Dump contents of cert req */
-extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m,
-	int level);
-
-/* Dump contents of certificate */
-extern int SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level);
-
-/* print trust flags on a cert */
-extern void SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level);
-
-/* Dump contents of public key */
-extern int SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level);
-
-#ifdef HAVE_EPV_TEMPLATE
-/* Dump contents of private key */
-extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level);
-#endif
-
-/* Print the MD5 and SHA1 fingerprints of a cert */
-extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m,
-                                  int level);
-
-/* Pretty-print any PKCS7 thing */
-extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, 
-				      int level);
-
-/* Init PKCS11 stuff */
-extern SECStatus SECU_PKCS11Init(PRBool readOnly);
-
-/* Dump contents of signed data */
-extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level,
-				SECU_PPFunc inner);
-
-extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level);
-
-extern void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level);
-
-extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
-				 char *msg, int level);
-
-extern void SECU_PrintName(FILE *out, CERTName *name, char *msg, int level);
-
-#ifdef SECU_GetPassword
-/* Convert a High public Key to a Low public Key */
-extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey);
-#endif
-
-extern SECItem *SECU_GetPBEPassword(void *arg);
-
-extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw);
-extern void SEC_Init(void);
-
-extern char *SECU_SECModDBName(void);
-
-extern void SECU_PrintPRandOSError(char *progName);
-
-/*
- *
- *  Utilities for parsing security tools command lines 
- *
- */
-
-/*  A single command flag  */
-typedef struct {
-    char flag;
-    PRBool needsArg;
-    char *arg;
-    PRBool activated;
-} secuCommandFlag;
-
-/*  A full array of command/option flags  */
-typedef struct
-{
-    int numCommands;
-    int numOptions;
-
-    secuCommandFlag *commands;
-    secuCommandFlag *options;
-} secuCommand;
-
-/*  fill the "arg" and "activated" fields for each flag  */
-SECStatus 
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd);
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum);
-
-/*
- *
- *  Error messaging
- *
- */
-
-/* Return informative error string */
-char *SECU_ErrorString(int16 err);
-
-/* Return informative error string. Does not call XP_GetString */
-char *SECU_ErrorStringRaw(int16 err);
-
-void printflags(char *trusts, unsigned int flags);
-
-#ifndef XP_UNIX
-extern int ffs(unsigned int i);
-#endif
-
-#include "secerr.h"
-#include "sslerr.h"
-
-#endif /* _SEC_UTIL_H_ */
diff --git a/security/nss/cmd/lib/sslstubs.c b/security/nss/cmd/lib/sslstubs.c
deleted file mode 100644
index a7ceda64a..000000000
--- a/security/nss/cmd/lib/sslstubs.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secport.h"	/* for UUID */
-#ifdef XP_WIN
-#include <IO.H>
-#endif
-
-#ifndef NOT_NULL
-char *NOT_NULL(const char *x)
-{
-	return((char *) x);
-}
-#endif
-
-/* Override the macro definition in xpassert.h if necessary. */
-#ifdef XP_AssertAtLine
-#undef XP_AssertAtLine
-#endif
-
-void XP_AssertAtLine(char *pFileName, int iLine)
-{
-	abort();
-}
-
-void FE_Trace(const char *msg)
-{
-	fputs(msg, stderr);
-}
-
-#ifdef XP_WIN
-RPC_STATUS __stdcall UuidCreate(UUID *Uuid)
-{
-	return 0;
-}
-
-void FEU_StayingAlive(void)
-{
-}
-
-int dupsocket(int sock)
-{
-	return dup(sock);
-}
-#endif
diff --git a/security/nss/cmd/lib/strerror.c b/security/nss/cmd/lib/strerror.c
deleted file mode 100644
index 32af63603..000000000
--- a/security/nss/cmd/lib/strerror.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(XP_WIN)
-#include <errno.h>
-#include <winsock.h>
-#define EWOULDBLOCK WSAEWOULDBLOCK
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-static char *(mcom_include_merrors_i_strings)(int16 i) ;
-static char *(mcom_include_secerr_i_strings)(int16 i) ;
-static char *(mcom_include_sslerr_i_strings)(int16 i) ;
-static char *(mcom_include_xp_error_i_strings)(int16 i) ;
-static char *(mcom_include_xp_msg_i_strings)(int16 i) ;
-
-
-#ifdef XP_WIN
-
-#define EWOULDBLOCK             WSAEWOULDBLOCK
-#define EINPROGRESS             WSAEINPROGRESS
-#define EALREADY                WSAEALREADY
-#define ENOTSOCK                WSAENOTSOCK
-#define EDESTADDRREQ            WSAEDESTADDRREQ
-#define EMSGSIZE                WSAEMSGSIZE
-#define EPROTOTYPE              WSAEPROTOTYPE
-#define ENOPROTOOPT             WSAENOPROTOOPT
-#define EPROTONOSUPPORT         WSAEPROTONOSUPPORT
-#define ESOCKTNOSUPPORT         WSAESOCKTNOSUPPORT
-#define EOPNOTSUPP              WSAEOPNOTSUPP
-#define EPFNOSUPPORT            WSAEPFNOSUPPORT
-#define EAFNOSUPPORT            WSAEAFNOSUPPORT
-#define EADDRINUSE              WSAEADDRINUSE
-#define EADDRNOTAVAIL           WSAEADDRNOTAVAIL
-#define ENETDOWN                WSAENETDOWN
-#define ENETUNREACH             WSAENETUNREACH
-#define ENETRESET               WSAENETRESET
-#define ECONNABORTED            WSAECONNABORTED
-#define ECONNRESET              WSAECONNRESET
-#define ENOBUFS                 WSAENOBUFS
-#define EISCONN                 WSAEISCONN
-#define ENOTCONN                WSAENOTCONN
-#define ESHUTDOWN               WSAESHUTDOWN
-#define ETOOMANYREFS            WSAETOOMANYREFS
-#define ETIMEDOUT               WSAETIMEDOUT
-#define ECONNREFUSED            WSAECONNREFUSED
-#define ELOOP                   WSAELOOP
-#define EHOSTDOWN               WSAEHOSTDOWN
-#define EHOSTUNREACH            WSAEHOSTUNREACH
-#define EPROCLIM                WSAEPROCLIM
-#define EUSERS                  WSAEUSERS
-#define EDQUOT                  WSAEDQUOT
-#define ESTALE                  WSAESTALE
-#define EREMOTE                 WSAEREMOTE
-
-#endif
-
-#undef XP_WIN
-#undef XP_UNIX
-#undef RESOURCE_STR_X
-#undef RESOURCE_STR
-
-#define XP_UNIX 1
-#define RESOURCE_STR 1
-
-#include "allxpstr.h"
-
-const char *
-SECU_Strerror(int error)
-{
-    char * errString;
-    int16  err          = error + RES_OFFSET;
-
-    errString = mcom_include_merrors_i_strings(err) ;
-    if (!errString)
-	errString =  mcom_include_secerr_i_strings(err) ;
-    if (!errString)
-	errString =  mcom_include_sslerr_i_strings(err) ;
-    if (!errString)
-	errString =  mcom_include_xp_error_i_strings(err) ;
-    if (!errString)
-	errString =  mcom_include_xp_msg_i_strings(err) ;
-    if (!errString)
-	errString =  "ERROR NOT FOUND! \n";
-
-/*    printf( "%s\n", errString); */
-
-    return (const char *)errString;
-}
-
diff --git a/security/nss/cmd/lib/stubs.c b/security/nss/cmd/lib/stubs.c
deleted file mode 100644
index 6dfafcb66..000000000
--- a/security/nss/cmd/lib/stubs.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secport.h"	/* for UUID */
-
-#if !defined(SUNOS) && !defined(SUN) && !defined(SOLARIS)
-void SSL_InitHashLock (void)
-  {
-  }
-
-void SSL3_Init (void)
-  {
-  }
-#endif
-
-int
-PREF_GetCharPref(const char *pref_name, char * return_buffer, int * length)
-{
-    assert(0);
-    return -1;
-}
diff --git a/security/nss/cmd/makefile.inc b/security/nss/cmd/makefile.inc
deleted file mode 100644
index 029576e7c..000000000
--- a/security/nss/cmd/makefile.inc
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-INCLUDES += \
-	-I$(DEPTH)/security/lib/cert \
-	-I$(DEPTH)/security/lib/key \
-	-I$(DEPTH)/security/lib/util  \
-	-I../include \
-	$(NULL)
-
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
-	$(DIST)/lib/libdbm.a \
-	$(DIST)/lib/libxp.a \
-	$(DIST)/lib/libnspr21.a \
-	$(NULL)
-
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
-	$(DIST)/lib/libsecnav.a \
-        $(DIST)/lib/libssl.a \
-        $(DIST)/lib/libpkcs7.a \
-        $(DIST)/lib/libcert.a \
-        $(DIST)/lib/libkey.a \
-	$(DIST)/lib/libsecmod.a \
-        $(DIST)/lib/libcrypto.a \
-        $(DIST)/lib/libsecutil.a \
-        $(DIST)/lib/libssl.a \
-        $(DIST)/lib/libpkcs7.a \
-        $(DIST)/lib/libcert.a \
-        $(DIST)/lib/libkey.a \
-	$(DIST)/lib/libsecmod.a \
-        $(DIST)/lib/libcrypto.a \
-        $(DIST)/lib/libsecutil.a \
-        $(DIST)/lib/libhash.a \
-	$(NULL)
-
-MYLIBDIR= ../lib/$(OBJDIR)
-MYLIB	= $(MYLIBDIR)/libsectool.a
-
-US_LIBS	= $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS	= $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) 
-
-# this hack is necessary because rules.mk doesn't put anything like $(LIBS)
-# on the link command line (!?!?!?!)
-LDFLAGS += $(EX_LIBS)
-
diff --git a/security/nss/cmd/makefile.win b/security/nss/cmd/makefile.win
deleted file mode 100644
index 5e506590b..000000000
--- a/security/nss/cmd/makefile.win
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-include <$(DEPTH)\config\config.mak>
-
-include <$(DEPTH)\config\rules.mak>
-
-objs:	$(OBJS)
-
-programs: $(PROGRAM)
-
-syms:
-	@echo "OBJS is $(OBJS)"
-	@echo "INCS is $(INCS)"
-
diff --git a/security/nss/cmd/makepqg/Makefile b/security/nss/cmd/makepqg/Makefile
deleted file mode 100644
index 36bf774fb..000000000
--- a/security/nss/cmd/makepqg/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
-
diff --git a/security/nss/cmd/makepqg/makefile.win b/security/nss/cmd/makepqg/makefile.win
deleted file mode 100644
index 462448d73..000000000
--- a/security/nss/cmd/makepqg/makefile.win
+++ /dev/null
@@ -1,156 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-PROGRAM = makepqg
-PROGRAM	= $(OBJDIR)\$(PROGRAM).exe
-
-include <$(DEPTH)\config\config.mak>
-
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/crypto \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib 		# brpref32.lib 		# cert32.lib
-# crypto32.lib 		# dllcom.lib 		# editor32.lib
-# edpref32.lib 		# edtplug.lib 		# font.lib
-# hash32.lib 		# htmldg32.lib 		# img32.lib
-# javart32.lib 		# jbn3240.lib 		# jdb3240.lib
-# jmc.lib 		# jpeg3240.lib 		# jpw3240.lib
-# jrt3240.lib 		# js3240.lib 		# jsd3240.lib
-# key32.lib 		# libapplet32.lib 	# libnjs32.lib
-# libnsc32.lib 		# libreg32.lib 		# mm3240.lib
-# mnpref32.lib 		# netcst32.lib 		# nsdlg32.lib
-# nsldap32.lib 		# nsldaps32.lib 	# nsn32.lib
-# pkcs1232.lib 		# pkcs732.lib 		# pr3240.lib
-# prefui32.lib 		# prefuuid.lib 		# secmod32.lib
-# secnav32.lib 		# secutl32.lib 		# softup32.lib
-# sp3240.lib 		# ssl32.lib 		# uni3200.lib
-# unicvt32.lib 		# win32md.lib 		# winfont.lib
-# xppref32.lib 		# zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj  XP_ALLOC.obj  XP_HASH.obj   XP_RGB.obj    XP_WRAP.obj
-# CXPRINT.obj   XP_C.cl       XP_LIST.obj   XP_SEC.obj    netscape.exp
-# CXPRNDLG.obj  XP_CNTXT.obj  XP_MD5.obj    XP_STR.obj    xp.pch
-# EXPORT.obj    XP_CORE.obj   XP_MESG.obj   XP_THRMO.obj  xppref32.dll
-# XPASSERT.obj  XP_ERROR.obj  XP_RECT.obj   XP_TIME.obj
-# XPLOCALE.obj  XP_FILE.obj   XP_REG.obj    XP_TRACE.obj
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/makepqg/makepqg.c b/security/nss/cmd/makepqg/makepqg.c
deleted file mode 100644
index 028ef7259..000000000
--- a/security/nss/cmd/makepqg/makepqg.c
+++ /dev/null
@@ -1,290 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "nss.h"
-#include "secutil.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "pk11pqg.h"
-#include "pqgutil.h"
-#include "secrng.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "plgetopt.h"
-
-#define BPB 8 /* bits per byte. */
-
-char               *progName;
-
-
-const SEC_ASN1Template seckey_PQGParamsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
-    { 0, }
-};
-
-
-
-void
-Usage(void)
-{
-    fprintf(stderr, "Usage:  %s\n", progName);
-    fprintf(stderr, 
-"-a   Output DER-encoded PQG params, BTOA encoded.\n"
-"     -l prime-length       Length of prime in bits (1024 is default)\n"
-"     -o file               Output to this file (default is stdout)\n"
-"-b   Output DER-encoded PQG params in binary\n"
-"     -l prime-length       Length of prime in bits (1024 is default)\n"
-"     -o file               Output to this file (default is stdout)\n"
-"-r   Output P, Q and G in ASCII hexadecimal. \n"
-"     -l prime-length       Length of prime in bits (1024 is default)\n"
-"     -o file               Output to this file (default is stdout)\n"   
-"-g bits       Generate SEED this many bits long.\n"
-);
-    exit(-1);
-
-}
-
-int
-outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
-                FILE * outFile)
-{
-    PRArenaPool   * arena 		= NULL;
-    char          * PQG;
-    SECItem         encodedParams;
-
-    if (output_raw) {
-    	SECItem item;
-
-	PK11_PQG_GetPrimeFromParams(pqgParams, &item);
-	SECU_PrintInteger(outFile, &item,    "Prime",    1);
-	SECITEM_FreeItem(&item, PR_FALSE);
-
-	PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
-	SECU_PrintInteger(outFile, &item, "Subprime", 1);
-	SECITEM_FreeItem(&item, PR_FALSE);
-
-	PK11_PQG_GetBaseFromParams(pqgParams, &item);
-	SECU_PrintInteger(outFile, &item,     "Base",     1);
-	SECITEM_FreeItem(&item, PR_FALSE);
-
-	fprintf(outFile, "\n");
-	return 0;
-    }
-
-    encodedParams.data = NULL;
-    encodedParams.len  = 0;
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
-		       seckey_PQGParamsTemplate);
-    if (output_binary) {
-	fwrite(encodedParams.data, encodedParams.len, sizeof(char), outFile);
-	printf("\n");
-	return 0;
-    }
-
-    /* must be output ASCII */
-    PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);    
-
-    fprintf(outFile,"%s",PQG);
-    printf("\n");
-    return 0;
-}
-
-int
-outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
-                FILE * outFile)
-{
-    if (output_raw) {
-    	SECItem item;
-	unsigned int counter;
-
-	PK11_PQG_GetHFromVerify(pqgVerify, &item);
-	SECU_PrintInteger(outFile, &item,        "h",        1);
-	SECITEM_FreeItem(&item, PR_FALSE);
-
-	PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
-	SECU_PrintInteger(outFile, &item,     "SEED",     1);
-	fprintf(outFile, "    g:       %d\n", item.len * BPB);
-	SECITEM_FreeItem(&item, PR_FALSE);
-
-	counter = PK11_PQG_GetCounterFromVerify(pqgVerify);
-	fprintf(outFile, "    counter: %d\n", counter);
-	fprintf(outFile, "\n");
-	return 0;
-    }
-    return 0;
-}
-
-int
-main(int argc, char **argv)
-{
-    FILE          * outFile 		= NULL;
-    PQGParams     * pqgParams 		= NULL;
-    PQGVerify     * pqgVerify           = NULL;
-    int             keySizeInBits	= 1024;
-    int             j;
-    int             o;
-    int             g                   = 0;
-    SECStatus       rv 			= 0;
-    SECStatus       passed 		= 0;
-    PRBool          output_ascii	= PR_FALSE;
-    PRBool          output_binary	= PR_FALSE;
-    PRBool          output_raw		= PR_FALSE;
-    PLOptState *optstate;
-    PLOptStatus status;
-
-
-    progName = strrchr(argv[0], '/');
-    if (!progName)
-	progName = strrchr(argv[0], '\\');
-    progName = progName ? progName+1 : argv[0];
-
-    /* Parse command line arguments */
-    optstate = PL_CreateOptState(argc, argv, "l:abro:g:" );
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-
-	  case 'l':
-	    keySizeInBits = atoi(optstate->value);
-	    break;
-
-	  case 'a':
-	    output_ascii = PR_TRUE;  
-	    break;
-
-	  case 'b':
-	    output_binary = PR_TRUE;
-	    break;
-
-	  case 'r':
-	    output_raw = PR_TRUE;
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "wb");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		rv = -1;
-	    }
-	    break;
-
-	  case 'g':
-	    g = atoi(optstate->value);
-	    break;
-
-	  default:
-	  case '?':
-	    Usage();
-	    break;
-
-	}
-    }
-
-    if (rv != 0) {
-	return rv;
-    }
-
-    /* exactly 1 of these options must be set. */
-    if (1 != ((output_ascii  != PR_FALSE) + 
-	      (output_binary != PR_FALSE) +
-	      (output_raw    != PR_FALSE))) {
-	Usage();
-    }
-
-    j = PQG_PBITS_TO_INDEX(keySizeInBits);
-    if (j < 0) {
-	fprintf(stderr, "%s: Illegal prime length, \n"
-			"\tacceptable values are between 512 and 1024,\n"
-			"\tand divisible by 64\n", progName);
-	return -1;
-    }
-    if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
-	fprintf(stderr, "%s: Illegal g bits, \n"
-			"\tacceptable values are between 160 and 2040,\n"
-			"\tand divisible by 8\n", progName);
-	return -1;
-    }
-
-    if (outFile == NULL) {
-	outFile = stdout;
-    }
-
-
-    NSS_NoDB_Init(NULL);
-
-    if (g) 
-	rv = PK11_PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8), 
-	                         &pqgParams, &pqgVerify);
-    else 
-	rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
-
-    if (rv != SECSuccess || pqgParams == NULL) {
-	fprintf(stderr, "%s: PQG parameter generation failed.\n", progName);
-	goto loser;
-    } 
-    fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
-
-    o = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
-    o = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
-
-    rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName);
-	goto loser;
-    }
-    if (passed != SECSuccess) {
-	fprintf(stderr, "%s: PQG parameters failed verification.\n", progName);
-	goto loser;
-    } 
-    fprintf(stderr, "%s: PQG parameters passed verification.\n", progName);
-
-    PK11_PQG_DestroyParams(pqgParams);
-    PK11_PQG_DestroyVerify(pqgVerify);
-    return 0;
-
-loser:
-    PK11_PQG_DestroyParams(pqgParams);
-    PK11_PQG_DestroyVerify(pqgVerify);
-    return 1;
-}
diff --git a/security/nss/cmd/makepqg/manifest.mn b/security/nss/cmd/makepqg/manifest.mn
deleted file mode 100644
index 6053caeae..000000000
--- a/security/nss/cmd/makepqg/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = security seccmd dbm 
-
-# DIRS = 
-
-CSRCS	=  makepqg.c
-
-PROGRAM	= makepqg
-
-#USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/makepqg/testit.ksh b/security/nss/cmd/makepqg/testit.ksh
deleted file mode 100644
index 98cb7fa9d..000000000
--- a/security/nss/cmd/makepqg/testit.ksh
+++ /dev/null
@@ -1,41 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-COUNTER=75
-while [ $COUNTER -ge "1" ] 
-do 
-	COUNTER=$(eval expr $COUNTER - 1)
-	echo $COUNTER
-    	*/makepqg.exe -r -l 640 -g 160 || exit 1
-done
-
diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn
deleted file mode 100644
index 1c02b487f..000000000
--- a/security/nss/cmd/manifest.mn
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH	= ../..
-# MODULE	= seccmd
-
-REQUIRES = security nspr libdbm
-
-DIRS = lib  \
- zlib \
- atob  \
- bltest \
- btoa  \
- certcgi \
- certutil  \
- checkcert  \
- crlutil  \
- dbtest \
- derdump  \
- digest  \
- makepqg  \
- ocspclnt  \
- oidcalc  \
- p7content  \
- p7env  \
- p7sign  \
- p7verify  \
- pk12util \
- pp  \
- rngtest \
- rsaperf \
- sdrtest \
- selfserv  \
- signtool \
- signver \
- smimetools  \
- SSLsample \
- ssltap  \
- strsclnt \
- swfort  \
- tstclnt  \
- modutil \
- $(NULL)
-
-TEMPORARILY_DONT_BUILD = \
- $(NULL)
-
-# rsaperf  \
-#
-#       needs to look at what needs to happen to make jar build in
-# the binary release environment.
-#
-# perror requires lib/strerror.c which requires the client code installed 
-# to build (requires allxpstr.h)
-#
-DONT_BULD = jar \
- perror \
-$(NULL)
diff --git a/security/nss/cmd/modutil/Makefile b/security/nss/cmd/modutil/Makefile
deleted file mode 100644
index 3d2bbb412..000000000
--- a/security/nss/cmd/modutil/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
-#
-# Cancel the built-in implicit yacc and lex rules.
-#
-
-%.c: %.y
-%.c: %.l
diff --git a/security/nss/cmd/modutil/README b/security/nss/cmd/modutil/README
deleted file mode 100644
index 12d192c9f..000000000
--- a/security/nss/cmd/modutil/README
+++ /dev/null
@@ -1,7 +0,0 @@
-                    CRYPTOGRAPHIC MODULE UTILITY (modutil)
-                                VERSION 1.0
-              ===============================================
-
-The file specification.html documentats the software.
-
-The file pk11jar.html documents the PKCS #11 JAR format.
diff --git a/security/nss/cmd/modutil/README.TXT b/security/nss/cmd/modutil/README.TXT
deleted file mode 100644
index 279e3ebe6..000000000
--- a/security/nss/cmd/modutil/README.TXT
+++ /dev/null
@@ -1,7 +0,0 @@
-                    CRYPTOGRAPHIC MODULE UTILITY (modutil)

-                                VERSION 1.0

-              ===============================================

-

-The file specification.html documentats the software.

-

-The file pk11jar.html documents the PKCS #11 JAR format.

diff --git a/security/nss/cmd/modutil/config.mk b/security/nss/cmd/modutil/config.mk
deleted file mode 100644
index 9f0cdf1e4..000000000
--- a/security/nss/cmd/modutil/config.mk
+++ /dev/null
@@ -1,77 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all     #
-# library names, and all special system linking options               #
-#######################################################################
-
-LDFLAGS = \
-	$(DYNAMIC_LIB_PATH) \
-	$(LDOPTS) \
-	$(LIBSECTOOLS) \
-	$(LIBSECMOD) \
-	$(LIBHASH) \
-	$(LIBCERT) \
-	$(LIBKEY) \
-	$(LIBCRYPTO) \
-	$(LIBSECUTIL) \
-	$(LIBDBM) \
-	$(LIBPLC3) \
-	$(LIBPLDS3) \
-	$(LIBPR3) \
-	$(DLLSYSTEM) \
-	$(LIBJAR) \
-	$(LIBZLIB) \
-	$(LIBPKCS7) \
-	$(LIBPLC3)
-
-# Strip out the symbols
-ifdef BUILD_OPT
-    ifneq (,$(filter-out WIN%,$(OS_TARGET)))
-	LDFLAGS += -s
-    endif
-endif
-
-#######################################################################
-# Adjust specific variables for all platforms                         #
-#######################################################################
- 
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-    PACKAGE_FILES = license.txt README.TXT specification.html pk11jar.html modutil.exe
-else
-    PACKAGE_FILES = license.doc README specification.html pk11jar.html modutil
-endif
-
-ARCHIVE_NAME = modutil_$(OS_TARGET)$(OS_RELEASE)
diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h
deleted file mode 100644
index 560e317db..000000000
--- a/security/nss/cmd/modutil/error.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef MODUTIL_ERROR_H
-#define MODUTIL_ERROR_H
-
-typedef enum {
-	NO_ERR=0,
-	INVALID_USAGE_ERR,
-	UNEXPECTED_ARG_ERR,
-	UNKNOWN_OPTION_ERR,
-	MULTIPLE_COMMAND_ERR,
-	OPTION_NEEDS_ARG_ERR,
-	DUPLICATE_OPTION_ERR,
-	MISSING_PARAM_ERR,
-	INVALID_FIPS_ARG,
-	NO_COMMAND_ERR,
-	NO_DBDIR_ERR,
-	FIPS_SWITCH_FAILED_ERR,
-	FIPS_ALREADY_ON_ERR,
-	FIPS_ALREADY_OFF_ERR,
-	FILE_ALREADY_EXISTS_ERR,
-	FILE_DOESNT_EXIST_ERR,
-	FILE_NOT_READABLE_ERR,
-	FILE_NOT_WRITEABLE_ERR,
-	DIR_DOESNT_EXIST_ERR,
-	DIR_NOT_READABLE_ERR,
-	DIR_NOT_WRITEABLE_ERR,
-	INVALID_CONSTANT_ERR,
-	ADD_MODULE_FAILED_ERR,
-        ADD_MODULE_FAILED_STATUS_ERR,
-	OUT_OF_MEM_ERR,
-	DELETE_INTERNAL_ERR,
-	DELETE_FAILED_ERR,
-	NO_LIST_LOCK_ERR,
-	NO_MODULE_LIST_ERR,
-	NO_SUCH_MODULE_ERR,
-	MOD_INFO_ERR,
-	SLOT_INFO_ERR,
-	TOKEN_INFO_ERR,
-	NO_SUCH_TOKEN_ERR,
-	CHANGEPW_FAILED_ERR,
-	BAD_PW_ERR,
-	DB_ACCESS_ERR,
-	AUTHENTICATION_FAILED_ERR,
-	NO_SUCH_SLOT_ERR,
-	ENABLE_FAILED_ERR,
-	UPDATE_MOD_FAILED_ERR,
-	DEFAULT_FAILED_ERR,
-	UNDEFAULT_FAILED_ERR,
-	STDIN_READ_ERR,
-	UNSPECIFIED_ERR,
-	NOCERTDB_MISUSE_ERR,
-	NSS_INITIALIZE_FAILED_ERR,
-
-	LAST_ERR /* must be last */
-} Error;
-#define SUCCESS NO_ERR
-
-/* !!! Should move this into its own .c and un-static it. */
-static char *errStrings[] = {
-	"Operation completed successfully.\n",
-	"ERROR: Invalid command line.\n",
-	"ERROR: Not expecting argument \"%s\".\n",
-	"ERROR: Unknown option: %s.\n",
-	"ERROR: %s: multiple commands are not allowed on the command line.\n",
-	"ERROR: %s: option needs an argument.\n",
-	"ERROR: %s: option cannot be given more than once.\n",
-	"ERROR: Command \"%s\" requires parameter \"%s\".\n",
-	"ERROR: Argument to -fips must be \"true\" or \"false\".\n",
-	"ERROR: No command was specified.\n",
-	"ERROR: Cannot determine database directory: use the -dbdir option.\n",
-	"ERROR: Unable to switch FIPS modes.\n",
-	"FIPS mode already enabled.\n",
-	"FIPS mode already disabled.\n",
-	"ERROR: File \"%s\" already exists.\n",
-	"ERROR: File \"%s\" does not exist.\n",
-	"ERROR: File \"%s\" is not readable.\n",
-	"ERROR: File \"%s\" is not writeable.\n",
-	"ERROR: Directory \"%s\" does not exist.\n",
-	"ERROR: Directory \"%s\" is not readable.\n",
-	"ERROR: Directory \"%s\" is not writeable.\n",
-	"\"%s\" is not a recognized value.\n",
-	"ERROR: Failed to add module \"%s\".\n",
-        "ERROR: Failed to add module \"%s\". Probable cause : \"%s\".\n",
-	"ERROR: Out of memory.\n",
-	"ERROR: Cannot delete internal module.\n",
-	"ERROR: Failed to delete module \"%s\".\n",
-	"ERROR: Unable to obtain lock on module list.\n",
-	"ERROR: Unable to obtain module list.\n",
-	"ERROR: Module \"%s\" not found in database.\n",
-	"ERROR: Unable to get information about module \"%s\".\n",
-	"ERROR: Unable to get information about slot \"%s\".\n",
-	"ERROR: Unable to get information about token \"%s\".\n",
-	"ERROR: Token \"%s\" not found.\n",
-	"ERROR: Unable to change password on token \"%s\".\n",
-	"ERROR: Incorrect password.\n",
-	"ERROR: Unable to access database \"%s\".\n",
-	"ERROR: Unable to authenticate to token \"%s\".\n",
-	"ERROR: Slot \"%s\" not found.\n",
-	"ERROR: Failed to %s slot \"%s\".\n",
-	"ERROR: Failed to update module \"%s\".\n",
-	"ERROR: Failed to change defaults.\n",
-	"ERROR: Failed to change default.\n",
-	"ERROR: Unable to read from standard input.\n",
-	"ERROR: Unknown error occurred.\n",
-	"ERROR: -nocertdb option can only be used with the -jar command.\n"
-	"ERROR: NSS_Initialize() failed.\n"
-};
-
-typedef enum {
-	FIPS_ENABLED_MSG=0,
-	FIPS_DISABLED_MSG,
-	USING_DBDIR_MSG,
-	CREATING_DB_MSG,
-	ADD_MODULE_SUCCESS_MSG,
-	DELETE_SUCCESS_MSG,
-	CHANGEPW_SUCCESS_MSG,
-	BAD_PW_MSG,
-	PW_MATCH_MSG,
-	DONE_MSG,
-	ENABLE_SUCCESS_MSG,
-	DEFAULT_SUCCESS_MSG,
-	UNDEFAULT_SUCCESS_MSG,
-	BROWSER_RUNNING_MSG,
-	ABORTING_MSG,
-
-	LAST_MSG  /* must be last */
-} Message;
-
-static char *msgStrings[] = {
-	"FIPS mode enabled.\n",
-	"FIPS mode disabled.\n",
-	"Using database directory %s...\n",
-	"Creating \"%s\"...",
-	"Module \"%s\" added to database.\n",
-	"Module \"%s\" deleted from database.\n",
-	"Token \"%s\" password changed successfully.\n",
-	"Incorrect password, try again...\n",
-	"Passwords do not match, try again...\n",
-	"done.\n",
-	"Slot \"%s\" %s.\n",
-	"Successfully changed defaults.\n",
-	"Successfully changed defaults.\n",
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit browser before continuing this operation. Type "
-"\n'q <enter>' to abort, or <enter> to continue: ",
-	"\nAborting...\n"
-};
-
-#endif /* MODUTIL_ERROR_H */
diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c
deleted file mode 100644
index e6b90ded3..000000000
--- a/security/nss/cmd/modutil/install-ds.c
+++ /dev/null
@@ -1,1541 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "install-ds.h"
-#include <prmem.h>
-#include <plstr.h>
-#include <prprf.h>
-#include <string.h>
-
-#define PORT_Strcasecmp PL_strcasecmp
-
-#define MODULE_FILE_STRING "ModuleFile"
-#define MODULE_NAME_STRING "ModuleName"
-#define MECH_FLAGS_STRING "DefaultMechanismFlags"
-#define CIPHER_FLAGS_STRING "DefaultCipherFlags"
-#define FILES_STRING "Files"
-#define FORWARD_COMPATIBLE_STRING "ForwardCompatible"
-#define PLATFORMS_STRING "Platforms"
-#define RELATIVE_DIR_STRING "RelativePath"
-#define ABSOLUTE_DIR_STRING "AbsolutePath"
-#define FILE_PERMISSIONS_STRING "FilePermissions"
-#define EQUIVALENT_PLATFORM_STRING "EquivalentPlatform"
-#define EXECUTABLE_STRING "Executable"
-
-#define DEFAULT_PERMISSIONS 0777
-
-#define PLATFORM_SEPARATOR_CHAR ':'
-
-/* Error codes */
-enum {
-	BOGUS_RELATIVE_DIR=0,
-	BOGUS_ABSOLUTE_DIR,
-	BOGUS_FILE_PERMISSIONS,
-	NO_RELATIVE_DIR,
-	NO_ABSOLUTE_DIR,
-	EMPTY_PLATFORM_STRING,
-	BOGUS_PLATFORM_STRING,
-	REPEAT_MODULE_FILE,
-	REPEAT_MODULE_NAME,
-	BOGUS_MODULE_FILE,
-	BOGUS_MODULE_NAME,
-	REPEAT_MECH,
-	BOGUS_MECH_FLAGS,
-	REPEAT_CIPHER,
-	BOGUS_CIPHER_FLAGS,
-	REPEAT_FILES,
-	REPEAT_EQUIV,
-	BOGUS_EQUIV,
-	EQUIV_TOO_MUCH_INFO,
-	NO_FILES,
-	NO_MODULE_FILE,
-	NO_MODULE_NAME,
-	NO_PLATFORMS,
-	EQUIV_LOOP,
-	UNKNOWN_MODULE_FILE
-};
-
-/* Indexed by the above error codes */
-static const char *errString[] = {
-	"%s: Invalid relative directory",
-	"%s: Invalid absolute directory",
-	"%s: Invalid file permissions",
-	"%s: No relative directory specified",
-	"%s: No absolute directory specified",
-	"Empty string given for platform name",
-	"%s: invalid platform string",
-	"More than one ModuleFile entry given for platform %s",
-	"More than one ModuleName entry given for platform %s",
-	"Invalid ModuleFile specification for platform %s",
-	"Invalid ModuleName specification for platform %s",
-	"More than one DefaultMechanismFlags entry given for platform %s",
-	"Invalid DefaultMechanismFlags specification for platform %s",
-	"More than one DefaultCipherFlags entry given for platform %s",
-	"Invalid DefaultCipherFlags entry given for platform %s",
-	"More than one Files entry given for platform %s",
-	"More than one EquivalentPlatform entry given for platform %s",
-	"Invalid EquivalentPlatform specification for platform %s",
-	"Module %s uses an EquivalentPlatform but also specifies its own"
-		" information",
-	"No Files specification in module %s",
-	"No ModuleFile specification in module %s",
-	"No ModuleName specification in module %s",
-	"No Platforms specification in installer script",
-	"Platform %s has an equivalency loop",
-	"Module file \"%s\" in platform \"%s\" does not exist"
-};
-
-static char* PR_Strdup(const char* str);
-
-#define PAD(x)  {int i; for(i=0;i<x;i++) printf(" ");}
-#define PADINC 4
-
-Pk11Install_File*
-Pk11Install_File_new()
-{
-	Pk11Install_File* new_this;
-	new_this = (Pk11Install_File*)PR_Malloc(sizeof(Pk11Install_File));
-	Pk11Install_File_init(new_this);
-	return new_this;
-}
-
-void
-Pk11Install_File_init(Pk11Install_File* _this)
-{
-	_this->jarPath=NULL;
-	_this->relativePath=NULL;
-	_this->absolutePath=NULL;
-	_this->executable=PR_FALSE;
-	_this->permissions=0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	~Pk11Install_File
-// Class:	Pk11Install_File
-// Notes:	Destructor.
-*/
-void
-Pk11Install_File_delete(Pk11Install_File* _this)
-{
-	Pk11Install_File_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Cleanup
-// Class:	Pk11Install_File
-*/
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this)
-{
-	if(_this->jarPath) {
-		PR_Free(_this->jarPath);
-		_this->jarPath = NULL;
-	}
-	if(_this->relativePath) {
-		PR_Free(_this->relativePath);
-		_this->relativePath = NULL;
-	}
-	if(_this->absolutePath) {
-		PR_Free(_this->absolutePath);
-		_this->absolutePath = NULL;
-	}
-
-	_this->permissions = 0;
-	_this->executable = PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Generate
-// Class:	Pk11Install_File
-// Notes:	Creates a file data structure from a syntax tree.
-// Returns:	NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
-                          const Pk11Install_Pair *pair)
-{
-	Pk11Install_ListIter *iter;
-	Pk11Install_Value *val;
-	Pk11Install_Pair *subpair;
-	Pk11Install_ListIter *subiter;
-	Pk11Install_Value *subval;
-	char* errStr;
-	char *endp;
-	PRBool gotPerms;
-
-	iter=NULL;
-	subiter=NULL;
-	errStr=NULL;
-	gotPerms=PR_FALSE;
-
-	/* Clear out old values */
-	Pk11Install_File_Cleanup(_this);
-
-	_this->jarPath = PR_Strdup(pair->key);
-
-	/* Go through all the pairs under this file heading */
-	iter = Pk11Install_ListIter_new(pair->list);
-	for( ; (val = iter->current); Pk11Install_ListIter_nextItem(iter)) {
-		if(val->type == PAIR_VALUE) {
-			subpair = val->pair;
-
-			/* Relative directory */
-			if(!PORT_Strcasecmp(subpair->key, RELATIVE_DIR_STRING)) {
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)){
-					errStr = PR_smprintf(errString[BOGUS_RELATIVE_DIR], 
-                                    _this->jarPath);
-					goto loser;
-				}
-				_this->relativePath = PR_Strdup(subval->string);
-				Pk11Install_ListIter_delete(subiter);
-				subiter = NULL;
-
-				/* Absolute directory */
-			} else if( !PORT_Strcasecmp(subpair->key, ABSOLUTE_DIR_STRING)) {
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)){
-					errStr = PR_smprintf(errString[BOGUS_ABSOLUTE_DIR], 
-                                    _this->jarPath);
-					goto loser;
-				}
-				_this->absolutePath = PR_Strdup(subval->string);
-				Pk11Install_ListIter_delete(subiter);
-				subiter = NULL;
-
-			/* file permissions */
-			} else if( !PORT_Strcasecmp(subpair->key,
-                                     FILE_PERMISSIONS_STRING)) {
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)){
-					errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
-                                    _this->jarPath);
-					goto loser;
-				}
-				_this->permissions = (int) strtol(subval->string, &endp, 8);
-				if(*endp != '\0' || subval->string == "\0") {
-					errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
-                                    _this->jarPath);
-					goto loser;
-				}
-				gotPerms = PR_TRUE;
-				Pk11Install_ListIter_delete(subiter);
-				subiter = NULL;
-			}
-		} else {
-			if(!PORT_Strcasecmp(val->string, EXECUTABLE_STRING)) {
-				_this->executable = PR_TRUE;
-			}
-		}
-	}
-
-	/* Default permission value */
-	if(!gotPerms) {
-		_this->permissions = DEFAULT_PERMISSIONS;
-	}
-
-	/* Make sure we got all the information */
-	if(!_this->relativePath && !_this->absolutePath) {
-		errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
-		goto loser;
-	}
-#if 0
-	if(!_this->relativePath ) {
-		errStr = PR_smprintf(errString[NO_RELATIVE_DIR], _this->jarPath);
-		goto loser;
-	}
-	if(!_this->absolutePath) {
-		errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
-		goto loser;
-	}
-#endif
-
-loser:
-	if(iter) {
-		Pk11Install_ListIter_delete(iter);
-		PR_Free(iter);
-	}
-	if(subiter) {
-		Pk11Install_ListIter_delete(subiter);
-		PR_Free(subiter);
-	}
-	return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Print
-// Class:	Pk11Install_File
-*/
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad)
-{
-	PAD(pad); printf("jarPath: %s\n", 
-                    _this->jarPath ? _this->jarPath : "<NULL>");
-	PAD(pad); printf("relativePath: %s\n",
-				_this->relativePath ? _this->relativePath: "<NULL>");
-	PAD(pad); printf("absolutePath: %s\n",
-				_this->absolutePath ? _this->absolutePath: "<NULL>");
-	PAD(pad); printf("permissions: %o\n", _this->permissions);
-}
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new()
-{
-	Pk11Install_PlatformName* new_this;
-	new_this = (Pk11Install_PlatformName*)
-               PR_Malloc(sizeof(Pk11Install_PlatformName));
-	Pk11Install_PlatformName_init(new_this);
-	return new_this;
-}
-
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this)
-{
-	_this->OS = NULL;
-	_this->verString = NULL;
-	_this->numDigits = 0;
-	_this->arch = NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	~Pk11Install_PlatformName
-// Class:	Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this)
-{
-	Pk11Install_PlatformName_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Cleanup
-// Class:	Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this)
-{
-	if(_this->OS) {
-		PR_Free(_this->OS);
-		_this->OS = NULL;
-	}
-	if(_this->verString) {
-		int i;
-		for (i=0; i<_this->numDigits; i++) {
-			PR_Free(_this->verString[i]);
-		}
-		PR_Free(_this->verString);
-		_this->verString = NULL;
-	}
-	if(_this->arch) {
-		PR_Free(_this->arch);
-		_this->arch = NULL;
-	}
-	_this->numDigits = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Generate
-// Class:	Pk11Install_PlatformName
-// Notes:	Extracts the information from a platform string.
-*/
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
-                                  const char *str)
-{
-	char *errStr;
-	char *copy;
-	char *end, *start; /* start and end of a section (OS, version, arch)*/
-	char *pend, *pstart; /* start and end of one portion of version*/
-	char *endp; /* used by strtol*/
-	int periods, i;
-
-	errStr=NULL;
-	copy=NULL;
-
-	if(!str) {
-		errStr = PR_smprintf(errString[EMPTY_PLATFORM_STRING]);
-		goto loser;
-	}
-	copy = PR_Strdup(str);
-
-	/*
-	// Get the OS
-	*/
-	end = strchr(copy, PLATFORM_SEPARATOR_CHAR);
-	if(!end || end==copy) {
-		errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-		goto loser;
-	}
-	*end = '\0';
-
-	_this->OS = PR_Strdup(copy);
-
-	/*
-	// Get the digits of the version of form: x.x.x (arbitrary number of digits)
-	*/
-
-	start = end+1;
-	end = strchr(start, PLATFORM_SEPARATOR_CHAR);
-	if(!end) {
-		errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-		goto loser;
-	}
-	*end = '\0';
-
-	if(end!=start) { 
-		/* Find out how many periods*/
-		periods = 0;
-		pstart = start;
-		while( (pend=strchr(pstart, '.')) ) {
-			periods++;
-			pstart = pend+1;
-		}
-		_this->numDigits= 1+ periods;
-		_this->verString = (char**)PR_Malloc(sizeof(char*)*_this->numDigits);
-
-		pstart = start;
-		i = 0;
-		/* Get the digits before each period*/
-		while( (pend=strchr(pstart, '.')) ) {
-			if(pend == pstart) {
-				errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-				goto loser;
-			}
-			*pend = '\0';
-			_this->verString[i] = PR_Strdup(pstart);
-			endp = pend;
-		if(endp==pstart || (*endp != '\0')) {
-				errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-				goto loser;
-			}
-			pstart = pend+1;
-			i++;
-		}
-		/* Last digit comes after the last period*/
-		if(*pstart == '\0') {
-			errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-			goto loser;
-		}
-		_this->verString[i] = PR_Strdup(pstart);
-		/*
-		if(endp==pstart || (*endp != '\0')) {
-			errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-			goto loser;
-		}
-		*/
-	} else {
-		_this->verString = NULL;
-		_this->numDigits = 0;
-	}
-
-	/*
-	// Get the architecture
-	*/
-	start = end+1;
-	if( strchr(start, PLATFORM_SEPARATOR_CHAR) ) {
-		errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
-		goto loser;
-	}
-	_this->arch = PR_Strdup(start);
-
-	if(copy) {
-		PR_Free(copy);
-	}
-	return NULL;
-loser:
-	if(_this->OS) {
-		PR_Free(_this->OS);
-		_this->OS = NULL;
-	}
-	if(_this->verString) {
-		for (i=0; i<_this->numDigits; i++) {
-			PR_Free(_this->verString[i]);
-		}
-		PR_Free(_this->verString);
-		_this->verString = NULL;
-	}
-	_this->numDigits = 0;
-	if(_this->arch) {
-		PR_Free(_this->arch);
-		_this->arch = NULL;
-	}
-
-	return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	operator ==
-// Class:	Pk11Install_PlatformName
-// Returns:	PR_TRUE if the platform have the same OS, arch, and version
-*/
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
-                               Pk11Install_PlatformName* cmp) 
-{
-	int i;
-
-	if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
-		return PR_FALSE;
-	}
-
-	if(	PORT_Strcasecmp(_this->OS, cmp->OS) ||
-		PORT_Strcasecmp(_this->arch, cmp->arch) ||
-		_this->numDigits != cmp->numDigits ) {
-			return PR_FALSE;
-	}
-
-	for(i=0; i < _this->numDigits; i++) {
-		if(PORT_Strcasecmp(_this->verString[i], cmp->verString[i])) {
-			return PR_FALSE;
-		}
-	}
-	return PR_TRUE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	operator <=
-// Class:	Pk11Install_PlatformName
-// Returns:	PR_TRUE if the platform have the same OS and arch and a lower
-//			or equal release.
-*/
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
-                              Pk11Install_PlatformName* cmp)
-{
-	return (Pk11Install_PlatformName_equal(_this,cmp) ||
-          Pk11Install_PlatformName_lt(_this,cmp)) ? PR_TRUE : PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	operator <
-// Class:	Pk11Install_PlatformName
-// Returns:	PR_TRUE if the platform have the same OS and arch and a greater
-//			release.
-*/
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
-                            Pk11Install_PlatformName* cmp)
-{
-	int i, scmp;
-
-	if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
-		return PR_FALSE;
-	}
-
-	if( PORT_Strcasecmp(_this->OS, cmp->OS) ) {
-		return PR_FALSE;
-	}
-	if( PORT_Strcasecmp(_this->arch, cmp->arch) ) {
-		return PR_FALSE;
-	}
-
-	for(i=0; (i < _this->numDigits) && (i < cmp->numDigits); i++) {
-		scmp = PORT_Strcasecmp(_this->verString[i], cmp->verString[i]);
-		if (scmp > 0) {
-			return PR_FALSE;
-		} else if (scmp < 0) {
-			return PR_TRUE;
-		}
-	}
-	/* All the digits they have in common are the same. */
-	if(_this->numDigits < cmp->numDigits) {
-		return  PR_TRUE;
-	} 
-
-	return PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	GetString
-// Class:	Pk11Install_PlatformName
-// Returns:	String composed of OS, release, and architecture separated
-//			by the separator char.  Memory is allocated by this function
-//			but is the responsibility of the caller to de-allocate.
-*/
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this) 
-{
-	char *ret;
-	char *ver;
-	char *OS_;
-	char *arch_;
-
-	OS_=NULL;
-	arch_=NULL;
-
-	OS_ = _this->OS ? _this->OS : "";
-	arch_ = _this->arch ? _this->arch : "";
-
-	ver = Pk11Install_PlatformName_GetVerString(_this);
-	ret = PR_smprintf("%s%c%s%c%s", OS_, PLATFORM_SEPARATOR_CHAR, ver,
-					PLATFORM_SEPARATOR_CHAR, arch_);
-
-	PR_Free(ver);
-
-	return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	GetVerString
-// Class:	Pk11Install_PlatformName
-// Returns:	The version string for this platform, in the form x.x.x with an
-//			arbitrary number of digits.  Memory allocated by function,
-//			must be de-allocated by caller.
-*/
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this) 
-{
-	char *tmp;
-	char *ret;
-	int i;
-	char buf[80];
-
-	tmp = (char*)PR_Malloc(80*_this->numDigits+1);
-	tmp[0] = '\0';
-
-	for(i=0; i < _this->numDigits-1; i++) {
-		sprintf(buf, "%s.", _this->verString[i]);
-		strcat(tmp, buf);
-	}
-	if(i < _this->numDigits) {
-		sprintf(buf, "%s", _this->verString[i]);
-		strcat(tmp, buf);
-	}
-
-	ret = PR_Strdup(tmp);
-	free(tmp);
-
-	return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Print
-// Class:	Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad)
-{
-	PAD(pad); printf("OS: %s\n", _this->OS ? _this->OS : "<NULL>");
-	PAD(pad); printf("Digits: ");
-	if(_this->numDigits == 0) {
-		printf("None\n");
-	} else {
-		printf("%s\n", Pk11Install_PlatformName_GetVerString(_this));
-	}
-	PAD(pad); printf("arch: %s\n", _this->arch ? _this->arch : "<NULL>");
-}
-
-Pk11Install_Platform*
-Pk11Install_Platform_new()
-{
-	Pk11Install_Platform* new_this;
-	new_this = (Pk11Install_Platform*)PR_Malloc(sizeof(Pk11Install_Platform));
-	Pk11Install_Platform_init(new_this);
-	return new_this;
-}
-
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this)
-{
-	Pk11Install_PlatformName_init(&_this->name);
-	Pk11Install_PlatformName_init(&_this->equivName);
-	_this->equiv = NULL;
-	_this->usesEquiv = PR_FALSE;
-	_this->moduleFile = NULL;
-	_this->moduleName = NULL;
-	_this->modFile = -1;
-	_this->mechFlags = 0;
-	_this->cipherFlags = 0;
-	_this->files = NULL;
-	_this->numFiles = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	~Pk11Install_Platform
-// Class:	Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this)
-{
-	Pk11Install_Platform_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Cleanup
-// Class:	Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this)
-{
-	int i;
-	if(_this->moduleFile) {
-		PR_Free(_this->moduleFile);
-		_this->moduleFile = NULL;
-	}
-	if(_this->moduleName) {
-		PR_Free(_this->moduleName);
-		_this->moduleName = NULL;
-	}
-	if(_this->files) {
-		for (i=0;i<_this->numFiles;i++) {
-			Pk11Install_File_delete(&_this->files[i]);
-		}
-		PR_Free(_this->files);
-		_this->files = NULL;
-	}
-	_this->equiv = NULL;
-	_this->usesEquiv = PR_FALSE;
-	_this->modFile = -1;
-	_this->numFiles = 0;
-	_this->mechFlags = _this->cipherFlags = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:	Generate
-// Class:	Pk11Install_Platform
-// Notes:	Creates a platform data structure from a syntax tree.
-// Returns:	NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
-                              const Pk11Install_Pair *pair)
-{
-	char* errStr;
-	char* endptr;
-	char* tmp;
-	int i;
-	Pk11Install_ListIter *iter;
-	Pk11Install_Value *val;
-	Pk11Install_Value *subval;
-	Pk11Install_Pair *subpair;
-	Pk11Install_ListIter *subiter;
-	PRBool gotModuleFile, gotModuleName, gotMech, 
-          gotCipher, gotFiles, gotEquiv;
-
-	errStr=NULL;
-	iter=subiter=NULL;
-	val=subval=NULL;
-	subpair=NULL;
-	gotModuleFile=gotModuleName=gotMech=gotCipher=gotFiles=gotEquiv=PR_FALSE;
-	Pk11Install_Platform_Cleanup(_this);
-
-	errStr = Pk11Install_PlatformName_Generate(&_this->name,pair->key);
-	if(errStr) {
-		tmp = PR_smprintf("%s: %s", pair->key, errStr);
-		PR_smprintf_free(errStr);
-		errStr = tmp;
-		goto loser;
-	}
-
-	iter = Pk11Install_ListIter_new(pair->list);
-	for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
-		if(val->type==PAIR_VALUE) {
-			subpair = val->pair;
-
-			if( !PORT_Strcasecmp(subpair->key, MODULE_FILE_STRING)) {
-				if(gotModuleFile) {
-					errStr = PR_smprintf(errString[REPEAT_MODULE_FILE],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)) {
-					errStr = PR_smprintf(errString[BOGUS_MODULE_FILE],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				_this->moduleFile = PR_Strdup(subval->string);
-				Pk11Install_ListIter_delete(subiter);
-				PR_Free(subiter);
-				subiter = NULL;
-				gotModuleFile = PR_TRUE;
-			} else if(!PORT_Strcasecmp(subpair->key, MODULE_NAME_STRING)){
-				if(gotModuleName) {
-					errStr = PR_smprintf(errString[REPEAT_MODULE_NAME],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)) {
-					errStr = PR_smprintf(errString[BOGUS_MODULE_NAME],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				_this->moduleName = PR_Strdup(subval->string);
-				Pk11Install_ListIter_delete(subiter);
-				PR_Free(subiter);
-				subiter = NULL;
-				gotModuleName = PR_TRUE;
-			} else if(!PORT_Strcasecmp(subpair->key, MECH_FLAGS_STRING)) {
-				endptr=NULL;
-
-				if(gotMech) {
-					errStr = PR_smprintf(errString[REPEAT_MECH],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)) {
-					errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				_this->mechFlags = strtol(subval->string, &endptr, 0);
-				if(*endptr!='\0' || (endptr==subval->string) ) {
-					errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				Pk11Install_ListIter_delete(subiter);
-				PR_Free(subiter);
-				subiter=NULL;
-				gotMech = PR_TRUE;
-			} else if(!PORT_Strcasecmp(subpair->key,CIPHER_FLAGS_STRING)) {
-				endptr=NULL;
-
-				if(gotCipher) {
-					errStr = PR_smprintf(errString[REPEAT_CIPHER],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE)) {
-					errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				_this->cipherFlags = strtol(subval->string, &endptr, 0);
-				if(*endptr!='\0' || (endptr==subval->string) ) {
-					errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				Pk11Install_ListIter_delete(subiter);
-				PR_Free(subiter);
-				subiter=NULL;
-				gotCipher = PR_TRUE;
-			} else if(!PORT_Strcasecmp(subpair->key, FILES_STRING)) {
-				if(gotFiles) {
-					errStr = PR_smprintf(errString[REPEAT_FILES],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				_this->numFiles = subpair->list->numPairs;
-				_this->files = (Pk11Install_File*)
-                            PR_Malloc(sizeof(Pk11Install_File)*_this->numFiles);
-				for(i=0; i < _this->numFiles; i++, 
-                                   Pk11Install_ListIter_nextItem(subiter)) {
-					Pk11Install_File_init(&_this->files[i]);
-					val = subiter->current;
-					if(val && (val->type==PAIR_VALUE)) {
-						errStr = Pk11Install_File_Generate(&_this->files[i],val->pair);
-						if(errStr) {
-							tmp = PR_smprintf("%s: %s", 
-                                       Pk11Install_PlatformName_GetString(&_this->name),errStr);
-							PR_smprintf_free(errStr);
-							errStr = tmp;
-							goto loser;
-						}
-					}
-				}
-				gotFiles = PR_TRUE;
-			} else if(!PORT_Strcasecmp(subpair->key,
-                                    EQUIVALENT_PLATFORM_STRING)) {
-				if(gotEquiv) {
-					errStr = PR_smprintf(errString[REPEAT_EQUIV],
-                                    Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				subiter = Pk11Install_ListIter_new(subpair->list);
-				subval = subiter->current;
-				if(!subval || (subval->type != STRING_VALUE) ) {
-					errStr = PR_smprintf(errString[BOGUS_EQUIV],
-                               Pk11Install_PlatformName_GetString(&_this->name));
-					goto loser;
-				}
-				errStr = Pk11Install_PlatformName_Generate(&_this->equivName,
-                                                       subval->string);
-				if(errStr) {
-					tmp = PR_smprintf("%s: %s", 
-                            Pk11Install_PlatformName_GetString(&_this->name), errStr);
-					tmp = PR_smprintf("%s: %s", 
-                            Pk11Install_PlatformName_GetString(&_this->name), errStr);
-					PR_smprintf_free(errStr);
-					errStr = tmp;
-					goto loser;
-				}
-				_this->usesEquiv = PR_TRUE;
-			}
-		}
-	}
-
-	/* Make sure we either have an EquivalentPlatform or all the other info */
-	if(_this->usesEquiv &&
-		(gotFiles || gotModuleFile || gotModuleName || gotMech || gotCipher)) {
-		errStr = PR_smprintf(errString[EQUIV_TOO_MUCH_INFO], 
-                           Pk11Install_PlatformName_GetString(&_this->name));
-		goto loser;
-	}
-	if(!gotFiles && !_this->usesEquiv) {
-		errStr = PR_smprintf(errString[NO_FILES], 
-                           Pk11Install_PlatformName_GetString(&_this->name));
-		goto loser;
-	}
-	if(!gotModuleFile && !_this->usesEquiv) {
-		errStr= PR_smprintf(errString[NO_MODULE_FILE], 
-                          Pk11Install_PlatformName_GetString(&_this->name));
-		goto loser;
-	}
-	if(!gotModuleName && !_this->usesEquiv) {
-		errStr = PR_smprintf(errString[NO_MODULE_NAME], 
-                          Pk11Install_PlatformName_GetString(&_this->name));
-		goto loser;
-	}
-
-	/* Point the modFile pointer to the correct file */
-	if(gotModuleFile) {
-		for(i=0; i < _this->numFiles; i++) {
-			if(!PORT_Strcasecmp(_this->moduleFile, _this->files[i].jarPath) ) {
-				_this->modFile = i;
-				break;
-			}
-		}
-		if(_this->modFile==-1) {
-			errStr = PR_smprintf(errString[UNKNOWN_MODULE_FILE], 
-                              _this->moduleFile,
-                              Pk11Install_PlatformName_GetString(&_this->name));
-			goto loser;
-		}
-	}
-	
-loser:
-	if(iter) {
-		PR_Free(iter);
-	}
-	if(subiter) {
-		PR_Free(subiter);
-	}
-	return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		Print
-// Class:		Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad)
-{
-	int i;
-
-	PAD(pad); printf("Name:\n"); 
-	Pk11Install_PlatformName_Print(&_this->name,pad+PADINC);
-	PAD(pad); printf("equivName:\n"); 
-	Pk11Install_PlatformName_Print(&_this->equivName,pad+PADINC);
-	PAD(pad);
-	if(_this->usesEquiv) {
-		printf("Uses equiv, which points to:\n");
-		Pk11Install_Platform_Print(_this->equiv,pad+PADINC);
-	} else {
-		printf("Doesn't use equiv\n");
-	}
-	PAD(pad); 
-	printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile 
-                                                 : "<NULL>");
-	PAD(pad); printf("mechFlags: %lx\n", _this->mechFlags);
-	PAD(pad); printf("cipherFlags: %lx\n", _this->cipherFlags);
-	PAD(pad); printf("Files:\n");
-	for(i=0; i < _this->numFiles; i++) {
-		Pk11Install_File_Print(&_this->files[i],pad+PADINC);
-		PAD(pad); printf("--------------------\n");
-	}
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		Pk11Install_Info
-// Class:		Pk11Install_Info
-*/
-Pk11Install_Info*
-Pk11Install_Info_new()
-{
-	Pk11Install_Info* new_this;
-	new_this = (Pk11Install_Info*)PR_Malloc(sizeof(Pk11Install_Info));
-	Pk11Install_Info_init(new_this);
-	return new_this;
-}
-
-void
-Pk11Install_Info_init(Pk11Install_Info* _this)
-{
-	_this->platforms = NULL;
-	_this->numPlatforms = 0;
-	_this->forwardCompatible = NULL;
-	_this->numForwardCompatible = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		~Pk11Install_Info
-// Class:		Pk11Install_Info
-*/
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this)
-{
-	Pk11Install_Info_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		Cleanup
-// Class:		Pk11Install_Info
-*/
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this)
-{
-	int i;
-	if(_this->platforms) {
-		for (i=0;i<_this->numPlatforms;i++) {
-			Pk11Install_Platform_delete(&_this->platforms[i]);
-		}
-		PR_Free(&_this->platforms);
-		_this->platforms = NULL;
-		_this->numPlatforms = 0;
-	}
-
-	if(_this->forwardCompatible) {
-		for (i=0;i<_this->numForwardCompatible;i++) {
-			Pk11Install_PlatformName_delete(&_this->forwardCompatible[i]);
-		}
-		PR_Free(&_this->forwardCompatible);
-		_this->numForwardCompatible = 0;
-	}
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		Generate
-// Class:		Pk11Install_Info
-// Takes:		Pk11Install_ValueList *list, the top-level list
-//				resulting from parsing an installer file.
-// Returns:		char*, NULL if successful, otherwise an error string.
-//				Caller is responsible for freeing memory.
-*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
-                          const Pk11Install_ValueList *list)
-{
-	char *errStr;
-	Pk11Install_ListIter *iter;
-	Pk11Install_Value *val;
-	Pk11Install_Pair *pair;
-	Pk11Install_ListIter *subiter;
-	Pk11Install_Value *subval;
-	Pk11Install_Platform *first, *second;
-	int i, j;
-
-	errStr=NULL;
-	iter=subiter=NULL;
-	Pk11Install_Info_Cleanup(_this);
-
-	iter = Pk11Install_ListIter_new(list);
-	for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
-		if(val->type == PAIR_VALUE) {
-			pair = val->pair;
-
-			if(!PORT_Strcasecmp(pair->key, FORWARD_COMPATIBLE_STRING)) {
-				subiter = Pk11Install_ListIter_new(pair->list);
-				_this->numForwardCompatible = pair->list->numStrings;
-				_this->forwardCompatible = (Pk11Install_PlatformName*)
-                                        PR_Malloc(sizeof(Pk11Install_PlatformName)*
-                                               _this->numForwardCompatible);
-				for(i=0; i < _this->numForwardCompatible; i++, 
-                       Pk11Install_ListIter_nextItem(subiter)) {
-					subval = subiter->current;
-					if(subval->type == STRING_VALUE) {
-						errStr = Pk11Install_PlatformName_Generate(
-                              &_this->forwardCompatible[i], subval->string);
-						if(errStr) {
-							goto loser;
-						}
-					}
-				}
-				Pk11Install_ListIter_delete(subiter);
-				PR_Free(subiter);
-				subiter = NULL;
-			} else if(!PORT_Strcasecmp(pair->key, PLATFORMS_STRING)) {
-				subiter = Pk11Install_ListIter_new(pair->list);
-				_this->numPlatforms = pair->list->numPairs;
-				_this->platforms = (Pk11Install_Platform*)
-                            PR_Malloc(sizeof(Pk11Install_Platform)*
-                            _this->numPlatforms);
-				for(i=0; i < _this->numPlatforms; i++, 
-                       Pk11Install_ListIter_nextItem(subiter)) {
-					 Pk11Install_Platform_init(&_this->platforms[i]);
-					subval = subiter->current;
-					if(subval->type == PAIR_VALUE) {
-						errStr = Pk11Install_Platform_Generate(&_this->platforms[i],subval->pair);
-						if(errStr) {
-							goto loser;
-						}
-					}
-				}
-				Pk11Install_ListIter_delete(subiter);
-				PR_Free(subiter);
-				subiter = NULL;
-			}
-		}
-	}
-
-	if(_this->numPlatforms == 0) {
-		errStr = PR_smprintf(errString[NO_PLATFORMS]);
-		goto loser;
-	}
-
-/*
-	//
-	// Now process equivalent platforms
-	//
-
-	// First the naive pass
-*/
-	for(i=0; i < _this->numPlatforms; i++) {
-		if(_this->platforms[i].usesEquiv) {
-			_this->platforms[i].equiv = NULL;
-			for(j=0; j < _this->numPlatforms; j++) {
-				if (Pk11Install_PlatformName_equal(&_this->platforms[i].equivName,
-                                           &_this->platforms[j].name)) {
-					if(i==j) {
-						errStr = PR_smprintf(errString[EQUIV_LOOP],
-                              Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
-						goto loser;
-					}
-					_this->platforms[i].equiv = &_this->platforms[j];
-					break;
-				}
-			}
-			if(_this->platforms[i].equiv == NULL) {
-				errStr = PR_smprintf(errString[BOGUS_EQUIV],
-                       Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
-				goto loser;
-			}
-		}
-	}
-
-/*
-	// Now the intelligent pass, which will also detect loops.
-	// We will send two pointers through the linked list of equivalent
-	// platforms. Both start with the current node.  "first" traverses
-	// two nodes for each iteration.  "second" lags behind, only traversing
-	// one node per iteration.  Eventually one of two things will happen:
-	// first will hit the end of the list (a platform that doesn't use
-	// an equivalency), or first will equal second if there is a loop.
-*/
-	for(i=0; i < _this->numPlatforms; i++) {
-		if(_this->platforms[i].usesEquiv) {
-			second = _this->platforms[i].equiv;
-			if(!second->usesEquiv) {
-				/* The first link is the terminal node */
-				continue;
-			}
-			first = second->equiv;
-			while(first->usesEquiv) {
-				if(first == second) {
-					errStr = PR_smprintf(errString[EQUIV_LOOP],
-                         Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
-					goto loser;
-				}
-				first = first->equiv;
-				if(!first->usesEquiv) {
-					break;
-				}
-				if(first == second) {
-					errStr = PR_smprintf(errString[EQUIV_LOOP],
-                       Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
-					goto loser;
-				}
-				second = second->equiv;
-				first = first->equiv;
-			}
-			_this->platforms[i].equiv = first;
-		}
-	}
-
-loser:
-	if(iter) {
-		Pk11Install_ListIter_delete(iter);
-		PR_Free(iter);
-		iter = NULL;
-	}
-	if(subiter) {
-		Pk11Install_ListIter_delete(subiter);
-		PR_Free(subiter);
-		subiter = NULL;
-	}
-	return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		GetBestPlatform
-// Class:		Pk11Install_Info
-// Takes:		char *myPlatform, the platform we are currently running
-//				on.
-*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char *myPlatform)
-{
-	Pk11Install_PlatformName plat;
-	char *errStr;
-	int i, j;
-
-	errStr=NULL;
-
-	Pk11Install_PlatformName_init(&plat);
-	if( (errStr=Pk11Install_PlatformName_Generate(&plat, myPlatform)) ) {
-		PR_smprintf_free(errStr);
-		return NULL;
-	}
-
-	/* First try real platforms */
-	for(i=0; i < _this->numPlatforms; i++) {
-		if(Pk11Install_PlatformName_equal(&_this->platforms[i].name,&plat)) {
-			if(_this->platforms[i].equiv) {
-				return _this->platforms[i].equiv;
-			}
-			else {
-				return &_this->platforms[i];
-			}
-		}
-	}
-
-	/* Now try forward compatible platforms */
-	for(i=0; i < _this->numForwardCompatible; i++) {
-		if(Pk11Install_PlatformName_lteq(&_this->forwardCompatible[i],&plat)) {
-			break;
-		}
-	}
-	if(i == _this->numForwardCompatible) {
-		return NULL;
-	}
-
-	/* Got a forward compatible name, find the actual platform. */
-	for(j=0; j < _this->numPlatforms; j++) {
-		if(Pk11Install_PlatformName_equal(&_this->platforms[j].name,
-         &_this->forwardCompatible[i])) {
-			if(_this->platforms[j].equiv) {
-				return _this->platforms[j].equiv;
-			} else {
-				return &_this->platforms[j];
-			}
-		}
-	}
-
-	return NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method:		Print
-// Class:		Pk11Install_Info
-*/
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad)
-{
-	int i;
-
-	PAD(pad); printf("Forward Compatible:\n");
-	for(i = 0; i < _this->numForwardCompatible; i++) {
-		Pk11Install_PlatformName_Print(&_this->forwardCompatible[i],pad+PADINC);
-		PAD(pad); printf("-------------------\n");
-	}
-	PAD(pad); printf("Platforms:\n");
-	for( i = 0; i < _this->numPlatforms; i++) {
-		Pk11Install_Platform_Print(&_this->platforms[i],pad+PADINC);
-		PAD(pad); printf("-------------------\n");
-	}
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
-	char *tmp;
-	tmp = (char*) PR_Malloc((unsigned int)(strlen(str)+1));
-	strcpy(tmp, str);
-	return tmp;
-}
-
-/* The global value list, the top of the tree */
-Pk11Install_ValueList* Pk11Install_valueList=NULL;
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
-                              Pk11Install_Value *item)
-{
-	_this->numItems++;
-	if (item->type == STRING_VALUE) {
-		_this->numStrings++;
-	} else {
-		_this->numPairs++;
-	}
-	item->next = _this->head;
-	_this->head = item;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default()
-{
-	Pk11Install_ListIter* new_this;
-	new_this = (Pk11Install_ListIter*)
-                    PR_Malloc(sizeof(Pk11Install_ListIter));
-	Pk11Install_ListIter_init(new_this);
-	return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this)
-{
-	_this->list = NULL;
-	_this->current = NULL;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList *_list)
-{
-	Pk11Install_ListIter* new_this;
-	new_this = (Pk11Install_ListIter*)
-                    PR_Malloc(sizeof(Pk11Install_ListIter));
-	new_this->list = _list;
-	new_this->current = _list->head;
-	return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this)
-{
-	_this->list=NULL;
-	_this->current=NULL;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this)
-{
-	if(_this->list) {
-		_this->current = _this->list->head;
-	}
-}
-
-/*************************************************************************/
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this)
-{
-	if(_this->current) {
-		_this->current = _this->current->next;
-	}
-
-	return _this->current;
-}
-
-/****************************************************************************/
-Pk11Install_ValueList*
-Pk11Install_ValueList_new()
-{
-	Pk11Install_ValueList* new_this;
-	new_this = (Pk11Install_ValueList*)
-                    PR_Malloc(sizeof(Pk11Install_ValueList));
-	new_this->numItems = 0;
-	new_this->numPairs = 0;
-	new_this->numStrings = 0;
-	new_this->head = NULL;
-	return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this)
-{
-
-	Pk11Install_Value *tmp;
-	Pk11Install_Value *list;
-	list = _this->head;
-	
-	while(list != NULL) {
-		tmp = list;
-		list = list->next;
-		PR_Free(tmp);
-	}
-	PR_Free(_this);
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new_default()
-{
-	Pk11Install_Value* new_this;
-	new_this = (Pk11Install_Value*)PR_Malloc(sizeof(Pk11Install_Value));
-	new_this->type = STRING_VALUE;
-	new_this->string = NULL;
-	new_this->pair = NULL;
-	new_this->next = NULL;
-	return new_this;
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr)
-{
-	Pk11Install_Value* new_this;
-	new_this = Pk11Install_Value_new_default();
-	new_this->type = _type;
-	if(_type == STRING_VALUE) {
-		new_this->pair = NULL;
-		new_this->string = ptr.string;
-	} else {
-		new_this->string = NULL;
-		new_this->pair = ptr.pair;
-	}
-	return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this)
-{
-	if(_this->type == STRING_VALUE) {
-		PR_Free(_this->string);
-	} else {
-		PR_Free(_this->pair);
-	}
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new_default()
-{
-	return Pk11Install_Pair_new(NULL,NULL);
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new(char *_key, Pk11Install_ValueList *_list)
-{
-	Pk11Install_Pair* new_this;
-	new_this = (Pk11Install_Pair*)PR_Malloc(sizeof(Pk11Install_Pair));
-	new_this->key = _key;
-	new_this->list = _list;
-	return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this)
-{
-	PR_Free(_this->key);
-	Pk11Install_ValueList_delete(_this->list);
-	PR_Free(_this->list);
-}
-
-/*************************************************************************/
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad)
-{
-	while (_this) {
-		/*PAD(pad); printf("**Pair\n");
-		PAD(pad); printf("***Key====\n");*/
-		PAD(pad); printf("%s {\n", _this->key);
-		/*PAD(pad); printf("====\n");*/
-		/*PAD(pad); printf("***ValueList\n");*/
-		Pk11Install_ValueList_Print(_this->list,pad+PADINC);
-		PAD(pad); printf("}\n");
-	}
-}
-
-/*************************************************************************/
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad)
-{
-	Pk11Install_Value *v;
-
-	/*PAD(pad);printf("**Value List**\n");*/
-	for(v = _this->head; v != NULL; v=v->next) {
-		Pk11Install_Value_Print(v,pad);
-	}
-}
-
-/*************************************************************************/
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad)
-{
-	/*PAD(pad); printf("**Value, type=%s\n",
-		type==STRING_VALUE ? "string" : "pair");*/
-	if(_this->type==STRING_VALUE) {
-		/*PAD(pad+PADINC); printf("====\n");*/
-		PAD(pad); printf("%s\n", _this->string);
-		/*PAD(pad+PADINC); printf("====\n");*/
-	} else {
-		Pk11Install_Pair_Print(_this->pair,pad+PADINC);
-	}
-}
diff --git a/security/nss/cmd/modutil/install-ds.h b/security/nss/cmd/modutil/install-ds.h
deleted file mode 100644
index 2311f0928..000000000
--- a/security/nss/cmd/modutil/install-ds.h
+++ /dev/null
@@ -1,290 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef INSTALL_DS_H
-#define INSTALL_DS_H
-
-#include <stdio.h>
-#include <prio.h>
-#include <prmem.h>
-
-extern PRFileDesc *Pk11Install_FD;
-extern int Pk11Install_yylex();
-extern int Pk11Install_yylinenum;
-extern char *Pk11Install_yyerrstr;
-
-typedef enum { STRING_VALUE, PAIR_VALUE } ValueType;
-
-typedef struct Pk11Install_Pair_str Pk11Install_Pair;
-typedef union Pk11Install_Pointer_str Pk11Install_Pointer;
-typedef struct Pk11Install_Value_str Pk11Install_Value;
-typedef struct Pk11Install_ValueList_str Pk11Install_ValueList;
-typedef struct Pk11Install_ListIter_str Pk11Install_ListIter;
-typedef struct Pk11Install_File_str Pk11Install_File;
-typedef struct Pk11Install_PlatformName_str Pk11Install_PlatformName;
-typedef struct Pk11Install_Platform_str Pk11Install_Platform;
-typedef struct Pk11Install_Info_str Pk11Install_Info;
-
-extern Pk11Install_Pointer Pk11Install_yylval;
-extern Pk11Install_ValueList* Pk11Install_valueList;
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pair
-//////////////////////////////////////////////////////////////////////////
-*/
-
-struct Pk11Install_Pair_str {
-	char * key;
-	Pk11Install_ValueList *list;
-
-};
-
-Pk11Install_Pair* 
-Pk11Install_Pair_new_default();
-Pk11Install_Pair* 
-Pk11Install_Pair_new( char* _key, Pk11Install_ValueList* _list);
-void 
-Pk11Install_Pair_delete(Pk11Install_Pair* _this);
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pointer
-//////////////////////////////////////////////////////////////////////////
-*/
-union Pk11Install_Pointer_str {
-	Pk11Install_ValueList *list;
-	Pk11Install_Value *value;
-	Pk11Install_Pair *pair;
-	char *string;
-};
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Value
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_Value_str {
-
-	ValueType type;
-	char *string;	
-	Pk11Install_Pair *pair;
-	struct Pk11Install_Value_str *next;
-};
-
-Pk11Install_Value* 
-Pk11Install_Value_new_default();
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr);
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this);
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ValueList
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ValueList_str {
-	int numItems;
-	int numPairs;
-	int numStrings;
-	Pk11Install_Value *head;
-};
-
-Pk11Install_ValueList* 
-Pk11Install_ValueList_new();
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this);
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
-                              Pk11Install_Value* item);
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad);
-
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ListIter
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ListIter_str {
-	const Pk11Install_ValueList *list;
-	Pk11Install_Value *current;
-};
-
-Pk11Install_ListIter* 
-Pk11Install_ListIter_new_default();
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this);
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList* _list);
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this);
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this);
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this);
-
-/************************************************************************
- *
- * Pk11Install_File
- */
-struct Pk11Install_File_str {
-	char *jarPath;
-	char *relativePath;
-	char *absolutePath;
-	PRBool executable;
-	int permissions;
-};
-
-Pk11Install_File*
-Pk11Install_File_new();
-void
-Pk11Install_File_init(Pk11Install_File* _this);
-void
-Pk11Install_file_delete(Pk11Install_File* _this);
-/*// Parses a syntax tree to obtain all attributes.
-// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this, 
-                          const Pk11Install_Pair* pair);
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad);
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this);
-
-/************************************************************************
- *
- * Pk11Install_PlatformName
- */
-struct Pk11Install_PlatformName_str {
-	char *OS;
-	char **verString;
-	int numDigits;
-	char *arch;
-};
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new();
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
-                                  const char* str);
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad);
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this);
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
-                               Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
-                              Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
-                            Pk11Install_PlatformName* cmp);
-
-/************************************************************************
- *
- * Pk11Install_Platform
- */
-struct Pk11Install_Platform_str {
-	Pk11Install_PlatformName name;
-	Pk11Install_PlatformName equivName;
-	struct Pk11Install_Platform_str *equiv;
-	PRBool usesEquiv;
-	char *moduleFile;
-	char *moduleName;
-	int modFile;
-	unsigned long mechFlags;
-	unsigned long cipherFlags;
-	Pk11Install_File *files;
-	int numFiles;
-};
-
-Pk11Install_Platform*
-Pk11Install_Platform_new();
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this);
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char* 
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
-                              const Pk11Install_Pair *pair);
-void 
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad);
-void 
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this);
-
-/************************************************************************
- *
- * Pk11Install_Info
- */
-struct Pk11Install_Info_str {
-	Pk11Install_Platform *platforms;
-	int numPlatforms;
-	Pk11Install_PlatformName *forwardCompatible;
-	int numForwardCompatible;
-};
-
-Pk11Install_Info*
-Pk11Install_Info_new();
-void
-Pk11Install_Info_init();
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char* 
-Pk11Install_Info_Generate(Pk11Install_Info* _this, 
-                          const Pk11Install_ValueList *list);
-	/*// Returns NULL if there is no matching platform*/
-Pk11Install_Platform* 
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char* myPlatform);
-void 
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad);
-void 
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this);
-
-#endif /* INSTALL_DS_H */
diff --git a/security/nss/cmd/modutil/install.c b/security/nss/cmd/modutil/install.c
deleted file mode 100644
index 452b70f01..000000000
--- a/security/nss/cmd/modutil/install.c
+++ /dev/null
@@ -1,979 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "install.h"
-#include "install-ds.h"
-#include <prlock.h>
-#include <prio.h>
-#include <prmem.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prproces.h>
-
-/*extern "C" {*/
-#include <jar.h>
-/*}*/
-
-extern /*"C"*/
-int Pk11Install_AddNewModule(char* moduleName, char* dllPath,
-                              unsigned long defaultMechanismFlags,
-                              unsigned long cipherEnableFlags);
-extern /*"C"*/
-short Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out,
-	PRBool query);
-extern /*"C"*/
-const char* mySECU_ErrorString(int16);
-extern 
-int Pk11Install_yyparse();
-
-#define INSTALL_METAINFO_TAG "Pkcs11_install_script"
-#define SCRIPT_TEMP_FILE "pkcs11inst.tmp"
-#define ROOT_MARKER "%root%"
-#define TEMP_MARKER "%temp%"
-#define PRINTF_ROOT_MARKER "%%root%%"
-#define TEMPORARY_DIRECTORY_NAME "pk11inst.dir"
-#define JAR_BASE_END (JAR_BASE+100)
-
-static PRLock* errorHandlerLock=NULL;
-static Pk11Install_ErrorHandler errorHandler=NULL;
-static char* PR_Strdup(const char* str);
-static int rm_dash_r (char *path);
-static int make_dirs(char *path, int file_perms);
-static int dir_perms(int perms);
-
-static Pk11Install_Error DoInstall(JAR *jar, const char *installDir,
-	const char* tempDir, Pk11Install_Platform *platform, 
-	PRFileDesc *feedback, PRBool noverify);
-
-static char *errorString[]= {
-	"Operation was successful", /* PK11_INSTALL_NO_ERROR */
-	"Directory \"%s\" does not exist", /* PK11_INSTALL_DIR_DOESNT_EXIST */
-	"File \"%s\" does not exist", /* PK11_INSTALL_FILE_DOESNT_EXIST */
-	"File \"%s\" is not readable", /* PK11_INSTALL_FILE_NOT_READABLE */
-	"%s",		/* PK11_INSTALL_ERROR_STRING */
-	"Error in JAR file %s: %s",  /* PK11_INSTALL_JAR_ERROR */
-	"No Pkcs11_install_script specified in JAR metainfo file",
-				/* PK11_INSTALL_NO_INSTALLER_SCRIPT */
-	"Could not delete temporary file \"%s\"",
-				/*PK11_INSTALL_DELETE_TEMP_FILE */
-	"Could not open temporary file \"%s\"", /*PK11_INSTALL_OPEN_SCRIPT_FILE*/
-	"%s: %s", /* PK11_INSTALL_SCRIPT_PARSE */
-	"Error in script: %s",
-	"Unable to obtain system platform information",
-	"Installer script has no information about the current platform (%s)",
-	"Relative directory \"%s\" does not contain "PRINTF_ROOT_MARKER,
-	"Module File \"%s\" not found",
-	"Error occurred installing module \"%s\" into database",
-	"Error extracting \"%s\" from JAR file: %s",
-	"Directory \"%s\" is not writeable",
-	"Could not create directory \"%s\"",
-	"Could not remove directory \"%s\"",
-	"Unable to execute \"%s\"",
-	"Unable to wait for process \"%s\"",
-	"\"%s\" returned error code %d",
-	"User aborted operation",
-	"Unspecified error"
-};
-
-enum {
-	INSTALLED_FILE_MSG=0,
-	INSTALLED_MODULE_MSG,
-	INSTALLER_SCRIPT_NAME,
-	MY_PLATFORM_IS,
-	USING_PLATFORM,
-	PARSED_INSTALL_SCRIPT,
-	EXEC_FILE_MSG,
-	EXEC_SUCCESS,
-	INSTALLATION_COMPLETE_MSG,
-	USER_ABORT
-};
-
-static char *msgStrings[] = {
-	"Installed file %s to %s\n",
-	"Installed module \"%s\" into module database\n",
-	"Using installer script \"%s\"\n",
-	"Current platform is %s\n",
-	"Using installation parameters for platform %s\n",
-	"Successfully parsed installation script\n",
-	"Executing \"%s\"...\n",
-	"\"%s\" executed successfully\n",
-	"\nInstallation completed successfully\n",
-	"\nAborting...\n"
-};
-
-/**************************************************************************
- * S t r i n g N o d e
- */
-typedef struct StringNode_str {
-    char *str;
-    struct StringNode_str* next;
-} StringNode;
-
-StringNode* StringNode_new()
-{
-	StringNode* new_this;
-	new_this = (StringNode*)malloc(sizeof(StringNode));
-  new_this->str=NULL;
-  new_this->next=NULL;
-	return new_this;
-}
-
-void StringNode_delete(StringNode* s) 
-{
-	if(s->str) {
-		PR_Free(s->str);
-		s->str=NULL;
-	}
-}
-
-/*************************************************************************
- * S t r i n g L i s t
- */
-typedef struct StringList_str {
-  StringNode* head;
-	StringNode* tail;
-} StringList;
-
-void StringList_new(StringList* list)
-{
-  list->head=NULL;
-  list->tail=NULL;
-}
-
-void StringList_delete(StringList* list)
-{
-	StringNode *tmp;
-	while(list->head) {
-		tmp = list->head;
-		list->head = list->head->next;
-		StringNode_delete(tmp);
-	}
-}
-
-void
-StringList_Append(StringList* list, char* str)
-{
-	if(!str) {
-		return;
-	}
-
-	if(!list->tail) {
-		/* This is the first element */
-	  list->head = list->tail = StringNode_new();
-	} else {
-		list->tail->next = StringNode_new();
-		list->tail = list->tail->next;
-	}
-
-	list->tail->str = PR_Strdup(str);
-	list->tail->next = NULL;	/* just to be sure */
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library.  Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler)
-{
-	Pk11Install_ErrorHandler old;
-
-	if(!errorHandlerLock) {
-		errorHandlerLock = PR_NewLock();
-	}
-
-	PR_Lock(errorHandlerLock);
-
-	old = errorHandler;
-	errorHandler = handler;
-
-	PR_Unlock(errorHandlerLock);
-
-	return old;
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly.  Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init()
-{
-	if(!errorHandlerLock) {
-		errorHandlerLock = PR_NewLock();
-	}
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library.  Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first.  This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release()
-{
-	if(errorHandlerLock) {
-		PR_Free(errorHandlerLock);
-		errorHandlerLock = NULL;
-	}
-}
-
-/*************************************************************************
- *
- * e r r o r
- *
- * Takes an error code and its arguments, creates the error string,
- * and sends the string to the handler function if it exists.
- */
-
-#ifdef OSF1
-/* stdarg has already been pulled in from NSPR */
-#undef va_start
-#undef va_end
-#undef va_arg
-#include <varargs.h>
-#else
-#include <stdarg.h>
-#endif
-
-#ifdef OSF1
-static void
-error(long va_alist, ...)
-#else
-static void
-error(Pk11Install_Error errcode, ...)
-#endif
-{
-
-	va_list ap;
-	char *errstr;
-	Pk11Install_ErrorHandler handler;
-
-	if(!errorHandlerLock) {
-		errorHandlerLock = PR_NewLock();
-	}
-
-	PR_Lock(errorHandlerLock);
-
-	handler = errorHandler;
-
-	PR_Unlock(errorHandlerLock);
-
-	if(handler) {
-#ifdef OSF1
-		va_start(ap);
-		errstr = PR_vsmprintf(errorString[va_arg(ap, Pk11Install_Error)], ap);
-#else
-		va_start(ap, errcode);
-		errstr = PR_vsmprintf(errorString[errcode], ap);
-#endif
-		handler(errstr);
-		PR_smprintf_free(errstr);
-		va_end(ap);
-	}
-}
-
-/*************************************************************************
- *
- * j a r _ c a l l b a c k
- */
-static int
-jar_callback(int status, JAR *foo, const char *bar, char *pathname,
-	char *errortext) {
-	char *string;
-
-	string = PR_smprintf("JAR error %d: %s in file %s\n", status, errortext,
-		pathname);
-	error(PK11_INSTALL_ERROR_STRING, string);
-	PR_smprintf_free(string);
-	return 0;
-}
-	
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- *   installed.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
-	const char *tempDir, PRFileDesc *feedback, short force, PRBool noverify)
-{
-	JAR *jar;
-	char *installer;
-	unsigned long installer_len;
-	int status;
-	Pk11Install_Error ret;
-	PRBool made_temp_file;
-	Pk11Install_Info installInfo;
-	Pk11Install_Platform *platform;
-	char* errMsg;
-	char sysname[SYS_INFO_BUFFER_LENGTH], release[SYS_INFO_BUFFER_LENGTH],
-       arch[SYS_INFO_BUFFER_LENGTH];
-	char *myPlatform;
-
-	jar=NULL;
-	ret = PK11_INSTALL_UNSPECIFIED;
-	made_temp_file=PR_FALSE;
-	errMsg=NULL;
-	Pk11Install_Info_init(&installInfo);
-
-	/*
-	printf("Inside DoInstall, jarFile=%s, installDir=%s, tempDir=%s\n",
-		jarFile, installDir, tempDir);
-	*/
-
-	/*
-	 * Check out jarFile and installDir for validity
-	 */
-	if( PR_Access(installDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
-		error(PK11_INSTALL_DIR_DOESNT_EXIST, installDir);
-		return PK11_INSTALL_DIR_DOESNT_EXIST;
-	}
-	if(!tempDir) {
-		tempDir = ".";
-	}
-	if( PR_Access(tempDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
-		error(PK11_INSTALL_DIR_DOESNT_EXIST, tempDir);
-		return PK11_INSTALL_DIR_DOESNT_EXIST;
-	}
-	if( PR_Access(tempDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS ) {
-		error(PK11_INSTALL_DIR_NOT_WRITEABLE, tempDir);
-		return PK11_INSTALL_DIR_NOT_WRITEABLE;
-	}
-	if( (PR_Access(jarFile, PR_ACCESS_EXISTS) != PR_SUCCESS) ) {
-		error(PK11_INSTALL_FILE_DOESNT_EXIST, jarFile);
-		return PK11_INSTALL_FILE_DOESNT_EXIST;
-	}
-	if( PR_Access(jarFile, PR_ACCESS_READ_OK) != PR_SUCCESS ) {
-		error(PK11_INSTALL_FILE_NOT_READABLE, jarFile);
-		return PK11_INSTALL_FILE_NOT_READABLE;
-	}
-
-	/*
-	 * Extract the JAR file
-	 */
-	jar = JAR_new();
-	JAR_set_callback(JAR_CB_SIGNAL, jar, jar_callback);
-
-	if(noverify) {
-		status = JAR_pass_archive_unverified(jar, jarArchGuess, jarFile, "url");
-	} else {
-		status = JAR_pass_archive(jar, jarArchGuess, jarFile, "url");
-	}
-	if( (status < 0) || (jar->valid < 0) ) {
-		if (status >= JAR_BASE && status <= JAR_BASE_END) {
-			error(PK11_INSTALL_JAR_ERROR, jarFile, JAR_get_error(status));
-		} else {
-			error(PK11_INSTALL_JAR_ERROR, jarFile,
-			  mySECU_ErrorString((int16) PORT_GetError()) );
-		}
-		ret=PK11_INSTALL_JAR_ERROR;
-		goto loser;
-	}
-	/*printf("passed the archive\n");*/
-
-	/*
-	 * Show the user security information, allow them to abort or continue
-	 */
-	if( Pk11Install_UserVerifyJar(jar, PR_STDOUT,
-		force?PR_FALSE:PR_TRUE) && !force) {
-		if(feedback) {
-			PR_fprintf(feedback, msgStrings[USER_ABORT]);
-		}
-		ret=PK11_INSTALL_USER_ABORT;
-		goto loser;
-	}
-
-	/*
-	 * Get the name of the installation file
-	 */
-	if( JAR_get_metainfo(jar, NULL, INSTALL_METAINFO_TAG, (void**)&installer,
-		(unsigned long*)&installer_len) ) {
-		error(PK11_INSTALL_NO_INSTALLER_SCRIPT);
-		ret=PK11_INSTALL_NO_INSTALLER_SCRIPT;
-		goto loser;
-	}
-	if(feedback) {
-		PR_fprintf(feedback, msgStrings[INSTALLER_SCRIPT_NAME], installer);
-	}
-
-	/*
-	 * Extract the installation file
-	 */
-	if( PR_Access(SCRIPT_TEMP_FILE, PR_ACCESS_EXISTS) == PR_SUCCESS) {
-		if( PR_Delete(SCRIPT_TEMP_FILE) != PR_SUCCESS) {
-			error(PK11_INSTALL_DELETE_TEMP_FILE, SCRIPT_TEMP_FILE);
-			ret=PK11_INSTALL_DELETE_TEMP_FILE;
-			goto loser;
-		}
-	}
-	if(noverify) {
-		status = JAR_extract(jar, installer, SCRIPT_TEMP_FILE);
-	} else {
-		status = JAR_verified_extract(jar, installer, SCRIPT_TEMP_FILE);
-	}
-	if(status) {
-		if (status >= JAR_BASE && status <= JAR_BASE_END) {
-			error(PK11_INSTALL_JAR_EXTRACT, installer, JAR_get_error(status));
-		} else {
-			error(PK11_INSTALL_JAR_EXTRACT, installer,
-			  mySECU_ErrorString((int16) PORT_GetError()) );
-		}
-		ret = PK11_INSTALL_JAR_EXTRACT;
-		goto loser;
-	} else {
-		made_temp_file = PR_TRUE;
-	}
-
-	/*
-	 * Parse the installation file into a syntax tree
-	 */
-	Pk11Install_FD = PR_Open(SCRIPT_TEMP_FILE, PR_RDONLY, 0);
-	if(!Pk11Install_FD) {
-		error(PK11_INSTALL_OPEN_SCRIPT_FILE, SCRIPT_TEMP_FILE);
-		ret=PK11_INSTALL_OPEN_SCRIPT_FILE;
-		goto loser;
-	}
-	if(Pk11Install_yyparse()) {
-		error(PK11_INSTALL_SCRIPT_PARSE, installer,
-			Pk11Install_yyerrstr ? Pk11Install_yyerrstr : "");
-		ret=PK11_INSTALL_SCRIPT_PARSE;
-		goto loser;
-	}
-
-#if 0
-	/* for debugging */
-	Pk11Install_valueList->Print(0);
-#endif
-
-	/*
-	 * From the syntax tree, build a semantic structure
-	 */
-	errMsg = Pk11Install_Info_Generate(&installInfo,Pk11Install_valueList);
-	if(errMsg) {
-		error(PK11_INSTALL_SEMANTIC, errMsg);
-		ret=PK11_INSTALL_SEMANTIC;
-		goto loser;
-	}
-#if 0
-	installInfo.Print(0);
-#endif
-
-	if(feedback) {
-		PR_fprintf(feedback, msgStrings[PARSED_INSTALL_SCRIPT]);
-	}
-
-	/*
-	 * Figure out which platform to use
-	 */
-	{
-		sysname[0] = release[0] = arch[0] = '\0';
-
-		if( (PR_GetSystemInfo(PR_SI_SYSNAME, sysname, SYS_INFO_BUFFER_LENGTH)
-				!= PR_SUCCESS) ||
-		    (PR_GetSystemInfo(PR_SI_RELEASE, release, SYS_INFO_BUFFER_LENGTH)
-				!= PR_SUCCESS) ||
-		    (PR_GetSystemInfo(PR_SI_ARCHITECTURE, arch, SYS_INFO_BUFFER_LENGTH)
-				!= PR_SUCCESS) ) {
-			error(PK11_INSTALL_SYSINFO);
-			ret=PK11_INSTALL_SYSINFO;
-			goto loser;
-		}
-		myPlatform = PR_smprintf("%s:%s:%s", sysname, release, arch);
-		platform = Pk11Install_Info_GetBestPlatform(&installInfo,myPlatform);
-		if(!platform) {
-			error(PK11_INSTALL_NO_PLATFORM, myPlatform);
-			PR_smprintf_free(myPlatform);
-			ret=PK11_INSTALL_NO_PLATFORM;
-			goto loser;
-		}
-		if(feedback) {
-			PR_fprintf(feedback, msgStrings[MY_PLATFORM_IS], myPlatform);
-			PR_fprintf(feedback, msgStrings[USING_PLATFORM],
-                    Pk11Install_PlatformName_GetString(&platform->name));
-		}
-		PR_smprintf_free(myPlatform);
-	}
-
-	/* Run the install for that platform */
-	ret = DoInstall(jar, installDir, tempDir, platform, feedback, noverify);
-	if(ret) {
-		goto loser;
-	}
-
-	ret = PK11_INSTALL_SUCCESS;
-loser:
-	if(Pk11Install_valueList) {
-		Pk11Install_ValueList_delete(Pk11Install_valueList);
-		PR_Free(Pk11Install_valueList);
-		Pk11Install_valueList = NULL;
-	}
-	if(jar) {
-		JAR_destroy(jar);
-	}
-	if(made_temp_file) {
-		PR_Delete(SCRIPT_TEMP_FILE);
-	}
-	if(errMsg) {
-		PR_smprintf_free(errMsg);
-	}
-	return ret;
-}
-
-/*
-/////////////////////////////////////////////////////////////////////////
-// actually run the installation, copying files to and fro
-*/
-static Pk11Install_Error
-DoInstall(JAR *jar, const char *installDir, const char *tempDir,
-	Pk11Install_Platform *platform, PRFileDesc *feedback, PRBool noverify)
-{
-	Pk11Install_File *file;
-	Pk11Install_Error ret;
-	char *reldir;
-	char *dest;
-	char *modDest;
-	char *cp;
-	int i;
-	int status;
-	char *tempname, *temp;
-	StringList executables;
-	StringNode *execNode;
-	PRProcessAttr *attr;
-	PRProcess *proc;
-	char *argv[2];
-	char *envp[1];
-	int errcode;
-
-	ret=PK11_INSTALL_UNSPECIFIED;
-	reldir=NULL;
-	dest=NULL;
-	modDest=NULL;
-	tempname=NULL;
-
-	StringList_new(&executables);
-	/*
-	// Create Temporary directory
-	*/
-	tempname = PR_smprintf("%s/%s", tempDir, TEMPORARY_DIRECTORY_NAME);
-	if( PR_Access(tempname, PR_ACCESS_EXISTS)==PR_SUCCESS ) {
-		/* Left over from previous run?  Delete it. */
-		rm_dash_r(tempname);
-	}
-	if(PR_MkDir(tempname, 0700) != PR_SUCCESS) {
-		error(PK11_INSTALL_CREATE_DIR, tempname);
-		ret = PK11_INSTALL_CREATE_DIR;
-		goto loser;
-	}
-
-	/*
-	// Install all the files
-	*/
-	for(i=0; i < platform->numFiles; i++) {
-		file = &platform->files[i];
-
-		if(file->relativePath) {
-			PRBool foundMarker = PR_FALSE;
-			reldir = PR_Strdup(file->relativePath);
-
-			/* Replace all the markers with the directories for which they stand */
-			while(1) {
-				if( (cp=PL_strcasestr(reldir, ROOT_MARKER)) ) {
-					/* Has a %root% marker  */
-					*cp = '\0';
-					temp = PR_smprintf("%s%s%s", reldir, installDir,
-						cp+strlen(ROOT_MARKER));
-					PR_Free(reldir);
-					reldir = temp;
-					foundMarker = PR_TRUE;
-				} else if( (cp = PL_strcasestr(reldir, TEMP_MARKER)) ) {
-					/* Has a %temp% marker */
-					*cp = '\0';
-					temp = PR_smprintf("%s%s%s", reldir, tempname, 
-						cp+strlen(TEMP_MARKER));
-					PR_Free(reldir);
-					reldir = temp;
-					foundMarker = PR_TRUE;
-				} else {
-					break;
-				}
-			}
-			if(!foundMarker) {
-				/* Has no markers...this isn't really a relative directory */
-				error(PK11_INSTALL_BOGUS_REL_DIR, file->relativePath);
-				ret = PK11_INSTALL_BOGUS_REL_DIR;
-				goto loser;
-			}
-			dest = reldir;
-			reldir = NULL;
-		} else if(file->absolutePath) {
-			dest = PR_Strdup(file->absolutePath);
-		}
-
-		/* Remember if this is the module file, we'll need to add it later */
-		if(i == platform->modFile) {
-			modDest = PR_Strdup(dest);
-		}
-
-		/* Remember is this is an executable, we'll need to run it later */
-		if(file->executable) {
-			StringList_Append(&executables,dest);
-			/*executables.Append(dest);*/
-		}
-
-		/* Make sure the directory we are targetting exists */
-		if( make_dirs(dest, file->permissions) ) {
-			ret=PK11_INSTALL_CREATE_DIR;
-			goto loser;
-		}
-
-		/* Actually extract the file onto the filesystem */
-		if(noverify) {
-			status = JAR_extract(jar, (char*)file->jarPath, dest);
-		} else {
-			status = JAR_verified_extract(jar, (char*)file->jarPath, dest);
-		}
-		if(status) {
-			if (status >= JAR_BASE && status <= JAR_BASE_END) {
-				error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
-                  JAR_get_error(status));
-			} else {
-				error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
-				  mySECU_ErrorString((int16) PORT_GetError()) );
-			}
-			ret=PK11_INSTALL_JAR_EXTRACT;
-			goto loser;
-		}
-		if(feedback) {
-			PR_fprintf(feedback, msgStrings[INSTALLED_FILE_MSG],
-				file->jarPath, dest);
-		}
-
-		/* no NSPR command to change permissions? */
-#ifdef XP_UNIX
-		chmod(dest, file->permissions);
-#endif
-
-		/* Memory clean-up tasks */
-		if(reldir) {
-			PR_Free(reldir);
-			reldir = NULL;
-		}
-		if(dest) {
-			PR_Free(dest);
-			dest = NULL;
-		}
-	}
-	/* Make sure we found the module file */
-	if(!modDest) {
-		/* Internal problem here, since every platform is supposed to have
-		   a module file */
-		error(PK11_INSTALL_NO_MOD_FILE, platform->moduleName);
-		ret=PK11_INSTALL_NO_MOD_FILE;
-		goto loser;
-	}
-
-	/*
-	// Execute any executable files
-	*/
-	{
-		argv[1] = NULL;
-		envp[0] = NULL;
-		for(execNode = executables.head; execNode; execNode = execNode->next) {
-			attr = PR_NewProcessAttr();
-			argv[0] = PR_Strdup(execNode->str);
-
-			/* Announce our intentions */
-			if(feedback) {
-				PR_fprintf(feedback, msgStrings[EXEC_FILE_MSG], execNode->str);
-			}
-
-			/* start the process */
-			if( !(proc=PR_CreateProcess(execNode->str, argv, envp, attr)) ) {
-				PR_Free(argv[0]);
-				PR_DestroyProcessAttr(attr);
-				error(PK11_INSTALL_EXEC_FILE, execNode->str);
-				ret=PK11_INSTALL_EXEC_FILE;
-				goto loser;
-			}
-
-			/* wait for it to finish */
-			if( PR_WaitProcess(proc, &errcode) != PR_SUCCESS) {
-				PR_Free(argv[0]);
-				PR_DestroyProcessAttr(attr);
-				error(PK11_INSTALL_WAIT_PROCESS, execNode->str);
-				ret=PK11_INSTALL_WAIT_PROCESS;
-				goto loser;
-			}
-
-			/* What happened? */
-			if(errcode) {
-				/* process returned an error */
-				error(PK11_INSTALL_PROC_ERROR, execNode->str, errcode);
-			} else if(feedback) {
-				/* process ran successfully */
-				PR_fprintf(feedback, msgStrings[EXEC_SUCCESS], execNode->str);
-			}
-
-			PR_Free(argv[0]);
-			PR_DestroyProcessAttr(attr);
-		}
-	}
-
-	/*
-	// Add the module
-	*/
-	status = Pk11Install_AddNewModule((char*)platform->moduleName,
-		(char*)modDest, platform->mechFlags, platform->cipherFlags );
-
-	if(status != SECSuccess) {
-		error(PK11_INSTALL_ADD_MODULE, platform->moduleName);
-		ret=PK11_INSTALL_ADD_MODULE;
-		goto loser;
-	}
-	if(feedback) {
-		PR_fprintf(feedback, msgStrings[INSTALLED_MODULE_MSG],
-			platform->moduleName);
-	}
-
-	if(feedback) {
-		PR_fprintf(feedback, msgStrings[INSTALLATION_COMPLETE_MSG]);
-	}
-
-	ret = PK11_INSTALL_SUCCESS;
-
-loser:
-	if(reldir) {
-		PR_Free(reldir);
-	}
-	if(dest) {
-		PR_Free(dest);
-	}
-	if(modDest) {
-		PR_Free(modDest);
-	}
-	if(tempname) {
-		PRFileInfo info;
-		if(PR_GetFileInfo(tempname, &info) == PR_SUCCESS) {
-			if((info.type == PR_FILE_DIRECTORY)) {
-				/* Recursively remove temporary directory */
-				if(rm_dash_r(tempname)) {
-					error(PK11_INSTALL_REMOVE_DIR,
-						tempname);
-					ret=PK11_INSTALL_REMOVE_DIR;
-				}
-					
-			}
-		}
-		PR_Free(tempname);
-	}
-	StringList_delete(&executables);
-	return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
-	char *tmp = (char*) PR_Malloc(strlen(str)+1);
-	strcpy(tmp, str);
-	return tmp;
-}
-
-/*
- *  r m _ d a s h _ r
- *
- *  Remove a file, or a directory recursively.
- *
- */
-static int
-rm_dash_r (char *path)
-{
-    PRDir   *dir;
-    PRDirEntry *entry;
-    PRFileInfo fileinfo;
-    char filename[240];
-
-    if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
-        /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
-        return -1;
-    }
-    if(fileinfo.type == PR_FILE_DIRECTORY) {
-
-        dir = PR_OpenDir(path);
-        if(!dir) {
-            return -1;
-        }
-
-        /* Recursively delete all entries in the directory */
-        while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
-            sprintf(filename, "%s/%s", path, entry->name);
-            if(rm_dash_r(filename)) return -1;
-        }
-
-        if(PR_CloseDir(dir) != PR_SUCCESS) {
-            return -1;
-        }
-
-        /* Delete the directory itself */
-        if(PR_RmDir(path) != PR_SUCCESS) {
-            return -1;
-        }
-    } else {
-        if(PR_Delete(path) != PR_SUCCESS) {
-            return -1;
-        }
-    }
-    return 0;
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists.  This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
-	char *Path;
-	char *start;
-	char *sep;
-	int ret = 0;
-	PRFileInfo info;
-
-	if(!path) {
-		return 0;
-	}
-
-	Path = PR_Strdup(path);
-	start = strpbrk(Path, "/\\");
-	if(!start) {
-		return 0;
-	}
-	start++; /* start right after first slash */
-
-	/* Each time through the loop add one more directory. */
-	while( (sep=strpbrk(start, "/\\")) ) {
-		*sep = '\0';
-
-		if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
-			/* No such dir, we have to create it */
-			if( PR_MkDir(Path, dir_perms(file_perms)) != PR_SUCCESS) {
-				error(PK11_INSTALL_CREATE_DIR, Path);
-				ret = PK11_INSTALL_CREATE_DIR;
-				goto loser;
-			}
-		} else {
-			/* something exists by this name, make sure it's a directory */
-			if( info.type != PR_FILE_DIRECTORY ) {
-				error(PK11_INSTALL_CREATE_DIR, Path);
-				ret = PK11_INSTALL_CREATE_DIR;
-				goto loser;
-			}
-		}
-
-		/* If this is the lowest directory level, make sure it is writeable */
-		if(!strpbrk(sep+1, "/\\")) {
-			if( PR_Access(Path, PR_ACCESS_WRITE_OK)!=PR_SUCCESS) {
-				error(PK11_INSTALL_DIR_NOT_WRITEABLE, Path);
-				ret = PK11_INSTALL_DIR_NOT_WRITEABLE;
-				goto loser;
-			}
-		}
-
-		start = sep+1; /* start after the next slash */
-		*sep = '/';
-	}
-
-loser:
-	PR_Free(Path);
-	return ret;
-}
-
-/*************************************************************************
- * d i r _ p e r m s
- * 
- * Guesses the desired permissions on a directory based on the permissions
- * of a file that will be stored in it. Give read, write, and
- * execute to the owner (so we can create the file), read and 
- * execute to anyone who has read permissions on the file, and write
- * to anyone who has write permissions on the file.
- */
-static int
-dir_perms(int perms)
-{
-	int ret = 0;
-
-	/* owner */
-	ret |= 0700;
-
-	/* group */
-	if(perms & 0040) {
-		/* read on the file -> read and execute on the directory */
-		ret |= 0050;
-	}
-	if(perms & 0020) {
-		/* write on the file -> write on the directory */
-		ret |= 0020;
-	}
-
-	/* others */
-	if(perms & 0004) {
-		/* read on the file -> read and execute on the directory */
-		ret |= 0005;
-	}
-	if(perms & 0002) {
-		/* write on the file -> write on the directory */
-		ret |= 0002;
-	}
-
-	return ret;
-}
diff --git a/security/nss/cmd/modutil/install.h b/security/nss/cmd/modutil/install.h
deleted file mode 100644
index 3874ed77e..000000000
--- a/security/nss/cmd/modutil/install.h
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PK11INSTALL_H
-#define PK11INSTALL_H
-
-#include <prio.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef void (*Pk11Install_ErrorHandler)(char *);
-
-typedef enum {
-	PK11_INSTALL_NO_ERROR=0,
-	PK11_INSTALL_DIR_DOESNT_EXIST,
-	PK11_INSTALL_FILE_DOESNT_EXIST,
-	PK11_INSTALL_FILE_NOT_READABLE,
-	PK11_INSTALL_ERROR_STRING,
-	PK11_INSTALL_JAR_ERROR,
-	PK11_INSTALL_NO_INSTALLER_SCRIPT,
-	PK11_INSTALL_DELETE_TEMP_FILE,
-	PK11_INSTALL_OPEN_SCRIPT_FILE,
-	PK11_INSTALL_SCRIPT_PARSE,
-	PK11_INSTALL_SEMANTIC,
-	PK11_INSTALL_SYSINFO,
-	PK11_INSTALL_NO_PLATFORM,
-	PK11_INSTALL_BOGUS_REL_DIR,
-	PK11_INSTALL_NO_MOD_FILE,
-	PK11_INSTALL_ADD_MODULE,
-	PK11_INSTALL_JAR_EXTRACT,
-	PK11_INSTALL_DIR_NOT_WRITEABLE,
-	PK11_INSTALL_CREATE_DIR,
-	PK11_INSTALL_REMOVE_DIR,
-	PK11_INSTALL_EXEC_FILE,
-	PK11_INSTALL_WAIT_PROCESS,
-	PK11_INSTALL_PROC_ERROR,
-	PK11_INSTALL_USER_ABORT,
-	PK11_INSTALL_UNSPECIFIED
-} Pk11Install_Error;
-#define PK11_INSTALL_SUCCESS PK11_INSTALL_NO_ERROR
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly.  Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void 
-Pk11Install_Init();
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library.  Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler);
-
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library.  Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first.  This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void 
-Pk11Install_Release();
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- *   installed.
- * feedback is a file descriptor to which to write informative (not error)
- * status messages: what files are being installed, what modules are being
- * installed.  If feedback==NULL, no messages will be displayed.
- * If force != 0, interactive prompts will be suppressed.
- * If noverify == PR_TRUE, signatures won't be checked on the JAR file.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
-	const char *tempDir, PRFileDesc *feedback, short force,
-	PRBool noverify);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /*PK11INSTALL_H*/
diff --git a/security/nss/cmd/modutil/installparse.c b/security/nss/cmd/modutil/installparse.c
deleted file mode 100644
index 16f81b6eb..000000000
--- a/security/nss/cmd/modutil/installparse.c
+++ /dev/null
@@ -1,429 +0,0 @@
-#ifndef lint
-char yysccsid[] = "@(#)yaccpar	1.4 (Berkeley) 02/25/90";
-#endif
-#line 37 "installparse.y"
- 
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include <prprf.h>
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-#line 40 "ytab.c"
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
-#define YYERRCODE 256
-short yylhs[] = {                                        -1,
-    0,    1,    1,    2,    2,    3,    4,
-};
-short yylen[] = {                                         2,
-    1,    2,    0,    1,    1,    4,    1,
-};
-short yydefred[] = {                                      0,
-    0,    0,    1,    0,    4,    0,    2,    0,    0,    6,
-};
-short yydgoto[] = {                                       2,
-    3,    4,    5,    6,
-};
-short yysindex[] = {                                   -257,
-    0,    0,    0, -257,    0, -252,    0, -257, -251,    0,
-};
-short yyrindex[] = {                                      6,
-    1,    0,    0,    3,    0,    0,    0, -250,    0,    0,
-};
-short yygindex[] = {                                      0,
-   -4,    0,    0,    0,
-};
-#define YYTABLESIZE 261
-short yytable[] = {                                       7,
-    5,    1,    3,    9,    8,    3,   10,    3,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    0,    0,    0,
-    0,    0,    0,    0,    0,    0,    0,    7,    5,    5,
-    3,
-};
-short yycheck[] = {                                       4,
-    0,  259,    0,    8,  257,    0,  258,  258,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,   -1,
-   -1,   -1,   -1,   -1,   -1,   -1,   -1,  257,  258,  259,
-  258,
-};
-#define YYFINAL 2
-#ifndef YYDEBUG
-#define YYDEBUG 0
-#endif
-#define YYMAXTOKEN 259
-#if YYDEBUG
-char *yyname[] = {
-"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"OPENBRACE","CLOSEBRACE","STRING",
-};
-char *yyrule[] = {
-"$accept : toplist",
-"toplist : valuelist",
-"valuelist : value valuelist",
-"valuelist :",
-"value : key_value_pair",
-"value : STRING",
-"key_value_pair : key OPENBRACE valuelist CLOSEBRACE",
-"key : STRING",
-};
-#endif
-#ifndef YYSTYPE
-typedef int YYSTYPE;
-#endif
-#define yyclearin (yychar=(-1))
-#define yyerrok (yyerrflag=0)
-#ifndef YYSTACKSIZE
-#ifdef YYMAXDEPTH
-#define YYSTACKSIZE YYMAXDEPTH
-#else
-#define YYSTACKSIZE 300
-#endif
-#endif
-int yydebug;
-int yynerrs;
-int yyerrflag;
-int yychar;
-short *yyssp;
-YYSTYPE *yyvsp;
-YYSTYPE yyval;
-YYSTYPE yylval;
-#define yystacksize YYSTACKSIZE
-short yyss[YYSTACKSIZE];
-YYSTYPE yyvs[YYSTACKSIZE];
-#line 118 "installparse.y"
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
-	char *tmp;
-	if(Pk11Install_yyerrstr) {
-		tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
-			Pk11Install_yylinenum, message);
-		PR_smprintf_free(Pk11Install_yyerrstr);
-	} else {
-		tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
-	}
-	Pk11Install_yyerrstr=tmp;
-}
-#line 191 "ytab.c"
-#define YYABORT goto yyabort
-#define YYACCEPT goto yyaccept
-#define YYERROR goto yyerrlab
-int
-yyparse()
-{
-    register int yym, yyn, yystate;
-#if YYDEBUG
-    register char *yys;
-    extern char *getenv();
-
-    if (yys = getenv("YYDEBUG"))
-    {
-        yyn = *yys;
-        if (yyn >= '0' && yyn <= '9')
-            yydebug = yyn - '0';
-    }
-#endif
-
-    yynerrs = 0;
-    yyerrflag = 0;
-    yychar = (-1);
-
-    yyssp = yyss;
-    yyvsp = yyvs;
-    *yyssp = yystate = 0;
-
-yyloop:
-    if (yyn = yydefred[yystate]) goto yyreduce;
-    if (yychar < 0)
-    {
-        if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
-        if (yydebug)
-        {
-            yys = 0;
-            if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
-            if (!yys) yys = "illegal-symbol";
-            printf("yydebug: state %d, reading %d (%s)\n", yystate,
-                    yychar, yys);
-        }
-#endif
-    }
-    if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
-            yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
-    {
-#if YYDEBUG
-        if (yydebug)
-            printf("yydebug: state %d, shifting to state %d\n",
-                    yystate, yytable[yyn]);
-#endif
-        if (yyssp >= yyss + yystacksize - 1)
-        {
-            goto yyoverflow;
-        }
-        *++yyssp = yystate = yytable[yyn];
-        *++yyvsp = yylval;
-        yychar = (-1);
-        if (yyerrflag > 0)  --yyerrflag;
-        goto yyloop;
-    }
-    if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
-            yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
-    {
-        yyn = yytable[yyn];
-        goto yyreduce;
-    }
-    if (yyerrflag) goto yyinrecovery;
-#ifdef lint
-    goto yynewerror;
-#endif
-yynewerror:
-    yyerror("syntax error");
-#ifdef lint
-    goto yyerrlab;
-#endif
-yyerrlab:
-    ++yynerrs;
-yyinrecovery:
-    if (yyerrflag < 3)
-    {
-        yyerrflag = 3;
-        for (;;)
-        {
-            if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
-                    yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
-            {
-#if YYDEBUG
-                if (yydebug)
-                    printf("yydebug: state %d, error recovery shifting\
- to state %d\n", *yyssp, yytable[yyn]);
-#endif
-                if (yyssp >= yyss + yystacksize - 1)
-                {
-                    goto yyoverflow;
-                }
-                *++yyssp = yystate = yytable[yyn];
-                *++yyvsp = yylval;
-                goto yyloop;
-            }
-            else
-            {
-#if YYDEBUG
-                if (yydebug)
-                    printf("yydebug: error recovery discarding state %d\n",
-                            *yyssp);
-#endif
-                if (yyssp <= yyss) goto yyabort;
-                --yyssp;
-                --yyvsp;
-            }
-        }
-    }
-    else
-    {
-        if (yychar == 0) goto yyabort;
-#if YYDEBUG
-        if (yydebug)
-        {
-            yys = 0;
-            if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
-            if (!yys) yys = "illegal-symbol";
-            printf("yydebug: state %d, error recovery discards token %d (%s)\n",
-                    yystate, yychar, yys);
-        }
-#endif
-        yychar = (-1);
-        goto yyloop;
-    }
-yyreduce:
-#if YYDEBUG
-    if (yydebug)
-        printf("yydebug: state %d, reducing by rule %d (%s)\n",
-                yystate, yyn, yyrule[yyn]);
-#endif
-    yym = yylen[yyn];
-    yyval = yyvsp[1-yym];
-    switch (yyn)
-    {
-case 1:
-#line 84 "installparse.y"
-{
-	Pk11Install_valueList = yyvsp[0].list;
-}
-break;
-case 2:
-#line 89 "installparse.y"
-{ 
-	Pk11Install_ValueList_AddItem(yyvsp[0].list,yyvsp[-1].value);
-	yyval .list = yyvsp[0].list; 
-}
-break;
-case 3:
-#line 94 "installparse.y"
-{ 
-	yyval .list = Pk11Install_ValueList_new(); 
-}
-break;
-case 4:
-#line 99 "installparse.y"
-{
-	yyval .value= Pk11Install_Value_new(PAIR_VALUE,yyvsp[0]);
-}
-break;
-case 5:
-#line 103 "installparse.y"
-{
-	yyval .value= Pk11Install_Value_new(STRING_VALUE, yyvsp[0]);
-}
-break;
-case 6:
-#line 108 "installparse.y"
-{
-	yyval .pair = Pk11Install_Pair_new(yyvsp[-3].string,yyvsp[-1].list);
-}
-break;
-case 7:
-#line 113 "installparse.y"
-{
-	yyval .string = yyvsp[0].string;
-}
-break;
-#line 374 "ytab.c"
-    }
-    yyssp -= yym;
-    yystate = *yyssp;
-    yyvsp -= yym;
-    yym = yylhs[yyn];
-    if (yystate == 0 && yym == 0)
-    {
-#ifdef YYDEBUG
-        if (yydebug)
-            printf("yydebug: after reduction, shifting from state 0 to\
- state %d\n", YYFINAL);
-#endif
-        yystate = YYFINAL;
-        *++yyssp = YYFINAL;
-        *++yyvsp = yyval;
-        if (yychar < 0)
-        {
-            if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
-            if (yydebug)
-            {
-                yys = 0;
-                if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
-                if (!yys) yys = "illegal-symbol";
-                printf("yydebug: state %d, reading %d (%s)\n",
-                        YYFINAL, yychar, yys);
-            }
-#endif
-        }
-        if (yychar == 0) goto yyaccept;
-        goto yyloop;
-    }
-    if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
-            yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
-        yystate = yytable[yyn];
-    else
-        yystate = yydgoto[yym];
-#ifdef YYDEBUG
-    if (yydebug)
-        printf("yydebug: after reduction, shifting from state %d \
-to state %d\n", *yyssp, yystate);
-#endif
-    if (yyssp >= yyss + yystacksize - 1)
-    {
-        goto yyoverflow;
-    }
-    *++yyssp = yystate;
-    *++yyvsp = yyval;
-    goto yyloop;
-yyoverflow:
-    yyerror("yacc stack overflow");
-yyabort:
-    return (1);
-yyaccept:
-    return (0);
-}
diff --git a/security/nss/cmd/modutil/installparse.h b/security/nss/cmd/modutil/installparse.h
deleted file mode 100644
index 75686d4fd..000000000
--- a/security/nss/cmd/modutil/installparse.h
+++ /dev/null
@@ -1,3 +0,0 @@
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
diff --git a/security/nss/cmd/modutil/installparse.l b/security/nss/cmd/modutil/installparse.l
deleted file mode 100644
index 6befe16cb..000000000
--- a/security/nss/cmd/modutil/installparse.l
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/* lex file for analyzing PKCS #11 Module installation instructions */
-
-/*----------------------------- Definitions ---------------------------*/
-%{
-#include <string.h>
-
-#include "install-ds.h"		/* defines tokens and data structures */
-#include "installparse.h"	/* produced by yacc -d */
-#include <prprf.h>
-static char *putSimpleString(char*);	/* return copy of string */
-static char *putComplexString(char*);	/* strip out quotes, deal with */
-											/* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
-	if ( yy_current_buffer->yy_is_interactive ) { \
-		char c; \
-		int n; \
-		for ( n = 0; n < max_size && \
-		  PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
-			buf[n] = c; \
-		} \
-        if ( c == '\n' ) { \
-            buf[n++] = c; \
-		} \
-        result = n; \
-	} else { \
-		result = PR_Read(Pk11Install_FD, buf, max_size); \
-	}
-
-%}
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-simple_string		[^ \t\r\n\""{""}"]+
-
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
-   backslashes must be backslash-escaped. No newlines or carriage returns
-   are allowed inside the quotes. Otherwise, anything goes. */
-complex_string		\"([^\"\\\r\n]|(\\\")|(\\\\))+\"
-
-/* Standard whitespace */
-whitespace			[ \t\r]+
-
-other				.
-
-/*---------------------------- Actions --------------------------------*/
-%%
-
-"{"					return OPENBRACE;
-"}"					return CLOSEBRACE;
-{simple_string}		{Pk11Install_yylval.string =
-						putSimpleString(Pk11Install_yytext);
-						return STRING;}
-{complex_string}	{Pk11Install_yylval.string =
-						putComplexString(Pk11Install_yytext);
-						return STRING;}
-
-"\n"				Pk11Install_yylinenum++;
-
-{whitespace}		;
-
-{other}				{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
-						Pk11Install_yyerror(err);
-						PR_smprintf_free(err);
-						return 1;
-					}
-
-%%
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
-	char *tmp = (char*) PR_Malloc(strlen(str)+1);
-	strcpy(tmp, str);
-	return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
-   This function assumes that what is passed in is actually a complex
-   string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
-	int size, i,j;
-	char *tmp;
-
-	if(!str) {
-		return NULL;
-	}
-	size = strlen(str);
-
-	/* Allocate the new space.  This string will actually be too big, 
-		since quotes and backslashes will be stripped out.  But that's ok. */
-	tmp = (char*) PR_Malloc(size+1);
-
-	/* Copy it over */
-	for(i=0, j=0; i < size; i++) {
-		if(str[i]=='\"') {
-			continue;  /* skip un-escaped quotes */
-		} else if(str[i]=='\\') {
-			++i;       /* escaped character. skip the backslash */
-		}
-		tmp[j++] = str[i];
-	}
-	tmp[j] = '\0';
-
-	return tmp;
-}
diff --git a/security/nss/cmd/modutil/installparse.y b/security/nss/cmd/modutil/installparse.y
deleted file mode 100644
index 6a32e25ab..000000000
--- a/security/nss/cmd/modutil/installparse.y
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* yacc file for parsing PKCS #11 module installation instructions */
-/*------------------------ Definition Section ---------------------------*/
-
-%{ 
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include <prprf.h>
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-%}
-
-/* Tokens */
-%token OPENBRACE
-%token CLOSEBRACE
-%token STRING
-%start toplist
-
-%%
-
-/*--------------------------- Productions -------------------------------*/
-
-toplist		: valuelist	
-{
-	Pk11Install_valueList = $1.list;
-}
-
-valuelist	: value valuelist
-{ 
-	Pk11Install_ValueList_AddItem($2.list,$1.value);
-	$$.list = $2.list; 
-}
-|
-{ 
-	$$.list = Pk11Install_ValueList_new(); 
-};
-
-value		: key_value_pair
-{
-	$$.value= Pk11Install_Value_new(PAIR_VALUE,$1);
-}
-| STRING
-{
-	$$.value= Pk11Install_Value_new(STRING_VALUE, $1);
-};
-
-key_value_pair	: key OPENBRACE valuelist CLOSEBRACE 
-{
-	$$.pair = Pk11Install_Pair_new($1.string,$3.list);
-};
-
-key			: STRING
-{
-	$$.string = $1.string;
-};
-
-%%
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
-	char *tmp;
-	if(Pk11Install_yyerrstr) {
-		tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
-			Pk11Install_yylinenum, message);
-		PR_smprintf_free(Pk11Install_yyerrstr);
-	} else {
-		tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
-	}
-	Pk11Install_yyerrstr=tmp;
-}
diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c
deleted file mode 100644
index e6eaa384b..000000000
--- a/security/nss/cmd/modutil/instsec.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <plarena.h>
-#include <prio.h>
-#include <prprf.h>
-#include <seccomon.h>
-#include <secmod.h>
-#include <jar.h>
-#include <secutil.h>
-
-/* These are installation functions that make calls to the security library.
- * We don't want to include security include files in the C++ code too much.
- */
-
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-
-/***************************************************************************
- *
- * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
- */
-int
-Pk11Install_AddNewModule(char* moduleName, char* dllPath,
-                              unsigned long defaultMechanismFlags,
-                              unsigned long cipherEnableFlags)
-{
-	return (SECMOD_AddNewModule(moduleName, dllPath,
-		SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
-		SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
-													== SECSuccess) ? 0 : -1;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
- *
- * Gives the user feedback on the signatures of a JAR files, asks them
- * whether they actually want to continue.
- * Assumes the jar structure has already been created and is valid.
- * Returns 0 if the user wants to continue the installation, nonzero
- * if the user wishes to abort.
- */
-short
-Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
-{
-	JAR_Context *ctx;
-	JAR_Cert *fing;
-	JAR_Item *item;
-	char stdinbuf[80];
-	int count=0;
-
-	CERTCertificate *cert, *prev=NULL;
-
-	PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
-
-	ctx = JAR_find(jar, NULL, jarTypeSign);
-
-	while(JAR_find_next(ctx, &item) >= 0 ) {
-		fing = (JAR_Cert*) item->data;
-		cert = fing->cert;
-		if(cert==prev) {
-			continue;
-		}
-
-		count++;
-		PR_fprintf(out, "----------------------------------------------\n");
-		if(cert) {
-			if(cert->nickname) {
-				PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
-			}
-			if(cert->subjectName) {
-				PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); }
-			if(cert->issuerName) {
-				PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
-			}
-		} else {
-			PR_fprintf(out, "No matching certificate could be found.\n");
-		}
-		PR_fprintf(out, "----------------------------------------------\n\n");
-
-		prev=cert;
-	}
-
-	JAR_find_end(ctx);
-
-	if(count==0) {
-		PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
-	}
-
-	if(query) {
-		PR_fprintf(out,
-"Do you wish to continue this installation? (y/n) ");
-
-		if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
-			char *response;
-
-			if( (response=strtok(stdinbuf, " \t\n\r")) ) {
-				if( !PL_strcasecmp(response, "y") ||
-					!PL_strcasecmp(response, "yes") ) {
-					return 0;
-				}
-			}
-		}
-	}
-
-	return 1;
-}
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
-    int i;
-    int status;
-    char c;
-
-    i=0;
-    while(i < size-1) {
-        status = PR_Read(file, (void*) &c, 1);
-        if(status==-1) {
-            return NULL;
-        } else if(status==0) {
-            break;
-        }
-        buf[i++] = c;
-        if(c=='\n') {
-            break;
-        }
-    }
-    buf[i]='\0';
-
-    return buf;
-}
-
-/**************************************************************************
- *
- * m y S E C U _ E r r o r S t r i n g
- *
- */
-const char* mySECU_ErrorString(int16 errnum)
-{
-	return SECU_Strerror(errnum);
-}
diff --git a/security/nss/cmd/modutil/lex.Pk11Install_yy.c b/security/nss/cmd/modutil/lex.Pk11Install_yy.c
deleted file mode 100644
index 3943503db..000000000
--- a/security/nss/cmd/modutil/lex.Pk11Install_yy.c
+++ /dev/null
@@ -1,1691 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define yy_create_buffer Pk11Install_yy_create_buffer
-#define yy_delete_buffer Pk11Install_yy_delete_buffer
-#define yy_scan_buffer Pk11Install_yy_scan_buffer
-#define yy_scan_string Pk11Install_yy_scan_string
-#define yy_scan_bytes Pk11Install_yy_scan_bytes
-#define yy_flex_debug Pk11Install_yy_flex_debug
-#define yy_init_buffer Pk11Install_yy_init_buffer
-#define yy_flush_buffer Pk11Install_yy_flush_buffer
-#define yy_load_buffer_state Pk11Install_yy_load_buffer_state
-#define yy_switch_to_buffer Pk11Install_yy_switch_to_buffer
-#define yyin Pk11Install_yyin
-#define yyleng Pk11Install_yyleng
-#define yylex Pk11Install_yylex
-#define yyout Pk11Install_yyout
-#define yyrestart Pk11Install_yyrestart
-#define yytext Pk11Install_yytext
-#define yywrap Pk11Install_yywrap
-
-#line 20 "lex.Pk11Install_yy.c"
-/* A lexical scanner generated by flex */
-
-/* Scanner skeleton version:
- * $Header$
- */
-
-#define FLEX_SCANNER
-#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-
-#include <stdio.h>
-
-
-/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */
-#ifdef c_plusplus
-#ifndef __cplusplus
-#define __cplusplus
-#endif
-#endif
-
-
-#ifdef __cplusplus
-
-#include <stdlib.h>
-//#include <unistd.h>
-
-/* Use prototypes in function declarations. */
-#define YY_USE_PROTOS
-
-/* The "const" storage-class-modifier is valid. */
-#define YY_USE_CONST
-
-#else	/* ! __cplusplus */
-
-#if __STDC__
-
-#define YY_USE_PROTOS
-#define YY_USE_CONST
-
-#endif	/* __STDC__ */
-#endif	/* ! __cplusplus */
-
-#ifdef __TURBOC__
- #pragma warn -rch
- #pragma warn -use
-#include <io.h>
-#include <stdlib.h>
-#define YY_USE_CONST
-#define YY_USE_PROTOS
-#endif
-
-#ifdef YY_USE_CONST
-#define yyconst const
-#else
-#define yyconst
-#endif
-
-
-#ifdef YY_USE_PROTOS
-#define YY_PROTO(proto) proto
-#else
-#define YY_PROTO(proto) ()
-#endif
-
-/* Returned upon end-of-file. */
-#define YY_NULL 0
-
-/* Promotes a possibly negative, possibly signed char to an unsigned
- * integer for use as an array index.  If the signed char is negative,
- * we want to instead treat it as an 8-bit unsigned char, hence the
- * double cast.
- */
-#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
-
-/* Enter a start condition.  This macro really ought to take a parameter,
- * but we do it the disgusting crufty way forced on us by the ()-less
- * definition of BEGIN.
- */
-#define BEGIN yy_start = 1 + 2 *
-
-/* Translate the current start state into a value that can be later handed
- * to BEGIN to return to the state.  The YYSTATE alias is for lex
- * compatibility.
- */
-#define YY_START ((yy_start - 1) / 2)
-#define YYSTATE YY_START
-
-/* Action number for EOF rule of a given start state. */
-#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
-
-/* Special action meaning "start processing a new file". */
-#define YY_NEW_FILE yyrestart( yyin )
-
-#define YY_END_OF_BUFFER_CHAR 0
-
-/* Size of default input buffer. */
-#define YY_BUF_SIZE 16384
-
-typedef struct yy_buffer_state *YY_BUFFER_STATE;
-
-extern int yyleng;
-extern FILE *yyin, *yyout;
-
-#define EOB_ACT_CONTINUE_SCAN 0
-#define EOB_ACT_END_OF_FILE 1
-#define EOB_ACT_LAST_MATCH 2
-
-/* The funky do-while in the following #define is used to turn the definition
- * int a single C statement (which needs a semi-colon terminator).  This
- * avoids problems with code like:
- *
- * 	if ( condition_holds )
- *		yyless( 5 );
- *	else
- *		do_something_else();
- *
- * Prior to using the do-while the compiler would get upset at the
- * "else" because it interpreted the "if" statement as being all
- * done when it reached the ';' after the yyless() call.
- */
-
-/* Return all but the first 'n' matched characters back to the input stream. */
-
-#define yyless(n) \
-	do \
-		{ \
-		/* Undo effects of setting up yytext. */ \
-		*yy_cp = yy_hold_char; \
-		YY_RESTORE_YY_MORE_OFFSET \
-		yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
-		YY_DO_BEFORE_ACTION; /* set up yytext again */ \
-		} \
-	while ( 0 )
-
-#define unput(c) yyunput( c, yytext_ptr )
-
-/* The following is because we cannot portably get our hands on size_t
- * (without autoconf's help, which isn't available because we want
- * flex-generated scanners to compile on their own).
- */
-typedef unsigned int yy_size_t;
-
-
-struct yy_buffer_state
-	{
-	FILE *yy_input_file;
-
-	char *yy_ch_buf;		/* input buffer */
-	char *yy_buf_pos;		/* current position in input buffer */
-
-	/* Size of input buffer in bytes, not including room for EOB
-	 * characters.
-	 */
-	yy_size_t yy_buf_size;
-
-	/* Number of characters read into yy_ch_buf, not including EOB
-	 * characters.
-	 */
-	int yy_n_chars;
-
-	/* Whether we "own" the buffer - i.e., we know we created it,
-	 * and can realloc() it to grow it, and should free() it to
-	 * delete it.
-	 */
-	int yy_is_our_buffer;
-
-	/* Whether this is an "interactive" input source; if so, and
-	 * if we're using stdio for input, then we want to use getc()
-	 * instead of fread(), to make sure we stop fetching input after
-	 * each newline.
-	 */
-	int yy_is_interactive;
-
-	/* Whether we're considered to be at the beginning of a line.
-	 * If so, '^' rules will be active on the next match, otherwise
-	 * not.
-	 */
-	int yy_at_bol;
-
-	/* Whether to try to fill the input buffer when we reach the
-	 * end of it.
-	 */
-	int yy_fill_buffer;
-
-	int yy_buffer_status;
-#define YY_BUFFER_NEW 0
-#define YY_BUFFER_NORMAL 1
-	/* When an EOF's been seen but there's still some text to process
-	 * then we mark the buffer as YY_EOF_PENDING, to indicate that we
-	 * shouldn't try reading from the input source any more.  We might
-	 * still have a bunch of tokens to match, though, because of
-	 * possible backing-up.
-	 *
-	 * When we actually see the EOF, we change the status to "new"
-	 * (via yyrestart()), so that the user can continue scanning by
-	 * just pointing yyin at a new input file.
-	 */
-#define YY_BUFFER_EOF_PENDING 2
-	};
-
-static YY_BUFFER_STATE yy_current_buffer = 0;
-
-/* We provide macros for accessing buffer states in case in the
- * future we want to put the buffer states in a more general
- * "scanner state".
- */
-#define YY_CURRENT_BUFFER yy_current_buffer
-
-
-/* yy_hold_char holds the character lost when yytext is formed. */
-static char yy_hold_char;
-
-static int yy_n_chars;		/* number of characters read into yy_ch_buf */
-
-
-int yyleng;
-
-/* Points to current character in buffer. */
-static char *yy_c_buf_p = (char *) 0;
-static int yy_init = 1;		/* whether we need to initialize */
-static int yy_start = 0;	/* start state number */
-
-/* Flag which is used to allow yywrap()'s to do buffer switches
- * instead of setting up a fresh yyin.  A bit of a hack ...
- */
-static int yy_did_buffer_switch_on_eof;
-
-void yyrestart YY_PROTO(( FILE *input_file ));
-
-void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer ));
-void yy_load_buffer_state YY_PROTO(( void ));
-YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size ));
-void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file ));
-void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
-
-YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size ));
-YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str ));
-YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len ));
-
-static void *yy_flex_alloc YY_PROTO(( yy_size_t ));
-static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t ));
-static void yy_flex_free YY_PROTO(( void * ));
-
-#define yy_new_buffer yy_create_buffer
-
-#define yy_set_interactive(is_interactive) \
-	{ \
-	if ( ! yy_current_buffer ) \
-		yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
-	yy_current_buffer->yy_is_interactive = is_interactive; \
-	}
-
-#define yy_set_bol(at_bol) \
-	{ \
-	if ( ! yy_current_buffer ) \
-		yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
-	yy_current_buffer->yy_at_bol = at_bol; \
-	}
-
-#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
-
-typedef unsigned char YY_CHAR;
-FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
-typedef int yy_state_type;
-extern char *yytext;
-#define yytext_ptr yytext
-
-static yy_state_type yy_get_previous_state YY_PROTO(( void ));
-static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state ));
-static int yy_get_next_buffer YY_PROTO(( void ));
-static void yy_fatal_error YY_PROTO(( yyconst char msg[] ));
-
-/* Done after the current pattern has been matched and before the
- * corresponding action - sets up yytext.
- */
-#define YY_DO_BEFORE_ACTION \
-	yytext_ptr = yy_bp; \
-	yyleng = (int) (yy_cp - yy_bp); \
-	yy_hold_char = *yy_cp; \
-	*yy_cp = '\0'; \
-	yy_c_buf_p = yy_cp;
-
-#define YY_NUM_RULES 8
-#define YY_END_OF_BUFFER 9
-static yyconst short int yy_accept[16] =
-    {   0,
-        0,    0,    9,    3,    6,    5,    7,    1,    2,    3,
-        6,    0,    0,    4,    0
-    } ;
-
-static yyconst int yy_ec[256] =
-    {   0,
-        1,    1,    1,    1,    1,    1,    1,    1,    2,    3,
-        1,    1,    4,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    2,    1,    5,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    6,    1,    1,    1,    1,    1,    1,    1,    1,
-
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    7,    1,    8,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1,    1,    1,    1,    1,    1,
-        1,    1,    1,    1,    1
-    } ;
-
-static yyconst int yy_meta[9] =
-    {   0,
-        1,    2,    3,    4,    3,    1,    5,    5
-    } ;
-
-static yyconst short int yy_base[19] =
-    {   0,
-        0,    0,   19,    0,    0,   21,   12,   21,   21,    0,
-        0,    4,    6,   21,   21,   13,   11,   15
-    } ;
-
-static yyconst short int yy_def[19] =
-    {   0,
-       15,    1,   15,   16,   17,   15,   18,   15,   15,   16,
-       17,   18,   15,   15,    0,   15,   15,   15
-    } ;
-
-static yyconst short int yy_nxt[30] =
-    {   0,
-        4,    5,    6,    5,    7,    4,    8,    9,   14,   13,
-       12,   12,   11,   10,   11,   12,   12,   13,   15,   12,
-        3,   15,   15,   15,   15,   15,   15,   15,   15
-    } ;
-
-static yyconst short int yy_chk[30] =
-    {   0,
-        1,    1,    1,    1,    1,    1,    1,    1,   12,   12,
-       13,   13,   17,   16,   17,   18,   18,    7,    3,   18,
-       15,   15,   15,   15,   15,   15,   15,   15,   15
-    } ;
-
-static yy_state_type yy_last_accepting_state;
-static char *yy_last_accepting_cpos;
-
-/* The intent behind this definition is that it'll catch
- * any uses of REJECT which flex missed.
- */
-#define REJECT reject_used_but_not_detected
-#define yymore() yymore_used_but_not_detected
-#define YY_MORE_ADJ 0
-#define YY_RESTORE_YY_MORE_OFFSET
-char *yytext;
-#line 1 "installparse.l"
-#define INITIAL 0
-/* lex file for analyzing PKCS #11 Module installation instructions */
-/*----------------------------- Definitions ---------------------------*/
-#line 5 "installparse.l"
-#include <string.h>
-
-#include "install-ds.h"		/* defines tokens and data structures */
-#include "installparse.h"	/* produced by yacc -d */
-#include <prprf.h>
-static char *putSimpleString(char*);	/* return copy of string */
-static char *putComplexString(char*);	/* strip out quotes, deal with */
-											/* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
-	if ( yy_current_buffer->yy_is_interactive ) { \
-		char c; \
-		int n; \
-		for ( n = 0; n < max_size && \
-		  PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
-			buf[n] = c; \
-		} \
-        if ( c == '\n' ) { \
-            buf[n++] = c; \
-		} \
-        result = n; \
-	} else { \
-		result = PR_Read(Pk11Install_FD, buf, max_size); \
-	}
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
-   backslashes must be backslash-escaped. Otherwise, anything goes. */
-/* Standard whitespace */
-/*---------------------------- Actions --------------------------------*/
-#line 437 "lex.Pk11Install_yy.cpp"
-
-/* Macros after this point can all be overridden by user definitions in
- * section 1.
- */
-
-#ifndef YY_SKIP_YYWRAP
-#ifdef __cplusplus
-extern "C" int yywrap YY_PROTO(( void ));
-#else
-extern int yywrap YY_PROTO(( void ));
-#endif
-#endif
-
-#ifndef YY_NO_UNPUT
-static void yyunput YY_PROTO(( int c, char *buf_ptr ));
-#endif
-
-#ifndef yytext_ptr
-static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int ));
-#endif
-
-#ifdef YY_NEED_STRLEN
-static int yy_flex_strlen YY_PROTO(( yyconst char * ));
-#endif
-
-#ifndef YY_NO_INPUT
-#ifdef __cplusplus
-static int yyinput YY_PROTO(( void ));
-#else
-static int input YY_PROTO(( void ));
-#endif
-#endif
-
-#if YY_STACK_USED
-static int yy_start_stack_ptr = 0;
-static int yy_start_stack_depth = 0;
-static int *yy_start_stack = 0;
-#ifndef YY_NO_PUSH_STATE
-static void yy_push_state YY_PROTO(( int new_state ));
-#endif
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state YY_PROTO(( void ));
-#endif
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state YY_PROTO(( void ));
-#endif
-
-#else
-#define YY_NO_PUSH_STATE 1
-#define YY_NO_POP_STATE 1
-#define YY_NO_TOP_STATE 1
-#endif
-
-#ifdef YY_MALLOC_DECL
-YY_MALLOC_DECL
-#else
-#if __STDC__
-#ifndef __cplusplus
-#include <stdlib.h>
-#endif
-#else
-/* Just try to get by without declaring the routines.  This will fail
- * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
- * or sizeof(void*) != sizeof(int).
- */
-#endif
-#endif
-
-/* Amount of stuff to slurp up with each read. */
-#ifndef YY_READ_BUF_SIZE
-#define YY_READ_BUF_SIZE 8192
-#endif
-
-/* Copy whatever the last rule matched to the standard output. */
-
-#ifndef ECHO
-/* This used to be an fputs(), but since the string might contain NUL's,
- * we now use fwrite().
- */
-#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
-#endif
-
-/* Gets input and stuffs it into "buf".  number of characters read, or YY_NULL,
- * is returned in "result".
- */
-#ifndef YY_INPUT
-#define YY_INPUT(buf,result,max_size) \
-	if ( yy_current_buffer->yy_is_interactive ) \
-		{ \
-		int c = '*', n; \
-		for ( n = 0; n < max_size && \
-			     (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
-			buf[n] = (char) c; \
-		if ( c == '\n' ) \
-			buf[n++] = (char) c; \
-		if ( c == EOF && ferror( yyin ) ) \
-			YY_FATAL_ERROR( "input in flex scanner failed" ); \
-		result = n; \
-		} \
-	else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
-		  && ferror( yyin ) ) \
-		YY_FATAL_ERROR( "input in flex scanner failed" );
-#endif
-
-/* No semi-colon after return; correct usage is to write "yyterminate();" -
- * we don't want an extra ';' after the "return" because that will cause
- * some compilers to complain about unreachable statements.
- */
-#ifndef yyterminate
-#define yyterminate() return YY_NULL
-#endif
-
-/* Number of entries by which start-condition stack grows. */
-#ifndef YY_START_STACK_INCR
-#define YY_START_STACK_INCR 25
-#endif
-
-/* Report a fatal error. */
-#ifndef YY_FATAL_ERROR
-#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
-#endif
-
-/* Default declaration of generated scanner - a define so the user can
- * easily add parameters.
- */
-#ifndef YY_DECL
-#define YY_DECL int yylex YY_PROTO(( void ))
-#endif
-
-/* Code executed at the beginning of each rule, after yytext and yyleng
- * have been set up.
- */
-#ifndef YY_USER_ACTION
-#define YY_USER_ACTION
-#endif
-
-/* Code executed at the end of each rule. */
-#ifndef YY_BREAK
-#define YY_BREAK break;
-#endif
-
-#define YY_RULE_SETUP \
-	YY_USER_ACTION
-
-YY_DECL
-	{
-	register yy_state_type yy_current_state;
-	register char *yy_cp, *yy_bp;
-	register int yy_act;
-
-#line 60 "installparse.l"
-
-
-#line 591 "lex.Pk11Install_yy.cpp"
-
-	if ( yy_init )
-		{
-		yy_init = 0;
-
-#ifdef YY_USER_INIT
-		YY_USER_INIT;
-#endif
-
-		if ( ! yy_start )
-			yy_start = 1;	/* first start state */
-
-		if ( ! yyin )
-			yyin = stdin;
-
-		if ( ! yyout )
-			yyout = stdout;
-
-		if ( ! yy_current_buffer )
-			yy_current_buffer =
-				yy_create_buffer( yyin, YY_BUF_SIZE );
-
-		yy_load_buffer_state();
-		}
-
-	while ( 1 )		/* loops until end-of-file is reached */
-		{
-		yy_cp = yy_c_buf_p;
-
-		/* Support of yytext. */
-		*yy_cp = yy_hold_char;
-
-		/* yy_bp points to the position in yy_ch_buf of the start of
-		 * the current run.
-		 */
-		yy_bp = yy_cp;
-
-		yy_current_state = yy_start;
-yy_match:
-		do
-			{
-			register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
-			if ( yy_accept[yy_current_state] )
-				{
-				yy_last_accepting_state = yy_current_state;
-				yy_last_accepting_cpos = yy_cp;
-				}
-			while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
-				{
-				yy_current_state = (int) yy_def[yy_current_state];
-				if ( yy_current_state >= 16 )
-					yy_c = yy_meta[(unsigned int) yy_c];
-				}
-			yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
-			++yy_cp;
-			}
-		while ( yy_base[yy_current_state] != 21 );
-
-yy_find_action:
-		yy_act = yy_accept[yy_current_state];
-		if ( yy_act == 0 )
-			{ /* have to back up */
-			yy_cp = yy_last_accepting_cpos;
-			yy_current_state = yy_last_accepting_state;
-			yy_act = yy_accept[yy_current_state];
-			}
-
-		YY_DO_BEFORE_ACTION;
-
-
-do_action:	/* This label is used only to access EOF actions. */
-
-
-		switch ( yy_act )
-	{ /* beginning of action switch */
-			case 0: /* must back up */
-			/* undo the effects of YY_DO_BEFORE_ACTION */
-			*yy_cp = yy_hold_char;
-			yy_cp = yy_last_accepting_cpos;
-			yy_current_state = yy_last_accepting_state;
-			goto yy_find_action;
-
-case 1:
-YY_RULE_SETUP
-#line 62 "installparse.l"
-return OPENBRACE;
-	YY_BREAK
-case 2:
-YY_RULE_SETUP
-#line 63 "installparse.l"
-return CLOSEBRACE;
-	YY_BREAK
-case 3:
-YY_RULE_SETUP
-#line 64 "installparse.l"
-{Pk11Install_yylval.string =
-						putSimpleString(Pk11Install_yytext);
-						return STRING;}
-	YY_BREAK
-case 4:
-YY_RULE_SETUP
-#line 67 "installparse.l"
-{Pk11Install_yylval.string =
-						putComplexString(Pk11Install_yytext);
-						return STRING;}
-	YY_BREAK
-case 5:
-YY_RULE_SETUP
-#line 71 "installparse.l"
-Pk11Install_yylinenum++;
-	YY_BREAK
-case 6:
-YY_RULE_SETUP
-#line 73 "installparse.l"
-;
-	YY_BREAK
-case 7:
-YY_RULE_SETUP
-#line 75 "installparse.l"
-{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
-						Pk11Install_yyerror(err);
-						PR_smprintf_free(err);
-						return 1;
-					}
-	YY_BREAK
-case 8:
-YY_RULE_SETUP
-#line 81 "installparse.l"
-ECHO;
-	YY_BREAK
-#line 722 "lex.Pk11Install_yy.cpp"
-case YY_STATE_EOF(INITIAL):
-	yyterminate();
-
-	case YY_END_OF_BUFFER:
-		{
-		/* Amount of text matched not including the EOB char. */
-		int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1;
-
-		/* Undo the effects of YY_DO_BEFORE_ACTION. */
-		*yy_cp = yy_hold_char;
-		YY_RESTORE_YY_MORE_OFFSET
-
-		if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW )
-			{
-			/* We're scanning a new file or input source.  It's
-			 * possible that this happened because the user
-			 * just pointed yyin at a new source and called
-			 * yylex().  If so, then we have to assure
-			 * consistency between yy_current_buffer and our
-			 * globals.  Here is the right place to do so, because
-			 * this is the first action (other than possibly a
-			 * back-up) that will match for the new input source.
-			 */
-			yy_n_chars = yy_current_buffer->yy_n_chars;
-			yy_current_buffer->yy_input_file = yyin;
-			yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
-			}
-
-		/* Note that here we test for yy_c_buf_p "<=" to the position
-		 * of the first EOB in the buffer, since yy_c_buf_p will
-		 * already have been incremented past the NUL character
-		 * (since all states make transitions on EOB to the
-		 * end-of-buffer state).  Contrast this with the test
-		 * in input().
-		 */
-		if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] )
-			{ /* This was really a NUL. */
-			yy_state_type yy_next_state;
-
-			yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
-
-			yy_current_state = yy_get_previous_state();
-
-			/* Okay, we're now positioned to make the NUL
-			 * transition.  We couldn't have
-			 * yy_get_previous_state() go ahead and do it
-			 * for us because it doesn't know how to deal
-			 * with the possibility of jamming (and we don't
-			 * want to build jamming into it because then it
-			 * will run more slowly).
-			 */
-
-			yy_next_state = yy_try_NUL_trans( yy_current_state );
-
-			yy_bp = yytext_ptr + YY_MORE_ADJ;
-
-			if ( yy_next_state )
-				{
-				/* Consume the NUL. */
-				yy_cp = ++yy_c_buf_p;
-				yy_current_state = yy_next_state;
-				goto yy_match;
-				}
-
-			else
-				{
-				yy_cp = yy_c_buf_p;
-				goto yy_find_action;
-				}
-			}
-
-		else switch ( yy_get_next_buffer() )
-			{
-			case EOB_ACT_END_OF_FILE:
-				{
-				yy_did_buffer_switch_on_eof = 0;
-
-				if ( yywrap() )
-					{
-					/* Note: because we've taken care in
-					 * yy_get_next_buffer() to have set up
-					 * yytext, we can now set up
-					 * yy_c_buf_p so that if some total
-					 * hoser (like flex itself) wants to
-					 * call the scanner after we return the
-					 * YY_NULL, it'll still work - another
-					 * YY_NULL will get returned.
-					 */
-					yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
-
-					yy_act = YY_STATE_EOF(YY_START);
-					goto do_action;
-					}
-
-				else
-					{
-					if ( ! yy_did_buffer_switch_on_eof )
-						YY_NEW_FILE;
-					}
-				break;
-				}
-
-			case EOB_ACT_CONTINUE_SCAN:
-				yy_c_buf_p =
-					yytext_ptr + yy_amount_of_matched_text;
-
-				yy_current_state = yy_get_previous_state();
-
-				yy_cp = yy_c_buf_p;
-				yy_bp = yytext_ptr + YY_MORE_ADJ;
-				goto yy_match;
-
-			case EOB_ACT_LAST_MATCH:
-				yy_c_buf_p =
-				&yy_current_buffer->yy_ch_buf[yy_n_chars];
-
-				yy_current_state = yy_get_previous_state();
-
-				yy_cp = yy_c_buf_p;
-				yy_bp = yytext_ptr + YY_MORE_ADJ;
-				goto yy_find_action;
-			}
-		break;
-		}
-
-	default:
-		YY_FATAL_ERROR(
-			"fatal flex scanner internal error--no action found" );
-	} /* end of action switch */
-		} /* end of scanning one token */
-	} /* end of yylex */
-
-
-/* yy_get_next_buffer - try to read in a new buffer
- *
- * Returns a code representing an action:
- *	EOB_ACT_LAST_MATCH -
- *	EOB_ACT_CONTINUE_SCAN - continue scanning from current position
- *	EOB_ACT_END_OF_FILE - end of file
- */
-
-static int yy_get_next_buffer()
-	{
-	register char *dest = yy_current_buffer->yy_ch_buf;
-	register char *source = yytext_ptr;
-	register int number_to_move, i;
-	int ret_val;
-
-	if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] )
-		YY_FATAL_ERROR(
-		"fatal flex scanner internal error--end of buffer missed" );
-
-	if ( yy_current_buffer->yy_fill_buffer == 0 )
-		{ /* Don't try to fill the buffer, so this is an EOF. */
-		if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 )
-			{
-			/* We matched a single character, the EOB, so
-			 * treat this as a final EOF.
-			 */
-			return EOB_ACT_END_OF_FILE;
-			}
-
-		else
-			{
-			/* We matched some text prior to the EOB, first
-			 * process it.
-			 */
-			return EOB_ACT_LAST_MATCH;
-			}
-		}
-
-	/* Try to read more data. */
-
-	/* First move last chars to start of buffer. */
-	number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
-
-	for ( i = 0; i < number_to_move; ++i )
-		*(dest++) = *(source++);
-
-	if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING )
-		/* don't do the read, it's not guaranteed to return an EOF,
-		 * just force an EOF
-		 */
-		yy_current_buffer->yy_n_chars = yy_n_chars = 0;
-
-	else
-		{
-		int num_to_read =
-			yy_current_buffer->yy_buf_size - number_to_move - 1;
-
-		while ( num_to_read <= 0 )
-			{ /* Not enough room in the buffer - grow it. */
-#ifdef YY_USES_REJECT
-			YY_FATAL_ERROR(
-"input buffer overflow, can't enlarge buffer because scanner uses REJECT" );
-#else
-
-			/* just a shorter name for the current buffer */
-			YY_BUFFER_STATE b = yy_current_buffer;
-
-			int yy_c_buf_p_offset =
-				(int) (yy_c_buf_p - b->yy_ch_buf);
-
-			if ( b->yy_is_our_buffer )
-				{
-				int new_size = b->yy_buf_size * 2;
-
-				if ( new_size <= 0 )
-					b->yy_buf_size += b->yy_buf_size / 8;
-				else
-					b->yy_buf_size *= 2;
-
-				b->yy_ch_buf = (char *)
-					/* Include room in for 2 EOB chars. */
-					yy_flex_realloc( (void *) b->yy_ch_buf,
-							 b->yy_buf_size + 2 );
-				}
-			else
-				/* Can't grow it, we don't own it. */
-				b->yy_ch_buf = 0;
-
-			if ( ! b->yy_ch_buf )
-				YY_FATAL_ERROR(
-				"fatal error - scanner input buffer overflow" );
-
-			yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
-
-			num_to_read = yy_current_buffer->yy_buf_size -
-						number_to_move - 1;
-#endif
-			}
-
-		if ( num_to_read > YY_READ_BUF_SIZE )
-			num_to_read = YY_READ_BUF_SIZE;
-
-		/* Read in more data. */
-		YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]),
-			yy_n_chars, num_to_read );
-
-		yy_current_buffer->yy_n_chars = yy_n_chars;
-		}
-
-	if ( yy_n_chars == 0 )
-		{
-		if ( number_to_move == YY_MORE_ADJ )
-			{
-			ret_val = EOB_ACT_END_OF_FILE;
-			yyrestart( yyin );
-			}
-
-		else
-			{
-			ret_val = EOB_ACT_LAST_MATCH;
-			yy_current_buffer->yy_buffer_status =
-				YY_BUFFER_EOF_PENDING;
-			}
-		}
-
-	else
-		ret_val = EOB_ACT_CONTINUE_SCAN;
-
-	yy_n_chars += number_to_move;
-	yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
-	yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
-
-	yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
-
-	return ret_val;
-	}
-
-
-/* yy_get_previous_state - get the state just before the EOB char was reached */
-
-static yy_state_type yy_get_previous_state()
-	{
-	register yy_state_type yy_current_state;
-	register char *yy_cp;
-
-	yy_current_state = yy_start;
-
-	for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp )
-		{
-		register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
-		if ( yy_accept[yy_current_state] )
-			{
-			yy_last_accepting_state = yy_current_state;
-			yy_last_accepting_cpos = yy_cp;
-			}
-		while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
-			{
-			yy_current_state = (int) yy_def[yy_current_state];
-			if ( yy_current_state >= 16 )
-				yy_c = yy_meta[(unsigned int) yy_c];
-			}
-		yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
-		}
-
-	return yy_current_state;
-	}
-
-
-/* yy_try_NUL_trans - try to make a transition on the NUL character
- *
- * synopsis
- *	next_state = yy_try_NUL_trans( current_state );
- */
-
-#ifdef YY_USE_PROTOS
-static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state )
-#else
-static yy_state_type yy_try_NUL_trans( yy_current_state )
-yy_state_type yy_current_state;
-#endif
-	{
-	register int yy_is_jam;
-	register char *yy_cp = yy_c_buf_p;
-
-	register YY_CHAR yy_c = 1;
-	if ( yy_accept[yy_current_state] )
-		{
-		yy_last_accepting_state = yy_current_state;
-		yy_last_accepting_cpos = yy_cp;
-		}
-	while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
-		{
-		yy_current_state = (int) yy_def[yy_current_state];
-		if ( yy_current_state >= 16 )
-			yy_c = yy_meta[(unsigned int) yy_c];
-		}
-	yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
-	yy_is_jam = (yy_current_state == 15);
-
-	return yy_is_jam ? 0 : yy_current_state;
-	}
-
-
-#ifndef YY_NO_UNPUT
-#ifdef YY_USE_PROTOS
-static void yyunput( int c, register char *yy_bp )
-#else
-static void yyunput( c, yy_bp )
-int c;
-register char *yy_bp;
-#endif
-	{
-	register char *yy_cp = yy_c_buf_p;
-
-	/* undo effects of setting up yytext */
-	*yy_cp = yy_hold_char;
-
-	if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
-		{ /* need to shift things up to make room */
-		/* +2 for EOB chars. */
-		register int number_to_move = yy_n_chars + 2;
-		register char *dest = &yy_current_buffer->yy_ch_buf[
-					yy_current_buffer->yy_buf_size + 2];
-		register char *source =
-				&yy_current_buffer->yy_ch_buf[number_to_move];
-
-		while ( source > yy_current_buffer->yy_ch_buf )
-			*--dest = *--source;
-
-		yy_cp += (int) (dest - source);
-		yy_bp += (int) (dest - source);
-		yy_current_buffer->yy_n_chars =
-			yy_n_chars = yy_current_buffer->yy_buf_size;
-
-		if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
-			YY_FATAL_ERROR( "flex scanner push-back overflow" );
-		}
-
-	*--yy_cp = (char) c;
-
-
-	yytext_ptr = yy_bp;
-	yy_hold_char = *yy_cp;
-	yy_c_buf_p = yy_cp;
-	}
-#endif	/* ifndef YY_NO_UNPUT */
-
-
-#ifdef __cplusplus
-static int yyinput()
-#else
-static int input()
-#endif
-	{
-	int c;
-
-	*yy_c_buf_p = yy_hold_char;
-
-	if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR )
-		{
-		/* yy_c_buf_p now points to the character we want to return.
-		 * If this occurs *before* the EOB characters, then it's a
-		 * valid NUL; if not, then we've hit the end of the buffer.
-		 */
-		if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] )
-			/* This was really a NUL. */
-			*yy_c_buf_p = '\0';
-
-		else
-			{ /* need more input */
-			int offset = yy_c_buf_p - yytext_ptr;
-			++yy_c_buf_p;
-
-			switch ( yy_get_next_buffer() )
-				{
-				case EOB_ACT_LAST_MATCH:
-					/* This happens because yy_g_n_b()
-					 * sees that we've accumulated a
-					 * token and flags that we need to
-					 * try matching the token before
-					 * proceeding.  But for input(),
-					 * there's no matching to consider.
-					 * So convert the EOB_ACT_LAST_MATCH
-					 * to EOB_ACT_END_OF_FILE.
-					 */
-
-					/* Reset buffer status. */
-					yyrestart( yyin );
-
-					/* fall through */
-
-				case EOB_ACT_END_OF_FILE:
-					{
-					if ( yywrap() )
-						return EOF;
-
-					if ( ! yy_did_buffer_switch_on_eof )
-						YY_NEW_FILE;
-#ifdef __cplusplus
-					return yyinput();
-#else
-					return input();
-#endif
-					}
-
-				case EOB_ACT_CONTINUE_SCAN:
-					yy_c_buf_p = yytext_ptr + offset;
-					break;
-				}
-			}
-		}
-
-	c = *(unsigned char *) yy_c_buf_p;	/* cast for 8-bit char's */
-	*yy_c_buf_p = '\0';	/* preserve yytext */
-	yy_hold_char = *++yy_c_buf_p;
-
-
-	return c;
-	}
-
-
-#ifdef YY_USE_PROTOS
-void yyrestart( FILE *input_file )
-#else
-void yyrestart( input_file )
-FILE *input_file;
-#endif
-	{
-	if ( ! yy_current_buffer )
-		yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE );
-
-	yy_init_buffer( yy_current_buffer, input_file );
-	yy_load_buffer_state();
-	}
-
-
-#ifdef YY_USE_PROTOS
-void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer )
-#else
-void yy_switch_to_buffer( new_buffer )
-YY_BUFFER_STATE new_buffer;
-#endif
-	{
-	if ( yy_current_buffer == new_buffer )
-		return;
-
-	if ( yy_current_buffer )
-		{
-		/* Flush out information for old buffer. */
-		*yy_c_buf_p = yy_hold_char;
-		yy_current_buffer->yy_buf_pos = yy_c_buf_p;
-		yy_current_buffer->yy_n_chars = yy_n_chars;
-		}
-
-	yy_current_buffer = new_buffer;
-	yy_load_buffer_state();
-
-	/* We don't actually know whether we did this switch during
-	 * EOF (yywrap()) processing, but the only time this flag
-	 * is looked at is after yywrap() is called, so it's safe
-	 * to go ahead and always set it.
-	 */
-	yy_did_buffer_switch_on_eof = 1;
-	}
-
-
-#ifdef YY_USE_PROTOS
-void yy_load_buffer_state( void )
-#else
-void yy_load_buffer_state()
-#endif
-	{
-	yy_n_chars = yy_current_buffer->yy_n_chars;
-	yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
-	yyin = yy_current_buffer->yy_input_file;
-	yy_hold_char = *yy_c_buf_p;
-	}
-
-
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_create_buffer( FILE *file, int size )
-#else
-YY_BUFFER_STATE yy_create_buffer( file, size )
-FILE *file;
-int size;
-#endif
-	{
-	YY_BUFFER_STATE b;
-
-	b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
-	if ( ! b )
-		YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
-	b->yy_buf_size = size;
-
-	/* yy_ch_buf has to be 2 characters longer than the size given because
-	 * we need to put in 2 end-of-buffer characters.
-	 */
-	b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 );
-	if ( ! b->yy_ch_buf )
-		YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
-	b->yy_is_our_buffer = 1;
-
-	yy_init_buffer( b, file );
-
-	return b;
-	}
-
-
-#ifdef YY_USE_PROTOS
-void yy_delete_buffer( YY_BUFFER_STATE b )
-#else
-void yy_delete_buffer( b )
-YY_BUFFER_STATE b;
-#endif
-	{
-	if ( ! b )
-		return;
-
-	if ( b == yy_current_buffer )
-		yy_current_buffer = (YY_BUFFER_STATE) 0;
-
-	if ( b->yy_is_our_buffer )
-		yy_flex_free( (void *) b->yy_ch_buf );
-
-	yy_flex_free( (void *) b );
-	}
-
-
-#ifndef YY_ALWAYS_INTERACTIVE
-#ifndef YY_NEVER_INTERACTIVE
-extern int isatty YY_PROTO(( int ));
-#endif
-#endif
-
-#ifdef YY_USE_PROTOS
-void yy_init_buffer( YY_BUFFER_STATE b, FILE *file )
-#else
-void yy_init_buffer( b, file )
-YY_BUFFER_STATE b;
-FILE *file;
-#endif
-
-
-	{
-	yy_flush_buffer( b );
-
-	b->yy_input_file = file;
-	b->yy_fill_buffer = 1;
-
-#if YY_ALWAYS_INTERACTIVE
-	b->yy_is_interactive = 1;
-#else
-#if YY_NEVER_INTERACTIVE
-	b->yy_is_interactive = 0;
-#else
-	b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
-#endif
-#endif
-	}
-
-
-#ifdef YY_USE_PROTOS
-void yy_flush_buffer( YY_BUFFER_STATE b )
-#else
-void yy_flush_buffer( b )
-YY_BUFFER_STATE b;
-#endif
-
-	{
-	if ( ! b )
-		return;
-
-	b->yy_n_chars = 0;
-
-	/* We always need two end-of-buffer characters.  The first causes
-	 * a transition to the end-of-buffer state.  The second causes
-	 * a jam in that state.
-	 */
-	b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
-	b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
-
-	b->yy_buf_pos = &b->yy_ch_buf[0];
-
-	b->yy_at_bol = 1;
-	b->yy_buffer_status = YY_BUFFER_NEW;
-
-	if ( b == yy_current_buffer )
-		yy_load_buffer_state();
-	}
-
-
-#ifndef YY_NO_SCAN_BUFFER
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size )
-#else
-YY_BUFFER_STATE yy_scan_buffer( base, size )
-char *base;
-yy_size_t size;
-#endif
-	{
-	YY_BUFFER_STATE b;
-
-	if ( size < 2 ||
-	     base[size-2] != YY_END_OF_BUFFER_CHAR ||
-	     base[size-1] != YY_END_OF_BUFFER_CHAR )
-		/* They forgot to leave room for the EOB's. */
-		return 0;
-
-	b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
-	if ( ! b )
-		YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
-
-	b->yy_buf_size = size - 2;	/* "- 2" to take care of EOB's */
-	b->yy_buf_pos = b->yy_ch_buf = base;
-	b->yy_is_our_buffer = 0;
-	b->yy_input_file = 0;
-	b->yy_n_chars = b->yy_buf_size;
-	b->yy_is_interactive = 0;
-	b->yy_at_bol = 1;
-	b->yy_fill_buffer = 0;
-	b->yy_buffer_status = YY_BUFFER_NEW;
-
-	yy_switch_to_buffer( b );
-
-	return b;
-	}
-#endif
-
-
-#ifndef YY_NO_SCAN_STRING
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str )
-#else
-YY_BUFFER_STATE yy_scan_string( yy_str )
-yyconst char *yy_str;
-#endif
-	{
-	int len;
-	for ( len = 0; yy_str[len]; ++len )
-		;
-
-	return yy_scan_bytes( yy_str, len );
-	}
-#endif
-
-
-#ifndef YY_NO_SCAN_BYTES
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len )
-#else
-YY_BUFFER_STATE yy_scan_bytes( bytes, len )
-yyconst char *bytes;
-int len;
-#endif
-	{
-	YY_BUFFER_STATE b;
-	char *buf;
-	yy_size_t n;
-	int i;
-
-	/* Get memory for full buffer, including space for trailing EOB's. */
-	n = len + 2;
-	buf = (char *) yy_flex_alloc( n );
-	if ( ! buf )
-		YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
-
-	for ( i = 0; i < len; ++i )
-		buf[i] = bytes[i];
-
-	buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR;
-
-	b = yy_scan_buffer( buf, n );
-	if ( ! b )
-		YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
-
-	/* It's okay to grow etc. this buffer, and we should throw it
-	 * away when we're done.
-	 */
-	b->yy_is_our_buffer = 1;
-
-	return b;
-	}
-#endif
-
-
-#ifndef YY_NO_PUSH_STATE
-#ifdef YY_USE_PROTOS
-static void yy_push_state( int new_state )
-#else
-static void yy_push_state( new_state )
-int new_state;
-#endif
-	{
-	if ( yy_start_stack_ptr >= yy_start_stack_depth )
-		{
-		yy_size_t new_size;
-
-		yy_start_stack_depth += YY_START_STACK_INCR;
-		new_size = yy_start_stack_depth * sizeof( int );
-
-		if ( ! yy_start_stack )
-			yy_start_stack = (int *) yy_flex_alloc( new_size );
-
-		else
-			yy_start_stack = (int *) yy_flex_realloc(
-					(void *) yy_start_stack, new_size );
-
-		if ( ! yy_start_stack )
-			YY_FATAL_ERROR(
-			"out of memory expanding start-condition stack" );
-		}
-
-	yy_start_stack[yy_start_stack_ptr++] = YY_START;
-
-	BEGIN(new_state);
-	}
-#endif
-
-
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state()
-	{
-	if ( --yy_start_stack_ptr < 0 )
-		YY_FATAL_ERROR( "start-condition stack underflow" );
-
-	BEGIN(yy_start_stack[yy_start_stack_ptr]);
-	}
-#endif
-
-
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state()
-	{
-	return yy_start_stack[yy_start_stack_ptr - 1];
-	}
-#endif
-
-#ifndef YY_EXIT_FAILURE
-#define YY_EXIT_FAILURE 2
-#endif
-
-#ifdef YY_USE_PROTOS
-static void yy_fatal_error( yyconst char msg[] )
-#else
-static void yy_fatal_error( msg )
-char msg[];
-#endif
-	{
-	(void) fprintf( stderr, "%s\n", msg );
-	exit( YY_EXIT_FAILURE );
-	}
-
-
-
-/* Redefine yyless() so it works in section 3 code. */
-
-#undef yyless
-#define yyless(n) \
-	do \
-		{ \
-		/* Undo effects of setting up yytext. */ \
-		yytext[yyleng] = yy_hold_char; \
-		yy_c_buf_p = yytext + n; \
-		yy_hold_char = *yy_c_buf_p; \
-		*yy_c_buf_p = '\0'; \
-		yyleng = n; \
-		} \
-	while ( 0 )
-
-
-/* Internal utility routines. */
-
-#ifndef yytext_ptr
-#ifdef YY_USE_PROTOS
-static void yy_flex_strncpy( char *s1, yyconst char *s2, int n )
-#else
-static void yy_flex_strncpy( s1, s2, n )
-char *s1;
-yyconst char *s2;
-int n;
-#endif
-	{
-	register int i;
-	for ( i = 0; i < n; ++i )
-		s1[i] = s2[i];
-	}
-#endif
-
-#ifdef YY_NEED_STRLEN
-#ifdef YY_USE_PROTOS
-static int yy_flex_strlen( yyconst char *s )
-#else
-static int yy_flex_strlen( s )
-yyconst char *s;
-#endif
-	{
-	register int n;
-	for ( n = 0; s[n]; ++n )
-		;
-
-	return n;
-	}
-#endif
-
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_alloc( yy_size_t size )
-#else
-static void *yy_flex_alloc( size )
-yy_size_t size;
-#endif
-	{
-	return (void *) malloc( size );
-	}
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_realloc( void *ptr, yy_size_t size )
-#else
-static void *yy_flex_realloc( ptr, size )
-void *ptr;
-yy_size_t size;
-#endif
-	{
-	/* The cast to (char *) in the following accommodates both
-	 * implementations that use char* generic pointers, and those
-	 * that use void* generic pointers.  It works with the latter
-	 * because both ANSI C and C++ allow castless assignment from
-	 * any pointer type to void*, and deal with argument conversions
-	 * as though doing an assignment.
-	 */
-	return (void *) realloc( (char *) ptr, size );
-	}
-
-#ifdef YY_USE_PROTOS
-static void yy_flex_free( void *ptr )
-#else
-static void yy_flex_free( ptr )
-void *ptr;
-#endif
-	{
-	free( ptr );
-	}
-
-#if YY_MAIN
-int main()
-	{
-	yylex();
-	return 0;
-	}
-#endif
-#line 81 "installparse.l"
-
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
-	char *tmp = (char*) PR_Malloc(strlen(str)+1);
-	strcpy(tmp, str);
-	return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
-   This function assumes that what is passed in is actually a complex
-   string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
-	int size, i,j;
-	char *tmp;
-
-	if(!str) {
-		return NULL;
-	}
-	size = strlen(str);
-
-	/* Allocate the new space.  This string will actually be too big, 
-		since quotes and backslashes will be stripped out.  But that's ok. */
-	tmp = (char*) PR_Malloc(size+1);
-
-	/* Copy it over */
-	for(i=0, j=0; i < size; i++) {
-		if(str[i]=='\"') {
-			continue;  /* skip un-escaped quotes */
-		} else if(str[i]=='\\') {
-			++i;       /* escaped character. skip the backslash */
-		}
-		tmp[j++] = str[i];
-	}
-	tmp[j] = '\0';
-
-	return tmp;
-}
diff --git a/security/nss/cmd/modutil/manifest.mn b/security/nss/cmd/modutil/manifest.mn
deleted file mode 100644
index a40aec6db..000000000
--- a/security/nss/cmd/modutil/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = sectools
-
-EXPORTS = 
-
-CSRCS = modutil.c		\
-		pk11.c			\
-		instsec.c		\
-		install.c		\
-		installparse.c		\
-		install-ds.c		\
-		lex.Pk11Install_yy.c	\
-		$(NULL)
-
-CPPSRCS = 
-
-PROGRAM =  modutil
-
-REQUIRES = seccmd security dbm
-
-DEFINES = -DNSPR20
-
-# sigh
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/pk11wrap
-
-USE_STATIC_LIBS = 1 
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
deleted file mode 100644
index 2f1886b47..000000000
--- a/security/nss/cmd/modutil/modutil.c
+++ /dev/null
@@ -1,974 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "modutil.h"
-#include "install.h"
-#include <plstr.h>
-#include "secrng.h"
-#include "certdb.h" /* for CERT_DB_FILE_VERSION */
-#include "nss.h"
-
-static void install_error(char *message);
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-static char *progName;
-
-
-/* This enum must be kept in sync with the commandNames list */
-typedef enum {
-	NO_COMMAND,
-	ADD_COMMAND,
-	CHANGEPW_COMMAND,
-	CREATE_COMMAND,
-	DEFAULT_COMMAND,
-	DELETE_COMMAND,
-	DISABLE_COMMAND,
-	ENABLE_COMMAND,
-	FIPS_COMMAND,
-	JAR_COMMAND,
-	LIST_COMMAND,
-	RAW_LIST_COMMAND,
-	RAW_ADD_COMMAND,
-	UNDEFAULT_COMMAND
-} Command;
-
-/* This list must be kept in sync with the Command enum */
-static char *commandNames[] = {
-	"(no command)",
-	"-add",
-	"-changepw",
-	"-create",
-	"-default",
-	"-delete",
-	"-disable",
-	"-enable",
-	"-fips",
-	"-jar",
-	"-list",
-	"-rawlist",
-	"-rawadd",
-	"-undefault"
-};
-
-
-/* this enum must be kept in sync with the optionStrings list */
-typedef enum {
-	ADD_ARG=0,
-	RAW_ADD_ARG,
-	CHANGEPW_ARG,
-	CIPHERS_ARG,
-	CREATE_ARG,
-	DBDIR_ARG,
-	DBPREFIX_ARG,
-	DEFAULT_ARG,
-	DELETE_ARG,
-	DISABLE_ARG,
-	ENABLE_ARG,
-	FIPS_ARG,
-	FORCE_ARG,
-	JAR_ARG,
-	LIBFILE_ARG,
-	LIST_ARG,
-	RAW_LIST_ARG,
-	MECHANISMS_ARG,
-	NEWPWFILE_ARG,
-	PWFILE_ARG,
-	SLOT_ARG,
-	UNDEFAULT_ARG,
-	INSTALLDIR_ARG,
-	TEMPDIR_ARG,
-	SECMOD_ARG,
-	NOCERTDB_ARG,
-	STRING_ARG,
-
-	NUM_ARGS	/* must be last */
-} Arg;
-
-/* This list must be kept in sync with the Arg enum */
-static char *optionStrings[] = {
-	"-add",
-	"-rawadd",
-	"-changepw",
-	"-ciphers",
-	"-create",
-	"-dbdir",
-	"-dbprefix",
-	"-default",
-	"-delete",
-	"-disable",
-	"-enable",
-	"-fips",
-	"-force",
-	"-jar",
-	"-libfile",
-	"-list",
-	"-rawlist",
-	"-mechanisms",
-	"-newpwfile",
-	"-pwfile",
-	"-slot",
-	"-undefault",
-	"-installdir",
-	"-tempdir",
-	"-secmod",
-	"-nocertdb",
-	"-string",
-};
-
-/* Increment i if doing so would have i still be less than j.  If you
-   are able to do this, return 0.  Otherwise return 1. */
-#define TRY_INC(i,j)  ( ((i+1)<j) ? (++i, 0) : 1 )
-
-/********************************************************************
- *
- * file-wide variables obtained from the command line
- */
-static Command command = NO_COMMAND;
-static char* pwFile = NULL;
-static char* newpwFile = NULL;
-static char* moduleName = NULL;
-static char* moduleSpec = NULL;
-static char* slotName = NULL;
-static char* secmodName = NULL;
-static char* tokenName = NULL;
-static char* libFile = NULL;
-static char* dbdir = NULL;
-static char* dbprefix = "";
-static char* secmodString = NULL;
-static char* mechanisms = NULL;
-static char* ciphers = NULL;
-static char* fipsArg = NULL;
-static char* jarFile = NULL;
-static char* installDir = NULL;
-static char* tempDir = NULL;
-static short force = 0;
-static PRBool nocertdb = PR_FALSE;
-
-/*******************************************************************
- *
- * p a r s e _ a r g s
- */
-static Error
-parse_args(int argc, char *argv[])
-{
-	int i;
-	char *arg;
-	int optionType;
-
-	/* Loop over all arguments */
-	for(i=1; i < argc; i++) {
-		arg = argv[i];
-
-		/* Make sure this is an option and not some floating argument */
-		if(arg[0] != '-') {
-			PR_fprintf(PR_STDERR, errStrings[UNEXPECTED_ARG_ERR], argv[i]);
-			return UNEXPECTED_ARG_ERR;
-		}
-
-		/* Find which option this is */
-		for(optionType=0; optionType < NUM_ARGS; optionType++) {
-			if(! strcmp(arg, optionStrings[optionType])) {
-				break;
-			}
-		}
-		
-		/* Deal with this specific option */
-		switch(optionType) {
-		case NUM_ARGS:
-		default:
-			PR_fprintf(PR_STDERR, errStrings[UNKNOWN_OPTION_ERR], arg);
-			return UNKNOWN_OPTION_ERR;
-			break;
-		case ADD_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = ADD_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			moduleName = argv[i];
-			break;
-		case CHANGEPW_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = CHANGEPW_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			tokenName = argv[i];
-			break;
-		case CIPHERS_ARG:
-			if(ciphers != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			ciphers = argv[i];
-			break;
-		case CREATE_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = CREATE_COMMAND;
-			break;
-		case DBDIR_ARG:
-			if(dbdir != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			dbdir = argv[i];
-			break;
-		case DBPREFIX_ARG:
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			dbprefix = argv[i];
-			break;
-		case UNDEFAULT_ARG:
-		case DEFAULT_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			if(optionType == DEFAULT_ARG) {
-				command = DEFAULT_COMMAND;
-			} else {
-				command = UNDEFAULT_COMMAND;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			moduleName = argv[i];
-			break;
-		case DELETE_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = DELETE_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			moduleName = argv[i];
-			break;
-		case DISABLE_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = DISABLE_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			moduleName = argv[i];
-			break;
-		case ENABLE_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = ENABLE_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			moduleName = argv[i];
-			break;
-		case FIPS_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = FIPS_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			fipsArg = argv[i];
-			break;
-		case FORCE_ARG:
-			force = 1;
-			break;
-		case NOCERTDB_ARG:
-			nocertdb = PR_TRUE;
-			break;
-		case INSTALLDIR_ARG:
-			if(installDir != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			installDir = argv[i];
-			break;
-		case TEMPDIR_ARG:
-			if(tempDir != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			tempDir = argv[i];
-			break;
-		case JAR_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = JAR_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			jarFile = argv[i];
-			break;
-		case LIBFILE_ARG:
-			if(libFile != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			libFile = argv[i];
-			break;
-		case LIST_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = LIST_COMMAND;
-			/* This option may or may not have an argument */
-			if( (i+1 < argc) && (argv[i+1][0] != '-') ) {
-					moduleName = argv[++i];
-			}
-			break;
-		case RAW_LIST_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = RAW_LIST_COMMAND;
-			/* This option may or may not have an argument */
-			if( (i+1 < argc) && (argv[i+1][0] != '-') ) {
-					moduleName = argv[++i];
-			}
-			break;
-		case RAW_ADD_ARG:
-			if(command != NO_COMMAND) {
-				PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
-				return MULTIPLE_COMMAND_ERR;
-			}
-			command = RAW_ADD_COMMAND;
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			moduleSpec = argv[i];
-			break;
-		case MECHANISMS_ARG:
-			if(mechanisms != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			mechanisms = argv[i];
-			break;
-		case NEWPWFILE_ARG:
-			if(newpwFile != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			newpwFile = argv[i];
-			break;
-		case PWFILE_ARG:
-			if(pwFile != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			pwFile = argv[i];
-			break;
-		case SLOT_ARG:
-			if(slotName != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			slotName = argv[i];
-			break;
-		case SECMOD_ARG:
-			if(secmodName != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			secmodName = argv[i];
-			break;
-                case STRING_ARG:
-			if(secmodString != NULL) {
-				PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
-				return DUPLICATE_OPTION_ERR;
-			}
-			if(TRY_INC(i, argc)) {
-				PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
-				return OPTION_NEEDS_ARG_ERR;
-			}
-			secmodString = argv[i];
-			break;
-		}
-	}
-	return SUCCESS;
-}
-
-/************************************************************************
- *
- * v e r i f y _ p a r a m s
- */
-static Error
-verify_params()
-{
-	switch(command) {
-	case ADD_COMMAND:
-		if(libFile == NULL) {
-			PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
-				commandNames[ADD_COMMAND], optionStrings[LIBFILE_ARG]);
-			return MISSING_PARAM_ERR;
-		}
-		break;
-	case CHANGEPW_COMMAND:
-		break;
-	case CREATE_COMMAND:
-		break;
-	case DELETE_COMMAND:
-		break;
-	case DISABLE_COMMAND:
-		break;
-	case ENABLE_COMMAND:
-		break;
-	case FIPS_COMMAND:
-		if(PL_strcasecmp(fipsArg, "true") &&
-			PL_strcasecmp(fipsArg, "false")) {
-			PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
-			return INVALID_FIPS_ARG;
-		}
-		break;
-	case JAR_COMMAND:
-		if(installDir == NULL) {
-			PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
-				commandNames[JAR_COMMAND], optionStrings[INSTALLDIR_ARG]);
-			return MISSING_PARAM_ERR;
-		}
-		break;
-	case LIST_COMMAND:
-	case RAW_LIST_COMMAND:
-		break;
-	case RAW_ADD_COMMAND:
-		break;
-	case UNDEFAULT_COMMAND:
-	case DEFAULT_COMMAND:
-		if(mechanisms == NULL) {
-			PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
-				commandNames[command], optionStrings[MECHANISMS_ARG]);
-			return MISSING_PARAM_ERR;
-		}
-		break;
-	default:
-		/* Ignore this here */
-		break;
-	}
-
-	return SUCCESS;
-}
-
-/********************************************************************
- *
- * i n i t _ c r y p t o
- *
- * Does crypto initialization that all commands will require.
- * If -nocertdb option is specified, don't open key or cert db (we don't
- * need them if we aren't going to be verifying signatures).  This is
- * because serverland doesn't always have cert and key database files
- * available.
- */
-static Error
-init_crypto(PRBool create, PRBool readOnly)
-{
-	char *dir;
-#ifdef notdef
-	char *moddbname=NULL, *keydbname, *certdbname;
-	PRBool free_moddbname = PR_FALSE;
-#endif
-	Error retval;
-	SECStatus rv;
-	PRUint32 flags = 0;
-
-	if (secmodName == NULL) {
-	    secmodName = "secmod.db";
-	}
-
-	if(SECU_ConfigDirectory(dbdir)[0] == '\0') {
-		PR_fprintf(PR_STDERR, errStrings[NO_DBDIR_ERR]);
-		retval=NO_DBDIR_ERR;
-		goto loser;
-	}
-	dir = SECU_ConfigDirectory(NULL);
-
-	/* Make sure db directory exists and is readable */
-	if(PR_Access(dir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
-		PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dir);
-		retval = DIR_DOESNT_EXIST_ERR;
-		goto loser;
-	} else if(PR_Access(dir, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-		PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dir);
-		retval = DIR_NOT_READABLE_ERR;
-		goto loser;
-	}
-
-	/* Check for the proper permissions on databases */
-	if(create) {
-		/* Make sure dbs don't already exist, and the directory is
-			writeable */
-#ifdef notdef
-		if(PR_Access(moddbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
-			PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],
-			  moddbname);
-			retval=FILE_ALREADY_EXISTS_ERR;
-			goto loser;
-		} else if(PR_Access(keydbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
-			PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR], keydbname);
-			retval=FILE_ALREADY_EXISTS_ERR;
-			goto loser;
-		} else if(PR_Access(certdbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
-			PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],certdbname);
-			retval=FILE_ALREADY_EXISTS_ERR;
-			goto loser;
-		} else 
-#endif
-		if(PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
-			PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dir);
-			retval=DIR_NOT_WRITEABLE_ERR;
-			goto loser;
-		}
-	} else {
-#ifdef notdef
-		/* Make sure dbs are readable and writeable */
-		if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-#ifndef XP_PC
-			/* in serverland, they always use secmod.db, even on UNIX. Try
-			   this */
-			moddbname = PR_smprintf("%s/secmod.db", dir);
-			free_moddbname = PR_TRUE;
-			if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-#endif
-			PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], moddbname);
-			retval=FILE_NOT_READABLE_ERR;
-			goto loser;
-#ifndef XP_PC
-			}
-#endif
-		}
-		if(!nocertdb) { /* don't open cert and key db if -nocertdb */
-			if(PR_Access(keydbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-				PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
-				  keydbname);
-				retval=FILE_NOT_READABLE_ERR;
-				goto loser;
-			}
-			if(PR_Access(certdbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-				PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
-				  certdbname);
-				retval=FILE_NOT_READABLE_ERR;
-				goto loser;
-			}
-		}
-#endif
-
-		/* Check for write access if we'll be making changes */
-		if( !readOnly ) {
-#ifdef notdef
-			if(PR_Access(moddbname, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
-				PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
-				  moddbname);
-				retval=FILE_NOT_WRITEABLE_ERR;
-				goto loser;
-			}
-			if(!nocertdb) { /* don't open key and cert db if -nocertdb */
-				if(PR_Access(keydbname, PR_ACCESS_WRITE_OK)
-															!= PR_SUCCESS) {
-					PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
-					  keydbname);
-					retval=FILE_NOT_WRITEABLE_ERR;
-					goto loser;
-				}
-				if(PR_Access(certdbname, PR_ACCESS_WRITE_OK)
-															!= PR_SUCCESS) {
-					PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
-					  certdbname);
-					retval=FILE_NOT_WRITEABLE_ERR;
-					goto loser;
-				}
-			}
-#endif
-		}
-		PR_fprintf(PR_STDOUT, msgStrings[USING_DBDIR_MSG],
-		  SECU_ConfigDirectory(NULL));
-	}
-
-	/* Open/create key database */
-	flags = 0;
-	if (readOnly) flags |= NSS_INIT_READONLY;
-	if (nocertdb) flags |= NSS_INIT_NOCERTDB;
-	rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix,
-	               secmodName, flags);
-	if (rv != SECSuccess) {
-	    SECU_PrintPRandOSError(progName);
-	    retval=NSS_INITIALIZE_FAILED_ERR;
-	    goto loser;
-	}
-
-	retval=SUCCESS;
-loser:
-#ifdef notdef
-	if(free_moddbname) {
-		PR_Free(moddbname);
-	}
-#endif
-	return retval;
-}
-
-/*************************************************************************
- *
- * u s a g e
- */
-static void
-usage()
-{
-	PR_fprintf(PR_STDOUT,
-"\nNetscape Cryptographic Module Utility\n"
-"Usage: modutil [command] [options]\n\n"
-"                            COMMANDS\n"
-"---------------------------------------------------------------------------\n"
-"-add MODULE_NAME                 Add the named module to the module database\n"
-"   -libfile LIBRARY_FILE         The name of the file (.so or .dll)\n"
-"                                 containing the implementation of PKCS #11\n"
-"   [-ciphers CIPHER_LIST]        Enable the given ciphers on this module\n"
-"   [-mechanisms MECHANISM_LIST]  Make the module a default provider of the\n"
-"                                 given mechanisms\n"
-"   [-string CONFIG_STRING]       Pass a configuration string to this module\n"
-"-changepw TOKEN                  Change the password on the named token\n"
-"   [-pwfile FILE]                The old password is in this file\n"
-"   [-newpwfile FILE]             The new password is in this file\n"
-"-create                          Create a new set of security databases\n"
-"-default MODULE                  Make the given module a default provider\n"
-"   -mechanisms MECHANISM_LIST    of the given mechanisms\n"
-"   [-slot SLOT]                  limit change to only the given slot\n"
-"-delete MODULE                   Remove the named module from the module\n"
-"                                 database\n"
-"-disable MODULE                  Disable the named module\n"
-"   [-slot SLOT]                  Disable only the named slot on the module\n"
-"-enable MODULE                   Enable the named module\n"
-"   [-slot SLOT]                  Enable only the named slot on the module\n"
-"-fips [ true | false ]           If true, enable FIPS mode.  If false,\n"
-"                                 disable FIPS mode\n"
-"-force                           Do not run interactively\n"
-"-jar JARFILE                     Install a PKCS #11 module from the given\n"
-"                                 JAR file in the PKCS #11 JAR format\n"
-"   -installdir DIR               Use DIR as the root directory of the\n"
-"                                 installation\n"
-"   [-tempdir DIR]                Use DIR as the temporary installation\n"
-"                                 directory. If not specified, the current\n"
-"                                 directory is used\n"
-"-list [MODULE]                   Lists information about the specified module\n"
-"                                 or about all modules if none is specified\n"
-"-undefault MODULE                The given module is NOT a default provider\n"
-"   -mechanisms MECHANISM_LIST    of the listed mechanisms\n"
-"   [-slot SLOT]                  limit change to only the given slot\n"
-"---------------------------------------------------------------------------\n"
-"\n"
-"                             OPTIONS\n"
-"---------------------------------------------------------------------------\n"
-"-dbdir DIR                       Directory DIR contains the security databases\n"
-"-dbprefix prefix                 Prefix for the security databases\n"
-"-nocertdb                        Do not load certificate or key databases. No\n"
-"                                 verification will be performed on JAR files.\n"
-"-secmod secmodName               Name of the security modules file\n"
-"---------------------------------------------------------------------------\n"
-"\n"
-"Mechanism lists are colon-separated.  The following mechanisms are recognized:\n"
-"RSA, DSA, RC2, RC4, RC5, DES, DH, FORTEZZA, SHA1, MD5, MD2, SSL, TLS, RANDOM,\n"
-" FRIENDLY\n"
-"\n"
-"Cipher lists are colon-separated.  The following ciphers are recognized:\n"
-"FORTEZZA\n"
-"\nQuestions or bug reports should be sent to modutil-support@netscape.com.\n"
-);
-
-}
-
-/*************************************************************************
- *
- * m a i n
- */
-int
-main(int argc, char *argv[])
-{
-	int errcode = SUCCESS;
-	PRBool createdb, readOnly;
-#define STDINBUF_SIZE 80
-	char stdinbuf[STDINBUF_SIZE];
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-
-	PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
-	if(parse_args(argc, argv) != SUCCESS) {
-		usage();
-		errcode = INVALID_USAGE_ERR;
-		goto loser;
-	}
-
-	if(verify_params() != SUCCESS) {
-		usage();
-		errcode = INVALID_USAGE_ERR;
-		goto loser;
-	}
-
-	if(command==NO_COMMAND) {
-		PR_fprintf(PR_STDERR, errStrings[NO_COMMAND_ERR]);
-		usage();
-		errcode = INVALID_USAGE_ERR;
-		goto loser;
-	}
-
-        if ((command == RAW_LIST_COMMAND) || (command == RAW_ADD_COMMAND)) {
-	    if(!moduleName) {
-		char *readOnlyStr, *noCertDBStr, *sep;
-		if (!secmodName) secmodName="secmod.db";
-		if (!dbprefix) dbprefix = "";
-		sep = ((command == RAW_LIST_COMMAND) && nocertdb) ? "," : " ";
-		readOnlyStr = (command == RAW_LIST_COMMAND) ? "readOnly" : "" ;
-		noCertDBStr = nocertdb ? "noCertDB" : "";
-		SECU_ConfigDirectory(dbdir);
-
-		moduleName=PR_smprintf("name=\"NSS default Module DB\" parameters=\"configdir=%s certPrefix=%s keyPrefix=%s secmod=%s flags=%s%s%s\" NSS=\"flags=internal,moduleDB,moduleDBOnly,critical\"",
-			SECU_ConfigDirectory(NULL),dbprefix, dbprefix,
-				secmodName,  readOnlyStr,sep,  noCertDBStr);
-	    }
-	    if (command == RAW_LIST_COMMAND) {
-		errcode = RawListModule(moduleName);
-	    } else {
-		PORT_Assert(moduleSpec);
-		errcode = RawAddModule(moduleName,moduleSpec);
-	    }
-	    goto loser;
-	}
-
-	/* Set up crypto stuff */
-	createdb = command==CREATE_COMMAND;
-	readOnly = command==LIST_COMMAND;
-
-	/* Make sure browser is not running if we're writing to a database */
-	/* Do this before initializing crypto */
-	if(!readOnly && !force) {
-		char *response;
-
-		PR_fprintf(PR_STDOUT, msgStrings[BROWSER_RUNNING_MSG]);
-		if( ! PR_fgets(stdinbuf, STDINBUF_SIZE, PR_STDIN)) {
-			PR_fprintf(PR_STDERR, errStrings[STDIN_READ_ERR]);
-			errcode = STDIN_READ_ERR;
-			goto loser;
-		}
-		if( (response=strtok(stdinbuf, " \r\n\t")) ) {
-			if(!PL_strcasecmp(response, "q")) {
-				PR_fprintf(PR_STDOUT, msgStrings[ABORTING_MSG]);
-				errcode = SUCCESS;
-				goto loser;
-			}
-		}
-		PR_fprintf(PR_STDOUT, "\n");
-	}
-
-	errcode = init_crypto(createdb, readOnly);
-	if( errcode != SUCCESS) {
-		goto loser;
-	}
-
-
-	/* Execute the command */
-	switch(command) {
-	case ADD_COMMAND:
-		errcode = AddModule(moduleName, libFile, ciphers, mechanisms, secmodString);
-		break;
-	case CHANGEPW_COMMAND:
-		errcode = ChangePW(tokenName, pwFile, newpwFile);
-		break;
-	case CREATE_COMMAND:
-		/* The work was already done in init_crypto() */
-		break;
-	case DEFAULT_COMMAND:
-		errcode = SetDefaultModule(moduleName, slotName, mechanisms);
-		break;
-	case DELETE_COMMAND:
-		errcode = DeleteModule(moduleName);
-		break;
-	case DISABLE_COMMAND:
-		errcode = EnableModule(moduleName, slotName, PR_FALSE);
-		break;
-	case ENABLE_COMMAND:
-		errcode = EnableModule(moduleName, slotName, PR_TRUE);
-		break;
-	case FIPS_COMMAND:
-		errcode = FipsMode(fipsArg);
-		break;
-	case JAR_COMMAND:
-		Pk11Install_SetErrorHandler(install_error);
-		errcode = Pk11Install_DoInstall(jarFile, installDir, tempDir,
-						PR_STDOUT, force, nocertdb);
-		break;
-	case LIST_COMMAND:
-		if(moduleName) {
-			errcode = ListModule(moduleName);
-		} else {
-			errcode = ListModules();
-		}
-		break;
-	case UNDEFAULT_COMMAND:
-		errcode = UnsetDefaultModule(moduleName, slotName, mechanisms);
-		break;
-	default:
-		PR_fprintf(PR_STDERR, "This command is not supported yet.\n");
-		errcode = INVALID_USAGE_ERR;
-		break;
-	}
-
-        NSS_Shutdown();
-loser:
-	PR_Cleanup();
-	return errcode;
-}
-
-/************************************************************************
- *
- * i n s t a l l _ e r r o r
- *
- * Callback function to handle errors in PK11 JAR file installation.
- */
-static void
-install_error(char *message)
-{
-	PR_fprintf(PR_STDERR, "Install error: %s\n", message);
-}
-
-/*************************************************************************
- *
- * o u t _ o f _ m e m o r y
- */
-void
-out_of_memory(void)
-{
-	PR_fprintf(PR_STDERR, errStrings[OUT_OF_MEM_ERR]);
-	exit(OUT_OF_MEM_ERR);
-}
-
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
-	int i;
-	int status;
-	char c;
-
-	i=0;
-	while(i < size-1) {
-		status = PR_Read(file, (void*) &c, 1);
-		if(status==-1) {
-			return NULL;
-		} else if(status==0) {
-			break;
-		}
-		buf[i++] = c;
-		if(c=='\n') {
-			break;
-		}
-	}
-	buf[i]='\0';
-
-	return buf;
-}
diff --git a/security/nss/cmd/modutil/modutil.h b/security/nss/cmd/modutil/modutil.h
deleted file mode 100644
index 83f74ffcf..000000000
--- a/security/nss/cmd/modutil/modutil.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef MODUTIL_H
-#define MODUTIL_H
-
-#include <stdio.h>
-#include <prio.h>
-#include <prprf.h>
-#include <prinit.h>
-#include <prmem.h>
-#include <plarena.h>
-#include <string.h>
-#include <seccomon.h>
-#include <secmod.h>
-#include <secutil.h>
-
-#include <prlock.h>
-
-#include "error.h"
-
-Error FipsMode(char *arg);
-Error AddModule(char *moduleName, char *libFile, char *ciphers,
-      char *mechanisms, char* modparms);
-Error DeleteModule(char *moduleName);
-Error ListModule(char *moduleName);
-Error ListModules();
-Error ChangePW(char *tokenName, char *pwFile, char *newpwFile);
-Error EnableModule(char *moduleName, char *slotName, PRBool enable);
-Error RawAddModule(char *dbmodulespec, char *modulespec);
-Error RawListModule(char *modulespec);
-Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-void out_of_memory(void);
-
-#endif /*MODUTIL_H*/
diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c
deleted file mode 100644
index b0c4cd487..000000000
--- a/security/nss/cmd/modutil/pk11.c
+++ /dev/null
@@ -1,864 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "modutil.h"
-#include "secmodti.h"
-#include "pk11func.h"
-
-extern PK11DefaultArrayEntry PK11_DefaultArray[];
-extern int num_pk11_default_mechanisms;
-extern SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo*, PK11DefaultArrayEntry*,
-	PRBool);
-
-/*************************************************************************
- *
- * F i p s M o d e
- * If arg=="true", enable FIPS mode on the internal module.  If arg=="false",
- * disable FIPS mode on the internal module.
- */
-Error
-FipsMode(char *arg)
-{
-
-	char *internal_name;
-
-	if(!PORT_Strcasecmp(arg, "true")) {
-		if(!PK11_IsFIPS()) {
-			internal_name = PR_smprintf("%s",
-				SECMOD_GetInternalModule()->commonName);
-			if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
-				PR_smprintf_free(internal_name);
-				PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
-				return FIPS_SWITCH_FAILED_ERR;
-			}
-			PR_smprintf_free(internal_name);
-			PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
-		} else {
-			PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]);
-			return FIPS_ALREADY_ON_ERR;
-		}
-	} else if(!PORT_Strcasecmp(arg, "false")) {
-		if(PK11_IsFIPS()) {
-			internal_name = PR_smprintf("%s",
-				SECMOD_GetInternalModule()->commonName);
-			if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
-				PR_smprintf_free(internal_name);
-				PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
-				return FIPS_SWITCH_FAILED_ERR;
-			}
-			PR_smprintf_free(internal_name);
-			PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
-		} else {
-			PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]);
-			return FIPS_ALREADY_OFF_ERR;
-		}
-	} else {
-		PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
-		return INVALID_FIPS_ARG;
-	}
-
-	return SUCCESS;
-}
-
-/************************************************************************
- * Cipher and Mechanism name-bitmask translation tables
- */
-
-typedef struct {
-	char *name;
-	unsigned long mask;
-} MaskString;
-
-static MaskString mechanismStrings[] = {
-	{"RSA", PUBLIC_MECH_RSA_FLAG},
-	{"DSA", PUBLIC_MECH_DSA_FLAG},
-	{"RC2", PUBLIC_MECH_RC2_FLAG},
-	{"RC4", PUBLIC_MECH_RC4_FLAG},
-	{"RC5", PUBLIC_MECH_RC5_FLAG},
-	{"DES", PUBLIC_MECH_DES_FLAG},
-	{"DH", PUBLIC_MECH_DH_FLAG},
-	{"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG},
-	{"SHA1", PUBLIC_MECH_SHA1_FLAG},
-	{"MD5", PUBLIC_MECH_MD5_FLAG},
-	{"MD2", PUBLIC_MECH_MD2_FLAG},
-	{"SSL", PUBLIC_MECH_SSL_FLAG},
-	{"TLS", PUBLIC_MECH_TLS_FLAG},
-	{"RANDOM", PUBLIC_MECH_RANDOM_FLAG},
-	{"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG}
-};
-static int numMechanismStrings =
-	sizeof(mechanismStrings) / sizeof(mechanismStrings[0]);
-
-static MaskString cipherStrings[] = {
-	{"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}
-};
-static int numCipherStrings =
-	sizeof(cipherStrings) / sizeof(cipherStrings[0]);
-
-/* Maximum length of a colon-separated list of all the strings in an 
- * array. */
-#define MAX_STRING_LIST_LEN 240	/* or less */
-
-/************************************************************************
- * 
- * g e t F l a g s F r o m S t r i n g
- *
- * Parses a mechanism list passed on the command line and converts it
- * to an unsigned long bitmask.
- * string is a colon-separated string of constants
- * array is an array of MaskStrings.
- * elements is the number of elements in array.
- */
-static unsigned long
-getFlagsFromString(char *string, MaskString array[], int elements)
-{
-	unsigned long ret = 0;
-	short i = 0;
-	char *cp;
-	char *buf;
-	char *end;
-
-	if(!string || !string[0]) {
-		return ret;
-	}
-
-	/* Make a temporary copy of the string */
-	buf = PR_Malloc(strlen(string)+1);
-	if(!buf) {
-		out_of_memory();
-	}
-	strcpy(buf, string);
-
-	/* Look at each element of the list passed in */
-	for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) {
-		/* Look at the string up to the next colon */
-		end = strchr(cp, ':');
-		if(end) {
-			*end = '\0';
-		}
-
-		/* Find which element this is */
-		for(i=0; i < elements; i++) {
-			if( !PORT_Strcasecmp(cp, array[i].name) ) {
-				break;
-			}
-		}
-		if(i == elements) {
-			/* Skip a bogus string, but print a warning message */
-			PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp);
-			continue;
-		}
-		ret |= array[i].mask;
-	}
-
-	PR_Free(buf);
-	return ret;
-}
-
-/**********************************************************************
- *
- * g e t S t r i n g F r o m F l a g s
- * 
- * The return string's memory is owned by this function.  Copy it
- * if you need it permanently or you want to change it.
- */
-static char *
-getStringFromFlags(unsigned long flags, MaskString array[], int elements)
-{
-	static char buf[MAX_STRING_LIST_LEN];
-	int i;
-	int count=0;
-
-	buf[0] = '\0';
-	for(i=0; i<elements; i++) {
-		if( flags & array[i].mask ) {
-			++count;
-			if(count!=1) {
-				strcat(buf, ":");
-			}
-			strcat(buf, array[i].name);
-		}
-	}
-	return buf;
-}
-
-/**********************************************************************
- *
- * A d d M o d u l e
- *
- * Add the named module, with the given library file, ciphers, and
- * default mechanism flags
- */
-Error
-AddModule(char *moduleName, char *libFile, char *cipherString,
-	char *mechanismString, char* modparms)
-{
-	unsigned long ciphers;
-	unsigned long mechanisms;
-	SECStatus status;
-
-	mechanisms =
-		getFlagsFromString(mechanismString, mechanismStrings,
-		  numMechanismStrings);
-	ciphers =
-		getFlagsFromString(cipherString, cipherStrings, numCipherStrings);
-
-	status =
-		SECMOD_AddNewModuleEx(moduleName, libFile,
-		  SECMOD_PubMechFlagstoInternal(mechanisms),
-		  SECMOD_PubCipherFlagstoInternal(ciphers),
-                  modparms, NULL );
-
-	if(status != SECSuccess) {
-                char* errtxt=NULL;
-                PRInt32 copied = 0;
-                if (PR_GetErrorTextLength()) {
-                    errtxt = PR_Malloc(PR_GetErrorTextLength());
-                    copied = PR_GetErrorText(errtxt);
-                }
-                if (copied && errtxt) {
-		    PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_STATUS_ERR], moduleName, errtxt);
-                    PR_Free(errtxt);
-                }
-                else {
-                    PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR], moduleName);
-                }
-		return ADD_MODULE_FAILED_ERR;
-	} else {
-		PR_fprintf(PR_STDOUT, msgStrings[ADD_MODULE_SUCCESS_MSG], moduleName);
-		return SUCCESS;
-	}
-}
-
-/***********************************************************************
- *
- * D e l e t e M o d u l e
- *
- * Deletes the named module from the database.
- */
-Error
-DeleteModule(char *moduleName)
-{
-	SECStatus status;
-	int type;
-	
-	status = SECMOD_DeleteModule(moduleName, &type);
-
-	if(status != SECSuccess) {
-		if(type == SECMOD_FIPS || type == SECMOD_INTERNAL) {
-			PR_fprintf(PR_STDERR, errStrings[DELETE_INTERNAL_ERR]);
-			return DELETE_INTERNAL_ERR;
-		} else {
-			PR_fprintf(PR_STDERR, errStrings[DELETE_FAILED_ERR], moduleName);
-			return DELETE_FAILED_ERR;
-		}
-	}
-
-	PR_fprintf(PR_STDOUT, msgStrings[DELETE_SUCCESS_MSG], moduleName);
-	return SUCCESS;
-}
-
-/************************************************************************
- *
- * R a w L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-RawListModule(char *modulespec)
-{
-	SECMODModule *module;
-	char **moduleSpecList;
-	SECStatus rv;
-
-	module = SECMOD_LoadModule(modulespec,NULL,PR_FALSE);
-	if (module == NULL) {
-	    /* handle error */
-	    return NO_SUCH_MODULE_ERR;
-	}
-
-	moduleSpecList = SECMOD_GetModuleSpecList(module);
-
-	for ( ;*moduleSpecList; moduleSpecList++) {
-		printf("%s\n",*moduleSpecList);
-	}
-
-	return SUCCESS;
-}
-
-Error
-RawAddModule(char *dbmodulespec, char *modulespec)
-{
-    SECMODModule *module;
-    SECMODModule *dbmodule;
-
-
-    dbmodule = SECMOD_LoadModule(dbmodulespec,NULL,PR_TRUE);
-    if (dbmodule == NULL) {
-	 /* handle error */
-	return NO_SUCH_MODULE_ERR;
-    }
-
-    module = SECMOD_LoadModule(modulespec,dbmodule,PR_FALSE);
-    if (module == NULL) {
-	 /* handle error */
-	return NO_SUCH_MODULE_ERR;
-    }
-
-    if( SECMOD_UpdateModule(module) != SECSuccess ) {
-	PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], modulespec);
-	return UPDATE_MOD_FAILED_ERR;
-    }
-    return SUCCESS;
-}
-
-/************************************************************************
- *
- * L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-ListModules()
-{
-	SECMODListLock *lock;
-	SECMODModuleList *list;
-	SECMODModuleList *mlp;
-	Error ret=UNSPECIFIED_ERR;
-	int count = 0, i;
-
-	lock = SECMOD_GetDefaultModuleListLock();
-	if(!lock) {
-		PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
-		return NO_LIST_LOCK_ERR;
-	}
-
-	SECMOD_GetReadLock(lock);
-
-	list = SECMOD_GetDefaultModuleList();
-	if(!list) {
-		PR_fprintf(PR_STDERR, errStrings[NO_MODULE_LIST_ERR]);
-		ret = NO_MODULE_LIST_ERR;
-		goto loser;
-	}
-
-	PR_fprintf(PR_STDOUT,
-		"\nListing of PKCS #11 Modules\n"
-		"-----------------------------------------------------------\n");
-	
-	for(mlp=list; mlp != NULL; mlp = mlp->next) {
-		++count;
-		if(count!=1) {
-			PR_fprintf(PR_STDOUT, "\n");
-		}
-
-		PR_fprintf(PR_STDOUT, "%3d. %s\n", count, mlp->module->commonName);
-
-		if(mlp->module->dllName) {
-			PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", mlp->module->dllName);
-		}
-
-		if(mlp->module->slotCount == 0) {
-			PR_fprintf(PR_STDOUT,
-				"\t slots: There are no slots attached to this module\n");
-		} else {
-			PR_fprintf(PR_STDOUT,
-				"\t slots: %d slot%s attached\n", mlp->module->slotCount,
-				(mlp->module->slotCount==1 ? "" : "s") );
-		}
-
-		if(mlp->module->loaded == 0) {
-			PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n");
-		} else {
-			PR_fprintf(PR_STDOUT, "\tstatus: loaded\n");
-		}
-
-		/* Print slot and token names */
-		for (i = 0; i < mlp->module->slotCount; i++) {
-			PK11SlotInfo *slot = mlp->module->slots[i];
-
-			PR_fprintf(PR_STDOUT, "\n");
-			PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot));
-			PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot));
-		}
-    }
-
-	PR_fprintf(PR_STDOUT,
-		"-----------------------------------------------------------\n");
-
-	ret = SUCCESS;
-
-loser:
-	SECMOD_ReleaseReadLock(lock);
-	return ret;
-}
-
-/* Strings describing PK11DisableReasons */
-static char *disableReasonStr[] = {
-	"no reason",
-	"user disabled",
-	"could not initialize token",
-	"could not verify token",
-	"token not present"
-};
-static int numDisableReasonStr =
-	sizeof(disableReasonStr) / sizeof(disableReasonStr[0]);
-
-/***********************************************************************
- *
- * L i s t M o d u l e
- *
- * Lists detailed information about the named module.
- */
-Error
-ListModule(char *moduleName)
-{
-	SECMODModule *module;
-	PK11SlotInfo *slot;
-	int slotnum;
-	CK_INFO modinfo;
-	CK_SLOT_INFO slotinfo;
-	CK_TOKEN_INFO tokeninfo;
-	char *ciphers, *mechanisms;
-	PK11DisableReasons reason;
-	Error  rv = SUCCESS;
-
-	if(!moduleName) {
-		return SUCCESS;
-	}
-
-	module = SECMOD_FindModule(moduleName);
-	if(!module) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
-		return NO_SUCH_MODULE_ERR;
-	}
-
-	if(PK11_GetModInfo(module, &modinfo) != SECSuccess) {
-		PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
-		return MOD_INFO_ERR;
-	}
-
-	/* Module info */
-	PR_fprintf(PR_STDOUT, 
-		"\n-----------------------------------------------------------\n");
-	PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
-	if(module->internal || !module->dllName) {
-		PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
-	} else {
-		PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
-	}
-
-	PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
-	PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
-	PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
-		modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
-	PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
-		modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
-
-	/* Get cipher and mechanism flags */
-	ciphers = getStringFromFlags(module->ssl[0], cipherStrings,
-	  numCipherStrings);
-	if(ciphers[0] == '\0') {
-		ciphers = "None";
-	}
-	PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
-	mechanisms = NULL;
-	if(module->slotCount > 0) {
-		mechanisms = getStringFromFlags(module->slots[0]->defaultFlags,
-			mechanismStrings, numMechanismStrings);
-	}
-	if(mechanisms[0] =='\0') {
-		mechanisms = "None";
-	}
-	PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);
-
-#define PAD "  "
-
-	/* Loop over each slot */
-	for(slotnum=0; slotnum < module->slotCount; slotnum++) {
-		slot = module->slots[slotnum];
-		if(PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
-			PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR],
-				PK11_GetSlotName(slot));
-			rv = SLOT_INFO_ERR;
-			continue;
-		}
-
-		/* Slot Info */
-		PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot));
-		mechanisms = getStringFromFlags(slot->defaultFlags,
-			mechanismStrings, numMechanismStrings);
-		if(mechanisms[0] =='\0') {
-		     mechanisms = "None";
-		}
-		PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms);
-		PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n",
-			slotinfo.manufacturerID);
-		if(slot->isHW) {
-			PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n");
-		} else {
-			PR_fprintf(PR_STDOUT, PAD"Type: Software\n");
-		}
-		PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n",
-			slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
-		PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n",
-			slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
-		if(slot->disabled) {
-			reason  = PK11_GetDisabledReason(slot);
-			if(reason < numDisableReasonStr) {
-				PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n",
-				  disableReasonStr[reason]);
-			} else {
-				PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n");
-			}
-		} else {
-			PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n");
-		}
-
-		if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
-			PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
-			  slot->token_name);
-			rv = TOKEN_INFO_ERR;
-			continue;
-		}
-
-		/* Token Info */
-		PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n",
-			tokeninfo.label);
-		PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n",
-			tokeninfo.manufacturerID);
-		PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model);
-		PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n",
-			tokeninfo.serialNumber);
-		PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n",
-			tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor);
-		PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n",
-			tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor);
-		if(tokeninfo.flags & CKF_WRITE_PROTECTED) {
-			PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n");
-		} else {
-			PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n");
-		}
-		if(tokeninfo.flags & CKF_LOGIN_REQUIRED) {
-			PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n");
-		} else {
-			PR_fprintf(PR_STDOUT, PAD
-			  "Login Type: Public (no login required)\n");
-		}
-		if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
-			PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n");
-		} else {
-			PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n");
-		}
-	}
-	PR_fprintf(PR_STDOUT, 
-		"\n-----------------------------------------------------------\n");
-	return rv;
-}
-
-/************************************************************************
- *
- * C h a n g e P W
- */
-Error
-ChangePW(char *tokenName, char *pwFile, char *newpwFile)
-{
-	char *oldpw=NULL, *newpw=NULL, *newpw2=NULL;
-	PK11SlotInfo *slot;
-	Error ret=UNSPECIFIED_ERR;
-	PRBool matching;
-
-	slot = PK11_FindSlotByName(tokenName);
-	if(!slot) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName);
-		return NO_SUCH_TOKEN_ERR;
-	}
-
-	PK11_SetPasswordFunc(SECU_GetModulePassword);
-
-	/* Get old password */
-	if(! PK11_NeedUserInit(slot)) {
-		if(pwFile) {
-			oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile);
-			if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
-				PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]);
-				ret=BAD_PW_ERR;
-				goto loser;
-			}
-		} else {
-			for(matching=PR_FALSE; !matching; ) {
-				oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
-				if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
-					matching = PR_TRUE;
-				} else {
-					PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]);
-				}
-			}
-		}
-	}
-
-	/* Get new password */
-	if(newpwFile) {
-		newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile);
-	} else {
-		for(matching=PR_FALSE; !matching; ) {
-			newpw = SECU_GetPasswordString(NULL, "Enter new password: ");
-			newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: ");
-			if(strcmp(newpw, newpw2)) {
-				PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]);
-			} else {
-				matching = PR_TRUE;
-			}
-		}
-	}
-
-	/* Change the password */
-	if(PK11_NeedUserInit(slot)) {
-		if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) {
-			PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
-			ret = CHANGEPW_FAILED_ERR;
-			goto loser;
-		}
-	} else {
-		if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
-			PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
-			ret = CHANGEPW_FAILED_ERR;
-			goto loser;
-		}
-	}
-
-	PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName);
-	ret = SUCCESS;
-
-loser:
-	if(oldpw) {
-		memset(oldpw, 0, strlen(oldpw));
-		PORT_Free(oldpw);
-	}
-	if(newpw) {
-		memset(newpw, 0, strlen(newpw));
-		PORT_Free(newpw);
-	}
-	if(newpw2) {
-		memset(newpw2, 0, strlen(newpw));
-		PORT_Free(newpw2);
-	}
-	return ret;
-}
-
-/***********************************************************************
- *
- * E n a b l e M o d u l e
- *
- * If enable==PR_TRUE, enables the module or slot.
- * If enable==PR_FALSE, disables the module or slot.
- * moduleName is the name of the module.
- * slotName is the name of the slot.  It is optional.
- */
-Error
-EnableModule(char *moduleName, char *slotName, PRBool enable)
-{
-	int i;
-	SECMODModule *module;
-	PK11SlotInfo *slot = NULL;
-	PRBool found = PR_FALSE;
-
-	module = SECMOD_FindModule(moduleName);
-	if(!module) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
-		return NO_SUCH_MODULE_ERR;
-	}
-
-	for(i=0; i < module->slotCount; i++) {
-		slot = module->slots[i];
-		if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) {
-				/* Not the right slot */
-				continue;
-		}
-		if(enable) {
-			if(! PK11_UserEnableSlot(slot)) {
-				PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
-					"enable", PK11_GetSlotName(slot));
-				return ENABLE_FAILED_ERR;
-			} else {
-				found = PR_TRUE;
-				PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
-					PK11_GetSlotName(slot), "enabled");
-			}
-		} else {
-			if(! PK11_UserDisableSlot(slot)) {
-				PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
-					"disable", PK11_GetSlotName(slot));
-				return ENABLE_FAILED_ERR;
-			} else {
-				found = PR_TRUE;
-				PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
-					PK11_GetSlotName(slot), "disabled");
-			}
-		}
-	}
-
-	if(slotName && !found) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
-		return NO_SUCH_SLOT_ERR;
-	}
-
-	/* Delete and re-add module to save changes */
-	if( SECMOD_UpdateModule(module) != SECSuccess ) {
-		PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName);
-		return UPDATE_MOD_FAILED_ERR;
-	}
-
-	return SUCCESS;
-}
-
-/*************************************************************************
- *
- * S e t D e f a u l t M o d u l e
- *
- */
-Error
-SetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
-	SECMODModule *module;
-	PK11SlotInfo *slot;
-	int s, i;
-	unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
-		numMechanismStrings);
-	PRBool found = PR_FALSE;
-	Error errcode = UNSPECIFIED_ERR;
-
-	mechFlags =  SECMOD_PubMechFlagstoInternal(mechFlags);
-
-	module = SECMOD_FindModule(moduleName);
-	if(!module) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
-		errcode = NO_SUCH_MODULE_ERR;
-		goto loser;
-	}
-
-	/* Go through each slot */
-	for(s=0; s < module->slotCount; s++) {
-		slot = module->slots[s];
-
-		if ((slotName != NULL) &&
-			!((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
-			(strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
-		    /* we are only interested in changing the one slot */
-		    continue;
-		}
-
-		found = PR_TRUE;
-
-		/* Go through each mechanism */
-		for(i=0; i < num_pk11_default_mechanisms; i++) {
-			if(PK11_DefaultArray[i].flag & mechFlags) {
-				/* Enable this default mechanism */
-				PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]),
-					PR_TRUE);
-			}
-		}
-	}
-	if (slotName && !found) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
-		errcode = NO_SUCH_SLOT_ERR;
-		goto loser;
-	}
-
-	/* Delete and re-add module to save changes */
-	if( SECMOD_UpdateModule(module) != SECSuccess ) {
-		PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR],
-		  moduleName);
-		errcode = DEFAULT_FAILED_ERR;
-		goto loser;
-	}
-
-	PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
-
-	errcode = SUCCESS;
-loser:
-	return errcode;
-}
-
-/************************************************************************
- *
- * U n s e t D e f a u l t M o d u l e
- */
-Error
-UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
-	SECMODModule * module;
-	PK11SlotInfo *slot;
-	int s, i;
-	unsigned long mechFlags = getFlagsFromString(mechanisms,
-		mechanismStrings, numMechanismStrings);
-	PRBool found = PR_FALSE;
-
-	mechFlags =  SECMOD_PubMechFlagstoInternal(mechFlags);
-
-	module = SECMOD_FindModule(moduleName);
-	if(!module) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
-		return NO_SUCH_MODULE_ERR;
-	}
-
-	for(s=0; s < module->slotCount; s++) {
-		slot = module->slots[s];
-		if ((slotName != NULL) &&
-			!((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
-			(strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
-		    /* we are only interested in changing the one slot */
-		    continue;
-		}
-		for(i=0; i <num_pk11_default_mechanisms; i++) {
-			if(PK11_DefaultArray[i].flag & mechFlags) {
-				PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]),
-					PR_FALSE);
-			}
-		}
-	}
-	if (slotName && !found) {
-		PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
-		return NO_SUCH_SLOT_ERR;
-	}
-
-	/* Delete and re-add module to save changes */
-	if( SECMOD_UpdateModule(module) != SECSuccess ) {
-		PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR],
-		  moduleName);
-		return UNDEFAULT_FAILED_ERR;
-	}
-
-	PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
-	return SUCCESS;
-}
diff --git a/security/nss/cmd/modutil/pk11jar.html b/security/nss/cmd/modutil/pk11jar.html
deleted file mode 100644
index 9440db014..000000000
--- a/security/nss/cmd/modutil/pk11jar.html
+++ /dev/null
@@ -1,309 +0,0 @@
-<html>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<head>
-<title>PKCS #11 JAR Format</title>
-</head>
-<body bgcolor=white text=black link=blue vlink=purple alink=red>
-<center><h1>PKCS #11 JAR Format</h1></center>
-
-<p>PKCS #11 modules can be packaged into JAR files that support automatic
-installation onto the filesystem and into the security module database.
-The JAR file should contain:
-<ul>
-<li>All files that will be installed onto the target machine.  This will
-include at least the PKCS #11 module library file (.DLL or .so), and
-may also include any other file that should be installed (such as
-documentation).
-<li>A script to perform the installation.
-</ul>
-The script can be in one of two forms. If the JAR file is to be
-run by Communicator (or any program that interprets Javascript), the
-instructions will be in the form of a SmartUpdate script.
-<a href="http://devedge/library/documentation/security/jmpkcs/">Documentation
-</a> on creating this script can be found on DevEdge.
-
-<p>If the
-JAR file is to be run by a server, modutil, or any other program that
-doesn't interpret Javascript, a special information file must be included
-in the format described in this document.
-
-<h2>Declaring the Script in the Manifest File</h2>
-The script can have any name, but it must be declared in the manifest file
-of the JAR archive.  The metainfo tag for this is
-<code>Pkcs11_install_script</code>.  Meta-information is put in the manifest
-file by putting it in a file which is passed to
-<a href="http://developer.netscape.com/software/index_frame.html?content=signedobj/jarpack.html#signtool1.3">Signtool</a>.  For example,
-suppose the PKCS #11 installer script is in the file <code>pk11install</code>.
-In Signtool's metainfo file, you would have a line like this:
-<blockquote><pre>
-+ Pkcs11_install_script: pk11install
-</pre></blockquote>
-
-<h2>Sample Script File</h2>
-<blockquote><pre>
-ForwardCompatible { IRIX:6.2:mips Solaris:5.5.1:sparc }
-Platforms {
-	WINNT::x86 {
-		ModuleName { "Fortezza Module" }
-		ModuleFile { win32/fort32.dll }
-		DefaultMechanismFlags{0x0001}
-		DefaultCipherFlags{0x0001}
-		Files {
-			win32/setup.exe {
-				Executable
-				RelativePath { %temp%/setup.exe }
-			}
-			win32/setup.hlp {
-				RelativePath { %temp%/setup.hlp }
-			}
-			win32/setup.cab {
-				RelativePath { %temp%/setup.cab }
-			}
-		}
-	}
-	WIN95::x86 {
-		EquivalentPlatform {WINNT::x86}
-	}
-	Solaris:5.5.1:sparc {
-		ModuleName { "Fortezza UNIX Module" }
-		ModuleFile { unix/fort.so }
-		DefaultMechanismFlags{0x0001}
-		CipherEnableFlags{0x0001}
-		Files {
-			unix/fort.so {
-				RelativePath{%root%/lib/fort.so}
-				AbsolutePath{/usr/local/netscape/lib/fort.so}
-				FilePermissions{555}
-			}
-			xplat/instr.html {
-				RelativePath{%root%/docs/inst.html}
-				AbsolutePath{/usr/local/netscape/docs/inst.html}
-				FilePermissions{555}
-			}
-		}
-	}
-	IRIX:6.2:mips {
-		EquivalentPlatform { Solaris:5.5.1:sparc }
-	}
-}
-</pre></blockquote>
-
-<hr>
-
-<h2>Script File Grammar</h2>
-<blockquote><pre>
---> <i>valuelist</i>
-
-<i>valuelist</i> --> <i>value</i> <i>valuelist</i>
-<i>         </i>     <i>&lt;null&gt;</i>
-
-<i>value</i> --> <i>key_value_pair</i>
-<i>     </i>     <i>string</i>
-
-<i>key_value_pair</i> --> <i>key</i> { <i>valuelist</i> }
-
-<i>key</i> --> <i>string</i>
-
-<i>string</i> --> <i>simple_string</i>
-<i>      </i>     "<i>complex_string</i>"
-
-<i>simple_string</i> --> [^ \t\n\""{""}"]+ <font size=-1><i>(no whitespace, quotes, or braces)</i></font>
-
-<i>complex_string</i> --> ([^\"\\\r\n]|(\\\")|(\\\\))+ <font size=-1><i>(quotes and backslashes must be escaped with a backslash, no newlines or carriage returns are allowed in the string)</i></font>
-</pre></blockquote>
-Outside of complex strings, all whitespace (space, tab, newline) is considered
-equal and is used only to delimit tokens. 
-
-<hr>
-
-<h2>Keys</h2>
-Keys are case-insensitive.
-<h3>Global Keys</h3>
-<dl>
-<dt><code>ForwardCompatible</code>
-<dd>Gives a list of platforms that are forward compatible.  If the current
-platform cannot be found in the list of supported platforms, then the
-ForwardCompatible list will be checked for any platforms that have the same
-OS and architecture and an earlier version. If one is found, its
-attributes will be used for the current platform.
-<dt><code>Platforms</code> (<i>required</i>)
-<dd>Gives a list of platforms.  Each entry in the list is itself a key-value
-pair:
-the key is the name of the platform, and the valuelist contains various
-attributes of the platform. The ModuleName, ModuleFile, and Files attributes
-must be specified, unless an EquivalentPlatform attribute is specified. 
-The platform string is in the following
-format: <u><i>system name</i></u>:<u><i>os release</i></u>:<u><i>architecture</i></u>. The installer
-will obtain these values from NSPR. <u><i>os release</i></u> is an empty
-string on non-UNIX operating systems.  The following system names and platforms
-are currently defined by NSPR:<code>
-<ul>
-<li>AIX (rs6000)
-<li>BSDI (x86)
-<li>FREEBSD (x86)
-<li>HPUX (hppa1.1)
-<li>IRIX (mips)
-<li>LINUX (ppc, alpha, x86)
-<li>MacOS (PowerPC) </code>(<i>Note: NSPR actually defines the OS as
-"</i><code>Mac OS</code><i>".  The
-space makes the name unsuitable for being embedded in identifiers.  Until
-NSPR changes, you will have to add some special code to deal with this case.
-</i>)<code>
-<li>NCR (x86)
-<li>NEC (mips)
-<li>OS2 (x86)
-<li>OSF (alpha)
-<li>ReliantUNIX (mips)
-<li>SCO (x86)
-<li>SOLARIS (sparc)
-<li>SONY (mips)
-<li>SUNOS (sparc)
-<li>UnixWare (x86)
-<li>WIN16 (x86)
-<li>WIN95 (x86)
-<li>WINNT (x86)
-</ul>
-</code>
-Examples of valid platform strings: <code>IRIX:6.2:mips, Solaris:5.5.1:sparc,
-Linux:2.0.32:x86, WIN95::x86</code>.
-</dl>
-
-<h3>Per-Platform Keys</h3>
-These keys only have meaning within the value list of an entry in 
-the <code>Platforms</code> list.
-<dl>
-<dt><code>ModuleName</code> (<i>required</i>)
-<dd>Gives the common name for the module. This name will be used to 
-reference the module from Communicator, modutil, servers, or any other
-program that uses the Netscape security module database.
-<dt><code>ModuleFile</code> (<i>required</i>)
-<dd>Names the PKCS #11 module file (DLL or .so) for this platform.  The name
-is given as the relative path of the file within the JAR archive.
-<dt><code>Files</code> (<i>required</i>)
-<dd>Lists the files that should be installed for this module.  Each entry
-in the file list is a key-value pair: the key is the path of the file in
-the JAR archive, and 
-the valuelist contains attributes of the file.  At least RelativePath and
-AbsoluteDir must be specified in this valuelist.
-<dt><code>DefaultMechanismFlags</code>
-<dd>This key-value pair specifies
-of which mechanisms this module will be a default provider. It is a bitstring
-specified in hexadecimal (0x) format.  It is constructed as a bitwise OR
-of the following constants. If the <code>DefaultMechanismFlags</code>
-entry is omitted, the value will default to 0x0.
-<blockquote><pre>
-RSA:			0x0000 0001
-DSA:			0x0000 0002
-RC2:			0x0000 0004
-RC4:			0x0000 0008
-DES:			0x0000 0010
-DH:			0x0000 0020
-FORTEZZA:		0x0000 0040
-RC5:			0x0000 0080
-SHA1:			0x0000 0100
-MD5:			0x0000 0200
-MD2:			0x0000 0400
-RANDOM:			0x0800 0000
-FRIENDLY:		0x1000 0000
-OWN_PW_DEFAULTS:	0x2000 0000
-DISABLE:		0x4000 0000
-</pre></blockquote>
-<dt><code>CipherEnableFlags</code>
-<dd>This key-value pair specifies
-which SSL ciphers will be enabled.  It is a bitstring specified in
-hexadecimal (0x) format.  It is constructed as a bitwise OR of the following
-constants.  If the <code>CipherEnableFlags</code> entry is omitted, the
-value will default to 0x0.
-<blockquote><pre>
-FORTEZZA:		0x0000 0001
-</pre></blockquote>
-<dt><code>EquivalentPlatform</code>
-<dd>Specifies that the attributes of the named platform should also be used
-for the current platform. Saves typing when there is more than one platform
-that uses the same settings.
-</dl>
-
-<h3>Per-File Keys</h3>
-These keys only have meaning within the valuelist of an entry in a
-<code>Files</code> list. At least one of <code>RelativePath</code> and
-<code>AbsolutePath</code> must be specified.  If both are specified, the
-relative path will be tried first and the absolute path used only if no
-relative root directory is provided by the installer program.
-<dl>
-<dt><code>RelativePath</code>
-<dd>Specifies the destination directory of the file, relative to some directory
-decided at install-time.  Two variables can be used in the relative
-path, "%root%" and "%temp%".  "%root%" will be replaced at run-time with
-the directory relative to which files should be installed; for
-example, it may be the server's root directory or Communicator's root
-directory. "%temp%" is a directory that will be created at the beginning
-of the installation and destroyed at the end of the installation. Its purpose
-is to hold executable files (such as setup programs), or files that are
-used by these programs.  For example, a Windows installation might consist
-of a <code>setup.exe</code> installation program, a help file, and a .cab file
-containing compressed information. All these files could be installed into the
-temporary directory. Files destined for the temporary directory are guaranteed
-to be in place before any executable file is run, and will not be deleted
-until all executable files have finished.
-<dt><code>AbsoluteDir</code>
-<dd>Specifies the destination directory of the file as an absolute path.
-This will only be used if the installer is unable to determine a
-relative directory.
-<dt><code>Executable</code>
-<dd>This string specifies that the file is to be executed during the
-course of the
-installation.  Typically this would be used for a setup program provided
-by a module vendor, such as a self-extracting <code>setup.exe</code>.
-More than one file can be specified as executable, in which case they will
-be run in the order they are specified in the script file. 
-<dt><code>FilePermissions</code>
-<dd>This string is interpreted as a string of octal digits, according to the
-standard UNIX format. It is a bitwise OR of the following constants:
-<blockquote><pre>
-user read:         400
-user write:        200
-user execute:      100
-group read:        040
-group write:       020
-group execute:     010
-other read:        004
-other write:       002
-other execute:     001
-</pre></blockquote>
-Some platforms may not understand these permissions.  They will only be
-applied insofar as makes sense for the current platform. If this attribute
-is omitted, a default of 777 is assumed.
-
-</body>
-</html>
diff --git a/security/nss/cmd/modutil/rules.mk b/security/nss/cmd/modutil/rules.mk
deleted file mode 100644
index b34662513..000000000
--- a/security/nss/cmd/modutil/rules.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Some versions of yacc generate files that include platform-specific
-# system headers.  For example, the yacc in Solaris 2.6 inserts
-#     #include <values.h>
-# which does not exist on NT.  For portability, always use Berkeley
-# yacc (such as the yacc in Linux) to generate files.
-#
-
-generate: installparse.c installparse.l
-
-installparse.c:
-	yacc -p Pk11Install_yy -d installparse.y
-	mv y.tab.c installparse.c
-	mv y.tab.h installparse.h
-
-installparse.l:
-	lex -olex.Pk11Install_yy.c -PPk11Install_yy installparse.l
-	@echo
-	@echo "**YOU MUST COMMENT OUT UNISTD.H FROM lex.Pk11Install_yy.cpp**"
-
-install.c: install-ds.h install.h
diff --git a/security/nss/cmd/modutil/specification.html b/security/nss/cmd/modutil/specification.html
deleted file mode 100644
index 48a1ab7cd..000000000
--- a/security/nss/cmd/modutil/specification.html
+++ /dev/null
@@ -1,351 +0,0 @@
-<html>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<head>
-<title>Modutil Specification</title>
-</head>
-<body bgcolor=white fgcolor=black>
-<center><h1>PKCS #11 Module Management Utility
-<br><i>Specification</i></h1></center>
-
-<!---------------------------------------------------------------------->
-<!-------------------------- capabilities ------------------------------>
-<!---------------------------------------------------------------------->
-<h2>Capabilities</h2>
-<ul>
-<li>Add a PKCS #11 module, specifying a name and library file.
-(<a href="#add">-add</a>)
-<li>Add a PKCS #11 module from a server-formatted JAR file.
-(<a href="#jar">-jar</a>)
-<li>Change the password on or initialize a token.
-(<a href="#changepw">-changepw</a>)
-<li>Create databases (secmod[ule].db, key3.db, cert7.db) from scratch.
-(<a href="#create">-create</a>)
-<li>Switch to and from FIPS-140-1 compliant mode.
-(<a href="#fips">-fips</a>)
-<li>Delete a PKCS #11 module. (<a href="#delete">-delete</a>)
-<li>List installed PKCS #11 modules. (<a href="#list">-list</a>)
-<li>List detailed info on a particular module and its tokens, including 
-whether needs login, is hardware, needs user init
-(<a href="#list">-list</a>)
-<li>Specify which modules should be the default provider of various
-cryptographic operations.(<a href="#default">-default</a>,
-<a href="#undefault">-undefault</a>)
-<li>Disable and enable slots, find out whether and why they are disabled.
-(<a href="#disable">-disable</a>, <a href="#enable">-enable</a>,
-<a href="#list">-list</a>)
-</ul>
-
-<hr>
-
-<!---------------------------------------------------------------------->
-<!-------------------------- Usage ------------------------------------->
-<!---------------------------------------------------------------------->
-<h2>Usage</h2>
-<code>modutil [<i>command</i>] [<i>options</i>]</code>
-<p>At most one command can be specified. With no arguments,
-<code>modutil</code> prints a usage message.
-<h3>Commands:</h3>
-<table border>
-<tr bgcolor="#cccccc">
-<th>Command</th><th>Description</th>
-</tr>
-
-<!---------------------------- -add ------------------------------>
-<tr>
-<td> <a name="add"></a>
-<code>-add <u><i>module name</i></u> -libfile <u><i>library file</i></u>
- [-ciphers <u><i>cipher enable list</i></u>]
- [-mechanisms <u><i>default mechanism list</i></u>]
-</code></td>
-<td>Adds a new module to the database with the given name.
-
-<p><u><i>library file</i></u> is the path of the DLL or other library file
-containing the module's implementation of the PKCS #11 interface.
-
-<p><u><i>cipher enable flags</i></u> is a colon-separated list of ciphers
-that will be enabled on this module. The list should be enclosed within quotes
-if necessary to prevent shell interpretation. The following ciphers are
-currently available:
-<ul>
-<li>FORTEZZA
-</ul>
-
-<p><u><i>default mechanism flags</i></u> is a colon-separated list of
-mechanisms for which this module should be the default provider. The
-list should be enclosed within quotes if necessary to prevent shell
-interpretation. <b>This
-list does not enable the mechanisms; it only specifies that this module
-will be a default provider for the listed mechanisms.</b> If more than
-one module claims to be a default provider for a given mechanism, it is
-undefined which will actually be chosen to provide that mechanism. The 
-following mechanisms are currently available:
-<ul>
-<li>RSA
-<li>DSA
-<li>RC2
-<li>RC4
-<li>RC5
-<li>DES
-<li>DH
-<li>FORTEZZA
-<li>SHA1
-<li>MD5
-<li>MD2
-<li>RANDOM <i>(random number generation)</i>
-<li>FRIENDLY <i>(certificates are publicly-readable)</i>
-</ul>
-</td>
-</tr>
-
-<!-------------------------- -changepw ------------------------------------->
-<tr>
-<td><a name="changepw"></a><code>-changepw <u><i>token name</i></u>
-[-pwfile <u><i>old password file</i></u>]
-[-newpwfile <u><i>new password file</i></u>]</code></td>
-<td>Changes the password on the named token.  If the token has not been
-initialized, this command will initialize the PIN.
-If a password file is given, the password will be read from that file;
-otherwise, the password will be obtained interactively.
-<b>Storing passwords in a file is much less secure than supplying them
-interactively.</b>
-<p>The password on the Netscape internal module cannot be changed if
-the <code>-nocertdb</code> option is specified.
-</td>
-</tr>
-
-<!-------------------------- -create ------------------------------------->
-<tr>
-<td><a name="create"></a><code>-create</code></td>
-<td>Creates a new secmod[ule].db, key3.db, and cert7.db in the directory
-specified with the
-<code>-dbdir</code> option, if one is specified.  If no directory is
-specified, UNIX systems will use the user's .netscape directory, while other
-systems will return with an error message.  If any of these databases already
-exist in the chosen directory, an error message is returned.
-<p>If used with <code>-nocertdb</code>, only secmod[ule].db will be created;
-cert7.db and key3.db will not be created.
-</td>
-</tr>
-
-<!------------------------------ -default -------------------------------->
-<tr>
-<td> <a name="default"></a> <code>-default <u><i>module name</i></u>
--mechanisms <u><i>mechanism list</i></u></code>
-</td>
-<td>Specifies that the given module will be a default provider of the
-listed mechanisms.  The mechanism list is the same as in the <code>-add</code>
-command.
-</td>
-</tr>
-
-<!-------------------------- -delete ------------------------------------->
-<tr>
-<td><a name="delete"></a><code>-delete <u><i>module name</i></u></code></td>
-<td>Deletes the named module from the database</td>
-</tr>
-
-<!-------------------------- -disable ------------------------------------->
-<tr>
-<td> <a name="disable"></a> <code>-disable <u><i>module name</i></u>
-[-slot <u><i>slot name</i></u>]</code></td>
-<td>Disables the named slot. If no slot is specified, all slots on
-the module are disabled.</td>
-</tr>
-
-<!-------------------------- -enable ------------------------------------->
-<tr>
-<td> <a name="enable"></a> <code>-enable <u><i>module name</i></u>
-[-slot <u><i>slot name</i></u>]</code></td>
-<td>Enables the named slot. If no slot is specified, all slots on
-the module are enabled.</td>
-</tr>
-
-<!-------------------------- -fips ------------------------------------->
-<tr>
-<td><a name="fips"></a><code>-fips [true | false]</code></td>
-<td>Enables or disables FIPS mode on the internal module.  Passing
-<code>true</code> enables FIPS mode, passing <code>false</code> disables
-FIPS mode.</td>
-</tr>
-
-<!-------------------------- -force ------------------------------------->
-<tr>
-<td><a name="force"></a><code>-force</code></td>
-<td>Disables interactive prompts, so modutil can be run in a script. 
-Should only be used by experts, since the prompts may relate to security
-or database integrity. Before using this option, test the command
-interactively once to see the warnings that are produced.</td>
-</tr>
-
-<!-------------------------- -jar ------------------------------------->
-<tr>
-<td><a name="jar"></a><code>-jar <u><i>JAR file</i></u>
--installdir <u><i>root installation directory</i></u>
-[-tempdir <u><i>temporary directory</i></u>]</code></td>
-<td>Adds a new module from the given JAR file. The JAR file uses the 
-server <a href="pk11jar.html">PKCS #11 JAR format</a> to describe the names of
-any files that need to be installed, the name of the module, mechanism flags,
-and cipher flags.  The <u><i>root installation directory</i></u>
-is the directory relative to which files will be installed. This should be a
- directory 
-under which it would be natural to store dynamic library files, such as
-a server's root directory, or Communicator's root directory.
-The <u><i>temporary directory</i></u> is where temporary modutil files
-will be created in the course of the installation.  If no temporary directory
-is specified, the current directory will be used.
-<p>If used with the <code>-nocertdb</code> option, the signatures on the JAR
-file will not be checked.</td>
-</tr>
-
-<!----------------------------- -list ------------------------------>
-<tr>
-<td><a name="list"></a><code>-list [<u><i>module name</i></u>]</code></td>
-<td>Without an argument, lists the PKCS #11 modules present in the module
-database.
-<blockquote>
-<pre>
-% <b>modutil -list</b>
-Using database directory /u/nicolson/.netscape...
-
-Listing of PKCS #11 Modules
------------------------------------------------------------
-  1. Netscape Internal PKCS #11 Module
-         slots: 2 slots attached
-        status: loaded
-
-         slot: Communicator Internal Cryptographic Services Version 4.0
-        token: Communicator Generic Crypto Svcs
-
-         slot: Communicator User Private Key and Certificate Services
-        token: Communicator Certificate DB
------------------------------------------------------------
-</pre>
-</blockquote>
-<p>With an argument, provides a detailed description of the named module
-and its slots and tokens.
-<blockquote>
-<pre>
-% <b>modutil -list "Netscape Internal PKCS #11 Module"</b>
-Using database directory /u/nicolson/.netscape...
-
------------------------------------------------------------
-Name: Netscape Internal PKCS #11 Module
-Library file: **Internal ONLY module**
-Manufacturer: Netscape Communications Corp    
-Description: Communicator Internal Crypto Svc
-PKCS #11 Version 2.0
-Library Version: 4.0
-Cipher Enable Flags: None
-Default Mechanism Flags: RSA:DSA:RC2:RC4:DES:SHA1:MD5:MD2
-
-  Slot: Communicator Internal Cryptographic Services Version 4.0
-  Manufacturer: Netscape Communications Corp    
-  Type: Software
-  Version Number: 4.1
-  Firmware Version: 0.0
-  Status: Enabled
-  Token Name: Communicator Generic Crypto Svcs
-  Token Manufacturer: Netscape Communications Corp    
-  Token Model: Libsec 4.0      
-  Token Serial Number: 0000000000000000
-  Token Version: 4.0
-  Token Firmware Version: 0.0
-  Access: Write Protected
-  Login Type: Public (no login required)
-  User Pin: NOT Initialized
-
-  Slot: Communicator User Private Key and Certificate Services
-  Manufacturer: Netscape Communications Corp    
-  Type: Software
-  Version Number: 3.0
-  Firmware Version: 0.0
-  Status: Enabled
-  Token Name: Communicator Certificate DB     
-  Token Manufacturer: Netscape Communications Corp    
-  Token Model: Libsec 4.0      
-  Token Serial Number: 0000000000000000
-  Token Version: 7.0
-  Token Firmware Version: 0.0
-  Access: NOT Write Protected
-  Login Type: Login required
-  User Pin: Initialized
-
------------------------------------------------------------
-</pre>
-</blockquote>
-</td>
-</tr>
-
-<!------------------------------ Undefault ------------------------------->
-<tr>
-<td><a name="undefault"></a><code>-undefault <u><i>module name</i></u>
--mechanisms <u><i>mechanism list</i></u></code></td>
-<td>Specifies that the given module will NOT be a default provider of 
-the listed mechanisms. This command clears the default mechanism flags
-for the given module.</td>
-</tr>
-
-</table>
-
-<!------------------------------------------------------------------------>
-<!------------------------------ Options --------------------------------->
-<!------------------------------------------------------------------------>
-<h3>Options:</h3>
-<table border>
-<tr bgcolor="#cccccc"><th>Option</th><th>Description</th> </tr>
-
-<!------------------------------ -dbdir ---------------------------------->
-<tr>
-<td><code>-dbdir <u><i>directory</i></u></code></td>
-<td>Specifies which directory holds the module database. On UNIX systems,
-the user's netscape directory is the default. On other systems, there is
-no default, and this option must be used.</td>
-</tr>
-
-<!------------------------------ -dbdir ---------------------------------->
-<tr>
-<td><code>-nocertdb</code></td>
-<td>Do not open the certificate or key databases.  This has several effects.
-With the <code>-create</code> command, this means that only a secmod.db file
-will be created; cert7.db and key3.db will not be created.  With the
-<code>-jar</code> command, signatures on the JAR file will not be checked.
-With the <code>-changepw</code> command, the password on the Netscape internal 
-module cannot be set or changed, since this password is stored in key3.db.
-</td>
-</tr>
-
-</table>
-
-</body>
-</html>
diff --git a/security/nss/cmd/ocspclnt/Makefile b/security/nss/cmd/ocspclnt/Makefile
deleted file mode 100644
index 490f738e5..000000000
--- a/security/nss/cmd/ocspclnt/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/ocspclnt/manifest.mn b/security/nss/cmd/ocspclnt/manifest.mn
deleted file mode 100644
index 225bc7c4a..000000000
--- a/security/nss/cmd/ocspclnt/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
-	ocspclnt.c \
-	$(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses     OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but 
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = ocspclnt
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c
deleted file mode 100644
index a5a1448c6..000000000
--- a/security/nss/cmd/ocspclnt/ocspclnt.c
+++ /dev/null
@@ -1,1219 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for client-side OCSP.
- *
- * $Id$
- */
-
-#include "secutil.h"
-#include "nspr.h"
-#include "plgetopt.h"
-#include "nss.h"
-#include "cert.h"
-#include "ocsp.h"
-#include "xconst.h"	/*
-			 * XXX internal header file; needed to get at
-			 * cert_DecodeAuthInfoAccessExtension -- would be
-			 * nice to not need this, but that would require
-			 * better/different APIs.
-			 */
-
-#ifndef NO_PP		/*
-			 * Compile with this every once in a while to be
-			 * sure that no dependencies on it get added
-			 * outside of the pretty-printing routines.
-			 */
-#include "ocspti.h"	/* internals for pretty-printing routines *only* */
-#endif	/* NO_PP */
-
-#define DEFAULT_DB_DIR	"~/.netscape"
-
-
-static void
-synopsis (char *program_name)
-{
-    PRFileDesc *pr_stderr;
-
-    pr_stderr = PR_STDERR;
-    PR_fprintf (pr_stderr, "Usage:");
-    PR_fprintf (pr_stderr,
-		"\t%s -p [-d <dir>]\n",
-		program_name);
-    PR_fprintf (pr_stderr,
-		"\t%s -P [-d <dir>]\n",
-		program_name);
-    PR_fprintf (pr_stderr,
-		"\t%s -r <name> [-L] [-s <name>] [-d <dir>]\n",
-		program_name);
-    PR_fprintf (pr_stderr,
-		"\t%s -R <name> [-l <location>] [-s <name>] [-d <dir>]\n",
-		program_name);
-    PR_fprintf (pr_stderr,
-		"\t%s -S <name> [-l <location> -t <name>]\n",
-		program_name);
-    PR_fprintf (pr_stderr,
-		"\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
-    PR_fprintf (pr_stderr,
-		"\t%s -V <name> -u <usage> [-l <location> -t <name>]\n",
-		program_name);
-    PR_fprintf (pr_stderr,
-		"\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
-}
-
-
-static void
-short_usage (char *program_name)
-{
-    PR_fprintf (PR_STDERR,
-		"Type %s -H for more detailed descriptions\n",
-		program_name);
-    synopsis (program_name);
-}
-
-
-static void
-long_usage (char *program_name)
-{
-    PRFileDesc *pr_stderr;
-
-    pr_stderr = PR_STDERR;
-    synopsis (program_name);
-    PR_fprintf (pr_stderr, "\nCommands (must specify exactly one):\n");
-    PR_fprintf (pr_stderr,
-		"  %-13s Pretty-print a binary request read from stdin\n",
-		"-p");
-    PR_fprintf (pr_stderr,
-		"  %-13s Pretty-print a binary response read from stdin\n",
-		"-P");
-    PR_fprintf (pr_stderr,
-		"  %-13s Create a request for cert \"nickname\" on stdout\n",
-		"-r nickname");
-    PR_fprintf (pr_stderr,
-		"  %-13s Get response for cert \"nickname\", dump to stdout\n",
-		"-R nickname");
-    PR_fprintf (pr_stderr,
-		"  %-13s Get status for cert \"nickname\"\n",
-		"-S nickname");
-    PR_fprintf (pr_stderr,
-		"  %-13s Fully verify cert \"nickname\", w/ status check\n",
-		"-V nickname");
-    PR_fprintf (pr_stderr, "Options:\n");
-    PR_fprintf (pr_stderr,
-		"  %-13s Add the service locator extension to the request\n",
-		"-L");
-    PR_fprintf (pr_stderr,
-		"  %-13s Find security databases in \"dbdir\" (default %s)\n",
-		"-d dbdir", DEFAULT_DB_DIR);
-    PR_fprintf (pr_stderr,
-		"  %-13s Use \"location\" as URL of responder\n",
-		"-l location");
-    PR_fprintf (pr_stderr,
-		"  %-13s Trust cert \"nickname\" as response signer\n",
-		"-t nickname");
-    PR_fprintf (pr_stderr,
-		"  %-13s Sign requests with cert \"nickname\"\n",
-		"-s nickname");
-    PR_fprintf (pr_stderr,
-		"  %-13s Type of certificate usage for verification:\n",
-		"-u usage");
-    PR_fprintf (pr_stderr,
-		"%-17s c   SSL Client\n", "");
-    PR_fprintf (pr_stderr,
-		"%-17s s   SSL Server\n", "");
-    PR_fprintf (pr_stderr,
-		"%-17s e   Email Recipient\n", "");
-    PR_fprintf (pr_stderr,
-		"%-17s E   Email Signer\n", "");
-    PR_fprintf (pr_stderr,
-		"%-17s S   Object Signer\n", "");
-    PR_fprintf (pr_stderr,
-		"%-17s C   CA\n", "");
-    PR_fprintf (pr_stderr,
-		"  %-13s Validity time (default current time), one of:\n",
-		"-w time");
-    PR_fprintf (pr_stderr,
-		"%-17s %-25s (GMT)\n", "", "YYMMDDhhmm[ss]Z");
-    PR_fprintf (pr_stderr,
-		"%-17s %-25s (later than GMT)\n", "", "YYMMDDhhmm[ss]+hhmm");
-    PR_fprintf (pr_stderr,
-		"%-17s %-25s (earlier than GMT)\n", "", "YYMMDDhhmm[ss]-hhmm");
-}
-
-
-/*
- * XXX This is a generic function that would probably make a good
- * replacement for SECU_DER_Read (which is not at all specific to DER,
- * despite its name), but that requires fixing all of the tools...
- * Still, it should be done, whenenver I/somebody has the time.
- * (Also, consider whether this actually belongs in the security
- * library itself, not just in the command library.)
- *
- * This function takes an open file (a PRFileDesc *) and reads the
- * entire file into a SECItem.  (Obviously, the file is intended to
- * be small enough that such a thing is advisable.)  Both the SECItem
- * and the buffer it points to are allocated from the heap; the caller
- * is expected to free them.  ("SECITEM_FreeItem(item, PR_TRUE)")
- */
-static SECItem *
-read_file_into_item (PRFileDesc *in_file, SECItemType si_type)
-{
-    PRStatus	 prv;
-    SECItem 	*item;
-    PRFileInfo	 file_info;
-    PRInt32	 bytes_read;
-
-    prv = PR_GetOpenFileInfo (in_file, &file_info);
-    if (prv != PR_SUCCESS)
-	return NULL;
-
-    if (file_info.size ==  0) {
-	/* XXX Need a better error; just grabbed this one for expediency. */
-	PORT_SetError (SEC_ERROR_INPUT_LEN);
-	return NULL;
-    }
-
-    if (file_info.size > 0xffff) {	/* I think this is too big. */
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    item = PORT_Alloc (sizeof (SECItem));
-    if (item == NULL)
-	return NULL;
-
-    item->type = si_type;
-    item->len = (unsigned int) file_info.size;
-    item->data = PORT_Alloc ((size_t)item->len);
-    if (item->data == NULL)
-	goto loser;
-
-    bytes_read = PR_Read (in_file, item->data, (PRInt32) item->len);
-    if (bytes_read < 0) {
-	/* Something went wrong; error is already set for us. */
-	goto loser;
-    } else if (bytes_read == 0) {
-	/* Something went wrong; we read nothing.  But no system/nspr error. */
-	/* XXX Need to set an error here. */
-	goto loser;
-    } else if (item->len != (unsigned int)bytes_read) {
-	/* Something went wrong; we read less (or more!?) than we expected. */
-	/* XXX Need to set an error here. */
-	goto loser;
-    }
-
-    return item;
-
-loser:
-    SECITEM_FreeItem (item, PR_TRUE);
-    return NULL;
-}
-
-
-/*
- * Create a DER-encoded OCSP request (for the certificate whose nickname
- * is "name") and dump it out.
- */
-static SECStatus
-create_request (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
-		PRBool add_service_locator, PRBool add_acceptable_responses)
-{
-    CERTCertificate *cert = NULL;
-    CERTCertList *certs = NULL;
-    CERTOCSPRequest *request = NULL;
-    int64 now = PR_Now();
-    SECItem *encoding = NULL;
-    SECStatus rv = SECFailure;
-
-    if (handle == NULL || cert_name == NULL)
-	goto loser;
-
-    cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
-    if (cert == NULL)
-	goto loser;
-
-    /*
-     * We need to create a list of one.
-     */
-    certs = CERT_NewCertList();
-    if (certs == NULL)
-	goto loser;
-
-    if (CERT_AddCertToListTail (certs, cert) != SECSuccess)
-	goto loser;
-
-    /*
-     * Now that cert is included in the list, we need to be careful
-     * that we do not try to destroy it twice.  This will prevent that.
-     */
-    cert = NULL;
-
-    request = CERT_CreateOCSPRequest (certs, now, add_service_locator, NULL);
-    if (request == NULL)
-	goto loser;
-
-    if (add_acceptable_responses) {
-	rv = CERT_AddOCSPAcceptableResponses(request,
-					     SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-	if (rv != SECSuccess)
-	    goto loser;
-    }
-
-    encoding = CERT_EncodeOCSPRequest (NULL, request, NULL);
-    if (encoding == NULL)
-	goto loser;
-
-    if (fwrite (encoding->data, encoding->len, 1, out_file) != 1)
-	goto loser;
-
-    rv = SECSuccess;
-
-loser:
-    if (encoding != NULL)
-	SECITEM_FreeItem(encoding, PR_TRUE);
-    if (request != NULL)
-	CERT_DestroyOCSPRequest(request);
-    if (certs != NULL)
-	CERT_DestroyCertList (certs);
-    if (cert != NULL)
-	CERT_DestroyCertificate (cert);
-
-    return rv;
-}
-
-
-/*
- * Create a DER-encoded OCSP request (for the certificate whose nickname is
- * "cert_name"), then get and dump a corresponding response.  The responder
- * location is either specified explicitly (as "responder_url") or found
- * via the AuthorityInfoAccess URL in the cert.
- */
-static SECStatus
-dump_response (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
-	       const char *responder_url)
-{
-    CERTCertificate *cert = NULL;
-    CERTCertList *certs = NULL;
-    char *loc = NULL;
-    int64 now = PR_Now();
-    SECItem *response = NULL;
-    SECStatus rv = SECFailure;
-    PRBool includeServiceLocator;
-
-    if (handle == NULL || cert_name == NULL)
-	goto loser;
-
-    cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
-    if (cert == NULL)
-	goto loser;
-
-    if (responder_url != NULL) {
-	loc = (char *) responder_url;
-	includeServiceLocator = PR_TRUE;
-    } else {
-	loc = CERT_GetOCSPAuthorityInfoAccessLocation (cert);
-	if (loc == NULL)
-	    goto loser;
-	includeServiceLocator = PR_FALSE;
-    }
-
-    /*
-     * We need to create a list of one.
-     */
-    certs = CERT_NewCertList();
-    if (certs == NULL)
-	goto loser;
-
-    if (CERT_AddCertToListTail (certs, cert) != SECSuccess)
-	goto loser;
-
-    /*
-     * Now that cert is included in the list, we need to be careful
-     * that we do not try to destroy it twice.  This will prevent that.
-     */
-    cert = NULL;
-
-    response = CERT_GetEncodedOCSPResponse (NULL, certs, loc, now,
-					    includeServiceLocator,
-					    NULL, NULL, NULL);
-    if (response == NULL)
-	goto loser;
-
-    if (fwrite (response->data, response->len, 1, out_file) != 1)
-	goto loser;
-
-    rv = SECSuccess;
-
-loser:
-    if (response != NULL)
-	SECITEM_FreeItem (response, PR_TRUE);
-    if (certs != NULL)
-	CERT_DestroyCertList (certs);
-    if (loc != NULL && loc != responder_url)
-	PORT_Free (loc);
-    if (cert != NULL)
-	CERT_DestroyCertificate (cert);
-
-    return rv;
-}
-
-
-/*
- * Get the status for the specified certificate (whose nickname is "cert_name").
- * Directly use the OCSP function rather than doing a full verification.
- */
-static SECStatus
-get_cert_status (FILE *out_file, CERTCertDBHandle *handle,
-		 const char *cert_name, int64 verify_time)
-{
-    CERTCertificate *cert = NULL;
-    SECStatus rv = SECFailure;
-
-    if (handle == NULL || cert_name == NULL)
-	goto loser;
-
-    cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
-    if (cert == NULL)
-	goto loser;
-
-    rv = CERT_CheckOCSPStatus (handle, cert, verify_time, NULL);
-
-    fprintf (out_file, "Check of certificate \"%s\" ", cert_name); 
-    if (rv == SECSuccess) {
-	fprintf (out_file, "succeeded.\n"); 
-    } else {
-	const char *error_string = SECU_Strerror(PORT_GetError());
-	fprintf (out_file, "failed.  Reason:\n");
-	if (error_string != NULL && PORT_Strlen(error_string) > 0)
-	    fprintf (out_file, "%s\n", error_string);
-	else
-	    fprintf (out_file, "Unknown\n");
-    }
-
-    rv = SECSuccess;
-
-loser:
-    if (cert != NULL)
-	CERT_DestroyCertificate (cert);
-
-    return rv;
-}
-
-
-/*
- * Verify the specified certificate (whose nickname is "cert_name").
- * OCSP is already turned on, so we just need to call the standard
- * certificate verification API and let it do all the work.
- */
-static SECStatus
-verify_cert (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
-	     SECCertUsage cert_usage, int64 verify_time)
-{
-    CERTCertificate *cert = NULL;
-    SECStatus rv = SECFailure;
-
-    if (handle == NULL || cert_name == NULL)
-	goto loser;
-
-    cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
-    if (cert == NULL)
-	goto loser;
-
-    rv = CERT_VerifyCert (handle, cert, PR_TRUE, cert_usage, verify_time,
-			  NULL, NULL);
-
-    fprintf (out_file, "Verification of certificate \"%s\" ", cert_name); 
-    if (rv == SECSuccess) {
-	fprintf (out_file, "succeeded.\n"); 
-    } else {
-	const char *error_string = SECU_Strerror(PORT_GetError());
-	fprintf (out_file, "failed.  Reason:\n");
-	if (error_string != NULL && PORT_Strlen(error_string) > 0)
-	    fprintf (out_file, "%s\n", error_string);
-	else
-	    fprintf (out_file, "Unknown\n");
-    }
-
-    rv = SECSuccess;
-
-loser:
-    if (cert != NULL)
-	CERT_DestroyCertificate (cert);
-
-    return rv;
-}
-
-
-#ifdef	NO_PP
-
-static SECStatus
-print_request (FILE *out_file, SECItem *data)
-{
-    fprintf (out_file, "Cannot pretty-print request compiled with NO_PP.\n");
-    return SECSuccess;
-}
-
-static SECStatus
-print_response (FILE *out_file, SECItem *data, CERTCertDBHandle *handle)
-{
-    fprintf (out_file, "Cannot pretty-print response compiled with NO_PP.\n");
-    return SECSuccess;
-}
-
-#else /* NO_PP */
-
-static void
-print_ocsp_version (FILE *out_file, SECItem *version, int level)
-{
-    if (version->len > 0) {
-	SECU_PrintInteger (out_file, version, "Version", level);
-    } else {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "Version: DEFAULT\n");
-    }
-}
-
-
-static void
-print_ocsp_cert_id (FILE *out_file, CERTOCSPCertID *cert_id, int level)
-{
-    SECU_Indent (out_file, level);
-    fprintf (out_file, "Cert ID:\n");
-    level++;
-
-    SECU_PrintAlgorithmID (out_file, &(cert_id->hashAlgorithm),
-			   "Hash Algorithm", level);
-    SECU_PrintAsHex (out_file, &(cert_id->issuerNameHash),
-		     "Issuer Name Hash", level);
-    SECU_PrintAsHex (out_file, &(cert_id->issuerKeyHash),
-		     "Issuer Key Hash", level);
-    SECU_PrintInteger (out_file, &(cert_id->serialNumber),
-		       "Serial Number", level);
-    /* XXX lookup the cert; if found, print something nice (nickname?) */
-}
-
-
-static void
-print_raw_certificates (FILE *out_file, SECItem **raw_certs, int level)
-{
-    SECItem *raw_cert;
-    int i = 0;
-    char cert_label[50];
-
-    SECU_Indent (out_file, level);
-
-    if (raw_certs == NULL) {
-	fprintf (out_file, "No Certificates.\n");
-	return;
-    }
-
-    fprintf (out_file, "Certificate List:\n");
-    while ((raw_cert = raw_certs[i++]) != NULL) {
-	sprintf (cert_label, "Certificate (%d)", i);
-	(void) SECU_PrintSignedData (out_file, raw_cert, cert_label, level + 1,
-				     SECU_PrintCertificate);
-    }
-}
-
-
-static void
-print_ocsp_extensions (FILE *out_file, CERTCertExtension **extensions,
-		       char *msg, int level)
-{
-    if (extensions) {
-	SECU_PrintExtensions (out_file, extensions, msg, level);
-    } else {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "No %s\n", msg);
-    }
-}
-
-
-static void
-print_single_request (FILE *out_file, ocspSingleRequest *single, int level)
-{
-    print_ocsp_cert_id (out_file, single->reqCert, level);
-    print_ocsp_extensions (out_file, single->singleRequestExtensions,
-			   "Single Request Extensions", level);
-}
-
-
-/*
- * Decode the DER/BER-encoded item "data" as an OCSP request
- * and pretty-print the subfields.
- */
-static SECStatus
-print_request (FILE *out_file, SECItem *data)
-{
-    CERTOCSPRequest *request;
-    ocspTBSRequest *tbsRequest;
-    int level = 0;
-
-    PORT_Assert (out_file != NULL);
-    PORT_Assert (data != NULL);
-    if (out_file == NULL || data == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    request = CERT_DecodeOCSPRequest (data);
-    if (request == NULL || request->tbsRequest == NULL)
-	return SECFailure;
-
-    tbsRequest = request->tbsRequest;
-
-    fprintf (out_file, "TBS Request:\n");
-    level++;
-
-    print_ocsp_version (out_file, &(tbsRequest->version), level);
-
-    /*
-     * XXX Probably should be an interface to get the signer name
-     * without looking inside the tbsRequest at all.
-     */
-    if (tbsRequest->requestorName != NULL) {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "XXX print the requestorName\n");
-    } else {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "No Requestor Name.\n");
-    }
-
-    if (tbsRequest->requestList != NULL) {
-	int i;
-
-	for (i = 0; tbsRequest->requestList[i] != NULL; i++) {
-	    SECU_Indent (out_file, level);
-	    fprintf (out_file, "Request %d:\n", i);
-	    print_single_request (out_file, tbsRequest->requestList[i],
-				  level + 1);
-	}
-    } else {
-	fprintf (out_file, "Request list is empty.\n");
-    }
-
-    print_ocsp_extensions (out_file, tbsRequest->requestExtensions,
-			   "Request Extensions", level);
-
-    if (request->optionalSignature != NULL) {
-	ocspSignature *whole_sig;
-	SECItem rawsig;
-
-	fprintf (out_file, "Signature:\n");
-
-	whole_sig = request->optionalSignature;
-	SECU_PrintAlgorithmID (out_file, &(whole_sig->signatureAlgorithm),
-			       "Signature Algorithm", level);
-
-	rawsig = whole_sig->signature;
-	DER_ConvertBitString (&rawsig);
-	SECU_PrintAsHex (out_file, &rawsig, "Signature", level);
-
-	print_raw_certificates (out_file, whole_sig->derCerts, level);
-
-	fprintf (out_file, "XXX verify the sig and print result\n");
-    } else {
-	fprintf (out_file, "No Signature\n");
-    }
-
-    CERT_DestroyOCSPRequest (request);
-    return SECSuccess;
-}
-
-
-static void
-print_revoked_info (FILE *out_file, ocspRevokedInfo *revoked_info, int level)
-{
-    SECU_PrintGeneralizedTime (out_file, &(revoked_info->revocationTime),
-			       "Revocation Time", level);
-
-    if (revoked_info->revocationReason != NULL) {
-	SECU_PrintAsHex (out_file, revoked_info->revocationReason,
-			 "Revocation Reason", level);
-    } else {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "No Revocation Reason.\n");
-    }
-}
-
-
-static void
-print_cert_status (FILE *out_file, ocspCertStatus *status, int level)
-{
-    SECU_Indent (out_file, level);
-    fprintf (out_file, "Status: ");
-
-    switch (status->certStatusType) {
-      case ocspCertStatus_good:
-	fprintf (out_file, "Cert is good.\n");
-	break;
-      case ocspCertStatus_revoked:
-	fprintf (out_file, "Cert has been revoked.\n");
-	print_revoked_info (out_file, status->certStatusInfo.revokedInfo,
-			    level + 1);
-	break;
-      case ocspCertStatus_unknown:
-	fprintf (out_file, "Cert is unknown to responder.\n");
-	break;
-      default:
-	fprintf (out_file, "Unrecognized status.\n");
-	break;
-    }
-}
-
-
-static void
-print_single_response (FILE *out_file, CERTOCSPSingleResponse *single,
-		       int level)
-{
-    print_ocsp_cert_id (out_file, single->certID, level);
-
-    print_cert_status (out_file, single->certStatus, level);
-
-    SECU_PrintGeneralizedTime (out_file, &(single->thisUpdate),
-			       "This Update", level);
-
-    if (single->nextUpdate != NULL) {
-	SECU_PrintGeneralizedTime (out_file, single->nextUpdate,
-				   "Next Update", level);
-    } else {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "No Next Update\n");
-    }
-
-    print_ocsp_extensions (out_file, single->singleExtensions,
-			   "Single Response Extensions", level);
-}
-
-
-static void
-print_responder_id (FILE *out_file, ocspResponderID *responderID, int level)
-{
-    SECU_Indent (out_file, level);
-    fprintf (out_file, "Responder ID ");
-
-    switch (responderID->responderIDType) {
-      case ocspResponderID_byName:
-	fprintf (out_file, "(byName):\n");
-	SECU_PrintName (out_file, &(responderID->responderIDValue.name),
-			"Name", level + 1);
-	break;
-      case ocspResponderID_byKey:
-	fprintf (out_file, "(byKey):\n");
-	SECU_PrintAsHex (out_file, &(responderID->responderIDValue.keyHash),
-			 "Key Hash", level + 1);
-	break;
-      default:
-	fprintf (out_file, "Unrecognized Responder ID Type\n");
-	break;
-    }
-}
-
-
-static void
-print_response_data (FILE *out_file, ocspResponseData *responseData, int level)
-{
-    SECU_Indent (out_file, level);
-    fprintf (out_file, "Response Data:\n");
-    level++;
-
-    print_ocsp_version (out_file, &(responseData->version), level);
-
-    print_responder_id (out_file, responseData->responderID, level);
-
-    SECU_PrintGeneralizedTime (out_file, &(responseData->producedAt),
-			       "Produced At", level);
-
-    if (responseData->responses != NULL) {
-	int i;
-
-	for (i = 0; responseData->responses[i] != NULL; i++) {
-	    SECU_Indent (out_file, level);
-	    fprintf (out_file, "Response %d:\n", i);
-	    print_single_response (out_file, responseData->responses[i],
-				   level + 1);
-	}
-    } else {
-	fprintf (out_file, "Response list is empty.\n");
-    }
-
-    print_ocsp_extensions (out_file, responseData->responseExtensions,
-			   "Response Extensions", level);
-}
-
-
-static void
-print_basic_response (FILE *out_file, ocspBasicOCSPResponse *basic, int level)
-{
-    SECItem rawsig;
-
-    SECU_Indent (out_file, level);
-    fprintf (out_file, "Basic OCSP Response:\n");
-    level++;
-
-    print_response_data (out_file, basic->tbsResponseData, level);
-
-    SECU_PrintAlgorithmID (out_file,
-			   &(basic->responseSignature.signatureAlgorithm),
-			   "Signature Algorithm", level);
-
-    rawsig = basic->responseSignature.signature;
-    DER_ConvertBitString (&rawsig);
-    SECU_PrintAsHex (out_file, &rawsig, "Signature", level);
-
-    print_raw_certificates (out_file, basic->responseSignature.derCerts, level);
-}
-
-
-/*
- * Note this must match (exactly) the enumeration ocspResponseStatus.
- */
-static char *responseStatusNames[] = {
-    "successful (Response has valid confirmations)",
-    "malformedRequest (Illegal confirmation request)",
-    "internalError (Internal error in issuer)",
-    "tryLater (Try again later)",
-    "unused ((4) is not used)",
-    "sigRequired (Must sign the request)",
-    "unauthorized (Request unauthorized)",
-    "other (Status value out of defined range)"
-};
-
-/*
- * Decode the DER/BER-encoded item "data" as an OCSP response
- * and pretty-print the subfields.
- */
-static SECStatus
-print_response (FILE *out_file, SECItem *data, CERTCertDBHandle *handle)
-{
-    CERTOCSPResponse *response;
-    int level = 0;
-
-    PORT_Assert (out_file != NULL);
-    PORT_Assert (data != NULL);
-    if (out_file == NULL || data == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    response = CERT_DecodeOCSPResponse (data);
-    if (response == NULL)
-	return SECFailure;
-
-    PORT_Assert (response->statusValue <= ocspResponse_other);
-    fprintf (out_file, "Response Status: %s\n",
-	     responseStatusNames[response->statusValue]);
-
-    if (response->statusValue == ocspResponse_successful) {
-	ocspResponseBytes *responseBytes = response->responseBytes;
-	SECStatus sigStatus;
-	CERTCertificate *signerCert = NULL;
-
-	PORT_Assert (responseBytes != NULL);
-
-	level++;
-	fprintf (out_file, "Response Bytes:\n");
-	SECU_PrintObjectID (out_file, &(responseBytes->responseType),
-			    "Response Type", level);
-	switch (response->responseBytes->responseTypeTag) {
-	  case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
-	    print_basic_response (out_file,
-				  responseBytes->decodedResponse.basic,
-				  level);
-	    break;
-	  default:
-	    SECU_Indent (out_file, level);
-	    fprintf (out_file, "Unknown response syntax\n");
-	    break;
-	}
-
-	sigStatus = CERT_VerifyOCSPResponseSignature (response, handle,
-						      NULL, &signerCert, NULL);
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "Signature verification ");
-	if (sigStatus != SECSuccess) {
-	    fprintf (out_file, "failed: %s\n", SECU_Strerror (PORT_GetError()));
-	} else {
-	    fprintf (out_file, "succeeded.\n");
-	    if (signerCert != NULL) {
-		SECU_PrintName (out_file, &signerCert->subject, "Signer",
-				level);
-		CERT_DestroyCertificate (signerCert);
-	    } else {
-		SECU_Indent (out_file, level);
-		fprintf (out_file, "No signer cert returned?\n");
-	    }
-	}
-    } else {
-	SECU_Indent (out_file, level);
-	fprintf (out_file, "Unsuccessful response, no more information.\n");
-    }
-
-    CERT_DestroyOCSPResponse (response);
-    return SECSuccess;
-}
-
-#endif	/* NO_PP */
-
-
-static SECStatus
-cert_usage_from_char (const char *cert_usage_str, SECCertUsage *cert_usage)
-{
-    PORT_Assert (cert_usage_str != NULL);
-    PORT_Assert (cert_usage != NULL);
-
-    if (PORT_Strlen (cert_usage_str) != 1)
-	return SECFailure;
-
-    switch (*cert_usage_str) {
-      case 'c':
-	*cert_usage = certUsageSSLClient;
-	break;
-      case 's':
-	*cert_usage = certUsageSSLServer;
-	break;
-      case 'e':
-	*cert_usage = certUsageEmailRecipient;
-	break;
-      case 'E':
-	*cert_usage = certUsageEmailSigner;
-	break;
-      case 'S':
-	*cert_usage = certUsageObjectSigner;
-	break;
-      case 'C':
-	*cert_usage = certUsageVerifyCA;
-	break;
-      default:
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-
-int
-main (int argc, char **argv)
-{
-    int		 retval;
-    char	*program_name;
-    PRFileDesc	*in_file;
-    FILE	*out_file;	/* not PRFileDesc until SECU accepts it */
-    int		 crequest, dresponse;
-    int		 prequest, presponse;
-    int		 ccert, vcert;
-    const char	*db_dir, *date_str, *cert_usage_str, *name;
-    const char	*responder_name, *responder_url, *signer_name;
-    PRBool	 add_acceptable_responses, add_service_locator;
-    SECItem	*data = NULL;
-    PLOptState	*optstate;
-    SECStatus	 rv;
-    CERTCertDBHandle *handle = NULL;
-    SECCertUsage cert_usage;
-    int64	 verify_time;
-
-    retval = -1;		/* what we return/exit with on error */
-
-    program_name = PL_strrchr(argv[0], '/');
-    program_name = program_name ? (program_name + 1) : argv[0];
-
-    in_file = PR_STDIN;
-    out_file = stdout;
-
-    crequest = 0;
-    dresponse = 0;
-    prequest = 0;
-    presponse = 0;
-    ccert = 0;
-    vcert = 0;
-
-    db_dir = NULL;
-    date_str = NULL;
-    cert_usage_str = NULL;
-    name = NULL;
-    responder_name = NULL;
-    responder_url = NULL;
-    signer_name = NULL;
-
-    add_acceptable_responses = PR_FALSE;
-    add_service_locator = PR_FALSE;
-
-    optstate = PL_CreateOptState (argc, argv, "AHLPR:S:V:d:l:pr:s:t:u:w:");
-    if (optstate == NULL) {
-	SECU_PrintError (program_name, "PL_CreateOptState failed");
-	return retval;
-    }
-
-    while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    short_usage (program_name);
-	    return retval;
-
-	  case 'A':
-	    add_acceptable_responses = PR_TRUE;
-	    break;
-
-	  case 'H':
-	    long_usage (program_name);
-	    return retval;
-
-	  case 'L':
-	    add_service_locator = PR_TRUE;
-	    break;
-
-	  case 'P':
-	    presponse = 1;
-	    break;
-
-	  case 'R':
-	    dresponse = 1;
-	    name = optstate->value;
-	    break;
-
-	  case 'S':
-	    ccert = 1;
-	    name = optstate->value;
-	    break;
-
-	  case 'V':
-	    vcert = 1;
-	    name = optstate->value;
-	    break;
-
-	  case 'd':
-	    db_dir = optstate->value;
-	    break;
-
-	  case 'l':
-	    responder_url = optstate->value;
-	    break;
-
-	  case 'p':
-	    prequest = 1;
-	    break;
-
-	  case 'r':
-	    crequest = 1;
-	    name = optstate->value;
-	    break;
-
-	  case 's':
-	    signer_name = optstate->value;
-	    break;
-
-	  case 't':
-	    responder_name = optstate->value;
-	    break;
-
-	  case 'u':
-	    cert_usage_str = optstate->value;
-	    break;
-
-	  case 'w':
-	    date_str = optstate->value;
-	    break;
-	}
-    }
-
-    if ((crequest + dresponse + prequest + presponse + ccert + vcert) != 1) {
-	PR_fprintf (PR_STDERR, "%s: must specify exactly one command\n\n",
-		    program_name);
-	short_usage (program_name);
-	return retval;
-    }
-
-    if (vcert) {
-	if (cert_usage_str == NULL) {
-	    PR_fprintf (PR_STDERR, "%s: verification requires cert usage\n\n",
-			program_name);
-	    short_usage (program_name);
-	    return retval;
-	}
-
-	rv = cert_usage_from_char (cert_usage_str, &cert_usage);
-	if (rv != SECSuccess) {
-	    PR_fprintf (PR_STDERR, "%s: invalid cert usage (\"%s\")\n\n",
-			program_name, cert_usage_str);
-	    long_usage (program_name);
-	    return retval;
-	}
-    }
-
-    if (ccert + vcert) {
-	if (responder_url != NULL || responder_name != NULL) {
-	    /*
-	     * To do a full status check, both the URL and the cert name
-	     * of the responder must be specified if either one is.
-	     */
-	    if (responder_url == NULL || responder_name == NULL) {
-		if (responder_url == NULL)
-		    PR_fprintf (PR_STDERR,
-				"%s: must also specify responder location\n\n",
-				program_name);
-		else
-		    PR_fprintf (PR_STDERR,
-				"%s: must also specify responder name\n\n",
-				program_name);
-		short_usage (program_name);
-		return retval;
-	    }
-	}
-
-	if (date_str != NULL) {
-	    rv = DER_AsciiToTime (&verify_time, (char *) date_str);
-	    if (rv != SECSuccess) {
-		SECU_PrintError (program_name, "error converting time string");
-		PR_fprintf (PR_STDERR, "\n");
-		long_usage (program_name);
-		return retval;
-	    }
-	} else {
-	    verify_time = PR_Now();
-	}
-    }
-
-    retval = -2;		/* errors change from usage to runtime */
-
-    /*
-     * Initialize the NSPR and Security libraries.
-     */
-    PR_Init (PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    db_dir = SECU_ConfigDirectory (db_dir);
-    rv = NSS_Init (db_dir);
-    if (rv != SECSuccess) {
-	SECU_PrintError (program_name, "NSS_Init failed");
-	goto prdone;
-    }
-
-    if (prequest + presponse) {
-	data = read_file_into_item (in_file, siBuffer);
-	if (data == NULL) {
-	    SECU_PrintError (program_name, "problem reading input");
-	    goto nssdone;
-	}
-    }
-
-    if (crequest + dresponse + presponse + ccert + vcert) {
-	handle = CERT_GetDefaultCertDB();
-	if (handle == NULL) {
-	    SECU_PrintError (program_name, "problem getting certdb handle");
-	    goto nssdone;
-	}
-
-	/*
-	 * It would be fine to do the enable for all of these commands,
-	 * but this way we check that everything but an overall verify
-	 * can be done without it.  That is, that the individual pieces
-	 * work on their own.
-	 */
-	if (vcert) {
-	    rv = CERT_EnableOCSPChecking (handle);
-	    if (rv != SECSuccess) {
-		SECU_PrintError (program_name, "error enabling OCSP checking");
-		goto nssdone;
-	    }
-	}
-
-	if ((ccert + vcert) && (responder_name != NULL)) {
-	    rv = CERT_SetOCSPDefaultResponder (handle, responder_url,
-					       responder_name);
-	    if (rv != SECSuccess) {
-		SECU_PrintError (program_name,
-				 "error setting default responder");
-		goto nssdone;
-	    }
-
-	    rv = CERT_EnableOCSPDefaultResponder (handle);
-	    if (rv != SECSuccess) {
-		SECU_PrintError (program_name,
-				 "error enabling default responder");
-		goto nssdone;
-	    }
-	}
-    }
-
-#define NOTYET(opt)							\
-	{								\
-	    PR_fprintf (PR_STDERR, "%s not yet working\n", opt);	\
-	    exit (-1);							\
-	}
-
-    if (crequest) {
-	if (signer_name != NULL) {
-	    NOTYET("-s");
-	}
-	rv = create_request (out_file, handle, name, add_service_locator,
-			     add_acceptable_responses);
-    } else if (dresponse) {
-	if (signer_name != NULL) {
-	    NOTYET("-s");
-	}
-	rv = dump_response (out_file, handle, name, responder_url);
-    } else if (prequest) {
-	rv = print_request (out_file, data);
-    } else if (presponse) {
-	rv = print_response (out_file, data, handle);
-    } else if (ccert) {
-	if (signer_name != NULL) {
-	    NOTYET("-s");
-	}
-	rv = get_cert_status (out_file, handle, name, verify_time);
-    } else if (vcert) {
-	if (signer_name != NULL) {
-	    NOTYET("-s");
-	}
-	rv = verify_cert (out_file, handle, name, cert_usage, verify_time);
-    }
-
-    if (rv != SECSuccess)
-	SECU_PrintError (program_name, "error performing requested operation");
-    else
-	retval = 0;
-
-nssdone:
-    if (data != NULL) {
-	SECITEM_FreeItem (data, PR_TRUE);
-    }
-
-    if (handle != NULL) {
-	(void) CERT_DisableOCSPChecking (handle);
-    }
-
-    NSS_Shutdown ();
-
-prdone:
-    PR_Cleanup ();
-    return retval;
-}
diff --git a/security/nss/cmd/oidcalc/Makefile b/security/nss/cmd/oidcalc/Makefile
deleted file mode 100644
index 689240abd..000000000
--- a/security/nss/cmd/oidcalc/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/oidcalc/manifest.mn b/security/nss/cmd/oidcalc/manifest.mn
deleted file mode 100644
index 890e112ef..000000000
--- a/security/nss/cmd/oidcalc/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = oidcalc.c
-
-PROGRAM	= oidcalc
diff --git a/security/nss/cmd/oidcalc/oidcalc.c b/security/nss/cmd/oidcalc/oidcalc.c
deleted file mode 100644
index cadc425a4..000000000
--- a/security/nss/cmd/oidcalc/oidcalc.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-int
-main(int argc, char **argv)
-{
-    char *curstr;
-    char *nextstr;
-    unsigned int firstval;
-    unsigned int secondval;
-    unsigned int val;
-    unsigned char buf[5];
-    int count;
-    
-    if ( argc != 2 ) {
-	fprintf(stderr, "wrong number of args\n");
-	exit(-1);
-    }
-    
-    curstr = argv[1];
-    
-    nextstr = strchr(curstr, '.');
-    
-    if ( nextstr == NULL ) {
-	fprintf(stderr, "only one component\n");
-	exit(-1);
-    }
-    
-    *nextstr = '\0';
-    firstval = atoi(curstr);
-
-    curstr = nextstr + 1;
-    
-    nextstr = strchr(curstr, '.');
-
-    if ( nextstr ) {
-	*nextstr = '\0';
-    }
-
-    secondval = atoi(curstr);
-    
-    if ( ( firstval < 0 ) || ( firstval > 2 ) ) {
-	fprintf(stderr, "first component out of range\n");
-	exit(-1);
-	
-    }
-    
-    if ( ( secondval < 0 ) || ( secondval > 39 ) ) {
-	fprintf(stderr, "second component out of range\n");
-	exit(-1);
-    }
-    
-    printf("0x%x, ", ( firstval * 40 ) + secondval );
-    while ( nextstr ) {
-	curstr = nextstr + 1;
-
-	nextstr = strchr(curstr, '.');
-
-	if ( nextstr ) {
-	    *nextstr = '\0';
-	}
-
-	memset(buf, 0, sizeof(buf));
-	val = atoi(curstr);
-	count = 0;
-	while ( val ) {
-	    buf[count] = ( val & 0x7f );
-	    val = val >> 7;
-	    count++;
-	}
-
-	while ( count-- ) {
-	    if ( count ) {
-		printf("0x%x, ", buf[count] | 0x80 );
-	    } else {
-		printf("0x%x, ", buf[count] );
-	    }
-	}
-    }
-    printf("\n");
-    return 0;
-}
-
diff --git a/security/nss/cmd/p7content/Makefile b/security/nss/cmd/p7content/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7content/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7content/manifest.mn b/security/nss/cmd/p7content/manifest.mn
deleted file mode 100644
index ff7d7565d..000000000
--- a/security/nss/cmd/p7content/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-MODULE = security
-
-CSRCS = p7content.c
-
-REQUIRES = seccmd 
-
-PROGRAM = p7content
-
diff --git a/security/nss/cmd/p7content/p7content.c b/security/nss/cmd/p7content/p7content.c
deleted file mode 100644
index b03950c60..000000000
--- a/security/nss/cmd/p7content/p7content.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7content -- A command to display pkcs7 content.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-
-
-static void
-Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s [-d dbdir] [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr,
-	    "%-20s Key/Cert database directory (default is ~/.netscape)\n",
-	    "-d dbdir");
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-static PRBool saw_content;
-
-static void
-PrintBytes(void *arg, const char *buf, unsigned long len)
-{
-    FILE *out;
-
-    out = arg; 
-    fwrite (buf, len, 1, out);
-
-    saw_content = PR_TRUE;
-}
-
-/*
- * XXX Someday we may want to do real policy stuff here.  This allows
- * anything to be decrypted, which is okay for a test program but does
- * not set an example of how a real client with a real policy would
- * need to do it.
- */
-static PRBool
-decryption_allowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
-    return PR_TRUE;
-}
-
-int
-DecodeAndPrintFile(FILE *out, PRFileDesc *in, char *progName)
-{
-    SECItem derdata;
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7DecoderContext *dcx;
-
-	if (SECU_ReadDERFromFile(&derdata, in, PR_FALSE)) {
-        SECU_PrintError(progName, "error converting der");
-	return -1;
-    }
-
-    fprintf(out,
-	    "Content printed between bars (newline added before second bar):");
-    fprintf(out, "\n---------------------------------------------\n");
-
-    saw_content = PR_FALSE;
-    dcx = SEC_PKCS7DecoderStart(PrintBytes, out, NULL, NULL,
-				NULL, NULL, decryption_allowed);
-    if (dcx != NULL) {
-#if 0	/* Test that decoder works when data is really streaming in. */
-	{
-	    unsigned long i;
-	    for (i = 0; i < derdata.len; i++)
-		SEC_PKCS7DecoderUpdate(dcx, derdata.data + i, 1);
-	}
-#else
-	SEC_PKCS7DecoderUpdate(dcx, (char *)derdata.data, derdata.len);
-#endif
-	cinfo = SEC_PKCS7DecoderFinish(dcx);
-    }
-
-    fprintf(out, "\n---------------------------------------------\n");
-
-    if (cinfo == NULL)
-	return -1;
-
-    fprintf(out, "Content was%s encrypted.\n",
-	    SEC_PKCS7ContentIsEncrypted(cinfo) ? "" : " not");
-
-    if (SEC_PKCS7ContentIsSigned(cinfo)) {
-	char *signer_cname, *signer_ename;
-	SECItem *signing_time;
-
-	if (saw_content) {
-	    fprintf(out, "Signature is ");
-	    PORT_SetError(0);
-	    if (SEC_PKCS7VerifySignature(cinfo, certUsageEmailSigner, PR_FALSE))
-		fprintf(out, "valid.\n");
-	    else
-		fprintf(out, "invalid (Reason: %s).\n",
-			SECU_Strerror(PORT_GetError()));
-	} else {
-	    fprintf(out,
-		    "Content is detached; signature cannot be verified.\n");
-	}
-
-	signer_cname = SEC_PKCS7GetSignerCommonName(cinfo);
-	if (signer_cname != NULL) {
-	    fprintf(out, "The signer's common name is %s\n", signer_cname);
-	    PORT_Free(signer_cname);
-	} else {
-	    fprintf(out, "No signer common name.\n");
-	}
-
-	signer_ename = SEC_PKCS7GetSignerEmailAddress(cinfo);
-	if (signer_ename != NULL) {
-	    fprintf(out, "The signer's email address is %s\n", signer_ename);
-	    PORT_Free(signer_ename);
-	} else {
-	    fprintf(out, "No signer email address.\n");
-	}
-
-	signing_time = SEC_PKCS7GetSigningTime(cinfo);
-	if (signing_time != NULL) {
-	    SECU_PrintUTCTime(out, signing_time, "Signing time", 0);
-	} else {
-	    fprintf(out, "No signing time included.\n");
-	}
-    } else {
-	fprintf(out, "Content was not signed.\n");
-    }
-
-    fprintf(out, "There were%s certs or crls included.\n",
-	    SEC_PKCS7ContainsCertsOrCrls(cinfo) ? "" : " no");
-
-    SEC_PKCS7DestroyContentInfo(cinfo);
-    return 0;
-}
-
-
-/*
- * Print the contents of a PKCS7 message, indicating signatures, etc.
- */
-
-int
-main(int argc, char **argv)
-{
-    char *progName;
-    FILE *outFile;
-    PRFileDesc *inFile;
-    PLOptState *optstate;
-    PLOptStatus status;
-    SECStatus rv;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    inFile = NULL;
-    outFile = NULL;
-
-    /*
-     * Parse command line arguments
-     */
-    optstate = PL_CreateOptState(argc, argv, "d:i:o:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-	  case 'i':
-	    inFile = PR_Open(optstate->value, PR_RDONLY, 0);
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  default:
-	    Usage(progName);
-	    break;
-	}
-    }
-    if (status == PL_OPT_BAD)
-	Usage(progName);
-
-    if (!inFile) inFile = PR_STDIN;
-    if (!outFile) outFile = stdout;
-
-    /* Call the initialization routines */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_Init(SECU_ConfigDirectory(NULL));
-    if (rv != SECSuccess) {
-	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-
-    if (DecodeAndPrintFile(outFile, inFile, progName)) {
-	SECU_PrintError(progName, "problem decoding data");
-	return -1;
-    }
-
-    return 0;
-}
diff --git a/security/nss/cmd/p7env/Makefile b/security/nss/cmd/p7env/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7env/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7env/manifest.mn b/security/nss/cmd/p7env/manifest.mn
deleted file mode 100644
index 511c541b0..000000000
--- a/security/nss/cmd/p7env/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7env.c  
-
-REQUIRES = seccmd 
-
-PROGRAM = p7env
-
diff --git a/security/nss/cmd/p7env/p7env.c b/security/nss/cmd/p7env/p7env.c
deleted file mode 100644
index 54d79fbfc..000000000
--- a/security/nss/cmd/p7env/p7env.c
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7env -- A command to create a pkcs7 enveloped data.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-extern void SEC_Init(void);		/* XXX */
-
-
-static void
-Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s -r recipient [-d dbdir] [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Nickname of cert to use for encryption\n",
-	    "-r recipient");
-    fprintf(stderr, "%-20s Cert database directory (default is ~/.netscape)\n",
-	    "-d dbdir");
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-struct recipient {
-    struct recipient *next;
-    char *nickname;
-    CERTCertificate *cert;
-};
-
-static void
-EncryptOut(void *arg, const char *buf, unsigned long len)
-{
-   FILE *out;
-
-   out = arg; 
-   fwrite (buf, len, 1, out);
-}
-
-static int
-EncryptFile(FILE *outFile, FILE *inFile, struct recipient *recipients,
-	    char *progName)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7EncoderContext *ecx;
-    struct recipient *rcpt;
-    SECStatus rv;
-
-    if (outFile == NULL || inFile == NULL || recipients == NULL)
-	return -1;
-
-    /* XXX Need a better way to handle that certUsage stuff! */
-    /* XXX keysize? */
-    cinfo = SEC_PKCS7CreateEnvelopedData (recipients->cert,
-					  certUsageEmailRecipient,
-					  NULL, SEC_OID_DES_EDE3_CBC, 0, 
-					  NULL, NULL);
-    if (cinfo == NULL)
-	return -1;
-
-    for (rcpt = recipients->next; rcpt != NULL; rcpt = rcpt->next) {
-	rv = SEC_PKCS7AddRecipient (cinfo, rcpt->cert, certUsageEmailRecipient,
-				    NULL);
-	if (rv != SECSuccess) {
-	    SECU_PrintError(progName, "error adding recipient \"%s\"",
-			    rcpt->nickname);
-	    return -1;
-	}
-    }
-
-    ecx = SEC_PKCS7EncoderStart (cinfo, EncryptOut, outFile, NULL);
-    if (ecx == NULL)
-	return -1;
-
-    for (;;) {
-	char ibuf[1024];
-	int nb;
- 
-	if (feof(inFile))
-	    break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb == 0) {
-	    if (ferror(inFile)) {
-		PORT_SetError(SEC_ERROR_IO);
-		rv = SECFailure;
-	    }
-	    break;
-	}
-	rv = SEC_PKCS7EncoderUpdate(ecx, ibuf, nb);
-	if (rv != SECSuccess)
-	    break;
-    }
-
-    if (SEC_PKCS7EncoderFinish(ecx, NULL, NULL) != SECSuccess)
-	rv = SECFailure;
-
-    SEC_PKCS7DestroyContentInfo (cinfo);
-
-    if (rv != SECSuccess)
-	return -1;
-
-    return 0;
-}
-
-int
-main(int argc, char **argv)
-{
-    char *progName;
-    FILE *inFile, *outFile;
-    char *certName;
-    CERTCertDBHandle *certHandle;
-    CERTCertificate *cert;
-    struct recipient *recipients, *rcpt;
-    PLOptState *optstate;
-    PLOptStatus status;
-    SECStatus rv;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    inFile = NULL;
-    outFile = NULL;
-    certName = NULL;
-    recipients = NULL;
-    rcpt = NULL;
-
-    /*
-     * Parse command line arguments
-     * XXX This needs to be enhanced to allow selection of algorithms
-     * and key sizes (or to look up algorithms and key sizes for each
-     * recipient in the magic database).
-     */
-    optstate = PL_CreateOptState(argc, argv, "d:i:o:r:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-	  case 'i':
-	    inFile = fopen(optstate->value, "r");
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'r':
-	    if (rcpt == NULL) {
-		recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
-	    } else {
-		rcpt->next = PORT_Alloc (sizeof(struct recipient));
-		rcpt = rcpt->next;
-	    }
-	    if (rcpt == NULL) {
-		fprintf(stderr, "%s: unable to allocate recipient struct\n",
-			progName);
-		return -1;
-	    }
-	    rcpt->nickname = strdup(optstate->value);
-	    rcpt->cert = NULL;
-	    rcpt->next = NULL;
-	    break;
-	}
-    }
-
-    if (!recipients) Usage(progName);
-
-    if (!inFile) inFile = stdin;
-    if (!outFile) outFile = stdout;
-
-    /* Call the libsec initialization routines */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_Init(SECU_ConfigDirectory(NULL));
-    if (rv != SECSuccess) {
-    	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-
-    /* open cert database */
-    certHandle = CERT_GetDefaultCertDB();
-    if (certHandle == NULL) {
-	return -1;
-    }
-
-    /* find certs */
-    for (rcpt = recipients; rcpt != NULL; rcpt = rcpt->next) {
-	rcpt->cert = CERT_FindCertByNickname(certHandle, rcpt->nickname);
-	if (rcpt->cert == NULL) {
-	    SECU_PrintError(progName,
-			    "the cert for name \"%s\" not found in database",
-			    rcpt->nickname);
-	    return -1;
-	}
-    }
-
-    if (EncryptFile(outFile, inFile, recipients, progName)) {
-	SECU_PrintError(progName, "problem encrypting data");
-	return -1;
-    }
-
-    return 0;
-}
diff --git a/security/nss/cmd/p7sign/Makefile b/security/nss/cmd/p7sign/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7sign/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7sign/manifest.mn b/security/nss/cmd/p7sign/manifest.mn
deleted file mode 100644
index 7a190276b..000000000
--- a/security/nss/cmd/p7sign/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7sign.c  
-
-REQUIRES = seccmd 
-
-PROGRAM = p7sign
-
diff --git a/security/nss/cmd/p7sign/p7sign.c b/security/nss/cmd/p7sign/p7sign.c
deleted file mode 100644
index 0bff6c1da..000000000
--- a/security/nss/cmd/p7sign/p7sign.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7sign -- A command to create a *detached* pkcs7 signature (over a given
- * input file).
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "sechash.h"	/* for HASH_GetHashObject() */
-#include "nss.h"
-#include "pk11func.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-char* KeyDbPassword = 0;
-
-
-char* MyPK11PasswordFunc (PK11SlotInfo *slot, PRBool retry, void* arg)
-{
-    char *ret=0;
-
-    if (retry == PR_TRUE)
-        return NULL;
-    ret = PL_strdup (KeyDbPassword);
-    return ret;
-}
-
-
-static void
-Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s -k keyname [-d keydir] [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Nickname of key to use for signature\n",
-	    "-k keyname");
-    fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
-	    "-d keydir");
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    fprintf(stderr, "%-20s Encapsulate content in signature message\n",
-	    "-e");
-    fprintf(stderr, "%-20s Password to the key databse\n", "-p");
-    exit(-1);
-}
-
-static void
-SignOut(void *arg, const char *buf, unsigned long len)
-{
-   FILE *out;
-
-   out = (FILE*) arg; 
-   fwrite (buf, len, 1, out);
-}
-
-static int
-CreateDigest(SECItem *data, char *digestdata, unsigned int *len, unsigned int maxlen)
-{
-    const SECHashObject *hashObj;
-    void *hashcx;
-
-    /* XXX probably want to extend interface to allow other hash algorithms */
-    hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
-    hashcx = (* hashObj->create)();
-    if (hashcx == NULL)
-	return -1;
-
-    (* hashObj->begin)(hashcx);
-    (* hashObj->update)(hashcx, data->data, data->len);
-    (* hashObj->end)(hashcx, (unsigned char *)digestdata, len, maxlen);
-    (* hashObj->destroy)(hashcx, PR_TRUE);
-    return 0;
-}
-
-static int
-SignFile(FILE *outFile, PRFileDesc *inFile, CERTCertificate *cert, 
-         PRBool encapsulated)
-{
-    int nb;
-    char digestdata[32];
-    unsigned int len;
-    SECItem digest, data2sign;
-    SEC_PKCS7ContentInfo *cinfo;
-    SECStatus rv;
-
-    if (outFile == NULL || inFile == NULL || cert == NULL)
-	return -1;
-
-    /* suck the file in */
-	if (SECU_ReadDERFromFile(&data2sign, inFile, PR_FALSE) != SECSuccess)
-	return -1;
-
-    if (!encapsulated) {
-	/* unfortunately, we must create the digest ourselves */
-	/* SEC_PKCS7CreateSignedData should have a flag to not include */
-	/* the content for non-encapsulated content at encode time, but */
-	/* should always compute the hash itself */
-	if (CreateDigest(&data2sign, digestdata, &len, 32) < 0)
-	    return -1;
-	digest.data = (unsigned char *)digestdata;
-	digest.len = len;
-    }
-
-    /* XXX Need a better way to handle that usage stuff! */
-    cinfo = SEC_PKCS7CreateSignedData (cert, certUsageEmailSigner, NULL,
-				       SEC_OID_SHA1,
-				       encapsulated ? NULL : &digest,
-				       NULL, NULL);
-    if (cinfo == NULL)
-	return -1;
-
-    if (encapsulated) {
-	SEC_PKCS7SetContent(cinfo, (char *)data2sign.data, data2sign.len);
-    }
-
-    rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return -1;
-    }
-
-    rv = SEC_PKCS7Encode (cinfo, SignOut, outFile, NULL,
-			  NULL, NULL);
-
-    SEC_PKCS7DestroyContentInfo (cinfo);
-
-    if (rv != SECSuccess)
-	return -1;
-
-    return 0;
-}
-
-int
-main(int argc, char **argv)
-{
-    char *progName;
-    FILE *outFile;
-    PRFileDesc *inFile;
-    char *keyName;
-    CERTCertDBHandle *certHandle;
-    CERTCertificate *cert;
-    PRBool encapsulated = PR_FALSE;
-    PLOptState *optstate;
-    PLOptStatus status;
-    SECStatus rv;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    inFile = NULL;
-    outFile = NULL;
-    keyName = NULL;
-
-    /*
-     * Parse command line arguments
-     */
-    optstate = PL_CreateOptState(argc, argv, "ed:k:i:o:p:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'e':
-	    /* create a message with the signed content encapsulated */
-	    encapsulated = PR_TRUE;
-	    break;
-
-	  case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-	  case 'i':
-	    inFile = PR_Open(optstate->value, PR_RDONLY, 0);
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'k':
-	    keyName = strdup(optstate->value);
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-	  case 'p':
-            KeyDbPassword = strdup (optstate->value);
-            break;
-	}
-    }
-
-    if (!keyName) Usage(progName);
-
-    if (!inFile) inFile = PR_STDIN;
-    if (!outFile) outFile = stdout;
-
-    /* Call the initialization routines */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_Init(SECU_ConfigDirectory(NULL));
-    if (rv != SECSuccess) {
-	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-
-    PK11_SetPasswordFunc (MyPK11PasswordFunc);
-
-    /* open cert database */
-    certHandle = CERT_GetDefaultCertDB();
-    if (certHandle == NULL) {
-	return -1;
-    }
-
-    /* find cert */
-    cert = CERT_FindCertByNickname(certHandle, keyName);
-    if (cert == NULL) {
-	SECU_PrintError(progName,
-		        "the corresponding cert for key \"%s\" does not exist",
-			keyName);
-	return -1;
-    }
-
-    if (SignFile(outFile, inFile, cert, encapsulated)) {
-	SECU_PrintError(progName, "problem signing data");
-	return -1;
-    }
-
-    return 0;
-}
diff --git a/security/nss/cmd/p7verify/Makefile b/security/nss/cmd/p7verify/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7verify/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7verify/manifest.mn b/security/nss/cmd/p7verify/manifest.mn
deleted file mode 100644
index 5ac9e8a3f..000000000
--- a/security/nss/cmd/p7verify/manifest.mn
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7verify.c  
-
-REQUIRES = seccmd 
-
-PROGRAM = p7verify
-
diff --git a/security/nss/cmd/p7verify/p7verify.c b/security/nss/cmd/p7verify/p7verify.c
deleted file mode 100644
index d81dbb3db..000000000
--- a/security/nss/cmd/p7verify/p7verify.c
+++ /dev/null
@@ -1,301 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7verify -- A command to do a verification of a *detached* pkcs7 signature.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secoid.h"
-#include "sechash.h"	/* for HASH_GetHashObject() */
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-
-static HASH_HashType
-AlgorithmToHashType(SECAlgorithmID *digestAlgorithms)
-{
-
-    SECOidTag tag;
-
-    tag = SECOID_GetAlgorithmTag(digestAlgorithms);
-    
-    switch (tag) {
-      case SEC_OID_MD2:
-	return HASH_AlgMD2;
-      case SEC_OID_MD5:
-	return HASH_AlgMD5;
-      case SEC_OID_SHA1:
-	return HASH_AlgSHA1;
-      default:
-	fprintf(stderr, "should never get here\n");
-	return HASH_AlgNULL;
-    }
-}
-
-static int
-DigestFile(unsigned char *digest, unsigned int *len, unsigned int maxLen,
-	   FILE *inFile, HASH_HashType hashType)
-{
-    int nb;
-    unsigned char ibuf[4096];
-    const SECHashObject *hashObj;
-    void *hashcx;
-
-    hashObj = HASH_GetHashObject(hashType);
-
-    hashcx = (* hashObj->create)();
-    if (hashcx == NULL)
-	return -1;
-
-    (* hashObj->begin)(hashcx);
-
-    for (;;) {
-	if (feof(inFile)) break;
-	nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-	if (nb != sizeof(ibuf)) {
-	    if (nb == 0) {
-		if (ferror(inFile)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    (* hashObj->destroy)(hashcx, PR_TRUE);
-		    return -1;
-		}
-		/* eof */
-		break;
-	    }
-	}
-	(* hashObj->update)(hashcx, ibuf, nb);
-    }
-
-    (* hashObj->end)(hashcx, digest, len, maxLen);
-    (* hashObj->destroy)(hashcx, PR_TRUE);
-
-    return 0;
-}
-
-
-static void
-Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s -c content -s signature [-d dbdir] [-u certusage]\n",
-	    progName);
-    fprintf(stderr, "%-20s content file that was signed\n",
-	    "-c content");
-    fprintf(stderr, "%-20s file containing signature for that content\n",
-	    "-s signature");
-    fprintf(stderr,
-	    "%-20s Key/Cert database directory (default is ~/.netscape)\n",
-	    "-d dbdir");
-    fprintf(stderr, "%-20s Define the type of certificate usage (default is certUsageEmailSigner)\n",
-	    "-u certusage");
-    fprintf(stderr, "%-25s  0 - certUsageSSLClient\n", " ");
-    fprintf(stderr, "%-25s  1 - certUsageSSLServer\n", " ");
-    fprintf(stderr, "%-25s  2 - certUsageSSLServerWithStepUp\n", " ");
-    fprintf(stderr, "%-25s  3 - certUsageSSLCA\n", " ");
-    fprintf(stderr, "%-25s  4 - certUsageEmailSigner\n", " ");
-    fprintf(stderr, "%-25s  5 - certUsageEmailRecipient\n", " ");
-    fprintf(stderr, "%-25s  6 - certUsageObjectSigner\n", " ");
-    fprintf(stderr, "%-25s  7 - certUsageUserCertImport\n", " ");
-    fprintf(stderr, "%-25s  8 - certUsageVerifyCA\n", " ");
-    fprintf(stderr, "%-25s  9 - certUsageProtectedObjectSigner\n", " ");
-    fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
-    fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
-
-    exit(-1);
-}
-
-static int
-HashDecodeAndVerify(FILE *out, FILE *content, PRFileDesc *signature,
-		    SECCertUsage usage, char *progName)
-{
-    SECItem derdata;
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7SignedData *signedData;
-    HASH_HashType digestType;
-    SECItem digest;
-    unsigned char buffer[32];
-
-    if (SECU_ReadDERFromFile(&derdata, signature, PR_FALSE) != SECSuccess) {
-	SECU_PrintError(progName, "error reading signature file");
-	return -1;
-    }
-
-    cinfo = SEC_PKCS7DecodeItem(&derdata, NULL, NULL, NULL, NULL,
-				NULL, NULL, NULL);
-    if (cinfo == NULL)
-	return -1;
-
-    if (! SEC_PKCS7ContentIsSigned(cinfo)) {
-	fprintf (out, "Signature file is pkcs7 data, but not signed.\n");
-	return -1;
-    }
-
-    signedData = cinfo->content.signedData;
-
-    /* assume that there is only one digest algorithm for now */
-    digestType = AlgorithmToHashType(signedData->digestAlgorithms[0]);
-    if (digestType == HASH_AlgNULL) {
-	fprintf (out, "Invalid hash algorithmID\n");
-	return -1;
-    }
-
-    digest.data = buffer;
-    if (DigestFile (digest.data, &digest.len, 32, content, digestType)) {
-	SECU_PrintError (progName, "problem computing message digest");
-	return -1;
-    }
-
-    fprintf(out, "Signature is ");
-    if (SEC_PKCS7VerifyDetachedSignature (cinfo, usage, &digest, digestType,
-					  PR_FALSE))
-	fprintf(out, "valid.\n");
-    else
-	fprintf(out, "invalid (Reason: %s).\n",
-		SECU_Strerror(PORT_GetError()));
-
-    SEC_PKCS7DestroyContentInfo(cinfo);
-    return 0;
-}
-
-
-int
-main(int argc, char **argv)
-{
-    char *progName;
-    FILE *contentFile, *outFile;
-    PRFileDesc *signatureFile;
-    SECCertUsage certUsage = certUsageEmailSigner;
-    PLOptState *optstate;
-    PLOptStatus status;
-    SECStatus rv;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    contentFile = NULL;
-    signatureFile = NULL;
-    outFile = NULL;
-
-    /*
-     * Parse command line arguments
-     */
-    optstate = PL_CreateOptState(argc, argv, "c:d:o:s:u:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'c':
-	    contentFile = fopen(optstate->value, "r");
-	    if (!contentFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 's':
-	    signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
-	    if (!signatureFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'u': {
-	    int usageType;
-
-	    usageType = atoi (strdup(optstate->value));
-	    if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
-		return -1;
-	    certUsage = (SECCertUsage)usageType;
-	    break;
-	  }
-	      
-	}
-    }
-
-    if (!contentFile) Usage (progName);
-    if (!signatureFile) Usage (progName);
-    if (!outFile) outFile = stdout;
-
-    /* Call the libsec initialization routines */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_Init(SECU_ConfigDirectory(NULL));
-    if (rv != SECSuccess) {
-    	SECU_PrintPRandOSError(progName);
-	return -1;
-    }
-
-    if (HashDecodeAndVerify(outFile, contentFile, signatureFile,
-			    certUsage, progName)) {
-	SECU_PrintError(progName, "problem decoding/verifying signature");
-	return -1;
-    }
-
-    return 0;
-}
diff --git a/security/nss/cmd/pk12util/Makefile b/security/nss/cmd/pk12util/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/pk12util/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
diff --git a/security/nss/cmd/pk12util/manifest.mn b/security/nss/cmd/pk12util/manifest.mn
deleted file mode 100644
index a15daef6b..000000000
--- a/security/nss/cmd/pk12util/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-CSRCS = \
-	pk12util.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = pk12util
-
-# USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c
deleted file mode 100644
index 6c272b841..000000000
--- a/security/nss/cmd/pk12util/pk12util.c
+++ /dev/null
@@ -1,839 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation.	 All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "pk11func.h"
-#include "pkcs12.h"
-#include "p12plcy.h"
-#include "pk12util.h"
-#include "nss.h"
-#include "secport.h"
-
-#define PKCS12_IN_BUFFER_SIZE	200
-
-static char *progName;
-PRBool pk12_debugging = PR_FALSE;
-
-PRIntn pk12uErrno = 0;
-
-static void
-Usage(char *progName)
-{
-#define FPS PR_fprintf(PR_STDERR,
-    FPS "Usage:	 %s -i importfile [-d certdir] [-P dbprefix] [-h tokenname]\n",
-				 progName);
-    FPS "\t\t [-k slotpwfile | -K slotpw] [-w p12filepwfile | -W p12filepw]\n");
-    FPS "Usage:	 %s -o exportfile -n certname [-d certdir] [-P dbprefix]\n", progName);
-    FPS "\t\t [-k slotpwfile | -K slotpw] [-w p12filepwfile | -W p12filepw]\n");
-    exit(PK12UERR_USAGE);
-}
-
-static PRBool
-p12u_OpenExportFile(p12uContext *p12cxt, PRBool fileRead)
-{
-    if(!p12cxt || !p12cxt->filename) {
-	return PR_FALSE;
-    }
-
-    if(fileRead) {
-	p12cxt->file = PR_Open(p12cxt->filename,
-				 PR_RDONLY, 0400);
-    } else {
-	p12cxt->file = PR_Open(p12cxt->filename,
-				 PR_CREATE_FILE | PR_RDWR | PR_TRUNCATE,
-				 0600);
-    }
-
-    if(!p12cxt->file) {
-	p12cxt->error = PR_TRUE;
-	PR_SetError(SEC_ERROR_NO_MEMORY, 0);
-	return PR_FALSE;
-    }
-
-    return PR_TRUE;
-}
-
-static void
-p12u_DestroyExportFileInfo(p12uContext **exp_ptr, PRBool removeFile)
-{
-    if(!exp_ptr || !(*exp_ptr)) {
-	return;
-    }
-
-    if((*exp_ptr)->file != NULL) {
-	PR_Close((*exp_ptr)->file);
-    }
-
-    if((*exp_ptr)->filename != NULL) {
-	if(removeFile) {
-	    PR_Delete((*exp_ptr)->filename);
-	}
-	PR_Free((*exp_ptr)->filename);
-    }
-
-    PR_Free(*exp_ptr);
-    *exp_ptr = NULL;
-}
-
-static p12uContext *
-p12u_InitFile(PRBool fileImport, char *filename)
-{
-    p12uContext *p12cxt;
-    PRBool fileExist;
-
-    if(fileImport)
-	fileExist = PR_TRUE;
-    else
-	fileExist = PR_FALSE;
-
-    p12cxt = (p12uContext *)PORT_ZAlloc(sizeof(p12uContext));
-    if(!p12cxt) {
-	PR_SetError(SEC_ERROR_NO_MEMORY, 0);
-	return NULL;
-    }
-
-    p12cxt->error = PR_FALSE;
-    p12cxt->errorValue = 0;
-    p12cxt->filename = strdup(filename);
-
-    if(!p12u_OpenExportFile(p12cxt, fileImport)) {
-	PR_SetError(p12cxt->errorValue, 0);
-	p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
-	return NULL;
-    }
-
-    return p12cxt;
-}
-
-SECItem *
-P12U_NicknameCollisionCallback(SECItem *old_nick, PRBool *cancel, void *wincx)
-{
-    char *nick = NULL;
-    SECItem *ret_nick = NULL;
-
-    if(cancel == NULL) {
-      pk12uErrno = PK12UERR_USER_CANCELLED;
-      return NULL;
-    }
-
-    if (!old_nick)
-      fprintf(stdout, "pk12util: no nickname for cert...not handled\n");
-
-    /* XXX not handled yet  */
-    *cancel = PR_TRUE;
-    return NULL;
-
-#if 0
-    nick = strdup( DEFAULT_CERT_NICKNAME );
-
-    if(old_nick && !PORT_Strcmp((char *)old_nick->data, nick)) {
-	PORT_Free(nick);
-	return NULL;
-    }
-
-    ret_nick = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(ret_nick == NULL) {
-	PORT_Free(nick);
-	return NULL;
-    }
-
-    ret_nick->data = (unsigned char *)nick;
-    ret_nick->len = PORT_Strlen(nick);
-
-    return ret_nick;
-#endif
-}
-
-static SECStatus
-p12u_SwapUnicodeBytes(SECItem *uniItem)
-{
-    unsigned int i;
-    unsigned char a;
-    if((uniItem == NULL) || (uniItem->len % 2)) {
-	return SECFailure;
-    }
-    for(i = 0; i < uniItem->len; i += 2) {
-	a = uniItem->data[i];
-	uniItem->data[i] = uniItem->data[i+1];
-	uniItem->data[i+1] = a;
-    }
-    return SECSuccess;
-}
-
-static PRBool
-p12u_ucs2_ascii_conversion_function(PRBool	   toUnicode,
-				    unsigned char *inBuf,
-				    unsigned int   inBufLen,
-				    unsigned char *outBuf,
-				    unsigned int   maxOutBufLen,
-				    unsigned int  *outBufLen,
-				    PRBool	   swapBytes)
-{
-    SECItem it = { 0 };
-    SECItem *dup = NULL;
-    PRBool ret;
-    /* If converting Unicode to ASCII, swap bytes before conversion
-     * as neccessary.
-     */
-    if (pk12_debugging) {
-	int i;
-	printf("Converted from:\n");
-	for (i=0; i<inBufLen; i++) {
-	    printf("%2x ", inBuf[i]);
-	    /*if (i%60 == 0) printf("\n");*/
-	}
-	printf("\n");
-    }
-    it.data = inBuf;
-    it.len = inBufLen;
-    dup = SECITEM_DupItem(&it);
-    if (!toUnicode && swapBytes) {
-	if (p12u_SwapUnicodeBytes(dup) != SECSuccess) {
-	    SECITEM_ZfreeItem(dup, PR_TRUE);
-	    return PR_FALSE;
-	}
-    }
-    /* Perform the conversion. */
-    ret = PORT_UCS2_UTF8Conversion(toUnicode, dup->data, dup->len,
-                                   outBuf, maxOutBufLen, outBufLen);
-    if (dup)
-	SECITEM_ZfreeItem(dup, PR_TRUE);
-    /* If converting ASCII to Unicode, swap bytes before returning
-     * as neccessary.
-     */
-#if 0
-    if (toUnicode && swapBytes) {
-	it.data = outBuf;
-	it.len = *outBufLen;
-	dup = SECITEM_DupItem(&it);
-	if (p12u_SwapUnicodeBytes(dup) != SECSuccess) {
-	    SECITEM_ZfreeItem(dup, PR_TRUE);
-	    return PR_FALSE;
-	}
-	memcpy(outBuf, dup->data, *outBufLen);
-	SECITEM_ZfreeItem(dup, PR_TRUE);
-    }
-#endif
-    if (pk12_debugging) {
-	int i;
-	printf("Converted to:\n");
-	for (i=0; i<*outBufLen; i++) {
-	    printf("%2x ", outBuf[i]);
-	    /*if (i%60 == 0) printf("\n");*/
-	}
-	printf("\n");
-    }
-    return ret;
-}
-
-SECStatus
-P12U_UnicodeConversion(PRArenaPool *arena, SECItem *dest, SECItem *src,
-		       PRBool toUnicode, PRBool swapBytes)
-{
-    unsigned int allocLen;
-    if(!dest || !src) {
-	return SECFailure;
-    }
-    allocLen = ((toUnicode) ? (src->len << 2) : src->len);
-    if(arena) {
-	dest->data = PORT_ArenaZAlloc(arena, allocLen);
-    } else {
-	dest->data = PORT_ZAlloc(allocLen);
-    }
-    if(PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len,
-				 dest->data, allocLen, &dest->len,
-				 swapBytes) == PR_FALSE) {
-	if(!arena) {
-	    PORT_Free(dest->data);
-	}
-	dest->data = NULL;
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- *
- */
-SECItem *
-P12U_GetP12FilePassword(PRBool confirmPw, secuPWData *p12FilePw)
-{
-    char *p0 = NULL, *p1 = NULL;
-    SECItem *pwItem = NULL;
-
-    if (p12FilePw == NULL || p12FilePw->source == PW_NONE) {
-	for (;;) {
-	    p0 = SECU_GetPasswordString(NULL,
-					"Enter password for PKCS12 file: ");
-	    if (!confirmPw)
-		break;
-	    p1 = SECU_GetPasswordString(NULL, "Re-enter password: ");
-	    if (PL_strcmp(p0, p1) == 0)
-		break;
-	}
-    } else if (p12FilePw->source == PW_FROMFILE) {
-	p0 = SECU_FilePasswd(NULL, PR_FALSE, p12FilePw->data);
-    } else { /* Plaintext */
-	p0 = p12FilePw->data;
-    }
-
-    pwItem = SECITEM_AllocItem(NULL, NULL, PL_strlen(p0) + 1);
-    memcpy(pwItem->data, p0, pwItem->len);
-
-    PORT_Memset(p0, 0, PL_strlen(p0));
-    PORT_Free(p0);
-
-    PORT_Memset(p1, 0, PL_strlen(p1));
-    PORT_Free(p1);
-
-    return pwItem;
-}
-
-SECStatus
-P12U_InitSlot(PK11SlotInfo *slot, secuPWData *slotPw)
-{
-    SECStatus rv;
-
-    /*	New databases, initialize keydb password. */
-    if (PK11_NeedUserInit(slot)) {
-	rv = SECU_ChangePW(slot,
-			   (slotPw->source == PW_PLAINTEXT) ? slotPw->data : 0,
-			   (slotPw->source == PW_FROMFILE) ? slotPw->data : 0);
-	if (rv != SECSuccess) {
-	    SECU_PrintError(progName, "Failed to initialize slot \"%s\"",
-				    PK11_GetSlotName(slot));
-	    return SECFailure;
-	}
-    }
-
-    if (PK11_Authenticate(slot, PR_TRUE, slotPw) != SECSuccess) {
-	SECU_PrintError(progName,
-			 "Failed to authenticate to PKCS11 slot");
-	PORT_SetError(SEC_ERROR_USER_CANCELLED);
-	pk12uErrno = PK12UERR_USER_CANCELLED;
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * given a filename for pkcs12 file, imports certs and keys
- *
- * Change: altitude
- *  I've changed this function so that it takes the keydb and pkcs12 file
- *  passwords from files.  The "pwdKeyDB" and "pwdP12File"
- *  variables have been added for this purpose.
- */
-PRIntn
-P12U_ImportPKCS12Object(char *in_file, PK11SlotInfo *slot,
-			secuPWData *slotPw, secuPWData *p12FilePw)
-{
-    p12uContext *p12cxt = NULL;
-    unsigned char inBuf[PKCS12_IN_BUFFER_SIZE];
-    SEC_PKCS12DecoderContext *p12dcx = NULL;
-    SECItem *pwitem = NULL, uniPwitem = { 0 };
-    SECItem p12file = { 0 };
-    SECStatus rv = SECFailure;
-    PRBool swapUnicode = PR_FALSE;
-    int error;
-
-#ifdef IS_LITTLE_ENDIAN
-    swapUnicode = PR_TRUE;
-#endif
-
-    rv = P12U_InitSlot(slot, slotPw);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "Failed to authenticate to \"%s\"",
-			       			 PK11_GetSlotName(slot));
-	pk12uErrno = PK12UERR_PK11GETSLOT;
-	goto loser;
-    }
-
-    p12cxt = p12u_InitFile(PR_TRUE, in_file);
-    if(!p12cxt) {
-	SECU_PrintError(progName,"Initialization failed: %s", in_file);
-	pk12uErrno = PK12UERR_INIT_FILE;
-	goto loser;
-    }
-
-    /* get the password */
-    pwitem = P12U_GetP12FilePassword(PR_FALSE, p12FilePw);
-    if (!pwitem) {
-	pk12uErrno = PK12UERR_USER_CANCELLED;
-	goto loser;
-    }
-
-    if(P12U_UnicodeConversion(NULL, &uniPwitem, pwitem, PR_TRUE,
-			      swapUnicode) != SECSuccess) {
-	SECU_PrintError(progName,"Unicode conversion failed");
-	pk12uErrno = PK12UERR_UNICODECONV;
-	goto loser;
-    }
-
-    /* init the decoder context */
-    p12dcx = SEC_PKCS12DecoderStart(&uniPwitem, slot, slotPw,
-				    NULL, NULL, NULL, NULL, NULL);
-    if(!p12dcx) {
-	SECU_PrintError(progName,"PKCS12 decoder start failed");
-	pk12uErrno = PK12UERR_PK12DECODESTART;
-	goto loser;
-    }
-
-    /* decode the item */
-    rv = SECU_FileToItem(&p12file, p12cxt->file);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName,"Failed to read from import file");
-	goto loser;
-    }
-    rv = SEC_PKCS12DecoderUpdate(p12dcx, p12file.data, p12file.len);
-
-    if(rv != SECSuccess) {
-	error = PR_GetError();
-	if(error == SEC_ERROR_DECRYPTION_DISALLOWED) {
-	    PR_SetError(error, 0);
-	    goto loser;
-	}
-#ifdef EXTRA
-	/* unable to import as a new blob, it might be an old one */
-	if(p12u_TryToImportOldPDU(p12cxt, pwitem, slot, import_arg->nickCb,
-				  import_arg->proto_win) != SECSuccess) {
-	    goto loser;
-	}
-	goto tried_pdu_import;
-#endif /* EXTRA */
-	SECU_PrintError(progName,"PKCS12 decoding failed");
-	pk12uErrno = PK12UERR_DECODE;
-    }
-
-    rv = SECFailure;
-
-    /* does the blob authenticate properly? */
-    if(SEC_PKCS12DecoderVerify(p12dcx) != SECSuccess) {
-	SECU_PrintError(progName,"PKCS12 decode not verified");
-	pk12uErrno = PK12UERR_DECODEVERIFY;
-	goto loser;
-    }
-
-    /* make sure the bags are okey dokey -- nicknames correct, etc. */
-    if (SEC_PKCS12DecoderValidateBags(p12dcx, P12U_NicknameCollisionCallback)
-	 != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_PKCS12_DUPLICATE_DATA) {
-	    pk12uErrno = PK12UERR_CERTALREADYEXISTS;
-	} else {
-	    pk12uErrno = PK12UERR_DECODEVALIBAGS;
-	}
-	SECU_PrintError(progName,"PKCS12 decode validate bags failed");
-	goto loser;
-    }
-
-    /* stuff 'em in */
-    if(SEC_PKCS12DecoderImportBags(p12dcx) != SECSuccess) {
-	SECU_PrintError(progName,"PKCS12 decode import bags failed");
-	pk12uErrno = PK12UERR_DECODEIMPTBAGS;
-	goto loser;
-    }
-
-#if 0
-    /* important - to add the password hash into the key database */
-    rv = PK11_CheckUserPassword(slot, pw_string);
-    if( rv != SECSuccess ) {
-	SECU_PrintError(progName,"Failed to CheckUserPassword");
-	exit(-1);
-    }
-#endif
-
-    PR_Close(p12cxt->file);
-    p12cxt->file = NULL;
-    /* PK11_FreeSlot(slot); */
-
-    rv = SECSuccess;
-
-loser:
-    if (rv != SECSuccess) {
-      /* pk12u_report_failure */
-    } else {
-      /* pk12u_report_success ? */
-    }
-
-    if (p12dcx) {
-	SEC_PKCS12DecoderFinish(p12dcx);
-    }
-    p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
-
-    if (uniPwitem.data) {
-	SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
-    }
-
-    if (pwitem) {
-	SECITEM_ZfreeItem(pwitem, PR_TRUE);
-    }
-
-
-    return rv;
-}
-
-static void
-p12u_DoPKCS12ExportErrors()
-{
-    int error_value;
-
-    error_value = PORT_GetError();
-    if ((error_value == SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY) ||
-	(error_value == SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME) ||
-	(error_value == SEC_ERROR_PKCS12_UNABLE_TO_WRITE)) {
-	fprintf(stderr, SECU_ErrorStringRaw((int16)error_value));
-    } else if(error_value == SEC_ERROR_USER_CANCELLED) {
-	;
-    } else {
-	fprintf(stderr, SECU_ErrorStringRaw(SEC_ERROR_EXPORTING_CERTIFICATES));
-    }
-}
-
-static void
-p12u_WriteToExportFile(void *arg, const char *buf, unsigned long len)
-{
-    p12uContext *p12cxt = arg;
-    int writeLen;
-
-    if(!p12cxt || (p12cxt->error == PR_TRUE)) {
-	return;
-    }
-
-    if(p12cxt->file == NULL) {
-	p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
-	p12cxt->error = PR_TRUE;
-	return;
-    }
-
-    writeLen = PR_Write(p12cxt->file, (unsigned char *)buf, (int32)len);
-
-    if(writeLen != (int)len) {
-	PR_Close(p12cxt->file);
-	PR_Free(p12cxt->filename);
-	p12cxt->filename = NULL;
-	p12cxt->file = NULL;
-	p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
-	p12cxt->error = PR_TRUE;
-    }
-}
-
-void
-P12U_ExportPKCS12Object(char *nn, char *outfile, PK11SlotInfo *inSlot,
-			secuPWData *slotPw, secuPWData *p12FilePw)
-{
-    SEC_PKCS12ExportContext *p12ecx = NULL;
-    SEC_PKCS12SafeInfo *keySafe = NULL, *certSafe = NULL;
-    SECItem *pwitem = NULL;
-    PK11SlotInfo *slot = NULL;
-    p12uContext *p12cxt = NULL;
-    CERTCertificate *cert;
-
-    if (P12U_InitSlot(inSlot, slotPw) != SECSuccess) {
-	SECU_PrintError(progName,"Failed to authenticate to \"%s\"",
-			  PK11_GetSlotName(inSlot));
-	pk12uErrno = PK12UERR_PK11GETSLOT;
-	goto loser;
-    }
-    cert = PK11_FindCertFromNickname(nn, slotPw);
-    if(!cert) {
-	SECU_PrintError(progName,"find cert by nickname failed");
-	pk12uErrno = PK12UERR_FINDCERTBYNN;
-	return;
-    }
-
-    if (!cert->slot) {
-	SECU_PrintError(progName,"cert does not have a slot");
-	pk12uErrno = PK12UERR_FINDCERTBYNN;
-	goto loser;
-    }
-
-    /*	Password to use for PKCS12 file.  */
-    pwitem = P12U_GetP12FilePassword(PR_TRUE, p12FilePw);
-    if(!pwitem) {
-	goto loser;
-    }
-
-    p12ecx = SEC_PKCS12CreateExportContext(NULL, NULL, cert->slot, slotPw);
-    if(!p12ecx) {
-	SECU_PrintError(progName,"export context creation failed");
-	pk12uErrno = PK12UERR_EXPORTCXCREATE;
-	goto loser;
-    }
-
-    if(SEC_PKCS12AddPasswordIntegrity(p12ecx, pwitem, SEC_OID_SHA1)
-       != SECSuccess) {
-	SECU_PrintError(progName,"PKCS12 add password integrity failed");
-	pk12uErrno = PK12UERR_PK12ADDPWDINTEG;
-	goto loser;
-    }
-
-    keySafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
-    if(/*!SEC_PKCS12IsEncryptionAllowed() || */ PK11_IsFIPS()) {
-	certSafe = keySafe;
-    } else {
-	certSafe = SEC_PKCS12CreatePasswordPrivSafe(p12ecx, pwitem,
-			SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC);
-    }
-
-    if(!certSafe || !keySafe) {
-	SECU_PrintError(progName,"key or cert safe creation failed");
-	pk12uErrno = PK12UERR_CERTKEYSAFE;
-	goto loser;
-    }
-
-    if(SEC_PKCS12AddCertAndKey(p12ecx, certSafe, NULL, cert,
-			CERT_GetDefaultCertDB(), keySafe, NULL, PR_TRUE, pwitem,
-			SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC)
-			!= SECSuccess) {
-	SECU_PrintError(progName,"add cert and key failed");
-	pk12uErrno = PK12UERR_ADDCERTKEY;
-	goto loser;
-    }
-
-    p12cxt = p12u_InitFile(PR_FALSE, outfile); 
-    if(!p12cxt) {
-	SECU_PrintError(progName,"Initialization failed: %s", outfile);
-	pk12uErrno = PK12UERR_INIT_FILE;
-	goto loser;
-    }
-
-    if(SEC_PKCS12Encode(p12ecx, p12u_WriteToExportFile, p12cxt)
-			!= SECSuccess) {
-	SECU_PrintError(progName,"PKCS12 encode failed");
-	pk12uErrno = PK12UERR_ENCODE;
-	goto loser;
-    }
-
-    p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
-    SECITEM_ZfreeItem(pwitem, PR_TRUE);
-    CERT_DestroyCertificate(cert);
-    if(slot) {
-	PK11_FreeSlot(slot);
-    }
-
-    fprintf(stdout, "%s: PKCS12 EXPORT SUCCESSFUL\n", progName);
-    SEC_PKCS12DestroyExportContext(p12ecx);
-
-    return;
-
-loser:
-    SEC_PKCS12DestroyExportContext(p12ecx);
-
-    if (slotPw)
-	PR_Free(slotPw->data);
-
-    if (p12FilePw)
-	PR_Free(p12FilePw->data);
-
-    if(slot && (slot != cert->slot)) {
-	PK11_FreeSlot(slot);
-    }
-    if(cert) {
-	CERT_DestroyCertificate(cert);
-    }
-    p12u_DestroyExportFileInfo(&p12cxt, PR_TRUE);
-    if(pwitem) {
-	SECITEM_ZfreeItem(pwitem, PR_TRUE);
-    }
-    p12u_DoPKCS12ExportErrors();
-    return;
-}
-
-static void
-p12u_EnableAllCiphers()
-{
-    SEC_PKCS12EnableCipher(PKCS12_RC4_40, 1);
-    SEC_PKCS12EnableCipher(PKCS12_RC4_128, 1);
-    SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_40, 1);
-    SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_128, 1);
-    SEC_PKCS12EnableCipher(PKCS12_DES_56, 1);
-    SEC_PKCS12EnableCipher(PKCS12_DES_EDE3_168, 1);
-    SEC_PKCS12SetPreferredCipher(PKCS12_DES_EDE3_168, 1);
-}
-
-static PRUintn
-P12U_Init(char *dir, char *dbprefix)
-{
-    SECStatus rv;
-    PK11_SetPasswordFunc(SECU_GetModulePassword);
-
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_Initialize(dir,dbprefix,dbprefix,"secmod.db",0);
-    if (rv != SECSuccess) {
-    	SECU_PrintPRandOSError(progName);
-        exit(-1);
-    }
-
-    /* setup unicode callback functions */
-    PORT_SetUCS2_ASCIIConversionFunction(p12u_ucs2_ascii_conversion_function);
-    /* use the defaults for UCS4-UTF8 and UCS2-UTF8 */
-
-    p12u_EnableAllCiphers();
-
-    return 0;
-}
-
-enum {
-    opt_CertDir = 0,
-    opt_TokenName,
-    opt_Import,
-    opt_SlotPWFile,
-    opt_SlotPW,
-    opt_Mode,
-    opt_Nickname,
-    opt_Export,
-    opt_P12FilePWFile,
-    opt_P12FilePW,
-    opt_DBPrefix,
-    opt_Debug
-};
-
-static secuCommandFlag pk12util_options[] =
-{
-    { /* opt_CertDir	       */ 'd', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_TokenName	       */ 'h', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_Import	       */ 'i', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_SlotPWFile	       */ 'k', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_SlotPW	       */ 'K', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_Mode	       */ 'm', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_Nickname	       */ 'n', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_Export	       */ 'o', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_P12FilePWFile     */ 'w', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_P12FilePW	       */ 'W', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_DBPrefix	       */ 'P', PR_TRUE,	 0, PR_FALSE },
-    { /* opt_Debug	       */ 'v', PR_FALSE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
-    PRIntn ret = 0;
-    secuPWData slotPw = { PW_NONE, NULL };
-    secuPWData p12FilePw = { PW_NONE, NULL };
-    PK11SlotInfo *slot;
-    char *slotname = NULL;
-    char *import_file = NULL;
-    char *export_file = NULL;
-    char *dbprefix = "";
-    SECStatus rv;
-
-    secuCommand pk12util;
-    pk12util.numCommands = 0;
-    pk12util.commands = 0;
-    pk12util.numOptions = sizeof(pk12util_options) / sizeof(secuCommandFlag);
-    pk12util.options = pk12util_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    rv = SECU_ParseCommandLine(argc, argv, progName, &pk12util);
-
-    if (rv != SECSuccess)
-	Usage(progName);
-
-    pk12_debugging = pk12util.options[opt_Debug].activated;
-
-    if (pk12util.options[opt_Import].activated &&
-	pk12util.options[opt_Export].activated) {
-	Usage(progName);
-    }
-
-    if (pk12util.options[opt_Export].activated &&
-       !pk12util.options[opt_Nickname].activated) {
-	Usage(progName);
-    }
-
-    slotname = SECU_GetOptionArg(&pk12util, opt_TokenName);
-    import_file = SECU_GetOptionArg(&pk12util, opt_Import);
-    export_file = SECU_GetOptionArg(&pk12util, opt_Export);
-
-    if (pk12util.options[opt_P12FilePWFile].activated) {
-	p12FilePw.source = PW_FROMFILE;
-	p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePWFile].arg);
-    }
-
-    if (pk12util.options[opt_P12FilePW].activated) {
-	p12FilePw.source = PW_PLAINTEXT;
-	p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePW].arg);
-    }
-
-    if (pk12util.options[opt_SlotPWFile].activated) {
-	slotPw.source = PW_FROMFILE;
-	slotPw.data = PL_strdup(pk12util.options[opt_SlotPWFile].arg);
-    }
-
-    if (pk12util.options[opt_SlotPW].activated) {
-	slotPw.source = PW_PLAINTEXT;
-	slotPw.data = PL_strdup(pk12util.options[opt_SlotPW].arg);
-    }
-
-    if (pk12util.options[opt_CertDir].activated) {
-	SECU_ConfigDirectory(pk12util.options[opt_CertDir].arg);
-    }
-    if (pk12util.options[opt_DBPrefix].activated) {
-    	dbprefix = pk12util.options[opt_DBPrefix].arg;
-    }
-    P12U_Init(SECU_ConfigDirectory(NULL),dbprefix);
-
-    if (!slotname || PL_strcmp(slotname, "internal") == 0)
-	slot = PK11_GetInternalKeySlot();
-    else
-	slot = PK11_FindSlotByName(slotname);
-
-    if (!slot) {
-	SECU_PrintError(progName,"Invalid slot \"%s\"", slotname);
-	pk12uErrno = PK12UERR_PK11GETSLOT;
-	goto done;
-    }
-
-    if (pk12util.options[opt_Import].activated) {
-
-	if ((ret = P12U_ImportPKCS12Object(import_file, slot, &slotPw,
-					   &p12FilePw)) != 0)
-	    goto done;
-
-    } else if (pk12util.options[opt_Export].activated) {
-	P12U_ExportPKCS12Object(pk12util.options[opt_Nickname].arg,
-				export_file, slot, &slotPw, &p12FilePw);
-    } else {
-	Usage(progName);
-	pk12uErrno = PK12UERR_USAGE;
-    }
-
-done:
-    if (slot) PK11_FreeSlot(slot);
-    NSS_Shutdown();
-    exit(pk12uErrno);
-}
diff --git a/security/nss/cmd/pk12util/pk12util.h b/security/nss/cmd/pk12util/pk12util.h
deleted file mode 100644
index 8e456d98c..000000000
--- a/security/nss/cmd/pk12util/pk12util.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ERROR codes in pk12util
- * - should be organized better later
- */
-#define PK12UERR_USER_CANCELLED 1
-#define PK12UERR_USAGE 2
-#define PK12UERR_CERTDB_OPEN 8
-#define PK12UERR_KEYDB_OPEN 9
-#define PK12UERR_INIT_FILE 10
-#define PK12UERR_UNICODECONV 11
-#define PK12UERR_TMPDIGCREATE 12
-#define PK12UERR_PK11GETSLOT 13
-#define PK12UERR_PK12DECODESTART 14
-#define PK12UERR_IMPORTFILEREAD 15
-#define PK12UERR_DECODE 16
-#define PK12UERR_DECODEVERIFY 17
-#define PK12UERR_DECODEVALIBAGS 18
-#define PK12UERR_DECODEIMPTBAGS 19
-#define PK12UERR_CERTALREADYEXISTS 20
-#define PK12UERR_PATCHDB 22
-#define PK12UERR_GETDEFCERTDB 23
-#define PK12UERR_FINDCERTBYNN 24
-#define PK12UERR_EXPORTCXCREATE 25
-#define PK12UERR_PK12ADDPWDINTEG 26
-#define PK12UERR_CERTKEYSAFE 27
-#define PK12UERR_ADDCERTKEY 28
-#define PK12UERR_ENCODE 29
-
-
-/* additions for importing and exporting PKCS 12 files */
-typedef struct p12uContextStr {
-    char        *filename;    /* name of file */
-	PRFileDesc  *file;        /* pointer to file */
-	PRBool       error;       /* error occurred? */
-	int          errorValue;  /* which error occurred? */
-} p12uContext;
diff --git a/security/nss/cmd/pkiutil/Makefile b/security/nss/cmd/pkiutil/Makefile
deleted file mode 100644
index 23afa3799..000000000
--- a/security/nss/cmd/pkiutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
- 
diff --git a/security/nss/cmd/pkiutil/manifest.mn b/security/nss/cmd/pkiutil/manifest.mn
deleted file mode 100644
index 3ab2925fe..000000000
--- a/security/nss/cmd/pkiutil/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-CSRCS = \
-	pkiutil.c \
-	$(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = pkiutil
diff --git a/security/nss/cmd/pkiutil/pkiutil.c b/security/nss/cmd/pkiutil/pkiutil.c
deleted file mode 100644
index 7d45c3191..000000000
--- a/security/nss/cmd/pkiutil/pkiutil.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "nss.h"
-#include "cmdutil.h"
-#include "nsspki.h"
-/* hmmm...*/
-#include "pki.h"
-
-#define PKIUTIL_VERSION_STRING "pkiutil version 0.1"
-
-char *progName = NULL;
-
-typedef struct {
-    PRBool      raw;
-    PRBool      ascii;
-    char       *name;
-    PRFileDesc *file;
-} objOutputMode;
-
-typedef enum {
-    PKIUnknown = -1,
-    PKICertificate,
-    PKIPublicKey,
-    PKIPrivateKey,
-    PKIAny
-} PKIObjectType;
-
-static PKIObjectType
-get_object_class(char *type)
-{
-    if (strcmp(type, "certificate") == 0 || strcmp(type, "cert") == 0 ||
-        strcmp(type, "Certificate") == 0 || strcmp(type, "Cert") == 0) {
-	return PKICertificate;
-    } else if (strcmp(type, "public_key") == 0 || 
-               strcmp(type, "PublicKey") == 0) {
-	return PKIPublicKey;
-    } else if (strcmp(type, "private_key") == 0 || 
-               strcmp(type, "PrivateKey") == 0) {
-	return PKIPrivateKey;
-    } else if (strcmp(type, "all") == 0 || strcmp(type, "any") == 0) {
-	return PKIAny;
-    }
-    fprintf(stderr, "%s: \"%s\" is not a valid PKCS#11 object type.\n",
-                     progName, type);
-    return PKIUnknown;
-}
-
-static PRStatus
-print_cert_callback(NSSCertificate *c, void *arg)
-{
-    int i;
-    NSSUTF8 *label;
-    NSSItem *id;
-    label = NSSCertificate_GetLabel(c);
-    printf("%s\n", label);
-    nss_ZFreeIf((void*)label);
-#if 0
-    id = NSSCertificate_GetID(c);
-    for (i=0; i<id->size; i++) {
-	printf("%c", ((char *)id->data)[i]);
-    }
-    printf("\n");
-#endif
-    return PR_SUCCESS;
-}
-
-/*  pkiutil commands  */
-enum {
-    cmd_Add = 0,
-    cmd_Dump,
-    cmd_List,
-    cmd_Version,
-    pkiutil_num_commands
-};
-
-/*  pkiutil options */
-enum {
-    opt_Help = 0,
-    opt_Ascii,
-    opt_ProfileDir,
-    opt_TokenName,
-    opt_InputFile,
-    opt_Nickname,
-    opt_OutputFile,
-    opt_Binary,
-    opt_Trust,
-    opt_Type,
-    pkiutil_num_options
-};
-
-static cmdCommandLineArg pkiutil_commands[] =
-{
- { /* cmd_Add         */  'A', "add", CMDNoArg, 0, PR_FALSE, 
-                           CMDBIT(opt_Nickname) | CMDBIT(opt_Trust), 
-                           CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir) 
-                           | CMDBIT(opt_TokenName) | CMDBIT(opt_InputFile) 
-                           | CMDBIT(opt_Binary) | CMDBIT(opt_Type) },
- { /* cmd_Dump        */   0 , "dump", CMDNoArg, 0, PR_FALSE,
-                           CMDBIT(opt_Nickname),
-                           CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir) 
-                           | CMDBIT(opt_TokenName) | CMDBIT(opt_Binary)
-                           | CMDBIT(opt_Type) },
- { /* cmd_List        */  'L', "list", CMDNoArg, 0, PR_FALSE, 0, 
-                           CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir) 
-                           | CMDBIT(opt_TokenName) | CMDBIT(opt_Binary)
-                           | CMDBIT(opt_Nickname) | CMDBIT(opt_Type) },
- { /* cmd_Version     */  'Y', "version", CMDNoArg, 0, PR_FALSE, 0, 0 }
-};
-
-static cmdCommandLineOpt pkiutil_options[] =
-{
- { /* opt_Help        */  '?', "help",     CMDNoArg,   0, PR_FALSE },
- { /* opt_Ascii       */  'a', "ascii",    CMDNoArg,   0, PR_FALSE },
- { /* opt_ProfileDir  */  'd', "dbdir",    CMDArgReq,  0, PR_FALSE },
- { /* opt_TokenName   */  'h', "token",    CMDArgReq,  0, PR_FALSE },
- { /* opt_InputFile   */  'i', "infile",   CMDArgReq,  0, PR_FALSE },
- { /* opt_Nickname    */  'n', "nickname", CMDArgReq,  0, PR_FALSE },
- { /* opt_OutputFile  */  'o', "outfile",  CMDArgReq,  0, PR_FALSE },
- { /* opt_Binary      */  'r', "raw",      CMDNoArg,   0, PR_FALSE },
- { /* opt_Trust       */  't', "trust",    CMDArgReq,  0, PR_FALSE },
- { /* opt_Type        */   0 , "type",     CMDArgReq,  0, PR_FALSE }
-};
-
-void pkiutil_usage(cmdPrintState *ps, 
-                   int num, PRBool cmd, PRBool header, PRBool footer)
-{
-#define pusg CMD_PrintUsageString
-    if (header) {
-	pusg(ps, "utility for managing PKCS#11 objects (certs and keys)\n");
-    } else if (footer) {
-	/*
-	printf("certificate trust can be:\n");
-	printf(" p - valid peer, P - trusted peer (implies p)\n");
-	printf(" c - valid CA\n");
-	printf("  T - trusted CA to issue client certs (implies c)\n");
-	printf("  C - trusted CA to issue server certs (implies c)\n");
-	printf(" u - user cert\n");
-	printf(" w - send warning\n");
-	*/
-    } else if (cmd) {
-	switch(num) {
-	case cmd_Add:     
-	    pusg(ps, "Add an object to the token"); break;
-	case cmd_Dump:
-	    pusg(ps, "Dump a single object"); break;
-	case cmd_List:    
-	    pusg(ps, "List objects on the token (-n for single object)"); break;
-	case cmd_Version: 
-	    pusg(ps, "Report version"); break;
-	default:
-	    pusg(ps, "Unrecognized command"); break;
-	}
-    } else {
-	switch(num) {
-	case opt_Ascii:      
-	    pusg(ps, "Use ascii (base-64 encoded) mode for I/O"); break;
-	case opt_ProfileDir:    
-	    pusg(ps, "Directory containing security databases (def: \".\")"); 
-	    break;
-	case opt_TokenName:  
-	    pusg(ps, "Name of PKCS#11 token to use (def: internal)"); break;
-	case opt_InputFile:  
-	    pusg(ps, "File for input (def: stdin)"); break;
-	case opt_Nickname:   
-	    pusg(ps, "Nickname of object"); break;
-	case opt_OutputFile: 
-	    pusg(ps, "File for output (def: stdout)"); break;
-	case opt_Binary:    
-	    pusg(ps, "Use raw (binary der-encoded) mode for I/O"); break;
-	case opt_Trust:      
-	    pusg(ps, "Trust level for certificate"); break;
-	case opt_Help: break;
-	default:
-	    pusg(ps, "Unrecognized option");
-	}
-    }
-}
-
-int 
-main(int argc, char **argv)
-{
-    PRFileDesc     *infile        = NULL;
-    PRFileDesc     *outfile       = NULL;
-    char           *profiledir       = "./";
-#if 0
-    secuPWData      pwdata        = { PW_NONE, 0 };
-#endif
-    int             objclass      = 3; /* ANY */
-    NSSTrustDomain *root_cert_td  = NULL;
-    char           *rootpath      = NULL;
-    char            builtin_name[]= "libnssckbi.so"; /* temporary hardcode */
-    PRStatus        rv            = PR_SUCCESS;
-
-    int cmdToRun;
-    cmdCommand pkiutil;
-    pkiutil.ncmd = pkiutil_num_commands;
-    pkiutil.nopt = pkiutil_num_options;
-    pkiutil.cmd = pkiutil_commands;
-    pkiutil.opt = pkiutil_options;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    cmdToRun = CMD_ParseCommandLine(argc, argv, progName, &pkiutil);
-
-#if 0
-    { int i, nc;
-    for (i=0; i<pkiutil.ncmd; i++)
-	printf("%s: %s <%s>\n", pkiutil.cmd[i].s, 
-	                        (pkiutil.cmd[i].on) ? "on" : "off",
-				pkiutil.cmd[i].arg);
-    for (i=0; i<pkiutil.nopt; i++)
-	printf("%s: %s <%s>\n", pkiutil.opt[i].s, 
-	                        (pkiutil.opt[i].on) ? "on" : "off",
-				pkiutil.opt[i].arg);
-    }
-#endif
-
-    if (pkiutil.opt[opt_Help].on)
-	CMD_LongUsage(progName, &pkiutil, pkiutil_usage);
-
-    if (cmdToRun < 0)
-	CMD_Usage(progName, &pkiutil);
-
-    /* -d */
-    if (pkiutil.opt[opt_ProfileDir].on) {
-	profiledir = strdup(pkiutil.opt[opt_ProfileDir].arg);
-    }
-
-    /* -i */
-    if (pkiutil.opt[opt_InputFile].on) {
-	char *fn = pkiutil.opt[opt_InputFile].arg;
-	infile = PR_Open(fn, PR_RDONLY, 0660);
-    } else {
-	infile = PR_STDIN;
-    }
-
-    /* -o */
-    if (pkiutil.opt[opt_OutputFile].on) {
-	char *fn = pkiutil.opt[opt_OutputFile].arg;
-	outfile = PR_Open(fn, PR_WRONLY | PR_CREATE_FILE, 0660);
-    } else {
-	outfile = PR_STDOUT;
-    }
-
-    /* --type can be found on many options */
-    if (pkiutil.opt[opt_Type].on)
-	objclass = get_object_class(pkiutil.opt[opt_Type].arg);
-    else if (cmdToRun == cmd_Dump && pkiutil.cmd[cmd_Dump].arg)
-	objclass = get_object_class(pkiutil.cmd[cmd_Dump].arg);
-    else if (cmdToRun == cmd_List && pkiutil.cmd[cmd_List].arg)
-	objclass = get_object_class(pkiutil.cmd[cmd_List].arg);
-    else if (cmdToRun == cmd_Add && pkiutil.cmd[cmd_Add].arg)
-	objclass = get_object_class(pkiutil.cmd[cmd_Add].arg);
-    if (objclass < 0)
-	goto done;
-
-    /* --print is an alias for --list --nickname */
-    if (cmdToRun == cmd_Dump) cmdToRun = cmd_List;
-
-    /* if list has raw | ascii must have -n.  can't have both raw and ascii */
-    if (pkiutil.opt[opt_Binary].on || pkiutil.opt[opt_Ascii].on) {
-	if (cmdToRun == cmd_List && !pkiutil.opt[opt_Nickname].on) {
-	    fprintf(stderr, "%s: specify a object to output with -n\n", 
-	                     progName);
-	    CMD_LongUsage(progName, &pkiutil, pkiutil_usage);
-	}
-    }
-
-    /* initialize */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    /* NSS_InitReadWrite(profiledir); */
-    NSS_NoDB_Init(NULL);
-
-    /* Display version info and exit */
-    if (cmdToRun == cmd_Version) {
-	printf("%s\nNSS Version %s\n", PKIUTIL_VERSION_STRING, NSS_VERSION);
-	goto done;
-    }
-
-    /* XXX okay - bootstrap stan by loading the root cert module for testing */
-    root_cert_td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
-    {
-	int rootpathlen = strlen(profiledir) + strlen(builtin_name) + 1;
-	rootpath = (char *)malloc(rootpathlen);
-	memcpy(rootpath, profiledir, strlen(profiledir));
-	memcpy(rootpath + strlen(profiledir), 
-               builtin_name, strlen(builtin_name));
-	rootpath[rootpathlen - 1] = '\0';
-    }
-    NSSTrustDomain_LoadModule(root_cert_td, "Builtin Root Module", rootpath, 
-                              NULL, NULL);
-
-    printf("\n");
-    if (pkiutil.opt[opt_Nickname].on) {
-	int i;
-	NSSCertificate **certs;
-	NSSCertificate *cert;
-	certs = NSSTrustDomain_FindCertificatesByNickname(root_cert_td,
-			pkiutil.opt[opt_Nickname].arg, NULL, 0, NULL);
-	i = 0;
-	while ((cert = certs[i++]) != NULL) {
-	    printf("Found cert:\n");
-	    print_cert_callback(cert, NULL);
-	}
-    } else {
-        NSSTrustDomain_TraverseCertificates(root_cert_td, print_cert_callback, 0);
-    }
-
-    NSSTrustDomain_Destroy(root_cert_td);
-
-    /* List token objects */
-    if (cmdToRun == cmd_List)  {
-#if 0
-	rv = list_token_objects(slot, objclass, 
-	                        pkiutil.opt[opt_Nickname].arg,
-	                        pkiutil.opt[opt_Binary].on,
-	                        pkiutil.opt[opt_Ascii].on,
-	                        outfile, &pwdata);
-#endif
-	goto done;
-    }
-
-#if 0
-    /* Import an object into the token. */
-    if (cmdToRun == cmd_Add) {
-	rv = add_object_to_token(slot, object);
-	goto done;
-    }
-#endif
-
-done:
-    NSS_Shutdown();
-
-    return rv;
-}
diff --git a/security/nss/cmd/pkiutil/platlibs.mk b/security/nss/cmd/pkiutil/platlibs.mk
deleted file mode 100644
index 9a714f300..000000000
--- a/security/nss/cmd/pkiutil/platlibs.mk
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
-	$(DIST)/lib/libcmdutil.$(LIB_SUFFIX) \
-	$(NULL)
-
-ifeq ($(OS_ARCH), AIX) 
-EXTRA_SHARED_LIBS += -brtl 
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lnsspki3 \
-	-lnss3 \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-
diff --git a/security/nss/cmd/platlibs.mk b/security/nss/cmd/platlibs.mk
deleted file mode 100644
index 0a8bfb567..000000000
--- a/security/nss/cmd/platlibs.mk
+++ /dev/null
@@ -1,196 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-ifdef USE_STATIC_LIBS
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-DEFINES += -DNSS_USE_STATIC_LIBS
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/freebl.lib
-ifdef MOZILLA_SECURITY_BUILD
-	CRYPTOLIB=$(DIST)/lib/crypto.lib
-endif
-ifdef MOZILLA_BSAFE_BUILD
-	CRYPTOLIB+=$(DIST)/lib/bsafe$(BSAFEVER).lib
-	CRYPTOLIB+=$(DIST)/lib/freebl.lib
-endif
-
-EXTRA_LIBS += \
-	$(DIST)/lib/smime.lib \
-	$(DIST)/lib/ssl.lib \
-	$(DIST)/lib/jar.lib \
-	$(DIST)/lib/zlib.lib \
-	$(DIST)/lib/nss.lib \
-	$(DIST)/lib/ssl.lib \
-	$(DIST)/lib/sectool.lib \
-	$(DIST)/lib/pkcs12.lib \
-	$(DIST)/lib/pkcs7.lib \
-	$(DIST)/lib/certhi.lib \
-	$(DIST)/lib/cryptohi.lib \
-	$(DIST)/lib/pk11wrap.lib \
-	$(DIST)/lib/certdb.lib \
-	$(DIST)/lib/softokn.lib \
-	$(CRYPTOLIB) \
-	$(DIST)/lib/swfci.lib \
-	$(DIST)/lib/secutil.lib \
-	$(DIST)/lib/nsspki.lib \
-	$(DIST)/lib/nssdev.lib \
-	$(DIST)/lib/nssb.lib \
-	$(DIST)/lib/dbm.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-#OS_LIBS += \
-	wsock32.lib \
-	winmm.lib \
-	$(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-ifdef MOZILLA_SECURITY_BUILD
-	CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-endif
-ifdef MOZILLA_BSAFE_BUILD
-	CRYPTOLIB+=$(DIST)/lib/$(LIB_PREFIX)bsafe.$(LIB_SUFFIX)
-	CRYPTOLIB+=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-endif
-EXTRA_LIBS += \
-	$(DIST)/lib/$(LIB_PREFIX)smime.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)jar.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)zlib.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nss.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)ssl.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \
-	$(CRYPTOLIB) \
-	$(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
-	$(NULL)
-
-ifeq ($(OS_ARCH), AIX) 
-EXTRA_SHARED_LIBS += -brtl 
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-ifdef XP_OS2_VACPP
-EXTRA_SHARED_LIBS += \
-	$(DIST)/lib/plc4.lib \
-	$(DIST)/lib/plds4.lib \
-	$(DIST)/lib/nspr4.lib \
-	$(NULL)
-else
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-endif
-endif
-
-else
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
-	$(DIST)/lib/sectool.lib \
-	$(DIST)/lib/smime3.lib \
-	$(DIST)/lib/ssl3.lib \
-	$(DIST)/lib/nss3.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-#OS_LIBS += \
-	wsock32.lib \
-	winmm.lib \
-	$(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
-	$(DIST)/lib/$(LIB_PREFIX)sectool.$(LIB_SUFFIX) \
-	$(NULL)
-
-ifeq ($(OS_ARCH), AIX) 
-EXTRA_SHARED_LIBS += -brtl 
-endif
-
-# On Linux we must use the -rpath-link option to tell the linker
-# where to find libsoftokn3.so, an implicit dependency of libnss3.so.
-ifeq ($(OS_ARCH), Linux) 
-EXTRA_SHARED_LIBS += -Wl,-rpath-link,$(DIST)/lib
-endif
-
-ifeq ($(OS_ARCH), Darwin)
-EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lssl3 \
-	-lsmime3 \
-	-lnss3 \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-endif
-
-endif
diff --git a/security/nss/cmd/platrules.mk b/security/nss/cmd/platrules.mk
deleted file mode 100644
index 3e5c19933..000000000
--- a/security/nss/cmd/platrules.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-show:
-	@echo "DEFINES 		= ${DEFINES}"
-	@echo "EXTRA_LIBS	= >$(EXTRA_LIBS)<"
-	@echo "IMPORT_LIBRARY 	= $(IMPORT_LIBRARY)"
-	@echo "LIBRARY 		= $(LIBRARY)"
-	@echo "OBJS 		= $(OBJS)"
-	@echo "OS_ARCH 		= $(OS_ARCH)"
-	@echo "PROGRAM 		= >$(PROGRAM)<"
-	@echo "PROGRAMS 	= $(PROGRAMS)"
-	@echo "SHARED_LIBRARY 	= $(SHARED_LIBRARY)"
-	@echo "TARGETS 		= >$(TARGETS)<"
-
-showplatform:
-	@echo $(PLATFORM)
diff --git a/security/nss/cmd/pp/Makefile b/security/nss/cmd/pp/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/pp/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pp/manifest.mn b/security/nss/cmd/pp/manifest.mn
deleted file mode 100644
index dc0da84f9..000000000
--- a/security/nss/cmd/pp/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security 
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm 
-
-DEFINES = -DNSPR20
-
-CSRCS = pp.c
-
-PROGRAM	= pp
diff --git a/security/nss/cmd/pp/pp.c b/security/nss/cmd/pp/pp.c
deleted file mode 100644
index 157dec0af..000000000
--- a/security/nss/cmd/pp/pp.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Pretty-print some well-known BER or DER encoded data (e.g. certificates,
- * keys, pkcs7)
- *
- * $Id$
- */
-
-#include "secutil.h"
-
-#if defined(__sun) && !defined(SVR4)
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-#include "plgetopt.h"
-
-#include "pk11func.h"
-#include "nspr.h"
-#include "nss.h"
-
-static void Usage(char *progName)
-{
-    fprintf(stderr,
-	    "Usage:  %s -t type [-a] [-i input] [-o output]\n",
-	    progName);
-    fprintf(stderr, "%-20s Specify the input type (must be one of %s,\n",
-	    "-t type", SEC_CT_PRIVATE_KEY);
-    fprintf(stderr, "%-20s %s, %s, %s,\n", "", SEC_CT_PUBLIC_KEY,
-	    SEC_CT_CERTIFICATE, SEC_CT_CERTIFICATE_REQUEST);
-    fprintf(stderr, "%-20s %s or %s)\n", "", SEC_CT_PKCS7, SEC_CT_CRL);    
-    fprintf(stderr, "%-20s Input is in ascii encoded form (RFC1113)\n",
-	    "-a");
-    fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
-	    "-i input");
-    fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
-	    "-o output");
-    exit(-1);
-}
-
-int main(int argc, char **argv)
-{
-    int rv, ascii;
-    char *progName;
-    FILE *outFile;
-    PRFileDesc *inFile;
-    SECItem der, data;
-    char *typeTag;
-    PLOptState *optstate;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    ascii = 0;
-    inFile = 0;
-    outFile = 0;
-    typeTag = 0;
-    optstate = PL_CreateOptState(argc, argv, "at:i:o:");
-    while ( PL_GetNextOpt(optstate) == PL_OPT_OK ) {
-	switch (optstate->option) {
-	  case '?':
-	    Usage(progName);
-	    break;
-
-	  case 'a':
-	    ascii = 1;
-	    break;
-
-	  case 'i':
-	    inFile = PR_Open(optstate->value, PR_RDONLY, 0);
-	    if (!inFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 'o':
-	    outFile = fopen(optstate->value, "w");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		return -1;
-	    }
-	    break;
-
-	  case 't':
-	    typeTag = strdup(optstate->value);
-	    break;
-	}
-    }
-
-    if (!typeTag) Usage(progName);
-
-    if (!inFile) inFile = PR_STDIN;
-    if (!outFile) outFile = stdout;
-
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_NoDB_Init(NULL);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "%s: NSS_NoDB_Init failed\n", progName);
-	exit(1);
-    }
-
-    rv = SECU_ReadDERFromFile(&der, inFile, ascii);
-    if (rv != SECSuccess) {
-	fprintf(stderr, "%s: SECU_ReadDERFromFile failed\n", progName);
-	exit(1);
-    }
-
-    /* Data is untyped, using the specified type */
-    data.data = der.data;
-    data.len = der.len;
-
-    /* Pretty print it */
-    if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) {
-	rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
-			     SECU_PrintCertificate);
-    } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) {
-	rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
-			     SECU_PrintCertificateRequest);
-    } else if (PORT_Strcmp (typeTag, SEC_CT_CRL) == 0) {
-	rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl);
-#ifdef HAVE_EPV_TEMPLATE
-    } else if (PORT_Strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) {
-	rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
-#endif
-    } else if (PORT_Strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) {
-	rv = SECU_PrintPublicKey(outFile, &data, "Public Key", 0);
-    } else if (PORT_Strcmp(typeTag, SEC_CT_PKCS7) == 0) {
-	rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
-					"PKCS #7 Content Info", 0);
-    } else {
-	fprintf(stderr, "%s: don't know how to print out '%s' files\n",
-		progName, typeTag);
-	return -1;
-    }
-
-    if (rv) {
-	fprintf(stderr, "%s: problem converting data (%s)\n",
-		progName, SECU_Strerror(PORT_GetError()));
-	return -1;
-    }
-    return 0;
-}
diff --git a/security/nss/cmd/rsaperf/Makefile b/security/nss/cmd/rsaperf/Makefile
deleted file mode 100644
index 1a555a2fe..000000000
--- a/security/nss/cmd/rsaperf/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1998-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET)))  #omits WINCE
-ifndef BUILD_OPT
-LDFLAGS   +=  /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/rsaperf/defkey.c b/security/nss/cmd/rsaperf/defkey.c
deleted file mode 100644
index 3dd4fe36c..000000000
--- a/security/nss/cmd/rsaperf/defkey.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1998-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* This key is the 1024-bit test key used for speed testing of RSA private 
-** key ops.
-*/
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-
-#undef CONST
-#define CONST
-
-static CONST unsigned char default_n[128] = {
-0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1,
-0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39,
-0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae,
-0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8,
-0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62,
-0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8,
-0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b,
-0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17
-};
-
-static CONST unsigned char default_e[3] = { 0x01,0x00,0x01 };
-
-static CONST unsigned char default_d[128] = {
-0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80,
-0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e,
-0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94,
-0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d,
-0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0,
-0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20,
-0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee,
-0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01
-};
-
-static CONST unsigned char default_p[64] = {
-0xf6,0x3c,0x3f,0x56,0x58,0x4f,0xb3,0x82,0x0c,0xf0,0x5b,0x42,0x36,0x1c,0x93,0xde,
-0x9b,0x32,0x01,0xb1,0x48,0xf8,0x00,0x57,0x9b,0xc1,0xbe,0x66,0xc2,0xbb,0xea,0x7c,
-0x75,0x29,0x2c,0x22,0xaa,0x7c,0xaf,0xbd,0x0d,0x3f,0xb0,0x64,0x97,0xf0,0x88,0x25,
-0xcb,0x8d,0xc7,0x19,0x0a,0x75,0x44,0xa4,0x5a,0xc3,0xb5,0xb9,0x85,0xea,0x27,0xa7
-};
-
-static CONST unsigned char default_q[64] = {
-0xca,0x66,0xfa,0x18,0x6a,0x46,0x36,0x1c,0x46,0xfe,0x47,0xe9,0x7e,0x52,0x83,0x8a,
-0xbb,0x72,0x13,0xcc,0x83,0x56,0x3d,0x64,0x22,0xdd,0xfa,0x7c,0x61,0x99,0xea,0xa4,
-0xb3,0x0e,0x8f,0x79,0x10,0xab,0xba,0x4a,0x73,0xd1,0x48,0x40,0x34,0x34,0xd3,0xd2,
-0x54,0x92,0xbe,0xf5,0xc8,0xc4,0x60,0x5f,0xd3,0xf7,0xce,0xbe,0x60,0x3e,0xb1,0x11
-};
-
-static CONST unsigned char default_dModP[64] = {
-0x8e,0x80,0xbf,0x87,0x11,0x04,0xcf,0x36,0x6c,0x96,0x8d,0xb9,0xfb,0xe6,0xfe,0x0c,
-0xce,0x74,0x5a,0x56,0x67,0x8c,0x5f,0x66,0x54,0x56,0x04,0x03,0x24,0x9f,0xec,0x4c,
-0xaa,0xe1,0x71,0x11,0x7e,0xe9,0x3a,0x2b,0x87,0x07,0x5c,0xe6,0x5a,0xa8,0x71,0xa2,
-0xad,0xf3,0x17,0x4e,0x7e,0xa6,0xef,0x5a,0xce,0xcc,0x84,0xd7,0x21,0x91,0x29,0xf1
-};
-
-static CONST unsigned char default_dModQ[64] = {
-0x87,0x60,0x1d,0x02,0xdb,0x82,0x1e,0x8b,0x07,0x48,0xe8,0x5c,0x59,0xeb,0x62,0xa4,
-0x15,0xff,0x95,0x12,0x82,0xfd,0xd9,0x8d,0xf2,0x6c,0x3a,0x2f,0x9b,0x30,0x51,0x6a,
-0xdb,0x80,0x6f,0xa1,0xef,0xee,0x8c,0x69,0x63,0xd1,0xa4,0xdb,0x9c,0x8f,0x80,0xe5,
-0xfb,0x3f,0x33,0x8e,0x3d,0x3c,0x6b,0xa1,0x6c,0xab,0x20,0x92,0xe0,0xd8,0xcd,0xa1
-};
-
-static CONST unsigned char default_qInvModP[64] = {
-0xce,0xcf,0x5a,0xad,0xc4,0x8c,0x44,0x91,0x3a,0xbc,0x7b,0xf8,0x80,0xf8,0x53,0xf5,
-0x12,0x84,0x8c,0x9c,0x6b,0x33,0x93,0x0d,0xa1,0x11,0xea,0xfa,0x4a,0xc1,0xeb,0x48,
-0xdc,0x44,0x86,0x93,0x1b,0x98,0xc7,0x82,0x22,0x68,0x30,0x44,0xd7,0x62,0x1b,0x90,
-0x54,0x07,0x4b,0x66,0xa7,0xc5,0x75,0x5a,0x72,0x77,0x92,0xdd,0x6c,0xf3,0x37,0xab
-};
-
-
-static struct NSSLOWKEYPrivateKeyStr rsaPriv;
-
-NSSLOWKEYPrivateKey *
-getDefaultRSAPrivateKey(void)
-{
-    if (rsaPriv.keyType != NSSLOWKEYRSAKey) {
-
-	/* leaving arena uninitialized. It isn't used in this test. */
-
-	rsaPriv.keyType                     = NSSLOWKEYRSAKey;
-
-	/* leaving arena   uninitialized. It isn't used. */
-	/* leaving version uninitialized. It isn't used. */
-
-	rsaPriv.u.rsa.modulus.data          =        default_n;
-	rsaPriv.u.rsa.modulus.len           = sizeof default_n;
-	rsaPriv.u.rsa.publicExponent.data   =        default_e;
-	rsaPriv.u.rsa.publicExponent.len    = sizeof default_e;
-	rsaPriv.u.rsa.privateExponent.data  =        default_d;
-	rsaPriv.u.rsa.privateExponent.len   = sizeof default_d;
-	rsaPriv.u.rsa.prime1.data           =        default_p;
-	rsaPriv.u.rsa.prime1.len            = sizeof default_p;
-	rsaPriv.u.rsa.prime2.data           =        default_q;
-	rsaPriv.u.rsa.prime2.len            = sizeof default_q;
-	rsaPriv.u.rsa.exponent1.data        =        default_dModP;
-	rsaPriv.u.rsa.exponent1.len         = sizeof default_dModP;
-	rsaPriv.u.rsa.exponent2.data        =        default_dModQ;
-	rsaPriv.u.rsa.exponent2.len         = sizeof default_dModQ;
-	rsaPriv.u.rsa.coefficient.data      =        default_qInvModP;
-	rsaPriv.u.rsa.coefficient.len       = sizeof default_qInvModP;
-    }
-    return &rsaPriv;
-}
-
-static struct NSSLOWKEYPublicKeyStr rsaPub;
-
-NSSLOWKEYPublicKey *
-getDefaultRSAPublicKey(void)
-{
-    if (rsaPub.keyType != NSSLOWKEYRSAKey) {
-
-	rsaPub.keyType			   = NSSLOWKEYRSAKey;
-
-	rsaPub.u.rsa.modulus.data          =        default_n;
-	rsaPub.u.rsa.modulus.len           = sizeof default_n;
-
-	rsaPub.u.rsa.publicExponent.data   =        default_e;
-	rsaPub.u.rsa.publicExponent.len    = sizeof default_e;
-    }
-    return &rsaPub;
-}
-
-/*  modPop = 536, privPop = 531, ex1Pop = 261, ex2Pop = 257
- *  After 46 tries, found this key:
- *  Version: 0 (0x0)
- *  Modulus:
- *      c2:ae:96:89:af:ce:d0:7b:3b:35:fd:0f:b1:f4:7a:d1:3c:7d:b5:
- *      86:f2:68:36:c9:97:e6:82:94:86:aa:05:39:ec:11:51:cc:5c:a1:
- *      59:ba:29:18:f3:28:f1:9d:e3:ae:96:5d:6d:87:73:f6:f6:1f:d0:
- *      2d:fb:2f:7a:13:7f:c8:0c:7a:e9:85:fb:ce:74:86:f8:ef:2f:85:
- *      37:73:0f:62:4e:93:17:b7:7e:84:9a:94:11:05:ca:0d:31:4b:2a:
- *      c8:df:fe:e9:0c:13:c7:f2:ad:19:64:28:3c:b5:6a:c8:4b:79:ea:
- *      7c:ce:75:92:45:3e:a3:9d:64:6f:04:69:19:17
- *  Public Exponent: 65537 (0x10001)
- *  Private Exponent:
- *      13:cb:bc:f2:f3:35:8c:6d:7b:6f:d9:f3:a6:9c:bd:80:59:2e:4f:
- *      2f:11:a7:17:2b:18:8f:0f:e8:1a:69:5f:6e:ac:5a:76:7e:d9:4c:
- *      6e:db:47:22:8a:57:37:7a:5e:94:7a:25:b5:e5:78:1d:3c:99:af:
- *      89:7d:69:2e:78:9d:1d:84:c8:c1:d7:1a:b2:6d:2d:8a:d9:ab:6b:
- *      ce:ae:b0:a0:58:55:ad:5c:40:8a:d6:96:08:8a:e8:63:e6:3d:6c:
- *      20:49:c7:af:0f:25:73:d3:69:43:3b:f2:32:f8:3d:5e:ee:7a:ca:
- *      d6:94:55:e5:bd:25:34:8d:63:40:b5:8a:c3:01
- *  Prime 1:
- *      f6:3c:3f:56:58:4f:b3:82:0c:f0:5b:42:36:1c:93:de:9b:32:01:
- *      b1:48:f8:00:57:9b:c1:be:66:c2:bb:ea:7c:75:29:2c:22:aa:7c:
- *      af:bd:0d:3f:b0:64:97:f0:88:25:cb:8d:c7:19:0a:75:44:a4:5a:
- *      c3:b5:b9:85:ea:27:a7
- *  Prime 2:
- *      ca:66:fa:18:6a:46:36:1c:46:fe:47:e9:7e:52:83:8a:bb:72:13:
- *      cc:83:56:3d:64:22:dd:fa:7c:61:99:ea:a4:b3:0e:8f:79:10:ab:
- *      ba:4a:73:d1:48:40:34:34:d3:d2:54:92:be:f5:c8:c4:60:5f:d3:
- *      f7:ce:be:60:3e:b1:11
- *  Exponent 1:
- *      8e:80:bf:87:11:04:cf:36:6c:96:8d:b9:fb:e6:fe:0c:ce:74:5a:
- *      56:67:8c:5f:66:54:56:04:03:24:9f:ec:4c:aa:e1:71:11:7e:e9:
- *      3a:2b:87:07:5c:e6:5a:a8:71:a2:ad:f3:17:4e:7e:a6:ef:5a:ce:
- *      cc:84:d7:21:91:29:f1
- *  Exponent 2:
- *      87:60:1d:02:db:82:1e:8b:07:48:e8:5c:59:eb:62:a4:15:ff:95:
- *      12:82:fd:d9:8d:f2:6c:3a:2f:9b:30:51:6a:db:80:6f:a1:ef:ee:
- *      8c:69:63:d1:a4:db:9c:8f:80:e5:fb:3f:33:8e:3d:3c:6b:a1:6c:
- *      ab:20:92:e0:d8:cd:a1
- *  Coefficient:
- *      ce:cf:5a:ad:c4:8c:44:91:3a:bc:7b:f8:80:f8:53:f5:12:84:8c:
- *      9c:6b:33:93:0d:a1:11:ea:fa:4a:c1:eb:48:dc:44:86:93:1b:98:
- *      c7:82:22:68:30:44:d7:62:1b:90:54:07:4b:66:a7:c5:75:5a:72:
- *      77:92:dd:6c:f3:37:ab
- */
-
diff --git a/security/nss/cmd/rsaperf/manifest.mn b/security/nss/cmd/rsaperf/manifest.mn
deleted file mode 100644
index b208672b7..000000000
--- a/security/nss/cmd/rsaperf/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1998-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH	= ../../..
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = dbm seccmd 
-
-# DIRS = 
-
-CSRCS	= rsaperf.c defkey.c 
-
-PROGRAM	= rsaperf
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/rsaperf/rsaperf.c b/security/nss/cmd/rsaperf/rsaperf.c
deleted file mode 100644
index 36a9ea383..000000000
--- a/security/nss/cmd/rsaperf/rsaperf.c
+++ /dev/null
@@ -1,398 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1998-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#include "cert.h"
-#include "secutil.h"
-#include "nspr.h"
-#include "nss.h"
-#include "blapi.h"
-#include "plgetopt.h"
-#include "lowkeyi.h"
-
-
-#define MAX_RSA_MODULUS_BYTES (1024/8)
-#define DEFAULT_ITERS 10
-
-extern NSSLOWKEYPrivateKey * getDefaultRSAPrivateKey(void);
-extern NSSLOWKEYPublicKey  * getDefaultRSAPublicKey(void);
-
-typedef struct TimingContextStr TimingContext;
-
-struct TimingContextStr {
-    int64 start;
-    int64 end;
-    int64 interval;
-
-    long  days;     
-    int   hours;    
-    int   minutes;  
-    int   seconds;  
-    int   millisecs;
-};
-
-TimingContext *CreateTimingContext(void) {
-    return PR_Malloc(sizeof(TimingContext));
-}
-
-void DestroyTimingContext(TimingContext *ctx) {
-    PR_Free(ctx);
-}
-
-void TimingBegin(TimingContext *ctx) {
-    ctx->start = PR_Now();
-}
-
-static void timingUpdate(TimingContext *ctx) {
-    int64 tmp, remaining;
-    int64 L1000,L60,L24;
-
-    LL_I2L(L1000,1000);
-    LL_I2L(L60,60);
-    LL_I2L(L24,24);
-
-    LL_DIV(remaining, ctx->interval, L1000);
-    LL_MOD(tmp, remaining, L1000);
-    LL_L2I(ctx->millisecs, tmp);
-    LL_DIV(remaining, remaining, L1000);
-    LL_MOD(tmp, remaining, L60);
-    LL_L2I(ctx->seconds, tmp);
-    LL_DIV(remaining, remaining, L60);
-    LL_MOD(tmp, remaining, L60);
-    LL_L2I(ctx->minutes, tmp);
-    LL_DIV(remaining, remaining, L60);
-    LL_MOD(tmp, remaining, L24);
-    LL_L2I(ctx->hours, tmp);
-    LL_DIV(remaining, remaining, L24);
-    LL_L2I(ctx->days, remaining);
-}
-
-void TimingEnd(TimingContext *ctx) {
-    ctx->end = PR_Now();
-    LL_SUB(ctx->interval, ctx->end, ctx->start);
-    PORT_Assert(LL_GE_ZERO(ctx->interval));
-    timingUpdate(ctx);
-}
-
-void TimingDivide(TimingContext *ctx, int divisor) {
-    int64 tmp;
-
-    LL_I2L(tmp, divisor);
-    LL_DIV(ctx->interval, ctx->interval, tmp);
-
-    timingUpdate(ctx);
-}
-
-char *TimingGenerateString(TimingContext *ctx) {
-    char *buf = NULL;
-
-    if (ctx->days != 0) {
-	buf = PR_sprintf_append(buf, "%d days", ctx->days);
-    }
-    if (ctx->hours != 0) {
-	if (buf != NULL) buf = PR_sprintf_append(buf, ", ");
-	buf = PR_sprintf_append(buf, "%d hours", ctx->hours);
-    }
-    if (ctx->minutes != 0) {
-	if (buf != NULL) buf = PR_sprintf_append(buf, ", ");
-	buf = PR_sprintf_append(buf, "%d minutes", ctx->minutes);
-    }
-    if (buf != NULL) buf = PR_sprintf_append(buf, ", and ");
-    if (!buf && ctx->seconds == 0) {
-	int interval;
-	LL_L2I(interval, ctx->interval);
-    	if (ctx->millisecs < 100) 
-	    buf = PR_sprintf_append(buf, "%d microseconds", interval);
-	else
-	    buf = PR_sprintf_append(buf, "%d milliseconds", ctx->millisecs);
-    } else if (ctx->millisecs == 0) {
-	buf = PR_sprintf_append(buf, "%d seconds", ctx->seconds);
-    } else {
-	buf = PR_sprintf_append(buf, "%d.%03d seconds",
-				ctx->seconds, ctx->millisecs);
-    }
-    return buf;
-}
-
-void
-Usage(char *progName)
-{
-    fprintf(stderr, "Usage: %s [-d certdir] [-i iterations] [-s | -e]"
-	            " -n nickname\n",
-	    progName);
-    fprintf(stderr, "%-20s Cert database directory (default is ~/.netscape)\n",
-	    "-d certdir");
-    fprintf(stderr, "%-20s How many operations to perform\n", "-i iterations");
-    fprintf(stderr, "%-20s Perform signing (private key) operations\n", "-s");
-    fprintf(stderr, "%-20s Perform encryption (public key) operations\n", "-e");
-    fprintf(stderr, "%-20s Nickname of certificate or key\n", "-n nickname");
-    exit(-1);
-}
-
-void
-printCount(int iterations)
-{
-
-}
-
-
-static void
-dumpBytes( unsigned char * b, int l)
-{
-    int i;
-    if (l <= 0)
-        return;
-    for (i = 0; i < l; ++i) {
-        if (i % 16 == 0)
-            printf("\t");
-        printf(" %02x", b[i]);
-        if (i % 16 == 15)
-            printf("\n");
-    }
-    if ((i % 16) != 0)
-        printf("\n");
-}
-
-static void
-dumpItem( SECItem * item, const char * description)
-{
-    if (item->len & 1 && item->data[0] == 0) {
-	printf("%s: (%d bytes)\n", description, item->len - 1);
-	dumpBytes(item->data + 1, item->len - 1);
-    } else {
-	printf("%s: (%d bytes)\n", description, item->len);
-	dumpBytes(item->data, item->len);
-    }
-}
-
-void
-printPrivKey(NSSLOWKEYPrivateKey * privKey)
-{
-    RSAPrivateKey *rsa = &privKey->u.rsa;
-
-    dumpItem( &rsa->modulus, 		"n");
-    dumpItem( &rsa->publicExponent, 	"e");
-    dumpItem( &rsa->privateExponent, 	"d");
-    dumpItem( &rsa->prime1, 		"P");
-    dumpItem( &rsa->prime2, 		"Q");
-    dumpItem( &rsa->exponent1, 	        "d % (P-1)");
-    dumpItem( &rsa->exponent2, 	        "d % (Q-1)");
-    dumpItem( &rsa->coefficient, 	"(Q ** -1) % P");
-    puts("");
-}
-
-void
-printFnCounts(long doPrint)
-{
-
-}
-
-typedef SECStatus (* RSAOp)(void *               key, 
-			    unsigned char *      output,
-		            unsigned char *      input);
-
-
-int
-main(int argc, char **argv)
-{
-    TimingContext *	  timeCtx;
-    SECKEYPublicKey *	  pubHighKey;
-    NSSLOWKEYPrivateKey * privKey;
-    NSSLOWKEYPublicKey *  pubKey;
-    CERTCertificate *	  cert;
-    char *		  progName;
-    char *		  secDir 	= NULL;
-    char *		  nickname 	= NULL;
-    RSAOp                 fn;
-    void *                rsaKey;
-    PLOptState *          optstate;
-    PLOptStatus           optstatus;
-    long 		  iters 	= DEFAULT_ITERS;
-    int		 	  i;
-    PRBool 		  doPriv 	= PR_FALSE;
-    PRBool 		  doPub 	= PR_FALSE;
-    int 		  rv;
-    CERTCertDBHandle 	* certdb;
-    unsigned char 	  buf[1024];
-    unsigned char 	  buf2[1024];
-
-    progName = strrchr(argv[0], '/');
-    if (!progName)
-	progName = strrchr(argv[0], '\\');
-    progName = progName ? progName+1 : argv[0];
-
-    optstate = PL_CreateOptState(argc, argv, "d:i:sen:");
-    while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	case '?':
-	    Usage(progName);
-	    break;
-	case 'd':
-	    secDir = PORT_Strdup(optstate->value);
-	    break;
-	case 'i':
-	    iters = atol(optstate->value);
-	    break;
-	case 's':
-	    doPriv = PR_TRUE;
-	    break;
-	case 'e':
-	    doPub = PR_TRUE;
-	    break;
-	case 'n':
-	    nickname = PORT_Strdup(optstate->value);
-	    break;
-	}
-    }
-    if (optstatus == PL_OPT_BAD)
-	Usage(progName);
-
-    if ((doPriv && doPub) || (nickname == NULL)) Usage(progName);
-
-    if (!doPriv && !doPub) doPriv = PR_TRUE;
-
-    PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-    secDir = SECU_ConfigDirectory(secDir);
-    if (strcmp(nickname, "none")) {
-	rv = NSS_Init(secDir);
-	if (rv != SECSuccess) {
-	    fprintf(stderr, "NSS_Init failed.\n");
-	    exit(1);
-	}
-	certdb = CERT_GetDefaultCertDB();
-    } else {
-	rv = NSS_NoDB_Init(secDir);
-	if (rv != SECSuccess) {
-	    fprintf(stderr, "NSS_NoDB_Init failed.\n");
-	    exit(1);
-	}
-    }
-#if defined(SECU_GetPassword)
-    if (doPub) {
-	if (!strcmp(nickname, "none")) {
-	    pubKey = getDefaultRSAPublicKey();
-	} else {
-	    cert = CERT_FindCertByNickname(certdb, nickname);
-	    if (cert == NULL) {
-		fprintf(stderr,
-			"Can't find certificate by name \"%s\"\n", nickname);
-		exit(1);
-	    }
-	    pubHighKey = CERT_ExtractPublicKey(cert);
-	    pubKey = SECU_ConvHighToLow(pubHighKey);
-	}
-	if (pubKey == NULL) {
-	    fprintf(stderr, "Can't extract public key from certificate");
-	    exit(1);
-	}
-	fn = (RSAOp)RSA_PublicKeyOp;
-	rsaKey = (void *)(&pubKey->u.rsa);
-    }
-
-    if (doPriv) {
-
-	if (!strcmp(nickname, "none")) {
-	    privKey = getDefaultRSAPrivateKey();
-	} else {
-	    cert = CERT_FindCertByNickname(certdb, nickname);
-	    if (cert == NULL) {
-		fprintf(stderr,
-			"Can't find certificate by name \"%s\"\n", nickname);
-		exit(1);
-	    }
-
-	    privKey = SECKEY_FindKeyByCert(keydb, cert, SECU_GetPassword, NULL);
-	}
-	if (privKey == NULL) {
-	    fprintf(stderr,
-		    "Can't find private key by name \"%s\"\n", nickname);
-	    exit(1);
-	}
-
-	fn = (RSAOp)RSA_PrivateKeyOp;
-	rsaKey = (void *)(&privKey->u.rsa);
-    }
-#else
-    if (doPub) {
-	pubKey = getDefaultRSAPublicKey();
-	fn = (RSAOp)RSA_PublicKeyOp;
-	rsaKey = (void *)(&pubKey->u.rsa);
-    }
-    if (doPriv) {
-	privKey = getDefaultRSAPrivateKey();
-	fn = (RSAOp)RSA_PrivateKeyOp;
-	rsaKey = (void *)(&privKey->u.rsa);
-    }
-#endif
-
-    memset(buf, 1, sizeof buf);
-    rv = fn(rsaKey, buf2, buf);
-    if (rv != SECSuccess) {
-	PRErrorCode errNum;
-	const char * errStr = NULL;
-
-	errNum = PR_GetError();
-	if (errNum)
-	    errStr = SECU_Strerror(errNum);
-	else
-	    errNum = rv;
-	if (!errStr)
-	    errStr = "(null)";
-	fprintf(stderr, "Error in RSA operation: %d : %s\n", errNum, errStr);
-	exit(1);
-    }
-
-/*  printf("START\n");	*/
-
-    timeCtx = CreateTimingContext();
-    TimingBegin(timeCtx);
-    i = iters;
-    while (i--) {
-	rv = fn(rsaKey, buf2, buf);
-	if (rv != SECSuccess) {
-	    PRErrorCode errNum = PR_GetError();
-	    const char * errStr = SECU_Strerror(errNum);
-	    fprintf(stderr, "Error in RSA operation: %d : %s\n", 
-		    errNum, errStr);
-	    exit(1);
-	}
-    }
-    TimingEnd(timeCtx);
-    printf("%ld iterations in %s\n",
-	   iters, TimingGenerateString(timeCtx));
-    TimingDivide(timeCtx, iters);
-    printf("one operation every %s\n", TimingGenerateString(timeCtx));
-
-    return 0;
-}
diff --git a/security/nss/cmd/samples/cert b/security/nss/cmd/samples/cert
deleted file mode 100644
index 3f8ec48df..000000000
--- a/security/nss/cmd/samples/cert
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB7TCCAVYCAgMaMA0GCSqGSIb3DQEBBAUAMEcxCzAJBgNVBAYTAlVTMRAwDgYD
-VQQLEwdUZXN0IENBMSYwJAYDVQQKEx1OZXRzY2FwZSBDb21tdW5pY2F0aW9ucyBD
-b3JwLjAeFw05NTEyMDgwMjQwMjdaFw05NjAzMDcwMjQwMjdaMDgxFjAUBgNVBAMT
-DURhdmlkIGthcmx0b24xETAPBgNVBAoTCE5ldHNjYXBlMQswCQYDVQQGEwJVUzCB
-nTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAltV2TH+QxqlgfUFk+UyiYAjByxrC
-dCSIa/FwRaPceLvE7ycD9L6AC4JA6k58E6ICsr/Y8TsXT4UmZhhLNc50VgSo8cGQ
-lajqIDvntq8M1uCXiVOnXmIAqoB6E8GiqW+9evOkgkumMksSwXiXAhMM7vJt3IU6
-b+FwdF5cRs0u1FUCAQMwDQYJKoZIhvcNAQEEBQADgYEAkFdr3ypcvI2+Xgwfp7+d
-YtN7w4UnQ7LR9FKmlnBauTVLmUtichn/O3WMT9cYTtZm5QQVRaE3qrGh0Nr6Ko1E
-nIHowd36TN45zkFraWoATfCV/f+P37WaADp20l2ryEY0Jpe4gnoeZ0+/ffoxyajC
-LZEJL6Dv2Ed83cebLjYxKsI=
-
------END CERTIFICATE-----
-
diff --git a/security/nss/cmd/samples/cert0 b/security/nss/cmd/samples/cert0
deleted file mode 100644
index 05cdc8553..000000000
--- a/security/nss/cmd/samples/cert0
+++ /dev/null
diff --git a/security/nss/cmd/samples/cert1 b/security/nss/cmd/samples/cert1
deleted file mode 100644
index 38a7d299a..000000000
--- a/security/nss/cmd/samples/cert1
+++ /dev/null
diff --git a/security/nss/cmd/samples/cert2 b/security/nss/cmd/samples/cert2
deleted file mode 100644
index 147c3eb9e..000000000
--- a/security/nss/cmd/samples/cert2
+++ /dev/null
diff --git a/security/nss/cmd/samples/pkcs7.ber b/security/nss/cmd/samples/pkcs7.ber
deleted file mode 100644
index 6e3814c37..000000000
--- a/security/nss/cmd/samples/pkcs7.ber
+++ /dev/null
diff --git a/security/nss/cmd/samples/pkcs7bday.ber b/security/nss/cmd/samples/pkcs7bday.ber
deleted file mode 100644
index 0ee6cfc13..000000000
--- a/security/nss/cmd/samples/pkcs7bday.ber
+++ /dev/null
diff --git a/security/nss/cmd/samples/pkcs7cnet.ber b/security/nss/cmd/samples/pkcs7cnet.ber
deleted file mode 100644
index df2bb2dd1..000000000
--- a/security/nss/cmd/samples/pkcs7cnet.ber
+++ /dev/null
diff --git a/security/nss/cmd/samples/pkcs7news.ber b/security/nss/cmd/samples/pkcs7news.ber
deleted file mode 100644
index c46a1786d..000000000
--- a/security/nss/cmd/samples/pkcs7news.ber
+++ /dev/null
diff --git a/security/nss/cmd/samples/x509v3.der b/security/nss/cmd/samples/x509v3.der
deleted file mode 100644
index 1ada57c56..000000000
--- a/security/nss/cmd/samples/x509v3.der
+++ /dev/null
diff --git a/security/nss/cmd/samples/x509v3.txt b/security/nss/cmd/samples/x509v3.txt
deleted file mode 100644
index dde307697..000000000
--- a/security/nss/cmd/samples/x509v3.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-MIIByzCCAXWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBLMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNVmVyaVNpZ24gSW5jLjEUMBIGA1UECxMLRW5naW5lZXJpbmcxDjAM
-BgNVBAMTBUphc29uMB4XDTk1MDgwODA3MDAwMFoXDTk2MDgwNzA3MDAwMFowSzEL
-MAkGA1UEBhMCVVMxFjAUBgNVBAoTDVZlcmlTaWduIEluYy4xFDASBgNVBAsTC0Vu
-Z2luZWVyaW5nMQ4wDAYDVQQDEwVKYXNvbjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCvpXRU9t3NPFXvxJz2vuxX4zI55AA+xY1PsAEadhwWEMF2EnpG8woF4EGTwLdx
-xrw3Eirzu5RAAhqegCN1aPVBAgMBAAGjRDBCMBQGA2FiYwEB/wQKZXh0ZW5zaW9u
-MTAUBgNkZWYBAf8ECmV4dGVuc2lvbjIwFAYDZ2hpAQH/BApleHRlbnNpb24zMA0G
-CSqGSIb3DQEBBAUAA0EAawLNWFSYMtywAqkSYJb1gejljqi9QAtLZIM2ui+RCTP2
-jEjW5bp4oU1RX2iBSfU+MdEZx9DpMNjqBLrgOy1Djw==
diff --git a/security/nss/cmd/sdrtest/Makefile b/security/nss/cmd/sdrtest/Makefile
deleted file mode 100644
index 490f738e5..000000000
--- a/security/nss/cmd/sdrtest/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/sdrtest/manifest.mn b/security/nss/cmd/sdrtest/manifest.mn
deleted file mode 100644
index 61daf390b..000000000
--- a/security/nss/cmd/sdrtest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
-	sdrtest.c \
-	$(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses     OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but 
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = sdrtest
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/sdrtest/sdrtest.c b/security/nss/cmd/sdrtest/sdrtest.c
deleted file mode 100644
index 9578b3472..000000000
--- a/security/nss/cmd/sdrtest/sdrtest.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for SDR (Secret Decoder Ring) functions.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "string.h"
-#include "nss.h"
-#include "secutil.h"
-#include "cert.h"
-#include "pk11func.h"
-
-#include "plgetopt.h"
-#include "pk11sdr.h"
-#include "secrng.h"
-
-#define DEFAULT_VALUE "Test"
-
-static void
-synopsis (char *program_name)
-{
-    PRFileDesc *pr_stderr;
-
-    pr_stderr = PR_STDERR;
-    PR_fprintf (pr_stderr, "Usage:");
-    PR_fprintf (pr_stderr,
-		"\t%s [-i <input-file>] [-o <output-file>] [-r <text>] [-d <dir>]\n",
-		program_name);
-}
-
-
-static void
-short_usage (char *program_name)
-{
-    PR_fprintf (PR_STDERR,
-		"Type %s -H for more detailed descriptions\n",
-		program_name);
-    synopsis (program_name);
-}
-
-
-static void
-long_usage (char *program_name)
-{
-    PRFileDesc *pr_stderr;
-
-    pr_stderr = PR_STDERR;
-    synopsis (program_name);
-    PR_fprintf (pr_stderr, "\nSecret Decoder Test:\n");
-    PR_fprintf (pr_stderr,
-		"  %-13s Read encrypted data from \"file\"\n",
-		"-i file");
-    PR_fprintf (pr_stderr,
-		"  %-13s Write newly generated encrypted data to \"file\"\n",
-		"-o file");
-    PR_fprintf (pr_stderr,
-		"  %-13s Use \"text\" as the plaintext for encryption and verification\n",
-		"-t text");
-    PR_fprintf (pr_stderr,
-		"  %-13s Find security databases in \"dbdir\"\n",
-		"-d dbdir");
-}
-
-int
-main (int argc, char **argv)
-{
-    int		 retval = 0;  /* 0 - test succeeded.  -1 - test failed */
-    SECStatus	 rv;
-    const char	*certDir = ".";
-    PLOptState	*optstate;
-    char	*program_name;
-    const char  *input_file = NULL; 	/* read encrypted data from here (or create) */
-    const char  *output_file = NULL;	/* write new encrypted data here */
-    const char  *value = DEFAULT_VALUE;	/* Use this for plaintext */
-    SECItem     data;
-    SECItem     result;
-    SECItem     text;
-    PRBool      verbose = PR_FALSE;
-
-    result.data = 0;
-    text.data = 0; text.len = 0;
-
-    program_name = PL_strrchr(argv[0], '/');
-    program_name = program_name ? (program_name + 1) : argv[0];
-
-    optstate = PL_CreateOptState (argc, argv, "Hd:i:o:t:v");
-    if (optstate == NULL) {
-	SECU_PrintError (program_name, "PL_CreateOptState failed");
-	return -1;
-    }
-
-    while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	    short_usage (program_name);
-	    return retval;
-
-	  case 'H':
-	    long_usage (program_name);
-	    return retval;
-
-	  case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-          case 'i':
-            input_file = optstate->value;
-            break;
-
-          case 'o':
-            output_file = optstate->value;
-            break;
-
-          case 't':
-            value = optstate->value;
-            break;
-
-          case 'v':
-            verbose = PR_TRUE;
-            break;
-	}
-    }
-
-    /*
-     * Initialize the Security libraries.
-     */
-    PK11_SetPasswordFunc(SECU_GetModulePassword);
-
-    if (output_file) {
-	rv = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
-    } else {
-	rv = NSS_Init(SECU_ConfigDirectory(NULL));
-    }
-    if (rv != SECSuccess) {
-	retval = -1;
-	goto prdone;
-    }
-
-    /* Convert value into an item */
-    data.data = (unsigned char *)value;
-    data.len = strlen(value);
-
-    /* Get the encrypted result, either from the input file
-     * or from encrypting the plaintext value
-     */
-    if (input_file)
-    {
-      PRFileDesc *file /* = PR_OpenFile(input_file, 0) */;
-      PRFileInfo info;
-      PRStatus s;
-      PRInt32 count;
-
-      if (verbose) printf("Reading data from %s\n", input_file);
-
-      file = PR_Open(input_file, PR_RDONLY, 0);
-      if (!file) {
-        if (verbose) printf("Open of file failed\n");
-        retval = -1;
-        goto loser;
-      }
-
-      s = PR_GetOpenFileInfo(file, &info);
-      if (s != PR_SUCCESS) {
-        if (verbose) printf("File info operation failed\n");
-        retval = -1;
-        goto file_loser;
-      }
-
-      result.len = info.size;
-      result.data = (unsigned char *)malloc(result.len);
-      if (!result.data) {
-        if (verbose) printf("Allocation of buffer failed\n");
-        retval = -1;
-        goto file_loser;
-      }
-
-      count = PR_Read(file, result.data, result.len);
-      if (count != result.len) {
-        if (verbose) printf("Read failed\n");
-        retval = -1;
-        goto file_loser;
-      }
-
-file_loser:
-      PR_Close(file);
-      if (retval != 0) goto loser;
-    }
-    else
-    {
-      SECItem keyid = { 0, 0, 0 };
-      PK11SlotInfo *slot = NULL;
-
-      /* sigh, initialize the key database */
-      slot = PK11_GetInternalKeySlot();
-      if (slot && PK11_NeedUserInit(slot)) {
-        rv = SECU_ChangePW(slot, "", 0);
-        if (rv != SECSuccess) {
-            SECU_PrintError(program_name, "Failed to initialize slot \"%s\"",
-                                    PK11_GetSlotName(slot));
-            return SECFailure;
-        }
-      }
-      if (slot) {
-	PK11_FreeSlot(slot);
-	slot == NULL;
-      }
-
-      rv = PK11SDR_Encrypt(&keyid, &data, &result, 0);
-      if (rv != SECSuccess) {
-        if (verbose) printf("Encrypt operation failed\n");
-        retval = -1;
-        goto loser;
-      }
-
-      if (verbose) printf("Encrypted result is %d bytes long\n", result.len);
-
-      /* -v printf("Result is %.*s\n", text.len, text.data); */
-      if (output_file)
-      {
-         PRFileDesc *file;
-         PRInt32 count;
-
-         if (verbose) printf("Writing result to %s\n", output_file);
-
-         /* Write to file */
-         file = PR_Open(output_file, PR_CREATE_FILE|PR_WRONLY, 0666);
-         if (!file) {
-            if (verbose) printf("Open of output file failed\n");
-            retval = -1;
-            goto loser;
-         }
-
-         count = PR_Write(file, result.data, result.len);
-
-         PR_Close(file);
-
-         if (count != result.len) {
-           if (verbose) printf("Write failed\n");
-           retval = -1;
-           goto loser;
-         }
-      }
-    }
-
-    /* Decrypt the value */
-    rv = PK11SDR_Decrypt(&result, &text, 0);
-    if (rv != SECSuccess) {
-      if (verbose) printf("Decrypt operation failed\n");
-      retval = -1; 
-      goto loser;
-    }
-
-    if (verbose) printf("Decrypted result is %.*s\n", text.len, text.data);
-
-    /* Compare to required value */
-    if (text.len != data.len || memcmp(data.data, text.data, text.len) != 0)
-    {
-      if (verbose) printf("Comparison failed\n");
-      retval = -1;
-      goto loser;
-    }
-
-loser:
-    if (text.data) free(text.data);
-    if (result.data) free(result.data);
-    NSS_Shutdown();
-
-prdone:
-    PR_Cleanup ();
-    return retval;
-}
diff --git a/security/nss/cmd/selfserv/Makefile b/security/nss/cmd/selfserv/Makefile
deleted file mode 100644
index f2a407990..000000000
--- a/security/nss/cmd/selfserv/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/selfserv/makefile.win b/security/nss/cmd/selfserv/makefile.win
deleted file mode 100644
index 8fda0b906..000000000
--- a/security/nss/cmd/selfserv/makefile.win
+++ /dev/null
@@ -1,136 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = selfserv
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-IGNORE_ME2 = \
- $(WINFE)/feutil.obj \
- $(WINFE)/fenet.obj \
- $(WINFE)/fegui.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- $(SEC_LIBS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/selfserv/manifest.mn b/security/nss/cmd/selfserv/manifest.mn
deleted file mode 100644
index f8050ed9e..000000000
--- a/security/nss/cmd/selfserv/manifest.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = selfserv.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-PROGRAM = selfserv
-
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
deleted file mode 100644
index 622be2969..000000000
--- a/security/nss/cmd/selfserv/selfserv.c
+++ /dev/null
@@ -1,1703 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* -r flag is interepreted as follows:
- *	1 -r  means request, not require, on initial handshake.
- *	2 -r's mean request  and require, on initial handshake.
- *	3 -r's mean request, not require, on second handshake.
- *	4 -r's mean request  and require, on second handshake.
- */
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(_WINDOWS)
-#include <process.h>	/* for getpid() */
-#endif
-
-#ifdef XP_OS2_VACPP
-#include <Process.h>	/* for getpid() */
-#endif
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prerror.h"
-#include "prnetdb.h"
-#include "prclist.h"
-#include "plgetopt.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "nss.h"
-#include "ssl.h"
-#include "sslproto.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#ifndef PORT_Strstr
-#define PORT_Strstr strstr
-#endif
-
-#ifndef PORT_Malloc
-#define PORT_Malloc PR_Malloc
-#endif
-
-#define NUM_SID_CACHE_ENTRIES 1024
-
-static int handle_connection( PRFileDesc *, PRFileDesc *, int );
-
-static const char envVarName[] = { SSL_ENV_VAR_NAME };
-static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" };
-
-static PRBool logStats = PR_FALSE;
-static int logPeriod = 30;
-static PRUint32 loggerOps = 0;
-
-const int ssl2CipherSuites[] = {
-    SSL_EN_RC4_128_WITH_MD5,			/* A */
-    SSL_EN_RC4_128_EXPORT40_WITH_MD5,		/* B */
-    SSL_EN_RC2_128_CBC_WITH_MD5,		/* C */
-    SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,	/* D */
-    SSL_EN_DES_64_CBC_WITH_MD5,			/* E */
-    SSL_EN_DES_192_EDE3_CBC_WITH_MD5,		/* F */
-    0
-};
-
-const int ssl3CipherSuites[] = {
-    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,	/* a */
-    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,		/* b */
-    SSL_RSA_WITH_RC4_128_MD5,			/* c */
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA,		/* d */
-    SSL_RSA_WITH_DES_CBC_SHA,			/* e */
-    SSL_RSA_EXPORT_WITH_RC4_40_MD5,		/* f */
-    SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,		/* g */
-    SSL_FORTEZZA_DMS_WITH_NULL_SHA,		/* h */
-    SSL_RSA_WITH_NULL_MD5,			/* i */
-    SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,		/* j */
-    SSL_RSA_FIPS_WITH_DES_CBC_SHA,		/* k */
-    TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,	/* l */
-    TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,	        /* m */
-    SSL_RSA_WITH_RC4_128_SHA,			/* n */
-    TLS_DHE_DSS_WITH_RC4_128_SHA,		/* o */
-    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,		/* p */
-    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,		/* q */
-    SSL_DHE_RSA_WITH_DES_CBC_SHA,		/* r */
-    SSL_DHE_DSS_WITH_DES_CBC_SHA,		/* s */
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	    	/* t */
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,       	/* u */
-    TLS_RSA_WITH_AES_128_CBC_SHA,     	    	/* v */
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	    	/* w */
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,       	/* x */
-    TLS_RSA_WITH_AES_256_CBC_SHA,     	    	/* y */
-    0
-};
-
-/* data and structures for shutdown */
-static int	stopping;
-
-static PRBool  noDelay;
-static int     requestCert;
-static int	verbose;
-static SECItem	bigBuf;
-
-static PRThread * acceptorThread;
-
-static PRLogModuleInfo *lm;
-
-/* Add custom password handler because SECU_GetModulePassword 
- * makes automation of this program next to impossible.
- */
-
-char *
-ownPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
-	char * passwd = NULL;
-
-	if ( (!retry) && arg ) {
-		passwd = PL_strdup((char *)arg);
-	}
-
-	return passwd;
-}
-
-#define PRINTF  if (verbose)  printf
-#define FPRINTF if (verbose) fprintf
-#define FLUSH	if (verbose) { fflush(stdout); fflush(stderr); }
-#define VLOG(arg) PR_LOG(lm,PR_LOG_DEBUG,arg)
-
-static void
-Usage(const char *progName)
-{
-    fprintf(stderr, 
-
-"Usage: %s -n rsa_nickname -p port [-3DRTmrvx] [-w password] [-t threads]\n"
-"         [-i pid_file] [-c ciphers] [-d dbdir] [-f fortezza_nickname] \n"
-"         [-M maxProcs] [-l]\n"
-"-3 means disable SSL v3\n"
-"-D means disable Nagle delays in TCP\n"
-"-T means disable TLS\n"
-"-R means disable detection of rollback from TLS to SSL3\n"
-"-m means test the model-socket feature of SSL_ImportFD.\n"
-"-r flag is interepreted as follows:\n"
-"    1 -r  means request, not require, cert on initial handshake.\n"
-"    2 -r's mean request  and require, cert on initial handshake.\n"
-"    3 -r's mean request, not require, cert on second handshake.\n"
-"    4 -r's mean request  and require, cert on second handshake.\n"
-"-v means verbose output\n"
-"-x means use export policy.\n"
-"-M maxProcs tells how many processes to run in a multi-process server\n"
-"-t threads -- specify the number of threads to use for connections.\n"
-"-i pid_file file to write the process id of selfserve\n"
-"-c ciphers   Letter(s) chosen from the following list\n"
-"-l means use local threads instead of global threads\n"
-"A    SSL2 RC4 128 WITH MD5\n"
-"B    SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C    SSL2 RC2 128 CBC WITH MD5\n"
-"D    SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E    SSL2 DES 64 CBC WITH MD5\n"
-"F    SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a    SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b    SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c    SSL3 RSA WITH RC4 128 MD5\n"
-"d    SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e    SSL3 RSA WITH DES CBC SHA\n"
-"f    SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g    SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h    SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i    SSL3 RSA WITH NULL MD5\n"
-"j    SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k    SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l    SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m    SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
-"n    SSL3 RSA WITH RC4 128 SHA\n"
-"v    TLS_RSA_WITH_AES_128_CBC_SHA\n"
-"y    TLS_RSA_WITH_AES_256_CBC_SHA\n"
-	,progName);
-}
-
-static const char *
-errWarn(char * funcString)
-{
-    PRErrorCode  perr      = PR_GetError();
-    const char * errString = SECU_Strerror(perr);
-
-    fprintf(stderr, "selfserv: %s returned error %d:\n%s\n",
-            funcString, perr, errString);
-    return errString;
-}
-
-static void
-errExit(char * funcString)
-{
-    errWarn(funcString);
-    exit(3);
-}
-
-
-/**************************************************************************
-** 
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
-    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
-    int             i            = SSL_NumImplementedCiphers;
-    SECStatus       rv;
-
-    /* disable all the SSL3 cipher suites */
-    while (--i >= 0) {
-	PRUint16 suite = cipherSuites[i];
-        rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
-	if (rv != SECSuccess) {
-	    printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
-	    	   suite, i);
-	    errWarn("SSL_CipherPrefSetDefault");
-	    exit(2);
-	}
-    }
-}
-
-static SECStatus
-mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
-		     PRBool isServer)
-{
-    SECStatus rv;
-    CERTCertificate *    peerCert;
-
-    peerCert = SSL_PeerCertificate(fd);
-
-    PRINTF("selfserv: Subject: %s\nselfserv: Issuer : %s\n",
-           peerCert->subjectName, peerCert->issuerName);
-
-    rv = SSL_AuthCertificate(arg, fd, checkSig, isServer);
-
-    if (rv == SECSuccess) {
-	PRINTF("selfserv: -- SSL3: Certificate Validated.\n");
-    } else {
-    	int err = PR_GetError();
-	FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n", 
-                err, SECU_Strerror(err));
-    }
-    CERT_DestroyCertificate(peerCert);
-    FLUSH;
-    return rv;  
-}
-
-void 
-printSecurityInfo(PRFileDesc *fd)
-{
-    CERTCertificate * cert      = NULL;
-    SSL3Statistics *  ssl3stats = SSL_GetStatistics();
-    SECStatus         result;
-    SSLChannelInfo    channel;
-    SSLCipherSuiteInfo suite;
-
-    PRINTF(
-    	"selfserv: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
-    	ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
-	ssl3stats->hch_sid_cache_not_ok);
-
-    result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
-    if (result == SECSuccess && 
-        channel.length == sizeof channel && 
-	channel.cipherSuite) {
-	result = SSL_GetCipherSuiteInfo(channel.cipherSuite, 
-					&suite, sizeof suite);
-	if (result == SECSuccess) {
-	    FPRINTF(stderr, 
-	    "selfserv: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
-	       channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
-	       suite.effectiveKeyBits, suite.symCipherName, 
-	       suite.macBits, suite.macAlgorithmName);
-	    FPRINTF(stderr, 
-	    "selfserv: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
-	       channel.authKeyBits, suite.authAlgorithmName,
-	       channel.keaKeyBits,  suite.keaTypeName);
-    	}
-    }
-    if (requestCert)
-	cert = SSL_PeerCertificate(fd);
-    else
-	cert = SSL_LocalCertificate(fd);
-    if (cert) {
-	char * ip = CERT_NameToAscii(&cert->issuer);
-	char * sp = CERT_NameToAscii(&cert->subject);
-        if (sp) {
-	    FPRINTF(stderr, "selfserv: subject DN: %s\n", sp);
-	    PR_Free(sp);
-	}
-        if (ip) {
-	    FPRINTF(stderr, "selfserv: issuer  DN: %s\n", ip);
-	    PR_Free(ip);
-	}
-	CERT_DestroyCertificate(cert);
-	cert = NULL;
-    }
-    FLUSH;
-}
-
-static int MakeCertOK;
-
-static SECStatus
-myBadCertHandler( void *arg, PRFileDesc *fd)
-{
-    int err = PR_GetError();
-    if (!MakeCertOK)
-	fprintf(stderr, 
-	    "selfserv: -- SSL: Client Certificate Invalid, err %d.\n%s\n", 
-            err, SECU_Strerror(err));
-    return (MakeCertOK ? SECSuccess : SECFailure);
-}
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-#define MIN_THREADS 3
-#define DEFAULT_THREADS 8
-#define MAX_THREADS 128
-#define MAX_PROCS 25
-static int  maxThreads = DEFAULT_THREADS;
-
-
-typedef struct jobStr {
-    PRCList     link;
-    PRFileDesc *tcp_sock;
-    PRFileDesc *model_sock;
-    int         requestCert;
-} JOB;
-
-static PZLock    * qLock; /* this lock protects all data immediately below */
-static PZCondVar * jobQNotEmptyCv;
-static PZCondVar * freeListNotEmptyCv;
-static PZCondVar * threadCountChangeCv;
-static int  threadCount;
-static PRCList  jobQ;
-static PRCList  freeJobs;
-static JOB *jobTable;
-
-SECStatus
-setupJobs(int maxJobs)
-{
-    int i;
-
-    jobTable = (JOB *)PR_Calloc(maxJobs, sizeof(JOB));
-    if (!jobTable)
-    	return SECFailure;
-
-    PR_INIT_CLIST(&jobQ);
-    PR_INIT_CLIST(&freeJobs);
-
-    for (i = 0; i < maxJobs; ++i) {
-	JOB * pJob = jobTable + i;
-	PR_APPEND_LINK(&pJob->link, &freeJobs);
-    }
-    return SECSuccess;
-}
-
-typedef int startFn(PRFileDesc *a, PRFileDesc *b, int c);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
-    PRFileDesc *a;
-    PRFileDesc *b;
-    int         c;
-    int         rv;
-    startFn  *  startFunc;
-    PRThread *  prThread;
-    runState	state;
-} perThread;
-
-static perThread *threads;
-
-void
-thread_wrapper(void * arg)
-{
-    perThread * slot = (perThread *)arg;
-
-    slot->rv = (* slot->startFunc)(slot->a, slot->b, slot->c);
-
-    /* notify the thread exit handler. */
-    PZ_Lock(qLock);
-    slot->state = rs_zombie;
-    --threadCount;
-    PZ_NotifyAllCondVar(threadCountChangeCv);
-    PZ_Unlock(qLock);
-}
-
-int 
-jobLoop(PRFileDesc *a, PRFileDesc *b, int c)
-{
-    PRCList * myLink = 0;
-    JOB     * myJob;
-
-    PZ_Lock(qLock);
-    do {
-	myLink = 0;
-	while (PR_CLIST_IS_EMPTY(&jobQ) && !stopping) {
-            PZ_WaitCondVar(jobQNotEmptyCv, PR_INTERVAL_NO_TIMEOUT);
-	}
-	if (!PR_CLIST_IS_EMPTY(&jobQ)) {
-	    myLink = PR_LIST_HEAD(&jobQ);
-	    PR_REMOVE_AND_INIT_LINK(myLink);
-	}
-	PZ_Unlock(qLock);
-	myJob = (JOB *)myLink;
-	/* myJob will be null when stopping is true and jobQ is empty */
-	if (!myJob) 
-	    break;
-	handle_connection( myJob->tcp_sock, myJob->model_sock, 
-			   myJob->requestCert);
-	PZ_Lock(qLock);
-	PR_APPEND_LINK(myLink, &freeJobs);
-	PZ_NotifyCondVar(freeListNotEmptyCv);
-    } while (PR_TRUE);
-    return 0;
-}
-
-
-SECStatus
-launch_threads(
-    startFn    *startFunc,
-    PRFileDesc *a,
-    PRFileDesc *b,
-    int         c,
-    PRBool      local)
-{
-    int i;
-    SECStatus rv = SECSuccess;
-
-    /* create the thread management serialization structs */
-    qLock               = PZ_NewLock(nssILockSelfServ);
-    jobQNotEmptyCv      = PZ_NewCondVar(qLock);
-    freeListNotEmptyCv  = PZ_NewCondVar(qLock);
-    threadCountChangeCv = PZ_NewCondVar(qLock);
-
-    /* allocate the array of thread slots */
-    threads = PR_Calloc(maxThreads, sizeof(perThread));
-    if ( NULL == threads )  {
-        fprintf(stderr, "Oh Drat! Can't allocate the perThread array\n");
-        return SECFailure;
-    }
-    /* 5 is a little extra, intended to keep the jobQ from underflowing. 
-    ** That is, from going empty while not stopping and clients are still
-    ** trying to contact us.
-    */
-    rv = setupJobs(maxThreads + 5);
-    if (rv != SECSuccess)
-    	return rv;
-
-    PZ_Lock(qLock);
-    for (i = 0; i < maxThreads; ++i) {
-    	perThread * slot = threads + i;
-
-	slot->state = rs_running;
-	slot->a = a;
-	slot->b = b;
-	slot->c = c;
-	slot->startFunc = startFunc;
-	slot->prThread = PR_CreateThread(PR_USER_THREAD, 
-			thread_wrapper, slot, PR_PRIORITY_NORMAL, 
-                        (PR_TRUE==local)?PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
-                        PR_UNJOINABLE_THREAD, 0);
-	if (slot->prThread == NULL) {
-	    printf("selfserv: Failed to launch thread!\n");
-	    slot->state = rs_idle;
-	    rv = SECFailure;
-	    break;
-	} 
-
-	++threadCount;
-    }
-    PZ_Unlock(qLock); 
-
-    return rv;
-}
-
-#define DESTROY_CONDVAR(name) if (name) { \
-        PZ_DestroyCondVar(name); name = NULL; }
-#define DESTROY_LOCK(name) if (name) { \
-        PZ_DestroyLock(name); name = NULL; }
-	
-
-void
-terminateWorkerThreads(void)
-{
-    VLOG(("selfserv: server_thead: waiting on stopping"));
-    PZ_Lock(qLock);
-    PZ_NotifyAllCondVar(jobQNotEmptyCv);
-    while (threadCount > 0) {
-	PZ_WaitCondVar(threadCountChangeCv, PR_INTERVAL_NO_TIMEOUT);
-    }
-    PZ_Unlock(qLock); 
-
-    DESTROY_CONDVAR(jobQNotEmptyCv);
-    DESTROY_CONDVAR(freeListNotEmptyCv);
-    DESTROY_CONDVAR(threadCountChangeCv);
-
-    DESTROY_LOCK(qLock);
-    PR_Free(jobTable);
-    PR_Free(threads);
-}
-
-static void 
-logger(void *arg)
-{
-    PRFloat64 seconds;
-    PRFloat64 opsPerSec;
-    PRIntervalTime period;
-    PRIntervalTime previousTime;
-    PRIntervalTime latestTime;
-    PRUint32 previousOps;
-    PRUint32 ops;
-    PRIntervalTime logPeriodTicks = PR_SecondsToInterval(logPeriod);
-    PRFloat64 secondsPerTick = 1.0 / (PRFloat64)PR_TicksPerSecond();
-
-    previousOps = loggerOps;
-    previousTime = PR_IntervalNow();
- 
-    for (;;) {
-    	PR_Sleep(logPeriodTicks);
-        latestTime = PR_IntervalNow();
-        ops = loggerOps;
-        period = latestTime - previousTime;
-        seconds = (PRFloat64) period*secondsPerTick;
-        opsPerSec = (ops - previousOps) / seconds;
-        printf("%.2f ops/second, %d threads\n", opsPerSec, threadCount);
-        fflush(stdout);
-        previousOps = ops;
-        previousTime = latestTime;
-    }
-}
-
-
-/**************************************************************************
-** End   thread management routines.
-**************************************************************************/
-
-PRBool useModelSocket  = PR_FALSE;
-PRBool disableSSL3     = PR_FALSE;
-PRBool disableTLS      = PR_FALSE;
-PRBool disableRollBack  = PR_FALSE;
-
-static const char stopCmd[] = { "GET /stop " };
-static const char getCmd[]  = { "GET " };
-static const char EOFmsg[]  = { "EOF\r\n\r\n\r\n" };
-static const char outHeader[] = {
-    "HTTP/1.0 200 OK\r\n"
-    "Server: Generic Web Server\r\n"
-    "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
-    "Content-type: text/plain\r\n"
-    "\r\n"
-};
-
-#ifdef FULL_DUPLEX_CAPABLE
-
-struct lockedVarsStr {
-    PZLock *	lock;
-    int		count;
-    int		waiters;
-    PZCondVar *	condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void 
-lockedVars_Init( lockedVars * lv)
-{
-    lv->count   = 0;
-    lv->waiters = 0;
-    lv->lock    = PZ_NewLock(nssILockSelfServ);
-    lv->condVar = PZ_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
-    PZ_DestroyCondVar(lv->condVar);
-    lv->condVar = NULL;
-
-    PZ_DestroyLock(lv->lock);
-    lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
-    PZ_Lock(lv->lock);
-    while (lv->count > 0) {
-    	PZ_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
-    }
-    PZ_Unlock(lv->lock);
-}
-
-int	/* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
-    int rv;
-
-    PZ_Lock(lv->lock);
-    rv = lv->count += addend;
-    if (rv <= 0) {
-	PZ_NotifyCondVar(lv->condVar);
-    }
-    PZ_Unlock(lv->lock);
-    return rv;
-}
-
-int
-do_writes(
-    PRFileDesc *	ssl_sock,
-    PRFileDesc *	model_sock,
-    int         	requestCert
-    )
-{
-    int			sent  = 0;
-    int 		count = 0;
-    lockedVars *	lv = (lockedVars *)model_sock;
-
-    VLOG(("selfserv: do_writes: starting"));
-    while (sent < bigBuf.len) {
-
-	count = PR_Write(ssl_sock, bigBuf.data + sent, bigBuf.len - sent);
-	if (count < 0) {
-	    errWarn("PR_Write bigBuf");
-	    break;
-	}
-	FPRINTF(stderr, "selfserv: PR_Write wrote %d bytes from bigBuf\n", count );
-	sent += count;
-    }
-    if (count >= 0) {	/* last write didn't fail. */
-    	PR_Shutdown(ssl_sock, PR_SHUTDOWN_SEND);
-    }
-
-    /* notify the reader that we're done. */
-    lockedVars_AddToCount(lv, -1);
-    FLUSH;
-    VLOG(("selfserv: do_writes: exiting"));
-    return (sent < bigBuf.len) ? SECFailure : SECSuccess;
-}
-
-static int 
-handle_fdx_connection(
-    PRFileDesc *       tcp_sock,
-    PRFileDesc *       model_sock,
-    int                requestCert
-    )
-{
-    PRFileDesc *       ssl_sock	= NULL;
-    SECStatus          result;
-    int                firstTime = 1;
-    lockedVars         lv;
-    PRSocketOptionData opt;
-    char               buf[10240];
-
-
-    VLOG(("selfserv: handle_fdx_connection: starting"));
-    opt.option             = PR_SockOpt_Nonblocking;
-    opt.value.non_blocking = PR_FALSE;
-    PR_SetSocketOption(tcp_sock, &opt);
-
-    if (useModelSocket && model_sock) {
-	SECStatus rv;
-	ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
-	if (!ssl_sock) {
-	    errWarn("SSL_ImportFD with model");
-	    goto cleanup;
-	}
-	rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 1);
-	if (rv != SECSuccess) {
-	    errWarn("SSL_ResetHandshake");
-	    goto cleanup;
-	}
-    } else {
-	ssl_sock = tcp_sock;
-    }
-
-    lockedVars_Init(&lv);
-    lockedVars_AddToCount(&lv, 1);
-
-    /* Attempt to launch the writer thread. */
-    result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv, 
-                           requestCert);
-
-    if (result == SECSuccess) 
-      do {
-	/* do reads here. */
-	int count;
-	count = PR_Read(ssl_sock, buf, sizeof buf);
-	if (count < 0) {
-	    errWarn("FDX PR_Read");
-	    break;
-	}
-	FPRINTF(stderr, "selfserv: FDX PR_Read read %d bytes.\n", count );
-	if (firstTime) {
-	    firstTime = 0;
-	    printSecurityInfo(ssl_sock);
-	}
-    } while (lockedVars_AddToCount(&lv, 0) > 0);
-
-    /* Wait for writer to finish */
-    lockedVars_WaitForDone(&lv);
-    lockedVars_Destroy(&lv);
-    FLUSH;
-
-cleanup:
-    if (ssl_sock)
-	PR_Close(ssl_sock);
-    else
-	PR_Close(tcp_sock);
-
-    VLOG(("selfserv: handle_fdx_connection: exiting"));
-    return SECSuccess;
-}
-
-#endif
-
-int
-handle_connection( 
-    PRFileDesc *tcp_sock,
-    PRFileDesc *model_sock,
-    int         requestCert
-    )
-{
-    PRFileDesc *       ssl_sock = NULL;
-    PRFileDesc *       local_file_fd = NULL;
-    char  *            post;
-    char  *            pBuf;			/* unused space at end of buf */
-    const char *       errString;
-    PRStatus           status;
-    int                bufRem;			/* unused bytes at end of buf */
-    int                bufDat;			/* characters received in buf */
-    int                newln    = 0;		/* # of consecutive newlns */
-    int                firstTime = 1;
-    int                reqLen;
-    int                rv;
-    int                numIOVs;
-    PRSocketOptionData opt;
-    PRIOVec            iovs[16];
-    char               msgBuf[160];
-    char               buf[10240];
-    char               fileName[513];
-
-    pBuf   = buf;
-    bufRem = sizeof buf;
-    memset(buf, 0, sizeof buf);
-
-    VLOG(("selfserv: handle_connection: starting"));
-    opt.option             = PR_SockOpt_Nonblocking;
-    opt.value.non_blocking = PR_FALSE;
-    PR_SetSocketOption(tcp_sock, &opt);
-
-    VLOG(("selfserv: handle_connection: starting\n"));
-    if (useModelSocket && model_sock) {
-	SECStatus rv;
-	ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
-	if (!ssl_sock) {
-	    errWarn("SSL_ImportFD with model");
-	    goto cleanup;
-	}
-	rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 1);
-	if (rv != SECSuccess) {
-	    errWarn("SSL_ResetHandshake");
-	    goto cleanup;
-	}
-    } else {
-	ssl_sock = tcp_sock;
-    }
-
-    if (noDelay) {
-	opt.option         = PR_SockOpt_NoDelay;
-	opt.value.no_delay = PR_TRUE;
-	status = PR_SetSocketOption(ssl_sock, &opt);
-	if (status != PR_SUCCESS) {
-	    errWarn("PR_SetSocketOption(PR_SockOpt_NoDelay, PR_TRUE)");
-	    PR_Close(ssl_sock);
-	    return SECFailure;
-	}
-    }
-
-    while (1) {
-	newln = 0;
-	reqLen     = 0;
-	rv = PR_Read(ssl_sock, pBuf, bufRem);
-	if (rv == 0 || 
-	    (rv < 0 && PR_END_OF_FILE_ERROR == PR_GetError())) {
-	    if (verbose)
-		errWarn("HDX PR_Read hit EOF");
-	    break;
-	}
-	if (rv < 0) {
-	    errWarn("HDX PR_Read");
-	    goto cleanup;
-	}
-	if (firstTime) {
-	    firstTime = 0;
-	    printSecurityInfo(ssl_sock);
-	}
-
-	pBuf   += rv;
-	bufRem -= rv;
-	bufDat = pBuf - buf;
-	/* Parse the input, starting at the beginning of the buffer.
-	 * Stop when we detect two consecutive \n's (or \r\n's) 
-	 * as this signifies the end of the GET or POST portion.
-	 * The posted data follows.
-	 */
-	while (reqLen < bufDat && newln < 2) {
-	    int octet = buf[reqLen++];
-	    if (octet == '\n') {
-		newln++;
-	    } else if (octet != '\r') {
-		newln = 0;
-	    }
-	}
-
-	/* came to the end of the buffer, or second newln
-	 * If we didn't get an empty line (CRLFCRLF) then keep on reading.
-	 */
-	if (newln < 2) 
-	    continue;
-
-	/* we're at the end of the HTTP request.
-	 * If the request is a POST, then there will be one more
-	 * line of data.
-	 * This parsing is a hack, but ok for SSL test purposes.
-	 */
-	post = PORT_Strstr(buf, "POST ");
-	if (!post || *post != 'P') 
-	    break;
-
-	/* It's a post, so look for the next and final CR/LF. */
-	/* We should parse content length here, but ... */
-	while (reqLen < bufDat && newln < 3) {
-	    int octet = buf[reqLen++];
-	    if (octet == '\n') {
-		newln++;
-	    }
-	}
-	if (newln == 3)
-	    break;
-    } /* read loop */
-
-    bufDat = pBuf - buf;
-    if (bufDat) do {	/* just close if no data */
-	/* Have either (a) a complete get, (b) a complete post, (c) EOF */
-	if (reqLen > 0 && !strncmp(buf, getCmd, sizeof getCmd - 1)) {
-	    char *      fnBegin = buf + 4;
-	    char *      fnEnd;
-	    PRFileInfo  info;
-	    /* try to open the file named.  
-	     * If succesful, then write it to the client.
-	     */
-	    fnEnd = strpbrk(fnBegin, " \r\n");
-	    if (fnEnd) {
-		int fnLen = fnEnd - fnBegin;
-		if (fnLen < sizeof fileName) {
-		    strncpy(fileName, fnBegin, fnLen);
-		    fileName[fnLen] = 0;	/* null terminate */
-		    status = PR_GetFileInfo(fileName, &info);
-		    if (status == PR_SUCCESS &&
-			info.type == PR_FILE_FILE &&
-			info.size >= 0 ) {
-			local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
-		    }
-		}
-	    }
-	}
-	/* if user has requested client auth in a subsequent handshake,
-	 * do it here.
-	 */
-	if (requestCert > 2) { /* request cert was 3 or 4 */
-	    CERTCertificate *  cert =  SSL_PeerCertificate(ssl_sock);
-	    if (cert) {
-		CERT_DestroyCertificate(cert);
-	    } else {
-		rv = SSL_OptionSet(ssl_sock, SSL_REQUEST_CERTIFICATE, 1);
-		if (rv < 0) {
-		    errWarn("second SSL_OptionSet SSL_REQUEST_CERTIFICATE");
-		    break;
-		}
-		rv = SSL_OptionSet(ssl_sock, SSL_REQUIRE_CERTIFICATE, 
-				(requestCert == 4));
-		if (rv < 0) {
-		    errWarn("second SSL_OptionSet SSL_REQUIRE_CERTIFICATE");
-		    break;
-		}
-		rv = SSL_ReHandshake(ssl_sock, PR_TRUE);
-		if (rv != 0) {
-		    errWarn("SSL_ReHandshake");
-		    break;
-		}
-		rv = SSL_ForceHandshake(ssl_sock);
-		if (rv < 0) {
-		    errWarn("SSL_ForceHandshake");
-		    break;
-		}
-	    }
-	}
-
-	numIOVs = 0;
-
-	iovs[numIOVs].iov_base = (char *)outHeader;
-	iovs[numIOVs].iov_len  = (sizeof(outHeader)) - 1;
-	numIOVs++;
-
-	if (local_file_fd) {
-	    PRInt32     bytes;
-	    int         errLen;
-	    bytes = PR_TransmitFile(ssl_sock, local_file_fd, outHeader,
-				    sizeof outHeader - 1, 
-				    PR_TRANSMITFILE_KEEP_OPEN,
-				    PR_INTERVAL_NO_TIMEOUT);
-	    if (bytes >= 0) {
-		bytes -= sizeof outHeader - 1;
-		FPRINTF(stderr, 
-			"selfserv: PR_TransmitFile wrote %d bytes from %s\n",
-			bytes, fileName);
-		break;
-	    }
-	    errString = errWarn("PR_TransmitFile");
-	    errLen = PORT_Strlen(errString);
-	    if (errLen > sizeof msgBuf - 1) 
-	    	errLen = sizeof msgBuf - 1;
-	    PORT_Memcpy(msgBuf, errString, errLen);
-	    msgBuf[errLen] = 0;
-
-	    iovs[numIOVs].iov_base = msgBuf;
-	    iovs[numIOVs].iov_len  = PORT_Strlen(msgBuf);
-	    numIOVs++;
-	} else if (reqLen <= 0) {	/* hit eof */
-	    PORT_Sprintf(msgBuf, "Get or Post incomplete after %d bytes.\r\n",
-			 bufDat);
-
-	    iovs[numIOVs].iov_base = msgBuf;
-	    iovs[numIOVs].iov_len  = PORT_Strlen(msgBuf);
-	    numIOVs++;
-	} else if (reqLen < bufDat) {
-	    PORT_Sprintf(msgBuf, "Discarded %d characters.\r\n", 
-	                 bufDat - reqLen);
-
-	    iovs[numIOVs].iov_base = msgBuf;
-	    iovs[numIOVs].iov_len  = PORT_Strlen(msgBuf);
-	    numIOVs++;
-	}
-
-	if (reqLen > 0) {
-	    if (verbose > 1) 
-	    	fwrite(buf, 1, reqLen, stdout);	/* display it */
-
-	    iovs[numIOVs].iov_base = buf;
-	    iovs[numIOVs].iov_len  = reqLen;
-	    numIOVs++;
-
-/*	    printSecurityInfo(ssl_sock); */
-	}
-
-	iovs[numIOVs].iov_base = (char *)EOFmsg;
-	iovs[numIOVs].iov_len  = sizeof EOFmsg - 1;
-	numIOVs++;
-
-	rv = PR_Writev(ssl_sock, iovs, numIOVs, PR_INTERVAL_NO_TIMEOUT);
-	if (rv < 0) {
-	    errWarn("PR_Writev");
-	    break;
-	}
-    } while (0);
-
-cleanup:
-    PR_Close(ssl_sock);
-    if (local_file_fd)
-	PR_Close(local_file_fd);
-    VLOG(("selfserv: handle_connection: exiting\n"));
-
-    /* do a nice shutdown if asked. */
-    if (!strncmp(buf, stopCmd, sizeof stopCmd - 1)) {
-	stopping = 1;
-        VLOG(("selfserv: handle_connection: stop command"));
-	PR_Interrupt(acceptorThread);
-        PZ_TraceFlush();
-    }
-    VLOG(("selfserv: handle_connection: exiting"));
-    return SECSuccess;	/* success */
-}
-
-SECStatus
-do_accepts(
-    PRFileDesc *listen_sock,
-    PRFileDesc *model_sock,
-    int         requestCert
-    )
-{
-    PRNetAddr   addr;
-    PRErrorCode  perr;
-
-    VLOG(("selfserv: do_accepts: starting"));
-    PR_SetThreadPriority( PR_GetCurrentThread(), PR_PRIORITY_HIGH);
-
-    acceptorThread = PR_GetCurrentThread();
-    while (!stopping) {
-	PRFileDesc *tcp_sock;
-	PRCList    *myLink;
-
-	FPRINTF(stderr, "\n\n\nselfserv: About to call accept.\n");
-	tcp_sock = PR_Accept(listen_sock, &addr, PR_INTERVAL_NO_TIMEOUT);
-	if (tcp_sock == NULL) {
-    	    perr      = PR_GetError();
-	    if ((perr != PR_CONNECT_RESET_ERROR &&
-	         perr != PR_PENDING_INTERRUPT_ERROR) || verbose) {
-		errWarn("PR_Accept");
-	    } 
-	    if (perr == PR_CONNECT_RESET_ERROR) {
-		FPRINTF(stderr, 
-		        "Ignoring PR_CONNECT_RESET_ERROR error - continue\n");
-		continue;
-	    }
-	    stopping = 1;
-	    break;
-	}
-
-        VLOG(("selfserv: do_accept: Got connection\n"));
-
-        if (logStats) {
-            loggerOps++;
-        }
-
-	PZ_Lock(qLock);
-	while (PR_CLIST_IS_EMPTY(&freeJobs) && !stopping) {
-            PZ_WaitCondVar(freeListNotEmptyCv, PR_INTERVAL_NO_TIMEOUT);
-	}
-	if (stopping) {
-	    PZ_Unlock(qLock);
-	    PR_Close(tcp_sock);
-	    break;
-	}
-	myLink = PR_LIST_HEAD(&freeJobs);
-	PR_REMOVE_AND_INIT_LINK(myLink);
-	/* could release qLock here and reaquire it 7 lines below, but 
-	** why bother for 4 assignment statements? 
-	*/
-	{
-	    JOB * myJob = (JOB *)myLink;
-	    myJob->tcp_sock    = tcp_sock;
-	    myJob->model_sock  = model_sock;
-	    myJob->requestCert = requestCert;
-	}
-
-	PR_APPEND_LINK(myLink, &jobQ);
-	PZ_NotifyCondVar(jobQNotEmptyCv);
-	PZ_Unlock(qLock);
-    }
-
-    FPRINTF(stderr, "selfserv: Closing listen socket.\n");
-    VLOG(("selfserv: do_accepts: exiting"));
-    PR_Close(listen_sock);
-    return SECSuccess;
-}
-
-PRFileDesc *
-getBoundListenSocket(unsigned short port)
-{
-    PRFileDesc *       listen_sock;
-    int                listenQueueDepth = 5 + (2 * maxThreads);
-    PRStatus	       prStatus;
-    PRNetAddr          addr;
-    PRSocketOptionData opt;
-
-    addr.inet.family = PR_AF_INET;
-    addr.inet.ip     = PR_INADDR_ANY;
-    addr.inet.port   = PR_htons(port);
-
-    listen_sock = PR_NewTCPSocket();
-    if (listen_sock == NULL) {
-	errExit("PR_NewTCPSocket");
-    }
-
-    opt.option = PR_SockOpt_Nonblocking;
-    opt.value.non_blocking = PR_FALSE;
-    prStatus = PR_SetSocketOption(listen_sock, &opt);
-    if (prStatus < 0) {
-	errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
-    }
-
-    opt.option=PR_SockOpt_Reuseaddr;
-    opt.value.reuse_addr = PR_TRUE;
-    prStatus = PR_SetSocketOption(listen_sock, &opt);
-    if (prStatus < 0) {
-	errExit("PR_SetSocketOption(PR_SockOpt_Reuseaddr)");
-    }
-
-    prStatus = PR_Bind(listen_sock, &addr);
-    if (prStatus < 0) {
-	errExit("PR_Bind");
-    }
-
-    prStatus = PR_Listen(listen_sock, listenQueueDepth);
-    if (prStatus < 0) {
-	errExit("PR_Listen");
-    }
-    return listen_sock;
-}
-
-void
-server_main(
-    PRFileDesc *        listen_sock,
-    int                 requestCert, 
-    SECKEYPrivateKey ** privKey,
-    CERTCertificate **  cert)
-{
-    PRFileDesc *model_sock	= NULL;
-    int         rv;
-    SSLKEAType  kea;
-    SECStatus	secStatus;
-
-    if (useModelSocket) {
-    	model_sock = PR_NewTCPSocket();
-	if (model_sock == NULL) {
-	    errExit("PR_NewTCPSocket on model socket");
-	}
-	model_sock = SSL_ImportFD(NULL, model_sock);
-	if (model_sock == NULL) {
-	    errExit("SSL_ImportFD");
-	}
-    } else {
-	model_sock = listen_sock = SSL_ImportFD(NULL, listen_sock);
-	if (listen_sock == NULL) {
-	    errExit("SSL_ImportFD");
-	}
-    }
-
-    /* do SSL configuration. */
-    /* all suites except RSA_NULL_MD5 are enabled by default */
-
-#if 0
-    /* This is supposed to be true by default.
-    ** Setting it explicitly should not be necessary.
-    ** Let's test and make sure that's true.
-    */
-    rv = SSL_OptionSet(model_sock, SSL_SECURITY, 1);
-    if (rv < 0) {
-	errExit("SSL_OptionSet SSL_SECURITY");
-    }
-#endif
-
-    rv = SSL_OptionSet(model_sock, SSL_ENABLE_SSL3, !disableSSL3);
-    if (rv != SECSuccess) {
-	errExit("error enabling SSLv3 ");
-    }
-
-    rv = SSL_OptionSet(model_sock, SSL_ENABLE_TLS, !disableTLS);
-    if (rv != SECSuccess) {
-	errExit("error enabling TLS ");
-    }
-
-    rv = SSL_OptionSet(model_sock, SSL_ROLLBACK_DETECTION, !disableRollBack);
-    if (rv != SECSuccess) {
-	errExit("error enabling RollBack detection ");
-    }
-
-    for (kea = kt_rsa; kea < kt_kea_size; kea++) {
-	if (cert[kea] != NULL) {
-	    secStatus = SSL_ConfigSecureServer(model_sock, 
-	    		cert[kea], privKey[kea], kea);
-	    if (secStatus != SECSuccess)
-		errExit("SSL_ConfigSecureServer");
-	}
-    }
-
-    if (bigBuf.data) { /* doing FDX */
-	rv = SSL_OptionSet(model_sock, SSL_ENABLE_FDX, 1);
-	if (rv < 0) {
-	    errExit("SSL_OptionSet SSL_ENABLE_FDX");
-	}
-    }
-
-    /* This cipher is not on by default. The Acceptance test
-     * would like it to be. Turn this cipher on.
-     */
-
-    secStatus = SSL_CipherPrefSetDefault( SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-    if ( secStatus != SECSuccess ) {
-	errExit("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
-    }
-
-
-    if (requestCert) {
-	SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate, 
-	                        (void *)CERT_GetDefaultCertDB());
-	if (requestCert <= 2) { 
-	    rv = SSL_OptionSet(model_sock, SSL_REQUEST_CERTIFICATE, 1);
-	    if (rv < 0) {
-		errExit("first SSL_OptionSet SSL_REQUEST_CERTIFICATE");
-	    }
-	    rv = SSL_OptionSet(model_sock, SSL_REQUIRE_CERTIFICATE, 
-	                    (requestCert == 2));
-	    if (rv < 0) {
-		errExit("first SSL_OptionSet SSL_REQUIRE_CERTIFICATE");
-	    }
-	}
-    }
-
-    if (MakeCertOK)
-	SSL_BadCertHook(model_sock, myBadCertHandler, NULL);
-
-    /* end of ssl configuration. */
-
-
-    /* Now, do the accepting, here in the main thread. */
-    rv = do_accepts(listen_sock, model_sock, requestCert);
-
-    terminateWorkerThreads();
-
-    if (useModelSocket && model_sock) {
-    	PR_Close(model_sock);
-    }
-
-}
-
-SECStatus
-readBigFile(const char * fileName)
-{
-    PRFileInfo  info;
-    PRStatus	status;
-    SECStatus	rv	= SECFailure;
-    int		count;
-    int		hdrLen;
-    PRFileDesc *local_file_fd = NULL;
-
-    status = PR_GetFileInfo(fileName, &info);
-
-    if (status == PR_SUCCESS &&
-	info.type == PR_FILE_FILE &&
-	info.size > 0 &&
-	NULL != (local_file_fd = PR_Open(fileName, PR_RDONLY, 0))) {
-
-	hdrLen      = PORT_Strlen(outHeader);
-	bigBuf.len  = hdrLen + info.size;
-	bigBuf.data = PORT_Malloc(bigBuf.len + 4095);
-	if (!bigBuf.data) {
-	    errWarn("PORT_Malloc");
-	    goto done;
-	}
-
-	PORT_Memcpy(bigBuf.data, outHeader, hdrLen);
-
-	count = PR_Read(local_file_fd, bigBuf.data + hdrLen, info.size);
-	if (count != info.size) {
-	    errWarn("PR_Read local file");
-	    goto done;
-	}
-	rv = SECSuccess;
-done:
-	PR_Close(local_file_fd);
-    }
-    return rv;
-}
-
-int          numChildren;
-PRProcess *  child[MAX_PROCS];
-
-PRProcess *
-haveAChild(int argc, char **argv, PRProcessAttr * attr)
-{
-    PRProcess *  newProcess;
-
-    newProcess = PR_CreateProcess(argv[0], argv, NULL, attr);
-    if (!newProcess) {
-	errWarn("Can't create new process.");
-    } else {
-	child[numChildren++] = newProcess;
-    }
-    return newProcess;
-}
-
-void
-beAGoodParent(int argc, char **argv, int maxProcs, PRFileDesc * listen_sock)
-{
-    PRProcess *     newProcess;
-    PRProcessAttr * attr;
-    int             i;
-    PRInt32         exitCode;
-    PRStatus        rv;
-
-    rv = PR_SetFDInheritable(listen_sock, PR_TRUE);
-    if (rv != PR_SUCCESS)
-	errExit("PR_SetFDInheritable");
-
-    attr = PR_NewProcessAttr();
-    if (!attr)
-	errExit("PR_NewProcessAttr");
-
-    rv = PR_ProcessAttrSetInheritableFD(attr, listen_sock, inheritableSockName);
-    if (rv != PR_SUCCESS)
-	errExit("PR_ProcessAttrSetInheritableFD");
-
-    for (i = 0; i < maxProcs; ++i) {
-	newProcess = haveAChild(argc, argv, attr);
-	if (!newProcess) 
-	    break;
-    }
-
-    rv = PR_SetFDInheritable(listen_sock, PR_FALSE);
-    if (rv != PR_SUCCESS)
-	errExit("PR_SetFDInheritable");
-
-    while (numChildren > 0) {
-	newProcess = child[numChildren - 1];
-	PR_WaitProcess(newProcess, &exitCode);
-	fprintf(stderr, "Child %d exited with exit code %x\n", 
-		numChildren, exitCode);
-	numChildren--;
-    }
-    exit(0);
-}
-
-#ifdef DEBUG_nelsonb
-void
-WaitForDebugger(void)
-{
-
-    int waiting       = 12;
-    int myPid         = _getpid();
-    PRIntervalTime    nrval = PR_SecondsToInterval(5);
-
-    while (waiting) {
-    	printf("child %d is waiting to be debugged!\n", myPid);
-	PR_Sleep(nrval); 
-	--waiting;
-    }
-}
-#endif
-
-#ifdef LINUX  /* bug 119340 */
-#include <signal.h>
-
-static void sigterm_handler(int signum)
-{
-    static char err_msg[] = "selfserv: received SIGTERM\n";
-    write(1, err_msg, sizeof(err_msg) - 1);
-    _exit(1);
-}
-#endif /* LINUX */
-
-int
-main(int argc, char **argv)
-{
-    char *               progName    = NULL;
-    char *               nickName    = NULL;
-    char *               fNickName   = NULL;
-    const char *         fileName    = NULL;
-    char *               cipherString= NULL;
-    const char *         dir         = ".";
-    char *               passwd      = NULL;
-    const char *         pidFile     = NULL;
-    char *               tmp;
-    char *               envString;
-    PRFileDesc *         listen_sock;
-    CERTCertificate *    cert   [kt_kea_size] = { NULL };
-    SECKEYPrivateKey *   privKey[kt_kea_size] = { NULL };
-    int                  optionsFound = 0;
-    int                  maxProcs     = 1;
-    unsigned short       port        = 0;
-    SECStatus            rv;
-    PRStatus             prStatus;
-    PRBool               useExportPolicy = PR_FALSE;
-    PRBool               useLocalThreads = PR_FALSE;
-    PLOptState		*optstate;
-    PLOptStatus          status;
-    PRThread             *loggerThread;
-    PRBool               debugCache = PR_FALSE; /* bug 90518 */
-#ifdef LINUX  /* bug 119340 */
-    struct sigaction     act;
-
-    act.sa_handler = sigterm_handler;
-    sigemptyset(&act.sa_mask);
-    act.sa_flags = 0;
-    if (sigaction(SIGTERM, &act, NULL) == -1) {
-        fprintf(stderr, "selfserv: sigaction failed: %d\n", errno);
-        exit(1);
-    }
-#endif /* LINUX */
-
-
-    tmp = strrchr(argv[0], '/');
-    tmp = tmp ? tmp + 1 : argv[0];
-    progName = strrchr(tmp, '\\');
-    progName = progName ? progName + 1 : tmp;
-
-    PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-    /* please keep this list of options in ASCII collating sequence.
-    ** numbers, then capital letters, then lower case, alphabetical. 
-    */
-    optstate = PL_CreateOptState(argc, argv, 
-    	"2:3DL:M:RTc:d:f:hi:lmn:op:rt:vw:xy");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	++optionsFound;
-	switch(optstate->option) {
-	case '2': fileName = optstate->value; break;
-
-	case '3': disableSSL3 = PR_TRUE; break;
-
-	case 'D': noDelay = PR_TRUE; break;
-
-        case 'L':
-            logStats = PR_TRUE;
-            logPeriod  = PORT_Atoi(optstate->value);
-            if (logPeriod < 0) logPeriod = 30;
-            break;
-
-	case 'M': 
-	    maxProcs = PORT_Atoi(optstate->value); 
-	    if (maxProcs < 1)         maxProcs = 1;
-	    if (maxProcs > MAX_PROCS) maxProcs = MAX_PROCS;
-	    break;
-
-	case 'R': disableRollBack = PR_TRUE; break;
-
-	case 'T': disableTLS = PR_TRUE; break;
-
-	case 'c': cipherString = strdup(optstate->value); break;
-
-	case 'd': dir = optstate->value; break;
-
-	case 'f': fNickName = strdup(optstate->value); break;
-
-	case 'h': Usage(progName); exit(0); break;
-
-	case 'i': pidFile = optstate->value; break;
-
-        case 'l': useLocalThreads = PR_TRUE; break;
-
-	case 'm': useModelSocket = PR_TRUE; break;
-
-	case 'n': nickName = strdup(optstate->value); break;
-
-	case 'o': MakeCertOK = 1; break;
-
-	case 'p': port = PORT_Atoi(optstate->value); break;
-
-	case 'r': ++requestCert; break;
-
-	case 't':
-	    maxThreads = PORT_Atoi(optstate->value);
-	    if ( maxThreads > MAX_THREADS ) maxThreads = MAX_THREADS;
-	    if ( maxThreads < MIN_THREADS ) maxThreads = MIN_THREADS;
-	    break;
-
-	case 'v': verbose++; break;
-
-	case 'w': passwd = strdup(optstate->value); break;
-
-	case 'x': useExportPolicy = PR_TRUE; break;
-
-	case 'y': debugCache = PR_TRUE; break;
-
-	default:
-	case '?':
-	    fprintf(stderr, "Unrecognized or bad option specified.\n");
-	    fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
-	    exit(4);
-	    break;
-	}
-    }
-    PL_DestroyOptState(optstate);
-    if (status == PL_OPT_BAD) {
-	fprintf(stderr, "Unrecognized or bad option specified.\n");
-	fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
-	exit(5);
-    }
-    if (!optionsFound) {
-	Usage(progName);
-	exit(51);
-    } 
-
-    if ((nickName == NULL) && (fNickName == NULL)) {
-	fprintf(stderr, "Required arg '-n' (rsa nickname) not supplied.\n");
-	fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
-        exit(6);
-    }
-
-    if (port == 0) {
-	fprintf(stderr, "Required argument 'port' must be non-zero value\n");
-	exit(7);
-    }
-
-    if (pidFile) {
-	FILE *tmpfile=fopen(pidFile,"w+");
-
-	if (tmpfile) {
-	    fprintf(tmpfile,"%d",getpid());
-	    fclose(tmpfile);
-	}
-    }
-
-    envString = getenv(envVarName);
-    tmp = getenv("TMP");
-    if (!tmp)
-	tmp = getenv("TMPDIR");
-    if (!tmp)
-	tmp = getenv("TEMP");
-    if (envString) {
-	/* we're one of the children in a multi-process server. */
-	listen_sock = PR_GetInheritedFD(inheritableSockName);
-	if (!listen_sock)
-	    errExit("PR_GetInheritedFD");
-#ifndef WINNT
-	/* we can't do this on NT because it breaks NSPR and
-	PR_Accept will fail on the socket in the child process if
-	the socket state is change to non inheritable
-	It is however a security issue to leave it accessible,
-	but it is OK for a test server such as selfserv.
-	NSPR should fix it eventually . see bugzilla 101617
-	and 102077
-	*/
-	prStatus = PR_SetFDInheritable(listen_sock, PR_FALSE);
-	if (prStatus != PR_SUCCESS)
-	    errExit("PR_SetFDInheritable");
-#endif
-#ifdef DEBUG_nelsonb
-	WaitForDebugger();
-#endif
-	rv = SSL_InheritMPServerSIDCache(envString);
-	if (rv != SECSuccess)
-	    errExit("SSL_InheritMPServerSIDCache");
-    } else if (maxProcs > 1) {
-	/* we're going to be the parent in a multi-process server.  */
-	listen_sock = getBoundListenSocket(port);
-	rv = SSL_ConfigMPServerSIDCache(NUM_SID_CACHE_ENTRIES, 0, 0, tmp);
-	if (rv != SECSuccess)
-	    errExit("SSL_ConfigMPServerSIDCache");
-	beAGoodParent(argc, argv, maxProcs, listen_sock);
-	exit(99); /* should never get here */
-    } else {
-	/* we're an ordinary single process server. */
-	listen_sock = getBoundListenSocket(port);
-	prStatus = PR_SetFDInheritable(listen_sock, PR_FALSE);
-	if (prStatus != PR_SUCCESS)
-	    errExit("PR_SetFDInheritable");
-	rv = SSL_ConfigServerSessionIDCache(NUM_SID_CACHE_ENTRIES, 0, 0, tmp);
-	if (rv != SECSuccess)
-	    errExit("SSL_ConfigServerSessionIDCache");
-    }
-
-    lm = PR_NewLogModule("TestCase");
-
-    if (fileName)
-    	readBigFile(fileName);
-
-    /* set our password function */
-    PK11_SetPasswordFunc( passwd ? ownPasswd : SECU_GetModulePassword);
-
-    /* Call the libsec initialization routines */
-    rv = NSS_Init(dir);
-    if (rv != SECSuccess) {
-    	fputs("NSS_Init failed.\n", stderr);
-		exit(8);
-    }
-
-    /* set the policy bits true for all the cipher suites. */
-    if (useExportPolicy)
-	NSS_SetExportPolicy();
-    else
-	NSS_SetDomesticPolicy();
-
-    /* all the SSL2 and SSL3 cipher suites are enabled by default. */
-    if (cipherString) {
-    	int ndx;
-
-	/* disable all the ciphers, then enable the ones we want. */
-	disableAllSSLCiphers();
-
-	while (0 != (ndx = *cipherString++)) {
-	    const int *cptr;
-	    int  cipher;
-
-	    if (! isalpha(ndx)) {
-		fprintf(stderr, 
-			"Non-alphabetic char in cipher string (-c arg).\n");
-		exit(9);
-	    }
-	    cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-	    for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) 
-		/* do nothing */;
-	    if (cipher) {
-		SECStatus status;
-		status = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED);
-		if (status != SECSuccess) 
-		    SECU_PrintError(progName, "SSL_CipherPrefSet()");
-	    }
-	}
-    }
-
-    if (nickName) {
-	cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd);
-	if (cert[kt_rsa] == NULL) {
-	    fprintf(stderr, "selfserv: Can't find certificate %s\n", nickName);
-	    exit(10);
-	}
-	privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd);
-	if (privKey[kt_rsa] == NULL) {
-	    fprintf(stderr, "selfserv: Can't find Private Key for cert %s\n", 
-	            nickName);
-	    exit(11);
-	}
-    }
-    if (fNickName) {
-	cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, NULL);
-	if (cert[kt_fortezza] == NULL) {
-	    fprintf(stderr, "selfserv: Can't find certificate %s\n", fNickName);
-	    exit(12);
-	}
-	privKey[kt_fortezza] = PK11_FindKeyByAnyCert(cert[kt_fortezza], NULL);
-    }
-
-    /* allocate the array of thread slots, and launch the worker threads. */
-    rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads);
-
-    if (rv == SECSuccess && logStats) {
-	loggerThread = PR_CreateThread(PR_SYSTEM_THREAD, 
-			logger, NULL, PR_PRIORITY_NORMAL, 
-                        useLocalThreads ? PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
-                        PR_UNJOINABLE_THREAD, 0);
-	if (loggerThread == NULL) {
-	    fprintf(stderr, "selfserv: Failed to launch logger thread!\n");
-	    rv = SECFailure;
-	} 
-    }
-
-    if (rv == SECSuccess) {
-	server_main(listen_sock, requestCert, privKey, cert);
-    }
-
-    VLOG(("selfserv: server_thread: exiting"));
-
-    {
-	int i;
-	for (i=0; i<kt_kea_size; i++) {
-	    if (cert[i]) {
-		CERT_DestroyCertificate(cert[i]);
-	    }
-	    if (privKey[i]) {
-		SECKEY_DestroyPrivateKey(privKey[i]);
-	    }
-	}
-    }
-
-    if (debugCache) {
-	nss_DumpCertificateCacheInfo();
-    }
-
-    free(nickName);
-    free(passwd);
-
-    NSS_Shutdown();
-    PR_Cleanup();
-    printf("selfserv: normal termination\n");
-    return 0;
-}
diff --git a/security/nss/cmd/signtool/Makefile b/security/nss/cmd/signtool/Makefile
deleted file mode 100644
index e4a3a6069..000000000
--- a/security/nss/cmd/signtool/Makefile
+++ /dev/null
@@ -1,71 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/signtool/README b/security/nss/cmd/signtool/README
deleted file mode 100644
index 2bdb705c7..000000000
--- a/security/nss/cmd/signtool/README
+++ /dev/null
@@ -1,119 +0,0 @@
-                      Signing Tool (signtool)
-                         1.3 Release Notes
-               ========================================
-
-Documentation is provided online at mozilla.org
-
-Problems or questions not covered by the online documentation can be
-discussed in the DevEdge Security Newsgroup.
-
-=== New Features in 1.3
-=======================
-
-The security library components have been upgraded to utilize NSS_2_7_1_RTM.
-This means that the maximum RSA keysize now supported should be 4096 bits.
-
-=== Zigbert 0.6 Support
-=======================
-This program was previously named Zigbert.  The last version of zigbert
-was Zigbert 0.6.  Because all the functionality of Zigbert is maintained in
-signtool 1.2, Zigbert is no longer supported.  If you have problems
-using Zigbert, please upgrade to signtool 1.2.
-
-=== New Features in 1.2
-=======================
-
-Certificate Generation Improvements
------------------------------------
-Two new options have been added to control generation of self-signed object
-signing certificates with the -G option. The -s option takes the size (in bits)
-of the generated RSA private key.  The -t option takes the name of the PKCS #11
-token on which to generate the keypair and install the certificate.  Both
-options are optional.  By default, the private key is 1024 bits and is generated
-on the internal software token.
-
-
-=== New Features in 1.1
-=======================
-
-File I/O
---------
-Signtool can now read its options from a command file specified with the -f
-option on the command line. The format for the file is described in the
-documentation.
-Error messages and informational output can be redirected to an output file
-by supplying the "--outfile" option on the command line or the "outfile="
-option in the command file.
-
-New Options
------------
-"--norecurse" tells Signtool not to recurse into subdirectories when signing
-directories or parsing HTML with the -J option.
-"--leavearc" tells Signtool not to delete the temporary .arc directories
-produced by the -J option.  This can aid debugging.
-"--verbosity" tells Signtool how much information to display. 0 is the
-default. -1 suppresses most messages, except for errors.
-
-=== Bug Fixes in 1.1
-====================
-
--J option revamped
-------------------
-The -J option, which parses HTML files, extracts Java and Javascript code,
-and stores them in signed JAR files, has been re-implemented. Several bugs
-have been fixed:
-- CODEBASE attribute is no longer ignored
-- CLASS and SRC attributes can be be paths ("xxx/xxx/x.class") rather than
-  just filenames ("x.class").
-- LINK tags are handled correctly
-- various HTML parsing bugs fixed
-- error messages are more informative
-
-No Password on Key Database
----------------------------
-If you had not yet set a Communicator password (which locks key3.db, the
-key database), signtool would fail with a cryptic error message whenever it
-attempted to verify the password.  Now this condition is detected at the
-beginning of the program, and a more informative message is displayed.
-
--x and -e Options
------------------
-Previously, only one of each of these options could be specified on the command
-line. Now arbitrarily many can be specified.  For example, to sign only files
-with .class or .js extensions, the arguments "-eclass -ejs" could both be
-specified. To exclude the directories "subdir1" and "subdir2" from signing,
-the arguments "-x subdir1 -x subdir2" could both be specified.
-
-New Features in 1.0
-===================
-
-Creation of JAR files
-----------------------
-The -Z option causes signtool to output a JAR file formed by storing the
-signed archive in ZIP format.  This eliminates the need to use a separate ZIP
-utility.  The -c option specifies the compression level of the resulting
-JAR file.
-
-Generation of Object-Signing Certificates and Keys
---------------------------------------------------
-The -G option will create a new, self-signed object-signing certificate
-which can be used for testing purposes.  The generated certificate and 
-associated public and private keys will be installed in the cert7.db and
-key3.db files in the directory specified with the -d option (unless the key
-is generated on an external token using the -t option). On Unix systems,
-if no directory is specified, the user's Netscape directory (~/.netscape)
-will be used. In addition, the certificate is output in X509 format to the
-files x509.raw and x509.cacert in the current directory.  x509.cacert can
-be published on a web page and imported into browsers that visit that page.
-
-Extraction and Signing of JavaScript from HTML
-----------------------------------------------
-The -J option activates the same functionality provided by the signpages
-Perl script.  It will parse a directory of html files, creating archives
-of the JavaScript called from the HTML. These archives are then signed and
-made into JAR files.
-
-Enhanced Smart Card Support
----------------------------
-Certificates that reside on smart cards are displayed when using the -L and
--l options.
diff --git a/security/nss/cmd/signtool/README.TXT b/security/nss/cmd/signtool/README.TXT
deleted file mode 100644
index db79ec992..000000000
--- a/security/nss/cmd/signtool/README.TXT
+++ /dev/null
@@ -1,119 +0,0 @@
-                       Signing Tool (signtool)

-                         1.3 Release Notes

-               ========================================

-

-Documentation is provided online at mozilla.org

-

-Problems or questions not covered by the online documentation can be

-discussed in the DevEdge Security Newsgroup.

-

-=== New Features in 1.3

-=======================

-

-The security library components have been upgraded to utilize NSS_2_7_1_RTM.

-This means that the maximum RSA keysize now supported should be 4096 bits.

-

-=== Zigbert 0.6 Support

-=======================

-This program was previously named Zigbert.  The last version of zigbert

-was Zigbert 0.6.  Because all the functionality of Zigbert is maintained in

-signtool 1.2, Zigbert is no longer supported.  If you have problems

-using Zigbert, please upgrade to signtool 1.2.

-

-=== New Features in 1.2

-=======================

-

-Certificate Generation Improvements

------------------------------------

-Two new options have been added to control generation of self-signed object

-signing certificates with the -G option. The -s option takes the size (in bits)

-of the generated RSA private key.  The -t option takes the name of the PKCS #11

-token on which to generate the keypair and install the certificate.  Both

-options are optional.  By default, the private key is 1024 bits and is generated

-on the internal software token.

-

-

-=== New Features in 1.1

-=======================

-

-File I/O

---------

-Signtool can now read its options from a command file specified with the -f

-option on the command line. The format for the file is described in the

-documentation.

-Error messages and informational output can be redirected to an output file

-by supplying the "--outfile" option on the command line or the "outfile="

-option in the command file.

-

-New Options

------------

-"--norecurse" tells Signtool not to recurse into subdirectories when signing

-directories or parsing HTML with the -J option.

-"--leavearc" tells Signtool not to delete the temporary .arc directories

-produced by the -J option.  This can aid debugging.

-"--verbosity" tells Signtool how much information to display. 0 is the

-default. -1 suppresses most messages, except for errors.

-

-=== Bug Fixes in 1.1

-====================

-

--J option revamped

-------------------

-The -J option, which parses HTML files, extracts Java and Javascript code,

-and stores them in signed JAR files, has been re-implemented. Several bugs

-have been fixed:

-- CODEBASE attribute is no longer ignored

-- CLASS and SRC attributes can be be paths ("xxx/xxx/x.class") rather than

-  just filenames ("x.class").

-- LINK tags are handled correctly

-- various HTML parsing bugs fixed

-- error messages are more informative

-

-No Password on Key Database

----------------------------

-If you had not yet set a Communicator password (which locks key3.db, the

-key database), signtool would fail with a cryptic error message whenever it

-attempted to verify the password.  Now this condition is detected at the

-beginning of the program, and a more informative message is displayed.

-

--x and -e Options

------------------

-Previously, only one of each of these options could be specified on the command

-line. Now arbitrarily many can be specified.  For example, to sign only files

-with .class or .js extensions, the arguments "-eclass -ejs" could both be

-specified. To exclude the directories "subdir1" and "subdir2" from signing,

-the arguments "-x subdir1 -x subdir2" could both be specified.

-

-New Features in 1.0

-===================

-

-Creation of JAR files

-----------------------

-The -Z option causes signtool to output a JAR file formed by storing the

-signed archive in ZIP format.  This eliminates the need to use a separate ZIP

-utility.  The -c option specifies the compression level of the resulting

-JAR file.

-

-Generation of Object-Signing Certificates and Keys

---------------------------------------------------

-The -G option will create a new, self-signed object-signing certificate

-which can be used for testing purposes.  The generated certificate and 

-associated public and private keys will be installed in the cert7.db and

-key3.db files in the directory specified with the -d option (unless the key

-is generated on an external token using the -t option). On Unix systems,

-if no directory is specified, the user's Netscape directory (~/.netscape)

-will be used. In addition, the certificate is output in X509 format to the

-files x509.raw and x509.cacert in the current directory.  x509.cacert can

-be published on a web page and imported into browsers that visit that page.

-

-Extraction and Signing of JavaScript from HTML

-----------------------------------------------

-The -J option activates the same functionality provided by the signpages

-Perl script.  It will parse a directory of html files, creating archives

-of the JavaScript called from the HTML. These archives are then signed and

-made into JAR files.

-

-Enhanced Smart Card Support

----------------------------

-Certificates that reside on smart cards are displayed when using the -L and

--l options.

diff --git a/security/nss/cmd/signtool/certgen.c b/security/nss/cmd/signtool/certgen.c
deleted file mode 100644
index 00222044d..000000000
--- a/security/nss/cmd/signtool/certgen.c
+++ /dev/null
@@ -1,707 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-
-#include "secoid.h"
-#include "cryptohi.h"
-#include "certdb.h"
-
-static char* GetSubjectFromUser(unsigned long serial);
-static CERTCertificate* GenerateSelfSignedObjectSigningCert(char *nickname,
-	CERTCertDBHandle *db, char *subject, unsigned long serial, int keysize,
-        char *token);
-static SECStatus ChangeTrustAttributes(CERTCertDBHandle *db,
-	CERTCertificate *cert, char *trusts);
-static SECStatus set_cert_type(CERTCertificate *cert, unsigned int type);
-static SECItem *sign_cert(CERTCertificate *cert, SECKEYPrivateKey *privk);
-static CERTCertificate* install_cert(CERTCertDBHandle *db, SECItem *derCert,
-            char *nickname);
-static SECStatus GenerateKeyPair(PK11SlotInfo *slot, SECKEYPublicKey **pubk,
-	SECKEYPrivateKey **privk, int keysize);
-static CERTCertificateRequest* make_cert_request(char *subject,
-	SECKEYPublicKey *pubk);
-static CERTCertificate * make_cert(CERTCertificateRequest *req,
-	unsigned long serial, CERTName *ca_subject);
-static void output_ca_cert (CERTCertificate *cert, CERTCertDBHandle *db);
-
-
-/***********************************************************************
- *
- * G e n e r a t e C e r t
- *
- * Runs the whole process of creating a new cert, getting info from the
- * user, etc.
- */
-int
-GenerateCert(char *nickname, int keysize, char *token)
-{
-	CERTCertDBHandle *db;
-	CERTCertificate *cert;
-	char *subject;
-	unsigned long serial;
-	char stdinbuf[160];
-
-	/* Print warning about having the browser open */
-	PR_fprintf(PR_STDOUT /*always go to console*/,
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit the browser before continuing this operation. Enter "
-"\n\"y\" to continue, or anything else to abort: ");
-	pr_fgets(stdinbuf, 160, PR_STDIN);
-	PR_fprintf(PR_STDOUT, "\n");
-	if(tolower(stdinbuf[0]) != 'y') {
-		PR_fprintf(errorFD, "Operation aborted at user's request.\n");
-		errorCount++;
-		return -1;
-	}
-
-	db = CERT_GetDefaultCertDB();
-	if(!db) {
-		FatalError("Unable to open certificate database");
-	}
-
-	if(PK11_FindCertFromNickname(nickname, NULL)) {
-		PR_fprintf(errorFD,
-"ERROR: Certificate with nickname \"%s\" already exists in database. You\n"
-"must choose a different nickname.\n", nickname);
-		errorCount++;
-		exit(ERRX);
-	}
-
-	LL_L2UI(serial, PR_Now());
-
-	subject = GetSubjectFromUser(serial);
-
-	cert = GenerateSelfSignedObjectSigningCert(nickname, db, subject,
-		serial, keysize, token);
-
-	if(cert) {
-		output_ca_cert(cert, db);
-	}
-
-	PORT_Free(subject);
-	return 0;
-}
-
-#undef VERBOSE_PROMPTS
-
-/*********************************************************************8
- * G e t S u b j e c t F r o m U s e r
- *
- * Construct the subject information line for a certificate by querying
- * the user on stdin.
- */
-static char*
-GetSubjectFromUser(unsigned long serial)
-{
-	char buf[STDIN_BUF_SIZE];
-	char common_name_buf[STDIN_BUF_SIZE];
-	char *common_name, *state, *orgunit, *country, *org, *locality;
-	char *email, *uid;
-	char *subject;
-	char *cp;
-	int subjectlen=0;
-
-	common_name = state = orgunit = country = org = locality = email =
-		uid = subject = NULL;
-
-	/* Get subject information */
-	PR_fprintf(PR_STDOUT,
-"\nEnter certificate information.  All fields are optional. Acceptable\n"
-"characters are numbers, letters, spaces, and apostrophes.\n");
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nCOMMON NAME\n"
-"Enter the full name you want to give your certificate. (Example: Test-Only\n"
-"Object Signing Certificate)\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "certificate common name: ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(buf);
-	if(*cp == '\0') {
-		sprintf(common_name_buf, "%s (%lu)", DEFAULT_COMMON_NAME, serial);
-		cp = common_name_buf;
-	}
-	common_name = PORT_ZAlloc(strlen(cp) + 6);
-	if(!common_name) {out_of_memory();}
-	sprintf(common_name, "CN=%s, ", cp);
-	subjectlen += strlen(common_name);
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nORGANIZATION NAME\n"
-"Enter the name of your organization. For example, this could be the name\n"
-"of your company.\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "organization: ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(buf);
-	if(*cp != '\0') {
-		org = PORT_ZAlloc(strlen(cp) + 5);
-		if(!org) {out_of_memory();}
-		sprintf(org, "O=%s, ", cp);
-		subjectlen += strlen(org);
-	}
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nORGANIZATION UNIT\n"
-"Enter the name of your organization unit.  For example, this could be the\n"
-"name of your department.\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "organization unit: ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(buf);
-	if(*cp != '\0') {
-		orgunit = PORT_ZAlloc(strlen(cp)+6);
-		if(!orgunit) {out_of_memory();}
-		sprintf(orgunit, "OU=%s, ", cp);
-		subjectlen += strlen(orgunit);
-	}
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nSTATE\n"
-"Enter the name of your state or province.\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "state or province: ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(buf);
-	if(*cp != '\0') {
-		state = PORT_ZAlloc(strlen(cp)+6);
-		if(!state) {out_of_memory();}
-		sprintf(state, "ST=%s, ", cp);
-		subjectlen += strlen(state);
-	}
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nCOUNTRY\n"
-"Enter the 2-character abbreviation for the name of your country.\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "country (must be exactly 2 characters): ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(cp);
-	if(strlen(cp) != 2) {
-		*cp = '\0';	/* country code must be 2 chars */
-	}
-	if(*cp != '\0') {
-		country = PORT_ZAlloc(strlen(cp)+5);
-		if(!country) {out_of_memory();}
-		sprintf(country, "C=%s, ", cp);
-		subjectlen += strlen(country);
-	}
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nUSERNAME\n"
-"Enter your system username or UID\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "username: ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(buf);
-	if(*cp != '\0') {
-		uid = PORT_ZAlloc(strlen(cp)+7);
-		if(!uid) {out_of_memory();}
-		sprintf(uid, "UID=%s, ", cp);
-		subjectlen += strlen(uid);
-	}
-
-#ifdef VERBOSE_PROMPTS
-	PR_fprintf(PR_STDOUT, "\nEMAIL ADDRESS\n"
-"Enter your email address.\n"
-"-->");
-#else
-	PR_fprintf(PR_STDOUT, "email address: ");
-#endif
-	fgets(buf, STDIN_BUF_SIZE, stdin);
-	cp = chop(buf);
-	if(*cp != '\0') {
-		email = PORT_ZAlloc(strlen(cp)+5);
-		if(!email) {out_of_memory();}
-		sprintf(email, "E=%s,", cp);
-		subjectlen += strlen(email);
-	}
-
-	subjectlen++;
-
-	subject = PORT_ZAlloc(subjectlen);
-	if(!subject) {out_of_memory();}
-
-	sprintf(subject, "%s%s%s%s%s%s%s",
-		common_name ? common_name : "",
-		org ? org : "",
-		orgunit ? orgunit : "",
-		state ? state : "",
-		country ? country : "",
-		uid ? uid : "",
-		email ? email : ""
-	);
-	if( (strlen(subject) > 1) && (subject[strlen(subject)-1] == ' ') ) {
-		subject[strlen(subject)-2] = '\0';
-	}
-
-	PORT_Free(common_name);
-	PORT_Free(org);
-	PORT_Free(orgunit);
-	PORT_Free(state);
-	PORT_Free(country);
-	PORT_Free(uid);
-	PORT_Free(email);
-
-	return subject;
-}
-
-/**************************************************************************
- *
- * G e n e r a t e S e l f S i g n e d O b j e c t S i g n i n g C e r t
- *														   		  *phew*^
- *
- */
-static CERTCertificate*
-GenerateSelfSignedObjectSigningCert(char *nickname, CERTCertDBHandle *db,
-	char *subject, unsigned long serial, int keysize, char *token)
-{
-	CERTCertificate *cert, *temp_cert;
-	SECItem *derCert;
-	CERTCertificateRequest *req;
-
-	PK11SlotInfo *slot = NULL;
-	SECKEYPrivateKey *privk = NULL;
-	SECKEYPublicKey *pubk = NULL;
-
-    if( token ) {
-        slot = PK11_FindSlotByName(token);
-    } else {
-	    slot = PK11_GetInternalKeySlot();
-    }
-        
-	if (slot == NULL) {
-		PR_fprintf(errorFD, "Can't find PKCS11 slot %s\n",
-                token ? token : "");
-		errorCount++;
-		exit (ERRX);
-	}
-
-	if( GenerateKeyPair(slot, &pubk, &privk, keysize) != SECSuccess) {
-		FatalError("Error generating keypair.");
-	}
-	req = make_cert_request (subject, pubk);
-	temp_cert = make_cert (req, serial, &req->subject);
-	if(set_cert_type(temp_cert,
-		NS_CERT_TYPE_OBJECT_SIGNING | NS_CERT_TYPE_OBJECT_SIGNING_CA)
-		!= SECSuccess) {
-		FatalError("Unable to set cert type");
-	}
-
-	derCert = sign_cert (temp_cert, privk);
-	cert = install_cert(db, derCert, nickname);
-	if(ChangeTrustAttributes(db, cert, ",,uC") != SECSuccess) {
-		FatalError("Unable to change trust on generated certificate");
-	}
-
-	/* !!! Free memory ? !!! */
-	PK11_FreeSlot(slot);
-
-	return cert;
-}
-
-/**************************************************************************
- *
- * C h a n g e T r u s t A t t r i b u t e s
- */
-static SECStatus
-ChangeTrustAttributes(CERTCertDBHandle *db, CERTCertificate *cert, char *trusts)
-{
-
-	CERTCertTrust	*trust;
-
-	if(!db || !cert || !trusts) {
-		PR_fprintf(errorFD,"ChangeTrustAttributes got incomplete arguments.\n");
-		errorCount++;
-		return SECFailure;
-	}
-
-	trust = (CERTCertTrust*) PORT_ZAlloc(sizeof(CERTCertTrust));
-	if(!trust) {
-		PR_fprintf(errorFD, "ChangeTrustAttributes unable to allocate "
-		 "CERTCertTrust\n");
-		errorCount++;
-		return SECFailure;
-	}
-
-	if( CERT_DecodeTrustString(trust, trusts) ) {
-		return SECFailure;
-	}
-
-	if( CERT_ChangeCertTrust(db, cert, trust) ) {
-		PR_fprintf(errorFD, "unable to modify trust attributes for cert %s\n",
-		 cert->nickname ? cert->nickname : "");
-		errorCount++;
-		return SECFailure;
-	}
-
-	return SECSuccess;
-}
-
-/*************************************************************************
- *
- * s e t _ c e r t _ t y p e
- */
-static SECStatus
-set_cert_type(CERTCertificate *cert, unsigned int type)
-{
-	void *context;
-	SECStatus status = SECSuccess;
-	SECItem certType;
-	char ctype;
-
-	context = CERT_StartCertExtensions(cert);
-
-	certType.type = siBuffer;
-	certType.data = (unsigned char*) &ctype;
-	certType.len = 1;
-	ctype = (unsigned char)type;
-	if(CERT_EncodeAndAddBitStrExtension(context, SEC_OID_NS_CERT_EXT_CERT_TYPE,
-	 &certType, PR_TRUE /*critical*/) != SECSuccess) {
-		status = SECFailure;
-	}
-
-	if(CERT_FinishExtensions(context) != SECSuccess) {
-		status = SECFailure;
-	}
-
-	return status;
-}
-
-/********************************************************************
- *
- * s i g n _ c e r t
- */
-static SECItem *
-sign_cert(CERTCertificate *cert, SECKEYPrivateKey *privk)
-{
-  SECStatus rv;
-
-  SECItem der2;
-  SECItem *result2;
-
-  void *dummy;
-  SECOidTag alg;
-
-  switch (privk->keyType) 
-    {
-    case rsaKey:
-      alg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-      break;
-
-    case dsaKey:
-      alg = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-      break;
-	default:
-		FatalError("Unknown key type");
-    }
-
-  rv = SECOID_SetAlgorithmID (cert->arena, &cert->signature, alg, 0);
-
-  if (rv != SECSuccess) 
-    {
-    PR_fprintf(errorFD, "%s: unable to set signature alg id\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  der2.len = 0;
-  der2.data = NULL;
-
-  dummy = SEC_ASN1EncodeItem
-      (cert->arena, &der2, cert, CERT_CertificateTemplate);
-
-  if (rv != SECSuccess)
-    {
-    PR_fprintf(errorFD, "%s: error encoding cert\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  result2 = (SECItem *) PORT_ArenaZAlloc (cert->arena, sizeof (SECItem));
-  if (result2 == NULL) 
-    out_of_memory();
-
-  rv = SEC_DerSignData 
-     (cert->arena, result2, der2.data, der2.len, privk, alg);
-
-  if (rv != SECSuccess) 
-    {
-    PR_fprintf(errorFD, "can't sign encoded certificate data\n");
-	errorCount++;
-    exit (ERRX);
-    }
-  else if(verbosity >= 0) {
-    PR_fprintf(outputFD, "certificate has been signed\n");
-	}
-
-	cert->derCert = *result2;
-
-	return result2;
-}
-
-/*********************************************************************
- *
- * i n s t a l l _ c e r t
- *
- * Installs the cert in the permanent database.
- */
-static CERTCertificate*
-install_cert(CERTCertDBHandle *db, SECItem *derCert, char *nickname)
-{
-	CERTCertificate *newcert;
-    PK11SlotInfo *newSlot;
-
-	newcert = CERT_DecodeDERCertificate(derCert, PR_TRUE, NULL);
-
-	if (newcert == NULL) {
-		PR_fprintf(errorFD, "%s: can't create new certificate\n", PROGRAM_NAME);
-		errorCount++;
-		exit (ERRX);
-	}
-
-    newSlot = PK11_ImportCertForKey(newcert, nickname, NULL /*wincx*/);
-    if( newSlot == NULL ) {
-        PR_fprintf(errorFD, "Unable to install certificate\n");
-        errorCount++;
-        exit(ERRX);
-    }
-    PK11_FreeSlot(newSlot);
-
-    if(verbosity >= 0){
-	   PR_fprintf(outputFD, "certificate \"%s\" added to database\n", nickname);
-	}
-
-	return newcert;
-}
-
-/******************************************************************
- *
- * G e n e r a t e K e y P a i r
- */
-static SECStatus
-GenerateKeyPair(PK11SlotInfo *slot, SECKEYPublicKey **pubk,
-	SECKEYPrivateKey **privk, int keysize)
-{
-
-	PK11RSAGenParams rsaParams;
-
-    if( keysize == -1 ) {
-        rsaParams.keySizeInBits = DEFAULT_RSA_KEY_SIZE;
-    } else {
-        rsaParams.keySizeInBits = keysize;
-    }
-    rsaParams.pe = 0x10001;
-
-	if(PK11_Authenticate( slot, PR_FALSE /*loadCerts*/, NULL /*wincx*/)
-	 != SECSuccess) {
-		SECU_PrintError(progName, "failure authenticating to key database.\n");
-		exit(ERRX);
-	}
-
-    *privk = PK11_GenerateKeyPair (slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &rsaParams, 
-        pubk, PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/, NULL /*wincx*/ );
-
-	if (*privk != NULL && *pubk != NULL) {
-		if(verbosity >= 0) {
-			PR_fprintf(outputFD, "generated public/private key pair\n");
-		}
-	} else {
-		SECU_PrintError(progName, "failure generating key pair\n");
-		exit (ERRX);
-	}
-
-	return SECSuccess;
-}
-  
-/******************************************************************
- *
- * m a k e _ c e r t _ r e q u e s t
- */
-static CERTCertificateRequest*
-make_cert_request(char *subject, SECKEYPublicKey *pubk)
-{
-	CERTName *subj;
-	CERTSubjectPublicKeyInfo *spki;
-
-	CERTCertificateRequest *req;
-
-	/* Create info about public key */
-	spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
-	if (!spki) {
-		SECU_PrintError(progName, "unable to create subject public key");
-		exit (ERRX);
-	}
-
-	subj = CERT_AsciiToName (subject);    
-	if(subj == NULL) {
-		FatalError("Invalid data in certificate description");
-	}
-
-	/* Generate certificate request */
-	req = CERT_CreateCertificateRequest(subj, spki, 0);
-	if (!req) {
-		SECU_PrintError(progName, "unable to make certificate request");
-		exit (ERRX);
-	}  
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "certificate request generated\n");
-	}
-
-	return req;
-}
-
-/******************************************************************
- *
- * m a k e _ c e r t
- */
-static CERTCertificate *
-make_cert(CERTCertificateRequest *req, unsigned long serial,
-	CERTName *ca_subject)
-{
-  CERTCertificate *cert;
-
-  CERTValidity *validity = NULL;
-
-  PRTime now, after;
-  PRExplodedTime printableTime;
-
-  now = PR_Now();
-  PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-
-  printableTime.tm_month += 3;
-  after = PR_ImplodeTime (&printableTime);
-
-  validity = CERT_CreateValidity (now, after);
-
-  if (validity == NULL)
-    {
-    PR_fprintf(errorFD, "%s: error creating certificate validity\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  cert = CERT_CreateCertificate
-        (serial, ca_subject, validity, req);
-
-  if (cert == NULL)
-    {
-    /* should probably be more precise here */
-    PR_fprintf(errorFD, "%s: error while generating certificate\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  return cert;
-  }
-
-/*************************************************************************
- *
- * o u t p u t _ c a _ c e r t
- */
-static void
-output_ca_cert (CERTCertificate *cert, CERTCertDBHandle *db)
-  {
-  FILE *out;
- 
-  SECItem *encodedCertChain; 
-  SEC_PKCS7ContentInfo *certChain;
-	char *filename;
-
-  /* the raw */
-
-	filename = PORT_ZAlloc(strlen(DEFAULT_X509_BASENAME)+8);
-	if(!filename) out_of_memory();
-
-	sprintf(filename, "%s.raw", DEFAULT_X509_BASENAME);
-  if ((out = fopen (filename, "wb")) == NULL)
-    {
-    PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename);
-	errorCount++;
-	exit(ERRX);
-    }
-
-  certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, db);
-  encodedCertChain 
-     = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL, NULL);
-
-  if (encodedCertChain) 
-    {
-    fprintf(out, "Content-type: application/x-x509-ca-cert\n\n");
-    fwrite (encodedCertChain->data, 1, encodedCertChain->len, out);
-    }
-  else {
-    PR_fprintf(errorFD, "%s: Can't DER encode this certificate\n", PROGRAM_NAME);
-	errorCount++;
-	exit(ERRX);
-  }
-
-  fclose (out);
-
-  /* and the cooked */
-
-	sprintf(filename, "%s.cacert", DEFAULT_X509_BASENAME);
-  if ((out = fopen (filename, "wb")) == NULL)
-    {
-    PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename);
-	errorCount++;
-    return;
-    }
-
-  fprintf (out, "%s\n%s\n%s\n", 
-      NS_CERT_HEADER,
-      BTOA_DataToAscii (cert->derCert.data, cert->derCert.len), 
-      NS_CERT_TRAILER);
-
-  fclose (out);
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "Exported certificate to %s.raw and %s.cacert.\n",
-			DEFAULT_X509_BASENAME, DEFAULT_X509_BASENAME);
-	}
-}
diff --git a/security/nss/cmd/signtool/javascript.c b/security/nss/cmd/signtool/javascript.c
deleted file mode 100644
index 26bf39f9b..000000000
--- a/security/nss/cmd/signtool/javascript.c
+++ /dev/null
@@ -1,1787 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include <prmem.h>
-#include <prio.h>
-#include <prenv.h>
-
-static int javascript_fn(char *relpath, char *basedir, char *reldir,
-	char *filename, void *arg);
-static int extract_js (char *filename);
-static int copyinto (char *from, char *to);
-static PRStatus ensureExists (char *base, char *path);
-static int make_dirs(char *path, PRInt32 file_perms);
-
-static char *jartree = NULL;
-static int idOrdinal;
-static PRBool dumpParse=PR_FALSE;
-
-static char *event_handlers[] = {
-"onAbort",
-"onBlur",
-"onChange",
-"onClick",
-"onDblClick",
-"onDragDrop",
-"onError",
-"onFocus",
-"onKeyDown",
-"onKeyPress",
-"onKeyUp",
-"onLoad",
-"onMouseDown",
-"onMouseMove",
-"onMouseOut",
-"onMouseOver",
-"onMouseUp",
-"onMove",
-"onReset",
-"onResize",
-"onSelect",
-"onSubmit",
-"onUnload"
-};
-static int num_handlers = 23;
-
-/*
- *  I n l i n e J a v a S c r i p t
- *
- *  Javascript signing. Instead of passing an archive to signtool,
- *  a directory containing html files is given. Archives are created
- *  from the archive= and src= tag attributes inside the html,
- *  as appropriate. Then the archives are signed.
- *
- */
-int
-InlineJavaScript(char *dir, PRBool recurse)
-{
-	jartree = dir;
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "\nGenerating inline signatures from HTML files in: %s\n", dir);
-	}
-	if(PR_GetEnv("SIGNTOOL_DUMP_PARSE")) {
-		dumpParse = PR_TRUE;
-	}
-
-	return foreach(dir, "", javascript_fn, recurse, PR_FALSE /*include dirs*/,
-		(void*)NULL);
-
-}
-
-/************************************************************************
- *
- * j a v a s c r i p t _ f n
- */
-static int javascript_fn
-     (char *relpath, char *basedir, char *reldir, char *filename, void *arg)
-{
-  char fullname [FNSIZE];
-
-  /* only process inline scripts from .htm, .html, and .shtml*/
-
-	if(! (PL_strcaserstr(filename, ".htm") == filename + strlen(filename) -4) &&
-	   ! (PL_strcaserstr(filename, ".html") == filename + strlen(filename) -5)&&
-	   ! (PL_strcaserstr(filename, ".shtml") == filename + strlen(filename)-6)){
-		return 0;
-	}
-
-  /* don't process scripts that signtool has already
-     extracted (those that are inside .arc directories) */
-
-  if(PL_strcaserstr(filename, ".arc") == filename + strlen(filename) - 4)
-    return 0;
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "Processing HTML file: %s\n", relpath);
-	}
-
-  /* reset firstArchive at top of each HTML file */
-
-  /* skip directories that contain extracted scripts */
-
-  if(PL_strcaserstr(reldir, ".arc") == reldir + strlen(reldir) - 4)
-    return 0;
-
-  sprintf (fullname, "%s/%s", basedir, relpath);
-  return extract_js (fullname);
-}
-
-/*===========================================================================
- =
- = D A T A   S T R U C T U R E S
- =
-*/
-typedef enum {
-	TEXT_HTML_STATE=0,
-	SCRIPT_HTML_STATE
-} HTML_STATE ;
-
-typedef enum {
-	/* we start in the start state */
-	START_STATE,
-
-	/* We are looking for or reading in an attribute */
-	GET_ATT_STATE,
-
-	/* We're burning ws before finding an attribute */
-	PRE_ATT_WS_STATE,
-
-	/* We're burning ws after an attribute.  Looking for an '='. */
-	POST_ATT_WS_STATE,
-
-	/* We're burning ws after an '=', waiting for a value */
-	PRE_VAL_WS_STATE,
-
-	/* We're reading in a value */
-	GET_VALUE_STATE,
-
-	/* We're reading in a value that's inside quotes */
-	GET_QUOTED_VAL_STATE,
-
-	/* We've encountered the closing '>' */
-	DONE_STATE,
-
-	/* Error state */
-	ERR_STATE
-} TAG_STATE ;
-
-typedef struct AVPair_Str {
-	char *attribute;
-	char *value;
-	unsigned int valueLine; /* the line that the value ends on */
-	struct AVPair_Str *next;
-} AVPair;
-
-typedef enum {
-	APPLET_TAG,
-	SCRIPT_TAG,
-	LINK_TAG,
-	STYLE_TAG,
-	COMMENT_TAG,
-	OTHER_TAG
-} TAG_TYPE ;
-
-typedef struct {
-	TAG_TYPE type;
-	AVPair *attList;
-	AVPair *attListTail;
-	char *text;
-} TagItem;
-
-typedef enum {
-	TAG_ITEM,
-	TEXT_ITEM
-} ITEM_TYPE ;
-
-typedef struct HTMLItem_Str{
-	unsigned int startLine;
-	unsigned int endLine;
-	ITEM_TYPE type;
-	union {
-		TagItem *tag;
-		char *text;
-	} item;
-	struct HTMLItem_Str *next;
-} HTMLItem;
-
-typedef struct {
-	PRFileDesc *fd;
-	PRInt32 curIndex;
-	PRBool IsEOF;
-#define FILE_BUFFER_BUFSIZE 512
-	char buf[FILE_BUFFER_BUFSIZE];
-	PRInt32 startOffset;
-	PRInt32 maxIndex;
-	unsigned int lineNum;
-} FileBuffer;
-
-/*===========================================================================
- =
- = F U N C T I O N S
- =
-*/
-static HTMLItem* CreateTextItem(char *text, unsigned int startline,
-					unsigned int endline);
-static HTMLItem* CreateTagItem(TagItem* ti, unsigned int startline,
-					unsigned int endline);
-static TagItem* ProcessTag(FileBuffer* fb, char **errStr);
-static void DestroyHTMLItem(HTMLItem *item);
-static void DestroyTagItem(TagItem* ti);
-static TAG_TYPE GetTagType(char *att);
-static FileBuffer* FB_Create(PRFileDesc* fd);
-static int FB_GetChar(FileBuffer *fb);
-static PRInt32 FB_GetPointer(FileBuffer *fb);
-static PRInt32 FB_GetRange(FileBuffer *fb, PRInt32 start, PRInt32 end,
-															char **buf);
-static unsigned int FB_GetLineNum(FileBuffer *fb);
-static void FB_Destroy(FileBuffer *fb);
-static void PrintTagItem(PRFileDesc *fd, TagItem *ti);
-static void PrintHTMLStream(PRFileDesc *fd, HTMLItem *head);
-
-/************************************************************************
- *
- * C r e a t e T e x t I t e m
- */
-static HTMLItem*
-CreateTextItem(char *text, unsigned int startline, unsigned int endline)
-{
-	HTMLItem *item;
-
-	item = PR_Malloc(sizeof(HTMLItem));
-	if(!item) {
-		return NULL;
-	}
-
-	item->type = TEXT_ITEM;
-	item->item.text = text;
-	item->next = NULL;
-	item->startLine = startline;
-	item->endLine = endline;
-
-	return item;
-}
-
-/************************************************************************
- *
- * C r e a t e T a g I t e m
- */
-static HTMLItem*
-CreateTagItem(TagItem* ti, unsigned int startline, unsigned int endline)
-{
-	HTMLItem *item;
-
-	item = PR_Malloc(sizeof(HTMLItem));
-	if(!item) {
-		return NULL;
-	}
-
-	item->type = TAG_ITEM;
-	item->item.tag = ti;
-	item->next = NULL;
-	item->startLine = startline;
-	item->endLine = endline;
-
-	return item;
-}
-
-static PRBool
-isAttChar(char c)
-{
-	return (isalnum(c) || c=='/' || c=='-');
-}
-
-/************************************************************************
- *
- * P r o c e s s T a g
- */
-static TagItem*
-ProcessTag(FileBuffer* fb, char **errStr)
-{
-	TAG_STATE state;
-	PRInt32 startText, startID, curPos;
-	PRBool firstAtt;
-	int curchar;
-	TagItem *ti=NULL;
-	AVPair *curPair=NULL;
-	char quotechar;
-	unsigned int linenum;
-	unsigned int startline;
-
-	state = START_STATE;
-
-	startID = FB_GetPointer(fb);
-	startText = startID;
-	firstAtt = PR_TRUE;
-
-	ti = (TagItem*) PR_Malloc(sizeof(TagItem));
-	if(!ti) out_of_memory();
-	ti->type = OTHER_TAG;
-	ti->attList = NULL;
-	ti->attListTail = NULL;
-	ti->text = NULL;
-
-	startline = FB_GetLineNum(fb);
-
-	while(state != DONE_STATE && state != ERR_STATE) {
-		linenum = FB_GetLineNum(fb);
-		curchar = FB_GetChar(fb);
-		if(curchar == EOF) {
-			*errStr = PR_smprintf(
-				"line %d: Unexpected end-of-file while parsing tag starting at line %d.\n", linenum, startline);
-			state = ERR_STATE;
-			continue;
-		}
-
-		switch(state) {
-		case START_STATE:
-			if(curchar=='!') {
-				/*
-				 * SGML tag or comment
-				 * Here's the general rule for SGML tags.  Everything from
-				 * <! to > is the tag.  Inside the tag, comments are
-				 * delimited with --.  So we are looking for the first '>'
-				 * that is not commented out, that is, not inside a pair
-				 * of --: <!DOCTYPE --this is a comment >(psyche!)   -->
-				 */
-
-				PRBool inComment = PR_FALSE;
-				short hyphenCount = 0; /* number of consecutive hyphens */
-
-				while(1) {
-					linenum = FB_GetLineNum(fb);
-					curchar = FB_GetChar(fb);
-					if(curchar == EOF) {
-						/* Uh oh, EOF inside comment */
-						*errStr = PR_smprintf(
-							"line %d: Unexpected end-of-file inside comment starting at line %d.\n",
-							linenum, startline);
-						state = ERR_STATE;
-						break;
-					}
-					if(curchar=='-') {
-						if(hyphenCount==1) {
-							/* This is a comment delimiter */
-							inComment = !inComment;
-							hyphenCount=0;
-						} else {
-							/* beginning of a comment delimiter? */
-							hyphenCount=1;
-						}
-					} else if(curchar=='>') {
-						if(!inComment) {
-							/* This is the end of the tag */
-							state = DONE_STATE;
-							break;
-						} else {
-							/* The > is inside a comment, so it's not
-							 * really the end of the tag */
-							hyphenCount=0;
-						}
-					} else {
-						hyphenCount = 0;
-					}
-				}
-				ti->type = COMMENT_TAG;
-				break;
-			}
-			/* fall through */
-		case GET_ATT_STATE:
-			if(isspace(curchar) || curchar=='=' || curchar=='>') {
-				/* end of the current attribute */
-				curPos = FB_GetPointer(fb)-2;
-				if(curPos >= startID) {
-					/* We have an attribute */
-					curPair = (AVPair*)PR_Malloc(sizeof(AVPair));
-					if(!curPair) out_of_memory();
-					curPair->value = NULL;
-					curPair->next = NULL;
-					FB_GetRange(fb, startID, curPos, &curPair->attribute);
-
-					/* Stick this attribute on the list */
-					if(ti->attListTail) {
-						ti->attListTail->next = curPair;
-						ti->attListTail = curPair;
-					} else {
-						ti->attList = ti->attListTail = curPair;
-					}
-					
-					/* If this is the first attribute, find the type of tag
-					 * based on it. Also, start saving the text of the tag. */
-					if(firstAtt) {
-						ti->type = GetTagType(curPair->attribute);
-						startText = FB_GetPointer(fb)-1;
-						firstAtt = PR_FALSE;
-					}
-				} else {
-					if(curchar=='=') {
-						/* If we don't have any attribute but we do have an
-						 * equal sign, that's an error */
-						*errStr = PR_smprintf("line %d: Malformed tag starting at line %d.\n", linenum, startline);
-						state = ERR_STATE;
-						break;
-					}
-				}
-
-				/* Compute next state */
-				if(curchar=='=') {
-					startID = FB_GetPointer(fb);
-					state = PRE_VAL_WS_STATE;
-				} else if(curchar=='>') {
-					state = DONE_STATE;
-				} else if(curPair) {
-					state = POST_ATT_WS_STATE;
-				} else {
-					state = PRE_ATT_WS_STATE;
-				}
-			} else if(isAttChar(curchar)) {
-				/* Just another char in the attribute. Do nothing */
-				state = GET_ATT_STATE;
-			} else {
-				/* bogus char */
-				*errStr= PR_smprintf("line %d: Bogus chararacter '%c' in tag.\n",
-					linenum, curchar);
-				state = ERR_STATE;
-				break;
-			}
-			break;
-		case PRE_ATT_WS_STATE:
-			if(curchar=='>') {
-				state = DONE_STATE;
-			} else if(isspace(curchar)) {
-				/* more whitespace, do nothing */
-			} else if(isAttChar(curchar)) {
-				/* starting another attribute */
-				startID = FB_GetPointer(fb)-1;
-				state = GET_ATT_STATE;
-			} else {
-				/* bogus char */
-				*errStr = PR_smprintf("line %d: Bogus character '%c' in tag.\n",
-					linenum, curchar);
-				state = ERR_STATE;
-				break;
-			}
-			break;
-		case POST_ATT_WS_STATE:
-			if(curchar=='>') {
-				state = DONE_STATE;
-			} else if(isspace(curchar)) {
-				/* more whitespace, do nothing */
-			} else if(isAttChar(curchar)) {
-				/* starting another attribute */
-				startID = FB_GetPointer(fb)-1;
-				state = GET_ATT_STATE;
-			} else if(curchar=='=') {
-				/* there was whitespace between the attribute and its equal
-				 * sign, which means there's a value coming up */
-				state = PRE_VAL_WS_STATE;
-			} else {
-				/* bogus char */
-				*errStr = PR_smprintf("line %d: Bogus character '%c' in tag.\n",
-					linenum, curchar);
-				state = ERR_STATE;
-				break;
-			}
-			break;
-		case PRE_VAL_WS_STATE:
-			if(curchar=='>') {
-				/* premature end-of-tag (sounds like a personal problem). */
-				*errStr = PR_smprintf(
-					"line %d: End of tag while waiting for value.\n", linenum);
-				state = ERR_STATE;
-				break;
-			} else if(isspace(curchar)) {
-				/* more whitespace, do nothing */
-				break;
-			} else {
-				/* this must be some sort of value. Fall through
-				 * to GET_VALUE_STATE */
-				startID=FB_GetPointer(fb)-1;
-				state = GET_VALUE_STATE;
-			}
-			/* Fall through if we didn't break on '>' or whitespace */
-		case GET_VALUE_STATE:
-			if(isspace(curchar) || curchar=='>') {
-				/* end of value */
-				curPos = FB_GetPointer(fb)-2;
-				if(curPos >= startID) {
-					/* Grab the value */
-					FB_GetRange(fb, startID, curPos, &curPair->value);
-					curPair->valueLine = linenum;
-				} else {
-					/* empty value, leave as NULL */
-				}
-				if(isspace(curchar)) {
-					state = PRE_ATT_WS_STATE;
-				} else {
-					state = DONE_STATE;
-				}
-			} else if(curchar=='\"' || curchar=='\'') {
-				/* quoted value.  Start recording the value inside the quote*/
-				startID = FB_GetPointer(fb);
-				state = GET_QUOTED_VAL_STATE;
-				quotechar = curchar; /* look for matching quote type */
-			} else {
-				/* just more value */
-			}
-			break;
-		case GET_QUOTED_VAL_STATE:
-			if(curchar == quotechar) {
-				/* end of quoted value */
-				curPos = FB_GetPointer(fb)-2;
-				if(curPos >= startID) {
-					/* Grab the value */
-					FB_GetRange(fb, startID, curPos, &curPair->value);
-					curPair->valueLine = linenum;
-				} else {
-					/* empty value, leave it as NULL */
-				}
-				state = GET_ATT_STATE;
-				startID = FB_GetPointer(fb);
-			} else {
-				/* more quoted value, continue */
-			}
-			break;
-		case DONE_STATE:
-		case ERR_STATE:
-		default:
-			; /* should never get here */
-		}
-	}
-
-	if(state == DONE_STATE) {
-		/* Get the text of the tag */
-		curPos = FB_GetPointer(fb)-1;
-		FB_GetRange(fb, startText, curPos, &ti->text);
-
-		/* Return the tag */
-		return ti;
-	}
-
-	/* Uh oh, an error.  Kill the tag item*/
-	DestroyTagItem(ti);
-	return NULL;
-}
-
-/************************************************************************
- *
- * D e s t r o y H T M L I t e m
- */
-static void
-DestroyHTMLItem(HTMLItem *item)
-{
-	if(item->type == TAG_ITEM) {
-		DestroyTagItem(item->item.tag);
-	} else {
-		if(item->item.text) {
-			PR_Free(item->item.text);
-		}
-	}
-}
-
-/************************************************************************
- *
- * D e s t r o y T a g I t e m
- */
-static void
-DestroyTagItem(TagItem* ti)
-{
-	AVPair *temp;
-
-	if(ti->text) {
-		PR_Free(ti->text); ti->text = NULL;
-	}
-
-	while(ti->attList) {
-		temp = ti->attList;
-		ti->attList = ti->attList->next;
-
-		if(temp->attribute) {
-			PR_Free(temp->attribute); temp->attribute = NULL;
-		}
-		if(temp->value) {
-			PR_Free(temp->value); temp->value = NULL;
-		}
-		PR_Free(temp);
-	}
-
-	PR_Free(ti);
-}
-
-/************************************************************************
- *
- * G e t T a g T y p e
- */
-static TAG_TYPE
-GetTagType(char *att)
-{
-	if(!PORT_Strcasecmp(att, "APPLET")) {
-		return APPLET_TAG;
-	}
-	if(!PORT_Strcasecmp(att, "SCRIPT")) {
-		return SCRIPT_TAG;
-	}
-	if(!PORT_Strcasecmp(att, "LINK")) {
-		return LINK_TAG;
-	}
-	if(!PORT_Strcasecmp(att, "STYLE")) {
-		return STYLE_TAG;
-	}
-	return OTHER_TAG;
-}
-
-/************************************************************************
- *
- * F B _ C r e a t e
- */
-static FileBuffer*
-FB_Create(PRFileDesc* fd)
-{
-	FileBuffer *fb;
-	PRInt32 amountRead;
-	PRInt32 storedOffset;
-
-	fb = (FileBuffer*) PR_Malloc(sizeof(FileBuffer));
-	fb->fd = fd;
-	storedOffset = PR_Seek(fd, 0, PR_SEEK_CUR);
-	PR_Seek(fd, 0, PR_SEEK_SET);
-	fb->startOffset = 0;
-	amountRead = PR_Read(fd, fb->buf, FILE_BUFFER_BUFSIZE);
-	if(amountRead == -1) goto loser;
-	fb->maxIndex = amountRead-1;
-	fb->curIndex = 0;
-	fb->IsEOF = (fb->curIndex>fb->maxIndex) ? PR_TRUE : PR_FALSE;
-	fb->lineNum = 1;
-
-	PR_Seek(fd, storedOffset, PR_SEEK_SET);
-	return fb;
-loser:
-	PR_Seek(fd, storedOffset, PR_SEEK_SET);
-	PR_Free(fb);
-	return NULL;
-}
-
-/************************************************************************
- *
- * F B _ G e t C h a r
- */
-static int
-FB_GetChar(FileBuffer *fb)
-{
-	PRInt32 storedOffset;
-	PRInt32 amountRead;
-	int retval=-1;
-
-	if(fb->IsEOF) {
-		return EOF;
-	}
-
-	storedOffset = PR_Seek(fb->fd, 0, PR_SEEK_CUR);
-
-	retval = fb->buf[fb->curIndex++];
-	if(retval=='\n') fb->lineNum++;
-
-	if(fb->curIndex > fb->maxIndex) {
-		/* We're at the end of the buffer. Try to get some new data from the
-		 * file */
-		fb->startOffset += fb->maxIndex+1;
-		PR_Seek(fb->fd, fb->startOffset, PR_SEEK_SET);
-		amountRead = PR_Read(fb->fd, fb->buf, FILE_BUFFER_BUFSIZE);
-		if(amountRead==-1)  goto loser;
-		fb->maxIndex = amountRead-1;
-		fb->curIndex = 0;
-	}
-
-	fb->IsEOF = (fb->curIndex > fb->maxIndex) ? PR_TRUE : PR_FALSE;
-
-loser:
-	PR_Seek(fb->fd, storedOffset, PR_SEEK_SET);
-	return retval;
-}
-
-/************************************************************************
- *
- * F B _ G e t L i n e N u m
- *
- */
-static unsigned int
-FB_GetLineNum(FileBuffer *fb)
-{
-	return fb->lineNum;
-}
-
-/************************************************************************
- *
- * F B _ G e t P o i n t e r
- *
- */
-static PRInt32
-FB_GetPointer(FileBuffer *fb)
-{
-	return fb->startOffset + fb->curIndex;
-}
-
-/************************************************************************
- *
- * F B _ G e t R a n g e
- *
- */
-static PRInt32
-FB_GetRange(FileBuffer *fb, PRInt32 start, PRInt32 end, char **buf)
-{
-	PRInt32 amountRead;
-	PRInt32 storedOffset;
-
-	*buf = PR_Malloc(end-start+2);
-	if(*buf == NULL) {
-		return 0;
-	}
-
-	storedOffset = PR_Seek(fb->fd, 0, PR_SEEK_CUR);
-	PR_Seek(fb->fd, start, PR_SEEK_SET);
-	amountRead = PR_Read(fb->fd, *buf, end-start+1);
-	PR_Seek(fb->fd, storedOffset, PR_SEEK_SET);
-	if(amountRead == -1) {
-		PR_Free(*buf);
-		*buf = NULL;
-		return 0;
-	}
-
-	(*buf)[end-start+1] = '\0';
-	return amountRead;
-}
-
-
-/************************************************************************
- *
- * F B _ D e s t r o y
- *
- */
-static void
-FB_Destroy(FileBuffer *fb)
-{
-	if(fb) {
-		PR_Free(fb);
-	}
-}
-
-/************************************************************************
- *
- * P r i n t T a g I t e m
- *
- */
-static void
-PrintTagItem(PRFileDesc *fd, TagItem *ti)
-{
-	AVPair *pair;
-
-	PR_fprintf(fd, "TAG:\n----\nType: ");
-	switch(ti->type) {
-	case APPLET_TAG:
-		PR_fprintf(fd, "applet\n");
-		break;
-	case SCRIPT_TAG:
-		PR_fprintf(fd, "script\n");
-		break;
-	case LINK_TAG:
-		PR_fprintf(fd, "link\n");
-		break;
-	case STYLE_TAG:
-		PR_fprintf(fd, "style\n");
-		break;
-	case COMMENT_TAG:
-		PR_fprintf(fd, "comment\n");
-		break;
-	case OTHER_TAG:
-	default:
-		PR_fprintf(fd, "other\n");
-		break;
-	}
-
-	PR_fprintf(fd, "Attributes:\n");
-	for(pair = ti->attList; pair; pair=pair->next) {
-		PR_fprintf(fd, "\t%s=%s\n", pair->attribute,
-			pair->value ? pair->value : "");
-	}
-	PR_fprintf(fd, "Text:%s\n", ti->text ? ti->text : "");
-
-	PR_fprintf(fd, "---End of tag---\n");
-}
-
-
-/************************************************************************
- *
- * P r i n t H T M L S t r e a m
- *
- */
-static void
-PrintHTMLStream(PRFileDesc *fd, HTMLItem *head)
-{
-	while(head) {
-		if(head->type==TAG_ITEM) {
-			PrintTagItem(fd, head->item.tag);
-		} else {
-			PR_fprintf(fd, "\nTEXT:\n-----\n%s\n-----\n\n", head->item.text);
-		}
-		head = head->next;
-	}
-}
-
-/************************************************************************
- *
- * S a v e I n l i n e S c r i p t
- *
- */
-static int
-SaveInlineScript(char *text, char *id, char *basedir, char *archiveDir)
-{
-	char *filename=NULL;
-	PRFileDesc *fd=NULL;
-	int retval = -1;
-	PRInt32 writeLen;
-	char *ilDir=NULL;
-
-	if(!text || !id || !archiveDir) {
-		return -1;
-	}
-
-	if(dumpParse) {
-		PR_fprintf(outputFD, "SaveInlineScript: text=%s, id=%s, \n"
-			"basedir=%s, archiveDir=%s\n",
-			text, id, basedir, archiveDir);
-	}
-
-	/* Make sure the archive directory is around */
-	if(ensureExists(basedir, archiveDir) != PR_SUCCESS) {
-		PR_fprintf(errorFD,
-			"ERROR: Unable to create archive directory %s.\n", archiveDir);
-		errorCount++;
-		return -1;
-	}
-
-	/* Make sure the inline script directory is around */
-	ilDir = PR_smprintf("%s/inlineScripts", archiveDir);
-	scriptdir = "inlineScripts";
-	if(ensureExists(basedir, ilDir) != PR_SUCCESS) {
-		PR_fprintf(errorFD,
-			"ERROR: Unable to create directory %s.\n", ilDir);
-		errorCount++;
-		return -1;
-	}
-
-	filename = PR_smprintf("%s/%s/%s", basedir, ilDir, id);
-
-	/* If the file already exists, give a warning, then blow it away */
-	if(PR_Access(filename, PR_ACCESS_EXISTS) == PR_SUCCESS) {
-		PR_fprintf(errorFD,
-			"warning: file \"%s\" already exists--will overwrite.\n",
-			filename);
-		warningCount++;
-		if(rm_dash_r(filename)) {
-			PR_fprintf(errorFD,
-				"ERROR: Unable to delete %s.\n", filename);
-			errorCount++;
-			goto finish;
-		}
-	}
-
-	/* Write text into file with name id */
-	fd = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
-	if(!fd) {
-		PR_fprintf(errorFD, "ERROR: Unable to create file \"%s\".\n",
-			filename);
-		errorCount++;
-		goto finish;
-	}
-	writeLen = strlen(text);
-	if( PR_Write(fd, text, writeLen) != writeLen) {
-		PR_fprintf(errorFD, "ERROR: Unable to write to file \"%s\".\n",
-			filename);
-		errorCount++;
-		goto finish;
-	}
-
-	retval = 0;
-finish:
-	if(filename) {
-		PR_smprintf_free(filename);
-	}
-	if(ilDir) {
-		PR_smprintf_free(ilDir);
-	}
-	if(fd) {
-		PR_Close(fd);
-	}
-	return retval;
-}
-
-/************************************************************************
- *
- * S a v e U n n a m a b l e S c r i p t
- *
- */
-static int
-SaveUnnamableScript(char *text, char *basedir, char *archiveDir,
-	char *HTMLfilename)
-{
-	char *id=NULL;
-	char *ext=NULL;
-	char *start=NULL;
-	int retval = -1;
-
-	if(!text || !archiveDir || !HTMLfilename) {
-		return -1;
-	}
-
-	if(dumpParse) {
-		PR_fprintf(outputFD, "SaveUnnamableScript: text=%s, basedir=%s,\n"
-			"archiveDir=%s, filename=%s\n", text, basedir, archiveDir,
-			HTMLfilename);
-	}
-
-	/* Construct the filename */
-	ext = PL_strrchr(HTMLfilename, '.');
-	if(ext) {
-		*ext = '\0';
-	}
-	for(start=HTMLfilename; strpbrk(start, "/\\");
-			start=strpbrk(start, "/\\")+1);
-	if(*start=='\0') start = HTMLfilename;
-	id = PR_smprintf("_%s%d", start, idOrdinal++);
-	if(ext) {
-		*ext = '.';
-	}
-
-	/* Now call SaveInlineScript to do the work */
-	retval = SaveInlineScript(text, id, basedir, archiveDir);
-
-	PR_Free(id);
-
-	return retval;
-}
-
-/************************************************************************
- *
- * S a v e S o u r c e
- *
- */
-static int
-SaveSource(char *src, char *codebase, char *basedir, char *archiveDir)
-{
-	char *from=NULL, *to=NULL;
-	int retval = -1;
-	char *arcDir=NULL;
-
-	if(!src || !archiveDir) {
-		return -1;
-	}
-
-	if(dumpParse) {
-		PR_fprintf(outputFD, "SaveSource: src=%s, codebase=%s, basedir=%s,\n"
-			"archiveDir=%s\n", src, codebase, basedir, archiveDir);
-	}
-
-	if(codebase) {
-		arcDir = PR_smprintf("%s/%s/%s/", basedir, codebase, archiveDir);
-	} else {
-		arcDir = PR_smprintf("%s/%s/", basedir, archiveDir);
-	}
-
-	if(codebase) {
-		from = PR_smprintf("%s/%s/%s", basedir, codebase, src);
-		to = PR_smprintf("%s%s", arcDir, src);
-	} else {
-		from = PR_smprintf("%s/%s", basedir, src);
-		to = PR_smprintf("%s%s", arcDir, src);
-	}
-
-	if(make_dirs(to, 0777)) {
-		PR_fprintf(errorFD,
-			"ERROR: Unable to create archive directory %s.\n", archiveDir);
-		errorCount++;
-		goto finish;
-	}
-
-	retval = copyinto(from, to);
-finish:
-	if(from) PR_Free(from);
-	if(to) PR_Free(to);
-	if(arcDir) PR_Free(arcDir);
-	return retval;
-}
-
-/************************************************************************
- *
- * T a g T y p e T o S t r i n g
- *
- */
-char *
-TagTypeToString(TAG_TYPE type)
-{
-	switch(type) {
-	case APPLET_TAG:
-		return "APPLET";
-	case SCRIPT_TAG:
-		return "SCRIPT";
-	case LINK_TAG:
-		return "LINK";
-	case STYLE_TAG:
-		return "STYLE";
-	default:
-		break;
-	}
-	return "unknown";
-}
-
-/************************************************************************
- *
- * e x t r a c t _ j s
- *
- */
-static int
-extract_js(char *filename)
-{
-	PRFileDesc *fd=NULL;
-	FileBuffer *fb=NULL;
-	HTML_STATE state;
-	int curchar;
-	HTMLItem *head = NULL;
-	HTMLItem *tail = NULL;
-	PRInt32 textStart;
-	PRInt32 curOffset;
-	TagItem *tagp=NULL;
-	char *text=NULL;
-	HTMLItem *curitem=NULL;
-	int retval = -1;
-	char *tagerr=NULL;
-	unsigned int linenum, startLine;
-	char *archiveDir=NULL, *firstArchiveDir=NULL;
-	HTMLItem *styleList, *styleListTail;
-	HTMLItem *entityList, *entityListTail;
-	char *basedir=NULL;
-
-	styleList = entityList = styleListTail = entityListTail = NULL;
-
-	/* Initialize the implicit ID counter for each file */
-	idOrdinal = 0;
-
-	/*
-	 * First, parse the HTML into a stream of tags and text.
-	 */
-
-	fd = PR_Open(filename, PR_RDONLY, 0);
-	if(!fd) {
-		PR_fprintf(errorFD, "Unable to open %s for reading.\n", filename);
-		errorCount++;
-		return -1;
-	}
-
-	/* Construct base directory of filename. */
-	{
-		char *cp;
-
-		basedir = PL_strdup(filename);
-
-		/* Remove trailing slashes */
-		while( (cp = PL_strprbrk(basedir, "/\\")) ==
-				(basedir + strlen(basedir) - 1)) {
-			*cp = '\0';
-		}
-
-		/* Now remove everything from the last slash (which will be followed
-		 * by a filename) to the end */
-		cp = PL_strprbrk(basedir, "/\\");
-		if(cp) {
-			*cp = '\0';
-		}
-	}
-
-	state = TEXT_HTML_STATE;
-
-	fb = FB_Create(fd);
-
-	textStart=0;
-	startLine = 0;
-	while(linenum=FB_GetLineNum(fb), (curchar = FB_GetChar(fb)) != EOF) {
-		switch(state) {
-		case TEXT_HTML_STATE:
-			if(curchar == '<') {
-				/*
-				 * Found a tag
-				 */
-				/* Save the text so far to a new text item */
-				curOffset = FB_GetPointer(fb)-2;
-				if(curOffset >= textStart) {
-					if(FB_GetRange(fb, textStart, curOffset, &text) !=
-					  curOffset-textStart+1)  {
-						PR_fprintf(errorFD,
-						  "Unable to read from %s.\n", filename);
-						errorCount++;
-						goto loser;
-					}
-					/* little fudge here.  If the first character on a line
-					 * is '<', meaning a new tag, the preceding text item
-					 * actually ends on the previous line.  In this case
-					 * we will be saying that the text segment ends on the
-					 * next line. I don't think this matters for text items. */
-					curitem = CreateTextItem(text, startLine, linenum);
-					text = NULL;
-					if(tail == NULL) {
-						head = tail = curitem;
-					} else {
-						tail->next = curitem;
-						tail = curitem;
-					}
-				}
-
-				/* Process the tag */
-				tagp = ProcessTag(fb, &tagerr);
-				if(!tagp) {
-					if(tagerr) {
-						PR_fprintf(errorFD, "Error in file %s: %s\n",
-						  filename, tagerr);
-						errorCount++;
-					} else {
-						PR_fprintf(errorFD,
-							"Error in file %s, in tag starting at line %d\n",
-							  filename, linenum);
-						errorCount++;
-					}
-					goto loser;
-				}
-				/* Add the tag to the list */
-				curitem = CreateTagItem(tagp, linenum, FB_GetLineNum(fb));
-				if(tail == NULL) {
-					head = tail = curitem;
-				} else {
-					tail->next = curitem;
-					tail = curitem;
-				}
-
-				/* What's the next state */
-				if(tagp->type == SCRIPT_TAG) {
-					state = SCRIPT_HTML_STATE;
-				}
-
-				/* Start recording text from the new offset */
-				textStart = FB_GetPointer(fb);
-				startLine = FB_GetLineNum(fb);
-			} else {
-				/* regular character.  Next! */
-			}
-			break;
-		case SCRIPT_HTML_STATE:
-			if(curchar == '<') {
-				char *cp;
-				/*
-				 * If this is a </script> tag, then we're at the end of the
-				 * script.  Otherwise, ignore
-				 */
-				curOffset = FB_GetPointer(fb)-1;
-				cp = NULL;
-				if(FB_GetRange(fb, curOffset, curOffset+8, &cp) != 9) {
-					if(cp) { PR_Free(cp); cp = NULL; }
-				} else {
-					/* compare the strings */
-					if( !PORT_Strncasecmp(cp, "</script>", 9) ) {
-						/* This is the end of the script. Record the text. */
-						curOffset--;
-						if(curOffset >= textStart) {
-							if(FB_GetRange(fb, textStart, curOffset, &text) !=
-							  curOffset-textStart+1) {
-								PR_fprintf(errorFD,
-									"Unable to read from %s.\n", filename);
-								errorCount++;
-								goto loser;
-							}
-							curitem = CreateTextItem(text, startLine, linenum);
-							text = NULL;
-							if(tail == NULL) {
-								head = tail = curitem;
-							} else {
-								tail->next = curitem;
-								tail = curitem;
-							}
-						}
-						
-						/* Now parse the /script tag and put it on the list */
-						tagp = ProcessTag(fb, &tagerr);
-						if(!tagp) {
-							if(tagerr) {
-								PR_fprintf(errorFD,
-									"Error in file %s: %s\n", filename, tagerr);
-							} else {
-								PR_fprintf(errorFD,
-									"Error in file %s, in tag starting at"
-									" line %d\n", filename, linenum);
-							}
-							errorCount++;
-							goto loser;
-						}
-						curitem = CreateTagItem(tagp, linenum,
-										FB_GetLineNum(fb));
-						if(tail == NULL) {
-							head = tail = curitem;
-						} else {
-							tail->next = curitem;
-							tail = curitem;
-						}
-
-						/* go back to text state */
-						state = TEXT_HTML_STATE;
-
-						textStart = FB_GetPointer(fb);
-						startLine = FB_GetLineNum(fb);
-					}
-				}
-			}
-			break;
-		}
-	}
-
-	/* End of the file.  Wrap up any remaining text */
-	if(state == SCRIPT_HTML_STATE) {
-		if(tail && tail->type==TAG_ITEM) {
-			PR_fprintf(errorFD, "ERROR: <SCRIPT> tag at %s:%d is not followed "
-			"by a </SCRIPT> tag.\n", filename, tail->startLine);
-		} else {
-			PR_fprintf(errorFD, "ERROR: <SCRIPT> tag in file %s is not followed"
-			" by a </SCRIPT tag.\n", filename);
-		}
-		errorCount++;
-		goto loser;
-	}
-	curOffset = FB_GetPointer(fb)-1;
-	if(curOffset >= textStart) {
-		text = NULL;
-		if( FB_GetRange(fb, textStart, curOffset, &text) !=
-			curOffset-textStart+1) {
-			PR_fprintf(errorFD, "Unable to read from %s.\n", filename);
-			errorCount++;
-			goto loser;
-		}
-		curitem = CreateTextItem(text, startLine, linenum);
-		text = NULL;
-		if(tail == NULL) {
-			head = tail = curitem;
-		} else  {
-			tail->next = curitem;
-			tail = curitem;
-		}
-	}
-
-	if(dumpParse) {
-		PrintHTMLStream(outputFD, head);
-	}
-
-
-
-
-	/*
-	 * Now we have a stream of tags and text.  Go through and deal with each.
-	 */
-	for(curitem = head; curitem; curitem = curitem->next) {
-		TagItem *tagp=NULL;
-		AVPair *pairp=NULL;
-		char *src=NULL, *id=NULL, *codebase=NULL;
-		PRBool hasEventHandler=PR_FALSE;
-		int i;
-
-		/* Reset archive directory for each tag */
-		if(archiveDir) {
-			PR_Free(archiveDir); archiveDir = NULL;
-		}
-
-		/* We only analyze tags */
-		if(curitem->type != TAG_ITEM) {
-			continue;
-		}
-
-		tagp = curitem->item.tag;
-
-		/* go through the attributes to get information */
-		for(pairp=tagp->attList; pairp; pairp=pairp->next) {
-
-			/* ARCHIVE= */
-			if( !PL_strcasecmp(pairp->attribute, "archive")) {
-				if(archiveDir) {	
-					/* Duplicate attribute.  Print warning */
-					PR_fprintf(errorFD,
-					  "warning: \"%s\" attribute overwrites previous attribute"
-					  " in tag starting at %s:%d.\n",
-					  pairp->attribute, filename, curitem->startLine);
-					warningCount++;
-					PR_Free(archiveDir);
-				}
-				archiveDir = PL_strdup(pairp->value);
-
-				/* Substiture ".arc" for ".jar" */
-				if( (PL_strlen(archiveDir)<4) ||
-					PL_strcasecmp((archiveDir+strlen(archiveDir)-4), ".jar")){
-					PR_fprintf(errorFD,
-					  "warning: ARCHIVE attribute should end in \".jar\" in tag"
-					  " starting on %s:%d.\n", filename, curitem->startLine);
-					warningCount++;
-					PR_Free(archiveDir);
-					archiveDir = PR_smprintf("%s.arc", archiveDir);
-				} else {
-					PL_strcpy(archiveDir+strlen(archiveDir)-4, ".arc");
-				}
-
-				/* Record the first archive.  This will be used later if
-				 * the archive is not specified */
-				if(firstArchiveDir == NULL) {
-					firstArchiveDir = PL_strdup(archiveDir);
-				}
-			}
-
-			/* CODEBASE= */
-			else if( !PL_strcasecmp(pairp->attribute, "codebase")) {
-				if(codebase) {
-					/* Duplicate attribute.  Print warning */
-					PR_fprintf(errorFD,
-					  "warning: \"%s\" attribute overwrites previous attribute"
-					  " in tag staring at %s:%d.\n",
-					  pairp->attribute, filename, curitem->startLine);
-					warningCount++;
-				}
-				codebase = pairp->value;
-			}
-
-			/* SRC= and HREF= */
-			else if( !PORT_Strcasecmp(pairp->attribute, "src") ||
-				!PORT_Strcasecmp(pairp->attribute, "href") ) {
-				if(src) {
-					/* Duplicate attribute.  Print warning */
-					PR_fprintf(errorFD,
-					  "warning: \"%s\" attribute overwrites previous attribute"
-					  " in tag staring at %s:%d.\n",
-					  pairp->attribute, filename, curitem->startLine);
-					warningCount++;
-				}
-				src = pairp->value;
-			}
-
-			/* CODE= */
-			else if(!PORT_Strcasecmp(pairp->attribute, "code") ) {
-				/*!!!XXX Change PORT to PL all over this code !!! */
-				if(src) {
-					/* Duplicate attribute.  Print warning */
-					PR_fprintf(errorFD,
-					  "warning: \"%s\" attribute overwrites previous attribute"
-					  " ,in tag staring at %s:%d.\n",
-					  pairp->attribute, filename, curitem->startLine);
-					warningCount++;
-				}
-				src = pairp->value;
-
-				/* Append a .class if one is not already present */
-				if( (PL_strlen(src)<6) ||
-					PL_strcasecmp( (src + PL_strlen(src) - 6), ".class") ) {
-					src = PR_smprintf("%s.class", src);
-					/* Put this string back into the data structure so it
-					 * will be deallocated properly */
-					PR_Free(pairp->value);
-					pairp->value = src;
-				}
-			}
-
-			/* ID= */
-			else if (!PL_strcasecmp(pairp->attribute, "id") ) {
-				if(id) {
-					/* Duplicate attribute.  Print warning */
-					PR_fprintf(errorFD,
-					  "warning: \"%s\" attribute overwrites previous attribute"
-					  " in tag staring at %s:%d.\n",
-					  pairp->attribute, filename, curitem->startLine);
-					warningCount++;
-				}
-				id = pairp->value;
-			}
-
-			/* STYLE= */
-			/* style= attributes, along with JS entities, are stored into
-			 * files with dynamically generated names. The filenames are
-			 * based on the order in which the text is found in the file.
-			 * All JS entities on all lines up to and including the line
-			 * containing the end of the tag that has this style= attribute
-			 * will be processed before this style=attribute.  So we need
-			 * to record the line that this _tag_ (not the attribute) ends on.
-			 */
-			else if(!PL_strcasecmp(pairp->attribute, "style") && pairp->value) {
-				HTMLItem *styleItem;
-				/* Put this item on the style list */
-				styleItem = CreateTextItem(PL_strdup(pairp->value),
-										curitem->startLine, curitem->endLine);
-				if(styleListTail == NULL) {
-					styleList = styleListTail = styleItem;
-				} else {
-					styleListTail->next = styleItem;
-					styleListTail = styleItem;
-				}
-			}
-
-			/* Event handlers */
-			else {
-				for(i=0; i < num_handlers; i++) {
-					if(!PL_strcasecmp(event_handlers[i], pairp->attribute)) {
-						hasEventHandler = PR_TRUE;
-						break;
-					}
-				}
-			}
-
-			/* JS Entity */
-			{
-			char *entityStart, *entityEnd;
-			HTMLItem *entityItem;
-
-			/* go through each JavaScript entity ( &{...}; ) and store it
-			 * in the entityList.  The important thing is to record what
-			 * line number it's on, so we can get it in the right order
-			 * in relation to style= attributes.
-			 * Apparently, these can't flow across lines, so the start and
-			 * end line will be the same.  That helps matters.
-			 */
-			entityEnd = pairp->value;
-			while( entityEnd &&
-					(entityStart = PL_strstr(entityEnd, "&{")) != NULL) {
-				entityStart +=2; /* point at beginning of actual entity */
-				entityEnd = PL_strstr(entityStart, "}");
-				if(entityEnd) {
-					/* Put this item on the entity list */
-					*entityEnd = '\0';
-					entityItem = CreateTextItem(PL_strdup(entityStart),
-										pairp->valueLine, pairp->valueLine);
-					*entityEnd = '}';
-					if(entityListTail) {
-						entityListTail->next = entityItem;
-						entityListTail = entityItem;
-					} else {
-						entityList = entityListTail = entityItem;
-					}
-				}
-			}
-			}
-
-		}
-
-		/* If no archive was supplied, we use the first one of the file */
-		if(!archiveDir && firstArchiveDir) {
-			archiveDir = PL_strdup(firstArchiveDir);
-		}
-
-		/* If we have an event handler, we need to archive this tag */
-		if(hasEventHandler) {
-			if(!id) {
-				PR_fprintf(errorFD,
-					"warning: tag starting at %s:%d has event handler but"
-					" no ID attribute.  The tag will not be signed.\n",
-					filename, curitem->startLine);
-					warningCount++;
-			} else if(!archiveDir) {
-				PR_fprintf(errorFD,
-					"warning: tag starting at %s:%d has event handler but"
-					" no ARCHIVE attribute.  The tag will not be signed.\n",
-					filename, curitem->startLine);
-					warningCount++;
-			} else {
-				if(SaveInlineScript(tagp->text, id, basedir, archiveDir)) {
-					goto loser;
-				}
-			}
-		}
-
-		switch(tagp->type) {
-		case APPLET_TAG:
-			if(!src) {
-				PR_fprintf(errorFD,
-					"error: APPLET tag starting on %s:%d has no CODE "
-					"attribute.\n", filename, curitem->startLine);
-				errorCount++;
-				goto loser;
-			} else if(!archiveDir) {
-				PR_fprintf(errorFD,
-					"error: APPLET tag starting on %s:%d has no ARCHIVE "
-					"attribute.\n", filename, curitem->startLine);
-				errorCount++;
-				goto loser;
-			} else {
-				if(SaveSource(src, codebase, basedir, archiveDir)) {
-					goto loser;
-				}
-			}
-			break;
-		case SCRIPT_TAG:
-		case LINK_TAG:
-		case STYLE_TAG:
-			if(!archiveDir) {
-				PR_fprintf(errorFD,
-					"error: %s tag starting on %s:%d has no ARCHIVE "
-					"attribute.\n", TagTypeToString(tagp->type),
-					filename, curitem->startLine);
-				errorCount++;
-				goto loser;
-			} else if(src) {
-				if(SaveSource(src, codebase, basedir, archiveDir)) {
-					goto loser;
-				}
-			} else if(id) {
-				/* Save the next text item */
-				if(!curitem->next || (curitem->next->type != TEXT_ITEM)) {
-					PR_fprintf(errorFD,
-						"warning: %s tag starting on %s:%d is not followed"
-						" by script text.\n", TagTypeToString(tagp->type),
-						filename, curitem->startLine);
-					warningCount++;
-					/* just create empty file */
-					if(SaveInlineScript("", id, basedir, archiveDir)) {
-						goto loser;
-					}
-				} else {
-					curitem = curitem->next;
-					if(SaveInlineScript(curitem->item.text, id, basedir,
-					  archiveDir)){
-						goto loser;
-					}
-				}
-			} else {
-				/* No src or id tag--warning */
-				PR_fprintf(errorFD,
-					"warning: %s tag starting on %s:%d has no SRC or"
-					" ID attributes.  Will not sign.\n",
-					TagTypeToString(tagp->type), filename, curitem->startLine);
-				warningCount++;
-			}
-			break;
-		default:
-			/* do nothing for other tags */
-			break;
-		}
-
-	}
-
-	/* Now deal with all the unnamable scripts */
-	if(firstArchiveDir) {
-		HTMLItem *style, *entity;
-
-		/* Go through the lists of JS entities and style attributes.  Do them
-		 * in chronological order within a list.  Pick the list with the lower
-		 * endLine. In case of a tie, entities come first.
-		 */
-		style = styleList; entity = entityList;
-		while(style || entity) {
-			if(!entity || (style && (style->endLine < entity->endLine))) {
-				/* Process style */
-				SaveUnnamableScript(style->item.text, basedir, firstArchiveDir,
-					filename);
-				style=style->next;
-			} else {
-				/* Process entity */
-				SaveUnnamableScript(entity->item.text, basedir, firstArchiveDir,
-					filename);
-				entity=entity->next;
-			}
-		}
-	}
-
-
-	retval = 0;
-loser:
-	/* Blow away the stream */
-	while(head) {
-		curitem = head;
-		head = head->next;
-		DestroyHTMLItem(curitem);
-	}
-	while(styleList) {
-		curitem = styleList;
-		styleList = styleList->next;
-		DestroyHTMLItem(curitem);
-	}
-	while(entityList) {
-		curitem = entityList;
-		entityList = entityList->next;
-		DestroyHTMLItem(curitem);
-	}
-	if(text) {
-		PR_Free(text); text=NULL;
-	}
-	if(fb) {
-		FB_Destroy(fb); fb=NULL;
-	}
-	if(fd) {
-		PR_Close(fd);
-	}
-	if(tagerr) {
-		PR_smprintf_free(tagerr); tagerr=NULL;
-	}
-	if(archiveDir) {
-		PR_Free(archiveDir); archiveDir=NULL;
-	}
-	if(firstArchiveDir) {
-		PR_Free(firstArchiveDir); firstArchiveDir=NULL;
-	}
-	return retval;
-}
-
-/**********************************************************************
- *
- * e n s u r e E x i s t s
- *
- * Check for existence of indicated directory.  If it doesn't exist,
- * it will be created.
- * Returns PR_SUCCESS if the directory is present, PR_FAILURE otherwise.
- */
-static PRStatus
-ensureExists (char *base, char *path)
-{
-	char fn [FNSIZE];
-	PRDir *dir;
-	sprintf (fn, "%s/%s", base, path);
-
-	/*PR_fprintf(outputFD, "Trying to open directory %s.\n", fn);*/
-
-	if( (dir=PR_OpenDir(fn)) ) {
-		PR_CloseDir(dir);
-		return PR_SUCCESS;
-	}
-	return PR_MkDir(fn, 0777);
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists.  This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
-	char *Path;
-	char *start;
-	char *sep;
-	int ret = 0;
-	PRFileInfo info;
-
-	if(!path) {
-		return 0;
-	}
-
-	Path = PL_strdup(path);
-	start = strpbrk(Path, "/\\");
-	if(!start) {
-		return 0;
-	}
-	start++; /* start right after first slash */
-
-	/* Each time through the loop add one more directory. */
-	while( (sep=strpbrk(start, "/\\")) ) {
-		*sep = '\0';
-
-		if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
-			/* No such dir, we have to create it */
-			if( PR_MkDir(Path, file_perms) != PR_SUCCESS) {
-				PR_fprintf(errorFD, "ERROR: Unable to create directory %s.\n",
-					Path);
-				errorCount++;
-				ret = -1;
-				goto loser;
-			}
-		} else {
-			/* something exists by this name, make sure it's a directory */
-			if( info.type != PR_FILE_DIRECTORY ) {
-				PR_fprintf(errorFD, "ERROR: Unable to create directory %s.\n",
-					Path);
-				errorCount++;
-				ret = -1;
-				goto loser;
-			}
-		}
-
-		start = sep+1; /* start after the next slash */
-		*sep = '/';
-	}
-
-loser:
-	PR_Free(Path);
-	return ret;
-}
-
-/*
- *  c o p y i n t o
- *
- *  Function to copy file "from" to path "to".
- *
- */
-static int
-copyinto (char *from, char *to)
-{
-	PRInt32 num;
-	char buf [BUFSIZ];
-	PRFileDesc *infp=NULL, *outfp=NULL;
-	int retval = -1;
-
-	if ((infp = PR_Open(from, PR_RDONLY, 0777)) == NULL) {
-		PR_fprintf(errorFD, "ERROR: Unable to open \"%s\" for reading.\n",
-			from);
-		errorCount++;
-		goto finish;
-	}
-
-	/* If to already exists, print a warning before deleting it */
-	if(PR_Access(to, PR_ACCESS_EXISTS) == PR_SUCCESS) {
-		PR_fprintf(errorFD, "warning: %s already exists--will overwrite\n",
-			to);
-		warningCount++;
-		if(rm_dash_r(to)) {
-			PR_fprintf(errorFD,
-				"ERROR: Unable to remove %s.\n", to);
-			errorCount++;
-			goto finish;
-		}
-	}
-
-	if ((outfp = PR_Open(to, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777))
-					== NULL) {
-		char *errBuf=NULL;
-
-		errBuf = PR_Malloc(PR_GetErrorTextLength());
-		PR_fprintf(errorFD, "ERROR: Unable to open \"%s\" for writing.\n",
-			to);
-		if(PR_GetErrorText(errBuf)) {
-			PR_fprintf(errorFD, "Cause: %s\n", errBuf);
-		}
-		if(errBuf) {
-			PR_Free(errBuf);
-		}
-		errorCount++;
-		goto finish;
-	}
-
-	while( (num = PR_Read(infp, buf, BUFSIZ)) >0) {
-		if(PR_Write(outfp, buf, num) != num) {
-			PR_fprintf(errorFD, "ERROR: Error writing to %s.\n", to);
-			errorCount++;
-			goto finish;
-		}
-    }
-
-	retval = 0;
-finish:
-	if(infp) PR_Close(infp);
- 	if(outfp) PR_Close(outfp);
-
-	return retval;
-}
diff --git a/security/nss/cmd/signtool/list.c b/security/nss/cmd/signtool/list.c
deleted file mode 100644
index 2e2d1d1ac..000000000
--- a/security/nss/cmd/signtool/list.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "pk11func.h"
-#include "certdb.h"
-
-static int num_trav_certs = 0;
-static SECStatus cert_trav_callback(CERTCertificate *cert, SECItem *k,
-	void *data);
-
-/*********************************************************************
- *
- * L i s t C e r t s
- */
-int
-ListCerts(char *key, int list_certs)
-{
-	int failed = 0;
-	SECStatus rv;
-	char *ugly_list;
-	CERTCertDBHandle *db;
-
-	CERTCertificate *cert;
-	CERTVerifyLog errlog;
-
-	errlog.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if( errlog.arena == NULL) {
-		out_of_memory();
-	}
-	errlog.head = NULL;
-	errlog.tail = NULL;
-	errlog.count = 0;
-
-	ugly_list = PORT_ZAlloc (16);
-
-	if (ugly_list == NULL) {
-		out_of_memory();
-	}
-
-	*ugly_list = 0;
-
-	db= CERT_GetDefaultCertDB();
-
-	if (list_certs == 2) {
-		PR_fprintf(outputFD, "\nS Certificates\n");
-		PR_fprintf(outputFD, "- ------------\n");
-	} else {
-		PR_fprintf(outputFD, "\nObject signing certificates\n");
-		PR_fprintf(outputFD, "---------------------------------------\n");
-	}
-
-	num_trav_certs = 0;
-
-	/* Traverse non-internal DBs */
-	rv = PK11_TraverseSlotCerts(cert_trav_callback, (void*)&list_certs,
-		NULL /*wincx*/);
-
-	if (rv) {
-		PR_fprintf(outputFD, "**Traverse of non-internal DBs failed**\n");
-		return -1;
-	}
-
-	if (num_trav_certs == 0) {
-		PR_fprintf(outputFD,
-			"You don't appear to have any object signing certificates.\n");
-	}
-
-	if (list_certs == 2) {
-		PR_fprintf(outputFD, "- ------------\n");
-	} else {
-		PR_fprintf(outputFD, "---------------------------------------\n");
-	}
-
-	if (list_certs == 1) {
-		PR_fprintf(outputFD,
-			"For a list including CA's, use \"%s -L\"\n", PROGRAM_NAME);
-	}
-
-	if(list_certs == 2) {
-		PR_fprintf(outputFD,
-			"Certificates that can be used to sign objects have *'s to "
-		 "their left.\n");
-	}
-
-	if (key) {
-		/* Do an analysis of the given cert */
-
-		cert = PK11_FindCertFromNickname(key, NULL /*wincx*/);
-
-		if (cert) {
-			PR_fprintf(outputFD,
-				"\nThe certificate with nickname \"%s\" was found:\n",
-			 cert->nickname);
-			PR_fprintf(outputFD,
-				"\tsubject name: %s\n", cert->subjectName);
-			PR_fprintf(outputFD,
-				"\tissuer name: %s\n", cert->issuerName);
-
-			PR_fprintf(outputFD, "\n");
-
-			rv = CERT_CertTimesValid (cert);
-			if(rv != SECSuccess) {
-				PR_fprintf(outputFD, "**This certificate is expired**\n");
-			} else {
-				PR_fprintf(outputFD, "This certificate is not expired.\n");
-			}
-
-			rv = CERT_VerifyCert (db, cert, PR_TRUE,
-			certUsageObjectSigner, PR_Now(), NULL, &errlog);
-
-			if (rv != SECSuccess) {
-				failed = 1;
-				if(errlog.count > 0) {
-					PR_fprintf(outputFD,
-						"**Certificate validation failed for the "
-					 "following reason(s):**\n");
-				} else {
-					PR_fprintf(outputFD, "**Certificate validation failed**");
-				}
-			} else {
-				PR_fprintf(outputFD, "This certificate is valid.\n");
-			}
-			displayVerifyLog(&errlog);
-
-
-		} else {
-			failed = 1;
-			PR_fprintf(outputFD,
-				"The certificate with nickname \"%s\" was NOT FOUND\n",
-			 key);
-		}
-    }
-
-	if(errlog.arena != NULL) {
-		PORT_FreeArena(errlog.arena, PR_FALSE);
-	}
-
-	if (failed) {
-		return -1;
-	}
-	return 0;
-}
-
-/********************************************************************
- *
- * c e r t _ t r a v _ c a l l b a c k
- */
-static SECStatus
-cert_trav_callback(CERTCertificate *cert, SECItem *k, void *data)
-{
-	int isSigningCert;
-	int list_certs = 1;
-
-	char *name, *issuerCN, *expires;
-	CERTCertificate *issuerCert = NULL;
-
-	if(data) {
-		list_certs = *((int*)data);
-	}
-
-  if (cert->nickname)
-    {
-    name = cert->nickname;
-
-	isSigningCert = cert->nsCertType & NS_CERT_TYPE_OBJECT_SIGNING;
-    issuerCert = CERT_FindCertIssuer (cert, PR_Now(), certUsageObjectSigner);
-    issuerCN = CERT_GetCommonName (&cert->issuer);
-
-    if (!isSigningCert && list_certs == 1)
-      return (SECSuccess);
-
-    /* Add this name or email to list */
-
-    if (name)
-      {
-      int rv;
-
-      num_trav_certs++;
-		if(list_certs == 2) {
-			PR_fprintf(outputFD, "%s ", isSigningCert ? "*" : " ");
-		}
-		PR_fprintf(outputFD, "%s\n", name);
-
-      if (list_certs == 1)
-        {
-		if(issuerCert == NULL) {
-			PR_fprintf(outputFD,
-				"\t++ Error ++ Unable to find issuer certificate\n");
-			return SECSuccess; /*function was a success even if cert is bogus*/
-		}
-        if (issuerCN == NULL)
-          PR_fprintf(outputFD, "    Issued by: %s\n", issuerCert->nickname);
-        else
-          PR_fprintf(outputFD,
-			"    Issued by: %s (%s)\n", issuerCert->nickname, issuerCN);
- 
-        expires = DER_UTCDayToAscii (&cert->validity.notAfter);
-
-        if (expires)
-          PR_fprintf(outputFD, "    Expires: %s\n", expires);
-
-        rv = CERT_CertTimesValid (cert);
-
-        if (rv != SECSuccess)
-          PR_fprintf(outputFD, "    ++ Error ++ THIS CERTIFICATE IS EXPIRED\n");
-
-        if (rv == SECSuccess)
-          {
-          rv = CERT_VerifyCertNow (cert->dbhandle, cert,
-                    PR_TRUE, certUsageObjectSigner, NULL);
-
-          if (rv != SECSuccess)
-            {
-            rv = PORT_GetError();
-            PR_fprintf(outputFD,
-				"    ++ Error ++ THIS CERTIFICATE IS NOT VALID (%s)\n",
-				secErrorString(rv));            }
-          }
-
-        expires = DER_UTCDayToAscii (&issuerCert->validity.notAfter);
-        if (expires == NULL) expires = "(unknown)";
-
-        rv = CERT_CertTimesValid (issuerCert);
-
-        if (rv != SECSuccess)
-          PR_fprintf(outputFD,
-			"    ++ Error ++ ISSUER CERT \"%s\" EXPIRED ON %s\n", 
-             issuerCert->nickname, expires);
-
-        if (rv == SECSuccess)
-          {
-		  /*
-          rv = CERT_VerifyCertNow (issuerCert->dbhandle, issuerCert, 
-                    PR_TRUE, certUsageVerifyCA, NULL);
-		    */
-          rv = CERT_VerifyCertNow (issuerCert->dbhandle, issuerCert, 
-                    PR_TRUE, certUsageAnyCA, NULL);
-
-          if (rv != SECSuccess)
-            {
-            rv = PORT_GetError();
-            PR_fprintf(outputFD,
-				"    ++ Error ++ ISSUER CERT \"%s\" IS NOT VALID (%s)\n", issuerCert->nickname, secErrorString(rv));
-            }
-          }
-        }
-      }
-    }
-
-  return (SECSuccess);
-}
-
diff --git a/security/nss/cmd/signtool/manifest.mn b/security/nss/cmd/signtool/manifest.mn
deleted file mode 100644
index df226eebe..000000000
--- a/security/nss/cmd/signtool/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS = 
-
-CSRCS = signtool.c		\
-		certgen.c	\
-		javascript.c	\
-		list.c		\
-		sign.c		\
-		util.c		\
-		verify.c	\
-		zip.c		\
-	$(NULL)
-
-PROGRAM =  signtool
-
-REQUIRES = security dbm seccmd
-
-DEFINES += -DNSPR20
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c
deleted file mode 100644
index c5fbcf168..000000000
--- a/security/nss/cmd/signtool/sign.c
+++ /dev/null
@@ -1,855 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "zip.h" 
-#include "prmem.h"
-#include "blapi.h"
-#include "sechash.h"	/* for HASH_GetHashObject() */
-
-static int create_pk7 (char *dir, char *keyName, int *keyType);
-static int jar_find_key_type (CERTCertificate *cert);
-static int manifesto (char *dirname, char *install_script, PRBool recurse);
-static int manifesto_fn(char *relpath, char *basedir, char *reldir,
-	char *filename, void *arg);
-static int sign_all_arc_fn(char *relpath, char *basedir, char *reldir,
-	char *filename, void *arg);
-static int add_meta (FILE *fp, char *name);
-static int SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert);
-static int generate_SF_file (char *manifile, char *who);
-static int calculate_MD5_range (FILE *fp, long r1, long r2, JAR_Digest *dig);
-static void SignOut (void *arg, const char *buf, unsigned long len);
-
-static char *metafile = NULL;
-static int optimize = 0;
-static FILE *mf;
-static ZIPfile *zipfile=NULL;
-
-/* 
- *  S i g n A r c h i v e
- *
- *  Sign an individual archive tree. A directory 
- *  called META-INF is created underneath this.
- *
- */
-int
-SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
-	char *meta_file, char *install_script, int _optimize, PRBool recurse)
-{
-  int status;
-  char tempfn [FNSIZE], fullfn [FNSIZE];
-	int keyType = rsaKey;
-
-	metafile = meta_file;
-	optimize = _optimize;
-
-	if(zip_file) {
-		zipfile = JzipOpen(zip_file, NULL /*no comment*/);
-	}
-
-  manifesto (tree, install_script, recurse);
-
-  if (keyName)
-    {
-    status = create_pk7 (tree, keyName, &keyType);
-    if (status < 0)
-      {
-      PR_fprintf(errorFD, "the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n", tree);
-		errorCount++;
-      exit (ERRX);
-      }
-    }
-
-  /* mf to zip */
-
-  strcpy (tempfn, "META-INF/manifest.mf");
-  sprintf (fullfn, "%s/%s", tree, tempfn);
-  JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
-  /* sf to zip */
-
-  sprintf (tempfn, "META-INF/%s.sf", base);
-  sprintf (fullfn, "%s/%s", tree, tempfn);
-  JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
-  /* rsa/dsa to zip */
-
-  sprintf (tempfn, "META-INF/%s.%s", base, (keyType==dsaKey ? "dsa" : "rsa"));
-  sprintf (fullfn, "%s/%s", tree, tempfn);
-  JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
-  JzipClose(zipfile);
-
-	if(verbosity >= 0) {
-		if (javascript) {
-			PR_fprintf(outputFD,"jarfile \"%s\" signed successfully\n",
-				zip_file);
-		} else {
-			PR_fprintf(outputFD, "tree \"%s\" signed successfully\n", tree);
-		}
-	}
-
-  return 0;
-}
-
-typedef struct {
-	char *keyName;
-	int javascript;
-	char *metafile;
-	char *install_script;
-	int optimize;
-} SignArcInfo;
-
-/* 
- *  S i g n A l l A r c
- *
- *  Javascript may generate multiple .arc directories, one
- *  for each jar archive needed. Sign them all.
- *
- */
-int
-SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
-	char *install_script, int optimize, PRBool recurse)
-{
-	SignArcInfo info;
-
-	info.keyName = keyName;
-	info.javascript = javascript;
-	info.metafile = metafile;
-	info.install_script = install_script;
-	info.optimize = optimize;
-
-	return foreach(jartree, "", sign_all_arc_fn, recurse,
-		PR_TRUE /*include dirs*/, (void*)&info);
-}
-
-static int
-sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename,
-	void *arg)
-{
-	char *zipfile=NULL;
-	char *arc=NULL, *archive=NULL;
-	int retval=0;
-	SignArcInfo *infop = (SignArcInfo*)arg;
-
-	/* Make sure there is one and only one ".arc" in the relative path, 
-	 * and that it is at the end of the path (don't sign .arcs within .arcs) */
-	if ( (PL_strcaserstr(relpath, ".arc") == relpath + strlen(relpath) - 4) &&
-		 (PL_strcasestr(relpath, ".arc") == relpath + strlen(relpath) - 4) ) {
-
-		if(!infop) {
-			PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
-			errorCount++;
-			retval = -1;
-			goto finish;
-		}
-		archive = PR_smprintf("%s/%s", basedir, relpath);
-
-		zipfile = PL_strdup(archive);
-		arc = PORT_Strrchr (zipfile, '.');
-
-		if (arc == NULL) {
-			PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
-			errorCount++;
-			retval = -1;
-			goto finish;
-		}
-
-		PL_strcpy (arc, ".jar");
-
-		if(verbosity >= 0) {
-			PR_fprintf(outputFD, "\nsigning: %s\n", zipfile);
-		}
-		retval = SignArchive(archive, infop->keyName, zipfile,
-			infop->javascript, infop->metafile, infop->install_script,
-			infop->optimize, PR_TRUE /* recurse */);
-	}
-finish:
-	if(archive) PR_Free(archive);
-	if(zipfile) PR_Free(zipfile);
-
-	return retval;
-}
-
-/*********************************************************************
- *
- * c r e a t e _ p k 7
- */
-static int
-create_pk7 (char *dir, char *keyName, int *keyType)
-{
-  int status = 0;
-	char *file_ext;
-
-  CERTCertificate *cert;
-  CERTCertDBHandle *db;
-
-  FILE *in, *out;
-
-  char sf_file [FNSIZE];
-  char pk7_file [FNSIZE];
-
-
-  /* open cert database */
-  db = CERT_GetDefaultCertDB();
-
-  if (db == NULL) 
-    return -1;
-
-
-  /* find cert */
-	/*cert = CERT_FindCertByNicknameOrEmailAddr(db, keyName);*/
-	cert = PK11_FindCertFromNickname(keyName, NULL /*wincx*/);
-
-  if (cert == NULL) 
-    {
-    SECU_PrintError
-      (
-      PROGRAM_NAME,
-      "the cert \"%s\" does not exist in the database",
-      keyName
-      );
-    return -1;
-    }
-
-
-  /* determine the key type, which sets the extension for pkcs7 object */
-
-  *keyType = jar_find_key_type (cert);
-  file_ext = (*keyType == dsaKey) ? "dsa" : "rsa";
-
-  sprintf (sf_file, "%s/META-INF/%s.sf", dir, base);
-  sprintf (pk7_file, "%s/META-INF/%s.%s", dir, base, file_ext);
-
-  if ((in = fopen (sf_file, "rb")) == NULL)
-    {
-    PR_fprintf(errorFD, "%s: Can't open %s for reading\n", PROGRAM_NAME, sf_file);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  if ((out = fopen (pk7_file, "wb")) == NULL)
-    {
-    PR_fprintf(errorFD, "%s: Can't open %s for writing\n", PROGRAM_NAME, sf_file);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  status = SignFile (out, in, cert);
-
-  fclose (in);
-  fclose (out);
-
-  if (status)
-    {
-    PR_fprintf(errorFD, "%s: PROBLEM signing data (%s)\n",
-		PROGRAM_NAME, SECU_ErrorString ((int16) PORT_GetError()));
-	errorCount++;
-    return -1;
-    }
-
-  return 0;
-}
-
-/*
- *  j a r _ f i n d _ k e y _ t y p e
- * 
- *  Determine the key type for a given cert, which 
- * should be rsaKey or dsaKey. Any error return 0.
- *
- */
-static int
-jar_find_key_type (CERTCertificate *cert)
-{
-  PK11SlotInfo *slot = NULL;
-  SECKEYPrivateKey *privk = NULL;
-
-  /* determine its type */
-  PK11_FindObjectForCert (cert, /*wincx*/ NULL, &slot);
-
-  if (slot == NULL)
-    {
-    PR_fprintf(errorFD, "warning - can't find slot for this cert\n");
-	warningCount++;
-    return 0;
-    }
-
-  privk = PK11_FindPrivateKeyFromCert (slot, cert, /*wincx*/ NULL);
-
-  if (privk == NULL)
-    {
-    PR_fprintf(errorFD, "warning - can't find private key for this cert\n");
-	warningCount++;
-    return 0;
-    }
-
-  return privk->keyType;
-  }
-
-
-/*
- *  m a n i f e s t o
- *
- *  Run once for every subdirectory in which a 
- *  manifest is to be created -- usually exactly once.
- *
- */
-static int
-manifesto (char *dirname, char *install_script, PRBool recurse)
-{
-  char metadir [FNSIZE], sfname [FNSIZE];
-
-  /* Create the META-INF directory to hold signing info */
-
-  if (PR_Access (dirname, PR_ACCESS_READ_OK))
-    {
-    PR_fprintf(errorFD, "%s: unable to read your directory: %s\n", PROGRAM_NAME,
-		dirname);
-	errorCount++;
-    perror (dirname);
-    exit (ERRX);
-    }
-
-	if (PR_Access (dirname, PR_ACCESS_WRITE_OK)) {
-		PR_fprintf(errorFD, "%s: unable to write to your directory: %s\n",
-			PROGRAM_NAME, dirname);
-		errorCount++;
-		perror(dirname);
-		exit(ERRX);
-	}
-
-  sprintf (metadir, "%s/META-INF", dirname);
-
-  strcpy (sfname, metadir);
-
-  PR_MkDir (metadir, 0777);
-
-  strcat (metadir, "/");
-  strcat (metadir, MANIFEST);
-
-  if ((mf = fopen (metadir, "wb")) == NULL)
-    {
-    perror (MANIFEST);
-    PR_fprintf(errorFD, "%s: Probably, the directory you are trying to"
-
-		" sign has\n", PROGRAM_NAME);
-    PR_fprintf(errorFD, "%s: permissions problems or may not exist.\n",
-		PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "Generating %s file..\n", metadir);
-	}
-
-  fprintf(mf, "Manifest-Version: 1.0\n");
-  fprintf (mf, "Created-By: %s\n", CREATOR);
-  fprintf (mf, "Comments: %s\n", BREAKAGE);
-
-  if (scriptdir)
-    {
-    fprintf (mf, "Comments: --\n");
-    fprintf (mf, "Comments: --\n");
-    fprintf (mf, "Comments: -- This archive signs Javascripts which may not necessarily\n");
-    fprintf (mf, "Comments: -- be included in the physical jar file.\n");
-    fprintf (mf, "Comments: --\n");
-    fprintf (mf, "Comments: --\n");
-    }
-
-  if (install_script)
-    fprintf (mf, "Install-Script: %s\n", install_script);
-
-  if (metafile)
-    add_meta (mf, "+");
-
-  /* Loop through all files & subdirectories */
-  foreach (dirname, "", manifesto_fn, recurse, PR_FALSE /*include dirs */,
-		(void*)NULL);
-
-  fclose (mf);
-
-  strcat (sfname, "/");
-  strcat (sfname, base);
-  strcat (sfname, ".sf");
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "Generating %s.sf file..\n", base);
-	}
-  generate_SF_file (metadir, sfname);
-
-  return 0;
-}
-
-/*
- *  m a n i f e s t o _ f n
- *
- *  Called by pointer from manifesto(), once for
- *  each file within the directory.
- *
- */
-static int manifesto_fn 
-     (char *relpath, char *basedir, char *reldir, char *filename, void *arg)
-{
-  int use_js;
-
-  JAR_Digest dig;
-  char fullname [FNSIZE];
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "--> %s\n", relpath);
-	}
-
-	/* extension matching */
-	if(extensionsGiven) {
-	    char *ext;
-
-		ext = PL_strrchr(relpath, '.');
-		if(!ext) {
-			return 0;
-		} else {
-			if(!PL_HashTableLookup(extensions, ext)) {
-				return 0;
-			}
-		}
-	}
-
-  sprintf (fullname, "%s/%s", basedir, relpath);
-
-  fprintf (mf, "\n");
-
-  use_js = 0;
-
-  if (scriptdir && !PORT_Strcmp (scriptdir, reldir))
-    use_js++;
-
-  /* sign non-.js files inside .arc directories 
-     using the javascript magic */
-
-  if ( (PL_strcaserstr(filename, ".js") != filename + strlen(filename) - 3)
-		&& (PL_strcaserstr(reldir, ".arc") == reldir + strlen(filename)-4))
-    use_js++;
-
-  if (use_js)
-    {
-    fprintf (mf, "Name: %s\n", filename);
-    fprintf (mf, "Magic: javascript\n");
-
-    if (optimize == 0)
-      fprintf (mf, "javascript.id: %s\n", filename);
-
-    if (metafile) 
-      add_meta (mf, filename);
-    }
-  else
-    {
-    fprintf (mf, "Name: %s\n", relpath);
-    if (metafile)
-      add_meta (mf, relpath);
-    }
-
-  JAR_digest_file (fullname, &dig);
-
-
-  if (optimize == 0)
-    {
-    fprintf (mf, "Digest-Algorithms: MD5 SHA1\n");
-    fprintf (mf, "MD5-Digest: %s\n", BTOA_DataToAscii (dig.md5, MD5_LENGTH));
-    }
-
-  fprintf (mf, "SHA1-Digest: %s\n", BTOA_DataToAscii (dig.sha1, SHA1_LENGTH));
-
-	if(!use_js) {
-		JzipAdd(fullname, relpath, zipfile, compression_level);
-	}
-
-  return 0;
-}
-
-/*
- *  a d d _ m e t a
- *
- *  Parse the metainfo file, and add any details
- *  necessary to the manifest file. In most cases you
- *  should be using the -i option (ie, for SmartUpdate).
- *
- */
-static int add_meta (FILE *fp, char *name)
-{
-  FILE *met;
-  char buf [BUFSIZ];
-
-  int place;
-  char *pattern, *meta;
-
-  int num = 0;
-
-  if ((met = fopen (metafile, "r")) != NULL)
-    {
-    while (fgets (buf, BUFSIZ, met))
-      {
-      char *s;
-
-      for (s = buf; *s && *s != '\n' && *s != '\r'; s++);
-      *s = 0;
-
-      if (*buf == 0)
-        continue;
-
-      pattern = buf;
-
-      /* skip to whitespace */
-      for (s = buf; *s && *s != ' ' && *s != '\t'; s++);
-
-      /* terminate pattern */
-      if (*s == ' ' || *s == '\t') *s++ = 0;
-
-      /* eat through whitespace */
-      while (*s == ' ' || *s == '\t') s++;
-
-      meta = s;
-
-      /* this will eventually be regexp matching */
-
-      place = 0;
-      if (!PORT_Strcmp (pattern, name))
-        place = 1;
-
-      if (place)
-        {
-        num++;
-		if(verbosity >= 0) {
-			PR_fprintf(outputFD, "[%s] %s\n", name, meta);
-		}
-        fprintf (fp, "%s\n", meta);
-        }
-      }
-    fclose (met);
-    }
-  else
-    {
-    PR_fprintf(errorFD, "%s: can't open metafile: %s\n", PROGRAM_NAME, metafile);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  return num;
-}
-
-/**********************************************************************
- *
- * S i g n F i l e
- */
-static int
-SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert)
-{
-  int nb;
-  char ibuf[4096], digestdata[32];
-  const SECHashObject *hashObj;
-  void *hashcx;
-  unsigned int len;
-
-  SECItem digest;
-  SEC_PKCS7ContentInfo *cinfo;
-  SECStatus rv;
-
-  if (outFile == NULL || inFile == NULL || cert == NULL)
-    return -1;
-
-  /* XXX probably want to extend interface to allow other hash algorithms */
-  hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
-  hashcx = (* hashObj->create)();
-  if (hashcx == NULL)
-    return -1;
-
-  (* hashObj->begin)(hashcx);
-
-  for (;;) 
-    {
-    if (feof(inFile)) break;
-    nb = fread(ibuf, 1, sizeof(ibuf), inFile);
-    if (nb == 0) 
-      {
-      if (ferror(inFile)) 
-        {
-        PORT_SetError(SEC_ERROR_IO);
-	(* hashObj->destroy)(hashcx, PR_TRUE);
-	return -1;
-        }
-      /* eof */
-      break;
-      }
-    (* hashObj->update)(hashcx, (unsigned char *) ibuf, nb);
-    }
-
-  (* hashObj->end)(hashcx, (unsigned char *) digestdata, &len, 32);
-  (* hashObj->destroy)(hashcx, PR_TRUE);
-
-  digest.data = (unsigned char *) digestdata;
-  digest.len = len;
-
-  cinfo = SEC_PKCS7CreateSignedData 
-              (cert, certUsageObjectSigner, NULL, 
-                  SEC_OID_SHA1, &digest, NULL, NULL);
-
-  if (cinfo == NULL)
-    return -1;
-
-  rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
-  if (rv != SECSuccess) 
-    {
-    SEC_PKCS7DestroyContentInfo (cinfo);
-    return -1;
-    }
-
-  if (no_time == 0)
-    {
-    rv = SEC_PKCS7AddSigningTime (cinfo);
-    if (rv != SECSuccess)
-      {
-      /* don't check error */
-      }
-    }
-
-	if(password) {
-		rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, 
-			(SECKEYGetPasswordKey) password_hardcode, NULL);
-	} else {
-		rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, NULL,
-			NULL);
-	}
-		
-
-  SEC_PKCS7DestroyContentInfo (cinfo);
-
-  if (rv != SECSuccess)
-    return -1;
-
-  return 0;
-}
-
-/*
- *  g e n e r a t e _ S F _ f i l e 
- *
- *  From the supplied manifest file, calculates
- *  digests on the various sections, creating a .SF
- *  file in the process.
- * 
- */
-static int generate_SF_file (char *manifile, char *who)
-{
-  FILE *sf;
-  FILE *mf;
-
-  long r1, r2, r3;
-
-  char whofile [FNSIZE];
-  char *buf, *name;
-
-  JAR_Digest dig;
-
-  int line = 0;
-
-  strcpy (whofile, who);
-
-  if ((mf = fopen (manifile, "rb")) == NULL)
-    {
-    perror (manifile);
-    exit (ERRX);
-    }
-
-  if ((sf = fopen (whofile, "wb")) == NULL)
-    {
-    perror (who);
-    exit (ERRX);
-    }
-
-  buf = (char *) PORT_ZAlloc (BUFSIZ);
-
-  if (buf)
-    name = (char *) PORT_ZAlloc (BUFSIZ);
-
-  if (buf == NULL || name == NULL)
-    out_of_memory();
-
-  fprintf (sf, "Signature-Version: 1.0\n");
-  fprintf (sf, "Created-By: %s\n", CREATOR);
-  fprintf (sf, "Comments: %s\n", BREAKAGE);
-
-  if (fgets (buf, BUFSIZ, mf) == NULL)
-    {
-    PR_fprintf(errorFD, "%s: empty manifest file!\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  if (strncmp (buf, "Manifest-Version:", 17))
-    {
-    PR_fprintf(errorFD, "%s: not a manifest file!\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  fseek (mf, 0L, SEEK_SET);
-
-  /* Process blocks of headers, and calculate their hashen */
-
-  while (1)
-    {
-    /* Beginning range */
-    r1 = ftell (mf);
-
-    if (fgets (name, BUFSIZ, mf) == NULL)
-      break;
-
-    line++;
-
-    if (r1 != 0 && strncmp (name, "Name:", 5))
-      {
-      PR_fprintf(errorFD, "warning: unexpected input in manifest file \"%s\" at line %d:\n", manifile, line);
-      PR_fprintf(errorFD, "%s\n", name);
-		warningCount++;
-      }
-
-    while (fgets (buf, BUFSIZ, mf))
-      {
-      if (*buf == 0 || *buf == '\n' || *buf == '\r')
-        break;
-
-      line++;
-
-      /* Ending range for hashing */
-      r2 = ftell (mf);
-      }
-
-    r3 = ftell (mf);
-
-    if (r1)
-      {
-      fprintf (sf, "\n");
-      fprintf (sf, "%s", name);
-      }
-
-    calculate_MD5_range (mf, r1, r2, &dig);
-
-    if (optimize == 0)
-      {
-      fprintf (sf, "Digest-Algorithms: MD5 SHA1\n");
-      fprintf (sf, "MD5-Digest: %s\n", 
-         BTOA_DataToAscii (dig.md5, MD5_LENGTH));
-      }
-
-    fprintf (sf, "SHA1-Digest: %s\n", 
-       BTOA_DataToAscii (dig.sha1, SHA1_LENGTH));
-
-    /* restore normalcy after changing offset position */
-    fseek (mf, r3, SEEK_SET);
-    }
-
-  PORT_Free (buf);
-  PORT_Free (name);
-
-  fclose (sf);
-  fclose (mf);
-
-  return 0;
-}
-
-/*
- *  c a l c u l a t e _ M D 5 _ r a n g e
- *
- *  Calculate the MD5 digest on a range of bytes in
- *  the specified fopen'd file. Returns base64.
- *
- */
-static int
-calculate_MD5_range (FILE *fp, long r1, long r2, JAR_Digest *dig)
-{
-    int num;
-    int range;
-    unsigned char *buf;
-
-    MD5Context *md5 = 0;
-    SHA1Context *sha1 = 0;
-
-    unsigned int sha1_length, md5_length;
-
-    range = r2 - r1;
-
-    /* position to the beginning of range */
-    fseek (fp, r1, SEEK_SET);
-
-    buf = (unsigned char *) PORT_ZAlloc (range);
-    if (buf == NULL)
-      out_of_memory();
- 
-    if ((num = fread (buf, 1, range, fp)) != range)
-      {
-      PR_fprintf(errorFD, "%s: expected %d bytes, got %d\n", PROGRAM_NAME,
-		range, num);
-		errorCount++;
-      exit (ERRX);
-      }
-
-    md5 = MD5_NewContext();
-    sha1 = SHA1_NewContext();
-
-    if (md5 == NULL || sha1 == NULL) 
-      {
-      PR_fprintf(errorFD, "%s: can't generate digest context\n", PROGRAM_NAME);
-		errorCount++;
-      exit (ERRX);
-      }
-
-    MD5_Begin (md5);
-    SHA1_Begin (sha1);
-
-    MD5_Update (md5, buf, range);
-    SHA1_Update (sha1, buf, range);
-
-    MD5_End (md5, dig->md5, &md5_length, MD5_LENGTH);
-    SHA1_End (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
-    MD5_DestroyContext (md5, PR_TRUE);
-    SHA1_DestroyContext (sha1, PR_TRUE);
-
-    PORT_Free (buf);
-
-    return 0;
-}
-
-static void SignOut (void *arg, const char *buf, unsigned long len)
-{
-  fwrite (buf, len, 1, (FILE *) arg);
-}
diff --git a/security/nss/cmd/signtool/signtool.c b/security/nss/cmd/signtool/signtool.c
deleted file mode 100644
index 81de9c8b4..000000000
--- a/security/nss/cmd/signtool/signtool.c
+++ /dev/null
@@ -1,1053 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  SIGNTOOL
- *
- *  A command line tool to create manifest files
- *  from a directory hierarchy. It is assumed that
- *  the tree will be equivalent to what resides
- *  or will reside in an archive. 
- *
- * 
- */
-
-#include "signtool.h"
-#include <prmem.h>
-#include <prio.h>
-
-/***********************************************************************
- * Global Variable Definitions
- */
-char *progName; /* argv[0] */
-
-/* password on command line. Use for build testing only */
-char *password = NULL;
-
-/* directories or files to exclude in descent */
-PLHashTable *excludeDirs = NULL;
-static PRBool exclusionsGiven = PR_FALSE;
-
-/* zatharus is the man who knows no time, dies tragic death */
-int no_time = 0;
-
-/* -b basename of .rsa, .sf files */
-char *base = DEFAULT_BASE_NAME;
-
-/* Only sign files with this extension */
-PLHashTable *extensions=NULL;
-PRBool extensionsGiven = PR_FALSE;
-
-char *scriptdir = NULL;
-
-int verbosity = 0;
-
-PRFileDesc *outputFD=NULL, *errorFD=NULL;
-
-int errorCount=0, warningCount=0;
-
-int compression_level=DEFAULT_COMPRESSION_LEVEL;
-PRBool compression_level_specified = PR_FALSE;
-
-/* Command-line arguments */
-static char *genkey = NULL;
-static char *verify = NULL;
-static char *zipfile = NULL;
-static char *cert_dir = NULL;
-static int javascript = 0;
-static char *jartree = NULL;
-static char *keyName = NULL;
-static char *metafile = NULL;
-static char *install_script = NULL;
-static int list_certs = 0;
-static int list_modules = 0;
-static int optimize = 0;
-static int enableOCSP = 0;
-static char *tell_who = NULL;
-static char *outfile = NULL;
-static char *cmdFile = NULL;
-static PRBool noRecurse = PR_FALSE;
-static PRBool leaveArc = PR_FALSE;
-static int keySize = -1;
-static char *token = NULL;
-
-typedef enum {
-	UNKNOWN_OPT,
-	QUESTION_OPT,
-	BASE_OPT,
-	COMPRESSION_OPT,
-	CERT_DIR_OPT,
-	EXTENSION_OPT,
-	INSTALL_SCRIPT_OPT,
-	SCRIPTDIR_OPT,
-	CERTNAME_OPT,
-	LIST_OBJSIGN_CERTS_OPT,
-	LIST_ALL_CERTS_OPT,
-	METAFILE_OPT,
-	OPTIMIZE_OPT,
-	ENABLE_OCSP_OPT,
-	PASSWORD_OPT,
-	VERIFY_OPT,
-	WHO_OPT,
-	EXCLUDE_OPT,
-	NO_TIME_OPT,
-	JAVASCRIPT_OPT,
-	ZIPFILE_OPT,
-	GENKEY_OPT,
-	MODULES_OPT,
-	NORECURSE_OPT,
-	SIGNDIR_OPT,
-	OUTFILE_OPT,
-	COMMAND_FILE_OPT,
-	LEAVE_ARC_OPT,
-	VERBOSITY_OPT,
-    KEYSIZE_OPT,
-    TOKEN_OPT
-} OPT_TYPE;
-
-typedef enum {
-	DUPLICATE_OPTION_ERR=0,
-	OPTION_NEEDS_ARG_ERR
-} Error;
-
-static char *errStrings[] = {
-"warning: %s option specified more than once. Only last specification will be used.\n",
-"ERROR: option \"%s\" requires an argument.\n"
-};
-
-
-static int ProcessOneOpt(OPT_TYPE type, char *arg);
-
-/*********************************************************************
- *
- * P r o c e s s C o m m a n d F i l e
- */
-int
-ProcessCommandFile()
-{
-	PRFileDesc *fd;
-#define CMD_FILE_BUFSIZE 1024
-	char buf[CMD_FILE_BUFSIZE];
-	char *equals;
-	int linenum=0;
-	int retval=-1;
-	OPT_TYPE type;
-
-	fd = PR_Open(cmdFile, PR_RDONLY, 0777);
-	if(!fd) {
-		PR_fprintf(errorFD, "ERROR: Unable to open command file %s.\n");
-		errorCount++;
-		return -1;
-	}
-
-	while(pr_fgets(buf, CMD_FILE_BUFSIZE, fd), buf && *buf!='\0') {
-		char *eol;
-		linenum++;
-
-		/* Chop off final newline */
-		eol = PL_strchr(buf, '\r');
-		if(!eol) {
-			eol = PL_strchr(buf, '\n');
-		}
-		if(eol) *eol = '\0';
-
-		equals = PL_strchr(buf, '=');
-		if(!equals) {
-			continue;
-		}
-
-		*equals = '\0';
-		equals++;
-
-		/* Now buf points to the attribute, and equals points to the value. */
-
-		/* This is pretty straightforward, just deal with whatever attribute
-		 * this is */
-		if(!PL_strcasecmp(buf, "basename")) {
-			type = BASE_OPT;
-		} else if(!PL_strcasecmp(buf, "compression")) {
-			type = COMPRESSION_OPT;
-		} else if(!PL_strcasecmp(buf, "certdir")) {
-			type = CERT_DIR_OPT;
-		} else if(!PL_strcasecmp(buf, "extension")) {
-			type = EXTENSION_OPT;
-		} else if(!PL_strcasecmp(buf, "generate")) {
-			type = GENKEY_OPT;
-		} else if(!PL_strcasecmp(buf, "installScript")) {
-			type = INSTALL_SCRIPT_OPT;
-		} else if(!PL_strcasecmp(buf, "javascriptdir")) {
-			type = SCRIPTDIR_OPT;
-		} else if(!PL_strcasecmp(buf, "htmldir")) {
-			type = JAVASCRIPT_OPT;
-			if(jartree) {
-				PR_fprintf(errorFD,
-				  "warning: directory to be signed specified more than once."
-				  " Only last specification will be used.\n");
-				warningCount++;
-				PR_Free(jartree); jartree=NULL;
-			}
-			jartree = PL_strdup(equals);
-		} else if(!PL_strcasecmp(buf, "certname")) {
-			type = CERTNAME_OPT;
-		} else if(!PL_strcasecmp(buf, "signdir")) {
-			type = SIGNDIR_OPT;
-		} else if(!PL_strcasecmp(buf, "list")) {
-			type = LIST_OBJSIGN_CERTS_OPT;
-		} else if(!PL_strcasecmp(buf, "listall")) {
-			type = LIST_ALL_CERTS_OPT;
-		} else if(!PL_strcasecmp(buf, "metafile")) {
-			type = METAFILE_OPT;
-		} else if(!PL_strcasecmp(buf, "modules")) {
-			type = MODULES_OPT;
-		} else if(!PL_strcasecmp(buf, "optimize")) {
-			type = OPTIMIZE_OPT;
-		} else if(!PL_strcasecmp(buf, "ocsp")) {
-			type = ENABLE_OCSP_OPT;
-		} else if(!PL_strcasecmp(buf, "password")) {
-			type = PASSWORD_OPT;
-		} else if(!PL_strcasecmp(buf, "verify")) {
-			type = VERIFY_OPT;
-		} else if(!PL_strcasecmp(buf, "who")) {
-			type = WHO_OPT;
-		} else if(!PL_strcasecmp(buf, "exclude")) {
-			type = EXCLUDE_OPT;
-		} else if(!PL_strcasecmp(buf, "notime")) {
-			type = NO_TIME_OPT;
-		} else if(!PL_strcasecmp(buf, "jarfile")) {
-			type = ZIPFILE_OPT;
-		} else if(!PL_strcasecmp(buf, "outfile")) {
-			type = OUTFILE_OPT;
-		} else if(!PL_strcasecmp(buf, "leavearc")) {
-			type = LEAVE_ARC_OPT;
-		} else if(!PL_strcasecmp(buf, "verbosity")) {
-			type = VERBOSITY_OPT;
-        } else if(!PL_strcasecmp(buf, "keysize")) {
-            type = KEYSIZE_OPT;
-        } else if(!PL_strcasecmp(buf, "token")) {
-            type = TOKEN_OPT;
-		} else {
-			PR_fprintf(errorFD,
-				"warning: unknown attribute \"%s\" in command file, line %d.\n",
-					buf, linenum);
-			warningCount++;
-			type = UNKNOWN_OPT;
-		}
-
-		/* Process the option, whatever it is */
-		if(type != UNKNOWN_OPT) {
-			if(ProcessOneOpt(type, equals)==-1) {
-				goto finish;
-			}
-		}
-	}
-
-	retval = 0;
-
-finish:
-	PR_Close(fd);
-	return retval;
-}
-
-/*********************************************************************
- *
- * p a r s e _ a r g s
- */
-static int
-parse_args(int argc, char *argv[])
-{
-	char *opt;
-	char *arg;
-	int needsInc;
-	int i;
-	OPT_TYPE type;
-
-	/* Loop over all arguments */
-	for(i=1; i < argc; i++) {
-		opt = argv[i];
-		arg = NULL;
-
-		if(opt[0] == '-') {
-			if(opt[1] == '-') {
-				/* word option */
-				if(i < argc-1) {
-					needsInc = 1;
-					arg = argv[i+1];
-				} else {
-					needsInc = 0;
-					arg = NULL;
-				}
- 
-				if( !PL_strcasecmp(opt+2, "norecurse")) {
-					type = NORECURSE_OPT;
-				} else if( !PL_strcasecmp(opt+2, "leavearc")) {
-					type = LEAVE_ARC_OPT;
-				} else if( !PL_strcasecmp(opt+2, "verbosity")) {
-					type = VERBOSITY_OPT;
-				} else if( !PL_strcasecmp(opt+2, "outfile")) {
-					type = OUTFILE_OPT;
-                } else if( !PL_strcasecmp(opt+2, "keysize")) {
-                    type = KEYSIZE_OPT;
-                } else if( !PL_strcasecmp(opt+2, "token")) {
-                    type = TOKEN_OPT;
-				} else {
-					PR_fprintf(errorFD, "warning: unknown option: %s\n", opt);
-					warningCount++;
-					type = UNKNOWN_OPT;
-				}
-			} else {
-				/* char option */
-				if(opt[2]!='\0') {
-					needsInc = 0;
-					arg = opt+2;
-				} else if(i < argc-1) {
-					needsInc = 1;
-					arg = argv[i+1];
-				} else {
-					needsInc = 0;
-					arg = NULL;
-				}
-
-				switch(opt[1]) {
-				case '?':
-					type = QUESTION_OPT;
-					break;
-				case 'b':
-					type = BASE_OPT;
-					break;
-				case 'c':
-					type = COMPRESSION_OPT;
-					break;
-				case 'd':
-					type = CERT_DIR_OPT;
-					break;
-				case 'e':
-					type = EXTENSION_OPT;
-					break;
-				case 'f':
-					type = COMMAND_FILE_OPT;
-					break;
-				case 'i':
-					type = INSTALL_SCRIPT_OPT;
-					break;
-				case 'j':
-					type = SCRIPTDIR_OPT;
-					break;
-				case 'k':
-					type = CERTNAME_OPT;
-					break;
-				case 'l':
-					type = LIST_OBJSIGN_CERTS_OPT;
-					break;
-				case 'L':
-					type = LIST_ALL_CERTS_OPT;
-					break;
-				case 'm':
-					type = METAFILE_OPT;
-					break;
-				case 'o':
-					type = OPTIMIZE_OPT;
-					break;
-				case 'O':
-					type = ENABLE_OCSP_OPT;
-					break;
-				case 'p':
-					type = PASSWORD_OPT;
-					break;
-				case 'v':
-					type = VERIFY_OPT;
-					break;
-				case 'w':
-					type = WHO_OPT;
-					break;
-				case 'x':
-					type = EXCLUDE_OPT;
-					break;
-				case 'z':
-					type = NO_TIME_OPT;
-					break;
-				case 'J':
-					type = JAVASCRIPT_OPT;
-					break;
-				case 'Z':
-					type = ZIPFILE_OPT;
-					break;
-				case 'G':
-					type = GENKEY_OPT;
-					break;
-				case 'M':
-					type = MODULES_OPT;
-					break;
-                case 's':
-                    type = KEYSIZE_OPT;
-                    break;
-                case 't':
-                    type = TOKEN_OPT;
-                    break;
-				default:
-					type = UNKNOWN_OPT;
-					PR_fprintf(errorFD, "warning: unrecognized option: -%c.\n", 
-						opt[1]);
-					warningCount++;
-					break;
-				}
-			}
-		} else {
-			if(i == argc-1) {
-				type = UNKNOWN_OPT;
-				if(jartree) {
-				  PR_fprintf(errorFD,
-				    "warning: directory to be signed specified more than once."
-				    " Only last specification will be used.\n");
-				  warningCount++;
-				  PR_Free(jartree); jartree = NULL;
-				}
-				jartree = PL_strdup(opt);
-			} else {
-				type = UNKNOWN_OPT;
-				PR_fprintf(errorFD, "warning: unrecognized option: %s\n", opt);
-				warningCount++;
-			}
-		}
-
-		if(type != UNKNOWN_OPT) {
-			short ateArg;
-
-			ateArg = ProcessOneOpt(type, arg);
-			if(ateArg==-1) {
-				/* error */
-				return -1;
-			} else if(ateArg && needsInc) {
-				i++;
-			}
-		}
-	}
-
-	return 0;
-}
-
-/*********************************************************************
- *
- * P r o c e s s O n e O p t
- *
- * Since options can come from different places (command file, word options,
- * char options), this is a central function that is called to deal with
- * them no matter where they come from.
- *
- * type is the type of option.
- * arg is the argument to the option, possibly NULL.
- * Returns 1 if the argument was eaten, 0 if it wasn't, and -1 for error.
- */
-static int
-ProcessOneOpt(OPT_TYPE type, char *arg)
-{
-	int ate=0;
-
-	switch(type) {
-	case QUESTION_OPT:
-		usage();
-		break;
-	case BASE_OPT:
-		if(base) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-b");
-			warningCount++;
-			PR_Free(base); base=NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-b");
-			errorCount++;
-			goto loser;
-		}
-		base = PL_strdup(arg);
-		ate = 1;
-		break;
-	case COMPRESSION_OPT:
-		if(compression_level_specified) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-c");
-			warningCount++;
-		}
-		if( !arg ) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-c");
-			errorCount++;
-			goto loser;
-		}
-		compression_level = atoi(arg);
-		compression_level_specified = PR_TRUE;
-		ate = 1;
-		break;
-	case CERT_DIR_OPT:
-		if(cert_dir) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-d");
-			warningCount++;
-			PR_Free(cert_dir); cert_dir = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-d");
-			errorCount++;
-			goto loser;
-		}
-		cert_dir = PL_strdup(arg);
-		ate = 1;
-		break;
-	case EXTENSION_OPT:
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"extension (-e)");
-			errorCount++;
-			goto loser;
-		}
-		PL_HashTableAdd(extensions, arg, arg);
-		extensionsGiven = PR_TRUE;
-		ate = 1;
-		break;
-	case INSTALL_SCRIPT_OPT:
-		if(install_script) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"installScript (-i)");
-			warningCount++;
-			PR_Free(install_script); install_script = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"installScript (-i)");
-			errorCount++;
-			goto loser;
-		}
-		install_script = PL_strdup(arg);
-		ate = 1;
-		break;
-	case SCRIPTDIR_OPT:
-		if(scriptdir) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"javascriptdir (-j)");
-			warningCount++;
-			PR_Free(scriptdir); scriptdir = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"javascriptdir (-j)");
-			errorCount++;
-			goto loser;
-		}
-		scriptdir = PL_strdup(arg);
-		ate = 1;
-		break;
-	case CERTNAME_OPT:
-		if(keyName) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"keyName (-k)");
-			warningCount++;
-			PR_Free(keyName); keyName = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"keyName (-k)");
-			errorCount++;
-			goto loser;
-		}
-		keyName = PL_strdup(arg);
-		ate = 1;
-		break;
-	case LIST_OBJSIGN_CERTS_OPT:
-	case LIST_ALL_CERTS_OPT:
-		if(list_certs != 0) {
-			PR_fprintf(errorFD,
-			  "warning: only one of -l and -L may be specified.\n");
-			warningCount++;
-		}
-		list_certs = (type==LIST_OBJSIGN_CERTS_OPT ? 1 : 2);
-		break;
-	case METAFILE_OPT:
-		if(metafile) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"metafile (-m)");
-			warningCount++;
-			PR_Free(metafile); metafile = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"metafile (-m)");
-			errorCount++;
-			goto loser;
-		}
-		metafile = PL_strdup(arg);
-		ate = 1;
-		break;
-	case OPTIMIZE_OPT:
-		optimize = 1;
-		break;
-	case ENABLE_OCSP_OPT:
-		enableOCSP = 1;
-		break;
-	case PASSWORD_OPT:
-		if(password) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"password (-p)");
-			warningCount++;
-			PR_Free(password); password= NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"password (-p)");
-			errorCount++;
-			goto loser;
-		}
-		password = PL_strdup(arg);
-		ate = 1;
-		break;
-	case VERIFY_OPT:
-		if(verify) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"verify (-v)");
-			warningCount++;
-			PR_Free(verify); verify = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"verify (-v)");
-			errorCount++;
-			goto loser;
-		}
-		verify = PL_strdup(arg);
-		ate = 1;
-		break;
-	case WHO_OPT:
-		if(tell_who) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"who (-v)");
-			warningCount++;
-			PR_Free(tell_who); tell_who = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"who (-w)");
-			errorCount++;
-			goto loser;
-		}
-		tell_who = PL_strdup(arg);
-		ate = 1;
-		break;
-	case EXCLUDE_OPT:
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"exclude (-x)");
-			errorCount++;
-			goto loser;
-		}
-		PL_HashTableAdd(excludeDirs, arg, arg);
-		exclusionsGiven = PR_TRUE;
-		ate = 1;
-		break;
-	case NO_TIME_OPT:
-		no_time = 1;
-		break;
-	case JAVASCRIPT_OPT:
-		javascript++;
-		break;
-	case ZIPFILE_OPT:
-		if(zipfile) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"jarfile (-Z)");
-			warningCount++;
-			PR_Free(zipfile); zipfile = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"jarfile (-Z)");
-			errorCount++;
-			goto loser;
-		}
-		zipfile = PL_strdup(arg);
-		ate = 1;
-		break;
-	case GENKEY_OPT:
-		if(genkey) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"generate (-G)");
-			warningCount++;
-			PR_Free(zipfile); zipfile = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-				"generate (-G)");
-			errorCount++;
-			goto loser;
-		}
-		genkey = PL_strdup(arg);
-		ate = 1;
-		break;
-	case MODULES_OPT:
-		list_modules++;
-		break;
-	case SIGNDIR_OPT:
-		if(jartree) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"signdir");
-			warningCount++;
-			PR_Free(jartree); jartree = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "signdir");
-			errorCount++;
-			goto loser;
-		}
-		jartree = PL_strdup(arg);
-		ate = 1;
-		break;
-	case OUTFILE_OPT:
-		if(outfile) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
-				"outfile");
-			warningCount++;
-			PR_Free(outfile); outfile = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "outfile");
-			errorCount++;
-			goto loser;
-		}
-		outfile = PL_strdup(arg);
-		ate = 1;
-		break;
-	case COMMAND_FILE_OPT:
-		if(cmdFile) {
-			PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-f");
-			warningCount++;
-			PR_Free(cmdFile); cmdFile = NULL;
-		}
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-f");
-			errorCount++;
-			goto loser;
-		}
-		cmdFile = PL_strdup(arg);
-		ate = 1;
-		break;
-	case NORECURSE_OPT:
-		noRecurse = PR_TRUE;
-		break;
-	case LEAVE_ARC_OPT:
-		leaveArc = PR_TRUE;
-		break;
-	case VERBOSITY_OPT:
-		if(!arg) {
-			PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
-			  "--verbosity");
-			errorCount++;
-			goto loser;
-		}
-		verbosity = atoi(arg);
-		ate = 1;
-		break;
-    case KEYSIZE_OPT:
-        if( keySize != -1 ) {
-            PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-s");
-            warningCount++;
-        }
-        keySize = atoi(arg);
-        ate = 1;
-        if( keySize < 1 || keySize > MAX_RSA_KEY_SIZE ) {
-            PR_fprintf(errorFD, "Invalid key size: %d.\n", keySize);
-            errorCount++;
-            goto loser;
-        }
-        break;
-    case TOKEN_OPT:
-        if( token ) {
-            PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-t");
-            PR_Free(token); token = NULL;
-        }
-        if( ! arg ) {
-            PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-t");
-            errorCount++;
-            goto loser;
-        }
-        token = PL_strdup(arg);
-        ate = 1;
-        break;
-	default:
-		PR_fprintf(errorFD, "warning: unknown option\n");
-		warningCount++;
-		break;
-	}
-
-	return ate;
-loser:
-	return -1;
-}
-
-
-/*********************************************************************
- *
- * m a i n
- */
-int
-main(int argc, char *argv[])
-{
-	PRBool readOnly;
-	int retval=0;
-
-	outputFD = PR_STDOUT;
-	errorFD = PR_STDERR;
-
-	progName = argv[0];
-
-  if (argc < 2)
-    {
-    usage();
-    }
-
-	excludeDirs = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
-					PL_CompareStrings, NULL, NULL);
-	extensions = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
-					PL_CompareStrings, NULL, NULL);
-
-	if(parse_args(argc, argv)) {
-		retval = -1;
-		goto cleanup;
-	}
-
-	/* Parse the command file if one was given */
-	if(cmdFile) {
-		if(ProcessCommandFile()) {
-			retval = -1;
-			goto cleanup;
-		}
-	}
-
-	/* Set up output redirection */
-	if(outfile) {
-		if(PR_Access(outfile, PR_ACCESS_EXISTS)==PR_SUCCESS) {
-			/* delete the file if it is already present */
-			PR_fprintf(errorFD,
-				"warning: %s already exists and will be overwritten.\n",
-				outfile);
-			warningCount++;
-			if(PR_Delete(outfile) != PR_SUCCESS) {
-				PR_fprintf(errorFD, "ERROR: unable to delete %s.\n", outfile);
-				errorCount++;
-				exit(ERRX);
-			}
-		}
-		outputFD = PR_Open(outfile,
-			PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
-		if(!outputFD) {
-			PR_fprintf(errorFD, "ERROR: Unable to create %s.\n", outfile);
-			errorCount++;
-			exit(ERRX);
-		}
-		errorFD = outputFD;
-	}
-
-  /* This seems to be a fairly common user error */
-
-  if (verify && list_certs > 0)
-    {
-    PR_fprintf (errorFD, "%s: Can't use -l and -v at the same time\n",
-		PROGRAM_NAME);
-	errorCount++;
-	retval = -1;
-    goto cleanup;
-    }
-
-  /* -J assumes -Z now */
-
-  if (javascript && zipfile)
-    {
-    PR_fprintf (errorFD, "%s: Can't use -J and -Z at the same time\n",
-		PROGRAM_NAME);
-    PR_fprintf (errorFD, "%s: -J option will create the jar files for you\n",
-		PROGRAM_NAME);
-	errorCount++;
-	retval = -1;
-	goto cleanup;
-    }
-
-  /* Less common mixing of -L with various options */
-
-	if (list_certs > 0 && 
-        (tell_who || zipfile || javascript || 
-           scriptdir || extensionsGiven || exclusionsGiven || install_script)) {
-		PR_fprintf(errorFD, "%s: Can't use -l or -L with that option\n",
-			PROGRAM_NAME);
-		errorCount++;
-		retval = -1;
-		goto cleanup;
-	}
-
-
-	if (!cert_dir)
-		cert_dir = get_default_cert_dir();
-
-	VerifyCertDir(cert_dir, keyName);
-
-
-	if(	compression_level < MIN_COMPRESSION_LEVEL ||
-	 compression_level > MAX_COMPRESSION_LEVEL) {
-		PR_fprintf(errorFD, "Compression level must be between %d and %d.\n",
-		 MIN_COMPRESSION_LEVEL, MAX_COMPRESSION_LEVEL);
-		errorCount++;
-		retval = -1;
-		goto cleanup;
-	}
-
-	if(jartree && !keyName) {
-		PR_fprintf(errorFD, "You must specify a key with which to sign.\n");
-		errorCount++;
-		retval = -1;
-		goto cleanup;
-	}
-
-	readOnly = (genkey == NULL); /* only key generation requires write */
-	if(InitCrypto(cert_dir, readOnly)) {
-		PR_fprintf(errorFD, "ERROR: Cryptographic initialization failed.\n");
-		errorCount++;
-		retval = -1;
-		goto cleanup;
-	}
-
-	if (enableOCSP) {
-	    SECStatus rv = CERT_EnableOCSPChecking(CERT_GetDefaultCertDB());
-	    if (rv != SECSuccess) {
-	        PR_fprintf(errorFD, "ERROR: Attempt to enable OCSP Checking failed.\n");
-	        errorCount++;
-	        retval = -1;
-	    }
-	}
-
-  if (verify)
-    {
-    if (VerifyJar(verify))
-      {
-      errorCount++;
-      retval = -1;
-      goto cleanup;
-      }
-    }
-  else if (list_certs)
-    {
-    if (ListCerts(keyName, list_certs))
-      {
-      errorCount++;
-      retval = -1;
-      goto cleanup;
-      }
-    }
-  else if (list_modules)
-    {
-    JarListModules();
-    }
-  else if (genkey)
-    {
-    if (GenerateCert(genkey, keySize, token))
-      {
-      errorCount++;
-      retval = -1;
-      goto cleanup;
-      }
-    }
-  else if (tell_who)
-    {
-    if (JarWho(tell_who))
-      {
-      errorCount++;
-      retval = -1;
-      goto cleanup;
-      }
-    }
-  else if (javascript && jartree)
-    {
-	/* make sure directory exists */
-	PRDir *dir;
-	dir = PR_OpenDir(jartree);
-	if(!dir) {
-		PR_fprintf(errorFD, "ERROR: unable to open directory %s.\n", jartree);
-		errorCount++;
-		retval = -1;
-		goto cleanup;
-	} else {
-		PR_CloseDir(dir);
-	}
-
-    /* undo junk from prior runs of signtool*/
-    if(RemoveAllArc(jartree)) {
-		PR_fprintf(errorFD, "Error removing archive directories under %s\n", jartree);
-		errorCount++;
-		retval = -1;
-		goto cleanup;
-	}
-
-    /* traverse all the htm|html files in the directory */
-    if(InlineJavaScript(jartree, !noRecurse)) {
-		retval = -1;
-		goto cleanup;
-	}
-
-    /* sign any resultant .arc directories created in above step */
-    if(SignAllArc(jartree, keyName, javascript, metafile, install_script,
-		optimize, !noRecurse)) {
-        retval = -1;
-        goto cleanup;
-    }
-
-	if(!leaveArc) {
-		RemoveAllArc(jartree);
-	}
-
-	if(errorCount>0 || warningCount>0) {
-		PR_fprintf(outputFD, "%d error%s, %d warning%s.\n", errorCount,
-			errorCount==1?"":"s", warningCount, warningCount==1?"":"s");
-	} else {
-		PR_fprintf(outputFD, "Directory %s signed successfully.\n", jartree);
-	}
-  } else if (jartree)
-    {
-    SignArchive(jartree, keyName, zipfile, javascript, metafile,
-		install_script, optimize, !noRecurse);
-    }
-  else
-    usage();
-
-cleanup:
-	if(extensions) {
-		PL_HashTableDestroy(extensions); extensions = NULL;
-	}
-	if(excludeDirs) {
-		PL_HashTableDestroy(excludeDirs); excludeDirs = NULL;
-	}
-	if(outputFD != PR_STDOUT) {
-		PR_Close(outputFD);
-	}
-	rm_dash_r(TMP_OUTPUT);
-  return retval;
-}
-
diff --git a/security/nss/cmd/signtool/signtool.h b/security/nss/cmd/signtool/signtool.h
deleted file mode 100644
index 5c6ad0284..000000000
--- a/security/nss/cmd/signtool/signtool.h
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SIGNTOOL_H
-#define SIGNTOOL_H
- 
-#define DJN_TEST
-
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-
-#include "prprf.h"
-#include "prio.h"
-#include "secutil.h"
-#include "ocsp.h"
-#include "jar.h"
-#include "jarfile.h"
-#include "secpkcs7.h"
-#include "pk11func.h"
-#include "secmod.h"
-#include "plhash.h"
-
-#ifdef _UNIX
-#include <unistd.h> 
-#endif
-
-/**********************************************************************
- * General Defines
- */
-#define JAR_BASE_END JAR_BASE + 100
-#define ERRX (-1)	/* the exit code used on failure */
-#define FNSIZE 256	/* the maximum length for filenames */
-#define MAX_RSA_KEY_SIZE 4096
-#define DEFAULT_RSA_KEY_SIZE 1024
-#define MANIFEST "manifest.mf"
-#define DEFAULT_X509_BASENAME "x509"
-#define DEFAULT_COMMON_NAME "Signtool 1.3 Testing Certificate"
-#define CREATOR  "Signtool (signtool 1.3)"
-#define BREAKAGE "PLEASE DO NOT EDIT THIS FILE. YOU WILL BREAK IT."
-#define MIN_COMPRESSION_LEVEL (-1)
-#define MAX_COMPRESSION_LEVEL 9
-#define DEFAULT_COMPRESSION_LEVEL (-1) /* zlib understands this to be default*/
-#define STDIN_BUF_SIZE 160
-#define PROGRAM_NAME	"signtool"
-#define LONG_PROGRAM_NAME "Signing Tool"
-#define DEFAULT_BASE_NAME "zigbert"
-#define VERSION		"1.3"
-#define TMP_OUTPUT "signtool.tmp"
-
-
-/***************************************************************
- * Main Task Functions
- */
-int GenerateCert(char *nickname, int keysize, char *token);
-int ListCerts(char *key, int list_certs);
-int VerifyJar(char *filename);
-int SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
-	char *meta_file, char *install_script, int _optimize, PRBool recurse);
-int SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
-	char *install_script, int optimize, PRBool recurse);
-int InlineJavaScript(char *dir, PRBool recurse);
-int JarWho(char *filename);
-void JarListModules(void);
-
-/**************************************************************
- * Utility Functions
- */
-CERTCertDBHandle *OpenCertDB (PRBool readOnly);
-
-int RemoveAllArc(char *tree);
-void VerifyCertDir(char *dir, char *keyName);
-int InitCrypto(char *cert_dir, PRBool readOnly);
-int foreach (char *dirname, char *prefix,
-	int (*fn)(char *filename, char *dirname, char *basedir,char *base,void*arg),
-	PRBool recurse, PRBool includeDirs, void *arg);
-void print_error (int i);
-void give_help (int status);
-const char* secErrorString(long code);
-void displayVerifyLog(CERTVerifyLog *log);
-void usage (void);
-char* chop(char*);
-void out_of_memory(void);
-void FatalError(char *msg);
-char* get_default_cert_dir(void);
-SECItem *password_hardcode(void *arg, void *handle);
-char* pk11_password_hardcode(PK11SlotInfo *slot, PRBool retry, void *arg);
-int rm_dash_r(char *path);
-char* pr_fgets(char *buf, int size, PRFileDesc *file);
-
-
-/*****************************************************************
- * Global Variables (*gag*)
- */
-extern char *password;	/* the password passed in on the command line */
-extern PLHashTable *excludeDirs;  /* directory entry to skip while recursing */
-extern int no_time;
-extern char *base;		/* basename of ".rsa" and ".sf" files */
-extern long *mozilla_event_queue;
-extern char *progName; /* argv[0] */
-extern PLHashTable *extensions;/* only sign files with this extension */
-extern PRBool extensionsGiven;
-extern char *scriptdir;
-extern int compression_level;
-extern PRFileDesc *outputFD, *errorFD;
-extern int verbosity;
-extern int errorCount;
-extern int warningCount;
-
-#endif /* SIGNTOOL_H */
diff --git a/security/nss/cmd/signtool/util.c b/security/nss/cmd/signtool/util.c
deleted file mode 100644
index b0fb5ae82..000000000
--- a/security/nss/cmd/signtool/util.c
+++ /dev/null
@@ -1,987 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "prio.h"
-#include "prmem.h"
-#include "nss.h"
-
-static int is_dir (char *filename);
-
-/***********************************************************
- * Nasty hackish function definitions
- */
-
-long *mozilla_event_queue = 0;
-
-#ifndef XP_WIN
-char *XP_GetString (int i)
-{
-  return SECU_ErrorStringRaw ((int16) i);
-}
-#endif
-
-void FE_SetPasswordEnabled()
-{
-}
-
-void /*MWContext*/ *FE_GetInitContext (void)
-{
-  return 0;
-}
-
-void /*MWContext*/ *XP_FindSomeContext()
-{
-  /* No windows context in command tools */
-  return NULL;
-}
-
-void ET_moz_CallFunction()
-{
-}
-
-
-/*
- *  R e m o v e A l l A r c
- *
- *  Remove .arc directories that are lingering
- *  from a previous run of signtool.
- *
- */
-int
-RemoveAllArc(char *tree)
-{
-	PRDir *dir;
-	PRDirEntry *entry;
-	char *archive=NULL;
-	int retval = 0;
-
-	dir = PR_OpenDir (tree);
-	if (!dir) return -1;
-
-	for (entry = PR_ReadDir (dir,0); entry; entry = PR_ReadDir (dir,0)) {
-
-		if(entry->name[0] == '.') {
-			continue;
-		}
-
-		if(archive) PR_Free(archive);
-		archive = PR_smprintf("%s/%s", tree, entry->name);
-
-	    if (PL_strcaserstr (entry->name, ".arc")
-			== (entry->name + strlen(entry->name) - 4) ) {
-
-			if(verbosity >= 0) {
-				PR_fprintf(outputFD, "removing: %s\n", archive);
-			}
-
-			if(rm_dash_r(archive)) {
-				PR_fprintf(errorFD, "Error removing %s\n", archive);
-				errorCount++;
-				retval = -1;
-				goto finish;
-			}
-		} else if(is_dir(archive)) {
-			if(RemoveAllArc(archive)) {
-				retval = -1;
-				goto finish;
-			}
-		}
-	}
-
-finish:
-	PR_CloseDir (dir);
-	if(archive) PR_Free(archive);
-
-	return retval;
-}
-
-/*
- *  r m _ d a s h _ r
- *
- *  Remove a file, or a directory recursively.
- *
- */
-int rm_dash_r (char *path)
-{
-	PRDir	*dir;
-	PRDirEntry *entry;
-	PRFileInfo fileinfo;
-	char filename[FNSIZE];
-
-	if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
-		/*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
-		return -1;
-	}
-	if(fileinfo.type == PR_FILE_DIRECTORY) {
-
-		dir = PR_OpenDir(path);
-		if(!dir) {
-			PR_fprintf(errorFD, "Error: Unable to open directory %s.\n", path);
-			errorCount++;
-			return -1;
-		}
-
-		/* Recursively delete all entries in the directory */
-		while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
-			sprintf(filename, "%s/%s", path, entry->name);
-			if(rm_dash_r(filename)) return -1;
-		}
-
-		if(PR_CloseDir(dir) != PR_SUCCESS) {
-			PR_fprintf(errorFD, "Error: Could not close %s.\n", path);
-			errorCount++;
-			return -1;
-		}
-
-		/* Delete the directory itself */
-		if(PR_RmDir(path) != PR_SUCCESS) {
-			PR_fprintf(errorFD, "Error: Unable to delete %s\n", path);
-			errorCount++;
-			return -1;
-		}
-	} else {
-		if(PR_Delete(path) != PR_SUCCESS) {
-			PR_fprintf(errorFD, "Error: Unable to delete %s\n", path);
-			errorCount++;
-			return -1;
-		}
-	}
-	return 0;
-}
-
-/*
- *  u s a g e 
- * 
- *  Print some useful help information
- *
- */
-void
-usage (void)
-{
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%s %s - a signing tool for jar files\n", LONG_PROGRAM_NAME, VERSION);
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "Usage:  %s [options] directory-tree \n\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "    -b\"basename\"\t\tbasename of .sf, .rsa files for signing\n");
-  PR_fprintf(outputFD, "    -c#\t\t\t\tCompression level, 0-9, 0=none\n");
-  PR_fprintf(outputFD, "    -d\"certificate directory\"\tcontains cert*.db and key*.db\n");
-  PR_fprintf(outputFD, "    -e\".ext\"\t\t\tsign only files with this extension\n");
-  PR_fprintf(outputFD, "    -f\"filename\"\t\t\tread commands from file\n");
-  PR_fprintf(outputFD, "    -G\"nickname\"\t\tcreate object-signing cert with this nickname\n");
-  PR_fprintf(outputFD, "    -i\"installer script\"\tassign installer javascript\n");
-  PR_fprintf(outputFD, "    -j\"javascript directory\"\tsign javascript files in this subtree\n");
-  PR_fprintf(outputFD, "    -J\t\t\t\tdirectory contains HTML files. Javascript will\n"
-			"\t\t\t\tbe extracted and signed.\n");
-  PR_fprintf(outputFD, "    -k\"cert nickname\"\t\tsign with this certificate\n");
-  PR_fprintf(outputFD, "    --leavearc\t\t\tdo not delete .arc directories created\n"
-			"\t\t\t\tby -J option\n");
-  PR_fprintf(outputFD, "    -m\"metafile\"\t\tinclude custom meta-information\n");
-  PR_fprintf(outputFD, "    --norecurse\t\t\tdo not operate on subdirectories\n");
-  PR_fprintf(outputFD, "    -o\t\t\t\toptimize - omit optional headers\n");
-  PR_fprintf(outputFD, "    -O\t\t\t\tenableOCSP - enable OCSP checking\n");
-  PR_fprintf(outputFD, "    --outfile \"filename\"\tredirect output to file\n");
-  PR_fprintf(outputFD, "    -p\"password\"\t\tfor password on command line (insecure)\n");
-  PR_fprintf(outputFD, "    -s keysize\t\t\tkeysize in bits of generated cert\n");
-  PR_fprintf(outputFD, "    -t token\t\t\tname of token on which to generate cert\n");
-  PR_fprintf(outputFD, "    --verbosity #\t\tSet amount of debugging information to generate.\n"
-			"\t\t\t\tLower number means less output, 0 is default.\n");
-  PR_fprintf(outputFD, "    -x\"name\"\t\t\tdirectory or filename to exclude\n");
-  PR_fprintf(outputFD, "    -z\t\t\t\tomit signing time from signature\n");
-  PR_fprintf(outputFD, "    -Z\"jarfile\"\t\t\tcreate JAR file with the given name.\n"
-		  "\t\t\t\t(Default compression level is 6.)\n");
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%s -l\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "  lists the signing certificates in your database\n");
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%s -L\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "  lists all certificates in your database, marks object-signing certificates\n");
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%s -M\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "  lists the PKCS #11 modules available to %s\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%s -v file.jar\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "  show the contents of the specified jar file\n");
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%s -w file.jar\n", PROGRAM_NAME);
-  PR_fprintf(outputFD, "  if valid, tries to tell you who signed the jar file\n");
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "For more details, visit\n");
-  PR_fprintf(outputFD, 
-"  http://developer.netscape.com/library/documentation/signedobj/signtool/\n");
-
-  exit (ERRX);
-}
-
-/*
- *  p r i n t _ e r r o r
- *
- *  For the undocumented -E function. If an older version
- *  of communicator gives you a numeric error, we can see what
- *  really happened without doing hex math.
- *
- */
-
-void
-print_error (int err)
-{
-  PR_fprintf(errorFD, "Error %d: %s\n", err, JAR_get_error (err));
-	errorCount++;
-  give_help (err);
-}
-
-/*
- *  o u t _ o f _ m e m o r y
- *
- *  Out of memory, exit Signtool.
- * 
- */
-void
-out_of_memory (void)
-{
-  PR_fprintf(errorFD, "%s: out of memory\n", PROGRAM_NAME);
-	errorCount++;
-  exit (ERRX);
-}
-
-/*
- *  V e r i f y C e r t D i r
- *
- *  Validate that the specified directory
- *  contains a certificate database
- *
- */
-void
-VerifyCertDir(char *dir, char *keyName)
-{
-  char fn [FNSIZE];
-
-  /* don't try verifying if we don't have a local directory */
-  if (strncmp(dir,"multiaccess:",sizeof("multiaccess:")-1) == 0) {
-     return;
-  }
-
-  sprintf (fn, "%s/cert7.db", dir);
-
-  if (PR_Access (fn, PR_ACCESS_EXISTS))
-    {
-    PR_fprintf(errorFD, "%s: No certificate database in \"%s\"\n", PROGRAM_NAME,
-		dir);
-    PR_fprintf(errorFD, "%s: Check the -d arguments that you gave\n",
-		PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "using certificate directory: %s\n", dir);
-	}
-
-  if (keyName == NULL)
-    return;
-
-  /* if the user gave the -k key argument, verify that 
-     a key database already exists */
-
-  sprintf (fn, "%s/key3.db", dir);
-
-  if (PR_Access (fn, PR_ACCESS_EXISTS))
-    {
-    PR_fprintf(errorFD, "%s: No private key database in \"%s\"\n", PROGRAM_NAME,
-		dir);
-    PR_fprintf(errorFD, "%s: Check the -d arguments that you gave\n",
-		PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-}
-
-/*
- *  f o r e a c h 
- * 
- *  A recursive function to loop through all names in
- *  the specified directory, as well as all subdirectories.
- *
- *  FIX: Need to see if all platforms allow multiple
- *  opendir's to be called.
- *
- */
-
-int
-foreach(char *dirname, char *prefix, 
-       int (*fn)(char *relpath, char *basedir, char *reldir, char *filename,
-		void* arg),
-		PRBool recurse, PRBool includeDirs, void *arg) {
-	char newdir [FNSIZE];
-	int retval = 0;
-
-	PRDir *dir;
-	PRDirEntry *entry;
-
-	strcpy (newdir, dirname);
-	if (*prefix) {
-		strcat (newdir, "/");
-		strcat (newdir, prefix);
-	}
-
-	dir = PR_OpenDir (newdir);
-	if (!dir) return -1;
-
-	for (entry = PR_ReadDir (dir,0); entry; entry = PR_ReadDir (dir,0)) {
-		if ( strcmp(entry->name, ".")==0   ||
-                     strcmp(entry->name, "..")==0 )
-                {
-                    /* no infinite recursion, please */   
-		    continue;
-                }
-
-		/* can't sign self */
-		if (!strcmp (entry->name, "META-INF"))
-			continue;
-
-		/* -x option */
-		if (PL_HashTableLookup(excludeDirs, entry->name))
-			continue;
-
-		strcpy (newdir, dirname);
-		if (*dirname)
-			strcat (newdir, "/");
-
-		if (*prefix) {
-			strcat (newdir, prefix);
-			strcat (newdir, "/");
-		}
-		strcat (newdir, entry->name);
-
-		if(!is_dir(newdir) || includeDirs) {
-			char newpath [FNSIZE];
-
-			strcpy (newpath, prefix);
-			if (*newpath)
-				strcat (newpath, "/");
-			strcat (newpath, entry->name);
-
-			if( (*fn) (newpath, dirname, prefix, (char *) entry->name, arg)) {
-				retval = -1;
-				break;
-			}
-		}
-
-		if (is_dir (newdir)) {
-			if(recurse) {
-				char newprefix [FNSIZE];
-
-				strcpy (newprefix, prefix);
-				if (*newprefix) {
-					strcat (newprefix, "/");
-				}
-				strcat (newprefix, entry->name);
-
-				if(foreach (dirname, newprefix, fn, recurse, includeDirs,arg)) {
-					retval = -1;
-					break;
-				}
-			}
-		}
-
-	}
-
-	PR_CloseDir (dir);
-
-	return retval;
-}
-
-/*
- *  i s _ d i r
- *
- *  Return 1 if file is a directory.
- *  Wonder if this runs on a mac, trust not.
- *
- */
-static int is_dir (char *filename)
-{
-	PRFileInfo	finfo;
-
-	if( PR_GetFileInfo(filename, &finfo) != PR_SUCCESS ) {
-		printf("Unable to get information about %s\n", filename);
-		return 0;
-	}
-
-	return ( finfo.type == PR_FILE_DIRECTORY );
-}
-
-/*
- *  p a s s w o r d _ h a r d c o d e 
- *
- *  A function to use the password passed in the -p(password) argument
- *  of the command line. This is only to be used for build & testing purposes,
- *  as it's extraordinarily insecure. 
- *
- *  After use once, null it out otherwise PKCS11 calls us forever.
- *
- */
-SECItem *
-password_hardcode(void *arg, void *handle)
-{
-  SECItem *pw = NULL;
-  if (password) {
-    pw = SECITEM_AllocItem(NULL, NULL, PL_strlen(password));
-    pw->data = (unsigned char *)PL_strdup(password);
-    password = NULL;
-  }
-  return pw;
-}
-
-char *
-pk11_password_hardcode(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-  char *pw;
-  if (retry) {
-    return NULL; /* the password is incorrect, fail */
-  }
-  pw = password ? PORT_Strdup (password) : NULL;
-  /* XXX don't do this, or FIPS won't work */
-  /*password = NULL;*/
-  return pw;
-}
-
-/************************************************************************
- *
- * c e r t D B N a m e C a l l b a c k
- */
-static char *
-certDBNameCallback(void *arg, int dbVersion)
-{
-    char *fnarg;
-    char *dir;
-    char *filename;
-    
-    dir = SECU_ConfigDirectory (NULL);
-
-    switch ( dbVersion ) {
-      case 7:
-        fnarg = "7";
-        break;
-      case 6:
-	fnarg = "6";
-	break;
-      case 5:
-	fnarg = "5";
-	break;
-      case 4:
-      default:
-	fnarg = "";
-	break;
-    }
-    filename = PR_smprintf("%s/cert%s.db", dir, fnarg);
-    return(filename);
-}
-
-/***************************************************************
- *
- * s e c E r r o r S t r i n g
- *
- * Returns an error string corresponding to the given error code.
- * Doesn't cover all errors; returns a default for many.
- * Returned string is only valid until the next call of this function.
- */
-const char*
-secErrorString(long code)
-{
-	static char errstring[80]; /* dynamically constructed error string */
-	char *c; /* the returned string */
-
-	switch(code) {
-	case SEC_ERROR_IO: c = "io error";
-		break;
-	case SEC_ERROR_LIBRARY_FAILURE: c = "security library failure";
-		break;
-	case SEC_ERROR_BAD_DATA: c = "bad data";
-		break;
-	case SEC_ERROR_OUTPUT_LEN: c = "output length";
-		break;
-	case SEC_ERROR_INPUT_LEN: c = "input length";
-		break;
-	case SEC_ERROR_INVALID_ARGS: c = "invalid args";
-		break;
-	case SEC_ERROR_EXPIRED_CERTIFICATE: c = "expired certificate";
-		break;
-	case SEC_ERROR_REVOKED_CERTIFICATE: c = "revoked certificate";
-		break;
-	case SEC_ERROR_INADEQUATE_KEY_USAGE: c = "inadequate key usage";
-		break;
-	case SEC_ERROR_INADEQUATE_CERT_TYPE: c = "inadequate certificate type";
-		break;
-	case SEC_ERROR_UNTRUSTED_CERT: c = "untrusted cert";
-		break;
-	case SEC_ERROR_NO_KRL: c = "no key revocation list";
-		break;
-	case SEC_ERROR_KRL_BAD_SIGNATURE: c = "key revocation list: bad signature";
-		break;
-	case SEC_ERROR_KRL_EXPIRED: c = "key revocation list expired";
-		break;
-	case SEC_ERROR_REVOKED_KEY: c = "revoked key";
-		break;
-	case SEC_ERROR_CRL_BAD_SIGNATURE:
-		c = "certificate revocation list: bad signature";
-		break;
-	case SEC_ERROR_CRL_EXPIRED: c = "certificate revocation list expired";
-		break;
-	case SEC_ERROR_CRL_NOT_YET_VALID:
-		c = "certificate revocation list not yet valid";
-		break;
-	case SEC_ERROR_UNKNOWN_ISSUER: c = "unknown issuer";
-		break;
-	case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: c = "expired issuer certificate";
-		break;
-	case SEC_ERROR_BAD_SIGNATURE: c = "bad signature";
-		break;
-	case SEC_ERROR_BAD_KEY: c = "bad key";
-		break;
-	case SEC_ERROR_NOT_FORTEZZA_ISSUER: c = "not fortezza issuer";
-		break;
-	case SEC_ERROR_CA_CERT_INVALID:
-		c = "Certificate Authority certificate invalid";
-		break;
-	case SEC_ERROR_EXTENSION_NOT_FOUND: c = "extension not found";
-		break;
-	case SEC_ERROR_CERT_NOT_IN_NAME_SPACE: c = "certificate not in name space";
-		break;
-	case SEC_ERROR_UNTRUSTED_ISSUER: c = "untrusted issuer";
-		break;
-	default:
-		sprintf(errstring, "security error %ld", code);
-		c = errstring;
-		break;
-	}
-
-	return c;
-}
-
-/***************************************************************
- *
- * d i s p l a y V e r i f y L o g
- *
- * Prints the log of a cert verification.
- */
-void
-displayVerifyLog(CERTVerifyLog *log)
-{
-	CERTVerifyLogNode	*node;
-	CERTCertificate		*cert;
-	char				*name;
-
-	if( !log  || (log->count <= 0) ) {
-		return;
-	}
-
-	for(node = log->head; node != NULL; node = node->next) {
-
-		if( !(cert = node->cert) ) {
-			continue;
-		}
-
-		/* Get a name for this cert */
-		if(cert->nickname != NULL) {
-			name = cert->nickname;
-		} else if(cert->emailAddr != NULL) {
-			name = cert->emailAddr;
-		} else {
-			name = cert->subjectName;
-		}
-
-		printf( "%s%s:\n",
-			name,
-			(node->depth > 0) ? " [Certificate Authority]" : ""
-		);
-
-		printf("\t%s\n", secErrorString(node->error));
-
-	}
-}
-/*
- *  J a r L i s t M o d u l e s
- *
- *  Print a list of the PKCS11 modules that are
- *  available. This is useful for smartcard people to
- *  make sure they have the drivers loaded.
- *
- */
-void
-JarListModules(void)
-{
-  int i;
-  int count = 0;
-
-  SECMODModuleList *modules = NULL;
-  static SECMODListLock *moduleLock = NULL;
-
-  SECMODModuleList *mlp;
-
-  modules = SECMOD_GetDefaultModuleList();
-
-  if (modules == NULL)
-    {
-    PR_fprintf(errorFD, "%s: Can't get module list\n", PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  if ((moduleLock = SECMOD_NewListLock()) == NULL)
-    {
-    /* this is the wrong text */
-    PR_fprintf(errorFD, "%s: unable to acquire lock on module list\n",
-		PROGRAM_NAME);
-	errorCount++;
-    exit (ERRX);
-    }
-
-  SECMOD_GetReadLock (moduleLock);
-
-  PR_fprintf(outputFD, "\nListing of PKCS11 modules\n");
-  PR_fprintf(outputFD, "-----------------------------------------------\n");
- 
-  for (mlp = modules; mlp != NULL; mlp = mlp->next) 
-    {
-    count++;
-    PR_fprintf(outputFD, "%3d. %s\n", count, mlp->module->commonName);
-
-    if (mlp->module->internal)
-      PR_fprintf(outputFD, "          (this module is internally loaded)\n");
-    else
-      PR_fprintf(outputFD, "          (this is an external module)\n");
-
-    if (mlp->module->dllName)
-      PR_fprintf(outputFD, "          DLL name: %s\n", mlp->module->dllName);
-
-    if (mlp->module->slotCount == 0)
-      PR_fprintf(outputFD, "          slots: There are no slots attached to this module\n");
-    else
-      PR_fprintf(outputFD, "          slots: %d slots attached\n", mlp->module->slotCount);
-
-    if (mlp->module->loaded == 0)
-      PR_fprintf(outputFD, "          status: Not loaded\n");
-    else
-      PR_fprintf(outputFD, "          status: loaded\n");
-
-    for (i = 0; i < mlp->module->slotCount; i++) 
-      {
-      PK11SlotInfo *slot = mlp->module->slots[i];
-
-      PR_fprintf(outputFD, "\n");
-      PR_fprintf(outputFD, "    slot: %s\n", PK11_GetSlotName(slot));
-      PR_fprintf(outputFD, "   token: %s\n", PK11_GetTokenName(slot));
-      }
-    }
-
-  PR_fprintf(outputFD, "-----------------------------------------------\n");
-
-  if (count == 0)
-    PR_fprintf(outputFD,
-		"Warning: no modules were found (should have at least one)\n");
-
-  SECMOD_ReleaseReadLock (moduleLock);
-}
-
-/**********************************************************************
- * c h o p
- *
- * Eliminates leading and trailing whitespace.  Returns a pointer to the 
- * beginning of non-whitespace, or an empty string if it's all whitespace.
- */
-char*
-chop(char *str)
-{
-	char *start, *end;
-
-	if(str) {
-		start = str;
-
-		/* Nip leading whitespace */
-		while(isspace(*start)) {
-			start++;
-		}
-
-		/* Nip trailing whitespace */
-		if(strlen(start) > 0) {
-			end = start + strlen(start) - 1;
-			while(isspace(*end) && end > start) {
-				end--;
-			}
-			*(end+1) = '\0';
-		}
-		
-		return start;
-	} else {
-		return NULL;
-	}
-}
-
-/***********************************************************************
- *
- * F a t a l E r r o r
- *
- * Outputs an error message and bails out of the program.
- */
-void
-FatalError(char *msg)
-{
-	if(!msg) msg = "";
-
-	PR_fprintf(errorFD, "FATAL ERROR: %s\n", msg);
-	errorCount++;
-	exit(ERRX);
-}
-
-/*************************************************************************
- *
- * I n i t C r y p t o
- */
-int
-InitCrypto(char *cert_dir, PRBool readOnly)
-{
-  SECStatus rv;
-  static int prior = 0;
-	PK11SlotInfo *slotinfo;
-
-  CERTCertDBHandle *db;
-
-	if (prior == 0) {
-		/* some functions such as OpenKeyDB expect this path to be
-		 * implicitly set prior to calling */
-		if (readOnly) {
-		    rv = NSS_Init(cert_dir);
-		} else {
-		    rv = NSS_InitReadWrite(cert_dir);
-		}
-    		if (rv != SECSuccess) {
-		    SECU_PrintPRandOSError(PROGRAM_NAME);
-		    exit(-1);
-    		}
-
-		SECU_ConfigDirectory (cert_dir);
-
-		/* Been there done that */
-		prior++;
-
-		if(password) {
-			PK11_SetPasswordFunc(pk11_password_hardcode);
-		} 
-
-		/* Must login to FIPS before you do anything else */
-		if(PK11_IsFIPS()) {
-			slotinfo = PK11_GetInternalSlot();
-			if(!slotinfo) {
-				fprintf(stderr, "%s: Unable to get PKCS #11 Internal Slot."
-				  "\n", PROGRAM_NAME);
-				return -1;
-			}
-			if(PK11_Authenticate(slotinfo, PR_FALSE /*loadCerts*/,
-			  NULL /*wincx*/) != SECSuccess) {
-				fprintf(stderr, "%s: Unable to authenticate to %s.\n",
-					PROGRAM_NAME, PK11_GetSlotName(slotinfo));
-				PK11_FreeSlot(slotinfo);
-				return -1;
-			}
-			PK11_FreeSlot(slotinfo);
-		}
-
-		/* Make sure there is a password set on the internal key slot */
-		slotinfo = PK11_GetInternalKeySlot();
-		if(!slotinfo) {
-			fprintf(stderr, "%s: Unable to get PKCS #11 Internal Key Slot."
-			  "\n", PROGRAM_NAME);
-			return -1;
-		}
-		if(PK11_NeedUserInit(slotinfo)) {
-			PR_fprintf(errorFD,
-"\nWARNING: No password set on internal key database.  Most operations will fail."
-"\nYou must use Communicator to create a password.\n");
-			warningCount++;
-		}
-
-		/* Make sure we can authenticate to the key slot in FIPS mode */
-		if(PK11_IsFIPS()) {
-			if(PK11_Authenticate(slotinfo, PR_FALSE /*loadCerts*/,
-			  NULL /*wincx*/) != SECSuccess) {
-				fprintf(stderr, "%s: Unable to authenticate to %s.\n",
-					PROGRAM_NAME, PK11_GetSlotName(slotinfo));
-				PK11_FreeSlot(slotinfo);
-				return -1;
-			}
-		}
-		PK11_FreeSlot(slotinfo);
-	}
-
-	return 0;
-}
-
-/* Windows foolishness is now in the secutil lib */
-
-/*****************************************************************
- *  g e t _ d e f a u l t _ c e r t _ d i r
- *
- *  Attempt to locate a certificate directory.
- *  Failing that, complain that the user needs to
- *  use the -d(irectory) parameter.
- *
- */
-char *get_default_cert_dir (void)
-{
-  char *home;
-
-  char *cd = NULL;
-  static char db [FNSIZE];
-
-#ifdef XP_UNIX
-  home = getenv ("HOME");
-
-  if (home && *home)
-    {
-    sprintf (db, "%s/.netscape", home);
-    cd = db;
-    }
-#endif
-
-#ifdef XP_PC
-  FILE *fp;
-
-  /* first check the environment override */
-
-  home = getenv ("JAR_HOME");
-
-  if (home && *home)
-    {
-    sprintf (db, "%s/cert7.db", home);
-
-    if ((fp = fopen (db, "r")) != NULL)
-      {
-      fclose (fp);
-      cd = home;
-      }
-    }
-
-  /* try the old navigator directory */
-
-  if (cd == NULL)
-    {
-    home = "c:/Program Files/Netscape/Navigator";
-
-    sprintf (db, "%s/cert7.db", home);
-
-    if ((fp = fopen (db, "r")) != NULL)
-      {
-      fclose (fp);
-      cd = home;
-      }
-    }
-
-  /* Try the current directory, I wonder if this
-     is really a good idea. Remember, Windows only.. */
-
-  if (cd == NULL)
-    {
-    home = ".";
-
-    sprintf (db, "%s/cert7.db", home);
-
-    if ((fp = fopen (db, "r")) != NULL)
-      {
-      fclose (fp);
-      cd = home;
-      }
-    }
-
-#endif
-
-  if (!cd)
-    {
-    PR_fprintf(errorFD,
-		"You must specify the location of your certificate directory\n");
-    PR_fprintf(errorFD,
-		"with the -d option. Example: -d ~/.netscape in many cases with Unix.\n");
-	errorCount++;
-    exit (ERRX);
-    }
-
-  return cd;
-}
-
-/************************************************************************
- * g i v e _ h e l p
- */
-void give_help (int status)
-{
-  if (status == SEC_ERROR_UNKNOWN_ISSUER)
-    {
-    PR_fprintf(errorFD,
-		"The Certificate Authority (CA) for this certificate\n");
-    PR_fprintf(errorFD,
-		"does not appear to be in your database. You should contact\n");
-    PR_fprintf(errorFD,
-		"the organization which issued this certificate to obtain\n");
-    PR_fprintf(errorFD, "a copy of its CA Certificate.\n");
-    }
-}
-
-/**************************************************************************
- *
- * p r _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-char*
-pr_fgets(char *buf, int size, PRFileDesc *file)
-{
-	int i;
-	int status;
-	char c;
-
-	i=0;
-	while(i < size-1) {
-		status = PR_Read(file, (void*) &c, 1);
-		if(status==-1) {
-			return NULL;
-		} else if(status==0) {
-			break;
-		}
-		buf[i++] = c;
-		if(c=='\n') {
-			break;
-		}
-	}
-	buf[i]='\0';
-
-	return buf;
-}
-
diff --git a/security/nss/cmd/signtool/verify.c b/security/nss/cmd/signtool/verify.c
deleted file mode 100644
index fd80ef737..000000000
--- a/security/nss/cmd/signtool/verify.c
+++ /dev/null
@@ -1,382 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-
-
-static int jar_cb(int status, JAR *jar, const char *metafile, 
-             char *pathname, char *errortext);
-static int verify_global (JAR *jar);
-
-/*************************************************************************
- *
- * V e r i f y J a r
- */
-int
-VerifyJar(char *filename)
-{
-  FILE *fp;
-
-  int ret;
-  int status;
-  int failed = 0;
-  char *err;
-
-  JAR *jar;
-  JAR_Context *ctx;
-
-  JAR_Item *it;
-
-  jar = JAR_new();
-
-  if ((fp = fopen (filename, "r")) == NULL)
-    {
-    perror (filename);
-    exit (ERRX);
-    }
-  else
-    fclose (fp);
-
-  JAR_set_callback (JAR_CB_SIGNAL, jar, jar_cb);
-
-
-  status = JAR_pass_archive (jar, jarArchGuess, filename, "some-url");
-
-  if (status < 0 || jar->valid < 0)
-    {
-    failed = 1;
-    PR_fprintf(outputFD, "\nNOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
-    if (status < 0)
-      {
-      char *errtext;
-
-      if (status >= JAR_BASE && status <= JAR_BASE_END)
-        {
-        errtext = JAR_get_error (status);
-        }
-      else
-        {
-        errtext = SECU_ErrorString ((int16) PORT_GetError());
-        }
-
-      PR_fprintf(outputFD, "  (reported reason: %s)\n\n", errtext);
- 
-      /* corrupt files should not have their contents listed */ 
-
-      if (status == JAR_ERR_CORRUPT)
-        return -1;
-      }
-    PR_fprintf(outputFD,
-		"entries shown below will have their digests checked only.\n"); 
-    jar->valid = 0;
-    }
-  else
-    PR_fprintf(outputFD,
-		"archive \"%s\" has passed crypto verification.\n", filename);
-
-  if (verify_global (jar))
-    failed = 1;
-
-  PR_fprintf(outputFD, "\n");
-  PR_fprintf(outputFD, "%16s   %s\n", "status", "path");
-  PR_fprintf(outputFD, "%16s   %s\n", "------------", "-------------------");
-
-  ctx = JAR_find (jar, NULL, jarTypeMF);
-
-  while (JAR_find_next (ctx, &it) >= 0)
-    {
-    if (it && it->pathname)
-      {
-	rm_dash_r(TMP_OUTPUT);
-      ret = JAR_verified_extract (jar, it->pathname, TMP_OUTPUT);
-      /* if (ret < 0) printf ("error %d on %s\n", ret, it->pathname); */
-      if (ret < 0) failed = 1;
-
-      if (ret == JAR_ERR_PNF)
-        err = "NOT PRESENT";
-      else if (ret == JAR_ERR_HASH)
-        err = "HASH FAILED";
-      else
-        err = "NOT VERIFIED";
-
-      PR_fprintf(outputFD, "%16s   %s\n", 
-        ret >= 0 ? "verified" : err, it->pathname);
-
-      if (ret != 0 && ret != JAR_ERR_PNF && ret != JAR_ERR_HASH)
-        PR_fprintf(outputFD, "      (reason: %s)\n", JAR_get_error (ret));
-      }
-    }
-
-  JAR_find_end (ctx);
-
-  if (status < 0 || jar->valid < 0)
-    {
-    failed = 1;
-    PR_fprintf(outputFD,
-		"\nNOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
-    give_help (status);
-    }
-
-  JAR_destroy (jar);
-
-  if (failed)
-    return -1;
-  return 0;
-}
-
-/***************************************************************************
- *
- * v e r i f y _ g l o b a l
- */
-static int
-verify_global (JAR *jar)
-{
-  FILE *fp;
-  JAR_Context *ctx;
-
-  char *ext;
-
-  JAR_Item *it;
-  JAR_Digest *globaldig;
-
-  unsigned int sha1_length, md5_length;
-
-  char buf [BUFSIZ];
-
-  unsigned char *md5_digest, *sha1_digest;
-
-  int retval = 0;
-
-  ctx = JAR_find (jar, "*", jarTypePhy);
-
-  while (JAR_find_next (ctx, &it) >= 0) {
-    if (!PORT_Strncmp (it->pathname, "META-INF", 8)) {
-      for (ext = it->pathname; *ext; ext++);
-      while (ext > it->pathname && *ext != '.') ext--;
-
-		if(verbosity >= 0) {
-			if (!PORT_Strcasecmp (ext, ".rsa")) {
-				PR_fprintf(outputFD, "found a RSA signature file: %s\n",
-				  it->pathname);
-			}
-
-			if(!PORT_Strcasecmp (ext, ".dsa")) {
-				PR_fprintf(outputFD, "found a DSA signature file: %s\n",
-				  it->pathname);
-			}
-
-			if (!PORT_Strcasecmp (ext, ".mf")) {
-				PR_fprintf(outputFD,
-				  "found a MF master manifest file: %s\n", it->pathname);
-			}
-		}
-
-		if (!PORT_Strcasecmp (ext, ".sf")) {
-			if(verbosity >= 0) {
-				PR_fprintf(outputFD,
-				  "found a SF signature manifest file: %s\n", it->pathname);
-			}
-
-			rm_dash_r(TMP_OUTPUT);
-			if (JAR_extract (jar, it->pathname, TMP_OUTPUT) < 0) {
-				PR_fprintf(errorFD, "%s: error extracting %s\n", PROGRAM_NAME,
-				  it->pathname);
-				errorCount++;
-				retval = -1;
-				continue;
-			}
-
-			md5_digest = NULL;
-			sha1_digest = NULL;
-
-			if ((fp = fopen (TMP_OUTPUT, "rb")) != NULL) {
-				while (fgets (buf, BUFSIZ, fp)) {
-					char *s;
-
-					if (*buf == 0 || *buf == '\n' || *buf == '\r') break;
-
-					for (s = buf; *s && *s != '\n' && *s != '\r'; s++);
-					*s = 0;
-
-					if (!PORT_Strncmp (buf, "MD5-Digest: ", 12)) {
-						md5_digest = ATOB_AsciiToData (buf + 12, &md5_length);
-					}
-
-					if (!PORT_Strncmp (buf, "SHA1-Digest: ", 13)) {
-						sha1_digest = ATOB_AsciiToData (buf + 13, &sha1_length);
-					}
-
-					if (!PORT_Strncmp (buf, "SHA-Digest: ", 12)) {
-						sha1_digest = ATOB_AsciiToData (buf + 12, &sha1_length);
-					}
-				}
-
-				globaldig = jar->globalmeta;
-
-				if (globaldig && md5_digest) {
-					if(verbosity >= 0) {
-						PR_fprintf(outputFD,
-						  "  md5 digest on global metainfo: %s\n", 
-						  PORT_Memcmp (md5_digest, globaldig->md5, MD5_LENGTH) ?
-						  "no match" : "match");
-					}
-				}
-
-				if (globaldig && sha1_digest) {
-					if(verbosity >= 0) {
-						PR_fprintf(outputFD,
-						  "  sha digest on global metainfo: %s\n", 
-						  PORT_Memcmp(sha1_digest, globaldig->sha1,
-						  SHA1_LENGTH) ? "no match" : "match");
-					}
-				}
-
-				if (globaldig == NULL) {
-					if(verbosity >= 0) {
-						PR_fprintf(outputFD,
-						  "global metadigest is not available, strange.\n");
-					}
-				}
-
-				fclose (fp);
-			}
-		}
-	}
-  }
-
-  JAR_find_end (ctx);
-
-  return retval;
-}
-
-/************************************************************************
- *
- * J a r W h o
- */
-int
-JarWho(char *filename)
-  {
-  FILE *fp;
-
-  JAR *jar;
-  JAR_Context *ctx;
-
-  int status;
-  int retval = 0;
-
-  JAR_Item *it;
-  JAR_Cert *fing;
-
-  CERTCertificate *cert, *prev = NULL;
-
-  jar = JAR_new();
-
-  if ((fp = fopen (filename, "r")) == NULL)
-    {
-    perror (filename);
-    exit (ERRX);
-    }
-  else
-    fclose (fp);
-
-  status = JAR_pass_archive (jar, jarArchGuess, filename, "some-url");
-
-  if (status < 0 || jar->valid < 0)
-    {
-    PR_fprintf(outputFD,
-		"NOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
-    retval = -1;
-    if (jar->valid < 0 || status != -1)
-      {
-      char *errtext;
-
-      if (status >= JAR_BASE && status <= JAR_BASE_END)
-        {
-        errtext = JAR_get_error (status);
-        }
-      else
-        {
-        errtext = SECU_ErrorString ((int16) PORT_GetError());
-        }
-
-      PR_fprintf(outputFD, "  (reported reason: %s)\n\n", errtext);
-      }
-    }
-
-  PR_fprintf(outputFD, "\nSigner information:\n\n");
-
-  ctx = JAR_find (jar, NULL, jarTypeSign);
-
-  while (JAR_find_next (ctx, &it) >= 0)
-    {
-    fing = (JAR_Cert *) it->data;
-    cert = fing->cert;
-
-    if (cert)
-      {
-      if (prev == cert)
-        break;
-
-      if (cert->nickname) 
-        PR_fprintf(outputFD, "nickname: %s\n", cert->nickname);
-      if (cert->subjectName)
-        PR_fprintf(outputFD, "subject name: %s\n", cert->subjectName);
-      if (cert->issuerName)
-        PR_fprintf(outputFD, "issuer name: %s\n", cert->issuerName);
-      }
-    else
-      {
-      PR_fprintf(outputFD, "no certificate could be found\n");
-      retval = -1;
-      }
-
-    prev = cert;
-    }
-
-  JAR_find_end (ctx);
-
-  JAR_destroy (jar);
-  return retval;
-}
-
-/************************************************************************
- * j a r _ c b
- */
-static int jar_cb(int status, JAR *jar, const char *metafile,
-             char *pathname, char *errortext)
-{
-  PR_fprintf(errorFD, "error %d: %s IN FILE %s\n", status, errortext, pathname);
-	errorCount++;
-  return 0;
-}
-
diff --git a/security/nss/cmd/signtool/zip.c b/security/nss/cmd/signtool/zip.c
deleted file mode 100644
index 62e885137..000000000
--- a/security/nss/cmd/signtool/zip.c
+++ /dev/null
@@ -1,678 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "zip.h"
-#include "zlib.h"
-#include "prmem.h"
-
-static void inttox (int in, char *out);
-static void longtox (long in, char *out);
-
-/****************************************************************
- *
- * J z i p O p e n
- *
- * Opens a new ZIP file and creates a new ZIPfile structure to 
- * control the process of installing files into a zip.
- */
-ZIPfile*
-JzipOpen(char *filename, char *comment)
-{
-	ZIPfile *zipfile;
-	PRExplodedTime prtime;
-
-	zipfile = PORT_ZAlloc(sizeof(ZIPfile));
-	if(!zipfile) out_of_memory();
-
-	/* Construct time and date */
-	PR_ExplodeTime(PR_Now(), PR_LocalTimeParameters, &prtime);
-	zipfile->date =	((prtime.tm_year-1980) << 9) |
-					((prtime.tm_month+1) << 5)   |
-					prtime.tm_mday;
-	zipfile->time =	(prtime.tm_hour<<11)   |
-					(prtime.tm_min<<5)     |
-					(prtime.tm_sec&0x3f);
-
-	if (filename  &&
-		(zipfile->fp = PR_Open(filename,
-		  PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777)) == NULL) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "%s: can't open output jar, %s.%s\n", PROGRAM_NAME,
-			filename, nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit (ERRX);
-	}
-
-	zipfile->list = NULL;
-	if(filename) {
-		zipfile->filename = PORT_ZAlloc(strlen(filename)+1);
-		if(!zipfile->filename) out_of_memory();
-		PORT_Strcpy(zipfile->filename, filename);
-	}
-	if(comment) {
-		zipfile->comment = PORT_ZAlloc(strlen(comment)+1);
-		if(!zipfile->comment) out_of_memory();
-		PORT_Strcpy(zipfile->comment, comment);
-	}
-
-	return zipfile;
-}
-
-static
-void*
-my_alloc_func(void* opaque, uInt items, uInt size)
-{
-	return PORT_Alloc(items*size);
-}
-
-static
-void
-my_free_func(void* opaque, void* address)
-{
-	PORT_Free(address);
-}
-
-static
-void
-handle_zerror(int err, char *msg)
-{
-	if(!msg) {
-		msg = "";
-	}
-
-	errorCount++; /* unless Z_OK...see below */
-
-	switch(err) {
-	case Z_OK:
-		PR_fprintf(errorFD, "No error: %s\n", msg);
-		errorCount--; /* this was incremented above */
-		break;
-	case Z_MEM_ERROR:
-		PR_fprintf(errorFD, "Deflation ran out of memory: %s\n", msg);
-		break;
-	case Z_STREAM_ERROR:
-		PR_fprintf(errorFD, "Invalid compression level: %s\n", msg);
-		break;
-	case Z_VERSION_ERROR:
-		PR_fprintf(errorFD, "Incompatible compression library version: %s\n", msg);
-		break;
-	case Z_DATA_ERROR:
-		PR_fprintf(errorFD, "Compression data error: %s\n", msg);
-		break;
-	default:
-		PR_fprintf(errorFD, "Unknown error in compression library: %s\n", msg);
-		break;
-	}
-}
-	
-
-/****************************************************************
- *
- * J z i p A d d
- *
- * Adds a new file into a ZIP file.  The ZIP file must have already
- * been opened with JzipOpen.
- */
-int
-JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level)
-{
-	ZIPentry *entry;
-	PRFileDesc *readfp;
-	PRFileDesc *zipfp;
-	int num;
-	Bytef inbuf[BUFSIZ], outbuf[BUFSIZ];
-	unsigned long crc;
-	z_stream zstream;
-	int err;
-	unsigned long local_size_pos;
-	int deflate_percent;
-
-
-	if( !fullname || !filename || !zipfile) {
-		return -1;
-	}
-
-	zipfp = zipfile->fp;
-
-
-	if( (readfp = PR_Open(fullname, PR_RDONLY, 0777)) == NULL) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "%s: %s\n", fullname, nsprErr ? nsprErr : "");
-		errorCount++;
-		if(nsprErr) PR_Free(nsprErr);
-		exit(ERRX);
-	}
-
-	/*
-	 * Make sure the input file is not the output file.
-	 * Add a few bytes to the end of the JAR file and see if the input file
-	 * twitches
-	 */
-	{
-		PRInt32 endOfJar;
-		PRInt32 inputSize;
-		PRBool isSame;
-
-		inputSize = PR_Available(readfp);
-
-		endOfJar = PR_Seek(zipfp, 0L, PR_SEEK_CUR);
-
-		if(PR_Write(zipfp, "abcde", 5) < 5) {
-			char *nsprErr;
-
-			if(PR_GetErrorTextLength()) {
-				nsprErr = PR_Malloc(PR_GetErrorTextLength());
-				PR_GetErrorText(nsprErr);
-			} else {
-				nsprErr = NULL;
-			}
-			PR_fprintf(errorFD, "Writing to zip file: %s\n",
-				nsprErr ? nsprErr : "");
-			if(nsprErr) PR_Free(nsprErr);
-			errorCount++;
-			exit(ERRX);
-		}
-
-		isSame = (PR_Available(readfp) != inputSize);
-	
-		PR_Seek(zipfp, endOfJar, PR_SEEK_SET);
-
-		if(isSame) {
-			/* It's the same file! Forget it! */
-			PR_Close(readfp);
-			return 0;
-		}
-	}
-
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "adding %s to %s...", fullname, zipfile->filename);
-	}
-
-	entry = PORT_ZAlloc(sizeof(ZIPentry));
-	if(!entry) out_of_memory();
-
-	entry->filename = PORT_Strdup(filename);
-	entry->comment = NULL;
-
-	/* Set up local file header */
-	longtox(LSIG, entry->local.signature);
-	inttox(strlen(filename), entry->local.filename_len);
-	inttox(zipfile->time, entry->local.time);
-	inttox(zipfile->date, entry->local.date);
-	inttox(Z_DEFLATED, entry->local.method);
-
-	/* Set up central directory entry */
-	longtox(CSIG, entry->central.signature);
-	inttox(strlen(filename), entry->central.filename_len);
-	if(entry->comment) {
-		inttox(strlen(entry->comment), entry->central.commentfield_len);
-	}
-	longtox(PR_Seek(zipfile->fp, 0, PR_SEEK_CUR),
-		entry->central.localhdr_offset);
-	inttox(zipfile->time, entry->central.time);
-	inttox(zipfile->date, entry->central.date);
-	inttox(Z_DEFLATED, entry->central.method);
-
-	/* Compute crc.  Too bad we have to process the whole file to do this*/
-	crc = crc32(0L, NULL, 0);
-	while( (num = PR_Read(readfp, inbuf, BUFSIZ)) > 0) {
-		crc = crc32(crc, inbuf, num);
-	}
-	PR_Seek(readfp, 0L, PR_SEEK_SET);
-
-	/* Store CRC */
-	longtox(crc, entry->local.crc32);
-	longtox(crc, entry->central.crc32);
-
-	/* Stick this entry onto the end of the list */
-	entry->next = NULL;
-	if( zipfile->list == NULL ) {
-		/* First entry */
-		zipfile->list = entry;
-	} else {
-		ZIPentry *pe;
-
-		pe = zipfile->list;
-		while(pe->next != NULL) {
-			pe = pe->next;
-		}
-		pe->next = entry;
-	}
-
-	/*
-	 * Start writing stuff out
-	 */
-
-	local_size_pos = PR_Seek(zipfp, 0, PR_SEEK_CUR) + 18;
-	/* File header */
-	if(PR_Write(zipfp, &entry->local, sizeof(struct ZipLocal))
-		< sizeof(struct ZipLocal)) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit(ERRX);
-	}
-
-	/* File Name */
-	if( PR_Write(zipfp, filename, strlen(filename)) < strlen(filename)) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit(ERRX);
-	}
-
-	/*
-	 * File data
-	 */
-	/* Initialize zstream */
-	zstream.zalloc = my_alloc_func;
-	zstream.zfree = my_free_func;
-	zstream.opaque = NULL;
-	zstream.next_in = inbuf;
-	zstream.avail_in = BUFSIZ;
-	zstream.next_out = outbuf;
-	zstream.avail_out = BUFSIZ;
-	/* Setting the windowBits to -MAX_WBITS is an undocumented feature of
-	 * zlib (see deflate.c in zlib).  It is the same thing that Java does
-	 * when you specify the nowrap option for deflation in java.util.zip.
-	 * It causes zlib to leave out its headers and footers, which don't
-	 * work in PKZIP files.
-	 */
-	err = deflateInit2(&zstream, compression_level, Z_DEFLATED,
-		-MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY);
-	if(err != Z_OK) {
-		handle_zerror(err, zstream.msg);
-		exit(ERRX);
-	}
-
-	while( (zstream.avail_in = PR_Read(readfp, inbuf, BUFSIZ)) > 0) {
-		zstream.next_in = inbuf;
-		/* Process this chunk of data */
-		while(zstream.avail_in > 0) {
-			err = deflate(&zstream, Z_NO_FLUSH);
-			if(err != Z_OK) {
-				handle_zerror(err, zstream.msg);
-				exit(ERRX);
-			}
-			if(zstream.avail_out <= 0) {
-				if( PR_Write(zipfp, outbuf, BUFSIZ) < BUFSIZ) {
-					char *nsprErr;
-					if(PR_GetErrorTextLength()) {
-						nsprErr = PR_Malloc(PR_GetErrorTextLength());
-						PR_GetErrorText(nsprErr);
-					} else {
-						nsprErr = NULL;
-					}
-					PR_fprintf(errorFD, "Writing zip data: %s\n",
-						nsprErr ? nsprErr : "");
-					if(nsprErr) PR_Free(nsprErr);
-					errorCount++;
-					exit(ERRX);
-				}
-				zstream.next_out = outbuf;
-				zstream.avail_out = BUFSIZ;
-			}
-		}
-	}
-
-	/* Now flush everything */
-	while(1) {
-		err = deflate(&zstream, Z_FINISH);
-		if(err == Z_STREAM_END) {
-			break;
-		} else if(err == Z_OK) {
-			/* output buffer full, repeat */
-		} else {
-			handle_zerror(err, zstream.msg);
-			exit(ERRX);
-		}
-		if( PR_Write(zipfp, outbuf, BUFSIZ) < BUFSIZ) {
-			char *nsprErr;
-			if(PR_GetErrorTextLength()) {
-				nsprErr = PR_Malloc(PR_GetErrorTextLength());
-				PR_GetErrorText(nsprErr);
-			} else {
-				nsprErr = NULL;
-			}
-			PR_fprintf(errorFD, "Writing zip data: %s\n",
-				nsprErr ? nsprErr : "");
-			if(nsprErr) PR_Free(nsprErr);
-			errorCount++;
-			exit(ERRX);
-		}
-		zstream.avail_out = BUFSIZ;
-		zstream.next_out = outbuf;
-	}
-
-	/* If there's any output left, write it out. */
-	if(zstream.next_out != outbuf) {
-		if( PR_Write(zipfp, outbuf, zstream.next_out-outbuf) < 
-			zstream.next_out-outbuf) {
-			char *nsprErr;
-			if(PR_GetErrorTextLength()) {
-				nsprErr = PR_Malloc(PR_GetErrorTextLength());
-				PR_GetErrorText(nsprErr);
-			} else {
-				nsprErr = NULL;
-			}
-			PR_fprintf(errorFD, "Writing zip data: %s\n",
-				nsprErr ? nsprErr : "");
-			if(nsprErr) PR_Free(nsprErr);
-			errorCount++;
-			exit(ERRX);
-		}
-		zstream.avail_out = BUFSIZ;
-		zstream.next_out = outbuf;
-	}
-
-	/* Now that we know the compressed size, write this to the headers */
-	longtox(zstream.total_in, entry->local.orglen);
-	longtox(zstream.total_out, entry->local.size);
-	if(PR_Seek(zipfp, local_size_pos, PR_SEEK_SET) == -1) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "Accessing zip file: %s\n", nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit(ERRX);
-	}
-	if( PR_Write(zipfp, entry->local.size, 8) != 8) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit(ERRX);
-	}
-	if(PR_Seek(zipfp, 0L, PR_SEEK_END) == -1) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "Accessing zip file: %s\n", nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit(ERRX);
-	}
-	longtox(zstream.total_in, entry->central.orglen);
-	longtox(zstream.total_out, entry->central.size);
-
-	/* Close out the deflation operation */
-	err = deflateEnd(&zstream);
-	if(err != Z_OK) {
-		handle_zerror(err, zstream.msg);
-		exit(ERRX);
-	}
-
-	PR_Close(readfp);
-
-	if((zstream.total_in > zstream.total_out) && (zstream.total_in > 0)) {
-		deflate_percent = (int) ( (zstream.total_in-zstream.total_out)*100 /
-			zstream.total_in );
-	} else {
-		deflate_percent = 0;
-	}
-	if(verbosity >= 0) {
-		PR_fprintf(outputFD, "(deflated %d%%)\n", deflate_percent);
-	}
-
-	return 0;
-}
-
-/********************************************************************
- * J z i p C l o s e
- *
- * Finishes the ZipFile. ALSO DELETES THE ZIPFILE STRUCTURE PASSED IN!!
- */
-int
-JzipClose(ZIPfile *zipfile)
-{
-	ZIPentry *pe, *dead;
-	PRFileDesc *zipfp;
-	struct ZipEnd	zipend;
-	unsigned int entrycount = 0;
-
-	if(!zipfile) {
-		return -1;
-	}
-
-	if(!zipfile->filename) {
-		/* bogus */
-		return 0;
-	}
-
-	zipfp = zipfile->fp;
-	zipfile->central_start = PR_Seek(zipfp, 0L, PR_SEEK_CUR);
-
-	/* Write out all the central directories */
-	pe = zipfile->list;
-	while(pe) {
-		entrycount++;
-
-		/* Write central directory info */
-		if( PR_Write(zipfp, &pe->central, sizeof(struct ZipCentral)) 
-			< sizeof(struct ZipCentral)) {
-			char *nsprErr;
-			if(PR_GetErrorTextLength()) {
-				nsprErr = PR_Malloc(PR_GetErrorTextLength());
-				PR_GetErrorText(nsprErr);
-			} else {
-				nsprErr = NULL;
-			}
-			PR_fprintf(errorFD, "Writing zip data: %s\n",
-				nsprErr ? nsprErr : "");
-			if(nsprErr) PR_Free(nsprErr);
-			errorCount++;
-			exit(ERRX);
-		}
-
-		/* Write filename */
-		if( PR_Write(zipfp, pe->filename, strlen(pe->filename)) 
-			< strlen(pe->filename)) {
-			char *nsprErr;
-			if(PR_GetErrorTextLength()) {
-				nsprErr = PR_Malloc(PR_GetErrorTextLength());
-				PR_GetErrorText(nsprErr);
-			} else {
-				nsprErr = NULL;
-			}
-			PR_fprintf(errorFD, "Writing zip data: %s\n",
-				nsprErr ? nsprErr : "");
-			if(nsprErr) PR_Free(nsprErr);
-			errorCount++;
-			exit(ERRX);
-		}
-
-		/* Write file comment */
-		if(pe->comment) {
-			if( PR_Write(zipfp, pe->comment, strlen(pe->comment)) 
-				< strlen(pe->comment)) {
-				char *nsprErr;
-				if(PR_GetErrorTextLength()) {
-					nsprErr = PR_Malloc(PR_GetErrorTextLength());
-					PR_GetErrorText(nsprErr);
-				} else {
-					nsprErr = NULL;
-				}
-				PR_fprintf(errorFD, "Writing zip data: %s\n",
-					nsprErr ? nsprErr : "");
-				if(nsprErr) PR_Free(nsprErr);
-				errorCount++;
-				exit(ERRX);
-			}
-		}
-
-		/* Delete the structure */
-		dead = pe;
-		pe = pe->next;
-		if(dead->filename) {
-			PORT_Free(dead->filename);
-		}
-		if(dead->comment) {
-			PORT_Free(dead->comment);
-		}
-		PORT_Free(dead);
-	}
-	zipfile->central_end = PR_Seek(zipfile->fp, 0L, PR_SEEK_CUR);
-	
-	/* Create the ZipEnd structure */
-	PORT_Memset(&zipend, 0, sizeof(zipend));
-	longtox(ESIG, zipend.signature);
-	inttox(entrycount, zipend.total_entries_disk);
-	inttox(entrycount, zipend.total_entries_archive);
-	longtox(zipfile->central_end-zipfile->central_start,
-		zipend.central_dir_size);
-	longtox(zipfile->central_start, zipend.offset_central_dir);
-	if(zipfile->comment) {
-		inttox(strlen(zipfile->comment), zipend.commentfield_len);
-	}
-
-	/* Write out ZipEnd xtructure */
-	if( PR_Write(zipfp, &zipend, sizeof(zipend)) < sizeof(zipend)) {
-		char *nsprErr;
-		if(PR_GetErrorTextLength()) {
-			nsprErr = PR_Malloc(PR_GetErrorTextLength());
-			PR_GetErrorText(nsprErr);
-		} else {
-			nsprErr = NULL;
-		}
-		PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
-		if(nsprErr) PR_Free(nsprErr);
-		errorCount++;
-		exit(ERRX);
-	}
-
-	/* Write out Zipfile comment */
-	if(zipfile->comment) {
-		if( PR_Write(zipfp, zipfile->comment, strlen(zipfile->comment)) 
-			< strlen(zipfile->comment)) {
-			char *nsprErr;
-			if(PR_GetErrorTextLength()) {
-				nsprErr = PR_Malloc(PR_GetErrorTextLength());
-				PR_GetErrorText(nsprErr);
-			} else {
-				nsprErr = NULL;
-			}
-			PR_fprintf(errorFD, "Writing zip data: %s\n",
-				nsprErr ? nsprErr : "");
-			if(nsprErr) PR_Free(nsprErr);
-			errorCount++;
-			exit(ERRX);
-		}
-	}
-
-	PR_Close(zipfp);
-
-	/* Free the memory of the zipfile structure */
-	if(zipfile->filename) {
-		PORT_Free(zipfile->filename);
-	}
-	if(zipfile->comment) {
-		PORT_Free(zipfile->comment);
-	}
-	PORT_Free(zipfile);
-
-	return 0;
-}
-
-/**********************************************
- *  i n t t o x
- *
- *  Converts a two byte ugly endianed integer
- *  to our platform's integer.
- *
- */
-
-static void inttox (int in, char *out)
-{
-  out [0] = (in & 0xFF);
-  out [1] = (in & 0xFF00) >> 8;
-}
-
-/*********************************************
- *  l o n g t o x
- *
- *  Converts a four byte ugly endianed integer
- *  to our platform's integer.
- *
- */
-
-static void longtox (long in, char *out)
-{
-  out [0] = (in & 0xFF);
-  out [1] = (in & 0xFF00) >> 8;
-  out [2] = (in & 0xFF0000) >> 16;
-  out [3] = (in & 0xFF000000) >> 24;
-}
-
diff --git a/security/nss/cmd/signtool/zip.h b/security/nss/cmd/signtool/zip.h
deleted file mode 100644
index 08512f3c4..000000000
--- a/security/nss/cmd/signtool/zip.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* zip.h
- * Structures and functions for creating ZIP archives.
- */
-#ifndef ZIP_H
-#define ZIP_H
-
-/* For general information on ZIP formats, you can look at jarfile.h
- * in ns/security/lib/jar.  Or look it up on the web...
- */
-
-/* One entry in a ZIPfile.  This corresponds to one file in the archive.
- * We have to save this information because first all the files go into
- * the archive with local headers; then at the end of the file we have to
- * put the central directory entries for each file.
- */
-typedef struct ZIPentry_s {
-	struct ZipLocal local;		/* local header info */
-	struct ZipCentral central;	/* central directory info */
-	char *filename;				/* name of file */
-	char *comment;				/* comment for this file -- optional */
-
-	struct ZIPentry_s *next;
-} ZIPentry;
-
-/* This structure contains the necessary data for putting a ZIP file
- * together.  Has some overall information and a list of ZIPentrys.
- */
-typedef struct ZIPfile_s {
-	char *filename;	/* ZIP file name */
-	char *comment;	/* ZIP file comment -- may be NULL */
-	PRFileDesc *fp;	/* ZIP file pointer */
-	ZIPentry *list;	/* one entry for each file in the archive */
-	unsigned int time;	/* the GMT time of creation, in DOS format */
-	unsigned int date;  /* the GMT date of creation, in DOS format */
-	unsigned long central_start; /* starting offset of central directory */
-	unsigned long central_end; /*index right after the last byte of central*/
-} ZIPfile;
-
-
-/* Open a new ZIP file.  Takes the name of the zip file and an optional
- * comment to be included in the file.  Returns a new ZIPfile structure
- * which is used by JzipAdd and JzipClose
- */
-ZIPfile* JzipOpen(char *filename, char *comment);
-
-/* Add a file to a ZIP archive.  Fullname is the path relative to the
- * current directory.  Filename is what the name will be stored as in the
- * archive, and thus what it will be restored as.  zipfile is a structure
- * returned from a previous call to JzipOpen.
- *
- * Non-zero return code means error (although usually the function will
- * call exit() rather than return an error--gotta fix this).
- */
-int JzipAdd(char *fullname, char *filename, ZIPfile *zipfile,
-	int compression_level);
-
-/* Finalize a ZIP archive.  Adds all the footer information to the end of
- * the file and closes it.  Also DELETES THE ZIPFILE STRUCTURE that was
- * passed in.  So you never have to allocate or free a ZIPfile yourself.
- *
- * Non-zero return code means error (although usually the function will
- * call exit() rather than return an error--gotta fix this).
- */
-int JzipClose (ZIPfile *zipfile);
-
-
-#endif /* ZIP_H */
diff --git a/security/nss/cmd/signver/Makefile b/security/nss/cmd/signver/Makefile
deleted file mode 100644
index e4a3a6069..000000000
--- a/security/nss/cmd/signver/Makefile
+++ /dev/null
@@ -1,71 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/signver/examples/1/form.pl b/security/nss/cmd/signver/examples/1/form.pl
deleted file mode 100755
index 2034bf728..000000000
--- a/security/nss/cmd/signver/examples/1/form.pl
+++ /dev/null
@@ -1,50 +0,0 @@
-#! /usr/bin/perl
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-print "Content-type: text/html\n\n";
-print "<B>Server Name:</B> ", $ENV{'SERVER_NAME'}, "<BR>", "\n";
-print "<B>Server Port:</B> ", $ENV{'SERVER_PORT'}, "<BR>", "\n";
-print "<B>Server Software:</B> ", $ENV{'SERVER_SOFTWARE'}, "<BR>", "\n";
-print "<B>Server Protocol:</B> ", $ENV{'SERVER_PROTOCOL'}, "<BR>", "\n";
-print "<B>CGI Revision:</B> ", $ENV{'GATEWAY_INTERFACE'}, "<BR>", "\n";
-print "<B>Browser:</B> ", $ENV{'HTTP_USER_AGENT'}, "<BR>", "\n";
-print "<B>Remote Address:</B> ", $ENV{'REMOTE_ADDR'}, "<BR>", "\n";
-print "<B>Remote Host:</B> ", $ENV{'REMOTE_HOST'}, "<BR>", "\n";
-print "<B>Remote User:</B> ", $ENV{'REMOTE_USER'}, "<BR>", "\n";
-print "You typed:\n";
-
-while( $_ = <STDIN>) {
-  print "$_";
-}
-
diff --git a/security/nss/cmd/signver/examples/1/signedForm.html b/security/nss/cmd/signver/examples/1/signedForm.html
deleted file mode 100644
index 1444a1775..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<head>
-<title>Form to sign</title>
-<script language="javascript">
-<!--
-function submitSigned(form){
-  var signature = "";
-  var dataToSign = "";
-  var i;
-
-  form.action='signedForm.pl';
-  for (i = 0; i < form.length; i++)
-    if (form.elements[i].type == "text")
-      dataToSign += form.elements[i].value;
-
-  // alert("Data to sign:\n" + dataToSign);
-  signature = crypto.signText(dataToSign, "ask");
-  /* alert("You cannot see this alert");
-  alert("Data signature:\n" + signature); */
-
-  if (signature != "error:userCancel") {
-    for (i = 0; i < form.length; i++) {
-      if (form.elements[i].type == "hidden") {
-        if (form.elements[i].name == "dataToSign")
-          form.elements[i].value = dataToSign;
-        if (form.elements[i].name == "dataSignature")
-          form.elements[i].value = signature;
-      }
-    }
-    form.submit();
-  }
-}
-//-->
-</script>
-</head>
-
-<body>
-<form method=post Action="form.pl">
-<input type=hidden size=30 name=dataSignature>
-<input type=hidden size=30 name=dataToSign>
-<input type=text size=30 name=p>
-<BR>
-<input type=text size=30 name=q>
-<BR>
-<input type=text size=30 name=r>
-<BR>
-<input type=submit value="Submit Data">
-<input type=button value="Sign and Submit Data" onclick=submitSigned(this.form)>
-<input type=reset value=Reset>
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/signver/examples/1/signedForm.nt.html b/security/nss/cmd/signver/examples/1/signedForm.nt.html
deleted file mode 100644
index 5487739ce..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.nt.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<head>
-<title>Form to sign</title>
-<script language="javascript">
-<!--
-function submitSigned(form){
-  var signature = "";
-  var dataToSign = "";
-  var i;
-
-  form.action='cgi-bin/signedForm.pl';
-  for (i = 0; i < form.length; i++)
-    if (form.elements[i].type == "text")
-      dataToSign += form.elements[i].value;
-
-  // alert("Data to sign:\n" + dataToSign);
-  signature = crypto.signText(dataToSign, "ask");
-  /* alert("You cannot see this alert");
-  alert("Data signature:\n" + signature); */
-
-  if (signature != "error:userCancel") {
-    for (i = 0; i < form.length; i++) {
-      if (form.elements[i].type == "hidden") {
-        if (form.elements[i].name == "dataToSign")
-          form.elements[i].value = dataToSign;
-        if (form.elements[i].name == "dataSignature")
-          form.elements[i].value = signature;
-      }
-    }
-    form.submit();
-  }
-}
-//-->
-</script>
-</head>
-
-<body>
-<form method=post Action="cgi-bin/form.pl">
-<input type=hidden size=30 name=dataSignature>
-<input type=hidden size=30 name=dataToSign>
-<input type=text size=30 name=p>
-<BR>
-<input type=text size=30 name=q>
-<BR>
-<input type=text size=30 name=r>
-<BR>
-<input type=submit value="Submit Data">
-<input type=button value="Sign and Submit Data" onclick=submitSigned(this.form)>
-<input type=reset value=Reset>
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/signver/examples/1/signedForm.pl b/security/nss/cmd/signver/examples/1/signedForm.pl
deleted file mode 100755
index 3c2cd0ed3..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.pl
+++ /dev/null
@@ -1,88 +0,0 @@
-#! /usr/bin/perl
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-
-sub decode {
-    read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
-    @pairs = split(/&/, $buffer);
-    foreach $pair (@pairs)
-    {
-        ($name, $value) = split(/=/, $pair);
-        $value =~tr/+/ /;
-        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
-        $FORM{$name} = $value;
-#        print "name=$name  value=$value<BR>\n";
-    }
-}
-
-print "Content-type: text/html\n\n";
-
-&decode();
-
-$dataSignature = $FORM{'dataSignature'};
-$dataToSign = $FORM{'dataToSign'};
-
-unlink("signature");
-open(FILE1,">signature") || die("Cannot open file for writing\n");
-
-print FILE1 "$dataSignature";
-
-close(FILE1);
-
-
-unlink("data");
-open(FILE2,">data") || die("Cannot open file for writing\n");
-
-print FILE2 "$dataToSign";
-
-close(FILE2);
-
-
-print "<BR><B>Signed Data:</B><BR>", "$dataToSign", "<BR>";
- 
-print "<BR><b>Verification Info:</b><BR>";
- 
-$verInfo = `./signver -D . -s signature -d data -v`;
-print "<font color=red><b>$verInfo</b></font><BR>";
-
-print "<BR><B>Signature Data:</B><BR>", "$dataSignature", "<BR>";
-
-print "<BR><b>Signature Info:</b><BR>";
-
-foreach $line (`./signver -s signature -A`) {
-     print "$line<BR>\n";
-}
-
-print "<b>End of Info</b><BR>";
-
diff --git a/security/nss/cmd/signver/manifest.mn b/security/nss/cmd/signver/manifest.mn
deleted file mode 100644
index 1ddccb504..000000000
--- a/security/nss/cmd/signver/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = signver.c	\
-        pk7print.c	\
-	$(NULL)
-
-REQUIRES = security dbm seccmd
-
-PROGRAM = signver
-
-PACKAGE_FILES = README.txt signedForm.html signedForm.pl form.pl
-ifeq ($(subst /,_,$(shell uname -s)),WINNT)
-PACKAGE_FILES += signedForm.nt.pl signver.exe
-else
-PACKAGE_FILES += signver
-endif
-
-ARCHIVE_NAME  = signver
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/signver/pk7print.c b/security/nss/cmd/signver/pk7print.c
deleted file mode 100644
index 17bc45f56..000000000
--- a/security/nss/cmd/signver/pk7print.c
+++ /dev/null
@@ -1,918 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
- 
-/* pkcs #7 -related functions */
- 
- 
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secoid.h"
-#include <sys/stat.h>
-#include <stdarg.h>
- 
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
- 
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "prtypes.h"
-#include "prtime.h"
- 
-#include "prlong.h"
-#include "secmod.h"
-#include "pk11func.h"
-#include "prerror.h"
- 
-
-
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-int
-sv_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *);
-
-
-void
-sv_PrintAsHex(FILE *out, SECItem *data, char *m)
-{
-    unsigned i;
-
-    if (m) fprintf(out, m);
-    
-    for (i = 0; i < data->len; i++) {
-        if (i < data->len - 1) {
-            fprintf(out, "%02x:", data->data[i]);
-        } else {
-            fprintf(out, "%02x\n", data->data[i]);
-            break;
-        }
-    }
-}
-
-void
-sv_PrintInteger(FILE *out, SECItem *i, char *m)
-{
-    int iv;
-
-    if (i->len > 4) {
-        sv_PrintAsHex(out, i, m);
-    } else {
-        iv = DER_GetInteger(i);
-        fprintf(out, "%s%d (0x%x)\n", m, iv, iv);
-    }
-}
-
-
-int
-sv_PrintUTCTime(FILE *out, SECItem *t, char *m)
-{
-    PRExplodedTime printableTime; 
-    int64 time;
-    char *timeString;
-    int rv;
-
-    rv = DER_UTCTimeToTime(&time, t);
-    if (rv) return rv;
-
-    /* Converse to local time */
-    PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
-    timeString = (char *)PORT_Alloc(100);
-
-    if ( timeString ) {
-        PR_FormatTime( timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime );
-        fprintf(out, "%s%s\n", m, timeString);
-        PORT_Free(timeString);
-        return 0;
-    }
-    return SECFailure;
-}
-
-
-int
-sv_PrintValidity(FILE *out, CERTValidity *v, char *m)
-{
-    int rv;
-
-    fprintf(out, m);
-    rv = sv_PrintUTCTime(out, &v->notBefore, "notBefore=");
-    if (rv) return rv;
-    fprintf(out, m);
-    sv_PrintUTCTime(out, &v->notAfter, "notAfter=");
-    return rv;
-}
-
-void
-sv_PrintObjectID(FILE *out, SECItem *oid, char *m)
-{
-    const char *name;
-    SECOidData *oiddata;
-    
-    oiddata = SECOID_FindOID(oid);
-    if (oiddata == NULL) {
-        sv_PrintAsHex(out, oid, m);
-        return;
-    }
-    name = oiddata->desc;
-
-    if (m != NULL)
-        fprintf(out, "%s", m);
-    fprintf(out, "%s\n", name);
-}
-
-void
-sv_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m)
-{
-    sv_PrintObjectID(out, &a->algorithm, m);
-
-    if ((a->parameters.len != 2) ||
-        (PORT_Memcmp(a->parameters.data, "\005\000", 2) != 0)) {
-        /* Print args to algorithm */
-        sv_PrintAsHex(out, &a->parameters, "Args=");
-    }
-}
-
-void
-sv_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m)
-{
-    SECItem *value;
-    int i;
-    char om[100];
-
-    fprintf(out, m);
-
-    /*
-     * XXX Make this smarter; look at the type field and then decode
-     * and print the value(s) appropriately!
-     */
-    sv_PrintObjectID(out, &(attr->type), "type=");
-    if (attr->values != NULL) {
-        i = 0;
-        while ((value = attr->values[i]) != NULL) {
-            sprintf(om, "%svalue[%d]=%s", m, i++, attr->encoded ? "(encoded)" : ""); 
-            if (attr->encoded || attr->typeTag == NULL) {
-                sv_PrintAsHex(out, value, om);
-            } else {
-                switch (attr->typeTag->offset) {
-                    default:
-                        sv_PrintAsHex(out, value, om);
-                        break;
-                    case SEC_OID_PKCS9_CONTENT_TYPE:
-                        sv_PrintObjectID(out, value, om);
-                        break;
-                    case SEC_OID_PKCS9_SIGNING_TIME:
-                        sv_PrintUTCTime(out, value, om);
-                        break;
-                }
-            }
-        }
-    }
-}
-
-void
-sv_PrintName(FILE *out, CERTName *name, char *msg)
-{
-    char *str;
-
-    str = CERT_NameToAscii(name);
-    fprintf(out, "%s%s\n", msg, str);
-}
-
-
-#if 0
-/*
-** secu_PrintPKCS7EncContent
-**   Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src, 
-			  char *m, int level)
-{
-    if (src->contentTypeTag == NULL)
-	src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
-    secu_Indent(out, level);
-    fprintf(out, "%s:\n", m);
-    secu_Indent(out, level + 1); 
-    fprintf(out, "Content Type: %s\n",
-	    (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
-					  : "Unknown");
-    sv_PrintAlgorithmID(out, &(src->contentEncAlg),
-			  "Content Encryption Algorithm");
-    sv_PrintAsHex(out, &(src->encContent), 
-		    "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-**   Prints a PKCS7RecipientInfo type
-*/
-void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m, 
-			int level)
-{
-    secu_Indent(out, level); fprintf(out, "%s:\n", m);
-    sv_PrintInteger(out, &(info->version), "Version");	
-
-    sv_PrintName(out, &(info->issuerAndSN->issuer), "Issuer");
-    sv_PrintInteger(out, &(info->issuerAndSN->serialNumber), 
-		      "Serial Number");
-
-    /* Parse and display encrypted key */
-    sv_PrintAlgorithmID(out, &(info->keyEncAlg), 
-			"Key Encryption Algorithm");
-    sv_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-#endif
-
-/* 
-** secu_PrintSignerInfo
-**   Prints a PKCS7SingerInfo type
-*/
-void
-sv_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m)
-{
-    SEC_PKCS7Attribute *attr;
-    int iv;
-    
-    fprintf(out, m);
-    sv_PrintInteger(out, &(info->version), "version=");
-
-    fprintf(out, m);
-    sv_PrintName(out, &(info->issuerAndSN->issuer), "issuerName=");
-    fprintf(out, m);
-    sv_PrintInteger(out, &(info->issuerAndSN->serialNumber), 
-                        "serialNumber=");
-  
-    fprintf(out, m);
-    sv_PrintAlgorithmID(out, &(info->digestAlg), "digestAlgorithm=");
-    
-    if (info->authAttr != NULL) {
-        char mm[120];
-
-        iv = 0;
-        while (info->authAttr[iv] != NULL) iv++;
-        fprintf(out, "%sauthenticatedAttributes=%d\n", m, iv);
-        iv = 0;
-        while ((attr = info->authAttr[iv]) != NULL) {
-            sprintf(mm, "%sattribute[%d].", m, iv++); 
-            sv_PrintAttribute(out, attr, mm);
-        }
-    }
-    
-    /* Parse and display signature */
-    fprintf(out, m);
-    sv_PrintAlgorithmID(out, &(info->digestEncAlg), "digestEncryptionAlgorithm=");
-    fprintf(out, m);
-    sv_PrintAsHex(out, &(info->encDigest), "encryptedDigest=");
-    
-    if (info->unAuthAttr != NULL) {
-        char mm[120];
-
-        iv = 0;
-        while (info->unAuthAttr[iv] != NULL) iv++;
-        fprintf(out, "%sunauthenticatedAttributes=%d\n", m, iv);
-        iv = 0;
-        while ((attr = info->unAuthAttr[iv]) != NULL) {
-            sprintf(mm, "%sattribute[%d].", m, iv++); 
-            sv_PrintAttribute(out, attr, mm);
-        }
-    }
-}
-
-void
-sv_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m)
-{
-    fprintf(out, m);
-    sv_PrintInteger(out, &pk->u.rsa.modulus, "modulus=");
-    fprintf(out, m);
-    sv_PrintInteger(out, &pk->u.rsa.publicExponent, "exponent=");
-}
-
-void
-sv_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m)
-{
-    fprintf(out, m);
-    sv_PrintInteger(out, &pk->u.dsa.params.prime, "prime=");
-    fprintf(out, m);
-    sv_PrintInteger(out, &pk->u.dsa.params.subPrime, "subprime=");
-    fprintf(out, m);
-    sv_PrintInteger(out, &pk->u.dsa.params.base, "base=");
-    fprintf(out, m);
-    sv_PrintInteger(out, &pk->u.dsa.publicValue, "publicValue=");
-}
-
-int
-sv_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
-                             CERTSubjectPublicKeyInfo *i,  char *msg)
-{
-    SECKEYPublicKey *pk;
-    int rv;
-    char mm[200];
-
-    sprintf(mm, "%s.publicKeyAlgorithm=", msg);
-    sv_PrintAlgorithmID(out, &i->algorithm, mm);
-
-    pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey));
-    if (!pk) return PORT_GetError();
-
-    DER_ConvertBitString(&i->subjectPublicKey);
-    switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) {
-        case SEC_OID_PKCS1_RSA_ENCRYPTION:
-            rv = SEC_ASN1DecodeItem(arena, pk, SECKEY_RSAPublicKeyTemplate,
-                                    &i->subjectPublicKey);
-            if (rv) return rv;
-            sprintf(mm, "%s.rsaPublicKey.", msg);
-            sv_PrintRSAPublicKey(out, pk, mm);
-            break;
-        case SEC_OID_ANSIX9_DSA_SIGNATURE:
-            rv = SEC_ASN1DecodeItem(arena, pk, SECKEY_DSAPublicKeyTemplate,
-                                    &i->subjectPublicKey);
-            if (rv) return rv;
-            sprintf(mm, "%s.dsaPublicKey.", msg);
-            sv_PrintDSAPublicKey(out, pk, mm);
-            break;
-        default:
-            fprintf(out, "%s=bad SPKI algorithm type\n", msg);
-            return 0;
-    }
-
-    return 0;
-}
-
-SECStatus
-sv_PrintInvalidDateExten  (FILE *out, SECItem *value, char *msg)
-{
-    SECItem decodedValue;
-    SECStatus rv;
-    int64 invalidTime;
-    char *formattedTime = NULL;
-
-    decodedValue.data = NULL;
-    rv = SEC_ASN1DecodeItem (NULL, &decodedValue, SEC_GeneralizedTimeTemplate,
-                             value);
-    if (rv == SECSuccess) {
-        rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
-        if (rv == SECSuccess) {
-            formattedTime = CERT_GenTime2FormattedAscii(invalidTime, "%a %b %d %H:%M:%S %Y");
-            fprintf (out, "%s: %s\n", msg, formattedTime);
-            PORT_Free (formattedTime);
-        }
-    }
-    PORT_Free (decodedValue.data);
-
-    return (rv);
-}
-
-int
-sv_PrintExtensions(FILE *out, CERTCertExtension **extensions, char *msg)
-{
-    SECOidTag oidTag;
-
-    if (extensions) {
-
-        while ( *extensions ) {
-            SECItem *tmpitem;
-
-            fprintf(out, "%sname=", msg);
-
-            tmpitem = &(*extensions)->id;
-            sv_PrintObjectID(out, tmpitem, NULL);
-
-            tmpitem = &(*extensions)->critical;
-            if ( tmpitem->len )
-                fprintf(out, "%scritical=%s\n", msg,
-                        (tmpitem->data && tmpitem->data[0])? "True": "False");
-
-            oidTag = SECOID_FindOIDTag (&((*extensions)->id));
-
-            fprintf(out, msg);
-            tmpitem = &((*extensions)->value);
-            if (oidTag == SEC_OID_X509_INVALID_DATE) 
-                sv_PrintInvalidDateExten (out, tmpitem,"invalidExt");
-            else			    
-                sv_PrintAsHex(out,tmpitem, "data=");
-
-            /*fprintf(out, "\n");*/
-            extensions++;
-        }
-    }
-
-    return 0;
-}
-
-void
-sv_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m)
-{
-    CERTCrlEntry *entry;
-    int iv;
-    char om[100];
-    
-    fprintf(out, m);
-    sv_PrintAlgorithmID(out, &(crl->signatureAlg), "signatureAlgorithm=");
-    fprintf(out, m);
-    sv_PrintName(out, &(crl->name), "name=");
-    fprintf(out, m);
-    sv_PrintUTCTime(out, &(crl->lastUpdate), "lastUpdate=");
-    fprintf(out, m);
-    sv_PrintUTCTime(out, &(crl->nextUpdate), "nextUpdate=");
-    
-    if (crl->entries != NULL) {
-        iv = 0;
-        while ((entry = crl->entries[iv]) != NULL) {
-            fprintf(out, "%sentry[%d].", m, iv); 
-            sv_PrintInteger(out, &(entry->serialNumber), "serialNumber=");
-            fprintf(out, "%sentry[%d].", m, iv); 
-            sv_PrintUTCTime(out, &(entry->revocationDate), "revocationDate=");
-            sprintf(om, "%sentry[%d].signedCRLEntriesExtensions.", m, iv++); 
-            sv_PrintExtensions(out, entry->extensions, om);
-        }
-    }
-    sprintf(om, "%ssignedCRLEntriesExtensions.", m); 
-    sv_PrintExtensions(out, crl->extensions, om);
-}
-
-
-int
-sv_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    CERTCertificate *c;
-    int rv;
-    int iv;
-    char mm[200];
-    
-    /* Decode certificate */
-    c = (CERTCertificate*) PORT_ZAlloc(sizeof(CERTCertificate));
-    if (!c) return PORT_GetError();
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena) return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, c, CERT_CertificateTemplate, der);
-    if (rv) {
-        PORT_FreeArena(arena, PR_FALSE);
-        return rv;
-    }
-
-    /* Pretty print it out */
-    iv = DER_GetInteger(&c->version);
-    fprintf(out, "%sversion=%d (0x%x)\n", m, iv + 1, iv);
-    sprintf(mm, "%sserialNumber=", m);
-    sv_PrintInteger(out, &c->serialNumber, mm);
-    sprintf(mm, "%ssignatureAlgorithm=", m);
-    sv_PrintAlgorithmID(out, &c->signature, mm);
-    sprintf(mm, "%sissuerName=", m);
-    sv_PrintName(out, &c->issuer, mm);
-    sprintf(mm, "%svalidity.", m);
-    sv_PrintValidity(out, &c->validity, mm);
-    sprintf(mm, "%ssubject=", m);
-    sv_PrintName(out, &c->subject, mm);
-    sprintf(mm, "%ssubjectPublicKeyInfo", m);
-    rv = sv_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo, mm);
-    if (rv) {
-        PORT_FreeArena(arena, PR_FALSE);
-        return rv;
-    }
-    sprintf(mm, "%ssignedExtensions.", m);
-    sv_PrintExtensions(out, c->extensions, mm);
-    
-    PORT_FreeArena(arena, PR_FALSE);
-    return 0;
-}
-
-int
-sv_PrintSignedData(FILE *out, SECItem *der, char *m, SECU_PPFunc inner)
-{
-    PRArenaPool *arena = NULL;
-    CERTSignedData *sd;
-    int rv;
-
-    /* Strip off the signature */
-    sd = (CERTSignedData*) PORT_ZAlloc(sizeof(CERTSignedData));
-    if (!sd) return PORT_GetError();
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (!arena) return SEC_ERROR_NO_MEMORY;
-
-    rv = SEC_ASN1DecodeItem(arena, sd, CERT_SignedDataTemplate, der);
-    if (rv) {
-        PORT_FreeArena(arena, PR_FALSE);
-        return rv;
-    }
-
-/*    fprintf(out, "%s:\n", m); */
-    PORT_Strcat(m, "data.");
-
-    rv = (*inner)(out, &sd->data, m, 0);
-    if (rv) {
-        PORT_FreeArena(arena, PR_FALSE);
-        return rv;
-    }
-
-    m[PORT_Strlen(m) - 5] = 0;
-    fprintf(out, m);
-    sv_PrintAlgorithmID(out, &sd->signatureAlgorithm, "signatureAlgorithm=");
-    DER_ConvertBitString(&sd->signature);
-    fprintf(out, m);
-    sv_PrintAsHex(out, &sd->signature, "signature=");
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return 0;
-
-}
-
-
-/*
-** secu_PrintPKCS7Signed
-**   Pretty print a PKCS7 signed data type (up to version 1).
-*/
-int
-sv_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src)
-{
-    SECAlgorithmID *digAlg;		/* digest algorithms */
-    SECItem *aCert;			/* certificate */
-    CERTSignedCrl *aCrl;		/* certificate revocation list */
-    SEC_PKCS7SignerInfo *sigInfo;	/* signer information */
-    int rv, iv;
-    char om[120];
-
-    sv_PrintInteger(out, &(src->version), "pkcs7.version=");
-
-    /* Parse and list digest algorithms (if any) */
-    if (src->digestAlgorithms != NULL) {
-        iv = 0;
-        while (src->digestAlgorithms[iv] != NULL)
-            iv++;
-        fprintf(out, "pkcs7.digestAlgorithmListLength=%d\n", iv);
-        iv = 0;
-        while ((digAlg = src->digestAlgorithms[iv]) != NULL) {
-            sprintf(om, "pkcs7.digestAlgorithm[%d]=", iv++);
-            sv_PrintAlgorithmID(out, digAlg, om);
-        }
-    }
-
-    /* Now for the content */
-    rv = sv_PrintPKCS7ContentInfo(out, &(src->contentInfo), 
-				                    "pkcs7.contentInformation=");
-    if (rv != 0) return rv;
-
-    /* Parse and list certificates (if any) */
-    if (src->rawCerts != NULL) {
-        iv = 0;
-        while (src->rawCerts[iv] != NULL)
-            iv++;
-        fprintf(out, "pkcs7.certificateListLength=%d\n", iv);
-
-        iv = 0;
-        while ((aCert = src->rawCerts[iv]) != NULL) {
-            sprintf(om, "certificate[%d].", iv++);
-            rv = sv_PrintSignedData(out, aCert, om, sv_PrintCertificate);
-            if (rv) return rv;
-        }
-    }
-
-    /* Parse and list CRL's (if any) */
-    if (src->crls != NULL) {
-        iv = 0;
-        while (src->crls[iv] != NULL) iv++;
-        fprintf(out, "pkcs7.signedRevocationLists=%d\n", iv);
-        iv = 0;
-        while ((aCrl = src->crls[iv]) != NULL) {
-            sprintf(om, "signedRevocationList[%d].", iv);
-            fprintf(out, om);
-            sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, 
-                                "signatureAlgorithm=");
-            DER_ConvertBitString(&aCrl->signatureWrap.signature);
-            fprintf(out, om);
-            sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "signature=");
-            sprintf(om, "certificateRevocationList[%d].", iv);
-            sv_PrintCRLInfo(out, &aCrl->crl, om);
-            iv++;
-        }
-    }
-
-    /* Parse and list signatures (if any) */
-    if (src->signerInfos != NULL) {
-        iv = 0;
-        while (src->signerInfos[iv] != NULL)
-            iv++;
-        fprintf(out, "pkcs7.signerInformationListLength=%d\n", iv);
-        iv = 0;
-        while ((sigInfo = src->signerInfos[iv]) != NULL) {
-            sprintf(om, "signerInformation[%d].", iv++);
-            sv_PrintSignerInfo(out, sigInfo, om);
-        }
-    }  
-
-    return 0;
-}
-
-#if 0
-/*
-** secu_PrintPKCS7Enveloped
-**  Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
-			 char *m, int level)
-{
-    SEC_PKCS7RecipientInfo *recInfo;   /* pointer for signer information */
-    int iv;
-    char om[100];
-
-    secu_Indent(out, level); fprintf(out, "%s:\n", m);
-    sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    /* Parse and list recipients (this is not optional) */
-    if (src->recipientInfos != NULL) {
-	secu_Indent(out, level + 1);
-	fprintf(out, "Recipient Information List:\n");
-	iv = 0;
-	while ((recInfo = src->recipientInfos[iv++]) != NULL) {
-	    sprintf(om, "Recipient Information (%x)", iv);
-	    secu_PrintRecipientInfo(out, recInfo, om, level + 2);
-	}
-    }  
-
-    secu_PrintPKCS7EncContent(out, &src->encContentInfo, 
-			      "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-**   Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
-				  SEC_PKCS7SignedAndEnvelopedData *src,
-				  char *m, int level)
-{
-    SECAlgorithmID *digAlg;  /* pointer for digest algorithms */
-    SECItem *aCert;           /* pointer for certificate */
-    CERTSignedCrl *aCrl;        /* pointer for certificate revocation list */
-    SEC_PKCS7SignerInfo *sigInfo;   /* pointer for signer information */
-    SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
-    int rv, iv;
-    char om[100];
-
-    secu_Indent(out, level); fprintf(out, "%s:\n", m);
-    sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    /* Parse and list recipients (this is not optional) */
-    if (src->recipientInfos != NULL) {
-	secu_Indent(out, level + 1);
-	fprintf(out, "Recipient Information List:\n");
-	iv = 0;
-	while ((recInfo = src->recipientInfos[iv++]) != NULL) {
-	    sprintf(om, "Recipient Information (%x)", iv);
-	    secu_PrintRecipientInfo(out, recInfo, om, level + 2);
-	}
-    }  
-
-    /* Parse and list digest algorithms (if any) */
-    if (src->digestAlgorithms != NULL) {
-	secu_Indent(out, level + 1);  fprintf(out, "Digest Algorithm List:\n");
-	iv = 0;
-	while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
-	    sprintf(om, "Digest Algorithm (%x)", iv);
-	    sv_PrintAlgorithmID(out, digAlg, om);
-	}
-    }
-
-    secu_PrintPKCS7EncContent(out, &src->encContentInfo, 
-			      "Encrypted Content Information", level + 1);
-
-    /* Parse and list certificates (if any) */
-    if (src->rawCerts != NULL) {
-	secu_Indent(out, level + 1);  fprintf(out, "Certificate List:\n");
-	iv = 0;
-	while ((aCert = src->rawCerts[iv++]) != NULL) {
-	    sprintf(om, "Certificate (%x)", iv);
-	    rv = SECU_PrintSignedData(out, aCert, om, level + 2, 
-				      SECU_PrintCertificate);
-	    if (rv)
-		return rv;
-	}
-    }
-
-    /* Parse and list CRL's (if any) */
-    if (src->crls != NULL) {
-	secu_Indent(out, level + 1);  
-	fprintf(out, "Signed Revocation Lists:\n");
-	iv = 0;
-	while ((aCrl = src->crls[iv++]) != NULL) {
-	    sprintf(om, "Signed Revocation List (%x)", iv);
-	    secu_Indent(out, level + 2);  fprintf(out, "%s:\n", om);
-	    sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, 
-				  "Signature Algorithm");
-	    DER_ConvertBitString(&aCrl->signatureWrap.signature);
-	    sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
-			    level+3);
-	    SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", 
-			  level + 3); 
-	}
-    }
-
-    /* Parse and list signatures (if any) */
-    if (src->signerInfos != NULL) {
-	secu_Indent(out, level + 1);
-	fprintf(out, "Signer Information List:\n");
-	iv = 0;
-	while ((sigInfo = src->signerInfos[iv++]) != NULL) {
-	    sprintf(om, "Signer Information (%x)", iv);
-	    secu_PrintSignerInfo(out, sigInfo, om, level + 2);
-	}
-    }  
-
-    return 0;
-}
-
-PR_IMPLEMENT(int)
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
-    PRArenaPool *arena = NULL;
-    CERTCrl *c = NULL;
-    int rv;
-
-    do {
-	/* Decode CRL */
-	c = (CERTCrl*) PORT_ZAlloc(sizeof(CERTCrl));
-	if (!c) {
-	    rv = PORT_GetError();
-	    break;
-	}
-
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (!arena) {
-	    rv = SEC_ERROR_NO_MEMORY;
-	    break;
-	}
-
-	rv = SEC_ASN1DecodeItem(arena, c, CERT_CrlTemplate, der);
-	if (rv != SECSuccess)
-	    break;
-	SECU_PrintCRLInfo (out, c, m, level);
-    } while (0);
-    PORT_FreeArena (arena, PR_FALSE);
-    PORT_Free (c);
-    return (rv);
-}
-
-/*
-** secu_PrintPKCS7Encrypted
-**   Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
-			 char *m, int level)
-{
-    secu_Indent(out, level); fprintf(out, "%s:\n", m);
-    sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
-    secu_PrintPKCS7EncContent(out, &src->encContentInfo, 
-			      "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-**   Pretty print a PKCS7 digested data type (up to version 1).
-*/
-void
-sv_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src)
-{
-    secu_Indent(out, level); fprintf(out, "%s:\n", m);
-    sv_PrintInteger(out, &(src->version), "Version", level + 1);
-    
-    sv_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm");
-    sv_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
-			       level + 1);
-    sv_PrintAsHex(out, &src->digest, "Digest", level + 1);  
-}
-
-#endif
-
-/*
-** secu_PrintPKCS7ContentInfo
-**   Takes a SEC_PKCS7ContentInfo type and sends the contents to the 
-** appropriate function
-*/
-int
-sv_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src, char *m)
-{
-    const char *desc;
-    SECOidTag kind;
-    int rv;
-
-    if (src->contentTypeTag == NULL)
-        src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
-    if (src->contentTypeTag == NULL) {
-        desc = "Unknown";
-        kind = SEC_OID_PKCS7_DATA;
-    } else {
-        desc = src->contentTypeTag->desc;
-        kind = src->contentTypeTag->offset;
-    }
-
-    fprintf(out, "%s%s\n", m, desc);
-
-    if (src->content.data == NULL) {
-        fprintf(out, "pkcs7.data=<no content>\n");
-        return 0;
-    }
-
-    rv = 0;
-    switch (kind) {
-        case SEC_OID_PKCS7_SIGNED_DATA:  /* Signed Data */
-            rv = sv_PrintPKCS7Signed(out, src->content.signedData);
-            break;
-
-        case SEC_OID_PKCS7_ENVELOPED_DATA:  /* Enveloped Data */
-            fprintf(out, "pkcs7EnvelopedData=<unsupported>\n");
-            /*sv_PrintPKCS7Enveloped(out, src->content.envelopedData);*/
-            break;
-
-        case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:  /* Signed and Enveloped */
-            fprintf(out, "pkcs7SignedEnvelopedData=<unsupported>\n");
-            /*rv = sv_PrintPKCS7SignedAndEnveloped(out,
-                                src->content.signedAndEnvelopedData);*/
-            break;
-
-        case SEC_OID_PKCS7_DIGESTED_DATA:  /* Digested Data */
-            fprintf(out, "pkcs7DigestedData=<unsupported>\n");
-            /*sv_PrintPKCS7Digested(out, src->content.digestedData);*/
-            break;
-
-        case SEC_OID_PKCS7_ENCRYPTED_DATA:  /* Encrypted Data */
-            fprintf(out, "pkcs7EncryptedData=<unsupported>\n");
-            /*sv_PrintPKCS7Encrypted(out, src->content.encryptedData);*/
-            break;
-
-        default:
-            fprintf(out, "pkcs7UnknownData=<unsupported>\n");
-            /*sv_PrintAsHex(out, src->content.data);*/
-            break;
-    }
-
-    return rv;
-}
-
-
-int
-SV_PrintPKCS7ContentInfo(FILE *out, SECItem *der)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    int rv = -1;
-
-    cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
-
-    if (cinfo != NULL) {
-        rv = sv_PrintPKCS7ContentInfo(out, cinfo, "pkcs7.contentInfo=");
-        SEC_PKCS7DestroyContentInfo(cinfo);
-    }
-
-    return rv;
-}
-/*
-** End of PKCS7 functions
-*/
diff --git a/security/nss/cmd/signver/signver.c b/security/nss/cmd/signver/signver.c
deleted file mode 100644
index c66d80017..000000000
--- a/security/nss/cmd/signver/signver.c
+++ /dev/null
@@ -1,450 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "secmod.h"
-#include "cert.h"
-#include "secoid.h"
-#include "nss.h"
-
-/* NSPR 2.0 header files */
-#include "prinit.h"
-#include "prprf.h"
-#include "prsystem.h"
-#include "prmem.h"
-/* Portable layer header files */
-#include "plstr.h"
-#include "sechash.h"	/* for HASH_GetHashObject() */
-
-static int debugInfo = 0;
-
-static char *usageInfo[] = {
-	"Options:",
-	" -a                           signature file is ASCII",
-	" -d certdir                   directory containing cert database",
-	" -i dataFileName              input file name containing data,",
-	"                              leave filename blank to use stdin",
-	" -s signatureFileName         input file name containing signature,",
-	"                              leave filename blank to use stdin",
-	" -o outputFileName            output file name, default stdout",
-	" -A                           display all information from pkcs #7",
-	" -C                           display all information from all certs",
-	" -C -n                        display number of certificates",
-	" -C -n certNum                display all information from the certNum",
-	"                              certificate in pkcs #7 signed object",
-	" -C -n certNum f1 ... fN      display information about specified", 
-	"                              fields from the certNum certificate in",
-	"                              the pkcs #7 signed object",
-	" -S                           display signer information list",
-	" -S -n                        display number of signer information blocks",
-	" -S -n signerNum              display all information from the signerNum",
-	"                              signer information block in pkcs #7",
-	" -S -n signerNum f1 ... fN    display information about specified", 
-	"                              fields from the signerNum signer",
-	"                              information block in pkcs #7 object",
-	" -V                           verify the signed object and display result",
-	" -V -v                        verify the signed object and display",
-	"                              result and reason for failure",
-	"Version 2.0"
-};
-static int nUsageInfo = sizeof(usageInfo)/sizeof(char *);
-
-extern int SV_PrintPKCS7ContentInfo(FILE *, SECItem *);
-
-static void Usage(char *progName, FILE *outFile)
-{
-	int i;
-	fprintf(outFile, "Usage:  %s  options\n", progName);
-	for (i = 0; i < nUsageInfo; i++)
-		fprintf(outFile, "%s\n", usageInfo[i]);
-	exit(-1);
-}
-
-static HASH_HashType
-AlgorithmToHashType(SECAlgorithmID *digestAlgorithms)
-{
-	SECOidTag tag;
-
-	tag = SECOID_GetAlgorithmTag(digestAlgorithms);
-
-	switch (tag) {
-		case SEC_OID_MD2:
-			if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgMD2 SEC_OID_MD2\n");
-			return HASH_AlgMD2;
-		case SEC_OID_MD5:
-			if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgMD5 SEC_OID_MD5\n");
-			return HASH_AlgMD5;
-		case SEC_OID_SHA1:
-			if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgSHA1 SEC_OID_SHA1\n");
-			return HASH_AlgSHA1;
-		default:
-			if (debugInfo) PR_fprintf(PR_STDERR, "should never get here\n");
-			return HASH_AlgNULL;
-	}
-}
-
-
-static int
-DigestData (unsigned char *digest, unsigned char *data,
-			unsigned int *len, unsigned int maxLen,
-			HASH_HashType hashType)
-{
-	const SECHashObject *hashObj;
-	void *hashcx;
-
-	hashObj = HASH_GetHashObject(hashType);
-	hashcx = (* hashObj->create)();
-	if (hashcx == NULL)
-	return -1;
-
-	(* hashObj->begin)(hashcx);
-	(* hashObj->update)(hashcx, data, PORT_Strlen((char *)data));
-	(* hashObj->end)(hashcx, digest, len, maxLen);
-	(* hashObj->destroy)(hashcx, PR_TRUE);
-
-	return 0;
-}
-
-enum {
-	cmd_DisplayAllPCKS7Info = 0,
-	cmd_DisplayCertInfo,
-	cmd_DisplaySignerInfo,
-	cmd_VerifySignedObj
-};
-
-enum {
-	opt_ASCII,
-	opt_CertDir,
-	opt_InputDataFile,
-	opt_ItemNumber,
-	opt_OutputFile,
-	opt_InputSigFile,
-	opt_TypeTag,
-	opt_PrintWhyFailure
-};
-
-static secuCommandFlag signver_commands[] =
-{
-	{ /* cmd_DisplayAllPCKS7Info*/  'A', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_DisplayCertInfo    */  'C', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_DisplaySignerInfo  */  'S', PR_FALSE, 0, PR_FALSE },
-	{ /* cmd_VerifySignedObj    */  'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag signver_options[] =
-{
-	{ /* opt_ASCII              */  'a', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_CertDir            */  'd', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_InputDataFile      */  'i', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_ItemNumber         */  'n', PR_FALSE, 0, PR_FALSE },
-	{ /* opt_OutputFile         */  'o', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_InputSigFile       */  's', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_TypeTag            */  't', PR_TRUE,  0, PR_FALSE },
-	{ /* opt_PrintWhyFailure    */  'v', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
-	PRExplodedTime explodedCurrent;
-	SECItem der, data;
-	char *progName;
-	int rv;
-	PRFileDesc *dataFile = 0;
-	PRFileDesc *signFile = 0;
-	FILE *outFile = stdout;
-	char *typeTag = 0;
-	PRBool displayAllCerts = PR_FALSE;
-	PRBool displayAllSigners = PR_FALSE;
-	PRFileInfo info;
-	PRInt32 nb;
-	SECStatus secstatus;
-
-	secuCommand signver;
-	signver.numCommands = sizeof(signver_commands) /sizeof(secuCommandFlag);
-	signver.numOptions = sizeof(signver_options) / sizeof(secuCommandFlag);
-	signver.commands = signver_commands;
-	signver.options = signver_options;
-
-#ifdef XP_PC
-	progName = strrchr(argv[0], '\\');
-#else
-	progName = strrchr(argv[0], '/');
-#endif
-	progName = progName ? progName+1 : argv[0];
-
-	/*_asm int 3*/
-
-	PR_ExplodeTime(PR_Now(), PR_LocalTimeParameters, &explodedCurrent);
-#if 0
-	if (explodedCurrent.tm_year >= 1998
-		&& explodedCurrent.tm_month >= 5 /* months past tm_year (0-11, Jan = 0) */
-		&& explodedCurrent.tm_mday >= 1) {
-		PR_fprintf(PR_STDERR, "%s: expired\n", progName);
-		return -1;
-	}
-#endif
-
-	SECU_ParseCommandLine(argc, argv, progName, &signver);
-
-	/*  Set the certdb directory (default is ~/.{browser}) */
-	SECU_ConfigDirectory(signver.options[opt_CertDir].arg);
-
-	/*  Set the certificate type.  */
-	typeTag = SECU_GetOptionArg(&signver, opt_TypeTag);
-
-	/*  -i and -s without filenames  */
-	if (signver.options[opt_InputDataFile].activated &&
-	    signver.options[opt_InputSigFile].activated &&
-	    !signver.options[opt_InputDataFile].arg &&
-	    !signver.options[opt_InputSigFile].arg)
-		PR_fprintf(PR_STDERR, 
-	              "%s: Only data or signature file can use stdin (not both).\n",
-	              progName);
-
-	/*  Open the input data file (no arg == use stdin). */
-	if (signver.options[opt_InputDataFile].activated) {
-		if (signver.options[opt_InputDataFile].arg)
-			dataFile = PR_Open(signver.options[opt_InputDataFile].arg, 
-			                   PR_RDONLY, 0);
-		else
-			dataFile = PR_STDIN;
-		if (!dataFile) {
-			PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading.\n",
-			           progName, signver.options[opt_InputDataFile].arg);
-			return -1;
-		}
-	}
-
-	/*  Open the input signature file (no arg == use stdin).  */
-	if (signver.options[opt_InputSigFile].activated) {
-		if (signver.options[opt_InputSigFile].arg)
-			signFile = PR_Open(signver.options[opt_InputSigFile].arg, 
-			                   PR_RDONLY, 0);
-		else
-			signFile = PR_STDIN;
-		if (!signFile) {
-			PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading.\n",
-			           progName, signver.options[opt_InputSigFile].arg);
-			return -1;
-		}
-	}
-
-#if 0
-				if (!typeTag) ascii = 1;
-#endif
-
-	/*  Open|Create the output file.  */
-	if (signver.options[opt_OutputFile].activated) {
-		outFile = fopen(signver.options[opt_OutputFile].arg, "w");
-			/*
-		outFile = PR_Open(signver.options[opt_OutputFile].arg,
-		                  PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 00660);
-						  */
-		if (!outFile) {
-			PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for writing.\n",
-			           progName, signver.options[opt_OutputFile].arg);
-			return -1;
-		}
-	}
-
-	if (signver.commands[cmd_DisplayCertInfo].activated &&
-	    !signver.options[opt_ItemNumber].arg)
-		displayAllCerts = PR_TRUE;
-
-	if (signver.commands[cmd_DisplaySignerInfo].activated &&
-	    !signver.options[opt_ItemNumber].arg)
-		displayAllSigners = PR_TRUE;
-
-#if 0
-			case 'W':
-				debugInfo = 1;
-				break;
-#endif
-
-	if (!signFile && !dataFile && !typeTag) 
-		Usage(progName, outFile);
-
-	if (!signFile && !dataFile && 
-	     signver.commands[cmd_VerifySignedObj].activated) {
-		PR_fprintf(PR_STDERR, 
-		           "%s: unable to read all data from standard input\n", 
-		           progName);
-		return -1;
-	} 
-
-	PR_SetError(0, 0); /* PR_Init("pp", 1, 1, 0);*/
-	secstatus = NSS_Init(SECU_ConfigDirectory(NULL));
-    	if (secstatus != SECSuccess) {
-	    SECU_PrintPRandOSError(progName);
-	    return -1;
-	}
-
-	rv = SECU_ReadDERFromFile(&der, signFile, 
-	                          signver.options[opt_ASCII].activated);
-
-	/* Data is untyped, using the specified type */
-	data.data = der.data;
-	data.len = der.len;
-
-
-	/* Signature Verification */
-	if (!signver.options[opt_TypeTag].activated) {
-		if (signver.commands[cmd_VerifySignedObj].activated) {
-			SEC_PKCS7ContentInfo *cinfo;
-
-			cinfo = SEC_PKCS7DecodeItem(&data, NULL, NULL, NULL, NULL,
-			                            NULL, NULL, NULL);
-			if (cinfo != NULL) {
-#if 0
-				if (debugInfo) {
-					PR_fprintf(PR_STDERR, "Content %s encrypted.\n",
-							   SEC_PKCS7ContentIsEncrypted(cinfo) ? "was" : "was not");
-
-					PR_fprintf(PR_STDERR, "Content %s signed.\n",
-							   SEC_PKCS7ContentIsSigned(cinfo) ? "was" : "was not");
-				}
-#endif
-
-				if (SEC_PKCS7ContentIsSigned(cinfo)) {
-					SEC_PKCS7SignedData *signedData;
-					HASH_HashType digestType;
-					SECItem digest, data;
-					unsigned char *dataToVerify, digestBuffer[32];
-
-					signedData = cinfo->content.signedData;
-
-					/* assume that there is only one digest algorithm for now */
-					digestType = 
-					  AlgorithmToHashType(signedData->digestAlgorithms[0]);
-					if (digestType == HASH_AlgNULL) {
-						PR_fprintf(PR_STDERR, "Invalid hash algorithmID\n");
-						return (-1);
-					}
-					rv = SECU_FileToItem(&data, dataFile);
-					dataToVerify = data.data;
-					if (dataToVerify) {
-						                   /*certUsageObjectSigner;*/
-						SECCertUsage usage = certUsageEmailSigner; 
-						
-
-#if 0
-						if (debugInfo) 
-							PR_fprintf(PR_STDERR, "dataToVerify=%s\n", 
-							           dataToVerify);
-#endif
-						digest.data = digestBuffer;
-						if (DigestData (digest.data, dataToVerify, 
-						                &digest.len, 32, digestType)) {
-							PR_fprintf(PR_STDERR, "Fail to compute message digest for verification. Reason: %s\n",
-									  SECU_ErrorString((int16)PORT_GetError()));
-							return (-1);
-						}
-#if 0
-						if (debugInfo) {
-							PR_fprintf(PR_STDERR, "Data Digest=:");
-							for (i = 0; i < digest.len; i++)
-								PR_fprintf(PR_STDERR, "%02x:", digest.data[i]);
-							PR_fprintf(PR_STDERR, "\n");
-						}
-#endif
-
-
-						if (signver.commands[cmd_VerifySignedObj].activated)
-							fprintf(outFile, "signatureValid=");
-						PORT_SetError(0);
-						if (SEC_PKCS7VerifyDetachedSignature (cinfo, usage, 
-						                       &digest, digestType, PR_FALSE)) {
-							if (signver.commands[cmd_VerifySignedObj].activated)
-								fprintf(outFile, "yes");
-						} else {
-							if (signver.commands[cmd_VerifySignedObj].activated){
-								fprintf(outFile, "no");
-							if (signver.options[opt_PrintWhyFailure].activated)
-							fprintf(outFile, ":%s", SECU_ErrorString((int16)PORT_GetError()));
-							}
-						}
-						if (signver.commands[cmd_VerifySignedObj].activated)
-							fprintf(outFile, "\n");
-
-						SECITEM_FreeItem(&data, PR_FALSE);
-					} else {
-						PR_fprintf(PR_STDERR, "Cannot read data\n");
-						return (-1);
-					}
-				}
-
-				SEC_PKCS7DestroyContentInfo(cinfo);
-			} else
-				PR_fprintf(PR_STDERR, "Unable to decode PKCS7 data\n");
-		}
-
-		if (signver.commands[cmd_DisplayAllPCKS7Info].activated)
-			SV_PrintPKCS7ContentInfo(outFile, &data);
-
-		if (displayAllCerts)
-			PR_fprintf(PR_STDERR, "-C option is not implemented in this version\n");
-
-		if (displayAllSigners)
-			PR_fprintf(PR_STDERR, "-S option is not implemented in this version\n");
-
-	/* Pretty print it */
-	} else if (PL_strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) {
-		rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
-								  SECU_PrintCertificate);
-	} else if (PL_strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) {
-		rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
-								  SECU_PrintCertificateRequest);
-	} else if (PL_strcmp (typeTag, SEC_CT_CRL) == 0) {
-		rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl);
-#ifdef HAVE_EPK_TEMPLATE
-	} else if (PL_strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) {
-		rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
-#endif
-	} else if (PL_strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) {
-		rv = SECU_PrintPublicKey(outFile, &data, "Public Key", 0);
-	} else if (PL_strcmp(typeTag, SEC_CT_PKCS7) == 0) {
-		rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
-										"PKCS #7 Content Info", 0);
-	} else {
-		PR_fprintf(PR_STDERR, "%s: don't know how to print out '%s' files\n",
-				   progName, typeTag);
-		return -1;
-	}
-
-	if (rv) {
-		PR_fprintf(PR_STDERR, "%s: problem converting data (%s)\n",
-				   progName, SECU_ErrorString((int16)PORT_GetError()));
-		return -1;
-	}
-	return 0;
-}
diff --git a/security/nss/cmd/smimetools/Makefile b/security/nss/cmd/smimetools/Makefile
deleted file mode 100644
index 9e3263d43..000000000
--- a/security/nss/cmd/smimetools/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include rules.mk
-
-include ../platrules.mk
diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c
deleted file mode 100644
index ec2fe56e8..000000000
--- a/security/nss/cmd/smimetools/cmsutil.c
+++ /dev/null
@@ -1,1430 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * cmsutil -- A command to work with CMS data
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secoid.h"
-#include "cms.h"
-#include "nss.h"
-#include "smime.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(_WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-extern void SEC_Init(void);		/* XXX */
-char *progName = NULL;
-static int cms_verbose = 0;
-
-/* XXX stolen from cmsarray.c
- * nss_CMSArray_Count - count number of elements in array
- */
-int
-nss_CMSArray_Count(void **array)
-{
-    int n = 0;
-    if (array == NULL)
-	return 0;
-    while (*array++ != NULL)
-	n++;
-    return n;
-}
-
-static SECStatus
-DigestFile(PLArenaPool *poolp, SECItem ***digests, SECItem *input,
-           SECAlgorithmID **algids)
-{
-    NSSCMSDigestContext *digcx;
-
-    digcx = NSS_CMSDigestContext_StartMultiple(algids);
-    if (digcx == NULL)
-	return SECFailure;
-
-    NSS_CMSDigestContext_Update(digcx, input->data, input->len);
-
-    return NSS_CMSDigestContext_FinishMultiple(digcx, poolp, digests);
-}
-
-
-static void
-Usage(char *progName)
-{
-    fprintf(stderr, "Usage:  %s [-D|-S|-E] [<options>] [-d dbdir] [-u certusage]\n", progName);
-    fprintf(stderr, " -i infile     use infile as source of data (default: stdin)\n");
-    fprintf(stderr, " -o outfile    use outfile as destination of data (default: stdout)\n");
-    fprintf(stderr, " -d dbdir      key/cert database directory (default: ~/.netscape)\n");
-    fprintf(stderr, " -p password   use password as key db password (default: prompt)\n");
-    fprintf(stderr, " -u certusage  set type of certificate usage (default: certUsageEmailSigner)\n");
-    fprintf(stderr, "\n");
-    fprintf(stderr, " -D            decode a CMS message\n");
-    fprintf(stderr, "  -c content   use this detached content\n");
-    fprintf(stderr, "  -n           suppress output of content\n");
-    fprintf(stderr, "  -h num       generate email headers with info about CMS message\n");
-    fprintf(stderr, " -S            create a CMS signed message\n");
-    fprintf(stderr, "  -N nick      use certificate named \"nick\" for signing\n");
-    fprintf(stderr, "  -T           do not include content in CMS message\n");
-    fprintf(stderr, "  -G           include a signing time attribute\n");
-    fprintf(stderr, "  -P           include a SMIMECapabilities attribute\n");
-    fprintf(stderr, "  -Y nick      include a EncryptionKeyPreference attribute with cert\n");
-    fprintf(stderr, " -E            create a CMS enveloped message (NYI)\n");
-    fprintf(stderr, "  -r id,...    create envelope for these recipients,\n");
-    fprintf(stderr, "               where id can be a certificate nickname or email address\n");
-    fprintf(stderr, " -v            print debugging information\n");
-    fprintf(stderr, "\nCert usage codes:\n");
-    fprintf(stderr, "%-25s  0 - certUsageSSLClient\n", " ");
-    fprintf(stderr, "%-25s  1 - certUsageSSLServer\n", " ");
-    fprintf(stderr, "%-25s  2 - certUsageSSLServerWithStepUp\n", " ");
-    fprintf(stderr, "%-25s  3 - certUsageSSLCA\n", " ");
-    fprintf(stderr, "%-25s  4 - certUsageEmailSigner\n", " ");
-    fprintf(stderr, "%-25s  5 - certUsageEmailRecipient\n", " ");
-    fprintf(stderr, "%-25s  6 - certUsageObjectSigner\n", " ");
-    fprintf(stderr, "%-25s  7 - certUsageUserCertImport\n", " ");
-    fprintf(stderr, "%-25s  8 - certUsageVerifyCA\n", " ");
-    fprintf(stderr, "%-25s  9 - certUsageProtectedObjectSigner\n", " ");
-    fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
-    fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
-
-    exit(-1);
-}
-
-char *
-ownpw(PK11SlotInfo *info, PRBool retry, void *arg)
-{
-	char * passwd = NULL;
-
-	if ( (!retry) && arg ) {
-		passwd = PL_strdup((char *)arg);
-	}
-
-	return passwd;
-}
-
-struct optionsStr {
-    char *password;
-    SECCertUsage certUsage;
-    CERTCertDBHandle *certHandle;
-};
-
-struct decodeOptionsStr {
-    struct optionsStr *options;
-    PRFileDesc *contentFile;
-    int headerLevel;
-    PRBool suppressContent;
-    NSSCMSGetDecryptKeyCallback dkcb;
-    PK11SymKey *bulkkey;
-};
-
-struct signOptionsStr {
-    struct optionsStr *options;
-    char *nickname;
-    char *encryptionKeyPreferenceNick;
-    PRBool signingTime;
-    PRBool smimeProfile;
-    PRBool detached;
-};
-
-struct envelopeOptionsStr {
-    struct optionsStr *options;
-    char **recipients;
-};
-
-struct certsonlyOptionsStr {
-    struct optionsStr *options;
-    char **recipients;
-};
-
-struct encryptOptionsStr {
-    struct optionsStr *options;
-    char **recipients;
-    NSSCMSMessage *envmsg;
-    SECItem *input;
-    FILE *outfile;
-    PRFileDesc *envFile;
-    PK11SymKey *bulkkey;
-    SECOidTag bulkalgtag;
-    int keysize;
-};
-
-static NSSCMSMessage *
-decode(FILE *out, SECItem *output, SECItem *input, 
-       struct decodeOptionsStr *decodeOptions)
-{
-    NSSCMSDecoderContext *dcx;
-    NSSCMSMessage *cmsg;
-    NSSCMSContentInfo *cinfo;
-    NSSCMSSignedData *sigd = NULL;
-    NSSCMSEnvelopedData *envd;
-    NSSCMSEncryptedData *encd;
-    SECAlgorithmID **digestalgs;
-    int nlevels, i, nsigners, j;
-    char *signercn;
-    NSSCMSSignerInfo *si;
-    SECOidTag typetag;
-    SECItem **digests;
-    PLArenaPool *poolp;
-    PK11PasswordFunc pwcb;
-    void *pwcb_arg;
-    SECItem *item, sitem = { 0, 0, 0 };
-
-    pwcb     = (decodeOptions->options->password != NULL) ? ownpw : NULL;
-    pwcb_arg = (decodeOptions->options->password != NULL) ? 
-                  (void *)decodeOptions->options->password : NULL;
-
-    if (decodeOptions->contentFile) {
-	/* detached content: grab content file */
-	SECU_FileToItem(&sitem, decodeOptions->contentFile);
-	item = &sitem;
-    }
-
-    dcx = NSS_CMSDecoder_Start(NULL, 
-                               NULL, NULL,         /* content callback     */
-                               pwcb, pwcb_arg,     /* password callback    */
-			       decodeOptions->dkcb, /* decrypt key callback */
-                               decodeOptions->bulkkey);
-    (void)NSS_CMSDecoder_Update(dcx, (char *)input->data, input->len);
-    cmsg = NSS_CMSDecoder_Finish(dcx);
-    if (cmsg == NULL) {
-	fprintf(stderr, "%s: failed to decode message.\n", progName);
-	return NULL;
-    }
-
-    if (decodeOptions->headerLevel >= 0) {
-	/*fprintf(out, "SMIME: ", decodeOptions->headerLevel, i);*/
-	fprintf(out, "SMIME: ");
-    }
-
-    nlevels = NSS_CMSMessage_ContentLevelCount(cmsg);
-    for (i = 0; i < nlevels; i++) {
-	cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
-	typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
-	if (decodeOptions->headerLevel >= 0)
-	    fprintf(out, "\tlevel=%d.%d; ", decodeOptions->headerLevel, nlevels - i);
-
-	switch (typetag) {
-	case SEC_OID_PKCS7_SIGNED_DATA:
-	    if (decodeOptions->headerLevel >= 0)
-		fprintf(out, "type=signedData; ");
-	    sigd = (NSSCMSSignedData *)NSS_CMSContentInfo_GetContent(cinfo);
-	    if (sigd == NULL) {
-		SECU_PrintError(progName, 
-		                "problem finding signedData component");
-		goto loser;
-	    }
-
-	    /* if we have a content file, but no digests for this signedData */
-	    if (decodeOptions->contentFile != NULL && !NSS_CMSSignedData_HasDigests(sigd)) {
-		if ((poolp = PORT_NewArena(1024)) == NULL) {
-		    fprintf(stderr, "cmsutil: Out of memory.\n");
-		    goto loser;
-		}
-		digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
-		if (DigestFile (poolp, &digests, item, digestalgs) 
-		      != SECSuccess) {
-		    SECU_PrintError(progName, 
-		                    "problem computing message digest");
-		    goto loser;
-		}
-		if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
-		    
-		    SECU_PrintError(progName, 
-		                    "problem setting message digests");
-		    goto loser;
-		}
-		PORT_FreeArena(poolp, PR_FALSE);
-	    }
-
-	    /* import the certificates */
-	    if (NSS_CMSSignedData_ImportCerts(sigd, 
-	                                   decodeOptions->options->certHandle, 
-	                                   decodeOptions->options->certUsage, 
-	                                   PR_FALSE) 
-	          != SECSuccess) {
-		SECU_PrintError(progName, "cert import failed");
-		goto loser;
-	    }
-
-	    /* find out about signers */
-	    nsigners = NSS_CMSSignedData_SignerInfoCount(sigd);
-	    if (decodeOptions->headerLevel >= 0)
-		fprintf(out, "nsigners=%d; ", nsigners);
-	    if (nsigners == 0) {
-		/* must be a cert transport message */
-		SECStatus rv;
-		/* XXX workaround for bug #54014 */
-		NSS_CMSSignedData_ImportCerts(sigd, 
-                                            decodeOptions->options->certHandle, 
-		                            decodeOptions->options->certUsage, 
-		                            PR_TRUE);
-		rv = NSS_CMSSignedData_VerifyCertsOnly(sigd, 
-		                            decodeOptions->options->certHandle, 
-		                            decodeOptions->options->certUsage);
-		if (rv != SECSuccess) {
-		    fprintf(stderr, "cmsutil: Verify certs-only failed!\n");
-		    goto loser;
-		}
-		return cmsg;
-	    }
-
-	    /* still no digests? */
-	    if (!NSS_CMSSignedData_HasDigests(sigd)) {
-		SECU_PrintError(progName, "no message digests");
-		goto loser;
-	    }
-
-	    for (j = 0; j < nsigners; j++) {
-		si = NSS_CMSSignedData_GetSignerInfo(sigd, j);
-		signercn = NSS_CMSSignerInfo_GetSignerCommonName(si);
-		if (signercn == NULL)
-		    signercn = "";
-		if (decodeOptions->headerLevel >= 0)
-		    fprintf(out, "\n\t\tsigner%d.id=\"%s\"; ", j, signercn);
-		(void)NSS_CMSSignedData_VerifySignerInfo(sigd, j, 
-		                           decodeOptions->options->certHandle, 
-		                           decodeOptions->options->certUsage);
-		if (decodeOptions->headerLevel >= 0)
-		    fprintf(out, "signer%d.status=%s; ", j, 
-		            NSS_CMSUtil_VerificationStatusToString(
-		                  NSS_CMSSignerInfo_GetVerificationStatus(si)));
-		    /* XXX what do we do if we don't print headers? */
-	    }
-	    break;
-	case SEC_OID_PKCS7_ENVELOPED_DATA:
-	    if (decodeOptions->headerLevel >= 0)
-		fprintf(out, "type=envelopedData; ");
-	    envd = (NSSCMSEnvelopedData *)NSS_CMSContentInfo_GetContent(cinfo);
-	    break;
-	case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    if (decodeOptions->headerLevel >= 0)
-		fprintf(out, "type=encryptedData; ");
-	    encd = (NSSCMSEncryptedData *)NSS_CMSContentInfo_GetContent(cinfo);
-	    break;
-	case SEC_OID_PKCS7_DATA:
-	    if (decodeOptions->headerLevel >= 0)
-		fprintf(out, "type=data; ");
-	    break;
-	default:
-	    break;
-	}
-	if (decodeOptions->headerLevel >= 0)
-	    fprintf(out, "\n");
-    }
-
-    if (!decodeOptions->suppressContent) {
-	if (!decodeOptions->contentFile) 
-	    item = NSS_CMSMessage_GetContent(cmsg);
-	SECITEM_CopyItem(NULL, output, item);
-    }
-
-    return cmsg;
-loser:
-    if (cmsg)
-	NSS_CMSMessage_Destroy(cmsg);
-    return NULL;
-}
-
-/* example of a callback function to use with encoder */
-/*
-static void
-writeout(void *arg, const char *buf, unsigned long len)
-{
-    FILE *f = (FILE *)arg;
-
-    if (f != NULL && buf != NULL)
-	(void)fwrite(buf, len, 1, f);
-}
-*/
-
-static NSSCMSMessage *
-signed_data(struct signOptionsStr *signOptions)
-{
-    NSSCMSMessage *cmsg = NULL;
-    NSSCMSContentInfo *cinfo;
-    NSSCMSSignedData *sigd;
-    NSSCMSSignerInfo *signerinfo;
-    CERTCertificate *cert= NULL, *ekpcert = NULL;
-
-    if (cms_verbose) {
-	fprintf(stderr, "Input to signed_data:\n");
-	if (signOptions->options->password)
-	    fprintf(stderr, "password [%s]\n", signOptions->options->password);
-	else
-	    fprintf(stderr, "password [NULL]\n");
-	fprintf(stderr, "certUsage [%d]\n", signOptions->options->certUsage);
-	if (signOptions->options->certHandle)
-	    fprintf(stderr, "certdb [%p]\n", signOptions->options->certHandle);
-	else
-	    fprintf(stderr, "certdb [NULL]\n");
-	if (signOptions->nickname)
-	    fprintf(stderr, "nickname [%s]\n", signOptions->nickname);
-	else
-	    fprintf(stderr, "nickname [NULL]\n");
-    }
-    if (signOptions->nickname == NULL) {
-	fprintf(stderr, 
-        "ERROR: please indicate the nickname of a certificate to sign with.\n");
-	return NULL;
-    }
-    if ((cert = CERT_FindUserCertByUsage(signOptions->options->certHandle, 
-                                         signOptions->nickname,
-                                         certUsageEmailSigner,
-                                         PR_FALSE,
-                                         NULL)) == NULL) {
-	SECU_PrintError(progName, 
-	                "the corresponding cert for key \"%s\" does not exist",
-	                signOptions->nickname);
-	return NULL;
-    }
-    if (cms_verbose) {
-	fprintf(stderr, "Found certificate for %s\n", signOptions->nickname);
-    }
-    /*
-     * create the message object
-     */
-    cmsg = NSS_CMSMessage_Create(NULL); /* create a message on its own pool */
-    if (cmsg == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS message.\n");
-	return NULL;
-    }
-    /*
-     * build chain of objects: message->signedData->data
-     */
-    if ((sigd = NSS_CMSSignedData_Create(cmsg)) == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS signedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-    if (NSS_CMSContentInfo_SetContent_SignedData(cmsg, cinfo, sigd) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS signedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSSignedData_GetContentInfo(sigd);
-    /* we're always passing data in and detaching optionally */
-    if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, 
-                                           signOptions->detached) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
-	goto loser;
-    }
-    /* 
-     * create & attach signer information
-     */
-    if ((signerinfo = NSS_CMSSignerInfo_Create(cmsg, cert, SEC_OID_SHA1)) 
-          == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS signerInfo object.\n");
-	goto loser;
-    }
-    if (cms_verbose) {
-	fprintf(stderr,
-		 "Created CMS message, added signed data w/ signerinfo\n");
-    }
-    /* we want the cert chain included for this one */
-    if (NSS_CMSSignerInfo_IncludeCerts(signerinfo, NSSCMSCM_CertChain, 
-                                       signOptions->options->certUsage) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot find cert chain.\n");
-	goto loser;
-    }
-    if (cms_verbose) {
-	fprintf(stderr, "imported certificate\n");
-    }
-    if (signOptions->signingTime) {
-	if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) 
-	      != SECSuccess) {
-	    fprintf(stderr, "ERROR: cannot add signingTime attribute.\n");
-	    goto loser;
-	}
-    }
-    if (signOptions->smimeProfile) {
-	if (NSS_CMSSignerInfo_AddSMIMECaps(signerinfo) != SECSuccess) {
-	    fprintf(stderr, "ERROR: cannot add SMIMECaps attribute.\n");
-	    goto loser;
-	}
-    }
-
-    if (signOptions->encryptionKeyPreferenceNick) {
-	/* get the cert, add it to the message */
-	if ((ekpcert = CERT_FindUserCertByUsage(
-                                     signOptions->options->certHandle, 
-	                             signOptions->encryptionKeyPreferenceNick,
-                                     certUsageEmailRecipient, PR_FALSE, NULL))
-	      == NULL) {
-	    SECU_PrintError(progName, 
-	               "the corresponding cert for key \"%s\" does not exist",
-	                signOptions->encryptionKeyPreferenceNick);
-	    goto loser;
-	}
-	if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, ekpcert, 
-	                                     signOptions->options->certHandle)
-	      != SECSuccess) {
-	    fprintf(stderr, "ERROR: cannot add SMIMEEncKeyPrefs attribute.\n");
-	    goto loser;
-	}
-	if (NSS_CMSSignedData_AddCertificate(sigd, ekpcert) != SECSuccess) {
-	    fprintf(stderr, "ERROR: cannot add encryption certificate.\n");
-	    goto loser;
-	}
-    } else {
-	/* check signing cert for fitness as encryption cert */
-        SECStatus FitForEncrypt = CERT_CheckCertUsage(cert,
-                                                      certUsageEmailRecipient);
-
-        if (SECSuccess == FitForEncrypt) {
-            /* if yes, add signing cert as EncryptionKeyPreference */
-            if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, cert, 
-                                              signOptions->options->certHandle)
-                  != SECSuccess) {
-                fprintf(stderr, 
-                    "ERROR: cannot add default SMIMEEncKeyPrefs attribute.\n");
-                goto loser;
-            }
-        } else {
-            /* this is a dual-key cert case, we need to look for the encryption
-               certificate under the same nickname as the signing cert */
-            /* get the cert, add it to the message */
-            if ((ekpcert = CERT_FindUserCertByUsage(
-                                              signOptions->options->certHandle,
-                                              signOptions->nickname,
-                                              certUsageEmailRecipient,
-                                              PR_FALSE,
-                                              NULL)) == NULL) {
-                SECU_PrintError(progName, 
-                         "the corresponding cert for key \"%s\" does not exist",
-                         signOptions->encryptionKeyPreferenceNick);
-                goto loser;
-            }
-            if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, ekpcert, 
-                                              signOptions->options->certHandle)
-                  != SECSuccess) {
-                fprintf(stderr, 
-                        "ERROR: cannot add SMIMEEncKeyPrefs attribute.\n");
-                goto loser;
-            }
-            if (NSS_CMSSignedData_AddCertificate(sigd, ekpcert) != SECSuccess) {
-                fprintf(stderr, "ERROR: cannot add encryption certificate.\n");
-                goto loser;
-            }
-        }
-    }
-
-    if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot add CMS signerInfo object.\n");
-	goto loser;
-    }
-    if (cms_verbose) {
-	fprintf(stderr, "created signed-date message\n");
-    }
-    if (ekpcert) {
-	CERT_DestroyCertificate(ekpcert);
-    }
-    if (cert) {
-	CERT_DestroyCertificate(cert);
-    }
-    return cmsg;
-loser:
-    if (ekpcert) {
-	CERT_DestroyCertificate(ekpcert);
-    }
-    if (cert) {
-	CERT_DestroyCertificate(cert);
-    }
-    NSS_CMSMessage_Destroy(cmsg);
-    return NULL;
-}
-
-static NSSCMSMessage *
-enveloped_data(struct envelopeOptionsStr *envelopeOptions)
-{
-    NSSCMSMessage *cmsg = NULL;
-    NSSCMSContentInfo *cinfo;
-    NSSCMSEnvelopedData *envd;
-    NSSCMSRecipientInfo *recipientinfo;
-    CERTCertificate **recipientcerts = NULL;
-    CERTCertDBHandle *dbhandle;
-    PLArenaPool *tmppoolp = NULL;
-    SECOidTag bulkalgtag;
-    int keysize, i = 0;
-    int cnt;
-    dbhandle = envelopeOptions->options->certHandle;
-    /* count the recipients */
-    if ((cnt = nss_CMSArray_Count((void **)envelopeOptions->recipients)) == 0) {
-	fprintf(stderr, "ERROR: please name at least one recipient.\n");
-	goto loser;
-    }
-    if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
-	fprintf(stderr, "ERROR: out of memory.\n");
-	goto loser;
-    }
-    /* XXX find the recipient's certs by email address or nickname */
-    if ((recipientcerts = 
-         (CERTCertificate **)PORT_ArenaZAlloc(tmppoolp, 
-					     (cnt+1)*sizeof(CERTCertificate*)))
-            == NULL) {
-	fprintf(stderr, "ERROR: out of memory.\n");
-	goto loser;
-    }
-    for (i=0; envelopeOptions->recipients[i] != NULL; i++) {
-	if ((recipientcerts[i] = 
-	      CERT_FindCertByNicknameOrEmailAddr(dbhandle,  
-	                                        envelopeOptions->recipients[i]))
-	        == NULL) {
-	    SECU_PrintError(progName, "cannot find certificate for \"%s\"", 
-	                    envelopeOptions->recipients[i]);
-	    i=0;
-	    goto loser;
-	}
-    }
-    recipientcerts[i] = NULL;
-    i=0;
-    /* find a nice bulk algorithm */
-    if (NSS_SMIMEUtil_FindBulkAlgForRecipients(recipientcerts, &bulkalgtag, 
-                                               &keysize) != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot find common bulk algorithm.\n");
-	goto loser;
-    }
-    /*
-     * create the message object
-     */
-    cmsg = NSS_CMSMessage_Create(NULL); /* create a message on its own pool */
-    if (cmsg == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS message.\n");
-	goto loser;
-    }
-    /*
-     * build chain of objects: message->envelopedData->data
-     */
-    if ((envd = NSS_CMSEnvelopedData_Create(cmsg, bulkalgtag, keysize)) 
-          == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS envelopedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-    if (NSS_CMSContentInfo_SetContent_EnvelopedData(cmsg, cinfo, envd) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS envelopedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSEnvelopedData_GetContentInfo(envd);
-    /* we're always passing data in, so the content is NULL */
-    if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
-	goto loser;
-    }
-    /* 
-     * create & attach recipient information
-     */
-    for (i = 0; recipientcerts[i] != NULL; i++) {
-	if ((recipientinfo = NSS_CMSRecipientInfo_Create(cmsg, 
-	                                                 recipientcerts[i])) 
-	      == NULL) {
-	    fprintf(stderr, "ERROR: cannot create CMS recipientInfo object.\n");
-	    goto loser;
-	}
-	if (NSS_CMSEnvelopedData_AddRecipient(envd, recipientinfo) 
-	      != SECSuccess) {
-	    fprintf(stderr, "ERROR: cannot add CMS recipientInfo object.\n");
-	    goto loser;
-	}
-	CERT_DestroyCertificate(recipientcerts[i]);
-    }
-    if (tmppoolp)
-	PORT_FreeArena(tmppoolp, PR_FALSE);
-    return cmsg;
-loser:
-    if (recipientcerts) {
-	for (; recipientcerts[i] != NULL; i++) {
-	    CERT_DestroyCertificate(recipientcerts[i]);
-	}
-    }
-    if (cmsg)
-	NSS_CMSMessage_Destroy(cmsg);
-    if (tmppoolp)
-	PORT_FreeArena(tmppoolp, PR_FALSE);
-    return NULL;
-}
-
-PK11SymKey *dkcb(void *arg, SECAlgorithmID *algid)
-{
-    return (PK11SymKey*)arg;
-}
-
-static SECStatus
-get_enc_params(struct encryptOptionsStr *encryptOptions)
-{
-    struct envelopeOptionsStr envelopeOptions;
-    SECStatus rv = SECFailure;
-    NSSCMSMessage *env_cmsg;
-    NSSCMSContentInfo *cinfo;
-    PK11SymKey *bulkkey = NULL;
-    SECOidTag bulkalgtag;
-    int keysize;
-    int i, nlevels;
-    /*
-     * construct an enveloped data message to obtain bulk keys
-     */
-    if (encryptOptions->envmsg) {
-	env_cmsg = encryptOptions->envmsg; /* get it from an old message */
-    } else {
-	SECItem dummyOut = { 0, 0, 0 };
-	SECItem dummyIn  = { 0, 0, 0 };
-	char str[] = "Hello!";
-	PLArenaPool *tmparena = PORT_NewArena(1024);
-	dummyIn.data = (unsigned char *)str;
-	dummyIn.len = strlen(str);
-	envelopeOptions.options = encryptOptions->options;
-	envelopeOptions.recipients = encryptOptions->recipients;
-	env_cmsg = enveloped_data(&envelopeOptions);
-	NSS_CMSDEREncode(env_cmsg, &dummyIn, &dummyOut, tmparena);
-	PR_Write(encryptOptions->envFile, dummyOut.data, dummyOut.len);
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    /*
-     * get the content info for the enveloped data 
-     */
-    nlevels = NSS_CMSMessage_ContentLevelCount(env_cmsg);
-    for (i = 0; i < nlevels; i++) {
-    	SECOidTag typetag;
-	cinfo = NSS_CMSMessage_ContentLevel(env_cmsg, i);
-	typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-	if (typetag == SEC_OID_PKCS7_DATA) {
-	    /*
-	     * get the symmetric key
-	     */
-	    bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
-	    keysize = NSS_CMSContentInfo_GetBulkKeySize(cinfo);
-	    bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
-	    break;
-	}
-    }
-    if (i == nlevels) {
-	fprintf(stderr, "%s: could not retrieve enveloped data.", progName);
-	goto loser;
-    }
-    encryptOptions->bulkalgtag = bulkalgtag;
-    encryptOptions->bulkkey = bulkkey;
-    encryptOptions->keysize = keysize;
-    rv = SECSuccess;
-loser:
-    if (env_cmsg)
-	NSS_CMSMessage_Destroy(env_cmsg);
-    return rv;
-}
-
-static NSSCMSMessage *
-encrypted_data(struct encryptOptionsStr *encryptOptions)
-{
-    SECStatus rv = SECFailure;
-    NSSCMSMessage *cmsg = NULL;
-    NSSCMSContentInfo *cinfo;
-    NSSCMSEncryptedData *encd;
-    NSSCMSEncoderContext *ecx = NULL;
-    PLArenaPool *tmppoolp = NULL;
-    SECItem derOut = { 0, 0, 0 };
-    /* arena for output */
-    tmppoolp = PORT_NewArena(1024);
-    if (!tmppoolp) {
-	fprintf(stderr, "%s: out of memory.\n", progName);
-	return NULL;
-    }
-    /*
-     * create the message object
-     */
-    cmsg = NSS_CMSMessage_Create(NULL);
-    if (cmsg == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS message.\n");
-	goto loser;
-    }
-    /*
-     * build chain of objects: message->encryptedData->data
-     */
-    if ((encd = NSS_CMSEncryptedData_Create(cmsg, encryptOptions->bulkalgtag, 
-                                                  encryptOptions->keysize)) 
-           == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS encryptedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-    if (NSS_CMSContentInfo_SetContent_EncryptedData(cmsg, cinfo, encd)
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS encryptedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSEncryptedData_GetContentInfo(encd);
-    /* we're always passing data in, so the content is NULL */
-    if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
-	goto loser;
-    }
-    ecx = NSS_CMSEncoder_Start(cmsg, NULL, NULL, &derOut, tmppoolp, NULL, NULL,
-                               dkcb, encryptOptions->bulkkey, NULL, NULL);
-    if (!ecx) {
-	fprintf(stderr, "%s: cannot create encoder context.\n", progName);
-	goto loser;
-    }
-    rv = NSS_CMSEncoder_Update(ecx, (char *)encryptOptions->input->data, 
-                                    encryptOptions->input->len);
-    if (rv) {
-	fprintf(stderr, "%s: failed to add data to encoder.\n", progName);
-	goto loser;
-    }
-    rv = NSS_CMSEncoder_Finish(ecx);
-    if (rv) {
-	fprintf(stderr, "%s: failed to encrypt data.\n", progName);
-	goto loser;
-    }
-    fwrite(derOut.data, derOut.len, 1, encryptOptions->outfile);
-    /*
-    if (bulkkey)
-	PK11_FreeSymKey(bulkkey);
-	*/
-    if (tmppoolp)
-	PORT_FreeArena(tmppoolp, PR_FALSE);
-    return cmsg;
-loser:
-    /*
-    if (bulkkey)
-	PK11_FreeSymKey(bulkkey);
-	*/
-    if (tmppoolp)
-	PORT_FreeArena(tmppoolp, PR_FALSE);
-    if (cmsg)
-	NSS_CMSMessage_Destroy(cmsg);
-    return NULL;
-}
-
-static NSSCMSMessage *
-signed_data_certsonly(struct certsonlyOptionsStr *certsonlyOptions)
-{
-    NSSCMSMessage *cmsg = NULL;
-    NSSCMSContentInfo *cinfo;
-    NSSCMSSignedData *sigd;
-    CERTCertificate **certs = NULL;
-    CERTCertDBHandle *dbhandle;
-    PLArenaPool *tmppoolp = NULL;
-    int i = 0, cnt;
-    dbhandle = certsonlyOptions->options->certHandle;
-    if ((cnt = nss_CMSArray_Count((void**)certsonlyOptions->recipients)) == 0) {
-	fprintf(stderr, 
-        "ERROR: please indicate the nickname of a certificate to sign with.\n");
-	goto loser;
-    }
-    if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
-	fprintf(stderr, "ERROR: out of memory.\n");
-	goto loser;
-    }
-    if ((certs = 
-         (CERTCertificate **)PORT_ArenaZAlloc(tmppoolp, 
-					     (cnt+1)*sizeof(CERTCertificate*)))
-            == NULL) {
-	fprintf(stderr, "ERROR: out of memory.\n");
-	goto loser;
-    }
-    for (i=0; certsonlyOptions->recipients[i] != NULL; i++) {
-	if ((certs[i] = 
-	      CERT_FindCertByNicknameOrEmailAddr(dbhandle,
-	                                      certsonlyOptions->recipients[i]))
-	        == NULL) {
-	    SECU_PrintError(progName, "cannot find certificate for \"%s\"", 
-	                    certsonlyOptions->recipients[i]);
-	    i=0;
-	    goto loser;
-	}
-    }
-    certs[i] = NULL;
-    i=0;
-    /*
-     * create the message object
-     */
-    cmsg = NSS_CMSMessage_Create(NULL);
-    if (cmsg == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS message.\n");
-	goto loser;
-    }
-    /*
-     * build chain of objects: message->signedData->data
-     */
-    if ((sigd = NSS_CMSSignedData_CreateCertsOnly(cmsg, certs[0], PR_TRUE))
-          == NULL) {
-	fprintf(stderr, "ERROR: cannot create CMS signedData object.\n");
-	goto loser;
-    }
-    CERT_DestroyCertificate(certs[0]);
-    for (i=1; i<cnt; i++) {
-	if (NSS_CMSSignedData_AddCertChain(sigd, certs[i])) {
-	    fprintf(stderr, "ERROR: cannot add cert chain for \"%s\".\n",
-	            certsonlyOptions->recipients[i]);
-	    goto loser;
-	}
-	CERT_DestroyCertificate(certs[i]);
-    }
-    cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-    if (NSS_CMSContentInfo_SetContent_SignedData(cmsg, cinfo, sigd) 
-          != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS signedData object.\n");
-	goto loser;
-    }
-    cinfo = NSS_CMSSignedData_GetContentInfo(sigd);
-    if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE) 
-	   != SECSuccess) {
-	fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
-	goto loser;
-    }
-    if (tmppoolp)
-	PORT_FreeArena(tmppoolp, PR_FALSE);
-    return cmsg;
-loser:
-    if (certs) {
-	for (; i<cnt; i++) {
-	    CERT_DestroyCertificate(certs[i]);
-	}
-    }
-    if (cmsg)
-	NSS_CMSMessage_Destroy(cmsg);
-    if (tmppoolp)
-	PORT_FreeArena(tmppoolp, PR_FALSE);
-    return NULL;
-}
-
-typedef enum { UNKNOWN, DECODE, SIGN, ENCRYPT, ENVELOPE, CERTSONLY } Mode;
-
-#if 0
-void
-parse_message_for_recipients(PRFileDesc *inFile, 
-                             struct envelopeOptionsStr *envelopeOptions)
-{
-    SECItem filedata;
-    SECStatus rv;
-    rv = SECU_FileToItem(&filedata, inFile);
-}
-#endif
-
-int
-main(int argc, char **argv)
-{
-    FILE *outFile;
-    NSSCMSMessage *cmsg = NULL;
-    PRFileDesc *inFile;
-    PLOptState *optstate;
-    PLOptStatus status;
-    Mode mode = UNKNOWN;
-    PK11PasswordFunc pwcb;
-    void *pwcb_arg;
-    struct decodeOptionsStr decodeOptions = { 0 };
-    struct signOptionsStr signOptions = { 0 };
-    struct envelopeOptionsStr envelopeOptions = { 0 };
-    struct certsonlyOptionsStr certsonlyOptions = { 0 };
-    struct encryptOptionsStr encryptOptions = { 0 };
-    struct optionsStr options = { 0 };
-    int exitstatus;
-    static char *ptrarray[128] = { 0 };
-    int nrecipients = 0;
-    char *str, *tok;
-    char *envFileName;
-    SECItem input = { 0, 0, 0};
-    SECItem output = { 0, 0, 0};
-    SECItem dummy = { 0, 0, 0 };
-    SECItem envmsg = { 0, 0, 0 };
-    SECStatus rv;
-
-    progName = strrchr(argv[0], '/');
-    progName = progName ? progName+1 : argv[0];
-
-    inFile = PR_STDIN;
-    outFile = stdout;
-    envFileName = NULL;
-    mode = UNKNOWN;
-    decodeOptions.contentFile = NULL;
-    decodeOptions.suppressContent = PR_FALSE;
-    decodeOptions.headerLevel = -1;
-    options.certUsage = certUsageEmailSigner;
-    options.password = NULL;
-    signOptions.nickname = NULL;
-    signOptions.detached = PR_FALSE;
-    signOptions.signingTime = PR_FALSE;
-    signOptions.smimeProfile = PR_FALSE;
-    signOptions.encryptionKeyPreferenceNick = NULL;
-    envelopeOptions.recipients = NULL;
-    encryptOptions.recipients = NULL;
-    encryptOptions.envmsg = NULL;
-    encryptOptions.envFile = NULL;
-    encryptOptions.bulkalgtag = SEC_OID_UNKNOWN;
-    encryptOptions.bulkkey = NULL;
-    encryptOptions.keysize = -1;
-
-    /*
-     * Parse command line arguments
-     */
-    optstate = PL_CreateOptState(argc, argv, 
-                                 "CDSEOnN:TGPYv:h:p:i:c:d:e:o:s:u:r:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	case '?':
-	    Usage(progName);
-	    break;
-	
-	case 'C':
-	    mode = ENCRYPT;
-	    break;
-	case 'D':
-	    mode = DECODE;
-	    break;
-	case 'S':
-	    mode = SIGN;
-	    break;
-	case 'E':
-	    mode = ENVELOPE;
-	    break;
-	case 'O':
-	    mode = CERTSONLY;
-	    break;
-	case 'v':
-	    cms_verbose = 1;
-	    break;
-
-	case 'n':
-	    if (mode != DECODE) {
-		fprintf(stderr, 
-		        "%s: option -n only supported with option -D.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    decodeOptions.suppressContent = PR_TRUE;
-	    break;
-
-	case 'N':
-	    if (mode != SIGN) {
-		fprintf(stderr, 
-		        "%s: option -N only supported with option -S.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    signOptions.nickname = strdup(optstate->value);
-	    break;
-
-	case 'Y':
-	    if (mode != SIGN) {
-		fprintf(stderr, 
-		        "%s: option -Y only supported with option -S.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    signOptions.encryptionKeyPreferenceNick = strdup(optstate->value);
-	    break;
-
-	case 'T':
-	    if (mode != SIGN) {
-		fprintf(stderr, 
-		        "%s: option -T only supported with option -S.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    signOptions.detached = PR_TRUE;
-	    break;
-
-	case 'G':
-	    if (mode != SIGN) {
-		fprintf(stderr, 
-		        "%s: option -G only supported with option -S.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    signOptions.signingTime = PR_TRUE;
-	    break;
-
-	case 'P':
-	    if (mode != SIGN) {
-		fprintf(stderr, 
-		        "%s: option -P only supported with option -S.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    signOptions.smimeProfile = PR_TRUE;
-	    break;
-
-	case 'h':
-	    if (mode != DECODE) {
-		fprintf(stderr, 
-		        "%s: option -h only supported with option -D.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    decodeOptions.headerLevel = atoi(optstate->value);
-	    if (decodeOptions.headerLevel < 0) {
-		fprintf(stderr, "option -h cannot have a negative value.\n");
-		exit(1);
-	    }
-	    break;
-
-	case 'p':
-	    if (!optstate->value) {
-		fprintf(stderr, "%s: option -p must have a value.\n", progName);
-		Usage(progName);
-		exit(1);
-	    }
-		
-	    options.password = strdup(optstate->value);
-	    break;
-
-	case 'i':
-	    inFile = PR_Open(optstate->value, PR_RDONLY, 00660);
-	    if (inFile == NULL) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
-			progName, optstate->value);
-		exit(1);
-	    }
-	    break;
-
-	case 'c':
-	    if (mode != DECODE) {
-		fprintf(stderr, 
-		        "%s: option -c only supported with option -D.\n", 
-		        progName);
-		Usage(progName);
-		exit(1);
-	    }
-	    if ((decodeOptions.contentFile = 
-	          PR_Open(optstate->value, PR_RDONLY, 006600)) == NULL) {
-		fprintf(stderr, "%s: unable to open \"%s\" for reading.\n",
-			progName, optstate->value);
-		exit(1);
-	    }
-	    break;
-
-	case 'o':
-#if 0
-	    if (mode == DECODE) {
-		outFile = fopen(optstate->value, "w");
-	    } else {
-		outFile = fopen(optstate->value, "wb");
-	    }
-#endif
-	    outFile = fopen(optstate->value, "wb");
-	    if (outFile == NULL) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
-		exit(1);
-	    }
-	    break;
-
-	case 'r':
-	    if (!optstate->value) {
-		fprintf(stderr, "%s: option -r must have a value.\n", progName);
-		Usage(progName);
-		exit(1);
-	    }
-#if 0
-	    fprintf(stderr, "recipient = %s\n", optstate->value);
-#endif
-	    envelopeOptions.recipients = ptrarray;
-	    str = (char *)optstate->value;
-	    do {
-		tok = strchr(str, ',');
-		if (tok) *tok = '\0';
-		envelopeOptions.recipients[nrecipients++] = strdup(str);
-		if (tok) str = tok + 1;
-	    } while (tok);
-	    envelopeOptions.recipients[nrecipients] = NULL;
-	    encryptOptions.recipients = envelopeOptions.recipients;
-	    certsonlyOptions.recipients = envelopeOptions.recipients;
-	    break;
-
-	case 'd':
-	    SECU_ConfigDirectory(optstate->value);
-	    break;
-
-	case 'e':
-	    envFileName = strdup(optstate->value);
-	    encryptOptions.envFile = PR_Open(envFileName, PR_RDONLY, 00660);
-	    break;
-
-	case 'u': {
-	    int usageType;
-
-	    usageType = atoi (strdup(optstate->value));
-	    if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
-		return -1;
-	    options.certUsage = (SECCertUsage)usageType;
-	    break;
-	  }
-	      
-	}
-    }
-
-    if (mode == UNKNOWN)
-	Usage(progName);
-
-    if (mode != CERTSONLY)
-	SECU_FileToItem(&input, inFile);
-    if (inFile != PR_STDIN)
-	PR_Close(inFile);
-    if (cms_verbose) {
-	fprintf(stderr, "received commands\n");
-    }
-
-    /* Call the libsec initialization routines */
-    PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-    rv = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
-    if (SECSuccess != rv) {
-	SECU_PrintError(progName, "NSS_Init failed");
-	exit(1);
-    }
-    if (cms_verbose) {
-	fprintf(stderr, "NSS has been initialized.\n");
-    }
-    options.certHandle = CERT_GetDefaultCertDB();
-    if (!options.certHandle) {
-	SECU_PrintError(progName, "No default cert DB");
-	exit(1);
-    }
-    if (cms_verbose) {
-	fprintf(stderr, "Got default certdb\n");
-    }
-
-#if defined(_WIN32)
-    /*if (outFile == stdout && mode != DECODE) {*/
-    if (outFile == stdout) {
-	/* If we're going to write binary data to stdout, we must put stdout
-	** into O_BINARY mode or else outgoing \n's will become \r\n's.
-	*/
-	int smrv = _setmode(_fileno(stdout), _O_BINARY);
-	if (smrv == -1) {
-	    fprintf(stderr,
-	    "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
-	            progName);
-	    return smrv;
-	}
-    }
-#endif
-
-    exitstatus = 0;
-    switch (mode) {
-    case DECODE:
-	decodeOptions.options = &options;
-	if (encryptOptions.envFile) {
-	    /* Decoding encrypted-data, so get the bulkkey from an
-	     * enveloped-data message.
-	     */
-	    SECU_FileToItem(&envmsg, encryptOptions.envFile);
-	    decodeOptions.options = &options;
-	    encryptOptions.envmsg = decode(NULL, &dummy, &envmsg, 
-	                                   &decodeOptions);
-	    if (!encryptOptions.envmsg) {
-		SECU_PrintError(progName, "problem decoding env msg");
-		exitstatus = 1;
-		break;
-	    }
-	    rv = get_enc_params(&encryptOptions);
-	    decodeOptions.dkcb = dkcb;
-	    decodeOptions.bulkkey = encryptOptions.bulkkey;
-	}
-	cmsg = decode(outFile, &output, &input, &decodeOptions);
-	if (!cmsg) {
-	    SECU_PrintError(progName, "problem decoding");
-	    exitstatus = 1;
-	}
-	fwrite(output.data, output.len, 1, outFile);
-	break;
-    case SIGN:
-	signOptions.options = &options;
-	cmsg = signed_data(&signOptions);
-	if (!cmsg) {
-	    SECU_PrintError(progName, "problem signing");
-	    exitstatus = 1;
-	}
-	break;
-    case ENCRYPT:
-	if (!envFileName) {
-	    fprintf(stderr, "%s: you must specify an envelope file with -e.\n",
-	            progName);
-	    exit(1);
-	}
-	encryptOptions.options = &options;
-	encryptOptions.input = &input;
-	encryptOptions.outfile = outFile;
-	if (!encryptOptions.envFile) {
-	    encryptOptions.envFile = PR_Open(envFileName, 
-	                                     PR_WRONLY|PR_CREATE_FILE, 00660);
-	    if (!encryptOptions.envFile) {
-		fprintf(stderr, "%s: failed to create file %s.\n", progName,
-		        envFileName);
-		exit(1);
-	    }
-	} else {
-	    SECU_FileToItem(&envmsg, encryptOptions.envFile);
-	    decodeOptions.options = &options;
-	    encryptOptions.envmsg = decode(NULL, &dummy, &envmsg, 
-	                                   &decodeOptions);
-	    if (encryptOptions.envmsg == NULL) {
-	    	SECU_PrintError(progName, "problem decrypting env msg");
-		exitstatus = 1;
-	    	break;
-	    }
-	}
-	/* decode an enveloped-data message to get the bulkkey (create
-	 * a new one if neccessary)
-	 */
-	rv = get_enc_params(&encryptOptions);
-	/* create the encrypted-data message */
-	cmsg = encrypted_data(&encryptOptions);
-	if (!cmsg) {
-	    SECU_PrintError(progName, "problem encrypting");
-	    exitstatus = 1;
-	}
-	if (encryptOptions.bulkkey) {
-	    PK11_FreeSymKey(encryptOptions.bulkkey);
-	    encryptOptions.bulkkey = NULL;
-	}
-	break;
-    case ENVELOPE:
-	envelopeOptions.options = &options;
-#if 0
-	if (!envelopeOptions.recipients)
-	    parse_message_for_recipients(myIn, &envelopeOptions);
-#endif
-	cmsg = enveloped_data(&envelopeOptions);
-	if (!cmsg) {
-	    SECU_PrintError(progName, "problem enveloping");
-	    exitstatus = 1;
-	}
-	break;
-    case CERTSONLY:
-	certsonlyOptions.options = &options;
-	cmsg = signed_data_certsonly(&certsonlyOptions);
-	if (!cmsg) {
-	    SECU_PrintError(progName, "problem with certs-only");
-	    exitstatus = 1;
-	}
-	break;
-    default:
-	fprintf(stderr, "One of options -D, -S or -E must be set.\n");
-	Usage(progName);
-	exitstatus = 1;
-    }
-    if ( (mode == SIGN || mode == ENVELOPE || mode == CERTSONLY)
-         && (!exitstatus) ) {
-	PLArenaPool *arena = PORT_NewArena(1024);
-	NSSCMSEncoderContext *ecx;
-	SECItem output = { 0, 0, 0 };
-	if (!arena) {
-	    fprintf(stderr, "%s: out of memory.\n", progName);
-	    exit(1);
-	}
-	pwcb     = (options.password != NULL) ? ownpw                    : NULL;
-	pwcb_arg = (options.password != NULL) ? (void *)options.password : NULL;
-	if (cms_verbose) {
-	    fprintf(stderr, "cmsg [%p]\n", cmsg);
-	    fprintf(stderr, "arena [%p]\n", arena);
-	    if (pwcb_arg)
-		fprintf(stderr, "password [%s]\n", (char *)pwcb_arg);
-	    else
-		fprintf(stderr, "password [NULL]\n");
-	}
-	ecx = NSS_CMSEncoder_Start(cmsg, 
-                                   NULL, NULL,     /* DER output callback  */
-                                   &output, arena, /* destination storage  */
-                                   pwcb, pwcb_arg, /* password callback    */
-                                   NULL, NULL,     /* decrypt key callback */
-                                   NULL, NULL );   /* detached digests    */
-	if (!ecx) {
-	    fprintf(stderr, "%s: cannot create encoder context.\n", progName);
-	    exit(1);
-	}
-	if (cms_verbose) {
-	    fprintf(stderr, "input len [%d]\n", input.len);
-	    { int j; 
-		for(j=0;j<input.len;j++)
-	     fprintf(stderr, "%2x%c", input.data[j], (j>0&&j%35==0)?'\n':' ');
-	    }
-	}
-	if (input.len > 0) { /* skip if certs-only (or other zero content) */
-	    rv = NSS_CMSEncoder_Update(ecx, (char *)input.data, input.len);
-	    if (rv) {
-		fprintf(stderr, 
-		        "%s: failed to add data to encoder.\n", progName);
-		exit(1);
-	    }
-	}
-	rv = NSS_CMSEncoder_Finish(ecx);
-	if (rv) {
-            SECU_PrintError(progName, "failed to encode data");
-	    exit(1);
-	}
-
-	if (cms_verbose) {
-	    fprintf(stderr, "encoding passed\n");
-	}
-	/*PR_Write(output.data, output.len);*/
-	fwrite(output.data, output.len, 1, outFile);
-	if (cms_verbose) {
-	    fprintf(stderr, "wrote to file\n");
-	}
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    if (cmsg)
-	NSS_CMSMessage_Destroy(cmsg);
-    if (outFile != stdout)
-	fclose(outFile);
-
-    if (decodeOptions.contentFile)
-	PR_Close(decodeOptions.contentFile);
-    NSS_Shutdown();
-    exit(exitstatus);
-}
diff --git a/security/nss/cmd/smimetools/manifest.mn b/security/nss/cmd/smimetools/manifest.mn
deleted file mode 100644
index 9ed96c658..000000000
--- a/security/nss/cmd/smimetools/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = cmsutil.c  
-
-MYLIB = $(DIST)/lib/libsmime.a
-
-REQUIRES = seccmd dbm
-
-PROGRAM = cmsutil
-SCRIPTS = smime
diff --git a/security/nss/cmd/smimetools/rules.mk b/security/nss/cmd/smimetools/rules.mk
deleted file mode 100644
index 51e0baaed..000000000
--- a/security/nss/cmd/smimetools/rules.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# $Id$
-#
-
-install::
-	$(INSTALL) -m 755 $(SCRIPTS) $(SOURCE_BIN_DIR)
diff --git a/security/nss/cmd/smimetools/smime b/security/nss/cmd/smimetools/smime
deleted file mode 100755
index d23a912ed..000000000
--- a/security/nss/cmd/smimetools/smime
+++ /dev/null
@@ -1,576 +0,0 @@
-#!/usr/local/bin/perl
-
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# smime.pl - frontend for S/MIME message generation and parsing
-#
-# $Id$
-#
-
-use Getopt::Std;
-
-@boundarychars = ( "0" .. "9", "A" .. "F" );
-
-# path to cmsutil
-$cmsutilpath = "cmsutil";
-
-#
-# Thanks to Gisle Aas <gisle@aas.no> for the base64 functions
-# originally taken from MIME-Base64-2.11 at www.cpan.org
-#
-sub encode_base64($)
-{
-    my $res = "";
-    pos($_[0]) = 0;                          # ensure start at the beginning
-    while ($_[0] =~ /(.{1,45})/gs) {
-	$res .= substr(pack('u', $1), 1);    # get rid of length byte after packing
-	chop($res);
-    }
-    $res =~ tr|` -_|AA-Za-z0-9+/|;
-    # fix padding at the end
-    my $padding = (3 - length($_[0]) % 3) % 3;
-    $res =~ s/.{$padding}$/'=' x $padding/e if $padding;
-    # break encoded string into lines of no more than 76 characters each
-    $res =~ s/(.{1,76})/$1\n/g;
-    $res;
-}
-
-sub decode_base64($)
-{
-    local($^W) = 0; # unpack("u",...) gives bogus warning in 5.00[123]
-
-    my $str = shift;
-    my $res = "";
-
-    $str =~ tr|A-Za-z0-9+=/||cd;            # remove non-base64 chars
-    if (length($str) % 4) {
-	require Carp;
-	Carp::carp("Length of base64 data not a multiple of 4")
-    }
-    $str =~ s/=+$//;                        # remove padding
-    $str =~ tr|A-Za-z0-9+/| -_|;            # convert to uuencoded format
-    while ($str =~ /(.{1,60})/gs) {
-	my $len = chr(32 + length($1)*3/4); # compute length byte
-	$res .= unpack("u", $len . $1 );    # uudecode
-    }
-    $res;
-}
-
-#
-# parse headers into a hash
-#
-# %headers = parseheaders($headertext);
-#
-sub parseheaders($)
-{
-    my ($headerdata) = @_;
-    my $hdr;
-    my %hdrhash;
-    my $hdrname;
-    my $hdrvalue;
-    my @hdrvalues;
-    my $subhdrname;
-    my $subhdrvalue;
-
-    # the expression in split() correctly handles continuation lines
-    foreach $hdr (split(/\n(?=\S)/, $headerdata)) {
-	$hdr =~ s/\r*\n\s+/ /g;	# collapse continuation lines
-	($hdrname, $hdrvalue) = $hdr =~ m/^(\S+):\s+(.*)$/;
-
-	# ignore non-headers (or should we die horribly?)
-	next unless (defined($hdrname));
-	$hdrname =~ tr/A-Z/a-z/;			# lowercase the header name
-	@hdrvalues = split(/\s*;\s*/, $hdrvalue);	# split header values (XXXX quoting)
-
-	# there is guaranteed to be at least one value
-	$hdrvalue = shift @hdrvalues;
-	if ($hdrvalue =~ /^\s*\"(.*)\"\s*$/) {		# strip quotes if there
-	    $hdrvalue = $1;
-	}
-
-	$hdrhash{$hdrname}{MAIN} = $hdrvalue;
-	# print "XXX $hdrname = $hdrvalue\n";
-
-	# deal with additional name-value pairs
-	foreach $hdrvalue (@hdrvalues) {
-	    ($subhdrname, $subhdrvalue) = $hdrvalue =~ m/^(\S+)\s*=\s*(.*)$/;
-	    # ignore non-name-value pairs (or should we die?)
-	    next unless (defined($subhdrname));
-	    $subhdrname =~ tr/A-Z/a-z/;
-	    if ($subhdrvalue =~ /^\s*\"(.*)\"\s*$/) {	# strip quotes if there
-		$subhdrvalue = $1;
-	    }
-	    $hdrhash{$hdrname}{$subhdrname} = $subhdrvalue;
-	}
-
-    }
-    return %hdrhash;
-}
-
-#
-# encryptentity($entity, $options) - encrypt an S/MIME entity,
-#                                    creating a new application/pkcs7-smime entity
-#
-# entity  - string containing entire S/MIME entity to encrypt
-# options - options for cmsutil
-#
-# this will generate and return a new application/pkcs7-smime entity containing
-# the enveloped input entity.
-#
-sub encryptentity($$)
-{
-    my ($entity, $cmsutiloptions) = @_;
-    my $out = "";
-    my $boundary;
-
-    $tmpencfile = "/tmp/encryptentity.$$";
-
-    #
-    # generate a random boundary string
-    #
-    $boundary = "------------ms" . join("", @boundarychars[map{rand @boundarychars }( 1 .. 24 )]);
-
-    #
-    # tell cmsutil to generate a enveloped CMS message using our data
-    #
-    open(CMS, "|$cmsutilpath -E $cmsutiloptions -o $tmpencfile") or die "ERROR: cannot pipe to cmsutil";
-    print CMS $entity;
-    unless (close(CMS)) {
-	print STDERR "ERROR: encryption failed.\n";
-	unlink($tmpsigfile);
-	exit 1;
-    }
-
-    $out  = "Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name=smime.p7m\n";
-    $out .= "Content-Transfer-Encoding: base64\n";
-    $out .= "Content-Disposition: attachment; filename=smime.p7m\n";
-    $out .= "\n";			# end of entity header
-
-    open (ENC, $tmpencfile) or die "ERROR: cannot find newly generated encrypted content";
-    local($/) = undef;			# slurp whole file
-    $out .= encode_base64(<ENC>), "\n";	# entity body is base64-encoded CMS message
-    close(ENC);
-
-    unlink($tmpencfile);
-
-    $out;
-}
-
-#
-# signentity($entity, $options) - sign an S/MIME entity
-#
-# entity  - string containing entire S/MIME entity to sign
-# options - options for cmsutil
-#
-# this will generate and return a new multipart/signed entity consisting
-# of the canonicalized original content, plus a signature block.
-#
-sub signentity($$)
-{
-    my ($entity, $cmsutiloptions) = @_;
-    my $out = "";
-    my $boundary;
-
-    $tmpsigfile = "/tmp/signentity.$$";
-
-    #
-    # generate a random boundary string
-    #
-    $boundary = "------------ms" . join("", @boundarychars[map{rand @boundarychars }( 1 .. 24 )]);
-
-    #
-    # tell cmsutil to generate a signed CMS message using the canonicalized data
-    # The signedData has detached content (-T) and includes a signing time attribute (-G)
-    #
-    # if we do not provide a password on the command line, here's where we would be asked for it
-    #
-    open(CMS, "|$cmsutilpath -S -T -G $cmsutiloptions -o $tmpsigfile") or die "ERROR: cannot pipe to cmsutil";
-    print CMS $entity;
-    unless (close(CMS)) {
-	print STDERR "ERROR: signature generation failed.\n";
-	unlink($tmpsigfile);
-	exit 1;
-    }
-
-    open (SIG, $tmpsigfile) or die "ERROR: cannot find newly generated signature";
-
-    #
-    # construct a new multipart/signed MIME entity consisting of the original content and
-    # the signature
-    #
-    # (we assume that cmsutil generates a SHA1 digest)
-    $out .= "Content-Type: multipart/signed; protocol=\"application/pkcs7-signature\"; micalg=sha1; boundary=\"${boundary}\"\n";
-    $out .= "\n";		# end of entity header
-    $out .= "This is a cryptographically signed message in MIME format.\n"; # explanatory comment
-    $out .= "\n--${boundary}\n";
-    $out .= $entity;
-    $out .= "\n--${boundary}\n";
-    $out .= "Content-Type: application/pkcs7-signature; name=smime.p7s\n";
-    $out .= "Content-Transfer-Encoding: base64\n";
-    $out .= "Content-Disposition: attachment; filename=smime.p7s\n";
-    $out .= "Content-Description: S/MIME Cryptographic Signature\n";
-    $out .= "\n";		# end of signature subentity header
-
-    local($/) = undef;		# slurp whole file
-    $out .= encode_base64(<SIG>);	# append base64-encoded signature
-    $out .= "\n--${boundary}--\n";
-
-    close(SIG);
-    unlink($tmpsigfile);
-
-    $out;
-}
-
-sub usage {
-    print STDERR "usage: smime [options]\n";
-    print STDERR " options:\n";
-    print STDERR " -S nick             generate signed message, use certificate named \"nick\"\n";
-    print STDERR "  -p passwd          use \"passwd\" as security module password\n";
-    print STDERR " -E rec1[,rec2...]   generate encrypted message for recipients\n";
-    print STDERR " -D                  decode a S/MIME message\n";
-    print STDERR "  -p passwd          use \"passwd\" as security module password\n";
-    print STDERR "                     (required for decrypting only)\n";
-    print STDERR " -C pathname         set pathname of \"cmsutil\"\n";
-    print STDERR " -d directory        set directory containing certificate db\n";
-    print STDERR "                     (default: ~/.netscape)\n";
-    print STDERR "\nWith -S or -E, smime will take a regular RFC822 message or MIME entity\n";
-    print STDERR "on stdin and generate a signed or encrypted S/MIME message with the same\n";
-    print STDERR "headers and content from it. The output can be used as input to a MTA.\n";
-    print STDERR "-D causes smime to strip off all S/MIME layers if possible and output\n";
-    print STDERR "the \"inner\" message.\n";
-}
-
-#
-# start of main procedures
-#
-
-#
-# process command line options
-#
-unless (getopts('S:E:p:d:C:D')) {
-    usage();
-    exit 1;
-}
-
-unless (defined($opt_S) or defined($opt_E) or defined($opt_D)) {
-    print STDERR "ERROR: -S and/or -E, or -D must be specified.\n";
-    usage();
-    exit 1;
-}
-
-$signopts = "";
-$encryptopts = "";
-$decodeopts = "";
-
-# pass -d option along
-if (defined($opt_d)) {
-    $signopts .= "-d \"$opt_d\" ";
-    $encryptopts .= "-d \"$opt_d\" ";
-    $decodeopts .= "-d \"$opt_d\" ";
-}
-
-if (defined($opt_S)) {
-    $signopts .= "-N \"$opt_S\" ";
-}
-
-if (defined($opt_p)) {
-    $signopts .= "-p \"$opt_p\" ";
-    $decodeopts .= "-p \"$opt_p\" ";
-}
-
-if (defined($opt_E)) {
-    @recipients = split(",", $opt_E);
-    $encryptopts .= "-r ";
-    $encryptopts .= join (" -r ", @recipients);
-}
-
-if (defined($opt_C)) {
-    $cmsutilpath = $opt_C;
-}
-
-#
-# split headers into mime entity headers and RFC822 headers
-# The RFC822 headers are preserved and stay on the outer layer of the message
-#
-$rfc822headers = "";
-$mimeheaders = "";
-$mimebody = "";
-$skippedheaders = "";
-while (<STDIN>) {
-    last if (/^$/);
-    if (/^content-\S+: /i) {
-	$lastref = \$mimeheaders;
-    } elsif (/^mime-version: /i) {
-	$lastref = \$skippedheaders;			# skip it
-    } elsif (/^\s/) {
-	;
-    } else {
-	$lastref = \$rfc822headers;
-    }
-    $$lastref .= $_;
-}
-
-#
-# if there are no MIME entity headers, generate some default ones
-#
-if ($mimeheaders eq "") {
-    $mimeheaders .= "Content-Type: text/plain; charset=us-ascii\n";
-    $mimeheaders .= "Content-Transfer-Encoding: 7bit\n";
-}
-
-#
-# slurp in the entity body
-#
-$saveRS = $/;
-$/ = undef;
-$mimebody = <STDIN>;
-$/ = $saveRS;
-chomp($mimebody);
-
-if (defined $opt_D) {
-    #
-    # decode
-    #
-    # possible options would be:
-    # - strip off only one layer
-    # - strip off outer signature (if present)
-    # - just print information about the structure of the message
-    # - strip n layers, then dump DER of CMS message
-
-    $layercounter = 1;
-
-    while (1) {
-	%hdrhash = parseheaders($mimeheaders);
-	unless (exists($hdrhash{"content-type"}{MAIN})) {
-	    print STDERR "ERROR: no content type header found in MIME entity\n";
-	    last;	# no content-type - we're done
-	}
-
-	$contenttype = $hdrhash{"content-type"}{MAIN};
-	if ($contenttype eq "application/pkcs7-mime") {
-	    #
-	    # opaque-signed or enveloped message
-	    #
-	    unless (exists($hdrhash{"content-type"}{"smime-type"})) {
-		print STDERR "ERROR: no smime-type attribute in application/pkcs7-smime entity.\n";
-		last;
-	    }
-	    $smimetype = $hdrhash{"content-type"}{"smime-type"};
-	    if ($smimetype eq "signed-data" or $smimetype eq "enveloped-data") {
-		# it's verification or decryption time!
-
-		# can handle only base64 encoding for now
-		# all other encodings are treated as binary (8bit)
-		if ($hdrhash{"content-transfer-encoding"}{MAIN} eq "base64") {
-		    $mimebody = decode_base64($mimebody);
-		}
-
-		# if we need to dump the DER, we would do it right here
-
-		# now write the DER
-		$tmpderfile = "/tmp/der.$$";
-		open(TMP, ">$tmpderfile") or die "ERROR: cannot write signature data to temporary file";
-		print TMP $mimebody;
-		unless (close(TMP)) {
-		    print STDERR "ERROR: writing signature data to temporary file.\n";
-		    unlink($tmpderfile);
-		    exit 1;
-		}
-
-		$mimeheaders = "";
-		open(TMP, "$cmsutilpath -D $decodeopts -h $layercounter -i $tmpderfile |") or die "ERROR: cannot open pipe to cmsutil";
-		$layercounter++;
-		while (<TMP>) {
-		    last if (/^\r?$/);			# empty lines mark end of header
-		    if (/^SMIME: /) {			# add all SMIME info to the rfc822 hdrs
-			$lastref = \$rfc822headers;
-		    } elsif (/^\s/) {
-			;				# continuation lines go to the last dest
-		    } else {
-			$lastref = \$mimeheaders;	# all other headers are mime headers
-		    }
-		    $$lastref .= $_;
-		}
-		# slurp in rest of the data to $mimebody
-		$saveRS = $/; $/ = undef; $mimebody = <TMP>; $/ = $saveRS;
-		close(TMP);
-
-		unlink($tmpderfile);
-
-	    } else {
-		print STDERR "ERROR: unknown smime-type \"$smimetype\" in application/pkcs7-smime entity.\n";
-		last;
-	    }
-	} elsif ($contenttype eq "multipart/signed") {
-	    #
-	    # clear signed message
-	    #
-	    unless (exists($hdrhash{"content-type"}{"protocol"})) {
-		print STDERR "ERROR: content type has no protocol attribute in multipart/signed entity.\n";
-		last;
-	    }
-	    if ($hdrhash{"content-type"}{"protocol"} ne "application/pkcs7-signature") {
-		# we cannot handle this guy
-		print STDERR "ERROR: unknown protocol \"", $hdrhash{"content-type"}{"protocol"},
-			"\" in multipart/signed entity.\n";
-		last;
-	    }
-	    unless (exists($hdrhash{"content-type"}{"boundary"})) {
-		print STDERR "ERROR: no boundary attribute in multipart/signed entity.\n";
-		last;
-	    }
-	    $boundary = $hdrhash{"content-type"}{"boundary"};
-
-	    # split $mimebody along \n--$boundary\n - gets you four parts
-	    # first (0), any comments the sending agent might have put in
-	    # second (1), the message itself
-	    # third (2), the signature as a mime entity
-	    # fourth (3), trailing data (there shouldn't be any)
-
-	    @multiparts = split(/\r?\n--$boundary(?:--)?\r?\n/, $mimebody);
-
-	    #
-	    # parse the signature headers
-	    ($submimeheaders, $submimebody) = split(/^$/m, $multiparts[2]);
-	    %sighdrhash = parseheaders($submimeheaders);
-	    unless (exists($sighdrhash{"content-type"}{MAIN})) {
-		print STDERR "ERROR: signature entity has no content type.\n";
-		last;
-	    }
-	    if ($sighdrhash{"content-type"}{MAIN} ne "application/pkcs7-signature") {
-		# we cannot handle this guy
-		print STDERR "ERROR: unknown content type \"", $sighdrhash{"content-type"}{MAIN},
-			"\" in signature entity.\n";
-		last;
-	    }
-	    if ($sighdrhash{"content-transfer-encoding"}{MAIN} eq "base64") {
-		$submimebody = decode_base64($submimebody);
-	    }
-
-	    # we would dump the DER at this point
-
-	    $tmpsigfile = "/tmp/sig.$$";
-	    open(TMP, ">$tmpsigfile") or die "ERROR: cannot write signature data to temporary file";
-	    print TMP $submimebody;
-	    unless (close(TMP)) {
-		print STDERR "ERROR: writing signature data to temporary file.\n";
-		unlink($tmpsigfile);
-		exit 1;
-	    }
-
-	    $tmpmsgfile = "/tmp/msg.$$";
-	    open(TMP, ">$tmpmsgfile") or die "ERROR: cannot write message data to temporary file";
-	    print TMP $multiparts[1];
-	    unless (close(TMP)) {
-		print STDERR "ERROR: writing message data to temporary file.\n";
-		unlink($tmpsigfile);
-		unlink($tmpmsgfile);
-		exit 1;
-	    }
-
-	    $mimeheaders = "";
-	    open(TMP, "$cmsutilpath -D $decodeopts -h $layercounter -c $tmpmsgfile -i $tmpsigfile |") or die "ERROR: cannot open pipe to cmsutil";
-	    $layercounter++;
-	    while (<TMP>) {
-		last if (/^\r?$/);
-		if (/^SMIME: /) {
-		    $lastref = \$rfc822headers;
-		} elsif (/^\s/) {
-		    ;
-		} else {
-		    $lastref = \$mimeheaders;
-		}
-		$$lastref .= $_;
-	    }
-	    $saveRS = $/; $/ = undef; $mimebody = <TMP>; $/ = $saveRS;
-	    close(TMP);
-	    unlink($tmpsigfile);
-	    unlink($tmpmsgfile);
-
-	} else {
-
-	    # not a content type we know - we're done
-	    last;
-
-	}
-    }
-
-    # so now we have the S/MIME parsing information in rfc822headers
-    # and the first mime entity we could not handle in mimeheaders and mimebody.
-    # dump 'em out and we're done.
-    print $rfc822headers;
-    print $mimeheaders . "\n" . $mimebody;
-
-} else {
-
-    #
-    # encode (which is much easier than decode)
-    #
-
-    $mimeentity = $mimeheaders . "\n" . $mimebody;
-
-    #
-    # canonicalize inner entity (rudimentary yet)
-    # convert single LFs to CRLF
-    # if no Content-Transfer-Encoding header present:
-    #  if 8 bit chars present, use Content-Transfer-Encoding: quoted-printable
-    #  otherwise, use Content-Transfer-Encoding: 7bit
-    #
-    $mimeentity =~ s/\r*\n/\r\n/mg;
-
-    #
-    # now do the wrapping
-    # we sign first, then encrypt because that's what Communicator needs
-    #
-    if (defined($opt_S)) {
-	$mimeentity = signentity($mimeentity, $signopts);
-    }
-
-    if (defined($opt_E)) {
-	$mimeentity = encryptentity($mimeentity, $encryptopts);	
-    }
-
-    #
-    # XXX sign again to do triple wrapping (RFC2634)
-    #
-
-    #
-    # now write out the RFC822 headers
-    # followed by the final $mimeentity
-    #
-    print $rfc822headers;
-    print "MIME-Version: 1.0 (NSS SMIME - http://www.mozilla.org/projects/security)\n";	# set up the flag
-    print $mimeentity;
-}
-
-exit 0;
diff --git a/security/nss/cmd/sslstrength/Makefile b/security/nss/cmd/sslstrength/Makefile
deleted file mode 100644
index a6a708692..000000000
--- a/security/nss/cmd/sslstrength/Makefile
+++ /dev/null
@@ -1,72 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include $(CORE_DEPTH)/security/cmd/platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/sslstrength/manifest.mn b/security/nss/cmd/sslstrength/manifest.mn
deleted file mode 100644
index e76d1c639..000000000
--- a/security/nss/cmd/sslstrength/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS = 
-
-CSRCS = sslstrength.c	\
-	$(NULL)
-
-PROGRAM =  sslstrength
-
-REQUIRES = security dbm seccmd
-
-DEFINES = -DNSPR20
-
-PACKAGE_FILES = sslstrength
-
-ARCHIVE_NAME = sslstrength
diff --git a/security/nss/cmd/sslstrength/sslstr.cgi b/security/nss/cmd/sslstrength/sslstr.cgi
deleted file mode 100644
index ab6a1bff9..000000000
--- a/security/nss/cmd/sslstrength/sslstr.cgi
+++ /dev/null
@@ -1,296 +0,0 @@
-#!/usr/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-use CGI qw(:standard);
-
-
-
-# Replace this will the full path to the sslstrength executable.
-$sslstrength = "./sslstrength";
-
-
-# Replace this with the name of this CGI.
-
-$sslcgi = "sslstr.cgi";
-
-
-$query = new CGI;
-
-print header;
-
-print "<HTML><HEAD>
-<SCRIPT language='javascript'>
-
-function doexport(form) {
-    form.ssl2ciphers.options[0].selected=0;
-    form.ssl2ciphers.options[1].selected=0;
-    form.ssl2ciphers.options[2].selected=0;
-    form.ssl2ciphers.options[3].selected=0;
-    form.ssl2ciphers.options[4].selected=1;
-    form.ssl2ciphers.options[5].selected=1;
-
-    form.ssl3ciphers.options[0].selected=1;
-    form.ssl3ciphers.options[1].selected=1;
-    form.ssl3ciphers.options[2].selected=0;
-    form.ssl3ciphers.options[3].selected=1;
-    form.ssl3ciphers.options[4].selected=1;
-    form.ssl3ciphers.options[5].selected=1;
-    form.ssl3ciphers.options[6].selected=0;
-    form.ssl3ciphers.options[7].selected=0;
-
-
-}
-
-function dodomestic(form) {
-    form.ssl2ciphers.options[0].selected=1;
-    form.ssl2ciphers.options[1].selected=1;
-    form.ssl2ciphers.options[2].selected=1;
-    form.ssl2ciphers.options[3].selected=1;
-    form.ssl2ciphers.options[4].selected=1;
-    form.ssl2ciphers.options[5].selected=1;
-
-    form.ssl3ciphers.options[0].selected=1;
-    form.ssl3ciphers.options[1].selected=1;
-    form.ssl3ciphers.options[2].selected=1;
-    form.ssl3ciphers.options[3].selected=1;
-    form.ssl3ciphers.options[4].selected=1;
-    form.ssl3ciphers.options[5].selected=1;
-    form.ssl3ciphers.options[6].selected=1;
-    form.ssl3ciphers.options[7].selected=1;
-
-}
-
-function doclearssl2(form) {
-    form.ssl2ciphers.options[0].selected=0;
-    form.ssl2ciphers.options[1].selected=0;
-    form.ssl2ciphers.options[2].selected=0;
-    form.ssl2ciphers.options[3].selected=0;
-    form.ssl2ciphers.options[4].selected=0;
-    form.ssl2ciphers.options[5].selected=0;
-}
-
-
-function doclearssl3(form) {
-    form.ssl3ciphers.options[0].selected=0;
-    form.ssl3ciphers.options[1].selected=0;
-    form.ssl3ciphers.options[2].selected=0;
-    form.ssl3ciphers.options[3].selected=0;
-    form.ssl3ciphers.options[4].selected=0;
-    form.ssl3ciphers.options[5].selected=0;
-    form.ssl3ciphers.options[6].selected=0;
-    form.ssl3ciphers.options[7].selected=0;
-
-}
-
-function dohost(form,hostname) {
-    form.host.value=hostname;
-    }
-
-
-
-</SCRIPT>
-<TITLE>\n";
-print "SSLStrength\n";
-print "</TITLE></HEAD>\n";
-
-print "<h1>SSLStrength</h1>\n";
-
-if ($query->param('dotest')) {
-    print "Output from sslstrength: \n";
-    print "<pre>\n";
-
-    $cs = "";
-    
-    @ssl2ciphers = $query->param('ssl2ciphers');
-    for $cipher (@ssl2ciphers) {
-	if ($cipher eq "SSL_EN_RC2_128_WITH_MD5")              { $cs .= "a"; }
-	if ($cipher eq "SSL_EN_RC2_128_CBC_WITH_MD5")          { $cs .= "b"; }
-	if ($cipher eq "SSL_EN_DES_192_EDE3_CBC_WITH_MD5")     { $cs .= "c"; }
-	if ($cipher eq "SSL_EN_DES_64_CBC_WITH_MD5")           { $cs .= "d"; }
-	if ($cipher eq "SSL_EN_RC4_128_EXPORT40_WITH_MD5")     { $cs .= "e"; }
-	if ($cipher eq "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5") { $cs .= "f"; }
-    }
-
-    @ssl3ciphers = $query->param('ssl3ciphers');
-    for $cipher (@ssl3ciphers) {
-	if ($cipher eq "SSL_RSA_WITH_RC4_128_MD5")           { $cs .= "i"; }
-	if ($cipher eq "SSL_RSA_WITH_3DES_EDE_CBC_SHA")      { $cs .= "j"; }
-	if ($cipher eq "SSL_RSA_WITH_DES_CBC_SHA")           { $cs .= "k"; }
-	if ($cipher eq "SSL_RSA_EXPORT_WITH_RC4_40_MD5")     { $cs .= "l"; }
-	if ($cipher eq "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5") { $cs .= "m"; }
-	if ($cipher eq "SSL_RSA_WITH_NULL_MD5")              { $cs .= "o"; }
-	if ($cipher eq "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA") { $cs .= "p"; }
-	if ($cipher eq "SSL_RSA_FIPS_WITH_DES_CBC_SHA")      { $cs .= "q"; }
-    }
-
-    $hs = $query->param('host');
-    if ($hs eq "") {
-	print "</pre>You must specify a host to connect to.<br><br>\n";
-	exit(0);
-    }
-
-    $ps = $query->param('policy');
-    
-    $cmdstring = "$sslstrength $hs policy=$ps ciphers=$cs";
-
-    print "running sslstrength:\n";
-    print "$cmdstring\n";
-
-    $r = open(SSLS, "$cmdstring |");
-    if ($r == 0) {
-	print "<pre>There was a problem starting $cmdstring<br><br>\n";
-	exit(0);
-    }
-    while (<SSLS>) {
-	print "$_";
-    }
-    close(SSLS);
-
-
-    print "</pre>\n";
-   
-}
-
-else {
-print "<FORM method=post action=$sslcgi>\n";
-print "<hr>
-<h2>Host Name</h2>
-<TABLE BORDER=0 CELLPADDING=20>
-<TR>
-<TD>
-Type hostname here:<br>
-<input type=text name=host size=30>&nbsp;<br><br>
-<TD>
- <b>Or click these buttons to test some well-known servers</b><br>
- <TABLE BORDER=0>
- <TR>
- <TD>
- Export servers:
- <TD>
- <input type=button value='F-Tech' onclick=dohost(this.form,'strongbox.ftech.net')>
- </TR>
- <TR>
- <TD>
- Domestic servers:
- <TD>
- <input type=button value='Wells Fargo' onclick=dohost(this.form,'banking.wellsfargo.com')>
- </TR>
- <TR>
- <TD>
- Step-Up Servers
- <TD>
- <input type=button value='Barclaycard' onclick=dohost(this.form,'enigma.barclaycard.co.uk')>
- <input type=button value='BBVnet' onclick=dohost(this.form,'www.bbvnet.com')>&nbsp;
- <input type=button value='BHIF' onclick=dohost(this.form,'empresas.bhif.cl')>&nbsp;
- </TR>
- </TABLE>
-</TR>
-</TABLE>
-<br>
-<hr>
-<br>
-<h2>Encryption policy</h2>
-<input type=radio name=policy VALUE=export            onclick=doexport(this.form)>&nbsp;
-Export<br>
-<input type=radio name=policy VALUE=domestic CHECKED  onclick=dodomestic(this.form)>&nbsp;
-Domestic<br>
-<br>
-<hr>
-<br>
-<h2>Cipher Selection</h2>
-(use ctrl to multi-select)<br>
-<table>
-<tr>
-<td>SSL 2 Ciphers
-<td>
-<SELECT NAME=ssl2ciphers SIZE=6 MULTIPLE align=bottom>
-<OPTION SELECTED>SSL_EN_RC4_128_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC2_128_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_DES_192_EDE3_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_DES_64_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC4_128_EXPORT40_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5
-</SELECT>
-<input type=button Value='Clear all' onclick = 'doclearssl2(this.form)'>
-</tr>
-<tr>
-<td>SSL3 Ciphers
-<td>
-<SELECT NAME=ssl3ciphers SIZE=8 MULTIPLE>
-<OPTION SELECTED>SSL_RSA_WITH_RC4_128_MD5
-<OPTION SELECTED>SSL_RSA_WITH_3DES_EDE_CBC_SHA
-<OPTION SELECTED>SSL_RSA_WITH_DES_CBC_SHA
-<OPTION SELECTED>SSL_RSA_EXPORT_WITH_RC4_40_MD5
-<OPTION SELECTED>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
-<OPTION SELECTED>SSL_RSA_WITH_NULL_MD5
-<OPTION SELECTED>SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
-<OPTION SELECTED>SSL_RSA_FIPS_WITH_DES_CBC_SHA
-</SELECT>
-<input type=button value='Clear all' onclick = 'doclearssl3(this.form)'>
-
-<TD>
-<input type=submit name=dotest value='Run SSLStrength'>
-</tr>
-</table>
-<input type=hidden name=dotest>
-<br>
-<br>
-</form>
-\n";
-
-}
-
-
-exit(0);
-
-
-__END__
-
- id    CipherName                                     Domestic     Export      
- a     SSL_EN_RC4_128_WITH_MD5              (ssl2)    Yes          No          
- b     SSL_EN_RC2_128_CBC_WITH_MD5          (ssl2)    Yes          No          
- c     SSL_EN_DES_192_EDE3_CBC_WITH_MD5     (ssl2)    Yes          No          
- d     SSL_EN_DES_64_CBC_WITH_MD5           (ssl2)    Yes          No          
- e     SSL_EN_RC4_128_EXPORT40_WITH_MD5     (ssl2)    Yes          Yes         
- f     SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2)    Yes          Yes         
- i     SSL_RSA_WITH_RC4_128_MD5             (ssl3)    Yes          Step-up only
- j     SSL_RSA_WITH_3DES_EDE_CBC_SHA        (ssl3)    Yes          Step-up only
- k     SSL_RSA_WITH_DES_CBC_SHA             (ssl3)    Yes          No          
- l     SSL_RSA_EXPORT_WITH_RC4_40_MD5       (ssl3)    Yes          Yes         
- m     SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5   (ssl3)    Yes          Yes         
- o     SSL_RSA_WITH_NULL_MD5                (ssl3)    Yes          Yes         
-
-
-
diff --git a/security/nss/cmd/sslstrength/sslstrength.c b/security/nss/cmd/sslstrength/sslstrength.c
deleted file mode 100644
index 7351dfea0..000000000
--- a/security/nss/cmd/sslstrength/sslstrength.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef SSLTELNET
-#include <termios.h>
-#endif
-
-/* Portable layer header files */
-#include "prinit.h"
-#include "prprf.h"
-#include "prsystem.h"
-#include "prmem.h"
-#include "plstr.h"
-#include "prnetdb.h"
-#include "prinrval.h"
-
-#include "secutil.h"
-
-/* Security library files */
-#include "cert.h"
-#include "ssl.h"
-#include "sslproto.h"
-
-/* define this if you want telnet capability! */
-
-/* #define SSLTELNET 1 */
-
-PRInt32 debug;
-
-#ifdef DEBUG_stevep
-#define dbmsg(x) if (verbose) PR_fprintf(PR_STDOUT,x);
-#else
-#define dbmsg(x) ;
-#endif
-
-
-/* Set SSL Policy to Domestic (strong=1) or Export (strong=0) */
-
-#define ALLOW(x) SSL_CipherPolicySet(x,SSL_ALLOWED); SSL_CipherPrefSetDefault(x,1);
-#define DISALLOW(x) SSL_CipherPolicySet(x,SSL_NOT_ALLOWED); SSL_CipherPrefSetDefault(x,0);
-#define MAYBEALLOW(x) SSL_CipherPolicySet(x,SSL_RESTRICTED); SSL_CipherPrefSetDefault(x,1);
-
-struct CipherPolicy {
-  char number;
-  long id;
-  char *name;
-  PRInt32 pref;
-  PRInt32 domestic;
-  PRInt32 export;
-};
-
-struct CipherPolicy ciphers[] = {
-  { 'a',SSL_EN_RC4_128_WITH_MD5,              "SSL_EN_RC4_128_WITH_MD5              (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-  { 'b',SSL_EN_RC2_128_CBC_WITH_MD5,          "SSL_EN_RC2_128_CBC_WITH_MD5          (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },  
-  { 'c',SSL_EN_DES_192_EDE3_CBC_WITH_MD5,     "SSL_EN_DES_192_EDE3_CBC_WITH_MD5     (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-  { 'd',SSL_EN_DES_64_CBC_WITH_MD5,           "SSL_EN_DES_64_CBC_WITH_MD5           (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-  { 'e',SSL_EN_RC4_128_EXPORT40_WITH_MD5,     "SSL_EN_RC4_128_EXPORT40_WITH_MD5     (ssl2)",1, SSL_ALLOWED,SSL_ALLOWED },
-  { 'f',SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_ALLOWED },
-#ifdef FORTEZZA
-  { 'g',SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA",1,SSL_ALLOWED,SSL_NOT_ALLOWED },
-  { 'h',SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, "SSL_FORTEZZA_DMS_WITH_RC4_128_SHA",1,          SSL_ALLOWED,SSL_NOT_ALLOWED },
-#endif
-  { 'i',SSL_RSA_WITH_RC4_128_MD5,             "SSL_RSA_WITH_RC4_128_MD5             (ssl3)",1, SSL_ALLOWED,SSL_RESTRICTED },
-  { 'j',SSL_RSA_WITH_3DES_EDE_CBC_SHA,        "SSL_RSA_WITH_3DES_EDE_CBC_SHA        (ssl3)",1, SSL_ALLOWED,SSL_RESTRICTED },
-  { 'k',SSL_RSA_WITH_DES_CBC_SHA,             "SSL_RSA_WITH_DES_CBC_SHA             (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-  { 'l',SSL_RSA_EXPORT_WITH_RC4_40_MD5,       "SSL_RSA_EXPORT_WITH_RC4_40_MD5       (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
-  { 'm',SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,   "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5   (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
-#ifdef FORTEZZA
-  { 'n',SSL_FORTEZZA_DMS_WITH_NULL_SHA, "SSL_FORTEZZA_DMS_WITH_NULL_SHA",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-#endif
-  { 'o',SSL_RSA_WITH_NULL_MD5,                "SSL_RSA_WITH_NULL_MD5                (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
-  { 'p',SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,   "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA   (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-  { 'q',SSL_RSA_FIPS_WITH_DES_CBC_SHA,        "SSL_RSA_FIPS_WITH_DES_CBC_SHA        (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED }
-
-};
-
-void PrintErrString(char *progName,char *msg) {
-  
-  PRErrorCode e = PORT_GetError();
-  char *s=NULL;
-
-
-  if ((e >= PR_NSPR_ERROR_BASE) && (e < PR_MAX_ERROR)) {
-    
-    if (e == PR_DIRECTORY_LOOKUP_ERROR) 
-      s = PL_strdup("Hostname Lookup Failed");
-    else if (e == PR_NETWORK_UNREACHABLE_ERROR)
-      s = PL_strdup("Network Unreachable");
-    else if (e == PR_CONNECT_TIMEOUT_ERROR)
-      s = PL_strdup("Connection Timed Out");
-    else s = PR_smprintf("%d",e);
-
-    if (!s) return;
-  }
-  else {
-    s = PL_strdup(SECU_ErrorString(e));
-  }
-    
-  PR_fprintf(PR_STDOUT,"%s: ",progName);
-  if (s) {
-    if (strlen(s) > 0) 
-      PR_fprintf(PR_STDOUT, "%s\n", s);
-    else
-      PR_fprintf(PR_STDOUT, "\n");
-    
-    PR_Free(s);
-  }
-  
-}
-
-void PrintCiphers(int onlyenabled) {
-  int ciphercount,i;
-  
-  if (onlyenabled) {
-    PR_fprintf(PR_STDOUT,"Your Cipher preference:\n");
-  }
-
-  ciphercount = sizeof(ciphers)/sizeof(struct CipherPolicy);
-    PR_fprintf(PR_STDOUT,
-	       " %s    %-45s  %-12s %-12s\n","id","CipherName","Domestic","Export");
-
-  for (i=0;i<ciphercount;i++) {
-    if ( (onlyenabled ==0) || ((onlyenabled==1)&&(ciphers[i].pref))) {
-      PR_fprintf(PR_STDOUT,
-		 " %c     %-45s  %-12s %-12s\n",ciphers[i].number,ciphers[i].name,
-		 (ciphers[i].domestic==SSL_ALLOWED)?"Yes":
-		 ( (ciphers[i].domestic==SSL_NOT_ALLOWED)?"No":"Step-up only"),
-		 (ciphers[i].export==SSL_ALLOWED)?"Yes":
-		 ( (ciphers[i].export==SSL_NOT_ALLOWED)?"No":"Step-up only"));
-	}
-  }
-}
-
-
-void SetPolicy(char *c,int policy) {  /* policy==1 : domestic,   policy==0, export */
-  int i,j,cpolicy;
-  /* first, enable all relevant ciphers according to policy */
-  for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
-    SSL_CipherPolicySet(ciphers[j].id,policy?ciphers[j].domestic:ciphers[j].export);
-    SSL_CipherPrefSetDefault(ciphers[j].id, PR_FALSE);
-    ciphers[j].pref =0;
-  }
-  
-
-  for (i=0;i<PL_strlen(c);i++) {
-    for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
-      if (ciphers[j].number == c[i]) {
-	cpolicy = policy?ciphers[j].domestic:ciphers[j].export;
-	if (cpolicy == SSL_NOT_ALLOWED) {
-	  PR_fprintf(PR_STDOUT, "You're trying to enable a cipher (%c:%s) outside of your policy. ignored\n",
-		     c[i],ciphers[j].name);
-	}
-	else {
-	  ciphers[j].pref=1;
-	  SSL_CipherPrefSetDefault(ciphers[j].id, PR_TRUE);
-	}
-      }
-    }
-  }
-}
-
-
-int MyAuthCertificateHook(void *arg, PRFileDesc *fd, PRBool checksig, PRBool isserver) {
-  return SECSuccess;
-}
-
-
-void Usage() {
-#ifdef SSLTELNET
-    PR_fprintf(PR_STDOUT,"SSLTelnet ");
-#else
-    PR_fprintf(PR_STDOUT,"SSLStrength (No telnet functionality) ");
-#endif
-    PR_fprintf(PR_STDOUT,"Version 1.5\n");
- 
-    PR_fprintf(PR_STDOUT,"Usage:\n   sslstrength hostname[:port] [ciphers=xyz] [certdir=x] [debug] [verbose] "
-#ifdef SSLTELNET
-"[telnet]|[servertype]|[querystring=<string>] "
-#endif
-"[policy=export|domestic]\n   sslstrength ciphers\n");
-}
-
-
-PRInt32 debug = 0;
-PRInt32 verbose = 0;
-
-PRInt32 main(PRInt32 argc,char **argv, char **envp)
-{
-
-  
-  /* defaults for command line arguments */
-  char *hostnamearg=NULL;
-  char *portnumarg=NULL;
-  char *sslversionarg=NULL;
-  char *keylenarg=NULL;
-  char *certdir=NULL;
-  char *hostname;
-  char *nickname=NULL;
-  char *progname=NULL;
-  /*  struct sockaddr_in addr; */
-  PRNetAddr addr;
-
-  int ss_on;
-  char *ss_cipher;
-  int ss_keysize;
-  int ss_secretsize;
-  char *ss_issuer;
-  char *ss_subject;
-  int policy=1;
-  char *set_ssl_policy=NULL;
-  int print_ciphers=0;
-  
-  char buf[10];
-  char netdbbuf[PR_NETDB_BUF_SIZE];
-  PRHostEnt hp;
-  PRStatus r;
-  PRNetAddr na;
-  SECStatus rv;
-  int portnum=443;   /* default https: port */
-  PRFileDesc *s,*fd;
-  
-  CERTCertDBHandle *handle;
-  CERTCertificate *c;
-  PRInt32 i;
-#ifdef SSLTELNET
-  struct termios tmp_tc;
-  char cb;
-  int prev_lflag,prev_oflag,prev_iflag;
-  int t_fin,t_fout;
-  int servertype=0, telnet=0;
-  char *querystring=NULL;
-#endif
-
-  debug = 0;
-
-  progname = (char *)PL_strrchr(argv[0], '/');
-  progname = progname ? progname+1 : argv[0];
-
-  /* Read in command line args */
-  if (argc == 1) {
-    Usage();
-    return(0);
-  }
-  
-  if (! PL_strcmp("ciphers",argv[1])) {
-    PrintCiphers(0);
-    exit(0);
-  }
-
-  hostname = argv[1];
-
-  if (!PL_strcmp(hostname , "usage") || !PL_strcmp(hostname, "-help") ) {
-    Usage();
-    exit(0);
-    }
-
-  if ((portnumarg = PL_strchr(hostname,':'))) {
-    *portnumarg = 0;
-    portnumarg = &portnumarg[1];
-  }
-  
-  if (portnumarg) {
-    if (PL_strlen(portnumarg) == 0) {
-      PR_fprintf(PR_STDOUT,"malformed port number supplied\n");
-      return(1);
-    }
-    portnum = atoi(portnumarg);
-  }
-  
-  for (i = 2  ; i < argc; i++)
-    {
-      if (!PL_strncmp(argv[i] , "sslversion=",11) )
-	sslversionarg=&(argv[i][11]);
-      else if (!PL_strncmp(argv[i], "certdir=",8) )
-	certdir = &(argv[i][8]);
-      else if (!PL_strncmp(argv[i], "ciphers=",8) )
-	{
-	  set_ssl_policy=&(argv[i][8]);
-	}
-      else if (!PL_strncmp(argv[i], "policy=",7) ) {
-	if (!PL_strcmp(&(argv[i][7]),"domestic")) policy=1;
-	else if (!PL_strcmp(&(argv[i][7]),"export")) policy=0;
-	else {
-	  PR_fprintf(PR_STDOUT,"sslstrength: invalid argument. policy must be one of (domestic,export)\n");
-	}
-      }
-      else if (!PL_strcmp(argv[i] , "debug") )
-	debug = 1;
-#ifdef SSLTELNET
-      else if (!PL_strcmp(argv[i] , "telnet") )
-	telnet = 1;
-      else if (!PL_strcmp(argv[i] , "servertype") )
-	servertype = 1;
-      else if (!PL_strncmp(argv[i] , "querystring=",11) )
-	querystring = &argv[i][12];
-#endif
-      else if (!PL_strcmp(argv[i] , "verbose") )
-	verbose = 1;
-    }
-  
-#ifdef SSLTELNET
-  if (telnet && (servertype || querystring)) {
-    PR_fprintf(PR_STDOUT,"You can't use telnet and (server or querystring) options at the same time\n");
-    exit(1);
-  }
-#endif
-
-  PR_fprintf(PR_STDOUT,"Using %s policy\n",policy?"domestic":"export");
-  
-  /* use current directory for certificate database if not set */
-  
-  if (! certdir) {   
-    certdir = PR_smprintf(".");
-  }
-  
-  SECU_ConfigDirectory(certdir);
-  
-  
-  /* allow you to set env var SSLDIR to set the cert directory */
-  if (! certdir) certdir = SECU_DefaultSSLDir();  
-  if (certdir) SECU_ConfigDirectory(certdir);
-  
-  /* PR_Init(progname, 1, 1, 0); */
-  SECU_PKCS11Init(PR_FALSE /*readOnly==PR_FALSE*/);
-  
-  /* Lookup host */
-  r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
-  
-  if (r) {
-    PrintErrString(progname,"Host Name lookup failed");
-    return(1);
-  }
-  
-  /* should the third field really be 0? */
-
-  PR_EnumerateHostEnt(0,&hp,0,&na);
-  PR_InitializeNetAddr(PR_IpAddrNull,portnum,&na);
-
-  PR_fprintf(PR_STDOUT,"Connecting to %s:%d\n",hostname, portnum);
-  
-  /* Create socket */
-
-  fd = PR_NewTCPSocket();
-  if (fd == NULL) {
-    PrintErrString(progname, "error creating socket");
-    return -1;
-  }
-
-  s = SSL_ImportFD(NULL,fd);
-  if (s == NULL) {
-    PrintErrString(progname, "error creating socket");
-    return -1;
-  }
-  
-  /* Initialize all the libsec goodies */
-  SEC_Init();
-  
-  dbmsg("10: About to enable security\n");
-  
-  rv = SSL_OptionSet(s, SSL_SECURITY, PR_TRUE);
-  if (rv < 0) {
-    PrintErrString(progname, "error enabling socket");
-    return -1;
-  }
-  
-  if (set_ssl_policy) {
-    SetPolicy(set_ssl_policy,policy);
-  }
-  else {
-    PR_fprintf(PR_STDOUT,"Using all ciphersuites usually found in client\n");
-    if (policy) {
-      SetPolicy("abcdefghijklmnopqrst",policy);
-    }
-    else {
-      SetPolicy("efghijlmo",policy);
-    }
-  }
-
-  PrintCiphers(1);
-
-  rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
-  if (rv < 0) {
-    PrintErrString(progname, "error enabling client handshake");
-    return -1;
-  }
-  
-  handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
-  if (!handle) {
-    PrintErrString(progname, "could not allocate database handle");
-    return -1;
-  }
-  
-  dbmsg("20: About to open certificate database\n");
-  
-  
-  /* Open up the certificate database */
-  rv = CERT_OpenCertDBFilename(handle, "cert7.db", PR_TRUE);
-  if ( rv ) {
-    PrintErrString(progname, "unable to open cert database");
-    rv = CERT_OpenVolatileCertDB(handle);
-  }
-  
-	     CERT_SetDefaultCertDB(handle);
-  
-  dbmsg("30: About to set AuthCertificateHook\n");
-  
-  
-  SSL_AuthCertificateHook(s, MyAuthCertificateHook, (void *)handle);
-  /* SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); */
-  /* SSL_GetClientAuthDataHook(s, GetClientAuthDataHook, (void *)nickname);*/
-  
-  
-  dbmsg("40: About to SSLConnect\n");
-  
-  /* Try to connect to the server */
-  /* now SSL_Connect takes new arguments. */
-  
-  
-  r = PR_Connect(s, &na, PR_TicksPerSecond()*5);
-  if (r < 0) {
-    PrintErrString(progname, "unable to connect");
-    return -1;
-  }
-  
-  rv = SSL_ForceHandshake(s);
-  
-  if (rv) {
-    PrintErrString(progname,"SSL Handshake failed. ");
-    exit(1);
-  }
-
-  rv = SSL_SecurityStatus(s, &ss_on, &ss_cipher,
-			  &ss_keysize, &ss_secretsize,
-			  &ss_issuer, &ss_subject);
-
-  
-  dbmsg("60:  done with security status, about to print\n");
-  
-  c = SSL_PeerCertificate(s);
-  if (!c) PR_fprintf(PR_STDOUT,"Couldn't retrieve peers Certificate\n");
-  PR_fprintf(PR_STDOUT,"SSL Connection Status\n",rv);
-  
-  PR_fprintf(PR_STDOUT,"   Cipher:          %s\n",ss_cipher);
-  PR_fprintf(PR_STDOUT,"   Key Size:        %d\n",ss_keysize);
-  PR_fprintf(PR_STDOUT,"   Secret Key Size: %d\n",ss_secretsize);
-  PR_fprintf(PR_STDOUT,"   Issuer:          %s\n",ss_issuer);
-  PR_fprintf(PR_STDOUT,"   Subject:         %s\n",ss_subject);
-
-  PR_fprintf(PR_STDOUT,"   Valid:           from %s to %s\n",
-	     c==NULL?"???":DER_UTCDayToAscii(&c->validity.notBefore),
-	     c==NULL?"???":DER_UTCDayToAscii(&c->validity.notAfter));
-
-#ifdef SSLTELNET
-
- 
-
-
-  if (servertype || querystring) {
-    char buffer[1024];
-    char ch;
-    char qs[] = "HEAD / HTTP/1.0";
-
-
-
-
-    if (!querystring) querystring = qs;
-    PR_fprintf(PR_STDOUT,"\nServer query mode\n>>Sending:\n%s\n",querystring);
-
-    PR_fprintf(PR_STDOUT,"\n*** Server said:\n");
-    ch = querystring[PL_strlen(querystring)-1];
-    if (ch == '"' || ch == '\'') {
-      PR_fprintf(PR_STDOUT,"Warning: I'm not smart enough to cope with quotes mid-string like that\n");
-    }
-    
-    rv = PR_Write(s,querystring,PL_strlen(querystring));
-    if ((rv < 1) ) {
-      PR_fprintf(PR_STDOUT,"Oh dear - couldn't send servertype query\n");
-      goto closedown;
-    }
-
-    rv = PR_Write(s,"\r\n\r\n",4);
-    rv = PR_Read(s,buffer,1024);
-    if ((rv < 1) ) {
-      PR_fprintf(PR_STDOUT,"Oh dear - couldn't read server repsonse\n");
-      goto closedown;
-    }
-      PR_Write(PR_STDOUT,buffer,rv);
-  }
-
-    
-  if (telnet) {
-
-    PR_fprintf(PR_STDOUT,"---------------------------\n"
-	       "telnet mode. CTRL-C to exit\n"
-	       "---------------------------\n");
-    
-
-
-    /* fudge terminal attributes */
-    t_fin = PR_FileDesc2NativeHandle(PR_STDIN);
-    t_fout = PR_FileDesc2NativeHandle(PR_STDOUT);
-    
-    tcgetattr(t_fin,&tmp_tc);
-    prev_lflag = tmp_tc.c_lflag;
-    prev_oflag = tmp_tc.c_oflag;
-    prev_iflag = tmp_tc.c_iflag;
-    tmp_tc.c_lflag &= ~ECHO;
-    /*    tmp_tc.c_oflag &= ~ONLCR; */
-    tmp_tc.c_lflag &= ~ICANON;
-    tmp_tc.c_iflag &= ~ICRNL;
-    tmp_tc.c_cflag |= CS8;
-    tmp_tc.c_cc[VMIN] = 1;
-    tmp_tc.c_cc[VTIME] = 0;
-    
-    tcsetattr(t_fin, TCSANOW, &tmp_tc);
-    /*   ioctl(tin, FIONBIO, (char *)&onoff); 
-	 ioctl(tout, FIONBIO, (char *)&onoff);*/
-    
-    
-    {
-      PRPollDesc pds[2];
-      char buffer[1024];
-      int amt,amtwritten;
-      char *x;
-      
-      /* STDIN */
-      pds[0].fd = PR_STDIN;
-      pds[0].in_flags = PR_POLL_READ;
-      pds[1].fd = s;
-      pds[1].in_flags = PR_POLL_READ | PR_POLL_EXCEPT;
-      
-      while (1) {
-	int nfds;
-
-	nfds = PR_Poll(pds,2,PR_SecondsToInterval(2));
-	if (nfds == 0) continue;
-
-	/** read input from keyboard*/
-	/*  note: this is very inefficient if reading from a file */
-	
-	if (pds[0].out_flags & PR_POLL_READ) {
-	  amt = PR_Read(PR_STDIN,&buffer,1);
-	  /*	PR_fprintf(PR_STDOUT,"fd[0]:%d=%d\r\n",amt,buffer[0]); */
-	  if (amt == 0) {
-	    PR_fprintf(PR_STDOUT,"\n");
-	    goto loser;
-	  }
-	  
-	  if (buffer[0] == '\r') {
-	    buffer[0] = '\r';
-	    buffer[1] = '\n';
-	    amt = 2;
-	  }
-	  rv = PR_Write(PR_STDOUT,buffer,amt);
-	  
-	  
-	  rv = PR_Write(s,buffer,amt);
-	  if (rv == -1) {
-	    PR_fprintf(PR_STDOUT,"Error writing to socket: %d\n",PR_GetError());
-	  }
-	}
-	
-	/***/
-	
-	
-	/***/
-	if (pds[1].out_flags & PR_POLL_EXCEPT) {
-	  PR_fprintf(PR_STDOUT,"\r\nServer closed connection\r\n");
-	  goto loser;
-	}
-	if (pds[1].out_flags & PR_POLL_READ) {
-	  amt = PR_Read(s,&buffer,1024);
-	  
-	  if (amt == 0) {
-	    PR_fprintf(PR_STDOUT,"\r\nServer closed connection\r\n");
-	    goto loser;
-	  }
-	  rv = PR_Write(PR_STDOUT,buffer,amt);
-	}
-	/***/
-	
-      }
-    }
-  loser:
-    
-    /* set terminal back to normal */
-    tcgetattr(t_fin,&tmp_tc);
-    
-    tmp_tc.c_lflag = prev_lflag;
-    tmp_tc.c_oflag = prev_oflag;
-    tmp_tc.c_iflag = prev_iflag;
-    tcsetattr(t_fin, TCSANOW, &tmp_tc);
-    
-    /*   ioctl(tin, FIONBIO, (char *)&onoff);
-	 ioctl(tout, FIONBIO, (char *)&onoff); */
-  }
-
-#endif
-  /* SSLTELNET */
-
- closedown:
-
-  PR_Close(s);
-
-  return(0);
-
-} /* main */
-
-/*EOF*/
-
diff --git a/security/nss/cmd/sslstrength/sslwrap b/security/nss/cmd/sslstrength/sslwrap
deleted file mode 100755
index e6955dc92..000000000
--- a/security/nss/cmd/sslstrength/sslwrap
+++ /dev/null
@@ -1,181 +0,0 @@
-#!/usr/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-@profiles = (
-#            "host:port"	"policy"	"ciphers"  	"exp-cipher"	"expkeysize"
-
-	     [ "cfu:443",	"export",	"efijlmo",	"RC4-40",	"40" ],
-	     [ "hbombsgi:448",	"export",	"efijlmo",	"RC4-40",	"40" ],
-	     [ "hbombsgi:448",	"domestic",	"abcdefijklmo",	"RC4",	        "128" ],
-	     [ "gandalf:5666",	"domestic",	"abcdefijklmo",	"RC4",	        "128" ],
-	     [ "gandalf:5666",	"export",	"efijlmo",	"RC4",	        "128" ],
-	     [ "gandalf:5666",	"domestic",	"j",	        "3DES-EDE-CBC", "168" ],
-	     [ "gandalf:5666",	"domestic",	"k",	        "DES-CBC",      "56" ],
-	     [ "gandalf:5666",	"export",	"l",	        "RC4-40",       "40" ],
-	     [ "gandalf:5666",	"export",	"efijlmo",	"RC4",	        "128" ],
-	     [ "hbombcfu:443",	"export",	"efijlmo",	"RC4",	        "128" ],
-	     
-	     );
-
-$file = &filename;
-
-open(HTML, ">$file.htm") || die"Cannot open html output file\n";
-
-$mutversion = "";
-$platform = $ARGV[0];
-
-
-print HTML 
-"<HTML><HEAD>
-<TITLE>ssl/sslstrength: Version: $mutversion Platform: $platform Run date mm/dd/yy</TITLE></HEAD><BODY>\n";
-
-print HTML 
-"<TABLE BORDER=1><TR>
-<TD><B>Test Case Number</B></TD>
-<TD><B>Program</B></TD>
-<TD><B>Description of Test Case</B></TD>
-<TD><B>Start date/time<B></TD>
-<TD><B>End date/time<B></TD>  
-<TD><B>PASS/FAIL</B></TD> 
-</TR>\n";
-
-$countpass =0;
-$countfail =0;
-
-
-$testnum =0;
-for $profile (@profiles) {
-    $testnum ++;
-    ($host, $policy, $ciphers, $expcipher, $expkeysize) = @$profile;
-    
-    $cmd = "./sslstrength $host policy=$policy ciphers=$ciphers";
-
-    $starttime = &datestring." ".&timestring;
-    print STDERR "$cmd\n";
-    open(PIPE, "$cmd|") || die "Cannot start sslstrength\n";
-
-    $cipher = "";
-    $keysize = "";
-    while (<PIPE>) {
-	chop;
-	if (/^   Cipher: *(.*)/) {
-	    $cipher = $1;
-	}
-	if (/^   Secret Key Size: (.*)/) {
-	    $keysize = $1;
-	}
-    }
-    close(PIPE);
-    $endtime = &datestring." ".&timestring;
-
-    if (( $? != 0) || ($cipher ne $expcipher) || ($keysize ne $expkeysize)) {
-	$countfail ++;	
-	$passed =0;	
-    }
-    else {
-	$countpass ++;
-	$passed =1;
-    }
-
-print HTML
-"<TR>
-<TD><B>$testnum</B></TD>
-<TD></TD>
-<TD>$cmd</TD>
-<TD>$starttime</TD>
-<TD>$endtime</TD>
-<TD><B>".($passed ? "PASS" : "<FONT COLOR=red>FAIL: return code = 
-c=$cipher, ec=$expcipher, s=$keysize, es=$expkeysize.</FONT>")."
-</B></TD>
-</TR>\n";
-   
-}
-
-print HTML "</table>\n";
-
-close(HTML);
-
-open (SUM, ">$file.sum") ||die "couldn't open summary file for writing\n";
-
-print SUM <<EOM;
-[Status]
-mut=SSL
-mutversion=1.0
-platform=$platform
-pass=$countpass
-fail=$countfail
-knownFail=0
-malformed=0
-EOM
-
-    close(SUM);
-
-
-
-sub timestring
-{
-
-    my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
-    my $string;
-
-    $string = sprintf "%2d:%02d:%02d",$hour, $min, $sec;
-    return $string;
-}
-
-sub datestring
-{
-
-    my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
-    my $string;
-
-    $string = sprintf "%d/%d/%2d",$mon+1, $mday+1, $year;
-    return $string;
-}
-
-sub filename
-{
-
-    my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
-    my $string;
-
-    $string = sprintf "%04d%02d%02d",$year+1900, $mon+1, $mday;
-    return $string;
-}
-
-
-
-
-
-
diff --git a/security/nss/cmd/ssltap/Makefile b/security/nss/cmd/ssltap/Makefile
deleted file mode 100644
index f6d8cc93e..000000000
--- a/security/nss/cmd/ssltap/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-# Since ssltap doesn't use any of NSS, we'll skip NSS's link libs,
-# and just link with NSPR.
-#
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
--include ../platrules.mk
-
diff --git a/security/nss/cmd/ssltap/config.mk b/security/nss/cmd/ssltap/config.mk
deleted file mode 100644
index 23b15fbd5..000000000
--- a/security/nss/cmd/ssltap/config.mk
+++ /dev/null
@@ -1,52 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all     #
-# library names, and all special system linking options               #
-#######################################################################
-
-LDFLAGS = \
-	$(DYNAMIC_LIB_PATH) \
-	$(LDOPTS) \
-	$(LIBPLC) \
-	$(LIBPR) \
-	$(DLLSYSTEM)
-
-#######################################################################
-# Adjust specific variables for all platforms                         #
-#######################################################################
- 
-OS_CFLAGS += -DNSPR20=1
-
-
diff --git a/security/nss/cmd/ssltap/manifest.mn b/security/nss/cmd/ssltap/manifest.mn
deleted file mode 100644
index 0719e6de4..000000000
--- a/security/nss/cmd/ssltap/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-EXPORTS = 
-
-CSRCS = ssltap.c	\
-	$(NULL)
-
-PROGRAM =  ssltap
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = security seccmd dbm
-
-PACKAGE_FILES = ssltap-manual.html licence.doc ssltap.exe
-
-ARCHIVE_NAME = ssltap
-
diff --git a/security/nss/cmd/ssltap/ssltap-manual.html b/security/nss/cmd/ssltap/ssltap-manual.html
deleted file mode 100644
index 28c9e17ee..000000000
--- a/security/nss/cmd/ssltap/ssltap-manual.html
+++ /dev/null
@@ -1,199 +0,0 @@
-<HTML>

-<!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<HEAD>

-   <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">

-   <META NAME="GENERATOR" CONTENT="Mozilla/4.05 [en] (WinNT; U) [Netscape]">

-   <META NAME="Author" CONTENT="Steve Parkinson">

-   <TITLE>SSLTap - manual</TITLE>

-</HEAD>

-<BODY>

-

-<H1>

-SSLTap Manual page</H1>

-

-<H3>

-Summary</H3>

-A command-line proxy which is SSL-aware. It snoops on TCP connections,

-and displays the data going by, including SSL records and handshaking&nbsp;

-if the connection is SSL.

-<H3>

-Synopsis</H3>

-<TT>ssltap [-vhfsxl] [-p port] hostname:port</TT>

-

-<P><TT>&nbsp;&nbsp; -v&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [prints version string]</TT>

-<BR><TT>&nbsp;&nbsp; -h&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [outputs hex instead

-of ASCII]</TT>

-<BR><TT>&nbsp;&nbsp; -f&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on Fancy HTML

-coloring]</TT>

-<BR><TT>&nbsp;&nbsp; -s&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on SSL decoding]</TT>

-<BR><TT>&nbsp;&nbsp; -x&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on extra SSL

-hex dumps]</TT>

-<BR><TT>&nbsp;&nbsp; -p port [specify rendezvous port (default 1924)]</TT>

-<BR><TT>&nbsp;&nbsp; -l&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [loop - continue

-to wait for more connections]</TT>

-<H3>

-Description</H3>

-SSLTap opens a socket on a rendezvous port, and waits for an incoming connection

-(client side). Once this connection arrives, SSLTap makes another connection

-to hostname:port (server side). It passes any data sent by the client to

-the server, and vice versa. However, SSLTap will also display the data

-to the console. It can do this for plain HTTP connections, or any TCP protocol.

-However, SSLTap can also work with SSL streams, as detailed below.

-

-<P>Let's assume your development machine is called 'intercept'. The simplest

-usage of SSLTap is to run the command <TT>'ssltap www.netscape.com:80'</TT>

-on intercept. The program will wait for an incoming connection on port

-1924. Next you would want to go to your browser, and enter the URL http://intercept:1924.

-The page retrieved by the browser will actually be gotten from the server

-at www.netscape.com, but will go via SSLTap.

-

-<P>Data sent from the client to the server is surrounded by a '--> [ ]'

-symbol, and data sent from the server to the client, a '&lt;---[&nbsp;

-]' symbol.

-

-<P>You'll notice that the page retrieved with this example looks incomplete.

-This is because SSLTap by default closes down after the first connection

-is complete, so the browser is not able to load images. To make the SSLTap

-continue to accept connections, switch on looping mode with the -l option.

-

-<P>You can change the default rendezvous port to something else with the

--p option.

-

-<P>The remaining options change the way the output is produced.

-

-<P>The -f option prints 'fancy' output - in colored HTML. Data sent from

-the client to the server is in blue. The server's reply is in red. This

-is designed so you can load the output up into a browser. When used with

-looping mode, the different connections are separated with horizontal lines.

-

-<P>-x will turn on HEX printing. Instead of being output as ascii, the

-data is shown as Hex, like this:

-<UL><TT>&lt;-- [</TT>

-<BR><TT>&nbsp;&nbsp; 0: 56 d5 16 3e&nbsp; a1 6b b1 4a&nbsp; 8f 67 c4 d7&nbsp;

-21 2f 6f dd&nbsp; | V..>.k.J.g..!/o.</TT>

-<BR><TT>&nbsp; 10: bb 22 c4 75&nbsp; 8c f4 ce 28&nbsp; 16 a6 20 aa&nbsp;

-fb 9a 59 a1&nbsp; | .".u...(.. ...Y.</TT>

-<BR><TT>&nbsp; 20: 51 91 14 d2&nbsp; fc 9f a7 ea&nbsp; 4d 9c f7 3a&nbsp;

-9d 83 62 4a&nbsp; | Q.......M..:..bJ</TT>

-<BR><TT>]</TT>

-<BR>&nbsp;</UL>

-

-<H4>

-SSL Parse mode</H4>

-The following options deal with SSL connections.

-<UL>-s will turn on SSL parsing. (SSLTap doesn't automatically detect SSL

-sessions.)

-<BR>-x will turn on extra SSL hexdumps. Mostly, if SSL can decode the data,

-it doesn't display the hex.</UL>

-The following SSL3 Data structures are parsed: Handshake, ClientHello,

-ServerHello, CertificateChain, Certificate. In addition, SSL2 ClientHello,

-ServerHello, ClientMasterKey are also partly parsed. NO DECRYPTION IS PERFORMED

-ON THE DATA. SSLTAP CANNOT DECRYPT the data.

-

-<P>If a certificate chain is detected, DER-encoded certificates will be

-saved into files in the current directory called 'cert.0x' where x is the

-sequence number of the certificate.

-<BR>&nbsp;

-<H3>

-Operation Hints</H3>

-Often, you'll find that the server certificate does not get transferred,

-or other parts of the handshake do not happen. This is because the browser

-is taking advantage of session-id-reuse (using the handshake results from

-a previous session). If you restart the browser, it'll clear the session

-id cache.

-

-<P>If you run the ssltap on a different machine that the ssl server you're

-trying to connect to, the browser will complain that the host name you're

-trying to connect to is different to the certificate, but it will still

-let you connect, after showing you a dialog.

-<H3>

-Bugs</H3>

-Please contact <A HREF="mailto:ssltap-support@netscape.com">ssltap-support@netscape.com</A>

-for bug reports.

-<H3>

-History</H3>

-2.1 - First public release (March 1998)

-<BR>&nbsp;

-<H3>

-Other</H3>

-For reference, here is a table of some well-known port numbers:

-<BR>&nbsp;

-<TABLE BORDER=2 >

-<TR>

-<TD>HTTP</TD>

-

-<TD>80</TD>

-</TR>

-

-<TR>

-<TD>SMTP</TD>

-

-<TD>25</TD>

-</TR>

-

-<TR>

-<TD>HTTPS</TD>

-

-<TD>443</TD>

-</TR>

-

-<TR>

-<TD>FTP</TD>

-

-<TD>21</TD>

-</TR>

-

-<TR>

-<TD>IMAPS</TD>

-

-<TD>993</TD>

-</TR>

-

-<TR>

-<TD>NNTP</TD>

-

-<TD>119</TD>

-</TR>

-

-<TR>

-<TD>NNTPS</TD>

-

-<TD>563</TD>

-</TR>

-</TABLE>

-&nbsp;

-

-<P>&nbsp;

-</BODY>

-</HTML>

diff --git a/security/nss/cmd/ssltap/ssltap.c b/security/nss/cmd/ssltap/ssltap.c
deleted file mode 100644
index dbf5161b8..000000000
--- a/security/nss/cmd/ssltap/ssltap.c
+++ /dev/null
@@ -1,1340 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ssltap.c
- *
- * Version 1.0 : Frederick Roeber : 11 June 1997
- * Version 2.0 : Steve Parkinson  : 13 November 1997
- * Version 3.0 : Nelson Bolyard   : 22 July 1998
- * Version 3.1 : Nelson Bolyard   : 24 May  1999
- *
- * changes in version 2.0:
- *  Uses NSPR20
- *  Shows structure of SSL negotiation, if enabled.
- *
- * This "proxies" a socket connection (like a socks tunnel), but displays the
- * data is it flies by.
- *
- * In the code, the 'client' socket is the one on the client side of the
- * proxy, and the server socket is on the server side.
- *
- */
-
-#include "nspr.h"
-#include "plstr.h"
-#include "secutil.h"
-#include <memory.h>	/* for memcpy, etc. */
-#include <string.h>
-#include <time.h>
-
-#include "plgetopt.h"
-
-#define VERSIONSTRING "$Revision$ ($Date$) $Author$"
-
-
-struct _DataBufferList;
-struct _DataBuffer;
-
-typedef struct _DataBufferList {
-  struct _DataBuffer *first,*last;
-  int size;
-  int isEncrypted;
-} DataBufferList;
-
-typedef struct _DataBuffer {
-  unsigned char *buffer;
-  int length;
-  int offset;  /* offset of first good byte */
-  struct _DataBuffer *next;
-} DataBuffer;
-
-
-DataBufferList
-  clientstream = {NULL, NULL, 0, 0},
-  serverstream = {NULL, NULL, 0, 0};
-
-struct sslhandshake {
-  PRUint8 type;
-  PRUint32 length;
-};
-
-typedef struct _SSLRecord {
-  PRUint8 type;
-  PRUint8 ver_maj,ver_min;
-
-  PRUint8 length[2];
-} SSLRecord;
-
-typedef struct _ClientHelloV2 {
-  PRUint8 length[2];
-  PRUint8 type;
-  PRUint8 version[2];
-  PRUint8 cslength[2];
-  PRUint8 sidlength[2];
-  PRUint8 rndlength[2];
-  PRUint8 csuites[1];
-} ClientHelloV2;
-
-typedef struct _ServerHelloV2 {
-  PRUint8 length[2];
-  PRUint8 type;
-  PRUint8 sidhit;
-  PRUint8 certtype;
-  PRUint8 version[2];
-  PRUint8 certlength[2];
-  PRUint8 cslength[2];
-  PRUint8 cidlength[2];
-} ServerHelloV2;
-
-typedef struct _ClientMasterKeyV2 {
-  PRUint8 length[2];
-  PRUint8 type;
-
-  PRUint8 cipherkind[3];
-  PRUint8 clearkey[2];
-  PRUint8 secretkey[2];
-
-} ClientMasterKeyV2;
-
-
-
-#define TAPBUFSIZ 16384
-
-#define DEFPORT 1924
-#include <ctype.h>
-
-int hexparse=0;
-int sslparse=0;
-int sslhexparse=0;
-int looparound=0;
-int fancy=0;
-int isV2Session=0;
-
-#define GET_SHORT(x) ((PRUint16)(((PRUint16)((PRUint8*)x)[0]) << 8) + ((PRUint16)((PRUint8*)x)[1]))
-#define GET_24(x) ((PRUint32)   (  \
-				 (((PRUint32)((PRUint8*)x)[0]) << 16) \
-				 +                          \
-				 (((PRUint32)((PRUint8*)x)[1]) << 8)  \
-				 +                          \
-				 (((PRUint32)((PRUint8*)x)[2]) << 0)  \
-				 ) )
-
-void print_hex(int amt, unsigned char *buf);
-void read_stream_bytes(unsigned char *d, DataBufferList *db, int length);
-
-void myhalt(int dblsize,int collectedsize) {
-
-  while(1) ;
-
-}
-
-const char *get_error_text(int error) {
-  switch (error) {
-  case PR_IO_TIMEOUT_ERROR:
-    return "Timeout";
-    break;
-  case PR_CONNECT_REFUSED_ERROR:
-    return "Connection refused";
-    break;
-  case PR_NETWORK_UNREACHABLE_ERROR:
-    return "Network unreachable";
-    break;
-  case PR_BAD_ADDRESS_ERROR:
-    return "Bad address";
-    break;
-  case PR_CONNECT_RESET_ERROR:
-    return "Connection reset";
-    break;
-  case PR_PIPE_ERROR:
-    return "Pipe error";
-    break;
-  }
-
-  return "";
-}
-
-
-
-
-
-void check_integrity(DataBufferList *dbl) {
-  DataBuffer *db;
-  int i;
-
-  db = dbl->first;
-  i =0;
-  while (db) {
-    i+= db->length - db->offset;
-    db = db->next;
-  }
-  if (i != dbl->size) {
-    myhalt(dbl->size,i);
-  }
-}
-
-/* Free's the DataBuffer at the head of the list and returns the pointer
- * to the new head of the list.
- */
-DataBuffer * 
-free_head(DataBufferList *dbl)
-{
-  DataBuffer *db       = dbl->first;
-  PR_ASSERT(db->offset >= db->length);
-  if (db->offset >= db->length) {
-    dbl->first = db->next;
-    if (dbl->first == NULL) {
-      dbl->last = NULL;
-    }
-    PR_Free(db->buffer);
-    PR_Free(db);
-    db = dbl->first;
-  }
-  return db;
-}
-
-void 
-read_stream_bytes(unsigned char *d, DataBufferList *dbl, int length) {
-  int         copied 	= 0;
-  DataBuffer *db	= dbl->first;
-
-  if (!db) {
-    PR_fprintf(PR_STDERR,"assert failed - dbl->first is null\n");
-    exit(8);
-  }
-  while (length) {
-    int         toCopy;
-    /* find the number of bytes to copy from the head buffer */
-    /* if there's too many in this buffer, then only copy 'length' */
-    toCopy = PR_MIN(db->length - db->offset, length);
-
-    memcpy(d + copied, db->buffer + db->offset, toCopy);
-    copied     += toCopy;
-    db->offset += toCopy;
-    length     -= toCopy;
-    dbl->size  -= toCopy;
-
-    /* if we emptied the head buffer */
-    if (db->offset >= db->length) {
-      db = free_head(dbl);
-    }
-  }
-
-  check_integrity(dbl);
-
-}
-
-void
-flush_stream(DataBufferList *dbl)
-{
-    DataBuffer *db = dbl->first;
-    check_integrity(dbl);
-    while (db) {
-	db->offset = db->length;
-    	db = free_head(dbl);
-    }
-    dbl->size = 0;
-    check_integrity(dbl);
-}
-
-
-const char * V2CipherString(int cs_int) {
-  char *cs_str;
-  cs_str = NULL;
-  switch (cs_int) {
-
-  case 0x010080:    cs_str = "SSL2/RSA/RC4-128/MD5";       break;
-  case 0x020080:    cs_str = "SSL2/RSA/RC4-40/MD5";    break;
-  case 0x030080:    cs_str = "SSL2/RSA/RC2CBC128/MD5";     break;
-  case 0x040080:    cs_str = "SSL2/RSA/RC2CBC40/MD5";  break;
-  case 0x050080:    cs_str = "SSL2/RSA/IDEA128CBC/MD5";    break;
-  case 0x060040:    cs_str = "SSL2/RSA/DES56-CBC/MD5";      break;
-  case 0x0700C0:    cs_str = "SSL2/RSA/3DES192EDE-CBC/MD5"; break;
-
-  case 0x000001:    cs_str = "SSL3/RSA/NULL/MD5";             break;
-  case 0x000002:    cs_str = "SSL3/RSA/NULL/SHA";             break;
-  case 0x000003:    cs_str = "SSL3/RSA/RC4-40/MD5";       break;
-  case 0x000004:    cs_str = "SSL3/RSA/RC4-128/MD5";          break;
-  case 0x000005:    cs_str = "SSL3/RSA/RC4-128/SHA";          break;
-  case 0x000006:    cs_str = "SSL3/RSA/RC2CBC40/MD5";     break;
-  case 0x000007:    cs_str = "SSL3/RSA/IDEA128CBC/SHA";       break;
-  case 0x000008:    cs_str = "SSL3/RSA/DES40-CBC/SHA";         break;
-  case 0x000009:    cs_str = "SSL3/RSA/DES56-CBC/SHA";         break;
-  case 0x00000A:    cs_str = "SSL3/RSA/3DES192EDE-CBC/SHA";    break;
-
-  case 0x00000B:    cs_str = "SSL3/DH-DSS/DES40-CBC/SHA";      break;
-  case 0x00000C:    cs_str = "SSL3/DH_DSS/DES56-CBC/SHA";      break;
-  case 0x00000D:    cs_str = "SSL3/DH-DSS/DES192EDE3CBC/SHA"; break;
-  case 0x00000E:    cs_str = "SSL3/DH-RSA/DES40-CBC/SHA";      break;
-  case 0x00000F:    cs_str = "SSL3/DH_RSA/DES56-CBC/SHA";      break;
-  case 0x000010:    cs_str = "SSL3/DH-RSA/3DES192EDE-CBC/SHA"; break;
-
-  case 0x000011:    cs_str = "SSL3/DHE-DSS/DES40-CBC/SHA";      break;
-  case 0x000012:    cs_str = "SSL3/DHE_DSS/DES56-CBC/SHA";      break;
-  case 0x000013:    cs_str = "SSL3/DHE-DSS/DES192EDE3CBC/SHA"; break;
-  case 0x000014:    cs_str = "SSL3/DHE-RSA/DES40-CBC/SHA";      break;
-  case 0x000015:    cs_str = "SSL3/DHE_RSA/DES56-CBC/SHA";      break;
-  case 0x000016:    cs_str = "SSL3/DHE-RSA/3DES192EDE-CBC/SHA"; break;
-
-  case 0x000017:    cs_str = "SSL3/DH-anon/RC4-40/MD5";     break;
-  case 0x000018:    cs_str = "SSL3/DH-anon/RC4-128/MD5";        break;
-  case 0x000019:    cs_str = "SSL3/DH-anon/DES40-CBC/SHA";       break;
-  case 0x00001A:    cs_str = "SSL3/DH-anon/DES56-CBC/SHA";       break;
-  case 0x00001B:    cs_str = "SSL3/DH-anon/3DES192EDE-CBC/SHA"; break;
-
-  case 0x00001C:    cs_str = "SSL3/FORTEZZA-DMS/NULL/SHA";      break;
-  case 0x00001D:    cs_str = "SSL3/FORTEZZA-DMS/FORTEZZA-CBC/SHA";  break;
-  case 0x00001E:    cs_str = "SSL3/FORTEZZA-DMS/RC4-128/SHA";  break;
-
-  case 0x000062:    cs_str = "TLS/RSA_EXPORT1024/DES56_CBC/SHA";   break;
-  case 0x000064:    cs_str = "TLS/RSA_EXPORT1024/RC4-56/SHA";	   break;
-  case 0x000063:    cs_str = "TLS/DHE-DSS_EXPORT1024/DES56-CBC/SHA"; break;
-  case 0x000065:    cs_str = "TLS/DHE-DSS_EXPORT1024/RC4-56/SHA";  break;
-  case 0x000066:    cs_str = "TLS/DHE-DSS/RC4-128/SHA";		   break;
-
-  case 0x00ffe1:    cs_str = "SSL3/RSA-FIPS/DES56-CBC/SHA";         break;
-  case 0x00ffe0:    cs_str = "SSL3/RSA-FIPS/3DES192EDE-CBC/SHA";    break;
-
-  /* the string literal is broken up to avoid trigraphs */
-  default:          cs_str = "????" "/????????" "/?????????" "/???"; break;
-  }
-
-  return cs_str;
-}
-
-void partial_packet(int thispacket, int size, int needed)
-{
-  PR_fprintf(PR_STDOUT,"(%u bytes", thispacket);
-  if (thispacket < needed) {
-    PR_fprintf(PR_STDOUT,", making %u", size);
-  }
-  PR_fprintf(PR_STDOUT," of %u", needed);
-  if (size > needed) {
-    PR_fprintf(PR_STDOUT,", with %u left over", size - needed);
-  }
-  PR_fprintf(PR_STDOUT,")\n");
-}
-
-char * get_time_string(void)
-{
-  struct tm *tm;
-  char      *cp;
-  char      *eol;
-  time_t     tt;
-
-  time(&tt);
-#if 0
-  tm = localtime(&tt);
-  cp = asctime(tm);
-#else
-  cp = ctime(&tt);
-#endif
-  eol = strchr(cp, '\n');
-  if (eol) 
-    *eol = 0;
-  return cp;
-}
-
-void print_sslv2(DataBufferList *s, unsigned char *tbuf, unsigned int alloclen)
-{
-  ClientHelloV2 *chv2;
-  ServerHelloV2 *shv2;
-  unsigned char *pos;
-  unsigned int   p;
-  unsigned int   q;
-  PRUint32       len;
-
-  chv2 = (ClientHelloV2 *)tbuf;
-  shv2 = (ServerHelloV2 *)tbuf;
-  if (s->isEncrypted) {
-    PR_fprintf(PR_STDOUT," [ssl2]  Encrypted {...}\n");
-    return;
-  }
-  PR_fprintf(PR_STDOUT," [%s]", get_time_string() );
-  switch(chv2->type) {
-  case 1:
-    PR_fprintf(PR_STDOUT," [ssl2]  ClientHelloV2 {\n");
-    PR_fprintf(PR_STDOUT,"           version = {0x%02x, 0x%02x}\n",
-	       (PRUint32)chv2->version[0],(PRUint32)chv2->version[1]);
-    PR_fprintf(PR_STDOUT,"           cipher-specs-length = %d (0x%02x)\n",
-	       (PRUint32)(GET_SHORT((chv2->cslength))),
-	       (PRUint32)(GET_SHORT((chv2->cslength))));
-    PR_fprintf(PR_STDOUT,"           sid-length = %d (0x%02x)\n",
-	       (PRUint32)(GET_SHORT((chv2->sidlength))),
-	       (PRUint32)(GET_SHORT((chv2->sidlength))));
-    PR_fprintf(PR_STDOUT,"           challenge-length = %d (0x%02x)\n",
-	       (PRUint32)(GET_SHORT((chv2->rndlength))),
-	       (PRUint32)(GET_SHORT((chv2->rndlength))));
-    PR_fprintf(PR_STDOUT,"           cipher-suites = { \n");
-    for (p=0;p<GET_SHORT((chv2->cslength));p+=3) {
-      const char *cs_str=NULL;
-      PRUint32 cs_int=0;
-      cs_int = GET_24((&chv2->csuites[p]));
-      cs_str = V2CipherString(cs_int);
-
-      PR_fprintf(PR_STDOUT,"                (0x%06x) %s\n",
-		  cs_int, cs_str);
-    }
-    q = p;
-    PR_fprintf(PR_STDOUT,"                }\n");
-    if (chv2->sidlength) {
-      PR_fprintf(PR_STDOUT,"           session-id = { ");
-      for (p=0;p<GET_SHORT((chv2->sidlength));p+=2) {
-	PR_fprintf(PR_STDOUT,"0x%04x ",(PRUint32)(GET_SHORT((&chv2->csuites[p+q]))));
-      }
-    }
-    q += p;
-    PR_fprintf(PR_STDOUT,"}\n");
-    if (chv2->rndlength) {
-      PR_fprintf(PR_STDOUT,"           challenge = { ");
-      for (p=0;p<GET_SHORT((chv2->rndlength));p+=2) {
-	PR_fprintf(PR_STDOUT,"0x%04x ",(PRUint32)(GET_SHORT((&chv2->csuites[p+q]))));
-      }
-      PR_fprintf(PR_STDOUT,"}\n");
-    }
-    PR_fprintf(PR_STDOUT,"}\n");
-    break;
-    /* end of V2 CLientHello Parsing */
-
-  case 2:  /* Client Master Key  */
-    {
-    const char *cs_str=NULL;
-    PRUint32 cs_int=0;
-    ClientMasterKeyV2 *cmkv2;
-    cmkv2 = (ClientMasterKeyV2 *)chv2;
-    isV2Session = 1;
-
-    PR_fprintf(PR_STDOUT," [ssl2]  ClientMasterKeyV2 { \n");
-
-    cs_int = GET_24(&cmkv2->cipherkind[0]);
-    cs_str = V2CipherString(cs_int);
-    PR_fprintf(PR_STDOUT,"         cipher-spec-chosen = (0x%06x) %s\n",
-	       cs_int, cs_str);
-
-    PR_fprintf(PR_STDOUT,"         clear-portion = %d bits\n",
-	       8*(PRUint32)(GET_SHORT((cmkv2->clearkey))));
-
-    PR_fprintf(PR_STDOUT,"      }\n");
-    clientstream.isEncrypted = 1;
-    serverstream.isEncrypted = 1;
-    }
-    break;
-
-
-  case 3:
-    PR_fprintf(PR_STDOUT," [ssl2]  Client Finished V2 {...}\n");
-    isV2Session = 1;
-    break;
-
-
-  case 4:  /* V2 Server Hello */
-    isV2Session = 1;
-
-    PR_fprintf(PR_STDOUT," [ssl2]  ServerHelloV2 {\n");
-    PR_fprintf(PR_STDOUT,"           sid hit = {0x%02x}\n",
-	       (PRUintn)shv2->sidhit);
-    PR_fprintf(PR_STDOUT,"           version = {0x%02x, 0x%02x}\n",
-	       (PRUint32)shv2->version[0],(PRUint32)shv2->version[1]);
-    PR_fprintf(PR_STDOUT,"           cipher-specs-length = %d (0x%02x)\n",
-	       (PRUint32)(GET_SHORT((shv2->cslength))),
-	       (PRUint32)(GET_SHORT((shv2->cslength))));
-    PR_fprintf(PR_STDOUT,"           sid-length = %d (0x%02x)\n",
-	       (PRUint32)(GET_SHORT((shv2->cidlength))),
-	       (PRUint32)(GET_SHORT((shv2->cidlength))));
-
-    pos = (unsigned char *)shv2;
-    pos += 2;   /* skip length header */
-    pos += 11;  /* position pointer to Certificate data area */
-    q = GET_SHORT(&shv2->certlength);
-    if (q >alloclen) {
-      goto eosh;
-    }
-    pos += q; 			/* skip certificate */
-
-    PR_fprintf(PR_STDOUT,"           cipher-suites = { ");
-    len = GET_SHORT((shv2->cslength));
-    for (p = 0; p < len; p += 3) {
-      const char *cs_str=NULL;
-      PRUint32 cs_int=0;
-      cs_int = GET_24((pos+p));
-      cs_str = V2CipherString(cs_int);
-      PR_fprintf(PR_STDOUT,"\n              ");
-      PR_fprintf(PR_STDOUT,"(0x%06x) %s", cs_int, cs_str);
-    }
-    pos += len;
-    PR_fprintf(PR_STDOUT,"   }\n");	/* End of cipher suites */
-    len = (PRUint32)GET_SHORT((shv2->cidlength));
-    if (len) {
-      PR_fprintf(PR_STDOUT,"           connection-id = { ");
-      for (p = 0; p < len; p += 2) {
-	PR_fprintf(PR_STDOUT,"0x%04x ", (PRUint32)(GET_SHORT((pos + p))));
-      }
-      PR_fprintf(PR_STDOUT,"   }\n");	/* End of connection id */
-    }
-eosh:
-    PR_fprintf(PR_STDOUT,"\n              }\n"); /* end of ServerHelloV2 */
-    if (shv2->sidhit) {
-      clientstream.isEncrypted = 1;
-      serverstream.isEncrypted = 1;
-    }
-    break;
-
-  case 5:
-    PR_fprintf(PR_STDOUT," [ssl2]  Server Verify V2 {...}\n");
-    isV2Session = 1;
-    break;
-
-  case 6:
-    PR_fprintf(PR_STDOUT," [ssl2]  Server Finished V2 {...}\n");
-    isV2Session = 1;
-    break;
-
-  case 7:
-    PR_fprintf(PR_STDOUT," [ssl2]  Request Certificate V2 {...}\n");
-    isV2Session = 1;
-    break;
-
-  case 8:
-    PR_fprintf(PR_STDOUT," [ssl2]  Client Certificate V2 {...}\n");
-    isV2Session = 1;
-    break;
-
-  default:
-    PR_fprintf(PR_STDOUT," [ssl2]  UnknownType 0x%02x {...}\n",
-	  (PRUint32)chv2->type);
-    break;
-  }
-}
-
-
-
-
-
-
-void print_ssl3_handshake(unsigned char *tbuf, 
-                          unsigned int   alloclen,
-                          SSLRecord *    sr)
-{
-  struct sslhandshake sslh; 
-  unsigned char *     hsdata;  
-  int                 offset=0;
-
-  PR_fprintf(PR_STDOUT,"   handshake {\n");
-
-  while (offset < alloclen) {
-    sslh.type = tbuf[offset]; 
-    sslh.length = GET_24(tbuf+offset+1);
-    hsdata= &tbuf[offset+4];
-
-    if (sslhexparse) print_hex(4,tbuf+offset);
-
-    PR_fprintf(PR_STDOUT,"      type = %d (",sslh.type);
-    switch(sslh.type) {
-    case 0:  PR_fprintf(PR_STDOUT,"hello_request)\n");   break;
-    case 1:  PR_fprintf(PR_STDOUT,"client_hello)\n");    break;
-    case 2:  PR_fprintf(PR_STDOUT,"server_hello)\n");    break;
-    case 11: PR_fprintf(PR_STDOUT,"certificate)\n");     break;
-    case 12: PR_fprintf(PR_STDOUT,"server_key_exchange)\n");  break;
-    case 13: PR_fprintf(PR_STDOUT,"certificate_request)\n");  break;
-    case 14: PR_fprintf(PR_STDOUT,"server_hello_done)\n");    break;
-    case 15: PR_fprintf(PR_STDOUT,"certificate_verify)\n");   break;
-    case 16: PR_fprintf(PR_STDOUT,"client_key_exchange)\n");  break;
-    case 20: PR_fprintf(PR_STDOUT,"finished)\n");         break;
-    default: PR_fprintf(PR_STDOUT,"unknown)\n");
-    }
-
-    PR_fprintf(PR_STDOUT,"      length = %d (0x%06x)\n",sslh.length,sslh.length);
-    switch (sslh.type) {
-
-    case 1: /* client hello */
-      switch (sr->ver_maj)  {
-      case 2:  /* ssl version 2 */
-	PR_fprintf(PR_STDOUT,"         ClientHelloV2 {...}\n");
-	break;
-      case 3:  /* ssl version 3 */
-	{
-	  int sidlength,pos,csuitelength,w;
-	  PR_fprintf(PR_STDOUT,"         ClientHelloV3 {\n");
-	  PR_fprintf(PR_STDOUT,"            client_version = {%d, %d}\n",
-		     (PRUint8)hsdata[0],(PRUint8)hsdata[1]);
-	  PR_fprintf(PR_STDOUT,"            random = {...}\n");
-	  if (sslhexparse) print_hex(32,&hsdata[2]);
-	  PR_fprintf(PR_STDOUT,"            session ID = {\n");
-	  sidlength = (int)hsdata[2+32];
-	  PR_fprintf(PR_STDOUT,"                length = %d\n",sidlength);
-	  PR_fprintf(PR_STDOUT,"                contents = {..}\n");
-	  if (sslhexparse) print_hex(sidlength,&hsdata[2+32+1]);
-	  PR_fprintf(PR_STDOUT,"            }\n");
-	  pos = 2+32+1+sidlength;
-	  csuitelength = GET_SHORT((hsdata+pos));
-	  PR_fprintf(PR_STDOUT,"            cipher_suites[%d] = { \n",
-		     csuitelength/2);
-	  if (csuitelength%1) {
-	    PR_fprintf(PR_STDOUT,
-	       "*error in protocol - csuitelength shouldn't be odd*\n");
-	  }
-
-	  for (w=0; w<csuitelength; w+=2) {
-	    const char *cs_str=NULL;
-	    PRUint32 cs_int=0;
-	    cs_int = GET_SHORT((hsdata+pos+2+w));
-	    cs_str = V2CipherString(cs_int);
-
-	    PR_fprintf(PR_STDOUT,
-	      "                (0x%04x) %s\n", cs_int, cs_str);
-	  }
-
-	  /*		  for (w=0;w<csuitelength;w+=2) {
-	    PR_fprintf(PR_STDOUT,"0x%04x ",GET_SHORT((hsdata+pos+2+w)));
-	  } */
-
-	  PR_fprintf(PR_STDOUT,"\n               }\n");
-	  PR_fprintf(PR_STDOUT,"         }\n");
-
-
-
-	} /* end of ssl version 3 */
-	break;
-      default:
-	PR_fprintf(PR_STDOUT,"           ClientHelloUndefinedVersion{}\n");
-      } /* end of switch sr->ver_maj */
-      break;
-
-    case 2: /* server hello */
-      {
-	int sidlength, pos;
-	const char *cs_str=NULL;
-	PRUint32 cs_int=0;
-	PR_fprintf(PR_STDOUT,"         ServerHello {\n");
-	PR_fprintf(PR_STDOUT,"            server_version = {%d, %d}\n",
-		   (PRUint8)hsdata[0],(PRUint8)hsdata[1]);
-	PR_fprintf(PR_STDOUT,"            random = {...}\n");
-	if (sslhexparse) print_hex(32,&hsdata[2]);
-	PR_fprintf(PR_STDOUT,"            session ID = {\n");
-	sidlength = (int)hsdata[2+32];
-	PR_fprintf(PR_STDOUT,"                length = %d\n",sidlength);
-	PR_fprintf(PR_STDOUT,"                contents = {..}\n");
-	if (sslhexparse) print_hex(sidlength,&hsdata[2+32+1]);
-	PR_fprintf(PR_STDOUT,"            }\n");
-	pos = 2+32+1+sidlength;
-	cs_int = GET_SHORT((hsdata+pos));
-	cs_str = V2CipherString(cs_int);
-	PR_fprintf(PR_STDOUT,"            cipher_suite = (0x%04x) %s\n",
-		   cs_int, cs_str);
-	PR_fprintf(PR_STDOUT,"         }\n");
-      }
-      break;
-
-
-
-    case 11: /* certificate */
-      {
-	PRFileDesc *cfd;
-	int         pos;
-	int         certslength;
-	int         certlength;
-	int         certbytesread	= 0;
-	static int  certFileNumber;
-	char        certFileName[20];
-
-	PR_fprintf(PR_STDOUT,"         CertificateChain {\n");
-	certslength = GET_24(hsdata);
-	PR_fprintf(PR_STDOUT,"            chainlength = %d (0x%04x)\n",
-		certslength,certslength);
-	pos = 3;
-	while (certbytesread < certslength) {
-	  certlength = GET_24((hsdata+pos));
-	  pos += 3;
-	  PR_fprintf(PR_STDOUT,"            Certificate {\n");
-	  PR_fprintf(PR_STDOUT,"               size = %d (0x%04x)\n",
-		certlength,certlength);
-
-	  PR_snprintf(certFileName, sizeof certFileName, "cert.%03d",
-	              ++certFileNumber);
-	  cfd = PR_Open(certFileName, PR_WRONLY|PR_CREATE_FILE, 0664);
-	  if (!cfd) {
-	    PR_fprintf(PR_STDOUT,
-	               "               data = { couldn't save file '%s' }\n",
-		       certFileName);
-	  } else {
-	    PR_Write(cfd, (hsdata+pos), certlength);
-	    PR_fprintf(PR_STDOUT,
-	               "               data = { saved in file '%s' }\n",
-		       certFileName);
-	    PR_Close(cfd);
-	  }
-
-	  PR_fprintf(PR_STDOUT,"            }\n");
-	  pos           += certlength;
-	  certbytesread += certlength+3;
-	}
-	PR_fprintf(PR_STDOUT,"         }\n");
-      }
-      break;
-
-    case 13: /* certificate request */
-      if (sslhexparse) { 
-	PR_fprintf(PR_STDOUT,"         CertificateRequest {\n");
-        print_hex(sslh.length, hsdata);
-	PR_fprintf(PR_STDOUT,"         }\n");
-      }
-      break;
-
-    case 16: /* client key exchange */
-      {
-	PR_fprintf(PR_STDOUT,"         ClientKeyExchange {\n");
-	PR_fprintf(PR_STDOUT,"            message = {...}\n");
-	PR_fprintf(PR_STDOUT,"         }\n");
-      }
-      break;
-
-    }  /* end of switch sslh.type */
-    offset += sslh.length + 4; /* +4 because of length (3 bytes) and type (1 byte) */
-  } /* while */
-  PR_fprintf(PR_STDOUT,"   }\n");
-}
-
-
-void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
-{
-  /* --------------------------------------------------------  */
-  /* first, create a new buffer object for this piece of data. */
-
-  DataBuffer *db;
-  int i,l;
-
-  if (s->size == 0 && length > 0 && buffer[0] >= 32 && buffer[0] < 128) {
-    /* Not an SSL record, treat entire buffer as plaintext */
-    PR_Write(PR_STDOUT,buffer,length);
-    return;
-  }
-
-
-  check_integrity(s);
-
-  i = 0;
-  l = length;
-
-  db = PR_NEW(struct _DataBuffer);
-
-  db->buffer = (unsigned char*)PR_Malloc(length);
-  db->length = length;
-  db->offset = 0;
-  memcpy(db->buffer, buffer, length);
-  db->next = NULL;
-
-  /* now, add it to the stream */
-
-  if (s->last != NULL) s->last->next = db;
-  s->last = db;
-  s->size += length;
-  if (s->first == NULL) s->first = db;
-
-  check_integrity(s);
-
-  /*------------------------------------------------------- */
-  /* now we look at the stream to see if we have enough data to
-     decode  */
-
-  while (s->size > 0 ) {
-    unsigned char *tbuf = NULL;
-
-    SSLRecord sr;
-    unsigned alloclen;
-    unsigned recordsize;
-
-    check_integrity(s);
-
-    if ( s->first == NULL) {
-      PR_fprintf(PR_STDOUT,"ERROR: s->first is null\n");
-      exit(9);
-    }
-
-    /* in the case of an SSL 2 client-hello (which is all ssltap supports) */
-    /* will have the high-bit set, whereas an SSL 3 client-hello will not  */
-    /* SSL2 can also send records that begin with the high bit clear.
-     * This code will incorrectly handle them. XXX
-     */
-    if (isV2Session || s->first->buffer[s->first->offset] & 0x80) {
-      /* it's an SSL 2 packet */
-      unsigned char lenbuf[3];
-
-      /* first, we check if there's enough data for it to be an SSL2-type
-       * record.  What a pain.*/
-      if (s->size < sizeof lenbuf) {
-	partial_packet(length, s->size, sizeof lenbuf);
-	return;
-      }
-
-      /* read the first two bytes off the stream. */
-      read_stream_bytes(lenbuf, s, sizeof(lenbuf));
-      alloclen = ((unsigned int)(lenbuf[0] & 0x7f) << 8) + lenbuf[1] + 
-                 ((lenbuf[0] & 0x80) ? 2 : 3);
-      PR_fprintf(PR_STDOUT, "alloclen = %u bytes\n", alloclen);
-
-      /* put 'em back on the head of the stream. */
-      db = PR_NEW(struct _DataBuffer);
-
-      db->length = sizeof lenbuf;
-      db->buffer = (unsigned char*) PR_Malloc(db->length);
-      db->offset = 0;
-      memcpy(db->buffer, lenbuf, sizeof lenbuf);
-
-      db->next = s->first;
-      s->first = db;
-      if (s->last == NULL) 
-	s->last = db;
-      s->size += db->length;
-
-      /* if there wasn't enough, go back for more. */
-      if (s->size < alloclen) {
-	check_integrity(s);
-	partial_packet(length, s->size, alloclen);
-	return;
-      }
-      partial_packet(length, s->size, alloclen);
-
-      /* read in the whole record. */
-      tbuf = PR_Malloc(alloclen);
-      read_stream_bytes(tbuf, s, alloclen);
-
-      print_sslv2(s, tbuf, alloclen);
-      PR_FREEIF(tbuf);
-      check_integrity(s);
-
-      continue;
-    }
-
-    /***********************************************************/
-    /* It's SSL v3 */
-    /***********************************************************/
-    check_integrity(s);
-
-    if (s->size < sizeof(SSLRecord)) {
-      partial_packet(length, s->size, sizeof(SSLRecord));
-      return;
-    }
-
-    read_stream_bytes((unsigned char *)&sr, s, sizeof sr);
-
-    /* we have read the stream bytes. Look at the length of
-       the ssl record. If we don't have enough data to satisfy this
-       request, then put the bytes we just took back at the head
-       of the queue */
-    recordsize = GET_SHORT(sr.length);
-
-    if (recordsize > s->size) {
-      db = PR_NEW(struct _DataBuffer);
-
-      db->length = sizeof sr;
-      db->buffer = (unsigned char*) PR_Malloc(db->length);
-      db->offset = 0;
-      memcpy(db->buffer, &sr, sizeof sr);
-      db->next = s->first;
-
-      /* now, add it back on to the head of the stream */
-
-      s->first = db;
-      if (s->last == NULL) 
-        s->last = db;
-      s->size += db->length;
-
-      check_integrity(s);
-      partial_packet(length, s->size, recordsize);
-      return;
-    }
-    partial_packet(length, s->size, recordsize);
-
-
-    PR_fprintf(PR_STDOUT,"SSLRecord { [%s]\n", get_time_string() );
-    if (sslhexparse) {
-      print_hex(5,(unsigned char*)&sr);
-    }
-
-    check_integrity(s);
-
-    PR_fprintf(PR_STDOUT,"   type    = %d (",sr.type);
-    switch(sr.type) {
-    case 20 :
-      PR_fprintf(PR_STDOUT,"change_cipher_spec)\n");
-      break;
-    case 21 :
-      PR_fprintf(PR_STDOUT,"alert)\n");
-      break;
-    case 22 :
-      PR_fprintf(PR_STDOUT,"handshake)\n");
-      break;
-    case 23 :
-      PR_fprintf(PR_STDOUT,"application_data)\n");
-      break;
-    default:
-      PR_fprintf(PR_STDOUT,"unknown)\n");
-      break;
-    }
-    PR_fprintf(PR_STDOUT,"   version = { %d,%d }\n",
-	       (PRUint32)sr.ver_maj,(PRUint32)sr.ver_min);
-    PR_fprintf(PR_STDOUT,"   length  = %d (0x%x)\n",
-    	(PRUint32)GET_SHORT(sr.length), (PRUint32)GET_SHORT(sr.length));
-
-
-    alloclen = recordsize;
-    PR_ASSERT(s->size >= alloclen);
-    if (s->size >= alloclen) {
-      tbuf = (unsigned char*) PR_Malloc(alloclen);
-      read_stream_bytes(tbuf, s, alloclen);
-
-      if (s->isEncrypted) {
-	PR_fprintf(PR_STDOUT,"            < encrypted >\n");
-      } else 
-
-      switch(sr.type) {
-      case 20 : /* change_cipher_spec */
-	if (sslhexparse) print_hex(alloclen,tbuf);
-	s->isEncrypted = 1;  /* mark to say we can only dump hex form now on */
-	break;
-
-      case 21 : /* alert */
-	switch(tbuf[0]) {
-	case 1: PR_fprintf(PR_STDOUT, "   warning: "); break;
-	case 2: PR_fprintf(PR_STDOUT, "   fatal: "); break;
-	default: PR_fprintf(PR_STDOUT, "   unknown level %d: ", tbuf[0]); break;
-	}
-
-	switch(tbuf[1]) {
-	case 0:   PR_fprintf(PR_STDOUT, "close notify\n"); break;
-	case 10:  PR_fprintf(PR_STDOUT, "unexpected message\n"); break;
-	case 20:  PR_fprintf(PR_STDOUT, "bad record mac\n"); break;
-	case 21:  PR_fprintf(PR_STDOUT, "decryption failed\n"); break;
-	case 22:  PR_fprintf(PR_STDOUT, "record overflow\n"); break;
-	case 30:  PR_fprintf(PR_STDOUT, "decompression failure\n"); break;
-	case 40:  PR_fprintf(PR_STDOUT, "handshake failure\n"); break;
-	case 41:  PR_fprintf(PR_STDOUT, "no certificate\n"); break;
-	case 42:  PR_fprintf(PR_STDOUT, "bad certificate\n"); break;
-	case 43:  PR_fprintf(PR_STDOUT, "unsupported certificate\n"); break;
-	case 44:  PR_fprintf(PR_STDOUT, "certificate revoked\n"); break;
-	case 45:  PR_fprintf(PR_STDOUT, "certificate expired\n"); break;
-	case 46:  PR_fprintf(PR_STDOUT, "certificate unknown\n"); break;
-	case 47:  PR_fprintf(PR_STDOUT, "illegal parameter\n"); break;
-	case 48:  PR_fprintf(PR_STDOUT, "unknown CA\n"); break;
-	case 49:  PR_fprintf(PR_STDOUT, "access denied\n"); break;
-	case 50:  PR_fprintf(PR_STDOUT, "decode error\n"); break;
-	case 51:  PR_fprintf(PR_STDOUT, "decrypt error\n"); break;
-	case 60:  PR_fprintf(PR_STDOUT, "export restriction\n"); break;
-	case 70:  PR_fprintf(PR_STDOUT, "protocol version\n"); break;
-	case 71:  PR_fprintf(PR_STDOUT, "insufficient security\n"); break;
-	case 80:  PR_fprintf(PR_STDOUT, "internal error\n"); break;
-	case 90:  PR_fprintf(PR_STDOUT, "user canceled\n"); break;
-	case 100: PR_fprintf(PR_STDOUT, "no renegotiation\n"); break;
-	default:  PR_fprintf(PR_STDOUT, "unknown error %d\n", tbuf[1]); break;
-	}
-
-	if (sslhexparse) print_hex(alloclen,tbuf);
-	break;
-
-      case 22 : /* handshake */ 	
-        print_ssl3_handshake( tbuf, alloclen, &sr );
-	break;
-
-      case 23 : /* application data */
-      default:
-	print_hex(alloclen,tbuf);
-	break;
-      }
-    }
-    PR_fprintf(PR_STDOUT,"}\n");
-    PR_FREEIF(tbuf);
-    check_integrity(s);
-  }
-}
-
-void print_hex(int amt, unsigned char *buf) {
-  int i,j,k;
-  char *string = (char*)PR_Malloc(5000);
-  char t[20];
-
-
-  for(i=0;i<amt;i++) {
-    t[1] =0;
-
-    if (i%16 ==0) {  /* if we are at the beginning of a line */
-      PR_fprintf(PR_STDOUT,"%4x:",i); /* print the line number  */
-      strcpy(string,"");
-    }
-
-    if (i%4 == 0) {
-      PR_fprintf(PR_STDOUT," ");
-    }
-
-    t[0] = buf[i];
-
-    if (!isprint(t[0])) {
-      t[0] = '.';
-    }
-    if (fancy)  {
-      switch (t[0]) {
-      case '<':
-        strcpy(t,"&lt;");
-        break;
-      case '>':
-        strcpy(t,"&gt;");
-        break;
-      case '&':
-        strcpy(t,"&amp;");
-        break;
-      }
-    }
-    strcat(string,t);
-
-    PR_fprintf(PR_STDOUT,"%02x ",(PRUint8) buf[i]);
-
-    /* if we've reached the end of the line - add the string */
-    if (i%16 == 15) PR_fprintf(PR_STDOUT," | %s\n",string);
-  }
-  /* we reached the end of the buffer,*/
-  /* do we have buffer left over? */
-  j = i%16;
-  if (j > 0) {
-    for (k=0;k<(16-j);k++) PR_fprintf(PR_STDOUT,"   ");
-    PR_fprintf(PR_STDOUT," |%s\n",string);
-  }
-  PR_Free(string);
-}
-
-void Usage(void) {
-  PR_fprintf(PR_STDERR, "SSLTAP (C) 1997, 1998 Netscape Communications Corporation.\n");
-  PR_fprintf(PR_STDERR, "Usage: ssltap [-vhfsxl] [-p port] hostname:port\n");
-  PR_fprintf(PR_STDERR, "   -v      [prints version string]\n");
-  PR_fprintf(PR_STDERR, "   -h      [outputs hex instead of ASCII]\n");
-  PR_fprintf(PR_STDERR, "   -f      [turn on Fancy HTML coloring]\n");
-  PR_fprintf(PR_STDERR, "   -s      [turn on SSL decoding]\n");
-  PR_fprintf(PR_STDERR, "   -x      [turn on extra SSL hex dumps]\n");
-  PR_fprintf(PR_STDERR, "   -p port [specify rendezvous port (default 1924)]\n");
-  PR_fprintf(PR_STDERR, "   -l      [loop - continue to wait for more connections]\n");
-
-
-}
-
-void
-showErr(const char * msg) {
-  PRErrorCode  err       = PR_GetError();
-  const char * errString;
-
-  if (err == PR_UNKNOWN_ERROR)
-    err = PR_CONNECT_RESET_ERROR;	/* bug in NSPR. */
-  errString = SECU_Strerror(err);
-
-  if (!errString)
-    errString = "(no text available)";
-  PR_fprintf(PR_STDERR, "Error %d: %s: %s", err, errString, msg);
-}
-
-int main(int argc,  char *argv[])
-{
-  char *hostname;
-  PRUint16 rendport=DEFPORT,port;
-  PRHostEnt hp;
-  PRStatus r;
-  PRNetAddr na_client,na_server,na_rend;
-  PRFileDesc *s_server,*s_client,*s_rend; /*rendezvous */
-  char netdbbuf[PR_NETDB_BUF_SIZE];
-  int c_count=0;
-  PLOptState *optstate;
-  PLOptStatus status;
-
-  optstate = PL_CreateOptState(argc,argv,"fvxhslp:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-    switch (optstate->option) {
-    case 'f':
-      fancy++;
-      break;
-    case 'h':
-      hexparse++;
-      break;
-    case 'v':
-      PR_fprintf(PR_STDOUT,"Version: %s\n",VERSIONSTRING);
-      break;
-    case 's':
-      sslparse++;
-      break;
-    case 'x':
-      sslhexparse++;
-      break;
-    case 'l':
-      looparound++;
-      break;
-    case 'p':
-      rendport = atoi(optstate->value);
-      break;
-    case '\0':
-      hostname = PL_strdup(optstate->value);
-    }
-  }
-  if (status == PL_OPT_BAD)
-    Usage();
-
-  if (fancy) {
-    if (!hexparse && !sslparse) {
-      PR_fprintf(PR_STDERR,
-"Note: use of -f without -s or -h not recommended, \n"
-"as the output looks a little strange. It may be useful, however\n");
-    }
-  }
-
-  if(! hostname ) Usage(), exit(2);
-
-  {
-    char *colon = (char *)strchr(hostname, ':');
-    if (!colon) {
-      PR_fprintf(PR_STDERR,
-      "You must specify the host AND port you wish to connect to\n");
-      Usage(), exit(3);
-    }
-    port = atoi(&colon[1]);
-    *colon = '\0';
-
-    if (port == 0) {
-	PR_fprintf(PR_STDERR, "Port must be a nonzero number.\n");
-	exit(4);
-      }
-  }
-
-  /* find the 'server' IP address so we don't have to look it up later */
-
-  if (fancy) {
-      PR_fprintf(PR_STDOUT,"<HTML><HEAD><TITLE>SSLTAP output</TITLE></HEAD>\n");
-      PR_fprintf(PR_STDOUT,"<BODY><PRE>\n");
-    }
-  PR_fprintf(PR_STDERR,"Looking up \"%s\"...\n", hostname);
-  r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
-  if (r) {
-    showErr("Host Name lookup failed\n");
-    exit(5);
-  }
-
-  PR_EnumerateHostEnt(0,&hp,0,&na_server);
-  PR_InitializeNetAddr(PR_IpAddrNull,port,&na_server);
-  /* set up the port which the client will connect to */
-
-  r = PR_InitializeNetAddr(PR_IpAddrAny,rendport,&na_rend);
-  if (r == PR_FAILURE) {
-    PR_fprintf(PR_STDERR,
-    "PR_InitializeNetAddr(,%d,) failed with error %d\n",PR_GetError());
-    exit(0);
-  }
-
-
-  s_rend = PR_NewTCPSocket();
-  if (!s_rend) {
-    showErr("Couldn't create socket\n");
-    exit(6);
-  }
-
-  if (PR_Bind(s_rend, &na_rend )) {
-    PR_fprintf(PR_STDERR,"Couldn't bind to port %d (error %d)\n",rendport, PR_GetError());
-    exit(-1);
-  }
-
-  if ( PR_Listen(s_rend, 5)) {
-    showErr("Couldn't listen\n");
-    exit(-1);
-  }
-
-  PR_fprintf(PR_STDERR,"Proxy socket ready and listening\n");
-  do {	/* accept one connection and process it. */
-      PRPollDesc pds[2];
-
-      s_client = PR_Accept(s_rend,&na_client,PR_SecondsToInterval(3600));
-      if (s_client == NULL) {
-	showErr("accept timed out\n");
-	exit(7);
-      }
-
-      s_server = PR_NewTCPSocket();
-      if (s_server == NULL) {
-	showErr("couldn't open new socket to connect to server \n");
-	exit(8);
-      }
-
-      r = PR_Connect(s_server,&na_server,PR_SecondsToInterval(5));
-
-      if ( r == PR_FAILURE )
-        {
-	  showErr("Couldn't connect\n");
-	  return -1;
-        }
-
-      if (looparound) {
-	if (fancy)  PR_fprintf(PR_STDOUT,"<p><HR><H2>");
-	PR_fprintf(PR_STDOUT,"Connection #%d [%s]\n", c_count+1,
-	                     get_time_string());
-	if (fancy)  PR_fprintf(PR_STDOUT,"</H2>");
-	}
-
-
-      PR_fprintf(PR_STDOUT,"Connected to %s:%d\n", hostname, port);
-
-#define PD_C 0
-#define PD_S 1
-
-      pds[PD_C].fd = s_client;
-      pds[PD_S].fd = s_server;
-      pds[PD_C].in_flags = PR_POLL_READ;
-      pds[PD_S].in_flags = PR_POLL_READ;
-
-      /* make sure the new connections don't start out encrypted. */
-      clientstream.isEncrypted = 0;
-      serverstream.isEncrypted = 0;
-      isV2Session = 0;
-
-      while( (pds[PD_C].in_flags & PR_POLL_READ) != 0 ||
-             (pds[PD_S].in_flags & PR_POLL_READ) != 0 )
-        {  /* Handle all messages on the connection */
-	  PRInt32 amt;
-	  PRInt32 wrote;
-	  unsigned char buffer[ TAPBUFSIZ ];
-
-	  amt = PR_Poll(pds,2,PR_INTERVAL_NO_TIMEOUT);
-	  if (amt <= 0) {
-	    if (amt)
-		showErr( "PR_Poll failed.\n");
-	    else
-		showErr( "PR_Poll timed out.\n");
-	    break;
-	  }
-
-	  if (pds[PD_C].out_flags & PR_POLL_EXCEPT) {
-	    showErr( "Exception on client-side socket.\n");
-	    break;
-	  }
-
-	  if (pds[PD_S].out_flags & PR_POLL_EXCEPT) {
-	    showErr( "Exception on server-side socket.\n");
-	    break;
-	  }
-
-
-/* read data, copy it to stdout, and write to other socket */
-
-	  if ((pds[PD_C].in_flags  & PR_POLL_READ) != 0 &&
-	      (pds[PD_C].out_flags & PR_POLL_READ) != 0 ) {
-
-	    amt = PR_Read(s_client, buffer, sizeof(buffer));
-
-	    if ( amt < 0)  {
-	      showErr( "Client socket read failed.\n");
-	      break;
-	    }
-
-	    if( amt == 0 ) {
-	      PR_fprintf(PR_STDOUT, "Read EOF on Client socket. [%s]\n",
-	                            get_time_string() );
-	      pds[PD_C].in_flags &= ~PR_POLL_READ;
-	      PR_Shutdown(s_server, PR_SHUTDOWN_SEND);
-	      continue;
-	    }
-
-	    PR_fprintf(PR_STDOUT,"--> [\n");
-	    if (fancy) PR_fprintf(PR_STDOUT,"<font color=blue>");
-
-	    if (hexparse)  print_hex(amt, buffer);
-	    if (sslparse)  print_ssl(&clientstream,amt,buffer);
-	    if (!hexparse && !sslparse)  PR_Write(PR_STDOUT,buffer,amt);
-	    if (fancy) PR_fprintf(PR_STDOUT,"</font>");
-	    PR_fprintf(PR_STDOUT,"]\n");
-
-	    wrote = PR_Write(s_server, buffer, amt);
-	    if (wrote != amt )  {
-	      if (wrote < 0) {
-	        showErr("Write to server socket failed.\n");
-		break;
-	      } else {
-		PR_fprintf(PR_STDERR, "Short write to server socket!\n");
-	      }
-	    }
-	  }  /* end of read from client socket. */
-
-/* read data, copy it to stdout, and write to other socket */
-	  if ((pds[PD_S].in_flags  & PR_POLL_READ) != 0 &&
-	      (pds[PD_S].out_flags & PR_POLL_READ) != 0 ) {
-
-	    amt = PR_Read(s_server, buffer, sizeof(buffer));
-
-	    if ( amt < 0)  {
-	      showErr( "error on server-side socket.\n");
-	      break;
-	    }
-
-	    if( amt == 0 ) {
-	      PR_fprintf(PR_STDOUT, "Read EOF on Server socket. [%s]\n",
-	                            get_time_string() );
-	      pds[PD_S].in_flags &= ~PR_POLL_READ;
-	      PR_Shutdown(s_client, PR_SHUTDOWN_SEND);
-	      continue;
-	    } 
-
-	    PR_fprintf(PR_STDOUT,"<-- [\n");
-	    if (fancy) PR_fprintf(PR_STDOUT,"<font color=red>");
-	    if (hexparse)  print_hex(amt, (unsigned char *)buffer);
-	    if (sslparse)  print_ssl(&serverstream,amt,(unsigned char *)buffer);
-	    if (!hexparse && !sslparse)  PR_Write(PR_STDOUT,buffer,amt);
-	    if (fancy) PR_fprintf(PR_STDOUT,"</font>");
-	    PR_fprintf(PR_STDOUT,"]\n");
-
-
-	    wrote = PR_Write(s_client, buffer, amt);
-	    if (wrote != amt )  {
-	      if (wrote < 0) {
-	        showErr("Write to client socket failed.\n");
-		break;
-	      } else {
-		PR_fprintf(PR_STDERR, "Short write to client socket!\n");
-	      }
-	    }
-
-	  } /* end of read from server socket. */
-
-/* Loop, handle next message. */
-
-        }	/* handle messages during a connection loop */
-      PR_Close(s_client);
-      PR_Close(s_server);
-      flush_stream(&clientstream);
-      flush_stream(&serverstream);
-
-      c_count++;
-      PR_fprintf(PR_STDERR,"Connection %d Complete [%s]\n", c_count,
-                            get_time_string() );
-    }  while (looparound); /* accept connection and process it. */
-    PR_Close(s_rend);
-    return 0;
-}
diff --git a/security/nss/cmd/strsclnt/Makefile b/security/nss/cmd/strsclnt/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/strsclnt/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/strsclnt/manifest.mn b/security/nss/cmd/strsclnt/manifest.mn
deleted file mode 100644
index 2333e2c2e..000000000
--- a/security/nss/cmd/strsclnt/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = strsclnt.c
-
-# the MODULE above is always implicitly REQUIREd
-REQUIRES = seccmd dbm 
-
-PROGRAM = strsclnt
-# PROGRAM = ./$(OBJDIR)/strsclnt.exe
-
diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c
deleted file mode 100644
index 461ba0641..000000000
--- a/security/nss/cmd/strsclnt/strsclnt.c
+++ /dev/null
@@ -1,1151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-#include <stdlib.h>
-#if !defined(_WIN32_WCE)
-#include <errno.h>
-#include <fcntl.h>
-#endif
-#include <stdarg.h>
-
-#include "plgetopt.h"
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "sslproto.h"
-#include "nss.h"
-#include "ssl.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#ifndef PORT_Strstr
-#define PORT_Strstr strstr
-#endif
-
-#ifndef PORT_Malloc
-#define PORT_Malloc PR_Malloc
-#endif
-
-#define RD_BUF_SIZE (60 * 1024)
-
-/* Include these cipher suite arrays to re-use tstclnt's 
- * cipher selection code.
- */
-
-int ssl2CipherSuites[] = {
-    SSL_EN_RC4_128_WITH_MD5,                    /* A */
-    SSL_EN_RC4_128_EXPORT40_WITH_MD5,           /* B */
-    SSL_EN_RC2_128_CBC_WITH_MD5,                /* C */
-    SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,       /* D */
-    SSL_EN_DES_64_CBC_WITH_MD5,                 /* E */
-    SSL_EN_DES_192_EDE3_CBC_WITH_MD5,           /* F */
-    0
-};
-
-int ssl3CipherSuites[] = {
-    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,     /* a */
-    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,          /* b */
-    SSL_RSA_WITH_RC4_128_MD5,                   /* c */
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA,              /* d */
-    SSL_RSA_WITH_DES_CBC_SHA,                   /* e */
-    SSL_RSA_EXPORT_WITH_RC4_40_MD5,             /* f */
-    SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,         /* g */
-    SSL_FORTEZZA_DMS_WITH_NULL_SHA,             /* h */
-    SSL_RSA_WITH_NULL_MD5,                      /* i */
-    SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,         /* j */
-    SSL_RSA_FIPS_WITH_DES_CBC_SHA,              /* k */
-    TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, 	/* l */
-    TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,		/* m */
-    SSL_RSA_WITH_RC4_128_SHA,                   /* n */
-    TLS_DHE_DSS_WITH_RC4_128_SHA,		/* o */
-    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,		/* p */
-    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,		/* q */
-    SSL_DHE_RSA_WITH_DES_CBC_SHA,		/* r */
-    SSL_DHE_DSS_WITH_DES_CBC_SHA,		/* s */
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	    	/* t */
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,       	/* u */
-    TLS_RSA_WITH_AES_128_CBC_SHA,     	    	/* v */
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	    	/* w */
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,       	/* x */
-    TLS_RSA_WITH_AES_256_CBC_SHA,     	    	/* y */
-    0
-};
-
-/* This global string is so that client main can see 
- * which ciphers to use. 
- */
-
-static const char *cipherString;
-
-static int certsTested;
-static int MakeCertOK;
-static int NoReuse;
-static PRBool NoDelay;
-static PRBool QuitOnTimeout = PR_FALSE;
-
-static SSL3Statistics * ssl3stats;
-
-static int failed_already = 0;
-
-
-char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-        char *passwd = NULL;
-
-        if ( (!retry) && arg ) {
-                passwd = PL_strdup((char *)arg);
-        }
-
-        return passwd;
-}
-
-int	stopping;
-int	verbose;
-SECItem	bigBuf;
-
-#define PRINTF  if (verbose)  printf
-#define FPRINTF if (verbose) fprintf
-
-static void
-Usage(const char *progName)
-{
-    fprintf(stderr, 
-    	"Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
-	"          [-DNvq] [-f fortezza_nickname] [-2 filename]\n"
-	"          [-w dbpasswd] [-C cipher(s)] [-t threads] hostname\n"
-	" where -v means verbose\n"
-	"       -D means no TCP delays\n"
-	"       -q means quit when server gone (timeout rather than retry forever)\n"
-	"       -N means no session reuse\n",
-	progName);
-    exit(1);
-}
-
-
-static void
-errWarn(char * funcString)
-{
-    PRErrorCode  perr      = PR_GetError();
-    const char * errString = SECU_Strerror(perr);
-
-    fprintf(stderr, "strsclnt: %s returned error %d:\n%s\n",
-            funcString, perr, errString);
-}
-
-static void
-errExit(char * funcString)
-{
-    errWarn(funcString);
-    exit(1);
-}
-
-/**************************************************************************
-** 
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
-    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
-    int             i            = SSL_NumImplementedCiphers;
-    SECStatus       rv;
-
-    /* disable all the SSL3 cipher suites */
-    while (--i >= 0) {
-	PRUint16 suite = cipherSuites[i];
-        rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
-	if (rv != SECSuccess) {
-	    printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
-	    	   suite, i);
-	    errWarn("SSL_CipherPrefSetDefault");
-	    exit(2);
-	}
-    }
-}
-
-/* This invokes the "default" AuthCert handler in libssl.
-** The only reason to use this one is that it prints out info as it goes. 
-*/
-static SECStatus
-mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
-		     PRBool isServer)
-{
-    SECStatus rv;
-    CERTCertificate *    peerCert;
-
-    peerCert = SSL_PeerCertificate(fd);
-
-    PRINTF("strsclnt: Subject: %s\nstrsclnt: Issuer : %s\n", 
-           peerCert->subjectName, peerCert->issuerName); 
-    /* invoke the "default" AuthCert handler. */
-    rv = SSL_AuthCertificate(arg, fd, checkSig, isServer);
-
-    ++certsTested;
-    if (rv == SECSuccess) {
-	fputs("strsclnt: -- SSL: Server Certificate Validated.\n", stderr);
-    } 
-    CERT_DestroyCertificate(peerCert);
-    /* error, if any, will be displayed by the Bad Cert Handler. */
-    return rv;  
-}
-
-static SECStatus
-myBadCertHandler( void *arg, PRFileDesc *fd)
-{
-    int err = PR_GetError();
-    if (!MakeCertOK)
-	fprintf(stderr, 
-	    "strsclnt: -- SSL: Server Certificate Invalid, err %d.\n%s\n", 
-            err, SECU_Strerror(err));
-    return (MakeCertOK ? SECSuccess : SECFailure);
-}
-
-void 
-printSecurityInfo(PRFileDesc *fd)
-{
-    CERTCertificate * cert = NULL;
-    SSL3Statistics * ssl3stats = SSL_GetStatistics();
-    SECStatus result;
-    SSLChannelInfo    channel;
-    SSLCipherSuiteInfo suite;
-
-    static int only_once;
-
-    if (only_once && verbose < 2)
-    	return;
-    only_once = 1;
-
-    result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
-    if (result == SECSuccess && 
-        channel.length == sizeof channel && 
-	channel.cipherSuite) {
-	result = SSL_GetCipherSuiteInfo(channel.cipherSuite, 
-					&suite, sizeof suite);
-	if (result == SECSuccess) {
-	    FPRINTF(stderr, 
-	    "strsclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
-	       channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
-	       suite.effectiveKeyBits, suite.symCipherName, 
-	       suite.macBits, suite.macAlgorithmName);
-	    FPRINTF(stderr, 
-	    "strsclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
-	       channel.authKeyBits, suite.authAlgorithmName,
-	       channel.keaKeyBits,  suite.keaTypeName);
-    	}
-    }
-
-    cert = SSL_LocalCertificate(fd);
-    if (!cert)
-	cert = SSL_PeerCertificate(fd);
-
-    if (verbose && cert) {
-	char * ip = CERT_NameToAscii(&cert->issuer);
-	char * sp = CERT_NameToAscii(&cert->subject);
-        if (sp) {
-	    fprintf(stderr, "strsclnt: subject DN: %s\n", sp);
-	    PR_Free(sp);
-	}
-        if (ip) {
-	    fprintf(stderr, "strsclnt: issuer  DN: %s\n", ip);
-	    PR_Free(ip);
-	}
-    }
-    if (cert) {
-	CERT_DestroyCertificate(cert);
-	cert = NULL;
-    }
-    fprintf(stderr,
-    	"strsclnt: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
-    	ssl3stats->hsh_sid_cache_hits, 
-	ssl3stats->hsh_sid_cache_misses,
-	ssl3stats->hsh_sid_cache_not_ok);
-
-}
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-#define MAX_THREADS 128
-
-typedef int startFn(void *a, void *b, int c);
-
-PRLock    * threadLock;
-PRCondVar * threadStartQ;
-PRCondVar * threadEndQ;
-
-int         numUsed;
-int         numRunning;
-PRInt32     numConnected;
-int         max_threads = 8;	/* default much less than max. */
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
-    void *	a;
-    void *	b;
-    int         c;
-    int         rv;
-    startFn  *  startFunc;
-    PRThread *  prThread;
-    PRBool	inUse;
-    runState	running;
-} perThread;
-
-perThread threads[MAX_THREADS];
-
-void
-thread_wrapper(void * arg)
-{
-    perThread * slot = (perThread *)arg;
-
-    /* wait for parent to finish launching us before proceeding. */
-    PR_Lock(threadLock);
-    PR_Unlock(threadLock);
-
-    slot->rv = (* slot->startFunc)(slot->a, slot->b, slot->c);
-
-    /* Handle cleanup of thread here. */
-    PRINTF("strsclnt: Thread in slot %d returned %d\n", 
-	   slot - threads, slot->rv);
-
-    PR_Lock(threadLock);
-    slot->running = rs_idle;
-    --numRunning;
-
-    /* notify the thread launcher. */
-    PR_NotifyCondVar(threadStartQ);
-
-    PR_Unlock(threadLock);
-}
-
-SECStatus
-launch_thread(
-    startFn *	startFunc,
-    void *	a,
-    void *	b,
-    int         c)
-{
-    perThread * slot;
-    int         i;
-
-    if (!threadStartQ) {
-	threadLock = PR_NewLock();
-	threadStartQ = PR_NewCondVar(threadLock);
-	threadEndQ   = PR_NewCondVar(threadLock);
-    }
-    PR_Lock(threadLock);
-    while (numRunning >= max_threads) {
-    	PR_WaitCondVar(threadStartQ, PR_INTERVAL_NO_TIMEOUT);
-    }
-    for (i = 0; i < numUsed; ++i) {
-	slot = threads + i;
-    	if (slot->running == rs_idle) 
-	    break;
-    }
-    if (i >= numUsed) {
-	if (i >= MAX_THREADS) {
-	    /* something's really wrong here. */
-	    PORT_Assert(i < MAX_THREADS);
-	    PR_Unlock(threadLock);
-	    return SECFailure;
-	}
-	++numUsed;
-	PORT_Assert(numUsed == i + 1);
-	slot = threads + i;
-    }
-
-    slot->a = a;
-    slot->b = b;
-    slot->c = c;
-
-    slot->startFunc = startFunc;
-
-    slot->prThread      = PR_CreateThread(PR_USER_THREAD,
-                                      thread_wrapper, slot,
-				      PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
-				      PR_UNJOINABLE_THREAD, 0);
-    if (slot->prThread == NULL) {
-	PR_Unlock(threadLock);
-	printf("strsclnt: Failed to launch thread!\n");
-	return SECFailure;
-    } 
-
-    slot->inUse   = 1;
-    slot->running = 1;
-    ++numRunning;
-    PR_Unlock(threadLock);
-    PRINTF("strsclnt: Launched thread in slot %d \n", i);
-
-    return SECSuccess;
-}
-
-/* Wait until numRunning == 0 */
-int 
-reap_threads(void)
-{
-    perThread * slot;
-    int         i;
-
-    if (!threadLock)
-    	return 0;
-    PR_Lock(threadLock);
-    while (numRunning > 0) {
-    	PR_WaitCondVar(threadStartQ, PR_INTERVAL_NO_TIMEOUT);
-    }
-
-    /* Safety Sam sez: make sure count is right. */
-    for (i = 0; i < numUsed; ++i) {
-	slot = threads + i;
-    	if (slot->running != rs_idle)  {
-	    FPRINTF(stderr, "strsclnt: Thread in slot %d is in state %d!\n", 
-	            i, slot->running);
-    	}
-    }
-    PR_Unlock(threadLock);
-    return 0;
-}
-
-void
-destroy_thread_data(void)
-{
-    PORT_Memset(threads, 0, sizeof threads);
-
-    if (threadEndQ) {
-    	PR_DestroyCondVar(threadEndQ);
-	threadEndQ = NULL;
-    }
-    if (threadStartQ) {
-    	PR_DestroyCondVar(threadStartQ);
-	threadStartQ = NULL;
-    }
-    if (threadLock) {
-    	PR_DestroyLock(threadLock);
-	threadLock = NULL;
-    }
-}
-
-/**************************************************************************
-** End   thread management routines.
-**************************************************************************/
-
-PRBool useModelSocket = PR_TRUE;
-
-static const char stopCmd[] = { "GET /stop " };
-static const char outHeader[] = {
-    "HTTP/1.0 200 OK\r\n"
-    "Server: Netscape-Enterprise/2.0a\r\n"
-    "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
-    "Content-type: text/plain\r\n"
-    "\r\n"
-};
-
-struct lockedVarsStr {
-    PRLock *	lock;
-    int		count;
-    int		waiters;
-    PRCondVar *	condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void 
-lockedVars_Init( lockedVars * lv)
-{
-    lv->count   = 0;
-    lv->waiters = 0;
-    lv->lock    = PR_NewLock();
-    lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
-    PR_DestroyCondVar(lv->condVar);
-    lv->condVar = NULL;
-
-    PR_DestroyLock(lv->lock);
-    lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
-    PR_Lock(lv->lock);
-    while (lv->count > 0) {
-    	PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
-    }
-    PR_Unlock(lv->lock);
-}
-
-int	/* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
-    int rv;
-
-    PR_Lock(lv->lock);
-    rv = lv->count += addend;
-    if (rv <= 0) {
-	PR_NotifyCondVar(lv->condVar);
-    }
-    PR_Unlock(lv->lock);
-    return rv;
-}
-
-int
-do_writes(
-    void *       a,
-    void *       b,
-    int          c)
-{
-    PRFileDesc *	ssl_sock	= (PRFileDesc *)a;
-    lockedVars *	lv 		= (lockedVars *)b;
-    int			sent  		= 0;
-    int 		count		= 0;
-
-    while (sent < bigBuf.len) {
-
-	count = PR_Write(ssl_sock, bigBuf.data + sent, bigBuf.len - sent);
-	if (count < 0) {
-	    errWarn("PR_Write bigBuf");
-	    break;
-	}
-	FPRINTF(stderr, "strsclnt: PR_Write wrote %d bytes from bigBuf\n", 
-		count );
-	sent += count;
-    }
-    if (count >= 0) {	/* last write didn't fail. */
-    	PR_Shutdown(ssl_sock, PR_SHUTDOWN_SEND);
-    }
-
-    /* notify the reader that we're done. */
-    lockedVars_AddToCount(lv, -1);
-    return (sent < bigBuf.len) ? SECFailure : SECSuccess;
-}
-
-int 
-handle_fdx_connection( PRFileDesc * ssl_sock, int connection)
-{
-    SECStatus          result;
-    int                firstTime = 1;
-    int                countRead = 0;
-    lockedVars         lv;
-    char               *buf;
-
-
-    lockedVars_Init(&lv);
-    lockedVars_AddToCount(&lv, 1);
-
-    /* Attempt to launch the writer thread. */
-    result = launch_thread(do_writes, ssl_sock, &lv, connection);
-
-    if (result != SECSuccess) 
-    	goto cleanup;
-
-    buf = PR_Malloc(RD_BUF_SIZE);
-
-    if (buf) {
-	do {
-	    /* do reads here. */
-	    PRInt32 count;
-
-	    count = PR_Read(ssl_sock, buf, RD_BUF_SIZE);
-	    if (count < 0) {
-		errWarn("PR_Read");
-		break;
-	    }
-	    countRead += count;
-	    FPRINTF(stderr, 
-		    "strsclnt: connection %d read %d bytes (%d total).\n", 
-		    connection, count, countRead );
-	    if (firstTime) {
-		firstTime = 0;
-		printSecurityInfo(ssl_sock);
-	    }
-	} while (lockedVars_AddToCount(&lv, 0) > 0);
-	PR_Free(buf);
-	buf = 0;
-    }
-
-    /* Wait for writer to finish */
-    lockedVars_WaitForDone(&lv);
-    lockedVars_Destroy(&lv);
-
-    FPRINTF(stderr, 
-    "strsclnt: connection %d read %d bytes total. -----------------------\n", 
-    	    connection, countRead);
-
-cleanup:
-    /* Caller closes the socket. */
-
-    return SECSuccess;
-}
-
-const char request[] = {"GET /abc HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection( PRFileDesc *ssl_sock, int connection)
-{
-    int	    countRead = 0;
-    PRInt32 rv;
-    char    *buf;
-
-    buf = PR_Malloc(RD_BUF_SIZE);
-    if (!buf)
-	return SECFailure;
-
-    /* compose the http request here. */
-
-    rv = PR_Write(ssl_sock, request, strlen(request));
-    if (rv <= 0) {
-	errWarn("PR_Write");
-	PR_Free(buf);
-	buf = 0;
-        failed_already = 1;
-	return SECFailure;
-    }
-    printSecurityInfo(ssl_sock);
-
-    /* read until EOF */
-    while (1) {
-	rv = PR_Read(ssl_sock, buf, RD_BUF_SIZE);
-	if (rv == 0) {
-	    break;	/* EOF */
-	}
-	if (rv < 0) {
-	    errWarn("PR_Read");
-	    break;
-	}
-
-	countRead += rv;
-	FPRINTF(stderr, "strsclnt: connection %d read %d bytes (%d total).\n", 
-		connection, rv, countRead );
-    }
-    PR_Free(buf);
-    buf = 0;
-
-    /* Caller closes the socket. */
-
-    FPRINTF(stderr, 
-    "strsclnt: connection %d read %d bytes total. -----------------------\n", 
-    	    connection, countRead);
-
-    return SECSuccess;	/* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-int
-do_connects(
-    void *	a,
-    void *	b,
-    int         connection)
-{
-    PRNetAddr  *        addr		= (PRNetAddr *)  a;
-    PRFileDesc *        model_sock	= (PRFileDesc *) b;
-    PRFileDesc *        ssl_sock	= 0;
-    PRFileDesc *        tcp_sock	= 0;
-    PRStatus	        prStatus;
-    PRUint32            sleepInterval	= 50; /* milliseconds */
-    SECStatus   	result;
-    int                 rv 		= SECSuccess;
-    PRSocketOptionData  opt;
-
-retry:
-
-    tcp_sock = PR_NewTCPSocket();
-    if (tcp_sock == NULL) {
-	errExit("PR_NewTCPSocket");
-    }
-
-    opt.option             = PR_SockOpt_Nonblocking;
-    opt.value.non_blocking = PR_FALSE;
-    prStatus = PR_SetSocketOption(tcp_sock, &opt);
-    if (prStatus != PR_SUCCESS) {
-	errWarn("PR_SetSocketOption(PR_SockOpt_Nonblocking, PR_FALSE)");
-    	PR_Close(tcp_sock);
-	return SECSuccess;
-    } 
-
-    if (NoDelay) {
-	opt.option         = PR_SockOpt_NoDelay;
-	opt.value.no_delay = PR_TRUE;
-	prStatus = PR_SetSocketOption(tcp_sock, &opt);
-	if (prStatus != PR_SUCCESS) {
-	    errWarn("PR_SetSocketOption(PR_SockOpt_NoDelay, PR_TRUE)");
-	    PR_Close(tcp_sock);
-	    return SECSuccess;
-	} 
-    }
-
-    prStatus = PR_Connect(tcp_sock, addr, PR_INTERVAL_NO_TIMEOUT);
-    if (prStatus != PR_SUCCESS) {
-	PRErrorCode err = PR_GetError();
-	if ((err == PR_CONNECT_REFUSED_ERROR) || 
-	    (err == PR_CONNECT_RESET_ERROR)      ) {
-	    int connections = numConnected;
-
-	    PR_Close(tcp_sock);
-	    if (connections > 2 && max_threads >= connections) {
-	        max_threads = connections - 1;
-		fprintf(stderr,"max_threads set down to %d\n", max_threads);
-	    }
-            if (QuitOnTimeout && sleepInterval > 40000) {
-                fprintf(stderr,
-	            "strsclnt: Client timed out waiting for connection to server.\n");
-                exit(1);
-            }
-	    PR_Sleep(PR_MillisecondsToInterval(sleepInterval));
-	    sleepInterval <<= 1;
-	    goto retry;
-	}
-	errWarn("PR_Connect");
-	rv = SECFailure;
-	goto done;
-    }
-
-    ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
-    /* XXX if this import fails, close tcp_sock and return. */
-    if (!ssl_sock) {
-    	PR_Close(tcp_sock);
-	return SECSuccess;
-    }
-
-    rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 0);
-    if (rv != SECSuccess) {
-	errWarn("SSL_ResetHandshake");
-	goto done;
-    }
-
-    PR_AtomicIncrement(&numConnected);
-
-    if (bigBuf.data != NULL) {
-	result = handle_fdx_connection( ssl_sock, connection);
-    } else {
-	result = handle_connection( ssl_sock, connection);
-    }
-
-    PR_AtomicDecrement(&numConnected);
-
-done:
-    if (ssl_sock) {
-	PR_Close(ssl_sock);
-    } else if (tcp_sock) {
-	PR_Close(tcp_sock);
-    }
-    return SECSuccess;
-}
-
-/* Returns IP address for hostname as PRUint32 in Host Byte Order.
-** Since the value returned is an integer (not a string of bytes), 
-** it is inherently in Host Byte Order. 
-*/
-PRUint32
-getIPAddress(const char * hostName) 
-{
-    const unsigned char *p;
-    PRStatus	         prStatus;
-    PRUint32	         rv;
-    PRHostEnt	         prHostEnt;
-    char                 scratch[PR_NETDB_BUF_SIZE];
-
-    prStatus = PR_GetHostByName(hostName, scratch, sizeof scratch, &prHostEnt);
-    if (prStatus != PR_SUCCESS)
-	errExit("PR_GetHostByName");
-
-#undef  h_addr
-#define h_addr  h_addr_list[0]   /* address, for backward compatibility */
-
-    p = (const unsigned char *)(prHostEnt.h_addr); /* in Network Byte order */
-    FPRINTF(stderr, "strsclnt: %s -> %d.%d.%d.%d\n", hostName, 
-	    p[0], p[1], p[2], p[3]);
-    rv = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
-    return rv;
-}
-
-void
-client_main(
-    unsigned short      port, 
-    int                 connections, 
-    SECKEYPrivateKey ** privKey,
-    CERTCertificate **  cert, 
-    const char *	hostName,
-    char *		nickName)
-{
-    PRFileDesc *model_sock	= NULL;
-    int         i;
-    int         rv;
-    PRUint32	ipAddress;	/* in host byte order */
-    PRNetAddr   addr;
-
-    /* Assemble NetAddr struct for connections. */
-    ipAddress = getIPAddress(hostName);
-
-    addr.inet.family = PR_AF_INET;
-    addr.inet.port   = PR_htons(port);
-    addr.inet.ip     = PR_htonl(ipAddress);
-
-    /* all suites except RSA_NULL_MD5 are enabled by Domestic Policy */
-    NSS_SetDomesticPolicy();
-
-    /* all the SSL2 and SSL3 cipher suites are enabled by default. */
-    if (cipherString) {
-        int ndx;
-
-        /* disable all the ciphers, then enable the ones we want. */
-        disableAllSSLCiphers();
-
-        while (0 != (ndx = *cipherString++)) {
-            int *cptr;
-            int  cipher;
-
-            if (! isalpha(ndx))
-                Usage("strsclnt");
-            cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-            for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
-                /* do nothing */;
-            if (cipher) {
-		SECStatus rv;
-                rv = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
-		if (rv != SECSuccess) {
-		    fprintf(stderr, 
-		"strsclnt: SSL_CipherPrefSetDefault failed with value 0x%04x\n",
-			    cipher);
-		    exit(1);
-		}
-            }
-        }
-    }
-
-    /* configure model SSL socket. */
-
-    model_sock = PR_NewTCPSocket();
-    if (model_sock == NULL) {
-	errExit("PR_NewTCPSocket on model socket");
-    }
-
-    model_sock = SSL_ImportFD(NULL, model_sock);
-    if (model_sock == NULL) {
-	errExit("SSL_ImportFD");
-    }
-
-    /* do SSL configuration. */
-
-    rv = SSL_OptionSet(model_sock, SSL_SECURITY, 1);
-    if (rv < 0) {
-	errExit("SSL_OptionSet SSL_SECURITY");
-    }
-
-    if (bigBuf.data) { /* doing FDX */
-	rv = SSL_OptionSet(model_sock, SSL_ENABLE_FDX, 1);
-	if (rv < 0) {
-	    errExit("SSL_OptionSet SSL_ENABLE_FDX");
-	}
-    }
-
-    if (NoReuse) {
-	rv = SSL_OptionSet(model_sock, SSL_NO_CACHE, 1);
-	if (rv < 0) {
-	    errExit("SSL_OptionSet SSL_NO_CACHE");
-	}
-    }
-
-    SSL_SetURL(model_sock, hostName);
-
-    SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate, 
-			    (void *)CERT_GetDefaultCertDB());
-
-    SSL_BadCertHook(model_sock, myBadCertHandler, NULL);
-
-    SSL_GetClientAuthDataHook(model_sock, NSS_GetClientAuthData, nickName);
-
-    /* I'm not going to set the HandshakeCallback function. */
-
-    /* end of ssl configuration. */
-
-    i = 1;
-    if (!NoReuse) {
-	rv = launch_thread(do_connects, &addr, model_sock, i);
-	--connections;
-	++i;
-	/* wait for the first connection to terminate, then launch the rest. */
-	reap_threads();
-    }
-    if (connections > 0) {
-	/* Start up the connections */
-	do {
-	    rv = launch_thread(do_connects, &addr, model_sock, i);
-	    ++i;
-	} while (--connections > 0);
-	reap_threads();
-    }
-    destroy_thread_data();
-
-    PR_Close(model_sock);
-
-}
-
-SECStatus
-readBigFile(const char * fileName)
-{
-    PRFileInfo  info;
-    PRStatus	status;
-    SECStatus	rv	= SECFailure;
-    int		count;
-    int		hdrLen;
-    PRFileDesc *local_file_fd = NULL;
-
-    status = PR_GetFileInfo(fileName, &info);
-
-    if (status == PR_SUCCESS &&
-	info.type == PR_FILE_FILE &&
-	info.size > 0 &&
-	NULL != (local_file_fd = PR_Open(fileName, PR_RDONLY, 0))) {
-
-	hdrLen      = PORT_Strlen(outHeader);
-	bigBuf.len  = hdrLen + info.size;
-	bigBuf.data = PORT_Malloc(bigBuf.len + 4095);
-	if (!bigBuf.data) {
-	    errWarn("PORT_Malloc");
-	    goto done;
-	}
-
-	PORT_Memcpy(bigBuf.data, outHeader, hdrLen);
-
-	count = PR_Read(local_file_fd, bigBuf.data + hdrLen, info.size);
-	if (count != info.size) {
-	    errWarn("PR_Read local file");
-	    goto done;
-	}
-	rv = SECSuccess;
-done:
-	PR_Close(local_file_fd);
-    }
-    return rv;
-}
-
-int
-main(int argc, char **argv)
-{
-    const char *         dir         = ".";
-    char *               fNickName   = NULL;
-    const char *         fileName    = NULL;
-    char *               hostName    = NULL;
-    char *               nickName    = NULL;
-    char *               progName    = NULL;
-    char *               tmp         = NULL;
-    char *		 passwd      = NULL;
-    CERTCertificate *    cert   [kt_kea_size] = { NULL };
-    SECKEYPrivateKey *   privKey[kt_kea_size] = { NULL };
-    int                  connections = 1;
-    int                  exitVal;
-    int                  tmpInt;
-    unsigned short       port        = 443;
-    SECStatus            rv;
-    PLOptState *         optstate;
-    PLOptStatus          status;
-
-    /* Call the NSPR initialization routines */
-    PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-    tmp      = strrchr(argv[0], '/');
-    tmp      = tmp ? tmp + 1 : argv[0];
-    progName = strrchr(tmp, '\\');
-    progName = progName ? progName + 1 : tmp;
- 
-
-    optstate = PL_CreateOptState(argc, argv, "2:C:DNc:d:f:n:op:t:vqw:");
-    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch(optstate->option) {
-
-	case '2': fileName = optstate->value; break;
-
-	case 'C': cipherString = optstate->value; break;
-
-	case 'D': NoDelay = PR_TRUE; break;
-
-	case 'N': NoReuse = 1; break;
-
-	case 'c': connections = PORT_Atoi(optstate->value); break;
-
-	case 'd': dir = optstate->value; break;
-
-	case 'f': fNickName = PL_strdup(optstate->value); break;
-
-        case 'n': nickName = PL_strdup(optstate->value); break;
-
-	case 'o': MakeCertOK = 1; break;
-
-	case 'p': port = PORT_Atoi(optstate->value); break;
-
-	case 'q': QuitOnTimeout = PR_TRUE; break;
-
-	case 't':
-	    tmpInt = PORT_Atoi(optstate->value);
-	    if (tmpInt > 0 && tmpInt < MAX_THREADS) 
-	        max_threads = tmpInt;
-	    break;
-
-        case 'v': verbose++; break;
-
-	case 'w': passwd = PL_strdup(optstate->value); break;
-
-	case 0:   /* positional parameter */
-	    if (hostName) {
-		Usage(progName);
-	    }
-	    hostName = PL_strdup(optstate->value);
-	    break;
-
-	default:
-	case '?':
-	    Usage(progName);
-	    break;
-
-	}
-    }
-    if (!hostName || status == PL_OPT_BAD)
-    	Usage(progName);
-
-    if (port == 0)
-	Usage(progName);
-
-    if (fileName)
-    	readBigFile(fileName);
-
-    /* set our password function */
-    if ( passwd ) {
-	PK11_SetPasswordFunc(ownPasswd);
-    } else {
-	PK11_SetPasswordFunc(SECU_GetModulePassword);
-    }
-
-    /* Call the libsec initialization routines */
-    rv = NSS_Init(dir);
-    if (rv != SECSuccess) {
-    	fputs("NSS_Init failed.\n", stderr);
-	exit(1);
-    }
-    ssl3stats = SSL_GetStatistics();
-
-    if (nickName  && strcmp(nickName, "none")) {
-
-	cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd);
-	if (cert[kt_rsa] == NULL) {
-	    fprintf(stderr, "strsclnt: Can't find certificate %s\n", nickName);
-	    exit(1);
-	}
-
-	privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd);
-	if (privKey[kt_rsa] == NULL) {
-	    fprintf(stderr, "strsclnt: Can't find Private Key for cert %s\n", 
-		    nickName);
-	    exit(1);
-	}
-
-    }
-    if (fNickName) {
-	cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, passwd);
-	if (cert[kt_fortezza] == NULL) {
-	    fprintf(stderr, "strsclnt: Can't find certificate %s\n", fNickName);
-	    exit(1);
-	}
-
-	privKey[kt_fortezza] = PK11_FindKeyByAnyCert(cert[kt_fortezza], passwd);
-	if (privKey[kt_fortezza] == NULL) {
-	    fprintf(stderr, "strsclnt: Can't find Private Key for cert %s\n", 
-		    fNickName);
-	    exit(1);
-	}
-    }
-
-    client_main(port, connections, privKey, cert, hostName, nickName);
-
-    /* clean up */
-    if (cert[kt_rsa]) {
-	CERT_DestroyCertificate(cert[kt_rsa]);
-    }
-    if (cert[kt_fortezza]) {
-	CERT_DestroyCertificate(cert[kt_fortezza]);
-    }
-    if (privKey[kt_rsa]) {
-	SECKEY_DestroyPrivateKey(privKey[kt_rsa]);
-    }
-    if (privKey[kt_fortezza]) {
-	SECKEY_DestroyPrivateKey(privKey[kt_fortezza]);
-    }
-
-    /* some final stats. */
-    if (ssl3stats->hsh_sid_cache_hits + ssl3stats->hsh_sid_cache_misses +
-        ssl3stats->hsh_sid_cache_not_ok == 0) {
-	/* presumably we were testing SSL2. */
-	printf("strsclnt: %d server certificates tested.\n", certsTested);
-    } else {
-	printf(
-	"strsclnt: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
-	    ssl3stats->hsh_sid_cache_hits, 
-	    ssl3stats->hsh_sid_cache_misses,
-	    ssl3stats->hsh_sid_cache_not_ok);
-    }
-
-    if (!NoReuse)
-	exitVal = (ssl3stats->hsh_sid_cache_misses > 1) ||
-                (ssl3stats->hsh_sid_cache_not_ok != 0) ||
-                (certsTested > 1);
-    else
-	exitVal = (ssl3stats->hsh_sid_cache_misses != connections) ||
-                (certsTested != connections);
-
-    exitVal = ( exitVal || failed_already );
-    NSS_Shutdown();
-    PR_Cleanup();
-    return exitVal;
-}
-
diff --git a/security/nss/cmd/swfort/Makefile b/security/nss/cmd/swfort/Makefile
deleted file mode 100644
index a5b4350a6..000000000
--- a/security/nss/cmd/swfort/Makefile
+++ /dev/null
@@ -1,108 +0,0 @@
-#! gmake
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-CORE_DEPTH = ../../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-# 	$(NULL)
-
-
-INCLUDES += \
-	-I$(DIST)/../public/security \
-	-I$(DIST)/../private/security \
-	-I$(DEPTH)/security/lib/cert \
-	-I$(DEPTH)/security/lib/key \
-	-I$(DEPTH)/security/lib/util  \
-	-I./include \
-	$(NULL)
-
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
-	$(DIST)/lib/libdbm.$(LIB_SUFFIX) \
-	$(DIST)/lib/libxp.$(LIB_SUFFIX) \
-	$(DIST)/lib/libnspr.$(LIB_SUFFIX) \
-	$(NULL)
-
-#	$(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There are a circular dependancies in security/lib, and we deal with it by 
-# double linking some libraries
-SEC_LIBS = \
-	$(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
-        $(DIST)/lib/libssl.$(LIB_SUFFIX) \
-        $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcert.$(LIB_SUFFIX) \
-        $(DIST)/lib/libkey.$(LIB_SUFFIX) \
-	$(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
-        $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
-        $(DIST)/lib/libssl.$(LIB_SUFFIX) \
-        $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcert.$(LIB_SUFFIX) \
-        $(DIST)/lib/libkey.$(LIB_SUFFIX) \
-	$(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
-        $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
-        $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
-        $(DIST)/lib/libhash.$(LIB_SUFFIX) \
-	$(NULL)
-
-MYLIB	= lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS	= $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS	= $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) 
-
-REQUIRES = libxp nspr security
-
-CSRCS	= $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS	= $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS		= $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS 	= $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS	= $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-symbols::
-	@echo "TARGETS	= $(TARGETS)"
diff --git a/security/nss/cmd/swfort/instinit/Makefile b/security/nss/cmd/swfort/instinit/Makefile
deleted file mode 100644
index f912d54cd..000000000
--- a/security/nss/cmd/swfort/instinit/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../../platrules.mk
diff --git a/security/nss/cmd/swfort/instinit/instinit.c b/security/nss/cmd/swfort/instinit/instinit.c
deleted file mode 100644
index dcc9e3245..000000000
--- a/security/nss/cmd/swfort/instinit/instinit.c
+++ /dev/null
@@ -1,422 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-
-#include "prio.h"
-#include "seccomon.h"
-#include "swforti.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "nss.h"
-#include "secutil.h"
-
-#define CERTDB_VALID_CA        (1<<3)
-#define CERTDB_TRUSTED_CA      (1<<4) /* trusted for issuing server certs */
-
-void secmod_GetInternalModule(SECMODModule *module);
-void sec_SetCheckKRLState(int i);
-
-#define STEP 16
-void
-printItem(SECItem *key) {
- int i;
- unsigned char *block;
- int len;
- for (block=key->data,len=key->len; len > 0; len -= STEP,block += STEP) {
-     for(i=0; i < STEP && i < len; i++) printf(" %02x ",block[i]);
-     printf("\n");
- }
- printf("\n");
-}
-
-void
-dump(unsigned char *block, int len) {
- int i;
- for (; len > 0; len -= STEP,block += STEP) {
-     for(i=0; i < STEP && i < len; i++) printf(" %02x ",block[i]);
-     printf("\n");
- }
- printf("\n");
-}
-
-
-/*
- * We need to move this to security/cmd .. so we can use the password
- * prompting infrastructure.
- */
-char *GetUserInput(char * prompt) 
-{
-    char phrase[200];
-
-	    fprintf(stderr, "%s", prompt);
-            fflush (stderr);
-
-	fgets ((char*) phrase, sizeof(phrase), stdin);
-
-	/* stomp on newline */
-	phrase[PORT_Strlen((char*)phrase)-1] = 0;
-
-	/* Validate password */
-	return (char*) PORT_Strdup((char*)phrase);
-}
-
-void ClearPass(char *pass) {
-    PORT_Memset(pass,0,strlen(pass));
-    PORT_Free(pass);
-}
-
-char *
-formatDERIssuer(FORTSWFile *file,SECItem *derIssuer)
-{
-    CERTName name;
-    SECStatus rv;
-
-    PORT_Memset(&name,0,sizeof(name));;
-    rv = SEC_ASN1DecodeItem(file->arena,&name,CERT_NameTemplate,derIssuer);
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-    return CERT_NameToAscii(&name);
-}
-
-#define NETSCAPE_INIT_FILE "nsswft.swf"
-
-char *getDefaultTarget(void)
-{
-    char *fname = NULL;
-    char *home = NULL;
-    static char unix_home[512];
-
-    /* first try to get it from the environment */
-    fname = getenv("SW_FORTEZZA_FILE");
-    if (fname != NULL) {
-	return PORT_Strdup(fname);
-    }
-
-#ifdef XP_UNIX
-    home = getenv("HOME");
-    if (home) {
-	strncpy(unix_home,home, sizeof(unix_home)-sizeof("/.netscape/"NETSCAPE_INIT_FILE));
-	strcat(unix_home,"/.netscape/"NETSCAPE_INIT_FILE);
-	return unix_home;
-    }
-#endif
-#ifdef XP_WIN
-    home = getenv("windir");
-    if (home) {
-	strncpy(unix_home,home, sizeof(unix_home)-sizeof("\\"NETSCAPE_INIT_FILE));
-	strcat(unix_home,"\\"NETSCAPE_INIT_FILE);
-	return unix_home;
-    }
-#endif
-    return (NETSCAPE_INIT_FILE);
-}
-
-void
-usage(char *prog) {
-   fprintf(stderr,"usage: %s [-v][-f][-t transport_pass][-u user_pass][-o output_file] source_file\n",prog);
-   exit(1);
-}
-	
-main(int argc, char ** argv)
-{
-
-    FORTSignedSWFile * swfile;
-    int size;
-    SECItem file;
-    char *progname = *argv++;
-    char *filename = NULL;
-    char *outname = NULL;
-    char *cp;
-    int verbose = 0;
-    int force = 0;
-    CERTCertDBHandle *certhandle = NULL;
-    CERTCertificate *cert;
-    CERTCertTrust *trust;
-    char * pass;
-    SECStatus rv;
-    int i;
-    SECMODModule *module;
-    int64 now; /* XXXX */
-    char *issuer;
-    char *transport_pass = NULL;
-    char *user_pass = NULL;
-    SECItem *outItem = NULL;
-    PRFileDesc *fd;
-    PRFileInfo info;
-    PRStatus prv;
-
-
-
-   
-    /* put better argument parsing here */
-    while ((cp = *argv++) != NULL) {
-	if (*cp == '-') {
-	    while (*++cp) {
-		switch (*cp) {
-		/* verbose mode */
-		case 'v':
-		    verbose++;
-		    break;
-		/* explicitly set the target */
-		case 'o':
-		    outname = *argv++;
-		    break;
-		case 'f':
-		/* skip errors in signatures without prompts */
-		    force++;
-		    break;
-		case 't':
-		/* provide password on command line */
-		    transport_pass = *argv++;
-		    break;
-		case 'u':
-		/* provide user password on command line */
-		    user_pass = *argv++;
-		    break;
-		default:
-		    usage(progname);
-		    break;
-		}
-	    }
-	} else if (filename) {
-	    usage(progname);
-	} else {
-	    filename = cp;
-	}
-    }
-
-    if (filename == NULL) usage(progname);
-    if (outname == NULL) outname = getDefaultTarget();
-
-
-    now = PR_Now();
-    /* read the file in */ 
-    fd = PR_Open(filename,PR_RDONLY,0);
-    if (fd == NULL) { 
-	fprintf(stderr,"%s: couldn't open file \"%s\".\n",progname,filename); 
-	exit(1);
-    }
-
-    prv = PR_GetOpenFileInfo(fd,&info);
-    if (prv != PR_SUCCESS) {
-	fprintf(stderr,"%s: couldn't get info on file \"%s\".\n",
-							progname,filename); 
-	exit(1);
-    }
-
-    size = info.size;
-
-    file.data = malloc(size);
-    file.len = size;
-
-    file.len = PR_Read(fd,file.data,file.len);
-    if (file.len < 0) { 
-	fprintf(stderr,"%s: couldn't read file \"%s\".\n",progname, filename); 
-	exit(1);
-    }
-
-    PR_Close(fd);
-
-    /* Parse the file */
-    swfile = FORT_GetSWFile(&file);
-    if (swfile == NULL) {
-	fprintf(stderr,
-	   "%s: File \"%s\" not a valid FORTEZZA initialization file.\n",
-		progname,filename);
-	exit(1);
-    }
-
-    issuer = formatDERIssuer(&swfile->file,&swfile->file.derIssuer);
-    if (issuer == NULL) {
-	issuer = "<Invalid Issuer DER>";
-    }
-
-    if (verbose) {
-	printf("Processing file %s ....\n",filename);
-	printf("  Version %ld\n",DER_GetInteger(&swfile->file.version));
-	printf("  Issuer: %s\n",issuer);
-	printf("  Serial Number: ");
-	for (i=0; i < (int)swfile->file.serialID.len; i++) {
-	    printf(" %02x",swfile->file.serialID.data[i]);
-	}
-	printf("\n");
-    }
-
-
-    /* Check the Initalization phrase and save Kinit */
-    if (!transport_pass) {
-    	pass = SECU_GetPasswordString(NULL,"Enter the Initialization Memphrase:");
-	transport_pass = pass;
-    }
-    rv = FORT_CheckInitPhrase(swfile,transport_pass);
-    if (rv != SECSuccess) {
-	fprintf(stderr,
-		"%s: Invalid Initialization Memphrase for file \"%s\".\n",
-		progname,filename);
-	exit(1);
-    }
-
-    /* Check the user or init phrase and save Ks, use Kinit to unwrap the
-     * remaining data. */
-    if (!user_pass) {
-    	pass = SECU_GetPasswordString(NULL,"Enter the User Memphrase or the User PIN:");
-	user_pass = pass;
-    }
-    rv = FORT_CheckUserPhrase(swfile,user_pass);
-    if (rv != SECSuccess) {
-	fprintf(stderr,"%s: Invalid User Memphrase or PIN for file \"%s\".\n",
-		progname,filename);
-	exit(1);
-    }
-
-    NSS_NoDB_Init(NULL);
-    sec_SetCheckKRLState(1);
-    certhandle = CERT_GetDefaultCertDB();
-
-    /* now dump the certs into the temparary data base */
-    for (i=0; swfile->file.slotEntries[i]; i++) {
-	int trusted = 0;
-    	SECItem *derCert = FORT_GetDERCert(swfile,
-			swfile->file.slotEntries[i]->certIndex);
-
-	if (derCert == NULL) {
-	    if (verbose) {
-	       printf(" Cert %02d: %s \"%s\" \n",
-		swfile->file.slotEntries[i]->certIndex,
-			"untrusted", "Couldn't decrypt Cert");
-	    }
-	    continue;
-	}
-	cert = CERT_NewTempCertificate(certhandle, derCert, NULL,
-							PR_FALSE, PR_TRUE);
-	if (cert == NULL) {
-	    if (verbose) {
-	       printf(" Cert %02d: %s \"%s\" \n",
-		swfile->file.slotEntries[i]->certIndex,
-			"untrusted", "Couldn't decode Cert");
-	    }
-	    continue;
-	}
-	if (swfile->file.slotEntries[i]->trusted.data[0]) {
-	    /* Add TRUST */
-	    trust = PORT_ArenaAlloc(cert->arena,sizeof(CERTCertTrust));
-	    if (trust != NULL) {
-	        trust->sslFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
-	        trust->emailFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
-	        trust->objectSigningFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
-	        cert->trust = trust;
-		trusted++;
-	    }
-	}
-	if (verbose) {
-	    printf(" Cert %02d: %s \"%s\" \n",
-		swfile->file.slotEntries[i]->certIndex,
-		trusted?" trusted ":"untrusted",
-			CERT_NameToAscii(&cert->subject));
-	}
-    }
-
-    fflush(stdout);
-
-
-    cert = CERT_FindCertByName(certhandle,&swfile->file.derIssuer);
-    if (cert == NULL) {
-	fprintf(stderr,"%s: Couldn't find signer certificate \"%s\".\n",
-		progname,issuer);
-	rv = SECFailure;
-	goto noverify;
-    }
-    rv = CERT_VerifySignedData(&swfile->signatureWrap,cert, now, NULL);
-    if (rv != SECSuccess) {
-	fprintf(stderr,
-	  "%s: Couldn't verify the signature on file \"%s\" with certificate \"%s\".\n",
-		progname,filename,issuer);
-	goto noverify;
-    }
-    rv = CERT_VerifyCert(certhandle, cert, PR_TRUE, certUsageSSLServer,
-								now ,NULL,NULL);
-    /* not an normal cert, see if it's a CA? */
-    if (rv != SECSuccess) {
-	rv = CERT_VerifyCert(certhandle, cert, PR_TRUE, certUsageAnyCA,
-								now ,NULL,NULL);
-    }
-    if (rv != SECSuccess) {
-	fprintf(stderr,"%s: Couldn't verify the signer certificate \"%s\".\n",
-		progname,issuer);
-	goto noverify;
-    }
-
-noverify:
-    if (rv != SECSuccess) {
-	if (!force) {
-	    pass = GetUserInput(
-	       "Signature verify failed, continue without verification? ");
-	    if (!(pass && ((*pass == 'Y') || (*pass == 'y')))) {
-		exit(1);
-            }
-	}
-    }
-
-
-    /* now write out the modified init file for future use */
-    outItem = FORT_PutSWFile(swfile);
-    if (outItem == NULL) {
-	fprintf(stderr,"%s: Couldn't format target init file.\n",
-		progname);
-	goto noverify;
-    }
-
-    if (verbose) {
-	printf("writing modified file out to \"%s\".\n",outname);
-    }
-
-    /* now write it out */
-    fd = PR_Open(outname,PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE,0700);
-    if (fd == NULL) { 
-	fprintf(stderr,"%s: couldn't open file \"%s\".\n",progname,outname); 
-	exit(1);
-    }
-
-    file.len = PR_Write(fd,outItem->data,outItem->len);
-    if (file.len < 0) { 
-	fprintf(stderr,"%s: couldn't read file \"%s\".\n",progname, filename); 
-	exit(1);
-    }
-
-    PR_Close(fd);
-    
-    exit(0);
-    return (0);
-}
-
diff --git a/security/nss/cmd/swfort/instinit/manifest.mn b/security/nss/cmd/swfort/instinit/manifest.mn
deleted file mode 100644
index 83cb3e2da..000000000
--- a/security/nss/cmd/swfort/instinit/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-DEFINES += -DNSPR20
-
-MODULE = security
-
-CSRCS = instinit.c
-
-REQUIRES = security nspr dbm seccmd
-
-PROGRAM = instinit
-# PROGRAM = ./$(OBJDIR)/selfserv.exe
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/swfort/manifest.mn b/security/nss/cmd/swfort/manifest.mn
deleted file mode 100644
index 2f8be569d..000000000
--- a/security/nss/cmd/swfort/manifest.mn
+++ /dev/null
@@ -1,38 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH	= ../../..
-
-REQUIRES = security seccmd dbm
-
-
-DIRS = instinit newuser
diff --git a/security/nss/cmd/swfort/newuser/Makefile b/security/nss/cmd/swfort/newuser/Makefile
deleted file mode 100644
index f0a47a0a3..000000000
--- a/security/nss/cmd/swfort/newuser/Makefile
+++ /dev/null
@@ -1,83 +0,0 @@
-#! gmake
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-ctmp := $(shell $(MAKE) -C ../../../lib/fortcrypt --no-print-directory cilib_name)
-ifeq ($(ctmp), $(patsubst /%,/,$(ctmp)))
-  CILIB := ../../../lib/fortcrypt/$(ctmp)
-else
-  CILIB := $(ctmp)
-endif
-
-EXTRA_LIBS += $(CILIB) 
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../../platrules.mk
-
diff --git a/security/nss/cmd/swfort/newuser/manifest.mn b/security/nss/cmd/swfort/newuser/manifest.mn
deleted file mode 100644
index d48803b1e..000000000
--- a/security/nss/cmd/swfort/newuser/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-DEFINES += -DNSPR20
-
-MODULE = security
-
-CSRCS = newuser.c mktst.c
-
-REQUIRES = security nspr dbm seccmd
-
-PROGRAM = newuser
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/swfort/newuser/mktst.c b/security/nss/cmd/swfort/newuser/mktst.c
deleted file mode 100644
index 6e111d3dd..000000000
--- a/security/nss/cmd/swfort/newuser/mktst.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-
-#include "prio.h"
-#include "swforti.h"
-#include "maci.h"
-#include "secder.h"
-#include "blapi.h"
-
-void
-printkey(char *s, unsigned char *block) {
- int i;
- printf("%s \n  0x",s);
- for(i=0; i < 10; i++) printf("%02x",block[i]);
- printf("\n");
-}
-
-void
-printblock(char *s, unsigned char *block) {
- int i;
- printf("%s \n  0x",s);
- for(i=0; i < 8; i++) printf("%02x",block[i]);
- printf("\n  0x");
- for(i=8; i < 16; i++) printf("%02x",block[i]);
- printf("\n");
-}
-
-
-static char *leafbits="THIS IS NOT LEAF";
-
-static void
-encryptCertEntry(fortProtectedData *pdata,FORTSkipjackKeyPtr Ks,
-						unsigned char *data,int len)
-{
-    unsigned char *dataout;
-    int enc_len;
-	/* XXX Make length */
-    pdata->dataIV.data = PORT_ZAlloc(24);
-    pdata->dataIV.len = 24;
-    PORT_Memcpy(pdata->dataIV.data,leafbits,SKIPJACK_LEAF_SIZE);
-    fort_GenerateRandom(&pdata->dataIV.data[SKIPJACK_LEAF_SIZE],
-						SKIPJACK_BLOCK_SIZE);
-    enc_len = (len + (SKIPJACK_BLOCK_SIZE-1)) & ~(SKIPJACK_BLOCK_SIZE-1);
-    dataout = pdata->dataEncryptedWithKs.data = PORT_ZAlloc(enc_len);
-    pdata->dataEncryptedWithKs.len = enc_len;
-    fort_skipjackEncrypt(Ks,&pdata->dataIV.data[SKIPJACK_LEAF_SIZE],
-					enc_len, data,dataout);
-    if (len > 255) {
-	pdata->length.data = PORT_ZAlloc(2);
-	pdata->length.data[0] = (len >> 8) & 0xff;
-	pdata->length.data[1] = len & 0xff;
-	pdata->length.len = 2;
-    } else {
-	pdata->length.data = PORT_ZAlloc(1);
-	pdata->length.data[0] = len & 0xff;
-	pdata->length.len = 1;
-    }
-
-}
-    
-unsigned char issuer[30] = { 0 };
-
-void
-makeCertSlot(fortSlotEntry *entry,int index,char *label,SECItem *cert,
- FORTSkipjackKeyPtr Ks, unsigned char *xKEA, unsigned char *xDSA, 
- unsigned char *pubKey, int pubKeyLen, unsigned char *p, unsigned char *q, 
-							unsigned char *g)
-{
-    unsigned char *key; /* private key */
-
-    entry->trusted.data = PORT_Alloc(1);
-    *entry->trusted.data = index == 0 ? 1 : 0;
-    entry->trusted.len = 1;
-    entry->certificateIndex.data = PORT_Alloc(1);
-    *entry->certificateIndex.data = index;
-    entry->certificateIndex.len = 1;
-    entry->certIndex = index;
-    encryptCertEntry(&entry->certificateLabel,Ks,
-		(unsigned char *)label, strlen(label));
-    encryptCertEntry(&entry->certificateData,Ks, cert->data, cert->len);
-    if (xKEA) {
-	entry->exchangeKeyInformation = PORT_ZNew(fortKeyInformation);
-	entry->exchangeKeyInformation->keyFlags.data = PORT_ZAlloc(1);
-	entry->exchangeKeyInformation->keyFlags.data[0] = 1;
-	entry->exchangeKeyInformation->keyFlags.len = 1;
-	key = PORT_Alloc(24);
-	fort_skipjackWrap(Ks,24,xKEA,key);
-	entry->exchangeKeyInformation->privateKeyWrappedWithKs.data = key;
-	entry->exchangeKeyInformation->privateKeyWrappedWithKs.len = 24;
-	entry->exchangeKeyInformation->derPublicKey.data = pubKey;
-	entry->exchangeKeyInformation->derPublicKey.len = pubKeyLen;
-	entry->exchangeKeyInformation->p.data = p;
-	entry->exchangeKeyInformation->p.len = 128;
-	entry->exchangeKeyInformation->q.data = q;
-	entry->exchangeKeyInformation->q.len = 20;
-	entry->exchangeKeyInformation->g.data = g;
-	entry->exchangeKeyInformation->g.len = 128;
-
-	entry->signatureKeyInformation = PORT_ZNew(fortKeyInformation);
-	entry->signatureKeyInformation->keyFlags.data = PORT_ZAlloc(1);
-	entry->signatureKeyInformation->keyFlags.data[0] = 1;
-	entry->signatureKeyInformation->keyFlags.len = 1;
-	key = PORT_Alloc(24);
-	fort_skipjackWrap(Ks,24,xDSA,key);
-	entry->signatureKeyInformation->privateKeyWrappedWithKs.data = key;
-	entry->signatureKeyInformation->privateKeyWrappedWithKs.len = 24;
-	entry->signatureKeyInformation->derPublicKey.data = pubKey;
-	entry->signatureKeyInformation->derPublicKey.len = pubKeyLen;
-	entry->signatureKeyInformation->p.data = p;
-	entry->signatureKeyInformation->p.len = 128;
-	entry->signatureKeyInformation->q.data = q;
-	entry->signatureKeyInformation->q.len = 20;
-	entry->signatureKeyInformation->g.data = g;
-	entry->signatureKeyInformation->g.len = 128;
-    } else {
-	entry->exchangeKeyInformation = NULL;
-        entry->signatureKeyInformation = NULL;
-    }
-    
-    return;
-}
-
-
-void
-makeProtectedPhrase(FORTSWFile *file, fortProtectedPhrase *prot_phrase,
-  	     FORTSkipjackKeyPtr Ks, FORTSkipjackKeyPtr Kinit, char *phrase)
-{
-    SHA1Context *sha;
-    unsigned char hashout[SHA1_LENGTH];
-    FORTSkipjackKey Kfek;
-    unsigned int len;
-    unsigned char cw[4];
-    unsigned char enc_version[2];
-    unsigned char *data = NULL;
-    int keySize;
-    int i,version;
-    char tmp_data[13];
-
-    if (strlen(phrase) < 12) {
-        PORT_Memset(tmp_data, ' ', sizeof(tmp_data));
-        PORT_Memcpy(tmp_data,phrase,strlen(phrase));
-        tmp_data[12] = 0;
-        phrase = tmp_data;
-    }
-
-    /* now calculate the PBE key for fortezza */
-    sha = SHA1_NewContext();
-    SHA1_Begin(sha);
-    version = DER_GetUInteger(&file->version);
-    enc_version[0] = (version >> 8) & 0xff;
-    enc_version[1] = version  & 0xff;
-    SHA1_Update(sha,enc_version,sizeof(enc_version));
-    SHA1_Update(sha,file->derIssuer.data, file->derIssuer.len);
-    SHA1_Update(sha,file->serialID.data, file->serialID.len);
-    SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
-    SHA1_End(sha,hashout,&len,SHA1_LENGTH);
-    PORT_Memcpy(Kfek,hashout,sizeof(FORTSkipjackKey));
-
-    keySize = sizeof(CI_KEY);
-    if (Kinit) keySize = SKIPJACK_BLOCK_SIZE*2;
-    data = PORT_ZAlloc(keySize);
-    prot_phrase->wrappedKValue.data = data;
-    prot_phrase->wrappedKValue.len = keySize;
-    fort_skipjackWrap(Kfek,sizeof(CI_KEY),Ks,data);
-
-    /* first, decrypt the hashed/Encrypted Memphrase */
-    data = (unsigned char *) PORT_ZAlloc(SHA1_LENGTH+sizeof(cw));
-
-    /* now build the hash for comparisons */
-    SHA1_Begin(sha);
-    SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
-    SHA1_End(sha,hashout,&len,SHA1_LENGTH);
-    SHA1_DestroyContext(sha,PR_TRUE);
-
-
-    /* now calcuate the checkword and compare it */
-    cw[0] = cw[1] = cw[2] = cw[3] = 0;
-    for (i=0; i <5 ; i++) {
-	cw[0] = cw[0] ^ hashout[i*4];
-	cw[1] = cw[1] ^ hashout[i*4+1];
-	cw[2] = cw[2] ^ hashout[i*4+2];
-	cw[3] = cw[3] ^ hashout[i*4+3];
-    }
-
-    PORT_Memcpy(data,hashout,len);
-    PORT_Memcpy(data+len,cw,sizeof(cw));
-
-    prot_phrase->memPhraseIV.data = PORT_ZAlloc(24);
-    prot_phrase->memPhraseIV.len = 24;
-    PORT_Memcpy(prot_phrase->memPhraseIV.data,leafbits,SKIPJACK_LEAF_SIZE);
-    fort_GenerateRandom(&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],
-						SKIPJACK_BLOCK_SIZE);
-    prot_phrase->kValueIV.data = PORT_ZAlloc(24);
-    prot_phrase->kValueIV.len = 24;
-    PORT_Memcpy(prot_phrase->kValueIV.data,leafbits,SKIPJACK_LEAF_SIZE);
-    fort_GenerateRandom(&prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],
-						SKIPJACK_BLOCK_SIZE);
-    fort_skipjackEncrypt(Ks,&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],
-					len+sizeof(cw), data,data);
-
-    prot_phrase->hashedEncryptedMemPhrase.data = data;
-    prot_phrase->hashedEncryptedMemPhrase.len = len+sizeof(cw);
-
-    if (Kinit) {
-        fort_skipjackEncrypt(Kinit,
-		&prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],
-                prot_phrase->wrappedKValue.len,
-                prot_phrase->wrappedKValue.data,
-                prot_phrase->wrappedKValue.data );
-    }
-
-    return;
-}
-
-
-void
-fill_in(SECItem *item,unsigned char *data, int len)
-{
-    item->data = PORT_Alloc(len);
-    PORT_Memcpy(item->data,data,len);
-    item->len = len;
-}
-
diff --git a/security/nss/cmd/swfort/newuser/newuser.c b/security/nss/cmd/swfort/newuser/newuser.c
deleted file mode 100644
index 33b6b853a..000000000
--- a/security/nss/cmd/swfort/newuser/newuser.c
+++ /dev/null
@@ -1,1133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-#include <fcntl.h>
-#include <sys/types.h>
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-#include "cryptint.h"
-#include "blapi.h"	/* program calls low level functions directly!*/
-#include "pk11func.h"
-#include "secmod.h"
-/*#include "secmodi.h"*/
-#include "cert.h"
-#include "key.h"
-#include "nss.h"
-#include "swforti.h"
-#include "secutil.h"
-#include "secrng.h"
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-#define MAX_PERSONALITIES 50
-typedef struct {
-    int index;
-    CI_CERT_STR label;
-    CERTCertificate *cert;
-} certlist;
-
-typedef struct {
-   int card;
-   int index;
-   CI_CERT_STR label;
-   certlist valid[MAX_PERSONALITIES];
-   int count;
-} Cert;
-
-
-#define EMAIL_OID_LEN 9
-#define EMAIL_OID 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01
-unsigned char emailAVA[127] = {
-	0x31, 6+EMAIL_OID_LEN, 	/* Set */
-	0x30, 4+EMAIL_OID_LEN,	/* Sequence */
-	0x06, EMAIL_OID_LEN, EMAIL_OID,
-	0x13, 0, /* printable String */
-};
-#define EMAIL_DATA_START 8+EMAIL_OID_LEN
-
-int emailOffset[] = { 1, 3, EMAIL_DATA_START-1 };
-int offsetCount = sizeof(emailOffset)/sizeof(emailOffset[0]);
-
-unsigned char hash[20] = { 'H', 'a', 's', 'h', ' ', 'F', 'a', 'i', 'l', 'e',
-		  'd', ' ', '*', '*', '*', '*', '*', '*', '*', '*' };
-unsigned char sig[40] = { 'H', 'a', 's', 'h', ' ', 'F', 'a', 'i', 'l', 'e',
-		 'd', ' ', '*', '*', '*', '*', '*', '*', '*', '*',
-		 '>', '>', '>', ' ', 'N', 'o', 't', ' ', 'S', 'i',
-		 'g', 'n', 'd', ' ', '<', '<', '<', ' ', ' ', ' ' };
-
-
-/*void *malloc(int); */
-
-unsigned char *data_start(unsigned char *buf, int length, int *data_length) 
-{
-    unsigned char tag;
-    int used_length= 0;
-
-    tag = buf[used_length++];
-
-    /* blow out when we come to the end */
-    if (tag == 0) {
-	return NULL;
-    }
-
-    *data_length = buf[used_length++];
-
-    if (*data_length&0x80) {
-	int  len_count = *data_length & 0x7f;
-
-	*data_length = 0;
-
-	while (len_count-- > 0) {
-	    *data_length = (*data_length << 8) | buf[used_length++];
-	} 
-    }
-
-    if (*data_length > (length-used_length) ) {
-	*data_length = length-used_length;
-	return NULL;
-    }
-
-    return (buf + used_length);	
-}
-
-unsigned char *
-GetAbove(unsigned char *cert,int cert_length,int *above_len)
-{
-	unsigned char *buf = cert;
-	int buf_length = cert_length;
-	unsigned char *tmp;
-	int len;
-
-	*above_len = 0;
-
-	/* optional serial number */
-	if ((buf[0] & 0xa0) == 0xa0) {
-	    tmp = data_start(buf,buf_length,&len);
-	    if (tmp == NULL) return NULL;
-	    buf_length -= (tmp-buf) + len;
-	    buf = tmp + len;
-	}
-        /* serial number */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* skip the OID */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* issuer */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* skip the date */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-
-	*above_len = buf - cert;
-	return cert;
-}
-
-unsigned char *
-GetSubject(unsigned char *cert,int cert_length,int *subj_len) {
-	unsigned char *buf = cert;
-	int buf_length = cert_length;
-	unsigned char *tmp;
-	int len;
-
-	*subj_len = 0;
-
-	/* optional serial number */
-	if ((buf[0] & 0xa0) == 0xa0) {
-	    tmp = data_start(buf,buf_length,&len);
-	    if (tmp == NULL) return NULL;
-	    buf_length -= (tmp-buf) + len;
-	    buf = tmp + len;
-	}
-        /* serial number */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* skip the OID */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* issuer */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* skip the date */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-
-	return data_start(buf,buf_length,subj_len);
-}
-
-unsigned char *
-GetBelow(unsigned char *cert,int cert_length,int *below_len) {
-	unsigned char *subj;
-	int subj_len;
-	unsigned char *below;
-
-	*below_len = 0;
-
-	subj = GetSubject(cert,cert_length,&subj_len);
-
-	below = subj + subj_len;
-	*below_len = cert_length - (below - cert);
-	return below;
-}
-
-unsigned char *
-GetSignature(unsigned char *sig,int sig_length,int *subj_len) {
-	unsigned char *buf = sig;
-	int buf_length = sig_length;
-	unsigned char *tmp;
-	int len;
-
-	*subj_len = 0;
-
-        /* signature oid */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-	buf_length -= (tmp-buf) + len;
-	buf = tmp + len;
-	/* signature data */
-	tmp = data_start(buf,buf_length,&len);
-	if (tmp == NULL) return NULL;
-
-	*subj_len = len -1;
-	return tmp+1;
-}
-
-int DER_Sequence(unsigned char *buf, int length) {
-    int next = 0;
-
-    buf[next++] = 0x30;
-    if (length < 0x80) {
-	buf[next++] = length;
-    } else {
-	buf[next++] = 0x82;
-	buf[next++] = (length >> 8) & 0xff;
-	buf[next++] = length & 0xff;
-    }
-    return next;
-}
-
-static
-int Cert_length(unsigned char *buf, int length) {
-    unsigned char tag;
-    int used_length= 0;
-    int data_length;
-
-    tag = buf[used_length++];
-
-    /* blow out when we come to the end */
-    if (tag == 0) {
-        return 0;
-    }
-
-    data_length = buf[used_length++];
-
-    if (data_length&0x80) {
-        int  len_count = data_length & 0x7f;
-
-        data_length = 0;
-
-        while (len_count-- > 0) {
-            data_length = (data_length << 8) | buf[used_length++];
-        }
-    }
-
-    if (data_length > (length-used_length) ) {
-        return length;
-    }
-
-    return (data_length + used_length);
-}
-
-int
-InitCard(int card, char *inpass) {
-    int cirv;
-    char buf[50];
-    char *pass;
-
-    cirv = CI_Open( 0 /* flags */, card);
-    if (cirv != CI_OK) return cirv;
-
-    if (inpass == NULL) {
-        sprintf(buf,"Enter PIN for card in socket %d: ",card);
-        pass = SECU_GetPasswordString(NULL, buf);
-
-        if (pass == NULL) {
-	    CI_Close(CI_POWER_DOWN_FLAG,card);
-	    return CI_FAIL;
-        }
-    } else pass=inpass;
-
-    cirv = CI_CheckPIN(CI_USER_PIN,(unsigned char *)pass);
-    if (cirv != CI_OK)  {
-	CI_Close(CI_POWER_DOWN_FLAG,card);
-    }
-    return cirv;
-}
-
-int
-isUser(CI_PERSON *person) {
-    return 1;
-}
-
-int
-isCA(CI_PERSON *person) {
-    return 0;
-}
-
-int FoundCert(int card, char *name, Cert *cert) {
-    CI_PERSON personalities[MAX_PERSONALITIES];
-    CI_PERSON *person;
-    int cirv;
-    int i;
-    int user_len = strlen(name);
-
-    PORT_Memset(personalities, 0, sizeof(CI_PERSON)*MAX_PERSONALITIES);
-
-    cirv = CI_GetPersonalityList(MAX_PERSONALITIES,personalities);
-    if (cirv != CI_OK) return 0;
-
-
-    cert->count = 1;
-    cert->valid[0].index = 0;
-    memcpy(cert->valid[0].label,"RRXX0000Root PAA Certificate        ",
-		sizeof(cert->valid[0].label));
-    cert->valid[0].cert = NULL;
-    for (i=0; i < MAX_PERSONALITIES; i++) {
-	person = &personalities[i];
-	if ( (PORT_Memcmp(person->CertLabel,"RRXX",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"RTXX",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"LAXX",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"INKS",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"INKX",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"ONKS",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"ONKX",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"KEAK",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"3IKX",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"DSA1",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"DSAI",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"DSAO",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"3IXS",4) == 0) ||
-	     (PORT_Memcmp(person->CertLabel,"3OXS",4) == 0) ){
-	    int index;
-
-	    cert->valid[cert->count].cert = NULL;
-	    memcpy(cert->valid[cert->count].label,
-				person->CertLabel,sizeof(person->CertLabel));
-	    for (index = sizeof(person->CertLabel)-1;
-		cert->valid[cert->count].label[index] == ' '; index--) {
-		cert->valid[cert->count].label[index] = 0;
-	    }
-	    cert->valid[cert->count++].index = person->CertificateIndex;
-	}
-    }
-    for (i=0; i < MAX_PERSONALITIES; i++) {
-	person = &personalities[i];
-	if (strncmp((char *)&person->CertLabel[8],name,user_len) == 0) {
-	    cert->card = card;
-	    cert->index = person->CertificateIndex;
-	    memcpy(&cert->label,person->CertLabel,sizeof(person->CertLabel));
-	    return 1;
-	}
-    }
-    return 0;
-}
-
-void
-Terminate(char *mess, int cirv, int card1, int card2)
-{
-    fprintf(stderr,"FAIL: %s error %d\n",mess,cirv);
-    if (card1 != -1) CI_Close(CI_POWER_DOWN_FLAG,card1);
-    if (card2 != -1) CI_Close(CI_POWER_DOWN_FLAG,card2);
-    CI_Terminate();
-    exit(1);
-}
-
-void
-usage(char *prog)
-{
-    fprintf(stderr,"usage: %s [-e email][-t transport][-u userpin][-U userpass][-s ssopin][-S ssopass][-o outfile] common_name ca_label\n",prog);
-    exit(1);
-}
-
-#define CERT_SIZE 2048	
-
-
-/* version and oid */
-unsigned char header[] = {
-    /* Cert OID */
-    0x02, 0x10,
-     0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00,
-    0x30, 0x0b, 0x06, 0x09,
-    0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13 };
-
-#define KEY_START 21
-#define KMID_OFFSET 4
-#define KEA_OFFSET 15
-#define DSA_OFFSET 148
-unsigned char key[] = {
-   /* Sequence(Constructed): 293 bytes (0x125) */
-   0x30, 0x82, 0x01, 0x25,
-   /*Sequence(Constructed): 11 bytes (0xb) */
-   0x30, 0x0b,
-   /* ObjectId(Universal): 9 bytes (0x9) */
-   0x06, 0x09,
-   0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x14,
-   /* BitString(Universal): 276 bytes (0x114) */
-   0x03, 0x82, 0x01, 0x14,
-   0x00, 0x00, 0x01, 0xef, 0x04, 0x01, 0x00, 0x01,
-   0x00, 0x00, 0x69, 0x60, 0x70, 0x00, 0x80, 0x02,
-   0x2e, 0x46, 0xb9, 0xcb, 0x22, 0x72, 0x0b, 0x1c,
-   0xe6, 0x25, 0x20, 0x16, 0x86, 0x05, 0x8e, 0x2b,
-   0x98, 0xd1, 0x46, 0x3d, 0x00, 0xb8, 0x69, 0xe1,
-   0x1a, 0x42, 0x7d, 0x7d, 0xb5, 0xbf, 0x9f, 0x26,
-   0xd3, 0x2c, 0xb1, 0x73, 0x01, 0xb6, 0xb2, 0x6f,
-   0x7b, 0xa5, 0x54, 0x85, 0x60, 0x77, 0x81, 0x8a,
-   0x87, 0x86, 0xe0, 0x2d, 0xbf, 0xdb, 0x28, 0xe8,
-   0xfa, 0x20, 0x35, 0xb4, 0xc0, 0x94, 0x10, 0x8e,
-   0x1c, 0x58, 0xaa, 0x02, 0x60, 0x97, 0xf5, 0xb3,
-   0x2f, 0xf8, 0x99, 0x29, 0x28, 0x73, 0x47, 0x36,
-   0xdd, 0x1d, 0x78, 0x95, 0xeb, 0xb8, 0xec, 0x45,
-   0x96, 0x69, 0x6f, 0x54, 0xc8, 0x1f, 0x2d, 0x3a,
-   0xd9, 0x0e, 0x8e, 0xaa, 0x59, 0x11, 0x8c, 0x3b,
-   0x8d, 0xa4, 0xed, 0xf2, 0x7d, 0xdc, 0x42, 0xaa,
-   0xa4, 0xd2, 0x1c, 0xb9, 0x87, 0xd0, 0xd9, 0x3d,
-   0x8e, 0x89, 0xbb, 0x06, 0x54, 0xcf, 0x32, 0x00,
-   0x02, 0x00, 0x00, 0x80, 0x0b, 0x80, 0x6c, 0x0f,
-   0x71, 0xd1, 0xa1, 0xa9, 0x26, 0xb4, 0xf1, 0xcd,
-   0x6a, 0x7a, 0x09, 0xaa, 0x58, 0x28, 0xd7, 0x35,
-   0x74, 0x8e, 0x7c, 0x83, 0xcb, 0xfe, 0x00, 0x3b,
-   0x62, 0x00, 0xfb, 0x90, 0x37, 0xcd, 0x93, 0xcf,
-   0xf3, 0xe4, 0x6d, 0x8d, 0xdd, 0xb8, 0x53, 0xe0,
-   0x5c, 0xda, 0x1a, 0x7e, 0x56, 0x03, 0x95, 0x03,
-   0x2f, 0x74, 0x86, 0xb1, 0xa0, 0xbb, 0x05, 0x91,
-   0xe4, 0x76, 0x83, 0xe6, 0x62, 0xf9, 0x12, 0x64,
-   0x5a, 0x62, 0xd8, 0x94, 0x04, 0x1f, 0x83, 0x02,
-   0x2e, 0xc5, 0xa7, 0x17, 0x46, 0x46, 0x21, 0x96,
-   0xc3, 0xa9, 0x8e, 0x92, 0x18, 0xd1, 0x52, 0x08,
-   0x1d, 0xff, 0x8e, 0x24, 0xdb, 0x6c, 0xd8, 0xfe,
-   0x80, 0x93, 0xe1, 0xa5, 0x4a, 0x0a, 0x37, 0x24,
-   0x18, 0x07, 0xbe, 0x0f, 0xaf, 0x73, 0xea, 0x50,
-   0x64, 0xa1, 0xb3, 0x77, 0xe5, 0x41, 0x02, 0x82,
-   0x39, 0xb9, 0xe3, 0x94 
-};
-
-unsigned char valitity[] = {
-   0x30, 0x1e,
-   0x17, 0x0d,
-   '2','0','0','0','0','1','0','1','0','0','0','0','Z',
-   0x17, 0x0d,
-   '2','0','0','5','1','2','0','1','0','0','0','0','Z'
-};
-
-
-unsigned char cnam_oid[] = { 0x06, 0x03, 0x55, 0x04, 0x03 };
-
-unsigned char signature[] = {
-    /* the OID */
-    0x30, 0x0b, 0x06, 0x09,
-    0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13,
-    /* signature wrap */
-    0x03, 0x29, 0x00,
-    /* 40 byte dsa signature */
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-
-unsigned char fortezza_oid [] = {
-    0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13
-};
-
-unsigned char software_ou[] = {
-    0x31, 26, 0x30, 24,
-    0x06, 0x03, 0x55, 0x04, 0x0b,
-    0x13, 17, 
-      'S','o','f','t','w',
-      'a','r','e',' ','F',
-      'O','R','T','E','Z','Z','A'
-};
-
-
-char letterarray[] = {
-	'a','b','c','d','e','f','g','h','i','j','k','l','m','n',
-	'o','p','q','r','s','t','u','v','w','x','y','z' };
-
-char constarray[] = {
-	'b','c','d','f','g','h','j','k','l','m','n',
-	'p','q','r','s','t','v','w','x','y','z' };
-
-char vowelarray[] = {
-	'a','e','i','o','u','y' };
-
-char digitarray[] = {
-	'0','1','2','3','4','5','6','7','8','9' };
-
-unsigned long
-getRandom(unsigned long max) {
-	unsigned short data;
-	unsigned long result;
-
-	fort_GenerateRandom((unsigned char *)&data,sizeof(data));
-
-	result = (unsigned long)data * max;
-	result = result >> 16;
-	return result;
-}
-
-
-char getLetter(void)
-{
-   return letterarray[getRandom(sizeof(letterarray))];
-}
-char getVowel(void)
-{
-   return vowelarray[getRandom(sizeof(vowelarray))];
-}
-char getDigit(void)
-{
-   return digitarray[getRandom(sizeof(digitarray))];
-}
-
-char getConst(void)
-{
-   return constarray[getRandom(sizeof(constarray))];
-}
-
-char *getPinPhrase(void)
-{
-    char * pass = PORT_ZAlloc(5);
-
-    pass[0] = getDigit();
-    pass[1] = getDigit();
-    pass[2] = getDigit();
-    pass[3] = getDigit();
-
-    return pass;
-}
-
-char *getPassPhrase(void)
-{
-    char * pass = PORT_ZAlloc(13);
-
-    pass[0] = getConst()+'A'-'a';
-    pass[1] = getVowel();
-    pass[2] = getConst();
-    pass[3] = getVowel();
-    pass[4] = getConst();
-    pass[5] = getVowel();
-    pass[6] = getConst();
-    pass[7] = getDigit();
-    pass[8] = getDigit();
-    pass[9] = getDigit();
-    pass[10] = getDigit();
-    pass[11] = getLetter()+'A'-'a';
-
-    return pass;
-}
-
-extern void
-makeCertSlot(fortSlotEntry *   entry,
-		int            index,
-		char *         label,
-		SECItem *      cert,
- 		FORTSkipjackKeyPtr Ks, 
-		unsigned char *xKEA, 
-		unsigned char *xDSA, 
- 		unsigned char *pubKey, 
-		int            pubKeyLen, 
-		unsigned char *p, 
-		unsigned char *q, 
-		unsigned char *g);
-
-extern void
-makeProtectedPhrase(FORTSWFile *     file, 
-		fortProtectedPhrase *prot_phrase,
-  	     	FORTSkipjackKeyPtr   Ks, 
-		FORTSkipjackKeyPtr   Kinit, 
-		char *               phrase);
-
-extern void
-fill_in(SECItem *item, unsigned char *data, int len);
-
-char *userLabel = "INKS0002                            ";
-int main(int argc, char **argv)
-{
-	char *progname = *argv++;
-	char *commonName = NULL;
-	char *caname = NULL;
-	char *email = NULL;
-	char *outname = NULL;
-	char *cp;
-	int arg_count = 0;
-	Cert caCert;
-        SECItem userCert;
-	int cirv,i;
-	int cards, start;
-	unsigned char *subject;
-	int            subject_len;
-	int            signature_len = sizeof(signature);
-	int            newSubject_len, newCertBody_len, len;
-	int            cname1_len, cname_len, pstring_len;
-	int            valitity_len = sizeof(valitity);
-	unsigned char origCert[CERT_SIZE];
-	unsigned char newSubject[CERT_SIZE];
-	unsigned char newCertBody[CERT_SIZE];
-	unsigned char newCert[CERT_SIZE];
-	unsigned char pstring[CERT_SIZE];
-	unsigned char cname1[CERT_SIZE];
-	unsigned char cname[CERT_SIZE];
-	CERTCertificate *myCACert = NULL;
-	CERTCertificate *cert;
-	CERTCertDBHandle *certhandle;
-	SECStatus rv;
-	unsigned char serial[16];
-	SECKEYPublicKey *pubKey;
-	DSAPrivateKey *keaPrivKey;
-	DSAPrivateKey *dsaPrivKey;
-	CI_RANDOM randomVal;
-	PQGParams *params;
-	int pca_index = -1;
-	unsigned char *p,*q,*g;
-	FORTSkipjackKey Ks;
-	FORTSkipjackKey Kinit;
-        FORTSWFile *file;
-        FORTSignedSWFile *signed_file;
-        FORTSignedSWFile *signed_file2;
-	unsigned char random[20];
-	unsigned char vers;
-	unsigned char *data;
-	char *transportPin=NULL;
-	char *ssoMemPhrase=NULL;
-	char *userMemPhrase=NULL;
-	char *ssoPin=NULL;
-	char *userPin=NULL;
-	char *pass=NULL;
-	SECItem *outItem;
-	int email_len = 0;
-	int emailAVA_len = 0;
-
-   
-    /* put better argument parsing here */
-    while ((cp = *argv++) != NULL) {
-	if (*cp == '-') {
-	    while (*++cp) {
-		switch (*cp) {
-		/* verbose mode */
-		case 'e':
-		    email = *argv++;
-		    break;
-		/* explicitly set the target */
-		case 'o':
-		    outname = *argv++;
-		    break;
-		case 't':
-		/* provide password on command line */
-		    transportPin = *argv++;
-		    break;
-		case 'u':
-		/* provide user password on command line */
-		    userPin = *argv++;
-		    break;
-		case 'U':
-		/* provide user password on command line */
-		    userMemPhrase = *argv++;
-		    break;
-		case 's':
-		/* provide user password on command line */
-		    ssoPin = *argv++;
-		    break;
-		case 'S':
-		/* provide user password on command line */
-		    ssoMemPhrase = *argv++;
-		    break;
-		case 'p':
-		/* provide card password on command line */
-		    pass = *argv++;
-		    break;
-		case 'd':
-		    transportPin="test1234567890";
-		    ssoMemPhrase="sso1234567890";
-		    userMemPhrase="user1234567890";
-		    ssoPin="9999";
-		    userPin="0000";
-		    break;
-		default:
-		    usage(progname);
-		    break;
-		}
-	    }
-	} else switch (arg_count++) {
-	    case 0:
-		commonName = cp;
-		break;
-	    case 1:
-		caname = cp;
-		break;
-	    default:
-		usage(progname);
-	} 
-    }
-
-    if (outname == NULL) outname = "swfort.sfi";
-    if (caname == NULL) usage(progname);
-
-
-
-	caCert.card = -1;
-	memset(newCert,0,CERT_SIZE);
-
-	if (commonName == NULL) usage(progname);
-	
-
-	cirv = CI_Initialize(&cards);
-
-        start = 0;
-	for (i=0; i < cards; i++) {
-	    cirv = InitCard(i+1,pass);
-	    if (cirv == CI_OK) {
-	      if (FoundCert(i+1,caname,&caCert)) {
-		break;
-	      }
-	    }
-	}
-	   
-	if (caCert.card == -1) {
-	   fprintf(stderr,
-	"WARNING: Couldn't find Signing CA...new cert will not be signed\n");
-	}
-
-
-	/*
-	 * initialize enough security to deal with certificates.
-	 */
-	NSS_NoDB_Init(NULL);
-	certhandle = CERT_GetDefaultCertDB();
-	if (certhandle == NULL) {
-	    Terminate("Couldn't build temparary Cert Database", 
-						1, -1, caCert.card);
-	    exit(1);
-	}
-
-	CI_GenerateRandom(random);
-	RNG_RandomUpdate(random,sizeof(random));
-	CI_GenerateRandom(random);
-	RNG_RandomUpdate(random,sizeof(random));
-
-
-    if (transportPin == NULL) transportPin = getPassPhrase();
-    if (ssoMemPhrase == NULL) ssoMemPhrase = getPassPhrase();
-    if (userMemPhrase == NULL) userMemPhrase = getPassPhrase();
-    if (ssoPin == NULL) ssoPin = getPinPhrase();
-    if (userPin == NULL) userPin = getPinPhrase();
-
-
-
-	/* now dump the certs into the temparary data base */
-	for (i=0; i < caCert.count; i++) {
-	    int trusted = 0;
-    	    SECItem derCert;
-
-	    cirv = CI_Select(caCert.card);
-	    if (cirv != CI_OK) {
-		Terminate("Couldn't select on CA card",cirv, 
-					-1, caCert.card);
-	    }
-	    cirv = CI_GetCertificate(caCert.valid[i].index,origCert);
-            if (cirv != CI_OK) {
-		continue;
-	    }
-	    derCert.data = origCert;
-	    derCert.len = Cert_length(origCert, sizeof(origCert));
-	    cert = 
-	(CERTCertificate *)CERT_NewTempCertificate(certhandle,&derCert, NULL, 
-							PR_FALSE, PR_TRUE);
-	    caCert.valid[i].cert = cert;
-	    if (cert == NULL) continue;
-            if (caCert.valid[i].index == caCert.index) myCACert=cert;
-	    if (caCert.valid[i].index == atoi((char *)&caCert.label[4]))
-				 pca_index = i;
-	}
-
-	if (myCACert == NULL) {
-	   Terminate("Couldn't find CA's Certificate", 1, -1, caCert.card);
-	   exit(1);
-	}
-
-	
-        /*
-	 * OK now build the user cert.
-	 */
-	/* first get the serial number and KMID */
-        cirv = CI_GenerateRandom(randomVal);
-	memcpy(&header[2],randomVal,sizeof(serial));
-	memcpy(serial,randomVal,sizeof(serial));
-	memcpy(&key[KEY_START+KMID_OFFSET],randomVal+sizeof(serial),7);
-							 /* KMID */
-
-	/* now generate the keys */
-	pubKey = CERT_ExtractPublicKey(myCACert);
-	if (pubKey == NULL) {
-	   Terminate("Couldn't extract CA's public key", 
-						1, -1, caCert.card);
-	   exit(1);
-	}
-
-
-	switch (pubKey->keyType) {
-	case fortezzaKey:
-	    params = (PQGParams *)&pubKey->u.fortezza.params;
-	    break;
-	case dsaKey:
-	    params = (PQGParams *)&pubKey->u.dsa.params;
-	    break;
-	default:
-	   Terminate("Certificate is not a fortezza or DSA Cert",
-					1, -1, caCert.card);
-	   exit(1);
-	}
-
-	rv = DSA_NewKey(params,&keaPrivKey);
-	if (rv != SECSuccess) {
-	   Terminate("Couldn't Generate KEA key", 
-					PORT_GetError(), -1, caCert.card);
-	   exit(1);
-	}
-	rv = DSA_NewKey(params,&dsaPrivKey);
-	if (rv != SECSuccess) {
-	   Terminate("Couldn't Generate DSA key", 
-					PORT_GetError(), -1, caCert.card);
-	   exit(1);
-	}
-
-	if (keaPrivKey->publicValue.len == 129) 
-					keaPrivKey->publicValue.data++;
-	if (dsaPrivKey->publicValue.len == 129) 
-					dsaPrivKey->publicValue.data++;
-	if (keaPrivKey->privateValue.len == 21) 
-					keaPrivKey->privateValue.data++;
-	if (dsaPrivKey->privateValue.len == 21) 
-					dsaPrivKey->privateValue.data++;
-
-	/* save the parameters */
-	p = params->prime.data;
-	if (params->prime.len == 129) p++;
-	q = params->subPrime.data;
-	if (params->subPrime.len == 21) q++;
-	g = params->base.data;
-	if (params->base.len == 129) g++;
-
-	memcpy(&key[KEY_START+KEA_OFFSET],
-			keaPrivKey->publicValue.data,
-			keaPrivKey->publicValue.len);
-	memcpy(&key[KEY_START+DSA_OFFSET],
-			dsaPrivKey->publicValue.data,
-			dsaPrivKey->publicValue.len);
-
-	/* build the der subject */
-	subject = data_start(myCACert->derSubject.data,myCACert->derSubject.len,
-		&subject_len);
-
-	/* build the new Common name AVA */
-	len = DER_Sequence(pstring,strlen(commonName));
-	memcpy(pstring+len,commonName,strlen(commonName));
-					 len += strlen(commonName);
-	pstring_len = len;
-	pstring[0] = 0x13;
-
-	len = DER_Sequence(cname1,sizeof(cnam_oid)+pstring_len);
-	memcpy(cname1+len,cnam_oid,sizeof(cnam_oid)); len += sizeof(cnam_oid);
-	memcpy(cname1+len,pstring,pstring_len); len += pstring_len;
-	cname1_len = len;
-
-	len = DER_Sequence(cname, cname1_len);
-	memcpy(cname+len,cname1,cname1_len); len += cname1_len;
-	cname_len = len;
-	cname[0] = 0x31; /* make it a set rather than a sequence */
-
-	if (email) {
-	    email_len = strlen(email);
-	    emailAVA_len = EMAIL_DATA_START + email_len;
-	}
-
-	/* now assemble it */
-	len = DER_Sequence(newSubject,subject_len + sizeof(software_ou) +
-				cname_len + emailAVA_len);
-	memcpy(newSubject+len,subject,subject_len);
-
-	for (i=0; i < subject_len; i++) {
-	   if (memcmp(newSubject+len+i,cnam_oid,sizeof(cnam_oid)) == 0) {
-		newSubject[i+len+4] = 0x0b; /* change CN to OU */
-		break;
-	   }
-	}
-	len += subject_len;
-	memcpy(newSubject+len,software_ou,sizeof(software_ou)); 
-						len += sizeof(software_ou);
-	memcpy(newSubject+len,cname,cname_len); len += cname_len;
-	newSubject_len = len;
-
-	/*
-	 * build the email AVA
-	 */
-	if (email) {
-	    memcpy(&emailAVA[EMAIL_DATA_START],email,email_len);
-	    for (i=0; i < offsetCount; i++) {
-		emailAVA[emailOffset[i]] += email_len;
-	    }
-	    memcpy(newSubject+len,emailAVA,emailAVA_len);
-	    newSubject_len += emailAVA_len;
-	}
-
-
-	/*
-	 * Assemble the Cert
-	 */
-
-	len = DER_Sequence(newCertBody,sizeof(header)+newSubject_len+
-	   valitity_len+myCACert->derSubject.len+sizeof(key));
-	memcpy(newCertBody+len,header,sizeof(header));len += sizeof(header);
-	memcpy(newCertBody+len,myCACert->derSubject.data,
-		myCACert->derSubject.len);len += myCACert->derSubject.len;
-	memcpy(newCertBody+len,valitity,valitity_len);len += valitity_len;
-	memcpy(newCertBody+len,newSubject,newSubject_len);
-						len += newSubject_len;
-	memcpy(newCertBody+len,key,sizeof(key));len += sizeof(key);
-	newCertBody_len = len;
-
-
-	/*
-	 * generate the hash
-	 */
-	cirv = CI_InitializeHash();
-	if (cirv == CI_OK) {
-	    int hash_left = newCertBody_len & 63;
-	    int hash_len = newCertBody_len - hash_left;
-	    cirv = CI_Hash(hash_len,newCertBody);
-	    if (cirv == CI_OK) {
-		cirv = CI_GetHash(hash_left,newCertBody+hash_len,hash);
-	    }
-	}
-
-	/*
-	 * now sign the hash
-	 */
-	if ((cirv == CI_OK) && (caCert.card != -1)) {
-	    cirv = CI_Select(caCert.card);
-	    if (cirv == CI_OK) {
-		cirv = CI_SetPersonality(caCert.index);
-		if (cirv == CI_OK) {
-		    cirv = CI_Sign(hash,sig);
-		}
-	    }
-	} else cirv = -1;
-
-	if (cirv != CI_OK) {
-	   memcpy(sig,hash,sizeof(hash));
-	}
-
-	/*
-	 * load in new signature
-	 */
-	{
-	    int sig_len;
-	    unsigned char *sig_start = 
-			GetSignature(signature,signature_len,&sig_len);
-	    memcpy(sig_start,sig,sizeof(sig));
-	}
-
-	/*
-	 * now do the final wrap
-	 */
-	len = DER_Sequence(newCert,newCertBody_len+signature_len);
-	memcpy(newCert+len,newCertBody,newCertBody_len); len += newCertBody_len;
-	memcpy(newCert+len, signature, signature_len); len +=signature_len;
-	userCert.data = newCert;
-	userCert.len = len;
-
-
-	/* OK, we now have our cert, let's go build our software file */
-	signed_file = PORT_ZNew(FORTSignedSWFile);
-	file = &signed_file->file;
-
-	signed_file->signatureWrap.signature.data  = PORT_ZAlloc(40);
-	signed_file->signatureWrap.signature.len  = 40;
-	signed_file->signatureWrap.signatureAlgorithm.algorithm.data  =
-                                       fortezza_oid;
-	signed_file->signatureWrap.signatureAlgorithm.algorithm.len = 
-					sizeof(fortezza_oid);
-
-        vers = 1;
-	fill_in(&file->version,&vers,1);
-	file->derIssuer.data = myCACert->derSubject.data;
-	file->derIssuer.len = myCACert->derSubject.len;
-	file->serialID.data = serial;
-	file->serialID.len =sizeof(serial);
-	/* generate out Ks value */
-	fort_GenerateRandom(Ks,sizeof(Ks));
-	makeProtectedPhrase(file,&file->initMemPhrase,Kinit,NULL,transportPin);
-	makeProtectedPhrase(file,&file->ssoMemPhrase,Ks,Kinit,ssoMemPhrase);
-	makeProtectedPhrase(file,&file->ssoPinPhrase,Ks,Kinit,ssoPin);
-	makeProtectedPhrase(file,&file->userMemPhrase,Ks,Kinit,userMemPhrase);
-	makeProtectedPhrase(file,&file->userPinPhrase,Ks,Kinit,userPin);
-	file->wrappedRandomSeed.data = PORT_ZAlloc(12);
-	file->wrappedRandomSeed.len = 12;
-        cirv = fort_GenerateRandom(file->wrappedRandomSeed.data,10);
-	if (cirv != CI_OK) {
-	   Terminate("Couldn't get Random Seed", 
-					cirv, -1, caCert.card);
-	}
-	fort_skipjackWrap(Ks,12,file->wrappedRandomSeed.data,
-                                file->wrappedRandomSeed.data);
-	file->slotEntries = PORT_ZAlloc(sizeof(fortSlotEntry *)*5);
-	/* paa */
-	file->slotEntries[0] = PORT_ZNew(fortSlotEntry);
-	makeCertSlot(file->slotEntries[0],0,
-				(char *)caCert.valid[0].label,
-				&caCert.valid[0].cert->derCert,
-						Ks,NULL,NULL,NULL,0,p,q,g);
-	/* pca */
-	file->slotEntries[1] = PORT_ZNew(fortSlotEntry);
-	makeCertSlot(file->slotEntries[1],1,
-				(char *)caCert.valid[pca_index].label,
-				&caCert.valid[pca_index].cert->derCert,
-						Ks,NULL,NULL,NULL,0,p,q,g);
-	/* ca */
-	file->slotEntries[2] = PORT_ZNew(fortSlotEntry);
-	/* make sure the caCert lable points to our new pca slot location */
-	caCert.label[4] = '0';
-	caCert.label[5] = '0';
-	caCert.label[6] = '0';
-	caCert.label[7] = '1';
-	makeCertSlot(file->slotEntries[2],2,(char *)caCert.label,
-				&myCACert->derCert,Ks,NULL,NULL,NULL,0,p,q,g);
-	/* user */
-	file->slotEntries[3] = PORT_ZNew(fortSlotEntry);
-	strncpy(&userLabel[8],commonName,sizeof(CI_PERSON)-8);
-	makeCertSlot(file->slotEntries[3],3,userLabel,&userCert,Ks,
-		keaPrivKey->privateValue.data,
-		dsaPrivKey->privateValue.data,
-		key, sizeof(key), p, q, g);
-	file->slotEntries[4] = 0;
-
-	/* encode the file so we can sign it */
-	outItem = FORT_PutSWFile(signed_file);
-
-	/* get the der encoded data to sign */
-	signed_file2 = FORT_GetSWFile(outItem);
-
-	/* now sign it */
-	len = signed_file2->signatureWrap.data.len;
-	data = signed_file2->signatureWrap.data.data;
-	/*
-	 * generate the hash
-	 */
-	cirv = CI_InitializeHash();
-	if (cirv == CI_OK) {
-	    int hash_left = len & 63;
-	    int hash_len = len - hash_left;
-	    cirv = CI_Hash(hash_len,data);
-	    if (cirv == CI_OK) {
-		cirv = CI_GetHash(hash_left,data+hash_len,hash);
-	    }
-	}
-
-	/*
-	 * now sign the hash
-	 */
-	if ((cirv == CI_OK) && (caCert.card != -1)) {
-	    cirv = CI_Select(caCert.card);
-	    if (cirv == CI_OK) {
-		cirv = CI_SetPersonality(caCert.index);
-		if (cirv == CI_OK) {
-		    cirv = CI_Sign(hash,sig);
-		}
-	    }
-	} else cirv = -1;
-
-	if (cirv != CI_OK) {
-	   memcpy(sig,hash,sizeof(hash));
-	}
-	memcpy( signed_file->signatureWrap.signature.data,sig,sizeof(sig));
-	signed_file->signatureWrap.signature.len = sizeof(sig)*8; 
-
-
-	/* encode it for the last time */
-	outItem = FORT_PutSWFile(signed_file);
-
-
-	/*
-	 * write it out to the .sfi file
-	 */
-	{
-	    int fd = open(outname,O_WRONLY|O_CREAT|O_BINARY,0777);
-
-	    write(fd,outItem->data,outItem->len);
-	    close(fd);
-	}
-	CI_Close(CI_POWER_DOWN_FLAG,caCert.card);
-	CI_Terminate();
-
-	printf("Wrote %s to file %s.\n",commonName,outname);
-	printf("Initialization Memphrase: %s\n",transportPin);
-	printf("SSO Memphrase: %s\n",ssoMemPhrase);
-	printf("User Memphrase: %s\n",userMemPhrase);
-	printf("SSO pin: %s\n",ssoPin);
-	printf("User pin: %s\n",userPin);
-
-	return 0;
-}
-
diff --git a/security/nss/cmd/tests/Makefile b/security/nss/cmd/tests/Makefile
deleted file mode 100644
index da66e20df..000000000
--- a/security/nss/cmd/tests/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/tests/manifest.mn b/security/nss/cmd/tests/manifest.mn
deleted file mode 100644
index 528cc7678..000000000
--- a/security/nss/cmd/tests/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = vercrt.c \
-	vercrtfps.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAMS = $(CSRCS:.c=)
-
-TARGETS = $(PROGRAMS)
-
-NO_MD_RELEASE = 1
diff --git a/security/nss/cmd/tstclnt/Makefile b/security/nss/cmd/tstclnt/Makefile
deleted file mode 100644
index 8a0332d89..000000000
--- a/security/nss/cmd/tstclnt/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include ../platlibs.mk
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET)))  # omits WINCE
-ifndef BUILD_OPT
-LDFLAGS   +=  /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/tstclnt/makefile.win b/security/nss/cmd/tstclnt/makefile.win
deleted file mode 100644
index 6cf6c12cf..000000000
--- a/security/nss/cmd/tstclnt/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE	= 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = tstclnt
-PROGRAM	= ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS	= $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util  \
- $(NULL)
-
-
-WINFE	= $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB	= \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS	= $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL	= $(MAKE_INSTALL)
-
-objs:	$(OBJS)
-
-$(PROGRAM)::
-	$(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
-	$(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
-	@echo "CSRCS	= $(CSRCS)"
-	@echo "INCS	= $(INCS)"
-	@echo "OBJS	= $(OBJS)"
-	@echo "LIBRARY	= $(LIBRARY)"
-	@echo "PROGRAM	= $(PROGRAM)"
-	@echo "TARGETS	= $(TARGETS)"
-	@echo "DIST	= $(DIST)"
-	@echo "VERSION_NUMBER	= $(VERSION_NUMBER)"
-	@echo "WINFE	= $(WINFE)"
-	@echo "DBM_LIB	= $(DBM_LIB)"
-	@echo "INSTALL	= $(INSTALL)"
-
diff --git a/security/nss/cmd/tstclnt/manifest.mn b/security/nss/cmd/tstclnt/manifest.mn
deleted file mode 100644
index 00378736a..000000000
--- a/security/nss/cmd/tstclnt/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-# DIRS = 
-
-CSRCS	= tstclnt.c  
-
-PROGRAM	= tstclnt
-
diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c
deleted file mode 100644
index 4598fdcc2..000000000
--- a/security/nss/cmd/tstclnt/tstclnt.c
+++ /dev/null
@@ -1,731 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-**
-** Sample client side test program that uses SSL and libsec
-**
-*/
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#else
-#include "ctype.h"	/* for isalpha() */
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-#include "plgetopt.h"
-
-#define PRINTF  if (verbose)  printf
-#define FPRINTF if (verbose) fprintf
-
-#define MAX_WAIT_FOR_SERVER 600
-#define WAIT_INTERVAL       100
-
-int ssl2CipherSuites[] = {
-    SSL_EN_RC4_128_WITH_MD5,			/* A */
-    SSL_EN_RC4_128_EXPORT40_WITH_MD5,		/* B */
-    SSL_EN_RC2_128_CBC_WITH_MD5,		/* C */
-    SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,	/* D */
-    SSL_EN_DES_64_CBC_WITH_MD5,			/* E */
-    SSL_EN_DES_192_EDE3_CBC_WITH_MD5,		/* F */
-    0
-};
-
-int ssl3CipherSuites[] = {
-    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,	/* a */
-    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,		/* b */
-    SSL_RSA_WITH_RC4_128_MD5,			/* c */
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA,		/* d */
-    SSL_RSA_WITH_DES_CBC_SHA,			/* e */
-    SSL_RSA_EXPORT_WITH_RC4_40_MD5,		/* f */
-    SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,		/* g */
-    SSL_FORTEZZA_DMS_WITH_NULL_SHA,		/* h */
-    SSL_RSA_WITH_NULL_MD5,			/* i */
-    SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,		/* j */
-    SSL_RSA_FIPS_WITH_DES_CBC_SHA,		/* k */
-    TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,	/* l */
-    TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,	        /* m */
-    SSL_RSA_WITH_RC4_128_SHA,			/* n */
-    TLS_DHE_DSS_WITH_RC4_128_SHA,		/* o */
-    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,		/* p */
-    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,		/* q */
-    SSL_DHE_RSA_WITH_DES_CBC_SHA,		/* r */
-    SSL_DHE_DSS_WITH_DES_CBC_SHA,		/* s */
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	    	/* t */
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,       	/* u */
-    TLS_RSA_WITH_AES_128_CBC_SHA,     	    	/* v */
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	    	/* w */
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,       	/* x */
-    TLS_RSA_WITH_AES_256_CBC_SHA,     	    	/* y */
-    0
-};
-
-unsigned long __cmp_umuls;
-PRBool verbose;
-
-static char *progName;
-
-/* This exists only for the automated test suite. It allows us to
- * pass in a password on the command line. 
- */
-
-char *password = NULL;
-
-char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-	char *passwd = NULL;
-	if ( (!retry) && arg ) {
-		passwd = PL_strdup((char *)arg);
-	}
-	return passwd;
-}
-
-void printSecurityInfo(PRFileDesc *fd)
-{
-    CERTCertificate * cert;
-    SSL3Statistics * ssl3stats = SSL_GetStatistics();
-    SECStatus result;
-    SSLChannelInfo    channel;
-    SSLCipherSuiteInfo suite;
-
-    result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
-    if (result == SECSuccess && 
-        channel.length == sizeof channel && 
-	channel.cipherSuite) {
-	result = SSL_GetCipherSuiteInfo(channel.cipherSuite, 
-					&suite, sizeof suite);
-	if (result == SECSuccess) {
-	    FPRINTF(stderr, 
-	    "tstclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
-	       channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
-	       suite.effectiveKeyBits, suite.symCipherName, 
-	       suite.macBits, suite.macAlgorithmName);
-	    FPRINTF(stderr, 
-	    "tstclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
-	       channel.authKeyBits, suite.authAlgorithmName,
-	       channel.keaKeyBits,  suite.keaTypeName);
-    	}
-    }
-    cert = SSL_RevealCert(fd);
-    if (cert) {
-	char * ip = CERT_NameToAscii(&cert->issuer);
-	char * sp = CERT_NameToAscii(&cert->subject);
-        if (sp) {
-	    fprintf(stderr, "subject DN: %s\n", sp);
-	    PR_Free(sp);
-	}
-        if (ip) {
-	    fprintf(stderr, "issuer  DN: %s\n", ip);
-	    PR_Free(ip);
-	}
-	CERT_DestroyCertificate(cert);
-	cert = NULL;
-    }
-    fprintf(stderr,
-    	"%ld cache hits; %ld cache misses, %ld cache not reusable\n",
-    	ssl3stats->hsh_sid_cache_hits, ssl3stats->hsh_sid_cache_misses,
-	ssl3stats->hsh_sid_cache_not_ok);
-
-}
-
-void
-handshakeCallback(PRFileDesc *fd, void *client_data)
-{
-    printSecurityInfo(fd);
-}
-
-static void Usage(const char *progName)
-{
-    printf(
-"Usage:  %s -h host [-p port] [-d certdir] [-n nickname] [-23Tovx] \n"
-"                   [-c ciphers] [-w passwd] [-q]\n", progName);
-    printf("%-20s Hostname to connect with\n", "-h host");
-    printf("%-20s Port number for SSL server\n", "-p port");
-    printf("%-20s Directory with cert database (default is ~/.netscape)\n",
-	  "-d certdir");
-    printf("%-20s Nickname of key and cert for client auth\n", "-n nickname");
-    printf("%-20s Disable SSL v2.\n", "-2");
-    printf("%-20s Disable SSL v3.\n", "-3");
-    printf("%-20s Disable TLS (SSL v3.1).\n", "-T");
-    printf("%-20s Override bad server cert. Make it OK.\n", "-o");
-    printf("%-20s Verbose progress reporting.\n", "-v");
-    printf("%-20s Use export policy.\n", "-x");
-    printf("%-20s Ping the server and then exit.\n", "-q");
-    printf("%-20s Letter(s) chosen from the following list\n", "-c ciphers");
-    printf(
-"A    SSL2 RC4 128 WITH MD5\n"
-"B    SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C    SSL2 RC2 128 CBC WITH MD5\n"
-"D    SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E    SSL2 DES 64 CBC WITH MD5\n"
-"F    SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a    SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b    SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c    SSL3 RSA WITH RC4 128 MD5\n"
-"d    SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e    SSL3 RSA WITH DES CBC SHA\n"
-"f    SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g    SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h    SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i    SSL3 RSA WITH NULL MD5\n"
-"j    SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k    SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l    SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m    SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
-"n    SSL3 RSA WITH RC4 128 SHA\n"
-"o    TLS  DHE DSS WITH RC4 128 SHA\n"
-"p    SSL3 DHE RSA WITH 3DES EDE CBC SHA\n"
-"q    SSL3 DHE DSS WITH 3DES EDE CBC SHA\n"
-"r    SSL3 DHE RSA WITH DES CBC SHA\n"
-"s    SSL3 DHE DSS WITH DES CBC SHA\n"
-"t    TLS_DHE_DSS_WITH_AES_128_CBC_SHA\n"
-"u    TLS_DHE_RSA_WITH_AES_128_CBC_SHA\n"
-"v    TLS_RSA_WITH_AES_128_CBC_SHA\n"
-"w    TLS_DHE_DSS_WITH_AES_256_CBC_SHA\n"
-"x    TLS_DHE_RSA_WITH_AES_256_CBC_SHA\n"
-"y    TLS_RSA_WITH_AES_256_CBC_SHA\n"
-	);
-    exit(1);
-}
-
-void
-milliPause(PRUint32 milli)
-{
-    PRIntervalTime ticks = PR_MillisecondsToInterval(milli);
-    PR_Sleep(ticks);
-}
-
-void
-disableAllSSLCiphers(void)
-{
-    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
-    int             i            = SSL_NumImplementedCiphers;
-    SECStatus       rv;
-
-    /* disable all the SSL3 cipher suites */
-    while (--i >= 0) {
-	PRUint16 suite = cipherSuites[i];
-        rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
-	if (rv != SECSuccess) {
-	    PRErrorCode err = PR_GetError();
-	    printf("SSL_CipherPrefSet didn't like value 0x%04x (i = %d): %s\n",
-	    	   suite, i, SECU_Strerror(err));
-	    exit(2);
-	}
-    }
-}
-
-/*
- * Callback is called when incoming certificate is not valid.
- * Returns SECSuccess to accept the cert anyway, SECFailure to reject.
- */
-static SECStatus 
-ownBadCertHandler(void * arg, PRFileDesc * socket)
-{
-    PRErrorCode err = PR_GetError();
-    /* can log invalid cert here */
-    printf("Bad server certificate: %d, %s\n", err, SECU_Strerror(err));
-    return SECSuccess;	/* override, say it's OK. */
-}
-
-int main(int argc, char **argv)
-{
-    PRFileDesc *       s;
-    PRFileDesc *       std_out;
-    CERTCertDBHandle * handle;
-    char *             host	=  NULL;
-    char *             port	=  "443";
-    char *             certDir  =  NULL;
-    char *             nickname =  NULL;
-    char *             cipherString = NULL;
-    int                multiplier = 0;
-    SECStatus          rv;
-    PRStatus           status;
-    PRInt32            filesReady;
-    PRInt32            ip;
-    int                npds;
-    int                override = 0;
-    int                disableSSL2 = 0;
-    int                disableSSL3 = 0;
-    int                disableTLS  = 0;
-    int                useExportPolicy = 0;
-    int                file_read = 0;
-    PRSocketOptionData opt;
-    PRNetAddr          addr;
-    PRHostEnt          hp;
-    PRPollDesc         pollset[2];
-    char               buf[PR_NETDB_BUF_SIZE];
-    PRBool             useCommandLinePassword = PR_FALSE;
-    PRBool             pingServerFirst = PR_FALSE;
-    int                error=0;
-    PLOptState *optstate;
-    PLOptStatus optstatus;
-    PRStatus prStatus;
-
-    progName = strrchr(argv[0], '/');
-    if (!progName)
-	progName = strrchr(argv[0], '\\');
-    progName = progName ? progName+1 : argv[0];
-
-    optstate = PL_CreateOptState(argc, argv, "23Tfc:h:p:d:m:n:oqvw:x");
-    while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-	switch (optstate->option) {
-	  case '?':
-	  default : Usage(progName); 			break;
-
-          case '2': disableSSL2 = 1; 			break;
-
-          case '3': disableSSL3 = 1; 			break;
-
-          case 'T': disableTLS  = 1; 			break;
-
-          case 'c': cipherString = strdup(optstate->value); break;
-
-          case 'h': host = strdup(optstate->value);	break;
-#ifdef _WINDOWS
-	  case 'f': file_read = 1; 			break;
-#else
-	  case 'f': break;
-#endif
-
-	  case 'd':
-	    certDir = strdup(optstate->value);
-	    certDir = SECU_ConfigDirectory(certDir);
-	    break;
-
-	  case 'm':
-	    multiplier = atoi(optstate->value);
-	    if (multiplier < 0)
-	    	multiplier = 0;
-	    break;
-
-	  case 'n': nickname = strdup(optstate->value);	break;
-
-	  case 'o': override = 1; 			break;
-
-	  case 'p': port = strdup(optstate->value);	break;
-
-	  case 'q': pingServerFirst = PR_TRUE;          break;
-
-	  case 'v': verbose++;	 			break;
-
-	  case 'w':
-		password = PORT_Strdup(optstate->value);
-		useCommandLinePassword = PR_TRUE;
-		break;
-
-	  case 'x': useExportPolicy = 1; 		break;
-	}
-    }
-    if (optstatus == PL_OPT_BAD)
-	Usage(progName);
-
-    if (!host || !port) Usage(progName);
-
-    if (!certDir) {
-	certDir = SECU_DefaultSSLDir();	/* Look in $SSL_DIR */
-	certDir = SECU_ConfigDirectory(certDir); /* call even if it's NULL */
-    }
-
-    PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
-    /* set our password function */
-	if ( useCommandLinePassword ) {
-		PK11_SetPasswordFunc(ownPasswd);
-	} else {
-    	PK11_SetPasswordFunc(SECU_GetModulePassword);
-	}
-
-    /* open the cert DB, the key DB, and the secmod DB. */
-    rv = NSS_Init(certDir);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "unable to open cert database");
-#if 0
-    rv = CERT_OpenVolatileCertDB(handle);
-	CERT_SetDefaultCertDB(handle);
-#else
-	return 1;
-#endif
-    }
-    handle = CERT_GetDefaultCertDB();
-
-    /* set the policy bits true for all the cipher suites. */
-    if (useExportPolicy)
-	NSS_SetExportPolicy();
-    else
-	NSS_SetDomesticPolicy();
-
-    /* all the SSL2 and SSL3 cipher suites are enabled by default. */
-    if (cipherString) {
-	/* disable all the ciphers, then enable the ones we want. */
-	disableAllSSLCiphers();
-    }
-
-    /* Lookup host */
-    status = PR_GetHostByName(host, buf, sizeof(buf), &hp);
-    if (status != PR_SUCCESS) {
-	SECU_PrintError(progName, "error looking up host");
-	return 1;
-    }
-    if (PR_EnumerateHostEnt(0, &hp, atoi(port), &addr) == -1) {
-	SECU_PrintError(progName, "error looking up host address");
-	return 1;
-    }
-
-    ip = PR_ntohl(addr.inet.ip);
-    PRINTF("%s: connecting to %s:%d (address=%d.%d.%d.%d)\n",
-	   progName, host, PR_ntohs(addr.inet.port),
-	   (ip >> 24) & 0xff,
-	   (ip >> 16) & 0xff,
-	   (ip >>  8) & 0xff,
-	   (ip >>  0) & 0xff);
-
-    if (pingServerFirst) {
-	int iter = 0;
-	PRErrorCode err;
-	do {
-	    s = PR_NewTCPSocket();
-	    if (s == NULL) {
-		SECU_PrintError(progName, "Failed to create a TCP socket");
-	    }
-	    opt.option             = PR_SockOpt_Nonblocking;
-	    opt.value.non_blocking = PR_FALSE;
-	    prStatus = PR_SetSocketOption(s, &opt);
-	    if (prStatus != PR_SUCCESS) {
-		PR_Close(s);
-		SECU_PrintError(progName, 
-		                "Failed to set blocking socket option");
-		return 1;
-	    }
-	    prStatus = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
-	    if (prStatus == PR_SUCCESS) {
-    		PR_Shutdown(s, PR_SHUTDOWN_BOTH);
-    		PR_Close(s);
-    		NSS_Shutdown();
-    		PR_Cleanup();
-		return 0;
-	    }
-	    err = PR_GetError();
-	    if ((err != PR_CONNECT_REFUSED_ERROR) && 
-	        (err != PR_CONNECT_RESET_ERROR)) {
-		SECU_PrintError(progName, "TCP Connection failed");
-		return 1;
-	    }
-	    PR_Close(s);
-	    PR_Sleep(PR_MillisecondsToInterval(WAIT_INTERVAL));
-	} while (++iter < MAX_WAIT_FOR_SERVER);
-	SECU_PrintError(progName, 
-                     "Client timed out while waiting for connection to server");
-	return 1;
-    }
-
-    /* Create socket */
-    s = PR_NewTCPSocket();
-    if (s == NULL) {
-	SECU_PrintError(progName, "error creating socket");
-	return 1;
-    }
-
-    opt.option = PR_SockOpt_Nonblocking;
-    opt.value.non_blocking = PR_TRUE;
-    PR_SetSocketOption(s, &opt);
-    /*PR_SetSocketOption(PR_GetSpecialFD(PR_StandardInput), &opt);*/
-
-    s = SSL_ImportFD(NULL, s);
-    if (s == NULL) {
-	SECU_PrintError(progName, "error importing socket");
-	return 1;
-    }
-
-    rv = SSL_OptionSet(s, SSL_SECURITY, 1);
-    if (rv != SECSuccess) {
-        SECU_PrintError(progName, "error enabling socket");
-	return 1;
-    }
-
-    rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, 1);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "error enabling client handshake");
-	return 1;
-    }
-
-    /* all the SSL2 and SSL3 cipher suites are enabled by default. */
-    if (cipherString) {
-    	int ndx;
-
-	while (0 != (ndx = *cipherString++)) {
-	    int *cptr;
-	    int  cipher;
-
-	    if (! isalpha(ndx))
-	     	Usage(progName);
-	    cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
-	    for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) 
-	    	/* do nothing */;
-	    if (cipher) {
-		SECStatus status;
-		status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED);
-		if (status != SECSuccess) 
-		    SECU_PrintError(progName, "SSL_CipherPrefSet()");
-	    }
-	}
-    }
-
-    rv = SSL_OptionSet(s, SSL_ENABLE_SSL2, !disableSSL2);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "error enabling SSLv2 ");
-	return 1;
-    }
-
-    rv = SSL_OptionSet(s, SSL_ENABLE_SSL3, !disableSSL3);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "error enabling SSLv3 ");
-	return 1;
-    }
-
-    rv = SSL_OptionSet(s, SSL_ENABLE_TLS, !disableTLS);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "error enabling TLS ");
-	return 1;
-    }
-
-    /* disable ssl2 and ssl2-compatible client hellos. */
-    rv = SSL_OptionSet(s, SSL_V2_COMPATIBLE_HELLO, !disableSSL2);
-    if (rv != SECSuccess) {
-	SECU_PrintError(progName, "error disabling v2 compatibility");
-	return 1;
-    }
-
-    if (useCommandLinePassword) {
-	SSL_SetPKCS11PinArg(s, password);
-    }
-
-    SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle);
-    if (override) {
-	SSL_BadCertHook(s, ownBadCertHandler, NULL);
-    }
-    SSL_GetClientAuthDataHook(s, NSS_GetClientAuthData, (void *)nickname);
-    SSL_HandshakeCallback(s, handshakeCallback, NULL);
-    SSL_SetURL(s, host);
-
-    /* Try to connect to the server */
-    status = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
-    if (status != PR_SUCCESS) {
-	if (PR_GetError() == PR_IN_PROGRESS_ERROR) {
-	    if (verbose)
-		SECU_PrintError(progName, "connect");
-	    milliPause(50 * multiplier);
-	    pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
-	    pollset[0].out_flags = 0;
-	    pollset[0].fd = s;
-	    while(1) {
-		PRINTF("%s: about to call PR_Poll for connect completion!\n", progName);
-		filesReady = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
-		if (filesReady < 0) {
-		    SECU_PrintError(progName, "unable to connect (poll)");
-		    return 1;
-		}
-		PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
-			progName, pollset[0].out_flags);
-		if (filesReady == 0) {	/* shouldn't happen! */
-		    PRINTF("%s: PR_Poll returned zero!\n", progName);
-		    return 1;
-		}
-		/* Must milliPause between PR_Poll and PR_GetConnectStatus,
-		 * Or else winsock gets mighty confused.
-		 * Sleep(0);
-		 */
-		milliPause(1);
-		status = PR_GetConnectStatus(pollset);
-		if (status == PR_SUCCESS) {
-		    break;
-		}
-		if (PR_GetError() != PR_IN_PROGRESS_ERROR) {
-		    SECU_PrintError(progName, "unable to connect (poll)");
-		    return 1;
-		}
-		SECU_PrintError(progName, "poll");
-		milliPause(50 * multiplier);
-	    }
-	} else {
-	    SECU_PrintError(progName, "unable to connect");
-	    return 1;
-	}
-    }
-
-    pollset[0].fd        = s;
-    pollset[0].in_flags  = PR_POLL_READ;
-    pollset[1].fd        = PR_GetSpecialFD(PR_StandardInput);
-    pollset[1].in_flags  = PR_POLL_READ;
-    npds                 = 2;
-    std_out              = PR_GetSpecialFD(PR_StandardOutput);
-
-
-    if (file_read) {
-	pollset[1].out_flags = PR_POLL_READ;
-	npds=1;
-    }
-
-    /*
-    ** Select on stdin and on the socket. Write data from stdin to
-    ** socket, read data from socket and write to stdout.
-    */
-    PRINTF("%s: ready...\n", progName);
-
-    while (pollset[0].in_flags || pollset[1].in_flags) {
-	char buf[4000];	/* buffer for stdin */
-	int nb;		/* num bytes read from stdin. */
-
-	pollset[0].out_flags = 0;
-        if (!file_read) {
-	    pollset[1].out_flags = 0;
-	}
-
-	PRINTF("%s: about to call PR_Poll !\n", progName);
-        if (pollset[1].in_flags && file_read) {
-		filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_WAIT);
-		filesReady++;
-	} else {
-		filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_TIMEOUT);
-	}
-	if (filesReady < 0) {
-	   SECU_PrintError(progName, "select failed");
-	   error=1;
-	   goto done;
-	}
-	if (filesReady == 0) {	/* shouldn't happen! */
-	    PRINTF("%s: PR_Poll returned zero!\n", progName);
-	    return 1;
-	}
-	PRINTF("%s: PR_Poll returned!\n", progName);
-	if (pollset[1].in_flags) {
-	        PRINTF("%s: PR_Poll returned 0x%02x for stdin out_flags.\n",
-		    progName, pollset[1].out_flags);
-#ifndef _WINDOWS 
-	}
-	if (pollset[1].out_flags & PR_POLL_READ) {
-#endif
-	    /* Read from stdin and write to socket */
-	    nb = PR_Read(pollset[1].fd, buf, sizeof(buf));
-	    PRINTF("%s: stdin read %d bytes\n", progName, nb);
-	    if (nb < 0) {
-		if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
-		    SECU_PrintError(progName, "read from stdin failed");
-	            error=1;
-		    break;
-		}
-	    } else if (nb == 0) {
-		pollset[1].in_flags = 0;
-	    } else {
-		char * bufp = buf;
-		PRINTF("%s: Writing %d bytes to server\n", progName, nb);
-		do {
-		    PRInt32 cc = PR_Write(s, bufp, nb);
-		    if (cc < 0) {
-		    	PRErrorCode err = PR_GetError();
-			if (err != PR_WOULD_BLOCK_ERROR) {
-			    SECU_PrintError(progName, 
-			                    "write to SSL socket failed");
-			    error=254;
-			    goto done;
-			}
-			cc = 0;
-		    }
-		    bufp += cc;
-		    nb   -= cc;
-		    if (nb <= 0) 
-		    	break;
-		    pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
-		    pollset[0].out_flags = 0;
-		    PRINTF("%s: about to call PR_Poll on writable socket !\n", progName);
-		    cc = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
-		    PRINTF("%s: PR_Poll returned with writable socket !\n", progName);
-		} while (1);
-		pollset[0].in_flags  = PR_POLL_READ;
-	    }
-	}
-
-	if (pollset[0].in_flags) {
-	    PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
-		   progName, pollset[0].out_flags);
-	}
-	if (   (pollset[0].out_flags & PR_POLL_READ) 
-	    || (pollset[0].out_flags & PR_POLL_ERR)  
-#ifdef PR_POLL_HUP
-	    || (pollset[0].out_flags & PR_POLL_HUP)
-#endif
-	    ) {
-	    /* Read from socket and write to stdout */
-	    nb = PR_Read(pollset[0].fd, buf, sizeof(buf));
-	    PRINTF("%s: Read from server %d bytes\n", progName, nb);
-	    if (nb < 0) {
-		if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
-		    SECU_PrintError(progName, "read from socket failed");
-		    error=1;
-		    goto done;
-	    	}
-	    } else if (nb == 0) {
-		/* EOF from socket... bye bye */
-		pollset[0].in_flags = 0;
-	    } else {
-		PR_Write(std_out, buf, nb);
-		puts("\n\n");
-	    }
-	}
-	milliPause(50 * multiplier);
-    }
-
-  done:
-    PR_Close(s);
-    SSL_ClearSessionCache();
-    NSS_Shutdown();
-    PR_Cleanup();
-    return error;
-}
diff --git a/security/nss/cmd/ttformat/Makefile b/security/nss/cmd/ttformat/Makefile
deleted file mode 100644
index f2a407990..000000000
--- a/security/nss/cmd/ttformat/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/ttformat/manifest.mn b/security/nss/cmd/ttformat/manifest.mn
deleted file mode 100644
index d743cfb1c..000000000
--- a/security/nss/cmd/ttformat/manifest.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header  directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = ttformat.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm 
-
-PROGRAM = ttformat 
-
diff --git a/security/nss/cmd/ttformat/nClient b/security/nss/cmd/ttformat/nClient
deleted file mode 100755
index aab8402bd..000000000
--- a/security/nss/cmd/ttformat/nClient
+++ /dev/null
@@ -1,49 +0,0 @@
-# /bin/ksh 
-#
-# nClient -- run the nss test strsclnt for performance testing
-#
-# syntax: nClient [options]
-#
-# where: options are:
-#   any valid command line option for strsclnt
-#   Note that some options are set by this script!
-#
-# Description:
-# nClient runs the nss test program "strsclnt" for purposes of
-# gathering performance data.
-#
-# some shell variables are set at the top of the script
-# you may have to change these, depending on the host you
-# are running on and other "stuff". caveat emptor.
-#
-# You will have to tinker with this script to get it to
-# run for you.
-#
-# See also: nServ
-#
-# --- begin nClient -------------------------------------------------------
-baseDir=/home/lorenzo/nss-raw/mozilla
-#
-# shell variables for running strsclnt 
-#
-export HOST=`hostname -s`
-export DOMSUF=red.iplanet.com
-serverHost=dbldog
-nssDB=${baseDir}/tests_results/security/${HOST}.1/client
-nssHost=${HOST}.red.iplanet.com
-pushd ${baseDir}/security/nss/tests/common
-objDir=`gmake objdir_name`
-popd
-#
-#
-nssOptions="-p 12944 ${serverHost}.red.iplanet.com"
-export LD_LIBRARY_PATH=${baseDir}/dist/${objDir}/lib
-clientProg=${baseDir}/security/nss/cmd/strsclnt/${objDir}/strsclnt
-#
-# do the test
-#
-nssCommand="${clientProg} -d ${nssDB} ${nssOptions}" 
-echo $nssCommand $*
-${nssCommand} $* &
-# 
-# --- end nClient --------------------------------------------------------
diff --git a/security/nss/cmd/ttformat/nServ b/security/nss/cmd/ttformat/nServ
deleted file mode 100755
index ddf51b0e8..000000000
--- a/security/nss/cmd/ttformat/nServ
+++ /dev/null
@@ -1,49 +0,0 @@
-# /bin/ksh 
-#
-# nServ -- run the nss test selfserv for performance testing
-#
-# syntax: nServ [options]
-#
-# where: options are:
-#   Valid arguments to the selfserv program
-#   Note that this script sets some options
-#
-# Description:
-# nServ runs the nss test program "selfserv" for purposes of
-# gathering performance data.
-#
-# some shell variables are set at the top of the script
-# you may have to change these, depending on the host you
-# are running on and other "stuff". caveat emptor.
-#
-# See also: nClinet
-#
-# --- begin nServ -------------------------------------------------------
-#
-baseDir=/home/lorenzo/nss-server/mozilla
-#
-# shell variables for running selfserv
-#
-export HOST=`hostname -s`
-export DOMSUF=red.iplanet.com
-nssDB=${baseDir}/tests_results/security/${HOST}.1/server
-nssHost=${HOST}.red.iplanet.com
-nssOptions="-p 12944 -w nss"
-pushd ${baseDir}/security/nss/tests/common
-objDir=`gmake objdir_name`
-popd
-export LD_LIBRARY_PATH=${baseDir}/dist/${objDir}/lib
-#
-# shell variables for capturing instrumentation data
-#
-export NSPR_LOG_MODULES=TestCase:6
-export NSPR_LOG_FILE=xxxLogfile
-#
-# do the test
-#
-nssCommand="${baseDir}/dist/${objDir}/bin/selfserv -d ${nssDB} -n ${nssHost} ${nssOptions}" 
-echo $nssCommand
-${nssCommand} $* & 
-# xxgdb ${baseDir}/dist/${objDir}/bin/selfserv
-# 
-# --- end nServ -------------------------------------------------------
diff --git a/security/nss/cmd/ttformat/redux.pl b/security/nss/cmd/ttformat/redux.pl
deleted file mode 100755
index ccc13c24a..000000000
--- a/security/nss/cmd/ttformat/redux.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# redux.pl -- general nss trace data extraction
-#
-# syntax: redux.pl 
-#
-# redux.pl reads a file of formatted trace table records from stdin
-# The trace records are formatted by nssilock.c 
-# redux.pl parses the lines and accumulates data in a hash
-# When finished with stdin, redux.pl traverses the hash and emits
-# the accumulated data.
-# 
-# Operation:
-# read stdin, accumulate in a hash by file, line, type.
-# traverse the hash, reporting data.
-#
-# raw data format:
-#   thredid op ltype callTime heldTime lock line file
-#
-# Notes:
-# After running redux.pl, sort the report on column 4 in decending sequence
-# to see where the lock contention is.
-#
-#
-# -----------------------------------------------------------------------
-use Getopt::Std;
-
-getopts("h") || die "redux.pl: unrecognized command option";
-
-
-# -----------------------------------------------------------------------
-# read stdin to exhaustion
-while ( <STDIN> ) {
-   $recordCount++;
-#   next if ($recordCount < 36000 ); # skip initialization records
-   chomp;
-   ($thredid, $op, $ltype, $callTime, $heldTime, $lock, $line, $file) = split;
-
-# select out un-interesting lines
-#   next if (( $callTime < $opt_c ) && ( $heldTime < $opt_h ));
-#   print $_, "\n";
-
-# count general stats
-   $interesting++;
-
-# format the key
-   $hashKey = $file ." ". $line ." ". $ltype;
-
-# Update the data in the hash entry 
-   $theData = $theHash{$hashKey}; # read it if it already exists
-   ( $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax ) = split(/\s+/, $theData );
-   $hCount++;
-   $hcallTime += $callTime;
-   $hheldTime += $heldTime;
-   $hcallMax  =  ( $hcallMax > $callTime )? $hcallMax : $callTime;
-   $hheldMax  =  ( $hheldMax > $heldTime )? $hheldMax : $heldTime;
-
-# Write theData back to the hash
-   $theData = $hCount." ".$hcallTime." ".$hheldTime." ".$hcallMax." ".$hheldMax;
-   $theHash{$hashKey} = $theData;
-} # end while()
-
-# -----------------------------------------------------------------------
-# traverse theHash
-   printf("%-16s %6s %-16s %8s %8s %8s %8s %8s\n", 
-      "File","line","ltype","hits","calltim","heldtim","callmax","heldmax" );
-while (($hashKey,$theData) = each(%theHash)) {
-   $hashElements++;
-   ($file, $line, $ltype) = split(/\s+/, $hashKey );
-   ( $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax ) = split(/\s+/, $theData );
-   printf("%-16s %6d %-16s %8d %8d %8d %8d %8d\n", 
-       $file, $line, $ltype, $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax );
-} # end while()
-
-# -----------------------------------------------------------------------
-# dump global statistics
-printf ("Record count: %d\n", $recordCount );
-printf("Interesting: %d, HashElements: %d\n", $interesting, $hashElements);
diff --git a/security/nss/cmd/ttformat/reduxhwm.pl b/security/nss/cmd/ttformat/reduxhwm.pl
deleted file mode 100644
index f442ff4e4..000000000
--- a/security/nss/cmd/ttformat/reduxhwm.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# reduxhwm.pl -- analyze highwatermark data in xxxLogfile 
-#
-# example interesting line in xxxLogfile
-# 1026[8154da0]: selfserv: Launched thread in slot 37, highWaterMark: 63 
-#
-# 
-#
-while ( <STDIN> ) {
-   chomp;
-   ($proc, $who, $launched, $thread, $in, $slotx, $slot, $hwm, $highwatermark) = split;
-   if ( $launched == "Launched" ) {
-      next if ( $slot == 0 );
-      $notInteresting++;
-      if ( $hwmMax < $highwatermark ){
-         $hwmMax = $highwatermark;
-      }
-      $hwmArray[$slot] += 1;
-      $interesting++;
-   }
-} # end while()
-
-printf ("Interesteing:    %d\n", $interesting );
-printf ("Not Interesting: %d\n", $notInteresting - $interesting );
-
-foreach $element (@hwmArray) {
-    $percent = 100*($element / $interesting);
-    $percentTotal += $percent;
-    printf("Slot %2d: %d hits, %2.2f percent, %2.2f total percent\n", $i, $element, $percent, $percentTotal );
-    $i++;
-}
-printf("Sum of percentages: %3.2f\n", $percentTotal );
-# --- end ---
diff --git a/security/nss/cmd/ttformat/ttformat.c b/security/nss/cmd/ttformat/ttformat.c
deleted file mode 100644
index 7fcf04f86..000000000
--- a/security/nss/cmd/ttformat/ttformat.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape Portable Runtime (NSPR).
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1998-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: ttformat.c
-** Description:  ttformat.c reads the file "xxxTTLog". xxxTTLog
-** contains fixed length binary data written by nssilock. 
-** ttformat formats the data to a human readable form (printf) 
-** usable for visual scanning and for processing via a perl script. 
-** Output is written to stdout
-**
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <nssilock.h>
-
-/*
-** struct maps enum nssILockType to character representation
-*/
-struct {
-    nssILockType ltype;
-    char *name;
-} ltypeNameT[] = {
-    { nssILockArena, "Arena" },
-    { nssILockSession, "Session" },
-    { nssILockObject, "Object" },
-    { nssILockRefLock, "RefLock" },
-    { nssILockCert, "Cert", },
-    { nssILockCertDB, "CertDB" },
-    { nssILockDBM, "DBM" },
-    { nssILockCache, "Cache" },
-    { nssILockSSL, "SSL" },
-    { nssILockList, "List" },
-    { nssILockSlot, "Slot" },
-    { nssILockFreelist, "Freelist" },
-    { nssILockOID, "OID" },
-    { nssILockAttribute, "Attribute" },
-    { nssILockPK11cxt, "PK11Context" }, 
-    { nssILockRWLock, "RWLock" },
-    { nssILockOther, "Other" },
-    { nssILockSelfServ, "SelfServ" }
-}; /* end ltypeNameT */
-
-/*
-** struct maps enum nssILockOp to character representation
-*/
-struct {
-   nssILockOp op;
-   char *name;
-} opNameT[] = {
-    { FlushTT, "FlushTT" },
-    { NewLock, "NewLock" },
-    { Lock, "Lock" },
-    { Unlock, "Unlock" },
-    { DestroyLock, "DestroyLock" },
-    { NewCondVar, "NewCondVar" },
-    { WaitCondVar, "WaitCondVar" },
-    { NotifyCondVar, "NotifyCondVar" },
-    { NotifyAllCondVar, "NotifyAllCondVar" },
-    { DestroyCondVar, "DestroyCondVar" },
-    { NewMonitor, "NewMonitor" },
-    { EnterMonitor, "EnterMonitor" },
-    { ExitMonitor, "ExitMonitor" },
-    { Notify, "Notify" },
-    { NotifyAll, "NotifyAll" },
-    { Wait, "Wait" },
-    { DestroyMonitor, "DestroyMonitor" }
-}; /* end opNameT */
-
-
-int main(int argc, char *argv[])
-{
-   FILE	*filea;
-   struct pzTrace_s inBuf;
-   char   *opName;
-   char   *ltypeName;
-   int    rCount = 0;
-   int    oCount = 0;
-
-   filea = fopen( "xxxTTLog", "r" );
-   if ( NULL == filea ) {
-       fprintf( stderr, "ttformat: Oh drat! Can't open 'xxxTTLog'\n" );
-       exit(1);
-   }
-
-   while(1 == (fread( &inBuf, sizeof(inBuf), 1 , filea ))) {
-       ++rCount;
-       if ( inBuf.op > DestroyMonitor ) continue;
-       if ( inBuf.op < FlushTT ) continue;
-
-       opName = opNameT[inBuf.op].name;
-       ltypeName = ltypeNameT[inBuf.ltype].name;
-       
-       ++oCount;
-       printf("%8d %18s %18s %6d %6d %12p %6d %20s\n",
-          inBuf.threadID, opName, ltypeName, inBuf.callTime, inBuf.heldTime,
-          inBuf.lock, inBuf.line, inBuf.file );
-   } /* end while() */   
-  
-   fprintf( stderr, "Read: %d, Wrote: %d\n", rCount, oCount ); 
-   return 0;
-}  /* main() */
-/* end ttformat.c */
diff --git a/security/nss/cmd/zlib/Makefile b/security/nss/cmd/zlib/Makefile
deleted file mode 100644
index fa46e6763..000000000
--- a/security/nss/cmd/zlib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/zlib/README b/security/nss/cmd/zlib/README
deleted file mode 100644
index 28adc90b2..000000000
--- a/security/nss/cmd/zlib/README
+++ /dev/null
@@ -1,99 +0,0 @@
-zlib 1.0.4 is a general purpose data compression library.  All the code
-is reentrant (thread safe).  The data format used by the zlib library
-is described by RFCs (Request for Comments) 1950 to 1952 in the files 
-ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate
-format) and rfc1952.txt (gzip format). These documents are also available in
-other formats from ftp://ftp.uu.net/graphics/png/documents/zlib/zdoc-index.html
-
-All functions of the compression library are documented in the file
-zlib.h. A usage example of the library is given in the file example.c
-which also tests that the library is working correctly. Another
-example is given in the file minigzip.c. The compression library itself
-is composed of all source files except example.c and minigzip.c.
-
-To compile all files and run the test program, follow the instructions
-given at the top of Makefile. In short "make test; make install"
-should work for most machines.  For MSDOS, use one of the special
-makefiles such as Makefile.msc; for VMS, use Make_vms.com or descrip.mms.
-
-Questions about zlib should be sent to <zlib@quest.jpl.nasa.gov> or,
-if this fails, to the addresses given below in the Copyright section.
-The zlib home page is http://quest.jpl.nasa.gov/zlib/
-
-The changes made in version 1.0.4 are documented in the file ChangeLog.
-The main changes since 1.0.3 are:
-
-- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF
-  bit, so the decompressor could decompress all the correct data but went
-  on to attempt decompressing extra garbage data. This affected minigzip too.
-- zlibVersion and gzerror return const char* (needed for DLL)
-- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno)
-
-
-A Perl interface to zlib written by Paul Marquess <pmarquess@bfsec.bt.co.uk>
-is in the CPAN (Comprehensive Perl Archive Network) sites, such as:
-ftp://ftp.cis.ufl.edu/pub/perl/CPAN/modules/by-module/Compress/Compress-Zlib*
-
-
-Notes for some targets:
-
-- For Turbo C the small model is supported only with reduced performance to
-  avoid any far allocation; it was tested with -DMAX_WBITS=11 -DMAX_MEM_LEVEL=3
-
-- For 64-bit Iris, deflate.c must be compiled without any optimization.
-  With -O, one libpng test fails. The test works in 32 bit mode (with
-  the -32 compiler flag). The compiler bug has been reported to SGI.
-
-- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1   
-  it works when compiled with cc.
-
-- zlib doesn't work on HP-UX 9.05 with one cc compiler (the one not
-  accepting the -O option). It works with the other cc compiler.
-
-- To build a Windows DLL version, include in a DLL project zlib.def, zlib.rc
-  and all .c files except example.c and minigzip.c; compile with -DZLIB_DLL
-  For help on building a zlib DLL, contact Alessandro Iacopetti
-  <iaco@email.alessandria.alpcom.it>  http://lisa.unial.it/iaco ,
-  or contact Brad Clarke <bclarke@cyberus.ca>.
-
-- gzdopen is not supported on RISCOS
-
-
-Acknowledgments:
-
-  The deflate format used by zlib was defined by Phil Katz. The deflate
-  and zlib specifications were written by Peter Deutsch. Thanks to all the
-  people who reported problems and suggested various improvements in zlib;
-  they are too numerous to cite here.
-
-Copyright notice:
-
- (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
-  This software is provided 'as-is', without any express or implied
-  warranty.  In no event will the authors be held liable for any damages
-  arising from the use of this software.
-
-  Permission is granted to anyone to use this software for any purpose,
-  including commercial applications, and to alter it and redistribute it
-  freely, subject to the following restrictions:
-
-  1. The origin of this software must not be misrepresented; you must not
-     claim that you wrote the original software. If you use this software
-     in a product, an acknowledgment in the product documentation would be
-     appreciated but is not required.
-  2. Altered source versions must be plainly marked as such, and must not be
-     misrepresented as being the original software.
-  3. This notice may not be removed or altered from any source distribution.
-
-  Jean-loup Gailly        Mark Adler
-  gzip@prep.ai.mit.edu    madler@alumni.caltech.edu
-
-If you use the zlib library in a product, we would appreciate *not*
-receiving lengthy legal documents to sign. The sources are provided
-for free but without warranty of any kind.  The library has been
-entirely written by Jean-loup Gailly and Mark Adler; it does not
-include third-party code.
-
-If you redistribute modified sources, we would appreciate that you include
-in the file ChangeLog history information documenting your changes.
diff --git a/security/nss/cmd/zlib/adler32.c b/security/nss/cmd/zlib/adler32.c
deleted file mode 100644
index 9f4afd63c..000000000
--- a/security/nss/cmd/zlib/adler32.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* adler32.c -- compute the Adler-32 checksum of a data stream
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-#define BASE 65521L /* largest prime smaller than 65536 */
-#define NMAX 5552
-/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
-
-#define DO1(buf,i)  {s1 += buf[i]; s2 += s1;}
-#define DO2(buf,i)  DO1(buf,i); DO1(buf,i+1);
-#define DO4(buf,i)  DO2(buf,i); DO2(buf,i+2);
-#define DO8(buf,i)  DO4(buf,i); DO4(buf,i+4);
-#define DO16(buf)   DO8(buf,0); DO8(buf,8);
-
-/* ========================================================================= */
-PR_PUBLIC_API(uLong) adler32(adler, buf, len)
-    uLong adler;
-    const Bytef *buf;
-    uInt len;
-{
-    unsigned long s1 = adler & 0xffff;
-    unsigned long s2 = (adler >> 16) & 0xffff;
-    int k;
-
-    if (buf == Z_NULL) return 1L;
-
-    while (len > 0) {
-        k = len < NMAX ? len : NMAX;
-        len -= k;
-        while (k >= 16) {
-            DO16(buf);
-	    buf += 16;
-            k -= 16;
-        }
-        if (k != 0) do {
-            s1 += *buf++;
-	    s2 += s1;
-        } while (--k);
-        s1 %= BASE;
-        s2 %= BASE;
-    }
-    return (s2 << 16) | s1;
-}
diff --git a/security/nss/cmd/zlib/compress.c b/security/nss/cmd/zlib/compress.c
deleted file mode 100644
index 3e1cc7c09..000000000
--- a/security/nss/cmd/zlib/compress.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* compress.c -- compress a memory buffer
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-/* ===========================================================================
-     Compresses the source buffer into the destination buffer.  sourceLen is
-   the byte length of the source buffer. Upon entry, destLen is the total
-   size of the destination buffer, which must be at least 0.1% larger than
-   sourceLen plus 8 bytes. Upon exit, destLen is the actual size of the
-   compressed buffer.
-     This function can be used to compress a whole file at once if the
-   input file is mmap'ed.
-     compress returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_BUF_ERROR if there was not enough room in the output
-   buffer.
-*/
-PR_PUBLIC_API(int) compress (dest, destLen, source, sourceLen)
-    Bytef *dest;
-    uLongf *destLen;
-    const Bytef *source;
-    uLong sourceLen;
-{
-    z_stream stream;
-    int err;
-
-    stream.next_in = (Bytef*)source;
-    stream.avail_in = (uInt)sourceLen;
-#ifdef MAXSEG_64K
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-#endif
-    stream.next_out = dest;
-    stream.avail_out = (uInt)*destLen;
-    if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
-    stream.zalloc = (alloc_func)0;
-    stream.zfree = (free_func)0;
-    stream.opaque = (voidpf)0;
-
-    err = deflateInit(&stream, Z_DEFAULT_COMPRESSION);
-    if (err != Z_OK) return err;
-
-    err = deflate(&stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        deflateEnd(&stream);
-        return err == Z_OK ? Z_BUF_ERROR : err;
-    }
-    *destLen = stream.total_out;
-
-    err = deflateEnd(&stream);
-    return err;
-}
diff --git a/security/nss/cmd/zlib/config.mk b/security/nss/cmd/zlib/config.mk
deleted file mode 100644
index a1c67fdb4..000000000
--- a/security/nss/cmd/zlib/config.mk
+++ /dev/null
@@ -1,70 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Currently, override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all     #
-# library names, and all special system linking options               #
-#######################################################################
-
-SECTOOLS_LIBS = $(LDOPTS) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) \
-    $(LIBSECMOD) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) \
-    $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) \
-    $(LIBHASH) $(LIBDBM) $(DLLPLC) $(DLLPLDS) $(DLLPR) $(DLLSYSTEM)
-
-ifeq ($(OS_TARGET),AIX)
-	OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-ifeq ($(OS_TARGET),NCR)
-	OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-ifeq ($(OS_TARGET),SCO_SV)
-	OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-LDFLAGS += $(SECTOOLS_LIBS)
-
-
-
-
diff --git a/security/nss/cmd/zlib/crc32.c b/security/nss/cmd/zlib/crc32.c
deleted file mode 100644
index 398871cf8..000000000
--- a/security/nss/cmd/zlib/crc32.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* crc32.c -- compute the CRC-32 of a data stream
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-#define local static
-
-#ifdef DYNAMIC_CRC_TABLE
-
-local int crc_table_empty = 1;
-local uLongf crc_table[256];
-local void make_crc_table OF((void));
-
-/*
-  Generate a table for a byte-wise 32-bit CRC calculation on the polynomial:
-  x^32+x^26+x^23+x^22+x^16+x^12+x^11+x^10+x^8+x^7+x^5+x^4+x^2+x+1.
-
-  Polynomials over GF(2) are represented in binary, one bit per coefficient,
-  with the lowest powers in the most significant bit.  Then adding polynomials
-  is just exclusive-or, and multiplying a polynomial by x is a right shift by
-  one.  If we call the above polynomial p, and represent a byte as the
-  polynomial q, also with the lowest power in the most significant bit (so the
-  byte 0xb1 is the polynomial x^7+x^3+x+1), then the CRC is (q*x^32) mod p,
-  where a mod b means the remainder after dividing a by b.
-
-  This calculation is done using the shift-register method of multiplying and
-  taking the remainder.  The register is initialized to zero, and for each
-  incoming bit, x^32 is added mod p to the register if the bit is a one (where
-  x^32 mod p is p+x^32 = x^26+...+1), and the register is multiplied mod p by
-  x (which is shifting right by one and adding x^32 mod p if the bit shifted
-  out is a one).  We start with the highest power (least significant bit) of
-  q and repeat for all eight bits of q.
-
-  The table is simply the CRC of all possible eight bit values.  This is all
-  the information needed to generate CRC's on data a byte at a time for all
-  combinations of CRC register values and incoming bytes.
-*/
-local void make_crc_table()
-{
-  uLong c;
-  int n, k;
-  uLong poly;            /* polynomial exclusive-or pattern */
-  /* terms of polynomial defining this crc (except x^32): */
-  static Byte p[] = {0,1,2,4,5,7,8,10,11,12,16,22,23,26};
-
-  /* make exclusive-or pattern from polynomial (0xedb88320L) */
-  poly = 0L;
-  for (n = 0; n < sizeof(p)/sizeof(Byte); n++)
-    poly |= 1L << (31 - p[n]);
- 
-  for (n = 0; n < 256; n++)
-  {
-    c = (uLong)n;
-    for (k = 0; k < 8; k++)
-      c = c & 1 ? poly ^ (c >> 1) : c >> 1;
-    crc_table[n] = c;
-  }
-  crc_table_empty = 0;
-}
-#else
-/* ========================================================================
- * Table of CRC-32's of all single-byte values (made by make_crc_table)
- */
-local uLongf crc_table[256] = {
-  0x00000000UL, 0x77073096UL, 0xee0e612cUL, 0x990951baUL, 0x076dc419UL,
-  0x706af48fUL, 0xe963a535UL, 0x9e6495a3UL, 0x0edb8832UL, 0x79dcb8a4UL,
-  0xe0d5e91eUL, 0x97d2d988UL, 0x09b64c2bUL, 0x7eb17cbdUL, 0xe7b82d07UL,
-  0x90bf1d91UL, 0x1db71064UL, 0x6ab020f2UL, 0xf3b97148UL, 0x84be41deUL,
-  0x1adad47dUL, 0x6ddde4ebUL, 0xf4d4b551UL, 0x83d385c7UL, 0x136c9856UL,
-  0x646ba8c0UL, 0xfd62f97aUL, 0x8a65c9ecUL, 0x14015c4fUL, 0x63066cd9UL,
-  0xfa0f3d63UL, 0x8d080df5UL, 0x3b6e20c8UL, 0x4c69105eUL, 0xd56041e4UL,
-  0xa2677172UL, 0x3c03e4d1UL, 0x4b04d447UL, 0xd20d85fdUL, 0xa50ab56bUL,
-  0x35b5a8faUL, 0x42b2986cUL, 0xdbbbc9d6UL, 0xacbcf940UL, 0x32d86ce3UL,
-  0x45df5c75UL, 0xdcd60dcfUL, 0xabd13d59UL, 0x26d930acUL, 0x51de003aUL,
-  0xc8d75180UL, 0xbfd06116UL, 0x21b4f4b5UL, 0x56b3c423UL, 0xcfba9599UL,
-  0xb8bda50fUL, 0x2802b89eUL, 0x5f058808UL, 0xc60cd9b2UL, 0xb10be924UL,
-  0x2f6f7c87UL, 0x58684c11UL, 0xc1611dabUL, 0xb6662d3dUL, 0x76dc4190UL,
-  0x01db7106UL, 0x98d220bcUL, 0xefd5102aUL, 0x71b18589UL, 0x06b6b51fUL,
-  0x9fbfe4a5UL, 0xe8b8d433UL, 0x7807c9a2UL, 0x0f00f934UL, 0x9609a88eUL,
-  0xe10e9818UL, 0x7f6a0dbbUL, 0x086d3d2dUL, 0x91646c97UL, 0xe6635c01UL,
-  0x6b6b51f4UL, 0x1c6c6162UL, 0x856530d8UL, 0xf262004eUL, 0x6c0695edUL,
-  0x1b01a57bUL, 0x8208f4c1UL, 0xf50fc457UL, 0x65b0d9c6UL, 0x12b7e950UL,
-  0x8bbeb8eaUL, 0xfcb9887cUL, 0x62dd1ddfUL, 0x15da2d49UL, 0x8cd37cf3UL,
-  0xfbd44c65UL, 0x4db26158UL, 0x3ab551ceUL, 0xa3bc0074UL, 0xd4bb30e2UL,
-  0x4adfa541UL, 0x3dd895d7UL, 0xa4d1c46dUL, 0xd3d6f4fbUL, 0x4369e96aUL,
-  0x346ed9fcUL, 0xad678846UL, 0xda60b8d0UL, 0x44042d73UL, 0x33031de5UL,
-  0xaa0a4c5fUL, 0xdd0d7cc9UL, 0x5005713cUL, 0x270241aaUL, 0xbe0b1010UL,
-  0xc90c2086UL, 0x5768b525UL, 0x206f85b3UL, 0xb966d409UL, 0xce61e49fUL,
-  0x5edef90eUL, 0x29d9c998UL, 0xb0d09822UL, 0xc7d7a8b4UL, 0x59b33d17UL,
-  0x2eb40d81UL, 0xb7bd5c3bUL, 0xc0ba6cadUL, 0xedb88320UL, 0x9abfb3b6UL,
-  0x03b6e20cUL, 0x74b1d29aUL, 0xead54739UL, 0x9dd277afUL, 0x04db2615UL,
-  0x73dc1683UL, 0xe3630b12UL, 0x94643b84UL, 0x0d6d6a3eUL, 0x7a6a5aa8UL,
-  0xe40ecf0bUL, 0x9309ff9dUL, 0x0a00ae27UL, 0x7d079eb1UL, 0xf00f9344UL,
-  0x8708a3d2UL, 0x1e01f268UL, 0x6906c2feUL, 0xf762575dUL, 0x806567cbUL,
-  0x196c3671UL, 0x6e6b06e7UL, 0xfed41b76UL, 0x89d32be0UL, 0x10da7a5aUL,
-  0x67dd4accUL, 0xf9b9df6fUL, 0x8ebeeff9UL, 0x17b7be43UL, 0x60b08ed5UL,
-  0xd6d6a3e8UL, 0xa1d1937eUL, 0x38d8c2c4UL, 0x4fdff252UL, 0xd1bb67f1UL,
-  0xa6bc5767UL, 0x3fb506ddUL, 0x48b2364bUL, 0xd80d2bdaUL, 0xaf0a1b4cUL,
-  0x36034af6UL, 0x41047a60UL, 0xdf60efc3UL, 0xa867df55UL, 0x316e8eefUL,
-  0x4669be79UL, 0xcb61b38cUL, 0xbc66831aUL, 0x256fd2a0UL, 0x5268e236UL,
-  0xcc0c7795UL, 0xbb0b4703UL, 0x220216b9UL, 0x5505262fUL, 0xc5ba3bbeUL,
-  0xb2bd0b28UL, 0x2bb45a92UL, 0x5cb36a04UL, 0xc2d7ffa7UL, 0xb5d0cf31UL,
-  0x2cd99e8bUL, 0x5bdeae1dUL, 0x9b64c2b0UL, 0xec63f226UL, 0x756aa39cUL,
-  0x026d930aUL, 0x9c0906a9UL, 0xeb0e363fUL, 0x72076785UL, 0x05005713UL,
-  0x95bf4a82UL, 0xe2b87a14UL, 0x7bb12baeUL, 0x0cb61b38UL, 0x92d28e9bUL,
-  0xe5d5be0dUL, 0x7cdcefb7UL, 0x0bdbdf21UL, 0x86d3d2d4UL, 0xf1d4e242UL,
-  0x68ddb3f8UL, 0x1fda836eUL, 0x81be16cdUL, 0xf6b9265bUL, 0x6fb077e1UL,
-  0x18b74777UL, 0x88085ae6UL, 0xff0f6a70UL, 0x66063bcaUL, 0x11010b5cUL,
-  0x8f659effUL, 0xf862ae69UL, 0x616bffd3UL, 0x166ccf45UL, 0xa00ae278UL,
-  0xd70dd2eeUL, 0x4e048354UL, 0x3903b3c2UL, 0xa7672661UL, 0xd06016f7UL,
-  0x4969474dUL, 0x3e6e77dbUL, 0xaed16a4aUL, 0xd9d65adcUL, 0x40df0b66UL,
-  0x37d83bf0UL, 0xa9bcae53UL, 0xdebb9ec5UL, 0x47b2cf7fUL, 0x30b5ffe9UL,
-  0xbdbdf21cUL, 0xcabac28aUL, 0x53b39330UL, 0x24b4a3a6UL, 0xbad03605UL,
-  0xcdd70693UL, 0x54de5729UL, 0x23d967bfUL, 0xb3667a2eUL, 0xc4614ab8UL,
-  0x5d681b02UL, 0x2a6f2b94UL, 0xb40bbe37UL, 0xc30c8ea1UL, 0x5a05df1bUL,
-  0x2d02ef8dL
-};
-#endif
-
-/* =========================================================================
- * This function can be used by asm versions of crc32()
- */
-uLongf *get_crc_table()
-{
-#ifdef DYNAMIC_CRC_TABLE
-  if (crc_table_empty) make_crc_table();
-#endif
-  return (uLongf *)crc_table;
-}
-
-/* ========================================================================= */
-#define DO1(buf) crc = crc_table[((int)crc ^ (*buf++)) & 0xff] ^ (crc >> 8);
-#define DO2(buf)  DO1(buf); DO1(buf);
-#define DO4(buf)  DO2(buf); DO2(buf);
-#define DO8(buf)  DO4(buf); DO4(buf);
-
-/* ========================================================================= */
-PR_PUBLIC_API(uLong) crc32(crc, buf, len)
-    uLong crc;
-    const Bytef *buf;
-    uInt len;
-{
-    if (buf == Z_NULL) return 0L;
-#ifdef DYNAMIC_CRC_TABLE
-    if (crc_table_empty)
-      make_crc_table();
-#endif
-    crc = crc ^ 0xffffffffUL;
-    while (len >= 8)
-    {
-      DO8(buf);
-      len -= 8;
-    }
-    if (len) do {
-      DO1(buf);
-    } while (--len);
-    return crc ^ 0xffffffffUL;
-}
diff --git a/security/nss/cmd/zlib/deflate.c b/security/nss/cmd/zlib/deflate.c
deleted file mode 100644
index f748ce156..000000000
--- a/security/nss/cmd/zlib/deflate.c
+++ /dev/null
@@ -1,1209 +0,0 @@
-/* deflate.c -- compress data using the deflation algorithm
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/*
- *  ALGORITHM
- *
- *      The "deflation" process depends on being able to identify portions
- *      of the input text which are identical to earlier input (within a
- *      sliding window trailing behind the input currently being processed).
- *
- *      The most straightforward technique turns out to be the fastest for
- *      most input files: try all possible matches and select the longest.
- *      The key feature of this algorithm is that insertions into the string
- *      dictionary are very simple and thus fast, and deletions are avoided
- *      completely. Insertions are performed at each input character, whereas
- *      string matches are performed only when the previous match ends. So it
- *      is preferable to spend more time in matches to allow very fast string
- *      insertions and avoid deletions. The matching algorithm for small
- *      strings is inspired from that of Rabin & Karp. A brute force approach
- *      is used to find longer strings when a small match has been found.
- *      A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
- *      (by Leonid Broukhis).
- *         A previous version of this file used a more sophisticated algorithm
- *      (by Fiala and Greene) which is guaranteed to run in linear amortized
- *      time, but has a larger average cost, uses more memory and is patented.
- *      However the F&G algorithm may be faster for some highly redundant
- *      files if the parameter max_chain_length (described below) is too large.
- *
- *  ACKNOWLEDGEMENTS
- *
- *      The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
- *      I found it in 'freeze' written by Leonid Broukhis.
- *      Thanks to many people for bug reports and testing.
- *
- *  REFERENCES
- *
- *      Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
- *      Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
- *
- *      A description of the Rabin and Karp algorithm is given in the book
- *         "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
- *
- *      Fiala,E.R., and Greene,D.H.
- *         Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
- *
- */
-
-/* $Id$ */
-
-#include "deflate.h"
-
-char deflate_copyright[] = " deflate 1.0.4 Copyright 1995-1996 Jean-loup Gailly ";
-/*
-  If you use the zlib library in a product, an acknowledgment is welcome
-  in the documentation of your product. If for some reason you cannot
-  include such an acknowledgment, I would appreciate that you keep this
-  copyright string in the executable of your product.
- */
-
-/* ===========================================================================
- *  Function prototypes.
- */
-typedef enum {
-    need_more,      /* block not completed, need more input or more output */
-    block_done,     /* block flush performed */
-    finish_started, /* finish started, need only more output at next deflate */
-    finish_done     /* finish done, accept no more input or output */
-} block_state;
-
-typedef block_state (*compress_func) OF((deflate_state *s, int flush));
-/* Compression function. Returns the block state after the call. */
-
-local void fill_window    OF((deflate_state *s));
-local block_state deflate_stored OF((deflate_state *s, int flush));
-local block_state deflate_fast   OF((deflate_state *s, int flush));
-local block_state deflate_slow   OF((deflate_state *s, int flush));
-local void lm_init        OF((deflate_state *s));
-local uInt longest_match  OF((deflate_state *s, IPos cur_match));
-local void putShortMSB    OF((deflate_state *s, uInt b));
-local void flush_pending  OF((z_streamp strm));
-local int read_buf        OF((z_streamp strm, charf *buf, unsigned size));
-#ifdef ASMV
-      void match_init OF((void)); /* asm code initialization */
-#endif
-
-#ifdef DEBUG_NEVER
-local  void check_match OF((deflate_state *s, IPos start, IPos match,
-                            int length));
-#endif
-
-/* ===========================================================================
- * Local data
- */
-
-#define NIL 0
-/* Tail of hash chains */
-
-#ifndef TOO_FAR
-#  define TOO_FAR 4096
-#endif
-/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
-
-#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-/* Minimum amount of lookahead, except at the end of the input file.
- * See deflate.c for comments about the MIN_MATCH+1.
- */
-
-/* Values for max_lazy_match, good_match and max_chain_length, depending on
- * the desired pack level (0..9). The values given below have been tuned to
- * exclude worst case performance for pathological files. Better values may be
- * found for specific files.
- */
-typedef struct config_s {
-   ush good_length; /* reduce lazy search above this match length */
-   ush max_lazy;    /* do not perform lazy search above this match length */
-   ush nice_length; /* quit search above this match length */
-   ush max_chain;
-   compress_func func;
-} config;
-
-local config configuration_table[10] = {
-/*      good lazy nice chain */
-/* 0 */ {0,    0,  0,    0, deflate_stored},  /* store only */
-/* 1 */ {4,    4,  8,    4, deflate_fast}, /* maximum speed, no lazy matches */
-/* 2 */ {4,    5, 16,    8, deflate_fast},
-/* 3 */ {4,    6, 32,   32, deflate_fast},
-
-/* 4 */ {4,    4, 16,   16, deflate_slow},  /* lazy matches */
-/* 5 */ {8,   16, 32,   32, deflate_slow},
-/* 6 */ {8,   16, 128, 128, deflate_slow},
-/* 7 */ {8,   32, 128, 256, deflate_slow},
-/* 8 */ {32, 128, 258, 1024, deflate_slow},
-/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* maximum compression */
-
-/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
- * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
- * meaning.
- */
-
-#define EQUAL 0
-/* result of memcmp for equal strings */
-
-struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
-
-/* ===========================================================================
- * Update a hash value with the given input byte
- * IN  assertion: all calls to to UPDATE_HASH are made with consecutive
- *    input characters, so that a running hash key can be computed from the
- *    previous key instead of complete recalculation each time.
- */
-#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
-
-
-/* ===========================================================================
- * Insert string str in the dictionary and set match_head to the previous head
- * of the hash chain (the most recent string with same hash key). Return
- * the previous length of the hash chain.
- * IN  assertion: all calls to to INSERT_STRING are made with consecutive
- *    input characters and the first MIN_MATCH bytes of str are valid
- *    (except for the last MIN_MATCH-1 bytes of the input file).
- */
-#define INSERT_STRING(s, str, match_head) \
-   (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
-    s->prev[(str) & s->w_mask] = match_head = s->head[s->ins_h], \
-    s->head[s->ins_h] = (Pos)(str))
-
-/* ===========================================================================
- * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
- * prev[] will be initialized on the fly.
- */
-#define CLEAR_HASH(s) \
-    s->head[s->hash_size-1] = NIL; \
-    zmemzero((charf *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateInit_(strm, level, version, stream_size)
-    z_streamp strm;
-    int level;
-    const char *version;
-    int stream_size;
-{
-    return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
-			 Z_DEFAULT_STRATEGY, version, stream_size);
-    /* To do: ignore strm->next_in if we use it as window */
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
-		  version, stream_size)
-    z_streamp strm;
-    int  level;
-    int  method;
-    int  windowBits;
-    int  memLevel;
-    int  strategy;
-    const char *version;
-    int stream_size;
-{
-    deflate_state *s;
-    int noheader = 0;
-
-    ushf *overlay;
-    /* We overlay pending_buf and d_buf+l_buf. This works since the average
-     * output size for (length,distance) codes is <= 24 bits.
-     */
-
-    if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
-        stream_size != sizeof(z_stream)) {
-	return Z_VERSION_ERROR;
-    }
-    if (strm == Z_NULL) return Z_STREAM_ERROR;
-
-    strm->msg = Z_NULL;
-    if (strm->zalloc == Z_NULL) {
-	strm->zalloc = zcalloc;
-	strm->opaque = (voidpf)0;
-    }
-    if (strm->zfree == Z_NULL) strm->zfree = zcfree;
-
-    if (level == Z_DEFAULT_COMPRESSION) level = 6;
-
-    if (windowBits < 0) { /* undocumented feature: suppress zlib header */
-        noheader = 1;
-        windowBits = -windowBits;
-    }
-    if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
-        windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
-	strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
-        return Z_STREAM_ERROR;
-    }
-    s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
-    if (s == Z_NULL) return Z_MEM_ERROR;
-    strm->state = (struct internal_state FAR *)s;
-    s->strm = strm;
-
-    s->noheader = noheader;
-    s->w_bits = windowBits;
-    s->w_size = 1 << s->w_bits;
-    s->w_mask = s->w_size - 1;
-
-    s->hash_bits = memLevel + 7;
-    s->hash_size = 1 << s->hash_bits;
-    s->hash_mask = s->hash_size - 1;
-    s->hash_shift =  ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
-
-    s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
-    s->prev   = (Posf *)  ZALLOC(strm, s->w_size, sizeof(Pos));
-    s->head   = (Posf *)  ZALLOC(strm, s->hash_size, sizeof(Pos));
-
-    s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
-
-    overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
-    s->pending_buf = (uchf *) overlay;
-
-    if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
-        s->pending_buf == Z_NULL) {
-        strm->msg = (char*)ERR_MSG(Z_MEM_ERROR);
-        deflateEnd (strm);
-        return Z_MEM_ERROR;
-    }
-    s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
-    s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
-
-    s->level = level;
-    s->strategy = strategy;
-    s->method = (Byte)method;
-
-    return deflateReset(strm);
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateSetDictionary (strm, dictionary, dictLength)
-    z_streamp strm;
-    const Bytef *dictionary;
-    uInt  dictLength;
-{
-    deflate_state *s;
-    uInt length = dictLength;
-    uInt n;
-    IPos hash_head = 0;
-
-    if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
-        strm->state->status != INIT_STATE) return Z_STREAM_ERROR;
-
-    s = strm->state;
-    strm->adler = adler32(strm->adler, dictionary, dictLength);
-
-    if (length < MIN_MATCH) return Z_OK;
-    if (length > MAX_DIST(s)) {
-	length = MAX_DIST(s);
-	dictionary += dictLength - length;
-    }
-    zmemcpy((charf *)s->window, dictionary, length);
-    s->strstart = length;
-    s->block_start = (long)length;
-
-    /* Insert all strings in the hash table (except for the last two bytes).
-     * s->lookahead stays null, so s->ins_h will be recomputed at the next
-     * call of fill_window.
-     */
-    s->ins_h = s->window[0];
-    UPDATE_HASH(s, s->ins_h, s->window[1]);
-    for (n = 0; n <= length - MIN_MATCH; n++) {
-	INSERT_STRING(s, n, hash_head);
-    }
-    if (hash_head) hash_head = 0;  /* to make compiler happy */
-    return Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateReset (strm)
-    z_streamp strm;
-{
-    deflate_state *s;
-    
-    if (strm == Z_NULL || strm->state == Z_NULL ||
-        strm->zalloc == Z_NULL || strm->zfree == Z_NULL) return Z_STREAM_ERROR;
-
-    strm->total_in = strm->total_out = 0;
-    strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
-    strm->data_type = Z_UNKNOWN;
-
-    s = (deflate_state *)strm->state;
-    s->pending = 0;
-    s->pending_out = s->pending_buf;
-
-    if (s->noheader < 0) {
-        s->noheader = 0; /* was set to -1 by deflate(..., Z_FINISH); */
-    }
-    s->status = s->noheader ? BUSY_STATE : INIT_STATE;
-    strm->adler = 1;
-    s->last_flush = Z_NO_FLUSH;
-
-    _tr_init(s);
-    lm_init(s);
-
-    return Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateParams(strm, level, strategy)
-    z_streamp strm;
-    int level;
-    int strategy;
-{
-    deflate_state *s;
-    compress_func func;
-    int err = Z_OK;
-
-    if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-    s = strm->state;
-
-    if (level == Z_DEFAULT_COMPRESSION) {
-	level = 6;
-    }
-    if (level < 0 || level > 9 || strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
-	return Z_STREAM_ERROR;
-    }
-    func = configuration_table[s->level].func;
-
-    if (func != configuration_table[level].func && strm->total_in != 0) {
-	/* Flush the last buffer: */
-	err = deflate(strm, Z_PARTIAL_FLUSH);
-    }
-    if (s->level != level) {
-	s->level = level;
-	s->max_lazy_match   = configuration_table[level].max_lazy;
-	s->good_match       = configuration_table[level].good_length;
-	s->nice_match       = configuration_table[level].nice_length;
-	s->max_chain_length = configuration_table[level].max_chain;
-    }
-    s->strategy = strategy;
-    return err;
-}
-
-/* =========================================================================
- * Put a short in the pending buffer. The 16-bit value is put in MSB order.
- * IN assertion: the stream state is correct and there is enough room in
- * pending_buf.
- */
-local void putShortMSB (s, b)
-    deflate_state *s;
-    uInt b;
-{
-    put_byte(s, (Byte)(b >> 8));
-    put_byte(s, (Byte)(b & 0xff));
-}   
-
-/* =========================================================================
- * Flush as much pending output as possible. All deflate() output goes
- * through this function so some applications may wish to modify it
- * to avoid allocating a large strm->next_out buffer and copying into it.
- * (See also read_buf()).
- */
-local void flush_pending(strm)
-    z_streamp strm;
-{
-    unsigned len = strm->state->pending;
-
-    if (len > strm->avail_out) len = strm->avail_out;
-    if (len == 0) return;
-
-    zmemcpy(strm->next_out, strm->state->pending_out, len);
-    strm->next_out  += len;
-    strm->state->pending_out  += len;
-    strm->total_out += len;
-    strm->avail_out  -= len;
-    strm->state->pending -= len;
-    if (strm->state->pending == 0) {
-        strm->state->pending_out = strm->state->pending_buf;
-    }
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflate (strm, flush)
-    z_streamp strm;
-    int flush;
-{
-    int old_flush; /* value of flush param for previous deflate call */
-    deflate_state *s;
-
-    if (strm == Z_NULL || strm->state == Z_NULL ||
-	flush > Z_FINISH || flush < 0) {
-        return Z_STREAM_ERROR;
-    }
-    s = strm->state;
-
-    if (strm->next_out == Z_NULL ||
-        (strm->next_in == Z_NULL && strm->avail_in != 0) ||
-	(s->status == FINISH_STATE && flush != Z_FINISH)) {
-        ERR_RETURN(strm, Z_STREAM_ERROR);
-    }
-    if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
-
-    s->strm = strm; /* just in case */
-    old_flush = s->last_flush;
-    s->last_flush = flush;
-
-    /* Write the zlib header */
-    if (s->status == INIT_STATE) {
-
-        uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
-        uInt level_flags = (s->level-1) >> 1;
-
-        if (level_flags > 3) level_flags = 3;
-        header |= (level_flags << 6);
-	if (s->strstart != 0) header |= PRESET_DICT;
-        header += 31 - (header % 31);
-
-        s->status = BUSY_STATE;
-        putShortMSB(s, header);
-
-	/* Save the adler32 of the preset dictionary: */
-	if (s->strstart != 0) {
-	    putShortMSB(s, (uInt)(strm->adler >> 16));
-	    putShortMSB(s, (uInt)(strm->adler & 0xffff));
-	}
-	strm->adler = 1L;
-    }
-
-    /* Flush as much pending output as possible */
-    if (s->pending != 0) {
-        flush_pending(strm);
-        if (strm->avail_out == 0) {
-	    /* Since avail_out is 0, deflate will be called again with
-	     * more output space, but possibly with both pending and
-	     * avail_in equal to zero. There won't be anything to do,
-	     * but this is not an error situation so make sure we
-	     * return OK instead of BUF_ERROR at next call of deflate:
-             */
-	    s->last_flush = -1;
-	    return Z_OK;
-	}
-
-    /* Make sure there is something to do and avoid duplicate consecutive
-     * flushes. For repeated and useless calls with Z_FINISH, we keep
-     * returning Z_STREAM_END instead of Z_BUFF_ERROR.
-     */
-    } else if (strm->avail_in == 0 && flush <= old_flush &&
-	       flush != Z_FINISH) {
-        ERR_RETURN(strm, Z_BUF_ERROR);
-    }
-
-    /* User must not provide more input after the first FINISH: */
-    if (s->status == FINISH_STATE && strm->avail_in != 0) {
-        ERR_RETURN(strm, Z_BUF_ERROR);
-    }
-
-    /* Start a new block or continue the current one.
-     */
-    if (strm->avail_in != 0 || s->lookahead != 0 ||
-        (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
-        block_state bstate;
-
-	bstate = (*(configuration_table[s->level].func))(s, flush);
-
-        if (bstate == finish_started || bstate == finish_done) {
-            s->status = FINISH_STATE;
-        }
-        if (bstate == need_more || bstate == finish_started) {
-	    if (strm->avail_out == 0) {
-	        s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
-	    }
-	    return Z_OK;
-	    /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
-	     * of deflate should use the same flush parameter to make sure
-	     * that the flush is complete. So we don't have to output an
-	     * empty block here, this will be done at next call. This also
-	     * ensures that for a very small output buffer, we emit at most
-	     * one empty block.
-	     */
-	}
-        if (bstate == block_done) {
-            if (flush == Z_PARTIAL_FLUSH) {
-                _tr_align(s);
-            } else { /* FULL_FLUSH or SYNC_FLUSH */
-                _tr_stored_block(s, (char*)0, 0L, 0);
-                /* For a full flush, this empty block will be recognized
-                 * as a special marker by inflate_sync().
-                 */
-                if (flush == Z_FULL_FLUSH) {
-                    CLEAR_HASH(s);             /* forget history */
-                }
-            }
-            flush_pending(strm);
-	    if (strm->avail_out == 0) {
-	      s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
-	      return Z_OK;
-	    }
-        }
-    }
-    Assert(strm->avail_out > 0, "bug2");
-
-    if (flush != Z_FINISH) return Z_OK;
-    if (s->noheader) return Z_STREAM_END;
-
-    /* Write the zlib trailer (adler32) */
-    putShortMSB(s, (uInt)(strm->adler >> 16));
-    putShortMSB(s, (uInt)(strm->adler & 0xffff));
-    flush_pending(strm);
-    /* If avail_out is zero, the application will call deflate again
-     * to flush the rest.
-     */
-    s->noheader = -1; /* write the trailer only once! */
-    return s->pending != 0 ? Z_OK : Z_STREAM_END;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateEnd (strm)
-    z_streamp strm;
-{
-    int status;
-
-    if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-
-    /* Deallocate in reverse order of allocations: */
-    TRY_FREE(strm, strm->state->pending_buf);
-    TRY_FREE(strm, strm->state->head);
-    TRY_FREE(strm, strm->state->prev);
-    TRY_FREE(strm, strm->state->window);
-
-    status = strm->state->status;
-    ZFREE(strm, strm->state);
-    strm->state = Z_NULL;
-
-    return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateCopy (dest, source)
-    z_streamp dest;
-    z_streamp source;
-{
-    if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
-        return Z_STREAM_ERROR;
-    }
-    *dest = *source;
-    return Z_STREAM_ERROR; /* to be implemented */
-#if 0
-    dest->state = (struct internal_state FAR *)
-        (*dest->zalloc)(1, sizeof(deflate_state));
-    if (dest->state == Z_NULL) return Z_MEM_ERROR;
-
-    *(dest->state) = *(source->state);
-    return Z_OK;
-#endif
-}
-
-/* ===========================================================================
- * Read a new buffer from the current input stream, update the adler32
- * and total number of bytes read.  All deflate() input goes through
- * this function so some applications may wish to modify it to avoid
- * allocating a large strm->next_in buffer and copying from it.
- * (See also flush_pending()).
- */
-local int read_buf(strm, buf, size)
-    z_streamp strm;
-    charf *buf;
-    unsigned size;
-{
-    unsigned len = strm->avail_in;
-
-    if (len > size) len = size;
-    if (len == 0) return 0;
-
-    strm->avail_in  -= len;
-
-    if (!strm->state->noheader) {
-        strm->adler = adler32(strm->adler, strm->next_in, len);
-    }
-    zmemcpy(buf, strm->next_in, len);
-    strm->next_in  += len;
-    strm->total_in += len;
-
-    return (int)len;
-}
-
-/* ===========================================================================
- * Initialize the "longest match" routines for a new zlib stream
- */
-local void lm_init (s)
-    deflate_state *s;
-{
-    s->window_size = (ulg)2L*s->w_size;
-
-    CLEAR_HASH(s);
-
-    /* Set the default configuration parameters:
-     */
-    s->max_lazy_match   = configuration_table[s->level].max_lazy;
-    s->good_match       = configuration_table[s->level].good_length;
-    s->nice_match       = configuration_table[s->level].nice_length;
-    s->max_chain_length = configuration_table[s->level].max_chain;
-
-    s->strstart = 0;
-    s->block_start = 0L;
-    s->lookahead = 0;
-    s->match_length = s->prev_length = MIN_MATCH-1;
-    s->match_available = 0;
-    s->ins_h = 0;
-#ifdef ASMV
-    match_init(); /* initialize the asm code */
-#endif
-}
-
-/* ===========================================================================
- * Set match_start to the longest match starting at the given string and
- * return its length. Matches shorter or equal to prev_length are discarded,
- * in which case the result is equal to prev_length and match_start is
- * garbage.
- * IN assertions: cur_match is the head of the hash chain for the current
- *   string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
- * OUT assertion: the match length is not greater than s->lookahead.
- */
-#ifndef ASMV
-/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
- * match.S. The code will be functionally equivalent.
- */
-local uInt longest_match(s, cur_match)
-    deflate_state *s;
-    IPos cur_match;                             /* current match */
-{
-    unsigned chain_length = s->max_chain_length;/* max hash chain length */
-    register Bytef *scan = s->window + s->strstart; /* current string */
-    register Bytef *match;                       /* matched string */
-    register int len;                           /* length of current match */
-    int best_len = s->prev_length;              /* best match length so far */
-    int nice_match = s->nice_match;             /* stop if match long enough */
-    IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
-        s->strstart - (IPos)MAX_DIST(s) : NIL;
-    /* Stop when cur_match becomes <= limit. To simplify the code,
-     * we prevent matches with the string of window index 0.
-     */
-    Posf *prev = s->prev;
-    uInt wmask = s->w_mask;
-
-#ifdef UNALIGNED_OK
-    /* Compare two bytes at a time. Note: this is not always beneficial.
-     * Try with and without -DUNALIGNED_OK to check.
-     */
-    register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
-    register ush scan_start = *(ushf*)scan;
-    register ush scan_end   = *(ushf*)(scan+best_len-1);
-#else
-    register Bytef *strend = s->window + s->strstart + MAX_MATCH;
-    register Byte scan_end1  = scan[best_len-1];
-    register Byte scan_end   = scan[best_len];
-#endif
-
-    /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
-     * It is easy to get rid of this optimization if necessary.
-     */
-    Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-
-    /* Do not waste too much time if we already have a good match: */
-    if (s->prev_length >= s->good_match) {
-        chain_length >>= 2;
-    }
-    /* Do not look for matches beyond the end of the input. This is necessary
-     * to make deflate deterministic.
-     */
-    if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
-
-    Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-
-    do {
-        Assert(cur_match < s->strstart, "no future");
-        match = s->window + cur_match;
-
-        /* Skip to next match if the match length cannot increase
-         * or if the match length is less than 2:
-         */
-#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
-        /* This code assumes sizeof(unsigned short) == 2. Do not use
-         * UNALIGNED_OK if your compiler uses a different size.
-         */
-        if (*(ushf*)(match+best_len-1) != scan_end ||
-            *(ushf*)match != scan_start) continue;
-
-        /* It is not necessary to compare scan[2] and match[2] since they are
-         * always equal when the other bytes match, given that the hash keys
-         * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
-         * strstart+3, +5, ... up to strstart+257. We check for insufficient
-         * lookahead only every 4th comparison; the 128th check will be made
-         * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
-         * necessary to put more guard bytes at the end of the window, or
-         * to check more often for insufficient lookahead.
-         */
-        Assert(scan[2] == match[2], "scan[2]?");
-        scan++, match++;
-        do {
-        } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-                 *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-                 *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-                 *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
-                 scan < strend);
-        /* The funny "do {}" generates better code on most compilers */
-
-        /* Here, scan <= window+strstart+257 */
-        Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-        if (*scan == *match) scan++;
-
-        len = (MAX_MATCH - 1) - (int)(strend-scan);
-        scan = strend - (MAX_MATCH-1);
-
-#else /* UNALIGNED_OK */
-
-        if (match[best_len]   != scan_end  ||
-            match[best_len-1] != scan_end1 ||
-            *match            != *scan     ||
-            *++match          != scan[1])      continue;
-
-        /* The check at best_len-1 can be removed because it will be made
-         * again later. (This heuristic is not always a win.)
-         * It is not necessary to compare scan[2] and match[2] since they
-         * are always equal when the other bytes match, given that
-         * the hash keys are equal and that HASH_BITS >= 8.
-         */
-        scan += 2, match++;
-        Assert(*scan == *match, "match[2]?");
-
-        /* We check for insufficient lookahead only every 8th comparison;
-         * the 256th check will be made at strstart+258.
-         */
-        do {
-        } while (*++scan == *++match && *++scan == *++match &&
-                 *++scan == *++match && *++scan == *++match &&
-                 *++scan == *++match && *++scan == *++match &&
-                 *++scan == *++match && *++scan == *++match &&
-                 scan < strend);
-
-        Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-
-        len = MAX_MATCH - (int)(strend - scan);
-        scan = strend - MAX_MATCH;
-
-#endif /* UNALIGNED_OK */
-
-        if (len > best_len) {
-            s->match_start = cur_match;
-            best_len = len;
-            if (len >= nice_match) break;
-#ifdef UNALIGNED_OK
-            scan_end = *(ushf*)(scan+best_len-1);
-#else
-            scan_end1  = scan[best_len-1];
-            scan_end   = scan[best_len];
-#endif
-        }
-    } while ((cur_match = prev[cur_match & wmask]) > limit
-             && --chain_length != 0);
-
-    if ((uInt)best_len <= s->lookahead) return best_len;
-    return s->lookahead;
-}
-#endif /* ASMV */
-
-#ifdef DEBUG_NEVER
-/* ===========================================================================
- * Check that the match at match_start is indeed a match.
- */
-local void check_match(s, start, match, length)
-    deflate_state *s;
-    IPos start, match;
-    int length;
-{
-    /* check that the match is indeed a match */
-    if (zmemcmp((charf *)s->window + match,
-                (charf *)s->window + start, length) != EQUAL) {
-#if 0
-        fprintf(stderr, " start %u, match %u, length %d\n",
-		start, match, length);
-#endif
-        do {
-	    fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
-	} while (--length != 0);
-        z_error("invalid match");
-    }
-    if (verbose > 1) {
-        fprintf(stderr,"\\[%d,%d]", start-match, length);
-        do { putc(s->window[start++], stderr); } while (--length != 0);
-    }
-}
-#else
-#  define check_match(s, start, match, length)
-#endif
-
-/* ===========================================================================
- * Fill the window when the lookahead becomes insufficient.
- * Updates strstart and lookahead.
- *
- * IN assertion: lookahead < MIN_LOOKAHEAD
- * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
- *    At least one byte has been read, or avail_in == 0; reads are
- *    performed for at least two bytes (required for the zip translate_eol
- *    option -- not supported here).
- */
-local void fill_window(s)
-    deflate_state *s;
-{
-    register unsigned n, m;
-    register Posf *p;
-    unsigned more;    /* Amount of free space at the end of the window. */
-    uInt wsize = s->w_size;
-
-    do {
-        more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
-
-        /* Deal with !@#$% 64K limit: */
-        if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
-            more = wsize;
-
-        } else if (more == (unsigned)(-1)) {
-            /* Very unlikely, but possible on 16 bit machine if strstart == 0
-             * and lookahead == 1 (input done one byte at time)
-             */
-            more--;
-
-        /* If the window is almost full and there is insufficient lookahead,
-         * move the upper half to the lower one to make room in the upper half.
-         */
-        } else if (s->strstart >= wsize+MAX_DIST(s)) {
-
-            zmemcpy((charf *)s->window, (charf *)s->window+wsize,
-                   (unsigned)wsize);
-            s->match_start -= wsize;
-            s->strstart    -= wsize; /* we now have strstart >= MAX_DIST */
-
-            s->block_start -= (long) wsize;
-
-            /* Slide the hash table (could be avoided with 32 bit values
-               at the expense of memory usage):
-             */
-            n = s->hash_size;
-            p = &s->head[n];
-            do {
-                m = *--p;
-                *p = (Pos)(m >= wsize ? m-wsize : NIL);
-            } while (--n);
-
-            n = wsize;
-            p = &s->prev[n];
-            do {
-                m = *--p;
-                *p = (Pos)(m >= wsize ? m-wsize : NIL);
-                /* If n is not on any hash chain, prev[n] is garbage but
-                 * its value will never be used.
-                 */
-            } while (--n);
-
-            more += wsize;
-        }
-        if (s->strm->avail_in == 0) return;
-
-        /* If there was no sliding:
-         *    strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
-         *    more == window_size - lookahead - strstart
-         * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
-         * => more >= window_size - 2*WSIZE + 2
-         * In the BIG_MEM or MMAP case (not yet supported),
-         *   window_size == input_size + MIN_LOOKAHEAD  &&
-         *   strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
-         * Otherwise, window_size == 2*WSIZE so more >= 2.
-         * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
-         */
-        Assert(more >= 2, "more < 2");
-
-        n = read_buf(s->strm, (charf *)s->window + s->strstart + s->lookahead,
-                     more);
-        s->lookahead += n;
-
-        /* Initialize the hash value now that we have some input: */
-        if (s->lookahead >= MIN_MATCH) {
-            s->ins_h = s->window[s->strstart];
-            UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-#if MIN_MATCH != 3
-            Call UPDATE_HASH() MIN_MATCH-3 more times
-#endif
-        }
-        /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
-         * but this is not important since only literal bytes will be emitted.
-         */
-
-    } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
-}
-
-/* ===========================================================================
- * Flush the current block, with given end-of-file flag.
- * IN assertion: strstart is set to the end of the current match.
- */
-#define FLUSH_BLOCK_ONLY(s, eof) { \
-   _tr_flush_block(s, (s->block_start >= 0L ? \
-                   (charf *)&s->window[(unsigned)s->block_start] : \
-                   (charf *)Z_NULL), \
-		(ulg)((long)s->strstart - s->block_start), \
-		(eof)); \
-   s->block_start = s->strstart; \
-   flush_pending(s->strm); \
-   Tracev((stderr,"[FLUSH]")); \
-}
-
-/* Same but force premature exit if necessary. */
-#define FLUSH_BLOCK(s, eof) { \
-   FLUSH_BLOCK_ONLY(s, eof); \
-   if (s->strm->avail_out == 0) return (eof) ? finish_started : need_more; \
-}
-
-/* ===========================================================================
- * Copy without compression as much as possible from the input stream, return
- * the current block state.
- * This function does not insert new strings in the dictionary since
- * uncompressible data is probably not useful. This function is used
- * only for the level=0 compression option.
- * NOTE: this function should be optimized to avoid extra copying.
- */
-local block_state deflate_stored(s, flush)
-    deflate_state *s;
-    int flush;
-{
-    for (;;) {
-        /* Fill the window as much as possible: */
-        if (s->lookahead <= 1) {
-
-            Assert(s->strstart < s->w_size+MAX_DIST(s) ||
-		   s->block_start >= (long)s->w_size, "slide too late");
-
-            fill_window(s);
-            if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
-
-            if (s->lookahead == 0) break; /* flush the current block */
-        }
-	Assert(s->block_start >= 0L, "block gone");
-
-	s->strstart += s->lookahead;
-	s->lookahead = 0;
-
-        /* Stored blocks are limited to 0xffff bytes: */
-        if (s->strstart == 0 || s->strstart > 0xfffe) {
-	    /* strstart == 0 is possible when wraparound on 16-bit machine */
-	    s->lookahead = s->strstart - 0xffff;
-	    s->strstart = 0xffff;
-	}
-
-	/* Emit a stored block if it is large enough: */
-        if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
-            FLUSH_BLOCK(s, 0);
-	}
-    }
-    FLUSH_BLOCK(s, flush == Z_FINISH);
-    return flush == Z_FINISH ? finish_done : block_done;
-}
-
-/* ===========================================================================
- * Compress as much as possible from the input stream, return the current
- * block state.
- * This function does not perform lazy evaluation of matches and inserts
- * new strings in the dictionary only for unmatched strings or for short
- * matches. It is used only for the fast compression options.
- */
-local block_state deflate_fast(s, flush)
-    deflate_state *s;
-    int flush;
-{
-    IPos hash_head = NIL; /* head of the hash chain */
-    int bflush;           /* set if current block must be flushed */
-
-    for (;;) {
-        /* Make sure that we always have enough lookahead, except
-         * at the end of the input file. We need MAX_MATCH bytes
-         * for the next match, plus MIN_MATCH bytes to insert the
-         * string following the next match.
-         */
-        if (s->lookahead < MIN_LOOKAHEAD) {
-            fill_window(s);
-            if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
-	        return need_more;
-	    }
-            if (s->lookahead == 0) break; /* flush the current block */
-        }
-
-        /* Insert the string window[strstart .. strstart+2] in the
-         * dictionary, and set hash_head to the head of the hash chain:
-         */
-        if (s->lookahead >= MIN_MATCH) {
-            INSERT_STRING(s, s->strstart, hash_head);
-        }
-
-        /* Find the longest match, discarding those <= prev_length.
-         * At this point we have always match_length < MIN_MATCH
-         */
-        if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
-            /* To simplify the code, we prevent matches with the string
-             * of window index 0 (in particular we have to avoid a match
-             * of the string with itself at the start of the input file).
-             */
-            if (s->strategy != Z_HUFFMAN_ONLY) {
-                s->match_length = longest_match (s, hash_head);
-            }
-            /* longest_match() sets match_start */
-        }
-        if (s->match_length >= MIN_MATCH) {
-            check_match(s, s->strstart, s->match_start, s->match_length);
-
-            bflush = _tr_tally(s, s->strstart - s->match_start,
-                               s->match_length - MIN_MATCH);
-
-            s->lookahead -= s->match_length;
-
-            /* Insert new strings in the hash table only if the match length
-             * is not too large. This saves time but degrades compression.
-             */
-            if (s->match_length <= s->max_insert_length &&
-                s->lookahead >= MIN_MATCH) {
-                s->match_length--; /* string at strstart already in hash table */
-                do {
-                    s->strstart++;
-                    INSERT_STRING(s, s->strstart, hash_head);
-                    /* strstart never exceeds WSIZE-MAX_MATCH, so there are
-                     * always MIN_MATCH bytes ahead.
-                     */
-                } while (--s->match_length != 0);
-                s->strstart++; 
-            } else {
-                s->strstart += s->match_length;
-                s->match_length = 0;
-                s->ins_h = s->window[s->strstart];
-                UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-#if MIN_MATCH != 3
-                Call UPDATE_HASH() MIN_MATCH-3 more times
-#endif
-                /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
-                 * matter since it will be recomputed at next deflate call.
-                 */
-            }
-        } else {
-            /* No match, output a literal byte */
-            Tracevv((stderr,"%c", s->window[s->strstart]));
-            bflush = _tr_tally (s, 0, s->window[s->strstart]);
-            s->lookahead--;
-            s->strstart++; 
-        }
-        if (bflush) FLUSH_BLOCK(s, 0);
-    }
-    FLUSH_BLOCK(s, flush == Z_FINISH);
-    return flush == Z_FINISH ? finish_done : block_done;
-}
-
-/* ===========================================================================
- * Same as above, but achieves better compression. We use a lazy
- * evaluation for matches: a match is finally adopted only if there is
- * no better match at the next window position.
- */
-local block_state deflate_slow(s, flush)
-    deflate_state *s;
-    int flush;
-{
-    IPos hash_head = NIL;    /* head of hash chain */
-    int bflush;              /* set if current block must be flushed */
-
-    /* Process the input block. */
-    for (;;) {
-        /* Make sure that we always have enough lookahead, except
-         * at the end of the input file. We need MAX_MATCH bytes
-         * for the next match, plus MIN_MATCH bytes to insert the
-         * string following the next match.
-         */
-        if (s->lookahead < MIN_LOOKAHEAD) {
-            fill_window(s);
-            if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
-	        return need_more;
-	    }
-            if (s->lookahead == 0) break; /* flush the current block */
-        }
-
-        /* Insert the string window[strstart .. strstart+2] in the
-         * dictionary, and set hash_head to the head of the hash chain:
-         */
-        if (s->lookahead >= MIN_MATCH) {
-            INSERT_STRING(s, s->strstart, hash_head);
-        }
-
-        /* Find the longest match, discarding those <= prev_length.
-         */
-        s->prev_length = s->match_length, s->prev_match = s->match_start;
-        s->match_length = MIN_MATCH-1;
-
-        if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
-            s->strstart - hash_head <= MAX_DIST(s)) {
-            /* To simplify the code, we prevent matches with the string
-             * of window index 0 (in particular we have to avoid a match
-             * of the string with itself at the start of the input file).
-             */
-            if (s->strategy != Z_HUFFMAN_ONLY) {
-                s->match_length = longest_match (s, hash_head);
-            }
-            /* longest_match() sets match_start */
-
-            if (s->match_length <= 5 && (s->strategy == Z_FILTERED ||
-                 (s->match_length == MIN_MATCH &&
-                  s->strstart - s->match_start > TOO_FAR))) {
-
-                /* If prev_match is also MIN_MATCH, match_start is garbage
-                 * but we will ignore the current match anyway.
-                 */
-                s->match_length = MIN_MATCH-1;
-            }
-        }
-        /* If there was a match at the previous step and the current
-         * match is not better, output the previous match:
-         */
-        if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
-            uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
-            /* Do not insert strings in hash table beyond this. */
-
-            check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-
-            bflush = _tr_tally(s, s->strstart -1 - s->prev_match,
-                               s->prev_length - MIN_MATCH);
-
-            /* Insert in hash table all strings up to the end of the match.
-             * strstart-1 and strstart are already inserted. If there is not
-             * enough lookahead, the last two strings are not inserted in
-             * the hash table.
-             */
-            s->lookahead -= s->prev_length-1;
-            s->prev_length -= 2;
-            do {
-                if (++s->strstart <= max_insert) {
-                    INSERT_STRING(s, s->strstart, hash_head);
-                }
-            } while (--s->prev_length != 0);
-            s->match_available = 0;
-            s->match_length = MIN_MATCH-1;
-            s->strstart++;
-
-            if (bflush) FLUSH_BLOCK(s, 0);
-
-        } else if (s->match_available) {
-            /* If there was no match at the previous position, output a
-             * single literal. If there was a match but the current match
-             * is longer, truncate the previous match to a single literal.
-             */
-            Tracevv((stderr,"%c", s->window[s->strstart-1]));
-            if (_tr_tally (s, 0, s->window[s->strstart-1])) {
-                FLUSH_BLOCK_ONLY(s, 0);
-            }
-            s->strstart++;
-            s->lookahead--;
-            if (s->strm->avail_out == 0) return need_more;
-        } else {
-            /* There is no previous match to compare with, wait for
-             * the next step to decide.
-             */
-            s->match_available = 1;
-            s->strstart++;
-            s->lookahead--;
-        }
-    }
-    Assert (flush != Z_NO_FLUSH, "no flush?");
-    if (s->match_available) {
-        Tracevv((stderr,"%c", s->window[s->strstart-1]));
-        _tr_tally (s, 0, s->window[s->strstart-1]);
-        s->match_available = 0;
-    }
-    FLUSH_BLOCK(s, flush == Z_FINISH);
-    return flush == Z_FINISH ? finish_done : block_done;
-}
diff --git a/security/nss/cmd/zlib/deflate.h b/security/nss/cmd/zlib/deflate.h
deleted file mode 100644
index 410b21984..000000000
--- a/security/nss/cmd/zlib/deflate.h
+++ /dev/null
@@ -1,275 +0,0 @@
-/* deflate.h -- internal compression state
- * Copyright (C) 1995-1996 Jean-loup Gailly
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-/* $Id$ */
-
-#ifndef _DEFLATE_H
-#define _DEFLATE_H
-
-#include "zutil.h"
-
-/* ===========================================================================
- * Internal compression state.
- */
-
-#define LENGTH_CODES 29
-/* number of length codes, not counting the special END_BLOCK code */
-
-#define LITERALS  256
-/* number of literal bytes 0..255 */
-
-#define L_CODES (LITERALS+1+LENGTH_CODES)
-/* number of Literal or Length codes, including the END_BLOCK code */
-
-#define D_CODES   30
-/* number of distance codes */
-
-#define BL_CODES  19
-/* number of codes used to transfer the bit lengths */
-
-#define HEAP_SIZE (2*L_CODES+1)
-/* maximum heap size */
-
-#define MAX_BITS 15
-/* All codes must not exceed MAX_BITS bits */
-
-#define INIT_STATE    42
-#define BUSY_STATE   113
-#define FINISH_STATE 666
-/* Stream status */
-
-
-/* Data structure describing a single value and its code string. */
-typedef struct ct_data_s {
-    union {
-        ush  freq;       /* frequency count */
-        ush  code;       /* bit string */
-    } fc;
-    union {
-        ush  dad;        /* father node in Huffman tree */
-        ush  len;        /* length of bit string */
-    } dl;
-} FAR ct_data;
-
-#define Freq fc.freq
-#define Code fc.code
-#define Dad  dl.dad
-#define Len  dl.len
-
-typedef struct static_tree_desc_s  static_tree_desc;
-
-typedef struct tree_desc_s {
-    ct_data *dyn_tree;           /* the dynamic tree */
-    int     max_code;            /* largest code with non zero frequency */
-    static_tree_desc *stat_desc; /* the corresponding static tree */
-} FAR tree_desc;
-
-typedef ush Pos;
-typedef Pos FAR Posf;
-typedef unsigned IPos;
-
-/* A Pos is an index in the character window. We use short instead of int to
- * save space in the various tables. IPos is used only for parameter passing.
- */
-
-typedef struct internal_state {
-    z_streamp strm;      /* pointer back to this zlib stream */
-    int   status;        /* as the name implies */
-    Bytef *pending_buf;  /* output still pending */
-    Bytef *pending_out;  /* next pending byte to output to the stream */
-    int   pending;       /* nb of bytes in the pending buffer */
-    int   noheader;      /* suppress zlib header and adler32 */
-    Byte  data_type;     /* UNKNOWN, BINARY or ASCII */
-    Byte  method;        /* STORED (for zip only) or DEFLATED */
-    int   last_flush;    /* value of flush param for previous deflate call */
-
-                /* used by deflate.c: */
-
-    uInt  w_size;        /* LZ77 window size (32K by default) */
-    uInt  w_bits;        /* log2(w_size)  (8..16) */
-    uInt  w_mask;        /* w_size - 1 */
-
-    Bytef *window;
-    /* Sliding window. Input bytes are read into the second half of the window,
-     * and move to the first half later to keep a dictionary of at least wSize
-     * bytes. With this organization, matches are limited to a distance of
-     * wSize-MAX_MATCH bytes, but this ensures that IO is always
-     * performed with a length multiple of the block size. Also, it limits
-     * the window size to 64K, which is quite useful on MSDOS.
-     * To do: use the user input buffer as sliding window.
-     */
-
-    ulg window_size;
-    /* Actual size of window: 2*wSize, except when the user input buffer
-     * is directly used as sliding window.
-     */
-
-    Posf *prev;
-    /* Link to older string with same hash index. To limit the size of this
-     * array to 64K, this link is maintained only for the last 32K strings.
-     * An index in this array is thus a window index modulo 32K.
-     */
-
-    Posf *head; /* Heads of the hash chains or NIL. */
-
-    uInt  ins_h;          /* hash index of string to be inserted */
-    uInt  hash_size;      /* number of elements in hash table */
-    uInt  hash_bits;      /* log2(hash_size) */
-    uInt  hash_mask;      /* hash_size-1 */
-
-    uInt  hash_shift;
-    /* Number of bits by which ins_h must be shifted at each input
-     * step. It must be such that after MIN_MATCH steps, the oldest
-     * byte no longer takes part in the hash key, that is:
-     *   hash_shift * MIN_MATCH >= hash_bits
-     */
-
-    long block_start;
-    /* Window position at the beginning of the current output block. Gets
-     * negative when the window is moved backwards.
-     */
-
-    uInt match_length;           /* length of best match */
-    IPos prev_match;             /* previous match */
-    int match_available;         /* set if previous match exists */
-    uInt strstart;               /* start of string to insert */
-    uInt match_start;            /* start of matching string */
-    uInt lookahead;              /* number of valid bytes ahead in window */
-
-    uInt prev_length;
-    /* Length of the best match at previous step. Matches not greater than this
-     * are discarded. This is used in the lazy match evaluation.
-     */
-
-    uInt max_chain_length;
-    /* To speed up deflation, hash chains are never searched beyond this
-     * length.  A higher limit improves compression ratio but degrades the
-     * speed.
-     */
-
-    uInt max_lazy_match;
-    /* Attempt to find a better match only when the current match is strictly
-     * smaller than this value. This mechanism is used only for compression
-     * levels >= 4.
-     */
-#   define max_insert_length  max_lazy_match
-    /* Insert new strings in the hash table only if the match length is not
-     * greater than this length. This saves time but degrades compression.
-     * max_insert_length is used only for compression levels <= 3.
-     */
-
-    int level;    /* compression level (1..9) */
-    int strategy; /* favor or force Huffman coding*/
-
-    uInt good_match;
-    /* Use a faster search when the previous match is longer than this */
-
-    int nice_match; /* Stop searching when current match exceeds this */
-
-                /* used by trees.c: */
-    /* Didn't use ct_data typedef below to supress compiler warning */
-    struct ct_data_s dyn_ltree[HEAP_SIZE];   /* literal and length tree */
-    struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
-    struct ct_data_s bl_tree[2*BL_CODES+1];  /* Huffman tree for bit lengths */
-
-    struct tree_desc_s l_desc;               /* desc. for literal tree */
-    struct tree_desc_s d_desc;               /* desc. for distance tree */
-    struct tree_desc_s bl_desc;              /* desc. for bit length tree */
-
-    ush bl_count[MAX_BITS+1];
-    /* number of codes at each bit length for an optimal tree */
-
-    int heap[2*L_CODES+1];      /* heap used to build the Huffman trees */
-    int heap_len;               /* number of elements in the heap */
-    int heap_max;               /* element of largest frequency */
-    /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
-     * The same heap array is used to build all trees.
-     */
-
-    uch depth[2*L_CODES+1];
-    /* Depth of each subtree used as tie breaker for trees of equal frequency
-     */
-
-    uchf *l_buf;          /* buffer for literals or lengths */
-
-    uInt  lit_bufsize;
-    /* Size of match buffer for literals/lengths.  There are 4 reasons for
-     * limiting lit_bufsize to 64K:
-     *   - frequencies can be kept in 16 bit counters
-     *   - if compression is not successful for the first block, all input
-     *     data is still in the window so we can still emit a stored block even
-     *     when input comes from standard input.  (This can also be done for
-     *     all blocks if lit_bufsize is not greater than 32K.)
-     *   - if compression is not successful for a file smaller than 64K, we can
-     *     even emit a stored file instead of a stored block (saving 5 bytes).
-     *     This is applicable only for zip (not gzip or zlib).
-     *   - creating new Huffman trees less frequently may not provide fast
-     *     adaptation to changes in the input data statistics. (Take for
-     *     example a binary file with poorly compressible code followed by
-     *     a highly compressible string table.) Smaller buffer sizes give
-     *     fast adaptation but have of course the overhead of transmitting
-     *     trees more frequently.
-     *   - I can't count above 4
-     */
-
-    uInt last_lit;      /* running index in l_buf */
-
-    ushf *d_buf;
-    /* Buffer for distances. To simplify the code, d_buf and l_buf have
-     * the same number of elements. To use different lengths, an extra flag
-     * array would be necessary.
-     */
-
-    ulg opt_len;        /* bit length of current block with optimal trees */
-    ulg static_len;     /* bit length of current block with static trees */
-    ulg compressed_len; /* total bit length of compressed file */
-    uInt matches;       /* number of string matches in current block */
-    int last_eob_len;   /* bit length of EOB code for last block */
-
-#ifdef DEBUG
-    ulg bits_sent;      /* bit length of the compressed data */
-#endif
-
-    ush bi_buf;
-    /* Output buffer. bits are inserted starting at the bottom (least
-     * significant bits).
-     */
-    int bi_valid;
-    /* Number of valid bits in bi_buf.  All bits above the last valid bit
-     * are always zero.
-     */
-
-} FAR deflate_state;
-
-/* Output a byte on the stream.
- * IN assertion: there is enough room in pending_buf.
- */
-#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
-
-
-#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-/* Minimum amount of lookahead, except at the end of the input file.
- * See deflate.c for comments about the MIN_MATCH+1.
- */
-
-#define MAX_DIST(s)  ((s)->w_size-MIN_LOOKAHEAD)
-/* In order to simplify the code, particularly on 16 bit machines, match
- * distances are limited to MAX_DIST instead of WSIZE.
- */
-
-        /* in trees.c */
-void _tr_init         OF((deflate_state *s));
-int  _tr_tally        OF((deflate_state *s, unsigned dist, unsigned lc));
-ulg  _tr_flush_block  OF((deflate_state *s, charf *buf, ulg stored_len,
-			  int eof));
-void _tr_align        OF((deflate_state *s));
-void _tr_stored_block OF((deflate_state *s, charf *buf, ulg stored_len,
-                          int eof));
-#endif
diff --git a/security/nss/cmd/zlib/example.c b/security/nss/cmd/zlib/example.c
deleted file mode 100644
index 7c9176094..000000000
--- a/security/nss/cmd/zlib/example.c
+++ /dev/null
@@ -1,503 +0,0 @@
-/* example.c -- usage example of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* $Id$ */
-
-#include <stdio.h>
-#include "zlib.h"
-
-#ifdef STDC
-#  include <string.h>
-#  include <stdlib.h>
-#else
-   extern void exit  OF((int));
-#endif
-
-#define CHECK_ERR(err, msg) { \
-    if (err != Z_OK) { \
-        fprintf(stderr, "%s error: %d\n", msg, err); \
-        exit(1); \
-    } \
-}
-
-const char hello[] = "hello, hello!";
-/* "hello world" would be more standard, but the repeated "hello"
- * stresses the compression code better, sorry...
- */
-
-const char dictionary[] = "hello";
-uLong dictId; /* Adler32 value of the dictionary */
-
-void test_compress      OF((Byte *compr, uLong comprLen,
-		            Byte *uncompr, uLong uncomprLen));
-void test_gzio          OF((const char *out, const char *in, 
-		            Byte *uncompr, int uncomprLen));
-void test_deflate       OF((Byte *compr, uLong comprLen));
-void test_inflate       OF((Byte *compr, uLong comprLen,
-		            Byte *uncompr, uLong uncomprLen));
-void test_large_deflate OF((Byte *compr, uLong comprLen,
-		            Byte *uncompr, uLong uncomprLen));
-void test_large_inflate OF((Byte *compr, uLong comprLen,
-		            Byte *uncompr, uLong uncomprLen));
-void test_flush         OF((Byte *compr, uLong comprLen));
-void test_sync          OF((Byte *compr, uLong comprLen,
-		            Byte *uncompr, uLong uncomprLen));
-void test_dict_deflate  OF((Byte *compr, uLong comprLen));
-void test_dict_inflate  OF((Byte *compr, uLong comprLen,
-		            Byte *uncompr, uLong uncomprLen));
-int  main               OF((int argc, char *argv[]));
-
-/* ===========================================================================
- * Test compress() and uncompress()
- */
-void test_compress(compr, comprLen, uncompr, uncomprLen)
-    Byte *compr, *uncompr;
-    uLong comprLen, uncomprLen;
-{
-    int err;
-    uLong len = strlen(hello)+1;
-
-    err = compress(compr, &comprLen, (const Bytef*)hello, len);
-    CHECK_ERR(err, "compress");
-
-    strcpy((char*)uncompr, "garbage");
-
-    err = uncompress(uncompr, &uncomprLen, compr, comprLen);
-    CHECK_ERR(err, "uncompress");
-
-    if (strcmp((char*)uncompr, hello)) {
-        fprintf(stderr, "bad uncompress\n");
-    } else {
-        printf("uncompress(): %s\n", uncompr);
-    }
-}
-
-/* ===========================================================================
- * Test read/write of .gz files
- */
-void test_gzio(out, in, uncompr, uncomprLen)
-    const char *out; /* output file */
-    const char *in;  /* input file */
-    Byte *uncompr;
-    int  uncomprLen;
-{
-    int err;
-    int len = strlen(hello)+1;
-    gzFile file;
-
-    file = gzopen(out, "wb");
-    if (file == NULL) {
-        fprintf(stderr, "gzopen error\n");
-        exit(1);
-    }
-
-    if (gzwrite(file, (const voidp)hello, (unsigned)len) != len) {
-        fprintf(stderr, "gzwrite err: %s\n", gzerror(file, &err));
-    }
-    gzclose(file);
-
-    file = gzopen(in, "rb");
-    if (file == NULL) {
-        fprintf(stderr, "gzopen error\n");
-    }
-    strcpy((char*)uncompr, "garbage");
-
-    uncomprLen = gzread(file, uncompr, (unsigned)uncomprLen);
-    if (uncomprLen != len) {
-        fprintf(stderr, "gzread err: %s\n", gzerror(file, &err));
-    }
-    gzclose(file);
-
-    if (strcmp((char*)uncompr, hello)) {
-        fprintf(stderr, "bad gzread\n");
-    } else {
-        printf("gzread(): %s\n", uncompr);
-    }
-}
-
-/* ===========================================================================
- * Test deflate() with small buffers
- */
-void test_deflate(compr, comprLen)
-    Byte *compr;
-    uLong comprLen;
-{
-    z_stream c_stream; /* compression stream */
-    int err;
-    int len = strlen(hello)+1;
-
-    c_stream.zalloc = (alloc_func)0;
-    c_stream.zfree = (free_func)0;
-    c_stream.opaque = (voidpf)0;
-
-    err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
-    CHECK_ERR(err, "deflateInit");
-
-    c_stream.next_in  = (Bytef*)hello;
-    c_stream.next_out = compr;
-
-    while (c_stream.total_in != (uLong)len && c_stream.total_out < comprLen) {
-        c_stream.avail_in = c_stream.avail_out = 1; /* force small buffers */
-        err = deflate(&c_stream, Z_NO_FLUSH);
-        CHECK_ERR(err, "deflate");
-    }
-    /* Finish the stream, still forcing small buffers: */
-    for (;;) {
-        c_stream.avail_out = 1;
-        err = deflate(&c_stream, Z_FINISH);
-        if (err == Z_STREAM_END) break;
-        CHECK_ERR(err, "deflate");
-    }
-
-    err = deflateEnd(&c_stream);
-    CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with small buffers
- */
-void test_inflate(compr, comprLen, uncompr, uncomprLen)
-    Byte *compr, *uncompr;
-    uLong comprLen, uncomprLen;
-{
-    int err;
-    z_stream d_stream; /* decompression stream */
-
-    strcpy((char*)uncompr, "garbage");
-
-    d_stream.zalloc = (alloc_func)0;
-    d_stream.zfree = (free_func)0;
-    d_stream.opaque = (voidpf)0;
-
-    err = inflateInit(&d_stream);
-    CHECK_ERR(err, "inflateInit");
-
-    d_stream.next_in  = compr;
-    d_stream.next_out = uncompr;
-
-    while (d_stream.total_out < uncomprLen && d_stream.total_in < comprLen) {
-        d_stream.avail_in = d_stream.avail_out = 1; /* force small buffers */
-        err = inflate(&d_stream, Z_NO_FLUSH);
-        if (err == Z_STREAM_END) break;
-        CHECK_ERR(err, "inflate");
-    }
-
-    err = inflateEnd(&d_stream);
-    CHECK_ERR(err, "inflateEnd");
-
-    if (strcmp((char*)uncompr, hello)) {
-        fprintf(stderr, "bad inflate\n");
-    } else {
-        printf("inflate(): %s\n", uncompr);
-    }
-}
-
-/* ===========================================================================
- * Test deflate() with large buffers and dynamic change of compression level
- */
-void test_large_deflate(compr, comprLen, uncompr, uncomprLen)
-    Byte *compr, *uncompr;
-    uLong comprLen, uncomprLen;
-{
-    z_stream c_stream; /* compression stream */
-    int err;
-
-    c_stream.zalloc = (alloc_func)0;
-    c_stream.zfree = (free_func)0;
-    c_stream.opaque = (voidpf)0;
-
-    err = deflateInit(&c_stream, Z_BEST_SPEED);
-    CHECK_ERR(err, "deflateInit");
-
-    c_stream.next_out = compr;
-    c_stream.avail_out = (uInt)comprLen;
-
-    /* At this point, uncompr is still mostly zeroes, so it should compress
-     * very well:
-     */
-    c_stream.next_in = uncompr;
-    c_stream.avail_in = (uInt)uncomprLen;
-    err = deflate(&c_stream, Z_NO_FLUSH);
-    CHECK_ERR(err, "deflate");
-    if (c_stream.avail_in != 0) {
-        fprintf(stderr, "deflate not greedy\n");
-    }
-
-    /* Feed in already compressed data and switch to no compression: */
-    deflateParams(&c_stream, Z_NO_COMPRESSION, Z_DEFAULT_STRATEGY);
-    c_stream.next_in = compr;
-    c_stream.avail_in = (uInt)comprLen/2;
-    err = deflate(&c_stream, Z_NO_FLUSH);
-    CHECK_ERR(err, "deflate");
-
-    /* Switch back to compressing mode: */
-    deflateParams(&c_stream, Z_BEST_COMPRESSION, Z_FILTERED);
-    c_stream.next_in = uncompr;
-    c_stream.avail_in = (uInt)uncomprLen;
-    err = deflate(&c_stream, Z_NO_FLUSH);
-    CHECK_ERR(err, "deflate");
-
-    err = deflate(&c_stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        fprintf(stderr, "deflate should report Z_STREAM_END\n");
-    }
-    err = deflateEnd(&c_stream);
-    CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with large buffers
- */
-void test_large_inflate(compr, comprLen, uncompr, uncomprLen)
-    Byte *compr, *uncompr;
-    uLong comprLen, uncomprLen;
-{
-    int err;
-    z_stream d_stream; /* decompression stream */
-
-    strcpy((char*)uncompr, "garbage");
-
-    d_stream.zalloc = (alloc_func)0;
-    d_stream.zfree = (free_func)0;
-    d_stream.opaque = (voidpf)0;
-
-    err = inflateInit(&d_stream);
-    CHECK_ERR(err, "inflateInit");
-
-    d_stream.next_in  = compr;
-    d_stream.avail_in = (uInt)comprLen;
-
-    for (;;) {
-        d_stream.next_out = uncompr;            /* discard the output */
-	d_stream.avail_out = (uInt)uncomprLen;
-        err = inflate(&d_stream, Z_NO_FLUSH);
-        if (err == Z_STREAM_END) break;
-        CHECK_ERR(err, "large inflate");
-    }
-
-    err = inflateEnd(&d_stream);
-    CHECK_ERR(err, "inflateEnd");
-
-    if (d_stream.total_out != 2*uncomprLen + comprLen/2) {
-        fprintf(stderr, "bad large inflate: %ld\n", d_stream.total_out);
-    } else {
-        printf("large_inflate(): OK\n");
-    }
-}
-
-/* ===========================================================================
- * Test deflate() with full flush
- */
-void test_flush(compr, comprLen)
-    Byte *compr;
-    uLong comprLen;
-{
-    z_stream c_stream; /* compression stream */
-    int err;
-    int len = strlen(hello)+1;
-
-    c_stream.zalloc = (alloc_func)0;
-    c_stream.zfree = (free_func)0;
-    c_stream.opaque = (voidpf)0;
-
-    err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
-    CHECK_ERR(err, "deflateInit");
-
-    c_stream.next_in  = (Bytef*)hello;
-    c_stream.next_out = compr;
-    c_stream.avail_in = 3;
-    c_stream.avail_out = (uInt)comprLen;
-    err = deflate(&c_stream, Z_FULL_FLUSH);
-    CHECK_ERR(err, "deflate");
-
-    compr[3]++; /* force an error in first compressed block */
-    c_stream.avail_in = len - 3;
-
-    err = deflate(&c_stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        CHECK_ERR(err, "deflate");
-    }
-    err = deflateEnd(&c_stream);
-    CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflateSync()
- */
-void test_sync(compr, comprLen, uncompr, uncomprLen)
-    Byte *compr, *uncompr;
-    uLong comprLen, uncomprLen;
-{
-    int err;
-    z_stream d_stream; /* decompression stream */
-
-    strcpy((char*)uncompr, "garbage");
-
-    d_stream.zalloc = (alloc_func)0;
-    d_stream.zfree = (free_func)0;
-    d_stream.opaque = (voidpf)0;
-
-    err = inflateInit(&d_stream);
-    CHECK_ERR(err, "inflateInit");
-
-    d_stream.next_in  = compr;
-    d_stream.next_out = uncompr;
-    d_stream.avail_in = 2; /* just read the zlib header */
-    d_stream.avail_out = (uInt)uncomprLen;
-
-    inflate(&d_stream, Z_NO_FLUSH);
-    CHECK_ERR(err, "inflate");
-
-    d_stream.avail_in = (uInt)comprLen-2;   /* read all compressed data */
-    err = inflateSync(&d_stream);           /* but skip the damaged part */
-    CHECK_ERR(err, "inflateSync");
-
-    err = inflate(&d_stream, Z_FINISH);
-    if (err != Z_DATA_ERROR) {
-        fprintf(stderr, "inflate should report DATA_ERROR\n");
-        /* Because of incorrect adler32 */
-    }
-    err = inflateEnd(&d_stream);
-    CHECK_ERR(err, "inflateEnd");
-
-    printf("after inflateSync(): hel%s\n", uncompr);
-}
-
-/* ===========================================================================
- * Test deflate() with preset dictionary
- */
-void test_dict_deflate(compr, comprLen)
-    Byte *compr;
-    uLong comprLen;
-{
-    z_stream c_stream; /* compression stream */
-    int err;
-
-    c_stream.zalloc = (alloc_func)0;
-    c_stream.zfree = (free_func)0;
-    c_stream.opaque = (voidpf)0;
-
-    err = deflateInit(&c_stream, Z_BEST_COMPRESSION);
-    CHECK_ERR(err, "deflateInit");
-
-    err = deflateSetDictionary(&c_stream,
-			       (const Bytef*)dictionary, sizeof(dictionary));
-    CHECK_ERR(err, "deflateSetDictionary");
-
-    dictId = c_stream.adler;
-    c_stream.next_out = compr;
-    c_stream.avail_out = (uInt)comprLen;
-
-    c_stream.next_in = (Bytef*)hello;
-    c_stream.avail_in = (uInt)strlen(hello)+1;
-
-    err = deflate(&c_stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        fprintf(stderr, "deflate should report Z_STREAM_END\n");
-    }
-    err = deflateEnd(&c_stream);
-    CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with a preset dictionary
- */
-void test_dict_inflate(compr, comprLen, uncompr, uncomprLen)
-    Byte *compr, *uncompr;
-    uLong comprLen, uncomprLen;
-{
-    int err;
-    z_stream d_stream; /* decompression stream */
-
-    strcpy((char*)uncompr, "garbage");
-
-    d_stream.zalloc = (alloc_func)0;
-    d_stream.zfree = (free_func)0;
-    d_stream.opaque = (voidpf)0;
-
-    err = inflateInit(&d_stream);
-    CHECK_ERR(err, "inflateInit");
-
-    d_stream.next_in  = compr;
-    d_stream.avail_in = (uInt)comprLen;
-
-    d_stream.next_out = uncompr;
-    d_stream.avail_out = (uInt)uncomprLen;
-
-    for (;;) {
-        err = inflate(&d_stream, Z_NO_FLUSH);
-        if (err == Z_STREAM_END) break;
-	if (err == Z_NEED_DICT) {
-	    if (d_stream.adler != dictId) {
-		fprintf(stderr, "unexpected dictionary");
-		exit(1);
-	    }
-	    err = inflateSetDictionary(&d_stream, (const Bytef*)dictionary,
-				       sizeof(dictionary));
-	}
-        CHECK_ERR(err, "inflate with dict");
-    }
-
-    err = inflateEnd(&d_stream);
-    CHECK_ERR(err, "inflateEnd");
-
-    if (strcmp((char*)uncompr, hello)) {
-        fprintf(stderr, "bad inflate with dict\n");
-    } else {
-        printf("inflate with dictionary: %s\n", uncompr);
-    }
-}
-
-/* ===========================================================================
- * Usage:  example [output.gz  [input.gz]]
- */
-
-int main(argc, argv)
-    int argc;
-    char *argv[];
-{
-    Byte *compr, *uncompr;
-    uLong comprLen = 10000*sizeof(int); /* don't overflow on MSDOS */
-    uLong uncomprLen = comprLen;
-
-    if (zlibVersion()[0] != ZLIB_VERSION[0]) {
-        fprintf(stderr, "incompatible zlib version\n");
-        exit(1);
-
-    } else if (strcmp(zlibVersion(), ZLIB_VERSION) != 0) {
-        fprintf(stderr, "warning: different zlib version\n");
-    }
-
-    compr    = (Byte*)calloc((uInt)comprLen, 1);
-    uncompr  = (Byte*)calloc((uInt)uncomprLen, 1);
-    /* compr and uncompr are cleared to avoid reading uninitialized
-     * data and to ensure that uncompr compresses well.
-     */
-    if (compr == Z_NULL || uncompr == Z_NULL) {
-        printf("out of memory\n");
-	exit(1);
-    }
-
-    test_compress(compr, comprLen, uncompr, uncomprLen);
-
-    test_gzio((argc > 1 ? argv[1] : "foo.gz"),
-              (argc > 2 ? argv[2] : "foo.gz"),
-	      uncompr, (int)uncomprLen);
-
-    test_deflate(compr, comprLen);
-    test_inflate(compr, comprLen, uncompr, uncomprLen);
-
-    test_large_deflate(compr, comprLen, uncompr, uncomprLen);
-    test_large_inflate(compr, comprLen, uncompr, uncomprLen);
-
-    test_flush(compr, comprLen);
-    test_sync(compr, comprLen, uncompr, uncomprLen);
-
-    test_dict_deflate(compr, comprLen);
-    test_dict_inflate(compr, comprLen, uncompr, uncomprLen);
-
-    exit(0);
-    return 0; /* to avoid warning */
-}
diff --git a/security/nss/cmd/zlib/gzio.c b/security/nss/cmd/zlib/gzio.c
deleted file mode 100644
index c52d30d30..000000000
--- a/security/nss/cmd/zlib/gzio.c
+++ /dev/null
@@ -1,537 +0,0 @@
-/* gzio.c -- IO on .gz files
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-/* $Id$ */
-
-#include <stdio.h>
-
-#include "zutil.h"
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#define Z_BUFSIZE 4096
-
-#define ALLOC(size) malloc(size)
-#define TRYFREE(p) {if (p) free(p);}
-
-static int gz_magic[2] = {0x1f, 0x8b}; /* gzip magic header */
-
-/* gzip flag byte */
-#define ASCII_FLAG   0x01 /* bit 0 set: file probably ascii text */
-#define HEAD_CRC     0x02 /* bit 1 set: header CRC present */
-#define EXTRA_FIELD  0x04 /* bit 2 set: extra field present */
-#define ORIG_NAME    0x08 /* bit 3 set: original file name present */
-#define COMMENT      0x10 /* bit 4 set: file comment present */
-#define RESERVED     0xE0 /* bits 5..7: reserved */
-
-typedef struct gz_stream {
-    z_stream stream;
-    int      z_err;   /* error code for last stream operation */
-    int      z_eof;   /* set if end of input file */
-    FILE     *file;   /* .gz file */
-    Byte     *inbuf;  /* input buffer */
-    Byte     *outbuf; /* output buffer */
-    uLong    crc;     /* crc32 of uncompressed data */
-    char     *msg;    /* error message */
-    char     *path;   /* path name for debugging only */
-    int      transparent; /* 1 if input file is not a .gz file */
-    char     mode;    /* 'w' or 'r' */
-} gz_stream;
-
-
-local gzFile gz_open      OF((const char *path, const char *mode, int  fd));
-local int    get_byte     OF((gz_stream *s));
-local void   check_header OF((gz_stream *s));
-local int    destroy      OF((gz_stream *s));
-local void   putLong      OF((FILE *file, uLong x));
-local uLong  getLong      OF((gz_stream *s));
-
-/* ===========================================================================
-     Opens a gzip (.gz) file for reading or writing. The mode parameter
-   is as in fopen ("rb" or "wb"). The file is given either by file descriptor
-   or path name (if fd == -1).
-     gz_open return NULL if the file could not be opened or if there was
-   insufficient memory to allocate the (de)compression state; errno
-   can be checked to distinguish the two cases (if errno is zero, the
-   zlib error is Z_MEM_ERROR).
-*/
-local gzFile gz_open (path, mode, fd)
-    const char *path;
-    const char *mode;
-    int  fd;
-{
-    int err;
-    int level = Z_DEFAULT_COMPRESSION; /* compression level */
-    char *p = (char*)mode;
-    gz_stream *s;
-    char fmode[80]; /* copy of mode, without the compression level */
-    char *m = fmode;
-
-    if (!path || !mode) return Z_NULL;
-
-    s = (gz_stream *)ALLOC(sizeof(gz_stream));
-    if (!s) return Z_NULL;
-
-    s->stream.zalloc = (alloc_func)0;
-    s->stream.zfree = (free_func)0;
-    s->stream.opaque = (voidpf)0;
-    s->stream.next_in = s->inbuf = Z_NULL;
-    s->stream.next_out = s->outbuf = Z_NULL;
-    s->stream.avail_in = s->stream.avail_out = 0;
-    s->file = NULL;
-    s->z_err = Z_OK;
-    s->z_eof = 0;
-    s->crc = crc32(0L, Z_NULL, 0);
-    s->msg = NULL;
-    s->transparent = 0;
-
-    s->path = (char*)ALLOC(strlen(path)+1);
-    if (s->path == NULL) {
-        return destroy(s), (gzFile)Z_NULL;
-    }
-    strcpy(s->path, path); /* do this early for debugging */
-
-    s->mode = '\0';
-    do {
-        if (*p == 'r') s->mode = 'r';
-        if (*p == 'w' || *p == 'a') s->mode = 'w';
-        if (*p >= '0' && *p <= '9') {
-	    level = *p - '0';
-	} else {
-	    *m++ = *p; /* copy the mode */
-	}
-    } while (*p++ && m != fmode + sizeof(fmode));
-    if (s->mode == '\0') return destroy(s), (gzFile)Z_NULL;
-    
-    if (s->mode == 'w') {
-        err = deflateInit2(&(s->stream), level,
-                           Z_DEFLATED, -MAX_WBITS, DEF_MEM_LEVEL, 0);
-        /* windowBits is passed < 0 to suppress zlib header */
-
-        s->stream.next_out = s->outbuf = (Byte*)ALLOC(Z_BUFSIZE);
-
-        if (err != Z_OK || s->outbuf == Z_NULL) {
-            return destroy(s), (gzFile)Z_NULL;
-        }
-    } else {
-        err = inflateInit2(&(s->stream), -MAX_WBITS);
-        s->stream.next_in  = s->inbuf = (Byte*)ALLOC(Z_BUFSIZE);
-
-        if (err != Z_OK || s->inbuf == Z_NULL) {
-            return destroy(s), (gzFile)Z_NULL;
-        }
-    }
-    s->stream.avail_out = Z_BUFSIZE;
-
-    errno = 0;
-    s->file = fd < 0 ? FOPEN(path, fmode) : (FILE*)fdopen(fd, fmode);
-
-    if (s->file == NULL) {
-        return destroy(s), (gzFile)Z_NULL;
-    }
-    if (s->mode == 'w') {
-        /* Write a very simple .gz header:
-         */
-        fprintf(s->file, "%c%c%c%c%c%c%c%c%c%c", gz_magic[0], gz_magic[1],
-             Z_DEFLATED, 0 /*flags*/, 0,0,0,0 /*time*/, 0 /*xflags*/, OS_CODE);
-    } else {
-	check_header(s); /* skip the .gz header */
-    }
-    return (gzFile)s;
-}
-
-/* ===========================================================================
-     Opens a gzip (.gz) file for reading or writing.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen  (const char *path, const char *mode)
-#else
-extern gzFile EXPORT gzopen  OF((const char *path, const char *mode))
-#endif
-{
-    return gz_open (path, mode, -1);
-}
-
-/* ===========================================================================
-     Associate a gzFile with the file descriptor fd. fd is not dup'ed here
-   to mimic the behavio(u)r of fdopen.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen  (int fd, const char *mode)
-#else
-extern gzFile EXPORT gzdopen  OF((int fd, const char *mode))
-#endif
-{
-    char name[20];
-
-    if (fd < 0) return (gzFile)Z_NULL;
-    sprintf(name, "<fd:%d>", fd); /* for debugging */
-
-    return gz_open (name, mode, fd);
-}
-
-/* ===========================================================================
-     Read a byte from a gz_stream; update next_in and avail_in. Return EOF
-   for end of file.
-   IN assertion: the stream s has been sucessfully opened for reading.
-*/
-local int get_byte(s)
-    gz_stream *s;
-{
-    if (s->z_eof) return EOF;
-    if (s->stream.avail_in == 0) {
-	errno = 0;
-	s->stream.avail_in = fread(s->inbuf, 1, Z_BUFSIZE, s->file);
-	if (s->stream.avail_in == 0) {
-	    s->z_eof = 1;
-	    if (ferror(s->file)) s->z_err = Z_ERRNO;
-	    return EOF;
-	}
-	s->stream.next_in = s->inbuf;
-    }
-    s->stream.avail_in--;
-    return *(s->stream.next_in)++;
-}
-
-/* ===========================================================================
-      Check the gzip header of a gz_stream opened for reading. Set the stream
-    mode to transparent if the gzip magic header is not present; set s->err
-    to Z_DATA_ERROR if the magic header is present but the rest of the header
-    is incorrect.
-    IN assertion: the stream s has already been created sucessfully;
-       s->stream.avail_in is zero for the first time, but may be non-zero
-       for concatenated .gz files.
-*/
-local void check_header(s)
-    gz_stream *s;
-{
-    int method; /* method byte */
-    int flags;  /* flags byte */
-    uInt len;
-    int c;
-
-    /* Check the gzip magic header */
-    for (len = 0; len < 2; len++) {
-	c = get_byte(s);
-	if (c != gz_magic[len]) {
-	    s->transparent = 1;
-	    if (c != EOF) s->stream.avail_in++, s->stream.next_in--;
-	    s->z_err = s->stream.avail_in != 0 ? Z_OK : Z_STREAM_END;
-	    return;
-	}
-    }
-    method = get_byte(s);
-    flags = get_byte(s);
-    if (method != Z_DEFLATED || (flags & RESERVED) != 0) {
-	s->z_err = Z_DATA_ERROR;
-	return;
-    }
-
-    /* Discard time, xflags and OS code: */
-    for (len = 0; len < 6; len++) (void)get_byte(s);
-
-    if ((flags & EXTRA_FIELD) != 0) { /* skip the extra field */
-	len  =  (uInt)get_byte(s);
-	len += ((uInt)get_byte(s))<<8;
-	/* len is garbage if EOF but the loop below will quit anyway */
-	while (len-- != 0 && get_byte(s) != EOF) ;
-    }
-    if ((flags & ORIG_NAME) != 0) { /* skip the original file name */
-	while ((c = get_byte(s)) != 0 && c != EOF) ;
-    }
-    if ((flags & COMMENT) != 0) {   /* skip the .gz file comment */
-	while ((c = get_byte(s)) != 0 && c != EOF) ;
-    }
-    if ((flags & HEAD_CRC) != 0) {  /* skip the header crc */
-	for (len = 0; len < 2; len++) (void)get_byte(s);
-    }
-    s->z_err = s->z_eof ? Z_DATA_ERROR : Z_OK;
-}
-
- /* ===========================================================================
- * Cleanup then free the given gz_stream. Return a zlib error code.
-   Try freeing in the reverse order of allocations.
- */
-local int destroy (s)
-    gz_stream *s;
-{
-    int err = Z_OK;
-
-    if (!s) return Z_STREAM_ERROR;
-
-    TRYFREE(s->msg);
-
-    if (s->stream.state != NULL) {
-       if (s->mode == 'w') {
-           err = deflateEnd(&(s->stream));
-       } else if (s->mode == 'r') {
-           err = inflateEnd(&(s->stream));
-       }
-    }
-    if (s->file != NULL && fclose(s->file)) {
-        err = Z_ERRNO;
-    }
-    if (s->z_err < 0) err = s->z_err;
-
-    TRYFREE(s->inbuf);
-    TRYFREE(s->outbuf);
-    TRYFREE(s->path);
-    TRYFREE(s);
-    return err;
-}
-
-/* ===========================================================================
-     Reads the given number of uncompressed bytes from the compressed file.
-   gzread returns the number of bytes actually read (0 for end of file).
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzread  (gzFile file, voidp buf, unsigned len)
-#else
-extern int EXPORT    gzread  OF((gzFile file, voidp buf, unsigned len))
-#endif
-{
-    gz_stream *s = (gz_stream*)file;
-    Bytef *start = buf; /* starting point for crc computation */
-    Byte  *next_out; /* == stream.next_out but not forced far (for MSDOS) */
-
-    if (s == NULL || s->mode != 'r') return Z_STREAM_ERROR;
-
-    if (s->z_err == Z_DATA_ERROR || s->z_err == Z_ERRNO) return -1;
-    if (s->z_err == Z_STREAM_END) return 0;  /* EOF */
-
-    s->stream.next_out = next_out = buf;
-    s->stream.avail_out = len;
-
-    while (s->stream.avail_out != 0) {
-
-	if (s->transparent) {
-	    /* Copy first the lookahead bytes: */
-	    uInt n = s->stream.avail_in;
-	    if (n > s->stream.avail_out) n = s->stream.avail_out;
-	    if (n > 0) {
-		zmemcpy(s->stream.next_out, s->stream.next_in, n);
-		next_out += n;
-		s->stream.next_out = next_out;
-		s->stream.next_in   += n;
-		s->stream.avail_out -= n;
-		s->stream.avail_in  -= n;
-	    }
-	    if (s->stream.avail_out > 0) {
-		s->stream.avail_out -= fread(next_out, 1, s->stream.avail_out,
-					     s->file);
-	    }
-	    return (int)(len - s->stream.avail_out);
-	}
-        if (s->stream.avail_in == 0 && !s->z_eof) {
-
-            errno = 0;
-            s->stream.avail_in = fread(s->inbuf, 1, Z_BUFSIZE, s->file);
-            if (s->stream.avail_in == 0) {
-                s->z_eof = 1;
-		if (ferror(s->file)) {
-		    s->z_err = Z_ERRNO;
-		    break;
-		}
-            }
-            s->stream.next_in = s->inbuf;
-        }
-        s->z_err = inflate(&(s->stream), Z_NO_FLUSH);
-
-	if (s->z_err == Z_STREAM_END) {
-	    /* Check CRC and original size */
-	    s->crc = crc32(s->crc, start, (uInt)(s->stream.next_out - start));
-	    start = s->stream.next_out;
-
-	    if (getLong(s) != s->crc || getLong(s) != s->stream.total_out) {
-		s->z_err = Z_DATA_ERROR;
-	    } else {
-		/* Check for concatenated .gz files: */
-		check_header(s);
-		if (s->z_err == Z_OK) {
-		    inflateReset(&(s->stream));
-		    s->crc = crc32(0L, Z_NULL, 0);
-		}
-	    }
-	}
-	if (s->z_err != Z_OK || s->z_eof) break;
-    }
-    s->crc = crc32(s->crc, start, (uInt)(s->stream.next_out - start));
-
-    return (int)(len - s->stream.avail_out);
-}
-
-/* ===========================================================================
-     Writes the given number of uncompressed bytes into the compressed file.
-   gzwrite returns the number of bytes actually written (0 in case of error).
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzwrite (gzFile file, const voidp buf, unsigned len)
-#else
-extern int EXPORT    gzwrite OF((gzFile file, const voidp buf, unsigned len))
-#endif
-{
-    gz_stream *s = (gz_stream*)file;
-
-    if (s == NULL || s->mode != 'w') return Z_STREAM_ERROR;
-
-    s->stream.next_in = buf;
-    s->stream.avail_in = len;
-
-    while (s->stream.avail_in != 0) {
-
-        if (s->stream.avail_out == 0) {
-
-            s->stream.next_out = s->outbuf;
-            if (fwrite(s->outbuf, 1, Z_BUFSIZE, s->file) != Z_BUFSIZE) {
-                s->z_err = Z_ERRNO;
-                break;
-            }
-            s->stream.avail_out = Z_BUFSIZE;
-        }
-        s->z_err = deflate(&(s->stream), Z_NO_FLUSH);
-        if (s->z_err != Z_OK) break;
-    }
-    s->crc = crc32(s->crc, buf, len);
-
-    return (int)(len - s->stream.avail_in);
-}
-
-/* ===========================================================================
-     Flushes all pending output into the compressed file. The parameter
-   flush is as in the deflate() function.
-     gzflush should be called only when strictly necessary because it can
-   degrade compression.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzflush (gzFile file, int flush)
-#else
-extern int EXPORT    gzflush OF((gzFile file, int flush))
-#endif
-{
-    uInt len;
-    int done = 0;
-    gz_stream *s = (gz_stream*)file;
-
-    if (s == NULL || s->mode != 'w') return Z_STREAM_ERROR;
-
-    s->stream.avail_in = 0; /* should be zero already anyway */
-
-    for (;;) {
-        len = Z_BUFSIZE - s->stream.avail_out;
-
-        if (len != 0) {
-            if ((uInt)fwrite(s->outbuf, 1, len, s->file) != len) {
-                s->z_err = Z_ERRNO;
-                return Z_ERRNO;
-            }
-            s->stream.next_out = s->outbuf;
-            s->stream.avail_out = Z_BUFSIZE;
-        }
-        if (done) break;
-        s->z_err = deflate(&(s->stream), flush);
-
-        /* deflate has finished flushing only when it hasn't used up
-         * all the available space in the output buffer: 
-         */
-        done = (s->stream.avail_out != 0 || s->z_err == Z_STREAM_END);
- 
-        if (s->z_err != Z_OK && s->z_err != Z_STREAM_END) break;
-    }
-    fflush(s->file);
-    return  s->z_err == Z_STREAM_END ? Z_OK : s->z_err;
-}
-
-/* ===========================================================================
-   Outputs a long in LSB order to the given file
-*/
-local void putLong (file, x)
-    FILE *file;
-    uLong x;
-{
-    int n;
-    for (n = 0; n < 4; n++) {
-        fputc((int)(x & 0xff), file);
-        x >>= 8;
-    }
-}
-
-/* ===========================================================================
-   Reads a long in LSB order from the given gz_stream. Sets 
-*/
-local uLong getLong (s)
-    gz_stream *s;
-{
-    uLong x = (uLong)get_byte(s);
-    int c;
-
-    x += ((uLong)get_byte(s))<<8;
-    x += ((uLong)get_byte(s))<<16;
-    c = get_byte(s);
-    if (c == EOF) s->z_err = Z_DATA_ERROR;
-    x += ((uLong)c)<<24;
-    return x;
-}
-
-/* ===========================================================================
-     Flushes all pending output if necessary, closes the compressed file
-   and deallocates all the (de)compression state.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzclose (gzFile file)
-#else
-extern int EXPORT    gzclose OF((gzFile file))
-#endif
-{
-    int err;
-    gz_stream *s = (gz_stream*)file;
-
-    if (s == NULL) return Z_STREAM_ERROR;
-
-    if (s->mode == 'w') {
-        err = gzflush (file, Z_FINISH);
-        if (err != Z_OK) return destroy(file);
-
-        putLong (s->file, s->crc);
-        putLong (s->file, s->stream.total_in);
-
-    }
-    return destroy(file);
-}
-
-/* ===========================================================================
-     Returns the error message for the last error which occured on the
-   given compressed file. errnum is set to zlib error number. If an
-   error occured in the file system and not in the compression library,
-   errnum is set to Z_ERRNO and the application may consult errno
-   to get the exact error code.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum)
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum))
-#endif
-{
-    char *m;
-    gz_stream *s = (gz_stream*)file;
-
-    if (s == NULL) {
-        *errnum = Z_STREAM_ERROR;
-        return (const char*)ERR_MSG(Z_STREAM_ERROR);
-    }
-    *errnum = s->z_err;
-    if (*errnum == Z_OK) return (const char*)"";
-
-    m =  (char*)(*errnum == Z_ERRNO ? zstrerror(errno) : s->stream.msg);
-
-    if (m == NULL || *m == '\0') m = (char*)ERR_MSG(s->z_err);
-
-    TRYFREE(s->msg);
-    s->msg = (char*)ALLOC(strlen(s->path) + strlen(m) + 3);
-    strcpy(s->msg, s->path);
-    strcat(s->msg, ": ");
-    strcat(s->msg, m);
-    return (const char*)s->msg;
-}
diff --git a/security/nss/cmd/zlib/infblock.c b/security/nss/cmd/zlib/infblock.c
deleted file mode 100644
index 8eddbafed..000000000
--- a/security/nss/cmd/zlib/infblock.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* infblock.c -- interpret and process block types to last block
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "infblock.h"
-#include "inftrees.h"
-#include "infcodes.h"
-#include "infutil.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* Table for deflate from PKZIP's appnote.txt. */
-local uInt border[] = { /* Order of the bit length code lengths */
-        16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
-
-/*
-   Notes beyond the 1.93a appnote.txt:
-
-   1. Distance pointers never point before the beginning of the output
-      stream.
-   2. Distance pointers can point back across blocks, up to 32k away.
-   3. There is an implied maximum of 7 bits for the bit length table and
-      15 bits for the actual data.
-   4. If only one code exists, then it is encoded using one bit.  (Zero
-      would be more efficient, but perhaps a little confusing.)  If two
-      codes exist, they are coded using one bit each (0 and 1).
-   5. There is no way of sending zero distance codes--a dummy must be
-      sent if there are none.  (History: a pre 2.0 version of PKZIP would
-      store blocks with no distance codes, but this was discovered to be
-      too harsh a criterion.)  Valid only for 1.93a.  2.04c does allow
-      zero distance codes, which is sent as one code of zero bits in
-      length.
-   6. There are up to 286 literal/length codes.  Code 256 represents the
-      end-of-block.  Note however that the static length tree defines
-      288 codes just to fill out the Huffman codes.  Codes 286 and 287
-      cannot be used though, since there is no length base or extra bits
-      defined for them.  Similarily, there are up to 30 distance codes.
-      However, static trees define 32 codes (all 5 bits) to fill out the
-      Huffman codes, but the last two had better not show up in the data.
-   7. Unzip can check dynamic Huffman blocks for complete code sets.
-      The exception is that a single code would not be complete (see #4).
-   8. The five bits following the block type is really the number of
-      literal codes sent minus 257.
-   9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits
-      (1+6+6).  Therefore, to output three times the length, you output
-      three codes (1+1+1), whereas to output four times the same length,
-      you only need two codes (1+3).  Hmm.
-  10. In the tree reconstruction algorithm, Code = Code + Increment
-      only if BitLength(i) is not zero.  (Pretty obvious.)
-  11. Correction: 4 Bits: # of Bit Length codes - 4     (4 - 19)
-  12. Note: length code 284 can represent 227-258, but length code 285
-      really is 258.  The last length deserves its own, short code
-      since it gets used a lot in very redundant files.  The length
-      258 is special since 258 - 3 (the min match length) is 255.
-  13. The literal/length and distance code bit lengths are read as a
-      single stream of lengths.  It is possible (and advantageous) for
-      a repeat code (16, 17, or 18) to go across the boundary between
-      the two sets of lengths.
- */
-
-
-void inflate_blocks_reset(s, z, c)
-inflate_blocks_statef *s;
-z_streamp z;
-uLongf *c;
-{
-  if (s->checkfn != Z_NULL)
-    *c = s->check;
-  if (s->mode == BTREE || s->mode == DTREE)
-    ZFREE(z, s->sub.trees.blens);
-  if (s->mode == CODES)
-  {
-    inflate_codes_free(s->sub.decode.codes, z);
-    inflate_trees_free(s->sub.decode.td, z);
-    inflate_trees_free(s->sub.decode.tl, z);
-  }
-  s->mode = TYPE;
-  s->bitk = 0;
-  s->bitb = 0;
-  s->read = s->write = s->window;
-  if (s->checkfn != Z_NULL)
-    z->adler = s->check = (*s->checkfn)(0L, Z_NULL, 0);
-  Trace((stderr, "inflate:   blocks reset\n"));
-}
-
-
-inflate_blocks_statef *inflate_blocks_new(z, c, w)
-z_streamp z;
-check_func c;
-uInt w;
-{
-  inflate_blocks_statef *s;
-
-  if ((s = (inflate_blocks_statef *)ZALLOC
-       (z,1,sizeof(struct inflate_blocks_state))) == Z_NULL)
-    return s;
-  if ((s->window = (Bytef *)ZALLOC(z, 1, w)) == Z_NULL)
-  {
-    ZFREE(z, s);
-    return Z_NULL;
-  }
-  s->end = s->window + w;
-  s->checkfn = c;
-  s->mode = TYPE;
-  Trace((stderr, "inflate:   blocks allocated\n"));
-  inflate_blocks_reset(s, z, &s->check);
-  return s;
-}
-
-
-#ifdef DEBUG
-  extern uInt inflate_hufts;
-#endif
-int inflate_blocks(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
-  uInt t;               /* temporary storage */
-  uLong b;              /* bit buffer */
-  uInt k;               /* bits in bit buffer */
-  Bytef *p;             /* input data pointer */
-  uInt n;               /* bytes available there */
-  Bytef *q;             /* output window write pointer */
-  uInt m;               /* bytes to end of window or read pointer */
-
-  /* copy input/output information to locals (UPDATE macro restores) */
-  LOAD
-
-  /* process input based on current state */
-  while (1) switch (s->mode)
-  {
-    case TYPE:
-      NEEDBITS(3)
-      t = (uInt)b & 7;
-      s->last = t & 1;
-      switch (t >> 1)
-      {
-        case 0:                         /* stored */
-          Trace((stderr, "inflate:     stored block%s\n",
-                 s->last ? " (last)" : ""));
-          DUMPBITS(3)
-          t = k & 7;                    /* go to byte boundary */
-          DUMPBITS(t)
-          s->mode = LENS;               /* get length of stored block */
-          break;
-        case 1:                         /* fixed */
-          Trace((stderr, "inflate:     fixed codes block%s\n",
-                 s->last ? " (last)" : ""));
-          {
-            uInt bl, bd;
-            inflate_huft *tl, *td;
-
-            inflate_trees_fixed(&bl, &bd, &tl, &td);
-            s->sub.decode.codes = inflate_codes_new(bl, bd, tl, td, z);
-            if (s->sub.decode.codes == Z_NULL)
-            {
-              r = Z_MEM_ERROR;
-              LEAVE
-            }
-            s->sub.decode.tl = Z_NULL;  /* don't try to free these */
-            s->sub.decode.td = Z_NULL;
-          }
-          DUMPBITS(3)
-          s->mode = CODES;
-          break;
-        case 2:                         /* dynamic */
-          Trace((stderr, "inflate:     dynamic codes block%s\n",
-                 s->last ? " (last)" : ""));
-          DUMPBITS(3)
-          s->mode = TABLE;
-          break;
-        case 3:                         /* illegal */
-          DUMPBITS(3)
-          s->mode = BAD;
-          z->msg = (char*)"invalid block type";
-          r = Z_DATA_ERROR;
-          LEAVE
-      }
-      break;
-    case LENS:
-      NEEDBITS(32)
-      if ((((~b) >> 16) & 0xffff) != (b & 0xffff))
-      {
-        s->mode = BAD;
-        z->msg = (char*)"invalid stored block lengths";
-        r = Z_DATA_ERROR;
-        LEAVE
-      }
-      s->sub.left = (uInt)b & 0xffff;
-      b = k = 0;                      /* dump bits */
-      Tracev((stderr, "inflate:       stored length %u\n", s->sub.left));
-      s->mode = s->sub.left ? STORED : (s->last ? DRY : TYPE);
-      break;
-    case STORED:
-      if (n == 0)
-        LEAVE
-      NEEDOUT
-      t = s->sub.left;
-      if (t > n) t = n;
-      if (t > m) t = m;
-      zmemcpy(q, p, t);
-      p += t;  n -= t;
-      q += t;  m -= t;
-      if ((s->sub.left -= t) != 0)
-        break;
-      Tracev((stderr, "inflate:       stored end, %lu total out\n",
-              z->total_out + (q >= s->read ? q - s->read :
-              (s->end - s->read) + (q - s->window))));
-      s->mode = s->last ? DRY : TYPE;
-      break;
-    case TABLE:
-      NEEDBITS(14)
-      s->sub.trees.table = t = (uInt)b & 0x3fff;
-#ifndef PKZIP_BUG_WORKAROUND
-      if ((t & 0x1f) > 29 || ((t >> 5) & 0x1f) > 29)
-      {
-        s->mode = BAD;
-        z->msg = (char*)"too many length or distance symbols";
-        r = Z_DATA_ERROR;
-        LEAVE
-      }
-#endif
-      t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f);
-      if (t < 19)
-        t = 19;
-      if ((s->sub.trees.blens = (uIntf*)ZALLOC(z, t, sizeof(uInt))) == Z_NULL)
-      {
-        r = Z_MEM_ERROR;
-        LEAVE
-      }
-      DUMPBITS(14)
-      s->sub.trees.index = 0;
-      Tracev((stderr, "inflate:       table sizes ok\n"));
-      s->mode = BTREE;
-    case BTREE:
-      while (s->sub.trees.index < 4 + (s->sub.trees.table >> 10))
-      {
-        NEEDBITS(3)
-        s->sub.trees.blens[border[s->sub.trees.index++]] = (uInt)b & 7;
-        DUMPBITS(3)
-      }
-      while (s->sub.trees.index < 19)
-        s->sub.trees.blens[border[s->sub.trees.index++]] = 0;
-      s->sub.trees.bb = 7;
-      t = inflate_trees_bits(s->sub.trees.blens, &s->sub.trees.bb,
-                             &s->sub.trees.tb, z);
-      if (t != Z_OK)
-      {
-	ZFREE(z, s->sub.trees.blens);
-        r = t;
-        if (r == Z_DATA_ERROR)
-          s->mode = BAD;
-        LEAVE
-      }
-      s->sub.trees.index = 0;
-      Tracev((stderr, "inflate:       bits tree ok\n"));
-      s->mode = DTREE;
-    case DTREE:
-      while (t = s->sub.trees.table,
-             s->sub.trees.index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))
-      {
-        inflate_huft *h;
-        uInt i, j, c;
-
-        t = s->sub.trees.bb;
-        NEEDBITS(t)
-        h = s->sub.trees.tb + ((uInt)b & inflate_mask[t]);
-        t = h->word.what.Bits;
-        c = h->more.Base;
-        if (c < 16)
-        {
-          DUMPBITS(t)
-          s->sub.trees.blens[s->sub.trees.index++] = c;
-        }
-        else /* c == 16..18 */
-        {
-          i = c == 18 ? 7 : c - 14;
-          j = c == 18 ? 11 : 3;
-          NEEDBITS(t + i)
-          DUMPBITS(t)
-          j += (uInt)b & inflate_mask[i];
-          DUMPBITS(i)
-          i = s->sub.trees.index;
-          t = s->sub.trees.table;
-          if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) ||
-              (c == 16 && i < 1))
-          {
-	    inflate_trees_free(s->sub.trees.tb, z);
-	    ZFREE(z, s->sub.trees.blens);
-            s->mode = BAD;
-            z->msg = (char*)"invalid bit length repeat";
-            r = Z_DATA_ERROR;
-            LEAVE
-          }
-          c = c == 16 ? s->sub.trees.blens[i - 1] : 0;
-          do {
-            s->sub.trees.blens[i++] = c;
-          } while (--j);
-          s->sub.trees.index = i;
-        }
-      }
-      inflate_trees_free(s->sub.trees.tb, z);
-      s->sub.trees.tb = Z_NULL;
-      {
-        uInt bl, bd;
-        inflate_huft *tl, *td;
-        inflate_codes_statef *c;
-
-        bl = 9;         /* must be <= 9 for lookahead assumptions */
-        bd = 6;         /* must be <= 9 for lookahead assumptions */
-        t = s->sub.trees.table;
-#ifdef DEBUG
-      inflate_hufts = 0;
-#endif
-        t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f),
-                                  s->sub.trees.blens, &bl, &bd, &tl, &td, z);
-	ZFREE(z, s->sub.trees.blens);
-        if (t != Z_OK)
-        {
-          if (t == (uInt)Z_DATA_ERROR)
-            s->mode = BAD;
-          r = t;
-          LEAVE
-        }
-        Tracev((stderr, "inflate:       trees ok, %d * %d bytes used\n",
-              inflate_hufts, sizeof(inflate_huft)));
-        if ((c = inflate_codes_new(bl, bd, tl, td, z)) == Z_NULL)
-        {
-          inflate_trees_free(td, z);
-          inflate_trees_free(tl, z);
-          r = Z_MEM_ERROR;
-          LEAVE
-        }
-        s->sub.decode.codes = c;
-        s->sub.decode.tl = tl;
-        s->sub.decode.td = td;
-      }
-      s->mode = CODES;
-    case CODES:
-      UPDATE
-      if ((r = inflate_codes(s, z, r)) != Z_STREAM_END)
-        return inflate_flush(s, z, r);
-      r = Z_OK;
-      inflate_codes_free(s->sub.decode.codes, z);
-      inflate_trees_free(s->sub.decode.td, z);
-      inflate_trees_free(s->sub.decode.tl, z);
-      LOAD
-      Tracev((stderr, "inflate:       codes end, %lu total out\n",
-              z->total_out + (q >= s->read ? q - s->read :
-              (s->end - s->read) + (q - s->window))));
-      if (!s->last)
-      {
-        s->mode = TYPE;
-        break;
-      }
-      if (k > 7)              /* return unused byte, if any */
-      {
-        Assert(k < 16, "inflate_codes grabbed too many bytes")
-        k -= 8;
-        n++;
-        p--;                    /* can always return one */
-      }
-      s->mode = DRY;
-    case DRY:
-      FLUSH
-      if (s->read != s->write)
-        LEAVE
-      s->mode = DONE;
-    case DONE:
-      r = Z_STREAM_END;
-      LEAVE
-    case BAD:
-      r = Z_DATA_ERROR;
-      LEAVE
-    default:
-      r = Z_STREAM_ERROR;
-      LEAVE
-  }
-}
-
-
-int inflate_blocks_free(s, z, c)
-inflate_blocks_statef *s;
-z_streamp z;
-uLongf *c;
-{
-  inflate_blocks_reset(s, z, c);
-  ZFREE(z, s->window);
-  ZFREE(z, s);
-  Trace((stderr, "inflate:   blocks freed\n"));
-  return Z_OK;
-}
-
-
-void inflate_set_dictionary(s, d, n)
-inflate_blocks_statef *s;
-const Bytef *d;
-uInt  n;
-{
-  zmemcpy((charf *)s->window, d, n);
-  s->read = s->write = s->window + n;
-}
diff --git a/security/nss/cmd/zlib/infblock.h b/security/nss/cmd/zlib/infblock.h
deleted file mode 100644
index 3ecd50cd3..000000000
--- a/security/nss/cmd/zlib/infblock.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* infblock.h -- header to use infblock.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-struct inflate_blocks_state;
-typedef struct inflate_blocks_state FAR inflate_blocks_statef;
-
-extern inflate_blocks_statef * inflate_blocks_new OF((
-    z_streamp z,
-    check_func c,               /* check function */
-    uInt w));                   /* window size */
-
-extern int inflate_blocks OF((
-    inflate_blocks_statef *,
-    z_streamp ,
-    int));                      /* initial return code */
-
-extern void inflate_blocks_reset OF((
-    inflate_blocks_statef *,
-    z_streamp ,
-    uLongf *));                  /* check value on output */
-
-extern int inflate_blocks_free OF((
-    inflate_blocks_statef *,
-    z_streamp ,
-    uLongf *));                  /* check value on output */
-
-extern void inflate_set_dictionary OF((
-    inflate_blocks_statef *s,
-    const Bytef *d,  /* dictionary */
-    uInt  n));       /* dictionary length */
diff --git a/security/nss/cmd/zlib/infcodes.c b/security/nss/cmd/zlib/infcodes.c
deleted file mode 100644
index 3ae3818a1..000000000
--- a/security/nss/cmd/zlib/infcodes.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* infcodes.c -- process literals and length/distance pairs
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-#include "zutil.h"
-#include "inftrees.h"
-#include "infblock.h"
-#include "infcodes.h"
-#include "infutil.h"
-#include "inffast.h"
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* inflate codes private state */
-struct inflate_codes_state {
-
-  /* mode */
-  enum {        /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
-      START,    /* x: set up for LEN */
-      LEN,      /* i: get length/literal/eob next */
-      LENEXT,   /* i: getting length extra (have base) */
-      DIST,     /* i: get distance next */
-      DISTEXT,  /* i: getting distance extra */
-      COPY,     /* o: copying bytes in window, waiting for space */
-      LIT,      /* o: got literal, waiting for output space */
-      WASH,     /* o: got eob, possibly still output waiting */
-      END,      /* x: got eob and all data flushed */
-      BADCODE}  /* x: got error */
-    mode;               /* current inflate_codes mode */
-
-  /* mode dependent information */
-  uInt len;
-  union {
-    struct {
-      inflate_huft *tree;       /* pointer into tree */
-      uInt need;                /* bits needed */
-    } code;             /* if LEN or DIST, where in tree */
-    uInt lit;           /* if LIT, literal */
-    struct {
-      uInt get;                 /* bits to get for extra */
-      uInt dist;                /* distance back to copy from */
-    } copy;             /* if EXT or COPY, where and how much */
-  } sub;                /* submode */
-
-  /* mode independent information */
-  Byte lbits;           /* ltree bits decoded per branch */
-  Byte dbits;           /* dtree bits decoder per branch */
-  inflate_huft *ltree;          /* literal/length/eob tree */
-  inflate_huft *dtree;          /* distance tree */
-
-};
-
-
-inflate_codes_statef *inflate_codes_new(bl, bd, tl, td, z)
-uInt bl, bd;
-inflate_huft *tl;
-inflate_huft *td; /* need separate declaration for Borland C++ */
-z_streamp z;
-{
-  inflate_codes_statef *c;
-
-  if ((c = (inflate_codes_statef *)
-       ZALLOC(z,1,sizeof(struct inflate_codes_state))) != Z_NULL)
-  {
-    c->mode = START;
-    c->lbits = (Byte)bl;
-    c->dbits = (Byte)bd;
-    c->ltree = tl;
-    c->dtree = td;
-    Tracev((stderr, "inflate:       codes new\n"));
-  }
-  return c;
-}
-
-
-int inflate_codes(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
-  uInt j;               /* temporary storage */
-  inflate_huft *t;      /* temporary pointer */
-  uInt e;               /* extra bits or operation */
-  uLong b;              /* bit buffer */
-  uInt k;               /* bits in bit buffer */
-  Bytef *p;             /* input data pointer */
-  uInt n;               /* bytes available there */
-  Bytef *q;             /* output window write pointer */
-  uInt m;               /* bytes to end of window or read pointer */
-  Bytef *f;             /* pointer to copy strings from */
-  inflate_codes_statef *c = s->sub.decode.codes;  /* codes state */
-
-  /* copy input/output information to locals (UPDATE macro restores) */
-  LOAD
-
-  /* process input and output based on current state */
-  while (1) switch (c->mode)
-  {             /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
-    case START:         /* x: set up for LEN */
-#ifndef SLOW
-      if (m >= 258 && n >= 10)
-      {
-        UPDATE
-        r = inflate_fast(c->lbits, c->dbits, c->ltree, c->dtree, s, z);
-        LOAD
-        if (r != Z_OK)
-        {
-          c->mode = r == Z_STREAM_END ? WASH : BADCODE;
-          break;
-        }
-      }
-#endif /* !SLOW */
-      c->sub.code.need = c->lbits;
-      c->sub.code.tree = c->ltree;
-      c->mode = LEN;
-    case LEN:           /* i: get length/literal/eob next */
-      j = c->sub.code.need;
-      NEEDBITS(j)
-      t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
-      DUMPBITS(t->bits)
-      e = (uInt)(t->exop);
-      if (e == 0)               /* literal */
-      {
-        c->sub.lit = t->base;
-        Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-                 "inflate:         literal '%c'\n" :
-                 "inflate:         literal 0x%02x\n", t->base));
-        c->mode = LIT;
-        break;
-      }
-      if (e & 16)               /* length */
-      {
-        c->sub.copy.get = e & 15;
-        c->len = t->base;
-        c->mode = LENEXT;
-        break;
-      }
-      if ((e & 64) == 0)        /* next table */
-      {
-        c->sub.code.need = e;
-        c->sub.code.tree = t->next;
-        break;
-      }
-      if (e & 32)               /* end of block */
-      {
-        Tracevv((stderr, "inflate:         end of block\n"));
-        c->mode = WASH;
-        break;
-      }
-      c->mode = BADCODE;        /* invalid code */
-      z->msg = (char*)"invalid literal/length code";
-      r = Z_DATA_ERROR;
-      LEAVE
-    case LENEXT:        /* i: getting length extra (have base) */
-      j = c->sub.copy.get;
-      NEEDBITS(j)
-      c->len += (uInt)b & inflate_mask[j];
-      DUMPBITS(j)
-      c->sub.code.need = c->dbits;
-      c->sub.code.tree = c->dtree;
-      Tracevv((stderr, "inflate:         length %u\n", c->len));
-      c->mode = DIST;
-    case DIST:          /* i: get distance next */
-      j = c->sub.code.need;
-      NEEDBITS(j)
-      t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
-      DUMPBITS(t->bits)
-      e = (uInt)(t->exop);
-      if (e & 16)               /* distance */
-      {
-        c->sub.copy.get = e & 15;
-        c->sub.copy.dist = t->base;
-        c->mode = DISTEXT;
-        break;
-      }
-      if ((e & 64) == 0)        /* next table */
-      {
-        c->sub.code.need = e;
-        c->sub.code.tree = t->next;
-        break;
-      }
-      c->mode = BADCODE;        /* invalid code */
-      z->msg = (char*)"invalid distance code";
-      r = Z_DATA_ERROR;
-      LEAVE
-    case DISTEXT:       /* i: getting distance extra */
-      j = c->sub.copy.get;
-      NEEDBITS(j)
-      c->sub.copy.dist += (uInt)b & inflate_mask[j];
-      DUMPBITS(j)
-      Tracevv((stderr, "inflate:         distance %u\n", c->sub.copy.dist));
-      c->mode = COPY;
-    case COPY:          /* o: copying bytes in window, waiting for space */
-#ifndef __TURBOC__ /* Turbo C bug for following expression */
-      f = (uInt)(q - s->window) < c->sub.copy.dist ?
-          s->end - (c->sub.copy.dist - (q - s->window)) :
-          q - c->sub.copy.dist;
-#else
-      f = q - c->sub.copy.dist;
-      if ((uInt)(q - s->window) < c->sub.copy.dist)
-        f = s->end - (c->sub.copy.dist - (uInt)(q - s->window));
-#endif
-      while (c->len)
-      {
-        NEEDOUT
-        OUTBYTE(*f++)
-        if (f == s->end)
-          f = s->window;
-        c->len--;
-      }
-      c->mode = START;
-      break;
-    case LIT:           /* o: got literal, waiting for output space */
-      NEEDOUT
-      OUTBYTE(c->sub.lit)
-      c->mode = START;
-      break;
-    case WASH:          /* o: got eob, possibly more output */
-      FLUSH
-      if (s->read != s->write)
-        LEAVE
-      c->mode = END;
-    case END:
-      r = Z_STREAM_END;
-      LEAVE
-    case BADCODE:       /* x: got error */
-      r = Z_DATA_ERROR;
-      LEAVE
-    default:
-      r = Z_STREAM_ERROR;
-      LEAVE
-  }
-}
-
-
-void inflate_codes_free(c, z)
-inflate_codes_statef *c;
-z_streamp z;
-{
-  ZFREE(z, c);
-  Tracev((stderr, "inflate:       codes free\n"));
-}
diff --git a/security/nss/cmd/zlib/infcodes.h b/security/nss/cmd/zlib/infcodes.h
deleted file mode 100644
index c2c38df2c..000000000
--- a/security/nss/cmd/zlib/infcodes.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* infcodes.h -- header to use infcodes.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-struct inflate_codes_state;
-typedef struct inflate_codes_state FAR inflate_codes_statef;
-
-extern inflate_codes_statef *inflate_codes_new OF((
-    uInt, uInt,
-    inflate_huft *, inflate_huft *,
-    z_streamp ));
-
-extern int inflate_codes OF((
-    inflate_blocks_statef *,
-    z_streamp ,
-    int));
-
-extern void inflate_codes_free OF((
-    inflate_codes_statef *,
-    z_streamp ));
-
diff --git a/security/nss/cmd/zlib/inffast.c b/security/nss/cmd/zlib/inffast.c
deleted file mode 100644
index 86eee4a29..000000000
--- a/security/nss/cmd/zlib/inffast.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* inffast.c -- process literals and length/distance pairs fast
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-#include "zutil.h"
-#include "inftrees.h"
-#include "infblock.h"
-#include "infcodes.h"
-#include "infutil.h"
-#include "inffast.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* macros for bit input with no checking and for returning unused bytes */
-#define GRABBITS(j) {while(k<(j)){b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-#define UNGRAB {n+=(c=k>>3);p-=c;k&=7;}
-
-/* Called with number of bytes left to write in window at least 258
-   (the maximum string length) and number of input bytes available
-   at least ten.  The ten bytes are six bytes for the longest length/
-   distance pair plus four bytes for overloading the bit buffer. */
-
-int inflate_fast(bl, bd, tl, td, s, z)
-uInt bl, bd;
-inflate_huft *tl;
-inflate_huft *td; /* need separate declaration for Borland C++ */
-inflate_blocks_statef *s;
-z_streamp z;
-{
-  inflate_huft *t;      /* temporary pointer */
-  uInt e;               /* extra bits or operation */
-  uLong b;              /* bit buffer */
-  uInt k;               /* bits in bit buffer */
-  Bytef *p;             /* input data pointer */
-  uInt n;               /* bytes available there */
-  Bytef *q;             /* output window write pointer */
-  uInt m;               /* bytes to end of window or read pointer */
-  uInt ml;              /* mask for literal/length tree */
-  uInt md;              /* mask for distance tree */
-  uInt c;               /* bytes to copy */
-  uInt d;               /* distance back to copy from */
-  Bytef *r;             /* copy source pointer */
-
-  /* load input, output, bit values */
-  LOAD
-
-  /* initialize masks */
-  ml = inflate_mask[bl];
-  md = inflate_mask[bd];
-
-  /* do until not enough input or output space for fast loop */
-  do {                          /* assume called with m >= 258 && n >= 10 */
-    /* get literal/length code */
-    GRABBITS(20)                /* max bits for literal/length code */
-    if ((e = (t = tl + ((uInt)b & ml))->exop) == 0)
-    {
-      DUMPBITS(t->bits)
-      Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-                "inflate:         * literal '%c'\n" :
-                "inflate:         * literal 0x%02x\n", t->base));
-      *q++ = (Byte)t->base;
-      m--;
-      continue;
-    }
-    do {
-      DUMPBITS(t->bits)
-      if (e & 16)
-      {
-        /* get extra bits for length */
-        e &= 15;
-        c = t->base + ((uInt)b & inflate_mask[e]);
-        DUMPBITS(e)
-        Tracevv((stderr, "inflate:         * length %u\n", c));
-
-        /* decode distance base of block to copy */
-        GRABBITS(15);           /* max bits for distance code */
-        e = (t = td + ((uInt)b & md))->exop;
-        do {
-          DUMPBITS(t->bits)
-          if (e & 16)
-          {
-            /* get extra bits to add to distance base */
-            e &= 15;
-            GRABBITS(e)         /* get extra bits (up to 13) */
-            d = t->base + ((uInt)b & inflate_mask[e]);
-            DUMPBITS(e)
-            Tracevv((stderr, "inflate:         * distance %u\n", d));
-
-            /* do the copy */
-            m -= c;
-            if ((uInt)(q - s->window) >= d)     /* offset before dest */
-            {                                   /*  just copy */
-              r = q - d;
-              *q++ = *r++;  c--;        /* minimum count is three, */
-              *q++ = *r++;  c--;        /*  so unroll loop a little */
-            }
-            else                        /* else offset after destination */
-            {
-              e = d - (uInt)(q - s->window); /* bytes from offset to end */
-              r = s->end - e;           /* pointer to offset */
-              if (c > e)                /* if source crosses, */
-              {
-                c -= e;                 /* copy to end of window */
-                do {
-                  *q++ = *r++;
-                } while (--e);
-                r = s->window;          /* copy rest from start of window */
-              }
-            }
-            do {                        /* copy all or what's left */
-              *q++ = *r++;
-            } while (--c);
-            break;
-          }
-          else if ((e & 64) == 0)
-            e = (t = t->next + ((uInt)b & inflate_mask[e]))->exop;
-          else
-          {
-            z->msg = (char*)"invalid distance code";
-            UNGRAB
-            UPDATE
-            return Z_DATA_ERROR;
-          }
-        } while (1);
-        break;
-      }
-      if ((e & 64) == 0)
-      {
-        if ((e = (t = t->next + ((uInt)b & inflate_mask[e]))->exop) == 0)
-        {
-          DUMPBITS(t->bits)
-          Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
-                    "inflate:         * literal '%c'\n" :
-                    "inflate:         * literal 0x%02x\n", t->base));
-          *q++ = (Byte)t->base;
-          m--;
-          break;
-        }
-      }
-      else if (e & 32)
-      {
-        Tracevv((stderr, "inflate:         * end of block\n"));
-        UNGRAB
-        UPDATE
-        return Z_STREAM_END;
-      }
-      else
-      {
-        z->msg = (char*)"invalid literal/length code";
-        UNGRAB
-        UPDATE
-        return Z_DATA_ERROR;
-      }
-    } while (1);
-  } while (m >= 258 && n >= 10);
-
-  /* not enough input or output--restore pointers and return */
-  UNGRAB
-  UPDATE
-  return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inffast.h b/security/nss/cmd/zlib/inffast.h
deleted file mode 100644
index 8cc644efb..000000000
--- a/security/nss/cmd/zlib/inffast.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* inffast.h -- header to use inffast.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-extern int inflate_fast OF((
-    uInt,
-    uInt,
-    inflate_huft *,
-    inflate_huft *,
-    inflate_blocks_statef *,
-    z_streamp ));
diff --git a/security/nss/cmd/zlib/inflate.c b/security/nss/cmd/zlib/inflate.c
deleted file mode 100644
index 8cd0c141c..000000000
--- a/security/nss/cmd/zlib/inflate.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/* inflate.c -- zlib interface to inflate modules
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "infblock.h"
-
-struct inflate_blocks_state {int dummy;}; /* for buggy compilers */
-
-/* inflate private state */
-struct internal_state {
-
-  /* mode */
-  enum {
-      METHOD,   /* waiting for method byte */
-      FLAG,     /* waiting for flag byte */
-      DICT4,    /* four dictionary check bytes to go */
-      DICT3,    /* three dictionary check bytes to go */
-      DICT2,    /* two dictionary check bytes to go */
-      DICT1,    /* one dictionary check byte to go */
-      DICT0,    /* waiting for inflateSetDictionary */
-      BLOCKS,   /* decompressing blocks */
-      CHECK4,   /* four check bytes to go */
-      CHECK3,   /* three check bytes to go */
-      CHECK2,   /* two check bytes to go */
-      CHECK1,   /* one check byte to go */
-      DONE,     /* finished check, done */
-      BAD}      /* got an error--stay here */
-    mode;               /* current inflate mode */
-
-  /* mode dependent information */
-  union {
-    uInt method;        /* if FLAGS, method byte */
-    struct {
-      uLong was;                /* computed check value */
-      uLong need;               /* stream check value */
-    } check;            /* if CHECK, check values to compare */
-    uInt marker;        /* if BAD, inflateSync's marker bytes count */
-  } sub;        /* submode */
-
-  /* mode independent information */
-  int  nowrap;          /* flag for no wrapper */
-  uInt wbits;           /* log2(window size)  (8..15, defaults to 15) */
-  inflate_blocks_statef 
-    *blocks;            /* current inflate_blocks state */
-
-};
-
-
-PR_PUBLIC_API(int) inflateReset(z)
-z_streamp z;
-{
-  uLong c;
-
-  if (z == Z_NULL || z->state == Z_NULL)
-    return Z_STREAM_ERROR;
-  z->total_in = z->total_out = 0;
-  z->msg = Z_NULL;
-  z->state->mode = z->state->nowrap ? BLOCKS : METHOD;
-  inflate_blocks_reset(z->state->blocks, z, &c);
-  Trace((stderr, "inflate: reset\n"));
-  return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateEnd(z)
-z_streamp z;
-{
-  uLong c;
-
-  if (z == Z_NULL || z->state == Z_NULL || z->zfree == Z_NULL)
-    return Z_STREAM_ERROR;
-  if (z->state->blocks != Z_NULL)
-    inflate_blocks_free(z->state->blocks, z, &c);
-  ZFREE(z, z->state);
-  z->state = Z_NULL;
-  Trace((stderr, "inflate: end\n"));
-  return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateInit2_(z, w, version, stream_size)
-z_streamp z;
-int w;
-const char *version;
-int stream_size;
-{
-  if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
-      stream_size != sizeof(z_stream))
-      return Z_VERSION_ERROR;
-
-  /* initialize state */
-  if (z == Z_NULL)
-    return Z_STREAM_ERROR;
-  z->msg = Z_NULL;
-  if (z->zalloc == Z_NULL)
-  {
-    z->zalloc = zcalloc;
-    z->opaque = (voidpf)0;
-  }
-  if (z->zfree == Z_NULL) z->zfree = zcfree;
-  if ((z->state = (struct internal_state FAR *)
-       ZALLOC(z,1,sizeof(struct internal_state))) == Z_NULL)
-    return Z_MEM_ERROR;
-  z->state->blocks = Z_NULL;
-
-  /* handle undocumented nowrap option (no zlib header or check) */
-  z->state->nowrap = 0;
-  if (w < 0)
-  {
-    w = - w;
-    z->state->nowrap = 1;
-  }
-
-  /* set window size */
-  if (w < 8 || w > 15)
-  {
-    inflateEnd(z);
-    return Z_STREAM_ERROR;
-  }
-  z->state->wbits = (uInt)w;
-
-  /* create inflate_blocks state */
-  if ((z->state->blocks =
-      inflate_blocks_new(z, z->state->nowrap ? Z_NULL : adler32, (uInt)1 << w))
-      == Z_NULL)
-  {
-    inflateEnd(z);
-    return Z_MEM_ERROR;
-  }
-  Trace((stderr, "inflate: allocated\n"));
-
-  /* reset state */
-  inflateReset(z);
-  return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateInit_(z, version, stream_size)
-z_streamp z;
-const char *version;
-int stream_size;
-{
-  return inflateInit2_(z, DEF_WBITS, version, stream_size);
-}
-
-
-#define NEEDBYTE {if(z->avail_in==0)return r;r=Z_OK;}
-#define NEXTBYTE (z->avail_in--,z->total_in++,*z->next_in++)
-
-PR_PUBLIC_API(int) inflate(z, f)
-z_streamp z;
-int f;
-{
-  int r;
-  uInt b;
-
-  if (z == Z_NULL || z->state == Z_NULL || z->next_in == Z_NULL || f < 0)
-    return Z_STREAM_ERROR;
-  r = Z_BUF_ERROR;
-  while (1) switch (z->state->mode)
-  {
-    case METHOD:
-      NEEDBYTE
-      if (((z->state->sub.method = NEXTBYTE) & 0xf) != Z_DEFLATED)
-      {
-        z->state->mode = BAD;
-        z->msg = (char*)"unknown compression method";
-        z->state->sub.marker = 5;       /* can't try inflateSync */
-        break;
-      }
-      if ((z->state->sub.method >> 4) + 8 > z->state->wbits)
-      {
-        z->state->mode = BAD;
-        z->msg = (char*)"invalid window size";
-        z->state->sub.marker = 5;       /* can't try inflateSync */
-        break;
-      }
-      z->state->mode = FLAG;
-    case FLAG:
-      NEEDBYTE
-      b = NEXTBYTE;
-      if (((z->state->sub.method << 8) + b) % 31)
-      {
-        z->state->mode = BAD;
-        z->msg = (char*)"incorrect header check";
-        z->state->sub.marker = 5;       /* can't try inflateSync */
-        break;
-      }
-      Trace((stderr, "inflate: zlib header ok\n"));
-      if (!(b & PRESET_DICT))
-      {
-        z->state->mode = BLOCKS;
-	break;
-      }
-      z->state->mode = DICT4;
-    case DICT4:
-      NEEDBYTE
-      z->state->sub.check.need = (uLong)NEXTBYTE << 24;
-      z->state->mode = DICT3;
-    case DICT3:
-      NEEDBYTE
-      z->state->sub.check.need += (uLong)NEXTBYTE << 16;
-      z->state->mode = DICT2;
-    case DICT2:
-      NEEDBYTE
-      z->state->sub.check.need += (uLong)NEXTBYTE << 8;
-      z->state->mode = DICT1;
-    case DICT1:
-      NEEDBYTE
-      z->state->sub.check.need += (uLong)NEXTBYTE;
-      z->adler = z->state->sub.check.need;
-      z->state->mode = DICT0;
-      return Z_NEED_DICT;
-    case DICT0:
-      z->state->mode = BAD;
-      z->msg = (char*)"need dictionary";
-      z->state->sub.marker = 0;       /* can try inflateSync */
-      return Z_STREAM_ERROR;
-    case BLOCKS:
-      r = inflate_blocks(z->state->blocks, z, r);
-      if (r == Z_DATA_ERROR)
-      {
-        z->state->mode = BAD;
-        z->state->sub.marker = 0;       /* can try inflateSync */
-        break;
-      }
-      if (r != Z_STREAM_END)
-        return r;
-      r = Z_OK;
-      inflate_blocks_reset(z->state->blocks, z, &z->state->sub.check.was);
-      if (z->state->nowrap)
-      {
-        z->state->mode = DONE;
-        break;
-      }
-      z->state->mode = CHECK4;
-    case CHECK4:
-      NEEDBYTE
-      z->state->sub.check.need = (uLong)NEXTBYTE << 24;
-      z->state->mode = CHECK3;
-    case CHECK3:
-      NEEDBYTE
-      z->state->sub.check.need += (uLong)NEXTBYTE << 16;
-      z->state->mode = CHECK2;
-    case CHECK2:
-      NEEDBYTE
-      z->state->sub.check.need += (uLong)NEXTBYTE << 8;
-      z->state->mode = CHECK1;
-    case CHECK1:
-      NEEDBYTE
-      z->state->sub.check.need += (uLong)NEXTBYTE;
-
-      if (z->state->sub.check.was != z->state->sub.check.need)
-      {
-        z->state->mode = BAD;
-        z->msg = (char*)"incorrect data check";
-        z->state->sub.marker = 5;       /* can't try inflateSync */
-        break;
-      }
-      Trace((stderr, "inflate: zlib check ok\n"));
-      z->state->mode = DONE;
-    case DONE:
-      return Z_STREAM_END;
-    case BAD:
-      return Z_DATA_ERROR;
-    default:
-      return Z_STREAM_ERROR;
-  }
-}
-
-
-PR_PUBLIC_API(int) inflateSetDictionary(z, dictionary, dictLength)
-z_streamp z;
-const Bytef *dictionary;
-uInt  dictLength;
-{
-  uInt length = dictLength;
-
-  if (z == Z_NULL || z->state == Z_NULL || z->state->mode != DICT0)
-    return Z_STREAM_ERROR;
-
-  if (adler32(1L, dictionary, dictLength) != z->adler) return Z_DATA_ERROR;
-  z->adler = 1L;
-
-  if (length >= ((uInt)1<<z->state->wbits))
-  {
-    length = (1<<z->state->wbits)-1;
-    dictionary += dictLength - length;
-  }
-  inflate_set_dictionary(z->state->blocks, dictionary, length);
-  z->state->mode = BLOCKS;
-  return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateSync(z)
-z_streamp z;
-{
-  uInt n;       /* number of bytes to look at */
-  Bytef *p;     /* pointer to bytes */
-  uInt m;       /* number of marker bytes found in a row */
-  uLong r, w;   /* temporaries to save total_in and total_out */
-
-  /* set up */
-  if (z == Z_NULL || z->state == Z_NULL)
-    return Z_STREAM_ERROR;
-  if (z->state->mode != BAD)
-  {
-    z->state->mode = BAD;
-    z->state->sub.marker = 0;
-  }
-  if ((n = z->avail_in) == 0)
-    return Z_BUF_ERROR;
-  p = z->next_in;
-  m = z->state->sub.marker;
-
-  /* search */
-  while (n && m < 4)
-  {
-    if (*p == (Byte)(m < 2 ? 0 : 0xff))
-      m++;
-    else if (*p)
-      m = 0;
-    else
-      m = 4 - m;
-    p++, n--;
-  }
-
-  /* restore */
-  z->total_in += p - z->next_in;
-  z->next_in = p;
-  z->avail_in = n;
-  z->state->sub.marker = m;
-
-  /* return no joy or set up to restart on a new block */
-  if (m != 4)
-    return Z_DATA_ERROR;
-  r = z->total_in;  w = z->total_out;
-  inflateReset(z);
-  z->total_in = r;  z->total_out = w;
-  z->state->mode = BLOCKS;
-  return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inftrees.c b/security/nss/cmd/zlib/inftrees.c
deleted file mode 100644
index 91dc00375..000000000
--- a/security/nss/cmd/zlib/inftrees.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* inftrees.c -- generate Huffman trees for efficient decoding
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "inftrees.h"
-
-char inflate_copyright[] = " inflate 1.0.4 Copyright 1995-1996 Mark Adler ";
-/*
-  If you use the zlib library in a product, an acknowledgment is welcome
-  in the documentation of your product. If for some reason you cannot
-  include such an acknowledgment, I would appreciate that you keep this
-  copyright string in the executable of your product.
- */
-struct internal_state  {int dummy;}; /* for buggy compilers */
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-
-local int huft_build OF((
-    uIntf *,            /* code lengths in bits */
-    uInt,               /* number of codes */
-    uInt,               /* number of "simple" codes */
-    uIntf *,            /* list of base values for non-simple codes */
-    uIntf *,            /* list of extra bits for non-simple codes */
-    inflate_huft * FAR*,/* result: starting table */
-    uIntf *,            /* maximum lookup bits (returns actual) */
-    z_streamp ));       /* for zalloc function */
-
-local voidpf falloc OF((
-    voidpf,             /* opaque pointer (not used) */
-    uInt,               /* number of items */
-    uInt));             /* size of item */
-
-/* Tables for deflate from PKZIP's appnote.txt. */
-local uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */
-        3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
-        35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
-	/* see note #13 above about 258 */
-local uInt cplext[31] = { /* Extra bits for literal codes 257..285 */
-        0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2,
-        3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112}; /* 112==invalid */
-local uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */
-        1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
-        257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
-        8193, 12289, 16385, 24577};
-local uInt cpdext[30] = { /* Extra bits for distance codes */
-        0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6,
-        7, 7, 8, 8, 9, 9, 10, 10, 11, 11,
-        12, 12, 13, 13};
-
-/*
-   Huffman code decoding is performed using a multi-level table lookup.
-   The fastest way to decode is to simply build a lookup table whose
-   size is determined by the longest code.  However, the time it takes
-   to build this table can also be a factor if the data being decoded
-   is not very long.  The most common codes are necessarily the
-   shortest codes, so those codes dominate the decoding time, and hence
-   the speed.  The idea is you can have a shorter table that decodes the
-   shorter, more probable codes, and then point to subsidiary tables for
-   the longer codes.  The time it costs to decode the longer codes is
-   then traded against the time it takes to make longer tables.
-
-   This results of this trade are in the variables lbits and dbits
-   below.  lbits is the number of bits the first level table for literal/
-   length codes can decode in one step, and dbits is the same thing for
-   the distance codes.  Subsequent tables are also less than or equal to
-   those sizes.  These values may be adjusted either when all of the
-   codes are shorter than that, in which case the longest code length in
-   bits is used, or when the shortest code is *longer* than the requested
-   table size, in which case the length of the shortest code in bits is
-   used.
-
-   There are two different values for the two tables, since they code a
-   different number of possibilities each.  The literal/length table
-   codes 286 possible values, or in a flat code, a little over eight
-   bits.  The distance table codes 30 possible values, or a little less
-   than five bits, flat.  The optimum values for speed end up being
-   about one bit more than those, so lbits is 8+1 and dbits is 5+1.
-   The optimum values may differ though from machine to machine, and
-   possibly even between compilers.  Your mileage may vary.
- */
-
-
-/* If BMAX needs to be larger than 16, then h and x[] should be uLong. */
-#define BMAX 15         /* maximum bit length of any code */
-#define N_MAX 288       /* maximum number of codes in any set */
-
-#ifdef DEBUG
-  uInt inflate_hufts;
-#endif
-
-local int huft_build(b, n, s, d, e, t, m, zs)
-uIntf *b;               /* code lengths in bits (all assumed <= BMAX) */
-uInt n;                 /* number of codes (assumed <= N_MAX) */
-uInt s;                 /* number of simple-valued codes (0..s-1) */
-uIntf *d;               /* list of base values for non-simple codes */
-uIntf *e;               /* list of extra bits for non-simple codes */  
-inflate_huft * FAR *t;  /* result: starting table */
-uIntf *m;               /* maximum lookup bits, returns actual */
-z_streamp zs;           /* for zalloc function */
-/* Given a list of code lengths and a maximum table size, make a set of
-   tables to decode that set of codes.  Return Z_OK on success, Z_BUF_ERROR
-   if the given code set is incomplete (the tables are still built in this
-   case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of
-   set of lengths), or Z_MEM_ERROR if not enough memory. */
-{
-
-  uInt a;                       /* counter for codes of length k */
-  uInt c[BMAX+1];               /* bit length count table */
-  uInt f;                       /* i repeats in table every f entries */
-  int g;                        /* maximum code length */
-  int h;                        /* table level */
-  register uInt i;              /* counter, current code */
-  register uInt j;              /* counter */
-  register int k;               /* number of bits in current code */
-  int l;                        /* bits per table (returned in m) */
-  register uIntf *p;            /* pointer into c[], b[], or v[] */
-  inflate_huft *q;              /* points to current table */
-  struct inflate_huft_s r;      /* table entry for structure assignment */
-  inflate_huft *u[BMAX];        /* table stack */
-  uInt v[N_MAX];                /* values in order of bit length */
-  register int w;               /* bits before this table == (l * h) */
-  uInt x[BMAX+1];               /* bit offsets, then code stack */
-  uIntf *xp;                    /* pointer into x */
-  int y;                        /* number of dummy codes added */
-  uInt z;                       /* number of entries in current table */
-
-
-  /* Generate counts for each bit length */
-  p = c;
-#define C0 *p++ = 0;
-#define C2 C0 C0 C0 C0
-#define C4 C2 C2 C2 C2
-  C4                            /* clear c[]--assume BMAX+1 is 16 */
-  p = b;  i = n;
-  do {
-    c[*p++]++;                  /* assume all entries <= BMAX */
-  } while (--i);
-  if (c[0] == n)                /* null input--all zero length codes */
-  {
-    *t = (inflate_huft *)Z_NULL;
-    *m = 0;
-    return Z_OK;
-  }
-
-
-  /* Find minimum and maximum length, bound *m by those */
-  l = *m;
-  for (j = 1; j <= BMAX; j++)
-    if (c[j])
-      break;
-  k = j;                        /* minimum code length */
-  if ((uInt)l < j)
-    l = j;
-  for (i = BMAX; i; i--)
-    if (c[i])
-      break;
-  g = i;                        /* maximum code length */
-  if ((uInt)l > i)
-    l = i;
-  *m = l;
-
-
-  /* Adjust last length count to fill out codes, if needed */
-  for (y = 1 << j; j < i; j++, y <<= 1)
-    if ((y -= c[j]) < 0)
-      return Z_DATA_ERROR;
-  if ((y -= c[i]) < 0)
-    return Z_DATA_ERROR;
-  c[i] += y;
-
-
-  /* Generate starting offsets into the value table for each length */
-  x[1] = j = 0;
-  p = c + 1;  xp = x + 2;
-  while (--i) {                 /* note that i == g from above */
-    *xp++ = (j += *p++);
-  }
-
-
-  /* Make a table of values in order of bit lengths */
-  p = b;  i = 0;
-  do {
-    if ((j = *p++) != 0)
-      v[x[j]++] = i;
-  } while (++i < n);
-  n = x[g];			/* set n to length of v */
-
-
-  /* Generate the Huffman codes and for each, make the table entries */
-  x[0] = i = 0;                 /* first Huffman code is zero */
-  p = v;                        /* grab values in bit order */
-  h = -1;                       /* no tables yet--level -1 */
-  w = -l;                       /* bits decoded == (l * h) */
-  u[0] = (inflate_huft *)Z_NULL;        /* just to keep compilers happy */
-  q = (inflate_huft *)Z_NULL;   /* ditto */
-  z = 0;                        /* ditto */
-
-  /* go through the bit lengths (k already is bits in shortest code) */
-  for (; k <= g; k++)
-  {
-    a = c[k];
-    while (a--)
-    {
-      /* here i is the Huffman code of length k bits for value *p */
-      /* make tables up to required level */
-      while (k > w + l)
-      {
-        h++;
-        w += l;                 /* previous table always l bits */
-
-        /* compute minimum size table less than or equal to l bits */
-        z = g - w;
-        z = z > (uInt)l ? l : z;        /* table size upper limit */
-        if ((f = 1 << (j = k - w)) > a + 1)     /* try a k-w bit table */
-        {                       /* too few codes for k-w bit table */
-          f -= a + 1;           /* deduct codes from patterns left */
-          xp = c + k;
-          if (j < z)
-            while (++j < z)     /* try smaller tables up to z bits */
-            {
-              if ((f <<= 1) <= *++xp)
-                break;          /* enough codes to use up j bits */
-              f -= *xp;         /* else deduct codes from patterns */
-            }
-        }
-        z = 1 << j;             /* table entries for j-bit table */
-
-        /* allocate and link in new table */
-        if ((q = (inflate_huft *)ZALLOC
-             (zs,z + 1,sizeof(inflate_huft))) == Z_NULL)
-        {
-          if (h)
-            inflate_trees_free(u[0], zs);
-          return Z_MEM_ERROR;   /* not enough memory */
-        }
-#ifdef DEBUG
-        inflate_hufts += z + 1;
-#endif
-        *t = q + 1;             /* link to list for huft_free() */
-        *(t = &(q->next)) = Z_NULL;
-        u[h] = ++q;             /* table starts after link */
-
-        /* connect to last table, if there is one */
-        if (h)
-        {
-          x[h] = i;             /* save pattern for backing up */
-          r.bits = (Byte)l;     /* bits to dump before this table */
-          r.exop = (Byte)j;     /* bits in this table */
-          r.next = q;           /* pointer to this table */
-          j = i >> (w - l);     /* (get around Turbo C bug) */
-          u[h-1][j] = r;        /* connect to last table */
-        }
-      }
-
-      /* set up table entry in r */
-      r.bits = (Byte)(k - w);
-      if (p >= v + n)
-        r.exop = 128 + 64;      /* out of values--invalid code */
-      else if (*p < s)
-      {
-        r.exop = (Byte)(*p < 256 ? 0 : 32 + 64);     /* 256 is end-of-block */
-        r.base = *p++;          /* simple code is just the value */
-      }
-      else
-      {
-        r.exop = (Byte)(e[*p - s] + 16 + 64);/* non-simple--look up in lists */
-        r.base = d[*p++ - s];
-      }
-
-      /* fill code-like entries with r */
-      f = 1 << (k - w);
-      for (j = i >> w; j < z; j += f)
-        q[j] = r;
-
-      /* backwards increment the k-bit code i */
-      for (j = 1 << (k - 1); i & j; j >>= 1)
-        i ^= j;
-      i ^= j;
-
-      /* backup over finished tables */
-      while ((i & ((1 << w) - 1)) != x[h])
-      {
-        h--;                    /* don't need to update q */
-        w -= l;
-      }
-    }
-  }
-
-
-  /* Return Z_BUF_ERROR if we were given an incomplete table */
-  return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK;
-}
-
-
-int inflate_trees_bits(c, bb, tb, z)
-uIntf *c;               /* 19 code lengths */
-uIntf *bb;              /* bits tree desired/actual depth */
-inflate_huft * FAR *tb; /* bits tree result */
-z_streamp z;            /* for zfree function */
-{
-  int r;
-
-  r = huft_build(c, 19, 19, (uIntf*)Z_NULL, (uIntf*)Z_NULL, tb, bb, z);
-  if (r == Z_DATA_ERROR)
-    z->msg = (char*)"oversubscribed dynamic bit lengths tree";
-  else if (r == Z_BUF_ERROR || *bb == 0)
-  {
-    inflate_trees_free(*tb, z);
-    z->msg = (char*)"incomplete dynamic bit lengths tree";
-    r = Z_DATA_ERROR;
-  }
-  return r;
-}
-
-
-int inflate_trees_dynamic(nl, nd, c, bl, bd, tl, td, z)
-uInt nl;                /* number of literal/length codes */
-uInt nd;                /* number of distance codes */
-uIntf *c;               /* that many (total) code lengths */
-uIntf *bl;              /* literal desired/actual bit depth */
-uIntf *bd;              /* distance desired/actual bit depth */
-inflate_huft * FAR *tl; /* literal/length tree result */
-inflate_huft * FAR *td; /* distance tree result */
-z_streamp z;            /* for zfree function */
-{
-  int r;
-
-  /* build literal/length tree */
-  r = huft_build(c, nl, 257, cplens, cplext, tl, bl, z);
-  if (r != Z_OK || *bl == 0)
-  {
-    if (r == Z_DATA_ERROR)
-      z->msg = (char*)"oversubscribed literal/length tree";
-    else if (r != Z_MEM_ERROR)
-    {
-      inflate_trees_free(*tl, z);
-      z->msg = (char*)"incomplete literal/length tree";
-      r = Z_DATA_ERROR;
-    }
-    return r;
-  }
-
-  /* build distance tree */
-  r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, z);
-  if (r != Z_OK || (*bd == 0 && nl > 257))
-  {
-    if (r == Z_DATA_ERROR)
-      z->msg = (char*)"oversubscribed literal/length tree";
-    else if (r == Z_BUF_ERROR) {
-#ifdef PKZIP_BUG_WORKAROUND
-      r = Z_OK;
-    }
-#else
-      inflate_trees_free(*td, z);
-      z->msg = (char*)"incomplete distance tree";
-      r = Z_DATA_ERROR;
-    }
-    else if (r != Z_MEM_ERROR)
-    {
-	z->msg = (char*)"empty distance tree with lengths";
-	r = Z_DATA_ERROR;
-    }
-    inflate_trees_free(*tl, z);
-    return r;
-#endif
-  }
-
-  /* done */
-  return Z_OK;
-}
-
-
-/* build fixed tables only once--keep them here */
-local int fixed_built = 0;
-#define FIXEDH 530      /* number of hufts used by fixed tables */
-local inflate_huft fixed_mem[FIXEDH];
-local uInt fixed_bl;
-local uInt fixed_bd;
-local inflate_huft *fixed_tl;
-local inflate_huft *fixed_td;
-
-
-local voidpf falloc(q, n, s)
-voidpf q;       /* opaque pointer */
-uInt n;         /* number of items */
-uInt s;         /* size of item */
-{
-  Assert(s == sizeof(inflate_huft) && n <= *(intf *)q,
-         "inflate_trees falloc overflow");
-  *(intf *)q -= n+s-s; /* s-s to avoid warning */
-  return (voidpf)(fixed_mem + *(intf *)q);
-}
-
-
-int inflate_trees_fixed(bl, bd, tl, td)
-uIntf *bl;               /* literal desired/actual bit depth */
-uIntf *bd;               /* distance desired/actual bit depth */
-inflate_huft * FAR *tl;  /* literal/length tree result */
-inflate_huft * FAR *td;  /* distance tree result */
-{
-  /* build fixed tables if not already (multiple overlapped executions ok) */
-  if (!fixed_built)
-  {
-    int k;              /* temporary variable */
-    unsigned c[288];    /* length list for huft_build */
-    z_stream z;         /* for falloc function */
-    int f = FIXEDH;     /* number of hufts left in fixed_mem */
-
-    /* set up fake z_stream for memory routines */
-    z.zalloc = falloc;
-    z.zfree = Z_NULL;
-    z.opaque = (voidpf)&f;
-
-    /* literal table */
-    for (k = 0; k < 144; k++)
-      c[k] = 8;
-    for (; k < 256; k++)
-      c[k] = 9;
-    for (; k < 280; k++)
-      c[k] = 7;
-    for (; k < 288; k++)
-      c[k] = 8;
-    fixed_bl = 7;
-    huft_build(c, 288, 257, cplens, cplext, &fixed_tl, &fixed_bl, &z);
-
-    /* distance table */
-    for (k = 0; k < 30; k++)
-      c[k] = 5;
-    fixed_bd = 5;
-    huft_build(c, 30, 0, cpdist, cpdext, &fixed_td, &fixed_bd, &z);
-
-    /* done */
-    Assert(f == 0, "invalid build of fixed tables");
-    fixed_built = 1;
-  }
-  *bl = fixed_bl;
-  *bd = fixed_bd;
-  *tl = fixed_tl;
-  *td = fixed_td;
-  return Z_OK;
-}
-
-
-int inflate_trees_free(t, z)
-inflate_huft *t;        /* table to free */
-z_streamp z;            /* for zfree function */
-/* Free the malloc'ed tables built by huft_build(), which makes a linked
-   list of the tables it made, with the links in a dummy first entry of
-   each table. */
-{
-  register inflate_huft *p, *q, *r;
-
-  /* Reverse linked list */
-  p = Z_NULL;
-  q = t;
-  while (q != Z_NULL)
-  {
-    r = (q - 1)->next;
-    (q - 1)->next = p;
-    p = q;
-    q = r;
-  }
-  /* Go through linked list, freeing from the malloced (t[-1]) address. */
-  while (p != Z_NULL)
-  {
-    q = (--p)->next;
-    ZFREE(z,p);
-    p = q;
-  } 
-  return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inftrees.h b/security/nss/cmd/zlib/inftrees.h
deleted file mode 100644
index b06613ddd..000000000
--- a/security/nss/cmd/zlib/inftrees.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/* inftrees.h -- header to use inftrees.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-/* Huffman code lookup table entry--this entry is four bytes for machines
-   that have 16-bit pointers (e.g. PC's in the small or medium model). */
-
-typedef struct inflate_huft_s FAR inflate_huft;
-
-struct inflate_huft_s {
-  union {
-    struct {
-      Byte Exop;        /* number of extra bits or operation */
-      Byte Bits;        /* number of bits in this code or subcode */
-    } what;
-    Bytef *pad;         /* pad structure to a power of 2 (4 bytes for */
-  } word;               /*  16-bit, 8 bytes for 32-bit machines) */
-  union {
-    uInt Base;          /* literal, length base, or distance base */
-    inflate_huft *Next; /* pointer to next level of table */
-  } more;
-};
-
-#ifdef DEBUG
-  extern uInt inflate_hufts;
-#endif
-
-extern int inflate_trees_bits OF((
-    uIntf *,                    /* 19 code lengths */
-    uIntf *,                    /* bits tree desired/actual depth */
-    inflate_huft * FAR *,       /* bits tree result */
-    z_streamp ));               /* for zalloc, zfree functions */
-
-extern int inflate_trees_dynamic OF((
-    uInt,                       /* number of literal/length codes */
-    uInt,                       /* number of distance codes */
-    uIntf *,                    /* that many (total) code lengths */
-    uIntf *,                    /* literal desired/actual bit depth */
-    uIntf *,                    /* distance desired/actual bit depth */
-    inflate_huft * FAR *,       /* literal/length tree result */
-    inflate_huft * FAR *,       /* distance tree result */
-    z_streamp ));               /* for zalloc, zfree functions */
-
-extern int inflate_trees_fixed OF((
-    uIntf *,                    /* literal desired/actual bit depth */
-    uIntf *,                    /* distance desired/actual bit depth */
-    inflate_huft * FAR *,       /* literal/length tree result */
-    inflate_huft * FAR *));     /* distance tree result */
-
-extern int inflate_trees_free OF((
-    inflate_huft *,             /* tables to free */
-    z_streamp ));               /* for zfree function */
-
diff --git a/security/nss/cmd/zlib/infutil.c b/security/nss/cmd/zlib/infutil.c
deleted file mode 100644
index eb21199c3..000000000
--- a/security/nss/cmd/zlib/infutil.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* inflate_util.c -- data and routines common to blocks and codes
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-#include "zutil.h"
-#include "infblock.h"
-#include "inftrees.h"
-#include "infcodes.h"
-#include "infutil.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* And'ing with mask[n] masks the lower n bits */
-uInt inflate_mask[17] = {
-    0x0000,
-    0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff,
-    0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff
-};
-
-
-/* copy as much as possible from the sliding window to the output area */
-int inflate_flush(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
-  uInt n;
-  Bytef *p;
-  Bytef *q;
-
-  /* local copies of source and destination pointers */
-  p = z->next_out;
-  q = s->read;
-
-  /* compute number of bytes to copy as far as end of window */
-  n = (uInt)((q <= s->write ? s->write : s->end) - q);
-  if (n > z->avail_out) n = z->avail_out;
-  if (n && r == Z_BUF_ERROR) r = Z_OK;
-
-  /* update counters */
-  z->avail_out -= n;
-  z->total_out += n;
-
-  /* update check information */
-  if (s->checkfn != Z_NULL)
-    z->adler = s->check = (*s->checkfn)(s->check, q, n);
-
-  /* copy as far as end of window */
-  zmemcpy(p, q, n);
-  p += n;
-  q += n;
-
-  /* see if more to copy at beginning of window */
-  if (q == s->end)
-  {
-    /* wrap pointers */
-    q = s->window;
-    if (s->write == s->end)
-      s->write = s->window;
-
-    /* compute bytes to copy */
-    n = (uInt)(s->write - q);
-    if (n > z->avail_out) n = z->avail_out;
-    if (n && r == Z_BUF_ERROR) r = Z_OK;
-
-    /* update counters */
-    z->avail_out -= n;
-    z->total_out += n;
-
-    /* update check information */
-    if (s->checkfn != Z_NULL)
-      z->adler = s->check = (*s->checkfn)(s->check, q, n);
-
-    /* copy */
-    zmemcpy(p, q, n);
-    p += n;
-    q += n;
-  }
-
-  /* update pointers */
-  z->next_out = p;
-  s->read = q;
-
-  /* done */
-  return r;
-}
diff --git a/security/nss/cmd/zlib/infutil.h b/security/nss/cmd/zlib/infutil.h
deleted file mode 100644
index 702cd290c..000000000
--- a/security/nss/cmd/zlib/infutil.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* infutil.h -- types and macros common to blocks and codes
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-#ifndef _INFUTIL_H
-#define _INFUTIL_H
-
-typedef enum {
-      TYPE,     /* get type bits (3, including end bit) */
-      LENS,     /* get lengths for stored */
-      STORED,   /* processing stored block */
-      TABLE,    /* get table lengths */
-      BTREE,    /* get bit lengths tree for a dynamic block */
-      DTREE,    /* get length, distance trees for a dynamic block */
-      CODES,    /* processing fixed or dynamic block */
-      DRY,      /* output remaining window bytes */
-      DONE,     /* finished last block, done */
-      BAD}      /* got a data error--stuck here */
-inflate_block_mode;
-
-/* inflate blocks semi-private state */
-struct inflate_blocks_state {
-
-  /* mode */
-  inflate_block_mode  mode;     /* current inflate_block mode */
-
-  /* mode dependent information */
-  union {
-    uInt left;          /* if STORED, bytes left to copy */
-    struct {
-      uInt table;               /* table lengths (14 bits) */
-      uInt index;               /* index into blens (or border) */
-      uIntf *blens;             /* bit lengths of codes */
-      uInt bb;                  /* bit length tree depth */
-      inflate_huft *tb;         /* bit length decoding tree */
-    } trees;            /* if DTREE, decoding info for trees */
-    struct {
-      inflate_huft *tl;
-      inflate_huft *td;         /* trees to free */
-      inflate_codes_statef 
-         *codes;
-    } decode;           /* if CODES, current state */
-  } sub;                /* submode */
-  uInt last;            /* true if this block is the last block */
-
-  /* mode independent information */
-  uInt bitk;            /* bits in bit buffer */
-  uLong bitb;           /* bit buffer */
-  Bytef *window;        /* sliding window */
-  Bytef *end;           /* one byte after sliding window */
-  Bytef *read;          /* window read pointer */
-  Bytef *write;         /* window write pointer */
-  check_func checkfn;   /* check function */
-  uLong check;          /* check on output */
-
-};
-
-
-/* defines for inflate input/output */
-/*   update pointers and return */
-#define UPDBITS {s->bitb=b;s->bitk=k;}
-#define UPDIN {z->avail_in=n;z->total_in+=p-z->next_in;z->next_in=p;}
-#define UPDOUT {s->write=q;}
-#define UPDATE {UPDBITS UPDIN UPDOUT}
-#define LEAVE {UPDATE return inflate_flush(s,z,r);}
-/*   get bytes and bits */
-#define LOADIN {p=z->next_in;n=z->avail_in;b=s->bitb;k=s->bitk;}
-#define NEEDBYTE {if(n)r=Z_OK;else LEAVE}
-#define NEXTBYTE (n--,*p++)
-#define NEEDBITS(j) {while(k<(j)){NEEDBYTE;b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-#define DUMPBITS(j) {b>>=(j);k-=(j);}
-/*   output bytes */
-#define WAVAIL (uInt)(q<s->read?s->read-q-1:s->end-q)
-#define LOADOUT {q=s->write;m=(uInt)WAVAIL;}
-#define WRAP {if(q==s->end&&s->read!=s->window){q=s->window;m=(uInt)WAVAIL;}}
-#define FLUSH {UPDOUT r=inflate_flush(s,z,r); LOADOUT}
-#define NEEDOUT {if(m==0){WRAP if(m==0){FLUSH WRAP if(m==0) LEAVE}}r=Z_OK;}
-#define OUTBYTE(a) {*q++=(Byte)(a);m--;}
-/*   load local pointers */
-#define LOAD {LOADIN LOADOUT}
-
-/* masks for lower bits (size given to avoid silly warnings with Visual C++) */
-extern uInt inflate_mask[17];
-
-/* copy as much as possible from the sliding window to the output area */
-extern int inflate_flush OF((
-    inflate_blocks_statef *,
-    z_streamp ,
-    int));
-
-struct internal_state      {int dummy;}; /* for buggy compilers */
-
-#endif
diff --git a/security/nss/cmd/zlib/makefile.win b/security/nss/cmd/zlib/makefile.win
deleted file mode 100644
index 0f87b40b8..000000000
--- a/security/nss/cmd/zlib/makefile.win
+++ /dev/null
@@ -1,91 +0,0 @@
-NODEPEND=1
-IGNORE_MANIFEST = 1
-
-#//------------------------------------------------------------------------
-#//
-# New build system where zip dll is build indepenant of java stubs.
-#//
-#//------------------------------------------------------------------------
-MODULE = zlib
-EXPORTS = 				\
-	zlib.h				\
-	zconf.h				\
-	$(NULL)
-
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..\..\
-
-MAKE_OBJ_TYPE=DLL
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
-#//
-#//------------------------------------------------------------------------
-DLLNAME=$(ZIPDLL)
-PDBFILE=$(MOD_ZIP).pdb
-MAPFILE=$(MOD_ZIP).map
-!if "$(MOZ_BITS)" == "16"
-DEFFILE=zip16.def
-!endif
-#RESFILE=zip.res
-
-#//------------------------------------------------------------------------
-#// 
-#// Define the files necessary to build the target (ie. OBJS)
-#//
-#//------------------------------------------------------------------------
-OBJS=                                   \
-		  .\$(OBJDIR)\adler32.obj      \
-		  .\$(OBJDIR)\compress.obj     \
-		  .\$(OBJDIR)\crc32.obj        \
-		  .\$(OBJDIR)\deflate.obj      \
-		  .\$(OBJDIR)\gzio.obj         \
-		  .\$(OBJDIR)\infblock.obj     \
-		  .\$(OBJDIR)\infcodes.obj     \
-		  .\$(OBJDIR)\inffast.obj      \
-		  .\$(OBJDIR)\inflate.obj      \
-		  .\$(OBJDIR)\inftrees.obj     \
-		  .\$(OBJDIR)\infutil.obj      \
-		  .\$(OBJDIR)\trees.obj        \
-		  .\$(OBJDIR)\uncompr.obj      \
-		  .\$(OBJDIR)\zutil.obj        \
-		  $(NULL)
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
-#// (these must be defined before the common makefiles are included)
-#//
-#//------------------------------------------------------------------------
-
-DLL=.\$(OBJDIR)\$(DLLNAME)
-MAPFILE= $(MOD_ZIP).map
-
-
-#//------------------------------------------------------------------------
-#//
-#// Define any local options for the make tools 
-#//     (ie. LCFLAGS, LLFLAGS, LLIBS, LINCS)
-#//
-#//------------------------------------------------------------------------
-LLIBS=$(LLIBS)  $(LIBNSPR) 
-LINCS=$(LINCS) -I. -I_gen
-# clobber and clobber_all will remove the following garbage:
-GARBAGE	= $(GARBAGE) _gen
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/sun-java/config/rules.mak>
-
-export:: $(DLL)
-    $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME) $(DIST)\bin
-    $(MAKE_INSTALL) .\$(OBJDIR)\$(MOD_ZIP).lib $(DIST)\lib
diff --git a/security/nss/cmd/zlib/manifest.mn b/security/nss/cmd/zlib/manifest.mn
deleted file mode 100644
index 6b4fbd4ec..000000000
--- a/security/nss/cmd/zlib/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = seccmd
-
-EXPORTS = zlib.h zconf.h
-
-CSRCS =	adler32.c 	\
-	crc32.c 	\
-	compress.c 	\
-	uncompr.c 	\
-	deflate.c 	\
-	trees.c 	\
-	zutil.c 	\
-	inflate.c 	\
-	infblock.c 	\
-	inftrees.c 	\
-	infcodes.c 	\
-	infutil.c 	\
-	inffast.c 	\
-	$(NULL)
-
-LIBRARY_NAME = zlib
-
-# REQUIRES = security
-
-DEFINES = -DNSPR20=1 -DMOZILLA_CLIENT=1
-
diff --git a/security/nss/cmd/zlib/minigzip.c b/security/nss/cmd/zlib/minigzip.c
deleted file mode 100644
index 60a48a12d..000000000
--- a/security/nss/cmd/zlib/minigzip.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/* minigzip.c -- simulate gzip using the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-
-/*
- * minigzip is a minimal implementation of the gzip utility. This is
- * only an example of using zlib and isn't meant to replace the
- * full-featured gzip. No attempt is made to deal with file systems
- * limiting names to 14 or 8+3 characters, etc... Error checking is
- * very limited. So use minigzip only for testing; use gzip for the
- * real thing. On MSDOS, use only on file names without extension
- * or in pipe mode.
- */
-
-/* $Id$ */
-
-#include <stdio.h>
-#include "zlib.h"
-
-#ifdef STDC
-#  include <string.h>
-#  include <stdlib.h>
-#else
-   extern void exit  OF((int));
-#endif
-
-
-#if defined(MSDOS) || defined(OS2) || defined(WIN32)
-#  include <fcntl.h>
-#  include <io.h>
-#  define SET_BINARY_MODE(file) setmode(fileno(file), O_BINARY)
-#else
-#  define SET_BINARY_MODE(file)
-#endif
-
-#ifdef VMS
-#  define unlink delete
-#  define GZ_SUFFIX "-gz"
-#endif
-#ifdef RISCOS
-#  define unlink remove
-#  define GZ_SUFFIX "-gz"
-#  define fileno(file) file->__file
-#endif
-
-#ifndef GZ_SUFFIX
-#  define GZ_SUFFIX ".gz"
-#endif
-#define SUFFIX_LEN sizeof(GZ_SUFFIX)
-
-extern int unlink OF((const char *));
-
-#define BUFLEN 4096
-#define MAX_NAME_LEN 1024
-
-#define local static
-/* For MSDOS and other systems with limitation on stack size. For Unix,
-    #define local
-   works also.
- */
-
-char *prog;
-
-void error           OF((const char *msg));
-void gz_compress     OF((FILE   *in, gzFile out));
-void gz_uncompress   OF((gzFile in, FILE   *out));
-void file_compress   OF((char  *file));
-void file_uncompress OF((char  *file));
-int  main            OF((int argc, char *argv[]));
-
-/* ===========================================================================
- * Display error message and exit
- */
-void error(msg)
-    const char *msg;
-{
-    fprintf(stderr, "%s: %s\n", prog, msg);
-    exit(1);
-}
-
-/* ===========================================================================
- * Compress input to output then close both files.
- */
-void gz_compress(in, out)
-    FILE   *in;
-    gzFile out;
-{
-    local char buf[BUFLEN];
-    int len;
-    int err;
-
-    for (;;) {
-        len = fread(buf, 1, sizeof(buf), in);
-        if (ferror(in)) {
-            perror("fread");
-            exit(1);
-        }
-        if (len == 0) break;
-
-        if (gzwrite(out, buf, (unsigned)len) != len) error(gzerror(out, &err));
-    }
-    fclose(in);
-    if (gzclose(out) != Z_OK) error("failed gzclose");
-}
-
-/* ===========================================================================
- * Uncompress input to output then close both files.
- */
-void gz_uncompress(in, out)
-    gzFile in;
-    FILE   *out;
-{
-    local char buf[BUFLEN];
-    int len;
-    int err;
-
-    for (;;) {
-        len = gzread(in, buf, sizeof(buf));
-        if (len < 0) error (gzerror(in, &err));
-        if (len == 0) break;
-
-        if ((int)fwrite(buf, 1, (unsigned)len, out) != len) {
-	    error("failed fwrite");
-	}
-    }
-    if (fclose(out)) error("failed fclose");
-
-    if (gzclose(in) != Z_OK) error("failed gzclose");
-}
-
-
-/* ===========================================================================
- * Compress the given file: create a corresponding .gz file and remove the
- * original.
- */
-void file_compress(file)
-    char  *file;
-{
-    local char outfile[MAX_NAME_LEN];
-    FILE  *in;
-    gzFile out;
-
-    strcpy(outfile, file);
-    strcat(outfile, GZ_SUFFIX);
-
-    in = fopen(file, "rb");
-    if (in == NULL) {
-        perror(file);
-        exit(1);
-    }
-    out = gzopen(outfile, "wb"); /* use "wb9" for maximal compression */
-    if (out == NULL) {
-        fprintf(stderr, "%s: can't gzopen %s\n", prog, outfile);
-        exit(1);
-    }
-    gz_compress(in, out);
-
-    unlink(file);
-}
-
-
-/* ===========================================================================
- * Uncompress the given file and remove the original.
- */
-void file_uncompress(file)
-    char  *file;
-{
-    local char buf[MAX_NAME_LEN];
-    char *infile, *outfile;
-    FILE  *out;
-    gzFile in;
-    int len = strlen(file);
-
-    strcpy(buf, file);
-
-    if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
-        infile = file;
-        outfile = buf;
-        outfile[len-3] = '\0';
-    } else {
-        outfile = file;
-        infile = buf;
-        strcat(infile, GZ_SUFFIX);
-    }
-    in = gzopen(infile, "rb");
-    if (in == NULL) {
-        fprintf(stderr, "%s: can't gzopen %s\n", prog, infile);
-        exit(1);
-    }
-    out = fopen(outfile, "wb");
-    if (out == NULL) {
-        perror(file);
-        exit(1);
-    }
-
-    gz_uncompress(in, out);
-
-    unlink(infile);
-}
-
-
-/* ===========================================================================
- * Usage:  minigzip [-d] [files...]
- */
-
-int main(argc, argv)
-    int argc;
-    char *argv[];
-{
-    int uncompr = 0;
-    gzFile file;
-
-    prog = argv[0];
-    argc--, argv++;
-
-    if (argc > 0) {
-        uncompr = (strcmp(*argv, "-d") == 0);
-        if (uncompr) {
-            argc--, argv++;
-        }
-    }
-    if (argc == 0) {
-        SET_BINARY_MODE(stdin);
-        SET_BINARY_MODE(stdout);
-        if (uncompr) {
-            file = gzdopen(fileno(stdin), "rb");
-            if (file == NULL) error("can't gzdopen stdin");
-            gz_uncompress(file, stdout);
-        } else {
-            file = gzdopen(fileno(stdout), "wb"); /* "wb9" for max compr. */
-            if (file == NULL) error("can't gzdopen stdout");
-            gz_compress(stdin, file);
-        }
-    } else {
-        do {
-            if (uncompr) {
-                file_uncompress(*argv);
-            } else {
-                file_compress(*argv);
-            }
-        } while (argv++, --argc);
-    }
-    exit(0);
-    return 0; /* to avoid warning */
-}
diff --git a/security/nss/cmd/zlib/netscape_mods.doc b/security/nss/cmd/zlib/netscape_mods.doc
deleted file mode 100644
index c8a72d159..000000000
--- a/security/nss/cmd/zlib/netscape_mods.doc
+++ /dev/null
@@ -1,43 +0,0 @@
-
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s): 
- */
-
-Netscape Modifications to Zlib source -
-
-
-Changes were made to the following files to 
-create a zlib dll:
-
-	adler32.c
-	compress.c
-	crc32.c
-	deflate.c
-	gzio.c
-	inflate.c
-	uncompr.c
-	zutil.c
-
-
-Various changes for cross platform builds
-are clearly marked through out the source.
-
-
diff --git a/security/nss/cmd/zlib/stubs.c b/security/nss/cmd/zlib/stubs.c
deleted file mode 100644
index 2e7a053ef..000000000
--- a/security/nss/cmd/zlib/stubs.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
-  !!! WARNING: If you add files here, be sure to:
-	1. add them to the Metrowerks project
-	2. edit Makefile and makefile.win to add a dependency on the .c file
-*/
-
-
-/* XXX Mac */
-#ifndef XP_MAC
-#include "_stubs/java_util_zip_Adler32.c"
-#include "_stubs/java_util_zip_CRC32.c"
-#include "_stubs/java_util_zip_Deflater.c"
-#include "_stubs/java_util_zip_Inflater.c"
-PR_PUBLIC_API(void) _java_zlib_init(void) { }
-#endif
-
-
diff --git a/security/nss/cmd/zlib/trees.c b/security/nss/cmd/zlib/trees.c
deleted file mode 100644
index 84623d992..000000000
--- a/security/nss/cmd/zlib/trees.c
+++ /dev/null
@@ -1,1143 +0,0 @@
-/* trees.c -- output deflated data using Huffman coding
- * Copyright (C) 1995-1996 Jean-loup Gailly
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/*
- *  ALGORITHM
- *
- *      The "deflation" process uses several Huffman trees. The more
- *      common source values are represented by shorter bit sequences.
- *
- *      Each code tree is stored in a compressed form which is itself
- * a Huffman encoding of the lengths of all the code strings (in
- * ascending order by source values).  The actual code strings are
- * reconstructed from the lengths in the inflate process, as described
- * in the deflate specification.
- *
- *  REFERENCES
- *
- *      Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
- *      Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
- *
- *      Storer, James A.
- *          Data Compression:  Methods and Theory, pp. 49-50.
- *          Computer Science Press, 1988.  ISBN 0-7167-8156-5.
- *
- *      Sedgewick, R.
- *          Algorithms, p290.
- *          Addison-Wesley, 1983. ISBN 0-201-06672-6.
- */
-
-/* $Id$ */
-
-#include "deflate.h"
-
-#ifdef DEBUG
-#  include <ctype.h>
-#endif
-
-/* ===========================================================================
- * Constants
- */
-
-#define MAX_BL_BITS 7
-/* Bit length codes must not exceed MAX_BL_BITS bits */
-
-#define END_BLOCK 256
-/* end of block literal code */
-
-#define REP_3_6      16
-/* repeat previous bit length 3-6 times (2 bits of repeat count) */
-
-#define REPZ_3_10    17
-/* repeat a zero length 3-10 times  (3 bits of repeat count) */
-
-#define REPZ_11_138  18
-/* repeat a zero length 11-138 times  (7 bits of repeat count) */
-
-local int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
-   = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
-
-local int extra_dbits[D_CODES] /* extra bits for each distance code */
-   = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
-
-local int extra_blbits[BL_CODES]/* extra bits for each bit length code */
-   = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
-
-local uch bl_order[BL_CODES]
-   = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
-/* The lengths of the bit length codes are sent in order of decreasing
- * probability, to avoid transmitting the lengths for unused bit length codes.
- */
-
-#define Buf_size (8 * 2*sizeof(char))
-/* Number of bits used within bi_buf. (bi_buf might be implemented on
- * more than 16 bits on some systems.)
- */
-
-/* ===========================================================================
- * Local data. These are initialized only once.
- */
-
-local ct_data static_ltree[L_CODES+2];
-/* The static literal tree. Since the bit lengths are imposed, there is no
- * need for the L_CODES extra codes used during heap construction. However
- * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
- * below).
- */
-
-local ct_data static_dtree[D_CODES];
-/* The static distance tree. (Actually a trivial tree since all codes use
- * 5 bits.)
- */
-
-local uch dist_code[512];
-/* distance codes. The first 256 values correspond to the distances
- * 3 .. 258, the last 256 values correspond to the top 8 bits of
- * the 15 bit distances.
- */
-
-local uch length_code[MAX_MATCH-MIN_MATCH+1];
-/* length code for each normalized match length (0 == MIN_MATCH) */
-
-local int base_length[LENGTH_CODES];
-/* First normalized length for each code (0 = MIN_MATCH) */
-
-local int base_dist[D_CODES];
-/* First normalized distance for each code (0 = distance of 1) */
-
-struct static_tree_desc_s {
-    ct_data *static_tree;        /* static tree or NULL */
-    intf    *extra_bits;         /* extra bits for each code or NULL */
-    int     extra_base;          /* base index for extra_bits */
-    int     elems;               /* max number of elements in the tree */
-    int     max_length;          /* max bit length for the codes */
-};
-
-local static_tree_desc  static_l_desc =
-{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
-
-local static_tree_desc  static_d_desc =
-{static_dtree, extra_dbits, 0,          D_CODES, MAX_BITS};
-
-local static_tree_desc  static_bl_desc =
-{(ct_data *)0, extra_blbits, 0,      BL_CODES, MAX_BL_BITS};
-
-/* ===========================================================================
- * Local (static) routines in this file.
- */
-
-local void tr_static_init OF((void));
-local void init_block     OF((deflate_state *s));
-local void pqdownheap     OF((deflate_state *s, ct_data *tree, int k));
-local void gen_bitlen     OF((deflate_state *s, tree_desc *desc));
-local void gen_codes      OF((ct_data *tree, int max_code, ushf *bl_count));
-local void build_tree     OF((deflate_state *s, tree_desc *desc));
-local void scan_tree      OF((deflate_state *s, ct_data *tree, int max_code));
-local void send_tree      OF((deflate_state *s, ct_data *tree, int max_code));
-local int  build_bl_tree  OF((deflate_state *s));
-local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
-                              int blcodes));
-local void compress_block OF((deflate_state *s, ct_data *ltree,
-                              ct_data *dtree));
-local void set_data_type  OF((deflate_state *s));
-local unsigned bi_reverse OF((unsigned value, int length));
-local void bi_windup      OF((deflate_state *s));
-local void bi_flush       OF((deflate_state *s));
-local void copy_block     OF((deflate_state *s, charf *buf, unsigned len,
-                              int header));
-
-#ifndef DEBUG_NEVER
-#  define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
-   /* Send a code of the given tree. c and tree must not have side effects */
-
-#else /* DEBUG */
-#  define send_code(s, c, tree) \
-     { if (verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
-       send_bits(s, tree[c].Code, tree[c].Len); }
-#endif
-
-#define d_code(dist) \
-   ((dist) < 256 ? dist_code[dist] : dist_code[256+((dist)>>7)])
-/* Mapping from a distance to a distance code. dist is the distance - 1 and
- * must not have side effects. dist_code[256] and dist_code[257] are never
- * used.
- */
-
-/* ===========================================================================
- * Output a short LSB first on the stream.
- * IN assertion: there is enough room in pendingBuf.
- */
-#define put_short(s, w) { \
-    put_byte(s, (uch)((w) & 0xff)); \
-    put_byte(s, (uch)((ush)(w) >> 8)); \
-}
-
-/* ===========================================================================
- * Send a value on a given number of bits.
- * IN assertion: length <= 16 and value fits in length bits.
- */
-#ifdef DEBUG
-local void send_bits      OF((deflate_state *s, int value, int length));
-
-local void send_bits(s, value, length)
-    deflate_state *s;
-    int value;  /* value to send */
-    int length; /* number of bits */
-{
-    Tracevv((stderr," l %2d v %4x ", length, value));
-    Assert(length > 0 && length <= 15, "invalid length");
-    s->bits_sent += (ulg)length;
-
-    /* If not enough room in bi_buf, use (valid) bits from bi_buf and
-     * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
-     * unused bits in value.
-     */
-    if (s->bi_valid > (int)Buf_size - length) {
-        s->bi_buf |= (value << s->bi_valid);
-        put_short(s, s->bi_buf);
-        s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
-        s->bi_valid += length - Buf_size;
-    } else {
-        s->bi_buf |= value << s->bi_valid;
-        s->bi_valid += length;
-    }
-}
-#else /* !DEBUG */
-
-#define send_bits(s, value, length) \
-{ int len = length;\
-  if (s->bi_valid > (int)Buf_size - len) {\
-    int val = value;\
-    s->bi_buf |= (val << s->bi_valid);\
-    put_short(s, s->bi_buf);\
-    s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
-    s->bi_valid += len - Buf_size;\
-  } else {\
-    s->bi_buf |= (value) << s->bi_valid;\
-    s->bi_valid += len;\
-  }\
-}
-#endif /* DEBUG */
-
-
-#ifndef MAX
-#define MAX(a,b) (a >= b ? a : b)
-#endif
-/* the arguments must not have side effects */
-
-/* ===========================================================================
- * Initialize the various 'constant' tables. In a multi-threaded environment,
- * this function may be called by two threads concurrently, but this is
- * harmless since both invocations do exactly the same thing.
- */
-local void tr_static_init()
-{
-    static int static_init_done = 0;
-    int n;        /* iterates over tree elements */
-    int bits;     /* bit counter */
-    int length;   /* length value */
-    int code;     /* code value */
-    int dist;     /* distance index */
-    ush bl_count[MAX_BITS+1];
-    /* number of codes at each bit length for an optimal tree */
-
-    if (static_init_done) return;
-
-    /* Initialize the mapping length (0..255) -> length code (0..28) */
-    length = 0;
-    for (code = 0; code < LENGTH_CODES-1; code++) {
-        base_length[code] = length;
-        for (n = 0; n < (1<<extra_lbits[code]); n++) {
-            length_code[length++] = (uch)code;
-        }
-    }
-    Assert (length == 256, "tr_static_init: length != 256");
-    /* Note that the length 255 (match length 258) can be represented
-     * in two different ways: code 284 + 5 bits or code 285, so we
-     * overwrite length_code[255] to use the best encoding:
-     */
-    length_code[length-1] = (uch)code;
-
-    /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
-    dist = 0;
-    for (code = 0 ; code < 16; code++) {
-        base_dist[code] = dist;
-        for (n = 0; n < (1<<extra_dbits[code]); n++) {
-            dist_code[dist++] = (uch)code;
-        }
-    }
-    Assert (dist == 256, "tr_static_init: dist != 256");
-    dist >>= 7; /* from now on, all distances are divided by 128 */
-    for ( ; code < D_CODES; code++) {
-        base_dist[code] = dist << 7;
-        for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
-            dist_code[256 + dist++] = (uch)code;
-        }
-    }
-    Assert (dist == 256, "tr_static_init: 256+dist != 512");
-
-    /* Construct the codes of the static literal tree */
-    for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
-    n = 0;
-    while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
-    while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
-    while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
-    while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
-    /* Codes 286 and 287 do not exist, but we must include them in the
-     * tree construction to get a canonical Huffman tree (longest code
-     * all ones)
-     */
-    gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
-
-    /* The static distance tree is trivial: */
-    for (n = 0; n < D_CODES; n++) {
-        static_dtree[n].Len = 5;
-        static_dtree[n].Code = bi_reverse((unsigned)n, 5);
-    }
-    static_init_done = 1;
-}
-
-/* ===========================================================================
- * Initialize the tree data structures for a new zlib stream.
- */
-void _tr_init(s)
-    deflate_state *s;
-{
-    tr_static_init();
-
-    s->compressed_len = 0L;
-
-    s->l_desc.dyn_tree = s->dyn_ltree;
-    s->l_desc.stat_desc = &static_l_desc;
-
-    s->d_desc.dyn_tree = s->dyn_dtree;
-    s->d_desc.stat_desc = &static_d_desc;
-
-    s->bl_desc.dyn_tree = s->bl_tree;
-    s->bl_desc.stat_desc = &static_bl_desc;
-
-    s->bi_buf = 0;
-    s->bi_valid = 0;
-    s->last_eob_len = 8; /* enough lookahead for inflate */
-#ifdef DEBUG
-    s->bits_sent = 0L;
-#endif
-
-    /* Initialize the first block of the first file: */
-    init_block(s);
-}
-
-/* ===========================================================================
- * Initialize a new block.
- */
-local void init_block(s)
-    deflate_state *s;
-{
-    int n; /* iterates over tree elements */
-
-    /* Initialize the trees. */
-    for (n = 0; n < L_CODES;  n++) s->dyn_ltree[n].Freq = 0;
-    for (n = 0; n < D_CODES;  n++) s->dyn_dtree[n].Freq = 0;
-    for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
-
-    s->dyn_ltree[END_BLOCK].Freq = 1;
-    s->opt_len = s->static_len = 0L;
-    s->last_lit = s->matches = 0;
-}
-
-#define SMALLEST 1
-/* Index within the heap array of least frequent node in the Huffman tree */
-
-
-/* ===========================================================================
- * Remove the smallest element from the heap and recreate the heap with
- * one less element. Updates heap and heap_len.
- */
-#define pqremove(s, tree, top) \
-{\
-    top = s->heap[SMALLEST]; \
-    s->heap[SMALLEST] = s->heap[s->heap_len--]; \
-    pqdownheap(s, tree, SMALLEST); \
-}
-
-/* ===========================================================================
- * Compares to subtrees, using the tree depth as tie breaker when
- * the subtrees have equal frequency. This minimizes the worst case length.
- */
-#define smaller(tree, n, m, depth) \
-   (tree[n].Freq < tree[m].Freq || \
-   (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
-
-/* ===========================================================================
- * Restore the heap property by moving down the tree starting at node k,
- * exchanging a node with the smallest of its two sons if necessary, stopping
- * when the heap property is re-established (each father smaller than its
- * two sons).
- */
-local void pqdownheap(s, tree, k)
-    deflate_state *s;
-    ct_data *tree;  /* the tree to restore */
-    int k;               /* node to move down */
-{
-    int v = s->heap[k];
-    int j = k << 1;  /* left son of k */
-    while (j <= s->heap_len) {
-        /* Set j to the smallest of the two sons: */
-        if (j < s->heap_len &&
-            smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
-            j++;
-        }
-        /* Exit if v is smaller than both sons */
-        if (smaller(tree, v, s->heap[j], s->depth)) break;
-
-        /* Exchange v with the smallest son */
-        s->heap[k] = s->heap[j];  k = j;
-
-        /* And continue down the tree, setting j to the left son of k */
-        j <<= 1;
-    }
-    s->heap[k] = v;
-}
-
-/* ===========================================================================
- * Compute the optimal bit lengths for a tree and update the total bit length
- * for the current block.
- * IN assertion: the fields freq and dad are set, heap[heap_max] and
- *    above are the tree nodes sorted by increasing frequency.
- * OUT assertions: the field len is set to the optimal bit length, the
- *     array bl_count contains the frequencies for each bit length.
- *     The length opt_len is updated; static_len is also updated if stree is
- *     not null.
- */
-local void gen_bitlen(s, desc)
-    deflate_state *s;
-    tree_desc *desc;    /* the tree descriptor */
-{
-    ct_data *tree  = desc->dyn_tree;
-    int max_code   = desc->max_code;
-    ct_data *stree = desc->stat_desc->static_tree;
-    intf *extra    = desc->stat_desc->extra_bits;
-    int base       = desc->stat_desc->extra_base;
-    int max_length = desc->stat_desc->max_length;
-    int h;              /* heap index */
-    int n, m;           /* iterate over the tree elements */
-    int bits;           /* bit length */
-    int xbits;          /* extra bits */
-    ush f;              /* frequency */
-    int overflow = 0;   /* number of elements with bit length too large */
-
-    for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
-
-    /* In a first pass, compute the optimal bit lengths (which may
-     * overflow in the case of the bit length tree).
-     */
-    tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
-
-    for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
-        n = s->heap[h];
-        bits = tree[tree[n].Dad].Len + 1;
-        if (bits > max_length) bits = max_length, overflow++;
-        tree[n].Len = (ush)bits;
-        /* We overwrite tree[n].Dad which is no longer needed */
-
-        if (n > max_code) continue; /* not a leaf node */
-
-        s->bl_count[bits]++;
-        xbits = 0;
-        if (n >= base) xbits = extra[n-base];
-        f = tree[n].Freq;
-        s->opt_len += (ulg)f * (bits + xbits);
-        if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
-    }
-    if (overflow == 0) return;
-
-    Trace((stderr,"\nbit length overflow\n"));
-    /* This happens for example on obj2 and pic of the Calgary corpus */
-
-    /* Find the first bit length which could increase: */
-    do {
-        bits = max_length-1;
-        while (s->bl_count[bits] == 0) bits--;
-        s->bl_count[bits]--;      /* move one leaf down the tree */
-        s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
-        s->bl_count[max_length]--;
-        /* The brother of the overflow item also moves one step up,
-         * but this does not affect bl_count[max_length]
-         */
-        overflow -= 2;
-    } while (overflow > 0);
-
-    /* Now recompute all bit lengths, scanning in increasing frequency.
-     * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
-     * lengths instead of fixing only the wrong ones. This idea is taken
-     * from 'ar' written by Haruhiko Okumura.)
-     */
-    for (bits = max_length; bits != 0; bits--) {
-        n = s->bl_count[bits];
-        while (n != 0) {
-            m = s->heap[--h];
-            if (m > max_code) continue;
-            if (tree[m].Len != (unsigned) bits) {
-                Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
-                s->opt_len += ((long)bits - (long)tree[m].Len)
-                              *(long)tree[m].Freq;
-                tree[m].Len = (ush)bits;
-            }
-            n--;
-        }
-    }
-}
-
-/* ===========================================================================
- * Generate the codes for a given tree and bit counts (which need not be
- * optimal).
- * IN assertion: the array bl_count contains the bit length statistics for
- * the given tree and the field len is set for all tree elements.
- * OUT assertion: the field code is set for all tree elements of non
- *     zero code length.
- */
-local void gen_codes (tree, max_code, bl_count)
-    ct_data *tree;             /* the tree to decorate */
-    int max_code;              /* largest code with non zero frequency */
-    ushf *bl_count;            /* number of codes at each bit length */
-{
-    ush next_code[MAX_BITS+1]; /* next code value for each bit length */
-    ush code = 0;              /* running code value */
-    int bits;                  /* bit index */
-    int n;                     /* code index */
-
-    /* The distribution counts are first used to generate the code values
-     * without bit reversal.
-     */
-    for (bits = 1; bits <= MAX_BITS; bits++) {
-        next_code[bits] = code = (code + bl_count[bits-1]) << 1;
-    }
-    /* Check that the bit counts in bl_count are consistent. The last code
-     * must be all ones.
-     */
-    Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
-            "inconsistent bit counts");
-    Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
-
-    for (n = 0;  n <= max_code; n++) {
-        int len = tree[n].Len;
-        if (len == 0) continue;
-        /* Now reverse the bits */
-        tree[n].Code = bi_reverse(next_code[len]++, len);
-
-        Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
-             n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
-    }
-}
-
-/* ===========================================================================
- * Construct one Huffman tree and assigns the code bit strings and lengths.
- * Update the total bit length for the current block.
- * IN assertion: the field freq is set for all tree elements.
- * OUT assertions: the fields len and code are set to the optimal bit length
- *     and corresponding code. The length opt_len is updated; static_len is
- *     also updated if stree is not null. The field max_code is set.
- */
-local void build_tree(s, desc)
-    deflate_state *s;
-    tree_desc *desc; /* the tree descriptor */
-{
-    ct_data *tree   = desc->dyn_tree;
-    ct_data *stree  = desc->stat_desc->static_tree;
-    int elems       = desc->stat_desc->elems;
-    int n, m;          /* iterate over heap elements */
-    int max_code = -1; /* largest code with non zero frequency */
-    int node;          /* new node being created */
-
-    /* Construct the initial heap, with least frequent element in
-     * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
-     * heap[0] is not used.
-     */
-    s->heap_len = 0, s->heap_max = HEAP_SIZE;
-
-    for (n = 0; n < elems; n++) {
-        if (tree[n].Freq != 0) {
-            s->heap[++(s->heap_len)] = max_code = n;
-            s->depth[n] = 0;
-        } else {
-            tree[n].Len = 0;
-        }
-    }
-
-    /* The pkzip format requires that at least one distance code exists,
-     * and that at least one bit should be sent even if there is only one
-     * possible code. So to avoid special checks later on we force at least
-     * two codes of non zero frequency.
-     */
-    while (s->heap_len < 2) {
-        node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
-        tree[node].Freq = 1;
-        s->depth[node] = 0;
-        s->opt_len--; if (stree) s->static_len -= stree[node].Len;
-        /* node is 0 or 1 so it does not have extra bits */
-    }
-    desc->max_code = max_code;
-
-    /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
-     * establish sub-heaps of increasing lengths:
-     */
-    for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
-
-    /* Construct the Huffman tree by repeatedly combining the least two
-     * frequent nodes.
-     */
-    node = elems;              /* next internal node of the tree */
-    do {
-        pqremove(s, tree, n);  /* n = node of least frequency */
-        m = s->heap[SMALLEST]; /* m = node of next least frequency */
-
-        s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
-        s->heap[--(s->heap_max)] = m;
-
-        /* Create a new node father of n and m */
-        tree[node].Freq = tree[n].Freq + tree[m].Freq;
-        s->depth[node] = (uch) (MAX(s->depth[n], s->depth[m]) + 1);
-        tree[n].Dad = tree[m].Dad = (ush)node;
-#ifdef DUMP_BL_TREE
-        if (tree == s->bl_tree) {
-            fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
-                    node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
-        }
-#endif
-        /* and insert the new node in the heap */
-        s->heap[SMALLEST] = node++;
-        pqdownheap(s, tree, SMALLEST);
-
-    } while (s->heap_len >= 2);
-
-    s->heap[--(s->heap_max)] = s->heap[SMALLEST];
-
-    /* At this point, the fields freq and dad are set. We can now
-     * generate the bit lengths.
-     */
-    gen_bitlen(s, (tree_desc *)desc);
-
-    /* The field len is now set, we can generate the bit codes */
-    gen_codes ((ct_data *)tree, max_code, s->bl_count);
-}
-
-/* ===========================================================================
- * Scan a literal or distance tree to determine the frequencies of the codes
- * in the bit length tree.
- */
-local void scan_tree (s, tree, max_code)
-    deflate_state *s;
-    ct_data *tree;   /* the tree to be scanned */
-    int max_code;    /* and its largest code of non zero frequency */
-{
-    int n;                     /* iterates over all tree elements */
-    int prevlen = -1;          /* last emitted length */
-    int curlen;                /* length of current code */
-    int nextlen = tree[0].Len; /* length of next code */
-    int count = 0;             /* repeat count of the current code */
-    int max_count = 7;         /* max repeat count */
-    int min_count = 4;         /* min repeat count */
-
-    if (nextlen == 0) max_count = 138, min_count = 3;
-    tree[max_code+1].Len = (ush)0xffff; /* guard */
-
-    for (n = 0; n <= max_code; n++) {
-        curlen = nextlen; nextlen = tree[n+1].Len;
-        if (++count < max_count && curlen == nextlen) {
-            continue;
-        } else if (count < min_count) {
-            s->bl_tree[curlen].Freq += count;
-        } else if (curlen != 0) {
-            if (curlen != prevlen) s->bl_tree[curlen].Freq++;
-            s->bl_tree[REP_3_6].Freq++;
-        } else if (count <= 10) {
-            s->bl_tree[REPZ_3_10].Freq++;
-        } else {
-            s->bl_tree[REPZ_11_138].Freq++;
-        }
-        count = 0; prevlen = curlen;
-        if (nextlen == 0) {
-            max_count = 138, min_count = 3;
-        } else if (curlen == nextlen) {
-            max_count = 6, min_count = 3;
-        } else {
-            max_count = 7, min_count = 4;
-        }
-    }
-}
-
-/* ===========================================================================
- * Send a literal or distance tree in compressed form, using the codes in
- * bl_tree.
- */
-local void send_tree (s, tree, max_code)
-    deflate_state *s;
-    ct_data *tree; /* the tree to be scanned */
-    int max_code;       /* and its largest code of non zero frequency */
-{
-    int n;                     /* iterates over all tree elements */
-    int prevlen = -1;          /* last emitted length */
-    int curlen;                /* length of current code */
-    int nextlen = tree[0].Len; /* length of next code */
-    int count = 0;             /* repeat count of the current code */
-    int max_count = 7;         /* max repeat count */
-    int min_count = 4;         /* min repeat count */
-
-    /* tree[max_code+1].Len = -1; */  /* guard already set */
-    if (nextlen == 0) max_count = 138, min_count = 3;
-
-    for (n = 0; n <= max_code; n++) {
-        curlen = nextlen; nextlen = tree[n+1].Len;
-        if (++count < max_count && curlen == nextlen) {
-            continue;
-        } else if (count < min_count) {
-            do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
-
-        } else if (curlen != 0) {
-            if (curlen != prevlen) {
-                send_code(s, curlen, s->bl_tree); count--;
-            }
-            Assert(count >= 3 && count <= 6, " 3_6?");
-            send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
-
-        } else if (count <= 10) {
-            send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
-
-        } else {
-            send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
-        }
-        count = 0; prevlen = curlen;
-        if (nextlen == 0) {
-            max_count = 138, min_count = 3;
-        } else if (curlen == nextlen) {
-            max_count = 6, min_count = 3;
-        } else {
-            max_count = 7, min_count = 4;
-        }
-    }
-}
-
-/* ===========================================================================
- * Construct the Huffman tree for the bit lengths and return the index in
- * bl_order of the last bit length code to send.
- */
-local int build_bl_tree(s)
-    deflate_state *s;
-{
-    int max_blindex;  /* index of last bit length code of non zero freq */
-
-    /* Determine the bit length frequencies for literal and distance trees */
-    scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
-    scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
-
-    /* Build the bit length tree: */
-    build_tree(s, (tree_desc *)(&(s->bl_desc)));
-    /* opt_len now includes the length of the tree representations, except
-     * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
-     */
-
-    /* Determine the number of bit length codes to send. The pkzip format
-     * requires that at least 4 bit length codes be sent. (appnote.txt says
-     * 3 but the actual value used is 4.)
-     */
-    for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
-        if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
-    }
-    /* Update opt_len to include the bit length tree and counts */
-    s->opt_len += 3*(max_blindex+1) + 5+5+4;
-    Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
-            s->opt_len, s->static_len));
-
-    return max_blindex;
-}
-
-/* ===========================================================================
- * Send the header for a block using dynamic Huffman trees: the counts, the
- * lengths of the bit length codes, the literal tree and the distance tree.
- * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
- */
-local void send_all_trees(s, lcodes, dcodes, blcodes)
-    deflate_state *s;
-    int lcodes, dcodes, blcodes; /* number of codes for each tree */
-{
-    int rank;                    /* index in bl_order */
-
-    Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
-    Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
-            "too many codes");
-    Tracev((stderr, "\nbl counts: "));
-    send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
-    send_bits(s, dcodes-1,   5);
-    send_bits(s, blcodes-4,  4); /* not -3 as stated in appnote.txt */
-    for (rank = 0; rank < blcodes; rank++) {
-        Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
-        send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
-    }
-    Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
-
-    send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
-    Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
-
-    send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
-    Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
-}
-
-/* ===========================================================================
- * Send a stored block
- */
-void _tr_stored_block(s, buf, stored_len, eof)
-    deflate_state *s;
-    charf *buf;       /* input block */
-    ulg stored_len;   /* length of input block */
-    int eof;          /* true if this is the last block for a file */
-{
-    send_bits(s, (STORED_BLOCK<<1)+eof, 3);  /* send block type */
-    s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
-    s->compressed_len += (stored_len + 4) << 3;
-
-    copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
-}
-
-/* ===========================================================================
- * Send one empty static block to give enough lookahead for inflate.
- * This takes 10 bits, of which 7 may remain in the bit buffer.
- * The current inflate code requires 9 bits of lookahead. If the
- * last two codes for the previous block (real code plus EOB) were coded
- * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
- * the last real code. In this case we send two empty static blocks instead
- * of one. (There are no problems if the previous block is stored or fixed.)
- * To simplify the code, we assume the worst case of last real code encoded
- * on one bit only.
- */
-void _tr_align(s)
-    deflate_state *s;
-{
-    send_bits(s, STATIC_TREES<<1, 3);
-    send_code(s, END_BLOCK, static_ltree);
-    s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
-    bi_flush(s);
-    /* Of the 10 bits for the empty block, we have already sent
-     * (10 - bi_valid) bits. The lookahead for the last real code (before
-     * the EOB of the previous block) was thus at least one plus the length
-     * of the EOB plus what we have just sent of the empty static block.
-     */
-    if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
-        send_bits(s, STATIC_TREES<<1, 3);
-        send_code(s, END_BLOCK, static_ltree);
-        s->compressed_len += 10L;
-        bi_flush(s);
-    }
-    s->last_eob_len = 7;
-}
-
-/* ===========================================================================
- * Determine the best encoding for the current block: dynamic trees, static
- * trees or store, and output the encoded block to the zip file. This function
- * returns the total compressed length for the file so far.
- */
-ulg _tr_flush_block(s, buf, stored_len, eof)
-    deflate_state *s;
-    charf *buf;       /* input block, or NULL if too old */
-    ulg stored_len;   /* length of input block */
-    int eof;          /* true if this is the last block for a file */
-{
-    ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
-    int max_blindex = 0;  /* index of last bit length code of non zero freq */
-
-    /* Build the Huffman trees unless a stored block is forced */
-    if (s->level > 0) {
-
-	 /* Check if the file is ascii or binary */
-	if (s->data_type == Z_UNKNOWN) set_data_type(s);
-
-	/* Construct the literal and distance trees */
-	build_tree(s, (tree_desc *)(&(s->l_desc)));
-	Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
-		s->static_len));
-
-	build_tree(s, (tree_desc *)(&(s->d_desc)));
-	Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
-		s->static_len));
-	/* At this point, opt_len and static_len are the total bit lengths of
-	 * the compressed block data, excluding the tree representations.
-	 */
-
-	/* Build the bit length tree for the above two trees, and get the index
-	 * in bl_order of the last bit length code to send.
-	 */
-	max_blindex = build_bl_tree(s);
-
-	/* Determine the best encoding. Compute first the block length in bytes*/
-	opt_lenb = (s->opt_len+3+7)>>3;
-	static_lenb = (s->static_len+3+7)>>3;
-
-	Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
-		opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
-		s->last_lit));
-
-	if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
-
-    } else {
-        Assert(buf != (char*)0, "lost buf");
-	opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
-    }
-
-    /* If compression failed and this is the first and last block,
-     * and if the .zip file can be seeked (to rewrite the local header),
-     * the whole file is transformed into a stored file:
-     */
-#ifdef STORED_FILE_OK
-#  ifdef FORCE_STORED_FILE
-    if (eof && s->compressed_len == 0L) { /* force stored file */
-#  else
-    if (stored_len <= opt_lenb && eof && s->compressed_len==0L && seekable()) {
-#  endif
-        /* Since LIT_BUFSIZE <= 2*WSIZE, the input data must be there: */
-        if (buf == (charf*)0) error ("block vanished");
-
-        copy_block(buf, (unsigned)stored_len, 0); /* without header */
-        s->compressed_len = stored_len << 3;
-        s->method = STORED;
-    } else
-#endif /* STORED_FILE_OK */
-
-#ifdef FORCE_STORED
-    if (buf != (char*)0) { /* force stored block */
-#else
-    if (stored_len+4 <= opt_lenb && buf != (char*)0) {
-                       /* 4: two words for the lengths */
-#endif
-        /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
-         * Otherwise we can't have processed more than WSIZE input bytes since
-         * the last block flush, because compression would have been
-         * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
-         * transform a block into a stored block.
-         */
-        _tr_stored_block(s, buf, stored_len, eof);
-
-#ifdef FORCE_STATIC
-    } else if (static_lenb >= 0) { /* force static trees */
-#else
-    } else if (static_lenb == opt_lenb) {
-#endif
-        send_bits(s, (STATIC_TREES<<1)+eof, 3);
-        compress_block(s, (ct_data *)static_ltree, (ct_data *)static_dtree);
-        s->compressed_len += 3 + s->static_len;
-    } else {
-        send_bits(s, (DYN_TREES<<1)+eof, 3);
-        send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
-                       max_blindex+1);
-        compress_block(s, (ct_data *)s->dyn_ltree, (ct_data *)s->dyn_dtree);
-        s->compressed_len += 3 + s->opt_len;
-    }
-    Assert (s->compressed_len == s->bits_sent, "bad compressed size");
-    init_block(s);
-
-    if (eof) {
-        bi_windup(s);
-        s->compressed_len += 7;  /* align on byte boundary */
-    }
-    Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
-           s->compressed_len-7*eof));
-
-    return s->compressed_len >> 3;
-}
-
-/* ===========================================================================
- * Save the match info and tally the frequency counts. Return true if
- * the current block must be flushed.
- */
-int _tr_tally (s, dist, lc)
-    deflate_state *s;
-    unsigned dist;  /* distance of matched string */
-    unsigned lc;    /* match length-MIN_MATCH or unmatched char (if dist==0) */
-{
-    s->d_buf[s->last_lit] = (ush)dist;
-    s->l_buf[s->last_lit++] = (uch)lc;
-    if (dist == 0) {
-        /* lc is the unmatched char */
-        s->dyn_ltree[lc].Freq++;
-    } else {
-        s->matches++;
-        /* Here, lc is the match length - MIN_MATCH */
-        dist--;             /* dist = match distance - 1 */
-        Assert((ush)dist < (ush)MAX_DIST(s) &&
-               (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
-               (ush)d_code(dist) < (ush)D_CODES,  "_tr_tally: bad match");
-
-        s->dyn_ltree[length_code[lc]+LITERALS+1].Freq++;
-        s->dyn_dtree[d_code(dist)].Freq++;
-    }
-
-    /* Try to guess if it is profitable to stop the current block here */
-    if (s->level > 2 && (s->last_lit & 0xfff) == 0) {
-        /* Compute an upper bound for the compressed length */
-        ulg out_length = (ulg)s->last_lit*8L;
-        ulg in_length = (ulg)((long)s->strstart - s->block_start);
-        int dcode;
-        for (dcode = 0; dcode < D_CODES; dcode++) {
-            out_length += (ulg)s->dyn_dtree[dcode].Freq *
-                (5L+extra_dbits[dcode]);
-        }
-        out_length >>= 3;
-        Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
-               s->last_lit, in_length, out_length,
-               100L - out_length*100L/in_length));
-        if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
-    }
-    return (s->last_lit == s->lit_bufsize-1);
-    /* We avoid equality with lit_bufsize because of wraparound at 64K
-     * on 16 bit machines and because stored blocks are restricted to
-     * 64K-1 bytes.
-     */
-}
-
-/* ===========================================================================
- * Send the block data compressed using the given Huffman trees
- */
-local void compress_block(s, ltree, dtree)
-    deflate_state *s;
-    ct_data *ltree; /* literal tree */
-    ct_data *dtree; /* distance tree */
-{
-    unsigned dist;      /* distance of matched string */
-    int lc;             /* match length or unmatched char (if dist == 0) */
-    unsigned lx = 0;    /* running index in l_buf */
-    unsigned code;      /* the code to send */
-    int extra;          /* number of extra bits to send */
-
-    if (s->last_lit != 0) do {
-        dist = s->d_buf[lx];
-        lc = s->l_buf[lx++];
-        if (dist == 0) {
-            send_code(s, lc, ltree); /* send a literal byte */
-            Tracecv(isgraph(lc), (stderr," '%c' ", lc));
-        } else {
-            /* Here, lc is the match length - MIN_MATCH */
-            code = length_code[lc];
-            send_code(s, code+LITERALS+1, ltree); /* send the length code */
-            extra = extra_lbits[code];
-            if (extra != 0) {
-                lc -= base_length[code];
-                send_bits(s, lc, extra);       /* send the extra length bits */
-            }
-            dist--; /* dist is now the match distance - 1 */
-            code = d_code(dist);
-            Assert (code < D_CODES, "bad d_code");
-
-            send_code(s, code, dtree);       /* send the distance code */
-            extra = extra_dbits[code];
-            if (extra != 0) {
-                dist -= base_dist[code];
-                send_bits(s, dist, extra);   /* send the extra distance bits */
-            }
-        } /* literal or match pair ? */
-
-        /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
-        Assert((uInt)s->pending < s->lit_bufsize + 2*lx, "pendingBuf overflow");
-
-    } while (lx < s->last_lit);
-
-    send_code(s, END_BLOCK, ltree);
-    s->last_eob_len = ltree[END_BLOCK].Len;
-}
-
-/* ===========================================================================
- * Set the data type to ASCII or BINARY, using a crude approximation:
- * binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise.
- * IN assertion: the fields freq of dyn_ltree are set and the total of all
- * frequencies does not exceed 64K (to fit in an int on 16 bit machines).
- */
-local void set_data_type(s)
-    deflate_state *s;
-{
-    int n = 0;
-    unsigned ascii_freq = 0;
-    unsigned bin_freq = 0;
-    while (n < 7)        bin_freq += s->dyn_ltree[n++].Freq;
-    while (n < 128)    ascii_freq += s->dyn_ltree[n++].Freq;
-    while (n < LITERALS) bin_freq += s->dyn_ltree[n++].Freq;
-    s->data_type = (Byte)(bin_freq > (ascii_freq >> 2) ? Z_BINARY : Z_ASCII);
-}
-
-/* ===========================================================================
- * Reverse the first len bits of a code, using straightforward code (a faster
- * method would use a table)
- * IN assertion: 1 <= len <= 15
- */
-local unsigned bi_reverse(code, len)
-    unsigned code; /* the value to invert */
-    int len;       /* its bit length */
-{
-    register unsigned res = 0;
-    do {
-        res |= code & 1;
-        code >>= 1, res <<= 1;
-    } while (--len > 0);
-    return res >> 1;
-}
-
-/* ===========================================================================
- * Flush the bit buffer, keeping at most 7 bits in it.
- */
-local void bi_flush(s)
-    deflate_state *s;
-{
-    if (s->bi_valid == 16) {
-        put_short(s, s->bi_buf);
-        s->bi_buf = 0;
-        s->bi_valid = 0;
-    } else if (s->bi_valid >= 8) {
-        put_byte(s, (Byte)s->bi_buf);
-        s->bi_buf >>= 8;
-        s->bi_valid -= 8;
-    }
-}
-
-/* ===========================================================================
- * Flush the bit buffer and align the output on a byte boundary
- */
-local void bi_windup(s)
-    deflate_state *s;
-{
-    if (s->bi_valid > 8) {
-        put_short(s, s->bi_buf);
-    } else if (s->bi_valid > 0) {
-        put_byte(s, (Byte)s->bi_buf);
-    }
-    s->bi_buf = 0;
-    s->bi_valid = 0;
-#ifdef DEBUG
-    s->bits_sent = (s->bits_sent+7) & ~7;
-#endif
-}
-
-/* ===========================================================================
- * Copy a stored block, storing first the length and its
- * one's complement if requested.
- */
-local void copy_block(s, buf, len, header)
-    deflate_state *s;
-    charf    *buf;    /* the input data */
-    unsigned len;     /* its length */
-    int      header;  /* true if block header must be written */
-{
-    bi_windup(s);        /* align on byte boundary */
-    s->last_eob_len = 8; /* enough lookahead for inflate */
-
-    if (header) {
-        put_short(s, (ush)len);   
-        put_short(s, (ush)~len);
-#ifdef DEBUG
-        s->bits_sent += 2*16;
-#endif
-    }
-#ifdef DEBUG
-    s->bits_sent += (ulg)len<<3;
-#endif
-    while (len--) {
-        put_byte(s, *buf++);
-    }
-}
diff --git a/security/nss/cmd/zlib/uncompr.c b/security/nss/cmd/zlib/uncompr.c
deleted file mode 100644
index 5e5a83247..000000000
--- a/security/nss/cmd/zlib/uncompr.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/* uncompr.c -- decompress a memory buffer
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-/* ===========================================================================
-     Decompresses the source buffer into the destination buffer.  sourceLen is
-   the byte length of the source buffer. Upon entry, destLen is the total
-   size of the destination buffer, which must be large enough to hold the
-   entire uncompressed data. (The size of the uncompressed data must have
-   been saved previously by the compressor and transmitted to the decompressor
-   by some mechanism outside the scope of this compression library.)
-   Upon exit, destLen is the actual size of the compressed buffer.
-     This function can be used to decompress a whole file at once if the
-   input file is mmap'ed.
-
-     uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_BUF_ERROR if there was not enough room in the output
-   buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-PR_PUBLIC_API(int) uncompress (dest, destLen, source, sourceLen)
-    Bytef *dest;
-    uLongf *destLen;
-    const Bytef *source;
-    uLong sourceLen;
-{
-    z_stream stream;
-    int err;
-
-    stream.next_in = (Bytef*)source;
-    stream.avail_in = (uInt)sourceLen;
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-
-    stream.next_out = dest;
-    stream.avail_out = (uInt)*destLen;
-    if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
-    stream.zalloc = (alloc_func)0;
-    stream.zfree = (free_func)0;
-
-    err = inflateInit(&stream);
-    if (err != Z_OK) return err;
-
-    err = inflate(&stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        inflateEnd(&stream);
-        return err;
-    }
-    *destLen = stream.total_out;
-
-    err = inflateEnd(&stream);
-    return err;
-}
diff --git a/security/nss/cmd/zlib/zconf.h b/security/nss/cmd/zlib/zconf.h
deleted file mode 100644
index 096a448b4..000000000
--- a/security/nss/cmd/zlib/zconf.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#ifndef _ZCONF_H
-#define _ZCONF_H
-
-/*
- * If you *really* need a unique prefix for all types and library functions,
- * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
- */
-#ifdef Z_PREFIX
-#  define deflateInit_	z_deflateInit_
-#  define deflate	z_deflate
-#  define deflateEnd	z_deflateEnd
-#  define inflateInit_ 	z_inflateInit_
-#  define inflate	z_inflate
-#  define inflateEnd	z_inflateEnd
-#  define deflateInit2_	z_deflateInit2_
-#  define deflateSetDictionary z_deflateSetDictionary
-#  define deflateCopy	z_deflateCopy
-#  define deflateReset	z_deflateReset
-#  define deflateParams	z_deflateParams
-#  define inflateInit2_	z_inflateInit2_
-#  define inflateSetDictionary z_inflateSetDictionary
-#  define inflateSync	z_inflateSync
-#  define inflateReset	z_inflateReset
-#  define compress	z_compress
-#  define uncompress	z_uncompress
-#  define adler32	z_adler32
-#  define crc32		z_crc32
-#  define get_crc_table z_get_crc_table
-
-#  define Byte		z_Byte
-#  define uInt		z_uInt
-#  define uLong		z_uLong
-#  define Bytef	        z_Bytef
-#  define charf		z_charf
-#  define intf		z_intf
-#  define uIntf		z_uIntf
-#  define uLongf	z_uLongf
-#  define voidpf	z_voidpf
-#  define voidp		z_voidp
-#endif
-
-#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-#  define WIN32
-#endif
-#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-#  ifndef __32BIT__
-#    define __32BIT__
-#  endif
-#endif
-#if defined(__MSDOS__) && !defined(MSDOS)
-#  define MSDOS
-#endif
-
-/*
- * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
- * than 64k bytes at a time (needed on systems with 16-bit int).
- */
-#if defined(MSDOS) && !defined(__32BIT__)
-#  define MAXSEG_64K
-#endif
-#ifdef MSDOS
-#  define UNALIGNED_OK
-#endif
-
-#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2))  && !defined(STDC)
-#  define STDC
-#endif
-#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
-#  define STDC
-#endif
-
-#ifndef STDC
-#  ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-#    define const
-#  endif
-#endif
-
-/* Some Mac compilers merge all .h files incorrectly: */
-#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-#  define NO_DUMMY_DECL
-#endif
-
-/* Maximum value for memLevel in deflateInit2 */
-#ifndef MAX_MEM_LEVEL
-#  ifdef MAXSEG_64K
-#    define MAX_MEM_LEVEL 8
-#  else
-#    define MAX_MEM_LEVEL 9
-#  endif
-#endif
-
-/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
-#ifndef MAX_WBITS
-#  define MAX_WBITS   15 /* 32K LZ77 window */
-#endif
-
-/* The memory requirements for deflate are (in bytes):
-            1 << (windowBits+2)   +  1 << (memLevel+9)
- that is: 128K for windowBits=15  +  128K for memLevel = 8  (default values)
- plus a few kilobytes for small objects. For example, if you want to reduce
- the default memory requirements from 256K to 128K, compile with
-     make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
- Of course this will generally degrade compression (there's no free lunch).
-
-   The memory requirements for inflate are (in bytes) 1 << windowBits
- that is, 32K for windowBits=15 (default value) plus a few kilobytes
- for small objects.
-*/
-
-                        /* Type declarations */
-
-#ifndef OF /* function prototypes */
-#  ifdef STDC
-#    define OF(args)  args
-#  else
-#    define OF(args)  ()
-#  endif
-#endif
-
-/* The following definitions for FAR are needed only for MSDOS mixed
- * model programming (small or medium model with some far allocations).
- * This was tested only with MSC; for other MSDOS compilers you may have
- * to define NO_MEMCPY in zutil.h.  If you don't need the mixed model,
- * just define FAR to be empty.
- */
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
-   /* MSC small or medium model */
-#  define SMALL_MEDIUM
-#  ifdef _MSC_VER
-#    define FAR __far
-#  else
-#    define FAR far
-#  endif
-#endif
-#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-#  ifndef __32BIT__
-#    define SMALL_MEDIUM
-#    define FAR __far
-#  endif
-#endif
-#ifndef FAR
-#   define FAR
-#endif
-
-typedef unsigned char  Byte;  /* 8 bits */
-typedef unsigned int   uInt;  /* 16 bits or more */
-typedef unsigned long  uLong; /* 32 bits or more */
-
-#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
-   /* Borland C/C++ ignores FAR inside typedef */
-#  define Bytef Byte FAR
-#else
-   typedef Byte  FAR Bytef;
-#endif
-typedef char  FAR charf;
-typedef int   FAR intf;
-typedef uInt  FAR uIntf;
-typedef uLong FAR uLongf;
-
-#ifdef STDC
-   typedef void FAR *voidpf;
-   typedef void     *voidp;
-#else
-   typedef Byte FAR *voidpf;
-   typedef Byte     *voidp;
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#else
-/* Compile with -DZLIB_DLL for Windows DLL support */
-#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
-#  include <windows.h>
-#  define EXPORT  WINAPI
-#else
-#  define EXPORT
-#endif
-
-/* #define PR_PUBLIC_API(type) type */
-
-#endif /* MOZILLA_CLIENT */
-
-#endif /* _ZCONF_H */
diff --git a/security/nss/cmd/zlib/zip16.def b/security/nss/cmd/zlib/zip16.def
deleted file mode 100644
index 664eeab09..000000000
--- a/security/nss/cmd/zlib/zip16.def
+++ /dev/null
@@ -1,24 +0,0 @@
-LIBRARY zip1640.DLL
-EXETYPE WINDOWS
-PROTMODE
-
-DESCRIPTION '16-bit Zip DLL'
-
-STUB    'WINSTUB.EXE'
-
-CODE    LOADONCALL MOVEABLE DISCARDABLE 
-DATA	PRELOAD MOVEABLE SINGLE
-
-HEAPSIZE    8192
-
-EXPORTS
-
-IMPORTS
-    _malloc		= nspr3.2
-    _realloc	= nspr3.3
-    _calloc		= nspr3.4
-    _free		= nspr3.5
-    _getenv		= nspr3.9
-    _printf		= nspr3.11
-    _sscanf		= nspr3.33
-
diff --git a/security/nss/cmd/zlib/zip_nodl.c b/security/nss/cmd/zlib/zip_nodl.c
deleted file mode 100644
index e8ea67d7e..000000000
--- a/security/nss/cmd/zlib/zip_nodl.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/* Automatically generated file; do not edit */
-
-#include "prtypes.h"
-
-#include "prlink.h"
-
-extern void Java_java_util_zip_Adler32_update_stub();
-extern void Java_java_util_zip_Adler32_update1_stub();
-extern void Java_java_util_zip_CRC32_update_stub();
-extern void Java_java_util_zip_CRC32_update1_stub();
-extern void Java_java_util_zip_Deflater_setDictionary_stub();
-extern void Java_java_util_zip_Deflater_deflate_stub();
-extern void Java_java_util_zip_Deflater_getAdler_stub();
-extern void Java_java_util_zip_Deflater_getTotalIn_stub();
-extern void Java_java_util_zip_Deflater_getTotalOut_stub();
-extern void Java_java_util_zip_Deflater_reset_stub();
-extern void Java_java_util_zip_Deflater_end_stub();
-extern void Java_java_util_zip_Deflater_init_stub();
-extern void Java_java_util_zip_Inflater_setDictionary_stub();
-extern void Java_java_util_zip_Inflater_inflate_stub();
-extern void Java_java_util_zip_Inflater_getAdler_stub();
-extern void Java_java_util_zip_Inflater_getTotalIn_stub();
-extern void Java_java_util_zip_Inflater_getTotalOut_stub();
-extern void Java_java_util_zip_Inflater_reset_stub();
-extern void Java_java_util_zip_Inflater_end_stub();
-extern void Java_java_util_zip_Inflater_init_stub();
-
-PRStaticLinkTable zip_nodl_tab[] = {
-  { "Java_java_util_zip_Adler32_update_stub", Java_java_util_zip_Adler32_update_stub },
-  { "Java_java_util_zip_Adler32_update1_stub", Java_java_util_zip_Adler32_update1_stub },
-  { "Java_java_util_zip_CRC32_update_stub", Java_java_util_zip_CRC32_update_stub },
-  { "Java_java_util_zip_CRC32_update1_stub", Java_java_util_zip_CRC32_update1_stub },
-  { "Java_java_util_zip_Deflater_setDictionary_stub", Java_java_util_zip_Deflater_setDictionary_stub },
-  { "Java_java_util_zip_Deflater_deflate_stub", Java_java_util_zip_Deflater_deflate_stub },
-  { "Java_java_util_zip_Deflater_getAdler_stub", Java_java_util_zip_Deflater_getAdler_stub },
-  { "Java_java_util_zip_Deflater_getTotalIn_stub", Java_java_util_zip_Deflater_getTotalIn_stub },
-  { "Java_java_util_zip_Deflater_getTotalOut_stub", Java_java_util_zip_Deflater_getTotalOut_stub },
-  { "Java_java_util_zip_Deflater_reset_stub", Java_java_util_zip_Deflater_reset_stub },
-  { "Java_java_util_zip_Deflater_end_stub", Java_java_util_zip_Deflater_end_stub },
-  { "Java_java_util_zip_Deflater_init_stub", Java_java_util_zip_Deflater_init_stub },
-  { "Java_java_util_zip_Inflater_setDictionary_stub", Java_java_util_zip_Inflater_setDictionary_stub },
-  { "Java_java_util_zip_Inflater_inflate_stub", Java_java_util_zip_Inflater_inflate_stub },
-  { "Java_java_util_zip_Inflater_getAdler_stub", Java_java_util_zip_Inflater_getAdler_stub },
-  { "Java_java_util_zip_Inflater_getTotalIn_stub", Java_java_util_zip_Inflater_getTotalIn_stub },
-  { "Java_java_util_zip_Inflater_getTotalOut_stub", Java_java_util_zip_Inflater_getTotalOut_stub },
-  { "Java_java_util_zip_Inflater_reset_stub", Java_java_util_zip_Inflater_reset_stub },
-  { "Java_java_util_zip_Inflater_end_stub", Java_java_util_zip_Inflater_end_stub },
-  { "Java_java_util_zip_Inflater_init_stub", Java_java_util_zip_Inflater_init_stub },
-  { 0, 0, },
-};
diff --git a/security/nss/cmd/zlib/zlib.h b/security/nss/cmd/zlib/zlib.h
deleted file mode 100644
index b216f00a3..000000000
--- a/security/nss/cmd/zlib/zlib.h
+++ /dev/null
@@ -1,892 +0,0 @@
-/* zlib.h -- interface of the 'zlib' general purpose compression library
-  version 1.0.4, Jul 24th, 1996.
-
-  Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
-  This software is provided 'as-is', without any express or implied
-  warranty.  In no event will the authors be held liable for any damages
-  arising from the use of this software.
-
-  Permission is granted to anyone to use this software for any purpose,
-  including commercial applications, and to alter it and redistribute it
-  freely, subject to the following restrictions:
-
-  1. The origin of this software must not be misrepresented; you must not
-     claim that you wrote the original software. If you use this software
-     in a product, an acknowledgment in the product documentation would be
-     appreciated but is not required.
-  2. Altered source versions must be plainly marked as such, and must not be
-     misrepresented as being the original software.
-  3. This notice may not be removed or altered from any source distribution.
-
-  Jean-loup Gailly        Mark Adler
-  gzip@prep.ai.mit.edu    madler@alumni.caltech.edu
-
-
-  The data format used by the zlib library is described by RFCs (Request for
-  Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
-  (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-*/
-/* This file was modified since it was taken from the zlib distribution */
-
-#ifndef _ZLIB_H
-#define _ZLIB_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "zconf.h"
-
-#define ZLIB_VERSION "1.0.4"
-
-/* 
-     The 'zlib' compression library provides in-memory compression and
-  decompression functions, including integrity checks of the uncompressed
-  data.  This version of the library supports only one compression method
-  (deflation) but other algorithms may be added later and will have the same
-  stream interface.
-
-     For compression the application must provide the output buffer and
-  may optionally provide the input buffer for optimization. For decompression,
-  the application must provide the input buffer and may optionally provide
-  the output buffer for optimization.
-
-     Compression can be done in a single step if the buffers are large
-  enough (for example if an input file is mmap'ed), or can be done by
-  repeated calls of the compression function.  In the latter case, the
-  application must provide more input and/or consume the output
-  (providing more output space) before each call.
-
-     The library does not install any signal handler. It is recommended to
-  add at least a handler for SIGSEGV when decompressing; the library checks
-  the consistency of the input data whenever possible but may go nuts
-  for some forms of corrupted input.
-*/
-
-typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-typedef void   (*free_func)  OF((voidpf opaque, voidpf address));
-
-struct internal_state;
-
-typedef struct z_stream_s {
-    Bytef    *next_in;  /* next input byte */
-    uInt     avail_in;  /* number of bytes available at next_in */
-    uLong    total_in;  /* total nb of input bytes read so far */
-
-    Bytef    *next_out; /* next output byte should be put there */
-    uInt     avail_out; /* remaining free space at next_out */
-    uLong    total_out; /* total nb of bytes output so far */
-
-    char     *msg;      /* last error message, NULL if no error */
-    struct internal_state FAR *state; /* not visible by applications */
-
-    alloc_func zalloc;  /* used to allocate the internal state */
-    free_func  zfree;   /* used to free the internal state */
-    voidpf     opaque;  /* private data object passed to zalloc and zfree */
-
-    int     data_type;  /* best guess about the data type: ascii or binary */
-    uLong   adler;      /* adler32 value of the uncompressed data */
-    uLong   reserved;   /* reserved for future use */
-} z_stream;
-
-typedef z_stream FAR *z_streamp;
-
-/*
-   The application must update next_in and avail_in when avail_in has
-   dropped to zero. It must update next_out and avail_out when avail_out
-   has dropped to zero. The application must initialize zalloc, zfree and
-   opaque before calling the init function. All other fields are set by the
-   compression library and must not be updated by the application.
-
-   The opaque value provided by the application will be passed as the first
-   parameter for calls of zalloc and zfree. This can be useful for custom
-   memory management. The compression library attaches no meaning to the
-   opaque value.
-
-   zalloc must return Z_NULL if there is not enough memory for the object.
-   On 16-bit systems, the functions zalloc and zfree must be able to allocate
-   exactly 65536 bytes, but will not be required to allocate more than this
-   if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
-   pointers returned by zalloc for objects of exactly 65536 bytes *must*
-   have their offset normalized to zero. The default allocation function
-   provided by this library ensures this (see zutil.c). To reduce memory
-   requirements and avoid any allocation of 64K objects, at the expense of
-   compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-
-   The fields total_in and total_out can be used for statistics or
-   progress reports. After compression, total_in holds the total size of
-   the uncompressed data and may be saved for use in the decompressor
-   (particularly if the decompressor wants to decompress everything in
-   a single step).
-*/
-
-                        /* constants */
-
-#define Z_NO_FLUSH      0
-#define Z_PARTIAL_FLUSH 1
-#define Z_SYNC_FLUSH    2
-#define Z_FULL_FLUSH    3
-#define Z_FINISH        4
-/* Allowed flush values; see deflate() below for details */
-
-#define Z_OK            0
-#define Z_STREAM_END    1
-#define Z_NEED_DICT     2
-#define Z_ERRNO        (-1)
-#define Z_STREAM_ERROR (-2)
-#define Z_DATA_ERROR   (-3)
-#define Z_MEM_ERROR    (-4)
-#define Z_BUF_ERROR    (-5)
-#define Z_VERSION_ERROR (-6)
-/* Return codes for the compression/decompression functions. Negative
- * values are errors, positive values are used for special but normal events.
- */
-
-#define Z_NO_COMPRESSION         0
-#define Z_BEST_SPEED             1
-#define Z_BEST_COMPRESSION       9
-#define Z_DEFAULT_COMPRESSION  (-1)
-/* compression levels */
-
-#define Z_FILTERED            1
-#define Z_HUFFMAN_ONLY        2
-#define Z_DEFAULT_STRATEGY    0
-/* compression strategy; see deflateInit2() below for details */
-
-#define Z_BINARY   0
-#define Z_ASCII    1
-#define Z_UNKNOWN  2
-/* Possible values of the data_type field */
-
-#define Z_DEFLATED   8
-/* The deflate compression method (the only one supported in this version) */
-
-#define Z_NULL  0  /* for initializing zalloc, zfree, opaque */
-
-#define zlib_version zlibVersion()
-/* for compatibility with versions < 1.0.2 */
-
-                        /* basic functions */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) zlibVersion (void);
-#else
-extern const char * EXPORT zlibVersion OF((void));
-#endif
-/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
-   If the first character differs, the library code actually used is
-   not compatible with the zlib.h header file used by the application.
-   This check is automatically made by deflateInit and inflateInit.
- */
-
-/* 
-extern int EXPORT deflateInit OF((z_streamp strm, int level));
-
-     Initializes the internal stream state for compression. The fields
-   zalloc, zfree and opaque must be initialized before by the caller.
-   If zalloc and zfree are set to Z_NULL, deflateInit updates them to
-   use default allocation functions.
-
-     The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
-   1 gives best speed, 9 gives best compression, 0 gives no compression at
-   all (the input data is simply copied a block at a time).
-   Z_DEFAULT_COMPRESSION requests a default compromise between speed and
-   compression (currently equivalent to level 6).
-
-     deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_STREAM_ERROR if level is not a valid compression level,
-   Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
-   with the version assumed by the caller (ZLIB_VERSION).
-   msg is set to null if there is no error message.  deflateInit does not
-   perform any compression: this will be done by deflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflate (z_streamp strm, int flush);
-#else
-extern int EXPORT deflate OF((z_streamp strm, int flush));
-#endif
-/*
-  Performs one or both of the following actions:
-
-  - Compress more input starting at next_in and update next_in and avail_in
-    accordingly. If not all input can be processed (because there is not
-    enough room in the output buffer), next_in and avail_in are updated and
-    processing will resume at this point for the next call of deflate().
-
-  - Provide more output starting at next_out and update next_out and avail_out
-    accordingly. This action is forced if the parameter flush is non zero.
-    Forcing flush frequently degrades the compression ratio, so this parameter
-    should be set only when necessary (in interactive applications).
-    Some output may be provided even if flush is not set.
-
-  Before the call of deflate(), the application should ensure that at least
-  one of the actions is possible, by providing more input and/or consuming
-  more output, and updating avail_in or avail_out accordingly; avail_out
-  should never be zero before the call. The application can consume the
-  compressed output when it wants, for example when the output buffer is full
-  (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
-  and with zero avail_out, it must be called again after making room in the
-  output buffer because there might be more output pending.
-
-    If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
-  block is terminated and flushed to the output buffer so that the
-  decompressor can get all input data available so far. For method 9, a future
-  variant on method 8, the current block will be flushed but not terminated.
-  Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
-  output is byte aligned (the compressor can clear its internal bit buffer)
-  and the current block is always terminated; this can be useful if the
-  compressor has to be restarted from scratch after an interruption (in which
-  case the internal state of the compressor may be lost).
-    If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
-  special marker is output and the compression dictionary is discarded; this
-  is useful to allow the decompressor to synchronize if one compressed block
-  has been damaged (see inflateSync below).  Flushing degrades compression and
-  so should be used only when necessary.  Using Z_FULL_FLUSH too often can
-  seriously degrade the compression. If deflate returns with avail_out == 0,
-  this function must be called again with the same value of the flush
-  parameter and more output space (updated avail_out), until the flush is
-  complete (deflate returns with non-zero avail_out).
-
-    If the parameter flush is set to Z_FINISH, pending input is processed,
-  pending output is flushed and deflate returns with Z_STREAM_END if there
-  was enough output space; if deflate returns with Z_OK, this function must be
-  called again with Z_FINISH and more output space (updated avail_out) but no
-  more input data, until it returns with Z_STREAM_END or an error. After
-  deflate has returned Z_STREAM_END, the only possible operations on the
-  stream are deflateReset or deflateEnd.
-  
-    Z_FINISH can be used immediately after deflateInit if all the compression
-  is to be done in a single step. In this case, avail_out must be at least
-  0.1% larger than avail_in plus 12 bytes.  If deflate does not return
-  Z_STREAM_END, then it must be called again as described above.
-
-    deflate() may update data_type if it can make a good guess about
-  the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
-  binary. This field is only for information purposes and does not affect
-  the compression algorithm in any manner.
-
-    deflate() returns Z_OK if some progress has been made (more input
-  processed or more output produced), Z_STREAM_END if all input has been
-  consumed and all output has been produced (only when flush is set to
-  Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
-  if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateEnd (z_streamp strm);
-#else
-extern int EXPORT deflateEnd OF((z_streamp strm));
-#endif
-/*
-     All dynamically allocated data structures for this stream are freed.
-   This function discards any unprocessed input and does not flush any
-   pending output.
-
-     deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
-   stream state was inconsistent, Z_DATA_ERROR if the stream was freed
-   prematurely (some input or output was discarded). In the error case,
-   msg may be set but then points to a static string (which must not be
-   deallocated).
-*/
-
-
-/* 
-extern int EXPORT inflateInit OF((z_streamp strm));
-
-     Initializes the internal stream state for decompression. The fields
-   zalloc, zfree and opaque must be initialized before by the caller.  If
-   zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
-   allocation functions.
-
-     inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
-   with the version assumed by the caller.  msg is set to null if there is no
-   error message. inflateInit does not perform any decompression: this will be
-   done by inflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflate (z_streamp strm, int flush);
-#else
-extern int EXPORT inflate OF((z_streamp strm, int flush));
-#endif
-/*
-  Performs one or both of the following actions:
-
-  - Decompress more input starting at next_in and update next_in and avail_in
-    accordingly. If not all input can be processed (because there is not
-    enough room in the output buffer), next_in is updated and processing
-    will resume at this point for the next call of inflate().
-
-  - Provide more output starting at next_out and update next_out and avail_out
-    accordingly.  inflate() provides as much output as possible, until there
-    is no more input data or no more space in the output buffer (see below
-    about the flush parameter).
-
-  Before the call of inflate(), the application should ensure that at least
-  one of the actions is possible, by providing more input and/or consuming
-  more output, and updating the next_* and avail_* values accordingly.
-  The application can consume the uncompressed output when it wants, for
-  example when the output buffer is full (avail_out == 0), or after each
-  call of inflate(). If inflate returns Z_OK and with zero avail_out, it
-  must be called again after making room in the output buffer because there
-  might be more output pending.
-
-    If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
-  output as possible to the output buffer. The flushing behavior of inflate is
-  not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
-  and Z_FINISH, but the current implementation actually flushes as much output
-  as possible anyway.
-
-    inflate() should normally be called until it returns Z_STREAM_END or an
-  error. However if all decompression is to be performed in a single step
-  (a single call of inflate), the parameter flush should be set to
-  Z_FINISH. In this case all pending input is processed and all pending
-  output is flushed; avail_out must be large enough to hold all the
-  uncompressed data. (The size of the uncompressed data may have been saved
-  by the compressor for this purpose.) The next operation on this stream must
-  be inflateEnd to deallocate the decompression state. The use of Z_FINISH
-  is never required, but can be used to inform inflate that a faster routine
-  may be used for the single inflate() call.
-
-    inflate() returns Z_OK if some progress has been made (more input
-  processed or more output produced), Z_STREAM_END if the end of the
-  compressed data has been reached and all uncompressed output has been
-  produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
-  inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
-  Z_STREAM_ERROR if the stream structure was inconsistent (for example if
-  next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
-  Z_BUF_ERROR if no progress is possible or if there was not enough room in
-  the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
-  application may then call inflateSync to look for a good compression block.
-  In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
-  dictionary chosen by the compressor.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateEnd (z_streamp strm);
-#else
-extern int EXPORT inflateEnd OF((z_streamp strm));
-#endif
-/*
-     All dynamically allocated data structures for this stream are freed.
-   This function discards any unprocessed input and does not flush any
-   pending output.
-
-     inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
-   was inconsistent. In the error case, msg may be set but then points to a
-   static string (which must not be deallocated).
-*/
-
-                        /* Advanced functions */
-
-/*
-    The following functions are needed only in some special applications.
-*/
-
-/*   
-extern int EXPORT deflateInit2 OF((z_streamp strm,
-                                   int  level,
-                                   int  method,
-                                   int  windowBits,
-                                   int  memLevel,
-                                   int  strategy));
-
-     This is another version of deflateInit with more compression options. The
-   fields next_in, zalloc, zfree and opaque must be initialized before by
-   the caller.
-
-     The method parameter is the compression method. It must be Z_DEFLATED in
-   this version of the library. (Method 9 will allow a 64K history buffer and
-   partial block flushes.)
-
-     The windowBits parameter is the base two logarithm of the window size
-   (the size of the history buffer).  It should be in the range 8..15 for this
-   version of the library (the value 16 will be allowed for method 9). Larger
-   values of this parameter result in better compression at the expense of
-   memory usage. The default value is 15 if deflateInit is used instead.
-
-     The memLevel parameter specifies how much memory should be allocated
-   for the internal compression state. memLevel=1 uses minimum memory but
-   is slow and reduces compression ratio; memLevel=9 uses maximum memory
-   for optimal speed. The default value is 8. See zconf.h for total memory
-   usage as a function of windowBits and memLevel.
-
-     The strategy parameter is used to tune the compression algorithm. Use the
-   value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
-   filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
-   string match).  Filtered data consists mostly of small values with a
-   somewhat random distribution. In this case, the compression algorithm is
-   tuned to compress them better. The effect of Z_FILTERED is to force more
-   Huffman coding and less string matching; it is somewhat intermediate
-   between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
-   the compression ratio but not the correctness of the compressed output even
-   if it is not set appropriately.
-
-     If next_in is not null, the library will use this buffer to hold also
-   some history information; the buffer must either hold the entire input
-   data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
-   is null, the library will allocate its own history buffer (and leave next_in
-   null). next_out need not be provided here but must be provided by the
-   application for the next call of deflate().
-
-     If the history buffer is provided by the application, next_in must
-   must never be changed by the application since the compressor maintains
-   information inside this buffer from call to call; the application
-   must provide more input only by increasing avail_in. next_in is always
-   reset by the library in this case.
-
-      deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
-   not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
-   an invalid method). msg is set to null if there is no error message.
-   deflateInit2 does not perform any compression: this will be done by
-   deflate(). 
-*/
-                            
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateSetDictionary (z_streamp strm,
-                                           const Bytef *dictionary,
-				           uInt  dictLength);
-#else
-extern int EXPORT deflateSetDictionary OF((z_streamp strm,
-                                           const Bytef *dictionary,
-				           uInt  dictLength));
-#endif
-/*
-     Initializes the compression dictionary (history buffer) from the given
-   byte sequence without producing any compressed output. This function must
-   be called immediately after deflateInit or deflateInit2, before any call
-   of deflate. The compressor and decompressor must use exactly the same
-   dictionary (see inflateSetDictionary).
-     The dictionary should consist of strings (byte sequences) that are likely
-   to be encountered later in the data to be compressed, with the most commonly
-   used strings preferably put towards the end of the dictionary. Using a
-   dictionary is most useful when the data to be compressed is short and
-   can be predicted with good accuracy; the data can then be compressed better
-   than with the default empty dictionary. In this version of the library,
-   only the last 32K bytes of the dictionary are used.
-     Upon return of this function, strm->adler is set to the Adler32 value
-   of the dictionary; the decompressor may later use this value to determine
-   which dictionary has been used by the compressor. (The Adler32 value
-   applies to the whole dictionary even if only a subset of the dictionary is
-   actually used by the compressor.)
-
-     deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
-   parameter is invalid (such as NULL dictionary) or the stream state
-   is inconsistent (for example if deflate has already been called for this
-   stream). deflateSetDictionary does not perform any compression: this will
-   be done by deflate(). 
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateCopy (z_streamp dest, z_streamp source);
-#else
-extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
-#endif
-/*
-     Sets the destination stream as a complete copy of the source stream.  If
-   the source stream is using an application-supplied history buffer, a new
-   buffer is allocated for the destination stream.  The compressed output
-   buffer is always application-supplied. It's the responsibility of the
-   application to provide the correct values of next_out and avail_out for the
-   next call of deflate.
-
-     This function can be useful when several compression strategies will be
-   tried, for example when there are several ways of pre-processing the input
-   data with a filter. The streams that will be discarded should then be freed
-   by calling deflateEnd.  Note that deflateCopy duplicates the internal
-   compression state which can be quite large, so this strategy is slow and
-   can consume lots of memory.
-
-     deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
-   (such as zalloc being NULL). msg is left unchanged in both source and
-   destination.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateReset (z_streamp strm);
-#else
-extern int EXPORT deflateReset OF((z_streamp strm));
-#endif
-/*
-     This function is equivalent to deflateEnd followed by deflateInit,
-   but does not free and reallocate all the internal compression state.
-   The stream will keep the same compression level and any other attributes
-   that may have been set by deflateInit2.
-
-      deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-   stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateParams (z_streamp strm, int level, int strategy);
-#else
-extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
-#endif
-/*
-     Dynamically update the compression level and compression strategy.
-   This can be used to switch between compression and straight copy of
-   the input data, or to switch to a different kind of input data requiring
-   a different strategy. If the compression level is changed, the input
-   available so far is compressed with the old level (and may be flushed);
-   the new level will take effect only at the next call of deflate().
-
-     Before the call of deflateParams, the stream state must be set as for
-   a call of deflate(), since the currently available input may have to
-   be compressed and flushed. In particular, strm->avail_out must be non-zero.
-
-     deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
-   stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
-   if strm->avail_out was zero.
-*/
-
-/*   
-extern int EXPORT inflateInit2 OF((z_streamp strm,
-                                   int  windowBits));
-
-     This is another version of inflateInit with more compression options. The
-   fields next_out, zalloc, zfree and opaque must be initialized before by
-   the caller.
-
-     The windowBits parameter is the base two logarithm of the maximum window
-   size (the size of the history buffer).  It should be in the range 8..15 for
-   this version of the library (the value 16 will be allowed soon). The
-   default value is 15 if inflateInit is used instead. If a compressed stream
-   with a larger window size is given as input, inflate() will return with
-   the error code Z_DATA_ERROR instead of trying to allocate a larger window.
-
-     If next_out is not null, the library will use this buffer for the history
-   buffer; the buffer must either be large enough to hold the entire output
-   data, or have at least 1<<windowBits bytes.  If next_out is null, the
-   library will allocate its own buffer (and leave next_out null). next_in
-   need not be provided here but must be provided by the application for the
-   next call of inflate().
-
-     If the history buffer is provided by the application, next_out must
-   never be changed by the application since the decompressor maintains
-   history information inside this buffer from call to call; the application
-   can only reset next_out to the beginning of the history buffer when
-   avail_out is zero and all output has been consumed.
-
-      inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
-   not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
-   windowBits < 8). msg is set to null if there is no error message.
-   inflateInit2 does not perform any decompression: this will be done by
-   inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSetDictionary (z_streamp strm,
-				           const Bytef *dictionary,
-					   uInt  dictLength);
-#else
-extern int EXPORT inflateSetDictionary OF((z_streamp strm,
-				           const Bytef *dictionary,
-					   uInt  dictLength));
-#endif
-/*
-     Initializes the decompression dictionary (history buffer) from the given
-   uncompressed byte sequence. This function must be called immediately after
-   a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
-   by the compressor can be determined from the Adler32 value returned by this
-   call of inflate. The compressor and decompressor must use exactly the same
-   dictionary (see deflateSetDictionary).
-
-     inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
-   parameter is invalid (such as NULL dictionary) or the stream state is
-   inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
-   expected one (incorrect Adler32 value). inflateSetDictionary does not
-   perform any decompression: this will be done by subsequent calls of
-   inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSync (z_streamp strm);
-#else
-extern int EXPORT inflateSync OF((z_streamp strm));
-#endif
-/* 
-    Skips invalid compressed data until the special marker (see deflate()
-  above) can be found, or until all available input is skipped. No output
-  is provided.
-
-    inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
-  if no more input was provided, Z_DATA_ERROR if no marker has been found,
-  or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
-  case, the application may save the current current value of total_in which
-  indicates where valid compressed data was found. In the error case, the
-  application may repeatedly call inflateSync, providing more input each time,
-  until success or end of the input data.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateReset (z_streamp strm);
-#else
-extern int EXPORT inflateReset OF((z_streamp strm));
-#endif
-/*
-     This function is equivalent to inflateEnd followed by inflateInit,
-   but does not free and reallocate all the internal decompression state.
-   The stream will keep attributes that may have been set by inflateInit2.
-
-      inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-   stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-
-                        /* utility functions */
-
-/*
-     The following utility functions are implemented on top of the
-   basic stream-oriented functions. To simplify the interface, some
-   default options are assumed (compression level, window size,
-   standard memory allocation functions). The source code of these
-   utility functions can easily be modified if you need special options.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) compress (Bytef *dest,   uLongf *destLen,
-			       const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT compress OF((Bytef *dest,   uLongf *destLen,
-			       const Bytef *source, uLong sourceLen));
-#endif
-/*
-     Compresses the source buffer into the destination buffer.  sourceLen is
-   the byte length of the source buffer. Upon entry, destLen is the total
-   size of the destination buffer, which must be at least 0.1% larger than
-   sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
-   compressed buffer.
-     This function can be used to compress a whole file at once if the
-   input file is mmap'ed.
-     compress returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_BUF_ERROR if there was not enough room in the output
-   buffer.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) uncompress (Bytef *dest,   uLongf *destLen,
-				 const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT uncompress OF((Bytef *dest,   uLongf *destLen,
-				 const Bytef *source, uLong sourceLen));
-#endif
-/*
-     Decompresses the source buffer into the destination buffer.  sourceLen is
-   the byte length of the source buffer. Upon entry, destLen is the total
-   size of the destination buffer, which must be large enough to hold the
-   entire uncompressed data. (The size of the uncompressed data must have
-   been saved previously by the compressor and transmitted to the decompressor
-   by some mechanism outside the scope of this compression library.)
-   Upon exit, destLen is the actual size of the compressed buffer.
-     This function can be used to decompress a whole file at once if the
-   input file is mmap'ed.
-
-     uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_BUF_ERROR if there was not enough room in the output
-   buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-
-
-typedef voidp gzFile;
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen  (const char *path, const char *mode);
-#else
-extern gzFile EXPORT gzopen  OF((const char *path, const char *mode));
-#endif
-/*
-     Opens a gzip (.gz) file for reading or writing. The mode parameter
-   is as in fopen ("rb" or "wb") but can also include a compression level
-   ("wb9").  gzopen can be used to read a file which is not in gzip format;
-   in this case gzread will directly read from the file without decompression.
-     gzopen returns NULL if the file could not be opened or if there was
-   insufficient memory to allocate the (de)compression state; errno
-   can be checked to distinguish the two cases (if errno is zero, the
-   zlib error is Z_MEM_ERROR).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen  (int fd, const char *mode);
-#else
-extern gzFile EXPORT gzdopen  OF((int fd, const char *mode));
-#endif
-/*
-     gzdopen() associates a gzFile with the file descriptor fd.  File
-   descriptors are obtained from calls like open, dup, creat, pipe or
-   fileno (in the file has been previously opened with fopen).
-   The mode parameter is as in gzopen.
-     The next call of gzclose on the returned gzFile will also close the
-   file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
-   descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
-     gzdopen returns NULL if there was insufficient memory to allocate
-   the (de)compression state.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzread  (gzFile file, voidp buf, unsigned len);
-#else
-extern int EXPORT    gzread  OF((gzFile file, voidp buf, unsigned len));
-#endif
-/*
-     Reads the given number of uncompressed bytes from the compressed file.
-   If the input file was not in gzip format, gzread copies the given number
-   of bytes into the buffer.
-     gzread returns the number of uncompressed bytes actually read (0 for
-   end of file, -1 for error). */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzwrite (gzFile file, const voidp buf, unsigned len);
-#else
-extern int EXPORT    gzwrite OF((gzFile file, const voidp buf, unsigned len));
-#endif
-/*
-     Writes the given number of uncompressed bytes into the compressed file.
-   gzwrite returns the number of uncompressed bytes actually written
-   (0 in case of error).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzflush (gzFile file, int flush);
-#else
-extern int EXPORT    gzflush OF((gzFile file, int flush));
-#endif
-/*
-     Flushes all pending output into the compressed file. The parameter
-   flush is as in the deflate() function. The return value is the zlib
-   error number (see function gzerror below). gzflush returns Z_OK if
-   the flush parameter is Z_FINISH and all output could be flushed.
-     gzflush should be called only when strictly necessary because it can
-   degrade compression.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzclose (gzFile file);
-#else
-extern int EXPORT    gzclose OF((gzFile file));
-#endif
-/*
-     Flushes all pending output if necessary, closes the compressed file
-   and deallocates all the (de)compression state. The return value is the zlib
-   error number (see function gzerror below).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum);
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum));
-#endif
-/*
-     Returns the error message for the last error which occurred on the
-   given compressed file. errnum is set to zlib error number. If an
-   error occurred in the file system and not in the compression library,
-   errnum is set to Z_ERRNO and the application may consult errno
-   to get the exact error code.
-*/
-
-                        /* checksum functions */
-
-/*
-     These functions are not related to compression but are exported
-   anyway because they might be useful in applications using the
-   compression library.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) adler32 (uLong adler, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-#endif
-
-/*
-     Update a running Adler-32 checksum with the bytes buf[0..len-1] and
-   return the updated checksum. If buf is NULL, this function returns
-   the required initial value for the checksum.
-   An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
-   much faster. Usage example:
-
-     uLong adler = adler32(0L, Z_NULL, 0);
-
-     while (read_buffer(buffer, length) != EOF) {
-       adler = adler32(adler, buffer, length);
-     }
-     if (adler != original_adler) error();
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) crc32   (uLong crc, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT crc32   OF((uLong crc, const Bytef *buf, uInt len));
-#endif
-/*
-     Update a running crc with the bytes buf[0..len-1] and return the updated
-   crc. If buf is NULL, this function returns the required initial value
-   for the crc. Pre- and post-conditioning (one's complement) is performed
-   within this function so it shouldn't be done by the application.
-   Usage example:
-
-     uLong crc = crc32(0L, Z_NULL, 0);
-
-     while (read_buffer(buffer, length) != EOF) {
-       crc = crc32(crc, buffer, length);
-     }
-     if (crc != original_crc) error();
-*/
-
-
-                        /* various hacks, don't look :) */
-
-/* deflateInit and inflateInit are macros to allow checking the zlib version
- * and the compiler's view of z_stream:
- */
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateInit_ (z_streamp strm, int level, const char *version, 
-					int stream_size);
-PR_PUBLIC_API(extern int) inflateInit_ (z_streamp strm, const char *version, 
-					int stream_size);
-PR_PUBLIC_API(extern int) deflateInit2_ (z_streamp strm, int  level, int  method, 
-					 int windowBits, int memLevel, int strategy, 
-					 const char *version, int stream_size);
-PR_PUBLIC_API(extern int) inflateInit2_ (z_streamp strm, int  windowBits, 
-					 const char *version, int stream_size);
-#else
-extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version, 
-				   int stream_size));
-extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version, 
-				   int stream_size));
-extern int EXPORT deflateInit2_ OF((z_streamp strm, int  level, int  method, 
-				    int windowBits, int memLevel, int strategy, 
-				    const char *version, int stream_size));
-extern int EXPORT inflateInit2_ OF((z_streamp strm, int  windowBits, 
-				    const char *version, int stream_size));
-#endif /* MOZILLA_CLIENT */
-
-
-#define deflateInit(strm, level) \
-        deflateInit_((strm), (level),       ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit(strm) \
-        inflateInit_((strm),                ZLIB_VERSION, sizeof(z_stream))
-#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
-        deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
-		      (strategy),           ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit2(strm, windowBits) \
-        inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-
-#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
-    struct internal_state {int dummy;}; /* hack for buggy compilers */
-#endif
-
-uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _ZLIB_H */
diff --git a/security/nss/cmd/zlib/zutil.c b/security/nss/cmd/zlib/zutil.c
deleted file mode 100644
index afca3ed0c..000000000
--- a/security/nss/cmd/zlib/zutil.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* zutil.c -- target dependent utility functions for the compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include <stdio.h>
-
-#include "zutil.h"
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#include "prlog.h"
-#endif
-
-struct internal_state      {int dummy;}; /* for buggy compilers */
-
-#ifndef STDC
-extern void exit OF((int));
-#endif
-
-const char *z_errmsg[10] = {
-"need dictionary",     /* Z_NEED_DICT       2  */
-"stream end",          /* Z_STREAM_END      1  */
-"",                    /* Z_OK              0  */
-"file error",          /* Z_ERRNO         (-1) */
-"stream error",        /* Z_STREAM_ERROR  (-2) */
-"data error",          /* Z_DATA_ERROR    (-3) */
-"insufficient memory", /* Z_MEM_ERROR     (-4) */
-"buffer error",        /* Z_BUF_ERROR     (-5) */
-"incompatible version",/* Z_VERSION_ERROR (-6) */
-""};
-
-
-PR_PUBLIC_API(const char *) zlibVersion()
-{
-    return ZLIB_VERSION;
-}
-
-#if defined(DEBUG) && defined(MOZILLA_CLIENT)
-void z_error (m)
-    char *m;
-{
-    PR_ASSERT(0);	  	
-}
-#endif
-
-#ifndef HAVE_MEMCPY
-
-void zmemcpy(dest, source, len)
-    Bytef* dest;
-    Bytef* source;
-    uInt  len;
-{
-    if (len == 0) return;
-    do {
-        *dest++ = *source++; /* ??? to be unrolled */
-    } while (--len != 0);
-}
-
-int zmemcmp(s1, s2, len)
-    Bytef* s1;
-    Bytef* s2;
-    uInt  len;
-{
-    uInt j;
-
-    for (j = 0; j < len; j++) {
-        if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
-    }
-    return 0;
-}
-
-void zmemzero(dest, len)
-    Bytef* dest;
-    uInt  len;
-{
-    if (len == 0) return;
-    do {
-        *dest++ = 0;  /* ??? to be unrolled */
-    } while (--len != 0);
-}
-#endif
-
-#ifdef __TURBOC__
-#if (defined( __BORLANDC__) || !defined(SMALL_MEDIUM)) && !defined(__32BIT__)
-/* Small and medium model in Turbo C are for now limited to near allocation
- * with reduced MAX_WBITS and MAX_MEM_LEVEL
- */
-#  define MY_ZCALLOC
-
-/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
- * and farmalloc(64K) returns a pointer with an offset of 8, so we
- * must fix the pointer. Warning: the pointer must be put back to its
- * original form in order to free it, use zcfree().
- */
-
-#define MAX_PTR 10
-/* 10*64K = 640K */
-
-local int next_ptr = 0;
-
-typedef struct ptr_table_s {
-    voidpf org_ptr;
-    voidpf new_ptr;
-} ptr_table;
-
-local ptr_table table[MAX_PTR];
-/* This table is used to remember the original form of pointers
- * to large buffers (64K). Such pointers are normalized with a zero offset.
- * Since MSDOS is not a preemptive multitasking OS, this table is not
- * protected from concurrent access. This hack doesn't work anyway on
- * a protected system like OS/2. Use Microsoft C instead.
- */
-
-voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-{
-    voidpf buf = opaque; /* just to make some compilers happy */
-    ulg bsize = (ulg)items*size;
-
-    /* If we allocate less than 65520 bytes, we assume that farmalloc
-     * will return a usable pointer which doesn't have to be normalized.
-     */
-    if (bsize < 65520L) {
-        buf = farmalloc(bsize);
-        if (*(ush*)&buf != 0) return buf;
-    } else {
-        buf = farmalloc(bsize + 16L);
-    }
-    if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
-    table[next_ptr].org_ptr = buf;
-
-    /* Normalize the pointer to seg:0 */
-    *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
-    *(ush*)&buf = 0;
-    table[next_ptr++].new_ptr = buf;
-    return buf;
-}
-
-void  zcfree (voidpf opaque, voidpf ptr)
-{
-    int n;
-    if (*(ush*)&ptr != 0) { /* object < 64K */
-        farfree(ptr);
-        return;
-    }
-    /* Find the original pointer */
-    for (n = 0; n < next_ptr; n++) {
-        if (ptr != table[n].new_ptr) continue;
-
-        farfree(table[n].org_ptr);
-        while (++n < next_ptr) {
-            table[n-1] = table[n];
-        }
-        next_ptr--;
-        return;
-    }
-    ptr = opaque; /* just to make some compilers happy */
-    Assert(0, "zcfree: ptr not found");
-}
-#endif
-#endif /* __TURBOC__ */
-
-
-#if defined(M_I86) && !defined(__32BIT__)
-/* Microsoft C in 16-bit mode */
-
-#  define MY_ZCALLOC
-
-#if (!defined(_MSC_VER) || (_MSC_VER < 600))
-#  define _halloc  halloc
-#  define _hfree   hfree
-#endif
-
-voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-{
-    if (opaque) opaque = 0; /* to make compiler happy */
-    return _halloc((long)items, size);
-}
-
-void  zcfree (voidpf opaque, voidpf ptr)
-{
-    if (opaque) opaque = 0; /* to make compiler happy */
-    _hfree(ptr);
-}
-
-#endif /* MSC */
-
-
-#ifndef MY_ZCALLOC /* Any system without a special alloc function */
-
-#ifndef STDC
-extern voidp  calloc OF((uInt items, uInt size));
-extern void   free   OF((voidpf ptr));
-#endif
-
-voidpf zcalloc (opaque, items, size)
-    voidpf opaque;
-    unsigned items;
-    unsigned size;
-{
-    if (opaque) items += size - size; /* make compiler happy */
-    return (voidpf)calloc(items, size);
-}
-
-void  zcfree (opaque, ptr)
-    voidpf opaque;
-    voidpf ptr;
-{
-    free(ptr);
-    if (opaque) return; /* make compiler happy */
-}
-
-#endif /* MY_ZCALLOC */
diff --git a/security/nss/cmd/zlib/zutil.h b/security/nss/cmd/zlib/zutil.h
deleted file mode 100644
index 6918260cf..000000000
--- a/security/nss/cmd/zlib/zutil.h
+++ /dev/null
@@ -1,211 +0,0 @@
-/* zutil.h -- internal interface and configuration of the compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* WARNING: this file should *not* be used by applications. It is
-   part of the implementation of the compression library and is
-   subject to change. Applications should only use zlib.h.
- */
-
-/* $Id$ */
-
-#ifndef _Z_UTIL_H
-#define _Z_UTIL_H
-
-#include "zlib.h"
-
-#if defined(_WIN32_WCE)
-#elif defined(MSDOS)||defined(VMS)||defined(CRAY)||defined(WIN32)||defined(RISCOS)
-#   include <stddef.h>
-#   include <errno.h>
-#else
-    extern int errno;
-#endif
-#ifdef STDC
-#  include <string.h>
-#  include <stdlib.h>
-#endif
-
-#ifndef local
-#  define local static
-#endif
-/* compile with -Dlocal if your debugger can't find static symbols */
-
-typedef unsigned char  uch;
-typedef uch FAR uchf;
-typedef unsigned short ush;
-typedef ush FAR ushf;
-typedef unsigned long  ulg;
-
-extern const char *z_errmsg[10]; /* indexed by 2-zlib_error */
-/* (size given to avoid silly warnings with Visual C++) */
-
-#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
-
-#define ERR_RETURN(strm,err) \
-  return (strm->msg = (char*)ERR_MSG(err), (err))
-/* To be used only when the state is known to be valid */
-
-        /* common constants */
-
-#ifndef DEF_WBITS
-#  define DEF_WBITS MAX_WBITS
-#endif
-/* default windowBits for decompression. MAX_WBITS is for compression only */
-
-#if MAX_MEM_LEVEL >= 8
-#  define DEF_MEM_LEVEL 8
-#else
-#  define DEF_MEM_LEVEL  MAX_MEM_LEVEL
-#endif
-/* default memLevel */
-
-#define STORED_BLOCK 0
-#define STATIC_TREES 1
-#define DYN_TREES    2
-/* The three kinds of block type */
-
-#define MIN_MATCH  3
-#define MAX_MATCH  258
-/* The minimum and maximum match lengths */
-
-#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
-
-        /* target dependencies */
-
-#ifdef MSDOS
-#  define OS_CODE  0x00
-#  ifdef __TURBOC__
-#    include <alloc.h>
-#  else /* MSC or DJGPP */
-#    include <malloc.h>
-#  endif
-#endif
-
-#ifdef OS2
-#  define OS_CODE  0x06
-#endif
-
-#ifdef WIN32 /* Window 95 & Windows NT */
-#  define OS_CODE  0x0b
-#endif
-
-#if defined(VAXC) || defined(VMS)
-#  define OS_CODE  0x02
-#  define FOPEN(name, mode) \
-     fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
-#endif
-
-#ifdef AMIGA
-#  define OS_CODE  0x01
-#endif
-
-#if defined(ATARI) || defined(atarist)
-#  define OS_CODE  0x05
-#endif
-
-#ifdef MACOS
-#  define OS_CODE  0x07
-#endif
-
-#ifdef __50SERIES /* Prime/PRIMOS */
-#  define OS_CODE  0x0F
-#endif
-
-#ifdef TOPS20
-#  define OS_CODE  0x0a
-#endif
-
-#if defined(_BEOS_) || defined(RISCOS)
-#  define fdopen(fd,mode) NULL /* No fdopen() */
-#endif
-
-        /* Common defaults */
-
-#ifndef OS_CODE
-#  define OS_CODE  0x03  /* assume Unix */
-#endif
-
-#ifndef FOPEN
-#  define FOPEN(name, mode) fopen((name), (mode))
-#endif
-
-         /* functions */
-
-#ifdef HAVE_STRERROR
-#ifndef MOZILLA_CLIENT
-   extern char *strerror OF((int));
-#endif
-#  define zstrerror(errnum) strerror(errnum)
-#else
-#  define zstrerror(errnum) ""
-#endif
-
-#if defined(pyr)
-#  define NO_MEMCPY
-#endif
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(_MSC_VER)
- /* Use our own functions for small and medium model with MSC <= 5.0.
-  * You may have to use the same strategy for Borland C (untested).
-  */
-#  define NO_MEMCPY
-#endif
-#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
-#  define HAVE_MEMCPY
-#endif
-#ifdef HAVE_MEMCPY
-#  ifdef SMALL_MEDIUM /* MSDOS small or medium model */
-#    define zmemcpy _fmemcpy
-#    define zmemcmp _fmemcmp
-#    define zmemzero(dest, len) _fmemset(dest, 0, len)
-#  else
-#    define zmemcpy memcpy
-#    define zmemcmp memcmp
-#    define zmemzero(dest, len) memset(dest, 0, len)
-#  endif
-#else
-   extern void zmemcpy  OF((Bytef* dest, Bytef* source, uInt len));
-   extern int  zmemcmp  OF((Bytef* s1,   Bytef* s2, uInt len));
-   extern void zmemzero OF((Bytef* dest, uInt len));
-#endif
-
-/* Diagnostic functions */
-#ifdef DEBUG_ZLIB
-#  include <stdio.h>
-#  ifndef verbose
-#    define verbose 0
-#  endif
-   extern void z_error    OF((char *m));
-#  define Assert(cond,msg) {if(!(cond)) z_error(msg);}
-#  define Trace(x) fprintf x
-#  define Tracev(x) {if (verbose) fprintf x ;}
-#  define Tracevv(x) {if (verbose>1) fprintf x ;}
-#  define Tracec(c,x) {if (verbose && (c)) fprintf x ;}
-#  define Tracecv(c,x) {if (verbose>1 && (c)) fprintf x ;}
-#else
-#  include <stdio.h>
-#  ifndef verbose
-#    define verbose 0
-#  endif
-   extern void z_error    OF((char *m));
-#  define Assert(cond,msg)
-#  define Trace(x)
-#  define Tracev(x)
-#  define Tracevv(x)
-#  define Tracec(c,x)
-#  define Tracecv(c,x)
-#endif
-
-
-typedef uLong (*check_func) OF((uLong check, const Bytef *buf, uInt len));
-
-voidpf zcalloc OF((voidpf opaque, unsigned items, unsigned size));
-void   zcfree  OF((voidpf opaque, voidpf ptr));
-
-#define ZALLOC(strm, items, size) \
-           (*((strm)->zalloc))((strm)->opaque, (items), (size))
-#define ZFREE(strm, addr)  (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
-#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
-
-#endif /* _Z_UTIL_H */
diff --git a/security/nss/lib/Makefile b/security/nss/lib/Makefile
deleted file mode 100644
index d7c687fe8..000000000
--- a/security/nss/lib/Makefile
+++ /dev/null
@@ -1,91 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-ifeq ($(OS_TARGET), WINCE)
-DIRS := $(filter-out fortcrypt,$(DIRS))
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-ifdef MOZILLA_SECURITY_BUILD
-FILES=$(shell ls -d $(CORE_DEPTH)/../../ns/security/lib/crypto/*)
-
-export::
-	if test -d $(CORE_DEPTH)/../../ns/security/lib/crypto; then \
-	    $(NSINSTALL) -D crypto; \
-	    for file in $(FILES) ; do \
-		if test -f $$file; then \
-		    $(INSTALL) -m 444 $$file crypto; \
-		fi; \
-	    done;  \
-	    $(INSTALL) -m 444 freebl/sha_fast.c crypto; \
-	    $(INSTALL) -m 444 freebl/sha_fast.h crypto; \
-	fi
-endif
diff --git a/security/nss/lib/asn1/Makefile b/security/nss/lib/asn1/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/asn1/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/asn1/asn1.c b/security/nss/lib/asn1/asn1.c
deleted file mode 100644
index 9c584c770..000000000
--- a/security/nss/lib/asn1/asn1.c
+++ /dev/null
@@ -1,1727 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1.c
- *
- * At this point in time, this file contains the NSS wrappers for
- * the old "SEC" ASN.1 encoder/decoder stuff.
- */
-
-#ifndef ASN1M_H
-#include "asn1m.h"
-#endif /* ASN1M_H */
-
-#include "plarena.h"
-#include "secasn1.h"
-
-/*
- * The pointer-tracking stuff
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker decoder_pointer_tracker;
-
-static PRStatus
-decoder_add_pointer
-(
-  const nssASN1Decoder *decoder
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&decoder_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&decoder_pointer_tracker, decoder);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-static PRStatus
-decoder_remove_pointer
-(
-  const nssASN1Decoder *decoder
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&decoder_pointer_tracker, decoder);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-
-/*
- * nssASN1Decoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Decoder
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_verify
-(
-  nssASN1Decoder *decoder
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&decoder_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&decoder_pointer_tracker, decoder);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_ASN1DECODER);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-static nssPointerTracker encoder_pointer_tracker;
-
-static PRStatus
-encoder_add_pointer
-(
-  const nssASN1Encoder *encoder
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&encoder_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&encoder_pointer_tracker, encoder);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-static PRStatus
-encoder_remove_pointer
-(
-  const nssASN1Encoder *encoder
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&encoder_pointer_tracker, encoder);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-
-/*
- * nssASN1Encoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Encoder
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_verify
-(
-  nssASN1Encoder *encoder
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&encoder_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&encoder_pointer_tracker, encoder);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_ASN1ENCODER);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * nssASN1Decoder_Create
- *
- * This routine creates an ASN.1 Decoder, which will use the specified
- * template to decode a datastream into the specified destination
- * structure.  If the optional arena argument is non-NULL, blah blah 
- * blah.  XXX fgmr Should we include an nssASN1EncodingType argument, 
- * as a hint?  Or is each encoding distinctive?  This routine may 
- * return NULL upon error, in which case an error will have been 
- * placed upon the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  ...
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an ASN.1 Decoder upon success.
- */
-
-NSS_IMPLEMENT nssASN1Decoder *
-nssASN1Decoder_Create
-(
-  NSSArena *arenaOpt,
-  void *destination,
-  const nssASN1Template template[]
-)
-{
-  SEC_ASN1DecoderContext *rv;
-  PLArenaPool *hack = (PLArenaPool *)arenaOpt;
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (nssASN1Decoder *)NULL;
-    }
-  }
-
-  /* 
-   * May destination be NULL?  I'd think so, since one might
-   * have only a filter proc.  But if not, check the pointer here.
-   */
-
-  if( (nssASN1Template *)NULL == template ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (nssASN1Decoder *)NULL;
-  }
-#endif /* DEBUG */
-
-  rv = SEC_ASN1DecoderStart(hack, destination, template);
-  if( (SEC_ASN1DecoderContext *)NULL == rv ) {
-    nss_SetError(PORT_GetError()); /* also evil */
-    return (nssASN1Decoder *)NULL;
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != decoder_add_pointer(rv) ) {
-    (void)SEC_ASN1DecoderFinish(rv);
-    return (nssASN1Decoder *)NULL;
-  }
-#endif /* DEBUG */
-
-  return (nssASN1Decoder *)rv;
-}
-
-/*
- * nssASN1Decoder_Update
- *
- * This routine feeds data to the decoder.  In the event of an error, 
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_ASN1DECODER
- *  NSS_ERROR_INVALID_BER
- *  ...
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success.
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_Update
-(
-  nssASN1Decoder *decoder,
-  const void *data,
-  PRUint32 amount
-)
-{
-  SECStatus rv;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
-    return PR_FAILURE;
-  }
-
-  if( (void *)NULL == data ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  rv = SEC_ASN1DecoderUpdate((SEC_ASN1DecoderContext *)decoder, 
-                             (const char *)data,
-                             (unsigned long)amount);
-  if( SECSuccess != rv ) {
-    nss_SetError(PORT_GetError()); /* ugly */
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_Finish
- *
- * This routine finishes the decoding and destroys the decoder.
- * In the event of an error, it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_Finish
-(
-  nssASN1Decoder *decoder
-)
-{
-  PRStatus rv = PR_SUCCESS;
-  SECStatus srv;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  srv = SEC_ASN1DecoderFinish((SEC_ASN1DecoderContext *)decoder);
-
-  if( SECSuccess != srv ) {
-    nss_SetError(PORT_GetError()); /* ugly */
-    rv = PR_FAILURE;
-  }
-
-#ifdef DEBUG
-  {
-    PRStatus rv2 = decoder_remove_pointer(decoder);
-    if( PR_SUCCESS == rv ) {
-      rv = rv2;
-    }
-  }
-#endif /* DEBUG */
-
-  return rv;
-}
-
-/*
- * nssASN1Decoder_SetFilter
- *
- * This routine registers a callback filter routine with the decoder,
- * which will be called blah blah blah.  The specified argument will
- * be passed as-is to the filter routine.  The routine pointer may
- * be NULL, in which case no filter callback will be called.  If the
- * noStore boolean is PR_TRUE, then decoded fields will not be stored
- * in the destination structure specified when the decoder was 
- * created.  This routine returns a PRStatus value; in the event of
- * an error, it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_SetFilter
-(
-  nssASN1Decoder *decoder,
-  nssASN1DecoderFilterFunction *callback,
-  void *argument,
-  PRBool noStore
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (nssASN1DecoderFilterFunction *)NULL == callback ) {
-     SEC_ASN1DecoderClearFilterProc((SEC_ASN1DecoderContext *)decoder);
-  } else {
-     SEC_ASN1DecoderSetFilterProc((SEC_ASN1DecoderContext *)decoder,
-                                  (SEC_ASN1WriteProc)callback,
-                                  argument, noStore);
-  }
-
-  /* No error returns defined for those routines */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_GetFilter
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetFilter will be stored at the 
- * location indicated by it.  If the optional pArgumentOpt
- * pointer is non-null, the filter's closure argument will be stored
- * there.  If the optional pNoStoreOpt pointer is non-null, the
- * noStore value specified when setting the filter will be stored
- * there.  This routine returns a PRStatus value; in the event of
- * an error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_GetFilter
-(
-  nssASN1Decoder *decoder,
-  nssASN1DecoderFilterFunction **pCallbackOpt,
-  void **pArgumentOpt,
-  PRBool *pNoStoreOpt
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (nssASN1DecoderFilterFunction **)NULL != pCallbackOpt ) {
-    *pCallbackOpt = (nssASN1DecoderFilterFunction *)NULL;
-  }
-
-  if( (void **)NULL != pArgumentOpt ) {
-    *pArgumentOpt = (void *)NULL;
-  }
-
-  if( (PRBool *)NULL != pNoStoreOpt ) {
-    *pNoStoreOpt = PR_FALSE;
-  }
-
-  /* Error because it's unimplemented */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FAILURE;
-}
-
-/*
- * nssASN1Decoder_SetNotify
- *
- * This routine registers a callback notify routine with the decoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine.  The routine pointer may be
- * NULL, in which case no notify routine will be called.  This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_SetNotify
-(
-  nssASN1Decoder *decoder,
-  nssASN1NotifyFunction *callback,
-  void *argument
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (nssASN1NotifyFunction *)NULL == callback ) {
-    SEC_ASN1DecoderClearNotifyProc((SEC_ASN1DecoderContext *)decoder);
-  } else {
-    SEC_ASN1DecoderSetNotifyProc((SEC_ASN1DecoderContext *)decoder,
-                                 (SEC_ASN1NotifyProc)callback,
-                                 argument);
-  }
-
-  /* No error returns defined for those routines */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetNotify will be stored at the 
- * location indicated by it.  If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_GetNotify
-(
-  nssASN1Decoder *decoder,
-  nssASN1NotifyFunction **pCallbackOpt,
-  void **pArgumentOpt
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (nssASN1NotifyFunction **)NULL != pCallbackOpt ) {
-    *pCallbackOpt = (nssASN1NotifyFunction *)NULL;
-  }
-
-  if( (void **)NULL != pArgumentOpt ) {
-    *pArgumentOpt = (void *)NULL;
-  }
-
-  /* Error because it's unimplemented */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FAILURE;
-}
-
-/*
- * nssASN1_Decode
- *
- * This routine will decode the specified data into the specified
- * destination structure, as specified by the specified template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_BER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_Decode
-(
-  NSSArena *arenaOpt,
-  void *destination,
-  const nssASN1Template template[],
-  const void *berData,
-  PRUint32 amount
-)
-{
-  PRStatus rv;
-  nssASN1Decoder *decoder;
-
-  /* This call will do our pointer-checking for us! */
-  decoder = nssASN1Decoder_Create(arenaOpt, destination, template);
-  if( (nssASN1Decoder *)NULL == decoder ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssASN1Decoder_Update(decoder, berData, amount);
-  if( PR_SUCCESS != nssASN1Decoder_Finish(decoder) ) {
-    rv = PR_FAILURE;
-  }
-
-  return rv;
-}
-
-/*
- * nssASN1_DecodeBER
- *
- * This routine will decode the data in the specified NSSBER
- * into the destination structure, as specified by the template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_NSSBER
- *  NSS_ERROR_INVALID_BER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_DecodeBER
-(
-  NSSArena *arenaOpt,
-  void *destination,
-  const nssASN1Template template[],
-  const NSSBER *data
-)
-{
-  return nssASN1_Decode(arenaOpt, destination, template, 
-                        data->data, data->size);
-}
-
-/*
- * nssASN1Encoder_Create
- *
- * This routine creates an ASN.1 Encoder, blah blah blah.  This 
- * may return NULL upon error, in which case an error will have been
- * placed on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  ...
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an ASN.1 Encoder upon success
- */
-
-NSS_IMPLEMENT nssASN1Encoder *
-nssASN1Encoder_Create
-(
-  const void *source,
-  const nssASN1Template template[],
-  NSSASN1EncodingType encoding,
-  nssASN1EncoderWriteFunction *sink,
-  void *argument
-)
-{
-  SEC_ASN1EncoderContext *rv;
-
-#ifdef DEBUG
-  if( (void *)NULL == source ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (nssASN1Encoder *)NULL;
-  }
-
-  if( (nssASN1Template *)NULL == template ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (nssASN1Encoder *)NULL;
-  }
-
-  if( (nssASN1EncoderWriteFunction *)NULL == sink ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (nssASN1Encoder *)NULL;
-  }
-#endif /* DEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-  case NSSASN1DER:
-    break;
-  case NSSASN1CER:
-  case NSSASN1LWER:
-  case NSSASN1PER:
-  case NSSASN1UnknownEncoding:
-  default:
-    nss_SetError(NSS_ERROR_ENCODING_NOT_SUPPORTED);
-    return (nssASN1Encoder *)NULL;
-  }
-
-  rv = SEC_ASN1EncoderStart((void *)source, template, 
-                            (SEC_ASN1WriteProc)sink, argument);
-  if( (SEC_ASN1EncoderContext *)NULL == rv ) {
-    nss_SetError(PORT_GetError()); /* ugly */
-    return (nssASN1Encoder *)NULL;
-  }
-
-  if( NSSASN1DER == encoding ) {
-    sec_ASN1EncoderSetDER(rv);
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != encoder_add_pointer(rv) ) {
-    (void)SEC_ASN1EncoderFinish(rv);
-    return (nssASN1Encoder *)NULL;
-  }
-#endif /* DEBUG */
-
-  return (nssASN1Encoder *)rv;
-}
-
-/*
- * nssASN1Encoder_Update
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_Update
-(
-  nssASN1Encoder *encoder,
-  const void *data,
-  PRUint32 length
-)
-{
-  SECStatus rv;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-
-  /*
-   * Can data legitimately be NULL?  If not, verify..
-   */
-#endif /* DEBUG */
-
-  rv = SEC_ASN1EncoderUpdate((SEC_ASN1EncoderContext *)encoder,
-                             (const char *)data, 
-                             (unsigned long)length);
-  if( SECSuccess != rv ) {
-    nss_SetError(PORT_GetError()); /* ugly */
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_Finish
- *
- * Destructor.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_Finish
-(
-  nssASN1Encoder *encoder
-)
-{
-  PRStatus rv;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  SEC_ASN1EncoderFinish((SEC_ASN1EncoderContext *)encoder);
-  rv = PR_SUCCESS; /* no error return defined for that call */
-
-#ifdef DEBUG
-  {
-    PRStatus rv2 = encoder_remove_pointer(encoder);
-    if( PR_SUCCESS == rv ) {
-      rv = rv2;
-    }
-  }
-#endif /* DEBUG */
-
-  return rv;
-}
-
-/*
- * nssASN1Encoder_SetNotify
- *
- * This routine registers a callback notify routine with the encoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine.  The routine pointer may be
- * NULL, in which case no notify routine will be called.  This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetNotify
-(
-  nssASN1Encoder *encoder,
-  nssASN1NotifyFunction *callback,
-  void *argument
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (nssASN1NotifyFunction *)NULL == callback ) {
-    SEC_ASN1EncoderClearNotifyProc((SEC_ASN1EncoderContext *)encoder);
-  } else {
-    SEC_ASN1EncoderSetNotifyProc((SEC_ASN1EncoderContext *)encoder,
-                                 (SEC_ASN1NotifyProc)callback,
-                                 argument);
-  }
-
-  /* no error return defined for those routines */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Encoder_SetNotify will be stored at the 
- * location indicated by it.  If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_GetNotify
-(
-  nssASN1Encoder *encoder,
-  nssASN1NotifyFunction **pCallbackOpt,
-  void **pArgumentOpt
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (nssASN1NotifyFunction **)NULL != pCallbackOpt ) {
-    *pCallbackOpt = (nssASN1NotifyFunction *)NULL;
-  }
-
-  if( (void **)NULL != pArgumentOpt ) {
-    *pArgumentOpt = (void *)NULL;
-  }
-
-  /* Error because it's unimplemented */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FAILURE;
-}
-
-/*
- * nssASN1Encoder_SetStreaming
- *
- * 
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetStreaming
-(
-  nssASN1Encoder *encoder,
-  PRBool streaming
-)
-{
-  SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)encoder;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( streaming ) {
-    SEC_ASN1EncoderSetStreaming(cx);
-  } else {
-    SEC_ASN1EncoderClearStreaming(cx);
-  }
-
-  /* no error return defined for those routines */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetStreaming
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetStreaming
-(
-  nssASN1Encoder *encoder,
-  PRBool *pStreaming
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (PRBool *)NULL != pStreaming ) {
-    *pStreaming = PR_FALSE;
-  }
-
-  /* Error because it's unimplemented */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FAILURE;
-}
-
-/*
- * nssASN1Encoder_SetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetTakeFromBuffer
-(
-  nssASN1Encoder *encoder,
-  PRBool takeFromBuffer
-)
-{
-  SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)encoder;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( takeFromBuffer ) {
-    SEC_ASN1EncoderSetTakeFromBuf(cx);
-  } else {
-    SEC_ASN1EncoderClearTakeFromBuf(cx);
-  }
-
-  /* no error return defined for those routines */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_GetTakeFromBuffer
-(
-  nssASN1Encoder *encoder,
-  PRBool *pTakeFromBuffer
-)
-{
-#ifdef DEBUG
-  if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( (PRBool *)NULL != pTakeFromBuffer ) {
-    *pTakeFromBuffer = PR_FALSE;
-  }
-
-  /* Error because it's unimplemented */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FAILURE;
-}
-
-/*
- * nssASN1_Encode
- *
- * 
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ENCODING_NOT_SUPPORTED
- *  ...
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_Encode
-(
-  const void *source,
-  const nssASN1Template template[],
-  NSSASN1EncodingType encoding,
-  nssASN1EncoderWriteFunction *sink,
-  void *argument
-)
-{
-  PRStatus rv;
-  nssASN1Encoder *encoder;
-
-  encoder = nssASN1Encoder_Create(source, template, encoding, sink, argument);
-  if( (nssASN1Encoder *)NULL == encoder ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssASN1Encoder_Update(encoder, (const void *)NULL, 0);
-  if( PR_SUCCESS != nssASN1Encoder_Finish(encoder) ) {
-    rv = PR_FAILURE;
-  }
-
-  return rv;
-}
-
-/*
- * nssasn1_encode_item_count
- *
- * This is a helper function for nssASN1_EncodeItem.  It just counts
- * up the space required for an encoding.
- */
-
-static void
-nssasn1_encode_item_count
-(
-  void *arg,
-  const char *buf,
-  unsigned long len,
-  int depth,
-  nssASN1EncodingPart data_kind
-)
-{
-  unsigned long *count;
-
-  count = (unsigned long*)arg;
-  PR_ASSERT (count != NULL);
-
-  *count += len;
-}
-
-/*
- * nssasn1_encode_item_store
- *
- * This is a helper function for nssASN1_EncodeItem.  It appends the
- * new data onto the destination item.
- */
-
-static void
-nssasn1_encode_item_store
-(
-  void *arg,
-  const char *buf,
-  unsigned long len,
-  int depth,
-  nssASN1EncodingPart data_kind
-)
-{
-  NSSItem *dest;
-
-  dest = (NSSItem*)arg;
-  PR_ASSERT (dest != NULL);
-
-  memcpy((unsigned char *)dest->data + dest->size, buf, len);
-  dest->size += len;
-}
-
-/*
- * nssASN1_EncodeItem
- *
- * There must be a better name.  If the optional arena argument is
- * non-null, it'll be used for the space.  If the optional rvOpt is
- * non-null, it'll be the return value-- if it is null, a new one
- * will be allocated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ENCODING_NOT_SUPPORTED
- *
- * Return value:
- *  NULL upon error
- *  A valid pointer to an NSSDER upon success
- */
-
-NSS_IMPLEMENT NSSDER *
-nssASN1_EncodeItem
-(
-  NSSArena *arenaOpt,
-  NSSDER *rvOpt,
-  const void *source,
-  const nssASN1Template template[],
-  NSSASN1EncodingType encoding
-)
-{
-  NSSDER *rv;
-  PRUint32 len = 0;
-  PRStatus status;
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-
-  if( (void *)NULL == source ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSDER *)NULL;
-  }
-
-  if( (nssASN1Template *)NULL == template ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSDER *)NULL;
-  }
-#endif /* DEBUG */
-
-  status = nssASN1_Encode(source, template, encoding, 
-                          (nssASN1EncoderWriteFunction *)nssasn1_encode_item_count, 
-                          &len);
-  if( PR_SUCCESS != status ) {
-    return (NSSDER *)NULL;
-  }
-
-  if( (NSSDER *)NULL == rvOpt ) {
-    rv = nss_ZNEW(arenaOpt, NSSDER);
-    if( (NSSDER *)NULL == rv ) {
-      return (NSSDER *)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  rv->size = len;
-  rv->data = nss_ZAlloc(arenaOpt, len);
-  if( (void *)NULL == rv->data ) {
-    if( (NSSDER *)NULL == rvOpt ) {
-      nss_ZFreeIf(rv);
-    }
-    return (NSSDER *)NULL;
-  }
-
-  rv->size = 0; /* for nssasn1_encode_item_store */
-
-  status = nssASN1_Encode(source, template, encoding,
-                          (nssASN1EncoderWriteFunction *)nssasn1_encode_item_store, 
-                          rv);
-  if( PR_SUCCESS != status ) {
-    nss_ZFreeIf(rv->data);
-    if( (NSSDER *)NULL == rvOpt ) {
-      nss_ZFreeIf(rv);
-    }
-    return (NSSDER *)NULL;
-  }
-
-  PR_ASSERT(rv->size == len);
-
-  return rv;
-}
-
-/*
- * nssASN1_CreatePRUint32FromBER
- *
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_CreatePRUint32FromBER
-(
-  NSSBER *encoded,
-  PRUint32 *pResult
-)
-{
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FALSE;
-}
-
-/*
- * nssASN1_GetDERFromPRUint32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRUint32
-(
-  NSSArena *arenaOpt,
-  NSSDER *rvOpt,
-  PRUint32 value
-)
-{
-  NSSDER *rv;
-  PLArenaPool *hack = (PLArenaPool *)arenaOpt;
-  SECItem *item;
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  if( (NSSDER *)NULL == rvOpt ) {
-    rv = nss_ZNEW(arenaOpt, NSSDER);
-    if( (NSSDER *)NULL == rv ) {
-      return (NSSDER *)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  item = SEC_ASN1EncodeUnsignedInteger(hack, (SECItem *)rv, value);
-  if( (SECItem *)NULL == item ) {
-    if( (NSSDER *)NULL == rvOpt ) {
-      (void)nss_ZFreeIf(rv);
-    }
-
-    nss_SetError(PORT_GetError()); /* ugly */
-    return (NSSDER *)NULL;
-  }
-
-  /* 
-   * I happen to know that these things look alike.. but I'm only
-   * doing it for these "temporary" wrappers.  This is an evil thing.
-   */
-  return (NSSDER *)item;
-}
-
-/*himom*/
-NSS_IMPLEMENT PRStatus
-nssASN1_CreatePRInt32FromBER
-(
-  NSSBER *encoded,
-  PRInt32 *pResult
-)
-{
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return PR_FALSE;
-}
-
-/*
- * nssASN1_GetDERFromPRInt32
- *
- */
-
-NSS_IMPLEMENT NSSDER *
-nssASN1_GetDERFromPRInt32
-(
-  NSSArena *arenaOpt,
-  NSSDER *rvOpt,
-  PRInt32 value
-)
-{
-  NSSDER *rv;
-  PLArenaPool *hack = (PLArenaPool *)arenaOpt;
-  SECItem *item;
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  if( (NSSDER *)NULL == rvOpt ) {
-    rv = nss_ZNEW(arenaOpt, NSSDER);
-    if( (NSSDER *)NULL == rv ) {
-      return (NSSDER *)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  item = SEC_ASN1EncodeInteger(hack, (SECItem *)rv, value);
-  if( (SECItem *)NULL == item ) {
-    if( (NSSDER *)NULL == rvOpt ) {
-      (void)nss_ZFreeIf(rv);
-    }
-
-    nss_SetError(PORT_GetError()); /* ugly */
-    return (NSSDER *)NULL;
-  }
-
-  /* 
-   * I happen to know that these things look alike.. but I'm only
-   * doing it for these "temporary" wrappers.  This is an evil thing.
-   */
-  return (NSSDER *)item;
-}
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- *	- a pointer to each one of those
- *	- a set of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-const nssASN1Template *nssASN1Template_Any =                             (nssASN1Template *)SEC_AnyTemplate;
-const nssASN1Template *nssASN1Template_BitString =                       (nssASN1Template *)SEC_BitStringTemplate;
-const nssASN1Template *nssASN1Template_BMPString =                       (nssASN1Template *)SEC_BMPStringTemplate;
-const nssASN1Template *nssASN1Template_Boolean =                         (nssASN1Template *)SEC_BooleanTemplate;
-const nssASN1Template *nssASN1Template_Enumerated =                      (nssASN1Template *)SEC_EnumeratedTemplate;
-const nssASN1Template *nssASN1Template_GeneralizedTime =                 (nssASN1Template *)SEC_GeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_IA5String =                       (nssASN1Template *)SEC_IA5StringTemplate;
-const nssASN1Template *nssASN1Template_Integer =                         (nssASN1Template *)SEC_IntegerTemplate;
-const nssASN1Template *nssASN1Template_Null =                            (nssASN1Template *)SEC_NullTemplate;
-const nssASN1Template *nssASN1Template_ObjectID =                        (nssASN1Template *)SEC_ObjectIDTemplate;
-const nssASN1Template *nssASN1Template_OctetString =                     (nssASN1Template *)SEC_OctetStringTemplate;
-const nssASN1Template *nssASN1Template_PrintableString =                 (nssASN1Template *)SEC_PrintableStringTemplate;
-const nssASN1Template *nssASN1Template_T61String =                       (nssASN1Template *)SEC_T61StringTemplate;
-const nssASN1Template *nssASN1Template_UniversalString =                 (nssASN1Template *)SEC_UniversalStringTemplate;
-const nssASN1Template *nssASN1Template_UTCTime =                         (nssASN1Template *)SEC_UTCTimeTemplate;
-const nssASN1Template *nssASN1Template_UTF8String =                      (nssASN1Template *)SEC_UTF8StringTemplate;
-const nssASN1Template *nssASN1Template_VisibleString =                   (nssASN1Template *)SEC_VisibleStringTemplate;
-
-const nssASN1Template *nssASN1Template_PointerToAny =                    (nssASN1Template *)SEC_PointerToAnyTemplate;
-const nssASN1Template *nssASN1Template_PointerToBitString =              (nssASN1Template *)SEC_PointerToBitStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToBMPString =              (nssASN1Template *)SEC_PointerToBMPStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToBoolean =                (nssASN1Template *)SEC_PointerToBooleanTemplate;
-const nssASN1Template *nssASN1Template_PointerToEnumerated =             (nssASN1Template *)SEC_PointerToEnumeratedTemplate;
-const nssASN1Template *nssASN1Template_PointerToGeneralizedTime =        (nssASN1Template *)SEC_PointerToGeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_PointerToIA5String =              (nssASN1Template *)SEC_PointerToIA5StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToInteger =                (nssASN1Template *)SEC_PointerToIntegerTemplate;
-const nssASN1Template *nssASN1Template_PointerToNull =                   (nssASN1Template *)SEC_PointerToNullTemplate;
-const nssASN1Template *nssASN1Template_PointerToObjectID =               (nssASN1Template *)SEC_PointerToObjectIDTemplate;
-const nssASN1Template *nssASN1Template_PointerToOctetString =            (nssASN1Template *)SEC_PointerToOctetStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToPrintableString =        (nssASN1Template *)SEC_PointerToPrintableStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToT61String =              (nssASN1Template *)SEC_PointerToT61StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToUniversalString =        (nssASN1Template *)SEC_PointerToUniversalStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToUTCTime =                (nssASN1Template *)SEC_PointerToUTCTimeTemplate;
-const nssASN1Template *nssASN1Template_PointerToUTF8String =             (nssASN1Template *)SEC_PointerToUTF8StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToVisibleString =          (nssASN1Template *)SEC_PointerToVisibleStringTemplate;
-
-const nssASN1Template *nssASN1Template_SetOfAny =                        (nssASN1Template *)SEC_SetOfAnyTemplate;
-const nssASN1Template *nssASN1Template_SetOfBitString =                  (nssASN1Template *)SEC_SetOfBitStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfBMPString =                  (nssASN1Template *)SEC_SetOfBMPStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfBoolean =                    (nssASN1Template *)SEC_SetOfBooleanTemplate;
-const nssASN1Template *nssASN1Template_SetOfEnumerated =                 (nssASN1Template *)SEC_SetOfEnumeratedTemplate;
-const nssASN1Template *nssASN1Template_SetOfGeneralizedTime =            (nssASN1Template *)SEC_SetOfGeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_SetOfIA5String =                  (nssASN1Template *)SEC_SetOfIA5StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfInteger =                    (nssASN1Template *)SEC_SetOfIntegerTemplate;
-const nssASN1Template *nssASN1Template_SetOfNull =                       (nssASN1Template *)SEC_SetOfNullTemplate;
-const nssASN1Template *nssASN1Template_SetOfObjectID =                   (nssASN1Template *)SEC_SetOfObjectIDTemplate;
-const nssASN1Template *nssASN1Template_SetOfOctetString =                (nssASN1Template *)SEC_SetOfOctetStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfPrintableString =            (nssASN1Template *)SEC_SetOfPrintableStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfT61String =                  (nssASN1Template *)SEC_SetOfT61StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfUniversalString =            (nssASN1Template *)SEC_SetOfUniversalStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfUTCTime =                    (nssASN1Template *)SEC_SetOfUTCTimeTemplate;
-const nssASN1Template *nssASN1Template_SetOfUTF8String =                 (nssASN1Template *)SEC_SetOfUTF8StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfVisibleString =              (nssASN1Template *)SEC_SetOfVisibleStringTemplate;
-
-/*
- *
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  NSSBER *berData
-)
-{
-  NSSUTF8 *rv = NULL;
-  PRUint8 tag;
-  NSSArena *a;
-  NSSItem in;
-  NSSItem out;
-  PRStatus st;
-  const nssASN1Template *templ;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-
-  if( (NSSBER *)NULL == berData ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (void *)NULL == berData->data ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  a = NSSArena_Create();
-  if( (NSSArena *)NULL == a ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  in = *berData;
-
-  /*
-   * By the way, at first I succumbed to the temptation to make
-   * this an incestuous nested switch statement.  Count yourself
-   * lucky I cleaned it up.
-   */
-
-  switch( type ) {
-  case nssStringType_DirectoryString:
-    /*
-     * draft-ietf-pkix-ipki-part1-11 says in part:
-     *
-     * DirectoryString { INTEGER:maxSize } ::= CHOICE {
-     *   teletexString           TeletexString (SIZE (1..maxSize)),
-     *   printableString         PrintableString (SIZE (1..maxSize)),
-     *   universalString         UniversalString (SIZE (1..maxSize)),
-     *   bmpString               BMPString (SIZE(1..maxSize)),
-     *   utf8String              UTF8String (SIZE(1..maxSize))
-     *                       }
-     *
-     * The tags are:
-     *  TeletexString       UNIVERSAL 20
-     *  PrintableString     UNIVERSAL 19
-     *  UniversalString     UNIVERSAL 28
-     *  BMPString           UNIVERSAL 30
-     *  UTF8String          UNIVERSAL 12
-     *
-     * "UNIVERSAL" tags have bits 8 and 7 zero, bit 6 is zero for
-     * primitive encodings, and if the tag value is less than 30,
-     * the tag value is directly encoded in bits 5 through 1.
-     */
-    in.data = (void *)&(((PRUint8 *)berData->data)[1]);
-    in.size = berData->size-1;
-    
-    tag = *(PRUint8 *)berData->data;
-    switch( tag & nssASN1_TAGNUM_MASK ) {
-    case 20:
-      /*
-       * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
-       * below) but is T61 a suitable value for "Latin-1"?
-       */
-      templ = nssASN1Template_T61String;
-      type = nssStringType_TeletexString;
-      break;
-    case 19:
-      templ = nssASN1Template_PrintableString;
-      type = nssStringType_PrintableString;
-      break;
-    case 28:
-      templ = nssASN1Template_UniversalString;
-      type = nssStringType_UniversalString;
-      break;
-    case 30:
-      templ = nssASN1Template_BMPString;
-      type = nssStringType_BMPString;
-      break;
-    case 12:
-      templ = nssASN1Template_UTF8String;
-      type = nssStringType_UTF8String;
-      break;
-    default:
-      nss_SetError(NSS_ERROR_INVALID_POINTER); /* "pointer"? */
-      (void)NSSArena_Destroy(a);
-      return (NSSUTF8 *)NULL;
-    }
-
-    break;
-
-  case nssStringType_TeletexString:
-    /*
-     * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
-     * below) but is T61 a suitable value for "Latin-1"?
-     */
-    templ = nssASN1Template_T61String;
-    break;
-   
-  case nssStringType_PrintableString:
-    templ = nssASN1Template_PrintableString;
-    break;
-
-  case nssStringType_UniversalString:
-    templ = nssASN1Template_UniversalString;
-    break;
-
-  case nssStringType_BMPString:
-    templ = nssASN1Template_BMPString;
-    break;
-
-  case nssStringType_UTF8String:
-    templ = nssASN1Template_UTF8String;
-    break;
-
-  case nssStringType_PHGString:
-    templ = nssASN1Template_IA5String;
-    break;
-
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
-    (void)NSSArena_Destroy(a);
-    return (NSSUTF8 *)NULL;
-  }
-    
-  st = nssASN1_DecodeBER(a, &out, templ, &in);
-  
-  if( PR_SUCCESS == st ) {
-    rv = nssUTF8_Create(arenaOpt, type, out.data, out.size);
-  }
-  (void)NSSArena_Destroy(a);
-  
-  return rv;
-}
-
-NSS_EXTERN NSSDER *
-nssUTF8_GetDEREncoding
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  const NSSUTF8 *string
-)
-{
-  NSSDER *rv = (NSSDER *)NULL;
-  NSSItem str;
-  NSSDER *der;
-  const nssASN1Template *templ;
-  NSSArena *a;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-
-  if( (const NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSDER *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  str.data = (void *)string;
-  str.size = nssUTF8_Size(string, (PRStatus *)NULL);
-  if( 0 == str.size ) {
-    return (NSSDER *)NULL;
-  }
-
-  a = NSSArena_Create();
-  if( (NSSArena *)NULL == a ) {
-    return (NSSDER *)NULL;
-  }
-
-  switch( type ) {
-  case nssStringType_DirectoryString:
-    {
-      NSSDER *utf;
-      PRUint8 *c;
-
-      utf = nssASN1_EncodeItem(a, (NSSDER *)NULL, &str, 
-                               nssASN1Template_UTF8String,
-                               NSSASN1DER);
-      if( (NSSDER *)NULL == utf ) {
-        (void)NSSArena_Destroy(a);
-        return (NSSDER *)NULL;
-      }
-
-      rv = nss_ZNEW(arenaOpt, NSSDER);
-      if( (NSSDER *)NULL == rv ) {
-        (void)NSSArena_Destroy(a);
-        return (NSSDER *)NULL;
-      }
-
-      rv->size = utf->size + 1;
-      rv->data = nss_ZAlloc(arenaOpt, rv->size);
-      if( (void *)NULL == rv->data ) {
-        (void)nss_ZFreeIf(rv);
-        (void)NSSArena_Destroy(a);
-        return (NSSDER *)NULL;
-      }
-      
-      c = (PRUint8 *)rv->data;
-      (void)nsslibc_memcpy(&c[1], utf->data, utf->size);
-      *c = 12; /* UNIVERSAL primitive encoding tag for UTF8String */
-
-      (void)NSSArena_Destroy(a);
-      return rv;
-    }
-  case nssStringType_TeletexString:
-    /*
-     * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
-     * below) but is T61 a suitable value for "Latin-1"?
-     */
-    templ = nssASN1Template_T61String;
-    break;
-  case nssStringType_PrintableString:
-    templ = nssASN1Template_PrintableString;
-    break;
-
-  case nssStringType_UniversalString:
-    templ = nssASN1Template_UniversalString;
-    break;
-
-  case nssStringType_BMPString:
-    templ = nssASN1Template_BMPString;
-    break;
-
-  case nssStringType_UTF8String:
-    templ = nssASN1Template_UTF8String;
-    break;
-
-  case nssStringType_PHGString:
-    templ = nssASN1Template_IA5String;
-    break;
-
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
-    (void)NSSArena_Destroy(a);
-    return (NSSDER *)NULL;
-  }
-
-  der = nssUTF8_GetDEREncoding(a, type, string);
-  if( (NSSItem *)NULL == der ) {
-    (void)NSSArena_Destroy(a);
-    return (NSSDER *)NULL;
-  }
-
-  rv = nssASN1_EncodeItem(arenaOpt, (NSSDER *)NULL, der, templ, NSSASN1DER);
-  if( (NSSDER *)NULL == rv ) {
-    (void)NSSArena_Destroy(a);
-    return (NSSDER *)NULL;
-  }
-
-  (void)NSSArena_Destroy(a);
-  return rv;
-}
diff --git a/security/nss/lib/asn1/asn1.h b/security/nss/lib/asn1/asn1.h
deleted file mode 100644
index a81f3213d..000000000
--- a/security/nss/lib/asn1/asn1.h
+++ /dev/null
@@ -1,879 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1_H
-#define ASN1_H
-
-#ifdef DEBUG
-static const char ASN1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1.h
- *
- * This file contains the ASN.1 encoder/decoder routines available
- * internally within NSS.  It's not clear right now if this file
- * will be folded into base.h or something, I just needed to get this
- * going.  At the moment, most of these routines wrap the old SEC_ASN1
- * calls.
- */
-
-#ifndef ASN1T_H
-#include "asn1t.h"
-#endif /* ASN1T_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssASN1Decoder
- *
- * ... description here ...
- *
- *  nssASN1Decoder_Create (Factory/Constructor)
- *  nssASN1Decoder_Update
- *  nssASN1Decoder_Finish (Destructor)
- *  nssASN1Decoder_SetFilter
- *  nssASN1Decoder_GetFilter
- *  nssASN1Decoder_SetNotify
- *  nssASN1Decoder_GetNotify
- *
- * Debug builds only:
- *
- *  nssASN1Decoder_verify
- *
- * Related functions that aren't type methods:
- *
- *  nssASN1_Decode
- *  nssASN1_DecodeBER
- */
-
-/*
- * nssASN1Decoder_Create
- *
- * This routine creates an ASN.1 Decoder, which will use the specified
- * template to decode a datastream into the specified destination
- * structure.  If the optional arena argument is non-NULL, blah blah 
- * blah.  XXX fgmr Should we include an nssASN1EncodingType argument, 
- * as a hint?  Or is each encoding distinctive?  This routine may 
- * return NULL upon error, in which case an error will have been 
- * placed upon the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  ...
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an ASN.1 Decoder upon success.
- */
-
-NSS_EXTERN nssASN1Decoder *
-nssASN1Decoder_Create
-(
-  NSSArena *arenaOpt,
-  void *destination,
-  const nssASN1Template template[]
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Decoder_Update
- *
- * This routine feeds data to the decoder.  In the event of an error, 
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_ASN1DECODER
- *  NSS_ERROR_INVALID_BER
- *  ...
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success.
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_Update
-(
-  nssASN1Decoder *decoder,
-  const void *data,
-  PRUint32 amount
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1Decoder_Finish
- *
- * This routine finishes the decoding and destroys the decoder.
- * In the event of an error, it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_Finish
-(
-  nssASN1Decoder *decoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_SetFilter
- *
- * This routine registers a callback filter routine with the decoder,
- * which will be called blah blah blah.  The specified argument will
- * be passed as-is to the filter routine.  The routine pointer may
- * be NULL, in which case no filter callback will be called.  If the
- * noStore boolean is PR_TRUE, then decoded fields will not be stored
- * in the destination structure specified when the decoder was 
- * created.  This routine returns a PRStatus value; in the event of
- * an error, it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_SetFilter
-(
-  nssASN1Decoder *decoder,
-  nssASN1DecoderFilterFunction *callback,
-  void *argument,
-  PRBool noStore
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_GetFilter
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetFilter will be stored at the 
- * location indicated by it.  If the optional pArgumentOpt
- * pointer is non-null, the filter's closure argument will be stored
- * there.  If the optional pNoStoreOpt pointer is non-null, the
- * noStore value specified when setting the filter will be stored
- * there.  This routine returns a PRStatus value; in the event of
- * an error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_GetFilter
-(
-  nssASN1Decoder *decoder,
-  nssASN1DecoderFilterFunction **pCallbackOpt,
-  void **pArgumentOpt,
-  PRBool *pNoStoreOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_SetNotify
- *
- * This routine registers a callback notify routine with the decoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine.  The routine pointer may be
- * NULL, in which case no notify routine will be called.  This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_SetNotify
-(
-  nssASN1Decoder *decoder,
-  nssASN1NotifyFunction *callback,
-  void *argument
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetNotify will be stored at the 
- * location indicated by it.  If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_GetNotify
-(
-  nssASN1Decoder *decoder,
-  nssASN1NotifyFunction **pCallbackOpt,
-  void **pArgumentOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Decoder
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssASN1Decoder_verify
-(
-  nssASN1Decoder *decoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-#endif /* DEBUG */
-
-/*
- * nssASN1_Decode
- *
- * This routine will decode the specified data into the specified
- * destination structure, as specified by the specified template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_BER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_Decode
-(
-  NSSArena *arenaOpt,
-  void *destination,
-  const nssASN1Template template[],
-  const void *berData,
-  PRUint32 amount
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1_DecodeBER
- *
- * This routine will decode the data in the specified NSSBER
- * into the destination structure, as specified by the template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_NSSBER
- *  NSS_ERROR_INVALID_BER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_DecodeBER
-(
-  NSSArena *arenaOpt,
-  void *destination,
-  const nssASN1Template template[],
-  const NSSBER *data
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1Encoder
- *
- * ... description here ...
- *
- *  nssASN1Encoder_Create (Factory/Constructor)
- *  nssASN1Encoder_Update
- *  nssASN1Encoder_Finish (Destructor)
- *  nssASN1Encoder_SetNotify
- *  nssASN1Encoder_GetNotify
- *  nssASN1Encoder_SetStreaming
- *  nssASN1Encoder_GetStreaming
- *  nssASN1Encoder_SetTakeFromBuffer
- *  nssASN1Encoder_GetTakeFromBuffer
- *
- * Debug builds only:
- *
- *  nssASN1Encoder_verify
- *
- * Related functions that aren't type methods:
- *
- *  nssASN1_Encode
- *  nssASN1_EncodeItem
- */
-
-/*
- * nssASN1Encoder_Create
- *
- * This routine creates an ASN.1 Encoder, blah blah blah.  This 
- * may return NULL upon error, in which case an error will have been
- * placed on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ENCODING_NOT_SUPPORTED
- *  ...
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an ASN.1 Encoder upon success
- */
-
-NSS_EXTERN nssASN1Encoder *
-nssASN1Encoder_Create
-(
-  const void *source,
-  const nssASN1Template template[],
-  NSSASN1EncodingType encoding,
-  nssASN1EncoderWriteFunction *sink,
-  void *argument
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * nssASN1Encoder_Update
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_Update
-(
-  nssASN1Encoder *encoder,
-  const void *data,
-  PRUint32 length
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_Finish
- *
- * Destructor.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_Finish
-(
-  nssASN1Encoder *encoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_SetNotify
- *
- * This routine registers a callback notify routine with the encoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine.  The routine pointer may be
- * NULL, in which case no notify routine will be called.  This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetNotify
-(
-  nssASN1Encoder *encoder,
-  nssASN1NotifyFunction *callback,
-  void *argument
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Encoder_SetNotify will be stored at the 
- * location indicated by it.  If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetNotify
-(
-  nssASN1Encoder *encoder,
-  nssASN1NotifyFunction **pCallbackOpt,
-  void **pArgumentOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_SetStreaming
- *
- * 
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetStreaming
-(
-  nssASN1Encoder *encoder,
-  PRBool streaming
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetStreaming
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetStreaming
-(
-  nssASN1Encoder *encoder,
-  PRBool *pStreaming
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_SetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetTakeFromBuffer
-(
-  nssASN1Encoder *encoder,
-  PRBool takeFromBuffer
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetTakeFromBuffer
-(
-  nssASN1Encoder *encoder,
-  PRBool *pTakeFromBuffer
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Encoder
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssASN1Encoder_verify
-(
-  nssASN1Encoder *encoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-#endif /* DEBUG */
-
-/*
- * nssASN1_Encode
- *
- * 
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ENCODING_NOT_SUPPORTED
- *  ...
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_Encode
-(
-  const void *source,
-  const nssASN1Template template[],
-  NSSASN1EncodingType encoding,
-  nssASN1EncoderWriteFunction *sink,
-  void *argument
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * nssASN1_EncodeItem
- *
- * There must be a better name.  If the optional arena argument is
- * non-null, it'll be used for the space.  If the optional rvOpt is
- * non-null, it'll be the return value-- if it is null, a new one
- * will be allocated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ENCODING_NOT_SUPPORTED
- *
- * Return value:
- *  NULL upon error
- *  A valid pointer to an NSSDER upon success
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_EncodeItem
-(
-  NSSArena *arenaOpt,
-  NSSDER *rvOpt,
-  const void *source,
-  const nssASN1Template template[],
-  NSSASN1EncodingType encoding
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * Other basic types' encoding and decoding helper functions:
- *
- *  nssASN1_CreatePRUint32FromBER
- *  nssASN1_GetDERFromPRUint32
- *  nssASN1_CreatePRInt32FromBER
- *  nssASN1_GetDERFromPRInt32
- * ..etc..
- */
-
-/*
- * nssASN1_CreatePRUint32FromBER
- *
- */
-
-NSS_EXTERN PRStatus
-nssASN1_CreatePRUint32FromBER
-(
-  NSSBER *encoded,
-  PRUint32 *pResult
-);
-
-/*
- * nssASN1_GetDERFromPRUint32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRUint32
-(
-  NSSArena *arenaOpt,
-  NSSDER *rvOpt,
-  PRUint32 value
-);
-
-/*
- * nssASN1_CreatePRInt32FromBER
- *
- */
-
-NSS_EXTERN PRStatus
-nssASN1_CreatePRInt32FromBER
-(
-  NSSBER *encoded,
-  PRInt32 *pResult
-);
-
-/*
- * nssASN1_GetDERFromPRInt32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRInt32
-(
-  NSSArena *arenaOpt,
-  NSSDER *rvOpt,
-  PRInt32 value
-);
-
-/*
- * Builtin templates
- */
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- *	- a pointer to each one of those
- *	- a set of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-extern const nssASN1Template *nssASN1Template_Any;
-extern const nssASN1Template *nssASN1Template_BitString;
-extern const nssASN1Template *nssASN1Template_BMPString;
-extern const nssASN1Template *nssASN1Template_Boolean;
-extern const nssASN1Template *nssASN1Template_Enumerated;
-extern const nssASN1Template *nssASN1Template_GeneralizedTime;
-extern const nssASN1Template *nssASN1Template_IA5String;
-extern const nssASN1Template *nssASN1Template_Integer;
-extern const nssASN1Template *nssASN1Template_Null;
-extern const nssASN1Template *nssASN1Template_ObjectID;
-extern const nssASN1Template *nssASN1Template_OctetString;
-extern const nssASN1Template *nssASN1Template_PrintableString;
-extern const nssASN1Template *nssASN1Template_T61String;
-extern const nssASN1Template *nssASN1Template_UniversalString;
-extern const nssASN1Template *nssASN1Template_UTCTime;
-extern const nssASN1Template *nssASN1Template_UTF8String;
-extern const nssASN1Template *nssASN1Template_VisibleString;
-
-extern const nssASN1Template *nssASN1Template_PointerToAny;
-extern const nssASN1Template *nssASN1Template_PointerToBitString;
-extern const nssASN1Template *nssASN1Template_PointerToBMPString;
-extern const nssASN1Template *nssASN1Template_PointerToBoolean;
-extern const nssASN1Template *nssASN1Template_PointerToEnumerated;
-extern const nssASN1Template *nssASN1Template_PointerToGeneralizedTime;
-extern const nssASN1Template *nssASN1Template_PointerToIA5String;
-extern const nssASN1Template *nssASN1Template_PointerToInteger;
-extern const nssASN1Template *nssASN1Template_PointerToNull;
-extern const nssASN1Template *nssASN1Template_PointerToObjectID;
-extern const nssASN1Template *nssASN1Template_PointerToOctetString;
-extern const nssASN1Template *nssASN1Template_PointerToPrintableString;
-extern const nssASN1Template *nssASN1Template_PointerToT61String;
-extern const nssASN1Template *nssASN1Template_PointerToUniversalString;
-extern const nssASN1Template *nssASN1Template_PointerToUTCTime;
-extern const nssASN1Template *nssASN1Template_PointerToUTF8String;
-extern const nssASN1Template *nssASN1Template_PointerToVisibleString;
-
-extern const nssASN1Template *nssASN1Template_SetOfAny;
-extern const nssASN1Template *nssASN1Template_SetOfBitString;
-extern const nssASN1Template *nssASN1Template_SetOfBMPString;
-extern const nssASN1Template *nssASN1Template_SetOfBoolean;
-extern const nssASN1Template *nssASN1Template_SetOfEnumerated;
-extern const nssASN1Template *nssASN1Template_SetOfGeneralizedTime;
-extern const nssASN1Template *nssASN1Template_SetOfIA5String;
-extern const nssASN1Template *nssASN1Template_SetOfInteger;
-extern const nssASN1Template *nssASN1Template_SetOfNull;
-extern const nssASN1Template *nssASN1Template_SetOfObjectID;
-extern const nssASN1Template *nssASN1Template_SetOfOctetString;
-extern const nssASN1Template *nssASN1Template_SetOfPrintableString;
-extern const nssASN1Template *nssASN1Template_SetOfT61String;
-extern const nssASN1Template *nssASN1Template_SetOfUniversalString;
-extern const nssASN1Template *nssASN1Template_SetOfUTCTime;
-extern const nssASN1Template *nssASN1Template_SetOfUTF8String;
-extern const nssASN1Template *nssASN1Template_SetOfVisibleString;
-
-/*
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  NSSBER *berData
-);
-
-NSS_EXTERN NSSDER *
-nssUTF8_GetDEREncoding
-(
-  NSSArena *arenaOpt,
-  /* Should have an NSSDER *rvOpt */
-  nssStringType type,
-  const NSSUTF8 *string
-);
-
-PR_END_EXTERN_C
-
-#endif /* ASN1_H */
diff --git a/security/nss/lib/asn1/asn1m.h b/security/nss/lib/asn1/asn1m.h
deleted file mode 100644
index 37ed91919..000000000
--- a/security/nss/lib/asn1/asn1m.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1M_H
-#define ASN1M_H
-
-#ifdef DEBUG
-static const char ASN1M_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1m.h
- *
- * This file contains the ASN.1 encoder/decoder routines available
- * only within the ASN.1 module itself.
- */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssasn1_number_length
- *
- */
-
-NSS_EXTERN PRUint32
-nssasn1_length_length
-(
-  PRUint32 number
-);
-
-/*
- * nssasn1_get_subtemplate
- *
- */
-
-NSS_EXTERN const nssASN1Template *
-nssasn1_get_subtemplate
-(
-  const nssASN1Template template[],
-  void *thing,
-  PRBool encoding
-);
-
-PR_END_EXTERN_C
-
-#endif /* ASN1M_H */
diff --git a/security/nss/lib/asn1/asn1t.h b/security/nss/lib/asn1/asn1t.h
deleted file mode 100644
index 2f6c52cea..000000000
--- a/security/nss/lib/asn1/asn1t.h
+++ /dev/null
@@ -1,166 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1T_H
-#define ASN1T_H
-
-#ifdef DEBUG
-static const char ASN1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1t.h
- *
- * This file contains the ASN.1 encoder/decoder types available 
- * internally within NSS.  It's not clear right now if this file
- * will be folded into baset.h or something, I just needed to
- * get this going.  At the moment, these types are wrappers for
- * the old types.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSASN1T_H
-#include "nssasn1t.h"
-#endif /* NSSASN1T_H */
-
-#include "seccomon.h"
-#include "secasn1t.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * XXX fgmr
- *
- * This sort of bites.  Let's keep an eye on this, to make sure
- * we aren't stuck with it forever.
- */
-
-struct nssASN1ItemStr {
-  PRUint32 reserved;
-  PRUint8 *data;
-  PRUint32 size;
-};
-
-typedef struct nssASN1ItemStr nssASN1Item;
-
-/*
- * I'm not documenting these here, since this'll require another
- * pass anyway.
- */
-
-typedef SEC_ASN1Template nssASN1Template;
-
-#define nssASN1_TAG_MASK               SEC_ASN1_TAG_MASK
-
-#define nssASN1_TAGNUM_MASK            SEC_ASN1_TAGNUM_MASK
-#define nssASN1_BOOLEAN                SEC_ASN1_BOOLEAN
-#define nssASN1_INTEGER                SEC_ASN1_INTEGER
-#define nssASN1_BIT_STRING             SEC_ASN1_BIT_STRING
-#define nssASN1_OCTET_STRING           SEC_ASN1_OCTET_STRING
-#define nssASN1_NULL                   SEC_ASN1_NULL
-#define nssASN1_OBJECT_ID              SEC_ASN1_OBJECT_ID
-#define nssASN1_OBJECT_DESCRIPTOR      SEC_ASN1_OBJECT_DESCRIPTOR
-/* External type and instance-of type   0x08 */
-#define nssASN1_REAL                   SEC_ASN1_REAL
-#define nssASN1_ENUMERATED             SEC_ASN1_ENUMERATED
-#define nssASN1_EMBEDDED_PDV           SEC_ASN1_EMBEDDED_PDV
-#define nssASN1_UTF8_STRING            SEC_ASN1_UTF8_STRING
-#define nssASN1_SEQUENCE               SEC_ASN1_SEQUENCE
-#define nssASN1_SET                    SEC_ASN1_SET
-#define nssASN1_NUMERIC_STRING         SEC_ASN1_NUMERIC_STRING
-#define nssASN1_PRINTABLE_STRING       SEC_ASN1_PRINTABLE_STRING
-#define nssASN1_T61_STRING             SEC_ASN1_T61_STRING
-#define nssASN1_TELETEX_STRING         nssASN1_T61_STRING
-#define nssASN1_VIDEOTEX_STRING        SEC_ASN1_VIDEOTEX_STRING
-#define nssASN1_IA5_STRING             SEC_ASN1_IA5_STRING
-#define nssASN1_UTC_TIME               SEC_ASN1_UTC_TIME
-#define nssASN1_GENERALIZED_TIME       SEC_ASN1_GENERALIZED_TIME
-#define nssASN1_GRAPHIC_STRING         SEC_ASN1_GRAPHIC_STRING
-#define nssASN1_VISIBLE_STRING         SEC_ASN1_VISIBLE_STRING
-#define nssASN1_GENERAL_STRING         SEC_ASN1_GENERAL_STRING
-#define nssASN1_UNIVERSAL_STRING       SEC_ASN1_UNIVERSAL_STRING
-/*                                      0x1d */
-#define nssASN1_BMP_STRING             SEC_ASN1_BMP_STRING
-#define nssASN1_HIGH_TAG_NUMBER        SEC_ASN1_HIGH_TAG_NUMBER
-
-#define nssASN1_METHOD_MASK            SEC_ASN1_METHOD_MASK
-#define nssASN1_PRIMITIVE              SEC_ASN1_PRIMITIVE
-#define nssASN1_CONSTRUCTED            SEC_ASN1_CONSTRUCTED
-                                                                
-#define nssASN1_CLASS_MASK             SEC_ASN1_CLASS_MASK
-#define nssASN1_UNIVERSAL              SEC_ASN1_UNIVERSAL
-#define nssASN1_APPLICATION            SEC_ASN1_APPLICATION
-#define nssASN1_CONTEXT_SPECIFIC       SEC_ASN1_CONTEXT_SPECIFIC
-#define nssASN1_PRIVATE                SEC_ASN1_PRIVATE
-
-#define nssASN1_OPTIONAL               SEC_ASN1_OPTIONAL 
-#define nssASN1_EXPLICIT               SEC_ASN1_EXPLICIT 
-#define nssASN1_ANY                    SEC_ASN1_ANY      
-#define nssASN1_INLINE                 SEC_ASN1_INLINE   
-#define nssASN1_POINTER                SEC_ASN1_POINTER  
-#define nssASN1_GROUP                  SEC_ASN1_GROUP    
-#define nssASN1_DYNAMIC                SEC_ASN1_DYNAMIC  
-#define nssASN1_SKIP                   SEC_ASN1_SKIP     
-#define nssASN1_INNER                  SEC_ASN1_INNER    
-#define nssASN1_SAVE                   SEC_ASN1_SAVE     
-#define nssASN1_MAY_STREAM             SEC_ASN1_MAY_STREAM
-#define nssASN1_SKIP_REST              SEC_ASN1_SKIP_REST
-#define nssASN1_CHOICE                 SEC_ASN1_CHOICE
-
-#define nssASN1_SEQUENCE_OF            SEC_ASN1_SEQUENCE_OF 
-#define nssASN1_SET_OF                 SEC_ASN1_SET_OF      
-#define nssASN1_ANY_CONTENTS           SEC_ASN1_ANY_CONTENTS
-
-typedef SEC_ASN1TemplateChooserPtr nssASN1ChooseTemplateFunction;
-
-typedef SEC_ASN1DecoderContext nssASN1Decoder;
-typedef SEC_ASN1EncoderContext nssASN1Encoder;
-
-typedef enum {
-  nssASN1EncodingPartIdentifier    = SEC_ASN1_Identifier,
-  nssASN1EncodingPartLength        = SEC_ASN1_Length,
-  nssASN1EncodingPartContents      = SEC_ASN1_Contents,
-  nssASN1EncodingPartEndOfContents = SEC_ASN1_EndOfContents
-} nssASN1EncodingPart;
-
-typedef SEC_ASN1NotifyProc nssASN1NotifyFunction;
-
-typedef SEC_ASN1WriteProc nssASN1EncoderWriteFunction;
-typedef SEC_ASN1WriteProc nssASN1DecoderFilterFunction;
-
-PR_END_EXTERN_C
-
-#endif /* ASN1T_H */
diff --git a/security/nss/lib/asn1/config.mk b/security/nss/lib/asn1/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/asn1/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/asn1/manifest.mn b/security/nss/lib/asn1/manifest.mn
deleted file mode 100644
index 36558ab60..000000000
--- a/security/nss/lib/asn1/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
-	asn1t.h		  \
-	asn1m.h		  \
-	asn1.h		  \
-	nssasn1t.h	  \
-	$(NULL)
-
-EXPORTS =	   \
-	$(NULL)
-
-MODULE = security
-
-CSRCS =		   \
-	asn1.c	   \
-	$(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = asn1
diff --git a/security/nss/lib/asn1/nssasn1t.h b/security/nss/lib/asn1/nssasn1t.h
deleted file mode 100644
index 2488892b4..000000000
--- a/security/nss/lib/asn1/nssasn1t.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSASN1T_H
-#define NSSASN1T_H
-
-#ifdef DEBUG
-static const char NSSASN1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssasn1t.h
- *
- * This file contains the public types related to our ASN.1 encoder 
- * and decoder.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSASN1EncodingType
- *
- * This type enumerates specific types of ASN.1 encodings.
- */
-
-typedef enum {
-  NSSASN1BER,               /* Basic Encoding Rules */
-  NSSASN1CER,               /* Canonical Encoding Rules */
-  NSSASN1DER,               /* Distinguished Encoding Rules */
-  NSSASN1LWER,              /* LightWeight Encoding Rules */
-  NSSASN1PER,               /* Packed Encoding Rules */
-  NSSASN1UnknownEncoding = -1
-} NSSASN1EncodingType;
-
-PR_END_EXTERN_C
-
-#endif /* NSSASN1T_H */
diff --git a/security/nss/lib/base/Makefile b/security/nss/lib/base/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/base/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/base/arena.c b/security/nss/lib/base/arena.c
deleted file mode 100644
index 648b7e864..000000000
--- a/security/nss/lib/base/arena.c
+++ /dev/null
@@ -1,1142 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * arena.c
- *
- * This contains the implementation of NSS's thread-safe arenas.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef ARENA_THREADMARK
-#include "prthread.h"
-#endif /* ARENA_THREADMARK */
-
-#include "prlock.h"
-#include "plarena.h"
-
-#include <string.h>
-
-/*
- * NSSArena
- *
- * This is based on NSPR's arena code, but it is threadsafe.
- *
- * The public methods relating to this type are:
- *
- *  NSSArena_Create  -- constructor
- *  NSSArena_Destroy
- *
- * The nonpublic methods relating to this type are:
- *
- *  nssArena_Create  -- constructor
- *  nssArena_Destroy
- *  nssArena_Mark
- *  nssArena_Release
- *  nssArena_Unmark
- * 
- *  nss_ZAlloc
- *  nss_ZFreeIf
- *  nss_ZRealloc
- *
- * In debug builds, the following calls are available:
- *
- *  nssArena_verifyPointer
- *  nssArena_registerDestructor
- *  nssArena_deregisterDestructor
- */
-
-struct NSSArenaStr {
-  PLArenaPool pool;
-  PRLock *lock;
-#ifdef ARENA_THREADMARK
-  PRThread *marking_thread;
-  nssArenaMark *first_mark;
-  nssArenaMark *last_mark;
-#endif /* ARENA_THREADMARK */
-#ifdef ARENA_DESTRUCTOR_LIST
-  struct arena_destructor_node *first_destructor;
-  struct arena_destructor_node *last_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-};
-
-/*
- * nssArenaMark
- *
- * This type is used to mark the current state of an NSSArena.
- */
-
-struct nssArenaMarkStr {
-  PRUint32 magic;
-  void *mark;
-#ifdef ARENA_THREADMARK
-  nssArenaMark *next;
-#endif /* ARENA_THREADMARK */
-#ifdef ARENA_DESTRUCTOR_LIST
-  struct arena_destructor_node *next_destructor;
-  struct arena_destructor_node *prev_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-};
-
-#define MARK_MAGIC 0x4d41524b /* "MARK" how original */
-
-/*
- * But first, the pointer-tracking code
- */
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker arena_pointer_tracker;
-
-static PRStatus
-arena_add_pointer
-(
-  const NSSArena *arena
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&arena_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&arena_pointer_tracker, arena);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-static PRStatus
-arena_remove_pointer
-(
-  const NSSArena *arena
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&arena_pointer_tracker, arena);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-
-/*
- * nssArena_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSArena object,
- * this routine will return PR_SUCCESS.  Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_verifyPointer
-(
-  const NSSArena *arena
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&arena_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    /*
-     * This is a little disingenious.  We have to initialize the
-     * tracker, because someone could "legitimately" try to verify
-     * an arena pointer before one is ever created.  And this step
-     * might fail, due to lack of memory.  But the only way that
-     * this step can fail is if it's doing the call_once stuff,
-     * (later calls just no-op).  And if it didn't no-op, there
-     * aren't any valid arenas.. so the argument certainly isn't one.
-     */
-    nss_SetError(NSS_ERROR_INVALID_ARENA);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&arena_pointer_tracker, arena);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_ARENA);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-#ifdef ARENA_DESTRUCTOR_LIST
-
-struct arena_destructor_node {
-  struct arena_destructor_node *next;
-  struct arena_destructor_node *prev;
-  void (*destructor)(void *argument);
-  void *arg;
-};
-
-/*
- * nssArena_registerDestructor
- *
- * This routine stores a pointer to a callback and an arbitrary
- * pointer-sized argument in the arena, at the current point in
- * the mark stack.  If the arena is destroyed, or an "earlier"
- * mark is released, then this destructor will be called at that
- * time.  Note that the destructor will be called with the arena
- * locked, which means the destructor may free memory in that
- * arena, but it may not allocate or cause to be allocated any
- * memory.  This callback facility was included to support our
- * debug-version pointer-tracker feature; overuse runs counter to
- * the the original intent of arenas.  This routine returns a 
- * PRStatus value; if successful, it will return PR_SUCCESS.  If 
- * unsuccessful, it will set an error on the error stack and 
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_registerDestructor
-(
-  NSSArena *arena,
-  void (*destructor)(void *argument),
-  void *arg
-)
-{
-  struct arena_destructor_node *it;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-  
-  it = nss_ZNEW(arena, struct arena_destructor_node);
-  if( (struct arena_destructor_node *)NULL == it ) {
-    return PR_FAILURE;
-  }
-
-  it->prev = arena->last_destructor;
-  arena->last_destructor->next = it;
-  arena->last_destructor = it;
-  it->destructor = destructor;
-  it->arg = arg;
-
-  if( (nssArenaMark *)NULL != arena->last_mark ) {
-    arena->last_mark->prev_destructor = it->prev;
-    arena->last_mark->next_destructor = it->next;
-  }
-
-  return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssArena_deregisterDestructor
-(
-  NSSArena *arena,
-  void (*destructor)(void *argument),
-  void *arg
-)
-{
-  struct arena_destructor_node *it;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  for( it = arena->first_destructor; it; it = it->next ) {
-    if( (it->destructor == destructor) && (it->arg == arg) ) {
-      break;
-    }
-  }
-
-  if( (struct arena_destructor_node *)NULL == it ) {
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-  }
-
-  if( it == arena->first_destructor ) {
-    arena->first_destructor = it->next;
-  }
-
-  if( it == arena->last_destructor ) {
-    arena->last_destructor = it->prev;
-  }
-
-  if( (struct arena_destructor_node *)NULL != it->prev ) {
-    it->prev->next = it->next;
-  }
-
-  if( (struct arena_destructor_node *)NULL != it->next ) {
-    it->next->prev = it->prev;
-  }
-
-  {
-    nssArenaMark *m;
-    for( m = arena->first_mark; m; m = m->next ) {
-      if( m->next_destructor == it ) {
-        m->next_destructor = it->next;
-      }
-      if( m->prev_destructor == it ) {
-        m->prev_destructor = it->prev;
-      }
-    }
-  }
-
-  nss_ZFreeIf(it);
-  return PR_SUCCESS;
-}
-
-static void
-nss_arena_call_destructor_chain
-(
-  struct arena_destructor_node *it
-)
-{
-  for( ; it ; it = it->next ) {
-    (*(it->destructor))(it->arg);
-  }
-}
-
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-/*
- * NSSArena_Create
- *
- * This routine creates a new memory arena.  This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The top-level error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSArena upon success
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSArena_Create
-(
-  void
-)
-{
-  nss_ClearErrorStack();
-  return nssArena_Create();
-}
-
-/*
- * nssArena_Create
- *
- * This routine creates a new memory arena.  This routine may return
- * NULL upon error, in which case it will have set an error on the 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSArena upon success
- */
-
-NSS_IMPLEMENT NSSArena *
-nssArena_Create
-(
-  void
-)
-{
-  NSSArena *rv = (NSSArena *)NULL;
-
-  rv = nss_ZNEW((NSSArena *)NULL, NSSArena);
-  if( (NSSArena *)NULL == rv ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (NSSArena *)NULL;
-  }
-
-  rv->lock = PR_NewLock();
-  if( (PRLock *)NULL == rv->lock ) {
-    (void)nss_ZFreeIf(rv);
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (NSSArena *)NULL;
-  }
-
-  /*
-   * Arena sizes.  The current security code has 229 occurrences of
-   * PORT_NewArena.  The default chunksizes specified break down as
-   *
-   *  Size    Mult.   Specified as
-   *   512       1    512
-   *  1024       7    1024
-   *  2048       5    2048
-   *  2048       5    CRMF_DEFAULT_ARENA_SIZE
-   *  2048     190    DER_DEFAULT_CHUNKSIZE
-   *  2048      20    SEC_ASN1_DEFAULT_ARENA_SIZE
-   *  4096       1    4096
-   *
-   * Obviously this "default chunksize" flexibility isn't very 
-   * useful to us, so I'll just pick 2048.
-   */
-
-  PL_InitArenaPool(&rv->pool, "NSS", 2048, sizeof(double));
-
-#ifdef DEBUG
-  {
-    PRStatus st;
-    st = arena_add_pointer(rv);
-    if( PR_SUCCESS != st ) {
-      PL_FinishArenaPool(&rv->pool);
-      PR_DestroyLock(rv->lock);
-      (void)nss_ZFreeIf(rv);
-      return (NSSArena *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return rv;
-}
-
-/*
- * NSSArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it.  This routine returns a PRStatus value; if 
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The top-level error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSArena_Destroy
-(
-  NSSArena *arena
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssArena_Destroy(arena);
-}
-
-/*
- * nssArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it.  This routine returns a PRStatus value; if 
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Destroy
-(
-  NSSArena *arena
-)
-{
-  PRLock *lock;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  PR_Lock(arena->lock);
-  if( (PRLock *)NULL == arena->lock ) {
-    /* Just got destroyed */
-    nss_SetError(NSS_ERROR_INVALID_ARENA);
-    return PR_FAILURE;
-  }
-  
-#ifdef DEBUG
-  if( PR_SUCCESS != arena_remove_pointer(arena) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-#ifdef ARENA_DESTRUCTOR_LIST
-  /* Note that the arena is locked at this time */
-  nss_arena_call_destructor_chain(arena->first_destructor);
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-  PL_FinishArenaPool(&arena->pool);
-  lock = arena->lock;
-  arena->lock = (PRLock *)NULL;
-  PR_Unlock(lock);
-  PR_DestroyLock(lock);
-  (void)nss_ZFreeIf(arena);
-  return PR_SUCCESS;
-}
-
-static void *nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size);
-
-/*
- * nssArena_Mark
- *
- * This routine "marks" the current state of an arena.  Space
- * allocated after the arena has been marked can be freed by
- * releasing the arena back to the mark with nssArena_Release,
- * or committed by calling nssArena_Unmark.  When successful, 
- * this routine returns a valid nssArenaMark pointer.  This 
- * routine may return NULL upon error, in which case it will 
- * have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon failure
- *  An nssArenaMark pointer upon success
- */
-
-NSS_IMPLEMENT nssArenaMark *
-nssArena_Mark
-(
-  NSSArena *arena
-)
-{
-  nssArenaMark *rv;
-  void *p;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    return (nssArenaMark *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  PR_Lock(arena->lock);
-  if( (PRLock *)NULL == arena->lock ) {
-    /* Just got destroyed */
-    nss_SetError(NSS_ERROR_INVALID_ARENA);
-    return (nssArenaMark *)NULL;
-  }
-
-#ifdef ARENA_THREADMARK
-  if( (PRThread *)NULL == arena->marking_thread ) {
-    /* Unmarked.  Store our thread ID */
-    arena->marking_thread = PR_GetCurrentThread();
-    /* This call never fails. */
-  } else {
-    /* Marked.  Verify it's the current thread */
-    if( PR_GetCurrentThread() != arena->marking_thread ) {
-      PR_Unlock(arena->lock);
-      nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
-      return (nssArenaMark *)NULL;
-    }
-  }
-#endif /* ARENA_THREADMARK */
-
-  p = PL_ARENA_MARK(&arena->pool);
-  /* No error possible */
-
-  /* Do this after the mark */
-  rv = (nssArenaMark *)nss_zalloc_arena_locked(arena, sizeof(nssArenaMark));
-  if( (nssArenaMark *)NULL == rv ) {
-    PR_Unlock(arena->lock);
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (nssArenaMark *)NULL;
-  }
-
-#ifdef ARENA_THREADMARK
-  if ( (nssArenaMark *)NULL == arena->first_mark) {
-    arena->first_mark = rv;
-    arena->last_mark = rv;
-  } else {
-    arena->last_mark->next = rv;
-    arena->last_mark = rv;
-  }
-#endif /* ARENA_THREADMARK */
-
-  rv->mark = p;
-  rv->magic = MARK_MAGIC;
-
-#ifdef ARENA_DESTRUCTOR_LIST
-  rv->prev_destructor = arena->last_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-  PR_Unlock(arena->lock);
-
-  return rv;
-}
-
-/*
- * nss_arena_unmark_release
- *
- * This static routine implements the routines nssArena_Release
- * ans nssArena_Unmark, which are almost identical.
- */
-
-static PRStatus
-nss_arena_unmark_release
-(
-  NSSArena *arena,
-  nssArenaMark *arenaMark,
-  PRBool release
-)
-{
-  void *inner_mark;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( MARK_MAGIC != arenaMark->magic ) {
-    nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
-    return PR_FAILURE;
-  }
-
-  PR_Lock(arena->lock);
-  if( (PRLock *)NULL == arena->lock ) {
-    /* Just got destroyed */
-    nss_SetError(NSS_ERROR_INVALID_ARENA);
-    return PR_FAILURE;
-  }
-
-#ifdef ARENA_THREADMARK
-  if( (PRThread *)NULL != arena->marking_thread ) {
-    if( PR_GetCurrentThread() != arena->marking_thread ) {
-      PR_Unlock(arena->lock);
-      nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
-      return PR_FAILURE;
-    }
-  }
-#endif /* ARENA_THREADMARK */
-
-  if( MARK_MAGIC != arenaMark->magic ) {
-    /* Just got released */
-    PR_Unlock(arena->lock);
-    nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
-    return PR_FAILURE;
-  }
-
-  arenaMark->magic = 0;
-  inner_mark = arenaMark->mark;
-
-#ifdef ARENA_THREADMARK
-  {
-    nssArenaMark **pMark = &arena->first_mark;
-    nssArenaMark *rest;
-    nssArenaMark *last = (nssArenaMark *)NULL;
-
-    /* Find this mark */
-    while( *pMark != arenaMark ) {
-      last = *pMark;
-      pMark = &(*pMark)->next;
-    }
-
-    /* Remember the pointer, then zero it */
-    rest = (*pMark)->next;
-    *pMark = (nssArenaMark *)NULL;
-
-    arena->last_mark = last;
-
-    /* Invalidate any later marks being implicitly released */
-    for( ; (nssArenaMark *)NULL != rest; rest = rest->next ) {
-      rest->magic = 0;
-    }
-
-    /* If we just got rid of the first mark, clear the thread ID */
-    if( (nssArenaMark *)NULL == arena->first_mark ) {
-      arena->marking_thread = (PRThread *)NULL;
-    }
-  }
-#endif /* ARENA_THREADMARK */
-
-  if( release ) {
-#ifdef ARENA_DESTRUCTOR_LIST
-    if( (struct arena_destructor_node *)NULL != arenaMark->prev_destructor ) {
-      arenaMark->prev_destructor->next = (struct arena_destructor_node *)NULL;
-    }
-    arena->last_destructor = arenaMark->prev_destructor;
-
-    /* Note that the arena is locked at this time */
-    nss_arena_call_destructor_chain(arenaMark->next_destructor);
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-    PR_ARENA_RELEASE(&arena->pool, inner_mark);
-    /* No error return */
-  }
-
-  PR_Unlock(arena->lock);
-  return PR_SUCCESS;
-}
-
-/*
- * nssArena_Release
- *
- * This routine invalidates and releases all memory allocated from
- * the specified arena after the point at which the specified mark
- * was obtained.  This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS.  If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ARENA_MARK
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Release
-(
-  NSSArena *arena,
-  nssArenaMark *arenaMark
-)
-{
-  return nss_arena_unmark_release(arena, arenaMark, PR_TRUE);
-}
-
-/*
- * nssArena_Unmark
- *
- * This routine "commits" the indicated mark and any marks after
- * it, making them unreleasable.  Note that any earlier marks can
- * still be released, and such a release will invalidate these
- * later unmarked regions.  If an arena is to be safely shared by
- * more than one thread, all marks must be either released or
- * unmarked.  This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS.  If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ARENA_MARK
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Unmark
-(
-  NSSArena *arena,
-  nssArenaMark *arenaMark
-)
-{
-  return nss_arena_unmark_release(arena, arenaMark, PR_FALSE);
-}
-
-/*
- * We prefix this header to all allocated blocks.  It is a multiple
- * of the alignment size.  Note that this usage of a header may make
- * purify spew bogus warnings about "potentially leaked blocks" of
- * memory; if that gets too annoying we can add in a pointer to the
- * header in the header itself.  There's not a lot of safety here;
- * maybe we should add a magic value?
- */
-struct pointer_header {
-  NSSArena *arena;
-  PRUint32 size;
-};
-
-static void *
-nss_zalloc_arena_locked
-(
-  NSSArena *arena,
-  PRUint32 size
-)
-{
-  void *p;
-  void *rv;
-  struct pointer_header *h;
-  PRUint32 my_size = size + sizeof(struct pointer_header);
-  PR_ARENA_ALLOCATE(p, &arena->pool, my_size);
-  if( (void *)NULL == p ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (void *)NULL;
-  }
-  /* 
-   * Do this before we unlock.  This way if the user is using
-   * an arena in one thread while destroying it in another, he'll
-   * fault/FMR in his code, not ours.
-   */
-  h = (struct pointer_header *)p;
-  h->arena = arena;
-  h->size = size;
-  rv = (void *)((char *)h + sizeof(struct pointer_header));
-  (void)nsslibc_memset(rv, 0, size);
-  return rv;
-}
-
-/*
- * nss_ZAlloc
- *
- * This routine allocates and zeroes a section of memory of the 
- * size, and returns to the caller a pointer to that memory.  If
- * the optional arena argument is non-null, the memory will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in
- * which case it will have set an error upon the error stack.  The
- * value specified for size may be zero; in which case a valid 
- * zero-length block of memory will be allocated.  This block may
- * be expanded by calling nss_ZRealloc.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the new segment of zeroed memory
- */
-
-NSS_IMPLEMENT void *
-nss_ZAlloc
-(
-  NSSArena *arenaOpt,
-  PRUint32 size
-)
-{
-  struct pointer_header *h;
-  PRUint32 my_size = size + sizeof(struct pointer_header);
-
-  if( my_size < sizeof(struct pointer_header) ) {
-    /* Wrapped */
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (void *)NULL;
-  }
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    /* Heap allocation, no locking required. */
-    h = (struct pointer_header *)PR_Calloc(1, my_size);
-    if( (struct pointer_header *)NULL == h ) {
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      return (void *)NULL;
-    }
-
-    h->arena = (NSSArena *)NULL;
-    h->size = size;
-    /* We used calloc: it's already zeroed */
-
-    return (void *)((char *)h + sizeof(struct pointer_header));
-  } else {
-    void *rv;
-    /* Arena allocation */
-#ifdef NSSDEBUG
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (void *)NULL;
-    }
-#endif /* NSSDEBUG */
-
-    PR_Lock(arenaOpt->lock);
-    if( (PRLock *)NULL == arenaOpt->lock ) {
-      /* Just got destroyed */
-      nss_SetError(NSS_ERROR_INVALID_ARENA);
-      return (void *)NULL;
-    }
-
-#ifdef ARENA_THREADMARK
-    if( (PRThread *)NULL != arenaOpt->marking_thread ) {
-      if( PR_GetCurrentThread() != arenaOpt->marking_thread ) {
-        nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
-        PR_Unlock(arenaOpt->lock);
-        return (void *)NULL;
-      }
-    }
-#endif /* ARENA_THREADMARK */
-
-    rv = nss_zalloc_arena_locked(arenaOpt, size);
-
-    PR_Unlock(arenaOpt->lock);
-    return rv;
-  }
-  /*NOTREACHED*/
-}
-
-/*
- * nss_ZFreeIf
- *
- * If the specified pointer is non-null, then the region of memory 
- * to which it points -- which must have been allocated with 
- * nss_ZAlloc -- will be zeroed and released.  This routine 
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nss_ZFreeIf
-(
-  void *pointer
-)
-{
-  struct pointer_header *h;
-
-  if( (void *)NULL == pointer ) {
-    return PR_SUCCESS;
-  }
-
-  h = (struct pointer_header *)&((char *)pointer)
-    [ - sizeof(struct pointer_header) ];
-
-  /* Check any magic here */
-
-  if( (NSSArena *)NULL == h->arena ) {
-    /* Heap */
-    (void)nsslibc_memset(pointer, 0, h->size);
-    PR_Free(h);
-    return PR_SUCCESS;
-  } else {
-    /* Arena */
-#ifdef NSSDEBUG
-    if( PR_SUCCESS != nssArena_verifyPointer(h->arena) ) {
-      return PR_FAILURE;
-    }
-#endif /* NSSDEBUG */
-
-    PR_Lock(h->arena->lock);
-    if( (PRLock *)NULL == h->arena->lock ) {
-      /* Just got destroyed.. so this pointer is invalid */
-      nss_SetError(NSS_ERROR_INVALID_POINTER);
-      return PR_FAILURE;
-    }
-
-    (void)nsslibc_memset(pointer, 0, h->size);
-
-    /* No way to "free" it within an NSPR arena. */
-
-    PR_Unlock(h->arena->lock);
-    return PR_SUCCESS;
-  }
-  /*NOTREACHED*/
-}
-
-/*
- * nss_ZRealloc
- *
- * This routine reallocates a block of memory obtained by calling
- * nss_ZAlloc or nss_ZRealloc.  The portion of memory 
- * between the new and old sizes -- which is either being newly
- * obtained or released -- is in either case zeroed.  This routine 
- * may return NULL upon failure, in which case it will have placed 
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the replacement segment of memory
- */
-
-NSS_EXTERN void *
-nss_ZRealloc
-(
-  void *pointer,
-  PRUint32 newSize
-)
-{
-  struct pointer_header *h, *new_h;
-  PRUint32 my_newSize = newSize + sizeof(struct pointer_header);
-  void *rv;
-
-  if( my_newSize < sizeof(struct pointer_header) ) {
-    /* Wrapped */
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (void *)NULL;
-  }
-
-  if( (void *)NULL == pointer ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (void *)NULL;
-  }
-
-  h = (struct pointer_header *)&((char *)pointer)
-    [ - sizeof(struct pointer_header) ];
-
-  /* Check any magic here */
-
-  if( newSize == h->size ) {
-    /* saves thrashing */
-    return pointer;
-  }
-
-  if( (NSSArena *)NULL == h->arena ) {
-    /* Heap */
-    new_h = (struct pointer_header *)PR_Calloc(1, my_newSize);
-    if( (struct pointer_header *)NULL == new_h ) {
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      return (void *)NULL;
-    }
-
-    new_h->arena = (NSSArena *)NULL;
-    new_h->size = newSize;
-    rv = (void *)((char *)new_h + sizeof(struct pointer_header));
-
-    if( newSize > h->size ) {
-      (void)nsslibc_memcpy(rv, pointer, h->size);
-      (void)nsslibc_memset(&((char *)rv)[ h->size ], 
-                           0, (newSize - h->size));
-    } else {
-      (void)nsslibc_memcpy(rv, pointer, newSize);
-    }
-
-    (void)nsslibc_memset(pointer, 0, h->size);
-    h->size = 0;
-    PR_Free(h);
-
-    return rv;
-  } else {
-    void *p;
-    /* Arena */
-#ifdef NSSDEBUG
-    if( PR_SUCCESS != nssArena_verifyPointer(h->arena) ) {
-      return (void *)NULL;
-    }
-#endif /* NSSDEBUG */
-
-    PR_Lock(h->arena->lock);
-    if( (PRLock *)NULL == h->arena->lock ) {
-      /* Just got destroyed.. so this pointer is invalid */
-      nss_SetError(NSS_ERROR_INVALID_POINTER);
-      return (void *)NULL;
-    }
-
-#ifdef ARENA_THREADMARK
-    if( (PRThread *)NULL != h->arena->marking_thread ) {
-      if( PR_GetCurrentThread() != h->arena->marking_thread ) {
-        PR_Unlock(h->arena->lock);
-        nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
-        return (void *)NULL;
-      }
-    }
-#endif /* ARENA_THREADMARK */
-
-    if( newSize < h->size ) {
-      /*
-       * We have no general way of returning memory to the arena
-       * (mark/release doesn't work because things may have been
-       * allocated after this object), so the memory is gone
-       * anyway.  We might as well just return the same pointer to
-       * the user, saying "yeah, uh-hunh, you can only use less of
-       * it now."  We'll zero the leftover part, of course.  And
-       * in fact we might as well *not* adjust h->size-- this way,
-       * if the user reallocs back up to something not greater than
-       * the original size, then voila, there's the memory!  This
-       * way a thrash big/small/big/small doesn't burn up the arena.
-       */
-      char *extra = &((char *)pointer)[ newSize ];
-      (void)nsslibc_memset(extra, 0, (h->size - newSize));
-      PR_Unlock(h->arena->lock);
-      return pointer;
-    }
-
-    PR_ARENA_ALLOCATE(p, &h->arena->pool, my_newSize);
-    if( (void *)NULL == p ) {
-      PR_Unlock(h->arena->lock);
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      return (void *)NULL;
-    }
-
-    new_h = (struct pointer_header *)p;
-    new_h->arena = h->arena;
-    new_h->size = newSize;
-    rv = (void *)((char *)new_h + sizeof(struct pointer_header));
-    if (rv != pointer) {
-	(void)nsslibc_memcpy(rv, pointer, h->size);
-	(void)nsslibc_memset(pointer, 0, h->size);
-    }
-    (void)nsslibc_memset(&((char *)rv)[ h->size ], 0, (newSize - h->size));
-    h->arena = (NSSArena *)NULL;
-    h->size = 0;
-    PR_Unlock(new_h->arena->lock);
-    return rv;
-  }
-  /*NOTREACHED*/
-}
diff --git a/security/nss/lib/base/base.h b/security/nss/lib/base/base.h
deleted file mode 100644
index 9a8d2d294..000000000
--- a/security/nss/lib/base/base.h
+++ /dev/null
@@ -1,1445 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef BASE_H
-#define BASE_H
-
-#ifdef DEBUG
-static const char BASE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * base.h
- *
- * This header file contains basic prototypes and preprocessor 
- * definitions used throughout nss but not available publicly.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#include "plhash.h"
-#include "prthread.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSArena
- *
- * The nonpublic methods relating to this type are:
- *
- *  nssArena_Create  -- constructor
- *  nssArena_Destroy
- *  nssArena_Mark
- *  nssArena_Release
- *  nssArena_Unmark
- *
- *  nss_ZAlloc
- *  nss_ZFreeIf
- *  nss_ZRealloc
- *
- * Additionally, there are some preprocessor macros:
- *
- *  nss_ZNEW
- *  nss_ZNEWARRAY
- *
- * In debug builds, the following calls are available:
- *
- *  nssArena_verifyPointer
- *  nssArena_registerDestructor
- *  nssArena_deregisterDestructor
- *
- * The following preprocessor macro is also always available:
- *
- *  nssArena_VERIFYPOINTER
- *
- * A constant PLHashAllocOps structure is available for users
- * of the NSPL PLHashTable routines.
- *
- *  nssArenaHashAllocOps
- */
-
-/*
- * nssArena_Create
- *
- * This routine creates a new memory arena.  This routine may return
- * NULL upon error, in which case it will have set an error on the 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSArena upon success
- */
-
-/*
- * XXX fgmr
- * Arenas can be named upon creation; this is mostly of use when
- * debugging.  Should we expose that here, allowing an optional
- * "const char *name" argument?  Should the public version of this
- * call (NSSArena_Create) have it too?
- */
-
-NSS_EXTERN NSSArena *
-nssArena_Create
-(
-  void
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it.  This routine returns a PRStatus value; if 
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Destroy
-(
-  NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-
-/*
- * nssArena_Mark
- *
- * This routine "marks" the current state of an arena.  Space
- * allocated after the arena has been marked can be freed by
- * releasing the arena back to the mark with nssArena_Release,
- * or committed by calling nssArena_Unmark.  When successful, 
- * this routine returns a valid nssArenaMark pointer.  This 
- * routine may return NULL upon error, in which case it will 
- * have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon failure
- *  An nssArenaMark pointer upon success
- */
-
-NSS_EXTERN nssArenaMark *
-nssArena_Mark
-(
-  NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nssArena_Release
- *
- * This routine invalidates and releases all memory allocated from
- * the specified arena after the point at which the specified mark
- * was obtained.  This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS.  If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ARENA_MARK
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Release
-(
-  NSSArena *arena,
-  nssArenaMark *arenaMark
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
-
-/*
- * nssArena_Unmark
- *
- * This routine "commits" the indicated mark and any marks after
- * it, making them unreleasable.  Note that any earlier marks can
- * still be released, and such a release will invalidate these
- * later unmarked regions.  If an arena is to be safely shared by
- * more than one thread, all marks must be either released or
- * unmarked.  This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS.  If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ARENA_MARK
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Unmark
-(
-  NSSArena *arena,
-  nssArenaMark *arenaMark
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-#ifdef ARENA_DESTRUCTOR_LIST
-
-/*
- * nssArena_registerDestructor
- *
- * This routine stores a pointer to a callback and an arbitrary
- * pointer-sized argument in the arena, at the current point in
- * the mark stack.  If the arena is destroyed, or an "earlier"
- * mark is released, then this destructor will be called at that
- * time.  Note that the destructor will be called with the arena
- * locked, which means the destructor may free memory in that
- * arena, but it may not allocate or cause to be allocated any
- * memory.  This callback facility was included to support our
- * debug-version pointer-tracker feature; overuse runs counter to
- * the the original intent of arenas.  This routine returns a 
- * PRStatus value; if successful, it will return PR_SUCCESS.  If 
- * unsuccessful, it will set an error on the error stack and 
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_registerDestructor
-(
-  NSSArena *arena,
-  void (*destructor)(void *argument),
-  void *arg
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssArena_deregisterDestructor
- *
- * This routine will remove the first destructor in the specified
- * arena which has the specified destructor and argument values.
- * The destructor will not be called.  This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS.  If 
- * unsuccessful, it will set an error on the error stack and 
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NOT_FOUND
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_deregisterDestructor
-(
-  NSSArena *arena,
-  void (*destructor)(void *argument),
-  void *arg
-);
-
-extern const NSSError NSS_ERROR_INVALID_ITEM;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-/*
- * nss_ZAlloc
- *
- * This routine allocates and zeroes a section of memory of the 
- * size, and returns to the caller a pointer to that memory.  If
- * the optional arena argument is non-null, the memory will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in
- * which case it will have set an error upon the error stack.  The
- * value specified for size may be zero; in which case a valid 
- * zero-length block of memory will be allocated.  This block may
- * be expanded by calling nss_ZRealloc.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the new segment of zeroed memory
- */
-
-NSS_EXTERN void *
-nss_ZAlloc
-(
-  NSSArena *arenaOpt,
-  PRUint32 size
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nss_ZFreeIf
- *
- * If the specified pointer is non-null, then the region of memory 
- * to which it points -- which must have been allocated with 
- * nss_ZAlloc -- will be zeroed and released.  This routine 
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nss_ZFreeIf
-(
-  void *pointer
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nss_ZRealloc
- *
- * This routine reallocates a block of memory obtained by calling
- * nss_ZAlloc or nss_ZRealloc.  The portion of memory 
- * between the new and old sizes -- which is either being newly
- * obtained or released -- is in either case zeroed.  This routine 
- * may return NULL upon failure, in which case it will have placed 
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the replacement segment of memory
- */
-
-NSS_EXTERN void *
-nss_ZRealloc
-(
-  void *pointer,
-  PRUint32 newSize
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nss_ZNEW
- *
- * This preprocessor macro will allocate memory for a new object
- * of the specified type with nss_ZAlloc, and will cast the
- * return value appropriately.  If the optional arena argument is 
- * non-null, the memory will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may 
- * return NULL upon error, in which case it will have set an error 
- * upon the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the new segment of zeroed memory
- */
-
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nss_ZNEW(arenaOpt, type) ((type *)nss_ZAlloc((arenaOpt), sizeof(type)))
-
-/*
- * nss_ZNEWARRAY
- *
- * This preprocessor macro will allocate memory for an array of
- * new objects, and will cast the return value appropriately.
- * If the optional arena argument is non-null, the memory will 
- * be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon 
- * error, in which case it will have set an error upon the error 
- * stack.  The array size may be specified as zero.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the new segment of zeroed memory
- */
-
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nss_ZNEWARRAY(arenaOpt, type, quantity) ((type *)nss_ZAlloc((arenaOpt), sizeof(type) * (quantity)))
-
-/*
- * nss_ZREALLOCARRAY
- *
- * This preprocessor macro will reallocate memory for an array of
- * new objects, and will cast the return value appropriately.
- * This routine may return NULL upon error, in which case it will 
- *  have set an error upon the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the replacement segment of memory
- */
-#define nss_ZREALLOCARRAY(p, type, quantity) ((type *)nss_ZRealloc((p), sizeof(type) * (quantity)))
-
-/*
- * nssArena_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSArena object,
- * this routine will return PR_SUCCESS.  Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssArena_verifyPointer
-(
-  const NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-#endif /* DEBUG */
-
-/*
- * nssArena_VERIFYPOINTER
- *
- * This macro is always available.  In debug builds it will call
- * nssArena_verifyPointer; in non-debug builds, it will merely
- * check that the pointer is not null.  Note that in non-debug
- * builds it cannot place an error on the error stack.
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-#define nssArena_VERIFYPOINTER(p) nssArena_verifyPointer(p)
-#else /* DEBUG */
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nssArena_VERIFYPOINTER(p) (((NSSArena *)NULL == (p))?PR_FAILURE:PR_SUCCESS)
-#endif /* DEBUG */
-
-/*
- * nssArenaHashAllocOps
- *
- * This constant structure contains allocation callbacks designed for
- * use with the NSPL routine PL_NewHashTable.  For example:
- *
- *  NSSArena *hashTableArena = nssArena_Create();
- *  PLHashTable *t = PL_NewHashTable(n, hasher, key_compare, 
- *    value_compare, nssArenaHashAllocOps, hashTableArena);
- */
-
-NSS_EXTERN_DATA PLHashAllocOps nssArenaHashAllocOps;
-
-/*
- * The error stack
- *
- * The nonpublic methods relating to the error stack are:
- *
- *  nss_SetError
- *  nss_ClearErrorStack
- */
-
-/*
- * nss_SetError
- *
- * This routine places a new error code on the top of the calling 
- * thread's error stack.  Calling this routine wiht an error code
- * of zero will clear the error stack.
- */
-
-NSS_EXTERN void
-nss_SetError
-(
-  PRUint32 error
-);
-
-/*
- * nss_ClearErrorStack
- *
- * This routine clears the calling thread's error stack.
- */
-
-NSS_EXTERN void
-nss_ClearErrorStack
-(
-  void
-);
-
-/*
- * NSSItem
- *
- * nssItem_Create
- * nssItem_Duplicate
- * nssItem_Equal
- */
-
-NSS_EXTERN NSSItem *
-nssItem_Create
-(
-  NSSArena *arenaOpt,
-  NSSItem *rvOpt,
-  PRUint32 length,
-  const void *data
-);
-
-NSS_EXTERN void
-nssItem_Destroy
-(
-  NSSItem *item
-);
-
-NSS_EXTERN NSSItem *
-nssItem_Duplicate
-(
-  NSSItem *obj,
-  NSSArena *arenaOpt,
-  NSSItem *rvOpt
-);
-
-NSS_EXTERN PRBool
-nssItem_Equal
-(
-  const NSSItem *one,
-  const NSSItem *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSUTF8
- *
- *  nssUTF8_CaseIgnoreMatch
- *  nssUTF8_Duplicate
- *  nssUTF8_Size
- *  nssUTF8_Length
- *  nssUTF8_CopyIntoFixedBuffer
- */
-
-/*
- * nssUTF8_CaseIgnoreMatch
- * 
- * Returns true if the two UTF8-encoded strings pointed to by the 
- * two specified NSSUTF8 pointers differ only in typcase.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_TRUE if the strings match, ignoring case
- *  PR_FALSE if they don't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssUTF8_CaseIgnoreMatch
-(
-  const NSSUTF8 *a,
-  const NSSUTF8 *b,
-  PRStatus *statusOpt
-);
-
-/*
- * nssUTF8_Duplicate
- *
- * This routine duplicates the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.  If the optional arenaOpt argument is
- * not null, the memory required will be obtained from that arena;
- * otherwise, the memory required will be obtained from the heap.
- * A pointer to the new string will be returned.  In case of error,
- * an error will be placed on the error stack and NULL will be 
- * returned.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_Duplicate
-(
-  const NSSUTF8 *s,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssUTF8_PrintableMatch
- *
- * Returns true if the two Printable strings pointed to by the 
- * two specified NSSUTF8 pointers match when compared with the 
- * rules for Printable String (leading and trailing spaces are 
- * disregarded, extents of whitespace match irregardless of length, 
- * and case is not significant), then PR_TRUE will be returned.
- * Otherwise, PR_FALSE will be returned.  Upon failure, PR_FALSE
- * will be returned.  If the optional statusOpt argument is not
- * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
- * location.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_TRUE if the strings match, ignoring case
- *  PR_FALSE if they don't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssUTF8_PrintableMatch
-(
-  const NSSUTF8 *a,
-  const NSSUTF8 *b,
-  PRStatus *statusOpt
-);
-
-/*
- * nssUTF8_Size
- *
- * This routine returns the length in bytes (including the terminating
- * null) of the UTF8-encoded string pointed to by the specified
- * NSSUTF8 pointer.  Zero is returned on error.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- *  nonzero size of the string
- *  0 on error
- */
-
-NSS_EXTERN PRUint32
-nssUTF8_Size
-(
-  const NSSUTF8 *s,
-  PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
-
-/*
- * nssUTF8_Length
- *
- * This routine returns the length in characters (not including the
- * terminating null) of the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_VALUE_TOO_LARGE
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  length of the string (which may be zero)
- *  0 on error
- */
-
-NSS_EXTERN PRUint32
-nssUTF8_Length
-(
-  const NSSUTF8 *s,
-  PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
-extern const NSSError NSS_ERROR_INVALID_STRING;
-
-/*
- * nssUTF8_Create
- *
- * This routine creates a UTF8 string from a string in some other
- * format.  Some types of string may include embedded null characters,
- * so for them the length parameter must be used.  For string types
- * that are null-terminated, the length parameter is optional; if it
- * is zero, it will be ignored.  If the optional arena argument is
- * non-null, the memory used for the new string will be obtained from
- * that arena, otherwise it will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_UNSUPPORTED_TYPE
- *
- * Return value:
- *  NULL upon error
- *  A non-null pointer to a new UTF8 string otherwise
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_Create
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  const void *inputString,
-  PRUint32 size /* in bytes, not characters */
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_UNSUPPORTED_TYPE;
-
-NSS_EXTERN NSSItem *
-nssUTF8_GetEncoding
-(
-  NSSArena *arenaOpt,
-  NSSItem *rvOpt,
-  nssStringType type,
-  NSSUTF8 *string
-);
-
-/*
- * nssUTF8_CopyIntoFixedBuffer
- *
- * This will copy a UTF8 string into a fixed-length buffer, making 
- * sure that the all characters are valid.  Any remaining space will
- * be padded with the specified ASCII character, typically either 
- * null or space.
- *
- * Blah, blah, blah.
- */
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
-
-NSS_EXTERN PRStatus
-nssUTF8_CopyIntoFixedBuffer
-(
-  NSSUTF8 *string,
-  char *buffer,
-  PRUint32 bufferSize,
-  char pad
-);
-
-/*
- * nssUTF8_Equal
- *
- */
-
-NSS_EXTERN PRBool
-nssUTF8_Equal
-(
-  const NSSUTF8 *a,
-  const NSSUTF8 *b,
-  PRStatus *statusOpt
-);
-
-/*
- * nssList
- *
- * The goal is to provide a simple, optionally threadsafe, linked list
- * class.  Since NSS did not seem to use the circularity of PRCList
- * much before, this provides a list that appears to be a linear,
- * NULL-terminated list.
- */
-
-/*
- * nssList_Create
- *
- * If threadsafe is true, the list will be locked during modifications
- * and traversals.
- */
-NSS_EXTERN nssList *
-nssList_Create
-(
-  NSSArena *arenaOpt,
-  PRBool threadSafe
-);
-
-/*
- * nssList_Destroy
- */
-NSS_EXTERN PRStatus
-nssList_Destroy
-(
-  nssList *list
-);
-
-NSS_EXTERN void
-nssList_Clear
-(
-  nssList *list, 
-  nssListElementDestructorFunc destructor
-);
-
-/*
- * nssList_SetCompareFunction
- *
- * By default, two list elements will be compared by comparing their
- * data pointers.  By setting this function, the user can control
- * how elements are compared.
- */
-NSS_EXTERN void
-nssList_SetCompareFunction
-(
-  nssList *list, 
-  nssListCompareFunc compareFunc
-);
-
-/*
- * nssList_SetSortFunction
- *
- * Sort function to use for an ordered list.
- */
-NSS_EXTERN void
-nssList_SetSortFunction
-(
-  nssList *list, 
-  nssListSortFunc sortFunc
-);
-
-/*
- * nssList_Add
- */
-NSS_EXTERN PRStatus
-nssList_Add
-(
-  nssList *list, 
-  void *data
-);
-
-/*
- * nssList_AddUnique
- *
- * This will use the compare function to see if the element is already
- * in the list.
- */
-NSS_EXTERN PRStatus
-nssList_AddUnique
-(
-  nssList *list, 
-  void *data
-);
-
-/*
- * nssList_Remove
- *
- * Uses the compare function to locate the element and remove it.
- */
-NSS_EXTERN PRStatus
-nssList_Remove(nssList *list, void *data);
-
-/*
- * nssList_Get
- *
- * Uses the compare function to locate an element.  Also serves as
- * nssList_Exists.
- */
-NSS_EXTERN void *
-nssList_Get
-(
-  nssList *list, 
-  void *data
-);
-
-/*
- * nssList_Count
- */
-NSS_EXTERN PRUint32
-nssList_Count
-(
-  nssList *list
-);
-
-/*
- * nssList_GetArray
- *
- * Fill rvArray, up to maxElements, with elements in the list.  The
- * array is NULL-terminated, so its allocated size must be maxElements + 1.
- */
-NSS_EXTERN PRStatus
-nssList_GetArray
-(
-  nssList *list, 
-  void **rvArray, 
-  PRUint32 maxElements
-);
-
-/*
- * nssList_CreateIterator
- *
- * Create an iterator for list traversal.
- */
-NSS_EXTERN nssListIterator *
-nssList_CreateIterator
-(
-  nssList *list
-);
-
-NSS_EXTERN nssList *
-nssList_Clone
-(
-  nssList *list
-);
-
-/*
- * nssListIterator_Destroy
- */
-NSS_EXTERN void
-nssListIterator_Destroy
-(
-  nssListIterator *iter
-);
-
-/*
- * nssListIterator_Start
- *
- * Begin a list iteration.  After this call, if the list is threadSafe,
- * the list is *locked*.
- */
-NSS_EXTERN void *
-nssListIterator_Start
-(
-  nssListIterator *iter
-);
-
-/*
- * nssListIterator_Next
- *
- * Continue a list iteration.
- */
-NSS_EXTERN void *
-nssListIterator_Next
-(
-  nssListIterator *iter
-);
-
-/*
- * nssListIterator_Finish
- *
- * Complete a list iteration.  This *must* be called in order for the
- * lock to be released.
- */
-NSS_EXTERN PRStatus
-nssListIterator_Finish
-(
-  nssListIterator *iter
-);
-
-/*
- * nssHash
- *
- *  nssHash_Create
- *  nssHash_Destroy
- *  nssHash_Add
- *  nssHash_Remove
- *  nssHash_Count
- *  nssHash_Exists
- *  nssHash_Lookup
- *  nssHash_Iterate
- */
-
-/*
- * nssHash_Create
- *
- */
-
-NSS_EXTERN nssHash *
-nssHash_Create
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets,
-  PLHashFunction keyHash,
-  PLHashComparator keyCompare,
-  PLHashComparator valueCompare
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreatePointer
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateString
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateItem
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-);
-
-/*
- * nssHash_Destroy
- *
- */
-NSS_EXTERN void
-nssHash_Destroy
-(
-  nssHash *hash
-);
-
-/*
- * nssHash_Add
- *
- */
-
-extern const NSSError NSS_ERROR_HASH_COLLISION;
-
-NSS_EXTERN PRStatus
-nssHash_Add
-(
-  nssHash *hash,
-  const void *key,
-  const void *value
-);
-
-/*
- * nssHash_Remove
- *
- */
-NSS_EXTERN void
-nssHash_Remove
-(
-  nssHash *hash,
-  const void *it
-);
-
-/*
- * nssHash_Count
- *
- */
-NSS_EXTERN PRUint32
-nssHash_Count
-(
-  nssHash *hash
-);
-
-/*
- * nssHash_Exists
- *
- */
-NSS_EXTERN PRBool
-nssHash_Exists
-(
-  nssHash *hash,
-  const void *it
-);
-
-/*
- * nssHash_Lookup
- *
- */
-NSS_EXTERN void *
-nssHash_Lookup
-(
-  nssHash *hash,
-  const void *it
-);
-
-/*
- * nssHash_Iterate
- *
- */
-NSS_EXTERN void
-nssHash_Iterate
-(
-  nssHash *hash,
-  nssHashIterator fcn,
-  void *closure
-);
-
-
-/*
- * nssPointerTracker
- *
- * This type and these methods are only present in debug builds.
- * 
- * The nonpublic methods relating to this type are:
- *
- *  nssPointerTracker_initialize
- *  nssPointerTracker_finalize
- *  nssPointerTracker_add
- *  nssPointerTracker_remove
- *  nssPointerTracker_verify
- */
-
-/*
- * nssPointerTracker_initialize
- *
- * This method is only present in debug builds.
- * 
- * This routine initializes an nssPointerTracker object.  Note that
- * the object must have been declared *static* to guarantee that it
- * is in a zeroed state initially.  This routine is idempotent, and
- * may even be safely called by multiple threads simultaneously with 
- * the same argument.  This routine returns a PRStatus value; if 
- * successful, it will return PR_SUCCESS.  On failure it will set an 
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_initialize
-(
-  nssPointerTracker *tracker
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_finalize
- *
- * This method is only present in debug builds.
- * 
- * This routine returns the nssPointerTracker object to the pre-
- * initialized state, releasing all resources used by the object.
- * It will *NOT* destroy the objects being tracked by the pointer
- * (should any remain), and therefore cannot be used to "sweep up"
- * remaining objects.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCES.  On failure it will set an
- * error on the error stack and return PR_FAILURE.  If any objects
- * remain in the tracker when it is finalized, that will be treated
- * as an error.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_TRACKER_NOT_EMPTY
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_finalize
-(
-  nssPointerTracker *tracker
-);
-
-extern const NSSError NSS_ERROR_TRACKER_NOT_EMPTY;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_add
- *
- * This method is only present in debug builds.
- *
- * This routine adds the specified pointer to the nssPointerTracker
- * object.  It should be called in constructor objects to register
- * new valid objects.  The nssPointerTracker is threadsafe, but this
- * call is not idempotent.  This routine returns a PRStatus value;
- * if successful it will return PR_SUCCESS.  On failure it will set
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_TRACKER_NOT_INITIALIZED
- *  NSS_ERROR_DUPLICATE_POINTER
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_add
-(
-  nssPointerTracker *tracker,
-  const void *pointer
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
-extern const NSSError NSS_ERROR_DUPLICATE_POINTER;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_remove
- *
- * This method is only present in debug builds.
- *
- * This routine removes the specified pointer from the 
- * nssPointerTracker object.  It does not call any destructor for the
- * object; rather, this should be called from the object's destructor.
- * The nssPointerTracker is threadsafe, but this call is not 
- * idempotent.  This routine returns a PRStatus value; if successful 
- * it will return PR_SUCCESS.  On failure it will set an error on the 
- * error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_TRACKER_NOT_INITIALIZED
- *  NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_remove
-(
-  nssPointerTracker *tracker,
-  const void *pointer
-);
-
-extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
-extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_verify
- *
- * This method is only present in debug builds.
- *
- * This routine verifies that the specified pointer has been registered
- * with the nssPointerTracker object.  The nssPointerTracker object is
- * threadsafe, and this call may be safely called from multiple threads
- * simultaneously with the same arguments.  This routine returns a
- * PRStatus value; if the pointer is registered this will return 
- * PR_SUCCESS.  Otherwise it will set an error on the error stack and 
- * return PR_FAILURE.  Although the error is suitable for leaving on 
- * the stack, callers may wish to augment the information available by 
- * placing a more type-specific error on the stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILRUE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_verify
-(
-  nssPointerTracker *tracker,
-  const void *pointer
-);
-
-extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
-#endif /* DEBUG */
-
-/*
- * libc
- *
- * nsslibc_memcpy
- * nsslibc_memset
- * nsslibc_offsetof
- */
-
-/*
- * nsslibc_memcpy
- *
- * Errors:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  NULL on error
- *  The destination pointer on success
- */
-
-NSS_EXTERN void *
-nsslibc_memcpy
-(
-  void *dest,
-  const void *source,
-  PRUint32 n
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nsslibc_memset
- *
- * Errors:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  NULL on error
- *  The destination pointer on success
- */
-
-NSS_EXTERN void *
-nsslibc_memset
-(
-  void *dest,
-  PRUint8 byte,
-  PRUint32 n
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nsslibc_memequal
- *
- * Errors:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_TRUE if they match
- *  PR_FALSE if they don't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nsslibc_memequal
-(
-  const void *a,
-  const void *b,
-  PRUint32 len,
-  PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-#define nsslibc_offsetof(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
-
-/*
- * nss_NewThreadPrivateIndex
- * 
- */
-
-NSS_EXTERN PRStatus
-nss_NewThreadPrivateIndex
-(
-  PRUintn *ip,
-  PRThreadPrivateDTOR dtor
-);
-
-/*
- * nss_GetThreadPrivate
- *
- */
-
-NSS_EXTERN void *
-nss_GetThreadPrivate
-(
-  PRUintn i
-);
-
-/*
- * nss_SetThreadPrivate
- *
- */
-
-NSS_EXTERN void
-nss_SetThreadPrivate
-(
-  PRUintn i,
-  void *v
-);
-
-
-PR_END_EXTERN_C
-
-#endif /* BASE_H */
diff --git a/security/nss/lib/base/baset.h b/security/nss/lib/base/baset.h
deleted file mode 100644
index 6df6da5aa..000000000
--- a/security/nss/lib/base/baset.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef BASET_H
-#define BASET_H
-
-#ifdef DEBUG
-static const char BASET_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * baset.h
- *
- * This file contains definitions for the basic types used throughout
- * nss but not available publicly.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#include "plhash.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssArenaMark
- *
- * This type is used to mark the current state of an NSSArena.
- */
-
-struct nssArenaMarkStr;
-typedef struct nssArenaMarkStr nssArenaMark;
-
-#ifdef DEBUG
-/*
- * ARENA_THREADMARK
- * 
- * Optionally, this arena implementation can be compiled with some
- * runtime checking enabled, which will catch the situation where
- * one thread "marks" the arena, another thread allocates memory,
- * and then the mark is released.  Usually this is a surprise to
- * the second thread, and this leads to weird runtime errors.
- * Define ARENA_THREADMARK to catch these cases; we define it for all
- * (internal and external) debug builds.
- */
-#define ARENA_THREADMARK
-
-/*
- * ARENA_DESTRUCTOR_LIST
- *
- * Unfortunately, our pointer-tracker facility, used in debug
- * builds to agressively fight invalid pointers, requries that
- * pointers be deregistered when objects are destroyed.  This
- * conflicts with the standard arena usage where "memory-only"
- * objects (that don't hold onto resources outside the arena)
- * can be allocated in an arena, and never destroyed other than
- * when the arena is destroyed.  Therefore we have added a
- * destructor-registratio facility to our arenas.  This was not
- * a simple decision, since we're getting ever-further away from
- * the original arena philosophy.  However, it was felt that
- * adding this in debug builds wouldn't be so bad; as it would
- * discourage them from being used for "serious" purposes.
- * This facility requires ARENA_THREADMARK to be defined.
- */
-#ifdef ARENA_THREADMARK
-#define ARENA_DESTRUCTOR_LIST
-#endif /* ARENA_THREADMARK */
-
-#endif /* DEBUG */
-
-typedef struct nssListStr nssList;
-typedef struct nssListIteratorStr nssListIterator;
-typedef PRBool (* nssListCompareFunc)(void *a, void *b);
-typedef PRIntn (* nssListSortFunc)(void *a, void *b);
-typedef void (* nssListElementDestructorFunc)(void *el);
-
-typedef struct nssHashStr nssHash;
-typedef void (PR_CALLBACK *nssHashIterator)(const void *key, 
-                                            void *value, 
-                                            void *arg);
-
-/*
- * nssPointerTracker
- *
- * This type is used in debug builds (both external and internal) to
- * track our object pointers.  Objects of this type must be statically
- * allocated, which means the structure size must be available to the
- * compiler.  Therefore we must expose the contents of this structure.
- * But please don't access elements directly; use the accessors.
- */
-
-#ifdef DEBUG
-struct nssPointerTrackerStr {
-  PRCallOnceType once;
-  PZLock *lock;
-  PLHashTable *table;
-};
-typedef struct nssPointerTrackerStr nssPointerTracker;
-#endif /* DEBUG */
-
-/*
- * nssStringType
- *
- * There are several types of strings in the real world.  We try to
- * use only UTF8 and avoid the rest, but that's not always possible.
- * So we have a couple converter routines to go to and from the other
- * string types.  We have to be able to specify those string types,
- * so we have this enumeration.
- */
-
-enum nssStringTypeEnum {
-  nssStringType_DirectoryString,
-  nssStringType_TeletexString, /* Not "teletext" with trailing 't' */
-  nssStringType_PrintableString,
-  nssStringType_UniversalString,
-  nssStringType_BMPString,
-  nssStringType_UTF8String,
-  nssStringType_PHGString,
-  nssStringType_GeneralString,
-
-  nssStringType_Unknown = -1
-};
-typedef enum nssStringTypeEnum nssStringType;
-
-PR_END_EXTERN_C
-
-#endif /* BASET_H */
diff --git a/security/nss/lib/base/config.mk b/security/nss/lib/base/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/base/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/base/error.c b/security/nss/lib/base/error.c
deleted file mode 100644
index 3e736b2b0..000000000
--- a/security/nss/lib/base/error.c
+++ /dev/null
@@ -1,297 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * error.c
- *
- * This file contains the code implementing the per-thread error 
- * stacks upon which most NSS routines report their errors.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * The stack itself has a header, and a sequence of integers.
- * The header records the amount of space (as measured in stack
- * slots) already allocated for the stack, and the count of the
- * number of records currently being used.
- */
-
-struct stack_header_str {
-  PRUint16 space;
-  PRUint16 count;
-};
-
-struct error_stack_str {
-  struct stack_header_str header;
-  PRInt32 stack[1];
-};
-typedef struct error_stack_str error_stack;
-
-/*
- * error_stack_index
- *
- * Thread-private data must be indexed.  This is that index.
- * See PR_NewThreadPrivateIndex for more information.
- */
-
-static PRUintn error_stack_index;
-
-/*
- * call_once
- *
- * The thread-private index must be obtained (once!) at runtime.
- * This block is used for that one-time call.
- */
-
-static PRCallOnceType error_call_once;
-
-/*
- * error_once_function
- *
- * This is the once-called callback.
- */
-
-static PRStatus
-error_once_function
-(
-  void
-)
-{
-  return nss_NewThreadPrivateIndex(&error_stack_index,PR_Free);
-  /* return PR_NewThreadPrivateIndex(&error_stack_index, PR_Free); */
-}
-
-/*
- * error_get_my_stack
- *
- * This routine returns the calling thread's error stack, creating
- * it if necessary.  It may return NULL upon error, which implicitly
- * means that it ran out of memory.
- */
-
-static error_stack *
-error_get_my_stack
-(
-  void
-)
-{
-  PRStatus st;
-  error_stack *rv;
-  PRUintn new_size;
-  PRUint32 new_bytes;
-  error_stack *new_stack;
-
-  if( 0 == error_stack_index ) {
-    st = PR_CallOnce(&error_call_once, error_once_function);
-    if( PR_SUCCESS != st ) {
-      return (error_stack *)NULL;
-    }
-  }
-
-  rv = (error_stack *)nss_GetThreadPrivate(error_stack_index);
-  if( (error_stack *)NULL == rv ) {
-    /* Doesn't exist; create one */
-    new_size = 16;
-  } else {
-    if( rv->header.count == rv->header.space ) {
-      /* Too small, expand it */
-      new_size = rv->header.space + 16;
-    } else {
-      /* Okay, return it */
-      return rv;
-    }
-  }
-
-  new_bytes = (new_size * sizeof(PRInt32)) + 
-    sizeof(struct stack_header_str);
-  /* Use NSPR's calloc/realloc, not NSS's, to avoid loops! */
-  new_stack = PR_Calloc(1, new_bytes);
-  
-  if( (error_stack *)NULL != new_stack ) {
-    if( (error_stack *)NULL != rv ) {
-	(void)nsslibc_memcpy(new_stack,rv,rv->header.space);
-    }
-    new_stack->header.space = new_size;
-  }
-
-  /* Set the value, whether or not the allocation worked */
-  nss_SetThreadPrivate(error_stack_index, new_stack);
-  return new_stack;
-}
-
-/*
- * The error stack
- *
- * The public methods relating to the error stack are:
- *
- *  NSS_GetError
- *  NSS_GetErrorStack
- *
- * The nonpublic methods relating to the error stack are:
- *
- *  nss_SetError
- *  nss_ClearErrorStack
- *
- */
-
-/*
- * NSS_GetError
- *
- * This routine returns the highest-level (most general) error set
- * by the most recent NSS library routine called by the same thread
- * calling this routine.
- *
- * This routine cannot fail.  However, it may return zero, which
- * indicates that the previous NSS library call did not set an error.
- *
- * Return value:
- *  0 if no error has been set
- *  A nonzero error number
- */
-
-NSS_IMPLEMENT PRInt32
-NSS_GetError
-(
-  void
-)
-{
-  error_stack *es = error_get_my_stack();
-
-  if( (error_stack *)NULL == es ) {
-    return NSS_ERROR_NO_MEMORY; /* Good guess! */
-  }
-
-  if( 0 == es->header.count ) {
-    return 0;
-  }
-
-  return es->stack[ es->header.count-1 ];
-}
-
-/*
- * NSS_GetErrorStack
- *
- * This routine returns a pointer to an array of integers, containing
- * the entire sequence or "stack" of errors set by the most recent NSS
- * library routine called by the same thread calling this routine.
- * NOTE: the caller DOES NOT OWN the memory pointed to by the return
- * value.  The pointer will remain valid until the calling thread
- * calls another NSS routine.  The lowest-level (most specific) error 
- * is first in the array, and the highest-level is last.  The array is
- * zero-terminated.  This routine may return NULL upon error; this
- * indicates a low-memory situation.
- *
- * Return value:
- *  NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
- *  A NON-caller-owned pointer to an array of integers
- */
-
-NSS_IMPLEMENT PRInt32 *
-NSS_GetErrorStack
-(
-  void
-)
-{
-  error_stack *es = error_get_my_stack();
-
-  if( (error_stack *)NULL == es ) {
-    return (PRInt32 *)NULL;
-  }
-
-  /* Make sure it's terminated */
-  es->stack[ es->header.count ] = 0;
-
-  return es->stack;
-}
-
-/*
- * nss_SetError
- *
- * This routine places a new error code on the top of the calling 
- * thread's error stack.  Calling this routine wiht an error code
- * of zero will clear the error stack.
- */
-
-NSS_IMPLEMENT void
-nss_SetError
-(
-  PRUint32 error
-)
-{
-  error_stack *es;
-
-  if( 0 == error ) {
-    nss_ClearErrorStack();
-    return;
-  }
-
-  es = error_get_my_stack();
-  if( (error_stack *)NULL == es ) {
-    /* Oh, well. */
-    return;
-  }
-
-  es->stack[ es->header.count ] = error;
-  es->header.count++;
-  return;
-}
-
-/*
- * nss_ClearErrorStack
- *
- * This routine clears the calling thread's error stack.
- */
-
-NSS_IMPLEMENT void
-nss_ClearErrorStack
-(
-  void
-)
-{
-  error_stack *es = error_get_my_stack();
-  if( (error_stack *)NULL == es ) {
-    /* Oh, well. */
-    return;
-  }
-
-  es->header.count = 0;
-  es->stack[0] = 0;
-  return;
-}
diff --git a/security/nss/lib/base/errorval.c b/security/nss/lib/base/errorval.c
deleted file mode 100644
index 2f2bfcce7..000000000
--- a/security/nss/lib/base/errorval.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * errorval.c
- *
- * This file contains the actual error constants used in NSS.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-const NSSError NSS_ERROR_NO_ERROR                       =  0;
-const NSSError NSS_ERROR_INTERNAL_ERROR                 =  1;
-const NSSError NSS_ERROR_NO_MEMORY                      =  2;
-const NSSError NSS_ERROR_INVALID_POINTER                =  3;
-const NSSError NSS_ERROR_INVALID_ARENA                  =  4;
-const NSSError NSS_ERROR_INVALID_ARENA_MARK             =  5;
-const NSSError NSS_ERROR_DUPLICATE_POINTER              =  6;
-const NSSError NSS_ERROR_POINTER_NOT_REGISTERED         =  7;
-const NSSError NSS_ERROR_TRACKER_NOT_EMPTY              =  8;
-const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED        =  9;
-const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD = 10;
-const NSSError NSS_ERROR_VALUE_TOO_LARGE                = 11;
-const NSSError NSS_ERROR_UNSUPPORTED_TYPE               = 12;
-const NSSError NSS_ERROR_BUFFER_TOO_SHORT               = 13;
-const NSSError NSS_ERROR_INVALID_ATOB_CONTEXT           = 14;
-const NSSError NSS_ERROR_INVALID_BASE64                 = 15;
-const NSSError NSS_ERROR_INVALID_BTOA_CONTEXT           = 16;
-const NSSError NSS_ERROR_INVALID_ITEM                   = 17;
-const NSSError NSS_ERROR_INVALID_STRING                 = 18;
-const NSSError NSS_ERROR_INVALID_ASN1ENCODER            = 19;
-const NSSError NSS_ERROR_INVALID_ASN1DECODER            = 20;
-
-const NSSError NSS_ERROR_INVALID_BER                    = 21;
-const NSSError NSS_ERROR_INVALID_ATAV                   = 22;
-const NSSError NSS_ERROR_INVALID_ARGUMENT               = 23;
-const NSSError NSS_ERROR_INVALID_UTF8                   = 24;
-const NSSError NSS_ERROR_INVALID_NSSOID                 = 25;
-const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE              = 26;
-
-const NSSError NSS_ERROR_NOT_FOUND                      = 27;
-
-const NSSError NSS_ERROR_INVALID_PASSWORD               = 28;
-const NSSError NSS_ERROR_USER_CANCELED                  = 29;
-
-const NSSError NSS_ERROR_MAXIMUM_FOUND                  = 30;
-
-const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND   = 31;
-
-const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE           = 32;
-
-const NSSError NSS_ERROR_HASH_COLLISION                 = 33;
-
diff --git a/security/nss/lib/base/hash.c b/security/nss/lib/base/hash.c
deleted file mode 100644
index 811fcd593..000000000
--- a/security/nss/lib/base/hash.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hash.c
- *
- * This is merely a couple wrappers around NSPR's PLHashTable, using
- * the identity hash and arena-aware allocators.
- * This is a copy of ckfw/hash.c, with modifications to use NSS types
- * (not Cryptoki types).  Would like for this to be a single implementation,
- * but doesn't seem like it will work.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * nssHash
- *
- *  nssHash_Create
- *  nssHash_Destroy
- *  nssHash_Add
- *  nssHash_Remove
- *  nssHash_Count
- *  nssHash_Exists
- *  nssHash_Lookup
- *  nssHash_Iterate
- */
-
-struct nssHashStr {
-  NSSArena *arena;
-  PRBool i_alloced_arena;
-  PRLock *mutex;
-
-  /*
-   * The invariant that mutex protects is:
-   *   The count accurately reflects the hashtable state.
-   */
-
-  PLHashTable *plHashTable;
-  PRUint32 count;
-};
-
-static PLHashNumber
-nss_identity_hash
-(
-  const void *key
-)
-{
-  PRUint32 i = (PRUint32)key;
-  PR_ASSERT(sizeof(PLHashNumber) == sizeof(PRUint32));
-  return (PLHashNumber)i;
-}
-
-static PLHashNumber
-nss_item_hash
-(
-  const void *key
-)
-{
-  int i;
-  PLHashNumber h;
-  NSSItem *it = (NSSItem *)key;
-  h = 0;
-  for (i=0; i<it->size; i++)
-    h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)it->data)[i];
-  return h;
-}
-
-static int
-nss_compare_items(const void *v1, const void *v2)
-{
-  PRStatus ignore;
-  return (int)nssItem_Equal((NSSItem *)v1, (NSSItem *)v2, &ignore);
-}
-
-/*
- * nssHash_create
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_Create
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets,
-  PLHashFunction keyHash,
-  PLHashComparator keyCompare,
-  PLHashComparator valueCompare
-)
-{
-  nssHash *rv;
-  NSSArena *arena;
-  PRBool i_alloced;
-
-#ifdef NSSDEBUG
-  if( arenaOpt && PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (nssHash *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if (arenaOpt) {
-    arena = arenaOpt;
-    i_alloced = PR_FALSE;
-  } else {
-    arena = nssArena_Create();
-    i_alloced = PR_TRUE;
-  }
-
-  rv = nss_ZNEW(arena, nssHash);
-  if( (nssHash *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->mutex = PZ_NewLock(nssILockOther);
-  if( (PZLock *)NULL == rv->mutex ) {
-    goto loser;
-  }
-
-  rv->plHashTable = PL_NewHashTable(numBuckets, 
-                                    keyHash, keyCompare, valueCompare,
-                                    &nssArenaHashAllocOps, arena);
-  if( (PLHashTable *)NULL == rv->plHashTable ) {
-    (void)PZ_DestroyLock(rv->mutex);
-    goto loser;
-  }
-
-  rv->count = 0;
-  rv->arena = arena;
-  rv->i_alloced_arena = i_alloced;
-
-  return rv;
-loser:
-  (void)nss_ZFreeIf(rv);
-  return (nssHash *)NULL;
-}
-
-/*
- * nssHash_CreatePointer
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreatePointer
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-)
-{
-  return nssHash_Create(arenaOpt, numBuckets, 
-                        nss_identity_hash, PL_CompareValues, PL_CompareValues);
-}
-
-/*
- * nssHash_CreateString
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreateString
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-)
-{
-  return nssHash_Create(arenaOpt, numBuckets, 
-                        PL_HashString, PL_CompareStrings, PL_CompareStrings);
-}
-
-/*
- * nssHash_CreateItem
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreateItem
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-)
-{
-  return nssHash_Create(arenaOpt, numBuckets, 
-                        nss_item_hash, nss_compare_items, PL_CompareValues);
-}
-
-/*
- * nssHash_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssHash_Destroy
-(
-  nssHash *hash
-)
-{
-  (void)PZ_DestroyLock(hash->mutex);
-  PL_HashTableDestroy(hash->plHashTable);
-  if (hash->i_alloced_arena) {
-    nssArena_Destroy(hash->arena);
-  } else {
-    nss_ZFreeIf(hash);
-  }
-}
-
-/*
- * nssHash_Add
- *
- */
-NSS_IMPLEMENT PRStatus
-nssHash_Add
-(
-  nssHash *hash,
-  const void *key,
-  const void *value
-)
-{
-  PRStatus error = PR_FAILURE;
-  PLHashEntry *he;
-
-  PZ_Lock(hash->mutex);
-  
-  he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
-  if( (PLHashEntry *)NULL == he ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-  } else if (he->value != value) {
-    nss_SetError(NSS_ERROR_HASH_COLLISION);
-  } else {
-    hash->count++;
-    error = PR_SUCCESS;
-  }
-
-  (void)PZ_Unlock(hash->mutex);
-
-  return error;
-}
-
-/*
- * nssHash_Remove
- *
- */
-NSS_IMPLEMENT void
-nssHash_Remove
-(
-  nssHash *hash,
-  const void *it
-)
-{
-  PRBool found;
-
-  PZ_Lock(hash->mutex);
-
-  found = PL_HashTableRemove(hash->plHashTable, it);
-  if( found ) {
-    hash->count--;
-  }
-
-  (void)PZ_Unlock(hash->mutex);
-  return;
-}
-
-/*
- * nssHash_Count
- *
- */
-NSS_IMPLEMENT PRUint32
-nssHash_Count
-(
-  nssHash *hash
-)
-{
-  PRUint32 count;
-
-  PZ_Lock(hash->mutex);
-
-  count = hash->count;
-
-  (void)PZ_Unlock(hash->mutex);
-
-  return count;
-}
-
-/*
- * nssHash_Exists
- *
- */
-NSS_IMPLEMENT PRBool
-nssHash_Exists
-(
-  nssHash *hash,
-  const void *it
-)
-{
-  void *value;
-
-  PZ_Lock(hash->mutex);
-
-  value = PL_HashTableLookup(hash->plHashTable, it);
-
-  (void)PZ_Unlock(hash->mutex);
-
-  if( (void *)NULL == value ) {
-    return PR_FALSE;
-  } else {
-    return PR_TRUE;
-  }
-}
-
-/*
- * nssHash_Lookup
- *
- */
-NSS_IMPLEMENT void *
-nssHash_Lookup
-(
-  nssHash *hash,
-  const void *it
-)
-{
-  void *rv;
-
-  PZ_Lock(hash->mutex);
-
-  rv = PL_HashTableLookup(hash->plHashTable, it);
-
-  (void)PZ_Unlock(hash->mutex);
-
-  return rv;
-}
-
-struct arg_str {
-  nssHashIterator fcn;
-  void *closure;
-};
-
-static PRIntn
-nss_hash_enumerator
-(
-  PLHashEntry *he,
-  PRIntn index,
-  void *arg
-)
-{
-  struct arg_str *as = (struct arg_str *)arg;
-  as->fcn(he->key, he->value, as->closure);
-  return HT_ENUMERATE_NEXT;
-}
-
-/*
- * nssHash_Iterate
- *
- * NOTE that the iteration function will be called with the hashtable locked.
- */
-NSS_IMPLEMENT void
-nssHash_Iterate
-(
-  nssHash *hash,
-  nssHashIterator fcn,
-  void *closure
-)
-{
-  struct arg_str as;
-  as.fcn = fcn;
-  as.closure = closure;
-
-  PZ_Lock(hash->mutex);
-
-  PL_HashTableEnumerateEntries(hash->plHashTable, nss_hash_enumerator, &as);
-
-  (void)PZ_Unlock(hash->mutex);
-
-  return;
-}
diff --git a/security/nss/lib/base/hashops.c b/security/nss/lib/base/hashops.c
deleted file mode 100644
index 031f92649..000000000
--- a/security/nss/lib/base/hashops.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hashops.c
- *
- * This file includes a set of PLHashAllocOps that use NSSArenas.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-static void * PR_CALLBACK
-nss_arena_hash_alloc_table
-(
-  void *pool,
-  PRSize size
-)
-{
-  NSSArena *arena = (NSSArena *)NULL;
-
-#ifdef NSSDEBUG
-  if( (void *)NULL != arena ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-      return (void *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  return nss_ZAlloc(arena, size);
-}
-
-static void PR_CALLBACK
-nss_arena_hash_free_table
-(
-  void *pool, 
-  void *item
-)
-{
-  (void)nss_ZFreeIf(item);
-}
-
-static PLHashEntry * PR_CALLBACK
-nss_arena_hash_alloc_entry
-(
-  void *pool,
-  const void *key
-)
-{
-  NSSArena *arena = NULL;
-
-#ifdef NSSDEBUG
-  if( (void *)NULL != arena ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-      return (void *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  return nss_ZNEW(arena, PLHashEntry);
-}
-
-static void PR_CALLBACK
-nss_arena_hash_free_entry
-(
-  void *pool,
-  PLHashEntry *he,
-  PRUintn flag
-)
-{
-  if( HT_FREE_ENTRY == flag ) {
-    (void)nss_ZFreeIf(he);
-  }
-}
-
-NSS_IMPLEMENT_DATA PLHashAllocOps 
-nssArenaHashAllocOps = {
-  nss_arena_hash_alloc_table,
-  nss_arena_hash_free_table,
-  nss_arena_hash_alloc_entry,
-  nss_arena_hash_free_entry
-};
diff --git a/security/nss/lib/base/item.c b/security/nss/lib/base/item.c
deleted file mode 100644
index efa9d1200..000000000
--- a/security/nss/lib/base/item.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * item.c
- *
- * This contains some item-manipulation code.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * nssItem_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *  NSS_ERROR_INVALID_POINTER
- *  
- * Return value:
- *  A pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssItem_Create
-(
-  NSSArena *arenaOpt,
-  NSSItem *rvOpt,
-  PRUint32 length,
-  const void *data
-)
-{
-  NSSItem *rv = (NSSItem *)NULL;
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSItem *)NULL;
-    }
-  }
-
-  if( (const void *)NULL == data ) {
-    if( length > 0 ) {
-      nss_SetError(NSS_ERROR_INVALID_POINTER);
-      return (NSSItem *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  if( (NSSItem *)NULL == rvOpt ) {
-    rv = (NSSItem *)nss_ZNEW(arenaOpt, NSSItem);
-    if( (NSSItem *)NULL == rv ) {
-      goto loser;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  rv->size = length;
-  rv->data = nss_ZAlloc(arenaOpt, length);
-  if( (void *)NULL == rv->data ) {
-    goto loser;
-  }
-
-  if( length > 0 ) {
-    (void)nsslibc_memcpy(rv->data, data, length);
-  }
-
-  return rv;
-
- loser:
-  if( rv != rvOpt ) {
-    nss_ZFreeIf(rv);
-  }
-
-  return (NSSItem *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssItem_Destroy
-(
-  NSSItem *item
-)
-{
-  nss_ClearErrorStack();
-
-  nss_ZFreeIf(item->data);
-  nss_ZFreeIf(item);
-
-}
-
-/*
- * nssItem_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *  NSS_ERROR_INVALID_ITEM
- *  
- * Return value:
- *  A pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssItem_Duplicate
-(
-  NSSItem *obj,
-  NSSArena *arenaOpt,
-  NSSItem *rvOpt
-)
-{
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSItem *)NULL;
-    }
-  }
-
-  if( (NSSItem *)NULL == obj ) {
-    nss_SetError(NSS_ERROR_INVALID_ITEM);
-    return (NSSItem *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssItem_Create(arenaOpt, rvOpt, obj->size, obj->data);
-}
-
-#ifdef DEBUG
-/*
- * nssItem_verifyPointer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssItem_verifyPointer
-(
-  const NSSItem *item
-)
-{
-  if( ((const NSSItem *)NULL == item) ||
-      (((void *)NULL == item->data) && (item->size > 0)) ) {
-    nss_SetError(NSS_ERROR_INVALID_ITEM);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * nssItem_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_TRUE if the items are identical
- *  PR_FALSE if they aren't
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssItem_Equal
-(
-  const NSSItem *one,
-  const NSSItem *two,
-  PRStatus *statusOpt
-)
-{
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  if( ((const NSSItem *)NULL == one) && ((const NSSItem *)NULL == two) ) {
-    return PR_TRUE;
-  }
-
-  if( ((const NSSItem *)NULL == one) || ((const NSSItem *)NULL == two) ) {
-    return PR_FALSE;
-  }
-
-  if( one->size != two->size ) {
-    return PR_FALSE;
-  }
-
-  return nsslibc_memequal(one->data, two->data, one->size, statusOpt);
-}
diff --git a/security/nss/lib/base/libc.c b/security/nss/lib/base/libc.c
deleted file mode 100644
index 68ab9d920..000000000
--- a/security/nss/lib/base/libc.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * libc.c
- *
- * This file contains our wrappers/reimplementations for "standard" 
- * libc functions.  Things like "memcpy."  We add to this as we need 
- * it.  Oh, and let's keep it in alphabetical order, should it ever 
- * get large.  Most string/character stuff should be in utf8.c, not 
- * here.  This file (and maybe utf8.c) should be the only ones in
- * NSS to include files with angle brackets.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include <string.h> /* memcpy, memset */
-
-/*
- * nsslibc_memcpy
- * nsslibc_memset
- * nsslibc_offsetof
- * nsslibc_memequal
- */
-
-/*
- * nsslibc_memcpy
- *
- * Errors:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  NULL on error
- *  The destination pointer on success
- */
-
-NSS_IMPLEMENT void *
-nsslibc_memcpy
-(
-  void *dest,
-  const void *source,
-  PRUint32 n
-)
-{
-#ifdef NSSDEBUG
-  if( ((void *)NULL == dest) || ((const void *)NULL == source) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (void *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return memcpy(dest, source, (size_t)n);
-}
-
-/*
- * nsslibc_memset
- *
- * Errors:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  NULL on error
- *  The destination pointer on success
- */
-
-NSS_IMPLEMENT void *
-nsslibc_memset
-(
-  void *dest,
-  PRUint8 byte,
-  PRUint32 n
-)
-{
-#ifdef NSSDEBUG
-  if( ((void *)NULL == dest) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (void *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return memset(dest, (int)byte, (size_t)n);
-}
-
-/*
- * nsslibc_memequal
- *
- * Errors:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_TRUE if they match
- *  PR_FALSE if they don't
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nsslibc_memequal
-(
-  const void *a,
-  const void *b,
-  PRUint32 len,
-  PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
-  if( (((void *)NULL == a) || ((void *)NULL == b)) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  if( 0 == memcmp(a, b, len) ) {
-    return PR_TRUE;
-  } else {
-    return PR_FALSE;
-  }
-}
-
-/*
- * nsslibc_memcmp
- */
-
-NSS_IMPLEMENT PRInt32
-nsslibc_memcmp
-(
-  const void *a,
-  const void *b,
-  PRUint32 len,
-  PRStatus *statusOpt
-)
-{
-  int v;
-
-#ifdef NSSDEBUG
-  if( (((void *)NULL == a) || ((void *)NULL == b)) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return -2;
-  }
-#endif /* NSSDEBUG */
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  v = memcmp(a, b, len);
-  return (PRInt32)v;
-}
-
-/*
- * offsetof is a preprocessor definition
- */
diff --git a/security/nss/lib/base/list.c b/security/nss/lib/base/list.c
deleted file mode 100644
index ae601d50c..000000000
--- a/security/nss/lib/base/list.c
+++ /dev/null
@@ -1,433 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * list.c
- *
- * This contains the implementation of NSS's thread-safe linked list.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-struct nssListElementStr {
-    PRCList  link;
-    void    *data;
-};
-
-typedef struct nssListElementStr nssListElement;
-
-struct nssListStr {
-    NSSArena       *arena;
-    PZLock         *lock;
-    nssListElement *head;
-    PRUint32        count;
-    nssListCompareFunc compareFunc;
-    nssListSortFunc    sortFunc;
-    PRBool i_alloced_arena;
-};
-
-struct nssListIteratorStr {
-    PZLock *lock;
-    nssList *list;
-    nssListElement *current;
-};
-
-#define NSSLIST_LOCK_IF(list) \
-    if ((list)->lock) PZ_Lock((list)->lock)
-
-#define NSSLIST_UNLOCK_IF(list) \
-    if ((list)->lock) PZ_Unlock((list)->lock)
-
-static PRBool
-pointer_compare(void *a, void *b)
-{
-    return (PRBool)(a == b);
-}
-
-static nssListElement *
-nsslist_get_matching_element(nssList *list, void *data)
-{
-    PRCList *link;
-    nssListElement *node;
-    node = list->head;
-    if (!node) {
-	return NULL;
-    }
-    link = &node->link;
-    while (node) {
-	/* using a callback slows things down when it's just compare ... */
-	if (list->compareFunc(node->data, data)) {
-	    break;
-	}
-	link = &node->link;
-	if (link == PR_LIST_TAIL(&list->head->link)) {
-	    node = NULL;
-	    break;
-	}
-	node = (nssListElement *)PR_NEXT_LINK(&node->link);
-    }
-    return node;
-}
-
-NSS_IMPLEMENT nssList *
-nssList_Create
-(
-  NSSArena *arenaOpt,
-  PRBool threadSafe
-)
-{
-    NSSArena *arena;
-    nssList *list;
-    PRBool i_alloced;
-    if (arenaOpt) {
-	arena = arenaOpt;
-	i_alloced = PR_FALSE;
-    } else {
-	arena = nssArena_Create();
-	i_alloced = PR_TRUE;
-    }
-    if (!arena) {
-	return (nssList *)NULL;
-    }
-    list = nss_ZNEW(arena, nssList);
-    if (!list) {
-	if (!arenaOpt) {
-	    NSSArena_Destroy(arena);
-	}
-	return (nssList *)NULL;
-    }
-    if (threadSafe) {
-	list->lock = PZ_NewLock(nssILockOther);
-	if (!list->lock) {
-	    if (arenaOpt) {
-		nss_ZFreeIf(list);
-	    } else {
-		NSSArena_Destroy(arena);
-	    }
-	    return (nssList *)NULL;
-	}
-    }
-    list->arena = arena;
-    list->i_alloced_arena = i_alloced;
-    list->compareFunc = pointer_compare;
-    return list;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Destroy(nssList *list)
-{
-    if (!list->i_alloced_arena) {
-	nssList_Clear(list, NULL);
-    }
-    if (list->lock) {
-	(void)PZ_DestroyLock(list->lock);
-    }
-    if (list->i_alloced_arena) {
-	NSSArena_Destroy(list->arena);
-	list = NULL;
-    }
-    nss_ZFreeIf(list);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssList_SetCompareFunction(nssList *list, nssListCompareFunc compareFunc)
-{
-    list->compareFunc = compareFunc;
-}
-
-NSS_IMPLEMENT void
-nssList_SetSortFunction(nssList *list, nssListSortFunc sortFunc)
-{
-    /* XXX if list already has elements, sort them */
-    list->sortFunc = sortFunc;
-}
-
-NSS_IMPLEMENT nssListCompareFunc
-nssList_GetCompareFunction(nssList *list)
-{
-    return list->compareFunc;
-}
-
-NSS_IMPLEMENT void
-nssList_Clear(nssList *list, nssListElementDestructorFunc destructor)
-{
-    PRCList *link;
-    nssListElement *node, *tmp;
-    NSSLIST_LOCK_IF(list);
-    node = list->head;
-    list->head = NULL;
-    while (node && list->count > 0) {
-	if (destructor) (*destructor)(node->data);
-	link = &node->link;
-	tmp = (nssListElement *)PR_NEXT_LINK(link);
-	PR_REMOVE_LINK(link);
-	nss_ZFreeIf(node);
-	node = tmp;
-	--list->count;
-    }
-    NSSLIST_UNLOCK_IF(list);
-}
-
-static PRStatus
-nsslist_add_element(nssList *list, void *data)
-{
-    nssListElement *node = nss_ZNEW(list->arena, nssListElement);
-    if (!node) {
-	return PR_FAILURE;
-    }
-    PR_INIT_CLIST(&node->link);
-    node->data = data;
-    if (list->head) {
-	if (list->sortFunc) {
-	    PRCList *link;
-	    nssListElement *currNode;
-	    currNode = list->head;
-	    /* insert in ordered list */
-	    while (currNode) {
-		link = &currNode->link;
-		if (list->sortFunc(data, currNode->data) <= 0) {
-		    /* new element goes before current node */
-		    PR_INSERT_BEFORE(&node->link, link);
-		    /* reset head if this is first */
-		    if (currNode == list->head) list->head = node;
-		    break;
-		}
-		if (link == PR_LIST_TAIL(&list->head->link)) {
-		    /* reached end of list, append */
-		    PR_INSERT_AFTER(&node->link, link);
-		    break;
-		}
-		currNode = (nssListElement *)PR_NEXT_LINK(&currNode->link);
-	    }
-	} else {
-	    /* not sorting */
-	    PR_APPEND_LINK(&node->link, &list->head->link);
-	}
-    } else {
-	list->head = node;
-    }
-    ++list->count;
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Add(nssList *list, void *data)
-{
-    PRStatus nssrv;
-    NSSLIST_LOCK_IF(list);
-    nssrv = nsslist_add_element(list, data);
-    NSSLIST_UNLOCK_IF(list);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_AddUnique(nssList *list, void *data)
-{
-    PRStatus nssrv;
-    nssListElement *node;
-    NSSLIST_LOCK_IF(list);
-    node = nsslist_get_matching_element(list, data);
-    if (node) {
-	/* already in, finish */
-	NSSLIST_UNLOCK_IF(list);
-	return PR_SUCCESS;
-    }
-    nssrv = nsslist_add_element(list, data);
-    NSSLIST_UNLOCK_IF(list);
-    return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Remove(nssList *list, void *data)
-{
-    nssListElement *node;
-    NSSLIST_LOCK_IF(list);
-    node = nsslist_get_matching_element(list, data);
-    if (node) {
-	if (node == list->head) {
-	    list->head = (nssListElement *)PR_NEXT_LINK(&node->link);
-	}
-	PR_REMOVE_LINK(&node->link);
-	nss_ZFreeIf(node);
-	if (--list->count == 0) {
-	    list->head = NULL;
-	}
-    }
-    NSSLIST_UNLOCK_IF(list);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void *
-nssList_Get(nssList *list, void *data)
-{
-    nssListElement *node;
-    NSSLIST_LOCK_IF(list);
-    node = nsslist_get_matching_element(list, data);
-    NSSLIST_UNLOCK_IF(list);
-    return (node) ? node->data : NULL;
-}
-
-NSS_IMPLEMENT PRUint32
-nssList_Count(nssList *list)
-{
-    return list->count;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_GetArray(nssList *list, void **rvArray, PRUint32 maxElements)
-{
-    nssListElement *node;
-    PRUint32 i = 0;
-    PR_ASSERT(maxElements > 0);
-    node = list->head;
-    if (!node) {
-	return PR_SUCCESS;
-    }
-    NSSLIST_LOCK_IF(list);
-    while (node) {
-	rvArray[i++] = node->data;
-	if (i == maxElements) break;
-	node = (nssListElement *)PR_NEXT_LINK(&node->link);
-	if (node == list->head) {
-	    break;
-	}
-    }
-    NSSLIST_UNLOCK_IF(list);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssList *
-nssList_Clone(nssList *list)
-{
-    nssList *rvList;
-    nssListElement *node;
-    rvList = nssList_Create(NULL, (list->lock != NULL));
-    if (!rvList) {
-	return NULL;
-    }
-    NSSLIST_LOCK_IF(list);
-    if (list->count > 0) {
-	node = list->head;
-	while (PR_TRUE) {
-	    nssList_Add(rvList, node->data);
-	    node = (nssListElement *)PR_NEXT_LINK(&node->link);
-	    if (node == list->head) {
-		break;
-	    }
-	}
-    }
-    NSSLIST_UNLOCK_IF(list);
-    return rvList;
-}
-
-NSS_IMPLEMENT nssListIterator *
-nssList_CreateIterator(nssList *list)
-{
-    nssListIterator *rvIterator;
-    rvIterator = nss_ZNEW(NULL, nssListIterator);
-    if (!rvIterator) {
-	return NULL;
-    }
-    rvIterator->list = nssList_Clone(list);
-    if (!rvIterator->list) {
-	nss_ZFreeIf(rvIterator);
-	return NULL;
-    }
-    rvIterator->current = rvIterator->list->head;
-    if (list->lock) {
-	rvIterator->lock = PZ_NewLock(nssILockOther);
-	if (!rvIterator->lock) {
-	    nssList_Destroy(rvIterator->list);
-	    nss_ZFreeIf(rvIterator);
-	}
-    }
-    return rvIterator;
-}
-
-NSS_IMPLEMENT void
-nssListIterator_Destroy(nssListIterator *iter)
-{
-    if (iter->lock) {
-	(void)PZ_DestroyLock(iter->lock);
-    }
-    nssList_Destroy(iter->list);
-    nss_ZFreeIf(iter);
-}
-
-NSS_IMPLEMENT void *
-nssListIterator_Start(nssListIterator *iter)
-{
-    NSSLIST_LOCK_IF(iter);
-    if (iter->list->count == 0) {
-	return NULL;
-    }
-    iter->current = iter->list->head;
-    return iter->current->data;
-}
-
-NSS_IMPLEMENT void *
-nssListIterator_Next(nssListIterator *iter)
-{
-    nssListElement *node;
-    PRCList *link;
-    if (iter->list->count == 1 || iter->current == NULL) {
-	/* Reached the end of the list.  Don't change the state, force to
-	 * user to call nssList_Finish to clean up.
-	 */
-	return NULL;
-    }
-    node = (nssListElement *)PR_NEXT_LINK(&iter->current->link);
-    link = &node->link;
-    if (link == PR_LIST_TAIL(&iter->list->head->link)) {
-	/* Signal the end of the list. */
-	iter->current = NULL;
-	return node->data;
-    }
-    iter->current = node;
-    return node->data;
-}
-
-NSS_IMPLEMENT PRStatus
-nssListIterator_Finish(nssListIterator *iter)
-{
-    iter->current = iter->list->head;
-    return (iter->lock) ? PZ_Unlock(iter->lock) : PR_SUCCESS;
-}
-
diff --git a/security/nss/lib/base/manifest.mn b/security/nss/lib/base/manifest.mn
deleted file mode 100644
index 13cf9447b..000000000
--- a/security/nss/lib/base/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
-	baset.h		  \
-	base.h		  \
-	$(NULL)
-
-EXPORTS =	   \
-	nssbaset.h \
-	nssbase.h  \
-	$(NULL)
-
-MODULE = security
-
-CSRCS =		   \
-	arena.c	   \
-	error.c	   \
-	errorval.c \
-	hashops.c  \
-	libc.c	   \
-	tracker.c  \
-	item.c     \
-	utf8.c	   \
-	list.c     \
-	hash.c     \
-	whatnspr.c \
-	$(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssb
diff --git a/security/nss/lib/base/nssbase.h b/security/nss/lib/base/nssbase.h
deleted file mode 100644
index 3960a7810..000000000
--- a/security/nss/lib/base/nssbase.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSBASE_H
-#define NSSBASE_H
-
-#ifdef DEBUG
-static const char NSSBASE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssbase.h
- *
- * This header file contains the prototypes of the basic public
- * NSS routines.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSArena
- *
- * The public methods relating to this type are:
- *
- *  NSSArena_Create  -- constructor
- *  NSSArena_Destroy
- */
-
-/*
- * NSSArena_Create
- *
- * This routine creates a new memory arena.  This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The top-level error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSArena upon success
- */
-
-NSS_EXTERN NSSArena *
-NSSArena_Create
-(
-  void
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it.  This routine returns a PRStatus value; if 
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The top-level error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSArena_Destroy
-(
-  NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-
-/*
- * The error stack
- *
- * The public methods relating to the error stack are:
- *
- *  NSS_GetError
- *  NSS_GetErrorStack
- */
-
-/*
- * NSS_GetError
- *
- * This routine returns the highest-level (most general) error set
- * by the most recent NSS library routine called by the same thread
- * calling this routine.
- *
- * This routine cannot fail.  It may return NSS_ERROR_NO_ERROR, which
- * indicates that the previous NSS library call did not set an error.
- *
- * Return value:
- *  0 if no error has been set
- *  A nonzero error number
- */
-
-NSS_EXTERN NSSError
-NSS_GetError
-(
-  void
-);
-
-extern const NSSError NSS_ERROR_NO_ERROR;
-
-/*
- * NSS_GetErrorStack
- *
- * This routine returns a pointer to an array of NSSError values, 
- * containingthe entire sequence or "stack" of errors set by the most 
- * recent NSS library routine called by the same thread calling this 
- * routine.  NOTE: the caller DOES NOT OWN the memory pointed to by 
- * the return value.  The pointer will remain valid until the calling 
- * thread calls another NSS routine.  The lowest-level (most specific) 
- * error is first in the array, and the highest-level is last.  The 
- * array is zero-terminated.  This routine may return NULL upon error; 
- * this indicates a low-memory situation.
- *
- * Return value:
- *  NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
- *  A NON-caller-owned pointer to an array of NSSError values
- */
-
-NSS_EXTERN NSSError *
-NSS_GetErrorStack
-(
-  void
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSBASE_H */
diff --git a/security/nss/lib/base/nssbaset.h b/security/nss/lib/base/nssbaset.h
deleted file mode 100644
index c3e84c46e..000000000
--- a/security/nss/lib/base/nssbaset.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSBASET_H
-#define NSSBASET_H
-
-#ifdef DEBUG
-static const char NSSBASET_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssbaset.h
- *
- * This file contains the most low-level, fundamental public types.
- */
-
-#include "nspr.h"
-#include "nssilock.h"
-
-/*
- * NSS_EXTERN, NSS_IMPLEMENT, NSS_EXTERN_DATA, NSS_IMPLEMENT_DATA
- *
- * NSS has its own versions of these NSPR macros, in a form which
- * does not confuse ctags and other related utilities.  NSPR 
- * defines these macros to take the type as an argument, because
- * of a requirement to support win16 dlls.  We do not have that
- * requirement, so we can drop that restriction.
- */
-
-#define DUMMY	/* dummy */
-#define NSS_EXTERN         PR_EXTERN(DUMMY)
-#define NSS_IMPLEMENT      PR_IMPLEMENT(DUMMY)
-#define NSS_EXTERN_DATA    PR_EXTERN_DATA(DUMMY)
-#define NSS_IMPLEMENT_DATA PR_IMPLEMENT_DATA(DUMMY)
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSError
- *
- * Calls to NSS routines may result in one or more errors being placed
- * on the calling thread's "error stack."  Every possible error that
- * may be returned from a function is declared where the function is 
- * prototyped.  All errors are of the following type.
- */
-
-typedef PRInt32 NSSError;
-
-/*
- * NSSArena
- *
- * Arenas are logical sets of heap memory, from which memory may be
- * allocated.  When an arena is destroyed, all memory allocated within
- * that arena is implicitly freed.  These arenas are thread-safe: 
- * an arena pointer may be used by multiple threads simultaneously.
- * However, as they are not backed by shared memory, they may only be
- * used within one process.
- */
-
-struct NSSArenaStr;
-typedef struct NSSArenaStr NSSArena;
-
-/*
- * NSSItem
- *
- * This is the basic type used to refer to an unconstrained datum of
- * arbitrary size.
- */
-
-struct NSSItemStr {
-  void *data;
-  PRUint32 size;
-};
-typedef struct NSSItemStr NSSItem;
-
-
-/*
- * NSSBER
- *
- * Data packed according to the Basic Encoding Rules of ASN.1.
- */
-
-typedef NSSItem NSSBER;
-
-/*
- * NSSDER
- *
- * Data packed according to the Distinguished Encoding Rules of ASN.1;
- * this form is also known as the Canonical Encoding Rules form (CER).
- */
-
-typedef NSSBER NSSDER;
-
-/*
- * NSSBitString
- *
- * Some ASN.1 types use "bit strings," which are passed around as
- * octet strings but whose length is counted in bits.  We use this
- * typedef of NSSItem to point out the occasions when the length
- * is counted in bits, not octets.
- */
-
-typedef NSSItem NSSBitString;
-
-/*
- * NSSUTF8
- *
- * Character strings encoded in UTF-8, as defined by RFC 2279.
- */
-
-typedef char NSSUTF8;
-
-/*
- * NSSASCII7
- *
- * Character strings guaranteed to be 7-bit ASCII.
- */
-
-typedef char NSSASCII7;
-
-PR_END_EXTERN_C
-
-#endif /* NSSBASET_H */
diff --git a/security/nss/lib/base/tracker.c b/security/nss/lib/base/tracker.c
deleted file mode 100644
index 5be77b7cf..000000000
--- a/security/nss/lib/base/tracker.c
+++ /dev/null
@@ -1,543 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * tracker.c
- * 
- * This file contains the code used by the pointer-tracking calls used
- * in the debug builds to catch bad pointers.  The entire contents are
- * only available in debug builds (both internal and external builds).
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef DEBUG
-
-/*
- * call_once
- *
- * Unfortunately, NSPR's PR_CallOnce function doesn't accept a closure
- * variable.  So I have a static version here which does.  This code 
- * is based on NSPR's, and uses the NSPR function to initialize the
- * required lock.
- */
-
-/*
- * The is the "once block" that's passed to the "real" PR_CallOnce
- * function, to call the local initializer myOnceFunction once.
- */
-static PRCallOnceType myCallOnce;
-
-/*
- * This structure is used by the call_once function to make sure that
- * any "other" threads calling the call_once don't return too quickly,
- * before the initializer has finished.
- */
-static struct {
-  PZLock *ml;
-  PZCondVar *cv;
-} mod_init;
-
-/*
- * This is the initializer for the above mod_init structure.
- */
-static PRStatus
-myOnceFunction
-(
-  void
-)
-{
-  mod_init.ml = PZ_NewLock(nssILockOther);
-  if( (PZLock *)NULL == mod_init.ml ) {
-    return PR_FAILURE;
-  }
-
-  mod_init.cv = PZ_NewCondVar(mod_init.ml);
-  if( (PZCondVar *)NULL == mod_init.cv ) {
-    PZ_DestroyLock(mod_init.ml);
-    mod_init.ml = (PZLock *)NULL;
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * The nss call_once callback takes a closure argument.
- */
-typedef PRStatus (PR_CALLBACK *nssCallOnceFN)(void *arg);
-
-/*
- * NSS's call_once function.
- */
-static PRStatus
-call_once
-(
-  PRCallOnceType *once,
-  nssCallOnceFN func,
-  void *arg
-)
-{
-  PRStatus rv;
-
-  if( !myCallOnce.initialized ) {
-    rv = PR_CallOnce(&myCallOnce, myOnceFunction);
-    if( PR_SUCCESS != rv ) {
-      return rv;
-    }
-  }
-
-  if( !once->initialized ) {
-    if( 0 == PR_AtomicSet(&once->inProgress, 1) ) {
-      once->status = (*func)(arg);
-      PZ_Lock(mod_init.ml);
-      once->initialized = 1;
-      PZ_NotifyAllCondVar(mod_init.cv);
-      PZ_Unlock(mod_init.ml);
-    } else {
-      PZ_Lock(mod_init.ml);
-      while( !once->initialized ) {
-        PZ_WaitCondVar(mod_init.cv, PR_INTERVAL_NO_TIMEOUT);
-      }
-      PZ_Unlock(mod_init.ml);
-    }
-  }
-
-  return once->status;
-}
-
-/*
- * Now we actually get to my own "call once" payload function.
- * But wait, to create the hash, I need a hash function!
- */
-
-/*
- * identity_hash
- *
- * This static callback is a PLHashFunction as defined in plhash.h
- * It merely returns the value of the object pointer as its hash.
- * There are no possible errors.
- */
-
-static PLHashNumber PR_CALLBACK
-identity_hash
-(
-  const void *key
-)
-{
-  return (PLHashNumber)key;
-}
-
-/*
- * trackerOnceFunc
- *
- * This function is called once, using the nssCallOnce function above.
- * It creates a new pointer tracker object; initialising its hash
- * table and protective lock.
- */
-
-static PRStatus
-trackerOnceFunc
-(
-  void *arg
-)
-{
-  nssPointerTracker *tracker = (nssPointerTracker *)arg;
-
-  tracker->lock = PZ_NewLock(nssILockOther);
-  if( (PZLock *)NULL == tracker->lock ) {
-    return PR_FAILURE;
-  }
-
-  tracker->table = PL_NewHashTable(0, 
-                                   identity_hash, 
-                                   PL_CompareValues,
-                                   PL_CompareValues,
-                                   (PLHashAllocOps *)NULL, 
-                                   (void *)NULL);
-  if( (PLHashTable *)NULL == tracker->table ) {
-    PZ_DestroyLock(tracker->lock);
-    tracker->lock = (PZLock *)NULL;
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_initialize
- *
- * This method is only present in debug builds.
- * 
- * This routine initializes an nssPointerTracker object.  Note that
- * the object must have been declared *static* to guarantee that it
- * is in a zeroed state initially.  This routine is idempotent, and
- * may even be safely called by multiple threads simultaneously with 
- * the same argument.  This routine returns a PRStatus value; if 
- * successful, it will return PR_SUCCESS.  On failure it will set an 
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_initialize
-(
-  nssPointerTracker *tracker
-)
-{
-  PRStatus rv = call_once(&tracker->once, trackerOnceFunc, tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-  }
-
-  return rv;
-}
-
-#ifdef DONT_DESTROY_EMPTY_TABLES
-/* See same #ifdef below */
-/*
- * count_entries
- *
- * This static routine is a PLHashEnumerator, as defined in plhash.h.
- * It merely causes the enumeration function to count the number of
- * entries.
- */
-
-static PRIntn PR_CALLBACK
-count_entries
-(
-  PLHashEntry *he,
-  PRIntn index,
-  void *arg
-)
-{
-  return HT_ENUMERATE_NEXT;
-}
-#endif /* DONT_DESTROY_EMPTY_TABLES */
-
-/*
- * zero_once
- *
- * This is a guaranteed zeroed once block.  It's used to help clear
- * the tracker.
- */
-
-static const PRCallOnceType zero_once;
-
-/*
- * nssPointerTracker_finalize
- *
- * This method is only present in debug builds.
- * 
- * This routine returns the nssPointerTracker object to the pre-
- * initialized state, releasing all resources used by the object.
- * It will *NOT* destroy the objects being tracked by the pointer
- * (should any remain), and therefore cannot be used to "sweep up"
- * remaining objects.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCES.  On failure it will set an
- * error on the error stack and return PR_FAILURE.  If any objects
- * remain in the tracker when it is finalized, that will be treated
- * as an error.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_TRACKER_NOT_INITIALIZED
- *  NSS_ERROR_TRACKER_NOT_EMPTY
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_finalize
-(
-  nssPointerTracker *tracker
-)
-{
-  PZLock *lock;
-
-  if( (nssPointerTracker *)NULL == tracker ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  if( (PZLock *)NULL == tracker->lock ) {
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  lock = tracker->lock;
-  PZ_Lock(lock);
-
-  if( (PLHashTable *)NULL == tracker->table ) {
-    PZ_Unlock(lock);
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-#ifdef DONT_DESTROY_EMPTY_TABLES
-  /*
-   * I changed my mind; I think we don't want this after all.
-   * Comments?
-   */
-  count = PL_HashTableEnumerateEntries(tracker->table, 
-                                       count_entries,
-                                       (void *)NULL);
-
-  if( 0 != count ) {
-    PZ_Unlock(lock);
-    nss_SetError(NSS_ERROR_TRACKER_NOT_EMPTY);
-    return PR_FAILURE;
-  }
-#endif /* DONT_DESTROY_EMPTY_TABLES */
-
-  PL_HashTableDestroy(tracker->table);
-  /* memset(tracker, 0, sizeof(nssPointerTracker)); */
-  tracker->once = zero_once;
-  tracker->lock = (PZLock *)NULL;
-  tracker->table = (PLHashTable *)NULL;
-
-  PZ_Unlock(lock);
-  PZ_DestroyLock(lock);
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_add
- *
- * This method is only present in debug builds.
- *
- * This routine adds the specified pointer to the nssPointerTracker
- * object.  It should be called in constructor objects to register
- * new valid objects.  The nssPointerTracker is threadsafe, but this
- * call is not idempotent.  This routine returns a PRStatus value;
- * if successful it will return PR_SUCCESS.  On failure it will set
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_TRACKER_NOT_INITIALIZED
- *  NSS_ERROR_DUPLICATE_POINTER
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_add
-(
-  nssPointerTracker *tracker,
-  const void *pointer
-)
-{
-  void *check;
-  PLHashEntry *entry;
-
-  if( (nssPointerTracker *)NULL == tracker ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  if( (PZLock *)NULL == tracker->lock ) {
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  PZ_Lock(tracker->lock);
-
-  if( (PLHashTable *)NULL == tracker->table ) {
-    PZ_Unlock(tracker->lock);
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  check = PL_HashTableLookup(tracker->table, pointer);
-  if( (void *)NULL != check ) {
-    PZ_Unlock(tracker->lock);
-    nss_SetError(NSS_ERROR_DUPLICATE_POINTER);
-    return PR_FAILURE;
-  }
-
-  entry = PL_HashTableAdd(tracker->table, pointer, (void *)pointer);
-
-  PZ_Unlock(tracker->lock);
-
-  if( (PLHashEntry *)NULL == entry ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-  
-/*
- * nssPointerTracker_remove
- *
- * This method is only present in debug builds.
- *
- * This routine removes the specified pointer from the 
- * nssPointerTracker object.  It does not call any destructor for the
- * object; rather, this should be called from the object's destructor.
- * The nssPointerTracker is threadsafe, but this call is not 
- * idempotent.  This routine returns a PRStatus value; if successful 
- * it will return PR_SUCCESS.  On failure it will set an error on the 
- * error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_TRACKER_NOT_INITIALIZED
- *  NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_remove
-(
-  nssPointerTracker *tracker,
-  const void *pointer
-)
-{
-  PRBool registered;
-
-  if( (nssPointerTracker *)NULL == tracker ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  if( (PZLock *)NULL == tracker->lock ) {
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  PZ_Lock(tracker->lock);
-
-  if( (PLHashTable *)NULL == tracker->table ) {
-    PZ_Unlock(tracker->lock);
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  registered = PL_HashTableRemove(tracker->table, pointer);
-  PZ_Unlock(tracker->lock);
-
-  if( !registered ) {
-    nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_verify
- *
- * This method is only present in debug builds.
- *
- * This routine verifies that the specified pointer has been registered
- * with the nssPointerTracker object.  The nssPointerTracker object is
- * threadsafe, and this call may be safely called from multiple threads
- * simultaneously with the same arguments.  This routine returns a
- * PRStatus value; if the pointer is registered this will return 
- * PR_SUCCESS.  Otherwise it will set an error on the error stack and 
- * return PR_FAILURE.  Although the error is suitable for leaving on 
- * the stack, callers may wish to augment the information available by 
- * placing a more type-specific error on the stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_TRACKER_NOT_INITIALIZED
- *  NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- *  PR_SUCCESS
- *  PR_FAILRUE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_verify
-(
-  nssPointerTracker *tracker,
-  const void *pointer
-)
-{
-  void *check;
-
-  if( (nssPointerTracker *)NULL == tracker ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  if( (PZLock *)NULL == tracker->lock ) {
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  PZ_Lock(tracker->lock);
-
-  if( (PLHashTable *)NULL == tracker->table ) {
-    PZ_Unlock(tracker->lock);
-    nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
-    return PR_FAILURE;
-  }
-
-  check = PL_HashTableLookup(tracker->table, pointer);
-  PZ_Unlock(tracker->lock);
-
-  if( (void *)NULL == check ) {
-    nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
diff --git a/security/nss/lib/base/utf8.c b/security/nss/lib/base/utf8.c
deleted file mode 100644
index 3a8641f95..000000000
--- a/security/nss/lib/base/utf8.c
+++ /dev/null
@@ -1,759 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * utf8.c
- *
- * This file contains some additional utility routines required for
- * handling UTF8 strings.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include "plstr.h"
-
-/*
- * NOTES:
- *
- * There's an "is hex string" function in pki1/atav.c.  If we need
- * it in more places, pull that one out.
- */
-
-/*
- * nssUTF8_CaseIgnoreMatch
- * 
- * Returns true if the two UTF8-encoded strings pointed to by the 
- * two specified NSSUTF8 pointers differ only in typcase.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_TRUE if the strings match, ignoring case
- *  PR_FALSE if they don't
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_CaseIgnoreMatch
-(
-  const NSSUTF8 *a,
-  const NSSUTF8 *b,
-  PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
-  if( ((const NSSUTF8 *)NULL == a) ||
-      ((const NSSUTF8 *)NULL == b) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  /*
-   * XXX fgmr
-   *
-   * This is, like, so wrong!
-   */
-  if( 0 == PL_strcasecmp((const char *)a, (const char *)b) ) {
-    return PR_TRUE;
-  } else {
-    return PR_FALSE;
-  }
-}
-
-/*
- * nssUTF8_PrintableMatch
- *
- * Returns true if the two Printable strings pointed to by the 
- * two specified NSSUTF8 pointers match when compared with the 
- * rules for Printable String (leading and trailing spaces are 
- * disregarded, extents of whitespace match irregardless of length, 
- * and case is not significant), then PR_TRUE will be returned.
- * Otherwise, PR_FALSE will be returned.  Upon failure, PR_FALSE
- * will be returned.  If the optional statusOpt argument is not
- * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
- * location.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  PR_TRUE if the strings match, ignoring case
- *  PR_FALSE if they don't
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_PrintableMatch
-(
-  const NSSUTF8 *a,
-  const NSSUTF8 *b,
-  PRStatus *statusOpt
-)
-{
-  PRUint8 *c;
-  PRUint8 *d;
-
-#ifdef NSSDEBUG
-  if( ((const NSSUTF8 *)NULL == a) ||
-      ((const NSSUTF8 *)NULL == b) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  c = (PRUint8 *)a;
-  d = (PRUint8 *)b;
-
-  while( ' ' == *c ) {
-    c++;
-  }
-
-  while( ' ' == *d ) {
-    d++;
-  }
-
-  while( ('\0' != *c) && ('\0' != *d) ) {
-    PRUint8 e, f;
-
-    e = *c;
-    f = *d;
-    
-    if( ('a' <= e) && (e <= 'z') ) {
-      e -= ('a' - 'A');
-    }
-
-    if( ('a' <= f) && (f <= 'z') ) {
-      f -= ('a' - 'A');
-    }
-
-    if( e != f ) {
-      return PR_FALSE;
-    }
-
-    c++;
-    d++;
-
-    if( ' ' == *c ) {
-      while( ' ' == *c ) {
-        c++;
-      }
-      c--;
-    }
-
-    if( ' ' == *d ) {
-      while( ' ' == *d ) {
-        d++;
-      }
-      d--;
-    }
-  }
-
-  while( ' ' == *c ) {
-    c++;
-  }
-
-  while( ' ' == *d ) {
-    d++;
-  }
-
-  if( *c == *d ) {
-    /* And both '\0', btw */
-    return PR_TRUE;
-  } else {
-    return PR_FALSE;
-  }
-}
-
-/*
- * nssUTF8_Duplicate
- *
- * This routine duplicates the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.  If the optional arenaOpt argument is
- * not null, the memory required will be obtained from that arena;
- * otherwise, the memory required will be obtained from the heap.
- * A pointer to the new string will be returned.  In case of error,
- * an error will be placed on the error stack and NULL will be 
- * returned.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_Duplicate
-(
-  const NSSUTF8 *s,
-  NSSArena *arenaOpt
-)
-{
-  NSSUTF8 *rv;
-  PRUint32 len;
-
-#ifdef NSSDEBUG
-  if( (const NSSUTF8 *)NULL == s ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  len = PL_strlen((const char *)s);
-#ifdef PEDANTIC
-  if( '\0' != ((const char *)s)[ len ] ) {
-    /* must have wrapped, e.g., too big for PRUint32 */
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* PEDANTIC */
-  len++; /* zero termination */
-
-  rv = nss_ZAlloc(arenaOpt, len);
-  if( (void *)NULL == rv ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  (void)nsslibc_memcpy(rv, s, len);
-  return rv;
-}
-
-/*
- * nssUTF8_Size
- *
- * This routine returns the length in bytes (including the terminating
- * null) of the UTF8-encoded string pointed to by the specified
- * NSSUTF8 pointer.  Zero is returned on error.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- *  0 on error
- *  nonzero length of the string.
- */
-
-NSS_IMPLEMENT PRUint32
-nssUTF8_Size
-(
-  const NSSUTF8 *s,
-  PRStatus *statusOpt
-)
-{
-  PRUint32 sv;
-
-#ifdef NSSDEBUG
-  if( (const NSSUTF8 *)NULL == s ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return 0;
-  }
-#endif /* NSSDEBUG */
-
-  sv = PL_strlen((const char *)s) + 1;
-#ifdef PEDANTIC
-  if( '\0' != ((const char *)s)[ sv-1 ] ) {
-    /* wrapped */
-    nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return 0;
-  }
-#endif /* PEDANTIC */
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  return sv;
-}
-
-/*
- * nssUTF8_Length
- *
- * This routine returns the length in characters (not including the
- * terminating null) of the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_VALUE_TOO_LARGE
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  length of the string (which may be zero)
- *  0 on error
- */
-
-NSS_IMPLEMENT PRUint32
-nssUTF8_Length
-(
-  const NSSUTF8 *s,
-  PRStatus *statusOpt
-)
-{
-  PRUint32 l = 0;
-  const PRUint8 *c = (const PRUint8 *)s;
-
-#ifdef NSSDEBUG
-  if( (const NSSUTF8 *)NULL == s ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    goto loser;
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * From RFC 2044:
-   *
-   * UCS-4 range (hex.)           UTF-8 octet sequence (binary)
-   * 0000 0000-0000 007F   0xxxxxxx
-   * 0000 0080-0000 07FF   110xxxxx 10xxxxxx
-   * 0000 0800-0000 FFFF   1110xxxx 10xxxxxx 10xxxxxx
-   * 0001 0000-001F FFFF   11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
-   * 0020 0000-03FF FFFF   111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
-   * 0400 0000-7FFF FFFF   1111110x 10xxxxxx ... 10xxxxxx
-   */  
-
-  while( 0 != *c ) {
-    PRUint32 incr;
-    if( (*c & 0x80) == 0 ) {
-      incr = 1;
-    } else if( (*c & 0xE0) == 0xC0 ) {
-      incr = 2;
-    } else if( (*c & 0xF0) == 0xE0 ) {
-      incr = 3;
-    } else if( (*c & 0xF8) == 0xF0 ) {
-      incr = 4;
-    } else if( (*c & 0xFC) == 0xF8 ) {
-      incr = 5;
-    } else if( (*c & 0xFE) == 0xFC ) {
-      incr = 6;
-    } else {
-      nss_SetError(NSS_ERROR_INVALID_STRING);
-      goto loser;
-    }
-
-    l += incr;
-
-#ifdef PEDANTIC
-    if( l < incr ) {
-      /* Wrapped-- too big */
-      nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
-      goto loser;
-    }
-
-    {
-      PRUint8 *d;
-      for( d = &c[1]; d < &c[incr]; d++ ) {
-        if( (*d & 0xC0) != 0xF0 ) {
-          nss_SetError(NSS_ERROR_INVALID_STRING);
-          goto loser;
-        }
-      }
-    }
-#endif /* PEDANTIC */
-
-    c += incr;
-  }
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  return l;
-
- loser:
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_FAILURE;
-  }
-
-  return 0;
-}
-
-
-/*
- * nssUTF8_Create
- *
- * This routine creates a UTF8 string from a string in some other
- * format.  Some types of string may include embedded null characters,
- * so for them the length parameter must be used.  For string types
- * that are null-terminated, the length parameter is optional; if it
- * is zero, it will be ignored.  If the optional arena argument is
- * non-null, the memory used for the new string will be obtained from
- * that arena, otherwise it will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following:
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_UNSUPPORTED_TYPE
- *
- * Return value:
- *  NULL upon error
- *  A non-null pointer to a new UTF8 string otherwise
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR; /* XXX fgmr */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_Create
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  const void *inputString,
-  PRUint32 size /* in bytes, not characters */
-)
-{
-  NSSUTF8 *rv = NULL;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-
-  if( (const void *)NULL == inputString ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  switch( type ) {
-  case nssStringType_DirectoryString:
-    /* This is a composite type requiring BER */
-    nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
-    break;
-  case nssStringType_TeletexString:
-    /*
-     * draft-ietf-pkix-ipki-part1-11 says in part:
-     *
-     * In addition, many legacy implementations support names encoded 
-     * in the ISO 8859-1 character set (Latin1String) but tag them as 
-     * TeletexString.  The Latin1String includes characters used in 
-     * Western European countries which are not part of the 
-     * TeletexString charcter set.  Implementations that process 
-     * TeletexString SHOULD be prepared to handle the entire ISO 
-     * 8859-1 character set.[ISO 8859-1].
-     */
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_PrintableString:
-    /*
-     * PrintableString consists of A-Za-z0-9 ,()+,-./:=?
-     * This is a subset of ASCII, which is a subset of UTF8.
-     * So we can just duplicate the string over.
-     */
-
-    if( 0 == size ) {
-      rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
-    } else {
-      rv = nss_ZAlloc(arenaOpt, size+1);
-      if( (NSSUTF8 *)NULL == rv ) {
-        return (NSSUTF8 *)NULL;
-      }
-
-      (void)nsslibc_memcpy(rv, inputString, size);
-    }
-
-    break;
-  case nssStringType_UniversalString:
-    /* 4-byte unicode */
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_BMPString:
-    /* Base Multilingual Plane of Unicode */
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_UTF8String:
-    if( 0 == size ) {
-      rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
-    } else {
-      rv = nss_ZAlloc(arenaOpt, size+1);
-      if( (NSSUTF8 *)NULL == rv ) {
-        return (NSSUTF8 *)NULL;
-      }
-
-      (void)nsslibc_memcpy(rv, inputString, size);
-    }
-
-    break;
-  case nssStringType_PHGString:
-    /* 
-     * PHGString is an IA5String (with case-insensitive comparisons).
-     * IA5 is ~almost~ ascii; ascii has dollar-sign where IA5 has
-     * currency symbol.
-     */
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_GeneralString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
-    break;
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssUTF8_GetEncoding
-(
-  NSSArena *arenaOpt,
-  NSSItem *rvOpt,
-  nssStringType type,
-  NSSUTF8 *string
-)
-{
-  NSSItem *rv = (NSSItem *)NULL;
-  PRStatus status = PR_SUCCESS;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSItem *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSItem *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  switch( type ) {
-  case nssStringType_DirectoryString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_TeletexString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_PrintableString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_UniversalString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_BMPString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  case nssStringType_UTF8String:
-    {
-      NSSUTF8 *dup = nssUTF8_Duplicate(string, arenaOpt);
-      if( (NSSUTF8 *)NULL == dup ) {
-        return (NSSItem *)NULL;
-      }
-
-      if( (NSSItem *)NULL == rvOpt ) {
-        rv = nss_ZNEW(arenaOpt, NSSItem);
-        if( (NSSItem *)NULL == rv ) {
-          (void)nss_ZFreeIf(dup);
-          return (NSSItem *)NULL;
-        }
-      } else {
-        rv = rvOpt;
-      }
-
-      rv->data = dup;
-      dup = (NSSUTF8 *)NULL;
-      rv->size = nssUTF8_Size(rv->data, &status);
-      if( (0 == rv->size) && (PR_SUCCESS != status) ) {
-        if( (NSSItem *)NULL == rvOpt ) {
-          (void)nss_ZFreeIf(rv);
-        }
-        return (NSSItem *)NULL;
-      }
-    }
-    break;
-  case nssStringType_PHGString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
-    break;
-  }
-
-  return rv;
-}
-
-/*
- * nssUTF8_CopyIntoFixedBuffer
- *
- * This will copy a UTF8 string into a fixed-length buffer, making 
- * sure that the all characters are valid.  Any remaining space will
- * be padded with the specified ASCII character, typically either 
- * null or space.
- *
- * Blah, blah, blah.
- */
-
-NSS_IMPLEMENT PRStatus
-nssUTF8_CopyIntoFixedBuffer
-(
-  NSSUTF8 *string,
-  char *buffer,
-  PRUint32 bufferSize,
-  char pad
-)
-{
-  PRUint32 stringSize = 0;
-
-#ifdef NSSDEBUG
-  if( (char *)NULL == buffer ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FALSE;
-  }
-
-  if( 0 == bufferSize ) {
-    nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-    return PR_FALSE;
-  }
-
-  if( (pad & 0x80) != 0x00 ) {
-    nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == string ) {
-    string = (NSSUTF8 *) "";
-  }
-
-  stringSize = nssUTF8_Size(string, (PRStatus *)NULL);
-  stringSize--; /* don't count the trailing null */
-  if( stringSize > bufferSize ) {
-    PRUint32 bs = bufferSize;
-    (void)nsslibc_memcpy(buffer, string, bufferSize);
-    
-    if( (            ((buffer[ bs-1 ] & 0x80) == 0x00)) ||
-        ((bs > 1) && ((buffer[ bs-2 ] & 0xE0) == 0xC0)) ||
-        ((bs > 2) && ((buffer[ bs-3 ] & 0xF0) == 0xE0)) ||
-        ((bs > 3) && ((buffer[ bs-4 ] & 0xF8) == 0xF0)) ||
-        ((bs > 4) && ((buffer[ bs-5 ] & 0xFC) == 0xF8)) ||
-        ((bs > 5) && ((buffer[ bs-6 ] & 0xFE) == 0xFC)) ) {
-      /* It fit exactly */
-      return PR_SUCCESS;
-    }
-
-    /* Too long.  We have to trim the last character */
-    for( /*bs*/; bs != 0; bs-- ) {
-      if( (buffer[bs-1] & 0xC0) != 0x80 ) {
-        buffer[bs-1] = pad;
-        break;
-      } else {
-        buffer[bs-1] = pad;
-      }
-    }      
-  } else {
-    (void)nsslibc_memset(buffer, pad, bufferSize);
-    (void)nsslibc_memcpy(buffer, string, stringSize);
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssUTF8_Equal
- *
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_Equal
-(
-  const NSSUTF8 *a,
-  const NSSUTF8 *b,
-  PRStatus *statusOpt
-)
-{
-  PRUint32 la, lb;
-
-#ifdef NSSDEBUG
-  if( ((const NSSUTF8 *)NULL == a) ||
-      ((const NSSUTF8 *)NULL == b) ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  la = nssUTF8_Size(a, statusOpt);
-  if( 0 == la ) {
-    return PR_FALSE;
-  }
-
-  lb = nssUTF8_Size(b, statusOpt);
-  if( 0 == lb ) {
-    return PR_FALSE;
-  }
-
-  if( la != lb ) {
-    return PR_FALSE;
-  }
-
-  return nsslibc_memequal(a, b, la, statusOpt);
-}
diff --git a/security/nss/lib/base/whatnspr.c b/security/nss/lib/base/whatnspr.c
deleted file mode 100644
index 5303ec256..000000000
--- a/security/nss/lib/base/whatnspr.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This file isolates us from differences in NSPR versions.
- * We have to detect the library with which we're running at
- * runtime, and switch behaviours there.  This lets us do
- * stuff like load cryptoki modules in Communicator.
- *
- * Hey, it's the PORT layer all over again!
- */
-
-static int whatnspr = 0;
-
-static int
-set_whatnspr
-(
-  void
-)
-{
-  /*
-   * The only runtime difference I could find was the
-   * return value of PR_dtoa.  We can't just look for
-   * a symbol in NSPR >=2, because it'll always be
-   * found (because we compile against NSPR >=2).
-   * Maybe we could look for a symbol merely in NSPR 1?
-   *
-   */
-
-  char buffer[64];
-  int decpt = 0, sign = 0;
-  char *rve = (char *)0;
-  /* extern int PR_dtoa(double, int, int, int *, int *, char **, char *, int); */
-  int r = (int)PR_dtoa((double)1.0, 0, 5, &decpt, &sign, &rve, 
-                       buffer, sizeof(buffer));
-
-  switch( r ) {
-  case 0:
-  case -1:
-    whatnspr = 2;
-    /*
-     * If we needed to, *now* we could look up "libVersionPoint"
-     * and get more data there.. except all current NSPR's (up
-     * to NSPR 4.x at time of writing) still say 2 in their
-     * version structure.
-     */
-    break;
-  default:
-    whatnspr = 1;
-    break;
-  }
-
-  return whatnspr;
-}
-
-#define WHATNSPR (whatnspr ? whatnspr : set_whatnspr())
-
-NSS_IMPLEMENT PRStatus
-nss_NewThreadPrivateIndex
-(
-  PRUintn *ip,
-  PRThreadPrivateDTOR dtor
-)
-{
-  switch( WHATNSPR ) {
-  case 1:
-    {
-      PRLibrary *l = (PRLibrary *)0;
-      void *f = PR_FindSymbolAndLibrary("PR_NewThreadPrivateID", &l);
-      typedef PRInt32 (*ntpt)(void);
-      ntpt ntp = (ntpt) f;
-
-      PR_ASSERT((void *)0 != f);
-
-      *ip = ntp();
-      return PR_SUCCESS;
-    }
-  case 2:
-  default:
-    return PR_NewThreadPrivateIndex(ip, dtor);
-  }
-}
-
-NSS_IMPLEMENT void *
-nss_GetThreadPrivate
-(
-  PRUintn i
-)
-{
-  switch( WHATNSPR ) {
-  case 1:
-    {
-      PRLibrary *l = (PRLibrary *)0;
-      void *f = PR_FindSymbolAndLibrary("PR_GetThreadPrivate", &l);
-      typedef void *(*gtpt)(PRThread *, PRInt32);
-      gtpt gtp = (gtpt) f;
-
-      PR_ASSERT((void *)0 != f);
-
-      return gtp(PR_CurrentThread(), i);
-    }
-  case 2:
-  default:
-    return PR_GetThreadPrivate(i);
-  }
-}
-
-NSS_IMPLEMENT void
-nss_SetThreadPrivate
-(
-  PRUintn i,
-  void *v
-)
-{
-  switch( WHATNSPR ) {
-  case 1:
-    {
-      PRLibrary *l = (PRLibrary *)0;
-      void *f = PR_FindSymbolAndLibrary("PR_SetThreadPrivate", &l);
-      typedef PRStatus (*stpt)(PRThread *, PRInt32, void *);
-      stpt stp = (stpt) f;
-
-      PR_ASSERT((void *)0 != f);
-
-      (void)stp(PR_CurrentThread(), i, v);
-      return;
-    }
-  case 2:
-  default:
-    (void)PR_SetThreadPrivate(i, v);
-    return;
-  }
-}
diff --git a/security/nss/lib/certdb/.cvsignore b/security/nss/lib/certdb/.cvsignore
deleted file mode 100644
index ec60123e5..000000000
--- a/security/nss/lib/certdb/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-nscertinit.c
diff --git a/security/nss/lib/certdb/Makefile b/security/nss/lib/certdb/Makefile
deleted file mode 100644
index 12eff17ab..000000000
--- a/security/nss/lib/certdb/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c
deleted file mode 100644
index aa3ea1b3b..000000000
--- a/security/nss/lib/certdb/alg1485.c
+++ /dev/null
@@ -1,969 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "xconst.h"
-#include "genname.h"
-#include "secitem.h"
-#include "secerr.h"
-
-struct NameToKind {
-    char *name;
-    SECOidTag kind;
-};
-
-static struct NameToKind name2kinds[] = {
-    { "CN",   		SEC_OID_AVA_COMMON_NAME, 		},
-    { "ST",   		SEC_OID_AVA_STATE_OR_PROVINCE, 		},
-    { "OU",   		SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME,	},
-    { "DC",   		SEC_OID_AVA_DC,	},
-    { "C",    		SEC_OID_AVA_COUNTRY_NAME, 		},
-    { "O",    		SEC_OID_AVA_ORGANIZATION_NAME, 		},
-    { "L",    		SEC_OID_AVA_LOCALITY, 			},
-    { "dnQualifier",	SEC_OID_AVA_DN_QUALIFIER, 		},
-    { "E",    		SEC_OID_PKCS9_EMAIL_ADDRESS, 		},
-    { "UID",  		SEC_OID_RFC1274_UID, 			},
-    { "MAIL", 		SEC_OID_RFC1274_MAIL, 			},
-    { 0,      		SEC_OID_UNKNOWN 			},
-};
-
-#define C_DOUBLE_QUOTE '\042'
-
-#define C_BACKSLASH '\134'
-
-#define C_EQUAL '='
-
-#define OPTIONAL_SPACE(c) \
-    (((c) == ' ') || ((c) == '\r') || ((c) == '\n'))
-
-#define SPECIAL_CHAR(c)						\
-    (((c) == ',') || ((c) == '=') || ((c) == C_DOUBLE_QUOTE) ||	\
-     ((c) == '\r') || ((c) == '\n') || ((c) == '+') ||		\
-     ((c) == '<') || ((c) == '>') || ((c) == '#') ||		\
-     ((c) == ';') || ((c) == C_BACKSLASH))
-
-
-
-
-
-
-
-#if 0
-/*
-** Find the start and end of a <string>. Strings can be wrapped in double
-** quotes to protect special characters.
-*/
-static int BracketThing(char **startp, char *end, char *result)
-{
-    char *start = *startp;
-    char c;
-
-    /* Skip leading white space */
-    while (start < end) {
-	c = *start++;
-	if (!OPTIONAL_SPACE(c)) {
-	    start--;
-	    break;
-	}
-    }
-    if (start == end) return 0;
-
-    switch (*start) {
-      case '#':
-	/* Process hex thing */
-	start++;
-	*startp = start;
-	while (start < end) {
-	    c = *start++;
-	    if (((c >= '0') && (c <= '9')) ||
-		((c >= 'a') && (c <= 'f')) ||
-		((c >= 'A') && (c <= 'F'))) {
-		continue;
-	    }
-	    break;
-	}
-	rv = IS_HEX;
-	break;
-
-      case C_DOUBLE_QUOTE:
-	start++;
-	*startp = start;
-	while (start < end) {
-	    c = *start++;
-	    if (c == C_DOUBLE_QUOTE) {
-		break;
-	    }
-	    *result++ = c;
-	}
-	rv = IS_STRING;
-	break;
-
-      default:
-	while (start < end) {
-	    c = *start++;
-	    if (SPECIAL_CHAR(c)) {
-		start--;
-		break;
-	    }
-	    *result++ = c;
-	}
-	rv = IS_STRING;
-	break;
-    }
-
-    /* Terminate result string */
-    *result = 0;
-    return start;
-}
-
-static char *BracketSomething(char **startp, char* end, int spacesOK)
-{
-    char *start = *startp;
-    char c;
-    int stopAtDQ;
-
-    /* Skip leading white space */
-    while (start < end) {
-	c = *start;
-	if (!OPTIONAL_SPACE(c)) {
-	    break;
-	}
-	start++;
-    }
-    if (start == end) return 0;
-    stopAtDQ = 0;
-    if (*start == C_DOUBLE_QUOTE) {
-	stopAtDQ = 1;
-    }
-
-    /*
-    ** Find the end of the something. The something is terminated most of
-    ** the time by a space. However, if spacesOK is true then it is
-    ** terminated by a special character only.
-    */
-    *startp = start;
-    while (start < end) {
-	c = *start;
-	if (stopAtDQ) {
-	    if (c == C_DOUBLE_QUOTE) {
-		*start = ' ';
-		break;
-	    }
-	} else {
-	if (SPECIAL_CHAR(c)) {
-	    break;
-	}
-	if (!spacesOK && OPTIONAL_SPACE(c)) {
-	    break;
-	}
-	}
-	start++;
-    }
-    return start;
-}
-#endif
-
-#define IS_PRINTABLE(c)						\
-    ((((c) >= 'a') && ((c) <= 'z')) ||				\
-     (((c) >= 'A') && ((c) <= 'Z')) ||				\
-     (((c) >= '0') && ((c) <= '9')) ||				\
-     ((c) == ' ') ||						\
-     ((c) == '\'') ||						\
-     ((c) == '\050') ||				/* ( */		\
-     ((c) == '\051') ||				/* ) */		\
-     (((c) >= '+') && ((c) <= '/')) ||		/* + , - . / */	\
-     ((c) == ':') ||						\
-     ((c) == '=') ||						\
-     ((c) == '?'))
-
-static PRBool
-IsPrintable(unsigned char *data, unsigned len)
-{
-    unsigned char ch, *end;
-
-    end = data + len;
-    while (data < end) {
-	ch = *data++;
-	if (!IS_PRINTABLE(ch)) {
-	    return PR_FALSE;
-	}
-    }
-    return PR_TRUE;
-}
-
-static PRBool
-Is7Bit(unsigned char *data, unsigned len)
-{
-    unsigned char ch, *end;
-
-    end = data + len;
-    while (data < end) {
-        ch = *data++;
-        if ((ch & 0x80)) {
-            return PR_FALSE;
-        }
-    }
-    return PR_TRUE;
-}
-
-static void
-skipSpace(char **pbp, char *endptr)
-{
-    char *bp = *pbp;
-    while (bp < endptr && OPTIONAL_SPACE(*bp)) {
-	bp++;
-    }
-    *pbp = bp;
-}
-
-static SECStatus
-scanTag(char **pbp, char *endptr, char *tagBuf, int tagBufSize)
-{
-    char *bp, *tagBufp;
-    int taglen;
-
-    PORT_Assert(tagBufSize > 0);
-    
-    /* skip optional leading space */
-    skipSpace(pbp, endptr);
-    if (*pbp == endptr) {
-	/* nothing left */
-	return SECFailure;
-    }
-    
-    /* fill tagBuf */
-    taglen = 0;
-    bp = *pbp;
-    tagBufp = tagBuf;
-    while (bp < endptr && !OPTIONAL_SPACE(*bp) && (*bp != C_EQUAL)) {
-	if (++taglen >= tagBufSize) {
-	    *pbp = bp;
-	    return SECFailure;
-	}
-	*tagBufp++ = *bp++;
-    }
-    /* null-terminate tagBuf -- guaranteed at least one space left */
-    *tagBufp++ = 0;
-    *pbp = bp;
-    
-    /* skip trailing spaces till we hit something - should be an equal sign */
-    skipSpace(pbp, endptr);
-    if (*pbp == endptr) {
-	/* nothing left */
-	return SECFailure;
-    }
-    if (**pbp != C_EQUAL) {
-	/* should be an equal sign */
-	return SECFailure;
-    }
-    /* skip over the equal sign */
-    (*pbp)++;
-    
-    return SECSuccess;
-}
-
-static SECStatus
-scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)  
-{
-    char *bp, *valBufp;
-    int vallen;
-    PRBool isQuoted;
-    
-    PORT_Assert(valBufSize > 0);
-    
-    /* skip optional leading space */
-    skipSpace(pbp, endptr);
-    if(*pbp == endptr) {
-	/* nothing left */
-	return SECFailure;
-    }
-    
-    bp = *pbp;
-    
-    /* quoted? */
-    if (*bp == C_DOUBLE_QUOTE) {
-	isQuoted = PR_TRUE;
-	/* skip over it */
-	bp++;
-    } else {
-	isQuoted = PR_FALSE;
-    }
-    
-    valBufp = valBuf;
-    vallen = 0;
-    while (bp < endptr) {
-	char c = *bp;
-	if (c == C_BACKSLASH) {
-	    /* escape character */
-	    bp++;
-	    if (bp >= endptr) {
-		/* escape charater must appear with paired char */
-		*pbp = bp;
-		return SECFailure;
-	    }
-	} else if (!isQuoted && SPECIAL_CHAR(c)) {
-	    /* unescaped special and not within quoted value */
-	    break;
-	} else if (c == C_DOUBLE_QUOTE) {
-	    /* reached unescaped double quote */
-	    break;
-	}
-	/* append character */
-        vallen++;
-	if (vallen >= valBufSize) {
-	    *pbp = bp;
-	    return SECFailure;
-	}
-	*valBufp++ = *bp++;
-    }
-    
-    /* stip trailing spaces from unquoted values */
-    if (!isQuoted) {
-	if (valBufp > valBuf) {
-	    valBufp--;
-	    while ((valBufp > valBuf) && OPTIONAL_SPACE(*valBufp)) {
-		valBufp--;
-	    }
-	    valBufp++;
-	}
-    }
-    
-    if (isQuoted) {
-	/* insist that we stopped on a double quote */
-	if (*bp != C_DOUBLE_QUOTE) {
-	    *pbp = bp;
-	    return SECFailure;
-	}
-	/* skip over the quote and skip optional space */
-	bp++;
-	skipSpace(&bp, endptr);
-    }
-    
-    *pbp = bp;
-    
-    if (valBufp == valBuf) {
-	/* empty value -- not allowed */
-	return SECFailure;
-    }
-    
-    /* null-terminate valBuf -- guaranteed at least one space left */
-    *valBufp++ = 0;
-    
-    return SECSuccess;
-}
-
-CERTAVA *
-CERT_ParseRFC1485AVA(PRArenaPool *arena, char **pbp, char *endptr,
-		    PRBool singleAVA) 
-{
-    CERTAVA *a;
-    struct NameToKind *n2k;
-    int vt;
-    int valLen;
-    char *bp;
-
-    char tagBuf[32];
-    char valBuf[384];
-
-    if (scanTag(pbp, endptr, tagBuf, sizeof(tagBuf)) == SECFailure ||
-	scanVal(pbp, endptr, valBuf, sizeof(valBuf)) == SECFailure) {
-	PORT_SetError(SEC_ERROR_INVALID_AVA);
-	return 0;
-    }
-
-    /* insist that if we haven't finished we've stopped on a separator */
-    bp = *pbp;
-    if (bp < endptr) {
-	if (singleAVA || (*bp != ',' && *bp != ';')) {
-	    PORT_SetError(SEC_ERROR_INVALID_AVA);
-	    *pbp = bp;
-	    return 0;
-	}
-	/* ok, skip over separator */
-	bp++;
-    }
-    *pbp = bp;
-
-    for (n2k = name2kinds; n2k->name; n2k++) {
-	if (PORT_Strcasecmp(n2k->name, tagBuf) == 0) {
-	    valLen = PORT_Strlen(valBuf);
-	    if (n2k->kind == SEC_OID_AVA_COUNTRY_NAME) {
-		vt = SEC_ASN1_PRINTABLE_STRING;
-		if (valLen != 2) {
-		    PORT_SetError(SEC_ERROR_INVALID_AVA);
-		    return 0;
-		}
-		if (!IsPrintable((unsigned char*) valBuf, 2)) {
-		    PORT_SetError(SEC_ERROR_INVALID_AVA);
-		    return 0;
-		}
-	    } else if ((n2k->kind == SEC_OID_PKCS9_EMAIL_ADDRESS) ||
-		       (n2k->kind == SEC_OID_RFC1274_MAIL)) {
-		vt = SEC_ASN1_IA5_STRING;
-	    } else {
-		/* Hack -- for rationale see X.520 DirectoryString defn */
-		if (IsPrintable((unsigned char*)valBuf, valLen)) {
-		    vt = SEC_ASN1_PRINTABLE_STRING;
-                } else if (Is7Bit((unsigned char *)valBuf, valLen)) {
-                    vt = SEC_ASN1_T61_STRING;
-		} else {
-		    vt = SEC_ASN1_UNIVERSAL_STRING;
-		}
-	    }
-	    a = CERT_CreateAVA(arena, n2k->kind, vt, (char *) valBuf);
-	    return a;
-	}
-    }
-    /* matched no kind -- invalid tag */
-    PORT_SetError(SEC_ERROR_INVALID_AVA);
-    return 0;
-}
-
-static CERTName *
-ParseRFC1485Name(char *buf, int len)
-{
-    SECStatus rv;
-    CERTName *name;
-    char *bp, *e;
-    CERTAVA *ava;
-    CERTRDN *rdn;
-
-    name = CERT_CreateName(NULL);
-    if (name == NULL) {
-	return NULL;
-    }
-    
-    e = buf + len;
-    bp = buf;
-    while (bp < e) {
-	ava = CERT_ParseRFC1485AVA(name->arena, &bp, e, PR_FALSE);
-	if (ava == 0) goto loser;
-	rdn = CERT_CreateRDN(name->arena, ava, 0);
-	if (rdn == 0) goto loser;
-	rv = CERT_AddRDN(name, rdn);
-	if (rv) goto loser;
-	skipSpace(&bp, e);
-    }
-
-    if (name->rdns[0] == 0) {
-	/* empty name -- illegal */
-	goto loser;
-    }
-
-    /* Reverse order of RDNS to comply with RFC */
-    {
-	CERTRDN **firstRdn;
-	CERTRDN **lastRdn;
-	CERTRDN *tmp;
-	
-	/* get first one */
-	firstRdn = name->rdns;
-	
-	/* find last one */
-	lastRdn = name->rdns;
-	while (*lastRdn) lastRdn++;
-	lastRdn--;
-	
-	/* reverse list */
-	for ( ; firstRdn < lastRdn; firstRdn++, lastRdn--) {
-	    tmp = *firstRdn;
-	    *firstRdn = *lastRdn;
-	    *lastRdn = tmp;
-	}
-    }
-    
-    /* return result */
-    return name;
-    
-  loser:
-    CERT_DestroyName(name);
-    return NULL;
-}
-
-CERTName *
-CERT_AsciiToName(char *string)
-{
-    CERTName *name;
-    name = ParseRFC1485Name(string, PORT_Strlen(string));
-    return name;
-}
-
-/************************************************************************/
-
-static SECStatus
-AppendStr(char **bufp, unsigned *buflenp, char *str)
-{
-    char *buf;
-    unsigned bufLen, bufSize, len;
-
-    /* Figure out how much to grow buf by (add in the '\0') */
-    buf = *bufp;
-    bufLen = *buflenp;
-    len = PORT_Strlen(str);
-    bufSize = bufLen + len;
-    if (buf) {
-	buf = (char*) PORT_Realloc(buf, bufSize);
-    } else {
-	bufSize++;
-	buf = (char*) PORT_Alloc(bufSize);
-    }
-    if (!buf) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    *bufp = buf;
-    *buflenp = bufSize;
-
-    /* Concatenate str onto buf */
-    buf = buf + bufLen;
-    if (bufLen) buf--;			/* stomp on old '\0' */
-    PORT_Memcpy(buf, str, len+1);		/* put in new null */
-    return SECSuccess;
-}
-
-SECStatus
-CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen)
-{
-    int i, reqLen=0;
-    char *d = dst;
-    PRBool needsQuoting = PR_FALSE;
-    
-    /* need to make an initial pass to determine if quoting is needed */
-    for (i = 0; i < srclen; i++) {
-	char c = src[i];
-	reqLen++;
-	if (SPECIAL_CHAR(c)) {
-	    /* entirety will need quoting */
-	    needsQuoting = PR_TRUE;
-	}
-	if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
-	    /* this char will need escaping */
-	    reqLen++;
-	}
-    }
-    /* if it begins or ends in optional space it needs quoting */
-    if (srclen > 0 &&
-	(OPTIONAL_SPACE(src[srclen-1]) || OPTIONAL_SPACE(src[0]))) {
-	needsQuoting = PR_TRUE;
-    }
-    
-    if (needsQuoting) reqLen += 2;
-
-    /* space for terminal null */
-    reqLen++;
-    
-    if (reqLen > dstlen) {
-	PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-	return SECFailure;
-    }
-    
-    d = dst;
-    if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
-    for (i = 0; i < srclen; i++) {
-	char c = src[i];
-	if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
-	    /* escape it */
-	    *d++ = C_BACKSLASH;
-	}
-	*d++ = c;
-    }
-    if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
-    *d++ = 0;
-    return SECSuccess;
-}
-
-static SECStatus
-AppendAVA(char **bufp, unsigned *buflenp, CERTAVA *ava)
-{
-    char *tagName;
-    char tmpBuf[384];
-    unsigned len, maxLen;
-    int tag;
-    SECStatus rv;
-    SECItem *avaValue = NULL;
-
-    tag = CERT_GetAVATag(ava);
-    switch (tag) {
-      case SEC_OID_AVA_COUNTRY_NAME:
-	tagName = "C";
-	maxLen = 2;
-	break;
-      case SEC_OID_AVA_ORGANIZATION_NAME:
-	tagName = "O";
-	maxLen = 64;
-	break;
-      case SEC_OID_AVA_COMMON_NAME:
-	tagName = "CN";
-	maxLen = 64;
-	break;
-      case SEC_OID_AVA_LOCALITY:
-	tagName = "L";
-	maxLen = 128;
-	break;
-      case SEC_OID_AVA_STATE_OR_PROVINCE:
-	tagName = "ST";
-	maxLen = 128;
-	break;
-      case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
-	tagName = "OU";
-	maxLen = 64;
-	break;
-      case SEC_OID_AVA_DC:
-	tagName = "DC";
-	maxLen = 128;
-	break;
-      case SEC_OID_AVA_DN_QUALIFIER:
-	tagName = "dnQualifier";
-	maxLen = 0x7fff;
-	break;
-      case SEC_OID_PKCS9_EMAIL_ADDRESS:
-	tagName = "E";
-	maxLen = 128;
-	break;
-      case SEC_OID_RFC1274_UID:
-	tagName = "UID";
-	maxLen = 256;
-	break;
-      case SEC_OID_RFC1274_MAIL:
-	tagName = "MAIL";
-	maxLen = 256;
-	break;
-      default:
-#if 0
-	PORT_SetError(SEC_ERROR_INVALID_AVA);
-	return SECFailure;
-#else
-	rv = AppendStr(bufp, buflenp, "ERR=Unknown AVA");
-	return rv;
-#endif
-    }
-
-    avaValue = CERT_DecodeAVAValue(&ava->value);
-    if(!avaValue) {
-	return SECFailure;
-    }
-
-    /* Check value length */
-    if (avaValue->len > maxLen) {
-	PORT_SetError(SEC_ERROR_INVALID_AVA);
-	return SECFailure;
-    }
-
-    len = PORT_Strlen(tagName);
-    PORT_Memcpy(tmpBuf, tagName, len);
-    tmpBuf[len++] = '=';
-    
-    /* escape and quote as necessary */
-    rv = CERT_RFC1485_EscapeAndQuote(tmpBuf+len, sizeof(tmpBuf)-len, 
-		    		     (char *)avaValue->data, avaValue->len);
-    SECITEM_FreeItem(avaValue, PR_TRUE);
-    if (rv) return SECFailure;
-    
-    rv = AppendStr(bufp, buflenp, tmpBuf);
-    return rv;
-}
-
-char *
-CERT_NameToAscii(CERTName *name)
-{
-    SECStatus rv;
-    CERTRDN** rdns;
-    CERTRDN** lastRdn;
-    CERTRDN** rdn;
-    CERTAVA** avas;
-    CERTAVA* ava;
-    PRBool first = PR_TRUE;
-    char *buf = NULL;
-    unsigned buflen = 0;
-    
-    rdns = name->rdns;
-    if (rdns == NULL) {
-	return NULL;
-    }
-    
-    /* find last RDN */
-    lastRdn = rdns;
-    while (*lastRdn) lastRdn++;
-    lastRdn--;
-    
-    /*
-     * Loop over name contents in _reverse_ RDN order appending to string
-     */
-    for (rdn = lastRdn; rdn >= rdns; rdn--) {
-	avas = (*rdn)->avas;
-	while ((ava = *avas++) != NULL) {
-	    /* Put in comma separator */
-	    if (!first) {
-		rv = AppendStr(&buf, &buflen, ", ");
-		if (rv) goto loser;
-	    } else {
-		first = PR_FALSE;
-	    }
-	    
-	    /* Add in tag type plus value into buf */
-	    rv = AppendAVA(&buf, &buflen, ava);
-	    if (rv) goto loser;
-	}
-    }
-    return buf;
-  loser:
-    PORT_Free(buf);
-    return NULL;
-}
-
-/*
- * Return the string representation of a DER encoded distinguished name
- * "dername" - The DER encoded name to convert
- */
-char *
-CERT_DerNameToAscii(SECItem *dername)
-{
-    int rv;
-    PRArenaPool *arena = NULL;
-    CERTName name;
-    char *retstr = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( arena == NULL) {
-	goto loser;
-    }
-    
-    rv = SEC_ASN1DecodeItem(arena, &name, CERT_NameTemplate, dername);
-    
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    retstr = CERT_NameToAscii(&name);
-
-loser:
-    if ( arena != NULL ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(retstr);
-}
-
-static char *
-CERT_GetNameElement(CERTName *name, int wantedTag)
-{
-    CERTRDN** rdns;
-    CERTRDN *rdn;
-    CERTAVA** avas;
-    CERTAVA* ava;
-    char *buf = 0;
-    int tag;
-    SECItem *decodeItem = NULL;
-    
-    rdns = name->rdns;
-    while ((rdn = *rdns++) != 0) {
-	avas = rdn->avas;
-	while ((ava = *avas++) != 0) {
-	    tag = CERT_GetAVATag(ava);
-	    if ( tag == wantedTag ) {
-		decodeItem = CERT_DecodeAVAValue(&ava->value);
-		if(!decodeItem) {
-		    return NULL;
-		}
-		buf = (char *)PORT_ZAlloc(decodeItem->len + 1);
-		if ( buf ) {
-		    PORT_Memcpy(buf, decodeItem->data, decodeItem->len);
-		    buf[decodeItem->len] = 0;
-		}
-		SECITEM_FreeItem(decodeItem, PR_TRUE);
-		goto done;
-	    }
-	}
-    }
-    
-  done:
-    return buf;
-}
-
-char *
-CERT_GetCertificateEmailAddress(CERTCertificate *cert)
-{
-    char *rawEmailAddr = NULL;
-    char *emailAddr = NULL;
-    SECItem subAltName;
-    SECStatus rv;
-    CERTGeneralName *nameList = NULL;
-    CERTGeneralName *current;
-    PRArenaPool *arena = NULL;
-    int i;
-    
-    subAltName.data = NULL;
-
-    rawEmailAddr = CERT_GetNameElement(&(cert->subject), SEC_OID_PKCS9_EMAIL_ADDRESS);
-    if ( rawEmailAddr == NULL ) {
-	rawEmailAddr = CERT_GetNameElement(&(cert->subject), SEC_OID_RFC1274_MAIL);
-    }
-    if ( rawEmailAddr == NULL) {
-
-	rv = CERT_FindCertExtension(cert,  SEC_OID_X509_SUBJECT_ALT_NAME, &subAltName);
-	if (rv != SECSuccess) {
-	    goto finish;
-	}
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (!arena) {
-	    goto finish;
-	}
-	nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName);
-	if (!nameList ) {
-	    goto finish;
-	}
-	if (nameList != NULL) {
-	    do {
-		if (current->type == certDirectoryName) {
-		    rawEmailAddr = CERT_GetNameElement(&(current->name.directoryName), 
-						       SEC_OID_PKCS9_EMAIL_ADDRESS);
-		    if ( rawEmailAddr == NULL ) {
-			rawEmailAddr = CERT_GetNameElement(&(current->name.directoryName), 
-							   SEC_OID_RFC1274_MAIL);
-		    }
-		} else if (current->type == certRFC822Name) {
-		    rawEmailAddr = (char*)PORT_ZAlloc(current->name.other.len + 1);
-		    if (!rawEmailAddr) {
-			goto finish;
-		    }
-		    PORT_Memcpy(rawEmailAddr, current->name.other.data, 
-				current->name.other.len);
-		    rawEmailAddr[current->name.other.len] = '\0';
-		}
-		if (rawEmailAddr) {
-		    break;
-		}
-		current = cert_get_next_general_name(current);
-	    } while (current != nameList);
-	}
-    }
-    if (rawEmailAddr) {
-	emailAddr = (char*)PORT_ArenaZAlloc(cert->arena, PORT_Strlen(rawEmailAddr) + 1);
-	for (i = 0; i <= PORT_Strlen(rawEmailAddr); i++) {
-	    emailAddr[i] = tolower(rawEmailAddr[i]);
-	}
-    } else {
-	emailAddr = NULL;
-    }
-
-finish:
-    if ( rawEmailAddr ) {
-	PORT_Free(rawEmailAddr);
-    }
-
-    /* Don't free nameList, it's part of the arena. */
-
-    if (arena) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-
-    if ( subAltName.data ) {
-	SECITEM_FreeItem(&subAltName, PR_FALSE);
-    }
-
-    return(emailAddr);
-}
-
-char *
-CERT_GetCertEmailAddress(CERTName *name)
-{
-    char *rawEmailAddr;
-    char *emailAddr;
-
-    
-    rawEmailAddr = CERT_GetNameElement(name, SEC_OID_PKCS9_EMAIL_ADDRESS);
-    if ( rawEmailAddr == NULL ) {
-	rawEmailAddr = CERT_GetNameElement(name, SEC_OID_RFC1274_MAIL);
-    }
-    emailAddr = CERT_FixupEmailAddr(rawEmailAddr);
-    if ( rawEmailAddr ) {
-	PORT_Free(rawEmailAddr);
-    }
-    return(emailAddr);
-}
-
-char *
-CERT_GetCommonName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_COMMON_NAME));
-}
-
-char *
-CERT_GetCountryName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_COUNTRY_NAME));
-}
-
-char *
-CERT_GetLocalityName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_LOCALITY));
-}
-
-char *
-CERT_GetStateName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_STATE_OR_PROVINCE));
-}
-
-char *
-CERT_GetOrgName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_ORGANIZATION_NAME));
-}
-
-char *
-CERT_GetDomainComponentName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_DC));
-}
-
-char *
-CERT_GetOrgUnitName(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME));
-}
-
-char *
-CERT_GetDnQualifier(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_AVA_DN_QUALIFIER));
-}
-
-char *
-CERT_GetCertUid(CERTName *name)
-{
-    return(CERT_GetNameElement(name, SEC_OID_RFC1274_UID));
-}
-
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h
deleted file mode 100644
index ad0f6864e..000000000
--- a/security/nss/lib/certdb/cert.h
+++ /dev/null
@@ -1,1371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * cert.h - public data structures and prototypes for the certificate library
- *
- * $Id$
- */
-
-#ifndef _CERT_H_
-#define _CERT_H_
-
-#include "plarena.h"
-#include "plhash.h"
-#include "prlong.h"
-#include "prlog.h"
-
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "keyt.h"
-#include "certt.h"
-
-SEC_BEGIN_PROTOS
-   
-/****************************************************************************
- *
- * RFC1485 ascii to/from X.? RelativeDistinguishedName (aka CERTName)
- *
- ****************************************************************************/
-
-/*
-** Convert an ascii RFC1485 encoded name into its CERTName equivalent.
-*/
-extern CERTName *CERT_AsciiToName(char *string);
-
-/*
-** Convert an CERTName into its RFC1485 encoded equivalent.
-*/
-extern char *CERT_NameToAscii(CERTName *name);
-
-extern CERTAVA *CERT_CopyAVA(PRArenaPool *arena, CERTAVA *src);
-
-/*
-** Examine an AVA and return the tag that refers to it. The AVA tags are
-** defined as SEC_OID_AVA*.
-*/
-extern SECOidTag CERT_GetAVATag(CERTAVA *ava);
-
-/*
-** Compare two AVA's, returning the difference between them.
-*/
-extern SECComparison CERT_CompareAVA(CERTAVA *a, CERTAVA *b);
-
-/*
-** Create an RDN (relative-distinguished-name). The argument list is a
-** NULL terminated list of AVA's.
-*/
-extern CERTRDN *CERT_CreateRDN(PRArenaPool *arena, CERTAVA *avas, ...);
-
-/*
-** Make a copy of "src" storing it in "dest".
-*/
-extern SECStatus CERT_CopyRDN(PRArenaPool *arena, CERTRDN *dest, CERTRDN *src);
-
-/*
-** Destory an RDN object.
-**	"rdn" the RDN to destroy
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyRDN(CERTRDN *rdn, PRBool freeit);
-
-/*
-** Add an AVA to an RDN.
-**	"rdn" the RDN to add to
-**	"ava" the AVA to add
-*/
-extern SECStatus CERT_AddAVA(PRArenaPool *arena, CERTRDN *rdn, CERTAVA *ava);
-
-/*
-** Compare two RDN's, returning the difference between them.
-*/
-extern SECComparison CERT_CompareRDN(CERTRDN *a, CERTRDN *b);
-
-/*
-** Create an X.500 style name using a NULL terminated list of RDN's.
-*/
-extern CERTName *CERT_CreateName(CERTRDN *rdn, ...);
-
-/*
-** Make a copy of "src" storing it in "dest". Memory is allocated in
-** "dest" for each of the appropriate sub objects. Memory is not freed in
-** "dest" before allocation is done (use CERT_DestroyName(dest, PR_FALSE) to
-** do that).
-*/
-extern SECStatus CERT_CopyName(PRArenaPool *arena, CERTName *dest, CERTName *src);
-
-/*
-** Destroy a Name object.
-**	"name" the CERTName to destroy
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyName(CERTName *name);
-
-/*
-** Add an RDN to a name.
-**	"name" the name to add the RDN to
-**	"rdn" the RDN to add to name
-*/
-extern SECStatus CERT_AddRDN(CERTName *name, CERTRDN *rdn);
-
-/*
-** Compare two names, returning the difference between them.
-*/
-extern SECComparison CERT_CompareName(CERTName *a, CERTName *b);
-
-/*
-** Convert a CERTName into something readable
-*/
-extern char *CERT_FormatName (CERTName *name);
-
-/*
-** Convert a der-encoded integer to a hex printable string form.
-** Perhaps this should be a SEC function but it's only used for certs.
-*/
-extern char *CERT_Hexify (SECItem *i, int do_colon);
-
-/******************************************************************************
- *
- * Certificate handling operations
- *
- *****************************************************************************/
-
-/*
-** Create a new validity object given two unix time values.
-**	"notBefore" the time before which the validity is not valid
-**	"notAfter" the time after which the validity is not valid
-*/
-extern CERTValidity *CERT_CreateValidity(int64 notBefore, int64 notAfter);
-
-/*
-** Destroy a validity object.
-**	"v" the validity to destroy
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyValidity(CERTValidity *v);
-
-/*
-** Copy the "src" object to "dest". Memory is allocated in "dest" for
-** each of the appropriate sub-objects. Memory in "dest" is not freed
-** before memory is allocated (use CERT_DestroyValidity(v, PR_FALSE) to do
-** that).
-*/
-extern SECStatus CERT_CopyValidity
-   (PRArenaPool *arena, CERTValidity *dest, CERTValidity *src);
-
-/*
-** The cert lib considers a cert or CRL valid if the "notBefore" time is
-** in the not-too-distant future, e.g. within the next 24 hours. This 
-** prevents freshly issued certificates from being considered invalid
-** because the local system's time zone is incorrectly set.  
-** The amount of "pending slop time" is adjustable by the application.
-** Units of SlopTime are seconds.  Default is 86400  (24 hours).
-** Negative SlopTime values are not allowed.
-*/
-PRInt32 CERT_GetSlopTime(void);
-
-SECStatus CERT_SetSlopTime(PRInt32 slop);
-
-/*
-** Create a new certificate object. The result must be wrapped with an
-** CERTSignedData to create a signed certificate.
-**	"serialNumber" the serial number
-**	"issuer" the name of the certificate issuer
-**	"validity" the validity period of the certificate
-**	"req" the certificate request that prompted the certificate issuance
-*/
-extern CERTCertificate *
-CERT_CreateCertificate (unsigned long serialNumber, CERTName *issuer,
-			CERTValidity *validity, CERTCertificateRequest *req);
-
-/*
-** Destroy a certificate object
-**	"cert" the certificate to destroy
-** NOTE: certificate's are reference counted. This call decrements the
-** reference count, and if the result is zero, then the object is destroyed
-** and optionally freed.
-*/
-extern void CERT_DestroyCertificate(CERTCertificate *cert);
-
-/*
-** Make a shallow copy of a certificate "c". Just increments the
-** reference count on "c".
-*/
-extern CERTCertificate *CERT_DupCertificate(CERTCertificate *c);
-
-/*
-** Create a new certificate request. This result must be wrapped with an
-** CERTSignedData to create a signed certificate request.
-**	"name" the subject name (who the certificate request is from)
-**	"spki" describes/defines the public key the certificate is for
-**	"attributes" if non-zero, some optional attribute data
-*/
-extern CERTCertificateRequest *
-CERT_CreateCertificateRequest (CERTName *name, CERTSubjectPublicKeyInfo *spki,
-			       SECItem **attributes);
-
-/*
-** Destroy a certificate-request object
-**	"r" the certificate-request to destroy
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyCertificateRequest(CERTCertificateRequest *r);
-
-/*
-** Extract a public key object from a SubjectPublicKeyInfo
-*/
-extern SECKEYPublicKey *CERT_ExtractPublicKey(CERTCertificate *cert);
-
-/*
- * used to get a public key with Key Material ID. Only used for fortezza V1
- * certificates.
- */
-extern SECKEYPublicKey *CERT_KMIDPublicKey(CERTCertificate *cert);
-
-
-/*
-** Retrieve the Key Type associated with the cert we're dealing with
-*/
-
-extern KeyType CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki);
-
-/*
-** Initialize the certificate database.  This is called to create
-**  the initial list of certificates in the database.
-*/
-extern SECStatus CERT_InitCertDB(CERTCertDBHandle *handle);
-
-/*
-** Default certificate database routines
-*/
-extern void CERT_SetDefaultCertDB(CERTCertDBHandle *handle);
-
-extern CERTCertDBHandle *CERT_GetDefaultCertDB(void);
-
-extern CERTCertList *CERT_GetCertChainFromCert(CERTCertificate *cert, 
-					       int64 time, 
-					       SECCertUsage usage);
-extern CERTCertificate *
-CERT_NewTempCertificate (CERTCertDBHandle *handle, SECItem *derCert,
-                         char *nickname, PRBool isperm, PRBool copyDER);
-
-
-/******************************************************************************
- *
- * X.500 Name handling operations
- *
- *****************************************************************************/
-
-/*
-** Create an AVA (attribute-value-assertion)
-**	"arena" the memory arena to alloc from
-**	"kind" is one of SEC_OID_AVA_*
-**	"valueType" is one of DER_PRINTABLE_STRING, DER_IA5_STRING, or
-**	   DER_T61_STRING
-**	"value" is the null terminated string containing the value
-*/
-extern CERTAVA *CERT_CreateAVA
-   (PRArenaPool *arena, SECOidTag kind, int valueType, char *value);
-
-/*
-** Extract the Distinguished Name from a DER encoded certificate
-**	"derCert" is the DER encoded certificate
-**	"derName" is the SECItem that the name is returned in
-*/
-extern SECStatus CERT_NameFromDERCert(SECItem *derCert, SECItem *derName);
-
-/*
-** Extract the Issuers Distinguished Name from a DER encoded certificate
-**	"derCert" is the DER encoded certificate
-**	"derName" is the SECItem that the name is returned in
-*/
-extern SECStatus CERT_IssuerNameFromDERCert(SECItem *derCert, 
-					    SECItem *derName);
-
-
-
-/*
-** Generate a database search key for a certificate, based on the
-** issuer and serial number.
-**	"arena" the memory arena to alloc from
-**	"derCert" the DER encoded certificate
-**	"key" the returned key
-*/
-extern SECStatus CERT_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-extern SECStatus CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer,
-					 SECItem *sn, SECItem *key);
-
-extern SECStatus CERT_SerialNumberFromDERCert(SECItem *derCert, 
-						SECItem *derName);
-
-
-/*
-** Generate a database search key for a crl, based on the
-** issuer.
-**	"arena" the memory arena to alloc from
-**	"derCrl" the DER encoded crl
-**	"key" the returned key
-*/
-extern SECStatus CERT_KeyFromDERCrl(PRArenaPool *arena, SECItem *derCrl, SECItem *key);
-
-/*
-** Open the certificate database.  Use callback to get name of database.
-*/
-extern SECStatus CERT_OpenCertDB(CERTCertDBHandle *handle, PRBool readOnly,
-				 CERTDBNameFunc namecb, void *cbarg);
-
-/* Open the certificate database.  Use given filename for database. */
-extern SECStatus CERT_OpenCertDBFilename(CERTCertDBHandle *handle,
-					 char *certdbname, PRBool readOnly);
-
-/*
-** Open and initialize a cert database that is entirely in memory.  This
-** can be used when the permanent database can not be opened or created.
-*/
-extern SECStatus CERT_OpenVolatileCertDB(CERTCertDBHandle *handle);
-
-/*
-** Check the hostname to make sure that it matches the shexp that
-** is given in the common name of the certificate.
-*/
-extern SECStatus CERT_VerifyCertName(CERTCertificate *cert, const char *hostname);
-
-/*
-** Add a domain name to the list of names that the user has explicitly
-** allowed (despite cert name mismatches) for use with a server cert.
-*/
-extern SECStatus CERT_AddOKDomainName(CERTCertificate *cert, const char *hostname);
-
-/*
-** Decode a DER encoded certificate into an CERTCertificate structure
-**	"derSignedCert" is the DER encoded signed certificate
-**	"copyDER" is true if the DER should be copied, false if the
-**		existing copy should be referenced
-**	"nickname" is the nickname to use in the database.  If it is NULL
-**		then a temporary nickname is generated.
-*/
-extern CERTCertificate *
-CERT_DecodeDERCertificate (SECItem *derSignedCert, PRBool copyDER, char *nickname);
-/*
-** Decode a DER encoded CRL/KRL into an CERTSignedCrl structure
-**	"derSignedCrl" is the DER encoded signed crl/krl.
-**	"type" is this a CRL or KRL.
-*/
-#define SEC_CRL_TYPE	1
-#define SEC_KRL_TYPE	0
-
-extern CERTSignedCrl *
-CERT_DecodeDERCrl (PRArenaPool *arena, SECItem *derSignedCrl,int type);
-
-/* Validate CRL then import it to the dbase.  If there is already a CRL with the
- * same CA in the dbase, it will be replaced if derCRL is more up to date.  
- * If the process successes, a CRL will be returned.  Otherwise, a NULL will 
- * be returned. The caller should call PORT_GetError() for the exactly error 
- * code.
- */
-extern CERTSignedCrl *
-CERT_ImportCRL (CERTCertDBHandle *handle, SECItem *derCRL, char *url, 
-						int type, void * wincx);
-
-extern void CERT_DestroyCrl (CERTSignedCrl *crl);
-
-/*
-** Decode a certificate and put it into the temporary certificate database
-*/
-extern CERTCertificate *
-CERT_DecodeCertificate (SECItem *derCert, char *nickname,PRBool copyDER);
-
-/*
-** Find a certificate in the database
-**	"key" is the database key to look for
-*/
-extern CERTCertificate *CERT_FindCertByKey(CERTCertDBHandle *handle, SECItem *key);
-
-/*
-** Find a certificate in the database by name
-**	"name" is the distinguished name to look up
-*/
-extern CERTCertificate *
-CERT_FindCertByName (CERTCertDBHandle *handle, SECItem *name);
-
-/*
-** Find a certificate in the database by name
-**	"name" is the distinguished name to look up (in ascii)
-*/
-extern CERTCertificate *
-CERT_FindCertByNameString (CERTCertDBHandle *handle, char *name);
-
-/*
-** Find a certificate in the database by name and keyid
-**	"name" is the distinguished name to look up
-**	"keyID" is the value of the subjectKeyID to match
-*/
-extern CERTCertificate *
-CERT_FindCertByKeyID (CERTCertDBHandle *handle, SECItem *name, SECItem *keyID);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database.  Return the cert if found.
-**	"issuerAndSN" is the issuer and serial number to look for
-*/
-extern CERTCertificate *
-CERT_FindCertByIssuerAndSN (CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a nickname
-**	"nickname" is the ascii string nickname to look for
-*/
-extern CERTCertificate *
-CERT_FindCertByNickname (CERTCertDBHandle *handle, char *nickname);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-**	"derCert" is the DER encoded certificate
-*/
-extern CERTCertificate *
-CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert);
-
-/*
-** Find a certificate in the database by a email address
-**	"emailAddr" is the email address to look up
-*/
-CERTCertificate *
-CERT_FindCertByEmailAddr(CERTCertDBHandle *handle, char *emailAddr);
-
-/*
-** Find a certificate in the database by a email address or nickname
-**	"name" is the email address or nickname to look up
-*/
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name);
-
-/*
-** Find a certificate in the database by a digest of a subject public key
-**	"spkDigest" is the digest to look up
-*/
-extern CERTCertificate *
-CERT_FindCertBySPKDigest(CERTCertDBHandle *handle, SECItem *spkDigest);
-
-/*
- * Find the issuer of a cert
- */
-CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage);
-
-/*
-** Check the validity times of a certificate vs. time 't', allowing
-** some slop for broken clocks and stuff.
-**	"cert" is the certificate to be checked
-**	"t" is the time to check against
-**	"allowOverride" if true then check to see if the invalidity has
-**		been overridden by the user.
-*/
-extern SECCertTimeValidity CERT_CheckCertValidTimes(CERTCertificate *cert,
-						    PRTime t,
-						    PRBool allowOverride);
-
-/*
-** WARNING - this function is depricated, and will either go away or have
-**		a new API in the near future.
-**
-** Check the validity times of a certificate vs. the current time, allowing
-** some slop for broken clocks and stuff.
-**	"cert" is the certificate to be checked
-*/
-extern SECStatus CERT_CertTimesValid(CERTCertificate *cert);
-
-/*
-** Extract the validity times from a certificate
-**	"c" is the certificate
-**	"notBefore" is the start of the validity period
-**	"notAfter" is the end of the validity period
-*/
-extern SECStatus
-CERT_GetCertTimes (CERTCertificate *c, PRTime *notBefore, PRTime *notAfter);
-
-/*
-** Extract the issuer and serial number from a certificate
-*/
-extern CERTIssuerAndSN *CERT_GetCertIssuerAndSN(PRArenaPool *, 
-							CERTCertificate *);
-
-/*
-** verify the signature of a signed data object with a given certificate
-**	"sd" the signed data object to be verified
-**	"cert" the certificate to use to check the signature
-*/
-extern SECStatus CERT_VerifySignedData(CERTSignedData *sd,
-				       CERTCertificate *cert,
-				       int64 t,
-				       void *wincx);
-
-/*
-** verify a certificate by checking validity times against a certain time,
-** that we trust the issuer, and that the signature on the certificate is
-** valid.
-**	"cert" the certificate to verify
-**	"checkSig" only check signatures if true
-*/
-extern SECStatus
-CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
-		PRBool checkSig, SECCertUsage certUsage, int64 t,
-		void *wincx, CERTVerifyLog *log);
-
-/* same as above, but uses current time */
-extern SECStatus
-CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
-		   PRBool checkSig, SECCertUsage certUsage, void *wincx);
-
-/*
-** This must only be called on a cert that is known to have an issuer
-** with an invalid time
-*/
-extern CERTCertificate *
-CERT_FindExpiredIssuer (CERTCertDBHandle *handle, CERTCertificate *cert);
-
-/*
-** Read a base64 ascii encoded DER certificate and convert it to our
-** internal format.
-**	"certstr" is a null-terminated string containing the certificate
-*/
-extern CERTCertificate *CERT_ConvertAndDecodeCertificate(char *certstr);
-
-/*
-** Read a certificate in some foreign format, and convert it to our
-** internal format.
-**	"certbuf" is the buffer containing the certificate
-**	"certlen" is the length of the buffer
-** NOTE - currently supports netscape base64 ascii encoded raw certs
-**  and netscape binary DER typed files.
-*/
-extern CERTCertificate *CERT_DecodeCertFromPackage(char *certbuf, int certlen);
-
-extern SECStatus
-CERT_ImportCAChain (SECItem *certs, int numcerts, SECCertUsage certUsage);
-
-extern SECStatus
-CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage);
-
-/*
-** Read a certificate chain in some foreign format, and pass it to a 
-** callback function.
-**	"certbuf" is the buffer containing the certificate
-**	"certlen" is the length of the buffer
-**	"f" is the callback function
-**	"arg" is the callback argument
-*/
-typedef SECStatus (PR_CALLBACK *CERTImportCertificateFunc)
-   (void *arg, SECItem **certs, int numcerts);
-
-extern SECStatus
-CERT_DecodeCertPackage(char *certbuf, int certlen, CERTImportCertificateFunc f,
-		       void *arg);
-
-/*
-** Pretty print a certificate in HTML
-**	"cert" is the certificate to print
-**	"showImages" controls whether or not to use about:security URLs
-**		for subject and issuer images.  This should only be true
-**		in the browser.
-*/
-extern char *CERT_HTMLCertInfo(CERTCertificate *cert, PRBool showImages,
-			       PRBool showIssuer);
-
-/* 
-** Returns the value of an AVA.  This was a formerly static 
-** function that has been exposed due to the need to decode
-** and convert unicode strings to UTF8.  
-**
-** XXX This function resides in certhtml.c, should it be
-** moved elsewhere?
-*/
-extern SECItem *CERT_DecodeAVAValue(SECItem *derAVAValue);
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-CERTCertificate *
-CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
-                         char *nickname);
-
-
-
-/*
-** extract various element strings from a distinguished name.
-**	"name" the distinguished name
-*/
-extern char *CERT_GetCommonName(CERTName *name);
-
-extern char *CERT_GetCertificateEmailAddress(CERTCertificate *cert);
-
-extern char *CERT_GetCertEmailAddress(CERTName *name);
-
-extern char *CERT_GetCommonName(CERTName *name);
-
-extern char *CERT_GetCountryName(CERTName *name);
-
-extern char *CERT_GetLocalityName(CERTName *name);
-
-extern char *CERT_GetStateName(CERTName *name);
-
-extern char *CERT_GetOrgName(CERTName *name);
-
-extern char *CERT_GetOrgUnitName(CERTName *name);
-
-extern char *CERT_GetDomainComponentName(CERTName *name);
-
-extern char *CERT_GetCertUid(CERTName *name);
-
-/* manipulate the trust parameters of a certificate */
-
-extern SECStatus CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust);
-
-extern SECStatus
-CERT_ChangeCertTrust (CERTCertDBHandle *handle, CERTCertificate *cert,
-		      CERTCertTrust *trust);
-
-extern SECStatus
-CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb, CERTCertificate *cert,
-			    SECCertUsage usage);
-
-/*************************************************************************
- *
- * manipulate the extensions of a certificate
- *
- ************************************************************************/
-
-/*
-** Set up a cert for adding X509v3 extensions.  Returns an opaque handle
-** used by the next two routines.
-**	"cert" is the certificate we are adding extensions to
-*/
-extern void *CERT_StartCertExtensions(CERTCertificate *cert);
-
-/*
-** Add an extension to a certificate.
-**	"exthandle" is the handle returned by the previous function
-**	"idtag" is the integer tag for the OID that should ID this extension
-**	"value" is the value of the extension
-**	"critical" is the critical extension flag
-**	"copyData" is a flag indicating whether the value data should be
-**		copied.
-*/
-extern SECStatus CERT_AddExtension (void *exthandle, int idtag, 
-			SECItem *value, PRBool critical, PRBool copyData);
-
-extern SECStatus CERT_AddExtensionByOID (void *exthandle, SECItem *oid,
-			 SECItem *value, PRBool critical, PRBool copyData);
-
-extern SECStatus CERT_EncodeAndAddExtension
-   (void *exthandle, int idtag, void *value, PRBool critical,
-    const SEC_ASN1Template *atemplate);
-
-extern SECStatus CERT_EncodeAndAddBitStrExtension
-   (void *exthandle, int idtag, SECItem *value, PRBool critical);
-
-/*
-** Finish adding cert extensions.  Does final processing on extension
-** data, putting it in the right format, and freeing any temporary
-** storage.
-**	"exthandle" is the handle used to add extensions to a certificate
-*/
-extern SECStatus CERT_FinishExtensions(void *exthandle);
-
-
-/* If the extension is found, return its criticality and value.
-** This allocate storage for the returning extension value.
-*/
-extern SECStatus CERT_GetExtenCriticality
-   (CERTCertExtension **extensions, int tag, PRBool *isCritical);
-
-extern void
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq);
-
-/****************************************************************************
- *
- * DER encode and decode extension values
- *
- ****************************************************************************/
-
-/* Encode the value of the basicConstraint extension.
-**	arena - where to allocate memory for the encoded value.
-**	value - extension value to encode
-**	encodedValue - output encoded value
-*/
-extern SECStatus CERT_EncodeBasicConstraintValue
-   (PRArenaPool *arena, CERTBasicConstraints *value, SECItem *encodedValue);
-
-/*
-** Encode the value of the authorityKeyIdentifier extension.
-*/
-extern SECStatus CERT_EncodeAuthKeyID
-   (PRArenaPool *arena, CERTAuthKeyID *value, SECItem *encodedValue);
-
-/*
-** Encode the value of the crlDistributionPoints extension.
-*/
-extern SECStatus CERT_EncodeCRLDistributionPoints
-   (PRArenaPool *arena, CERTCrlDistributionPoints *value,SECItem *derValue);
-
-/*
-** Decodes a DER encoded basicConstaint extension value into a readable format
-**	value - decoded value
-**	encodedValue - value to decoded
-*/
-extern SECStatus CERT_DecodeBasicConstraintValue
-   (CERTBasicConstraints *value, SECItem *encodedValue);
-
-/* Decodes a DER encoded authorityKeyIdentifier extension value into a
-** readable format.
-**	arena - where to allocate memory for the decoded value
-**	encodedValue - value to be decoded
-**	Returns a CERTAuthKeyID structure which contains the decoded value
-*/
-extern CERTAuthKeyID *CERT_DecodeAuthKeyID 
-			(PRArenaPool *arena, SECItem *encodedValue);
-
-
-/* Decodes a DER encoded crlDistributionPoints extension value into a 
-** readable format.
-**	arena - where to allocate memory for the decoded value
-**	der - value to be decoded
-**	Returns a CERTCrlDistributionPoints structure which contains the 
-**          decoded value
-*/
-extern CERTCrlDistributionPoints * CERT_DecodeCRLDistributionPoints
-   (PRArenaPool *arena, SECItem *der);
-
-/* Extract certain name type from a generalName */
-extern void *CERT_GetGeneralNameByType
-   (CERTGeneralName *genNames, CERTGeneralNameType type, PRBool derFormat);
-
-
-extern CERTOidSequence *
-CERT_DecodeOidSequence(SECItem *seqItem);
-
-
-
-
-/****************************************************************************
- *
- * Find extension values of a certificate 
- *
- ***************************************************************************/
-
-extern SECStatus CERT_FindCertExtension
-   (CERTCertificate *cert, int tag, SECItem *value);
-
-extern SECStatus CERT_FindNSCertTypeExtension
-   (CERTCertificate *cert, SECItem *value);
-
-extern char * CERT_FindNSStringExtension (CERTCertificate *cert, int oidtag);
-
-extern SECStatus CERT_FindIssuerCertExtension
-   (CERTCertificate *cert, int tag, SECItem *value);
-
-extern SECStatus CERT_FindCertExtensionByOID
-   (CERTCertificate *cert, SECItem *oid, SECItem *value);
-
-extern char *CERT_FindCertURLExtension (CERTCertificate *cert, int tag, 
-								int catag);
-
-/* Returns the decoded value of the authKeyID extension.
-**   Note that this uses passed in the arena to allocate storage for the result
-*/
-extern CERTAuthKeyID * CERT_FindAuthKeyIDExten (PRArenaPool *arena,CERTCertificate *cert);
-
-/* Returns the decoded value of the basicConstraint extension.
- */
-extern SECStatus CERT_FindBasicConstraintExten
-   (CERTCertificate *cert, CERTBasicConstraints *value);
-
-/* Returns the decoded value of the crlDistributionPoints extension.
-**  Note that the arena in cert is used to allocate storage for the result
-*/
-extern CERTCrlDistributionPoints * CERT_FindCRLDistributionPoints
-   (CERTCertificate *cert);
-
-/* Returns value of the keyUsage extension.  This uses PR_Alloc to allocate 
-** buffer for the decoded value, The caller should free up the storage 
-** allocated in value->data.
-*/
-extern SECStatus CERT_FindKeyUsageExtension (CERTCertificate *cert, 
-							SECItem *value);
-
-/* Return the decoded value of the subjectKeyID extension. The caller should 
-** free up the storage allocated in retItem->data.
-*/
-extern SECStatus CERT_FindSubjectKeyIDExten (CERTCertificate *cert, 
-							   SECItem *retItem);
-
-/*
-** If cert is a v3 certificate, and a critical keyUsage extension is included,
-** then check the usage against the extension value.  If a non-critical 
-** keyUsage extension is included, this will return SECSuccess without 
-** checking, since the extension is an advisory field, not a restriction.  
-** If cert is not a v3 certificate, this will return SECSuccess.
-**	cert - certificate
-**	usage - one of the x.509 v3 the Key Usage Extension flags
-*/
-extern SECStatus CERT_CheckCertUsage (CERTCertificate *cert, 
-							unsigned char usage);
-
-/****************************************************************************
- *
- *  CRL v2 Extensions supported routines
- *
- ****************************************************************************/
-
-extern SECStatus CERT_FindCRLExtensionByOID
-   (CERTCrl *crl, SECItem *oid, SECItem *value);
-
-extern SECStatus CERT_FindCRLExtension
-   (CERTCrl *crl, int tag, SECItem *value);
-
-extern SECStatus
-   CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value);
-
-extern void *CERT_StartCRLExtensions (CERTCrl *crl);
-
-extern CERTCertNicknames *CERT_GetCertNicknames (CERTCertDBHandle *handle,
-						 int what, void *wincx);
-
-/*
-** Finds the crlNumber extension and decodes its value into 'value'
-*/
-extern SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value);
-
-extern void CERT_FreeNicknames(CERTCertNicknames *nicknames);
-
-extern PRBool CERT_CompareCerts(CERTCertificate *c1, CERTCertificate *c2);
-
-extern PRBool CERT_CompareCertsForRedirection(CERTCertificate *c1,
-							 CERTCertificate *c2);
-
-/*
-** Generate an array of the Distinguished Names that the given cert database
-** "trusts"
-*/
-extern CERTDistNames *CERT_GetSSLCACerts(CERTCertDBHandle *handle);
-
-extern void CERT_FreeDistNames(CERTDistNames *names);
-
-/*
-** Generate an array of Distinguished names from an array of nicknames
-*/
-extern CERTDistNames *CERT_DistNamesFromNicknames
-   (CERTCertDBHandle *handle, char **nicknames, int nnames);
-
-/*
-** Generate a certificate chain from a certificate.
-*/
-extern CERTCertificateList *
-CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
-		       PRBool includeRoot);
-
-extern CERTCertificateList *
-CERT_CertListFromCert(CERTCertificate *cert);
-
-extern CERTCertificateList *
-CERT_DupCertList(CERTCertificateList * oldList);
-
-extern void CERT_DestroyCertificateList(CERTCertificateList *list);
-
-/* is cert a newer than cert b? */
-PRBool CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb);
-
-/* currently a stub for address book */
-PRBool
-CERT_IsCertRevoked(CERTCertificate *cert);
-
-void
-CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts);
-
-/* convert an email address to lower case */
-char *CERT_FixupEmailAddr(char *emailAddr);
-
-/* decode string representation of trust flags into trust struct */
-SECStatus
-CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts);
-
-/* encode trust struct into string representation of trust flags */
-char *
-CERT_EncodeTrustString(CERTCertTrust *trust);
-
-/* find the next or prev cert in a subject list */
-CERTCertificate *
-CERT_PrevSubjectCert(CERTCertificate *cert);
-CERTCertificate *
-CERT_NextSubjectCert(CERTCertificate *cert);
-
-/*
- * import a collection of certs into the temporary or permanent cert
- * database
- */
-SECStatus
-CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
-		 unsigned int ncerts, SECItem **derCerts,
-		 CERTCertificate ***retCerts, PRBool keepCerts,
-		 PRBool caOnly, char *nickname);
-
-SECStatus
-CERT_SaveImportedCert(CERTCertificate *cert, SECCertUsage usage,
-		      PRBool caOnly, char *nickname);
-
-char *
-CERT_MakeCANickname(CERTCertificate *cert);
-
-PRBool
-CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype);
-
-PRBool
-CERT_IsCADERCert(SECItem *derCert, unsigned int *rettype);
-
-SECStatus
-CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
-		      SECItem *profileTime);
-
-/*
- * find the smime symmetric capabilities profile for a given cert
- */
-SECItem *
-CERT_FindSMimeProfile(CERTCertificate *cert);
-
-SECStatus
-CERT_AddNewCerts(CERTCertDBHandle *handle);
-
-CERTPackageType
-CERT_CertPackageType(SECItem *package, SECItem *certitem);
-
-CERTCertificatePolicies *
-CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue);
-
-void
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies);
-
-CERTUserNotice *
-CERT_DecodeUserNotice(SECItem *noticeItem);
-
-void
-CERT_DestroyUserNotice(CERTUserNotice *userNotice);
-
-typedef char * (* CERTPolicyStringCallback)(char *org,
-					       unsigned long noticeNumber,
-					       void *arg);
-void
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg);
-
-char *
-CERT_GetCertCommentString(CERTCertificate *cert);
-
-PRBool
-CERT_GovtApprovedBitSet(CERTCertificate *cert);
-
-SECStatus
-CERT_AddPermNickname(CERTCertificate *cert, char *nickname);
-
-/*
- * Given a cert, find the cert with the same subject name that
- * has the given key usage.  If the given cert has the correct keyUsage, then
- * return it, otherwise search the list in order.
- */
-CERTCertificate *
-CERT_FindCertByUsage(CERTCertificate *basecert, unsigned int requiredKeyUsage);
-
-
-CERTCertList *
-CERT_MatchUserCert(CERTCertDBHandle *handle,
-		   SECCertUsage usage,
-		   int nCANames, char **caNames,
-		   void *proto_win);
-
-CERTCertList *
-CERT_NewCertList(void);
-
-void
-CERT_DestroyCertList(CERTCertList *certs);
-
-/* remove the node and free the cert */
-void
-CERT_RemoveCertListNode(CERTCertListNode *node);
-
-SECStatus
-CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert);
-
-SECStatus
-CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert);
-
-SECStatus
-CERT_AddCertToListTailWithData(CERTCertList *certs, CERTCertificate *cert,
-							 void *appData);
-
-SECStatus
-CERT_AddCertToListHeadWithData(CERTCertList *certs, CERTCertificate *cert,
-							 void *appData);
-
-typedef PRBool (* CERTSortCallback)(CERTCertificate *certa,
-				    CERTCertificate *certb,
-				    void *arg);
-SECStatus
-CERT_AddCertToListSorted(CERTCertList *certs, CERTCertificate *cert,
-			 CERTSortCallback f, void *arg);
-
-/* callback for CERT_AddCertToListSorted that sorts based on validity
- * period and a given time.
- */
-PRBool
-CERT_SortCBValidity(CERTCertificate *certa,
-		    CERTCertificate *certb,
-		    void *arg);
-
-SECStatus
-CERT_CheckForEvilCert(CERTCertificate *cert);
-
-CERTGeneralName *
-CERT_GetCertificateNames(CERTCertificate *cert, PRArenaPool *arena);
-
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-
-CERTCertificate *
-CERT_CompareNameSpace(CERTCertificate  *cert,
-		      CERTGeneralName  *namesList,
-		      SECItem          *namesListIndex,
-		      PRArenaPool      *arena,
-		      CERTCertDBHandle *handle);
-
-SECStatus 
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue);
-
-char *
-CERT_GetNickName(CERTCertificate   *cert, CERTCertDBHandle *handle, PRArenaPool *nicknameArena);
-
-/*
- * Creates or adds to a list of all certs with a give subject name, sorted by
- * validity time, newest first.  Invalid certs are considered older than
- * valid certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
-			   SECItem *name, int64 sorttime, PRBool validOnly);
-
-/*
- * Creates or adds to a list of all certs with a give nickname, sorted by
- * validity time, newest first.  Invalid certs are considered older than valid
- * certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateNicknameCertList(CERTCertList *certList, CERTCertDBHandle *handle,
-			    char *nickname, int64 sorttime, PRBool validOnly);
-
-/*
- * Creates or adds to a list of all certs with a give email addr, sorted by
- * validity time, newest first.  Invalid certs are considered older than valid
- * certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateEmailAddrCertList(CERTCertList *certList, CERTCertDBHandle *handle,
-			     char *emailAddr, int64 sorttime, PRBool validOnly);
-
-/*
- * remove certs from a list that don't have keyUsage and certType
- * that match the given usage.
- */
-SECStatus
-CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
-			   PRBool ca);
-
-/*
- * check the key usage of a cert against a set of required values
- */
-SECStatus
-CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage);
-
-/*
- * return required key usage and cert type based on cert usage
- */
-SECStatus
-CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
-				 PRBool ca,
-				 unsigned int *retKeyUsage,
-				 unsigned int *retCertType);
-/*
- * return required trust flags for various cert usages for CAs
- */
-SECStatus
-CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
-			      unsigned int *retFlags,
-			      SECTrustType *retTrustType);
-
-/*
- * Find all user certificates that match the given criteria.
- * 
- *	"handle" - database to search
- *	"usage" - certificate usage to match
- *	"oneCertPerName" - if set then only return the "best" cert per
- *			name
- *	"validOnly" - only return certs that are curently valid
- *	"proto_win" - window handle passed to pkcs11
- */
-CERTCertList *
-CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
-			  SECCertUsage usage,
-			  PRBool oneCertPerName,
-			  PRBool validOnly,
-			  void *proto_win);
-
-/*
- * Find a user certificate that matchs the given criteria.
- * 
- *	"handle" - database to search
- *	"nickname" - nickname to match
- *	"usage" - certificate usage to match
- *	"validOnly" - only return certs that are curently valid
- *	"proto_win" - window handle passed to pkcs11
- */
-CERTCertificate *
-CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
-			 char *nickname,
-			 SECCertUsage usage,
-			 PRBool validOnly,
-			 void *proto_win);
-
-/*
- * Filter a list of certificates, removing those certs that do not have
- * one of the named CA certs somewhere in their cert chain.
- *
- *	"certList" - the list of certificates to filter
- *	"nCANames" - number of CA names
- *	"caNames" - array of CA names in string(rfc 1485) form
- *	"usage" - what use the certs are for, this is used when
- *		selecting CA certs
- */
-SECStatus
-CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
-			     char **caNames, SECCertUsage usage);
-
-/*
- * Collect the nicknames from all certs in a CertList.  If the cert is not
- * valid, append a string to that nickname.
- *
- * "certList" - the list of certificates
- * "expiredString" - the string to append to the nickname of any expired cert
- * "notYetGoodString" - the string to append to the nickname of any cert
- *		that is not yet valid
- */
-CERTCertNicknames *
-CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
-				 char *notYetGoodString);
-
-/*
- * Extract the nickname from a nickmake string that may have either
- * expiredString or notYetGoodString appended.
- *
- * Args:
- *	"namestring" - the string containing the nickname, and possibly
- *		one of the validity label strings
- *	"expiredString" - the expired validity label string
- *	"notYetGoodString" - the not yet good validity label string
- *
- * Returns the raw nickname
- */
-char *
-CERT_ExtractNicknameString(char *namestring, char *expiredString,
-			   char *notYetGoodString);
-
-/*
- * Given a certificate, return a string containing the nickname, and possibly
- * one of the validity strings, based on the current validity state of the
- * certificate.
- *
- * "arena" - arena to allocate returned string from.  If NULL, then heap
- *	is used.
- * "cert" - the cert to get nickname from
- * "expiredString" - the string to append to the nickname if the cert is
- *		expired.
- * "notYetGoodString" - the string to append to the nickname if the cert is
- *		not yet good.
- */
-char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
-				 char *expiredString, char *notYetGoodString);
-
-/*
- * Return the string representation of a DER encoded distinguished name
- * "dername" - The DER encoded name to convert
- */
-char *
-CERT_DerNameToAscii(SECItem *dername);
-
-/*
- * Supported usage values and types:
- *	certUsageSSLClient
- *	certUsageSSLServer
- *	certUsageSSLServerWithStepUp
- *	certUsageEmailSigner
- *	certUsageEmailRecipient
- *	certUsageObjectSigner
- */
-
-CERTCertificate *
-CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
-		      CERTCertOwner owner, SECCertUsage usage,
-		      PRBool preferTrusted, int64 validTime, PRBool validOnly);
-
-
-/*********************************************************************/
-/* A thread safe implementation of General Names                     */
-/*********************************************************************/
-
-/* Destroy a Single CERTGeneralName */
-void
-CERT_DestroyGeneralName(CERTGeneralName *name);
-
-/* Destroys a CERTGeneralNameList */
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
-
-/* Creates a CERTGeneralNameList */
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name);
-
-/* Compares two CERTGeneralNameList */
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b);
-
-/* returns a copy of the first name of the type requested */
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
-				  CERTGeneralNameType type,
-				  PRArenaPool *arena);
-
-/* Adds a name to the tail of the list */
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list, 
-			  CERTGeneralNameType type,
-			  void *data, SECItem *oid);
-
-/* returns a duplicate of the CERTGeneralNameList */
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list);
-
-/* returns the length of a CERTGeneralName */
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-
-/*
- * Acquire the global lock on the cert database.
- * This lock is currently used for the following operations:
- *	adding or deleting a cert to either the temp or perm databases
- *	converting a temp to perm or perm to temp
- *	changing(maybe just adding?) the trust of a cert
- *	adjusting the reference count of a cert
- */
-void
-CERT_LockDB(CERTCertDBHandle *handle);
-
-/*
- * Free the global cert database lock.
- */
-void
-CERT_UnlockDB(CERTCertDBHandle *handle);
-
-/*
- * Get the certificate status checking configuratino data for
- * the certificate database
- */
-CERTStatusConfig *
-CERT_GetStatusConfig(CERTCertDBHandle *handle);
-
-/*
- * Set the certificate status checking information for the
- * database.  The input structure becomes part of the certificate
- * database and will be freed by calling the 'Destroy' function in
- * the configuration object.
- */
-void
-CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *config);
-
-
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertRefCount(CERTCertificate *cert);
-
-/*
- * Free the cert reference count lock
- */
-void
-CERT_UnlockCertRefCount(CERTCertificate *cert);
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertTrust(CERTCertificate *cert);
-
-/*
- * Free the cert trust lock
- */
-void
-CERT_UnlockCertTrust(CERTCertificate *cert);
-
-/*
- * Digest the cert's subject public key using the specified algorithm.
- * The necessary storage for the digest data is allocated.  If "fill" is
- * non-null, the data is put there, otherwise a SECItem is allocated.
- * Allocation from "arena" if it is non-null, heap otherwise.  Any problem
- * results in a NULL being returned (and an appropriate error set).
- */ 
-extern SECItem *
-CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert,
-			   SECOidTag digestAlg, SECItem *fill);
-
-/*
- * fill in nsCertType field of the cert based on the cert extension
- */
-extern SECStatus CERT_GetCertType(CERTCertificate *cert);
-
-SEC_END_PROTOS
-
-#endif /* _CERT_H_ */
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
deleted file mode 100644
index 89d351603..000000000
--- a/security/nss/lib/certdb/certdb.c
+++ /dev/null
@@ -1,2508 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate handling code
- *
- * $Id$
- */
-
-#include "nssilock.h"
-#include "prmon.h"
-#include "prtime.h"
-#include "cert.h"
-#include "secder.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "blapi.h"		/* for SHA1_HashBuf */
-#include "genname.h"
-#include "keyhi.h"
-#include "secitem.h"
-#include "mcom_db.h"
-#include "certdb.h"
-#include "prprf.h"
-#include "sechash.h"
-#include "prlong.h"
-#include "certxutl.h"
-#include "portreg.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "nsslocks.h"
-#include "pk11func.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "pki.h"
-#include "pki3hack.h"
-
-/*
- * Certificate database handling code
- */
-
-
-const SEC_ASN1Template CERT_CertExtensionTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCertExtension) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CERTCertExtension,id) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,		/* XXX DER_DEFAULT */
-	  offsetof(CERTCertExtension,critical) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(CERTCertExtension,value) },
-    { 0, }
-};
-
-const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, CERT_CertExtensionTemplate }
-};
-
-const SEC_ASN1Template CERT_CertificateTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-      0, NULL, sizeof(CERTCertificate) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 0, 		/* XXX DER_DEFAULT */ 
-	  offsetof(CERTCertificate,version),
-	  SEC_IntegerTemplate },
-    { SEC_ASN1_INTEGER,
-	  offsetof(CERTCertificate,serialNumber) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificate,signature),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_SAVE, 
-	  offsetof(CERTCertificate,derIssuer) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificate,issuer),
-	  CERT_NameTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificate,validity),
-	  CERT_ValidityTemplate },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTCertificate,derSubject) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificate,subject),
-	  CERT_NameTemplate },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTCertificate,derPublicKey) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificate,subjectPublicKeyInfo),
-	  CERT_SubjectPublicKeyInfoTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(CERTCertificate,issuerID),
-	  SEC_ObjectIDTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	  offsetof(CERTCertificate,subjectID),
-	  SEC_ObjectIDTemplate },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 3,
-	  offsetof(CERTCertificate,extensions),
-	  CERT_SequenceOfCertExtensionTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_SignedCertificateTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCertificate) },
-    { SEC_ASN1_SAVE, 
-	  offsetof(CERTCertificate,signatureWrap.data) },
-    { SEC_ASN1_INLINE, 
-	  0, CERT_CertificateTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificate,signatureWrap.signatureAlgorithm),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-	  offsetof(CERTCertificate,signatureWrap.signature) },
-    { 0 }
-};
-
-/*
- * Find the subjectName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertSubjectTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SECItem) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  0, SEC_SkipTemplate },	/* version */
-    { SEC_ASN1_SKIP },		/* serial number */
-    { SEC_ASN1_SKIP },		/* signature algorithm */
-    { SEC_ASN1_SKIP },		/* issuer */
-    { SEC_ASN1_SKIP },		/* validity */
-    { SEC_ASN1_ANY, 0, NULL },		/* subject */
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-
-/*
- * Find the issuerName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertIssuerTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SECItem) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  0, SEC_SkipTemplate },	/* version */
-    { SEC_ASN1_SKIP },		/* serial number */
-    { SEC_ASN1_SKIP },		/* signature algorithm */
-    { SEC_ASN1_ANY, 0, NULL },		/* issuer */
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-/*
- * Find the subjectName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertSerialNumberTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SECItem) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  0, SEC_SkipTemplate },	/* version */
-    { SEC_ASN1_ANY, 0, NULL }, /* serial number */
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-
-/*
- * Find the issuer and serialNumber in a DER encoded certificate.
- * This data is used as the database lookup key since its the unique
- * identifier of a certificate.
- */
-const SEC_ASN1Template CERT_CertKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCertKey) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  0, SEC_SkipTemplate },	/* version */ 
-    { SEC_ASN1_INTEGER,
-	  offsetof(CERTCertKey,serialNumber) },
-    { SEC_ASN1_SKIP },		/* signature algorithm */
-    { SEC_ASN1_ANY,
-	  offsetof(CERTCertKey,derIssuer) },
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SignedCertificateTemplate)
-
-SECStatus
-CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn,
-			SECItem *key)
-{
-    key->len = sn->len + issuer->len;
-    
-    key->data = (unsigned char*)PORT_ArenaAlloc(arena, key->len);
-    if ( !key->data ) {
-	goto loser;
-    }
-
-    /* copy the serialNumber */
-    PORT_Memcpy(key->data, sn->data, sn->len);
-
-    /* copy the issuer */
-    PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-
-/*
- * Extract the subject name from a DER certificate
- */
-SECStatus
-CERT_NameFromDERCert(SECItem *derCert, SECItem *derName)
-{
-    int rv;
-    PRArenaPool *arena;
-    CERTSignedData sd;
-    void *tmpptr;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( ! arena ) {
-	return(SECFailure);
-    }
-   
-    PORT_Memset(&sd, 0, sizeof(CERTSignedData));
-    rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-    
-    if ( rv ) {
-	goto loser;
-    }
-    
-    PORT_Memset(derName, 0, sizeof(SECItem));
-    rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertSubjectTemplate, &sd.data);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    tmpptr = derName->data;
-    derName->data = (unsigned char*)PORT_Alloc(derName->len);
-    if ( derName->data == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(derName->data, tmpptr, derName->len);
-    
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECFailure);
-}
-
-SECStatus
-CERT_IssuerNameFromDERCert(SECItem *derCert, SECItem *derName)
-{
-    int rv;
-    PRArenaPool *arena;
-    CERTSignedData sd;
-    void *tmpptr;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( ! arena ) {
-	return(SECFailure);
-    }
-   
-    PORT_Memset(&sd, 0, sizeof(CERTSignedData));
-    rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-    
-    if ( rv ) {
-	goto loser;
-    }
-    
-    PORT_Memset(derName, 0, sizeof(SECItem));
-    rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertIssuerTemplate, &sd.data);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    tmpptr = derName->data;
-    derName->data = (unsigned char*)PORT_Alloc(derName->len);
-    if ( derName->data == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(derName->data, tmpptr, derName->len);
-    
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECFailure);
-}
-
-SECStatus
-CERT_SerialNumberFromDERCert(SECItem *derCert, SECItem *derName)
-{
-    int rv;
-    PRArenaPool *arena;
-    CERTSignedData sd;
-    void *tmpptr;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( ! arena ) {
-	return(SECFailure);
-    }
-   
-    PORT_Memset(&sd, 0, sizeof(CERTSignedData));
-    rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-    
-    if ( rv ) {
-	goto loser;
-    }
-    
-    PORT_Memset(derName, 0, sizeof(SECItem));
-    rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertSerialNumberTemplate, &sd.data);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    tmpptr = derName->data;
-    derName->data = (unsigned char*)PORT_Alloc(derName->len);
-    if ( derName->data == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(derName->data, tmpptr, derName->len);
-    
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECFailure);
-}
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-CERT_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
-    int rv;
-    CERTSignedData sd;
-    CERTCertKey certkey;
-
-    PORT_Memset(&sd, 0, sizeof(CERTSignedData));    
-    PORT_Memset(&certkey, 0, sizeof(CERTCertKey));    
-
-    PORT_Memset(&sd, 0, sizeof(CERTSignedData));
-    rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-    
-    if ( rv ) {
-	goto loser;
-    }
-    
-    PORT_Memset(&certkey, 0, sizeof(CERTCertKey));
-    rv = SEC_ASN1DecodeItem(arena, &certkey, CERT_CertKeyTemplate, &sd.data);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    return(CERT_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
-				   &certkey.serialNumber, key));
-loser:
-    return(SECFailure);
-}
-
-/*
- * fill in keyUsage field of the cert based on the cert extension
- * if the extension is not critical, then we allow all uses
- */
-static SECStatus
-GetKeyUsage(CERTCertificate *cert)
-{
-    SECStatus rv;
-    SECItem tmpitem;
-    
-    rv = CERT_FindKeyUsageExtension(cert, &tmpitem);
-    if ( rv == SECSuccess ) {
-	/* remember the actual value of the extension */
-	cert->rawKeyUsage = tmpitem.data[0];
-	cert->keyUsagePresent = PR_TRUE;
-	cert->keyUsage = tmpitem.data[0];
-
-	PORT_Free(tmpitem.data);
-	tmpitem.data = NULL;
-	
-    } else {
-	/* if the extension is not present, then we allow all uses */
-	cert->keyUsage = KU_ALL;
-	cert->rawKeyUsage = KU_ALL;
-	cert->keyUsagePresent = PR_FALSE;
-    }
-
-    if ( CERT_GovtApprovedBitSet(cert) ) {
-	cert->keyUsage |= KU_NS_GOVT_APPROVED;
-	cert->rawKeyUsage |= KU_NS_GOVT_APPROVED;
-    }
-    
-    return(SECSuccess);
-}
-
-
-/*
- * determine if a fortezza V1 Cert is a CA or not.
- */
-static PRBool
-fortezzaIsCA( CERTCertificate *cert) {
-    PRBool isCA = PR_FALSE;
-    CERTSubjectPublicKeyInfo *spki = &cert->subjectPublicKeyInfo;
-    int tag;
-
-    tag = SECOID_GetAlgorithmTag(&spki->algorithm);
-    if ((tag == SEC_OID_MISSI_KEA_DSS_OLD) ||
-       (tag == SEC_OID_MISSI_KEA_DSS) ||
-       (tag == SEC_OID_MISSI_DSS_OLD) ||
-       (tag == SEC_OID_MISSI_DSS) ) {
-	SECItem rawkey;
-	unsigned char *rawptr;
-	unsigned char *end;
-	int len;
-
-	rawkey = spki->subjectPublicKey;
-	DER_ConvertBitString(&rawkey);
-	rawptr = rawkey.data;
-	end = rawkey.data + rawkey.len;
-
-	/* version */	
-	rawptr += sizeof(((SECKEYPublicKey*)0)->u.fortezza.KMID)+2;
-
-	/* clearance (the string up to the first byte with the hi-bit on */
-	while ((rawptr < end) && (*rawptr++ & 0x80));
-	if (rawptr >= end) { return PR_FALSE; }
-
-	/* KEAPrivilege (the string up to the first byte with the hi-bit on */
-	while ((rawptr < end) && (*rawptr++ & 0x80));
-	if (rawptr >= end) { return PR_FALSE; }
-
-	/* skip the key */
-	len = (*rawptr << 8) | rawptr[1];
-	rawptr += 2 + len;
-
-	/* shared key */
-	if (rawptr >= end) { return PR_FALSE; }
-	/* DSS Version is next */
-	rawptr += 2;
-
-	/* DSSPrivilege (the string up to the first byte with the hi-bit on */
-	if (*rawptr & 0x30) isCA = PR_TRUE;
-	
-   }
-   return isCA;
-}
-
-static SECStatus
-findOIDinOIDSeqByTagNum(CERTOidSequence *seq, SECOidTag tagnum)
-{
-    SECItem **oids;
-    SECItem *oid;
-    SECStatus rv = SECFailure;
-    
-    if (seq != NULL) {
-	oids = seq->oids;
-	while (oids != NULL && *oids != NULL) {
-	    oid = *oids;
-	    if (SECOID_FindOIDTag(oid) == tagnum) {
-		rv = SECSuccess;
-		break;
-	    }
-	    oids++;
-	}
-    }
-    return rv;
-}
-
-/*
- * fill in nsCertType field of the cert based on the cert extension
- */
-SECStatus
-CERT_GetCertType(CERTCertificate *cert)
-{
-    SECStatus rv;
-    SECItem tmpitem;
-    SECItem encodedExtKeyUsage;
-    CERTOidSequence *extKeyUsage = NULL;
-    PRBool basicConstraintPresent = PR_FALSE;
-    CERTBasicConstraints basicConstraint;
-
-    tmpitem.data = NULL;
-    CERT_FindNSCertTypeExtension(cert, &tmpitem);
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, 
-				&encodedExtKeyUsage);
-    if (rv == SECSuccess) {
-	extKeyUsage = CERT_DecodeOidSequence(&encodedExtKeyUsage);
-    }
-    rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
-    if (rv == SECSuccess) {
-	basicConstraintPresent = PR_TRUE;
-    }
-    if (tmpitem.data != NULL || extKeyUsage != NULL) {
-	if (tmpitem.data == NULL) {
-	    cert->nsCertType = 0;
-	} else {
-	    cert->nsCertType = tmpitem.data[0];
-	}
-
-	/* free tmpitem data pointer to avoid memory leak */
-	PORT_Free(tmpitem.data);
-	tmpitem.data = NULL;
-	
-	/*
-	 * for this release, we will allow SSL certs with an email address
-	 * to be used for email
-	 */
-	if ( ( cert->nsCertType & NS_CERT_TYPE_SSL_CLIENT ) &&
-	    cert->emailAddr ) {
-	    cert->nsCertType |= NS_CERT_TYPE_EMAIL;
-	}
-	/*
-	 * for this release, we will allow SSL intermediate CAs to be
-	 * email intermediate CAs too.
-	 */
-	if ( cert->nsCertType & NS_CERT_TYPE_SSL_CA ) {
-	    cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
-	}
-	/*
-	 * allow a cert with the extended key usage of EMail Protect
-	 * to be used for email or as an email CA, if basic constraints
-	 * indicates that it is a CA.
-	 */
-	if (findOIDinOIDSeqByTagNum(extKeyUsage, 
-				    SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT) ==
-	    SECSuccess) {
-	    if (basicConstraintPresent == PR_TRUE &&
-		(basicConstraint.isCA)) {
-		cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
-	    } else {
-		cert->nsCertType |= NS_CERT_TYPE_EMAIL;
-	    }
-	}
-	if (findOIDinOIDSeqByTagNum(extKeyUsage, 
-				    SEC_OID_EXT_KEY_USAGE_SERVER_AUTH) ==
-	    SECSuccess){
-	    if (basicConstraintPresent == PR_TRUE &&
-		(basicConstraint.isCA)) {
-		cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
-	    } else {
-		cert->nsCertType |= NS_CERT_TYPE_SSL_SERVER;
-	    }
-	}
-	if (findOIDinOIDSeqByTagNum(extKeyUsage,
-				    SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH) ==
-	    SECSuccess){
-	    if (basicConstraintPresent == PR_TRUE &&
-		(basicConstraint.isCA)) {
-		cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
-	    } else {
-		cert->nsCertType |= NS_CERT_TYPE_SSL_CLIENT;
-	    }
-	}
-	if (findOIDinOIDSeqByTagNum(extKeyUsage,
-				    SEC_OID_EXT_KEY_USAGE_CODE_SIGN) ==
-	    SECSuccess) {
-	    if (basicConstraintPresent == PR_TRUE &&
-		(basicConstraint.isCA)) {
-		cert->nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
-	    } else {
-		cert->nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING;
-	    }
-	}
-	if (findOIDinOIDSeqByTagNum(extKeyUsage,
-				    SEC_OID_EXT_KEY_USAGE_TIME_STAMP) ==
-	    SECSuccess) {
-	    cert->nsCertType |= EXT_KEY_USAGE_TIME_STAMP;
-	}
-	if (findOIDinOIDSeqByTagNum(extKeyUsage,
-				    SEC_OID_OCSP_RESPONDER) == 
-	    SECSuccess) {
-	    cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
-	}
-    } else {
-	/* if no extension, then allow any ssl or email (no ca or object
-	 * signing)
-	 */
-	cert->nsCertType = NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER |
-	    NS_CERT_TYPE_EMAIL;
-
-	/* if the basic constraint extension says the cert is a CA, then
-	   allow SSL CA and EMAIL CA and Status Responder */
-	if ((basicConstraintPresent == PR_TRUE)
-	    && (basicConstraint.isCA)) {
-		cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
-		cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
-		cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
-	} else if (CERT_IsCACert(cert, NULL) == PR_TRUE) {
-		cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
-	}
-
-	/* if the cert is a fortezza CA cert, then allow SSL CA and EMAIL CA */
-	if (fortezzaIsCA(cert)) {
-		cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
-		cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
-	}
-    }
-
-    if (extKeyUsage != NULL) {
-	PORT_Free(encodedExtKeyUsage.data);
-	CERT_DestroyOidSequence(extKeyUsage);
-    }
-    return(SECSuccess);
-}
-
-/*
- * cert_GetKeyID() - extract or generate the subjectKeyID from a certificate
- */
-SECStatus
-cert_GetKeyID(CERTCertificate *cert)
-{
-    SECItem tmpitem;
-    SECStatus rv;
-    SECKEYPublicKey *key;
-    
-    cert->subjectKeyID.len = 0;
-
-    /* see of the cert has a key identifier extension */
-    rv = CERT_FindSubjectKeyIDExten(cert, &tmpitem);
-    if ( rv == SECSuccess ) {
-	cert->subjectKeyID.data = (unsigned char*) PORT_ArenaAlloc(cert->arena, tmpitem.len);
-	if ( cert->subjectKeyID.data != NULL ) {
-	    PORT_Memcpy(cert->subjectKeyID.data, tmpitem.data, tmpitem.len);
-	    cert->subjectKeyID.len = tmpitem.len;
-	    cert->keyIDGenerated = PR_FALSE;
-	}
-	
-	PORT_Free(tmpitem.data);
-    }
-    
-    /* if the cert doesn't have a key identifier extension and the cert is
-     * a V1 fortezza certificate, use the cert's 8 byte KMID as the
-     * key identifier.  */
-    key = CERT_KMIDPublicKey(cert);
-
-    if (key != NULL) {
-	
-	if (key->keyType == fortezzaKey) {
-
-	    cert->subjectKeyID.data = (unsigned char *)PORT_ArenaAlloc(cert->arena, 8);
-	    if ( cert->subjectKeyID.data != NULL ) {
-		PORT_Memcpy(cert->subjectKeyID.data, key->u.fortezza.KMID, 8);
-		cert->subjectKeyID.len = 8;
-		cert->keyIDGenerated = PR_FALSE;
-	    }
-	}
-		
-	SECKEY_DestroyPublicKey(key);
-    }
-
-    /* if the cert doesn't have a key identifier extension, then generate one*/
-    if ( cert->subjectKeyID.len == 0 ) {
-	/*
-	 * pkix says that if the subjectKeyID is not present, then we should
-	 * use the SHA-1 hash of the DER-encoded publicKeyInfo from the cert
-	 */
-	cert->subjectKeyID.data = (unsigned char *)PORT_ArenaAlloc(cert->arena, SHA1_LENGTH);
-	if ( cert->subjectKeyID.data != NULL ) {
-	    rv = PK11_HashBuf(SEC_OID_SHA1,cert->subjectKeyID.data,
-			      cert->derPublicKey.data,
-			      cert->derPublicKey.len);
-	    if ( rv == SECSuccess ) {
-		cert->subjectKeyID.len = SHA1_LENGTH;
-	    }
-	}
-    }
-
-    if ( cert->subjectKeyID.len == 0 ) {
-	return(SECFailure);
-    }
-    return(SECSuccess);
-
-}
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-CERTCertificate *
-CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
-			 char *nickname)
-{
-    CERTCertificate *cert;
-    PRArenaPool *arena;
-    void *data;
-    int rv;
-    int len;
-    char *tmpname;
-    
-    /* make a new arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	return 0;
-    }
-
-    /* allocate the certificate structure */
-    cert = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-    
-    if ( !cert ) {
-	goto loser;
-    }
-    
-    cert->arena = arena;
-    
-    if ( copyDER ) {
-	/* copy the DER data for the cert into this arena */
-	data = (void *)PORT_ArenaAlloc(arena, derSignedCert->len);
-	if ( !data ) {
-	    goto loser;
-	}
-	cert->derCert.data = (unsigned char *)data;
-	cert->derCert.len = derSignedCert->len;
-	PORT_Memcpy(data, derSignedCert->data, derSignedCert->len);
-    } else {
-	/* point to passed in DER data */
-	cert->derCert = *derSignedCert;
-    }
-
-    /* decode the certificate info */
-    rv = SEC_ASN1DecodeItem(arena, cert, SEC_SignedCertificateTemplate,
-		    &cert->derCert);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    if (cert_HasUnknownCriticalExten (cert->extensions) == PR_TRUE) {
-	PORT_SetError(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
-	goto loser;
-    }
-
-    /* generate and save the database key for the cert */
-    rv = CERT_KeyFromDERCert(arena, &cert->derCert, &cert->certKey);
-    if ( rv ) {
-	goto loser;
-    }
-
-    /* set the nickname */
-    if ( nickname == NULL ) {
-	cert->nickname = NULL;
-    } else {
-	/* copy and install the nickname */
-	len = PORT_Strlen(nickname) + 1;
-	cert->nickname = (char*)PORT_ArenaAlloc(arena, len);
-	if ( cert->nickname == NULL ) {
-	    goto loser;
-	}
-
-	PORT_Memcpy(cert->nickname, nickname, len);
-    }
-
-    /* set the email address */
-    cert->emailAddr = CERT_GetCertificateEmailAddress(cert);
-    
-    /* initialize the subjectKeyID */
-    rv = cert_GetKeyID(cert);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* initialize keyUsage */
-    rv = GetKeyUsage(cert);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* initialize the certType */
-    rv = CERT_GetCertType(cert);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    tmpname = CERT_NameToAscii(&cert->subject);
-    if ( tmpname != NULL ) {
-	cert->subjectName = PORT_ArenaStrdup(cert->arena, tmpname);
-	PORT_Free(tmpname);
-    }
-    
-    tmpname = CERT_NameToAscii(&cert->issuer);
-    if ( tmpname != NULL ) {
-	cert->issuerName = PORT_ArenaStrdup(cert->arena, tmpname);
-	PORT_Free(tmpname);
-    }
-    
-    cert->referenceCount = 1;
-    cert->slot = NULL;
-    cert->pkcs11ID = CK_INVALID_HANDLE;
-    cert->dbnickname = NULL;
-    
-    return(cert);
-    
-loser:
-
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(0);
-}
-
-CERTCertificate *
-__CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
-			 char *nickname)
-{
-    return CERT_DecodeDERCertificate(derSignedCert, copyDER, nickname);
-}
-
-
-/*
-** Amount of time that a certifiate is allowed good before it is actually
-** good. This is used for pending certificates, ones that are about to be
-** valid. The slop is designed to allow for some variance in the clocks
-** of the machine checking the certificate.
-*/
-#define PENDING_SLOP (24L*60L*60L)		/* seconds per day */
-static PRInt32 pendingSlop = PENDING_SLOP;	/* seconds */
-
-PRInt32
-CERT_GetSlopTime(void)
-{
-    return pendingSlop;			/* seconds */
-}
-
-SECStatus
-CERT_SetSlopTime(PRInt32 slop)		/* seconds */
-{
-    if (slop < 0)
-	return SECFailure;
-    pendingSlop = slop;
-    return SECSuccess;
-}
-
-SECStatus
-CERT_GetCertTimes(CERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
-    int rv;
-    
-    /* convert DER not-before time */
-    rv = DER_UTCTimeToTime(notBefore, &c->validity.notBefore);
-    if (rv) {
-	return(SECFailure);
-    }
-    
-    /* convert DER not-after time */
-    rv = DER_UTCTimeToTime(notAfter, &c->validity.notAfter);
-    if (rv) {
-	return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-/*
- * Check the validity times of a certificate
- */
-SECCertTimeValidity
-CERT_CheckCertValidTimes(CERTCertificate *c, PRTime t, PRBool allowOverride)
-{
-    PRTime notBefore, notAfter, llPendingSlop, tmp1;
-    SECStatus rv;
-
-    /* if cert is already marked OK, then don't bother to check */
-    if ( allowOverride && c->timeOK ) {
-	return(secCertTimeValid);
-    }
-
-    rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
-    
-    if (rv) {
-	return(secCertTimeExpired); /*XXX is this the right thing to do here?*/
-    }
-    
-    LL_I2L(llPendingSlop, pendingSlop);
-    /* convert to micro seconds */
-    LL_I2L(tmp1, PR_USEC_PER_SEC);
-    LL_MUL(llPendingSlop, llPendingSlop, tmp1);
-    LL_SUB(notBefore, notBefore, llPendingSlop);
-    if ( LL_CMP( t, <, notBefore ) ) {
-	PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
-	return(secCertTimeNotValidYet);
-    }
-    if ( LL_CMP( t, >, notAfter) ) {
-	PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
-	return(secCertTimeExpired);
-    }
-
-    return(secCertTimeValid);
-}
-
-SECStatus
-SEC_GetCrlTimes(CERTCrl *date, PRTime *notBefore, PRTime *notAfter)
-{
-    int rv;
-    
-    /* convert DER not-before time */
-    rv = DER_UTCTimeToTime(notBefore, &date->lastUpdate);
-    if (rv) {
-	return(SECFailure);
-    }
-    
-    /* convert DER not-after time */
-    if (date->nextUpdate.data) {
-	rv = DER_UTCTimeToTime(notAfter, &date->nextUpdate);
-	if (rv) {
-	    return(SECFailure);
-	}
-    }
-    else {
-	LL_I2L(*notAfter, 0L);
-    }
-    return(SECSuccess);
-}
-
-/* These routines should probably be combined with the cert
- * routines using an common extraction routine.
- */
-SECCertTimeValidity
-SEC_CheckCrlTimes(CERTCrl *crl, PRTime t) {
-    PRTime notBefore, notAfter, llPendingSlop, tmp1;
-    SECStatus rv;
-
-    rv = SEC_GetCrlTimes(crl, &notBefore, &notAfter);
-    
-    if (rv) {
-	return(secCertTimeExpired); 
-    }
-
-    LL_I2L(llPendingSlop, pendingSlop);
-    /* convert to micro seconds */
-    LL_I2L(tmp1, PR_USEC_PER_SEC);
-    LL_MUL(llPendingSlop, llPendingSlop, tmp1);
-    LL_SUB(notBefore, notBefore, llPendingSlop);
-    if ( LL_CMP( t, <, notBefore ) ) {
-	return(secCertTimeNotValidYet);
-    }
-
-    /* If next update is omitted and the test for notBefore passes, then
-       we assume that the crl is up to date.
-     */
-    if ( LL_IS_ZERO(notAfter) ) {
-	return(secCertTimeValid);
-    }
-
-    if ( LL_CMP( t, >, notAfter) ) {
-	return(secCertTimeExpired);
-    }
-
-    return(secCertTimeValid);
-}
-
-PRBool
-SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old) {
-    PRTime newNotBefore, newNotAfter;
-    PRTime oldNotBefore, oldNotAfter;
-    SECStatus rv;
-
-    /* problems with the new CRL? reject it */
-    rv = SEC_GetCrlTimes(inNew, &newNotBefore, &newNotAfter);
-    if (rv) return PR_FALSE;
-
-    /* problems with the old CRL? replace it */
-    rv = SEC_GetCrlTimes(old, &oldNotBefore, &oldNotAfter);
-    if (rv) return PR_TRUE;
-
-    /* Question: what about the notAfter's? */
-    return ((PRBool)LL_CMP(oldNotBefore, <, newNotBefore));
-}
-   
-/*
- * return required key usage and cert type based on cert usage 
- */
-SECStatus
-CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
-				 PRBool ca,
-				 unsigned int *retKeyUsage,
-				 unsigned int *retCertType)
-{
-    unsigned int requiredKeyUsage = 0;
-    unsigned int requiredCertType = 0;
-    
-    if ( ca ) {
-	switch ( usage ) {
-	  case certUsageSSLServerWithStepUp:
-	    requiredKeyUsage = KU_NS_GOVT_APPROVED | KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_SSL_CA;
-	    break;
-	  case certUsageSSLClient:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_SSL_CA;
-	    break;
-	  case certUsageSSLServer:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_SSL_CA;
-	    break;
-	  case certUsageSSLCA:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_SSL_CA;
-	    break;
-	  case certUsageEmailSigner:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_EMAIL_CA;
-	    break;
-	  case certUsageEmailRecipient:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_EMAIL_CA;
-	    break;
-	  case certUsageObjectSigner:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA;
-	    break;
-	  case certUsageAnyCA:
-	  case certUsageStatusResponder:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA |
-		NS_CERT_TYPE_EMAIL_CA |
-		    NS_CERT_TYPE_SSL_CA;
-	    break;
-	  default:
-	    PORT_Assert(0);
-	    goto loser;
-	}
-    } else {
-	switch ( usage ) {
-	  case certUsageSSLClient:
-	    requiredKeyUsage = KU_DIGITAL_SIGNATURE;
-	    requiredCertType = NS_CERT_TYPE_SSL_CLIENT;
-	    break;
-	  case certUsageSSLServer:
-	    requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
-	    requiredCertType = NS_CERT_TYPE_SSL_SERVER;
-	    break;
-	  case certUsageSSLServerWithStepUp:
-	    requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT |
-		KU_NS_GOVT_APPROVED;
-	    requiredCertType = NS_CERT_TYPE_SSL_SERVER;
-	    break;
-	  case certUsageSSLCA:
-	    requiredKeyUsage = KU_KEY_CERT_SIGN;
-	    requiredCertType = NS_CERT_TYPE_SSL_CA;
-	    break;
-	  case certUsageEmailSigner:
-	    requiredKeyUsage = KU_DIGITAL_SIGNATURE;
-	    requiredCertType = NS_CERT_TYPE_EMAIL;
-	    break;
-	  case certUsageEmailRecipient:
-	    requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
-	    requiredCertType = NS_CERT_TYPE_EMAIL;
-	    break;
-	  case certUsageObjectSigner:
-	    requiredKeyUsage = KU_DIGITAL_SIGNATURE;
-	    requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING;
-	    break;
-	  case certUsageStatusResponder:
-	    requiredKeyUsage = KU_DIGITAL_SIGNATURE;
-	    requiredCertType = EXT_KEY_USAGE_STATUS_RESPONDER;
-	    break;
-	  default:
-	    PORT_Assert(0);
-	    goto loser;
-	}
-    }
-
-    if ( retKeyUsage != NULL ) {
-	*retKeyUsage = requiredKeyUsage;
-    }
-    if ( retCertType != NULL ) {
-	*retCertType = requiredCertType;
-    }
-
-    return(SECSuccess);
-loser:
-    return(SECFailure);
-}
-
-/*
- * check the key usage of a cert against a set of required values
- */
-SECStatus
-CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage)
-{
-    SECKEYPublicKey *key;
-    
-    /* choose between key agreement or key encipherment based on key
-     * type in cert
-     */
-    if ( requiredUsage & KU_KEY_AGREEMENT_OR_ENCIPHERMENT ) {
-	key = CERT_ExtractPublicKey(cert);
-	if ( ( key->keyType == keaKey ) || ( key->keyType == fortezzaKey ) ||
-	     ( key->keyType == dhKey ) ) {
-	    requiredUsage |= KU_KEY_AGREEMENT;
-	} else {
-	    requiredUsage |= KU_KEY_ENCIPHERMENT;
-	} 
-
-	/* now turn off the special bit */
-	requiredUsage &= (~KU_KEY_AGREEMENT_OR_ENCIPHERMENT);
-	
-	SECKEY_DestroyPublicKey(key);
-    }
-
-    if ( ( cert->keyUsage & requiredUsage ) != requiredUsage ) {
-	return(SECFailure);
-    }
-    return(SECSuccess);
-}
-
-
-CERTCertificate *
-CERT_DupCertificate(CERTCertificate *c)
-{
-    if (c) {
-#ifdef NSS_CLASSIC
-	CERT_LockCertRefCount(c);
-	++c->referenceCount;
-	CERT_UnlockCertRefCount(c);
-#else
-	NSSCertificate *tmp = STAN_GetNSSCertificate(c);
-	nssCertificate_AddRef(tmp);
-#endif
-    }
-    return c;
-}
-
-/*
- * Allow use of default cert database, so that apps(such as mozilla) don't
- * have to pass the handle all over the place.
- */
-static CERTCertDBHandle *default_cert_db_handle = 0;
-
-void
-CERT_SetDefaultCertDB(CERTCertDBHandle *handle)
-{
-    default_cert_db_handle = handle;
-    
-    return;
-}
-
-CERTCertDBHandle *
-CERT_GetDefaultCertDB(void)
-{
-    return(default_cert_db_handle);
-}
-
-/* XXX this would probably be okay/better as an xp routine? */
-static void
-sec_lower_string(char *s)
-{
-    if ( s == NULL ) {
-	return;
-    }
-    
-    while ( *s ) {
-	*s = PORT_Tolower(*s);
-	s++;
-    }
-    
-    return;
-}
-
-/*
-** Add a domain name to the list of names that the user has explicitly
-** allowed (despite cert name mismatches) for use with a server cert.
-*/
-SECStatus
-CERT_AddOKDomainName(CERTCertificate *cert, const char *hn)
-{
-    CERTOKDomainName *domainOK;
-    int	       newNameLen;
-
-    if (!hn || !(newNameLen = strlen(hn))) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    domainOK = (CERTOKDomainName *)PORT_ArenaZAlloc(cert->arena, 
-				  (sizeof *domainOK) + newNameLen);
-    if (!domainOK) 
-    	return SECFailure;	/* error code is already set. */
-
-    PORT_Strcpy(domainOK->name, hn);
-    sec_lower_string(domainOK->name);
-
-    /* put at head of list. */
-    domainOK->next = cert->domainOK;
-    cert->domainOK = domainOK;
-    return SECSuccess;
-}
-
-/* Make sure that the name of the host we are connecting to matches the
- * name that is incoded in the common-name component of the certificate
- * that they are using.
- */
-SECStatus
-CERT_VerifyCertName(CERTCertificate *cert, const char *hn)
-{
-    char *    cn;
-    char *    domain;
-    char *    hndomain;
-    char *    hostname;
-    int       regvalid;
-    int       match;
-    SECStatus rv;
-    CERTOKDomainName *domainOK;
-
-    if (!hn || !strlen(hn)) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    hostname = PORT_Strdup(hn);
-    if ( hostname == NULL ) {
-	return(SECFailure);
-    }
-    sec_lower_string(hostname);
-
-    /* if the name is one that the user has already approved, it's OK. */
-    for (domainOK = cert->domainOK; domainOK; domainOK = domainOK->next) {
-	if (0 == PORT_Strcmp(hostname, domainOK->name)) {
-	    PORT_Free(hostname);
-	    return SECSuccess;
-    	}
-    }
-
-    /* try the cert extension first, then the common name */
-    cn = CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-    if ( cn == NULL ) {
-	cn = CERT_GetCommonName(&cert->subject);
-    }
-    
-    sec_lower_string(cn);
-
-    if ( cn ) {
-	if ( ( hndomain = PORT_Strchr(hostname, '.') ) == NULL ) {
-	    /* No domain in server name */
-	    if ( ( domain = PORT_Strchr(cn, '.') ) != NULL ) {
-		/* there is a domain in the cn string, so chop it off */
-		*domain = '\0';
-	    }
-	}
-
-	regvalid = PORT_RegExpValid(cn);
-	
-	if ( regvalid == NON_SXP ) {
-	    /* compare entire hostname with cert name */
-	    if ( PORT_Strcmp(hostname, cn) == 0 ) {
-		rv = SECSuccess;
-		goto done;
-	    }
-	    
-	    if ( hndomain ) {
-		/* compare just domain name with cert name */
-		if ( PORT_Strcmp(hndomain+1, cn) == 0 ) {
-		    rv = SECSuccess;
-		    goto done;
-		}
-	    }
-
-	    PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
-	    rv = SECFailure;
-	    goto done;
-	    
-	} else {
-	    /* try to match the shexp */
-	    match = PORT_RegExpCaseSearch(hostname, cn);
-
-	    if ( match == 0 ) {
-		rv = SECSuccess;
-	    } else {
-		PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
-		rv = SECFailure;
-	    }
-	    goto done;
-	}
-    }
-
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    rv = SECFailure;
-
-done:
-    /* free the common name */
-    if ( cn ) {
-	PORT_Free(cn);
-    }
-    
-    if ( hostname ) {
-	PORT_Free(hostname);
-    }
-    
-    return(rv);
-}
-
-PRBool
-CERT_CompareCerts(CERTCertificate *c1, CERTCertificate *c2)
-{
-    SECComparison comp;
-    
-    comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
-    if ( comp == SECEqual ) { /* certs are the same */
-	return(PR_TRUE);
-    } else {
-	return(PR_FALSE);
-    }
-}
-
-static SECStatus
-StringsEqual(char *s1, char *s2) {
-    if ( ( s1 == NULL ) || ( s2 == NULL ) ) {
-	if ( s1 != s2 ) { /* only one is null */
-	    return(SECFailure);
-	}
-	return(SECSuccess); /* both are null */
-    }
-	
-    if ( PORT_Strcmp( s1, s2 ) != 0 ) {
-	return(SECFailure); /* not equal */
-    }
-
-    return(SECSuccess); /* strings are equal */
-}
-
-
-PRBool
-CERT_CompareCertsForRedirection(CERTCertificate *c1, CERTCertificate *c2)
-{
-    SECComparison comp;
-    char *c1str, *c2str;
-    SECStatus eq;
-    
-    comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
-    if ( comp == SECEqual ) { /* certs are the same */
-	return(PR_TRUE);
-    }
-	
-    /* check if they are issued by the same CA */
-    comp = SECITEM_CompareItem(&c1->derIssuer, &c2->derIssuer);
-    if ( comp != SECEqual ) { /* different issuer */
-	return(PR_FALSE);
-    }
-
-    /* check country name */
-    c1str = CERT_GetCountryName(&c1->subject);
-    c2str = CERT_GetCountryName(&c2->subject);
-    eq = StringsEqual(c1str, c2str);
-    PORT_Free(c1str);
-    PORT_Free(c2str);
-    if ( eq != SECSuccess ) {
-	return(PR_FALSE);
-    }
-
-    /* check locality name */
-    c1str = CERT_GetLocalityName(&c1->subject);
-    c2str = CERT_GetLocalityName(&c2->subject);
-    eq = StringsEqual(c1str, c2str);
-    PORT_Free(c1str);
-    PORT_Free(c2str);
-    if ( eq != SECSuccess ) {
-	return(PR_FALSE);
-    }
-	
-    /* check state name */
-    c1str = CERT_GetStateName(&c1->subject);
-    c2str = CERT_GetStateName(&c2->subject);
-    eq = StringsEqual(c1str, c2str);
-    PORT_Free(c1str);
-    PORT_Free(c2str);
-    if ( eq != SECSuccess ) {
-	return(PR_FALSE);
-    }
-
-    /* check org name */
-    c1str = CERT_GetOrgName(&c1->subject);
-    c2str = CERT_GetOrgName(&c2->subject);
-    eq = StringsEqual(c1str, c2str);
-    PORT_Free(c1str);
-    PORT_Free(c2str);
-    if ( eq != SECSuccess ) {
-	return(PR_FALSE);
-    }
-
-#ifdef NOTDEF	
-    /* check orgUnit name */
-    /*
-     * We need to revisit this and decide which fields should be allowed to be
-     * different
-     */
-    c1str = CERT_GetOrgUnitName(&c1->subject);
-    c2str = CERT_GetOrgUnitName(&c2->subject);
-    eq = StringsEqual(c1str, c2str);
-    PORT_Free(c1str);
-    PORT_Free(c2str);
-    if ( eq != SECSuccess ) {
-	return(PR_FALSE);
-    }
-#endif
-
-    return(PR_TRUE); /* all fields but common name are the same */
-}
-
-
-/* CERT_CertChainFromCert and CERT_DestroyCertificateList moved
-   to certhigh.c */
-
-
-CERTIssuerAndSN *
-CERT_GetCertIssuerAndSN(PRArenaPool *arena, CERTCertificate *cert)
-{
-    CERTIssuerAndSN *result;
-    SECStatus rv;
-
-    if ( arena == NULL ) {
-	arena = cert->arena;
-    }
-    
-    result = (CERTIssuerAndSN*)PORT_ArenaZAlloc(arena, sizeof(*result));
-    if (result == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    rv = SECITEM_CopyItem(arena, &result->derIssuer, &cert->derIssuer);
-    if (rv != SECSuccess)
-	return NULL;
-
-    rv = CERT_CopyName(arena, &result->issuer, &cert->issuer);
-    if (rv != SECSuccess)
-	return NULL;
-
-    rv = SECITEM_CopyItem(arena, &result->serialNumber, &cert->serialNumber);
-    if (rv != SECSuccess)
-	return NULL;
-
-    return result;
-}
-
-char *
-CERT_MakeCANickname(CERTCertificate *cert)
-{
-    char *firstname = NULL;
-    char *org = NULL;
-    char *nickname = NULL;
-    int count;
-    CERTCertificate *dummycert;
-    CERTCertDBHandle *handle;
-    
-    handle = cert->dbhandle;
-    
-    nickname = CERT_GetNickName(cert, handle, cert->arena);
-    if (nickname == NULL) {
-	firstname = CERT_GetCommonName(&cert->subject);
-	if ( firstname == NULL ) {
-	    firstname = CERT_GetOrgUnitName(&cert->subject);
-	}
-
-	org = CERT_GetOrgName(&cert->issuer);
-	if (org == NULL) {
-	    org = CERT_GetDomainComponentName(&cert->issuer);
-	    if (org == NULL) {
-		if (firstname) {
-		    org = firstname;
-		    firstname = NULL;
-		} else {
-		    org = PORT_Strdup("Unknown CA");
-		}
-	    }
-	}
-
-	/* can only fail if PORT_Strdup fails, in which case
-	 * we're having memory problems. */
-	if (org == NULL) {
-	    goto loser;
-	}
-
-    
-	count = 1;
-	while ( 1 ) {
-
-	    if ( firstname ) {
-		if ( count == 1 ) {
-		    nickname = PR_smprintf("%s - %s", firstname, org);
-		} else {
-		    nickname = PR_smprintf("%s - %s #%d", firstname, org, count);
-		}
-	    } else {
-		if ( count == 1 ) {
-		    nickname = PR_smprintf("%s", org);
-		} else {
-		    nickname = PR_smprintf("%s #%d", org, count);
-		}
-	    }
-	    if ( nickname == NULL ) {
-		goto loser;
-	    }
-
-	    /* look up the nickname to make sure it isn't in use already */
-	    dummycert = CERT_FindCertByNickname(handle, nickname);
-
-	    if ( dummycert == NULL ) {
-		goto done;
-	    }
-	
-	    /* found a cert, destroy it and loop */
-	    CERT_DestroyCertificate(dummycert);
-
-	    /* free the nickname */
-	    PORT_Free(nickname);
-
-	    count++;
-	}
-    }
-loser:
-    if ( nickname ) {
-	PORT_Free(nickname);
-    }
-
-    nickname = "";
-    
-done:
-    if ( firstname ) {
-	PORT_Free(firstname);
-    }
-    if ( org ) {
-	PORT_Free(org);
-    }
-    
-    return(nickname);
-}
-
-/* CERT_Import_CAChain moved to certhigh.c */
-
-void
-CERT_DestroyCrl (CERTSignedCrl *crl)
-{
-    SEC_DestroyCrl (crl);
-}
-
-
-
-/*
- * Does a cert belong to a CA?  We decide based on perm database trust
- * flags, Netscape Cert Type Extension, and KeyUsage Extension.
- */
-PRBool
-CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype)
-{
-    CERTCertTrust *trust;
-    SECStatus rv;
-    unsigned int type;
-    PRBool ret;
-
-    ret = PR_FALSE;
-    type = 0;
-    
-    if ( cert->trust && (cert->trust->sslFlags|cert->trust->emailFlags|
-				cert->trust->objectSigningFlags)) {
-	trust = cert->trust;
-	if ( ( ( trust->sslFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
-	   ( ( trust->sslFlags & CERTDB_TRUSTED_CA ) == CERTDB_TRUSTED_CA ) ) {
-	    ret = PR_TRUE;
-	    type |= NS_CERT_TYPE_SSL_CA;
-	}
-	
-	if ( ( ( trust->emailFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
-	  ( ( trust->emailFlags & CERTDB_TRUSTED_CA ) == CERTDB_TRUSTED_CA ) ) {
-	    ret = PR_TRUE;
-	    type |= NS_CERT_TYPE_EMAIL_CA;
-	}
-	
-	if ( ( ( trust->objectSigningFlags & CERTDB_VALID_CA ) 
-						== CERTDB_VALID_CA ) ||
-          ( ( trust->objectSigningFlags & CERTDB_TRUSTED_CA ) 
-						== CERTDB_TRUSTED_CA ) ) {
-	    ret = PR_TRUE;
-	    type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
-	}
-    } else {
-	if ( cert->nsCertType &
-	    ( NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA |
-	     NS_CERT_TYPE_OBJECT_SIGNING_CA ) ) {
-	    ret = PR_TRUE;
-	    type = (cert->nsCertType & NS_CERT_TYPE_CA);
-	} else {
-	    CERTBasicConstraints constraints;
-	    rv = CERT_FindBasicConstraintExten(cert, &constraints);
-	    if ( rv == SECSuccess ) {
-		if ( constraints.isCA ) {
-		    ret = PR_TRUE;
-		    type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
-		}
-	    } 
-	} 
-
-	/* finally check if it's a FORTEZZA V1 CA */
-	if (ret == PR_FALSE) {
-	    if (fortezzaIsCA(cert)) {
-		ret = PR_TRUE;
-		type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
-	    }
-	}
-    }
-    if ( rettype != NULL ) {
-	*rettype = type;
-    }
-    
-    return(ret);
-}
-
-PRBool
-CERT_IsCADERCert(SECItem *derCert, unsigned int *type) {
-    CERTCertificate *cert;
-    PRBool isCA;
-
-    /* This is okay -- only looks at extensions */
-    cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
-    if (cert == NULL) return PR_FALSE;
-
-    isCA = CERT_IsCACert(cert,type);
-    CERT_DestroyCertificate (cert);
-    return isCA;
-}
-
-
-/*
- * is certa newer than certb?  If one is expired, pick the other one.
- */
-PRBool
-CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb)
-{
-    PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
-    SECStatus rv;
-    PRBool newerbefore, newerafter;
-    
-    rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
-    if ( rv != SECSuccess ) {
-	return(PR_FALSE);
-    }
-    
-    rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
-    if ( rv != SECSuccess ) {
-	return(PR_TRUE);
-    }
-
-    newerbefore = PR_FALSE;
-    if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
-	newerbefore = PR_TRUE;
-    }
-
-    newerafter = PR_FALSE;
-    if ( LL_CMP(notAfterA, >, notAfterB) ) {
-	newerafter = PR_TRUE;
-    }
-    
-    if ( newerbefore && newerafter ) {
-	return(PR_TRUE);
-    }
-    
-    if ( ( !newerbefore ) && ( !newerafter ) ) {
-	return(PR_FALSE);
-    }
-
-    /* get current UTC time */
-    now = PR_Now();
-
-    if ( newerbefore ) {
-	/* cert A was issued after cert B, but expires sooner */
-	/* if A is expired, then pick B */
-	if ( LL_CMP(notAfterA, <, now ) ) {
-	    return(PR_FALSE);
-	}
-	return(PR_TRUE);
-    } else {
-	/* cert B was issued after cert A, but expires sooner */
-	/* if B is expired, then pick A */
-	if ( LL_CMP(notAfterB, <, now ) ) {
-	    return(PR_TRUE);
-	}
-	return(PR_FALSE);
-    }
-}
-
-void
-CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts)
-{
-    unsigned int i;
-    
-    if ( certs ) {
-	for ( i = 0; i < ncerts; i++ ) {
-	    if ( certs[i] ) {
-		CERT_DestroyCertificate(certs[i]);
-	    }
-	}
-
-	PORT_Free(certs);
-    }
-    
-    return;
-}
-
-char *
-CERT_FixupEmailAddr(char *emailAddr)
-{
-    char *retaddr;
-    char *str;
-
-    if ( emailAddr == NULL ) {
-	return(NULL);
-    }
-    
-    /* copy the string */
-    str = retaddr = PORT_Strdup(emailAddr);
-    if ( str == NULL ) {
-	return(NULL);
-    }
-    
-    /* make it lower case */
-    while ( *str ) {
-	*str = tolower( *str );
-	str++;
-    }
-    
-    return(retaddr);
-}
-
-/*
- * NOTE - don't allow encode of govt-approved or invisible bits
- */
-SECStatus
-CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts)
-{
-    int i;
-    unsigned int *pflags;
-    
-    trust->sslFlags = 0;
-    trust->emailFlags = 0;
-    trust->objectSigningFlags = 0;
-
-    pflags = &trust->sslFlags;
-    
-    for (i=0; i < PORT_Strlen(trusts); i++) {
-	switch (trusts[i]) {
-	  case 'p':
-	      *pflags = *pflags | CERTDB_VALID_PEER;
-	      break;
-
-	  case 'P':
-	      *pflags = *pflags | CERTDB_TRUSTED | CERTDB_VALID_PEER;
-	      break;
-
-	  case 'w':
-	      *pflags = *pflags | CERTDB_SEND_WARN;
-	      break;
-
-	  case 'c':
-	      *pflags = *pflags | CERTDB_VALID_CA;
-	      break;
-
-	  case 'T':
-	      *pflags = *pflags | CERTDB_TRUSTED_CLIENT_CA | CERTDB_VALID_CA;
-	      break;
-
-	  case 'C' :
-	      *pflags = *pflags | CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
-	      break;
-
-	  case 'u':
-	      *pflags = *pflags | CERTDB_USER;
-	      break;
-
-#ifdef DEBUG_NSSTEAM_ONLY
-	  case 'i':
-	      *pflags = *pflags | CERTDB_INVISIBLE_CA;
-	      break;
-	  case 'g':
-	      *pflags = *pflags | CERTDB_GOVT_APPROVED_CA;
-	      break;
-#endif /* DEBUG_NSSTEAM_ONLY */
-
-	  case ',':
-	      if ( pflags == &trust->sslFlags ) {
-		  pflags = &trust->emailFlags;
-	      } else {
-		  pflags = &trust->objectSigningFlags;
-	      }
-	      break;
-	  default:
-	      return SECFailure;
-	}
-    }
-
-    return SECSuccess;
-}
-
-static void
-EncodeFlags(char *trusts, unsigned int flags)
-{
-    if (flags & CERTDB_VALID_CA)
-	if (!(flags & CERTDB_TRUSTED_CA) &&
-	    !(flags & CERTDB_TRUSTED_CLIENT_CA))
-	    PORT_Strcat(trusts, "c");
-    if (flags & CERTDB_VALID_PEER)
-	if (!(flags & CERTDB_TRUSTED))
-	    PORT_Strcat(trusts, "p");
-    if (flags & CERTDB_TRUSTED_CA)
-	PORT_Strcat(trusts, "C");
-    if (flags & CERTDB_TRUSTED_CLIENT_CA)
-	PORT_Strcat(trusts, "T");
-    if (flags & CERTDB_TRUSTED)
-	PORT_Strcat(trusts, "P");
-    if (flags & CERTDB_USER)
-	PORT_Strcat(trusts, "u");
-    if (flags & CERTDB_SEND_WARN)
-	PORT_Strcat(trusts, "w");
-    if (flags & CERTDB_INVISIBLE_CA)
-	PORT_Strcat(trusts, "I");
-    if (flags & CERTDB_GOVT_APPROVED_CA)
-	PORT_Strcat(trusts, "G");
-    return;
-}
-
-char *
-CERT_EncodeTrustString(CERTCertTrust *trust)
-{
-    char tmpTrustSSL[32];
-    char tmpTrustEmail[32];
-    char tmpTrustSigning[32];
-    char *retstr = NULL;
-
-    if ( trust ) {
-	tmpTrustSSL[0] = '\0';
-	tmpTrustEmail[0] = '\0';
-	tmpTrustSigning[0] = '\0';
-    
-	EncodeFlags(tmpTrustSSL, trust->sslFlags);
-	EncodeFlags(tmpTrustEmail, trust->emailFlags);
-	EncodeFlags(tmpTrustSigning, trust->objectSigningFlags);
-    
-	retstr = PR_smprintf("%s,%s,%s", tmpTrustSSL, tmpTrustEmail,
-			     tmpTrustSigning);
-    }
-    
-    return(retstr);
-}
-
-/* in 3.4, this will only set trust */
-SECStatus
-CERT_SaveImportedCert(CERTCertificate *cert, SECCertUsage usage,
-		      PRBool caOnly, char *nickname)
-{
-    SECStatus rv;
-    PRBool saveit;
-    CERTCertTrust trust;
-    PRBool isCA;
-    unsigned int certtype;
-    
-    isCA = CERT_IsCACert(cert, NULL);
-    if ( caOnly && ( !isCA ) ) {
-	return(SECSuccess);
-    }
-    /* In NSS 3.4, certs are given zero trust upon import.  However, this
-    * function needs to set up default CA trust (CERTDB_VALID_CA), or
-    * PKCS#12 imported certs will not show up correctly.  In the case of a
-    * CA cert with zero trust, continue with this function.  But if the cert
-    * does already have some trust bits, exit and do not change them.
-    */
-    if (isCA && cert->trust && 
-        (cert->trust->sslFlags |
-         cert->trust->emailFlags |
-         cert->trust->objectSigningFlags)) {
-	return(SECSuccess);
-    }
-
-    saveit = PR_TRUE;
-    
-    PORT_Memset((void *)&trust, 0, sizeof(trust));
-
-    certtype = cert->nsCertType;
-
-    /* if no CA bits in cert type, then set all CA bits */
-    if ( isCA && ( ! ( certtype & NS_CERT_TYPE_CA ) ) ) {
-	certtype |= NS_CERT_TYPE_CA;
-    }
-
-    /* if no app bits in cert type, then set all app bits */
-    if ( ( !isCA ) && ( ! ( certtype & NS_CERT_TYPE_APP ) ) ) {
-	certtype |= NS_CERT_TYPE_APP;
-    }
-
-    switch ( usage ) {
-      case certUsageEmailSigner:
-      case certUsageEmailRecipient:
-	if ( isCA ) {
-	    if ( certtype & NS_CERT_TYPE_EMAIL_CA ) {
-		trust.emailFlags = CERTDB_VALID_CA;
-	    }
-	} else {
-	    if ( cert->emailAddr == NULL ) {
-		saveit = PR_FALSE;
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_EMAIL ) {
-		trust.emailFlags = CERTDB_VALID_PEER;
-		if ( ! ( cert->rawKeyUsage & KU_KEY_ENCIPHERMENT ) ) {
-		    /* don't save it if KeyEncipherment is not allowed */
-		    saveit = PR_FALSE;
-		}
-	    }
-	}
-	break;
-      case certUsageUserCertImport:
-	if ( isCA ) {
-	    if ( certtype & NS_CERT_TYPE_SSL_CA ) {
-		trust.sslFlags = CERTDB_VALID_CA;
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_EMAIL_CA ) {
-		trust.emailFlags = CERTDB_VALID_CA;
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING_CA ) {
-		trust.objectSigningFlags = CERTDB_VALID_CA;
-	    }
-	    
-	} else {
-	    if ( certtype & NS_CERT_TYPE_SSL_CLIENT ) {
-		trust.sslFlags = CERTDB_VALID_PEER;
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_EMAIL ) {
-		trust.emailFlags = CERTDB_VALID_PEER;
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING ) {
-		trust.objectSigningFlags = CERTDB_VALID_PEER;
-	    }
-	}
-	break;
-      case certUsageAnyCA:
-	trust.sslFlags = CERTDB_VALID_CA;
-	break;
-      case certUsageSSLCA:
-	trust.sslFlags = CERTDB_VALID_CA | 
-			CERTDB_TRUSTED_CA | CERTDB_TRUSTED_CLIENT_CA;
-	break;
-      default:	/* XXX added to quiet warnings; no other cases needed? */
-	break;
-    }
-
-    if ( saveit ) {
-	rv = CERT_ChangeCertTrust(cert->dbhandle, cert, &trust);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-
-    rv = SECSuccess;
-    goto done;
-
-loser:
-    rv = SECFailure;
-done:
-
-    return(rv);
-}
-
-SECStatus
-CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
-		 unsigned int ncerts, SECItem **derCerts,
-		 CERTCertificate ***retCerts, PRBool keepCerts,
-		 PRBool caOnly, char *nickname)
-{
-    int i;
-    CERTCertificate **certs = NULL;
-    SECStatus rv;
-    int fcerts = 0;
-
-    if ( ncerts ) {
-	certs = (CERTCertificate**)PORT_ZAlloc(sizeof(CERTCertificate *) * ncerts );
-	if ( certs == NULL ) {
-	    return(SECFailure);
-	}
-    
-	/* decode all of the certs into the temporary DB */
-	for ( i = 0, fcerts= 0; i < ncerts; i++) {
-	    certs[fcerts] = CERT_NewTempCertificate(certdb,
-	                                            derCerts[i],
-	                                            NULL,
-	                                            PR_FALSE,
-	                                            PR_TRUE);
-	    if (certs[fcerts]) fcerts++;
-	}
-
-	if ( keepCerts ) {
-	    for ( i = 0; i < fcerts; i++ ) {
-                char* canickname = NULL;
-                PRBool freeNickname = PR_FALSE;
-
-		SECKEY_UpdateCertPQG(certs[i]);
-                
-                if ( CERT_IsCACert(certs[i], NULL) ) {
-                    canickname = CERT_MakeCANickname(certs[i]);
-                    if ( canickname != NULL ) {
-                        freeNickname = PR_TRUE;
-                    }
-                }
-
-		if(CERT_IsCACert(certs[i], NULL) && (fcerts > 1)) {
-		    /* if we are importing only a single cert and specifying
-		     * a nickname, we want to use that nickname if it a CA,
-		     * otherwise if there are more than one cert, we don't
-		     * know which cert it belongs to. But we still may try
-                     * the individual canickname from the cert itself.
-		     */
-		    rv = CERT_AddTempCertToPerm(certs[i], canickname, NULL);
-		} else {
-		    rv = CERT_AddTempCertToPerm(certs[i],
-                                                nickname?nickname:canickname, NULL);
-		}
-		if (rv == SECSuccess) {
-		    CERT_SaveImportedCert(certs[i], usage, caOnly, NULL);
-		}
-
-                if (PR_TRUE == freeNickname) {
-                    PORT_Free(canickname);
-                }
-		/* don't care if it fails - keep going */
-	    }
-	}
-    }
-
-    if ( retCerts ) {
-	*retCerts = certs;
-    } else {
-	if (certs) {
-	    CERT_DestroyCertArray(certs, fcerts);
-	}
-    }
-
-    return(SECSuccess);
-    
-#if 0	/* dead code here - why ?? XXX */
-loser:
-    if ( retCerts ) {
-	*retCerts = NULL;
-    }
-    if ( certs ) {
-	CERT_DestroyCertArray(certs, ncerts);
-    }    
-    return(SECFailure);
-#endif
-}
-
-/*
- * a real list of certificates - need to convert CERTCertificateList
- * stuff and ASN 1 encoder/decoder over to using this...
- */
-CERTCertList *
-CERT_NewCertList(void)
-{
-    PRArenaPool *arena = NULL;
-    CERTCertList *ret = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    ret = (CERTCertList *)PORT_ArenaZAlloc(arena, sizeof(CERTCertList));
-    if ( ret == NULL ) {
-	goto loser;
-    }
-    
-    ret->arena = arena;
-    
-    PR_INIT_CLIST(&ret->list);
-    
-    return(ret);
-
-loser:
-    if ( arena != NULL ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-void
-CERT_DestroyCertList(CERTCertList *certs)
-{
-    PRCList *node;
-
-    while( !PR_CLIST_IS_EMPTY(&certs->list) ) {
-	node = PR_LIST_HEAD(&certs->list);
-	CERT_DestroyCertificate(((CERTCertListNode *)node)->cert);
-	PR_REMOVE_LINK(node);
-    }
-    
-    PORT_FreeArena(certs->arena, PR_FALSE);
-    
-    return;
-}
-
-void
-CERT_RemoveCertListNode(CERTCertListNode *node)
-{
-    CERT_DestroyCertificate(node->cert);
-    PR_REMOVE_LINK(&node->links);
-    return;
-}
-
-
-SECStatus
-CERT_AddCertToListTailWithData(CERTCertList *certs, 
-				CERTCertificate *cert, void *appData)
-{
-    CERTCertListNode *node;
-    
-    node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
-						sizeof(CERTCertListNode));
-    if ( node == NULL ) {
-	goto loser;
-    }
-    
-    PR_INSERT_BEFORE(&node->links, &certs->list);
-    /* certs->count++; */
-    node->cert = cert;
-    node->appData = appData;
-    return(SECSuccess);
-    
-loser:
-    return(SECFailure);
-}
-
-SECStatus
-CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert)
-{
-    return CERT_AddCertToListTailWithData(certs, cert, NULL);
-}
-
-SECStatus
-CERT_AddCertToListHeadWithData(CERTCertList *certs, 
-					CERTCertificate *cert, void *appData)
-{
-    CERTCertListNode *node;
-    CERTCertListNode *head;
-    
-    head = CERT_LIST_HEAD(certs);
-
-    if (head == NULL) return CERT_AddCertToListTail(certs,cert);
-
-    node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
-						sizeof(CERTCertListNode));
-    if ( node == NULL ) {
-	goto loser;
-    }
-    
-    PR_INSERT_BEFORE(&node->links, &head->links);
-    /* certs->count++; */
-    node->cert = cert;
-    node->appData = appData;
-    return(SECSuccess);
-    
-loser:
-    return(SECFailure);
-}
-
-SECStatus
-CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert)
-{
-    return CERT_AddCertToListHeadWithData(certs, cert, NULL);
-}
-
-/*
- * Sort callback function to determine if cert a is newer than cert b.
- * Not valid certs are considered older than valid certs.
- */
-PRBool
-CERT_SortCBValidity(CERTCertificate *certa,
-		    CERTCertificate *certb,
-		    void *arg)
-{
-    PRTime sorttime;
-    PRTime notBeforeA, notAfterA, notBeforeB, notAfterB;
-    SECStatus rv;
-    PRBool newerbefore, newerafter;
-    PRBool aNotValid = PR_FALSE, bNotValid = PR_FALSE;
-
-    sorttime = *(PRTime *)arg;
-    
-    rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
-    if ( rv != SECSuccess ) {
-	return(PR_FALSE);
-    }
-    
-    rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
-    if ( rv != SECSuccess ) {
-	return(PR_TRUE);
-    }
-    newerbefore = PR_FALSE;
-    if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
-	newerbefore = PR_TRUE;
-    }
-    newerafter = PR_FALSE;
-    if ( LL_CMP(notAfterA, >, notAfterB) ) {
-	newerafter = PR_TRUE;
-    }
-
-    /* check if A is valid at sorttime */
-    if ( CERT_CheckCertValidTimes(certa, sorttime, PR_FALSE)
-	!= secCertTimeValid ) {
-	aNotValid = PR_TRUE;
-    }
-
-    /* check if B is valid at sorttime */
-    if ( CERT_CheckCertValidTimes(certb, sorttime, PR_FALSE)
-	!= secCertTimeValid ) {
-	bNotValid = PR_TRUE;
-    }
-
-    /* a is valid, b is not */
-    if ( bNotValid && ( ! aNotValid ) ) {
-	return(PR_TRUE);
-    }
-
-    /* b is valid, a is not */
-    if ( aNotValid && ( ! bNotValid ) ) {
-	return(PR_FALSE);
-    }
-    
-    /* a and b are either valid or not valid */
-    if ( newerbefore && newerafter ) {
-	return(PR_TRUE);
-    }
-    
-    if ( ( !newerbefore ) && ( !newerafter ) ) {
-	return(PR_FALSE);
-    }
-
-    if ( newerbefore ) {
-	/* cert A was issued after cert B, but expires sooner */
-	return(PR_TRUE);
-    } else {
-	/* cert B was issued after cert A, but expires sooner */
-	return(PR_FALSE);
-    }
-}
-
-
-SECStatus
-CERT_AddCertToListSorted(CERTCertList *certs,
-			 CERTCertificate *cert,
-			 CERTSortCallback f,
-			 void *arg)
-{
-    CERTCertListNode *node;
-    CERTCertListNode *head;
-    PRBool ret;
-    
-    node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
-						sizeof(CERTCertListNode));
-    if ( node == NULL ) {
-	goto loser;
-    }
-    
-    head = CERT_LIST_HEAD(certs);
-    
-    while ( !CERT_LIST_END(head, certs) ) {
-
-	/* if cert is already in the list, then don't add it again */
-	if ( cert == head->cert ) {
-	    /*XXX*/
-	    /* don't keep a reference */
-	    CERT_DestroyCertificate(cert);
-	    goto done;
-	}
-	
-	ret = (* f)(cert, head->cert, arg);
-	/* if sort function succeeds, then insert before current node */
-	if ( ret ) {
-	    PR_INSERT_BEFORE(&node->links, &head->links);
-	    goto done;
-	}
-
-	head = CERT_LIST_NEXT(head);
-    }
-    /* if we get to the end, then just insert it at the tail */
-    PR_INSERT_BEFORE(&node->links, &certs->list);
-
-done:    
-    /* certs->count++; */
-    node->cert = cert;
-    return(SECSuccess);
-    
-loser:
-    return(SECFailure);
-}
-
-/* This routine is here because pcertdb.c still has a call to it.
- * The SMIME profile code in pcertdb.c should be split into high (find
- * the email cert) and low (store the profile) code.  At that point, we
- * can move this to certhigh.c where it belongs.
- *
- * remove certs from a list that don't have keyUsage and certType
- * that match the given usage.
- */
-SECStatus
-CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
-			   PRBool ca)
-{
-    unsigned int requiredKeyUsage;
-    unsigned int requiredCertType;
-    CERTCertListNode *node, *savenode;
-    PRBool bad;
-    SECStatus rv;
-    unsigned int certType;
-    PRBool dummyret;
-    
-    if (certList == NULL) goto loser;
-
-    rv = CERT_KeyUsageAndTypeForCertUsage(usage, ca, &requiredKeyUsage,
-					  &requiredCertType);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    node = CERT_LIST_HEAD(certList);
-	
-    while ( !CERT_LIST_END(node, certList) ) {
-
-	bad = PR_FALSE;
-
-	/* bad key usage */
-	if ( CERT_CheckKeyUsage(node->cert, requiredKeyUsage )
-	    != SECSuccess ) {
-	    bad = PR_TRUE;
-	}
-	/* bad cert type */
-	if ( ca ) {
-	    /* This function returns a more comprehensive cert type that
-	     * takes trust flags into consideration.  Should probably
-	     * fix the cert decoding code to do this.
-	     */
-	    dummyret = CERT_IsCACert(node->cert, &certType);
-	} else {
-	    certType = node->cert->nsCertType;
-	}
-	
-	if ( ! ( certType & requiredCertType ) ) {
-	    bad = PR_TRUE;
-	}
-
-	if ( bad ) {
-	    /* remove the node if it is bad */
-	    savenode = CERT_LIST_NEXT(node);
-	    CERT_RemoveCertListNode(node);
-	    node = savenode;
-	} else {
-	    node = CERT_LIST_NEXT(node);
-	}
-    }
-    return(SECSuccess);
-    
-loser:
-    return(SECFailure);
-}
-
-static PZLock *certRefCountLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertRefCount(CERTCertificate *cert)
-{
-    if ( certRefCountLock == NULL ) {
-	nss_InitLock(&certRefCountLock, nssILockRefLock);
-	PORT_Assert(certRefCountLock != NULL);
-    }
-    
-    PZ_Lock(certRefCountLock);
-    return;
-}
-
-/*
- * Free the cert reference count lock
- */
-void
-CERT_UnlockCertRefCount(CERTCertificate *cert)
-{
-    PRStatus prstat;
-
-    PORT_Assert(certRefCountLock != NULL);
-    
-    prstat = PZ_Unlock(certRefCountLock);
-    
-    PORT_Assert(prstat == PR_SUCCESS);
-
-    return;
-}
-
-static PZLock *certTrustLock = NULL;
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertTrust(CERTCertificate *cert)
-{
-    if ( certTrustLock == NULL ) {
-	nss_InitLock(&certTrustLock, nssILockCertDB);
-	PORT_Assert(certTrustLock != NULL);
-    }
-    
-    PZ_Lock(certTrustLock);
-    return;
-}
-
-/*
- * Free the cert trust lock
- */
-void
-CERT_UnlockCertTrust(CERTCertificate *cert)
-{
-    PRStatus prstat;
-
-    PORT_Assert(certTrustLock != NULL);
-    
-    prstat = PZ_Unlock(certTrustLock);
-    
-    PORT_Assert(prstat == PR_SUCCESS);
-
-    return;
-}
-
-
-/*
- * Get the StatusConfig data for this handle
- */
-CERTStatusConfig *
-CERT_GetStatusConfig(CERTCertDBHandle *handle)
-{
-  return handle->statusConfig;
-}
-
-/*
- * Set the StatusConfig data for this handle.  There
- * should not be another configuration set.
- */
-void
-CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *statusConfig)
-{
-  PORT_Assert(handle->statusConfig == NULL);
-  handle->statusConfig = statusConfig;
-}
diff --git a/security/nss/lib/certdb/certdb.h b/security/nss/lib/certdb/certdb.h
deleted file mode 100644
index 7340961c2..000000000
--- a/security/nss/lib/certdb/certdb.h
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CERTDB_H_
-#define _CERTDB_H_
-
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER	(1<<0)
-#define CERTDB_TRUSTED		(1<<1)
-#define CERTDB_SEND_WARN	(1<<2)
-#define CERTDB_VALID_CA		(1<<3)
-#define CERTDB_TRUSTED_CA	(1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA	(1<<5)
-#define CERTDB_USER		(1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA	(1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA	(1<<9) /* can do strong crypto in export ver */
-
-
-SEC_BEGIN_PROTOS
-
-CERTSignedCrl *
-SEC_FindCrlByKey(CERTCertDBHandle *handle, SECItem *crlKey, int type);
-
-CERTSignedCrl *
-SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type);
-
-CERTSignedCrl *
-SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type);
-
-PRBool
-SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
-			 CERTCertDBHandle *handle);
-CERTSignedCrl *
-SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type);
-
-SECStatus
-SEC_DeletePermCRL(CERTSignedCrl *crl);
-
-
-SECStatus
-SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type);
-
-SECStatus 
-SEC_DestroyCrl(CERTSignedCrl *crl);
-
-SECStatus
-CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
-		       CERTCertTrust *trust);
-
-SECStatus SEC_DeletePermCertificate(CERTCertificate *cert);
-
-PRBool
-SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old);
-
-SECCertTimeValidity
-SEC_CheckCrlTimes(CERTCrl *crl, PRTime t);
-
-#ifdef notdef
-/*
-** Add a DER encoded certificate to the permanent database.
-**	"derCert" is the DER encoded certificate.
-**	"nickname" is the nickname to use for the cert
-**	"trust" is the trust parameters for the cert
-*/
-SECStatus SEC_AddPermCertificate(PCERTCertDBHandle *handle, SECItem *derCert,
-				char *nickname, PCERTCertTrust *trust);
-
-certDBEntryCert *
-SEC_FindPermCertByKey(PCERTCertDBHandle *handle, SECItem *certKey);
-
-certDBEntryCert
-*SEC_FindPermCertByName(PCERTCertDBHandle *handle, SECItem *name);
-
-SECStatus SEC_OpenPermCertDB(PCERTCertDBHandle *handle,
-			     PRBool readOnly,
-			     PCERTDBNameFunc namecb,
-			     void *cbarg);
-
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(PCERTCertificate *cert,
-                                                   SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-**	"certfunc" is the user function to call for each certificate
-**	"udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-PCERT_TraversePermCerts(PCERTCertDBHandle *handle,
-		      PermCertCallback certfunc,
-		      void *udata );
-
-SECStatus
-SEC_AddTempNickname(PCERTCertDBHandle *handle, char *nickname, SECItem *certKey);
-
-SECStatus
-SEC_DeleteTempNickname(PCERTCertDBHandle *handle, char *nickname);
-
-
-PRBool
-SEC_CertDBKeyConflict(SECItem *derCert, PCERTCertDBHandle *handle);
-
-SECStatus
-SEC_GetCrlTimes(PCERTCrl *dates, PRTime *notBefore, PRTime *notAfter);
-
-PCERTSignedCrl *
-SEC_AddPermCrlToTemp(PCERTCertDBHandle *handle, certDBEntryRevocation *entry);
-
-SECStatus
-SEC_DeleteTempCrl(PCERTSignedCrl *crl);
-
-
-SECStatus
-SEC_CheckKRL(PCERTCertDBHandle *handle,SECKEYLowPublicKey *key,
-	     PCERTCertificate *rootCert, int64 t, void *wincx);
-
-SECStatus
-SEC_CheckCRL(PCERTCertDBHandle *handle,PCERTCertificate *cert,
-	     PCERTCertificate *caCert, int64 t, void *wincx);
-
-SECStatus
-SEC_CrlReplaceUrl(PCERTSignedCrl *crl,char *url);
-#endif
-
-SEC_END_PROTOS
-
-#endif /* _CERTDB_H_ */
diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h
deleted file mode 100644
index 3f70dcc84..000000000
--- a/security/nss/lib/certdb/certt.h
+++ /dev/null
@@ -1,829 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _CERTT_H_
-#define _CERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secmodt.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-/* Stan data types */
-struct NSSCertificateStr;
-struct NSSTrustDomainStr;
-
-/* Non-opaque objects */
-typedef struct CERTAVAStr                        CERTAVA;
-typedef struct CERTAttributeStr                  CERTAttribute;
-typedef struct CERTAuthInfoAccessStr             CERTAuthInfoAccess;
-typedef struct CERTAuthKeyIDStr                  CERTAuthKeyID;
-typedef struct CERTBasicConstraintsStr           CERTBasicConstraints;
-#ifdef NSS_CLASSIC
-typedef struct CERTCertDBHandleStr               CERTCertDBHandle;
-#else
-typedef struct NSSTrustDomainStr                 CERTCertDBHandle;
-#endif
-typedef struct CERTCertExtensionStr              CERTCertExtension;
-typedef struct CERTCertKeyStr                    CERTCertKey;
-typedef struct CERTCertListStr                   CERTCertList;
-typedef struct CERTCertListNodeStr               CERTCertListNode;
-typedef struct CERTCertNicknamesStr              CERTCertNicknames;
-typedef struct CERTCertTrustStr                  CERTCertTrust;
-typedef struct CERTCertificateStr                CERTCertificate;
-typedef struct CERTCertificateListStr            CERTCertificateList;
-typedef struct CERTCertificateRequestStr         CERTCertificateRequest;
-typedef struct CERTCrlStr                        CERTCrl;
-typedef struct CERTCrlDistributionPointsStr      CERTCrlDistributionPoints; 
-typedef struct CERTCrlEntryStr                   CERTCrlEntry;
-typedef struct CERTCrlHeadNodeStr                CERTCrlHeadNode;
-typedef struct CERTCrlKeyStr                     CERTCrlKey;
-typedef struct CERTCrlNodeStr                    CERTCrlNode;
-typedef struct CERTDERCertsStr                   CERTDERCerts;
-typedef struct CERTDistNamesStr                  CERTDistNames;
-typedef struct CERTGeneralNameStr                CERTGeneralName;
-typedef struct CERTGeneralNameListStr            CERTGeneralNameList;
-typedef struct CERTIssuerAndSNStr                CERTIssuerAndSN;
-typedef struct CERTNameStr                       CERTName;
-typedef struct CERTNameConstraintStr             CERTNameConstraint;
-typedef struct CERTNameConstraintsStr            CERTNameConstraints;
-typedef struct CERTOKDomainNameStr               CERTOKDomainName;
-typedef struct CERTPublicKeyAndChallengeStr      CERTPublicKeyAndChallenge;
-typedef struct CERTRDNStr                        CERTRDN;
-typedef struct CERTSignedCrlStr                  CERTSignedCrl;
-typedef struct CERTSignedDataStr                 CERTSignedData;
-typedef struct CERTStatusConfigStr               CERTStatusConfig;
-typedef struct CERTSubjectListStr                CERTSubjectList;
-typedef struct CERTSubjectNodeStr                CERTSubjectNode;
-typedef struct CERTSubjectPublicKeyInfoStr       CERTSubjectPublicKeyInfo;
-typedef struct CERTValidityStr                   CERTValidity;
-typedef struct CERTVerifyLogStr                  CERTVerifyLog;
-typedef struct CERTVerifyLogNodeStr              CERTVerifyLogNode;
-typedef struct CRLDistributionPointStr           CRLDistributionPoint;
-
-/* CRL extensions type */
-typedef unsigned long CERTCrlNumber;
-
-/*
-** An X.500 AVA object
-*/
-struct CERTAVAStr {
-    SECItem type;
-    SECItem value;
-};
-
-/*
-** An X.500 RDN object
-*/
-struct CERTRDNStr {
-    CERTAVA **avas;
-};
-
-/*
-** An X.500 name object
-*/
-struct CERTNameStr {
-    PRArenaPool *arena;
-    CERTRDN **rdns;
-};
-
-/*
-** An X.509 validity object
-*/
-struct CERTValidityStr {
-    PRArenaPool *arena;
-    SECItem notBefore;
-    SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct CERTCertKeyStr {
-    SECItem serialNumber;
-    SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct CERTSignedDataStr {
-    SECItem data;
-    SECAlgorithmID signatureAlgorithm;
-    SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct CERTSubjectPublicKeyInfoStr {
-    PRArenaPool *arena;
-    SECAlgorithmID algorithm;
-    SECItem subjectPublicKey;
-};
-
-struct CERTPublicKeyAndChallengeStr {
-    SECItem spki;
-    SECItem challenge;
-};
-
-struct CERTCertTrustStr {
-    unsigned int sslFlags;
-    unsigned int emailFlags;
-    unsigned int objectSigningFlags;
-};
-
-/*
- * defined the types of trust that exist
- */
-typedef enum SECTrustTypeEnum {
-    trustSSL = 0,
-    trustEmail = 1,
-    trustObjectSigning = 2,
-    trustTypeNone = 3
-} SECTrustType;
-
-#define SEC_GET_TRUST_FLAGS(trust,type) \
-        (((type)==trustSSL)?((trust)->sslFlags): \
-	 (((type)==trustEmail)?((trust)->emailFlags): \
-	  (((type)==trustObjectSigning)?((trust)->objectSigningFlags):0)))
-
-/*
-** An X.509.3 certificate extension
-*/
-struct CERTCertExtensionStr {
-    SECItem id;
-    SECItem critical;
-    SECItem value;
-};
-
-struct CERTSubjectNodeStr {
-    struct CERTSubjectNodeStr *next;
-    struct CERTSubjectNodeStr *prev;
-    SECItem certKey;
-    SECItem keyID;
-};
-
-struct CERTSubjectListStr {
-    PRArenaPool *arena;
-    int ncerts;
-    char *emailAddr;
-    CERTSubjectNode *head;
-    CERTSubjectNode *tail; /* do we need tail? */
-    void *entry;
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct CERTCertificateStr {
-    /* the arena is used to allocate any data structures that have the same
-     * lifetime as the cert.  This is all stuff that hangs off of the cert
-     * structure, and is all freed at the same time.  I is used when the
-     * cert is decoded, destroyed, and at some times when it changes
-     * state
-     */
-    PRArenaPool *arena;
-
-    /* The following fields are static after the cert has been decoded */
-    char *subjectName;
-    char *issuerName;
-    CERTSignedData signatureWrap;	/* XXX */
-    SECItem derCert;			/* original DER for the cert */
-    SECItem derIssuer;			/* DER for issuer name */
-    SECItem derSubject;			/* DER for subject name */
-    SECItem derPublicKey;		/* DER for the public key */
-    SECItem certKey;			/* database key for this cert */
-    SECItem version;
-    SECItem serialNumber;
-    SECAlgorithmID signature;
-    CERTName issuer;
-    CERTValidity validity;
-    CERTName subject;
-    CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
-    SECItem issuerID;
-    SECItem subjectID;
-    CERTCertExtension **extensions;
-    char *emailAddr;
-    CERTCertDBHandle *dbhandle;
-    SECItem subjectKeyID;	/* x509v3 subject key identifier */
-    PRBool keyIDGenerated;	/* was the keyid generated? */
-    unsigned int keyUsage;	/* what uses are allowed for this cert */
-    unsigned int rawKeyUsage;	/* value of the key usage extension */
-    PRBool keyUsagePresent;	/* was the key usage extension present */
-    unsigned int nsCertType;	/* value of the ns cert type extension */
-
-    /* these values can be set by the application to bypass certain checks
-     * or to keep the cert in memory for an entire session.
-     * XXX - need an api to set these
-     */
-    PRBool keepSession;			/* keep this cert for entire session*/
-    PRBool timeOK;			/* is the bad validity time ok? */
-    CERTOKDomainName *domainOK;		/* these domain names are ok */
-
-    /*
-     * these values can change when the cert changes state.  These state
-     * changes include transitions from temp to perm or vice-versa, and
-     * changes of trust flags
-     */
-    PRBool isperm;
-    PRBool istemp;
-    char *nickname;
-    char *dbnickname;
-    struct NSSCertificateStr *nssCertificate;	/* This is Stan stuff. */
-    CERTCertTrust *trust;
-
-    /* the reference count is modified whenever someone looks up, dups
-     * or destroys a certificate
-     */
-    int referenceCount;
-
-    /* The subject list is a list of all certs with the same subject name.
-     * It can be modified any time a cert is added or deleted from either
-     * the in-memory(temporary) or on-disk(permanent) database.
-     */
-    CERTSubjectList *subjectList;
-
-    /* these fields are used by client GUI code to keep track of ssl sockets
-     * that are blocked waiting on GUI feedback related to this cert.
-     * XXX - these should be moved into some sort of application specific
-     *       data structure.  They are only used by the browser right now.
-     */
-    struct SECSocketNode *socketlist;
-    int socketcount;
-    struct SECSocketNode *authsocketlist;
-    int authsocketcount;
-
-    /* This is PKCS #11 stuff. */
-    PK11SlotInfo *slot;		/*if this cert came of a token, which is it*/
-    CK_OBJECT_HANDLE pkcs11ID;	/*and which object on that token is it */
-    PRBool ownSlot;		/*true if the cert owns the slot reference */
-};
-#define SEC_CERTIFICATE_VERSION_1		0	/* default created */
-#define SEC_CERTIFICATE_VERSION_2		1	/* v2 */
-#define SEC_CERTIFICATE_VERSION_3		2	/* v3 extensions */
-
-#define SEC_CRL_VERSION_1		0	/* default */
-#define SEC_CRL_VERSION_2		1	/* v2 extensions */
-
-/*
- * used to identify class of cert in mime stream code
- */
-#define SEC_CERT_CLASS_CA	1
-#define SEC_CERT_CLASS_SERVER	2
-#define SEC_CERT_CLASS_USER	3
-#define SEC_CERT_CLASS_EMAIL	4
-
-struct CERTDERCertsStr {
-    PRArenaPool *arena;
-    int numcerts;
-    SECItem *rawCerts;
-};
-
-/*
-** A PKCS ? Attribute
-** XXX this is duplicated through out the code, it *should* be moved
-** to a central location.  Where would be appropriate?
-*/
-struct CERTAttributeStr {
-    SECItem attrType;
-    SECItem **attrValue;
-};
-
-/*
-** A PKCS#10 certificate-request object (the unsigned form)
-*/
-struct CERTCertificateRequestStr {
-    PRArenaPool *arena;
-    SECItem version;
-    CERTName subject;
-    CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
-    SECItem **attributes;
-};
-#define SEC_CERTIFICATE_REQUEST_VERSION		0	/* what we *create* */
-
-
-/*
-** A certificate list object.
-*/
-struct CERTCertificateListStr {
-    SECItem *certs;
-    int len;					/* number of certs */
-    PRArenaPool *arena;
-};
-
-struct CERTCertListNodeStr {
-    PRCList links;
-    CERTCertificate *cert;
-    void *appData;
-};
-
-struct CERTCertListStr {
-    PRCList list;
-    PRArenaPool *arena;
-};
-
-#define CERT_LIST_HEAD(l) ((CERTCertListNode *)PR_LIST_HEAD(&l->list))
-#define CERT_LIST_NEXT(n) ((CERTCertListNode *)n->links.next)
-#define CERT_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-struct CERTCrlEntryStr {
-    SECItem serialNumber;
-    SECItem revocationDate;
-    CERTCertExtension **extensions;    
-};
-
-struct CERTCrlStr {
-    PRArenaPool *arena;
-    SECItem version;
-    SECAlgorithmID signatureAlg;
-    SECItem derName;
-    CERTName name;
-    SECItem lastUpdate;
-    SECItem nextUpdate;				/* optional for x.509 CRL  */
-    CERTCrlEntry **entries;
-    CERTCertExtension **extensions;    
-};
-
-struct CERTCrlKeyStr {
-    SECItem derName;
-    SECItem dummy;			/* The decoder can not skip a primitive,
-					   this serves as a place holder for the
-					   decoder to finish its task only
-					*/
-};
-
-struct CERTSignedCrlStr {
-    PRArenaPool *arena;
-    CERTCrl crl;
-    void *reserved1;
-    PRBool reserved2;
-    PRBool isperm;
-    PRBool istemp;
-    int referenceCount;
-    CERTCertDBHandle *dbhandle;
-    CERTSignedData signatureWrap;	/* XXX */
-    char *url;
-    SECItem *derCrl;
-    PK11SlotInfo *slot;
-    CK_OBJECT_HANDLE pkcs11ID;
-};
-
-
-struct CERTCrlHeadNodeStr {
-    PRArenaPool *arena;
-    CERTCertDBHandle *dbhandle;
-    CERTCrlNode *first;
-    CERTCrlNode *last;
-};
-
-
-struct CERTCrlNodeStr {
-    CERTCrlNode *next;
-    int 	type;
-    CERTSignedCrl *crl;
-};
-
-
-/*
- * Array of X.500 Distinguished Names
- */
-struct CERTDistNamesStr {
-    PRArenaPool *arena;
-    int nnames;
-    SECItem  *names;
-    void *head; /* private */
-};
-
-
-#define NS_CERT_TYPE_SSL_CLIENT		(0x80)	/* bit 0 */
-#define NS_CERT_TYPE_SSL_SERVER		(0x40)  /* bit 1 */
-#define NS_CERT_TYPE_EMAIL		(0x20)  /* bit 2 */
-#define NS_CERT_TYPE_OBJECT_SIGNING	(0x10)  /* bit 3 */
-#define NS_CERT_TYPE_RESERVED		(0x08)  /* bit 4 */
-#define NS_CERT_TYPE_SSL_CA		(0x04)  /* bit 5 */
-#define NS_CERT_TYPE_EMAIL_CA		(0x02)  /* bit 6 */
-#define NS_CERT_TYPE_OBJECT_SIGNING_CA	(0x01)  /* bit 7 */
-
-#define EXT_KEY_USAGE_TIME_STAMP        (0x8000)
-#define EXT_KEY_USAGE_STATUS_RESPONDER	(0x4000)
-
-#define NS_CERT_TYPE_APP ( NS_CERT_TYPE_SSL_CLIENT | \
-			  NS_CERT_TYPE_SSL_SERVER | \
-			  NS_CERT_TYPE_EMAIL | \
-			  NS_CERT_TYPE_OBJECT_SIGNING )
-
-#define NS_CERT_TYPE_CA ( NS_CERT_TYPE_SSL_CA | \
-			 NS_CERT_TYPE_EMAIL_CA | \
-			 NS_CERT_TYPE_OBJECT_SIGNING_CA | \
-			 EXT_KEY_USAGE_STATUS_RESPONDER )
-typedef enum SECCertUsageEnum {
-    certUsageSSLClient = 0,
-    certUsageSSLServer = 1,
-    certUsageSSLServerWithStepUp = 2,
-    certUsageSSLCA = 3,
-    certUsageEmailSigner = 4,
-    certUsageEmailRecipient = 5,
-    certUsageObjectSigner = 6,
-    certUsageUserCertImport = 7,
-    certUsageVerifyCA = 8,
-    certUsageProtectedObjectSigner = 9,
-    certUsageStatusResponder = 10,
-    certUsageAnyCA = 11
-} SECCertUsage;
-
-/*
- * Does the cert belong to the user, a peer, or a CA.
- */
-typedef enum CERTCertOwnerEnum {
-    certOwnerUser = 0,
-    certOwnerPeer = 1,
-    certOwnerCA = 2
-} CERTCertOwner;
-
-/*
- * This enum represents the state of validity times of a certificate
- */
-typedef enum SECCertTimeValidityEnum {
-    secCertTimeValid = 0,
-    secCertTimeExpired = 1,
-    secCertTimeNotValidYet = 2
-} SECCertTimeValidity;
-
-/*
- * Interface for getting certificate nickname strings out of the database
- */
-
-/* these are values for the what argument below */
-#define SEC_CERT_NICKNAMES_ALL		1
-#define SEC_CERT_NICKNAMES_USER		2
-#define SEC_CERT_NICKNAMES_SERVER	3
-#define SEC_CERT_NICKNAMES_CA		4
-
-struct CERTCertNicknamesStr {
-    PRArenaPool *arena;
-    void *head;
-    int numnicknames;
-    char **nicknames;
-    int what;
-    int totallen;
-};
-
-struct CERTIssuerAndSNStr {
-    SECItem derIssuer;
-    CERTName issuer;
-    SECItem serialNumber;
-};
-
-
-/* X.509 v3 Key Usage Extension flags */
-#define KU_DIGITAL_SIGNATURE		(0x80)	/* bit 0 */
-#define KU_NON_REPUDIATION		(0x40)  /* bit 1 */
-#define KU_KEY_ENCIPHERMENT		(0x20)  /* bit 2 */
-#define KU_DATA_ENCIPHERMENT		(0x10)  /* bit 3 */
-#define KU_KEY_AGREEMENT		(0x08)  /* bit 4 */
-#define KU_KEY_CERT_SIGN		(0x04)  /* bit 5 */
-#define KU_CRL_SIGN			(0x02)  /* bit 6 */
-#define KU_ALL				(KU_DIGITAL_SIGNATURE | \
-					 KU_NON_REPUDIATION | \
-					 KU_KEY_ENCIPHERMENT | \
-					 KU_DATA_ENCIPHERMENT | \
-					 KU_KEY_AGREEMENT | \
-					 KU_KEY_CERT_SIGN | \
-					 KU_CRL_SIGN)
-
-/* This value will not occur in certs.  It is used internally for the case
- * when the key type is not know ahead of time and either key agreement or
- * key encipherment are the correct value based on key type
- */
-#define KU_KEY_AGREEMENT_OR_ENCIPHERMENT (0x4000)
-
-/* internal bits that do not match bits in the x509v3 spec, but are used
- * for similar purposes
- */
-#define KU_NS_GOVT_APPROVED		(0x8000) /*don't make part of KU_ALL!*/
-/*
- * x.509 v3 Basic Constraints Extension
- * If isCA is false, the pathLenConstraint is ignored.
- * Otherwise, the following pathLenConstraint values will apply:
- *	< 0 - there is no limit to the certificate path
- *	0   - CA can issues end-entity certificates only
- *	> 0 - the number of certificates in the certificate path is
- *	      limited to this number
- */
-#define CERT_UNLIMITED_PATH_CONSTRAINT -2
-
-struct CERTBasicConstraintsStr {
-    PRBool isCA;			/* on if is CA */
-    int pathLenConstraint;		/* maximum number of certificates that can be
-					   in the cert path.  Only applies to a CA
-					   certificate; otherwise, it's ignored.
-					 */
-};
-
-/* Maximum length of a certificate chain */
-#define CERT_MAX_CERT_CHAIN 20
-
-/* x.509 v3 Reason Falgs, used in CRLDistributionPoint Extension */
-#define RF_UNUSED			(0x80)	/* bit 0 */
-#define RF_KEY_COMPROMISE		(0x40)  /* bit 1 */
-#define RF_CA_COMPROMISE		(0x20)  /* bit 2 */
-#define RF_AFFILIATION_CHANGED		(0x10)  /* bit 3 */
-#define RF_SUPERSEDED			(0x08)  /* bit 4 */
-#define RF_CESSATION_OF_OPERATION	(0x04)  /* bit 5 */
-#define RF_CERTIFICATE_HOLD		(0x02)  /* bit 6 */
-
-/* If we needed to extract the general name field, use this */
-/* General Name types */
-typedef enum CERTGeneralNameTypeEnum {
-    certOtherName = 1,
-    certRFC822Name = 2,
-    certDNSName = 3,
-    certX400Address = 4,
-    certDirectoryName = 5,
-    certEDIPartyName = 6,
-    certURI = 7,
-    certIPAddress = 8,
-    certRegisterID = 9
-} CERTGeneralNameType;
-
-
-typedef struct OtherNameStr {
-    SECItem          name;
-    SECItem          oid;
-}OtherName;
-
-
-
-struct CERTGeneralNameStr {
-    CERTGeneralNameType type;		/* name type */
-    union {
-	CERTName directoryName;         /* distinguish name */
-	OtherName  OthName;		/* Other Name */
-	SECItem other;                  /* the rest of the name forms */
-    }name;
-    SECItem derDirectoryName;		/* this is saved to simplify directory name
-					   comparison */
-    PRCList l;
-};
-
-struct CERTGeneralNameListStr {
-    PRArenaPool *arena;
-    CERTGeneralName *name;
-    int refCount;
-    int len;
-    PZLock *lock;
-};
-
-struct CERTNameConstraintStr {
-    CERTGeneralName  name;
-    SECItem          DERName;
-    SECItem          min;
-    SECItem          max;
-    PRCList          l;
-};
-
-
-struct CERTNameConstraintsStr {
-    CERTNameConstraint  *permited;
-    CERTNameConstraint  *excluded;
-    SECItem             **DERPermited;
-    SECItem             **DERExcluded;
-};
-
-
-/* X.509 v3 Authority Key Identifier extension.  For the authority certificate
-   issuer field, we only support URI now.
- */
-struct CERTAuthKeyIDStr {
-    SECItem keyID;			/* unique key identifier */
-    CERTGeneralName *authCertIssuer;	/* CA's issuer name.  End with a NULL */
-    SECItem authCertSerialNumber;	/* CA's certificate serial number */
-    SECItem **DERAuthCertIssuer;	/* This holds the DER encoded format of
-					   the authCertIssuer field. It is used
-					   by the encoding engine. It should be
-					   used as a read only field by the caller.
-					*/
-};
-
-/* x.509 v3 CRL Distributeion Point */
-
-/*
- * defined the types of CRL Distribution points
- */
-typedef enum DistributionPointTypesEnum {
-    generalName = 1,			/* only support this for now */
-    relativeDistinguishedName = 2
-} DistributionPointTypes;
-
-struct CRLDistributionPointStr {
-    DistributionPointTypes distPointType;
-    union {
-	CERTGeneralName *fullName;
-	CERTRDN relativeName;
-    } distPoint;
-    SECItem reasons;
-    CERTGeneralName *crlIssuer;
-    
-    /* Reserved for internal use only*/
-    SECItem derDistPoint;
-    SECItem derRelativeName;
-    SECItem **derCrlIssuer;
-    SECItem **derFullName;
-    SECItem bitsmap;
-};
-
-struct CERTCrlDistributionPointsStr {
-    CRLDistributionPoint **distPoints;
-};
-
-/*
- * This structure is used to keep a log of errors when verifying
- * a cert chain.  This allows multiple errors to be reported all at
- * once.
- */
-struct CERTVerifyLogNodeStr {
-    CERTCertificate *cert;	/* what cert had the error */
-    long error;			/* what error was it? */
-    unsigned int depth;		/* how far up the chain are we */
-    void *arg;			/* error specific argument */
-    struct CERTVerifyLogNodeStr *next; /* next in the list */
-    struct CERTVerifyLogNodeStr *prev; /* next in the list */
-};
-
-
-struct CERTVerifyLogStr {
-    PRArenaPool *arena;
-    unsigned int count;
-    struct CERTVerifyLogNodeStr *head;
-    struct CERTVerifyLogNodeStr *tail;
-};
-
-
-struct CERTOKDomainNameStr {
-    CERTOKDomainName *next;
-    char              name[1]; /* actual length may be longer. */
-};
-
-
-typedef SECStatus (PR_CALLBACK *CERTStatusChecker) (CERTCertDBHandle *handle,
-						    CERTCertificate *cert,
-						    int64 time,
-						    void *pwArg);
-
-typedef SECStatus (PR_CALLBACK *CERTStatusDestroy) (CERTStatusConfig *handle);
-
-struct CERTStatusConfigStr {
-    CERTStatusChecker statusChecker;	/* NULL means no checking enabled */
-    CERTStatusDestroy statusDestroy;	/* enabled or no, will clean up */
-    void *statusContext;		/* cx specific to checking protocol */
-};
-
-struct CERTAuthInfoAccessStr {
-    SECItem method;
-    SECItem derLocation;
-    CERTGeneralName *location;		/* decoded location */
-};
-
-
-/* This is the typedef for the callback passed to CERT_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*CERTDBNameFunc)(void *arg, int dbVersion);
-
-/*
- * types of cert packages that we can decode
- */
-typedef enum CERTPackageTypeEnum {
-    certPackageNone = 0,
-    certPackageCert = 1,
-    certPackagePKCS7 = 2,
-    certPackageNSCertSeq = 3,
-    certPackageNSCertWrap = 4
-} CERTPackageType;
-
-/*
- * these types are for the PKIX Certificate Policies extension
- */
-typedef struct {
-    SECOidTag oid;
-    SECItem qualifierID;
-    SECItem qualifierValue;
-} CERTPolicyQualifier;
-
-typedef struct {
-    SECOidTag oid;
-    SECItem policyID;
-    CERTPolicyQualifier **policyQualifiers;
-} CERTPolicyInfo;
-
-typedef struct {
-    PRArenaPool *arena;
-    CERTPolicyInfo **policyInfos;
-} CERTCertificatePolicies;
-
-typedef struct {
-    SECItem organization;
-    SECItem **noticeNumbers;
-} CERTNoticeReference;
-
-typedef struct {
-    PRArenaPool *arena;
-    CERTNoticeReference noticeReference;
-    SECItem derNoticeReference;
-    SECItem displayText;
-} CERTUserNotice;
-
-typedef struct {
-    PRArenaPool *arena;
-    SECItem **oids;
-} CERTOidSequence;
-
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h"	/* way down here because I expect template stuff to
-			 * move out of here anyway */
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template CERT_CertificateRequestTemplate[];
-extern const SEC_ASN1Template CERT_CertificateTemplate[];
-extern const SEC_ASN1Template SEC_SignedCertificateTemplate[];
-extern const SEC_ASN1Template CERT_CertExtensionTemplate[];
-extern const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[];
-extern const SEC_ASN1Template SECKEY_PublicKeyTemplate[];
-extern const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[];
-extern const SEC_ASN1Template CERT_ValidityTemplate[];
-extern const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[];
-extern const SEC_ASN1Template SEC_CertSequenceTemplate[];
-
-extern const SEC_ASN1Template CERT_IssuerAndSNTemplate[];
-extern const SEC_ASN1Template CERT_NameTemplate[];
-extern const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[];
-extern const SEC_ASN1Template CERT_RDNTemplate[];
-extern const SEC_ASN1Template CERT_SignedDataTemplate[];
-extern const SEC_ASN1Template CERT_CrlTemplate[];
-
-/*
-** XXX should the attribute stuff be centralized for all of ns/security?
-*/
-extern const SEC_ASN1Template CERT_AttributeTemplate[];
-extern const SEC_ASN1Template CERT_SetOfAttributeTemplate[];
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs.  Sigh.
-*/
-SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateRequestTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_CrlTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_NameTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SubjectPublicKeyInfoTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_SignedCertificateTemplate)
-
-SEC_END_PROTOS
-
-#endif /* _CERTT_H_ */
diff --git a/security/nss/lib/certdb/certv3.c b/security/nss/lib/certdb/certv3.c
deleted file mode 100644
index ea1016234..000000000
--- a/security/nss/lib/certdb/certv3.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with X509.V3 extensions.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-SECStatus
-CERT_FindCertExtensionByOID(CERTCertificate *cert, SECItem *oid,
-			    SECItem *value)
-{
-    return (cert_FindExtensionByOID (cert->extensions, oid, value));
-}
-    
-
-SECStatus
-CERT_FindCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
-    return (cert_FindExtension (cert->extensions, tag, value));
-}
-
-static void
-SetExts(void *object, CERTCertExtension **exts)
-{
-    CERTCertificate *cert = (CERTCertificate *)object;
-
-    cert->extensions = exts;
-    DER_SetUInteger (cert->arena, &(cert->version), SEC_CERTIFICATE_VERSION_3);
-}
-
-void *
-CERT_StartCertExtensions(CERTCertificate *cert)
-{
-    return (cert_StartExtensions ((void *)cert, cert->arena, SetExts));
-}
-
-/* find the given extension in the certificate of the Issuer of 'cert' */
-SECStatus
-CERT_FindIssuerCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
-    CERTCertificate *issuercert;
-    SECStatus rv;
-
-    issuercert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
-    if ( issuercert ) {
-	rv = cert_FindExtension(issuercert->extensions, tag, value);
-	CERT_DestroyCertificate(issuercert);
-    } else {
-	rv = SECFailure;
-    }
-    
-    return(rv);
-}
-
-/* find a URL extension in the cert or its CA
- * apply the base URL string if it exists
- */
-char *
-CERT_FindCertURLExtension(CERTCertificate *cert, int tag, int catag)
-{
-    SECStatus rv;
-    SECItem urlitem;
-    SECItem baseitem;
-    SECItem urlstringitem = {siBuffer,0};
-    SECItem basestringitem = {siBuffer,0};
-    PRArenaPool *arena = NULL;
-    PRBool hasbase;
-    char *urlstring;
-    char *str;
-    int len;
-    int i;
-    
-    urlstring = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( ! arena ) {
-	goto loser;
-    }
-    
-    hasbase = PR_FALSE;
-    urlitem.data = NULL;
-    baseitem.data = NULL;
-    
-    rv = cert_FindExtension(cert->extensions, tag, &urlitem);
-    if ( rv == SECSuccess ) {
-	rv = cert_FindExtension(cert->extensions, SEC_OID_NS_CERT_EXT_BASE_URL,
-				   &baseitem);
-	if ( rv == SECSuccess ) {
-	    hasbase = PR_TRUE;
-	}
-	
-    } else if ( catag ) {
-	/* if the cert doesn't have the extensions, see if the issuer does */
-	rv = CERT_FindIssuerCertExtension(cert, catag, &urlitem);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}	    
-	rv = CERT_FindIssuerCertExtension(cert, SEC_OID_NS_CERT_EXT_BASE_URL,
-					 &baseitem);
-	if ( rv == SECSuccess ) {
-	    hasbase = PR_TRUE;
-	}
-    } else {
-	goto loser;
-    }
-
-    rv = SEC_ASN1DecodeItem(arena, &urlstringitem, SEC_IA5StringTemplate, 
-			    &urlitem);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    if ( hasbase ) {
-	rv = SEC_ASN1DecodeItem(arena, &basestringitem, SEC_IA5StringTemplate,
-				&baseitem);
-
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-    
-    len = urlstringitem.len + ( hasbase ? basestringitem.len : 0 ) + 1;
-    
-    str = urlstring = (char *)PORT_Alloc(len);
-    if ( urlstring == NULL ) {
-	goto loser;
-    }
-    
-    /* copy the URL base first */
-    if ( hasbase ) {
-
-	/* if the urlstring has a : in it, then we assume it is an absolute
-	 * URL, and will not get the base string pre-pended
-	 */
-	for ( i = 0; i < urlstringitem.len; i++ ) {
-	    if ( urlstringitem.data[i] == ':' ) {
-		goto nobase;
-	    }
-	}
-	
-	PORT_Memcpy(str, basestringitem.data, basestringitem.len);
-	str += basestringitem.len;
-	
-    }
-
-nobase:
-    /* copy the rest (or all) of the URL */
-    PORT_Memcpy(str, urlstringitem.data, urlstringitem.len);
-    str += urlstringitem.len;
-    
-    *str = '\0';
-    goto done;
-    
-loser:
-    if ( urlstring ) {
-	PORT_Free(urlstring);
-    }
-    
-    urlstring = NULL;
-done:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    if ( baseitem.data ) {
-	PORT_Free(baseitem.data);
-    }
-    if ( urlitem.data ) {
-	PORT_Free(urlitem.data);
-    }
-
-    return(urlstring);
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindNSCertTypeExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
-    return (CERT_FindBitStringExtension
-	    (cert->extensions, SEC_OID_NS_CERT_EXT_CERT_TYPE, retItem));    
-}
-
-
-/*
- * get the value of a string type extension
- */
-char *
-CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag)
-{
-    SECItem wrapperItem, tmpItem = {siBuffer,0};
-    SECStatus rv;
-    PRArenaPool *arena = NULL;
-    char *retstring = NULL;
-    
-    wrapperItem.data = NULL;
-    tmpItem.data = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( ! arena ) {
-	goto loser;
-    }
-    
-    rv = cert_FindExtension(cert->extensions, oidtag,
-			       &wrapperItem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    rv = SEC_ASN1DecodeItem(arena, &tmpItem, SEC_IA5StringTemplate, 
-			    &wrapperItem);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    retstring = (char *)PORT_Alloc(tmpItem.len + 1 );
-    if ( retstring == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(retstring, tmpItem.data, tmpItem.len);
-    retstring[tmpItem.len] = '\0';
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    if ( wrapperItem.data ) {
-	PORT_Free(wrapperItem.data);
-    }
-
-    return(retstring);
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindKeyUsageExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
-    return (CERT_FindBitStringExtension(cert->extensions,
-					SEC_OID_X509_KEY_USAGE, retItem));    
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindSubjectKeyIDExten(CERTCertificate *cert, SECItem *retItem)
-{
-
-    SECItem encodedValue;
-    SECStatus rv;
-
-    encodedValue.data = NULL;
-    rv = cert_FindExtension
-	 (cert->extensions, SEC_OID_X509_SUBJECT_KEY_ID, &encodedValue);
-    if (rv != SECSuccess)
-	return (rv);
-    rv = SEC_ASN1DecodeItem (NULL, retItem, SEC_OctetStringTemplate,
-			     &encodedValue);
-    PORT_Free (encodedValue.data);
-
-    return (rv);
-}
-
-SECStatus
-CERT_FindBasicConstraintExten(CERTCertificate *cert,
-			      CERTBasicConstraints *value)
-{
-    SECItem encodedExtenValue;
-    SECStatus rv;
-
-    encodedExtenValue.data = NULL;
-    encodedExtenValue.len = 0;
-
-    rv = cert_FindExtension(cert->extensions, SEC_OID_X509_BASIC_CONSTRAINTS,
-			    &encodedExtenValue);
-    if ( rv != SECSuccess ) {
-	return (rv);
-    }
-
-    rv = CERT_DecodeBasicConstraintValue (value, &encodedExtenValue);
-    
-    /* free the raw extension data */
-    PORT_Free(encodedExtenValue.data);
-    encodedExtenValue.data = NULL;
-    
-    return(rv);
-}
-
-CERTAuthKeyID *
-CERT_FindAuthKeyIDExten (PRArenaPool *arena, CERTCertificate *cert)
-{
-    SECItem encodedExtenValue;
-    SECStatus rv;
-    CERTAuthKeyID *ret;
-    
-    encodedExtenValue.data = NULL;
-    encodedExtenValue.len = 0;
-
-    rv = cert_FindExtension(cert->extensions, SEC_OID_X509_AUTH_KEY_ID,
-			    &encodedExtenValue);
-    if ( rv != SECSuccess ) {
-	return (NULL);
-    }
-
-    ret = CERT_DecodeAuthKeyID (arena, &encodedExtenValue);
-
-    PORT_Free(encodedExtenValue.data);
-    encodedExtenValue.data = NULL;
-    
-    return(ret);
-}
-
-SECStatus
-CERT_CheckCertUsage(CERTCertificate *cert, unsigned char usage)
-{
-    PRBool critical;    
-    SECItem keyUsage;
-    SECStatus rv;
-
-    /* There is no extension, v1 or v2 certificate */
-    if (cert->extensions == NULL) {
-	return (SECSuccess);
-    }
-    
-    keyUsage.data = NULL;
-
-    do {
-	/* if the keyUsage extension exists and is critical, make sure that the
-	   CA certificate is used for certificate signing purpose only. If the
-	   extension does not exist, we will assum that it can be used for
-	   certificate signing purpose.
-	*/
-	rv = CERT_GetExtenCriticality(cert->extensions,
-				      SEC_OID_X509_KEY_USAGE,
-				      &critical);
-	if (rv == SECFailure) {
-	    rv = (PORT_GetError () == SEC_ERROR_EXTENSION_NOT_FOUND) ?
-		SECSuccess : SECFailure;
-	    break;
-	}
-
-	if (critical == PR_FALSE) {
-	    rv = SECSuccess;
-	    break;
-	}
-
-	rv = CERT_FindKeyUsageExtension(cert, &keyUsage);
-	if (rv != SECSuccess) {
-	    break;
-	}	
-	if (!(keyUsage.data[0] & usage)) {
-	    PORT_SetError (SEC_ERROR_CERT_USAGES_INVALID);
-	    rv = SECFailure;
-	}
-    }while (0);
-    PORT_Free (keyUsage.data);
-    return (rv);
-}
diff --git a/security/nss/lib/certdb/certxutl.c b/security/nss/lib/certdb/certxutl.c
deleted file mode 100644
index 619f576b2..000000000
--- a/security/nss/lib/certdb/certxutl.c
+++ /dev/null
@@ -1,482 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate Extensions handling code
- *
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-#ifdef OLD
-#include "ocspti.h"	/* XXX a better extensions interface would not
-			 * require knowledge of data structures of callers */
-#endif
-
-static CERTCertExtension *
-GetExtension (CERTCertExtension **extensions, SECItem *oid)
-{
-    CERTCertExtension **exts;
-    CERTCertExtension *ext = NULL;
-    SECComparison comp;
-
-    exts = extensions;
-    
-    if (exts) {
-	while ( *exts ) {
-	    ext = *exts;
-	    comp = SECITEM_CompareItem(oid, &ext->id);
-	    if ( comp == SECEqual ) 
-		break;
-
-	    exts++;
-	}
-	return (*exts ? ext : NULL);
-    }
-    return (NULL);
-}
-
-SECStatus
-cert_FindExtensionByOID (CERTCertExtension **extensions, SECItem *oid, SECItem *value)
-{
-    CERTCertExtension *ext;
-    SECStatus rv = SECSuccess;
-    
-    ext = GetExtension (extensions, oid);
-    if (ext == NULL) {
-	PORT_SetError (SEC_ERROR_EXTENSION_NOT_FOUND);
-	return (SECFailure);
-    }
-    if (value)
-	rv = SECITEM_CopyItem(NULL, value, &ext->value);
-    return (rv);
-}
-    
-
-SECStatus
-CERT_GetExtenCriticality (CERTCertExtension **extensions, int tag, PRBool *isCritical)
-{
-    CERTCertExtension *ext;
-    SECOidData *oid;
-
-    if (!isCritical)
-	return (SECSuccess);
-    
-    /* find the extension in the extensions list */
-    oid = SECOID_FindOIDByTag((SECOidTag)tag);
-    if ( !oid ) {
-	return(SECFailure);
-    }
-    ext = GetExtension (extensions, &oid->oid);
-    if (ext == NULL) {
-	PORT_SetError (SEC_ERROR_EXTENSION_NOT_FOUND);
-	return (SECFailure);
-    }
-
-    /* If the criticality is omitted, then it is false by default.
-       ex->critical.data is NULL */
-    if (ext->critical.data == NULL)
-	*isCritical = PR_FALSE;
-    else
-	*isCritical = (ext->critical.data[0] == 0xff) ? PR_TRUE : PR_FALSE;
-    return (SECSuccess);    
-}
-
-SECStatus
-cert_FindExtension(CERTCertExtension **extensions, int tag, SECItem *value)
-{
-    SECOidData *oid;
-    
-    oid = SECOID_FindOIDByTag((SECOidTag)tag);
-    if ( !oid ) {
-	return(SECFailure);
-    }
-
-    return(cert_FindExtensionByOID(extensions, &oid->oid, value));
-}
-
-
-typedef struct _extNode {
-    struct _extNode *next;
-    CERTCertExtension *ext;
-} extNode;
-
-typedef struct {
-    void (*setExts)(void *object, CERTCertExtension **exts);
-    void *object;
-    PRArenaPool *ownerArena;
-    PRArenaPool *arena;
-    extNode *head;
-    int count;
-}extRec;
-
-/*
- * cert_StartExtensions
- *
- * NOTE: This interface changed significantly to remove knowledge
- *   about callers data structures (owner objects)
- */
-void *
-cert_StartExtensions(void *owner, PRArenaPool *ownerArena,
-   void (*setExts)(void *object, CERTCertExtension **exts))
-{
-    PRArenaPool *arena;
-    extRec *handle;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) {
-	return(0);
-    }
-
-    handle = (extRec *)PORT_ArenaAlloc(arena, sizeof(extRec));
-    if ( !handle ) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return(0);
-    }
-
-    handle->object = owner;
-    handle->ownerArena = ownerArena;
-    handle->setExts = setExts;
-
-    handle->arena = arena;
-    handle->head = 0;
-    handle->count = 0;
-    
-    return(handle);
-}
-
-static unsigned char hextrue = 0xff;
-
-/*
- * Note - assumes that data pointed to by oid->data will not move
- */
-SECStatus
-CERT_AddExtensionByOID (void *exthandle, SECItem *oid, SECItem *value,
-			PRBool critical, PRBool copyData)
-{
-    CERTCertExtension *ext;
-    SECStatus rv;
-    extNode *node;
-    extRec *handle;
-    
-    handle = (extRec *)exthandle;
-
-    /* allocate space for extension and list node */
-    ext = (CERTCertExtension*)PORT_ArenaZAlloc(handle->ownerArena,
-                                               sizeof(CERTCertExtension));
-    if ( !ext ) {
-	return(SECFailure);
-    }
-
-    node = (extNode*)PORT_ArenaAlloc(handle->arena, sizeof(extNode));
-    if ( !node ) {
-	return(SECFailure);
-    }
-
-    /* add to list */
-    node->next = handle->head;
-    handle->head = node;
-   
-    /* point to ext struct */
-    node->ext = ext;
-    
-    /* the object ID of the extension */
-    ext->id = *oid;
-    
-    /* set critical field */
-    if ( critical ) {
-	ext->critical.data = (unsigned char*)&hextrue;
-	ext->critical.len = 1;
-    }
-
-    /* set the value */
-    if ( copyData ) {
-	rv = SECITEM_CopyItem(handle->ownerArena, &ext->value, value);
-	if ( rv ) {
-	    return(SECFailure);
-	}
-    } else {
-	ext->value = *value;
-    }
-    
-    handle->count++;
-    
-    return(SECSuccess);
-
-}
-
-SECStatus
-CERT_AddExtension(void *exthandle, int idtag, SECItem *value,
-		     PRBool critical, PRBool copyData)
-{
-    SECOidData *oid;
-    
-    oid = SECOID_FindOIDByTag((SECOidTag)idtag);
-    if ( !oid ) {
-	return(SECFailure);
-    }
-
-    return(CERT_AddExtensionByOID(exthandle, &oid->oid, value, critical, copyData));
-}
-
-SECStatus
-CERT_EncodeAndAddExtension(void *exthandle, int idtag, void *value,
-			   PRBool critical, const SEC_ASN1Template *atemplate)
-{
-    extRec *handle;
-    SECItem *encitem;
-
-    handle = (extRec *)exthandle;
-
-    encitem = SEC_ASN1EncodeItem(handle->ownerArena, NULL, value, atemplate);
-    if ( encitem == NULL ) {
-	return(SECFailure);
-    }
-
-    return CERT_AddExtension(exthandle, idtag, encitem, critical, PR_FALSE);
-}
-
-void
-PrepareBitStringForEncoding (SECItem *bitsmap, SECItem *value)
-{
-  unsigned char onebyte;
-  unsigned int i, len = 0;
-
-  /* to prevent warning on some platform at compile time */ 
-  onebyte = '\0';   
-  /* Get the position of the right-most turn-on bit */ 
-  for (i = 0; i < (value->len ) * 8; ++i) {
-      if (i % 8 == 0)
-	  onebyte = value->data[i/8];
-      if (onebyte & 0x80)
-	  len = i;            
-      onebyte <<= 1;
-      
-  }
-  bitsmap->data = value->data;
-  /* Add one here since we work with base 1 */ 
-  bitsmap->len = len + 1;
-}
-
-SECStatus
-CERT_EncodeAndAddBitStrExtension (void *exthandle, int idtag,
-				  SECItem *value, PRBool critical)
-{
-  SECItem bitsmap;
-  
-  PrepareBitStringForEncoding (&bitsmap, value);
-  return (CERT_EncodeAndAddExtension
-	  (exthandle, idtag, &bitsmap, critical, SEC_BitStringTemplate));
-}
-
-SECStatus
-CERT_FinishExtensions(void *exthandle)
-{
-    extRec *handle;
-    extNode *node;
-    CERTCertExtension **exts;
-    SECStatus rv = SECFailure;
-    
-    handle = (extRec *)exthandle;
-
-    /* allocate space for extensions array */
-    exts = PORT_ArenaNewArray(handle->ownerArena, CERTCertExtension *,
-			      handle->count + 1);
-    if (exts == NULL) {
-	goto loser;
-    }
-
-    /* put extensions in owner object and update its version number */
-
-#ifdef OLD
-    switch (handle->type) {
-      case CertificateExtensions:
-	handle->owner.cert->extensions = exts;
-	DER_SetUInteger (ownerArena, &(handle->owner.cert->version),
-			 SEC_CERTIFICATE_VERSION_3);
-	break;
-      case CrlExtensions:
-	handle->owner.crl->extensions = exts;
-	DER_SetUInteger (ownerArena, &(handle->owner.crl->version),
-			 SEC_CRL_VERSION_2);
-	break;
-      case OCSPRequestExtensions:
-	handle->owner.request->tbsRequest->requestExtensions = exts;
-	break;
-      case OCSPSingleRequestExtensions:
-	handle->owner.singleRequest->singleRequestExtensions = exts;	
-	break;
-      case OCSPResponseSingleExtensions:
-	handle->owner.singleResponse->singleExtensions = exts;	
-	break;
-    }
-#endif
-
-    handle->setExts(handle->object, exts);
-	
-    /* update the version number */
-
-    /* copy each extension pointer */
-    node = handle->head;
-    while ( node ) {
-	*exts = node->ext;
-	
-	node = node->next;
-	exts++;
-    }
-
-    /* terminate the array of extensions */
-    *exts = 0;
-
-    rv = SECSuccess;
-
-loser:
-    /* free working arena */
-    PORT_FreeArena(handle->arena, PR_FALSE);
-    return rv;
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindBitStringExtension (CERTCertExtension **extensions, int tag,
-			     SECItem *retItem)
-{
-    SECItem wrapperItem, tmpItem = {siBuffer,0};
-    SECStatus rv;
-    PRArenaPool *arena = NULL;
-    
-    wrapperItem.data = NULL;
-    tmpItem.data = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( ! arena ) {
-	return(SECFailure);
-    }
-    
-    rv = cert_FindExtension(extensions, tag, &wrapperItem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    rv = SEC_ASN1DecodeItem(arena, &tmpItem, SEC_BitStringTemplate, 
-			    &wrapperItem);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    retItem->data = (unsigned char *)PORT_Alloc( ( tmpItem.len + 7 ) >> 3 );
-    if ( retItem->data == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(retItem->data, tmpItem.data, ( tmpItem.len + 7 ) >> 3);
-    retItem->len = tmpItem.len;
-    
-    rv = SECSuccess;
-    goto done;
-    
-loser:
-    rv = SECFailure;
-
-done:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    if ( wrapperItem.data ) {
-	PORT_Free(wrapperItem.data);
-    }
-
-    return(rv);
-}
-
-PRBool
-cert_HasCriticalExtension (CERTCertExtension **extensions)
-{
-    CERTCertExtension **exts;
-    CERTCertExtension *ext = NULL;
-    PRBool hasCriticalExten = PR_FALSE;
-    
-    exts = extensions;
-    
-    if (exts) {
-	while ( *exts ) {
-	    ext = *exts;
-	    /* If the criticality is omitted, it's non-critical */
-	    if (ext->critical.data && ext->critical.data[0] == 0xff) {
-		hasCriticalExten = PR_TRUE;
-		break;
-	    }
-	    exts++;
-	}
-    }
-    return (hasCriticalExten);
-}
-
-PRBool
-cert_HasUnknownCriticalExten (CERTCertExtension **extensions)
-{
-    CERTCertExtension **exts;
-    CERTCertExtension *ext = NULL;
-    PRBool hasUnknownCriticalExten = PR_FALSE;
-    
-    exts = extensions;
-    
-    if (exts) {
-	while ( *exts ) {
-	    ext = *exts;
-	    /* If the criticality is omitted, it's non-critical.
-	       If an extension is critical, make sure that we know
-	       how to process the extension.
-             */
-	    if (ext->critical.data && ext->critical.data[0] == 0xff) {
-		if (SECOID_KnownCertExtenOID (&ext->id) == PR_FALSE) {
-		    hasUnknownCriticalExten = PR_TRUE;
-		    break;
-		}
-	    }
-	    exts++;
-	}
-    }
-    return (hasUnknownCriticalExten);
-}
diff --git a/security/nss/lib/certdb/certxutl.h b/security/nss/lib/certdb/certxutl.h
deleted file mode 100644
index 381226a43..000000000
--- a/security/nss/lib/certdb/certxutl.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * x.509 v3 certificate extension helper routines
- *
- */
-
-
-#ifndef _CERTXUTL_H_
-#define _CERTXUTL_H_
-
-#include "nspr.h"
-
-#ifdef OLD
-typedef enum {
-    CertificateExtensions,
-    CrlExtensions,
-    OCSPRequestExtensions,
-    OCSPSingleRequestExtensions,
-    OCSPResponseSingleExtensions
-} ExtensionsType;
-#endif
-
-extern PRBool
-cert_HasCriticalExtension (CERTCertExtension **extensions);
-
-extern SECStatus
-CERT_FindBitStringExtension (CERTCertExtension **extensions,
-			     int tag, SECItem *retItem);
-extern void *
-cert_StartExtensions (void *owner, PLArenaPool *arena,
-                      void (*setExts)(void *object, CERTCertExtension **exts));
-
-extern SECStatus
-cert_FindExtension (CERTCertExtension **extensions, int tag, SECItem *value);
-
-extern SECStatus
-cert_FindExtensionByOID (CERTCertExtension **extensions,
-			 SECItem *oid, SECItem *value);
-
-extern SECStatus
-cert_GetExtenCriticality (CERTCertExtension **extensions,
-			  int tag, PRBool *isCritical);
-
-extern PRBool
-cert_HasUnknownCriticalExten (CERTCertExtension **extensions);
-
-#endif
diff --git a/security/nss/lib/certdb/config.mk b/security/nss/lib/certdb/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/certdb/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c
deleted file mode 100644
index c9caabc78..000000000
--- a/security/nss/lib/certdb/crl.c
+++ /dev/null
@@ -1,639 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Moved from secpkcs7.c
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "certdb.h"
-#include "certxutl.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "pk11func.h"
-
-const SEC_ASN1Template SEC_CERTExtensionTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCertExtension) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CERTCertExtension,id) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,		/* XXX DER_DEFAULT */
-	  offsetof(CERTCertExtension,critical), },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(CERTCertExtension,value) },
-    { 0, }
-};
-
-static const SEC_ASN1Template SEC_CERTExtensionsTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0,  SEC_CERTExtensionTemplate}
-};
-
-/*
- * XXX Also, these templates, especially the Krl/FORTEZZA ones, need to
- * be tested; Lisa did the obvious translation but they still should be
- * verified.
- */
-
-const SEC_ASN1Template CERT_IssuerAndSNTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTIssuerAndSN) },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTIssuerAndSN,derIssuer) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTIssuerAndSN,issuer),
-	  CERT_NameTemplate },
-    { SEC_ASN1_INTEGER,
-	  offsetof(CERTIssuerAndSN,serialNumber) },
-    { 0 }
-};
-
-static const SEC_ASN1Template cert_KrlEntryTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCrlEntry) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(CERTCrlEntry,serialNumber) },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTCrlEntry,revocationDate) },
-    { 0 }
-};
-
-static const SEC_ASN1Template cert_KrlTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCrl) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCrl,signatureAlg),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTCrl,derName) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCrl,name),
-	  CERT_NameTemplate },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTCrl,lastUpdate) },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTCrl,nextUpdate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTCrl,entries),
-	  cert_KrlEntryTemplate },
-    { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedKrlTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTSignedCrl) },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTSignedCrl,signatureWrap.data) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTSignedCrl,crl),
-	  cert_KrlTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-	  offsetof(CERTSignedCrl,signatureWrap.signature) },
-    { 0 }
-};
-
-static const SEC_ASN1Template cert_CrlKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCrlKey) },
-    { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(CERTCrlKey,dummy) },
-    { SEC_ASN1_SKIP },
-    { SEC_ASN1_ANY, offsetof(CERTCrlKey,derName) },
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-
-static const SEC_ASN1Template cert_CrlEntryTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCrlEntry) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(CERTCrlEntry,serialNumber) },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTCrlEntry,revocationDate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTCrlEntry, extensions),
-	  SEC_CERTExtensionTemplate},
-    { 0 }
-};
-
-const SEC_ASN1Template CERT_CrlTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCrl) },
-    { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof (CERTCrl, version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCrl,signatureAlg),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTCrl,derName) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCrl,name),
-	  CERT_NameTemplate },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTCrl,lastUpdate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_UTC_TIME,
-	  offsetof(CERTCrl,nextUpdate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTCrl,entries),
-	  cert_CrlEntryTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-	  SEC_ASN1_EXPLICIT | 0,
-	  offsetof(CERTCrl,extensions),
-	  SEC_CERTExtensionsTemplate},
-    { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedCrlTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTSignedCrl) },
-    { SEC_ASN1_SAVE,
-	  offsetof(CERTSignedCrl,signatureWrap.data) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTSignedCrl,crl),
-	  CERT_CrlTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-	  offsetof(CERTSignedCrl,signatureWrap.signature) },
-    { 0 }
-};
-
-const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, cert_SignedCrlTemplate },
-};
-
-/* Check the version of the CRL.  If there is a critical extension in the crl
-   or crl entry, then the version must be v2. Otherwise, it should be v1.  If
-   the crl contains critical extension(s), then we must recognized the extension's
-   OID.
-   */
-SECStatus cert_check_crl_version (CERTCrl *crl)
-{
-    CERTCrlEntry **entries;
-    CERTCrlEntry *entry;
-    PRBool hasCriticalExten = PR_FALSE;
-    SECStatus rv = SECSuccess;
-    int version;
-
-    /* CRL version is defaulted to v1 */
-    version = SEC_CRL_VERSION_1;
-    if (crl->version.data != 0) 
-	version = (int)DER_GetUInteger (&crl->version);
-	
-    if (version > SEC_CRL_VERSION_2) {
-	PORT_SetError (SEC_ERROR_BAD_DER);
-	return (SECFailure);
-    }
-
-    /* Check the crl extensions for a critial extension.  If one is found,
-       and the version is not v2, then we are done.
-     */
-    if (crl->extensions) {
-	hasCriticalExten = cert_HasCriticalExtension (crl->extensions);
-	if (hasCriticalExten) {
-	    if (version != SEC_CRL_VERSION_2)
-		return (SECFailure);
-	    /* make sure that there is no unknown critical extension */
-	    if (cert_HasUnknownCriticalExten (crl->extensions) == PR_TRUE) {
-		PORT_SetError (SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
-		return (SECFailure);
-	    }
-	}
-    }
-
-	
-    if (crl->entries == NULL) {
-	if (hasCriticalExten == PR_FALSE && version == SEC_CRL_VERSION_2) {
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    return (SECFailure);
-	}
-        return (SECSuccess);
-    }
-    /* Look in the crl entry extensions.  If there is a critical extension,
-       then the crl version must be v2; otherwise, it should be v1.
-     */
-    entries = crl->entries;
-    while (*entries) {
-	entry = *entries;
-	if (entry->extensions) {
-	    /* If there is a critical extension in the entries, then the
-	       CRL must be of version 2.  If we already saw a critical extension,
-	       there is no need to check the version again.
-	    */
-	    if (hasCriticalExten == PR_FALSE) {
-		hasCriticalExten = cert_HasCriticalExtension (entry->extensions);
-		if (hasCriticalExten && version != SEC_CRL_VERSION_2) { 
-		    rv = SECFailure;
-		    break;
-		}
-	    }
-
-	    /* For each entry, make sure that it does not contain an unknown
-	       critical extension.  If it does, we must reject the CRL since
-	       we don't know how to process the extension.
-	    */
-	    if (cert_HasUnknownCriticalExten (entry->extensions) == PR_TRUE) {
-		PORT_SetError (SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
-		rv = SECFailure;
-		break;
-	    }
-	}
-	++entries;
-    }
-    if (rv == SECFailure)
-	return (rv);
-
-    return (SECSuccess);
-}
-
-/*
- * Generate a database key, based on the issuer name from a
- * DER crl.
- */
-SECStatus
-CERT_KeyFromDERCrl(PRArenaPool *arena, SECItem *derCrl, SECItem *key)
-{
-    SECStatus rv;
-    CERTSignedData sd;
-    CERTCrlKey crlkey;
-
-    PORT_Memset (&sd, 0, sizeof (sd));
-    rv = SEC_ASN1DecodeItem (arena, &sd, CERT_SignedDataTemplate, derCrl);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-
-    PORT_Memset (&crlkey, 0, sizeof (crlkey));
-    rv = SEC_ASN1DecodeItem(arena, &crlkey, cert_CrlKeyTemplate, &sd.data);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-
-    key->len =  crlkey.derName.len;
-    key->data = crlkey.derName.data;
-
-    return(SECSuccess);
-}
-
-/*
- * take a DER CRL or KRL  and decode it into a CRL structure
- */
-CERTSignedCrl *
-CERT_DecodeDERCrl(PRArenaPool *narena, SECItem *derSignedCrl, int type)
-{
-    PRArenaPool *arena;
-    CERTSignedCrl *crl;
-    SECStatus rv;
-
-    /* make a new arena */
-    if (narena == NULL) {
-    	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if ( !arena ) {
-	    return NULL;
-	}
-    } else {
-	arena = narena;
-    }
-
-    /* allocate the CRL structure */
-    crl = (CERTSignedCrl *)PORT_ArenaZAlloc(arena, sizeof(CERTSignedCrl));
-    if ( !crl ) {
-	goto loser;
-    }
-    
-    crl->arena = arena;
-
-    crl->derCrl = (SECItem *)PORT_ArenaZAlloc(arena,sizeof(SECItem));
-    if (crl->derCrl == NULL) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(arena, crl->derCrl, derSignedCrl);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /* Save the arena in the inner crl for CRL extensions support */
-    crl->crl.arena = arena;
-
-    /* decode the CRL info */
-    switch (type) {
-    case SEC_CRL_TYPE: 
-	rv = SEC_ASN1DecodeItem
-	     (arena, crl, cert_SignedCrlTemplate, derSignedCrl);
-	if (rv != SECSuccess)
-	    break;
-        /* check for critical extentions */
-	rv =  cert_check_crl_version (&crl->crl);
-	break;
-
-    case SEC_KRL_TYPE:
-	rv = SEC_ASN1DecodeItem
-	     (arena, crl, cert_SignedKrlTemplate, derSignedCrl);
-	break;
-    default:
-	rv = SECFailure;
-	break;
-    }
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    crl->referenceCount = 1;
-    
-    return(crl);
-    
-loser:
-
-    if ((narena == NULL) && arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(0);
-}
-
-/*
- * Lookup a CRL in the databases. We mirror the same fast caching data base
- *  caching stuff used by certificates....?
- */
-CERTSignedCrl *
-SEC_FindCrlByKeyOnSlot(PK11SlotInfo *slot, SECItem *crlKey, int type)
-{
-    CERTSignedCrl *crl = NULL;
-    SECItem *derCrl;
-    CK_OBJECT_HANDLE crlHandle;
-    char *url = NULL;
-
-    if (slot) {
-	PK11_ReferenceSlot(slot);
-    }
-     
-    derCrl = PK11_FindCrlByName(&slot, &crlHandle, crlKey, type, &url);
-    if (derCrl == NULL) {
-	goto loser;
-    }
-    PORT_Assert(crlHandle != CK_INVALID_HANDLE);
-    
-    crl = CERT_DecodeDERCrl(NULL, derCrl, type);
-    if (crl) {
-	crl->slot = slot;
-	slot = NULL; /* adopt it */
-	crl->pkcs11ID = crlHandle;
-	if (url) {
-	    crl->url = PORT_ArenaStrdup(crl->arena,url);
-	}
-    }
-    if (url) {
-	PORT_Free(url);
-    }
-
-loser:
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if (derCrl) {
-	SECITEM_FreeItem(derCrl,PR_TRUE);
-    }
-    return(crl);
-}
-
-SECStatus SEC_DestroyCrl(CERTSignedCrl *crl);
-
-CERTSignedCrl *
-crl_storeCRL (PK11SlotInfo *slot,char *url,
-                  CERTSignedCrl *newCrl, SECItem *derCrl, int type)
-{
-    CERTSignedCrl *oldCrl = NULL, *crl = NULL;
-    CK_OBJECT_HANDLE crlHandle;
-
-    oldCrl = SEC_FindCrlByKeyOnSlot(slot, &newCrl->crl.derName, type);
-
-
-
-    /* if there is an old crl, make sure the one we are installing
-     * is newer. If not, exit out, otherwise delete the old crl.
-     */
-    if (oldCrl != NULL) {
-	/* if it's already there, quietly continue */
-	if (SECITEM_CompareItem(newCrl->derCrl, oldCrl->derCrl) 
-						== SECEqual) {
-	    crl = newCrl;
-	    crl->slot = PK11_ReferenceSlot(slot);
-	    crl->pkcs11ID = oldCrl->pkcs11ID;
-	    goto done;
-	}
-        if (!SEC_CrlIsNewer(&newCrl->crl,&oldCrl->crl)) {
-
-            if (type == SEC_CRL_TYPE) {
-                PORT_SetError(SEC_ERROR_OLD_CRL);
-            } else {
-                PORT_SetError(SEC_ERROR_OLD_KRL);
-            }
-
-            goto done;
-        }
-
-        if ((SECITEM_CompareItem(&newCrl->crl.derName,
-                &oldCrl->crl.derName) != SECEqual) &&
-            (type == SEC_KRL_TYPE) ) {
-
-            PORT_SetError(SEC_ERROR_CKL_CONFLICT);
-            goto done;
-        }
-
-        /* if we have a url in the database, use that one */
-        if (oldCrl->url) {
-	    url = oldCrl->url;
-        }
-
-
-        /* really destroy this crl */
-        /* first drum it out of the permanment Data base */
-        SEC_DeletePermCRL(oldCrl);
-    }
-
-    /* Write the new entry into the data base */
-    crlHandle = PK11_PutCrl(slot, derCrl, &newCrl->crl.derName, url, type);
-    if (crlHandle != CK_INVALID_HANDLE) {
-	crl = newCrl;
-	crl->slot = PK11_ReferenceSlot(slot);
-	crl->pkcs11ID = crlHandle;
-	if (url) {
-	    crl->url = PORT_ArenaStrdup(crl->arena,url);
-	}
-    }
-
-done:
-    if (oldCrl) SEC_DestroyCrl(oldCrl);
-
-    return crl;
-}
-
-CERTSignedCrl *
-SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type)
-{
-	return SEC_FindCrlByKeyOnSlot(NULL,crlKey,type);
-}
-
-/*
- *
- * create a new CRL from DER material.
- *
- * The signature on this CRL must be checked before you
- * load it. ???
- */
-CERTSignedCrl *
-SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type)
-{
-    CERTSignedCrl *newCrl = NULL, *crl = NULL;
-    PK11SlotInfo *slot;
-
-    /* make this decode dates! */
-    newCrl = CERT_DecodeDERCrl(NULL, derCrl, type);
-    if (newCrl == NULL) {
-        if (type == SEC_CRL_TYPE) {
-            PORT_SetError(SEC_ERROR_CRL_INVALID);
-        } else {
-            PORT_SetError(SEC_ERROR_KRL_INVALID);
-        }
-        goto done;
-    }
-
-    slot = PK11_GetInternalKeySlot();
-    crl = crl_storeCRL(slot, url, newCrl, derCrl, type);
-    PK11_FreeSlot(slot);
-
-
-done:
-    if (crl == NULL) {
-	if (newCrl) {
-	    PORT_FreeArena(newCrl->arena, PR_FALSE);
-	}
-    }
-
-    return crl;
-}
-
-
-CERTSignedCrl *
-SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type)
-{
-    PRArenaPool *arena;
-    SECItem crlKey;
-    SECStatus rv;
-    CERTSignedCrl *crl = NULL;
-    
-    /* create a scratch arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	return(NULL);
-    }
-    
-    /* extract the database key from the cert */
-    rv = CERT_KeyFromDERCrl(arena, derCrl, &crlKey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* find the crl */
-    crl = SEC_FindCrlByName(handle, &crlKey, type);
-    
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(crl);
-}
-
-
-SECStatus
-SEC_DestroyCrl(CERTSignedCrl *crl)
-{
-    if (crl) {
-	if (crl->referenceCount-- <= 1) {
-	    if (crl->slot) {
-		PK11_FreeSlot(crl->slot);
-	    }
-	    PORT_FreeArena(crl->arena, PR_FALSE);
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type)
-{
-    CERTCrlHeadNode *head;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-
-    *nodes = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	return SECFailure;
-    }
-
-    /* build a head structure */
-    head = (CERTCrlHeadNode *)PORT_ArenaAlloc(arena, sizeof(CERTCrlHeadNode));
-    head->arena = arena;
-    head->first = NULL;
-    head->last = NULL;
-    head->dbhandle = handle;
-
-    /* Look up the proper crl types */
-    *nodes = head;
-
-    rv = PK11_LookupCrls(head, type, NULL);
-    
-    if (rv != SECSuccess) {
-	if ( arena ) {
-	    PORT_FreeArena(arena, PR_FALSE);
-	    *nodes = NULL;
-	}
-    }
-
-    return rv;
-}
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs.  Sigh.
-*/
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_IssuerAndSNTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CrlTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SetOfSignedCrlTemplate)
-
diff --git a/security/nss/lib/certdb/genname.c b/security/nss/lib/certdb/genname.c
deleted file mode 100644
index fadf9d15f..000000000
--- a/security/nss/lib/certdb/genname.c
+++ /dev/null
@@ -1,1613 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secitem.h"
-#include "secoidt.h"
-#include "mcom_db.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-#include "cert.h"
-#include "xconst.h"
-#include "secerr.h"
-#include "secoid.h"
-#include "prprf.h"
-#include "genname.h"
-
-
-
-static const SEC_ASN1Template CERTNameConstraintTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraint) },
-    { SEC_ASN1_ANY, offsetof(CERTNameConstraint, DERName) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-          offsetof(CERTNameConstraint, min), SEC_IntegerTemplate }, 
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-          offsetof(CERTNameConstraint, max), SEC_IntegerTemplate },
-    { 0, }
-};
-
-const SEC_ASN1Template CERT_NameConstraintSubtreeSubTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-
-const SEC_ASN1Template CERT_NameConstraintSubtreePermitedTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, CERT_NameConstraintSubtreeSubTemplate }
-};
-
-const SEC_ASN1Template CERT_NameConstraintSubtreeExcludedTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 1, 0, CERT_NameConstraintSubtreeSubTemplate }
-};
-
-
-static const SEC_ASN1Template CERTNameConstraintsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraints) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-          offsetof(CERTNameConstraints, DERPermited), CERT_NameConstraintSubtreeSubTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-          offsetof(CERTNameConstraints, DERExcluded), CERT_NameConstraintSubtreeSubTemplate},
-    { 0, }
-};
-
-
-static const SEC_ASN1Template CERTOthNameTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OtherName) },
-    { SEC_ASN1_OBJECT_ID, 
-	  offsetof(OtherName, oid) },
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 0,
-          offsetof(OtherName, name), SEC_AnyTemplate },
-    { 0, } 
-};
-
-static const SEC_ASN1Template CERTOtherNameTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 0 ,
-      offsetof(CERTGeneralName, name.OthName), CERTOthNameTemplate, 
-      sizeof(CERTGeneralName) }
-};
-
-static const SEC_ASN1Template CERTOtherName2Template[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_CONTEXT_SPECIFIC | 0 ,
-      0, NULL, sizeof(CERTGeneralName) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CERTGeneralName, name.OthName) + offsetof(OtherName, oid) },
-    { SEC_ASN1_ANY,
-	  offsetof(CERTGeneralName, name.OthName) + offsetof(OtherName, name) },
-    { 0, } 
-};
-
-static const SEC_ASN1Template CERT_RFC822NameTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 1 ,
-          offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_DNSNameTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 2 ,
-          offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_X400AddressTemplate[] = {
-    { SEC_ASN1_ANY | SEC_ASN1_CONTEXT_SPECIFIC | 3,
-          offsetof(CERTGeneralName, name.other), SEC_AnyTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_DirectoryNameTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 4,
-          offsetof(CERTGeneralName, derDirectoryName), SEC_AnyTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-
-static const SEC_ASN1Template CERT_EDIPartyNameTemplate[] = {
-    { SEC_ASN1_ANY | SEC_ASN1_CONTEXT_SPECIFIC | 5,
-          offsetof(CERTGeneralName, name.other), SEC_AnyTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_URITemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 6 ,
-          offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_IPAddressTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 7 ,
-          offsetof(CERTGeneralName, name.other), SEC_OctetStringTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_RegisteredIDTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 8 ,
-          offsetof(CERTGeneralName, name.other), SEC_ObjectIDTemplate,
-          sizeof (CERTGeneralName)}
-};
-
-
-const SEC_ASN1Template CERT_GeneralNamesTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-
-
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list)
-{
-    PZLock *lock;
-
-    if (list != NULL) {
-	lock = list->lock;
-	PZ_Lock(lock);
-	if (--list->refCount <= 0 && list->arena != NULL) {
-	    PORT_FreeArena(list->arena, PR_FALSE);
-	    PZ_Unlock(lock);
-	    PZ_DestroyLock(lock);
-	} else {
-	    PZ_Unlock(lock);
-	}
-    }
-    return;
-}
-
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name) {
-    PRArenaPool *arena;
-    CERTGeneralNameList *list = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto done;
-    }
-    list = (CERTGeneralNameList *)
-	PORT_ArenaZAlloc(arena, sizeof(CERTGeneralNameList));
-    if (name != NULL) {
-	list->name = (CERTGeneralName *)
-	    PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
-	list->name->l.next = list->name->l.prev = &list->name->l;
-	CERT_CopyGeneralName(arena, list->name, name);
-    }
-    list->lock = PZ_NewLock(nssILockList);
-    list->arena = arena;
-    list->refCount = 1;
-done:
-    return list;
-}
-
-CERTGeneralName *
-cert_get_next_general_name(CERTGeneralName *current)
-{
-    PRCList *next;
-    
-    next = current->l.next;
-    return (CERTGeneralName *) (((char *) next) - offsetof(CERTGeneralName, l));
-}
-
-CERTGeneralName *
-cert_get_prev_general_name(CERTGeneralName *current)
-{
-    PRCList *prev;
-    prev = current->l.prev;
-    return (CERTGeneralName *) (((char *) prev) - offsetof(CERTGeneralName, l));
-}
-
-CERTNameConstraint *
-cert_get_next_name_constraint(CERTNameConstraint *current)
-{
-    PRCList *next;
-    
-    next = current->l.next;
-    return (CERTNameConstraint *) (((char *) next) - offsetof(CERTNameConstraint, l));
-}
-
-CERTNameConstraint *
-cert_get_prev_name_constraint(CERTNameConstraint *current)
-{
-    PRCList *prev;
-    prev = current->l.prev;
-    return (CERTNameConstraint *) (((char *) prev) - offsetof(CERTNameConstraint, l));
-}
-
-SECItem *
-CERT_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest, PRArenaPool *arena)
-{
-
-
-    PORT_Assert(arena);
-    if (arena == NULL) {
-	goto loser;
-    }
-    if (dest == NULL) {
-	dest = (SECItem *) PORT_ArenaZAlloc(arena, sizeof(SECItem));
-    }
-    switch (genName->type) {
-      case certURI:
-          dest = SEC_ASN1EncodeItem(arena, dest, genName, 
-				    CERT_URITemplate);
-	  break;
-      case certRFC822Name:
-          dest = SEC_ASN1EncodeItem(arena, dest, genName, 
-				    CERT_RFC822NameTemplate);
-	  break;
-      case certDNSName:
-          dest = SEC_ASN1EncodeItem(arena, dest, genName, 
-				    CERT_DNSNameTemplate);
-	  break;
-      case certIPAddress:
-	  dest = SEC_ASN1EncodeItem(arena, dest, genName,
-				    CERT_IPAddressTemplate);
-	  break;
-      case certOtherName:
-	  dest = SEC_ASN1EncodeItem(arena, dest, genName,
-				    CERTOtherNameTemplate);
-	  break;
-      case certRegisterID:
-	  dest = SEC_ASN1EncodeItem(arena, dest, genName,
-				    CERT_RegisteredIDTemplate);
-	  break;
-      case certEDIPartyName:
-	  /* for this type, we expect the value is already encoded */
-	  dest = SEC_ASN1EncodeItem (arena, dest, genName, 
-				     CERT_EDIPartyNameTemplate);
-	  break;
-      case certX400Address:
-	  /* for this type, we expect the value is already encoded */
-	  dest = SEC_ASN1EncodeItem (arena, dest, genName, 
-				     CERT_X400AddressTemplate);
-	  break;
-      case certDirectoryName:
-	  if (genName->derDirectoryName.data == NULL) {
-	      /* The field hasn't been encoded yet. */
-	      SEC_ASN1EncodeItem (arena, &(genName->derDirectoryName),
-				  &(genName->name.directoryName), 
-				  CERT_NameTemplate);
-	  }
-	  if (genName->derDirectoryName.data == NULL) {
-	      goto loser;
-	  }
-	  dest = SEC_ASN1EncodeItem(arena, dest, genName, 
-				    CERT_DirectoryNameTemplate);
-	  break;
-    }
-    if (!dest) {
-	goto loser;
-    }
-    return dest;
-loser:
-    return NULL;
-}
-
-
-
-SECItem **
-cert_EncodeGeneralNames(PRArenaPool *arena, CERTGeneralName *names)
-{
-    CERTGeneralName  *current_name;
-    SECItem          **items = NULL;
-    int              count = 0;
-    int              i;
-    PRCList          *head;
-
-    PORT_Assert(arena);
-    current_name = names;
-    if (names != NULL) {
-	count = 1;
-    }
-    head = &(names->l);
-    while (current_name->l.next != head) {
-	current_name = cert_get_next_general_name(current_name);
-	++count;
-    }
-    current_name = cert_get_next_general_name(current_name);
-    items = (SECItem **) PORT_ArenaAlloc(arena, sizeof(SECItem *) * (count + 1));
-    
-    if (items == NULL) {
-	goto loser;
-    }
-    for (i = 0; i < count; i++) {
-	items[i] = CERT_EncodeGeneralName(current_name, (SECItem *) NULL, arena);
-	if (items[i] == NULL) {
-	    goto loser;
-	}
-	current_name = cert_get_next_general_name(current_name);
-    }
-    items[i] = NULL;
-    return items;
-loser:
-    return NULL;
-}
-
-CERTGeneralName *
-CERT_DecodeGeneralName(PRArenaPool      *arena,
-		       SECItem          *encodedName,
-		       CERTGeneralName  *genName)
-{
-    CERTGeneralNameType              genNameType;
-    SECStatus                        rv = SECSuccess;
-
-    PORT_Assert(arena);
-    if (genName == NULL) {
-	genName = (CERTGeneralName *) PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
-    }
-    genNameType = (CERTGeneralNameType)((*(encodedName->data) & 0x0f) + 1);
-    switch (genNameType) {
-      case certURI:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_URITemplate, encodedName);
-	  break;
-      case certRFC822Name:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_RFC822NameTemplate, encodedName);
-	  break;
-      case certDNSName:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_DNSNameTemplate, encodedName);
-	  break;
-      case certIPAddress:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_IPAddressTemplate, encodedName);
-	  break;
-      case certOtherName:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERTOtherNameTemplate, encodedName);
-	  break;
-      case certRegisterID:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_RegisteredIDTemplate, encodedName);
-	  break;
-      case certEDIPartyName:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_EDIPartyNameTemplate, encodedName);
-	  break;
-      case certX400Address:
-	  rv = SEC_ASN1DecodeItem(arena, genName, CERT_X400AddressTemplate, encodedName);
-	  break;
-      case certDirectoryName:
-		rv = SEC_ASN1DecodeItem
-		     (arena, genName, CERT_DirectoryNameTemplate, encodedName);
-		if (rv != SECSuccess) {
-		    goto loser;
-		}
-		rv = SEC_ASN1DecodeItem
-		      (arena, &(genName->name.directoryName), CERT_NameTemplate,
-		      &(genName->derDirectoryName));
-	  break;
-    }
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    genName->type = genNameType;
-    genName->l.next = (PRCList *) ((char *) genName) + offsetof(CERTGeneralName, l);
-    genName->l.prev = genName->l.next;
-    return genName;
-loser:
-    return NULL;
-}
-
-CERTGeneralName *
-cert_DecodeGeneralNames (PRArenaPool  *arena,
-			 SECItem      **encodedGenName)
-{
-    PRCList                           *head = NULL;
-    PRCList                           *tail = NULL;
-    CERTGeneralName                   *currentName = NULL;
-
-    PORT_Assert(arena);
-    if (!encodedGenName) {
-	goto loser;
-    }
-    while (*encodedGenName != NULL) {
-	currentName = CERT_DecodeGeneralName(arena, *encodedGenName, NULL);
-	if (currentName == NULL) {
-	    goto loser;
-	}
-	if (head == NULL) {
-	    head = &(currentName->l);
-	    tail = head;
-	}
-	currentName->l.next = head;
-	currentName->l.prev = tail;
-	tail = &(currentName->l);
-	(cert_get_prev_general_name(currentName))->l.next = tail;
-	encodedGenName++;
-    }
-    (cert_get_next_general_name(currentName))->l.prev = tail;
-    return cert_get_next_general_name(currentName);
-loser:
-    return NULL;
-}
-
-void
-CERT_DestroyGeneralName(CERTGeneralName *name)
-{
-    cert_DestroyGeneralNames(name);
-}
-
-SECStatus
-cert_DestroyGeneralNames(CERTGeneralName *name)
-{
-    CERTGeneralName    *first;
-    CERTGeneralName    *next = NULL;
-
-
-    first = name;
-    do {
-	next = cert_get_next_general_name(name);
-	PORT_Free(name);
-	name = next;
-    } while (name != first);
-    return SECSuccess;
-}
-
-SECItem *
-cert_EncodeNameConstraint(CERTNameConstraint  *constraint, 
-			 SECItem             *dest,
-			 PRArenaPool         *arena)
-{
-    PORT_Assert(arena);
-    if (dest == NULL) {
-	dest = (SECItem *) PORT_ArenaZAlloc(arena, sizeof(SECItem));
-	if (dest == NULL) {
-	    return NULL;
-	}
-    }
-    CERT_EncodeGeneralName(&(constraint->name), &(constraint->DERName), 
-			   arena);
-    
-    dest = SEC_ASN1EncodeItem (arena, dest, constraint,
-			       CERTNameConstraintTemplate);
-    return dest;
-} 
-
-SECStatus 
-cert_EncodeNameConstraintSubTree(CERTNameConstraint  *constraints,
-			         PRArenaPool         *arena,
-				 SECItem             ***dest,
-				 PRBool              permited)
-{
-    CERTNameConstraint  *current_constraint = constraints;
-    SECItem             **items = NULL;
-    int                 count = 0;
-    int                 i;
-    PRCList             *head;
-
-    PORT_Assert(arena);
-    if (constraints != NULL) {
-	count = 1;
-    }
-    head = (PRCList *) (((char *) constraints) + offsetof(CERTNameConstraint, l));
-    while (current_constraint->l.next != head) {
-	current_constraint = cert_get_next_name_constraint(current_constraint);
-	++count;
-    }
-    current_constraint = cert_get_next_name_constraint(current_constraint);
-    items = (SECItem **) PORT_ArenaZAlloc(arena, sizeof(SECItem *) * (count + 1));
-    
-    if (items == NULL) {
-	goto loser;
-    }
-    for (i = 0; i < count; i++) {
-	items[i] = cert_EncodeNameConstraint(current_constraint, 
-					     (SECItem *) NULL, arena);
-	if (items[i] == NULL) {
-	    goto loser;
-	}
-	current_constraint = cert_get_next_name_constraint(current_constraint);
-    }
-    *dest = items;
-    if (*dest == NULL) {
-	goto loser;
-    }
-    return SECSuccess;
-loser:
-    return SECFailure;
-}
-
-SECStatus 
-cert_EncodeNameConstraints(CERTNameConstraints  *constraints,
-			   PRArenaPool          *arena,
-			   SECItem              *dest)
-{
-    SECStatus    rv = SECSuccess;
-
-    PORT_Assert(arena);
-    if (constraints->permited != NULL) {
-	rv = cert_EncodeNameConstraintSubTree(constraints->permited, arena,
-					      &constraints->DERPermited, PR_TRUE);
-	if (rv == SECFailure) {
-	    goto loser;
-	}
-    }
-    if (constraints->excluded != NULL) {
-	rv = cert_EncodeNameConstraintSubTree(constraints->excluded, arena,
-					      &constraints->DERExcluded, PR_FALSE);
-	if (rv == SECFailure) {
-	    goto loser;
-	}
-    }
-    dest = SEC_ASN1EncodeItem(arena, dest, constraints, 
-			      CERTNameConstraintsTemplate);
-    if (dest == NULL) {
-	goto loser;
-    }
-    return SECSuccess;
-loser:
-    return SECFailure;
-}
-
-
-CERTNameConstraint *
-cert_DecodeNameConstraint(PRArenaPool       *arena,
-			  SECItem           *encodedConstraint)
-{
-    CERTNameConstraint     *constraint;
-    SECStatus              rv = SECSuccess;
-    CERTGeneralName        *temp;
-
-
-
-    PORT_Assert(arena);
-    constraint = (CERTNameConstraint *) PORT_ArenaZAlloc(arena, sizeof(CERTNameConstraint));
-    rv = SEC_ASN1DecodeItem(arena, constraint, CERTNameConstraintTemplate, encodedConstraint);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    temp = CERT_DecodeGeneralName(arena, &(constraint->DERName), &(constraint->name));
-    if (temp != &(constraint->name)) {
-	goto loser;
-    }
-
-    /* ### sjlee: since the name constraint contains only one 
-     *            CERTGeneralName, the list within CERTGeneralName shouldn't 
-     *            point anywhere else.  Otherwise, bad things will happen.
-     */
-    constraint->name.l.prev = constraint->name.l.next = &(constraint->name.l);
-    return constraint;
-loser:
-    return NULL;
-}
-
-
-CERTNameConstraint *
-cert_DecodeNameConstraintSubTree(PRArenaPool   *arena,
-				 SECItem       **subTree,
-				 PRBool        permited)
-{
-    CERTNameConstraint   *current = NULL;
-    CERTNameConstraint   *first = NULL;
-    CERTNameConstraint   *last = NULL;
-    CERTNameConstraint   *next = NULL;
-    int                  i = 0;
-
-    while (subTree[i] != NULL) {
-	current = cert_DecodeNameConstraint(arena, subTree[i]);
-	if (current == NULL) {
-	    goto loser;
-	}
-	if (last == NULL) {
-	    first = last = current;
-	}
-	current->l.prev = &(last->l);
-	current->l.next = last->l.next;
-	last->l.next = &(current->l);
-	i++;
-    }
-    first->l.prev = &(current->l);
-    return first;
-loser:
-    if (first) {
-	current = first;
-	do {
-	    next = cert_get_next_name_constraint(current);
-	    PORT_Free(current);
-	    current = next;
-	}while (current != first);
-    }
-    return NULL;
-}
-
-CERTNameConstraints *
-cert_DecodeNameConstraints(PRArenaPool   *arena,
-			   SECItem       *encodedConstraints)
-{
-    CERTNameConstraints   *constraints;
-    SECStatus             rv;
-
-    PORT_Assert(arena);
-    PORT_Assert(encodedConstraints);
-    constraints = (CERTNameConstraints *) PORT_ArenaZAlloc(arena, 
-							   sizeof(CERTNameConstraints));
-    if (constraints == NULL) {
-	goto loser;
-    }
-    rv = SEC_ASN1DecodeItem(arena, constraints, CERTNameConstraintsTemplate, 
-			    encodedConstraints);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    if (constraints->DERPermited != NULL && constraints->DERPermited[0] != NULL) {
-	constraints->permited = cert_DecodeNameConstraintSubTree(arena,
-								 constraints->DERPermited,
-								 PR_TRUE);
-	if (constraints->permited == NULL) {
-	    goto loser;
-	}
-    }
-    if (constraints->DERExcluded != NULL && constraints->DERExcluded[0] != NULL) {
-	constraints->excluded = cert_DecodeNameConstraintSubTree(arena,
-								 constraints->DERExcluded,
-								 PR_FALSE);
-	if (constraints->excluded == NULL) {
-	    goto loser;
-	}
-    }
-    return constraints;
-loser:
-    return NULL;
-}
-
-
-SECStatus
-CERT_CopyGeneralName(PRArenaPool      *arena, 
-		     CERTGeneralName  *dest, 
-		     CERTGeneralName  *src)
-{
-    SECStatus rv;
-    CERTGeneralName *destHead = dest;
-    CERTGeneralName *srcHead = src;
-    CERTGeneralName *temp;
-
-    PORT_Assert(dest != NULL);
-    dest->type = src->type;
-    do {
-	switch (src->type) {
-	  case certDirectoryName: {
-	      rv = SECITEM_CopyItem(arena, &dest->derDirectoryName, &src->derDirectoryName);
-	      if (rv != SECSuccess) {
-		  return rv;
-	      }
-	      rv = CERT_CopyName(arena, &dest->name.directoryName, &src->name.directoryName);
-	      break;
-	  }
-	  case certOtherName: {
-	      rv = SECITEM_CopyItem(arena, &dest->name.OthName.name, &src->name.OthName.name);
-	      if (rv != SECSuccess) {
-		  return rv;
-	      }
-	      rv = SECITEM_CopyItem(arena, &dest->name.OthName.oid, &src->name.OthName.oid);
-	      break;
-	  }
-	  default: {
-	      rv = SECITEM_CopyItem(arena, &dest->name.other, &src->name.other);
-	  }
-	}
-	src = cert_get_next_general_name(src);
-	/* if there is only one general name, we shouldn't do this */
-	if (src != srcHead) {
-	    if (dest->l.next == &destHead->l) {
-		if (arena) {
-		    temp = (CERTGeneralName *) 
-		      PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
-		} else {
-		    temp = (CERTGeneralName *)
-		      PORT_ZAlloc(sizeof(CERTGeneralName));
-		}
-		temp->l.next = &destHead->l;
-		temp->l.prev = &dest->l;
-		destHead->l.prev = &temp->l;
-		dest->l.next = &temp->l;
-		dest = temp;
-	    } else {
-		dest = cert_get_next_general_name(dest);
-	    }
-	}
-    } while (src != srcHead && rv == SECSuccess);
-    return rv;
-}
-
-
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list)
-{
-    if (list != NULL) {
-	PZ_Lock(list->lock);
-	list->refCount++;
-	PZ_Unlock(list->lock);
-    }
-    return list;
-}
-
-CERTNameConstraint *
-CERT_CopyNameConstraint(PRArenaPool         *arena, 
-			CERTNameConstraint  *dest, 
-			CERTNameConstraint  *src)
-{
-    SECStatus  rv;
-    
-    if (dest == NULL) {
-	dest = (CERTNameConstraint *) PORT_ArenaZAlloc(arena, sizeof(CERTNameConstraint));
-	/* mark that it is not linked */
-	dest->name.l.prev = dest->name.l.next = &(dest->name.l);
-    }
-    rv = CERT_CopyGeneralName(arena, &dest->name, &src->name);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(arena, &dest->DERName, &src->DERName);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(arena, &dest->min, &src->min);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(arena, &dest->max, &src->max);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    dest->l.prev = dest->l.next = &dest->l;
-    return dest;
-loser:
-    return NULL;
-}
-
-
-CERTGeneralName *
-cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2)
-{
-    PRCList *begin1;
-    PRCList *begin2;
-    PRCList *end1;
-    PRCList *end2;
-
-    if (list1 == NULL){
-	return list2;
-    } else if (list2 == NULL) {
-	return list1;
-    } else {
-	begin1 = &list1->l;
-	begin2 = &list2->l;
-	end1 = list1->l.prev;
-	end2 = list2->l.prev;
-	end1->next = begin2;
-	end2->next = begin1;
-	begin1->prev = end2;
-	begin2->prev = end1;
-	return list1;
-    }
-}
-
-
-CERTNameConstraint *
-cert_CombineConstraintsLists(CERTNameConstraint *list1, CERTNameConstraint *list2)
-{
-    PRCList *begin1;
-    PRCList *begin2;
-    PRCList *end1;
-    PRCList *end2;
-
-    if (list1 == NULL){
-	return list2;
-    } else if (list2 == NULL) {
-	return list1;
-    } else {
-	begin1 = &list1->l;
-	begin2 = &list2->l;
-	end1 = list1->l.prev;
-	end2 = list2->l.prev;
-	end1->next = begin2;
-	end2->next = begin1;
-	begin1->prev = end2;
-	begin2->prev = end1;
-	return list1;
-    }
-}
-
-
-CERTNameConstraint *
-CERT_AddNameConstraint(CERTNameConstraint *list, 
-		       CERTNameConstraint *constraint)
-{
-    PORT_Assert(constraint != NULL);
-    constraint->l.next = constraint->l.prev = &constraint->l;
-    list = cert_CombineConstraintsLists(list, constraint);
-    return list;
-}
-
-
-SECStatus
-CERT_GetNameConstriantByType (CERTNameConstraint *constraints,
-			      CERTGeneralNameType type, 
-			      CERTNameConstraint **returnList,
-			      PRArenaPool *arena)
-{
-    CERTNameConstraint *current;
-    CERTNameConstraint *temp;
-    
-    *returnList = NULL;
-    if (!constraints)
-	return SECSuccess;
-    current = constraints;
-
-    do {
-	if (current->name.type == type || 
-	    (type == certDirectoryName && current->name.type == certRFC822Name)) {
-	    temp = NULL;
-	    temp = CERT_CopyNameConstraint(arena, temp, current);
-	    if (temp == NULL) {
-		goto loser;
-	    }
-	    *returnList = CERT_AddNameConstraint(*returnList, temp);
-	}
-	current = cert_get_next_name_constraint(current);
-    } while (current != constraints);
-    return SECSuccess;
-loser:
-    return SECFailure;
-}
-
-
-void *
-CERT_GetGeneralNameByType (CERTGeneralName *genNames,
-			   CERTGeneralNameType type, PRBool derFormat)
-{
-    CERTGeneralName *current;
-    
-    if (!genNames)
-	return (NULL);
-    current = genNames;
-
-    do {
-	if (current->type == type) {
-	    switch (type) {
-	      case certDNSName:
-	      case certEDIPartyName:
-	      case certIPAddress:
-	      case certRegisterID:
-	      case certRFC822Name:
-	      case certX400Address:
-	      case certURI: {
-		    return &(current->name.other);
-	      }
-	      case certOtherName: {
-		  return &(current->name.OthName);
-		  break;
-	      }
-	      case certDirectoryName: {
-		  if (derFormat) {
-		      return &(current->derDirectoryName);
-		  } else{
-		      return &(current->name.directoryName);
-		  }
-		  break;
-	      }
-	    }
-	}
-	current = cert_get_next_general_name(current);
-    } while (current != genNames);
-    return (NULL);
-}
-
-int
-CERT_GetNamesLength(CERTGeneralName *names)
-{
-    int              length = 0;
-    CERTGeneralName  *first;
-
-    first = names;
-    if (names != NULL) {
-	do {
-	    length++;
-	    names = cert_get_next_general_name(names);
-	} while (names != first);
-    }
-    return length;
-}
-
-CERTGeneralName *
-CERT_GetCertificateNames(CERTCertificate *cert, PRArenaPool *arena)
-{
-    CERTGeneralName  *DN;
-    CERTGeneralName  *altName;
-    SECItem          altNameExtension;
-    SECStatus        rv;
-
-
-    DN = (CERTGeneralName *) PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
-    if (DN == NULL) {
-	goto loser;
-    }
-    rv = CERT_CopyName(arena, &DN->name.directoryName, &cert->subject);
-    DN->type = certDirectoryName;
-    DN->l.next = DN->l.prev = &DN->l;
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(arena, &DN->derDirectoryName, &cert->derSubject);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, 
-				&altNameExtension);
-    if (rv != SECSuccess) {
-	return DN;
-    }
-    altName = CERT_DecodeAltNameExtension(arena, &altNameExtension);
-    PORT_Free(altNameExtension.data);
-    if (altName == NULL) {
-	goto loser;
-    }
-    DN = cert_CombineNamesLists(DN, altName);
-    return DN;
-loser:
-
-    return NULL;
-}
-
-static SECStatus
-compareNameToConstraint(char *name, char *constraint, PRBool substring)
-{
-    SECStatus  rv;
-
-    if (*constraint == '\0' && *name == '\0') {
-	return SECSuccess;
-    }
-    if (*constraint == '*') {
-	return compareNameToConstraint(name, constraint + 1, PR_TRUE);
-    }
-    if (substring) {
-	if (*constraint == '\0') {
-	    return SECSuccess;
-	}
-	while (*name != *constraint) {
-	    if (*name == '\0') {
-		return SECFailure;
-	    }
-	    name++;
-	}
-	rv = compareNameToConstraint(name + 1, constraint + 1, PR_FALSE);
-	if (rv == SECSuccess) {
-	    return rv;
-	}
-	name++;
-    } else {
-	if (*name == *constraint) {
-	    name++;
-	    constraint++;
-	} else {
-	    return SECFailure;
-	}
-    }
-    return compareNameToConstraint(name, constraint, substring);
-}
-
-SECStatus
-cert_CompareNameWithConstraints(CERTGeneralName     *name, 
-				CERTNameConstraint  *constraints,
-				PRBool              excluded)
-{
-    SECStatus           rv = SECSuccess;
-    char                *nameString = NULL;
-    char                *constraintString = NULL;
-    int                 start;
-    int                 end;
-    int                 tag;
-    CERTRDN             **nameRDNS, *nameRDN;
-    CERTRDN             **constraintRDNS, *constraintRDN;
-    CERTAVA             **nameAVAS, *nameAVA;
-    CERTAVA             **constraintAVAS, *constraintAVA;
-    CERTNameConstraint  *current;
-    SECItem             *avaValue;
-    CERTName            constraintName;
-    CERTName            certName;
-    SECComparison       status = SECEqual;
-    PRArenaPool         *certNameArena;
-    PRArenaPool         *constraintNameArena;
-
-    certName.arena = NULL;
-    certName.rdns = NULL;
-    constraintName.arena = NULL;
-    constraintName.rdns = NULL;
-    if (constraints != NULL) {
-	current = constraints;
-	if (name->type == certDirectoryName) {
-	    certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	    CERT_CopyName(certNameArena, &certName, &name->name.directoryName);
-	    nameRDNS = certName.rdns;
-	    for (;;) {
-		nameRDN = *nameRDNS++;
-		nameAVAS = nameRDN->avas;
-		for(;;) {
-		    nameAVA = *nameAVAS++;
-		    tag = CERT_GetAVATag(nameAVA);
-		    if ( tag == SEC_OID_PKCS9_EMAIL_ADDRESS ||
-			 tag == SEC_OID_RFC1274_MAIL) {
-			avaValue = CERT_DecodeAVAValue(&nameAVA->value);
-			nameString = (char*)PORT_ZAlloc(avaValue->len + 1);
-			nameString = PORT_Strncpy(nameString, (char *) avaValue->data, avaValue->len);
-			start = 0;
-			while(nameString[start] != '@' && nameString[start + 1] != '\0') {
-			    start++;
-			} 
-			start++;
-			do{
-			    if (current->name.type == certRFC822Name) {
-				constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
-				constraintString = PORT_Strncpy(constraintString, 
-								(char *) current->name.name.other.data,
-								current->name.name.other.len);
-				rv = compareNameToConstraint(nameString + start, constraintString, 
-							     PR_FALSE);
-
-				if (constraintString != NULL) {
-				    PORT_Free(constraintString);
-				    constraintString = NULL;
-				}
-				if (nameString != NULL) {
-				    PORT_Free(nameString);
-				    nameString = NULL;
-				}
-				if (rv == SECSuccess && excluded == PR_TRUE) {
-				    goto found;
-				}
-				if (rv == SECSuccess && excluded == PR_FALSE) {
-				    break;
-				}
-			    }
-			    current = cert_get_next_name_constraint(current);
-			} while (current != constraints);
-		    }
-		    if (rv != SECSuccess && excluded == PR_FALSE) {
-			goto loser;
-		    }
-		    if (*nameAVAS == NULL) {
-			break;
-		    }
-		}
-		if (*nameRDNS == NULL) {
-		    break;
-		}
-	    }
-	}
-	current = constraints;
-	do {
-	    switch (name->type) {
-	      case certDNSName:
-		nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
-		nameString = PORT_Strncpy(nameString, (char *) name->name.other.data, 
-					  name->name.other.len);
-		constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
-		constraintString = PORT_Strncpy(constraintString, 
-						(char *) current->name.name.other.data,
-						current->name.name.other.len);
-		rv = compareNameToConstraint(nameString, constraintString, PR_FALSE);
-		if (nameString != NULL) {
-		    PORT_Free(nameString);
-		}
-		if (constraintString != NULL) {
-		    PORT_Free(constraintString);
-		}
-		break;
-	      case certRFC822Name:
-		nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
-		nameString = PORT_Strncpy(nameString, (char *) name->name.other.data, 
-					  name->name.other.len);
-		start = 0;
-		while(nameString[start] != '@' && nameString[start + 1] != '\0') {
-		    start++;
-		} 
-		start++;
-		constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
-		constraintString = PORT_Strncpy(constraintString, 
-						(char *) current->name.name.other.data,
-						current->name.name.other.len);
-		rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE);
-		if (nameString != NULL) {
-		    PORT_Free(nameString);
-		}
-		if (constraintString != NULL) {
-		    PORT_Free(constraintString);
-		}
-		break;
-	      case certURI:
-	        nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
-		nameString = PORT_Strncpy(nameString, (char *) name->name.other.data, 
-					  name->name.other.len);
-		start = 0;
-		while(PORT_Strncmp(nameString + start, "://", 3) != 0 && 
-		      nameString[start + 3] != '\0') {
-		    start++;
-		}
-		start +=3;
-		end = 0;
-		while(nameString[start + end] != '/' && 
-		      nameString[start + end] != '\0') {
-		    end++;
-		}
-		nameString[start + end] = '\0';
-		constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
-		constraintString = PORT_Strncpy(constraintString, 
-						(char *) current->name.name.other.data,
-						current->name.name.other.len);
-		rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE);
-		if (nameString != NULL) {
-		    PORT_Free(nameString);
-		}
-		if (constraintString != NULL) {
-		    PORT_Free(constraintString);
-		}
-		break;
-	      case certDirectoryName:  
-		if (current->name.type == certDirectoryName) {
-		    constraintNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); 
-		    CERT_CopyName(constraintNameArena, &constraintName, &current->name.name.directoryName);
-		    constraintRDNS = constraintName.rdns;  
-		    for (;;) {
-			constraintRDN = *constraintRDNS++;
-			constraintAVAS = constraintRDN->avas;
-			for(;;) {
-			    constraintAVA = *constraintAVAS++;
-			    certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-			    CERT_CopyName(certNameArena, &certName, &name->name.directoryName);
-			    nameRDNS = certName.rdns;
-			    for (;;) {
-				nameRDN = *nameRDNS++;
-				nameAVAS = nameRDN->avas++;
-				for(;;) {
-				    nameAVA = *nameAVAS++;
-				    status = CERT_CompareAVA(constraintAVA, nameAVA);
-				    if (status == SECEqual || *nameAVAS == NULL) {
-					break;
-				    }
-				}
-				if (status == SECEqual || *nameRDNS == NULL) {
-				    break;
-				}
-			    }
-			    if (status != SECEqual || *constraintAVAS == NULL) {
-				break;
-			    }
-			}
-			if (status != SECEqual || *constraintRDNS == NULL) {
-			    break;
-			}
-		    }
-		    if (status == SECEqual) {
-			if (excluded == PR_FALSE) {
-			    goto found;
-			} else {
-			    goto loser;
-			}
-		    }
-		    break;
-		} else if (current->name.type == certRFC822Name) {
-		    current = cert_get_next_name_constraint(current);
-		    continue;
-		}
-	      default:
-		/* other types are not supported */
-		if (excluded) {
-		    goto found;
-		} else {
-		    goto loser;
-		}
-	    }
-	    if (rv == SECSuccess && status == SECEqual) {
-		goto found;
-	    }
-	    current = cert_get_next_name_constraint(current);
-	} while (current !=constraints);
-    } else {
-	goto found;
-    }
-loser:
-    if (certName.arena) {
-	CERT_DestroyName(&certName);
-    }
-    if (constraintName.arena) {
-	CERT_DestroyName(&constraintName);
-    }
-    return SECFailure;
-found:
-    if (certName.arena) {
-	CERT_DestroyName(&certName);
-    }
-    if (constraintName.arena) {
-	CERT_DestroyName(&constraintName);
-    }
-    return SECSuccess;
-}
-
-
-CERTCertificate *
-CERT_CompareNameSpace(CERTCertificate  *cert,
-		      CERTGeneralName  *namesList,
- 		      SECItem          *namesListIndex,
- 		      PRArenaPool      *arena,
- 		      CERTCertDBHandle *handle)
-{
-    SECStatus            rv;
-    SECItem              constraintsExtension;
-    CERTNameConstraints  *constraints;
-    CERTGeneralName      *currentName;
-    int                  count = 0;
-    CERTNameConstraint  *matchingConstraints;
-    CERTCertificate      *badCert = NULL;
-    
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_NAME_CONSTRAINTS, &constraintsExtension);
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-    constraints = cert_DecodeNameConstraints(arena, &constraintsExtension);
-    currentName = namesList;
-    if (constraints == NULL) {
-	goto loser;
-    }
-    do {
- 	if (constraints->excluded != NULL) {
- 	    rv = CERT_GetNameConstriantByType(constraints->excluded, currentName->type, 
- 					      &matchingConstraints, arena);
- 	    if (rv != SECSuccess) {
- 		goto loser;
- 	    }
- 	    if (matchingConstraints != NULL) {
- 		rv = cert_CompareNameWithConstraints(currentName, matchingConstraints,
- 						     PR_TRUE);
- 		if (rv != SECFailure) {
- 		    goto loser;
- 		}
- 	    }
- 	}
- 	if (constraints->permited != NULL) {
- 	    rv = CERT_GetNameConstriantByType(constraints->permited, currentName->type, 
- 					      &matchingConstraints, arena);
-            if (rv != SECSuccess) {
-		goto loser;
-	    }
- 	    if (matchingConstraints != NULL) {
- 		rv = cert_CompareNameWithConstraints(currentName, matchingConstraints,
- 						     PR_FALSE);
- 		if (rv != SECSuccess) {
- 		    goto loser;
- 		}
- 	    } else {
- 		goto loser;
- 	    }
- 	}
- 	currentName = cert_get_next_general_name(currentName);
- 	count ++;
-    } while (currentName != namesList);
-    return NULL;
-loser:
-    badCert = CERT_FindCertByName (handle, &namesListIndex[count]);
-    return badCert;
-}
-
-
-
-/* Search the cert for an X509_SUBJECT_ALT_NAME extension.
-** ASN1 Decode it into a list of alternate names.
-** Search the list of alternate names for one with the NETSCAPE_NICKNAME OID.
-** ASN1 Decode that name.  Turn the result into a zString.  
-** Look for duplicate nickname already in the certdb. 
-** If one is found, create a nickname string that is not a duplicate.
-*/
-char *
-CERT_GetNickName(CERTCertificate   *cert,
- 		 CERTCertDBHandle  *handle,
-		 PRArenaPool      *nicknameArena)
-{ 
-    CERTGeneralName  *current;
-    CERTGeneralName  *names;
-    char             *nickname   = NULL;
-    char             *returnName = NULL;
-    char             *basename   = NULL;
-    PRArenaPool      *arena      = NULL;
-    CERTCertificate  *tmpcert;
-    SECStatus        rv;
-    int              count;
-    int              found = 0;
-    SECItem          altNameExtension;
-    SECItem          nick;
-
-    if (handle == NULL) {
-	handle = CERT_GetDefaultCertDB();
-    }
-    altNameExtension.data = NULL;
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, 
-				&altNameExtension);
-    if (rv != SECSuccess) { 
-	goto loser; 
-    }
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-    names = CERT_DecodeAltNameExtension(arena, &altNameExtension);
-    if (names == NULL) {
-	goto loser;
-    } 
-    current = names;
-    do {
-	if (current->type == certOtherName && 
-	    SECOID_FindOIDTag(&current->name.OthName.oid) == 
-	      SEC_OID_NETSCAPE_NICKNAME) {
-	    found = 1;
-	    break;
-	}
-	current = cert_get_next_general_name(current);
-    } while (current != names);
-    if (!found)
-    	goto loser;
-
-    rv = SEC_ASN1DecodeItem(arena, &nick, SEC_IA5StringTemplate, 
-			    &current->name.OthName.name);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /* make a null terminated string out of nick, with room enough at
-    ** the end to add on a number of up to 21 digits in length, (a signed
-    ** 64-bit number in decimal) plus a space and a "#". 
-    */
-    nickname = (char*)PORT_ZAlloc(nick.len + 24);
-    if (!nickname) 
-	goto loser;
-    PORT_Strncpy(nickname, (char *)nick.data, nick.len);
-
-    /* Don't let this cert's nickname duplicate one already in the DB.
-    ** If it does, create a variant of the nickname that doesn't.
-    */
-    count = 0;
-    while ((tmpcert = CERT_FindCertByNickname(handle, nickname)) != NULL) {
-	CERT_DestroyCertificate(tmpcert);
-	if (!basename) {
-	    basename = PORT_Strdup(nickname);
-	    if (!basename)
-		goto loser;
-	}
-	count++;
-	sprintf(nickname, "%s #%d", basename, count);
-    }
-
-    /* success */
-    if (nicknameArena) {
-	returnName =  PORT_ArenaStrdup(nicknameArena, nickname);
-    } else {
-	returnName = nickname;
-	nickname = NULL;
-    }
-loser:
-    if (arena != NULL) 
-	PORT_FreeArena(arena, PR_FALSE);
-    if (nickname)
-	PORT_Free(nickname);
-    if (basename)
-	PORT_Free(basename);
-    if (altNameExtension.data)
-    	PORT_Free(altNameExtension.data);
-    return returnName;
-}
-
-
-SECStatus
-CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b)
-{
-    CERTGeneralName *currentA;
-    CERTGeneralName *currentB;
-    PRBool found;
-
-    currentA = a;
-    currentB = b;
-    if (a != NULL) {
-	do { 
-	    if (currentB == NULL) {
-		return SECFailure;
-	    }
-	    currentB = cert_get_next_general_name(currentB);
-	    currentA = cert_get_next_general_name(currentA);
-	} while (currentA != a);
-    }
-    if (currentB != b) {
-	return SECFailure;
-    }
-    currentA = a;
-    do {
-	currentB = b;
-	found = PR_FALSE;
-	do {
-	    if (currentB->type == currentA->type) {
-		switch (currentB->type) {
-		  case certDNSName:
-		  case certEDIPartyName:
-		  case certIPAddress:
-		  case certRegisterID:
-		  case certRFC822Name:
-		  case certX400Address:
-		  case certURI:
-		    if (SECITEM_CompareItem(&currentA->name.other,
-					    &currentB->name.other) 
-			== SECEqual) {
-			found = PR_TRUE;
-		    }
-		    break;
-		  case certOtherName:
-		    if (SECITEM_CompareItem(&currentA->name.OthName.oid,
-					    &currentB->name.OthName.oid) 
-			== SECEqual &&
-			SECITEM_CompareItem(&currentA->name.OthName.name,
-					    &currentB->name.OthName.name)
-			== SECEqual) {
-			found = PR_TRUE;
-		    }
-		    break;
-		  case certDirectoryName:
-		    if (CERT_CompareName(&currentA->name.directoryName,
-					 &currentB->name.directoryName)
-			== SECEqual) {
-			found = PR_TRUE;
-		    }
-		}
-		    
-	    }
-	    currentB = cert_get_next_general_name(currentB);
-	} while (currentB != b && found != PR_TRUE);
-	if (found != PR_TRUE) {
-	    return SECFailure;
-	}
-	currentA = cert_get_next_general_name(currentA);
-    } while (currentA != a);
-    return SECSuccess;
-}
-
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b)
-{
-    SECStatus rv;
-
-    if (a == b) {
-	return SECSuccess;
-    }
-    if (a != NULL && b != NULL) {
-	PZ_Lock(a->lock);
-	PZ_Lock(b->lock);
-	rv = CERT_CompareGeneralName(a->name, b->name);
-	PZ_Unlock(a->lock);
-	PZ_Unlock(b->lock);
-    } else {
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
-				  CERTGeneralNameType type,
-				  PRArenaPool *arena)
-{
-    CERTName *name = NULL; 
-    SECItem *item = NULL;
-    OtherName *other = NULL;
-    OtherName *tmpOther = NULL;
-    void *data;
-
-    PZ_Lock(list->lock);
-    data = CERT_GetGeneralNameByType(list->name, type, PR_FALSE);
-    if (data != NULL) {
-	switch (type) {
-	  case certDNSName:
-	  case certEDIPartyName:
-	  case certIPAddress:
-	  case certRegisterID:
-	  case certRFC822Name:
-	  case certX400Address:
-	  case certURI:
-	    if (arena != NULL) {
-		item = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
-		if (item != NULL) {
-		    SECITEM_CopyItem(arena, item, (SECItem *) data);
-		}
-	    } else { 
-		item = SECITEM_DupItem((SECItem *) data);
-	    }
-	    PZ_Unlock(list->lock);
-	    return item;
-	  case certOtherName:
-	    other = (OtherName *) data;
-	    if (arena != NULL) {
-		tmpOther = (OtherName *)PORT_ArenaAlloc(arena, 
-							sizeof(OtherName));
-	    } else {
-		tmpOther = (OtherName *) PORT_Alloc(sizeof(OtherName));
-	    }
-	    if (tmpOther != NULL) {
-		SECITEM_CopyItem(arena, &tmpOther->oid, &other->oid);
-		SECITEM_CopyItem(arena, &tmpOther->name, &other->name);
-	    }
-	    PZ_Unlock(list->lock);
-	    return tmpOther;
-	  case certDirectoryName:
-	    if (arena == NULL) {
-		PZ_Unlock(list->lock);
-		return NULL;
-	    } else {
-		name = (CERTName *) PORT_ArenaZAlloc(list->arena, 
-						    sizeof(CERTName));
-		if (name != NULL) {
-		    CERT_CopyName(arena, name, (CERTName *) data);
-		}
-		PZ_Unlock(list->lock);
-		return name;
-	    }
-	}
-    }
-    PZ_Unlock(list->lock);
-    return NULL;
-}
-
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list, 
-			  CERTGeneralNameType type,
-			  void *data, SECItem *oid)
-{
-    CERTGeneralName *name;
-
-    if (list != NULL && data != NULL) {
-	PZ_Lock(list->lock);
-	name = (CERTGeneralName *) 
-	    PORT_ArenaZAlloc(list->arena, sizeof(CERTGeneralName));
-	name->type = type;
-	switch (type) {
-	  case certDNSName:
-	  case certEDIPartyName:
-	  case certIPAddress:
-	  case certRegisterID:
-	  case certRFC822Name:
-	  case certX400Address:
-	  case certURI:
-	    SECITEM_CopyItem(list->arena, &name->name.other, (SECItem *)data);
-	    break;
-	  case certOtherName:
-	    SECITEM_CopyItem(list->arena, &name->name.OthName.name,
-			     (SECItem *) data);
-	    SECITEM_CopyItem(list->arena, &name->name.OthName.oid,
-			     oid);
-	    break;
-	  case certDirectoryName:
-	    CERT_CopyName(list->arena, &name->name.directoryName,
-			  (CERTName *) data);
-	    break;
-	}
-	name->l.prev = name->l.next = &name->l;
-	list->name = cert_CombineNamesLists(list->name, name);
-	list->len++;
-	PZ_Unlock(list->lock);
-    }
-    return;
-}
diff --git a/security/nss/lib/certdb/genname.h b/security/nss/lib/certdb/genname.h
deleted file mode 100644
index 8e3a58619..000000000
--- a/security/nss/lib/certdb/genname.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _GENAME_H_
-#define _GENAME_H_
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template CERT_GeneralNamesTemplate[];
-
-extern CERTGeneralName *
-cert_get_next_general_name(CERTGeneralName *current);
-
-extern CERTGeneralName *
-cert_get_prev_general_name(CERTGeneralName *current);
-
-extern SECItem *
-CERT_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest,
-		       PRArenaPool *arena);
-
-extern SECItem **
-cert_EncodeGeneralNames(PRArenaPool *arena, CERTGeneralName *names);
-
-extern CERTGeneralName *
-CERT_DecodeGeneralName(PRArenaPool *arena, SECItem *encodedName,
-		       CERTGeneralName  *genName);
-
-extern CERTGeneralName *
-cert_DecodeGeneralNames(PRArenaPool *arena, SECItem **encodedGenName);
-
-extern SECStatus
-cert_DestroyGeneralNames(CERTGeneralName *name);
-
-extern SECStatus 
-cert_EncodeNameConstraints(CERTNameConstraints *constraints, PRArenaPool *arena,
-			   SECItem *dest);
-
-extern CERTNameConstraints *
-cert_DecodeNameConstraints(PRArenaPool *arena, SECItem *encodedConstraints);
-
-extern CERTGeneralName *
-cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2);
-
-extern CERTNameConstraint *
-cert_CombineConstraintsLists(CERTNameConstraint *list1, CERTNameConstraint *list2);
-
-SECStatus
-CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b);
-
-SECStatus
-CERT_CopyGeneralName(PRArenaPool      *arena, 
-		     CERTGeneralName  *dest, 
-		     CERTGeneralName  *src);
-
-/* General Name Lists are a thread safe, reference counting layer to 
- * general names */
-
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
-
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name);
-
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b);
-
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
-				  CERTGeneralNameType type,
-				  PRArenaPool *arena);
-
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list, 
-			  CERTGeneralNameType type,
-			  void *data, SECItem *oid);
-
-
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list);
-
-
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/certdb/manifest.mn b/security/nss/lib/certdb/manifest.mn
deleted file mode 100644
index 33b3fb612..000000000
--- a/security/nss/lib/certdb/manifest.mn
+++ /dev/null
@@ -1,67 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	cert.h \
-	certt.h \
-	certdb.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	genname.h \
-	xconst.h \
-	certxutl.h \
-	$(NULL)
-
-MODULE = security
-
-CSRCS = \
-	alg1485.c \
-	certdb.c \
-	certv3.c \
-	certxutl.c \
-	crl.c \
-	genname.c \
-	stanpcertdb.c \
-	polcyxtn.c \
-	secname.c \
-	xauthkid.c \
-	xbsconst.c \
-	xconst.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = certdb
-
diff --git a/security/nss/lib/certdb/polcyxtn.c b/security/nss/lib/certdb/polcyxtn.c
deleted file mode 100644
index 7f3dd3a78..000000000
--- a/security/nss/lib/certdb/polcyxtn.c
+++ /dev/null
@@ -1,541 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for various policy related extensions
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secport.h"
-#include "secder.h"
-#include "cert.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "nspr.h"
-
-const SEC_ASN1Template CERT_NoticeReferenceTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTNoticeReference) },
-/* NOTE: this should be a choice */
-    { SEC_ASN1_IA5_STRING,
-	  offsetof(CERTNoticeReference, organization) },
-    { SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTNoticeReference, noticeNumbers),
-	  SEC_IntegerTemplate }, 
-    { 0 }
-};
-
-/* this template can not be encoded because of the option inline */
-const SEC_ASN1Template CERT_UserNoticeTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTUserNotice) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED,
-	  offsetof(CERTUserNotice, derNoticeReference) }, 
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	  offsetof(CERTUserNotice, displayText) }, 
-    { 0 }
-};
-
-const SEC_ASN1Template CERT_PolicyQualifierTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTPolicyQualifier) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CERTPolicyQualifier, qualifierID) },
-    { SEC_ASN1_ANY,
-	  offsetof(CERTPolicyQualifier, qualifierValue) },
-    { 0 }
-};
-
-const SEC_ASN1Template CERT_PolicyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTPolicyInfo) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CERTPolicyInfo, policyID) },
-    { SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTPolicyInfo, policyQualifiers),
-	  CERT_PolicyQualifierTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template CERT_CertificatePoliciesTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTCertificatePolicies, policyInfos),
-	  CERT_PolicyInfoTemplate, sizeof(CERTCertificatePolicies)  }
-};
-
-static void
-breakLines(char *string)
-{
-    char *tmpstr;
-    char *lastspace = NULL;
-    int curlen = 0;
-    int c;
-    
-    tmpstr = string;
-
-    while ( ( c = *tmpstr ) != '\0' ) {
-	switch ( c ) {
-	  case ' ':
-	    lastspace = tmpstr;
-	    break;
-	  case '\n':
-	    lastspace = NULL;
-	    curlen = 0;
-	    break;
-	}
-	
-	if ( ( curlen >= 55 ) && ( lastspace != NULL ) ) {
-	    *lastspace = '\n';
-	    curlen = ( tmpstr - lastspace );
-	    lastspace = NULL;
-	}
-	
-	curlen++;
-	tmpstr++;
-    }
-    
-    return;
-}
-
-CERTCertificatePolicies *
-CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue)
-{
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    CERTCertificatePolicies *policies;
-    CERTPolicyInfo **policyInfos, *policyInfo;
-    CERTPolicyQualifier **policyQualifiers, *policyQualifier;
-    
-    /* make a new arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	goto loser;
-    }
-
-    /* allocate the certifiate policies structure */
-    policies = (CERTCertificatePolicies *)
-	PORT_ArenaZAlloc(arena, sizeof(CERTCertificatePolicies));
-    
-    if ( policies == NULL ) {
-	goto loser;
-    }
-    
-    policies->arena = arena;
-
-    /* decode the policy info */
-    rv = SEC_ASN1DecodeItem(arena, policies, CERT_CertificatePoliciesTemplate,
-			    extnValue);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* initialize the oid tags */
-    policyInfos = policies->policyInfos;
-    while (*policyInfos != NULL ) {
-	policyInfo = *policyInfos;
-	policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);
-	policyQualifiers = policyInfo->policyQualifiers;
-	while ( *policyQualifiers != NULL ) {
-	    policyQualifier = *policyQualifiers;
-	    policyQualifier->oid =
-		SECOID_FindOIDTag(&policyQualifier->qualifierID);
-	    policyQualifiers++;
-	}
-	policyInfos++;
-    }
-
-    return(policies);
-    
-loser:
-    if ( arena != NULL ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-void
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies)
-{
-    if ( policies != NULL ) {
-	PORT_FreeArena(policies->arena, PR_FALSE);
-    }
-    return;
-}
-
-
-CERTUserNotice *
-CERT_DecodeUserNotice(SECItem *noticeItem)
-{
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    CERTUserNotice *userNotice;
-    
-    /* make a new arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	goto loser;
-    }
-
-    /* allocate the userNotice structure */
-    userNotice = (CERTUserNotice *)PORT_ArenaZAlloc(arena,
-						    sizeof(CERTUserNotice));
-    
-    if ( userNotice == NULL ) {
-	goto loser;
-    }
-    
-    userNotice->arena = arena;
-
-    /* decode the user notice */
-    rv = SEC_ASN1DecodeItem(arena, userNotice, CERT_UserNoticeTemplate, 
-			    noticeItem);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    if (userNotice->derNoticeReference.data != NULL) {
-	/* sigh, the asn1 parser stripped the sequence encoding, re add it
-	 * before we decode.
-	 */
-	SECItem tmpbuf;
-	int	newBytes;
-
-	newBytes = SEC_ASN1LengthLength(userNotice->derNoticeReference.len)+1;
-	tmpbuf.len = newBytes + userNotice->derNoticeReference.len;
-	tmpbuf.data = PORT_ZAlloc(tmpbuf.len);
-	if (tmpbuf.data == NULL) {
-	    goto loser;
-	}
-	tmpbuf.data[0] = SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED;
-	SEC_ASN1EncodeLength(&tmpbuf.data[1],userNotice->derNoticeReference.len);
-	PORT_Memcpy(&tmpbuf.data[newBytes],userNotice->derNoticeReference.data,
-				userNotice->derNoticeReference.len);
-
-	/* OK, no decode it */
-    	rv = SEC_ASN1DecodeItem(arena, &userNotice->noticeReference, 
-	    CERT_NoticeReferenceTemplate, &tmpbuf);
-
-	PORT_Free(tmpbuf.data); tmpbuf.data = NULL;
-    	if ( rv != SECSuccess ) {
-	    goto loser;
-    	}
-    }
-
-    return(userNotice);
-    
-loser:
-    if ( arena != NULL ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-void
-CERT_DestroyUserNotice(CERTUserNotice *userNotice)
-{
-    if ( userNotice != NULL ) {
-	PORT_FreeArena(userNotice->arena, PR_FALSE);
-    }
-    return;
-}
-
-static CERTPolicyStringCallback policyStringCB = NULL;
-static void *policyStringCBArg = NULL;
-
-void
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg)
-{
-    policyStringCB = cb;
-    policyStringCBArg = cbarg;
-    return;
-}
-
-char *
-stringFromUserNotice(SECItem *noticeItem)
-{
-    SECItem *org;
-    unsigned int len, headerlen;
-    char *stringbuf;
-    CERTUserNotice *userNotice;
-    char *policystr;
-    char *retstr = NULL;
-    SECItem *displayText;
-    SECItem **noticeNumbers;
-    unsigned int strnum;
-    
-    /* decode the user notice */
-    userNotice = CERT_DecodeUserNotice(noticeItem);
-    if ( userNotice == NULL ) {
-	return(NULL);
-    }
-    
-    org = &userNotice->noticeReference.organization;
-    if ( (org->len != 0 ) && ( policyStringCB != NULL ) ) {
-	/* has a noticeReference */
-
-	/* extract the org string */
-	len = org->len;
-	stringbuf = (char*)PORT_Alloc(len + 1);
-	if ( stringbuf != NULL ) {
-	    PORT_Memcpy(stringbuf, org->data, len);
-	    stringbuf[len] = '\0';
-
-	    noticeNumbers = userNotice->noticeReference.noticeNumbers;
-	    while ( *noticeNumbers != NULL ) {
-		/* XXX - only one byte integers right now*/
-		strnum = (*noticeNumbers)->data[0];
-		policystr = (* policyStringCB)(stringbuf,
-					       strnum,
-					       policyStringCBArg);
-		if ( policystr != NULL ) {
-		    if ( retstr != NULL ) {
-			retstr = PR_sprintf_append(retstr, "\n%s", policystr);
-		    } else {
-			retstr = PR_sprintf_append(retstr, "%s", policystr);
-		    }
-
-		    PORT_Free(policystr);
-		}
-		
-		noticeNumbers++;
-	    }
-
-	    PORT_Free(stringbuf);
-	}
-    }
-
-    if ( retstr == NULL ) {
-	if ( userNotice->displayText.len != 0 ) {
-	    displayText = &userNotice->displayText;
-
-	    if ( displayText->len > 2 ) {
-		if ( displayText->data[0] == SEC_ASN1_VISIBLE_STRING ) {
-		    headerlen = 2;
-		    if ( displayText->data[1] & 0x80 ) {
-			/* multibyte length */
-			headerlen += ( displayText->data[1] & 0x7f );
-		    }
-
-		    len = displayText->len - headerlen;
-		    retstr = (char*)PORT_Alloc(len + 1);
-		    if ( retstr != NULL ) {
-			PORT_Memcpy(retstr, &displayText->data[headerlen],len);
-			retstr[len] = '\0';
-		    }
-		}
-	    }
-	}
-    }
-    
-    CERT_DestroyUserNotice(userNotice);
-    
-    return(retstr);
-}
-
-char *
-CERT_GetCertCommentString(CERTCertificate *cert)
-{
-    char *retstring = NULL;
-    SECStatus rv;
-    SECItem policyItem;
-    CERTCertificatePolicies *policies = NULL;
-    CERTPolicyInfo **policyInfos;
-    CERTPolicyQualifier **policyQualifiers, *qualifier;
-
-    policyItem.data = NULL;
-    
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES,
-				&policyItem);
-    if ( rv != SECSuccess ) {
-	goto nopolicy;
-    }
-
-    policies = CERT_DecodeCertificatePoliciesExtension(&policyItem);
-    if ( policies == NULL ) {
-	goto nopolicy;
-    }
-
-    policyInfos = policies->policyInfos;
-    /* search through policyInfos looking for the verisign policy */
-    while (*policyInfos != NULL ) {
-	if ( (*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES ) {
-	    policyQualifiers = (*policyInfos)->policyQualifiers;
-	    /* search through the policy qualifiers looking for user notice */
-	    while ( *policyQualifiers != NULL ) {
-		qualifier = *policyQualifiers;
-		if ( qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER ) {
-		    retstring =
-			stringFromUserNotice(&qualifier->qualifierValue);
-		    break;
-		}
-
-		policyQualifiers++;
-	    }
-	    break;
-	}
-	policyInfos++;
-    }
-
-nopolicy:
-    if ( policyItem.data != NULL ) {
-	PORT_Free(policyItem.data);
-    }
-
-    if ( policies != NULL ) {
-	CERT_DestroyCertificatePoliciesExtension(policies);
-    }
-    
-    if ( retstring == NULL ) {
-	retstring = CERT_FindNSStringExtension(cert,
-					       SEC_OID_NS_CERT_EXT_COMMENT);
-    }
-    
-    if ( retstring != NULL ) {
-	breakLines(retstring);
-    }
-    
-    return(retstring);
-}
-
-
-const SEC_ASN1Template CERT_OidSeqTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTOidSequence, oids),
-	  SEC_ObjectIDTemplate }
-};
-
-CERTOidSequence *
-CERT_DecodeOidSequence(SECItem *seqItem)
-{
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    CERTOidSequence *oidSeq;
-    
-    /* make a new arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	goto loser;
-    }
-
-    /* allocate the userNotice structure */
-    oidSeq = (CERTOidSequence *)PORT_ArenaZAlloc(arena,
-						 sizeof(CERTOidSequence));
-    
-    if ( oidSeq == NULL ) {
-	goto loser;
-    }
-    
-    oidSeq->arena = arena;
-
-    /* decode the user notice */
-    rv = SEC_ASN1DecodeItem(arena, oidSeq, CERT_OidSeqTemplate, seqItem);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    return(oidSeq);
-    
-loser:
-    return(NULL);
-}
-
-
-void
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq)
-{
-    if ( oidSeq != NULL ) {
-	PORT_FreeArena(oidSeq->arena, PR_FALSE);
-    }
-    return;
-}
-
-PRBool
-CERT_GovtApprovedBitSet(CERTCertificate *cert)
-{
-    SECStatus rv;
-    SECItem extItem;
-    CERTOidSequence *oidSeq = NULL;
-    PRBool ret;
-    SECItem **oids;
-    SECItem *oid;
-    SECOidTag oidTag;
-    
-    extItem.data = NULL;
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    oidSeq = CERT_DecodeOidSequence(&extItem);
-    if ( oidSeq == NULL ) {
-	goto loser;
-    }
-
-    oids = oidSeq->oids;
-    while ( oids != NULL && *oids != NULL ) {
-	oid = *oids;
-	
-	oidTag = SECOID_FindOIDTag(oid);
-	
-	if ( oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED ) {
-	    goto success;
-	}
-	
-	oids++;
-    }
-
-loser:
-    ret = PR_FALSE;
-    goto done;
-success:
-    ret = PR_TRUE;
-done:
-    if ( oidSeq != NULL ) {
-	CERT_DestroyOidSequence(oidSeq);
-    }
-    if (extItem.data != NULL) {
-	PORT_Free(extItem.data);
-    }
-    return(ret);
-}
diff --git a/security/nss/lib/certdb/secname.c b/security/nss/lib/certdb/secname.c
deleted file mode 100644
index 9296fd86d..000000000
--- a/security/nss/lib/certdb/secname.c
+++ /dev/null
@@ -1,641 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "secoid.h"
-#include "secder.h"	/* XXX remove this when remove the DERTemplates */
-#include "secasn1.h"
-#include "secitem.h"
-#include <stdarg.h>
-#include "secerr.h"
-
-static const SEC_ASN1Template cert_AVATemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTAVA) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CERTAVA,type), },
-    { SEC_ASN1_ANY,
-	  offsetof(CERTAVA,value), },
-    { 0, }
-};
-
-const SEC_ASN1Template CERT_RDNTemplate[] = {
-    { SEC_ASN1_SET_OF,
-	  offsetof(CERTRDN,avas), cert_AVATemplate, sizeof(CERTRDN) }
-};
-
-
-static int
-CountArray(void **array)
-{
-    int count = 0;
-    if (array) {
-	while (*array++) {
-	    count++;
-	}
-    }
-    return count;
-}
-
-static void
-**AddToArray(PRArenaPool *arena, void **array, void *element)
-{
-    unsigned count;
-    void **ap;
-
-    /* Count up number of slots already in use in the array */
-    count = 0;
-    ap = array;
-    if (ap) {
-	while (*ap++) {
-	    count++;
-	}
-    }
-
-    if (array) {
-	array = (void**) PORT_ArenaGrow(arena, array,
-					(count + 1) * sizeof(void *),
-					(count + 2) * sizeof(void *));
-    } else {
-	array = (void**) PORT_ArenaAlloc(arena, (count + 2) * sizeof(void *));
-    }
-    if (array) {
-	array[count] = element;
-	array[count+1] = 0;
-    }
-    return array;
-}
-
-#if 0
-static void
-**RemoveFromArray(void **array, void *element)
-{
-    unsigned count;
-    void **ap;
-    int slot;
-
-    /* Look for element */
-    ap = array;
-    if (ap) {
-	count = 1;			/* count the null at the end */
-	slot = -1;
-	for (; *ap; ap++, count++) {
-	    if (*ap == element) {
-		/* Found it */
-		slot = ap - array;
-	    }
-	}
-	if (slot >= 0) {
-	    /* Found it. Squish array down */
-	    PORT_Memmove((void*) (array + slot), (void*) (array + slot + 1),
-		       (count - slot - 1) * sizeof(void*));
-	    /* Don't bother reallocing the memory */
-	}
-    }
-    return array;
-}
-#endif /* 0 */
-
-SECOidTag
-CERT_GetAVATag(CERTAVA *ava)
-{
-    SECOidData *oid;
-    if (!ava->type.data) return (SECOidTag)-1;
-
-    oid = SECOID_FindOID(&ava->type);
-    
-    if ( oid ) {
-	return(oid->offset);
-    }
-    return (SECOidTag)-1;
-}
-
-static SECStatus
-SetupAVAType(PRArenaPool *arena, SECOidTag type, SECItem *it, unsigned *maxLenp)
-{
-    unsigned char *oid;
-    unsigned oidLen;
-    unsigned char *cp;
-    unsigned maxLen;
-    SECOidData *oidrec;
-
-    oidrec = SECOID_FindOIDByTag(type);
-    if (oidrec == NULL)
-	return SECFailure;
-
-    oid = oidrec->oid.data;
-    oidLen = oidrec->oid.len;
-
-    switch (type) {
-      case SEC_OID_AVA_COUNTRY_NAME:
-	maxLen = 2;
-	break;
-      case SEC_OID_AVA_ORGANIZATION_NAME:
-	maxLen = 64;
-	break;
-      case SEC_OID_AVA_COMMON_NAME:
-	maxLen = 64;
-	break;
-      case SEC_OID_AVA_LOCALITY:
-	maxLen = 128;
-	break;
-      case SEC_OID_AVA_STATE_OR_PROVINCE:
-	maxLen = 128;
-	break;
-      case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
-	maxLen = 64;
-	break;
-      case SEC_OID_AVA_DC:
-	maxLen = 128;
-	break;
-      case SEC_OID_AVA_DN_QUALIFIER:
-	maxLen = 0x7fff;
-	break;
-      case SEC_OID_PKCS9_EMAIL_ADDRESS:
-	maxLen = 128;
-	break;
-      case SEC_OID_RFC1274_UID:
-	maxLen = 256;  /* RFC 1274 specifies 256 */
-	break;
-      case SEC_OID_RFC1274_MAIL:
-	maxLen = 256;  /* RFC 1274 specifies 256 */
-	break; 
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, oidLen);
-    if (cp == NULL) {
-	return SECFailure;
-    }
-    it->len = oidLen;
-    PORT_Memcpy(cp, oid, oidLen);
-    *maxLenp = maxLen;
-    return SECSuccess;
-}
-
-static SECStatus
-SetupAVAValue(PRArenaPool *arena, int valueType, char *value, SECItem *it,
-	      unsigned maxLen)
-{
-    unsigned valueLen, valueLenLen, total;
-    unsigned ucs4Len = 0, ucs4MaxLen;
-    unsigned char *cp, *ucs4Val;
-
-    switch (valueType) {
-      case SEC_ASN1_PRINTABLE_STRING:
-      case SEC_ASN1_IA5_STRING:
-      case SEC_ASN1_T61_STRING:
-	valueLen = PORT_Strlen(value);
-	break;
-      case SEC_ASN1_UNIVERSAL_STRING:
-	valueLen = PORT_Strlen(value);
-	ucs4Val = (unsigned char *)PORT_ArenaZAlloc(arena, 
-						    PORT_Strlen(value) * 6);
-	ucs4MaxLen = PORT_Strlen(value) * 6;
-	if(!ucs4Val || !PORT_UCS4_UTF8Conversion(PR_TRUE, (unsigned char *)value, valueLen,
-					ucs4Val, ucs4MaxLen, &ucs4Len)) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    return SECFailure;
-	}
-	value = (char *)ucs4Val;
-	valueLen = ucs4Len;
-	break;
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    if (((valueType != SEC_ASN1_UNIVERSAL_STRING) && (valueLen > maxLen)) ||
-      ((valueType == SEC_ASN1_UNIVERSAL_STRING) && (valueLen > (maxLen * 4)))) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    } 
-
-    valueLenLen = DER_LengthLength(valueLen);
-    total = 1 + valueLenLen + valueLen;
-    it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, total);
-    if (!cp) {
-	return SECFailure;
-    }
-    it->len = total;
-    cp = (unsigned char*) DER_StoreHeader(cp, valueType, valueLen);
-    PORT_Memcpy(cp, value, valueLen);
-    return SECSuccess;
-}
-
-CERTAVA *
-CERT_CreateAVA(PRArenaPool *arena, SECOidTag kind, int valueType, char *value)
-{
-    CERTAVA *ava;
-    int rv;
-    unsigned maxLen;
-
-    ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
-    if (ava) {
-	rv = SetupAVAType(arena, kind, &ava->type, &maxLen);
-	if (rv) {
-	    /* Illegal AVA type */
-	    return 0;
-	}
-	rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen);
-	if (rv) {
-	    /* Illegal value type */
-	    return 0;
-	}
-    }
-    return ava;
-}
-
-CERTAVA *
-CERT_CopyAVA(PRArenaPool *arena, CERTAVA *from)
-{
-    CERTAVA *ava;
-    int rv;
-
-    ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
-    if (ava) {
-	rv = SECITEM_CopyItem(arena, &ava->type, &from->type);
-	if (rv) goto loser;
-	rv = SECITEM_CopyItem(arena, &ava->value, &from->value);
-	if (rv) goto loser;
-    }
-    return ava;
-
-  loser:
-    return 0;
-}
-
-/************************************************************************/
-/* XXX This template needs to go away in favor of the new SEC_ASN1 version. */
-static const SEC_ASN1Template cert_RDNTemplate[] = {
-    { SEC_ASN1_SET_OF,
-	  offsetof(CERTRDN,avas), cert_AVATemplate, sizeof(CERTRDN) }
-};
-
-
-CERTRDN *
-CERT_CreateRDN(PRArenaPool *arena, CERTAVA *ava0, ...)
-{
-    CERTAVA *ava;
-    CERTRDN *rdn;
-    va_list ap;
-    unsigned count;
-    CERTAVA **avap;
-
-    rdn = (CERTRDN*) PORT_ArenaAlloc(arena, sizeof(CERTRDN));
-    if (rdn) {
-	/* Count number of avas going into the rdn */
-	count = 1;
-	va_start(ap, ava0);
-	while ((ava = va_arg(ap, CERTAVA*)) != 0) {
-	    count++;
-	}
-	va_end(ap);
-
-	/* Now fill in the pointers */
-	rdn->avas = avap =
-	    (CERTAVA**) PORT_ArenaAlloc( arena, (count + 1)*sizeof(CERTAVA*));
-	if (!avap) {
-	    return 0;
-	}
-	*avap++ = ava0;
-	va_start(ap, ava0);
-	while ((ava = va_arg(ap, CERTAVA*)) != 0) {
-	    *avap++ = ava;
-	}
-	va_end(ap);
-	*avap++ = 0;
-    }
-    return rdn;
-}
-
-SECStatus
-CERT_AddAVA(PRArenaPool *arena, CERTRDN *rdn, CERTAVA *ava)
-{
-    rdn->avas = (CERTAVA**) AddToArray(arena, (void**) rdn->avas, ava);
-    return rdn->avas ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyRDN(PRArenaPool *arena, CERTRDN *to, CERTRDN *from)
-{
-    CERTAVA **avas, *fava, *tava;
-    SECStatus rv;
-
-    /* Copy each ava from from */
-    avas = from->avas;
-    while ((fava = *avas++) != 0) {
-	tava = CERT_CopyAVA(arena, fava);
-	if (!tava) return SECFailure;
-	rv = CERT_AddAVA(arena, to, tava);
-	if (rv) return rv;
-    }
-    return SECSuccess;
-}
-
-/************************************************************************/
-
-const SEC_ASN1Template CERT_NameTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF,
-	  offsetof(CERTName,rdns), CERT_RDNTemplate, sizeof(CERTName) }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_NameTemplate)
-
-CERTName *
-CERT_CreateName(CERTRDN *rdn0, ...)
-{
-    CERTRDN *rdn;
-    CERTName *name;
-    va_list ap;
-    unsigned count;
-    CERTRDN **rdnp;
-    PRArenaPool *arena;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) {
-	return(0);
-    }
-    
-    name = (CERTName*) PORT_ArenaAlloc(arena, sizeof(CERTName));
-    if (name) {
-	name->arena = arena;
-	
-	/* Count number of RDNs going into the Name */
-	if (!rdn0) {
-	    count = 0;
-	} else {
-	    count = 1;
-	    va_start(ap, rdn0);
-	    while ((rdn = va_arg(ap, CERTRDN*)) != 0) {
-		count++;
-	    }
-	    va_end(ap);
-	}
-
-	/* Allocate space (including space for terminal null ptr) */
-	name->rdns = rdnp =
-	    (CERTRDN**) PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTRDN*));
-	if (!name->rdns) {
-	    goto loser;
-	}
-
-	/* Now fill in the pointers */
-	if (count > 0) {
-	    *rdnp++ = rdn0;
-	    va_start(ap, rdn0);
-	    while ((rdn = va_arg(ap, CERTRDN*)) != 0) {
-		*rdnp++ = rdn;
-	    }
-	    va_end(ap);
-	}
-
-	/* null terminate the list */
-	*rdnp++ = 0;
-    }
-    return name;
-
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(0);
-}
-
-void
-CERT_DestroyName(CERTName *name)
-{
-    if (name)
-    {
-        PRArenaPool *arena = name->arena;
-        name->rdns = NULL;
-	name->arena = NULL;
-	if (arena) PORT_FreeArena(arena, PR_FALSE);
-    }
-}
-
-SECStatus
-CERT_AddRDN(CERTName *name, CERTRDN *rdn)
-{
-    name->rdns = (CERTRDN**) AddToArray(name->arena, (void**) name->rdns, rdn);
-    return name->rdns ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyName(PRArenaPool *arena, CERTName *to, CERTName *from)
-{
-    CERTRDN **rdns, *frdn, *trdn;
-    SECStatus rv;
-
-    CERT_DestroyName(to);
-    to->arena = arena;
-
-    /* Copy each rdn from from */
-    rdns = from->rdns;
-    while ((frdn = *rdns++) != 0) {
-	trdn = CERT_CreateRDN(arena, 0);
-	if ( trdn == NULL ) {
-	    return(SECFailure);
-	}
-	rv = CERT_CopyRDN(arena, trdn, frdn);
-	if (rv) return rv;
-	rv = CERT_AddRDN(to, trdn);
-	if (rv) return rv;
-    }
-    return SECSuccess;
-}
-
-/************************************************************************/
-
-SECComparison
-CERT_CompareAVA(CERTAVA *a, CERTAVA *b)
-{
-    SECComparison rv;
-
-    rv = SECITEM_CompareItem(&a->type, &b->type);
-    if (rv) {
-	/*
-	** XXX for now we are going to just assume that a bitwise
-	** comparison of the value codes will do the trick.
-	*/
-    }
-    rv = SECITEM_CompareItem(&a->value, &b->value);
-    return rv;
-}
-
-SECComparison
-CERT_CompareRDN(CERTRDN *a, CERTRDN *b)
-{
-    CERTAVA **aavas, *aava;
-    CERTAVA **bavas, *bava;
-    int ac, bc;
-    SECComparison rv = SECEqual;
-
-    aavas = a->avas;
-    bavas = b->avas;
-
-    /*
-    ** Make sure array of ava's are the same length. If not, then we are
-    ** not equal
-    */
-    ac = CountArray((void**) aavas);
-    bc = CountArray((void**) bavas);
-    if (ac < bc) return SECLessThan;
-    if (ac > bc) return SECGreaterThan;
-
-    for (;;) {
-	aava = *aavas++;
-	bava = *bavas++;
-	if (!aava) {
-	    break;
-	}
-	rv = CERT_CompareAVA(aava, bava);
-	if (rv) return rv;
-    }
-    return rv;
-}
-
-SECComparison
-CERT_CompareName(CERTName *a, CERTName *b)
-{
-    CERTRDN **ardns, *ardn;
-    CERTRDN **brdns, *brdn;
-    int ac, bc;
-    SECComparison rv = SECEqual;
-
-    ardns = a->rdns;
-    brdns = b->rdns;
-
-    /*
-    ** Make sure array of rdn's are the same length. If not, then we are
-    ** not equal
-    */
-    ac = CountArray((void**) ardns);
-    bc = CountArray((void**) brdns);
-    if (ac < bc) return SECLessThan;
-    if (ac > bc) return SECGreaterThan;
-
-    for (;;) {
-	ardn = *ardns++;
-	brdn = *brdns++;
-	if (!ardn) {
-	    break;
-	}
-	rv = CERT_CompareRDN(ardn, brdn);
-	if (rv) return rv;
-    }
-    return rv;
-}
-
-/* Moved from certhtml.c */
-SECItem *
-CERT_DecodeAVAValue(SECItem *derAVAValue)
-{
-          SECItem          *retItem; 
-    const SEC_ASN1Template *theTemplate       = NULL;
-          PRBool            convertUCS4toUTF8 = PR_FALSE;
-          PRBool            convertUCS2toUTF8 = PR_FALSE;
-          SECItem           avaValue          = {siBuffer, 0}; 
-
-    if(!derAVAValue) {
-	return NULL;
-    }
-
-    switch(derAVAValue->data[0]) {
-	case SEC_ASN1_UNIVERSAL_STRING:
-	    convertUCS4toUTF8 = PR_TRUE;
-	    theTemplate = SEC_UniversalStringTemplate;
-	    break;
-	case SEC_ASN1_IA5_STRING:
-	    theTemplate = SEC_IA5StringTemplate;
-	    break;
-	case SEC_ASN1_PRINTABLE_STRING:
-	    theTemplate = SEC_PrintableStringTemplate;
-	    break;
-	case SEC_ASN1_T61_STRING:
-	    theTemplate = SEC_T61StringTemplate;
-	    break;
-	case SEC_ASN1_BMP_STRING:
-	    convertUCS2toUTF8 = PR_TRUE;
-	    theTemplate = SEC_BMPStringTemplate;
-	    break;
-	case SEC_ASN1_UTF8_STRING:
-	    /* No conversion needed ! */
-	    theTemplate = SEC_UTF8StringTemplate;
-	    break;
-	default:
-	    return NULL;
-    }
-
-    PORT_Memset(&avaValue, 0, sizeof(SECItem));
-    if(SEC_ASN1DecodeItem(NULL, &avaValue, theTemplate, derAVAValue) 
-				!= SECSuccess) {
-	return NULL;
-    }
-
-    if (convertUCS4toUTF8) {
-	unsigned int   utf8ValLen = avaValue.len * 3;
-	unsigned char *utf8Val    = (unsigned char*)PORT_ZAlloc(utf8ValLen);
-
-	if(!PORT_UCS4_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len,
-				     utf8Val, utf8ValLen, &utf8ValLen)) {
-	    PORT_Free(utf8Val);
-	    PORT_Free(avaValue.data);
-	    return NULL;
-	}
-
-	PORT_Free(avaValue.data);
-	avaValue.data = utf8Val;
-	avaValue.len = utf8ValLen;
-
-    } else if (convertUCS2toUTF8) {
-
-	unsigned int   utf8ValLen = avaValue.len * 3;
-	unsigned char *utf8Val    = (unsigned char*)PORT_ZAlloc(utf8ValLen);
-
-	if(!PORT_UCS2_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len,
-				     utf8Val, utf8ValLen, &utf8ValLen)) {
-	    PORT_Free(utf8Val);
-	    PORT_Free(avaValue.data);
-	    return NULL;
-	}
-
-	PORT_Free(avaValue.data);
-	avaValue.data = utf8Val;
-	avaValue.len = utf8ValLen;
-    }
-
-    retItem = SECITEM_DupItem(&avaValue);
-    PORT_Free(avaValue.data);
-    return retItem;
-}
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c
deleted file mode 100644
index 654da08dd..000000000
--- a/security/nss/lib/certdb/stanpcertdb.c
+++ /dev/null
@@ -1,957 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtime.h"
-
-#include "cert.h"
-#include "mcom_db.h"
-#include "certdb.h"
-#include "secitem.h"
-#include "secder.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "base64.h"
-#include "sechash.h"
-#include "plhash.h"
-#include "pk11func.h" /* sigh */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspki.h"
-#include "pki.h"
-#include "pkim.h"
-#include "pki3hack.h"
-#include "ckhelper.h"
-#include "base.h"
-#include "pkistore.h"
-#include "dev3hack.h"
-#include "dev.h"
-
-PRBool
-SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
-			 CERTCertDBHandle *handle)
-{
-    CERTCertificate *cert;
-    PRBool conflict = PR_FALSE;
-
-    cert=CERT_FindCertByNickname(handle, nickname);
-
-    if (!cert) {
-	return conflict;
-    }
-
-    conflict = !SECITEM_ItemsAreEqual(derSubject,&cert->derSubject);
-    CERT_DestroyCertificate(cert);
-    return conflict;
-}
-
-SECStatus
-SEC_DeletePermCertificate(CERTCertificate *cert)
-{
-    PRStatus nssrv;
-    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-    NSSCertificate *c = STAN_GetNSSCertificate(cert);
-    nssrv = NSSCertificate_DeleteStoredObject(c, NULL);
-    nssTrustDomain_RemoveCertFromCache(td, c);
-    return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust)
-{
-    SECStatus rv;
-    CERT_LockCertTrust(cert);
-    if ( cert->trust == NULL ) {
-	rv = SECFailure;
-    } else {
-	*trust = *cert->trust;
-	rv = SECSuccess;
-    }
-    CERT_UnlockCertTrust(cert);
-    return(rv);
-}
-
-#ifdef notdef
-static char *
-cert_parseNickname(char *nickname)
-{
-    char *cp;
-    for (cp=nickname; *cp && *cp != ':'; cp++);
-    if (*cp == ':') return cp+1;
-    return nickname;
-}
-#endif
-
-SECStatus
-CERT_ChangeCertTrust(CERTCertDBHandle *handle, CERTCertificate *cert,
-		    CERTCertTrust *trust)
-{
-    SECStatus rv = SECFailure;
-    PRStatus ret;
-
-    CERT_LockCertTrust(cert);
-    ret = STAN_ChangeCertTrust(cert, trust);
-    rv = (ret == PR_SUCCESS) ? SECSuccess : SECFailure;
-    CERT_UnlockCertTrust(cert);
-    return rv;
-}
-
-SECStatus
-__CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
-		       CERTCertTrust *trust)
-{
-    NSSUTF8 *stanNick;
-    PK11SlotInfo *slot;
-    NSSToken *internal;
-    NSSCryptoContext *context;
-    nssCryptokiObject *permInstance;
-    NSSCertificate *c = STAN_GetNSSCertificate(cert);
-    context = c->object.cryptoContext;
-    if (!context) {
-	return SECFailure; /* wasn't a temp cert */
-    }
-    stanNick = nssCertificate_GetNickname(c, NULL);
-    if (stanNick && nickname && strcmp(nickname, stanNick) != 0) {
-	/* take the new nickname */
-	cert->nickname = NULL;
-	stanNick = NULL;
-    }
-    if (!stanNick && nickname) {
-	stanNick = nssUTF8_Duplicate((NSSUTF8 *)nickname, c->object.arena);
-    }
-    /* Delete the temp instance */
-    nssCertificateStore_Remove(context->certStore, c);
-    c->object.cryptoContext = NULL;
-    /* Import the perm instance onto the internal token */
-    slot = PK11_GetInternalKeySlot();
-    internal = PK11Slot_GetNSSToken(slot);
-    permInstance = nssToken_ImportCertificate(internal, NULL,
-                                              NSSCertificateType_PKIX,
-                                              &c->id,
-                                              stanNick,
-                                              &c->encoding,
-                                              &c->issuer,
-                                              &c->subject,
-                                              &c->serial,
-					      cert->emailAddr,
-                                              PR_TRUE);
-    PK11_FreeSlot(slot);
-    if (!permInstance) {
-	return SECFailure;
-    }
-    nssPKIObject_AddInstance(&c->object, permInstance);
-    nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
-    /* reset the CERTCertificate fields */
-    cert->nssCertificate = NULL;
-    cert = STAN_GetCERTCertificate(c); /* will return same pointer */
-    if (!cert) {
-        return SECFailure;
-    }
-    cert->istemp = PR_FALSE;
-    cert->isperm = PR_TRUE;
-    if (!trust) {
-	return PR_SUCCESS;
-    }
-    return (STAN_ChangeCertTrust(cert, trust) == PR_SUCCESS) ? 
-							SECSuccess: SECFailure;
-}
-
-SECStatus
-CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
-		       CERTCertTrust *trust)
-{
-    return __CERT_AddTempCertToPerm(cert, nickname, trust);
-}
-
-CERTCertificate *
-__CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
-			  char *nickname, PRBool isperm, PRBool copyDER)
-{
-    PRStatus nssrv;
-    NSSCertificate *c;
-    CERTCertificate *cc;
-    NSSCertificate *tempCert;
-    nssPKIObject *pkio;
-    NSSCryptoContext *gCC = STAN_GetDefaultCryptoContext();
-    NSSTrustDomain *gTD = STAN_GetDefaultTrustDomain();
-    if (!isperm) {
-	NSSDER encoding;
-	NSSITEM_FROM_SECITEM(&encoding, derCert);
-	/* First, see if it is already a temp cert */
-	c = NSSCryptoContext_FindCertificateByEncodedCertificate(gCC, 
-	                                                       &encoding);
-	if (!c) {
-	    /* Then, see if it is already a perm cert */
-	    c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle, 
-	                                                           &encoding);
-	}
-	if (c) {
-	    return STAN_GetCERTCertificate(c);
-	}
-    }
-    pkio = nssPKIObject_Create(NULL, NULL, gTD, gCC);
-    if (!pkio) {
-	return NULL;
-    }
-    c = nss_ZNEW(pkio->arena, NSSCertificate);
-    if (!c) {
-	nssPKIObject_Destroy(pkio);
-	return NULL;
-    }
-    c->object = *pkio;
-    if (copyDER) {
-	nssItem_Create(c->object.arena, &c->encoding, 
-	               derCert->len, derCert->data);
-    } else {
-	NSSITEM_FROM_SECITEM(&c->encoding, derCert);
-    }
-    /* Forces a decoding of the cert in order to obtain the parts used
-     * below
-     */
-    cc = STAN_GetCERTCertificate(c);
-    if (!cc) {
-        return NULL;
-    }
-    nssItem_Create(c->object.arena, 
-                   &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
-    nssItem_Create(c->object.arena, 
-                   &c->subject, cc->derSubject.len, cc->derSubject.data);
-    if (PR_TRUE) {
-	/* CERTCertificate stores serial numbers decoded.  I need the DER
-	* here.  sigh.
-	*/
-	SECItem derSerial = { 0 };
-	CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
-	if (!derSerial.data) goto loser;
-	nssItem_Create(c->object.arena, &c->serial, derSerial.len, derSerial.data);
-	PORT_Free(derSerial.data);
-    }
-    if (nickname) {
-	c->object.tempName = nssUTF8_Create(c->object.arena, 
-                                            nssStringType_UTF8String, 
-                                            (NSSUTF8 *)nickname, 
-                                            PORT_Strlen(nickname));
-    }
-    if (cc->emailAddr) {
-	c->email = nssUTF8_Create(c->object.arena, 
-	                          nssStringType_PrintableString, 
-	                          (NSSUTF8 *)cc->emailAddr, 
-	                          PORT_Strlen(cc->emailAddr));
-    }
-    /* this function cannot detect if the cert exists as a temp cert now, but
-     * didn't when CERT_NewTemp was first called.
-     */
-    nssrv = NSSCryptoContext_ImportCertificate(gCC, c);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    /* so find the entry in the temp store */
-    tempCert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(gCC,
-                                                                   &c->issuer,
-                                                                   &c->serial);
-    /* destroy the copy */
-    NSSCertificate_Destroy(c);
-    if (tempCert) {
-	/* and use the "official" entry */
-	c = tempCert;
-	cc = STAN_GetCERTCertificate(c);
-        if (!cc) {
-            return NULL;
-        }
-    } else {
-	return NULL;
-    }
-    cc->istemp = PR_TRUE;
-    cc->isperm = PR_FALSE;
-    return cc;
-loser:
-    nssPKIObject_Destroy(&c->object);
-    return NULL;
-}
-
-CERTCertificate *
-CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
-			char *nickname, PRBool isperm, PRBool copyDER)
-{
-    return( __CERT_NewTempCertificate(handle, derCert, nickname,
-                                      isperm, copyDER) );
-}
-
-/* maybe all the wincx's should be some const for internal token login? */
-CERTCertificate *
-CERT_FindCertByIssuerAndSN(CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN)
-{
-    PK11SlotInfo *slot;
-    CERTCertificate *cert;
-
-    cert = PK11_FindCertByIssuerAndSN(&slot,issuerAndSN,NULL);
-    if (cert && slot) {
-        PK11_FreeSlot(slot);
-    }
-
-    return cert;
-}
-
-static NSSCertificate *
-get_best_temp_or_perm(NSSCertificate *ct, NSSCertificate *cp)
-{
-    NSSUsage usage;
-    NSSCertificate *arr[3];
-    if (!ct) {
-	return nssCertificate_AddRef(cp);
-    } else if (!cp) {
-	return nssCertificate_AddRef(ct);
-    }
-    arr[0] = ct;
-    arr[1] = cp;
-    arr[2] = NULL;
-    usage.anyUsage = PR_TRUE;
-    return nssCertificateArray_FindBestCertificate(arr, NULL, &usage, NULL);
-}
-
-CERTCertificate *
-CERT_FindCertByName(CERTCertDBHandle *handle, SECItem *name)
-{
-    NSSCertificate *cp, *ct, *c;
-    NSSDER subject;
-    NSSUsage usage;
-    NSSCryptoContext *cc;
-    NSSITEM_FROM_SECITEM(&subject, name);
-    usage.anyUsage = PR_TRUE;
-    cc = STAN_GetDefaultCryptoContext();
-    ct = NSSCryptoContext_FindBestCertificateBySubject(cc, &subject, 
-                                                       NULL, &usage, NULL);
-    cp = NSSTrustDomain_FindBestCertificateBySubject(handle, &subject, 
-                                                     NULL, &usage, NULL);
-    c = get_best_temp_or_perm(ct, cp);
-    if (ct) {
-	CERTCertificate *cert = STAN_GetCERTCertificate(ct);
-        if (!cert) {
-            return NULL;
-        }
-	CERT_DestroyCertificate(cert);
-    }
-    if (cp) {
-	CERTCertificate *cert = STAN_GetCERTCertificate(cp);
-        if (!cert) {
-            return NULL;
-        }
-	CERT_DestroyCertificate(cert);
-    }
-    if (c) {
-	return STAN_GetCERTCertificate(c);
-    } else {
-	return NULL;
-    }
-}
-
-CERTCertificate *
-CERT_FindCertByKeyID(CERTCertDBHandle *handle, SECItem *name, SECItem *keyID)
-{
-   CERTCertList *list =
-                        CERT_CreateSubjectCertList(NULL,handle,name,0,PR_FALSE);
-    CERTCertificate *cert = NULL;
-    CERTCertListNode *node = CERT_LIST_HEAD(list);
-
-    if (list == NULL) return NULL;
-
-    for (node = CERT_LIST_HEAD(list); node ; node = CERT_LIST_NEXT(node)) {
-        if (SECITEM_ItemsAreEqual(&cert->subjectKeyID, keyID) ) {
-            cert = CERT_DupCertificate(node->cert);
-            break;
-        }
-    }
-    return cert;
-}
-
-CERTCertificate *
-CERT_FindCertByNickname(CERTCertDBHandle *handle, char *nickname)
-{
-    NSSCryptoContext *cc;
-    NSSCertificate *c, *ct;
-    CERTCertificate *cert;
-    NSSUsage usage;
-    usage.anyUsage = PR_TRUE;
-    cc = STAN_GetDefaultCryptoContext();
-    ct = NSSCryptoContext_FindBestCertificateByNickname(cc, nickname, 
-                                                       NULL, &usage, NULL);
-    cert = PK11_FindCertFromNickname(nickname, NULL);
-    c = NULL;
-    if (cert) {
-	c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
-	CERT_DestroyCertificate(cert);
-	if (ct) {
-	    CERTCertificate *cert2 = STAN_GetCERTCertificate(ct);
-            if (!cert2) {
-                return NULL;
-            }
-	    CERT_DestroyCertificate(cert2);
-	}
-    } else {
-	c = ct;
-    }
-    if (c) {
-	return STAN_GetCERTCertificate(c);
-    } else {
-	return NULL;
-    }
-}
-
-CERTCertificate *
-CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert)
-{
-    NSSCryptoContext *cc;
-    NSSCertificate *c;
-    NSSDER encoding;
-    NSSITEM_FROM_SECITEM(&encoding, derCert);
-    cc = STAN_GetDefaultCryptoContext();
-    c = NSSCryptoContext_FindCertificateByEncodedCertificate(cc, &encoding);
-    if (!c) {
-	c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle, 
-	                                                       &encoding);
-	if (!c) return NULL;
-    }
-    return STAN_GetCERTCertificate(c);
-}
-
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name)
-{
-    NSSCryptoContext *cc;
-    NSSCertificate *c, *ct;
-    CERTCertificate *cert;
-    NSSUsage usage;
-    usage.anyUsage = PR_TRUE;
-    cc = STAN_GetDefaultCryptoContext();
-    ct = NSSCryptoContext_FindBestCertificateByNickname(cc, name, 
-                                                       NULL, &usage, NULL);
-    if (!ct) {
-	ct = NSSCryptoContext_FindBestCertificateByEmail(cc, name, 
-	                                                NULL, &usage, NULL);
-    }
-    cert = PK11_FindCertFromNickname(name, NULL);
-    if (cert) {
-	c = get_best_temp_or_perm(ct, STAN_GetNSSCertificate(cert));
-	CERT_DestroyCertificate(cert);
-	if (ct) {
-	    CERTCertificate *cert2 = STAN_GetCERTCertificate(ct);
-            if (!cert2) {
-                return NULL;
-            }
-	    CERT_DestroyCertificate(cert2);
-	}
-    } else {
-	c = ct;
-    }
-    if (c) {
-	return STAN_GetCERTCertificate(c);
-    }
-    return NULL;
-}
-
-static void 
-add_to_subject_list(CERTCertList *certList, CERTCertificate *cert,
-                    PRBool validOnly, int64 sorttime)
-{
-    SECStatus secrv;
-    if (!validOnly ||
-	CERT_CheckCertValidTimes(cert, sorttime, PR_FALSE) 
-	 == secCertTimeValid) {
-	    secrv = CERT_AddCertToListSorted(certList, cert, 
-	                                     CERT_SortCBValidity, 
-	                                     (void *)&sorttime);
-	    if (secrv != SECSuccess) {
-		CERT_DestroyCertificate(cert);
-	    }
-    } else {
-	CERT_DestroyCertificate(cert);
-    }
-}
-
-CERTCertList *
-CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
-			   SECItem *name, int64 sorttime, PRBool validOnly)
-{
-    NSSCryptoContext *cc;
-    NSSCertificate **tSubjectCerts, **pSubjectCerts;
-    NSSCertificate **ci;
-    CERTCertificate *cert;
-    NSSDER subject;
-    PRBool myList = PR_FALSE;
-    cc = STAN_GetDefaultCryptoContext();
-    NSSITEM_FROM_SECITEM(&subject, name);
-    /* Collect both temp and perm certs for the subject */
-    tSubjectCerts = NSSCryptoContext_FindCertificatesBySubject(cc,
-                                                               &subject,
-                                                               NULL,
-                                                               0,
-                                                               NULL);
-    pSubjectCerts = NSSTrustDomain_FindCertificatesBySubject(handle,
-                                                             &subject,
-                                                             NULL,
-                                                             0,
-                                                             NULL);
-    if (!tSubjectCerts && !pSubjectCerts) {
-	return NULL;
-    }
-    if (certList == NULL) {
-	certList = CERT_NewCertList();
-	myList = PR_TRUE;
-	if (!certList) goto loser;
-    }
-    /* Iterate over the matching temp certs.  Add them to the list */
-    ci = tSubjectCerts;
-    while (ci && *ci) {
-	cert = STAN_GetCERTCertificate(*ci);
-        if (cert) {
-	    add_to_subject_list(certList, cert, validOnly, sorttime);
-        }
-	ci++;
-    }
-    /* Iterate over the matching perm certs.  Add them to the list */
-    ci = pSubjectCerts;
-    while (ci && *ci) {
-	cert = STAN_GetCERTCertificate(*ci);
-        if (cert) {
-	    add_to_subject_list(certList, cert, validOnly, sorttime);
-        }
-	ci++;
-    }
-    nss_ZFreeIf(tSubjectCerts);
-    nss_ZFreeIf(pSubjectCerts);
-    return certList;
-loser:
-    nss_ZFreeIf(tSubjectCerts);
-    nss_ZFreeIf(pSubjectCerts);
-    if (myList && certList != NULL) {
-	CERT_DestroyCertList(certList);
-    }
-    return NULL;
-}
-
-void
-CERT_DestroyCertificate(CERTCertificate *cert)
-{
-    int refCount;
-    CERTCertDBHandle *handle;
-    if ( cert ) {
-	NSSCertificate *tmp = STAN_GetNSSCertificate(cert);
-	handle = cert->dbhandle;
-#ifdef NSS_CLASSIC
-        CERT_LockCertRefCount(cert);
-	PORT_Assert(cert->referenceCount > 0);
-	refCount = --cert->referenceCount;
-        CERT_UnlockCertRefCount(cert);
-	if ( ( refCount == 0 ) && !cert->keepSession ) {
-	    PRArenaPool *arena  = cert->arena;
-	    /* zero cert before freeing. Any stale references to this cert
-	     * after this point will probably cause an exception.  */
-	    PORT_Memset(cert, 0, sizeof *cert);
-	    cert = NULL;
-	    /* free the arena that contains the cert. */
-	    PORT_FreeArena(arena, PR_FALSE);
-        }
-#else
-	if (tmp) {
-	    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-	    refCount = (int)tmp->object.refCount;
-	    /* This is a hack.  For 3.4, there are persistent references
-	     * to 4.0 certificates during the lifetime of a cert.  In the
-	     * case of a temp cert, the persistent reference is in the
-	     * cert store of the global crypto context.  For a perm cert,
-	     * the persistent reference is in the cache.  Thus, the last
-	     * external reference is really the penultimate NSS reference.
-	     * When the count drops to two, it is really one, but the
-	     * persistent reference must be explicitly deleted.  In 4.0,
-	     * this ugliness will not appear.  Crypto contexts will remove
-	     * their own cert references, and the cache will have its
-	     * own management code also.
-	     */
-	    if (refCount == 2) {
-		NSSCryptoContext *cc = tmp->object.cryptoContext;
-		if (cc != NULL) {
-		    nssCertificateStore_Remove(cc->certStore, tmp);
-		} else {
-		    nssTrustDomain_RemoveCertFromCache(td, tmp);
-		}
-	    }
-	    /* delete the NSSCertificate */
-	    NSSCertificate_Destroy(tmp);
-	} else {
-	    PORT_FreeArena(cert->arena, PR_FALSE);
-	}
-#endif
-    }
-    return;
-}
-
-#ifdef notdef
-SECStatus
-CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb,
-			    CERTCertificate *cert, SECCertUsage usage)
-{
-    SECStatus rv;
-    CERTCertTrust trust;
-    CERTCertTrust tmptrust;
-    unsigned int certtype;
-    PRBool saveit;
-    
-    saveit = PR_TRUE;
-    
-    PORT_Memset((void *)&trust, 0, sizeof(trust));
-
-    certtype = cert->nsCertType;
-
-    /* if no app bits in cert type, then set all app bits */
-    if ( ! ( certtype & NS_CERT_TYPE_APP ) ) {
-	certtype |= NS_CERT_TYPE_APP;
-    }
-
-    switch ( usage ) {
-      case certUsageEmailSigner:
-      case certUsageEmailRecipient:
-	if ( certtype & NS_CERT_TYPE_EMAIL ) {
-	     trust.emailFlags = CERTDB_VALID_PEER;
-	     if ( ! ( cert->rawKeyUsage & KU_KEY_ENCIPHERMENT ) ) {
-		/* don't save it if KeyEncipherment is not allowed */
-		saveit = PR_FALSE;
-	    }
-	}
-	break;
-      case certUsageUserCertImport:
-	if ( certtype & NS_CERT_TYPE_EMAIL ) {
-	    trust.emailFlags = CERTDB_VALID_PEER;
-	}
-	/* VALID_USER is already set if the cert was imported, 
-	 * in the case that the cert was already in the database
-	 * through SMIME or other means, we should set the USER
-	 * flags, if they are not already set.
-	 */
-	if( cert->isperm ) {
-	    if ( certtype & NS_CERT_TYPE_SSL_CLIENT ) {
-		if( !(cert->trust->sslFlags & CERTDB_USER) ) {
-		    trust.sslFlags |= CERTDB_USER;
-		}
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_EMAIL ) {
-		if( !(cert->trust->emailFlags & CERTDB_USER) ) {
-		    trust.emailFlags |= CERTDB_USER;
-		}
-	    }
-	    
-	    if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING ) {
-		if( !(cert->trust->objectSigningFlags & CERTDB_USER) ) {
-		    trust.objectSigningFlags |= CERTDB_USER;
-		}
-	    }
-	}
-	break;
-      default:	/* XXX added to quiet warnings; no other cases needed? */
-	break;
-    }
-
-    if ( (trust.sslFlags | trust.emailFlags | trust.objectSigningFlags) == 0 ){
-	saveit = PR_FALSE;
-    }
-
-    if ( saveit && cert->isperm ) {
-	/* Cert already in the DB.  Just adjust flags */
-	tmptrust = *cert->trust;
-	tmptrust.sslFlags |= trust.sslFlags;
-	tmptrust.emailFlags |= trust.emailFlags;
-	tmptrust.objectSigningFlags |= trust.objectSigningFlags;
-	    
-	rv = CERT_ChangeCertTrust(cert->dbhandle, cert,
-				  &tmptrust);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-
-    rv = SECSuccess;
-    goto done;
-
-loser:
-    rv = SECFailure;
-done:
-
-    return(rv);
-}
-#endif
-
-int
-CERT_GetDBContentVersion(CERTCertDBHandle *handle)
-{
-    /* should read the DB content version from the pkcs #11 device */
-    return 0;
-}
-
-/*
- *
- * Manage S/MIME profiles
- *
- */
-
-SECStatus
-CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
-		      SECItem *profileTime)
-{
-    int64 oldtime;
-    int64 newtime;
-    SECStatus rv = SECFailure;
-    PRBool saveit;
-    char *emailAddr;
-    SECItem oldprof, oldproftime;
-    SECItem *oldProfile = NULL;
-    SECItem *oldProfileTime = NULL;
-    PK11SlotInfo *slot = NULL;
-    NSSCertificate *c;
-    NSSCryptoContext *cc;
-    nssSMIMEProfile *stanProfile = NULL;
-    PRBool freeOldProfile = PR_FALSE;
-    
-    emailAddr = cert->emailAddr;
-    
-    if ( emailAddr == NULL ) {
-	goto loser;
-    }
-
-    c = STAN_GetNSSCertificate(cert);
-    if (!c) return SECFailure;
-    cc = c->object.cryptoContext;
-    if (cc != NULL) {
-	stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
-	if (stanProfile) {
-	    PORT_Assert(stanProfile->profileData);
-	    SECITEM_FROM_NSSITEM(&oldprof, stanProfile->profileData);
-	    oldProfile = &oldprof;
-	    SECITEM_FROM_NSSITEM(&oldproftime, stanProfile->profileTime);
-	    oldProfileTime = &oldproftime;
-	}
-    } else {
-	oldProfile = PK11_FindSMimeProfile(&slot, emailAddr, &cert->derSubject, 
-							&oldProfileTime); 
-	freeOldProfile = PR_TRUE;
-    }
-
-    saveit = PR_FALSE;
-    
-    /* both profileTime and emailProfile have to exist or not exist */
-    if ( emailProfile == NULL ) {
-	profileTime = NULL;
-    } else if ( profileTime == NULL ) {
-	emailProfile = NULL;
-    }
-   
-    if ( oldProfileTime == NULL ) {
-	saveit = PR_TRUE;
-    } else {
-	/* there was already a profile for this email addr */
-	if ( profileTime ) {
-	    /* we have an old and new profile - save whichever is more recent*/
-	    if ( oldProfileTime->len == 0 ) {
-		/* always replace if old entry doesn't have a time */
-		oldtime = LL_MININT;
-	    } else {
-		rv = DER_UTCTimeToTime(&oldtime, oldProfileTime);
-		if ( rv != SECSuccess ) {
-		    goto loser;
-		}
-	    }
-	    
-	    rv = DER_UTCTimeToTime(&newtime, profileTime);
-	    if ( rv != SECSuccess ) {
-		goto loser;
-	    }
-	
-	    if ( LL_CMP(newtime, >, oldtime ) ) {
-		/* this is a newer profile, save it and cert */
-		saveit = PR_TRUE;
-	    }
-	} else {
-	    saveit = PR_TRUE;
-	}
-    }
-
-
-    if (saveit) {
-	if (cc) {
-	    if (stanProfile) {
-		/* stanProfile is already stored in the crypto context,
-		 * overwrite the data
-		 */
-		NSSArena *arena = stanProfile->object.arena;
-		stanProfile->profileTime = nssItem_Create(arena, 
-		                                          NULL,
-		                                          profileTime->len,
-		                                          profileTime->data);
-		stanProfile->profileData = nssItem_Create(arena, 
-		                                          NULL,
-		                                          emailProfile->len,
-		                                          emailProfile->data);
-	    } else if (profileTime && emailProfile) {
-		PRStatus nssrv;
-		NSSDER subject;
-		NSSItem profTime, profData;
-		NSSItem *pprofTime, *pprofData;
-		NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
-		if (profileTime) {
-		    NSSITEM_FROM_SECITEM(&profTime, profileTime);
-		    pprofTime = &profTime;
-		} else {
-		    pprofTime = NULL;
-		}
-		if (emailProfile) {
-		    NSSITEM_FROM_SECITEM(&profData, emailProfile);
-		    pprofData = &profData;
-		} else {
-		    pprofData = NULL;
-		}
-		stanProfile = nssSMIMEProfile_Create(c, pprofTime, pprofData);
-		if (!stanProfile) goto loser;
-		nssrv = nssCryptoContext_ImportSMIMEProfile(cc, stanProfile);
-		rv = (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-	    }
-	} else {
-	    rv = PK11_SaveSMimeProfile(slot, emailAddr, &cert->derSubject, 
-						emailProfile, profileTime);
-	}
-    } else {
-	rv = SECSuccess;
-    }
-
-loser:
-    if (oldProfile && freeOldProfile) {
-    	SECITEM_FreeItem(oldProfile,PR_TRUE);
-    }
-    if (oldProfileTime && freeOldProfile) {
-    	SECITEM_FreeItem(oldProfileTime,PR_TRUE);
-    }
-    if (stanProfile) {
-	nssSMIMEProfile_Destroy(stanProfile);
-    }
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    
-    return(rv);
-}
-
-SECItem *
-CERT_FindSMimeProfile(CERTCertificate *cert)
-{
-    PK11SlotInfo *slot = NULL;
-    NSSCertificate *c;
-    NSSCryptoContext *cc;
-    SECItem *rvItem = NULL;
-
-    c = STAN_GetNSSCertificate(cert);
-    if (!c) return NULL;
-    cc = c->object.cryptoContext;
-    if (cc != NULL) {
-	nssSMIMEProfile *stanProfile;
-	stanProfile = nssCryptoContext_FindSMIMEProfileForCertificate(cc, c);
-	if (stanProfile) {
-	    rvItem = SECITEM_AllocItem(NULL, NULL, 
-	                               stanProfile->profileData->size);
-	    if (rvItem) {
-		rvItem->data = stanProfile->profileData->data;
-	    }
-	    nssSMIMEProfile_Destroy(stanProfile);
-	}
-	return rvItem;
-    }
-    rvItem =
-	PK11_FindSMimeProfile(&slot, cert->emailAddr, &cert->derSubject, NULL);
-    if (slot) {
-    	PK11_FreeSlot(slot);
-    }
-    return rvItem;
-}
-
-/*
- * depricated functions that are now just stubs.
- */
-/*
- * Close the database
- */
-void
-__CERT_ClosePermCertDB(CERTCertDBHandle *handle)
-{
-    PORT_Assert("CERT_ClosePermCertDB is Depricated" == NULL);
-    return;
-}
-
-SECStatus
-CERT_OpenCertDBFilename(CERTCertDBHandle *handle, char *certdbname,
-                        PRBool readOnly)
-{
-    PORT_Assert("CERT_OpenCertDBFilename is Depricated" == NULL);
-    return SECFailure;
-}
-
-SECItem *
-SECKEY_HashPassword(char *pw, SECItem *salt)
-{
-    PORT_Assert("SECKEY_HashPassword is Depricated" == NULL);
-    return NULL;
-}
-
-SECStatus
-__CERT_TraversePermCertsForSubject(CERTCertDBHandle *handle,
-                                 SECItem *derSubject,
-                                 void *cb, void *cbarg)
-{
-    PORT_Assert("CERT_TraversePermCertsForSubject is Depricated" == NULL);
-    return SECFailure;
-}
-
-
-SECStatus
-__CERT_TraversePermCertsForNickname(CERTCertDBHandle *handle, char *nickname,
-                                  void *cb, void *cbarg)
-{
-    PORT_Assert("CERT_TraversePermCertsForNickname is Depricated" == NULL);
-    return SECFailure;
-}
-
-
-
diff --git a/security/nss/lib/certdb/xauthkid.c b/security/nss/lib/certdb/xauthkid.c
deleted file mode 100644
index 8b7ac4a92..000000000
--- a/security/nss/lib/certdb/xauthkid.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 v3 Subject Key Usage Extension 
- *
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "secport.h"
-#include "certt.h"  
-#include "genname.h"
-#include "secerr.h"
-
-   
-const SEC_ASN1Template CERTAuthKeyIDTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthKeyID) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(CERTAuthKeyID,keyID), SEC_OctetStringTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC  | 1,
-          offsetof(CERTAuthKeyID, DERAuthCertIssuer), CERT_GeneralNamesTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	  offsetof(CERTAuthKeyID,authCertSerialNumber), SEC_IntegerTemplate},
-    { 0 }
-};
-
-
-
-SECStatus CERT_EncodeAuthKeyID (PRArenaPool *arena, CERTAuthKeyID *value, SECItem *encodedValue)
-{
-    SECStatus rv = SECFailure;
- 
-    PORT_Assert (value);
-    PORT_Assert (arena);
-    PORT_Assert (value->DERAuthCertIssuer == NULL);
-    PORT_Assert (encodedValue);
-
-    do {
-	
-	/* If both of the authCertIssuer and the serial number exist, encode
-	   the name first.  Otherwise, it is an error if one exist and the other
-	   is not.
-	 */
-	if (value->authCertIssuer) {
-	    if (!value->authCertSerialNumber.data) {
-		PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-		break;
-	    }
-
-	    value->DERAuthCertIssuer = cert_EncodeGeneralNames
-		(arena, value->authCertIssuer);
-	    if (!value->DERAuthCertIssuer) {
-		PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-		break;
-	    }
-	}
-	else if (value->authCertSerialNumber.data) {
-		PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-		break;
-	}
-
-	if (SEC_ASN1EncodeItem (arena, encodedValue, value,
-				CERTAuthKeyIDTemplate) == NULL)
-	    break;
-	rv = SECSuccess;
-
-    } while (0);
-     return(rv);
-}
-
-CERTAuthKeyID *
-CERT_DecodeAuthKeyID (PRArenaPool *arena, SECItem *encodedValue)
-{
-    CERTAuthKeyID * value = NULL;
-    SECStatus       rv    = SECFailure;
-    void *          mark;
-
-    PORT_Assert (arena);
-   
-    do {
-	mark = PORT_ArenaMark (arena);
-        value = (CERTAuthKeyID*)PORT_ArenaZAlloc (arena, sizeof (*value));
-	value->DERAuthCertIssuer = NULL;
-	if (value == NULL)
-	    break;
-	rv = SEC_ASN1DecodeItem
-	     (arena, value, CERTAuthKeyIDTemplate, encodedValue);
-	if (rv != SECSuccess)
-	    break;
-
-        value->authCertIssuer = cert_DecodeGeneralNames (arena, value->DERAuthCertIssuer);
-	if (value->authCertIssuer == NULL)
-	    break;
-	
-	/* what if the general name contains other format but not URI ?
-	   hl
-	 */
-	if ((value->authCertSerialNumber.data && !value->authCertIssuer) ||
-	    (!value->authCertSerialNumber.data && value->authCertIssuer)){
-	    PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-	    break;
-	}
-    } while (0);
-
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease (arena, mark);
-	return ((CERTAuthKeyID *)NULL);	    
-    } 
-    PORT_ArenaUnmark(arena, mark);
-    return (value);
-}
diff --git a/security/nss/lib/certdb/xbsconst.c b/security/nss/lib/certdb/xbsconst.c
deleted file mode 100644
index 5c16b651c..000000000
--- a/security/nss/lib/certdb/xbsconst.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 v3 Basic Constraints Extension 
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secerr.h"
-
-typedef struct EncodedContext{
-    SECItem isCA;
-    SECItem pathLenConstraint;
-    SECItem encodedValue;
-    PRArenaPool *arena;
-}EncodedContext;
-
-static const SEC_ASN1Template CERTBasicConstraintsTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(EncodedContext) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,		/* XXX DER_DEFAULT */
-	  offsetof(EncodedContext,isCA)},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
-	  offsetof(EncodedContext,pathLenConstraint) },
-    { 0, }
-};
-
-static unsigned char hexTrue = 0xff;
-static unsigned char hexFalse = 0x00;
-
-#define GEN_BREAK(status) rv = status; break;
-
-SECStatus CERT_EncodeBasicConstraintValue
-   (PRArenaPool *arena, CERTBasicConstraints *value, SECItem *encodedValue)
-{
-    EncodedContext encodeContext;
-    PRArenaPool *our_pool = NULL;   
-    SECStatus rv = SECSuccess;
-
-    do {
-	PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-	if (!value->isCA && value->pathLenConstraint >= 0) {
-	    PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-	    GEN_BREAK (SECFailure);
-	}
-
-        encodeContext.arena = arena;
-	if (value->isCA == PR_TRUE) {
-	    encodeContext.isCA.data =  &hexTrue ;
-	    encodeContext.isCA.len = 1;
-	}
-
-	/* If the pathLenConstraint is less than 0, then it should be
-	 * omitted from the encoding.
-	 */
-	if (value->isCA && value->pathLenConstraint >= 0) {
-	    our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
-	    if (our_pool == NULL) {
-		PORT_SetError (SEC_ERROR_NO_MEMORY);
-		GEN_BREAK (SECFailure);
-	    }
-	    if (SEC_ASN1EncodeUnsignedInteger
-		(our_pool, &encodeContext.pathLenConstraint,
-		 (unsigned long)value->pathLenConstraint) == NULL) {
-		PORT_SetError (SEC_ERROR_NO_MEMORY);
-		GEN_BREAK (SECFailure);
-	    }
-	}
-	if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
-				CERTBasicConstraintsTemplate) == NULL) {
-	    GEN_BREAK (SECFailure);
-	}
-    } while (0);
-    if (our_pool)
-	PORT_FreeArena (our_pool, PR_FALSE);
-    return(rv);
-
-}
-
-SECStatus CERT_DecodeBasicConstraintValue
-   (CERTBasicConstraints *value, SECItem *encodedValue)
-{
-    EncodedContext decodeContext;
-    PRArenaPool *our_pool;
-    SECStatus rv = SECSuccess;
-
-    do {
-	PORT_Memset (&decodeContext, 0, sizeof (decodeContext));
-	/* initialize the value just in case we got "0x30 00", or when the
-	   pathLenConstraint is omitted.
-         */
-	decodeContext.isCA.data =&hexFalse;
-	decodeContext.isCA.len = 1;
-	
-	our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
-	if (our_pool == NULL) {
-	    PORT_SetError (SEC_ERROR_NO_MEMORY);
-	    GEN_BREAK (SECFailure);
-	}
-
-	rv = SEC_ASN1DecodeItem
-	     (our_pool, &decodeContext, CERTBasicConstraintsTemplate, encodedValue);
-	if (rv == SECFailure)
-	    break;
-	
-	value->isCA = (PRBool)(*decodeContext.isCA.data);
-	if (decodeContext.pathLenConstraint.data == NULL) {
-	    /* if the pathLenConstraint is not encoded, and the current setting
-	      is CA, then the pathLenConstraint should be set to a negative number
-	      for unlimited certificate path.
-	     */
-	    if (value->isCA)
-		value->pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
-	}
-	else if (value->isCA)
-	    value->pathLenConstraint = DER_GetUInteger (&decodeContext.pathLenConstraint);
-	else {
-	    /* here we get an error where the subject is not a CA, but
-	       the pathLenConstraint is set */
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    GEN_BREAK (SECFailure);
-	    break;
-	}
-	 
-    } while (0);
-    PORT_FreeArena (our_pool, PR_FALSE);
-    return (rv);
-
-}
diff --git a/security/nss/lib/certdb/xconst.c b/security/nss/lib/certdb/xconst.c
deleted file mode 100644
index 74a4de08b..000000000
--- a/security/nss/lib/certdb/xconst.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 Extension Encoding  
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "xconst.h"
-#include "genname.h"
-#include "secasn1.h"
-
-
-
-static const SEC_ASN1Template CERTSubjectKeyIDTemplate[] = {
-{ SEC_ASN1_OCTET_STRING }
-};
-
-
-static const SEC_ASN1Template CERTIA5TypeTemplate[] = {
-{ SEC_ASN1_IA5_STRING }
-};
-
-
-static const SEC_ASN1Template CERTPrivateKeyUsagePeriodTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-      0, NULL, sizeof(PKUPEncodedContext) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC  | 0,	
-	  offsetof(PKUPEncodedContext, notBefore), SEC_GeneralizedTimeTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC  | 1,
-	  offsetof(PKUPEncodedContext, notAfter), SEC_GeneralizedTimeTemplate},
-    { 0, } 
-};
-
-
-const SEC_ASN1Template CERTAltNameTemplate[] = {
-    { SEC_ASN1_CONSTRUCTED, offsetof(AltNameEncodedContext, encodedGenName), 
-      CERT_GeneralNamesTemplate}
-};
-
-const SEC_ASN1Template CERTAuthInfoAccessItemTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-      0, NULL, sizeof(CERTAuthInfoAccess) },
-    { SEC_ASN1_OBJECT_ID,
-      offsetof(CERTAuthInfoAccess, method) },
-    { SEC_ASN1_ANY,
-      offsetof(CERTAuthInfoAccess, derLocation) },
-    { 0, }
-};
-
-const SEC_ASN1Template CERTAuthInfoAccessTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, CERTAuthInfoAccessItemTemplate }
-};
-
-
-SECStatus 
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue)
-{
-    SECItem encodeContext;
-    SECStatus rv = SECSuccess;
-
-
-    PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-    
-    if (value != NULL) {
-	encodeContext.data = (unsigned char *)value;
-	encodeContext.len = len;
-    }
-    if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
-			    CERTSubjectKeyIDTemplate) == NULL) {
-	rv = SECFailure;
-    }
-    
-    return(rv);
-}
-
-
-SECStatus
-CERT_EncodePublicKeyUsagePeriod(PRArenaPool *arena, PKUPEncodedContext *pkup, SECItem *encodedValue)
-{
-    SECStatus rv = SECSuccess;
-
-    if (SEC_ASN1EncodeItem (arena, encodedValue, pkup,
-			    CERTPrivateKeyUsagePeriodTemplate) == NULL) {
-	rv = SECFailure;
-    }
-    return(rv);
-}
-
-
-SECStatus 
-CERT_EncodeIA5TypeExtension(PRArenaPool *arena, char *value, SECItem *encodedValue)
-{
-    SECItem encodeContext;
-    SECStatus rv = SECSuccess;
-
-
-    PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-    
-    if (value != NULL) {
-	encodeContext.data = (unsigned char *)value;
-	encodeContext.len = strlen(value);
-    }
-    if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
-			    CERTIA5TypeTemplate) == NULL) {
-	rv = SECFailure;
-    }
-    
-    return(rv);
-}
-
-SECStatus
-CERT_EncodeAltNameExtension(PRArenaPool *arena,  CERTGeneralName  *value, SECItem *encodedValue)
-{
-    SECItem                **encodedGenName;
-    SECStatus              rv = SECSuccess;
-
-    encodedGenName = cert_EncodeGeneralNames(arena, value);
-    if (SEC_ASN1EncodeItem (arena, encodedValue, &encodedGenName,
-			    CERT_GeneralNamesTemplate) == NULL) {
-	rv = SECFailure;
-    }
-
-    return rv;
-}
-
-CERTGeneralName *
-CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName)
-{
-    SECStatus              rv = SECSuccess;
-    AltNameEncodedContext  encodedContext;
-
-    encodedContext.encodedGenName = NULL;
-    PORT_Memset(&encodedContext, 0, sizeof(AltNameEncodedContext));
-    rv = SEC_ASN1DecodeItem (arena, &encodedContext, CERT_GeneralNamesTemplate,
-			     EncodedAltName);
-    if (rv == SECFailure) {
-	goto loser;
-    }
-    return cert_DecodeGeneralNames(arena, encodedContext.encodedGenName);
-loser:
-    return NULL;
-}
-
-
-SECStatus
-CERT_EncodeNameConstraintsExtension(PRArenaPool          *arena, 
-				    CERTNameConstraints  *value,
-				    SECItem              *encodedValue)
-{
-    SECStatus     rv = SECSuccess;
-    
-    rv = cert_EncodeNameConstraints(value, arena, encodedValue);
-    return rv;
-}
-
-
-CERTNameConstraints *
-CERT_DecodeNameConstraintsExtension(PRArenaPool          *arena,
-				    SECItem              *encodedConstraints)
-{
-    return  cert_DecodeNameConstraints(arena, encodedConstraints);
-}
-
-
-CERTAuthInfoAccess **
-cert_DecodeAuthInfoAccessExtension(PRArenaPool *arena,
-				   SECItem     *encodedExtension)
-{
-    CERTAuthInfoAccess **info = NULL;
-    SECStatus rv;
-    int i;
-
-    rv = SEC_ASN1DecodeItem(arena, &info, CERTAuthInfoAccessTemplate, 
-			    encodedExtension);
-    if (rv != SECSuccess || info == NULL) {
-	return NULL;
-    }
-
-    for (i = 0; info[i] != NULL; i++) {
-	info[i]->location = CERT_DecodeGeneralName(arena,
-						   &(info[i]->derLocation),
-						   NULL);
-    }
-    return info;
-}
-
-SECStatus
-cert_EncodeAuthInfoAccessExtension(PRArenaPool *arena,
-				   CERTAuthInfoAccess **info,
-				   SECItem *dest)
-{
-    SECItem *dummy;
-    int i;
-
-    PORT_Assert(info != NULL);
-    PORT_Assert(dest != NULL);
-    if (info == NULL || dest == NULL) {
-	return SECFailure;
-    }
-
-    for (i = 0; info[i] != NULL; i++) {
-	if (CERT_EncodeGeneralName(info[i]->location, &(info[i]->derLocation),
-				   arena) == NULL)
-	    /* Note that this may leave some of the locations filled in. */
-	    return SECFailure;
-    }
-    dummy = SEC_ASN1EncodeItem(arena, dest, &info,
-			       CERTAuthInfoAccessTemplate);
-    if (dummy == NULL) {
-	return SECFailure;
-    }
-    return SECSuccess;
-}
diff --git a/security/nss/lib/certdb/xconst.h b/security/nss/lib/certdb/xconst.h
deleted file mode 100644
index 42c49f2e4..000000000
--- a/security/nss/lib/certdb/xconst.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "certt.h"
-
-typedef struct PKUPEncodedContext{
-    SECItem notBefore;
-    SECItem notAfter;
-    /*    SECItem encodedValue; */
-    PRArenaPool *arena;
-}PKUPEncodedContext;
-
-typedef struct AltNameEncodedContext{
-    SECItem **encodedGenName;
-}AltNameEncodedContext;
-
-
-typedef struct NameConstraint{
-    CERTGeneralName  generalName;
-    int              min;
-    int              max;
-}NameConstraint;
-
-
-
-extern SECStatus
-CERT_EncodePublicKeyUsagePeriod(PRArenaPool *arena, PKUPEncodedContext *pkup,
-				SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeAltNameExtension(PRArenaPool *arena,  CERTGeneralName  *value, SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeNameConstraintsExtension(PRArenaPool *arena, CERTNameConstraints  *value,
-			    SECItem *encodedValue);
-extern CERTGeneralName *
-CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName);
-
-extern CERTNameConstraints *
-CERT_DecodeNameConstraintsExtension(PRArenaPool *arena, SECItem *encodedConstraints);
-
-extern SECStatus 
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue);
-
-extern SECStatus 
-CERT_EncodeIA5TypeExtension(PRArenaPool *arena, char *value, SECItem *encodedValue);
-
-CERTAuthInfoAccess **
-cert_DecodeAuthInfoAccessExtension(PRArenaPool *arena,
-				   SECItem     *encodedExtension);
-
-SECStatus
-cert_EncodeAuthInfoAccessExtension(PRArenaPool *arena,
-				   CERTAuthInfoAccess **info,
-				   SECItem *dest);
diff --git a/security/nss/lib/certhigh/Makefile b/security/nss/lib/certhigh/Makefile
deleted file mode 100644
index 08b7137d5..000000000
--- a/security/nss/lib/certhigh/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c
deleted file mode 100644
index 1cd3916ea..000000000
--- a/security/nss/lib/certhigh/certhigh.c
+++ /dev/null
@@ -1,1251 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-#include "secerr.h"
-#include "secasn1.h"
-#include "seccomon.h"
-#include "pk11func.h"
-#include "certdb.h"
-#include "certt.h"
-#include "cert.h"
-#include "certxutl.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif
-#include "nsspki.h"
-#include "pkit.h"
-#include "pkitm.h"
-#include "pki3hack.h"
-
-
-CERTSignedCrl * crl_storeCRL (PK11SlotInfo *slot,char *url,
-                  CERTSignedCrl *newCrl, SECItem *derCrl, int type);
-
-PRBool
-CERT_MatchNickname(char *name1, char *name2) {
-    char *nickname1= NULL;
-    char *nickname2 = NULL;
-    char *token1;
-    char *token2;
-    char *token = NULL;
-    int len;
-
-    /* first deal with the straight comparison */
-    if (PORT_Strcmp(name1, name2) == 0) {
-	return PR_TRUE;
-    }
-    /* we need to handle the case where one name has an explicit token and the other
-     * doesn't */
-    token1 = PORT_Strchr(name1,':');
-    token2 = PORT_Strchr(name2,':');
-    if ((token1 && token2) || (!token1 && !token2)) {
-	/* either both token names are specified or neither are, not match */
-	return PR_FALSE;
-    }
-    if (token1) {
-	token=name1;
-	nickname1=token1;
-	nickname2=name2;
-    } else {
-	token=name2;
-	nickname1=token2;
-	nickname2=name1;
-    }
-    len = nickname1-token;
-    nickname1++;
-    if (PORT_Strcmp(nickname1,nickname2) != 0) {
-	return PR_FALSE;
-    }
-    /* compare the other token with the internal slot here */
-    return PR_TRUE;
-}
-
-static SECStatus
-cert_UserCertsOnly(CERTCertList *certList)
-{
-    CERTCertListNode *node, *freenode;
-    CERTCertificate *cert;
-    
-    node = CERT_LIST_HEAD(certList);
-    
-    while ( ! CERT_LIST_END(node, certList) ) {
-	cert = node->cert;
-	if ( !( cert->trust->sslFlags & CERTDB_USER ) &&
-	     !( cert->trust->emailFlags & CERTDB_USER ) &&
-	     !( cert->trust->objectSigningFlags & CERTDB_USER ) ) {
-	    /* Not a User Cert, so remove this cert from the list */
-	    freenode = node;
-	    node = CERT_LIST_NEXT(node);
-	    CERT_RemoveCertListNode(freenode);
-	} else {
-	    /* Is a User cert, so leave it in the list */
-	    node = CERT_LIST_NEXT(node);
-	}
-    }
-    
-    return(SECSuccess);
-}
-
-/*
- * Find all user certificates that match the given criteria.
- * 
- *	"handle" - database to search
- *	"usage" - certificate usage to match
- *	"oneCertPerName" - if set then only return the "best" cert per
- *			name
- *	"validOnly" - only return certs that are curently valid
- *	"proto_win" - window handle passed to pkcs11
- */
-CERTCertList *
-CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
-			  SECCertUsage usage,
-			  PRBool oneCertPerName,
-			  PRBool validOnly,
-			  void *proto_win)
-{
-    CERTCertNicknames *nicknames = NULL;
-    char **nnptr;
-    int nn;
-    CERTCertificate *cert = NULL;
-    CERTCertList *certList = NULL;
-    SECStatus rv;
-    int64 time;
-    CERTCertListNode *node = NULL;
-    CERTCertListNode *freenode = NULL;
-    int n;
-    
-    time = PR_Now();
-    
-    nicknames = CERT_GetCertNicknames(handle, SEC_CERT_NICKNAMES_USER,
-				      proto_win);
-    
-    if ( ( nicknames == NULL ) || ( nicknames->numnicknames == 0 ) ) {
-	goto loser;
-    }
-
-    nnptr = nicknames->nicknames;
-    nn = nicknames->numnicknames;
-
-    while ( nn > 0 ) {
-	cert = NULL;
-	/* use the pk11 call so that we pick up any certs on tokens,
-	 * which may require login
-	 */
-	if ( proto_win != NULL ) {
-	    cert = PK11_FindCertFromNickname(*nnptr,proto_win);
-	}
-
-	/* Sigh, It turns out if the cert is already in the temp db, because
-	 * it's in the perm db, then the nickname lookup doesn't work.
-	 * since we already have the cert here, though, than we can just call
-	 * CERT_CreateSubjectCertList directly. For those cases where we didn't
-	 * find the cert in pkcs #11 (because we didn't have a password arg,
-	 * or because the nickname is for a peer, server, or CA cert, then we
-	 * go look the cert up.
-	 */
-	if (cert == NULL) { 
-	    cert = CERT_FindCertByNickname(handle,*nnptr);
-	}
-
-	if ( cert != NULL ) {
-	   /* collect certs for this nickname, sorting them into the list */
-	    certList = CERT_CreateSubjectCertList(certList, handle, 
-				&cert->derSubject, time, validOnly);
-
-	    cert_UserCertsOnly(certList);
-	
-	    /* drop the extra reference */
-	    CERT_DestroyCertificate(cert);
-	}
-	
-	nnptr++;
-	nn--;
-    }
-
-    /* remove certs with incorrect usage */
-    rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* remove any extra certs for each name */
-    if ( oneCertPerName ) {
-	PRBool *flags;
-
-	nn = nicknames->numnicknames;
-	nnptr = nicknames->nicknames;
-	
-	flags = (PRBool *)PORT_ZAlloc(sizeof(PRBool) * nn);
-	if ( flags == NULL ) {
-	    goto loser;
-	}
-	
-	node = CERT_LIST_HEAD(certList);
-	
-	/* treverse all certs in the list */
-	while ( !CERT_LIST_END(node, certList) ) {
-
-	    /* find matching nickname index */
-	    for ( n = 0; n < nn; n++ ) {
-		if ( CERT_MatchNickname(nnptr[n], node->cert->nickname) ) {
-		    /* We found a match.  If this is the first one, then
-		     * set the flag and move on to the next cert.  If this
-		     * is not the first one then delete it from the list.
-		     */
-		    if ( flags[n] ) {
-			/* We have already seen a cert with this nickname,
-			 * so delete this one.
-			 */
-			freenode = node;
-			node = CERT_LIST_NEXT(node);
-			CERT_RemoveCertListNode(freenode);
-		    } else {
-			/* keep the first cert for each nickname, but set the
-			 * flag so we know to delete any others with the same
-			 * nickname.
-			 */
-			flags[n] = PR_TRUE;
-			node = CERT_LIST_NEXT(node);
-		    }
-		    break;
-		}
-	    }
-	    if ( n == nn ) {
-		/* if we get here it means that we didn't find a matching
-		 * nickname, which should not happen.
-		 */
-		PORT_Assert(0);
-		node = CERT_LIST_NEXT(node);
-	    }
-	}
-	PORT_Free(flags);
-    }
-
-    goto done;
-    
-loser:
-    if ( certList != NULL ) {
-	CERT_DestroyCertList(certList);
-	certList = NULL;
-    }
-
-done:
-    if ( nicknames != NULL ) {
-	CERT_FreeNicknames(nicknames);
-    }
-
-    return(certList);
-}
-
-/*
- * Find a user certificate that matchs the given criteria.
- * 
- *	"handle" - database to search
- *	"nickname" - nickname to match
- *	"usage" - certificate usage to match
- *	"validOnly" - only return certs that are curently valid
- *	"proto_win" - window handle passed to pkcs11
- */
-CERTCertificate *
-CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
-			 char *nickname,
-			 SECCertUsage usage,
-			 PRBool validOnly,
-			 void *proto_win)
-{
-    CERTCertificate *cert = NULL;
-    CERTCertList *certList = NULL;
-    SECStatus rv;
-    int64 time;
-    
-    time = PR_Now();
-    
-    /* use the pk11 call so that we pick up any certs on tokens,
-     * which may require login
-     */
-    /* XXX - why is this restricted? */
-    if ( proto_win != NULL ) {
-	cert = PK11_FindCertFromNickname(nickname,proto_win);
-    }
-
-
-    /* sigh, There are still problems find smart cards from the temp
-     * db. This will get smart cards working again. The real fix
-     * is to make sure we can search the temp db by their token nickname.
-     */
-    if (cert == NULL) {
-	cert = CERT_FindCertByNickname(handle,nickname);
-    }
-
-    if ( cert != NULL ) {
- 	/* collect certs for this nickname, sorting them into the list */
-	certList = CERT_CreateSubjectCertList(certList, handle, 
-					&cert->derSubject, time, validOnly);
-
-	cert_UserCertsOnly(certList);
-
-	/* drop the extra reference */
-	CERT_DestroyCertificate(cert);
-	cert = NULL;
-    }
-	
-    if ( certList == NULL ) {
-	goto loser;
-    }
-    
-    /* remove certs with incorrect usage */
-    rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
-
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    if ( ! CERT_LIST_END(CERT_LIST_HEAD(certList), certList) ) {
-	cert = CERT_DupCertificate(CERT_LIST_HEAD(certList)->cert);
-    }
-    
-loser:
-    if ( certList != NULL ) {
-	CERT_DestroyCertList(certList);
-    }
-
-    return(cert);
-}
-
-CERTCertList *
-CERT_MatchUserCert(CERTCertDBHandle *handle,
-		   SECCertUsage usage,
-		   int nCANames, char **caNames,
-		   void *proto_win)
-{
-    CERTCertList *certList = NULL;
-    SECStatus rv;
-
-    certList = CERT_FindUserCertsByUsage(handle, usage, PR_TRUE, PR_TRUE,
-					 proto_win);
-    if ( certList == NULL ) {
-	goto loser;
-    }
-    
-    rv = CERT_FilterCertListByCANames(certList, nCANames, caNames, usage);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    goto done;
-    
-loser:
-    if ( certList != NULL ) {
-	CERT_DestroyCertList(certList);
-	certList = NULL;
-    }
-
-done:
-
-    return(certList);
-}
-
-
-typedef struct stringNode {
-    struct stringNode *next;
-    char *string;
-} stringNode;
-    
-static SECStatus
-CollectNicknames( CERTCertificate *cert, SECItem *k, void *data)
-{
-    CERTCertNicknames *names;
-    PRBool saveit = PR_FALSE;
-    CERTCertTrust *trust;
-    stringNode *node;
-    int len;
-    
-    names = (CERTCertNicknames *)data;
-    
-    if ( cert->nickname ) {
-	trust = cert->trust;
-	
-	switch(names->what) {
-	  case SEC_CERT_NICKNAMES_ALL:
-	    if ( ( trust->sslFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ||
-	      ( trust->emailFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ||
-	      ( trust->objectSigningFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ) {
-		saveit = PR_TRUE;
-	    }
-	    
-	    break;
-	  case SEC_CERT_NICKNAMES_USER:
-	    if ( ( trust->sslFlags & CERTDB_USER ) ||
-		( trust->emailFlags & CERTDB_USER ) ||
-		( trust->objectSigningFlags & CERTDB_USER ) ) {
-		saveit = PR_TRUE;
-	    }
-	    
-	    break;
-	  case SEC_CERT_NICKNAMES_SERVER:
-	    if ( trust->sslFlags & CERTDB_VALID_PEER ) {
-		saveit = PR_TRUE;
-	    }
-	    
-	    break;
-	  case SEC_CERT_NICKNAMES_CA:
-	    if ( ( ( trust->sslFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
-		( ( trust->emailFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
-		( ( trust->objectSigningFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ) {
-		saveit = PR_TRUE;
-	    }
-	    break;
-	}
-    }
-
-    /* traverse the list of collected nicknames and make sure we don't make
-     * a duplicate
-     */
-    if ( saveit ) {
-	node = (stringNode *)names->head;
-	while ( node != NULL ) {
-	    if ( PORT_Strcmp(cert->nickname, node->string) == 0 ) { 
-		/* if the string matches, then don't save this one */
-		saveit = PR_FALSE;
-		break;
-	    }
-	    node = node->next;
-	}
-    }
-
-    if ( saveit ) {
-	
-	/* allocate the node */
-	node = (stringNode*)PORT_ArenaAlloc(names->arena, sizeof(stringNode));
-	if ( node == NULL ) {
-	    return(SECFailure);
-	}
-
-	/* copy the string */
-	len = PORT_Strlen(cert->nickname) + 1;
-	node->string = (char*)PORT_ArenaAlloc(names->arena, len);
-	if ( node->string == NULL ) {
-	    return(SECFailure);
-	}
-	PORT_Memcpy(node->string, cert->nickname, len);
-
-	/* link it into the list */
-	node->next = (stringNode *)names->head;
-	names->head = (void *)node;
-
-	/* bump the count */
-	names->numnicknames++;
-    }
-    
-    return(SECSuccess);
-}
-
-CERTCertNicknames *
-CERT_GetCertNicknames(CERTCertDBHandle *handle, int what, void *wincx)
-{
-    PRArenaPool *arena;
-    CERTCertNicknames *names;
-    int i;
-    SECStatus rv;
-    stringNode *node;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return(NULL);
-    }
-    
-    names = (CERTCertNicknames *)PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
-    if ( names == NULL ) {
-	goto loser;
-    }
-
-    names->arena = arena;
-    names->head = NULL;
-    names->numnicknames = 0;
-    names->nicknames = NULL;
-    names->what = what;
-    names->totallen = 0;
-    
-    rv = PK11_TraverseSlotCerts(CollectNicknames, (void *)names, wincx);
-    if ( rv ) {
-	goto loser;
-    }
-
-    if ( names->numnicknames ) {
-	names->nicknames = (char**)PORT_ArenaAlloc(arena,
-					 names->numnicknames * sizeof(char *));
-
-	if ( names->nicknames == NULL ) {
-	    goto loser;
-	}
-    
-	node = (stringNode *)names->head;
-	
-	for ( i = 0; i < names->numnicknames; i++ ) {
-	    PORT_Assert(node != NULL);
-	    
-	    names->nicknames[i] = node->string;
-	    names->totallen += PORT_Strlen(node->string);
-	    node = node->next;
-	}
-
-	PORT_Assert(node == NULL);
-    }
-
-    return(names);
-    
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(NULL);
-}
-
-void
-CERT_FreeNicknames(CERTCertNicknames *nicknames)
-{
-    PORT_FreeArena(nicknames->arena, PR_FALSE);
-    
-    return;
-}
-
-/* [ FROM pcertdb.c ] */
-
-typedef struct dnameNode {
-    struct dnameNode *next;
-    SECItem name;
-} dnameNode;
-
-void
-CERT_FreeDistNames(CERTDistNames *names)
-{
-    PORT_FreeArena(names->arena, PR_FALSE);
-    
-    return;
-}
-
-static SECStatus
-CollectDistNames( CERTCertificate *cert, SECItem *k, void *data)
-{
-    CERTDistNames *names;
-    PRBool saveit = PR_FALSE;
-    CERTCertTrust *trust;
-    dnameNode *node;
-    int len;
-    
-    names = (CERTDistNames *)data;
-    
-    if ( cert->trust ) {
-	trust = cert->trust;
-	
-	/* only collect names of CAs trusted for issuing SSL clients */
-	if (  trust->sslFlags &  CERTDB_TRUSTED_CLIENT_CA )  {
-	    saveit = PR_TRUE;
-	}
-    }
-
-    if ( saveit ) {
-	/* allocate the node */
-	node = (dnameNode*)PORT_ArenaAlloc(names->arena, sizeof(dnameNode));
-	if ( node == NULL ) {
-	    return(SECFailure);
-	}
-
-	/* copy the name */
-	node->name.len = len = cert->derSubject.len;
-	node->name.type = siBuffer;
-	node->name.data = (unsigned char*)PORT_ArenaAlloc(names->arena, len);
-	if ( node->name.data == NULL ) {
-	    return(SECFailure);
-	}
-	PORT_Memcpy(node->name.data, cert->derSubject.data, len);
-
-	/* link it into the list */
-	node->next = (dnameNode *)names->head;
-	names->head = (void *)node;
-
-	/* bump the count */
-	names->nnames++;
-    }
-    
-    return(SECSuccess);
-}
-
-/*
- * Return all of the CAs that are "trusted" for SSL.
- */
-CERTDistNames *
-CERT_GetSSLCACerts(CERTCertDBHandle *handle)
-{
-    PRArenaPool *arena;
-    CERTDistNames *names;
-    int i;
-    SECStatus rv;
-    dnameNode *node;
-    
-    /* allocate an arena to use */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return(NULL);
-    }
-    
-    /* allocate the header structure */
-    names = (CERTDistNames *)PORT_ArenaAlloc(arena, sizeof(CERTDistNames));
-    if ( names == NULL ) {
-	goto loser;
-    }
-
-    /* initialize the header struct */
-    names->arena = arena;
-    names->head = NULL;
-    names->nnames = 0;
-    names->names = NULL;
-    
-    /* collect the names from the database */
-    rv = PK11_TraverseSlotCerts(CollectDistNames, (void *)names, NULL);
-    if ( rv ) {
-	goto loser;
-    }
-
-    /* construct the array from the list */
-    if ( names->nnames ) {
-	names->names = (SECItem*)PORT_ArenaAlloc(arena, names->nnames * sizeof(SECItem));
-
-	if ( names->names == NULL ) {
-	    goto loser;
-	}
-    
-	node = (dnameNode *)names->head;
-	
-	for ( i = 0; i < names->nnames; i++ ) {
-	    PORT_Assert(node != NULL);
-	    
-	    names->names[i] = node->name;
-	    node = node->next;
-	}
-
-	PORT_Assert(node == NULL);
-    }
-
-    return(names);
-    
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(NULL);
-}
-
-CERTDistNames *
-CERT_DistNamesFromNicknames(CERTCertDBHandle *handle, char **nicknames,
-			   int nnames)
-{
-    CERTDistNames *dnames = NULL;
-    PRArenaPool *arena;
-    int i, rv;
-    SECItem *names = NULL;
-    CERTCertificate *cert = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) goto loser;
-    dnames = (CERTDistNames*)PORT_Alloc(sizeof(CERTDistNames));
-    if (dnames == NULL) goto loser;
-
-    dnames->arena = arena;
-    dnames->nnames = nnames;
-    dnames->names = names = (SECItem*)PORT_Alloc(nnames * sizeof(SECItem));
-    if (names == NULL) goto loser;
-    
-    for (i = 0; i < nnames; i++) {
-	cert = CERT_FindCertByNicknameOrEmailAddr(handle, nicknames[i]);
-	if (cert == NULL) goto loser;
-	rv = SECITEM_CopyItem(arena, &names[i], &cert->derSubject);
-	if (rv == SECFailure) goto loser;
-	CERT_DestroyCertificate(cert);
-    }
-    return dnames;
-    
-loser:
-    if (cert != NULL)
-	CERT_DestroyCertificate(cert);
-    if (arena != NULL)
-	PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-/* [ from pcertdb.c - calls Ascii to Name ] */
-/*
- * Lookup a certificate in the database by name
- */
-CERTCertificate *
-CERT_FindCertByNameString(CERTCertDBHandle *handle, char *nameStr)
-{
-    CERTName *name;
-    SECItem *nameItem;
-    CERTCertificate *cert = NULL;
-    PRArenaPool *arena = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    name = CERT_AsciiToName(nameStr);
-    
-    if ( name ) {
-	nameItem = SEC_ASN1EncodeItem (arena, NULL, (void *)name,
-				       CERT_NameTemplate);
-	if ( nameItem == NULL ) {
-	    goto loser;
-	}
-
-	cert = CERT_FindCertByName(handle, nameItem);
-	CERT_DestroyName(name);
-    }
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(cert);
-}
-
-/* From certv3.c */
-
-CERTCrlDistributionPoints *
-CERT_FindCRLDistributionPoints (CERTCertificate *cert)
-{
-    SECItem encodedExtenValue;
-    SECStatus rv;
-
-    encodedExtenValue.data = NULL;
-    encodedExtenValue.len = 0;
-
-    rv = cert_FindExtension(cert->extensions, SEC_OID_X509_CRL_DIST_POINTS,
-			    &encodedExtenValue);
-    if ( rv != SECSuccess ) {
-	return (NULL);
-    }
-
-    return (CERT_DecodeCRLDistributionPoints (cert->arena,
-					      &encodedExtenValue));
-}
-
-/* From crl.c */
-CERTSignedCrl * CERT_ImportCRL
-   (CERTCertDBHandle *handle, SECItem *derCRL, char *url, int type, void *wincx)
-{
-    CERTCertificate *caCert;
-    CERTSignedCrl *newCrl, *crl;
-    SECStatus rv;
-    PK11SlotInfo *slot;
-
-    newCrl = crl = NULL;
-
-    PORT_Assert (handle != NULL);
-    do {
-
-	newCrl = CERT_DecodeDERCrl(NULL, derCRL, type);
-	if (newCrl == NULL) {
-	    if (type == SEC_CRL_TYPE) {
-		/* only promote error when the error code is too generic */
-		if (PORT_GetError () == SEC_ERROR_BAD_DER)
-			PORT_SetError(SEC_ERROR_CRL_INVALID);
-	    } else {
-		PORT_SetError(SEC_ERROR_KRL_INVALID);
-	    }
-	    break;		
-	}
-    
-	caCert = CERT_FindCertByName (handle, &newCrl->crl.derName);
-	if (caCert == NULL) {
-	    PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);	    
-	    break;
-	}
-
-	/* If caCert is a v3 certificate, make sure that it can be used for
-	   crl signing purpose */
-	rv = CERT_CheckCertUsage (caCert, KU_CRL_SIGN);
-	if (rv != SECSuccess) {
-	    break;
-	}
-
-	rv = CERT_VerifySignedData(&newCrl->signatureWrap, caCert,
-				   PR_Now(), wincx);
-	if (rv != SECSuccess) {
-	    if (type == SEC_CRL_TYPE) {
-		PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
-	    } else {
-		PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
-	    }
-	    break;
-	}
-
-	slot = PK11_GetInternalKeySlot();
-	crl = crl_storeCRL(slot, url, newCrl, derCRL, type);
-	PK11_FreeSlot(slot);
-
-    } while (0);
-
-    if (crl == NULL) {
-	SEC_DestroyCrl (newCrl);
-    }
-    return (crl);
-}
-
-/* From certdb.c */
-static SECStatus
-cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool trusted)
-{
-    SECStatus rv;
-    SECItem *derCert;
-    PRArenaPool *arena;
-    CERTCertificate *cert = NULL;
-    CERTCertificate *newcert = NULL;
-    CERTCertDBHandle *handle;
-    CERTCertTrust trust;
-    PRBool isca;
-    char *nickname;
-    unsigned int certtype;
-    
-    handle = CERT_GetDefaultCertDB();
-    
-    arena = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( ! arena ) {
-	goto loser;
-    }
-
-    while (numcerts--) {
-	derCert = certs;
-	certs++;
-
-	/* decode my certificate */
-	/* This use is ok -- only looks at decoded parts, calls NewTemp later */
-	newcert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
-	if ( newcert == NULL ) {
-	    goto loser;
-	}
-
-	if (!trusted) {
-	    /* make sure that cert is valid */
-	    rv = CERT_CertTimesValid(newcert);
-	    if ( rv == SECFailure ) {
-		goto endloop;
-	    }
-	}
-
-	/* does it have the CA extension */
-	
-	/*
-	 * Make sure that if this is an intermediate CA in the chain that
-	 * it was given permission by its signer to be a CA.
-	 */
-	isca = CERT_IsCACert(newcert, &certtype);
-
-	if ( !isca ) {
-	    if (!trusted) {
-		goto endloop;
-	    }
-	    trust.sslFlags = CERTDB_VALID_CA;
-	    trust.emailFlags = CERTDB_VALID_CA;
-	    trust.objectSigningFlags = CERTDB_VALID_CA;
-	} else {
-	    /* SSL ca's must have the ssl bit set */
-	    if ( ( certUsage == certUsageSSLCA ) &&
-		(( certtype & NS_CERT_TYPE_SSL_CA ) != NS_CERT_TYPE_SSL_CA )) {
-		goto endloop;
-	    }
-
-	    /* it passed all of the tests, so lets add it to the database */
-	    /* mark it as a CA */
-	    PORT_Memset((void *)&trust, 0, sizeof(trust));
-	    switch ( certUsage ) {
-	      case certUsageSSLCA:
-		trust.sslFlags = CERTDB_VALID_CA;
-		break;
-	      case certUsageUserCertImport:
-		if ((certtype & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
-		    trust.sslFlags = CERTDB_VALID_CA;
-		}
-		if ((certtype & NS_CERT_TYPE_EMAIL_CA) 
-						== NS_CERT_TYPE_EMAIL_CA ) {
-		    trust.emailFlags = CERTDB_VALID_CA;
-		}
-		if ( ( certtype & NS_CERT_TYPE_OBJECT_SIGNING_CA ) ==
-					NS_CERT_TYPE_OBJECT_SIGNING_CA ) {
-		     trust.objectSigningFlags = CERTDB_VALID_CA;
-		}
-		break;
-	      default:
-		PORT_Assert(0);
-		break;
-	    }
-	}
-	
-	cert = CERT_NewTempCertificate(handle, derCert, NULL, 
-							PR_FALSE, PR_FALSE);
-	if ( cert == NULL ) {
-	    goto loser;
-	}
-	
-	/* get a default nickname for it */
-	nickname = CERT_MakeCANickname(cert);
-
-	rv = CERT_AddTempCertToPerm(cert, nickname, &trust);
-
-	/* free the nickname */
-	if ( nickname ) {
-	    PORT_Free(nickname);
-	}
-
-	CERT_DestroyCertificate(cert);
-	cert = NULL;
-	
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-
-endloop:
-	if ( newcert ) {
-	    CERT_DestroyCertificate(newcert);
-	    newcert = NULL;
-	}
-	
-    }
-
-    rv = SECSuccess;
-    goto done;
-loser:
-    rv = SECFailure;
-done:
-    
-    if ( newcert ) {
-	CERT_DestroyCertificate(newcert);
-	newcert = NULL;
-    }
-    
-    if ( cert ) {
-	CERT_DestroyCertificate(cert);
-	cert = NULL;
-    }
-    
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-
-    return(rv);
-}
-
-SECStatus
-CERT_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage)
-{
-    return cert_ImportCAChain(certs, numcerts, certUsage, PR_FALSE);
-}
-
-SECStatus
-CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage) {
-    return cert_ImportCAChain(certs, numcerts, certUsage, PR_TRUE);
-}
-
-/* Moved from certdb.c */
-/*
-** CERT_CertChainFromCert
-**
-** Construct a CERTCertificateList consisting of the given certificate and all
-** of the issuer certs until we either get to a self-signed cert or can't find
-** an issuer.  Since we don't know how many certs are in the chain we have to
-** build a linked list first as we count them.
-*/
-
-typedef struct certNode {
-    struct certNode *next;
-    CERTCertificate *cert;
-} certNode;
-
-CERTCertificateList *
-CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
-		       PRBool includeRoot)
-{
-#ifdef NSS_CLASSIC
-    CERTCertificateList *chain = NULL;
-    CERTCertificate *c;
-    SECItem *p;
-    int rv, len = 0;
-    PRArenaPool *tmpArena, *arena;
-    certNode *head, *tail, *node;
-
-    /*
-     * Initialize stuff so we can goto loser.
-     */
-    head = NULL;
-    arena = NULL;
-
-    /* arena for linked list */
-    tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (tmpArena == NULL) goto no_memory;
-
-    /* arena for SecCertificateList */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) goto no_memory;
-
-    head = tail = (certNode*)PORT_ArenaZAlloc(tmpArena, sizeof(certNode));
-    if (head == NULL) goto no_memory;
-
-    /* put primary cert first in the linked list */
-    head->cert = c = CERT_DupCertificate(cert);
-    if (head->cert == NULL) goto loser;
-    len++;
-
-    /* add certs until we come to a self-signed one */
-    while(SECITEM_CompareItem(&c->derIssuer, &c->derSubject) != SECEqual) {
-	c = CERT_FindCertIssuer(tail->cert, PR_Now(), usage);
-	if (c == NULL) {
-	    /* no root is found, so make sure we don't attempt to delete one
-	     * below
-	     */
-	    includeRoot = PR_TRUE;
-	    break;
-	}
-	
-	tail->next = (certNode*)PORT_ArenaZAlloc(tmpArena, sizeof(certNode));
-	tail = tail->next;
-	if (tail == NULL) goto no_memory;
-	
-	tail->cert = c;
-	len++;
-    }
-
-    /* now build the CERTCertificateList */
-    chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
-    if (chain == NULL) goto no_memory;
-    chain->certs = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
-    if (chain->certs == NULL) goto no_memory;
-    
-    for(node = head, p = chain->certs; node; node = node->next, p++) {
-	rv = SECITEM_CopyItem(arena, p, &node->cert->derCert);
-	CERT_DestroyCertificate(node->cert);
-	node->cert = NULL;
-	if (rv < 0) goto loser;
-    }
-    if ( !includeRoot && len > 1) {
-	chain->len = len - 1;
-    } else {
-	chain->len = len;
-    }
-    
-    chain->arena = arena;
-
-    PORT_FreeArena(tmpArena, PR_FALSE);
-    
-    return chain;
-
-no_memory:
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
-    if (head != NULL) {
-	for (node = head; node; node = node->next) {
-	    if (node->cert != NULL)
-		CERT_DestroyCertificate(node->cert);
-	}
-    }
-
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-
-    if (tmpArena != NULL) {
-	PORT_FreeArena(tmpArena, PR_FALSE);
-    }
-
-    return NULL;
-#else
-    CERTCertificateList *chain = NULL;
-    NSSCertificate **stanChain;
-    NSSCertificate *stanCert;
-    PRArenaPool *arena;
-    NSSUsage nssUsage;
-    int i, len;
-
-    stanCert = STAN_GetNSSCertificate(cert);
-    nssUsage.anyUsage = PR_FALSE;
-    nssUsage.nss3usage = usage;
-    stanChain = NSSCertificate_BuildChain(stanCert, NULL, &nssUsage, NULL,
-                                                    NULL, 0, NULL, NULL);
-    if (!stanChain) {
-	return NULL;
-    }
-
-    len = 0;
-    stanCert = stanChain[0];
-    while (stanCert) {
-	stanCert = stanChain[++len];
-    }
-
-    arena = PORT_NewArena(4096);
-    if (arena == NULL) {
-	goto loser;
-    }
-
-    chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, 
-                                                 sizeof(CERTCertificateList));
-    if (!chain) goto loser;
-    chain->certs = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
-    if (!chain->certs) goto loser;
-    i = 0;
-    stanCert = stanChain[i];
-    while (stanCert) {
-	SECItem derCert;
-	CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);
-	if (!cCert) {
-	    goto loser;
-	}
-	derCert.len = (unsigned int)stanCert->encoding.size;
-	derCert.data = (unsigned char *)stanCert->encoding.data;
-	SECITEM_CopyItem(arena, &chain->certs[i], &derCert);
-	CERT_DestroyCertificate(cCert);
-	stanCert = stanChain[++i];
-    }
-    if ( !includeRoot && len > 1) {
-	chain->len = len - 1;
-    } else {
-	chain->len = len;
-    }
-    
-    chain->arena = arena;
-    nss_ZFreeIf(stanChain);
-    return chain;
-loser:
-    i = 0;
-    stanCert = stanChain[i];
-    while (stanCert) {
-	CERTCertificate *cCert = STAN_GetCERTCertificate(stanCert);
-	if (cCert) {
-	    CERT_DestroyCertificate(cCert);
-	}
-	stanCert = stanChain[++i];
-    }
-    nss_ZFreeIf(stanChain);
-    if (arena) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return NULL;
-#endif
-}
-
-/* Builds a CERTCertificateList holding just one DER-encoded cert, namely
-** the one for the cert passed as an argument.
-*/
-CERTCertificateList *
-CERT_CertListFromCert(CERTCertificate *cert)
-{
-    CERTCertificateList *chain = NULL;
-    int rv;
-    PRArenaPool *arena;
-
-    /* arena for SecCertificateList */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) goto no_memory;
-
-    /* build the CERTCertificateList */
-    chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
-    if (chain == NULL) goto no_memory;
-    chain->certs = (SECItem*)PORT_ArenaAlloc(arena, 1 * sizeof(SECItem));
-    if (chain->certs == NULL) goto no_memory;
-    rv = SECITEM_CopyItem(arena, chain->certs, &(cert->derCert));
-    if (rv < 0) goto loser;
-    chain->len = 1;
-    chain->arena = arena;
-
-    return chain;
-
-no_memory:
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return NULL;
-}
-
-CERTCertificateList *
-CERT_DupCertList(CERTCertificateList * oldList)
-{
-    CERTCertificateList *newList = NULL;
-    PRArenaPool         *arena   = NULL;
-    SECItem             *newItem;
-    SECItem             *oldItem;
-    int                 len      = oldList->len;
-    int                 rv;
-
-    /* arena for SecCertificateList */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) 
-	goto no_memory;
-
-    /* now build the CERTCertificateList */
-    newList = PORT_ArenaNew(arena, CERTCertificateList);
-    if (newList == NULL) 
-	goto no_memory;
-    newList->arena = arena;
-    newItem = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
-    if (newItem == NULL) 
-	goto no_memory;
-    newList->certs = newItem;
-    newList->len   = len;
-
-    for (oldItem = oldList->certs; len > 0; --len, ++newItem, ++oldItem) {
-	rv = SECITEM_CopyItem(arena, newItem, oldItem);
-	if (rv < 0) 
-	    goto loser;
-    }
-    return newList;
-
-no_memory:
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return NULL;
-}
-
-void
-CERT_DestroyCertificateList(CERTCertificateList *list)
-{
-    PORT_FreeArena(list->arena, PR_FALSE);
-}
-
diff --git a/security/nss/lib/certhigh/certhtml.c b/security/nss/lib/certhigh/certhtml.c
deleted file mode 100644
index ff5f3c82d..000000000
--- a/security/nss/lib/certhigh/certhtml.c
+++ /dev/null
@@ -1,605 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * certhtml.c --- convert a cert to html
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "sechash.h"
-#include "cert.h"
-#include "keyhi.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secport.h"
-#include "secasn1.h"
-#include "pk11func.h"
-
-static char *hex = "0123456789ABCDEF";
-
-/*
-** Convert a der-encoded integer to a hex printable string form
-*/
-char *CERT_Hexify (SECItem *i, int do_colon)
-{
-    unsigned char *cp, *end;
-    char *rv, *o;
-
-    if (!i->len) {
-	return PORT_Strdup("00");
-    }
-
-    rv = o = (char*) PORT_Alloc(i->len * 3);
-    if (!rv) return rv;
-
-    cp = i->data;
-    end = cp + i->len;
-    while (cp < end) {
-	unsigned char ch = *cp++;
-	*o++ = hex[(ch >> 4) & 0xf];
-	*o++ = hex[ch & 0xf];
-	if (cp != end) {
-	    if (do_colon) {
-		*o++ = ':';
-	    }
-	} 
-    }
-    *o = 0;           /* Null terminate the string */
-    return rv;
-}
-
-static char *
-gatherStrings(char **strings)
-{
-    char **strs;
-    int len;
-    char *ret;
-    char *s;
-
-    /* find total length of all strings */
-    strs = strings;
-    len = 0;
-    while ( *strs ) {
-	len += PORT_Strlen(*strs);
-	strs++;
-    }
-    
-    /* alloc enough memory for it */
-    ret = (char*)PORT_Alloc(len + 1);
-    if ( !ret ) {
-	return(ret);
-    }
-
-    s = ret;
-    
-    /* copy the strings */
-    strs = strings;
-    while ( *strs ) {
-	PORT_Strcpy(s, *strs);
-	s += PORT_Strlen(*strs);
-	strs++;
-    }
-
-    return( ret );
-}
-
-#define BREAK "<br>"
-#define BREAKLEN 4
-#define COMMA ", "
-#define COMMALEN 2
-
-#define MAX_OUS 20
-#define MAX_DC MAX_OUS
-
-
-char *CERT_FormatName (CERTName *name)
-{
-    CERTRDN** rdns;
-    CERTRDN * rdn;
-    CERTAVA** avas;
-    CERTAVA*  ava;
-    char *    buf	= 0;
-    char *    tmpbuf	= 0;
-    SECItem * cn	= 0;
-    SECItem * email	= 0;
-    SECItem * org	= 0;
-    SECItem * loc	= 0;
-    SECItem * state	= 0;
-    SECItem * country	= 0;
-    SECItem * dq     	= 0;
-
-    unsigned  len 	= 0;
-    int       tag;
-    int       i;
-    int       ou_count = 0;
-    int       dc_count = 0;
-    PRBool    first;
-    SECItem * orgunit[MAX_OUS];
-    SECItem * dc[MAX_DC];
-
-    /* Loop over name components and gather the interesting ones */
-    rdns = name->rdns;
-    while ((rdn = *rdns++) != 0) {
-	avas = rdn->avas;
-	while ((ava = *avas++) != 0) {
-	    tag = CERT_GetAVATag(ava);
-	    switch(tag) {
-	      case SEC_OID_AVA_COMMON_NAME:
-		cn = CERT_DecodeAVAValue(&ava->value);
-		len += cn->len;
-		break;
-	      case SEC_OID_AVA_COUNTRY_NAME:
-		country = CERT_DecodeAVAValue(&ava->value);
-		len += country->len;
-		break;
-	      case SEC_OID_AVA_LOCALITY:
-		loc = CERT_DecodeAVAValue(&ava->value);
-		len += loc->len;
-		break;
-	      case SEC_OID_AVA_STATE_OR_PROVINCE:
-		state = CERT_DecodeAVAValue(&ava->value);
-		len += state->len;
-		break;
-	      case SEC_OID_AVA_ORGANIZATION_NAME:
-		org = CERT_DecodeAVAValue(&ava->value);
-		len += org->len;
-		break;
-	      case SEC_OID_AVA_DN_QUALIFIER:
-		dq = CERT_DecodeAVAValue(&ava->value);
-		len += dq->len;
-		break;
-	      case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
-		if (ou_count < MAX_OUS) {
-			orgunit[ou_count] = CERT_DecodeAVAValue(&ava->value);
-			len += orgunit[ou_count++]->len;
-		}
-		break;
-	      case SEC_OID_AVA_DC:
-		if (dc_count < MAX_DC) {
-			dc[dc_count] = CERT_DecodeAVAValue(&ava->value);
-			len += dc[dc_count++]->len;
-		}
-		break;
-	      case SEC_OID_PKCS9_EMAIL_ADDRESS:
-	      case SEC_OID_RFC1274_MAIL:
-		email = CERT_DecodeAVAValue(&ava->value);
-		len += email->len;
-		break;
-	      default:
-		break;
-	    }
-	}
-    }
-
-    /* XXX - add some for formatting */
-    len += 128;
-
-    /* allocate buffer */
-    buf = (char *)PORT_Alloc(len);
-    if ( !buf ) {
-	return(0);
-    }
-
-    tmpbuf = buf;
-    
-    if ( cn ) {
-	PORT_Memcpy(tmpbuf, cn->data, cn->len);
-	tmpbuf += cn->len;
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-	SECITEM_FreeItem(cn, PR_TRUE);
-    }
-    if ( email ) {
-	PORT_Memcpy(tmpbuf, email->data, email->len);
-	tmpbuf += ( email->len );
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-	SECITEM_FreeItem(email, PR_TRUE);
-    }
-    for (i=ou_count-1; i >= 0; i--) {
-	PORT_Memcpy(tmpbuf, orgunit[i]->data, orgunit[i]->len);
-	tmpbuf += ( orgunit[i]->len );
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-	SECITEM_FreeItem(orgunit[i], PR_TRUE);
-    }
-    if ( dq ) {
-	PORT_Memcpy(tmpbuf, dq->data, dq->len);
-	tmpbuf += ( dq->len );
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-	SECITEM_FreeItem(dq, PR_TRUE);
-    }
-    if ( org ) {
-	PORT_Memcpy(tmpbuf, org->data, org->len);
-	tmpbuf += ( org->len );
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-	SECITEM_FreeItem(org, PR_TRUE);
-    }
-    for (i=dc_count-1; i >= 0; i--) {
-	PORT_Memcpy(tmpbuf, dc[i]->data, dc[i]->len);
-	tmpbuf += ( dc[i]->len );
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-	SECITEM_FreeItem(dc[i], PR_TRUE);
-    }
-    first = PR_TRUE;
-    if ( loc ) {
-	PORT_Memcpy(tmpbuf, loc->data,  loc->len);
-	tmpbuf += ( loc->len );
-	first = PR_FALSE;
-	SECITEM_FreeItem(loc, PR_TRUE);
-    }
-    if ( state ) {
-	if ( !first ) {
-	    PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
-	    tmpbuf += COMMALEN;
-	}
-	PORT_Memcpy(tmpbuf, state->data, state->len);
-	tmpbuf += ( state->len );
-	first = PR_FALSE;
-	SECITEM_FreeItem(state, PR_TRUE);
-    }
-    if ( country ) {
-	if ( !first ) {
-	    PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
-	    tmpbuf += COMMALEN;
-	}
-	PORT_Memcpy(tmpbuf, country->data, country->len);
-	tmpbuf += ( country->len );
-	first = PR_FALSE;
-	SECITEM_FreeItem(country, PR_TRUE);
-    }
-    if ( !first ) {
-	PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
-	tmpbuf += BREAKLEN;
-    }
-
-    *tmpbuf = 0;
-
-    return(buf);
-}
-
-static char *sec_FortezzaClearance(SECItem *clearance) {
-    unsigned char clr = 0;
-
-    if (clearance->len > 0) { clr = clearance->data[0]; }
-
-    if (clr & 0x4) return "Top Secret";
-    if (clr & 0x8) return "Secret";
-    if (clr & 0x10) return "Confidential";
-    if (clr & 0x20) return "Sensitive";
-    if (clr & 0x40) return "Unclassified";
-    return "None";
-}
-
-static char *sec_FortezzaMessagePrivilege(SECItem *priv) {
-    unsigned char clr = 0;
-
-    if (priv->len > 0) { clr = (priv->data[0]) & 0x78; }
-
-    if (clr == 0x00) {
-	return "None";
-    } else {
-
-	return PR_smprintf("%s%s%s%s%s%s%s",
-
-	    clr&0x40?"Critical/Flash":"",
-	    (clr&0x40) && (clr&0x38) ? ", " : "" ,
-
-	    clr&0x20?"Immediate/Priority":"",
-	    (clr&0x20) && (clr&0x18) ? ", " : "" ,
-
-	    clr&0x10?"Routine/Deferred":"",
-	    (clr&0x10) && (clr&0x08) ? ", " : "" ,
-
-	    clr&0x08?"Rekey Agent":"");
-    }
-
-}
-					
-static char *sec_FortezzaCertPrivilege(SECItem *priv) {
-    unsigned char clr = 0;
-
-    if (priv->len > 0) { clr = priv->data[0]; }
-
-    return PR_smprintf("%s%s%s%s%s%s%s%s%s%s%s%s",
-	clr&0x40?"Organizational Releaser":"",
-	(clr&0x40) && (clr&0x3e) ? "," : "" ,
-	clr&0x20?"Policy Creation Authority":"",
-	(clr&0x20) && (clr&0x1e) ? "," : "" ,
-	clr&0x10?"Certificate Authority":"",
-	(clr&0x10) && (clr&0x0e) ? "," : "" ,
-	clr&0x08?"Local Managment Authority":"",
-	(clr&0x08) && (clr&0x06) ? "," : "" ,
-	clr&0x04?"Configuration Vector Authority":"",
-	(clr&0x04) && (clr&0x02) ? "," : "" ,
-	clr&0x02?"No Signature Capability":"",
-	clr&0x7e?"":"Signing Only"
-    );
-}
-
-static char *htmlcertstrings[] = {
-    "<table border=0 cellspacing=0 cellpadding=0><tr><td valign=top>"
-    "<font size=2><b>This Certificate belongs to:</b><br>"
-    "<table border=0 cellspacing=0 cellpadding=0><tr><td>",
-    0, /* image goes here */
-    0,
-    0,
-    "</td><td width=10> </td><td><font size=2>",
-    0, /* subject name goes here */
-    "</td></tr></table></font></td><td width=20> </td><td valign=top>"
-    "<font size=2><b>This Certificate was issued by:</b><br>"
-    "<table border=0 cellspacing=0 cellpadding=0><tr><td>",
-    0, /* image goes here */
-    0,
-    0,
-    "</td><td width=10> </td><td><font size=2>",
-    0, /* issuer name goes here */
-    "</td></tr></table></font></td></tr></table>"
-    "<b>Serial Number:</b> ",
-    0,
-    "<br><b>This Certificate is valid from ",
-    0, /* notBefore goes here */
-    " to ",
-    0, /* notAfter does here */
-    "</b><br><b>Clearance:</b>",
-    0,
-    "<br><b>DSS Privileges:</b>",
-    0,
-    "<br><b>KEA Privileges:</b>",
-    0,
-    "<br><b>KMID:</b>",
-    0,
-    "<br><b>Certificate Fingerprint:</b>"
-    "<table border=0 cellspacing=0 cellpadding=0><tr>"
-    "<td width=10> </td><td><font size=2>",
-    0, /* fingerprint goes here */
-    "</td></tr></table>",
-    0, /* comment header goes here */
-    0, /* comment goes here */
-    0, /* comment trailer goes here */
-    0
-};
-
-char *
-CERT_HTMLCertInfo(CERTCertificate *cert, PRBool showImages, PRBool showIssuer)
-{
-    SECStatus rv;
-    char *issuer, *subject, *serialNumber, *version;
-    char *notBefore, *notAfter;
-    char *ret;
-    char *nickname;
-    SECItem dummyitem;
-    unsigned char fingerprint[16];   /* result of MD5, always 16 bytes */
-    char *fpstr;
-    SECItem fpitem;
-    char *commentstring = NULL;
-    SECKEYPublicKey *pubk;
-    char *DSSPriv;
-    char *KMID = NULL;
-    char *servername;
-    
-    if (!cert) {
-	return(0);
-    }
-
-    issuer = CERT_FormatName (&cert->issuer);
-    subject = CERT_FormatName (&cert->subject);
-    version = CERT_Hexify (&cert->version,1);
-    serialNumber = CERT_Hexify (&cert->serialNumber,1);
-    notBefore = DER_UTCDayToAscii(&cert->validity.notBefore);
-    notAfter = DER_UTCDayToAscii(&cert->validity.notAfter);
-    servername = CERT_FindNSStringExtension(cert,
-				   SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-
-    nickname = cert->nickname;
-    if ( nickname == NULL ) {
-	showImages = PR_FALSE;
-    }
-
-    dummyitem.data = NULL;
-    rv = CERT_FindCertExtension(cert, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
-			       &dummyitem);
-    if ( dummyitem.data ) {
-	PORT_Free(dummyitem.data);
-    }
-    
-    if ( rv || !showImages ) {
-	htmlcertstrings[1] = "";
-	htmlcertstrings[2] = "";
-	htmlcertstrings[3] = "";
-    } else {
-	htmlcertstrings[1] = "<img src=\"about:security?subject-logo=";
-	htmlcertstrings[2] = nickname;
-	htmlcertstrings[3] = "\">";
-    }
-
-    if ( servername ) {
-	char *tmpstr;
-	tmpstr = (char *)PORT_Alloc(PORT_Strlen(subject) +
-				    PORT_Strlen(servername) +
-				    sizeof("<br>") + 1);
-	if ( tmpstr ) {
-	    PORT_Strcpy(tmpstr, servername);
-	    PORT_Strcat(tmpstr, "<br>");
-	    PORT_Strcat(tmpstr, subject);
-	    PORT_Free(subject);
-	    subject = tmpstr;
-	}
-    }
-    
-    htmlcertstrings[5] = subject;
-
-    dummyitem.data = NULL;
-    
-    rv = CERT_FindCertExtension(cert, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
-			       &dummyitem);
-    if ( dummyitem.data ) {
-	PORT_Free(dummyitem.data);
-    }
-    
-    if ( rv || !showImages ) {
-	htmlcertstrings[7] = "";
-	htmlcertstrings[8] = "";
-	htmlcertstrings[9] = "";
-    } else {
-	htmlcertstrings[7] = "<img src=\"about:security?issuer-logo=";
-	htmlcertstrings[8] = nickname;
-	htmlcertstrings[9] = "\">";
-    }
-
-    
-    if (showIssuer == PR_TRUE) {
-        htmlcertstrings[11] = issuer;
-    } else {
-	htmlcertstrings[11] = "";
-    }
-
-    htmlcertstrings[13] = serialNumber;
-    htmlcertstrings[15] = notBefore;
-    htmlcertstrings[17] = notAfter;
-
-    pubk = CERT_ExtractPublicKey(cert);
-    DSSPriv = NULL;
-    if (pubk && (pubk->keyType == fortezzaKey)) {
-	htmlcertstrings[18] = "</b><br><b>Clearance:</b>";
-	htmlcertstrings[19] = sec_FortezzaClearance(
-					&pubk->u.fortezza.clearance);
-	htmlcertstrings[20] = "<br><b>DSS Privileges:</b>";
-	DSSPriv = sec_FortezzaCertPrivilege(
-					&pubk->u.fortezza.DSSpriviledge);
-	htmlcertstrings[21] = DSSPriv;
-	htmlcertstrings[22] = "<br><b>KEA Privileges:</b>";
-	htmlcertstrings[23] = sec_FortezzaMessagePrivilege(
-					&pubk->u.fortezza.KEApriviledge);
-	htmlcertstrings[24] = "<br><b>KMID:</b>";
-	dummyitem.data = &pubk->u.fortezza.KMID[0];
-	dummyitem.len = sizeof(pubk->u.fortezza.KMID);
-	KMID = CERT_Hexify (&dummyitem,0);
-	htmlcertstrings[25] = KMID;
-    } else {
-	/* clear out the headers in the non-fortezza cases */
-	htmlcertstrings[18] = "";
-	htmlcertstrings[19] = "";
-	htmlcertstrings[20] = "";
-	htmlcertstrings[21] = "";
-	htmlcertstrings[22] = "";
-	htmlcertstrings[23] = "";
-	htmlcertstrings[24] = "";
-	htmlcertstrings[25] = "</b>";
-    }
-
-    if (pubk) {
-      SECKEY_DestroyPublicKey(pubk);
-    }
-
-#define HTML_OFF 27
-    rv = PK11_HashBuf(SEC_OID_MD5, fingerprint, 
-    	              cert->derCert.data, cert->derCert.len);
-    
-    fpitem.data = fingerprint;
-    fpitem.len = sizeof(fingerprint);
-
-    fpstr = CERT_Hexify (&fpitem,1);
-    
-    htmlcertstrings[HTML_OFF] = fpstr;
-
-    commentstring = CERT_GetCertCommentString(cert);
-
-    if (commentstring == NULL) {
-	htmlcertstrings[HTML_OFF+2] = "";
-	htmlcertstrings[HTML_OFF+3] = "";
-	htmlcertstrings[HTML_OFF+4] = "";
-    } else {
-	htmlcertstrings[HTML_OFF+2] =
-	    "<b>Comment:</b>"
-	    "<table border=0 cellspacing=0 cellpadding=0><tr>"
-	    "<td width=10> </td><td><font size=3>"
-	    "<textarea name=foobar rows=4 cols=55 onfocus=\"this.blur()\">";
-	htmlcertstrings[HTML_OFF+3] = commentstring;
-	htmlcertstrings[HTML_OFF+4] = "</textarea></font></td></tr></table>";
-    }
-    
-    ret = gatherStrings(htmlcertstrings);
-    
-    if ( issuer ) {
-	PORT_Free(issuer);
-    }
-    
-    if ( subject ) {
-	PORT_Free(subject);
-    }
-    
-    if ( version ) {
-	PORT_Free(version);
-    }
-    
-    if ( serialNumber ) {
-	PORT_Free(serialNumber);
-    }
-    
-    if ( notBefore ) {
-	PORT_Free(notBefore);
-    }
-    
-    if ( notAfter ) {
-	PORT_Free(notAfter);
-    }
-    
-    if ( fpstr ) {
-	PORT_Free(fpstr);
-    }
-    if (DSSPriv) {
-	PORT_Free(DSSPriv);
-    }
-
-    if (KMID) {
-	PORT_Free(KMID);
-    }
-
-    if ( commentstring ) {
-	PORT_Free(commentstring);
-    }
-    
-    if ( servername ) {
-	PORT_Free(servername);
-    }
-    
-    return(ret);
-}
-
diff --git a/security/nss/lib/certhigh/certreq.c b/security/nss/lib/certhigh/certreq.c
deleted file mode 100644
index 1588c1896..000000000
--- a/security/nss/lib/certhigh/certreq.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "secder.h"
-#include "key.h"
-#include "secitem.h"
-#include "secasn1.h"
-
-const SEC_ASN1Template CERT_AttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(CERTAttribute) },
-    { SEC_ASN1_OBJECT_ID, offsetof(CERTAttribute, attrType) },
-    { SEC_ASN1_SET_OF, offsetof(CERTAttribute, attrValue),
-	SEC_AnyTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template CERT_SetOfAttributeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, CERT_AttributeTemplate },
-};
-
-const SEC_ASN1Template CERT_CertificateRequestTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTCertificateRequest) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(CERTCertificateRequest,version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificateRequest,subject),
-	  CERT_NameTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTCertificateRequest,subjectPublicKeyInfo),
-	  CERT_SubjectPublicKeyInfoTemplate },
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(CERTCertificateRequest,attributes), 
-	  CERT_SetOfAttributeTemplate },
-    { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateRequestTemplate)
-
-CERTCertificate *
-CERT_CreateCertificate(unsigned long serialNumber,
-		      CERTName *issuer,
-		      CERTValidity *validity,
-		      CERTCertificateRequest *req)
-{
-    CERTCertificate *c;
-    int rv;
-    PRArenaPool *arena;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	return(0);
-    }
-
-    c = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-    
-    if (c) {
-	c->referenceCount = 1;
-	c->arena = arena;
-
-	/*
-	 * Default is a plain version 1.
-	 * If extensions are added, it will get changed as appropriate.
-	 */
-	rv = DER_SetUInteger(arena, &c->version, SEC_CERTIFICATE_VERSION_1);
-	if (rv) goto loser;
-
-	rv = DER_SetUInteger(arena, &c->serialNumber, serialNumber);
-	if (rv) goto loser;
-
-	rv = CERT_CopyName(arena, &c->issuer, issuer);
-	if (rv) goto loser;
-
-	rv = CERT_CopyValidity(arena, &c->validity, validity);
-	if (rv) goto loser;
-
-	rv = CERT_CopyName(arena, &c->subject, &req->subject);
-	if (rv) goto loser;
-	rv = SECKEY_CopySubjectPublicKeyInfo(arena, &c->subjectPublicKeyInfo,
-					  &req->subjectPublicKeyInfo);
-	if (rv) goto loser;
-    }
-    return c;
-
-  loser:
-    CERT_DestroyCertificate(c);
-    return 0;
-}
-
-/************************************************************************/
-
-CERTCertificateRequest *
-CERT_CreateCertificateRequest(CERTName *subject,
-			     CERTSubjectPublicKeyInfo *spki,
-			     SECItem **attributes)
-{
-    CERTCertificateRequest *certreq;
-    PRArenaPool *arena;
-    SECStatus rv;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	return NULL;
-    }
-    
-    certreq = (CERTCertificateRequest *)
-			PORT_ArenaZAlloc(arena, sizeof(CERTCertificateRequest));
-
-    if (certreq != NULL) {
-	certreq->arena = arena;
-	
-	rv = DER_SetUInteger(arena, &certreq->version,
-			     SEC_CERTIFICATE_REQUEST_VERSION);
-	if (rv != SECSuccess)
-	    goto loser;
-
-	rv = CERT_CopyName(arena, &certreq->subject, subject);
-	if (rv != SECSuccess)
-	    goto loser;
-
-	rv = SECKEY_CopySubjectPublicKeyInfo(arena,
-					  &certreq->subjectPublicKeyInfo,
-					  spki);
-	if (rv != SECSuccess)
-	    goto loser;
-
-	/* Copy over attribute information */
-	if (attributes) {
-	    int i = 0;
-
-	    /* allocate space for attributes */
-	    while(attributes[i] != NULL) i++;
-	    certreq->attributes = (SECItem**)PORT_ArenaZAlloc(arena, 
-						   	      sizeof(SECItem *) * (i + 1));
-	    if(!certreq->attributes) {
-		goto loser;
-	    }
-
-	    /* copy attributes */
-	    i = 0;
-	    while(attributes[i]) {
-		/*
-		** Attributes are a SetOf Attribute which implies
-		** lexigraphical ordering.  It is assumes that the
-		** attributes are passed in sorted.  If we need to
-		** add functionality to sort them, there is an
-		** example in the PKCS 7 code.
-		*/
-		certreq->attributes[i] = (SECItem*)PORT_ArenaZAlloc(arena, 
-							  	    sizeof(SECItem));
-		if(!certreq->attributes[i]) {
-		    goto loser;
-		};
-		rv = SECITEM_CopyItem(arena, certreq->attributes[i], 
-				      attributes[i]);
-		if (rv != SECSuccess) {
-		    goto loser;
-		}
-		i++;
-	    }
-	    certreq->attributes[i] = NULL;
-	} else {
-	    /*
-	     ** Invent empty attribute information. According to the
-	     ** pkcs#10 spec, attributes has this ASN.1 type:
-	     **
-	     ** attributes [0] IMPLICIT Attributes
-	     ** 
-	     ** Which means, we should create a NULL terminated list
-	     ** with the first entry being NULL;
-	     */
-	    certreq->attributes = (SECItem**)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
-	    if(!certreq->attributes) {
-		goto loser;
-	    }
-	    certreq->attributes[0] = NULL;
-	} 
-    } else {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-
-    return certreq;
-
-loser:
-    CERT_DestroyCertificateRequest(certreq);
-    return NULL;
-}
-
-void
-CERT_DestroyCertificateRequest(CERTCertificateRequest *req)
-{
-    if (req && req->arena) {
-	PORT_FreeArena(req->arena, PR_FALSE);
-    }
-    return;
-}
-
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
deleted file mode 100644
index 1ae7237de..000000000
--- a/security/nss/lib/certhigh/certvfy.c
+++ /dev/null
@@ -1,1630 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-#include "secerr.h"
-#include "secport.h"
-#include "seccomon.h"
-#include "secoid.h"
-#include "sslerr.h"
-#include "genname.h"
-#include "keyhi.h"
-#include "cert.h"
-#include "certdb.h"
-#include "cryptohi.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspki.h"
-#include "pkitm.h"
-#include "pkim.h"
-#include "pki3hack.h"
-#include "base.h"
-
-#define PENDING_SLOP (24L*60L*60L)
-
-/*
- * WARNING - this function is depricated, and will go away in the near future.
- *	It has been superseded by CERT_CheckCertValidTimes().
- *
- * Check the validity times of a certificate
- */
-SECStatus
-CERT_CertTimesValid(CERTCertificate *c)
-{
-    int64 now, notBefore, notAfter, pendingSlop;
-    SECStatus rv;
-    
-    /* if cert is already marked OK, then don't bother to check */
-    if ( c->timeOK ) {
-	return(SECSuccess);
-    }
-    
-    /* get current UTC time */
-    now = PR_Now();
-    rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
-    
-    if (rv) {
-	return(SECFailure);
-    }
-    
-    LL_I2L(pendingSlop, PENDING_SLOP);
-    LL_SUB(notBefore, notBefore, pendingSlop);
-
-    if (LL_CMP(now, <, notBefore) || LL_CMP(now, >, notAfter)) {
-	PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
-	return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-/*
- * verify the signature of a signed data object with the given certificate
- */
-SECStatus
-CERT_VerifySignedData(CERTSignedData *sd, CERTCertificate *cert,
-		      int64 t, void *wincx)
-{
-    SECItem sig;
-    SECKEYPublicKey *pubKey = 0;
-    SECStatus rv;
-    SECCertTimeValidity validity;
-    SECOidTag algid;
-
-    /* check the certificate's validity */
-    validity = CERT_CheckCertValidTimes(cert, t, PR_FALSE);
-    if ( validity != secCertTimeValid ) {
-	return(SECFailure);
-    }
-
-    /* get cert's public key */
-    pubKey = CERT_ExtractPublicKey(cert);
-    if ( !pubKey ) {
-	return(SECFailure);
-    }
-    
-    /* check the signature */
-    sig = sd->signature;
-    DER_ConvertBitString(&sig);
-
-    algid = SECOID_GetAlgorithmTag(&sd->signatureAlgorithm);
-    rv = VFY_VerifyData(sd->data.data, sd->data.len, pubKey, &sig,
-			algid, wincx);
-
-    SECKEY_DestroyPublicKey(pubKey);
-
-    if ( rv ) {
-	return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-
-/*
- * This must only be called on a cert that is known to have an issuer
- * with an invalid time
- */
-CERTCertificate *
-CERT_FindExpiredIssuer(CERTCertDBHandle *handle, CERTCertificate *cert)
-{
-    CERTCertificate *issuerCert = NULL;
-    CERTCertificate *subjectCert;
-    int              count;
-    SECStatus        rv;
-    SECComparison    rvCompare;
-    
-    subjectCert = CERT_DupCertificate(cert);
-    if ( subjectCert == NULL ) {
-	goto loser;
-    }
-    
-    for ( count = 0; count < CERT_MAX_CERT_CHAIN; count++ ) {
-	/* find the certificate of the issuer */
-	issuerCert = CERT_FindCertByName(handle, &subjectCert->derIssuer);
-    
-	if ( ! issuerCert ) {
-	    goto loser;
-	}
-
-	rv = CERT_CertTimesValid(issuerCert);
-	if ( rv == SECFailure ) {
-	    /* this is the invalid issuer */
-	    CERT_DestroyCertificate(subjectCert);
-	    return(issuerCert);
-	}
-
-	/* make sure that the issuer is not self signed.  If it is, then
-	 * stop here to prevent looping.
-	 */
-	rvCompare = SECITEM_CompareItem(&issuerCert->derSubject,
-				 &issuerCert->derIssuer);
-	if (rvCompare == SECEqual) {
-	    PORT_Assert(0);		/* No expired issuer! */
-	    goto loser;
-	}
-	CERT_DestroyCertificate(subjectCert);
-	subjectCert = issuerCert;
-    }
-
-loser:
-    if ( issuerCert ) {
-	CERT_DestroyCertificate(issuerCert);
-    }
-    
-    if ( subjectCert ) {
-	CERT_DestroyCertificate(subjectCert);
-    }
-    
-    return(NULL);
-}
-
-/* Software FORTEZZA installation hack. The software fortezza installer does
- * not have access to the krl and cert.db file. Accept FORTEZZA Certs without
- * KRL's in this case. 
- */
-static int dont_use_krl = 0;
-/* not a public exposed function... */
-void sec_SetCheckKRLState(int value) { dont_use_krl = value; }
-
-SECStatus
-SEC_CheckKRL(CERTCertDBHandle *handle,SECKEYPublicKey *key,
-	     CERTCertificate *rootCert, int64 t, void * wincx)
-{
-    CERTSignedCrl *crl = NULL;
-    SECStatus rv = SECFailure;
-    SECStatus rv2;
-    CERTCrlEntry **crlEntry;
-    SECCertTimeValidity validity;
-    CERTCertificate *issuerCert = NULL;
-
-    if (dont_use_krl) return SECSuccess;
-
-    /* first look up the KRL */
-    crl = SEC_FindCrlByName(handle,&rootCert->derSubject, SEC_KRL_TYPE);
-    if (crl == NULL) {
-	PORT_SetError(SEC_ERROR_NO_KRL);
-	goto done;
-    }
-
-    /* get the issuing certificate */
-    issuerCert = CERT_FindCertByName(handle, &crl->crl.derName);
-    if (issuerCert == NULL) {
-        PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
-        goto done;
-    }
-
-
-    /* now verify the KRL signature */
-    rv2 = CERT_VerifySignedData(&crl->signatureWrap, issuerCert, t, wincx);
-    if (rv2 != SECSuccess) {
-	PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
-    	goto done;
-    }
-
-    /* Verify the date validity of the KRL */
-    validity = SEC_CheckCrlTimes(&crl->crl, t);
-    if (validity == secCertTimeExpired) {
-	PORT_SetError(SEC_ERROR_KRL_EXPIRED);
-	goto done;
-    }
-
-    /* now make sure the key in this cert is still valid */
-    if (key->keyType != fortezzaKey) {
-	PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
-	goto done; /* This should be an assert? */
-    }
-
-    /* now make sure the key is not on the revocation list */
-    for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
-	if (PORT_Memcmp((*crlEntry)->serialNumber.data,
-				key->u.fortezza.KMID,
-				    (*crlEntry)->serialNumber.len) == 0) {
-	    PORT_SetError(SEC_ERROR_REVOKED_KEY);
-	    goto done;
-	}
-    }
-    rv = SECSuccess;
-
-done:
-    if (issuerCert) CERT_DestroyCertificate(issuerCert);
-    if (crl) SEC_DestroyCrl(crl);
-    return rv;
-}
-
-SECStatus
-SEC_CheckCRL(CERTCertDBHandle *handle,CERTCertificate *cert,
-	     CERTCertificate *caCert, int64 t, void * wincx)
-{
-    CERTSignedCrl *crl = NULL;
-    SECStatus rv = SECSuccess;
-    CERTCrlEntry **crlEntry;
-
-    /* first look up the CRL */
-    crl = SEC_FindCrlByName(handle,&caCert->derSubject, SEC_CRL_TYPE);
-    if (crl == NULL) {
-	/* XXX for now no CRL is ok */
-	goto done;
-    }
-
-    /* now verify the CRL signature */
-    rv = CERT_VerifySignedData(&crl->signatureWrap, caCert, t, wincx);
-    if (rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
-        rv = SECWouldBlock; /* Soft error, ask the user */
-    	goto done;
-    }
-
-    /* now make sure the key is not on the revocation list */
-    for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
-	if (SECITEM_CompareItem(&(*crlEntry)->serialNumber,&cert->serialNumber) == SECEqual) {
-	    PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
-	    rv = SECFailure; /* cert is revoked */
-	    goto done;
-	}
-    }
-
-done:
-    if (crl) SEC_DestroyCrl(crl);
-    return rv;
-}
-
-/*
- * Find the issuer of a cert.  Use the authorityKeyID if it exists.
- */
-CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage)
-{
-#ifdef NSS_CLASSIC
-    CERTAuthKeyID *   authorityKeyID = NULL;  
-    CERTCertificate * issuerCert     = NULL;
-    SECItem *         caName;
-    PRArenaPool       *tmpArena = NULL;
-
-    tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !tmpArena ) {
-	goto loser;
-    }
-    authorityKeyID = CERT_FindAuthKeyIDExten(tmpArena,cert);
-
-    if ( authorityKeyID != NULL ) {
-	/* has the authority key ID extension */
-	if ( authorityKeyID->keyID.data != NULL ) {
-	    /* extension contains a key ID, so lookup based on it */
-	    issuerCert = CERT_FindCertByKeyID(cert->dbhandle, &cert->derIssuer,
-					      &authorityKeyID->keyID);
-	    if ( issuerCert == NULL ) {
-		PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
-		goto loser;
-	    }
-	    
-	} else if ( authorityKeyID->authCertIssuer != NULL ) {
-	    /* no key ID, so try issuer and serial number */
-	    caName = (SECItem*)CERT_GetGeneralNameByType(authorityKeyID->authCertIssuer,
-					       		 certDirectoryName, PR_TRUE);
-
-	    /*
-	     * caName is NULL when the authCertIssuer field is not
-	     * being used, or other name form is used instead.
-	     * If the directoryName format and serialNumber fields are
-	     * used, we use them to find the CA cert.
-	     * Note:
-	     *	By the time it gets here, we known for sure that if the
-	     *	authCertIssuer exists, then the authCertSerialNumber
-	     *	must also exists (CERT_DecodeAuthKeyID() ensures this).
-	     *	We don't need to check again. 
-	     */
-
-	    if (caName != NULL) {
-		CERTIssuerAndSN issuerSN;
-
-		issuerSN.derIssuer.data = caName->data;
-		issuerSN.derIssuer.len = caName->len;
-		issuerSN.serialNumber.data = 
-			authorityKeyID->authCertSerialNumber.data;
-		issuerSN.serialNumber.len = 
-			authorityKeyID->authCertSerialNumber.len;
-		issuerCert = CERT_FindCertByIssuerAndSN(cert->dbhandle,
-								&issuerSN);
-		if ( issuerCert == NULL ) {
-		    PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
-		    goto loser;
-		}
-	    }
-	}
-    }
-    if ( issuerCert == NULL ) {
-	/* if there is not authorityKeyID, then try to find the issuer */
-	/* find a valid CA cert with correct usage */
-	issuerCert = CERT_FindMatchingCert(cert->dbhandle,
-					   &cert->derIssuer,
-					   certOwnerCA, usage, PR_TRUE,
-					   validTime, PR_TRUE);
-
-	/* if that fails, then fall back to grabbing any cert with right name*/
-	if ( issuerCert == NULL ) {
-	    issuerCert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
-	    if ( issuerCert == NULL ) {
-		PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
-	    }
-	}
-    }
-
-loser:
-    if (tmpArena != NULL) {
-	PORT_FreeArena(tmpArena, PR_FALSE);
-	tmpArena = NULL;
-    }
-
-    return(issuerCert);
-#else
-    NSSCertificate *me;
-    NSSTime *nssTime;
-    NSSUsage nssUsage;
-    NSSCertificate *chain[3];
-    PRStatus status;
-    me = STAN_GetNSSCertificate(cert);
-    nssTime = NSSTime_SetPRTime(NULL, validTime);
-    nssUsage.anyUsage = PR_FALSE;
-    nssUsage.nss3usage = usage;
-    nssUsage.nss3lookingForCA = PR_TRUE;
-    memset(chain, 0, 3*sizeof(NSSCertificate *));
-    if (!me) {
-	PORT_SetError (SEC_ERROR_BAD_DATABASE);
-	return NULL;
-    }
-    (void)NSSCertificate_BuildChain(me, nssTime, &nssUsage, NULL, 
-                                    chain, 2, NULL, &status);
-    nss_ZFreeIf(nssTime);
-    if (status == PR_SUCCESS) {
-	/* if it's a root, the chain will only have one cert */
-	if (!chain[1]) {
-	    /* already has a reference from the call to BuildChain */
-	    return cert;
-	} else {
-	    CERT_DestroyCertificate(cert); /* the first cert in the chain */
-	    return STAN_GetCERTCertificate(chain[1]); /* return the 2nd */
-	}
-    } else {
-	PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
-    }
-    return NULL;
-#endif
-}
-
-/*
- * return required trust flags for various cert usages for CAs
- */
-SECStatus
-CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
-			      unsigned int *retFlags,
-			      SECTrustType *retTrustType)
-{
-    unsigned int requiredFlags;
-    SECTrustType trustType;
-
-    switch ( usage ) {
-      case certUsageSSLClient:
-	requiredFlags = CERTDB_TRUSTED_CLIENT_CA;
-	trustType = trustSSL;
-        break;
-      case certUsageSSLServer:
-      case certUsageSSLCA:
-	requiredFlags = CERTDB_TRUSTED_CA;
-	trustType = trustSSL;
-        break;
-      case certUsageSSLServerWithStepUp:
-	requiredFlags = CERTDB_TRUSTED_CA | CERTDB_GOVT_APPROVED_CA;
-	trustType = trustSSL;
-        break;
-      case certUsageEmailSigner:
-      case certUsageEmailRecipient:
-	requiredFlags = CERTDB_TRUSTED_CA;
-	trustType = trustEmail;
-	break;
-      case certUsageObjectSigner:
-	requiredFlags = CERTDB_TRUSTED_CA;
-	trustType = trustObjectSigning;
-	break;
-      case certUsageVerifyCA:
-      case certUsageAnyCA:
-      case certUsageStatusResponder:
-	requiredFlags = CERTDB_TRUSTED_CA;
-	trustType = trustTypeNone;
-	break;
-      default:
-	PORT_Assert(0);
-	goto loser;
-    }
-    if ( retFlags != NULL ) {
-	*retFlags = requiredFlags;
-    }
-    if ( retTrustType != NULL ) {
-	*retTrustType = trustType;
-    }
-    
-    return(SECSuccess);
-loser:
-    return(SECFailure);
-}
-
-
-
-
-
-static void
-AddToVerifyLog(CERTVerifyLog *log, CERTCertificate *cert, unsigned long error,
-	       unsigned int depth, void *arg)
-{
-    CERTVerifyLogNode *node, *tnode;
-
-    PORT_Assert(log != NULL);
-    
-    node = (CERTVerifyLogNode *)PORT_ArenaAlloc(log->arena,
-						sizeof(CERTVerifyLogNode));
-    if ( node != NULL ) {
-	node->cert = CERT_DupCertificate(cert);
-	node->error = error;
-	node->depth = depth;
-	node->arg = arg;
-	
-	if ( log->tail == NULL ) {
-	    /* empty list */
-	    log->head = log->tail = node;
-	    node->prev = NULL;
-	    node->next = NULL;
-	} else if ( depth >= log->tail->depth ) {
-	    /* add to tail */
-	    node->prev = log->tail;
-	    log->tail->next = node;
-	    log->tail = node;
-	    node->next = NULL;
-	} else if ( depth < log->head->depth ) {
-	    /* add at head */
-	    node->prev = NULL;
-	    node->next = log->head;
-	    log->head->prev = node;
-	    log->head = node;
-	} else {
-	    /* add in middle */
-	    tnode = log->tail;
-	    while ( tnode != NULL ) {
-		if ( depth >= tnode->depth ) {
-		    /* insert after tnode */
-		    node->prev = tnode;
-		    node->next = tnode->next;
-		    tnode->next->prev = node;
-		    tnode->next = node;
-		    break;
-		}
-
-		tnode = tnode->prev;
-	    }
-	}
-
-	log->count++;
-    }
-    return;
-}
-
-#define EXIT_IF_NOT_LOGGING(log) \
-    if ( log == NULL ) { \
-	goto loser; \
-    }
-
-#define LOG_ERROR_OR_EXIT(log,cert,depth,arg) \
-    if ( log != NULL ) { \
-	AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
-    } else { \
-	goto loser; \
-    }
-
-#define LOG_ERROR(log,cert,depth,arg) \
-    if ( log != NULL ) { \
-	AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
-    }
-
-
-
-
-SECStatus
-CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
-		     PRBool checkSig, SECCertUsage certUsage, int64 t,
-		     void *wincx, CERTVerifyLog *log)
-{
-    SECTrustType trustType;
-    CERTBasicConstraints basicConstraint;
-    CERTCertificate *issuerCert = NULL;
-    CERTCertificate *subjectCert = NULL;
-    CERTCertificate *badCert = NULL;
-    PRBool isca;
-    PRBool isFortezzaV1 = PR_FALSE;
-    SECStatus rv;
-    SECComparison rvCompare;
-    SECStatus rvFinal = SECSuccess;
-    int count;
-    int currentPathLen = -1;
-    int flags;
-    unsigned int caCertType;
-    unsigned int requiredCAKeyUsage;
-    unsigned int requiredFlags;
-    PRArenaPool *arena = NULL;
-    CERTGeneralName *namesList = NULL;
-    CERTGeneralName *subjectNameList = NULL;
-    SECItem *namesIndex = NULL;
-    int namesIndexLen = 10;
-    int namesCount = 0;
-
-    enum { cbd_None, cbd_User, cbd_CA } last_type = cbd_None;
-    SECKEYPublicKey *key;
-
-    if (CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_TRUE,
-					 &requiredCAKeyUsage,
-					 &caCertType)
-	!= SECSuccess ) {
-	PORT_Assert(0);
-	EXIT_IF_NOT_LOGGING(log);
-	requiredCAKeyUsage = 0;
-	caCertType = 0;
-    }
-
-    switch ( certUsage ) {
-      case certUsageSSLClient:
-      case certUsageSSLServer:
-      case certUsageSSLCA:
-      case certUsageSSLServerWithStepUp:
-      case certUsageEmailSigner:
-      case certUsageEmailRecipient:
-      case certUsageObjectSigner:
-      case certUsageVerifyCA:
-      case certUsageStatusResponder:
-	if ( CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
-					   &trustType) != SECSuccess ) {
-	    PORT_Assert(0);
-	    EXIT_IF_NOT_LOGGING(log);
-	    requiredFlags = 0;
-	    trustType = trustSSL;
-	}
-	break;
-      default:
-	PORT_Assert(0);
-	EXIT_IF_NOT_LOGGING(log);
-	requiredFlags = 0;
-	trustType = trustSSL;/* This used to be 0, but we need something
-			      * that matches the enumeration type.
-			      */
-	caCertType = 0;
-    }
-    
-    subjectCert = CERT_DupCertificate(cert);
-    if ( subjectCert == NULL ) {
-	goto loser;
-    }
-
-    /* determine if the cert is fortezza. Getting the key is an easy
-     * way to determine it, especially since we need to get the privillege
-     * from the key anyway.
-     */
-    key = CERT_ExtractPublicKey(cert);
-
-    if (key != NULL) {
-	isFortezzaV1 = (PRBool)(key->keyType == fortezzaKey);
-
-	/* find out what type of cert we are starting with */
-	if (isFortezzaV1) {
-	    unsigned char priv = 0;;
-
-	    rv = SEC_CheckKRL(handle, key, NULL, t, wincx);
-	    if (rv == SECFailure) {
-		/**** PORT_SetError is already set by SEC_CheckKRL **/
-		SECKEY_DestroyPublicKey(key);
-		/**** Bob - should we log and continue when logging? **/
-		LOG_ERROR(log,subjectCert,0,0);
-		goto loser;
-	    }                
-
-	    if (key->u.fortezza.DSSpriviledge.len > 0) {
-		priv = key->u.fortezza.DSSpriviledge.data[0];
-	    }
-
-	    last_type = (priv & 0x30) ? cbd_CA : cbd_User;
-	}
-		
-	SECKEY_DestroyPublicKey(key);
-    }
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-
-    namesIndex = (SECItem *) PORT_ZAlloc(sizeof(SECItem) * namesIndexLen);
-    if (namesIndex == NULL) {
-	goto loser;
-    }
-
-    for ( count = 0; count < CERT_MAX_CERT_CHAIN; count++ ) {
-	int subjectNameListLen;
-	int i;
-
-	/* Construct a list of names for the current and all previous certifcates 
-	   to be verified against the name constraints extension of the issuer
-	   certificate. */
-	subjectNameList = CERT_GetCertificateNames(subjectCert, arena);
-	subjectNameListLen = CERT_GetNamesLength(subjectNameList);
-	for (i = 0; i < subjectNameListLen; i++) {
-	    if (namesIndexLen <= namesCount + i) {
-		namesIndexLen = namesIndexLen * 2;
-		namesIndex = (SECItem *) PORT_Realloc(namesIndex, namesIndexLen * 
-						       sizeof(SECItem));
-		if (namesIndex == NULL) {
-		    goto loser;
-		}
-	    }
-	    rv = SECITEM_CopyItem(arena, &(namesIndex[namesCount + i]), &(subjectCert->derSubject));
-	}
-	namesCount += subjectNameListLen;
-	namesList = cert_CombineNamesLists(namesList, subjectNameList);
-
-	/* find the certificate of the issuer */
-	issuerCert = CERT_FindCertIssuer(subjectCert, t, certUsage);
-	if ( ! issuerCert ) {
-	    PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
-	    LOG_ERROR(log,subjectCert,count,0);
-	    goto loser;
-	}
-
-	/* verify the signature on the cert */
-	if ( checkSig ) {
-	    rv = CERT_VerifySignedData(&subjectCert->signatureWrap,
-				       issuerCert, t, wincx);
-    
-	    if ( rv != SECSuccess ) {
-		if ( PORT_GetError() == SEC_ERROR_EXPIRED_CERTIFICATE ) {
-		    PORT_SetError(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE);
-		    LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-		} else {
-		    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-		    LOG_ERROR_OR_EXIT(log,subjectCert,count,0);
-		}
-	    }
-	}
-
-	/*
-	 * XXX - fortezza may need error logging stuff added
-	 */
-	if (isFortezzaV1) {
-	    unsigned char priv = 0;
-
-	    /* read the key */
-	    key = CERT_ExtractPublicKey(issuerCert);
-
-	    /* Cant' get Key? fail. */
-	    if (key == NULL) {
-	    	PORT_SetError(SEC_ERROR_BAD_KEY);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-		goto fortezzaDone;
-	    }
-
-
-	    /* if the issuer is not an old fortezza cert, we bail */
-	    if (key->keyType != fortezzaKey) {
-	    	SECKEY_DestroyPublicKey(key);
-		/* CA Cert not fortezza */
-	    	PORT_SetError(SEC_ERROR_NOT_FORTEZZA_ISSUER);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-		goto fortezzaDone;
-	    }
-
-	    /* get the privilege mask */
-	    if (key->u.fortezza.DSSpriviledge.len > 0) {
-		priv = key->u.fortezza.DSSpriviledge.data[0];
-	    }
-
-	    /*
-	     * make sure the CA's keys are OK
-	     */
-            
-	    rv = SEC_CheckKRL(handle, key, NULL, t, wincx);
-	    if (rv != SECSuccess) {
-	    	SECKEY_DestroyPublicKey(key);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-		goto fortezzaDone;
-		/** fall through looking for more stuff **/
-	    } else {
-	        SECKEY_DestroyPublicKey(key);
-	    }
-
-	    switch (last_type) {
-	      case cbd_User:
-		/* first check for subordination */
-		/*rv = FortezzaSubordinateCheck(cert,issuerCert);*/
-		rv = SECSuccess;
-
-		/* now check for issuer privilege */
-		if ((rv != SECSuccess) || ((priv & 0x10) == 0)) {
-		    /* bail */
-		    PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
-		    LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-		}
-		break;
-	      case cbd_CA:
-	      case cbd_None:
-		if ((priv & 0x20) == 0) {
-		    /* bail */
-		    PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
-		    LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-		}
-		break;
-	      default:
-		/* bail */ /* shouldn't ever happen */
-	    	PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-	    }
-
-fortezzaDone:
-	    last_type =  cbd_CA;
-	}
-
-	/* If the basicConstraint extension is included in an immediate CA
-	 * certificate, make sure that the isCA flag is on.  If the
-	 * pathLenConstraint component exists, it must be greater than the
-	 * number of CA certificates we have seen so far.  If the extension
-	 * is omitted, we will assume that this is a CA certificate with
-	 * an unlimited pathLenConstraint (since it already passes the
-	 * netscape-cert-type extension checking).
-	 *
-	 * In the fortezza (V1) case, we've already checked the CA bits
-	 * in the key, so we're presumed to be a CA; however we really don't
-	 * want to bypass Basic constraint or netscape extension parsing.
-         * 
-         * In Fortezza V2, basicConstraint will be set for every CA,PCA,PAA
-	 */
-
-	rv = CERT_FindBasicConstraintExten(issuerCert, &basicConstraint);
-	if ( rv != SECSuccess ) {
-	    if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-	    } else {
-		currentPathLen = CERT_UNLIMITED_PATH_CONSTRAINT;
-	    }
-	    /* no basic constraints found, if we're fortezza, CA bit is already
-	     * verified (isca = PR_TRUE). otherwise, we aren't (yet) a ca
-	     * isca = PR_FALSE */
-	    isca = isFortezzaV1;
-	} else  {
-	    if ( basicConstraint.isCA == PR_FALSE ) {
-		PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-	    }
-	    
-	    /* make sure that the path len constraint is properly set.
-	     */
-	    if ( basicConstraint.pathLenConstraint ==
-		CERT_UNLIMITED_PATH_CONSTRAINT ) {
-		currentPathLen = CERT_UNLIMITED_PATH_CONSTRAINT;
-	    } else if ( currentPathLen == CERT_UNLIMITED_PATH_CONSTRAINT ) {
-		/* error if the previous CA's path length constraint is
-		 * unlimited but its CA's path is not.
-		 */
-		PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,basicConstraint.pathLenConstraint);
-	    } else if (basicConstraint.pathLenConstraint > currentPathLen) {
-		currentPathLen = basicConstraint.pathLenConstraint;
-	    } else {
-		PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
-		LOG_ERROR_OR_EXIT(log,issuerCert,count+1,basicConstraint.pathLenConstraint);
-	    }
-
-	    isca = PR_TRUE;
-	}
-	
-	/* XXX - the error logging may need to go down into CRL stuff at some
-	 * point
-	 */
-	/* check revoked list (issuer) */
-	rv = SEC_CheckCRL(handle, subjectCert, issuerCert, t, wincx);
-	if (rv == SECFailure) {
-	    LOG_ERROR_OR_EXIT(log,subjectCert,count,0);
-	} else if (rv == SECWouldBlock) {
-	    /* We found something fishy, so we intend to issue an
-	     * error to the user, but the user may wish to continue
-	     * processing, in which case we better make sure nothing
-	     * worse has happened... so keep cranking the loop */
-	    rvFinal = SECFailure;
-	    LOG_ERROR(log,subjectCert,count,0);
-	}
-
-
-	if ( issuerCert->trust ) {
-	    /*
-	     * check the trust parms of the issuer
-	     */
-	    if ( certUsage == certUsageVerifyCA ) {
-		if ( subjectCert->nsCertType & NS_CERT_TYPE_EMAIL_CA ) {
-		    trustType = trustEmail;
-		} else if ( subjectCert->nsCertType & NS_CERT_TYPE_SSL_CA ) {
-		    trustType = trustSSL;
-		} else {
-		    trustType = trustObjectSigning;
-		}
-	    }
-	    
-	    flags = SEC_GET_TRUST_FLAGS(issuerCert->trust, trustType);
-	    
-	    if ( (flags & CERTDB_VALID_CA) ||
-		 (certUsage == certUsageStatusResponder)) {
-		if ( ( flags & requiredFlags ) == requiredFlags ||
-		     certUsage == certUsageStatusResponder ) {
-		    /* we found a trusted one, so return */
-		    rv = rvFinal; 
-		    goto done;
-		}
-	    }
-	}
-
-	/*
-	 * Make sure that if this is an intermediate CA in the chain that
-	 * it was given permission by its signer to be a CA.
-	 */
-	if ( isca ) {
-	    /*
-	     * if basicConstraints says it is a ca, then we check the
-	     * nsCertType.  If the nsCertType has any CA bits set, then
-	     * it must have the right one.
-	     */
-	    if ( issuerCert->nsCertType & NS_CERT_TYPE_CA ) {
-		if ( issuerCert->nsCertType & caCertType ) {
-		    isca = PR_TRUE;
-		} else {
-		    isca = PR_FALSE;
-		}
-	    }
-	} else {
-	    if ( issuerCert->nsCertType & caCertType ) {
-		isca = PR_TRUE;
-	    } else {
-		isca = PR_FALSE;
-	    }
-	}
-	
-	if (  !isca  ) {
-	    PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
-	    LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
-	}
-	    
-	/* make sure key usage allows cert signing */
-	if (CERT_CheckKeyUsage(issuerCert, requiredCAKeyUsage) != SECSuccess) {
-	    PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
-	    LOG_ERROR_OR_EXIT(log,issuerCert,count+1,requiredCAKeyUsage);
-	}
-	/* make sure that the entire chain is within the name space of the current issuer
-	 * certificate.
-	 */
-
-	badCert = CERT_CompareNameSpace(issuerCert, namesList, namesIndex, arena, handle);
-	if (badCert != NULL) {
-	    PORT_SetError(SEC_ERROR_CERT_NOT_IN_NAME_SPACE);
-            LOG_ERROR_OR_EXIT(log, badCert, count + 1, 0);
-	    goto loser;
-	}
-	/* make sure that the issuer is not self signed.  If it is, then
-	 * stop here to prevent looping.
-	 */
-	rvCompare = SECITEM_CompareItem(&issuerCert->derSubject,
-				 &issuerCert->derIssuer);
-	if (rvCompare == SECEqual) {
-	    PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
-	    LOG_ERROR(log, issuerCert, count+1, 0);
-	    goto loser;
-	}
-
-	CERT_DestroyCertificate(subjectCert);
-	subjectCert = issuerCert;
-    }
-
-    subjectCert = NULL;
-    PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
-    LOG_ERROR(log,issuerCert,count,0);
-loser:
-    rv = SECFailure;
-done:
-    if (namesIndex != NULL) {
-	PORT_Free(namesIndex);
-    }
-    if ( issuerCert ) {
-	CERT_DestroyCertificate(issuerCert);
-    }
-    
-    if ( subjectCert ) {
-	CERT_DestroyCertificate(subjectCert);
-    }
-
-    if ( arena != NULL ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return rv;
-}
-			
-/*
- * verify a certificate by checking if its valid and that we
- * trust the issuer.
- * Note that this routine does not verify the signature of the certificate.
- */
-SECStatus
-CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
-		PRBool checkSig, SECCertUsage certUsage, int64 t,
-		void *wincx, CERTVerifyLog *log)
-{
-    SECStatus rv;
-    unsigned int requiredKeyUsage;
-    unsigned int requiredCertType;
-    unsigned int flags;
-    unsigned int certType;
-    PRBool       allowOverride;
-    SECCertTimeValidity validity;
-    CERTStatusConfig *statusConfig;
-   
-#ifdef notdef 
-    /* check if this cert is in the Evil list */
-    rv = CERT_CheckForEvilCert(cert);
-    if ( rv != SECSuccess ) {
-	PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
-	LOG_ERROR_OR_EXIT(log,cert,0,0);
-    }
-#endif
-    
-    /* make sure that the cert is valid at time t */
-    allowOverride = (PRBool)((certUsage == certUsageSSLServer) ||
-                             (certUsage == certUsageSSLServerWithStepUp));
-    validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
-    if ( validity != secCertTimeValid ) {
-	LOG_ERROR_OR_EXIT(log,cert,0,validity);
-    }
-
-    /* check key usage and netscape cert type */
-    CERT_GetCertType(cert);
-    certType = cert->nsCertType;
-    switch ( certUsage ) {
-      case certUsageSSLClient:
-      case certUsageSSLServer:
-      case certUsageSSLServerWithStepUp:
-      case certUsageSSLCA:
-      case certUsageEmailSigner:
-      case certUsageEmailRecipient:
-      case certUsageObjectSigner:
-      case certUsageStatusResponder:
-	rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
-					      &requiredKeyUsage,
-					      &requiredCertType);
-	if ( rv != SECSuccess ) {
-	    PORT_Assert(0);
-	    EXIT_IF_NOT_LOGGING(log);
-	    requiredKeyUsage = 0;
-	    requiredCertType = 0;
-	}
-	break;
-      case certUsageVerifyCA:
-	requiredKeyUsage = KU_KEY_CERT_SIGN;
-	requiredCertType = NS_CERT_TYPE_CA;
-	if ( ! ( certType & NS_CERT_TYPE_CA ) ) {
-	    certType |= NS_CERT_TYPE_CA;
-	}
-	break;
-      default:
-	PORT_Assert(0);
-	EXIT_IF_NOT_LOGGING(log);
-	requiredKeyUsage = 0;
-	requiredCertType = 0;
-    }
-    if ( CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess ) {
-	PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
-	LOG_ERROR_OR_EXIT(log,cert,0,requiredKeyUsage);
-    }
-    if ( !( certType & requiredCertType ) ) {
-	PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
-	LOG_ERROR_OR_EXIT(log,cert,0,requiredCertType);
-    }
-
-    /* check trust flags to see if this cert is directly trusted */
-    if ( cert->trust ) { /* the cert is in the DB */
-	switch ( certUsage ) {
-	  case certUsageSSLClient:
-	  case certUsageSSLServer:
-	    flags = cert->trust->sslFlags;
-	    
-	    /* is the cert directly trusted or not trusted ? */
-	    if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
-		if ( flags & CERTDB_TRUSTED ) {	/* trust this cert */
-		    goto winner;
-		} else { /* don't trust this cert */
-		    PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
-		    LOG_ERROR_OR_EXIT(log,cert,0,flags);
-		}
-	    }
-	    break;
-	  case certUsageSSLServerWithStepUp:
-	    /* XXX - step up certs can't be directly trusted */
-	    break;
-	  case certUsageSSLCA:
-	    break;
-	  case certUsageEmailSigner:
-	  case certUsageEmailRecipient:
-	    flags = cert->trust->emailFlags;
-	    
-	    /* is the cert directly trusted or not trusted ? */
-	    if ( ( flags & ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) ==
-		( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) {
-		goto winner;
-	    }
-	    break;
-	  case certUsageObjectSigner:
-	    flags = cert->trust->objectSigningFlags;
-
-	    /* is the cert directly trusted or not trusted ? */
-	    if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
-		if ( flags & CERTDB_TRUSTED ) {	/* trust this cert */
-		    goto winner;
-		} else { /* don't trust this cert */
-		    PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
-		    LOG_ERROR_OR_EXIT(log,cert,0,flags);
-		}
-	    }
-	    break;
-	  case certUsageVerifyCA:
-	  case certUsageStatusResponder:
-	    flags = cert->trust->sslFlags;
-	    /* is the cert directly trusted or not trusted ? */
-	    if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
-		( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
-		goto winner;
-	    }
-	    flags = cert->trust->emailFlags;
-	    /* is the cert directly trusted or not trusted ? */
-	    if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
-		( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
-		goto winner;
-	    }
-	    flags = cert->trust->objectSigningFlags;
-	    /* is the cert directly trusted or not trusted ? */
-	    if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
-		( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
-		goto winner;
-	    }
-	    break;
-	  case certUsageAnyCA:
-	  case certUsageProtectedObjectSigner:
-	  case certUsageUserCertImport:
-	    /* XXX to make the compiler happy.  Should these be
-	     * explicitly handled?
-	     */
-	    break;
-	}
-    }
-
-    rv = CERT_VerifyCertChain(handle, cert, checkSig, certUsage,
-			      t, wincx, log);
-    if (rv != SECSuccess) {
-	EXIT_IF_NOT_LOGGING(log);
-    }
-
-    /*
-     * Check revocation status, but only if the cert we are checking
-     * is not a status reponder itself.  We only do this in the case
-     * where we checked the cert chain (above); explicit trust "wins"
-     * (avoids status checking, just as it avoids CRL checking, which
-     * is all done inside VerifyCertChain) by bypassing this code.
-     */
-    statusConfig = CERT_GetStatusConfig(handle);
-    if (certUsage != certUsageStatusResponder && statusConfig != NULL) {
-	if (statusConfig->statusChecker != NULL) {
-	    rv = (* statusConfig->statusChecker)(handle, cert,
-							 t, wincx);
-	    if (rv != SECSuccess) {
-		LOG_ERROR_OR_EXIT(log,cert,0,0);
-	    }
-	}
-    }
-
-winner:
-    return(SECSuccess);
-
-loser:
-    rv = SECFailure;
-    
-    return(rv);
-}
-
-/*
- * verify a certificate by checking if its valid and that we
- * trust the issuer.  Verify time against now.
- */
-SECStatus
-CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
-		   PRBool checkSig, SECCertUsage certUsage, void *wincx)
-{
-    return(CERT_VerifyCert(handle, cert, checkSig, 
-		   certUsage, PR_Now(), wincx, NULL));
-}
-
-/* [ FROM pcertdb.c ] */
-/*
- * Supported usage values and types:
- *	certUsageSSLClient
- *	certUsageSSLServer
- *	certUsageSSLServerWithStepUp
- *	certUsageEmailSigner
- *	certUsageEmailRecipient
- *	certUsageObjectSigner
- */
-
-CERTCertificate *
-CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
-		      CERTCertOwner owner, SECCertUsage usage,
-		      PRBool preferTrusted, int64 validTime, PRBool validOnly)
-{
-    CERTCertList *certList = NULL;
-    CERTCertificate *cert = NULL;
-    unsigned int requiredTrustFlags;
-    SECTrustType requiredTrustType;
-    unsigned int flags;
-    
-    PRBool lookingForCA = PR_FALSE;
-    SECStatus rv;
-    CERTCertListNode *node;
-    CERTCertificate *saveUntrustedCA = NULL;
-    
-    /* if preferTrusted is set, must be a CA cert */
-    PORT_Assert( ! ( preferTrusted && ( owner != certOwnerCA ) ) );
-    
-    if ( owner == certOwnerCA ) {
-	lookingForCA = PR_TRUE;
-	if ( preferTrusted ) {
-	    rv = CERT_TrustFlagsForCACertUsage(usage, &requiredTrustFlags,
-					       &requiredTrustType);
-	    if ( rv != SECSuccess ) {
-		goto loser;
-	    }
-	    requiredTrustFlags |= CERTDB_VALID_CA;
-	}
-    }
-
-    certList = CERT_CreateSubjectCertList(NULL, handle, derName, validTime,
-					  validOnly);
-    if ( certList != NULL ) {
-	rv = CERT_FilterCertListByUsage(certList, usage, lookingForCA);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-	
-	node = CERT_LIST_HEAD(certList);
-	
-	while ( !CERT_LIST_END(node, certList) ) {
-	    cert = node->cert;
-
-	    /* looking for a trusted CA cert */
-	    if ( ( owner == certOwnerCA ) && preferTrusted &&
-		( requiredTrustType != trustTypeNone ) ) {
-
-		if ( cert->trust == NULL ) {
-		    flags = 0;
-		} else {
-		    flags = SEC_GET_TRUST_FLAGS(cert->trust, requiredTrustType);
-		}
-
-		if ( ( flags & requiredTrustFlags ) != requiredTrustFlags ) {
-		    /* cert is not trusted */
-		    /* if this is the first cert to get this far, then save
-		     * it, so we can use it if we can't find a trusted one
-		     */
-		    if ( saveUntrustedCA == NULL ) {
-			saveUntrustedCA = cert;
-		    }
-		    goto endloop;
-		}
-	    }
-	    /* if we got this far, then this cert meets all criteria */
-	    break;
-	    
-endloop:
-	    node = CERT_LIST_NEXT(node);
-	    cert = NULL;
-	}
-
-	/* use the saved one if we have it */
-	if ( cert == NULL ) {
-	    cert = saveUntrustedCA;
-	}
-
-	/* if we found one then bump the ref count before freeing the list */
-	if ( cert != NULL ) {
-	    /* bump the ref count */
-	    cert = CERT_DupCertificate(cert);
-	}
-	
-	CERT_DestroyCertList(certList);
-    }
-
-    return(cert);
-
-loser:
-    if ( certList != NULL ) {
-	CERT_DestroyCertList(certList);
-    }
-
-    return(NULL);
-}
-
-
-/* [ From certdb.c ] */
-/*
- * Filter a list of certificates, removing those certs that do not have
- * one of the named CA certs somewhere in their cert chain.
- *
- *	"certList" - the list of certificates to filter
- *	"nCANames" - number of CA names
- *	"caNames" - array of CA names in string(rfc 1485) form
- *	"usage" - what use the certs are for, this is used when
- *		selecting CA certs
- */
-SECStatus
-CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
-			     char **caNames, SECCertUsage usage)
-{
-    CERTCertificate *issuerCert = NULL;
-    CERTCertificate *subjectCert;
-    CERTCertListNode *node, *freenode;
-    CERTCertificate *cert;
-    int n;
-    char **names;
-    PRBool found;
-    int64 time;
-    
-    if ( nCANames <= 0 ) {
-	return(SECSuccess);
-    }
-
-    time = PR_Now();
-    
-    node = CERT_LIST_HEAD(certList);
-    
-    while ( ! CERT_LIST_END(node, certList) ) {
-	cert = node->cert;
-	
-	subjectCert = CERT_DupCertificate(cert);
-
-	/* traverse the CA certs for this cert */
-	found = PR_FALSE;
-	while ( subjectCert != NULL ) {
-	    n = nCANames;
-	    names = caNames;
-	   
-            if (subjectCert->issuerName != NULL) { 
-	        while ( n > 0 ) {
-		    if ( PORT_Strcmp(*names, subjectCert->issuerName) == 0 ) {
-		        found = PR_TRUE;
-		        break;
-		    }
-
-		    n--;
-		    names++;
-                }
-	    }
-
-	    if ( found ) {
-		break;
-	    }
-	    
-	    issuerCert = CERT_FindCertIssuer(subjectCert, time, usage);
-	    if ( issuerCert == subjectCert ) {
-		CERT_DestroyCertificate(issuerCert);
-		issuerCert = NULL;
-		break;
-	    }
-	    CERT_DestroyCertificate(subjectCert);
-	    subjectCert = issuerCert;
-
-	}
-	CERT_DestroyCertificate(subjectCert);
-	if ( !found ) {
-	    /* CA was not found, so remove this cert from the list */
-	    freenode = node;
-	    node = CERT_LIST_NEXT(node);
-	    CERT_RemoveCertListNode(freenode);
-	} else {
-	    /* CA was found, so leave it in the list */
-	    node = CERT_LIST_NEXT(node);
-	}
-    }
-    
-    return(SECSuccess);
-}
-
-/*
- * Given a certificate, return a string containing the nickname, and possibly
- * one of the validity strings, based on the current validity state of the
- * certificate.
- *
- * "arena" - arena to allocate returned string from.  If NULL, then heap
- *	is used.
- * "cert" - the cert to get nickname from
- * "expiredString" - the string to append to the nickname if the cert is
- *		expired.
- * "notYetGoodString" - the string to append to the nickname if the cert is
- *		not yet good.
- */
-char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
-				 char *expiredString, char *notYetGoodString)
-{
-    SECCertTimeValidity validity;
-    char *nickname, *tmpstr;
-    
-    validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
-
-    /* if the cert is good, then just use the nickname directly */
-    if ( validity == secCertTimeValid ) {
-	if ( arena == NULL ) {
-	    nickname = PORT_Strdup(cert->nickname);
-	} else {
-	    nickname = PORT_ArenaStrdup(arena, cert->nickname);
-	}
-	
-	if ( nickname == NULL ) {
-	    goto loser;
-	}
-    } else {
-	    
-	/* if the cert is not valid, then tack one of the strings on the
-	 * end
-	 */
-	if ( validity == secCertTimeExpired ) {
-	    tmpstr = PR_smprintf("%s%s", cert->nickname,
-				 expiredString);
-	} else {
-	    /* not yet valid */
-	    tmpstr = PR_smprintf("%s%s", cert->nickname,
-				 notYetGoodString);
-	}
-	if ( tmpstr == NULL ) {
-	    goto loser;
-	}
-
-	if ( arena ) {
-	    /* copy the string into the arena and free the malloc'd one */
-	    nickname = PORT_ArenaStrdup(arena, tmpstr);
-	    PORT_Free(tmpstr);
-	} else {
-	    nickname = tmpstr;
-	}
-	if ( nickname == NULL ) {
-	    goto loser;
-	}
-    }    
-    return(nickname);
-
-loser:
-    return(NULL);
-}
-
-/*
- * Collect the nicknames from all certs in a CertList.  If the cert is not
- * valid, append a string to that nickname.
- *
- * "certList" - the list of certificates
- * "expiredString" - the string to append to the nickname of any expired cert
- * "notYetGoodString" - the string to append to the nickname of any cert
- *		that is not yet valid
- */
-CERTCertNicknames *
-CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
-				 char *notYetGoodString)
-{
-    CERTCertNicknames *names;
-    PRArenaPool *arena;
-    CERTCertListNode *node;
-    char **nn;
-    
-    /* allocate an arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	return(NULL);
-    }
-    
-    /* allocate the structure */
-    names = PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
-    if ( names == NULL ) {
-	goto loser;
-    }
-
-    /* init the structure */
-    names->arena = arena;
-    names->head = NULL;
-    names->numnicknames = 0;
-    names->nicknames = NULL;
-    names->totallen = 0;
-
-    /* count the certs in the list */
-    node = CERT_LIST_HEAD(certList);
-    while ( ! CERT_LIST_END(node, certList) ) {
-	names->numnicknames++;
-	node = CERT_LIST_NEXT(node);
-    }
-    
-    /* allocate nicknames array */
-    names->nicknames = PORT_ArenaAlloc(arena,
-				       sizeof(char *) * names->numnicknames);
-    if ( names->nicknames == NULL ) {
-	goto loser;
-    }
-
-    /* just in case printf can't deal with null strings */
-    if (expiredString == NULL ) {
-	expiredString = "";
-    }
-
-    if ( notYetGoodString == NULL ) {
-	notYetGoodString = "";
-    }
-    
-    /* traverse the list of certs and collect the nicknames */
-    nn = names->nicknames;
-    node = CERT_LIST_HEAD(certList);
-    while ( ! CERT_LIST_END(node, certList) ) {
-	*nn = CERT_GetCertNicknameWithValidity(arena, node->cert,
-					       expiredString,
-					       notYetGoodString);
-	if ( *nn == NULL ) {
-	    goto loser;
-	}
-
-	names->totallen += PORT_Strlen(*nn);
-	
-	nn++;
-	node = CERT_LIST_NEXT(node);
-    }
-
-    return(names);
-
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(NULL);
-}
-
-/*
- * Extract the nickname from a nickmake string that may have either
- * expiredString or notYetGoodString appended.
- *
- * Args:
- *	"namestring" - the string containing the nickname, and possibly
- *		one of the validity label strings
- *	"expiredString" - the expired validity label string
- *	"notYetGoodString" - the not yet good validity label string
- *
- * Returns the raw nickname
- */
-char *
-CERT_ExtractNicknameString(char *namestring, char *expiredString,
-			   char *notYetGoodString)
-{
-    int explen, nyglen, namelen;
-    int retlen;
-    char *retstr;
-    
-    namelen = PORT_Strlen(namestring);
-    explen = PORT_Strlen(expiredString);
-    nyglen = PORT_Strlen(notYetGoodString);
-    
-    if ( namelen > explen ) {
-	if ( PORT_Strcmp(expiredString, &namestring[namelen-explen]) == 0 ) {
-	    retlen = namelen - explen;
-	    retstr = (char *)PORT_Alloc(retlen+1);
-	    if ( retstr == NULL ) {
-		goto loser;
-	    }
-	    
-	    PORT_Memcpy(retstr, namestring, retlen);
-	    retstr[retlen] = '\0';
-	    goto done;
-	}
-    }
-
-    if ( namelen > nyglen ) {
-	if ( PORT_Strcmp(notYetGoodString, &namestring[namelen-nyglen]) == 0) {
-	    retlen = namelen - nyglen;
-	    retstr = (char *)PORT_Alloc(retlen+1);
-	    if ( retstr == NULL ) {
-		goto loser;
-	    }
-	    
-	    PORT_Memcpy(retstr, namestring, retlen);
-	    retstr[retlen] = '\0';
-	    goto done;
-	}
-    }
-
-    /* if name string is shorter than either invalid string, then it must
-     * be a raw nickname
-     */
-    retstr = PORT_Strdup(namestring);
-    
-done:
-    return(retstr);
-
-loser:
-    return(NULL);
-}
-
-CERTCertList *
-CERT_GetCertChainFromCert(CERTCertificate *cert, int64 time, SECCertUsage usage)
-{
-    CERTCertList *chain = NULL;
-
-    if (NULL == cert) {
-        return NULL;
-    }
-    
-    cert = CERT_DupCertificate(cert);
-    if (NULL == cert) {
-        PORT_SetError(SEC_ERROR_NO_MEMORY);
-        return NULL;
-    }
-
-    chain = CERT_NewCertList();
-    if (NULL == chain) {
-        PORT_SetError(SEC_ERROR_NO_MEMORY);
-        return NULL;
-    }
-
-    while (cert != NULL) {
-	if (SECSuccess != CERT_AddCertToListTail(chain, cert)) {
-            /* return partial chain */
-            PORT_SetError(SEC_ERROR_NO_MEMORY);
-            return chain;
-        }
-
-	if (SECITEM_CompareItem(&cert->derIssuer, &cert->derSubject)
-	    == SECEqual) {
-            /* return complete chain */
-	    return chain;
-	}
-
-	cert = CERT_FindCertIssuer(cert, time, usage);
-    }
-
-    /* return partial chain */
-    PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
-    return chain;
-}
diff --git a/security/nss/lib/certhigh/config.mk b/security/nss/lib/certhigh/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/certhigh/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/certhigh/crlv2.c b/security/nss/lib/certhigh/crlv2.c
deleted file mode 100644
index 2600d9878..000000000
--- a/security/nss/lib/certhigh/crlv2.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with x.509 v3 crl and crl entries extensions.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secoidt.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-
-SECStatus
-CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
-{
-    return (cert_FindExtensionByOID (crl->extensions, oid, value));
-}
-    
-
-SECStatus
-CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
-{
-    return (cert_FindExtension (crl->extensions, tag, value));
-}
-
-
-/* Callback to set extensions and adjust verison */
-static void
-SetCrlExts(void *object, CERTCertExtension **exts)
-{
-    CERTCrl *crl = (CERTCrl *)object;
-
-    crl->extensions = exts;
-    DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);
-}
-
-void *
-CERT_StartCRLExtensions(CERTCrl *crl)
-{
-    return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));
-}
-
-
-SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value)
-{
-    SECItem encodedExtenValue;
-    SECStatus rv;
-
-    encodedExtenValue.data = NULL;
-    encodedExtenValue.len = 0;
-
-    rv = cert_FindExtension
-	 (crl->extensions, SEC_OID_X509_CRL_NUMBER, &encodedExtenValue);
-    if ( rv != SECSuccess )
-	return (rv);
-
-    rv = SEC_ASN1DecodeItem (NULL, value, SEC_IntegerTemplate,
-			     &encodedExtenValue);
-    PORT_Free (encodedExtenValue.data);
-    return (rv);
-}
-
-SECStatus CERT_FindCRLReasonExten (CERTCrl *crl, SECItem *value)
-{
-    return (CERT_FindBitStringExtension
-	    (crl->extensions, SEC_OID_X509_REASON_CODE, value));    
-}
-
-SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value)
-{
-    SECItem encodedExtenValue;
-    SECItem decodedExtenValue = {siBuffer,0};
-    SECStatus rv;
-
-    encodedExtenValue.data = decodedExtenValue.data = NULL;
-    encodedExtenValue.len = decodedExtenValue.len = 0;
-
-    rv = cert_FindExtension
-	 (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
-    if ( rv != SECSuccess )
-	return (rv);
-
-    rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,
-			     SEC_GeneralizedTimeTemplate, &encodedExtenValue);
-    if (rv != SECSuccess)
-	return (rv);
-    rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
-    PORT_Free (decodedExtenValue.data);
-    PORT_Free (encodedExtenValue.data);
-    return (rv);
-}
diff --git a/security/nss/lib/certhigh/manifest.mn b/security/nss/lib/certhigh/manifest.mn
deleted file mode 100644
index d7d0a2247..000000000
--- a/security/nss/lib/certhigh/manifest.mn
+++ /dev/null
@@ -1,59 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	ocsp.h \
-	ocspt.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	ocspti.h \
-	$(NULL)
-
-MODULE = security
-
-CSRCS = \
-	certhtml.c \
-	certreq.c \
-	crlv2.c \
-	ocsp.c \
-	certhigh.c \
-    certvfy.c \
-    xcrldist.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = certhi
-
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
deleted file mode 100644
index 7b6ef8804..000000000
--- a/security/nss/lib/certhigh/ocsp.c
+++ /dev/null
@@ -1,3930 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Implementation of OCSP services, for both client and server.
- * (XXX, really, mostly just for client right now, but intended to do both.)
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prprf.h"
-#include "plarena.h"
-#include "prnetdb.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "cert.h"
-#include "xconst.h"
-#include "secerr.h"
-#include "secoid.h"
-#include "hasht.h"
-#include "sechash.h"
-#include "secasn1.h"
-#include "keyhi.h"
-#include "cryptohi.h"
-#include "ocsp.h"
-#include "ocspti.h"
-#include "genname.h"
-#include "certxutl.h"
-#include "pk11func.h"	/* for PK11_HashBuf */
-#include <stdarg.h>
-
-
-/*
- * The following structure is only used internally.  It is allocated when
- * someone turns on OCSP checking, and hangs off of the status-configuration
- * structure in the certdb structure.  We use it to keep configuration
- * information specific to OCSP checking.
- */
-typedef struct ocspCheckingContextStr {
-    PRBool useDefaultResponder;
-    char *defaultResponderURI;
-    char *defaultResponderNickname;
-    CERTCertificate *defaultResponderCert;
-} ocspCheckingContext;
-
-
-/*
- * Forward declarations of sub-types, so I can lay out the types in the
- * same order as the ASN.1 is laid out in the OCSP spec itself.
- *
- * These are in alphabetical order (case-insensitive); please keep it that way!
- */
-extern const SEC_ASN1Template ocsp_CertIDTemplate[];
-extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
-extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
-extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
-extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
-extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
-extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
-extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
-
-
-/*
- * Request-related templates...
- */
-
-/*
- * OCSPRequest	::=	SEQUENCE {
- *	tbsRequest		TBSRequest,
- *	optionalSignature	[0] EXPLICIT Signature OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(CERTOCSPRequest) },
-    { SEC_ASN1_POINTER,
-	offsetof(CERTOCSPRequest, tbsRequest),
-	ocsp_TBSRequestTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(CERTOCSPRequest, optionalSignature),
-	ocsp_PointerToSignatureTemplate },
-    { 0 }
-};
-
-/*
- * TBSRequest	::=	SEQUENCE {
- *	version			[0] EXPLICIT Version DEFAULT v1,
- *	requestorName		[1] EXPLICIT GeneralName OPTIONAL,
- *	requestList		SEQUENCE OF Request,
- *	requestExtensions	[2] EXPLICIT Extensions OPTIONAL }
- *
- * Version	::=	INTEGER { v1(0) }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspTBSRequest) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |		/* XXX DER_DEFAULT */
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspTBSRequest, version),
-	SEC_IntegerTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	offsetof(ocspTBSRequest, derRequestorName),
-	SEC_PointerToAnyTemplate },
-    { SEC_ASN1_SEQUENCE_OF,
-	offsetof(ocspTBSRequest, requestList),
-	ocsp_SingleRequestTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	offsetof(ocspTBSRequest, requestExtensions),
-	CERT_SequenceOfCertExtensionTemplate },
-    { 0 }
-};
-
-/*
- * Signature	::=	SEQUENCE {
- *	signatureAlgorithm	AlgorithmIdentifier,
- *	signature		BIT STRING,
- *	certs			[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspSignature) },
-    { SEC_ASN1_INLINE,
-	offsetof(ocspSignature, signatureAlgorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-	offsetof(ocspSignature, signature) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspSignature, derCerts), 
-	SEC_SequenceOfAnyTemplate },
-    { 0 }
-};
-
-/*
- * This template is just an extra level to use in an explicitly-tagged
- * reference to a Signature.
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
-    { SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
-};
-
-/*
- * Request	::=	SEQUENCE {
- *	reqCert			CertID,
- *	singleRequestExtensions	[0] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(ocspSingleRequest) },
-    { SEC_ASN1_POINTER,
-	offsetof(ocspSingleRequest, reqCert),
-	ocsp_CertIDTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspSingleRequest, singleRequestExtensions),
-	CERT_SequenceOfCertExtensionTemplate },
-    { 0 }
-};
-
-
-/*
- * This data structure and template (CertID) is used by both OCSP
- * requests and responses.  It is the only one that is shared.
- *
- * CertID	::=	SEQUENCE {
- *	hashAlgorithm		AlgorithmIdentifier,
- *	issuerNameHash		OCTET STRING,	-- Hash of Issuer DN
- *	issuerKeyHash		OCTET STRING,	-- Hash of Issuer public key
- *	serialNumber		CertificateSerialNumber }
- *
- * CertificateSerialNumber ::=	INTEGER
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_CertIDTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(CERTOCSPCertID) },
-    { SEC_ASN1_INLINE,
-	offsetof(CERTOCSPCertID, hashAlgorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(CERTOCSPCertID, issuerNameHash) },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(CERTOCSPCertID, issuerKeyHash) },
-    { SEC_ASN1_INTEGER, 
-	offsetof(CERTOCSPCertID, serialNumber) },
-    { 0 }
-};
-
-
-/*
- * Response-related templates...
- */
-
-/*
- * OCSPResponse	::=	SEQUENCE {
- *	responseStatus		OCSPResponseStatus,
- *	responseBytes		[0] EXPLICIT ResponseBytes OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(CERTOCSPResponse) },
-    { SEC_ASN1_ENUMERATED, 
-	offsetof(CERTOCSPResponse, responseStatus) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(CERTOCSPResponse, responseBytes),
-	ocsp_PointerToResponseBytesTemplate },
-    { 0 }
-};
-
-/*
- * ResponseBytes	::=	SEQUENCE {
- *	responseType		OBJECT IDENTIFIER,
- *	response		OCTET STRING }
- */
-static const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspResponseBytes) },
-    { SEC_ASN1_OBJECT_ID,
-	offsetof(ocspResponseBytes, responseType) },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(ocspResponseBytes, response) },
-    { 0 }
-};
-
-/*
- * This template is just an extra level to use in an explicitly-tagged
- * reference to a ResponseBytes.
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
-    { SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
-};
-
-/*
- * BasicOCSPResponse	::=	SEQUENCE {
- *	tbsResponseData		ResponseData,
- *	signatureAlgorithm	AlgorithmIdentifier,
- *	signature		BIT STRING,
- *	certs			[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspBasicOCSPResponse) },
-    { SEC_ASN1_POINTER,
-	offsetof(ocspBasicOCSPResponse, tbsResponseData),
-	ocsp_ResponseDataTemplate },
-    { SEC_ASN1_INLINE,
-	offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-	offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
-	SEC_SequenceOfAnyTemplate },
-    { 0 }
-};
-
-/*
- * ResponseData	::=	SEQUENCE {
- *	version			[0] EXPLICIT Version DEFAULT v1,
- *	responderID		ResponderID,
- *	producedAt		GeneralizedTime,
- *	responses		SEQUENCE OF SingleResponse,
- *	responseExtensions	[1] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspResponseData) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |		/* XXX DER_DEFAULT */
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspResponseData, version),
-	SEC_IntegerTemplate },
-    { SEC_ASN1_ANY,
-	offsetof(ocspResponseData, derResponderID) },
-    { SEC_ASN1_GENERALIZED_TIME,
-	offsetof(ocspResponseData, producedAt) },
-    { SEC_ASN1_SEQUENCE_OF,
-	offsetof(ocspResponseData, responses),
-	ocsp_SingleResponseTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	offsetof(ocspResponseData, responseExtensions),
-	CERT_SequenceOfCertExtensionTemplate },
-    { 0 }
-};
-
-/*
- * ResponderID	::=	CHOICE {
- *	byName			[1] EXPLICIT Name,
- *	byKey			[2] EXPLICIT KeyHash }
- *
- * KeyHash ::=	OCTET STRING -- SHA-1 hash of responder's public key
- * (excluding the tag and length fields)
- *
- * XXX Because the ASN.1 encoder and decoder currently do not provide
- * a way to automatically handle a CHOICE, we need to do it in two
- * steps, looking at the type tag and feeding the exact choice back
- * to the ASN.1 code.  Hopefully that will change someday and this
- * can all be simplified down into a single template.  Anyway, for
- * now we list each choice as its own template:
- */
-static const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	offsetof(ocspResponderID, responderIDValue.name),
-	CERT_NameTemplate }
-};
-static const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	offsetof(ocspResponderID, responderIDValue.keyHash),
-	SEC_OctetStringTemplate }
-};
-static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
-    { SEC_ASN1_ANY,
-	offsetof(ocspResponderID, responderIDValue.other) }
-};
-
-/*
- * SingleResponse	::=	SEQUENCE {
- *	certID			CertID,
- *	certStatus		CertStatus,
- *	thisUpdate		GeneralizedTime,
- *	nextUpdate		[0] EXPLICIT GeneralizedTime OPTIONAL,
- *	singleExtensions	[1] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(CERTOCSPSingleResponse) },
-    { SEC_ASN1_POINTER,
-	offsetof(CERTOCSPSingleResponse, certID),
-	ocsp_CertIDTemplate },
-    { SEC_ASN1_ANY,
-	offsetof(CERTOCSPSingleResponse, derCertStatus) },
-    { SEC_ASN1_GENERALIZED_TIME,
-	offsetof(CERTOCSPSingleResponse, thisUpdate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(CERTOCSPSingleResponse, nextUpdate),
-	SEC_PointerToGeneralizedTimeTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	offsetof(CERTOCSPSingleResponse, singleExtensions),
-	CERT_SequenceOfCertExtensionTemplate },
-    { 0 }
-};
-
-/*
- * CertStatus	::=	CHOICE {
- *	good			[0] IMPLICIT NULL,
- *	revoked			[1] IMPLICIT RevokedInfo,
- *	unknown			[2] IMPLICIT UnknownInfo }
- *
- * Because the ASN.1 encoder and decoder currently do not provide
- * a way to automatically handle a CHOICE, we need to do it in two
- * steps, looking at the type tag and feeding the exact choice back
- * to the ASN.1 code.  Hopefully that will change someday and this
- * can all be simplified down into a single template.  Anyway, for
- * now we list each choice as its own template:
- */
-static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
-    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspCertStatus, certStatusInfo.goodInfo),
-	SEC_NullTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
-    { SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-	offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
-	ocsp_RevokedInfoTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
-    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
-	SEC_NullTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
-    { SEC_ASN1_POINTER,
-	offsetof(ocspCertStatus, certStatusInfo.otherInfo),
-	SEC_AnyTemplate }
-};
-
-/*
- * RevokedInfo	::=	SEQUENCE {
- *	revocationTime		GeneralizedTime,
- *	revocationReason	[0] EXPLICIT CRLReason OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspRevokedInfo) },
-    { SEC_ASN1_GENERALIZED_TIME,
-	offsetof(ocspRevokedInfo, revocationTime) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(ocspRevokedInfo, revocationReason), 
-	SEC_PointerToEnumeratedTemplate },
-    { 0 }
-};
-
-
-/*
- * OCSP-specific extension templates:
- */
-
-/*
- * ServiceLocator	::=	SEQUENCE {
- *	issuer			Name,
- *	locator			AuthorityInfoAccessSyntax OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(ocspServiceLocator) },
-    { SEC_ASN1_POINTER,
-	offsetof(ocspServiceLocator, issuer),
-	CERT_NameTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	offsetof(ocspServiceLocator, locator) },
-    { 0 }
-};
-
-
-/*
- * REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
- */
-
-/* 
- * FUNCTION: CERT_EncodeOCSPRequest
- *   DER encodes an OCSP Request, possibly adding a signature as well.
- *   XXX Signing is not yet supported, however; see comments in code.
- * INPUTS: 
- *   PRArenaPool *arena
- *     The return value is allocated from here.
- *     If a NULL is passed in, allocation is done from the heap instead.
- *   CERTOCSPRequest *request
- *     The request to be encoded.
- *   void *pwArg
- *     Pointer to argument for password prompting, if needed.  (Definitely
- *     not needed if not signing.)
- * RETURN:
- *   Returns a NULL on error and a pointer to the SECItem with the
- *   encoded value otherwise.  Any error is likely to be low-level
- *   (e.g. no memory).
- */
-SECItem *
-CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request, 
-		       void *pwArg)
-{
-    ocspTBSRequest *tbsRequest;
-    SECStatus rv;
-
-    /* XXX All of these should generate errors if they fail. */
-    PORT_Assert(request);
-    PORT_Assert(request->tbsRequest);
-
-    tbsRequest = request->tbsRequest;
-
-    if (request->tbsRequest->extensionHandle != NULL) {
-	rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
-	request->tbsRequest->extensionHandle = NULL;
-	if (rv != SECSuccess)
-	    return NULL;
-    }
-
-    /*
-     * XXX When signed requests are supported and request->optionalSignature
-     * is not NULL:
-     *  - need to encode tbsRequest->requestorName
-     *  - need to encode tbsRequest
-     *  - need to sign that encoded result (using cert in sig), filling in the
-     *    request->optionalSignature structure with the result, the signing
-     *    algorithm and (perhaps?) the cert (and its chain?) in derCerts
-     */
-
-    return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
-}
-
-
-/*
- * FUNCTION: CERT_DecodeOCSPRequest
- *   Decode a DER encoded OCSP Request.
- * INPUTS:
- *   SECItem *src
- *     Pointer to a SECItem holding DER encoded OCSP Request.
- * RETURN:
- *   Returns a pointer to a CERTOCSPRequest containing the decoded request.
- *   On error, returns NULL.  Most likely error is trouble decoding
- *   (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
- */
-CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src)
-{
-    PRArenaPool *arena = NULL;
-    SECStatus rv = SECFailure;
-    CERTOCSPRequest *dest = NULL;
-    int i;
-
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-    dest = (CERTOCSPRequest *) PORT_ArenaZAlloc(arena, 
-						sizeof(CERTOCSPRequest));
-    if (dest == NULL) {
-	goto loser;
-    }
-    dest->arena = arena;
-
-    rv = SEC_ASN1DecodeItem(arena, dest, ocsp_OCSPRequestTemplate, src);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_BAD_DER)
-	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
-	goto loser;
-    }
-
-    /*
-     * XXX I would like to find a way to get rid of the necessity
-     * of doing this copying of the arena pointer.
-     */
-    for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
-	dest->tbsRequest->requestList[i]->arena = arena;
-    }
-
-    return dest;
-
-loser:
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return NULL;
-}
-
-
-/*
- * Create and fill-in a CertID.  This function fills in the hash values
- * (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
- * Someday it might need to be more flexible about hash algorithm, but
- * for now we have no intention/need to create anything else, and until
- * we have more flexible underlying interfaces, it's just not as easy
- * as it should be to just take an algorithm id and call some helper
- * functions to do all the work (no algid->length translation, no function
- * to hash from and into a SECItem, etc.).
- *
- * Error causes a null to be returned; most likely cause is trouble
- * finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static CERTOCSPCertID *
-ocsp_CreateCertID(PRArenaPool *arena, CERTCertificate *cert, int64 time)
-{
-    CERTOCSPCertID *certID;
-    CERTCertificate *issuerCert = NULL;
-    SECItem *tempItem = NULL;
-    void *mark = PORT_ArenaMark(arena);
-    SECStatus rv;
-
-    PORT_Assert(arena != NULL);
-
-    certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
-    if (certID == NULL) {
-	goto loser;
-    }
-
-    rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
-			       NULL);
-    if (rv != SECSuccess) {
-	goto loser; 
-    }
-
-    issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
-    if (issuerCert == NULL) {
-	goto loser;
-    }
-
-    tempItem = SEC_ASN1EncodeItem(NULL, NULL, &issuerCert->subject,
-				  CERT_NameTemplate);
-    if (tempItem == NULL) {
-	goto loser;
-    }
-
-    if (SECITEM_AllocItem(arena, &(certID->issuerNameHash),
-			  SHA1_LENGTH) == NULL) {
-	goto loser;
-    }
-    rv = PK11_HashBuf(SEC_OID_SHA1, certID->issuerNameHash.data,
-		      tempItem->data, tempItem->len);
-    if (rv != SECSuccess) {
-	goto loser; 
-    }
-    certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
-    certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
-    /* cache the other two hash algorithms as well */
-    if (SECITEM_AllocItem(arena, &(certID->issuerMD5NameHash),
-			  MD5_LENGTH) == NULL) {
-	goto loser;
-    }
-    rv = PK11_HashBuf(SEC_OID_MD5, certID->issuerMD5NameHash.data,
-		      tempItem->data, tempItem->len);
-    if (rv != SECSuccess) {
-	goto loser; 
-    }
-    if (SECITEM_AllocItem(arena, &(certID->issuerMD2NameHash),
-			  MD2_LENGTH) == NULL) {
-	goto loser;
-    }
-    rv = PK11_HashBuf(SEC_OID_MD2, certID->issuerMD2NameHash.data,
-		      tempItem->data, tempItem->len);
-    if (rv != SECSuccess) {
-	goto loser; 
-    }
-
-    SECITEM_FreeItem(tempItem, PR_TRUE);
-    tempItem = NULL;
-
-    if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_SHA1,
-				   &(certID->issuerKeyHash)) == NULL) {
-	goto loser;
-    }
-    certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
-    certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
-    /* cache the other two hash algorithms as well */
-    if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_MD5,
-				   &(certID->issuerMD5KeyHash)) == NULL) {
-	goto loser;
-    }
-    if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_MD2,
-				   &(certID->issuerMD2KeyHash)) == NULL) {
-	goto loser;
-    }
-
-
-    /* now we are done with issuerCert */
-    CERT_DestroyCertificate(issuerCert);
-    issuerCert = NULL;
-
-    rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
-    if (rv != SECSuccess) {
-	goto loser; 
-    }
-
-    PORT_ArenaUnmark(arena, mark);
-    return certID;
-
-loser:
-    if (issuerCert != NULL) {
-	CERT_DestroyCertificate(issuerCert);
-    }
-    if (tempItem != NULL) {
-	SECITEM_FreeItem(tempItem, PR_TRUE);
-    }
-    PORT_ArenaRelease(arena, mark);
-    return NULL;
-}
-
-
-/*
- * Callback to set Extensions in request object
- */
-void SetSingleReqExts(void *object, CERTCertExtension **exts)
-{
-  ocspSingleRequest *singleRequest =
-    (ocspSingleRequest *)object;
-
-  singleRequest->singleRequestExtensions = exts;
-}
-
-/*
- * Add the Service Locator extension to the singleRequestExtensions
- * for the given singleRequest.
- *
- * All errors are internal or low-level problems (e.g. no memory).
- */
-static SECStatus
-ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
-				CERTCertificate *cert)
-{
-    ocspServiceLocator *serviceLocator = NULL;
-    void *extensionHandle = NULL;
-    SECStatus rv = SECFailure;
-
-    serviceLocator = PORT_ZNew(ocspServiceLocator);
-    if (serviceLocator == NULL)
-	goto loser;
-
-    /*
-     * Normally it would be a bad idea to do a direct reference like
-     * this rather than allocate and copy the name *or* at least dup
-     * a reference of the cert.  But all we need is to be able to read
-     * the issuer name during the encoding we are about to do, so a
-     * copy is just a waste of time.
-     */
-    serviceLocator->issuer = &cert->issuer;
-
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
-				&serviceLocator->locator);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
-	    goto loser;
-    }
-
-    /* prepare for following loser gotos */
-    rv = SECFailure;
-
-    extensionHandle = cert_StartExtensions(singleRequest,
-                       singleRequest->arena, SetSingleReqExts);
-    if (extensionHandle == NULL)
-	goto loser;
-
-    rv = CERT_EncodeAndAddExtension(extensionHandle,
-				    SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
-				    serviceLocator, PR_FALSE,
-				    ocsp_ServiceLocatorTemplate);
-
-loser:
-    if (extensionHandle != NULL) {
-	/*
-	 * Either way we have to finish out the extension context (so it gets
-	 * freed).  But careful not to override any already-set bad status.
-	 */
-	SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
-	if (rv == SECSuccess)
-	    rv = tmprv;
-    }
-
-    /*
-     * Finally, free the serviceLocator structure itself and we are done.
-     */
-    if (serviceLocator != NULL) {
-	if (serviceLocator->locator.data != NULL)
-	    SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
-	PORT_Free(serviceLocator);
-    }
-
-    return rv;
-}
-
-/*
- * Creates an array of ocspSingleRequest based on a list of certs.
- * Note that the code which later compares the request list with the
- * response expects this array to be in the exact same order as the
- * certs are found in the list.  It would be harder to change that
- * order than preserve it, but since the requirement is not obvious,
- * it deserves to be mentioned.
- *
- * Any problem causes a null return and error set:
- *	SEC_ERROR_UNKNOWN_ISSUER
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static ocspSingleRequest **
-ocsp_CreateSingleRequestList(PRArenaPool *arena, CERTCertList *certList,
-			     int64 time, PRBool includeLocator)
-{
-    ocspSingleRequest **requestList = NULL;
-    CERTCertListNode *node;
-    int i, count;
-    void *mark = PORT_ArenaMark(arena);
- 
-    node = CERT_LIST_HEAD(certList);
-    for (count = 0; !CERT_LIST_END(node, certList); count++) {
-	node = CERT_LIST_NEXT(node);
-    }
-
-    if (count == 0)
-	goto loser;
-
-    requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
-    if (requestList == NULL)
-	goto loser;
-
-    node = CERT_LIST_HEAD(certList);
-    for (i = 0; !CERT_LIST_END(node, certList); i++) {
-        requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
-	if (requestList[i] == NULL)
-	    goto loser;
-
-	requestList[i]->arena = arena;
-	requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
-	if (requestList[i]->reqCert == NULL)
-	    goto loser;
-
-	if (includeLocator == PR_TRUE) {
-	    SECStatus rv;
-
-	    rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
-	    if (rv != SECSuccess)
-		goto loser;
-	}
-
-	node = CERT_LIST_NEXT(node);
-    }
-
-    PORT_Assert(i == count);
-
-    PORT_ArenaUnmark(arena, mark);
-    requestList[i] = NULL;
-    return requestList;
-
-loser:
-    PORT_ArenaRelease(arena, mark);
-    return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_CreateOCSPRequest
- *   Creates a CERTOCSPRequest, requesting the status of the certs in 
- *   the given list.
- * INPUTS:
- *   CERTCertList *certList
- *     A list of certs for which status will be requested.
- *     Note that all of these certificates should have the same issuer,
- *     or it's expected the response will be signed by a trusted responder.
- *     If the certs need to be broken up into multiple requests, that
- *     must be handled by the caller (and thus by having multiple calls
- *     to this routine), who knows about where the request(s) are being
- *     sent and whether there are any trusted responders in place.
- *   int64 time
- *     Indicates the time for which the certificate status is to be 
- *     determined -- this may be used in the search for the cert's issuer
- *     but has no effect on the request itself.
- *   PRBool addServiceLocator
- *     If true, the Service Locator extension should be added to the
- *     single request(s) for each cert.
- *   CERTCertificate *signerCert
- *     If non-NULL, means sign the request using this cert.  Otherwise,
- *     do not sign.
- *     XXX note that request signing is not yet supported; see comment in code
- * RETURN:
- *   A pointer to a CERTOCSPRequest structure containing an OCSP request
- *   for the cert list.  On error, null is returned, with an error set
- *   indicating the reason.  This is likely SEC_ERROR_UNKNOWN_ISSUER.
- *   (The issuer is needed to create a request for the certificate.)
- *   Other errors are low-level problems (no memory, bad database, etc.).
- */
-CERTOCSPRequest *
-CERT_CreateOCSPRequest(CERTCertList *certList, int64 time, 
-		       PRBool addServiceLocator,
-		       CERTCertificate *signerCert)
-{
-    PRArenaPool *arena = NULL;
-    CERTOCSPRequest *request = NULL;
-    ocspTBSRequest *tbsRequest = NULL;
-
-    /*
-     * XXX This should set an error, but since it is only temporary and
-     * since PSM will not initially provide a way to turn on signing of
-     * requests anyway, I figure we can just skip defining an error that
-     * will be obsolete in the next release.  When we are prepared to
-     * put signing of requests back in, this entire check will go away,
-     * and later in this function we will need to allocate a signature
-     * structure for the request, fill in the "derCerts" field in it,
-     * save the signerCert there, as well as fill in the "requestorName"
-     * field of the tbsRequest.
-     */
-    if (signerCert != NULL) {
-	return NULL;
-    }
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-
-    request = PORT_ArenaZNew(arena, CERTOCSPRequest);
-    if (request == NULL) {
-	goto loser;
-    }
-    request->arena = arena;
-
-    tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
-    if (tbsRequest == NULL) {
-	goto loser;
-    }
-    request->tbsRequest = tbsRequest;
-
-    /* version 1 is the default, so we need not fill in a version number */
-
-    /*
-     * Now create the list of single requests, one for each cert.
-     */
-    tbsRequest->requestList = ocsp_CreateSingleRequestList(arena, certList,
-							   time,
-							   addServiceLocator);
-    if (tbsRequest->requestList == NULL) {
-	goto loser;
-    }
-    return request;
-
-loser:
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_AddOCSPAcceptableResponses
- *   Add the AcceptableResponses extension to an OCSP Request.
- * INPUTS:
- *   CERTOCSPRequest *request
- *     The request to which the extension should be added.
- *   ...
- *     A list (of one or more) of SECOidTag -- each of the response types
- *     to be added.  The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
- *     (This marks the end of the list, and it must be specified because a
- *     client conforming to the OCSP standard is required to handle the basic
- *     response type.)  The OIDs are not checked in any way.
- * RETURN:
- *   SECSuccess if the extension is added; SECFailure if anything goes wrong.
- *   All errors are internal or low-level problems (e.g. no memory).
- */
-
-void SetRequestExts(void *object, CERTCertExtension **exts)
-{
-  CERTOCSPRequest *request = (CERTOCSPRequest *)object;
-
-  request->tbsRequest->requestExtensions = exts;
-}
-
-SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...)
-{
-    void *extHandle;
-    va_list ap;
-    int i, count;
-    SECOidTag responseType;
-    SECOidData *responseOid;
-    SECItem **acceptableResponses = NULL;
-    SECStatus rv = SECFailure;
-
-    extHandle = request->tbsRequest->extensionHandle;
-    if (extHandle == NULL) {
-	extHandle = cert_StartExtensions(request, request->arena, SetRequestExts);
-	if (extHandle == NULL)
-	    goto loser;
-    }
-
-    /* Count number of OIDS going into the extension value. */
-    count = 0;
-    va_start(ap, request);
-    do {
-	count++;
-	responseType = va_arg(ap, SECOidTag);
-    } while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-    va_end(ap);
-
-    acceptableResponses = PORT_NewArray(SECItem *, count + 1);
-    if (acceptableResponses == NULL)
-	goto loser;
-
-    va_start(ap, request);
-    for (i = 0; i < count; i++) {
-	responseType = va_arg(ap, SECOidTag);
-	responseOid = SECOID_FindOIDByTag(responseType);
-	acceptableResponses[i] = &(responseOid->oid);
-    }
-    va_end(ap);
-    acceptableResponses[i] = NULL;
-
-    rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
-				    &acceptableResponses, PR_FALSE,
-				    SEC_SequenceOfObjectIDTemplate);
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_Free(acceptableResponses);
-    if (request->tbsRequest->extensionHandle == NULL)
-	request->tbsRequest->extensionHandle = extHandle;
-    return SECSuccess;
-
-loser:
-    if (acceptableResponses != NULL)
-	PORT_Free(acceptableResponses);
-    if (extHandle != NULL)
-	(void) CERT_FinishExtensions(extHandle);
-    return rv;
-}
-
-
-/*
- * FUNCTION: CERT_DestroyOCSPRequest
- *   Frees an OCSP Request structure.
- * INPUTS:
- *   CERTOCSPRequest *request
- *     Pointer to CERTOCSPRequest to be freed.
- * RETURN:
- *   No return value; no errors.
- */
-void
-CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
-{
-    if (request == NULL)
-	return;
-
-    if (request->tbsRequest != NULL) {
-	if (request->tbsRequest->requestorName != NULL)
-	    CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
-	if (request->tbsRequest->extensionHandle != NULL)
-	    (void) CERT_FinishExtensions(request->tbsRequest->extensionHandle);
-    }
-
-    if (request->optionalSignature != NULL) {
-	if (request->optionalSignature->cert != NULL)
-	    CERT_DestroyCertificate(request->optionalSignature->cert);
-
-	/*
-	 * XXX Need to free derCerts?  Or do they come out of arena?
-	 * (Currently we never fill in derCerts, which is why the
-	 * answer is not obvious.  Once we do, add any necessary code
-	 * here and remove this comment.)
-	 */
-    }
-
-    /*
-     * We should actually never have a request without an arena,
-     * but check just in case.  (If there isn't one, there is not
-     * much we can do about it...)
-     */
-    PORT_Assert(request->arena != NULL);
-    if (request->arena != NULL)
-	PORT_FreeArena(request->arena, PR_FALSE);
-}
-
-
-/*
- * RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
- */
-
-/*
- * Helper function for encoding or decoding a ResponderID -- based on the
- * given type, return the associated template for that choice.
- */
-static const SEC_ASN1Template *
-ocsp_ResponderIDTemplateByType(ocspResponderIDType responderIDType)
-{
-    const SEC_ASN1Template *responderIDTemplate;
-
-    switch (responderIDType) {
-	case ocspResponderID_byName:
-	    responderIDTemplate = ocsp_ResponderIDByNameTemplate;
-	    break;
-	case ocspResponderID_byKey:
-	    responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
-	    break;
-	case ocspResponderID_other:
-	default:
-	    PORT_Assert(responderIDType == ocspResponderID_other);
-	    responderIDTemplate = ocsp_ResponderIDOtherTemplate;
-	    break;
-    }
-
-    return responderIDTemplate;
-}
-
-/*
- * Helper function for encoding or decoding a CertStatus -- based on the
- * given type, return the associated template for that choice.
- */
-static const SEC_ASN1Template *
-ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
-{
-    const SEC_ASN1Template *certStatusTemplate;
-
-    switch (certStatusType) {
-	case ocspCertStatus_good:
-	    certStatusTemplate = ocsp_CertStatusGoodTemplate;
-	    break;
-	case ocspCertStatus_revoked:
-	    certStatusTemplate = ocsp_CertStatusRevokedTemplate;
-	    break;
-	case ocspCertStatus_unknown:
-	    certStatusTemplate = ocsp_CertStatusUnknownTemplate;
-	    break;
-	case ocspCertStatus_other:
-	default:
-	    PORT_Assert(certStatusType == ocspCertStatus_other);
-	    certStatusTemplate = ocsp_CertStatusOtherTemplate;
-	    break;
-    }
-
-    return certStatusTemplate;
-}
-
-/*
- * Helper function for decoding a certStatus -- turn the actual DER tag
- * into our local translation.
- */
-static ocspCertStatusType
-ocsp_CertStatusTypeByTag(int derTag)
-{
-    ocspCertStatusType certStatusType;
-
-    switch (derTag) {
-	case 0:
-	    certStatusType = ocspCertStatus_good;
-	    break;
-	case 1:
-	    certStatusType = ocspCertStatus_revoked;
-	    break;
-	case 2:
-	    certStatusType = ocspCertStatus_unknown;
-	    break;
-	default:
-	    certStatusType = ocspCertStatus_other;
-	    break;
-    }
-
-    return certStatusType;
-}
-
-/*
- * Helper function for decoding SingleResponses -- they each contain
- * a status which is encoded as CHOICE, which needs to be decoded "by hand".
- *
- * Note -- on error, this routine does not release the memory it may
- * have allocated; it expects its caller to do that.
- */
-static SECStatus
-ocsp_FinishDecodingSingleResponses(PRArenaPool *arena,
-				   CERTOCSPSingleResponse **responses)
-{
-    ocspCertStatus *certStatus;
-    ocspCertStatusType certStatusType;
-    const SEC_ASN1Template *certStatusTemplate;
-    int derTag;
-    int i;
-    SECStatus rv = SECFailure;
-
-    if (responses == NULL)			/* nothing to do */
-	return SECSuccess;
-
-    for (i = 0; responses[i] != NULL; i++) {
-	/*
-	 * The following assert points out internal errors (problems in
-	 * the template definitions or in the ASN.1 decoder itself, etc.).
-	 */
-	PORT_Assert(responses[i]->derCertStatus.data != NULL);
-
-	derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
-	certStatusType = ocsp_CertStatusTypeByTag(derTag);
-	certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
-
-	certStatus = PORT_ArenaZAlloc(arena, sizeof(ocspCertStatus));
-	if (certStatus == NULL) {
-	    goto loser;
-	}
-	rv = SEC_ASN1DecodeItem(arena, certStatus, certStatusTemplate,
-				&responses[i]->derCertStatus);
-	if (rv != SECSuccess) {
-	    if (PORT_GetError() == SEC_ERROR_BAD_DER)
-		PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
-	    goto loser;
-	}
-
-	certStatus->certStatusType = certStatusType;
-	responses[i]->certStatus = certStatus;
-    }
-
-    return SECSuccess;
-
-loser:
-    return rv;
-}
-
-/*
- * Helper function for decoding a responderID -- turn the actual DER tag
- * into our local translation.
- */
-static ocspResponderIDType
-ocsp_ResponderIDTypeByTag(int derTag)
-{
-    ocspResponderIDType responderIDType;
-
-    switch (derTag) {
-	case 1:
-	    responderIDType = ocspResponderID_byName;
-	    break;
-	case 2:
-	    responderIDType = ocspResponderID_byKey;
-	    break;
-	default:
-	    responderIDType = ocspResponderID_other;
-	    break;
-    }
-
-    return responderIDType;
-}
-
-/*
- * Decode "src" as a BasicOCSPResponse, returning the result.
- */
-static ocspBasicOCSPResponse *
-ocsp_DecodeBasicOCSPResponse(PRArenaPool *arena, SECItem *src)
-{
-    void *mark;
-    ocspBasicOCSPResponse *basicResponse;
-    ocspResponseData *responseData;
-    ocspResponderID *responderID;
-    ocspResponderIDType responderIDType;
-    const SEC_ASN1Template *responderIDTemplate;
-    int derTag;
-    SECStatus rv;
-
-    mark = PORT_ArenaMark(arena);
-
-    basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
-    if (basicResponse == NULL) {
-	goto loser;
-    }
-
-    rv = SEC_ASN1DecodeItem(arena, basicResponse,
-			    ocsp_BasicOCSPResponseTemplate, src);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_BAD_DER)
-	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
-	goto loser;
-    }
-
-    responseData = basicResponse->tbsResponseData;
-
-    /*
-     * The following asserts point out internal errors (problems in
-     * the template definitions or in the ASN.1 decoder itself, etc.).
-     */
-    PORT_Assert(responseData != NULL);
-    PORT_Assert(responseData->derResponderID.data != NULL);
-
-    /*
-     * XXX Because responderID is a CHOICE, which is not currently handled
-     * by our ASN.1 decoder, we have to decode it "by hand".
-     */
-    derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
-    responderIDType = ocsp_ResponderIDTypeByTag(derTag);
-    responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
-
-    responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
-    if (responderID == NULL) {
-	goto loser;
-    }
-    rv = SEC_ASN1DecodeItem(arena, responderID, responderIDTemplate,
-			    &responseData->derResponderID);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_BAD_DER)
-	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
-	goto loser;
-    }
-
-    responderID->responderIDType = responderIDType;
-    responseData->responderID = responderID;
-
-    /*
-     * XXX Each SingleResponse also contains a CHOICE, which has to be
-     * fixed up by hand.
-     */
-    rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(arena, mark);
-    return basicResponse;
-
-loser:
-    PORT_ArenaRelease(arena, mark);
-    return NULL;
-}
-
-
-/*
- * Decode the responseBytes based on the responseType found in "rbytes",
- * leaving the resulting translated/decoded information in there as well.
- */
-static SECStatus
-ocsp_DecodeResponseBytes(PRArenaPool *arena, ocspResponseBytes *rbytes)
-{
-    PORT_Assert(rbytes != NULL);		/* internal error, really */
-    if (rbytes == NULL)
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);	/* XXX set better error? */
-
-    rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
-    switch (rbytes->responseTypeTag) {
-	case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
-	    {
-		ocspBasicOCSPResponse *basicResponse;
-
-		basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
-							     &rbytes->response);
-		if (basicResponse == NULL)
-		    return SECFailure;
-
-		rbytes->decodedResponse.basic = basicResponse;
-	    }
-	    break;
-
-	/*
-	 * Add new/future response types here.
-	 */
-
-	default:
-	    PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
-	    return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DecodeOCSPResponse
- *   Decode a DER encoded OCSP Response.
- * INPUTS:
- *   SECItem *src
- *     Pointer to a SECItem holding DER encoded OCSP Response.
- * RETURN:
- *   Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
- *   the caller is responsible for destroying it.  Or NULL if error (either
- *   response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
- *   it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
- *   or a low-level or internal error occurred).
- */
-CERTOCSPResponse *
-CERT_DecodeOCSPResponse(SECItem *src)
-{
-    PRArenaPool *arena = NULL;
-    CERTOCSPResponse *response = NULL;
-    SECStatus rv = SECFailure;
-    ocspResponseStatus sv;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-    response = (CERTOCSPResponse *) PORT_ArenaZAlloc(arena,
-						     sizeof(CERTOCSPResponse));
-    if (response == NULL) {
-	goto loser;
-    }
-    response->arena = arena;
-
-    rv = SEC_ASN1DecodeItem(arena, response, ocsp_OCSPResponseTemplate, src);
-    if (rv != SECSuccess) {
-	if (PORT_GetError() == SEC_ERROR_BAD_DER)
-	    PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
-	goto loser;
-    }
-
-    sv = (ocspResponseStatus) DER_GetInteger(&response->responseStatus);
-    response->statusValue = sv;
-    if (sv != ocspResponse_successful) {
-	/*
-	 * If the response status is anything but successful, then we
-	 * are all done with decoding; the status is all there is.
-	 */
-	return response;
-    }
-
-    /*
-     * A successful response contains much more information, still encoded.
-     * Now we need to decode that.
-     */
-    rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    return response;
-
-loser:
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return NULL;
-}
-
-/*
- * The way an OCSPResponse is defined, there are many levels to descend
- * before getting to the actual response information.  And along the way
- * we need to check that the response *type* is recognizable, which for
- * now means that it is a BasicOCSPResponse, because that is the only
- * type currently defined.  Rather than force all routines to perform
- * a bunch of sanity checking every time they want to work on a response,
- * this function isolates that and gives back the interesting part.
- * Note that no copying is done, this just returns a pointer into the
- * substructure of the response which is passed in.
- *
- * XXX This routine only works when a valid response structure is passed
- * into it; this is checked with many assertions.  Assuming the response
- * was creating by decoding, it wouldn't make it this far without being
- * okay.  That is a sufficient assumption since the entire OCSP interface
- * is only used internally.  When this interface is officially exported,
- * each assertion below will need to be followed-up with setting an error
- * and returning (null).
- */
-static ocspResponseData *
-ocsp_GetResponseData(CERTOCSPResponse *response)
-{
-    ocspBasicOCSPResponse *basic;
-    ocspResponseData *responseData;
-
-    PORT_Assert(response != NULL);
-
-    PORT_Assert(response->responseBytes != NULL);
-
-    PORT_Assert(response->responseBytes->responseTypeTag
-		== SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-
-    basic = response->responseBytes->decodedResponse.basic;
-    PORT_Assert(basic != NULL);
-
-    responseData = basic->tbsResponseData;
-    PORT_Assert(responseData != NULL);
-
-    return responseData;
-}
-
-/*
- * Much like the routine above, except it returns the response signature.
- * Again, no copy is done.
- */
-static ocspSignature *
-ocsp_GetResponseSignature(CERTOCSPResponse *response)
-{
-    ocspBasicOCSPResponse *basic;
-
-    PORT_Assert(response != NULL);
-    if (NULL == response->responseBytes) {
-        return NULL;
-    }
-    PORT_Assert(response->responseBytes != NULL);
-    PORT_Assert(response->responseBytes->responseTypeTag
-		== SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-
-    basic = response->responseBytes->decodedResponse.basic;
-    PORT_Assert(basic != NULL);
-
-    return &(basic->responseSignature);
-}
-
-
-/*
- * FUNCTION: CERT_DestroyOCSPResponse
- *   Frees an OCSP Response structure.
- * INPUTS:
- *   CERTOCSPResponse *request
- *     Pointer to CERTOCSPResponse to be freed.
- * RETURN:
- *   No return value; no errors.
- */
-void
-CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
-{
-    if (response != NULL) {
-	ocspSignature *signature = ocsp_GetResponseSignature(response);
-	if (signature && signature->cert != NULL)
-	    CERT_DestroyCertificate(signature->cert);
-
-	/*
-	 * We should actually never have a response without an arena,
-	 * but check just in case.  (If there isn't one, there is not
-	 * much we can do about it...)
-	 */
-	PORT_Assert(response->arena != NULL);
-	if (response->arena != NULL) {
-	    PORT_FreeArena(response->arena, PR_FALSE);
-	}
-    }
-}
-
-
-/*
- * OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
- */
-
-
-/*
- * Pick apart a URL, saving the important things in the passed-in pointers.
- *
- * We expect to find "http://<hostname>[:<port>]/[path]", though we will
- * tolerate that final slash character missing, as well as beginning and
- * trailing whitespace, and any-case-characters for "http".  All of that
- * tolerance is what complicates this routine.  What we want is just to
- * pick out the hostname, the port, and the path.
- *
- * On a successful return, the caller will need to free the output pieces
- * of hostname and path, which are copies of the values found in the url.
- */
-static SECStatus
-ocsp_ParseURL(char *url, char **pHostname, PRUint16 *pPort, char **pPath)
-{
-    unsigned short port = 80;		/* default, in case not in url */
-    char *hostname = NULL;
-    char *path = NULL;
-    char *save;
-    char c;
-    int len;
-
-    if (url == NULL)
-	goto loser;
-
-    /*
-     * Skip beginning whitespace.
-     */
-    c = *url;
-    while ((c == ' ' || c == '\t') && c != '\0') {
-	url++;
-	c = *url;
-    }
-    if (c == '\0')
-	goto loser;
-
-    /*
-     * Confirm, then skip, protocol.  (Since we only know how to do http,
-     * that is all we will accept).
-     */
-    if (PORT_Strncasecmp(url, "http://", 7) != 0)
-	goto loser;
-    url += 7;
-
-    /*
-     * Whatever comes next is the hostname (or host IP address).  We just
-     * save it aside and then search for its end so we can determine its
-     * length and copy it.
-     *
-     * XXX Note that because we treat a ':' as a terminator character
-     * (and below, we expect that to mean there is a port specification
-     * immediately following), we will not handle IPv6 addresses.  That is
-     * apparently an acceptable limitation, for the time being.  Some day,
-     * when there is a clear way to specify a URL with an IPv6 address that
-     * can be parsed unambiguously, this code should be made to do that.
-     */
-    save = url;
-    c = *url;
-    while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
-	url++;
-	c = *url;
-    }
-    len = url - save;
-    hostname = PORT_Alloc(len + 1);
-    if (hostname == NULL)
-	goto loser;
-    PORT_Memcpy(hostname, save, len);
-    hostname[len] = '\0';
-
-    /*
-     * Now we figure out if there was a port specified or not.
-     * If so, we need to parse it (as a number) and skip it.
-     */
-    if (c == ':') {
-	url++;
-	port = (unsigned short) PORT_Atoi(url);
-	c = *url;
-	while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
-	    if (c < '0' || c > '9')
-		goto loser;
-	    url++;
-	    c = *url;
-	}
-    }
-
-    /*
-     * Last thing to find is a path.  There *should* be a slash,
-     * if nothing else -- but if there is not we provide one.
-     */
-    if (c == '/') {
-	save = url;
-	while (c != '\0' && c != ' ' && c != '\t') {
-	    url++;
-	    c = *url;
-	}
-	len = url - save;
-	path = PORT_Alloc(len + 1);
-	if (path == NULL)
-	    goto loser;
-	PORT_Memcpy(path, save, len);
-	path[len] = '\0';
-    } else {
-	path = PORT_Strdup("/");
-    }
-
-    *pHostname = hostname;
-    *pPort = port;
-    *pPath = path;
-    return SECSuccess;
-
-loser:
-    if (hostname != NULL)
-	PORT_Free(hostname);
-    if (path != NULL)
-	PORT_Free(path);
-    PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
-    return SECFailure;
-}
-
-/*
- * Open a socket to the specified host on the specified port, and return it.
- * The host is either a hostname or an IP address.
- */
-static PRFileDesc *
-ocsp_ConnectToHost(const char *host, PRUint16 port)
-{
-    PRFileDesc *sock = NULL;
-    PRIntervalTime timeout;
-    PRNetAddr addr;
-    char *netdbbuf = NULL;
-
-    sock = PR_NewTCPSocket();
-    if (sock == NULL)
-	goto loser;
-
-    /* XXX Some day need a way to set (and get?) the following value */
-    timeout = PR_SecondsToInterval(30);
-
-    /*
-     * If the following converts an IP address string in "dot notation"
-     * into a PRNetAddr.  If it fails, we assume that is because we do not
-     * have such an address, but instead a host *name*.  In that case we
-     * then lookup the host by name.  Using the NSPR function this way
-     * means we do not have to have our own logic for distinguishing a
-     * valid numerical IP address from a hostname.
-     */
-    if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
-	PRIntn hostIndex;
-	PRHostEnt hostEntry;
-
-	netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
-	if (netdbbuf == NULL)
-	    goto loser;
-
-	if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
-			     &hostEntry) != PR_SUCCESS)
-	    goto loser;
-
-	hostIndex = 0;
-	do {
-	    hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
-	    if (hostIndex < 0)
-		goto loser;
-	} while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS
-		 && hostIndex > 0);
-
-        if (hostIndex == 0)
-	    goto loser;
-
-	PORT_Free(netdbbuf);
-    } else {
-	/*
-	 * First put the port into the address, then connect.
-	 */
-	if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
-	    goto loser;
-	if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
-	    goto loser;
-    }
-
-    return sock;
-
-loser:
-    if (sock != NULL)
-	PR_Close(sock);
-    if (netdbbuf != NULL)
-	PORT_Free(netdbbuf);
-    return NULL;
-}
-
-/*
- * Sends an encoded OCSP request to the server identified by "location",
- * and returns the socket on which it was sent (so can listen for the reply).
- * "location" is expected to be a valid URL -- an error parsing it produces
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION.  Other errors are likely problems
- * connecting to it, or writing to it, or allocating memory, and the low-level
- * errors appropriate to the problem will be set.
- */
-static PRFileDesc *
-ocsp_SendEncodedRequest(char *location, SECItem *encodedRequest)
-{
-    char *hostname = NULL;
-    char *path = NULL;
-    PRUint16 port;
-    SECStatus rv;
-    PRFileDesc *sock = NULL;
-    PRFileDesc *returnSock = NULL;
-    char *header = NULL;
-
-    /*
-     * Take apart the location, getting the hostname, port, and path.
-     */
-    rv = ocsp_ParseURL(location, &hostname, &port, &path);
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_Assert(hostname != NULL);
-    PORT_Assert(path != NULL);
-
-    sock = ocsp_ConnectToHost(hostname, port);
-    if (sock == NULL)
-	goto loser;
-
-    header = PR_smprintf("POST %s HTTP/1.0\r\n"
-			 "Host: %s:%d\r\n"
-			 "Content-Type: application/ocsp-request\r\n"
-			 "Content-Length: %u\r\n\r\n",
-			 path, hostname, port, encodedRequest->len);
-    if (header == NULL)
-	goto loser;
-
-    /*
-     * The NSPR documentation promises that if it can, it will write the full
-     * amount; this will not return a partial value expecting us to loop.
-     */
-    if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
-	goto loser;
-
-    if (PR_Write(sock, encodedRequest->data,
-		 (PRInt32) encodedRequest->len) < 0)
-	goto loser;
-
-    returnSock = sock;
-    sock = NULL;
-
-loser:
-    if (header != NULL)
-	PORT_Free(header);
-    if (sock != NULL)
-	PR_Close(sock);
-    if (path != NULL)
-	PORT_Free(path);
-    if (hostname != NULL)
-	PORT_Free(hostname);
-
-    return returnSock;
-}
-
-/*
- * Read from "fd" into "buf" -- expect/attempt to read a given number of bytes
- * Obviously, stop if hit end-of-stream. Timeout is passed in.
- */
-
-static int
-ocsp_read(PRFileDesc *fd, char *buf, int toread, PRIntervalTime timeout)
-{
-    int total = 0;
-
-    while (total < toread)
-    {
-        PRInt32 got;
-
-        got = PR_Recv(fd, buf + total, (PRInt32) (toread - total), 0, timeout);
-        if (got < 0)
-        {
-            if (0 == total)
-            {
-                total = -1; /* report the error if we didn't read anything yet */
-            }
-            break;
-        }
-        else
-        if (got == 0)
-        {			/* EOS */
-            break;
-        }
-
-        total += got;
-    }
-
-    return total;
-}
-
-#define OCSP_BUFSIZE 1024
-
-#define AbortHttpDecode(error) \
-{ \
-        if (inBuffer) \
-            PORT_Free(inBuffer); \
-        PORT_SetError(error); \
-        return NULL; \
-}
-
-
-/*
- * Reads on the given socket and returns an encoded response when received.
- * Properly formatted HTTP/1.0 response headers are expected to be read
- * from the socket, preceding a binary-encoded OCSP response.  Problems
- * with parsing cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be
- * set; any other problems are likely low-level i/o or memory allocation
- * errors.
- */
-static SECItem *
-ocsp_GetEncodedResponse(PRArenaPool *arena, PRFileDesc *sock)
-{
-    /* first read HTTP status line and headers */
-
-    char* inBuffer = NULL;
-    PRInt32 offset = 0;
-    PRInt32 inBufsize = 0;
-    const PRInt32 bufSizeIncrement = OCSP_BUFSIZE; /* 1 KB at a time */
-    const PRInt32 maxBufSize = 8 * bufSizeIncrement ; /* 8 KB max */
-    const char* CRLF = "\r\n";
-    const PRInt32 CRLFlen = strlen(CRLF);
-    const char* headerEndMark = "\r\n\r\n";
-    const PRInt32 markLen = strlen(headerEndMark);
-    const PRIntervalTime ocsptimeout =
-        PR_SecondsToInterval(30); /* hardcoded to 30s for now */
-    char* headerEnd = NULL;
-    PRBool EOS = PR_FALSE;
-    const char* httpprotocol = "HTTP/";
-    const PRInt32 httplen = strlen(httpprotocol);
-    const char* httpcode = NULL;
-    const char* contenttype = NULL;
-    PRInt32 contentlength = 0;
-    PRInt32 bytesRead = 0;
-    char* statusLineEnd = NULL;
-    char* space = NULL;
-    char* nextHeader = NULL;
-    SECItem* result = NULL;
-
-    /* read up to at least the end of the HTTP headers */
-    do
-    {
-        inBufsize += bufSizeIncrement;
-        inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
-        if (NULL == inBuffer)
-        {
-            AbortHttpDecode(SEC_ERROR_NO_MEMORY);
-        }
-        bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
-            ocsptimeout);
-        if (bytesRead > 0)
-        {
-            PRInt32 searchOffset = (offset - markLen) >0 ? offset-markLen : 0;
-            offset += bytesRead;
-            *(inBuffer + offset) = '\0'; /* NULL termination */
-            headerEnd = strstr((const char*)inBuffer + searchOffset, headerEndMark);
-            if (bytesRead < bufSizeIncrement)
-            {
-                /* we read less data than requested, therefore we are at
-                   EOS or there was a read error */
-                EOS = PR_TRUE;
-            }
-        }
-        else
-        {
-            /* recv error or EOS */
-            EOS = PR_TRUE;
-        }
-    } while ( (!headerEnd) && (PR_FALSE == EOS) &&
-              (inBufsize < maxBufSize) );
-
-    if (!headerEnd)
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-
-    /* parse the HTTP status line  */
-    statusLineEnd = strstr((const char*)inBuffer, CRLF);
-    if (!statusLineEnd)
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-    *statusLineEnd = '\0';
-
-    /* check for HTTP/ response */
-    space = strchr((const char*)inBuffer, ' ');
-    if (!space || PORT_Strncasecmp((const char*)inBuffer, httpprotocol, httplen) != 0 )
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-
-    /* check the HTTP status code of 200 */
-    httpcode = space +1;
-    space = strchr(httpcode, ' ');
-    if (!space)
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-    *space = 0;
-    if (0 != strcmp(httpcode, "200"))
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-
-    /* parse the HTTP headers in the buffer . We only care about
-       content-type and content-length
-    */
-
-    nextHeader = statusLineEnd + CRLFlen;
-    *headerEnd = '\0'; /* terminate */
-    do
-    {
-        char* thisHeaderEnd = NULL;
-        char* value = NULL;
-        char* colon = strchr(nextHeader, ':');
-        
-        if (!colon)
-        {
-            AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-        }
-
-        *colon = '\0';
-        value = colon + 1;
-
-        /* jpierre - note : the following code will only handle the basic form
-           of HTTP/1.0 response headers, of the form "name: value" . Headers
-           split among multiple lines are not supported. This is not common
-           and should not be an issue, but it could become one in the
-           future */
-
-        if (*value != ' ')
-        {
-            AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-        }
-
-        value++;
-        thisHeaderEnd  = strstr(value, CRLF);
-        if (thisHeaderEnd )
-        {
-            *thisHeaderEnd  = '\0';
-        }
-
-        if (0 == PORT_Strcasecmp(nextHeader, "content-type"))
-        {
-            contenttype = value;
-        }
-        else
-        if (0 == PORT_Strcasecmp(nextHeader, "content-length"))
-        {
-            contentlength = atoi(value);
-        }
-
-        if (thisHeaderEnd )
-        {
-            nextHeader = thisHeaderEnd + CRLFlen;
-        }
-        else
-        {
-            nextHeader = NULL;
-        }
-
-    } while (nextHeader && (nextHeader < (headerEnd + CRLFlen) ) );
-
-    /* check content-type */
-    if (!contenttype ||
-        (0 != PORT_Strcasecmp(contenttype, "application/ocsp-response")) )
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-
-    /* read the body of the OCSP response */
-    offset = offset - (PRInt32) (headerEnd - (const char*)inBuffer) - markLen;
-    if (offset)
-    {
-        /* move all data to the beginning of the buffer */
-        PORT_Memmove(inBuffer, headerEnd + markLen, offset);
-    }
-
-    /* resize buffer to only what's needed to hold the current response */
-    inBufsize = (1 + (offset-1) / bufSizeIncrement ) * bufSizeIncrement ;
-
-    while ( (PR_FALSE == EOS) &&
-            ( (contentlength == 0) || (offset < contentlength) ) &&
-            (inBufsize < maxBufSize)
-            )
-    {
-        /* we still need to receive more body data */
-        inBufsize += bufSizeIncrement;
-        inBuffer = PORT_Realloc(inBuffer, inBufsize+1);
-        if (NULL == inBuffer)
-        {
-            AbortHttpDecode(SEC_ERROR_NO_MEMORY);
-        }
-        bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
-                              ocsptimeout);
-        if (bytesRead > 0)
-        {
-            offset += bytesRead;
-            if (bytesRead < bufSizeIncrement)
-            {
-                /* we read less data than requested, therefore we are at
-                   EOS or there was a read error */
-                EOS = PR_TRUE;
-            }
-        }
-        else
-        {
-            /* recv error or EOS */
-            EOS = PR_TRUE;
-        }
-    }
-
-    if (0 == offset)
-    {
-        AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
-    }
-
-    /*
-     * Now allocate the item to hold the data.
-     */
-    result = SECITEM_AllocItem(arena, NULL, offset);
-    if (NULL == result)
-    {
-        AbortHttpDecode(SEC_ERROR_NO_MEMORY);
-    }
-
-    /*
-     * And copy the data left in the buffer.
-    */
-    PORT_Memcpy(result->data, inBuffer, offset);
-
-    /* and free the temporary buffer */
-    PORT_Free(inBuffer);
-    return result;
-}
-
-
-/*
- * FUNCTION: CERT_GetEncodedOCSPResponse
- *   Creates and sends a request to an OCSP responder, then reads and
- *   returns the (encoded) response.
- * INPUTS:
- *   PRArenaPool *arena
- *     Pointer to arena from which return value will be allocated.
- *     If NULL, result will be allocated from the heap (and thus should
- *     be freed via SECITEM_FreeItem).
- *   CERTCertList *certList
- *     A list of certs for which status will be requested.
- *     Note that all of these certificates should have the same issuer,
- *     or it's expected the response will be signed by a trusted responder.
- *     If the certs need to be broken up into multiple requests, that
- *     must be handled by the caller (and thus by having multiple calls
- *     to this routine), who knows about where the request(s) are being
- *     sent and whether there are any trusted responders in place.
- *   char *location
- *     The location of the OCSP responder (a URL).
- *   int64 time
- *     Indicates the time for which the certificate status is to be 
- *     determined -- this may be used in the search for the cert's issuer
- *     but has no other bearing on the operation.
- *   PRBool addServiceLocator
- *     If true, the Service Locator extension should be added to the
- *     single request(s) for each cert.
- *   CERTCertificate *signerCert
- *     If non-NULL, means sign the request using this cert.  Otherwise,
- *     do not sign.
- *   void *pwArg
- *     Pointer to argument for password prompting, if needed.  (Definitely
- *     not needed if not signing.)
- * OUTPUTS:
- *   CERTOCSPRequest **pRequest
- *     Pointer in which to store the OCSP request created for the given
- *     list of certificates.  It is only filled in if the entire operation
- *     is successful and the pointer is not null -- and in that case the
- *     caller is then reponsible for destroying it.
- * RETURN:
- *   Returns a pointer to the SECItem holding the response.
- *   On error, returns null with error set describing the reason:
- *	SEC_ERROR_UNKNOWN_ISSUER
- *	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- *	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- *   Other errors are low-level problems (no memory, bad database, etc.).
- */
-SECItem *
-CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
-			    char *location, int64 time,
-			    PRBool addServiceLocator,
-			    CERTCertificate *signerCert, void *pwArg,
-			    CERTOCSPRequest **pRequest)
-{
-    CERTOCSPRequest *request = NULL;
-    SECItem *encodedRequest = NULL;
-    SECItem *encodedResponse = NULL;
-    PRFileDesc *sock = NULL;
-    SECStatus rv;
-
-    request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
-				     signerCert);
-    if (request == NULL)
-	goto loser;
-
-    rv = CERT_AddOCSPAcceptableResponses(request,
-					 SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-    if (rv != SECSuccess)
-	goto loser;
-
-    encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
-    if (encodedRequest == NULL)
-	goto loser;
-
-    sock = ocsp_SendEncodedRequest(location, encodedRequest);
-    if (sock == NULL)
-	goto loser;
-
-    encodedResponse = ocsp_GetEncodedResponse(arena, sock);
-    if (encodedResponse != NULL && pRequest != NULL) {
-	*pRequest = request;
-	request = NULL;			/* avoid destroying below */
-    }
-
-loser:
-    if (request != NULL)
-	CERT_DestroyOCSPRequest(request);
-    if (encodedRequest != NULL)
-	SECITEM_FreeItem(encodedRequest, PR_TRUE);
-    if (sock != NULL)
-	PR_Close(sock);
-
-    return encodedResponse;
-}
-
-
-/* Checks a certificate for the key usage extension of OCSP signer. */
-static PRBool
-ocsp_CertIsOCSPSigner(CERTCertificate *cert)
-{
-    SECStatus rv;
-    SECItem extItem;
-    SECItem **oids;
-    SECItem *oid;
-    SECOidTag oidTag;
-    PRBool retval;
-    CERTOidSequence *oidSeq = NULL;
-
-
-    extItem.data = NULL;
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    oidSeq = CERT_DecodeOidSequence(&extItem);
-    if ( oidSeq == NULL ) {
-	goto loser;
-    }
-
-    oids = oidSeq->oids;
-    while ( *oids != NULL ) {
-	oid = *oids;
-	
-	oidTag = SECOID_FindOIDTag(oid);
-	
-	if ( oidTag == SEC_OID_OCSP_RESPONDER ) {
-	    goto success;
-	}
-	
-	oids++;
-    }
-
-loser:
-    retval = PR_FALSE;
-    goto done;
-success:
-    retval = PR_TRUE;
-done:
-    if ( extItem.data != NULL ) {
-	PORT_Free(extItem.data);
-    }
-    if ( oidSeq != NULL ) {
-	CERT_DestroyOidSequence(oidSeq);
-    }
-    
-    return(retval);
-}
-
-
-#ifdef LATER	/*
-		 * XXX This function is not currently used, but will
-		 * be needed later when we do revocation checking of
-		 * the responder certificate.  Of course, it may need
-		 * revising then, if the cert extension interface has
-		 * changed.  (Hopefully it will!)
-		 */
-
-/* Checks a certificate to see if it has the OCSP no check extension. */
-static PRBool
-ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
-{
-    SECStatus rv;
-    SECItem extItem;
-    
-    extItem.data = NULL;
-    rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK, 
-				&extItem);
-    if (extItem.data != NULL) {
-	PORT_Free(extItem.data);
-    }
-    if (rv == SECSuccess) {
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-#endif	/* LATER */
-
-static PRBool
-ocsp_matchcert(SECItem *certIndex,CERTCertificate *testCert)
-{
-    SECItem item;
-    unsigned char buf[SHA1_LENGTH]; /* MAX Hash Len */
-
-    item.data = buf;
-    item.len = SHA1_LENGTH;
-
-    if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_SHA1, &item) == NULL) {
-	return PR_FALSE;
-    }
-    if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
-	return PR_TRUE;
-    }
-    if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_MD5, &item) == NULL) {
-	return PR_FALSE;
-    }
-    if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
-	return PR_TRUE;
-    }
-    if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_MD2, &item) == NULL) {
-	return PR_FALSE;
-    }
-    if  (SECITEM_ItemsAreEqual(certIndex,&item)) {
-	return PR_TRUE;
-    }
-
-    return PR_FALSE;
-}
-
-static CERTCertificate *
-ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID);
-
-/*
- * Check the signature on some OCSP data.  This is a helper function that
- * can be used to check either a request or a response.  The result is
- * saved in the signature structure itself for future reference (to avoid
- * repeating the expensive verification operation), as well as returned.
- * In addition to checking the signature, the certificate (and its chain)
- * are also checked for validity (at the specified time) and usage.
- *
- * The type of cert lookup to be performed is specified by "lookupByName":
- * if true, then "certIndex" is actually a CERTName; otherwise it is a
- * SECItem which contains a key hash.
- *
- * If the signature verifies okay, and the argument "pSignerCert" is not
- * null, that parameter will be filled-in with a pointer to the signer's
- * certificate.  The caller is then responsible for destroying the cert.
- *
- * A return of SECSuccess means the verification succeeded.  If not,
- * an error will be set with the reason.  Most likely are:
- *	SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- *	SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-static SECStatus
-ocsp_CheckSignature(ocspSignature *signature, void *tbs,
-		    const SEC_ASN1Template *encodeTemplate,
-		    CERTCertDBHandle *handle, SECCertUsage certUsage,
-		    int64 checkTime, PRBool lookupByName, void *certIndex,
-		    void *pwArg, CERTCertificate **pSignerCert,
-		    CERTCertificate *issuer)
-{
-    SECItem rawSignature;
-    SECItem *encodedTBS = NULL;
-    CERTCertificate *responder = NULL;
-    CERTCertificate *signerCert = NULL;
-    SECKEYPublicKey *signerKey = NULL;
-    CERTCertificate **certs = NULL;
-    SECStatus rv = SECFailure;
-    int certCount;
-    int i;
-
-    /*
-     * If this signature has already gone through verification, just
-     * return the cached result.
-     */
-    if (signature->wasChecked) {
-	if (signature->status == SECSuccess) {
-	    if (pSignerCert != NULL)
-		*pSignerCert = CERT_DupCertificate(signature->cert);
-	} else {
-	    PORT_SetError(signature->failureReason);
-	}
-	return signature->status;
-    }
-
-    /*
-     * If the signature contains some certificates as well, temporarily
-     * import them in case they are needed for verification.
-     *
-     * Note that the result of this is that each cert in "certs" needs
-     * to be destroyed.
-     */
-    certCount = 0;
-    if (signature->derCerts != NULL) {
-	for (; signature->derCerts[certCount] != NULL; certCount++) {
-	    /* just counting */
-	    /*IMPORT CERT TO SPKI TABLE */
-	}
-    }
-    rv = CERT_ImportCerts(handle, certUsage, certCount,
-			  signature->derCerts, &certs,
-			  PR_FALSE, PR_FALSE, NULL);
-    if (rv != SECSuccess)
-	goto finish;
-
-    /*
-     * Now look up the certificate that did the signing.
-     * The signer can be specified either by name or by key hash.
-     */
-    if (lookupByName) {
-	SECItem *encodedName;
-
-	encodedName = SEC_ASN1EncodeItem(NULL, NULL, certIndex,
-					 CERT_NameTemplate);
-	if (encodedName == NULL)
-	    goto finish;
-
-	signerCert = CERT_FindCertByName(handle, encodedName);
-	SECITEM_FreeItem(encodedName, PR_TRUE);
-    } else {
-	/*
-	 * The signer is either 1) a known issuer CA we passed in,
-	 * 2) the default OCSP responder, or 3) and intermediate CA
-	 * passed in the cert list to use. Figure out which it is.
-	 */
-	responder = ocsp_CertGetDefaultResponder(handle,NULL);
-	if (responder && ocsp_matchcert(certIndex,responder)) {
-	    signerCert = CERT_DupCertificate(responder);
-	} else if (issuer && ocsp_matchcert(certIndex,issuer)) {
-	    signerCert = CERT_DupCertificate(issuer);
-	} 
-	for (i=0; (signerCert == NULL) && (i < certCount); i++) {
-	    if (ocsp_matchcert(certIndex,certs[i])) {
-		signerCert = CERT_DupCertificate(certs[i]);
-	    }
-	}
-    }
-
-    if (signerCert == NULL) {
-	rv = SECFailure;
-	if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
-	    /* Make the error a little more specific. */
-	    PORT_SetError(SEC_ERROR_UNKNOWN_SIGNER);
-	}
-	goto finish;
-    }
-
-    /*
-     * We could mark this true at the top of this function, or always
-     * below at "finish", but if the problem was just that we could not
-     * find the signer's cert, leave that as if the signature hasn't
-     * been checked in case a subsequent call might have better luck.
-     */
-    signature->wasChecked = PR_TRUE;
-
-    /*
-     * Just because we have a cert does not mean it is any good; check
-     * it for validity, trust and usage.
-     */
-    rv = CERT_VerifyCert(handle, signerCert, PR_TRUE, certUsage, checkTime,
-			 pwArg, NULL);
-    if (rv != SECSuccess)
-	goto finish;
-
-    /*
-     * Now get the public key from the signer's certificate; we need
-     * it to perform the verification.
-     */
-    signerKey = CERT_ExtractPublicKey(signerCert);
-    if (signerKey == NULL)
-	goto finish;
-
-    /*
-     * Prepare the data to be verified; it needs to be DER encoded first.
-     */
-    encodedTBS = SEC_ASN1EncodeItem(NULL, NULL, tbs, encodeTemplate);
-    if (encodedTBS == NULL)
-	goto finish;
-
-    /*
-     * We copy the signature data *pointer* and length, so that we can
-     * modify the length without damaging the original copy.  This is a
-     * simple copy, not a dup, so no destroy/free is necessary.
-     */
-    rawSignature = signature->signature;
-    /*
-     * The raw signature is a bit string, but we need to represent its
-     * length in bytes, because that is what the verify function expects.
-     */
-    DER_ConvertBitString(&rawSignature);
-
-    rv = VFY_VerifyData(encodedTBS->data, encodedTBS->len, signerKey,
-			&rawSignature,
-			SECOID_GetAlgorithmTag(&signature->signatureAlgorithm),
-			pwArg);
-
-finish:
-    if (signature->wasChecked)
-	signature->status = rv;
-
-    if (rv != SECSuccess) {
-	signature->failureReason = PORT_GetError();
-	if (signerCert != NULL)
-	    CERT_DestroyCertificate(signerCert);
-    } else {
-	/*
-	 * Save signer's certificate in signature.
-	 */
-	signature->cert = signerCert;
-	if (pSignerCert != NULL) {
-	    /*
-	     * Pass pointer to signer's certificate back to our caller,
-	     * who is also now responsible for destroying it.
-	     */
-	    *pSignerCert = CERT_DupCertificate(signerCert);
-	}
-    }
-
-    if (encodedTBS != NULL)
-	SECITEM_FreeItem(encodedTBS, PR_TRUE);
-
-    if (signerKey != NULL)
-	SECKEY_DestroyPublicKey(signerKey);
-
-    if (certs != NULL)
-	CERT_DestroyCertArray(certs, certCount);
-	/* Free CERTS from SPKDigest Table */
-
-    return rv;
-}
-
-
-/*
- * FUNCTION: CERT_VerifyOCSPResponseSignature
- *   Check the signature on an OCSP Response.  Will also perform a
- *   verification of the signer's certificate.  Note, however, that a
- *   successful verification does not make any statement about the
- *   signer's *authority* to provide status for the certificate(s),
- *   that must be checked individually for each certificate.
- * INPUTS:
- *   CERTOCSPResponse *response
- *     Pointer to response structure with signature to be checked.
- *   CERTCertDBHandle *handle
- *     Pointer to CERTCertDBHandle for certificate DB to use for verification.
- *   void *pwArg
- *     Pointer to argument for password prompting, if needed.
- * OUTPUTS:
- *   CERTCertificate **pSignerCert
- *     Pointer in which to store signer's certificate; only filled-in if
- *     non-null.
- * RETURN:
- *   Returns SECSuccess when signature is valid, anything else means invalid.
- *   Possible errors set:
- *	SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
- *	SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
- *	SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- *	SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- *   Other errors are any of the many possible failures in cert verification
- *   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- *   verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-SECStatus
-CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,	
-				 CERTCertDBHandle *handle, void *pwArg,
-				 CERTCertificate **pSignerCert,
-				 CERTCertificate *issuer)
-{
-    ocspResponseData *tbsData;		/* this is what is signed */
-    PRBool byName;
-    void *certIndex;
-    int64 producedAt;
-    SECStatus rv;
-
-    tbsData = ocsp_GetResponseData(response);
-
-    PORT_Assert(tbsData->responderID != NULL);
-    switch (tbsData->responderID->responderIDType) {
-      case ocspResponderID_byName:
-	byName = PR_TRUE;
-	certIndex = &tbsData->responderID->responderIDValue.name;
-	break;
-      case ocspResponderID_byKey:
-	byName = PR_FALSE;
-	certIndex = &tbsData->responderID->responderIDValue.keyHash;
-	break;
-      case ocspResponderID_other:
-      default:
-	PORT_Assert(0);
-	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
-	return SECFailure;
-    }
-
-    /*
-     * ocsp_CheckSignature will also verify the signer certificate; we
-     * need to tell it *when* that certificate must be valid -- for our
-     * purposes we expect it to be valid when the response was signed.
-     * The value of "producedAt" is the signing time.
-     */
-    rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
-    if (rv != SECSuccess)
-	return rv;
-
-    return ocsp_CheckSignature(ocsp_GetResponseSignature(response),
-			       tbsData, ocsp_ResponseDataTemplate,
-			       handle, certUsageStatusResponder, producedAt,
-			       byName, certIndex, pwArg, pSignerCert, issuer);
-}
-
-/*
- * See if two certIDs match.  This can be easy or difficult, depending
- * on whether the same hash algorithm was used.
- */
-static PRBool
-ocsp_CertIDsMatch(CERTCertDBHandle *handle,
-		  CERTOCSPCertID *certID1, CERTOCSPCertID *certID2)
-{
-    PRBool match = PR_FALSE;
-    SECItem *foundHash = NULL;
-    SECOidTag hashAlg;
-    SECItem *keyHash = NULL;
-    SECItem *nameHash = NULL;
-
-    /*
-     * In order to match, they must have the same issuer and the same
-     * serial number.
-     *
-     * We just compare the easier things first.
-     */
-    if (SECITEM_CompareItem(&certID1->serialNumber,
-			    &certID2->serialNumber) != SECEqual) {
-	goto done;
-    }
-
-    if (SECOID_CompareAlgorithmID(&certID1->hashAlgorithm,
-				  &certID2->hashAlgorithm) == SECEqual) {
-	/*
-	 * If the hash algorithms match then we can do a simple compare
-	 * of the hash values themselves.
-	 */
-	if ((SECITEM_CompareItem(&certID1->issuerNameHash,
-				 &certID2->issuerNameHash) == SECEqual)
-	    && (SECITEM_CompareItem(&certID1->issuerKeyHash,
-				    &certID2->issuerKeyHash) == SECEqual)) {
-	    match = PR_TRUE;
-	}
-	goto done;
-    }
-
-    hashAlg = SECOID_FindOIDTag(&certID2->hashAlgorithm.algorithm);
-    switch (hashAlg) {
-    case SEC_OID_SHA1:
-	keyHash = &certID1->issuerSHA1KeyHash;
-	nameHash = &certID1->issuerSHA1NameHash;
-	break;
-    case SEC_OID_MD5:
-	keyHash = &certID1->issuerMD5KeyHash;
-	nameHash = &certID1->issuerMD5NameHash;
-	break;
-    case SEC_OID_MD2:
-	keyHash = &certID1->issuerMD2KeyHash;
-	nameHash = &certID1->issuerMD2NameHash;
-	break;
-    default:
-	foundHash = NULL;
-	break;
-    }
-
-    if (foundHash == NULL) {
-	goto done;
-    }
-    PORT_Assert(keyHash && nameHash);
-
-    if ((SECITEM_CompareItem(nameHash, &certID2->issuerNameHash) == SECEqual)
-      && (SECITEM_CompareItem(keyHash, &certID2->issuerKeyHash) == SECEqual)) {
-	match = PR_TRUE;
-    }
-
-done:
-    return match;
-}
-
-/*
- * Find the single response for the cert specified by certID.
- * No copying is done; this just returns a pointer to the appropriate
- * response within responses, if it is found (and null otherwise).
- * This is fine, of course, since this function is internal-use only.
- */
-static CERTOCSPSingleResponse *
-ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
-				CERTCertDBHandle *handle,
-				CERTOCSPCertID *certID)
-{
-    CERTOCSPSingleResponse *single;
-    int i;
-
-    if (responses == NULL)
-	return NULL;
-
-    for (i = 0; responses[i] != NULL; i++) {
-	single = responses[i];
-	if (ocsp_CertIDsMatch(handle, certID, single->certID) == PR_TRUE) {
-	    return single;
-	}
-    }
-
-    /*
-     * The OCSP server should have included a response even if it knew
-     * nothing about the certificate in question.  Since it did not,
-     * this will make it look as if it had.
-     * 
-     * XXX Should we make this a separate error to notice the server's
-     * bad behavior?
-     */
-    PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
-    return NULL;
-}
-
-static ocspCheckingContext *
-ocsp_GetCheckingContext(CERTCertDBHandle *handle)
-{
-    CERTStatusConfig *statusConfig;
-    ocspCheckingContext *ocspcx = NULL;
-
-    statusConfig = CERT_GetStatusConfig(handle);
-    if (statusConfig != NULL) {
-	ocspcx = statusConfig->statusContext;
-
-	/*
-	 * This is actually an internal error, because we should never
-	 * have a good statusConfig without a good statusContext, too.
-	 * For lack of anything better, though, we just assert and use
-	 * the same error as if there were no statusConfig (set below).
-	 */
-	PORT_Assert(ocspcx != NULL);
-    }
-
-    if (ocspcx == NULL)
-	PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
-
-    return ocspcx;
-}
-/*
- * Return true if the given signerCert is the default responder for
- * the given certID.  If not, or if any error, return false.
- */
-static CERTCertificate *
-ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID)
-{
-    ocspCheckingContext *ocspcx;
-
-    ocspcx = ocsp_GetCheckingContext(handle);
-    if (ocspcx == NULL)
-	goto loser;
-
-   /*
-    * Right now we have only one default responder.  It applies to
-    * all certs when it is used, so the check is simple and certID
-    * has no bearing on the answer.  Someday in the future we may
-    * allow configuration of different responders for different
-    * issuers, and then we would have to use the issuer specified
-    * in certID to determine if signerCert is the right one.
-    */
-    if (ocspcx->useDefaultResponder) {
-	PORT_Assert(ocspcx->defaultResponderCert != NULL);
-	return ocspcx->defaultResponderCert;
-    }
-
-loser:
-    return NULL;
-}
-
-/*
- * Return true if the given signerCert is the default responder for
- * the given certID.  If not, or if any error, return false.
- */
-static PRBool
-ocsp_CertIsDefaultResponderForCertID(CERTCertDBHandle *handle,
-				     CERTCertificate *signerCert,
-				     CERTOCSPCertID *certID)
-{
-    CERTCertificate *defaultResponderCert;
-
-    defaultResponderCert = ocsp_CertGetDefaultResponder(handle, certID);
-    return (PRBool) (defaultResponderCert == signerCert);
-}
-
-/*
- * Check that the given signer certificate is authorized to sign status
- * information for the given certID.  Return true if it is, false if not
- * (or if there is any error along the way).  If false is returned because
- * the signer is not authorized, the following error will be set:
- *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- *
- * There are three ways to be authorized.  In the order in which we check,
- * using the terms used in the OCSP spec, the signer must be one of:
- *  1.  A "trusted responder" -- it matches a local configuration
- *      of OCSP signing authority for the certificate in question.
- *  2.  The CA who issued the certificate in question.
- *  3.  A "CA designated responder", aka an "authorized responder" -- it
- *      must be represented by a special cert issued by the CA who issued
- *      the certificate in question.
- */
-static PRBool
-ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
-				  CERTCertificate *signerCert,
-				  CERTOCSPCertID *certID,
-				  int64 thisUpdate)
-{
-    CERTCertificate *issuerCert = NULL;
-    SECItem *issuerKeyHash = NULL;
-    SECOidTag hashAlg;
-    PRBool okay = PR_FALSE;
-
-    /*
-     * Check first for a trusted responder, which overrides everything else.
-     */
-    if (ocsp_CertIsDefaultResponderForCertID(handle, signerCert, certID))
-	return PR_TRUE;
-
-    /*
-     * In the other two cases, we need to do an issuer comparison.
-     * How we do it depends on whether the signer certificate has the
-     * special extension (for a designated responder) or not.
-     */
-
-    if (ocsp_CertIsOCSPSigner(signerCert)) {
-	/*
-	 * The signer is a designated responder.  Its issuer must match
-	 * the issuer of the cert being checked.
-	 */
-	issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
-					 certUsageAnyCA);
-	if (issuerCert == NULL) {
-	    /*
-	     * We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
-	     * but the following will give slightly more information.
-	     * Once we have an error stack, things will be much better.
-	     */
-	    PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
-	    goto loser;
-	}
-    } else {
-	/*
-	 * The signer must *be* the issuer of the cert being checked.
-	 */
-	issuerCert = signerCert;
-    }
-
-    hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
-    issuerKeyHash = CERT_SPKDigestValueForCert(NULL, issuerCert, hashAlg, NULL);
-    if (issuerKeyHash == NULL)
-	goto loser;
-
-    if (SECITEM_CompareItem(issuerKeyHash,
-			    &certID->issuerKeyHash) != SECEqual) {
-	PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
-	goto loser;
-    }
-
-    okay = PR_TRUE;
-
-loser:
-    if (issuerKeyHash != NULL)
-	SECITEM_FreeItem(issuerKeyHash, PR_TRUE);
-
-    if (issuerCert != NULL && issuerCert != signerCert)
-	CERT_DestroyCertificate(issuerCert);
-
-    return okay;
-}
-
-/*
- * We need to check that a responder gives us "recent" information.
- * Since a responder can pre-package responses, we need to pick an amount
- * of time that is acceptable to us, and reject any response that is
- * older than that.
- *
- * XXX This *should* be based on some configuration parameter, so that
- * different usages could specify exactly what constitutes "sufficiently
- * recent".  But that is not going to happen right away.  For now, we
- * want something from within the last 24 hours.  This macro defines that
- * number in seconds.
- */
-#define OCSP_ALLOWABLE_LAPSE_SECONDS	(24L * 60L * 60L)
-
-static PRBool
-ocsp_TimeIsRecent(int64 checkTime)
-{
-    int64 now = PR_Now();
-    int64 lapse, tmp;
-
-    LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
-    LL_I2L(tmp, PR_USEC_PER_SEC);
-    LL_MUL(lapse, lapse, tmp);		/* allowable lapse in microseconds */
-
-    LL_ADD(checkTime, checkTime, lapse);
-    if (LL_CMP(now, >, checkTime))
-	return PR_FALSE;
-
-    return PR_TRUE;
-}
-
-/*
- * Check that this single response is okay.  A return of SECSuccess means:
- *   1. The signer (represented by "signerCert") is authorized to give status
- *	for the cert represented by the individual response in "single".
- *   2. The value of thisUpdate is earlier than now.
- *   3. The value of producedAt is later than or the same as thisUpdate.
- *   4. If nextUpdate is given:
- *	- The value of nextUpdate is later than now.
- *	- The value of producedAt is earlier than nextUpdate.
- *	Else if no nextUpdate:
- *	- The value of thisUpdate is fairly recent.
- *	- The value of producedAt is fairly recent.
- *	However we do not need to perform an explicit check for this last
- *	constraint because it is already guaranteed by checking that
- *	producedAt is later than thisUpdate and thisUpdate is recent.
- * Oh, and any responder is "authorized" to say that a cert is unknown to it.
- *
- * If any of those checks fail, SECFailure is returned and an error is set:
- *	SEC_ERROR_OCSP_FUTURE_RESPONSE
- *	SEC_ERROR_OCSP_OLD_RESPONSE
- *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */ 
-static SECStatus
-ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
-			  CERTCertDBHandle *handle,
-			  CERTCertificate *signerCert,
-			  int64 producedAt)
-{
-    CERTOCSPCertID *certID = single->certID;
-    int64 now, thisUpdate, nextUpdate;
-    SECStatus rv;
-
-    /*
-     * If all the responder said was that the given cert was unknown to it,
-     * that is a valid response.  Not very interesting to us, of course,
-     * but all this function is concerned with is validity of the response,
-     * not the status of the cert.
-     */
-    PORT_Assert(single->certStatus != NULL);
-    if (single->certStatus->certStatusType == ocspCertStatus_unknown)
-	return SECSuccess;
-
-    /*
-     * We need to extract "thisUpdate" for use below and to pass along
-     * to AuthorizedResponderForCertID in case it needs it for doing an
-     * issuer look-up.
-     */
-    rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
-    if (rv != SECSuccess)
-	return rv;
-
-    /*
-     * First confirm that signerCert is authorized to give this status.
-     */
-    if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
-					  thisUpdate) != PR_TRUE)
-	return SECFailure;
-
-    /*
-     * Now check the time stuff, as described above.
-     */
-    now = PR_Now();
-    if (LL_CMP(thisUpdate, >, now) || LL_CMP(producedAt, <, thisUpdate)) {
-	PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
-	return SECFailure;
-    }
-    if (single->nextUpdate != NULL) {
-	rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
-	if (rv != SECSuccess)
-	    return rv;
-
-	if (LL_CMP(nextUpdate, <, now) || LL_CMP(producedAt, >, nextUpdate)) {
-	    PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
-	    return SECFailure;
-	}
-    } else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
-	PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
- *   Get the value of the URI of the OCSP responder for the given cert.
- *   This is found in the (optional) Authority Information Access extension
- *   in the cert.
- * INPUTS:
- *   CERTCertificate *cert
- *     The certificate being examined.
- * RETURN:
- *   char *
- *     A copy of the URI for the OCSP method, if found.  If either the
- *     extension is not present or it does not contain an entry for OCSP,
- *     SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
- *     Any other error will also result in a NULL being returned.
- *     
- *     This result should be freed (via PORT_Free) when no longer in use.
- */
-char *
-CERT_GetOCSPAuthorityInfoAccessLocation(CERTCertificate *cert)
-{
-    CERTGeneralName *locname = NULL;
-    SECItem *location = NULL;
-    SECItem *encodedAuthInfoAccess = NULL;
-    CERTAuthInfoAccess **authInfoAccess = NULL;
-    char *locURI = NULL;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    int i;
-
-    /*
-     * Allocate this one from the heap because it will get filled in
-     * by CERT_FindCertExtension which will also allocate from the heap,
-     * and we can free the entire thing on our way out.
-     */
-    encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
-    if (encodedAuthInfoAccess == NULL)
-	goto loser;
-
-    rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
-				encodedAuthInfoAccess);
-    if (rv == SECFailure)
-	goto loser;
-
-    /*
-     * The rest of the things allocated in the routine will come out of
-     * this arena, which is temporary just for us to decode and get at the
-     * AIA extension.  The whole thing will be destroyed on our way out,
-     * after we have copied the location string (url) itself (if found).
-     */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	goto loser;
-
-    authInfoAccess = cert_DecodeAuthInfoAccessExtension(arena,
-							encodedAuthInfoAccess);
-    if (authInfoAccess == NULL)
-	goto loser;
-
-    for (i = 0; authInfoAccess[i] != NULL; i++) {
-	if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
-	    locname = authInfoAccess[i]->location;
-    }
-
-    /*
-     * If we found an AIA extension, but it did not include an OCSP method,
-     * that should look to our caller as if we did not find the extension
-     * at all, because it is only an OCSP method that we care about.
-     * So set the same error that would be set if the AIA extension was
-     * not there at all.
-     */
-    if (locname == NULL) {
-	PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
-	goto loser;
-    }
-
-    /*
-     * The following is just a pointer back into locname (i.e. not a copy);
-     * thus it should not be freed.
-     */
-    location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
-    if (location == NULL) {
-	/*
-	 * XXX Appears that CERT_GetGeneralNameByType does not set an
-	 * error if there is no name by that type.  For lack of anything
-	 * better, act as if the extension was not found.  In the future
-	 * this should probably be something more like the extension was
-	 * badly formed.
-	 */
-	PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
-	goto loser;
-    }
-
-    /*
-     * That location is really a string, but it has a specified length
-     * without a null-terminator.  We need a real string that does have
-     * a null-terminator, and we need a copy of it anyway to return to
-     * our caller -- so allocate and copy.
-     */
-    locURI = PORT_Alloc(location->len + 1);
-    if (locURI == NULL) {
-	goto loser;
-    }
-    PORT_Memcpy(locURI, location->data, location->len);
-    locURI[location->len] = '\0';
-
-loser:
-    if (arena != NULL)
-	PORT_FreeArena(arena, PR_FALSE);
-
-    if (encodedAuthInfoAccess != NULL)
-	SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
-
-    return locURI;
-}
-
-
-/*
- * Figure out where we should go to find out the status of the given cert
- * via OCSP.  If a default responder is set up, that is our answer.
- * If not, see if the certificate has an Authority Information Access (AIA)
- * extension for OCSP, and return the value of that.  Otherwise return NULL.
- * We also let our caller know whether or not the responder chosen was
- * a default responder or not through the output variable isDefault;
- * its value has no meaning unless a good (non-null) value is returned
- * for the location.
- *
- * The result needs to be freed (PORT_Free) when no longer in use.
- */
-static char *
-ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
-			  PRBool *isDefault)
-{
-    ocspCheckingContext *ocspcx;
-
-    ocspcx = ocsp_GetCheckingContext(handle);
-    if (ocspcx != NULL && ocspcx->useDefaultResponder) {
-	/*
-	 * A default responder wins out, if specified.
-	 * XXX Someday this may be a more complicated determination based
-	 * on the cert's issuer.  (That is, we could have different default
-	 * responders configured for different issuers.)
-	 */
-	PORT_Assert(ocspcx->defaultResponderURI != NULL);
-	*isDefault = PR_TRUE;
-	return (PORT_Strdup(ocspcx->defaultResponderURI));
-    }
-
-    /*
-     * No default responder set up, so go see if we can find an AIA
-     * extension that has a value for OCSP, and get the url from that.
-     */
-    *isDefault = PR_FALSE;
-    return CERT_GetOCSPAuthorityInfoAccessLocation(cert);
-}
-
-/*
- * Return SECSuccess if the cert was revoked *after* "time",
- * SECFailure otherwise.
- */
-static SECStatus
-ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, int64 time)
-{
-    int64 revokedTime;
-    SECStatus rv;
-
-    rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
-    if (rv != SECSuccess)
-	return rv;
-
-    /*
-     * Set the error even if we will return success; someone might care.
-     */
-    PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
-
-    if (LL_CMP(revokedTime, >, time))
-	return SECSuccess;
-
-    return SECFailure;
-}
-
-/*
- * See if the cert represented in the single response had a good status
- * at the specified time.
- */
-static SECStatus
-ocsp_CertHasGoodStatus(CERTOCSPSingleResponse *single, int64 time)
-{
-    ocspCertStatus *status;
-    SECStatus rv;
-
-    status = single->certStatus;
-
-    switch (status->certStatusType) {
-      case ocspCertStatus_good:
-	rv = SECSuccess;
-	break;
-      case ocspCertStatus_revoked:
-	rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
-	break;
-      case ocspCertStatus_unknown:
-	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
-	rv = SECFailure;
-	break;
-      case ocspCertStatus_other:
-      default:
-	PORT_Assert(0);
-	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
-	rv = SECFailure;
-	break;
-    }
-
-    return rv;
-}
-
-
-/*
- * FUNCTION: CERT_CheckOCSPStatus
- *   Checks the status of a certificate via OCSP.  Will only check status for
- *   a certificate that has an AIA (Authority Information Access) extension
- *   for OCSP *or* when a "default responder" is specified and enabled.
- *   (If no AIA extension for OCSP and no default responder in place, the
- *   cert is considered to have a good status and SECSuccess is returned.)
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     certificate DB of the cert that is being checked
- *   CERTCertificate *cert
- *     the certificate being checked
- *   XXX in the long term also need a boolean parameter that specifies
- *	whether to check the cert chain, as well; for now we check only
- *	the leaf (the specified certificate)
- *   int64 time
- *     time for which status is to be determined
- *   void *pwArg
- *     argument for password prompting, if needed
- * RETURN:
- *   Returns SECSuccess if an approved OCSP responder "knows" the cert
- *   *and* returns a non-revoked status for it; SECFailure otherwise,
- *   with an error set describing the reason:
- *
- *	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- *	SEC_ERROR_OCSP_FUTURE_RESPONSE
- *	SEC_ERROR_OCSP_MALFORMED_REQUEST
- *	SEC_ERROR_OCSP_MALFORMED_RESPONSE
- *	SEC_ERROR_OCSP_OLD_RESPONSE
- *	SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- *	SEC_ERROR_OCSP_SERVER_ERROR
- *	SEC_ERROR_OCSP_TRY_SERVER_LATER
- *	SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- *	SEC_ERROR_OCSP_UNKNOWN_CERT
- *	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- *	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
- *
- *	SEC_ERROR_BAD_SIGNATURE
- *	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- *	SEC_ERROR_INVALID_TIME
- *	SEC_ERROR_REVOKED_CERTIFICATE
- *	SEC_ERROR_UNKNOWN_ISSUER
- *	SEC_ERROR_UNKNOWN_SIGNER
- *
- *   Other errors are any of the many possible failures in cert verification
- *   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- *   verifying the signer's cert, or low-level problems (error allocating
- *   memory, error performing ASN.1 decoding, etc.).
- */    
-SECStatus 
-CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
-		     int64 time, void *pwArg)
-{
-    char *location = NULL;
-    PRBool locationIsDefault;
-    CERTCertList *certList = NULL;
-    SECItem *encodedResponse = NULL;
-    CERTOCSPRequest *request = NULL;
-    CERTOCSPResponse *response = NULL;
-    CERTCertificate *signerCert = NULL;
-    CERTCertificate *issuerCert = NULL;
-    ocspResponseData *responseData;
-    int64 producedAt;
-    CERTOCSPCertID *certID;
-    CERTOCSPSingleResponse *single;
-    SECStatus rv = SECFailure;
-
-
-    /*
-     * The first thing we need to do is find the location of the responder.
-     * This will be the value of the default responder (if enabled), else
-     * it will come out of the AIA extension in the cert (if present).
-     * If we have no such location, then this cert does not "deserve" to
-     * be checked -- that is, we consider it a success and just return.
-     * The way we tell that is by looking at the error number to see if
-     * the problem was no AIA extension was found; any other error was
-     * a true failure that we unfortunately have to treat as an overall
-     * failure here.
-     */
-    location = ocsp_GetResponderLocation(handle, cert, &locationIsDefault);
-    if (location == NULL) {
-	if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND)
-	    return SECSuccess;
-	else
-	    return SECFailure;
-    }
-
-    /*
-     * For now, create a cert-list of one.
-     * XXX In the fullness of time, we will want/need to handle a
-     * certificate chain.  This will be done either when a new parameter
-     * tells us to, or some configuration variable tells us to.  In any
-     * case, handling it is complicated because we may need to send as
-     * many requests (and receive as many responses) as we have certs
-     * in the chain.  If we are going to talk to a default responder,
-     * and we only support one default responder, we can put all of the
-     * certs together into one request.  Otherwise, we must break them up
-     * into multiple requests.  (Even if all of the requests will go to
-     * the same location, the signature on each response will be different,
-     * because each issuer is different.  Carefully read the OCSP spec
-     * if you do not understand this.)
-     */
-
-    certList = CERT_NewCertList();
-    if (certList == NULL)
-	goto loser;
-
-    /* dup it because freeing the list will destroy the cert, too */
-    cert = CERT_DupCertificate(cert);
-    if (cert == NULL)
-	goto loser;
-
-    if (CERT_AddCertToListTail(certList, cert) != SECSuccess) {
-	CERT_DestroyCertificate(cert);
-	goto loser;
-    }
-
-    /*
-     * XXX If/when signing of requests is supported, that second NULL
-     * should be changed to be the signer certificate.  Not sure if that
-     * should be passed into this function or retrieved via some operation
-     * on the handle/context.
-     */
-    encodedResponse = CERT_GetEncodedOCSPResponse(NULL, certList, location,
-						  time, locationIsDefault,
-						  NULL, pwArg, &request);
-    if (encodedResponse == NULL) {
-	goto loser;
-    }
-
-    response = CERT_DecodeOCSPResponse(encodedResponse);
-    if (response == NULL) {
-	goto loser;
-    }
-
-    /*
-     * Okay, we at least have a response that *looks* like a response!
-     * Now see if the overall response status value is good or not.
-     * If not, we set an error and give up.  (It means that either the
-     * server had a problem, or it didn't like something about our
-     * request.  Either way there is nothing to do but give up.)
-     * Otherwise, we continue to find the actual per-cert status
-     * in the response.
-     */
-    switch (response->statusValue) {
-      case ocspResponse_successful:
-	break;
-      case ocspResponse_malformedRequest:
-	PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
-	goto loser;
-      case ocspResponse_internalError:
-	PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
-	goto loser;
-      case ocspResponse_tryLater:
-	PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
-	goto loser;
-      case ocspResponse_sigRequired:
-	/* XXX We *should* retry with a signature, if possible. */
-	PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
-	goto loser;
-      case ocspResponse_unauthorized:
-	PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
-	goto loser;
-      case ocspResponse_other:
-      case ocspResponse_unused:
-      default:
-	PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
-	goto loser;
-    }
-
-    /*
-     * If we've made it this far, we expect a response with a good signature.
-     * So, check for that.
-     */
-    issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
-    rv = CERT_VerifyOCSPResponseSignature(response, handle, pwArg, &signerCert,
-			issuerCert);
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_Assert(signerCert != NULL);	/* internal consistency check */
-    /* XXX probably should set error, return failure if signerCert is null */
-
-    /*
-     * The ResponseData part is the real guts of the response.
-     */
-    responseData = ocsp_GetResponseData(response);
-    if (responseData == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    /*
-     * There is one producedAt time for the entire response (and a separate
-     * thisUpdate time for each individual single response).  We need to
-     * compare them, so get the overall time to pass into the check of each
-     * single response.
-     */
-    rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * Again, we are only doing one request for one cert.
-     * XXX When we handle cert chains, the following code will obviously
-     * have to be modified, in coordation with the code above that will
-     * have to determine how to make multiple requests, etc.  It will need
-     * to loop, and for each certID in the request, find the matching
-     * single response and check the status specified by it.
-     *
-     * We are helped here in that we know that the requests are made with
-     * the request list in the same order as the order of the certs we hand
-     * to it.  This is why I can directly access the first member of the
-     * single request array for the one cert I care about.
-     */
-
-    certID = request->tbsRequest->requestList[0]->reqCert;
-    single = ocsp_GetSingleResponseForCertID(responseData->responses,
-					     handle, certID);
-    if (single == NULL)
-	goto loser;
-
-    rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * Okay, the last step is to check whether the status says revoked,
-     * and if so how that compares to the time value passed into this routine.
-     */
-
-    rv = ocsp_CertHasGoodStatus(single, time);
-
-loser:
-    if (issuerCert != NULL)
-	CERT_DestroyCertificate(issuerCert);
-    if (signerCert != NULL)
-	CERT_DestroyCertificate(signerCert);
-    if (response != NULL)
-	CERT_DestroyOCSPResponse(response);
-    if (request != NULL)
-	CERT_DestroyOCSPRequest(request);
-    if (encodedResponse != NULL)
-	SECITEM_FreeItem(encodedResponse, PR_TRUE);
-    if (certList != NULL)
-	CERT_DestroyCertList(certList);
-    if (location != NULL)
-	PORT_Free(location);
-
-    return rv;
-}
-
-
-/*
- * Disable status checking and destroy related structures/data.
- */
-static SECStatus
-ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
-{
-    ocspCheckingContext *statusContext;
-
-    /*
-     * Disable OCSP checking
-     */
-    statusConfig->statusChecker = NULL;
-
-    statusContext = statusConfig->statusContext;
-    PORT_Assert(statusContext != NULL);
-    if (statusContext == NULL)
-	return SECFailure;
-
-    if (statusContext->defaultResponderURI != NULL)
-	PORT_Free(statusContext->defaultResponderURI);
-    if (statusContext->defaultResponderNickname != NULL)
-	PORT_Free(statusContext->defaultResponderNickname);
-
-    PORT_Free(statusContext);
-    statusConfig->statusContext = NULL;
-
-    PORT_Free(statusConfig);
-
-    return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DisableOCSPChecking
- *   Turns off OCSP checking for the given certificate database.
- *   This routine disables OCSP checking.  Though it will return
- *   SECFailure if OCSP checking is not enabled, it is "safe" to
- *   call it that way and just ignore the return value, if it is
- *   easier to just call it than to "remember" whether it is enabled.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Certificate database for which OCSP checking will be disabled.
- * RETURN:
- *   Returns SECFailure if an error occurred (usually means that OCSP
- *   checking was not enabled or status contexts were not initialized --
- *   error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
- */
-SECStatus
-CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
-{
-    CERTStatusConfig *statusConfig;
-    ocspCheckingContext *statusContext;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    statusConfig = CERT_GetStatusConfig(handle);
-    statusContext = ocsp_GetCheckingContext(handle);
-    if (statusContext == NULL)
-	return SECFailure;
-
-    if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
-	/*
-	 * Status configuration is present, but either not currently
-	 * enabled or not for OCSP.
-	 */
-	PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
-	return SECFailure;
-    }
-
-    /*
-     * This is how we disable status checking.  Everything else remains
-     * in place in case we are enabled again.
-     */
-    statusConfig->statusChecker = NULL;
-
-    return SECSuccess;
-}
-
-/*
- * Allocate and initialize the informational structures for status checking.
- * This is done when some configuration of OCSP is being done or when OCSP
- * checking is being turned on, whichever comes first.
- */
-static SECStatus
-ocsp_InitStatusChecking(CERTCertDBHandle *handle)
-{
-    CERTStatusConfig *statusConfig = NULL;
-    ocspCheckingContext *statusContext = NULL;
-
-    PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
-    if (CERT_GetStatusConfig(handle) != NULL) {
-	/* XXX or call statusConfig->statusDestroy and continue? */
-	return SECFailure;
-    }
-
-    statusConfig = PORT_ZNew(CERTStatusConfig);
-    if (statusConfig == NULL)
-	goto loser;
-
-    statusContext = PORT_ZNew(ocspCheckingContext);
-    if (statusContext == NULL)
-	goto loser;
-
-    statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
-    statusConfig->statusContext = statusContext;
-
-    CERT_SetStatusConfig(handle, statusConfig);
-
-    return SECSuccess;
-
-loser:
-    if (statusContext != NULL)
-	PORT_Free(statusContext);
-    if (statusConfig != NULL)
-	PORT_Free(statusConfig);
-    return SECFailure;
-}
-
-
-/*
- * FUNCTION: CERT_EnableOCSPChecking
- *   Turns on OCSP checking for the given certificate database.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Certificate database for which OCSP checking will be enabled.
- * RETURN:
- *   Returns SECFailure if an error occurred (likely only problem
- *   allocating memory); SECSuccess otherwise.
- */
-SECStatus
-CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
-{
-    CERTStatusConfig *statusConfig;
-    
-    SECStatus rv;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    statusConfig = CERT_GetStatusConfig(handle);
-    if (statusConfig == NULL) {
-	rv = ocsp_InitStatusChecking(handle);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/* Get newly established value */
-	statusConfig = CERT_GetStatusConfig(handle);
-	PORT_Assert(statusConfig != NULL);
-    }
-
-    /*
-     * Setting the checker function is what really enables the checking
-     * when each cert verification is done.
-     */
-    statusConfig->statusChecker = CERT_CheckOCSPStatus;
-
-    return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_SetOCSPDefaultResponder
- *   Specify the location and cert of the default responder.
- *   If OCSP checking is already enabled *and* use of a default responder
- *   is also already enabled, all OCSP checking from now on will go directly
- *   to the specified responder.  If OCSP checking is not enabled, or if
- *   it is but use of a default responder is not enabled, the information
- *   will be recorded and take effect whenever both are enabled.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Cert database on which OCSP checking should use the default responder.
- *   char *url
- *     The location of the default responder (e.g. "http://foo.com:80/ocsp")
- *     Note that the location will not be tested until the first attempt
- *     to send a request there.
- *   char *name
- *     The nickname of the cert to trust (expected) to sign the OCSP responses.
- *     If the corresponding cert cannot be found, SECFailure is returned.
- * RETURN:
- *   Returns SECFailure if an error occurred; SECSuccess otherwise.
- *   The most likely error is that the cert for "name" could not be found
- *   (probably SEC_ERROR_UNKNOWN_CERT).  Other errors are low-level (no memory,
- *   bad database, etc.).
- */
-SECStatus
-CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
-			     const char *url, const char *name)
-{
-    CERTCertificate *cert;
-    ocspCheckingContext *statusContext;
-    char *url_copy = NULL;
-    char *name_copy = NULL;
-    SECStatus rv;
-
-    if (handle == NULL || url == NULL || name == NULL) {
-	/*
-	 * XXX When interface is exported, probably want better errors;
-	 * perhaps different one for each parameter.
-	 */
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    /*
-     * Find the certificate for the specified nickname.  Do this first
-     * because it seems the most likely to fail.
-     *
-     * XXX Shouldn't need that cast if the FindCertByNickname interface
-     * used const to convey that it does not modify the name.  Maybe someday.
-     */
-    cert = CERT_FindCertByNickname(handle, (char *) name);
-    if (cert == NULL) {
-      /*
-       * look for the cert on an external token.
-       */
-      cert = PK11_FindCertFromNickname((char *)name, NULL);
-    }
-    if (cert == NULL)
-	return SECFailure;
-
-    /*
-     * Make a copy of the url and nickname.
-     */
-    url_copy = PORT_Strdup(url);
-    name_copy = PORT_Strdup(name);
-    if (url_copy == NULL || name_copy == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    statusContext = ocsp_GetCheckingContext(handle);
-
-    /*
-     * Allocate and init the context if it doesn't already exist.
-     */
-    if (statusContext == NULL) {
-	rv = ocsp_InitStatusChecking(handle);
-	if (rv != SECSuccess)
-	    goto loser;
-
-	statusContext = ocsp_GetCheckingContext(handle);
-	PORT_Assert(statusContext != NULL);	/* extreme paranoia */
-    }
-
-    /*
-     * Note -- we do not touch the status context until after all of
-     * the steps which could cause errors.  If something goes wrong,
-     * we want to leave things as they were.
-     */
-
-    /*
-     * Get rid of old url and name if there.
-     */
-    if (statusContext->defaultResponderNickname != NULL)
-	PORT_Free(statusContext->defaultResponderNickname);
-    if (statusContext->defaultResponderURI != NULL)
-	PORT_Free(statusContext->defaultResponderURI);
-
-    /*
-     * And replace them with the new ones.
-     */
-    statusContext->defaultResponderURI = url_copy;
-    statusContext->defaultResponderNickname = name_copy;
-
-    /*
-     * If there was already a cert in place, get rid of it and replace it.
-     * Otherwise, we are not currently enabled, so we don't want to save it;
-     * it will get re-found and set whenever use of a default responder is
-     * enabled.
-     */
-    if (statusContext->defaultResponderCert != NULL) {
-	CERT_DestroyCertificate(statusContext->defaultResponderCert);
-	statusContext->defaultResponderCert = cert;
-    } else {
-	PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
-	CERT_DestroyCertificate(cert);
-    }
-
-    return SECSuccess;
-
-loser:
-    CERT_DestroyCertificate(cert);
-    if (url_copy != NULL)
-	PORT_Free(url_copy);
-    if (name_copy != NULL)
-	PORT_Free(name_copy);
-    return rv;
-}
-
-
-/*
- * FUNCTION: CERT_EnableOCSPDefaultResponder
- *   Turns on use of a default responder when OCSP checking.
- *   If OCSP checking is already enabled, this will make subsequent checks
- *   go directly to the default responder.  (The location of the responder
- *   and the nickname of the responder cert must already be specified.)
- *   If OCSP checking is not enabled, this will be recorded and take effect
- *   whenever it is enabled.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Cert database on which OCSP checking should use the default responder.
- * RETURN:
- *   Returns SECFailure if an error occurred; SECSuccess otherwise.
- *   No errors are especially likely unless the caller did not previously
- *   perform a successful call to SetOCSPDefaultResponder (in which case
- *   the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
- */
-SECStatus
-CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
-{
-    ocspCheckingContext *statusContext;
-    CERTCertificate *cert;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    statusContext = ocsp_GetCheckingContext(handle);
-
-    if (statusContext == NULL) {
-	/*
-	 * Strictly speaking, the error already set is "correct",
-	 * but cover over it with one more helpful in this context.
-	 */
-	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
-	return SECFailure;
-    }
-
-    if (statusContext->defaultResponderURI == NULL) {
-	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
-	return SECFailure;
-    }
-
-    if (statusContext->defaultResponderNickname == NULL) {
-	PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
-	return SECFailure;
-    }
-
-    /*
-     * Find the cert for the nickname.
-     */
-    cert = CERT_FindCertByNickname(handle,
-				   statusContext->defaultResponderNickname);
-    if (cert == NULL) {
-        cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname,
-                                         NULL);
-    }
-    /*
-     * We should never have trouble finding the cert, because its
-     * existence should have been proven by SetOCSPDefaultResponder.
-     */
-    PORT_Assert(cert != NULL);
-    if (cert == NULL)
-	return SECFailure;
-
-    /*
-     * And hang onto it.
-     */
-    statusContext->defaultResponderCert = cert;
-
-    /*
-     * Finally, record the fact that we now have a default responder enabled.
-     */
-    statusContext->useDefaultResponder = PR_TRUE;
-    return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DisableOCSPDefaultResponder
- *   Turns off use of a default responder when OCSP checking.
- *   (Does nothing if use of a default responder is not enabled.)
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Cert database on which OCSP checking should stop using a default
- *     responder.
- * RETURN:
- *   Returns SECFailure if an error occurred; SECSuccess otherwise.
- *   Errors very unlikely (like random memory corruption...).
- */
-SECStatus
-CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
-{
-    CERTStatusConfig *statusConfig;
-    ocspCheckingContext *statusContext;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    statusConfig = CERT_GetStatusConfig(handle);
-    if (statusConfig == NULL)
-	return SECSuccess;
-
-    statusContext = ocsp_GetCheckingContext(handle);
-    PORT_Assert(statusContext != NULL);
-    if (statusContext == NULL)
-	return SECFailure;
-
-    if (statusContext->defaultResponderCert != NULL) {
-	CERT_DestroyCertificate(statusContext->defaultResponderCert);
-	statusContext->defaultResponderCert = NULL;
-    }
-
-    /*
-     * Finally, record the fact.
-     */
-    statusContext->useDefaultResponder = PR_FALSE;
-    return SECSuccess;
-}
-static const SECHashObject *
-OidTagToDigestObject(SECOidTag digestAlg)
-{
-    const SECHashObject *rawDigestObject;
-
-    switch (digestAlg) {
-      case SEC_OID_MD2:
-        rawDigestObject = &SECHashObjects[HASH_AlgMD2];
-        break;
-      case SEC_OID_MD5:
-        rawDigestObject = &SECHashObjects[HASH_AlgMD5];
-        break;
-      case SEC_OID_SHA1:
-        rawDigestObject = &SECHashObjects[HASH_AlgSHA1];
-        break;
-      default:
-        PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-        rawDigestObject = NULL;
-        break;
-    }
-    return(rawDigestObject);
-}
-
-/*
- * Digest the cert's subject public key using the specified algorithm.
- * The necessary storage for the digest data is allocated.  If "fill" is
- * non-null, the data is put there, otherwise a SECItem is allocated.
- * Allocation from "arena" if it is non-null, heap otherwise.  Any problem
- * results in a NULL being returned (and an appropriate error set).
- */
-SECItem *
-CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert,
-                           SECOidTag digestAlg, SECItem *fill)
-{
-    const SECHashObject *digestObject;
-    void *digestContext;
-    SECItem *result = NULL;
-    void *mark = NULL;
-    SECItem spk;
-
-    if ( arena != NULL ) {
-        mark = PORT_ArenaMark(arena);
-    }
-
-    digestObject = OidTagToDigestObject(digestAlg);
-    if ( digestObject == NULL ) {
-        goto loser;
-    }
-
-    if ((fill == NULL) || (fill->data == NULL)) {
-	result = SECITEM_AllocItem(arena, fill, digestObject->length);
-	if ( result == NULL ) {
-	   goto loser;
-	}
-	fill = result;
-    }
-
-    /*
-     * Copy just the length and data pointer (nothing needs to be freed)
-     * of the subject public key so we can convert the length from bits
-     * to bytes, which is what the digest function expects.
-     */
-    spk = cert->subjectPublicKeyInfo.subjectPublicKey;
-    DER_ConvertBitString(&spk);
-
-    /*
-     * Now digest the value, using the specified algorithm.
-     */
-    digestContext = digestObject->create();
-    if ( digestContext == NULL ) {
-        goto loser;
-    }
-    digestObject->begin(digestContext);
-    digestObject->update(digestContext, spk.data, spk.len);
-    digestObject->end(digestContext, fill->data, &(fill->len), fill->len);
-    digestObject->destroy(digestContext, PR_TRUE);
-
-    if ( arena != NULL ) {
-        PORT_ArenaUnmark(arena, mark);
-    }
-    return(fill);
-
-loser:
-    if ( arena != NULL ) {
-        PORT_ArenaRelease(arena, mark);
-    } else {
-        if ( result != NULL ) {
-            SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
-        }
-    }
-    return(NULL);
-}
-
-
diff --git a/security/nss/lib/certhigh/ocsp.h b/security/nss/lib/certhigh/ocsp.h
deleted file mode 100644
index e4bd7dbdd..000000000
--- a/security/nss/lib/certhigh/ocsp.h
+++ /dev/null
@@ -1,455 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interface to the OCSP implementation.
- *
- * $Id$
- */
-
-#ifndef _OCSP_H_
-#define _OCSP_H_
-
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "keyt.h"
-#include "certt.h"
-#include "ocspt.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * FUNCTION: CERT_EnableOCSPChecking
- *   Turns on OCSP checking for the given certificate database.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Certificate database for which OCSP checking will be enabled.
- * RETURN:
- *   Returns SECFailure if an error occurred (likely only problem
- *   allocating memory); SECSuccess otherwise.
- */
-extern SECStatus
-CERT_EnableOCSPChecking(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_DisableOCSPChecking
- *   Turns off OCSP checking for the given certificate database.
- *   This routine disables OCSP checking.  Though it will return
- *   SECFailure if OCSP checking is not enabled, it is "safe" to
- *   call it that way and just ignore the return value, if it is
- *   easier to just call it than to "remember" whether it is enabled.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Certificate database for which OCSP checking will be disabled.
- * RETURN:
- *   Returns SECFailure if an error occurred (usually means that OCSP
- *   checking was not enabled or status contexts were not initialized --
- *   error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
- */
-extern SECStatus
-CERT_DisableOCSPChecking(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_SetOCSPDefaultResponder
- *   Specify the location and cert of the default responder.
- *   If OCSP checking is already enabled *and* use of a default responder
- *   is also already enabled, all OCSP checking from now on will go directly
- *   to the specified responder.  If OCSP checking is not enabled, or if
- *   it is but use of a default responder is not enabled, the information
- *   will be recorded and take effect whenever both are enabled.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Cert database on which OCSP checking should use the default responder.
- *   char *url
- *     The location of the default responder (e.g. "http://foo.com:80/ocsp")
- *     Note that the location will not be tested until the first attempt
- *     to send a request there.
- *   char *name
- *     The nickname of the cert to trust (expected) to sign the OCSP responses.
- *     If the corresponding cert cannot be found, SECFailure is returned.
- * RETURN:
- *   Returns SECFailure if an error occurred; SECSuccess otherwise.
- *   The most likely error is that the cert for "name" could not be found
- *   (probably SEC_ERROR_UNKNOWN_CERT).  Other errors are low-level (no memory,
- *   bad database, etc.).
- */
-extern SECStatus
-CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
-			     const char *url, const char *name);
-
-/*
- * FUNCTION: CERT_EnableOCSPDefaultResponder
- *   Turns on use of a default responder when OCSP checking.
- *   If OCSP checking is already enabled, this will make subsequent checks
- *   go directly to the default responder.  (The location of the responder
- *   and the nickname of the responder cert must already be specified.)
- *   If OCSP checking is not enabled, this will be recorded and take effect
- *   whenever it is enabled.
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Cert database on which OCSP checking should use the default responder.
- * RETURN:
- *   Returns SECFailure if an error occurred; SECSuccess otherwise.
- *   No errors are especially likely unless the caller did not previously
- *   perform a successful call to SetOCSPDefaultResponder (in which case
- *   the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
- */
-extern SECStatus
-CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_DisableOCSPDefaultResponder
- *   Turns off use of a default responder when OCSP checking.
- *   (Does nothing if use of a default responder is not enabled.)
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     Cert database on which OCSP checking should stop using a default
- *     responder.
- * RETURN:
- *   Returns SECFailure if an error occurred; SECSuccess otherwise.
- *   Errors very unlikely (like random memory corruption...).
- */
-extern SECStatus
-CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle);
-
-/*
- * -------------------------------------------------------
- * The Functions above are those expected to be used by a client
- * providing OCSP status checking along with every cert verification.
- * The functions below are for OCSP testing, debugging, or clients
- * or servers performing more specialized OCSP tasks.
- * -------------------------------------------------------
- */
-
-/*
- * FUNCTION: CERT_CreateOCSPRequest
- *   Creates a CERTOCSPRequest, requesting the status of the certs in 
- *   the given list.
- * INPUTS:
- *   CERTCertList *certList
- *     A list of certs for which status will be requested.
- *     Note that all of these certificates should have the same issuer,
- *     or it's expected the response will be signed by a trusted responder.
- *     If the certs need to be broken up into multiple requests, that
- *     must be handled by the caller (and thus by having multiple calls
- *     to this routine), who knows about where the request(s) are being
- *     sent and whether there are any trusted responders in place.
- *   int64 time
- *     Indicates the time for which the certificate status is to be 
- *     determined -- this may be used in the search for the cert's issuer
- *     but has no effect on the request itself.
- *   PRBool addServiceLocator
- *     If true, the Service Locator extension should be added to the
- *     single request(s) for each cert.
- *   CERTCertificate *signerCert
- *     If non-NULL, means sign the request using this cert.  Otherwise,
- *     do not sign.
- *     XXX note that request signing is not yet supported; see comment in code
- * RETURN:
- *   A pointer to a CERTOCSPRequest structure containing an OCSP request
- *   for the cert list.  On error, null is returned, with an error set
- *   indicating the reason.  This is likely SEC_ERROR_UNKNOWN_ISSUER.
- *   (The issuer is needed to create a request for the certificate.)
- *   Other errors are low-level problems (no memory, bad database, etc.).
- */
-extern CERTOCSPRequest *
-CERT_CreateOCSPRequest(CERTCertList *certList, int64 time, 
-		       PRBool addServiceLocator,
-		       CERTCertificate *signerCert);
-
-/*
- * FUNCTION: CERT_AddOCSPAcceptableResponses
- *   Add the AcceptableResponses extension to an OCSP Request.
- * INPUTS:
- *   CERTOCSPRequest *request
- *     The request to which the extension should be added.
- *   ...
- *     A list (of one or more) of SECOidTag -- each of the response types
- *     to be added.  The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
- *     (This marks the end of the list, and it must be specified because a
- *     client conforming to the OCSP standard is required to handle the basic
- *     response type.)  The OIDs are not checked in any way.
- * RETURN:
- *   SECSuccess if the extension is added; SECFailure if anything goes wrong.
- *   All errors are internal or low-level problems (e.g. no memory).
- */
-extern SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...);
-
-/* 
- * FUNCTION: CERT_EncodeOCSPRequest
- *   DER encodes an OCSP Request, possibly adding a signature as well.
- *   XXX Signing is not yet supported, however; see comments in code.
- * INPUTS: 
- *   PRArenaPool *arena
- *     The return value is allocated from here.
- *     If a NULL is passed in, allocation is done from the heap instead.
- *   CERTOCSPRequest *request
- *     The request to be encoded.
- *   void *pwArg
- *     Pointer to argument for password prompting, if needed.  (Definitely
- *     not needed if not signing.)
- * RETURN:
- *   Returns a NULL on error and a pointer to the SECItem with the
- *   encoded value otherwise.  Any error is likely to be low-level
- *   (e.g. no memory).
- */
-extern SECItem *
-CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request, 
-		       void *pwArg);
-
-/*
- * FUNCTION: CERT_DecodeOCSPRequest
- *   Decode a DER encoded OCSP Request.
- * INPUTS:
- *   SECItem *src
- *     Pointer to a SECItem holding DER encoded OCSP Request.
- * RETURN:
- *   Returns a pointer to a CERTOCSPRequest containing the decoded request.
- *   On error, returns NULL.  Most likely error is trouble decoding
- *   (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
- */
-extern CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src);
-
-/*
- * FUNCTION: CERT_DestroyOCSPRequest
- *   Frees an OCSP Request structure.
- * INPUTS:
- *   CERTOCSPRequest *request
- *     Pointer to CERTOCSPRequest to be freed.
- * RETURN:
- *   No return value; no errors.
- */
-extern void
-CERT_DestroyOCSPRequest(CERTOCSPRequest *request);
-
-/*
- * FUNCTION: CERT_DecodeOCSPResponse
- *   Decode a DER encoded OCSP Response.
- * INPUTS:
- *   SECItem *src
- *     Pointer to a SECItem holding DER encoded OCSP Response.
- * RETURN:
- *   Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
- *   the caller is responsible for destroying it.  Or NULL if error (either
- *   response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
- *   it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
- *   or a low-level or internal error occurred).
- */
-extern CERTOCSPResponse *
-CERT_DecodeOCSPResponse(SECItem *src);
-
-/*
- * FUNCTION: CERT_DestroyOCSPResponse
- *   Frees an OCSP Response structure.
- * INPUTS:
- *   CERTOCSPResponse *request
- *     Pointer to CERTOCSPResponse to be freed.
- * RETURN:
- *   No return value; no errors.
- */
-extern void
-CERT_DestroyOCSPResponse(CERTOCSPResponse *response);
-
-/*
- * FUNCTION: CERT_GetEncodedOCSPResponse
- *   Creates and sends a request to an OCSP responder, then reads and
- *   returns the (encoded) response.
- * INPUTS:
- *   PRArenaPool *arena
- *     Pointer to arena from which return value will be allocated.
- *     If NULL, result will be allocated from the heap (and thus should
- *     be freed via SECITEM_FreeItem).
- *   CERTCertList *certList
- *     A list of certs for which status will be requested.
- *     Note that all of these certificates should have the same issuer,
- *     or it's expected the response will be signed by a trusted responder.
- *     If the certs need to be broken up into multiple requests, that
- *     must be handled by the caller (and thus by having multiple calls
- *     to this routine), who knows about where the request(s) are being
- *     sent and whether there are any trusted responders in place.
- *   char *location
- *     The location of the OCSP responder (a URL).
- *   int64 time
- *     Indicates the time for which the certificate status is to be 
- *     determined -- this may be used in the search for the cert's issuer
- *     but has no other bearing on the operation.
- *   PRBool addServiceLocator
- *     If true, the Service Locator extension should be added to the
- *     single request(s) for each cert.
- *   CERTCertificate *signerCert
- *     If non-NULL, means sign the request using this cert.  Otherwise,
- *     do not sign.
- *   void *pwArg
- *     Pointer to argument for password prompting, if needed.  (Definitely
- *     not needed if not signing.)
- * OUTPUTS:
- *   CERTOCSPRequest **pRequest
- *     Pointer in which to store the OCSP request created for the given
- *     list of certificates.  It is only filled in if the entire operation
- *     is successful and the pointer is not null -- and in that case the
- *     caller is then reponsible for destroying it.
- * RETURN:
- *   Returns a pointer to the SECItem holding the response.
- *   On error, returns null with error set describing the reason:
- *	SEC_ERROR_UNKNOWN_ISSUER
- *	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- *	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- *   Other errors are low-level problems (no memory, bad database, etc.).
- */
-extern SECItem *
-CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
-			    char *location, int64 time,
-			    PRBool addServiceLocator,
-			    CERTCertificate *signerCert, void *pwArg,
-			    CERTOCSPRequest **pRequest);
-
-/*
- * FUNCTION: CERT_VerifyOCSPResponseSignature
- *   Check the signature on an OCSP Response.  Will also perform a
- *   verification of the signer's certificate.  Note, however, that a
- *   successful verification does not make any statement about the
- *   signer's *authority* to provide status for the certificate(s),
- *   that must be checked individually for each certificate.
- * INPUTS:
- *   CERTOCSPResponse *response
- *     Pointer to response structure with signature to be checked.
- *   CERTCertDBHandle *handle
- *     Pointer to CERTCertDBHandle for certificate DB to use for verification.
- *   void *pwArg
- *     Pointer to argument for password prompting, if needed.
- *   CERTCertificate *issuerCert
- *     Issuer of the certificate that generated the OCSP request.
- * OUTPUTS:
- *   CERTCertificate **pSignerCert
- *     Pointer in which to store signer's certificate; only filled-in if
- *     non-null.
- * RETURN:
- *   Returns SECSuccess when signature is valid, anything else means invalid.
- *   Possible errors set:
- *	SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
- *	SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
- *	SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- *	SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- *   Other errors are any of the many possible failures in cert verification
- *   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- *   verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-extern SECStatus
-CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,	
-				 CERTCertDBHandle *handle, void *pwArg,
-				 CERTCertificate **pSignerCert,
-				 CERTCertificate *issuerCert);
-
-/*
- * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
- *   Get the value of the URI of the OCSP responder for the given cert.
- *   This is found in the (optional) Authority Information Access extension
- *   in the cert.
- * INPUTS:
- *   CERTCertificate *cert
- *     The certificate being examined.
- * RETURN:
- *   char *
- *     A copy of the URI for the OCSP method, if found.  If either the
- *     extension is not present or it does not contain an entry for OCSP,
- *     SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
- *     Any other error will also result in a NULL being returned.
- *     
- *     This result should be freed (via PORT_Free) when no longer in use.
- */
-extern char *
-CERT_GetOCSPAuthorityInfoAccessLocation(CERTCertificate *cert);
-
-/*
- * FUNCTION: CERT_CheckOCSPStatus
- *   Checks the status of a certificate via OCSP.  Will only check status for
- *   a certificate that has an AIA (Authority Information Access) extension
- *   for OCSP *or* when a "default responder" is specified and enabled.
- *   (If no AIA extension for OCSP and no default responder in place, the
- *   cert is considered to have a good status and SECSuccess is returned.)
- * INPUTS:
- *   CERTCertDBHandle *handle
- *     certificate DB of the cert that is being checked
- *   CERTCertificate *cert
- *     the certificate being checked
- *   XXX in the long term also need a boolean parameter that specifies
- *	whether to check the cert chain, as well; for now we check only
- *	the leaf (the specified certificate)
- *   int64 time
- *     time for which status is to be determined
- *   void *pwArg
- *     argument for password prompting, if needed
- * RETURN:
- *   Returns SECSuccess if an approved OCSP responder "knows" the cert
- *   *and* returns a non-revoked status for it; SECFailure otherwise,
- *   with an error set describing the reason:
- *
- *	SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- *	SEC_ERROR_OCSP_FUTURE_RESPONSE
- *	SEC_ERROR_OCSP_MALFORMED_REQUEST
- *	SEC_ERROR_OCSP_MALFORMED_RESPONSE
- *	SEC_ERROR_OCSP_OLD_RESPONSE
- *	SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- *	SEC_ERROR_OCSP_SERVER_ERROR
- *	SEC_ERROR_OCSP_TRY_SERVER_LATER
- *	SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- *	SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- *	SEC_ERROR_OCSP_UNKNOWN_CERT
- *	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- *	SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
- *
- *	SEC_ERROR_BAD_SIGNATURE
- *	SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- *	SEC_ERROR_INVALID_TIME
- *	SEC_ERROR_REVOKED_CERTIFICATE
- *	SEC_ERROR_UNKNOWN_ISSUER
- *	SEC_ERROR_UNKNOWN_SIGNER
- *
- *   Other errors are any of the many possible failures in cert verification
- *   (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- *   verifying the signer's cert, or low-level problems (error allocating
- *   memory, error performing ASN.1 decoding, etc.).
- */    
-extern SECStatus 
-CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
-		     int64 time, void *pwArg);
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _OCSP_H_ */
diff --git a/security/nss/lib/certhigh/ocspt.h b/security/nss/lib/certhigh/ocspt.h
deleted file mode 100644
index 3f1563855..000000000
--- a/security/nss/lib/certhigh/ocspt.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public header for exported OCSP types.
- *
- * $Id$
- */
-
-#ifndef _OCSPT_H_
-#define _OCSPT_H_
-
-/*
- * The following are all opaque types.  If someone needs to get at
- * a field within, then we need to fix the API.  Try very hard not
- * make the type available to them.
- */
-typedef struct CERTOCSPRequestStr CERTOCSPRequest;
-typedef struct CERTOCSPResponseStr CERTOCSPResponse;
-
-/*
- * XXX I think only those first two above should need to be exported,
- * but until I know for certain I am leaving the rest of these here, too.
- */
-typedef struct CERTOCSPCertIDStr CERTOCSPCertID;
-typedef struct CERTOCSPCertStatusStr CERTOCSPCertStatus;
-typedef struct CERTOCSPSingleResponseStr CERTOCSPSingleResponse;
-
-#endif /* _OCSPT_H_ */
diff --git a/security/nss/lib/certhigh/ocspti.h b/security/nss/lib/certhigh/ocspti.h
deleted file mode 100644
index 9c739bef4..000000000
--- a/security/nss/lib/certhigh/ocspti.h
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Private header defining OCSP types.
- *
- * $Id$
- */
-
-#ifndef _OCSPTI_H_
-#define _OCSPTI_H_
-
-#include "ocspt.h"
-
-#include "certt.h"
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-
-
-/*
- * Some notes about naming conventions...
- *
- * The public data types all start with "CERTOCSP" (e.g. CERTOCSPRequest).
- * (Even the public types are opaque, however.  Only their names are
- * "exported".)
- *
- * Internal-only data types drop the "CERT" prefix and use only the
- * lower-case "ocsp" (e.g. ocspTBSRequest), for brevity sake.
- *
- * In either case, the base/suffix of the type name usually matches the
- * name as defined in the OCSP specification.  The exceptions to this are:
- *  - When there is overlap between the "OCSP" or "ocsp" prefix and
- *    the name used in the standard.  That is, you cannot strip off the
- *    "CERTOCSP" or "ocsp" prefix and necessarily get the name of the
- *    type as it is defined in the standard; the "real" name will be
- *    *either* "OCSPSuffix" or just "Suffix".
- *  - When the name in the standard was a little too generic.  (e.g. The
- *    standard defines "Request" but we call it a "SingleRequest".)
- *    In this case a comment above the type definition calls attention
- *    to the difference.
- *
- * The definitions laid out in this header file are intended to follow
- * the same order as the definitions in the OCSP specification itself.
- * With the OCSP standard in hand, you should be able to move through
- * this file and follow along.  To future modifiers of this file: please
- * try to keep it that way.  The only exceptions are the few cases where
- * we need to define a type before it is referenced (e.g. enumerations),
- * whereas in the OCSP specification these are usually defined the other
- * way around (reference before definition).
- */
-
-
-/*
- * Forward-declarations of internal-only data structures.
- *
- * These are in alphabetical order (case-insensitive); please keep it that way!
- */
-typedef struct ocspBasicOCSPResponseStr ocspBasicOCSPResponse;
-typedef struct ocspCertStatusStr ocspCertStatus;
-typedef struct ocspResponderIDStr ocspResponderID;
-typedef struct ocspResponseBytesStr ocspResponseBytes;
-typedef struct ocspResponseDataStr ocspResponseData;
-typedef struct ocspRevokedInfoStr ocspRevokedInfo;
-typedef struct ocspServiceLocatorStr ocspServiceLocator;
-typedef struct ocspSignatureStr ocspSignature;
-typedef struct ocspSingleRequestStr ocspSingleRequest;
-typedef struct ocspSingleResponseStr ocspSingleResponse;
-typedef struct ocspTBSRequestStr ocspTBSRequest;
-
-
-/*
- * An OCSPRequest; this is what is sent (encoded) to an OCSP responder.
- */
-struct CERTOCSPRequestStr {
-    PRArenaPool *arena;			/* local; not part of encoding */
-    ocspTBSRequest *tbsRequest;
-    ocspSignature *optionalSignature;
-};
-
-/*
- * A TBSRequest; when an OCSPRequest is signed, the encoding of this
- * is what the signature is actually applied to.  ("TBS" == To Be Signed)
- * Whether signed or not, however, this structure will be present, and
- * is the "meat" of the OCSPRequest.
- *
- * Note that the "requestorName" field cannot be encoded/decoded in the
- * same pass as the entire request -- it needs to be handled with a special
- * call to convert to/from our internal form of a GeneralName.  Thus the
- * "derRequestorName" field, which is the actual DER-encoded bytes.
- *
- * The "extensionHandle" field is used on creation only; it holds
- * in-progress extensions as they are optionally added to the request.
- */
-struct ocspTBSRequestStr {
-    SECItem version;			/* an INTEGER */
-    SECItem *derRequestorName;		/* encoded GeneralName; see above */
-    CERTGeneralNameList *requestorName;	/* local; not part of encoding */
-    ocspSingleRequest **requestList;
-    CERTCertExtension **requestExtensions;
-    void *extensionHandle;		/* local; not part of encoding */
-};
-
-/*
- * This is the actual signature information for an OCSPRequest (applied to
- * the TBSRequest structure) or for a BasicOCSPResponse (applied to a
- * ResponseData structure).
- *
- * Note that the "signature" field itself is a BIT STRING; operations on
- * it need to keep that in mind, converting the length to bytes as needed
- * and back again afterward (so that the length is usually expressing bits).
- *
- * The "cert" field is the signer's certificate.  In the case of a received
- * signature, it will be filled in when the signature is verified.  In the
- * case of a created signature, it is filled in on creation and will be the
- * cert used to create the signature when the signing-and-encoding occurs,
- * as well as the cert (and its chain) to fill in derCerts if requested.
- *
- * The extra fields cache information about the signature after we have
- * attempted a verification.  "wasChecked", if true, means the signature
- * has been checked against the appropriate data and thus that "status"
- * contains the result of that verification.  If "status" is not SECSuccess,
- * "failureReason" is a copy of the error code that was set at the time;
- * presumably it tells why the signature verification failed.
- */
-struct ocspSignatureStr {
-    SECAlgorithmID signatureAlgorithm;
-    SECItem signature;			/* a BIT STRING */
-    SECItem **derCerts;			/* a SEQUENCE OF Certificate */
-    CERTCertificate *cert;		/* local; not part of encoding */
-    PRBool wasChecked;			/* local; not part of encoding */
-    SECStatus status;			/* local; not part of encoding */
-    int failureReason;			/* local; not part of encoding */
-};
-
-/*
- * An OCSPRequest contains a SEQUENCE OF these, one for each certificate
- * whose status is being checked.
- *
- * Note that in the OCSP specification this is just called "Request",
- * but since that seemed confusing (vs. an OCSPRequest) and to be more
- * consistent with the parallel type "SingleResponse", I called it a
- * "SingleRequest".
- * 
- * XXX figure out how to get rid of that arena -- there must be a way
- */
-struct ocspSingleRequestStr {
-    PRArenaPool *arena;			/* just a copy of the response arena,
-					 * needed here for extension handling
-					 * routines, on creation only */
-    CERTOCSPCertID *reqCert;
-    CERTCertExtension **singleRequestExtensions;
-};
-
-/*
- * A CertID is the means of identifying a certificate, used both in requests
- * and in responses.
- *
- * When in a SingleRequest it specifies the certificate to be checked.
- * When in a SingleResponse it is the cert whose status is being given.
- */
-struct CERTOCSPCertIDStr {
-    SECAlgorithmID hashAlgorithm;
-    SECItem issuerNameHash;		/* an OCTET STRING */
-    SECItem issuerKeyHash;		/* an OCTET STRING */
-    SECItem serialNumber;		/* an INTEGER */
-    SECItem issuerSHA1NameHash;		/* keep other hashes around when */
-    SECItem issuerMD5NameHash;              /* we have them */
-    SECItem issuerMD2NameHash;
-    SECItem issuerSHA1KeyHash;		/* keep other hashes around when */
-    SECItem issuerMD5KeyHash;              /* we have them */
-    SECItem issuerMD2KeyHash;
-};
-
-/*
- * This describes the value of the responseStatus field in an OCSPResponse.
- * The corresponding ASN.1 definition is:
- *
- * OCSPResponseStatus	::=	ENUMERATED {
- *	successful		(0),	--Response has valid confirmations
- *	malformedRequest	(1),	--Illegal confirmation request
- *	internalError		(2),	--Internal error in issuer
- *	tryLater		(3),	--Try again later
- *					--(4) is not used
- *	sigRequired		(5),	--Must sign the request
- *	unauthorized		(6),	--Request unauthorized
- * }
- */
-typedef enum {
-    ocspResponse_successful = 0,
-    ocspResponse_malformedRequest = 1,
-    ocspResponse_internalError = 2,
-    ocspResponse_tryLater = 3,
-    ocspResponse_unused = 4,
-    ocspResponse_sigRequired = 5,
-    ocspResponse_unauthorized = 6,
-    ocspResponse_other			/* unknown/unrecognized value */
-} ocspResponseStatus;
-
-/*
- * An OCSPResponse is what is sent (encoded) by an OCSP responder.
- *
- * The field "responseStatus" is the ASN.1 encoded value; the field
- * "statusValue" is simply that same value translated into our local
- * type ocspResponseStatus.
- */
-struct CERTOCSPResponseStr {
-    PRArenaPool *arena;			/* local; not part of encoding */
-    SECItem responseStatus;		/* an ENUMERATED, see above */
-    ocspResponseStatus statusValue;	/* local; not part of encoding */
-    ocspResponseBytes *responseBytes;	/* only when status is successful */
-};
-
-/*
- * A ResponseBytes (despite appearances) is what contains the meat
- * of a successful response -- but still in encoded form.  The type
- * given as "responseType" tells you how to decode the string.
- *
- * We look at the OID and translate it into our local OID representation
- * "responseTypeTag", and use that value to tell us how to decode the
- * actual response itself.  For now the only kind of OCSP response we
- * know about is a BasicOCSPResponse.  However, the intention in the
- * OCSP specification is to allow for other response types, so we are
- * building in that flexibility from the start and thus put a pointer
- * to that data structure inside of a union.  Whenever OCSP adds more
- * response types, just add them to the union.
- */
-struct ocspResponseBytesStr {
-    SECItem responseType;		/* an OBJECT IDENTIFIER */
-    SECOidTag responseTypeTag;		/* local; not part of encoding */
-    SECItem response;			/* an OCTET STRING */
-    union {
-	ocspBasicOCSPResponse *basic;	/* when type is id-pkix-ocsp-basic */
-    } decodedResponse;			/* local; not part of encoding */
-};
-
-/*
- * A BasicOCSPResponse -- when the responseType in a ResponseBytes is
- * id-pkix-ocsp-basic, the "response" OCTET STRING above is the DER
- * encoding of one of these.
- *
- * Note that in the OCSP specification, the signature fields are not
- * part of a separate sub-structure.  But since they are the same fields
- * as we define for the signature in a request, it made sense to share
- * the C data structure here and in some shared code to operate on them.
- */
-struct ocspBasicOCSPResponseStr {
-    ocspResponseData *tbsResponseData;	/* "tbs" == To Be Signed */
-    ocspSignature responseSignature;
-};
-
-/*
- * A ResponseData is the part of a BasicOCSPResponse that is signed
- * (after it is DER encoded).  It contains the real details of the response
- * (a per-certificate status).
- */
-struct ocspResponseDataStr {
-    SECItem version;			/* an INTEGER */
-    SECItem derResponderID;
-    ocspResponderID *responderID;	/* local; not part of encoding */
-    SECItem producedAt;			/* a GeneralizedTime */
-    CERTOCSPSingleResponse **responses;
-    CERTCertExtension **responseExtensions;
-};
-
-/*
- * A ResponderID identifies the responder -- or more correctly, the
- * signer of the response.  The ASN.1 definition of a ResponderID is:
- *
- * ResponderID	::=	CHOICE {
- *	byName			[1] EXPLICIT Name,
- *	byKey			[2] EXPLICIT KeyHash }
- *
- * Because it is CHOICE, the type of identification used and the
- * identification itself are actually encoded together.  To represent
- * this same information internally, we explicitly define a type and
- * save it, along with the value, into a data structure.
- */
-
-typedef enum {
-    ocspResponderID_byName,
-    ocspResponderID_byKey,
-    ocspResponderID_other		/* unknown kind of responderID */
-} ocspResponderIDType;
-
-struct ocspResponderIDStr {
-    ocspResponderIDType responderIDType;/* local; not part of encoding */
-    union {
-	CERTName name;			/* when ocspResponderID_byName */
-	SECItem keyHash;		/* when ocspResponderID_byKey */
-	SECItem other;			/* when ocspResponderID_other */
-    } responderIDValue;
-};
-
-/*
- * The ResponseData in a BasicOCSPResponse contains a SEQUENCE OF
- * SingleResponse -- one for each certificate whose status is being supplied.
- * 
- * XXX figure out how to get rid of that arena -- there must be a way
- */
-struct CERTOCSPSingleResponseStr {
-    PRArenaPool *arena;			/* just a copy of the response arena,
-					 * needed here for extension handling
-					 * routines, on creation only */
-    CERTOCSPCertID *certID;
-    SECItem derCertStatus;
-    ocspCertStatus *certStatus;		/* local; not part of encoding */
-    SECItem thisUpdate;			/* a GeneralizedTime */
-    SECItem *nextUpdate;		/* a GeneralizedTime */
-    CERTCertExtension **singleExtensions;
-};
-
-/*
- * A CertStatus is the actual per-certificate status.  Its ASN.1 definition:
- *
- * CertStatus	::=	CHOICE {
- *	good			[0] IMPLICIT NULL,
- *	revoked			[1] IMPLICIT RevokedInfo,
- *	unknown			[2] IMPLICIT UnknownInfo }
- *
- * (where for now UnknownInfo is defined to be NULL but in the
- * future may be replaced with an enumeration).
- *
- * Because it is CHOICE, the status value and its associated information
- * (if any) are actually encoded together.  To represent this same
- * information internally, we explicitly define a type and save it,
- * along with the value, into a data structure.
- */
-
-typedef enum {
-    ocspCertStatus_good,		/* cert is not revoked */
-    ocspCertStatus_revoked,		/* cert is revoked */
-    ocspCertStatus_unknown,		/* cert was unknown to the responder */
-    ocspCertStatus_other		/* status was not an expected value */
-} ocspCertStatusType;
-
-/*
- * This is the actual per-certificate status.
- *
- * The "goodInfo" and "unknownInfo" items are only place-holders for a NULL.
- * (Though someday OCSP may replace UnknownInfo with an enumeration that
- * gives more detailed information.)
- */
-struct ocspCertStatusStr {
-    ocspCertStatusType certStatusType;	/* local; not part of encoding */
-    union {
-	SECItem *goodInfo;		/* when ocspCertStatus_good */
-	ocspRevokedInfo *revokedInfo;	/* when ocspCertStatus_revoked */
-	SECItem *unknownInfo;		/* when ocspCertStatus_unknown */
-	SECItem *otherInfo;		/* when ocspCertStatus_other */
-    } certStatusInfo; 
-};
-
-/*
- * A RevokedInfo gives information about a revoked certificate -- when it
- * was revoked and why.
- */
-struct ocspRevokedInfoStr {
-    SECItem revocationTime;		/* a GeneralizedTime */
-    SECItem *revocationReason;		/* a CRLReason; ignored for now */
-};
-
-/*
- * ServiceLocator can be included as one of the singleRequestExtensions.
- * When added, it specifies the (name of the) issuer of the cert being
- * checked, and optionally the value of the AuthorityInfoAccess extension
- * if the cert has one.
- */
-struct ocspServiceLocatorStr {
-    CERTName *issuer;
-    SECItem locator;	/* DER encoded authInfoAccess extension from cert */
-};
-
-#endif /* _OCSPTI_H_ */
diff --git a/security/nss/lib/certhigh/xcrldist.c b/security/nss/lib/certhigh/xcrldist.c
deleted file mode 100644
index d560cfd23..000000000
--- a/security/nss/lib/certhigh/xcrldist.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with x.509 v3 CRL Distribution Point extension.
- */
-#include "genname.h"
-#include "certt.h"
-#include "secerr.h"
-
-extern void PrepareBitStringForEncoding (SECItem *bitMap, SECItem *value);
-
-static const SEC_ASN1Template FullNameTemplate[] = {
-    {SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
-	offsetof (CRLDistributionPoint,derFullName), CERT_GeneralNamesTemplate}
-};
-
-static const SEC_ASN1Template RelativeNameTemplate[] = {
-    {SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 1, 
-	offsetof (CRLDistributionPoint,distPoint.relativeName), CERT_RDNTemplate}
-};
-	 
-static const SEC_ASN1Template CRLDistributionPointTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRLDistributionPoint) },
-	{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
-	    SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 0,
-	    offsetof(CRLDistributionPoint,derDistPoint), SEC_AnyTemplate},
-	{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	    offsetof(CRLDistributionPoint,bitsmap), SEC_BitStringTemplate},
-	{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
-	    SEC_ASN1_CONSTRUCTED | 2,
-	    offsetof(CRLDistributionPoint, derCrlIssuer), CERT_GeneralNamesTemplate},
-    { 0 }
-};
-
-const SEC_ASN1Template CERTCRLDistributionPointsTemplate[] = {
-    {SEC_ASN1_SEQUENCE_OF, 0, CRLDistributionPointTemplate}
-};
-
-SECStatus
-CERT_EncodeCRLDistributionPoints (PRArenaPool *arena, CERTCrlDistributionPoints *value,
-				  SECItem *derValue)
-{
-    CRLDistributionPoint **pointList, *point;
-    PRArenaPool *ourPool = NULL;
-    SECStatus rv = SECSuccess;
-
-    PORT_Assert (derValue);
-    PORT_Assert (value && value->distPoints);
-
-    do {
-	ourPool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
-	if (ourPool == NULL) {
-	    rv = SECFailure;
-	    break;
-	}    
-	
-	pointList = value->distPoints;
-	while (*pointList) {
-	    point = *pointList;
-	    point->derFullName = NULL;
-	    point->derDistPoint.data = NULL;
-
-	    if (point->distPointType == generalName) {
-		point->derFullName = cert_EncodeGeneralNames
-		    (ourPool, point->distPoint.fullName);
-		
-		if (point->derFullName) {
-		    rv = (SEC_ASN1EncodeItem (ourPool, &point->derDistPoint,
-			  point, FullNameTemplate) == NULL) ? SECFailure : SECSuccess;
-		} else {
-		    rv = SECFailure;
-		}
-	    }
-	    else if (point->distPointType == relativeDistinguishedName) {
-		if (SEC_ASN1EncodeItem
-		     (ourPool, &point->derDistPoint, 
-		      point, RelativeNameTemplate) == NULL) 
-		    rv = SECFailure;
-	    }
-	    /* distributionPointName is omitted */
-	    else if (point->distPointType != 0) {
-		PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-		rv = SECFailure;
-	    }
-	    if (rv != SECSuccess)
-		break;
-
-	    if (point->reasons.data)
-		PrepareBitStringForEncoding (&point->bitsmap, &point->reasons);
-
-	    if (point->crlIssuer) {
-		point->derCrlIssuer = cert_EncodeGeneralNames
-		    (ourPool, point->crlIssuer);
-		if (!point->crlIssuer)
-		    break;
-	    }
-	    
-	    ++pointList;
-	}
-	if (rv != SECSuccess)
-	    break;
-	if (SEC_ASN1EncodeItem
-	     (arena, derValue, value, CERTCRLDistributionPointsTemplate) == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-    } while (0);
-    PORT_FreeArena (ourPool, PR_FALSE);
-    return (rv);
-}
-
-CERTCrlDistributionPoints *
-CERT_DecodeCRLDistributionPoints (PRArenaPool *arena, SECItem *encodedValue)
-{
-   CERTCrlDistributionPoints *value = NULL;    
-   CRLDistributionPoint **pointList, *point;    
-   SECStatus rv;
-
-   PORT_Assert (arena);
-   do {
-	value = (CERTCrlDistributionPoints*)PORT_ArenaZAlloc (arena, sizeof (*value));
-	if (value == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	    
-	rv = SEC_ASN1DecodeItem
-	     (arena, &value->distPoints, CERTCRLDistributionPointsTemplate,
-	      encodedValue);
-	if (rv != SECSuccess)
-	    break;
-
-	pointList = value->distPoints;
-	while (*pointList) {
-	    point = *pointList;
-
-	    /* get the data if the distributionPointName is not omitted */
-	    if (point->derDistPoint.data != NULL) {
-		point->distPointType = (DistributionPointTypes)
-					((point->derDistPoint.data[0] & 0x1f) +1);
-		if (point->distPointType == generalName) {
-		    SECItem innerDER;
-		
-		    innerDER.data = NULL;
-		    rv = SEC_ASN1DecodeItem
-			 (arena, point, FullNameTemplate, &(point->derDistPoint));
-		    if (rv != SECSuccess)
-			break;
-		    point->distPoint.fullName = cert_DecodeGeneralNames
-			(arena, point->derFullName);
-
-		    if (!point->distPoint.fullName)
-			break;
-		}
-		else if ( relativeDistinguishedName) {
-		    rv = SEC_ASN1DecodeItem
-			 (arena, point, RelativeNameTemplate, &(point->derDistPoint));
-		    if (rv != SECSuccess)
-			break;
-		}
-		else {
-		    PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
-		    break;
-		}
-	    }
-
-	    /* Get the reason code if it's not omitted in the encoding */
-	    if (point->bitsmap.data != NULL) {
-		point->reasons.data = (unsigned char*) PORT_ArenaAlloc
-				      (arena, (point->bitsmap.len + 7) >> 3);
-		if (!point->reasons.data) {
-		    rv = SECFailure;
-		    break;
-		}
-		PORT_Memcpy (point->reasons.data, point->bitsmap.data,
-			     point->reasons.len = ((point->bitsmap.len + 7) >> 3));
-	    }
-
-	    /* Get the crl issuer name if it's not omitted in the encoding */
-	    if (point->derCrlIssuer != NULL) {
-		point->crlIssuer = cert_DecodeGeneralNames
-		    (arena, point->derCrlIssuer);
-
-		if (!point->crlIssuer)
-		    break;
-	    }
-	    ++pointList;
-	}
-   } while (0);
-   return (rv == SECSuccess ? value : NULL);
-}
diff --git a/security/nss/lib/ckfw/.cvsignore b/security/nss/lib/ckfw/.cvsignore
deleted file mode 100644
index 988228d5a..000000000
--- a/security/nss/lib/ckfw/.cvsignore
+++ /dev/null
@@ -1,4 +0,0 @@
-nssckepv.h
-nssckg.h
-nssckft.h
-nssck.api
diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile
deleted file mode 100644
index 1a9dd6915..000000000
--- a/security/nss/lib/ckfw/Makefile
+++ /dev/null
@@ -1,54 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# This'll need some help from a build person.
-
-# The generated files are checked in, and differ from what ckapi.perl
-# will produce.  ckapi.perl is currently newer than the targets, so
-# these rules are invoked, causing the wrong files to be generated.
-# Turning off to fix builds.
-#
-# nssckepv.h: ck.api ckapi.perl
-# nssckft.h: ck.api ckapi.perl
-# nssckg.h: ck.api ckapi.perl
-# nssck.api: ck.api ckapi.perl
-# 	perl ckapi.perl ck.api
-
-export:: private_export
-
diff --git a/security/nss/lib/ckfw/builtins/.cvsignore b/security/nss/lib/ckfw/builtins/.cvsignore
deleted file mode 100644
index ccbbcce86..000000000
--- a/security/nss/lib/ckfw/builtins/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-certdata.c
diff --git a/security/nss/lib/ckfw/builtins/Makefile b/security/nss/lib/ckfw/builtins/Makefile
deleted file mode 100644
index 7c392f2c9..000000000
--- a/security/nss/lib/ckfw/builtins/Makefile
+++ /dev/null
@@ -1,89 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-EXTRA_LIBS = \
-	$(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
-	$(NULL)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-EXTRA_LIBS += \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \
-	$(NULL)
-
-else
-
-EXTRA_LIBS += \
-	$(DIST)/lib/$(LIB_PREFIX)plc4.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)plds4.$(LIB_SUFFIX) \
-	$(NULL)
-
-endif
-
-
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# Generate certdata.c.
-generate:
-	perl certdata.perl < certdata.txt
-
-# This'll need some help from a build person.
-
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS              = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS        = -lc
-MKSHLIB                 = xlC $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
-	@$(MAKE_OBJDIR)
-	rm -f $@
-	$(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
-	chmod +x $@
-
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-LD      += -G
-endif 
-
-
diff --git a/security/nss/lib/ckfw/builtins/anchor.c b/security/nss/lib/ckfw/builtins/anchor.c
deleted file mode 100644
index 12c77a75c..000000000
--- a/security/nss/lib/ckfw/builtins/anchor.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * builtins/anchor.c
- *
- * This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading.  See the 
- * comments in nssck.api for more information.
- */
-
-#include "builtins.h"
-
-#define MODULE_NAME builtins
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_builtins_mdInstance
-#include "nssck.api"
diff --git a/security/nss/lib/ckfw/builtins/bfind.c b/security/nss/lib/ckfw/builtins/bfind.c
deleted file mode 100644
index 17b94fa15..000000000
--- a/security/nss/lib/ckfw/builtins/bfind.c
+++ /dev/null
@@ -1,245 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-/*
- * builtins/find.c
- *
- * This file implements the NSSCKMDFindObjects object for the
- * "builtin objects" cryptoki module.
- */
-
-struct builtinsFOStr {
-  NSSArena *arena;
-  CK_ULONG n;
-  CK_ULONG i;
-  builtinsInternalObject **objs;
-};
-
-static void
-builtins_mdFindObjects_Final
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
-  NSSArena *arena = fo->arena;
-
-  nss_ZFreeIf(fo->objs);
-  nss_ZFreeIf(fo);
-  nss_ZFreeIf(mdFindObjects);
-  if ((NSSArena *)NULL != arena) {
-    NSSArena_Destroy(arena);
-  }
-
-  return;
-}
-
-static NSSCKMDObject *
-builtins_mdFindObjects_Next
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
-  builtinsInternalObject *io;
-
-  if( fo->i == fo->n ) {
-    *pError = CKR_OK;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  io = fo->objs[ fo->i ];
-  fo->i++;
-
-  return nss_builtins_CreateMDObject(arena, io, pError);
-}
-
-static CK_BBOOL
-builtins_attrmatch
-(
-  CK_ATTRIBUTE_PTR a,
-  const NSSItem *b
-)
-{
-  PRBool prb;
-
-  if( a->ulValueLen != b->size ) {
-    return CK_FALSE;
-  }
-
-  prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
-
-  if( PR_TRUE == prb ) {
-    return CK_TRUE;
-  } else {
-    return CK_FALSE;
-  }
-}
-
-
-static CK_BBOOL
-builtins_match
-(
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  builtinsInternalObject *o
-)
-{
-  CK_ULONG i;
-
-  for( i = 0; i < ulAttributeCount; i++ ) {
-    CK_ULONG j;
-
-    for( j = 0; j < o->n; j++ ) {
-      if( o->types[j] == pTemplate[i].type ) {
-        if( CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j]) ) {
-          return CK_FALSE;
-        } else {
-          break;
-        }
-      }
-    }
-
-    if( j == o->n ) {
-      /* Loop ran to the end: no matching attribute */
-      return CK_FALSE;
-    }
-  }
-
-  /* Every attribute passed */
-  return CK_TRUE;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
-  NSSCKFWSession *fwSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  /* This could be made more efficient.  I'm rather rushed. */
-  NSSArena *arena;
-  NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
-  struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
-  builtinsInternalObject **temp = (builtinsInternalObject **)NULL;
-  PRUint32 i;
-
-  arena = NSSArena_Create();
-  if( (NSSArena *)NULL == arena ) {
-    goto loser;
-  }
-
-  rv = nss_ZNEW(arena, NSSCKMDFindObjects);
-  if( (NSSCKMDFindObjects *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  fo = nss_ZNEW(arena, struct builtinsFOStr);
-  if( (struct builtinsFOStr *)NULL == fo ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  fo->arena = arena;
-  /* fo->n and fo->i are already zero */
-
-  rv->etc = (void *)fo;
-  rv->Final = builtins_mdFindObjects_Final;
-  rv->Next = builtins_mdFindObjects_Next;
-  rv->null = (void *)NULL;
-
-  temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *, 
-                       nss_builtins_nObjects);
-  if( (builtinsInternalObject **)NULL == temp ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  for( i = 0; i < nss_builtins_nObjects; i++ ) {
-    builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
-
-    if( CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o) ) {
-      temp[ fo->n ] = o;
-      fo->n++;
-    }
-  }
-
-  fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
-  if( (builtinsInternalObject **)NULL == fo->objs ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
-  nss_ZFreeIf(temp);
-  temp = (builtinsInternalObject **)NULL;
-
-  return rv;
-
- loser:
-  nss_ZFreeIf(temp);
-  nss_ZFreeIf(fo);
-  nss_ZFreeIf(rv);
-  if ((NSSArena *)NULL != arena) {
-     NSSArena_Destroy(arena);
-  }
-  return (NSSCKMDFindObjects *)NULL;
-}
-
diff --git a/security/nss/lib/ckfw/builtins/binst.c b/security/nss/lib/ckfw/builtins/binst.c
deleted file mode 100644
index e97c0d4bf..000000000
--- a/security/nss/lib/ckfw/builtins/binst.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/instance.c
- *
- * This file implements the NSSCKMDInstance object for the 
- * "builtin objects" cryptoki module.
- */
-
-/*
- * NSSCKMDInstance methods
- */
-
-static CK_ULONG
-builtins_mdInstance_GetNSlots
-(
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (CK_ULONG)1;
-}
-
-static CK_VERSION
-builtins_mdInstance_GetCryptokiVersion
-(
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return nss_builtins_CryptokiVersion;
-}
-
-static NSSUTF8 *
-builtins_mdInstance_GetManufacturerID
-(
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static NSSUTF8 *
-builtins_mdInstance_GetLibraryDescription
-(
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_LibraryDescription;
-}
-
-static CK_VERSION
-builtins_mdInstance_GetLibraryVersion
-(
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return nss_builtins_LibraryVersion;
-}
-
-static CK_RV
-builtins_mdInstance_GetSlots
-(
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSCKMDSlot *slots[]
-)
-{
-  slots[0] = (NSSCKMDSlot *)&nss_builtins_mdSlot;
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDInstance
-nss_builtins_mdInstance = {
-  (void *)NULL, /* etc */
-  NULL, /* Initialize */
-  NULL, /* Finalize */
-  builtins_mdInstance_GetNSlots,
-  builtins_mdInstance_GetCryptokiVersion,
-  builtins_mdInstance_GetManufacturerID,
-  builtins_mdInstance_GetLibraryDescription,
-  builtins_mdInstance_GetLibraryVersion,
-  NULL, /* ModuleHandlesSessionObjects -- defaults to false */
-  builtins_mdInstance_GetSlots,
-  NULL, /* WaitForSlotEvent */
-  (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/bobject.c b/security/nss/lib/ckfw/builtins/bobject.c
deleted file mode 100644
index 0fff19932..000000000
--- a/security/nss/lib/ckfw/builtins/bobject.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/object.c
- *
- * This file implements the NSSCKMDObject object for the
- * "builtin objects" cryptoki module.
- */
-
-/*
- * Finalize - unneeded
- * Destroy - CKR_SESSION_READ_ONLY
- * IsTokenObject - CK_TRUE
- * GetAttributeCount
- * GetAttributeTypes
- * GetAttributeSize
- * GetAttribute
- * SetAttribute - unneeded
- * GetObjectSize
- */
-
-static CK_RV
-builtins_mdObject_Destroy
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return CKR_SESSION_READ_ONLY;
-}
-
-static CK_BBOOL
-builtins_mdObject_IsTokenObject
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return CK_TRUE;
-}
-
-static CK_ULONG
-builtins_mdObject_GetAttributeCount
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
-  return io->n;
-}
-
-static CK_RV
-builtins_mdObject_GetAttributeTypes
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-)
-{
-  builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
-  CK_ULONG i;
-
-  if( io->n != ulCount ) {
-    return CKR_BUFFER_TOO_SMALL;
-  }
-
-  for( i = 0; i < io->n; i++ ) {
-    typeArray[i] = io->types[i];
-  }
-
-  return CKR_OK;
-}
-
-static CK_ULONG
-builtins_mdObject_GetAttributeSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
-  CK_ULONG i;
-
-  for( i = 0; i < io->n; i++ ) {
-    if( attribute == io->types[i] ) {
-      return (CK_ULONG)(io->items[i].size);
-    }
-  }
-
-  *pError = CKR_ATTRIBUTE_TYPE_INVALID;
-  return 0;
-}
-
-static NSSCKFWItem
-builtins_mdObject_GetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  NSSCKFWItem mdItem;
-  builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
-  CK_ULONG i;
-
-  mdItem.needsFreeing = PR_FALSE;
-  mdItem.item = (NSSItem*) NULL;
-
-  for( i = 0; i < io->n; i++ ) {
-    if( attribute == io->types[i] ) {
-      mdItem.item = (NSSItem*) &io->items[i];
-      return mdItem;
-    }
-  }
-
-  *pError = CKR_ATTRIBUTE_TYPE_INVALID;
-  return mdItem;
-}
-
-static CK_ULONG
-builtins_mdObject_GetObjectSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
-  CK_ULONG i;
-  CK_ULONG rv = sizeof(CK_ULONG);
-
-  for( i = 0; i < io->n; i++ ) {
-    rv += sizeof(CK_ATTRIBUTE_TYPE) + sizeof(NSSItem) + io->items[i].size;
-  }
-
-  return rv;
-}
-
-static const NSSCKMDObject
-builtins_prototype_mdObject = {
-  (void *)NULL, /* etc */
-  NULL, /* Finalize */
-  builtins_mdObject_Destroy,
-  builtins_mdObject_IsTokenObject,
-  builtins_mdObject_GetAttributeCount,
-  builtins_mdObject_GetAttributeTypes,
-  builtins_mdObject_GetAttributeSize,
-  builtins_mdObject_GetAttribute,
-  NULL, /* FreeAttribute */
-  NULL, /* SetAttribute */
-  builtins_mdObject_GetObjectSize,
-  (void *)NULL /* null terminator */
-};
-
-NSS_IMPLEMENT NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
-  NSSArena *arena,
-  builtinsInternalObject *io,
-  CK_RV *pError
-)
-{
-  if ( (void*)NULL == io->mdObject.etc) {
-    (void) nsslibc_memcpy(&io->mdObject,&builtins_prototype_mdObject,
-					sizeof(builtins_prototype_mdObject));
-    io->mdObject.etc = (void *)io;
-  }
-
-  return &io->mdObject;
-}
diff --git a/security/nss/lib/ckfw/builtins/bsession.c b/security/nss/lib/ckfw/builtins/bsession.c
deleted file mode 100644
index e8d7f7522..000000000
--- a/security/nss/lib/ckfw/builtins/bsession.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/session.c
- *
- * This file implements the NSSCKMDSession object for the 
- * "builtin objects" cryptoki module.
- */
-
-static NSSCKMDFindObjects *
-builtins_mdSession_FindObjectsInit
-(
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  return nss_builtins_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
-}
-
-NSS_IMPLEMENT NSSCKMDSession *
-nss_builtins_CreateSession
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-)
-{
-  NSSArena *arena;
-  NSSCKMDSession *rv;
-
-  arena = NSSCKFWSession_GetArena(fwSession, pError);
-  if( (NSSArena *)NULL == arena ) {
-    return (NSSCKMDSession *)NULL;
-  }
-
-  rv = nss_ZNEW(arena, NSSCKMDSession);
-  if( (NSSCKMDSession *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDSession *)NULL;
-  }
-
-  /* 
-   * rv was zeroed when allocated, so we only 
-   * need to set the non-zero members.
-   */
-
-  rv->etc = (void *)fwSession;
-  /* rv->Close */
-  /* rv->GetDeviceError */
-  /* rv->Login */
-  /* rv->Logout */
-  /* rv->InitPIN */
-  /* rv->SetPIN */
-  /* rv->GetOperationStateLen */
-  /* rv->GetOperationState */
-  /* rv->SetOperationState */
-  /* rv->CreateObject */
-  /* rv->CopyObject */
-  rv->FindObjectsInit = builtins_mdSession_FindObjectsInit;
-  /* rv->SeedRandom */
-  /* rv->GetRandom */
-  /* rv->null */
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/builtins/bslot.c b/security/nss/lib/ckfw/builtins/bslot.c
deleted file mode 100644
index 1a2df9e70..000000000
--- a/security/nss/lib/ckfw/builtins/bslot.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/slot.c
- *
- * This file implements the NSSCKMDSlot object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSUTF8 *
-builtins_mdSlot_GetSlotDescription
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_SlotDescription;
-}
-
-static NSSUTF8 *
-builtins_mdSlot_GetManufacturerID
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static CK_VERSION
-builtins_mdSlot_GetHardwareVersion
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return nss_builtins_HardwareVersion;
-}
-
-static CK_VERSION
-builtins_mdSlot_GetFirmwareVersion
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return nss_builtins_FirmwareVersion;
-}
-
-static NSSCKMDToken *
-builtins_mdSlot_GetToken
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSCKMDToken *)&nss_builtins_mdToken;
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDSlot
-nss_builtins_mdSlot = {
-  (void *)NULL, /* etc */
-  NULL, /* Initialize */
-  NULL, /* Destroy */
-  builtins_mdSlot_GetSlotDescription,
-  builtins_mdSlot_GetManufacturerID,
-  NULL, /* GetTokenPresent -- defaults to true */
-  NULL, /* GetRemovableDevice -- defaults to false */
-  NULL, /* GetHardwareSlot -- defaults to false */
-  builtins_mdSlot_GetHardwareVersion,
-  builtins_mdSlot_GetFirmwareVersion,
-  builtins_mdSlot_GetToken,
-  (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/btoken.c b/security/nss/lib/ckfw/builtins/btoken.c
deleted file mode 100644
index ddf068e8e..000000000
--- a/security/nss/lib/ckfw/builtins/btoken.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/token.c
- *
- * This file implements the NSSCKMDToken object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSUTF8 *
-builtins_mdToken_GetLabel
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_TokenLabel;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetManufacturerID
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetModel
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_TokenModel;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetSerialNumber
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return (NSSUTF8 *)nss_builtins_TokenSerialNumber;
-}
-
-static CK_BBOOL
-builtins_mdToken_GetIsWriteProtected
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return CK_TRUE;
-}
-
-static CK_VERSION
-builtins_mdToken_GetHardwareVersion
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return nss_builtins_HardwareVersion;
-}
-
-static CK_VERSION
-builtins_mdToken_GetFirmwareVersion
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return nss_builtins_FirmwareVersion;
-}
-
-static NSSCKMDSession *
-builtins_mdToken_OpenSession
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWSession *fwSession,
-  CK_BBOOL rw,
-  CK_RV *pError
-)
-{
-  return nss_builtins_CreateSession(fwSession, pError);
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDToken
-nss_builtins_mdToken = {
-  (void *)NULL, /* etc */
-  NULL, /* Setup */
-  NULL, /* Invalidate */
-  NULL, /* InitToken -- default errs */
-  builtins_mdToken_GetLabel,
-  builtins_mdToken_GetManufacturerID,
-  builtins_mdToken_GetModel,
-  builtins_mdToken_GetSerialNumber,
-  NULL, /* GetHasRNG -- default is false */
-  builtins_mdToken_GetIsWriteProtected,
-  NULL, /* GetLoginRequired -- default is false */
-  NULL, /* GetUserPinInitialized -- default is false */
-  NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
-  NULL, /* GetHasClockOnToken -- default is false */
-  NULL, /* GetHasProtectedAuthenticationPath -- default is false */
-  NULL, /* GetSupportsDualCryptoOperations -- default is false */
-  NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
-  NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
-  NULL, /* GetMaxPinLen -- irrelevant */
-  NULL, /* GetMinPinLen -- irrelevant */
-  NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
-  NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
-  NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
-  NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
-  builtins_mdToken_GetHardwareVersion,
-  builtins_mdToken_GetFirmwareVersion,
-  NULL, /* GetUTCTime -- no clock */
-  builtins_mdToken_OpenSession,
-  NULL, /* GetMechanismCount -- default is zero */
-  NULL, /* GetMechanismTypes -- irrelevant */
-  NULL, /* GetMechanism -- irrelevant */
-  (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/builtins.h b/security/nss/lib/ckfw/builtins/builtins.h
deleted file mode 100644
index e53826fed..000000000
--- a/security/nss/lib/ckfw/builtins/builtins.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char BUILTINS_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "nssckmdt.h"
-#include "nssckfw.h"
-
-/*
- * I'm including this for access to the arena functions.
- * Looks like we should publish that API.
- */
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This is where the Netscape extensions live, at least for now.
- */
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-struct builtinsInternalObjectStr {
-  CK_ULONG n;
-  const CK_ATTRIBUTE_TYPE *types;
-  const NSSItem *items;
-  NSSCKMDObject mdObject;
-};
-typedef struct builtinsInternalObjectStr builtinsInternalObject;
-
-NSS_EXTERN_DATA builtinsInternalObject nss_builtins_data[];
-NSS_EXTERN_DATA const PRUint32               nss_builtins_nObjects;
-
-NSS_EXTERN_DATA const CK_VERSION   nss_builtins_CryptokiVersion;
-NSS_EXTERN_DATA const NSSUTF8 *    nss_builtins_ManufacturerID;
-NSS_EXTERN_DATA const NSSUTF8 *    nss_builtins_LibraryDescription;
-NSS_EXTERN_DATA const CK_VERSION   nss_builtins_LibraryVersion;
-NSS_EXTERN_DATA const NSSUTF8 *    nss_builtins_SlotDescription;
-NSS_EXTERN_DATA const CK_VERSION   nss_builtins_HardwareVersion;
-NSS_EXTERN_DATA const CK_VERSION   nss_builtins_FirmwareVersion;
-NSS_EXTERN_DATA const NSSUTF8 *    nss_builtins_TokenLabel;
-NSS_EXTERN_DATA const NSSUTF8 *    nss_builtins_TokenModel;
-NSS_EXTERN_DATA const NSSUTF8 *    nss_builtins_TokenSerialNumber;
-
-NSS_EXTERN_DATA const NSSCKMDInstance nss_builtins_mdInstance;
-NSS_EXTERN_DATA const NSSCKMDSlot     nss_builtins_mdSlot;
-NSS_EXTERN_DATA const NSSCKMDToken    nss_builtins_mdToken;
-
-NSS_EXTERN NSSCKMDSession *
-nss_builtins_CreateSession
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
-  NSSCKFWSession *fwSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
-  NSSArena *arena,
-  builtinsInternalObject *io,
-  CK_RV *pError
-);
diff --git a/security/nss/lib/ckfw/builtins/certdata.c b/security/nss/lib/ckfw/builtins/certdata.c
deleted file mode 100644
index 5f6e9bc51..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.c
+++ /dev/null
@@ -1,8084 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST;
-static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID;
-static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
-static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR;
-static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509;
-static const CK_OBJECT_CLASS cko_data = CKO_DATA;
-static const CK_BBOOL ck_false = CK_FALSE;
-static const CK_BBOOL ck_true = CK_TRUE;
-static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
-#ifdef DEBUG
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_0 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_APPLICATION,  CKA_VALUE
-};
-#endif /* DEBUG */
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_1 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_2 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_3 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_4 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_5 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_6 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_7 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_8 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_9 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_10 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_11 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_12 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_13 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_14 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_15 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_16 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_17 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_18 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_19 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_20 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_21 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_22 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_23 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_24 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_25 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_26 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_27 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_28 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_29 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_30 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_31 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_32 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_33 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_34 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_35 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_36 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_37 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_38 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_39 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_40 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_41 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_42 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_43 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_44 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_45 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_46 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_47 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_48 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_49 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_50 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_51 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_52 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_53 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_54 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_55 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_56 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_57 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_58 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_59 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_60 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_61 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_62 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_63 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_64 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_65 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_66 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_67 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_68 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_69 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_70 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_71 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_72 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_73 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_74 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_75 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_76 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_77 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_78 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_79 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_80 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_81 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_82 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_83 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_84 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_85 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_86 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_87 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_88 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_89 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_90 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_91 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_92 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_93 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_94 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_95 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_96 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_97 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_98 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_99 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_100 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_101 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_102 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_103 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_104 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_105 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_106 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_107 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_108 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_109 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_110 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_111 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_112 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_113 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_114 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_115 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_116 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_117 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_118 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_119 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_120 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_121 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_122 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_123 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_124 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_125 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_126 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_127 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_128 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERTIFICATE_TYPE,  CKA_SUBJECT,  CKA_ID,  CKA_ISSUER,  CKA_SERIAL_NUMBER,  CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_129 [] = {
- CKA_CLASS,  CKA_TOKEN,  CKA_PRIVATE,  CKA_MODIFIABLE,  CKA_LABEL,  CKA_CERT_SHA1_HASH,  CKA_CERT_MD5_HASH,  CKA_TRUST_SERVER_AUTH,  CKA_TRUST_EMAIL_PROTECTION,  CKA_TRUST_CODE_SIGNING
-};
-#ifdef DEBUG
-static const NSSItem nss_builtins_items_0 [] = {
-  { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"CVS ID", (PRUint32)7 },
-  { (void *)"NSS", (PRUint32)4 },
-  { (void *)"@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$", (PRUint32)184 }
-};
-#endif /* DEBUG */
-static const NSSItem nss_builtins_items_1 [] = {
-  { (void *)&cko_netscape_builtin_root_list, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Mozilla Builtin Roots", (PRUint32)22 }
-};
-static const NSSItem nss_builtins_items_2 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign/RSA Secure Server CA", (PRUint32)30 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300"
-, (PRUint32)16 },
-  { (void *)"\060\202\002\064\060\202\001\241\002\020\002\255\146\176\116\105"
-"\376\136\127\157\074\230\031\136\335\300\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004"
-"\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143\165"
-"\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006\003"
-"\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\064"
-"\061\061\060\071\060\060\060\060\060\060\132\027\015\061\060\060"
-"\061\060\067\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125"
-"\004\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143"
-"\165\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006"
-"\003\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162"
-"\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\233\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\211"
-"\000\060\201\205\002\176\000\222\316\172\301\256\203\076\132\252"
-"\211\203\127\254\045\001\166\014\255\256\216\054\067\316\353\065"
-"\170\144\124\003\345\204\100\121\311\277\217\010\342\212\202\010"
-"\322\026\206\067\125\351\261\041\002\255\166\150\201\232\005\242"
-"\113\311\113\045\146\042\126\154\210\007\217\367\201\131\155\204"
-"\007\145\160\023\161\166\076\233\167\114\343\120\211\126\230\110"
-"\271\035\247\051\032\023\056\112\021\131\234\036\025\325\111\124"
-"\054\163\072\151\202\261\227\071\234\155\160\147\110\345\335\055"
-"\326\310\036\173\002\003\001\000\001\060\015\006\011\052\206\110"
-"\206\367\015\001\001\002\005\000\003\176\000\145\335\176\341\262"
-"\354\260\342\072\340\354\161\106\232\031\021\270\323\307\240\264"
-"\003\100\046\002\076\011\234\341\022\263\321\132\366\067\245\267"
-"\141\003\266\133\026\151\073\306\104\010\014\210\123\014\153\227"
-"\111\307\076\065\334\154\271\273\252\337\134\273\072\057\223\140"
-"\266\251\113\115\362\040\367\315\137\177\144\173\216\334\000\134"
-"\327\372\167\312\071\026\131\157\016\352\323\265\203\177\115\115"
-"\102\126\166\264\311\137\004\370\070\370\353\322\137\165\137\315"
-"\173\374\345\216\200\174\374\120"
-, (PRUint32)568 }
-};
-static const NSSItem nss_builtins_items_3 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign/RSA Secure Server CA", (PRUint32)30 },
-  { (void *)"\104\143\305\061\327\314\301\000\147\224\141\053\266\126\323\277"
-"\202\127\204\157"
-, (PRUint32)20 },
-  { (void *)"\164\173\202\003\103\360\000\236\153\263\354\107\277\205\245\223"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_4 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
-  { (void *)"\001\243"
-, (PRUint32)2 },
-  { (void *)"\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157"
-"\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061"
-"\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060"
-"\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006"
-"\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257"
-"\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215"
-"\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373"
-"\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014"
-"\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114"
-"\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011"
-"\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371"
-"\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143"
-"\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263"
-"\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043"
-"\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352"
-"\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245"
-"\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276"
-"\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131"
-"\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162"
-"\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351"
-"\264\172\341\345\132\037\204\060\234\323\237\245\045\330"
-, (PRUint32)510 }
-};
-static const NSSItem nss_builtins_items_5 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
-  { (void *)"\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274"
-"\145\246\211\144"
-, (PRUint32)20 },
-  { (void *)"\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130"
-, (PRUint32)16 },
-  { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
-  { (void *)"\001\243"
-, (PRUint32)2 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_6 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
-  { (void *)"\001\245"
-, (PRUint32)2 },
-  { (void *)"\060\202\002\132\060\202\001\303\002\002\001\245\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\165\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\047\060\045\006\003\125\004\013\023\036\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\123\157"
-"\154\165\164\151\157\156\163\054\040\111\156\143\056\061\043\060"
-"\041\006\003\125\004\003\023\032\107\124\105\040\103\171\142\145"
-"\162\124\162\165\163\164\040\107\154\157\142\141\154\040\122\157"
-"\157\164\060\036\027\015\071\070\060\070\061\063\060\060\062\071"
-"\060\060\132\027\015\061\070\060\070\061\063\062\063\065\071\060"
-"\060\132\060\165\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006"
-"\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040"
-"\111\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154"
-"\157\142\141\154\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\225\017\240\266\360\120\234\350\172\307"
-"\210\315\335\027\016\056\260\224\320\033\075\016\366\224\300\212"
-"\224\307\006\310\220\227\310\270\144\032\172\176\154\074\123\341"
-"\067\050\163\140\177\262\227\123\007\237\123\371\155\130\224\322"
-"\257\215\155\210\147\200\346\355\262\225\317\162\061\312\245\034"
-"\162\272\134\002\347\144\102\347\371\251\054\326\072\015\254\215"
-"\102\252\044\001\071\346\234\077\001\205\127\015\130\207\105\370"
-"\323\205\252\223\151\046\205\160\110\200\077\022\025\307\171\264"
-"\037\005\057\073\142\231\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\155\353"
-"\033\011\351\136\331\121\333\147\042\141\244\052\074\110\167\343"
-"\240\174\246\336\163\242\024\003\205\075\373\253\016\060\305\203"
-"\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175"
-"\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331"
-"\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277"
-"\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017"
-"\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117"
-"\037\042\265\315\225\255\272\247\314\371\253\013\172\177"
-, (PRUint32)606 }
-};
-static const NSSItem nss_builtins_items_7 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
-  { (void *)"\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061"
-"\066\176\364\164"
-, (PRUint32)20 },
-  { (void *)"\312\075\323\150\361\003\134\320\062\372\270\053\131\350\132\333"
-, (PRUint32)16 },
-  { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
-  { (void *)"\001\245"
-, (PRUint32)2 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_8 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Personal Basic CA", (PRUint32)25 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\041\060\202\002\212\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151\143"
-"\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015\001"
-"\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141\163"
-"\151\143\100\164\150\141\167\164\145\056\143\157\155\060\036\027"
-"\015\071\066\060\061\060\061\060\060\060\060\060\060\132\027\015"
-"\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\313"
-"\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060"
-"\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040"
-"\103\141\160\145\061\022\060\020\006\003\125\004\007\023\011\103"
-"\141\160\145\040\124\157\167\156\061\032\060\030\006\003\125\004"
-"\012\023\021\124\150\141\167\164\145\040\103\157\156\163\165\154"
-"\164\151\156\147\061\050\060\046\006\003\125\004\013\023\037\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162"
-"\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061\041"
-"\060\037\006\003\125\004\003\023\030\124\150\141\167\164\145\040"
-"\120\145\162\163\157\156\141\154\040\102\141\163\151\143\040\103"
-"\101\061\050\060\046\006\011\052\206\110\206\367\015\001\011\001"
-"\026\031\160\145\162\163\157\156\141\154\055\142\141\163\151\143"
-"\100\164\150\141\167\164\145\056\143\157\155\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\274\274\223\123\155\300\120\117"
-"\202\025\346\110\224\065\246\132\276\157\102\372\017\107\356\167"
-"\165\162\335\215\111\233\226\127\240\170\324\312\077\121\263\151"
-"\013\221\166\027\042\007\227\152\304\121\223\113\340\215\357\067"
-"\225\241\014\115\332\064\220\035\027\211\227\340\065\070\127\112"
-"\300\364\010\160\351\074\104\173\120\176\141\232\220\343\043\323"
-"\210\021\106\047\365\013\007\016\273\335\321\177\040\012\210\271"
-"\126\013\056\034\200\332\361\343\236\051\357\024\275\012\104\373"
-"\033\133\030\321\277\043\223\041\002\003\001\000\001\243\023\060"
-"\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001"
-"\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\055\342\231\153\260\075\172\211\327\131\242"
-"\224\001\037\053\335\022\113\123\302\255\177\252\247\000\134\221"
-"\100\127\045\112\070\252\204\160\271\331\200\017\245\173\134\373"
-"\163\306\275\327\212\141\134\003\343\055\047\250\027\340\204\205"
-"\102\334\136\233\306\267\262\155\273\164\257\344\077\313\247\267"
-"\260\340\135\276\170\203\045\224\322\333\201\017\171\007\155\117"
-"\364\071\025\132\122\001\173\336\062\326\115\070\366\022\134\006"
-"\120\337\005\133\275\024\113\241\337\051\272\073\101\215\367\143"
-"\126\241\337\042\261"
-, (PRUint32)805 }
-};
-static const NSSItem nss_builtins_items_9 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Personal Basic CA", (PRUint32)25 },
-  { (void *)"\100\347\214\035\122\075\034\331\225\117\254\032\032\263\275\074"
-"\272\241\133\374"
-, (PRUint32)20 },
-  { (void *)"\346\013\322\311\312\055\210\333\032\161\016\113\170\353\002\101"
-, (PRUint32)16 },
-  { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_10 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Personal Premium CA", (PRUint32)27 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155\151"
-"\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206\367"
-"\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055\160"
-"\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143\157"
-"\155\060\036\027\015\071\066\060\061\060\061\060\060\060\060\060"
-"\060\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071"
-"\132\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132"
-"\101\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164"
-"\145\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004"
-"\007\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030"
-"\006\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157"
-"\156\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004"
-"\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151"
-"\157\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141"
-"\167\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145"
-"\155\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110"
-"\206\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154"
-"\055\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056"
-"\143\157\155\060\201\237\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000"
-"\311\146\331\370\007\104\317\271\214\056\360\241\357\023\105\154"
-"\005\337\336\047\026\121\066\101\021\154\154\073\355\376\020\175"
-"\022\236\345\233\102\232\376\140\061\303\146\267\163\072\110\256"
-"\116\320\062\067\224\210\265\015\266\331\363\362\104\331\325\210"
-"\022\335\166\115\362\032\374\157\043\036\172\361\330\230\105\116"
-"\007\020\357\026\102\320\103\165\155\112\336\342\252\311\061\377"
-"\037\000\160\174\146\317\020\045\010\272\372\356\000\351\106\003"
-"\146\047\021\025\073\252\133\362\230\335\066\102\262\332\210\165"
-"\002\003\001\000\001\243\023\060\021\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\003\201\201\000\151\066\211"
-"\367\064\052\063\162\057\155\073\324\042\262\270\157\232\305\066"
-"\146\016\033\074\241\261\165\132\346\375\065\323\370\250\362\007"
-"\157\205\147\216\336\053\271\342\027\260\072\240\360\016\242\000"
-"\232\337\363\024\025\156\273\310\205\132\230\200\371\377\276\164"
-"\035\075\363\376\060\045\321\067\064\147\372\245\161\171\060\141"
-"\051\162\300\340\054\114\373\126\344\072\250\157\345\062\131\122"
-"\333\165\050\120\131\014\370\013\031\344\254\331\257\226\215\057"
-"\120\333\007\303\352\037\253\063\340\365\053\061\211"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_11 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Personal Premium CA", (PRUint32)27 },
-  { (void *)"\066\206\065\143\375\121\050\307\276\246\360\005\317\351\264\066"
-"\150\010\154\316"
-, (PRUint32)20 },
-  { (void *)"\072\262\336\042\232\040\223\111\371\355\310\322\212\347\150\015"
-, (PRUint32)16 },
-  { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_12 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\055\060\202\002\226\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145\155"
-"\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110\206"
-"\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154\055"
-"\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145\056"
-"\143\157\155\060\036\027\015\071\066\060\061\060\061\060\060\060"
-"\060\060\060\132\027\015\062\060\061\062\063\061\062\063\065\071"
-"\065\071\132\060\201\321\061\013\060\011\006\003\125\004\006\023"
-"\002\132\101\061\025\060\023\006\003\125\004\010\023\014\127\145"
-"\163\164\145\162\156\040\103\141\160\145\061\022\060\020\006\003"
-"\125\004\007\023\011\103\141\160\145\040\124\157\167\156\061\032"
-"\060\030\006\003\125\004\012\023\021\124\150\141\167\164\145\040"
-"\103\157\156\163\165\154\164\151\156\147\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\044\060\042\006\003\125\004\003\023\033\124"
-"\150\141\167\164\145\040\120\145\162\163\157\156\141\154\040\106"
-"\162\145\145\155\141\151\154\040\103\101\061\053\060\051\006\011"
-"\052\206\110\206\367\015\001\011\001\026\034\160\145\162\163\157"
-"\156\141\154\055\146\162\145\145\155\141\151\154\100\164\150\141"
-"\167\164\145\056\143\157\155\060\201\237\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211"
-"\002\201\201\000\324\151\327\324\260\224\144\133\161\351\107\330"
-"\014\121\266\352\162\221\260\204\136\175\055\015\217\173\022\337"
-"\205\045\165\050\164\072\102\054\143\047\237\225\173\113\357\176"
-"\031\207\035\206\352\243\335\271\316\226\144\032\302\024\156\104"
-"\254\174\346\217\350\115\017\161\037\100\070\246\000\243\207\170"
-"\366\371\224\206\136\255\352\300\136\166\353\331\024\243\135\156"
-"\172\174\014\245\113\125\177\006\031\051\177\236\232\046\325\152"
-"\273\070\044\010\152\230\307\261\332\243\230\221\375\171\333\345"
-"\132\304\034\271\002\003\001\000\001\243\023\060\021\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201"
-"\000\307\354\222\176\116\370\365\226\245\147\142\052\244\360\115"
-"\021\140\320\157\215\140\130\141\254\046\273\122\065\134\010\317"
-"\060\373\250\112\226\212\037\142\102\043\214\027\017\364\272\144"
-"\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254"
-"\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232"
-"\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163"
-"\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246"
-"\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242"
-"\201"
-, (PRUint32)817 }
-};
-static const NSSItem nss_builtins_items_13 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
-  { (void *)"\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207"
-"\244\353\000\205"
-, (PRUint32)20 },
-  { (void *)"\036\164\303\206\074\014\065\305\076\302\177\357\074\252\074\331"
-, (PRUint32)16 },
-  { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_14 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Server CA", (PRUint32)17 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\023\060\202\002\174\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003"
-"\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125"
-"\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163"
-"\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124\150"
-"\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061\046"
-"\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027\163"
-"\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141\167"
-"\164\145\056\143\157\155\060\036\027\015\071\066\060\070\060\061"
-"\060\060\060\060\060\060\132\027\015\062\060\061\062\063\061\062"
-"\063\065\071\065\071\132\060\201\304\061\013\060\011\006\003\125"
-"\004\006\023\002\132\101\061\025\060\023\006\003\125\004\010\023"
-"\014\127\145\163\164\145\162\156\040\103\141\160\145\061\022\060"
-"\020\006\003\125\004\007\023\011\103\141\160\145\040\124\157\167"
-"\156\061\035\060\033\006\003\125\004\012\023\024\124\150\141\167"
-"\164\145\040\103\157\156\163\165\154\164\151\156\147\040\143\143"
-"\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145"
-"\163\040\104\151\166\151\163\151\157\156\061\031\060\027\006\003"
-"\125\004\003\023\020\124\150\141\167\164\145\040\123\145\162\166"
-"\145\162\040\103\101\061\046\060\044\006\011\052\206\110\206\367"
-"\015\001\011\001\026\027\163\145\162\166\145\162\055\143\145\162"
-"\164\163\100\164\150\141\167\164\145\056\143\157\155\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\323\244\120\156\310\377"
-"\126\153\346\317\135\266\352\014\150\165\107\242\252\302\332\204"
-"\045\374\250\364\107\121\332\205\265\040\164\224\206\036\017\165"
-"\311\351\010\141\365\006\155\060\156\025\031\002\351\122\300\142"
-"\333\115\231\236\342\152\014\104\070\315\376\276\343\144\011\160"
-"\305\376\261\153\051\266\057\111\310\073\324\047\004\045\020\227"
-"\057\347\220\155\300\050\102\231\327\114\103\336\303\365\041\155"
-"\124\237\135\303\130\341\300\344\331\133\260\270\334\264\173\337"
-"\066\072\302\265\146\042\022\326\207\015\002\003\001\000\001\243"
-"\023\060\021\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\007\372\114\151\134\373\225\314\106"
-"\356\205\203\115\041\060\216\312\331\250\157\111\032\346\332\121"
-"\343\140\160\154\204\141\021\241\032\310\110\076\131\103\175\117"
-"\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236"
-"\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212"
-"\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325"
-"\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131"
-"\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274"
-"\243\377\212\043\056\160\107"
-, (PRUint32)791 }
-};
-static const NSSItem nss_builtins_items_15 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Server CA", (PRUint32)17 },
-  { (void *)"\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243"
-"\365\330\213\214"
-, (PRUint32)20 },
-  { (void *)"\305\160\304\242\355\123\170\014\310\020\123\201\144\313\320\035"
-, (PRUint32)16 },
-  { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_16 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Premium Server CA", (PRUint32)25 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\047\060\202\002\220\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003"
-"\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125"
-"\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163"
-"\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124\150"
-"\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145\162"
-"\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110\206"
-"\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055\163"
-"\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157\155"
-"\060\036\027\015\071\066\060\070\060\061\060\060\060\060\060\060"
-"\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071\132"
-"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\322\066"
-"\066\152\213\327\302\133\236\332\201\101\142\217\070\356\111\004"
-"\125\326\320\357\034\033\225\026\107\357\030\110\065\072\122\364"
-"\053\152\006\217\073\057\352\126\343\257\206\215\236\027\367\236"
-"\264\145\165\002\115\357\313\011\242\041\121\330\233\320\147\320"
-"\272\015\222\006\024\163\324\223\313\227\052\000\234\134\116\014"
-"\274\372\025\122\374\362\104\156\332\021\112\156\010\237\057\055"
-"\343\371\252\072\206\163\266\106\123\130\310\211\005\275\203\021"
-"\270\163\077\252\007\215\364\102\115\347\100\235\034\067\002\003"
-"\001\000\001\243\023\060\021\060\017\006\003\125\035\023\001\001"
-"\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206"
-"\367\015\001\001\004\005\000\003\201\201\000\046\110\054\026\302"
-"\130\372\350\026\164\014\252\252\137\124\077\362\327\311\170\140"
-"\136\136\156\067\143\042\167\066\176\262\027\304\064\271\365\010"
-"\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106"
-"\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274"
-"\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114"
-"\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310"
-"\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047"
-"\246\015\246\043\371\273\313\246\007\024\102"
-, (PRUint32)811 }
-};
-static const NSSItem nss_builtins_items_17 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Premium Server CA", (PRUint32)25 },
-  { (void *)"\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263"
-"\363\076\372\232"
-, (PRUint32)20 },
-  { (void *)"\006\237\151\171\026\146\220\002\033\214\214\242\303\007\157\072"
-, (PRUint32)16 },
-  { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_18 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure CA", (PRUint32)18 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
-  { (void *)"\065\336\364\317"
-, (PRUint32)4 },
-  { (void *)"\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\065"
-"\336\364\317\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\036\027\015\071\070\060\070\062\062\061\066\064\061"
-"\065\061\132\027\015\061\070\060\070\062\062\061\066\064\061\065"
-"\061\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\301"
-"\135\261\130\147\010\142\356\240\232\055\037\010\155\221\024\150"
-"\230\012\036\376\332\004\157\023\204\142\041\303\321\174\316\237"
-"\005\340\270\001\360\116\064\354\342\212\225\004\144\254\361\153"
-"\123\137\005\263\313\147\200\277\102\002\216\376\335\001\011\354"
-"\341\000\024\117\374\373\360\014\335\103\272\133\053\341\037\200"
-"\160\231\025\127\223\026\361\017\227\152\267\302\150\043\034\314"
-"\115\131\060\254\121\036\073\257\053\326\356\143\105\173\305\331"
-"\137\120\322\343\120\017\072\210\347\277\024\375\340\307\271\002"
-"\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003"
-"\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060"
-"\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\020"
-"\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141\170"
-"\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151\146"
-"\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151\146"
-"\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061"
-"\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032"
-"\006\003\125\035\020\004\023\060\021\201\017\062\060\061\070\060"
-"\070\062\062\061\066\064\061\065\061\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\110\346\150\371\053\322\262\225\327\107\330\043"
-"\040\020\117\063\230\220\237\324\060\035\006\003\125\035\016\004"
-"\026\004\024\110\346\150\371\053\322\262\225\327\107\330\043\040"
-"\020\117\063\230\220\237\324\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007"
-"\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006"
-"\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\201\201\000\130\316\051\352\374\367\336\265\316\002\271\027"
-"\265\205\321\271\343\340\225\314\045\061\015\000\246\222\156\177"
-"\266\222\143\236\120\225\321\232\157\344\021\336\143\205\156\230"
-"\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075"
-"\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265"
-"\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141"
-"\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041"
-"\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117"
-"\254\007\167\070"
-, (PRUint32)804 }
-};
-static const NSSItem nss_builtins_items_19 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure CA", (PRUint32)18 },
-  { (void *)"\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023"
-"\227\206\143\072"
-, (PRUint32)20 },
-  { (void *)"\147\313\235\300\023\044\212\202\233\262\027\036\321\033\354\324"
-, (PRUint32)16 },
-  { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
-  { (void *)"\065\336\364\317"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_20 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
-  { (void *)"\003"
-, (PRUint32)1 },
-  { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\003"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\063\065\067\064\064\132\027"
-"\015\060\065\061\062\063\061\061\063\065\067\064\064\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\332\070\350\355\062\000"
-"\051\161\203\001\015\277\214\001\334\332\306\255\071\244\251\212"
-"\057\325\213\134\150\137\120\306\142\365\146\275\312\221\042\354"
-"\252\035\121\327\075\263\121\262\203\116\135\313\111\260\360\114"
-"\125\345\153\055\307\205\013\060\034\222\116\202\324\312\002\355"
-"\367\157\276\334\340\343\024\270\005\123\362\232\364\126\213\132"
-"\236\205\223\321\264\202\126\256\115\273\250\113\127\026\274\376"
-"\370\130\236\370\051\215\260\173\315\170\311\117\254\213\147\014"
-"\361\234\373\374\127\233\127\134\117\015\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\211\033\364\357\351\070\342"
-"\154\014\366\315\157\111\316\051\314\373\246\017\371\215\076\225"
-"\106\326\374\107\062\211\262\310\006\141\172\322\347\015\023\002"
-"\224\013\331\213\126\107\364\273\347\305\137\173\364\143\114\256"
-"\174\064\352\015\242\251\263\054\205\363\343\376\047\124\020\222"
-"\260\217\222\301\230\102\030\160\110\333\116\054\353\015\044\150"
-"\344\321\367\276\011\251\051\207\273\350\332\334\076\243\210\102"
-"\061\365\321\343\177\256\330\216\000\132\164\230\260\117\306\377"
-"\043\173\134\163\000\170\311\333\116"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_21 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
-  { (void *)"\312\135\207\155\025\113\162\350\014\357\331\346\353\234\366\215"
-"\002\037\253\354"
-, (PRUint32)20 },
-  { (void *)"\341\351\226\123\167\341\360\070\240\002\253\224\306\225\173\374"
-, (PRUint32)16 },
-  { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
-  { (void *)"\002"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_22 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
-  { (void *)"\004"
-, (PRUint32)1 },
-  { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\063\065\070\064\071\132\027"
-"\015\060\065\061\062\063\061\061\063\065\070\064\071\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\266\264\301\065\005\056"
-"\015\215\354\240\100\152\034\016\047\246\120\222\153\120\033\007"
-"\336\056\347\166\314\340\332\374\204\250\136\214\143\152\053\115"
-"\331\116\002\166\021\301\013\362\215\171\312\000\266\361\260\016"
-"\327\373\244\027\075\257\253\151\172\226\047\277\257\063\241\232"
-"\052\131\252\304\265\067\010\362\022\245\061\266\103\365\062\226"
-"\161\050\050\253\215\050\206\337\273\356\343\014\175\060\326\303"
-"\122\253\217\135\047\234\153\300\243\347\005\153\127\111\104\263"
-"\156\352\144\317\322\216\172\120\167\167\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\204\206\120\142\171\240\047"
-"\341\045\272\011\261\064\017\023\011\355\055\312\243\346\225\371"
-"\060\254\315\027\245\316\075\227\235\354\174\217\046\177\300\141"
-"\312\042\367\221\335\074\066\131\232\233\165\367\274\344\310\355"
-"\354\002\266\042\247\363\054\361\310\222\170\155\266\356\305\050"
-"\354\200\040\117\271\153\010\347\057\247\206\036\175\261\010\237"
-"\124\271\000\067\074\240\330\032\310\226\034\364\062\024\234\071"
-"\225\267\356\360\103\111\302\136\350\313\171\157\123\277\373\111"
-"\212\054\330\113\331\125\362\022\160"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_23 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
-  { (void *)"\227\057\340\037\171\136\221\210\026\371\201\161\176\162\355\040"
-"\241\377\020\143"
-, (PRUint32)20 },
-  { (void *)"\142\253\266\025\112\264\260\026\167\377\256\317\026\026\053\214"
-, (PRUint32)16 },
-  { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
-  { (void *)"\004"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_24 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ABAecom (sub., Am. Bankers Assn.) Root CA", (PRUint32)42 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
-  { (void *)"\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
-  { (void *)"\060\202\003\265\060\202\002\235\240\003\002\001\002\002\021\000"
-"\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060\021"
-"\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164\157"
-"\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101\056"
-"\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006\003"
-"\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122\157"
-"\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206\367"
-"\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147\163"
-"\151\147\164\162\165\163\164\056\143\157\155\060\036\027\015\071"
-"\071\060\067\061\062\061\067\063\063\065\063\132\027\015\060\071"
-"\060\067\060\071\061\067\063\063\065\063\132\060\201\211\061\013"
-"\060\011\006\003\125\004\006\023\002\125\123\061\013\060\011\006"
-"\003\125\004\010\023\002\104\103\061\023\060\021\006\003\125\004"
-"\007\023\012\127\141\163\150\151\156\147\164\157\156\061\027\060"
-"\025\006\003\125\004\012\023\016\101\102\101\056\105\103\117\115"
-"\054\040\111\116\103\056\061\031\060\027\006\003\125\004\003\023"
-"\020\101\102\101\056\105\103\117\115\040\122\157\157\164\040\103"
-"\101\061\044\060\042\006\011\052\206\110\206\367\015\001\011\001"
-"\026\025\141\144\155\151\156\100\144\151\147\163\151\147\164\162"
-"\165\163\164\056\143\157\155\060\202\001\042\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060"
-"\202\001\012\002\202\001\001\000\261\323\021\340\171\125\103\007"
-"\010\114\313\005\102\000\342\015\203\106\075\344\223\272\266\006"
-"\323\015\131\275\076\301\316\103\147\001\212\041\250\357\274\314"
-"\320\242\314\260\125\226\123\204\146\005\000\332\104\111\200\330"
-"\124\012\245\045\206\224\355\143\126\377\160\154\243\241\031\322"
-"\170\276\150\052\104\136\057\317\314\030\136\107\274\072\261\106"
-"\075\036\360\271\054\064\137\214\174\114\010\051\235\100\125\353"
-"\074\175\203\336\265\360\367\212\203\016\241\114\264\072\245\263"
-"\137\132\042\227\354\031\233\301\005\150\375\346\267\251\221\224"
-"\054\344\170\110\044\032\045\031\072\353\225\234\071\012\212\317"
-"\102\262\360\034\325\137\373\153\355\150\126\173\071\054\162\070"
-"\260\356\223\251\323\173\167\074\353\161\003\251\070\112\026\154"
-"\211\052\312\332\063\023\171\302\125\214\355\234\273\362\313\133"
-"\020\370\056\141\065\306\051\114\052\320\052\143\321\145\131\264"
-"\370\315\371\364\000\204\266\127\102\205\235\062\250\371\052\124"
-"\373\377\170\101\274\275\161\050\364\273\220\274\377\226\064\004"
-"\343\105\236\241\106\050\100\201\002\003\001\000\001\243\026\060"
-"\024\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001"
-"\001\377\002\001\010\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\202\001\001\000\004\157\045\206\344\346\226"
-"\047\264\331\102\300\320\311\000\261\177\124\076\207\262\155\044"
-"\251\057\012\176\375\244\104\260\370\124\007\275\033\235\235\312"
-"\173\120\044\173\021\133\111\243\246\277\022\164\325\211\267\267"
-"\057\230\144\045\024\267\141\351\177\140\200\153\323\144\350\253"
-"\275\032\326\121\372\300\264\135\167\032\177\144\010\136\171\306"
-"\005\114\361\172\335\115\175\316\346\110\173\124\322\141\222\201"
-"\326\033\326\000\360\016\236\050\167\240\115\210\307\042\166\031"
-"\303\307\236\033\246\167\170\370\137\233\126\321\360\362\027\254"
-"\216\235\131\346\037\376\127\266\331\136\341\135\237\105\354\141"
-"\150\031\101\341\262\040\046\376\132\060\166\044\377\100\162\074"
-"\171\237\174\042\110\253\106\315\333\263\206\054\217\277\005\101"
-"\323\301\343\024\343\101\027\046\320\174\247\161\114\031\350\112"
-"\017\162\130\061\175\354\140\172\243\042\050\275\031\044\140\077"
-"\073\207\163\300\153\344\313\256\267\253\045\103\262\125\055\173"
-"\253\006\016\165\135\064\345\135\163\155\236\262\165\100\245\131"
-"\311\117\061\161\210\331\210\177\124"
-, (PRUint32)953 }
-};
-static const NSSItem nss_builtins_items_25 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ABAecom (sub., Am. Bankers Assn.) Root CA", (PRUint32)42 },
-  { (void *)"\172\164\101\017\260\315\134\227\052\066\113\161\277\003\035\210"
-"\246\121\016\236"
-, (PRUint32)20 },
-  { (void *)"\101\270\007\367\250\321\011\356\264\232\216\160\115\374\033\170"
-, (PRUint32)16 },
-  { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
-  { (void *)"\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_26 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
-  { (void *)"\066\160\025\226"
-, (PRUint32)4 },
-  { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066"
-"\160\025\226\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151"
-"\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162"
-"\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013"
-"\023\010\104\123\124\103\101\040\105\061\060\036\027\015\071\070"
-"\061\062\061\060\061\070\061\060\062\063\132\027\015\061\070\061"
-"\062\061\060\061\070\064\060\062\063\132\060\106\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125"
-"\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156"
-"\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061"
-"\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040"
-"\105\061\060\201\235\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\240"
-"\154\201\251\317\064\036\044\335\376\206\050\314\336\203\057\371"
-"\136\324\102\322\350\164\140\146\023\230\006\034\251\121\022\151"
-"\157\061\125\271\111\162\000\010\176\323\245\142\104\067\044\231"
-"\217\331\203\110\217\231\155\225\023\273\103\073\056\111\116\210"
-"\067\301\273\130\177\376\341\275\370\273\141\315\363\107\300\231"
-"\246\361\363\221\350\170\174\000\313\141\311\104\047\161\151\125"
-"\112\176\111\115\355\242\243\276\002\114\000\312\002\250\356\001"
-"\002\061\144\017\122\055\023\164\166\066\265\172\264\055\161\002"
-"\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006"
-"\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127"
-"\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061\061\015\060\013\006\003\125\004"
-"\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044"
-"\060\042\200\017\061\071\071\070\061\062\061\060\061\070\061\060"
-"\062\063\132\201\017\062\060\061\070\061\062\061\060\061\070\061"
-"\060\062\063\132\060\013\006\003\125\035\017\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\152\171"
-"\176\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016"
-"\242\370\060\035\006\003\125\035\016\004\026\004\024\152\171\176"
-"\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016\242"
-"\370\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060"
-"\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012"
-"\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\201\201\000\042\022\330"
-"\172\035\334\201\006\266\011\145\262\207\310\037\136\264\057\351"
-"\304\036\362\074\301\273\004\220\021\112\203\116\176\223\271\115"
-"\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040"
-"\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311"
-"\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376"
-"\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233"
-"\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274"
-"\241\223\004\273\206\237\072\133\103\172\303\212\145"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_27 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
-  { (void *)"\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143"
-"\133\321\043\323"
-, (PRUint32)20 },
-  { (void *)"\045\172\272\203\056\266\242\013\332\376\365\002\017\010\327\255"
-, (PRUint32)16 },
-  { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
-  { (void *)"\066\160\025\226"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_28 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
-  { (void *)"\066\156\323\316"
-, (PRUint32)4 },
-  { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066"
-"\156\323\316\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151"
-"\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162"
-"\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013"
-"\023\010\104\123\124\103\101\040\105\062\060\036\027\015\071\070"
-"\061\062\060\071\061\071\061\067\062\066\132\027\015\061\070\061"
-"\062\060\071\061\071\064\067\062\066\132\060\106\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125"
-"\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156"
-"\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061"
-"\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040"
-"\105\062\060\201\235\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\277"
-"\223\217\027\222\357\063\023\030\353\020\177\116\026\277\377\006"
-"\217\052\205\274\136\371\044\246\044\210\266\003\267\301\303\137"
-"\003\133\321\157\256\176\102\352\146\043\270\143\203\126\373\050"
-"\055\341\070\213\264\356\250\001\341\316\034\266\210\052\042\106"
-"\205\373\237\247\160\251\107\024\077\316\336\145\360\250\161\367"
-"\117\046\154\214\274\306\265\357\336\111\047\377\110\052\175\350"
-"\115\003\314\307\262\122\306\027\061\023\073\265\115\333\310\304"
-"\366\303\017\044\052\332\014\235\347\221\133\200\315\224\235\002"
-"\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006"
-"\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127"
-"\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062\061\015\060\013\006\003\125\004"
-"\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044"
-"\060\042\200\017\061\071\071\070\061\062\060\071\061\071\061\067"
-"\062\066\132\201\017\062\060\061\070\061\062\060\071\061\071\061"
-"\067\062\066\132\060\013\006\003\125\035\017\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\036\202"
-"\115\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370"
-"\071\133\060\035\006\003\125\035\016\004\026\004\024\036\202\115"
-"\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370\071"
-"\133\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060"
-"\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012"
-"\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\201\201\000\107\215\203"
-"\255\142\362\333\260\236\105\042\005\271\242\326\003\016\070\162"
-"\347\236\374\173\346\223\266\232\245\242\224\310\064\035\221\321"
-"\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114"
-"\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055"
-"\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113"
-"\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113"
-"\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371"
-"\307\177\033\033\326\006\040\002\130\241\303\242\003"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_29 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
-  { (void *)"\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127"
-"\360\066\233\106"
-, (PRUint32)20 },
-  { (void *)"\223\302\216\021\173\324\363\003\031\275\050\165\023\112\105\112"
-, (PRUint32)16 },
-  { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
-  { (void *)"\066\156\323\316"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_30 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 2", (PRUint32)40 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
-  { (void *)"\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000"
-"\001"
-, (PRUint32)17 },
-  { (void *)"\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000"
-"\000\002\174\000\000\000\002\000\000\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060"
-"\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003"
-"\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125"
-"\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151"
-"\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147"
-"\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124"
-"\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004"
-"\013\023\010\104\123\124\103\101\040\130\061\061\026\060\024\006"
-"\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101"
-"\040\130\061\061\041\060\037\006\011\052\206\110\206\367\015\001"
-"\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165"
-"\163\164\056\143\157\155\060\036\027\015\071\070\061\062\060\061"
-"\061\070\061\070\065\065\132\027\015\060\070\061\061\062\070\061"
-"\070\061\070\065\065\132\060\201\251\061\013\060\011\006\003\125"
-"\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023"
-"\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016"
-"\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044"
-"\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154"
-"\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164"
-"\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104"
-"\123\124\103\101\040\130\061\061\026\060\024\006\003\125\004\003"
-"\023\015\104\123\124\040\122\157\157\164\103\101\040\130\061\061"
-"\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022"
-"\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143"
-"\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\322\306\046\266\347\245\075\301\304\150\325\120\157"
-"\123\305\157\111\023\011\270\257\054\110\215\024\152\243\027\137"
-"\132\371\323\056\165\057\330\050\142\321\223\057\374\115\324\253"
-"\207\345\010\307\231\347\222\077\165\275\353\045\264\025\301\233"
-"\031\075\322\104\215\327\164\040\155\067\002\217\151\223\133\212"
-"\304\031\235\364\262\016\374\026\154\271\261\005\222\203\321\205"
-"\054\140\224\076\105\125\240\331\253\010\041\346\140\350\073\164"
-"\362\231\120\121\150\320\003\055\261\200\276\243\330\122\260\104"
-"\315\103\112\160\216\130\205\225\341\116\054\326\055\101\157\326"
-"\204\347\310\230\104\312\107\333\054\044\245\151\046\317\153\270"
-"\047\142\303\364\311\172\222\043\355\023\147\202\256\105\056\105"
-"\345\176\162\077\205\235\224\142\020\346\074\221\241\255\167\000"
-"\340\025\354\363\204\200\162\172\216\156\140\227\307\044\131\020"
-"\064\203\133\341\245\244\151\266\127\065\034\170\131\306\323\057"
-"\072\163\147\356\224\312\004\023\005\142\006\160\043\263\364\174"
-"\356\105\331\144\013\133\111\252\244\103\316\046\304\104\022\154"
-"\270\335\171\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\242\067\262\077"
-"\151\373\327\206\171\124\111\061\225\063\053\363\321\011\024\111"
-"\142\140\206\245\260\021\342\120\302\035\006\127\076\055\350\063"
-"\144\276\233\252\255\137\033\115\324\231\225\242\213\232\311\142"
-"\162\265\151\352\331\130\253\065\355\025\242\103\326\266\274\007"
-"\171\145\144\163\175\327\171\312\173\325\132\121\306\341\123\004"
-"\226\215\070\317\243\027\254\071\161\153\001\303\213\123\074\143"
-"\351\356\171\300\344\276\222\062\144\172\263\037\227\224\142\275"
-"\352\262\040\025\225\373\227\362\170\057\143\066\100\070\343\106"
-"\017\035\335\254\225\312\347\113\220\173\261\113\251\324\305\353"
-"\232\332\252\325\243\224\024\106\215\055\037\363\072\326\223\072"
-"\366\076\171\374\350\346\260\165\355\356\075\311\160\307\135\252"
-"\201\113\106\045\034\307\154\025\343\225\116\017\252\062\067\224"
-"\012\027\044\222\023\204\130\322\143\157\053\367\346\133\142\013"
-"\023\027\260\015\122\114\376\376\157\134\342\221\156\035\375\244"
-"\142\327\150\372\216\172\117\322\010\332\223\334\360\222\021\172"
-"\320\334\162\223\014\163\223\142\205\150\320\364"
-, (PRUint32)988 }
-};
-static const NSSItem nss_builtins_items_31 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 2", (PRUint32)40 },
-  { (void *)"\267\057\377\222\322\316\103\336\012\215\114\124\214\120\067\046"
-"\250\036\053\223"
-, (PRUint32)20 },
-  { (void *)"\154\311\247\156\107\361\014\343\123\073\170\114\115\302\152\305"
-, (PRUint32)16 },
-  { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
-  { (void *)"\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000"
-"\001"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_32 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 4", (PRUint32)40 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
-  { (void *)"\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
-  { (void *)"\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000"
-"\000\167\155\000\000\000\001\000\000\000\004\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060"
-"\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003"
-"\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125"
-"\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151"
-"\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147"
-"\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124"
-"\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004"
-"\013\023\010\104\123\124\103\101\040\130\062\061\026\060\024\006"
-"\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101"
-"\040\130\062\061\041\060\037\006\011\052\206\110\206\367\015\001"
-"\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165"
-"\163\164\056\143\157\155\060\036\027\015\071\070\061\061\063\060"
-"\062\062\064\066\061\066\132\027\015\060\070\061\061\062\067\062"
-"\062\064\066\061\066\132\060\201\251\061\013\060\011\006\003\125"
-"\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023"
-"\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016"
-"\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044"
-"\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154"
-"\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164"
-"\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104"
-"\123\124\103\101\040\130\062\061\026\060\024\006\003\125\004\003"
-"\023\015\104\123\124\040\122\157\157\164\103\101\040\130\062\061"
-"\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022"
-"\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143"
-"\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\334\165\360\214\300\165\226\232\300\142\037\046\367"
-"\304\341\232\352\340\126\163\133\231\315\001\104\250\010\266\325"
-"\247\332\032\004\030\071\222\112\170\243\201\302\365\167\172\120"
-"\264\160\377\232\253\306\307\312\156\203\117\102\230\373\046\013"
-"\332\334\155\326\251\231\125\122\147\351\050\003\222\334\345\260"
-"\005\232\017\025\371\153\131\162\126\362\372\071\374\252\150\356"
-"\017\037\020\203\057\374\235\372\027\226\335\202\343\346\105\175"
-"\300\113\200\104\037\355\054\340\204\375\221\134\222\124\151\045"
-"\345\142\151\334\345\356\000\122\275\063\013\255\165\002\205\247"
-"\144\120\055\305\031\031\060\300\046\333\311\323\375\056\231\255"
-"\131\265\013\115\324\101\256\205\110\103\131\334\267\250\342\242"
-"\336\303\217\327\270\241\142\246\150\120\122\344\317\061\247\224"
-"\205\332\237\106\062\027\126\345\362\353\146\075\022\377\103\333"
-"\230\357\167\317\313\201\215\064\261\306\120\112\046\321\344\076"
-"\101\120\257\154\256\042\064\056\325\153\156\203\272\171\270\166"
-"\145\110\332\011\051\144\143\042\271\373\107\166\205\214\206\104"
-"\313\011\333\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\265\066\016\135"
-"\341\141\050\132\021\145\300\077\203\003\171\115\276\050\246\013"
-"\007\002\122\205\315\370\221\320\020\154\265\152\040\133\034\220"
-"\331\060\074\306\110\236\212\136\144\371\241\161\167\357\004\047"
-"\037\007\353\344\046\367\163\164\311\104\030\032\146\323\340\103"
-"\257\221\073\321\313\054\330\164\124\072\034\115\312\324\150\315"
-"\043\174\035\020\236\105\351\366\000\156\246\315\031\377\117\054"
-"\051\217\127\115\304\167\222\276\340\114\011\373\135\104\206\146"
-"\041\250\271\062\242\126\325\351\214\203\174\131\077\304\361\013"
-"\347\235\354\236\275\234\030\016\076\302\071\171\050\267\003\015"
-"\010\313\306\347\331\001\067\120\020\354\314\141\026\100\324\257"
-"\061\164\173\374\077\061\247\320\107\163\063\071\033\314\116\152"
-"\327\111\203\021\006\376\353\202\130\063\062\114\360\126\254\036"
-"\234\057\126\232\173\301\112\034\245\375\125\066\316\374\226\115"
-"\364\260\360\354\267\154\202\355\057\061\231\102\114\251\262\015"
-"\270\025\135\361\337\272\311\265\112\324\144\230\263\046\251\060"
-"\310\375\246\354\253\226\041\255\177\302\170\266"
-, (PRUint32)988 }
-};
-static const NSSItem nss_builtins_items_33 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Digital Signature Trust Co. Global CA 4", (PRUint32)40 },
-  { (void *)"\147\353\063\173\150\114\353\016\302\260\166\012\264\210\047\214"
-"\335\225\227\335"
-, (PRUint32)20 },
-  { (void *)"\315\073\075\142\133\011\270\011\066\207\236\022\057\161\144\272"
-, (PRUint32)16 },
-  { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
-  { (void *)"\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_34 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252"
-"\125"
-, (PRUint32)17 },
-  { (void *)"\060\202\002\075\060\202\001\246\002\021\000\315\272\177\126\360"
-"\337\344\274\124\376\042\254\263\162\252\125\060\015\006\011\052"
-"\206\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071"
-"\066\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070"
-"\060\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154"
-"\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151"
-"\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201"
-"\215\000\060\201\211\002\201\201\000\345\031\277\155\243\126\141"
-"\055\231\110\161\366\147\336\271\215\353\267\236\206\200\012\221"
-"\016\372\070\045\257\106\210\202\345\163\250\240\233\044\135\015"
-"\037\314\145\156\014\260\320\126\204\030\207\232\006\233\020\241"
-"\163\337\264\130\071\153\156\301\366\025\325\250\250\077\252\022"
-"\006\215\061\254\177\260\064\327\217\064\147\210\011\315\024\021"
-"\342\116\105\126\151\037\170\002\200\332\334\107\221\051\273\066"
-"\311\143\134\305\340\327\055\207\173\241\267\062\260\173\060\272"
-"\052\057\061\252\356\243\147\332\333\002\003\001\000\001\060\015"
-"\006\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201"
-"\000\114\077\270\213\306\150\337\356\103\063\016\135\351\246\313"
-"\007\204\115\172\063\377\222\033\364\066\255\330\225\042\066\150"
-"\021\154\174\102\314\363\234\056\304\007\077\024\260\017\117\377"
-"\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051"
-"\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171"
-"\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100"
-"\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173"
-"\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161"
-"\224"
-, (PRUint32)577 }
-};
-static const NSSItem nss_builtins_items_35 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
-  { (void *)"\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204"
-"\167\257\125\157"
-, (PRUint32)20 },
-  { (void *)"\227\140\350\127\137\323\120\107\345\103\014\224\066\212\260\142"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252"
-"\125"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_36 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013"
-, (PRUint32)16 },
-  { (void *)"\060\202\002\074\060\202\001\245\002\020\055\033\374\112\027\215"
-"\243\221\353\347\377\365\213\105\276\013\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004"
-"\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143"
-"\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163"
-"\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155\141"
-"\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066"
-"\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060"
-"\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\266\132\213\243\015\152\043\203"
-"\200\153\317\071\207\364\041\023\063\006\114\045\242\355\125\022"
-"\227\305\247\200\271\372\203\301\040\240\372\057\025\015\174\241"
-"\140\153\176\171\054\372\006\017\072\256\366\033\157\261\322\377"
-"\057\050\122\137\203\175\113\304\172\267\370\146\037\200\124\374"
-"\267\302\216\131\112\024\127\106\321\232\223\276\101\221\003\273"
-"\025\200\223\134\353\347\314\010\154\077\076\263\112\374\377\113"
-"\154\043\325\120\202\046\104\031\216\043\303\161\352\031\044\107"
-"\004\236\165\277\310\246\000\037\002\003\001\000\001\060\015\006"
-"\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000"
-"\212\033\053\372\071\301\164\327\136\330\031\144\242\130\112\055"
-"\067\340\063\107\017\254\355\367\252\333\036\344\213\006\134\140"
-"\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063"
-"\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005"
-"\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134"
-"\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213"
-"\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003"
-"\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330"
-, (PRUint32)576 }
-};
-static const NSSItem nss_builtins_items_37 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
-  { (void *)"\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012"
-"\117\140\024\052"
-, (PRUint32)20 },
-  { (void *)"\263\234\045\261\303\056\062\123\200\025\060\235\115\002\167\076"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_38 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277"
-, (PRUint32)16 },
-  { (void *)"\060\202\002\074\060\202\001\245\002\020\160\272\344\035\020\331"
-"\051\064\266\070\312\173\003\314\272\277\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004"
-"\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143"
-"\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163"
-"\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155\141"
-"\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066"
-"\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060"
-"\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\311\134\131\236\362\033\212\001"
-"\024\264\020\337\004\100\333\343\127\257\152\105\100\217\204\014"
-"\013\321\063\331\331\021\317\356\002\130\037\045\367\052\250\104"
-"\005\252\354\003\037\170\177\236\223\271\232\000\252\043\175\326"
-"\254\205\242\143\105\307\162\047\314\364\114\306\165\161\322\071"
-"\357\117\102\360\165\337\012\220\306\216\040\157\230\017\370\254"
-"\043\137\160\051\066\244\311\206\347\261\232\040\313\123\245\205"
-"\347\075\276\175\232\376\044\105\063\334\166\025\355\017\242\161"
-"\144\114\145\056\201\150\105\247\002\003\001\000\001\060\015\006"
-"\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000"
-"\273\114\022\053\317\054\046\000\117\024\023\335\246\373\374\012"
-"\021\204\214\363\050\034\147\222\057\174\266\305\372\337\360\350"
-"\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116"
-"\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320"
-"\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234"
-"\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075"
-"\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237"
-"\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144"
-, (PRUint32)576 }
-};
-static const NSSItem nss_builtins_items_39 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
-  { (void *)"\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305"
-"\076\141\164\342"
-, (PRUint32)20 },
-  { (void *)"\020\374\143\135\366\046\076\015\363\045\276\137\171\315\147\147"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_40 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\002\060\202\002\153\002\020\114\307\352\252\230\076"
-"\161\323\223\020\370\075\072\211\221\222\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\252\320"
-"\272\276\026\055\270\203\324\312\322\017\274\166\061\312\224\330"
-"\035\223\214\126\002\274\331\157\032\157\122\066\156\165\126\012"
-"\125\323\337\103\207\041\021\145\212\176\217\275\041\336\153\062"
-"\077\033\204\064\225\005\235\101\065\353\222\353\226\335\252\131"
-"\077\001\123\155\231\117\355\345\342\052\132\220\301\271\304\246"
-"\025\317\310\105\353\246\135\216\234\076\360\144\044\166\245\315"
-"\253\032\157\266\330\173\121\141\156\246\177\207\310\342\267\345"
-"\064\334\101\210\352\011\100\276\163\222\075\153\347\165\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\251\117\303\015\307\147\276\054\313\331"
-"\250\315\055\165\347\176\025\236\073\162\353\176\353\134\055\011"
-"\207\326\153\155\140\174\345\256\305\220\043\014\134\112\320\257"
-"\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166"
-"\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245"
-"\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352"
-"\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152"
-"\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274"
-"\017\061\134\350\362\331"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_41 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)"\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142"
-"\365\062\345\107"
-, (PRUint32)20 },
-  { (void *)"\333\043\075\371\151\372\113\271\225\200\104\163\136\175\101\203"
-, (PRUint32)16 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_42 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212"
-"\257"
-, (PRUint32)17 },
-  { (void *)"\060\202\003\003\060\202\002\154\002\021\000\271\057\140\314\210"
-"\237\241\172\106\011\270\133\160\154\212\257\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154"
-"\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151"
-"\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107"
-"\062\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060"
-"\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156"
-"\040\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036"
-"\027\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027"
-"\015\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201"
-"\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013"
-"\023\063\103\154\141\163\163\040\062\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061"
-"\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165"
-"\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154"
-"\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151"
-"\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157"
-"\162\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\247"
-"\210\001\041\164\054\347\032\003\360\230\341\227\074\017\041\010"
-"\361\234\333\227\351\232\374\302\004\006\023\276\137\122\310\314"
-"\036\054\022\126\054\270\001\151\054\314\231\037\255\260\226\256"
-"\171\004\362\023\071\301\173\230\272\010\054\350\302\204\023\054"
-"\252\151\351\011\364\307\251\002\244\102\302\043\117\112\330\360"
-"\016\242\373\061\154\311\346\157\231\047\007\365\346\364\114\170"
-"\236\155\353\106\206\372\271\206\311\124\362\262\304\257\324\106"
-"\034\132\311\025\060\377\015\154\365\055\016\155\316\177\167\002"
-"\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\201\201\000\162\056\371\177\321\361\161\373\304"
-"\236\366\305\136\121\212\100\230\270\150\370\233\034\203\330\342"
-"\235\275\377\355\241\346\146\352\057\011\364\312\327\352\245\053"
-"\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170"
-"\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027"
-"\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163"
-"\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263"
-"\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047"
-"\214\022\173\305\104\264\256"
-, (PRUint32)775 }
-};
-static const NSSItem nss_builtins_items_43 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)"\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010"
-"\033\147\354\235"
-, (PRUint32)20 },
-  { (void *)"\055\273\345\045\323\321\145\202\072\267\016\372\346\353\342\341"
-, (PRUint32)16 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212"
-"\257"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_44 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\002\060\202\002\153\002\020\175\331\376\007\317\250"
-"\036\267\020\171\147\373\247\211\064\306\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\314\136"
-"\321\021\135\134\151\320\253\323\271\152\114\231\037\131\230\060"
-"\216\026\205\040\106\155\107\077\324\205\040\204\341\155\263\370"
-"\244\355\014\361\027\017\073\371\247\371\045\327\301\317\204\143"
-"\362\174\143\317\242\107\362\306\133\063\216\144\100\004\150\301"
-"\200\271\144\034\105\167\307\330\156\365\225\051\074\120\350\064"
-"\327\170\037\250\272\155\103\221\225\217\105\127\136\176\305\373"
-"\312\244\004\353\352\227\067\124\060\157\273\001\107\062\063\315"
-"\334\127\233\144\151\141\370\233\035\034\211\117\134\147\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\121\115\315\276\134\313\230\031\234\025"
-"\262\001\071\170\056\115\017\147\160\160\231\306\020\132\224\244"
-"\123\115\124\155\053\257\015\135\100\213\144\323\327\356\336\126"
-"\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011"
-"\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342"
-"\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151"
-"\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263"
-"\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130"
-"\240\235\235\151\221\375"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_45 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)"\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011"
-"\350\370\167\017"
-, (PRUint32)20 },
-  { (void *)"\242\063\233\114\164\170\163\324\154\347\301\363\215\313\134\351"
-, (PRUint32)16 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_46 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\002\060\202\002\153\002\020\062\210\216\232\322\365"
-"\353\023\107\370\177\304\040\067\045\370\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\064\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\272\360"
-"\344\317\371\304\256\205\124\271\007\127\371\217\305\177\150\021"
-"\370\304\027\260\104\334\343\060\163\325\052\142\052\270\320\314"
-"\034\355\050\133\176\275\152\334\263\221\044\312\101\142\074\374"
-"\002\001\277\034\026\061\224\005\227\166\156\242\255\275\141\027"
-"\154\116\060\206\360\121\067\052\120\307\250\142\201\334\133\112"
-"\252\301\240\264\156\353\057\345\127\305\261\053\100\160\333\132"
-"\115\241\216\037\275\003\037\330\003\324\217\114\231\161\274\342"
-"\202\314\130\350\230\072\206\323\206\070\363\000\051\037\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\205\214\022\301\247\271\120\025\172\313"
-"\076\254\270\103\212\334\252\335\024\272\211\201\176\001\074\043"
-"\161\041\210\057\202\334\143\372\002\105\254\105\131\327\052\130"
-"\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217"
-"\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062"
-"\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351"
-"\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131"
-"\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117"
-"\117\312\200\221\266\051"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_47 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
-  { (void *)"\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374"
-"\172\275\233\122"
-, (PRUint32)20 },
-  { (void *)"\046\155\054\031\230\266\160\150\070\120\124\031\354\220\064\140"
-, (PRUint32)16 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_48 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GlobalSign Root CA", (PRUint32)19 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
-  { (void *)"\002\000\000\000\000\000\326\170\267\224\005"
-, (PRUint32)11 },
-  { (void *)"\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\267\224\005\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060"
-"\060\060\132\027\015\061\064\060\061\062\070\061\062\060\060\060"
-"\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016"
-"\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033"
-"\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123"
-"\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231"
-"\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037"
-"\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034"
-"\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351"
-"\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215"
-"\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351"
-"\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351"
-"\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052"
-"\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365"
-"\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106"
-"\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351"
-"\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274"
-"\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011"
-"\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171"
-"\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052"
-"\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174"
-"\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000"
-"\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004"
-"\004\003\002\000\006\060\035\006\003\125\035\016\004\026\004\024"
-"\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064\250"
-"\377\374\375\113\060\017\006\003\125\035\023\001\001\377\004\005"
-"\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001"
-"\001\004\005\000\003\202\001\001\000\256\252\237\374\267\322\313"
-"\037\137\071\051\050\030\236\064\311\154\117\157\032\360\144\242"
-"\160\112\117\023\206\233\140\050\236\350\201\111\230\175\012\273"
-"\345\260\235\075\066\333\217\005\121\377\011\061\052\037\335\211"
-"\167\236\017\056\154\225\004\355\206\313\264\000\077\204\002\115"
-"\200\152\052\055\170\013\256\157\053\242\203\104\203\037\315\120"
-"\202\114\044\257\275\367\245\264\310\132\017\364\347\107\136\111"
-"\216\067\226\376\232\210\005\072\331\300\333\051\207\346\031\226"
-"\107\247\072\246\214\213\074\167\376\106\143\247\123\332\041\321"
-"\254\176\111\242\113\346\303\147\131\057\263\212\016\273\054\275"
-"\251\252\102\174\065\301\330\177\325\247\061\072\116\143\103\071"
-"\257\010\260\141\064\214\323\230\251\103\064\366\017\207\051\073"
-"\235\302\126\130\230\167\303\367\033\254\366\235\370\076\252\247"
-"\124\105\360\365\371\325\061\145\376\153\130\234\161\263\036\327"
-"\122\352\062\027\374\100\140\035\311\171\044\262\366\154\375\250"
-"\146\016\202\335\230\313\332\302\104\117\056\240\173\362\367\153"
-"\054\166\021\204\106\212\170\243\343"
-, (PRUint32)889 }
-};
-static const NSSItem nss_builtins_items_49 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GlobalSign Root CA", (PRUint32)19 },
-  { (void *)"\057\027\077\175\351\226\147\257\245\172\370\012\242\321\261\057"
-"\254\203\003\070"
-, (PRUint32)20 },
-  { (void *)"\253\277\352\343\153\051\246\314\246\170\065\231\357\255\053\200"
-, (PRUint32)16 },
-  { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
-  { (void *)"\002\000\000\000\000\000\326\170\267\224\005"
-, (PRUint32)11 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_50 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\061\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\065\062\062\062\063\064\070\132\027\015\061\071\060\066\062"
-"\065\062\062\062\063\064\070\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\061\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\330\131\202\172\211\270\226\272\246\057\150\157\130"
-"\056\247\124\034\006\156\364\352\215\110\274\061\224\027\360\363"
-"\116\274\262\270\065\222\166\260\320\245\245\001\327\000\003\022"
-"\042\031\010\370\377\021\043\233\316\007\365\277\151\032\046\376"
-"\116\351\321\177\235\054\100\035\131\150\156\246\370\130\260\235"
-"\032\217\323\077\361\334\031\006\201\250\016\340\072\335\310\123"
-"\105\011\006\346\017\160\303\372\100\246\016\342\126\005\017\030"
-"\115\374\040\202\321\163\125\164\215\166\162\240\035\235\035\300"
-"\335\077\161\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\120\150\075\111\364"
-"\054\034\006\224\337\225\140\177\226\173\027\376\117\161\255\144"
-"\310\335\167\322\357\131\125\350\077\350\216\005\052\041\362\007"
-"\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326"
-"\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152"
-"\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105"
-"\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360"
-"\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355"
-"\161\202\053\231\317\072\267\365\055\162\310"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_51 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
-  { (void *)"\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201"
-"\020\237\344\216"
-, (PRUint32)20 },
-  { (void *)"\145\130\253\025\255\127\154\036\250\247\265\151\254\277\377\353"
-, (PRUint32)16 },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_52 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\062\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\066\060\060\061\071\065\064\132\027\015\061\071\060\066\062"
-"\066\060\060\061\071\065\064\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\062\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\316\072\161\312\345\253\310\131\222\125\327\253\330"
-"\164\016\371\356\331\366\125\107\131\145\107\016\005\125\334\353"
-"\230\066\074\134\123\135\323\060\317\070\354\275\101\211\355\045"
-"\102\011\044\153\012\136\263\174\335\122\055\114\346\324\326\175"
-"\132\131\251\145\324\111\023\055\044\115\034\120\157\265\301\205"
-"\124\073\376\161\344\323\134\102\371\200\340\221\032\012\133\071"
-"\066\147\363\077\125\174\033\077\264\137\144\163\064\343\264\022"
-"\277\207\144\370\332\022\377\067\047\301\263\103\273\357\173\156"
-"\056\151\367\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\073\177\120\157\157"
-"\120\224\231\111\142\070\070\037\113\370\245\310\076\247\202\201"
-"\366\053\307\350\305\316\350\072\020\202\313\030\000\216\115\275"
-"\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356"
-"\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120"
-"\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041"
-"\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002"
-"\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370"
-"\276\355\164\114\274\133\325\142\037\103\335"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_53 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
-  { (void *)"\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267"
-"\330\361\374\246"
-, (PRUint32)20 },
-  { (void *)"\251\043\165\233\272\111\066\156\061\302\333\362\347\146\272\207"
-, (PRUint32)16 },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_54 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"RSA Root Certificate 1", (PRUint32)23 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\063\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\066\060\060\062\062\063\063\132\027\015\061\071\060\066\062"
-"\066\060\060\062\062\063\063\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\063\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\343\230\121\226\034\350\325\261\006\201\152\127\303"
-"\162\165\223\253\317\236\246\374\363\026\122\326\055\115\237\065"
-"\104\250\056\004\115\007\111\212\070\051\365\167\067\347\267\253"
-"\135\337\066\161\024\231\217\334\302\222\361\347\140\222\227\354"
-"\330\110\334\277\301\002\040\306\044\244\050\114\060\132\166\155"
-"\261\134\363\335\336\236\020\161\241\210\307\133\233\101\155\312"
-"\260\270\216\025\356\255\063\053\317\107\004\134\165\161\012\230"
-"\044\230\051\247\111\131\245\335\370\267\103\142\141\363\323\342"
-"\320\125\077\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\126\273\002\130\204"
-"\147\010\054\337\037\333\173\111\063\365\323\147\235\364\264\012"
-"\020\263\311\305\054\342\222\152\161\170\047\362\160\203\102\323"
-"\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311"
-"\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250"
-"\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274"
-"\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300"
-"\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010"
-"\040\017\105\176\153\242\177\243\214\025\356"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_55 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"RSA Root Certificate 1", (PRUint32)23 },
-  { (void *)"\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363"
-"\354\252\065\373"
-, (PRUint32)20 },
-  { (void *)"\242\157\123\267\356\100\333\112\150\347\372\030\331\020\113\162"
-, (PRUint32)16 },
-  { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_56 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261"
-"\244"
-, (PRUint32)17 },
-  { (void *)"\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204"
-"\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170"
-"\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046"
-"\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033"
-"\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016"
-"\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155"
-"\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116"
-"\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325"
-"\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312"
-"\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114"
-"\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333"
-"\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240"
-"\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170"
-"\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366"
-"\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264"
-"\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301"
-"\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153"
-"\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146"
-"\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132"
-"\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052"
-"\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262"
-"\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370"
-"\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201"
-"\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151"
-"\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367"
-"\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066"
-"\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361"
-"\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354"
-"\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216"
-"\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042"
-"\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170"
-"\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043"
-"\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243"
-"\113\336\006\226\161\054\362\333\266\037\244\357\077\356"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_57 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)"\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321"
-"\351\216\106\245"
-, (PRUint32)20 },
-  { (void *)"\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163"
-, (PRUint32)16 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261"
-"\244"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_58 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172"
-, (PRUint32)16 },
-  { (void *)"\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137"
-"\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162"
-"\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167"
-"\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143"
-"\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054"
-"\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150"
-"\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061"
-"\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151"
-"\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061"
-"\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062"
-"\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125"
-"\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023"
-"\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061"
-"\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151"
-"\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103"
-"\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040"
-"\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120"
-"\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055"
-"\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367"
-"\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002"
-"\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224"
-"\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364"
-"\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301"
-"\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316"
-"\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213"
-"\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040"
-"\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030"
-"\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040"
-"\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262"
-"\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150"
-"\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304"
-"\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366"
-"\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315"
-"\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106"
-"\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131"
-"\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304"
-"\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025"
-"\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336"
-"\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214"
-"\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363"
-"\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256"
-"\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337"
-"\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156"
-"\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224"
-"\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373"
-"\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276"
-"\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110"
-"\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153"
-"\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045"
-"\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317"
-"\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263"
-"\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125"
-"\311\130\020\371\252\357\132\266\317\113\113\337\052"
-, (PRUint32)1053 }
-};
-static const NSSItem nss_builtins_items_59 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)"\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257"
-"\237\353\143\021"
-, (PRUint32)20 },
-  { (void *)"\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366"
-, (PRUint32)16 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_60 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357"
-"\127"
-, (PRUint32)17 },
-  { (void *)"\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243"
-"\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033"
-"\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221"
-"\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166"
-"\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255"
-"\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130"
-"\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316"
-"\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256"
-"\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127"
-"\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211"
-"\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146"
-"\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302"
-"\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114"
-"\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311"
-"\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063"
-"\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123"
-"\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256"
-"\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024"
-"\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336"
-"\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177"
-"\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053"
-"\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036"
-"\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107"
-"\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317"
-"\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202"
-"\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112"
-"\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217"
-"\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151"
-"\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246"
-"\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156"
-"\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255"
-"\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126"
-"\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255"
-"\153\271\012\172\116\117\113\204\356\113\361\175\335\021"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_61 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)"\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166"
-"\140\233\134\306"
-, (PRUint32)20 },
-  { (void *)"\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011"
-, (PRUint32)16 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357"
-"\127"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_62 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136"
-"\327"
-, (PRUint32)17 },
-  { (void *)"\060\202\004\032\060\202\003\002\002\021\000\354\240\247\213\156"
-"\165\152\001\317\304\174\314\057\224\136\327\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\255\313\245\021\151\306\131\253\361\217\265"
-"\031\017\126\316\314\265\037\040\344\236\046\045\113\340\163\145"
-"\211\131\336\320\203\344\365\017\265\273\255\361\174\350\041\374"
-"\344\350\014\356\174\105\042\031\166\222\264\023\267\040\133\011"
-"\372\141\256\250\362\245\215\205\302\052\326\336\146\066\322\233"
-"\002\364\250\222\140\174\234\151\264\217\044\036\320\206\122\366"
-"\062\234\101\130\036\042\275\315\105\142\225\010\156\320\146\335"
-"\123\242\314\360\020\334\124\163\213\004\241\106\063\063\134\027"
-"\100\271\236\115\323\363\276\125\203\350\261\211\216\132\174\232"
-"\226\042\220\073\210\045\362\322\123\210\002\014\013\170\362\346"
-"\067\027\113\060\106\007\344\200\155\246\330\226\056\350\054\370"
-"\021\263\070\015\146\246\233\352\311\043\133\333\216\342\363\023"
-"\216\032\131\055\252\002\360\354\244\207\146\334\301\077\365\330"
-"\271\364\354\202\306\322\075\225\035\345\300\117\204\311\331\243"
-"\104\050\006\152\327\105\254\360\153\152\357\116\137\370\021\202"
-"\036\070\143\064\146\120\324\076\223\163\372\060\303\146\255\377"
-"\223\055\227\357\003\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\217\372"
-"\045\153\117\133\344\244\116\047\125\253\042\025\131\074\312\265"
-"\012\324\112\333\253\335\241\137\123\305\240\127\071\302\316\107"
-"\053\276\072\310\126\277\302\331\047\020\072\261\005\074\300\167"
-"\061\273\072\323\005\173\155\232\034\060\214\200\313\223\223\052"
-"\203\253\005\121\202\002\000\021\147\153\363\210\141\107\137\003"
-"\223\325\133\015\340\361\324\241\062\065\205\262\072\333\260\202"
-"\253\321\313\012\274\117\214\133\305\113\000\073\037\052\202\246"
-"\176\066\205\334\176\074\147\000\265\344\073\122\340\250\353\135"
-"\025\371\306\155\360\255\035\016\205\267\251\232\163\024\132\133"
-"\217\101\050\300\325\350\055\115\244\136\315\252\331\355\316\334"
-"\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205"
-"\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136"
-"\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177"
-"\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304"
-"\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347"
-"\367\146\103\363\236\203\076\040\252\303\065\140\221\316"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_63 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
-  { (void *)"\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363"
-"\024\225\163\235"
-, (PRUint32)20 },
-  { (void *)"\333\310\362\047\056\261\352\152\051\043\135\376\126\076\063\337"
-, (PRUint32)16 },
-  { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
-  { (void *)"\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136"
-"\327"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_64 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
-  { (void *)"\067\112\322\103"
-, (PRUint32)4 },
-  { (void *)"\060\202\004\330\060\202\004\101\240\003\002\001\002\002\004\067"
-"\112\322\103\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\201\303\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\073\060\071\006\003\125\004"
-"\013\023\062\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\120\123\040\151\156\143\157\162\160\056\040\142"
-"\171\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154"
-"\151\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034"
-"\050\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164"
-"\056\156\145\164\040\114\151\155\151\164\145\144\061\072\060\070"
-"\006\003\125\004\003\023\061\105\156\164\162\165\163\164\056\156"
-"\145\164\040\123\145\143\165\162\145\040\123\145\162\166\145\162"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\060\036\027\015\071\071\060\065"
-"\062\065\061\066\060\071\064\060\132\027\015\061\071\060\065\062"
-"\065\061\066\063\071\064\060\132\060\201\303\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004"
-"\012\023\013\105\156\164\162\165\163\164\056\156\145\164\061\073"
-"\060\071\006\003\125\004\013\023\062\167\167\167\056\145\156\164"
-"\162\165\163\164\056\156\145\164\057\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164"
-"\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040"
-"\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\201"
-"\235\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\201\213\000\060\201\207\002\201\201\000\315\050\203\064\124"
-"\033\211\363\017\257\067\221\061\377\257\061\140\311\250\350\262"
-"\020\150\355\237\347\223\066\361\012\144\273\107\365\004\027\077"
-"\043\107\115\305\047\031\201\046\014\124\162\015\210\055\331\037"
-"\232\022\237\274\263\161\323\200\031\077\107\146\173\214\065\050"
-"\322\271\012\337\044\332\234\326\120\171\201\172\132\323\067\367"
-"\302\112\330\051\222\046\144\321\344\230\154\072\000\212\365\064"
-"\233\145\370\355\343\020\377\375\270\111\130\334\240\336\202\071"
-"\153\201\261\026\031\141\271\124\266\346\103\002\001\003\243\202"
-"\001\327\060\202\001\323\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\202\001\031\006\003\125"
-"\035\037\004\202\001\020\060\202\001\014\060\201\336\240\201\333"
-"\240\201\330\244\201\325\060\201\322\061\013\060\011\006\003\125"
-"\004\006\023\002\125\123\061\024\060\022\006\003\125\004\012\023"
-"\013\105\156\164\162\165\163\164\056\156\145\164\061\073\060\071"
-"\006\003\125\004\013\023\062\167\167\167\056\145\156\164\162\165"
-"\163\164\056\156\145\164\057\103\120\123\040\151\156\143\157\162"
-"\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151"
-"\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125"
-"\004\013\023\034\050\143\051\040\061\071\071\071\040\105\156\164"
-"\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144"
-"\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165"
-"\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145"
-"\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\061\015\060\013"
-"\006\003\125\004\003\023\004\103\122\114\061\060\051\240\047\240"
-"\045\206\043\150\164\164\160\072\057\057\167\167\167\056\145\156"
-"\164\162\165\163\164\056\156\145\164\057\103\122\114\057\156\145"
-"\164\061\056\143\162\154\060\053\006\003\125\035\020\004\044\060"
-"\042\200\017\061\071\071\071\060\065\062\065\061\066\060\071\064"
-"\060\132\201\017\062\060\061\071\060\065\062\065\061\066\060\071"
-"\064\060\132\060\013\006\003\125\035\017\004\004\003\002\001\006"
-"\060\037\006\003\125\035\043\004\030\060\026\200\024\360\027\142"
-"\023\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320"
-"\032\060\035\006\003\125\035\016\004\026\004\024\360\027\142\023"
-"\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320\032"
-"\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\031"
-"\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012\033"
-"\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\220\334\060\002"
-"\372\144\164\302\247\012\245\174\041\215\064\027\250\373\107\016"
-"\377\045\174\215\023\012\373\344\230\265\357\214\370\305\020\015"
-"\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145"
-"\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030"
-"\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035"
-"\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255"
-"\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076"
-"\155\055\105\013\367\012\223\352\355\006\371\262"
-, (PRUint32)1244 }
-};
-static const NSSItem nss_builtins_items_65 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
-  { (void *)"\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374"
-"\061\176\025\071"
-, (PRUint32)20 },
-  { (void *)"\337\362\200\163\314\361\346\141\163\374\365\102\351\305\174\356"
-, (PRUint32)16 },
-  { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
-  { (void *)"\067\112\322\103"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_66 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
-  { (void *)"\070\003\221\356"
-, (PRUint32)4 },
-  { (void *)"\060\202\004\355\060\202\004\126\240\003\002\001\002\002\004\070"
-"\003\221\356\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\311\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004"
-"\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146"
-"\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141"
-"\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036"
-"\027\015\071\071\061\060\061\062\061\071\062\064\063\060\132\027"
-"\015\061\071\061\060\061\062\061\071\065\064\063\060\132\060\201"
-"\311\061\013\060\011\006\003\125\004\006\023\002\125\123\061\024"
-"\060\022\006\003\125\004\012\023\013\105\156\164\162\165\163\164"
-"\056\156\145\164\061\110\060\106\006\003\125\004\013\024\077\167"
-"\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\103"
-"\154\151\145\156\164\137\103\101\137\111\156\146\157\057\103\120"
-"\123\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146"
-"\056\040\154\151\155\151\164\163\040\154\151\141\142\056\061\045"
-"\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071"
-"\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151"
-"\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052"
-"\105\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145"
-"\156\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\201\235\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\201\213\000"
-"\060\201\207\002\201\201\000\310\072\231\136\061\027\337\254\047"
-"\157\220\173\344\031\377\105\243\064\302\333\301\250\117\360\150"
-"\352\204\375\237\165\171\317\301\212\121\224\257\307\127\003\107"
-"\144\236\255\202\033\132\332\177\067\170\107\273\067\230\022\226"
-"\316\306\023\175\357\322\014\060\121\251\071\236\125\370\373\261"
-"\347\060\336\203\262\272\076\361\325\211\073\073\205\272\252\164"
-"\054\376\077\061\156\257\221\225\156\006\324\007\115\113\054\126"
-"\107\030\004\122\332\016\020\223\277\143\220\233\341\337\214\346"
-"\002\244\346\117\136\367\213\002\001\003\243\202\001\340\060\202"
-"\001\334\060\021\006\011\140\206\110\001\206\370\102\001\001\004"
-"\004\003\002\000\007\060\202\001\042\006\003\125\035\037\004\202"
-"\001\031\060\202\001\025\060\201\344\240\201\341\240\201\336\244"
-"\201\333\060\201\330\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004"
-"\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146"
-"\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141"
-"\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015"
-"\060\013\006\003\125\004\003\023\004\103\122\114\061\060\054\240"
-"\052\240\050\206\046\150\164\164\160\072\057\057\167\167\167\056"
-"\145\156\164\162\165\163\164\056\156\145\164\057\103\122\114\057"
-"\103\154\151\145\156\164\061\056\143\162\154\060\053\006\003\125"
-"\035\020\004\044\060\042\200\017\061\071\071\071\061\060\061\062"
-"\061\071\062\064\063\060\132\201\017\062\060\061\071\061\060\061"
-"\062\061\071\062\064\063\060\132\060\013\006\003\125\035\017\004"
-"\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312"
-"\231\164\213\225\352\114\060\035\006\003\125\035\016\004\026\004"
-"\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312\231"
-"\164\213\225\352\114\060\014\006\003\125\035\023\004\005\060\003"
-"\001\001\377\060\031\006\011\052\206\110\206\366\175\007\101\000"
-"\004\014\060\012\033\004\126\064\056\060\003\002\004\220\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201"
-"\000\077\256\212\361\327\146\003\005\236\076\372\352\034\106\273"
-"\244\133\217\170\232\022\110\231\371\364\065\336\014\066\007\002"
-"\153\020\072\211\024\201\234\061\246\174\262\101\262\152\347\007"
-"\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363"
-"\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070"
-"\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003"
-"\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332"
-"\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134"
-"\354"
-, (PRUint32)1265 }
-};
-static const NSSItem nss_builtins_items_67 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
-  { (void *)"\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125"
-"\262\371\365\200"
-, (PRUint32)20 },
-  { (void *)"\014\101\057\023\133\240\124\365\226\146\055\176\315\016\003\364"
-, (PRUint32)16 },
-  { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
-  { (void *)"\070\003\221\356"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_68 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
-  { (void *)"\070\143\271\146"
-, (PRUint32)4 },
-  { (void *)"\060\202\004\134\060\202\003\104\240\003\002\001\002\002\004\070"
-"\143\271\146\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006"
-"\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105"
-"\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061"
-"\062\062\064\061\067\065\060\065\061\132\027\015\061\071\061\062"
-"\062\064\061\070\062\060\065\061\132\060\201\264\061\024\060\022"
-"\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156"
-"\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167"
-"\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123"
-"\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151"
-"\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050"
-"\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056"
-"\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006"
-"\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051"
-"\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001"
-"\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052"
-"\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100"
-"\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223"
-"\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036"
-"\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245"
-"\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167"
-"\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227"
-"\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211"
-"\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140"
-"\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123"
-"\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316"
-"\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337"
-"\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077"
-"\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220"
-"\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016"
-"\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007"
-"\341\002\003\001\000\001\243\164\060\162\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\037\006"
-"\003\125\035\043\004\030\060\026\200\024\125\344\201\321\021\200"
-"\276\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035"
-"\006\003\125\035\016\004\026\004\024\125\344\201\321\021\200\276"
-"\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035\006"
-"\011\052\206\110\206\366\175\007\101\000\004\020\060\016\033\010"
-"\126\065\056\060\072\064\056\060\003\002\004\220\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\131\107\254\041\204\212\027\311\234\211\123\036\272\200\205\032"
-"\306\074\116\076\261\234\266\174\306\222\135\030\144\002\343\323"
-"\006\010\021\141\174\143\343\053\235\061\003\160\166\322\243\050"
-"\240\364\273\232\143\163\355\155\345\052\333\355\024\251\053\306"
-"\066\021\320\053\353\007\213\245\332\236\134\031\235\126\022\365"
-"\124\051\310\005\355\262\022\052\215\364\003\033\377\347\222\020"
-"\207\260\072\265\303\235\005\067\022\243\307\364\025\271\325\244"
-"\071\026\233\123\072\043\221\361\250\202\242\152\210\150\301\171"
-"\002\042\274\252\246\326\256\337\260\024\137\270\207\320\335\174"
-"\177\173\377\257\034\317\346\333\007\255\136\333\205\235\320\053"
-"\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211"
-"\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315"
-"\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074"
-"\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331"
-"\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162"
-"\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305"
-, (PRUint32)1120 }
-};
-static const NSSItem nss_builtins_items_69 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
-  { (void *)"\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104"
-"\074\052\130\376"
-, (PRUint32)20 },
-  { (void *)"\272\041\352\040\326\335\333\217\301\127\213\100\255\241\374\374"
-, (PRUint32)16 },
-  { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
-  { (void *)"\070\143\271\146"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_70 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ValiCert OCSP Responder", (PRUint32)24 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154"
-"\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156"
-"\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004"
-"\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143"
-"\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163"
-"\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061"
-"\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057"
-"\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145"
-"\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011"
-"\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164"
-"\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061"
-"\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065"
-"\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007"
-"\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144"
-"\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060"
-"\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164"
-"\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023"
-"\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040"
-"\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150"
-"\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145"
-"\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110"
-"\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154"
-"\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327"
-"\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361"
-"\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265"
-"\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146"
-"\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221"
-"\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142"
-"\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163"
-"\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117"
-"\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060"
-"\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000"
-"\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001"
-"\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002"
-"\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051"
-"\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031"
-"\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154"
-"\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270"
-"\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334"
-"\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242"
-"\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032"
-"\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332"
-"\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171"
-"\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041"
-"\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146"
-"\246\167\067\270\125\074\255\376\145\260\142\351"
-, (PRUint32)844 }
-};
-static const NSSItem nss_builtins_items_71 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"ValiCert OCSP Responder", (PRUint32)24 },
-  { (void *)"\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151"
-"\017\027\077\163"
-, (PRUint32)20 },
-  { (void *)"\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255"
-, (PRUint32)16 },
-  { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_72 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
-  { (void *)"\002\000\000\277"
-, (PRUint32)4 },
-  { (void *)"\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002"
-"\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003"
-"\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123"
-"\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060"
-"\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065"
-"\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060"
-"\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003"
-"\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023"
-"\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162"
-"\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141"
-"\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165"
-"\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040"
-"\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374"
-"\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046"
-"\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373"
-"\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066"
-"\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264"
-"\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073"
-"\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207"
-"\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327"
-"\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221"
-"\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003"
-"\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106"
-"\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132"
-"\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073"
-"\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222"
-"\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305"
-"\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237"
-"\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023"
-"\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005"
-"\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101"
-"\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207"
-"\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006"
-"\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042"
-"\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126"
-"\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375"
-"\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303"
-"\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215"
-"\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225"
-"\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107"
-"\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104"
-"\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124"
-"\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276"
-"\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341"
-"\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046"
-"\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363"
-"\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301"
-"\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341"
-"\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017"
-"\306\003\256\254\343\277\267\300\252\052"
-, (PRUint32)938 }
-};
-static const NSSItem nss_builtins_items_73 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 },
-  { (void *)"\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174"
-"\140\126\173\015"
-, (PRUint32)20 },
-  { (void *)"\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042"
-, (PRUint32)16 },
-  { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
-  { (void *)"\002\000\000\277"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_74 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
-  { (void *)"\002\000\000\271"
-, (PRUint32)4 },
-  { (void *)"\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002"
-"\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003"
-"\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036"
-"\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027"
-"\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060"
-"\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162"
-"\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145"
-"\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023"
-"\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162"
-"\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253"
-"\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200"
-"\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005"
-"\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353"
-"\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271"
-"\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055"
-"\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212"
-"\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033"
-"\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172"
-"\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256"
-"\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230"
-"\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353"
-"\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162"
-"\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077"
-"\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072"
-"\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236"
-"\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001"
-"\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345"
-"\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265"
-"\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060"
-"\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001"
-"\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367"
-"\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344"
-"\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144"
-"\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166"
-"\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141"
-"\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215"
-"\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061"
-"\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377"
-"\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300"
-"\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364"
-"\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174"
-"\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275"
-"\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163"
-"\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021"
-"\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017"
-"\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322"
-"\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374"
-"\347\201\035\031\303\044\102\352\143\071\251"
-, (PRUint32)891 }
-};
-static const NSSItem nss_builtins_items_75 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
-  { (void *)"\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050"
-"\122\312\344\164"
-, (PRUint32)20 },
-  { (void *)"\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344"
-, (PRUint32)16 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
-  { (void *)"\002\000\000\271"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_76 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
-  { (void *)"\002\000\000\270"
-, (PRUint32)4 },
-  { (void *)"\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002"
-"\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003"
-"\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145"
-"\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061"
-"\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063"
-"\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006"
-"\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102"
-"\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004"
-"\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060"
-"\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162"
-"\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142"
-"\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201"
-"\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336"
-"\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324"
-"\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040"
-"\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214"
-"\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322"
-"\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055"
-"\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342"
-"\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016"
-"\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035"
-"\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132"
-"\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016"
-"\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
-"\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343"
-"\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344"
-"\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117"
-"\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144"
-"\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022"
-"\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135"
-"\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342"
-"\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146"
-"\365"
-, (PRUint32)641 }
-};
-static const NSSItem nss_builtins_items_77 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 },
-  { (void *)"\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377"
-"\151\267\072\161"
-, (PRUint32)20 },
-  { (void *)"\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350"
-, (PRUint32)16 },
-  { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
-  { (void *)"\002\000\000\270"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_78 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\002\220\060\202\001\371\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053"
-"\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123"
-"\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165"
-"\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\071"
-"\071\060\066\062\061\060\064\060\060\060\060\132\027\015\062\060"
-"\060\066\062\061\060\064\060\060\060\060\132\060\132\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\034\060\032\006\003"
-"\125\004\012\023\023\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\111\156\143\056\061\055\060\053\006\003\125\004"
-"\003\023\044\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\107\154\157\142\141\154\040\145\102\165\163\151\156\145"
-"\163\163\040\103\101\055\061\060\201\237\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211"
-"\002\201\201\000\272\347\027\220\002\145\261\064\125\074\111\302"
-"\121\325\337\247\321\067\217\321\347\201\163\101\122\140\233\235"
-"\241\027\046\170\255\307\261\350\046\224\062\265\336\063\215\072"
-"\057\333\362\232\172\132\163\230\243\134\351\373\212\163\033\134"
-"\347\303\277\200\154\315\251\364\326\053\300\367\371\231\252\143"
-"\242\261\107\002\017\324\344\121\072\022\074\154\212\132\124\204"
-"\160\333\301\305\220\317\162\105\313\250\131\300\315\063\235\077"
-"\243\226\353\205\063\041\034\076\036\076\140\156\166\234\147\205"
-"\305\310\303\141\002\003\001\000\001\243\146\060\144\060\021\006"
-"\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250"
-"\240\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153"
-"\150\154\060\035\006\003\125\035\016\004\026\004\024\276\250\240"
-"\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150"
-"\154\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000"
-"\003\201\201\000\060\342\001\121\252\307\352\137\332\271\320\145"
-"\017\060\326\076\332\015\024\111\156\221\223\047\024\061\357\304"
-"\367\055\105\370\354\307\277\242\101\015\043\264\222\371\031\000"
-"\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320"
-"\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145"
-"\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257"
-"\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263"
-"\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031"
-"\126\224\251\125"
-, (PRUint32)660 }
-};
-static const NSSItem nss_builtins_items_79 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
-  { (void *)"\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312"
-"\331\012\031\105"
-, (PRUint32)20 },
-  { (void *)"\217\135\167\006\047\304\230\074\133\223\170\347\327\175\233\314"
-, (PRUint32)16 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_80 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
-  { (void *)"\004"
-, (PRUint32)1 },
-  { (void *)"\060\202\002\202\060\202\001\353\240\003\002\001\002\002\001\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060\044"
-"\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040\123"
-"\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163\040"
-"\103\101\055\061\060\036\027\015\071\071\060\066\062\061\060\064"
-"\060\060\060\060\132\027\015\062\060\060\066\062\061\060\064\060"
-"\060\060\060\132\060\123\061\013\060\011\006\003\125\004\006\023"
-"\002\125\123\061\034\060\032\006\003\125\004\012\023\023\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\111\156\143"
-"\056\061\046\060\044\006\003\125\004\003\023\035\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\145\102\165\163\151"
-"\156\145\163\163\040\103\101\055\061\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\316\057\031\274\027\267\167\336\223\251"
-"\137\132\015\027\117\064\032\014\230\364\042\331\131\324\304\150"
-"\106\360\264\065\305\205\003\040\306\257\105\245\041\121\105\101"
-"\353\026\130\066\062\157\342\120\142\144\371\375\121\234\252\044"
-"\331\364\235\203\052\207\012\041\323\022\070\064\154\215\000\156"
-"\132\240\331\102\356\032\041\225\371\122\114\125\132\305\017\070"
-"\117\106\372\155\370\056\065\326\035\174\353\342\360\260\165\200"
-"\310\251\023\254\276\210\357\072\156\253\137\052\070\142\002\260"
-"\022\173\376\217\246\003\002\003\001\000\001\243\146\060\144\060"
-"\021\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002"
-"\000\007\060\017\006\003\125\035\023\001\001\377\004\005\060\003"
-"\001\001\377\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\112\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152"
-"\107\174\114\241\060\035\006\003\125\035\016\004\026\004\024\112"
-"\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152\107"
-"\174\114\241\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\003\201\201\000\165\133\250\233\003\021\346\351\126\114"
-"\315\371\251\114\300\015\232\363\314\145\151\346\045\166\314\131"
-"\267\326\124\303\035\315\231\254\031\335\264\205\325\340\075\374"
-"\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176"
-"\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274"
-"\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174"
-"\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215"
-"\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315"
-"\132\052\202\262\067\171"
-, (PRUint32)646 }
-};
-static const NSSItem nss_builtins_items_81 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
-  { (void *)"\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365"
-"\267\321\212\101"
-, (PRUint32)20 },
-  { (void *)"\144\234\357\056\104\374\306\217\122\007\320\121\163\217\313\075"
-, (PRUint32)16 },
-  { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
-  { (void *)"\004"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_82 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
-  { (void *)"\067\160\317\265"
-, (PRUint32)4 },
-  { (void *)"\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\067"
-"\160\317\265\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003"
-"\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101"
-"\055\062\060\036\027\015\071\071\060\066\062\063\061\062\061\064"
-"\064\065\132\027\015\061\071\060\066\062\063\061\062\061\064\064"
-"\065\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003"
-"\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101"
-"\055\062\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\344"
-"\071\071\223\036\122\006\033\050\066\370\262\243\051\305\355\216"
-"\262\021\275\376\353\347\264\164\302\217\377\005\347\331\235\006"
-"\277\022\310\077\016\362\326\321\044\262\021\336\321\163\011\212"
-"\324\261\054\230\011\015\036\120\106\262\203\246\105\215\142\150"
-"\273\205\033\040\160\062\252\100\315\246\226\137\304\161\067\077"
-"\004\363\267\101\044\071\007\032\036\056\141\130\240\022\013\345"
-"\245\337\305\253\352\067\161\314\034\310\067\072\271\227\122\247"
-"\254\305\152\044\224\116\234\173\317\300\152\326\337\041\275\002"
-"\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003"
-"\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060"
-"\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004\013"
-"\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162\145"
-"\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062\061"
-"\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032"
-"\006\003\125\035\020\004\023\060\021\201\017\062\060\061\071\060"
-"\066\062\063\061\062\061\064\064\065\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\120\236\013\352\257\136\271\040\110\246\120\152"
-"\313\375\330\040\172\247\202\166\060\035\006\003\125\035\016\004"
-"\026\004\024\120\236\013\352\257\136\271\040\110\246\120\152\313"
-"\375\330\040\172\247\202\166\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007"
-"\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006"
-"\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\201\201\000\014\206\202\255\350\116\032\365\216\211\047\342"
-"\065\130\075\051\264\007\217\066\120\225\277\156\301\236\353\304"
-"\220\262\205\250\273\267\102\340\017\007\071\337\373\236\220\262"
-"\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347"
-"\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050"
-"\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365"
-"\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240"
-"\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341"
-"\221\060\352\315"
-, (PRUint32)804 }
-};
-static const NSSItem nss_builtins_items_83 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
-  { (void *)"\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350"
-"\202\263\205\314"
-, (PRUint32)20 },
-  { (void *)"\252\277\277\144\227\332\230\035\157\306\010\072\225\160\063\312"
-, (PRUint32)16 },
-  { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
-  { (void *)"\067\160\317\265"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_84 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Visa International Global Root 2", (PRUint32)33 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
-  { (void *)"\003\036"
-, (PRUint32)2 },
-  { (void *)"\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003"
-"\036\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062\060\036\027\015\060\060\060\070\061\066\062\062\065"
-"\061\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071"
-"\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123"
-"\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123"
-"\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151"
-"\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040"
-"\122\157\157\164\040\062\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\251\001\160\265\252\304\100\360\253"
-"\152\046\141\171\031\000\374\277\233\067\131\014\257\157\144\033"
-"\370\332\225\224\044\151\063\021\160\312\343\126\164\242\027\127"
-"\144\134\040\006\341\326\357\161\267\073\367\253\301\151\320\111"
-"\244\261\004\327\364\127\142\211\134\260\165\055\027\044\151\343"
-"\102\140\344\356\164\326\253\200\126\330\210\050\341\373\155\042"
-"\375\043\174\106\163\117\176\124\163\036\250\054\125\130\165\267"
-"\114\363\132\105\245\002\032\372\332\235\303\105\303\042\136\363"
-"\213\361\140\051\322\307\137\264\014\072\121\203\357\060\370\324"
-"\347\307\362\372\231\243\042\120\276\371\005\067\243\255\355\232"
-"\303\346\354\210\033\266\031\047\033\070\213\200\115\354\271\307"
-"\305\211\313\374\032\062\355\043\360\265\001\130\371\366\217\340"
-"\205\251\114\011\162\071\022\333\263\365\317\116\142\144\332\306"
-"\031\025\072\143\035\351\027\125\241\114\042\074\064\062\106\370"
-"\145\127\272\053\357\066\214\152\372\331\331\104\364\252\335\204"
-"\327\015\034\262\124\254\062\205\264\144\015\336\101\273\261\064"
-"\306\001\206\062\144\325\237\002\003\001\000\001\243\102\060\100"
-"\060\035\006\003\125\035\016\004\026\004\024\236\175\113\064\277"
-"\161\255\302\005\366\003\165\200\316\251\117\032\304\044\114\060"
-"\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377"
-"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
-"\202\001\001\000\041\245\166\024\125\371\255\047\160\217\074\364"
-"\325\154\310\314\012\253\243\230\013\212\006\043\305\311\141\333"
-"\231\007\151\065\046\061\376\307\056\204\302\231\141\324\015\351"
-"\175\056\023\053\174\216\205\266\205\307\113\317\065\266\054\107"
-"\075\316\051\057\330\157\237\211\034\144\223\277\010\275\166\320"
-"\220\212\224\263\177\050\133\156\254\115\063\054\355\145\334\026"
-"\314\342\315\256\244\075\142\222\006\225\046\277\337\271\344\040"
-"\246\163\152\301\276\367\224\104\326\115\157\052\013\153\030\115"
-"\164\020\066\150\152\132\301\152\247\335\066\051\214\270\060\213"
-"\117\041\077\000\056\124\060\007\072\272\212\344\303\236\312\330"
-"\265\330\173\316\165\105\146\007\364\155\055\330\172\312\351\211"
-"\212\362\043\330\057\313\156\000\066\117\373\360\057\001\314\017"
-"\300\042\145\364\253\342\116\141\055\003\202\175\221\026\265\060"
-"\325\024\336\136\307\220\374\241\374\253\020\257\134\153\160\247"
-"\007\357\051\206\350\262\045\307\040\377\046\335\167\357\171\104"
-"\024\304\275\335\073\305\003\233\167\043\354\240\354\273\132\071"
-"\265\314\255\006"
-, (PRUint32)900 }
-};
-static const NSSItem nss_builtins_items_85 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Visa International Global Root 2", (PRUint32)33 },
-  { (void *)"\311\015\033\352\210\075\247\321\027\276\073\171\364\041\016\032"
-"\130\224\247\055"
-, (PRUint32)20 },
-  { (void *)"\065\110\225\066\112\124\132\162\226\216\340\144\314\357\054\214"
-, (PRUint32)16 },
-  { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
-  { (void *)"\003\036"
-, (PRUint32)2 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_86 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA", (PRUint32)18 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
-  { (void *)"\071\117\175\207"
-, (PRUint32)4 },
-  { (void *)"\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071"
-"\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127"
-"\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122"
-"\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124"
-"\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036"
-"\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027"
-"\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060"
-"\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145"
-"\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032"
-"\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124"
-"\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023"
-"\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064"
-"\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372"
-"\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117"
-"\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117"
-"\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232"
-"\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014"
-"\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163"
-"\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026"
-"\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327"
-"\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034"
-"\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065"
-"\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215"
-"\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266"
-"\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201"
-"\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143"
-"\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001"
-"\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001"
-"\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125"
-"\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012"
-"\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202"
-"\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032"
-"\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150"
-"\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142"
-"\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165"
-"\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157"
-"\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151"
-"\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164"
-"\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151"
-"\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040"
-"\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162"
-"\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164"
-"\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146"
-"\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145"
-"\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164"
-"\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123"
-"\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145"
-"\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026"
-"\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124"
-"\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164"
-"\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060"
-"\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006"
-"\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061"
-"\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003"
-"\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315"
-"\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125"
-"\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330"
-"\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313"
-"\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350"
-"\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306"
-"\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247"
-"\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366"
-"\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226"
-"\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073"
-"\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036"
-"\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000"
-"\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226"
-"\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071"
-"\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334"
-"\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363"
-"\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034"
-"\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077"
-"\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256"
-, (PRUint32)1328 }
-};
-static const NSSItem nss_builtins_items_87 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA", (PRUint32)18 },
-  { (void *)"\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114"
-"\106\364\160\070"
-, (PRUint32)20 },
-  { (void *)"\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064"
-, (PRUint32)16 },
-  { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
-  { (void *)"\071\117\175\207"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_88 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust Low-Value Services Root", (PRUint32)33 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144"
-"\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103"
-"\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060"
-"\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061"
-"\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004"
-"\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013"
-"\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006"
-"\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124"
-"\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003"
-"\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154"
-"\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001"
-"\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226"
-"\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043"
-"\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245"
-"\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003"
-"\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126"
-"\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247"
-"\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242"
-"\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215"
-"\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245"
-"\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373"
-"\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274"
-"\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041"
-"\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232"
-"\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233"
-"\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302"
-"\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061"
-"\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003"
-"\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016"
-"\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011"
-"\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004"
-"\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201"
-"\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321"
-"\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145"
-"\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060"
-"\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164"
-"\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144"
-"\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157"
-"\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144"
-"\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101"
-"\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033"
-"\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227"
-"\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105"
-"\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036"
-"\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063"
-"\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043"
-"\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036"
-"\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030"
-"\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256"
-"\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123"
-"\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145"
-"\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030"
-"\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173"
-"\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200"
-"\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317"
-"\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344"
-"\065\341\035\026\034\320\274\053\216\326\161\331"
-, (PRUint32)1052 }
-};
-static const NSSItem nss_builtins_items_89 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust Low-Value Services Root", (PRUint32)33 },
-  { (void *)"\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353"
-"\044\343\224\235"
-, (PRUint32)20 },
-  { (void *)"\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374"
-, (PRUint32)16 },
-  { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_90 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust External Root", (PRUint32)23 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101"
-"\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154"
-"\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040"
-"\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040"
-"\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164"
-"\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070"
-"\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132"
-"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355"
-"\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244"
-"\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345"
-"\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375"
-"\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117"
-"\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232"
-"\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327"
-"\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023"
-"\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117"
-"\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327"
-"\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171"
-"\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070"
-"\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315"
-"\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043"
-"\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053"
-"\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064"
-"\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006"
-"\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367"
-"\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125"
-"\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264"
-"\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163"
-"\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123"
-"\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124"
-"\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013"
-"\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162"
-"\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061"
-"\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165"
-"\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122"
-"\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302"
-"\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331"
-"\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107"
-"\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245"
-"\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065"
-"\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071"
-"\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044"
-"\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030"
-"\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302"
-"\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152"
-"\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247"
-"\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027"
-"\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236"
-"\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163"
-"\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132"
-"\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202"
-"\027\132\173\320\274\307\217\116\206\004"
-, (PRUint32)1082 }
-};
-static const NSSItem nss_builtins_items_91 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust External Root", (PRUint32)23 },
-  { (void *)"\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133"
-"\150\205\030\150"
-, (PRUint32)20 },
-  { (void *)"\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077"
-, (PRUint32)16 },
-  { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_92 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust Public Services Root", (PRUint32)30 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101"
-"\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103"
-"\101\040\122\157\157\164"
-, (PRUint32)102 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101"
-"\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103"
-"\101\040\122\157\157\164"
-, (PRUint32)102 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144"
-"\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101"
-"\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061"
-"\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060"
-"\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006"
-"\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101"
-"\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003"
-"\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124"
-"\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125"
-"\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142"
-"\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217"
-"\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151"
-"\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125"
-"\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362"
-"\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305"
-"\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327"
-"\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167"
-"\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325"
-"\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317"
-"\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121"
-"\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136"
-"\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207"
-"\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263"
-"\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320"
-"\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105"
-"\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353"
-"\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000"
-"\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026"
-"\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252"
-"\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003"
-"\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060"
-"\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253"
-"\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013"
-"\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006"
-"\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101"
-"\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124"
-"\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153"
-"\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162"
-"\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157"
-"\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332"
-"\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272"
-"\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332"
-"\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262"
-"\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277"
-"\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175"
-"\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132"
-"\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050"
-"\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307"
-"\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146"
-"\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341"
-"\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266"
-"\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120"
-"\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046"
-"\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035"
-"\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362"
-"\116\072\063\014\053\263\055\220\006"
-, (PRUint32)1049 }
-};
-static const NSSItem nss_builtins_items_93 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust Public Services Root", (PRUint32)30 },
-  { (void *)"\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231"
-"\162\054\226\345"
-, (PRUint32)20 },
-  { (void *)"\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177"
-, (PRUint32)16 },
-  { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_94 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144"
-"\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144"
-"\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065"
-"\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063"
-"\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003"
-"\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012"
-"\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060"
-"\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164"
-"\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041"
-"\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040"
-"\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157"
-"\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137"
-"\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052"
-"\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322"
-"\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022"
-"\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106"
-"\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050"
-"\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052"
-"\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042"
-"\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076"
-"\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255"
-"\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024"
-"\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370"
-"\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341"
-"\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065"
-"\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113"
-"\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145"
-"\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006"
-"\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324"
-"\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125"
-"\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134"
-"\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153"
-"\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123"
-"\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124"
-"\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013"
-"\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116"
-"\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023"
-"\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146"
-"\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001"
-"\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357"
-"\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125"
-"\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263"
-"\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146"
-"\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043"
-"\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152"
-"\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227"
-"\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311"
-"\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262"
-"\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267"
-"\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056"
-"\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033"
-"\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130"
-"\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335"
-"\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336"
-"\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350"
-"\306\241"
-, (PRUint32)1058 }
-};
-static const NSSItem nss_builtins_items_95 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
-  { (void *)"\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036"
-"\305\115\213\317"
-, (PRUint32)20 },
-  { (void *)"\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273"
-, (PRUint32)16 },
-  { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_96 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary OCSP Responder", (PRUint32)47 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\053"
-"\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132"
-"\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\271\355\136\172\072\167\137\316\137\072"
-"\122\374\315\144\367\161\265\157\152\226\306\131\222\125\224\135"
-"\057\133\056\301\021\352\046\212\313\247\201\074\366\132\104\336"
-"\172\023\057\375\132\121\331\173\067\046\112\300\047\077\004\003"
-"\152\126\301\203\054\341\157\133\251\124\120\044\112\306\056\172"
-"\114\241\133\067\124\044\041\061\037\241\170\030\166\247\261\160"
-"\332\042\320\152\376\007\142\100\306\367\366\233\175\014\006\270"
-"\113\307\050\344\146\043\204\121\357\106\267\223\330\201\063\313"
-"\345\066\254\306\350\005\002\003\001\000\001\243\202\001\020\060"
-"\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\061\060\061\006\003\125\035\037\004\052\060\050"
-"\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\061\056\143\162\154\060\023\006\003\125\035\045\004"
-"\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006"
-"\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006"
-"\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164"
-"\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147"
-"\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165"
-"\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013"
-"\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006"
-"\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163"
-"\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056"
-"\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002"
-"\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201"
-"\201\000\160\220\335\270\344\276\123\027\174\177\002\351\325\367"
-"\213\231\223\061\140\215\176\346\140\153\044\357\140\254\322\316"
-"\221\336\200\155\011\244\323\270\070\345\104\312\162\136\015\055"
-"\301\167\234\275\054\003\170\051\215\244\245\167\207\365\361\053"
-"\046\255\314\007\154\072\124\132\050\340\011\363\115\012\004\312"
-"\324\130\151\013\247\263\365\335\001\245\347\334\360\037\272\301"
-"\135\220\215\263\352\117\301\021\131\227\152\262\053\023\261\332"
-"\255\227\241\263\261\240\040\133\312\062\253\215\317\023\360\037"
-"\051\303"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_97 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 1 Public Primary OCSP Responder", (PRUint32)47 },
-  { (void *)"\004\226\110\344\112\311\314\255\105\203\230\331\074\175\221\365"
-"\042\104\033\212"
-, (PRUint32)20 },
-  { (void *)"\176\157\072\123\033\174\276\260\060\333\103\036\036\224\211\262"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_98 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary OCSP Responder", (PRUint32)47 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\011"
-"\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\061\060\060\060\060\060\060\132"
-"\027\015\060\064\060\067\063\061\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\320\312\143\061\141\177\104\064\174\005"
-"\175\013\075\152\220\313\171\113\167\012\077\113\307\043\345\300"
-"\142\055\176\234\176\076\210\207\221\320\254\350\115\111\207\242"
-"\226\220\212\335\004\245\002\077\214\233\351\211\376\142\240\342"
-"\132\275\310\335\264\170\346\245\102\223\010\147\001\300\040\115"
-"\327\134\364\135\332\263\343\067\246\122\032\054\114\145\115\212"
-"\207\331\250\243\361\111\124\273\074\134\200\121\150\306\373\111"
-"\377\013\125\253\025\335\373\232\301\271\035\164\015\262\214\104"
-"\135\211\374\237\371\203\002\003\001\000\001\243\202\001\020\060"
-"\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\062\060\061\006\003\125\035\037\004\052\060\050"
-"\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\062\056\143\162\154\060\023\006\003\125\035\045\004"
-"\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006"
-"\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006"
-"\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164"
-"\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147"
-"\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165"
-"\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013"
-"\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006"
-"\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163"
-"\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056"
-"\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002"
-"\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201"
-"\201\000\037\175\011\156\044\106\165\004\234\363\046\233\343\071"
-"\156\027\357\274\275\242\033\322\002\204\206\253\320\100\227\054"
-"\304\103\210\067\031\153\042\250\003\161\120\235\040\334\066\140"
-"\040\232\163\055\163\125\154\130\233\054\302\264\064\054\172\063"
-"\102\312\221\331\351\103\257\317\036\340\365\304\172\253\077\162"
-"\143\036\251\067\341\133\073\210\263\023\206\202\220\127\313\127"
-"\377\364\126\276\042\335\343\227\250\341\274\042\103\302\335\115"
-"\333\366\201\236\222\024\236\071\017\023\124\336\202\330\300\136"
-"\064\215"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_99 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 2 Public Primary OCSP Responder", (PRUint32)47 },
-  { (void *)"\042\171\151\276\320\122\116\115\035\066\262\361\162\041\167\361"
-"\124\123\110\167"
-, (PRUint32)20 },
-  { (void *)"\363\105\275\020\226\015\205\113\357\237\021\142\064\247\136\265"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_100 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary OCSP Responder", (PRUint32)47 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\242\060\202\003\013\240\003\002\001\002\002\020\056"
-"\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132"
-"\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\361\344\010\016\203\273\165\343\110\345"
-"\270\333\246\360\271\253\351\074\142\307\136\065\133\320\002\124"
-"\021\330\311\321\126\271\166\113\271\253\172\346\315\272\366\014"
-"\004\326\176\326\260\012\145\254\116\071\343\361\367\055\243\045"
-"\071\357\260\213\317\276\333\014\135\156\160\364\007\315\160\367"
-"\072\300\076\065\026\355\170\214\103\317\302\046\056\107\326\206"
-"\175\234\361\276\326\147\014\042\045\244\312\145\346\037\172\170"
-"\050\057\077\005\333\004\041\277\341\105\146\376\074\267\202\355"
-"\132\270\026\025\271\125\002\003\001\000\001\243\202\001\024\060"
-"\202\001\020\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\063\060\065\006\003\125\035\037\004\056\060\054"
-"\060\052\240\050\240\046\206\044\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\063\056\061\056\061\056\143\162\154\060\023\006\003"
-"\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007\003"
-"\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066\060"
-"\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046\026"
-"\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145\162"
-"\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057\163"
-"\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060\073"
-"\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001\060"
-"\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150"
-"\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163"
-"\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003\125"
-"\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004\003"
-"\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\002\366\123\143\300\251\036\362\320\213"
-"\063\060\217\110\233\114\260\126\264\203\161\112\276\334\120\330"
-"\365\266\340\013\333\275\170\117\351\317\011\064\332\051\111\235"
-"\001\163\132\221\221\202\124\054\023\012\323\167\043\317\067\374"
-"\143\336\247\343\366\267\265\151\105\050\111\303\221\334\252\107"
-"\034\251\210\231\054\005\052\215\215\212\372\142\342\132\267\000"
-"\040\135\071\304\050\302\313\374\236\250\211\256\133\075\216\022"
-"\352\062\262\374\353\024\327\011\025\032\300\315\033\325\265\025"
-"\116\101\325\226\343\116"
-, (PRUint32)934 }
-};
-static const NSSItem nss_builtins_items_101 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Class 3 Public Primary OCSP Responder", (PRUint32)47 },
-  { (void *)"\265\355\267\332\046\072\126\164\322\042\105\060\324\307\217\172"
-"\007\365\345\137"
-, (PRUint32)20 },
-  { (void *)"\175\121\222\311\166\203\230\026\336\214\263\206\304\175\146\373"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_102 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Secure Server OCSP Responder", (PRUint32)38 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003"
-"\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145"
-"\162"
-, (PRUint32)161 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117"
-"\336"
-, (PRUint32)17 },
-  { (void *)"\060\202\003\237\060\202\003\014\240\003\002\001\002\002\021\000"
-"\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117\336"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040"
-"\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141\164"
-"\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143\056"
-"\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060"
-"\132\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132"
-"\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003"
-"\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145"
-"\162\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\270\121"
-"\231\144\205\016\356\263\012\150\360\277\143\166\035\123\365\374"
-"\241\170\214\063\356\237\364\276\071\332\233\017\115\107\251\217"
-"\040\350\113\104\275\316\315\173\220\321\060\350\220\304\045\173"
-"\211\050\336\275\366\223\035\377\271\377\222\265\251\215\344\256"
-"\314\342\303\007\203\152\243\162\020\001\047\142\042\246\065\046"
-"\071\055\236\317\140\014\374\107\244\327\320\102\170\247\035\154"
-"\320\313\117\025\247\051\012\264\225\105\304\261\347\132\011\327"
-"\071\225\330\035\065\236\302\275\263\135\301\014\113\037\002\003"
-"\001\000\001\243\202\001\035\060\202\001\031\060\040\006\003\125"
-"\035\021\004\031\060\027\244\025\060\023\061\021\060\017\006\003"
-"\125\004\003\023\010\117\103\123\120\040\061\055\064\060\076\006"
-"\003\125\035\037\004\067\060\065\060\063\240\061\240\057\206\055"
-"\150\164\164\160\072\057\057\143\162\154\056\166\145\162\151\163"
-"\151\147\156\056\143\157\155\057\122\123\101\123\145\143\165\162"
-"\145\123\145\162\166\145\162\055\160\056\143\162\154\060\023\006"
-"\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007"
-"\003\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066"
-"\060\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046"
-"\026\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145"
-"\162\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057"
-"\163\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060"
-"\073\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001"
-"\060\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034"
-"\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151"
-"\163\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003"
-"\125\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004"
-"\003\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\176\000\000\263\020\123\146\234\111\223\056\061"
-"\240\002\102\322\130\127\176\146\241\376\033\212\141\030\120\100"
-"\054\036\053\101\245\326\333\377\254\010\034\132\005\155\002\134"
-"\052\266\226\117\107\333\276\116\333\316\314\272\206\270\030\316"
-"\261\022\221\137\143\367\363\110\076\314\361\115\023\344\155\011"
-"\224\170\000\222\313\243\040\235\006\013\152\240\103\007\316\321"
-"\031\154\217\030\165\232\237\027\063\375\251\046\270\343\342\336"
-"\302\250\304\132\212\177\230\326\007\006\153\314\126\236\206\160"
-"\316\324\357"
-, (PRUint32)931 }
-};
-static const NSSItem nss_builtins_items_103 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Secure Server OCSP Responder", (PRUint32)38 },
-  { (void *)"\161\236\140\141\327\175\054\203\361\242\135\074\366\215\002\274"
-"\224\070\305\056"
-, (PRUint32)20 },
-  { (void *)"\054\142\303\330\200\001\026\011\352\131\352\170\253\020\103\366"
-, (PRUint32)16 },
-  { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
-  { (void *)"\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117"
-"\336"
-, (PRUint32)17 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_104 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Time Stamping Authority CA", (PRUint32)36 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\245\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\162\160\141\040\050\143\051\060\060\061\054\060\052\006\003"
-"\125\004\003\023\043\126\145\162\151\123\151\147\156\040\124\151"
-"\155\145\040\123\164\141\155\160\151\156\147\040\101\165\164\150"
-"\157\162\151\164\171\040\103\101"
-, (PRUint32)168 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\315\060\202\003\066\240\003\002\001\002\002\020\123"
-"\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201"
-"\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013"
-"\023\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061"
-"\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165"
-"\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154"
-"\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151"
-"\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157"
-"\162\153\060\036\027\015\060\060\060\071\062\066\060\060\060\060"
-"\060\060\132\027\015\061\060\060\071\062\065\062\063\065\071\065"
-"\071\132\060\201\245\061\027\060\025\006\003\125\004\012\023\016"
-"\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061\037"
-"\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147"
-"\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061"
-"\073\060\071\006\003\125\004\013\023\062\124\145\162\155\163\040"
-"\157\146\040\165\163\145\040\141\164\040\150\164\164\160\163\072"
-"\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056\143"
-"\157\155\057\162\160\141\040\050\143\051\060\060\061\054\060\052"
-"\006\003\125\004\003\023\043\126\145\162\151\123\151\147\156\040"
-"\124\151\155\145\040\123\164\141\155\160\151\156\147\040\101\165"
-"\164\150\157\162\151\164\171\040\103\101\060\201\237\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000"
-"\060\201\211\002\201\201\000\322\031\235\147\302\000\041\131\142"
-"\316\264\011\042\104\151\212\370\045\132\333\355\015\267\066\176"
-"\116\340\273\224\076\220\045\207\302\141\107\051\331\275\124\270"
-"\143\314\054\175\151\264\063\066\364\067\007\232\301\335\100\124"
-"\374\340\170\235\240\223\271\011\075\043\121\177\104\302\024\164"
-"\333\012\276\313\311\060\064\100\230\076\320\327\045\020\201\224"
-"\275\007\117\234\326\124\047\337\056\250\277\313\220\214\215\165"
-"\113\274\342\350\104\207\315\346\101\012\045\156\350\364\044\002"
-"\305\122\017\156\354\230\165\002\003\001\000\001\243\201\337\060"
-"\201\334\060\017\006\003\125\035\023\004\010\060\006\001\001\377"
-"\002\001\000\060\105\006\003\125\035\040\004\076\060\074\060\072"
-"\006\014\140\206\110\001\206\370\105\001\007\027\001\003\060\052"
-"\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164"
-"\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163\151"
-"\147\156\056\143\157\155\057\162\160\141\060\061\006\003\125\035"
-"\037\004\052\060\050\060\046\240\044\240\042\206\040\150\164\164"
-"\160\072\057\057\143\162\154\056\166\145\162\151\163\151\147\156"
-"\056\143\157\155\057\160\143\141\063\056\143\162\154\060\013\006"
-"\003\125\035\017\004\004\003\002\001\006\060\102\006\010\053\006"
-"\001\005\005\007\001\001\004\066\060\064\060\062\006\010\053\006"
-"\001\005\005\007\060\001\246\046\026\044\150\164\164\160\072\057"
-"\057\157\143\163\160\056\166\145\162\151\163\151\147\156\056\143"
-"\157\155\057\157\143\163\160\057\163\164\141\164\165\163\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
-"\000\202\160\150\225\337\266\015\302\001\160\031\112\322\124\126"
-"\036\254\362\105\114\207\270\365\065\353\170\113\005\251\310\235"
-"\073\031\041\056\160\064\112\242\365\211\340\025\165\105\347\050"
-"\067\000\064\047\051\350\067\113\362\357\104\227\153\027\121\032"
-"\303\126\235\074\032\212\366\112\106\106\067\214\372\313\365\144"
-"\132\070\150\056\034\303\357\160\316\270\106\006\026\277\367\176"
-"\347\265\250\076\105\254\251\045\165\042\173\157\077\260\234\224"
-"\347\307\163\253\254\037\356\045\233\300\026\355\267\312\133\360"
-"\024"
-, (PRUint32)977 }
-};
-static const NSSItem nss_builtins_items_105 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Verisign Time Stamping Authority CA", (PRUint32)36 },
-  { (void *)"\246\017\064\310\142\154\201\366\213\367\175\251\366\147\130\212"
-"\220\077\175\066"
-, (PRUint32)20 },
-  { (void *)"\211\111\124\214\310\150\232\203\051\354\334\006\163\041\253\227"
-, (PRUint32)16 },
-  { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
-  { (void *)"\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_106 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)"\060\202\002\241\060\202\002\012\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007\023"
-"\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060\015"
-"\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035\060"
-"\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060\035"
-"\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124\151"
-"\155\145\163\164\141\155\160\151\156\147\040\103\101\060\036\027"
-"\015\071\067\060\061\060\061\060\060\060\060\060\060\132\027\015"
-"\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\213"
-"\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060"
-"\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040"
-"\103\141\160\145\061\024\060\022\006\003\125\004\007\023\013\104"
-"\165\162\142\141\156\166\151\154\154\145\061\017\060\015\006\003"
-"\125\004\012\023\006\124\150\141\167\164\145\061\035\060\033\006"
-"\003\125\004\013\023\024\124\150\141\167\164\145\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\061\037\060\035\006\003"
-"\125\004\003\023\026\124\150\141\167\164\145\040\124\151\155\145"
-"\163\164\141\155\160\151\156\147\040\103\101\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\326\053\130\170\141\105\206\123"
-"\352\064\173\121\234\355\260\346\056\030\016\376\340\137\250\047"
-"\323\264\311\340\174\131\116\026\016\163\124\140\301\177\366\237"
-"\056\351\072\205\044\025\074\333\107\004\143\303\236\304\224\032"
-"\132\337\114\172\363\331\103\035\074\020\172\171\045\333\220\376"
-"\360\121\347\060\326\101\000\375\237\050\337\171\276\224\273\235"
-"\266\024\343\043\205\327\251\101\340\114\244\171\260\053\032\213"
-"\362\370\073\212\076\105\254\161\222\000\264\220\101\230\373\137"
-"\355\372\267\056\212\370\210\067\002\003\001\000\001\243\023\060"
-"\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001"
-"\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\147\333\342\302\346\207\075\100\203\206\067"
-"\065\175\037\316\232\303\014\146\040\250\272\252\004\211\206\302"
-"\365\020\010\015\277\313\242\005\212\320\115\066\076\364\327\357"
-"\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333"
-"\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220"
-"\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354"
-"\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003"
-"\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031"
-"\011\254\211\111\323"
-, (PRUint32)677 }
-};
-static const NSSItem nss_builtins_items_107 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
-  { (void *)"\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105"
-"\010\116\326\126"
-, (PRUint32)20 },
-  { (void *)"\177\146\172\161\323\353\151\170\040\232\121\024\235\203\332\040"
-, (PRUint32)16 },
-  { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
-  { (void *)"\000"
-, (PRUint32)1 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_108 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
-  { (void *)"\070\233\021\074"
-, (PRUint32)4 },
-  { (void *)"\060\202\004\225\060\202\003\376\240\003\002\001\002\002\004\070"
-"\233\021\074\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\272\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075\006"
-"\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151\156"
-"\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154"
-"\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043"
-"\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040"
-"\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151"
-"\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156"
-"\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145"
-"\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\062\060\064\061\067\062\060\060\060\132"
-"\027\015\062\060\060\062\060\064\061\067\065\060\060\060\132\060"
-"\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125\004"
-"\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157\162"
-"\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151"
-"\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125"
-"\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156\164"
-"\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144"
-"\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165"
-"\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145"
-"\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201"
-"\215\000\060\201\211\002\201\201\000\307\301\137\116\161\361\316"
-"\360\140\206\017\322\130\177\323\063\227\055\027\242\165\060\265"
-"\226\144\046\057\150\303\104\253\250\165\346\000\147\064\127\236"
-"\145\307\042\233\163\346\323\335\010\016\067\125\252\045\106\201"
-"\154\275\376\250\366\165\127\127\214\220\154\112\303\076\213\113"
-"\103\012\311\021\126\232\232\047\042\231\317\125\236\141\331\002"
-"\342\174\266\174\070\007\334\343\177\117\232\271\003\101\200\266"
-"\165\147\023\013\237\350\127\066\310\135\000\066\336\146\024\332"
-"\156\166\037\117\067\214\202\023\211\002\003\001\000\001\243\202"
-"\001\244\060\202\001\240\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\201\343\006\003\125\035"
-"\037\004\201\333\060\201\330\060\201\325\240\201\322\240\201\317"
-"\244\201\314\060\201\311\061\024\060\022\006\003\125\004\012\023"
-"\013\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075"
-"\006\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165"
-"\163\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105"
-"\156\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\061\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060"
-"\053\006\003\125\035\020\004\044\060\042\200\017\062\060\060\060"
-"\060\062\060\064\061\067\062\060\060\060\132\201\017\062\060\062"
-"\060\060\062\060\064\061\067\065\060\060\060\132\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\313\154\300\153\343\273\076\313\374\042"
-"\234\376\373\213\222\234\260\362\156\042\060\035\006\003\125\035"
-"\016\004\026\004\024\313\154\300\153\343\273\076\313\374\042\234"
-"\376\373\213\222\234\260\362\156\042\060\014\006\003\125\035\023"
-"\004\005\060\003\001\001\377\060\035\006\011\052\206\110\206\366"
-"\175\007\101\000\004\020\060\016\033\010\126\065\056\060\072\064"
-"\056\060\003\002\004\220\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\142\333\201\221\316\310\232"
-"\167\102\057\354\275\047\243\123\017\120\033\352\116\222\360\251"
-"\257\251\240\272\110\141\313\357\311\006\357\037\325\364\356\337"
-"\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205"
-"\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021"
-"\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154"
-"\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124"
-"\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274"
-"\005\377\154\211\063\360\354\025\017"
-, (PRUint32)1177 }
-};
-static const NSSItem nss_builtins_items_109 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
-  { (void *)"\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366"
-"\045\072\110\223"
-, (PRUint32)20 },
-  { (void *)"\235\146\152\314\377\325\365\103\264\277\214\026\321\053\250\231"
-, (PRUint32)16 },
-  { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
-  { (void *)"\070\233\021\074"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_110 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
-  { (void *)"\070\236\366\344"
-, (PRUint32)4 },
-  { (void *)"\060\202\004\203\060\202\003\354\240\003\002\001\002\002\004\070"
-"\236\366\344\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006"
-"\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\107\103\103\101\137\103\120\123\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105"
-"\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145\156"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\060\036\027\015\060\060\060"
-"\062\060\067\061\066\061\066\064\060\132\027\015\062\060\060\062"
-"\060\067\061\066\064\066\064\060\132\060\201\264\061\024\060\022"
-"\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156"
-"\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167"
-"\056\145\156\164\162\165\163\164\056\156\145\164\057\107\103\103"
-"\101\137\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151"
-"\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050"
-"\143\051\040\062\060\060\060\040\105\156\164\162\165\163\164\056"
-"\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006"
-"\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145"
-"\164\040\103\154\151\145\156\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
-"\005\000\003\201\215\000\060\201\211\002\201\201\000\223\164\264"
-"\266\344\305\113\326\241\150\177\142\325\354\367\121\127\263\162"
-"\112\230\365\320\211\311\255\143\315\115\065\121\152\204\324\255"
-"\311\150\171\157\270\353\021\333\207\256\134\044\121\023\361\124"
-"\045\204\257\051\053\237\343\200\342\331\313\335\306\105\111\064"
-"\210\220\136\001\227\357\352\123\246\335\374\301\336\113\052\045"
-"\344\351\065\372\125\005\006\345\211\172\352\244\021\127\073\374"
-"\174\075\066\315\147\065\155\244\251\045\131\275\146\365\371\047"
-"\344\225\147\326\077\222\200\136\362\064\175\053\205\002\003\001"
-"\000\001\243\202\001\236\060\202\001\232\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201\335"
-"\006\003\125\035\037\004\201\325\060\201\322\060\201\317\240\201"
-"\314\240\201\311\244\201\306\060\201\303\061\024\060\022\006\003"
-"\125\004\012\023\013\105\156\164\162\165\163\164\056\156\145\164"
-"\061\100\060\076\006\003\125\004\013\024\067\167\167\167\056\145"
-"\156\164\162\165\163\164\056\156\145\164\057\107\103\103\101\137"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141\142"
-"\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\062\060\060\060\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015"
-"\060\013\006\003\125\004\003\023\004\103\122\114\061\060\053\006"
-"\003\125\035\020\004\044\060\042\200\017\062\060\060\060\060\062"
-"\060\067\061\066\061\066\064\060\132\201\017\062\060\062\060\060"
-"\062\060\067\061\066\064\066\064\060\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\204\213\164\375\305\215\300\377\047\155\040\067"
-"\105\174\376\055\316\272\323\175\060\035\006\003\125\035\016\004"
-"\026\004\024\204\213\164\375\305\215\300\377\047\155\040\067\105"
-"\174\376\055\316\272\323\175\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\035\006\011\052\206\110\206\366\175\007"
-"\101\000\004\020\060\016\033\010\126\065\056\060\072\064\056\060"
-"\003\002\004\220\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\116\157\065\200\073\321\212\365\016"
-"\247\040\313\055\145\125\320\222\364\347\204\265\006\046\203\022"
-"\204\013\254\073\262\104\356\275\317\100\333\040\016\272\156\024"
-"\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276"
-"\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277"
-"\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172"
-"\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103"
-"\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235"
-"\316\145\146\227\256\046\136"
-, (PRUint32)1159 }
-};
-static const NSSItem nss_builtins_items_111 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
-  { (void *)"\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266"
-"\266\360\277\163"
-, (PRUint32)20 },
-  { (void *)"\232\167\031\030\355\226\317\337\033\267\016\365\215\271\210\056"
-, (PRUint32)16 },
-  { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
-  { (void *)"\070\236\366\344"
-, (PRUint32)4 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_112 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AOL Time Warner Root Certification Authority 1", (PRUint32)47 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\061"
-, (PRUint32)134 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\061"
-, (PRUint32)134 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\003\346\060\202\002\316\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151"
-"\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034"
-"\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141"
-"\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065"
-"\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040"
-"\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\061\060\036\027\015\060\062\060\065\062\071\060"
-"\066\060\060\060\060\132\027\015\063\067\061\061\062\060\061\065"
-"\060\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004"
-"\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024"
-"\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040"
-"\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101"
-"\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114"
-"\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\061\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\231\336\217\303"
-"\045\243\151\064\350\005\367\164\271\277\132\227\031\271\057\224"
-"\322\223\345\055\211\312\204\174\077\020\103\033\214\213\174\204"
-"\130\370\044\174\110\317\052\375\300\025\331\030\176\204\032\027"
-"\323\333\236\327\312\344\331\327\252\130\121\207\360\360\213\110"
-"\116\342\302\304\131\151\060\142\266\060\242\214\013\021\231\141"
-"\065\155\176\357\305\261\031\006\040\022\216\102\341\337\017\226"
-"\020\122\250\317\234\137\225\024\330\257\073\165\013\061\040\037"
-"\104\057\242\142\101\263\273\030\041\333\312\161\074\214\354\266"
-"\271\015\237\357\121\357\115\173\022\362\013\014\341\254\100\217"
-"\167\177\260\312\170\161\014\135\026\161\160\242\327\302\072\205"
-"\315\016\232\304\340\000\260\325\045\352\334\053\344\224\055\070"
-"\234\211\101\127\144\050\145\031\034\266\104\264\310\061\153\216"
-"\001\173\166\131\045\177\025\034\204\010\174\163\145\040\012\241"
-"\004\056\032\062\250\232\040\261\234\054\041\131\347\373\317\356"
-"\160\055\010\312\143\076\054\233\223\031\152\244\302\227\377\267"
-"\206\127\210\205\154\236\025\026\053\115\054\263\002\003\001\000"
-"\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004"
-"\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310\330"
-"\075\174\276\137\022\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310"
-"\330\075\174\276\137\022\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\212\040\030\245\276\263"
-"\057\264\246\204\000\100\060\051\372\264\024\163\114\171\105\247"
-"\366\160\340\350\176\144\036\012\225\174\152\141\302\357\116\037"
-"\276\377\311\231\037\007\141\112\341\135\114\315\255\356\320\122"
-"\062\331\131\062\274\332\171\162\326\173\011\350\002\201\065\323"
-"\012\337\021\035\311\171\240\200\115\376\132\327\126\326\355\017"
-"\052\257\247\030\165\063\014\352\301\141\005\117\152\232\211\362"
-"\215\271\237\056\357\260\137\132\000\353\276\255\240\370\104\005"
-"\147\274\313\004\357\236\144\305\351\310\077\005\277\306\057\007"
-"\034\303\066\161\206\312\070\146\112\315\326\270\113\306\154\247"
-"\227\073\372\023\055\156\043\141\207\241\143\102\254\302\313\227"
-"\237\141\150\317\055\114\004\235\327\045\117\012\016\115\220\213"
-"\030\126\250\223\110\127\334\157\256\275\236\147\127\167\211\120"
-"\263\276\021\233\105\147\203\206\031\207\323\230\275\010\032\026"
-"\037\130\202\013\341\226\151\005\113\216\354\203\121\061\007\325"
-"\324\237\377\131\173\250\156\205\317\323\113\251\111\260\137\260"
-"\071\050\150\016\163\335\045\232\336\022"
-, (PRUint32)1002 }
-};
-static const NSSItem nss_builtins_items_113 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AOL Time Warner Root Certification Authority 1", (PRUint32)47 },
-  { (void *)"\164\124\123\134\044\243\247\130\040\176\076\076\323\044\370\026"
-"\373\041\026\111"
-, (PRUint32)20 },
-  { (void *)"\347\172\334\261\037\156\006\037\164\154\131\026\047\303\113\300"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_114 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AOL Time Warner Root Certification Authority 2", (PRUint32)47 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\062"
-, (PRUint32)134 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124"
-"\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061"
-"\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143"
-"\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060"
-"\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145"
-"\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157"
-"\162\151\164\171\040\062"
-, (PRUint32)134 },
-  { (void *)"\001"
-, (PRUint32)1 },
-  { (void *)"\060\202\005\346\060\202\003\316\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151"
-"\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034"
-"\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141"
-"\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065"
-"\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040"
-"\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164"
-"\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\040\062\060\036\027\015\060\062\060\065\062\071\060"
-"\066\060\060\060\060\132\027\015\063\067\060\071\062\070\062\063"
-"\064\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004"
-"\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024"
-"\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040"
-"\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101"
-"\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114"
-"\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\062\060\202\002\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\002\017\000\060\202\002\012\002\202\002\001\000\264\067\132\010"
-"\026\231\024\350\125\261\033\044\153\374\307\213\346\207\251\211"
-"\356\213\231\315\117\100\206\244\266\115\311\331\261\334\074\115"
-"\015\205\114\025\154\106\213\122\170\237\370\043\375\147\365\044"
-"\072\150\135\320\367\144\141\101\124\243\213\245\010\322\051\133"
-"\233\140\117\046\203\321\143\022\126\111\166\244\026\302\245\235"
-"\105\254\213\204\225\250\026\261\354\237\352\044\032\357\271\127"
-"\134\232\044\041\054\115\016\161\037\246\254\135\105\164\003\230"
-"\304\124\214\026\112\101\167\206\225\165\014\107\001\146\140\374"
-"\025\361\017\352\365\024\170\307\016\327\156\201\034\136\277\136"
-"\347\072\052\330\227\027\060\174\000\255\010\235\063\257\270\231"
-"\141\200\213\250\225\176\024\334\022\154\244\320\330\357\100\111"
-"\002\066\371\156\251\326\035\226\126\004\262\263\055\026\126\206"
-"\217\331\040\127\200\315\147\020\155\260\114\360\332\106\266\352"
-"\045\056\106\257\215\260\205\070\064\213\024\046\202\053\254\256"
-"\231\013\216\024\327\122\275\236\151\303\206\002\013\352\166\165"
-"\061\011\316\063\031\041\205\103\346\211\055\237\045\067\147\361"
-"\043\152\322\000\155\227\371\237\347\051\312\335\037\327\006\352"
-"\270\311\271\011\041\237\310\077\006\305\322\351\022\106\000\116"
-"\173\010\353\102\075\053\110\156\235\147\335\113\002\344\104\363"
-"\223\031\245\047\316\151\172\276\147\323\374\120\244\054\253\303"
-"\153\271\343\200\114\317\005\141\113\053\334\033\271\246\322\320"
-"\252\365\053\163\373\316\220\065\237\014\122\034\277\134\041\141"
-"\021\133\025\113\251\044\121\374\244\134\367\027\235\260\322\372"
-"\007\351\217\126\344\032\214\150\212\004\323\174\132\343\236\242"
-"\241\312\161\133\242\324\240\347\051\205\135\003\150\052\117\322"
-"\006\327\075\371\303\003\057\077\145\371\147\036\107\100\323\143"
-"\017\343\325\216\371\205\253\227\114\263\327\046\353\226\012\224"
-"\336\205\066\234\310\177\201\011\002\111\052\016\365\144\062\014"
-"\202\321\272\152\202\033\263\113\164\021\363\214\167\326\237\277"
-"\334\067\244\247\125\004\057\324\061\350\323\106\271\003\174\332"
-"\022\116\131\144\267\121\061\061\120\240\312\034\047\331\020\056"
-"\255\326\275\020\146\053\303\260\042\112\022\133\002\003\001\000"
-"\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004"
-"\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116\325"
-"\277\251\304\040\050\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116"
-"\325\277\251\304\040\050\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\002\001\000\073\363\256\312\350\056"
-"\207\205\373\145\131\347\255\021\024\245\127\274\130\237\044\022"
-"\127\273\373\077\064\332\356\255\172\052\064\162\160\061\153\307"
-"\031\230\200\311\202\336\067\167\136\124\213\216\362\352\147\117"
-"\311\164\204\221\126\011\325\345\172\232\201\266\201\302\255\066"
-"\344\361\124\021\123\363\064\105\001\046\310\345\032\274\064\104"
-"\041\336\255\045\374\166\026\167\041\220\200\230\127\235\116\352"
-"\354\057\252\074\024\173\127\301\176\030\024\147\356\044\306\275"
-"\272\025\260\322\030\275\267\125\201\254\123\300\350\335\151\022"
-"\023\102\267\002\265\005\101\312\171\120\156\202\016\161\162\223"
-"\106\350\235\015\135\275\256\316\051\255\143\325\125\026\200\060"
-"\047\377\166\272\367\270\326\112\343\331\265\371\122\320\116\100"
-"\251\307\345\302\062\307\252\166\044\341\153\005\120\353\305\277"
-"\012\124\345\271\102\074\044\373\267\007\234\060\237\171\132\346"
-"\340\100\122\025\364\374\252\364\126\371\104\227\207\355\016\145"
-"\162\136\276\046\373\115\244\055\010\007\336\330\134\240\334\201"
-"\063\231\030\045\021\167\247\353\375\130\011\054\231\153\033\212"
-"\363\122\077\032\115\110\140\361\240\366\063\002\123\213\355\045"
-"\011\270\015\055\355\227\163\354\327\226\037\216\140\016\332\020"
-"\233\057\030\044\366\246\115\012\371\073\313\165\302\314\057\316"
-"\044\151\311\012\042\216\131\247\367\202\014\327\327\153\065\234"
-"\103\000\152\304\225\147\272\234\105\313\270\016\067\367\334\116"
-"\001\117\276\012\266\003\323\255\212\105\367\332\047\115\051\261"
-"\110\337\344\021\344\226\106\275\154\002\076\326\121\310\225\027"
-"\001\025\251\362\252\252\362\277\057\145\033\157\320\271\032\223"
-"\365\216\065\304\200\207\076\224\057\146\344\351\250\377\101\234"
-"\160\052\117\052\071\030\225\036\176\373\141\001\074\121\010\056"
-"\050\030\244\026\017\061\375\072\154\043\223\040\166\341\375\007"
-"\205\321\133\077\322\034\163\062\335\372\271\370\214\317\002\207"
-"\172\232\226\344\355\117\211\215\123\103\253\016\023\300\001\025"
-"\264\171\070\333\374\156\075\236\121\266\270\023\213\147\317\371"
-"\174\331\042\035\366\135\305\034\001\057\230\350\172\044\030\274"
-"\204\327\372\334\162\133\367\301\072\150"
-, (PRUint32)1514 }
-};
-static const NSSItem nss_builtins_items_115 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"AOL Time Warner Root Certification Authority 2", (PRUint32)47 },
-  { (void *)"\374\041\232\166\021\057\166\301\305\010\203\074\232\057\242\272"
-"\204\254\010\172"
-, (PRUint32)20 },
-  { (void *)"\001\132\231\303\326\117\251\113\074\073\261\243\253\047\114\277"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_116 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA-Baltimore Implementation", (PRUint32)43 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055"
-"\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"\074\265\075\106"
-, (PRUint32)4 },
-  { (void *)"\060\202\005\152\060\202\004\122\240\003\002\001\002\002\004\074"
-"\265\075\106\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\055\102\141\154\164\151\155\157\162\145\040\111\155\160\154"
-"\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062"
-"\060\064\061\061\060\067\063\070\065\061\132\027\015\062\062\060"
-"\064\061\061\060\067\063\070\065\061\132\060\146\061\022\060\020"
-"\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144"
-"\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060"
-"\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145"
-"\144\040\122\157\157\164\040\103\101\055\102\141\154\164\151\155"
-"\157\162\145\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\274\176\304\071\234\214\343\326\034\206\377\312\142"
-"\255\340\177\060\105\172\216\032\263\270\307\371\321\066\377\042"
-"\363\116\152\137\204\020\373\146\201\303\224\171\061\322\221\341"
-"\167\216\030\052\303\024\336\121\365\117\243\053\274\030\026\342"
-"\265\335\171\336\042\370\202\176\313\201\037\375\047\054\217\372"
-"\227\144\042\216\370\377\141\243\234\033\036\222\217\300\250\011"
-"\337\011\021\354\267\175\061\232\032\352\203\041\006\074\237\272"
-"\134\377\224\352\152\270\303\153\125\064\117\075\062\037\335\201"
-"\024\340\304\074\315\235\060\370\060\251\227\323\356\314\243\320"
-"\037\137\034\023\201\324\030\253\224\321\143\303\236\177\065\222"
-"\236\137\104\352\354\364\042\134\267\350\075\175\244\371\211\251"
-"\221\262\052\331\353\063\207\356\245\375\343\332\314\210\346\211"
-"\046\156\307\053\202\320\136\235\131\333\024\354\221\203\005\303"
-"\136\016\306\052\320\004\335\161\075\040\116\130\047\374\123\373"
-"\170\170\031\024\262\374\220\122\211\070\142\140\007\264\240\354"
-"\254\153\120\326\375\271\050\153\357\122\055\072\262\377\361\001"
-"\100\254\067\002\003\001\000\001\243\202\002\036\060\202\002\032"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060\202"
-"\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076\000"
-"\000\001\011\050\203\221\061\060\202\001\217\060\202\001\110\006"
-"\010\053\006\001\005\005\007\002\002\060\202\001\072\032\202\001"
-"\066\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040"
-"\165\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040"
-"\141\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156"
-"\164\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145"
-"\040\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160"
-"\154\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144"
-"\040\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151"
-"\164\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150"
-"\145\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\120\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145"
-"\156\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151"
-"\156\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145"
-"\156\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145"
-"\040\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145"
-"\124\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145"
-"\054\040\150\164\164\160\072\057\057\167\167\167\056\142\145\164"
-"\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165"
-"\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144"
-"\145\170\056\150\164\155\154\060\101\006\010\053\006\001\005\005"
-"\007\002\001\026\065\150\164\164\160\072\057\057\167\167\167\056"
-"\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160\162"
-"\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163\057"
-"\151\156\144\145\170\056\150\164\155\154\060\035\006\003\125\035"
-"\016\004\026\004\024\105\075\303\251\321\334\077\044\126\230\034"
-"\163\030\210\152\377\203\107\355\266\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\105\075\303\251\321\334\077\044\126\230"
-"\034\163\030\210\152\377\203\107\355\266\060\016\006\003\125\035"
-"\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\111\222"
-"\274\243\356\254\275\372\015\311\213\171\206\034\043\166\260\200"
-"\131\167\374\332\177\264\113\337\303\144\113\152\116\016\255\362"
-"\175\131\167\005\255\012\211\163\260\372\274\313\334\215\000\210"
-"\217\246\240\262\352\254\122\047\277\241\110\174\227\020\173\272"
-"\355\023\035\232\007\156\313\061\142\022\350\143\003\252\175\155"
-"\343\370\033\166\041\170\033\237\113\103\214\323\111\206\366\033"
-"\134\366\056\140\025\323\351\343\173\165\077\320\002\203\320\030"
-"\202\101\315\145\067\352\216\062\176\275\153\231\135\060\021\310"
-"\333\110\124\034\073\341\247\023\323\152\110\223\367\075\214\177"
-"\005\350\316\363\210\052\143\004\270\352\176\130\174\001\173\133"
-"\341\305\175\357\041\340\215\016\135\121\175\261\147\375\243\275"
-"\070\066\306\362\070\206\207\032\226\150\140\106\373\050\024\107"
-"\125\341\247\200\014\153\342\352\337\115\174\220\110\240\066\275"
-"\011\027\211\177\303\362\323\234\234\343\335\304\033\335\365\267"
-"\161\263\123\005\211\006\320\313\112\200\301\310\123\220\265\074"
-"\061\210\027\120\237\311\304\016\213\330\250\002\143\015"
-, (PRUint32)1390 }
-};
-static const NSSItem nss_builtins_items_117 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA-Baltimore Implementation", (PRUint32)43 },
-  { (void *)"\334\273\236\267\031\113\304\162\005\301\021\165\051\206\203\133"
-"\123\312\344\370"
-, (PRUint32)20 },
-  { (void *)"\201\065\271\373\373\022\312\030\151\066\353\256\151\170\241\361"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_118 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - Entrust Implementation", (PRUint32)43 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155"
-"\145\156\164\141\164\151\157\156"
-, (PRUint32)104 },
-  { (void *)"\074\265\117\100"
-, (PRUint32)4 },
-  { (void *)"\060\202\006\121\060\202\005\071\240\003\002\001\002\002\004\074"
-"\265\117\100\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160\154"
-"\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062"
-"\060\064\061\061\060\070\062\064\062\067\132\027\015\062\062\060"
-"\064\061\061\060\070\065\064\062\067\132\060\146\061\022\060\020"
-"\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144"
-"\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060"
-"\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145"
-"\144\040\122\157\157\164\040\103\101\040\055\040\105\156\164\162"
-"\165\163\164\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\272\364\104\003\252\022\152\265\103\354\125\222\266"
-"\060\175\065\127\014\333\363\015\047\156\114\367\120\250\233\116"
-"\053\157\333\365\255\034\113\135\263\251\301\376\173\104\353\133"
-"\243\005\015\037\305\064\053\060\000\051\361\170\100\262\244\377"
-"\072\364\001\210\027\176\346\324\046\323\272\114\352\062\373\103"
-"\167\227\207\043\305\333\103\243\365\052\243\121\136\341\073\322"
-"\145\151\176\125\025\233\172\347\151\367\104\340\127\265\025\350"
-"\146\140\017\015\003\373\202\216\243\350\021\173\154\276\307\143"
-"\016\027\223\337\317\113\256\156\163\165\340\363\252\271\244\300"
-"\011\033\205\352\161\051\210\101\062\371\360\052\016\154\011\362"
-"\164\153\146\154\122\023\037\030\274\324\076\367\330\156\040\236"
-"\312\376\374\041\224\356\023\050\113\327\134\136\014\146\356\351"
-"\273\017\301\064\261\177\010\166\363\075\046\160\311\213\045\035"
-"\142\044\014\352\034\165\116\300\022\344\272\023\035\060\051\055"
-"\126\063\005\273\227\131\176\306\111\117\211\327\057\044\250\266"
-"\210\100\265\144\222\123\126\044\344\242\240\205\263\136\220\264"
-"\022\063\315\002\003\001\000\001\243\202\003\005\060\202\003\001"
-"\060\202\001\267\006\003\125\035\040\004\202\001\256\060\202\001"
-"\252\060\202\001\246\006\017\053\006\001\004\001\261\076\000\000"
-"\002\011\050\203\221\061\060\202\001\221\060\202\001\111\006\010"
-"\053\006\001\005\005\007\002\002\060\202\001\073\032\202\001\067"
-"\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040\165"
-"\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040\141"
-"\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156\164"
-"\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145\040"
-"\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154"
-"\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040"
-"\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164"
-"\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150\145"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\120"
-"\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145\156"
-"\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151\156"
-"\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145\156"
-"\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040"
-"\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145\124"
-"\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145\054"
-"\040\150\164\164\160\163\072\057\057\167\167\167\056\142\145\164"
-"\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165"
-"\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144"
-"\145\170\056\150\164\155\154\060\102\006\010\053\006\001\005\005"
-"\007\002\001\026\066\150\164\164\160\163\072\057\057\167\167\167"
-"\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160"
-"\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163"
-"\057\151\156\144\145\170\056\150\164\155\154\060\021\006\011\140"
-"\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201"
-"\211\006\003\125\035\037\004\201\201\060\177\060\175\240\173\240"
-"\171\244\167\060\165\061\022\060\020\006\003\125\004\012\023\011"
-"\142\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125"
-"\004\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157"
-"\157\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023"
-"\052\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160"
-"\154\145\155\145\156\164\141\164\151\157\156\061\015\060\013\006"
-"\003\125\004\003\023\004\103\122\114\061\060\053\006\003\125\035"
-"\020\004\044\060\042\200\017\062\060\060\062\060\064\061\061\060"
-"\070\062\064\062\067\132\201\017\062\060\062\062\060\064\061\061"
-"\060\070\065\064\062\067\132\060\013\006\003\125\035\017\004\004"
-"\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200"
-"\024\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044"
-"\060\252\204\204\026\060\035\006\003\125\035\016\004\026\004\024"
-"\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044\060"
-"\252\204\204\026\060\014\006\003\125\035\023\004\005\060\003\001"
-"\001\377\060\035\006\011\052\206\110\206\366\175\007\101\000\004"
-"\020\060\016\033\010\126\066\056\060\072\064\056\060\003\002\004"
-"\220\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\202\001\001\000\052\270\027\316\037\020\224\353\270\232\267"
-"\271\137\354\332\367\222\044\254\334\222\073\307\040\215\362\231"
-"\345\135\070\241\302\064\355\305\023\131\134\005\265\053\117\141"
-"\233\221\373\101\374\374\325\074\115\230\166\006\365\201\175\353"
-"\335\220\346\321\126\124\332\343\055\014\237\021\062\224\042\001"
-"\172\366\154\054\164\147\004\314\245\217\216\054\263\103\265\224"
-"\242\320\175\351\142\177\006\276\047\001\203\236\072\375\212\356"
-"\230\103\112\153\327\265\227\073\072\277\117\155\264\143\372\063"
-"\000\064\056\055\155\226\311\173\312\231\143\272\276\364\366\060"
-"\240\055\230\226\351\126\104\005\251\104\243\141\020\353\202\241"
-"\147\135\274\135\047\165\252\212\050\066\052\070\222\331\335\244"
-"\136\000\245\314\314\174\051\052\336\050\220\253\267\341\266\377"
-"\175\045\013\100\330\252\064\243\055\336\007\353\137\316\012\335"
-"\312\176\072\175\046\301\142\150\072\346\057\067\363\201\206\041"
-"\304\251\144\252\357\105\066\321\032\146\174\370\351\067\326\326"
-"\141\276\242\255\110\347\337\346\164\376\323\155\175\322\045\334"
-"\254\142\127\251\367"
-, (PRUint32)1621 }
-};
-static const NSSItem nss_builtins_items_119 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - Entrust Implementation", (PRUint32)43 },
-  { (void *)"\162\231\171\023\354\233\015\256\145\321\266\327\262\112\166\243"
-"\256\302\356\026"
-, (PRUint32)20 },
-  { (void *)"\175\206\220\217\133\361\362\100\300\367\075\142\265\244\251\073"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_120 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - RSA Implementation", (PRUint32)39 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124"
-"\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023"
-"\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040"
-"\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040"
-"\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141"
-"\164\151\157\156"
-, (PRUint32)100 },
-  { (void *)"\073\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032"
-, (PRUint32)16 },
-  { (void *)"\060\202\005\150\060\202\004\120\240\003\002\001\002\002\020\073"
-"\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\142"
-"\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125"
-"\123\124\145\144\061\033\060\031\006\003\125\004\013\023\022\142"
-"\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101"
-"\163\061\057\060\055\006\003\125\004\003\023\046\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\040\055\040"
-"\122\123\101\040\111\155\160\154\145\155\145\156\164\141\164\151"
-"\157\156\060\036\027\015\060\062\060\064\061\061\061\061\061\070"
-"\061\063\132\027\015\062\062\060\064\061\062\061\061\060\067\062"
-"\065\132\060\142\061\022\060\020\006\003\125\004\012\023\011\142"
-"\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004"
-"\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157"
-"\164\040\103\101\163\061\057\060\055\006\003\125\004\003\023\046"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\040\055\040\122\123\101\040\111\155\160\154\145\155\145\156"
-"\164\141\164\151\157\156\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\344\272\064\060\011\216\127\320\271"
-"\006\054\157\156\044\200\042\277\135\103\246\372\117\254\202\347"
-"\034\150\160\205\033\243\156\265\252\170\331\156\007\113\077\351"
-"\337\365\352\350\124\241\141\212\016\057\151\165\030\267\014\345"
-"\024\215\161\156\230\270\125\374\014\225\320\233\156\341\055\210"
-"\324\072\100\153\222\361\231\226\144\336\333\377\170\364\356\226"
-"\035\107\211\174\324\276\271\210\167\043\072\011\346\004\236\155"
-"\252\136\322\310\275\232\116\031\337\211\352\133\016\176\303\344"
-"\264\360\340\151\073\210\017\101\220\370\324\161\103\044\301\217"
-"\046\113\073\126\351\377\214\154\067\351\105\255\205\214\123\303"
-"\140\206\220\112\226\311\263\124\260\273\027\360\034\105\331\324"
-"\033\031\144\126\012\031\367\314\341\377\206\257\176\130\136\254"
-"\172\220\037\311\050\071\105\173\242\266\307\234\037\332\205\324"
-"\041\206\131\060\223\276\123\063\067\366\357\101\317\063\307\253"
-"\162\153\045\365\363\123\033\014\114\056\361\165\113\357\240\207"
-"\367\376\212\025\320\154\325\313\371\150\123\271\160\025\023\302"
-"\365\056\373\103\065\165\055\002\003\001\000\001\243\202\002\030"
-"\060\202\002\024\060\014\006\003\125\035\023\004\005\060\003\001"
-"\001\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060"
-"\202\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076"
-"\000\000\003\011\050\203\221\061\060\202\001\217\060\101\006\010"
-"\053\006\001\005\005\007\002\001\026\065\150\164\164\160\072\057"
-"\057\167\167\167\056\142\145\164\162\165\163\164\145\144\056\143"
-"\157\155\057\160\162\157\144\165\143\164\163\137\163\145\162\166"
-"\151\143\145\163\057\151\156\144\145\170\056\150\164\155\154\060"
-"\202\001\110\006\010\053\006\001\005\005\007\002\002\060\202\001"
-"\072\032\202\001\066\122\145\154\151\141\156\143\145\040\157\156"
-"\040\157\162\040\165\163\145\040\157\146\040\164\150\151\163\040"
-"\103\145\162\164\151\146\151\143\141\164\145\040\143\162\145\141"
-"\164\145\163\040\141\156\040\141\143\153\156\157\167\154\145\144"
-"\147\155\145\156\164\040\141\156\144\040\141\143\143\145\160\164"
-"\141\156\143\145\040\157\146\040\164\150\145\040\164\150\145\156"
-"\040\141\160\160\154\151\143\141\142\154\145\040\163\164\141\156"
-"\144\141\162\144\040\164\145\162\155\163\040\141\156\144\040\143"
-"\157\156\144\151\164\151\157\156\163\040\157\146\040\165\163\145"
-"\054\040\164\150\145\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\120\162\141\143\164\151\143\145\040\123\164\141"
-"\164\145\155\145\156\164\040\141\156\144\040\164\150\145\040\122"
-"\145\154\171\151\156\147\040\120\141\162\164\171\040\101\147\162"
-"\145\145\155\145\156\164\054\040\167\150\151\143\150\040\143\141"
-"\156\040\142\145\040\146\157\165\156\144\040\141\164\040\164\150"
-"\145\040\142\145\124\122\125\123\124\145\144\040\167\145\142\040"
-"\163\151\164\145\054\040\150\164\164\160\072\057\057\167\167\167"
-"\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160"
-"\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163"
-"\057\151\156\144\145\170\056\150\164\155\154\060\013\006\003\125"
-"\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004"
-"\030\060\026\200\024\251\354\024\176\371\331\103\314\123\053\024"
-"\255\317\367\360\131\211\101\315\031\060\035\006\003\125\035\016"
-"\004\026\004\024\251\354\024\176\371\331\103\314\123\053\024\255"
-"\317\367\360\131\211\101\315\031\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\333\227\260\165"
-"\352\014\304\301\230\312\126\005\300\250\255\046\110\257\055\040"
-"\350\201\307\266\337\103\301\054\035\165\113\324\102\215\347\172"
-"\250\164\334\146\102\131\207\263\365\151\155\331\251\236\263\175"
-"\034\061\301\365\124\342\131\044\111\345\356\275\071\246\153\212"
-"\230\104\373\233\327\052\203\227\064\055\307\175\065\114\055\064"
-"\270\076\015\304\354\210\047\257\236\222\375\120\141\202\250\140"
-"\007\024\123\314\145\023\301\366\107\104\151\322\061\310\246\335"
-"\056\263\013\336\112\215\133\075\253\015\302\065\122\242\126\067"
-"\314\062\213\050\205\102\234\221\100\172\160\053\070\066\325\341"
-"\163\032\037\345\372\176\137\334\326\234\073\060\352\333\300\133"
-"\047\134\323\163\007\301\302\363\114\233\157\237\033\312\036\252"
-"\250\070\063\011\130\262\256\374\007\350\066\334\125\272\057\117"
-"\100\376\172\275\006\246\201\301\223\042\174\206\021\012\006\167"
-"\110\256\065\267\057\062\232\141\136\213\276\051\237\051\044\210"
-"\126\071\054\250\322\253\226\003\132\324\110\237\271\100\204\013"
-"\230\150\373\001\103\326\033\342\011\261\227\034"
-, (PRUint32)1388 }
-};
-static const NSSItem nss_builtins_items_121 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"beTRUSTed Root CA - RSA Implementation", (PRUint32)39 },
-  { (void *)"\035\202\131\312\041\047\303\313\301\154\331\062\366\054\145\051"
-"\214\250\207\022"
-, (PRUint32)20 },
-  { (void *)"\206\102\005\011\274\247\235\354\035\363\056\016\272\330\035\320"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_122 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"RSA Security 2048 v3", (PRUint32)21 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\062\060\064\070\040\126\063"
-, (PRUint32)60 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\062\060\064\070\040\126\063"
-, (PRUint32)60 },
-  { (void *)"\012\001\001\001\000\000\002\174\000\000\000\012\000\000\000\002"
-, (PRUint32)16 },
-  { (void *)"\060\202\003\141\060\202\002\111\240\003\002\001\002\002\020\012"
-"\001\001\001\000\000\002\174\000\000\000\012\000\000\000\002\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072"
-"\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123"
-"\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006"
-"\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151"
-"\164\171\040\062\060\064\070\040\126\063\060\036\027\015\060\061"
-"\060\062\062\062\062\060\063\071\062\063\132\027\015\062\066\060"
-"\062\062\062\062\060\063\071\062\063\132\060\072\061\031\060\027"
-"\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162"
-"\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013"
-"\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\062"
-"\060\064\070\040\126\063\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\267\217\125\161\322\200\335\173\151"
-"\171\247\360\030\120\062\074\142\147\366\012\225\007\335\346\033"
-"\363\236\331\322\101\124\153\255\237\174\276\031\315\373\106\253"
-"\101\150\036\030\352\125\310\057\221\170\211\050\373\047\051\140"
-"\377\337\217\214\073\311\111\233\265\244\224\316\001\352\076\265"
-"\143\173\177\046\375\031\335\300\041\275\204\321\055\117\106\303"
-"\116\334\330\067\071\073\050\257\313\235\032\352\053\257\041\245"
-"\301\043\042\270\270\033\132\023\207\127\203\321\360\040\347\350"
-"\117\043\102\260\000\245\175\211\351\351\141\163\224\230\161\046"
-"\274\055\152\340\367\115\360\361\266\052\070\061\201\015\051\341"
-"\000\301\121\017\114\122\370\004\132\252\175\162\323\270\207\052"
-"\273\143\020\003\052\263\241\117\015\132\136\106\267\075\016\365"
-"\164\354\231\237\371\075\044\201\210\246\335\140\124\350\225\066"
-"\075\306\011\223\232\243\022\200\000\125\231\031\107\275\320\245"
-"\174\303\272\373\037\367\365\017\370\254\271\265\364\067\230\023"
-"\030\336\205\133\267\014\202\073\207\157\225\071\130\060\332\156"
-"\001\150\027\042\314\300\013\002\003\001\000\001\243\143\060\141"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\007\303"
-"\121\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261"
-"\235\214\060\035\006\003\125\035\016\004\026\004\024\007\303\121"
-"\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261\235"
-"\214\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\202\001\001\000\137\076\206\166\156\270\065\074\116\066\034"
-"\036\171\230\277\375\325\022\021\171\122\016\356\061\211\274\335"
-"\177\371\321\306\025\041\350\212\001\124\015\072\373\124\271\326"
-"\143\324\261\252\226\115\242\102\115\324\123\037\213\020\336\177"
-"\145\276\140\023\047\161\210\244\163\343\204\143\321\244\125\341"
-"\120\223\346\033\016\171\320\147\274\106\310\277\077\027\015\225"
-"\346\306\220\151\336\347\264\057\336\225\175\320\022\077\075\076"
-"\177\115\077\024\150\365\021\120\325\301\364\220\245\010\035\061"
-"\140\377\140\214\043\124\012\257\376\241\156\305\321\172\052\150"
-"\170\317\036\202\012\040\264\037\255\345\205\262\152\150\165\116"
-"\255\045\067\224\205\276\275\241\324\352\267\014\113\074\235\350"
-"\022\000\360\137\254\015\341\254\160\143\163\367\177\171\237\062"
-"\045\102\164\005\200\050\277\275\301\044\226\130\025\261\027\041"
-"\351\211\113\333\007\210\147\364\025\255\160\076\057\115\205\073"
-"\302\267\333\376\230\150\043\211\341\164\017\336\364\305\204\143"
-"\051\033\314\313\007\311\000\244\251\327\302\042\117\147\327\167"
-"\354\040\005\141\336"
-, (PRUint32)869 }
-};
-static const NSSItem nss_builtins_items_123 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"RSA Security 2048 v3", (PRUint32)21 },
-  { (void *)"\045\001\220\031\317\373\331\231\034\267\150\045\164\215\224\137"
-"\060\223\225\102"
-, (PRUint32)20 },
-  { (void *)"\167\015\031\261\041\375\000\102\234\076\014\245\335\013\002\216"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_124 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"RSA Security 1024 v3", (PRUint32)21 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\061\060\062\064\040\126\063"
-, (PRUint32)60 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101"
-"\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060"
-"\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165"
-"\162\151\164\171\040\061\060\062\064\040\126\063"
-, (PRUint32)60 },
-  { (void *)"\012\001\001\001\000\000\002\174\000\000\000\013\000\000\000\002"
-, (PRUint32)16 },
-  { (void *)"\060\202\002\134\060\202\001\305\240\003\002\001\002\002\020\012"
-"\001\001\001\000\000\002\174\000\000\000\013\000\000\000\002\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072"
-"\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123"
-"\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006"
-"\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151"
-"\164\171\040\061\060\062\064\040\126\063\060\036\027\015\060\061"
-"\060\062\062\062\062\061\060\061\064\071\132\027\015\062\066\060"
-"\062\062\062\062\060\060\061\064\071\132\060\072\061\031\060\027"
-"\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162"
-"\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013"
-"\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\061"
-"\060\062\064\040\126\063\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\325\335\376\146\011\317\044\074\076\256\201\116\116"
-"\212\304\151\200\133\131\073\337\271\115\114\312\265\055\303\047"
-"\055\074\257\000\102\155\274\050\246\226\317\177\327\130\254\203"
-"\012\243\125\265\173\027\220\025\204\114\212\356\046\231\334\130"
-"\357\307\070\246\252\257\320\216\102\310\142\327\253\254\251\373"
-"\112\175\277\352\376\022\115\335\377\046\055\157\066\124\150\310"
-"\322\204\126\356\222\123\141\011\263\077\071\233\250\311\233\275"
-"\316\237\176\324\031\152\026\051\030\276\327\072\151\334\045\133"
-"\063\032\121\002\003\001\000\001\243\143\060\141\060\017\006\003"
-"\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006"
-"\003\125\035\017\001\001\377\004\004\003\002\001\006\060\037\006"
-"\003\125\035\043\004\030\060\026\200\024\304\300\034\244\007\224"
-"\375\315\115\001\324\124\332\245\014\137\336\256\005\132\060\035"
-"\006\003\125\035\016\004\026\004\024\304\300\034\244\007\224\375"
-"\315\115\001\324\124\332\245\014\137\336\256\005\132\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000"
-"\077\055\152\343\046\103\225\175\211\227\145\373\165\344\162\035"
-"\106\127\304\141\153\151\237\022\233\054\325\132\350\300\242\360"
-"\103\225\343\037\351\166\315\334\353\274\223\240\145\012\307\115"
-"\117\137\247\257\242\106\024\271\014\363\314\275\152\156\267\235"
-"\336\045\102\320\124\377\236\150\163\143\334\044\353\042\277\250"
-"\162\362\136\000\341\015\116\072\103\156\231\116\077\211\170\003"
-"\230\312\363\125\314\235\256\216\301\252\105\230\372\217\032\240"
-"\215\210\043\361\025\101\015\245\106\076\221\077\213\353\367\161"
-, (PRUint32)608 }
-};
-static const NSSItem nss_builtins_items_125 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"RSA Security 1024 v3", (PRUint32)21 },
-  { (void *)"\074\273\135\340\374\326\071\174\005\210\345\146\227\275\106\052"
-"\275\371\134\166"
-, (PRUint32)20 },
-  { (void *)"\072\345\120\260\071\276\307\106\066\063\241\376\202\076\215\224"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_126 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GeoTrust Global CA", (PRUint32)19 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
-"\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003"
-"\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141"
-"\154\040\103\101"
-, (PRUint32)68 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165"
-"\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003"
-"\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141"
-"\154\040\103\101"
-, (PRUint32)68 },
-  { (void *)"\002\064\126"
-, (PRUint32)3 },
-  { (void *)"\060\202\003\124\060\202\002\074\240\003\002\001\002\002\003\002"
-"\064\126\060\015\006\011\052\206\110\206\367\015\001\001\005\005"
-"\000\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162"
-"\165\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004"
-"\003\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\103\101\060\036\027\015\060\062\060\065\062\061\060"
-"\064\060\060\060\060\132\027\015\062\062\060\065\062\061\060\064"
-"\060\060\060\060\132\060\102\061\013\060\011\006\003\125\004\006"
-"\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015\107"
-"\145\157\124\162\165\163\164\040\111\156\143\056\061\033\060\031"
-"\006\003\125\004\003\023\022\107\145\157\124\162\165\163\164\040"
-"\107\154\157\142\141\154\040\103\101\060\202\001\042\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017"
-"\000\060\202\001\012\002\202\001\001\000\332\314\030\143\060\375"
-"\364\027\043\032\126\176\133\337\074\154\070\344\161\267\170\221"
-"\324\274\241\330\114\370\250\103\266\003\351\115\041\007\010\210"
-"\332\130\057\146\071\051\275\005\170\213\235\070\350\005\267\152"
-"\176\161\244\346\304\140\246\260\357\200\344\211\050\017\236\045"
-"\326\355\203\363\255\246\221\307\230\311\102\030\065\024\235\255"
-"\230\106\222\056\117\312\361\207\103\301\026\225\127\055\120\357"
-"\211\055\200\172\127\255\362\356\137\153\322\000\215\271\024\370"
-"\024\025\065\331\300\106\243\173\162\310\221\277\311\125\053\315"
-"\320\227\076\234\046\144\314\337\316\203\031\161\312\116\346\324"
-"\325\173\251\031\315\125\336\310\354\322\136\070\123\345\134\117"
-"\214\055\376\120\043\066\374\146\346\313\216\244\071\031\000\267"
-"\225\002\071\221\013\016\376\070\056\321\035\005\232\366\115\076"
-"\157\017\007\035\257\054\036\217\140\071\342\372\066\123\023\071"
-"\324\136\046\053\333\075\250\024\275\062\353\030\003\050\122\004"
-"\161\345\253\063\075\341\070\273\007\066\204\142\234\171\352\026"
-"\060\364\137\300\053\350\161\153\344\371\002\003\001\000\001\243"
-"\123\060\121\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\300"
-"\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145\270"
-"\312\314\116\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\300\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145"
-"\270\312\314\116\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\001\001\000\065\343\051\152\345\057\135\124"
-"\216\051\120\224\237\231\032\024\344\217\170\052\142\224\242\047"
-"\147\236\320\317\032\136\107\351\301\262\244\317\335\101\032\005"
-"\116\233\113\356\112\157\125\122\263\044\241\067\012\353\144\166"
-"\052\056\054\363\375\073\165\220\277\372\161\330\307\075\067\322"
-"\265\005\225\142\271\246\336\211\075\066\173\070\167\110\227\254"
-"\246\040\217\056\246\311\014\302\262\231\105\000\307\316\021\121"
-"\042\042\340\245\352\266\025\110\011\144\352\136\117\164\367\005"
-"\076\307\212\122\014\333\025\264\275\155\233\345\306\261\124\150"
-"\251\343\151\220\266\232\245\017\270\271\077\040\175\256\112\265"
-"\270\234\344\035\266\253\346\224\245\301\307\203\255\333\365\047"
-"\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002"
-"\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115"
-"\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325"
-"\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013"
-"\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355"
-"\302\005\146\200\241\313\346\063"
-, (PRUint32)856 }
-};
-static const NSSItem nss_builtins_items_127 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"GeoTrust Global CA", (PRUint32)19 },
-  { (void *)"\336\050\364\244\377\345\271\057\243\305\003\321\243\111\247\371"
-"\226\052\202\022"
-, (PRUint32)20 },
-  { (void *)"\367\165\253\051\373\121\116\267\167\136\377\005\074\231\216\365"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_128 [] = {
-  { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"UTN-USER First-Network Applications", (PRUint32)36 },
-  { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
-  { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060"
-"\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153"
-"\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023"
-"\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116"
-"\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023"
-"\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162"
-"\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125"
-"\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163"
-"\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143"
-"\141\164\151\157\156\163"
-, (PRUint32)166 },
-  { (void *)"0", (PRUint32)2 },
-  { (void *)"\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060"
-"\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153"
-"\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023"
-"\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116"
-"\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023"
-"\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162"
-"\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125"
-"\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163"
-"\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143"
-"\141\164\151\157\156\163"
-, (PRUint32)166 },
-  { (void *)"\104\276\014\213\120\000\044\264\021\323\066\060\113\300\063\167"
-, (PRUint32)16 },
-  { (void *)"\060\202\004\144\060\202\003\114\240\003\002\001\002\002\020\104"
-"\276\014\213\120\000\044\264\021\323\066\060\113\300\063\167\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201"
-"\243\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013"
-"\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006"
-"\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040"
-"\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124"
-"\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150"
-"\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162"
-"\165\163\164\056\143\157\155\061\053\060\051\006\003\125\004\003"
-"\023\042\125\124\116\055\125\123\105\122\106\151\162\163\164\055"
-"\116\145\164\167\157\162\153\040\101\160\160\154\151\143\141\164"
-"\151\157\156\163\060\036\027\015\071\071\060\067\060\071\061\070"
-"\064\070\063\071\132\027\015\061\071\060\067\060\071\061\070\065"
-"\067\064\071\132\060\201\243\061\013\060\011\006\003\125\004\006"
-"\023\002\125\123\061\013\060\011\006\003\125\004\010\023\002\125"
-"\124\061\027\060\025\006\003\125\004\007\023\016\123\141\154\164"
-"\040\114\141\153\145\040\103\151\164\171\061\036\060\034\006\003"
-"\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122\125"
-"\123\124\040\116\145\164\167\157\162\153\061\041\060\037\006\003"
-"\125\004\013\023\030\150\164\164\160\072\057\057\167\167\167\056"
-"\165\163\145\162\164\162\165\163\164\056\143\157\155\061\053\060"
-"\051\006\003\125\004\003\023\042\125\124\116\055\125\123\105\122"
-"\106\151\162\163\164\055\116\145\164\167\157\162\153\040\101\160"
-"\160\154\151\143\141\164\151\157\156\163\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\263\373\221\241\344"
-"\066\125\205\254\006\064\133\240\232\130\262\370\265\017\005\167"
-"\203\256\062\261\166\222\150\354\043\112\311\166\077\343\234\266"
-"\067\171\003\271\253\151\215\007\045\266\031\147\344\260\033\030"
-"\163\141\112\350\176\315\323\057\144\343\246\174\014\372\027\200"
-"\243\015\107\211\117\121\161\057\356\374\077\371\270\026\200\207"
-"\211\223\045\040\232\103\202\151\044\166\050\131\065\241\035\300"
-"\177\203\006\144\026\040\054\323\111\244\205\264\300\141\177\121"
-"\010\370\150\025\221\200\313\245\325\356\073\072\364\204\004\136"
-"\140\131\247\214\064\162\356\270\170\305\321\073\022\112\157\176"
-"\145\047\271\244\125\305\271\157\103\244\305\035\054\231\300\122"
-"\244\170\114\025\263\100\230\010\153\103\306\001\260\172\173\365"
-"\153\034\042\077\313\357\377\250\320\072\113\166\025\236\322\321"
-"\306\056\343\333\127\033\062\242\270\157\350\206\246\077\160\253"
-"\345\160\222\253\104\036\100\120\373\234\243\142\344\154\156\240"
-"\310\336\342\200\102\372\351\057\350\316\062\004\217\174\215\267"
-"\034\243\065\074\025\335\236\303\256\227\245\002\003\001\000\001"
-"\243\201\221\060\201\216\060\013\006\003\125\035\017\004\004\003"
-"\002\001\306\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\372"
-"\206\311\333\340\272\351\170\365\113\250\326\025\337\360\323\341"
-"\152\024\074\060\117\006\003\125\035\037\004\110\060\106\060\104"
-"\240\102\240\100\206\076\150\164\164\160\072\057\057\143\162\154"
-"\056\165\163\145\162\164\162\165\163\164\056\143\157\155\057\125"
-"\124\116\055\125\123\105\122\106\151\162\163\164\055\116\145\164"
-"\167\157\162\153\101\160\160\154\151\143\141\164\151\157\156\163"
-"\056\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\001\001\000\244\363\045\314\321\324\221\203"
-"\042\320\314\062\253\233\226\116\064\221\124\040\045\064\141\137"
-"\052\002\025\341\213\252\377\175\144\121\317\012\377\274\175\330"
-"\041\152\170\313\057\121\157\370\102\035\063\275\353\265\173\224"
-"\303\303\251\240\055\337\321\051\037\035\376\217\077\273\250\105"
-"\052\177\321\156\125\044\342\273\002\373\061\077\276\350\274\354"
-"\100\053\370\001\324\126\070\344\312\104\202\265\141\040\041\147"
-"\145\366\360\013\347\064\370\245\302\234\243\134\100\037\205\223"
-"\225\006\336\117\324\047\251\266\245\374\026\315\163\061\077\270"
-"\145\047\317\324\123\032\360\254\156\237\117\005\014\003\201\247"
-"\204\051\304\132\275\144\127\162\255\073\317\067\030\246\230\306"
-"\255\006\264\334\010\243\004\325\051\244\226\232\022\147\112\214"
-"\140\105\235\361\043\232\260\000\234\150\265\230\120\323\357\216"
-"\056\222\145\261\110\076\041\276\025\060\052\015\265\014\243\153"
-"\077\256\177\127\365\037\226\174\337\157\335\202\060\054\145\033"
-"\100\112\315\150\271\162\354\161\166\354\124\216\037\205\014\001"
-"\152\372\246\070\254\037\304\204"
-, (PRUint32)1128 }
-};
-static const NSSItem nss_builtins_items_129 [] = {
-  { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
-  { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
-  { (void *)"UTN-USER First-Network Applications", (PRUint32)36 },
-  { (void *)"\135\230\234\333\025\226\021\066\121\145\144\033\126\017\333\352"
-"\052\302\076\361"
-, (PRUint32)20 },
-  { (void *)"\277\140\131\243\133\272\366\247\166\102\332\157\032\173\120\317"
-, (PRUint32)16 },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
-  { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-
-PR_IMPLEMENT_DATA(builtinsInternalObject)
-nss_builtins_data[] = {
-#ifdef DEBUG
-  { 7, nss_builtins_types_0, nss_builtins_items_0, {NULL} },
-#endif /* DEBUG */
-  { 5, nss_builtins_types_1, nss_builtins_items_1, {NULL} },
-  { 11, nss_builtins_types_2, nss_builtins_items_2, {NULL} },
-  { 12, nss_builtins_types_3, nss_builtins_items_3, {NULL} },
-  { 11, nss_builtins_types_4, nss_builtins_items_4, {NULL} },
-  { 12, nss_builtins_types_5, nss_builtins_items_5, {NULL} },
-  { 11, nss_builtins_types_6, nss_builtins_items_6, {NULL} },
-  { 12, nss_builtins_types_7, nss_builtins_items_7, {NULL} },
-  { 11, nss_builtins_types_8, nss_builtins_items_8, {NULL} },
-  { 12, nss_builtins_types_9, nss_builtins_items_9, {NULL} },
-  { 11, nss_builtins_types_10, nss_builtins_items_10, {NULL} },
-  { 12, nss_builtins_types_11, nss_builtins_items_11, {NULL} },
-  { 11, nss_builtins_types_12, nss_builtins_items_12, {NULL} },
-  { 12, nss_builtins_types_13, nss_builtins_items_13, {NULL} },
-  { 11, nss_builtins_types_14, nss_builtins_items_14, {NULL} },
-  { 12, nss_builtins_types_15, nss_builtins_items_15, {NULL} },
-  { 11, nss_builtins_types_16, nss_builtins_items_16, {NULL} },
-  { 12, nss_builtins_types_17, nss_builtins_items_17, {NULL} },
-  { 11, nss_builtins_types_18, nss_builtins_items_18, {NULL} },
-  { 12, nss_builtins_types_19, nss_builtins_items_19, {NULL} },
-  { 11, nss_builtins_types_20, nss_builtins_items_20, {NULL} },
-  { 12, nss_builtins_types_21, nss_builtins_items_21, {NULL} },
-  { 11, nss_builtins_types_22, nss_builtins_items_22, {NULL} },
-  { 12, nss_builtins_types_23, nss_builtins_items_23, {NULL} },
-  { 11, nss_builtins_types_24, nss_builtins_items_24, {NULL} },
-  { 12, nss_builtins_types_25, nss_builtins_items_25, {NULL} },
-  { 11, nss_builtins_types_26, nss_builtins_items_26, {NULL} },
-  { 12, nss_builtins_types_27, nss_builtins_items_27, {NULL} },
-  { 11, nss_builtins_types_28, nss_builtins_items_28, {NULL} },
-  { 12, nss_builtins_types_29, nss_builtins_items_29, {NULL} },
-  { 11, nss_builtins_types_30, nss_builtins_items_30, {NULL} },
-  { 12, nss_builtins_types_31, nss_builtins_items_31, {NULL} },
-  { 11, nss_builtins_types_32, nss_builtins_items_32, {NULL} },
-  { 12, nss_builtins_types_33, nss_builtins_items_33, {NULL} },
-  { 11, nss_builtins_types_34, nss_builtins_items_34, {NULL} },
-  { 12, nss_builtins_types_35, nss_builtins_items_35, {NULL} },
-  { 11, nss_builtins_types_36, nss_builtins_items_36, {NULL} },
-  { 12, nss_builtins_types_37, nss_builtins_items_37, {NULL} },
-  { 11, nss_builtins_types_38, nss_builtins_items_38, {NULL} },
-  { 12, nss_builtins_types_39, nss_builtins_items_39, {NULL} },
-  { 11, nss_builtins_types_40, nss_builtins_items_40, {NULL} },
-  { 12, nss_builtins_types_41, nss_builtins_items_41, {NULL} },
-  { 11, nss_builtins_types_42, nss_builtins_items_42, {NULL} },
-  { 12, nss_builtins_types_43, nss_builtins_items_43, {NULL} },
-  { 11, nss_builtins_types_44, nss_builtins_items_44, {NULL} },
-  { 12, nss_builtins_types_45, nss_builtins_items_45, {NULL} },
-  { 11, nss_builtins_types_46, nss_builtins_items_46, {NULL} },
-  { 12, nss_builtins_types_47, nss_builtins_items_47, {NULL} },
-  { 11, nss_builtins_types_48, nss_builtins_items_48, {NULL} },
-  { 12, nss_builtins_types_49, nss_builtins_items_49, {NULL} },
-  { 11, nss_builtins_types_50, nss_builtins_items_50, {NULL} },
-  { 12, nss_builtins_types_51, nss_builtins_items_51, {NULL} },
-  { 11, nss_builtins_types_52, nss_builtins_items_52, {NULL} },
-  { 12, nss_builtins_types_53, nss_builtins_items_53, {NULL} },
-  { 11, nss_builtins_types_54, nss_builtins_items_54, {NULL} },
-  { 12, nss_builtins_types_55, nss_builtins_items_55, {NULL} },
-  { 11, nss_builtins_types_56, nss_builtins_items_56, {NULL} },
-  { 12, nss_builtins_types_57, nss_builtins_items_57, {NULL} },
-  { 11, nss_builtins_types_58, nss_builtins_items_58, {NULL} },
-  { 12, nss_builtins_types_59, nss_builtins_items_59, {NULL} },
-  { 11, nss_builtins_types_60, nss_builtins_items_60, {NULL} },
-  { 12, nss_builtins_types_61, nss_builtins_items_61, {NULL} },
-  { 11, nss_builtins_types_62, nss_builtins_items_62, {NULL} },
-  { 12, nss_builtins_types_63, nss_builtins_items_63, {NULL} },
-  { 11, nss_builtins_types_64, nss_builtins_items_64, {NULL} },
-  { 12, nss_builtins_types_65, nss_builtins_items_65, {NULL} },
-  { 11, nss_builtins_types_66, nss_builtins_items_66, {NULL} },
-  { 12, nss_builtins_types_67, nss_builtins_items_67, {NULL} },
-  { 11, nss_builtins_types_68, nss_builtins_items_68, {NULL} },
-  { 12, nss_builtins_types_69, nss_builtins_items_69, {NULL} },
-  { 11, nss_builtins_types_70, nss_builtins_items_70, {NULL} },
-  { 12, nss_builtins_types_71, nss_builtins_items_71, {NULL} },
-  { 11, nss_builtins_types_72, nss_builtins_items_72, {NULL} },
-  { 12, nss_builtins_types_73, nss_builtins_items_73, {NULL} },
-  { 11, nss_builtins_types_74, nss_builtins_items_74, {NULL} },
-  { 12, nss_builtins_types_75, nss_builtins_items_75, {NULL} },
-  { 11, nss_builtins_types_76, nss_builtins_items_76, {NULL} },
-  { 12, nss_builtins_types_77, nss_builtins_items_77, {NULL} },
-  { 11, nss_builtins_types_78, nss_builtins_items_78, {NULL} },
-  { 12, nss_builtins_types_79, nss_builtins_items_79, {NULL} },
-  { 11, nss_builtins_types_80, nss_builtins_items_80, {NULL} },
-  { 12, nss_builtins_types_81, nss_builtins_items_81, {NULL} },
-  { 11, nss_builtins_types_82, nss_builtins_items_82, {NULL} },
-  { 12, nss_builtins_types_83, nss_builtins_items_83, {NULL} },
-  { 11, nss_builtins_types_84, nss_builtins_items_84, {NULL} },
-  { 12, nss_builtins_types_85, nss_builtins_items_85, {NULL} },
-  { 11, nss_builtins_types_86, nss_builtins_items_86, {NULL} },
-  { 12, nss_builtins_types_87, nss_builtins_items_87, {NULL} },
-  { 11, nss_builtins_types_88, nss_builtins_items_88, {NULL} },
-  { 12, nss_builtins_types_89, nss_builtins_items_89, {NULL} },
-  { 11, nss_builtins_types_90, nss_builtins_items_90, {NULL} },
-  { 12, nss_builtins_types_91, nss_builtins_items_91, {NULL} },
-  { 11, nss_builtins_types_92, nss_builtins_items_92, {NULL} },
-  { 12, nss_builtins_types_93, nss_builtins_items_93, {NULL} },
-  { 11, nss_builtins_types_94, nss_builtins_items_94, {NULL} },
-  { 12, nss_builtins_types_95, nss_builtins_items_95, {NULL} },
-  { 11, nss_builtins_types_96, nss_builtins_items_96, {NULL} },
-  { 12, nss_builtins_types_97, nss_builtins_items_97, {NULL} },
-  { 11, nss_builtins_types_98, nss_builtins_items_98, {NULL} },
-  { 12, nss_builtins_types_99, nss_builtins_items_99, {NULL} },
-  { 11, nss_builtins_types_100, nss_builtins_items_100, {NULL} },
-  { 12, nss_builtins_types_101, nss_builtins_items_101, {NULL} },
-  { 11, nss_builtins_types_102, nss_builtins_items_102, {NULL} },
-  { 12, nss_builtins_types_103, nss_builtins_items_103, {NULL} },
-  { 11, nss_builtins_types_104, nss_builtins_items_104, {NULL} },
-  { 12, nss_builtins_types_105, nss_builtins_items_105, {NULL} },
-  { 11, nss_builtins_types_106, nss_builtins_items_106, {NULL} },
-  { 12, nss_builtins_types_107, nss_builtins_items_107, {NULL} },
-  { 11, nss_builtins_types_108, nss_builtins_items_108, {NULL} },
-  { 12, nss_builtins_types_109, nss_builtins_items_109, {NULL} },
-  { 11, nss_builtins_types_110, nss_builtins_items_110, {NULL} },
-  { 12, nss_builtins_types_111, nss_builtins_items_111, {NULL} },
-  { 11, nss_builtins_types_112, nss_builtins_items_112, {NULL} },
-  { 10, nss_builtins_types_113, nss_builtins_items_113, {NULL} },
-  { 11, nss_builtins_types_114, nss_builtins_items_114, {NULL} },
-  { 10, nss_builtins_types_115, nss_builtins_items_115, {NULL} },
-  { 11, nss_builtins_types_116, nss_builtins_items_116, {NULL} },
-  { 10, nss_builtins_types_117, nss_builtins_items_117, {NULL} },
-  { 11, nss_builtins_types_118, nss_builtins_items_118, {NULL} },
-  { 10, nss_builtins_types_119, nss_builtins_items_119, {NULL} },
-  { 11, nss_builtins_types_120, nss_builtins_items_120, {NULL} },
-  { 10, nss_builtins_types_121, nss_builtins_items_121, {NULL} },
-  { 11, nss_builtins_types_122, nss_builtins_items_122, {NULL} },
-  { 10, nss_builtins_types_123, nss_builtins_items_123, {NULL} },
-  { 11, nss_builtins_types_124, nss_builtins_items_124, {NULL} },
-  { 10, nss_builtins_types_125, nss_builtins_items_125, {NULL} },
-  { 11, nss_builtins_types_126, nss_builtins_items_126, {NULL} },
-  { 10, nss_builtins_types_127, nss_builtins_items_127, {NULL} },
-  { 11, nss_builtins_types_128, nss_builtins_items_128, {NULL} },
-  { 10, nss_builtins_types_129, nss_builtins_items_129, {NULL} }
-};
-PR_IMPLEMENT_DATA(const PRUint32)
-#ifdef DEBUG
-  nss_builtins_nObjects = 129+1;
-#else
-  nss_builtins_nObjects = 129;
-#endif /* DEBUG */
diff --git a/security/nss/lib/ckfw/builtins/certdata.perl b/security/nss/lib/ckfw/builtins/certdata.perl
deleted file mode 100644
index 81ab8273b..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.perl
+++ /dev/null
@@ -1,292 +0,0 @@
-#!perl -w
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-my $cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-use strict;
-
-my %constants;
-my $count = 0;
-my $o;
-my @objects = ();
-my @objsize;
-my $cvsid;
-
-$constants{CKO_DATA} = "static const CK_OBJECT_CLASS cko_data = CKO_DATA;\n";
-$constants{CK_TRUE} = "static const CK_BBOOL ck_true = CK_TRUE;\n";
-$constants{CK_FALSE} = "static const CK_BBOOL ck_false = CK_FALSE;\n";
-
-while(<>) {
-  my @fields = ();
-  my $size;
-
-  s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
-  next if (/^\s*$/);
-
-  if( /(^CVS_ID\s+)(.*)/ ) {
-#    print "The CVS ID is $2\n";
-    $cvsid = $2 . "\"; $cvs_id\"";
-    my $scratch = $cvsid;
-    $size = 1 + $scratch =~ s/[^"\n]//g;
-    @{$objects[0][0]} = ( "CKA_CLASS", "&cko_data", "sizeof(CK_OBJECT_CLASS)" );
-    @{$objects[0][1]} = ( "CKA_TOKEN", "&ck_true", "sizeof(CK_BBOOL)" );
-    @{$objects[0][2]} = ( "CKA_PRIVATE", "&ck_false", "sizeof(CK_BBOOL)" );
-    @{$objects[0][3]} = ( "CKA_MODIFIABLE", "&ck_false", "sizeof(CK_BBOOL)" );
-    @{$objects[0][4]} = ( "CKA_LABEL", "\"CVS ID\"", "7" );
-    @{$objects[0][5]} = ( "CKA_APPLICATION", "\"NSS\"", "4" );
-    @{$objects[0][6]} = ( "CKA_VALUE", $cvsid, "$size" );
-    $objsize[0] = 7;
-    next;
-  }
-
-  # This was taken from the perl faq #4.
-  my $text = $_;
-  push(@fields, $+) while $text =~ m{
-      "([^\"\\]*(?:\\.[^\"\\]*)*)"\s?  # groups the phrase inside the quotes
-    | ([^\s]+)\s?
-    | \s
-  }gx;
-  push(@fields, undef) if substr($text,-1,1) eq '\s';
-
-  if( $fields[0] =~ /BEGINDATA/ ) {
-    next;
-  }
-
-  if( $fields[1] =~ /MULTILINE/ ) {
-    $fields[2] = "";
-    while(<>) {
-      last if /END/;
-      chomp;
-      $fields[2] .= "\"$_\"\n";
-    }
-  }
-
-  if( $fields[1] =~ /UTF8/ ) {
-    if( $fields[2] =~ /^"/ ) {
-      ;
-    } else {
-      $fields[2] = "\"" . $fields[2] . "\"";
-    }
-
-    my $scratch = $fields[2];
-    $size = $scratch =~ s/[^"\n]//g; # should supposedly handle multilines, too..
-    $size += 1; # null terminate
-  }
-
-  if( $fields[1] =~ /OCTAL/ ) {
-    if( $fields[2] =~ /^"/ ) {
-      ;
-    } else {
-      $fields[2] = "\"" . $fields[2] . "\"";
-    }
-
-    my $scratch = $fields[2];
-    $size = $scratch =~ tr/\\//;
-    # no null termination
-  }
-
-  if( $fields[1] =~ /^CK_/ ) {
-    my $lcv = $fields[2];
-    $lcv =~ tr/A-Z/a-z/;
-    if( !defined($constants{$fields[2]}) ) {
-      $constants{$fields[2]} = "static const $fields[1] $lcv = $fields[2];\n";
-    }
-    
-    $size = "sizeof($fields[1])";
-    $fields[2] = "&$lcv";
-  }
-
-  if( $fields[0] =~ /CKA_CLASS/ ) {
-    $count++;
-    $objsize[$count] = 0;
-  }
-
-  @{$objects[$count][$objsize[$count]++]} = ( "$fields[0]", $fields[2], "$size" );
-
- # print "$fields[0] | $fields[1] | $size | $fields[2]\n";
-}
-
-doprint();
-
-sub dudump {
-my $i;
-for( $i = 0; $i <= $count; $i++ ) {
-  print "\n";
-  $o = $objects[$i];
-  my @ob = @{$o};
-  my $l;
-  my $j;
-  for( $j = 0; $j < @ob; $j++ ) {
-    $l = $ob[$j];
-    my @a = @{$l};
-    print "$a[0] ! $a[1] ! $a[2]\n";
-  }
-}
-
-}
-
-sub doprint {
-my $i;
-
-open(CFILE, ">certdata.c") || die "Can't open certdata.c: $!";
-
-print CFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = $cvsid;
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-EOD
-    ;
-
-while(($a,$b) = each(%constants)) {
-  print CFILE $b;
-}
-
-for( $i = 0; $i <= $count; $i++ ) {
-  if( 0 == $i ) {
-    print CFILE "#ifdef DEBUG\n";
-  }
-
-  print CFILE "static const CK_ATTRIBUTE_TYPE nss_builtins_types_$i [] = {\n";
-  $o = $objects[$i];
- # print STDOUT "type $i object $o \n";
-  my @ob = @{$o};
-  my $j;
-  for( $j = 0; $j < @ob; $j++ ) {
-    my $l = $ob[$j];
-    my @a = @{$l};
-    print CFILE " $a[0]";
-    if( $j+1 != @ob ) {
-      print CFILE ", ";
-    }
-  }
-  print CFILE "\n};\n";
-
-  if( 0 == $i ) {
-    print CFILE "#endif /* DEBUG */\n";
-  }
-}
-
-for( $i = 0; $i <= $count; $i++ ) {
-  if( 0 == $i ) {
-    print CFILE "#ifdef DEBUG\n";
-  }
-
-  print CFILE "static const NSSItem nss_builtins_items_$i [] = {\n";
-  $o = $objects[$i];
-  my @ob = @{$o};
-  my $j;
-  for( $j = 0; $j < @ob; $j++ ) {
-    my $l = $ob[$j];
-    my @a = @{$l};
-    print CFILE "  { (void *)$a[1], (PRUint32)$a[2] }";
-    if( $j+1 != @ob ) {
-      print CFILE ",\n";
-    } else {
-      print CFILE "\n";
-    }
-  }
-  print CFILE "};\n";
-
-  if( 0 == $i ) {
-    print CFILE "#endif /* DEBUG */\n";
-  }
-}
-
-print CFILE "\nPR_IMPLEMENT_DATA(builtinsInternalObject)\n";
-print CFILE "nss_builtins_data[] = {\n";
-
-for( $i = 0; $i <= $count; $i++ ) {
-
-  if( 0 == $i ) {
-    print CFILE "#ifdef DEBUG\n";
-  }
-
-  print CFILE "  { $objsize[$i], nss_builtins_types_$i, nss_builtins_items_$i, {NULL} }";
-
-  if( $i == $count ) {
-    print CFILE "\n";
-  } else {
-    print CFILE ",\n";
-  }
-
-  if( 0 == $i ) {
-    print CFILE "#endif /* DEBUG */\n";
-  }
-}
-
-print CFILE "};\n";
-
-print CFILE "PR_IMPLEMENT_DATA(const PRUint32)\n";
-print CFILE "#ifdef DEBUG\n";
-print CFILE "  nss_builtins_nObjects = $count+1;\n";
-print CFILE "#else\n";
-print CFILE "  nss_builtins_nObjects = $count;\n";
-print CFILE "#endif /* DEBUG */\n";
-}
diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt
deleted file mode 100644
index 6db804088..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.txt
+++ /dev/null
@@ -1,8202 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-#
-# certdata.txt
-#
-# This file contains the object definitions for the certs and other
-# information "built into" NSS.
-#
-# Object definitions:
-#
-#    Certificates
-#
-#  -- Attribute --          -- type --              -- value --
-#  CKA_CLASS                CK_OBJECT_CLASS         CKO_CERTIFICATE
-#  CKA_TOKEN                CK_BBOOL                CK_TRUE
-#  CKA_PRIVATE              CK_BBOOL                CK_FALSE
-#  CKA_MODIFIABLE           CK_BBOOL                CK_FALSE
-#  CKA_LABEL                UTF8                    (varies)
-#  CKA_CERTIFICATE_TYPE     CK_CERTIFICATE_TYPE     CKC_X_509
-#  CKA_SUBJECT              DER+base64              (varies)
-#  CKA_ID                   byte array              (varies)
-#  CKA_ISSUER               DER+base64              (varies)
-#  CKA_SERIAL_NUMBER        DER+base64              (varies)
-#  CKA_VALUE                DER+base64              (varies)
-#  CKA_NETSCAPE_EMAIL       ASCII7                  (unused here)
-#
-#    Trust
-#
-#  -- Attribute --              -- type --          -- value --
-#  CKA_CLASS                    CK_OBJECT_CLASS     CKO_TRUST
-#  CKA_TOKEN                    CK_BBOOL            CK_TRUE
-#  CKA_PRIVATE                  CK_BBOOL            CK_FALSE
-#  CKA_MODIFIABLE               CK_BBOOL            CK_FALSE
-#  CKA_LABEL                    UTF8                (varies)
-#  CKA_ISSUER                   DER+base64          (varies)
-#  CKA_SERIAL_NUMBER            DER+base64          (varies)
-#  CKA_CERT_HASH                binary+base64       (varies)
-#  CKA_EXPIRES                  CK_DATE             (not used here)
-#  CKA_TRUST_DIGITAL_SIGNATURE  CK_TRUST            (varies)
-#  CKA_TRUST_NON_REPUDIATION    CK_TRUST            (varies)
-#  CKA_TRUST_KEY_ENCIPHERMENT   CK_TRUST            (varies)
-#  CKA_TRUST_DATA_ENCIPHERMENT  CK_TRUST            (varies)
-#  CKA_TRUST_KEY_AGREEMENT      CK_TRUST            (varies)
-#  CKA_TRUST_KEY_CERT_SIGN      CK_TRUST            (varies)
-#  CKA_TRUST_CRL_SIGN           CK_TRUST            (varies)
-#  CKA_TRUST_SERVER_AUTH        CK_TRUST            (varies)
-#  CKA_TRUST_CLIENT_AUTH        CK_TRUST            (varies)
-#  CKA_TRUST_CODE_SIGNING       CK_TRUST            (varies)
-#  CKA_TRUST_EMAIL_PROTECTION   CK_TRUST            (varies)
-#  CKA_TRUST_IPSEC_END_SYSTEM   CK_TRUST            (varies)
-#  CKA_TRUST_IPSEC_TUNNEL       CK_TRUST            (varies)
-#  CKA_TRUST_IPSEC_USER         CK_TRUST            (varies)
-#  CKA_TRUST_TIME_STAMPING      CK_TRUST            (varies)
-#  (other trust attributes can be defined)
-#
-
-#
-# The object to tell NSS that this is a root list and we don't
-# have to go looking for others.
-#
-BEGINDATA
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Mozilla Builtin Roots"
-
-#
-# Certificate "Verisign/RSA Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign/RSA Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\064\060\202\001\241\002\020\002\255\146\176\116\105
-\376\136\127\157\074\230\031\136\335\300\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004
-\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143\165
-\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006\003
-\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\064
-\061\061\060\071\060\060\060\060\060\060\132\027\015\061\060\060
-\061\060\067\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125
-\004\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143
-\165\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006
-\003\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162
-\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\233\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\211
-\000\060\201\205\002\176\000\222\316\172\301\256\203\076\132\252
-\211\203\127\254\045\001\166\014\255\256\216\054\067\316\353\065
-\170\144\124\003\345\204\100\121\311\277\217\010\342\212\202\010
-\322\026\206\067\125\351\261\041\002\255\166\150\201\232\005\242
-\113\311\113\045\146\042\126\154\210\007\217\367\201\131\155\204
-\007\145\160\023\161\166\076\233\167\114\343\120\211\126\230\110
-\271\035\247\051\032\023\056\112\021\131\234\036\025\325\111\124
-\054\163\072\151\202\261\227\071\234\155\160\147\110\345\335\055
-\326\310\036\173\002\003\001\000\001\060\015\006\011\052\206\110
-\206\367\015\001\001\002\005\000\003\176\000\145\335\176\341\262
-\354\260\342\072\340\354\161\106\232\031\021\270\323\307\240\264
-\003\100\046\002\076\011\234\341\022\263\321\132\366\067\245\267
-\141\003\266\133\026\151\073\306\104\010\014\210\123\014\153\227
-\111\307\076\065\334\154\271\273\252\337\134\273\072\057\223\140
-\266\251\113\115\362\040\367\315\137\177\144\173\216\334\000\134
-\327\372\167\312\071\026\131\157\016\352\323\265\203\177\115\115
-\102\126\166\264\311\137\004\370\070\370\353\322\137\165\137\315
-\173\374\345\216\200\174\374\120
-END
-
-# Trust for Certificate "Verisign/RSA Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign/RSA Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\104\143\305\061\327\314\301\000\147\224\141\053\266\126\323\277
-\202\127\204\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\164\173\202\003\103\360\000\236\153\263\354\107\277\205\245\223
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "GTE CyberTrust Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\243
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003
-\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141
-\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157
-\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061
-\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060
-\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006
-\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257
-\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215
-\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373
-\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014
-\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114
-\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011
-\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371
-\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143
-\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263
-\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043
-\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352
-\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245
-\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276
-\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131
-\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162
-\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351
-\264\172\341\345\132\037\204\060\234\323\237\245\045\330
-END
-
-# Trust for Certificate "GTE CyberTrust Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274
-\145\246\211\144
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\243
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Global Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Global Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\245
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\132\060\202\001\303\002\002\001\245\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\165\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003
-\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141
-\164\151\157\156\061\047\060\045\006\003\125\004\013\023\036\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\123\157
-\154\165\164\151\157\156\163\054\040\111\156\143\056\061\043\060
-\041\006\003\125\004\003\023\032\107\124\105\040\103\171\142\145
-\162\124\162\165\163\164\040\107\154\157\142\141\154\040\122\157
-\157\164\060\036\027\015\071\070\060\070\061\063\060\060\062\071
-\060\060\132\027\015\061\070\060\070\061\063\062\063\065\071\060
-\060\132\060\165\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006
-\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040
-\111\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154
-\157\142\141\154\040\122\157\157\164\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\225\017\240\266\360\120\234\350\172\307
-\210\315\335\027\016\056\260\224\320\033\075\016\366\224\300\212
-\224\307\006\310\220\227\310\270\144\032\172\176\154\074\123\341
-\067\050\163\140\177\262\227\123\007\237\123\371\155\130\224\322
-\257\215\155\210\147\200\346\355\262\225\317\162\061\312\245\034
-\162\272\134\002\347\144\102\347\371\251\054\326\072\015\254\215
-\102\252\044\001\071\346\234\077\001\205\127\015\130\207\105\370
-\323\205\252\223\151\046\205\160\110\200\077\022\025\307\171\264
-\037\005\057\073\142\231\002\003\001\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\003\201\201\000\155\353
-\033\011\351\136\331\121\333\147\042\141\244\052\074\110\167\343
-\240\174\246\336\163\242\024\003\205\075\373\253\016\060\305\203
-\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175
-\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331
-\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277
-\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017
-\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117
-\037\042\265\315\225\255\272\247\314\371\253\013\172\177
-END
-
-# Trust for Certificate "GTE CyberTrust Global Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Global Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061
-\066\176\364\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\312\075\323\150\361\003\134\320\062\372\270\053\131\350\132\333
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\245
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Basic CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Basic CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\041\060\202\002\212\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151\143
-\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015\001
-\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141\163
-\151\143\100\164\150\141\167\164\145\056\143\157\155\060\036\027
-\015\071\066\060\061\060\061\060\060\060\060\060\060\132\027\015
-\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\313
-\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060
-\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040
-\103\141\160\145\061\022\060\020\006\003\125\004\007\023\011\103
-\141\160\145\040\124\157\167\156\061\032\060\030\006\003\125\004
-\012\023\021\124\150\141\167\164\145\040\103\157\156\163\165\154
-\164\151\156\147\061\050\060\046\006\003\125\004\013\023\037\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162
-\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061\041
-\060\037\006\003\125\004\003\023\030\124\150\141\167\164\145\040
-\120\145\162\163\157\156\141\154\040\102\141\163\151\143\040\103
-\101\061\050\060\046\006\011\052\206\110\206\367\015\001\011\001
-\026\031\160\145\162\163\157\156\141\154\055\142\141\163\151\143
-\100\164\150\141\167\164\145\056\143\157\155\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\274\274\223\123\155\300\120\117
-\202\025\346\110\224\065\246\132\276\157\102\372\017\107\356\167
-\165\162\335\215\111\233\226\127\240\170\324\312\077\121\263\151
-\013\221\166\027\042\007\227\152\304\121\223\113\340\215\357\067
-\225\241\014\115\332\064\220\035\027\211\227\340\065\070\127\112
-\300\364\010\160\351\074\104\173\120\176\141\232\220\343\043\323
-\210\021\106\047\365\013\007\016\273\335\321\177\040\012\210\271
-\126\013\056\034\200\332\361\343\236\051\357\024\275\012\104\373
-\033\133\030\321\277\043\223\041\002\003\001\000\001\243\023\060
-\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\055\342\231\153\260\075\172\211\327\131\242
-\224\001\037\053\335\022\113\123\302\255\177\252\247\000\134\221
-\100\127\045\112\070\252\204\160\271\331\200\017\245\173\134\373
-\163\306\275\327\212\141\134\003\343\055\047\250\027\340\204\205
-\102\334\136\233\306\267\262\155\273\164\257\344\077\313\247\267
-\260\340\135\276\170\203\045\224\322\333\201\017\171\007\155\117
-\364\071\025\132\122\001\173\336\062\326\115\070\366\022\134\006
-\120\337\005\133\275\024\113\241\337\051\272\073\101\215\367\143
-\126\241\337\042\261
-END
-
-# Trust for Certificate "Thawte Personal Basic CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Basic CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\100\347\214\035\122\075\034\331\225\117\254\032\032\263\275\074
-\272\241\133\374
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\346\013\322\311\312\055\210\333\032\161\016\113\170\353\002\101
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Premium CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Premium CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155\151
-\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206\367
-\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055\160
-\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143\157
-\155\060\036\027\015\071\066\060\061\060\061\060\060\060\060\060
-\060\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071
-\132\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132
-\101\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164
-\145\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004
-\007\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030
-\006\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157
-\156\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004
-\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151
-\157\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141
-\167\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145
-\155\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110
-\206\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154
-\055\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056
-\143\157\155\060\201\237\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000
-\311\146\331\370\007\104\317\271\214\056\360\241\357\023\105\154
-\005\337\336\047\026\121\066\101\021\154\154\073\355\376\020\175
-\022\236\345\233\102\232\376\140\061\303\146\267\163\072\110\256
-\116\320\062\067\224\210\265\015\266\331\363\362\104\331\325\210
-\022\335\166\115\362\032\374\157\043\036\172\361\330\230\105\116
-\007\020\357\026\102\320\103\165\155\112\336\342\252\311\061\377
-\037\000\160\174\146\317\020\045\010\272\372\356\000\351\106\003
-\146\047\021\025\073\252\133\362\230\335\066\102\262\332\210\165
-\002\003\001\000\001\243\023\060\021\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\003\201\201\000\151\066\211
-\367\064\052\063\162\057\155\073\324\042\262\270\157\232\305\066
-\146\016\033\074\241\261\165\132\346\375\065\323\370\250\362\007
-\157\205\147\216\336\053\271\342\027\260\072\240\360\016\242\000
-\232\337\363\024\025\156\273\310\205\132\230\200\371\377\276\164
-\035\075\363\376\060\045\321\067\064\147\372\245\161\171\060\141
-\051\162\300\340\054\114\373\126\344\072\250\157\345\062\131\122
-\333\165\050\120\131\014\370\013\031\344\254\331\257\226\215\057
-\120\333\007\303\352\037\253\063\340\365\053\061\211
-END
-
-# Trust for Certificate "Thawte Personal Premium CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Premium CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\066\206\065\143\375\121\050\307\276\246\360\005\317\351\264\066
-\150\010\154\316
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\072\262\336\042\232\040\223\111\371\355\310\322\212\347\150\015
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Freemail CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Freemail CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\055\060\202\002\226\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145\155
-\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110\206
-\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154\055
-\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145\056
-\143\157\155\060\036\027\015\071\066\060\061\060\061\060\060\060
-\060\060\060\132\027\015\062\060\061\062\063\061\062\063\065\071
-\065\071\132\060\201\321\061\013\060\011\006\003\125\004\006\023
-\002\132\101\061\025\060\023\006\003\125\004\010\023\014\127\145
-\163\164\145\162\156\040\103\141\160\145\061\022\060\020\006\003
-\125\004\007\023\011\103\141\160\145\040\124\157\167\156\061\032
-\060\030\006\003\125\004\012\023\021\124\150\141\167\164\145\040
-\103\157\156\163\165\154\164\151\156\147\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\044\060\042\006\003\125\004\003\023\033\124
-\150\141\167\164\145\040\120\145\162\163\157\156\141\154\040\106
-\162\145\145\155\141\151\154\040\103\101\061\053\060\051\006\011
-\052\206\110\206\367\015\001\011\001\026\034\160\145\162\163\157
-\156\141\154\055\146\162\145\145\155\141\151\154\100\164\150\141
-\167\164\145\056\143\157\155\060\201\237\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211
-\002\201\201\000\324\151\327\324\260\224\144\133\161\351\107\330
-\014\121\266\352\162\221\260\204\136\175\055\015\217\173\022\337
-\205\045\165\050\164\072\102\054\143\047\237\225\173\113\357\176
-\031\207\035\206\352\243\335\271\316\226\144\032\302\024\156\104
-\254\174\346\217\350\115\017\161\037\100\070\246\000\243\207\170
-\366\371\224\206\136\255\352\300\136\166\353\331\024\243\135\156
-\172\174\014\245\113\125\177\006\031\051\177\236\232\046\325\152
-\273\070\044\010\152\230\307\261\332\243\230\221\375\171\333\345
-\132\304\034\271\002\003\001\000\001\243\023\060\021\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201
-\000\307\354\222\176\116\370\365\226\245\147\142\052\244\360\115
-\021\140\320\157\215\140\130\141\254\046\273\122\065\134\010\317
-\060\373\250\112\226\212\037\142\102\043\214\027\017\364\272\144
-\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254
-\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232
-\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163
-\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246
-\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242
-\201
-END
-
-# Trust for Certificate "Thawte Personal Freemail CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Freemail CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207
-\244\353\000\205
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\036\164\303\206\074\014\065\305\076\302\177\357\074\252\074\331
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Thawte Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\023\060\202\002\174\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003
-\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125
-\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163
-\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124\150
-\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061\046
-\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027\163
-\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141\167
-\164\145\056\143\157\155\060\036\027\015\071\066\060\070\060\061
-\060\060\060\060\060\060\132\027\015\062\060\061\062\063\061\062
-\063\065\071\065\071\132\060\201\304\061\013\060\011\006\003\125
-\004\006\023\002\132\101\061\025\060\023\006\003\125\004\010\023
-\014\127\145\163\164\145\162\156\040\103\141\160\145\061\022\060
-\020\006\003\125\004\007\023\011\103\141\160\145\040\124\157\167
-\156\061\035\060\033\006\003\125\004\012\023\024\124\150\141\167
-\164\145\040\103\157\156\163\165\154\164\151\156\147\040\143\143
-\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145
-\163\040\104\151\166\151\163\151\157\156\061\031\060\027\006\003
-\125\004\003\023\020\124\150\141\167\164\145\040\123\145\162\166
-\145\162\040\103\101\061\046\060\044\006\011\052\206\110\206\367
-\015\001\011\001\026\027\163\145\162\166\145\162\055\143\145\162
-\164\163\100\164\150\141\167\164\145\056\143\157\155\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\323\244\120\156\310\377
-\126\153\346\317\135\266\352\014\150\165\107\242\252\302\332\204
-\045\374\250\364\107\121\332\205\265\040\164\224\206\036\017\165
-\311\351\010\141\365\006\155\060\156\025\031\002\351\122\300\142
-\333\115\231\236\342\152\014\104\070\315\376\276\343\144\011\160
-\305\376\261\153\051\266\057\111\310\073\324\047\004\045\020\227
-\057\347\220\155\300\050\102\231\327\114\103\336\303\365\041\155
-\124\237\135\303\130\341\300\344\331\133\260\270\334\264\173\337
-\066\072\302\265\146\042\022\326\207\015\002\003\001\000\001\243
-\023\060\021\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\007\372\114\151\134\373\225\314\106
-\356\205\203\115\041\060\216\312\331\250\157\111\032\346\332\121
-\343\140\160\154\204\141\021\241\032\310\110\076\131\103\175\117
-\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236
-\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212
-\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325
-\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131
-\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274
-\243\377\212\043\056\160\107
-END
-
-# Trust for Certificate "Thawte Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243
-\365\330\213\214
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\305\160\304\242\355\123\170\014\310\020\123\201\144\313\320\035
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Premium Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Premium Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\047\060\202\002\220\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003
-\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125
-\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163
-\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124\150
-\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145\162
-\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110\206
-\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055\163
-\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157\155
-\060\036\027\015\071\066\060\070\060\061\060\060\060\060\060\060
-\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071\132
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\322\066
-\066\152\213\327\302\133\236\332\201\101\142\217\070\356\111\004
-\125\326\320\357\034\033\225\026\107\357\030\110\065\072\122\364
-\053\152\006\217\073\057\352\126\343\257\206\215\236\027\367\236
-\264\145\165\002\115\357\313\011\242\041\121\330\233\320\147\320
-\272\015\222\006\024\163\324\223\313\227\052\000\234\134\116\014
-\274\372\025\122\374\362\104\156\332\021\112\156\010\237\057\055
-\343\371\252\072\206\163\266\106\123\130\310\211\005\275\203\021
-\270\163\077\252\007\215\364\102\115\347\100\235\034\067\002\003
-\001\000\001\243\023\060\021\060\017\006\003\125\035\023\001\001
-\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206
-\367\015\001\001\004\005\000\003\201\201\000\046\110\054\026\302
-\130\372\350\026\164\014\252\252\137\124\077\362\327\311\170\140
-\136\136\156\067\143\042\167\066\176\262\027\304\064\271\365\010
-\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106
-\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274
-\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114
-\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310
-\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047
-\246\015\246\043\371\273\313\246\007\024\102
-END
-
-# Trust for Certificate "Thawte Premium Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Premium Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263
-\363\076\372\232
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\006\237\151\171\026\146\220\002\033\214\214\242\303\007\157\072
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\065\336\364\317
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\065
-\336\364\317\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\036\027\015\071\070\060\070\062\062\061\066\064\061
-\065\061\132\027\015\061\070\060\070\062\062\061\066\064\061\065
-\061\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\301
-\135\261\130\147\010\142\356\240\232\055\037\010\155\221\024\150
-\230\012\036\376\332\004\157\023\204\142\041\303\321\174\316\237
-\005\340\270\001\360\116\064\354\342\212\225\004\144\254\361\153
-\123\137\005\263\313\147\200\277\102\002\216\376\335\001\011\354
-\341\000\024\117\374\373\360\014\335\103\272\133\053\341\037\200
-\160\231\025\127\223\026\361\017\227\152\267\302\150\043\034\314
-\115\131\060\254\121\036\073\257\053\326\356\143\105\173\305\331
-\137\120\322\343\120\017\072\210\347\277\024\375\340\307\271\002
-\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003
-\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060
-\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\020
-\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141\170
-\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151\146
-\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151\146
-\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061
-\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032
-\006\003\125\035\020\004\023\060\021\201\017\062\060\061\070\060
-\070\062\062\061\066\064\061\065\061\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\110\346\150\371\053\322\262\225\327\107\330\043
-\040\020\117\063\230\220\237\324\060\035\006\003\125\035\016\004
-\026\004\024\110\346\150\371\053\322\262\225\327\107\330\043\040
-\020\117\063\230\220\237\324\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007
-\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006
-\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\201\201\000\130\316\051\352\374\367\336\265\316\002\271\027
-\265\205\321\271\343\340\225\314\045\061\015\000\246\222\156\177
-\266\222\143\236\120\225\321\232\157\344\021\336\143\205\156\230
-\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075
-\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265
-\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141
-\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041
-\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117
-\254\007\167\070
-END
-
-# Trust for Certificate "Equifax Secure CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023
-\227\206\143\072
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\147\313\235\300\023\044\212\202\233\262\027\036\321\033\354\324
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\065\336\364\317
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 2 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 2 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\003
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\063\065\067\064\064\132\027
-\015\060\065\061\062\063\061\061\063\065\067\064\064\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\332\070\350\355\062\000
-\051\161\203\001\015\277\214\001\334\332\306\255\071\244\251\212
-\057\325\213\134\150\137\120\306\142\365\146\275\312\221\042\354
-\252\035\121\327\075\263\121\262\203\116\135\313\111\260\360\114
-\125\345\153\055\307\205\013\060\034\222\116\202\324\312\002\355
-\367\157\276\334\340\343\024\270\005\123\362\232\364\126\213\132
-\236\205\223\321\264\202\126\256\115\273\250\113\127\026\274\376
-\370\130\236\370\051\215\260\173\315\170\311\117\254\213\147\014
-\361\234\373\374\127\233\127\134\117\015\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\211\033\364\357\351\070\342
-\154\014\366\315\157\111\316\051\314\373\246\017\371\215\076\225
-\106\326\374\107\062\211\262\310\006\141\172\322\347\015\023\002
-\224\013\331\213\126\107\364\273\347\305\137\173\364\143\114\256
-\174\064\352\015\242\251\263\054\205\363\343\376\047\124\020\222
-\260\217\222\301\230\102\030\160\110\333\116\054\353\015\044\150
-\344\321\367\276\011\251\051\207\273\350\332\334\076\243\210\102
-\061\365\321\343\177\256\330\216\000\132\164\230\260\117\306\377
-\043\173\134\163\000\170\311\333\116
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 2 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 2 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\312\135\207\155\025\113\162\350\014\357\331\346\353\234\366\215
-\002\037\253\354
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\341\351\226\123\167\341\360\070\240\002\253\224\306\225\173\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 3 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 3 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\004
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\063\065\070\064\071\132\027
-\015\060\065\061\062\063\061\061\063\065\070\064\071\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\266\264\301\065\005\056
-\015\215\354\240\100\152\034\016\047\246\120\222\153\120\033\007
-\336\056\347\166\314\340\332\374\204\250\136\214\143\152\053\115
-\331\116\002\166\021\301\013\362\215\171\312\000\266\361\260\016
-\327\373\244\027\075\257\253\151\172\226\047\277\257\063\241\232
-\052\131\252\304\265\067\010\362\022\245\061\266\103\365\062\226
-\161\050\050\253\215\050\206\337\273\356\343\014\175\060\326\303
-\122\253\217\135\047\234\153\300\243\347\005\153\127\111\104\263
-\156\352\144\317\322\216\172\120\167\167\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\204\206\120\142\171\240\047
-\341\045\272\011\261\064\017\023\011\355\055\312\243\346\225\371
-\060\254\315\027\245\316\075\227\235\354\174\217\046\177\300\141
-\312\042\367\221\335\074\066\131\232\233\165\367\274\344\310\355
-\354\002\266\042\247\363\054\361\310\222\170\155\266\356\305\050
-\354\200\040\117\271\153\010\347\057\247\206\036\175\261\010\237
-\124\271\000\067\074\240\330\032\310\226\034\364\062\024\234\071
-\225\267\356\360\103\111\302\136\350\313\171\157\123\277\373\111
-\212\054\330\113\331\125\362\022\160
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 3 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 3 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\227\057\340\037\171\136\221\210\026\371\201\161\176\162\355\040
-\241\377\020\143
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\142\253\266\025\112\264\260\026\167\377\256\317\026\026\053\214
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ABAecom (sub., Am. Bankers Assn.) Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\265\060\202\002\235\240\003\002\001\002\002\021\000
-\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000\004
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060\021
-\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164\157
-\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101\056
-\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006\003
-\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122\157
-\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206\367
-\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147\163
-\151\147\164\162\165\163\164\056\143\157\155\060\036\027\015\071
-\071\060\067\061\062\061\067\063\063\065\063\132\027\015\060\071
-\060\067\060\071\061\067\063\063\065\063\132\060\201\211\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\013\060\011\006
-\003\125\004\010\023\002\104\103\061\023\060\021\006\003\125\004
-\007\023\012\127\141\163\150\151\156\147\164\157\156\061\027\060
-\025\006\003\125\004\012\023\016\101\102\101\056\105\103\117\115
-\054\040\111\116\103\056\061\031\060\027\006\003\125\004\003\023
-\020\101\102\101\056\105\103\117\115\040\122\157\157\164\040\103
-\101\061\044\060\042\006\011\052\206\110\206\367\015\001\011\001
-\026\025\141\144\155\151\156\100\144\151\147\163\151\147\164\162
-\165\163\164\056\143\157\155\060\202\001\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
-\202\001\012\002\202\001\001\000\261\323\021\340\171\125\103\007
-\010\114\313\005\102\000\342\015\203\106\075\344\223\272\266\006
-\323\015\131\275\076\301\316\103\147\001\212\041\250\357\274\314
-\320\242\314\260\125\226\123\204\146\005\000\332\104\111\200\330
-\124\012\245\045\206\224\355\143\126\377\160\154\243\241\031\322
-\170\276\150\052\104\136\057\317\314\030\136\107\274\072\261\106
-\075\036\360\271\054\064\137\214\174\114\010\051\235\100\125\353
-\074\175\203\336\265\360\367\212\203\016\241\114\264\072\245\263
-\137\132\042\227\354\031\233\301\005\150\375\346\267\251\221\224
-\054\344\170\110\044\032\045\031\072\353\225\234\071\012\212\317
-\102\262\360\034\325\137\373\153\355\150\126\173\071\054\162\070
-\260\356\223\251\323\173\167\074\353\161\003\251\070\112\026\154
-\211\052\312\332\063\023\171\302\125\214\355\234\273\362\313\133
-\020\370\056\141\065\306\051\114\052\320\052\143\321\145\131\264
-\370\315\371\364\000\204\266\127\102\205\235\062\250\371\052\124
-\373\377\170\101\274\275\161\050\364\273\220\274\377\226\064\004
-\343\105\236\241\106\050\100\201\002\003\001\000\001\243\026\060
-\024\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001
-\001\377\002\001\010\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\202\001\001\000\004\157\045\206\344\346\226
-\047\264\331\102\300\320\311\000\261\177\124\076\207\262\155\044
-\251\057\012\176\375\244\104\260\370\124\007\275\033\235\235\312
-\173\120\044\173\021\133\111\243\246\277\022\164\325\211\267\267
-\057\230\144\045\024\267\141\351\177\140\200\153\323\144\350\253
-\275\032\326\121\372\300\264\135\167\032\177\144\010\136\171\306
-\005\114\361\172\335\115\175\316\346\110\173\124\322\141\222\201
-\326\033\326\000\360\016\236\050\167\240\115\210\307\042\166\031
-\303\307\236\033\246\167\170\370\137\233\126\321\360\362\027\254
-\216\235\131\346\037\376\127\266\331\136\341\135\237\105\354\141
-\150\031\101\341\262\040\046\376\132\060\166\044\377\100\162\074
-\171\237\174\042\110\253\106\315\333\263\206\054\217\277\005\101
-\323\301\343\024\343\101\027\046\320\174\247\161\114\031\350\112
-\017\162\130\061\175\354\140\172\243\042\050\275\031\044\140\077
-\073\207\163\300\153\344\313\256\267\253\045\103\262\125\055\173
-\253\006\016\165\135\064\345\135\163\155\236\262\165\100\245\131
-\311\117\061\161\210\331\210\177\124
-END
-
-# Trust for Certificate "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\172\164\101\017\260\315\134\227\052\066\113\161\277\003\035\210
-\246\121\016\236
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\101\270\007\367\250\321\011\356\264\232\216\160\115\374\033\170
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\160\025\226
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066
-\160\025\226\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
-\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
-\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013
-\023\010\104\123\124\103\101\040\105\061\060\036\027\015\071\070
-\061\062\061\060\061\070\061\060\062\063\132\027\015\061\070\061
-\062\061\060\061\070\064\060\062\063\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125
-\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156
-\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061
-\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040
-\105\061\060\201\235\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\240
-\154\201\251\317\064\036\044\335\376\206\050\314\336\203\057\371
-\136\324\102\322\350\164\140\146\023\230\006\034\251\121\022\151
-\157\061\125\271\111\162\000\010\176\323\245\142\104\067\044\231
-\217\331\203\110\217\231\155\225\023\273\103\073\056\111\116\210
-\067\301\273\130\177\376\341\275\370\273\141\315\363\107\300\231
-\246\361\363\221\350\170\174\000\313\141\311\104\047\161\151\125
-\112\176\111\115\355\242\243\276\002\114\000\312\002\250\356\001
-\002\061\144\017\122\055\023\164\166\066\265\172\264\055\161\002
-\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006
-\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127
-\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061\061\015\060\013\006\003\125\004
-\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044
-\060\042\200\017\061\071\071\070\061\062\061\060\061\070\061\060
-\062\063\132\201\017\062\060\061\070\061\062\061\060\061\070\061
-\060\062\063\132\060\013\006\003\125\035\017\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\152\171
-\176\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016
-\242\370\060\035\006\003\125\035\016\004\026\004\024\152\171\176
-\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016\242
-\370\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
-\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012
-\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\201\201\000\042\022\330
-\172\035\334\201\006\266\011\145\262\207\310\037\136\264\057\351
-\304\036\362\074\301\273\004\220\021\112\203\116\176\223\271\115
-\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040
-\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311
-\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376
-\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233
-\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274
-\241\223\004\273\206\237\072\133\103\172\303\212\145
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143
-\133\321\043\323
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\045\172\272\203\056\266\242\013\332\376\365\002\017\010\327\255
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\160\025\226
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\156\323\316
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066
-\156\323\316\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
-\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
-\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013
-\023\010\104\123\124\103\101\040\105\062\060\036\027\015\071\070
-\061\062\060\071\061\071\061\067\062\066\132\027\015\061\070\061
-\062\060\071\061\071\064\067\062\066\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125
-\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156
-\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061
-\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040
-\105\062\060\201\235\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\277
-\223\217\027\222\357\063\023\030\353\020\177\116\026\277\377\006
-\217\052\205\274\136\371\044\246\044\210\266\003\267\301\303\137
-\003\133\321\157\256\176\102\352\146\043\270\143\203\126\373\050
-\055\341\070\213\264\356\250\001\341\316\034\266\210\052\042\106
-\205\373\237\247\160\251\107\024\077\316\336\145\360\250\161\367
-\117\046\154\214\274\306\265\357\336\111\047\377\110\052\175\350
-\115\003\314\307\262\122\306\027\061\023\073\265\115\333\310\304
-\366\303\017\044\052\332\014\235\347\221\133\200\315\224\235\002
-\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006
-\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127
-\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062\061\015\060\013\006\003\125\004
-\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044
-\060\042\200\017\061\071\071\070\061\062\060\071\061\071\061\067
-\062\066\132\201\017\062\060\061\070\061\062\060\071\061\071\061
-\067\062\066\132\060\013\006\003\125\035\017\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\036\202
-\115\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370
-\071\133\060\035\006\003\125\035\016\004\026\004\024\036\202\115
-\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370\071
-\133\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
-\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012
-\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\201\201\000\107\215\203
-\255\142\362\333\260\236\105\042\005\271\242\326\003\016\070\162
-\347\236\374\173\346\223\266\232\245\242\224\310\064\035\221\321
-\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114
-\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055
-\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113
-\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113
-\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371
-\307\177\033\033\326\006\040\002\130\241\303\242\003
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127
-\360\066\233\106
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\223\302\216\021\173\324\363\003\031\275\050\165\023\112\105\112
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\156\323\316
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000
-\000\002\174\000\000\000\002\000\000\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060
-\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003
-\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125
-\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151
-\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147
-\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
-\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004
-\013\023\010\104\123\124\103\101\040\130\061\061\026\060\024\006
-\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101
-\040\130\061\061\041\060\037\006\011\052\206\110\206\367\015\001
-\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165
-\163\164\056\143\157\155\060\036\027\015\071\070\061\062\060\061
-\061\070\061\070\065\065\132\027\015\060\070\061\061\062\070\061
-\070\061\070\065\065\132\060\201\251\061\013\060\011\006\003\125
-\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023
-\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016
-\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154
-\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164
-\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104
-\123\124\103\101\040\130\061\061\026\060\024\006\003\125\004\003
-\023\015\104\123\124\040\122\157\157\164\103\101\040\130\061\061
-\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022
-\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143
-\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\322\306\046\266\347\245\075\301\304\150\325\120\157
-\123\305\157\111\023\011\270\257\054\110\215\024\152\243\027\137
-\132\371\323\056\165\057\330\050\142\321\223\057\374\115\324\253
-\207\345\010\307\231\347\222\077\165\275\353\045\264\025\301\233
-\031\075\322\104\215\327\164\040\155\067\002\217\151\223\133\212
-\304\031\235\364\262\016\374\026\154\271\261\005\222\203\321\205
-\054\140\224\076\105\125\240\331\253\010\041\346\140\350\073\164
-\362\231\120\121\150\320\003\055\261\200\276\243\330\122\260\104
-\315\103\112\160\216\130\205\225\341\116\054\326\055\101\157\326
-\204\347\310\230\104\312\107\333\054\044\245\151\046\317\153\270
-\047\142\303\364\311\172\222\043\355\023\147\202\256\105\056\105
-\345\176\162\077\205\235\224\142\020\346\074\221\241\255\167\000
-\340\025\354\363\204\200\162\172\216\156\140\227\307\044\131\020
-\064\203\133\341\245\244\151\266\127\065\034\170\131\306\323\057
-\072\163\147\356\224\312\004\023\005\142\006\160\043\263\364\174
-\356\105\331\144\013\133\111\252\244\103\316\046\304\104\022\154
-\270\335\171\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\242\067\262\077
-\151\373\327\206\171\124\111\061\225\063\053\363\321\011\024\111
-\142\140\206\245\260\021\342\120\302\035\006\127\076\055\350\063
-\144\276\233\252\255\137\033\115\324\231\225\242\213\232\311\142
-\162\265\151\352\331\130\253\065\355\025\242\103\326\266\274\007
-\171\145\144\163\175\327\171\312\173\325\132\121\306\341\123\004
-\226\215\070\317\243\027\254\071\161\153\001\303\213\123\074\143
-\351\356\171\300\344\276\222\062\144\172\263\037\227\224\142\275
-\352\262\040\025\225\373\227\362\170\057\143\066\100\070\343\106
-\017\035\335\254\225\312\347\113\220\173\261\113\251\324\305\353
-\232\332\252\325\243\224\024\106\215\055\037\363\072\326\223\072
-\366\076\171\374\350\346\260\165\355\356\075\311\160\307\135\252
-\201\113\106\045\034\307\154\025\343\225\116\017\252\062\067\224
-\012\027\044\222\023\204\130\322\143\157\053\367\346\133\142\013
-\023\027\260\015\122\114\376\376\157\134\342\221\156\035\375\244
-\142\327\150\372\216\172\117\322\010\332\223\334\360\222\021\172
-\320\334\162\223\014\163\223\142\205\150\320\364
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\267\057\377\222\322\316\103\336\012\215\114\124\214\120\067\046
-\250\036\053\223
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\154\311\247\156\107\361\014\343\123\073\170\114\115\302\152\305
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 4"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 4"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000
-\000\167\155\000\000\000\001\000\000\000\004\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060
-\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003
-\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125
-\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151
-\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147
-\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
-\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004
-\013\023\010\104\123\124\103\101\040\130\062\061\026\060\024\006
-\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101
-\040\130\062\061\041\060\037\006\011\052\206\110\206\367\015\001
-\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165
-\163\164\056\143\157\155\060\036\027\015\071\070\061\061\063\060
-\062\062\064\066\061\066\132\027\015\060\070\061\061\062\067\062
-\062\064\066\061\066\132\060\201\251\061\013\060\011\006\003\125
-\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023
-\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016
-\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154
-\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164
-\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104
-\123\124\103\101\040\130\062\061\026\060\024\006\003\125\004\003
-\023\015\104\123\124\040\122\157\157\164\103\101\040\130\062\061
-\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022
-\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143
-\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\334\165\360\214\300\165\226\232\300\142\037\046\367
-\304\341\232\352\340\126\163\133\231\315\001\104\250\010\266\325
-\247\332\032\004\030\071\222\112\170\243\201\302\365\167\172\120
-\264\160\377\232\253\306\307\312\156\203\117\102\230\373\046\013
-\332\334\155\326\251\231\125\122\147\351\050\003\222\334\345\260
-\005\232\017\025\371\153\131\162\126\362\372\071\374\252\150\356
-\017\037\020\203\057\374\235\372\027\226\335\202\343\346\105\175
-\300\113\200\104\037\355\054\340\204\375\221\134\222\124\151\045
-\345\142\151\334\345\356\000\122\275\063\013\255\165\002\205\247
-\144\120\055\305\031\031\060\300\046\333\311\323\375\056\231\255
-\131\265\013\115\324\101\256\205\110\103\131\334\267\250\342\242
-\336\303\217\327\270\241\142\246\150\120\122\344\317\061\247\224
-\205\332\237\106\062\027\126\345\362\353\146\075\022\377\103\333
-\230\357\167\317\313\201\215\064\261\306\120\112\046\321\344\076
-\101\120\257\154\256\042\064\056\325\153\156\203\272\171\270\166
-\145\110\332\011\051\144\143\042\271\373\107\166\205\214\206\104
-\313\011\333\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\265\066\016\135
-\341\141\050\132\021\145\300\077\203\003\171\115\276\050\246\013
-\007\002\122\205\315\370\221\320\020\154\265\152\040\133\034\220
-\331\060\074\306\110\236\212\136\144\371\241\161\167\357\004\047
-\037\007\353\344\046\367\163\164\311\104\030\032\146\323\340\103
-\257\221\073\321\313\054\330\164\124\072\034\115\312\324\150\315
-\043\174\035\020\236\105\351\366\000\156\246\315\031\377\117\054
-\051\217\127\115\304\167\222\276\340\114\011\373\135\104\206\146
-\041\250\271\062\242\126\325\351\214\203\174\131\077\304\361\013
-\347\235\354\236\275\234\030\016\076\302\071\171\050\267\003\015
-\010\313\306\347\331\001\067\120\020\354\314\141\026\100\324\257
-\061\164\173\374\077\061\247\320\107\163\063\071\033\314\116\152
-\327\111\203\021\006\376\353\202\130\063\062\114\360\126\254\036
-\234\057\126\232\173\301\112\034\245\375\125\066\316\374\226\115
-\364\260\360\354\267\154\202\355\057\061\231\102\114\251\262\015
-\270\025\135\361\337\272\311\265\112\324\144\230\263\046\251\060
-\310\375\246\354\253\226\041\255\177\302\170\266
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 4"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 4"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\353\063\173\150\114\353\016\302\260\166\012\264\210\047\214
-\335\225\227\335
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\073\075\142\133\011\270\011\066\207\236\022\057\161\144\272
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252
-\125
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\075\060\202\001\246\002\021\000\315\272\177\126\360
-\337\344\274\124\376\042\254\263\162\252\125\060\015\006\011\052
-\206\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071
-\066\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070
-\060\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154
-\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151
-\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201
-\215\000\060\201\211\002\201\201\000\345\031\277\155\243\126\141
-\055\231\110\161\366\147\336\271\215\353\267\236\206\200\012\221
-\016\372\070\045\257\106\210\202\345\163\250\240\233\044\135\015
-\037\314\145\156\014\260\320\126\204\030\207\232\006\233\020\241
-\163\337\264\130\071\153\156\301\366\025\325\250\250\077\252\022
-\006\215\061\254\177\260\064\327\217\064\147\210\011\315\024\021
-\342\116\105\126\151\037\170\002\200\332\334\107\221\051\273\066
-\311\143\134\305\340\327\055\207\173\241\267\062\260\173\060\272
-\052\057\061\252\356\243\147\332\333\002\003\001\000\001\060\015
-\006\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201
-\000\114\077\270\213\306\150\337\356\103\063\016\135\351\246\313
-\007\204\115\172\063\377\222\033\364\066\255\330\225\042\066\150
-\021\154\174\102\314\363\234\056\304\007\077\024\260\017\117\377
-\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051
-\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171
-\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100
-\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173
-\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161
-\224
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204
-\167\257\125\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\227\140\350\127\137\323\120\107\345\103\014\224\066\212\260\142
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252
-\125
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\074\060\202\001\245\002\020\055\033\374\112\027\215
-\243\221\353\347\377\365\213\105\276\013\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
-\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
-\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163
-\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155\141
-\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066
-\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060
-\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\266\132\213\243\015\152\043\203
-\200\153\317\071\207\364\041\023\063\006\114\045\242\355\125\022
-\227\305\247\200\271\372\203\301\040\240\372\057\025\015\174\241
-\140\153\176\171\054\372\006\017\072\256\366\033\157\261\322\377
-\057\050\122\137\203\175\113\304\172\267\370\146\037\200\124\374
-\267\302\216\131\112\024\127\106\321\232\223\276\101\221\003\273
-\025\200\223\134\353\347\314\010\154\077\076\263\112\374\377\113
-\154\043\325\120\202\046\104\031\216\043\303\161\352\031\044\107
-\004\236\165\277\310\246\000\037\002\003\001\000\001\060\015\006
-\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000
-\212\033\053\372\071\301\164\327\136\330\031\144\242\130\112\055
-\067\340\063\107\017\254\355\367\252\333\036\344\213\006\134\140
-\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063
-\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005
-\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134
-\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213
-\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003
-\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012
-\117\140\024\052
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\263\234\045\261\303\056\062\123\200\025\060\235\115\002\167\076
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\074\060\202\001\245\002\020\160\272\344\035\020\331
-\051\064\266\070\312\173\003\314\272\277\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
-\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
-\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163
-\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155\141
-\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066
-\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060
-\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\311\134\131\236\362\033\212\001
-\024\264\020\337\004\100\333\343\127\257\152\105\100\217\204\014
-\013\321\063\331\331\021\317\356\002\130\037\045\367\052\250\104
-\005\252\354\003\037\170\177\236\223\271\232\000\252\043\175\326
-\254\205\242\143\105\307\162\047\314\364\114\306\165\161\322\071
-\357\117\102\360\165\337\012\220\306\216\040\157\230\017\370\254
-\043\137\160\051\066\244\311\206\347\261\232\040\313\123\245\205
-\347\075\276\175\232\376\044\105\063\334\166\025\355\017\242\161
-\144\114\145\056\201\150\105\247\002\003\001\000\001\060\015\006
-\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000
-\273\114\022\053\317\054\046\000\117\024\023\335\246\373\374\012
-\021\204\214\363\050\034\147\222\057\174\266\305\372\337\360\350
-\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116
-\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320
-\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234
-\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075
-\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237
-\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305
-\076\141\164\342
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\020\374\143\135\366\046\076\015\363\045\276\137\171\315\147\147
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\114\307\352\252\230\076
-\161\323\223\020\370\075\072\211\221\222\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\252\320
-\272\276\026\055\270\203\324\312\322\017\274\166\061\312\224\330
-\035\223\214\126\002\274\331\157\032\157\122\066\156\165\126\012
-\125\323\337\103\207\041\021\145\212\176\217\275\041\336\153\062
-\077\033\204\064\225\005\235\101\065\353\222\353\226\335\252\131
-\077\001\123\155\231\117\355\345\342\052\132\220\301\271\304\246
-\025\317\310\105\353\246\135\216\234\076\360\144\044\166\245\315
-\253\032\157\266\330\173\121\141\156\246\177\207\310\342\267\345
-\064\334\101\210\352\011\100\276\163\222\075\153\347\165\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\251\117\303\015\307\147\276\054\313\331
-\250\315\055\165\347\176\025\236\073\162\353\176\353\134\055\011
-\207\326\153\155\140\174\345\256\305\220\043\014\134\112\320\257
-\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166
-\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245
-\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352
-\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152
-\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274
-\017\061\134\350\362\331
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142
-\365\062\345\107
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\333\043\075\371\151\372\113\271\225\200\104\163\136\175\101\203
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212
-\257
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\003\060\202\002\154\002\021\000\271\057\140\314\210
-\237\241\172\106\011\270\133\160\154\212\257\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154
-\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151
-\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
-\062\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060
-\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156
-\040\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036
-\027\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027
-\015\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201
-\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013
-\023\063\103\154\141\163\163\040\062\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061
-\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
-\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
-\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
-\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\247
-\210\001\041\164\054\347\032\003\360\230\341\227\074\017\041\010
-\361\234\333\227\351\232\374\302\004\006\023\276\137\122\310\314
-\036\054\022\126\054\270\001\151\054\314\231\037\255\260\226\256
-\171\004\362\023\071\301\173\230\272\010\054\350\302\204\023\054
-\252\151\351\011\364\307\251\002\244\102\302\043\117\112\330\360
-\016\242\373\061\154\311\346\157\231\047\007\365\346\364\114\170
-\236\155\353\106\206\372\271\206\311\124\362\262\304\257\324\106
-\034\132\311\025\060\377\015\154\365\055\016\155\316\177\167\002
-\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\201\201\000\162\056\371\177\321\361\161\373\304
-\236\366\305\136\121\212\100\230\270\150\370\233\034\203\330\342
-\235\275\377\355\241\346\146\352\057\011\364\312\327\352\245\053
-\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170
-\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027
-\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163
-\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263
-\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047
-\214\022\173\305\104\264\256
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010
-\033\147\354\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\055\273\345\045\323\321\145\202\072\267\016\372\346\353\342\341
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212
-\257
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\175\331\376\007\317\250
-\036\267\020\171\147\373\247\211\064\306\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\314\136
-\321\021\135\134\151\320\253\323\271\152\114\231\037\131\230\060
-\216\026\205\040\106\155\107\077\324\205\040\204\341\155\263\370
-\244\355\014\361\027\017\073\371\247\371\045\327\301\317\204\143
-\362\174\143\317\242\107\362\306\133\063\216\144\100\004\150\301
-\200\271\144\034\105\167\307\330\156\365\225\051\074\120\350\064
-\327\170\037\250\272\155\103\221\225\217\105\127\136\176\305\373
-\312\244\004\353\352\227\067\124\060\157\273\001\107\062\063\315
-\334\127\233\144\151\141\370\233\035\034\211\117\134\147\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\121\115\315\276\134\313\230\031\234\025
-\262\001\071\170\056\115\017\147\160\160\231\306\020\132\224\244
-\123\115\124\155\053\257\015\135\100\213\144\323\327\356\336\126
-\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011
-\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342
-\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151
-\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263
-\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130
-\240\235\235\151\221\375
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011
-\350\370\167\017
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\063\233\114\164\170\163\324\154\347\301\363\215\313\134\351
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 4 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\062\210\216\232\322\365
-\353\023\107\370\177\304\040\067\045\370\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\064\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\272\360
-\344\317\371\304\256\205\124\271\007\127\371\217\305\177\150\021
-\370\304\027\260\104\334\343\060\163\325\052\142\052\270\320\314
-\034\355\050\133\176\275\152\334\263\221\044\312\101\142\074\374
-\002\001\277\034\026\061\224\005\227\166\156\242\255\275\141\027
-\154\116\060\206\360\121\067\052\120\307\250\142\201\334\133\112
-\252\301\240\264\156\353\057\345\127\305\261\053\100\160\333\132
-\115\241\216\037\275\003\037\330\003\324\217\114\231\161\274\342
-\202\314\130\350\230\072\206\323\206\070\363\000\051\037\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\205\214\022\301\247\271\120\025\172\313
-\076\254\270\103\212\334\252\335\024\272\211\201\176\001\074\043
-\161\041\210\057\202\334\143\372\002\105\254\105\131\327\052\130
-\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217
-\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062
-\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351
-\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131
-\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117
-\117\312\200\221\266\051
-END
-
-# Trust for Certificate "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374
-\172\275\233\122
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\046\155\054\031\230\266\160\150\070\120\124\031\354\220\064\140
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GlobalSign Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\267\224\005
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\267\224\005\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060
-\060\060\132\027\015\061\064\060\061\062\070\061\062\060\060\060
-\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016
-\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033
-\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123
-\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231
-\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037
-\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034
-\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351
-\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215
-\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351
-\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351
-\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052
-\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365
-\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106
-\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351
-\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274
-\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011
-\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171
-\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052
-\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174
-\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000
-\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\000\006\060\035\006\003\125\035\016\004\026\004\024
-\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064\250
-\377\374\375\113\060\017\006\003\125\035\023\001\001\377\004\005
-\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001
-\001\004\005\000\003\202\001\001\000\256\252\237\374\267\322\313
-\037\137\071\051\050\030\236\064\311\154\117\157\032\360\144\242
-\160\112\117\023\206\233\140\050\236\350\201\111\230\175\012\273
-\345\260\235\075\066\333\217\005\121\377\011\061\052\037\335\211
-\167\236\017\056\154\225\004\355\206\313\264\000\077\204\002\115
-\200\152\052\055\170\013\256\157\053\242\203\104\203\037\315\120
-\202\114\044\257\275\367\245\264\310\132\017\364\347\107\136\111
-\216\067\226\376\232\210\005\072\331\300\333\051\207\346\031\226
-\107\247\072\246\214\213\074\167\376\106\143\247\123\332\041\321
-\254\176\111\242\113\346\303\147\131\057\263\212\016\273\054\275
-\251\252\102\174\065\301\330\177\325\247\061\072\116\143\103\071
-\257\010\260\141\064\214\323\230\251\103\064\366\017\207\051\073
-\235\302\126\130\230\167\303\367\033\254\366\235\370\076\252\247
-\124\105\360\365\371\325\061\145\376\153\130\234\161\263\036\327
-\122\352\062\027\374\100\140\035\311\171\044\262\366\154\375\250
-\146\016\202\335\230\313\332\302\104\117\056\240\173\362\367\153
-\054\166\021\204\106\212\170\243\343
-END
-
-# Trust for Certificate "GlobalSign Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\057\027\077\175\351\226\147\257\245\172\370\012\242\321\261\057
-\254\203\003\070
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\253\277\352\343\153\051\246\314\246\170\065\231\357\255\053\200
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\267\224\005
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert Class 1 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 1 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\061\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\065\062\062\062\063\064\070\132\027\015\061\071\060\066\062
-\065\062\062\062\063\064\070\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\061\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\330\131\202\172\211\270\226\272\246\057\150\157\130
-\056\247\124\034\006\156\364\352\215\110\274\061\224\027\360\363
-\116\274\262\270\065\222\166\260\320\245\245\001\327\000\003\022
-\042\031\010\370\377\021\043\233\316\007\365\277\151\032\046\376
-\116\351\321\177\235\054\100\035\131\150\156\246\370\130\260\235
-\032\217\323\077\361\334\031\006\201\250\016\340\072\335\310\123
-\105\011\006\346\017\160\303\372\100\246\016\342\126\005\017\030
-\115\374\040\202\321\163\125\164\215\166\162\240\035\235\035\300
-\335\077\161\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\120\150\075\111\364
-\054\034\006\224\337\225\140\177\226\173\027\376\117\161\255\144
-\310\335\167\322\357\131\125\350\077\350\216\005\052\041\362\007
-\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326
-\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152
-\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105
-\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360
-\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355
-\161\202\053\231\317\072\267\365\055\162\310
-END
-
-# Trust for Certificate "ValiCert Class 1 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 1 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201
-\020\237\344\216
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\145\130\253\025\255\127\154\036\250\247\265\151\254\277\377\353
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert Class 2 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 2 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\062\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\066\060\060\061\071\065\064\132\027\015\061\071\060\066\062
-\066\060\060\061\071\065\064\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\062\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\316\072\161\312\345\253\310\131\222\125\327\253\330
-\164\016\371\356\331\366\125\107\131\145\107\016\005\125\334\353
-\230\066\074\134\123\135\323\060\317\070\354\275\101\211\355\045
-\102\011\044\153\012\136\263\174\335\122\055\114\346\324\326\175
-\132\131\251\145\324\111\023\055\044\115\034\120\157\265\301\205
-\124\073\376\161\344\323\134\102\371\200\340\221\032\012\133\071
-\066\147\363\077\125\174\033\077\264\137\144\163\064\343\264\022
-\277\207\144\370\332\022\377\067\047\301\263\103\273\357\173\156
-\056\151\367\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\073\177\120\157\157
-\120\224\231\111\142\070\070\037\113\370\245\310\076\247\202\201
-\366\053\307\350\305\316\350\072\020\202\313\030\000\216\115\275
-\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356
-\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120
-\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041
-\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002
-\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370
-\276\355\164\114\274\133\325\142\037\103\335
-END
-
-# Trust for Certificate "ValiCert Class 2 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 2 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267
-\330\361\374\246
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\251\043\165\233\272\111\066\156\061\302\333\362\347\146\272\207
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "RSA Root Certificate 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Root Certificate 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\063\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\066\060\060\062\062\063\063\132\027\015\061\071\060\066\062
-\066\060\060\062\062\063\063\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\063\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\343\230\121\226\034\350\325\261\006\201\152\127\303
-\162\165\223\253\317\236\246\374\363\026\122\326\055\115\237\065
-\104\250\056\004\115\007\111\212\070\051\365\167\067\347\267\253
-\135\337\066\161\024\231\217\334\302\222\361\347\140\222\227\354
-\330\110\334\277\301\002\040\306\044\244\050\114\060\132\166\155
-\261\134\363\335\336\236\020\161\241\210\307\133\233\101\155\312
-\260\270\216\025\356\255\063\053\317\107\004\134\165\161\012\230
-\044\230\051\247\111\131\245\335\370\267\103\142\141\363\323\342
-\320\125\077\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\126\273\002\130\204
-\147\010\054\337\037\333\173\111\063\365\323\147\235\364\264\012
-\020\263\311\305\054\342\222\152\161\170\047\362\160\203\102\323
-\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311
-\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250
-\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274
-\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300
-\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010
-\040\017\105\176\153\242\177\243\214\025\356
-END
-
-# Trust for Certificate "RSA Root Certificate 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Root Certificate 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363
-\354\252\065\373
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\157\123\267\356\100\333\112\150\347\372\030\331\020\113\162
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261
-\244
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204
-\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170
-\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046
-\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033
-\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016
-\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155
-\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116
-\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325
-\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312
-\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114
-\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333
-\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240
-\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170
-\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366
-\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264
-\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301
-\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153
-\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146
-\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132
-\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052
-\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262
-\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370
-\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201
-\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151
-\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367
-\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066
-\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361
-\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354
-\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216
-\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042
-\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170
-\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043
-\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243
-\113\336\006\226\161\054\362\333\266\037\244\357\077\356
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321
-\351\216\106\245
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261
-\244
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137
-\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162
-\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167
-\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143
-\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054
-\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150
-\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061
-\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151
-\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061
-\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062
-\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023
-\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061
-\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151
-\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103
-\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040
-\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120
-\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055
-\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367
-\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
-\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224
-\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364
-\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301
-\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316
-\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213
-\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040
-\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030
-\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040
-\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262
-\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150
-\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304
-\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366
-\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315
-\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106
-\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131
-\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304
-\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025
-\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336
-\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214
-\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363
-\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256
-\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337
-\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156
-\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224
-\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373
-\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276
-\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110
-\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153
-\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045
-\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317
-\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263
-\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125
-\311\130\020\371\252\357\132\266\317\113\113\337\052
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257
-\237\353\143\021
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357
-\127
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243
-\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033
-\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221
-\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166
-\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255
-\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130
-\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316
-\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256
-\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127
-\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211
-\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146
-\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302
-\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114
-\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311
-\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063
-\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123
-\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256
-\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024
-\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336
-\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177
-\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053
-\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036
-\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107
-\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317
-\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202
-\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112
-\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217
-\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151
-\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246
-\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156
-\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255
-\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126
-\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255
-\153\271\012\172\116\117\113\204\356\113\361\175\335\021
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166
-\140\233\134\306
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357
-\127
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 4 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136
-\327
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\354\240\247\213\156
-\165\152\001\317\304\174\314\057\224\136\327\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\255\313\245\021\151\306\131\253\361\217\265
-\031\017\126\316\314\265\037\040\344\236\046\045\113\340\163\145
-\211\131\336\320\203\344\365\017\265\273\255\361\174\350\041\374
-\344\350\014\356\174\105\042\031\166\222\264\023\267\040\133\011
-\372\141\256\250\362\245\215\205\302\052\326\336\146\066\322\233
-\002\364\250\222\140\174\234\151\264\217\044\036\320\206\122\366
-\062\234\101\130\036\042\275\315\105\142\225\010\156\320\146\335
-\123\242\314\360\020\334\124\163\213\004\241\106\063\063\134\027
-\100\271\236\115\323\363\276\125\203\350\261\211\216\132\174\232
-\226\042\220\073\210\045\362\322\123\210\002\014\013\170\362\346
-\067\027\113\060\106\007\344\200\155\246\330\226\056\350\054\370
-\021\263\070\015\146\246\233\352\311\043\133\333\216\342\363\023
-\216\032\131\055\252\002\360\354\244\207\146\334\301\077\365\330
-\271\364\354\202\306\322\075\225\035\345\300\117\204\311\331\243
-\104\050\006\152\327\105\254\360\153\152\357\116\137\370\021\202
-\036\070\143\064\146\120\324\076\223\163\372\060\303\146\255\377
-\223\055\227\357\003\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\217\372
-\045\153\117\133\344\244\116\047\125\253\042\025\131\074\312\265
-\012\324\112\333\253\335\241\137\123\305\240\127\071\302\316\107
-\053\276\072\310\126\277\302\331\047\020\072\261\005\074\300\167
-\061\273\072\323\005\173\155\232\034\060\214\200\313\223\223\052
-\203\253\005\121\202\002\000\021\147\153\363\210\141\107\137\003
-\223\325\133\015\340\361\324\241\062\065\205\262\072\333\260\202
-\253\321\313\012\274\117\214\133\305\113\000\073\037\052\202\246
-\176\066\205\334\176\074\147\000\265\344\073\122\340\250\353\135
-\025\371\306\155\360\255\035\016\205\267\251\232\163\024\132\133
-\217\101\050\300\325\350\055\115\244\136\315\252\331\355\316\334
-\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205
-\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136
-\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177
-\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304
-\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347
-\367\146\103\363\236\203\076\040\252\303\065\140\221\316
-END
-
-# Trust for Certificate "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363
-\024\225\163\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\333\310\362\047\056\261\352\152\051\043\135\376\126\076\063\337
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136
-\327
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\112\322\103
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\330\060\202\004\101\240\003\002\001\002\002\004\067
-\112\322\103\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\201\303\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\073\060\071\006\003\125\004
-\013\023\062\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\120\123\040\151\156\143\157\162\160\056\040\142
-\171\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154
-\151\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034
-\050\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164
-\056\156\145\164\040\114\151\155\151\164\145\144\061\072\060\070
-\006\003\125\004\003\023\061\105\156\164\162\165\163\164\056\156
-\145\164\040\123\145\143\165\162\145\040\123\145\162\166\145\162
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\060\036\027\015\071\071\060\065
-\062\065\061\066\060\071\064\060\132\027\015\061\071\060\065\062
-\065\061\066\063\071\064\060\132\060\201\303\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004
-\012\023\013\105\156\164\162\165\163\164\056\156\145\164\061\073
-\060\071\006\003\125\004\013\023\062\167\167\167\056\145\156\164
-\162\165\163\164\056\156\145\164\057\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164
-\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040
-\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\201
-\235\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\201\213\000\060\201\207\002\201\201\000\315\050\203\064\124
-\033\211\363\017\257\067\221\061\377\257\061\140\311\250\350\262
-\020\150\355\237\347\223\066\361\012\144\273\107\365\004\027\077
-\043\107\115\305\047\031\201\046\014\124\162\015\210\055\331\037
-\232\022\237\274\263\161\323\200\031\077\107\146\173\214\065\050
-\322\271\012\337\044\332\234\326\120\171\201\172\132\323\067\367
-\302\112\330\051\222\046\144\321\344\230\154\072\000\212\365\064
-\233\145\370\355\343\020\377\375\270\111\130\334\240\336\202\071
-\153\201\261\026\031\141\271\124\266\346\103\002\001\003\243\202
-\001\327\060\202\001\323\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\202\001\031\006\003\125
-\035\037\004\202\001\020\060\202\001\014\060\201\336\240\201\333
-\240\201\330\244\201\325\060\201\322\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\024\060\022\006\003\125\004\012\023
-\013\105\156\164\162\165\163\164\056\156\145\164\061\073\060\071
-\006\003\125\004\013\023\062\167\167\167\056\145\156\164\162\165
-\163\164\056\156\145\164\057\103\120\123\040\151\156\143\157\162
-\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151
-\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125
-\004\013\023\034\050\143\051\040\061\071\071\071\040\105\156\164
-\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144
-\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165
-\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145
-\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\061\015\060\013
-\006\003\125\004\003\023\004\103\122\114\061\060\051\240\047\240
-\045\206\043\150\164\164\160\072\057\057\167\167\167\056\145\156
-\164\162\165\163\164\056\156\145\164\057\103\122\114\057\156\145
-\164\061\056\143\162\154\060\053\006\003\125\035\020\004\044\060
-\042\200\017\061\071\071\071\060\065\062\065\061\066\060\071\064
-\060\132\201\017\062\060\061\071\060\065\062\065\061\066\060\071
-\064\060\132\060\013\006\003\125\035\017\004\004\003\002\001\006
-\060\037\006\003\125\035\043\004\030\060\026\200\024\360\027\142
-\023\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320
-\032\060\035\006\003\125\035\016\004\026\004\024\360\027\142\023
-\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320\032
-\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\031
-\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012\033
-\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\220\334\060\002
-\372\144\164\302\247\012\245\174\041\215\064\027\250\373\107\016
-\377\045\174\215\023\012\373\344\230\265\357\214\370\305\020\015
-\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145
-\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030
-\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035
-\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255
-\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076
-\155\055\105\013\367\012\223\352\355\006\371\262
-END
-
-# Trust for Certificate "Entrust.net Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374
-\061\176\025\071
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\337\362\200\163\314\361\346\141\163\374\365\102\351\305\174\356
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\112\322\103
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Secure Personal CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Personal CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\003\221\356
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\355\060\202\004\126\240\003\002\001\002\002\004\070
-\003\221\356\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\311\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004
-\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146
-\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141
-\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
-\027\015\071\071\061\060\061\062\061\071\062\064\063\060\132\027
-\015\061\071\061\060\061\062\061\071\065\064\063\060\132\060\201
-\311\061\013\060\011\006\003\125\004\006\023\002\125\123\061\024
-\060\022\006\003\125\004\012\023\013\105\156\164\162\165\163\164
-\056\156\145\164\061\110\060\106\006\003\125\004\013\024\077\167
-\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\103
-\154\151\145\156\164\137\103\101\137\111\156\146\157\057\103\120
-\123\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146
-\056\040\154\151\155\151\164\163\040\154\151\141\142\056\061\045
-\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071
-\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151
-\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052
-\105\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145
-\156\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\201\235\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\201\213\000
-\060\201\207\002\201\201\000\310\072\231\136\061\027\337\254\047
-\157\220\173\344\031\377\105\243\064\302\333\301\250\117\360\150
-\352\204\375\237\165\171\317\301\212\121\224\257\307\127\003\107
-\144\236\255\202\033\132\332\177\067\170\107\273\067\230\022\226
-\316\306\023\175\357\322\014\060\121\251\071\236\125\370\373\261
-\347\060\336\203\262\272\076\361\325\211\073\073\205\272\252\164
-\054\376\077\061\156\257\221\225\156\006\324\007\115\113\054\126
-\107\030\004\122\332\016\020\223\277\143\220\233\341\337\214\346
-\002\244\346\117\136\367\213\002\001\003\243\202\001\340\060\202
-\001\334\060\021\006\011\140\206\110\001\206\370\102\001\001\004
-\004\003\002\000\007\060\202\001\042\006\003\125\035\037\004\202
-\001\031\060\202\001\025\060\201\344\240\201\341\240\201\336\244
-\201\333\060\201\330\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004
-\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146
-\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141
-\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015
-\060\013\006\003\125\004\003\023\004\103\122\114\061\060\054\240
-\052\240\050\206\046\150\164\164\160\072\057\057\167\167\167\056
-\145\156\164\162\165\163\164\056\156\145\164\057\103\122\114\057
-\103\154\151\145\156\164\061\056\143\162\154\060\053\006\003\125
-\035\020\004\044\060\042\200\017\061\071\071\071\061\060\061\062
-\061\071\062\064\063\060\132\201\017\062\060\061\071\061\060\061
-\062\061\071\062\064\063\060\132\060\013\006\003\125\035\017\004
-\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026
-\200\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312
-\231\164\213\225\352\114\060\035\006\003\125\035\016\004\026\004
-\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312\231
-\164\213\225\352\114\060\014\006\003\125\035\023\004\005\060\003
-\001\001\377\060\031\006\011\052\206\110\206\366\175\007\101\000
-\004\014\060\012\033\004\126\064\056\060\003\002\004\220\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201
-\000\077\256\212\361\327\146\003\005\236\076\372\352\034\106\273
-\244\133\217\170\232\022\110\231\371\364\065\336\014\066\007\002
-\153\020\072\211\024\201\234\061\246\174\262\101\262\152\347\007
-\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363
-\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070
-\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003
-\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332
-\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134
-\354
-END
-
-# Trust for Certificate "Entrust.net Secure Personal CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Personal CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125
-\262\371\365\200
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\014\101\057\023\133\240\124\365\226\146\055\176\315\016\003\364
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\003\221\356
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Premium 2048 Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\143\271\146
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\134\060\202\003\104\240\003\002\001\002\002\004\070
-\143\271\146\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
-\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
-\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061
-\062\062\064\061\067\065\060\065\061\132\027\015\061\071\061\062
-\062\064\061\070\062\060\065\061\132\060\201\264\061\024\060\022
-\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
-\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
-\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123
-\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
-\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
-\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056
-\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
-\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051
-\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
-\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052
-\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100
-\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223
-\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036
-\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245
-\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167
-\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227
-\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211
-\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140
-\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123
-\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316
-\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337
-\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077
-\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220
-\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016
-\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007
-\341\002\003\001\000\001\243\164\060\162\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\037\006
-\003\125\035\043\004\030\060\026\200\024\125\344\201\321\021\200
-\276\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035
-\006\003\125\035\016\004\026\004\024\125\344\201\321\021\200\276
-\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035\006
-\011\052\206\110\206\366\175\007\101\000\004\020\060\016\033\010
-\126\065\056\060\072\064\056\060\003\002\004\220\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
-\131\107\254\041\204\212\027\311\234\211\123\036\272\200\205\032
-\306\074\116\076\261\234\266\174\306\222\135\030\144\002\343\323
-\006\010\021\141\174\143\343\053\235\061\003\160\166\322\243\050
-\240\364\273\232\143\163\355\155\345\052\333\355\024\251\053\306
-\066\021\320\053\353\007\213\245\332\236\134\031\235\126\022\365
-\124\051\310\005\355\262\022\052\215\364\003\033\377\347\222\020
-\207\260\072\265\303\235\005\067\022\243\307\364\025\271\325\244
-\071\026\233\123\072\043\221\361\250\202\242\152\210\150\301\171
-\002\042\274\252\246\326\256\337\260\024\137\270\207\320\335\174
-\177\173\377\257\034\317\346\333\007\255\136\333\205\235\320\053
-\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211
-\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315
-\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074
-\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331
-\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162
-\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305
-END
-
-# Trust for Certificate "Entrust.net Premium 2048 Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104
-\074\052\130\376
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\272\041\352\040\326\335\333\217\301\127\213\100\255\241\374\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\143\271\146
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154
-\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156
-\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004
-\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143
-\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163
-\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061
-\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057
-\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145
-\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011
-\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164
-\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061
-\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065
-\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007
-\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144
-\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060
-\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164
-\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023
-\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
-\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150
-\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145
-\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110
-\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154
-\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327
-\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361
-\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265
-\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146
-\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221
-\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142
-\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163
-\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117
-\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060
-\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000
-\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001
-\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002
-\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051
-\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031
-\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154
-\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270
-\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334
-\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242
-\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032
-\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332
-\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171
-\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041
-\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146
-\246\167\067\270\125\074\255\376\145\260\142\351
-END
-
-# Trust for Certificate "ValiCert OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151
-\017\027\077\163
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Baltimore CyberTrust Code Signing Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\277
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002
-\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003
-\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123
-\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060
-\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065
-\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060
-\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003
-\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023
-\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162
-\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141
-\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165
-\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040
-\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374
-\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046
-\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373
-\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066
-\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264
-\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073
-\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207
-\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327
-\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221
-\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003
-\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106
-\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132
-\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073
-\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222
-\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305
-\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237
-\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023
-\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005
-\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101
-\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207
-\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006
-\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042
-\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126
-\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375
-\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303
-\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215
-\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225
-\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107
-\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104
-\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124
-\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276
-\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341
-\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046
-\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363
-\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301
-\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341
-\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017
-\306\003\256\254\343\277\267\300\252\052
-END
-
-# Trust for Certificate "Baltimore CyberTrust Code Signing Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174
-\140\126\173\015
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Baltimore CyberTrust Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\271
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002
-\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003
-\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036
-\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027
-\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060
-\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162
-\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145
-\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023
-\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162
-\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253
-\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200
-\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005
-\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353
-\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271
-\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055
-\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212
-\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033
-\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172
-\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256
-\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230
-\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353
-\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162
-\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077
-\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072
-\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236
-\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001
-\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345
-\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265
-\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060
-\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001
-\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367
-\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344
-\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144
-\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166
-\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141
-\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215
-\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061
-\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377
-\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300
-\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364
-\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174
-\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275
-\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163
-\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021
-\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017
-\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322
-\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374
-\347\201\035\031\303\044\102\352\143\071\251
-END
-
-# Trust for Certificate "Baltimore CyberTrust Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050
-\122\312\344\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\271
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Baltimore CyberTrust Mobile Commerce Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\270
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002
-\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003
-\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145
-\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061
-\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063
-\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006
-\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102
-\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004
-\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060
-\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162
-\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142
-\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201
-\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336
-\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324
-\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040
-\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214
-\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322
-\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055
-\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342
-\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016
-\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035
-\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132
-\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
-\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
-\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343
-\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344
-\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117
-\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144
-\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022
-\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135
-\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342
-\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146
-\365
-END
-
-# Trust for Certificate "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377
-\151\267\072\161
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\270
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Equifax Secure Global eBusiness CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure Global eBusiness CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\220\060\202\001\371\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053
-\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123
-\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165
-\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\071
-\071\060\066\062\061\060\064\060\060\060\060\132\027\015\062\060
-\060\066\062\061\060\064\060\060\060\060\132\060\132\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\034\060\032\006\003
-\125\004\012\023\023\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\111\156\143\056\061\055\060\053\006\003\125\004
-\003\023\044\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\107\154\157\142\141\154\040\145\102\165\163\151\156\145
-\163\163\040\103\101\055\061\060\201\237\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211
-\002\201\201\000\272\347\027\220\002\145\261\064\125\074\111\302
-\121\325\337\247\321\067\217\321\347\201\163\101\122\140\233\235
-\241\027\046\170\255\307\261\350\046\224\062\265\336\063\215\072
-\057\333\362\232\172\132\163\230\243\134\351\373\212\163\033\134
-\347\303\277\200\154\315\251\364\326\053\300\367\371\231\252\143
-\242\261\107\002\017\324\344\121\072\022\074\154\212\132\124\204
-\160\333\301\305\220\317\162\105\313\250\131\300\315\063\235\077
-\243\226\353\205\063\041\034\076\036\076\140\156\166\234\147\205
-\305\310\303\141\002\003\001\000\001\243\146\060\144\060\021\006
-\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250
-\240\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153
-\150\154\060\035\006\003\125\035\016\004\026\004\024\276\250\240
-\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150
-\154\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000
-\003\201\201\000\060\342\001\121\252\307\352\137\332\271\320\145
-\017\060\326\076\332\015\024\111\156\221\223\047\024\061\357\304
-\367\055\105\370\354\307\277\242\101\015\043\264\222\371\031\000
-\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320
-\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145
-\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257
-\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263
-\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031
-\126\224\251\125
-END
-
-# Trust for Certificate "Equifax Secure Global eBusiness CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure Global eBusiness CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312
-\331\012\031\105
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\217\135\167\006\047\304\230\074\133\223\170\347\327\175\233\314
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure eBusiness CA 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\202\060\202\001\353\240\003\002\001\002\002\001\004
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060\044
-\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040\123
-\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163\040
-\103\101\055\061\060\036\027\015\071\071\060\066\062\061\060\064
-\060\060\060\060\132\027\015\062\060\060\066\062\061\060\064\060
-\060\060\060\132\060\123\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\034\060\032\006\003\125\004\012\023\023\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\111\156\143
-\056\061\046\060\044\006\003\125\004\003\023\035\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\145\102\165\163\151
-\156\145\163\163\040\103\101\055\061\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\316\057\031\274\027\267\167\336\223\251
-\137\132\015\027\117\064\032\014\230\364\042\331\131\324\304\150
-\106\360\264\065\305\205\003\040\306\257\105\245\041\121\105\101
-\353\026\130\066\062\157\342\120\142\144\371\375\121\234\252\044
-\331\364\235\203\052\207\012\041\323\022\070\064\154\215\000\156
-\132\240\331\102\356\032\041\225\371\122\114\125\132\305\017\070
-\117\106\372\155\370\056\065\326\035\174\353\342\360\260\165\200
-\310\251\023\254\276\210\357\072\156\253\137\052\070\142\002\260
-\022\173\376\217\246\003\002\003\001\000\001\243\146\060\144\060
-\021\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002
-\000\007\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\037\006\003\125\035\043\004\030\060\026\200\024
-\112\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152
-\107\174\114\241\060\035\006\003\125\035\016\004\026\004\024\112
-\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152\107
-\174\114\241\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\003\201\201\000\165\133\250\233\003\021\346\351\126\114
-\315\371\251\114\300\015\232\363\314\145\151\346\045\166\314\131
-\267\326\124\303\035\315\231\254\031\335\264\205\325\340\075\374
-\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176
-\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274
-\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174
-\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215
-\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315
-\132\052\202\262\067\171
-END
-
-# Trust for Certificate "Equifax Secure eBusiness CA 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365
-\267\321\212\101
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\144\234\357\056\104\374\306\217\122\007\320\121\163\217\313\075
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure eBusiness CA 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\160\317\265
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\067
-\160\317\265\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003
-\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101
-\055\062\060\036\027\015\071\071\060\066\062\063\061\062\061\064
-\064\065\132\027\015\061\071\060\066\062\063\061\062\061\064\064
-\065\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003
-\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101
-\055\062\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\344
-\071\071\223\036\122\006\033\050\066\370\262\243\051\305\355\216
-\262\021\275\376\353\347\264\164\302\217\377\005\347\331\235\006
-\277\022\310\077\016\362\326\321\044\262\021\336\321\163\011\212
-\324\261\054\230\011\015\036\120\106\262\203\246\105\215\142\150
-\273\205\033\040\160\062\252\100\315\246\226\137\304\161\067\077
-\004\363\267\101\044\071\007\032\036\056\141\130\240\022\013\345
-\245\337\305\253\352\067\161\314\034\310\067\072\271\227\122\247
-\254\305\152\044\224\116\234\173\317\300\152\326\337\041\275\002
-\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003
-\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060
-\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004\013
-\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162\145
-\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062\061
-\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032
-\006\003\125\035\020\004\023\060\021\201\017\062\060\061\071\060
-\066\062\063\061\062\061\064\064\065\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\120\236\013\352\257\136\271\040\110\246\120\152
-\313\375\330\040\172\247\202\166\060\035\006\003\125\035\016\004
-\026\004\024\120\236\013\352\257\136\271\040\110\246\120\152\313
-\375\330\040\172\247\202\166\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007
-\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006
-\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\201\201\000\014\206\202\255\350\116\032\365\216\211\047\342
-\065\130\075\051\264\007\217\066\120\225\277\156\301\236\353\304
-\220\262\205\250\273\267\102\340\017\007\071\337\373\236\220\262
-\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347
-\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050
-\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365
-\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240
-\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341
-\221\060\352\315
-END
-
-# Trust for Certificate "Equifax Secure eBusiness CA 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350
-\202\263\205\314
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\252\277\277\144\227\332\230\035\157\306\010\072\225\160\063\312
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\160\317\265
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Visa International Global Root 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\036
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003
-\036\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062\060\036\027\015\060\060\060\070\061\066\062\062\065
-\061\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071
-\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123
-\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123
-\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151
-\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040
-\122\157\157\164\040\062\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\251\001\160\265\252\304\100\360\253
-\152\046\141\171\031\000\374\277\233\067\131\014\257\157\144\033
-\370\332\225\224\044\151\063\021\160\312\343\126\164\242\027\127
-\144\134\040\006\341\326\357\161\267\073\367\253\301\151\320\111
-\244\261\004\327\364\127\142\211\134\260\165\055\027\044\151\343
-\102\140\344\356\164\326\253\200\126\330\210\050\341\373\155\042
-\375\043\174\106\163\117\176\124\163\036\250\054\125\130\165\267
-\114\363\132\105\245\002\032\372\332\235\303\105\303\042\136\363
-\213\361\140\051\322\307\137\264\014\072\121\203\357\060\370\324
-\347\307\362\372\231\243\042\120\276\371\005\067\243\255\355\232
-\303\346\354\210\033\266\031\047\033\070\213\200\115\354\271\307
-\305\211\313\374\032\062\355\043\360\265\001\130\371\366\217\340
-\205\251\114\011\162\071\022\333\263\365\317\116\142\144\332\306
-\031\025\072\143\035\351\027\125\241\114\042\074\064\062\106\370
-\145\127\272\053\357\066\214\152\372\331\331\104\364\252\335\204
-\327\015\034\262\124\254\062\205\264\144\015\336\101\273\261\064
-\306\001\206\062\144\325\237\002\003\001\000\001\243\102\060\100
-\060\035\006\003\125\035\016\004\026\004\024\236\175\113\064\277
-\161\255\302\005\366\003\165\200\316\251\117\032\304\044\114\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
-\202\001\001\000\041\245\166\024\125\371\255\047\160\217\074\364
-\325\154\310\314\012\253\243\230\013\212\006\043\305\311\141\333
-\231\007\151\065\046\061\376\307\056\204\302\231\141\324\015\351
-\175\056\023\053\174\216\205\266\205\307\113\317\065\266\054\107
-\075\316\051\057\330\157\237\211\034\144\223\277\010\275\166\320
-\220\212\224\263\177\050\133\156\254\115\063\054\355\145\334\026
-\314\342\315\256\244\075\142\222\006\225\046\277\337\271\344\040
-\246\163\152\301\276\367\224\104\326\115\157\052\013\153\030\115
-\164\020\066\150\152\132\301\152\247\335\066\051\214\270\060\213
-\117\041\077\000\056\124\060\007\072\272\212\344\303\236\312\330
-\265\330\173\316\165\105\146\007\364\155\055\330\172\312\351\211
-\212\362\043\330\057\313\156\000\066\117\373\360\057\001\314\017
-\300\042\145\364\253\342\116\141\055\003\202\175\221\026\265\060
-\325\024\336\136\307\220\374\241\374\253\020\257\134\153\160\247
-\007\357\051\206\350\262\045\307\040\377\046\335\167\357\171\104
-\024\304\275\335\073\305\003\233\167\043\354\240\354\273\132\071
-\265\314\255\006
-END
-
-# Trust for Certificate "Visa International Global Root 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\311\015\033\352\210\075\247\321\027\276\073\171\364\041\016\032
-\130\224\247\055
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\065\110\225\066\112\124\132\162\226\216\340\144\314\357\054\214
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\036
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "beTRUSTed Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\071\117\175\207
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071
-\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127
-\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122
-\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124
-\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036
-\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027
-\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060
-\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145
-\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122
-\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032
-\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124
-\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023
-\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064
-\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372
-\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117
-\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117
-\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232
-\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014
-\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163
-\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026
-\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327
-\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034
-\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065
-\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215
-\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266
-\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201
-\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143
-\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001
-\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001
-\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125
-\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012
-\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202
-\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032
-\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150
-\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142
-\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165
-\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157
-\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151
-\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164
-\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151
-\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040
-\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162
-\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164
-\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146
-\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145
-\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164
-\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123
-\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145
-\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026
-\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124
-\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164
-\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060
-\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006
-\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061
-\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003
-\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315
-\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125
-\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330
-\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
-\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313
-\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350
-\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306
-\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247
-\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366
-\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226
-\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073
-\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036
-\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000
-\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226
-\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071
-\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334
-\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363
-\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034
-\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077
-\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256
-END
-
-# Trust for Certificate "beTRUSTed Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114
-\106\364\160\070
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\071\117\175\207
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Low-Value Services Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Low-Value Services Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144
-\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103
-\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060
-\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061
-\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004
-\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013
-\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006
-\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124
-\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003
-\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154
-\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001
-\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226
-\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043
-\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245
-\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003
-\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126
-\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247
-\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242
-\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215
-\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245
-\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373
-\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274
-\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041
-\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232
-\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233
-\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302
-\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061
-\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003
-\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016
-\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011
-\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004
-\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201
-\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321
-\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145
-\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060
-\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164
-\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144
-\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157
-\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144
-\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101
-\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033
-\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227
-\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105
-\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036
-\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063
-\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043
-\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036
-\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030
-\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256
-\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123
-\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145
-\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030
-\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173
-\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200
-\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317
-\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344
-\065\341\035\026\034\320\274\053\216\326\161\331
-END
-
-# Trust for Certificate "AddTrust Low-Value Services Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Low-Value Services Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353
-\044\343\224\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "AddTrust External Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust External Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101
-\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154
-\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040
-\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040
-\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164
-\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070
-\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355
-\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244
-\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345
-\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375
-\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117
-\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232
-\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327
-\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023
-\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117
-\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327
-\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171
-\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070
-\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315
-\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043
-\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053
-\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064
-\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006
-\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367
-\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125
-\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264
-\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163
-\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123
-\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
-\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013
-\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162
-\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061
-\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165
-\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122
-\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302
-\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331
-\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107
-\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245
-\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065
-\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071
-\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044
-\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030
-\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302
-\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152
-\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247
-\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027
-\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236
-\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163
-\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132
-\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202
-\027\132\173\320\274\307\217\116\206\004
-END
-
-# Trust for Certificate "AddTrust External Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust External Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133
-\150\205\030\150
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Public Services Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Public Services Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
-\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
-\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
-\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
-\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144
-\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101
-\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061
-\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060
-\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006
-\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101
-\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003
-\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124
-\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125
-\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142
-\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217
-\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151
-\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125
-\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362
-\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305
-\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327
-\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167
-\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325
-\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317
-\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121
-\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136
-\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207
-\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263
-\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320
-\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105
-\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353
-\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000
-\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026
-\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252
-\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003
-\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060
-\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253
-\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013
-\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006
-\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101
-\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124
-\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153
-\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162
-\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157
-\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332
-\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272
-\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332
-\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262
-\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277
-\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175
-\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132
-\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050
-\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307
-\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146
-\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341
-\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266
-\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120
-\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046
-\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035
-\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362
-\116\072\063\014\053\263\055\220\006
-END
-
-# Trust for Certificate "AddTrust Public Services Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Public Services Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231
-\162\054\226\345
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Qualified Certificates Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144
-\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144
-\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065
-\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063
-\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003
-\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012
-\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060
-\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164
-\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041
-\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040
-\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157
-\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137
-\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052
-\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322
-\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022
-\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106
-\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050
-\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052
-\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042
-\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076
-\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255
-\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024
-\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370
-\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341
-\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065
-\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113
-\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145
-\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006
-\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324
-\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125
-\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134
-\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153
-\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123
-\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
-\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013
-\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116
-\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023
-\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146
-\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001
-\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357
-\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125
-\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263
-\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146
-\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043
-\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152
-\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227
-\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311
-\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262
-\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267
-\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056
-\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033
-\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130
-\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335
-\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336
-\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350
-\306\241
-END
-
-# Trust for Certificate "AddTrust Qualified Certificates Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036
-\305\115\213\317
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\053
-\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132
-\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\271\355\136\172\072\167\137\316\137\072
-\122\374\315\144\367\161\265\157\152\226\306\131\222\125\224\135
-\057\133\056\301\021\352\046\212\313\247\201\074\366\132\104\336
-\172\023\057\375\132\121\331\173\067\046\112\300\047\077\004\003
-\152\126\301\203\054\341\157\133\251\124\120\044\112\306\056\172
-\114\241\133\067\124\044\041\061\037\241\170\030\166\247\261\160
-\332\042\320\152\376\007\142\100\306\367\366\233\175\014\006\270
-\113\307\050\344\146\043\204\121\357\106\267\223\330\201\063\313
-\345\066\254\306\350\005\002\003\001\000\001\243\202\001\020\060
-\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\061\060\061\006\003\125\035\037\004\052\060\050
-\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\061\056\143\162\154\060\023\006\003\125\035\045\004
-\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006
-\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006
-\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164
-\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147
-\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165
-\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013
-\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006
-\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163
-\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056
-\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002
-\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201
-\201\000\160\220\335\270\344\276\123\027\174\177\002\351\325\367
-\213\231\223\061\140\215\176\346\140\153\044\357\140\254\322\316
-\221\336\200\155\011\244\323\270\070\345\104\312\162\136\015\055
-\301\167\234\275\054\003\170\051\215\244\245\167\207\365\361\053
-\046\255\314\007\154\072\124\132\050\340\011\363\115\012\004\312
-\324\130\151\013\247\263\365\335\001\245\347\334\360\037\272\301
-\135\220\215\263\352\117\301\021\131\227\152\262\053\023\261\332
-\255\227\241\263\261\240\040\133\312\062\253\215\317\023\360\037
-\051\303
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\004\226\110\344\112\311\314\255\105\203\230\331\074\175\221\365
-\042\104\033\212
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\176\157\072\123\033\174\276\260\060\333\103\036\036\224\211\262
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 2 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\011
-\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\061\060\060\060\060\060\060\132
-\027\015\060\064\060\067\063\061\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\320\312\143\061\141\177\104\064\174\005
-\175\013\075\152\220\313\171\113\167\012\077\113\307\043\345\300
-\142\055\176\234\176\076\210\207\221\320\254\350\115\111\207\242
-\226\220\212\335\004\245\002\077\214\233\351\211\376\142\240\342
-\132\275\310\335\264\170\346\245\102\223\010\147\001\300\040\115
-\327\134\364\135\332\263\343\067\246\122\032\054\114\145\115\212
-\207\331\250\243\361\111\124\273\074\134\200\121\150\306\373\111
-\377\013\125\253\025\335\373\232\301\271\035\164\015\262\214\104
-\135\211\374\237\371\203\002\003\001\000\001\243\202\001\020\060
-\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\062\060\061\006\003\125\035\037\004\052\060\050
-\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\062\056\143\162\154\060\023\006\003\125\035\045\004
-\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006
-\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006
-\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164
-\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147
-\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165
-\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013
-\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006
-\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163
-\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056
-\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002
-\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201
-\201\000\037\175\011\156\044\106\165\004\234\363\046\233\343\071
-\156\027\357\274\275\242\033\322\002\204\206\253\320\100\227\054
-\304\103\210\067\031\153\042\250\003\161\120\235\040\334\066\140
-\040\232\163\055\163\125\154\130\233\054\302\264\064\054\172\063
-\102\312\221\331\351\103\257\317\036\340\365\304\172\253\077\162
-\143\036\251\067\341\133\073\210\263\023\206\202\220\127\313\127
-\377\364\126\276\042\335\343\227\250\341\274\042\103\302\335\115
-\333\366\201\236\222\024\236\071\017\023\124\336\202\330\300\136
-\064\215
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\042\171\151\276\320\122\116\115\035\066\262\361\162\041\167\361
-\124\123\110\167
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\363\105\275\020\226\015\205\113\357\237\021\142\064\247\136\265
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\242\060\202\003\013\240\003\002\001\002\002\020\056
-\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132
-\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\361\344\010\016\203\273\165\343\110\345
-\270\333\246\360\271\253\351\074\142\307\136\065\133\320\002\124
-\021\330\311\321\126\271\166\113\271\253\172\346\315\272\366\014
-\004\326\176\326\260\012\145\254\116\071\343\361\367\055\243\045
-\071\357\260\213\317\276\333\014\135\156\160\364\007\315\160\367
-\072\300\076\065\026\355\170\214\103\317\302\046\056\107\326\206
-\175\234\361\276\326\147\014\042\045\244\312\145\346\037\172\170
-\050\057\077\005\333\004\041\277\341\105\146\376\074\267\202\355
-\132\270\026\025\271\125\002\003\001\000\001\243\202\001\024\060
-\202\001\020\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\063\060\065\006\003\125\035\037\004\056\060\054
-\060\052\240\050\240\046\206\044\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\063\056\061\056\061\056\143\162\154\060\023\006\003
-\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007\003
-\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066\060
-\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046\026
-\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145\162
-\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057\163
-\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060\073
-\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001\060
-\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150
-\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163
-\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003\125
-\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004\003
-\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\002\366\123\143\300\251\036\362\320\213
-\063\060\217\110\233\114\260\126\264\203\161\112\276\334\120\330
-\365\266\340\013\333\275\170\117\351\317\011\064\332\051\111\235
-\001\163\132\221\221\202\124\054\023\012\323\167\043\317\067\374
-\143\336\247\343\366\267\265\151\105\050\111\303\221\334\252\107
-\034\251\210\231\054\005\052\215\215\212\372\142\342\132\267\000
-\040\135\071\304\050\302\313\374\236\250\211\256\133\075\216\022
-\352\062\262\374\353\024\327\011\025\032\300\315\033\325\265\025
-\116\101\325\226\343\116
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\265\355\267\332\046\072\126\164\322\042\105\060\324\307\217\172
-\007\365\345\137
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\121\222\311\166\203\230\026\336\214\263\206\304\175\146\373
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Secure Server OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Secure Server OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003
-\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145
-\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117
-\336
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\237\060\202\003\014\240\003\002\001\002\002\021\000
-\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117\336
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040
-\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141\164
-\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143\056
-\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060
-\132\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132
-\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003
-\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145
-\162\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\270\121
-\231\144\205\016\356\263\012\150\360\277\143\166\035\123\365\374
-\241\170\214\063\356\237\364\276\071\332\233\017\115\107\251\217
-\040\350\113\104\275\316\315\173\220\321\060\350\220\304\045\173
-\211\050\336\275\366\223\035\377\271\377\222\265\251\215\344\256
-\314\342\303\007\203\152\243\162\020\001\047\142\042\246\065\046
-\071\055\236\317\140\014\374\107\244\327\320\102\170\247\035\154
-\320\313\117\025\247\051\012\264\225\105\304\261\347\132\011\327
-\071\225\330\035\065\236\302\275\263\135\301\014\113\037\002\003
-\001\000\001\243\202\001\035\060\202\001\031\060\040\006\003\125
-\035\021\004\031\060\027\244\025\060\023\061\021\060\017\006\003
-\125\004\003\023\010\117\103\123\120\040\061\055\064\060\076\006
-\003\125\035\037\004\067\060\065\060\063\240\061\240\057\206\055
-\150\164\164\160\072\057\057\143\162\154\056\166\145\162\151\163
-\151\147\156\056\143\157\155\057\122\123\101\123\145\143\165\162
-\145\123\145\162\166\145\162\055\160\056\143\162\154\060\023\006
-\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007
-\003\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066
-\060\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046
-\026\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145
-\162\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057
-\163\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060
-\073\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001
-\060\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034
-\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151
-\163\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003
-\125\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004
-\003\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\176\000\000\263\020\123\146\234\111\223\056\061
-\240\002\102\322\130\127\176\146\241\376\033\212\141\030\120\100
-\054\036\053\101\245\326\333\377\254\010\034\132\005\155\002\134
-\052\266\226\117\107\333\276\116\333\316\314\272\206\270\030\316
-\261\022\221\137\143\367\363\110\076\314\361\115\023\344\155\011
-\224\170\000\222\313\243\040\235\006\013\152\240\103\007\316\321
-\031\154\217\030\165\232\237\027\063\375\251\046\270\343\342\336
-\302\250\304\132\212\177\230\326\007\006\153\314\126\236\206\160
-\316\324\357
-END
-
-# Trust for Certificate "Verisign Secure Server OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Secure Server OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\161\236\140\141\327\175\054\203\361\242\135\074\366\215\002\274
-\224\070\305\056
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\054\142\303\330\200\001\026\011\352\131\352\170\253\020\103\366
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117
-\336
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Time Stamping Authority CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Time Stamping Authority CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\245\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\162\160\141\040\050\143\051\060\060\061\054\060\052\006\003
-\125\004\003\023\043\126\145\162\151\123\151\147\156\040\124\151
-\155\145\040\123\164\141\155\160\151\156\147\040\101\165\164\150
-\157\162\151\164\171\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\315\060\202\003\066\240\003\002\001\002\002\020\123
-\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
-\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013
-\023\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061
-\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
-\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
-\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
-\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\060\036\027\015\060\060\060\071\062\066\060\060\060\060
-\060\060\132\027\015\061\060\060\071\062\065\062\063\065\071\065
-\071\132\060\201\245\061\027\060\025\006\003\125\004\012\023\016
-\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061\037
-\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147
-\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061
-\073\060\071\006\003\125\004\013\023\062\124\145\162\155\163\040
-\157\146\040\165\163\145\040\141\164\040\150\164\164\160\163\072
-\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056\143
-\157\155\057\162\160\141\040\050\143\051\060\060\061\054\060\052
-\006\003\125\004\003\023\043\126\145\162\151\123\151\147\156\040
-\124\151\155\145\040\123\164\141\155\160\151\156\147\040\101\165
-\164\150\157\162\151\164\171\040\103\101\060\201\237\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000
-\060\201\211\002\201\201\000\322\031\235\147\302\000\041\131\142
-\316\264\011\042\104\151\212\370\045\132\333\355\015\267\066\176
-\116\340\273\224\076\220\045\207\302\141\107\051\331\275\124\270
-\143\314\054\175\151\264\063\066\364\067\007\232\301\335\100\124
-\374\340\170\235\240\223\271\011\075\043\121\177\104\302\024\164
-\333\012\276\313\311\060\064\100\230\076\320\327\045\020\201\224
-\275\007\117\234\326\124\047\337\056\250\277\313\220\214\215\165
-\113\274\342\350\104\207\315\346\101\012\045\156\350\364\044\002
-\305\122\017\156\354\230\165\002\003\001\000\001\243\201\337\060
-\201\334\060\017\006\003\125\035\023\004\010\060\006\001\001\377
-\002\001\000\060\105\006\003\125\035\040\004\076\060\074\060\072
-\006\014\140\206\110\001\206\370\105\001\007\027\001\003\060\052
-\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164
-\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163\151
-\147\156\056\143\157\155\057\162\160\141\060\061\006\003\125\035
-\037\004\052\060\050\060\046\240\044\240\042\206\040\150\164\164
-\160\072\057\057\143\162\154\056\166\145\162\151\163\151\147\156
-\056\143\157\155\057\160\143\141\063\056\143\162\154\060\013\006
-\003\125\035\017\004\004\003\002\001\006\060\102\006\010\053\006
-\001\005\005\007\001\001\004\066\060\064\060\062\006\010\053\006
-\001\005\005\007\060\001\246\046\026\044\150\164\164\160\072\057
-\057\157\143\163\160\056\166\145\162\151\163\151\147\156\056\143
-\157\155\057\157\143\163\160\057\163\164\141\164\165\163\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
-\000\202\160\150\225\337\266\015\302\001\160\031\112\322\124\126
-\036\254\362\105\114\207\270\365\065\353\170\113\005\251\310\235
-\073\031\041\056\160\064\112\242\365\211\340\025\165\105\347\050
-\067\000\064\047\051\350\067\113\362\357\104\227\153\027\121\032
-\303\126\235\074\032\212\366\112\106\106\067\214\372\313\365\144
-\132\070\150\056\034\303\357\160\316\270\106\006\026\277\367\176
-\347\265\250\076\105\254\251\045\165\042\173\157\077\260\234\224
-\347\307\163\253\254\037\356\045\233\300\026\355\267\312\133\360
-\024
-END
-
-# Trust for Certificate "Verisign Time Stamping Authority CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Time Stamping Authority CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\246\017\064\310\142\154\201\366\213\367\175\251\366\147\130\212
-\220\077\175\066
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\211\111\124\214\310\150\232\203\051\354\334\006\163\041\253\227
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Time Stamping CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Time Stamping CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\241\060\202\002\012\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007\023
-\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060\015
-\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035\060
-\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060\035
-\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124\151
-\155\145\163\164\141\155\160\151\156\147\040\103\101\060\036\027
-\015\071\067\060\061\060\061\060\060\060\060\060\060\132\027\015
-\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\213
-\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060
-\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040
-\103\141\160\145\061\024\060\022\006\003\125\004\007\023\013\104
-\165\162\142\141\156\166\151\154\154\145\061\017\060\015\006\003
-\125\004\012\023\006\124\150\141\167\164\145\061\035\060\033\006
-\003\125\004\013\023\024\124\150\141\167\164\145\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\061\037\060\035\006\003
-\125\004\003\023\026\124\150\141\167\164\145\040\124\151\155\145
-\163\164\141\155\160\151\156\147\040\103\101\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\326\053\130\170\141\105\206\123
-\352\064\173\121\234\355\260\346\056\030\016\376\340\137\250\047
-\323\264\311\340\174\131\116\026\016\163\124\140\301\177\366\237
-\056\351\072\205\044\025\074\333\107\004\143\303\236\304\224\032
-\132\337\114\172\363\331\103\035\074\020\172\171\045\333\220\376
-\360\121\347\060\326\101\000\375\237\050\337\171\276\224\273\235
-\266\024\343\043\205\327\251\101\340\114\244\171\260\053\032\213
-\362\370\073\212\076\105\254\161\222\000\264\220\101\230\373\137
-\355\372\267\056\212\370\210\067\002\003\001\000\001\243\023\060
-\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\147\333\342\302\346\207\075\100\203\206\067
-\065\175\037\316\232\303\014\146\040\250\272\252\004\211\206\302
-\365\020\010\015\277\313\242\005\212\320\115\066\076\364\327\357
-\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333
-\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220
-\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354
-\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003
-\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031
-\011\254\211\111\323
-END
-
-# Trust for Certificate "Thawte Time Stamping CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Time Stamping CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105
-\010\116\326\126
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\177\146\172\161\323\353\151\170\040\232\121\024\235\203\332\040
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Global Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\233\021\074
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\225\060\202\003\376\240\003\002\001\002\002\004\070
-\233\021\074\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\272\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075\006
-\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151\156
-\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154
-\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043
-\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040
-\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151
-\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156
-\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145
-\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\062\060\064\061\067\062\060\060\060\132
-\027\015\062\060\060\062\060\064\061\067\065\060\060\060\132\060
-\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125\004
-\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157\162
-\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151
-\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125
-\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156\164
-\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144
-\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165
-\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145
-\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201
-\215\000\060\201\211\002\201\201\000\307\301\137\116\161\361\316
-\360\140\206\017\322\130\177\323\063\227\055\027\242\165\060\265
-\226\144\046\057\150\303\104\253\250\165\346\000\147\064\127\236
-\145\307\042\233\163\346\323\335\010\016\067\125\252\045\106\201
-\154\275\376\250\366\165\127\127\214\220\154\112\303\076\213\113
-\103\012\311\021\126\232\232\047\042\231\317\125\236\141\331\002
-\342\174\266\174\070\007\334\343\177\117\232\271\003\101\200\266
-\165\147\023\013\237\350\127\066\310\135\000\066\336\146\024\332
-\156\166\037\117\067\214\202\023\211\002\003\001\000\001\243\202
-\001\244\060\202\001\240\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\201\343\006\003\125\035
-\037\004\201\333\060\201\330\060\201\325\240\201\322\240\201\317
-\244\201\314\060\201\311\061\024\060\022\006\003\125\004\012\023
-\013\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075
-\006\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165
-\163\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105
-\156\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\061\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060
-\053\006\003\125\035\020\004\044\060\042\200\017\062\060\060\060
-\060\062\060\064\061\067\062\060\060\060\132\201\017\062\060\062
-\060\060\062\060\064\061\067\065\060\060\060\132\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043
-\004\030\060\026\200\024\313\154\300\153\343\273\076\313\374\042
-\234\376\373\213\222\234\260\362\156\042\060\035\006\003\125\035
-\016\004\026\004\024\313\154\300\153\343\273\076\313\374\042\234
-\376\373\213\222\234\260\362\156\042\060\014\006\003\125\035\023
-\004\005\060\003\001\001\377\060\035\006\011\052\206\110\206\366
-\175\007\101\000\004\020\060\016\033\010\126\065\056\060\072\064
-\056\060\003\002\004\220\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\142\333\201\221\316\310\232
-\167\102\057\354\275\047\243\123\017\120\033\352\116\222\360\251
-\257\251\240\272\110\141\313\357\311\006\357\037\325\364\356\337
-\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205
-\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021
-\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154
-\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124
-\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274
-\005\377\154\211\063\360\354\025\017
-END
-
-# Trust for Certificate "Entrust.net Global Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366
-\045\072\110\223
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\235\146\152\314\377\325\365\103\264\277\214\026\321\053\250\231
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\233\021\074
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Global Secure Personal CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Personal CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\236\366\344
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\203\060\202\003\354\240\003\002\001\002\002\004\070
-\236\366\344\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
-\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\107\103\103\101\137\103\120\123\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
-\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145\156
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\060\036\027\015\060\060\060
-\062\060\067\061\066\061\066\064\060\132\027\015\062\060\060\062
-\060\067\061\066\064\066\064\060\132\060\201\264\061\024\060\022
-\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
-\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
-\056\145\156\164\162\165\163\164\056\156\145\164\057\107\103\103
-\101\137\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
-\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
-\143\051\040\062\060\060\060\040\105\156\164\162\165\163\164\056
-\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
-\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
-\164\040\103\154\151\145\156\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\201\215\000\060\201\211\002\201\201\000\223\164\264
-\266\344\305\113\326\241\150\177\142\325\354\367\121\127\263\162
-\112\230\365\320\211\311\255\143\315\115\065\121\152\204\324\255
-\311\150\171\157\270\353\021\333\207\256\134\044\121\023\361\124
-\045\204\257\051\053\237\343\200\342\331\313\335\306\105\111\064
-\210\220\136\001\227\357\352\123\246\335\374\301\336\113\052\045
-\344\351\065\372\125\005\006\345\211\172\352\244\021\127\073\374
-\174\075\066\315\147\065\155\244\251\045\131\275\146\365\371\047
-\344\225\147\326\077\222\200\136\362\064\175\053\205\002\003\001
-\000\001\243\202\001\236\060\202\001\232\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201\335
-\006\003\125\035\037\004\201\325\060\201\322\060\201\317\240\201
-\314\240\201\311\244\201\306\060\201\303\061\024\060\022\006\003
-\125\004\012\023\013\105\156\164\162\165\163\164\056\156\145\164
-\061\100\060\076\006\003\125\004\013\024\067\167\167\167\056\145
-\156\164\162\165\163\164\056\156\145\164\057\107\103\103\101\137
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141\142
-\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\062\060\060\060\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015
-\060\013\006\003\125\004\003\023\004\103\122\114\061\060\053\006
-\003\125\035\020\004\044\060\042\200\017\062\060\060\060\060\062
-\060\067\061\066\061\066\064\060\132\201\017\062\060\062\060\060
-\062\060\067\061\066\064\066\064\060\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\204\213\164\375\305\215\300\377\047\155\040\067
-\105\174\376\055\316\272\323\175\060\035\006\003\125\035\016\004
-\026\004\024\204\213\164\375\305\215\300\377\047\155\040\067\105
-\174\376\055\316\272\323\175\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\035\006\011\052\206\110\206\366\175\007
-\101\000\004\020\060\016\033\010\126\065\056\060\072\064\056\060
-\003\002\004\220\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\116\157\065\200\073\321\212\365\016
-\247\040\313\055\145\125\320\222\364\347\204\265\006\046\203\022
-\204\013\254\073\262\104\356\275\317\100\333\040\016\272\156\024
-\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276
-\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277
-\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172
-\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103
-\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235
-\316\145\146\227\256\046\136
-END
-
-# Trust for Certificate "Entrust.net Global Secure Personal CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Personal CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266
-\266\360\277\163
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\232\167\031\030\355\226\317\337\033\267\016\365\215\271\210\056
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\236\366\344
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AOL Time Warner Root Certification Authority 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\346\060\202\002\316\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151
-\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034
-\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141
-\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065
-\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040
-\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\061\060\036\027\015\060\062\060\065\062\071\060
-\066\060\060\060\060\132\027\015\063\067\061\061\062\060\061\065
-\060\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
-\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040
-\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101
-\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156
-\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114
-\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\061\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\231\336\217\303
-\045\243\151\064\350\005\367\164\271\277\132\227\031\271\057\224
-\322\223\345\055\211\312\204\174\077\020\103\033\214\213\174\204
-\130\370\044\174\110\317\052\375\300\025\331\030\176\204\032\027
-\323\333\236\327\312\344\331\327\252\130\121\207\360\360\213\110
-\116\342\302\304\131\151\060\142\266\060\242\214\013\021\231\141
-\065\155\176\357\305\261\031\006\040\022\216\102\341\337\017\226
-\020\122\250\317\234\137\225\024\330\257\073\165\013\061\040\037
-\104\057\242\142\101\263\273\030\041\333\312\161\074\214\354\266
-\271\015\237\357\121\357\115\173\022\362\013\014\341\254\100\217
-\167\177\260\312\170\161\014\135\026\161\160\242\327\302\072\205
-\315\016\232\304\340\000\260\325\045\352\334\053\344\224\055\070
-\234\211\101\127\144\050\145\031\034\266\104\264\310\061\153\216
-\001\173\166\131\045\177\025\034\204\010\174\163\145\040\012\241
-\004\056\032\062\250\232\040\261\234\054\041\131\347\373\317\356
-\160\055\010\312\143\076\054\233\223\031\152\244\302\227\377\267
-\206\127\210\205\154\236\025\026\053\115\054\263\002\003\001\000
-\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
-\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310\330
-\075\174\276\137\022\060\037\006\003\125\035\043\004\030\060\026
-\200\024\241\066\060\026\313\206\220\000\105\200\123\261\217\310
-\330\075\174\276\137\022\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\212\040\030\245\276\263
-\057\264\246\204\000\100\060\051\372\264\024\163\114\171\105\247
-\366\160\340\350\176\144\036\012\225\174\152\141\302\357\116\037
-\276\377\311\231\037\007\141\112\341\135\114\315\255\356\320\122
-\062\331\131\062\274\332\171\162\326\173\011\350\002\201\065\323
-\012\337\021\035\311\171\240\200\115\376\132\327\126\326\355\017
-\052\257\247\030\165\063\014\352\301\141\005\117\152\232\211\362
-\215\271\237\056\357\260\137\132\000\353\276\255\240\370\104\005
-\147\274\313\004\357\236\144\305\351\310\077\005\277\306\057\007
-\034\303\066\161\206\312\070\146\112\315\326\270\113\306\154\247
-\227\073\372\023\055\156\043\141\207\241\143\102\254\302\313\227
-\237\141\150\317\055\114\004\235\327\045\117\012\016\115\220\213
-\030\126\250\223\110\127\334\157\256\275\236\147\127\167\211\120
-\263\276\021\233\105\147\203\206\031\207\323\230\275\010\032\026
-\037\130\202\013\341\226\151\005\113\216\354\203\121\061\007\325
-\324\237\377\131\173\250\156\205\317\323\113\251\111\260\137\260
-\071\050\150\016\163\335\045\232\336\022
-END
-
-# Trust for Certificate "AOL Time Warner Root Certification Authority 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\124\123\134\044\243\247\130\040\176\076\076\323\044\370\026
-\373\041\026\111
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\347\172\334\261\037\156\006\037\164\154\131\026\047\303\113\300
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AOL Time Warner Root Certification Authority 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124
-\151\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061
-\034\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143
-\141\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060
-\065\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145
-\040\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157
-\162\151\164\171\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\346\060\202\003\316\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\203\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\035\060\033\006\003\125\004\012\023\024\101\117\114\040\124\151
-\155\145\040\127\141\162\156\145\162\040\111\156\143\056\061\034
-\060\032\006\003\125\004\013\023\023\101\155\145\162\151\143\141
-\040\117\156\154\151\156\145\040\111\156\143\056\061\067\060\065
-\006\003\125\004\003\023\056\101\117\114\040\124\151\155\145\040
-\127\141\162\156\145\162\040\122\157\157\164\040\103\145\162\164
-\151\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\040\062\060\036\027\015\060\062\060\065\062\071\060
-\066\060\060\060\060\132\027\015\063\067\060\071\062\070\062\063
-\064\063\060\060\132\060\201\203\061\013\060\011\006\003\125\004
-\006\023\002\125\123\061\035\060\033\006\003\125\004\012\023\024
-\101\117\114\040\124\151\155\145\040\127\141\162\156\145\162\040
-\111\156\143\056\061\034\060\032\006\003\125\004\013\023\023\101
-\155\145\162\151\143\141\040\117\156\154\151\156\145\040\111\156
-\143\056\061\067\060\065\006\003\125\004\003\023\056\101\117\114
-\040\124\151\155\145\040\127\141\162\156\145\162\040\122\157\157
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\062\060\202\002\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\002\017\000\060\202\002\012\002\202\002\001\000\264\067\132\010
-\026\231\024\350\125\261\033\044\153\374\307\213\346\207\251\211
-\356\213\231\315\117\100\206\244\266\115\311\331\261\334\074\115
-\015\205\114\025\154\106\213\122\170\237\370\043\375\147\365\044
-\072\150\135\320\367\144\141\101\124\243\213\245\010\322\051\133
-\233\140\117\046\203\321\143\022\126\111\166\244\026\302\245\235
-\105\254\213\204\225\250\026\261\354\237\352\044\032\357\271\127
-\134\232\044\041\054\115\016\161\037\246\254\135\105\164\003\230
-\304\124\214\026\112\101\167\206\225\165\014\107\001\146\140\374
-\025\361\017\352\365\024\170\307\016\327\156\201\034\136\277\136
-\347\072\052\330\227\027\060\174\000\255\010\235\063\257\270\231
-\141\200\213\250\225\176\024\334\022\154\244\320\330\357\100\111
-\002\066\371\156\251\326\035\226\126\004\262\263\055\026\126\206
-\217\331\040\127\200\315\147\020\155\260\114\360\332\106\266\352
-\045\056\106\257\215\260\205\070\064\213\024\046\202\053\254\256
-\231\013\216\024\327\122\275\236\151\303\206\002\013\352\166\165
-\061\011\316\063\031\041\205\103\346\211\055\237\045\067\147\361
-\043\152\322\000\155\227\371\237\347\051\312\335\037\327\006\352
-\270\311\271\011\041\237\310\077\006\305\322\351\022\106\000\116
-\173\010\353\102\075\053\110\156\235\147\335\113\002\344\104\363
-\223\031\245\047\316\151\172\276\147\323\374\120\244\054\253\303
-\153\271\343\200\114\317\005\141\113\053\334\033\271\246\322\320
-\252\365\053\163\373\316\220\065\237\014\122\034\277\134\041\141
-\021\133\025\113\251\044\121\374\244\134\367\027\235\260\322\372
-\007\351\217\126\344\032\214\150\212\004\323\174\132\343\236\242
-\241\312\161\133\242\324\240\347\051\205\135\003\150\052\117\322
-\006\327\075\371\303\003\057\077\145\371\147\036\107\100\323\143
-\017\343\325\216\371\205\253\227\114\263\327\046\353\226\012\224
-\336\205\066\234\310\177\201\011\002\111\052\016\365\144\062\014
-\202\321\272\152\202\033\263\113\164\021\363\214\167\326\237\277
-\334\067\244\247\125\004\057\324\061\350\323\106\271\003\174\332
-\022\116\131\144\267\121\061\061\120\240\312\034\047\331\020\056
-\255\326\275\020\146\053\303\260\042\112\022\133\002\003\001\000
-\001\243\143\060\141\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\035\006\003\125\035\016\004\026\004
-\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116\325
-\277\251\304\040\050\060\037\006\003\125\035\043\004\030\060\026
-\200\024\117\151\155\003\176\235\237\007\030\103\274\267\020\116
-\325\277\251\304\040\050\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\206\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\002\001\000\073\363\256\312\350\056
-\207\205\373\145\131\347\255\021\024\245\127\274\130\237\044\022
-\127\273\373\077\064\332\356\255\172\052\064\162\160\061\153\307
-\031\230\200\311\202\336\067\167\136\124\213\216\362\352\147\117
-\311\164\204\221\126\011\325\345\172\232\201\266\201\302\255\066
-\344\361\124\021\123\363\064\105\001\046\310\345\032\274\064\104
-\041\336\255\045\374\166\026\167\041\220\200\230\127\235\116\352
-\354\057\252\074\024\173\127\301\176\030\024\147\356\044\306\275
-\272\025\260\322\030\275\267\125\201\254\123\300\350\335\151\022
-\023\102\267\002\265\005\101\312\171\120\156\202\016\161\162\223
-\106\350\235\015\135\275\256\316\051\255\143\325\125\026\200\060
-\047\377\166\272\367\270\326\112\343\331\265\371\122\320\116\100
-\251\307\345\302\062\307\252\166\044\341\153\005\120\353\305\277
-\012\124\345\271\102\074\044\373\267\007\234\060\237\171\132\346
-\340\100\122\025\364\374\252\364\126\371\104\227\207\355\016\145
-\162\136\276\046\373\115\244\055\010\007\336\330\134\240\334\201
-\063\231\030\045\021\167\247\353\375\130\011\054\231\153\033\212
-\363\122\077\032\115\110\140\361\240\366\063\002\123\213\355\045
-\011\270\015\055\355\227\163\354\327\226\037\216\140\016\332\020
-\233\057\030\044\366\246\115\012\371\073\313\165\302\314\057\316
-\044\151\311\012\042\216\131\247\367\202\014\327\327\153\065\234
-\103\000\152\304\225\147\272\234\105\313\270\016\067\367\334\116
-\001\117\276\012\266\003\323\255\212\105\367\332\047\115\051\261
-\110\337\344\021\344\226\106\275\154\002\076\326\121\310\225\027
-\001\025\251\362\252\252\362\277\057\145\033\157\320\271\032\223
-\365\216\065\304\200\207\076\224\057\146\344\351\250\377\101\234
-\160\052\117\052\071\030\225\036\176\373\141\001\074\121\010\056
-\050\030\244\026\017\061\375\072\154\043\223\040\166\341\375\007
-\205\321\133\077\322\034\163\062\335\372\271\370\214\317\002\207
-\172\232\226\344\355\117\211\215\123\103\253\016\023\300\001\025
-\264\171\070\333\374\156\075\236\121\266\270\023\213\147\317\371
-\174\331\042\035\366\135\305\034\001\057\230\350\172\044\030\274
-\204\327\372\334\162\133\367\301\072\150
-END
-
-# Trust for Certificate "AOL Time Warner Root Certification Authority 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AOL Time Warner Root Certification Authority 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\374\041\232\166\021\057\166\301\305\010\203\074\232\057\242\272
-\204\254\010\172
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\001\132\231\303\326\117\251\113\074\073\261\243\253\047\114\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "beTRUSTed Root CA-Baltimore Implementation"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA-Baltimore Implementation"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055
-\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\055
-\102\141\154\164\151\155\157\162\145\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\074\265\075\106
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\152\060\202\004\122\240\003\002\001\002\002\004\074
-\265\075\106\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142
-\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004
-\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157
-\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\055\102\141\154\164\151\155\157\162\145\040\111\155\160\154
-\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062
-\060\064\061\061\060\067\063\070\065\061\132\027\015\062\062\060
-\064\061\061\060\067\063\070\065\061\132\060\146\061\022\060\020
-\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144
-\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060
-\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145
-\144\040\122\157\157\164\040\103\101\055\102\141\154\164\151\155
-\157\162\145\040\111\155\160\154\145\155\145\156\164\141\164\151
-\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\274\176\304\071\234\214\343\326\034\206\377\312\142
-\255\340\177\060\105\172\216\032\263\270\307\371\321\066\377\042
-\363\116\152\137\204\020\373\146\201\303\224\171\061\322\221\341
-\167\216\030\052\303\024\336\121\365\117\243\053\274\030\026\342
-\265\335\171\336\042\370\202\176\313\201\037\375\047\054\217\372
-\227\144\042\216\370\377\141\243\234\033\036\222\217\300\250\011
-\337\011\021\354\267\175\061\232\032\352\203\041\006\074\237\272
-\134\377\224\352\152\270\303\153\125\064\117\075\062\037\335\201
-\024\340\304\074\315\235\060\370\060\251\227\323\356\314\243\320
-\037\137\034\023\201\324\030\253\224\321\143\303\236\177\065\222
-\236\137\104\352\354\364\042\134\267\350\075\175\244\371\211\251
-\221\262\052\331\353\063\207\356\245\375\343\332\314\210\346\211
-\046\156\307\053\202\320\136\235\131\333\024\354\221\203\005\303
-\136\016\306\052\320\004\335\161\075\040\116\130\047\374\123\373
-\170\170\031\024\262\374\220\122\211\070\142\140\007\264\240\354
-\254\153\120\326\375\271\050\153\357\122\055\072\262\377\361\001
-\100\254\067\002\003\001\000\001\243\202\002\036\060\202\002\032
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060\202
-\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076\000
-\000\001\011\050\203\221\061\060\202\001\217\060\202\001\110\006
-\010\053\006\001\005\005\007\002\002\060\202\001\072\032\202\001
-\066\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040
-\165\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164
-\151\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040
-\141\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156
-\164\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145
-\040\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160
-\154\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144
-\040\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151
-\164\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150
-\145\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\120\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145
-\156\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151
-\156\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145
-\156\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145
-\040\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145
-\124\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145
-\054\040\150\164\164\160\072\057\057\167\167\167\056\142\145\164
-\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165
-\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144
-\145\170\056\150\164\155\154\060\101\006\010\053\006\001\005\005
-\007\002\001\026\065\150\164\164\160\072\057\057\167\167\167\056
-\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160\162
-\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163\057
-\151\156\144\145\170\056\150\164\155\154\060\035\006\003\125\035
-\016\004\026\004\024\105\075\303\251\321\334\077\044\126\230\034
-\163\030\210\152\377\203\107\355\266\060\037\006\003\125\035\043
-\004\030\060\026\200\024\105\075\303\251\321\334\077\044\126\230
-\034\163\030\210\152\377\203\107\355\266\060\016\006\003\125\035
-\017\001\001\377\004\004\003\002\001\006\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\111\222
-\274\243\356\254\275\372\015\311\213\171\206\034\043\166\260\200
-\131\167\374\332\177\264\113\337\303\144\113\152\116\016\255\362
-\175\131\167\005\255\012\211\163\260\372\274\313\334\215\000\210
-\217\246\240\262\352\254\122\047\277\241\110\174\227\020\173\272
-\355\023\035\232\007\156\313\061\142\022\350\143\003\252\175\155
-\343\370\033\166\041\170\033\237\113\103\214\323\111\206\366\033
-\134\366\056\140\025\323\351\343\173\165\077\320\002\203\320\030
-\202\101\315\145\067\352\216\062\176\275\153\231\135\060\021\310
-\333\110\124\034\073\341\247\023\323\152\110\223\367\075\214\177
-\005\350\316\363\210\052\143\004\270\352\176\130\174\001\173\133
-\341\305\175\357\041\340\215\016\135\121\175\261\147\375\243\275
-\070\066\306\362\070\206\207\032\226\150\140\106\373\050\024\107
-\125\341\247\200\014\153\342\352\337\115\174\220\110\240\066\275
-\011\027\211\177\303\362\323\234\234\343\335\304\033\335\365\267
-\161\263\123\005\211\006\320\313\112\200\301\310\123\220\265\074
-\061\210\027\120\237\311\304\016\213\330\250\002\143\015
-END
-
-# Trust for Certificate "beTRUSTed Root CA-Baltimore Implementation"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA-Baltimore Implementation"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\334\273\236\267\031\113\304\162\005\301\021\165\051\206\203\133
-\123\312\344\370
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\201\065\271\373\373\022\312\030\151\066\353\256\151\170\241\361
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "beTRUSTed Root CA - Entrust Implementation"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - Entrust Implementation"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\063\060\061\006\003\125\004\003\023\052\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\105\156\164\162\165\163\164\040\111\155\160\154\145\155
-\145\156\164\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\074\265\117\100
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\006\121\060\202\005\071\240\003\002\001\002\002\004\074
-\265\117\100\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\146\061\022\060\020\006\003\125\004\012\023\011\142
-\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004
-\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157
-\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023\052
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160\154
-\145\155\145\156\164\141\164\151\157\156\060\036\027\015\060\062
-\060\064\061\061\060\070\062\064\062\067\132\027\015\062\062\060
-\064\061\061\060\070\065\064\062\067\132\060\146\061\022\060\020
-\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144
-\061\033\060\031\006\003\125\004\013\023\022\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101\163\061\063\060
-\061\006\003\125\004\003\023\052\142\145\124\122\125\123\124\145
-\144\040\122\157\157\164\040\103\101\040\055\040\105\156\164\162
-\165\163\164\040\111\155\160\154\145\155\145\156\164\141\164\151
-\157\156\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\272\364\104\003\252\022\152\265\103\354\125\222\266
-\060\175\065\127\014\333\363\015\047\156\114\367\120\250\233\116
-\053\157\333\365\255\034\113\135\263\251\301\376\173\104\353\133
-\243\005\015\037\305\064\053\060\000\051\361\170\100\262\244\377
-\072\364\001\210\027\176\346\324\046\323\272\114\352\062\373\103
-\167\227\207\043\305\333\103\243\365\052\243\121\136\341\073\322
-\145\151\176\125\025\233\172\347\151\367\104\340\127\265\025\350
-\146\140\017\015\003\373\202\216\243\350\021\173\154\276\307\143
-\016\027\223\337\317\113\256\156\163\165\340\363\252\271\244\300
-\011\033\205\352\161\051\210\101\062\371\360\052\016\154\011\362
-\164\153\146\154\122\023\037\030\274\324\076\367\330\156\040\236
-\312\376\374\041\224\356\023\050\113\327\134\136\014\146\356\351
-\273\017\301\064\261\177\010\166\363\075\046\160\311\213\045\035
-\142\044\014\352\034\165\116\300\022\344\272\023\035\060\051\055
-\126\063\005\273\227\131\176\306\111\117\211\327\057\044\250\266
-\210\100\265\144\222\123\126\044\344\242\240\205\263\136\220\264
-\022\063\315\002\003\001\000\001\243\202\003\005\060\202\003\001
-\060\202\001\267\006\003\125\035\040\004\202\001\256\060\202\001
-\252\060\202\001\246\006\017\053\006\001\004\001\261\076\000\000
-\002\011\050\203\221\061\060\202\001\221\060\202\001\111\006\010
-\053\006\001\005\005\007\002\002\060\202\001\073\032\202\001\067
-\122\145\154\151\141\156\143\145\040\157\156\040\157\162\040\165
-\163\145\040\157\146\040\164\150\151\163\040\103\145\162\164\151
-\146\151\143\141\164\145\040\143\162\145\141\164\145\163\040\141
-\156\040\141\143\153\156\157\167\154\145\144\147\155\145\156\164
-\040\141\156\144\040\141\143\143\145\160\164\141\156\143\145\040
-\157\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154
-\151\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040
-\164\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164
-\151\157\156\163\040\157\146\040\165\163\145\054\040\164\150\145
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\120
-\162\141\143\164\151\143\145\040\123\164\141\164\145\155\145\156
-\164\040\141\156\144\040\164\150\145\040\122\145\154\171\151\156
-\147\040\120\141\162\164\171\040\101\147\162\145\145\155\145\156
-\164\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040
-\146\157\165\156\144\040\141\164\040\164\150\145\040\142\145\124
-\122\125\123\124\145\144\040\167\145\142\040\163\151\164\145\054
-\040\150\164\164\160\163\072\057\057\167\167\167\056\142\145\164
-\162\165\163\164\145\144\056\143\157\155\057\160\162\157\144\165
-\143\164\163\137\163\145\162\166\151\143\145\163\057\151\156\144
-\145\170\056\150\164\155\154\060\102\006\010\053\006\001\005\005
-\007\002\001\026\066\150\164\164\160\163\072\057\057\167\167\167
-\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160
-\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163
-\057\151\156\144\145\170\056\150\164\155\154\060\021\006\011\140
-\206\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201
-\211\006\003\125\035\037\004\201\201\060\177\060\175\240\173\240
-\171\244\167\060\165\061\022\060\020\006\003\125\004\012\023\011
-\142\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125
-\004\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157
-\157\164\040\103\101\163\061\063\060\061\006\003\125\004\003\023
-\052\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\040\055\040\105\156\164\162\165\163\164\040\111\155\160
-\154\145\155\145\156\164\141\164\151\157\156\061\015\060\013\006
-\003\125\004\003\023\004\103\122\114\061\060\053\006\003\125\035
-\020\004\044\060\042\200\017\062\060\060\062\060\064\061\061\060
-\070\062\064\062\067\132\201\017\062\060\062\062\060\064\061\061
-\060\070\065\064\062\067\132\060\013\006\003\125\035\017\004\004
-\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200
-\024\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044
-\060\252\204\204\026\060\035\006\003\125\035\016\004\026\004\024
-\175\160\345\256\070\213\006\077\252\034\032\217\371\317\044\060
-\252\204\204\026\060\014\006\003\125\035\023\004\005\060\003\001
-\001\377\060\035\006\011\052\206\110\206\366\175\007\101\000\004
-\020\060\016\033\010\126\066\056\060\072\064\056\060\003\002\004
-\220\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\202\001\001\000\052\270\027\316\037\020\224\353\270\232\267
-\271\137\354\332\367\222\044\254\334\222\073\307\040\215\362\231
-\345\135\070\241\302\064\355\305\023\131\134\005\265\053\117\141
-\233\221\373\101\374\374\325\074\115\230\166\006\365\201\175\353
-\335\220\346\321\126\124\332\343\055\014\237\021\062\224\042\001
-\172\366\154\054\164\147\004\314\245\217\216\054\263\103\265\224
-\242\320\175\351\142\177\006\276\047\001\203\236\072\375\212\356
-\230\103\112\153\327\265\227\073\072\277\117\155\264\143\372\063
-\000\064\056\055\155\226\311\173\312\231\143\272\276\364\366\060
-\240\055\230\226\351\126\104\005\251\104\243\141\020\353\202\241
-\147\135\274\135\047\165\252\212\050\066\052\070\222\331\335\244
-\136\000\245\314\314\174\051\052\336\050\220\253\267\341\266\377
-\175\045\013\100\330\252\064\243\055\336\007\353\137\316\012\335
-\312\176\072\175\046\301\142\150\072\346\057\067\363\201\206\041
-\304\251\144\252\357\105\066\321\032\146\174\370\351\067\326\326
-\141\276\242\255\110\347\337\346\164\376\323\155\175\322\045\334
-\254\142\127\251\367
-END
-
-# Trust for Certificate "beTRUSTed Root CA - Entrust Implementation"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - Entrust Implementation"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\162\231\171\023\354\233\015\256\145\321\266\327\262\112\166\243
-\256\302\356\026
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\206\220\217\133\361\362\100\300\367\075\142\265\244\251\073
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "beTRUSTed Root CA - RSA Implementation"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - RSA Implementation"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141
-\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\142\061\022\060\020\006\003\125\004\012\023\011\142\145\124
-\122\125\123\124\145\144\061\033\060\031\006\003\125\004\013\023
-\022\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040
-\103\101\163\061\057\060\055\006\003\125\004\003\023\046\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\040
-\055\040\122\123\101\040\111\155\160\154\145\155\145\156\164\141
-\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\073\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\150\060\202\004\120\240\003\002\001\002\002\020\073
-\131\307\173\315\133\127\236\275\067\122\254\166\264\252\032\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\142
-\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125
-\123\124\145\144\061\033\060\031\006\003\125\004\013\023\022\142
-\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101
-\163\061\057\060\055\006\003\125\004\003\023\046\142\145\124\122
-\125\123\124\145\144\040\122\157\157\164\040\103\101\040\055\040
-\122\123\101\040\111\155\160\154\145\155\145\156\164\141\164\151
-\157\156\060\036\027\015\060\062\060\064\061\061\061\061\061\070
-\061\063\132\027\015\062\062\060\064\061\062\061\061\060\067\062
-\065\132\060\142\061\022\060\020\006\003\125\004\012\023\011\142
-\145\124\122\125\123\124\145\144\061\033\060\031\006\003\125\004
-\013\023\022\142\145\124\122\125\123\124\145\144\040\122\157\157
-\164\040\103\101\163\061\057\060\055\006\003\125\004\003\023\046
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\040\055\040\122\123\101\040\111\155\160\154\145\155\145\156
-\164\141\164\151\157\156\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\344\272\064\060\011\216\127\320\271
-\006\054\157\156\044\200\042\277\135\103\246\372\117\254\202\347
-\034\150\160\205\033\243\156\265\252\170\331\156\007\113\077\351
-\337\365\352\350\124\241\141\212\016\057\151\165\030\267\014\345
-\024\215\161\156\230\270\125\374\014\225\320\233\156\341\055\210
-\324\072\100\153\222\361\231\226\144\336\333\377\170\364\356\226
-\035\107\211\174\324\276\271\210\167\043\072\011\346\004\236\155
-\252\136\322\310\275\232\116\031\337\211\352\133\016\176\303\344
-\264\360\340\151\073\210\017\101\220\370\324\161\103\044\301\217
-\046\113\073\126\351\377\214\154\067\351\105\255\205\214\123\303
-\140\206\220\112\226\311\263\124\260\273\027\360\034\105\331\324
-\033\031\144\126\012\031\367\314\341\377\206\257\176\130\136\254
-\172\220\037\311\050\071\105\173\242\266\307\234\037\332\205\324
-\041\206\131\060\223\276\123\063\067\366\357\101\317\063\307\253
-\162\153\045\365\363\123\033\014\114\056\361\165\113\357\240\207
-\367\376\212\025\320\154\325\313\371\150\123\271\160\025\023\302
-\365\056\373\103\065\165\055\002\003\001\000\001\243\202\002\030
-\060\202\002\024\060\014\006\003\125\035\023\004\005\060\003\001
-\001\377\060\202\001\265\006\003\125\035\040\004\202\001\254\060
-\202\001\250\060\202\001\244\006\017\053\006\001\004\001\261\076
-\000\000\003\011\050\203\221\061\060\202\001\217\060\101\006\010
-\053\006\001\005\005\007\002\001\026\065\150\164\164\160\072\057
-\057\167\167\167\056\142\145\164\162\165\163\164\145\144\056\143
-\157\155\057\160\162\157\144\165\143\164\163\137\163\145\162\166
-\151\143\145\163\057\151\156\144\145\170\056\150\164\155\154\060
-\202\001\110\006\010\053\006\001\005\005\007\002\002\060\202\001
-\072\032\202\001\066\122\145\154\151\141\156\143\145\040\157\156
-\040\157\162\040\165\163\145\040\157\146\040\164\150\151\163\040
-\103\145\162\164\151\146\151\143\141\164\145\040\143\162\145\141
-\164\145\163\040\141\156\040\141\143\153\156\157\167\154\145\144
-\147\155\145\156\164\040\141\156\144\040\141\143\143\145\160\164
-\141\156\143\145\040\157\146\040\164\150\145\040\164\150\145\156
-\040\141\160\160\154\151\143\141\142\154\145\040\163\164\141\156
-\144\141\162\144\040\164\145\162\155\163\040\141\156\144\040\143
-\157\156\144\151\164\151\157\156\163\040\157\146\040\165\163\145
-\054\040\164\150\145\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\120\162\141\143\164\151\143\145\040\123\164\141
-\164\145\155\145\156\164\040\141\156\144\040\164\150\145\040\122
-\145\154\171\151\156\147\040\120\141\162\164\171\040\101\147\162
-\145\145\155\145\156\164\054\040\167\150\151\143\150\040\143\141
-\156\040\142\145\040\146\157\165\156\144\040\141\164\040\164\150
-\145\040\142\145\124\122\125\123\124\145\144\040\167\145\142\040
-\163\151\164\145\054\040\150\164\164\160\072\057\057\167\167\167
-\056\142\145\164\162\165\163\164\145\144\056\143\157\155\057\160
-\162\157\144\165\143\164\163\137\163\145\162\166\151\143\145\163
-\057\151\156\144\145\170\056\150\164\155\154\060\013\006\003\125
-\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004
-\030\060\026\200\024\251\354\024\176\371\331\103\314\123\053\024
-\255\317\367\360\131\211\101\315\031\060\035\006\003\125\035\016
-\004\026\004\024\251\354\024\176\371\331\103\314\123\053\024\255
-\317\367\360\131\211\101\315\031\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\333\227\260\165
-\352\014\304\301\230\312\126\005\300\250\255\046\110\257\055\040
-\350\201\307\266\337\103\301\054\035\165\113\324\102\215\347\172
-\250\164\334\146\102\131\207\263\365\151\155\331\251\236\263\175
-\034\061\301\365\124\342\131\044\111\345\356\275\071\246\153\212
-\230\104\373\233\327\052\203\227\064\055\307\175\065\114\055\064
-\270\076\015\304\354\210\047\257\236\222\375\120\141\202\250\140
-\007\024\123\314\145\023\301\366\107\104\151\322\061\310\246\335
-\056\263\013\336\112\215\133\075\253\015\302\065\122\242\126\067
-\314\062\213\050\205\102\234\221\100\172\160\053\070\066\325\341
-\163\032\037\345\372\176\137\334\326\234\073\060\352\333\300\133
-\047\134\323\163\007\301\302\363\114\233\157\237\033\312\036\252
-\250\070\063\011\130\262\256\374\007\350\066\334\125\272\057\117
-\100\376\172\275\006\246\201\301\223\042\174\206\021\012\006\167
-\110\256\065\267\057\062\232\141\136\213\276\051\237\051\044\210
-\126\071\054\250\322\253\226\003\132\324\110\237\271\100\204\013
-\230\150\373\001\103\326\033\342\011\261\227\034
-END
-
-# Trust for Certificate "beTRUSTed Root CA - RSA Implementation"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA - RSA Implementation"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\035\202\131\312\041\047\303\313\301\154\331\062\366\054\145\051
-\214\250\207\022
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\206\102\005\011\274\247\235\354\035\363\056\016\272\330\035\320
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "RSA Security 2048 v3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 2048 v3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\062\060\064\070\040\126\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\062\060\064\070\040\126\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\012\000\000\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\141\060\202\002\111\240\003\002\001\002\002\020\012
-\001\001\001\000\000\002\174\000\000\000\012\000\000\000\002\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072
-\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123
-\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006
-\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151
-\164\171\040\062\060\064\070\040\126\063\060\036\027\015\060\061
-\060\062\062\062\062\060\063\071\062\063\132\027\015\062\066\060
-\062\062\062\062\060\063\071\062\063\132\060\072\061\031\060\027
-\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162
-\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013
-\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\062
-\060\064\070\040\126\063\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\267\217\125\161\322\200\335\173\151
-\171\247\360\030\120\062\074\142\147\366\012\225\007\335\346\033
-\363\236\331\322\101\124\153\255\237\174\276\031\315\373\106\253
-\101\150\036\030\352\125\310\057\221\170\211\050\373\047\051\140
-\377\337\217\214\073\311\111\233\265\244\224\316\001\352\076\265
-\143\173\177\046\375\031\335\300\041\275\204\321\055\117\106\303
-\116\334\330\067\071\073\050\257\313\235\032\352\053\257\041\245
-\301\043\042\270\270\033\132\023\207\127\203\321\360\040\347\350
-\117\043\102\260\000\245\175\211\351\351\141\163\224\230\161\046
-\274\055\152\340\367\115\360\361\266\052\070\061\201\015\051\341
-\000\301\121\017\114\122\370\004\132\252\175\162\323\270\207\052
-\273\143\020\003\052\263\241\117\015\132\136\106\267\075\016\365
-\164\354\231\237\371\075\044\201\210\246\335\140\124\350\225\066
-\075\306\011\223\232\243\022\200\000\125\231\031\107\275\320\245
-\174\303\272\373\037\367\365\017\370\254\271\265\364\067\230\023
-\030\336\205\133\267\014\202\073\207\157\225\071\130\060\332\156
-\001\150\027\042\314\300\013\002\003\001\000\001\243\143\060\141
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\007\303
-\121\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261
-\235\214\060\035\006\003\125\035\016\004\026\004\024\007\303\121
-\060\244\252\351\105\256\065\044\372\377\044\054\063\320\261\235
-\214\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\202\001\001\000\137\076\206\166\156\270\065\074\116\066\034
-\036\171\230\277\375\325\022\021\171\122\016\356\061\211\274\335
-\177\371\321\306\025\041\350\212\001\124\015\072\373\124\271\326
-\143\324\261\252\226\115\242\102\115\324\123\037\213\020\336\177
-\145\276\140\023\047\161\210\244\163\343\204\143\321\244\125\341
-\120\223\346\033\016\171\320\147\274\106\310\277\077\027\015\225
-\346\306\220\151\336\347\264\057\336\225\175\320\022\077\075\076
-\177\115\077\024\150\365\021\120\325\301\364\220\245\010\035\061
-\140\377\140\214\043\124\012\257\376\241\156\305\321\172\052\150
-\170\317\036\202\012\040\264\037\255\345\205\262\152\150\165\116
-\255\045\067\224\205\276\275\241\324\352\267\014\113\074\235\350
-\022\000\360\137\254\015\341\254\160\143\163\367\177\171\237\062
-\045\102\164\005\200\050\277\275\301\044\226\130\025\261\027\041
-\351\211\113\333\007\210\147\364\025\255\160\076\057\115\205\073
-\302\267\333\376\230\150\043\211\341\164\017\336\364\305\204\143
-\051\033\314\313\007\311\000\244\251\327\302\042\117\147\327\167
-\354\040\005\141\336
-END
-
-# Trust for Certificate "RSA Security 2048 v3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 2048 v3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\045\001\220\031\317\373\331\231\034\267\150\045\164\215\224\137
-\060\223\225\102
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\167\015\031\261\041\375\000\102\234\076\014\245\335\013\002\216
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "RSA Security 1024 v3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 1024 v3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\061\060\062\064\040\126\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\072\061\031\060\027\006\003\125\004\012\023\020\122\123\101
-\040\123\145\143\165\162\151\164\171\040\111\156\143\061\035\060
-\033\006\003\125\004\013\023\024\122\123\101\040\123\145\143\165
-\162\151\164\171\040\061\060\062\064\040\126\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\013\000\000\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\134\060\202\001\305\240\003\002\001\002\002\020\012
-\001\001\001\000\000\002\174\000\000\000\013\000\000\000\002\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\072
-\061\031\060\027\006\003\125\004\012\023\020\122\123\101\040\123
-\145\143\165\162\151\164\171\040\111\156\143\061\035\060\033\006
-\003\125\004\013\023\024\122\123\101\040\123\145\143\165\162\151
-\164\171\040\061\060\062\064\040\126\063\060\036\027\015\060\061
-\060\062\062\062\062\061\060\061\064\071\132\027\015\062\066\060
-\062\062\062\062\060\060\061\064\071\132\060\072\061\031\060\027
-\006\003\125\004\012\023\020\122\123\101\040\123\145\143\165\162
-\151\164\171\040\111\156\143\061\035\060\033\006\003\125\004\013
-\023\024\122\123\101\040\123\145\143\165\162\151\164\171\040\061
-\060\062\064\040\126\063\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\325\335\376\146\011\317\044\074\076\256\201\116\116
-\212\304\151\200\133\131\073\337\271\115\114\312\265\055\303\047
-\055\074\257\000\102\155\274\050\246\226\317\177\327\130\254\203
-\012\243\125\265\173\027\220\025\204\114\212\356\046\231\334\130
-\357\307\070\246\252\257\320\216\102\310\142\327\253\254\251\373
-\112\175\277\352\376\022\115\335\377\046\055\157\066\124\150\310
-\322\204\126\356\222\123\141\011\263\077\071\233\250\311\233\275
-\316\237\176\324\031\152\026\051\030\276\327\072\151\334\045\133
-\063\032\121\002\003\001\000\001\243\143\060\141\060\017\006\003
-\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006
-\003\125\035\017\001\001\377\004\004\003\002\001\006\060\037\006
-\003\125\035\043\004\030\060\026\200\024\304\300\034\244\007\224
-\375\315\115\001\324\124\332\245\014\137\336\256\005\132\060\035
-\006\003\125\035\016\004\026\004\024\304\300\034\244\007\224\375
-\315\115\001\324\124\332\245\014\137\336\256\005\132\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000
-\077\055\152\343\046\103\225\175\211\227\145\373\165\344\162\035
-\106\127\304\141\153\151\237\022\233\054\325\132\350\300\242\360
-\103\225\343\037\351\166\315\334\353\274\223\240\145\012\307\115
-\117\137\247\257\242\106\024\271\014\363\314\275\152\156\267\235
-\336\045\102\320\124\377\236\150\163\143\334\044\353\042\277\250
-\162\362\136\000\341\015\116\072\103\156\231\116\077\211\170\003
-\230\312\363\125\314\235\256\216\301\252\105\230\372\217\032\240
-\215\210\043\361\025\101\015\245\106\076\221\077\213\353\367\161
-END
-
-# Trust for Certificate "RSA Security 1024 v3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "RSA Security 1024 v3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\074\273\135\340\374\326\071\174\005\210\345\146\227\275\106\052
-\275\371\134\166
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\072\345\120\260\071\276\307\106\066\063\241\376\202\076\215\224
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GeoTrust Global CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GeoTrust Global CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
-\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
-\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
-\154\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162\165
-\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004\003
-\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142\141
-\154\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\064\126
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\124\060\202\002\074\240\003\002\001\002\002\003\002
-\064\126\060\015\006\011\052\206\110\206\367\015\001\001\005\005
-\000\060\102\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\026\060\024\006\003\125\004\012\023\015\107\145\157\124\162
-\165\163\164\040\111\156\143\056\061\033\060\031\006\003\125\004
-\003\023\022\107\145\157\124\162\165\163\164\040\107\154\157\142
-\141\154\040\103\101\060\036\027\015\060\062\060\065\062\061\060
-\064\060\060\060\060\132\027\015\062\062\060\065\062\061\060\064
-\060\060\060\060\132\060\102\061\013\060\011\006\003\125\004\006
-\023\002\125\123\061\026\060\024\006\003\125\004\012\023\015\107
-\145\157\124\162\165\163\164\040\111\156\143\056\061\033\060\031
-\006\003\125\004\003\023\022\107\145\157\124\162\165\163\164\040
-\107\154\157\142\141\154\040\103\101\060\202\001\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
-\000\060\202\001\012\002\202\001\001\000\332\314\030\143\060\375
-\364\027\043\032\126\176\133\337\074\154\070\344\161\267\170\221
-\324\274\241\330\114\370\250\103\266\003\351\115\041\007\010\210
-\332\130\057\146\071\051\275\005\170\213\235\070\350\005\267\152
-\176\161\244\346\304\140\246\260\357\200\344\211\050\017\236\045
-\326\355\203\363\255\246\221\307\230\311\102\030\065\024\235\255
-\230\106\222\056\117\312\361\207\103\301\026\225\127\055\120\357
-\211\055\200\172\127\255\362\356\137\153\322\000\215\271\024\370
-\024\025\065\331\300\106\243\173\162\310\221\277\311\125\053\315
-\320\227\076\234\046\144\314\337\316\203\031\161\312\116\346\324
-\325\173\251\031\315\125\336\310\354\322\136\070\123\345\134\117
-\214\055\376\120\043\066\374\146\346\313\216\244\071\031\000\267
-\225\002\071\221\013\016\376\070\056\321\035\005\232\366\115\076
-\157\017\007\035\257\054\036\217\140\071\342\372\066\123\023\071
-\324\136\046\053\333\075\250\024\275\062\353\030\003\050\122\004
-\161\345\253\063\075\341\070\273\007\066\204\142\234\171\352\026
-\060\364\137\300\053\350\161\153\344\371\002\003\001\000\001\243
-\123\060\121\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\300
-\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145\270
-\312\314\116\060\037\006\003\125\035\043\004\030\060\026\200\024
-\300\172\230\150\215\211\373\253\005\144\014\021\175\252\175\145
-\270\312\314\116\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\001\001\000\065\343\051\152\345\057\135\124
-\216\051\120\224\237\231\032\024\344\217\170\052\142\224\242\047
-\147\236\320\317\032\136\107\351\301\262\244\317\335\101\032\005
-\116\233\113\356\112\157\125\122\263\044\241\067\012\353\144\166
-\052\056\054\363\375\073\165\220\277\372\161\330\307\075\067\322
-\265\005\225\142\271\246\336\211\075\066\173\070\167\110\227\254
-\246\040\217\056\246\311\014\302\262\231\105\000\307\316\021\121
-\042\042\340\245\352\266\025\110\011\144\352\136\117\164\367\005
-\076\307\212\122\014\333\025\264\275\155\233\345\306\261\124\150
-\251\343\151\220\266\232\245\017\270\271\077\040\175\256\112\265
-\270\234\344\035\266\253\346\224\245\301\307\203\255\333\365\047
-\207\016\004\154\325\377\335\240\135\355\207\122\267\053\025\002
-\256\071\246\152\164\351\332\304\347\274\115\064\036\251\134\115
-\063\137\222\011\057\210\146\135\167\227\307\035\166\023\251\325
-\345\361\026\011\021\065\325\254\333\044\161\160\054\230\126\013
-\331\027\264\321\343\121\053\136\165\350\325\320\334\117\064\355
-\302\005\146\200\241\313\346\063
-END
-
-# Trust for Certificate "GeoTrust Global CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GeoTrust Global CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\336\050\364\244\377\345\271\057\243\305\003\321\243\111\247\371
-\226\052\202\022
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\367\165\253\051\373\121\116\267\167\136\377\005\074\231\216\365
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "UTN-USER First-Network Applications"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "UTN-USER First-Network Applications"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
-\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
-\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
-\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
-\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
-\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
-\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125
-\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163
-\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143
-\141\164\151\157\156\163
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\243\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\125\124\061\027\060
-\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
-\145\040\103\151\164\171\061\036\060\034\006\003\125\004\012\023
-\025\124\150\145\040\125\123\105\122\124\122\125\123\124\040\116
-\145\164\167\157\162\153\061\041\060\037\006\003\125\004\013\023
-\030\150\164\164\160\072\057\057\167\167\167\056\165\163\145\162
-\164\162\165\163\164\056\143\157\155\061\053\060\051\006\003\125
-\004\003\023\042\125\124\116\055\125\123\105\122\106\151\162\163
-\164\055\116\145\164\167\157\162\153\040\101\160\160\154\151\143
-\141\164\151\157\156\163
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\104\276\014\213\120\000\044\264\021\323\066\060\113\300\063\167
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\144\060\202\003\114\240\003\002\001\002\002\020\104
-\276\014\213\120\000\044\264\021\323\066\060\113\300\063\167\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
-\243\061\013\060\011\006\003\125\004\006\023\002\125\123\061\013
-\060\011\006\003\125\004\010\023\002\125\124\061\027\060\025\006
-\003\125\004\007\023\016\123\141\154\164\040\114\141\153\145\040
-\103\151\164\171\061\036\060\034\006\003\125\004\012\023\025\124
-\150\145\040\125\123\105\122\124\122\125\123\124\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\013\023\030\150
-\164\164\160\072\057\057\167\167\167\056\165\163\145\162\164\162
-\165\163\164\056\143\157\155\061\053\060\051\006\003\125\004\003
-\023\042\125\124\116\055\125\123\105\122\106\151\162\163\164\055
-\116\145\164\167\157\162\153\040\101\160\160\154\151\143\141\164
-\151\157\156\163\060\036\027\015\071\071\060\067\060\071\061\070
-\064\070\063\071\132\027\015\061\071\060\067\060\071\061\070\065
-\067\064\071\132\060\201\243\061\013\060\011\006\003\125\004\006
-\023\002\125\123\061\013\060\011\006\003\125\004\010\023\002\125
-\124\061\027\060\025\006\003\125\004\007\023\016\123\141\154\164
-\040\114\141\153\145\040\103\151\164\171\061\036\060\034\006\003
-\125\004\012\023\025\124\150\145\040\125\123\105\122\124\122\125
-\123\124\040\116\145\164\167\157\162\153\061\041\060\037\006\003
-\125\004\013\023\030\150\164\164\160\072\057\057\167\167\167\056
-\165\163\145\162\164\162\165\163\164\056\143\157\155\061\053\060
-\051\006\003\125\004\003\023\042\125\124\116\055\125\123\105\122
-\106\151\162\163\164\055\116\145\164\167\157\162\153\040\101\160
-\160\154\151\143\141\164\151\157\156\163\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\263\373\221\241\344
-\066\125\205\254\006\064\133\240\232\130\262\370\265\017\005\167
-\203\256\062\261\166\222\150\354\043\112\311\166\077\343\234\266
-\067\171\003\271\253\151\215\007\045\266\031\147\344\260\033\030
-\163\141\112\350\176\315\323\057\144\343\246\174\014\372\027\200
-\243\015\107\211\117\121\161\057\356\374\077\371\270\026\200\207
-\211\223\045\040\232\103\202\151\044\166\050\131\065\241\035\300
-\177\203\006\144\026\040\054\323\111\244\205\264\300\141\177\121
-\010\370\150\025\221\200\313\245\325\356\073\072\364\204\004\136
-\140\131\247\214\064\162\356\270\170\305\321\073\022\112\157\176
-\145\047\271\244\125\305\271\157\103\244\305\035\054\231\300\122
-\244\170\114\025\263\100\230\010\153\103\306\001\260\172\173\365
-\153\034\042\077\313\357\377\250\320\072\113\166\025\236\322\321
-\306\056\343\333\127\033\062\242\270\157\350\206\246\077\160\253
-\345\160\222\253\104\036\100\120\373\234\243\142\344\154\156\240
-\310\336\342\200\102\372\351\057\350\316\062\004\217\174\215\267
-\034\243\065\074\025\335\236\303\256\227\245\002\003\001\000\001
-\243\201\221\060\201\216\060\013\006\003\125\035\017\004\004\003
-\002\001\306\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\035\006\003\125\035\016\004\026\004\024\372
-\206\311\333\340\272\351\170\365\113\250\326\025\337\360\323\341
-\152\024\074\060\117\006\003\125\035\037\004\110\060\106\060\104
-\240\102\240\100\206\076\150\164\164\160\072\057\057\143\162\154
-\056\165\163\145\162\164\162\165\163\164\056\143\157\155\057\125
-\124\116\055\125\123\105\122\106\151\162\163\164\055\116\145\164
-\167\157\162\153\101\160\160\154\151\143\141\164\151\157\156\163
-\056\143\162\154\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\001\001\000\244\363\045\314\321\324\221\203
-\042\320\314\062\253\233\226\116\064\221\124\040\045\064\141\137
-\052\002\025\341\213\252\377\175\144\121\317\012\377\274\175\330
-\041\152\170\313\057\121\157\370\102\035\063\275\353\265\173\224
-\303\303\251\240\055\337\321\051\037\035\376\217\077\273\250\105
-\052\177\321\156\125\044\342\273\002\373\061\077\276\350\274\354
-\100\053\370\001\324\126\070\344\312\104\202\265\141\040\041\147
-\145\366\360\013\347\064\370\245\302\234\243\134\100\037\205\223
-\225\006\336\117\324\047\251\266\245\374\026\315\163\061\077\270
-\145\047\317\324\123\032\360\254\156\237\117\005\014\003\201\247
-\204\051\304\132\275\144\127\162\255\073\317\067\030\246\230\306
-\255\006\264\334\010\243\004\325\051\244\226\232\022\147\112\214
-\140\105\235\361\043\232\260\000\234\150\265\230\120\323\357\216
-\056\222\145\261\110\076\041\276\025\060\052\015\265\014\243\153
-\077\256\177\127\365\037\226\174\337\157\335\202\060\054\145\033
-\100\112\315\150\271\162\354\161\166\354\124\216\037\205\014\001
-\152\372\246\070\254\037\304\204
-END
-
-# Trust for Certificate "UTN-USER First-Network Applications"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "UTN-USER First-Network Applications"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\135\230\234\333\025\226\021\066\121\145\144\033\126\017\333\352
-\052\302\076\361
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\277\140\131\243\133\272\366\247\166\102\332\157\032\173\120\317
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
diff --git a/security/nss/lib/ckfw/builtins/config.mk b/security/nss/lib/ckfw/builtins/config.mk
deleted file mode 100644
index cccc96eb8..000000000
--- a/security/nss/lib/ckfw/builtins/config.mk
+++ /dev/null
@@ -1,58 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-#
-#  Override TARGETS variable so that only shared libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(SHARED_LIBRARY)
-LIBRARY        =
-IMPORT_LIBRARY =
-PROGRAM        =
-
-ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET)))
-    SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-endif
-
-ifdef BUILD_IDG
-    DEFINES += -DNSSDEBUG
-endif
-
-#
-# To create a loadable module on Darwin, we must use -bundle.
-#
-ifeq ($(OS_TARGET),Darwin)
-DSO_LDOPTS := $(subst -dynamiclib,-bundle,$(DSO_LDOPTS))
-endif
diff --git a/security/nss/lib/ckfw/builtins/constants.c b/security/nss/lib/ckfw/builtins/constants.c
deleted file mode 100644
index 1491dc940..000000000
--- a/security/nss/lib/ckfw/builtins/constants.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * builtins/constants.c
- *
- * Identification and other constants, all collected here in one place.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_CryptokiVersion = { 2, 1 };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_ManufacturerID = (NSSUTF8 *) "Netscape Communications Corp.";
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_LibraryDescription = (NSSUTF8 *) "NSS Builtin Object Cryptoki Module";
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_LibraryVersion = { 1, 0 };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_SlotDescription = (NSSUTF8 *) "";
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_HardwareVersion = { 1, 0 };
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_FirmwareVersion = { 1, 0 };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenLabel = (NSSUTF8 *) "Builtin Object Token";
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenModel = (NSSUTF8 *) "1";
-
-/* should this be e.g. the certdata.txt RCS revision number? */
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenSerialNumber = (NSSUTF8 *) "1";
-
diff --git a/security/nss/lib/ckfw/builtins/manifest.mn b/security/nss/lib/ckfw/builtins/manifest.mn
deleted file mode 100644
index cc71a7194..000000000
--- a/security/nss/lib/ckfw/builtins/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../../..
-
-MODULE = security
-
-CSRCS =			\
-	anchor.c	\
-	constants.c	\
-	bfind.c		\
-	binst.c	\
-	bobject.c	\
-	bsession.c	\
-	bslot.c		\
-	btoken.c	\
-	certdata.c	\
-	$(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssckbi
-
-#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/ck.api b/security/nss/lib/ckfw/ck.api
deleted file mode 100644
index 6bae20fd3..000000000
--- a/security/nss/lib/ckfw/ck.api
+++ /dev/null
@@ -1,571 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# This file is in part derived from a file "pkcs11f.h" made available
-# by RSA Security at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/pkcs11f.h
-
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-# Fields
-#  FUNCTION introduces a Cryptoki function
-#  CK_type specifies and introduces an argument
-#
-
-# General-purpose
-
-# C_Initialize initializes the Cryptoki library.
-FUNCTION C_Initialize
-CK_VOID_PTR pInitArgs   # if this is not NULL_PTR, it gets
-                        # cast to CK_C_INITIALIZE_ARGS_PTR
-                        # and dereferenced
-
-# C_Finalize indicates that an application is done with the
-# Cryptoki library.
-FUNCTION C_Finalize
-CK_VOID_PTR pReserved   # reserved.  Should be NULL_PTR
-
-# C_GetInfo returns general information about Cryptoki. 
-FUNCTION C_GetInfo
-CK_INFO_PTR pInfo       # location that receives information
-
-# C_GetFunctionList returns the function list. 
-FUNCTION C_GetFunctionList
-CK_FUNCTION_LIST_PTR_PTR ppFunctionList # receives pointer to function 
-                                        # list
-
-
-# Slot and token management 
-
-# C_GetSlotList obtains a list of slots in the system. 
-FUNCTION C_GetSlotList
-CK_BBOOL       tokenPresent # only slots with tokens? 
-CK_SLOT_ID_PTR pSlotList    # receives array of slot IDs 
-CK_ULONG_PTR   pulCount     # receives number of slots 
-
-# C_GetSlotInfo obtains information about a particular slot in the 
-# system.
-FUNCTION C_GetSlotInfo
-CK_SLOT_ID       slotID     # the ID of the slot 
-CK_SLOT_INFO_PTR pInfo      # receives the slot information 
-
-# C_GetTokenInfo obtains information about a particular token in the 
-# system. 
-FUNCTION C_GetTokenInfo
-CK_SLOT_ID        slotID    # ID of the token's slot 
-CK_TOKEN_INFO_PTR pInfo     # receives the token information 
-
-# C_GetMechanismList obtains a list of mechanism types supported by a 
-# token. 
-FUNCTION C_GetMechanismList
-CK_SLOT_ID            slotID            # ID of token's slot 
-CK_MECHANISM_TYPE_PTR pMechanismList    # gets mech. array 
-CK_ULONG_PTR          pulCount          # gets # of mechs. 
-
-# C_GetMechanismInfo obtains information about a particular mechanism 
-# possibly supported by a token. 
-FUNCTION C_GetMechanismInfo
-CK_SLOT_ID            slotID    # ID of the token's slot 
-CK_MECHANISM_TYPE     type      # type of mechanism 
-CK_MECHANISM_INFO_PTR pInfo     # receives mechanism info 
-
-# C_InitToken initializes a token. 
-FUNCTION C_InitToken
-CK_SLOT_ID  slotID      # ID of the token's slot 
-CK_CHAR_PTR pPin        # the SO's initial PIN 
-CK_ULONG    ulPinLen    # length in bytes of the PIN 
-CK_CHAR_PTR pLabel      # 32-byte token label (blank padded) 
-
-# C_InitPIN initializes the normal user's PIN. 
-FUNCTION C_InitPIN
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_CHAR_PTR       pPin      # the normal user's PIN 
-CK_ULONG          ulPinLen  # length in bytes of the PIN 
-
-# C_SetPIN modifies the PIN of the user who is logged in. 
-FUNCTION C_SetPIN
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_CHAR_PTR       pOldPin   # the old PIN 
-CK_ULONG          ulOldLen  # length of the old PIN 
-CK_CHAR_PTR       pNewPin   # the new PIN 
-CK_ULONG          ulNewLen  # length of the new PIN 
-
-
-# Session management 
-
-# C_OpenSession opens a session between an application and a token. 
-FUNCTION C_OpenSession
-CK_SLOT_ID            slotID        # the slot's ID 
-CK_FLAGS              flags         # from CK_SESSION_INFO 
-CK_VOID_PTR           pApplication  # passed to callback 
-CK_NOTIFY             Notify        # callback function 
-CK_SESSION_HANDLE_PTR phSession     # gets session handle 
-
-# C_CloseSession closes a session between an application and a token. 
-FUNCTION C_CloseSession
-CK_SESSION_HANDLE hSession  # the session's handle 
-
-# C_CloseAllSessions closes all sessions with a token. 
-FUNCTION C_CloseAllSessions
-CK_SLOT_ID slotID   # the token's slot 
-
-# C_GetSessionInfo obtains information about the session. 
-FUNCTION C_GetSessionInfo
-CK_SESSION_HANDLE   hSession    # the session's handle 
-CK_SESSION_INFO_PTR pInfo       # receives session info 
-
-# C_GetOperationState obtains the state of the cryptographic 
-# operation in a session. 
-FUNCTION C_GetOperationState
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pOperationState       # gets state 
-CK_ULONG_PTR      pulOperationStateLen  # gets state length 
-
-# C_SetOperationState restores the state of the cryptographic 
-# operation in a session. 
-FUNCTION C_SetOperationState
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR      pOperationState        # holds state 
-CK_ULONG         ulOperationStateLen    # holds state length 
-CK_OBJECT_HANDLE hEncryptionKey         # en/decryption key 
-CK_OBJECT_HANDLE hAuthenticationKey     # sign/verify key 
-
-# C_Login logs a user into a token. 
-FUNCTION C_Login
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_USER_TYPE      userType  # the user type 
-CK_CHAR_PTR       pPin      # the user's PIN 
-CK_ULONG          ulPinLen  # the length of the PIN 
-
-# C_Logout logs a user out from a token. 
-FUNCTION C_Logout
-CK_SESSION_HANDLE hSession  # the session's handle 
-
-
-# Object management 
-
-# C_CreateObject creates a new object. 
-FUNCTION C_CreateObject
-CK_SESSION_HANDLE    hSession   # the session's handle 
-CK_ATTRIBUTE_PTR     pTemplate  # the object's template 
-CK_ULONG             ulCount    # attributes in template 
-CK_OBJECT_HANDLE_PTR phObject   # gets new object's handle. 
-
-# C_CopyObject copies an object, creating a new object for the copy.
-FUNCTION C_CopyObject
-CK_SESSION_HANDLE    hSession       # the session's handle 
-CK_OBJECT_HANDLE     hObject        # the object's handle 
-CK_ATTRIBUTE_PTR     pTemplate      # template for new object 
-CK_ULONG             ulCount        # attributes in template 
-CK_OBJECT_HANDLE_PTR phNewObject    # receives handle of copy 
-
-# C_DestroyObject destroys an object. 
-FUNCTION C_DestroyObject
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_OBJECT_HANDLE  hObject   # the object's handle 
-
-# C_GetObjectSize gets the size of an object in bytes. 
-FUNCTION C_GetObjectSize
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_OBJECT_HANDLE  hObject   # the object's handle 
-CK_ULONG_PTR      pulSize   # receives size of object 
-
-# C_GetAttributeValue obtains the value of one or more object 
-# attributes. 
-FUNCTION C_GetAttributeValue
-CK_SESSION_HANDLE hSession    # the session's handle 
-CK_OBJECT_HANDLE  hObject     # the object's handle 
-CK_ATTRIBUTE_PTR  pTemplate   # specifies attrs; gets vals 
-CK_ULONG          ulCount     # attributes in template 
-
-# C_SetAttributeValue modifies the value of one or more object 
-# attributes 
-FUNCTION C_SetAttributeValue
-CK_SESSION_HANDLE hSession    # the session's handle 
-CK_OBJECT_HANDLE  hObject     # the object's handle 
-CK_ATTRIBUTE_PTR  pTemplate   # specifies attrs and values 
-CK_ULONG          ulCount     # attributes in template 
-
-# C_FindObjectsInit initializes a search for token and session 
-# objects that match a template. 
-FUNCTION C_FindObjectsInit
-CK_SESSION_HANDLE hSession    # the session's handle 
-CK_ATTRIBUTE_PTR  pTemplate   # attribute values to match 
-CK_ULONG          ulCount     # attrs in search template 
-
-# C_FindObjects continues a search for token and session objects that 
-# match a template, obtaining additional object handles. 
-FUNCTION C_FindObjects
-CK_SESSION_HANDLE    hSession           # session's handle 
-CK_OBJECT_HANDLE_PTR phObject           # gets obj. handles 
-CK_ULONG             ulMaxObjectCount   # max handles to get 
-CK_ULONG_PTR         pulObjectCount     # actual # returned 
-
-# C_FindObjectsFinal finishes a search for token and session objects. 
-FUNCTION C_FindObjectsFinal
-CK_SESSION_HANDLE hSession  # the session's handle 
-
-
-# Encryption and decryption 
-
-# C_EncryptInit initializes an encryption operation. 
-FUNCTION C_EncryptInit
-CK_SESSION_HANDLE hSession    # the session's handle 
-CK_MECHANISM_PTR  pMechanism  # the encryption mechanism 
-CK_OBJECT_HANDLE  hKey        # handle of encryption key 
-
-# C_Encrypt encrypts single-part data. 
-FUNCTION C_Encrypt
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pData                 # the plaintext data 
-CK_ULONG          ulDataLen             # bytes of plaintext 
-CK_BYTE_PTR       pEncryptedData        # gets ciphertext 
-CK_ULONG_PTR      pulEncryptedDataLen   # gets c-text size 
-
-# C_EncryptUpdate continues a multiple-part encryption operation. 
-FUNCTION C_EncryptUpdate
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pPart                 # the plaintext data 
-CK_ULONG          ulPartLen             # plaintext data len 
-CK_BYTE_PTR       pEncryptedPart        # gets ciphertext 
-CK_ULONG_PTR      pulEncryptedPartLen   # gets c-text size 
-
-# C_EncryptFinal finishes a multiple-part encryption operation. 
-FUNCTION C_EncryptFinal
-CK_SESSION_HANDLE hSession                  # session handle 
-CK_BYTE_PTR       pLastEncryptedPart        # last c-text 
-CK_ULONG_PTR      pulLastEncryptedPartLen   # gets last size 
-
-# C_DecryptInit initializes a decryption operation. 
-FUNCTION C_DecryptInit
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_MECHANISM_PTR  pMechanism    # the decryption mechanism 
-CK_OBJECT_HANDLE  hKey          # handle of decryption key 
-
-# C_Decrypt decrypts encrypted data in a single part. 
-FUNCTION C_Decrypt
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pEncryptedData        # ciphertext 
-CK_ULONG          ulEncryptedDataLen    # ciphertext length 
-CK_BYTE_PTR       pData                 # gets plaintext 
-CK_ULONG_PTR      pulDataLen            # gets p-text size 
-
-# C_DecryptUpdate continues a multiple-part decryption operation. 
-FUNCTION C_DecryptUpdate
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pEncryptedPart        # encrypted data 
-CK_ULONG          ulEncryptedPartLen    # input length 
-CK_BYTE_PTR       pPart                 # gets plaintext 
-CK_ULONG_PTR      pulPartLen            # p-text size 
-
-# C_DecryptFinal finishes a multiple-part decryption operation. 
-FUNCTION C_DecryptFinal
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pLastPart         # gets plaintext 
-CK_ULONG_PTR      pulLastPartLen    # p-text size 
-
-
-# Message digesting 
-
-# C_DigestInit initializes a message-digesting operation. 
-FUNCTION C_DigestInit
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_MECHANISM_PTR  pMechanism    # the digesting mechanism 
-
-# C_Digest digests data in a single part. 
-FUNCTION C_Digest
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_BYTE_PTR       pData         # data to be digested 
-CK_ULONG          ulDataLen     # bytes of data to digest 
-CK_BYTE_PTR       pDigest       # gets the message digest 
-CK_ULONG_PTR      pulDigestLen  # gets digest length 
-
-# C_DigestUpdate continues a multiple-part message-digesting operation.
-FUNCTION C_DigestUpdate
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_BYTE_PTR       pPart     # data to be digested 
-CK_ULONG          ulPartLen # bytes of data to be digested 
-
-# C_DigestKey continues a multi-part message-digesting operation, by 
-# digesting the value of a secret key as part of the data already 
-# digested. 
-FUNCTION C_DigestKey
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_OBJECT_HANDLE  hKey      # secret key to digest 
-
-# C_DigestFinal finishes a multiple-part message-digesting operation. 
-FUNCTION C_DigestFinal
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_BYTE_PTR       pDigest       # gets the message digest 
-CK_ULONG_PTR      pulDigestLen  # gets byte count of digest 
-
-
-# Signing and MACing 
-
-# C_SignInit initializes a signature (private key encryption) 
-# operation, where the signature is (will be) an appendix to the 
-# data, and plaintext cannot be recovered from the signature. 
-FUNCTION C_SignInit
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_MECHANISM_PTR  pMechanism    # the signature mechanism 
-CK_OBJECT_HANDLE  hKey          # handle of signature key 
-
-# C_Sign signs (encrypts with private key) data in a single part, 
-# where the signature is (will be) an appendix to the data, and 
-# plaintext cannot be recovered from the signature. 
-FUNCTION C_Sign
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pData             # the data to sign 
-CK_ULONG          ulDataLen         # count of bytes to sign 
-CK_BYTE_PTR       pSignature        # gets the signature 
-CK_ULONG_PTR      pulSignatureLen   # gets signature length 
-
-# C_SignUpdate continues a multiple-part signature operation, where 
-# the signature is (will be) an appendix to the data, and plaintext 
-# cannot be recovered from the signature. 
-FUNCTION C_SignUpdate
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_BYTE_PTR       pPart     # the data to sign 
-CK_ULONG          ulPartLen # count of bytes to sign 
-
-# C_SignFinal finishes a multiple-part signature operation, returning 
-# the signature. 
-FUNCTION C_SignFinal
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pSignature        # gets the signature 
-CK_ULONG_PTR      pulSignatureLen   # gets signature length 
-
-# C_SignRecoverInit initializes a signature operation, where the data 
-# can be recovered from the signature. 
-FUNCTION C_SignRecoverInit
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_MECHANISM_PTR  pMechanism    # the signature mechanism 
-CK_OBJECT_HANDLE  hKey          # handle of the signature key 
-
-# C_SignRecover signs data in a single operation, where the data can 
-# be recovered from the signature. 
-FUNCTION C_SignRecover
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pData             # the data to sign 
-CK_ULONG          ulDataLen         # count of bytes to sign 
-CK_BYTE_PTR       pSignature        # gets the signature 
-CK_ULONG_PTR      pulSignatureLen   # gets signature length 
-
-
-# Verifying signatures and MACs 
-
-# C_VerifyInit initializes a verification operation, where the 
-# signature is an appendix to the data, and plaintext cannot cannot 
-# be recovered from the signature (e.g. DSA). 
-FUNCTION C_VerifyInit
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_MECHANISM_PTR  pMechanism    # the verification mechanism 
-CK_OBJECT_HANDLE  hKey          # verification key  
-
-# C_Verify verifies a signature in a single-part operation, where the 
-# signature is an appendix to the data, and plaintext cannot be 
-# recovered from the signature. 
-FUNCTION C_Verify
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pData             # signed data 
-CK_ULONG          ulDataLen         # length of signed data 
-CK_BYTE_PTR       pSignature        # signature 
-CK_ULONG          ulSignatureLen    # signature length
-
-# C_VerifyUpdate continues a multiple-part verification operation, 
-# where the signature is an appendix to the data, and plaintext cannot be 
-# recovered from the signature. 
-FUNCTION C_VerifyUpdate
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_BYTE_PTR       pPart     # signed data 
-CK_ULONG          ulPartLen # length of signed data 
-
-# C_VerifyFinal finishes a multiple-part verification operation, 
-# checking the signature. 
-FUNCTION C_VerifyFinal
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pSignature        # signature to verify 
-CK_ULONG          ulSignatureLen    # signature length 
-
-# C_VerifyRecoverInit initializes a signature verification operation, 
-# where the data is recovered from the signature. 
-FUNCTION C_VerifyRecoverInit
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_MECHANISM_PTR  pMechanism    # the verification mechanism 
-CK_OBJECT_HANDLE  hKey          # verification key 
-
-# C_VerifyRecover verifies a signature in a single-part operation, 
-# where the data is recovered from the signature. 
-FUNCTION C_VerifyRecover
-CK_SESSION_HANDLE hSession          # the session's handle 
-CK_BYTE_PTR       pSignature        # signature to verify 
-CK_ULONG          ulSignatureLen    # signature length 
-CK_BYTE_PTR       pData             # gets signed data 
-CK_ULONG_PTR      pulDataLen        # gets signed data len 
-
-
-# Dual-function cryptographic operations 
-
-# C_DigestEncryptUpdate continues a multiple-part digesting and 
-# encryption operation. 
-FUNCTION C_DigestEncryptUpdate
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pPart                 # the plaintext data 
-CK_ULONG          ulPartLen             # plaintext length 
-CK_BYTE_PTR       pEncryptedPart        # gets ciphertext 
-CK_ULONG_PTR      pulEncryptedPartLen   # gets c-text length 
-
-# C_DecryptDigestUpdate continues a multiple-part decryption and 
-# digesting operation. 
-FUNCTION C_DecryptDigestUpdate
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pEncryptedPart        # ciphertext 
-CK_ULONG          ulEncryptedPartLen    # ciphertext length 
-CK_BYTE_PTR       pPart                 # gets plaintext 
-CK_ULONG_PTR      pulPartLen            # gets plaintext len 
-
-# C_SignEncryptUpdate continues a multiple-part signing and 
-# encryption operation. 
-FUNCTION C_SignEncryptUpdate
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pPart                 # the plaintext data 
-CK_ULONG          ulPartLen             # plaintext length 
-CK_BYTE_PTR       pEncryptedPart        # gets ciphertext 
-CK_ULONG_PTR      pulEncryptedPartLen   # gets c-text length 
-
-# C_DecryptVerifyUpdate continues a multiple-part decryption and 
-# verify operation. 
-FUNCTION C_DecryptVerifyUpdate
-CK_SESSION_HANDLE hSession              # session's handle 
-CK_BYTE_PTR       pEncryptedPart        # ciphertext 
-CK_ULONG          ulEncryptedPartLen    # ciphertext length 
-CK_BYTE_PTR       pPart                 # gets plaintext 
-CK_ULONG_PTR      pulPartLen            # gets p-text length 
-
-
-# Key management 
-
-# C_GenerateKey generates a secret key, creating a new key object. 
-FUNCTION C_GenerateKey
-CK_SESSION_HANDLE    hSession   # the session's handle 
-CK_MECHANISM_PTR     pMechanism # key generation mech. 
-CK_ATTRIBUTE_PTR     pTemplate  # template for new key 
-CK_ULONG             ulCount    # # of attrs in template 
-CK_OBJECT_HANDLE_PTR phKey      # gets handle of new key 
-
-# C_GenerateKeyPair generates a public-key/private-key pair, creating 
-# new key objects. 
-FUNCTION C_GenerateKeyPair
-CK_SESSION_HANDLE    hSession                   # session handle
-CK_MECHANISM_PTR     pMechanism                 # key-gen mech.
-CK_ATTRIBUTE_PTR     pPublicKeyTemplate         # template for pub. key
-CK_ULONG             ulPublicKeyAttributeCount  # # pub. attrs.
-CK_ATTRIBUTE_PTR     pPrivateKeyTemplate        # template for priv. key
-CK_ULONG             ulPrivateKeyAttributeCount # # priv. attrs.
-CK_OBJECT_HANDLE_PTR phPublicKey                # gets pub. key handle
-CK_OBJECT_HANDLE_PTR phPrivateKey               # gets priv. key handle
-
-# C_WrapKey wraps (i.e., encrypts) a key. 
-FUNCTION C_WrapKey
-CK_SESSION_HANDLE hSession         # the session's handle 
-CK_MECHANISM_PTR  pMechanism       # the wrapping mechanism 
-CK_OBJECT_HANDLE  hWrappingKey     # wrapping key 
-CK_OBJECT_HANDLE  hKey             # key to be wrapped 
-CK_BYTE_PTR       pWrappedKey      # gets wrapped key 
-CK_ULONG_PTR      pulWrappedKeyLen # gets wrapped key size 
-
-# C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key 
-# object. 
-FUNCTION C_UnwrapKey
-CK_SESSION_HANDLE    hSession           # session's handle 
-CK_MECHANISM_PTR     pMechanism         # unwrapping mech. 
-CK_OBJECT_HANDLE     hUnwrappingKey     # unwrapping key 
-CK_BYTE_PTR          pWrappedKey        # the wrapped key 
-CK_ULONG             ulWrappedKeyLen    # wrapped key len 
-CK_ATTRIBUTE_PTR     pTemplate          # new key template 
-CK_ULONG             ulAttributeCount   # template length 
-CK_OBJECT_HANDLE_PTR phKey              # gets new handle 
-
-# C_DeriveKey derives a key from a base key, creating a new key object.
-FUNCTION C_DeriveKey
-CK_SESSION_HANDLE    hSession           # session's handle 
-CK_MECHANISM_PTR     pMechanism         # key deriv. mech. 
-CK_OBJECT_HANDLE     hBaseKey           # base key 
-CK_ATTRIBUTE_PTR     pTemplate          # new key template 
-CK_ULONG             ulAttributeCount   # template length 
-CK_OBJECT_HANDLE_PTR phKey              # gets new handle 
-
-
-# Random number generation 
-
-# C_SeedRandom mixes additional seed material into the token's random 
-# number generator. 
-FUNCTION C_SeedRandom
-CK_SESSION_HANDLE hSession  # the session's handle 
-CK_BYTE_PTR       pSeed     # the seed material 
-CK_ULONG          ulSeedLen # length of seed material 
-
-# C_GenerateRandom generates random data. 
-FUNCTION C_GenerateRandom
-CK_SESSION_HANDLE hSession      # the session's handle 
-CK_BYTE_PTR       RandomData    # receives the random data 
-CK_ULONG          ulRandomLen   # # of bytes to generate 
-
-
-# Parallel function management 
-
-# C_GetFunctionStatus is a legacy function; it obtains an updated 
-# status of a function running in parallel with an application.
-FUNCTION C_GetFunctionStatus
-CK_SESSION_HANDLE hSession  # the session's handle 
-
-# C_CancelFunction is a legacy function; it cancels a function running 
-# in parallel. 
-FUNCTION C_CancelFunction
-CK_SESSION_HANDLE hSession  # the session's handle 
-
-
-# Functions added in for Cryptoki Version 2.01 or later 
-
-# C_WaitForSlotEvent waits for a slot event (token insertion, removal, 
-# etc.) to occur. 
-FUNCTION C_WaitForSlotEvent
-CK_FLAGS       flags    # blocking/nonblocking flag 
-CK_SLOT_ID_PTR pSlot    # location that receives the slot ID 
-CK_VOID_PTR    pRserved # reserved.  Should be NULL_PTR 
-
-## C_ConfigureSlot passes an installation-specified bytestring to a 
-## slot. 
-#FUNCTION C_ConfigureSlot
-#CK_SLOT_ID slotID      # the slot to configure 
-#CK_BYTE_PTR pConfig    # the configuration string 
-#CK_ULONG ulConfigLen   # length of the config string 
diff --git a/security/nss/lib/ckfw/ck.h b/security/nss/lib/ckfw/ck.h
deleted file mode 100644
index 04df10656..000000000
--- a/security/nss/lib/ckfw/ck.h
+++ /dev/null
@@ -1,121 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CK_H
-#define CK_H
-
-#ifdef DEBUG
-static const char CK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ck.h
- *
- * This header file consolidates all header files needed by the source
- * files implementing the NSS Cryptoki Framework.  This makes managing
- * the source files a bit easier.
- */
-
-/* Types */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFT_H
-#include "nssckft.h"
-#endif /* NSSCKFT_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-#ifndef CKFWTM_H
-#include "ckfwtm.h"
-#endif /* CKFWTM_H */
-
-/* Prototypes */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef NSSCKG_H
-#include "nssckg.h"
-#endif /* NSSCKG_H */
-
-#ifndef NSSCKFW_H
-#include "nssckfw.h"
-#endif /* NSSCKFW_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef CKFW_H
-#include "ckfw.h"
-#endif /* CKFW_H */
-
-#ifndef CKFWM_H
-#include "ckfwm.h"
-#endif /* CKFWM_H */
-
-#ifndef CKMD_H
-#include "ckmd.h"
-#endif /* CKMD_H */
-
-/* NSS-private */
-
-/* nss_ZNEW and the like.  We might want to publish the memory APIs.. */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#endif /* CK_H */
diff --git a/security/nss/lib/ckfw/ckapi.perl b/security/nss/lib/ckfw/ckapi.perl
deleted file mode 100644
index 09dfc9199..000000000
--- a/security/nss/lib/ckfw/ckapi.perl
+++ /dev/null
@@ -1,512 +0,0 @@
-#!perl
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-$cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-
-$copyright = '/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-';
-
-$count = -1;
-$i = 0;
-
-open(INPUT, "<$ARGV[0]") || die "Can't open $ARGV[0]: $!";
-
-while(<INPUT>) {
-  s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
-  next if (/^\s*$/);
-
-#  print;
-
-  /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
-  $name = $1;
-  $value = $2;
-
-  if( ($name =~ "FUNCTION") && !($name =~ "CK_FUNCTION") ) {
-    $count++;
-    $x[$count]{name} = $value;
-    $i = 0;
-  } else {
-    if( $count < 0 ) {
-      $value =~ s/"//g;
-      $g{$name} = $value;
-    } else {
-      $x[$count]{args}[$i]{type} = $name;
-      $x[$count]{args}[$i]{name} = $value;
-      $i++;
-      $x[$count]{nargs} = $i; # rewritten each time, oh well
-    }
-  }
-}
-
-close INPUT;
-
-# dodump();
-doprint();
-
-sub dodump {
-  for( $j = 0; $j <= $count; $j++ ) {
-    print "CK_RV CK_ENTRY $x[$j]{name}\n";
-    for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-      print "  $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
-      if( $i == ($x[$j]{nargs} - 1) ) {
-        print "\n";
-      } else {
-        print ",\n";
-      }
-    }
-  }
-}
-
-sub doprint {
-open(PROTOTYPE, ">nssckg.h") || die "Can't open nssckg.h: $!";
-open(TYPEDEF, ">nssckft.h") || die "Can't open nssckft.h: $!";
-open(EPV, ">nssckepv.h") || die "Can't open nssckepv.h: $!";
-open(API, ">nssck.api") || die "Can't open nssck.api: $!";
-
-select PROTOTYPE;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKG_H
-#define NSSCKG_H
-
-#ifdef DEBUG
-static const char NSSCKG_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckg.h
- *
- * This automatically-generated header file prototypes the Cryptoki
- * functions specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-EOD
-    ;
-
-for( $j = 0; $j <= $count; $j++ ) {
-  print "CK_RV CK_ENTRY $x[$j]{name}\n";
-  print "(\n";
-  for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-    print "  $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
-    if( $i == ($x[$j]{nargs} - 1) ) {
-      print "\n";
-    } else {
-      print ",\n";
-    }
-  }
-  print ");\n\n";
-}
-
-print <<EOD
-#endif /* NSSCKG_H */
-EOD
-    ;
-
-select TYPEDEF;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKFT_H
-#define NSSCKFT_H
-
-#ifdef DEBUG
-static const char NSSCKFT_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckft.h
- *
- * The automatically-generated header file declares a typedef
- * each of the Cryptoki functions specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-EOD
-    ;
-
-for( $j = 0; $j <= $count; $j++ ) {
-#  print "typedef CK_RV (CK_ENTRY *CK_$x[$j]{name})(\n";
-  print "typedef CK_CALLBACK_FUNCTION(CK_RV, CK_$x[$j]{name})(\n";
-  for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-    print "  $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
-    if( $i == ($x[$j]{nargs} - 1) ) {
-      print "\n";
-    } else {
-      print ",\n";
-    }
-  }
-  print ");\n\n";
-}
-
-print <<EOD
-#endif /* NSSCKFT_H */
-EOD
-    ;
-
-select EPV;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKEPV_H
-#define NSSCKEPV_H
-
-#ifdef DEBUG
-static const char NSSCKEPV_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckepv.h
- *
- * This automatically-generated header file defines the type
- * CK_FUNCTION_LIST specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFT_H
-#include "nssckft.h"
-#endif /* NSSCKFT_H */
-
-#include "nssckp.h"
-
-struct CK_FUNCTION_LIST {
-  CK_VERSION version;
-EOD
-    ;
-
-for( $j = 0; $j <= $count; $j++ ) {
-  print "  CK_$x[$j]{name} $x[$j]{name};\n";
-}
-
-print <<EOD
-};
-
-#include "nsscku.h"
-
-#endif /* NSSCKEPV_H */
-EOD
-    ;
-
-select API;
-
-print $copyright;
-print <<EOD
-
-#ifdef DEBUG
-static const char NSSCKAPI_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssck.api
- *
- * This automatically-generated file is used to generate a set of
- * Cryptoki entry points within the object space of a Module using
- * the NSS Cryptoki Framework.
- *
- * The Module should have a .c file with the following:
- *
- *  #define MODULE_NAME name
- *  #define INSTANCE_NAME instance
- *  #include "nssck.api"
- *
- * where "name" is some module-specific name that can be used to
- * disambiguate various modules.  This included file will then
- * define the actual Cryptoki routines which pass through to the
- * Framework calls.  All routines, except C_GetFunctionList, will
- * be prefixed with the name; C_GetFunctionList will be generated
- * to return an entry-point vector with these routines.  The
- * instance specified should be the basic instance of NSSCKMDInstance.
- *
- * If, prior to including nssck.api, the .c file also specifies
- *
- *  #define DECLARE_STRICT_CRYTPOKI_NAMES
- *
- * Then a set of "stub" routines not prefixed with the name will
- * be included.  This would allow the combined module and framework
- * to be used in applications which are hard-coded to use the
- * PKCS#11 names (instead of going through the EPV).  Please note
- * that such applications should be careful resolving symbols when
- * more than one PKCS#11 module is loaded.
- */
-
-#ifndef MODULE_NAME
-#error "Error: MODULE_NAME must be defined."
-#endif /* MODULE_NAME */
-
-#ifndef INSTANCE_NAME
-#error "Error: INSTANCE_NAME must be defined."
-#endif /* INSTANCE_NAME */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#define ADJOIN(x,y) x##y
-
-#define __ADJOIN(x,y) ADJOIN(x,y)
-
-/*
- * The anchor.  This object is used to store an "anchor" pointer in
- * the Module's object space, so the wrapper functions can relate
- * back to this instance.
- */
-
-static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Initialize)
-(
-  CK_VOID_PTR pInitArgs
-)
-{
-  return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY 
-C_Initialize
-(
-  CK_VOID_PTR pInitArgs
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Finalize)
-(
-  CK_VOID_PTR pReserved
-)
-{
-  return NSSCKFWC_Finalize(&fwInstance);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Finalize
-(
-  CK_VOID_PTR pReserved
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetInfo)
-(
-  CK_INFO_PTR pInfo
-)
-{
-  return NSSCKFWC_GetInfo(fwInstance, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetInfo
-(
-  CK_INFO_PTR pInfo
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-/*
- * C_GetFunctionList is defined at the end.
- */
-
-EOD
-    ;
-
-for( $j = 4; $j <= $count; $j++ ) {
-  print "static CK_RV CK_ENTRY\n";
-  print "__ADJOIN(MODULE_NAME,$x[$j]{name})\n";
-  print "(\n";
-  for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-    print "  $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
-    if( $i == ($x[$j]{nargs} - 1) ) {
-      print "\n";
-    } else {
-      print ",\n";
-    }
-  }
-  print ")\n";
-  print "{\n";
-  print "  return NSSCKFW$x[$j]{name}(fwInstance, ";
-  for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-    print "$x[$j]{args}[$i]{name}";
-    if( $i == ($x[$j]{nargs} - 1) ) {
-      print ");\n";
-    } else {
-      print ", ";
-    }
-  }
-  print "}\n\n";
-
-  print "#ifdef DECLARE_STRICT_CRYPTOKI_NAMES\n";
-  print "CK_RV CK_ENTRY\n";
-  print "$x[$j]{name}\n";
-  print "(\n";
-  for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-    print "  $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
-    if( $i == ($x[$j]{nargs} - 1) ) {
-      print "\n";
-    } else {
-      print ",\n";
-    }
-  }
-  print ")\n";
-  print "{\n";
-  print "  return __ADJOIN(MODULE_NAME,$x[$j]{name})(";
-  for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
-    print "$x[$j]{args}[$i]{name}";
-    if( $i == ($x[$j]{nargs} - 1) ) {
-      print ");\n";
-    } else {
-      print ", ";
-    }
-  }
-  print "}\n";
-  print "#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */\n\n";
-}
-
-print <<EOD
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-);
-
-static CK_FUNCTION_LIST FunctionList = {
-  { 2, 1 },
-EOD
-    ;
-
-for( $j = 0; $j <= $count; $j++ ) {
-  print "__ADJOIN(MODULE_NAME,$x[$j]{name})";
-  if( $j < $count ) {
-    print ",\n";
-  } else {
-    print "\n};\n\n";
-  }
-}
-
-print <<EOD
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
-  *ppFunctionList = &FunctionList;
-  return CKR_OK;
-}
-
-/* This one is always present */
-#ifdef WIN32
-CK_RV _declspec(dllexport)
-#else
-CK_RV CK_ENTRY
-#endif
-C_GetFunctionList
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
-}
-
-#undef __ADJOIN
-
-EOD
-    ;
-
-select STDOUT;
-
-}
diff --git a/security/nss/lib/ckfw/ckfw.h b/security/nss/lib/ckfw/ckfw.h
deleted file mode 100644
index 2e83f8c35..000000000
--- a/security/nss/lib/ckfw/ckfw.h
+++ /dev/null
@@ -1,1858 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFW_H
-#define CKFW_H
-
-#ifdef DEBUG
-static const char CKFW_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfw.h
- *
- * This file prototypes the private calls of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-/*
- * NSSCKFWInstance
- *
- *  -- create/destroy --
- *  nssCKFWInstance_Create
- *  nssCKFWInstance_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWInstance_GetMDInstance
- *  nssCKFWInstance_GetArena
- *  nssCKFWInstance_MayCreatePthreads
- *  nssCKFWInstance_CreateMutex
- *  nssCKFWInstance_GetConfigurationData
- *
- *  -- private accessors --
- *  nssCKFWInstance_CreateSessionHandle
- *  nssCKFWInstance_ResolveSessionHandle
- *  nssCKFWInstance_DestroySessionHandle
- *  nssCKFWInstance_FindSessionHandle
- *  nssCKFWInstance_CreateObjectHandle
- *  nssCKFWInstance_ResolveObjectHandle
- *  nssCKFWInstance_DestroyObjectHandle
- *  nssCKFWInstance_FindObjectHandle
- *
- *  -- module fronts --
- *  nssCKFWInstance_GetNSlots
- *  nssCKFWInstance_GetCryptokiVersion
- *  nssCKFWInstance_GetManufacturerID
- *  nssCKFWInstance_GetFlags
- *  nssCKFWInstance_GetLibraryDescription
- *  nssCKFWInstance_GetLibraryVersion
- *  nssCKFWInstance_GetModuleHandlesSessionObjects
- *  nssCKFWInstance_GetSlots
- *  nssCKFWInstance_WaitForSlotEvent
- *
- *  -- debugging versions only --
- *  nssCKFWInstance_verifyPointer
- */
-
-/*
- * nssCKFWInstance_Create
- *
- */
-NSS_EXTERN NSSCKFWInstance *
-nssCKFWInstance_Create
-(
-  CK_C_INITIALIZE_ARGS_PTR pInitArgs,
-  NSSCKMDInstance *mdInstance,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_Destroy
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetMDInstance
- *
- */
-NSS_EXTERN NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWInstance_GetArena
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_MayCreatePthreads
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_CreateMutex
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_GetConfigurationData
- *
- */
-NSS_EXTERN NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_CreateSessionHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_ResolveSessionHandle
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWInstance_DestroySessionHandle
- *
- */
-NSS_EXTERN void
-nssCKFWInstance_DestroySessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWInstance_FindSessionHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWInstance_CreateObjectHandle
- *
- */
-NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_ResolveObjectHandle
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWInstance_ReassignObjectHandle
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_OBJECT_HANDLE hObject,
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_DestroyObjectHandle
- *
- */
-NSS_EXTERN void
-nssCKFWInstance_DestroyObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_GetNSlots
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetNSlots
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_GetCryptokiVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_GetManufacturerID
-(
-  NSSCKFWInstance *fwInstance,
-  CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWInstance_GetFlags
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetFlags
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetLibraryDescription
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
-  NSSCKFWInstance *fwInstance,
-  CK_CHAR libraryDescription[32]
-);
-
-/*
- * nssCKFWInstance_GetLibraryVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetSlots
- *
- */
-NSS_EXTERN NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_WaitForSlotEvent
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
-  NSSCKFWInstance *fwInstance,
-  CK_BBOOL block,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_verifyPointer
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_verifyPointer
-(
-  const NSSCKFWInstance *fwInstance
-);
-
-
-/*
- * NSSCKFWSlot
- *
- *  -- create/destroy --
- *  nssCKFWSlot_Create
- *  nssCKFWSlot_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWSlot_GetMDSlot
- *  nssCKFWSlot_GetFWInstance
- *  nssCKFWSlot_GetMDInstance
- *
- *  -- private accessors --
- *  nssCKFWSlot_GetSlotID
- *
- *  -- module fronts --
- *  nssCKFWSlot_GetSlotDescription
- *  nssCKFWSlot_GetManufacturerID
- *  nssCKFWSlot_GetTokenPresent
- *  nssCKFWSlot_GetRemovableDevice
- *  nssCKFWSlot_GetHardwareSlot
- *  nssCKFWSlot_GetHardwareVersion
- *  nssCKFWSlot_GetFirmwareVersion
- *  nssCKFWSlot_GetToken
- */
-
-/*
- * nssCKFWSlot_Create
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWSlot_Create
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKMDSlot *mdSlot,
-  CK_SLOT_ID slotID,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSlot_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_Destroy
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetMDSlot
- *
- */
-NSS_EXTERN NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetFWInstance
- *
- */
-
-NSS_EXTERN NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetSlotID
- *
- */
-NSS_EXTERN CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetSlotDescription
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_GetSlotDescription
-(
-  NSSCKFWSlot *fwSlot,
-  CK_CHAR slotDescription[64]
-);
-
-/*
- * nssCKFWSlot_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_GetManufacturerID
-(
-  NSSCKFWSlot *fwSlot,
-  CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWSlot_GetTokenPresent
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetRemovableDevice
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetHardwareSlot
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetHardwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetFirmwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetToken
- * 
- */
-NSS_EXTERN NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
-  NSSCKFWSlot *fwSlot,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSlot_ClearToken
- *
- */
-NSS_EXTERN void
-nssCKFWSlot_ClearToken
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWToken
- *
- *  -- create/destroy --
- *  nssCKFWToken_Create
- *  nssCKFWToken_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWToken_GetMDToken
- *  nssCKFWToken_GetFWSlot
- *  nssCKFWToken_GetMDSlot
- *  nssCKFWToken_GetSessionState
- *
- *  -- private accessors --
- *  nssCKFWToken_SetSessionState
- *  nssCKFWToken_RemoveSession
- *  nssCKFWToken_CloseAllSessions
- *  nssCKFWToken_GetSessionCount
- *  nssCKFWToken_GetRwSessionCount
- *  nssCKFWToken_GetRoSessionCount
- *  nssCKFWToken_GetSessionObjectHash
- *  nssCKFWToken_GetMDObjectHash
- *  nssCKFWToken_GetObjectHandleHash
- *
- *  -- module fronts --
- *  nssCKFWToken_InitToken
- *  nssCKFWToken_GetLabel
- *  nssCKFWToken_GetManufacturerID
- *  nssCKFWToken_GetModel
- *  nssCKFWToken_GetSerialNumber
- *  nssCKFWToken_GetHasRNG
- *  nssCKFWToken_GetIsWriteProtected
- *  nssCKFWToken_GetLoginRequired
- *  nssCKFWToken_GetUserPinInitialized
- *  nssCKFWToken_GetRestoreKeyNotNeeded
- *  nssCKFWToken_GetHasClockOnToken
- *  nssCKFWToken_GetHasProtectedAuthenticationPath
- *  nssCKFWToken_GetSupportsDualCryptoOperations
- *  nssCKFWToken_GetMaxSessionCount
- *  nssCKFWToken_GetMaxRwSessionCount
- *  nssCKFWToken_GetMaxPinLen
- *  nssCKFWToken_GetMinPinLen
- *  nssCKFWToken_GetTotalPublicMemory
- *  nssCKFWToken_GetFreePublicMemory
- *  nssCKFWToken_GetTotalPrivateMemory
- *  nssCKFWToken_GetFreePrivateMemory
- *  nssCKFWToken_GetHardwareVersion
- *  nssCKFWToken_GetFirmwareVersion
- *  nssCKFWToken_GetUTCTime
- *  nssCKFWToken_OpenSession
- *  nssCKFWToken_GetMechanismCount
- *  nssCKFWToken_GetMechanismTypes
- *  nssCKFWToken_GetMechanism
- */
-
-/*
- * nssCKFWToken_Create
- *
- */
-NSS_EXTERN NSSCKFWToken *
-nssCKFWToken_Create
-(
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDToken *mdToken,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWToken_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_Destroy
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDToken
- *
- */
-NSS_EXTERN NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWToken_GetArena
-(
-  NSSCKFWToken *fwToken,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWToken_GetFWSlot
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDSlot
- *
- */
-NSS_EXTERN NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionState
- *
- */
-NSS_EXTERN CK_STATE
-nssCKFWToken_GetSessionState
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_InitToken
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_InitToken
-(
-  NSSCKFWToken *fwToken,
-  NSSItem *pin,
-  NSSUTF8 *label
-);
-
-/*
- * nssCKFWToken_GetLabel
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetLabel
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR label[32]
-);
-
-/*
- * nssCKFWToken_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetManufacturerID
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWToken_GetModel
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetModel
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR model[16]
-);
-
-/*
- * nssCKFWToken_GetSerialNumber
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetSerialNumber
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR serialNumber[16]
-);
-
-/*
- * nssCKFWToken_GetHasRNG
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetIsWriteProtected
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetLoginRequired
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetUserPinInitialized
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRestoreKeyNotNeeded
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHasClockOnToken
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSupportsDualCryptoOperations
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxRwSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxPinLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMinPinLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetTotalPublicMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFreePublicMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetTotalPrivateMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFreePrivateMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHardwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFirmwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetUTCTime
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetUTCTime
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR utcTime[16]
-);
-
-/*
- * nssCKFWToken_OpenSession
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
-  NSSCKFWToken *fwToken,
-  CK_BBOOL rw,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWToken_GetMechanismCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMechanismTypes
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetMechanismTypes
-(
-  NSSCKFWToken *fwToken,
-  CK_MECHANISM_TYPE types[]
-);
-
-/*
- * nssCKFWToken_GetMechanism
- *
- */
-NSS_EXTERN NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
-  NSSCKFWToken *fwToken,
-  CK_MECHANISM_TYPE which,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWToken_SetSessionState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_SetSessionState
-(
-  NSSCKFWToken *fwToken,
-  CK_STATE newState
-);
-
-/*
- * nssCKFWToken_RemoveSession
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_RemoveSession
-(
-  NSSCKFWToken *fwToken,
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWToken_CloseAllSessions
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_CloseAllSessions
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetSessionCount
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRwSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRoSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionObjectHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDObjectHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetObjectHandleHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWMechanism
- *
- *  -- create/destroy --
- *  nssCKFWMechanism_Create
- *  nssCKFWMechanism_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWMechanism_GetMDMechanism
- *  nssCKFWMechanism_GetParameter
- *
- *  -- private accessors --
- *
- *  -- module fronts --
- *  nssCKFWMechanism_GetMinKeySize
- *  nssCKFWMechanism_GetMaxKeySize
- *  nssCKFWMechanism_GetInHardware
- */
-
-/*
- * nssCKFWMechanism_Create
- *
- */
-NSS_EXTERN NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
-  void /* XXX fgmr */
-);
-
-/*
- * nssCKFWMechanism_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMechanism_Destroy
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMDMechanism
- *
- */
-
-NSS_EXTERN NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetParameter
- *
- * XXX fgmr-- or as an additional parameter to the crypto ops?
- */
-NSS_EXTERN NSSItem *
-nssCKFWMechanism_GetParameter
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMinKeySize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMaxKeySize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetInHardware
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWSession
- *
- *  -- create/destroy --
- *  nssCKFWSession_Create
- *  nssCKFWSession_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWSession_GetMDSession
- *  nssCKFWSession_GetArena
- *  nssCKFWSession_CallNotification
- *  nssCKFWSession_IsRWSession
- *  nssCKFWSession_IsSO
- *
- *  -- private accessors --
- *  nssCKFWSession_GetFWSlot
- *  nssCKFWSession_GetSessionState
- *  nssCKFWSession_SetFWFindObjects
- *  nssCKFWSession_GetFWFindObjects
- *  nssCKFWSession_SetMDSession
- *  nssCKFWSession_SetHandle
- *  nssCKFWSession_GetHandle
- *  nssCKFWSession_RegisterSessionObject
- *  nssCKFWSession_DeregisterSessionObject
- *
- *  -- module fronts --
- *  nssCKFWSession_GetDeviceError
- *  nssCKFWSession_Login
- *  nssCKFWSession_Logout
- *  nssCKFWSession_InitPIN
- *  nssCKFWSession_SetPIN
- *  nssCKFWSession_GetOperationStateLen
- *  nssCKFWSession_GetOperationState
- *  nssCKFWSession_SetOperationState
- *  nssCKFWSession_CreateObject
- *  nssCKFWSession_CopyObject
- *  nssCKFWSession_FindObjectsInit
- *  nssCKFWSession_SeedRandom
- *  nssCKFWSession_GetRandom
- */
-
-/*
- * nssCKFWSession_Create
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWSession_Create
-(
-  NSSCKFWToken *fwToken,
-  CK_BBOOL rw,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Destroy
-(
-  NSSCKFWSession *fwSession,
-  CK_BBOOL removeFromTokenHash
-);
-
-/*
- * nssCKFWSession_GetMDSession
- *
- */
-NSS_EXTERN NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWSession_GetArena
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_CallNotification
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_CallNotification
-(
-  NSSCKFWSession *fwSession,
-  CK_NOTIFICATION event
-);
-
-/*
- * nssCKFWSession_IsRWSession
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsRWSession
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_IsSO
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsSO
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_GetFWSlot
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCFKWSession_GetSessionState
- *
- */
-NSS_EXTERN CK_STATE
-nssCKFWSession_GetSessionState
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_SetFWFindObjects
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetFWFindObjects
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWSession_GetFWFindObjects
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
-  NSSCKFWSession *fwSesssion,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_SetMDSession
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetMDSession
-(
-  NSSCKFWSession *fwSession,
-  NSSCKMDSession *mdSession
-);
-
-/*
- * nssCKFWSession_SetHandle
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetHandle
-(
-  NSSCKFWSession *fwSession,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWSession_GetHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_RegisterSessionObject
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_RegisterSessionObject
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWSession_DeregisterSessionObject
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWSession_GetDeviceError
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWSession_GetDeviceError
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_Login
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Login
-(
-  NSSCKFWSession *fwSession,
-  CK_USER_TYPE userType,
-  NSSItem *pin
-);
-
-/*
- * nssCKFWSession_Logout
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Logout
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_InitPIN
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_InitPIN
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *pin
-);
-
-/*
- * nssCKFWSession_SetPIN
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetPIN
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *newPin,
-  NSSItem *oldPin
-);
-
-/*
- * nssCKFWSession_GetOperationStateLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_GetOperationState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_GetOperationState
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *buffer
-);
-
-/*
- * nssCKFWSession_SetOperationState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetOperationState
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *state,
-  NSSCKFWObject *encryptionKey,
-  NSSCKFWObject *authenticationKey
-);
-
-/*
- * nssCKFWSession_CreateObject
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
-  NSSCKFWSession *fwSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_CopyObject
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWObject *object,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_FindObjectsInit
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
-  NSSCKFWSession *fwSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWSession_SeedRandom
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SeedRandom
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *seed
-);
-
-/*
- * nssCKFWSession_GetRandom
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_GetRandom
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *buffer
-);
-
-/*
- * NSSCKFWObject
- *
- * -- create/destroy --
- *  nssCKFWObject_Create
- *  nssCKFWObject_Finalize
- *  nssCKFWObject_Destroy
- *
- * -- implement public accessors --
- *  nssCKFWObject_GetMDObject
- *  nssCKFWObject_GetArena
- *
- * -- private accessors --
- *  nssCKFWObject_SetHandle
- *  nssCKFWObject_GetHandle
- *
- * -- module fronts --
- *  nssCKFWObject_IsTokenObject
- *  nssCKFWObject_GetAttributeCount
- *  nssCKFWObject_GetAttributeTypes
- *  nssCKFWObject_GetAttributeSize
- *  nssCKFWObject_GetAttribute
- *  nssCKFWObject_SetAttribute
- *  nssCKFWObject_GetObjectSize
- */
-
-/*
- * nssCKFWObject_Create
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWObject_Create
-(
-  NSSArena *arena,
-  NSSCKMDObject *mdObject,
-  NSSCKFWSession *fwSession,
-  NSSCKFWToken *fwToken,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWObject_Finalize
- *
- */
-NSS_EXTERN void
-nssCKFWObject_Finalize
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWObject_Destroy
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetMDObject
- *
- */
-NSS_EXTERN NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWObject_GetArena
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWObject_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
-  NSSCKFWObject *fwObject,
-  CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWObject_GetHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_IsTokenObject
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetAttributeCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWObject_GetAttributeTypes
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWObject_GetAttributeTypes
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-);
-
-/*
- * nssCKFWObject_GetAttributeSize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWObject_GetAttribute
- *
- * Usual NSS allocation rules:
- * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
- * will be allocated.  If itemOpt is not NULL but itemOpt->data is,
- * the buffer will be allocated; otherwise, the buffer will be used.
- * Any allocations will come from the optional arena, if one is
- * specified.
- */
-NSS_EXTERN NSSItem *
-nssCKFWObject_GetAttribute
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *itemOpt,
-  NSSArena *arenaOpt,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWObject_SetAttribute
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWObject_SetAttribute
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *value
-);
-
-/*
- * nssCKFWObject_GetObjectSize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetObjectSize
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWFindObjects
- *
- *  -- create/destroy --
- *  nssCKFWFindObjects_Create
- *  nssCKFWFindObjects_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWFindObjects_GetMDFindObjects
- *
- *  -- private accessors --
- *
- *  -- module fronts --
- *  nssCKFWFindObjects_Next
- */
-
-/*
- * nssCKFWFindObjects_Create
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWToken *fwToken,
-  NSSCKFWInstance *fwInstance,
-  NSSCKMDFindObjects *mdFindObjects1,
-  NSSCKMDFindObjects *mdFindObjects2,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWFindObjects_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
-  NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWFindObjects_GetMDFindObjects
- *
- */
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
-  NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWFindObjects_Next
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSArena *arenaOpt,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWMutex
- *
- *  nssCKFWMutex_Create
- *  nssCKFWMutex_Destroy
- *  nssCKFWMutex_Lock
- *  nssCKFWMutex_Unlock
- *
- */
-
-/*
- * nssCKFWMutex_Create
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
-  CK_C_INITIALIZE_ARGS_PTR pInitArgs,
-  NSSArena *arena,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
-  NSSCKFWMutex *mutex
-);
-
-/*
- * nssCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
-  NSSCKFWMutex *mutex
-);
-
-/*
- * nssCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
-  NSSCKFWMutex *mutex
-);
-
-#endif /* CKFW_H */
diff --git a/security/nss/lib/ckfw/ckfwm.h b/security/nss/lib/ckfw/ckfwm.h
deleted file mode 100644
index 615efe2b6..000000000
--- a/security/nss/lib/ckfw/ckfwm.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFWM_H
-#define CKFWM_H
-
-#ifdef DEBUG
-static const char CKFWM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfwm.h
- *
- * This file prototypes the module-private calls of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-/*
- * nssCKFWHash
- *
- *  nssCKFWHash_Create
- *  nssCKFWHash_Destroy
- *  nssCKFWHash_Add
- *  nssCKFWHash_Remove
- *  nssCKFWHash_Count
- *  nssCKFWHash_Exists
- *  nssCKFWHash_Lookup
- *  nssCKFWHash_Iterate
- */
-
-/*
- * nssCKFWHash_Create
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWHash_Create
-(
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-);
-
-/*
- * nssCKFWHash_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Destroy
-(
-  nssCKFWHash *hash
-);
-
-/*
- * nssCKFWHash_Add
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWHash_Add
-(
-  nssCKFWHash *hash,
-  const void *key,
-  const void *value
-);
-
-/*
- * nssCKFWHash_Remove
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Remove
-(
-  nssCKFWHash *hash,
-  const void *it
-);
-
-/*
- * nssCKFWHash_Count
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWHash_Count
-(
-  nssCKFWHash *hash
-);
-
-/*
- * nssCKFWHash_Exists
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWHash_Exists
-(
-  nssCKFWHash *hash,
-  const void *it
-);
-
-/*
- * nssCKFWHash_Lookup
- *
- */
-NSS_EXTERN void *
-nssCKFWHash_Lookup
-(
-  nssCKFWHash *hash,
-  const void *it
-);
-
-/*
- * nssCKFWHash_Iterate
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Iterate
-(
-  nssCKFWHash *hash,
-  nssCKFWHashIterator fcn,
-  void *closure
-);
-
-NSS_EXTERN void
-nssSetLockArgs(
-   CK_C_INITIALIZE_ARGS_PTR pInitArgs
-);
-
-
-#endif /* CKFWM_H */
diff --git a/security/nss/lib/ckfw/ckfwtm.h b/security/nss/lib/ckfw/ckfwtm.h
deleted file mode 100644
index 0f631f02d..000000000
--- a/security/nss/lib/ckfw/ckfwtm.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFWTM_H
-#define CKFWTM_H
-
-#ifdef DEBUG
-static const char CKFWTM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfwtm.h
- *
- * This file declares the module-private types of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-struct nssCKFWHashStr;
-typedef struct nssCKFWHashStr nssCKFWHash;
-
-typedef void (PR_CALLBACK *nssCKFWHashIterator)(const void *key, void *value, void *closure);
-
-#endif /* CKFWTM_H */
diff --git a/security/nss/lib/ckfw/ckmd.h b/security/nss/lib/ckfw/ckmd.h
deleted file mode 100644
index 5b7f394f5..000000000
--- a/security/nss/lib/ckfw/ckmd.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKMD_H
-#define CKMD_H
-
-#ifdef DEBUG
-static const char CKMD_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckmd.h
- *
- */
-
-NSS_EXTERN NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
-  NSSCKFWToken *fwToken,
-  NSSArena *arena,
-  CK_ATTRIBUTE_PTR attributes,
-  CK_ULONG ulCount,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
-  NSSCKFWToken *fwToken,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_RV *pError
-);
-
-#endif /* CKMD_H */
diff --git a/security/nss/lib/ckfw/ckt.h b/security/nss/lib/ckfw/ckt.h
deleted file mode 100644
index bf114dbc0..000000000
--- a/security/nss/lib/ckfw/ckt.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* get back to just one set of PKCS #11 headers. Use the onese that
- * are easiest to maintain from the RSA website */
-/* this one is the one that defines NSS specific data */
-#include "pkcs11n.h"
diff --git a/security/nss/lib/ckfw/config.mk b/security/nss/lib/ckfw/config.mk
deleted file mode 100644
index 521c93d31..000000000
--- a/security/nss/lib/ckfw/config.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Hack to see if everything still builds
-#
-
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
-
diff --git a/security/nss/lib/ckfw/dbm/Makefile b/security/nss/lib/ckfw/dbm/Makefile
deleted file mode 100644
index 03e1fb4c6..000000000
--- a/security/nss/lib/ckfw/dbm/Makefile
+++ /dev/null
@@ -1,38 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include config.mk
-include $(CORE_DEPTH)/coreconf/config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/security/nss/lib/ckfw/dbm/anchor.c b/security/nss/lib/ckfw/dbm/anchor.c
deleted file mode 100644
index 588fd00e0..000000000
--- a/security/nss/lib/ckfw/dbm/anchor.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * dbm/anchor.c
- *
- * This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading.  See the 
- * comments in nssck.api for more information.
- */
-
-#include "ckdbm.h"
-
-#define MODULE_NAME dbm
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_dbm_mdInstance
-#include "nssck.api"
diff --git a/security/nss/lib/ckfw/dbm/ckdbm.h b/security/nss/lib/ckfw/dbm/ckdbm.h
deleted file mode 100644
index 7bab87ec7..000000000
--- a/security/nss/lib/ckfw/dbm/ckdbm.h
+++ /dev/null
@@ -1,281 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CKDBM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef CKDBM_H
-#define CKDBM_H
-
-#include "nssckmdt.h"
-#include "nssckfw.h"
-
-/*
- * I'm including this for access to the arena functions.
- * Looks like we should publish that API.
- */
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This is where the Netscape extensions live, at least for now.
- */
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-#include "mcom_db.h"
-
-NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance;
-
-typedef struct nss_dbm_db_struct nss_dbm_db_t;
-struct nss_dbm_db_struct {
-  DB *db;
-  NSSCKFWMutex *crustylock;
-};
-
-typedef struct nss_dbm_dbt_struct nss_dbm_dbt_t;
-struct nss_dbm_dbt_struct {
-  DBT dbt;
-  nss_dbm_db_t *my_db;
-};
-
-typedef struct nss_dbm_instance_struct nss_dbm_instance_t;
-struct nss_dbm_instance_struct {
-  NSSArena *arena;
-  CK_ULONG nSlots;
-  char **filenames;
-  int *flags; /* e.g. O_RDONLY, O_RDWR */
-};
-
-typedef struct nss_dbm_slot_struct nss_dbm_slot_t;
-struct nss_dbm_slot_struct {
-  nss_dbm_instance_t *instance;
-  char *filename;
-  int flags;
-  nss_dbm_db_t *token_db;
-};
-
-typedef struct nss_dbm_token_struct nss_dbm_token_t;
-struct nss_dbm_token_struct {
-  NSSArena *arena;
-  nss_dbm_slot_t *slot;
-  nss_dbm_db_t *session_db;
-  NSSUTF8 *label;
-};
-
-struct nss_dbm_dbt_node {
-  struct nss_dbm_dbt_node *next;
-  nss_dbm_dbt_t *dbt;
-};
-
-typedef struct nss_dbm_session_struct nss_dbm_session_t;
-struct nss_dbm_session_struct {
-  NSSArena *arena;
-  nss_dbm_token_t *token;
-  CK_ULONG deviceError;
-  struct nss_dbm_dbt_node *session_objects;
-  NSSCKFWMutex *list_lock;
-};
-
-typedef struct nss_dbm_object_struct nss_dbm_object_t;
-struct nss_dbm_object_struct {
-  NSSArena *arena; /* token or session */
-  nss_dbm_dbt_t *handle;
-};
-
-typedef struct nss_dbm_find_struct nss_dbm_find_t;
-struct nss_dbm_find_struct {
-  NSSArena *arena;
-  struct nss_dbm_dbt_node *found;
-  NSSCKFWMutex *list_lock;
-};
-
-NSS_EXTERN NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
-  nss_dbm_instance_t *instance,
-  char *filename,
-  int flags,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
-  nss_dbm_slot_t *slot,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
-  nss_dbm_token_t *token,
-  NSSCKFWSession *fwSession,
-  NSSCKFWInstance *fwInstance,
-  CK_BBOOL rw,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
-  nss_dbm_object_t *object,
-  CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
-  nss_dbm_find_t *find,
-  CK_RV *pError
-);
-
-NSS_EXTERN nss_dbm_db_t *
-nss_dbm_db_open
-(
-  NSSArena *arena,
-  NSSCKFWInstance *fwInstance,
-  char *filename,
-  int flags,
-  CK_RV *pError
-);
-
-NSS_EXTERN void
-nss_dbm_db_close
-(
-  nss_dbm_db_t *db
-);
-
-NSS_EXTERN CK_VERSION
-nss_dbm_db_get_format_version
-(
-  nss_dbm_db_t *db
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_set_label
-(
-  nss_dbm_db_t *db,
-  NSSUTF8 *label
-);
-
-NSS_EXTERN NSSUTF8 *
-nss_dbm_db_get_label
-(
-  nss_dbm_db_t *db,
-  NSSArena *arena,
-  CK_RV *pError
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_delete_object
-(
-  nss_dbm_dbt_t *dbt
-);
-
-NSS_EXTERN nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
-  NSSArena *arena,
-  nss_dbm_db_t *db,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_find_objects
-(
-  nss_dbm_find_t *find,
-  nss_dbm_db_t *db,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_BBOOL
-nss_dbm_db_object_still_exists
-(
-  nss_dbm_dbt_t *dbt
-);
-
-NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
-  nss_dbm_dbt_t *dbt,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_get_object_attribute_types
-(
-  nss_dbm_dbt_t *dbt,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount,
-  CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
-  nss_dbm_dbt_t *dbt,
-  CK_ATTRIBUTE_TYPE type,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-);
-
-NSS_EXTERN NSSItem *
-nss_dbm_db_get_object_attribute
-(
-  nss_dbm_dbt_t *dbt,
-  NSSArena *arena,
-  CK_ATTRIBUTE_TYPE type,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_set_object_attribute
-(
-  nss_dbm_dbt_t *dbt,
-  CK_ATTRIBUTE_TYPE type,
-  NSSItem *value,
-  CK_ULONG *pdbrv
-);
-
-#endif /* CKDBM_H */
diff --git a/security/nss/lib/ckfw/dbm/config.mk b/security/nss/lib/ckfw/dbm/config.mk
deleted file mode 100644
index 80b3135f4..000000000
--- a/security/nss/lib/ckfw/dbm/config.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
diff --git a/security/nss/lib/ckfw/dbm/db.c b/security/nss/lib/ckfw/dbm/db.c
deleted file mode 100644
index 307c7f21d..000000000
--- a/security/nss/lib/ckfw/dbm/db.c
+++ /dev/null
@@ -1,1065 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-#define PREFIX_METADATA "0000"
-#define PREFIX_OBJECT   "0001"
-#define PREFIX_INDEX    "0002"
-
-static CK_VERSION nss_dbm_db_format_version = { 1, 0 };
-struct handle {
-  char prefix[4];
-  CK_ULONG id;
-};
-
-NSS_IMPLEMENT nss_dbm_db_t *
-nss_dbm_db_open
-(
-  NSSArena *arena,
-  NSSCKFWInstance *fwInstance,
-  char *filename,
-  int flags,
-  CK_RV *pError
-)
-{
-  nss_dbm_db_t *rv;
-  CK_VERSION db_version;
-
-  rv = nss_ZNEW(arena, nss_dbm_db_t);
-  if( (nss_dbm_db_t *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (nss_dbm_db_t *)NULL;
-  }
-
-  rv->db = dbopen(filename, flags, 0600, DB_HASH, (const void *)NULL);
-  if( (DB *)NULL == rv->db ) {
-    *pError = CKR_TOKEN_NOT_PRESENT;
-    return (nss_dbm_db_t *)NULL;
-  }
-
-  rv->crustylock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == rv->crustylock ) {
-    return (nss_dbm_db_t *)NULL;
-  }
-
-  db_version = nss_dbm_db_get_format_version(rv);
-  if( db_version.major != nss_dbm_db_format_version.major ) {
-    nss_dbm_db_close(rv);
-    *pError = CKR_TOKEN_NOT_RECOGNIZED;
-    return (nss_dbm_db_t *)NULL;
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT void
-nss_dbm_db_close
-(
-  nss_dbm_db_t *db
-)
-{
-  if( (NSSCKFWMutex *)NULL != db->crustylock ) {
-    (void)NSSCKFWMutex_Destroy(db->crustylock);
-  }
-
-  if( (DB *)NULL != db->db ) {
-    (void)db->db->close(db->db);
-  }
-
-  nss_ZFreeIf(db);
-}
-
-NSS_IMPLEMENT CK_VERSION
-nss_dbm_db_get_format_version
-(
-  nss_dbm_db_t *db
-)
-{
-  CK_VERSION rv;
-  DBT k, v;
-  int dbrv;
-  char buffer[64];
-
-  rv.major = rv.minor = 0;
-
-  k.data = PREFIX_METADATA "FormatVersion";
-  k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
-  (void)memset(&v, 0, sizeof(v));
-
-  /* Locked region */ 
-  {
-    if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
-      return rv;
-    }
-
-    dbrv = db->db->get(db->db, &k, &v, 0);
-    if( dbrv == 0 ) {
-      CK_ULONG major = 0, minor = 0;
-      (void)PR_sscanf(v.data, "%ld.%ld", &major, &minor);
-      rv.major = major;
-      rv.minor = minor;
-    } else if( dbrv > 0 ) {
-      (void)PR_snprintf(buffer, sizeof(buffer), "%ld.%ld", nss_dbm_db_format_version.major,
-                        nss_dbm_db_format_version.minor);
-      v.data = buffer;
-      v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
-      dbrv = db->db->put(db->db, &k, &v, 0);
-      (void)db->db->sync(db->db, 0);
-      rv = nss_dbm_db_format_version;
-    } else {
-      /* No error return.. */
-      ;
-    }
-
-    (void)NSSCKFWMutex_Unlock(db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_label
-(
-  nss_dbm_db_t *db,
-  NSSUTF8 *label
-)
-{
-  CK_RV rv;
-  DBT k, v;
-  int dbrv;
-
-  k.data = PREFIX_METADATA "Label";
-  k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
-  v.data = label;
-  v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
-
-  /* Locked region */ 
-  {
-    if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
-      return rv;
-    }
-
-    dbrv = db->db->put(db->db, &k, &v, 0);
-    if( 0 != dbrv ) {
-      rv = CKR_DEVICE_ERROR;
-    }
-
-    dbrv = db->db->sync(db->db, 0);
-    if( 0 != dbrv ) {
-      rv = CKR_DEVICE_ERROR;
-    }
-
-    (void)NSSCKFWMutex_Unlock(db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nss_dbm_db_get_label
-(
-  nss_dbm_db_t *db,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  NSSUTF8 *rv = (NSSUTF8 *)NULL;
-  DBT k, v;
-  int dbrv;
-
-  k.data = PREFIX_METADATA "Label";
-  k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
-
-  /* Locked region */ 
-  {
-    if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
-      return rv;
-    }
-
-    dbrv = db->db->get(db->db, &k, &v, 0);
-    if( 0 == dbrv ) {
-      rv = nssUTF8_Duplicate((NSSUTF8 *)v.data, arena);
-      if( (NSSUTF8 *)NULL == rv ) {
-        *pError = CKR_HOST_MEMORY;
-      }
-    } else if( dbrv > 0 ) {
-      /* Just return null */
-      ;
-    } else {
-      *pError = CKR_DEVICE_ERROR;
-      ;
-    }
-
-
-    (void)NSSCKFWMutex_Unlock(db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_delete_object
-(
-  nss_dbm_dbt_t *dbt
-)
-{
-  CK_RV rv;
-  int dbrv;
-
-  /* Locked region */
-  {
-    rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-    if( CKR_OK != rv ) {
-      return rv;
-    }
-
-    dbrv = dbt->my_db->db->del(dbt->my_db->db, &dbt->dbt, 0);
-    if( 0 != dbrv ) {
-      rv = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    dbrv = dbt->my_db->db->sync(dbt->my_db->db, 0);
-    if( 0 != dbrv ) {
-      rv = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-  done:
-    (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-  }
-
-  return rv;
-}
-
-static CK_ULONG
-nss_dbm_db_new_handle
-(
-  nss_dbm_db_t *db,
-  DBT *dbt, /* pre-allocated */
-  CK_RV *pError
-)
-{
-  CK_ULONG rv;
-  DBT k, v;
-  CK_ULONG align = 0, id, myid;
-  struct handle *hp;
-
-  if( sizeof(struct handle) != dbt->size ) {
-    return EINVAL;
-  }
-
-  /* Locked region */
-  {
-    *pError = NSSCKFWMutex_Lock(db->crustylock);
-    if( CKR_OK != *pError ) {
-      return EINVAL;
-    }
-
-    k.data = PREFIX_METADATA "LastID";
-    k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
-    (void)memset(&v, 0, sizeof(v));
-
-    rv = db->db->get(db->db, &k, &v, 0);
-    if( 0 == rv ) {
-      (void)memcpy(&align, v.data, sizeof(CK_ULONG));
-      id = ntohl(align);
-    } else if( rv > 0 ) {
-      id = 0;
-    } else {
-      goto done;
-    }
-
-    myid = id;
-    id++;
-    align = htonl(id);
-    v.data = &align;
-    v.size = sizeof(CK_ULONG);
-
-    rv = db->db->put(db->db, &k, &v, 0);
-    if( 0 != rv ) {
-      goto done;
-    }
-
-    rv = db->db->sync(db->db, 0);
-    if( 0 != rv ) {
-      goto done;
-    }
-
-  done:
-    (void)NSSCKFWMutex_Unlock(db->crustylock);
-  }
-
-  if( 0 != rv ) {
-    return rv;
-  }
-
-  hp = (struct handle *)dbt->data;
-  (void)memcpy(&hp->prefix[0], PREFIX_OBJECT, 4);
-  hp->id = myid;
-
-  return 0;
-}
-
-/*
- * This attribute-type-dependent swapping should probably
- * be in the Framework, because it'll be a concern of just
- * about every Module.  Of course any Framework implementation
- * will have to be augmentable or overridable by a Module.
- */
-
-enum swap_type { type_byte, type_short, type_long, type_opaque };
-
-static enum swap_type
-nss_dbm_db_swap_type
-(
-  CK_ATTRIBUTE_TYPE type
-)
-{
-  switch( type ) {
-  case CKA_CLASS: return type_long;
-  case CKA_TOKEN: return type_byte;
-  case CKA_PRIVATE: return type_byte;
-  case CKA_LABEL: return type_opaque;
-  case CKA_APPLICATION: return type_opaque;
-  case CKA_VALUE: return type_opaque;
-  case CKA_CERTIFICATE_TYPE: return type_long;
-  case CKA_ISSUER: return type_opaque;
-  case CKA_SERIAL_NUMBER: return type_opaque;
-  case CKA_KEY_TYPE: return type_long;
-  case CKA_SUBJECT: return type_opaque;
-  case CKA_ID: return type_opaque;
-  case CKA_SENSITIVE: return type_byte;
-  case CKA_ENCRYPT: return type_byte;
-  case CKA_DECRYPT: return type_byte;
-  case CKA_WRAP: return type_byte;
-  case CKA_UNWRAP: return type_byte;
-  case CKA_SIGN: return type_byte;
-  case CKA_SIGN_RECOVER: return type_byte;
-  case CKA_VERIFY: return type_byte;
-  case CKA_VERIFY_RECOVER: return type_byte;
-  case CKA_DERIVE: return type_byte;
-  case CKA_START_DATE: return type_opaque;
-  case CKA_END_DATE: return type_opaque;
-  case CKA_MODULUS: return type_opaque;
-  case CKA_MODULUS_BITS: return type_long;
-  case CKA_PUBLIC_EXPONENT: return type_opaque;
-  case CKA_PRIVATE_EXPONENT: return type_opaque;
-  case CKA_PRIME_1: return type_opaque;
-  case CKA_PRIME_2: return type_opaque;
-  case CKA_EXPONENT_1: return type_opaque;
-  case CKA_EXPONENT_2: return type_opaque;
-  case CKA_COEFFICIENT: return type_opaque;
-  case CKA_PRIME: return type_opaque;
-  case CKA_SUBPRIME: return type_opaque;
-  case CKA_BASE: return type_opaque;
-  case CKA_VALUE_BITS: return type_long;
-  case CKA_VALUE_LEN: return type_long;
-  case CKA_EXTRACTABLE: return type_byte;
-  case CKA_LOCAL: return type_byte;
-  case CKA_NEVER_EXTRACTABLE: return type_byte;
-  case CKA_ALWAYS_SENSITIVE: return type_byte;
-  case CKA_MODIFIABLE: return type_byte;
-  case CKA_NETSCAPE_URL: return type_opaque;
-  case CKA_NETSCAPE_EMAIL: return type_opaque;
-  case CKA_NETSCAPE_SMIME_INFO: return type_opaque;
-  case CKA_NETSCAPE_SMIME_TIMESTAMP: return type_opaque;
-  case CKA_NETSCAPE_PKCS8_SALT: return type_opaque;
-  case CKA_NETSCAPE_PASSWORD_CHECK: return type_opaque;
-  case CKA_NETSCAPE_EXPIRES: return type_opaque;
-  case CKA_TRUST_DIGITAL_SIGNATURE: return type_long;
-  case CKA_TRUST_NON_REPUDIATION: return type_long;
-  case CKA_TRUST_KEY_ENCIPHERMENT: return type_long;
-  case CKA_TRUST_DATA_ENCIPHERMENT: return type_long;
-  case CKA_TRUST_KEY_AGREEMENT: return type_long;
-  case CKA_TRUST_KEY_CERT_SIGN: return type_long;
-  case CKA_TRUST_CRL_SIGN: return type_long;
-  case CKA_TRUST_SERVER_AUTH: return type_long;
-  case CKA_TRUST_CLIENT_AUTH: return type_long;
-  case CKA_TRUST_CODE_SIGNING: return type_long;
-  case CKA_TRUST_EMAIL_PROTECTION: return type_long;
-  case CKA_TRUST_IPSEC_END_SYSTEM: return type_long;
-  case CKA_TRUST_IPSEC_TUNNEL: return type_long;
-  case CKA_TRUST_IPSEC_USER: return type_long;
-  case CKA_TRUST_TIME_STAMPING: return type_long;
-  case CKA_NETSCAPE_DB: return type_opaque;
-  case CKA_NETSCAPE_TRUST: return type_opaque;
-  default: return type_opaque;
-  }
-}
-
-static void
-nss_dbm_db_swap_copy
-(
-  CK_ATTRIBUTE_TYPE type,
-  void *dest,
-  void *src,
-  CK_ULONG len
-)
-{
-  switch( nss_dbm_db_swap_type(type) ) {
-  case type_byte:
-  case type_opaque:
-    (void)memcpy(dest, src, len);
-    break;
-  case type_short:
-    {
-      CK_USHORT s, d;
-      (void)memcpy(&s, src, sizeof(CK_USHORT));
-      d = htons(s);
-      (void)memcpy(dest, &d, sizeof(CK_USHORT));
-      break;
-    }
-  case type_long:
-    {
-      CK_ULONG s, d;
-      (void)memcpy(&s, src, sizeof(CK_ULONG));
-      d = htonl(s);
-      (void)memcpy(dest, &d, sizeof(CK_ULONG));
-      break;
-    }
-  }
-}
-
-static CK_RV
-nss_dbm_db_wrap_object
-(
-  NSSArena *arena,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  DBT *object
-)
-{
-  CK_ULONG object_size;
-  CK_ULONG i;
-  CK_ULONG *pulData;
-  char *pcData;
-  CK_ULONG offset;
-
-  object_size = (1 + ulAttributeCount*3) * sizeof(CK_ULONG);
-  offset = object_size;
-  for( i = 0; i < ulAttributeCount; i++ ) {
-    object_size += pTemplate[i].ulValueLen;
-  }
-
-  object->size = object_size;
-  object->data = nss_ZAlloc(arena, object_size);
-  if( (void *)NULL == object->data ) {
-    return CKR_HOST_MEMORY;
-  }
-
-  pulData = (CK_ULONG *)object->data;
-  pcData = (char *)object->data;
-
-  pulData[0] = htonl(ulAttributeCount);
-  for( i = 0; i < ulAttributeCount; i++ ) {
-    CK_ULONG len = pTemplate[i].ulValueLen;
-    pulData[1 + i*3] = htonl(pTemplate[i].type);
-    pulData[2 + i*3] = htonl(len);
-    pulData[3 + i*3] = htonl(offset);
-    nss_dbm_db_swap_copy(pTemplate[i].type, &pcData[offset], pTemplate[i].pValue, len);
-    offset += len;
-  }
-
-  return CKR_OK;
-}
-
-static CK_RV
-nss_dbm_db_unwrap_object
-(
-  NSSArena *arena,
-  DBT *object,
-  CK_ATTRIBUTE_PTR *ppTemplate,
-  CK_ULONG *pulAttributeCount
-)
-{
-  CK_ULONG *pulData;
-  char *pcData;
-  CK_ULONG n, i;
-  CK_ATTRIBUTE_PTR pTemplate;
-
-  pulData = (CK_ULONG *)object->data;
-  pcData = (char *)object->data;
-
-  n = ntohl(pulData[0]);
-  *pulAttributeCount = n;
-  pTemplate = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, n);
-  if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
-    return CKR_HOST_MEMORY;
-  }
-
-  for( i = 0; i < n; i++ ) {
-    CK_ULONG len;
-    CK_ULONG offset;
-    void *p;
-
-    pTemplate[i].type = ntohl(pulData[1 + i*3]);
-    len = ntohl(pulData[2 + i*3]);
-    offset = ntohl(pulData[3 +  i*3]);
-    
-    p = nss_ZAlloc(arena, len);
-    if( (void *)NULL == p ) {
-      return CKR_HOST_MEMORY;
-    }
-    
-    nss_dbm_db_swap_copy(pTemplate[i].type, p, &pcData[offset], len);
-    pTemplate[i].ulValueLen = len;
-    pTemplate[i].pValue = p;
-  }
-
-  *ppTemplate = pTemplate;
-  return CKR_OK;
-}
-
-
-NSS_IMPLEMENT nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
-  NSSArena *arena,
-  nss_dbm_db_t *db,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-)
-{
-  NSSArena *tmparena = (NSSArena *)NULL;
-  nss_dbm_dbt_t *rv = (nss_dbm_dbt_t *)NULL;
-  DBT object;
-
-  rv = nss_ZNEW(arena, nss_dbm_dbt_t);
-  if( (nss_dbm_dbt_t *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (nss_dbm_dbt_t *)NULL;
-  }
-
-  rv->my_db = db;
-  rv->dbt.size = sizeof(struct handle);
-  rv->dbt.data = nss_ZAlloc(arena, rv->dbt.size);
-  if( (void *)NULL == rv->dbt.data ) {
-    *pError = CKR_HOST_MEMORY;
-    return (nss_dbm_dbt_t *)NULL;
-  }
-
-  *pdbrv = nss_dbm_db_new_handle(db, &rv->dbt, pError);
-  if( 0 != *pdbrv ) {
-    return (nss_dbm_dbt_t *)NULL;
-  }
-
-  tmparena = NSSArena_Create();
-  if( (NSSArena *)NULL == tmparena ) {
-    *pError = CKR_HOST_MEMORY;
-    return (nss_dbm_dbt_t *)NULL;
-  }
-
-  *pError = nss_dbm_db_wrap_object(tmparena, pTemplate, ulAttributeCount, &object);
-  if( CKR_OK != *pError ) {
-    return (nss_dbm_dbt_t *)NULL;
-  }
-  
-  /* Locked region */
-  {
-    *pError = NSSCKFWMutex_Lock(db->crustylock);
-    if( CKR_OK != *pError ) {
-      goto loser;
-    }
-
-    *pdbrv = db->db->put(db->db, &rv->dbt, &object, 0);
-    if( 0 != *pdbrv ) {
-      *pError = CKR_DEVICE_ERROR;
-    }
-
-    (void)db->db->sync(db->db, 0);
-
-    (void)NSSCKFWMutex_Unlock(db->crustylock);
-  }
-
- loser:  
-  if( (NSSArena *)NULL != tmparena ) {
-    (void)NSSArena_Destroy(tmparena);
-  }
-
-  return rv;
-}
-
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_find_objects
-(
-  nss_dbm_find_t *find,
-  nss_dbm_db_t *db,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_ULONG *pdbrv
-)
-{
-  CK_RV rv = CKR_OK;
-
-  if( (nss_dbm_db_t *)NULL != db ) {
-    DBT k, v;
-
-    rv = NSSCKFWMutex_Lock(db->crustylock);
-    if( CKR_OK != rv ) {
-      return rv;
-    }
-
-    *pdbrv = db->db->seq(db->db, &k, &v, R_FIRST);
-    while( 0 == *pdbrv ) {
-      CK_ULONG i, j;
-      NSSArena *tmparena = (NSSArena *)NULL;
-      CK_ULONG ulac;
-      CK_ATTRIBUTE_PTR pt;
-
-      if( (k.size < 4) || (0 != memcmp(k.data, PREFIX_OBJECT, 4)) ) {
-        goto nomatch;
-      }
-
-      tmparena = NSSArena_Create();
-
-      rv = nss_dbm_db_unwrap_object(tmparena, &v, &pt, &ulac);
-      if( CKR_OK != rv ) {
-        goto loser;
-      }
-
-      for( i = 0; i < ulAttributeCount; i++ ) {
-        for( j = 0; j < ulac; j++ ) {
-          if( pTemplate[i].type == pt[j].type ) {
-            if( pTemplate[i].ulValueLen != pt[j].ulValueLen ) {
-              goto nomatch;
-            }
-            if( 0 != memcmp(pTemplate[i].pValue, pt[j].pValue, pt[j].ulValueLen) ) {
-              goto nomatch;
-            }
-            break;
-          }
-        }
-        if( j == ulac ) {
-          goto nomatch;
-        }
-      }
-
-      /* entire template matches */
-      {
-        struct nss_dbm_dbt_node *node;
-
-        node = nss_ZNEW(find->arena, struct nss_dbm_dbt_node);
-        if( (struct nss_dbm_dbt_node *)NULL == node ) {
-          rv = CKR_HOST_MEMORY;
-          goto loser;
-        }
-
-        node->dbt = nss_ZNEW(find->arena, nss_dbm_dbt_t);
-        if( (nss_dbm_dbt_t *)NULL == node->dbt ) {
-          rv = CKR_HOST_MEMORY;
-          goto loser;
-        }
-        
-        node->dbt->dbt.size = k.size;
-        node->dbt->dbt.data = nss_ZAlloc(find->arena, k.size);
-        if( (void *)NULL == node->dbt->dbt.data ) {
-          rv = CKR_HOST_MEMORY;
-          goto loser;
-        }
-
-        (void)memcpy(node->dbt->dbt.data, k.data, k.size);
-
-        node->dbt->my_db = db;
-
-        node->next = find->found;
-        find->found = node;
-      }
-
-    nomatch:
-      if( (NSSArena *)NULL != tmparena ) {
-        (void)NSSArena_Destroy(tmparena);
-      }
-      *pdbrv = db->db->seq(db->db, &k, &v, R_NEXT);
-    }
-
-    if( *pdbrv < 0 ) {
-      rv = CKR_DEVICE_ERROR;
-      goto loser;
-    }
-
-    rv = CKR_OK;
-
-  loser:
-    (void)NSSCKFWMutex_Unlock(db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_BBOOL
-nss_dbm_db_object_still_exists
-(
-  nss_dbm_dbt_t *dbt
-)
-{
-  CK_BBOOL rv;
-  CK_RV ckrv;
-  int dbrv;
-  DBT object;
-
-  ckrv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-  if( CKR_OK != ckrv ) {
-    return CK_FALSE;
-  }
-
-  dbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
-  if( 0 == dbrv ) {
-    rv = CK_TRUE;
-  } else {
-    rv = CK_FALSE;
-  }
-
-  (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
-  nss_dbm_dbt_t *dbt,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-)
-{
-  CK_ULONG rv = 0;
-  DBT object;
-  CK_ULONG *pulData;
-
-  /* Locked region */
-  {
-    *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-    if( CKR_OK != *pError ) {
-      return rv;
-    }
-
-    *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
-    if( 0 == *pdbrv ) {
-      ;
-    } else if( *pdbrv > 0 ) {
-      *pError = CKR_OBJECT_HANDLE_INVALID;
-      goto done;
-    } else {
-      *pError = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    pulData = (CK_ULONG *)object.data;
-    rv = ntohl(pulData[0]);
-
-  done:
-    (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_get_object_attribute_types
-(
-  nss_dbm_dbt_t *dbt,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount,
-  CK_ULONG *pdbrv
-)
-{
-  CK_RV rv = CKR_OK;
-  DBT object;
-  CK_ULONG *pulData;
-  CK_ULONG n, i;
-
-  /* Locked region */
-  {
-    rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-    if( CKR_OK != rv ) {
-      return rv;
-    }
-
-    *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
-    if( 0 == *pdbrv ) {
-      ;
-    } else if( *pdbrv > 0 ) {
-      rv = CKR_OBJECT_HANDLE_INVALID;
-      goto done;
-    } else {
-      rv = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    pulData = (CK_ULONG *)object.data;
-    n = ntohl(pulData[0]);
-
-    if( ulCount < n ) {
-      rv = CKR_BUFFER_TOO_SMALL;
-      goto done;
-    }
-
-    for( i = 0; i < n; i++ ) {
-      typeArray[i] = ntohl(pulData[1 + i*3]);
-    }
-
-  done:
-    (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
-  nss_dbm_dbt_t *dbt,
-  CK_ATTRIBUTE_TYPE type,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-)
-{
-  CK_ULONG rv = 0;
-  DBT object;
-  CK_ULONG *pulData;
-  CK_ULONG n, i;
-
-  /* Locked region */
-  {
-    *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-    if( CKR_OK != *pError ) {
-      return rv;
-    }
-
-    *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
-    if( 0 == *pdbrv ) {
-      ;
-    } else if( *pdbrv > 0 ) {
-      *pError = CKR_OBJECT_HANDLE_INVALID;
-      goto done;
-    } else {
-      *pError = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    pulData = (CK_ULONG *)object.data;
-    n = ntohl(pulData[0]);
-
-    for( i = 0; i < n; i++ ) {
-      if( type == ntohl(pulData[1 + i*3]) ) {
-        rv = ntohl(pulData[2 + i*3]);
-      }
-    }
-
-    if( i == n ) {
-      *pError = CKR_ATTRIBUTE_TYPE_INVALID;
-      goto done;
-    }
-
-  done:
-    (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT NSSItem *
-nss_dbm_db_get_object_attribute
-(
-  nss_dbm_dbt_t *dbt,
-  NSSArena *arena,
-  CK_ATTRIBUTE_TYPE type,
-  CK_RV *pError,
-  CK_ULONG *pdbrv
-)
-{
-  NSSItem *rv = (NSSItem *)NULL;
-  DBT object;
-  CK_ULONG i;
-  NSSArena *tmp = NSSArena_Create();
-  CK_ATTRIBUTE_PTR pTemplate;
-  CK_ULONG ulAttributeCount;
-
-  /* Locked region */
-  {
-    *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-    if( CKR_OK != *pError ) {
-      goto loser;
-    }
-
-    *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
-    if( 0 == *pdbrv ) {
-      ;
-    } else if( *pdbrv > 0 ) {
-      *pError = CKR_OBJECT_HANDLE_INVALID;
-      goto done;
-    } else {
-      *pError = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    *pError = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
-    if( CKR_OK != *pError ) {
-      goto done;
-    }
-
-    for( i = 0; i < ulAttributeCount; i++ ) {
-      if( type == pTemplate[i].type ) {
-        rv = nss_ZNEW(arena, NSSItem);
-        if( (NSSItem *)NULL == rv ) {
-          *pError = CKR_HOST_MEMORY;
-          goto done;
-        }
-        rv->size = pTemplate[i].ulValueLen;
-        rv->data = nss_ZAlloc(arena, rv->size);
-        if( (void *)NULL == rv->data ) {
-          *pError = CKR_HOST_MEMORY;
-          goto done;
-        }
-        (void)memcpy(rv->data, pTemplate[i].pValue, rv->size);
-        break;
-      }
-    }
-    if( ulAttributeCount == i ) {
-      *pError = CKR_ATTRIBUTE_TYPE_INVALID;
-      goto done;
-    }
-
-  done:
-    (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-  }
-
- loser:
-  if( (NSSArena *)NULL != tmp ) {
-    NSSArena_Destroy(tmp);
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_object_attribute
-(
-  nss_dbm_dbt_t *dbt,
-  CK_ATTRIBUTE_TYPE type,
-  NSSItem *value,
-  CK_ULONG *pdbrv
-)
-{
-  CK_RV rv = CKR_OK;
-  DBT object;
-  CK_ULONG i;
-  NSSArena *tmp = NSSArena_Create();
-  CK_ATTRIBUTE_PTR pTemplate;
-  CK_ULONG ulAttributeCount;
-
-  /* Locked region */
-  {
-    rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
-    if( CKR_OK != rv ) {
-      goto loser;
-    }
-
-    *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
-    if( 0 == *pdbrv ) {
-      ;
-    } else if( *pdbrv > 0 ) {
-      rv = CKR_OBJECT_HANDLE_INVALID;
-      goto done;
-    } else {
-      rv = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    rv = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
-    if( CKR_OK != rv ) {
-      goto done;
-    }
-
-    for( i = 0; i < ulAttributeCount; i++ ) {
-      if( type == pTemplate[i].type ) {
-        /* Replacing an existing attribute */
-        pTemplate[i].ulValueLen = value->size;
-        pTemplate[i].pValue = value->data;
-        break;
-      }
-    }
-
-    if( i == ulAttributeCount ) {
-      /* Adding a new attribute */
-      CK_ATTRIBUTE_PTR npt = nss_ZNEWARRAY(tmp, CK_ATTRIBUTE, ulAttributeCount+1);
-      if( (CK_ATTRIBUTE_PTR)NULL == npt ) {
-        rv = CKR_DEVICE_ERROR;
-        goto done;
-      }
-
-      for( i = 0; i < ulAttributeCount; i++ ) {
-        npt[i] = pTemplate[i];
-      }
-
-      npt[ulAttributeCount].type = type;
-      npt[ulAttributeCount].ulValueLen = value->size;
-      npt[ulAttributeCount].pValue = value->data;
-
-      pTemplate = npt;
-      ulAttributeCount++;
-    }
-
-    rv = nss_dbm_db_wrap_object(tmp, pTemplate, ulAttributeCount, &object);
-    if( CKR_OK != rv ) {
-      goto done;
-    }
-
-    *pdbrv = dbt->my_db->db->put(dbt->my_db->db, &dbt->dbt, &object, 0);
-    if( 0 != *pdbrv ) {
-      rv = CKR_DEVICE_ERROR;
-      goto done;
-    }
-
-    (void)dbt->my_db->db->sync(dbt->my_db->db, 0);
-
-  done:
-    (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-  }
-
- loser:
-  if( (NSSArena *)NULL != tmp ) {
-    NSSArena_Destroy(tmp);
-  }
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/find.c b/security/nss/lib/ckfw/dbm/find.c
deleted file mode 100644
index 81fe5d8fb..000000000
--- a/security/nss/lib/ckfw/dbm/find.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdFindObjects_Final
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
-
-  /* Locks might have system resources associated */
-  (void)NSSCKFWMutex_Destroy(find->list_lock);
-  (void)NSSArena_Destroy(find->arena);
-}
-
-
-static NSSCKMDObject *
-nss_dbm_mdFindObjects_Next
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
-  struct nss_dbm_dbt_node *node;
-  nss_dbm_object_t *object;
-  NSSCKMDObject *rv;
-
-  while(1) {
-    /* Lock */
-    {
-      *pError = NSSCKFWMutex_Lock(find->list_lock);
-      if( CKR_OK != *pError ) {
-        return (NSSCKMDObject *)NULL;
-      }
-      
-      node = find->found;
-      if( (struct nss_dbm_dbt_node *)NULL != node ) {
-        find->found = node->next;
-      }
-      
-      *pError = NSSCKFWMutex_Unlock(find->list_lock);
-      if( CKR_OK != *pError ) {
-        /* screwed now */
-        return (NSSCKMDObject *)NULL;
-      }
-    }
-
-    if( (struct nss_dbm_dbt_node *)NULL == node ) {
-      break;
-    }
-
-    if( nss_dbm_db_object_still_exists(node->dbt) ) {
-      break;
-    }
-  }
-
-  if( (struct nss_dbm_dbt_node *)NULL == node ) {
-    *pError = CKR_OK;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  object = nss_ZNEW(arena, nss_dbm_object_t);
-  if( (nss_dbm_object_t *)NULL == object ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  object->arena = arena;
-  object->handle = nss_ZNEW(arena, nss_dbm_dbt_t);
-  if( (nss_dbm_dbt_t *)NULL == object->handle ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  object->handle->my_db = node->dbt->my_db;
-  object->handle->dbt.size = node->dbt->dbt.size;
-  object->handle->dbt.data = nss_ZAlloc(arena, node->dbt->dbt.size);
-  if( (void *)NULL == object->handle->dbt.data ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  (void)memcpy(object->handle->dbt.data, node->dbt->dbt.data, node->dbt->dbt.size);
-
-  rv = nss_dbm_mdObject_factory(object, pError);
-  if( (NSSCKMDObject *)NULL == rv ) {
-    return (NSSCKMDObject *)NULL;
-  }
-
-  return rv;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
-  nss_dbm_find_t *find,
-  CK_RV *pError
-)
-{
-  NSSCKMDFindObjects *rv;
-
-  rv = nss_ZNEW(find->arena, NSSCKMDFindObjects);
-  if( (NSSCKMDFindObjects *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  rv->etc = (void *)find;
-  rv->Final = nss_dbm_mdFindObjects_Final;
-  rv->Next = nss_dbm_mdFindObjects_Next;
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/instance.c b/security/nss/lib/ckfw/dbm/instance.c
deleted file mode 100644
index 70681803f..000000000
--- a/security/nss/lib/ckfw/dbm/instance.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdInstance_Initialize
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  NSSUTF8 *configurationData
-)
-{
-  CK_RV rv = CKR_OK;
-  NSSArena *arena;
-  nss_dbm_instance_t *instance;
-
-  arena = NSSCKFWInstance_GetArena(fwInstance, &rv);
-  if( ((NSSArena *)NULL == arena) && (CKR_OK != rv) ) {
-    return rv;
-  }
-
-  instance = nss_ZNEW(arena, nss_dbm_instance_t);
-  if( (nss_dbm_instance_t *)NULL == instance ) {
-    return CKR_HOST_MEMORY;
-  }
-
-  instance->arena = arena;
-
-  /*
-   * This should parse the configuration data for information on
-   * number and locations of databases, modes (e.g. readonly), etc.
-   * But for now, we'll have one slot with a creatable read-write
-   * database called "cert8.db."
-   */
-
-  instance->nSlots = 1;
-  instance->filenames = nss_ZNEWARRAY(arena, char *, instance->nSlots);
-  if( (char **)NULL == instance->filenames ) {
-    return CKR_HOST_MEMORY;
-  }
-
-  instance->flags = nss_ZNEWARRAY(arena, int, instance->nSlots);
-  if( (int *)NULL == instance->flags ) {
-    return CKR_HOST_MEMORY;
-  }
-
-  instance->filenames[0] = "cert8.db";
-  instance->flags[0] = O_RDWR|O_CREAT;
-
-  mdInstance->etc = (void *)instance;
-  return CKR_OK;
-}
-
-/* nss_dbm_mdInstance_Finalize is not required */
-
-static CK_ULONG
-nss_dbm_mdInstance_GetNSlots
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
-  return instance->nSlots;
-}
-
-static CK_VERSION
-nss_dbm_mdInstance_GetCryptokiVersion
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  static CK_VERSION rv = { 2, 1 };
-  return rv;
-}
-
-static NSSUTF8 *
-nss_dbm_mdInstance_GetManufacturerID
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return "Netscape Communications Corp.";
-}
-
-static NSSUTF8 *
-nss_dbm_mdInstance_GetLibraryDescription
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return "Berkeley Database Module";
-}
-
-static CK_VERSION
-nss_dbm_mdInstance_GetLibraryVersion
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  static CK_VERSION rv = { 1, 0 }; /* My own version number */
-  return rv;
-}
-
-static CK_BBOOL
-nss_dbm_mdInstance_ModuleHandlesSessionObjects
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  return CK_TRUE;
-}
-
-static CK_RV
-nss_dbm_mdInstance_GetSlots
-(
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  NSSCKMDSlot *slots[]
-)
-{
-  nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
-  CK_ULONG i;
-  CK_RV rv = CKR_OK;
-
-  for( i = 0; i < instance->nSlots; i++ ) {
-    slots[i] = nss_dbm_mdSlot_factory(instance, instance->filenames[i], 
-                                      instance->flags[i], &rv);
-    if( (NSSCKMDSlot *)NULL == slots[i] ) {
-      return rv;
-    }
-  }
-
-  return rv;
-}
-
-/* nss_dbm_mdInstance_WaitForSlotEvent is not relevant */
-
-NSS_IMPLEMENT_DATA NSSCKMDInstance 
-nss_dbm_mdInstance = {
-  NULL, /* etc; filled in later */
-  nss_dbm_mdInstance_Initialize,
-  NULL, /* nss_dbm_mdInstance_Finalize */
-  nss_dbm_mdInstance_GetNSlots,
-  nss_dbm_mdInstance_GetCryptokiVersion,
-  nss_dbm_mdInstance_GetManufacturerID,
-  nss_dbm_mdInstance_GetLibraryDescription,
-  nss_dbm_mdInstance_GetLibraryVersion,
-  nss_dbm_mdInstance_ModuleHandlesSessionObjects,
-  nss_dbm_mdInstance_GetSlots,
-  NULL, /* nss_dbm_mdInstance_WaitForSlotEvent */
-  NULL /* terminator */
-};
diff --git a/security/nss/lib/ckfw/dbm/manifest.mn b/security/nss/lib/ckfw/dbm/manifest.mn
deleted file mode 100644
index 193e46bef..000000000
--- a/security/nss/lib/ckfw/dbm/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../../..
-
-MODULE = security
-
-CSRCS =		   \
-	anchor.c   \
-	instance.c \
-	slot.c	   \
-	token.c	   \
-	session.c  \
-	object.c   \
-	find.c	   \
-	db.c	   \
-	$(NULL)
-
-REQUIRES = security dbm nspr
-
-LIBRARY_NAME = nssckdbm
-
-EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -ldbm -lnspr4 -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/dbm/object.c b/security/nss/lib/ckfw/dbm/object.c
deleted file mode 100644
index 2bd7578fd..000000000
--- a/security/nss/lib/ckfw/dbm/object.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdObject_Finalize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  ;
-}
-
-static CK_RV
-nss_dbm_mdObject_Destroy
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
-  return nss_dbm_db_delete_object(object->handle);
-}
-
-static CK_ULONG
-nss_dbm_mdObject_GetAttributeCount
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  return nss_dbm_db_get_object_attribute_count(object->handle, pError, 
-                                               &session->deviceError);
-}
-
-static CK_RV
-nss_dbm_mdObject_GetAttributeTypes
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-)
-{
-  nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  return nss_dbm_db_get_object_attribute_types(object->handle, typeArray,
-                                               ulCount, &session->deviceError);
-}
-
-static CK_ULONG
-nss_dbm_mdObject_GetAttributeSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  return nss_dbm_db_get_object_attribute_size(object->handle, attribute, pError, 
-                                              &session->deviceError);
-}
-
-static NSSItem *
-nss_dbm_mdObject_GetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  return nss_dbm_db_get_object_attribute(object->handle, object->arena, attribute,
-                                         pError, &session->deviceError);
-}
-
-static CK_RV
-nss_dbm_mdObject_SetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *value
-)
-{
-  nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  return nss_dbm_db_set_object_attribute(object->handle, attribute, value,
-                                         &session->deviceError);
-}
-
-NSS_IMPLEMENT NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
-  nss_dbm_object_t *object,
-  CK_RV *pError
-)
-{
-  NSSCKMDObject *rv;
-
-  rv = nss_ZNEW(object->arena, NSSCKMDObject);
-  if( (NSSCKMDObject *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  rv->etc = (void *)object;
-  rv->Finalize = nss_dbm_mdObject_Finalize;
-  rv->Destroy = nss_dbm_mdObject_Destroy;
-  /*  IsTokenObject can be deferred */
-  rv->GetAttributeCount = nss_dbm_mdObject_GetAttributeCount;
-  rv->GetAttributeTypes = nss_dbm_mdObject_GetAttributeTypes;
-  rv->GetAttributeSize = nss_dbm_mdObject_GetAttributeSize;
-  rv->GetAttribute = nss_dbm_mdObject_GetAttribute;
-  rv->SetAttribute = nss_dbm_mdObject_SetAttribute;
-  /*  GetObjectSize can be deferred */
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/session.c b/security/nss/lib/ckfw/dbm/session.c
deleted file mode 100644
index c0969d948..000000000
--- a/security/nss/lib/ckfw/dbm/session.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdSession_Close
-(
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-
-  struct nss_dbm_dbt_node *w;
-
-  /* Lock */
-  {
-    if( CKR_OK != NSSCKFWMutex_Lock(session->list_lock) ) {
-      return;
-    }
-
-    w = session->session_objects;
-    session->session_objects = (struct nss_dbm_dbt_node *)NULL; /* sanity */
-    
-    (void)NSSCKFWMutex_Unlock(session->list_lock);
-  }
-
-  for( ; (struct nss_dbm_dbt_node *)NULL != w; w = w->next ) {
-    (void)nss_dbm_db_delete_object(w->dbt);
-  }
-}
-
-static CK_ULONG
-nss_dbm_mdSession_GetDeviceError
-(
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  return session->deviceError;
-}
-
-/* Login isn't needed */
-/* Logout isn't needed */
-/* InitPIN is irrelevant */
-/* SetPIN is irrelevant */
-/* GetOperationStateLen is irrelevant */
-/* GetOperationState is irrelevant */
-/* SetOperationState is irrelevant */
-
-static NSSCKMDObject *
-nss_dbm_mdSession_CreateObject
-(
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSArena *handyArenaPointer,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-  CK_ULONG i;
-  CK_BBOOL isToken = CK_FALSE; /* defaults to false */
-  NSSCKMDObject *rv;
-  struct nss_dbm_dbt_node *node = (struct nss_dbm_dbt_node *)NULL;
-  nss_dbm_object_t *object;
-  nss_dbm_db_t *which_db;
-
-  /* This framework should really pass this to me */
-  for( i = 0; i < ulAttributeCount; i++ ) {
-    if( CKA_TOKEN == pTemplate[i].type ) {
-      isToken = *(CK_BBOOL *)pTemplate[i].pValue;
-      break;
-    }
-  }
-
-  object = nss_ZNEW(handyArenaPointer, nss_dbm_object_t);
-  if( (nss_dbm_object_t *)NULL == object ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDObject *)NULL;
-  }
-
-  object->arena = handyArenaPointer;
-  which_db = isToken ? token->slot->token_db : token->session_db;
-
-  /* Do this before the actual database call; it's easier to recover from */
-  rv = nss_dbm_mdObject_factory(object, pError);
-  if( (NSSCKMDObject *)NULL == rv ) {
-    return (NSSCKMDObject *)NULL;
-  }
-
-  if( CK_FALSE == isToken ) {
-    node = nss_ZNEW(session->arena, struct nss_dbm_dbt_node);
-    if( (struct nss_dbm_dbt_node *)NULL == node ) {
-      *pError = CKR_HOST_MEMORY;
-      return (NSSCKMDObject *)NULL;
-    }
-  }
-
-  object->handle = nss_dbm_db_create_object(handyArenaPointer, which_db, 
-                                            pTemplate, ulAttributeCount,
-                                            pError, &session->deviceError);
-  if( (nss_dbm_dbt_t *)NULL == object->handle ) {
-    return (NSSCKMDObject *)NULL;
-  }
-
-  if( CK_FALSE == isToken ) {
-    node->dbt = object->handle;
-    /* Lock */
-    {
-      *pError = NSSCKFWMutex_Lock(session->list_lock);
-      if( CKR_OK != *pError ) {
-        (void)nss_dbm_db_delete_object(object->handle);
-        return (NSSCKMDObject *)NULL;
-      }
-      
-      node->next = session->session_objects;
-      session->session_objects = node;
-      
-      *pError = NSSCKFWMutex_Unlock(session->list_lock);
-    }
-  }
-
-  return rv;
-}
-
-/* CopyObject isn't needed; the framework will use CreateObject */
-
-static NSSCKMDFindObjects *
-nss_dbm_mdSession_FindObjectsInit
-(
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-  NSSArena *arena;
-  nss_dbm_find_t *find;
-  NSSCKMDFindObjects *rv;
-
-  arena = NSSArena_Create();
-  if( (NSSArena *)NULL == arena ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  find = nss_ZNEW(arena, nss_dbm_find_t);
-  if( (nss_dbm_find_t *)NULL == find ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  find->arena = arena;
-  find->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == find->list_lock ) {
-    goto loser;
-  }
-
-  *pError = nss_dbm_db_find_objects(find, token->slot->token_db, pTemplate, 
-                                    ulAttributeCount, &session->deviceError);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-
-  *pError = nss_dbm_db_find_objects(find, token->session_db, pTemplate, 
-                                    ulAttributeCount, &session->deviceError);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-
-  rv = nss_dbm_mdFindObjects_factory(find, pError);
-  if( (NSSCKMDFindObjects *)NULL == rv ) {
-    goto loser;
-  }
-
-  return rv;
-
- loser:
-  if( (NSSArena *)NULL != arena ) {
-    (void)NSSArena_Destroy(arena);
-  }
-
-  return (NSSCKMDFindObjects *)NULL;
-}
-
-/* SeedRandom is irrelevant */
-/* GetRandom is irrelevant */
-
-NSS_IMPLEMENT NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
-  nss_dbm_token_t *token,
-  NSSCKFWSession *fwSession,
-  NSSCKFWInstance *fwInstance,
-  CK_BBOOL rw,
-  CK_RV *pError
-)
-{
-  NSSArena *arena;
-  nss_dbm_session_t *session;
-  NSSCKMDSession *rv;
-
-  arena = NSSCKFWSession_GetArena(fwSession, pError);
-
-  session = nss_ZNEW(arena, nss_dbm_session_t);
-  if( (nss_dbm_session_t *)NULL == session ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDSession *)NULL;
-  }
-
-  rv = nss_ZNEW(arena, NSSCKMDSession);
-  if( (NSSCKMDSession *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDSession *)NULL;
-  }
-
-  session->arena = arena;
-  session->token = token;
-  session->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == session->list_lock ) {
-    return (NSSCKMDSession *)NULL;
-  }
-
-  rv->etc = (void *)session;
-  rv->Close = nss_dbm_mdSession_Close;
-  rv->GetDeviceError = nss_dbm_mdSession_GetDeviceError;
-  /*  Login isn't needed */
-  /*  Logout isn't needed */
-  /*  InitPIN is irrelevant */
-  /*  SetPIN is irrelevant */
-  /*  GetOperationStateLen is irrelevant */
-  /*  GetOperationState is irrelevant */
-  /*  SetOperationState is irrelevant */
-  rv->CreateObject = nss_dbm_mdSession_CreateObject;
-  /*  CopyObject isn't needed; the framework will use CreateObject */
-  rv->FindObjectsInit = nss_dbm_mdSession_FindObjectsInit;
-  rv->null = NULL;
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/slot.c b/security/nss/lib/ckfw/dbm/slot.c
deleted file mode 100644
index 40898897a..000000000
--- a/security/nss/lib/ckfw/dbm/slot.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdSlot_Initialize
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-  nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
-  CK_RV rv = CKR_OK;
-
-  slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, slot->filename, 
-                                   slot->flags, &rv);
-  if( (nss_dbm_db_t *)NULL == slot->token_db ) {
-    if( CKR_TOKEN_NOT_PRESENT == rv ) {
-      /* This is not an error-- just means "the token isn't there" */
-      rv = CKR_OK;
-    }
-  }
-
-  return rv;
-}
-
-static void
-nss_dbm_mdSlot_Destroy
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-
-  if( (nss_dbm_db_t *)NULL != slot->token_db ) {
-    nss_dbm_db_close(slot->token_db);
-    slot->token_db = (nss_dbm_db_t *)NULL;
-  }
-}
-
-static NSSUTF8 *
-nss_dbm_mdSlot_GetSlotDescription
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return "Database";
-}
-
-static NSSUTF8 *
-nss_dbm_mdSlot_GetManufacturerID
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return "Berkeley";
-}
-
-static CK_BBOOL
-nss_dbm_mdSlot_GetTokenPresent
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-
-  if( (nss_dbm_db_t *)NULL == slot->token_db ) {
-    return CK_FALSE;
-  } else {
-    return CK_TRUE;
-  }
-}
-
-static CK_BBOOL
-nss_dbm_mdSlot_GetRemovableDevice
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance
-)
-{
-  /*
-   * Well, this supports "tokens" (databases) that aren't there, so in
-   * that sense they're removable.  It'd be nice to handle databases
-   * that suddenly disappear (NFS-mounted home directories and network
-   * errors, for instance) but that's a harder problem.  We'll say
-   * we support removable devices, badly.
-   */
-
-  return CK_TRUE;
-}
-
-/* nss_dbm_mdSlot_GetHardwareSlot defaults to CK_FALSE */
-/* 
- * nss_dbm_mdSlot_GetHardwareVersion
- * nss_dbm_mdSlot_GetFirmwareVersion
- *
- * These are kinda fuzzy concepts here.  I suppose we could return the
- * Berkeley DB version for one of them, if we had an actual number we
- * were confident in.  But mcom's "dbm" has been hacked enough that I
- * don't really know from what "real" version it stems..
- */
-
-static NSSCKMDToken *
-nss_dbm_mdSlot_GetToken
-(
-  NSSCKMDSlot *mdSlot,
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDInstance *mdInstance,                                    
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-  return nss_dbm_mdToken_factory(slot, pError);
-}
-
-NSS_IMPLEMENT NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
-  nss_dbm_instance_t *instance,
-  char *filename,
-  int flags,
-  CK_RV *pError
-)
-{
-  nss_dbm_slot_t *slot;
-  NSSCKMDSlot *rv;
-
-  slot = nss_ZNEW(instance->arena, nss_dbm_slot_t);
-  if( (nss_dbm_slot_t *)NULL == slot ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDSlot *)NULL;
-  }
-
-  slot->instance = instance;
-  slot->filename = filename;
-  slot->flags = flags;
-  slot->token_db = (nss_dbm_db_t *)NULL;
-
-  rv = nss_ZNEW(instance->arena, NSSCKMDSlot);
-  if( (NSSCKMDSlot *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDSlot *)NULL;
-  }
-
-  rv->etc = (void *)slot;
-  rv->Initialize = nss_dbm_mdSlot_Initialize;
-  rv->Destroy = nss_dbm_mdSlot_Destroy;
-  rv->GetSlotDescription = nss_dbm_mdSlot_GetSlotDescription;
-  rv->GetManufacturerID = nss_dbm_mdSlot_GetManufacturerID;
-  rv->GetTokenPresent = nss_dbm_mdSlot_GetTokenPresent;
-  rv->GetRemovableDevice = nss_dbm_mdSlot_GetRemovableDevice;
-  /*  GetHardwareSlot */
-  /*  GetHardwareVersion */
-  /*  GetFirmwareVersion */
-  rv->GetToken = nss_dbm_mdSlot_GetToken;
-  rv->null = (void *)NULL;
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/token.c b/security/nss/lib/ckfw/dbm/token.c
deleted file mode 100644
index 7c7fbf9e5..000000000
--- a/security/nss/lib/ckfw/dbm/token.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdToken_Setup
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-  CK_RV rv = CKR_OK;
-
-  token->arena = NSSCKFWToken_GetArena(fwToken, &rv);
-  token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL, 
-                                      O_RDWR|O_CREAT, &rv);
-  if( (nss_dbm_db_t *)NULL == token->session_db ) {
-    return rv;
-  }
-
-  /* Add a label record if there isn't one? */
-
-  return CKR_OK;
-}
-
-static void
-nss_dbm_mdToken_Invalidate
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
-  if( (nss_dbm_db_t *)NULL != token->session_db ) {
-    nss_dbm_db_close(token->session_db);
-    token->session_db = (nss_dbm_db_t *)NULL;
-  }
-}
-
-static CK_RV
-nss_dbm_mdToken_InitToken
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSItem *pin,
-  NSSUTF8 *label
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-  nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
-  CK_RV rv;
-
-  /* Wipe the session object data */
-  
-  if( (nss_dbm_db_t *)NULL != token->session_db ) {
-    nss_dbm_db_close(token->session_db);
-  }
-
-  token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL, 
-                                      O_RDWR|O_CREAT, &rv);
-  if( (nss_dbm_db_t *)NULL == token->session_db ) {
-    return rv;
-  }
-
-  /* Wipe the token object data */
-
-  if( token->slot->flags & O_RDWR ) {
-    if( (nss_dbm_db_t *)NULL != token->slot->token_db ) {
-      nss_dbm_db_close(token->slot->token_db);
-    }
-
-    token->slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, 
-                                            token->slot->filename,
-                                            token->slot->flags | O_CREAT | O_TRUNC, 
-                                            &rv);
-    if( (nss_dbm_db_t *)NULL == token->slot->token_db ) {
-      return rv;
-    }
-
-    /* PIN is irrelevant */
-
-    rv = nss_dbm_db_set_label(token->slot->token_db, label);
-    if( CKR_OK != rv ) {
-      return rv;
-    }
-  }
-
-  return CKR_OK;
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetLabel
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
-  if( (NSSUTF8 *)NULL == token->label ) {
-    token->label = nss_dbm_db_get_label(token->slot->token_db, token->arena, pError);
-  }
-
-  /* If no label has been set, return *something* */
-  if( (NSSUTF8 *)NULL == token->label ) {
-    return token->slot->filename;
-  }
-
-  return token->label;
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetManufacturerID
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return "mozilla.org NSS";
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetModel
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  return "dbm";
-}
-
-/* GetSerialNumber is irrelevant */
-/* GetHasRNG defaults to CK_FALSE */
-
-static CK_BBOOL
-nss_dbm_mdToken_GetIsWriteProtected
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
-  if( token->slot->flags & O_RDWR ) {
-    return CK_FALSE;
-  } else {
-    return CK_TRUE;
-  }
-}
-
-/* GetLoginRequired defaults to CK_FALSE */
-/* GetUserPinInitialized defaults to CK_FALSE */
-/* GetRestoreKeyNotNeeded is irrelevant */
-/* GetHasClockOnToken defaults to CK_FALSE */
-/* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
-/* GetSupportsDualCryptoOperations is irrelevant */
-
-static CK_ULONG
-nss_dbm_mdToken_effectively_infinite
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  return CK_EFFECTIVELY_INFINITE;
-}
-
-static CK_VERSION
-nss_dbm_mdToken_GetHardwareVersion
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-  return nss_dbm_db_get_format_version(token->slot->token_db);
-}
-
-/* GetFirmwareVersion is irrelevant */
-/* GetUTCTime is irrelevant */
-
-static NSSCKMDSession *
-nss_dbm_mdToken_OpenSession
-(
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWSession *fwSession,
-  CK_BBOOL rw,
-  CK_RV *pError
-)
-{
-  nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-  return nss_dbm_mdSession_factory(token, fwSession, fwInstance, rw, pError);
-}
-
-/* GetMechanismCount defaults to zero */
-/* GetMechanismTypes is irrelevant */
-/* GetMechanism is irrelevant */
-
-NSS_IMPLEMENT NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
-  nss_dbm_slot_t *slot,
-  CK_RV *pError
-)
-{
-  nss_dbm_token_t *token;
-  NSSCKMDToken *rv;
-
-  token = nss_ZNEW(slot->instance->arena, nss_dbm_token_t);
-  if( (nss_dbm_token_t *)NULL == token ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDToken *)NULL;
-  }
-
-  rv = nss_ZNEW(slot->instance->arena, NSSCKMDToken);
-  if( (NSSCKMDToken *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDToken *)NULL;
-  }
-
-  token->slot = slot;
-
-  rv->etc = (void *)token;
-  rv->Setup = nss_dbm_mdToken_Setup;
-  rv->Invalidate = nss_dbm_mdToken_Invalidate;
-  rv->InitToken = nss_dbm_mdToken_InitToken;
-  rv->GetLabel = nss_dbm_mdToken_GetLabel;
-  rv->GetManufacturerID = nss_dbm_mdToken_GetManufacturerID;
-  rv->GetModel = nss_dbm_mdToken_GetModel;
-  /*  GetSerialNumber is irrelevant */
-  /*  GetHasRNG defaults to CK_FALSE */
-  rv->GetIsWriteProtected = nss_dbm_mdToken_GetIsWriteProtected;
-  /*  GetLoginRequired defaults to CK_FALSE */
-  /*  GetUserPinInitialized defaults to CK_FALSE */
-  /*  GetRestoreKeyNotNeeded is irrelevant */
-  /*  GetHasClockOnToken defaults to CK_FALSE */
-  /*  GetHasProtectedAuthenticationPath defaults to CK_FALSE */
-  /*  GetSupportsDualCryptoOperations is irrelevant */
-  rv->GetMaxSessionCount = nss_dbm_mdToken_effectively_infinite;
-  rv->GetMaxRwSessionCount = nss_dbm_mdToken_effectively_infinite;
-  /*  GetMaxPinLen is irrelevant */
-  /*  GetMinPinLen is irrelevant */
-  /*  GetTotalPublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
-  /*  GetFreePublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
-  /*  GetTotalPrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
-  /*  GetFreePrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
-  rv->GetHardwareVersion = nss_dbm_mdToken_GetHardwareVersion;
-  /*  GetFirmwareVersion is irrelevant */
-  /*  GetUTCTime is irrelevant */
-  rv->OpenSession = nss_dbm_mdToken_OpenSession;
-  rv->null = NULL;
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/find.c b/security/nss/lib/ckfw/find.c
deleted file mode 100644
index 2569fa100..000000000
--- a/security/nss/lib/ckfw/find.c
+++ /dev/null
@@ -1,410 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * find.c
- *
- * This file implements the nssCKFWFindObjects type and methods.
- */
-
-#ifndef CK_H
-#include "ck.h"
-#endif /* CK_H */
-
-/*
- * NSSCKFWFindObjects
- *
- *  -- create/destroy --
- *  nssCKFWFindObjects_Create
- *  nssCKFWFindObjects_Destroy
- *
- *  -- public accessors --
- *  NSSCKFWFindObjects_GetMDFindObjects
- * 
- *  -- implement public accessors --
- *  nssCKFWFindObjects_GetMDFindObjects
- *
- *  -- private accessors --
- *
- *  -- module fronts --
- *  nssCKFWFindObjects_Next
- */
-
-struct NSSCKFWFindObjectsStr {
-  NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
-  NSSCKMDFindObjects *mdfo1;
-  NSSCKMDFindObjects *mdfo2;
-  NSSCKFWSession *fwSession;
-  NSSCKMDSession *mdSession;
-  NSSCKFWToken *fwToken;
-  NSSCKMDToken *mdToken;
-  NSSCKFWInstance *fwInstance;
-  NSSCKMDInstance *mdInstance;
-
-  NSSCKMDFindObjects *mdFindObjects; /* varies */
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do these routines as no-ops.
- */
-
-static CK_RV
-findObjects_add_pointer
-(
-  const NSSCKFWFindObjects *fwFindObjects
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-findObjects_remove_pointer
-(
-  const NSSCKFWFindObjects *fwFindObjects
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWFindObjects_verifyPointer
-(
-  const NSSCKFWFindObjects *fwFindObjects
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWFindObjects_Create
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWToken *fwToken,
-  NSSCKFWInstance *fwInstance,
-  NSSCKMDFindObjects *mdFindObjects1,
-  NSSCKMDFindObjects *mdFindObjects2,
-  CK_RV *pError
-)
-{
-  NSSCKFWFindObjects *fwFindObjects = NULL;
-  NSSArena *arena;
-  NSSCKMDSession *mdSession;
-  NSSCKMDToken *mdToken;
-  NSSCKMDInstance *mdInstance;
-
-  mdSession = nssCKFWSession_GetMDSession(fwSession);
-  mdToken = nssCKFWToken_GetMDToken(fwToken);
-  mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
-
-#ifdef notdef
-  arena = nssCKFWSession_GetArena(fwSession, pError);
-  if( (NSSArena *)NULL == arena ) {
-    goto loser;
-  }
-#endif
-
-  fwFindObjects = nss_ZNEW(NULL, NSSCKFWFindObjects);
-  if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  fwFindObjects->mdfo1 = mdFindObjects1;
-  fwFindObjects->mdfo2 = mdFindObjects2;
-  fwFindObjects->fwSession = fwSession;
-  fwFindObjects->mdSession = mdSession;
-  fwFindObjects->fwToken = fwToken;
-  fwFindObjects->mdToken = mdToken;
-  fwFindObjects->fwInstance = fwInstance;
-  fwFindObjects->mdInstance = mdInstance;
-
-  fwFindObjects->mutex = nssCKFWInstance_CreateMutex(fwInstance, NULL, pError);
-  if( (NSSCKFWMutex *)NULL == fwFindObjects->mutex ) {
-    goto loser;
-  }
-
-#ifdef DEBUG
-  *pError = findObjects_add_pointer(fwFindObjects);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return fwFindObjects;
-
- loser:
-  nss_ZFreeIf(fwFindObjects);
-
-  if( (NSSCKMDFindObjects *)NULL != mdFindObjects1 ) {
-    if( (void *)NULL != (void *)mdFindObjects1->Final ) {
-      fwFindObjects->mdFindObjects = mdFindObjects1;
-      mdFindObjects1->Final(mdFindObjects1, fwFindObjects, mdSession, 
-        fwSession, mdToken, fwToken, mdInstance, fwInstance);
-    }
-  }
-
-  if( (NSSCKMDFindObjects *)NULL != mdFindObjects2 ) {
-    if( (void *)NULL != (void *)mdFindObjects2->Final ) {
-      fwFindObjects->mdFindObjects = mdFindObjects2;
-      mdFindObjects2->Final(mdFindObjects2, fwFindObjects, mdSession, 
-        fwSession, mdToken, fwToken, mdInstance, fwInstance);
-    }
-  }
-
-  if( CKR_OK == *pError ) {
-    *pError = CKR_GENERAL_ERROR;
-  }
-
-  return (NSSCKFWFindObjects *)NULL;
-}
-
-
-/*
- * nssCKFWFindObjects_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
-  NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  (void)nssCKFWMutex_Destroy(fwFindObjects->mutex);
-
-  if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo1 ) {
-    if( (void *)NULL != (void *)fwFindObjects->mdfo1->Final ) {
-      fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
-      fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
-        fwFindObjects->mdSession, fwFindObjects->fwSession, 
-        fwFindObjects->mdToken, fwFindObjects->fwToken,
-        fwFindObjects->mdInstance, fwFindObjects->fwInstance);
-    }
-  }
-
-  if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo2 ) {
-    if( (void *)NULL != (void *)fwFindObjects->mdfo2->Final ) {
-      fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
-      fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
-        fwFindObjects->mdSession, fwFindObjects->fwSession, 
-        fwFindObjects->mdToken, fwFindObjects->fwToken,
-        fwFindObjects->mdInstance, fwFindObjects->fwInstance);
-    }
-  }
-
-  nss_ZFreeIf(fwFindObjects);
-
-#ifdef DEBUG
-  (void)findObjects_remove_pointer(fwFindObjects);
-#endif /* DEBUG */
-
-  return;
-}
-
-/*
- * nssCKFWFindObjects_GetMDFindObjects
- *
- */
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
-  NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
-    return (NSSCKMDFindObjects *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwFindObjects->mdFindObjects;
-}
-
-/*
- * nssCKFWFindObjects_Next
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSArena *arenaOpt,
-  CK_RV *pError
-)
-{
-  NSSCKMDObject *mdObject;
-  NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
-  NSSArena *objArena;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  *pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo1 ) {
-    if( (void *)NULL != (void *)fwFindObjects->mdfo1->Next ) {
-      fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
-      mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
-        fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
-        fwFindObjects->mdToken, fwFindObjects->fwToken, 
-        fwFindObjects->mdInstance, fwFindObjects->fwInstance,
-        arenaOpt, pError);
-      if( (NSSCKMDObject *)NULL == mdObject ) {
-        if( CKR_OK != *pError ) {
-          goto done;
-        }
-
-        /* All done. */
-        fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
-          fwFindObjects->mdSession, fwFindObjects->fwSession,
-          fwFindObjects->mdToken, fwFindObjects->fwToken, 
-          fwFindObjects->mdInstance, fwFindObjects->fwInstance);
-        fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
-      } else {
-        goto wrap;
-      }
-    }
-  }
-
-  if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo2 ) {
-    if( (void *)NULL != (void *)fwFindObjects->mdfo2->Next ) {
-      fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
-      mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
-        fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
-        fwFindObjects->mdToken, fwFindObjects->fwToken, 
-        fwFindObjects->mdInstance, fwFindObjects->fwInstance,
-        arenaOpt, pError);
-      if( (NSSCKMDObject *)NULL == mdObject ) {
-        if( CKR_OK != *pError ) {
-          goto done;
-        }
-
-        /* All done. */
-        fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
-          fwFindObjects->mdSession, fwFindObjects->fwSession,
-          fwFindObjects->mdToken, fwFindObjects->fwToken, 
-          fwFindObjects->mdInstance, fwFindObjects->fwInstance);
-        fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
-      } else {
-        goto wrap;
-      }
-    }
-  }
-  
-  /* No more objects */
-  *pError = CKR_OK;
-  goto done;
-
- wrap:
-  /*
-   * This is less than ideal-- we should determine if it's a token
-   * object or a session object, and use the appropriate arena.
-   * But that duplicates logic in nssCKFWObject_IsTokenObject.
-   * Worry about that later.  For now, be conservative, and use
-   * the token arena.
-   */
-  objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
-  if( (NSSArena *)NULL == objArena ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_HOST_MEMORY;
-    }
-    goto done;
-  }
-
-  fwObject = nssCKFWObject_Create(objArena, mdObject,
-               fwFindObjects->fwSession, fwFindObjects->fwToken, 
-               fwFindObjects->fwInstance, pError);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-  }
-
- done:
-  (void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
-  return fwObject;
-}
-
-/*
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
-  NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
-    return (NSSCKMDFindObjects *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWFindObjects_GetMDFindObjects(fwFindObjects);
-}
diff --git a/security/nss/lib/ckfw/hash.c b/security/nss/lib/ckfw/hash.c
deleted file mode 100644
index f9790493b..000000000
--- a/security/nss/lib/ckfw/hash.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hash.c
- *
- * This is merely a couple wrappers around NSPR's PLHashTable, using
- * the identity hash and arena-aware allocators.  The reason I did
- * this is that hash tables are used in a few places throughout the
- * NSS Cryptoki Framework in a fairly stereotyped way, and this allows
- * me to pull the commonalities into one place.  Should we ever want
- * to change the implementation, it's all right here.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * nssCKFWHash
- *
- *  nssCKFWHash_Create
- *  nssCKFWHash_Destroy
- *  nssCKFWHash_Add
- *  nssCKFWHash_Remove
- *  nssCKFWHash_Count
- *  nssCKFWHash_Exists
- *  nssCKFWHash_Lookup
- *  nssCKFWHash_Iterate
- */
-
-struct nssCKFWHashStr {
-  NSSCKFWMutex *mutex;
-
-  /*
-   * The invariant that mutex protects is:
-   *   The count accurately reflects the hashtable state.
-   */
-
-  PLHashTable *plHashTable;
-  CK_ULONG count;
-};
-
-static PLHashNumber
-nss_ckfw_identity_hash
-(
-  const void *key
-)
-{
-  PRUint32 i = (PRUint32)key;
-  PR_ASSERT(sizeof(PLHashNumber) == sizeof(PRUint32));
-  return (PLHashNumber)i;
-}
-
-/*
- * nssCKFWHash_Create
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWHash_Create
-(
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  nssCKFWHash *rv;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (nssCKFWHash *)NULL;
-  }
-
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (nssCKFWHash *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  rv = nss_ZNEW(arena, nssCKFWHash);
-  if( (nssCKFWHash *)NULL == rv ) {
-    *pError = CKR_HOST_MEMORY;
-    return (nssCKFWHash *)NULL;
-  }
-
-  rv->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == rv->mutex ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    return (nssCKFWHash *)NULL;
-  }
-
-  rv->plHashTable = PL_NewHashTable(0, nss_ckfw_identity_hash, 
-    PL_CompareValues, PL_CompareValues, &nssArenaHashAllocOps, arena);
-  if( (PLHashTable *)NULL == rv->plHashTable ) {
-    (void)nssCKFWMutex_Destroy(rv->mutex);
-    (void)nss_ZFreeIf(rv);
-    *pError = CKR_HOST_MEMORY;
-    return (nssCKFWHash *)NULL;
-  }
-
-  rv->count = 0;
-
-  return rv;
-}
-
-/*
- * nssCKFWHash_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Destroy
-(
-  nssCKFWHash *hash
-)
-{
-  (void)nssCKFWMutex_Destroy(hash->mutex);
-  PL_HashTableDestroy(hash->plHashTable);
-  (void)nss_ZFreeIf(hash);
-}
-
-/*
- * nssCKFWHash_Add
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWHash_Add
-(
-  nssCKFWHash *hash,
-  const void *key,
-  const void *value
-)
-{
-  CK_RV error = CKR_OK;
-  PLHashEntry *he;
-
-  error = nssCKFWMutex_Lock(hash->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-  
-  he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
-  if( (PLHashEntry *)NULL == he ) {
-    error = CKR_HOST_MEMORY;
-  } else {
-    hash->count++;
-  }
-
-  (void)nssCKFWMutex_Unlock(hash->mutex);
-
-  return error;
-}
-
-/*
- * nssCKFWHash_Remove
- *
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Remove
-(
-  nssCKFWHash *hash,
-  const void *it
-)
-{
-  PRBool found;
-
-  if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
-    return;
-  }
-
-  found = PL_HashTableRemove(hash->plHashTable, it);
-  if( found ) {
-    hash->count--;
-  }
-
-  (void)nssCKFWMutex_Unlock(hash->mutex);
-  return;
-}
-
-/*
- * nssCKFWHash_Count
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWHash_Count
-(
-  nssCKFWHash *hash
-)
-{
-  CK_ULONG count;
-
-  if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
-    return (CK_ULONG)0;
-  }
-
-  count = hash->count;
-
-  (void)nssCKFWMutex_Unlock(hash->mutex);
-
-  return count;
-}
-
-/*
- * nssCKFWHash_Exists
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWHash_Exists
-(
-  nssCKFWHash *hash,
-  const void *it
-)
-{
-  void *value;
-
-  if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
-    return CK_FALSE;
-  }
-
-  value = PL_HashTableLookup(hash->plHashTable, it);
-
-  (void)nssCKFWMutex_Unlock(hash->mutex);
-
-  if( (void *)NULL == value ) {
-    return CK_FALSE;
-  } else {
-    return CK_TRUE;
-  }
-}
-
-/*
- * nssCKFWHash_Lookup
- *
- */
-NSS_IMPLEMENT void *
-nssCKFWHash_Lookup
-(
-  nssCKFWHash *hash,
-  const void *it
-)
-{
-  void *rv;
-
-  if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
-    return (void *)NULL;
-  }
-
-  rv = PL_HashTableLookup(hash->plHashTable, it);
-
-  (void)nssCKFWMutex_Unlock(hash->mutex);
-
-  return rv;
-}
-
-struct arg_str {
-  nssCKFWHashIterator fcn;
-  void *closure;
-};
-
-static PRIntn
-nss_ckfwhash_enumerator
-(
-  PLHashEntry *he,
-  PRIntn index,
-  void *arg
-)
-{
-  struct arg_str *as = (struct arg_str *)arg;
-  as->fcn(he->key, he->value, as->closure);
-  return HT_ENUMERATE_NEXT;
-}
-
-/*
- * nssCKFWHash_Iterate
- *
- * NOTE that the iteration function will be called with the hashtable locked.
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Iterate
-(
-  nssCKFWHash *hash,
-  nssCKFWHashIterator fcn,
-  void *closure
-)
-{
-  struct arg_str as;
-  as.fcn = fcn;
-  as.closure = closure;
-
-  if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
-    return;
-  }
-
-  PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
-
-  (void)nssCKFWMutex_Unlock(hash->mutex);
-
-  return;
-}
diff --git a/security/nss/lib/ckfw/instance.c b/security/nss/lib/ckfw/instance.c
deleted file mode 100644
index 42b8b11ab..000000000
--- a/security/nss/lib/ckfw/instance.c
+++ /dev/null
@@ -1,1347 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * instance.c
- *
- * This file implements the NSSCKFWInstance type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWInstance
- *
- *  -- create/destroy --
- *  nssCKFWInstance_Create
- *  nssCKFWInstance_Destroy
- *
- *  -- public accessors --
- *  NSSCKFWInstance_GetMDInstance
- *  NSSCKFWInstance_GetArena
- *  NSSCKFWInstance_MayCreatePthreads
- *  NSSCKFWInstance_CreateMutex
- *  NSSCKFWInstance_GetConfigurationData
- *  NSSCKFWInstance_GetInitArgs
- *
- *  -- implement public accessors --
- *  nssCKFWInstance_GetMDInstance
- *  nssCKFWInstance_GetArena
- *  nssCKFWInstance_MayCreatePthreads
- *  nssCKFWInstance_CreateMutex
- *  nssCKFWInstance_GetConfigurationData
- *  nssCKFWInstance_GetInitArgs 
- *
- *  -- private accessors --
- *  nssCKFWInstance_CreateSessionHandle
- *  nssCKFWInstance_ResolveSessionHandle
- *  nssCKFWInstance_DestroySessionHandle
- *  nssCKFWInstance_FindSessionHandle
- *  nssCKFWInstance_CreateObjectHandle
- *  nssCKFWInstance_ResolveObjectHandle
- *  nssCKFWInstance_DestroyObjectHandle
- *
- *  -- module fronts --
- *  nssCKFWInstance_GetNSlots
- *  nssCKFWInstance_GetCryptokiVersion
- *  nssCKFWInstance_GetManufacturerID
- *  nssCKFWInstance_GetFlags
- *  nssCKFWInstance_GetLibraryDescription
- *  nssCKFWInstance_GetLibraryVersion
- *  nssCKFWInstance_GetModuleHandlesSessionObjects
- *  nssCKFWInstance_GetSlots
- *  nssCKFWInstance_WaitForSlotEvent
- *
- *  -- debugging versions only --
- *  nssCKFWInstance_verifyPointer
- */
-
-struct NSSCKFWInstanceStr {
-  NSSCKFWMutex *mutex;
-  NSSArena *arena;
-  NSSCKMDInstance *mdInstance;
-  CK_C_INITIALIZE_ARGS_PTR pInitArgs;
-  CK_BBOOL mayCreatePthreads;
-  NSSUTF8 *configurationData;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **fwSlotList;
-  NSSCKMDSlot **mdSlotList;
-  CK_BBOOL moduleHandlesSessionObjects;
-
-  /*
-   * Everything above is set at creation time, and then not modified.
-   * The invariants the mutex protects are:
-   *
-   *  1) Each of the cached descriptions (versions, etc.) are in an
-   *     internally consistant state.
-   *
-   *  2) The session handle hashes and count are consistant
-   *
-   *  3) The object handle hashes and count are consistant.
-   *
-   * I could use multiple locks, but let's wait to see if that's 
-   * really necessary.
-   *
-   * Note that the calls accessing the cached descriptions will 
-   * call the NSSCKMDInstance methods with the mutex locked.  Those
-   * methods may then call the public NSSCKFWInstance routines.
-   * Those public routines only access the constant data above, so
-   * there's no problem.  But be careful if you add to this object;
-   * mutexes are in general not reentrant, so don't create deadlock
-   * situations.
-   */
-
-  CK_VERSION cryptokiVersion;
-  NSSUTF8 *manufacturerID;
-  NSSUTF8 *libraryDescription;
-  CK_VERSION libraryVersion;
-
-  CK_ULONG lastSessionHandle;
-  nssCKFWHash *sessionHandleHash;
-
-  CK_ULONG lastObjectHandle;
-  nssCKFWHash *objectHandleHash;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-instance_add_pointer
-(
-  const NSSCKFWInstance *fwInstance
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-instance_remove_pointer
-(
-  const NSSCKFWInstance *fwInstance
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_verifyPointer
-(
-  const NSSCKFWInstance *fwInstance
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWInstance_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWInstance_Create
-(
-  CK_C_INITIALIZE_ARGS_PTR pInitArgs,
-  NSSCKMDInstance *mdInstance,
-  CK_RV *pError
-)
-{
-  NSSCKFWInstance *fwInstance;
-  NSSArena *arena = (NSSArena *)NULL;
-  CK_ULONG i;
-  CK_BBOOL called_Initialize = CK_FALSE;
-
-#ifdef NSSDEBUG
-  if( (CK_RV)NULL == pError ) {
-    return (NSSCKFWInstance *)NULL;
-  }
-
-  if( (NSSCKMDInstance *)NULL == mdInstance ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKFWInstance *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  arena = NSSArena_Create();
-  if( (NSSArena *)NULL == arena ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKFWInstance *)NULL;
-  }
-
-  fwInstance = nss_ZNEW(arena, NSSCKFWInstance);
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    goto nomem;
-  }
-
-  fwInstance->arena = arena;
-  fwInstance->mdInstance = mdInstance;
-  fwInstance->pInitArgs = pInitArgs;
-
-  if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
-    if( pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS ) {
-      fwInstance->mayCreatePthreads = CK_FALSE;
-    } else {
-      fwInstance->mayCreatePthreads = CK_TRUE;
-    }
-    fwInstance->configurationData = (NSSUTF8 *)(pInitArgs->pReserved);
-  } else {
-    fwInstance->mayCreatePthreads = CK_TRUE;
-  }
-
-  fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, arena, pError);
-  if( (NSSCKFWMutex *)NULL == fwInstance->mutex ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto loser;
-  }
-
-  if( (void *)NULL != (void *)mdInstance->Initialize ) {
-    *pError = mdInstance->Initialize(mdInstance, fwInstance, fwInstance->configurationData);
-    if( CKR_OK != *pError ) {
-      goto loser;
-    }
-
-    called_Initialize = CK_TRUE;
-  }
-
-  if( (void *)NULL != (void *)mdInstance->ModuleHandlesSessionObjects ) {
-    fwInstance->moduleHandlesSessionObjects = 
-      mdInstance->ModuleHandlesSessionObjects(mdInstance, fwInstance);
-  } else {
-    fwInstance->moduleHandlesSessionObjects = CK_FALSE;
-  }
-
-  if( (void *)NULL == (void *)mdInstance->GetNSlots ) {
-    /* That routine is required */
-    *pError = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  fwInstance->nSlots = mdInstance->GetNSlots(mdInstance, fwInstance, pError);
-  if( (CK_ULONG)0 == fwInstance->nSlots ) {
-    if( CKR_OK == *pError ) {
-      /* Zero is not a legitimate answer */
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto loser;
-  }
-
-  fwInstance->fwSlotList = nss_ZNEWARRAY(arena, NSSCKFWSlot *, fwInstance->nSlots);
-  if( (NSSCKFWSlot **)NULL == fwInstance->fwSlotList ) {
-    goto nomem;
-  }
-
-  fwInstance->mdSlotList = nss_ZNEWARRAY(arena, NSSCKMDSlot *, fwInstance->nSlots);
-  if( (NSSCKMDSlot **)NULL == fwInstance->mdSlotList ) {
-    goto nomem;
-  }
-
-  fwInstance->sessionHandleHash = nssCKFWHash_Create(fwInstance, 
-    fwInstance->arena, pError);
-  if( (nssCKFWHash *)NULL == fwInstance->sessionHandleHash ) {
-    goto loser;
-  }
-
-  fwInstance->objectHandleHash = nssCKFWHash_Create(fwInstance,
-    fwInstance->arena, pError);
-  if( (nssCKFWHash *)NULL == fwInstance->objectHandleHash ) {
-    goto loser;
-  }
-
-  if( (void *)NULL == (void *)mdInstance->GetSlots ) {
-    /* That routine is required */
-    *pError = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  *pError = mdInstance->GetSlots(mdInstance, fwInstance, fwInstance->mdSlotList);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-
-  for( i = 0; i < fwInstance->nSlots; i++ ) {
-    NSSCKMDSlot *mdSlot = fwInstance->mdSlotList[i];
-
-    if( (NSSCKMDSlot *)NULL == mdSlot ) {
-      *pError = CKR_GENERAL_ERROR;
-      goto loser;
-    }
-
-    fwInstance->fwSlotList[i] = nssCKFWSlot_Create(fwInstance, mdSlot, i, pError);
-    if( CKR_OK != *pError ) {
-      CK_ULONG j;
-
-      for( j = 0; j < i; j++ ) {
-        (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[j]);
-      }
-
-      for( j = i; j < fwInstance->nSlots; j++ ) {
-        NSSCKMDSlot *mds = fwInstance->mdSlotList[j];
-        if( (void *)NULL != (void *)mds->Destroy ) {
-          mds->Destroy(mds, (NSSCKFWSlot *)NULL, mdInstance, fwInstance);
-        }
-      }
-
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  *pError = instance_add_pointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    for( i = 0; i < fwInstance->nSlots; i++ ) {
-      (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
-    }
-    
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  *pError = CKR_OK;
-  return fwInstance;
-
- nomem:
-  *pError = CKR_HOST_MEMORY;
-  /*FALLTHROUGH*/
- loser:
-
-  if( CK_TRUE == called_Initialize ) {
-    if( (void *)NULL != (void *)mdInstance->Finalize ) {
-      mdInstance->Finalize(mdInstance, fwInstance);
-    }
-  }
-
-  (void)NSSArena_Destroy(arena);
-  return (NSSCKFWInstance *)NULL;
-}
-
-/*
- * nssCKFWInstance_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_Destroy
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-  CK_ULONG i;
-
-#ifdef NSSDEBUG
-  error = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  nssCKFWMutex_Destroy(fwInstance->mutex);
-
-  for( i = 0; i < fwInstance->nSlots; i++ ) {
-    (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
-  }
-
-  if( (void *)NULL != (void *)fwInstance->mdInstance->Finalize ) {
-    fwInstance->mdInstance->Finalize(fwInstance->mdInstance, fwInstance);
-  }
-
-#ifdef DEBUG
-  (void)instance_remove_pointer(fwInstance);
-#endif /* DEBUG */
-
-  (void)NSSArena_Destroy(fwInstance->arena);
-  return CKR_OK;
-}
-
-/*
- * nssCKFWInstance_GetMDInstance
- *
- */
-NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (NSSCKMDInstance *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwInstance->mdInstance;
-}
-
-/*
- * nssCKFWInstance_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWInstance_GetArena
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = CKR_OK;
-  return fwInstance->arena;
-}
-
-/*
- * nssCKFWInstance_MayCreatePthreads
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  return fwInstance->mayCreatePthreads;
-}
-
-/*
- * nssCKFWInstance_CreateMutex
- *
- */
-NSS_IMPLEMENT NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  NSSCKFWMutex *mutex;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWMutex *)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWMutex *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, arena, pError);
-  if( (NSSCKFWMutex *)NULL == mutex ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-
-    return (NSSCKFWMutex *)NULL;
-  }
-
-  return mutex;
-}
-
-/*
- * nssCKFWInstance_GetConfigurationData
- *
- */
-NSS_IMPLEMENT NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwInstance->configurationData;
-}
-
-/*
- * nssCKFWInstance_GetInitArgs
- *
- */
-CK_C_INITIALIZE_ARGS_PTR
-nssCKFWInstance_GetInitArgs
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (CK_C_INITIALIZE_ARGS_PTR)NULL;
-  }
-#endif /* NSSDEBUG */
-
-    return fwInstance->pInitArgs;
-}
-
-/*
- * nssCKFWInstance_CreateSessionHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-)
-{
-  CK_SESSION_HANDLE hSession;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_SESSION_HANDLE)0;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (CK_SESSION_HANDLE)0;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = nssCKFWMutex_Lock(fwInstance->mutex);
-  if( CKR_OK != *pError ) {
-    return (CK_SESSION_HANDLE)0;
-  }
-
-  hSession = ++(fwInstance->lastSessionHandle);
-
-  /* Alan would say I should unlock for this call. */
-  
-  *pError = nssCKFWSession_SetHandle(fwSession, hSession);
-  if( CKR_OK != *pError ) {
-    goto done;
-  }
-
-  *pError = nssCKFWHash_Add(fwInstance->sessionHandleHash, 
-              (const void *)hSession, (const void *)fwSession);
-  if( CKR_OK != *pError ) {
-    hSession = (CK_SESSION_HANDLE)0;
-    goto done;
-  }
-
- done:
-  nssCKFWMutex_Unlock(fwInstance->mutex);
-  return hSession;
-}
-
-/*
- * nssCKFWInstance_ResolveSessionHandle
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  NSSCKFWSession *fwSession;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (NSSCKFWSession *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
-    return (NSSCKFWSession *)NULL;
-  }
-
-  fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
-                fwInstance->sessionHandleHash, (const void *)hSession);
-
-  /* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
-
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-
-  return fwSession;
-}
-
-/*
- * nssCKFWInstance_DestroySessionHandle
- *
- */
-NSS_IMPLEMENT void
-nssCKFWInstance_DestroySessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  NSSCKFWSession *fwSession;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
-    return;
-  }
-
-  fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
-                fwInstance->sessionHandleHash, (const void *)hSession);
-
-  nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
-  nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
-
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-
-  return;
-}
-
-/*
- * nssCKFWInstance_FindSessionHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (CK_SESSION_HANDLE)0;
-  }
-
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return (CK_SESSION_HANDLE)0;
-  }
-#endif /* NSSDEBUG */
-
-  return nssCKFWSession_GetHandle(fwSession);
-  /* look it up and assert? */
-}
-
-/*
- * nssCKFWInstance_CreateObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-  CK_OBJECT_HANDLE hObject;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_OBJECT_HANDLE)0;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (CK_OBJECT_HANDLE)0;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = nssCKFWMutex_Lock(fwInstance->mutex);
-  if( CKR_OK != *pError ) {
-    return (CK_OBJECT_HANDLE)0;
-  }
-
-  hObject = ++(fwInstance->lastObjectHandle);
-
-  *pError = nssCKFWObject_SetHandle(fwObject, hObject);
-  if( CKR_OK != *pError ) {
-    hObject = (CK_OBJECT_HANDLE)0;
-    goto done;
-  }
-
-  *pError = nssCKFWHash_Add(fwInstance->objectHandleHash, 
-              (const void *)hObject, (const void *)fwObject);
-  if( CKR_OK != *pError ) {
-    hObject = (CK_OBJECT_HANDLE)0;
-    goto done;
-  }
-
- done:
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return hObject;
-}
-
-/*
- * nssCKFWInstance_ResolveObjectHandle
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_OBJECT_HANDLE hObject
-)
-{
-  NSSCKFWObject *fwObject;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (NSSCKFWObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
-                fwInstance->objectHandleHash, (const void *)hObject);
-
-  /* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
-
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return fwObject;
-}
-
-/*
- * nssCKFWInstance_ReassignObjectHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_OBJECT_HANDLE hObject,
-  NSSCKFWObject *fwObject
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWObject *oldObject;
-
-#ifdef NSSDEBUG
-  error = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwInstance->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
-                 fwInstance->objectHandleHash, (const void *)hObject);
-  /* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
-  (void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
-  nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
-
-  error = nssCKFWObject_SetHandle(fwObject, hObject);
-  if( CKR_OK != error ) {
-    goto done;
-  }
-  error = nssCKFWHash_Add(fwInstance->objectHandleHash, 
-            (const void *)hObject, (const void *)fwObject);
-
- done:
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return error;
-}
-
-/*
- * nssCKFWInstance_DestroyObjectHandle
- *
- */
-NSS_IMPLEMENT void
-nssCKFWInstance_DestroyObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  CK_OBJECT_HANDLE hObject
-)
-{
-  NSSCKFWObject *fwObject;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
-    return;
-  }
-
-  fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
-                fwInstance->objectHandleHash, (const void *)hObject);
-  /* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
-  nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
-  (void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
-
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return;
-}
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (CK_OBJECT_HANDLE)0;
-  }
-
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return (CK_OBJECT_HANDLE)0;
-  }
-#endif /* NSSDEBUG */
-  
-  return nssCKFWObject_GetHandle(fwObject);
-}
-
-/*
- * nssCKFWInstance_GetNSlots
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetNSlots
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = CKR_OK;
-  return fwInstance->nSlots;
-}  
-
-/*
- * nssCKFWInstance_GetCryptokiVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-  CK_VERSION rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-
-  if( (0 != fwInstance->cryptokiVersion.major) ||
-      (0 != fwInstance->cryptokiVersion.minor) ) {
-    rv = fwInstance->cryptokiVersion;
-    goto done;
-  }
-
-  if( (void *)NULL != (void *)fwInstance->mdInstance->GetCryptokiVersion ) {
-    fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
-      fwInstance->mdInstance, fwInstance);
-  } else {
-    fwInstance->cryptokiVersion.major = 2;
-    fwInstance->cryptokiVersion.minor = 1;
-  }
-
-  rv = fwInstance->cryptokiVersion;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWInstance_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetManufacturerID
-(
-  NSSCKFWInstance *fwInstance,
-  CK_CHAR manufacturerID[32]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == manufacturerID ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwInstance->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwInstance->manufacturerID ) {
-    if( (void *)NULL != (void *)fwInstance->mdInstance->GetManufacturerID ) {
-      fwInstance->manufacturerID = fwInstance->mdInstance->GetManufacturerID(
-        fwInstance->mdInstance, fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwInstance->manufacturerID) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwInstance->manufacturerID = (NSSUTF8 *) "";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->manufacturerID, (char *)manufacturerID, 32, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return error;
-}
-
-/*
- * nssCKFWInstance_GetFlags
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetFlags
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  /* No "instance flags" are yet defined by Cryptoki. */
-  return (CK_ULONG)0;
-}
-
-/*
- * nssCKFWInstance_GetLibraryDescription
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
-  NSSCKFWInstance *fwInstance,
-  CK_CHAR libraryDescription[32]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == libraryDescription ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwInstance->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwInstance->libraryDescription ) {
-    if( (void *)NULL != (void *)fwInstance->mdInstance->GetLibraryDescription ) {
-      fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
-        fwInstance->mdInstance, fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwInstance->libraryDescription) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwInstance->libraryDescription = (NSSUTF8 *) "";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return error;
-}
-
-/*
- * nssCKFWInstance_GetLibraryVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-  CK_VERSION rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-
-  if( (0 != fwInstance->libraryVersion.major) ||
-      (0 != fwInstance->libraryVersion.minor) ) {
-    rv = fwInstance->libraryVersion;
-    goto done;
-  }
-
-  if( (void *)NULL != (void *)fwInstance->mdInstance->GetLibraryVersion ) {
-    fwInstance->libraryVersion = fwInstance->mdInstance->GetLibraryVersion(
-      fwInstance->mdInstance, fwInstance);
-  } else {
-    fwInstance->libraryVersion.major = 0;
-    fwInstance->libraryVersion.minor = 1;
-  }
-
-  rv = fwInstance->libraryVersion;
- done:
-  (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  return fwInstance->moduleHandlesSessionObjects;
-}
-
-/*
- * nssCKFWInstance_GetSlots
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWSlot **)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWSlot **)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwInstance->fwSlotList;
-}
-
-/*
- * nssCKFWInstance_WaitForSlotEvent
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
-  NSSCKFWInstance *fwInstance,
-  CK_BBOOL block,
-  CK_RV *pError
-)
-{
-  NSSCKFWSlot *fwSlot = (NSSCKFWSlot *)NULL;
-  NSSCKMDSlot *mdSlot;
-  CK_ULONG i, n;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  switch( block ) {
-  case CK_TRUE:
-  case CK_FALSE:
-    break;
-  default:
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKFWSlot *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwInstance->mdInstance->WaitForSlotEvent ) {
-    *pError = CKR_NO_EVENT;
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  mdSlot = fwInstance->mdInstance->WaitForSlotEvent(
-    fwInstance->mdInstance,
-    fwInstance,
-    block,
-    pError
-  );
-
-  if( (NSSCKMDSlot *)NULL == mdSlot ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  n = nssCKFWInstance_GetNSlots(fwInstance, pError);
-  if( ((CK_ULONG)0 == n) && (CKR_OK != *pError) ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  for( i = 0; i < n; i++ ) {
-    if( fwInstance->mdSlotList[i] == mdSlot ) {
-      fwSlot = fwInstance->fwSlotList[i];
-      break;
-    }
-  }
-
-  if( (NSSCKFWSlot *)NULL == fwSlot ) {
-    /* Internal error */
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  return fwSlot;
-}
-
-/*
- * NSSCKFWInstance_GetMDInstance
- *
- */
-NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (NSSCKMDInstance *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWInstance_GetMDInstance(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-NSSCKFWInstance_GetArena
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWInstance_GetArena(fwInstance, pError);
-}
-
-/*
- * NSSCKFWInstance_MayCreatePthreads
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return CK_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWInstance_MayCreatePthreads(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_CreateMutex
- *
- */
-NSS_IMPLEMENT NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWMutex *)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWMutex *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
-}
-
-/*
- * NSSCKFWInstance_GetConfigurationData
- *
- */
-NSS_IMPLEMENT NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWInstance_GetConfigurationData(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_GetInitArgs
- *
- */
-NSS_IMPLEMENT CK_C_INITIALIZE_ARGS_PTR
-NSSCKFWInstance_GetInitArgs
-(
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
-    return (CK_C_INITIALIZE_ARGS_PTR)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWInstance_GetInitArgs(fwInstance);
-}
-
diff --git a/security/nss/lib/ckfw/manifest.mn b/security/nss/lib/ckfw/manifest.mn
deleted file mode 100644
index 8a4f15086..000000000
--- a/security/nss/lib/ckfw/manifest.mn
+++ /dev/null
@@ -1,79 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-DIRS = builtins
-
-PRIVATE_EXPORTS = \
-	ck.h		  \
-	ckfw.h		  \
-	ckfwm.h		  \
-	ckfwtm.h	  \
-	ckmd.h		  \
-	ckt.h		  \
-	$(NULL)
-
-EXPORTS =	   \
-	nssck.api  \
-	nssckepv.h \
-	nssckft.h  \
-	nssckfw.h  \
-	nssckfwc.h \
-	nssckfwt.h \
-	nssckg.h   \
-	nssckmdt.h \
-	nssckt.h   \
-	$(NULL)
-
-MODULE = security
-
-CSRCS =		   \
-	find.c	   \
-	hash.c	   \
-	instance.c \
-	mutex.c	   \
-	nsprstub.c \
-	object.c   \
-	session.c  \
-	sessobj.c  \
-	slot.c	   \
-	token.c	   \
-	wrap.c	   \
-	mechanism.c \
-	$(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssckfw
diff --git a/security/nss/lib/ckfw/mechanism.c b/security/nss/lib/ckfw/mechanism.c
deleted file mode 100644
index 634c5ae8b..000000000
--- a/security/nss/lib/ckfw/mechanism.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * mechanism.c
- *
- * This file implements the NSSCKFWMechanism type and methods.
- * These functions are currently stubs.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWMechanism
- *
- *  -- create/destroy --
- *  nssCKFWMechanism_Create
- *  nssCKFWMechanism_Destroy
- *
- *  -- implement public accessors --
- *  nssCKFWMechanism_GetMDMechanism
- *  nssCKFWMechanism_GetParameter
- *
- *  -- private accessors --
- *
- *  -- module fronts --
- *  nssCKFWMechanism_GetMinKeySize
- *  nssCKFWMechanism_GetMaxKeySize
- *  nssCKFWMechanism_GetInHardware
- */
-
-
-struct NSSCKFWMechanismStr {
-   void * dummy;
-};
-
-/*
- * nssCKFWMechanism_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
-  void /* XXX fgmr */
-)
-{
-  return (NSSCKFWMechanism *)NULL;
-}
-
-/*
- * nssCKFWMechanism_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWMechanism_Destroy
-(
-  NSSCKFWMechanism *fwMechanism
-)
-{
-   return CKR_OK;
-}
-
-/*
- * nssCKFWMechanism_GetMDMechanism
- *
- */
-
-NSS_IMPLEMENT NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
-  NSSCKFWMechanism *fwMechanism
-)
-{
-    return NULL;
-}
-
-/*
- * nssCKFWMechanism_GetParameter
- *
- * XXX fgmr-- or as an additional parameter to the crypto ops?
- */
-NSS_IMPLEMENT NSSItem *
-nssCKFWMechanism_GetParameter
-(
-  NSSCKFWMechanism *fwMechanism
-)
-{
-	return NULL;
-}
-
-/*
- * nssCKFWMechanism_GetMinKeySize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
-  NSSCKFWMechanism *fwMechanism
-)
-{
-    return 0;
-}
-
-/*
- * nssCKFWMechanism_GetMaxKeySize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
-  NSSCKFWMechanism *fwMechanism
-)
-{
-   return 0;
-}
-
-/*
- * nssCKFWMechanism_GetInHardware
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
-  NSSCKFWMechanism *fwMechanism
-)
-{
-    return PR_FALSE;
-}
-
diff --git a/security/nss/lib/ckfw/mutex.c b/security/nss/lib/ckfw/mutex.c
deleted file mode 100644
index 789616683..000000000
--- a/security/nss/lib/ckfw/mutex.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * mutex.c
- *
- * This file implements a mutual-exclusion locking facility for Modules
- * using the NSS Cryptoki Framework.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWMutex
- *
- *  NSSCKFWMutex_Destroy
- *  NSSCKFWMutex_Lock
- *  NSSCKFWMutex_Unlock
- *
- *  nssCKFWMutex_Create
- *  nssCKFWMutex_Destroy
- *  nssCKFWMutex_Lock
- *  nssCKFWMutex_Unlock
- *
- *  -- debugging versions only --
- *  nssCKFWMutex_verifyPointer
- *
- */
-
-struct NSSCKFWMutexStr {
-  CK_VOID_PTR etc;
-
-  CK_DESTROYMUTEX Destroy;
-  CK_LOCKMUTEX Lock;
-  CK_UNLOCKMUTEX Unlock;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-mutex_add_pointer
-(
-  const NSSCKFWMutex *fwMutex
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-mutex_remove_pointer
-(
-  const NSSCKFWMutex *fwMutex
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWMutex_verifyPointer
-(
-  const NSSCKFWMutex *fwMutex
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-static CK_RV
-mutex_noop
-(
-  CK_VOID_PTR pMutex
-)
-{
-  return CKR_OK;
-}
-
-/*
- * nssCKFWMutex_Create
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
-  CK_C_INITIALIZE_ARGS_PTR pInitArgs,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  NSSCKFWMutex *mutex;
-  CK_ULONG count = (CK_ULONG)0;
-  CK_BBOOL os_ok = CK_FALSE;
-
-  if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
-    if( (CK_CREATEMUTEX )NULL != pInitArgs->CreateMutex  ) count++;
-    if( (CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex ) count++;
-    if( (CK_LOCKMUTEX   )NULL != pInitArgs->LockMutex    ) count++;
-    if( (CK_UNLOCKMUTEX )NULL != pInitArgs->UnlockMutex  ) count++;
-    os_ok = (pInitArgs->flags & CKF_OS_LOCKING_OK) ? CK_TRUE : CK_FALSE;
-
-    if( (0 != count) && (4 != count) ) {
-      *pError = CKR_ARGUMENTS_BAD;
-      return (NSSCKFWMutex *)NULL;
-    }
-  }
-
-  if( (0 == count) && (CK_TRUE == os_ok) ) {
-    /*
-     * This is case #2 in the description of C_Initialize:
-     * The library will be called in a multithreaded way, but
-     * no routines were specified: os locking calls should be
-     * used.  Unfortunately, this can be hard.. like, I think
-     * I may have to dynamically look up the entry points in
-     * the instance of NSPR already going in the application.
-     *
-     * I know that *we* always specify routines, so this only
-     * comes up if someone is using NSS to create their own
-     * PCKS#11 modules for other products.  Oh, heck, I'll 
-     * worry about this then.
-     */
-    *pError = CKR_CANT_LOCK;
-    return (NSSCKFWMutex *)NULL;
-  }
-
-  mutex = nss_ZNEW(arena, NSSCKFWMutex);
-  if( (NSSCKFWMutex *)NULL == mutex ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKFWMutex *)NULL;
-  }
-
-  if( 0 == count ) {
-    /*
-     * With the above test out of the way, we know this is case
-     * #1 in the description of C_Initialize: this library will
-     * not be called in a multithreaded way.  I'll just return
-     * an object with noop calls.
-     */
-
-    mutex->Destroy = (CK_DESTROYMUTEX)mutex_noop;
-    mutex->Lock    = (CK_LOCKMUTEX   )mutex_noop;
-    mutex->Unlock  = (CK_UNLOCKMUTEX )mutex_noop;
-  } else {
-    /*
-     * We know that we're in either case #3 or #4 in the description
-     * of C_Initialize.  Case #3 says we should use the specified
-     * functions, case #4 cays we can use either the specified ones
-     * or the OS ones.  I'll use the specified ones.
-     */
-
-    mutex->Destroy = pInitArgs->DestroyMutex;
-    mutex->Lock    = pInitArgs->LockMutex;
-    mutex->Unlock  = pInitArgs->UnlockMutex;
-    
-    *pError = pInitArgs->CreateMutex(&mutex->etc);
-    if( CKR_OK != *pError ) {
-      (void)nss_ZFreeIf(mutex);
-      return (NSSCKFWMutex *)NULL;
-    }
-  }
-
-#ifdef DEBUG
-  *pError = mutex_add_pointer(mutex);
-  if( CKR_OK != *pError ) {
-    (void)nss_ZFreeIf(mutex);
-    return (NSSCKFWMutex *)NULL;
-  }
-#endif /* DEBUG */
-
-  return mutex;
-}  
-
-/*
- * nssCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
-  NSSCKFWMutex *mutex
-)
-{
-  CK_RV rv = CKR_OK;
-
-#ifdef NSSDEBUG
-  rv = nssCKFWMutex_verifyPointer(mutex);
-  if( CKR_OK != rv ) {
-    return rv;
-  }
-#endif /* NSSDEBUG */
-  
-  rv = mutex->Destroy(mutex->etc);
-
-#ifdef DEBUG
-  (void)mutex_remove_pointer(mutex);
-#endif /* DEBUG */
-
-  (void)nss_ZFreeIf(mutex);
-  return rv;
-}
-
-/*
- * nssCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
-  NSSCKFWMutex *mutex
-)
-{
-#ifdef NSSDEBUG
-  CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
-  if( CKR_OK != rv ) {
-    return rv;
-  }
-#endif /* NSSDEBUG */
-  
-  return mutex->Lock(mutex->etc);
-}
-
-/*
- * nssCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
-  NSSCKFWMutex *mutex
-)
-{
-#ifdef NSSDEBUG
-  CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
-  if( CKR_OK != rv ) {
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  return mutex->Unlock(mutex->etc);
-}
-
-/*
- * NSSCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
-  NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
-  CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
-  if( CKR_OK != rv ) {
-    return rv;
-  }
-#endif /* DEBUG */
-  
-  return nssCKFWMutex_Destroy(mutex);
-}
-
-/*
- * NSSCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
-  NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
-  CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
-  if( CKR_OK != rv ) {
-    return rv;
-  }
-#endif /* DEBUG */
-  
-  return nssCKFWMutex_Lock(mutex);
-}
-
-/*
- * NSSCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
-  NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
-  CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
-  if( CKR_OK != rv ) {
-    return rv;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWMutex_Unlock(mutex);
-}
diff --git a/security/nss/lib/ckfw/nsprstub.c b/security/nss/lib/ckfw/nsprstub.c
deleted file mode 100644
index c9e3964d9..000000000
--- a/security/nss/lib/ckfw/nsprstub.c
+++ /dev/null
@@ -1,442 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- * 
- * NOTE - These are not public interfaces. These stubs are to allow the 
- * SW FORTEZZA to link with some low level security functions without dragging
- * in NSPR.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "prbit.h"
-#include "ck.h"
-
-#ifdef notdef
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.  
- *  Is this the appropriate location?  or should they be
- *     moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc  ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
-    void *rv;
-
-    /* Always allocate a non-zero amount of bytes */
-    rv = (void *)malloc(bytes ? bytes : 1);
-    if (!rv) {
-	++port_allocFailures;
-    }
-    return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
-    void *rv;
-
-    rv = (void *)realloc(oldptr, bytes);
-    if (!rv) {
-	++port_allocFailures;
-    }
-    return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
-    void *rv;
-
-    /* Always allocate a non-zero amount of bytes */
-    rv = (void *)calloc(1, bytes ? bytes : 1);
-    if (!rv) {
-	++port_allocFailures;
-    }
-    return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
-    if (ptr) {
-	free(ptr);
-    }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
-    if (ptr) {
-	memset(ptr, 0, len);
-	free(ptr);
-    }
-}
-
-/********************* Arena code follows *****************************/
-
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
-    PLArenaPool *arena;
-    
-    arena = (PLArenaPool*)PORT_ZAlloc(sizeof(PLArenaPool));
-    if ( arena != NULL ) {
-	PR_InitArenaPool(arena, "security", chunksize, sizeof(double));
-    }
-    return(arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
-    void *p;
-
-    PL_ARENA_ALLOCATE(p, arena, size);
-    if (p == NULL) {
-	++port_allocFailures;
-    }
-
-    return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
-    void *p;
-
-    PL_ARENA_ALLOCATE(p, arena, size);
-    if (p == NULL) {
-	++port_allocFailures;
-    } else {
-	PORT_Memset(p, 0, size);
-    }
-
-    return(p);
-}
-
-/* need to zeroize!! */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
-    PR_FinishArenaPool(arena);
-    PORT_Free(arena);
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
-    PORT_Assert(newsize >= oldsize);
-    
-    PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-    
-    return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
-    void * result;
-
-    result = PL_ARENA_MARK(arena);
-    return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
-    PL_ARENA_RELEASE(arena, mark);
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
-    /* do nothing */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena,const char *str) {
-    int len = PORT_Strlen(str)+1;
-    char *newstr;
-
-    newstr = (char*)PORT_ArenaAlloc(arena,len);
-    if (newstr) {
-        PORT_Memcpy(newstr,str,len);
-    }
-    return newstr;
-}
-#endif
-
-/*
- * replace the nice thread-safe Error stack code with something
- * that will work without all the NSPR features.
- */
-static PRInt32 stack[2] = {0, 0};
-
-PR_IMPLEMENT(void)
-nss_SetError(PRUint32 value)
-{	
-    stack[0] = value;
-    return;
-}
-
-PR_IMPLEMENT(PRInt32)
-NSS_GetError(void)
-{
-    return(stack[0]);
-}
-
-
-PR_IMPLEMENT(PRInt32 *)
-NSS_GetErrorStack(void)
-{
-    return(&stack[0]);
-}
-
-PR_IMPLEMENT(void)
-nss_ClearErrorStack(void)
-{
-    stack[0] = 0;
-    return;
-}
-
-#ifdef DEBUG
-/*
- * replace the pointer tracking stuff for the same reasons.
- *  If you want to turn pointer tracking on, simply ifdef out this code and 
- *  link with real NSPR.
- */
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_initialize(nssPointerTracker *tracker)
-{
-    return PR_SUCCESS;
-}
-
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_finalize(nssPointerTracker *tracker)
-{
-    return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_add(nssPointerTracker *tracker, const void *pointer)
-{
-     return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_remove(nssPointerTracker *tracker, const void *pointer)
-{
-     return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_verify(nssPointerTracker *tracker, const void *pointer)
-{
-     return PR_SUCCESS;
-}
-#endif
-
-PR_IMPLEMENT(PRThread *)
-PR_GetCurrentThread(void)
-{
-     return (PRThread *)1;
-}
-
-
-
-PR_IMPLEMENT(void)
-PR_Assert(const char *expr, const char *file, int line) {
-    return; 
-}
-
-PR_IMPLEMENT(void *)
-PR_Alloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Malloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Calloc(PRUint32 blocks, PRUint32 bytes) { return calloc(blocks,bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Realloc(void * blocks, PRUint32 bytes) { return realloc(blocks,bytes); }
-
-PR_IMPLEMENT(void)
-PR_Free(void *ptr) { free(ptr); }
-
-#ifdef notdef
-/* Old template; want to expunge it eventually. */
-#include "secasn1.h"
-#include "secoid.h"
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SECAlgorithmID) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(SECAlgorithmID,algorithm), },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	  offsetof(SECAlgorithmID,parameters), },
-    { 0, }
-};
-
-PR_IMPLEMENT(PRStatus) PR_Sleep(PRIntervalTime ticks) { return PR_SUCCESS; }
-
-/* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicDecrement(PRInt32 *val) { return --(*val); }
-
-PR_IMPLEMENT(PRInt32) PR_AtomicSet(PRInt32 *val) { return ++(*val); }
-
-#endif
-
-/* now make the RNG happy */ /* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); }
-
-CK_C_INITIALIZE_ARGS_PTR nssstub_initArgs = NULL;
-NSSArena *nssstub_arena = NULL;
-PR_IMPLEMENT(void)
-nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs)
-{
-    if (nssstub_initArgs == NULL) {
-	nssstub_initArgs = pInitArgs;
-	/* nssstub_arena = NSSArena_Create(); */
-    }
-}
-
-#include "prlock.h"
-PR_IMPLEMENT(PRLock *)
-PR_NewLock(void) {
-	PRLock *lock = NULL;
-	NSSCKFWMutex *mlock = NULL;
-	CK_RV error;
-
-	mlock = nssCKFWMutex_Create(nssstub_initArgs,nssstub_arena,&error);
-	lock = (PRLock *)mlock;
-
-	/* if we don't have a lock, nssCKFWMutex can deal with things */
-	if (lock == NULL) lock=(PRLock *) 1;
-	return lock;
-}
-
-PR_IMPLEMENT(void) 
-PR_DestroyLock(PRLock *lock) {
-	NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
-	if (lock == (PRLock *)1) return;
-	nssCKFWMutex_Destroy(mlock);
-}
-
-PR_IMPLEMENT(void) 
-PR_Lock(PRLock *lock) {
-	NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
-	if (lock == (PRLock *)1) return;
-	nssCKFWMutex_Lock(mlock);
-}
-
-PR_IMPLEMENT(PRStatus) 
-PR_Unlock(PRLock *lock) {
-	NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
-	if (lock == (PRLock *)1) return PR_SUCCESS;
-	nssCKFWMutex_Unlock(mlock);
-	return PR_SUCCESS;
-}
-
-#ifdef notdef
-#endif
-/* this implementation is here to satisfy the PRMonitor use in plarena.c.
-** It appears that it doesn't need re-entrant locks.  It could have used
-** PRLock instead of PRMonitor.  So, this implementation just uses 
-** PRLock for a PRMonitor.
-*/
-PR_IMPLEMENT(PRMonitor*) 
-PR_NewMonitor(void)
-{
-    return (PRMonitor *) PR_NewLock();
-}
-
-
-PR_IMPLEMENT(void) 
-PR_EnterMonitor(PRMonitor *mon)
-{
-    PR_Lock( (PRLock *)mon );
-}
-
-PR_IMPLEMENT(PRStatus) 
-PR_ExitMonitor(PRMonitor *mon)
-{
-    return PR_Unlock( (PRLock *)mon );
-}
-
-#include "prinit.h"
-
-/* This is NOT threadsafe.  It is merely a pseudo-functional stub.
-*/
-PR_IMPLEMENT(PRStatus) PR_CallOnce(
-    PRCallOnceType *once,
-    PRCallOnceFN    func)
-{
-    /* This is not really atomic! */
-    if (1 == PR_AtomicIncrement(&once->initialized)) {
-	once->status = (*func)();
-    }  else {
-    	/* Should wait to be sure that func has finished before returning. */
-    }
-    return once->status;
-}
-
-/*
-** Compute the log of the least power of 2 greater than or equal to n
-*/
-PRIntn PR_CeilingLog2(PRUint32 i) {
-	PRIntn log2;
-	PR_CEILING_LOG2(log2,i);
-	return log2;
-}
-
-/********************** end of arena functions ***********************/
-
diff --git a/security/nss/lib/ckfw/nssck.api b/security/nss/lib/ckfw/nssck.api
deleted file mode 100644
index 15a2cc935..000000000
--- a/security/nss/lib/ckfw/nssck.api
+++ /dev/null
@@ -1,1891 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char NSSCKAPI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssck.api
- *
- * This automatically-generated file is used to generate a set of
- * Cryptoki entry points within the object space of a Module using
- * the NSS Cryptoki Framework.
- *
- * The Module should have a .c file with the following:
- *
- *  #define MODULE_NAME name
- *  #define INSTANCE_NAME instance
- *  #include "nssck.api"
- *
- * where "name" is some module-specific name that can be used to
- * disambiguate various modules.  This included file will then
- * define the actual Cryptoki routines which pass through to the
- * Framework calls.  All routines, except C_GetFunctionList, will
- * be prefixed with the name; C_GetFunctionList will be generated
- * to return an entry-point vector with these routines.  The
- * instance specified should be the basic instance of NSSCKMDInstance.
- *
- * If, prior to including nssck.api, the .c file also specifies
- *
- *  #define DECLARE_STRICT_CRYTPOKI_NAMES
- *
- * Then a set of "stub" routines not prefixed with the name will
- * be included.  This would allow the combined module and framework
- * to be used in applications which are hard-coded to use the
- * PKCS#11 names (instead of going through the EPV).  Please note
- * that such applications should be careful resolving symbols when
- * more than one PKCS#11 module is loaded.
- */
-
-#ifndef MODULE_NAME
-#error "Error: MODULE_NAME must be defined."
-#endif /* MODULE_NAME */
-
-#ifndef INSTANCE_NAME
-#error "Error: INSTANCE_NAME must be defined."
-#endif /* INSTANCE_NAME */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#define ADJOIN(x,y) x##y
-
-#define __ADJOIN(x,y) ADJOIN(x,y)
-
-/*
- * The anchor.  This object is used to store an "anchor" pointer in
- * the Module's object space, so the wrapper functions can relate
- * back to this instance.
- */
-
-static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Initialize)
-(
-  CK_VOID_PTR pInitArgs
-)
-{
-  return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY 
-C_Initialize
-(
-  CK_VOID_PTR pInitArgs
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Finalize)
-(
-  CK_VOID_PTR pReserved
-)
-{
-  return NSSCKFWC_Finalize(&fwInstance);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Finalize
-(
-  CK_VOID_PTR pReserved
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetInfo)
-(
-  CK_INFO_PTR pInfo
-)
-{
-  return NSSCKFWC_GetInfo(fwInstance, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetInfo
-(
-  CK_INFO_PTR pInfo
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-/*
- * C_GetFunctionList is defined at the end.
- */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSlotList)
-(
-  CK_BBOOL tokenPresent,
-  CK_SLOT_ID_PTR pSlotList,
-  CK_ULONG_PTR pulCount
-)
-{
-  return NSSCKFWC_GetSlotList(fwInstance, tokenPresent, pSlotList, pulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSlotList
-(
-  CK_BBOOL tokenPresent,
-  CK_SLOT_ID_PTR pSlotList,
-  CK_ULONG_PTR pulCount
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetSlotList)(tokenPresent, pSlotList, pulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSlotInfo)
-(
-  CK_SLOT_ID slotID,
-  CK_SLOT_INFO_PTR pInfo
-)
-{
-  return NSSCKFWC_GetSlotInfo(fwInstance, slotID, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSlotInfo
-(
-  CK_SLOT_ID slotID,
-  CK_SLOT_INFO_PTR pInfo
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetSlotInfo)(slotID, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetTokenInfo)
-(
-  CK_SLOT_ID slotID,
-  CK_TOKEN_INFO_PTR pInfo
-)
-{
-  return NSSCKFWC_GetTokenInfo(fwInstance, slotID, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetTokenInfo
-(
-  CK_SLOT_ID slotID,
-  CK_TOKEN_INFO_PTR pInfo
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetTokenInfo)(slotID, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetMechanismList)
-(
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE_PTR pMechanismList,
-  CK_ULONG_PTR pulCount
-)
-{
-  return NSSCKFWC_GetMechanismList(fwInstance, slotID, pMechanismList, pulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetMechanismList
-(
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE_PTR pMechanismList,
-  CK_ULONG_PTR pulCount
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetMechanismList)(slotID, pMechanismList, pulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetMechanismInfo)
-(
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE type,
-  CK_MECHANISM_INFO_PTR pInfo
-)
-{
-  return NSSCKFWC_GetMechanismInfo(fwInstance, slotID, type, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetMechanismInfo
-(
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE type,
-  CK_MECHANISM_INFO_PTR pInfo
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetMechanismInfo)(slotID, type, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_InitToken)
-(
-  CK_SLOT_ID slotID,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen,
-  CK_CHAR_PTR pLabel
-)
-{
-  return NSSCKFWC_InitToken(fwInstance, slotID, pPin, ulPinLen, pLabel);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_InitToken
-(
-  CK_SLOT_ID slotID,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen,
-  CK_CHAR_PTR pLabel
-)
-{
-  return __ADJOIN(MODULE_NAME,C_InitToken)(slotID, pPin, ulPinLen, pLabel);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_InitPIN)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-)
-{
-  return NSSCKFWC_InitPIN(fwInstance, hSession, pPin, ulPinLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_InitPIN
-(
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_InitPIN)(hSession, pPin, ulPinLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetPIN)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pOldPin,
-  CK_ULONG ulOldLen,
-  CK_CHAR_PTR pNewPin,
-  CK_ULONG ulNewLen
-)
-{
-  return NSSCKFWC_SetPIN(fwInstance, hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetPIN
-(
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pOldPin,
-  CK_ULONG ulOldLen,
-  CK_CHAR_PTR pNewPin,
-  CK_ULONG ulNewLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SetPIN)(hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_OpenSession)
-(
-  CK_SLOT_ID slotID,
-  CK_FLAGS flags,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_SESSION_HANDLE_PTR phSession
-)
-{
-  return NSSCKFWC_OpenSession(fwInstance, slotID, flags, pApplication, Notify, phSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_OpenSession
-(
-  CK_SLOT_ID slotID,
-  CK_FLAGS flags,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_SESSION_HANDLE_PTR phSession
-)
-{
-  return __ADJOIN(MODULE_NAME,C_OpenSession)(slotID, flags, pApplication, Notify, phSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CloseSession)
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return NSSCKFWC_CloseSession(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CloseSession
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return __ADJOIN(MODULE_NAME,C_CloseSession)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CloseAllSessions)
-(
-  CK_SLOT_ID slotID
-)
-{
-  return NSSCKFWC_CloseAllSessions(fwInstance, slotID);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CloseAllSessions
-(
-  CK_SLOT_ID slotID
-)
-{
-  return __ADJOIN(MODULE_NAME,C_CloseAllSessions)(slotID);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSessionInfo)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_SESSION_INFO_PTR pInfo
-)
-{
-  return NSSCKFWC_GetSessionInfo(fwInstance, hSession, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSessionInfo
-(
-  CK_SESSION_HANDLE hSession,
-  CK_SESSION_INFO_PTR pInfo
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetSessionInfo)(hSession, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetOperationState)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG_PTR pulOperationStateLen
-)
-{
-  return NSSCKFWC_GetOperationState(fwInstance, hSession, pOperationState, pulOperationStateLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetOperationState
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG_PTR pulOperationStateLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetOperationState)(hSession, pOperationState, pulOperationStateLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetOperationState)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG ulOperationStateLen,
-  CK_OBJECT_HANDLE hEncryptionKey,
-  CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
-  return NSSCKFWC_SetOperationState(fwInstance, hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetOperationState
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG ulOperationStateLen,
-  CK_OBJECT_HANDLE hEncryptionKey,
-  CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SetOperationState)(hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Login)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_USER_TYPE userType,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-)
-{
-  return NSSCKFWC_Login(fwInstance, hSession, userType, pPin, ulPinLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Login
-(
-  CK_SESSION_HANDLE hSession,
-  CK_USER_TYPE userType,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Login)(hSession, userType, pPin, ulPinLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Logout)
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return NSSCKFWC_Logout(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Logout
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Logout)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CreateObject)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phObject
-)
-{
-  return NSSCKFWC_CreateObject(fwInstance, hSession, pTemplate, ulCount, phObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CreateObject
-(
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phObject
-)
-{
-  return __ADJOIN(MODULE_NAME,C_CreateObject)(hSession, pTemplate, ulCount, phObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CopyObject)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
-  return NSSCKFWC_CopyObject(fwInstance, hSession, hObject, pTemplate, ulCount, phNewObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CopyObject
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
-  return __ADJOIN(MODULE_NAME,C_CopyObject)(hSession, hObject, pTemplate, ulCount, phNewObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DestroyObject)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject
-)
-{
-  return NSSCKFWC_DestroyObject(fwInstance, hSession, hObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DestroyObject
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DestroyObject)(hSession, hObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetObjectSize)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ULONG_PTR pulSize
-)
-{
-  return NSSCKFWC_GetObjectSize(fwInstance, hSession, hObject, pulSize);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetObjectSize
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ULONG_PTR pulSize
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetObjectSize)(hSession, hObject, pulSize);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetAttributeValue)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  return NSSCKFWC_GetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetAttributeValue
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetAttributeValue)(hSession, hObject, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetAttributeValue)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  return NSSCKFWC_SetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetAttributeValue
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SetAttributeValue)(hSession, hObject, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjectsInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  return NSSCKFWC_FindObjectsInit(fwInstance, hSession, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjectsInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  return __ADJOIN(MODULE_NAME,C_FindObjectsInit)(hSession, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjects)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE_PTR phObject,
-  CK_ULONG ulMaxObjectCount,
-  CK_ULONG_PTR pulObjectCount
-)
-{
-  return NSSCKFWC_FindObjects(fwInstance, hSession, phObject, ulMaxObjectCount, pulObjectCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjects
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE_PTR phObject,
-  CK_ULONG ulMaxObjectCount,
-  CK_ULONG_PTR pulObjectCount
-)
-{
-  return __ADJOIN(MODULE_NAME,C_FindObjects)(hSession, phObject, ulMaxObjectCount, pulObjectCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjectsFinal)
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return NSSCKFWC_FindObjectsFinal(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjectsFinal
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return __ADJOIN(MODULE_NAME,C_FindObjectsFinal)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_EncryptInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_EncryptInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Encrypt)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG_PTR pulEncryptedDataLen
-)
-{
-  return NSSCKFWC_Encrypt(fwInstance, hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Encrypt
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG_PTR pulEncryptedDataLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Encrypt)(hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return NSSCKFWC_EncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_EncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptFinal)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastEncryptedPart,
-  CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
-  return NSSCKFWC_EncryptFinal(fwInstance, hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptFinal
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastEncryptedPart,
-  CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_EncryptFinal)(hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_DecryptInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DecryptInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Decrypt)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG ulEncryptedDataLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-)
-{
-  return NSSCKFWC_Decrypt(fwInstance, hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Decrypt
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG ulEncryptedDataLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Decrypt)(hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return NSSCKFWC_DecryptUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DecryptUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptFinal)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastPart,
-  CK_ULONG_PTR pulLastPartLen
-)
-{
-  return NSSCKFWC_DecryptFinal(fwInstance, hSession, pLastPart, pulLastPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptFinal
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastPart,
-  CK_ULONG_PTR pulLastPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DecryptFinal)(hSession, pLastPart, pulLastPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism
-)
-{
-  return NSSCKFWC_DigestInit(fwInstance, hSession, pMechanism);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DigestInit)(hSession, pMechanism);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Digest)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-)
-{
-  return NSSCKFWC_Digest(fwInstance, hSession, pData, ulDataLen, pDigest, pulDigestLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Digest
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Digest)(hSession, pData, ulDataLen, pDigest, pulDigestLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return NSSCKFWC_DigestUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DigestUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestKey)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_DigestKey(fwInstance, hSession, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestKey
-(
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DigestKey)(hSession, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestFinal)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-)
-{
-  return NSSCKFWC_DigestFinal(fwInstance, hSession, pDigest, pulDigestLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestFinal
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DigestFinal)(hSession, pDigest, pulDigestLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_SignInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SignInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Sign)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return NSSCKFWC_Sign(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Sign
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Sign)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return NSSCKFWC_SignUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SignUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignFinal)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return NSSCKFWC_SignFinal(fwInstance, hSession, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignFinal
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SignFinal)(hSession, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignRecoverInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_SignRecoverInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignRecoverInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SignRecoverInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignRecover)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return NSSCKFWC_SignRecover(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignRecover
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SignRecover)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_VerifyInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_VerifyInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Verify)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-)
-{
-  return NSSCKFWC_Verify(fwInstance, hSession, pData, ulDataLen, pSignature, ulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Verify
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_Verify)(hSession, pData, ulDataLen, pSignature, ulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return NSSCKFWC_VerifyUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_VerifyUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyFinal)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-)
-{
-  return NSSCKFWC_VerifyFinal(fwInstance, hSession, pSignature, ulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyFinal
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_VerifyFinal)(hSession, pSignature, ulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyRecoverInit)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return NSSCKFWC_VerifyRecoverInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyRecoverInit
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_VerifyRecoverInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyRecover)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-)
-{
-  return NSSCKFWC_VerifyRecover(fwInstance, hSession, pSignature, ulSignatureLen, pData, pulDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyRecover
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_VerifyRecover)(hSession, pSignature, ulSignatureLen, pData, pulDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return NSSCKFWC_DigestEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestEncryptUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return NSSCKFWC_DecryptDigestUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptDigestUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignEncryptUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return NSSCKFWC_SignEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignEncryptUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SignEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return NSSCKFWC_DecryptVerifyUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptVerifyUpdate
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateKey)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return NSSCKFWC_GenerateKey(fwInstance, hSession, pMechanism, pTemplate, ulCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateKey
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GenerateKey)(hSession, pMechanism, pTemplate, ulCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateKeyPair)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-  CK_ULONG ulPublicKeyAttributeCount,
-  CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-  CK_ULONG ulPrivateKeyAttributeCount,
-  CK_OBJECT_HANDLE_PTR phPublicKey,
-  CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
-  return NSSCKFWC_GenerateKeyPair(fwInstance, hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateKeyPair
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-  CK_ULONG ulPublicKeyAttributeCount,
-  CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-  CK_ULONG ulPrivateKeyAttributeCount,
-  CK_OBJECT_HANDLE_PTR phPublicKey,
-  CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GenerateKeyPair)(hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_WrapKey)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hWrappingKey,
-  CK_OBJECT_HANDLE hKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG_PTR pulWrappedKeyLen
-)
-{
-  return NSSCKFWC_WrapKey(fwInstance, hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_WrapKey
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hWrappingKey,
-  CK_OBJECT_HANDLE hKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG_PTR pulWrappedKeyLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_WrapKey)(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_UnwrapKey)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hUnwrappingKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG ulWrappedKeyLen,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return NSSCKFWC_UnwrapKey(fwInstance, hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_UnwrapKey
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hUnwrappingKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG ulWrappedKeyLen,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_UnwrapKey)(hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DeriveKey)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hBaseKey,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return NSSCKFWC_DeriveKey(fwInstance, hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DeriveKey
-(
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hBaseKey,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return __ADJOIN(MODULE_NAME,C_DeriveKey)(hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SeedRandom)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSeed,
-  CK_ULONG ulSeedLen
-)
-{
-  return NSSCKFWC_SeedRandom(fwInstance, hSession, pSeed, ulSeedLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SeedRandom
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSeed,
-  CK_ULONG ulSeedLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_SeedRandom)(hSession, pSeed, ulSeedLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateRandom)
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR RandomData,
-  CK_ULONG ulRandomLen
-)
-{
-  return NSSCKFWC_GenerateRandom(fwInstance, hSession, RandomData, ulRandomLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateRandom
-(
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR RandomData,
-  CK_ULONG ulRandomLen
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GenerateRandom)(hSession, RandomData, ulRandomLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionStatus)
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return NSSCKFWC_GetFunctionStatus(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetFunctionStatus
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetFunctionStatus)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CancelFunction)
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return NSSCKFWC_CancelFunction(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CancelFunction
-(
-  CK_SESSION_HANDLE hSession
-)
-{
-  return __ADJOIN(MODULE_NAME,C_CancelFunction)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
-(
-  CK_FLAGS flags,
-  CK_SLOT_ID_PTR pSlot,
-  CK_VOID_PTR pRserved
-)
-{
-  return NSSCKFWC_WaitForSlotEvent(fwInstance, flags, pSlot, pRserved);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_WaitForSlotEvent
-(
-  CK_FLAGS flags,
-  CK_SLOT_ID_PTR pSlot,
-  CK_VOID_PTR pRserved
-)
-{
-  return __ADJOIN(MODULE_NAME,C_WaitForSlotEvent)(flags, pSlot, pRserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-);
-
-static CK_FUNCTION_LIST FunctionList = {
-  { 2, 1 },
-__ADJOIN(MODULE_NAME,C_Initialize),
-__ADJOIN(MODULE_NAME,C_Finalize),
-__ADJOIN(MODULE_NAME,C_GetInfo),
-__ADJOIN(MODULE_NAME,C_GetFunctionList),
-__ADJOIN(MODULE_NAME,C_GetSlotList),
-__ADJOIN(MODULE_NAME,C_GetSlotInfo),
-__ADJOIN(MODULE_NAME,C_GetTokenInfo),
-__ADJOIN(MODULE_NAME,C_GetMechanismList),
-__ADJOIN(MODULE_NAME,C_GetMechanismInfo),
-__ADJOIN(MODULE_NAME,C_InitToken),
-__ADJOIN(MODULE_NAME,C_InitPIN),
-__ADJOIN(MODULE_NAME,C_SetPIN),
-__ADJOIN(MODULE_NAME,C_OpenSession),
-__ADJOIN(MODULE_NAME,C_CloseSession),
-__ADJOIN(MODULE_NAME,C_CloseAllSessions),
-__ADJOIN(MODULE_NAME,C_GetSessionInfo),
-__ADJOIN(MODULE_NAME,C_GetOperationState),
-__ADJOIN(MODULE_NAME,C_SetOperationState),
-__ADJOIN(MODULE_NAME,C_Login),
-__ADJOIN(MODULE_NAME,C_Logout),
-__ADJOIN(MODULE_NAME,C_CreateObject),
-__ADJOIN(MODULE_NAME,C_CopyObject),
-__ADJOIN(MODULE_NAME,C_DestroyObject),
-__ADJOIN(MODULE_NAME,C_GetObjectSize),
-__ADJOIN(MODULE_NAME,C_GetAttributeValue),
-__ADJOIN(MODULE_NAME,C_SetAttributeValue),
-__ADJOIN(MODULE_NAME,C_FindObjectsInit),
-__ADJOIN(MODULE_NAME,C_FindObjects),
-__ADJOIN(MODULE_NAME,C_FindObjectsFinal),
-__ADJOIN(MODULE_NAME,C_EncryptInit),
-__ADJOIN(MODULE_NAME,C_Encrypt),
-__ADJOIN(MODULE_NAME,C_EncryptUpdate),
-__ADJOIN(MODULE_NAME,C_EncryptFinal),
-__ADJOIN(MODULE_NAME,C_DecryptInit),
-__ADJOIN(MODULE_NAME,C_Decrypt),
-__ADJOIN(MODULE_NAME,C_DecryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptFinal),
-__ADJOIN(MODULE_NAME,C_DigestInit),
-__ADJOIN(MODULE_NAME,C_Digest),
-__ADJOIN(MODULE_NAME,C_DigestUpdate),
-__ADJOIN(MODULE_NAME,C_DigestKey),
-__ADJOIN(MODULE_NAME,C_DigestFinal),
-__ADJOIN(MODULE_NAME,C_SignInit),
-__ADJOIN(MODULE_NAME,C_Sign),
-__ADJOIN(MODULE_NAME,C_SignUpdate),
-__ADJOIN(MODULE_NAME,C_SignFinal),
-__ADJOIN(MODULE_NAME,C_SignRecoverInit),
-__ADJOIN(MODULE_NAME,C_SignRecover),
-__ADJOIN(MODULE_NAME,C_VerifyInit),
-__ADJOIN(MODULE_NAME,C_Verify),
-__ADJOIN(MODULE_NAME,C_VerifyUpdate),
-__ADJOIN(MODULE_NAME,C_VerifyFinal),
-__ADJOIN(MODULE_NAME,C_VerifyRecoverInit),
-__ADJOIN(MODULE_NAME,C_VerifyRecover),
-__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate),
-__ADJOIN(MODULE_NAME,C_SignEncryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate),
-__ADJOIN(MODULE_NAME,C_GenerateKey),
-__ADJOIN(MODULE_NAME,C_GenerateKeyPair),
-__ADJOIN(MODULE_NAME,C_WrapKey),
-__ADJOIN(MODULE_NAME,C_UnwrapKey),
-__ADJOIN(MODULE_NAME,C_DeriveKey),
-__ADJOIN(MODULE_NAME,C_SeedRandom),
-__ADJOIN(MODULE_NAME,C_GenerateRandom),
-__ADJOIN(MODULE_NAME,C_GetFunctionStatus),
-__ADJOIN(MODULE_NAME,C_CancelFunction),
-__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
-};
-
-static CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
-  *ppFunctionList = &FunctionList;
-  return CKR_OK;
-}
-
-/* This one is always present */
-#ifdef WIN32
-CK_RV _declspec(dllexport)
-#else
-CK_RV CK_ENTRY
-#endif
-C_GetFunctionList
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
-  return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
-}
-
-#undef __ADJOIN
-
diff --git a/security/nss/lib/ckfw/nssckepv.h b/security/nss/lib/ckfw/nssckepv.h
deleted file mode 100644
index 351765b70..000000000
--- a/security/nss/lib/ckfw/nssckepv.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef NSSCKEPV_H
-#define NSSCKEPV_H
-
-#include "pkcs11.h"
-
-#endif /* NSSCKEPV_H */
diff --git a/security/nss/lib/ckfw/nssckft.h b/security/nss/lib/ckfw/nssckft.h
deleted file mode 100644
index a258144db..000000000
--- a/security/nss/lib/ckfw/nssckft.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _NSSCKFT_H_
-#define _NSSCKFT_H_ 1
-
-#include "pkcs11t.h"
-
-#endif /* _NSSCKFT_H_ */
diff --git a/security/nss/lib/ckfw/nssckfw.h b/security/nss/lib/ckfw/nssckfw.h
deleted file mode 100644
index 769427ab6..000000000
--- a/security/nss/lib/ckfw/nssckfw.h
+++ /dev/null
@@ -1,510 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFW_H
-#define NSSCKFW_H
-
-#ifdef DEBUG
-static const char NSSCKFW_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfw.h
- *
- * This file prototypes the publicly available calls of the 
- * NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-/*
- * NSSCKFWInstance
- *
- *  NSSCKFWInstance_GetMDInstance
- *  NSSCKFWInstance_GetArena
- *  NSSCKFWInstance_MayCreatePthreads
- *  NSSCKFWInstance_CreateMutex
- *  NSSCKFWInstance_GetConfigurationData
- */
-
-/*
- * NSSCKFWInstance_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWInstance_GetArena
-(
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWInstance_MayCreatePthreads
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_CreateMutex
- *
- */
-
-NSS_EXTERN NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWInstance_GetConfigurationData
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_GetInitArgs
- *
- */
-
-NSS_EXTERN CK_C_INITIALIZE_ARGS_PTR
-NSSCKFWInstance_GetInitArgs
-(
-  NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWSlot
- *
- *  NSSCKFWSlot_GetMDSlot
- *  NSSCKFWSlot_GetFWInstance
- *  NSSCKFWSlot_GetMDInstance
- *
- */
-
-/*
- * NSSCKFWSlot_GetMDSlot
- *
- */
-
-NSS_EXTERN NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWSlot_GetFWInstance
- *
- */
-
-NSS_EXTERN NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
-  NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWToken
- *
- *  NSSCKFWToken_GetMDToken
- *  NSSCKFWToken_GetFWSlot
- *  NSSCKFWToken_GetMDSlot
- *  NSSCKFWToken_GetSessionState
- *
- */
-
-/*
- * NSSCKFWToken_GetMDToken
- *
- */
-
-NSS_EXTERN NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWToken_GetArena
-(
-  NSSCKFWToken *fwToken,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWToken_GetFWSlot
- *
- */
-
-NSS_EXTERN NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetMDSlot
- *
- */
-
-NSS_EXTERN NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetSessionState
- *
- */
-
-NSS_EXTERN CK_STATE
-NSSCKFWSession_GetSessionState
-(
-  NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWMechanism
- *
- *  NSSKCFWMechanism_GetMDMechanism
- *  NSSCKFWMechanism_GetParameter
- *
- */
-
-/*
- * NSSKCFWMechanism_GetMDMechanism
- *
- */
-
-NSS_EXTERN NSSCKMDMechanism *
-NSSCKFWMechanism_GetMDMechanism
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWMechanism_GetParameter
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCKFWMechanism_GetParameter
-(
-  NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWSession
- *
- *  NSSCKFWSession_GetMDSession
- *  NSSCKFWSession_GetArena
- *  NSSCKFWSession_CallNotification
- *  NSSCKFWSession_IsRWSession
- *  NSSCKFWSession_IsSO
- *
- */
-
-/*
- * NSSCKFWSession_GetMDSession
- *
- */
-
-NSS_EXTERN NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWSession_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWSession_GetArena
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWSession_CallNotification
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWSession_CallNotification
-(
-  NSSCKFWSession *fwSession,
-  CK_NOTIFICATION event
-);
-
-/*
- * NSSCKFWSession_IsRWSession
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWSession_IsSO
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsSO
-(
-  NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWObject
- *
- *  NSSCKFWObject_GetMDObject
- *  NSSCKFWObject_GetArena
- *  NSSCKFWObject_IsTokenObject
- *  NSSCKFWObject_GetAttributeCount
- *  NSSCKFWObject_GetAttributeTypes
- *  NSSCKFWObject_GetAttributeSize
- *  NSSCKFWObject_GetAttribute
- *  NSSCKFWObject_GetObjectSize
- */
-
-/*
- * NSSCKFWObject_GetMDObject
- *
- */
-NSS_EXTERN NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * NSSCKFWObject_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-NSSCKFWObject_GetArena
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_IsTokenObject
- *
- */
-NSS_EXTERN CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
-  NSSCKFWObject *fwObject
-);
-
-/*
- * NSSCKFWObject_GetAttributeCount
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetAttributeTypes
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWObject_GetAttributeSize
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetAttribute
- *
- */
-NSS_EXTERN NSSItem *
-NSSCKFWObject_GetAttribute
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *itemOpt,
-  NSSArena *arenaOpt,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetObjectSize
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-);
-
-/*
- * NSSCKFWFindObjects
- *
- *  NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-/*
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
-  NSSCKFWFindObjects *
-);
-
-/*
- * NSSCKFWMutex
- *
- *  NSSCKFWMutex_Destroy
- *  NSSCKFWMutex_Lock
- *  NSSCKFWMutex_Unlock
- *
- */
-
-/*
- * NSSCKFWMutex_Destroy
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
-  NSSCKFWMutex *mutex
-);
-
-/*
- * NSSCKFWMutex_Lock
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
-  NSSCKFWMutex *mutex
-);
-
-/*
- * NSSCKFWMutex_Unlock
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
-  NSSCKFWMutex *mutex
-);
-
-#endif /* NSSCKFW_H */
-
diff --git a/security/nss/lib/ckfw/nssckfwc.h b/security/nss/lib/ckfw/nssckfwc.h
deleted file mode 100644
index 02b15ec35..000000000
--- a/security/nss/lib/ckfw/nssckfwc.h
+++ /dev/null
@@ -1,1046 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFWC_H
-#define NSSCKFWC_H
-
-#ifdef DEBUG
-static const char NSSCKFWC_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfwc.h
- *
- * This file prototypes all of the NSS Cryptoki Framework "wrapper" 
- * which implement the PKCS#11 API.  Technically, these are public
- * routines (with capital "NSS" prefixes), since they are called
- * from (generated) code within a Module using the Framework.
- * However, they should not be called except from those generated
- * calls.  Hence, the prototypes have been split out into this file.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-/*
- * NSSCKFWC_Initialize
- * NSSCKFWC_Finalize
- * NSSCKFWC_GetInfo
- * -- NSSCKFWC_GetFunctionList -- see the API insert file
- * NSSCKFWC_GetSlotList
- * NSSCKFWC_GetSlotInfo
- * NSSCKFWC_GetTokenInfo
- * NSSCKFWC_WaitForSlotEvent
- * NSSCKFWC_GetMechanismList
- * NSSCKFWC_GetMechanismInfo
- * NSSCKFWC_InitToken
- * NSSCKFWC_InitPIN
- * NSSCKFWC_SetPIN
- * NSSCKFWC_OpenSession
- * NSSCKFWC_CloseSession
- * NSSCKFWC_CloseAllSessions
- * NSSCKFWC_GetSessionInfo
- * NSSCKFWC_GetOperationState
- * NSSCKFWC_SetOperationState
- * NSSCKFWC_Login
- * NSSCKFWC_Logout
- * NSSCKFWC_CreateObject
- * NSSCKFWC_CopyObject
- * NSSCKFWC_DestroyObject
- * NSSCKFWC_GetObjectSize
- * NSSCKFWC_GetAttributeValue
- * NSSCKFWC_SetAttributeValue
- * NSSCKFWC_FindObjectsInit
- * NSSCKFWC_FindObjects
- * NSSCKFWC_FindObjectsFinal
- * NSSCKFWC_EncryptInit
- * NSSCKFWC_Encrypt
- * NSSCKFWC_EncryptUpdate
- * NSSCKFWC_EncryptFinal
- * NSSCKFWC_DecryptInit
- * NSSCKFWC_Decrypt
- * NSSCKFWC_DecryptUpdate
- * NSSCKFWC_DecryptFinal
- * NSSCKFWC_DigestInit
- * NSSCKFWC_Digest
- * NSSCKFWC_DigestUpdate
- * NSSCKFWC_DigestKey
- * NSSCKFWC_DigestFinal
- * NSSCKFWC_SignInit
- * NSSCKFWC_Sign
- * NSSCKFWC_SignUpdate
- * NSSCKFWC_SignFinal
- * NSSCKFWC_SignRecoverInit
- * NSSCKFWC_SignRecover
- * NSSCKFWC_VerifyInit
- * NSSCKFWC_Verify
- * NSSCKFWC_VerifyUpdate
- * NSSCKFWC_VerifyFinal
- * NSSCKFWC_VerifyRecoverInit
- * NSSCKFWC_VerifyRecover
- * NSSCKFWC_DigestEncryptUpdate
- * NSSCKFWC_DecryptDigestUpdate
- * NSSCKFWC_SignEncryptUpdate
- * NSSCKFWC_DecryptVerifyUpdate
- * NSSCKFWC_GenerateKey
- * NSSCKFWC_GenerateKeyPair
- * NSSCKFWC_WrapKey
- * NSSCKFWC_UnwrapKey
- * NSSCKFWC_DeriveKey
- * NSSCKFWC_SeedRandom
- * NSSCKFWC_GenerateRandom
- * NSSCKFWC_GetFunctionStatus
- * NSSCKFWC_CancelFunction
- */
-
-/*
- * NSSCKFWC_Initialize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Initialize
-(
-  NSSCKFWInstance **pFwInstance,
-  NSSCKMDInstance *mdInstance,
-  CK_VOID_PTR pInitArgs
-);
-
-/*
- * NSSCKFWC_Finalize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Finalize
-(
-  NSSCKFWInstance **pFwInstance
-);
-
-/*
- * NSSCKFWC_GetInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_INFO_PTR pInfo
-);
-  
-/*
- * C_GetFunctionList is implemented entirely in the Module's file which
- * includes the Framework API insert file.  It requires no "actual"
- * NSSCKFW routine.
- */
-
-/*
- * NSSCKFWC_GetSlotList
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotList
-(
-  NSSCKFWInstance *fwInstance,
-  CK_BBOOL tokenPresent,
-  CK_SLOT_ID_PTR pSlotList,
-  CK_ULONG_PTR pulCount
-);
- 
-/*
- * NSSCKFWC_GetSlotInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_SLOT_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_GetTokenInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetTokenInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_TOKEN_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_WaitForSlotEvent
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
-  NSSCKFWInstance *fwInstance,
-  CK_FLAGS flags,
-  CK_SLOT_ID_PTR pSlot,
-  CK_VOID_PTR pReserved
-);
-
-/*
- * NSSCKFWC_GetMechanismList
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismList
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE_PTR pMechanismList,
-  CK_ULONG_PTR pulCount
-);
-
-/*
- * NSSCKFWC_GetMechanismInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE type,
-  CK_MECHANISM_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_InitToken
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_InitToken
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen,
-  CK_CHAR_PTR pLabel
-);
-
-/*
- * NSSCKFWC_InitPIN
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_InitPIN
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-);
-
-/*
- * NSSCKFWC_SetPIN
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetPIN
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pOldPin,
-  CK_ULONG ulOldLen,
-  CK_CHAR_PTR pNewPin,
-  CK_ULONG ulNewLen
-);
-
-/*
- * NSSCKFWC_OpenSession
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_OpenSession
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_FLAGS flags,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_SESSION_HANDLE_PTR phSession
-);
-
-/*
- * NSSCKFWC_CloseSession
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CloseSession
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CloseAllSessions
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CloseAllSessions
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID
-);
-
-/*
- * NSSCKFWC_GetSessionInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSessionInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_SESSION_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_GetOperationState
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetOperationState
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG_PTR pulOperationStateLen
-);
-
-/*
- * NSSCKFWC_SetOperationState
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetOperationState
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG ulOperationStateLen,
-  CK_OBJECT_HANDLE hEncryptionKey,
-  CK_OBJECT_HANDLE hAuthenticationKey
-);
-
-/*
- * NSSCKFWC_Login
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Login
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_USER_TYPE userType,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-);
-
-/*
- * NSSCKFWC_Logout
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Logout
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CreateObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CreateObject
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phObject
-);
-
-/*
- * NSSCKFWC_CopyObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CopyObject
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phNewObject
-);
-
-/*
- * NSSCKFWC_DestroyObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DestroyObject
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject
-);
-
-/*
- * NSSCKFWC_GetObjectSize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetObjectSize
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ULONG_PTR pulSize
-);
-
-/*
- * NSSCKFWC_GetAttributeValue
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetAttributeValue
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-);
-  
-/*
- * NSSCKFWC_SetAttributeValue
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetAttributeValue
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_FindObjectsInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_FindObjects
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjects
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE_PTR phObject,
-  CK_ULONG ulMaxObjectCount,
-  CK_ULONG_PTR pulObjectCount
-);
-
-/*
- * NSSCKFWC_FindObjectsFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_EncryptInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Encrypt
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Encrypt
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG_PTR pulEncryptedDataLen
-);
-
-/*
- * NSSCKFWC_EncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_EncryptFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastEncryptedPart,
-  CK_ULONG_PTR pulLastEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Decrypt
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Decrypt
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG ulEncryptedDataLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-);
-
-/*
- * NSSCKFWC_DecryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_DecryptFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastPart,
-  CK_ULONG_PTR pulLastPartLen
-);
-
-/*
- * NSSCKFWC_DigestInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism
-);
-
-/*
- * NSSCKFWC_Digest
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Digest
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-);
-
-/*
- * NSSCKFWC_DigestUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen
-);
-
-/*
- * NSSCKFWC_DigestKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_DigestFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-);
-
-/*
- * NSSCKFWC_SignInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Sign
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Sign
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_SignUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-);
-
-/*
- * NSSCKFWC_SignFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_SignRecoverInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignRecoverInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_SignRecover
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignRecover
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Verify
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Verify
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-);
-
-/*
- * NSSCKFWC_VerifyFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyRecoverInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_VerifyRecover
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecover
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-);
-
-/*
- * NSSCKFWC_DigestEncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptDigestUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_SignEncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptVerifyUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_GenerateKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_GenerateKeyPair
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKeyPair
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-  CK_ULONG ulPublicKeyAttributeCount,
-  CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-  CK_ULONG ulPrivateKeyAttributeCount,
-  CK_OBJECT_HANDLE_PTR phPublicKey,
-  CK_OBJECT_HANDLE_PTR phPrivateKey
-);
-
-/*
- * NSSCKFWC_WrapKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_WrapKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hWrappingKey,
-  CK_OBJECT_HANDLE hKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG_PTR pulWrappedKeyLen
-);
-
-/*
- * NSSCKFWC_UnwrapKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_UnwrapKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hUnwrappingKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG ulWrappedKeyLen,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_DeriveKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DeriveKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hBaseKey,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_SeedRandom
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SeedRandom
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSeed,
-  CK_ULONG ulSeedLen
-);
-
-/*
- * NSSCKFWC_GenerateRandom
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateRandom
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pRandomData,
-  CK_ULONG ulRandomLen
-);
-
-/*
- * NSSCKFWC_GetFunctionStatus
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetFunctionStatus
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CancelFunction
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CancelFunction
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-);
-
-#endif /* NSSCKFWC_H */
diff --git a/security/nss/lib/ckfw/nssckfwt.h b/security/nss/lib/ckfw/nssckfwt.h
deleted file mode 100644
index 13be0f325..000000000
--- a/security/nss/lib/ckfw/nssckfwt.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFWT_H
-#define NSSCKFWT_H
-
-#ifdef DEBUG
-static const char NSSCKFWT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfwt.h
- *
- * This file declares the public types used by the NSS Cryptoki Framework.
- */
-
-/*
- * NSSCKFWInstance
- *
- */
-
-struct NSSCKFWInstanceStr;
-typedef struct NSSCKFWInstanceStr NSSCKFWInstance;
-
-/*
- * NSSCKFWSlot
- *
- */
-
-struct NSSCKFWSlotStr;
-typedef struct NSSCKFWSlotStr NSSCKFWSlot;
-
-/*
- * NSSCKFWToken
- *
- */
-
-struct NSSCKFWTokenStr;
-typedef struct NSSCKFWTokenStr NSSCKFWToken;
-
-/*
- * NSSCKFWMechanism
- *
- */
-
-struct NSSCKFWMechanismStr;
-typedef struct NSSCKFWMechanismStr NSSCKFWMechanism;
-
-/*
- * NSSCKFWSession
- *
- */
-
-struct NSSCKFWSessionStr;
-typedef struct NSSCKFWSessionStr NSSCKFWSession;
-
-/*
- * NSSCKFWObject
- *
- */
-
-struct NSSCKFWObjectStr;
-typedef struct NSSCKFWObjectStr NSSCKFWObject;
-
-/*
- * NSSCKFWFindObjects
- *
- */
-
-struct NSSCKFWFindObjectsStr;
-typedef struct NSSCKFWFindObjectsStr NSSCKFWFindObjects;
-
-/*
- * NSSCKFWMutex
- *
- */
-
-struct NSSCKFWMutexStr;
-typedef struct NSSCKFWMutexStr NSSCKFWMutex;
-
-#endif /* NSSCKFWT_H */
diff --git a/security/nss/lib/ckfw/nssckg.h b/security/nss/lib/ckfw/nssckg.h
deleted file mode 100644
index ae7dbeb91..000000000
--- a/security/nss/lib/ckfw/nssckg.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef NSSCKG_H
-#define NSSCKG_H
-
-#include "pkcs11.h"
-
-#endif /* NSSCKG_H */
diff --git a/security/nss/lib/ckfw/nssckmdt.h b/security/nss/lib/ckfw/nssckmdt.h
deleted file mode 100644
index c4a18a814..000000000
--- a/security/nss/lib/ckfw/nssckmdt.h
+++ /dev/null
@@ -1,2036 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKMDT_H
-#define NSSCKMDT_H
-
-#ifdef DEBUG
-static const char NSSCKMDT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckmdt.h
- *
- * This file specifies the basic types that must be implemented by
- * any Module using the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-typedef struct NSSCKMDInstanceStr NSSCKMDInstance;
-typedef struct NSSCKMDSlotStr NSSCKMDSlot;
-typedef struct NSSCKMDTokenStr NSSCKMDToken;
-typedef struct NSSCKMDSessionStr NSSCKMDSession;
-typedef struct NSSCKMDFindObjectsStr NSSCKMDFindObjects;
-typedef struct NSSCKMDMechanismStr NSSCKMDMechanism;
-typedef struct NSSCKMDObjectStr NSSCKMDObject;
-
-/*
- * NSSCKFWItem
- *
- * This is a structure used by modules to return object attributes.
- * The needsFreeing bit indicates whether the object needs to be freed.
- * If so, the framework will call the FreeAttribute function on the item
- * after it is done using it.
- *
- */
-
-typedef struct {
-  PRBool needsFreeing;
-  NSSItem* item;
-} NSSCKFWItem ;
-
-/*
- * NSSCKMDInstance
- *
- * This is the basic handle for an instance of a PKCS#11 Module.
- * It is returned by the Module's CreateInstance routine, and
- * may be obtained from the corresponding NSSCKFWInstance object.
- * It contains a pointer for use by the Module, to store any
- * instance-related data, and it contains the EPV for a set of
- * routines which the Module may implement for use by the Framework.
- * Some of these routines are optional; others are mandatory.
- */
-
-struct NSSCKMDInstanceStr {
-  /*
-   * The Module may use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine is called by the Framework to initialize
-   * the Module.  This routine is optional; if unimplemented,
-   * it won't be called.  If this routine returns an error,
-   * then the initialization will fail.
-   */
-  CK_RV (PR_CALLBACK *Initialize)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    NSSUTF8 *configurationData
-  );
-
-  /*
-   * This routine is called when the Framework is finalizing
-   * the PKCS#11 Module.  It is the last thing called before
-   * the NSSCKFWInstance's NSSArena is destroyed.  This routine
-   * is optional; if unimplemented, it merely won't be called.
-   */
-  void (PR_CALLBACK *Finalize)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine gets the number of slots.  This value must
-   * never change, once the instance is initialized.  This 
-   * routine must be implemented.  It may return zero on error.
-   */
-  CK_ULONG (PR_CALLBACK *GetNSlots)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns the version of the Cryptoki standard
-   * to which this Module conforms.  This routine is optional;
-   * if unimplemented, the Framework uses the version to which
-   * ~it~ was implemented.
-   */
-  CK_VERSION (PR_CALLBACK *GetCryptokiVersion)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing the manufacturer ID for this Module.  Only
-   * the characters completely encoded in the first thirty-
-   * two bytes are significant.  This routine is optional.
-   * The string returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing a description of this Module library.  Only
-   * the characters completely encoded in the first thirty-
-   * two bytes are significant.  This routine is optional.
-   * The string returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetLibraryDescription)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns the version of this Module library.
-   * This routine is optional; if unimplemented, the Framework
-   * will assume a Module library version of 0.1.
-   */
-  CK_VERSION (PR_CALLBACK *GetLibraryVersion)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if the Module wishes to
-   * handle session objects.  This routine is optional.
-   * If this routine is NULL, or if it exists but returns
-   * CK_FALSE, the Framework will assume responsibility
-   * for managing session objects.
-   */
-  CK_BBOOL (PR_CALLBACK *ModuleHandlesSessionObjects)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine stuffs pointers to NSSCKMDSlot objects into
-   * the specified array; one for each slot supported by this
-   * instance.  The Framework will determine the size needed
-   * for the array by calling GetNSlots.  This routine is
-   * required.
-   */
-  CK_RV (PR_CALLBACK *GetSlots)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDSlot *slots[]
-  );
-
-  /*
-   * This call returns a pointer to the slot in which an event
-   * has occurred.  If the block argument is CK_TRUE, the call 
-   * should block until a slot event occurs; if CK_FALSE, it 
-   * should check to see if an event has occurred, occurred, 
-   * but return NULL (and set *pError to CK_NO_EVENT) if one 
-   * hasn't.  This routine is optional; if unimplemented, the
-   * Framework will assume that no event has happened.  This
-   * routine may return NULL upon error.
-   */
-  NSSCKMDSlot *(PR_CALLBACK *WaitForSlotEvent)(
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_BBOOL block,
-    CK_RV *pError
-  );
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-
-/*
- * NSSCKMDSlot
- *
- * This is the basic handle for a PKCS#11 Module Slot.  It is
- * created by the NSSCKMDInstance->GetSlots call, and may be
- * obtained from the Framework's corresponding NSSCKFWSlot
- * object.  It contains a pointer for use by the Module, to
- * store any slot-related data, and it contains the EPV for
- * a set of routines which the Module may implement for use
- * by the Framework.  Some of these routines are optional.
- */
-
-struct NSSCKMDSlotStr {
-  /*
-   * The Module may use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine is called during the Framework initialization
-   * step, after the Framework Instance has obtained the list
-   * of slots (by calling NSSCKMDInstance->GetSlots).  Any slot-
-   * specific initialization can be done here.  This routine is
-   * optional; if unimplemented, it won't be called.  Note that
-   * if this routine returns an error, the entire Framework
-   * initialization for this Module will fail.
-   */
-  CK_RV (PR_CALLBACK *Initialize)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine is called when the Framework is finalizing
-   * the PKCS#11 Module.  This call (for each of the slots)
-   * is the last thing called before NSSCKMDInstance->Finalize.
-   * This routine is optional; if unimplemented, it merely 
-   * won't be called.  Note: In the rare circumstance that
-   * the Framework initialization cannot complete (due to,
-   * for example, memory limitations), this can be called with
-   * a NULL value for fwSlot.
-   */
-  void (PR_CALLBACK *Destroy)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing a description of this slot.  Only the characters
-   * completely encoded in the first sixty-four bytes are
-   * significant.  This routine is optional.  The string 
-   * returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetSlotDescription)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing a description of the manufacturer of this slot.
-   * Only the characters completely encoded in the first thirty-
-   * two bytes are significant.  This routine is optional.  
-   * The string  returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns CK_TRUE if a token is present in this
-   * slot.  This routine is optional; if unimplemented, CK_TRUE
-   * is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetTokenPresent)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if the slot supports removable
-   * tokens.  This routine is optional; if unimplemented, CK_FALSE
-   * is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetRemovableDevice)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if this slot is a hardware
-   * device, or CK_FALSE if this slot is a software device.  This
-   * routine is optional; if unimplemented, CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetHardwareSlot)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the version of this slot's hardware.
-   * This routine is optional; if unimplemented, the Framework
-   * will assume a hardware version of 0.1.
-   */
-  CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the version of this slot's firmware.
-   * This routine is optional; if unimplemented, the Framework
-   * will assume a hardware version of 0.1.
-   */
-  CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine should return a pointer to an NSSCKMDToken
-   * object corresponding to the token in the specified slot.
-   * The NSSCKFWToken object passed in has an NSSArena
-   * available which is dedicated for this token.  This routine
-   * must be implemented.  This routine may return NULL upon
-   * error.
-   */
-  NSSCKMDToken *(PR_CALLBACK *GetToken)(
-    NSSCKMDSlot *mdSlot,
-    NSSCKFWSlot *fwSlot,
-    NSSCKMDInstance *mdInstance,                                    
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-/*
- * NSSCKMDToken
- *
- * This is the basic handle for a PKCS#11 Token.  It is created by
- * the NSSCKMDSlot->GetToken call, and may be obtained from the
- * Framework's corresponding NSSCKFWToken object.  It contains a
- * pointer for use by the Module, to store any token-related
- * data, and it contains the EPV for a set of routines which the
- * Module may implement for use by the Framework.  Some of these
- * routines are optional.
- */
-
-struct NSSCKMDTokenStr {
-  /*
-   * The Module may use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine is used to prepare a Module token object for
-   * use.  It is called after the NSSCKMDToken object is obtained
-   * from NSSCKMDSlot->GetToken.  It is named "Setup" here because
-   * Cryptoki already defines "InitToken" to do the process of
-   * wiping out any existing state on a token and preparing it for
-   * a new use.  This routine is optional; if unimplemented, it
-   * merely won't be called.
-   */
-  CK_RV (PR_CALLBACK *Setup)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine is called by the Framework whenever it notices
-   * that the token object is invalid.  (Typically this is when a 
-   * routine indicates an error such as CKR_DEVICE_REMOVED).  This
-   * call is the last thing called before the NSSArena in the
-   * corresponding NSSCKFWToken is destroyed.  This routine is
-   * optional; if unimplemented, it merely won't be called.
-   */
-  void (PR_CALLBACK *Invalidate)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine initialises the token in the specified slot.
-   * This routine is optional; if unimplemented, the Framework
-   * will fail this operation with an error of CKR_DEVICE_ERROR.
-   */
-
-  CK_RV (PR_CALLBACK *InitToken)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *pin,
-    NSSUTF8 *label
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing this token's label.  Only the characters
-   * completely encoded in the first thirty-two bytes are
-   * significant.  This routine is optional.  The string 
-   * returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetLabel)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing this token's manufacturer ID.  Only the characters
-   * completely encoded in the first thirty-two bytes are
-   * significant.  This routine is optional.  The string 
-   * returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing this token's model name.  Only the characters
-   * completely encoded in the first thirty-two bytes are
-   * significant.  This routine is optional.  The string 
-   * returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetModel)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns a pointer to a UTF8-encoded string
-   * containing this token's serial number.  Only the characters
-   * completely encoded in the first thirty-two bytes are
-   * significant.  This routine is optional.  The string 
-   * returned is never freed; if dynamically generated,
-   * the space for it should be allocated from the NSSArena
-   * that may be obtained from the NSSCKFWInstance.  This
-   * routine may return NULL upon error; however if *pError
-   * is CKR_OK, the NULL will be considered the valid response.
-   */
-  NSSUTF8 *(PR_CALLBACK *GetSerialNumber)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns CK_TRUE if the token has its own
-   * random number generator.  This routine is optional; if
-   * unimplemented, CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetHasRNG)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if this token is write-protected.
-   * This routine is optional; if unimplemented, CK_FALSE is
-   * assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetIsWriteProtected)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if this token requires a login.
-   * This routine is optional; if unimplemented, CK_FALSE is
-   * assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetLoginRequired)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if the normal user's PIN on this
-   * token has been initialised.  This routine is optional; if
-   * unimplemented, CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetUserPinInitialized)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if a successful save of a
-   * session's cryptographic operations state ~always~ contains
-   * all keys needed to restore the state of the session.  This
-   * routine is optional; if unimplemented, CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetRestoreKeyNotNeeded)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if the token has its own
-   * hardware clock.  This routine is optional; if unimplemented,
-   * CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetHasClockOnToken)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if the token has a protected
-   * authentication path.  This routine is optional; if
-   * unimplemented, CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetHasProtectedAuthenticationPath)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns CK_TRUE if the token supports dual
-   * cryptographic operations within a single session.  This
-   * routine is optional; if unimplemented, CK_FALSE is assumed.
-   */
-  CK_BBOOL (PR_CALLBACK *GetSupportsDualCryptoOperations)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * XXX fgmr-- should we have a call to return all the flags
-   * at once, for folks who already know about Cryptoki?
-   */
-
-  /*
-   * This routine returns the maximum number of sessions that
-   * may be opened on this token.  This routine is optional;
-   * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
-   * is assumed.  XXX fgmr-- or CK_EFFECTIVELY_INFINITE?
-   */
-  CK_ULONG (PR_CALLBACK *GetMaxSessionCount)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the maximum number of read/write
-   * sesisons that may be opened on this token.  This routine
-   * is optional; if unimplemented, the special value
-   * CK_UNAVAILABLE_INFORMATION is assumed.  XXX fgmr-- or 
-   * CK_EFFECTIVELY_INFINITE?
-   */
-  CK_ULONG (PR_CALLBACK *GetMaxRwSessionCount)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the maximum PIN code length that is
-   * supported on this token.  This routine is optional;
-   * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
-   * is assumed.
-   */
-  CK_ULONG (PR_CALLBACK *GetMaxPinLen)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the minimum PIN code length that is
-   * supported on this token.  This routine is optional; if
-   * unimplemented, the special value CK_UNAVAILABLE_INFORMATION
-   *  is assumed.  XXX fgmr-- or 0?
-   */
-  CK_ULONG (PR_CALLBACK *GetMinPinLen)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the total amount of memory on the token
-   * in which public objects may be stored.  This routine is
-   * optional; if unimplemented, the special value
-   * CK_UNAVAILABLE_INFORMATION is assumed.
-   */
-  CK_ULONG (PR_CALLBACK *GetTotalPublicMemory)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the amount of unused memory on the
-   * token in which public objects may be stored.  This routine
-   * is optional; if unimplemented, the special value
-   * CK_UNAVAILABLE_INFORMATION is assumed.
-   */
-  CK_ULONG (PR_CALLBACK *GetFreePublicMemory)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the total amount of memory on the token
-   * in which private objects may be stored.  This routine is
-   * optional; if unimplemented, the special value
-   * CK_UNAVAILABLE_INFORMATION is assumed.
-   */
-  CK_ULONG (PR_CALLBACK *GetTotalPrivateMemory)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the amount of unused memory on the
-   * token in which private objects may be stored.  This routine
-   * is optional; if unimplemented, the special value
-   * CK_UNAVAILABLE_INFORMATION is assumed.
-   */
-  CK_ULONG (PR_CALLBACK *GetFreePrivateMemory)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the version number of this token's
-   * hardware.  This routine is optional; if unimplemented,
-   * the value 0.1 is assumed.
-   */
-  CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the version number of this token's
-   * firmware.  This routine is optional; if unimplemented,
-   * the value 0.1 is assumed.
-   */
-  CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine stuffs the current UTC time, as obtained from
-   * the token, into the sixteen-byte buffer in the form
-   * YYYYMMDDhhmmss00.  This routine need only be implemented
-   * by token which indicate that they have a real-time clock.
-   * XXX fgmr-- think about time formats.
-   */
-  CK_RV (PR_CALLBACK *GetUTCTime)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_CHAR utcTime[16]
-  );
-
-  /*
-   * This routine creates a session on the token, and returns
-   * the corresponding NSSCKMDSession object.  The value of
-   * rw will be CK_TRUE if the session is to be a read/write 
-   * session, or CK_FALSE otherwise.  An NSSArena dedicated to
-   * the new session is available from the specified NSSCKFWSession.
-   * This routine may return NULL upon error.
-   */
-  NSSCKMDSession *(PR_CALLBACK *OpenSession)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKFWSession *fwSession,
-    CK_BBOOL rw,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns the number of PKCS#11 Mechanisms
-   * supported by this token.  This routine is optional; if
-   * unimplemented, zero is assumed.
-   */
-  CK_ULONG (PR_CALLBACK *GetMechanismCount)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine stuffs into the specified array the types
-   * of the mechanisms supported by this token.  The Framework
-   * determines the size of the array by calling GetMechanismCount.
-   */
-  CK_RV (PR_CALLBACK *GetMechanismTypes)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_MECHANISM_TYPE types[]
-  );
-
-  /*
-   * This routine returns a pointer to a Module mechanism
-   * object corresponding to a specified type.  This routine
-   * need only exist for tokens implementing at least one
-   * mechanism.
-   */
-  NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)(
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKFWMechanism *fwMechanism,
-    CK_MECHANISM_TYPE which
-  );
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-/*
- * NSSCKMDSession
- *
- * This is the basic handle for a session on a PKCS#11 Token.  It
- * is created by NSSCKMDToken->OpenSession, and may be obtained
- * from the Framework's corresponding NSSCKFWSession object.  It
- * contains a pointer for use by the Module, to store any session-
- * realted data, and it contains the EPV for a set of routines
- * which the Module may implement for use by the Framework.  Some
- * of these routines are optional.
- */
-
-struct NSSCKMDSessionStr {
-  /*
-   * The Module may use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine is called by the Framework when a session is
-   * closed.  This call is the last thing called before the
-   * NSSArena in the correspoinding NSSCKFWSession is destroyed.
-   * This routine is optional; if unimplemented, it merely won't
-   * be called.
-   */
-  void (PR_CALLBACK *Close)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine is used to get any device-specific error.
-   * This routine is optional.
-   */
-  CK_ULONG (PR_CALLBACK *GetDeviceError)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine is used to log in a user to the token.  This
-   * routine is optional, since the Framework's NSSCKFWSession
-   * object keeps track of the login state.
-   */
-  CK_RV (PR_CALLBACK *Login)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_USER_TYPE userType,
-    NSSItem *pin,
-    CK_STATE oldState,
-    CK_STATE newState
-  );
-
-  /*
-   * This routine is used to log out a user from the token.  This
-   * routine is optional, since the Framework's NSSCKFWSession
-   * object keeps track of the login state.
-   */
-  CK_RV (PR_CALLBACK *Logout)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_STATE oldState,
-    CK_STATE newState
-  );
-
-  /*
-   * This routine is used to initialize the normal user's PIN or
-   * password.  This will only be called in the "read/write
-   * security officer functions" state.  If this token has a
-   * protected authentication path, then the pin argument will
-   * be NULL.  This routine is optional; if unimplemented, the
-   * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
-   */
-  CK_RV (PR_CALLBACK *InitPIN)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *pin
-  );
-
-  /*
-   * This routine is used to modify a user's PIN or password.  This
-   * routine will only be called in the "read/write security officer
-   * functions" or "read/write user functions" state.  If this token
-   * has a protected authentication path, then the pin arguments
-   * will be NULL.  This routine is optional; if unimplemented, the
-   * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
-   */
-  CK_RV (PR_CALLBACK *SetPIN)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *oldPin,
-    NSSItem *newPin
-  );
-
-  /*
-   * This routine is used to find out how much space would be required
-   * to save the current operational state.  This routine is optional;
-   * if unimplemented, the Framework will reject any attempts to save
-   * the operational state with the error CKR_STATE_UNSAVEABLE.  This
-   * routine may return zero on error.
-   */
-  CK_ULONG (PR_CALLBACK *GetOperationStateLen)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine is used to store the current operational state.  This
-   * routine is only required if GetOperationStateLen is implemented 
-   * and can return a nonzero value.  The buffer in the specified item
-   * will be pre-allocated, and the length will specify the amount of
-   * space available (which may be more than GetOperationStateLen
-   * asked for, but which will not be smaller).
-   */
-  CK_RV (PR_CALLBACK *GetOperationState)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   * This routine is used to restore an operational state previously
-   * obtained with GetOperationState.  The Framework will take pains
-   * to be sure that the state is (or was at one point) valid; if the
-   * Module notices that the state is invalid, it should return an
-   * error, but it is not required to be paranoid about the issue.
-   * [XXX fgmr-- should (can?) the framework verify the keys match up?]
-   * This routine is required only if GetOperationState is implemented.
-   */
-  CK_RV (PR_CALLBACK *SetOperationState)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *state,
-    NSSCKMDObject *mdEncryptionKey,
-    NSSCKFWObject *fwEncryptionKey,
-    NSSCKMDObject *mdAuthenticationKey,
-    NSSCKFWObject *fwAuthenticationKey
-  );
-
-  /*
-   * This routine is used to create an object.  The specified template
-   * will only specify a session object if the Module has indicated 
-   * that it wishes to handle its own session objects.  This routine
-   * is optional; if unimplemented, the Framework will reject the
-   * operation with the error CKR_TOKEN_WRITE_PROTECTED.  Space for
-   * token objects should come from the NSSArena available from the
-   * NSSCKFWToken object; space for session objects (if supported)
-   * should come from the NSSArena available from the NSSCKFWSession
-   * object.  The appropriate NSSArena pointer will, as a convenience,
-   * be passed as the handyArenaPointer argument.  This routine may
-   * return NULL upon error.
-   */
-  NSSCKMDObject *(PR_CALLBACK *CreateObject)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSArena *handyArenaPointer,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine is used to make a copy of an object.  It is entirely
-   * optional; if unimplemented, the Framework will try to use
-   * CreateObject instead.  If the Module has indicated that it does
-   * not wish to handle session objects, then this routine will only
-   * be called to copy a token object to another token object.
-   * Otherwise, either the original object or the new may be of
-   * either the token or session variety.  As with CreateObject, the
-   * handyArenaPointer will point to the appropriate arena for the
-   * new object.  This routine may return NULL upon error.
-   */
-  NSSCKMDObject *(PR_CALLBACK *CopyObject)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdOldObject,
-    NSSCKFWObject *fwOldObject,
-    NSSArena *handyArenaPointer,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine is used to begin an object search.  This routine may
-   * be unimplemented only if the Module does not handle session 
-   * objects, and if none of its tokens have token objects.  The
-   * NSSCKFWFindObjects pointer has an NSSArena that may be used for
-   * storage for the life of this "find" operation.  This routine may
-   * return NULL upon error.  If the Module can determine immediately
-   * that the search will not find any matching objects, it may return
-   * NULL, and specify CKR_OK as the error.
-   */
-  NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine seeds the random-number generator.  It is
-   * optional, even if GetRandom is implemented.  If unimplemented,
-   * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED.
-   */
-  CK_RV (PR_CALLBACK *SeedRandom)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *seed
-  );
-
-  /*
-   * This routine gets random data.  It is optional.  If unimplemented,
-   * the Framework will issue the error CKR_RANDOM_NO_RNG.
-   */
-  CK_RV (PR_CALLBACK *GetRandom)(
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-/*
- * NSSCKMDFindObjects
- *
- * This is the basic handle for an object search.  It is
- * created by NSSCKMDSession->FindObjectsInit, and may be
- * obtained from the Framework's corresponding object.
- * It contains a pointer for use by the Module, to store
- * any search-related data, and it contains the EPV for a
- * set of routines which the Module may implement for use
- * by the Framework.  Some of these routines are optional.
- */
-
-struct NSSCKMDFindObjectsStr {
-  /*
-   * The Module may use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine is called by the Framework to finish a
-   * search operation.  Note that the Framework may finish
-   * a search before it has completed.  This routine is
-   * optional; if unimplemented, it merely won't be called.
-   */
-  void (PR_CALLBACK *Final)(
-    NSSCKMDFindObjects *mdFindObjects,
-    NSSCKFWFindObjects *fwFindObjects,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine is used to obtain another pointer to an
-   * object matching the search criteria.  This routine is
-   * required.  If no (more) objects match the search, it
-   * should return NULL and set the error to CKR_OK.
-   */
-  NSSCKMDObject *(PR_CALLBACK *Next)(
-    NSSCKMDFindObjects *mdFindObjects,
-    NSSCKFWFindObjects *fwFindObjects,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSArena *arena,
-    CK_RV *pError
-  );
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-/*
- * NSSCKMDMechanism
- *
- */
-
-struct NSSCKMDMechanismStr {
-  /*
-   * The Module may use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine returns the minimum key size allowed for
-   * this mechanism.  This routine is optional; if unimplemented,
-   * zero will be assumed.  This routine may return zero on
-   * error; if the error is CKR_OK, zero will be accepted as
-   * a valid response.
-   */
-  CK_ULONG (PR_CALLBACK *GetMinKeySize)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns the maximum key size allowed for
-   * this mechanism.  This routine is optional; if unimplemented,
-   * zero will be assumed.  This routine may return zero on
-   * error; if the error is CKR_OK, zero will be accepted as
-   * a valid response.
-   */
-  CK_ULONG (PR_CALLBACK *GetMaxKeySize)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine is called to determine if the mechanism is
-   * implemented in hardware or software.  It returns CK_TRUE
-   * if it is done in hardware.
-   */
-  CK_BBOOL (PR_CALLBACK *GetInHardware)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * The crypto routines themselves.  Most crypto operations may
-   * be performed in two ways, streaming and single-part.  The
-   * streaming operations involve the use of (typically) three
-   * calls-- an Init method to set up the operation, an Update
-   * method to feed data to the operation, and a Final method to
-   * obtain the final result.  Single-part operations involve
-   * one method, to perform the crypto operation all at once.
-   * The NSS Cryptoki Framework can implement the single-part
-   * operations in terms of the streaming operations on behalf
-   * of the Module.  There are a few variances.
-   * 
-   * For simplicity, the routines are listed in summary here:
-   *
-   *  EncryptInit, EncryptUpdate, EncryptFinal; Encrypt
-   *  DecryptInit, DecryptUpdate, DecryptFinal; Decrypt
-   *  DigestInit, DigestUpdate, DigestKey, DigestFinal; Digest
-   *  SignInit, SignUpdate, SignFinal; Sign
-   *  SignRecoverInit; SignRecover
-   *  VerifyInit, VerifyUpdate, VerifyFinal; Verify
-   *  VerifyRecoverInit; VerifyRecover
-   * 
-   * Also, there are some combined-operation calls:
-   * 
-   *  DigestEncryptUpdate
-   *  DecryptDigestUpdate
-   *  SignEncryptUpdate
-   *  DecryptVerifyUpdate
-   *
-   * The key-management routines are
-   *
-   *  GenerateKey
-   *  GenerateKeyPair
-   *  WrapKey
-   *  UnwrapKey
-   *  DeriveKey
-   *
-   * All of these routines based directly on the Cryptoki API; 
-   * see PKCS#11 for further information.
-   */
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *EncryptInit)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *EncryptUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data, 
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *EncryptFinal)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *Encrypt)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey,
-    NSSItem *data, 
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DecryptInit)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DecryptUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data, 
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DecryptFinal)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *Decrypt)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey,
-    NSSItem *data, 
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DigestInit)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DigestUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DigestKey)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DigestFinal)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *Digest)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data, 
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *SignInit)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *SignUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *SignFinal)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *Sign)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *VerifyInit)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKFWObject *key
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *VerifyUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *VerifyFinish)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *Verify)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKFWObject *key,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *SignRecover)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *VerifyRecover)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdKey,
-    NSSCKFWObject *fwKey,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DigestEncryptUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DecryptDigestUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *SignEncryptUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   */
-  CK_RV (PR_CALLBACK *DecryptVerifyUpdate)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSItem *data,
-    NSSItem *buffer
-  );
-
-  /*
-   * Key management operations.
-   */
-
-  /*
-   * This routine generates a key.  This routine may return NULL
-   * upon error.
-   */
-  NSSCKMDObject *(PR_CALLBACK *GenerateKey)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine generates a key pair.
-   */
-  CK_RV (PR_CALLBACK *GenerateKeyPair)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-    CK_ULONG ulPublicKeyAttributeCount,
-    CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-    CK_ULONG ulPrivateKeyAttributeCount,
-    NSSCKMDObject **pPublicKey,
-    NSSCKMDObject **pPrivateKey
-  );
-
-  /*
-   * This routine wraps a key.
-   */
-  CK_RV (PR_CALLBACK *WrapKey)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdWrappingKey,
-    NSSCKFWObject *fwWrappingKey,
-    NSSCKMDObject *mdWrappedKey,
-    NSSCKFWObject *fwWrappedKey,
-    NSSItem *buffer
-  );
-
-  /*
-   * This routine unwraps a key.  This routine may return NULL
-   * upon error.
-   */
-  NSSCKMDObject *(PR_CALLBACK *UnwrapKey)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdWrappingKey,
-    NSSCKFWObject *fwWrappingKey,
-    NSSItem *wrappedKey,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError
-  );    
-    
-  /*
-   * This routine derives a key.  This routine may return NULL
-   * upon error.
-   */
-  NSSCKMDObject *(PR_CALLBACK *DeriveKey)(
-    NSSCKMDMechanism *mdMechanism,
-    NSSCKFWMechanism *fwMechanism,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    NSSCKMDObject *mdBaseKey,
-    NSSCKFWObject *fwBaseKey,
-    CK_ATTRIBUTE_PTR pTemplate,
-    CK_ULONG ulAttributeCount,
-    CK_RV *pError
-  );    
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-/*
- * NSSCKMDObject
- *
- * This is the basic handle for any object used by a PKCS#11 Module.
- * Modules must implement it if they support their own objects, and
- * the Framework supports it for Modules that do not handle session
- * objects.  This type contains a pointer for use by the implementor,
- * to store any object-specific data, and it contains an EPV for a
- * set of routines used to access the object.
- */
-
-struct NSSCKMDObjectStr {
-  /*
-   * The implementation my use this pointer for its own purposes.
-   */
-  void *etc;
-
-  /*
-   * This routine is called by the Framework when it is letting
-   * go of an object handle.  It can be used by the Module to
-   * free any resources tied up by an object "in use."  It is
-   * optional.
-   */
-  void (PR_CALLBACK *Finalize)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine is used to completely destroy an object.
-   * It is optional.  The parameter fwObject might be NULL
-   * if the framework runs out of memory at the wrong moment.
-   */
-  CK_RV (PR_CALLBACK *Destroy)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This helper routine is used by the Framework, and is especially
-   * useful when it is managing session objects on behalf of the
-   * Module.  This routine is optional; if unimplemented, the
-   * Framework will actually look up the CKA_TOKEN attribute.  In the
-   * event of an error, just make something up-- the Framework will
-   * find out soon enough anyway.
-   */
-  CK_BBOOL (PR_CALLBACK *IsTokenObject)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance
-  );
-
-  /*
-   * This routine returns the number of attributes of which this
-   * object consists.  It is mandatory.  It can return zero on
-   * error.
-   */
-  CK_ULONG (PR_CALLBACK *GetAttributeCount)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine stuffs the attribute types into the provided array.
-   * The array size (as obtained from GetAttributeCount) is passed in
-   * as a check; return CKR_BUFFER_TOO_SMALL if the count is wrong
-   * (either too big or too small).
-   */
-  CK_RV (PR_CALLBACK *GetAttributeTypes)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_TYPE_PTR typeArray,
-    CK_ULONG ulCount
-  );
-
-  /*
-   * This routine returns the size (in bytes) of the specified
-   * attribute.  It can return zero on error.
-   */
-  CK_ULONG (PR_CALLBACK *GetAttributeSize)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_TYPE attribute,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns an NSSCKFWItem structure.
-   * The item pointer points to an NSSItem containing the attribute value.
-   * The needsFreeing bit tells the framework whether to call the
-   * FreeAttribute function . Upon error, an NSSCKFWItem structure
-   * with a NULL NSSItem item pointer will be returned
-   */
-  NSSCKFWItem (PR_CALLBACK *GetAttribute)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_TYPE attribute,
-    CK_RV *pError
-  );
-
-  /*
-   * This routine returns CKR_OK if the attribute could be freed.
-   */
-  CK_RV (PR_CALLBACK *FreeAttribute)(
-    NSSCKFWItem * item
-  );
-
-  /*
-   * This routine changes the specified attribute.  If unimplemented,
-   * the object will be considered read-only.
-   */
-  CK_RV (PR_CALLBACK *SetAttribute)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_ATTRIBUTE_TYPE attribute,
-    NSSItem *value
-  );
-
-  /*
-   * This routine returns the storage requirements of this object,
-   * in bytes.  Cryptoki doesn't strictly define the definition,
-   * but it should relate to the values returned by the "Get Memory"
-   * routines of the NSSCKMDToken.  This routine is optional; if
-   * unimplemented, the Framework will consider this information
-   * sensitive.  This routine may return zero on error.  If the
-   * specified error is CKR_OK, zero will be accepted as a valid
-   * response.
-   */
-  CK_ULONG (PR_CALLBACK *GetObjectSize)(
-    NSSCKMDObject *mdObject,
-    NSSCKFWObject *fwObject,
-    NSSCKMDSession *mdSession,
-    NSSCKFWSession *fwSession,
-    NSSCKMDToken *mdToken,
-    NSSCKFWToken *fwToken,
-    NSSCKMDInstance *mdInstance,
-    NSSCKFWInstance *fwInstance,
-    CK_RV *pError
-  );
-
-  /*
-   * This object may be extended in future versions of the
-   * NSS Cryptoki Framework.  To allow for some flexibility
-   * in the area of binary compatibility, this field should
-   * be NULL.
-   */
-  void *null;
-};
-
-
-#endif /* NSSCKMDT_H */
diff --git a/security/nss/lib/ckfw/nssckt.h b/security/nss/lib/ckfw/nssckt.h
deleted file mode 100644
index f1b2ef1b5..000000000
--- a/security/nss/lib/ckfw/nssckt.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _NSSCKT_H_
-#define _NSSCKT_H_ 1
-
-#include "pkcs11t.h"
-
-typedef CK_ATTRIBUTE_TYPE CK_PTR CK_ATTRIBUTE_TYPE_PTR;
-#define CK_ENTRY
-
-#endif /* _NSSCKT_H_ */
-
diff --git a/security/nss/lib/ckfw/object.c b/security/nss/lib/ckfw/object.c
deleted file mode 100644
index 1cbcf0172..000000000
--- a/security/nss/lib/ckfw/object.c
+++ /dev/null
@@ -1,1046 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * object.c
- *
- * This file implements the NSSCKFWObject type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWObject
- *
- * -- create/destroy --
- *  nssCKFWObject_Create
- *  nssCKFWObject_Finalize
- *  nssCKFWObject_Destroy
- *
- * -- public accessors --
- *  NSSCKFWObject_GetMDObject
- *  NSSCKFWObject_GetArena
- *  NSSCKFWObject_IsTokenObject
- *  NSSCKFWObject_GetAttributeCount
- *  NSSCKFWObject_GetAttributeTypes
- *  NSSCKFWObject_GetAttributeSize
- *  NSSCKFWObject_GetAttribute
- *  NSSCKFWObject_SetAttribute
- *  NSSCKFWObject_GetObjectSize
- *
- * -- implement public accessors --
- *  nssCKFWObject_GetMDObject
- *  nssCKFWObject_GetArena
- *
- * -- private accessors --
- *  nssCKFWObject_SetHandle
- *  nssCKFWObject_GetHandle
- *
- * -- module fronts --
- *  nssCKFWObject_IsTokenObject
- *  nssCKFWObject_GetAttributeCount
- *  nssCKFWObject_GetAttributeTypes
- *  nssCKFWObject_GetAttributeSize
- *  nssCKFWObject_GetAttribute
- *  nssCKFWObject_SetAttribute
- *  nssCKFWObject_GetObjectSize
- */
-
-struct NSSCKFWObjectStr {
-  NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
-  NSSArena *arena;
-  NSSCKMDObject *mdObject;
-  NSSCKMDSession *mdSession;
-  NSSCKFWSession *fwSession;
-  NSSCKMDToken *mdToken;
-  NSSCKFWToken *fwToken;
-  NSSCKMDInstance *mdInstance;
-  NSSCKFWInstance *fwInstance;
-  CK_OBJECT_HANDLE hObject;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-object_add_pointer
-(
-  const NSSCKFWObject *fwObject
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-object_remove_pointer
-(
-  const NSSCKFWObject *fwObject
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_verifyPointer
-(
-  const NSSCKFWObject *fwObject
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-
-/*
- * nssCKFWObject_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWObject_Create
-(
-  NSSArena *arena,
-  NSSCKMDObject *mdObject,
-  NSSCKFWSession *fwSession,
-  NSSCKFWToken *fwToken,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  NSSCKFWObject *fwObject;
-  nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKFWObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  mdObjectHash = nssCKFWToken_GetMDObjectHash(fwToken);
-  if( (nssCKFWHash *)NULL == mdObjectHash ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( nssCKFWHash_Exists(mdObjectHash, mdObject) ) {
-    fwObject = nssCKFWHash_Lookup(mdObjectHash, mdObject);
-    return fwObject;
-  }
-
-  fwObject = nss_ZNEW(arena, NSSCKFWObject);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKFWObject *)NULL;
-  }
-
-  fwObject->arena = arena;
-  fwObject->mdObject = mdObject;
-  fwObject->fwSession = fwSession;
-
-  if( (NSSCKFWSession *)NULL != fwSession ) {
-    fwObject->mdSession = nssCKFWSession_GetMDSession(fwSession);
-  }
-
-  fwObject->fwToken = fwToken;
-
-  if( (NSSCKFWToken *)NULL != fwToken ) {
-    fwObject->mdToken = nssCKFWToken_GetMDToken(fwToken);
-  }
-
-  fwObject->fwInstance = fwInstance;
-  fwObject->mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
-  fwObject->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == fwObject->mutex ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    return (NSSCKFWObject *)NULL;
-  }
-
-  *pError = nssCKFWHash_Add(mdObjectHash, mdObject, fwObject);
-  if( CKR_OK != *pError ) {
-    nss_ZFreeIf(fwObject);
-    return (NSSCKFWObject *)NULL;
-  }
-
-#ifdef DEBUG
-  *pError = object_add_pointer(fwObject);
-  if( CKR_OK != *pError ) {
-    nssCKFWHash_Remove(mdObjectHash, mdObject);
-    nss_ZFreeIf(fwObject);
-    return (NSSCKFWObject *)NULL;
-  }
-#endif /* DEBUG */
-
-  *pError = CKR_OK;
-  return fwObject;
-}
-
-/*
- * nssCKFWObject_Finalize
- *
- */
-NSS_IMPLEMENT void
-nssCKFWObject_Finalize
-(
-  NSSCKFWObject *fwObject
-)
-{
-  nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  (void)nssCKFWMutex_Destroy(fwObject->mutex);
-
-  if( (void *)NULL != (void *)fwObject->mdObject->Finalize ) {
-    fwObject->mdObject->Finalize(fwObject->mdObject, fwObject,
-      fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
-      fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
-  }
-
-  mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
-  if( (nssCKFWHash *)NULL != mdObjectHash ) {
-    nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
-  }
-
-  nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
-  nss_ZFreeIf(fwObject);
-
-#ifdef DEBUG
-  (void)object_remove_pointer(fwObject);
-#endif /* DEBUG */
-
-  return;
-}
-
-/*
- * nssCKFWObject_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssCKFWObject_Destroy
-(
-  NSSCKFWObject *fwObject
-)
-{
-  nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  (void)nssCKFWMutex_Destroy(fwObject->mutex);
-
-  if( (void *)NULL != (void *)fwObject->mdObject->Destroy ) {
-    fwObject->mdObject->Destroy(fwObject->mdObject, fwObject,
-      fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
-      fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
-  }
-
-  mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
-  if( (nssCKFWHash *)NULL != mdObjectHash ) {
-    nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
-  }
-
-  nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
-  nss_ZFreeIf(fwObject);
-
-#ifdef DEBUG
-  (void)object_remove_pointer(fwObject);
-#endif /* DEBUG */
-
-  return;
-}
-
-/*
- * nssCKFWObject_GetMDObject
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
-  NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return (NSSCKMDObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwObject->mdObject;
-}
-
-/*
- * nssCKFWObject_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWObject_GetArena
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwObject->arena;
-}
-
-/*
- * nssCKFWObject_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
-  NSSCKFWObject *fwObject,
-  CK_OBJECT_HANDLE hObject
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
-  error = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  if( (CK_OBJECT_HANDLE)0 != fwObject->hObject ) {
-    return CKR_GENERAL_ERROR;
-  }
-
-  fwObject->hObject = hObject;
-
-  return CKR_OK;
-}
-
-/*
- * nssCKFWObject_GetHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
-  NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return (CK_OBJECT_HANDLE)0;
-  }
-#endif /* NSSDEBUG */
-
-  return fwObject->hObject;
-}
-
-/*
- * nssCKFWObject_IsTokenObject
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
-  NSSCKFWObject *fwObject
-)
-{
-  CK_BBOOL b = CK_FALSE;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwObject->mdObject->IsTokenObject ) {
-    NSSItem item;
-    NSSItem *pItem;
-    CK_RV rv = CKR_OK;
-
-    item.data = (void *)&b;
-    item.size = sizeof(b);
-
-    pItem = nssCKFWObject_GetAttribute(fwObject, CKA_TOKEN, &item, 
-      (NSSArena *)NULL, &rv);
-    if( (NSSItem *)NULL == pItem ) {
-      /* Error of some type */
-      b = CK_FALSE;
-      goto done;
-    }
-
-    goto done;
-  }
-
-  b = fwObject->mdObject->IsTokenObject(fwObject->mdObject, fwObject, 
-    fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
-    fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
-
- done:
-  return b;
-}
-
-/*
- * nssCKFWObject_GetAttributeCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-  CK_ULONG rv;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeCount ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWMutex_Lock(fwObject->mutex);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-
-  rv = fwObject->mdObject->GetAttributeCount(fwObject->mdObject, fwObject,
-    fwObject->mdSession, fwObject->fwSession, fwObject->mdToken, 
-    fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
-    pError);
-
-  (void)nssCKFWMutex_Unlock(fwObject->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWObject_GetAttributeTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_GetAttributeTypes
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeTypes ) {
-    return CKR_GENERAL_ERROR;
-  }
-
-  error = nssCKFWMutex_Lock(fwObject->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
-    fwObject->mdSession, fwObject->fwSession, fwObject->mdToken, 
-    fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
-    typeArray, ulCount);
-
-  (void)nssCKFWMutex_Unlock(fwObject->mutex);
-  return error;
-}
-
-/*
- * nssCKFWObject_GetAttributeSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  CK_ULONG rv;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeSize ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (CK_ULONG )0;
-  }
-
-  *pError = nssCKFWMutex_Lock(fwObject->mutex);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-
-  rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
-    fwObject->mdSession, fwObject->fwSession, fwObject->mdToken, 
-    fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
-    attribute, pError);
-
-  (void)nssCKFWMutex_Unlock(fwObject->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWObject_GetAttribute
- *
- * Usual NSS allocation rules:
- * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
- * will be allocated.  If itemOpt is not NULL but itemOpt->data is,
- * the buffer will be allocated; otherwise, the buffer will be used.
- * Any allocations will come from the optional arena, if one is
- * specified.
- */
-NSS_IMPLEMENT NSSItem *
-nssCKFWObject_GetAttribute
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *itemOpt,
-  NSSArena *arenaOpt,
-  CK_RV *pError
-)
-{
-  NSSItem *rv = (NSSItem *)NULL;
-  NSSCKFWItem mdItem;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSItem *)NULL;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (NSSItem *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwObject->mdObject->GetAttribute ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSItem *)NULL;
-  }
-
-  *pError = nssCKFWMutex_Lock(fwObject->mutex);
-  if( CKR_OK != *pError ) {
-    return (NSSItem *)NULL;
-  }
-
-  mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
-    fwObject->mdSession, fwObject->fwSession, fwObject->mdToken, 
-    fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
-    attribute, pError);
-
-  if( (NSSItem *)NULL == mdItem.item ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-
-    goto done;
-  }
-
-  if( (NSSItem *)NULL == itemOpt ) {
-    rv = nss_ZNEW(arenaOpt, NSSItem);
-    if( (NSSItem *)NULL == rv ) {
-      *pError = CKR_HOST_MEMORY;
-      goto done;
-    }
-  } else {
-    rv = itemOpt;
-  }
-
-  if( (void *)NULL == rv->data ) {
-    rv->size = mdItem.item->size;
-    rv->data = nss_ZAlloc(arenaOpt, rv->size);
-    if( (void *)NULL == rv->data ) {
-      *pError = CKR_HOST_MEMORY;
-      if( (NSSItem *)NULL == itemOpt ) {
-        nss_ZFreeIf(rv);
-      }
-      rv = (NSSItem *)NULL;
-      goto done;
-    }
-  } else {
-    if( rv->size >= mdItem.item->size ) {
-      rv->size = mdItem.item->size;
-    } else {
-      *pError = CKR_BUFFER_TOO_SMALL;
-      /* Should we set rv->size to mdItem->size? */
-      /* rv can't have been allocated */
-      rv = (NSSItem *)NULL;
-      goto done;
-    }
-  }
-
-  (void)nsslibc_memcpy(rv->data, mdItem.item->data, rv->size);
-
-  if (PR_TRUE == mdItem.needsFreeing) {
-    PR_ASSERT(fwObject->mdObject->FreeAttribute);
-    if (fwObject->mdObject->FreeAttribute) {
-      *pError = fwObject->mdObject->FreeAttribute(&mdItem);
-    }
-  }
-
- done:
-  (void)nssCKFWMutex_Unlock(fwObject->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWObject_SetAttribute
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetAttribute
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *value
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKA_TOKEN == attribute ) {
-    /*
-     * We're changing from a session object to a token object or 
-     * vice-versa.
-     */
-
-    CK_ATTRIBUTE a;
-    NSSCKFWObject *newFwObject;
-    NSSCKFWObject swab;
-
-    a.type = CKA_TOKEN;
-    a.pValue = value->data;
-    a.ulValueLen = value->size;
-
-    newFwObject = nssCKFWSession_CopyObject(fwObject->fwSession, fwObject,
-                    &a, 1, &error);
-    if( (NSSCKFWObject *)NULL == newFwObject ) {
-      if( CKR_OK == error ) {
-        error = CKR_GENERAL_ERROR;
-      }
-      return error;
-    }
-
-    /*
-     * Actually, I bet the locking is worse than this.. this part of
-     * the code could probably use some scrutiny and reworking.
-     */
-    error = nssCKFWMutex_Lock(fwObject->mutex);
-    if( CKR_OK != error ) {
-      nssCKFWObject_Destroy(newFwObject);
-      return error;
-    }
-
-    error = nssCKFWMutex_Lock(newFwObject->mutex);
-    if( CKR_OK != error ) {
-      nssCKFWMutex_Unlock(fwObject->mutex);
-      nssCKFWObject_Destroy(newFwObject);
-      return error;
-    }
-
-    /* 
-     * Now, we have our new object, but it has a new fwObject pointer,
-     * while we have to keep the existing one.  So quick swap the contents.
-     */
-    swab = *fwObject;
-    *fwObject = *newFwObject;
-    *newFwObject = swab;
-
-    /* But keep the mutexes the same */
-    swab.mutex = fwObject->mutex;
-    fwObject->mutex = newFwObject->mutex;
-    newFwObject->mutex = swab.mutex;
-
-    (void)nssCKFWMutex_Unlock(newFwObject->mutex);
-    (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
-    /*
-     * Either remove or add this to the list of session objects
-     */
-
-    if( CK_FALSE == *(CK_BBOOL *)value->data ) {
-      /* 
-       * New one is a session object, except since we "stole" the fwObject, it's
-       * not in the list.  Add it.
-       */
-      nssCKFWSession_RegisterSessionObject(fwObject->fwSession, fwObject);
-    } else {
-      /*
-       * New one is a token object, except since we "stole" the fwObject, it's
-       * in the list.  Remove it.
-       */
-      nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
-    }
-
-    /*
-     * Now delete the old object.  Remember the names have changed.
-     */
-    nssCKFWObject_Destroy(newFwObject);
-
-    return CKR_OK;
-  } else {
-    /*
-     * An "ordinary" change.
-     */
-    if( (void *)NULL == (void *)fwObject->mdObject->SetAttribute ) {
-      /* We could fake it with copying, like above.. later */
-      return CKR_ATTRIBUTE_READ_ONLY;
-    }
-
-    error = nssCKFWMutex_Lock(fwObject->mutex);
-    if( CKR_OK != error ) {
-      return error;
-    }
-
-    error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
-      fwObject->mdSession, fwObject->fwSession, fwObject->mdToken, 
-      fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
-      attribute, value);
-
-    (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
-    return error;
-  }
-}
-
-/*
- * nssCKFWObject_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetObjectSize
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-  CK_ULONG rv;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwObject->mdObject->GetObjectSize ) {
-    *pError = CKR_INFORMATION_SENSITIVE;
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWMutex_Lock(fwObject->mutex);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-
-  rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
-    fwObject->mdSession, fwObject->fwSession, fwObject->mdToken, 
-    fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
-    pError);
-
-  (void)nssCKFWMutex_Unlock(fwObject->mutex);
-  return rv;
-}
-
-/*
- * NSSCKFWObject_GetMDObject
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
-  NSSCKFWObject *fwObject
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return (NSSCKMDObject *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetMDObject(fwObject);
-}
-
-/*
- * NSSCKFWObject_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-NSSCKFWObject_GetArena
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetArena(fwObject, pError);
-}
-
-/*
- * NSSCKFWObject_IsTokenObject
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
-  NSSCKFWObject *fwObject
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
-    return CK_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_IsTokenObject(fwObject);
-}
-
-/*
- * NSSCKFWObject_GetAttributeCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetAttributeCount(fwObject, pError);
-}
-
-/*
- * NSSCKFWObject_GetAttributeTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-)
-{
-#ifdef DEBUG
-  CK_RV error = CKR_OK;
-
-  error = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetAttributeTypes(fwObject, typeArray, ulCount);
-}
-
-/*
- * NSSCKFWObject_GetAttributeSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetAttributeSize(fwObject, attribute, pError);
-}
-
-/*
- * NSSCKFWObject_GetAttribute
- *
- */
-NSS_IMPLEMENT NSSItem *
-NSSCKFWObject_GetAttribute
-(
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *itemOpt,
-  NSSArena *arenaOpt,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSItem *)NULL;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (NSSItem *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetAttribute(fwObject, attribute, itemOpt, arenaOpt, pError);
-}
-
-/*
- * NSSCKFWObject_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
-  NSSCKFWObject *fwObject,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWObject_GetObjectSize(fwObject, pError);
-}
diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c
deleted file mode 100644
index 4e8fe2c18..000000000
--- a/security/nss/lib/ckfw/session.c
+++ /dev/null
@@ -1,1962 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * session.c
- *
- * This file implements the NSSCKFWSession type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWSession
- *
- *  -- create/destroy --
- *  nssCKFWSession_Create
- *  nssCKFWSession_Destroy
- *
- *  -- public accessors --
- *  NSSCKFWSession_GetMDSession
- *  NSSCKFWSession_GetArena
- *  NSSCKFWSession_CallNotification
- *  NSSCKFWSession_IsRWSession
- *  NSSCKFWSession_IsSO
- *
- *  -- implement public accessors --
- *  nssCKFWSession_GetMDSession
- *  nssCKFWSession_GetArena
- *  nssCKFWSession_CallNotification
- *  nssCKFWSession_IsRWSession
- *  nssCKFWSession_IsSO
- *
- *  -- private accessors --
- *  nssCKFWSession_GetSlot
- *  nssCKFWSession_GetSessionState
- *  nssCKFWSession_SetFWFindObjects
- *  nssCKFWSession_GetFWFindObjects
- *  nssCKFWSession_SetMDSession
- *  nssCKFWSession_SetHandle
- *  nssCKFWSession_GetHandle
- *  nssCKFWSession_RegisterSessionObject
- *  nssCKFWSession_DeegisterSessionObject
- *
- *  -- module fronts --
- *  nssCKFWSession_GetDeviceError
- *  nssCKFWSession_Login
- *  nssCKFWSession_Logout
- *  nssCKFWSession_InitPIN
- *  nssCKFWSession_SetPIN
- *  nssCKFWSession_GetOperationStateLen
- *  nssCKFWSession_GetOperationState
- *  nssCKFWSession_SetOperationState
- *  nssCKFWSession_CreateObject
- *  nssCKFWSession_CopyObject
- *  nssCKFWSession_FindObjectsInit
- *  nssCKFWSession_SeedRandom
- *  nssCKFWSession_GetRandom
- */
-
-struct NSSCKFWSessionStr {
-  NSSArena *arena;
-  NSSCKMDSession *mdSession;
-  NSSCKFWToken *fwToken;
-  NSSCKMDToken *mdToken;
-  NSSCKFWInstance *fwInstance;
-  NSSCKMDInstance *mdInstance;
-  CK_VOID_PTR pApplication;
-  CK_NOTIFY Notify;
-
-  /*
-   * Everything above is set at creation time, and then not modified.
-   * The items below are atomic.  No locking required.  If we fear
-   * about pointer-copies being nonatomic, we'll lock fwFindObjects.
-   */
-
-  CK_BBOOL rw;
-  NSSCKFWFindObjects *fwFindObjects;
-  nssCKFWHash *sessionObjectHash;
-  CK_SESSION_HANDLE hSession;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-session_add_pointer
-(
-  const NSSCKFWSession *fwSession
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-session_remove_pointer
-(
-  const NSSCKFWSession *fwSession
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_verifyPointer
-(
-  const NSSCKFWSession *fwSession
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWSession_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWSession_Create
-(
-  NSSCKFWToken *fwToken,
-  CK_BBOOL rw,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_RV *pError
-)
-{
-  NSSArena *arena = (NSSArena *)NULL;
-  NSSCKFWSession *fwSession;
-  NSSCKFWSlot *fwSlot;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWSession *)NULL;
-  }
-
-  *pError = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWSession *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  arena = NSSArena_Create();
-  if( (NSSArena *)NULL == arena ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKFWSession *)NULL;
-  }
-
-  fwSession = nss_ZNEW(arena, NSSCKFWSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  fwSession->arena = arena;
-  fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
-  fwSession->fwToken = fwToken;
-  fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
-
-  fwSlot = nssCKFWToken_GetFWSlot(fwToken);
-  fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
-  fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
-
-  fwSession->rw = rw;
-  fwSession->pApplication = pApplication;
-  fwSession->Notify = Notify;
-
-  fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
-
-  fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
-  if( (nssCKFWHash *)NULL == fwSession->sessionObjectHash ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto loser;
-  }
-
-#ifdef DEBUG
-  *pError = session_add_pointer(fwSession);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return fwSession;
-
- loser:
-  if( (NSSArena *)NULL != arena ) {
-    if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
-      (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
-    }
-    NSSArena_Destroy(arena);
-  }
-
-  return (NSSCKFWSession *)NULL;
-}
-
-static void
-nss_ckfw_session_object_destroy_iterator
-(
-  const void *key,
-  void *value,
-  void *closure
-)
-{
-  NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
-  nssCKFWObject_Finalize(fwObject);
-}
-
-/*
- * nssCKFWSession_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Destroy
-(
-  NSSCKFWSession *fwSession,
-  CK_BBOOL removeFromTokenHash
-)
-{
-  CK_RV error = CKR_OK;
-  nssCKFWHash *sessionObjectHash;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  if( removeFromTokenHash ) {
-    error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
-  }
-
-  /*
-   * Invalidate session objects
-   */
-
-  sessionObjectHash = fwSession->sessionObjectHash;
-  fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
-
-  nssCKFWHash_Iterate(sessionObjectHash, 
-                      nss_ckfw_session_object_destroy_iterator, 
-                      (void *)NULL);
-
-#ifdef DEBUG
-  (void)session_remove_pointer(fwSession);
-#endif /* DEBUG */
-  (void)nssCKFWHash_Destroy(sessionObjectHash);
-  NSSArena_Destroy(fwSession->arena);
-
-  return error;
-}
-
-/*
- * nssCKFWSession_GetMDSession
- *
- */
-NSS_IMPLEMENT NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return (NSSCKMDSession *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSession->mdSession;
-}
-
-/*
- * nssCKFWSession_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWSession_GetArena
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSession->arena;
-}
-
-/*
- * nssCKFWSession_CallNotification
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_CallNotification
-(
-  NSSCKFWSession *fwSession,
-  CK_NOTIFICATION event
-)
-{
-  CK_RV error = CKR_OK;
-  CK_SESSION_HANDLE handle;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  if( (CK_NOTIFY)NULL == fwSession->Notify ) {
-    return CKR_OK;
-  }
-
-  handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
-  if( (CK_SESSION_HANDLE)0 == handle ) {
-    return CKR_GENERAL_ERROR;
-  }
-
-  error = fwSession->Notify(handle, event, fwSession->pApplication);
-
-  return error;
-}
-
-/*
- * nssCKFWSession_IsRWSession
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsRWSession
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSession->rw;
-}
-
-/*
- * nssCKFWSession_IsSO
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsSO
-(
-  NSSCKFWSession *fwSession
-)
-{
-  CK_STATE state;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  state = nssCKFWToken_GetSessionState(fwSession->fwToken);
-  switch( state ) {
-  case CKS_RO_PUBLIC_SESSION:
-  case CKS_RO_USER_FUNCTIONS:
-  case CKS_RW_PUBLIC_SESSION:
-  case CKS_RW_USER_FUNCTIONS:
-    return CK_FALSE;
-  case CKS_RW_SO_FUNCTIONS:
-    return CK_TRUE;
-  default:
-    return CK_FALSE;
-  }
-}
-
-/*
- * nssCKFWSession_GetFWSlot
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return nssCKFWToken_GetFWSlot(fwSession->fwToken);
-}
-
-/*
- * nssCFKWSession_GetSessionState
- *
- */
-NSS_IMPLEMENT CK_STATE
-nssCKFWSession_GetSessionState
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CKS_RO_PUBLIC_SESSION; /* whatever */
-  }
-#endif /* NSSDEBUG */
-
-  return nssCKFWToken_GetSessionState(fwSession->fwToken);
-}
-
-/*
- * nssCKFWSession_SetFWFindObjects
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetFWFindObjects
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  /* fwFindObjects may be null */
-#endif /* NSSDEBUG */
-
-  if( ((NSSCKFWFindObjects *)NULL != fwSession->fwFindObjects) &&
-      ((NSSCKFWFindObjects *)NULL != fwFindObjects) ) {
-    return CKR_OPERATION_ACTIVE;
-  }
-
-  fwSession->fwFindObjects = fwFindObjects;
-
-  return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetFWFindObjects
- *
- */
-NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWFindObjects *)NULL;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWFindObjects *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSCKFWFindObjects *)NULL == fwSession->fwFindObjects ) {
-    *pError = CKR_OPERATION_NOT_INITIALIZED;
-    return (NSSCKFWFindObjects *)NULL;
-  }
-
-  return fwSession->fwFindObjects;
-}
-
-/*
- * nssCKFWSession_SetMDSession
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetMDSession
-(
-  NSSCKFWSession *fwSession,
-  NSSCKMDSession *mdSession
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSCKMDSession *)NULL == mdSession ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSCKMDSession *)NULL != fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-
-  fwSession->mdSession = mdSession;
-
-  return CKR_OK;
-}
-
-/*
- * nssCKFWSession_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetHandle
-(
-  NSSCKFWSession *fwSession,
-  CK_SESSION_HANDLE hSession
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-
-  fwSession->hSession = hSession;
-
-  return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSession->hSession;
-}
-
-/*
- * nssCKFWSession_RegisterSessionObject
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_RegisterSessionObject
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWObject *fwObject
-)
-{
-  CK_RV rv = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
-    rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
-  }
-
-  return rv;
-}
-
-/*
- * nssCKFWSession_DeregisterSessionObject
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
-    nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
-  }
-
-  return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetDeviceError
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetDeviceError
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return (CK_ULONG)0;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->GetDeviceError ) {
-    return (CK_ULONG)0;
-  }
-
-  return fwSession->mdSession->GetDeviceError(fwSession->mdSession, 
-    fwSession, fwSession->mdToken, fwSession->fwToken, 
-    fwSession->mdInstance, fwSession->fwInstance);
-}
-
-/*
- * nssCKFWSession_Login
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Login
-(
-  NSSCKFWSession *fwSession,
-  CK_USER_TYPE userType,
-  NSSItem *pin
-)
-{
-  CK_RV error = CKR_OK;
-  CK_STATE oldState;
-  CK_STATE newState;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  switch( userType ) {
-  case CKU_SO:
-  case CKU_USER:
-    break;
-  default:
-    return CKR_USER_TYPE_INVALID;
-  }
-
-  if( (NSSItem *)NULL == pin ) {
-    if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken) ) {
-      return CKR_ARGUMENTS_BAD;
-    }
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
-  /*
-   * It's not clear what happens when you're already logged in.
-   * I'll just fail; but if we decide to change, the logic is
-   * all right here.
-   */
-
-  if( CKU_SO == userType ) {
-    switch( oldState ) {
-    case CKS_RO_PUBLIC_SESSION:      
-      /*
-       * There's no such thing as a read-only security officer
-       * session, so fail.  The error should be CKR_SESSION_READ_ONLY,
-       * except that C_Login isn't defined to return that.  So we'll
-       * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
-       */
-      return CKR_SESSION_READ_ONLY_EXISTS;
-    case CKS_RO_USER_FUNCTIONS:
-      return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
-    case CKS_RW_PUBLIC_SESSION:
-      newState = CKS_RW_SO_FUNCTIONS;
-      break;
-    case CKS_RW_USER_FUNCTIONS:
-      return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
-    case CKS_RW_SO_FUNCTIONS:
-      return CKR_USER_ALREADY_LOGGED_IN;
-    default:
-      return CKR_GENERAL_ERROR;
-    }
-  } else /* CKU_USER == userType */ {
-    switch( oldState ) {
-    case CKS_RO_PUBLIC_SESSION:      
-      newState = CKS_RO_USER_FUNCTIONS;
-      break;
-    case CKS_RO_USER_FUNCTIONS:
-      return CKR_USER_ALREADY_LOGGED_IN;
-    case CKS_RW_PUBLIC_SESSION:
-      newState = CKS_RW_USER_FUNCTIONS;
-      break;
-    case CKS_RW_USER_FUNCTIONS:
-      return CKR_USER_ALREADY_LOGGED_IN;
-    case CKS_RW_SO_FUNCTIONS:
-      return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
-    default:
-      return CKR_GENERAL_ERROR;
-    }
-  }
-
-  /*
-   * So now we're in one of three cases:
-   *
-   * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
-   * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
-   * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
-   */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->Login ) {
-    /*
-     * The Module doesn't want to be informed (or check the pin)
-     * it'll just rely on the Framework as needed.
-     */
-    ;
-  } else {
-    error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
-      fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-      fwSession->fwInstance, userType, pin, oldState, newState);
-    if( CKR_OK != error ) {
-      return error;
-    }
-  }
-
-  (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
-  return CKR_OK;
-}
-
-/*
- * nssCKFWSession_Logout
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Logout
-(
-  NSSCKFWSession *fwSession
-)
-{
-  CK_RV error = CKR_OK;
-  CK_STATE oldState;
-  CK_STATE newState;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
-  switch( oldState ) {
-  case CKS_RO_PUBLIC_SESSION:
-    return CKR_USER_NOT_LOGGED_IN;
-  case CKS_RO_USER_FUNCTIONS:
-    newState = CKS_RO_PUBLIC_SESSION;
-    break;
-  case CKS_RW_PUBLIC_SESSION:
-    return CKR_USER_NOT_LOGGED_IN;
-  case CKS_RW_USER_FUNCTIONS:
-    newState = CKS_RW_PUBLIC_SESSION;
-    break;
-  case CKS_RW_SO_FUNCTIONS:
-    newState = CKS_RW_PUBLIC_SESSION;
-    break;
-  default:
-    return CKR_GENERAL_ERROR;
-  }
-
-  /*
-   * So now we're in one of three cases:
-   *
-   * Old == CKS_RW_SO_FUNCTIONS,   New == CKS_RW_PUBLIC_SESSION;
-   * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
-   * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
-   */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->Logout ) {
-    /*
-     * The Module doesn't want to be informed.  Okay.
-     */
-    ;
-  } else {
-    error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
-      fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-      fwSession->fwInstance, oldState, newState);
-    if( CKR_OK != error ) {
-      /*
-       * Now what?!  A failure really should end up with the Framework
-       * considering it logged out, right?
-       */
-      ;
-    }
-  }
-
-  (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
-  return error;
-}
-
-/*
- * nssCKFWSession_InitPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_InitPIN
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *pin
-)
-{
-  CK_RV error = CKR_OK;
-  CK_STATE state;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  state = nssCKFWToken_GetSessionState(fwSession->fwToken);
-  if( CKS_RW_SO_FUNCTIONS != state ) {
-    return CKR_USER_NOT_LOGGED_IN;
-  }
-
-  if( (NSSItem *)NULL == pin ) {
-    CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
-    if( CK_TRUE != has ) {
-      return CKR_ARGUMENTS_BAD;
-    }
-  }
-
-  if( (void *)NULL == (void *)fwSession->mdSession->InitPIN ) {
-    return CKR_TOKEN_WRITE_PROTECTED;
-  }
-
-  error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
-    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-    fwSession->fwInstance, pin);
-
-  return error;
-}
-
-/*
- * nssCKFWSession_SetPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetPIN
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *newPin,
-  NSSItem *oldPin
-)
-{
-  CK_RV error = CKR_OK;
-  CK_STATE state;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  state = nssCKFWToken_GetSessionState(fwSession->fwToken);
-  if( (CKS_RW_SO_FUNCTIONS != state) &&
-      (CKS_RW_USER_FUNCTIONS != state) ) {
-    return CKR_USER_NOT_LOGGED_IN;
-  }
-
-  if( (NSSItem *)NULL == newPin ) {
-    CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
-    if( CK_TRUE != has ) {
-      return CKR_ARGUMENTS_BAD;
-    }
-  }
-
-  if( (NSSItem *)NULL == oldPin ) {
-    CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
-    if( CK_TRUE != has ) {
-      return CKR_ARGUMENTS_BAD;
-    }
-  }
-
-  if( (void *)NULL == (void *)fwSession->mdSession->SetPIN ) {
-    return CKR_TOKEN_WRITE_PROTECTED;
-  }
-
-  error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
-    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-    fwSession->fwInstance, newPin, oldPin);
-
-  return error;
-}
-
-/*
- * nssCKFWSession_GetOperationStateLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-)
-{
-  CK_ULONG mdAmt;
-  CK_ULONG fwAmt;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (CK_ULONG)0;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != *pError ) {
-    return (CK_ULONG)0;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->GetOperationStateLen ) {
-    *pError = CKR_STATE_UNSAVEABLE;
-  }
-
-  /*
-   * We could check that the session is actually in some state..
-   */
-
-  mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
-    fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-    fwSession->fwInstance, pError);
-
-  if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) {
-    return (CK_ULONG)0;
-  }
-
-  /*
-   * Add a bit of sanity-checking
-   */
-  fwAmt = mdAmt + 2*sizeof(CK_ULONG);
-
-  return fwAmt;
-}
-
-/*
- * nssCKFWSession_GetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetOperationState
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *buffer
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG fwAmt;
-  CK_ULONG *ulBuffer;
-  NSSItem i2;
-  CK_ULONG n, i;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSItem *)NULL == buffer ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (void *)NULL == buffer->data ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->GetOperationState ) {
-    return CKR_STATE_UNSAVEABLE;
-  }
-
-  /*
-   * Sanity-check the caller's buffer.
-   */
-
-  error = CKR_OK;
-  fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
-  if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) {
-    return error;
-  }
-
-  if( buffer->size < fwAmt ) {
-    return CKR_BUFFER_TOO_SMALL;
-  }
-
-  ulBuffer = (CK_ULONG *)buffer->data;
-
-  i2.size = buffer->size - 2*sizeof(CK_ULONG);
-  i2.data = (void *)&ulBuffer[2];
-
-  error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
-    fwSession, fwSession->mdToken, fwSession->fwToken, 
-    fwSession->mdInstance, fwSession->fwInstance, &i2);
-
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  /*
-   * Add a little integrety/identity check.  
-   * NOTE: right now, it's pretty stupid.  
-   * A CRC or something would be better.
-   */
-
-  ulBuffer[0] = 0x434b4657; /* CKFW */
-  ulBuffer[1] = 0;
-  n = i2.size/sizeof(CK_ULONG);
-  for( i = 0; i < n; i++ ) {
-    ulBuffer[1] ^= ulBuffer[2+i];
-  }
-
-  return CKR_OK;
-}
-
-/*
- * nssCKFWSession_SetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetOperationState
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *state,
-  NSSCKFWObject *encryptionKey,
-  NSSCKFWObject *authenticationKey
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG *ulBuffer;
-  CK_ULONG n, i;
-  CK_ULONG x;
-  NSSItem s;
-  NSSCKMDObject *mdek;
-  NSSCKMDObject *mdak;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSItem *)NULL == state ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (void *)NULL == state->data ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (NSSCKFWObject *)NULL != encryptionKey ) {
-    error = nssCKFWObject_verifyPointer(encryptionKey);
-    if( CKR_OK != error ) {
-      return error;
-    }
-  }
-
-  if( (NSSCKFWObject *)NULL != authenticationKey ) {
-    error = nssCKFWObject_verifyPointer(authenticationKey);
-    if( CKR_OK != error ) {
-      return error;
-    }
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  ulBuffer = (CK_ULONG *)state->data;
-  if( 0x43b4657 != ulBuffer[0] ) {
-    return CKR_SAVED_STATE_INVALID;
-  }
-  n = (state->size / sizeof(CK_ULONG)) - 2;
-  x = (CK_ULONG)0;
-  for( i = 0; i < n; i++ ) {
-    x ^= ulBuffer[2+i];
-  }
-
-  if( x != ulBuffer[1] ) {
-    return CKR_SAVED_STATE_INVALID;
-  }
-
-  if( (void *)NULL == (void *)fwSession->mdSession->SetOperationState ) {
-    return CKR_GENERAL_ERROR;
-  }
-
-  s.size = state->size - 2*sizeof(CK_ULONG);
-  s.data = (void *)&ulBuffer[2];
-
-  if( (NSSCKFWObject *)NULL != encryptionKey ) {
-    mdek = nssCKFWObject_GetMDObject(encryptionKey);
-  } else {
-    mdek = (NSSCKMDObject *)NULL;
-  }
-
-  if( (NSSCKFWObject *)NULL != authenticationKey ) {
-    mdak = nssCKFWObject_GetMDObject(authenticationKey);
-  } else {
-    mdak = (NSSCKMDObject *)NULL;
-  }
-
-  error = fwSession->mdSession->SetOperationState(fwSession->mdSession, 
-    fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-    fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
-
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  /*
-   * Here'd we restore any session data
-   */
-  
-  return CKR_OK;
-}
-
-static CK_BBOOL
-nss_attributes_form_token_object
-(
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount
-)
-{
-  CK_ULONG i;
-  CK_BBOOL rv;
-
-  for( i = 0; i < ulAttributeCount; i++ ) {
-    if( CKA_TOKEN == pTemplate[i].type ) {
-      /* If we sanity-check, we can remove this sizeof check */
-      if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) {
-        (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
-        return rv;
-      } else {
-        return CK_FALSE;
-      }
-    }
-  }
-
-  return CK_FALSE;
-}
-
-/*
- * nssCKFWSession_CreateObject
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
-  NSSCKFWSession *fwSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  NSSArena *arena;
-  NSSCKMDObject *mdObject;
-  NSSCKFWObject *fwObject;
-  CK_BBOOL isTokenObject;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSCKFWObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * Here would be an excellent place to sanity-check the object.
-   */
-
-  isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
-  if( CK_TRUE == isTokenObject ) {
-    /* === TOKEN OBJECT === */
-
-    if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
-      *pError = CKR_TOKEN_WRITE_PROTECTED;
-      return (NSSCKFWObject *)NULL;
-    }
-
-    arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
-    if( (NSSArena *)NULL == arena ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      return (NSSCKFWObject *)NULL;
-    }
-
-    goto callmdcreateobject;
-  } else {
-    /* === SESSION OBJECT === */
-
-    arena = nssCKFWSession_GetArena(fwSession, pError);
-    if( (NSSArena *)NULL == arena ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      return (NSSCKFWObject *)NULL;
-    }
-
-    if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
-                     fwSession->fwInstance) ) {
-      /* --- module handles the session object -- */
-
-      if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
-        *pError = CKR_GENERAL_ERROR;
-        return (NSSCKFWObject *)NULL;
-      }
-      
-      goto callmdcreateobject;
-    } else {
-      /* --- framework handles the session object -- */
-      mdObject = nssCKMDSessionObject_Create(fwSession->fwToken, 
-        arena, pTemplate, ulAttributeCount, pError);
-      goto gotmdobject;
-    }
-  }
-
- callmdcreateobject:
-  mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
-    fwSession, fwSession->mdToken, fwSession->fwToken,
-    fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
-    ulAttributeCount, pError);
-
- gotmdobject:
-  if( (NSSCKMDObject *)NULL == mdObject ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    return (NSSCKFWObject *)NULL;
-  }
-
-  fwObject = nssCKFWObject_Create(arena, mdObject, fwSession, 
-    fwSession->fwToken, fwSession->fwInstance, pError);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    
-    if( (void *)NULL != (void *)mdObject->Destroy ) {
-      (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
-        fwSession->mdSession, fwSession, fwSession->mdToken,
-        fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
-    }
-    
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( CK_FALSE == isTokenObject ) {
-    if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) {
-      *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
-      if( CKR_OK != *pError ) {
-        nssCKFWObject_Finalize(fwObject);
-        return (NSSCKFWObject *)NULL;
-      }
-    }
-  }
-  
-  return fwObject;
-}
-
-/*
- * nssCKFWSession_CopyObject
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
-  NSSCKFWSession *fwSession,
-  NSSCKFWObject *fwObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  CK_BBOOL oldIsToken;
-  CK_BBOOL newIsToken;
-  CK_ULONG i;
-  NSSCKFWObject *rv;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  *pError = nssCKFWObject_verifyPointer(fwObject);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWObject *)NULL;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSCKFWObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * Sanity-check object
-   */
-
-  oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
-
-  newIsToken = oldIsToken;
-  for( i = 0; i < ulAttributeCount; i++ ) {
-    if( CKA_TOKEN == pTemplate[i].type ) {
-      /* Since we sanity-checked the object, we know this is the right size. */
-      (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
-      break;
-    }
-  }
-
-  /*
-   * If the Module handles its session objects, or if both the new
-   * and old object are token objects, use CopyObject if it exists.
-   */
-
-  if( ((void *)NULL != (void *)fwSession->mdSession->CopyObject) &&
-      (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
-       (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
-                     fwSession->fwInstance))) ) {
-    /* use copy object */
-    NSSArena *arena;
-    NSSCKMDObject *mdOldObject;
-    NSSCKMDObject *mdObject;
-
-    mdOldObject = nssCKFWObject_GetMDObject(fwObject);
-
-    if( CK_TRUE == newIsToken ) {
-      arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
-    } else {
-      arena = nssCKFWSession_GetArena(fwSession, pError);
-    }
-    if( (NSSArena *)NULL == arena ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      return (NSSCKFWObject *)NULL;
-    }
-
-    mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
-      fwSession, fwSession->mdToken, fwSession->fwToken,
-      fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
-      fwObject, arena, pTemplate, ulAttributeCount, pError);
-    if( (NSSCKMDObject *)NULL == mdObject ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      return (NSSCKFWObject *)NULL;
-    }
-
-    rv = nssCKFWObject_Create(arena, mdObject, fwSession,
-      fwSession->fwToken, fwSession->fwInstance, pError);
-    if( (NSSCKFWObject *)NULL == fwObject ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-
-      if( (void *)NULL != (void *)mdObject->Destroy ) {
-        (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
-          fwSession->mdSession, fwSession, fwSession->mdToken,
-          fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
-      }
-    
-      return (NSSCKFWObject *)NULL;
-    }
-
-    if( CK_FALSE == newIsToken ) {
-      if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
-        *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
-        if( CKR_OK != *pError ) {
-          nssCKFWObject_Finalize(rv);
-          return (NSSCKFWObject *)NULL;
-        }
-      }
-    }
-
-    return rv;
-  } else {
-    /* use create object */
-    NSSArena *tmpArena;
-    CK_ATTRIBUTE_PTR newTemplate;
-    CK_ULONG i, j, n, newLength, k;
-    CK_ATTRIBUTE_TYPE_PTR oldTypes;
-    NSSCKFWObject *rv;
-    
-    tmpArena = NSSArena_Create();
-    if( (NSSArena *)NULL == tmpArena ) {
-      *pError = CKR_HOST_MEMORY;
-      return (NSSCKFWObject *)NULL;
-    }
-
-    n = nssCKFWObject_GetAttributeCount(fwObject, pError);
-    if( (0 == n) && (CKR_OK != *pError) ) {
-      return (NSSCKFWObject *)NULL;
-    }
-
-    oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
-    if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) {
-      NSSArena_Destroy(tmpArena);
-      *pError = CKR_HOST_MEMORY;
-      return (NSSCKFWObject *)NULL;
-    }
-
-    *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
-    if( CKR_OK != *pError ) {
-      NSSArena_Destroy(tmpArena);
-      return (NSSCKFWObject *)NULL;
-    }
-
-    newLength = n;
-    for( i = 0; i < ulAttributeCount; i++ ) {
-      for( j = 0; j < n; j++ ) {
-        if( oldTypes[j] == pTemplate[i].type ) {
-          if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
-            /* Removing the attribute */
-            newLength--;
-          }
-          break;
-        }
-      }
-      if( j == n ) {
-        /* Not found */
-        newLength++;
-      }
-    }
-
-    newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
-    if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) {
-      NSSArena_Destroy(tmpArena);
-      *pError = CKR_HOST_MEMORY;
-      return (NSSCKFWObject *)NULL;
-    }
-
-    k = 0;
-    for( j = 0; j < n; j++ ) {
-      for( i = 0; i < ulAttributeCount; i++ ) {
-        if( oldTypes[j] == pTemplate[i].type ) {
-          if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
-            /* This attribute is being deleted */
-            ;
-          } else {
-            /* This attribute is being replaced */
-            newTemplate[k].type = pTemplate[i].type;
-            newTemplate[k].pValue = pTemplate[i].pValue;
-            newTemplate[k].ulValueLen = pTemplate[i].ulValueLen;
-            k++;
-          }
-          break;
-        }
-      }
-      if( i == ulAttributeCount ) {
-        /* This attribute is being copied over from the old object */
-        NSSItem item, *it;
-        item.size = 0;
-        item.data = (void *)NULL;
-        it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
-          &item, tmpArena, pError);
-        if( (NSSItem *)NULL == it ) {
-          if( CKR_OK == *pError ) {
-            *pError = CKR_GENERAL_ERROR;
-          }
-          NSSArena_Destroy(tmpArena);
-          return (NSSCKFWObject *)NULL;
-        }
-        newTemplate[k].type = oldTypes[j];
-        newTemplate[k].pValue = it->data;
-        newTemplate[k].ulValueLen = it->size;
-        k++;
-      }
-    }
-    /* assert that k == newLength */
-
-    rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
-    if( (NSSCKFWObject *)NULL == rv ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      NSSArena_Destroy(tmpArena);
-      return (NSSCKFWObject *)NULL;
-    }
-
-    NSSArena_Destroy(tmpArena);
-    return rv;
-  }
-}
-
-/*
- * nssCKFWSession_FindObjectsInit
- *
- */
-NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
-  NSSCKFWSession *fwSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_RV *pError
-)
-{
-  NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
-  NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWFindObjects *)NULL;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWFindObjects *)NULL;
-  }
-
-  if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKFWFindObjects *)NULL;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSCKFWFindObjects *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
-                   fwSession->fwInstance) ) {
-    CK_ULONG i;
-
-    /*
-     * Does the search criteria restrict us to token or session
-     * objects?
-     */
-
-    for( i = 0; i < ulAttributeCount; i++ ) {
-      if( CKA_TOKEN == pTemplate[i].type ) {
-        /* Yes, it does. */
-        CK_BBOOL isToken;
-        if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) {
-          *pError = CKR_ATTRIBUTE_VALUE_INVALID;
-          return (NSSCKFWFindObjects *)NULL;
-        }
-        (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
-
-        if( CK_TRUE == isToken ) {
-          /* Pass it on to the module's search routine */
-          if( (void *)NULL == (void *)fwSession->mdSession->FindObjectsInit ) {
-            goto wrap;
-          }
-
-          mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
-                    fwSession, fwSession->mdToken, fwSession->fwToken,
-                    fwSession->mdInstance, fwSession->fwInstance, 
-                    pTemplate, ulAttributeCount, pError);
-        } else {
-          /* Do the search ourselves */
-          mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken, 
-                    pTemplate, ulAttributeCount, pError);
-        }
-
-        if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
-          if( CKR_OK == *pError ) {
-            *pError = CKR_GENERAL_ERROR;
-          }
-          return (NSSCKFWFindObjects *)NULL;
-        }
-        
-        goto wrap;
-      }
-    }
-
-    if( i == ulAttributeCount ) {
-      /* No, it doesn't.  Do a hybrid search. */
-      mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
-                fwSession, fwSession->mdToken, fwSession->fwToken,
-                fwSession->mdInstance, fwSession->fwInstance, 
-                pTemplate, ulAttributeCount, pError);
-
-      if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
-        if( CKR_OK == *pError ) {
-          *pError = CKR_GENERAL_ERROR;
-        }
-        return (NSSCKFWFindObjects *)NULL;
-      }
-
-      mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
-                pTemplate, ulAttributeCount, pError);
-      if( (NSSCKMDFindObjects *)NULL == mdfo2 ) {
-        if( CKR_OK == *pError ) {
-          *pError = CKR_GENERAL_ERROR;
-        }
-        if( (void *)NULL != (void *)mdfo1->Final ) {
-          mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
-            fwSession, fwSession->mdToken, fwSession->fwToken, 
-            fwSession->mdInstance, fwSession->fwInstance);
-        }
-        return (NSSCKFWFindObjects *)NULL;
-      }
-
-      goto wrap;
-    }
-    /*NOTREACHED*/
-  } else {
-    /* Module handles all its own objects.  Pass on to module's search */
-    mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
-              fwSession, fwSession->mdToken, fwSession->fwToken,
-              fwSession->mdInstance, fwSession->fwInstance, 
-              pTemplate, ulAttributeCount, pError);
-
-    if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      return (NSSCKFWFindObjects *)NULL;
-    }
-
-    goto wrap;
-  }
-
- wrap:
-  return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
-           fwSession->fwInstance, mdfo1, mdfo2, pError);
-}
-
-/*
- * nssCKFWSession_SeedRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SeedRandom
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *seed
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSItem *)NULL == seed ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (void *)NULL == seed->data ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( 0 == seed->size ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->SeedRandom ) {
-    return CKR_RANDOM_SEED_NOT_SUPPORTED;
-  }
-
-  error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
-    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-    fwSession->fwInstance, seed);
-
-  return error;
-}
-
-/*
- * nssCKFWSession_GetRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetRandom
-(
-  NSSCKFWSession *fwSession,
-  NSSItem *buffer
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSItem *)NULL == buffer ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (void *)NULL == buffer->data ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
-    return CKR_GENERAL_ERROR;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSession->mdSession->GetRandom ) {
-    if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) {
-      return CKR_GENERAL_ERROR;
-    } else {
-      return CKR_RANDOM_NO_RNG;
-    }
-  }
-
-  if( 0 == buffer->size ) {
-    return CKR_OK;
-  }
-
-  error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
-    fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
-    fwSession->fwInstance, buffer);
-
-  return error;
-}
-
-/*
- * NSSCKFWSession_GetMDSession
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return (NSSCKMDSession *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSession_GetMDSession(fwSession);
-}
-
-/*
- * NSSCKFWSession_GetArena
- *
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSCKFWSession_GetArena
-(
-  NSSCKFWSession *fwSession,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSession_GetArena(fwSession, pError);
-}
-
-/*
- * NSSCKFWSession_CallNotification
- *
- */
-
-NSS_IMPLEMENT CK_RV
-NSSCKFWSession_CallNotification
-(
-  NSSCKFWSession *fwSession,
-  CK_NOTIFICATION event
-)
-{
-#ifdef DEBUG
-  CK_RV error = CKR_OK;
-
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSession_CallNotification(fwSession, event);
-}
-
-/*
- * NSSCKFWSession_IsRWSession
- *
- */
-
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CK_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSession_IsRWSession(fwSession);
-}
-
-/*
- * NSSCKFWSession_IsSO
- *
- */
-
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsSO
-(
-  NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
-    return CK_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSession_IsSO(fwSession);
-}
diff --git a/security/nss/lib/ckfw/sessobj.c b/security/nss/lib/ckfw/sessobj.c
deleted file mode 100644
index 66555fe23..000000000
--- a/security/nss/lib/ckfw/sessobj.c
+++ /dev/null
@@ -1,1099 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * sessobj.c
- *
- * This file contains an NSSCKMDObject implementation for session 
- * objects.  The framework uses this implementation to manage
- * session objects when a Module doesn't wish to be bothered.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * nssCKMDSessionObject
- *
- *  -- create --
- *  nssCKMDSessionObject_Create
- *
- *  -- EPV calls --
- *  nss_ckmdSessionObject_Finalize
- *  nss_ckmdSessionObject_IsTokenObject
- *  nss_ckmdSessionObject_GetAttributeCount
- *  nss_ckmdSessionObject_GetAttributeTypes
- *  nss_ckmdSessionObject_GetAttributeSize
- *  nss_ckmdSessionObject_GetAttribute
- *  nss_ckmdSessionObject_SetAttribute
- *  nss_ckmdSessionObject_GetObjectSize
- */
-
-struct nssCKMDSessionObjectStr {
-  CK_ULONG n;
-  NSSArena *arena;
-  NSSItem *attributes;
-  CK_ATTRIBUTE_TYPE_PTR types;
-  nssCKFWHash *hash;
-};
-typedef struct nssCKMDSessionObjectStr nssCKMDSessionObject;
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-nss_ckmdSessionObject_add_pointer
-(
-  const NSSCKMDObject *mdObject
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdSessionObject_remove_pointer
-(
-  const NSSCKMDObject *mdObject
-)
-{
-  return CKR_OK;
-}
-
-#ifdef NSS_DEBUG
-static CK_RV
-nss_ckmdSessionObject_verifyPointer
-(
-  const NSSCKMDObject *mdObject
-)
-{
-  return CKR_OK;
-}
-#endif
-
-#endif /* DEBUG */
-
-/*
- * We must forward-declare these routines
- */
-static void
-nss_ckmdSessionObject_Finalize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-);
-
-static CK_RV
-nss_ckmdSessionObject_Destroy
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-);
-
-static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-);
-
-static NSSCKFWItem
-nss_ckmdSessionObject_GetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-);
-
-static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *value
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-);
-
-/*
- * nssCKMDSessionObject_Create
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
-  NSSCKFWToken *fwToken,
-  NSSArena *arena,
-  CK_ATTRIBUTE_PTR attributes,
-  CK_ULONG ulCount,
-  CK_RV *pError
-)
-{
-  NSSCKMDObject *mdObject = (NSSCKMDObject *)NULL;
-  nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)NULL;
-  CK_ULONG i;
-  nssCKFWHash *hash;
-
-  mdso = nss_ZNEW(arena, nssCKMDSessionObject);
-  if( (nssCKMDSessionObject *)NULL == mdso ) {
-    goto loser;
-  }
-
-  mdso->arena = arena;
-  mdso->n = ulCount;
-  mdso->attributes = nss_ZNEWARRAY(arena, NSSItem, ulCount);
-  if( (NSSItem *)NULL == mdso->attributes ) {
-    goto loser;
-  }
-
-  mdso->types = nss_ZNEWARRAY(arena, CK_ATTRIBUTE_TYPE, ulCount);
-
-  for( i = 0; i < ulCount; i++ ) {
-    mdso->types[i] = attributes[i].type;
-    mdso->attributes[i].size = attributes[i].ulValueLen;
-    mdso->attributes[i].data = nss_ZAlloc(arena, attributes[i].ulValueLen);
-    if( (void *)NULL == mdso->attributes[i].data ) {
-      goto loser;
-    }
-    (void)nsslibc_memcpy(mdso->attributes[i].data, attributes[i].pValue,
-      attributes[i].ulValueLen);
-  }
-
-  mdObject = nss_ZNEW(arena, NSSCKMDObject);
-  if( (NSSCKMDObject *)NULL == mdObject ) {
-    goto loser;
-  }
-
-  mdObject->etc = (void *)mdso;
-  mdObject->Finalize = nss_ckmdSessionObject_Finalize;
-  mdObject->Destroy = nss_ckmdSessionObject_Destroy;
-  mdObject->IsTokenObject = nss_ckmdSessionObject_IsTokenObject;
-  mdObject->GetAttributeCount = nss_ckmdSessionObject_GetAttributeCount;
-  mdObject->GetAttributeTypes = nss_ckmdSessionObject_GetAttributeTypes;
-  mdObject->GetAttributeSize = nss_ckmdSessionObject_GetAttributeSize;
-  mdObject->GetAttribute = nss_ckmdSessionObject_GetAttribute;
-  mdObject->SetAttribute = nss_ckmdSessionObject_SetAttribute;
-  mdObject->GetObjectSize = nss_ckmdSessionObject_GetObjectSize;
-
-  hash = nssCKFWToken_GetSessionObjectHash(fwToken);
-  if( (nssCKFWHash *)NULL == hash ) {
-    *pError = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  mdso->hash = hash;
-
-  *pError = nssCKFWHash_Add(hash, mdObject, mdObject);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-
-#ifdef DEBUG
-  if( CKR_OK != nss_ckmdSessionObject_add_pointer(mdObject) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  *pError = CKR_OK;
-  return mdObject;
-
- loser:
-  if( (nssCKMDSessionObject *)NULL != mdso ) {
-    if( (NSSItem *)NULL != mdso->attributes ) {
-      for( i = 0; i < ulCount; i++ ) {
-        nss_ZFreeIf(mdso->attributes[i].data);
-      }
-
-      nss_ZFreeIf(mdso->attributes);
-    }
-
-    nss_ZFreeIf(mdso->types);
-    nss_ZFreeIf(mdso);
-  }
-
-  nss_ZFreeIf(mdObject);
-  *pError = CKR_HOST_MEMORY;
-  return (NSSCKMDObject *)NULL;
-}
-
-/*
- * nss_ckmdSessionObject_Finalize
- *
- */
-static void
-nss_ckmdSessionObject_Finalize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  /* This shouldn't ever be called */
-  return;
-}
-
-/*
- * nss_ckmdSessionObject_Destroy
- *
- */
-
-static CK_RV
-nss_ckmdSessionObject_Destroy
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-  nssCKMDSessionObject *mdso;
-  CK_ULONG i;
-
-#ifdef NSSDEBUG
-  error = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  mdso = (nssCKMDSessionObject *)mdObject->etc;
-
-  nssCKFWHash_Remove(mdso->hash, mdObject);
-
-  for( i = 0; i < mdso->n; i++ ) {
-    nss_ZFreeIf(mdso->attributes[i].data);
-  }
-  nss_ZFreeIf(mdso->attributes);
-  nss_ZFreeIf(mdso->types);
-  nss_ZFreeIf(mdso);
-  nss_ZFreeIf(mdObject);
-
-#ifdef DEBUG
-  (void)nss_ckmdSessionObject_remove_pointer(mdObject);
-#endif /* DEBUG */
-
-  return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_IsTokenObject
- *
- */
-
-static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nss_ckmdSessionObject_verifyPointer(mdObject) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * This implementation is only ever used for session objects.
-   */
-  return CK_FALSE;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeCount
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  nssCKMDSessionObject *obj;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return 0;
-  }
-
-  *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != *pError ) {
-    return 0;
-  }
-
-  /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
-  obj = (nssCKMDSessionObject *)mdObject->etc;
-
-  return obj->n;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeTypes
- *
- */
-static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE_PTR typeArray,
-  CK_ULONG ulCount
-)
-{
-#ifdef NSSDEBUG
-  CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-  nssCKMDSessionObject *obj;
-
-#ifdef NSSDEBUG
-  error = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
-  obj = (nssCKMDSessionObject *)mdObject->etc;
-
-  if( ulCount < obj->n ) {
-    return CKR_BUFFER_TOO_SMALL;
-  }
-
-  (void)nsslibc_memcpy(typeArray, obj->types, 
-    sizeof(CK_ATTRIBUTE_TYPE) * obj->n);
-
-  return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeSize
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  nssCKMDSessionObject *obj;
-  CK_ULONG i;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return 0;
-  }
-
-  *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != *pError ) {
-    return 0;
-  }
-
-  /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
-  obj = (nssCKMDSessionObject *)mdObject->etc;
-
-  for( i = 0; i < obj->n; i++ ) {
-    if( attribute == obj->types[i] ) {
-      return (CK_ULONG)(obj->attributes[i].size);
-    }
-  }
-
-  *pError = CKR_ATTRIBUTE_TYPE_INVALID;
-  return 0;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttribute
- *
- */
-static NSSCKFWItem
-nss_ckmdSessionObject_GetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  CK_RV *pError
-)
-{
-  NSSCKFWItem item;
-  nssCKMDSessionObject *obj;
-  CK_ULONG i;
-
-  item.needsFreeing = PR_FALSE;
-  item.item = NULL;
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return item;
-  }
-
-  *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != *pError ) {
-    return item;
-  }
-
-  /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
-  obj = (nssCKMDSessionObject *)mdObject->etc;
-
-  for( i = 0; i < obj->n; i++ ) {
-    if( attribute == obj->types[i] ) {
-      item.item = &obj->attributes[i];
-      return item;
-    }
-  }
-
-  *pError = CKR_ATTRIBUTE_TYPE_INVALID;
-  return item;
-}
-
-/*
- * nss_ckmdSessionObject_SetAttribute
- *
- */
-
-/*
- * Okay, so this implementation sucks.  It doesn't support removing
- * an attribute (if value == NULL), and could be more graceful about
- * memory.  It should allow "blank" slots in the arrays, with some
- * invalid attribute type, and then it could support removal much
- * more easily.  Do this later.
- */
-static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSItem *value
-)
-{
-  nssCKMDSessionObject *obj;
-  CK_ULONG i;
-  NSSItem n;
-  NSSItem *ra;
-  CK_ATTRIBUTE_TYPE_PTR rt;
-#ifdef NSSDEBUG
-  CK_RV error;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
-  error = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != error ) {
-    return 0;
-  }
-
-  /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
-  obj = (nssCKMDSessionObject *)mdObject->etc;
-
-  n.size = value->size;
-  n.data = nss_ZAlloc(obj->arena, n.size);
-  if( (void *)NULL == n.data ) {
-    return CKR_HOST_MEMORY;
-  }
-  (void)nsslibc_memcpy(n.data, value->data, n.size);
-
-  for( i = 0; i < obj->n; i++ ) {
-    if( attribute == obj->types[i] ) {
-      nss_ZFreeIf(obj->attributes[i].data);
-      obj->attributes[i] = n;
-      return CKR_OK;
-    }
-  }
-
-  /*
-   * It's new.
-   */
-
-  ra = (NSSItem *)nss_ZRealloc(obj->attributes, sizeof(NSSItem) * (obj->n + 1));
-  if( (NSSItem *)NULL == ra ) {
-    nss_ZFreeIf(n.data);
-    return CKR_HOST_MEMORY;
-  }
-
-  rt = (CK_ATTRIBUTE_TYPE_PTR)nss_ZRealloc(obj->types, (obj->n + 1));
-  if( (CK_ATTRIBUTE_TYPE_PTR)NULL == rt ) {
-    nss_ZFreeIf(n.data);
-    obj->attributes = (NSSItem *)nss_ZRealloc(ra, sizeof(NSSItem) * obj->n);
-    if( (NSSItem *)NULL == obj->attributes ) {
-      return CKR_GENERAL_ERROR;
-    }
-    return CKR_HOST_MEMORY;
-  }
-
-  obj->attributes = ra;
-  obj->types = rt;
-  obj->attributes[obj->n] = n;
-  obj->types[obj->n] = attribute;
-  obj->n++;
-
-  return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_GetObjectSize
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
-  NSSCKMDObject *mdObject,
-  NSSCKFWObject *fwObject,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  CK_RV *pError
-)
-{
-  nssCKMDSessionObject *obj;
-  CK_ULONG i;
-  CK_ULONG rv = (CK_ULONG)0;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return 0;
-  }
-
-  *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
-  if( CKR_OK != *pError ) {
-    return 0;
-  }
-
-  /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
-  obj = (nssCKMDSessionObject *)mdObject->etc;
-
-  for( i = 0; i < obj->n; i++ ) {
-    rv += obj->attributes[i].size;
-  }
-
-  rv += sizeof(NSSItem) * obj->n;
-  rv += sizeof(CK_ATTRIBUTE_TYPE) * obj->n;
-  rv += sizeof(nssCKMDSessionObject);
-
-  return rv;
-}
-
-/*
- * nssCKMDFindSessionObjects
- *
- *  -- create --
- *  nssCKMDFindSessionObjects_Create
- *
- *  -- EPV calls --
- *  nss_ckmdFindSessionObjects_Final
- *  nss_ckmdFindSessionObjects_Next
- */
-
-struct nodeStr {
-  struct nodeStr *next;
-  NSSCKMDObject *mdObject;
-};
-
-struct nssCKMDFindSessionObjectsStr {
-  NSSArena *arena;
-  CK_RV error;
-  CK_ATTRIBUTE_PTR pTemplate;
-  CK_ULONG ulCount;
-  struct nodeStr *list;
-  nssCKFWHash *hash;
-
-};
-typedef struct nssCKMDFindSessionObjectsStr nssCKMDFindSessionObjects;
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-nss_ckmdFindSessionObjects_add_pointer
-(
-  const NSSCKMDFindObjects *mdFindObjects
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdFindSessionObjects_remove_pointer
-(
-  const NSSCKMDFindObjects *mdFindObjects
-)
-{
-  return CKR_OK;
-}
-
-#ifdef NSS_DEBUG
-static CK_RV
-nss_ckmdFindSessionObjects_verifyPointer
-(
-  const NSSCKMDFindObjects *mdFindObjects
-)
-{
-  return CKR_OK;
-}
-#endif
-
-#endif /* DEBUG */
-
-/*
- * We must forward-declare these routines.
- */
-static void
-nss_ckmdFindSessionObjects_Final
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-);
-
-static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-);
-
-static CK_BBOOL
-items_match
-(
-  NSSItem *a,
-  CK_VOID_PTR pValue,
-  CK_ULONG ulValueLen
-)
-{
-  if( a->size != ulValueLen ) {
-    return CK_FALSE;
-  }
-
-  if( PR_TRUE == nsslibc_memequal(a->data, pValue, ulValueLen, (PRStatus *)NULL) ) {
-    return CK_TRUE;
-  } else {
-    return CK_FALSE;
-  }
-}
-
-/*
- * Our hashtable iterator
- */
-static void
-findfcn
-(
-  const void *key,
-  void *value,
-  void *closure
-)
-{
-  NSSCKMDObject *mdObject = (NSSCKMDObject *)value;
-  nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)mdObject->etc;
-  nssCKMDFindSessionObjects *mdfso = (nssCKMDFindSessionObjects *)closure;
-  CK_ULONG i, j;
-  struct nodeStr *node;
-
-  if( CKR_OK != mdfso->error ) {
-    return;
-  }
-
-  for( i = 0; i < mdfso->ulCount; i++ ) {
-    CK_ATTRIBUTE_PTR p = &mdfso->pTemplate[i];
-
-    for( j = 0; j < mdso->n; j++ ) {
-      if( mdso->types[j] == p->type ) {
-        if( !items_match(&mdso->attributes[j], p->pValue, p->ulValueLen) ) {
-          return;
-        } else {
-          break;
-        }
-      }
-    }
-
-    if( j == mdso->n ) {
-      /* Attribute not found */
-      return;
-    }
-  }
-
-  /* Matches */
-  node = nss_ZNEW(mdfso->arena, struct nodeStr);
-  if( (struct nodeStr *)NULL == node ) {
-    mdfso->error = CKR_HOST_MEMORY;
-    return;
-  }
-
-  node->mdObject = mdObject;
-  node->next = mdfso->list;
-  mdfso->list = node;
-
-  return;
-}
-
-/*
- * nssCKMDFindSessionObjects_Create
- *
- */
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
-  NSSCKFWToken *fwToken,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_RV *pError
-)
-{
-  NSSArena *arena;
-  nssCKMDFindSessionObjects *mdfso;
-  nssCKFWHash *hash;
-  NSSCKMDFindObjects *rv;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  *pError = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != *pError ) {
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKMDFindObjects *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  hash = nssCKFWToken_GetSessionObjectHash(fwToken);
-  if( (nssCKFWHash *)NULL == hash ) {
-    *pError= CKR_GENERAL_ERROR;
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  arena = NSSArena_Create();
-  if( (NSSArena *)NULL == arena ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  mdfso = nss_ZNEW(arena, nssCKMDFindSessionObjects);
-  if( (nssCKMDFindSessionObjects *)NULL == mdfso ) {
-    NSSArena_Destroy(arena);
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  rv = nss_ZNEW(arena, NSSCKMDFindObjects);
-
-  mdfso->error = CKR_OK;
-  mdfso->pTemplate = pTemplate;
-  mdfso->ulCount = ulCount;
-  mdfso->hash = hash;
-
-  nssCKFWHash_Iterate(hash, findfcn, mdfso);
-
-  if( CKR_OK != mdfso->error ) {
-    NSSArena_Destroy(arena);
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKMDFindObjects *)NULL;
-  }
-
-  rv->etc = (void *)mdfso;
-  rv->Final = nss_ckmdFindSessionObjects_Final;
-  rv->Next = nss_ckmdFindSessionObjects_Next;
-
-#ifdef DEBUG
-  if( (*pError = nss_ckmdFindSessionObjects_add_pointer(rv)) != CKR_OK ) {
-    NSSArena_Destroy(arena);
-    return (NSSCKMDFindObjects *)NULL;
-  }
-#endif /* DEBUG */    
-  mdfso->arena = arena;
-
-  return rv;
-}
-
-static void
-nss_ckmdFindSessionObjects_Final
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance
-)
-{
-  nssCKMDFindSessionObjects *mdfso;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
-  if (mdfso->arena) NSSArena_Destroy(mdfso->arena);
-
-#ifdef DEBUG
-  (void)nss_ckmdFindSessionObjects_remove_pointer(mdFindObjects);
-#endif /* DEBUG */
-
-  return;
-}
-
-static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
-  NSSCKMDFindObjects *mdFindObjects,
-  NSSCKFWFindObjects *fwFindObjects,
-  NSSCKMDSession *mdSession,
-  NSSCKFWSession *fwSession,
-  NSSCKMDToken *mdToken,
-  NSSCKFWToken *fwToken,
-  NSSCKMDInstance *mdInstance,
-  NSSCKFWInstance *fwInstance,
-  NSSArena *arena,
-  CK_RV *pError
-)
-{
-  nssCKMDFindSessionObjects *mdfso;
-  NSSCKMDObject *rv = (NSSCKMDObject *)NULL;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
-    return (NSSCKMDObject *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
-
-  while( (NSSCKMDObject *)NULL == rv ) {
-    if( (struct nodeStr *)NULL == mdfso->list ) {
-      *pError = CKR_OK;
-      return (NSSCKMDObject *)NULL;
-    }
-
-    if( nssCKFWHash_Exists(mdfso->hash, mdfso->list->mdObject) ) {
-      rv = mdfso->list->mdObject;
-    }
-
-    mdfso->list = mdfso->list->next;
-  }
-
-  return rv;
-}
diff --git a/security/nss/lib/ckfw/slot.c b/security/nss/lib/ckfw/slot.c
deleted file mode 100644
index 4e2b0831c..000000000
--- a/security/nss/lib/ckfw/slot.c
+++ /dev/null
@@ -1,753 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * slot.c
- *
- * This file implements the NSSCKFWSlot type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWSlot
- *
- *  -- create/destroy --
- *  nssCKFWSlot_Create
- *  nssCKFWSlot_Destroy
- *
- *  -- public accessors --
- *  NSSCKFWSlot_GetMDSlot
- *  NSSCKFWSlot_GetFWInstance
- *  NSSCKFWSlot_GetMDInstance
- *
- *  -- implement public accessors --
- *  nssCKFWSlot_GetMDSlot
- *  nssCKFWSlot_GetFWInstance
- *  nssCKFWSlot_GetMDInstance
- *
- *  -- private accessors --
- *  nssCKFWSlot_GetSlotID
- *  nssCKFWSlot_ClearToken
- *
- *  -- module fronts --
- *  nssCKFWSlot_GetSlotDescription
- *  nssCKFWSlot_GetManufacturerID
- *  nssCKFWSlot_GetTokenPresent
- *  nssCKFWSlot_GetRemovableDevice
- *  nssCKFWSlot_GetHardwareSlot
- *  nssCKFWSlot_GetHardwareVersion
- *  nssCKFWSlot_GetFirmwareVersion
- *  nssCKFWSlot_InitToken
- *  nssCKFWSlot_GetToken
- */
-
-struct NSSCKFWSlotStr {
-  NSSCKFWMutex *mutex;
-  NSSCKMDSlot *mdSlot;
-  NSSCKFWInstance *fwInstance;
-  NSSCKMDInstance *mdInstance;
-  CK_SLOT_ID slotID;
-
-  /*
-   * Everything above is set at creation time, and then not modified.
-   * The invariants the mutex protects are:
-   *
-   * 1) Each of the cached descriptions (versions, etc.) are in an
-   *    internally consistant state.
-   *
-   * 2) The fwToken points to the token currently in the slot, and
-   *    it is in a consistant state.
-   *
-   * Note that the calls accessing the cached descriptions will
-   * call the NSSCKMDSlot methods with the mutex locked.  Those
-   * methods may then call the public NSSCKFWSlot routines.  Those
-   * public routines only access the constant data above, so there's
-   * no problem.  But be careful if you add to this object; mutexes
-   * are in general not reentrant, so don't create deadlock situations.
-   */
-
-  NSSUTF8 *slotDescription;
-  NSSUTF8 *manufacturerID;
-  CK_VERSION hardwareVersion;
-  CK_VERSION firmwareVersion;
-  NSSCKFWToken *fwToken;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-slot_add_pointer
-(
-  const NSSCKFWSlot *fwSlot
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-slot_remove_pointer
-(
-  const NSSCKFWSlot *fwSlot
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_verifyPointer
-(
-  const NSSCKFWSlot *fwSlot
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWSlot_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSlot_Create
-(
-  NSSCKFWInstance *fwInstance,
-  NSSCKMDSlot *mdSlot,
-  CK_SLOT_ID slotID,
-  CK_RV *pError
-)
-{
-  NSSCKFWSlot *fwSlot;
-  NSSCKMDInstance *mdInstance;
-  NSSArena *arena;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  *pError = nssCKFWInstance_verifyPointer(fwInstance);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
-  if( (NSSCKMDInstance *)NULL == mdInstance ) {
-    *pError = CKR_GENERAL_ERROR;
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  arena = nssCKFWInstance_GetArena(fwInstance, pError);
-  if( (NSSArena *)NULL == arena ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-  }
-
-  fwSlot = nss_ZNEW(arena, NSSCKFWSlot);
-  if( (NSSCKFWSlot *)NULL == fwSlot ) {
-    *pError = CKR_HOST_MEMORY;
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  fwSlot->mdSlot = mdSlot;
-  fwSlot->fwInstance = fwInstance;
-  fwSlot->mdInstance = mdInstance;
-  fwSlot->slotID = slotID;
-
-  fwSlot->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == fwSlot->mutex ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    (void)nss_ZFreeIf(fwSlot);
-    return (NSSCKFWSlot *)NULL;
-  }
-
-  if( (void *)NULL != (void *)mdSlot->Initialize ) {
-    *pError = CKR_OK;
-    *pError = mdSlot->Initialize(mdSlot, fwSlot, mdInstance, fwInstance);
-    if( CKR_OK != *pError ) {
-      (void)nssCKFWMutex_Destroy(fwSlot->mutex);
-      (void)nss_ZFreeIf(fwSlot);
-      return (NSSCKFWSlot *)NULL;
-    }
-  }
-
-#ifdef DEBUG
-  *pError = slot_add_pointer(fwSlot);
-  if( CKR_OK != *pError ) {
-    if( (void *)NULL != (void *)mdSlot->Destroy ) {
-      mdSlot->Destroy(mdSlot, fwSlot, mdInstance, fwInstance);
-    }
-
-    (void)nssCKFWMutex_Destroy(fwSlot->mutex);
-    (void)nss_ZFreeIf(fwSlot);
-    return (NSSCKFWSlot *)NULL;
-  }
-#endif /* DEBUG */
-
-  return fwSlot;
-}
-
-/*
- * nssCKFWSlot_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_Destroy
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWSlot_verifyPointer(fwSlot);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  (void)nssCKFWMutex_Destroy(fwSlot->mutex);
-
-  if( (void *)NULL != (void *)fwSlot->mdSlot->Destroy ) {
-    fwSlot->mdSlot->Destroy(fwSlot->mdSlot, fwSlot, 
-      fwSlot->mdInstance, fwSlot->fwInstance);
-  }
-
-#ifdef DEBUG
-  error = slot_remove_pointer(fwSlot);
-#endif /* DEBUG */
-  (void)nss_ZFreeIf(fwSlot);
-  return error;
-}
-
-/*
- * nssCKFWSlot_GetMDSlot
- *
- */
-NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (NSSCKMDSlot *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSlot->mdSlot;
-}
-
-/*
- * nssCKFWSlot_GetFWInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (NSSCKFWInstance *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSlot->fwInstance;
-}
-
-/*
- * nssCKFWSlot_GetMDInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (NSSCKMDInstance *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSlot->mdInstance;
-}
-
-/*
- * nssCKFWSlot_GetSlotID
- *
- */
-NSS_IMPLEMENT CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (CK_SLOT_ID)0;
-  }
-#endif /* NSSDEBUG */
-
-  return fwSlot->slotID;
-}
-
-/*
- * nssCKFWSlot_GetSlotDescription
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetSlotDescription
-(
-  NSSCKFWSlot *fwSlot,
-  CK_CHAR slotDescription[64]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == slotDescription ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWSlot_verifyPointer(fwSlot);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwSlot->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwSlot->slotDescription ) {
-    if( (void *)NULL != (void *)fwSlot->mdSlot->GetSlotDescription ) {
-      fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
-        fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, 
-        fwSlot->fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwSlot->slotDescription) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwSlot->slotDescription = (NSSUTF8 *) "";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwSlot->mutex);
-  return error;
-}
-
-/*
- * nssCKFWSlot_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetManufacturerID
-(
-  NSSCKFWSlot *fwSlot,
-  CK_CHAR manufacturerID[32]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == manufacturerID ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWSlot_verifyPointer(fwSlot);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwSlot->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwSlot->manufacturerID ) {
-    if( (void *)NULL != (void *)fwSlot->mdSlot->GetManufacturerID ) {
-      fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
-        fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, 
-        fwSlot->fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwSlot->manufacturerID) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwSlot->manufacturerID = (NSSUTF8 *) "";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwSlot->mutex);
-  return error;
-}
-
-/*
- * nssCKFWSlot_GetTokenPresent
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSlot->mdSlot->GetTokenPresent ) {
-    return CK_TRUE;
-  }
-
-  return fwSlot->mdSlot->GetTokenPresent(fwSlot->mdSlot, fwSlot,
-    fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetRemovableDevice
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSlot->mdSlot->GetRemovableDevice ) {
-    return CK_FALSE;
-  }
-
-  return fwSlot->mdSlot->GetRemovableDevice(fwSlot->mdSlot, fwSlot,
-    fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetHardwareSlot
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwSlot->mdSlot->GetHardwareSlot ) {
-    return CK_FALSE;
-  }
-
-  return fwSlot->mdSlot->GetHardwareSlot(fwSlot->mdSlot, fwSlot,
-    fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetHardwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-  CK_VERSION rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-
-  if( (0 != fwSlot->hardwareVersion.major) ||
-      (0 != fwSlot->hardwareVersion.minor) ) {
-    rv = fwSlot->hardwareVersion;
-    goto done;
-  }
-
-  if( (void *)NULL != (void *)fwSlot->mdSlot->GetHardwareVersion ) {
-    fwSlot->hardwareVersion = fwSlot->mdSlot->GetHardwareVersion(
-      fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
-  } else {
-    fwSlot->hardwareVersion.major = 0;
-    fwSlot->hardwareVersion.minor = 1;
-  }
-
-  rv = fwSlot->hardwareVersion;
- done:
-  (void)nssCKFWMutex_Unlock(fwSlot->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWSlot_GetFirmwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-  CK_VERSION rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-
-  if( (0 != fwSlot->firmwareVersion.major) ||
-      (0 != fwSlot->firmwareVersion.minor) ) {
-    rv = fwSlot->firmwareVersion;
-    goto done;
-  }
-
-  if( (void *)NULL != (void *)fwSlot->mdSlot->GetFirmwareVersion ) {
-    fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
-      fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
-  } else {
-    fwSlot->firmwareVersion.major = 0;
-    fwSlot->firmwareVersion.minor = 1;
-  }
-
-  rv = fwSlot->firmwareVersion;
- done:
-  (void)nssCKFWMutex_Unlock(fwSlot->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWSlot_GetToken
- * 
- */
-NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
-  NSSCKFWSlot *fwSlot,
-  CK_RV *pError
-)
-{
-  NSSCKMDToken *mdToken;
-  NSSCKFWToken *fwToken;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWToken *)NULL;
-  }
-
-  *pError = nssCKFWSlot_verifyPointer(fwSlot);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWToken *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = nssCKFWMutex_Lock(fwSlot->mutex);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWToken *)NULL;
-  }
-
-  if( (NSSCKFWToken *)NULL == fwSlot->fwToken ) {
-    if( (void *)NULL == (void *)fwSlot->mdSlot->GetToken ) {
-      *pError = CKR_GENERAL_ERROR;
-      fwToken = (NSSCKFWToken *)NULL;
-      goto done;
-    }
-
-    mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
-      fwSlot->mdInstance, fwSlot->fwInstance, pError);
-    if( (NSSCKMDToken *)NULL == mdToken ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      return (NSSCKFWToken *)NULL;
-    }
-
-    fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
-    fwSlot->fwToken = fwToken;
-  } else {
-    fwToken = fwSlot->fwToken;
-  }
-
- done:
-  (void)nssCKFWMutex_Unlock(fwSlot->mutex);
-  return fwToken;
-}
-
-/*
- * nssCKFWSlot_ClearToken
- *
- */
-NSS_IMPLEMENT void
-nssCKFWSlot_ClearToken
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
-    /* Now what? */
-    return;
-  }
-
-  fwSlot->fwToken = (NSSCKFWToken *)NULL;
-  (void)nssCKFWMutex_Unlock(fwSlot->mutex);
-  return;
-}
-
-/*
- * NSSCKFWSlot_GetMDSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (NSSCKMDSlot *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSlot_GetMDSlot(fwSlot);
-}
-
-/*
- * NSSCKFWSlot_GetFWInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (NSSCKFWInstance *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSlot_GetFWInstance(fwSlot);
-}
-
-/*
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
-  NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
-    return (NSSCKMDInstance *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWSlot_GetMDInstance(fwSlot);
-}
diff --git a/security/nss/lib/ckfw/token.c b/security/nss/lib/ckfw/token.c
deleted file mode 100644
index 6e4aa247b..000000000
--- a/security/nss/lib/ckfw/token.c
+++ /dev/null
@@ -1,1855 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * token.c
- *
- * This file implements the NSSCKFWToken type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWToken
- *
- *  -- create/destroy --
- *  nssCKFWToken_Create
- *  nssCKFWToken_Destroy
- *
- *  -- public accessors --
- *  NSSCKFWToken_GetMDToken
- *  NSSCKFWToken_GetFWSlot
- *  NSSCKFWToken_GetMDSlot
- *  NSSCKFWToken_GetSessionState
- *
- *  -- implement public accessors --
- *  nssCKFWToken_GetMDToken
- *  nssCKFWToken_GetFWSlot
- *  nssCKFWToken_GetMDSlot
- *  nssCKFWToken_GetSessionState
- *  nssCKFWToken_SetSessionState
- *
- *  -- private accessors --
- *  nssCKFWToken_SetSessionState
- *  nssCKFWToken_RemoveSession
- *  nssCKFWToken_CloseAllSessions
- *  nssCKFWToken_GetSessionCount
- *  nssCKFWToken_GetRwSessionCount
- *  nssCKFWToken_GetRoSessionCount
- *  nssCKFWToken_GetSessionObjectHash
- *  nssCKFWToken_GetMDObjectHash
- *  nssCKFWToken_GetObjectHandleHash
- *
- *  -- module fronts --
- *  nssCKFWToken_InitToken
- *  nssCKFWToken_GetLabel
- *  nssCKFWToken_GetManufacturerID
- *  nssCKFWToken_GetModel
- *  nssCKFWToken_GetSerialNumber
- *  nssCKFWToken_GetHasRNG
- *  nssCKFWToken_GetIsWriteProtected
- *  nssCKFWToken_GetLoginRequired
- *  nssCKFWToken_GetUserPinInitialized
- *  nssCKFWToken_GetRestoreKeyNotNeeded
- *  nssCKFWToken_GetHasClockOnToken
- *  nssCKFWToken_GetHasProtectedAuthenticationPath
- *  nssCKFWToken_GetSupportsDualCryptoOperations
- *  nssCKFWToken_GetMaxSessionCount
- *  nssCKFWToken_GetMaxRwSessionCount
- *  nssCKFWToken_GetMaxPinLen
- *  nssCKFWToken_GetMinPinLen
- *  nssCKFWToken_GetTotalPublicMemory
- *  nssCKFWToken_GetFreePublicMemory
- *  nssCKFWToken_GetTotalPrivateMemory
- *  nssCKFWToken_GetFreePrivateMemory
- *  nssCKFWToken_GetHardwareVersion
- *  nssCKFWToken_GetFirmwareVersion
- *  nssCKFWToken_GetUTCTime
- *  nssCKFWToken_OpenSession
- *  nssCKFWToken_GetMechanismCount
- *  nssCKFWToken_GetMechanismTypes
- *  nssCKFWToken_GetMechanism
- */
-
-struct NSSCKFWTokenStr {
-  NSSCKFWMutex *mutex;
-  NSSArena *arena;
-  NSSCKMDToken *mdToken;
-  NSSCKFWSlot *fwSlot;
-  NSSCKMDSlot *mdSlot;
-  NSSCKFWInstance *fwInstance;
-  NSSCKMDInstance *mdInstance;
-
-  /*
-   * Everything above is set at creation time, and then not modified.
-   * The invariants the mutex protects are:
-   *
-   * 1) Each of the cached descriptions (versions, etc.) are in an
-   *    internally consistant state.
-   *
-   * 2) The session counts and hashes are consistant.
-   *
-   * 3) The object hashes are consistant.
-   *
-   * Note that the calls accessing the cached descriptions will call
-   * the NSSCKMDToken methods with the mutex locked.  Those methods
-   * may then call the public NSSCKFWToken routines.  Those public
-   * routines only access the constant data above and the atomic
-   * CK_STATE session state variable below, so there's no problem.
-   * But be careful if you add to this object; mutexes are in
-   * general not reentrant, so don't create deadlock situations.
-   */
-
-  NSSUTF8 *label;
-  NSSUTF8 *manufacturerID;
-  NSSUTF8 *model;
-  NSSUTF8 *serialNumber;
-  CK_VERSION hardwareVersion;
-  CK_VERSION firmwareVersion;
-
-  CK_ULONG sessionCount;
-  CK_ULONG rwSessionCount;
-  nssCKFWHash *sessions;
-  nssCKFWHash *sessionObjectHash;
-  nssCKFWHash *mdObjectHash;
-
-  CK_STATE state;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support.  That, however, relies upon NSPR's
- * locking, which is tied into the runtime.  We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later.  So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-token_add_pointer
-(
-  const NSSCKFWToken *fwToken
-)
-{
-  return CKR_OK;
-}
-
-static CK_RV
-token_remove_pointer
-(
-  const NSSCKFWToken *fwToken
-)
-{
-  return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_verifyPointer
-(
-  const NSSCKFWToken *fwToken
-)
-{
-  return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWToken_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWToken_Create
-(
-  NSSCKFWSlot *fwSlot,
-  NSSCKMDToken *mdToken,
-  CK_RV *pError
-)
-{
-  NSSArena *arena = (NSSArena *)NULL;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-  CK_BBOOL called_setup = CK_FALSE;
-
-  /*
-   * We have already verified the arguments in nssCKFWSlot_GetToken.
-   */
-
-  arena = NSSArena_Create();
-  if( (NSSArena *)NULL == arena ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }
-
-  fwToken = nss_ZNEW(arena, NSSCKFWToken);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    *pError = CKR_HOST_MEMORY;
-    goto loser;
-  }    
-
-  fwToken->arena = arena;
-  fwToken->mdToken = mdToken;
-  fwToken->fwSlot = fwSlot;
-  fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
-  fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
-  fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
-  fwToken->sessionCount = 0;
-  fwToken->rwSessionCount = 0;
-
-  fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
-  if( (NSSCKFWMutex *)NULL == fwToken->mutex ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto loser;
-  }
-
-  fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
-  if( (nssCKFWHash *)NULL == fwToken->sessions ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto loser;
-  }
-
-  if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
-                   fwToken->fwInstance) ) {
-    fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance, 
-                                   arena, pError);
-    if( (nssCKFWHash *)NULL == fwToken->sessionObjectHash ) {
-      if( CKR_OK == *pError ) {
-        *pError = CKR_GENERAL_ERROR;
-      }
-      goto loser;
-    }
-  }
-
-  fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance, 
-                            arena, pError);
-  if( (nssCKFWHash *)NULL == fwToken->mdObjectHash ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto loser;
-  }
-
-  /* More here */
-
-  if( (void *)NULL != (void *)mdToken->Setup ) {
-    *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
-    if( CKR_OK != *pError ) {
-      goto loser;
-    }
-  }
-
-  called_setup = CK_TRUE;
-
-#ifdef DEBUG
-  *pError = token_add_pointer(fwToken);
-  if( CKR_OK != *pError ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  *pError = CKR_OK;
-  return fwToken;
-
- loser:
-
-  if( CK_TRUE == called_setup ) {
-    if( (void *)NULL != (void *)mdToken->Invalidate ) {
-      mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
-    }
-  }
-
-  if( (NSSArena *)NULL != arena ) {
-    (void)NSSArena_Destroy(arena);
-  }
-
-  return (NSSCKFWToken *)NULL;
-}
-
-/*
- * nssCKFWToken_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_Destroy
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  (void)nssCKFWMutex_Destroy(fwToken->mutex);
-  
-  if( (void *)NULL != (void *)fwToken->mdToken->Invalidate ) {
-    fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
-      fwToken->mdInstance, fwToken->fwInstance);
-  }
-
-  nssCKFWSlot_ClearToken(fwToken->fwSlot);
-  
-#ifdef DEBUG
-  error = token_remove_pointer(fwToken);
-#endif /* DEBUG */
-
-  (void)NSSArena_Destroy(fwToken->arena);
-  return error;
-}
-
-/*
- * nssCKFWToken_GetMDToken
- *
- */
-NSS_IMPLEMENT NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (NSSCKMDToken *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->mdToken;
-}
-
-/*
- * nssCKFWToken_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWToken_GetArena
-(
-  NSSCKFWToken *fwToken,
-  CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  *pError = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != *pError ) {
-    return (NSSArena *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->arena;
-}
-
-/*
- * nssCKFWToken_GetFWSlot
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->fwSlot;
-}
-
-/*
- * nssCKFWToken_GetMDSlot
- *
- */
-NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (NSSCKMDSlot *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->mdSlot;
-}
-
-/*
- * nssCKFWToken_GetSessionState
- *
- */
-NSS_IMPLEMENT CK_STATE
-nssCKFWToken_GetSessionState
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CKS_RO_PUBLIC_SESSION; /* whatever */
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * BTW, do not lock the token in this method.
-   */
-
-  /*
-   * Theoretically, there is no state if there aren't any
-   * sessions open.  But then we'd need to worry about
-   * reporting an error, etc.  What the heck-- let's just
-   * revert to CKR_RO_PUBLIC_SESSION as the "default."
-   */
-
-  return fwToken->state;
-}
-
-/*
- * nssCKFWToken_InitToken
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_InitToken
-(
-  NSSCKFWToken *fwToken,
-  NSSItem *pin,
-  NSSUTF8 *label
-)
-{
-  CK_RV error;
-
-#ifdef NSSDEBUG
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( fwToken->sessionCount > 0 ) {
-    error = CKR_SESSION_EXISTS;
-    goto done;
-  }
-
-  if( (void *)NULL == (void *)fwToken->mdToken->InitToken ) {
-    error = CKR_DEVICE_ERROR;
-    goto done;
-  }
-
-  if( (NSSItem *)NULL == pin ) {
-    if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
-      ; /* okay */
-    } else {
-      error = CKR_PIN_INCORRECT;
-      goto done;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == label ) {
-    label = (NSSUTF8 *) "";
-  }
-
-  error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
-            fwToken->mdInstance, fwToken->fwInstance, pin, label);
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-/*
- * nssCKFWToken_GetLabel
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetLabel
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR label[32]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == label ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwToken->label ) {
-    if( (void *)NULL != (void *)fwToken->mdToken->GetLabel ) {
-      fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
-        fwToken->mdInstance, fwToken->fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwToken->label) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwToken->label = (NSSUTF8 *) "";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-/*
- * nssCKFWToken_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetManufacturerID
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR manufacturerID[32]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == manufacturerID ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwToken->manufacturerID ) {
-    if( (void *)NULL != (void *)fwToken->mdToken->GetManufacturerID ) {
-      fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
-        fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwToken->manufacturerID) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwToken->manufacturerID = (NSSUTF8 *)"";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-/*
- * nssCKFWToken_GetModel
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetModel
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR model[16]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == model ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwToken->model ) {
-    if( (void *)NULL != (void *)fwToken->mdToken->GetModel ) {
-      fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
-        fwToken->mdInstance, fwToken->fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwToken->model) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwToken->model = (NSSUTF8 *)"";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-/*
- * nssCKFWToken_GetSerialNumber
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetSerialNumber
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR serialNumber[16]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  if( (CK_CHAR_PTR)NULL == serialNumber ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (NSSUTF8 *)NULL == fwToken->serialNumber ) {
-    if( (void *)NULL != (void *)fwToken->mdToken->GetSerialNumber ) {
-      fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken, 
-        fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
-      if( ((NSSUTF8 *)NULL == fwToken->serialNumber) && (CKR_OK != error) ) {
-        goto done;
-      }
-    } else {
-      fwToken->serialNumber = (NSSUTF8 *)"";
-    }
-  }
-
-  (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-
-/*
- * nssCKFWToken_GetHasRNG
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetHasRNG ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetIsWriteProtected
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetIsWriteProtected ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetLoginRequired
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetLoginRequired ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetUserPinInitialized
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetUserPinInitialized ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetRestoreKeyNotNeeded
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetRestoreKeyNotNeeded ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHasClockOnToken
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetHasClockOnToken ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetHasProtectedAuthenticationPath ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken, 
-    fwToken, fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetSupportsDualCryptoOperations
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetSupportsDualCryptoOperations ) {
-    return CK_FALSE;
-  }
-
-  return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken, 
-    fwToken, fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetMaxSessionCount ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxRwSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetMaxRwSessionCount ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxPinLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetMaxPinLen ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMinPinLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetMinPinLen ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetTotalPublicMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetTotalPublicMemory ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetFreePublicMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetFreePublicMemory ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetTotalPrivateMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetTotalPrivateMemory ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetFreePrivateMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetFreePrivateMemory ) {
-    return CK_UNAVAILABLE_INFORMATION;
-  }
-
-  return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken, 
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHardwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_VERSION rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-
-  if( (0 != fwToken->hardwareVersion.major) ||
-      (0 != fwToken->hardwareVersion.minor) ) {
-    rv = fwToken->hardwareVersion;
-    goto done;
-  }
-
-  if( (void *)NULL != (void *)fwToken->mdToken->GetHardwareVersion ) {
-    fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
-      fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
-  } else {
-    fwToken->hardwareVersion.major = 0;
-    fwToken->hardwareVersion.minor = 1;
-  }
-
-  rv = fwToken->hardwareVersion;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWToken_GetFirmwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_VERSION rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
-    rv.major = rv.minor = 0;
-    return rv;
-  }
-
-  if( (0 != fwToken->firmwareVersion.major) ||
-      (0 != fwToken->firmwareVersion.minor) ) {
-    rv = fwToken->firmwareVersion;
-    goto done;
-  }
-
-  if( (void *)NULL != (void *)fwToken->mdToken->GetFirmwareVersion ) {
-    fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
-      fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
-  } else {
-    fwToken->firmwareVersion.major = 0;
-    fwToken->firmwareVersion.minor = 1;
-  }
-
-  rv = fwToken->firmwareVersion;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWToken_GetUTCTime
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetUTCTime
-(
-  NSSCKFWToken *fwToken,
-  CK_CHAR utcTime[16]
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( (CK_CHAR_PTR)NULL == utcTime ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* DEBUG */
-
-  if( CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken) ) {
-    /* return CKR_DEVICE_ERROR; */
-    (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
-    return CKR_OK;
-  }
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetUTCTime ) {
-    /* It said it had one! */
-    return CKR_GENERAL_ERROR;
-  }
-
-  error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken, 
-            fwToken->mdInstance, fwToken->fwInstance, utcTime);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  /* Sanity-check the data */
-  {
-    /* Format is YYYYMMDDhhmmss00 */
-    int i;
-    int Y, M, D, h, m, s, z;
-    static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
-
-    for( i = 0; i < 16; i++ ) {
-      if( (utcTime[i] < '0') || (utcTime[i] > '9') ) {
-        goto badtime;
-      }
-    }
-
-    Y = ((utcTime[ 0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
-        ((utcTime[ 2] - '0') * 10) + (utcTime[ 3] - '0');
-    M = ((utcTime[ 4] - '0') * 10) + (utcTime[ 5] - '0');
-    D = ((utcTime[ 6] - '0') * 10) + (utcTime[ 7] - '0');
-    h = ((utcTime[ 8] - '0') * 10) + (utcTime[ 9] - '0');
-    m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
-    s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
-    z = ((utcTime[14] - '0') * 10) + (utcTime[15] - '0');
-
-    if( (Y < 1990) || (Y > 3000) ) goto badtime; /* Y3K problem.  heh heh heh */
-    if( (M < 1) || (M > 12) ) goto badtime;
-    if( (D < 1) || (D > 31) ) goto badtime;
-
-    if( D > dims[M-1] ) goto badtime; /* per-month check */
-    if( (2 == M) && (((Y%4)||!(Y%100))&&(Y%400)) && (D > 28) ) goto badtime; /* leap years */
-
-    if( (h < 0) || (h > 23) ) goto badtime;
-    if( (m < 0) || (m > 60) ) goto badtime;
-    if( (s < 0) || (s > 61) ) goto badtime;
-
-    /* 60m and 60 or 61s is only allowed for leap seconds. */
-    if( (60 == m) || (s >= 60) ) {
-      if( (23 != h) || (60 != m) || (s < 60) ) goto badtime;
-      /* leap seconds can only happen on June 30 or Dec 31.. I think */
-      /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
-    }
-  }
-
-  return CKR_OK;
-
- badtime:
-  return CKR_GENERAL_ERROR;
-}
-
-/*
- * nssCKFWToken_OpenSession
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
-  NSSCKFWToken *fwToken,
-  CK_BBOOL rw,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_RV *pError
-)
-{
-  NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
-  NSSCKMDSession *mdSession;
-
-#ifdef NSSDEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSCKFWSession *)NULL;
-  }
-
-  *pError = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWSession *)NULL;
-  }
-
-  switch( rw ) {
-  case CK_TRUE:
-  case CK_FALSE:
-    break;
-  default:
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSCKFWSession *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  *pError = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != *pError ) {
-    return (NSSCKFWSession *)NULL;
-  }
-
-  if( CK_TRUE == rw ) {
-    /* Read-write session desired */
-    if( CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken) ) {
-      *pError = CKR_TOKEN_WRITE_PROTECTED;
-      goto done;
-    }
-  } else {
-    /* Read-only session desired */
-    if( CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken) ) {
-      *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
-      goto done;
-    }
-  }
-
-  /* We could compare sesion counts to any limits we know of, I guess.. */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->OpenSession ) {
-    /*
-     * I'm not sure that the Module actually needs to implement
-     * mdSessions -- the Framework can keep track of everything 
-     * needed, really.  But I'll sort out that detail later..
-     */
-    *pError = CKR_GENERAL_ERROR;
-    goto done;
-  }
-
-  fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto done;
-  }
-
-  mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
-                fwToken->mdInstance, fwToken->fwInstance, fwSession,
-                rw, pError);
-  if( (NSSCKMDSession *)NULL == mdSession ) {
-    (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
-    if( CKR_OK == *pError ) {
-      *pError = CKR_GENERAL_ERROR;
-    }
-    goto done;
-  }
-
-  *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
-  if( CKR_OK != *pError ) {
-    if( (void *)NULL != (void *)mdSession->Close ) {
-      mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
-      fwToken->mdInstance, fwToken->fwInstance);
-    }
-    (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
-    goto done;
-  }
-
-  *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
-  if( CKR_OK != *pError ) {
-    (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
-    fwSession = (NSSCKFWSession *)NULL;
-    goto done;
-  }
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return fwSession;
-}
-
-/*
- * nssCKFWToken_GetMechanismCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return 0;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetMechanismCount ) {
-    return 0;
-  }
-
-  return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
-    fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMechanismTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetMechanismTypes
-(
-  NSSCKFWToken *fwToken,
-  CK_MECHANISM_TYPE types[]
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-
-  if( (CK_MECHANISM_TYPE *)NULL == types ) {
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* NSSDEBUG */
-
-  if( (void *)NULL == (void *)fwToken->mdToken->GetMechanismTypes ) {
-    /*
-     * This should only be called with a sufficiently-large
-     * "types" array, which can only be done if GetMechanismCount
-     * is implemented.  If that's implemented (and returns nonzero),
-     * then this should be too.  So return an error.
-     */
-    return CKR_GENERAL_ERROR;
-  }
-
-  return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
-    fwToken->mdInstance, fwToken->fwInstance, types);
-}
-
-
-/*
- * nssCKFWToken_GetMechanism
- *
- */
-NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
-  NSSCKFWToken *fwToken,
-  CK_MECHANISM_TYPE which,
-  CK_RV *pError
-)
-{
-  /* XXX fgmr */
-  return (NSSCKFWMechanism *)NULL;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_SetSessionState
-(
-  NSSCKFWToken *fwToken,
-  CK_STATE newState
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  switch( newState ) {
-  case CKS_RO_PUBLIC_SESSION:
-  case CKS_RO_USER_FUNCTIONS:
-  case CKS_RW_PUBLIC_SESSION:
-  case CKS_RW_USER_FUNCTIONS:
-  case CKS_RW_SO_FUNCTIONS:
-    break;
-  default:
-    return CKR_ARGUMENTS_BAD;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  fwToken->state = newState;
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return CKR_OK;
-}
-
-/*
- * nssCKFWToken_RemoveSession
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_RemoveSession
-(
-  NSSCKFWToken *fwToken,
-  NSSCKFWSession *fwSession
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  error = nssCKFWSession_verifyPointer(fwSession);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  if( CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession) ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto done;
-  }
-
-  nssCKFWHash_Remove(fwToken->sessions, fwSession);
-  fwToken->sessionCount--;
-
-  if( nssCKFWSession_IsRWSession(fwSession) ) {
-    fwToken->rwSessionCount--;
-  }
-
-  if( 0 == fwToken->sessionCount ) {
-    fwToken->rwSessionCount = 0; /* sanity */
-    fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
-  }
-
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-static void
-nss_ckfwtoken_session_iterator
-(
-  const void *key,
-  void *value,
-  void *closure
-)
-{
-  /*
-   * Remember that the fwToken->mutex is locked
-   */
-  NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
-  (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
-  return;
-}
-
-/*
- * nssCKFWToken_CloseAllSessions
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_CloseAllSessions
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
-  error = nssCKFWToken_verifyPointer(fwToken);
-  if( CKR_OK != error ) {
-    return error;
-  }
-#endif /* NSSDEBUG */
-
-  error = nssCKFWMutex_Lock(fwToken->mutex);
-  if( CKR_OK != error ) {
-    return error;
-  }
-
-  nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
-
-  nssCKFWHash_Destroy(fwToken->sessions);
-
-  fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
-  if( (nssCKFWHash *)NULL == fwToken->sessions ) {
-    if( CKR_OK == error ) {
-      error = CKR_GENERAL_ERROR;
-    }
-    goto done;
-  }
-
-  fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
-  fwToken->sessionCount = 0;
-  fwToken->rwSessionCount = 0;
-
-  error = CKR_OK;
-
- done:
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return error;
-}
-
-/*
- * nssCKFWToken_GetSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetSessionCount
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_ULONG rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
-    return (CK_ULONG)0;
-  }
-
-  rv = fwToken->sessionCount;
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWToken_GetRwSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_ULONG rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
-    return (CK_ULONG)0;
-  }
-
-  rv = fwToken->rwSessionCount;
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWToken_GetRoSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
-  NSSCKFWToken *fwToken
-)
-{
-  CK_ULONG rv;
-
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (CK_ULONG)0;
-  }
-#endif /* NSSDEBUG */
-
-  if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
-    return (CK_ULONG)0;
-  }
-
-  rv = fwToken->sessionCount - fwToken->rwSessionCount;
-  (void)nssCKFWMutex_Unlock(fwToken->mutex);
-  return rv;
-}
-
-/*
- * nssCKFWToken_GetSessionObjectHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (nssCKFWHash *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->sessionObjectHash;
-}
-
-/*
- * nssCKFWToken_GetMDObjectHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (nssCKFWHash *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->mdObjectHash;
-}
-
-/*
- * nssCKFWToken_GetObjectHandleHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (nssCKFWHash *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return fwToken->mdObjectHash;
-}
-
-/*
- * NSSCKFWToken_GetMDToken
- *
- */
-
-NSS_IMPLEMENT NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (NSSCKMDToken *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWToken_GetMDToken(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetArena
- *
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSCKFWToken_GetArena
-(
-  NSSCKFWToken *fwToken,
-  CK_RV *pError
-)
-{
-#ifdef DEBUG
-  if( (CK_RV *)NULL == pError ) {
-    return (NSSArena *)NULL;
-  }
-
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    *pError = CKR_ARGUMENTS_BAD;
-    return (NSSArena *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWToken_GetArena(fwToken, pError);
-}
-
-/*
- * NSSCKFWToken_GetFWSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (NSSCKFWSlot *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWToken_GetFWSlot(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetMDSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return (NSSCKMDSlot *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWToken_GetMDSlot(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetSessionState
- *
- */
-
-NSS_IMPLEMENT CK_STATE
-NSSCKFWSession_GetSessionState
-(
-  NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
-  if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
-    return CKS_RO_PUBLIC_SESSION;
-  }
-#endif /* DEBUG */
-
-  return nssCKFWToken_GetSessionState(fwToken);
-}
diff --git a/security/nss/lib/ckfw/wrap.c b/security/nss/lib/ckfw/wrap.c
deleted file mode 100644
index 3dc29ed01..000000000
--- a/security/nss/lib/ckfw/wrap.c
+++ /dev/null
@@ -1,3420 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * wrap.c
- *
- * This file contains the routines that actually implement the cryptoki
- * API, using the internal APIs of the NSS Cryptoki Framework.  There is
- * one routine here for every cryptoki routine.  For linking reasons
- * the actual entry points passed back with C_GetFunctionList have to
- * exist in one of the Module's source files; however, those are merely
- * simple wrappers that call these routines.  The intelligence of the
- * implementations is here.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWC_Initialize
- * NSSCKFWC_Finalize
- * NSSCKFWC_GetInfo
- * -- NSSCKFWC_GetFunctionList -- see the API insert file
- * NSSCKFWC_GetSlotList
- * NSSCKFWC_GetSlotInfo
- * NSSCKFWC_GetTokenInfo
- * NSSCKFWC_WaitForSlotEvent
- * NSSCKFWC_GetMechanismList
- * NSSCKFWC_GetMechanismInfo
- * NSSCKFWC_InitToken
- * NSSCKFWC_InitPIN
- * NSSCKFWC_SetPIN
- * NSSCKFWC_OpenSession
- * NSSCKFWC_CloseSession
- * NSSCKFWC_CloseAllSessions
- * NSSCKFWC_GetSessionInfo
- * NSSCKFWC_GetOperationState
- * NSSCKFWC_SetOperationState
- * NSSCKFWC_Login
- * NSSCKFWC_Logout
- * NSSCKFWC_CreateObject
- * NSSCKFWC_CopyObject
- * NSSCKFWC_DestroyObject
- * NSSCKFWC_GetObjectSize
- * NSSCKFWC_GetAttributeValue
- * NSSCKFWC_SetAttributeValue
- * NSSCKFWC_FindObjectsInit
- * NSSCKFWC_FindObjects
- * NSSCKFWC_FindObjectsFinal
- * NSSCKFWC_EncryptInit
- * NSSCKFWC_Encrypt
- * NSSCKFWC_EncryptUpdate
- * NSSCKFWC_EncryptFinal
- * NSSCKFWC_DecryptInit
- * NSSCKFWC_Decrypt
- * NSSCKFWC_DecryptUpdate
- * NSSCKFWC_DecryptFinal
- * NSSCKFWC_DigestInit
- * NSSCKFWC_Digest
- * NSSCKFWC_DigestUpdate
- * NSSCKFWC_DigestKey
- * NSSCKFWC_DigestFinal
- * NSSCKFWC_SignInit
- * NSSCKFWC_Sign
- * NSSCKFWC_SignUpdate
- * NSSCKFWC_SignFinal
- * NSSCKFWC_SignRecoverInit
- * NSSCKFWC_SignRecover
- * NSSCKFWC_VerifyInit
- * NSSCKFWC_Verify
- * NSSCKFWC_VerifyUpdate
- * NSSCKFWC_VerifyFinal
- * NSSCKFWC_VerifyRecoverInit
- * NSSCKFWC_VerifyRecover
- * NSSCKFWC_DigestEncryptUpdate
- * NSSCKFWC_DecryptDigestUpdate
- * NSSCKFWC_SignEncryptUpdate
- * NSSCKFWC_DecryptVerifyUpdate
- * NSSCKFWC_GenerateKey
- * NSSCKFWC_GenerateKeyPair
- * NSSCKFWC_WrapKey
- * NSSCKFWC_UnwrapKey
- * NSSCKFWC_DeriveKey
- * NSSCKFWC_SeedRandom
- * NSSCKFWC_GenerateRandom
- * NSSCKFWC_GetFunctionStatus
- * NSSCKFWC_CancelFunction
- */
-
-/*
- * NSSCKFWC_Initialize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Initialize
-(
-  NSSCKFWInstance **pFwInstance,
-  NSSCKMDInstance *mdInstance,
-  CK_VOID_PTR pInitArgs
-)
-{
-  CK_RV error = CKR_OK;
-
-  if( (NSSCKFWInstance **)NULL == pFwInstance ) {
-    error = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  if( (NSSCKFWInstance *)NULL != *pFwInstance ) {
-    error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
-    goto loser;
-  }
-
-  if( (NSSCKMDInstance *)NULL == mdInstance ) {
-    error = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  /* remember the locking args for those times we need to get a lock in code
-   * outside the framework.
-   */
-  nssSetLockArgs(pInitArgs);
-
-  *pFwInstance = nssCKFWInstance_Create(pInitArgs, mdInstance, &error);
-  if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_ARGUMENTS_BAD:
-  case CKR_CANT_LOCK:
-  case CKR_CRYPTOKI_ALREADY_INITIALIZED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_NEED_TO_CREATE_THREADS:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_Finalize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Finalize
-(
-  NSSCKFWInstance **pFwInstance
-)
-{
-  CK_RV error = CKR_OK;
-
-  if( (NSSCKFWInstance **)NULL == pFwInstance ) {
-    error = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  error = nssCKFWInstance_Destroy(*pFwInstance);
-
-  /* In any case */
-  *pFwInstance = (NSSCKFWInstance *)NULL;
-
- loser:
-  switch( error ) {
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OK:
-    break;
-  default:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_INFO_PTR pInfo
-)
-{
-  CK_RV error = CKR_OK;
-
-  if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here means a caller error
-   */
-  (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
-
-  pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
-
-  error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
-
-  error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-    break;
-  default:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-  
-/*
- * C_GetFunctionList is implemented entirely in the Module's file which
- * includes the Framework API insert file.  It requires no "actual"
- * NSSCKFW routine.
- */
-
-/*
- * NSSCKFWC_GetSlotList
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotList
-(
-  NSSCKFWInstance *fwInstance,
-  CK_BBOOL tokenPresent,
-  CK_SLOT_ID_PTR pSlotList,
-  CK_ULONG_PTR pulCount
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  switch( tokenPresent ) {
-  case CK_TRUE:
-  case CK_FALSE:
-    break;
-  default:
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
-    *pulCount = nSlots;
-    return CKR_OK;
-  } 
-    
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
-
-  if( *pulCount < nSlots ) {
-    *pulCount = nSlots;
-    error = CKR_BUFFER_TOO_SMALL;
-    goto loser;
-  } else {
-    CK_ULONG i;
-    *pulCount = nSlots;
-    
-    /* 
-     * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
-     * just index one when we need it.
-     */
-
-    for( i = 0; i < nSlots; i++ ) {
-      pSlotList[i] = i+1;
-    }
-
-    return CKR_OK;
-  }
-
- loser:
-  switch( error ) {
-  case CKR_BUFFER_TOO_SMALL:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
- 
-/*
- * NSSCKFWC_GetSlotInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_SLOT_INFO_PTR pInfo
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    pInfo->flags |= CKF_TOKEN_PRESENT;
-  }
-
-  if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
-    pInfo->flags |= CKF_REMOVABLE_DEVICE;
-  }
-
-  if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
-    pInfo->flags |= CKF_HW_SLOT;
-  }
-
-  pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
-  pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SLOT_ID_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetTokenInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetTokenInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_TOKEN_INFO_PTR pInfo
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    error = CKR_TOKEN_NOT_PRESENT;
-    goto loser;
-  }
-
-  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    goto loser;
-  }
-
-  error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  error = nssCKFWToken_GetModel(fwToken, pInfo->model);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  if( nssCKFWToken_GetHasRNG(fwToken) ) {
-    pInfo->flags |= CKF_RNG;
-  }
-
-  if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
-    pInfo->flags |= CKF_WRITE_PROTECTED;
-  }
-
-  if( nssCKFWToken_GetLoginRequired(fwToken) ) {
-    pInfo->flags |= CKF_LOGIN_REQUIRED;
-  }
-
-  if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
-    pInfo->flags |= CKF_USER_PIN_INITIALIZED;
-  }
-
-  if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
-    pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
-  }
-
-  if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
-    pInfo->flags |= CKF_CLOCK_ON_TOKEN;
-  }
-
-  if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
-    pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
-  }
-
-  if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
-    pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
-  }
-
-  pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
-  pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
-  pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
-  pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
-  pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
-  pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
-  pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
-  pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
-  pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
-  pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
-  pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
-  pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
-  
-  error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_DEVICE_REMOVED:
-  case CKR_TOKEN_NOT_PRESENT:
-    (void)nssCKFWToken_Destroy(fwToken);
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SLOT_ID_INVALID:
-  case CKR_TOKEN_NOT_RECOGNIZED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_WaitForSlotEvent
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
-  NSSCKFWInstance *fwInstance,
-  CK_FLAGS flags,
-  CK_SLOT_ID_PTR pSlot,
-  CK_VOID_PTR pReserved
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  CK_BBOOL block;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  CK_ULONG i;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  if( flags & ~CKF_DONT_BLOCK ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
-  if( (NSSCKFWSlot *)NULL == fwSlot ) {
-    goto loser;
-  }
-
-  for( i = 0; i < nSlots; i++ ) {
-    if( fwSlot == slots[i] ) {
-      *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
-      return CKR_OK;
-    }
-  }
-
-  error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
-
- loser:
-  switch( error ) {
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_NO_EVENT:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetMechanismList
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismList
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE_PTR pMechanismList,
-  CK_ULONG_PTR pulCount
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-  CK_ULONG count;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    error = CKR_TOKEN_NOT_PRESENT;
-    goto loser;
-  }
-
-  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    goto loser;
-  }
-
-  count = nssCKFWToken_GetMechanismCount(fwToken);
-
-  if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
-    *pulCount = count;
-    return CKR_OK;
-  }
-
-  if( *pulCount < count ) {
-    *pulCount = count;
-    error = CKR_BUFFER_TOO_SMALL;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
-
-  *pulCount = count;
-
-  if( 0 != count ) {
-    error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
-  } else {
-    error = CKR_OK;
-  }
-
-  if( CKR_OK == error ) {
-    return CKR_OK;
-  }
-
- loser:
-  switch( error ) {
-  case CKR_DEVICE_REMOVED:
-  case CKR_TOKEN_NOT_PRESENT:
-    (void)nssCKFWToken_Destroy(fwToken);
-    break;
-  case CKR_BUFFER_TOO_SMALL:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SLOT_ID_INVALID:
-  case CKR_TOKEN_NOT_RECOGNIZED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetMechanismInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_MECHANISM_TYPE type,
-  CK_MECHANISM_INFO_PTR pInfo
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-  NSSCKFWMechanism *fwMechanism;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    error = CKR_TOKEN_NOT_PRESENT;
-    goto loser;
-  }
-
-  if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
-
-  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    goto loser;
-  }
-
-  fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
-  if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
-    goto loser;
-  }
-
-  pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism);
-  pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism);
-
-  if( nssCKFWMechanism_GetInHardware(fwMechanism) ) {
-    pInfo->flags |= CKF_HW;
-  }
-
-  /* More here... */
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_DEVICE_REMOVED:
-  case CKR_TOKEN_NOT_PRESENT:
-    (void)nssCKFWToken_Destroy(fwToken);
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_MECHANISM_INVALID:
-  case CKR_SLOT_ID_INVALID:
-  case CKR_TOKEN_NOT_RECOGNIZED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_InitToken
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitToken
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen,
-  CK_CHAR_PTR pLabel
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-  NSSItem pin;
-  NSSUTF8 *label;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    error = CKR_TOKEN_NOT_PRESENT;
-    goto loser;
-  }
-
-  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    goto loser;
-  }
-
-  pin.size = (PRUint32)ulPinLen;
-  pin.data = (void *)pPin;
-  label = (NSSUTF8 *)pLabel; /* identity conversion */
-
-  error = nssCKFWToken_InitToken(fwToken, &pin, label);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_DEVICE_REMOVED:
-  case CKR_TOKEN_NOT_PRESENT:
-    (void)nssCKFWToken_Destroy(fwToken);
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_PIN_INCORRECT:
-  case CKR_PIN_LOCKED:
-  case CKR_SESSION_EXISTS:
-  case CKR_SLOT_ID_INVALID:
-  case CKR_TOKEN_NOT_RECOGNIZED:
-  case CKR_TOKEN_WRITE_PROTECTED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_InitPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitPIN
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSItem pin, *arg;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
-    arg = (NSSItem *)NULL;
-  } else {
-    arg = &pin;
-    pin.size = (PRUint32)ulPinLen;
-    pin.data = (void *)pPin;
-  }
-
-  error = nssCKFWSession_InitPIN(fwSession, arg);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_PIN_INVALID:
-  case CKR_PIN_LEN_RANGE:
-  case CKR_SESSION_READ_ONLY:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_TOKEN_WRITE_PROTECTED:
-  case CKR_USER_NOT_LOGGED_IN:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_SetPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetPIN
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_CHAR_PTR pOldPin,
-  CK_ULONG ulOldLen,
-  CK_CHAR_PTR pNewPin,
-  CK_ULONG ulNewLen
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSItem oldPin, newPin, *oldArg, *newArg;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
-    oldArg = (NSSItem *)NULL;
-  } else {
-    oldArg = &oldPin;
-    oldPin.size = (PRUint32)ulOldLen;
-    oldPin.data = (void *)pOldPin;
-  }
-
-  if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
-    newArg = (NSSItem *)NULL;
-  } else {
-    newArg = &newPin;
-    newPin.size = (PRUint32)ulNewLen;
-    newPin.data = (void *)pNewPin;
-  }
-
-  error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_PIN_INCORRECT:
-  case CKR_PIN_INVALID:
-  case CKR_PIN_LEN_RANGE:
-  case CKR_PIN_LOCKED:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_SESSION_READ_ONLY:
-  case CKR_TOKEN_WRITE_PROTECTED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_OpenSession
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_OpenSession
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID,
-  CK_FLAGS flags,
-  CK_VOID_PTR pApplication,
-  CK_NOTIFY Notify,
-  CK_SESSION_HANDLE_PTR phSession
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-  NSSCKFWSession *fwSession;
-  CK_BBOOL rw;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  if( flags & CKF_RW_SESSION ) {
-    rw = CK_TRUE;
-  } else {
-    rw = CK_FALSE;
-  }
-
-  if( flags & CKF_SERIAL_SESSION ) {
-    ;
-  } else {
-    error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
-    goto loser;
-  }
-
-  if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  *phSession = (CK_SESSION_HANDLE)0;
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    error = CKR_TOKEN_NOT_PRESENT;
-    goto loser;
-  }
-
-  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    goto loser;
-  }
-
-  fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
-               Notify, &error);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    goto loser;
-  }
-
-  *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
-                 fwSession, &error);
-  if( (CK_SESSION_HANDLE)0 == *phSession ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SESSION_COUNT:
-  case CKR_SESSION_EXISTS:
-  case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
-  case CKR_SESSION_READ_WRITE_SO_EXISTS:
-  case CKR_SLOT_ID_INVALID:
-  case CKR_TOKEN_NOT_PRESENT:
-  case CKR_TOKEN_NOT_RECOGNIZED:
-  case CKR_TOKEN_WRITE_PROTECTED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_CloseSession
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseSession
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
-  error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
-
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_CloseAllSessions
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseAllSessions
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SLOT_ID slotID
-)
-{
-  CK_RV error = CKR_OK;
-  CK_ULONG nSlots;
-  NSSCKFWSlot **slots;
-  NSSCKFWSlot *fwSlot;
-  NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
-  if( (CK_ULONG)0 == nSlots ) {
-    goto loser;
-  }
-
-  if( (slotID < 1) || (slotID > nSlots) ) {
-    error = CKR_SLOT_ID_INVALID;
-    goto loser;
-  }
-
-  slots = nssCKFWInstance_GetSlots(fwInstance, &error);
-  if( (NSSCKFWSlot **)NULL == slots ) {
-    goto loser;
-  }
-
-  fwSlot = slots[ slotID-1 ];
-
-  if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
-    error = CKR_TOKEN_NOT_PRESENT;
-    goto loser;
-  }
-
-  fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
-  if( (NSSCKFWToken *)NULL == fwToken ) {
-    goto loser;
-  }
-
-  error = nssCKFWToken_CloseAllSessions(fwToken);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SLOT_ID_INVALID:
-  case CKR_TOKEN_NOT_PRESENT:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetSessionInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSessionInfo
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_SESSION_INFO_PTR pInfo
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWSlot *fwSlot;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
-
-  fwSlot = nssCKFWSession_GetFWSlot(fwSession);
-  if( (NSSCKFWSlot *)NULL == fwSlot ) {
-    error = CKR_GENERAL_ERROR;
-    goto loser;
-  }
-
-  pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
-  pInfo->state = nssCKFWSession_GetSessionState(fwSession);
-
-  if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
-    pInfo->flags |= CKF_RW_SESSION;
-  }
-
-  pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
-
-  pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetOperationState
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG_PTR pulOperationStateLen
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  CK_ULONG len;
-  NSSItem buf;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
-  if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
-    goto loser;
-  }
-
-  if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
-    *pulOperationStateLen = len;
-    return CKR_OK;
-  }
-
-  if( *pulOperationStateLen < len ) {
-    *pulOperationStateLen = len;
-    error = CKR_BUFFER_TOO_SMALL;
-    goto loser;
-  }
-
-  buf.size = (PRUint32)*pulOperationStateLen;
-  buf.data = (void *)pOperationState;
-  *pulOperationStateLen = len;
-  error = nssCKFWSession_GetOperationState(fwSession, &buf);
-
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_BUFFER_TOO_SMALL:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OPERATION_NOT_INITIALIZED:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_STATE_UNSAVEABLE:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_SetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetOperationState
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pOperationState,
-  CK_ULONG ulOperationStateLen,
-  CK_OBJECT_HANDLE hEncryptionKey,
-  CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *eKey;
-  NSSCKFWObject *aKey;
-  NSSItem state;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /* 
-   * We could loop through the buffer, to catch any purify errors
-   * in a place with a "user error" note.
-   */
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
-    eKey = (NSSCKFWObject *)NULL;
-  } else {
-    eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
-    if( (NSSCKFWObject *)NULL == eKey ) {
-      error = CKR_KEY_HANDLE_INVALID;
-      goto loser;
-    }
-  }
-
-  if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
-    aKey = (NSSCKFWObject *)NULL;
-  } else {
-    aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
-    if( (NSSCKFWObject *)NULL == aKey ) {
-      error = CKR_KEY_HANDLE_INVALID;
-      goto loser;
-    }
-  }
-
-  error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_KEY_CHANGED:
-  case CKR_KEY_NEEDED:
-  case CKR_KEY_NOT_NEEDED:
-  case CKR_SAVED_STATE_INVALID:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_Login
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Login
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_USER_TYPE userType,
-  CK_CHAR_PTR pPin,
-  CK_ULONG ulPinLen
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSItem pin, *arg;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
-    arg = (NSSItem *)NULL;
-  } else {
-    arg = &pin;
-    pin.size = (PRUint32)ulPinLen;
-    pin.data = (void *)pPin;
-  }
-
-  error = nssCKFWSession_Login(fwSession, userType, arg);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_PIN_EXPIRED:
-  case CKR_PIN_INCORRECT:
-  case CKR_PIN_LOCKED:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_SESSION_READ_ONLY_EXISTS:
-  case CKR_USER_ALREADY_LOGGED_IN:
-  case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
-  case CKR_USER_PIN_NOT_INITIALIZED:
-  case CKR_USER_TOO_MANY_TYPES:
-  case CKR_USER_TYPE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_Logout
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Logout
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  error = nssCKFWSession_Logout(fwSession);
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_USER_NOT_LOGGED_IN:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_CreateObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CreateObject
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phObject
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *fwObject;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  *phObject = (CK_OBJECT_HANDLE)0;
-
-  fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
-               ulCount, &error);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    goto loser;
-  }
-
-  *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
-  if( (CK_OBJECT_HANDLE)0 == *phObject ) {
-    nssCKFWObject_Destroy(fwObject);
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_ATTRIBUTE_READ_ONLY:
-  case CKR_ATTRIBUTE_TYPE_INVALID:
-  case CKR_ATTRIBUTE_VALUE_INVALID:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_SESSION_READ_ONLY:
-  case CKR_TEMPLATE_INCOMPLETE:
-  case CKR_TEMPLATE_INCONSISTENT:
-  case CKR_TOKEN_WRITE_PROTECTED:
-  case CKR_USER_NOT_LOGGED_IN:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_CopyObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CopyObject
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *fwObject;
-  NSSCKFWObject *fwNewObject;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  *phNewObject = (CK_OBJECT_HANDLE)0;
-
-  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    error = CKR_OBJECT_HANDLE_INVALID;
-    goto loser;
-  }
-
-  fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
-                  pTemplate, ulCount, &error);
-  if( (NSSCKFWObject *)NULL == fwNewObject ) {
-    goto loser;
-  }
-
-  *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance, 
-                   fwNewObject, &error);
-  if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
-    nssCKFWObject_Destroy(fwNewObject);
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_ATTRIBUTE_READ_ONLY:
-  case CKR_ATTRIBUTE_TYPE_INVALID:
-  case CKR_ATTRIBUTE_VALUE_INVALID:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OBJECT_HANDLE_INVALID:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_SESSION_READ_ONLY:
-  case CKR_TEMPLATE_INCONSISTENT:
-  case CKR_TOKEN_WRITE_PROTECTED:
-  case CKR_USER_NOT_LOGGED_IN:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_DestroyObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DestroyObject
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *fwObject;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    error = CKR_OBJECT_HANDLE_INVALID;
-    goto loser;
-  }
-
-  nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
-  nssCKFWObject_Destroy(fwObject);
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OBJECT_HANDLE_INVALID:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_SESSION_READ_ONLY:
-  case CKR_TOKEN_WRITE_PROTECTED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetObjectSize
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ULONG_PTR pulSize
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *fwObject;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    error = CKR_OBJECT_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  *pulSize = (CK_ULONG)0;
-
-  *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
-  if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_INFORMATION_SENSITIVE:
-  case CKR_OBJECT_HANDLE_INVALID:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetAttributeValue
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetAttributeValue
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *fwObject;
-  CK_BBOOL sensitive = CK_FALSE;
-  CK_BBOOL invalid = CK_FALSE;
-  CK_BBOOL tooSmall = CK_FALSE;
-  CK_ULONG i;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    error = CKR_OBJECT_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  for( i = 0; i < ulCount; i++ ) {
-    CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject, 
-                      pTemplate[i].type, &error);
-    if( (CK_ULONG)0 == size ) {
-      switch( error ) {
-      case CKR_ATTRIBUTE_SENSITIVE:
-      case CKR_INFORMATION_SENSITIVE:
-        sensitive = CK_TRUE;
-        pTemplate[i].ulValueLen = (CK_ULONG)(-1);
-        continue;
-      case CKR_ATTRIBUTE_TYPE_INVALID:
-        invalid = CK_TRUE;
-        pTemplate[i].ulValueLen = (CK_ULONG)(-1);
-        continue;
-      case CKR_OK:
-        break;
-      default:
-        goto loser;
-      }
-    }
-
-    if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
-      pTemplate[i].ulValueLen = size;
-    } else {
-      NSSItem it, *p;
-
-      if( pTemplate[i].ulValueLen < size ) {
-        tooSmall = CK_TRUE;
-        continue;
-      }
-
-      it.size = (PRUint32)pTemplate[i].ulValueLen;
-      it.data = (void *)pTemplate[i].pValue;
-      p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it, 
-            (NSSArena *)NULL, &error);
-      if( (NSSItem *)NULL == p ) {
-        switch( error ) {
-        case CKR_ATTRIBUTE_SENSITIVE:
-        case CKR_INFORMATION_SENSITIVE:
-          sensitive = CK_TRUE;
-          pTemplate[i].ulValueLen = (CK_ULONG)(-1);
-          continue;
-        case CKR_ATTRIBUTE_TYPE_INVALID:
-          invalid = CK_TRUE;
-          pTemplate[i].ulValueLen = (CK_ULONG)(-1);
-          continue;
-        default:
-          goto loser;
-        }
-      }
-
-      pTemplate[i].ulValueLen = size;
-    }
-  }
-
-  if( sensitive ) {
-    error = CKR_ATTRIBUTE_SENSITIVE;
-    goto loser;
-  } else if( invalid ) {
-    error = CKR_ATTRIBUTE_TYPE_INVALID;
-    goto loser;
-  } else if( tooSmall ) {
-    error = CKR_BUFFER_TOO_SMALL;
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_ATTRIBUTE_SENSITIVE:
-  case CKR_ATTRIBUTE_TYPE_INVALID:
-  case CKR_BUFFER_TOO_SMALL:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OBJECT_HANDLE_INVALID:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-  
-/*
- * NSSCKFWC_SetAttributeValue
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetAttributeValue
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hObject,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWObject *fwObject;
-  NSSCKFWObject *newFwObject;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
-  if( (NSSCKFWObject *)NULL == fwObject ) {
-    error = CKR_OBJECT_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject, pTemplate, 
-                  ulCount, &error);
-  if( (NSSCKFWObject *)NULL == newFwObject ) {
-    goto loser;
-  }
-
-  error = nssCKFWInstance_ReassignObjectHandle(fwInstance, hObject, newFwObject);
-  nssCKFWObject_Destroy(fwObject);
-
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_ATTRIBUTE_READ_ONLY:
-  case CKR_ATTRIBUTE_TYPE_INVALID:
-  case CKR_ATTRIBUTE_VALUE_INVALID:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OBJECT_HANDLE_INVALID:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_SESSION_READ_ONLY:
-  case CKR_TEMPLATE_INCONSISTENT:
-  case CKR_TOKEN_WRITE_PROTECTED:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_FindObjectsInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWFindObjects *fwFindObjects;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
-  if( (NSSCKFWFindObjects *)NULL != fwFindObjects ) {
-    error = CKR_OPERATION_ACTIVE;
-    goto loser;
-  }
-
-  if( CKR_OPERATION_NOT_INITIALIZED != error ) {
-    goto loser;
-  }
-
-  fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
-                    pTemplate, ulCount, &error);
-  if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
-    goto loser;
-  }
-
-  error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
-
-  if( CKR_OK != error ) {
-    nssCKFWFindObjects_Destroy(fwFindObjects);
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_ATTRIBUTE_TYPE_INVALID:
-  case CKR_ATTRIBUTE_VALUE_INVALID:
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OPERATION_ACTIVE:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_FindObjects
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjects
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE_PTR phObject,
-  CK_ULONG ulMaxObjectCount,
-  CK_ULONG_PTR pulObjectCount
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWFindObjects *fwFindObjects;
-  CK_ULONG i;
-  NSSArena *arena;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-#ifdef notdef
-  arena = nssCKFWSession_GetArena(fwSession, &error);
-  if( (NSSArena *)NULL == arena ) {
-    goto loser;
-  }
-#endif
-
-  if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
-  *pulObjectCount = (CK_ULONG)0;
-
-  fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
-  if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
-    goto loser;
-  }
-
-  for( i = 0; i < ulMaxObjectCount; i++ ) {
-    NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
-                                NULL, &error);
-    if( (NSSCKFWObject *)NULL == fwObject ) {
-      break;
-    }
-
-    phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
-    if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
-      phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
-    }
-    if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
-      /* This isn't right either, is it? */
-      nssCKFWObject_Destroy(fwObject);
-      goto loser;
-    }
-  }
-
-  *pulObjectCount = i;
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OPERATION_NOT_INITIALIZED:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_FindObjectsFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSCKFWFindObjects *fwFindObjects;
-  
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-  
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
-  if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
-    error = CKR_OPERATION_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  nssCKFWFindObjects_Destroy(fwFindObjects);
-  error = nssCKFWSession_SetFWFindObjects(fwSession, (NSSCKFWFindObjects *)NULL);
-
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OPERATION_NOT_INITIALIZED:
-  case CKR_SESSION_HANDLE_INVALID:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_EncryptInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Encrypt
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Encrypt
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG_PTR pulEncryptedDataLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_EncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_EncryptFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastEncryptedPart,
-  CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Decrypt
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Decrypt
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedData,
-  CK_ULONG ulEncryptedDataLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pLastPart,
-  CK_ULONG_PTR pulLastPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Digest
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Digest
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pDigest,
-  CK_ULONG_PTR pulDigestLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Sign
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Sign
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignRecoverInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecoverInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignRecover
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecover
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG_PTR pulSignatureLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Verify
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Verify
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyFinal
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyRecoverInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyRecover
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecover
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSignature,
-  CK_ULONG ulSignatureLen,
-  CK_BYTE_PTR pData,
-  CK_ULONG_PTR pulDataLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestEncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptDigestUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignEncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pPart,
-  CK_ULONG ulPartLen,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG_PTR pulEncryptedPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptVerifyUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pEncryptedPart,
-  CK_ULONG ulEncryptedPartLen,
-  CK_BYTE_PTR pPart,
-  CK_ULONG_PTR pulPartLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_GenerateKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_GenerateKeyPair
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKeyPair
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-  CK_ULONG ulPublicKeyAttributeCount,
-  CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-  CK_ULONG ulPrivateKeyAttributeCount,
-  CK_OBJECT_HANDLE_PTR phPublicKey,
-  CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_WrapKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_WrapKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hWrappingKey,
-  CK_OBJECT_HANDLE hKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG_PTR pulWrappedKeyLen
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_UnwrapKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_UnwrapKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hUnwrappingKey,
-  CK_BYTE_PTR pWrappedKey,
-  CK_ULONG ulWrappedKeyLen,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DeriveKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DeriveKey
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_MECHANISM_PTR pMechanism,
-  CK_OBJECT_HANDLE hBaseKey,
-  CK_ATTRIBUTE_PTR pTemplate,
-  CK_ULONG ulAttributeCount,
-  CK_OBJECT_HANDLE_PTR phKey
-)
-{
-  return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SeedRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SeedRandom
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pSeed,
-  CK_ULONG ulSeedLen
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSItem seed;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /* We could read through the buffer in a Purify trap */
-
-  seed.size = (PRUint32)ulSeedLen;
-  seed.data = (void *)pSeed;
-
-  error = nssCKFWSession_SeedRandom(fwSession, &seed);
-
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_CANCELED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OPERATION_ACTIVE:
-  case CKR_RANDOM_SEED_NOT_SUPPORTED:
-  case CKR_RANDOM_NO_RNG:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_USER_NOT_LOGGED_IN:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GenerateRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateRandom
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession,
-  CK_BYTE_PTR pRandomData,
-  CK_ULONG ulRandomLen
-)
-{
-  CK_RV error = CKR_OK;
-  NSSCKFWSession *fwSession;
-  NSSItem buffer;
-
-  if( (NSSCKFWInstance *)NULL == fwInstance ) {
-    error = CKR_CRYPTOKI_NOT_INITIALIZED;
-    goto loser;
-  }
-
-  fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
-  if( (NSSCKFWSession *)NULL == fwSession ) {
-    error = CKR_SESSION_HANDLE_INVALID;
-    goto loser;
-  }
-
-  if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
-    error = CKR_ARGUMENTS_BAD;
-    goto loser;
-  }
-
-  /*
-   * A purify error here indicates caller error.
-   */
-  (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
-
-  buffer.size = (PRUint32)ulRandomLen;
-  buffer.data = (void *)pRandomData;
-
-  error = nssCKFWSession_GetRandom(fwSession, &buffer);
-
-  if( CKR_OK != error ) {
-    goto loser;
-  }
-
-  return CKR_OK;
-
- loser:
-  switch( error ) {
-  case CKR_SESSION_CLOSED:
-    /* destroy session? */
-    break;
-  case CKR_DEVICE_REMOVED:
-    /* (void)nssCKFWToken_Destroy(fwToken); */
-    break;
-  case CKR_CRYPTOKI_NOT_INITIALIZED:
-  case CKR_DEVICE_ERROR:
-  case CKR_DEVICE_MEMORY:
-  case CKR_FUNCTION_CANCELED:
-  case CKR_FUNCTION_FAILED:
-  case CKR_GENERAL_ERROR:
-  case CKR_HOST_MEMORY:
-  case CKR_OPERATION_ACTIVE:
-  case CKR_RANDOM_NO_RNG:
-  case CKR_SESSION_HANDLE_INVALID:
-  case CKR_USER_NOT_LOGGED_IN:
-    break;
-  default:
-  case CKR_OK:
-    error = CKR_GENERAL_ERROR;
-    break;
-  }
-
-  return error;
-}
-
-/*
- * NSSCKFWC_GetFunctionStatus
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetFunctionStatus
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/*
- * NSSCKFWC_CancelFunction
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CancelFunction
-(
-  NSSCKFWInstance *fwInstance,
-  CK_SESSION_HANDLE hSession
-)
-{
-  return CKR_FUNCTION_NOT_PARALLEL;
-}
diff --git a/security/nss/lib/crmf/Makefile b/security/nss/lib/crmf/Makefile
deleted file mode 100644
index a376529c7..000000000
--- a/security/nss/lib/crmf/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-export:: private_export
diff --git a/security/nss/lib/crmf/asn1cmn.c b/security/nss/lib/crmf/asn1cmn.c
deleted file mode 100644
index 3ca062027..000000000
--- a/security/nss/lib/crmf/asn1cmn.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cmmf.h"
-#include "cmmfi.h"
-
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(SEC_IntegerTemplate)
-SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
-
-static const SEC_ASN1Template CMMFCertResponseTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse)},
-    { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId)},
-    { SEC_ASN1_INLINE, offsetof(CMMFCertResponse, status), 
-      CMMFPKIStatusInfoTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER, 
-      offsetof(CMMFCertResponse, certifiedKeyPair),
-      CMMFCertifiedKeyPairTemplate},
-    { 0 }
-};
-
-static const SEC_ASN1Template CMMFCertOrEncCertTemplate[] = {
-    { SEC_ASN1_ANY, offsetof(CMMFCertOrEncCert, derValue), NULL, 
-      sizeof(CMMFCertOrEncCert)},
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertifiedKeyPair)},
-    { SEC_ASN1_INLINE, offsetof(CMMFCertifiedKeyPair, certOrEncCert),
-      CMMFCertOrEncCertTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0,
-      offsetof(CMMFCertifiedKeyPair, privateKey),
-      CRMFEncryptedValueTemplate},
-    { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 
-      SEC_ASN1_XTRN | 1,
-      offsetof (CMMFCertifiedKeyPair, derPublicationInfo),
-      SEC_ASN1_SUB(SEC_AnyTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFPKIStatusInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFPKIStatusInfo)},
-    { SEC_ASN1_INTEGER, offsetof(CMMFPKIStatusInfo, status)},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_UTF8_STRING, 
-      offsetof(CMMFPKIStatusInfo, statusString)},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING, 
-      offsetof(CMMFPKIStatusInfo, failInfo)},
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFSequenceOfCertsTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF| SEC_ASN1_XTRN, 0, 
-			SEC_ASN1_SUB(SEC_SignedCertificateTemplate)}
-};
-
-const SEC_ASN1Template CMMFRandTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFRand)},
-    { SEC_ASN1_INTEGER, offsetof(CMMFRand, integer)},
-    { SEC_ASN1_OCTET_STRING, offsetof(CMMFRand, senderHash)},
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 
-      offsetof(CMMFPOPODecKeyRespContent, responses),
-      SEC_ASN1_SUB(SEC_IntegerTemplate), 
-      sizeof(CMMFPOPODecKeyRespContent)},
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 1,
-      0,
-      CRMFEncryptedValueTemplate},
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-      0,
-      SEC_ASN1_SUB(SEC_SignedCertificateTemplate)},
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFCertRepContentTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertRepContent)},
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
-      SEC_ASN1_CONTEXT_SPECIFIC | 1,
-      offsetof(CMMFCertRepContent, caPubs),
-      CMMFSequenceOfCertsTemplate },
-    { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFCertRepContent, response),
-      CMMFCertResponseTemplate},
-    { 0 }
-};
-
-static const SEC_ASN1Template CMMFChallengeTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge)},
-    { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN, 
-      offsetof(CMMFChallenge, owf),
-      SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, witness) },
-    { SEC_ASN1_ANY, offsetof(CMMFChallenge, senderDER) },
-    { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, key) },
-    { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, challenge) },
-    { 0 }
-};
-
-const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF,offsetof(CMMFPOPODecKeyChallContent, challenges),
-      CMMFChallengeTemplate, sizeof(CMMFPOPODecKeyChallContent) },
-    { 0 }
-};
-
-SECStatus
-cmmf_decode_process_cert_response(PRArenaPool      *poolp, 
-				  CERTCertDBHandle *db,
-				  CMMFCertResponse *inCertResp)
-{
-    SECStatus rv = SECSuccess;
-  
-    if (inCertResp->certifiedKeyPair != NULL) {
-        rv = cmmf_decode_process_certified_key_pair(poolp, 
-						    db,
-						inCertResp->certifiedKeyPair);
-    }
-    return rv;
-}
-
-static CERTCertificate*
-cmmf_DecodeDERCertificate(CERTCertDBHandle *db, SECItem *derCert)
-{
-    CERTCertificate *newCert;
-
-    newCert = CERT_NewTempCertificate(db, derCert, NULL, PR_FALSE, PR_TRUE);
-    return newCert;
-}
-
-static CMMFCertOrEncCertChoice
-cmmf_get_certorenccertchoice_from_der(SECItem *der)
-{
-    CMMFCertOrEncCertChoice retChoice; 
-
-    switch(der->data[0] & 0x0f) {
-    case 0:
-        retChoice = cmmfCertificate;
-	break;
-    case 1:
-        retChoice = cmmfEncryptedCert;
-	break;
-    default:
-        retChoice = cmmfNoCertOrEncCert;
-	break;
-    }
-    return retChoice;
-}
-
-static SECStatus
-cmmf_decode_process_certorenccert(PRArenaPool       *poolp,
-				  CERTCertDBHandle  *db,
-				  CMMFCertOrEncCert *inCertOrEncCert)
-{
-    SECStatus rv = SECSuccess;
-
-    inCertOrEncCert->choice = 
-        cmmf_get_certorenccertchoice_from_der(&inCertOrEncCert->derValue);
-
-    switch (inCertOrEncCert->choice) {
-    case cmmfCertificate:
-        {
-	    /* The DER has implicit tagging, so we gotta switch it to 
-	     * un-tagged in order for the ASN1 parser to understand it.
-	     * Saving the bits that were changed.
-	     */ 
-	    inCertOrEncCert->derValue.data[0] = 0x30;
-	    inCertOrEncCert->cert.certificate = 
-	        cmmf_DecodeDERCertificate(db, &inCertOrEncCert->derValue);
-	    if (inCertOrEncCert->cert.certificate == NULL) {
-	        rv = SECFailure;
-	    }
-	
-	}
-	break;
-    case cmmfEncryptedCert:
-        inCertOrEncCert->cert.encryptedCert =
-	    PORT_ArenaZNew(poolp, CRMFEncryptedValue);
-	if (inCertOrEncCert->cert.encryptedCert == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	rv = SEC_ASN1Decode(poolp, inCertOrEncCert->cert.encryptedCert, 
-			    CMMFCertOrEncCertEncryptedCertTemplate, 
-			    (const char*)inCertOrEncCert->derValue.data,
-			    inCertOrEncCert->derValue.len);
-	break;
-    default:
-        rv = SECFailure;
-    }
-    return rv;
-}
-
-SECStatus 
-cmmf_decode_process_certified_key_pair(PRArenaPool          *poolp,
-				       CERTCertDBHandle     *db,
-				       CMMFCertifiedKeyPair *inCertKeyPair)
-{
-    return cmmf_decode_process_certorenccert (poolp,
-					      db,
-					      &inCertKeyPair->certOrEncCert);
-}
-
-
diff --git a/security/nss/lib/crmf/challcli.c b/security/nss/lib/crmf/challcli.c
deleted file mode 100644
index bf385609a..000000000
--- a/security/nss/lib/crmf/challcli.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secder.h"
-
-CMMFPOPODecKeyChallContent*
-CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len)
-{
-    PRArenaPool                *poolp;
-    CMMFPOPODecKeyChallContent *challContent;
-    SECStatus                   rv;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
-    if (challContent == NULL) {
-        goto loser;
-    }
-    challContent->poolp = poolp;
-    rv = SEC_ASN1Decode(poolp, challContent, 
-			CMMFPOPODecKeyChallContentTemplate, buf, len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    if (challContent->challenges) {
-      while (challContent->challenges[challContent->numChallenges] != NULL) {
-	  challContent->numChallenges++;
-      }
-      challContent->numAllocated = challContent->numChallenges;
-    }
-    return challContent;
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-int
-CMMF_POPODecKeyChallContentGetNumChallenges 
-                              (CMMFPOPODecKeyChallContent *inKeyChallCont)
-{
-    PORT_Assert(inKeyChallCont != NULL);
-    if (inKeyChallCont == NULL) {
-        return 0;
-    }
-    return inKeyChallCont->numChallenges;
-}
-
-SECItem* 
-CMMF_POPODecKeyChallContentGetPublicValue
-                                   (CMMFPOPODecKeyChallContent *inKeyChallCont,
-				    int                         inIndex)
-{
-    PORT_Assert(inKeyChallCont != NULL);
-    if (inKeyChallCont == NULL || (inIndex > inKeyChallCont->numChallenges-1)||
-	inIndex < 0) {
-        return NULL;
-    }
-    return SECITEM_DupItem(&inKeyChallCont->challenges[inIndex]->key);
-}
-
-static SECAlgorithmID*
-cmmf_get_owf(CMMFPOPODecKeyChallContent *inChalCont, 
-	     int                         inIndex)
-{
-   int i;
-   
-   for (i=inIndex; i >= 0; i--) {
-       if (inChalCont->challenges[i]->owf != NULL) {
-	   return inChalCont->challenges[i]->owf;
-       }
-   }
-   return NULL;
-}
-
-SECStatus 
-CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
-					 int                         inIndex,
-					 SECKEYPrivateKey           *inPrivKey)
-{
-    CMMFChallenge  *challenge;
-    SECItem        *decryptedRand=NULL;
-    SECStatus       rv = SECFailure;
-    PK11SlotInfo   *slot;
-    PK11SymKey     *symKey = NULL;
-    CMMFRand        randStr;
-    SECAlgorithmID *owf;
-    unsigned char   hash[SHA1_LENGTH]; /*SHA1 is the longest, so we'll use
-					*it's length.
-					*/
-    SECItem         hashItem;
-    SECOidTag       tag;
-
-    PORT_Assert(inChalCont != NULL && inPrivKey != NULL);
-    if (inChalCont == NULL || inIndex <0 || inIndex > inChalCont->numChallenges
-	|| inPrivKey == NULL){
-        return SECFailure;
-    }
-    challenge = inChalCont->challenges[inIndex];
-    decryptedRand = PORT_ZNew(SECItem);
-    if (decryptedRand == NULL) {
-        goto loser;
-    }
-    decryptedRand->data = 
-        PORT_NewArray(unsigned char, challenge->challenge.len);
-    if (decryptedRand->data == NULL) {
-        goto loser;
-    }
-    slot = inPrivKey->pkcs11Slot;
-    symKey = PK11_PubUnwrapSymKey(inPrivKey, &challenge->challenge, 
-				  CKM_RSA_PKCS, CKA_VALUE, 0);
-    if (symKey == NULL) {
-      rv = SECFailure;
-      goto loser;
-    }
-    rv = PK11_ExtractKeyValue(symKey);
-    if (rv != SECSuccess) {
-      goto loser;
-    }
-    decryptedRand = PK11_GetKeyData(symKey);
-    rv = SEC_ASN1DecodeItem(NULL, &randStr, CMMFRandTemplate,
-			    decryptedRand); 
-    /* The decryptedRand returned points to a member within the symKey structure,
-     * so we don't want to free it. Let the symKey destruction function deal with
-     * freeing that memory.
-     */
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = SECFailure; /* Just so that when we do go to loser,
-		      * I won't have to set it again.
-		      */
-    owf = cmmf_get_owf(inChalCont, inIndex);
-    if (owf == NULL) {
-        /* No hashing algorithm came with the challenges.  Can't verify */
-        goto loser;
-    }
-    /* Verify the hashes in the challenge */
-    tag = SECOID_FindOIDTag(&owf->algorithm);
-    switch (tag) {
-    case SEC_OID_MD2:
-        hashItem.len = MD2_LENGTH;
-	break;
-    case SEC_OID_MD5:
-        hashItem.len = MD5_LENGTH;
-	break;
-    case SEC_OID_SHA1:
-        hashItem.len = SHA1_LENGTH;
-	break;
-    default:
-        goto loser;
-    }
-    rv = PK11_HashBuf(tag, hash, randStr.integer.data, randStr.integer.len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    hashItem.data = hash;
-    if (SECITEM_CompareItem(&hashItem, &challenge->witness) != SECEqual) {
-        /* The hash for the data we decrypted doesn't match the hash provided
-	 * in the challenge.  Bail out.
-	 */
-        rv = SECFailure;
-	goto loser;
-    }
-    rv = PK11_HashBuf(tag, hash, challenge->senderDER.data, 
-		      challenge->senderDER.len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    if (SECITEM_CompareItem(&hashItem, &randStr.senderHash) != SECEqual) {
-        /* The hash for the data we decrypted doesn't match the hash provided
-	 * in the challenge.  Bail out.
-	 */
-        rv = SECFailure;
-	goto loser;
-    }
-    /* All of the hashes have verified, so we can now store the integer away.*/
-    rv = SECITEM_CopyItem(inChalCont->poolp, &challenge->randomNumber,
-			  &randStr.integer);
- loser:
-    if (symKey != NULL) {
-        PK11_FreeSymKey(symKey);
-    }
-    return rv;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContentGetRandomNumber
-                                   (CMMFPOPODecKeyChallContent *inKeyChallCont,
-				    int                          inIndex,
-				    long                        *inDest)
-{
-    CMMFChallenge *challenge;
-    
-    PORT_Assert(inKeyChallCont != NULL);
-    if (inKeyChallCont == NULL || inIndex > 0 || inIndex >= 
-	inKeyChallCont->numChallenges) {
-        return SECFailure;
-    }
-    challenge = inKeyChallCont->challenges[inIndex];
-    if (challenge->randomNumber.data == NULL) {
-        /* There is no random number here, nothing to see. */
-        return SECFailure;
-    }
-    *inDest = DER_GetInteger(&challenge->randomNumber);
-    return (*inDest == -1) ? SECFailure : SECSuccess;
-}
-
-SECStatus 
-CMMF_EncodePOPODecKeyRespContent(long                     *inDecodedRand,
-				 int                       inNumRand,
-				 CRMFEncoderOutputCallback inCallback,
-				 void                     *inArg)
-{
-    PRArenaPool *poolp;
-    CMMFPOPODecKeyRespContent *response;
-    SECItem *currItem;
-    SECStatus rv=SECFailure;
-    int i;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return SECFailure;
-    }
-    response = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
-    if (response == NULL) {
-        goto loser;
-    }
-    response->responses = PORT_ArenaZNewArray(poolp, SECItem*, inNumRand+1);
-    if (response->responses == NULL) {
-        goto loser;
-    }
-    for (i=0; i<inNumRand; i++) {
-        currItem = response->responses[i] = PORT_ArenaZNew(poolp,SECItem);
-	if (currItem == NULL) {
-	    goto loser;
-	}
-	SEC_ASN1EncodeInteger(poolp, currItem,inDecodedRand[i]);
-    }
-    rv = cmmf_user_encode(response, inCallback, inArg,
-			  CMMFPOPODecKeyRespContentTemplate);
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return rv;
-}
diff --git a/security/nss/lib/crmf/cmmf.h b/security/nss/lib/crmf/cmmf.h
deleted file mode 100644
index a10220429..000000000
--- a/security/nss/lib/crmf/cmmf.h
+++ /dev/null
@@ -1,1119 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMF_H_
-#define _CMMF_H_
-/*
- * These are the functions exported by the security library for 
- * implementing Certificate Management Message Formats (CMMF).
- *
- * This API is designed against July 1998 CMMF draft.  Please read this
- * draft before trying to use this API in an application that use CMMF.
- */
-#include "seccomon.h"
-#include "cmmft.h"
-#include "crmf.h"
-
-SEC_BEGIN_PROTOS
-
-/******************* Creation Functions *************************/
-
-/*
- * FUNCTION: CMMF_CreateCertRepContent
- * INPUTS:
- *    NONE
- * NOTES:
- *    This function will create an empty CMMFCertRepContent Structure.  
- *    The client of the library must set the CMMFCertResponses.
- *    Call CMMF_CertRepContentSetCertResponse to accomplish this task.
- *    If the client of the library also wants to include the chain of 
- *    CA certs required to make the certificates in CMMFCertResponse valid, 
- *    then the user must also set the caPubs field of CMMFCertRepContent.
- *    Call CMMF_CertRepContentSetCAPubs to accomplish this.  After setting
- *    the desired fields, the user can then call CMMF_EncodeCertRepContent 
- *    to DER-encode the CertRepContent.
- * RETURN:
- *    A pointer to the CMMFCertRepContent.  A NULL return value indicates 
- *    an error in allocating memory or failure to initialize the structure.
- */
-extern CMMFCertRepContent* CMMF_CreateCertRepContent(void);
-
-/*
- * FUNCTION: CMMF_CreateCertRepContentFromDER
- * INPUTS
- *    db
- *        The certificate database where the certificates will be placed.
- *        The certificates will be placed in the temporary database associated
- *        with the handle. 
- *    buf
- *        A buffer to the DER-encoded CMMFCertRepContent
- *    len
- *        The length in bytes of the buffer 'buf'
- * NOTES:
- *    This function passes the buffer to the ASN1 decoder and creates a
- *    CMMFCertRepContent structure.  The user must call 
- *    CMMF_DestroyCertRepContent after the return value is no longer needed.
- *
- * RETURN:
- *    A pointer to the CMMFCertRepContent structure.  A NULL return
- *    value indicates the library was unable to parse the DER.
- */
-extern CMMFCertRepContent* 
-       CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db, 
-					const char       *buf, 
-					long              len);
-
-/*
- * FUNCTION: CMMF_CreateCertResponse
- * INPUTS:
- *    inCertReqId
- *        The Certificate Request Id this response is for.
- * NOTES:
- *    This creates a CMMFCertResponse.  This response should correspond
- *    to a request that was received via CRMF.  From the CRMF message you
- *    can get the Request Id to pass in as inCertReqId, in essence binding 
- *    a CMRFCertRequest message to the CMMFCertResponse created by this
- *    function.  If no requuest id is associated with the response to create
- *    then the user should pass in -1 for 'inCertReqId'.
- *
- * RETURN:
- *    A pointer to the new CMMFCertResponse corresponding to the request id 
- *    passed in.  A NULL return value indicates an error while trying to 
- *    create the CMMFCertResponse.
- */
-extern CMMFCertResponse* CMMF_CreateCertResponse(long inCertReqId);
-
-/*
- * FUNCTION: CMMF_CreateKeyRecRepContent
- * INPUTS:
- *    NONE
- * NOTES:
- *    This function creates a new empty CMMFKeyRecRepContent structure.
- *    At the very minimum, the user  must call 
- *    CMMF_KeyRecRepContentSetPKIStatusInfoStatus field to have an
- *    encodable structure.  Depending on what the response is, the user may
- *    have to set other fields as well to properly build up the structure so
- *    that it can be encoded.  Refer to the CMMF draft for how to properly
- *    set up a CMMFKeyRecRepContent. This is the structure that an RA returns
- *    to an end entity when doing key recovery.
-
- *    The user must call CMMF_DestroyKeyRecRepContent when the return value
- *    is no longer needed.
- * RETURN:
- *    A pointer to the empty CMMFKeyRecRepContent.  A return value of NULL
- *    indicates an error in allocating memory or initializing the structure.
- */
-extern CMMFKeyRecRepContent *CMMF_CreateKeyRecRepContent(void);
-
-/*
- * FUNCTION: CMMF_CreateKeyRecRepContentFromDER
- * INPUTS:
- *    db
- *        The handle for the certificate database where the decoded 
- *        certificates will be placed.  The decoded certificates will
- *        be placed in the temporary database associated with the 
- *        handle.
- *    buf
- *        A buffer contatining the DER-encoded CMMFKeyRecRepContent
- *    len
- *        The length in bytes of the buffer 'buf'
- * NOTES
- *    This function passes the buffer to the ASN1 decoder and creates a 
- *    CMMFKeyRecRepContent structure.
- *
- * RETURN:
- *    A pointer to the CMMFKeyRecRepContent structure.  A NULL return
- *    value indicates the library was unable to parse the DER.
- */
-extern CMMFKeyRecRepContent* 
-       CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db,
-					  const char       *buf,
-					  long              len);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyChallContent
- * INPUTS:
- *    NONE
- * NOTES:
- *    This function creates an empty CMMFPOPODecKeyChallContent.  The user
- *    must add the challenges individually specifying the random number to
- *    be used and the public key to be used when creating each individual 
- *    challenge.  User can accomplish this by calling the function 
- *    CMMF_POPODecKeyChallContentSetNextChallenge.
- * RETURN:
- *    A pointer to a CMMFPOPODecKeyChallContent structure.  Ther user can
- *    then call CMMF_EncodePOPODecKeyChallContent passing in the return
- *    value from this function after setting all of the challenges.  A 
- *    return value of NULL indicates an error while creating the 
- *    CMMFPOPODecKeyChallContent structure.
- */
-extern CMMFPOPODecKeyChallContent*
-       CMMF_CreatePOPODecKeyChallContent(void);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyChallContentFromDER
- * INPUTS
- *    buf
- *        A buffer containing the DER-encoded CMMFPOPODecKeyChallContent
- *    len
- *        The length in bytes of the buffer 'buf'
- * NOTES:
- *    This function passes the buffer to the ASN1 decoder and creates a
- *    CMMFPOPODecKeyChallContent structure.  
- *
- * RETURN:
- *    A pointer to the CMMFPOPODecKeyChallContent structure.  A NULL return
- *    value indicates the library was unable to parse the DER.
- */
-extern CMMFPOPODecKeyChallContent*
-       CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyRespContentFromDER
- * INPUTS:
- *    buf
- *        A buffer contatining the DER-encoded CMMFPOPODecKeyRespContent
- *    len
- *        The length in bytes of the buffer 'buf'
- * NOTES
- *    This function passes the buffer to the ASN1 decoder and creates a 
- *    CMMFPOPODecKeyRespContent structure.
- *
- * RETURN:
- *    A pointer to the CMMFPOPODecKeyRespContent structure.  A NULL return
- *    value indicates the library was unable to parse the DER.
- */
-extern CMMFPOPODecKeyRespContent*
-       CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len);
-
-/************************** Set Functions *************************/
-
-/*
- * FUNCTION: CMMF_CertRepContentSetCertResponses
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to operate on.
- *    inCertResponses
- *        An array of pointers to CMMFCertResponse structures to 
- *        add to the CMMFCertRepContent structure.
- *    inNumResponses
- *        The length of the array 'inCertResponses'
- * NOTES:
- *    This function will add the CMMFCertResponse structure to the 
- *    CMMFCertRepContent passed in.  The CMMFCertResponse field of 
- *    CMMFCertRepContent is required, so the client must call this function
- *    before calling CMMF_EncodeCertRepContent.  If the user calls 
- *    CMMF_EncodeCertRepContent before calling this function, 
- *    CMMF_EncodeCertRepContent will fail.
- *
- * RETURN:
- *    SECSuccess if adding the CMMFCertResponses to the CMMFCertRepContent
- *    structure was successful.  Any other return value indicates an error
- *    while trying to add the CMMFCertResponses.
- */
-extern SECStatus 
-      CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
-					  CMMFCertResponse  **inCertResponses,
-					  int                 inNumResponses);
-
-/*
- * FUNCTION: CMMF_CertRepContentSetCAPubs
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to operate on.
- *    inCAPubs
- *        The certificate list which makes up the chain of CA certificates
- *        required to make the issued cert valid.
- * NOTES:
- *    This function will set the the certificates in the CA chain as part
- *    of the CMMFCertRepContent.  This field is an optional member of the 
- *    CMMFCertRepContent structure, so the client is not required to call
- *    this function before calling CMMF_EncodeCertRepContent.
- *
- * RETURN:
- *    SECSuccess if adding the 'inCAPubs' to the CERTRepContent was successful.
- *    Any other return value indicates an error while adding 'inCAPubs' to the 
- *    CMMFCertRepContent structure.
- * 
- */
-extern SECStatus 
-       CMMF_CertRepContentSetCAPubs (CMMFCertRepContent  *inCertRepContent,
-				     CERTCertList        *inCAPubs);
-
-/*
- * FUNCTION: CMMF_CertResponseSetPKIStatusInfoStatus
- * INPUTS:
- *    inCertResp
- *        The CMMFCertResponse to operate on.
- *     inPKIStatus
- *        The value to set for the PKIStatusInfo.status field.
- * NOTES:
- *    This function will set the CertResponse.status.status field of 
- *    the CMMFCertResponse structure.  (View the definition of CertResponse
- *    in the CMMF draft to see exactly which value this talks about.)  This
- *    field is a required member of the structure, so the user must call this
- *    function in order to have a CMMFCertResponse that can be encoded.
- *
- * RETURN:
- *    SECSuccess if setting the field with the passed in value was successful.
- *    Any other return value indicates an error while trying to set the field.
- */
-extern SECStatus 
-     CMMF_CertResponseSetPKIStatusInfoStatus (CMMFCertResponse *inCertResp,
-					      CMMFPKIStatus     inPKIStatus);
-
-/*
- * FUNCTION: CMMF_CertResponseSetCertificate
- * INPUTS:
- *    inCertResp
- *        The CMMFCertResponse to operate on.
- *    inCertificate
- *        The certificate to add to the 
- *        CertResponse.CertifiedKeyPair.certOrEncCert.certificate field.
- * NOTES:
- *    This function will take the certificate and make it a member of the
- *    CMMFCertResponse.  The certificate should be the actual certificate
- *    being issued via the response.
- *
- * RETURN:
- *    SECSuccess if adding the certificate to the response was successful.
- *    Any other return value indicates an error in adding the certificate to
- *    the CertResponse.
- */
-extern SECStatus 
-       CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
-					CERTCertificate  *inCertificate);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetPKIStatusInfoStatus
- * INPUTS: 
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- *    inPKIStatus
- *        The value to set the PKIStatusInfo.status field to.
- * NOTES:
- *    This function sets the only required field for the KeyRecRepContent.
- *    In most cases, the user will set this field and other fields of the
- *    structure to properly create the CMMFKeyRecRepContent structure.  
- *    Refer to the CMMF draft to see which fields need to be set in order
- *    to create the desired CMMFKeyRecRepContent.
- * 
- * RETURN:
- *    SECSuccess if setting the PKIStatusInfo.status field was successful.
- *    Any other return value indicates an error in setting the field.
- */
-extern SECStatus 
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
-					    CMMFPKIStatus         inPKIStatus);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetNewSignCert
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- *    inNewSignCert
- *        The new signing cert to add to the CMMFKeyRecRepContent structure.
- * NOTES:
- *    This function sets the new signeing cert in the CMMFKeyRecRepContent
- *    structure.
- *
- * RETURN:
- *    SECSuccess if setting the new signing cert was successful.  Any other 
- *    return value indicates an error occurred while trying to add the
- *    new signing certificate.
- */
-extern SECStatus 
-       CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
-					   CERTCertificate     *inNewSignCert);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetCACerts
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- *    inCACerts
- *        The list of CA certificates required to construct a valid 
- *        certificate chain with the certificates that will be returned
- *        to the end user via this KeyRecRepContent.
- * NOTES:
- *    This function sets the caCerts that are required to form a chain with the
- *    end entity certificates that are being re-issued in this 
- *    CMMFKeyRecRepContent structure.
- *
- * RETURN:
- *    SECSuccess if adding the caCerts was successful.  Any other return value
- *    indicates an error while tring to add the caCerts.
- */
-extern SECStatus 
-       CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
-				       CERTCertList         *inCACerts);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetCertifiedKeyPair
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- *    inCert
- *        The certificate to add to the CMMFKeyRecRepContent structure.
- *    inPrivKey
- *        The private key associated with the certificate above passed in.
- *    inPubKey
- *        The public key to use for wrapping the private key.
- * NOTES:
- *    This function adds another certificate-key pair to the 
- *    CMMFKeyRecRepcontent structure.  There may be more than one 
- *    certificate-key pair in the structure, so the user must call this 
- *    function multiple times to add more than one cert-key pair.
- *
- * RETURN:
- *    SECSuccess if adding the certified key pair was successful.  Any other
- *    return value indicates an error in adding certified key pair to 
- *    CMMFKeyRecRepContent structure.
- */
-extern SECStatus 
-    CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
-					     CERTCertificate      *inCert,
-					     SECKEYPrivateKey     *inPrivKey,
-					     SECKEYPublicKey      *inPubKey);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
- * INPUTS:
- *    inDecKeyChall
- *        The CMMFPOPODecKeyChallContent to operate on.
- *    inRandom
- *        The random number to use when generating the challenge,
- *    inSender
- *        The GeneralName representation of the sender of the challenge.
- *    inPubKey
- *        The public key to use when encrypting the challenge.
- *    passwdArg
- *        This value will be passed to the function used for getting a
- *        password.  The password for getting a password should be registered
- *        by calling PK11_SetPasswordFunc before this function is called. 
- *        If no password callback is registered and the library needs to 
- *        authenticate to the slot for any reason, this function will fail.
- * NOTES:
- *    This function adds a challenge to the end of the list of challenges
- *    contained by 'inDecKeyChall'.  Refer to the CMMF draft on how the
- *    the random number passed in and the sender's GeneralName are used
- *    to generate the challenge and witness fields of the challenge.  This
- *    library will use SHA1 as the one-way function for generating the 
- *    witess field of the challenge.
- *
- * RETURN:
- *    SECSuccess if generating the challenge and adding to the end of list
- *    of challenges was successful.  Any other return value indicates an error
- *    while trying to generate the challenge.
- */
-extern SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
-                                   (CMMFPOPODecKeyChallContent *inDecKeyChall,
-				    long                        inRandom,
-				    CERTGeneralName            *inSender,
-				    SECKEYPublicKey            *inPubKey,
-				    void                       *passwdArg);
-
-
-/************************** Encoding Functions *************************/
-
-/*
- * FUNCTION: CMMF_EncodeCertRepContent
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to DER-encode.
- *    inCallback
- *        A callback function that the ASN1 encoder will call whenever it 
- *        wants to write out DER-encoded bytes.  Look at the defintion of 
- *        CRMFEncoderOutputCallback in crmft.h for a description of the
- *        parameters to the function.
- *    inArg
- *        An opaque pointer to a user-supplied argument that will be passed
- *        to the callback funtion whenever the function is called.
- * NOTES:
- *    The CMMF library will use the same DER-encoding scheme as the CRMF 
- *    library.  In other words, when reading CRMF comments that pertain to
- *    encoding, those comments apply to the CMMF libray as well.  
- *    The callback function will be called multiple times, each time supplying
- *    the next chunk of DER-encoded bytes.  The user must concatenate the 
- *    output of each successive call to the callback in order to get the
- *    entire DER-encoded CMMFCertRepContent structure.
- *
- * RETURN:
- *    SECSuccess if encoding the CMMFCertRepContent was successful.  Any 
- *    other return value indicates an error while decoding the structure.
- */
-extern SECStatus 
-       CMMF_EncodeCertRepContent (CMMFCertRepContent        *inCertRepContent,
-				  CRMFEncoderOutputCallback  inCallback,
-				  void                      *inArg);
-
-/*
- * FUNCTION: CMMF_EncodeKeyRecRepContent
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRepContent to DER-encode.
- *    inCallback
- *        A callback function that the ASN1 encoder will call whenever it 
- *        wants to write out DER-encoded bytes.  Look at the defintion of 
- *        CRMFEncoderOutputCallback in crmft.h for a description of the
- *        parameters to the function.
- *    inArg
- *        An opaque pointer to a user-supplied argument that will be passed
- *        to the callback funtion whenever the function is called.
- * NOTES:
- *    The CMMF library will use the same DER-encoding scheme as the CRMF 
- *    library.  In other words, when reading CRMF comments that pertain to
- *    encoding, those comments apply to the CMMF libray as well.  
- *    The callback function will be called multiple times, each time supplying
- *    the next chunk of DER-encoded bytes.  The user must concatenate the 
- *    output of each successive call to the callback in order to get the
- *    entire DER-encoded CMMFCertRepContent structure.
- *
- * RETURN:
- *    SECSuccess if encoding the CMMFKeyRecRepContent was successful.  Any 
- *    other return value indicates an error while decoding the structure.
- */
-extern SECStatus
-       CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent      *inKeyRecRep,
-				   CRMFEncoderOutputCallback  inCallback,
-				   void                      *inArg);
-
-/*
- * FUNCTION: CMMF_EncodePOPODecKeyChallContent
- * INPUTS:
- *    inDecKeyChall
- *        The CMMFDecKeyChallContent to operate on.
- *    inCallback
- *        A callback function that the ASN1 encoder will call whenever it 
- *        wants to write out DER-encoded bytes.  Look at the defintion of 
- *        CRMFEncoderOutputCallback in crmft.h for a description of the
- *        parameters to the function.
- *    inArg
- *        An opaque pointer to a user-supplied argument that will be passed
- *        to the callback function whenever the function is called.
- * NOTES:
- *    The CMMF library will use the same DER-encoding scheme as the CRMF 
- *    library.  In other words, when reading CRMF comments that pertain to
- *    encoding, those comments apply to the CMMF libray as well.  
- *    The callback function will be called multiple times, each time supplying
- *    the next chunk of DER-encoded bytes.  The user must concatenate the 
- *    output of each successive call to the callback in order to get the
- *    entire DER-encoded CMMFCertRepContent structure.
- *    The DER will be an encoding of the type POPODecKeyChallContents, which
- *    is just a sequence of challenges.
- *
- * RETURN:
- *    SECSuccess if encoding was successful.  Any other return value indicates
- *    an error in trying to encode the Challenges.
- */
-extern SECStatus 
-CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
-				  CRMFEncoderOutputCallback inCallback,
-				  void                     *inArg);
-
-/*
- * FUNCTION: CMMF_EncodePOPODecKeyRespContent
- * INPUTS:
- *    inDecodedRand
- *        An array of integers to encode as the responses to 
- *        CMMFPOPODecKeyChallContent.  The integers must be in the same order
- *        as the challenges extracted from CMMFPOPODecKeyChallContent.
- *    inNumRand
- *        The number of random integers contained in the array 'inDecodedRand'
- *    inCallback
- *        A callback function that the ASN1 encoder will call whenever it 
- *        wants to write out DER-encoded bytes.  Look at the defintion of 
- *        CRMFEncoderOutputCallback in crmft.h for a description of the
- *        parameters to the function.
- *    inArg
- *        An opaque pointer to a user-supplied argument that will be passed
- *        to the callback funtion whenever the function is called.
- * NOTES:
- *    The CMMF library will use the same DER-encoding scheme as the CRMF 
- *    library.  In other words, when reading CRMF comments that pertain to
- *    encoding, those comments apply to the CMMF libray as well.  
- *    The callback function will be called multiple times, each time supplying
- *    the next chunk of DER-encoded bytes.  The user must concatenate the 
- *    output of each successive call to the callback in order to get the
- *    entire DER-encoded  POPODecKeyRespContent.
- *
- * RETURN:
- *    SECSuccess if encoding was successful.  Any other return value indicates
- *    an error in trying to encode the Challenges.
- */
-extern SECStatus 
-      CMMF_EncodePOPODecKeyRespContent(long                     *inDecodedRand,
-				       int                       inNumRand,
-				       CRMFEncoderOutputCallback inCallback,
-				       void                     *inArg); 
-
-/***************  Accessor function  ***********************************/
-
-/*
- * FUNCTION: CMMF_CertRepContentGetCAPubs
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to extract the caPubs from.
- * NOTES:
- *    This function will return a copy of the list of certificates that
- *    make up the chain of CA's required to make the cert issued valid.
- *    The user must call CERT_DestroyCertList on the return value when 
- *    done using the return value.  
- *
- *    Only call this function on a CertRepContent that has been decoded.
- *    The client must call CERT_DestroyCertList when the certificate list
- *    is no longer needed. 
- *
- *    The certs in the list will not be in the temporary database.  In order
- *    to make these certificates a part of the permanent CA internal database,
- *    the user must collect the der for all of these certs and call 
- *    CERT_ImportCAChain.  Afterwards the certs will be part of the permanent
- *    database.
- *    
- * RETURN:
- *    A pointer to the CERTCertList representing the CA chain associated 
- *    with the issued cert.  A NULL return value indicates  that no CA Pubs
- *    were available in the CMMFCertRepContent structure. 
- */
-extern CERTCertList* 
-       CMMF_CertRepContentGetCAPubs (CMMFCertRepContent *inCertRepContent);
-
-
-/*
- * FUNCTION: CMMF_CertRepContentGetNumResponses
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to operate on.
- * NOTES:
- *    This function will return the number of CertResponses that are contained
- *    by the CMMFCertRepContent passed in.
- * 
- * RETURN:
- *    The number of CMMFCertResponses contained in the structure passed in.
- */
-extern int 
- CMMF_CertRepContentGetNumResponses (CMMFCertRepContent *inCertRepContent);
-
-/*
- * FUNCTION: CMMF_CertRepContentGetResponseAtIndex
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to operate on.
- *    inIndex
- *        The index of the CMMFCertResponse the user wants a copy of.
- * NOTES:
- *    This funciton creates a copy of the CMMFCertResponse at the index 
- *    corresponding to the parameter 'inIndex'.  Indexing is done like a
- *    traditional C array, ie the valid indexes are (0...numResponses-1).
- *    The user must call CMMF_DestroyCertResponse after the return value is 
- *    no longer needed.
- *
- * RETURN:
- *    A pointer to the CMMFCertResponse at the index corresponding to 
- *    'inIndex'.  A return value of NULL indicates an error in copying 
- *    the CMMFCertResponse.
- */
-extern CMMFCertResponse*
-CMMF_CertRepContentGetResponseAtIndex (CMMFCertRepContent *inCertRepContent,
-				       int                 inIndex);
-
-/*
- * FUNCTION: CMMF_CertResponseGetCertReqId
- * INPUTS:
- *    inCertResp
- *        The CMMFCertResponse to operate on.
- * NOTES:
- *    This function returns the CertResponse.certReqId from the 
- *    CMMFCertResponse structure passed in.  If the return value is -1, that
- *    means there is no associated certificate request with the CertResponse.
- * RETURN:
- *    A long representing the id of the certificate request this 
- *    CMMFCertResponse corresponds to.  A return value of -1 indicates an
- *    error in extracting the value of the integer.
- */
-extern long CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_CertResponseGetPKIStatusInfoStatus
- * INPUTS:
- *    inCertResp
- *        The CMMFCertResponse to operate on.
- * NOTES:
- *    This function returns the CertResponse.status.status field of the 
- *    CMMFCertResponse structure.
- *
- * RETURN:
- *    The enumerated value corresponding to the PKIStatus defined in the CMMF
- *    draft.  See the CMMF draft for the definition of PKIStatus.  See crmft.h
- *    for the definition of CMMFPKIStatus.
- */
-extern CMMFPKIStatus 
-       CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_CertResponseGetCertificate
- * INPUTS:
- *    inCertResp
- *        The Certificate Response to operate on.
- *    inCertdb
- *        This is the certificate database where the function will place the
- *        newly issued certificate.
- * NOTES:
- *    This function retrieves the CertResponse.certifiedKeyPair.certificate
- *    from the CMMFCertResponse.  The user will get a copy of that certificate
- *    so  the user must call CERT_DestroyCertificate when the return value is 
- *    no longer needed.  The certificate returned will be in the temporary 
- *    certificate database.
- *
- * RETURN:
- *    A pointer to a copy of the certificate contained within the 
- *    CMMFCertResponse.  A return value of NULL indicates an error while trying
- *    to make a copy of the certificate.
- */
-extern CERTCertificate*
-       CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
-                                       CERTCertDBHandle *inCertdb);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetPKIStatusInfoStatus
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent structure to operate on.
- * NOTES:
- *    This function retrieves the KeyRecRepContent.status.status field of 
- *    the CMMFKeyRecRepContent structure.
- * RETURN:
- *    The CMMFPKIStatus corresponding to the value held in the 
- *    CMMFKeyRecRepContent structure.
- */
-extern CMMFPKIStatus 
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetNewSignCert
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- * NOTES:
- *    This function retrieves the KeyRecRepContent.newSignCert field of the
- *    CMMFKeyRecRepContent structure.  The user must call 
- *    CERT_DestroyCertificate when the return value is no longer needed. The
- *    returned certificate will be in the temporary database.  The user 
- *    must then place the certificate permanently in whatever token the
- *    user determines is the proper destination.  A return value of NULL
- *    indicates the newSigCert field was not present.
- */
-extern CERTCertificate*
-       CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetCACerts
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- * NOTES:
- *    This function returns a CERTCertList which contains all of the 
- *    certficates that are in the sequence KeyRecRepContent.caCerts
- *    User must call CERT_DestroyCertList when the return value is no longer 
- *    needed.  All of these certificates will be placed in the tempoaray
- *    database.
- *
- * RETURN:
- *    A pointer to the list of caCerts contained in the CMMFKeyRecRepContent
- *    structure.  A return value of NULL indicates the library was not able to 
- *    make a copy of the certifcates.  This may be because there are no caCerts
- *    included in the CMMFKeyRecRepContent strucure or an internal error.  Call
- *    CMMF_KeyRecRepContentHasCACerts to find out if there are any caCerts 
- *    included in 'inKeyRecRep'.
- */
-extern CERTCertList*
-       CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetNumKeyPairs
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to operate on.
- * RETURN:
- *    This function returns the number of CMMFCertifiedKeyPair structures that
- *    that are stored in the KeyRecRepContent structure.
- */
-extern int 
-       CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetCertKeyAtIndex
- * INPUTS:
- *    inKeyRecRepContent
- *        The CMMFKeyRecRepContent to operate on.
- *    inIndex
- *        The index of the desired CMMFCertifiedKeyPair
- * NOTES:
- *    This function retrieves the CMMFCertifiedKeyPair structure at the index
- *    'inIndex'.  Valid indexes are 0...(numKeyPairs-1)  The user must call 
- *    CMMF_DestroyCertifiedKeyPair when the return value is no longer needed.
- *
- * RETURN:
- *    A pointer to the Certified Key Pair at the desired index.  A return value
- *    of NULL indicates an error in extracting the Certified Key Pair at the 
- *    desired index.
- */
-extern CMMFCertifiedKeyPair*
-      CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
-					     int                   inIndex);
-
-/*
- * FUNCTION: CMMF_CertifiedKeyPairGetCertificate
- * INPUTS:
- *    inCertKeyPair
- *        The CMMFCertifiedKeyPair to operate on.
- *    inCertdb
- *        The database handle for the database you want this certificate
- *        to wind up in.
- * NOTES:
- *    This function retrieves the certificate at 
- *    CertifiedKeyPair.certOrEncCert.certificate
- *    The user must call CERT_DestroyCertificate when the return value is no
- *    longer needed.  The user must import this certificate as a token object
- *    onto PKCS#11 slot in order to make it a permanent object.  The returned
- *    certificate will be in the temporary database.
- * 
- * RETURN:
- *    A pointer to the certificate contained within the certified key pair.
- *    A return value of NULL indicates an error in creating the copy of the 
- *    certificate.
- */
-extern CERTCertificate*
-      CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
-					  CERTCertDBHandle     *inCertdb);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
- * INPUTS:
- *    inKeyChallCont
- *        The CMMFPOPODecKeyChallContent to operate on.
- * RETURN:
- *    This function returns the number of CMMFChallenges are contained in 
- *    the CMMFPOPODecKeyChallContent structure.
- */
-extern int CMMF_POPODecKeyChallContentGetNumChallenges
-                                  (CMMFPOPODecKeyChallContent *inKeyChallCont);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetPublicValue
- * ---------------------------------------------------
- * INPUTS:
- *    inKeyChallCont
- *        The CMMFPOPODecKeyChallContent to operate on.
- *    inIndex
- *        The index of the Challenge within inKeyChallCont to operate on.
- *        Indexes start from 0, ie the Nth Challenge corresponds to index
- *        N-1.
- * NOTES:
- * This function retrieves the public value stored away in the Challenge at
- * index inIndex of inKeyChallCont.
- * RETURN:
- * A pointer to a SECItem containing the public value.  User must call 
- * SECITEM_FreeItem on the return value when the value is no longer necessary.
- * A return value of NULL indicates an error while retrieving the public value.
- */
-extern SECItem* CMMF_POPODecKeyChallContentGetPublicValue
-                                   (CMMFPOPODecKeyChallContent *inKeyChallCont,
-				    int                         inIndex);
-
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetRandomNumber
- * INPUTS:
- *    inChallContent
- *        The CMMFPOPODecKeyChallContent to operate on.
- *    inIndex
- *        The index of the challenge to look at.  Valid indexes are 0 through
- *        (CMMF_POPODecKeyChallContentGetNumChallenges(inChallContent) - 1).
- *    inDest
- *        A pointer to a user supplied buffer where the library
- *        can place a copy of the random integer contatained in the
- *        challenge.
- * NOTES:
- *    This function returns the value held in the decrypted Rand structure
- *    corresponding to the random integer.  The user must call 
- *    CMMF_POPODecKeyChallContentDecryptChallenge before calling this function.  Call 
- *    CMMF_ChallengeIsDecrypted to find out if the challenge has been 
- *    decrypted.
- *
- * RETURN:
- *    SECSuccess indicates the witness field has been previously decrypted
- *    and the value for the random integer was successfully placed at *inDest.
- *    Any other return value indicates an error and that the value at *inDest
- *    is not a valid value.
- */
-extern SECStatus CMMF_POPODecKeyChallContentGetRandomNumber
-                                      (CMMFPOPODecKeyChallContent *inKeyChallCont,
-				       int                          inIndex,
-				       long                        *inDest);
-
-/*
- * FUNCTION: CMMF_POPODecKeyRespContentGetNumResponses
- * INPUTS:
- *    inRespCont
- *        The POPODecKeyRespContent to operate on.
- * RETURN:
- * This function returns the number of responses contained in inRespContent.
- */
-extern int 
- CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont);
-
-/*
- * FUNCTION: CMMF_POPODecKeyRespContentGetResponse
- * INPUTS:
- *    inRespCont
- *        The POPODecKeyRespContent to operate on.
- *    inIndex
- *        The index of the response to retrieve.
- *        The Nth response is at index N-1, ie the 1st response is at index 0,
- *        the 2nd response is at index 1, and so on.
- *    inDest
- *        A pointer to a pre-allocated buffer where the library can put the 
- *        value of the response located at inIndex.
- * NOTES:
- * The function returns the response contained at index inIndex.  
- * CMMFPOPODecKeyRespContent is a structure that the server will generally 
- * get in response to a CMMFPOPODecKeyChallContent.  The server will expect
- * to see the responses in the same order as it constructed them in 
- * the CMMFPOPODecKeyChallContent structure.
- * RETURN:
- * SECSuccess if getting the response at the desired index was successful.  Any
- * other return value indicates an errror.
- */
-extern SECStatus
-     CMMF_POPODecKeyRespContentGetResponse (CMMFPOPODecKeyRespContent *inRespCont,
-					    int                        inIndex,
-					    long                      *inDest);
-
-/************************* Destructor Functions ******************************/
-
-/*
- * FUNCTION: CMMF_DestroyCertResponse
- * INPUTS:
- *    inCertResp
- *        The CMMFCertResponse to destroy.
- * NOTES:
- *    This function frees all the memory associated with the CMMFCertResponse
- *    passed in.
- * RETURN:
- *    SECSuccess if freeing the memory was successful.  Any other return value
- *    indicates an error while freeing the memory.
- */
-extern SECStatus CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_DestroyCertRepContent
- * INPUTS:
- *    inCertRepContent
- *        The CMMFCertRepContent to destroy
- * NOTES:
- *    This function frees the memory associated with the CMMFCertRepContent
- *    passed in.
- * RETURN:
- *    SECSuccess if freeing all the memory associated with the 
- *    CMMFCertRepContent passed in is successful.  Any other return value 
- *    indicates an error while freeing the memory.
- */
-extern SECStatus 
-       CMMF_DestroyCertRepContent (CMMFCertRepContent *inCertRepContent);
-
-/*
- * FUNCTION: CMMF_DestroyKeyRecRepContent
- * INPUTS:
- *    inKeyRecRep
- *        The CMMFKeyRecRepContent to destroy.
- * NOTES:
- *    This function destroys all the memory associated with the 
- *    CMMFKeyRecRepContent passed in.
- *
- * RETURN:
- *    SECSuccess if freeing all the memory is successful.  Any other return 
- *    value indicates an error in freeing the memory.
- */
-extern SECStatus 
-       CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_DestroyCertifiedKeyPair
- * INPUTS:
- *    inCertKeyPair
- *        The CMMFCertifiedKeyPair to operate on.
- * NOTES: 
- *    This function frees up all the memory associated with 'inCertKeyPair'
- *
- * RETURN:
- *    SECSuccess if freeing all the memory associated with 'inCertKeyPair'
- *    is successful.  Any other return value indicates an error while trying
- *    to free the memory.
- */
-extern SECStatus 
-       CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
- * INPUTS:
- *    inDecKeyResp
- *        The CMMFPOPODecKeyRespContent structure to free.
- * NOTES:
- *    This function frees up all the memory associate with the 
- *    CMMFPOPODecKeyRespContent.
- *
- * RETURN:
- *    SECSuccess if freeing up all the memory associated with the
- *    CMMFPOPODecKeyRespContent structure is successful.  Any other
- *    return value indicates an error while freeing the memory.
- */
-extern SECStatus
-       CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
-
-
-/************************** Miscellaneous Functions *************************/
- 
-/*
- * FUNCTION: CMMF_CertifiedKeyPairUnwrapPrivKey
- * INPUTS:
- *    inCertKeyPair
- *        The CMMFCertifiedKeyPair to operate on.
- *    inPrivKey
- *        The private key to use to un-wrap the private key
- *    inNickName
- *        This is the nickname that will be associated with the private key
- *        to be unwrapped.
- *    inSlot
- *        The PKCS11 slot where the unwrapped private key should end up.
- *    inCertdb
- *        The Certificate database with which the new key will be associated.
- *    destPrivKey
- *        A pointer to memory where the library can place a pointer to the
- *        private key after importing the key onto the specified slot.
- *    wincx
- *        An opaque pointer that the library will use in a callback function
- *        to get the password if necessary.
- *    
- * NOTES:
- *    This function uses the private key passed in to unwrap the private key
- *    contained within the CMMFCertifiedKeyPair structure. After this 
- *    function successfully returns, the private key has been unwrapped and
- *    placed in the specified slot. 
- *
- * RETURN:
- *    SECSuccess if unwrapping the private key was successful.  Any other 
- *    return value indicates an error while trying to un-wrap the private key.
- */
-extern SECStatus 
-       CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
-					  SECKEYPrivateKey     *inPrivKey,
-					  SECItem              *inNickName,
-					  PK11SlotInfo         *inSlot,
-                                          CERTCertDBHandle     *inCertdb,
-					  SECKEYPrivateKey    **destPrivKey,
-					  void                 *wincx);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentHasCACerts
- * INPUTS:
- *    inKeyRecRecp
- *        The CMMFKeyRecRepContent to operate on.
- * RETURN:
- *    This function returns PR_TRUE if there are one or more certificates in 
- *    the sequence KeyRecRepContent.caCerts within the CMMFKeyRecRepContent
- *    structure.  The function will return PR_FALSE if there are 0 certificate
- *    in the above mentioned sequence.
- */
-extern PRBool 
-       CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContDecryptChallenge
- * INPUTS:
- *    inChalCont
- *        The CMMFPOPODecKeyChallContent to operate on.
- *    inIndex
- *        The index of the Challenge to operate on.  The 1st Challenge is
- *        at index 0, the second at index 1 and so forth.
- *    inPrivKey
- *        The private key to use to decrypt the witness field.
- * NOTES:
- *    This function uses the private key to decrypt the challenge field
- *    contained in the appropriate challenge.  Make sure the private key matches 
- *    the public key that was used to encrypt the witness.  Use 
- *    CMMF_POPODecKeyChallContentGetPublicValue to get the public value of
- *    the key used to encrypt the witness and then use that to determine the
- *    appropriate private key.  This can be done by calling PK11_MakeIDFromPubKey
- *    and then passing that return value to PK11_FindKeyByKeyID.  The creator of 
- *    the challenge will most likely be an RA that has the public key
- *    from a Cert request.  So the private key should be the private key
- *    associated with public key in that request.  This function will also
- *    verify the witness field of the challenge.  This function also verifies
- *    that the sender and witness hashes match within the challenge.
- *
- * RETURN:
- *    SECSuccess if decrypting the witness field was successful.  This does
- *    not indicate that the decrypted data is valid, since the private key 
- *    passed in may not be the actual key needed to properly decrypt the 
- *    witness field.  Meaning that there is a decrypted structure now, but
- *    may be garbage because the private key was incorrect.
- *    Any other return value indicates the function could not complete the
- *    decryption process.
- */
-extern SECStatus 
-  CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
-					   int                         inIndex,
-					   SECKEYPrivateKey           *inPrivKey);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
- * INPUTS:
- *    inDecKeyCont
- *        The CMMFPOPODecKeyChallContent to free
- * NOTES:
- *    This function frees up all the memory associated with the 
- *    CMMFPOPODecKeyChallContent 
- * RETURN:
- *    SECSuccess if freeing up all the memory associatd with the 
- *    CMMFPOPODecKeyChallContent is successful.  Any other return value
- *    indicates an error while freeing the memory.
- *
- */
-extern SECStatus 
- CMMF_DestroyPOPODecKeyChallContent (CMMFPOPODecKeyChallContent *inDecKeyCont);
-
-SEC_END_PROTOS
-#endif /* _CMMF_H_ */
diff --git a/security/nss/lib/crmf/cmmfasn1.c b/security/nss/lib/crmf/cmmfasn1.c
deleted file mode 100644
index c9ab99a5a..000000000
--- a/security/nss/lib/crmf/cmmfasn1.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secasn1.h"
-#include "secitem.h"
-
-SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
-
-static const SEC_ASN1Template CMMFSequenceOfCertifiedKeyPairsTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, CMMFCertifiedKeyPairTemplate}
-};
-
-static const SEC_ASN1Template CMMFKeyRecRepContentTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFKeyRecRepContent)},
-    { SEC_ASN1_INLINE, offsetof(CMMFKeyRecRepContent, status), 
-      CMMFPKIStatusInfoTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 
-		SEC_ASN1_XTRN | 0,
-      offsetof(CMMFKeyRecRepContent, newSigCert),
-      SEC_ASN1_SUB(SEC_SignedCertificateTemplate)},
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-      offsetof(CMMFKeyRecRepContent, caCerts),
-      CMMFSequenceOfCertsTemplate},
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-      offsetof(CMMFKeyRecRepContent, keyPairHist),
-      CMMFSequenceOfCertifiedKeyPairsTemplate},
-    { 0 }
-};
-
-SECStatus
-CMMF_EncodeCertRepContent (CMMFCertRepContent        *inCertRepContent,
-			   CRMFEncoderOutputCallback  inCallback,
-			   void                      *inArg)
-{
-    return cmmf_user_encode(inCertRepContent, inCallback, inArg,
-			    CMMFCertRepContentTemplate);
-}
-
-SECStatus
-CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
-				  CRMFEncoderOutputCallback inCallback,
-				  void                     *inArg)
-{
-    return cmmf_user_encode(inDecKeyChall, inCallback, inArg,
-			    CMMFPOPODecKeyChallContentTemplate);
-}
-
-CMMFPOPODecKeyRespContent*
-CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len)
-{
-    PRArenaPool               *poolp;
-    CMMFPOPODecKeyRespContent *decKeyResp;
-    SECStatus                  rv;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    decKeyResp = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
-    if (decKeyResp == NULL) {
-        goto loser;
-    }
-    decKeyResp->poolp = poolp;
-    rv = SEC_ASN1Decode(poolp, decKeyResp, CMMFPOPODecKeyRespContentTemplate,
-			buf, len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return decKeyResp;
-    
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-SECStatus
-CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent      *inKeyRecRep,
-			    CRMFEncoderOutputCallback  inCallback,
-			    void                      *inArg)
-{
-    return cmmf_user_encode(inKeyRecRep, inCallback, inArg,
-			    CMMFKeyRecRepContentTemplate);
-}
-
-CMMFKeyRecRepContent* 
-CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db, const char *buf, 
-				   long len)
-{
-    PRArenaPool          *poolp;
-    CMMFKeyRecRepContent *keyRecContent;
-    SECStatus             rv;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
-    if (keyRecContent == NULL) {
-        goto loser;
-    }
-    keyRecContent->poolp = poolp;
-    rv = SEC_ASN1Decode(poolp, keyRecContent, CMMFKeyRecRepContentTemplate,
-			buf, len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    if (keyRecContent->keyPairHist != NULL) {
-        while(keyRecContent->keyPairHist[keyRecContent->numKeyPairs] != NULL) {
-	    rv = cmmf_decode_process_certified_key_pair(poolp, db,
-		       keyRecContent->keyPairHist[keyRecContent->numKeyPairs]);
-	    if (rv != SECSuccess) {
-	        goto loser;
-	    }
-	    keyRecContent->numKeyPairs++;
-	}
-	keyRecContent->allocKeyPairs = keyRecContent->numKeyPairs;
-    }
-    keyRecContent->isDecoded = PR_TRUE;
-    return keyRecContent;
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
diff --git a/security/nss/lib/crmf/cmmfchal.c b/security/nss/lib/crmf/cmmfchal.c
deleted file mode 100644
index 3d7ad2319..000000000
--- a/security/nss/lib/crmf/cmmfchal.c
+++ /dev/null
@@ -1,319 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "sechash.h"
-#include "genname.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "secitem.h"
-#include "secmod.h"
-#include "keyhi.h"
-
-static int
-cmmf_create_witness_and_challenge(PRArenaPool     *poolp,
-				  CMMFChallenge   *challenge,
-				  long             inRandom,
-				  SECItem         *senderDER,
-				  SECKEYPublicKey *inPubKey,
-				  void            *passwdArg)
-{
-    SECItem       *encodedRandNum;
-    SECItem        encodedRandStr = {siBuffer, NULL, 0};
-    SECItem       *dummy;
-    unsigned char *randHash, *senderHash, *encChal=NULL;
-    unsigned       modulusLen = 0;
-    SECStatus      rv = SECFailure;
-    CMMFRand       randStr= { {siBuffer, NULL, 0}, {siBuffer, NULL, 0}};
-    PK11SlotInfo  *slot;
-    PK11SymKey    *symKey = NULL;
-    CK_OBJECT_HANDLE id;
-    CERTSubjectPublicKeyInfo *spki = NULL;
-
-    
-    encodedRandNum = SEC_ASN1EncodeInteger(poolp, &challenge->randomNumber,
-					   inRandom);
-    encodedRandNum = &challenge->randomNumber;
-    randHash   = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
-    senderHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
-    if (randHash == NULL) {
-        goto loser;
-    }
-    rv = PK11_HashBuf(SEC_OID_SHA1, randHash, encodedRandNum->data, 
-		      (uint32)encodedRandNum->len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = PK11_HashBuf(SEC_OID_SHA1, senderHash, senderDER->data,
-		      (uint32)senderDER->len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    challenge->witness.data = randHash;
-    challenge->witness.len  = SHA1_LENGTH;
-
-    randStr.integer    = *encodedRandNum;
-    randStr.senderHash.data = senderHash;
-    randStr.senderHash.len  = SHA1_LENGTH;
-    dummy = SEC_ASN1EncodeItem(NULL, &encodedRandStr, &randStr, 
-			       CMMFRandTemplate);
-    if (dummy != &encodedRandStr) {
-        rv = SECFailure;
-        goto loser;
-    }
-    /* XXXX Now I have to encrypt encodedRandStr and stash it away. */
-    modulusLen = SECKEY_PublicKeyStrength(inPubKey);
-    encChal = PORT_ArenaNewArray(poolp, unsigned char, modulusLen);
-    if (encChal == NULL) {
-        rv = SECFailure;
-        goto loser;
-    }
-    slot =PK11_GetBestSlot(CKM_RSA_PKCS, passwdArg);
-    if (slot == NULL) {
-        rv = SECFailure;
-        goto loser;
-    }
-    id = PK11_ImportPublicKey(slot, inPubKey, PR_FALSE);
-    /* In order to properly encrypt the data, we import as a symmetric
-     * key, and then wrap that key.  That in essence encrypts the data.
-     * This is the method recommended in the PK11 world in order
-     * to prevent threading issues as well as breaking any other semantics
-     * the PK11 libraries depend on.
-     */
-    symKey = PK11_ImportSymKey(slot, CKM_RSA_PKCS, PK11_OriginGenerated,
-			       CKA_VALUE, &encodedRandStr, passwdArg);
-    if (symKey == NULL) {
-        rv = SECFailure;
-	goto loser;
-    }
-    challenge->challenge.data = encChal;
-    challenge->challenge.len  = modulusLen;
-    rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, inPubKey, symKey, 
-			    &challenge->challenge);
-    PK11_FreeSlot(slot);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(poolp, &challenge->senderDER, senderDER);
-    crmf_get_public_value(inPubKey, &challenge->key);
-    /* Fall through */
- loser:
-    if (spki != NULL) {
-        SECKEY_DestroySubjectPublicKeyInfo(spki);
-    }
-    if (encodedRandStr.data != NULL) {
-        PORT_Free(encodedRandStr.data);
-    }
-    if (encodedRandNum != NULL) {
-        SECITEM_FreeItem(encodedRandNum, PR_TRUE);
-    }
-    if (symKey != NULL) {
-        PK11_FreeSymKey(symKey);
-    }
-    return rv;
-}
-
-static SECStatus
-cmmf_create_first_challenge(CMMFPOPODecKeyChallContent *challContent, 
-			    long                        inRandom, 
-			    SECItem                    *senderDER, 
-			    SECKEYPublicKey            *inPubKey,
-			    void                       *passwdArg)
-{
-    SECOidData     *oidData;
-    CMMFChallenge  *challenge;
-    SECAlgorithmID *algId;
-    PRArenaPool    *poolp;
-    SECStatus       rv;
-
-    oidData = SECOID_FindOIDByTag(SEC_OID_SHA1);
-    if (oidData == NULL) {
-        return SECFailure;
-    }
-    poolp = challContent->poolp;
-    challenge = PORT_ArenaZNew(poolp, CMMFChallenge);
-    if (challenge == NULL) {
-        return SECFailure;
-    }
-    algId = challenge->owf = PORT_ArenaZNew(poolp, SECAlgorithmID);
-    if (algId == NULL) {
-        return SECFailure;
-    }
-    rv = SECITEM_CopyItem(poolp, &algId->algorithm, &oidData->oid);
-    if (rv != SECSuccess) {
-        return SECFailure;
-    }
-    rv = cmmf_create_witness_and_challenge(poolp, challenge, inRandom, 
-					   senderDER, inPubKey, passwdArg);
-    challContent->challenges[0] = (rv == SECSuccess) ? challenge : NULL;
-    challContent->numChallenges++;
-    return rv ;
-}
-
-CMMFPOPODecKeyChallContent*
-CMMF_CreatePOPODecKeyChallContent (void)
-{
-    PRArenaPool *poolp;
-    CMMFPOPODecKeyChallContent *challContent;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
-    if (challContent == NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-	return NULL;
-    }
-    challContent->poolp = poolp;
-    return challContent;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
-                                    (CMMFPOPODecKeyChallContent *inDecKeyChall,
-				     long                        inRandom,
-				     CERTGeneralName            *inSender,
-				     SECKEYPublicKey            *inPubKey,
-				     void                       *passwdArg)
-{
-    CMMFChallenge               *curChallenge;
-    PRArenaPool                 *genNamePool = NULL, *poolp;
-    SECStatus                    rv;
-    SECItem                     *genNameDER;
-    void                        *mark;
-
-    PORT_Assert (inDecKeyChall != NULL &&
-		 inSender      != NULL &&
-		 inPubKey      != NULL);
-
-    if (inDecKeyChall == NULL || 
-	inSender      == NULL || inPubKey == NULL) {
-        return SECFailure;
-    }
-    poolp = inDecKeyChall->poolp;
-    mark = PORT_ArenaMark(poolp);
-
-    genNamePool = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    genNameDER = CERT_EncodeGeneralName(inSender, NULL, genNamePool);
-    if (genNameDER == NULL) {
-        rv = SECFailure;
-        goto loser;
-    }
-    if (inDecKeyChall->challenges == NULL) {
-        inDecKeyChall->challenges =
-	    PORT_ArenaZNewArray(poolp, CMMFChallenge*,(CMMF_MAX_CHALLENGES+1));
-	inDecKeyChall->numAllocated = CMMF_MAX_CHALLENGES;
-    }
-
-    if (inDecKeyChall->numChallenges >= inDecKeyChall->numAllocated) {
-        rv = SECFailure;
-        goto loser;
-    }
-
-    if (inDecKeyChall->numChallenges == 0) {
-        rv = cmmf_create_first_challenge(inDecKeyChall, inRandom, 
-					 genNameDER, inPubKey, passwdArg);
-    } else {
-        curChallenge = PORT_ArenaZNew(poolp, CMMFChallenge);
-	if (curChallenge == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	rv = cmmf_create_witness_and_challenge(poolp, curChallenge, inRandom, 
-					       genNameDER, inPubKey, 
-					       passwdArg);
-	if (rv == SECSuccess) {
-	    inDecKeyChall->challenges[inDecKeyChall->numChallenges] =
-	        curChallenge;
-	    inDecKeyChall->numChallenges++;
-	}
-    }
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    PORT_FreeArena(genNamePool, PR_FALSE);
-    return SECSuccess;
-
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    if (genNamePool != NULL) {
-        PORT_FreeArena(genNamePool, PR_FALSE);
-    }
-    PORT_Assert(rv != SECSuccess);
-    return rv;
-}
-
-SECStatus
-CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp)
-{
-    PORT_Assert(inDecKeyResp != NULL);
-    if (inDecKeyResp != NULL && inDecKeyResp->poolp != NULL) {
-        PORT_FreeArena(inDecKeyResp->poolp, PR_FALSE);
-    }
-    return SECSuccess;
-}
-
-int 
-CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont)
-{
-    int numResponses = 0;
-
-    PORT_Assert(inRespCont != NULL);
-    if (inRespCont == NULL) {
-        return 0;
-    }
-
-    while (inRespCont->responses[numResponses] != NULL) {
-        numResponses ++;
-    }
-    return numResponses;
-}
-
-SECStatus
-CMMF_POPODecKeyRespContentGetResponse (CMMFPOPODecKeyRespContent *inRespCont,
-				       int                        inIndex,
-				       long                      *inDest)
-{
-    PORT_Assert(inRespCont != NULL);
-    
-    if (inRespCont == NULL || inIndex < 0 || 
-	inIndex >= CMMF_POPODecKeyRespContentGetNumResponses(inRespCont)) {
-        return SECFailure;
-    }
-    *inDest = DER_GetInteger(inRespCont->responses[inIndex]);
-    return (*inDest == -1) ? SECFailure : SECSuccess;
-}
diff --git a/security/nss/lib/crmf/cmmfi.h b/security/nss/lib/crmf/cmmfi.h
deleted file mode 100644
index 0a476badd..000000000
--- a/security/nss/lib/crmf/cmmfi.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * These are the definitions needed by the library internally to implement
- * CMMF.  Most of these will be helper utilities for manipulating internal
- * data strucures.
- */
-#ifndef _CMMFI_H_
-#define _CMMFI_H_
-#include "cmmfit.h"
-#include "crmfi.h"
-
-#define CMMF_MAX_CHALLENGES 10
-#define CMMF_MAX_KEY_PAIRS  50
-
-/*
- * Some templates that the code will need to implement CMMF.
- */
-extern const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[];
-extern const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[];
-extern const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[];
-extern const SEC_ASN1Template CMMFRandTemplate[];
-extern const SEC_ASN1Template CMMFSequenceOfCertsTemplate[];
-extern const SEC_ASN1Template CMMFPKIStatusInfoTemplate[];
-extern const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[];
-
-
-/*
- * Some utility functions that are shared by multiple files in this 
- * implementation.
- */
-
-extern SECStatus cmmf_CopyCertResponse (PRArenaPool      *poolp, 
-					CMMFCertResponse *dest, 
-					CMMFCertResponse *src);
-
-extern SECStatus cmmf_CopyPKIStatusInfo (PRArenaPool       *poolp, 
-					 CMMFPKIStatusInfo *dest,
-					 CMMFPKIStatusInfo *src);
-
-extern SECStatus cmmf_CopyCertifiedKeyPair(PRArenaPool          *poolp, 
-					   CMMFCertifiedKeyPair *dest,
-					   CMMFCertifiedKeyPair *src);
-
-extern SECStatus cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info, 
-					   PRBool freeit);
-
-extern SECStatus cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, 
-					   PRBool freeit);
-
-extern SECStatus cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo    *statusInfo,
-					     PRArenaPool          *poolp,
-					     CMMFPKIStatus         inStatus);
-
-extern SECStatus cmmf_ExtractCertsFromList(CERTCertList      *inCertList,
-					   PRArenaPool       *poolp,
-					   CERTCertificate ***certArray);
-
-extern SECStatus 
-       cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
-					PRArenaPool       *poolp,
-					CERTCertificate   *inCert);
-
-extern CMMFPKIStatus 
-       cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus);
-
-extern CERTCertList*
-       cmmf_MakeCertList(CERTCertificate **inCerts);
-
-extern CERTCertificate*
-cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
-                                 CERTCertDBHandle  *certdb);
-
-extern SECStatus
-cmmf_decode_process_cert_response(PRArenaPool      *poolp, 
-				  CERTCertDBHandle *db,
-				  CMMFCertResponse *inCertResp);
-
-extern SECStatus
-cmmf_decode_process_certified_key_pair(PRArenaPool          *poolp,
-				       CERTCertDBHandle     *db,
-				       CMMFCertifiedKeyPair *inCertKeyPair);
-
-extern SECStatus
-cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
-		 const SEC_ASN1Template *inTemplate);
-
-extern SECStatus
-cmmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src);
-#endif /*_CMMFI_H_*/
-
-
-
-
-
diff --git a/security/nss/lib/crmf/cmmfit.h b/security/nss/lib/crmf/cmmfit.h
deleted file mode 100644
index e6ef02f96..000000000
--- a/security/nss/lib/crmf/cmmfit.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMFIT_H_
-#define _CMMFIT_H_
-
-/*
- * All fields marked by a PKIStausInfo in comments is an integer
- * with the following possible values.
- *
- *  Integer Value          Meaning
- *  -------------          -------
- *         0               granted- got exactly what you asked for.
- *
- *         1               grantedWithMods-got something like what you asked 
- *                          for;requester is responsible for ascertainging the
- *                          differences.
- *
- *         2               rejection-you don't get what you asked for; more 
- *                          information elsewhere in the message
- *
- *         3               waiting-the request body part has not yet been 
- *                          processed, expect to hear more later.
- *
- *         4               revocationWarning-this message contains a warning 
- *                          that a revocation is imminent.
- *
- *         5               revocationNotification-notification that a 
- *                          revocation has occurred.
- *
- *         6               keyUpdateWarning-update already done for the 
- *                          oldCertId specified in FullCertTemplate.
- */
-
-struct CMMFPKIStatusInfoStr {
-    SECItem status;
-    SECItem statusString;
-    SECItem failInfo;
-};
-
-struct CMMFCertOrEncCertStr {
-    union { 
-        CERTCertificate    *certificate;
-        CRMFEncryptedValue *encryptedCert;
-    } cert;
-    CMMFCertOrEncCertChoice choice;
-    SECItem                 derValue;
-};
-
-struct CMMFCertifiedKeyPairStr {
-    CMMFCertOrEncCert   certOrEncCert;
-    CRMFEncryptedValue *privateKey;
-    SECItem             derPublicationInfo; /* We aren't creating 
-					     * PKIPublicationInfo's, so 
-					     * we'll store away the der 
-					     * here if we decode one that
-					     * does have pubInfo.
-					     */
-    SECItem unwrappedPrivKey;
-};
-
-struct CMMFCertResponseStr {
-    SECItem               certReqId;
-    CMMFPKIStatusInfo     status; /*PKIStatusInfo*/
-    CMMFCertifiedKeyPair *certifiedKeyPair;
-};
-
-struct CMMFCertRepContentStr {
-    CERTCertificate  **caPubs;
-    CMMFCertResponse **response;
-    PRArenaPool       *poolp;
-    PRBool             isDecoded;
-};
-
-struct CMMFChallengeStr {
-    SECAlgorithmID  *owf;
-    SECItem          witness;
-    SECItem          senderDER;
-    SECItem          key;
-    SECItem          challenge;
-    SECItem          randomNumber;
-};
-
-struct CMMFRandStr {
-    SECItem          integer;
-    SECItem          senderHash;
-    CERTGeneralName *sender;
-};
-
-struct CMMFPOPODecKeyChallContentStr {
-    CMMFChallenge **challenges;
-    PRArenaPool    *poolp;
-    int             numChallenges;
-    int             numAllocated;
-};
-
-struct CMMFPOPODecKeyRespContentStr {
-    SECItem     **responses;
-    PRArenaPool  *poolp;
-};
-
-struct CMMFKeyRecRepContentStr {
-    CMMFPKIStatusInfo      status; /* PKIStatusInfo */
-    CERTCertificate       *newSigCert;
-    CERTCertificate      **caCerts;
-    CMMFCertifiedKeyPair **keyPairHist;
-    PRArenaPool           *poolp;
-    int                    numKeyPairs;
-    int                    allocKeyPairs;
-    PRBool                 isDecoded;
-};
-
-#endif /* _CMMFIT_H_ */
-
diff --git a/security/nss/lib/crmf/cmmfrec.c b/security/nss/lib/crmf/cmmfrec.c
deleted file mode 100644
index e58b86aad..000000000
--- a/security/nss/lib/crmf/cmmfrec.c
+++ /dev/null
@@ -1,338 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * This file will implement the functions related to key recovery in 
- * CMMF
- */
-
-#include "nssrenam.h"
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-
-CMMFKeyRecRepContent*
-CMMF_CreateKeyRecRepContent(void)
-{
-    PRArenaPool          *poolp;
-    CMMFKeyRecRepContent *keyRecContent;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
-    if (keyRecContent == NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-	return NULL;
-    }
-    keyRecContent->poolp = poolp;
-    return keyRecContent;
-}
-
-SECStatus
-CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep != NULL && inKeyRecRep->poolp != NULL) {
-        if (!inKeyRecRep->isDecoded) {
-	    int i;
-
-	    CERT_DestroyCertificate(inKeyRecRep->newSigCert);
-	    if (inKeyRecRep->caCerts != NULL) {
-	        for (i=0; inKeyRecRep->caCerts[i] != NULL; i++) {
-		    CERT_DestroyCertificate(inKeyRecRep->caCerts[i]);
-		}
-	    }
-	    if (inKeyRecRep->keyPairHist != NULL) {
-	        for (i=0; inKeyRecRep->keyPairHist[i] != NULL; i++) {
-		    if (inKeyRecRep->keyPairHist[i]->certOrEncCert.choice ==
-			cmmfCertificate) {
-		        CERT_DestroyCertificate(inKeyRecRep->keyPairHist[i]->
-					       certOrEncCert.cert.certificate);
-		    }
-		}
-	    }
-	}
-        PORT_FreeArena(inKeyRecRep->poolp, PR_TRUE);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
-					    CMMFPKIStatus         inPKIStatus)
-{
-    PORT_Assert(inKeyRecRep != NULL && inPKIStatus >= cmmfGranted &&
-		inPKIStatus < cmmfNumPKIStatus);
-    if (inKeyRecRep == NULL) {
-        return SECFailure;
-    }
-    
-    return cmmf_PKIStatusInfoSetStatus(&inKeyRecRep->status, 
-				       inKeyRecRep->poolp,
-				       inPKIStatus);
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
-				    CERTCertificate      *inNewSignCert)
-{
-    PORT_Assert (inKeyRecRep != NULL && inNewSignCert != NULL);
-    if (inKeyRecRep == NULL || inNewSignCert == NULL) {
-        return SECFailure;
-    }
-    inKeyRecRep->newSigCert = CERT_DupCertificate(inNewSignCert);
-    return (inKeyRecRep->newSigCert == NULL) ? SECFailure : SECSuccess;    
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
-				CERTCertList         *inCACerts)
-{
-    SECStatus rv;
-    void *mark;
-
-    PORT_Assert (inKeyRecRep != NULL && inCACerts != NULL);
-    if (inKeyRecRep == NULL || inCACerts == NULL) {
-        return SECFailure;
-    }
-    mark = PORT_ArenaMark(inKeyRecRep->poolp);
-    rv = cmmf_ExtractCertsFromList(inCACerts, inKeyRecRep->poolp,
-				   &inKeyRecRep->caCerts);
-    if (rv != SECSuccess) {
-        PORT_ArenaRelease(inKeyRecRep->poolp, mark);
-    } else {
-        PORT_ArenaUnmark(inKeyRecRep->poolp, mark);
-    }
-    return rv;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
-					 CERTCertificate      *inCert,
-					 SECKEYPrivateKey     *inPrivKey,
-					 SECKEYPublicKey      *inPubKey)
-{
-    CMMFCertifiedKeyPair *keyPair;
-    CRMFEncryptedValue   *dummy;
-    PRArenaPool          *poolp;
-    void                 *mark;
-    SECStatus             rv;
-
-    PORT_Assert (inKeyRecRep != NULL &&
-		 inCert      != NULL &&
-		 inPrivKey   != NULL &&
-		 inPubKey    != NULL);
-    if (inKeyRecRep == NULL ||
-	inCert      == NULL ||
-	inPrivKey   == NULL ||
-	inPubKey    == NULL) {
-        return SECFailure;
-    }
-    poolp = inKeyRecRep->poolp;
-    mark = PORT_ArenaMark(poolp);
-    if (inKeyRecRep->keyPairHist == NULL) {
-        inKeyRecRep->keyPairHist = PORT_ArenaNewArray(poolp, 
-						      CMMFCertifiedKeyPair*,
-						      (CMMF_MAX_KEY_PAIRS+1));
-	if (inKeyRecRep->keyPairHist == NULL) {
-	    goto loser;
-	}
-	inKeyRecRep->allocKeyPairs = CMMF_MAX_KEY_PAIRS;
-	inKeyRecRep->numKeyPairs   = 0;
-    }
-
-    if (inKeyRecRep->allocKeyPairs == inKeyRecRep->numKeyPairs) {
-        goto loser;
-    }
-    
-    keyPair = PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
-    if (keyPair == NULL) {
-        goto loser;
-    }
-    rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert,
-					  poolp, inCert);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    keyPair->privateKey = PORT_ArenaZNew(poolp, CRMFEncryptedValue);
-    if (keyPair->privateKey == NULL) {
-        goto loser;
-    }
-    dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey, inPubKey, 
-							keyPair->privateKey);
-    PORT_Assert(dummy = keyPair->privateKey);
-    if (dummy != keyPair->privateKey) {
-        crmf_destroy_encrypted_value(dummy, PR_TRUE);
-	goto loser;
-    }
-    inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = keyPair;
-    inKeyRecRep->numKeyPairs++;
-    inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = NULL;
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-CMMFPKIStatus
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep == NULL) {
-        return cmmfNoPKIStatus;
-    }
-    return cmmf_PKIStatusInfoGetStatus(&inKeyRecRep->status);
-}
-
-CERTCertificate*
-CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep             == NULL ||
-	inKeyRecRep->newSigCert == NULL) {
-        return NULL;
-    }
-    return CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-			          &inKeyRecRep->newSigCert->signatureWrap.data,
-				   NULL, PR_FALSE, PR_TRUE);
-}
-
-CERTCertList*
-CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep == NULL || inKeyRecRep->caCerts == NULL) {
-        return NULL;
-    }
-    return cmmf_MakeCertList(inKeyRecRep->caCerts);
-}
-
-int 
-CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    return (inKeyRecRep == NULL) ? 0 : inKeyRecRep->numKeyPairs;
-}
-
-PRBool
-cmmf_KeyRecRepContentIsValidIndex(CMMFKeyRecRepContent *inKeyRecRep,
-				  int                   inIndex)
-{
-    int numKeyPairs = CMMF_KeyRecRepContentGetNumKeyPairs(inKeyRecRep);
-    
-    return (PRBool)(inIndex >= 0 && inIndex < numKeyPairs);
-}
-
-CMMFCertifiedKeyPair*
-CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
-				       int                   inIndex)
-{
-    CMMFCertifiedKeyPair *newKeyPair;
-    SECStatus             rv;
-
-    PORT_Assert(inKeyRecRep != NULL &&
-		cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex));
-    if (inKeyRecRep == NULL ||
-	!cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex)) {
-        return NULL;
-    }
-    newKeyPair = PORT_ZNew(CMMFCertifiedKeyPair);
-    if (newKeyPair == NULL) {
-        return NULL;
-    }
-    rv = cmmf_CopyCertifiedKeyPair(NULL, newKeyPair, 
-				   inKeyRecRep->keyPairHist[inIndex]);
-    if (rv != SECSuccess) {
-        CMMF_DestroyCertifiedKeyPair(newKeyPair);
-	newKeyPair = NULL;
-    }
-    return newKeyPair;
-}
-
-SECStatus 
-CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
-				   SECKEYPrivateKey     *inPrivKey,
-				   SECItem              *inNickName,
-				   PK11SlotInfo         *inSlot,
-				   CERTCertDBHandle     *inCertdb,
-				   SECKEYPrivateKey    **destPrivKey,
-				   void                 *wincx)
-{
-    CERTCertificate *cert;
-    SECItem keyUsageValue = {siBuffer, NULL, 0};
-    unsigned char keyUsage = 0x0;
-    SECKEYPublicKey *pubKey;
-    SECStatus rv;
-
-    PORT_Assert(inKeyPair != NULL &&
-		inPrivKey != NULL && inCertdb != NULL);
-    if (inKeyPair             == NULL ||
-	inPrivKey             == NULL ||
-	inKeyPair->privateKey == NULL ||
-	inCertdb              == NULL) {
-        return SECFailure;
-    }
-    
-    cert = CMMF_CertifiedKeyPairGetCertificate(inKeyPair, inCertdb);
-    CERT_FindKeyUsageExtension(cert, &keyUsageValue);
-    if (keyUsageValue.data != NULL) {
-        keyUsage = keyUsageValue.data[3];
-	PORT_Free(keyUsageValue.data);
-    }
-    pubKey = CERT_ExtractPublicKey(cert);
-    rv = crmf_encrypted_value_unwrap_priv_key(NULL, inKeyPair->privateKey,
-					      inPrivKey, pubKey, 
-					      inNickName, inSlot, keyUsage, 
-					      destPrivKey, wincx);
-    SECKEY_DestroyPublicKey(pubKey);
-    CERT_DestroyCertificate(cert);
-    return rv;
-}
-
-
-PRBool 
-CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
-    PORT_Assert(inKeyRecRep != NULL);
-    if (inKeyRecRep == NULL) {
-        return PR_FALSE;
-    }
-    return (PRBool)(inKeyRecRep->caCerts    != NULL && 
-		    inKeyRecRep->caCerts[0] != NULL);
-}
diff --git a/security/nss/lib/crmf/cmmfresp.c b/security/nss/lib/crmf/cmmfresp.c
deleted file mode 100644
index b26fb39fb..000000000
--- a/security/nss/lib/crmf/cmmfresp.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * This file will contain all routines dealing with creating a 
- * CMMFCertRepContent structure through Create/Set functions.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-#include "secder.h"
-
-CMMFCertRepContent*
-CMMF_CreateCertRepContent(void)
-{
-    CMMFCertRepContent *retCertRep;
-    PRArenaPool        *poolp;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        goto loser;
-    }
-    retCertRep = PORT_ArenaZNew(poolp, CMMFCertRepContent);
-    if (retCertRep == NULL) {
-        goto loser;
-    }
-    retCertRep->poolp = poolp;
-    return retCertRep;
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-SECStatus 
-cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
-				 PRArenaPool       *poolp,
-				 CERTCertificate   *inCert)
-{
-    SECItem               *derDest = NULL;
-    SECStatus             rv = SECFailure;
-
-    if (inCert->derCert.data == NULL) {
-        derDest = SEC_ASN1EncodeItem(NULL, NULL, inCert, 
-				     CMMFCertOrEncCertCertificateTemplate);
-	if (derDest == NULL) {
-	    goto loser;
-	}
-    } else {
-        derDest = SECITEM_DupItem(&inCert->derCert);
-	if (derDest == NULL) {
-	    goto loser;
-	}
-    }
-    PORT_Assert(certOrEncCert->cert.certificate == NULL);
-    certOrEncCert->cert.certificate = CERT_DupCertificate(inCert);
-    certOrEncCert->choice = cmmfCertificate;
-    if (poolp != NULL) {
-        rv = SECITEM_CopyItem(poolp, &certOrEncCert->derValue, derDest);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    } else {
-        certOrEncCert->derValue = *derDest;
-    }
-    PORT_Free(derDest);
-    return SECSuccess;
- loser:
-    if (derDest != NULL) {
-        SECITEM_FreeItem(derDest, PR_TRUE);
-    }
-    return rv;
-}
-
-SECStatus
-cmmf_ExtractCertsFromList(CERTCertList      *inCertList,
-			  PRArenaPool       *poolp,
-			  CERTCertificate ***certArray)
-{
-    CERTCertificate  **arrayLocalCopy;
-    CERTCertListNode  *node;
-    int                numNodes = 0, i;
-
-    for (node = CERT_LIST_HEAD(inCertList); !CERT_LIST_END(node, inCertList);
-	 node = CERT_LIST_NEXT(node)) {
-        numNodes++;
-    }
-
-    arrayLocalCopy = *certArray = (poolp == NULL) ?
-                    PORT_NewArray(CERTCertificate*, (numNodes+1)) :
-                    PORT_ArenaNewArray(poolp, CERTCertificate*, (numNodes+1));
-    if (arrayLocalCopy == NULL) {
-        return SECFailure;
-    }
-    for (node = CERT_LIST_HEAD(inCertList), i=0; 
-	 !CERT_LIST_END(node, inCertList);
-	 node = CERT_LIST_NEXT(node), i++) {
-        arrayLocalCopy[i] = CERT_DupCertificate(node->cert);
-	if (arrayLocalCopy[i] == NULL) {
-	    int j;
-	    
-	    for (j=0; j<i; j++) {
-	        CERT_DestroyCertificate(arrayLocalCopy[j]);
-	    }
-	    if (poolp == NULL) {
-	        PORT_Free(arrayLocalCopy);
-	    }
-	    *certArray = NULL;
-	    return SECFailure;
-	}
-    }
-    arrayLocalCopy[numNodes] = NULL;
-    return SECSuccess;
-}
-
-SECStatus
-CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
-				    CMMFCertResponse  **inCertResponses,
-				    int                 inNumResponses)
-{
-    PRArenaPool       *poolp;
-    CMMFCertResponse **respArr, *newResp;
-    void              *mark;
-    SECStatus          rv;
-    int                i;
-
-    PORT_Assert (inCertRepContent != NULL &&
-		 inCertResponses  != NULL &&
-		 inNumResponses    > 0);
-    if (inCertRepContent == NULL ||
-	inCertResponses  == NULL ||
-	inCertRepContent->response != NULL) {
-        return SECFailure;
-    }
-    poolp = inCertRepContent->poolp;
-    mark = PORT_ArenaMark(poolp);
-    respArr = inCertRepContent->response = 
-        PORT_ArenaZNewArray(poolp, CMMFCertResponse*, (inNumResponses+1));
-    if (respArr == NULL) {
-        goto loser;
-    }
-    for (i=0; i<inNumResponses; i++) {
-        newResp = PORT_ArenaZNew(poolp, CMMFCertResponse);
-	if (newResp == NULL) {
-	    goto loser;
-	}
-        rv = cmmf_CopyCertResponse(poolp, newResp, inCertResponses[i]);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-	respArr[i] = newResp;
-    }
-    respArr[inNumResponses] = NULL;
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-CMMFCertResponse*
-CMMF_CreateCertResponse(long inCertReqId)
-{
-    SECItem          *dummy;
-    CMMFCertResponse *newResp;
-    
-    newResp = PORT_ZNew(CMMFCertResponse);
-    if (newResp == NULL) {
-        goto loser;
-    }
-    dummy = SEC_ASN1EncodeInteger(NULL, &newResp->certReqId, inCertReqId);
-    if (dummy != &newResp->certReqId) {
-        goto loser;
-    }
-    return newResp;
-
- loser:
-    if (newResp != NULL) {
-        CMMF_DestroyCertResponse(newResp);
-    }
-    return NULL;
-}
-
-SECStatus
-CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
-					CMMFPKIStatus     inPKIStatus)
-{
-    PORT_Assert (inCertResp != NULL && inPKIStatus >= cmmfGranted
-		 && inPKIStatus < cmmfNumPKIStatus);
-
-    if  (inCertResp == NULL) {
-        return SECFailure;
-    }
-    return cmmf_PKIStatusInfoSetStatus(&inCertResp->status, NULL,
-				       inPKIStatus);
-}
-
-SECStatus
-CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
-				 CERTCertificate  *inCertificate)
-{
-    CMMFCertifiedKeyPair *keyPair = NULL;
-    SECStatus             rv = SECFailure;
-
-    PORT_Assert(inCertResp != NULL && inCertificate != NULL);
-    if (inCertResp == NULL || inCertificate == NULL) {
-        return SECFailure;
-    }
-    if (inCertResp->certifiedKeyPair == NULL) {
-        keyPair = inCertResp->certifiedKeyPair = 
-	    PORT_ZNew(CMMFCertifiedKeyPair);
-    } else {
-        keyPair = inCertResp->certifiedKeyPair;
-    }
-    if (keyPair == NULL) {
-        goto loser;
-    }
-    rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert, NULL,
-					  inCertificate);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return SECSuccess;
- loser:
-    if (keyPair) {
-        if (keyPair->certOrEncCert.derValue.data) {
-	    PORT_Free(keyPair->certOrEncCert.derValue.data);
-	}
-	PORT_Free(keyPair);
-    }
-    return rv;
-}
-
-
-SECStatus
-CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
-			     CERTCertList       *inCAPubs)
-{
-    PRArenaPool      *poolp;
-    void             *mark;
-    SECStatus         rv;
-
-    PORT_Assert(inCertRepContent != NULL &&
-		inCAPubs         != NULL &&
-		inCertRepContent->caPubs == NULL);
-    
-    if (inCertRepContent == NULL ||
-	inCAPubs == NULL || inCertRepContent == NULL) {
-        return SECFailure;
-    }
-
-    poolp = inCertRepContent->poolp;
-    mark = PORT_ArenaMark(poolp);
-
-    rv = cmmf_ExtractCertsFromList(inCAPubs, poolp,
-				   &inCertRepContent->caPubs);
-
-    if (rv != SECSuccess) {
-        PORT_ArenaRelease(poolp, mark);
-    } else {
-        PORT_ArenaUnmark(poolp, mark);
-    }
-    return rv;
-}
-
-CERTCertificate*
-CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
-				    CERTCertDBHandle     *inCertdb)
-{
-    PORT_Assert(inCertKeyPair != NULL);
-    if (inCertKeyPair == NULL) {
-        return NULL;
-    }
-    return cmmf_CertOrEncCertGetCertificate(&inCertKeyPair->certOrEncCert,
-					    inCertdb);
-}
diff --git a/security/nss/lib/crmf/cmmft.h b/security/nss/lib/crmf/cmmft.h
deleted file mode 100644
index 078253057..000000000
--- a/security/nss/lib/crmf/cmmft.h
+++ /dev/null
@@ -1,102 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMFT_H_
-#define _CMMFT_H_
-
-#include "secasn1.h"
-
-/*
- * These are the enumerations used to distinguish between the different
- * choices available for the CMMFCertOrEncCert structure.
- */
-typedef enum {
-    cmmfNoCertOrEncCert = 0,
-    cmmfCertificate = 1,
-    cmmfEncryptedCert = 2
-} CMMFCertOrEncCertChoice;
-
-/*
- * This is the enumeration and the corresponding values used to 
- * represent the CMMF type PKIStatus
- */
-typedef enum {
-    cmmfNoPKIStatus = -1,
-    cmmfGranted = 0,
-    cmmfGrantedWithMods = 1,
-    cmmfRejection = 2,
-    cmmfWaiting = 3,
-    cmmfRevocationWarning = 4,
-    cmmfRevocationNotification = 5,
-    cmmfKeyUpdateWarning = 6,
-    cmmfNumPKIStatus
-} CMMFPKIStatus;
-
-/*
- * These enumerations are used to represent the corresponding values
- * in PKIFailureInfo defined in CMMF.
- */
-typedef enum {
-    cmmfBadAlg = 0,
-    cmmfBadMessageCheck = 1,
-    cmmfBadRequest = 2,
-    cmmfBadTime = 3,
-    cmmfBadCertId = 4,
-    cmmfBadDataFormat = 5,
-    cmmfWrongAuthority = 6,
-    cmmfIncorrectData = 7,
-    cmmfMissingTimeStamp = 8,
-    cmmfNoFailureInfo = 9
-} CMMFPKIFailureInfo;
-
-typedef struct CMMFPKIStatusInfoStr          CMMFPKIStatusInfo;
-typedef struct CMMFCertOrEncCertStr          CMMFCertOrEncCert;
-typedef struct CMMFCertifiedKeyPairStr       CMMFCertifiedKeyPair;
-typedef struct CMMFCertResponseStr           CMMFCertResponse;
-typedef struct CMMFCertResponseSeqStr        CMMFCertResponseSeq;
-typedef struct CMMFPOPODecKeyChallContentStr CMMFPOPODecKeyChallContent;
-typedef struct CMMFChallengeStr              CMMFChallenge;
-typedef struct CMMFRandStr                   CMMFRand;
-typedef struct CMMFPOPODecKeyRespContentStr  CMMFPOPODecKeyRespContent;
-typedef struct CMMFKeyRecRepContentStr       CMMFKeyRecRepContent;
-typedef struct CMMFCertRepContentStr         CMMFCertRepContent;
-
-/* Export this so people can call SEC_ASN1EncodeItem instead of having to 
- * write callbacks that are passed in to the high level encode function
- * for CMMFCertRepContent.
- */
-extern const SEC_ASN1Template CMMFCertRepContentTemplate[];
-extern const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[];
-
-#endif /*_CMMFT_H_*/
diff --git a/security/nss/lib/crmf/config.mk b/security/nss/lib/crmf/config.mk
deleted file mode 100644
index 3b647d954..000000000
--- a/security/nss/lib/crmf/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/crmf/crmf.h b/security/nss/lib/crmf/crmf.h
deleted file mode 100644
index cf7b91095..000000000
--- a/security/nss/lib/crmf/crmf.h
+++ /dev/null
@@ -1,1779 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMF_H_
-#define _CRMF_H_
-
-#include "seccomon.h"
-#include "cert.h"
-#include "crmft.h"
-#include "secoid.h"
-#include "secpkcs7.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * FUNCTION: CRMF_EncodeCertReqMsg
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to be encoded.
- *    fn
- *        A Callback function that the ASN1 encoder calls whenever
- *        the encoder wants to write out some DER encoded bytes.
- *    arg
- *        An opaque pointer that gets passed to the function fn
- * OUTPUT:
- *    The function fn will be called multiple times.  Look at the
- *    comments in crmft.h where the CRMFEncoderOutputCallback type is 
- *    defined for information on proper behavior of the function fn.
- * RETURN:
- *    SECSuccess if encoding was successful.  Any other return value
- *    indicates an error occurred during encoding.
- */
-extern SECStatus 
-        CRMF_EncodeCertReqMsg (CRMFCertReqMsg            *inCertReqMsg, 
-			       CRMFEncoderOutputCallback  fn,
-			       void                      *arg);
-
-/*
- * FUNCTION: CRMF_EncoderCertRequest
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to be encoded.
- *    fn
- *        A Callback function that the ASN1 encoder calls whenever
- *        the encoder wants to write out some DER encoded bytes.
- *    arg
- *        An opaque pointer that gets passed to the function fn.
- * OUTPUT:
- *    The function fn will be called, probably multiple times whenever 
- *    the ASN1 encoder wants to write out DER-encoded bytes.  Look at the 
- *    comments in crmft.h where the CRMFEncoderOuputCallback type is
- *    defined for information on proper behavior of the funciton fn.
- * RETURN:
- *    SECSuccess if encoding was successful.  Any other return value 
- *    indicates an error occured during encoding.
- */
-extern SECStatus CRMF_EncodeCertRequest (CRMFCertRequest           *inCertReq,
-					 CRMFEncoderOutputCallback  fn,
-					 void                      *arg);
-/*
- * FUNCTION: CRMF_EncodeCertReqMessages
- * INPUTS:
- *    inCertReqMsgs
- *        An array of pointers to the Certificate Request Messages
- *        to encode.  The user must place a NULL pointer in the index
- *        after the last message to be encoded.  When the library runs
- *        into the NULL pointer, the library assumes there are no more
- *        messages to encode.
- *    fn
- *        A Callback function that the ASN1 encoder calls whenever
- *        the encoder wants to write out some DER encoded byts.
- *    arg
- *        An opaque pointer that gets passed to the function fn.
- *
- * NOTES:
- *    The parameter inCertReqMsgs needs to be an array with a NULL pointer
- *    to signal the end of messages.  An array in the form of 
- *    {m1, m2, m3, NULL, m4, ...} will only encode the messages m1, m2, and
- *    m3.  All messages from m4 on will not be looked at by the library.
- *
- * OUTPUT:
- *    The function fn will be called, probably multiple times.  Look at the 
- *    comments in crmft.h where the CRMFEncoderOuputCallback type is
- *    defined for information on proper behavior of the funciton fn.
- *
- * RETURN:
- * SECSuccess if encoding the Certificate Request Messages was successful. 
- * Any other return value indicates an error occurred while encoding the
- * certificate request messages.
- */
-extern SECStatus 
-       CRMF_EncodeCertReqMessages(CRMFCertReqMsg           **inCertReqMsgs,
-				  CRMFEncoderOutputCallback  fn,
-				  void                      *arg);
-
-
-/*
- * FUNCTION: CRMF_CreateCertReqMsg
- * INPUTS:
- *    NONE
- * OUTPUT:
- *    An empty CRMF Certificate Request Message.
- *    Before encoding this message, the user must set
- *    the ProofOfPossession field and the certificate 
- *    request which are necessary for the full message.
- *    After the user no longer needs this CertReqMsg,
- *    the user must call CRMF_DestroyCertReqMsg to free
- *    all memory associated with the Certificate Request
- *    Message.
- * RETURN:
- *    A pointer to a Certificate Request Message.  The user 
- *    must pass the return value of this function to 
- *    CRMF_DestroyCertReqMsg after the Certificate Request
- *    Message is no longer necessary.
- */
-extern CRMFCertReqMsg* CRMF_CreateCertReqMsg(void);
-
-/*
- * FUNCTION: CRMF_DestroyCertReqMsg
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to destroy.
- *  NOTES:
- *    This function frees all the memory used for the Certificate
- *    Request Message and all the memory used in making copies of
- *    fields of elelments of the message, eg. the Proof Of Possession
- *    filed and the Cetificate Request.  
- * RETURN:
- *    SECSuccess if destruction was successful.  Any other return value
- *    indicates an error while trying to free the memory associated
- *    with inCertReqMsg.
- *    
- */
-extern SECStatus CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetCertRequest
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message that the function will set
- *        the certificate request for.
- *    inCertReq
- *        The Certificate Request that will be added to the Certificate
- *        Request Message.
- * NOTES:
- *    This function will make a copy of the Certificate Request passed in
- *    and store it as part of the Certificate Request Message.  Therefore,
- *    the user must not call this function until the Certificate Request
- *    has been fully built and is ready to be encoded.
- * RETURN:
- *    SECSuccess 
- *        If copying the Certificate as a member of the Certificate
- *        request message was successful.
- *    Any other return value indicates a failure to copy the Certificate
- *    Request and make it a part of the Certificate Request Message.
- */
-extern SECStatus CRMF_CertReqMsgSetCertRequest(CRMFCertReqMsg  *inCertReqMsg, 
-					       CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CreateCertRequest
- * INPUTS:
- *    inRequestID
- *        The ID that will be associated with this certificate request.
- * OUTPUTS:
- *    A certificate request which only has the requestID set.
- * NOTES:
- *    The user must call the function CRMF_DestroyCertRequest when
- *    the returned value is no longer needed.  This is usually the
- *    case after fully constructing the Certificate Request and then
- *    calling the function CRMF_CertReqMsgSetCertRequest.
- * RETURN:
- *    A pointer to the new Certificate Request.  A NULL return value
- *    indicates an error in creating the Certificate Request.
- */
-extern CRMFCertRequest *CRMF_CreateCertRequest (long inRequestID);
-
-/*
- * FUNCTION: CRMF_DestroyCertRequest
- * INPUTS:
- *    inCertReq
- *        The Certificate Request that will be destroyed.
- * RETURN:
- *    SECSuccess
- *        If freeing the memory associated with the certificate request 
- *        was successful.
- *    Any other return value indicates an error while trying to free the 
- *    memory.
- */
-extern SECStatus CRMF_DestroyCertRequest (CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CreateCertExtension
- * INPUTS:
- *    id
- *        The SECOidTag to associate with this CertExtension.  This must
- *        correspond to a valid Certificate Extension, if not the function
- *        will fail.
- *    isCritical
- *        A boolean value stating if the extension value is crtical.  PR_TRUE
- *        means the value is crtical.  PR_FALSE indicates the value is not 
- *        critical.
- *    data
- *        This is the data associated with the extension.  The user of the
- *        library is responsible for making sure the value passed in is a
- *        valid interpretation of the certificate extension.
- * NOTES:
- * Use this function to create CRMFCertExtension Structures which will 
- * then be passed to CRMF_AddFieldToCertTemplate as part of the 
- * CRMFCertCreationInfo.extensions  The user must call 
- * CRMF_DestroyCertExtension after the extension has been added to a certifcate
- * and the extension is no longer needed.
- *
- * RETURN:
- * A pointer to a newly created CertExtension.  A return value of NULL
- * indicates the id passed in was an invalid certificate extension.
- */
-extern CRMFCertExtension *CRMF_CreateCertExtension(SECOidTag      id, 
-						   PRBool         isCritical,
-						   SECItem       *data);
-
-/*
- * FUNCTION: CMRF_DestroyCertExtension
- * INPUTS:
- *    inExtension
- *        The Cert Extension to destroy
- * NOTES:
- * Destroy a structure allocated by CRMF_CreateCertExtension.
- *
- * RETURN:
- * SECSuccess if freeing the memory associated with the certificate extension
- * was successful.  Any other error indicates an error while freeing the 
- * memory.
- */
-extern SECStatus CRMF_DestroyCertExtension(CRMFCertExtension *inExtension);
-
-/* 
- * FUNCTION: CRMF_CertRequestSetTemplateField
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    inTemplateField
- *        An enumeration that indicates which field of the Certificate
- *        template to add.
- *    data
- *        A generic pointer that will be type cast according to the
- *        table under NOTES and used as the key for adding to the
- *        certificate template;
- * NOTES:
- *
- * Below is a table that tells what type to pass in as data
- * depending on the template field one wants to set.
- *
- * Look in crmft.h for the definition of CRMFCertTemplateField.
- * 
- * In all cases, the library makes copies of the data passed in.
- *
- *   CRMFCertTemplateField    Type of data    What data means
- *   ---------------------    ------------    ---------------
- *   crmfVersion              long *          The version of
- *                                            the certificate
- *                                            to be created.
- *
- *   crmfSerialNumber         long *          The serial number
- *                                            for the cert to be
- *                                            created.
- *   
- *   crmfSigningAlg           SECAlgorithm *  The ASN.1 object ID for
- *                                            the algorithm used in encoding
- *                                            the certificate.
- *
- *   crmfIssuer               CERTName *      Certificate Library 
- *                                            representation of the ASN1 type
- *                                            Name from X.509
- *
- *   crmfValidity     CRMFValidityCreationInfo *  At least one of the two
- *                                                fields in the structure must
- *                                                be present.  A NULL pointer 
- *                                                in the structure indicates
- *                                                that member should not be 
- *                                                added.
- *
- *   crmfSubject              CERTName *      Certificate Library 
- *                                            representation of the ASN1 type
- *                                            Name from X.509
- *
- *   crmfPublicKey    CERTSubjectPublicKeyInfo *  The public key info for the
- *                                                certificate being requested.
- *
- *   crmfIssuerUID            SECItem *           A bit string representation
- *                                                of the issuer UID. NOTE: The
- *                                                length is the number of bits
- *                                                and not the number of bytes.
- *
- *   crmfSubjectUID           SECItem*            A bit string representation
- *                                                of the subject UID. NOTE: The
- *                                                length is the number of bits
- *                                                and not the number of bytes.
- *
- *   crmfExtension   CRMFCertExtCreationInfo *     A pointer to the structure
- *                                                 populated with an array of 
- *                                                 of certificate extensions
- *                                                 and an integer that tells
- *                                                 how many elements are in the
- *                                                 array. Look in crmft.h for
- *                                                 the definition of 
- *                                                 CRMFCertExtCreationInfo
- * RETURN:
- *    SECSuccess if adding the desired field to the template was successful.
- *    Any other return value indicates failure when trying to add the field 
- *    to the template.
- *                                                
- */
-extern SECStatus
-  CRMF_CertRequestSetTemplateField(CRMFCertRequest       *inCertReq, 
-				   CRMFCertTemplateField  inTemplateField,
-				   void                  *data);
-
-/*
- * FUNCTION: CRMF_CertRequestIsFieldPresent
- * INPUTS:
- *    inCertReq
- *        The certificate request to operate on.
- *    inTemplateField
- *        The enumeration for the template field the user wants to query
- *        about.
- * NOTES:
- * This function checks to see if the the field associated with inTemplateField
- * enumeration is already present in the certificate request passed in.
- *
- * RETURN:
- * The function returns PR_TRUE if the field associated with inTemplateField
- * is already present in the certificate request.  If the field is not present
- * the function returns PR_FALSE.
- */
-extern PRBool
-  CRMF_CertRequestIsFieldPresent(CRMFCertRequest       *inCertReq,
-				 CRMFCertTemplateField  inTemplateField);
-
-/*
- * FUNCTION: CRMF_CertRequestIsControlPresent
- * INPUTS:
- *    inCertReq
- *        The certificate request to operate on.
- *    inControlType
- *        The type of control to look for.
- * NOTES:
- * This function looks at the control present in the certificate request
- * and returns PR_TRUE iff a control of type inControlType already exists.
- * The CRMF draft does not explicitly state that two controls of the same
- * type can not exist within the same request.  So the library will not
- * cause an error if you try to add a control and one of the same type
- * already exists.  It is up to the application to ensure that multiple
- * controls of the same type do not exist, if that is the desired behavior
- * by the application.
- *
- * RETURN:
- * The function returns PR_TRUE if a control of type inControlType already
- * exists in the certificate request.  If a control of type inControlType
- * does not exist, the function will return PR_FALSE.
- */
-extern PRBool
-  CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
-				   CRMFControlType  inControlType);
-				   
-
-/*
- * FUNCTION: CRMF_CertRequestSetRegTokenControl
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    value
- *        The UTF8 value which will be the Registration Token Control
- *        for this Certificate Request.
- * NOTES:
- *    The library does no verification that the value passed in is 
- *    a valid UTF8 value.  The caller must make sure of this in order
- *    to get an encoding that is valid.  The library will ultimately
- *    encode this value as it was passed in.
- * RETURN:
- *    SECSucces on successful addition of the Registration Token Control.
- *    Any other return value indicates an unsuccessful attempt to add the
- *    control.
- *
- */
-extern SECStatus CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq,
-						    SECItem         *value);
-
-/*
- * FUNCTION: CRMF_CertRequestSetAuthenticatorControl
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    value
- *        The UTF8 value that will become the Authenticator Control
- *        for the passed in Certificate Request.
- * NOTES:
- *    The library does no verification that the value passed in is 
- *    a valid UTF8 value.  The caller must make sure of this in order
- *    to get an encoding that is valid.  The library will ultimately
- *    encode this value as it was passed in.
- * RETURN:
- *    SECSucces on successful addition of the Authenticator Control.
- *    Any other return value indicates an unsuccessful attempt to add the
- *    control.
- */
-extern SECStatus 
-       CRMF_CertRequestSetAuthenticatorControl (CRMFCertRequest *inCertReq,
-						SECItem         *value);
-
-/*
- * FUNCTION: CRMF_CreateEncryptedKeyWithencryptedValue
- * INPUTS:
- *    inPrivKey
- *        This is the private key associated with a certificate that is
- *        being requested.  This structure will eventually wind up as 
- *        a part of the PKIArchiveOptions Control.  
- *    inCACert
- *        This is the certificate for the CA that will be receiving the 
- *        certificate request for the private key passed in.
- * OUTPUT:
- *    A CRMFEncryptedKey that can ultimately be used as part of the 
- *    PKIArchiveOptions Control.
- *
- * RETURN:
- *    A pointer to a CRMFEncyptedKey.  A NULL return value indicates an erro
- *    during the creation of the encrypted key.
- */
-extern CRMFEncryptedKey* 
-       CRMF_CreateEncryptedKeyWithEncryptedValue(SECKEYPrivateKey *inPrivKey,
-						 CERTCertificate  *inCACert);
-
-/*
- * FUNCTION: CRMF_DestroyEncryptedKey
- * INPUTS:
- *    inEncrKey
- *        The CRMFEncryptedKey to be destroyed.
- * NOTES:
- *    Frees all memory associated with the CRMFEncryptedKey passed in.
- * RETURN:
- *    SECSuccess if freeing the memory was successful.  Any other return
- *    value indicates an error while freeig the memroy.
- */
-extern SECStatus CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey);
-						
-/*
- * FUNCTION: CRMF_CreatePKIArchiveOptions
- * INPUTS:
- *    inType
- *        An enumeration value indicating which option for 
- *        PKIArchiveOptions to use.
- *    data
- *        A pointer that will be type-cast and de-referenced according
- *        to the table under NOTES.
- * NOTES:
- * A table listing what should be passed in as data
- * ------------------------------------------------
- *
- * inType                            data
- * ------                            ----
- * crmfEncryptedPrivateKey           CRMFEncryptedKey*
- * crmfKeyGenParameters              SECItem*(This needs to be an octet string)
- * crmfArchiveRemGenPrivKey          PRBool*
- *
- * RETURN:
- *    A pointer the a CRMFPKIArchiveOptions that can be added to a Certificate
- *    Request.  A NULL pointer indicates an error occurred while creating
- *    the CRMFPKIArchiveOptions Structure.
- */
-extern CRMFPKIArchiveOptions*
-       CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType  inType,
-				    void                      *data);
-/*
- * FUNCTION: CRMF_DestroyPKIArchiveOptions
- * INPUTS:
- *    inArchOpt
- *        A pointer to the CRMFPKIArchiveOptions structure to free.
- * NOTES:
- *    Will free all memory associated with 'inArchOpt'.
- * RETURN:
- *    SECSuccess if successful in freeing the memory used by 'inArchOpt'
- *    Any other return value indicates an error while freeing the memory.
- */
-extern SECStatus 
-       CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOpt);
-
-/*
- * FUNCTION: CRMF_CertRequestSetPKIArchiveOptions
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to add the the options to.
- *    inOptions
- *        The Archive Options to add to the Certificate Request.
- * NOTES:
- *    Adds the PKIArchiveOption to the Certificate Request.  This is what
- *    enables Key Escrow to take place through CRMF.  The library makes
- *    its own copy of the information.
- * RETURN:
- *    SECSuccess if successful in adding the ArchiveOptions to the Certificate
- *    request.  Any other return value indicates an error when trying to add
- *    the Archive Options  to the Certificate Request.
- */
-extern SECStatus 
-       CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest       *inCertReq,
-					    CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPType
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to operate on.
- * NOTES:
- *    Returns an enumeration value indicating the method of Proof
- *    of Possession that was used for the passed in Certificate Request
- *    Message.
- * RETURN:
- *    An enumeration indicating what method for Proof Of Possession is
- *    being used in this Certificate Request Message.  Look in the file
- *    crmft.h for the definition of CRMFPOPChoice for the possible return
- *    values.
- */
-extern CRMFPOPChoice CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetRAVerifiedPOP
- * INPUT:
- *    InCertReqMsg
- *        The Certificate Request Message to operate on.
- * NOTES:
- *    This function will set the method of Proof Of Possession to 
- *    crmfRAVerified which means the RA has already verified the 
- *    requester does possess the private key.
- * RETURN:
- *    SECSuccess if adding RAVerified to the message is successful.  
- *    Any other message indicates an error while trying to add RAVerified
- *    as the Proof of Possession.
- */
-extern SECStatus CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetSignaturePOP
- * INPUT:
- *    inCertReqMsg
- *        The Certificate Request Message to add the SignaturePOP to.
- *    inPrivKey
- *        The Private Key which corresponds to the the Certificate Request
- *        Message.
- *    inPubKey
- *        The Public Key which corresponds to the Private Key passed in.
- *    inCertForInput
- *        A Certificate that in the future may be used to create 
- *        POPOSigningKeyInput.
- *    fn
- *        A callback for retrieving a password which may be used in the
- *       future to generate POPOSigningKeyInput.
- *    arg
- *        An opaque pointer that would be passed to fn whenever it is
- *        called.
- * NOTES:
- * Adds Proof Of Possession to the CertRequest using the signature field 
- * of the ProofOfPossession field.  NOTE: In order to use this option, 
- * the certificate template must contain the publicKey at the very minimum.
- * 
- * If you don't want the function to generate POPOSigningKeyInput, then
- * make sure the cert template already contains the subject and public key
- * values.  Currently creating POPOSigningKeyInput is not supported, so 
- * a Message passed to this function must have the publicKey and the subject
- * as part of the template
- *
- * This will take care of creating the entire POPOSigningKey structure
- * that will become part of the message.
- *
- * inPrivKey is the key to be used in the signing operation when creating
- * POPOSigningKey structure.  This should be the key corresponding to
- * the certificate being requested.
- *
- * inCertForInput will be used if POPOSigningKeyInput needs to be generated.
- * It will be used in generating the authInfo.sender field.  If the parameter
- * is not passed in then authInfo.publicKeyMAC will be generated instead.
- * If passed in, this certificate needs to be a valid certificate.
- *
- * The last 3 arguments are for future compatibility in case we ever want to
- * support generating POPOSigningKeyInput.  Pass in NULL for all 3 if you 
- * definitely don't want the funciton to even try to generate 
- * POPOSigningKeyInput.  If you try to use POPOSigningKeyInput, the function
- * will fail.
- *
- * RETURN:
- *    SECSuccess if adding the Signature Proof Of Possession worked.
- *    Any other return value indicates an error in trying to add
- *    the Signature Proof Of Possession.
- */
-extern SECStatus 
-       CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg   *inCertReqMsg,
-				      SECKEYPrivateKey *inPrivKey,
-				      SECKEYPublicKey  *inPubKey,
-				      CERTCertificate  *inCertForInput,
-				      CRMFMACPasswordCallback  fn,
-				      void                    *arg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetKeyEnciphermentPOP
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to operate on.
- *    inKeyChoice
- *        An enumeration indicating which POPOPrivKey Choice to use
- *        in constructing the KeyEnciphermentPOP.
- *    subseqMess
- *        This parameter must be provided iff inKeyChoice is 
- *        crmfSubsequentMessage.  This details how the RA is to respond
- *        in order to perform Proof Of Possession.  Look in crmft.h under
- *        the definition of CRMFSubseqMessOptions for possible values.
- *    encPrivKey
- *        This parameter only needs to be provided if inKeyChoice is
- *        crmfThisMessage.  The item should contain the encrypted private
- *        key.
- *        
- * NOTES:
- * Adds Proof Of Possession using the keyEncipherment field of
- * ProofOfPossession.
- *
- * The funciton looks at the the inKeyChoice parameter and interprets it in
- * in the following manner.
- *
- * If a parameter is not mentioned under interpretation, the funciton will not
- * look at its value when implementing that case.
- *
- * inKeyChoice          Interpretation
- * -----------          --------------
- * crmfThisMessage      This options requires that the encrypted private key
- *                      be included in the thisMessage field of POPOPrivKey.
- *                      We don't support this yet, so any clients who want
- *                      to use this feature have to implement a wrapping
- *                      function and agree with the server on how to properly
- *                      wrap the key.  That encrypted key must be passed in
- *                      as the encPrivKey parameter.
- *
- * crmfSubequentMessage Must pass in a value for subseqMess.  The value must
- *                      be either CRMFEncrCert or CRMFChallengeResp.  The
- *                      parameter encPrivKey will not be looked at in this
- *                      case.
- *
- * crmfDHMAC            This is not a valid option for this function.  Passing
- *                      in this value will result in the function returning
- *                      SECFailure.
- * RETURN:
- *    SECSuccess if adding KeyEnciphermentPOP was successful.  Any other return
- *    value indicates an error in adding KeyEnciphermentPOP.
- */
-extern SECStatus 
-      CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg        *inCertReqMsg,
-					   CRMFPOPOPrivKeyChoice  inKeyChoice,
-					   CRMFSubseqMessOptions  subseqMess,
-					   SECItem               *encPrivKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetKeyAgreementPOP
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to operate on.
- *    inKeyChoice
- *        An enumeration indicating which POPOPrivKey Choice to use
- *        in constructing the KeyAgreementPOP.
- *    subseqMess
- *        This parameter must be provided iff inKeyChoice is 
- *        crmfSubsequentMessage.  This details how the RA is to respond
- *        in order to perform Proof Of Possession.  Look in crmft.h under
- *        the definition of CRMFSubseqMessOptions for possible values.
- *    encPrivKey
- *        This parameter only needs to be provided if inKeyChoice is
- *        crmfThisMessage.  The item should contain the encrypted private
- *        key.
- * Adds Proof Of Possession using the keyAgreement field of
- * ProofOfPossession.
- *
- * The funciton looks at the the inKeyChoice parameter and interprets it in
- * in the following manner.
- *
- * If a parameter is not mentioned under interpretation, the funciton will not
- * look at its value when implementing that case.
- *
- * inKeyChoice          Interpretation
- * -----------          --------------
- * crmfThisMessage      This options requires that the encrypted private key
- *                      be included in the thisMessage field of POPOPrivKey.
- *                      We don't support this yet, so any clients who want
- *                      to use this feature have to implement a wrapping
- *                      function and agree with the server on how to properly
- *                      wrap the key.  That encrypted key must be passed in
- *                      as the encPrivKey parameter.
- *
- * crmfSubequentMessage Must pass in a value for subseqMess.  The value must
- *                      be either crmfEncrCert or crmfChallengeResp.  The
- *                      parameter encPrivKey will not be looked at in this
- *                      case.
- *
- * crmfDHMAC            This option is not supported.
- */
-extern SECStatus 
-       CRMF_CertReqMsgSetKeyAgreementPOP(CRMFCertReqMsg        *inCertReqMsg,
-					 CRMFPOPOPrivKeyChoice  inKeyChoice,
-					 CRMFSubseqMessOptions  subseqMess,
-					 SECItem               *encPrivKey);
-
-/*
- * FUNCTION: CRMF_CreateCertReqMsgFromDER
- * INPUTS:
- *    buf
- *        A buffer to the DER-encoded Certificate Request Message.
- *    len
- *        The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a 
- * CRMFCertReqMsg structure.  Do not try adding any fields to a message
- * returned from this function.  Specifically adding more Controls or 
- * Extensions may cause your program to crash.
- *
- * RETURN:
- *    A pointer to the Certificate Request Message structure.  A NULL return
- *    value indicates the library was unable to parse the DER.
- */
-extern CRMFCertReqMsg* CRMF_CreateCertReqMsgFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CRMF_CreateCertReqMessagesFromDER
- * INPUTS:
- *    buf
- *        A buffer to the DER-encoded Certificate Request Messages.
- *    len
- *        The length in bytes of buf
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a 
- * CRMFCertReqMessages structure.  Do not try adding any fields to a message
- * derived from this function.  Specifically adding more Controls or 
- * Extensions may cause your program to crash.
- * The user must call CRMF_DestroyCertReqMessages after the return value is 
- * no longer needed, ie when all individual messages have been extracted.
- *  
- * RETURN:
- *    A pointer to the Certificate Request Messages structure.  A NULL return
- *    value indicates the library was unable to parse the DER.
- */ 
-extern CRMFCertReqMessages*
-       CRMF_CreateCertReqMessagesFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CRMF_DestroyCertReqMessages
- * INPUTS
- *    inCertReqMsgs
- *        The Messages to destroy.
- * RETURN:
- *    SECSuccess if freeing the memory was done successfully.  Any other
- *    return value indicates an error in freeing up memory.
- */ 
-extern SECStatus 
-       CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs);
-
-/*
- * FUNCTION: CRMF_CertReqMessagesGetNumMessages
- * INPUTS:
- *    inCertReqMsgs
- *        The Request Messages to operate on.
- * RETURN:
- *    The number of messages contained in the in the Request Messages 
- *    strucure.
- */
-extern int 
-       CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs);
-
-/*
- * FUNCTION: CRMF_CertReqMessagesGetCertReqMsgAtIndex
- * INPUTS:
- *    inReqMsgs
- *        The Certificate Request Messages to operate on.
- *    index
- *        The index of the single message the user wants a copy of.
- * NOTES:
- * This function returns a copy of the request messages stored at the 
- * index corresponding to the parameter 'index'.  Indexing of the messages
- * is done in the same manner as a C array.  Meaning the valid index are 
- * 0...numMessages-1.  User must call CRMF_DestroyCertReqMsg when done using
- * the return value of this function.
- *
- * RETURN:
- * SECSuccess if copying the message at the requested index was successful.
- * Any other return value indicates an invalid index or error while copying
- * the single request message.
- */
-extern CRMFCertReqMsg*
-       CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
-						int                  index);
-
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetID
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to get the ID from.
- *    destID
- *        A pointer to where the library can place the ID of the Message.
- * RETURN:
- *    SECSuccess if the function was able to retrieve the ID and place it
- *    at *destID.  Any other return value indicates an error meaning the value
- *    in *destId is un-reliable and should not be used by the caller of this 
- *    function.
- *    
- */
-extern SECStatus CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg, 
-				      long           *destID);
-
-/*
- * FUNCTION: CRMF_DoesRequestHaveField
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    inField
- *        An enumeration indicating which filed of the certificate template
- *        to look for.
- * NOTES:
- * All the fields in a certificate template are optional.  This function
- * checks to see if the requested field is present.  Look in crmft.h at the
- * definition of CRMFCertTemplateField for possible values for possible 
- * querying.
- *
- * RETURN:
- * PR_TRUE iff the field corresponding to 'inField' has been specified as part
- *         of 'inCertReq'
- * PR_FALSE iff the field corresponding to 'inField' has not been speicified
- *          as part of 'inCertReq'
- *        
- */
-extern PRBool CRMF_DoesRequestHaveField(CRMFCertRequest       *inCertReq,
-					CRMFCertTemplateField  inField);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetCertRequest
- * INPUTS:
- *    inCertReqMsg
- *        The Certificate Request Message to operate on.
- * NOTES:
- *    This function returns a copy of the Certificate Request to the user.
- *    The user can keep adding to this request and then making it a part
- *    of another message.  After the user no longer wants to use the
- *    returned request, the user must call CRMF_DestroyCertRequest and
- *    pass it the request returned by this function.
- * RETURN:
- *    A pointer to a copy of the certificate request contained by the message.
- *    A NULL return value indicates an error occurred while copying the 
- *   certificate request.
- */
-extern CRMFCertRequest *
-       CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateVersion
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    version
- *        A pointer to where the library can store the version contatined
- *        in the certificate template within the certifcate request.
- * RETURN:
- *    SECSuccess if the Certificate template contains the version field.  In 
- *    this case, *version will hold the value of the certificate template 
- *    version.
- *    SECFailure indicates that version field was not present as part of
- *    of the certificate template.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq, 
-					      long            *version);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSerialNumber
- * INPUTS:
- *    inCertReq
- *        The certificate request to operate on.
- *    serialNumber
- *        A pointer where the library can put the serial number contained
- *        in the certificate request's certificate template.
- * RETURN:
- * If a serial number exists in the CertTemplate of the request, the function 
- * returns SECSuccess and the value at *serialNumber contains the serial 
- * number.
- * If no serial number is present, then the function returns SECFailure and
- * the value at *serialNumber is un-changed.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq, 
-						   long         *serialNumber);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSigningAlg
- * INPUT:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    destAlg
- *        A Pointer to where the library can place a copy of the signing alg
- *        used in the cert request's cert template.
- * RETURN:
- * If the signingAlg is present in the CertRequest's CertTemplate, then
- * the function returns SECSuccess and places a copy of sigingAlg in 
- * *destAlg.
- * If no signingAlg is present, then the function returns SECFailure and
- * the value at *destAlg is un-changed
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
-						 SECAlgorithmID  *destAlg);
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateIssuer
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    destIssuer
- *        A pointer to where the library can place a copy of the cert
- *        request's cert template issuer field.
- * RETURN:
- * If the issuer is present in the cert request cert template, the function 
- * returns SECSuccess and places a  copy of the issuer in *destIssuer.
- * If there is no issuer present, the funciton returns SECFailure and the
- * value at *destIssuer is unchanged.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
-					     CERTName        *destIssuer);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateValidity
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    destValdity
- *        A pointer to where the library can place a copy of the validity
- *        info in the cert request cert template.
- * NOTES:
- * Pass the pointer to 
- * RETURN: 
- * If there is an OptionalValidity field, the function will return SECSuccess
- * and place the appropriate values in *destValidity->notBefore and 
- * *destValidity->notAfter. (Each field is optional, but at least one will
- * be present if the function returns SECSuccess)
- *
- * If there is no OptionalValidity field, the function will return SECFailure
- * and the values at *destValidity will be un-changed.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
-					       CRMFGetValidity *destValidity);
-/*
- * FUNCTION: CRMF_DestroyGetValidity
- * INPUTS:
- *    inValidity
- *        A pointer to the memroy to be freed.
- * NOTES:
- * The function will free the memory allocated by the function 
- * CRMF_CertRequestGetCertTemplateValidity.  That means only memory pointed
- * to within the CRMFGetValidity structure.  Since 
- * CRMF_CertRequestGetCertTemplateValidity does not allocate memory for the
- * structure passed into it, it will not free it.  Meaning this function will
- * free the memory at inValidity->notBefore and inValidity->notAfter, but not
- * the memory directly at inValdity.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful.  Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus 
-       CRMF_DestroyGetValidity(CRMFGetValidity *inValidity);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSubject
- * INPUTS:
- *    inCertReq
- *        The Certificate Request to operate on.
- *    destSubject
- *        A pointer to where the library can place a copy of the subject
- *        contained in the request's cert template.
- * RETURN:
- * If there is a subject in the CertTemplate, then the function returns 
- * SECSuccess and a copy of the subject is placed in *destSubject.
- *
- * If there is no subject, the function returns SECFailure and the values at
- * *destSubject is unchanged.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateSubject (CRMFCertRequest *inCertReq,
-					       CERTName        *destSubject);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplatePublicKey
- * INPUTS:
- *    inCertReq
- *        The Cert request to operate on.
- *    destPublicKey
- *        A pointer to where the library can place a copy of the request's
- *        cert template public key.
- * RETURN:
- * If there is a publicKey parameter in the CertRequest, the function returns
- * SECSuccess, and places a copy of the publicKey in *destPublicKey.
- *
- * If there is no publicKey, the function returns SECFailure and the value
- * at *destPublicKey is un-changed.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
-				      CERTSubjectPublicKeyInfo *destPublicKey);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateIssuerUID
- * INPUTS:
- *    inCertReq
- *        The Cert request to operate on.
- *    destIssuerUID
- *        A pointer to where the library can store a copy of the request's
- *        cert template destIssuerUID.
- *
- * NOTES: 
- * destIssuerUID is a bit string and will be returned in a SECItem as
- * a bit string.  Meaning the len field contains the number of valid bits as
- * opposed to the number of bytes allocated.
- *
- * RETURN:
- * If the CertTemplate has an issuerUID, the function returns SECSuccess and
- * places a copy of the issuerUID in *destIssuerUID.
- *
- * If there is no issuerUID, the function returns SECFailure and the value
- * *destIssuerUID is unchanged.
- */
-extern SECStatus 
-       CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
-						SECItem        *destIssuerUID);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSubjectUID
- *    inCertReq
- *        The Cert request to operate on.
- *    destSubjectUID
- *        A pointer to where the library can store a copy of the request's
- *        cert template destIssuerUID.
- *
- * NOTES: 
- * destSubjectUID is a bit string and will be returned in a SECItem as
- * a bit string.  Meaning the len field contains the number of valid bits as
- * opposed to the number of bytes allocated.
- *
- * RETURN:
- * If the CertTemplate has an issuerUID, the function returns SECSuccess and
- * places a copy of the issuerUID in *destIssuerUID.
- *
- * If there is no issuerUID, the function returns SECSuccess and the value
- * *destIssuerUID is unchanged.
- */
-extern SECStatus CRMF_GetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
-						SECItem       *destSubjectUID);
-
-/*
- * FUNCTION: CRMF_CertRequestGetNumberOfExtensions
- * INPUTS:
- *    inCertReq
- *        The cert request to operate on.
- * RETURN:
- *    Returns the number of extensions contained by the Cert Request.
- */
-extern int CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CertRequestGetExtensionAtIndex
- * INPUTS:
- *    inCertReq
- *        The Certificate request to operate on.
- *    index
- *        The index of the extension array whihc the user wants to access.
- * NOTES:
- * This function retrieves the extension at the index corresponding to the 
- * parameter "index" indicates.  Indexing is done like a C array.  
- * (0 ... numElements-1)
- *
- * Call CRMF_DestroyCertExtension when done using the return value.
- *
- * RETURN:
- *    A pointer to a copy of the extension at the desired index.  A NULL 
- *    return value indicates an invalid index or an error while copying 
- *    the extension.
- */
-extern CRMFCertExtension *
-       CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
-					   int              index);
-/*
- * FUNCTION: CRMF_CertExtensionGetOidTag
- * INPUTS:
- *    inExtension
-
- *        The extension to operate on.
- * RETURN:
- *    Returns the SECOidTag associated with the cert extension passed in.
- */
-extern SECOidTag CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertExtensionGetIsCritical
- * INPUT:
- *    inExt
- *        The cert extension to operate on.
- *
- * RETURN:
- * PR_TRUE if the extension is critical.
- * PR_FALSE if the extension is not critical.
- */
-extern PRBool CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt);
-             
-/*
- * FUNCTION: CRMF_CertExtensionGetValue
- * INPUT:
- *    inExtension
- *        The extension to operate on.
- * NOTES:
- * Caller is responsible for freeing the memory associated with the return
- * value.  Call SECITEM_FreeItem(retVal, PR_TRUE) when done using the return
- * value.
- *
- * RETURN:
- * A pointer to an item containig the value for the certificate extension.
- * A NULL return value indicates an error in copying the information.
- */
-extern SECItem*  CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPOSigningKey
- * INPUTS:
- *    inCertReqMsg
- *        The certificate request message to operate on.
- *    destKey
- *        A pointer to where the library can place a pointer to
- *        a copy of the Proof Of Possession Signing Key used 
- *        by the message.
- *
- * RETURN:
- * Get the POPOSigningKey associated with this CRMFCertReqMsg.  
- * If the CertReqMsg does not have a pop, the function returns
- * SECFailure and the value at *destKey is un-changed..
- *
- * If the CertReqMsg does have a pop, then the CertReqMsg's 
- * POPOSigningKey will be placed at *destKey.
- */
-extern SECStatus 
-       CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg      *inCertReqMsg,
-					CRMFPOPOSigningKey **destKey);
-
-/*
- * FUNCTION: CRMF_DestroyPOPOSigningKey
- * INPUTS:
- *    inKey
- *        The signing key to free.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful.  Any other return value
- * indicates an error while freeing memory.
- */
-extern SECStatus CRMF_DestroyPOPOSigningKey (CRMFPOPOSigningKey *inKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetAlgID
- * INPUTS:
- *    inSignKey
- *        The Signing Key to operate on.
- * RETURN:
- * Return the algorithmID used by the CRMFPOPOSigningKey.  User must
- * call SECOID_DestroyAlgorithmID(destID, PR_TRUE) when done using the
- * return value.
- */
-extern SECAlgorithmID* 
-       CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetSignature
- * INPUTS:
- *    inSignKey
- *        The Signing Key to operate on.
- *
- * RETURN:        
- * Get the actual signature stored away in the CRMFPOPOSigningKey.  SECItem
- * returned is a BIT STRING, so the len field is the number of bits as opposed
- * to the total number of bytes allocatd.  User must call 
- * SECITEM_FreeItem(retVal,PR_TRUE) when done using the return value.
- */
-extern SECItem* CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetInput
- * INPUTS:
- *    inSignKey
- *        The Signing Key to operate on.
- * NOTES:
- * This function will return the der encoded input that was read in while 
- * decoding.  The API does not support this option when creating, so you
- * cannot add this field.
- *
- * RETURN:
- * Get the poposkInput that is part of the of the POPOSigningKey. If the
- * optional field is not part of the POPOSigningKey, the function returns
- * NULL.
- *
- * If the optional field is part of the POPOSingingKey, the function will
- * return a copy of the der encoded poposkInput.
- */
-extern SECItem* CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPKeyEncipherment
- * INPUTS:
- *    inCertReqMsg
- *        The certificate request message to operate on.
- *    destKey
- *        A pointer to where the library can place a pointer to a 
- *        copy of the POPOPrivKey representing Key Encipherment 
- *        Proof of Possession.
- *NOTES:
- * This function gets the POPOPrivKey associated with this CRMFCertReqMsg 
- * for Key Encipherment.  
- *
- * RETURN:
- * If the CertReqMsg did not use Key Encipherment for Proof Of Possession, the
- * function returns SECFailure and the value at *destKey is un-changed.
- *
- * If the CertReqMsg did use Key Encipherment for ProofOfPossession, the
- * function returns SECSuccess and places the POPOPrivKey representing the
- * Key Encipherment Proof Of Possessin at *destKey.
- */
-extern SECStatus 
-       CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg   *inCertReqMsg,
-					    CRMFPOPOPrivKey **destKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPKeyAgreement
- * INPUTS:
- *    inCertReqMsg
- *        The certificate request message to operate on.
- *    destKey
- *        A pointer to where the library can place a pointer to a 
- *        copy of the POPOPrivKey representing Key Agreement 
- *        Proof of Possession.
- * NOTES:
- * This function gets the POPOPrivKey associated with this CRMFCertReqMsg for 
- * Key Agreement.  
- *
- * RETURN:
- * If the CertReqMsg used Key Agreement for Proof Of Possession, the
- * function returns SECSuccess and the POPOPrivKey for Key Agreement
- * is placed at *destKey.
- *
- * If the CertReqMsg did not use Key Agreement for Proof Of Possession, the
- * function return SECFailure and the value at *destKey is unchanged.
- */
-extern SECStatus 
-       CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg   *inCertReqMsg,
-					 CRMFPOPOPrivKey **destKey);
-
-/* 
- * FUNCTION: CRMF_DestroyPOPOPrivKey
- * INPUTS:
- *    inPrivKey
- *        The POPOPrivKey to destroy.
- * NOTES:
- * Destroy a structure allocated by CRMF_GetPOPKeyEncipherment or
- * CRMF_GetPOPKeyAgreement.
- *
- * RETURN:
- * SECSuccess on successful destruction of the POPOPrivKey.
- * Any other return value indicates an error in freeing the 
- * memory.
- */
-extern SECStatus CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey);
-
-/* 
- * FUNCTION: CRMF_POPOPrivKeyGetChoice
- * INPUT:
- *    inKey
- *        The POPOPrivKey to operate on.
- * RETURN:
- * Returns which choice was used in constructing the POPPOPrivKey. Look at
- * the definition of CRMFPOPOPrivKeyChoice in crmft.h for the possible return
- * values.
- */
-extern CRMFPOPOPrivKeyChoice CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inKey);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetThisMessage
- * INPUTS:
- *    inKey
- *        The POPOPrivKey to operate on.
- *    destString
- *        A pointer to where the library can place a copy of the This Message
- *        field stored in the POPOPrivKey
- *
- * RETURN:
- * Returns the field thisMessage from the POPOPrivKey.  
- * If the POPOPrivKey did not use the field thisMessage, the function
- * returns SECFailure and the value at *destString is unchanged.
- *
- * If the POPOPrivKey did use the field thisMessage, the function returns
- * SECSuccess and the BIT STRING representing thisMessage is placed
- * at *destString. BIT STRING representation means the len field is the
- * number of valid bits as opposed to the total number of bytes.
- */
-extern SECStatus CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey  *inKey,
-						SECItem          *destString);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetSubseqMess
- * INPUTS:
- *    inKey
- *        The POPOPrivKey to operate on.
- *    destOpt
- *        A pointer to where the library can place the value of the 
- *        Subsequent Message option used by POPOPrivKey.
- *
- * RETURN:
- * Retrieves the field subsequentMessage from the POPOPrivKey.  
- * If the POPOPrivKey used the subsequentMessage option, the function 
- * returns SECSuccess and places the appropriate enumerated value at
- * *destMessageOption.
- *
- * If the POPOPrivKey did not use the subsequenMessage option, the function
- * returns SECFailure and the value at *destOpt is un-changed.
- */
-extern SECStatus CRMF_POPOPrivKeyGetSubseqMess(CRMFPOPOPrivKey       *inKey,
-					       CRMFSubseqMessOptions *destOpt);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetDHMAC
- * INPUTS:
- *    inKey
- *        The POPOPrivKey to operate on.
- *    destMAC
- *        A pointer to where the library can place a copy of the dhMAC
- *        field of the POPOPrivKey.
- *        
- * NOTES:
- * Returns the field dhMAC from the POPOPrivKey.  The populated SECItem 
- * is in BIT STRING format.
- *
- * RETURN:
- * If the POPOPrivKey used the dhMAC option, the function returns SECSuccess
- * and the BIT STRING for dhMAC will be placed at *destMAC.  The len field in
- * destMAC (ie destMAC->len) will be the valid number of bits as opposed to
- * the number of allocated bytes.
- *
- * If the POPOPrivKey did not use the dhMAC option, the function returns
- * SECFailure and the value at *destMAC is unchanged.
- * 
- */
-extern SECStatus CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey,
-					  SECItem         *destMAC);
-
-/*
- * FUNCTION: CRMF_CertRequestGetNumControls
- * INPUTS: 
- *    inCertReq
- *        The Certificate Request to operate on.
- * RETURN:
- * Returns the number of Controls registered with this CertRequest.
- */
-extern int CRMF_CertRequestGetNumControls (CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CertRequestGetControlAtIndex
- * INPUTS:
- *    inCertReq
- *        The certificate request to operate on.
- *    index
- *        The index of the control the user wants a copy of.
- * NOTES:
- * Function retrieves the Control at located at index.  The Controls 
- * are numbered like a traditional C array (0 ... numElements-1)
- *
- * RETURN:
- * Returns a copy of the control at the index specified.  This is a copy
- * so the user must call CRMF_DestroyControl after the return value is no 
- * longer needed.  A return value of NULL indicates an error while copying
- * the control or that the index was invalid.
- */
-extern CRMFControl* 
-       CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, 
-					 int              index);
-
-/*
- * FUNCTION: CRMF_DestroyControl
- * INPUTS:
- *    inControl
- *        The Control to destroy.
- * NOTES:
- * Destroy a CRMFControl allocated by CRMF_GetControlAtIndex.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful.  Any other return
- * value indicates an error while freeing the memory.
- */
-extern SECStatus CRMF_DestroyControl(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetControlType
- * INPUTS:
- *    inControl
- *        The control to operate on.
- * NOTES:
- * The function returns an enumertion which indicates the type of control
- * 'inControl'.
- *
- * RETURN:
- * Look in crmft.h at the definition of the enumerated type CRMFControlType
- * for the possible return values.
- */
-extern CRMFControlType CRMF_ControlGetControlType(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetRegTokenControlValue
- * INPUTS:
- *    inControl
- *        The Control to operate on.
- * NOTES:
- * The user must call SECITEM_FreeItem passing in the return value
- * after the returnvalue is no longer needed.
-
- * RETURN:
- * Return the value for a Registration Token Control.
- * The SECItem returned should be in UTF8 format.  A NULL
- * return value indicates there was no Registration Control associated
- * with the Control.
- * (This library will not verify format.  It assumes the client properly 
- * formatted the strings when adding it or the message decoded was properly 
- * formatted.  The library will just give back the bytes it was given.)
- */
-extern SECItem* CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetAuthenticatorControlValue
- * INPUTS:
- *    inControl
- *        The Control to operate on.
- * NOTES:
- * The user must call SECITEM_FreeItem passing in the return value
- * after the returnvalue is no longer needed.
- *
- * RETURN:
- * Return the value for the Authenticator Control.
- * The SECItem returned should be in UTF8 format.  A NULL
- * return value indicates there was no Authenticator Control associated
- * with the CRMFControl..
- * (This library will not verify format.  It assumes the client properly 
- * formatted the strings when adding it or the message decoded was properly 
- * formatted.  The library will just give back the bytes it was given.)
- */
-extern SECItem* CRMF_ControlGetAuthicatorControlValue(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetPKIArchiveOptions
- * INPUTS:inControl
- *    The Control tooperate on.
- * NOTES:
- * This function returns a copy of the PKIArchiveOptions.  The user must call
- * the function CRMF_DestroyPKIArchiveOptions when the return value is no
- * longer needed.
- *
- * RETURN:
- * Get the PKIArchiveOptions associated with the Control.  A return
- * value of NULL indicates the Control was not a PKIArchiveOptions 
- * Control.
- */
-extern CRMFPKIArchiveOptions* 
-       CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl);
-  
-/*
- * FUNCTION: CMRF_DestroyPKIArchiveOptions
- * INPUTS:
- *    inOptions
- *        The ArchiveOptions to destroy.
- * NOTE:
- * Destroy the CRMFPKIArchiveOptions structure.
- *
- * RETURN:
- * SECSuccess if successful in freeing all the memory associated with 
- * the PKIArchiveOptions.  Any other return value indicates an error while
- * freeing the PKIArchiveOptions.
- */
-extern SECStatus 
-       CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetOptionType
- * INPUTS:
- *    inOptions
- *        The PKIArchiveOptions to operate on.
- * RETURN:
- * Returns the choice used for the PKIArchiveOptions.  Look at the definition
- * of CRMFPKIArchiveOptionsType in crmft.h for possible return values.
- */
-extern CRMFPKIArchiveOptionsType
-       CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetEncryptedPrivKey
- * INPUTS:
- *    inOpts
- *        The PKIArchiveOptions to operate on.
- * 
- * NOTES:
- * The user must call CRMF_DestroyEncryptedKey when done using this return
- * value.
- *
- * RETURN:
- * Get the encryptedPrivKey field of the PKIArchiveOptions structure.
- * A return value of NULL indicates that encryptedPrivKey was not used as
- * the choice for this PKIArchiveOptions.
- */
-extern CRMFEncryptedKey*
-      CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts);
-
-/*
- * FUNCTION: CRMF_EncryptedKeyGetChoice
- * INPUTS:
- *    inEncrKey
- *        The EncryptedKey to operate on.
- *
- * NOTES:
- * Get the choice used for representing the EncryptedKey.
- *
- * RETURN:
- * Returns the Choice used in representing the EncryptedKey.  Look in 
- * crmft.h at the definition of CRMFEncryptedKeyChoice for possible return
- * values.
- */
-extern CRMFEncryptedKeyChoice 
-       CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey);
-
-
-/*
- * FUNCTION: CRMF_EncryptedKeyGetEncryptedValue
- * INPUTS:
- *    inKey
- *        The EncryptedKey to operate on.
- *
- * NOTES:
- * The user must call CRMF_DestroyEncryptedValue passing in 
- * CRMF_GetEncryptedValue's return value.
- *
- * RETURN:
- * A pointer to a copy of the EncryptedValue contained as a member of
- * the EncryptedKey.
- */
-extern CRMFEncryptedValue* 
-       CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inKey);
-
-/*
- * FUNCTION: CRMF_DestroyEncryptedValue
- * INPUTS:
- *    inEncrValue
- *        The EncryptedValue to destroy.
- *
- * NOTES:
- * Free up all memory associated with 'inEncrValue'.
- *
- * RETURN:
- * SECSuccess if freeing up the memory associated with the EncryptedValue
- * is successful. Any other return value indicates an error while freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetEncValue
- * INPUTS:
- *    inEncValue
- *        The EncryptedValue to operate on.
- * NOTES:
- * Function retrieves the encValue from an EncryptedValue structure.
- *
- * RETURN:
- * A poiner to a SECItem containing the encValue of the EncryptedValue
- * structure.  The return value is in BIT STRING format, meaning the
- * len field of the return structure represents the number of valid bits
- * as opposed to the allocated number of bytes.
- * ANULL return value indicates an error in copying the encValue field.
- */
-extern SECItem* CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetIntendedAlg
- * INPUTS
- *    inEncValue
- *        The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the IntendedAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value.  When present, this alogorithm is the alogrithm for
- * which the private key will be used.
- *
- * RETURN:
- * A Copy of the intendedAlg field.  A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID* 
-       CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue  *inEncValue);
-
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetSymmAlg
- * INPUTS
- *    inEncValue
- *        The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the symmAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value.  When present, this is algorithm used to
- * encrypt the encValue of the EncryptedValue.
- *
- * RETURN:
- * A Copy of the symmAlg field.  A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID* 
-       CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue  *inEncValue);
-
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetKeyAlg
- * INPUTS
- *    inEncValue
- *        The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the keyAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value.  When present, this is the algorithm used to encrypt
- * the symmetric key in the encSymmKey field of the EncryptedValue structure.
- *
- * RETURN:
- * A Copy of the keyAlg field.  A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID* 
-       CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetValueHint
- * INPUTS:
- *    inEncValue
- *        The EncryptedValue to operate on.
- *
- * NOTES:
- * Return a copy of the der-encoded value hint.
- * User must call SECITEM_FreeItem(retVal, PR_TRUE) when done using the
- * return value.  When, present, this is a value that the client which
- * originally issued a certificate request can use to reproduce any data
- * it wants.  The RA does not know how to interpret this data.
- *
- * RETURN:
- * A copy of the valueHint field of the EncryptedValue.  A NULL return
- * value indicates the optional valueHint field is not present in the
- * EncryptedValue.
- */
-extern SECItem* 
-       CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue  *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncrypteValueGetEncSymmKey
- * INPUTS: 
- *    inEncValue
- *        The EncryptedValue to operate on.
- *
- * NOTES:
- * Return a copy of the encSymmKey field. This field is the encrypted
- * symmetric key that the client uses in doing Public Key wrap of a private
- * key.  When present, this is the symmetric key that was used to wrap the
- * private key.  (The encrypted private key will be stored in encValue
- * of the same EncryptedValue structure.)  The user must call 
- * SECITEM_FreeItem(retVal, PR_TRUE) when the return value is no longer
- * needed.
- *
- * RETURN:
- * A copy of the optional encSymmKey field of the EncryptedValue structure.
- * The return value will be in BIT STRING format, meaning the len field will
- * be the number of valid bits as opposed to the number of bytes. A return 
- * value of NULL means the optional encSymmKey field was not present in
- * the EncryptedValue structure.
- */
-extern SECItem* 
-       CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetKeyGenParameters
- * INPUTS:
- *    inOptions
- *        The PKiArchiveOptions to operate on.
- *
- * NOTES:
- * User must call SECITEM_FreeItem(retVal, PR_TRUE) after the return 
- * value is no longer needed.
- *
- * RETURN:
- * Get the keyGenParameters field of the PKIArchiveOptions.
- * A NULL return value indicates that keyGenParameters was not 
- * used as the choice for this PKIArchiveOptions.
- *
- * The SECItem returned is in BIT STRING format (ie, the len field indicates
- * number of valid bits as opposed to allocated number of bytes.)
- */
-extern SECItem* 
-   CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey
- * INPUTS:
- *    inOpt
- *        The PKIArchiveOptions to operate on.
- *    destVal
- *        A pointer to where the library can place the value for 
- *        arciveRemGenPrivKey
- * RETURN:
- * If the PKIArchiveOptions used the archiveRemGenPrivKey field, the
- * function returns SECSuccess and fills the value at *destValue with either
- * PR_TRUE or PR_FALSE, depending on what the PKIArchiveOptions has as a 
- * value. 
- *
- * If the PKIArchiveOptions does not use the archiveRemGenPrivKey field, the
- * function returns SECFailure and the value at *destValue is unchanged.
- */
-extern SECStatus 
-    CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
-						  PRBool             *destVal);
-
-/* Helper functions that can be used by other libraries. */
-/*
- * A quick helper funciton to get the best wrap mechanism.
- */
-extern CK_MECHANISM_TYPE CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot); 
-
-/*
- * A helper function to get a randomly generated IV from a mechanism 
- * type.
- */
-extern SECItem* CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType);
- 
-SEC_END_PROTOS
-#endif /*_CRMF_H_*/
-
-
diff --git a/security/nss/lib/crmf/crmfcont.c b/security/nss/lib/crmf/crmfcont.c
deleted file mode 100644
index 3b4b9a98b..000000000
--- a/security/nss/lib/crmf/crmfcont.c
+++ /dev/null
@@ -1,1166 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "pk11func.h"
-#include "keyhi.h"
-#include "secoid.h"
-
-static SECStatus
-crmf_modify_control_array (CRMFCertRequest *inCertReq, int count)
-{
-    if (count > 0) {
-        void *dummy = PORT_Realloc(inCertReq->controls, 
-				   sizeof(CRMFControl*)*(count+2));
-	if (dummy == NULL) {
-	    return SECFailure;
-	}
-	inCertReq->controls = dummy;
-    } else {
-        inCertReq->controls = PORT_ZNewArray(CRMFControl*, 2);
-    }
-    return (inCertReq->controls == NULL) ? SECFailure : SECSuccess ;
-}
-
-static SECStatus
-crmf_add_new_control(CRMFCertRequest *inCertReq,SECOidTag inTag,
-		     CRMFControl **destControl)
-{
-    SECOidData  *oidData;
-    SECStatus    rv;
-    PRArenaPool *poolp;
-    int          numControls = 0;
-    CRMFControl *newControl;
-    CRMFControl **controls;
-    void        *mark;
-
-    poolp = inCertReq->poolp;
-    if (poolp == NULL) {
-        return SECFailure;
-    }
-    mark = PORT_ArenaMark(poolp);
-    if (inCertReq->controls != NULL) {
-        while (inCertReq->controls[numControls] != NULL)
-	    numControls++;
-    }
-    rv = crmf_modify_control_array(inCertReq, numControls);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    controls = inCertReq->controls;
-    oidData = SECOID_FindOIDByTag(inTag);
-    newControl = *destControl = PORT_ArenaZNew(poolp,CRMFControl);
-    if (newControl == NULL) {
-        goto loser;
-    }
-    rv = SECITEM_CopyItem(poolp, &newControl->derTag, &oidData->oid);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    newControl->tag = inTag;
-    controls[numControls] = newControl;
-    controls[numControls+1] = NULL;
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    *destControl = NULL;
-    return SECFailure;
-			  
-}
-
-SECStatus
-crmf_add_secitem_control(CRMFCertRequest *inCertReq, SECItem *value,
-			 SECOidTag inTag)
-{
-    SECStatus    rv;
-    CRMFControl *newControl;
-    void        *mark;
-
-    rv = crmf_add_new_control(inCertReq, inTag, &newControl);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    mark = PORT_ArenaMark(inCertReq->poolp);
-    rv = SECITEM_CopyItem(inCertReq->poolp, &newControl->derValue, value);
-    if (rv != SECSuccess) {
-        PORT_ArenaRelease(inCertReq->poolp, mark);
-	return rv;
-    }
-    PORT_ArenaUnmark(inCertReq->poolp, mark);
-    return SECSuccess;
-}
-
-SECStatus
-CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq, SECItem *value)
-{
-    return crmf_add_secitem_control(inCertReq, value, 
-				    SEC_OID_PKIX_REGCTRL_REGTOKEN);
-}
-
-SECStatus
-CRMF_CertRequestSetAuthenticatorControl (CRMFCertRequest *inCertReq, 
-					 SECItem         *value)
-{
-    return crmf_add_secitem_control(inCertReq, value, 
-				    SEC_OID_PKIX_REGCTRL_AUTHENTICATOR);
-}
-
-SECStatus
-crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue, PRBool freeit)
-{
-    if (inEncrValue != NULL) {
-        if (inEncrValue->intendedAlg) {
-	    SECOID_DestroyAlgorithmID(inEncrValue->intendedAlg, PR_TRUE);
-	}
-	if (inEncrValue->symmAlg) {
-	    SECOID_DestroyAlgorithmID(inEncrValue->symmAlg, PR_TRUE);
-	}
-        if (inEncrValue->encSymmKey.data) {
-	    PORT_Free(inEncrValue->encSymmKey.data);
-	}
-	if (inEncrValue->keyAlg) {
-	    SECOID_DestroyAlgorithmID(inEncrValue->keyAlg, PR_TRUE);
-	}
-	if (inEncrValue->valueHint.data) {
-	    PORT_Free(inEncrValue->valueHint.data);
-	}
-        if (inEncrValue->encValue.data) {
-	    PORT_Free(inEncrValue->encValue.data);
-	}
-	if (freeit) {
-	    PORT_Free(inEncrValue);
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue)
-{
-    return crmf_destroy_encrypted_value(inEncrValue, PR_TRUE);
-}
-
-SECStatus
-crmf_copy_encryptedvalue_secalg(PRArenaPool     *poolp,
-				SECAlgorithmID  *srcAlgId,
-				SECAlgorithmID **destAlgId)
-{
-    SECAlgorithmID *newAlgId;
-
-    *destAlgId = newAlgId = (poolp != NULL) ?
-                            PORT_ArenaZNew(poolp, SECAlgorithmID) :
-                            PORT_ZNew(SECAlgorithmID);
-    if (newAlgId == NULL) {
-        return SECFailure;
-    }
-    
-    return SECOID_CopyAlgorithmID(poolp, newAlgId, srcAlgId);
-}
-
-SECStatus
-crmf_copy_encryptedvalue(PRArenaPool        *poolp,
-			 CRMFEncryptedValue *srcValue,
-			 CRMFEncryptedValue *destValue)
-{
-    SECStatus           rv;
-
-    if (srcValue->intendedAlg != NULL) {
-        rv = crmf_copy_encryptedvalue_secalg(poolp,
-					     srcValue->intendedAlg,
-					     &destValue->intendedAlg);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcValue->symmAlg != NULL) {
-        rv = crmf_copy_encryptedvalue_secalg(poolp, 
-					     srcValue->symmAlg,
-					     &destValue->symmAlg);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcValue->encSymmKey.data != NULL) {
-        rv = crmf_make_bitstring_copy(poolp, 
-				      &destValue->encSymmKey,
-				      &srcValue->encSymmKey);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcValue->keyAlg != NULL) {
-        rv = crmf_copy_encryptedvalue_secalg(poolp,
-					     srcValue->keyAlg,
-					     &destValue->keyAlg);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcValue->valueHint.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, 
-			      &destValue->valueHint,
-			      &srcValue->valueHint);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcValue->encValue.data != NULL) {
-        rv = crmf_make_bitstring_copy(poolp,
-				      &destValue->encValue,
-				      &srcValue->encValue);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    return SECSuccess;
- loser:
-    if (poolp == NULL && destValue != NULL) {
-        crmf_destroy_encrypted_value(destValue, PR_TRUE);
-    }
-    return SECFailure;
-}
-
-SECStatus 
-crmf_copy_encryptedkey(PRArenaPool       *poolp,
-		       CRMFEncryptedKey  *srcEncrKey,
-		       CRMFEncryptedKey  *destEncrKey)
-{
-    SECStatus          rv;
-    void              *mark = NULL;
-
-    if (poolp != NULL) {
-        mark = PORT_ArenaMark(poolp);
-    }
-
-    switch (srcEncrKey->encKeyChoice) {
-    case crmfEncryptedValueChoice:
-        rv = crmf_copy_encryptedvalue(poolp, 
-				      &srcEncrKey->value.encryptedValue,
-				      &destEncrKey->value.encryptedValue);
-	break;
-    case crmfEnvelopedDataChoice:
-        destEncrKey->value.envelopedData = 
-	    SEC_PKCS7CopyContentInfo(srcEncrKey->value.envelopedData);
-        rv = (destEncrKey->value.envelopedData != NULL) ? SECSuccess:
-	                                                  SECFailure;
-        break;
-    default:
-        rv = SECFailure;
-    }
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    destEncrKey->encKeyChoice = srcEncrKey->encKeyChoice;
-    if (mark) {
-    	PORT_ArenaUnmark(poolp, mark);
-    }
-    return SECSuccess;
-
- loser:
-    if (mark) {
-        PORT_ArenaRelease(poolp, mark);
-    }
-    return SECFailure;
-}
-
-CRMFPKIArchiveOptions*
-crmf_create_encr_pivkey_option(CRMFEncryptedKey *inEncryptedKey)
-{
-    CRMFPKIArchiveOptions *newArchOpt;
-    SECStatus              rv;
-
-    newArchOpt = PORT_ZNew(CRMFPKIArchiveOptions);
-    if (newArchOpt == NULL) {
-        goto loser;
-    }
-
-    rv = crmf_copy_encryptedkey(NULL, inEncryptedKey,
-				&newArchOpt->option.encryptedKey);
-    
-    if (rv != SECSuccess) {
-      goto loser;
-    }
-    newArchOpt->archOption = crmfEncryptedPrivateKey;
-    return newArchOpt;
- loser:
-    if (newArchOpt != NULL) {
-        CRMF_DestroyPKIArchiveOptions(newArchOpt);
-    }
-    return NULL;
-}
-
-static CRMFPKIArchiveOptions*
-crmf_create_keygen_param_option(SECItem *inKeyGenParams)
-{
-    CRMFPKIArchiveOptions *newArchOptions;
-    SECStatus              rv;
-
-    newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
-    if (newArchOptions == NULL) {
-        goto loser;
-    }
-    newArchOptions->archOption = crmfKeyGenParameters;
-    rv = SECITEM_CopyItem(NULL, &newArchOptions->option.keyGenParameters,
-			  inKeyGenParams);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newArchOptions;
- loser:
-    if (newArchOptions != NULL) {
-        CRMF_DestroyPKIArchiveOptions(newArchOptions);
-    }
-    return NULL;
-}
-
-static CRMFPKIArchiveOptions*
-crmf_create_arch_rem_gen_privkey(PRBool archiveRemGenPrivKey)
-{
-    unsigned char          value;
-    SECItem               *dummy;
-    CRMFPKIArchiveOptions *newArchOptions;
-
-    value = (archiveRemGenPrivKey) ? hexTrue : hexFalse;
-    newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
-    if (newArchOptions == NULL) {
-        goto loser;
-    }
-    dummy = SEC_ASN1EncodeItem(NULL, 
-			       &newArchOptions->option.archiveRemGenPrivKey,
-			       &value, SEC_ASN1_GET(SEC_BooleanTemplate));
-    PORT_Assert (dummy == &newArchOptions->option.archiveRemGenPrivKey);
-    if (dummy != &newArchOptions->option.archiveRemGenPrivKey) {
-        SECITEM_FreeItem (dummy, PR_TRUE);
-	goto loser;
-    }
-    newArchOptions->archOption = crmfArchiveRemGenPrivKey;
-    return newArchOptions;
- loser:
-    if (newArchOptions != NULL) {
-        CRMF_DestroyPKIArchiveOptions(newArchOptions);
-    }
-    return NULL;
-}
-
-CRMFPKIArchiveOptions*
-CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType, void *data)
-{
-    CRMFPKIArchiveOptions* retOptions;
-
-    PORT_Assert(data != NULL);
-    if (data == NULL) {
-        return NULL;
-    }
-    switch(inType) {
-    case crmfEncryptedPrivateKey:
-        retOptions = crmf_create_encr_pivkey_option((CRMFEncryptedKey*)data);
-	break;
-    case crmfKeyGenParameters:
-        retOptions = crmf_create_keygen_param_option((SECItem*)data);
-	break;
-    case crmfArchiveRemGenPrivKey:
-        retOptions = crmf_create_arch_rem_gen_privkey(*(PRBool*)data);
-	break;
-    default:
-        retOptions = NULL;
-    }
-    return retOptions;
-}
-
-static SECStatus
-crmf_destroy_encrypted_key(CRMFEncryptedKey *inEncrKey, PRBool freeit)
-{ 
-    PORT_Assert(inEncrKey != NULL);
-    if (inEncrKey != NULL) {
-        switch (inEncrKey->encKeyChoice){
-	case crmfEncryptedValueChoice:
-            crmf_destroy_encrypted_value(&inEncrKey->value.encryptedValue, 
-					 PR_FALSE);
-	    break;
-	case crmfEnvelopedDataChoice:
-	    SEC_PKCS7DestroyContentInfo(inEncrKey->value.envelopedData);
-            break;
-        default:
-            break;
-        }
-        if (freeit) {
-            PORT_Free(inEncrKey);
-        }
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions, 
-			       PRBool                 freeit)
-{
-    PORT_Assert(inArchOptions != NULL);
-    if (inArchOptions != NULL) {
-        switch (inArchOptions->archOption) {
-	case crmfEncryptedPrivateKey:
-	    crmf_destroy_encrypted_key(&inArchOptions->option.encryptedKey,
-				       PR_FALSE);
-	    break;
-	case crmfKeyGenParameters:
-	case crmfArchiveRemGenPrivKey:
-	    /* This is a union, so having a pointer to one is like
-	     * having a pointer to both.  
-	     */
-	    SECITEM_FreeItem(&inArchOptions->option.keyGenParameters, 
-			     PR_FALSE);
-	    break;
-        case crmfNoArchiveOptions:
-            break;
-	}
-	if (freeit) {
-	    PORT_Free(inArchOptions);
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOptions) 
-{
-    return crmf_destroy_pkiarchiveoptions(inArchOptions, PR_TRUE);
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_non_pad_mechanism(CK_MECHANISM_TYPE type)
-{
-    switch (type) {
-    case CKM_DES3_CBC_PAD:
-        return CKM_DES3_CBC;
-    case CKM_CAST5_CBC_PAD:
-        return CKM_CAST5_CBC;
-    case CKM_DES_CBC_PAD:
-        return CKM_DES_CBC;
-    case CKM_IDEA_CBC_PAD:
-        return CKM_IDEA_CBC;
-    case CKM_CAST3_CBC_PAD:
-        return CKM_CAST3_CBC;
-    case CKM_CAST_CBC_PAD:
-        return CKM_CAST_CBC;
-    case CKM_RC5_CBC_PAD:
-        return CKM_RC5_CBC;
-    case CKM_RC2_CBC_PAD:
-        return CKM_RC2_CBC;
-    case CKM_CDMF_CBC_PAD:
-        return CKM_CDMF_CBC;
-    }
-    return type;
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_pad_mech_from_tag(SECOidTag oidTag)
-{
-    CK_MECHANISM_TYPE  mechType;
-    SECOidData        *oidData;
-
-    oidData = SECOID_FindOIDByTag(oidTag);
-    mechType = (CK_MECHANISM_TYPE)oidData->mechanism;
-    return PK11_GetPadMechanism(mechType);
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_best_privkey_wrap_mechanism(PK11SlotInfo *slot) 
-{
-    CK_MECHANISM_TYPE privKeyPadMechs[] = { CKM_DES3_CBC_PAD,
-					    CKM_CAST5_CBC_PAD,
-					    CKM_DES_CBC_PAD,
-					    CKM_IDEA_CBC_PAD,
-					    CKM_CAST3_CBC_PAD,
-					    CKM_CAST_CBC_PAD,
-					    CKM_RC5_CBC_PAD,
-					    CKM_RC2_CBC_PAD,
-					    CKM_CDMF_CBC_PAD };
-    int mechCount = sizeof(privKeyPadMechs)/sizeof(privKeyPadMechs[0]);
-    int i;
-
-    for (i=0; i < mechCount; i++) {
-        if (PK11_DoesMechanism(slot, privKeyPadMechs[i])) {
-	    return privKeyPadMechs[i];
-	}
-    }
-    return CKM_INVALID_MECHANISM;
-}
-
-CK_MECHANISM_TYPE
-CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot)
-{
-    return crmf_get_best_privkey_wrap_mechanism(slot);
-}
-
-static SECItem*
-crmf_get_iv(CK_MECHANISM_TYPE mechType)
-{
-    int        iv_size = PK11_GetIVLength(mechType);
-    SECItem   *iv;
-    SECStatus  rv; 
-
-    iv = PORT_ZNew(SECItem);
-    if (iv == NULL) {
-        return NULL;
-    }
-    if (iv_size == 0) {
-        iv->data = NULL;
-	iv->len  = 0;
-	return iv;
-    }
-    iv->data = PORT_NewArray(unsigned char, iv_size);
-    if (iv->data == NULL) {
-        iv->len = 0;
-	return iv;
-    }
-    iv->len = iv_size;
-    rv = PK11_GenerateRandom(iv->data, iv->len);
-    if (rv != SECSuccess) {
-        PORT_Free(iv->data);
-	iv->data = NULL;
-	iv->len  = 0;
-    }
-    return iv;
-}
-
-SECItem*
-CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType)
-{
-    return crmf_get_iv(mechType);
-}
-
-CK_MECHANISM_TYPE
-crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey)
-{
-    CERTSubjectPublicKeyInfo *spki = NULL;
-    SECOidTag                 tag;
-    
-
-    spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
-    if (spki == NULL) {
-        return CKM_INVALID_MECHANISM;
-    }
-    tag = SECOID_FindOIDTag(&spki->algorithm.algorithm);
-    SECKEY_DestroySubjectPublicKeyInfo(spki);
-    spki = NULL;
-    return PK11_AlgtagToMechanism(tag);
-}
-
-SECItem*
-crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest)
-{
-    SECItem *pubValue;
-
-    if (dest != NULL) {
-        pubValue = dest;
-    } else {
-        pubValue = PORT_ZNew(SECItem);
-    }
-    switch(pubKey->keyType) {
-        case dsaKey:
-	    SECITEM_CopyItem(NULL, pubValue, &pubKey->u.dsa.publicValue);
-            break;
-        case rsaKey:
-	    SECITEM_CopyItem(NULL, pubValue, &pubKey->u.rsa.modulus);
-            break;
-        case dhKey:
-	    SECITEM_CopyItem(NULL, pubValue, &pubKey->u.dh.publicValue);
-	    break;
-        default:
-	    if (dest == NULL) {
-	        PORT_Free(pubValue);
-	    }
-            pubValue = NULL;
-	    break;
-    }
-    return pubValue;
-}
-
-static SECItem*
-crmf_decode_params(SECItem *inParams)
-{
-    SECItem   *params;
-    SECStatus  rv;
-    
-    params = PORT_ZNew(SECItem);
-    rv = SEC_ASN1DecodeItem(NULL, params, 
-                            SEC_ASN1_GET(SEC_OctetStringTemplate),
-			    inParams);
-    if (rv != SECSuccess) {
-        SECITEM_FreeItem(params, PR_TRUE);
-	return NULL;
-    }
-    return params;
-}
-
-int
-crmf_get_key_size_from_mech(CK_MECHANISM_TYPE mechType)
-{
-    CK_MECHANISM_TYPE keyGen = PK11_GetKeyGen(mechType);
-
-    switch (keyGen) {
-    case CKM_CDMF_KEY_GEN:
-    case CKM_DES_KEY_GEN:
-        return 8;
-    case CKM_DES2_KEY_GEN:
-	return 16;
-    case CKM_DES3_KEY_GEN:
-	return 24;
-    }
-    return 0;
-}
-
-SECStatus
-crmf_encrypted_value_unwrap_priv_key(PRArenaPool        *poolp,
-				     CRMFEncryptedValue *encValue,
-				     SECKEYPrivateKey   *privKey,
-				     SECKEYPublicKey    *newPubKey,
-				     SECItem            *nickname,
-				     PK11SlotInfo       *slot,
-				     unsigned char       keyUsage,
-				     SECKEYPrivateKey  **unWrappedKey,
-				     void               *wincx)
-{
-    PK11SymKey        *wrappingKey = NULL;
-    CK_MECHANISM_TYPE  wrapMechType;
-    SECOidTag          oidTag;
-    SECItem           *params = NULL, *publicValue = NULL;
-    int                keySize, origLen;
-    CK_KEY_TYPE        keyType;
-    CK_ATTRIBUTE_TYPE *usage = NULL;
-    CK_ATTRIBUTE_TYPE rsaUsage[] = {
-      CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER };
-    CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
-    CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
-    int usageCount = 0;
-
-    oidTag = SECOID_GetAlgorithmTag(encValue->symmAlg);
-    wrapMechType = crmf_get_pad_mech_from_tag(oidTag);
-    keySize = crmf_get_key_size_from_mech(wrapMechType);
-    wrappingKey = PK11_PubUnwrapSymKey(privKey, &encValue->encSymmKey, 
-				       wrapMechType, CKA_UNWRAP, keySize);
-    if (wrappingKey == NULL) {
-        goto loser;
-    }/* Make the length a byte length instead of bit length*/
-    params = (encValue->symmAlg != NULL) ? 
-              crmf_decode_params(&encValue->symmAlg->parameters) : NULL;
-    origLen = encValue->encValue.len;
-    encValue->encValue.len = CRMF_BITS_TO_BYTES(origLen);
-    publicValue = crmf_get_public_value(newPubKey, NULL);
-    switch(newPubKey->keyType) {
-    default:
-    case rsaKey:
-        keyType = CKK_RSA;
-        switch  (keyUsage & (KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE)) {
-        case KU_KEY_ENCIPHERMENT:
-            usage = rsaUsage;
-            usageCount = 2;
-            break;
-        case KU_DIGITAL_SIGNATURE:
-            usage = &rsaUsage[2];
-            usageCount = 2;
-            break;
-        case KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE:
-        case 0: /* default to everything */
-            usage = rsaUsage;
-            usageCount = 4;
-            break;
-        }
-	break;
-    case dhKey:
-        keyType = CKK_DH;
-        usage = dhUsage;
-        usageCount = sizeof(dhUsage)/sizeof(dhUsage[0]);
-        break;
-    case dsaKey:
-        keyType = CKK_DSA;
-        usage = dsaUsage;
-        usageCount = sizeof(dsaUsage)/sizeof(dsaUsage[0]);
-        break;
-    }
-    PORT_Assert(usage != NULL);
-    PORT_Assert(usageCount != 0);
-    *unWrappedKey = PK11_UnwrapPrivKey(slot, wrappingKey, wrapMechType, params,
-				       &encValue->encValue, nickname,
-				       publicValue, PR_TRUE,PR_TRUE, 
-				       keyType, usage, usageCount, wincx);
-    encValue->encValue.len = origLen;
-    if (*unWrappedKey == NULL) {
-        goto loser;
-    }
-    SECITEM_FreeItem (publicValue, PR_TRUE);
-    if (params!= NULL) {
-        SECITEM_FreeItem(params, PR_TRUE);
-    } 
-    PK11_FreeSymKey(wrappingKey);
-    return SECSuccess;
- loser:
-    *unWrappedKey = NULL;
-    return SECFailure;
-}
-
-CRMFEncryptedValue *
-crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey   *inPrivKey,
-					    SECKEYPublicKey    *inCAKey,
-					    CRMFEncryptedValue *destValue)
-{
-    SECItem                   wrappedPrivKey, wrappedSymKey;
-    SECItem                   encodedParam, *dummy;
-    SECStatus                 rv;
-    CK_MECHANISM_TYPE         pubMechType, symKeyType;
-    unsigned char            *wrappedSymKeyBits;
-    unsigned char            *wrappedPrivKeyBits;
-    SECItem                  *iv = NULL;
-    SECOidTag                 tag;
-    PK11SymKey               *symKey;
-    PK11SlotInfo             *slot;
-    SECAlgorithmID           *symmAlg;
-    CRMFEncryptedValue       *myEncrValue = NULL;
-
-    encodedParam.data = NULL;
-    wrappedSymKeyBits  = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
-    wrappedPrivKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
-    if (wrappedSymKeyBits == NULL || wrappedPrivKeyBits == NULL) {
-        goto loser;
-    }
-    if (destValue == NULL) {
-        myEncrValue = destValue = PORT_ZNew(CRMFEncryptedValue);
-	if (destValue == NULL) {
-	    goto loser;
-	}
-    }
-
-    pubMechType = crmf_get_mechanism_from_public_key(inCAKey);
-    if (pubMechType == CKM_INVALID_MECHANISM) {
-        /* XXX I should probably do something here for non-RSA 
-	 *     keys that are in certs. (ie DSA)
-	 */
-        goto loser;
-    }
-    slot = inPrivKey->pkcs11Slot; 
-    PORT_Assert(slot != NULL);
-    symKeyType = crmf_get_best_privkey_wrap_mechanism(slot);
-    symKey = PK11_KeyGen(slot, symKeyType, NULL, 0, NULL);
-    if (symKey == NULL) {
-        goto loser;
-    }
-
-    wrappedSymKey.data = wrappedSymKeyBits;
-    wrappedSymKey.len  = MAX_WRAPPED_KEY_LEN;
-    rv = PK11_PubWrapSymKey(pubMechType, inCAKey, symKey, &wrappedSymKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    /* Make the length of the result a Bit String length. */
-    wrappedSymKey.len <<= 3;
-
-    wrappedPrivKey.data = wrappedPrivKeyBits;
-    wrappedPrivKey.len  = MAX_WRAPPED_KEY_LEN;
-    iv = crmf_get_iv(symKeyType);
-    rv = PK11_WrapPrivKey(slot, symKey, inPrivKey, symKeyType, iv, 
-			  &wrappedPrivKey, NULL);
-    PK11_FreeSymKey(symKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    /* Make the length of the result a Bit String length. */
-    wrappedPrivKey.len <<= 3;
-    rv = crmf_make_bitstring_copy(NULL, 
-				  &destValue->encValue, 
-				  &wrappedPrivKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = crmf_make_bitstring_copy(NULL,
-				  &destValue->encSymmKey, 
-				  &wrappedSymKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    destValue->symmAlg = symmAlg = PORT_ZNew(SECAlgorithmID);
-    if (symmAlg == NULL) {
-        goto loser;
-    }
-
-    dummy = SEC_ASN1EncodeItem(NULL, &encodedParam, iv, 
-                               SEC_ASN1_GET(SEC_OctetStringTemplate));
-    if (dummy != &encodedParam) {
-        SECITEM_FreeItem(dummy, PR_TRUE);
-	goto loser;
-    }
-
-    symKeyType = crmf_get_non_pad_mechanism(symKeyType);
-    tag = PK11_MechanismToAlgtag(symKeyType);
-    rv = SECOID_SetAlgorithmID(NULL, symmAlg, tag, &encodedParam);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_Free(encodedParam.data);
-    PORT_Free(wrappedPrivKeyBits);
-    PORT_Free(wrappedSymKeyBits);
-    if (iv->data != NULL) {
-        PORT_Free(iv->data);
-    }
-    PORT_Free(iv);
-    return destValue;
- loser:
-    if (iv != NULL) {
-        if (iv->data) {
-	    PORT_Free(iv->data);
-	}
-        PORT_Free(iv);
-    }
-    if (myEncrValue != NULL) {
-        crmf_destroy_encrypted_value(myEncrValue, PR_TRUE);
-    }
-    if (wrappedSymKeyBits != NULL) {
-        PORT_Free(wrappedSymKeyBits);
-    }
-    if (wrappedPrivKeyBits != NULL) {
-        PORT_Free(wrappedPrivKeyBits);
-    }
-    if (encodedParam.data != NULL) {
-        PORT_Free(encodedParam.data);
-    }
-    return NULL;
-}
-
-CRMFEncryptedKey*
-CRMF_CreateEncryptedKeyWithEncryptedValue (SECKEYPrivateKey *inPrivKey,
-					   CERTCertificate  *inCACert)
-{
-    SECKEYPublicKey          *caPubKey = NULL;
-    CRMFEncryptedKey         *encKey = NULL;
-    CRMFEncryptedValue       *dummy;
-
-    PORT_Assert(inPrivKey != NULL && inCACert != NULL);
-    if (inPrivKey == NULL || inCACert == NULL) {
-        return NULL;
-    }
-
-    caPubKey = CERT_ExtractPublicKey(inCACert);
-    if (caPubKey == NULL) {
-        goto loser;
-    }
-
-    encKey = PORT_ZNew(CRMFEncryptedKey);
-    if (encKey == NULL) {
-        goto loser;
-    }
-    dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey,
-							caPubKey,
-					       &encKey->value.encryptedValue);
-    PORT_Assert(dummy == &encKey->value.encryptedValue);
-    /* We won't add the der value here, but rather when it 
-     * becomes part of a certificate request.
-     */
-    SECKEY_DestroyPublicKey(caPubKey);
-    encKey->encKeyChoice = crmfEncryptedValueChoice;
-    return encKey;
- loser:
-    if (encKey != NULL) {
-        CRMF_DestroyEncryptedKey(encKey);
-    }
-    if (caPubKey != NULL) {
-        SECKEY_DestroyPublicKey(caPubKey);
-    }
-    return NULL;
-}
-
-SECStatus
-CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey)
-{
-    return crmf_destroy_encrypted_key(inEncrKey, PR_TRUE);
-}
-
-SECStatus
-crmf_copy_pkiarchiveoptions(PRArenaPool           *poolp,
-			    CRMFPKIArchiveOptions *destOpt,
-			    CRMFPKIArchiveOptions *srcOpt)
-{
-    SECStatus rv;
-    destOpt->archOption = srcOpt->archOption;
-    switch (srcOpt->archOption) {
-    case crmfEncryptedPrivateKey:
-        rv = crmf_copy_encryptedkey(poolp,
-				    &srcOpt->option.encryptedKey,
-				    &destOpt->option.encryptedKey);
-        break;
-    case crmfKeyGenParameters:
-    case crmfArchiveRemGenPrivKey:
-        /* We've got a union, so having a pointer to one is just
-	 * like having a pointer to the other one.
-	 */
-        rv = SECITEM_CopyItem(poolp, 
-			      &destOpt->option.keyGenParameters,
-			      &srcOpt->option.keyGenParameters);
-	break;
-    default:
-        rv = SECFailure;
-    }
-    return rv;
-}
-
-static SECStatus
-crmf_check_and_adjust_archoption(CRMFControl *inControl)
-{
-    CRMFPKIArchiveOptions *options;
-
-    options = &inControl->value.archiveOptions;
-    if (options->archOption == crmfNoArchiveOptions) {
-        /* It hasn't been set, so figure it out from the 
-	 * der.
-	 */
-        switch (inControl->derValue.data[0] & 0x0f) {
-	case 0:
-	    options->archOption = crmfEncryptedPrivateKey;
-	    break;
-	case 1:
-	    options->archOption = crmfKeyGenParameters;
-	    break;
-	case 2:
-	    options->archOption = crmfArchiveRemGenPrivKey;
-	    break;
-	default:
-	    /* We've got bad DER.  Return an error. */
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-static const SEC_ASN1Template *
-crmf_get_pkiarchive_subtemplate(CRMFControl *inControl)
-{
-    const SEC_ASN1Template *retTemplate;
-    SECStatus               rv;
-    /*
-     * We could be in the process of decoding, in which case the
-     * archOption field will not be set.  Let's check it and set 
-     * it accordingly.
-     */
-
-    rv = crmf_check_and_adjust_archoption(inControl);
-    if (rv != SECSuccess) {
-        return NULL;
-    }
-
-    switch (inControl->value.archiveOptions.archOption) {
-    case crmfEncryptedPrivateKey:
-        retTemplate = CRMFEncryptedKeyWithEncryptedValueTemplate;
-	inControl->value.archiveOptions.option.encryptedKey.encKeyChoice =
-	  crmfEncryptedValueChoice;
-	break;
-    default:
-        retTemplate = NULL;
-    }
-    return retTemplate;
-}
-
-const SEC_ASN1Template*
-crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl)
-{
-    const SEC_ASN1Template *retTemplate;
-
-    switch (inControl->tag) {
-    case SEC_OID_PKIX_REGCTRL_REGTOKEN:
-    case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
-        retTemplate = SEC_ASN1_GET(SEC_UTF8StringTemplate);
-	break;
-    case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
-        retTemplate = crmf_get_pkiarchive_subtemplate(inControl);
-	break;
-    case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
-    case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
-    case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
-        /* We don't support these controls, so we fail for now.*/
-        retTemplate = NULL;
-	break;
-    default:
-        retTemplate = NULL;
-    }
-    return retTemplate;
-}
-
-static SECStatus
-crmf_encode_pkiarchiveoptions(PRArenaPool *poolp, CRMFControl *inControl)
-{
-    const SEC_ASN1Template *asn1Template;
-
-    asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
-    /* We've got a union, so passing a pointer to one element of the 
-     * union, is the same as passing a pointer to any of the other
-     * members of the union.
-     */
-    SEC_ASN1EncodeItem(poolp, &inControl->derValue,
-                       &inControl->value.archiveOptions, asn1Template);
-
-    if (inControl->derValue.data == NULL) {
-        goto loser;
-    }
-    return SECSuccess;
- loser:
-    return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest       *inCertReq,
-				     CRMFPKIArchiveOptions *inOptions)
-{
-    CRMFControl *newControl;
-    PRArenaPool *poolp;
-    SECStatus    rv;
-    void        *mark;
-    
-    PORT_Assert(inCertReq != NULL && inOptions != NULL);
-    if (inCertReq == NULL || inOptions == NULL) {
-        return SECFailure;
-    }
-    poolp = inCertReq->poolp;
-    mark = PORT_ArenaMark(poolp);
-    rv = crmf_add_new_control(inCertReq, 
-			      SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
-			      &newControl);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = crmf_copy_pkiarchiveoptions(poolp, 
-				     &newControl->value.archiveOptions,
-				     inOptions);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = crmf_encode_pkiarchiveoptions(poolp, newControl); 
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-SECStatus
-crmf_destroy_control(CRMFControl *inControl, PRBool freeit)
-{
-    PORT_Assert(inControl != NULL);
-    if (inControl != NULL) {
-        SECITEM_FreeItem(&inControl->derTag, PR_FALSE);
-        SECITEM_FreeItem(&inControl->derValue, PR_FALSE);
-	/* None of the other tags require special processing at 
-	 * the moment when freeing because they are not supported,
-	 * but if/when they are, add the necessary routines here.  
-	 * If all controls are supported, then every member of the 
-	 * union inControl->value will have a case that deals with 
-	 * it in the following switch statement.
-	 */
-	switch (inControl->tag) {
-	case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
-	    crmf_destroy_pkiarchiveoptions(&inControl->value.archiveOptions,
-					   PR_FALSE);
-	    break;
-        default:
-           /* Put this here to get rid of all those annoying warnings.*/
-           break;
-	}
-	if (freeit) {
-	    PORT_Free(inControl);
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyControl(CRMFControl *inControl)
-{
-    return crmf_destroy_control(inControl, PR_TRUE);
-}
-
-static SECOidTag
-crmf_controltype_to_tag(CRMFControlType inControlType)
-{
-    SECOidTag retVal;
-
-    switch(inControlType) {
-    case crmfRegTokenControl:
-      retVal = SEC_OID_PKIX_REGCTRL_REGTOKEN; 
-      break;
-    case crmfAuthenticatorControl:
-      retVal = SEC_OID_PKIX_REGCTRL_AUTHENTICATOR;
-      break;
-    case crmfPKIPublicationInfoControl:
-      retVal = SEC_OID_PKIX_REGCTRL_PKIPUBINFO;
-      break;
-    case crmfPKIArchiveOptionsControl:
-      retVal = SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS;
-      break;
-    case crmfOldCertIDControl:
-      retVal = SEC_OID_PKIX_REGCTRL_OLD_CERT_ID;
-      break;
-    case crmfProtocolEncrKeyControl:
-      retVal = SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY;
-      break;
-    default:
-      retVal = SEC_OID_UNKNOWN;
-      break;
-    }
-    return retVal;
-}
-
-PRBool
-CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
-				 CRMFControlType  inControlType)
-{
-    SECOidTag controlTag;
-    int       i;
-
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL || inCertReq->controls == NULL) {
-        return PR_FALSE;
-    }
-    controlTag = crmf_controltype_to_tag(inControlType);
-    for (i=0; inCertReq->controls[i] != NULL; i++) {
-        if (inCertReq->controls[i]->tag == controlTag) {
-	    return PR_TRUE;
-	}
-    }
-    return PR_FALSE;
-}
-
diff --git a/security/nss/lib/crmf/crmfdec.c b/security/nss/lib/crmf/crmfdec.c
deleted file mode 100644
index cce945e6d..000000000
--- a/security/nss/lib/crmf/crmfdec.c
+++ /dev/null
@@ -1,380 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-
-static CRMFPOPChoice
-crmf_get_popchoice_from_der(SECItem *derPOP)
-{
-    CRMFPOPChoice retChoice;
-
-    switch (derPOP->data[0] & 0x0f) {
-    case 0:
-        retChoice = crmfRAVerified;
-	break;
-    case 1:
-        retChoice = crmfSignature;
-	break;
-    case 2:
-        retChoice = crmfKeyEncipherment;
-	break;
-    case 3:
-        retChoice = crmfKeyAgreement;
-	break;
-    default:
-        retChoice = crmfNoPOPChoice;
-	break;
-    }
-    return retChoice;
-}
-
-static SECStatus
-crmf_decode_process_raverified(CRMFCertReqMsg *inCertReqMsg)
-{   
-    CRMFProofOfPossession *pop;
-    /* Just set up the structure so that the message structure
-     * looks like one that was created using the API
-     */
-    pop = inCertReqMsg->pop;
-    pop->popChoice.raVerified.data = NULL;
-    pop->popChoice.raVerified.len  = 0;
-    return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_signature(CRMFCertReqMsg *inCertReqMsg)
-{
-    return SEC_ASN1Decode(inCertReqMsg->poolp,
-			  &inCertReqMsg->pop->popChoice.signature,
-			  CRMFPOPOSigningKeyTemplate, 
-			  (const char*)inCertReqMsg->derPOP.data,
-			  inCertReqMsg->derPOP.len);
-}
-
-static CRMFPOPOPrivKeyChoice
-crmf_get_messagechoice_from_der(SECItem *derPOP)
-{
-    CRMFPOPOPrivKeyChoice retChoice;
-
-    switch (derPOP->data[2] & 0x0f) {
-    case 0:
-        retChoice = crmfThisMessage;
-	break;
-    case 1:
-        retChoice = crmfSubsequentMessage;
-	break;
-    case 2:
-        retChoice = crmfDHMAC;
-	break;
-    default:
-        retChoice = crmfNoMessage;
-    }
-    return retChoice;
-}
-
-static SECStatus
-crmf_decode_process_popoprivkey(CRMFCertReqMsg *inCertReqMsg)
-{
-    /* We've got a union, so a pointer to one POPOPrivKey
-     * struct is the same as having a pointer to the other 
-     * one.
-     */
-    CRMFPOPOPrivKey *popoPrivKey = 
-                    &inCertReqMsg->pop->popChoice.keyEncipherment;
-    SECItem         *derPOP, privKeyDer;
-    SECStatus        rv;
-
-    derPOP = &inCertReqMsg->derPOP;
-    popoPrivKey->messageChoice = crmf_get_messagechoice_from_der(derPOP);
-    if (popoPrivKey->messageChoice == crmfNoMessage) {
-        return SECFailure;
-    }
-    /* If we ever encounter BER encodings of this, we'll get in trouble*/
-    switch (popoPrivKey->messageChoice) {
-    case crmfThisMessage:
-    case crmfDHMAC:
-        privKeyDer.data = &derPOP->data[5];
-	privKeyDer.len  = derPOP->len - 5;
-	break;
-    case crmfSubsequentMessage:
-        privKeyDer.data = &derPOP->data[4];
-	privKeyDer.len  = derPOP->len - 4;
-	break;
-    default:
-        rv = SECFailure;
-    }
-
-    rv = SECITEM_CopyItem(inCertReqMsg->poolp, 
-			  &popoPrivKey->message.subsequentMessage,
-			  &privKeyDer);
-
-    if (rv != SECSuccess) {
-        return rv;
-    }
-
-    if (popoPrivKey->messageChoice == crmfThisMessage ||
-	popoPrivKey->messageChoice == crmfDHMAC) {
-
-        popoPrivKey->message.thisMessage.len = 
-	    CRMF_BYTES_TO_BITS(privKeyDer.len) - (int)derPOP->data[4];
-        
-    }
-    return SECSuccess;    
-}
-
-static SECStatus
-crmf_decode_process_keyagreement(CRMFCertReqMsg *inCertReqMsg)
-{
-    return crmf_decode_process_popoprivkey(inCertReqMsg);
-}
-
-static SECStatus
-crmf_decode_process_keyencipherment(CRMFCertReqMsg *inCertReqMsg)
-{
-    SECStatus rv;
-
-    rv = crmf_decode_process_popoprivkey(inCertReqMsg);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    if (inCertReqMsg->pop->popChoice.keyEncipherment.messageChoice == 
-	crmfDHMAC) {
-        /* Key Encipherment can not use the dhMAC option for
-	 * POPOPrivKey. 
-	 */
-        return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_pop(CRMFCertReqMsg *inCertReqMsg)
-{
-     SECItem               *derPOP;
-     PRArenaPool           *poolp;
-     CRMFProofOfPossession *pop;
-     void                  *mark;
-     SECStatus              rv;
-
-     derPOP = &inCertReqMsg->derPOP;
-     poolp  = inCertReqMsg->poolp;
-     if (derPOP->data == NULL) {
-         /* There is no Proof of Possession field in this message. */
-         return SECSuccess;
-     }
-     mark = PORT_ArenaMark(poolp);
-     pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
-     if (pop == NULL) {
-         goto loser;
-     }
-     pop->popUsed = crmf_get_popchoice_from_der(derPOP);
-     if (pop->popUsed == crmfNoPOPChoice) {
-         /* A bad encoding of CRMF.  Not a valid tag was given to the
-	  * Proof Of Possession field.
-	  */
-         goto loser;
-     }
-     inCertReqMsg->pop = pop;
-     switch (pop->popUsed) {
-     case crmfRAVerified:
-         rv = crmf_decode_process_raverified(inCertReqMsg);
-	 break;
-     case crmfSignature:
-         rv = crmf_decode_process_signature(inCertReqMsg);
-	 break;
-     case crmfKeyEncipherment:
-         rv = crmf_decode_process_keyencipherment(inCertReqMsg);
-	 break;
-     case crmfKeyAgreement:
-         rv = crmf_decode_process_keyagreement(inCertReqMsg);
-	 break;
-     default:
-         rv = SECFailure;
-     }
-     if (rv != SECSuccess) {
-         goto loser;
-     }
-     PORT_ArenaUnmark(poolp, mark);
-     return SECSuccess;
-
- loser:
-     PORT_ArenaRelease(poolp, mark);
-     inCertReqMsg->pop = NULL;
-     return SECFailure;
-     
-}
-
-static SECStatus
-crmf_decode_process_single_control(PRArenaPool *poolp, 
-				   CRMFControl *inControl)
-{
-    const SEC_ASN1Template *asn1Template = NULL;
-
-    inControl->tag = SECOID_FindOIDTag(&inControl->derTag);
-    asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
-
-    PORT_Assert (asn1Template != NULL);
-    /* We've got a union, so passing a pointer to one element of the
-     * union is the same as passing a pointer to any of the other
-     * members of the union.
-     */
-    return SEC_ASN1Decode(poolp, &inControl->value.archiveOptions, 
-			  asn1Template, (const char*)inControl->derValue.data,
-			  inControl->derValue.len);
-}
-
-static SECStatus 
-crmf_decode_process_controls(CRMFCertReqMsg *inCertReqMsg)
-{
-    int           i, numControls;
-    SECStatus     rv;
-    PRArenaPool  *poolp;
-    CRMFControl **controls;
-    
-    numControls = CRMF_CertRequestGetNumControls(inCertReqMsg->certReq);
-    controls = inCertReqMsg->certReq->controls;
-    poolp    = inCertReqMsg->poolp;
-    for (i=0; i < numControls; i++) {
-        rv = crmf_decode_process_single_control(poolp, controls[i]);
-	if (rv != SECSuccess) {
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_single_reqmsg(CRMFCertReqMsg *inCertReqMsg)
-{
-    SECStatus rv;
-
-    rv = crmf_decode_process_pop(inCertReqMsg);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = crmf_decode_process_controls(inCertReqMsg);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    inCertReqMsg->certReq->certTemplate.numExtensions = 
-        CRMF_CertRequestGetNumberOfExtensions(inCertReqMsg->certReq);
-    inCertReqMsg->isDecoded = PR_TRUE;
-    rv = SECSuccess;
- loser:
-    return rv;
-}
-
-CRMFCertReqMsg*
-CRMF_CreateCertReqMsgFromDER (const char * buf, long len)
-{
-    PRArenaPool    *poolp;
-    CRMFCertReqMsg *certReqMsg;
-    SECStatus       rv;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        goto loser;
-    }
-    certReqMsg = PORT_ArenaZNew (poolp, CRMFCertReqMsg);
-    if (certReqMsg == NULL) {
-        goto loser;
-    }
-    certReqMsg->poolp = poolp;
-    rv = SEC_ASN1Decode(poolp, certReqMsg, CRMFCertReqMsgTemplate, buf, len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = crmf_decode_process_single_reqmsg(certReqMsg);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    return certReqMsg;
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-CRMFCertReqMessages*
-CRMF_CreateCertReqMessagesFromDER(const char *buf, long len)
-{
-    long                 arenaSize;
-    int                  i;
-    SECStatus            rv;
-    PRArenaPool         *poolp;
-    CRMFCertReqMessages *certReqMsgs;
-
-    PORT_Assert (buf != NULL);
-    /* Wanna make sure the arena is big enough to store all of the requests
-     * coming in.  We'll guestimate according to the length of the buffer.
-     */
-    arenaSize = len * 1.5;
-    poolp = PORT_NewArena(arenaSize);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    certReqMsgs = PORT_ArenaZNew(poolp, CRMFCertReqMessages);
-    if (certReqMsgs == NULL) {
-        goto loser;
-    }
-    certReqMsgs->poolp = poolp;
-    rv = SEC_ASN1Decode(poolp, certReqMsgs, CRMFCertReqMessagesTemplate,
-			buf, len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    for (i=0; certReqMsgs->messages[i] != NULL; i++) {
-        /* The sub-routines expect the individual messages to have 
-	 * an arena.  We'll give them one temporarily.
-	 */
-        certReqMsgs->messages[i]->poolp = poolp;
-        rv = crmf_decode_process_single_reqmsg(certReqMsgs->messages[i]);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-        certReqMsgs->messages[i]->poolp = NULL;
-    }
-    return certReqMsgs;
-
- loser:
-    PORT_FreeArena(poolp, PR_FALSE);
-    return NULL;
-}
diff --git a/security/nss/lib/crmf/crmfenc.c b/security/nss/lib/crmf/crmfenc.c
deleted file mode 100644
index f96041c96..000000000
--- a/security/nss/lib/crmf/crmfenc.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-
-SECStatus 
-CRMF_EncodeCertReqMsg(CRMFCertReqMsg            *inCertReqMsg,
-		      CRMFEncoderOutputCallback  fn,
-		      void                      *arg)
-{
-    struct crmfEncoderOutput output;
-
-    output.fn        = fn;
-    output.outputArg = arg;
-    return SEC_ASN1Encode(inCertReqMsg,CRMFCertReqMsgTemplate, 
-			  crmf_encoder_out, &output);
-    
-}
-
-
-SECStatus
-CRMF_EncodeCertRequest(CRMFCertRequest           *inCertReq,
-		       CRMFEncoderOutputCallback  fn,
-		       void                      *arg)
-{
-    struct crmfEncoderOutput output;
-
-    output.fn        = fn;
-    output.outputArg = arg;
-    return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate, 
-			  crmf_encoder_out, &output);
-}
-
-SECStatus
-CRMF_EncodeCertReqMessages(CRMFCertReqMsg              **inCertReqMsgs,
-			   CRMFEncoderOutputCallback     fn,
-			   void                         *arg)
-{
-    struct crmfEncoderOutput output;
-    CRMFCertReqMessages msgs;
-    
-    output.fn        = fn;
-    output.outputArg = arg;
-    msgs.messages = inCertReqMsgs;
-    return SEC_ASN1Encode(&msgs, CRMFCertReqMessagesTemplate,
-			  crmf_encoder_out, &output);
-}
-
-
-
-
diff --git a/security/nss/lib/crmf/crmffut.h b/security/nss/lib/crmf/crmffut.h
deleted file mode 100644
index e4244f3e6..000000000
--- a/security/nss/lib/crmf/crmffut.h
+++ /dev/null
@@ -1,390 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * These functions to be implemented in the future if the features
- * which these functions would implement wind up being needed.
- */
-
-/*
- * Use this functionto create the CRMFSinglePubInfo* variables that will 
- * populate the inPubInfoArray paramter for the funciton
- * CRMF_CreatePKIPublicationInfo.
- *
- * "inPubMethod" specifies which publication method will be used
- * "pubLocation" is a representation of the location where 
- */
-extern CRMFSinglePubInfo* 
-      CRMF_CreateSinglePubInfo(CRMFPublicationMethod  inPubMethod,
-			       CRMFGeneralName       *pubLocation);
-
-/*
- * Create a PKIPublicationInfo that can later be passed to the function
- * CRMFAddPubInfoControl.
- */
-extern CRMFPKIPublicationInfo *
-     CRMF_CreatePKIPublicationInfo(CRMFPublicationAction  inAction,
-				   CRMFSinglePubInfo    **inPubInfoArray,
-				   int                    numPubInfo);
-
-/*
- * Only call this function on a CRMFPublicationInfo that was created by
- * CRMF_CreatePKIPublicationInfo that was passed in NULL for arena.
- */
-
-extern SECStatus 
-       CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
-
-extern SECStatus CRMF_AddPubInfoControl(CRMFCertRequest        *inCertReq,
-					CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * This is to create a Cert ID Control which can later be added to 
- * a certificate request.
- */
-extern CRMFCertID* CRMF_CreateCertID(CRMFGeneralName *issuer,
-				     long             serialNumber);
-
-extern SECStatus CRMF_DestroyCertID(CRMFCertID* certID);
-
-extern SECStatus CRMF_AddCertIDControl(CRMFCertRequest *inCertReq,
-				       CRMFCertID      *certID);
-
-extern SECStatus 
-       CRMF_AddProtocolEncryptioKeyControl(CRMFCertRequest          *inCertReq,
-					   CERTSubjectPublicKeyInfo *spki);
-
-/*
- * Add the ASCII Pairs Registration Info to the Certificate Request.
- * The SECItem must be an OCTET string representation.
- */
-extern SECStatus
-       CRMF_AddUTF8PairsRegInfo(CRMFCertRequest *inCertReq,
-				 SECItem         *asciiPairs);
-
-/*
- * This takes a CertRequest and adds it to another CertRequest.  
- */
-extern SECStatus
-       CRMF_AddCertReqToRegInfo(CRMFCertRequest *certReqToAddTo,
-				CRMFCertRequest *certReqBeingAdded);
-
-/*
- * Returns which option was used for the authInfo field of POPOSigningKeyInput
- */
-extern CRMFPOPOSkiInputAuthChoice 
-       CRMF_GetSignKeyInputAuthChoice(CRMFPOPOSigningKeyInput *inKeyInput);
-
-/*
- * Gets the PKMACValue associated with the POPOSigningKeyInput.
- * If the POPOSigningKeyInput did not use authInfo.publicKeyMAC 
- * the function returns SECFailure and the value at *destValue is unchanged.
- *
- * If the POPOSigningKeyInput did use authInfo.publicKeyMAC, the function
- * returns SECSuccess and places the PKMACValue at *destValue.
- */
-extern SECStatus 
-       CRMF_GetSignKeyInputPKMACValue(CRMFPOPOSigningKeyInput *inKeyInput,
-				      CRMFPKMACValue          **destValue);
-/*
- * Gets the SubjectPublicKeyInfo from the POPOSigningKeyInput
- */
-extern CERTSubjectPublicKeyInfo *
-       CRMF_GetSignKeyInputPublicKey(CRMFPOPOSigningKeyInput *inKeyInput);
-
-
-/*
- * Return the value for the PKIPublicationInfo Control.
- * A return value of NULL indicates that the Control was 
- * not a PKIPublicationInfo Control.  Call 
- * CRMF_DestroyPKIPublicationInfo on the return value when done
- * using the pointer.
- */
-extern CRMFPKIPublicationInfo* CRMF_GetPKIPubInfo(CRMFControl *inControl);
-
-/*
- * Free up a CRMFPKIPublicationInfo structure.
- */
-extern SECStatus 
-       CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the choice used for action in this PKIPublicationInfo.
- */
-extern CRMFPublicationAction 
-       CRMF_GetPublicationAction(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the number of pubInfos are stored in the PKIPubicationInfo.
- */
-extern int CRMF_GetNumPubInfos(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the pubInfo at index for the given PKIPubicationInfo.
- * Indexing is done like a traditional C Array. (0 .. numElements-1)
- */
-extern CRMFSinglePubInfo* 
-       CRMF_GetPubInfoAtIndex(CRMFPKIPublicationInfo *inPubInfo,
-			      int                     index);
-
-/*
- * Destroy the CRMFSinglePubInfo.
- */
-extern SECStatus CRMF_DestroySinglePubInfo(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the pubMethod used by the SinglePubInfo.
- */
-extern CRMFPublicationMethod 
-       CRMF_GetPublicationMethod(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the pubLocation associated with the SinglePubInfo.
- * A NULL return value indicates there was no pubLocation associated
- * with the SinglePuInfo.
- */
-extern CRMFGeneralName* CRMF_GetPubLocation(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the authInfo.sender field out of the POPOSigningKeyInput.
- * If the POPOSigningKeyInput did not use the authInfo the function
- * returns SECFailure and the value at *destName is unchanged.
- *
- * If the POPOSigningKeyInput did use authInfo.sender, the function returns
- * SECSuccess and puts the authInfo.sender at *destName/
- */
-extern SECStatus CRMF_GetSignKeyInputSender(CRMFPOPOSigningKeyInput *keyInput,
-					    CRMFGeneralName        **destName);
-
-/**************** CMMF Functions that need to be added. **********************/
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
- * INPUTS:
- *    inDecKeyChall
- *        The CMMFPOPODecKeyChallContent to operate on.
- *    inRandom
- *        The random number to use when generating the challenge,
- *    inSender
- *        The GeneralName representation of the sender of the challenge.
- *    inPubKey
- *        The public key to use when encrypting the challenge.
- * NOTES:
- *    This function adds a challenge to the end of the list of challenges
- *    contained by 'inDecKeyChall'.  Refer to the CMMF draft on how the
- *    the random number passed in and the sender's GeneralName are used
- *    to generate the challenge and witness fields of the challenge.  This
- *    library will use SHA1 as the one-way function for generating the 
- *    witess field of the challenge.
- *
- * RETURN:
- *    SECSuccess if generating the challenge and adding to the end of list
- *    of challenges was successful.  Any other return value indicates an error
- *    while trying to generate the challenge.
- */
-extern SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
-                                   (CMMFPOPODecKeyChallContent *inDecKeyChall,
-				    long                        inRandom,
-				    CERTGeneralName            *inSender,
-				    SECKEYPublicKey            *inPubKey);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
- * INPUTS:
- *    inKeyChallCont
- *        The CMMFPOPODecKeyChallContent to operate on.
- * RETURN:
- *    This function returns the number of CMMFChallenges are contained in 
- *    the CMMFPOPODecKeyChallContent structure.
- */
-extern int CMMF_POPODecKeyChallContentGetNumChallenges
-                                  (CMMFPOPODecKeyChallContent *inKeyChallCont);
-
-/*
- * FUNCTION: CMMF_ChallengeGetRandomNumber
- * INPUTS:
- *    inChallenge
- *        The CMMFChallenge to operate on.
- *    inDest
- *        A pointer to a user supplied buffer where the library
- *        can place a copy of the random integer contatained in the
- *        challenge.
- * NOTES:
- *    This function returns the value held in the decrypted Rand structure
- *    corresponding to the random integer.  The user must call 
- *    CMMF_ChallengeDecryptWitness before calling this function.  Call 
- *    CMMF_ChallengeIsDecrypted to find out if the challenge has been 
- *    decrypted.
- *
- * RETURN:
- *    SECSuccess indicates the witness field has been previously decrypted
- *    and the value for the random integer was successfully placed at *inDest.
- *    Any other return value indicates an error and that the value at *inDest
- *    is not a valid value.
- */
-extern SECStatus CMMF_ChallengeGetRandomNumber(CMMFChallenge *inChallenge,
-					       long          *inDest);
-
-/*
- * FUNCTION: CMMF_ChallengeGetSender
- * INPUTS:
- *    inChallenge
- *        the CMMFChallenge to operate on.
- * NOTES:
- *    This function returns the value held in the decrypted Rand structure
- *    corresponding to the sender.  The user must call 
- *    CMMF_ChallengeDecryptWitness before calling this function.  Call 
- *    CMMF_ChallengeIsDecrypted to find out if the witness field has been
- *    decrypted.  The user must call CERT_DestroyGeneralName after the return
- *    value is no longer needed.
- *
- * RETURN:
- *    A pointer to a copy of the sender CERTGeneralName.  A return value of
- *    NULL indicates an error in trying to copy the information or that the
- *    witness field has not been decrypted.
- */
-extern CERTGeneralName* CMMF_ChallengeGetSender(CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_ChallengeGetAlgId
- * INPUTS:
- *    inChallenge
- *        The CMMFChallenge to operate on.
- *    inDestAlgId
- *        A pointer to memory where a pointer to a copy of the algorithm
- *        id can be placed.
- * NOTES:
- *    This function retrieves the one way function algorithm identifier 
- *    contained within the CMMFChallenge if the optional field is present.
- *
- * RETURN:
- *    SECSucces indicates the function was able to place a pointer to a copy of
- *    the alogrithm id at *inAlgId.  If the value at *inDestAlgId is NULL, 
- *    that means there was no algorithm identifier present in the 
- *    CMMFChallenge.  Any other return value indicates the function was not 
- *    able to make a copy of the algorithm identifier.  In this case the value 
- *    at *inDestAlgId is not valid.
- */
-extern SECStatus CMMF_ChallengeGetAlgId(CMMFChallenge  *inChallenge,
-					SECAlgorithmID *inAlgId);
-
-/*
- * FUNCTION: CMMF_DestroyChallenge
- * INPUTS:
- *    inChallenge
- *        The CMMFChallenge to free up.
- * NOTES:
- *    This function frees up all the memory associated with the CMMFChallenge 
- *    passed in.
- * RETURN:
- *    SECSuccess if freeing all the memory associated with the CMMFChallenge
- *    passed in is successful.  Any other return value indicates an error 
- *    while freeing the memory.
- */
-extern SECStatus CMMF_DestroyChallenge (CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
- * INPUTS:
- *    inDecKeyResp
- *        The CMMFPOPODecKeyRespContent structure to free.
- * NOTES:
- *    This function frees up all the memory associate with the 
- *    CMMFPOPODecKeyRespContent.
- *
- * RETURN:
- *    SECSuccess if freeint up all the memory associated with the
- *    CMMFPOPODecKeyRespContent structure is successful.  Any other
- *    return value indicates an error while freeing the memory.
- */
-extern SECStatus
-     CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
-
-/*
- * FUNCTION: CMMF_ChallengeDecryptWitness
- * INPUTS:
- *    inChallenge
- *        The CMMFChallenge to operate on.
- *    inPrivKey
- *        The private key to use to decrypt the witness field.
- * NOTES:
- *    This function uses the private key to decrypt the challenge field
- *    contained in the CMMFChallenge.  Make sure the private key matches the
- *    public key that was used to encrypt the witness.  The creator of 
- *    the challenge will most likely be an RA that has the public key
- *    from a Cert request.  So the private key should be the private key
- *    associated with public key in that request.  This function will also
- *    verify the witness field of the challenge.
- *
- * RETURN:
- *    SECSuccess if decrypting the witness field was successful.  This does
- *    not indicate that the decrypted data is valid, since the private key 
- *    passed in may not be the actual key needed to properly decrypt the 
- *    witness field.  Meaning that there is a decrypted structure now, but
- *    may be garbage because the private key was incorrect.
- *    Any other return value indicates the function could not complete the
- *    decryption process.
- */
-extern SECStatus CMMF_ChallengeDecryptWitness(CMMFChallenge    *inChallenge,
-					      SECKEYPrivateKey *inPrivKey);
-
-/*
- * FUNCTION: CMMF_ChallengeIsDecrypted
- * INPUTS:
- *    inChallenge
- *        The CMMFChallenge to operate on.
- * RETURN:
- *    This is a predicate function that returns PR_TRUE if the decryption 
- *    process has already been performed.  The function return PR_FALSE if 
- *    the decryption process has not been performed yet.
- */
-extern PRBool CMMF_ChallengeIsDecrypted(CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
- * INPUTS:
- *    inDecKeyCont
- *        The CMMFPOPODecKeyChallContent to free
- * NOTES:
- *    This function frees up all the memory associated with the 
- *    CMMFPOPODecKeyChallContent 
- * RETURN:
- *    SECSuccess if freeing up all the memory associatd with the 
- *    CMMFPOPODecKeyChallContent is successful.  Any other return value
- *    indicates an error while freeing the memory.
- *
- */
-extern SECStatus 
- CMMF_DestroyPOPODecKeyChallContent (CMMFPOPODecKeyChallContent *inDecKeyCont);
-
diff --git a/security/nss/lib/crmf/crmfget.c b/security/nss/lib/crmf/crmfget.c
deleted file mode 100644
index 11f27a72d..000000000
--- a/security/nss/lib/crmf/crmfget.c
+++ /dev/null
@@ -1,478 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "keyhi.h"
-#include "secder.h"
-
-
-CRMFPOPChoice
-CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg)
-{
-    PORT_Assert(inCertReqMsg != NULL);
-    if (inCertReqMsg != NULL && inCertReqMsg->pop != NULL) {
-        return inCertReqMsg->pop->popUsed;
-    }
-    return crmfNoPOPChoice;
-}
-
-static SECStatus
-crmf_destroy_validity(CRMFOptionalValidity *inValidity, PRBool freeit)
-{
-    if (inValidity != NULL){
-        if (inValidity->notBefore.data != NULL) {
-	    PORT_Free(inValidity->notBefore.data);
-	}
-	if (inValidity->notAfter.data != NULL) {
-	    PORT_Free(inValidity->notAfter.data);
-	}
-	if (freeit) {
-	    PORT_Free(inValidity);
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus 
-crmf_copy_cert_request_validity(PRArenaPool           *poolp,
-				CRMFOptionalValidity **destValidity,
-				CRMFOptionalValidity  *srcValidity)
-{
-    CRMFOptionalValidity *myValidity = NULL;
-    SECStatus             rv;
-
-    *destValidity = myValidity = (poolp == NULL) ?
-                                  PORT_ZNew(CRMFOptionalValidity) :
-                                  PORT_ArenaZNew(poolp, CRMFOptionalValidity);
-    if (myValidity == NULL) {
-        goto loser;
-    }
-    if (srcValidity->notBefore.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, &myValidity->notBefore, 
-			      &srcValidity->notBefore);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcValidity->notAfter.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, &myValidity->notAfter, 
-			      &srcValidity->notAfter);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    return SECSuccess;
- loser:
-    if (myValidity != NULL && poolp == NULL) {
-        crmf_destroy_validity(myValidity, PR_TRUE);
-    }
-    return SECFailure;
-}
-
-static SECStatus
-crmf_copy_extensions(PRArenaPool        *poolp, 
-		     CRMFCertTemplate   *destTemplate,
-		     CRMFCertExtension **srcExt)
-{
-    int       numExt = 0, i;
-    CRMFCertExtension **myExtArray = NULL;
-
-    while (srcExt[numExt] != NULL) {
-        numExt++;
-    }
-    if (numExt == 0) {
-        /*No extensions to copy.*/
-        destTemplate->extensions = NULL;
-	destTemplate->numExtensions = 0;
-        return SECSuccess;
-    }
-    destTemplate->extensions = myExtArray = 
-                           PORT_NewArray(CRMFCertExtension*, numExt+1);
-    if (myExtArray == NULL) {
-        goto loser;
-    }
-     
-    for (i=0; i<numExt; i++) {
-        myExtArray[i] = crmf_copy_cert_extension(poolp, srcExt[i]);
-	if (myExtArray[i] == NULL) {
-	    goto loser;
-	}
-    }
-    destTemplate->numExtensions = numExt;
-    myExtArray[numExt] = NULL;
-    return SECSuccess;
- loser:
-    if (myExtArray != NULL) {
-        if (poolp == NULL) {
-	    for (i=0; myExtArray[i] != NULL; i++) {
-	        CRMF_DestroyCertExtension(myExtArray[i]);
-	    }
-	}
-	PORT_Free(myExtArray);
-    }
-    destTemplate->extensions = NULL;
-    destTemplate->numExtensions = 0;
-    return SECFailure;
-}
-
-static SECStatus
-crmf_copy_cert_request_template(PRArenaPool      *poolp, 
-				CRMFCertTemplate *destTemplate,
-				CRMFCertTemplate *srcTemplate)
-{
-    SECStatus rv;
-
-    if (srcTemplate->version.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, &destTemplate->version, 
-			      &srcTemplate->version);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->serialNumber.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, &destTemplate->serialNumber,
-			      &srcTemplate->serialNumber);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->signingAlg != NULL) {
-        rv = crmf_template_copy_secalg(poolp, &destTemplate->signingAlg,
-				       srcTemplate->signingAlg);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->issuer != NULL) {
-        rv = crmf_copy_cert_name(poolp, &destTemplate->issuer,
-				 srcTemplate->issuer);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->validity != NULL) {
-        rv = crmf_copy_cert_request_validity(poolp, &destTemplate->validity,
-					     srcTemplate->validity);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->subject != NULL) {
-        rv = crmf_copy_cert_name(poolp, &destTemplate->subject, 
-				 srcTemplate->subject);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->publicKey != NULL) {
-        rv = crmf_template_add_public_key(poolp, &destTemplate->publicKey,
-					  srcTemplate->publicKey);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->issuerUID.data != NULL) {
-        rv = crmf_make_bitstring_copy(poolp, &destTemplate->issuerUID,
-				      &srcTemplate->issuerUID);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->subjectUID.data != NULL) {
-        rv = crmf_make_bitstring_copy(poolp, &destTemplate->subjectUID,
-				      &srcTemplate->subjectUID);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (srcTemplate->extensions != NULL) {
-        rv = crmf_copy_extensions(poolp, destTemplate,
-				  srcTemplate->extensions);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    return SECSuccess;
- loser:
-    return SECFailure;
-}
-
-static CRMFControl*
-crmf_copy_control(PRArenaPool *poolp, CRMFControl *srcControl)
-{
-    CRMFControl *newControl;
-    SECStatus    rv;
-
-    newControl = (poolp == NULL) ? PORT_ZNew(CRMFControl) :
-                                   PORT_ArenaZNew(poolp, CRMFControl);
-    if (newControl == NULL) {
-        goto loser;
-    }
-    newControl->tag = srcControl->tag;
-    rv = SECITEM_CopyItem(poolp, &newControl->derTag, &srcControl->derTag);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = SECITEM_CopyItem(poolp, &newControl->derValue, &srcControl->derValue);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    /* We only handle PKIArchiveOptions Control right now.  But if in
-     * the future, more controls that are part of the union are added,
-     * then they need to be handled here as well.
-     */
-    switch (newControl->tag) {
-    case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
-        rv = crmf_copy_pkiarchiveoptions(poolp, 
-					 &newControl->value.archiveOptions,
-					 &srcControl->value.archiveOptions);
-      break;
-    default:
-        rv = SECSuccess;
-    }
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newControl;
-
- loser:
-    if (poolp == NULL && newControl != NULL) {
-        CRMF_DestroyControl(newControl);
-    }
-    return NULL;
-}
-
-static SECStatus
-crmf_copy_cert_request_controls(PRArenaPool     *poolp, 
-				CRMFCertRequest *destReq, 
-				CRMFCertRequest *srcReq)
-{
-    int           numControls, i;
-    CRMFControl **myControls = NULL;
-
-    numControls = CRMF_CertRequestGetNumControls(srcReq);
-    if (numControls == 0) {
-        /* No Controls To Copy*/
-        return SECSuccess;
-    }
-    myControls = destReq->controls = PORT_NewArray(CRMFControl*, 
-						   numControls+1);
-    if (myControls == NULL) {
-        goto loser;
-    }
-    for (i=0; i<numControls; i++) {
-        myControls[i] = crmf_copy_control(poolp, srcReq->controls[i]);
-	if (myControls[i] == NULL) {
-	    goto loser;
-	}
-    }
-    myControls[numControls] = NULL;
-    return SECSuccess;
- loser:
-    if (myControls != NULL) {
-        if (poolp == NULL) {
-	    for (i=0; myControls[i] != NULL; i++) {
-	        CRMF_DestroyControl(myControls[i]);
-	    }
-	}
-	PORT_Free(myControls);
-    }
-    return SECFailure;
-}
-
-
-CRMFCertRequest*
-crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq)
-{
-    CRMFCertRequest *newReq = NULL;
-    SECStatus        rv;
-
-    if (srcReq == NULL) {
-        return NULL;
-    }
-    newReq = (poolp == NULL) ? PORT_ZNew(CRMFCertRequest) :
-                               PORT_ArenaZNew(poolp, CRMFCertRequest);
-    if (newReq == NULL) {
-        goto loser;
-    }
-    rv = SECITEM_CopyItem(poolp, &newReq->certReqId, &srcReq->certReqId);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = crmf_copy_cert_request_template(poolp, &newReq->certTemplate, 
-					 &srcReq->certTemplate);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = crmf_copy_cert_request_controls(poolp, newReq, srcReq);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newReq;
- loser:
-    if (newReq != NULL && poolp == NULL) {
-        CRMF_DestroyCertRequest(newReq);
-    }
-    return NULL;
-}
-
-SECStatus 
-CRMF_DestroyGetValidity(CRMFGetValidity *inValidity)
-{
-    PORT_Assert(inValidity != NULL);
-    if (inValidity != NULL) {
-        if (inValidity->notAfter) {
-	    PORT_Free(inValidity->notAfter);
-	    inValidity->notAfter = NULL;
-	}
-	if (inValidity->notBefore) {
-	    PORT_Free(inValidity->notBefore);
-	    inValidity->notBefore = NULL;
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest, SECItem *src)
-{
-    int origLenBits;
-    int bytesToCopy;
-    SECStatus rv;
-
-    origLenBits = src->len;
-    bytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
-    src->len = bytesToCopy;         
-    rv = SECITEM_CopyItem(arena, dest, src);
-    src->len = origLenBits;
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    dest->len = origLenBits;
-    return SECSuccess;
-}
-
-int
-CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq)
-{
-    CRMFCertTemplate *certTemplate;
-    int count = 0;
-    
-    certTemplate = &inCertReq->certTemplate;
-    if (certTemplate->extensions) {
-        while (certTemplate->extensions[count] != NULL)
-	    count++;
-    }
-    return count;
-}
-
-SECOidTag
-CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension)
-{
-    PORT_Assert(inExtension != NULL);
-    if (inExtension == NULL) {
-        return SEC_OID_UNKNOWN;
-    }
-    return SECOID_FindOIDTag(&inExtension->id);
-}
-
-PRBool
-CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt)
-{
-    PORT_Assert(inExt != NULL);
-    if (inExt == NULL) {
-        return PR_FALSE;
-    }
-    return inExt->critical.data != NULL;
-}
-
-SECItem*
-CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension)
-{
-    PORT_Assert(inExtension != NULL);
-    if (inExtension == NULL) {
-        return NULL;
-    }
-    
-    return SECITEM_DupItem(&inExtension->value);
-}
-			  
-
-SECStatus
-CRMF_DestroyPOPOSigningKey(CRMFPOPOSigningKey *inKey)
-{
-    PORT_Assert(inKey != NULL);
-    if (inKey != NULL) {
-        if (inKey->derInput.data != NULL) {
-	    SECITEM_FreeItem(&inKey->derInput, PR_FALSE);
-	}
-	if (inKey->algorithmIdentifier != NULL) {
-	    SECOID_DestroyAlgorithmID(inKey->algorithmIdentifier, PR_TRUE);
-	}
-	if (inKey->signature.data != NULL) {
-	    SECITEM_FreeItem(&inKey->signature, PR_FALSE);
-	}
-	PORT_Free(inKey);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey)
-{
-    PORT_Assert(inPrivKey != NULL);
-    if (inPrivKey != NULL) {
-        SECITEM_FreeItem(&inPrivKey->message.thisMessage, PR_FALSE);
-	PORT_Free(inPrivKey);
-    }
-    return SECSuccess;
-}
-
-int
-CRMF_CertRequestGetNumControls(CRMFCertRequest *inCertReq)
-{
-    int              count = 0;
-
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return 0;
-    }
-    if (inCertReq->controls) {
-        while (inCertReq->controls[count] != NULL)
-	    count++;
-    }
-    return count;
-}
-
diff --git a/security/nss/lib/crmf/crmfi.h b/security/nss/lib/crmf/crmfi.h
deleted file mode 100644
index 2a950452d..000000000
--- a/security/nss/lib/crmf/crmfi.h
+++ /dev/null
@@ -1,186 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMFI_H_
-#define _CRMFI_H_
-/* This file will contain all declarations common to both 
- * encoding and decoding of CRMF Cert Requests.  This header 
- * file should only be included internally by CRMF implementation
- * files.
- */
-#include "secasn1.h"
-#include "crmfit.h"
-
-#define CRMF_DEFAULT_ARENA_SIZE   1024
-#define MAX_WRAPPED_KEY_LEN       2048
-
-
-#define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
-#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
-
-struct crmfEncoderArg {
-    SECItem *buffer;
-    long     allocatedLen;
-};
-
-struct crmfEncoderOutput {
-    CRMFEncoderOutputCallback fn;
-    void *outputArg;
-};
-
-/*
- * This funciton is used by the API for encoding functions that are 
- * exposed through the API, ie all of the CMMF_Encode* and CRMF_Encode*
- * functions.
- */
-extern void
-       crmf_encoder_out(void *arg, const char *buf, unsigned long len,
-                        int depth, SEC_ASN1EncodingPart data_kind);
-
-/*
- * This function is used when we want to encode something locally within
- * the library, ie the CertRequest so that we can produce its signature.
- */
-extern SECStatus 
-       crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
-				       SECItem               *derDest);
-
-/*
- * This is the callback function we feed to the ASN1 encoder when doing
- * internal DER-encodings.  ie, encoding the cert request so we can 
- * produce a signature.
- */
-extern void
-crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
-			      int depth, SEC_ASN1EncodingPart data_kind);
-
-/* The ASN1 templates that need to be seen by internal files
- * in order to implement CRMF.
- */
-extern const SEC_ASN1Template CRMFCertReqMsgTemplate[];
-extern const SEC_ASN1Template CRMFRAVerifiedTemplate[];
-extern const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[];
-extern const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[];
-extern const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[];
-extern const SEC_ASN1Template CRMFThisMessageTemplate[];
-extern const SEC_ASN1Template CRMFSubsequentMessageTemplate[];
-extern const SEC_ASN1Template CRMFDHMACTemplate[];
-extern const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[];
-extern const SEC_ASN1Template CRMFEncryptedValueTemplate[];
-
-/*
- * Use these two values for encoding Boolean values.
- */
-extern const unsigned char hexTrue;
-extern const unsigned char hexFalse;
-/*
- * Prototypes for helper routines used internally by multiple files.
- */
-extern SECStatus crmf_encode_integer(PRArenaPool *poolp, SECItem *dest, 
-				     long value);
-extern SECStatus crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest, 
-					  SECItem *src);
-
-extern SECStatus crmf_copy_pkiarchiveoptions(PRArenaPool           *poolp, 
-					     CRMFPKIArchiveOptions *destOpt,
-					     CRMFPKIArchiveOptions *srcOpt);
-extern SECStatus  
-       crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
-				      PRBool                 freeit);
-extern const SEC_ASN1Template*
-       crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl);
-
-extern SECStatus crmf_copy_encryptedkey(PRArenaPool       *poolp,
-					CRMFEncryptedKey  *srcEncrKey,
-					CRMFEncryptedKey  *destEncrKey);
-extern SECStatus
-crmf_copy_encryptedvalue(PRArenaPool        *poolp,
-			 CRMFEncryptedValue *srcValue,
-			 CRMFEncryptedValue *destValue);
-
-extern SECStatus
-crmf_copy_encryptedvalue_secalg(PRArenaPool     *poolp,
-				SECAlgorithmID  *srcAlgId,
-				SECAlgorithmID **destAlgId);
-
-extern SECStatus crmf_template_copy_secalg(PRArenaPool *poolp, 
-					   SECAlgorithmID **dest,
-					   SECAlgorithmID *src);
-
-extern SECStatus crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest, 
-				     CERTName *src);
-
-extern SECStatus crmf_template_add_public_key(PRArenaPool               *poolp,
-					      CERTSubjectPublicKeyInfo **dest,
-					      CERTSubjectPublicKeyInfo  *pubKey);
-
-extern CRMFCertExtension* crmf_create_cert_extension(PRArenaPool *poolp, 
-						     SECOidTag    tag, 
-						     PRBool       isCritical,
-						     SECItem     *data);
-extern CRMFCertRequest*
-crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq);
-
-extern SECStatus crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue, 
-					      PRBool freeit);
-
-extern CRMFEncryptedValue *
-crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey   *inPrivKey,
-					    SECKEYPublicKey    *inPubKey,
-					    CRMFEncryptedValue *destValue);
-
-extern CK_MECHANISM_TYPE 
-       crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey);
-
-extern SECStatus
-crmf_encrypted_value_unwrap_priv_key(PRArenaPool        *poolp,
-				     CRMFEncryptedValue *encValue,
-				     SECKEYPrivateKey   *privKey,
-				     SECKEYPublicKey    *newPubKey,
-				     SECItem            *nickname,
-				     PK11SlotInfo       *slot,
-				     unsigned char       keyUsage,
-				     SECKEYPrivateKey  **unWrappedKey,
-				     void               *wincx);
-
-extern SECItem*
-crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest);
-
-extern CRMFCertExtension*
-crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension);
-
-extern SECStatus
-crmf_create_prtime(SECItem *src, PRTime **dest);
-#endif /*_CRMFI_H_*/
diff --git a/security/nss/lib/crmf/crmfit.h b/security/nss/lib/crmf/crmfit.h
deleted file mode 100644
index 4cc95319a..000000000
--- a/security/nss/lib/crmf/crmfit.h
+++ /dev/null
@@ -1,216 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMFIT_H_
-#define _CRMFIT_H_
-
-struct CRMFCertReqMessagesStr {
-    CRMFCertReqMsg **messages;
-    PRArenaPool     *poolp;
-};
-
-struct CRMFCertExtensionStr {
-    SECItem id;
-    SECItem critical;
-    SECItem value;
-};
-
-
-struct CRMFOptionalValidityStr {
-    SECItem notBefore; 
-    SECItem notAfter;
-};
-
-struct CRMFCertTemplateStr {
-    SECItem                   version;
-    SECItem                   serialNumber;
-    SECAlgorithmID           *signingAlg;
-    CERTName                 *issuer;
-    CRMFOptionalValidity     *validity;
-    CERTName                 *subject;
-    CERTSubjectPublicKeyInfo *publicKey;
-    SECItem                   issuerUID;
-    SECItem                   subjectUID; 
-    CRMFCertExtension       **extensions;
-    int                       numExtensions;
-};
-
-struct CRMFCertIDStr {
-    SECItem issuer; /* General Name */
-    SECItem serialNumber; /*INTEGER*/
-};
-
-struct CRMFEncryptedValueStr {
-    SECAlgorithmID *intendedAlg;
-    SECAlgorithmID *symmAlg;
-    SECItem         encSymmKey; /*BIT STRING   */
-    SECAlgorithmID *keyAlg;
-    SECItem         valueHint;  /*OCTET STRING */
-    SECItem         encValue;   /*BIT STRING   */
-};
-
-/*
- * The field derValue will contain the actual der
- * to include in the encoding or that was read in
- * from a der blob. 
- */
-struct CRMFEncryptedKeyStr {
-    union {
-        SEC_PKCS7ContentInfo   *envelopedData;
-        CRMFEncryptedValue      encryptedValue; 
-    } value;
-    CRMFEncryptedKeyChoice encKeyChoice;
-    SECItem derValue;
-};
-
-/* ASN1 must only have one of the following 3 options. */
-struct CRMFPKIArchiveOptionsStr {
-    union {
-        CRMFEncryptedKey  encryptedKey;
-        SECItem           keyGenParameters;
-        SECItem           archiveRemGenPrivKey; /* BOOLEAN */
-    } option;
-    CRMFPKIArchiveOptionsType archOption;
-};
-
-struct CRMFPKIPublicationInfoStr {
-    SECItem action; /* Possible values                    */
-                    /* dontPublish (0), pleasePublish (1) */
-    CRMFSinglePubInfo **pubInfos; 
-};
-
-struct CRMFControlStr {
-    SECOidTag  tag;
-    SECItem    derTag;
-    SECItem    derValue;
-    /* These will be C structures used to represent the various 
-     * options.  Values that can't be stored as der right away.
-     * After creating these structures, we'll place their der
-     * encoding in derValue so the encoder knows how to get to
-     * it.
-     */
-    union {
-        CRMFCertID              oldCertId;
-        CRMFPKIArchiveOptions   archiveOptions;
-        CRMFPKIPublicationInfo  pubInfo;
-        CRMFProtocolEncrKey     protEncrKey; 
-    } value;
-};
-
-struct CRMFCertRequestStr {
-    SECItem            certReqId;
-    CRMFCertTemplate   certTemplate;
-    CRMFControl      **controls;
-    /* The following members are used by the internal implementation, but
-     * are not part of the encoding.
-     */
-    PRArenaPool *poolp;
-    long         requestID; /* This is the value that will be encoded into
-			     * the certReqId field.
-			     */
-};                                   
-
-struct CRMFAttributeStr {
-    SECItem derTag;
-    SECItem derValue;
-};
-
-struct CRMFCertReqMsgStr {
-    CRMFCertRequest            *certReq;
-    CRMFProofOfPossession      *pop;
-    CRMFAttribute             **regInfo;
-    SECItem                     derPOP;
-    /* This arena will be used for allocating memory when decoding.
-     */
-    PRArenaPool *poolp;
-    PRBool       isDecoded;
-};
-
-struct CRMFPOPOSigningKeyInputStr {
-    /* ASN1 must have only one of the next 2 options */
-    union {
-        SECItem          sender; /*General Name*/
-        CRMFPKMACValue  *publicKeyMAC;
-    }authInfo;
-    CERTSubjectPublicKeyInfo publicKey;
-};
-
-struct CRMFPOPOSigningKeyStr {
-    SECItem                  derInput; /*If in the future we support 
-                                        *POPOSigningKeyInput, this will
-                                        *a C structure representation
-                                        *instead.
-                                        */
-    SECAlgorithmID          *algorithmIdentifier;
-    SECItem                  signature; /* This is a BIT STRING. Remember */
-};                                      /* that when interpreting.        */
-
-/* ASN1 must only choose one of these members */
-struct CRMFPOPOPrivKeyStr {
-    union {
-        SECItem thisMessage; /* BIT STRING */
-        SECItem subsequentMessage; /*INTEGER*/ 
-        SECItem dhMAC; /*BIT STRING*/
-    } message;
-    CRMFPOPOPrivKeyChoice messageChoice;
-};
-
-/* ASN1 must only have one of these options. */
-struct CRMFProofOfPossessionStr {
-    union {
-        SECItem             raVerified;
-        CRMFPOPOSigningKey  signature;
-        CRMFPOPOPrivKey     keyEncipherment;
-        CRMFPOPOPrivKey     keyAgreement;
-    } popChoice;
-    CRMFPOPChoice       popUsed; /*Not part of encoding*/
-};
-
-struct CRMFPKMACValueStr {
-    SECAlgorithmID algID;
-    SECItem        value; /*BIT STRING*/
-};
-
-struct CRMFSinglePubInfoStr {
-    SECItem pubMethod; /* Possible Values:
-			*   dontCare (0)
-			*   x500     (1)
-			*   web      (2)
-			*   ldap     (3)
-			*/
-    CERTGeneralName *pubLocation; /* General Name */
-};
-
-#endif /* _CRMFIT_H_ */
diff --git a/security/nss/lib/crmf/crmfpop.c b/security/nss/lib/crmf/crmfpop.c
deleted file mode 100644
index d6ec26827..000000000
--- a/security/nss/lib/crmf/crmfpop.c
+++ /dev/null
@@ -1,604 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secasn1.h"
-#include "keyhi.h"
-#include "cryptohi.h"
-
-#define CRMF_DEFAULT_ALLOC_SIZE 1024
-
-SECStatus
-crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg, 
-				SECItem               *derDest) 
-{
-    derDest->data = PORT_ZNewArray(unsigned char, CRMF_DEFAULT_ALLOC_SIZE);
-    if (derDest->data == NULL) {
-        return SECFailure;
-    }
-    derDest->len = 0;
-    encoderArg->allocatedLen = CRMF_DEFAULT_ALLOC_SIZE;
-    encoderArg->buffer = derDest;
-    return SECSuccess;
-
-}
-
-/* Caller should release or unmark the pool, instead of doing it here.
-** But there are NO callers of this function at present...
-*/
-SECStatus 
-CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg)
-{
-    SECItem               *dummy;
-    CRMFProofOfPossession *pop;
-    PRArenaPool           *poolp;
-    void                  *mark;
-
-    PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
-    poolp = inCertReqMsg->poolp;
-    mark = PORT_ArenaMark(poolp);
-    if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
-        return SECFailure;
-    }
-    pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
-    if (pop == NULL) {
-        goto loser;
-    }
-    pop->popUsed = crmfRAVerified;
-    pop->popChoice.raVerified.data = NULL;
-    pop->popChoice.raVerified.len  = 0;
-    inCertReqMsg->pop = pop;
-    dummy = SEC_ASN1EncodeItem(poolp, &(inCertReqMsg->derPOP),
-			       &(pop->popChoice.raVerified),
-			       CRMFRAVerifiedTemplate);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-SECOidTag
-crmf_map_keytag_to_signtag(SECOidTag inTag)
-{
-    switch (inTag) {
-    case SEC_OID_PKCS1_RSA_ENCRYPTION:
-        return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-    case SEC_OID_ANSIX9_DSA_SIGNATURE:
-    case SEC_OID_MISSI_KEA_DSS:
-    case SEC_OID_MISSI_DSS:
-        return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-    default:
-        /* Put this in here to kill warnings. */
-        break;
-    }
-    return inTag;
-}
-
-SECOidTag
-crmf_get_key_sign_tag(SECKEYPublicKey *inPubKey)
-{
-    CERTSubjectPublicKeyInfo *spki;
-    SECOidTag                 tag;
-
-    spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
-    if (spki == NULL) {
-        return SEC_OID_UNKNOWN;
-    }
-    tag = SECOID_GetAlgorithmTag(&spki->algorithm);
-    SECKEY_DestroySubjectPublicKeyInfo(spki);
-    return crmf_map_keytag_to_signtag(tag);
-}
-
-SECAlgorithmID*
-crmf_create_poposignkey_algid(PRArenaPool      *poolp,
-			      SECKEYPublicKey  *inPubKey)
-{
-    SECAlgorithmID *algID;
-    SECOidTag       tag;
-    SECStatus       rv;
-    void           *mark;
-
-    mark = PORT_ArenaMark(poolp);
-    algID = PORT_ArenaZNew(poolp, SECAlgorithmID);
-    if (algID == NULL) {
-        goto loser;
-    }
-    tag = crmf_get_key_sign_tag(inPubKey);
-    if (tag == SEC_OID_UNKNOWN) {
-        goto loser;
-    }
-    rv = SECOID_SetAlgorithmID(poolp, algID, tag, NULL);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    return algID;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-static CRMFPOPOSigningKeyInput*
-crmf_create_poposigningkeyinput(PRArenaPool *poolp, CERTCertificate *inCert,
-				CRMFMACPasswordCallback fn, void *arg)
-{
-  /* PSM isn't going to do this, so we'll fail here for now.*/
-     return NULL;
-}
-
-void
-crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
-			      int depth, SEC_ASN1EncodingPart data_kind)
-{
-    struct crmfEncoderArg *encoderArg = (struct crmfEncoderArg*)arg;
-    unsigned char *cursor;
-    
-   if (encoderArg->buffer->len + len > encoderArg->allocatedLen) {
-        int newSize = encoderArg->buffer->len+CRMF_DEFAULT_ALLOC_SIZE;
-        void *dummy = PORT_Realloc(encoderArg->buffer->data, newSize);
-	if (dummy == NULL) {
-	    /* I really want to return an error code here */
-	    PORT_Assert(0);
-	    return;
-	}
-	encoderArg->buffer->data = dummy;
-	encoderArg->allocatedLen = newSize;
-    }
-    cursor = &(encoderArg->buffer->data[encoderArg->buffer->len]);
-    PORT_Memcpy (cursor, buf, len);
-    encoderArg->buffer->len += len;    
-}
-
-static SECStatus
-crmf_encode_certreq(CRMFCertRequest *inCertReq, SECItem *derDest)
-{
-    struct crmfEncoderArg encoderArg;
-    SECStatus             rv;
-  
-    rv = crmf_init_encoder_callback_arg (&encoderArg, derDest);
-    if (rv != SECSuccess) {
-        return SECFailure;
-    }
-    return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate, 
-			  crmf_generic_encoder_callback, &encoderArg);
-}
-
-static SECStatus
-crmf_sign_certreq(PRArenaPool        *poolp, 
-		  CRMFPOPOSigningKey *crmfSignKey, 
-		  CRMFCertRequest    *certReq,
-		  SECKEYPrivateKey   *inKey,
-		  SECAlgorithmID     *inAlgId)
-{
-    SECItem                      derCertReq;
-    SECItem                      certReqSig;
-    SECStatus                    rv = SECSuccess;
-
-    rv = crmf_encode_certreq(certReq, &derCertReq);
-    if (rv != SECSuccess) {
-       goto loser;
-    }
-    rv = SEC_SignData(&certReqSig, derCertReq.data, derCertReq.len,
-		      inKey,SECOID_GetAlgorithmTag(inAlgId));
-    if (rv != SECSuccess) {
-        goto loser;
-    }
- 
-    /* Now make it a part of the POPOSigningKey */
-    rv = SECITEM_CopyItem(poolp, &(crmfSignKey->signature), &certReqSig);
-    /* Convert this length to number of bits */
-    crmfSignKey->signature.len <<= 3; 
-   
- loser:
-    if (derCertReq.data != NULL) {
-        PORT_Free(derCertReq.data);
-    }
-    if (certReqSig.data != NULL) {
-        PORT_Free(certReqSig.data);
-    }
-    return rv;
-}
-
-static SECStatus
-crmf_create_poposignkey(PRArenaPool             *poolp, 
-			CRMFCertReqMsg          *inCertReqMsg, 
-			CRMFPOPOSigningKeyInput *signKeyInput, 
-			SECKEYPrivateKey        *inPrivKey,
-			SECAlgorithmID          *inAlgID,
-			CRMFPOPOSigningKey      *signKey) 
-{
-    CRMFCertRequest    *certReq;
-    void               *mark;
-    PRBool              useSignKeyInput;
-    SECStatus           rv;
-    
-    PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL);
-    mark = PORT_ArenaMark(poolp);
-    if (signKey == NULL) {
-        goto loser;
-    }
-    certReq = inCertReqMsg->certReq;
-    useSignKeyInput = !(CRMF_DoesRequestHaveField(certReq,crmfSubject)  &&
-			CRMF_DoesRequestHaveField(certReq,crmfPublicKey));
-
-    if (useSignKeyInput) {
-        goto loser; 
-    } else {
-        rv = crmf_sign_certreq(poolp, signKey, certReq,inPrivKey, inAlgID);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    PORT_ArenaUnmark(poolp,mark);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp,mark);
-    return SECFailure;
-}
-
-SECStatus
-CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg   *inCertReqMsg,
-			       SECKEYPrivateKey *inPrivKey,
-			       SECKEYPublicKey  *inPubKey,
-			       CERTCertificate  *inCertForInput,
-			       CRMFMACPasswordCallback  fn,
-			       void                    *arg)
-{
-    SECAlgorithmID  *algID;
-    PRArenaPool     *poolp;
-    SECItem          derDest = {siBuffer, NULL, 0};
-    void            *mark;
-    SECStatus        rv;
-    CRMFPOPOSigningKeyInput *signKeyInput = NULL;
-    CRMFCertRequest         *certReq;
-    CRMFProofOfPossession   *pop;
-    struct crmfEncoderArg    encoderArg;
-
-    PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL &&
-		inCertReqMsg->pop == NULL);
-    certReq = inCertReqMsg->certReq;
-    if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice || 
-	!CRMF_DoesRequestHaveField(certReq, crmfPublicKey)) {
-        return SECFailure;
-    } 
-    poolp = inCertReqMsg->poolp;
-    mark = PORT_ArenaMark(poolp);
-    algID = crmf_create_poposignkey_algid(poolp, inPubKey);
-
-    if(!CRMF_DoesRequestHaveField(certReq,crmfSubject)) {
-        signKeyInput = crmf_create_poposigningkeyinput(poolp, inCertForInput,
-						       fn, arg);
-	if (signKeyInput == NULL) {
-	    goto loser;
-	}
-    }
-
-    pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
-    if (pop == NULL) {
-        goto loser;
-    }
-    
-    rv = crmf_create_poposignkey(poolp, inCertReqMsg, 
-				 signKeyInput, inPrivKey, algID,
-				 &(pop->popChoice.signature));
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    pop->popUsed = crmfSignature;
-    pop->popChoice.signature.algorithmIdentifier = algID;
-    inCertReqMsg->pop = pop;
-  
-    rv = crmf_init_encoder_callback_arg (&encoderArg, &derDest);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = SEC_ASN1Encode(&pop->popChoice.signature, 
-			CRMFPOPOSigningKeyTemplate,
-			crmf_generic_encoder_callback, &encoderArg);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    rv = SECITEM_CopyItem(poolp, &(inCertReqMsg->derPOP), &derDest);
-    PORT_Free (derDest.data);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_ArenaUnmark(poolp,mark);
-    return SECSuccess;
-
- loser:
-    PORT_ArenaRelease(poolp,mark);
-    if (derDest.data != NULL) {
-        PORT_Free(derDest.data);
-    }
-    return SECFailure;
-}
-
-static const SEC_ASN1Template*
-crmf_get_popoprivkey_subtemplate(CRMFPOPOPrivKey *inPrivKey) 
-{
-    const SEC_ASN1Template *retTemplate = NULL;
-
-    switch (inPrivKey->messageChoice) {
-    case crmfThisMessage:
-        retTemplate = CRMFThisMessageTemplate;
-	break;
-    case crmfSubsequentMessage:
-        retTemplate = CRMFSubsequentMessageTemplate;
-	break;
-    case crmfDHMAC:
-        retTemplate = CRMFDHMACTemplate;
-	break;
-    default:
-        retTemplate = NULL;
-    }
-    return retTemplate;
-}
-
-static SECStatus
-crmf_encode_popoprivkey(PRArenaPool            *poolp, 
-			CRMFCertReqMsg         *inCertReqMsg,
-			CRMFPOPOPrivKey        *popoPrivKey,
-			const SEC_ASN1Template *privKeyTemplate)
-{
-    struct crmfEncoderArg   encoderArg;
-    SECItem                 derDest; 
-    SECStatus               rv;
-    void                   *mark;
-    const SEC_ASN1Template *subDerTemplate;
-
-    mark = PORT_ArenaMark(poolp);
-    rv = crmf_init_encoder_callback_arg(&encoderArg, &derDest);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    subDerTemplate = crmf_get_popoprivkey_subtemplate(popoPrivKey);
-    /* We've got a union, so a pointer to one item is a pointer to 
-     * all the items in the union.
-     */
-    rv = SEC_ASN1Encode(&popoPrivKey->message.thisMessage, 
-			subDerTemplate,
-			crmf_generic_encoder_callback, &encoderArg);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    if (encoderArg.allocatedLen > derDest.len+2) {
-        void *dummy = PORT_Realloc(derDest.data, derDest.len+2);
-	if (dummy == NULL) {
-	    goto loser;
-	}
-	derDest.data = dummy;
-    }
-    PORT_Memmove(&derDest.data[2], &derDest.data[0], derDest.len);
-    /* I couldn't figure out how to get the ASN1 encoder to implicitly
-     * tag an implicitly tagged der blob.  So I'm putting in the outter-
-     * most tag myself. -javi
-     */
-    derDest.data[0] = (unsigned char)privKeyTemplate->kind;
-    derDest.data[1] = (unsigned char)derDest.len;
-    derDest.len += 2;
-    rv = SECITEM_CopyItem(poolp, &inCertReqMsg->derPOP, &derDest);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_Free(derDest.data);
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    if (derDest.data) {
-        PORT_Free(derDest.data);
-    }
-    return SECFailure;
-}
-
-static const SEC_ASN1Template*
-crmf_get_template_for_privkey(CRMFPOPChoice inChoice) 
-{
-    switch (inChoice) {
-    case crmfKeyAgreement:
-        return CRMFPOPOKeyAgreementTemplate;
-    case crmfKeyEncipherment:
-        return CRMFPOPOKeyEnciphermentTemplate;
-    default:
-        break;
-    }
-    return NULL;
-}
-
-static SECStatus
-crmf_add_privkey_thismessage(CRMFCertReqMsg *inCertReqMsg, SECItem *encPrivKey,
-			     CRMFPOPChoice inChoice)
-{
-    PRArenaPool           *poolp;
-    void                  *mark;
-    CRMFPOPOPrivKey       *popoPrivKey;
-    CRMFProofOfPossession *pop;
-    SECStatus              rv;
-
-    PORT_Assert(inCertReqMsg != NULL && encPrivKey != NULL);
-    poolp = inCertReqMsg->poolp;
-    mark = PORT_ArenaMark(poolp);
-    pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
-    if (pop == NULL) {
-        goto loser;
-    }
-    pop->popUsed = inChoice;
-    /* popChoice is a union, so getting a pointer to one
-     * field gives me a pointer to the other fields as
-     * well.  This in essence points to both 
-     * pop->popChoice.keyEncipherment and
-     * pop->popChoice.keyAgreement
-     */
-    popoPrivKey = &pop->popChoice.keyEncipherment;
-
-    rv = SECITEM_CopyItem(poolp, &(popoPrivKey->message.thisMessage),
-			  encPrivKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    popoPrivKey->message.thisMessage.len <<= 3;
-    popoPrivKey->messageChoice = crmfThisMessage;
-    inCertReqMsg->pop = pop;
-    rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
-				 crmf_get_template_for_privkey(inChoice));
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-    
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-static SECStatus
-crmf_add_privkey_subseqmessage(CRMFCertReqMsg        *inCertReqMsg,
-			       CRMFSubseqMessOptions  subsequentMessage,
-			       CRMFPOPChoice          inChoice)
-{
-    void                  *mark;
-    PRArenaPool           *poolp;
-    CRMFProofOfPossession *pop;
-    CRMFPOPOPrivKey       *popoPrivKey;
-    SECStatus              rv;
-    const SEC_ASN1Template *privKeyTemplate;
-
-    if (subsequentMessage == crmfNoSubseqMess) {
-        return SECFailure;
-    }
-    poolp = inCertReqMsg->poolp;
-    mark = PORT_ArenaMark(poolp);
-    pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
-    if (pop == NULL) {
-        goto loser;
-    }
-
-    pop->popUsed = inChoice;
-    /* 
-     * We have a union, so a pointer to one member of the union
-     * is also a member to another member of that same union.
-     */
-    popoPrivKey = &pop->popChoice.keyEncipherment;
-
-    switch (subsequentMessage) {
-    case crmfEncrCert:
-        rv = crmf_encode_integer(poolp, 
-				 &(popoPrivKey->message.subsequentMessage),
-				 0);
-	break;
-    case crmfChallengeResp:
-        rv = crmf_encode_integer(poolp,
-				 &(popoPrivKey->message.subsequentMessage),
-				 1);
-	break;
-    default:
-        goto loser;
-    }
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    popoPrivKey->messageChoice = crmfSubsequentMessage;
-    privKeyTemplate = crmf_get_template_for_privkey(inChoice);
-    inCertReqMsg->pop = pop;
-    rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
-				 privKeyTemplate);
-
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-SECStatus 
-CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg        *inCertReqMsg,
-				     CRMFPOPOPrivKeyChoice  inKeyChoice,
-				     CRMFSubseqMessOptions  subseqMess,
-				     SECItem               *encPrivKey)
-{
-    SECStatus rv;
-
-    PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
-    if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
-        return SECFailure;
-    }
-    switch (inKeyChoice) {    
-    case crmfThisMessage:
-        rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
-					  crmfKeyEncipherment);
-	break;
-    case crmfSubsequentMessage:
-        rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess, 
-					    crmfKeyEncipherment);
-        break;
-    case crmfDHMAC:
-    default:
-        rv = SECFailure;
-    }
-    return rv;
-}
-
-SECStatus 
-CRMF_CertReqMsgSetKeyAgreementPOP (CRMFCertReqMsg        *inCertReqMsg,
-				   CRMFPOPOPrivKeyChoice  inKeyChoice,
-				   CRMFSubseqMessOptions  subseqMess,
-				   SECItem               *encPrivKey)
-{
-    SECStatus rv;
-
-    PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
-    switch (inKeyChoice) {    
-    case crmfThisMessage:
-        rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
-					  crmfKeyAgreement);
-	break;
-    case crmfSubsequentMessage:
-        rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess, 
-					    crmfKeyAgreement);
-    case crmfDHMAC:
-        /* This case should be added in the future. */
-    default:
-        rv = SECFailure;
-    }
-    return rv;
-}
-
diff --git a/security/nss/lib/crmf/crmfreq.c b/security/nss/lib/crmf/crmfreq.c
deleted file mode 100644
index 7367f7d26..000000000
--- a/security/nss/lib/crmf/crmfreq.c
+++ /dev/null
@@ -1,697 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "keyhi.h"
-#include "secder.h"
-
-/*
- * Macro that returns PR_TRUE if the pointer is not NULL.
- * If the pointer is NULL, then the macro will return PR_FALSE.
- */
-#define IS_NOT_NULL(ptr) ((ptr) == NULL) ? PR_FALSE : PR_TRUE
-
-const unsigned char hexTrue  = 0xff;
-const unsigned char hexFalse = 0x00;
-
-
-SECStatus
-crmf_encode_integer(PRArenaPool *poolp, SECItem *dest, long value) 
-{
-    SECItem *dummy;
-
-    dummy = SEC_ASN1EncodeInteger(poolp, dest, value);
-    PORT_Assert (dummy == dest);
-    if (dummy == NULL) {
-        return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-crmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
-    return  SECITEM_CopyItem (poolp, dest, src); 
-}
-
-PRBool
-CRMF_DoesRequestHaveField (CRMFCertRequest       *inCertReq, 
-			   CRMFCertTemplateField  inField)
-{
-  
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return PR_FALSE;
-    }
-    switch (inField) {
-    case crmfVersion:
-        return inCertReq->certTemplate.version.data != NULL;
-    case crmfSerialNumber:
-        return inCertReq->certTemplate.serialNumber.data != NULL;
-    case crmfSigningAlg:
-        return inCertReq->certTemplate.signingAlg != NULL;
-    case crmfIssuer:
-        return inCertReq->certTemplate.issuer != NULL;
-    case crmfValidity:
-        return inCertReq->certTemplate.validity != NULL;
-    case crmfSubject:
-        return inCertReq->certTemplate.subject != NULL;
-    case crmfPublicKey:
-        return inCertReq->certTemplate.publicKey != NULL;
-    case crmfIssuerUID:
-        return inCertReq->certTemplate.issuerUID.data != NULL;
-    case crmfSubjectUID:
-        return inCertReq->certTemplate.subjectUID.data != NULL;
-    case crmfExtension:
-        return CRMF_CertRequestGetNumberOfExtensions(inCertReq) != 0;
-    }
-    return PR_FALSE;
-}
-
-CRMFCertRequest *
-CRMF_CreateCertRequest (long inRequestID) {
-    PRArenaPool     *poolp;
-    CRMFCertRequest *certReq;
-    SECStatus        rv;
-    
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        goto loser;
-    }
-    
-    certReq=PORT_ArenaZNew(poolp,CRMFCertRequest);
-    if (certReq == NULL) {
-        goto loser;
-    }
-
-    certReq->poolp = poolp;
-    certReq->requestID = inRequestID;
-    
-    rv = crmf_encode_integer(poolp, &(certReq->certReqId), inRequestID);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    return certReq;
- loser:
-    if (poolp) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-SECStatus
-CRMF_DestroyCertRequest(CRMFCertRequest *inCertReq)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq != NULL) {
-        if (inCertReq->certTemplate.extensions) {
-	    PORT_Free(inCertReq->certTemplate.extensions);
-	}
-	if (inCertReq->controls) {
-	    /* Right now we don't support EnveloppedData option,
-	     * so we won't go through and delete each occurrence of 
-	     * an EnveloppedData in the control.
-	     */
-	    PORT_Free(inCertReq->controls);
-	}
-	if (inCertReq->poolp) {
-	    PORT_FreeArena(inCertReq->poolp, PR_TRUE);
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-crmf_template_add_version(PRArenaPool *poolp, SECItem *dest, long version)
-{
-    return (crmf_encode_integer(poolp, dest, version));
-}
-
-static SECStatus
-crmf_template_add_serialnumber(PRArenaPool *poolp, SECItem *dest, long serial)
-{
-    return (crmf_encode_integer(poolp, dest, serial));
-}
-
-SECStatus
-crmf_template_copy_secalg (PRArenaPool *poolp, SECAlgorithmID **dest, 
-			   SECAlgorithmID* src)
-{
-    SECStatus         rv;
-    void             *mark = NULL;
-    SECAlgorithmID   *mySecAlg;
-
-    if (poolp != NULL) {
-        mark = PORT_ArenaMark(poolp);
-    }
-    *dest = mySecAlg = PORT_ArenaZNew(poolp, SECAlgorithmID);
-    if (mySecAlg == NULL) {
-        goto loser;
-    }
-    rv = SECOID_CopyAlgorithmID(poolp, mySecAlg, src);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    if (mark) {
-        PORT_ArenaUnmark(poolp, mark);
-    }
-    return SECSuccess;
-
- loser:
-    *dest = NULL;
-    if (mark) {
-        PORT_ArenaRelease(poolp, mark);
-    }
-    return SECFailure;
-}
-
-SECStatus
-crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest, 
-		    CERTName *src)
-{
-    CERTName *newName;
-    SECStatus rv;
-    void     *mark;
-
-    mark = PORT_ArenaMark(poolp);
-    *dest = newName = PORT_ArenaZNew(poolp, CERTName);
-    if (newName == NULL) {
-        goto loser;
-    }
-
-    rv = CERT_CopyName(poolp, newName, src);
-    if (rv != SECSuccess) {
-      goto loser;
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    *dest = NULL;
-    return SECFailure;
-}
-
-static SECStatus
-crmf_template_add_issuer (PRArenaPool *poolp, CERTName **dest, 
-			  CERTName* issuerName)
-{
-    return crmf_copy_cert_name(poolp, dest, issuerName);
-}
-
-
-static SECStatus
-crmf_encode_utctime(PRArenaPool *poolp, SECItem *destTime, PRTime time)
-{
-    SECItem   tmpItem;
-    SECStatus rv;
-
-
-    rv = DER_TimeToUTCTime (&tmpItem, time);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    rv = SECITEM_CopyItem(poolp, destTime, &tmpItem);
-    PORT_Free(tmpItem.data);
-    return rv;
-}
-
-static SECStatus
-crmf_template_add_validity (PRArenaPool *poolp, CRMFOptionalValidity **dest,
-			    CRMFValidityCreationInfo *info)
-{
-    SECStatus             rv;
-    void                 *mark; 
-    CRMFOptionalValidity *myValidity;
-
-    /*First off, let's make sure at least one of the two fields is present*/
-    if (!info  || (!info->notBefore && !info->notAfter)) {
-        return SECFailure;
-    }
-    mark = PORT_ArenaMark (poolp);
-    *dest = myValidity = PORT_ArenaZNew(poolp, CRMFOptionalValidity);
-    if (myValidity == NULL) {
-        goto loser;
-    }
-
-    if (info->notBefore) {
-        rv = crmf_encode_utctime (poolp, &myValidity->notBefore, 
-				  *info->notBefore);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    if (info->notAfter) {
-        rv = crmf_encode_utctime (poolp, &myValidity->notAfter,
-				  *info->notAfter);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    *dest = NULL;
-    return SECFailure;
-}
-
-static SECStatus
-crmf_template_add_subject (PRArenaPool *poolp, CERTName **dest,
-			   CERTName *subject)
-{
-    return crmf_copy_cert_name(poolp, dest, subject);
-}
-
-SECStatus
-crmf_template_add_public_key(PRArenaPool *poolp, 
-			     CERTSubjectPublicKeyInfo **dest,
-			     CERTSubjectPublicKeyInfo  *pubKey)
-{
-    CERTSubjectPublicKeyInfo *spki;
-    SECStatus rv;
-
-    *dest = spki = (poolp == NULL) ?
-                              PORT_ZNew(CERTSubjectPublicKeyInfo) :
-                              PORT_ArenaZNew (poolp, CERTSubjectPublicKeyInfo);
-    if (spki == NULL) {
-        goto loser;
-    }
-    rv = SECKEY_CopySubjectPublicKeyInfo (poolp, spki, pubKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return SECSuccess;
- loser:
-    if (poolp == NULL && spki != NULL) {
-        SECKEY_DestroySubjectPublicKeyInfo(spki);
-    }
-    *dest = NULL;
-    return SECFailure;
-}
-
-static SECStatus
-crmf_copy_bitstring (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
-    SECStatus rv;
-    int origLenBits, numBytesToCopy;
-    
-    origLenBits = src->len;
-    numBytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
-    rv = crmf_copy_secitem(poolp, dest, src);
-    src->len = origLenBits;
-    dest->len = origLenBits;
-    return rv;
-}
-
-static SECStatus
-crmf_template_add_issuer_uid(PRArenaPool *poolp, SECItem *dest,
-			     SECItem *issuerUID)
-{
-    return crmf_copy_bitstring (poolp, dest, issuerUID);
-}
-
-static SECStatus
-crmf_template_add_subject_uid(PRArenaPool *poolp, SECItem *dest, 
-			      SECItem *subjectUID)
-{
-    return crmf_copy_bitstring (poolp, dest, subjectUID);
-}
-
-static void
-crmf_zeroize_new_extensions (CRMFCertExtension **extensions,
-			     int numToZeroize) 
-{
-    PORT_Memset((void*)extensions, 0, sizeof(CERTCertExtension*)*numToZeroize);
-}
-
-/*
- * The strategy for adding templates will differ from all the other
- * attributes in the template.  First, we want to allow the client
- * of this API to set extensions more than just once.  So we will
- * need the ability grow the array of extensions.  Since arenas don't
- * give us the realloc function, we'll use the generic PORT_* functions
- * to allocate the array of pointers *ONLY*.  Then we will allocate each
- * individual extension from the arena that comes along with the certReq
- * structure that owns this template.
- */
-static SECStatus
-crmf_template_add_extensions(PRArenaPool *poolp, CRMFCertTemplate *inTemplate,
-			     CRMFCertExtCreationInfo *extensions)
-{
-    void               *mark;
-    int                 newSize, oldSize, i;
-    SECStatus           rv;
-    CRMFCertExtension **extArray;
-    CRMFCertExtension  *newExt, *currExt;
-
-    mark = PORT_ArenaMark(poolp);
-    if (inTemplate->extensions == NULL) {
-        newSize = extensions->numExtensions;
-        extArray = PORT_ZNewArray(CRMFCertExtension*,newSize+1);
-    } else {
-        newSize = inTemplate->numExtensions + extensions->numExtensions;
-        extArray = PORT_Realloc(inTemplate->extensions, 
-				sizeof(CRMFCertExtension*)*(newSize+1));
-    }
-    if (extArray == NULL) {
-        goto loser;
-    }
-    oldSize                   = inTemplate->numExtensions;
-    inTemplate->extensions    = extArray;
-    inTemplate->numExtensions = newSize;
-    for (i=oldSize; i < newSize; i++) {
-        newExt = PORT_ArenaZNew(poolp, CRMFCertExtension);
-	if (newExt == NULL) {
-	    goto loser2;
-	}
-	currExt = extensions->extensions[i-oldSize];
-	rv = crmf_copy_secitem(poolp, &(newExt->id), &(currExt->id));
-	if (rv != SECSuccess) {
-	    goto loser2;
-	}
-	rv = crmf_copy_secitem(poolp, &(newExt->critical),
-			       &(currExt->critical));
-	if (rv != SECSuccess) {
-	    goto loser2;
-	}
-	rv = crmf_copy_secitem(poolp, &(newExt->value), &(currExt->value));
-	if (rv != SECSuccess) {
-	    goto loser2;
-	}
-	extArray[i] = newExt;
-    }
-    extArray[newSize] = NULL;
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
- loser2:
-    crmf_zeroize_new_extensions (&(inTemplate->extensions[oldSize]),
-				 extensions->numExtensions);
-    inTemplate->numExtensions = oldSize;
- loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestSetTemplateField(CRMFCertRequest       *inCertReq, 
-				 CRMFCertTemplateField  inTemplateField,
-				 void                  *data)
-{
-    CRMFCertTemplate *certTemplate;
-    PRArenaPool      *poolp;
-    SECStatus         rv = SECFailure;
-    void             *mark;
-    
-
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-
-    certTemplate = &(inCertReq->certTemplate);
-
-    poolp = inCertReq->poolp;
-    mark = PORT_ArenaMark(poolp);
-    switch (inTemplateField) {
-    case crmfVersion:
-      rv = crmf_template_add_version(poolp,&(certTemplate->version), 
-				     *(long*)data);
-      break;
-    case crmfSerialNumber:
-      rv = crmf_template_add_serialnumber(poolp, 
-					  &(certTemplate->serialNumber),
-					  *(long*)data);
-      break;
-    case crmfSigningAlg:
-      rv = crmf_template_copy_secalg (poolp, &(certTemplate->signingAlg),
-				      (SECAlgorithmID*)data);
-      break;
-    case crmfIssuer:
-      rv = crmf_template_add_issuer (poolp, &(certTemplate->issuer), 
-				     (CERTName*)data);
-      break;
-    case crmfValidity:
-      rv = crmf_template_add_validity (poolp, &(certTemplate->validity),
-				       (CRMFValidityCreationInfo*)data);
-      break;
-    case crmfSubject:
-      rv = crmf_template_add_subject (poolp, &(certTemplate->subject),
-				      (CERTName*)data);
-      break;
-    case crmfPublicKey:
-      rv = crmf_template_add_public_key(poolp, &(certTemplate->publicKey),
-					(CERTSubjectPublicKeyInfo*)data);
-      break;
-    case crmfIssuerUID:
-      rv = crmf_template_add_issuer_uid(poolp, &(certTemplate->issuerUID),
-					(SECItem*)data);
-      break;
-    case crmfSubjectUID:
-      rv = crmf_template_add_subject_uid(poolp, &(certTemplate->subjectUID),
-					 (SECItem*)data);
-      break;
-    case crmfExtension:
-      rv = crmf_template_add_extensions(poolp, certTemplate, 
-					(CRMFCertExtCreationInfo*)data);
-      break;
-    }
-    if (rv != SECSuccess) {
-        PORT_ArenaRelease(poolp, mark);
-    } else {
-        PORT_ArenaUnmark(poolp, mark);
-    }
-    return rv;
-}
-
-SECStatus
-CRMF_CertReqMsgSetCertRequest (CRMFCertReqMsg  *inCertReqMsg, 
-			       CRMFCertRequest *inCertReq)
-{
-    PORT_Assert (inCertReqMsg != NULL && inCertReq != NULL);
-    if (inCertReqMsg == NULL || inCertReq == NULL) {
-        return SECFailure;
-    }
-    inCertReqMsg->certReq = crmf_copy_cert_request(inCertReqMsg->poolp,
-						   inCertReq);
-    return (inCertReqMsg->certReq == NULL) ? SECFailure : SECSuccess;
-}
-
-CRMFCertReqMsg*
-CRMF_CreateCertReqMsg(void)
-{
-    PRArenaPool    *poolp;
-    CRMFCertReqMsg *reqMsg;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        goto loser;
-    }
-    reqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
-    if (reqMsg == NULL) {
-        goto loser;
-    }
-    reqMsg->poolp = poolp;
-    return reqMsg;
-    
- loser:
-    if (poolp) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-SECStatus 
-CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg)
-{
-    PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->poolp != NULL);
-    if (!inCertReqMsg->isDecoded) {
-        if (inCertReqMsg->certReq->certTemplate.extensions != NULL) {
-	    PORT_Free(inCertReqMsg->certReq->certTemplate.extensions);
-	}
-	if (inCertReqMsg->certReq->controls != NULL) {
-	    PORT_Free(inCertReqMsg->certReq->controls);
-	}
-    }
-    PORT_FreeArena(inCertReqMsg->poolp, PR_TRUE);
-    return SECSuccess;
-}
-
-CRMFCertExtension*
-crmf_create_cert_extension(PRArenaPool *poolp, 
-			   SECOidTag    id,
-			   PRBool       isCritical,
-			   SECItem     *data)
-{
-    CRMFCertExtension *newExt;
-    SECOidData        *oidData;
-    SECStatus          rv;
-
-    newExt = (poolp == NULL) ? PORT_ZNew(CRMFCertExtension) :
-                               PORT_ArenaZNew(poolp, CRMFCertExtension);
-    if (newExt == NULL) {
-        goto loser;
-    }
-    oidData = SECOID_FindOIDByTag(id);
-    if (oidData == NULL || 
-	oidData->supportedExtension != SUPPORTED_CERT_EXTENSION) {
-       goto loser;
-    }
-
-    rv = SECITEM_CopyItem(poolp, &(newExt->id), &(oidData->oid));
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = SECITEM_CopyItem(poolp, &(newExt->value), data);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    if (isCritical) {
-        newExt->critical.data = (poolp == NULL) ? 
-	                                PORT_New(unsigned char) :
-	                                PORT_ArenaNew(poolp, unsigned char);
-	if (newExt->critical.data == NULL) {
-	    goto loser;
-	}
-	newExt->critical.data[0] = hexTrue;
-	newExt->critical.len = 1;
-    }
-    return newExt;
- loser:
-    if (newExt != NULL && poolp == NULL) {
-        CRMF_DestroyCertExtension(newExt);
-    }
-    return NULL;
-}
-
-CRMFCertExtension *
-CRMF_CreateCertExtension(SECOidTag id,
-			 PRBool    isCritical,
-			 SECItem  *data) 
-{
-    return crmf_create_cert_extension(NULL, id, isCritical, data);
-}
-
-SECStatus
-crmf_destroy_cert_extension(CRMFCertExtension *inExtension, PRBool freeit)
-{
-    if (inExtension != NULL) {
-        SECITEM_FreeItem (&(inExtension->id), PR_FALSE);
-	SECITEM_FreeItem (&(inExtension->value), PR_FALSE);
-	SECITEM_FreeItem (&(inExtension->critical), PR_FALSE);
-	if (freeit) {
-	    PORT_Free(inExtension);
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyCertExtension(CRMFCertExtension *inExtension)
-{
-    return crmf_destroy_cert_extension(inExtension, PR_TRUE);
-}
-
-SECStatus
-CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs) 
-{
-    PORT_Assert (inCertReqMsgs != NULL);
-    if (inCertReqMsgs != NULL) {
-        PORT_FreeArena(inCertReqMsgs->poolp, PR_TRUE);
-    }
-    return SECSuccess;
-}
-
-static PRBool
-crmf_item_has_data(SECItem *item)
-{
-    if (item != NULL && item->data != NULL) {
-        return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-PRBool
-CRMF_CertRequestIsFieldPresent(CRMFCertRequest       *inCertReq,
-			       CRMFCertTemplateField  inTemplateField)
-{
-    PRBool             retVal;
-    CRMFCertTemplate *certTemplate;
-
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        /* This is probably some kind of error, but this is 
-	 * the safest return value for this function.
-	 */
-        return PR_FALSE;
-    }
-    certTemplate = &inCertReq->certTemplate;
-    switch (inTemplateField) {
-    case crmfVersion:
-      retVal = crmf_item_has_data(&certTemplate->version);
-      break;
-    case crmfSerialNumber:
-      retVal = crmf_item_has_data(&certTemplate->serialNumber);
-      break;
-    case crmfSigningAlg:
-      retVal = IS_NOT_NULL(certTemplate->signingAlg);
-      break;
-    case crmfIssuer:
-      retVal = IS_NOT_NULL(certTemplate->issuer);
-      break;
-    case crmfValidity:
-      retVal = IS_NOT_NULL(certTemplate->validity);
-      break;
-    case crmfSubject:
-      retVal = IS_NOT_NULL(certTemplate->subject);
-      break;
-    case crmfPublicKey:
-      retVal = IS_NOT_NULL(certTemplate->publicKey);
-      break;
-    case crmfIssuerUID:
-      retVal = crmf_item_has_data(&certTemplate->issuerUID);
-      break;
-    case crmfSubjectUID:
-      retVal = crmf_item_has_data(&certTemplate->subjectUID);
-      break;
-    case crmfExtension:
-      retVal = IS_NOT_NULL(certTemplate->extensions);
-      break;
-    default:
-      retVal = PR_FALSE;
-    }
-    return retVal;
-}
diff --git a/security/nss/lib/crmf/crmft.h b/security/nss/lib/crmf/crmft.h
deleted file mode 100644
index 3bc4d3826..000000000
--- a/security/nss/lib/crmf/crmft.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/* Header file with all of the structures and types that will be exported 
- * by the security library for implementation of CRMF.
- */
-
-#ifndef _CRMFT_H_
-#define _CRMFT_H_
-
-/* Use these enumerated values for adding fields to the certificate request */
-typedef enum {
-    crmfVersion = 0,
-    crmfSerialNumber = 1,
-    crmfSigningAlg = 2,
-    crmfIssuer = 3,
-    crmfValidity = 4,
-    crmfSubject = 5,
-    crmfPublicKey = 6,
-    crmfIssuerUID = 7,
-    crmfSubjectUID = 8,
-    crmfExtension = 9
-} CRMFCertTemplateField;
-
-/*
- * An enumeration for the different types of controls.
- */
-typedef enum {
-    crmfNoControl = 0,
-    crmfRegTokenControl = 1,
-    crmfAuthenticatorControl = 2,
-    crmfPKIPublicationInfoControl = 3,
-    crmfPKIArchiveOptionsControl = 4,
-    crmfOldCertIDControl = 5,
-    crmfProtocolEncrKeyControl = 6
-} CRMFControlType;
-
-/*
- * The possible values that are passed into CRMF_CreatePKIPublicationInfo
- */
-typedef enum {
-    crmfDontPublish = 0,
-    crmfPleasePublish = 1
-} CRMFPublicationAction;
-
-/*
- * An enumeration for the possible for pubMethod which is a part of 
- * the SinglePubInfo ASN1 type.
- */
-typedef enum {
-    crmfDontCare = 0,
-    crmfX500 = 1,
-    crmfWeb = 2,
-    crmfLdap = 3
-} CRMFPublicationMethod;
-
-/*
- * An enumeration for the different options for PKIArchiveOptions type.
- */
-typedef enum {
-    crmfNoArchiveOptions = 0,
-    crmfEncryptedPrivateKey = 1,
-    crmfKeyGenParameters = 2,
-    crmfArchiveRemGenPrivKey = 3
-} CRMFPKIArchiveOptionsType;
-
-/*
- * An enumeration for the different options for ProofOfPossession
- */
-typedef enum {
-    crmfNoPOPChoice = 0,
-    crmfRAVerified = 1,
-    crmfSignature = 2,
-    crmfKeyEncipherment = 3,
-    crmfKeyAgreement = 4
-} CRMFPOPChoice;
-
-/*
- * An enumertion type for options for the authInfo field of the 
- * CRMFPOPOSigningKeyInput structure.
- */
-typedef enum {
-    crmfSender = 0,
-    crmfPublicKeyMAC = 1
-} CRMFPOPOSkiInputAuthChoice;
-
-/*
- * An enumeration for the SubsequentMessage Options.
- */
-typedef enum {
-    crmfNoSubseqMess = 0,
-    crmfEncrCert = 1,
-    crmfChallengeResp = 2
-} CRMFSubseqMessOptions;
-
-/*
- * An enumeration for the choice used by POPOPrivKey.
- */
-typedef enum {
-    crmfNoMessage = 0,
-    crmfThisMessage = 1,
-    crmfSubsequentMessage = 2,
-    crmfDHMAC = 3
-} CRMFPOPOPrivKeyChoice;
-
-/*
- * An enumeration for the choices for the EncryptedKey type.
- */
-typedef enum {
-    crmfNoEncryptedKeyChoice = 0,
-    crmfEncryptedValueChoice = 1,
-    crmfEnvelopedDataChoice = 2
-} CRMFEncryptedKeyChoice;
-
-/*
- * TYPE: CRMFEncoderOutputCallback
- *     This function type defines a prototype for a function that the CRMF
- *     library expects when encoding is performed.
- *
- * ARGUMENTS:
- *     arg
- *         This will be a pointer the user passed into an encoding function.
- *         The user of the library is free to use this pointer in any way.
- *         The most common use is to keep around a buffer for writing out
- *         the DER encoded bytes.
- *     buf
- *         The DER encoded bytes that should be written out.
- *     len
- *         The number of DER encoded bytes to write out.
- *
- */
-typedef void (*CRMFEncoderOutputCallback) (void *arg,
-					   const char *buf,
-					   unsigned long len);
-
-/*
- * Type for the function that gets a password.  Just in case we ever
- * need to support publicKeyMAC for POPOSigningKeyInput
- */
-typedef SECItem* (*CRMFMACPasswordCallback) (void *arg);
-
-typedef struct CRMFOptionalValidityStr      CRMFOptionalValidity;
-typedef struct CRMFValidityCreationInfoStr  CRMFGetValidity;
-typedef struct CRMFCertTemplateStr          CRMFCertTemplate;
-typedef struct CRMFCertRequestStr           CRMFCertRequest;
-typedef struct CRMFCertReqMsgStr            CRMFCertReqMsg;
-typedef struct CRMFCertReqMessagesStr       CRMFCertReqMessages;
-typedef struct CRMFProofOfPossessionStr     CRMFProofOfPossession;
-typedef struct CRMFPOPOSigningKeyStr        CRMFPOPOSigningKey;
-typedef struct CRMFPOPOSigningKeyInputStr   CRMFPOPOSigningKeyInput;
-typedef struct CRMFPOPOPrivKeyStr           CRMFPOPOPrivKey;
-typedef struct CRMFPKIPublicationInfoStr    CRMFPKIPublicationInfo;
-typedef struct CRMFSinglePubInfoStr         CRMFSinglePubInfo;
-typedef struct CRMFPKIArchiveOptionsStr     CRMFPKIArchiveOptions;
-typedef struct CRMFEncryptedKeyStr          CRMFEncryptedKey;
-typedef struct CRMFEncryptedValueStr        CRMFEncryptedValue;
-typedef struct CRMFCertIDStr                CRMFCertID;
-typedef struct CRMFCertIDStr                CRMFOldCertID;
-typedef CERTSubjectPublicKeyInfo            CRMFProtocolEncrKey;
-typedef struct CRMFValidityCreationInfoStr  CRMFValidityCreationInfo;
-typedef struct CRMFCertExtCreationInfoStr   CRMFCertExtCreationInfo;
-typedef struct CRMFPKMACValueStr            CRMFPKMACValue;
-typedef struct CRMFAttributeStr             CRMFAttribute;
-typedef struct CRMFControlStr               CRMFControl;
-typedef CERTGeneralName                     CRMFGeneralName;
-typedef struct CRMFCertExtensionStr         CRMFCertExtension;
-
-struct CRMFValidityCreationInfoStr {
-    PRTime *notBefore;
-    PRTime *notAfter;
-};
-
-struct CRMFCertExtCreationInfoStr {
-    CRMFCertExtension **extensions;
-    int numExtensions;
-};
-
-/*
- * Some ASN1 Templates that may be needed.
- */
-extern const SEC_ASN1Template CRMFCertReqMessagesTemplate[];
-extern const SEC_ASN1Template CRMFCertRequestTemplate[];
-
-
-#endif /*_CRMFT_H_*/
diff --git a/security/nss/lib/crmf/crmftmpl.c b/security/nss/lib/crmf/crmftmpl.c
deleted file mode 100644
index a65a074a1..000000000
--- a/security/nss/lib/crmf/crmftmpl.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secoid.h"
-#include "secasn1.h"
-
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(SEC_NullTemplate)
-SEC_ASN1_MKSUB(SEC_BitStringTemplate)
-SEC_ASN1_MKSUB(SEC_IntegerTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_UTCTimeTemplate)
-SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate)
-SEC_ASN1_MKSUB(CERT_NameTemplate)
-
-/* 
- * It's all implicit tagging.
- */
-
-const SEC_ASN1Template CRMFControlTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl)},
-    { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag)},
-    { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) },
-    { 0 }
-};
-
-static const SEC_ASN1Template CRMFCertExtensionTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CRMFCertExtension) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(CRMFCertExtension,id) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
-	  offsetof(CRMFCertExtension,critical) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(CRMFCertExtension,value) },
-    { 0, }
-};
-
-static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate }
-};
-
-static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFOptionalValidity) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
-      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0, 
-      offsetof (CRMFOptionalValidity, notBefore),
-      SEC_ASN1_SUB(SEC_UTCTimeTemplate) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
-      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1, 
-      offsetof (CRMFOptionalValidity, notAfter),
-      SEC_ASN1_SUB(SEC_UTCTimeTemplate) },
-    { 0 }
-};
-
-static const SEC_ASN1Template crmfPointerToNameTemplate[] = {
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate)},
-    { 0 }
-};
-
-static const SEC_ASN1Template CRMFCertTemplateTemplate[] = {
-   { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) },
-   { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 
-     offsetof(CRMFCertTemplate, version), 
-     SEC_ASN1_SUB(SEC_IntegerTemplate) },
-   { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1 ,
-     offsetof (CRMFCertTemplate, serialNumber), 
-     SEC_ASN1_SUB(SEC_IntegerTemplate) },
-   { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 
-     SEC_ASN1_XTRN | 2, 
-     offsetof (CRMFCertTemplate, signingAlg), 
-     SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-   { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 
-     SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3, 
-     offsetof (CRMFCertTemplate, issuer), crmfPointerToNameTemplate },
-   { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4, 
-     offsetof (CRMFCertTemplate, validity), 
-     CRMFOptionalValidityTemplate },
-   { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 
-     SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5, 
-     offsetof (CRMFCertTemplate, subject), crmfPointerToNameTemplate },
-   { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 
-     SEC_ASN1_XTRN | 6, 
-     offsetof (CRMFCertTemplate, publicKey), 
-     SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) }, 
-   { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 
-     SEC_ASN1_XTRN | 7,
-     offsetof (CRMFCertTemplate, issuerUID), 
-     SEC_ASN1_SUB(SEC_BitStringTemplate) },
-   { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
-     SEC_ASN1_XTRN | 8,
-     offsetof (CRMFCertTemplate, subjectUID), 
-     SEC_ASN1_SUB(SEC_BitStringTemplate) },
-   { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | 
-     SEC_ASN1_CONTEXT_SPECIFIC | 9, 
-     offsetof (CRMFCertTemplate, extensions), 
-     CRMFSequenceOfCertExtensionTemplate },
-   { 0 }
-};
-
-static const SEC_ASN1Template CRMFAttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute)},
-    { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag)},
-    { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFCertRequestTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFCertRequest) },
-    { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId)},
-    { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate), 
-      CRMFCertTemplateTemplate},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
-      offsetof(CRMFCertRequest,controls), 
-      CRMFControlTemplate}, /* SEQUENCE SIZE (1...MAX)*/
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFCertReqMsgTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) },
-    { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq),
-      CRMFCertRequestTemplate },
-    { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
-      offsetof(CRMFCertReqMsg, derPOP) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
-      offsetof(CRMFCertReqMsg, regInfo), 
-      CRMFAttributeTemplate}, /* SEQUENCE SIZE (1...MAX)*/
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages), 
-      CRMFCertReqMsgTemplate, sizeof (CRMFCertReqMessages)}
-};
-
-static const SEC_ASN1Template CRMFPOPOSigningKeyInputTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL,sizeof(CRMFPOPOSigningKeyInput) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-      SEC_ASN1_CONTEXT_SPECIFIC | 0,
-      offsetof(CRMFPOPOSigningKeyInput, authInfo.sender) },
-    { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL | 1,
-      offsetof (CRMFPOPOSigningKeyInput, authInfo.publicKeyMAC) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN, 
-      offsetof(CRMFPOPOSigningKeyInput, publicKey), 
-      SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFRAVerifiedTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN, 
-      0,
-      SEC_ASN1_SUB(SEC_NullTemplate) },
-    { 0 }
-};
-
-
-/* This template will need to add POPOSigningKeyInput eventually, maybe*/
-static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) },
-    { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 
-      SEC_ASN1_XTRN | 0,
-      offsetof(CRMFPOPOSigningKey, derInput), 
-      SEC_ASN1_SUB(SEC_AnyTemplate) },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 
-      offsetof(CRMFPOPOSigningKey, algorithmIdentifier),
-      SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN, 
-      offsetof(CRMFPOPOSigningKey, signature),
-      SEC_ASN1_SUB(SEC_BitStringTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | 1,
-      0,
-      crmfPOPOSigningKeyTemplate},
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFThisMessageTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-      0,
-      SEC_ASN1_SUB(SEC_BitStringTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
-      0, 
-      SEC_ASN1_SUB(SEC_IntegerTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFDHMACTemplate[] = {
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-      0,
-      SEC_ASN1_SUB(SEC_BitStringTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 
-      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
-      0,
-      SEC_ASN1_SUB(SEC_AnyTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 
-      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3,
-      0,
-      SEC_ASN1_SUB(SEC_AnyTemplate)},
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFEncryptedValueTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue)},
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 
-      SEC_ASN1_XTRN | 0,
-      offsetof(CRMFEncryptedValue, intendedAlg), 
-      SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 
-      SEC_ASN1_XTRN | 1,
-      offsetof (CRMFEncryptedValue, symmAlg), 
-      SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | 
-      SEC_ASN1_XTRN | 2, 
-      offsetof(CRMFEncryptedValue, encSymmKey), 
-      SEC_ASN1_SUB(SEC_BitStringTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 
-      SEC_ASN1_XTRN | 3,
-      offsetof(CRMFEncryptedValue, keyAlg), 
-      SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 
-      SEC_ASN1_XTRN | 4,
-      offsetof(CRMFEncryptedValue, valueHint),
-      SEC_ASN1_SUB(SEC_OctetStringTemplate) },
-    { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) },
-    { 0 }
-};
-
-const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate [] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 
-      SEC_ASN1_CONTEXT_SPECIFIC | 0,
-      0,
-      CRMFEncryptedValueTemplate},
-    { 0 }
-};
-
-static const SEC_ASN1Template CRMFSinglePubInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFSinglePubInfo)},
-    { SEC_ASN1_INTEGER, offsetof(CRMFSinglePubInfo, pubMethod) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC,
-      offsetof(CRMFSinglePubInfo, pubLocation) },
-    { 0 }
-};
-
-static const SEC_ASN1Template CRMFPublicationInfoTemplate[] ={ 
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPKIPublicationInfo) },
-    { SEC_ASN1_INTEGER, offsetof(CRMFPKIPublicationInfo, action) },
-    { SEC_ASN1_POINTER, offsetof(CRMFPKIPublicationInfo, pubInfos),
-      CRMFSinglePubInfoTemplate},
-    { 0 }
-};
diff --git a/security/nss/lib/crmf/encutil.c b/security/nss/lib/crmf/encutil.c
deleted file mode 100644
index 7862e1482..000000000
--- a/security/nss/lib/crmf/encutil.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secasn1.h"
-#include "crmf.h"
-#include "crmfi.h"
-
-void
-crmf_encoder_out(void *arg, const char *buf, unsigned long len,
-		 int depth, SEC_ASN1EncodingPart data_kind)
-{
-    struct crmfEncoderOutput *output;
-
-    output = (struct crmfEncoderOutput*) arg;
-    output->fn (output->outputArg, buf, len);
-}
-
-SECStatus
-cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
-		 const SEC_ASN1Template *inTemplate)
-{
-    struct crmfEncoderOutput output;
-
-    PORT_Assert(src != NULL);
-    if (src == NULL) {
-        return SECFailure;
-    }
-    output.fn        = inCallback;
-    output.outputArg = inArg;
-    return SEC_ASN1Encode(src, inTemplate, crmf_encoder_out, &output);    
-}
-
diff --git a/security/nss/lib/crmf/manifest.mn b/security/nss/lib/crmf/manifest.mn
deleted file mode 100644
index 67e145d09..000000000
--- a/security/nss/lib/crmf/manifest.mn
+++ /dev/null
@@ -1,73 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS = \
-	crmf.h	\
-	crmft.h	\
-	cmmf.h  \
-	cmmft.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	crmfi.h   \
-	crmfit.h  \
-	cmmfi.h   \
-	cmmfit.h  \
-	$(NULL)
-
-CSRCS = crmfenc.c	\
-	crmftmpl.c	\
-	crmfreq.c	\
-	crmfpop.c	\
-	crmfdec.c	\
-	crmfget.c	\
-	crmfcont.c	\
-	cmmfasn1.c	\
-	cmmfresp.c	\
-	cmmfrec.c	\
-	cmmfchal.c	\
-	servget.c	\
-	encutil.c	\
-	respcli.c	\
-	respcmn.c	\
-	challcli.c	\
-	asn1cmn.c	\
-	$(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = crmf
diff --git a/security/nss/lib/crmf/respcli.c b/security/nss/lib/crmf/respcli.c
deleted file mode 100644
index 9dac74a5e..000000000
--- a/security/nss/lib/crmf/respcli.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/*
- * This file will contain all routines needed by a client that has 
- * to parse a CMMFCertRepContent structure and retirieve the appropriate
- * data.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-
-CMMFCertRepContent*
-CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db, const char *buf, 
-				 long len)
-{
-    PRArenaPool        *poolp;
-    CMMFCertRepContent *certRepContent;
-    SECStatus           rv;
-    int                 i;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    certRepContent = PORT_ArenaZNew(poolp, CMMFCertRepContent);
-    if (certRepContent == NULL) {
-        goto loser;
-    }
-    certRepContent->poolp = poolp;
-    rv = SEC_ASN1Decode(poolp, certRepContent, CMMFCertRepContentTemplate,
-			buf, len);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    if (certRepContent->response != NULL) {
-        for (i=0; certRepContent->response[i] != NULL; i++) {
-	    rv = cmmf_decode_process_cert_response(poolp, db,
-					       certRepContent->response[i]);
-	    if (rv != SECSuccess) {
-	        goto loser;
-	    }
-	}
-    }
-    certRepContent->isDecoded = PR_TRUE;
-    return certRepContent;
- loser:
-    PORT_FreeArena(poolp, PR_FALSE);
-    return NULL;
-}
-
-long
-CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp)
-{
-    PORT_Assert(inCertResp != NULL);
-    if (inCertResp == NULL) {
-        return -1;
-    }
-    return DER_GetInteger(&inCertResp->certReqId);
-}
-
-PRBool
-cmmf_CertRepContentIsIndexValid(CMMFCertRepContent *inCertRepContent,
-                                int                 inIndex)
-{
-    int numResponses;
-
-    PORT_Assert(inCertRepContent != NULL);
-    numResponses = CMMF_CertRepContentGetNumResponses(inCertRepContent);
-    return (PRBool)(inIndex >= 0 && inIndex < numResponses);
-}
-
-CMMFCertResponse*
-CMMF_CertRepContentGetResponseAtIndex(CMMFCertRepContent *inCertRepContent,
-				      int                 inIndex)
-{
-    CMMFCertResponse *certResponse;
-    SECStatus         rv;
-
-    PORT_Assert(inCertRepContent != NULL &&
-		cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex));
-    if (inCertRepContent == NULL ||
-	!cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex)) {
-        return NULL;
-    }
-    certResponse = PORT_ZNew(CMMFCertResponse);
-    rv = cmmf_CopyCertResponse(NULL, certResponse, 
-			       inCertRepContent->response[inIndex]);
-    if (rv != SECSuccess) {
-        CMMF_DestroyCertResponse(certResponse);
-	certResponse = NULL;
-    }
-    return certResponse;
-}
-
-CMMFPKIStatus
-CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp)
-{
-    PORT_Assert(inCertResp != NULL);
-    if (inCertResp == NULL) {
-        return cmmfNoPKIStatus;
-    }
-    return cmmf_PKIStatusInfoGetStatus(&inCertResp->status);
-}
-
-CERTCertificate*
-CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
-				CERTCertDBHandle *inCertdb)
-{
-    PORT_Assert(inCertResp != NULL);
-    if (inCertResp == NULL || inCertResp->certifiedKeyPair == NULL) {
-        return NULL;
-    }
-    
-    return cmmf_CertOrEncCertGetCertificate
-                                (&inCertResp->certifiedKeyPair->certOrEncCert,
-				 inCertdb);
-				   
-}
-
-CERTCertList*
-CMMF_CertRepContentGetCAPubs (CMMFCertRepContent *inCertRepContent)
-{
-    PORT_Assert (inCertRepContent != NULL);
-    if (inCertRepContent == NULL || inCertRepContent->caPubs == NULL) {
-        return NULL;
-    }
-    return cmmf_MakeCertList(inCertRepContent->caPubs);
-}
-
diff --git a/security/nss/lib/crmf/respcmn.c b/security/nss/lib/crmf/respcmn.c
deleted file mode 100644
index 871ece3ec..000000000
--- a/security/nss/lib/crmf/respcmn.c
+++ /dev/null
@@ -1,416 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "secder.h"
-
-SECStatus 
-cmmf_DestroyPKIStatusInfo (CMMFPKIStatusInfo *info, PRBool freeit)
-{
-    if (info->status.data != NULL) {
-        PORT_Free(info->status.data);
-    }
-    if (info->statusString.data != NULL) {
-        PORT_Free(info->statusString.data);
-    }
-    if (info->failInfo.data != NULL) {
-        PORT_Free(info->failInfo.data);
-    }
-    if (freeit) {
-        PORT_Free(info);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
-{
-    PORT_Assert(inCertResp != NULL);
-    if (inCertResp != NULL) {
-        if (inCertResp->certReqId.data != NULL) {
-	    PORT_Free(inCertResp->certReqId.data);
-	}
-	cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
-	if (inCertResp->certifiedKeyPair != NULL) {
-	    CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
-	}
-	PORT_Free(inCertResp);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
-{
-    CMMFCertifiedKeyPair *certKeyPair;
-    int i;
-
-    PORT_Assert(inCertRepContent != NULL);
-    if (inCertRepContent != NULL && inCertRepContent->poolp != NULL) {
-	if (!inCertRepContent->isDecoded) {
-	  if (inCertRepContent->response != NULL) {
-	    for (i=0; inCertRepContent->response[i] != NULL; i++) {
-	        certKeyPair = inCertRepContent->response[i]->certifiedKeyPair;
-		if (certKeyPair != NULL                    &&
-		    certKeyPair->certOrEncCert.choice == cmmfCertificate &&
-		    certKeyPair->certOrEncCert.cert.certificate != NULL) {
-		    CERT_DestroyCertificate
-		                 (certKeyPair->certOrEncCert.cert.certificate);
-		}
-	    }
-	  }
-	  if (inCertRepContent->caPubs != NULL) {
-	    for (i=0; inCertRepContent->caPubs[i] != NULL; i++) {
-	        CERT_DestroyCertificate(inCertRepContent->caPubs[i]);
-	    }
-	  }
-	}
-        PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
-{
-    PORT_Assert(inDecKeyCont != NULL);
-    if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
-        PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-crmf_create_prtime(SECItem *src, PRTime **dest)
-{
-   *dest = PORT_ZNew(PRTime);
-    return DER_UTCTimeToTime(*dest, src);
-}
-
-CRMFCertExtension*
-crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension)
-{
-    PRBool             isCritical;
-    SECOidTag          id;
-    SECItem           *data;
-    CRMFCertExtension *newExt;
-
-    PORT_Assert(inExtension != NULL);
-    if (inExtension == NULL) {
-        return NULL;
-    }
-    id         = CRMF_CertExtensionGetOidTag(inExtension);
-    isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
-    data       = CRMF_CertExtensionGetValue(inExtension);
-    newExt = crmf_create_cert_extension(poolp, id, 
-					isCritical,
-					data);
-    SECITEM_FreeItem(data, PR_TRUE);
-    return newExt;    
-}
-
-static SECItem*
-cmmf_encode_certificate(CERTCertificate *inCert)
-{
-    return SEC_ASN1EncodeItem(NULL, NULL, inCert, 
-			      SEC_ASN1_GET(SEC_SignedCertificateTemplate));
-}
-
-CERTCertList*
-cmmf_MakeCertList(CERTCertificate **inCerts)
-{
-    CERTCertList    *certList;
-    CERTCertificate *currCert;
-    SECItem         *derCert, *freeCert = NULL;
-    SECStatus        rv;
-    int              i;
-
-    certList = CERT_NewCertList();
-    if (certList == NULL) {
-        return NULL;
-    }
-    for (i=0; inCerts[i] != NULL; i++) {
-        derCert = &inCerts[i]->derCert;
-	if (derCert->data == NULL) {
-	    derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
-	}
-	currCert=CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-	                                 derCert, NULL, PR_FALSE, PR_TRUE);
-	if (freeCert != NULL) {
-	    SECITEM_FreeItem(freeCert, PR_TRUE);
-	    freeCert = NULL;
-	}
-	if (currCert == NULL) {
-	    goto loser;
-	}
-	rv = CERT_AddCertToListTail(certList, currCert);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-    return certList;
- loser:
-    CERT_DestroyCertList(certList);
-    return NULL;
-}
-
-CMMFPKIStatus
-cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
-{
-    long derVal;
-
-    derVal = DER_GetInteger(&inStatus->status);
-    if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
-        return cmmfNoPKIStatus;
-    }
-    return (CMMFPKIStatus)derVal;
-}
-
-int
-CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
-{
-    int numResponses = 0;
-    PORT_Assert (inCertRepContent != NULL);
-    if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
-        while (inCertRepContent->response[numResponses] != NULL) {
-	    numResponses++;
-	}
-    }
-    return numResponses;
-}
-
-
-SECStatus
-cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
-{
-    switch (certOrEncCert->choice) {
-    case cmmfCertificate:
-        CERT_DestroyCertificate(certOrEncCert->cert.certificate);
-	break;
-    case cmmfEncryptedCert:
-        crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
-				     PR_TRUE);
-	break;
-    default:
-        break;
-    }
-    if (freeit) {
-        PORT_Free(certOrEncCert);
-    }
-    return SECSuccess;
-}
-
-SECStatus
-cmmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
-    SECStatus rv;
-
-    if (src->data != NULL) {
-        rv = SECITEM_CopyItem(poolp, dest, src);
-    } else {
-        dest->data = NULL;
-	dest->len  = 0;
-	rv = SECSuccess;
-    }
-    return rv;
-}
-
-SECStatus
-CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
-{
-    PORT_Assert(inCertKeyPair != NULL);
-    if (inCertKeyPair != NULL) {
-        cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
-    }
-    if (inCertKeyPair->privateKey) {
-        crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
-    }
-    if (inCertKeyPair->derPublicationInfo.data) {
-        PORT_Free(inCertKeyPair->derPublicationInfo.data);
-    }
-    PORT_Free(inCertKeyPair);
-    return SECSuccess;
-}
-
-SECStatus
-cmmf_CopyCertResponse(PRArenaPool      *poolp, 
-		      CMMFCertResponse *dest,
-		      CMMFCertResponse *src)
-{
-    SECStatus rv;
-
-    if (src->certReqId.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-    }
-    rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    if (src->certifiedKeyPair != NULL) {
-        dest->certifiedKeyPair = (poolp == NULL) ?
-                                  PORT_ZNew(CMMFCertifiedKeyPair) :
-	                          PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
-	if (dest->certifiedKeyPair == NULL) {
-	    return SECFailure;
-	}
-        rv = cmmf_CopyCertifiedKeyPair(poolp, dest->certifiedKeyPair,
-				       src->certifiedKeyPair);
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-cmmf_CopyCertOrEncCert(PRArenaPool *poolp, CMMFCertOrEncCert *dest,
-		       CMMFCertOrEncCert *src)
-{
-    SECStatus           rv = SECSuccess;
-    CRMFEncryptedValue *encVal;
-
-    dest->choice = src->choice;
-    rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
-    switch (src->choice) {
-    case cmmfCertificate:
-        dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
-	break;
-    case cmmfEncryptedCert:
-        dest->cert.encryptedCert = encVal = (poolp == NULL) ?
-	                             PORT_ZNew(CRMFEncryptedValue) :
-				     PORT_ArenaZNew(poolp, CRMFEncryptedValue);
-	if (encVal == NULL) {
-	    return SECFailure;
-	}
-        rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-	break;
-    default:
-        rv = SECFailure;
-    }
-    return rv;
-}
-
-SECStatus
-cmmf_CopyCertifiedKeyPair(PRArenaPool *poolp, CMMFCertifiedKeyPair *dest,
-			  CMMFCertifiedKeyPair *src)
-{
-    SECStatus rv;
-
-    rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert, 
-				&src->certOrEncCert);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-
-    if (src->privateKey != NULL) {
-        CRMFEncryptedValue *encVal;
-
-	encVal = dest->privateKey = (poolp == NULL) ?
-	                             PORT_ZNew(CRMFEncryptedValue) :
-                                     PORT_ArenaZNew(poolp, CRMFEncryptedValue);
-	if (encVal == NULL) {
-	    return SECFailure;
-	}
-        rv = crmf_copy_encryptedvalue(poolp, src->privateKey, 
-				      dest->privateKey);
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-    }
-    rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo, 
-			   &src->derPublicationInfo);
-    return rv;
-}
-
-SECStatus
-cmmf_CopyPKIStatusInfo(PRArenaPool *poolp, CMMFPKIStatusInfo *dest,
-		       CMMFPKIStatusInfo *src)
-{
-    SECStatus rv;
-
-    rv = cmmf_copy_secitem (poolp, &dest->status, &src->status);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    rv = cmmf_copy_secitem (poolp, &dest->statusString, &src->statusString);
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    rv = cmmf_copy_secitem (poolp, &dest->failInfo, &src->failInfo);
-    return rv;
-}
-
-CERTCertificate*
-cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
-				 CERTCertDBHandle  *certdb)
-{
-    if (certOrEncCert->choice           != cmmfCertificate || 
-	certOrEncCert->cert.certificate == NULL) {
-        return NULL;
-    }
-    return CERT_NewTempCertificate(certdb,
-				   &certOrEncCert->cert.certificate->derCert,
-				   NULL, PR_FALSE, PR_TRUE);
-}
-
-SECStatus 
-cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo    *statusInfo,
-			    PRArenaPool          *poolp,
-			    CMMFPKIStatus         inStatus)
-{
-    SECItem *dummy;
-    
-    if (inStatus <cmmfGranted || inStatus >= cmmfNumPKIStatus) {
-        return SECFailure;
-    }
-
-    dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus); 
-    PORT_Assert(dummy == &statusInfo->status);
-    if (dummy != &statusInfo->status) {
-        SECITEM_FreeItem(dummy, PR_TRUE);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-
diff --git a/security/nss/lib/crmf/servget.c b/security/nss/lib/crmf/servget.c
deleted file mode 100644
index 7b863d337..000000000
--- a/security/nss/lib/crmf/servget.c
+++ /dev/null
@@ -1,1008 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-#include "secder.h"
-
-CRMFEncryptedKeyChoice
-CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey)
-{
-    PORT_Assert(inEncrKey != NULL);
-    if (inEncrKey == NULL) {
-        return crmfNoEncryptedKeyChoice;
-    }
-    return inEncrKey->encKeyChoice;
-}
-
-CRMFEncryptedValue*
-CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inEncrKey)
-{
-    CRMFEncryptedValue *newEncrValue = NULL;
-    SECStatus           rv;
-
-    PORT_Assert(inEncrKey != NULL);
-    if (inEncrKey == NULL ||
-	CRMF_EncryptedKeyGetChoice(inEncrKey) != crmfEncryptedValueChoice) {
-        goto loser;
-    }
-    newEncrValue = PORT_ZNew(CRMFEncryptedValue);
-    if (newEncrValue == NULL) {
-        goto loser;
-    }
-    rv = crmf_copy_encryptedvalue(NULL, &inEncrKey->value.encryptedValue,
-				  newEncrValue);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newEncrValue;
- loser:
-    if (newEncrValue != NULL) {
-        CRMF_DestroyEncryptedValue(newEncrValue);
-    }
-    return NULL;
-}
-
-static SECItem*
-crmf_get_encvalue_bitstring(SECItem *srcItem)
-{
-    SECItem   *newItem = NULL;
-    SECStatus rv;
-    
-    if (srcItem->data == NULL) {
-        return NULL;
-    }
-    newItem = PORT_ZNew(SECItem);
-    if (newItem == NULL) {
-        goto loser;
-    }
-    rv = crmf_make_bitstring_copy(NULL, newItem, srcItem);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newItem;
- loser:
-    if (newItem != NULL) {
-        SECITEM_FreeItem(newItem, PR_TRUE);
-    }
-    return NULL;
-}
-
-SECItem*
-CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue)
-{
-    if (inEncValue == NULL) {
-        return NULL;
-    }
-    return crmf_get_encvalue_bitstring(&inEncValue->encSymmKey);
-}
-
-SECItem*
-CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncrValue)
-{
-    if (inEncrValue == NULL || inEncrValue->encValue.data == NULL) {
-        return NULL;
-    }
-    return crmf_get_encvalue_bitstring(&inEncrValue->encValue);
-}
-
-static SECAlgorithmID*
-crmf_get_encvalue_algid(SECAlgorithmID *srcAlg)
-{
-    SECStatus       rv;
-    SECAlgorithmID *newAlgID;
-    
-    if (srcAlg == NULL) {
-        return NULL;
-    }
-    rv = crmf_copy_encryptedvalue_secalg(NULL, srcAlg, &newAlgID);
-    if (rv != SECSuccess) {
-        return NULL;
-    }
-    return newAlgID;
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue)
-{
-    if (inEncValue == NULL) {
-        return NULL;
-    }
-    return crmf_get_encvalue_algid(inEncValue->intendedAlg);
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue)
-{
-    if (inEncValue == NULL) {
-        return NULL;
-    }
-    return crmf_get_encvalue_algid(inEncValue->keyAlg);
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue)
-{
-    if (inEncValue == NULL) {
-        return NULL;
-    }
-    return crmf_get_encvalue_algid(inEncValue->symmAlg);
-}
-
-SECItem*
-CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue)
-{
-    if (inEncValue == NULL || inEncValue->valueHint.data == NULL) {
-        return NULL;
-    }
-    return SECITEM_DupItem(&inEncValue->valueHint);
-}
-
-SECStatus
-CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt, 
-					      PRBool                *destVal)
-{
-    if (inOpt == NULL || destVal == NULL ||
-	CRMF_PKIArchiveOptionsGetOptionType(inOpt) != crmfArchiveRemGenPrivKey){
-        return SECFailure;
-    }
-    *destVal = (inOpt->option.archiveRemGenPrivKey.data[0] == hexFalse) 
-                                                                 ? PR_FALSE:
-                                                                   PR_TRUE;
-    return SECSuccess;
-}
-			     
-CRMFEncryptedKey*
-CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts)
-{
-    CRMFEncryptedKey *newEncrKey = NULL;
-    SECStatus         rv;
-
-    PORT_Assert(inOpts != NULL);
-    if (inOpts == NULL ||
-	CRMF_PKIArchiveOptionsGetOptionType(inOpts) != crmfEncryptedPrivateKey){
-        return NULL;
-    }
-    newEncrKey = PORT_ZNew(CRMFEncryptedKey);
-    if (newEncrKey == NULL) {
-        goto loser;
-    }
-    rv = crmf_copy_encryptedkey(NULL, &inOpts->option.encryptedKey,
-				newEncrKey);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newEncrKey;
- loser:
-    if (newEncrKey != NULL) {
-        CRMF_DestroyEncryptedKey(newEncrKey);
-    }
-    return NULL;
-}
-
-SECItem*
-CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions)
-{
-    if (inOptions == NULL ||
-	CRMF_PKIArchiveOptionsGetOptionType(inOptions) != crmfKeyGenParameters ||
-	inOptions->option.keyGenParameters.data == NULL) {
-        return NULL;
-    }
-    return SECITEM_DupItem(&inOptions->option.keyGenParameters);
-}
-
-CRMFPKIArchiveOptionsType
-CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions)
-{
-    PORT_Assert (inOptions != NULL);
-    if (inOptions == NULL) {
-        return crmfNoArchiveOptions;
-    }
-    return inOptions->archOption;
-}
-
-static SECStatus
-crmf_extract_long_from_item(SECItem *intItem, long *destLong)
-{
-    *destLong = DER_GetInteger(intItem);
-    return (*destLong == -1) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CRMF_POPOPrivGetKeySubseqMess(CRMFPOPOPrivKey       *inKey,
-			      CRMFSubseqMessOptions *destOpt)
-{
-    long      value;
-    SECStatus rv;
-
-    PORT_Assert(inKey != NULL);
-    if (inKey == NULL ||
-	inKey->messageChoice != crmfSubsequentMessage) {
-        return SECFailure;
-    }
-    rv = crmf_extract_long_from_item(&inKey->message.subsequentMessage,&value);
-    if (rv != SECSuccess) {
-        return SECFailure;
-    }
-    switch (value) {
-    case 0:
-        *destOpt = crmfEncrCert;
-	break;
-    case 1:
-        *destOpt = crmfChallengeResp;
-	break;
-    default:
-        rv = SECFailure;
-    }
-    if (rv != SECSuccess) {
-        return rv;
-    }
-    return SECSuccess;
-}
-
-CRMFPOPOPrivKeyChoice
-CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inPrivKey)
-{
-    PORT_Assert(inPrivKey != NULL);
-    if (inPrivKey != NULL) {
-        return inPrivKey->messageChoice;
-    }
-    return crmfNoMessage;
-}
-
-SECStatus
-CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey, SECItem *destMAC)
-{
-    PORT_Assert(inKey != NULL);
-    if (inKey == NULL || inKey->message.dhMAC.data == NULL) {
-        return SECFailure;
-    }
-    return crmf_make_bitstring_copy(NULL, destMAC, &inKey->message.dhMAC);
-}
-
-SECStatus
-CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey  *inKey,
-			       SECItem          *destString)
-{
-    PORT_Assert(inKey != NULL);
-    if (inKey == NULL           ||
-	inKey->messageChoice != crmfThisMessage) {
-        return SECFailure;
-    }
-
-    return crmf_make_bitstring_copy(NULL, destString, 
-				    &inKey->message.thisMessage);
-}
-
-SECAlgorithmID*
-CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey)
-{
-    SECAlgorithmID *newAlgId = NULL;
-    SECStatus       rv;
-
-    PORT_Assert(inSignKey != NULL);
-    if (inSignKey == NULL) {
-        return NULL;
-    }
-    newAlgId = PORT_ZNew(SECAlgorithmID);
-    if (newAlgId == NULL) {
-        goto loser;
-    }
-    rv = SECOID_CopyAlgorithmID(NULL, newAlgId, 
-				inSignKey->algorithmIdentifier);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newAlgId;
-
- loser:
-    if (newAlgId != NULL) {
-        SECOID_DestroyAlgorithmID(newAlgId, PR_TRUE);
-    }
-    return NULL;
-}
-
-SECItem*
-CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey)
-{
-    PORT_Assert(inSignKey != NULL);
-    if (inSignKey == NULL || inSignKey->derInput.data == NULL) {
-        return NULL;
-    }
-    return SECITEM_DupItem(&inSignKey->derInput);
-}
-
-SECItem*
-CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey)
-{
-    SECItem   *newSig = NULL;
-    SECStatus  rv;
-
-    PORT_Assert(inSignKey != NULL);
-    if (inSignKey == NULL) {
-        return NULL;
-    }
-    newSig = PORT_ZNew(SECItem);
-    if (newSig == NULL) {
-        goto loser;
-    }
-    rv = crmf_make_bitstring_copy(NULL, newSig, &inSignKey->signature);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newSig;
- loser:
-    if (newSig != NULL) {
-        SECITEM_FreeItem(newSig, PR_TRUE);
-    }
-    return NULL;
-}
-
-static SECStatus 
-crmf_copy_poposigningkey(PRArenaPool        *poolp, 
-			 CRMFPOPOSigningKey *inPopoSignKey,
-			 CRMFPOPOSigningKey *destPopoSignKey)
-{
-    SECStatus rv;
-
-    /* We don't support use of the POPOSigningKeyInput, so we'll only 
-     * store away the DER encoding.
-     */
-    if (inPopoSignKey->derInput.data != NULL) {
-        rv = SECITEM_CopyItem(poolp, &destPopoSignKey->derInput, 
-			      &inPopoSignKey->derInput);
-    }
-    destPopoSignKey->algorithmIdentifier = (poolp == NULL) ? 
-                                         PORT_ZNew(SECAlgorithmID) :
-                                         PORT_ArenaZNew(poolp, SECAlgorithmID);
-
-    if (destPopoSignKey->algorithmIdentifier == NULL) {
-        goto loser;
-    }
-    rv = SECOID_CopyAlgorithmID(poolp, destPopoSignKey->algorithmIdentifier,
-				inPopoSignKey->algorithmIdentifier);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    
-    rv = crmf_make_bitstring_copy(poolp, &destPopoSignKey->signature, 
-				  &inPopoSignKey->signature);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return SECSuccess;
- loser:
-    if (destPopoSignKey && poolp == NULL) {
-        CRMF_DestroyPOPOSigningKey(destPopoSignKey);
-    }
-    return SECFailure;
-}
-
-static SECStatus
-crmf_copy_popoprivkey(PRArenaPool     *poolp,
-		      CRMFPOPOPrivKey *srcPrivKey,
-		      CRMFPOPOPrivKey *destPrivKey)
-{
-    SECStatus        rv;
-
-    destPrivKey->messageChoice = srcPrivKey->messageChoice;
-    switch (destPrivKey->messageChoice) {
-    case crmfThisMessage:
-    case crmfDHMAC:
-        /* I've got a union, so taking the address of one, will also give
-	 * me a pointer to the other (eg, message.dhMAC)
-	 */
-        rv = crmf_make_bitstring_copy(poolp, &destPrivKey->message.thisMessage,
-				      &srcPrivKey->message.thisMessage);
-	break;
-    case crmfSubsequentMessage:
-        rv = SECITEM_CopyItem(poolp, &destPrivKey->message.subsequentMessage,
-			      &srcPrivKey->message.subsequentMessage);
-	break;
-    default:
-        rv = SECFailure;
-    }
-
-    if (rv != SECSuccess) {
-        if (destPrivKey && poolp == NULL) {
-	    CRMF_DestroyPOPOPrivKey(destPrivKey);
-	}
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static CRMFProofOfPossession*
-crmf_copy_pop(PRArenaPool *poolp, CRMFProofOfPossession *srcPOP)
-{
-    CRMFProofOfPossession *newPOP;
-    SECStatus              rv;
-
-    /* 
-     * Proof Of Possession structures are always part of the Request
-     * message, so there will always be an arena for allocating memory.
-     */
-    if (poolp == NULL) {
-        return NULL;
-    }
-    newPOP = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
-    if (newPOP == NULL) {
-        return NULL;
-    }
-    switch (srcPOP->popUsed) {
-    case crmfRAVerified:
-        newPOP->popChoice.raVerified.data = NULL;
-	newPOP->popChoice.raVerified.len  = 0;
-	break;
-    case crmfSignature:
-        rv = crmf_copy_poposigningkey(poolp, &srcPOP->popChoice.signature,
-				      &newPOP->popChoice.signature);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-	break;
-    case crmfKeyEncipherment:
-    case crmfKeyAgreement:
-        /* We've got a union, so a pointer to one, is a pointer to the
-	 * other one.
-	 */
-        rv = crmf_copy_popoprivkey(poolp, &srcPOP->popChoice.keyEncipherment,
-				   &newPOP->popChoice.keyEncipherment);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-	break;
-    default:
-        goto loser;
-    }
-    newPOP->popUsed = srcPOP->popUsed;
-    return newPOP;
-
- loser:
-    return NULL;
-}
-
-static CRMFCertReqMsg*
-crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg)
-{
-    CRMFCertReqMsg *newReqMsg;
-    PRArenaPool    *poolp;
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        return NULL;
-    }
-    newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
-    newReqMsg->poolp = poolp;
-    if (newReqMsg == NULL) {
-        goto loser;
-    }
-    newReqMsg->certReq = crmf_copy_cert_request(poolp, srcReqMsg->certReq);
-    if (newReqMsg->certReq == NULL) {
-        goto loser;
-    }
-    newReqMsg->pop = crmf_copy_pop(poolp, srcReqMsg->pop);
-    if (newReqMsg->pop == NULL) {
-        goto loser;
-    }
-    /* None of my set/get routines operate on the regInfo field, so
-     * for now, that won't get copied over.
-     */
-    return newReqMsg;
-
- loser:
-    if (newReqMsg != NULL) {
-        CRMF_DestroyCertReqMsg(newReqMsg);
-    }
-    return NULL;
-}
-
-CRMFCertReqMsg*
-CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
-					 int                  index)
-{
-    int numMsgs;
-
-    PORT_Assert(inReqMsgs != NULL && index >= 0);
-    if (inReqMsgs == NULL) {
-        return NULL;
-    }
-    numMsgs = CRMF_CertReqMessagesGetNumMessages(inReqMsgs);
-    if (index < 0 || index >= numMsgs) {
-        return NULL;
-    }
-    return crmf_copy_cert_req_msg(inReqMsgs->messages[index]);
-}
-
-int
-CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs)
-{
-    int numMessages = 0;
-
-    PORT_Assert(inCertReqMsgs != NULL);
-    if (inCertReqMsgs == NULL) {
-        return 0;
-    }
-    while (inCertReqMsgs->messages[numMessages] != NULL) {
-        numMessages++;
-    }
-    return numMessages;
-}
-
-CRMFCertRequest*
-CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg)
-{
-    PRArenaPool     *poolp      = NULL;
-    CRMFCertRequest *newCertReq = NULL;
-
-    PORT_Assert(inCertReqMsg != NULL);
-
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-    if (poolp == NULL) {
-        goto loser;
-    }
-    newCertReq = crmf_copy_cert_request(poolp, inCertReqMsg->certReq);
-    if (newCertReq == NULL) {
-        goto loser;
-    }
-    newCertReq->poolp = poolp;
-    return newCertReq;
- loser:
-    if (poolp != NULL) {
-        PORT_FreeArena(poolp, PR_FALSE);
-    }
-    return NULL;
-}
-
-SECStatus
-CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg, long *destID)
-{
-    PORT_Assert(inCertReqMsg != NULL && destID != NULL);
-    if (inCertReqMsg == NULL || inCertReqMsg->certReq == NULL) {
-        return SECFailure;
-    }
-    return crmf_extract_long_from_item(&inCertReqMsg->certReq->certReqId, 
-				       destID);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg   *inCertReqMsg,
-				  CRMFPOPOPrivKey **destKey)
-{
-    PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
-    if (inCertReqMsg == NULL || destKey == NULL ||
-	CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyAgreement) {
-        return SECFailure;
-    }
-    *destKey = PORT_ZNew(CRMFPOPOPrivKey);
-    if (*destKey == NULL) {
-        return SECFailure;
-    }
-    return crmf_copy_popoprivkey(NULL,
-				 &inCertReqMsg->pop->popChoice.keyAgreement,
-				 *destKey);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg   *inCertReqMsg,
-				     CRMFPOPOPrivKey **destKey)
-{
-    PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
-    if (inCertReqMsg == NULL || destKey == NULL ||
-	CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyEncipherment) {
-        return SECFailure;
-    }
-    *destKey = PORT_ZNew(CRMFPOPOPrivKey);
-    if (destKey == NULL) {
-       return SECFailure;
-    }
-    return crmf_copy_popoprivkey(NULL,
-				 &inCertReqMsg->pop->popChoice.keyEncipherment,
-				 *destKey);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg      *inCertReqMsg,
-				 CRMFPOPOSigningKey **destKey)
-{
-    CRMFProofOfPossession *pop;
-    PORT_Assert(inCertReqMsg != NULL);
-    if (inCertReqMsg  == NULL) {
-        return SECFailure;
-    }
-    pop = inCertReqMsg->pop;;
-    if (pop->popUsed != crmfSignature) {
-        return SECFailure;
-    }
-    *destKey = PORT_ZNew(CRMFPOPOSigningKey);
-    if (*destKey == NULL) {
-        return SECFailure;
-    }
-    return crmf_copy_poposigningkey(NULL,&pop->popChoice.signature, *destKey);
-}
-
-static SECStatus
-crmf_copy_name(CERTName *destName, CERTName *srcName)
-{
-  PRArenaPool *poolp = NULL;
-  SECStatus rv;
-
-  if (destName->arena != NULL) {
-    poolp = destName->arena;
-  } else {
-    poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
-  }
-  if (poolp == NULL) {
-    return SECFailure;
-  }
-  /* Need to do this so that CERT_CopyName doesn't free out
-   * the arena from underneath us.
-   */
-  destName->arena = NULL;
-  rv = CERT_CopyName(poolp, destName, srcName); 
-  destName->arena = poolp;
-  return rv;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
-				      CERTName        *destIssuer)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuer)) {
-        return crmf_copy_name(destIssuer, 
-			      inCertReq->certTemplate.issuer);
-    }
-    return SECFailure;
-}
-
-SECStatus 
-CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
-					 SECItem         *destIssuerUID)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuerUID)) {
-        return crmf_make_bitstring_copy(NULL, destIssuerUID,
-					&inCertReq->certTemplate.issuerUID);
-    }
-    return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest          *inCertReq,
-				       CERTSubjectPublicKeyInfo *destPublicKey)
-{
-    PORT_Assert (inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfPublicKey)) {
-        return SECKEY_CopySubjectPublicKeyInfo(NULL, destPublicKey,
-					inCertReq->certTemplate.publicKey);
-    }
-    return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
-					    long            *serialNumber)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfSerialNumber)) {
-        return 
-	  crmf_extract_long_from_item(&inCertReq->certTemplate.serialNumber,
-				      serialNumber);
-    }
-    return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
-					  SECAlgorithmID  *destAlg)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfSigningAlg)) {
-        return SECOID_CopyAlgorithmID(NULL, destAlg, 
-				      inCertReq->certTemplate.signingAlg);
-    }
-    return SECFailure;
-}
-
-SECStatus 
-CRMF_CertRequestGetCertTemplateSubject(CRMFCertRequest *inCertReq,
-				       CERTName        *destSubject)
-{
-  PORT_Assert(inCertReq != NULL);
-  if (inCertReq == NULL) {
-      return SECFailure;
-  }
-  if (CRMF_DoesRequestHaveField(inCertReq, crmfSubject)) {
-      return crmf_copy_name(destSubject, inCertReq->certTemplate.subject);
-  }
-  return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
-					  SECItem         *destSubjectUID)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfSubjectUID)) {
-        return crmf_make_bitstring_copy(NULL, destSubjectUID, 
-					&inCertReq->certTemplate.subjectUID);
-    }
-    return SECFailure;
-}
-
-SECStatus 
-CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq, 
-				       long            *version)
-{
-    PORT_Assert (inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfVersion)) {
-        return crmf_extract_long_from_item(&inCertReq->certTemplate.version,
-					   version);
-    } 
-    return SECFailure;
-}
-
-static SECStatus
-crmf_copy_validity(CRMFGetValidity      *destValidity,
-		   CRMFOptionalValidity *src)
-{
-    SECStatus rv;
-    
-    destValidity->notBefore = destValidity->notAfter = NULL;
-    if (src->notBefore.data != NULL) {
-        rv = crmf_create_prtime(&src->notBefore, 
-				&destValidity->notBefore);
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-    }
-    if (src->notAfter.data != NULL) {
-        rv = crmf_create_prtime(&src->notAfter,
-				&destValidity->notAfter);
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
-					CRMFGetValidity *destValidity)
-{
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return SECFailure;
-    }
-    if (CRMF_DoesRequestHaveField(inCertReq, crmfValidity)) {
-        return crmf_copy_validity(destValidity, 
-				  inCertReq->certTemplate.validity);
-    }
-    return SECFailure;
-}
-
-CRMFControl*
-CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, int index)
-{
-    CRMFControl *newControl, *srcControl;
-    int          numControls;
-    SECStatus    rv;
-
-    PORT_Assert(inCertReq != NULL);
-    if (inCertReq == NULL) {
-        return NULL;
-    }
-    numControls = CRMF_CertRequestGetNumControls(inCertReq);
-    if (index >= numControls || index < 0) {
-        return NULL;
-    }
-    newControl = PORT_ZNew(CRMFControl);
-    if (newControl == NULL) {
-        return NULL;
-    }
-    srcControl = inCertReq->controls[index];
-    newControl->tag = srcControl->tag;
-    rv = SECITEM_CopyItem (NULL, &newControl->derTag, &srcControl->derTag);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
-    rv = SECITEM_CopyItem(NULL, &newControl->derValue, 
-			  &srcControl->derValue);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    /* Copy over the PKIArchiveOptions stuff */
-    switch (srcControl->tag) {
-    case SEC_OID_PKIX_REGCTRL_REGTOKEN:
-    case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
-        /* No further processing necessary for these types. */
-        rv = SECSuccess;
-	break;
-    case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
-    case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
-    case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
-        /* These aren't supported yet, so no post-processing will
-	 * be done at this time.  But we don't want to fail in case
-	 * we read in DER that has one of these options.
-	 */
-        rv = SECSuccess;
-	break;
-    case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
-        rv = crmf_copy_pkiarchiveoptions(NULL, 
-					 &newControl->value.archiveOptions,
-					 &srcControl->value.archiveOptions);
-	break;
-    default:
-        rv = SECFailure;
-    }
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-    return newControl;
- loser:
-    if (newControl != NULL) {
-        CRMF_DestroyControl(newControl);
-    }
-    return NULL;
-}
-
-static SECItem*
-crmf_copy_control_value(CRMFControl *inControl)
-{
-    return SECITEM_DupItem(&inControl->derValue);
-}
-
-SECItem*
-CRMF_ControlGetAuthenticatorControlValue(CRMFControl *inControl)
-{
-    PORT_Assert (inControl!= NULL);
-    if (inControl == NULL ||
-	CRMF_ControlGetControlType(inControl) != crmfAuthenticatorControl) {
-        return NULL;
-    }
-    return crmf_copy_control_value(inControl);
-}
-
-CRMFControlType
-CRMF_ControlGetControlType(CRMFControl *inControl)
-{
-    CRMFControlType retType;
-
-    PORT_Assert(inControl != NULL);
-    switch (inControl->tag) {
-    case SEC_OID_PKIX_REGCTRL_REGTOKEN:
-        retType = crmfRegTokenControl;
-	break;
-    case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
-        retType = crmfAuthenticatorControl;
-	break;
-    case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
-        retType = crmfPKIPublicationInfoControl;
-	break;
-    case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
-        retType = crmfPKIArchiveOptionsControl;
-	break;
-    case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
-        retType = crmfOldCertIDControl;
-	break;
-    case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
-        retType = crmfProtocolEncrKeyControl;
-	break;
-    default:
-        retType = crmfNoControl;
-    }
-    return retType;
-}
-
-CRMFPKIArchiveOptions*
-CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl)
-{
-    CRMFPKIArchiveOptions *newOpt = NULL;
-    SECStatus rv;
-
-    PORT_Assert(inControl != NULL);
-    if (inControl == NULL ||
-	CRMF_ControlGetControlType(inControl) != crmfPKIArchiveOptionsControl){
-        goto loser;
-    }
-    newOpt = PORT_ZNew(CRMFPKIArchiveOptions);
-    if (newOpt == NULL) {
-        goto loser;
-    }
-    rv = crmf_copy_pkiarchiveoptions(NULL, newOpt, 
-				     &inControl->value.archiveOptions);
-    if (rv != SECSuccess) {
-        goto loser;
-    }
-
- loser:
-    if (newOpt != NULL) {
-        CRMF_DestroyPKIArchiveOptions(newOpt);
-    }
-    return NULL;
-}
-
-SECItem*
-CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl)
-{
-    PORT_Assert(inControl != NULL);
-    if (inControl == NULL ||
-	CRMF_ControlGetControlType(inControl) != crmfRegTokenControl) {
-        return NULL;
-    }
-    return crmf_copy_control_value(inControl);;
-}
-
-CRMFCertExtension*
-CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
-				    int              index)
-{
-    int numExtensions;
-
-    PORT_Assert(inCertReq != NULL);
-    numExtensions = CRMF_CertRequestGetNumberOfExtensions(inCertReq);
-    if (index >= numExtensions || index < 0) {
-        return NULL;
-    }
-    return 
-      crmf_copy_cert_extension(NULL, 
-			       inCertReq->certTemplate.extensions[index]);
-}
-
diff --git a/security/nss/lib/cryptohi/Makefile b/security/nss/lib/cryptohi/Makefile
deleted file mode 100644
index ced902117..000000000
--- a/security/nss/lib/cryptohi/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-export:: private_export
-
diff --git a/security/nss/lib/cryptohi/config.mk b/security/nss/lib/cryptohi/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/cryptohi/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/cryptohi/cryptohi.h b/security/nss/lib/cryptohi/cryptohi.h
deleted file mode 100644
index 28359cb65..000000000
--- a/security/nss/lib/cryptohi/cryptohi.h
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _CRYPTOHI_H_
-#define _CRYPTOHI_H_
-
-#include "blapi.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "cryptoht.h"
-#include "keyt.h"
-#include "certt.h"
-
-
-SEC_BEGIN_PROTOS
-
-
-/****************************************/
-/*
-** DER encode/decode DSA signatures
-*/
-
-/* ANSI X9.57 defines DSA signatures as DER encoded data.  Our DSA code (and
- * most of the rest of the world) just generates 40 bytes of raw data.  These
- * functions convert between formats.
- */
-extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
-extern SECItem *DSAU_DecodeDerSig(SECItem *item);
-
-
-
-/****************************************/
-/*
-** Signature creation operations
-*/
-
-/*
-** Create a new signature context used for signing a data stream.
-**	"alg" the signature algorithm to use (e.g. SEC_OID_RSA_WITH_MD5)
-**	"privKey" the private key to use
-*/
-extern SGNContext *SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *privKey);
-
-/*
-** Destroy a signature-context object
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SGN_DestroyContext(SGNContext *cx, PRBool freeit);
-
-/*
-** Reset the signing context "cx" to its initial state, preparing it for
-** another stream of data.
-*/
-extern SECStatus SGN_Begin(SGNContext *cx);
-
-/*
-** Update the signing context with more data to sign.
-**	"cx" the context
-**	"input" the input data to sign
-**	"inputLen" the length of the input data
-*/
-extern SECStatus SGN_Update(SGNContext *cx, unsigned char *input,
-			   unsigned int inputLen);
-
-/*
-** Finish the signature process. Use either k0 or k1 to sign the data
-** stream that was input using SGN_Update. The resulting signature is
-** formatted using PKCS#1 and then encrypted using RSA private or public
-** encryption.
-**	"cx" the context
-**	"result" the final signature data (memory is allocated)
-*/
-extern SECStatus SGN_End(SGNContext *cx, SECItem *result);
-
-/*
-** Sign a single block of data using private key encryption and given
-** signature/hash algorithm.
-**	"result" the final signature data (memory is allocated)
-**	"buf" the input data to sign
-**	"len" the amount of data to sign
-**	"pk" the private key to encrypt with
-**	"algid" the signature/hash algorithm to sign with 
-**		(must be compatible with the key type).
-*/
-extern SECStatus SEC_SignData(SECItem *result, unsigned char *buf, int len,
-			     SECKEYPrivateKey *pk, SECOidTag algid);
-
-/*
-** Sign a pre-digested block of data using private key encryption, encoding
-**  The given signature/hash algorithm.
-**	"result" the final signature data (memory is allocated)
-**	"digest" the digest to sign
-**	"pk" the private key to encrypt with
-**	"algtag" The algorithm tag to encode (need for RSA only)
-*/
-extern SECStatus SGN_Digest(SECKEYPrivateKey *privKey,
-                SECOidTag algtag, SECItem *result, SECItem *digest);
-
-/*
-** DER sign a single block of data using private key encryption and the
-** MD5 hashing algorithm. This routine first computes a digital signature
-** using SEC_SignData, then wraps it with an CERTSignedData and then der
-** encodes the result.
-**	"arena" is the memory arena to use to allocate data from
-** 	"result" the final der encoded data (memory is allocated)
-** 	"buf" the input data to sign
-** 	"len" the amount of data to sign
-** 	"pk" the private key to encrypt with
-*/
-extern SECStatus SEC_DerSignData(PRArenaPool *arena, SECItem *result,
-				unsigned char *buf, int len,
-				SECKEYPrivateKey *pk, SECOidTag algid);
-
-/*
-** Destroy a signed-data object.
-**	"sd" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SEC_DestroySignedData(CERTSignedData *sd, PRBool freeit);
-
-/****************************************/
-/*
-** Signature verification operations
-*/
-
-/*
-** Create a signature verification context.
-**	"key" the public key to verify with
-**	"sig" the encrypted signature data if sig is NULL then
-**	   VFY_EndWithSignature must be called with the correct signature at
-**	   the end of the processing.
-**	"algid" specifies the signing algorithm to use.  This must match
-**	    the key type.
-**	"wincx" void pointer to the window context
-*/
-extern VFYContext *VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig,
-				     SECOidTag algid, void *wincx);
-
-/*
-** Destroy a verification-context object.
-**	"cx" the context to destroy
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void VFY_DestroyContext(VFYContext *cx, PRBool freeit);
-
-extern SECStatus VFY_Begin(VFYContext *cx);
-
-/*
-** Update a verification context with more input data. The input data
-** is fed to a secure hash function (depending on what was in the
-** encrypted signature data).
-**	"cx" the context
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus VFY_Update(VFYContext *cx, unsigned char *input,
-			    unsigned int inputLen);
-
-/*
-** Finish the verification process. The return value is a status which
-** indicates success or failure. On success, the SECSuccess value is
-** returned. Otherwise, SECFailure is returned and the error code found
-** using PORT_GetError() indicates what failure occurred.
-** 	"cx" the context
-*/
-extern SECStatus VFY_End(VFYContext *cx);
-
-/*
-** Finish the verification process. The return value is a status which
-** indicates success or failure. On success, the SECSuccess value is
-** returned. Otherwise, SECFailure is returned and the error code found
-** using PORT_GetError() indicates what failure occurred. If signature is
-** supplied the verification uses this signature to verify, otherwise the
-** signature passed in VFY_CreateContext() is used. 
-** VFY_EndWithSignature(cx,NULL); is identical to VFY_End(cx);.
-** 	"cx" the context
-** 	"sig" the encrypted signature data
-*/
-extern SECStatus VFY_EndWithSignature(VFYContext *cx, SECItem *sig);
-
-
-/*
-** Verify the signature on a block of data for which we already have
-** the digest. The signature data is an RSA private key encrypted
-** block of data formatted according to PKCS#1.
-** 	"dig" the digest
-** 	"key" the public key to check the signature with
-** 	"sig" the encrypted signature data
-**	"algid" specifies the signing algorithm to use.  This must match
-**	    the key type.
-**/
-extern SECStatus VFY_VerifyDigest(SECItem *dig, SECKEYPublicKey *key,
-				  SECItem *sig, SECOidTag algid, void *wincx);
-
-/*
-** Verify the signature on a block of data. The signature data is an RSA
-** private key encrypted block of data formatted according to PKCS#1.
-** 	"buf" the input data
-** 	"len" the length of the input data
-** 	"key" the public key to check the signature with
-** 	"sig" the encrypted signature data
-**	"algid" specifies the signing algorithm to use.  This must match
-**	    the key type.
-*/
-extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
-				SECKEYPublicKey *key, SECItem *sig,
-				SECOidTag algid, void *wincx);
-
-
-SEC_END_PROTOS
-
-#endif /* _CRYPTOHI_H_ */
diff --git a/security/nss/lib/cryptohi/cryptoht.h b/security/nss/lib/cryptohi/cryptoht.h
deleted file mode 100644
index 3116db279..000000000
--- a/security/nss/lib/cryptohi/cryptoht.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * cryptoht.h - public data structures for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _CRYPTOHT_H_
-#define _CRYPTOHT_H_
-
-typedef struct SGNContextStr SGNContext;
-typedef struct VFYContextStr VFYContext;
-
-
-#endif /* _CRYPTOHT_H_ */
diff --git a/security/nss/lib/cryptohi/dsautil.c b/security/nss/lib/cryptohi/dsautil.c
deleted file mode 100644
index c592ec7df..000000000
--- a/security/nss/lib/cryptohi/dsautil.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secasn1.h"
-#include "secitem.h"
-#include "prerr.h"
-
-#ifndef DSA_SUBPRIME_LEN
-#define DSA_SUBPRIME_LEN 20	/* bytes */
-#endif
-
-typedef struct {
-    SECItem r;
-    SECItem s;
-} DSA_ASN1Signature;
-
-const SEC_ASN1Template DSA_SignatureTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(DSA_ASN1Signature) },
-    { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,r) },
-    { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,s) },
-    { 0, }
-};
-
-/* Input is variable length multi-byte integer, MSB first (big endian).
-** Most signficant bit of first byte is NOT treated as a sign bit. 
-** May be one or more leading bytes of zeros. 
-** Output is variable length multi-byte integer, MSB first (big endian).
-** Most significant bit of first byte will be zero (positive sign bit)
-** No more than one leading zero byte.
-** Caller supplies dest buffer, and assures that it is long enough,
-** e.g. at least one byte longer that src's buffer.
-*/
-void
-DSAU_ConvertUnsignedToSigned(SECItem *dest, SECItem *src)
-{
-    unsigned char *pSrc = src->data;
-    unsigned char *pDst = dest->data;
-    unsigned int   cntSrc = src->len;
-    unsigned char  c;
-
-    /* skip any leading zeros. */
-    while (cntSrc && !(c = *pSrc)) { 
-    	pSrc++; 
-	cntSrc--;
-    }
-    if (!cntSrc) {
-    	*pDst = 0; 
-	dest->len = 1; 
-	return; 
-    }
-
-    if (c & 0x80)
-    	*pDst++ = 0;
-
-    PORT_Memcpy(pDst, pSrc, cntSrc);
-    dest->len = (pDst - dest->data) + cntSrc;
-}
-
-/*
-** src is a buffer holding a signed variable length integer.
-** dest is a buffer which will be filled with an unsigned integer,
-** MSB first (big endian) with leading zeros, so that the last byte
-** of src will be the LSB of the integer.  The result will be exactly
-** the length specified by the caller in dest->len.
-** src can be shorter than dest.  src can be longer than dst, but only
-** if the extra leading bytes are zeros.
-*/
-SECStatus
-DSAU_ConvertSignedToFixedUnsigned(SECItem *dest, SECItem *src)
-{
-    unsigned char *pSrc = src->data;
-    unsigned char *pDst = dest->data;
-    unsigned int   cntSrc = src->len;
-    unsigned int   cntDst = dest->len;
-    int            zCount = cntDst - cntSrc;
-
-    if (zCount > 0) {
-    	PORT_Memset(pDst, 0, zCount);
-	PORT_Memcpy(pDst + zCount, pSrc, cntSrc);
-	return SECSuccess;
-    }
-    if (zCount <= 0) {
-	/* Source is longer than destination.  Check for leading zeros. */
-	while (zCount++ < 0) {
-	    if (*pSrc++ != 0)
-		goto loser;
-	}
-    }
-    PORT_Memcpy(pDst, pSrc, cntDst);
-    return SECSuccess;
-
-loser:
-    PORT_SetError( PR_INVALID_ARGUMENT_ERROR );
-    return SECFailure;
-}
-
-/* src is a "raw" DSA signature, 20 bytes of r followed by 20 bytes of s.
-** dest is the signature DER encoded. ?
-*/
-SECStatus
-DSAU_EncodeDerSig(SECItem *dest, SECItem *src)
-{
-    SECItem *         item;
-    SECItem           srcItem;
-    DSA_ASN1Signature sig;
-    unsigned char     signedR[DSA_SUBPRIME_LEN + 1];
-    unsigned char     signedS[DSA_SUBPRIME_LEN + 1];
-
-    PORT_Memset(&sig, 0, sizeof(sig));
-
-    PORT_Assert(src->len == 2 * DSA_SUBPRIME_LEN);
-    if (src->len != 2 * DSA_SUBPRIME_LEN) {
-    	PORT_SetError( PR_INVALID_ARGUMENT_ERROR );
-	return SECFailure;
-    }
-
-    /* Must convert r and s from "unsigned" integers to "signed" integers.
-    ** If the high order bit of the first byte (MSB) is 1, then must
-    ** prepend with leading zero.  
-    ** Must remove all but one leading zero byte from numbers.
-    */
-    sig.r.type = siUnsignedInteger;
-    sig.r.data = signedR;
-    sig.r.len  = sizeof signedR;
-    sig.s.type = siUnsignedInteger;
-    sig.s.data = signedS;
-    sig.s.len  = sizeof signedR;
-
-    srcItem.data = src->data;
-    srcItem.len  = DSA_SUBPRIME_LEN;
-
-    DSAU_ConvertUnsignedToSigned(&sig.r, &srcItem);
-    srcItem.data += DSA_SUBPRIME_LEN;
-    DSAU_ConvertUnsignedToSigned(&sig.s, &srcItem);
-
-    item = SEC_ASN1EncodeItem(NULL, dest, &sig, DSA_SignatureTemplate);
-    if (item == NULL)
-	return SECFailure;
-
-    /* XXX leak item? */
-    return SECSuccess;
-}
-
-/* src is a DER-encoded DSA signature.
-** Returns a newly-allocated SECItem structure, pointing at a newly allocated
-** buffer containing the "raw" DSA signature, which is 20 bytes of r,
-** followed by 20 bytes of s.
-*/
-SECItem *
-DSAU_DecodeDerSig(SECItem *item)
-{
-    SECItem *         result = NULL;
-    SECStatus         status;
-    DSA_ASN1Signature sig;
-    SECItem           dst;
-
-    PORT_Memset(&sig, 0, sizeof(sig));
-
-    result = PORT_ZNew(SECItem);
-    if (result == NULL)
-	goto loser;
-
-    result->len  = 2 * DSA_SUBPRIME_LEN;
-    result->data = (unsigned char*)PORT_Alloc(2 * DSA_SUBPRIME_LEN);
-    if (result->data == NULL)
-	goto loser;
-
-    sig.r.type = siUnsignedInteger;
-    sig.s.type = siUnsignedInteger;
-    status = SEC_ASN1DecodeItem(NULL, &sig, DSA_SignatureTemplate, item);
-    if (status != SECSuccess)
-	goto loser;
-
-    /* Convert sig.r and sig.s from variable  length signed integers to 
-    ** fixed length unsigned integers.
-    */
-    dst.data = result->data;
-    dst.len  = DSA_SUBPRIME_LEN;
-    status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.r);
-    if (status != SECSuccess)
-    	goto loser;
-
-    dst.data += DSA_SUBPRIME_LEN;
-    status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.s);
-    if (status != SECSuccess)
-    	goto loser;
-
-done:
-    if (sig.r.data != NULL)
-	PORT_Free(sig.r.data);
-    if (sig.s.data != NULL)
-	PORT_Free(sig.s.data);
-
-    return result;
-
-loser:
-    if (result != NULL) {
-	SECITEM_FreeItem(result, PR_TRUE);
-	result = NULL;
-    }
-    goto done;
-}
diff --git a/security/nss/lib/cryptohi/hasht.h b/security/nss/lib/cryptohi/hasht.h
deleted file mode 100644
index 143e37486..000000000
--- a/security/nss/lib/cryptohi/hasht.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * hasht.h - public data structures for the hashing library
- *
- * $Id$
- */
-
-#ifndef _HASHT_H_
-#define _HASHT_H_
-
-/* Opaque objects */
-typedef struct SECHashObjectStr SECHashObject;
-typedef struct HASHContextStr HASHContext;
-
-/*
- * The hash functions the security library supports
- * NOTE the order must match the definition of SECHashObjects[]!
- */
-typedef enum {
-    HASH_AlgNULL = 0,
-    HASH_AlgMD2 = 1,
-    HASH_AlgMD5 = 2,
-    HASH_AlgSHA1 = 3,
-    HASH_AlgTOTAL
-} HASH_HashType;
-
-/*
- * Number of bytes each hash algorithm produces
- */
-#define MD2_LENGTH	16
-#define MD5_LENGTH	16
-#define SHA1_LENGTH	20
-
-/*
- * Structure to hold hash computation info and routines
- */
-struct SECHashObjectStr {
-    unsigned int length;
-    void * (*create)(void);
-    void * (*clone)(void *);
-    void (*destroy)(void *, PRBool);
-    void (*begin)(void *);
-    void (*update)(void *, const unsigned char *, unsigned int);
-    void (*end)(void *, unsigned char *, unsigned int *, unsigned int);
-};
-
-struct HASHContextStr {
-    const struct SECHashObjectStr *hashobj;
-    void *hash_context;
-};
-
-/* This symbol is NOT exported from the NSS DLL.  Code that needs a 
- * pointer to one of the SECHashObjects should call HASH_GetHashObject()
- * instead. See "sechash.h".
- */
-extern const SECHashObject SECHashObjects[];
-
-/* Only those functions below the PKCS #11 line should use SECRawHashObjects.
- * This symbol is not exported from the NSS DLL.
- */
-extern const SECHashObject SECRawHashObjects[];
-
-#endif /* _HASHT_H_ */
diff --git a/security/nss/lib/cryptohi/key.h b/security/nss/lib/cryptohi/key.h
deleted file mode 100644
index 678beafd8..000000000
--- a/security/nss/lib/cryptohi/key.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEY_H_
-#define _KEY_H_
-
-#include "keyhi.h"
-
-#endif /* _KEY_H_ */
diff --git a/security/nss/lib/cryptohi/keyhi.h b/security/nss/lib/cryptohi/keyhi.h
deleted file mode 100644
index 844a44877..000000000
--- a/security/nss/lib/cryptohi/keyhi.h
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEYHI_H_
-#define _KEYHI_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "keythi.h"
-#include "certt.h"
-/*#include "secpkcs5.h" */
-
-SEC_BEGIN_PROTOS
-
-
-/*
-** Destroy a subject-public-key-info object.
-*/
-extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki);
-
-/*
-** Copy subject-public-key-info "src" to "dst". "dst" is filled in
-** appropriately (memory is allocated for each of the sub objects).
-*/
-extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
-					     CERTSubjectPublicKeyInfo *dst,
-					     CERTSubjectPublicKeyInfo *src);
-
-/*
-** Update the PQG parameters for a cert's public key.
-** Only done for DSA and Fortezza certs
-*/
-extern SECStatus
-SECKEY_UpdateCertPQG(CERTCertificate * subjectCert);
-
-
-/* Compare the KEA parameters of two public keys.  
- * Only used by fortezza.      */
-
-extern SECStatus
-SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2);
-
-/*
-** Return the strength of the public key
-*/
-extern unsigned SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk);
-
-
-/*
-** Make a copy of the private key "privKey"
-*/
-extern SECKEYPrivateKey *SECKEY_CopyPrivateKey(SECKEYPrivateKey *privKey);
-
-/*
-** Make a copy of the public key "pubKey"
-*/
-extern SECKEYPublicKey *SECKEY_CopyPublicKey(SECKEYPublicKey *pubKey);
-
-/*
-** Convert a private key "privateKey" into a public key
-*/
-extern SECKEYPublicKey *SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privateKey);
-
-/*
- * create a new RSA key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits,
-					   SECKEYPublicKey **pubk, void *cx);
-	
-/*
- * create a new DH key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param,
-					   SECKEYPublicKey **pubk, void *cx);
-/*
-** Create a subject-public-key-info based on a public key.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *k);
-
-/*
-** Decode a DER encoded public key into an SECKEYPublicKey structure.
-*/
-extern SECKEYPublicKey *SECKEY_DecodeDERPublicKey(SECItem *pubkder);
-
-/*
-** Convert a base64 ascii encoded DER public key to our internal format.
-*/
-extern SECKEYPublicKey *SECKEY_ConvertAndDecodePublicKey(char *pubkstr);
-
-/*
-** Convert a base64 ascii encoded DER public key and challenge to spki,
-** and verify the signature and challenge data are correct
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
-								void *cx);
-
-/*
-** Encode a  CERTSubjectPublicKeyInfo structure. into a
-** DER encoded subject public key info. 
-*/
-SECItem *
-SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk);
-
-/*
-** Decode a DER encoded subject public key info into a
-** CERTSubjectPublicKeyInfo structure.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider);
-
-/*
-** Convert a base64 ascii encoded DER subject public key info to our
-** internal format.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr);
-
-/*
- * extract the public key from a subject Public Key info structure.
- * (used by JSS).
- */
-extern SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *);
-
-/*
-** Destroy a private key object.
-**	"key" the object
-*/
-extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key);
-
-
-/*
-** Destroy a public key object.
-**	"key" the object
-*/
-extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key);
-
-/* Destroy and zero out a private key info structure.  for now this
- * function zero's out memory allocated in an arena for the key 
- * since PORT_FreeArena does not currently do this.  
- *
- * NOTE -- If a private key info is allocated in an arena, one should 
- * not call this function with freeit = PR_FALSE.  The function should 
- * destroy the arena.  
- */
-extern void
-SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit);
-
-/* Destroy and zero out an encrypted private key info.
- *
- * NOTE -- If a encrypted private key info is allocated in an arena, one should 
- * not call this function with freeit = PR_FALSE.  The function should 
- * destroy the arena.  
- */
-extern void
-SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
-				      PRBool freeit);
-
-/* Copy private key info structure.  
- *  poolp is the arena into which the contents of from is to be copied.
- *	NULL is a valid entry.
- *  to is the destination private key info
- *  from is the source private key info
- * if either from or to is NULL or an error occurs, SECFailure is 
- * returned.  otherwise, SECSuccess is returned.
- */
-extern SECStatus
-SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
-			  SECKEYPrivateKeyInfo *to,
-			  SECKEYPrivateKeyInfo *from);
-
-/* Copy encrypted private key info structure.  
- *  poolp is the arena into which the contents of from is to be copied.
- *	NULL is a valid entry.
- *  to is the destination encrypted private key info
- *  from is the source encrypted private key info
- * if either from or to is NULL or an error occurs, SECFailure is 
- * returned.  otherwise, SECSuccess is returned.
- */
-extern SECStatus
-SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
-				   SECKEYEncryptedPrivateKeyInfo *to,
-				   SECKEYEncryptedPrivateKeyInfo *from);
-/*
- * Accessor functions for key type of public and private keys.
- */
-KeyType SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey);
-KeyType SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey);
-
-/*
- * Creates a PublicKey from its DER encoding.
- * Currently only supports RSA and DSA keys.
- */
-SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type);
-
-SECKEYPrivateKeyList*
-SECKEY_NewPrivateKeyList(void);
-
-void
-SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
-
-void
-SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
-
-SECStatus
-SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
-                                SECKEYPrivateKey *key);
-
-#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode*)PR_LIST_HEAD(&l->list))
-#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
-#define PRIVKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-SECKEYPublicKeyList*
-SECKEY_NewPublicKeyList(void);
-
-void
-SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys);
-
-void
-SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node);
-
-SECStatus
-SECKEY_AddPublicKeyToListTail( SECKEYPublicKeyList *list,
-                                SECKEYPublicKey *key);
-
-#define PUBKEY_LIST_HEAD(l) ((SECKEYPublicKeyListNode*)PR_LIST_HEAD(&l->list))
-#define PUBKEY_LIST_NEXT(n) ((SECKEYPublicKeyListNode *)n->links.next)
-#define PUBKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-SEC_END_PROTOS
-
-#endif /* _KEYHI_H_ */
diff --git a/security/nss/lib/cryptohi/keyt.h b/security/nss/lib/cryptohi/keyt.h
deleted file mode 100644
index 1b104b96a..000000000
--- a/security/nss/lib/cryptohi/keyt.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * keyt.h - public data structures for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEYT_H_
-#define _KEYT_H_
-
-#include "keythi.h"
-
-#endif /* _KEYT_H_ */
diff --git a/security/nss/lib/cryptohi/keythi.h b/security/nss/lib/cryptohi/keythi.h
deleted file mode 100644
index 7b864b868..000000000
--- a/security/nss/lib/cryptohi/keythi.h
+++ /dev/null
@@ -1,223 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _KEYTHI_H_
-#define _KEYTHI_H_ 1
-
-#include "plarena.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "prclist.h"
-
-typedef enum { 
-    nullKey = 0, 
-    rsaKey = 1, 
-    dsaKey = 2, 
-    fortezzaKey = 3,
-    dhKey = 4, 
-    keaKey = 5
-} KeyType;
-
-/*
-** Template Definitions
-**/
-
-SEC_BEGIN_PROTOS
-extern const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DHParamKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[];
-extern const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[];
-
-/* Windows DLL accessor functions */
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_DSAPublicKeyTemplate;
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_RSAPublicKeyTemplate;
-SEC_END_PROTOS
-
-
-/*
-** RSA Public Key structures
-** member names from PKCS#1, section 7.1 
-*/
-
-struct SECKEYRSAPublicKeyStr {
-    PRArenaPool * arena;
-    SECItem modulus;
-    SECItem publicExponent;
-};
-typedef struct SECKEYRSAPublicKeyStr SECKEYRSAPublicKey;
-
-
-/*
-** DSA Public Key and related structures
-*/
-
-struct SECKEYPQGParamsStr {
-    PRArenaPool *arena;
-    SECItem prime;    /* p */
-    SECItem subPrime; /* q */
-    SECItem base;     /* g */
-    /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
-};
-typedef struct SECKEYPQGParamsStr SECKEYPQGParams;
-
-struct SECKEYDSAPublicKeyStr {
-    SECKEYPQGParams params;
-    SECItem publicValue;
-};
-typedef struct SECKEYDSAPublicKeyStr SECKEYDSAPublicKey;
-
-
-/*
-** Diffie-Hellman Public Key structure
-** Structure member names suggested by PKCS#3.
-*/
-struct SECKEYDHParamsStr {
-    PRArenaPool * arena;
-    SECItem prime; /* p */
-    SECItem base; /* g */
-};
-typedef struct SECKEYDHParamsStr SECKEYDHParams;
-
-struct SECKEYDHPublicKeyStr {
-    PRArenaPool * arena;
-    SECItem prime;
-    SECItem base;
-    SECItem publicValue;
-};
-typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
-
-
-/*
-** FORTEZZA Public Key structures
-*/
-struct SECKEYFortezzaPublicKeyStr {
-    int      KEAversion;
-    int      DSSversion;
-    unsigned char    KMID[8];
-    SECItem clearance;
-    SECItem KEApriviledge;
-    SECItem DSSpriviledge;
-    SECItem KEAKey;
-    SECItem DSSKey;
-    SECKEYPQGParams params;
-    SECKEYPQGParams keaParams;
-};
-typedef struct SECKEYFortezzaPublicKeyStr SECKEYFortezzaPublicKey;
-
-struct SECKEYDiffPQGParamsStr {
-    SECKEYPQGParams DiffKEAParams;
-    SECKEYPQGParams DiffDSAParams;
-};
-typedef struct SECKEYDiffPQGParamsStr SECKEYDiffPQGParams;
-
-struct SECKEYPQGDualParamsStr {
-    SECKEYPQGParams CommParams;
-    SECKEYDiffPQGParams DiffParams;
-};
-typedef struct SECKEYPQGDualParamsStr SECKEYPQGDualParams;
-
-struct SECKEYKEAParamsStr {
-    PLArenaPool *arena;
-    SECItem hash;
-};
-typedef struct SECKEYKEAParamsStr SECKEYKEAParams;
- 
-struct SECKEYKEAPublicKeyStr {
-    SECKEYKEAParams params;
-    SECItem publicValue;
-};
-typedef struct SECKEYKEAPublicKeyStr SECKEYKEAPublicKey;
-
-/*
-** A Generic  public key object.
-*/
-struct SECKEYPublicKeyStr {
-    PLArenaPool *arena;
-    KeyType keyType;
-    PK11SlotInfo *pkcs11Slot;
-    CK_OBJECT_HANDLE pkcs11ID;
-    union {
-        SECKEYRSAPublicKey rsa;
-	SECKEYDSAPublicKey dsa;
-	SECKEYDHPublicKey  dh;
-        SECKEYKEAPublicKey kea;
-        SECKEYFortezzaPublicKey fortezza;
-    } u;
-};
-typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
-
-/*
-** A generic key structure
-*/ 
-struct SECKEYPrivateKeyStr {
-    PLArenaPool *arena;
-    KeyType keyType;
-    PK11SlotInfo *pkcs11Slot;	/* pkcs11 slot this key lives in */
-    CK_OBJECT_HANDLE pkcs11ID;  /* ID of pkcs11 object */
-    PRBool pkcs11IsTemp;	/* temp pkcs11 object, delete it when done */
-    void *wincx;		/* context for errors and pw prompts */
-};
-typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
-
-/* Despite the name, this struct isn't used by any pkcs5 code.
-** It's used by pkcs7 and pkcs12 code.
-*/
-typedef struct {
-    SECItem *pwitem;
-    PK11SymKey *key;
-    PK11SlotInfo *slot;
-    void *wincx;
-} SEC_PKCS5KeyAndPassword;
-
-typedef struct {
-    PRCList links;
-    SECKEYPrivateKey *key;
-} SECKEYPrivateKeyListNode;
-
-typedef struct {
-    PRCList list;
-    PRArenaPool *arena;
-} SECKEYPrivateKeyList;
-
-typedef struct {
-    PRCList links;
-    SECKEYPublicKey *key;
-} SECKEYPublicKeyListNode;
-
-typedef struct {
-    PRCList list;
-    PRArenaPool *arena;
-} SECKEYPublicKeyList;
-#endif /* _KEYTHI_H_ */
-
diff --git a/security/nss/lib/cryptohi/manifest.mn b/security/nss/lib/cryptohi/manifest.mn
deleted file mode 100644
index a4a76a7df..000000000
--- a/security/nss/lib/cryptohi/manifest.mn
+++ /dev/null
@@ -1,64 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-REQUIRES = dbm
-
-LIBRARY_NAME = cryptohi
-
-EXPORTS = \
-	cryptohi.h \
-	cryptoht.h \
-	hasht.h   \
-	key.h     \
-	keyhi.h   \
-	keyt.h    \
-	keythi.h  \
-	sechash.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	$(NULL)
-
-LIBSRCS = \
-	sechash.c \
-	seckey.c  \
-	secsign.c \
-	secvfy.c  \
-	dsautil.c \
-	$(NULL)
-
-CSRCS = $(LIBSRCS)
-
diff --git a/security/nss/lib/cryptohi/sechash.c b/security/nss/lib/cryptohi/sechash.c
deleted file mode 100644
index 36ee1efd2..000000000
--- a/security/nss/lib/cryptohi/sechash.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "sechash.h"
-#include "secoidt.h"
-#include "blapi.h"
-#include "pk11func.h"	/* for the PK11_ calls below. */
-
-static void *
-null_hash_new_context(void)
-{
-    return NULL;
-}
-
-static void *
-null_hash_clone_context(void *v)
-{
-    PORT_Assert(v == NULL);
-    return NULL;
-}
-
-static void
-null_hash_begin(void *v)
-{
-}
-
-static void
-null_hash_update(void *v, const unsigned char *input, unsigned int length)
-{
-}
-
-static void
-null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
-	      unsigned int maxOut)
-{
-    *outLen = 0;
-}
-
-static void
-null_hash_destroy_context(void *v, PRBool b)
-{
-    PORT_Assert(v == NULL);
-}
-
-
-static void *
-md2_NewContext(void) {
-	return (void *) PK11_CreateDigestContext(SEC_OID_MD2);
-}
-
-static void *
-md5_NewContext(void) {
-	return (void *) PK11_CreateDigestContext(SEC_OID_MD5);
-}
-
-static void *
-sha1_NewContext(void) {
-	return (void *) PK11_CreateDigestContext(SEC_OID_SHA1);
-}
-
-const SECHashObject SECHashObjects[] = {
-  { 0,
-    (void * (*)(void)) null_hash_new_context,
-    (void * (*)(void *)) null_hash_clone_context,
-    (void (*)(void *, PRBool)) null_hash_destroy_context,
-    (void (*)(void *)) null_hash_begin,
-    (void (*)(void *, const unsigned char *, unsigned int)) null_hash_update,
-    (void (*)(void *, unsigned char *, unsigned int *,
-	      unsigned int)) null_hash_end
-  },
-  { MD2_LENGTH,
-    (void * (*)(void)) md2_NewContext,
-    (void * (*)(void *)) PK11_CloneContext,
-    (void (*)(void *, PRBool)) PK11_DestroyContext,
-    (void (*)(void *)) PK11_DigestBegin,
-    (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
-    (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) 
-							PK11_DigestFinal
-  },
-  { MD5_LENGTH,
-    (void * (*)(void)) md5_NewContext,
-    (void * (*)(void *)) PK11_CloneContext,
-    (void (*)(void *, PRBool)) PK11_DestroyContext,
-    (void (*)(void *)) PK11_DigestBegin,
-    (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
-    (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) 
-							PK11_DigestFinal
-  },
-  { SHA1_LENGTH,
-    (void * (*)(void)) sha1_NewContext,
-    (void * (*)(void *)) PK11_CloneContext,
-    (void (*)(void *, PRBool)) PK11_DestroyContext,
-    (void (*)(void *)) PK11_DigestBegin,
-    (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
-    (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) 
-							PK11_DigestFinal
-  },
-};
-
-const SECHashObject * 
-HASH_GetHashObject(HASH_HashType type)
-{
-    return &SECHashObjects[type];
-}
-
-
-unsigned int
-HASH_ResultLen(HASH_HashType type)
-{
-    if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
-	return(0);
-    }
-    
-    return(SECHashObjects[type].length);
-}
-
-unsigned int
-HASH_ResultLenContext(HASHContext *context)
-{
-    return(context->hashobj->length);
-}
-
-
-
-SECStatus
-HASH_HashBuf(HASH_HashType type,
-	     unsigned char *dest,
-	     unsigned char *src,
-	     uint32 src_len)
-{
-    HASHContext *cx;
-    unsigned int part;
-    
-    if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
-	return(SECFailure);
-    }
-    
-    cx = HASH_Create(type);
-    if ( cx == NULL ) {
-	return(SECFailure);
-    }
-    HASH_Begin(cx);
-    HASH_Update(cx, src, src_len);
-    HASH_End(cx, dest, &part, HASH_ResultLenContext(cx));
-    HASH_Destroy(cx);
-
-    return(SECSuccess);
-}
-
-HASHContext *
-HASH_Create(HASH_HashType type)
-{
-    void *hash_context = NULL;
-    HASHContext *ret = NULL;
-    
-    if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
-	return(NULL);
-    }
-    
-    hash_context = (* SECHashObjects[type].create)();
-    if ( hash_context == NULL ) {
-	goto loser;
-    }
-
-    ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
-    if ( ret == NULL ) {
-	goto loser;
-    }
-
-    ret->hash_context = hash_context;
-    ret->hashobj = &SECHashObjects[type];
-    
-    return(ret);
-    
-loser:
-    if ( hash_context != NULL ) {
-	(* SECHashObjects[type].destroy)(hash_context, PR_TRUE);
-    }
-    
-    return(NULL);
-}
-
-
-HASHContext *
-HASH_Clone(HASHContext *context)
-{
-    void *hash_context = NULL;
-    HASHContext *ret = NULL;
-    
-    hash_context = (* context->hashobj->clone)(context->hash_context);
-    if ( hash_context == NULL ) {
-	goto loser;
-    }
-
-    ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
-    if ( ret == NULL ) {
-	goto loser;
-    }
-
-    ret->hash_context = hash_context;
-    ret->hashobj = context->hashobj;
-    
-    return(ret);
-    
-loser:
-    if ( hash_context != NULL ) {
-	(* context->hashobj->destroy)(hash_context, PR_TRUE);
-    }
-    
-    return(NULL);
-
-}
-
-void
-HASH_Destroy(HASHContext *context)
-{
-    (* context->hashobj->destroy)(context->hash_context, PR_TRUE);
-    PORT_Free(context);
-    return;
-}
-
-
-void
-HASH_Begin(HASHContext *context)
-{
-    (* context->hashobj->begin)(context->hash_context);
-    return;
-}
-
-
-void
-HASH_Update(HASHContext *context,
-	    const unsigned char *src,
-	    unsigned int len)
-{
-    (* context->hashobj->update)(context->hash_context, src, len);
-    return;
-}
-
-void
-HASH_End(HASHContext *context,
-	 unsigned char *result,
-	 unsigned int *result_len,
-	 unsigned int max_result_len)
-{
-    (* context->hashobj->end)(context->hash_context, result, result_len,
-			      max_result_len);
-    return;
-}
-
-
-
diff --git a/security/nss/lib/cryptohi/sechash.h b/security/nss/lib/cryptohi/sechash.h
deleted file mode 100644
index 0e5a92e3b..000000000
--- a/security/nss/lib/cryptohi/sechash.h
+++ /dev/null
@@ -1,79 +0,0 @@
-#ifndef _HASH_H_
-#define _HASH_H_
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * hash.h - public data structures and prototypes for the hashing library
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "hasht.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Generic hash api.  
-*/
-
-extern unsigned int  HASH_ResultLen(HASH_HashType type);
-
-extern unsigned int  HASH_ResultLenContext(HASHContext *context);
-
-extern SECStatus     HASH_HashBuf(HASH_HashType type,
-				 unsigned char *dest,
-				 unsigned char *src,
-				 uint32 src_len);
-
-extern HASHContext * HASH_Create(HASH_HashType type);
-
-extern HASHContext * HASH_Clone(HASHContext *context);
-
-extern void          HASH_Destroy(HASHContext *context);
-
-extern void          HASH_Begin(HASHContext *context);
-
-extern void          HASH_Update(HASHContext *context,
-				const unsigned char *src,
-				unsigned int len);
-
-extern void          HASH_End(HASHContext *context,
-			     unsigned char *result,
-			     unsigned int *result_len,
-			     unsigned int max_result_len);
-
-extern const SECHashObject * HASH_GetHashObject(HASH_HashType type);
-
-SEC_END_PROTOS
-
-#endif /* _HASH_H_ */
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
deleted file mode 100644
index 1c1bd24af..000000000
--- a/security/nss/lib/cryptohi/seckey.c
+++ /dev/null
@@ -1,1965 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "secrng.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secdig.h"
-#include "prtime.h"
-
-const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTSubjectPublicKeyInfo) },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTSubjectPublicKeyInfo,algorithm),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-	  offsetof(CERTSubjectPublicKeyInfo,subjectPublicKey), },
-    { 0, }
-};
-
-const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPublicKeyAndChallenge) },
-    { SEC_ASN1_ANY, offsetof(CERTPublicKeyAndChallenge,spki) },
-    { SEC_ASN1_IA5_STRING, offsetof(CERTPublicKeyAndChallenge,challenge) },
-    { 0 }
-};
-
-const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.rsa.modulus), },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.rsa.publicExponent), },
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dsa.publicValue), },
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.publicValue), },
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DHParamKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE,  0, NULL, sizeof(SECKEYPublicKey) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.prime), },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.base), },
-    /* XXX chrisk: this needs to be expanded for decoding of j and validationParms (RFC2459 7.3.2) */
-    { SEC_ASN1_SKIP_REST },
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaParameterTemplate[] = {
-    { SEC_ASN1_SEQUENCE,  0, NULL, sizeof(SECKEYPQGParams) },
-    { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,prime), },
-    { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,subPrime), },
-    { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,base), },
-    { 0 },
-};
- 
-const SEC_ASN1Template SECKEY_FortezzaDiffParameterTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYDiffPQGParams) },
-    { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffKEAParams), 
-                       SECKEY_FortezzaParameterTemplate},
-    { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffDSAParams), 
-                       SECKEY_FortezzaParameterTemplate},
-    { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaPreParamTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(SECKEYPQGDualParams,CommParams),
-                SECKEY_FortezzaParameterTemplate},
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaAltPreParamTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
-      SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SECKEYPQGDualParams,DiffParams),
-                SECKEY_FortezzaDiffParameterTemplate},
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.kea.publicValue), },
-    { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAParamsTemplate[] = {
-    { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPublicKey,u.kea.params.hash), }, 
-    { 0, }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SubjectPublicKeyInfoTemplate)
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-static void
-prepare_rsa_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
-    pubk->u.rsa.modulus.type = siUnsignedInteger;
-    pubk->u.rsa.publicExponent.type = siUnsignedInteger;
-}
-
-static void
-prepare_dsa_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
-    pubk->u.dsa.publicValue.type = siUnsignedInteger;
-}
-
-static void
-prepare_pqg_params_for_asn1(SECKEYPQGParams *params)
-{
-    params->prime.type = siUnsignedInteger;
-    params->subPrime.type = siUnsignedInteger;
-    params->base.type = siUnsignedInteger;
-}
-
-static void
-prepare_dh_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
-    pubk->u.dh.prime.type = siUnsignedInteger;
-    pubk->u.dh.base.type = siUnsignedInteger;
-    pubk->u.dh.publicValue.type = siUnsignedInteger;
-}
-
-static void
-prepare_kea_pub_key_for_asn1(SECKEYPublicKey *pubk)
-{
-    pubk->u.kea.publicValue.type = siUnsignedInteger;
-}
-
-/* Create an RSA key pair is any slot able to do so.
-** The created keys are "session" (temporary), not "token" (permanent), 
-** and they are "sensitive", which makes them costly to move to another token.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateRSAPrivateKey(int keySizeInBits,SECKEYPublicKey **pubk, void *cx)
-{
-    SECKEYPrivateKey *privk;
-    PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN,cx);
-    PK11RSAGenParams param;
-
-    param.keySizeInBits = keySizeInBits;
-    param.pe = 65537L;
-    
-    privk = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN,&param,pubk,
-					PR_FALSE, PR_TRUE, cx);
-    PK11_FreeSlot(slot);
-    return(privk);
-}
-
-/* Create a DH key pair in any slot able to do so, 
-** This is a "session" (temporary), not "token" (permanent) key. 
-** Because of the high probability that this key will need to be moved to
-** another token, and the high cost of moving "sensitive" keys, we attempt
-** to create this key pair without the "sensitive" attribute, but revert to 
-** creating a "sensitive" key if necessary.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx)
-{
-    SECKEYPrivateKey *privk;
-    PK11SlotInfo *slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx);
-
-    privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param, 
-                                 pubk, PR_FALSE, PR_FALSE, cx);
-    if (!privk) 
-	privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param, 
-	                             pubk, PR_FALSE, PR_TRUE, cx);
-
-    PK11_FreeSlot(slot);
-    return(privk);
-}
-
-void
-SECKEY_DestroyPrivateKey(SECKEYPrivateKey *privk)
-{
-    if (privk) {
-	if (privk->pkcs11Slot) {
-	    if (privk->pkcs11IsTemp) {
-	    	PK11_DestroyObject(privk->pkcs11Slot,privk->pkcs11ID);
-	    }
-	    PK11_FreeSlot(privk->pkcs11Slot);
-
-	}
-    	if (privk->arena) {
-	    PORT_FreeArena(privk->arena, PR_TRUE);
-	}
-    }
-}
-
-void
-SECKEY_DestroyPublicKey(SECKEYPublicKey *pubk)
-{
-    if (pubk) {
-	if (pubk->pkcs11Slot) {
-	    if (!PK11_IsPermObject(pubk->pkcs11Slot,pubk->pkcs11ID)) {
-		PK11_DestroyObject(pubk->pkcs11Slot,pubk->pkcs11ID);
-	    }
-	    PK11_FreeSlot(pubk->pkcs11Slot);
-	}
-    	if (pubk->arena) {
-	    PORT_FreeArena(pubk->arena, PR_FALSE);
-	}
-    }
-}
-
-SECStatus
-SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
-			     CERTSubjectPublicKeyInfo *to,
-			     CERTSubjectPublicKeyInfo *from)
-{
-    SECStatus rv;
-
-    rv = SECOID_CopyAlgorithmID(arena, &to->algorithm, &from->algorithm);
-    if (rv == SECSuccess)
-	rv = SECITEM_CopyItem(arena, &to->subjectPublicKey, &from->subjectPublicKey);
-
-    return rv;
-}
-
-SECStatus
-SECKEY_KEASetParams(SECKEYKEAParams * params, SECKEYPublicKey * pubKey) {
-
-    if (pubKey->keyType == fortezzaKey) {
-        /* the key is a fortezza V1 public key  */
-
-	/* obtain hash of pubkey->u.fortezza.params.prime.data +
-		          pubkey->u.fortezza.params.subPrime.data +
-			  pubkey->u.fortezza.params.base.data  */
-
-	/* store hash in params->hash */
-
-    } else if (pubKey->keyType == keaKey) {
-
-        /* the key is a new fortezza KEA public key. */
-        SECITEM_CopyItem(pubKey->arena, &params->hash, 
-	                 &pubKey->u.kea.params.hash );
-
-    } else {
-
-	/* the key has no KEA parameters */
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-
-SECStatus
-SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2) 
-{
-
-    SECStatus rv;
-
-    SECKEYPublicKey *pubKey1 = 0;
-    SECKEYPublicKey *pubKey2 = 0;
-
-    SECKEYKEAParams params1;
-    SECKEYKEAParams params2;
-
-
-    rv = SECFailure;
-
-    /* get cert1's public key */
-    pubKey1 = CERT_ExtractPublicKey(cert1);
-    if ( !pubKey1 ) {
-	return(SECFailure);
-    }
-    
-
-    /* get cert2's public key */
-    pubKey2 = CERT_ExtractPublicKey(cert2);
-    if ( !pubKey2 ) {
-	return(SECFailure);
-    }
-
-    /* handle the case when both public keys are new
-     * fortezza KEA public keys.    */
-
-    if ((pubKey1->keyType == keaKey) &&
-        (pubKey2->keyType == keaKey) ) {
-
-        rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.kea.params.hash,
-	                         &pubKey2->u.kea.params.hash);
-	goto done;
-    }
-
-    /* handle the case when both public keys are old fortezza
-     * public keys.              */
-
-    if ((pubKey1->keyType == fortezzaKey) &&
-        (pubKey2->keyType == fortezzaKey) ) {
-
-        rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.prime,
-	                         &pubKey2->u.fortezza.keaParams.prime);
-
-	if (rv == SECEqual) {
-	    rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.subPrime,
-	                             &pubKey2->u.fortezza.keaParams.subPrime);
-	}
-
-	if (rv == SECEqual) {
-	    rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.base,
-	                             &pubKey2->u.fortezza.keaParams.base);
-	}
-	
-	goto done;
-    }
-
-
-    /* handle the case when the public keys are a mixture of 
-     * old and new.                          */
-
-    rv = SECKEY_KEASetParams(&params1, pubKey1);
-    if (rv != SECSuccess) return rv;
-
-    rv = SECKEY_KEASetParams(&params2, pubKey2);
-    if (rv != SECSuccess) return rv;
-
-    rv = (SECStatus)SECITEM_CompareItem(&params1.hash, &params2.hash);
-
-done:
-    SECKEY_DestroyPublicKey(pubKey1);
-    SECKEY_DestroyPublicKey(pubKey2);
-
-    return rv;   /* returns SECEqual if parameters are equal */
-
-}
-
-
-/* Procedure to update the pqg parameters for a cert's public key.
- * pqg parameters only need to be updated for DSA and fortezza certificates.
- * The procedure uses calls to itself recursively to update a certificate
- * issuer's pqg parameters.  Some important rules are:
- *    - Do nothing if the cert already has PQG parameters.
- *    - If the cert does not have PQG parameters, obtain them from the issuer.
- *    - A valid cert chain cannot have a DSA or Fortezza cert without
- *      pqg parameters that has a parent that is not a DSA or Fortezza cert.
- *    - pqg paramters are stored in two different formats: the standard
- *      DER encoded format and the fortezza-only wrapped format.  The params
- *      should be copied from issuer to subject cert without modifying the
- *      formats.  The public key extraction code will deal with the different
- *      formats at the time of extraction.  */
-
-SECStatus
-seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count)
-{
-    SECStatus rv, rvCompare;
-    SECOidData *oid=NULL;
-    int tag;
-    CERTSubjectPublicKeyInfo * subjectSpki=NULL;
-    CERTSubjectPublicKeyInfo * issuerSpki=NULL;
-    CERTCertificate *issuerCert = NULL;
-
-    rv = SECSuccess;
-
-    /* increment cert chain length counter*/
-    count++;
-
-    /* check if cert chain length exceeds the maximum length*/
-    if (count > CERT_MAX_CERT_CHAIN) {
-	return SECFailure;
-    }
-
-    oid = SECOID_FindOID(&subjectCert->subjectPublicKeyInfo.algorithm.algorithm);            
-    if (oid != NULL) {  
-        tag = oid->offset;
-             
-        /* Check if cert has a DSA or Fortezza public key. If not, return
-         * success since no PQG params need to be updated.  */
-
-	if ( (tag != SEC_OID_MISSI_KEA_DSS_OLD) &&
-	     (tag != SEC_OID_MISSI_DSS_OLD) &&
-             (tag != SEC_OID_MISSI_KEA_DSS) &&
-             (tag != SEC_OID_MISSI_DSS) &&               
-             (tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
-             (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
-             (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
-             (tag != SEC_OID_SDN702_DSA_SIGNATURE) ) {
-            
-            return SECSuccess;
-        }
-    } else {
-        return SECFailure;  /* return failure if oid is NULL */  
-    }
-
-    /* if cert has PQG parameters, return success */
-
-    subjectSpki=&subjectCert->subjectPublicKeyInfo;
-
-    if (subjectSpki->algorithm.parameters.len != 0) {
-        return SECSuccess;
-    }
-
-    /* check if the cert is self-signed */
-    rvCompare = (SECStatus)SECITEM_CompareItem(&subjectCert->derSubject,
-				    &subjectCert->derIssuer);
-	if (rvCompare == SECEqual) {
-	  /* fail since cert is self-signed and has no pqg params. */
-            return SECFailure;     
-	}
-     
-    /* get issuer cert */
-    issuerCert = CERT_FindCertIssuer(subjectCert, PR_Now(), certUsageAnyCA);
-	if ( ! issuerCert ) {
-            return SECFailure;
-	}
-
-    /* if parent is not DSA or fortezza, return failure since
-       we don't allow this case. */
-
-    oid = SECOID_FindOID(&issuerCert->subjectPublicKeyInfo.algorithm.algorithm);
-    if (oid != NULL) {  
-        tag = oid->offset;
-             
-        /* Check if issuer cert has a DSA or Fortezza public key. If not,
-         * return failure.   */
-
-	if ( (tag != SEC_OID_MISSI_KEA_DSS_OLD) &&
-	     (tag != SEC_OID_MISSI_DSS_OLD) &&
-             (tag != SEC_OID_MISSI_KEA_DSS) &&
-             (tag != SEC_OID_MISSI_DSS) &&               
-             (tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
-             (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
-             (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
-             (tag != SEC_OID_SDN702_DSA_SIGNATURE) ) {
-            
-            return SECFailure;
-        }
-    } else {
-        return SECFailure;  /* return failure if oid is NULL */  
-    }
-
-
-    /* at this point the subject cert has no pqg parameters and the
-     * issuer cert has a DSA or fortezza public key.  Update the issuer's
-     * pqg parameters with a recursive call to this same function. */
-
-    rv = seckey_UpdateCertPQGChain(issuerCert, count);
-    if (rv != SECSuccess) return rv;
-
-    /* ensure issuer has pqg parameters */
-
-    issuerSpki=&issuerCert->subjectPublicKeyInfo;
-    if (issuerSpki->algorithm.parameters.len == 0) {
-        rv = SECFailure; 
-    }
-
-    /* if update was successful and pqg params present, then copy the
-     * parameters to the subject cert's key. */
-
-    if (rv == SECSuccess) {
-        rv = SECITEM_CopyItem(subjectCert->arena,
-                              &subjectSpki->algorithm.parameters, 
-	   		      &issuerSpki->algorithm.parameters);
-    }
-
-    return rv;
-
-}
- 
-
-SECStatus
-SECKEY_UpdateCertPQG(CERTCertificate * subjectCert)
-{
-    return(seckey_UpdateCertPQGChain(subjectCert,0));
-}
-   
-
-/* Decode the PQG parameters.  The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the standard DER encoded format.   Store the decoded parameters in an
- * old fortezza cert data structure */
- 
-SECStatus
-SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
-                              SECItem *params) {
-        SECStatus rv;
-	SECKEYPQGDualParams dual_params;
-
-    if (params == NULL) return SECFailure; 
-    
-    if (params->data == NULL) return SECFailure;
-
-    /* Check if params use the standard format.
-     * The value 0xa1 will appear in the first byte of the parameter data
-     * if the PQG parameters are not using the standard format. This
-     * code should be changed to use a better method to detect non-standard
-     * parameters.    */
-
-    if ((params->data[0] != 0xa1) &&
-        (params->data[0] != 0xa0)) {
-
-            /* PQG params are in the standard format */
-
-	    /* Store DSA PQG parameters */
-	    prepare_pqg_params_for_asn1(&pubk->u.fortezza.params);
-            rv = SEC_ASN1DecodeItem(arena, &pubk->u.fortezza.params,
-                              SECKEY_PQGParamsTemplate,
-                              params);
-
-	    if (rv == SECSuccess) {
-
-	        /* Copy the DSA PQG parameters to the KEA PQG parameters. */
-	        rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
-                                      &pubk->u.fortezza.params.prime);
-                if (rv != SECSuccess) return rv;
-                rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
-                                      &pubk->u.fortezza.params.subPrime);
-                if (rv != SECSuccess) return rv;
-                rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
-                                      &pubk->u.fortezza.params.base);
-                if (rv != SECSuccess) return rv;
-            }
-
-    } else {
-
-	dual_params.CommParams.prime.len = 0;
-        dual_params.CommParams.subPrime.len = 0;
-	dual_params.CommParams.base.len = 0;
-	dual_params.DiffParams.DiffDSAParams.prime.len = 0;
-        dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
-	dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
-        /* else the old fortezza-only wrapped format is used. */
-
-	if (params->data[0] == 0xa1) {
-            rv = SEC_ASN1DecodeItem(arena, &dual_params, 
-				SECKEY_FortezzaPreParamTemplate, params);
-	} else {
-            rv = SEC_ASN1DecodeItem(arena, &dual_params, 
-	   			    SECKEY_FortezzaAltPreParamTemplate, params);
-        }
-
-        if (rv < 0) return rv;
-	
-        if ( (dual_params.CommParams.prime.len > 0) &&
-             (dual_params.CommParams.subPrime.len > 0) && 
-             (dual_params.CommParams.base.len > 0) ) {
-            /* copy in common params */
-	    
-	    rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
-                                  &dual_params.CommParams.prime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
-                                  &dual_params.CommParams.subPrime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
-                                  &dual_params.CommParams.base);
-
-	    /* Copy the DSA PQG parameters to the KEA PQG parameters. */
-	    rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
-                                  &pubk->u.fortezza.params.prime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
-                                  &pubk->u.fortezza.params.subPrime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
-                                  &pubk->u.fortezza.params.base);
-            if (rv != SECSuccess) return rv;
-
-        } else {
-
-	    /* else copy in different params */
-
-	    /* copy DSA PQG parameters */
-	    rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
-                                  &dual_params.DiffParams.DiffDSAParams.prime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
-                                  &dual_params.DiffParams.DiffDSAParams.subPrime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
-                                  &dual_params.DiffParams.DiffDSAParams.base);
-
-	    /* copy KEA PQG parameters */
-
-	    rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
-                                  &dual_params.DiffParams.DiffKEAParams.prime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
-                                  &dual_params.DiffParams.DiffKEAParams.subPrime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
-                                  &dual_params.DiffParams.DiffKEAParams.base);
-        }
-       
-    }
-    return rv;
-}
-
-
-/* Decode the DSA PQG parameters.  The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the normal standard format.  Store the decoded parameters in
- * a V3 certificate data structure.  */ 
-
-SECStatus
-SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
-        SECStatus rv;
-	SECKEYPQGDualParams dual_params;
-
-    if (params == NULL) return SECFailure; 
-    
-    if (params->data == NULL) return SECFailure;
-
-    /* Check if params use the standard format.
-     * The value 0xa1 will appear in the first byte of the parameter data
-     * if the PQG parameters are not using the standard format.  This
-     * code should be changed to use a better method to detect non-standard
-     * parameters.    */
-
-    if ((params->data[0] != 0xa1) &&
-        (params->data[0] != 0xa0)) {
-    
-         /* PQG params are in the standard format */
-         prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
-         rv = SEC_ASN1DecodeItem(arena, &pubk->u.dsa.params,
-                             SECKEY_PQGParamsTemplate,
-                             params);
-    } else {
-
-	dual_params.CommParams.prime.len = 0;
-        dual_params.CommParams.subPrime.len = 0;
-	dual_params.CommParams.base.len = 0;
-	dual_params.DiffParams.DiffDSAParams.prime.len = 0;
-        dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
-	dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
-        /* else the old fortezza-only wrapped format is used. */
-        if (params->data[0] == 0xa1) {
-            rv = SEC_ASN1DecodeItem(arena, &dual_params, 
-				SECKEY_FortezzaPreParamTemplate, params);
-	} else {
-            rv = SEC_ASN1DecodeItem(arena, &dual_params, 
-	   			    SECKEY_FortezzaAltPreParamTemplate, params);
-        }
-
-        if (rv < 0) return rv;
-
-        if ( (dual_params.CommParams.prime.len > 0) &&
-             (dual_params.CommParams.subPrime.len > 0) && 
-             (dual_params.CommParams.base.len > 0) ) {
-            /* copy in common params */
-	    
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
-                                  &dual_params.CommParams.prime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
-                                  &dual_params.CommParams.subPrime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
-                                  &dual_params.CommParams.base);
-
-        } else {
-
-	    /* else copy in different params */
-
-	    /* copy DSA PQG parameters */
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
-                                  &dual_params.DiffParams.DiffDSAParams.prime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
-                                  &dual_params.DiffParams.DiffDSAParams.subPrime);
-            if (rv != SECSuccess) return rv;
-            rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
-                                  &dual_params.DiffParams.DiffDSAParams.base);
-
-        }
-    }
-    return rv;
-}
-
-
-
-/* Decodes the DER encoded fortezza public key and stores the results in a
- * structure of type SECKEYPublicKey. */
-
-SECStatus
-SECKEY_FortezzaDecodeCertKey(PRArenaPool *arena, SECKEYPublicKey *pubk,
-                             SECItem *rawkey, SECItem *params) {
-
-	unsigned char *rawptr = rawkey->data;
-	unsigned char *end = rawkey->data + rawkey->len;
-	unsigned char *clearptr;
-
-	/* first march down and decode the raw key data */
-
-	/* version */	
-	pubk->u.fortezza.KEAversion = *rawptr++;
-	if (*rawptr++ != 0x01) {
-		return SECFailure;
-	}
-
-	/* KMID */
-	PORT_Memcpy(pubk->u.fortezza.KMID,rawptr,
-				sizeof(pubk->u.fortezza.KMID));
-	rawptr += sizeof(pubk->u.fortezza.KMID);
-
-	/* clearance (the string up to the first byte with the hi-bit on */
-	clearptr = rawptr;
-	while ((rawptr < end) && (*rawptr++ & 0x80));
-
-	if (rawptr >= end) { return SECFailure; }
-	pubk->u.fortezza.clearance.len = rawptr - clearptr;
-	pubk->u.fortezza.clearance.data = 
-		(unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.clearance.len);
-	if (pubk->u.fortezza.clearance.data == NULL) {
-		return SECFailure;
-	}
-	PORT_Memcpy(pubk->u.fortezza.clearance.data,clearptr,
-					pubk->u.fortezza.clearance.len);
-
-	/* KEAPrivilege (the string up to the first byte with the hi-bit on */
-	clearptr = rawptr;
-	while ((rawptr < end) && (*rawptr++ & 0x80));
-	if (rawptr >= end) { return SECFailure; }
-	pubk->u.fortezza.KEApriviledge.len = rawptr - clearptr;
-	pubk->u.fortezza.KEApriviledge.data = 
-		(unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEApriviledge.len);
-	if (pubk->u.fortezza.KEApriviledge.data == NULL) {
-		return SECFailure;
-	}
-	PORT_Memcpy(pubk->u.fortezza.KEApriviledge.data,clearptr,
-				pubk->u.fortezza.KEApriviledge.len);
-
-
-	/* now copy the key. The next to bytes are the key length, and the
-	 * key follows */
-	pubk->u.fortezza.KEAKey.len = (*rawptr << 8) | rawptr[1];
-
-	rawptr += 2;
-	if (rawptr+pubk->u.fortezza.KEAKey.len > end) { return SECFailure; }
-	pubk->u.fortezza.KEAKey.data = 
-			(unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEAKey.len);
-	if (pubk->u.fortezza.KEAKey.data == NULL) {
-		return SECFailure;
-	}
-	PORT_Memcpy(pubk->u.fortezza.KEAKey.data,rawptr,
-					pubk->u.fortezza.KEAKey.len);
-	rawptr += pubk->u.fortezza.KEAKey.len;
-
-	/* shared key */
-	if (rawptr >= end) {
-	    pubk->u.fortezza.DSSKey.len = pubk->u.fortezza.KEAKey.len;
-	    /* this depends on the fact that we are going to get freed with an
-	     * ArenaFree call. We cannot free DSSKey and KEAKey separately */
-	    pubk->u.fortezza.DSSKey.data=
-					pubk->u.fortezza.KEAKey.data;
-	    pubk->u.fortezza.DSSpriviledge.len = 
-				pubk->u.fortezza.KEApriviledge.len;
-	    pubk->u.fortezza.DSSpriviledge.data =
-			pubk->u.fortezza.DSSpriviledge.data;
-	    goto done;
-	}
-		
-
-	/* DSS Version is next */
-	pubk->u.fortezza.DSSversion = *rawptr++;
-
-	if (*rawptr++ != 2) {
-		return SECFailure;
-	}
-
-	/* DSSPrivilege (the string up to the first byte with the hi-bit on */
-	clearptr = rawptr;
-	while ((rawptr < end) && (*rawptr++ & 0x80));
-	if (rawptr >= end) { return SECFailure; }
-	pubk->u.fortezza.DSSpriviledge.len = rawptr - clearptr;
-	pubk->u.fortezza.DSSpriviledge.data = 
-		(unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSpriviledge.len);
-	if (pubk->u.fortezza.DSSpriviledge.data == NULL) {
-		return SECFailure;
-	}
-	PORT_Memcpy(pubk->u.fortezza.DSSpriviledge.data,clearptr,
-				pubk->u.fortezza.DSSpriviledge.len);
-
-	/* finally copy the DSS key. The next to bytes are the key length,
-	 *  and the key follows */
-	pubk->u.fortezza.DSSKey.len = (*rawptr << 8) | rawptr[1];
-
-	rawptr += 2;
-	if (rawptr+pubk->u.fortezza.DSSKey.len > end){ return SECFailure; }
-	pubk->u.fortezza.DSSKey.data = 
-			(unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSKey.len);
-	if (pubk->u.fortezza.DSSKey.data == NULL) {
-		return SECFailure;
-	}
-	PORT_Memcpy(pubk->u.fortezza.DSSKey.data,rawptr,
-					pubk->u.fortezza.DSSKey.len);
-
-	/* ok, now we decode the parameters */
-done:
-
-        return SECKEY_FortezzaDecodePQGtoOld(arena, pubk, params);
-}
-
-
-/* Function used to determine what kind of cert we are dealing with. */
-KeyType 
-CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki) {
-    int tag;
-    KeyType keyType;
-
-    tag = SECOID_GetAlgorithmTag(&spki->algorithm);
-    switch (tag) {
-      case SEC_OID_X500_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	keyType = rsaKey;
-	break;
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-	keyType = dsaKey;
-	break;
-      case SEC_OID_MISSI_KEA_DSS_OLD:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_DSS_OLD:
-      case SEC_OID_MISSI_DSS:  
-	keyType = fortezzaKey;
-	break;
-      case SEC_OID_MISSI_KEA:
-      case SEC_OID_MISSI_ALT_KEA:
-	keyType = keaKey;
-	break;
-      case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-	keyType = dhKey;
-      default:
-	keyType = nullKey;
-    }
-    return keyType;
-}
-
-static SECKEYPublicKey *
-seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
-{
-    SECKEYPublicKey *pubk;
-    SECItem os;
-    SECStatus rv;
-    PRArenaPool *arena;
-    SECOidTag tag;
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	return NULL;
-
-    pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
-    if (pubk == NULL) {
-	PORT_FreeArena (arena, PR_FALSE);
-	return NULL;
-    }
-
-    pubk->arena = arena;
-    pubk->pkcs11Slot = 0;
-    pubk->pkcs11ID = CK_INVALID_HANDLE;
-
-
-    /* Convert bit string length from bits to bytes */
-    os = spki->subjectPublicKey;
-    DER_ConvertBitString (&os);
-
-    tag = SECOID_GetAlgorithmTag(&spki->algorithm);
-    switch ( tag ) {
-      case SEC_OID_X500_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	pubk->keyType = rsaKey;
-	prepare_rsa_pub_key_for_asn1(pubk);
-	rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, &os);
-	if (rv == SECSuccess)
-	    return pubk;
-	break;
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-      case SEC_OID_SDN702_DSA_SIGNATURE:
-	pubk->keyType = dsaKey;
-	prepare_dsa_pub_key_for_asn1(pubk);
-	rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &os);
-	if (rv != SECSuccess) break;
-
-        rv = SECKEY_DSADecodePQG(arena, pubk,
-                                 &spki->algorithm.parameters); 
-
-	if (rv == SECSuccess) return pubk;
-	break;
-      case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-	pubk->keyType = dhKey;
-	prepare_dh_pub_key_for_asn1(pubk);
-	rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &os);
-	if (rv != SECSuccess) break;
-
-        rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DHParamKeyTemplate,
-                                 &spki->algorithm.parameters); 
-
-	if (rv == SECSuccess) return pubk;
-	break;
-      case SEC_OID_MISSI_KEA_DSS_OLD:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_DSS_OLD:
-      case SEC_OID_MISSI_DSS:
-	pubk->keyType = fortezzaKey;
-	rv = SECKEY_FortezzaDecodeCertKey(arena, pubk, &os,
-				          &spki->algorithm.parameters);
-	if (rv == SECSuccess)
-	    return pubk;
-	break;
-
-      case SEC_OID_MISSI_KEA:
-	pubk->keyType = keaKey;
-
-	prepare_kea_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(arena, pubk,
-                                SECKEY_KEAPublicKeyTemplate, &os);
-        if (rv != SECSuccess) break;
-
-
-        rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
-                        &spki->algorithm.parameters);
-
-	if (rv == SECSuccess)
-	    return pubk;
-
-        break;
-
-      case SEC_OID_MISSI_ALT_KEA:
-	pubk->keyType = keaKey;
-
-        rv = SECITEM_CopyItem(arena,&pubk->u.kea.publicValue,&os);
-        if (rv != SECSuccess) break;
- 
-        rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
-                        &spki->algorithm.parameters);
-
-	if (rv == SECSuccess)
-	    return pubk;
-
-        break;
-
-
-      default:
-	rv = SECFailure;
-	break;
-    }
-
-    SECKEY_DestroyPublicKey (pubk);
-    return NULL;
-}
-
-
-/* required for JSS */
-SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
-{
-    return seckey_ExtractPublicKey(spki);
-}
-
-SECKEYPublicKey *
-CERT_ExtractPublicKey(CERTCertificate *cert)
-{
-    SECStatus rv;
-
-    rv = SECKEY_UpdateCertPQG(cert);
-    if (rv != SECSuccess) return NULL;
-
-    return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
-}
-
-/*
- * Get the public key for the fortezza KMID. NOTE this requires the
- * PQG paramters to be set. We probably should have a fortezza call that 
- * just extracts the kmid for us directly so this function can work
- * without having the whole cert chain
- */
-SECKEYPublicKey *
-CERT_KMIDPublicKey(CERTCertificate *cert)
-{
-    return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
-}
-
-/* returns key strength in bytes (not bits) */
-unsigned
-SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk)
-{
-    unsigned char b0;
-
-    /* interpret modulus length as key strength... in
-     * fortezza that's the public key length */
-
-    switch (pubk->keyType) {
-    case rsaKey:
-    	b0 = pubk->u.rsa.modulus.data[0];
-    	return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
-    case dsaKey:
-    	b0 = pubk->u.dsa.publicValue.data[0];
-    	return b0 ? pubk->u.dsa.publicValue.len :
-	    pubk->u.dsa.publicValue.len - 1;
-    case dhKey:
-    	b0 = pubk->u.dh.publicValue.data[0];
-    	return b0 ? pubk->u.dh.publicValue.len :
-	    pubk->u.dh.publicValue.len - 1;
-    case fortezzaKey:
-	return PR_MAX(pubk->u.fortezza.KEAKey.len, pubk->u.fortezza.DSSKey.len);
-    default:
-	break;
-    }
-    return 0;
-}
-
-SECKEYPrivateKey *
-SECKEY_CopyPrivateKey(SECKEYPrivateKey *privk)
-{
-    SECKEYPrivateKey *copyk;
-    PRArenaPool *arena;
-    
-    if (privk == NULL) {
-	return NULL;
-    }
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    copyk = (SECKEYPrivateKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPrivateKey));
-    if (copyk) {
-	copyk->arena = arena;
-	copyk->keyType = privk->keyType;
-
-	/* copy the PKCS #11 parameters */
-	copyk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot);
-	/* if the key we're referencing was a temparary key we have just
-	 * created, that we want to go away when we're through, we need
-	 * to make a copy of it */
-	if (privk->pkcs11IsTemp) {
-	    copyk->pkcs11ID = 
-			PK11_CopyKey(privk->pkcs11Slot,privk->pkcs11ID);
-	    if (copyk->pkcs11ID == CK_INVALID_HANDLE) goto fail;
-	} else {
-	    copyk->pkcs11ID = privk->pkcs11ID;
-	}
-	copyk->pkcs11IsTemp = privk->pkcs11IsTemp;
-	copyk->wincx = privk->wincx;
-	return copyk;
-    } else {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-    }
-
-fail:
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-
-SECKEYPublicKey *
-SECKEY_CopyPublicKey(SECKEYPublicKey *pubk)
-{
-    SECKEYPublicKey *copyk;
-    PRArenaPool *arena;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    copyk = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey));
-    if (copyk != NULL) {
-	SECStatus rv = SECSuccess;
-
-	copyk->arena = arena;
-	copyk->keyType = pubk->keyType;
-	if (pubk->pkcs11Slot && 
-			PK11_IsPermObject(pubk->pkcs11Slot,pubk->pkcs11ID)) {
-	    copyk->pkcs11Slot = PK11_ReferenceSlot(pubk->pkcs11Slot);
-	    copyk->pkcs11ID = pubk->pkcs11ID;
-	} else {
-	    copyk->pkcs11Slot = NULL;	/* go get own reference */
-	    copyk->pkcs11ID = CK_INVALID_HANDLE;
-	}
-	switch (pubk->keyType) {
-	  case rsaKey:
-	    rv = SECITEM_CopyItem(arena, &copyk->u.rsa.modulus,
-				  &pubk->u.rsa.modulus);
-	    if (rv == SECSuccess) {
-		rv = SECITEM_CopyItem (arena, &copyk->u.rsa.publicExponent,
-				       &pubk->u.rsa.publicExponent);
-		if (rv == SECSuccess)
-		    return copyk;
-	    }
-	    break;
-	  case dsaKey:
-	    rv = SECITEM_CopyItem(arena, &copyk->u.dsa.publicValue,
-				  &pubk->u.dsa.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.prime,
-				  &pubk->u.dsa.params.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.subPrime,
-				  &pubk->u.dsa.params.subPrime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.base,
-				  &pubk->u.dsa.params.base);
-	    break;
-          case keaKey:
-            rv = SECITEM_CopyItem(arena, &copyk->u.kea.publicValue,
-                                  &pubk->u.kea.publicValue);
-            if (rv != SECSuccess) break;
-            rv = SECITEM_CopyItem(arena, &copyk->u.kea.params.hash,
-                                  &pubk->u.kea.params.hash);
-            break;
-	  case fortezzaKey:
-	    copyk->u.fortezza.KEAversion = pubk->u.fortezza.KEAversion;
-	    copyk->u.fortezza.DSSversion = pubk->u.fortezza.DSSversion;
-	    PORT_Memcpy(copyk->u.fortezza.KMID, pubk->u.fortezza.KMID,
-			sizeof(pubk->u.fortezza.KMID));
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.clearance, 
-				  &pubk->u.fortezza.clearance);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.KEApriviledge, 
-				&pubk->u.fortezza.KEApriviledge);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.DSSpriviledge, 
-				&pubk->u.fortezza.DSSpriviledge);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.KEAKey, 
-				&pubk->u.fortezza.KEAKey);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.DSSKey, 
-				&pubk->u.fortezza.DSSKey);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.prime, 
-				  &pubk->u.fortezza.params.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.subPrime, 
-				&pubk->u.fortezza.params.subPrime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.base, 
-				&pubk->u.fortezza.params.base);
-            if (rv != SECSuccess) break;
-            rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.prime, 
-				  &pubk->u.fortezza.keaParams.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.subPrime, 
-				&pubk->u.fortezza.keaParams.subPrime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.base, 
-				&pubk->u.fortezza.keaParams.base);
-	    break;
-	  case dhKey:
-            rv = SECITEM_CopyItem(arena,&copyk->u.dh.prime,&pubk->u.dh.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena,&copyk->u.dh.base,&pubk->u.dh.base);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &copyk->u.dh.publicValue, 
-				&pubk->u.dh.publicValue);
-	    break;
-	  case nullKey:
-	    return copyk;
-	  default:
-	    rv = SECFailure;
-	    break;
-	}
-	if (rv == SECSuccess)
-	    return copyk;
-
-	SECKEY_DestroyPublicKey (copyk);
-    } else {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-    }
-
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-
-
-SECKEYPublicKey *
-SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk)
-{
-    SECKEYPublicKey *pubk;
-    PRArenaPool *arena;
-    CERTCertificate *cert;
-    SECStatus rv;
-
-    /*
-     * First try to look up the cert.
-     */
-    cert = PK11_GetCertFromPrivateKey(privk);
-    if (cert) {
-	pubk = CERT_ExtractPublicKey(cert);
-	CERT_DestroyCertificate(cert);
-	return pubk;
-    }
-
-    /* couldn't find the cert, build pub key by hand */
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-    pubk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						   sizeof (SECKEYPublicKey));
-    if (pubk == NULL) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-    pubk->keyType = privk->keyType;
-    pubk->pkcs11Slot = NULL;
-    pubk->pkcs11ID = CK_INVALID_HANDLE;
-    pubk->arena = arena;
-
-    /*
-     * fortezza is at the head of this switch, since we don't want to
-     * allocate an arena... CERT_ExtractPublicKey will to that for us.
-     */
-    switch(privk->keyType) {
-      case fortezzaKey:
-      case nullKey:
-      case dhKey:
-      case dsaKey:
-	/* Nothing to query, if the cert isn't there, we're done -- no way
-	 * to get the public key */
-	break;
-      case rsaKey:
-	rv = PK11_ReadAttribute(privk->pkcs11Slot,privk->pkcs11ID,
-				CKA_MODULUS,arena,&pubk->u.rsa.modulus);
-	if (rv != SECSuccess)  break;
-	rv = PK11_ReadAttribute(privk->pkcs11Slot,privk->pkcs11ID,
-			CKA_PUBLIC_EXPONENT,arena,&pubk->u.rsa.publicExponent);
-	if (rv != SECSuccess)  break;
-	return pubk;
-	break;
-    default:
-	break;
-    }
-
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-
-CERTSubjectPublicKeyInfo *
-SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *pubk)
-{
-    CERTSubjectPublicKeyInfo *spki;
-    PRArenaPool *arena;
-    SECItem params = { siBuffer, NULL, 0 };
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    spki = (CERTSubjectPublicKeyInfo *) PORT_ArenaZAlloc(arena, sizeof (*spki));
-    if (spki != NULL) {
-	SECStatus rv;
-	SECItem *rv_item;
-	
-	spki->arena = arena;
-	switch(pubk->keyType) {
-	  case rsaKey:
-	    rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
-				     SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
-	    if (rv == SECSuccess) {
-		/*
-		 * DER encode the public key into the subjectPublicKeyInfo.
-		 */
-		prepare_rsa_pub_key_for_asn1(pubk);
-		rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
-					     pubk, SECKEY_RSAPublicKeyTemplate);
-		if (rv_item != NULL) {
-		    /*
-		     * The stored value is supposed to be a BIT_STRING,
-		     * so convert the length.
-		     */
-		    spki->subjectPublicKey.len <<= 3;
-		    /*
-		     * We got a good one; return it.
-		     */
-		    return spki;
-		}
-	    }
-	    break;
-	  case dsaKey:
-	    /* DER encode the params. */
-	    prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
-	    rv_item = SEC_ASN1EncodeItem(arena, &params, &pubk->u.dsa.params,
-					 SECKEY_PQGParamsTemplate);
-	    if (rv_item != NULL) {
-		rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
-					   SEC_OID_ANSIX9_DSA_SIGNATURE,
-					   &params);
-		if (rv == SECSuccess) {
-		    /*
-		     * DER encode the public key into the subjectPublicKeyInfo.
-		     */
-		    prepare_dsa_pub_key_for_asn1(pubk);
-		    rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
-						 pubk,
-						 SECKEY_DSAPublicKeyTemplate);
-		    if (rv_item != NULL) {
-			/*
-			 * The stored value is supposed to be a BIT_STRING,
-			 * so convert the length.
-			 */
-			spki->subjectPublicKey.len <<= 3;
-			/*
-			 * We got a good one; return it.
-			 */
-			return spki;
-		    }
-		}
-	    }
-	    SECITEM_FreeItem(&params, PR_FALSE);
-	    break;
-	  case keaKey:
-	  case dhKey: /* later... */
-
-	  break;  
-	  case fortezzaKey:
-#ifdef notdef
-	    /* encode the DSS parameters (PQG) */
-	    rv = FortezzaBuildParams(&params,pubk);
-	    if (rv != SECSuccess) break;
-
-	    /* set the algorithm */
-	    rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
-				       SEC_OID_MISSI_KEA_DSS, &params);
-	    PORT_Free(params.data);
-	    if (rv == SECSuccess) {
-		/*
-		 * Encode the public key into the subjectPublicKeyInfo.
-		 * Fortezza key material is not standard DER
-		 */
-		rv = FortezzaEncodeCertKey(arena,&spki->subjectPublicKey,pubk);
-		if (rv == SECSuccess) {
-		    /*
-		     * The stored value is supposed to be a BIT_STRING,
-		     * so convert the length.
-		     */
-		    spki->subjectPublicKey.len <<= 3;
-
-		    /*
-		     * We got a good one; return it.
-		     */
-		    return spki;
-		}
-	    }
-#endif
-	    break;
-	  default:
-	    break;
-	}
-    } else {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-void
-SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki)
-{
-    if (spki && spki->arena) {
-	PORT_FreeArena(spki->arena, PR_FALSE);
-    }
-}
-
-/*
- * this only works for RSA keys... need to do something
- * similiar to CERT_ExtractPublicKey for other key times.
- */
-SECKEYPublicKey *
-SECKEY_DecodeDERPublicKey(SECItem *pubkder)
-{
-    PRArenaPool *arena;
-    SECKEYPublicKey *pubk;
-    SECStatus rv;
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey));
-    if (pubk != NULL) {
-	pubk->arena = arena;
-	pubk->pkcs11Slot = NULL;
-	pubk->pkcs11ID = 0;
-	prepare_rsa_pub_key_for_asn1(pubk);
-	rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate,
-				pubkder);
-	if (rv == SECSuccess)
-	    return pubk;
-	SECKEY_DestroyPublicKey (pubk);
-    } else {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-    }
-
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded public key.
- */
-SECKEYPublicKey *
-SECKEY_ConvertAndDecodePublicKey(char *pubkstr)
-{
-    SECKEYPublicKey *pubk;
-    SECStatus rv;
-    SECItem der;
-
-    rv = ATOB_ConvertAsciiToItem (&der, pubkstr);
-    if (rv != SECSuccess)
-	return NULL;
-
-    pubk = SECKEY_DecodeDERPublicKey (&der);
-
-    PORT_Free (der.data);
-    return pubk;
-}
-
-SECItem *
-SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk)
-{
-    CERTSubjectPublicKeyInfo *spki=NULL;
-    SECItem *spkiDER=NULL;
-
-    /* get the subjectpublickeyinfo */
-    spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
-    if( spki == NULL ) {
-	goto finish;
-    }
-
-    /* DER-encode the subjectpublickeyinfo */
-    spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL/*dest*/, spki,
-					CERT_SubjectPublicKeyInfoTemplate);
-finish:
-    if (spki!=NULL) {
-	SECKEY_DestroySubjectPublicKeyInfo(spki);
-    }
-    return spkiDER;
-}
-
-
-CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider)
-{
-    PRArenaPool *arena;
-    CERTSubjectPublicKeyInfo *spki;
-    SECStatus rv;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    spki = (CERTSubjectPublicKeyInfo *)
-		PORT_ArenaZAlloc(arena, sizeof (CERTSubjectPublicKeyInfo));
-    if (spki != NULL) {
-	spki->arena = arena;
-	rv = SEC_ASN1DecodeItem(arena,spki,
-				CERT_SubjectPublicKeyInfoTemplate,spkider);
-	if (rv == SECSuccess)
-	    return spki;
-	SECKEY_DestroySubjectPublicKeyInfo(spki);
-    } else {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded subject public key info.
- */
-CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr)
-{
-    CERTSubjectPublicKeyInfo *spki;
-    SECStatus rv;
-    SECItem der;
-
-    rv = ATOB_ConvertAsciiToItem(&der, spkistr);
-    if (rv != SECSuccess)
-	return NULL;
-
-    spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
-
-    PORT_Free(der.data);
-    return spki;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded public key and challenge
- * Verify digital signature and make sure challenge matches
- */
-CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
-								void *wincx)
-{
-    CERTSubjectPublicKeyInfo *spki = NULL;
-    CERTPublicKeyAndChallenge pkac;
-    SECStatus rv;
-    SECItem signedItem;
-    PRArenaPool *arena = NULL;
-    CERTSignedData sd;
-    SECItem sig;
-    SECKEYPublicKey *pubKey = NULL;
-    unsigned int len;
-    
-    signedItem.data = NULL;
-    
-    /* convert the base64 encoded data to binary */
-    rv = ATOB_ConvertAsciiToItem(&signedItem, pkacstr);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /* create an arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-
-    /* decode the outer wrapping of signed data */
-    PORT_Memset(&sd, 0, sizeof(CERTSignedData));
-    rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, &signedItem );
-    if ( rv ) {
-	goto loser;
-    }
-
-    /* decode the public key and challenge wrapper */
-    PORT_Memset(&pkac, 0, sizeof(CERTPublicKeyAndChallenge));
-    rv = SEC_ASN1DecodeItem(arena, &pkac, CERT_PublicKeyAndChallengeTemplate, 
-			    &sd.data);
-    if ( rv ) {
-	goto loser;
-    }
-
-    /* decode the subject public key info */
-    spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&pkac.spki);
-    if ( spki == NULL ) {
-	goto loser;
-    }
-    
-    /* get the public key */
-    pubKey = seckey_ExtractPublicKey(spki);
-    if ( pubKey == NULL ) {
-	goto loser;
-    }
-
-    /* check the signature */
-    sig = sd.signature;
-    DER_ConvertBitString(&sig);
-    rv = VFY_VerifyData(sd.data.data, sd.data.len, pubKey, &sig,
-			SECOID_GetAlgorithmTag(&(sd.signatureAlgorithm)), wincx);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    /* check the challenge */
-    if ( challenge ) {
-	len = PORT_Strlen(challenge);
-	/* length is right */
-	if ( len != pkac.challenge.len ) {
-	    goto loser;
-	}
-	/* actual data is right */
-	if ( PORT_Memcmp(challenge, pkac.challenge.data, len) != 0 ) {
-	    goto loser;
-	}
-    }
-    goto done;
-
-loser:
-    /* make sure that we return null if we got an error */
-    if ( spki ) {
-	SECKEY_DestroySubjectPublicKeyInfo(spki);
-    }
-    spki = NULL;
-    
-done:
-    if ( signedItem.data ) {
-	PORT_Free(signedItem.data);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    if ( pubKey ) {
-	SECKEY_DestroyPublicKey(pubKey);
-    }
-    
-    return spki;
-}
-
-void
-SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk,
-			     PRBool freeit)
-{
-    PRArenaPool *poolp;
-
-    if(pvk != NULL) {
-	if(pvk->arena) {
-	    poolp = pvk->arena;
-	    /* zero structure since PORT_FreeArena does not support
-	     * this yet.
-	     */
-	    PORT_Memset(pvk->privateKey.data, 0, pvk->privateKey.len);
-	    PORT_Memset((char *)pvk, 0, sizeof(*pvk));
-	    if(freeit == PR_TRUE) {
-		PORT_FreeArena(poolp, PR_TRUE);
-	    } else {
-		pvk->arena = poolp;
-	    }
-	} else {
-	    SECITEM_ZfreeItem(&pvk->version, PR_FALSE);
-	    SECITEM_ZfreeItem(&pvk->privateKey, PR_FALSE);
-	    SECOID_DestroyAlgorithmID(&pvk->algorithm, PR_FALSE);
-	    PORT_Memset((char *)pvk, 0, sizeof(pvk));
-	    if(freeit == PR_TRUE) {
-		PORT_Free(pvk);
-	    }
-	}
-    }
-}
-
-void
-SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
-				      PRBool freeit)
-{
-    PRArenaPool *poolp;
-
-    if(epki != NULL) {
-	if(epki->arena) {
-	    poolp = epki->arena;
-	    /* zero structure since PORT_FreeArena does not support
-	     * this yet.
-	     */
-	    PORT_Memset(epki->encryptedData.data, 0, epki->encryptedData.len);
-	    PORT_Memset((char *)epki, 0, sizeof(*epki));
-	    if(freeit == PR_TRUE) {
-		PORT_FreeArena(poolp, PR_TRUE);
-	    } else {
-		epki->arena = poolp;
-	    }
-	} else {
-	    SECITEM_ZfreeItem(&epki->encryptedData, PR_FALSE);
-	    SECOID_DestroyAlgorithmID(&epki->algorithm, PR_FALSE);
-	    PORT_Memset((char *)epki, 0, sizeof(epki));
-	    if(freeit == PR_TRUE) {
-		PORT_Free(epki);
-	    }
-	}
-    }
-}
-
-SECStatus
-SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
-			  SECKEYPrivateKeyInfo *to,
-			  SECKEYPrivateKeyInfo *from)
-{
-    SECStatus rv = SECFailure;
-
-    if((to == NULL) || (from == NULL)) {
-	return SECFailure;
-    }
-
-    rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
-    if(rv != SECSuccess) {
-	return SECFailure;
-    }
-    rv = SECITEM_CopyItem(poolp, &to->privateKey, &from->privateKey);
-    if(rv != SECSuccess) {
-	return SECFailure;
-    }
-    rv = SECITEM_CopyItem(poolp, &to->version, &from->version);
-
-    return rv;
-}
-
-SECStatus
-SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp, 
-				   SECKEYEncryptedPrivateKeyInfo *to,
-				   SECKEYEncryptedPrivateKeyInfo *from)
-{
-    SECStatus rv = SECFailure;
-
-    if((to == NULL) || (from == NULL)) {
-	return SECFailure;
-    }
-
-    rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
-    if(rv != SECSuccess) {
-	return SECFailure;
-    }
-    rv = SECITEM_CopyItem(poolp, &to->encryptedData, &from->encryptedData);
-
-    return rv;
-}
-
-KeyType
-SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey)
-{
-   return privKey->keyType;
-}
-
-KeyType
-SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey)
-{
-   return pubKey->keyType;
-}
-
-SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type)
-{
-    SECKEYPublicKey *pubk = NULL;
-    SECStatus rv = SECFailure;
-
-    pubk = PORT_ZNew(SECKEYPublicKey);
-    if(pubk == NULL) {
-        goto finish;
-    }
-    pubk->arena = NULL;
-    pubk->pkcs11Slot = NULL;
-    pubk->pkcs11ID = CK_INVALID_HANDLE;
-
-    switch( type ) {
-      case CKK_RSA:
-	prepare_rsa_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_RSAPublicKeyTemplate,derKey);
-        pubk->keyType = rsaKey;
-        break;
-      case CKK_DSA:
-	prepare_dsa_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_DSAPublicKeyTemplate,derKey);
-        pubk->keyType = dsaKey;
-        break;
-      case CKK_DH:
-	prepare_dh_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_DHPublicKeyTemplate, derKey);
-        pubk->keyType = dhKey;
-        break;
-      default:
-        rv = SECFailure;
-        break;
-    }
-
-finish:
-    if( rv != SECSuccess && pubk != NULL) {
-        PORT_Free(pubk);
-        pubk = NULL;
-    }
-    return pubk;
-}
-
-SECKEYPrivateKeyList*
-SECKEY_NewPrivateKeyList(void)
-{
-    PRArenaPool *arena = NULL;
-    SECKEYPrivateKeyList *ret = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-        goto loser;
-    }
-
-    ret = (SECKEYPrivateKeyList *)PORT_ArenaZAlloc(arena,
-                sizeof(SECKEYPrivateKeyList));
-    if ( ret == NULL ) {
-        goto loser;
-    }
-
-    ret->arena = arena;
-
-    PR_INIT_CLIST(&ret->list);
-
-    return(ret);
-
-loser:
-    if ( arena != NULL ) {
-        PORT_FreeArena(arena, PR_FALSE);
-    }
-
-    return(NULL);
-}
-
-void
-SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys)
-{
-    while( !PR_CLIST_IS_EMPTY(&keys->list) ) {
-        SECKEY_RemovePrivateKeyListNode(
-            (SECKEYPrivateKeyListNode*)(PR_LIST_HEAD(&keys->list)) );
-    }
-
-    PORT_FreeArena(keys->arena, PR_FALSE);
-
-    return;
-}
-
-
-void
-SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node)
-{
-    PR_ASSERT(node->key);
-    SECKEY_DestroyPrivateKey(node->key);
-    node->key = NULL;
-    PR_REMOVE_LINK(&node->links);
-    return;
-
-}
-
-SECStatus
-SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
-                                SECKEYPrivateKey *key)
-{
-    SECKEYPrivateKeyListNode *node;
-
-    node = (SECKEYPrivateKeyListNode *)PORT_ArenaZAlloc(list->arena,
-                sizeof(SECKEYPrivateKeyListNode));
-    if ( node == NULL ) {
-        goto loser;
-    }
-
-    PR_INSERT_BEFORE(&node->links, &list->list);
-    node->key = key;
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-
-SECKEYPublicKeyList*
-SECKEY_NewPublicKeyList(void)
-{
-    PRArenaPool *arena = NULL;
-    SECKEYPublicKeyList *ret = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-        goto loser;
-    }
-
-    ret = (SECKEYPublicKeyList *)PORT_ArenaZAlloc(arena,
-                sizeof(SECKEYPublicKeyList));
-    if ( ret == NULL ) {
-        goto loser;
-    }
-
-    ret->arena = arena;
-
-    PR_INIT_CLIST(&ret->list);
-
-    return(ret);
-
-loser:
-    if ( arena != NULL ) {
-        PORT_FreeArena(arena, PR_FALSE);
-    }
-
-    return(NULL);
-}
-
-void
-SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys)
-{
-    while( !PR_CLIST_IS_EMPTY(&keys->list) ) {
-        SECKEY_RemovePublicKeyListNode(
-            (SECKEYPublicKeyListNode*)(PR_LIST_HEAD(&keys->list)) );
-    }
-
-    PORT_FreeArena(keys->arena, PR_FALSE);
-
-    return;
-}
-
-
-void
-SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node)
-{
-    PR_ASSERT(node->key);
-    SECKEY_DestroyPublicKey(node->key);
-    node->key = NULL;
-    PR_REMOVE_LINK(&node->links);
-    return;
-
-}
-
-SECStatus
-SECKEY_AddPublicKeyToListTail( SECKEYPublicKeyList *list,
-                                SECKEYPublicKey *key)
-{
-    SECKEYPublicKeyListNode *node;
-
-    node = (SECKEYPublicKeyListNode *)PORT_ArenaZAlloc(list->arena,
-                sizeof(SECKEYPublicKeyListNode));
-    if ( node == NULL ) {
-        goto loser;
-    }
-
-    PR_INSERT_BEFORE(&node->links, &list->list);
-    node->key = key;
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c
deleted file mode 100644
index 98131c6eb..000000000
--- a/security/nss/lib/cryptohi/secsign.c
+++ /dev/null
@@ -1,500 +0,0 @@
-/*
- * Signature stuff.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include "cryptohi.h"
-#include "sechash.h"
-#include "secder.h"
-#include "keyhi.h"
-#include "secoid.h"
-#include "secdig.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-struct SGNContextStr {
-    SECOidTag signalg;
-    SECOidTag hashalg;
-    void *hashcx;
-    const SECHashObject *hashobj;
-    SECKEYPrivateKey *key;
-};
-
-SGNContext *
-SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *key)
-{
-    SGNContext *cx;
-    SECOidTag hashalg, signalg;
-    KeyType keyType;
-
-    /* OK, map a PKCS #7 hash and encrypt algorithm into
-     * a standard hashing algorithm. Why did we pass in the whole
-     * PKCS #7 algTag if we were just going to change here you might
-     * ask. Well the answer is for some cards we may have to do the
-     * hashing on card. It may not support CKM_RSA_PKCS sign algorithm,
-     * it may just support CKM_RSA_PKCS_WITH_SHA1 and/or CKM_RSA_PKCS_WITH_MD5.
-     */
-    switch (alg) {
-      /* We probably shouldn't be generating MD2 signatures either */
-      case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
-	hashalg = SEC_OID_MD2;
-	signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
-	keyType = rsaKey;
-	break;
-      case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
-        hashalg = SEC_OID_MD5;
-	signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
-	keyType = rsaKey;
-	break;
-      case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
-      case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
-	hashalg = SEC_OID_SHA1;
-	signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
-	keyType = rsaKey;
-	break;
-      /* what about normal DSA? */
-      case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-      case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-	hashalg = SEC_OID_SHA1;
-	signalg = SEC_OID_ANSIX9_DSA_SIGNATURE;
-	keyType = dsaKey;
-	break;
-      case SEC_OID_MISSI_DSS:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_KEA_DSS_OLD:
-      case SEC_OID_MISSI_DSS_OLD:
-	hashalg = SEC_OID_SHA1;
-	signalg = SEC_OID_MISSI_DSS; /* XXX Is there a better algid? */
-	keyType = fortezzaKey;
-	break;
-      /* we don't implement MD4 hashes. 
-       * we *CERTAINLY* don't want to sign one! */
-      case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return 0;
-    }
-
-    /* verify our key type */
-    if (key->keyType != keyType &&
-	!((key->keyType == dsaKey) && (keyType == fortezzaKey)) &&
-	!((key->keyType == fortezzaKey) && (keyType == dsaKey)) ) {
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	return 0;
-    }
-
-    cx = (SGNContext*) PORT_ZAlloc(sizeof(SGNContext));
-    if (cx) {
-	cx->hashalg = hashalg;
-	cx->signalg = signalg;
-	cx->key = key;
-    }
-    return cx;
-}
-
-void
-SGN_DestroyContext(SGNContext *cx, PRBool freeit)
-{
-    if (cx) {
-	if (cx->hashcx != NULL) {
-	    (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
-	    cx->hashcx = NULL;
-	}
-	if (freeit) {
-	    PORT_ZFree(cx, sizeof(SGNContext));
-	}
-    }
-}
-
-SECStatus
-SGN_Begin(SGNContext *cx)
-{
-    if (cx->hashcx != NULL) {
-	(*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
-	cx->hashcx = NULL;
-    }
-
-    switch (cx->hashalg) {
-      case SEC_OID_MD2:
-	cx->hashobj = &SECHashObjects[HASH_AlgMD2];
-	break;
-      case SEC_OID_MD5:
-	cx->hashobj = &SECHashObjects[HASH_AlgMD5];
-	break;
-      case SEC_OID_SHA1:
-	cx->hashobj = &SECHashObjects[HASH_AlgSHA1];
-	break;
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	return SECFailure;
-    }
-
-    cx->hashcx = (*cx->hashobj->create)();
-    if (cx->hashcx == NULL)
-	return SECFailure;
-
-    (*cx->hashobj->begin)(cx->hashcx);
-    return SECSuccess;
-}
-
-SECStatus
-SGN_Update(SGNContext *cx, unsigned char *input, unsigned inputLen)
-{
-    if (cx->hashcx == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    (*cx->hashobj->update)(cx->hashcx, input, inputLen);
-    return SECSuccess;
-}
-
-SECStatus
-SGN_End(SGNContext *cx, SECItem *result)
-{
-    unsigned char digest[32];
-    unsigned part1, signatureLen;
-    SECStatus rv;
-    SECItem digder, sigitem;
-    PRArenaPool *arena = 0;
-    SECKEYPrivateKey *privKey = cx->key;
-    SGNDigestInfo *di = 0;
-
-
-    result->data = 0;
-    digder.data = 0;
-
-    /* Finish up digest function */
-    if (cx->hashcx == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    (*cx->hashobj->end)(cx->hashcx, digest, &part1, sizeof(digest));
-
-
-    if (privKey->keyType == rsaKey) {
-
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if ( !arena ) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-    
-	/* Construct digest info */
-	di = SGN_CreateDigestInfo(cx->hashalg, digest, part1);
-	if (!di) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* Der encode the digest as a DigestInfo */
-	rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    } else {
-	digder.data = digest;
-	digder.len = part1;
-    }
-
-    /*
-    ** Encrypt signature after constructing appropriate PKCS#1 signature
-    ** block
-    */
-    signatureLen = PK11_SignatureLen(privKey);
-    sigitem.len = signatureLen;
-    sigitem.data = (unsigned char*) PORT_Alloc(signatureLen);
-
-    if (sigitem.data == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = PK11_Sign(privKey, &sigitem, &digder);
-    if (rv != SECSuccess) {
-	PORT_Free(sigitem.data);
-	sigitem.data = NULL;
-    }
-
-    if (cx->signalg == SEC_OID_ANSIX9_DSA_SIGNATURE) {
-	rv = DSAU_EncodeDerSig(result, &sigitem);
-	PORT_Free(sigitem.data);
-	if (rv != SECSuccess)
-	    goto loser;
-    } else {
-	result->len = sigitem.len;
-	result->data = sigitem.data;
-    }
-
-  loser:
-    SGN_DestroyDigestInfo(di);
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return rv;
-}
-
-/************************************************************************/
-
-/*
-** Sign a block of data returning in result a bunch of bytes that are the
-** signature. Returns zero on success, an error code on failure.
-*/
-SECStatus
-SEC_SignData(SECItem *res, unsigned char *buf, int len,
-	     SECKEYPrivateKey *pk, SECOidTag algid)
-{
-    SECStatus rv;
-    SGNContext *sgn;
-
-
-    sgn = SGN_NewContext(algid, pk);
-
-    if (sgn == NULL)
-	return SECFailure;
-
-    rv = SGN_Begin(sgn);
-    if (rv != SECSuccess)
-	goto loser;
-
-    rv = SGN_Update(sgn, buf, len);
-    if (rv != SECSuccess)
-	goto loser;
-
-    rv = SGN_End(sgn, res);
-
-  loser:
-    SGN_DestroyContext(sgn, PR_TRUE);
-    return rv;
-}
-
-/*
-** Sign the input file's contents returning in result a bunch of bytes
-** that are the signature. Returns zero on success, an error code on
-** failure.
-*/
-SECStatus
-SEC_SignFile(SECItem *result, FILE *input, 
-	     SECKEYPrivateKey *pk, SECOidTag algid)
-{
-    unsigned char buf[1024];
-    SECStatus rv;
-    int nb;
-    SGNContext *sgn;
-
-    sgn = SGN_NewContext(algid, pk);
-    if (sgn == NULL)
-	return SECFailure;
-    rv = SGN_Begin(sgn);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-    ** Now feed the contents of the input file into the digest
-    ** algorithm, one chunk at a time, until we have exhausted the
-    ** input
-    */
-    for (;;) {
-	if (feof(input)) break;
-	nb = fread(buf, 1, sizeof(buf), input);
-	if (nb == 0) {
-	    if (ferror(input)) {
-		PORT_SetError(SEC_ERROR_IO);
-		rv = SECFailure;
-		goto loser;
-	    }
-	    break;
-	}
-	rv = SGN_Update(sgn, buf, nb);
-	if (rv != SECSuccess)
-	    goto loser;
-    }
-
-    /* Sign the digest */
-    rv = SGN_End(sgn, result);
-    /* FALL THROUGH */
-
-  loser:
-    SGN_DestroyContext(sgn, PR_TRUE);
-    return rv;
-}
-
-/************************************************************************/
-    
-DERTemplate CERTSignedDataTemplate[] =
-{
-    { DER_SEQUENCE,
-	  0, NULL, sizeof(CERTSignedData) },
-    { DER_ANY,
-	  offsetof(CERTSignedData,data), },
-    { DER_INLINE,
-	  offsetof(CERTSignedData,signatureAlgorithm),
-	  SECAlgorithmIDTemplate, },
-    { DER_BIT_STRING,
-	  offsetof(CERTSignedData,signature), },
-    { 0, }
-};
-
-const SEC_ASN1Template CERT_SignedDataTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTSignedData) },
-    { SEC_ASN1_ANY,
-	  offsetof(CERTSignedData,data), },
-    { SEC_ASN1_INLINE,
-	  offsetof(CERTSignedData,signatureAlgorithm),
-	  SECOID_AlgorithmIDTemplate, },
-    { SEC_ASN1_BIT_STRING,
-	  offsetof(CERTSignedData,signature), },
-    { 0, }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedDataTemplate)
-
-
-SECStatus
-SEC_DerSignData(PRArenaPool *arena, SECItem *result, 
-	unsigned char *buf, int len, SECKEYPrivateKey *pk, SECOidTag algID)
-{
-    SECItem it;
-    CERTSignedData sd;
-    SECStatus rv;
-
-    it.data = 0;
-
-    /* XXX We should probably have some asserts here to make sure the key type
-     * and algID match
-     */
-
-    if (algID == SEC_OID_UNKNOWN) {
-	switch(pk->keyType) {
-	  case rsaKey:
-	    algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-	    break;
-	  case dsaKey:
-	    algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-	    break;
-	  default:
-	    return SECFailure;
-	    break;
-	}
-    }
-
-    /* Sign input buffer */
-    rv = SEC_SignData(&it, buf, len, pk, algID);
-    if (rv) goto loser;
-
-    /* Fill out SignedData object */
-    PORT_Memset(&sd, 0, sizeof(sd));
-    sd.data.data = buf;
-    sd.data.len = len;
-    sd.signature.data = it.data;
-    sd.signature.len = it.len << 3;		/* convert to bit string */
-    rv = SECOID_SetAlgorithmID(arena, &sd.signatureAlgorithm, algID, 0);
-    if (rv) goto loser;
-
-    /* DER encode the signed data object */
-    rv = DER_Encode(arena, result, CERTSignedDataTemplate, &sd);
-    /* FALL THROUGH */
-
-  loser:
-    PORT_Free(it.data);
-    return rv;
-}
-
-SECStatus
-SGN_Digest(SECKEYPrivateKey *privKey,
-		SECOidTag algtag, SECItem *result, SECItem *digest)
-{
-    unsigned modulusLen;
-    SECStatus rv;
-    SECItem digder;
-    PRArenaPool *arena = 0;
-    SGNDigestInfo *di = 0;
-
-
-    result->data = 0;
-
-    if (privKey->keyType == rsaKey) {
-
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if ( !arena ) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-    
-	/* Construct digest info */
-	di = SGN_CreateDigestInfo(algtag, digest->data, digest->len);
-	if (!di) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* Der encode the digest as a DigestInfo */
-	rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    } else {
-	digder.data = digest->data;
-	digder.len = digest->len;
-    }
-
-    /*
-    ** Encrypt signature after constructing appropriate PKCS#1 signature
-    ** block
-    */
-    modulusLen = PK11_SignatureLen(privKey);
-    result->len = modulusLen;
-    result->data = (unsigned char*) PORT_Alloc(modulusLen);
-
-    if (result->data == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = PK11_Sign(privKey, result, &digder);
-    if (rv != SECSuccess) {
-	PORT_Free(result->data);
-	result->data = NULL;
-    }
-
-  loser:
-    SGN_DestroyDigestInfo(di);
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return rv;
-}
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c
deleted file mode 100644
index bf63dd070..000000000
--- a/security/nss/lib/cryptohi/secvfy.c
+++ /dev/null
@@ -1,494 +0,0 @@
-/*
- * Verification stuff.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include "cryptohi.h"
-#include "sechash.h"
-#include "keyhi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secdig.h"
-#include "secerr.h"
-
-/*
-** Decrypt signature block using public key (in place)
-** XXX this is assuming that the signature algorithm has WITH_RSA_ENCRYPTION
-*/
-static SECStatus
-DecryptSigBlock(int *tagp, unsigned char *digest, SECKEYPublicKey *key,
-		SECItem *sig, char *wincx)
-{
-    SGNDigestInfo *di   = NULL;
-    unsigned char *dsig = NULL;
-    unsigned char *buf  = NULL;
-    SECStatus      rv;
-    SECOidTag      tag;
-    SECItem        it;
-
-    if (key == NULL) goto loser;
-
-    it.len  = SECKEY_PublicKeyStrength(key);
-    if (!it.len) goto loser;
-    it.data = buf = (unsigned char *)PORT_Alloc(it.len);
-    if (!buf) goto loser;
-
-    /* Decrypt signature block */
-    dsig = (unsigned char*) PORT_Alloc(sig->len);
-    if (dsig == NULL) goto loser;
-
-    /* decrypt the block */
-    rv = PK11_VerifyRecover(key, sig, &it, wincx);
-    if (rv != SECSuccess) goto loser;
-
-    di = SGN_DecodeDigestInfo(&it);
-    if (di == NULL) goto sigloser;
-
-    /*
-    ** Finally we have the digest info; now we can extract the algorithm
-    ** ID and the signature block
-    */
-    tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm);
-    /* XXX Check that tag is an appropriate algorithm? */
-    if (di->digest.len > 32) {
-	PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-	goto loser;
-    }
-    PORT_Memcpy(digest, di->digest.data, di->digest.len);
-    *tagp = tag;
-    goto done;
-
-  sigloser:
-    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-
-  loser:
-    rv = SECFailure;
-
-  done:
-    if (di   != NULL) SGN_DestroyDigestInfo(di);
-    if (dsig != NULL) PORT_Free(dsig);
-    if (buf  != NULL) PORT_Free(buf);
-    
-    return rv;
-}
-
-typedef enum { VFY_RSA, VFY_DSA} VerifyType;
-
-struct VFYContextStr {
-    SECOidTag alg;
-    VerifyType type;
-    SECKEYPublicKey *key;
-    /* digest holds the full dsa signature... 40 bytes */
-    unsigned char digest[DSA_SIGNATURE_LEN];
-    void * wincx;
-    void *hashcx;
-    const SECHashObject *hashobj;
-    SECOidTag sigAlg;
-    PRBool hasSignature;
-};
-
-/*
- * decode the DSA signature from it's DER wrapping.
- */
-static SECStatus
-decodeDSASignature(SECOidTag algid, SECItem *sig, unsigned char *digest) {
-    SECItem *dsasig = NULL;
-    SECStatus rv=SECSuccess;
-
-    /* if this is a DER encoded signature, decode it first */
-    if ((algid == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
-	(algid == SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
-	(algid == SEC_OID_ANSIX9_DSA_SIGNATURE)) {
-	dsasig = DSAU_DecodeDerSig(sig);
-	if ((dsasig == NULL) || (dsasig->len != DSA_SIGNATURE_LEN)) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	PORT_Memcpy(digest, dsasig->data, dsasig->len);
-    } else {
-	if (sig->len != DSA_SIGNATURE_LEN) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	PORT_Memcpy(digest, sig->data, sig->len);
-    }
-
-loser:
-    if (dsasig != NULL)
-	SECITEM_FreeItem(dsasig, PR_TRUE);
-    return rv;
-     
-}
-/*
- * Pulls the hash algorithm, signing algorithm, and key type out of a
- * composite algorithm.
- *
- * alg: the composite algorithm to dissect.
- * hashalg: address of a SECOidTag which will be set with the hash algorithm.
- * signalg: address of a SECOidTag which will be set with the signing alg.
- * keyType: address of a KeyType which will be set with the key type.
- * Returns: SECSuccess if the algorithm was acceptable, SECFailure if the
- *	algorithm was not found or was not a signing algorithm.
- */
-static SECStatus
-decodeSigAlg(SECOidTag alg, SECOidTag *hashalg)
-{
-    PR_ASSERT(hashalg!=NULL);
-
-    switch (alg) {
-      /* We probably shouldn't be generating MD2 signatures either */
-      case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
-        *hashalg = SEC_OID_MD2;
-	return SECSuccess;
-      case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
-        *hashalg = SEC_OID_MD5;
-	return SECSuccess;
-      case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
-      case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
-        *hashalg = SEC_OID_SHA1;
-	return SECSuccess;
-      /* what about normal DSA? */
-      case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-      case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-        *hashalg = SEC_OID_SHA1;
-	return SECSuccess;
-      case SEC_OID_MISSI_DSS:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_KEA_DSS_OLD:
-      case SEC_OID_MISSI_DSS_OLD:
-        *hashalg = SEC_OID_SHA1;
-	return SECSuccess;
-      /* we don't implement MD4 hashes */
-      case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
-      default:
-        break;
-    }
-    return SECFailure;
-}
-
-VFYContext *
-VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig, SECOidTag algid,
-		  void *wincx)
-{
-    VFYContext *cx;
-    SECStatus rv;
-
-    cx = (VFYContext*) PORT_ZAlloc(sizeof(VFYContext));
-    if (cx) {
-        cx->wincx = wincx;
-	cx->hasSignature = (sig != NULL);
-	cx->sigAlg = algid;
-	rv = SECSuccess;
-	switch (key->keyType) {
-	  case rsaKey:
-	    cx->type = VFY_RSA;
-	    cx->key = SECKEY_CopyPublicKey(key); /* extra safety precautions */
-	    if (sig) {
-		int hashid;
-	    	rv = DecryptSigBlock(&hashid, &cx->digest[0], 
-						key, sig, (char*)wincx);
-		cx->alg = hashid;
-	    } else {
-		rv = decodeSigAlg(algid,&cx->alg);
-	    }
-	    break;
-	  case fortezzaKey:
-	  case dsaKey:
-	    cx->type = VFY_DSA;
-	    cx->alg = SEC_OID_SHA1;
-	    cx->key = SECKEY_CopyPublicKey(key);
-	    if (sig) {
-	    	rv = decodeDSASignature(algid,sig,&cx->digest[0]);
-	    }
-	    break;
-	  default:
-	    rv = SECFailure;
-	    break;
-	}
-	if (rv) goto loser;
-	switch (cx->alg) {
-	  case SEC_OID_MD2:
-	  case SEC_OID_MD5:
-	  case SEC_OID_SHA1:
-	    break;
-	  default:
-	    PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	    goto loser;
-	}
-    }
-    return cx;
-
-  loser:
-    VFY_DestroyContext(cx, PR_TRUE);
-    return 0;
-}
-
-void
-VFY_DestroyContext(VFYContext *cx, PRBool freeit)
-{
-    if (cx) {
-	if (cx->hashcx != NULL) {
-	    (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
-	    cx->hashcx = NULL;
-	}
-	if (cx->key) {
-	    SECKEY_DestroyPublicKey(cx->key);
-	}
-	if (freeit) {
-	    PORT_ZFree(cx, sizeof(VFYContext));
-	}
-    }
-}
-
-SECStatus
-VFY_Begin(VFYContext *cx)
-{
-    if (cx->hashcx != NULL) {
-	(*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
-	cx->hashcx = NULL;
-    }
-
-    switch (cx->alg) {
-      case SEC_OID_MD2:
-	cx->hashobj = &SECHashObjects[HASH_AlgMD2];
-	break;
-      case SEC_OID_MD5:
-	cx->hashobj = &SECHashObjects[HASH_AlgMD5];
-	break;
-      case SEC_OID_SHA1:
-	cx->hashobj = &SECHashObjects[HASH_AlgSHA1];
-	break;
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	return SECFailure;
-    }
-
-    cx->hashcx = (*cx->hashobj->create)();
-    if (cx->hashcx == NULL)
-	return SECFailure;
-
-    (*cx->hashobj->begin)(cx->hashcx);
-    return SECSuccess;
-}
-
-SECStatus
-VFY_Update(VFYContext *cx, unsigned char *input, unsigned inputLen)
-{
-    if (cx->hashcx == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    (*cx->hashobj->update)(cx->hashcx, input, inputLen);
-    return SECSuccess;
-}
-
-SECStatus
-VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
-{
-    unsigned char final[32];
-    unsigned part;
-    SECItem hash,dsasig;
-    SECStatus rv;
-
-    if ((cx->hasSignature == PR_FALSE) && (sig == NULL)) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    if (cx->hashcx == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    (*cx->hashobj->end)(cx->hashcx, final, &part, sizeof(final));
-    switch (cx->type) {
-      case VFY_DSA:
-	if (sig) {
-	    rv = decodeDSASignature(cx->sigAlg,sig,&cx->digest[0]);
-	    if (rv != SECSuccess) {
-		PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-		return SECFailure;
-	    }
-	} 
-	dsasig.data = cx->digest;
-	dsasig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
-	hash.data = final;
-	hash.len = part;
-	if (PK11_Verify(cx->key,&dsasig,&hash,cx->wincx) != SECSuccess) {
-		PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-		return SECFailure;
-	}
-	break;
-      case VFY_RSA:
-	if (sig) {
-	    int hashid;
-	    rv = DecryptSigBlock(&hashid, &cx->digest[0], 
-					    cx->key, sig, (char*)cx->wincx);
-	    if ((rv != SECSuccess) || (hashid != cx->alg)) {
-		PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-		return SECFailure;
-	    }
-	}
-	if (PORT_Memcmp(final, cx->digest, part)) {
-	    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-	    return SECFailure;
-	}
-	break;
-      default:
-	PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-	return SECFailure; /* shouldn't happen */
-    }
-    return SECSuccess;
-}
-
-SECStatus
-VFY_End(VFYContext *cx)
-{
-    return VFY_EndWithSignature(cx,NULL);
-}
-
-/************************************************************************/
-/*
- * Verify that a previously-computed digest matches a signature.
- * XXX This should take a parameter that specifies the digest algorithm,
- * and we should compare that the algorithm found in the DigestInfo
- * matches it!
- */
-SECStatus
-VFY_VerifyDigest(SECItem *digest, SECKEYPublicKey *key, SECItem *sig,
-		 SECOidTag algid, void *wincx)
-{
-    SECStatus rv;
-    VFYContext *cx;
-    SECItem dsasig;
-
-    rv = SECFailure;
-
-    cx = VFY_CreateContext(key, sig, algid, wincx);
-    if (cx != NULL) {
-	switch (key->keyType) {
-	case rsaKey:
-	    if (PORT_Memcmp(digest->data, cx->digest, digest->len)) {
-		PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-	    } else {
-		rv = SECSuccess;
-	    }
-	    break;
-	case fortezzaKey:
-	case dsaKey:
-	    dsasig.data = &cx->digest[0];
-	    dsasig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
-	    if (PK11_Verify(cx->key, &dsasig, digest, cx->wincx) != SECSuccess) {
-		PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-	    } else {
-		rv = SECSuccess;
-	    }
-	    break;
-	default:
-	    break;
-	}
-	VFY_DestroyContext(cx, PR_TRUE);
-    }
-    return rv;
-}
-
-SECStatus
-VFY_VerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
-	       SECItem *sig, SECOidTag algid, void *wincx)
-{
-    SECStatus rv;
-    VFYContext *cx;
-
-    cx = VFY_CreateContext(key, sig, algid, wincx);
-    if (cx == NULL)
-	return SECFailure;
-
-    rv = VFY_Begin(cx);
-    if (rv == SECSuccess) {
-	rv = VFY_Update(cx, buf, len);
-	if (rv == SECSuccess)
-	    rv = VFY_End(cx);
-    }
-
-    VFY_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
-
-SECStatus
-SEC_VerifyFile(FILE *input, SECKEYPublicKey *key, SECItem *sig,
-	       SECOidTag algid, void *wincx)
-{
-    unsigned char buf[1024];
-    SECStatus rv;
-    int nb;
-    VFYContext *cx;
-
-    cx = VFY_CreateContext(key, sig, algid, wincx);
-    if (cx == NULL)
-	rv = SECFailure;
-
-    rv = VFY_Begin(cx);
-    if (rv == SECSuccess) {
-	/*
-	 * Now feed the contents of the input file into the digest algorithm,
-	 * one chunk at a time, until we have exhausted the input.
-	 */
-	for (;;) {
-	    if (feof(input))
-		break;
-	    nb = fread(buf, 1, sizeof(buf), input);
-	    if (nb == 0) {
-		if (ferror(input)) {
-		    PORT_SetError(SEC_ERROR_IO);
-		    VFY_DestroyContext(cx, PR_TRUE);
-		    return SECFailure;
-		}
-		break;
-	    }
-	    rv = VFY_Update(cx, buf, nb);
-	    if (rv != SECSuccess)
-		goto loser;
-	}
-    }
-
-    /* Verify the digest */
-    rv = VFY_End(cx);
-    /* FALL THROUGH */
-
-  loser:
-    VFY_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
diff --git a/security/nss/lib/dev/Makefile b/security/nss/lib/dev/Makefile
deleted file mode 100644
index cd7561ce6..000000000
--- a/security/nss/lib/dev/Makefile
+++ /dev/null
@@ -1,53 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# ckhelper.c in 64-bit mode for unknown reasons.  A workaround is
-# to compile it with optimizations turned on.  (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/ckhelper.o: ckhelper.c
-	@$(MAKE_OBJDIR)
-	$(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
-
-export:: private_export
diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c
deleted file mode 100644
index 1f3f1e3bc..000000000
--- a/security/nss/lib/dev/ckhelper.c
+++ /dev/null
@@ -1,722 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-static const CK_BBOOL s_true = CK_TRUE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_true = { (CK_VOID_PTR)&s_true, sizeof(s_true) };
-
-static const CK_BBOOL s_false = CK_FALSE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_false = { (CK_VOID_PTR)&s_false, sizeof(s_false) };
-
-static const CK_OBJECT_CLASS s_class_cert = CKO_CERTIFICATE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_cert = { (CK_VOID_PTR)&s_class_cert, sizeof(s_class_cert) };
-
-static const CK_OBJECT_CLASS s_class_pubkey = CKO_PUBLIC_KEY;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_pubkey = { (CK_VOID_PTR)&s_class_pubkey, sizeof(s_class_pubkey) };
-
-static const CK_OBJECT_CLASS s_class_privkey = CKO_PRIVATE_KEY;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_privkey = { (CK_VOID_PTR)&s_class_privkey, sizeof(s_class_privkey) };
-
-static PRBool
-is_string_attribute
-(
-  CK_ATTRIBUTE_TYPE aType
-)
-{
-    PRBool isString;
-    switch (aType) {
-    case CKA_LABEL:
-    case CKA_NETSCAPE_EMAIL:
-	isString = PR_TRUE;
-	break;
-    default:
-	isString = PR_FALSE;
-	break;
-    }
-    return isString;
-}
-
-NSS_IMPLEMENT PRStatus 
-nssCKObject_GetAttributes
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_PTR obj_template,
-  CK_ULONG count,
-  NSSArena *arenaOpt,
-  nssSession *session,
-  NSSSlot *slot
-)
-{
-    nssArenaMark *mark = NULL;
-    CK_SESSION_HANDLE hSession;
-    CK_ULONG i = 0;
-    CK_RV ckrv;
-    PRStatus nssrv;
-    PRBool alloced = PR_FALSE;
-    void *epv = nssSlot_GetCryptokiEPV(slot);
-    hSession = session->handle; 
-    if (arenaOpt) {
-	mark = nssArena_Mark(arenaOpt);
-	if (!mark) {
-	    goto loser;
-	}
-    }
-    nssSession_EnterMonitor(session);
-    /* XXX kinda hacky, if the storage size is already in the first template
-     * item, then skip the alloc portion
-     */
-    if (obj_template[0].ulValueLen == 0) {
-	/* Get the storage size needed for each attribute */
-	ckrv = CKAPI(epv)->C_GetAttributeValue(hSession,
-	                                       object, obj_template, count);
-	if (ckrv != CKR_OK && 
-	    ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
-	    ckrv != CKR_ATTRIBUTE_SENSITIVE) 
-	{
-	    nssSession_ExitMonitor(session);
-	    /* set an error here */
-	    goto loser;
-	}
-	/* Allocate memory for each attribute. */
-	for (i=0; i<count; i++) {
-	    CK_ULONG ulValueLen = obj_template[i].ulValueLen;
-	    if (ulValueLen == 0) continue;
-	    if (ulValueLen == (CK_ULONG) -1) {
-		obj_template[i].ulValueLen = 0;
-		continue;
-	    }
-	    if (is_string_attribute(obj_template[i].type)) {
-		ulValueLen++;
-	    }
-	    obj_template[i].pValue = nss_ZAlloc(arenaOpt, ulValueLen);
-	    if (!obj_template[i].pValue) {
-		nssSession_ExitMonitor(session);
-		goto loser;
-	    }
-	}
-	alloced = PR_TRUE;
-    }
-    /* Obtain the actual attribute values. */
-    ckrv = CKAPI(epv)->C_GetAttributeValue(hSession,
-                                           object, obj_template, count);
-    nssSession_ExitMonitor(session);
-    if (ckrv != CKR_OK && 
-        ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
-        ckrv != CKR_ATTRIBUTE_SENSITIVE) 
-    {
-	/* set an error here */
-	goto loser;
-    }
-    if (alloced && arenaOpt) {
-	nssrv = nssArena_Unmark(arenaOpt, mark);
-	if (nssrv != PR_SUCCESS) {
-	    goto loser;
-	}
-    }
-
-    if (count > 1 && ((ckrv == CKR_ATTRIBUTE_TYPE_INVALID) || 
-					(ckrv == CKR_ATTRIBUTE_SENSITIVE))) {
-	/* old tokens would keep the length of '0' and not deal with any
-	 * of the attributes we passed. For those tokens read them one at
-	 * a time */
-	for (i=0; i < count; i++) {
-	    if ((obj_template[i].ulValueLen == 0) 
-				|| (obj_template[i].ulValueLen == -1)) {
-		obj_template[i].ulValueLen=0;
-		(void) nssCKObject_GetAttributes(object,&obj_template[i], 1,
-			arenaOpt, session, slot);
-	    }
-	}
-    }
-    return PR_SUCCESS;
-loser:
-    if (alloced) {
-	if (arenaOpt) {
-	    /* release all arena memory allocated before the failure. */
-	    (void)nssArena_Release(arenaOpt, mark);
-	} else {
-	    CK_ULONG j;
-	    /* free each heap object that was allocated before the failure. */
-	    for (j=0; j<i; j++) {
-		nss_ZFreeIf(obj_template[j].pValue);
-	    }
-	}
-    }
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_GetAttributeItem
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSArena *arenaOpt,
-  nssSession *session,
-  NSSSlot *slot,
-  NSSItem *rvItem
-)
-{
-    CK_ATTRIBUTE attr = { 0, NULL, 0 };
-    PRStatus nssrv;
-    attr.type = attribute;
-    nssrv = nssCKObject_GetAttributes(object, &attr, 1, 
-                                      arenaOpt, session, slot);
-    if (nssrv != PR_SUCCESS) {
-	return nssrv;
-    }
-    rvItem->data = (void *)attr.pValue;
-    rvItem->size = (PRUint32)attr.ulValueLen;
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRBool
-nssCKObject_IsAttributeTrue
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_TYPE attribute,
-  nssSession *session,
-  NSSSlot *slot,
-  PRStatus *rvStatus
-)
-{
-    CK_BBOOL bool;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE atemplate = { 0, NULL, 0 };
-    CK_RV ckrv;
-    void *epv = nssSlot_GetCryptokiEPV(slot);
-    attr = &atemplate;
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, attribute, bool);
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_GetAttributeValue(session->handle, object, 
-                                           &atemplate, 1);
-    nssSession_ExitMonitor(session);
-    if (ckrv != CKR_OK) {
-	*rvStatus = PR_FAILURE;
-	return PR_FALSE;
-    }
-    *rvStatus = PR_SUCCESS;
-    return (PRBool)(bool == CK_TRUE);
-}
-
-NSS_IMPLEMENT PRStatus 
-nssCKObject_SetAttributes
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_PTR obj_template,
-  CK_ULONG count,
-  nssSession *session,
-  NSSSlot  *slot
-)
-{
-    CK_RV ckrv;
-    void *epv = nssSlot_GetCryptokiEPV(slot);
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle, object, 
-                                           obj_template, count);
-    nssSession_ExitMonitor(session);
-    if (ckrv == CKR_OK) {
-	return PR_SUCCESS;
-    } else {
-	return PR_FAILURE;
-    }
-}
-
-NSS_IMPLEMENT PRBool
-nssCKObject_IsTokenObjectTemplate
-(
-  CK_ATTRIBUTE_PTR objectTemplate, 
-  CK_ULONG otsize
-)
-{
-    CK_ULONG ul;
-    for (ul=0; ul<otsize; ul++) {
-	if (objectTemplate[ul].type == CKA_TOKEN) {
-	    return (*((CK_BBOOL*)objectTemplate[ul].pValue) == CK_TRUE);
-	}
-    }
-    return PR_FALSE;
-}
-
-static NSSCertificateType
-nss_cert_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
-{
-    CK_CERTIFICATE_TYPE ckCertType;
-    if (!attrib->pValue) {
-	/* default to PKIX */
-	return NSSCertificateType_PKIX;
-    }
-    ckCertType = *((CK_ULONG *)attrib->pValue);
-    switch (ckCertType) {
-    case CKC_X_509:
-	return NSSCertificateType_PKIX;
-    default:
-	break;
-    }
-    return NSSCertificateType_Unknown;
-}
-
-/* incoming pointers must be valid */
-NSS_IMPLEMENT PRStatus
-nssCryptokiCertificate_GetAttributes
-(
-  nssCryptokiObject *certObject,
-  nssSession *sessionOpt,
-  NSSArena *arenaOpt,
-  NSSCertificateType *certTypeOpt,
-  NSSItem *idOpt,
-  NSSDER *encodingOpt,
-  NSSDER *issuerOpt,
-  NSSDER *serialOpt,
-  NSSDER *subjectOpt,
-  NSSASCII7 **emailOpt
-)
-{
-    PRStatus status;
-    PRUint32 i;
-    nssSession *session;
-    NSSSlot *slot;
-    CK_ULONG template_size;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE cert_template[7];
-    /* Set up a template of all options chosen by caller */
-    NSS_CK_TEMPLATE_START(cert_template, attr, template_size);
-    if (certTypeOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_CERTIFICATE_TYPE);
-    }
-    if (idOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
-    }
-    if (encodingOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
-    }
-    if (issuerOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ISSUER);
-    }
-    if (serialOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SERIAL_NUMBER);
-    }
-    if (subjectOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_SUBJECT);
-    }
-    if (emailOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NETSCAPE_EMAIL);
-    }
-    NSS_CK_TEMPLATE_FINISH(cert_template, attr, template_size);
-    if (template_size == 0) {
-	/* caller didn't want anything */
-	return PR_SUCCESS;
-    }
-
-    status = nssToken_GetCachedObjectAttributes(certObject->token, arenaOpt,
-                                                certObject, CKO_CERTIFICATE,
-                                                cert_template, template_size);
-    if (status != PR_SUCCESS) {
-
-	session = sessionOpt ? 
-	          sessionOpt : 
-	          nssToken_GetDefaultSession(certObject->token);
-
-	slot = nssToken_GetSlot(certObject->token);
-	status = nssCKObject_GetAttributes(certObject->handle, 
-	                                   cert_template, template_size,
-	                                   arenaOpt, session, slot);
-	nssSlot_Destroy(slot);
-	if (status != PR_SUCCESS) {
-	    return status;
-	}
-    }
-
-    i=0;
-    if (certTypeOpt) {
-	*certTypeOpt = nss_cert_type_from_ck_attrib(&cert_template[i]); i++;
-    }
-    if (idOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], idOpt); i++;
-    }
-    if (encodingOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], encodingOpt); i++;
-    }
-    if (issuerOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], issuerOpt); i++;
-    }
-    if (serialOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], serialOpt); i++;
-    }
-    if (subjectOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[i], subjectOpt); i++;
-    }
-    if (emailOpt) {
-	NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[i], *emailOpt); i++;
-    }
-    return PR_SUCCESS;
-}
-
-#ifdef PURE_STAN_BUILD
-static NSSKeyPairType
-nss_key_pair_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
-{
-    CK_KEY_TYPE ckKeyType;
-    PR_ASSERT(attrib->pValue);
-    ckKeyType = *((CK_ULONG *)attrib->pValue);
-    switch (ckKeyType) {
-    case CKK_RSA: return NSSKeyPairType_RSA;
-    case CKK_DSA: return NSSKeyPairType_DSA;
-    default: break;
-    }
-    return NSSKeyPairType_Unknown;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiPrivateKey_GetAttributes
-(
-  nssCryptokiObject *keyObject,
-  nssSession *sessionOpt,
-  NSSArena *arenaOpt,
-  NSSKeyPairType *keyTypeOpt,
-  NSSItem *idOpt
-)
-{
-    PRStatus status;
-    PRUint32 i;
-    nssSession *session;
-    NSSSlot *slot;
-    CK_ULONG template_size;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE key_template[2];
-    /* Set up a template of all options chosen by caller */
-    NSS_CK_TEMPLATE_START(key_template, attr, template_size);
-    if (keyTypeOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_KEY_TYPE);
-    }
-    if (idOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
-    }
-    NSS_CK_TEMPLATE_FINISH(key_template, attr, template_size);
-    if (template_size == 0) {
-	/* caller didn't want anything */
-	return PR_SUCCESS;
-    }
-
-    session = sessionOpt ? 
-              sessionOpt : 
-              nssToken_GetDefaultSession(keyObject->token);
-
-    slot = nssToken_GetSlot(keyObject->token);
-    status = nssCKObject_GetAttributes(keyObject->handle, 
-                                       key_template, template_size,
-                                       arenaOpt, session, slot);
-    nssSlot_Destroy(slot);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-
-    i=0;
-    if (keyTypeOpt) {
-	*keyTypeOpt = nss_key_pair_type_from_ck_attrib(&key_template[i]); i++;
-    }
-    if (idOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&key_template[i], idOpt); i++;
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiPublicKey_GetAttributes
-(
-  nssCryptokiObject *keyObject,
-  nssSession *sessionOpt,
-  NSSArena *arenaOpt,
-  NSSKeyPairType *keyTypeOpt,
-  NSSItem *idOpt
-)
-{
-    PRStatus status;
-    PRUint32 i;
-    nssSession *session;
-    NSSSlot *slot;
-    CK_ULONG template_size;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE key_template[2];
-    /* Set up a template of all options chosen by caller */
-    NSS_CK_TEMPLATE_START(key_template, attr, template_size);
-    if (keyTypeOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_KEY_TYPE);
-    }
-    if (idOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_ID);
-    }
-    NSS_CK_TEMPLATE_FINISH(key_template, attr, template_size);
-    if (template_size == 0) {
-	/* caller didn't want anything */
-	return PR_SUCCESS;
-    }
-
-    session = sessionOpt ? 
-              sessionOpt : 
-              nssToken_GetDefaultSession(keyObject->token);
-
-    slot = nssToken_GetSlot(keyObject->token);
-    status = nssCKObject_GetAttributes(keyObject->handle, 
-                                       key_template, template_size,
-                                       arenaOpt, session, slot);
-    nssSlot_Destroy(slot);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-
-    i=0;
-    if (keyTypeOpt) {
-	*keyTypeOpt = nss_key_pair_type_from_ck_attrib(&key_template[i]); i++;
-    }
-    if (idOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&key_template[i], idOpt); i++;
-    }
-    return PR_SUCCESS;
-}
-#endif /* PURE_STAN_BUILD */
-
-static nssTrustLevel 
-get_nss_trust
-(
-  CK_TRUST ckt
-)
-{
-    nssTrustLevel t;
-    switch (ckt) {
-    case CKT_NETSCAPE_UNTRUSTED: t = nssTrustLevel_NotTrusted; break;
-    case CKT_NETSCAPE_TRUSTED_DELEGATOR: t = nssTrustLevel_TrustedDelegator; 
-	break;
-    case CKT_NETSCAPE_VALID_DELEGATOR: t = nssTrustLevel_ValidDelegator; break;
-    case CKT_NETSCAPE_TRUSTED: t = nssTrustLevel_Trusted; break;
-    case CKT_NETSCAPE_VALID: t = nssTrustLevel_Valid; break;
-    case CKT_NETSCAPE_MUST_VERIFY:
-    case CKT_NETSCAPE_TRUST_UNKNOWN:
-    default:
-	t = nssTrustLevel_Unknown; break;
-    }
-    return t;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiTrust_GetAttributes
-(
-  nssCryptokiObject *trustObject,
-  nssSession *sessionOpt,
-  nssTrustLevel *serverAuth,
-  nssTrustLevel *clientAuth,
-  nssTrustLevel *codeSigning,
-  nssTrustLevel *emailProtection
-)
-{
-    PRStatus status;
-    NSSSlot *slot;
-    nssSession *session;
-    CK_BBOOL isToken;
-    CK_TRUST saTrust, caTrust, epTrust, csTrust;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE trust_template[5];
-    CK_ULONG trust_size;
-
-    /* Use the trust object to find the trust settings */
-    NSS_CK_TEMPLATE_START(trust_template, attr, trust_size);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TOKEN,                  isToken);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_SERVER_AUTH,      saTrust);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH,      caTrust);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, epTrust);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING,     csTrust);
-    NSS_CK_TEMPLATE_FINISH(trust_template, attr, trust_size);
-
-    status = nssToken_GetCachedObjectAttributes(trustObject->token, NULL,
-                                                trustObject, 
-                                                CKO_NETSCAPE_TRUST,
-                                                trust_template, trust_size);
-    if (status != PR_SUCCESS) {
-	session = sessionOpt ? 
-	          sessionOpt : 
-	          nssToken_GetDefaultSession(trustObject->token);
-
-	slot = nssToken_GetSlot(trustObject->token);
-	status = nssCKObject_GetAttributes(trustObject->handle,
-	                                   trust_template, trust_size,
-	                                   NULL, session, slot);
-	nssSlot_Destroy(slot);
-	if (status != PR_SUCCESS) {
-	    return status;
-	}
-    }
-
-    *serverAuth = get_nss_trust(saTrust);
-    *clientAuth = get_nss_trust(caTrust);
-    *emailProtection = get_nss_trust(epTrust);
-    *codeSigning = get_nss_trust(csTrust);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiCRL_GetAttributes
-(
-  nssCryptokiObject *crlObject,
-  nssSession *sessionOpt,
-  NSSArena *arenaOpt,
-  NSSItem *encodingOpt,
-  NSSUTF8 **urlOpt,
-  PRBool *isKRLOpt
-)
-{
-    PRStatus status;
-    NSSSlot *slot;
-    nssSession *session;
-    CK_BBOOL isToken;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE crl_template[5];
-    CK_ULONG crl_size;
-    PRUint32 i;
-
-    NSS_CK_TEMPLATE_START(crl_template, attr, crl_size);
-    /* NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TOKEN, isToken); */
-    if (encodingOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_VALUE);
-    }
-    if (urlOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NETSCAPE_URL);
-    }
-    if (isKRLOpt) {
-	NSS_CK_SET_ATTRIBUTE_NULL(attr, CKA_NETSCAPE_KRL);
-    }
-    NSS_CK_TEMPLATE_FINISH(crl_template, attr, crl_size);
-
-    status = nssToken_GetCachedObjectAttributes(crlObject->token, NULL,
-                                                crlObject, 
-                                                CKO_NETSCAPE_CRL,
-                                                crl_template, crl_size);
-    if (status != PR_SUCCESS) {
-	session = sessionOpt ? 
-	          sessionOpt : 
-	          nssToken_GetDefaultSession(crlObject->token);
-
-	slot = nssToken_GetSlot(crlObject->token);
-	status = nssCKObject_GetAttributes(crlObject->handle, 
-	                                   crl_template, crl_size,
-	                                   arenaOpt, session, slot);
-	nssSlot_Destroy(slot);
-	if (status != PR_SUCCESS) {
-	    return status;
-	}
-    }
-
-    i=0;
-    if (encodingOpt) {
-	NSS_CK_ATTRIBUTE_TO_ITEM(&crl_template[i], encodingOpt); i++;
-    }
-    if (urlOpt) {
-	NSS_CK_ATTRIBUTE_TO_UTF8(&crl_template[i], *urlOpt); i++;
-    }
-    if (isKRLOpt) {
-	NSS_CK_ATTRIBUTE_TO_BOOL(&crl_template[i], *isKRLOpt); i++;
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptokiPrivateKey_SetCertificate
-(
-  nssCryptokiObject *keyObject,
-  nssSession *sessionOpt,
-  NSSUTF8 *nickname,
-  NSSItem *id,
-  NSSDER *subject
-)
-{
-    CK_RV ckrv;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE key_template[3];
-    CK_ULONG key_size;
-    void *epv = nssToken_GetCryptokiEPV(keyObject->token);
-    nssSession *session;
-    NSSToken *token = keyObject->token;
-    nssSession *defaultSession = nssToken_GetDefaultSession(token);
-    PRBool createdSession = PR_FALSE;
-
-    NSS_CK_TEMPLATE_START(key_template, attr, key_size);
-    NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
-    NSS_CK_TEMPLATE_FINISH(key_template, attr, key_size);
-
-    if (sessionOpt) {
-	if (!nssSession_IsReadWrite(sessionOpt)) {
-	    return PR_FAILURE;
-	} else {
-	    session = sessionOpt;
-	}
-    } else if (nssSession_IsReadWrite(defaultSession)) {
-	session = defaultSession;
-    } else {
-	NSSSlot *slot = nssToken_GetSlot(token);
-	session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
-	createdSession = PR_TRUE;
-	nssSlot_Destroy(slot);
-    }
-
-    ckrv = CKAPI(epv)->C_SetAttributeValue(session->handle,
-                                           keyObject->handle,
-                                           key_template,
-                                           key_size);
-
-    if (createdSession) {
-	nssSession_Destroy(session);
-    }
-
-    return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
diff --git a/security/nss/lib/dev/ckhelper.h b/security/nss/lib/dev/ckhelper.h
deleted file mode 100644
index 9beab920d..000000000
--- a/security/nss/lib/dev/ckhelper.h
+++ /dev/null
@@ -1,189 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ckhelper.h
- *
- * This file contains some helper utilities for interaction with cryptoki.
- */
-
-#ifndef CKHELPER_H
-#define CKHELPER_H
-
-#ifdef DEBUG
-static const char CKHELPER_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* Some globals to keep from constantly redeclaring common cryptoki
- * attribute types on the stack.
- */
-
-/* Boolean values */
-NSS_EXTERN_DATA const NSSItem g_ck_true;
-NSS_EXTERN_DATA const NSSItem g_ck_false;
-
-/* Object classes */
-NSS_EXTERN_DATA const NSSItem g_ck_class_cert;
-NSS_EXTERN_DATA const NSSItem g_ck_class_pubkey;
-NSS_EXTERN_DATA const NSSItem g_ck_class_privkey;
-
-#define NSS_CK_TEMPLATE_START(_template, attr, size)   \
-    attr = _template;                                  \
-    size = 0;
-
-#define NSS_CK_SET_ATTRIBUTE_ITEM(pattr, kind, item)  \
-    (pattr)->type = kind;                             \
-    (pattr)->pValue = (CK_VOID_PTR)(item)->data;      \
-    (pattr)->ulValueLen = (CK_ULONG)(item)->size;     \
-    (pattr)++;
-
-#define NSS_CK_SET_ATTRIBUTE_UTF8(pattr, kind, utf8)  \
-    (pattr)->type = kind;                             \
-    (pattr)->pValue = (CK_VOID_PTR)utf8;              \
-    (pattr)->ulValueLen = (CK_ULONG)nssUTF8_Size(utf8, NULL); \
-    if ((pattr)->ulValueLen) ((pattr)->ulValueLen)--; \
-    (pattr)++;
-
-#define NSS_CK_SET_ATTRIBUTE_VAR(pattr, kind, var)    \
-    (pattr)->type = kind;                             \
-    (pattr)->pValue = (CK_VOID_PTR)&var;              \
-    (pattr)->ulValueLen = (CK_ULONG)sizeof(var);      \
-    (pattr)++;
-
-#define NSS_CK_SET_ATTRIBUTE_NULL(pattr, kind)        \
-    (pattr)->type = kind;                             \
-    (pattr)->pValue = (CK_VOID_PTR)NULL;              \
-    (pattr)->ulValueLen = 0;                          \
-    (pattr)++;
-
-#define NSS_CK_TEMPLATE_FINISH(_template, attr, size) \
-    size = (attr) - (_template);                      \
-    PR_ASSERT(size <= sizeof(_template)/sizeof(_template[0]));
-
-/* NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item)
- *
- * Convert a CK_ATTRIBUTE to an NSSItem.
- */
-#define NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item)         \
-    if ((CK_LONG)(attrib)->ulValueLen > 0) {           \
-	(item)->data = (void *)(attrib)->pValue;       \
-	(item)->size = (PRUint32)(attrib)->ulValueLen; \
-    } else {                                           \
-	(item)->data = 0;                              \
-	(item)->size = 0;                              \
-    }
-
-#define NSS_CK_ATTRIBUTE_TO_BOOL(attrib, boolvar)        \
-    if ((attrib)->ulValueLen > 0) {                      \
-	if (*((CK_BBOOL*)(attrib)->pValue) == CK_TRUE) { \
-	    boolvar = PR_TRUE;                           \
-	} else {                                         \
-	    boolvar = PR_FALSE;                          \
-	}                                                \
-    }
-
-/* NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str)
- *
- * Convert a CK_ATTRIBUTE to a string.
- */
-#define NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str)      \
-    str = (NSSUTF8 *)((attrib)->pValue);
-
-/* NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib)
- *
- * Convert an NSSItem to a  CK_ATTRIBUTE.
- */
-#define NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib)     \
-    (attrib)->pValue = (CK_VOID_PTR)(item)->data;  \
-    (attrib)->ulValueLen = (CK_ULONG)(item)->size; \
-
-/* Get an array of attributes from an object. */
-NSS_EXTERN PRStatus 
-nssCKObject_GetAttributes
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_PTR obj_template,
-  CK_ULONG count,
-  NSSArena *arenaOpt,
-  nssSession *session,
-  NSSSlot *slot
-);
-
-/* Get a single attribute as an item. */
-NSS_EXTERN PRStatus
-nssCKObject_GetAttributeItem
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_TYPE attribute,
-  NSSArena *arenaOpt,
-  nssSession *session,
-  NSSSlot *slot,
-  NSSItem *rvItem
-);
-
-NSS_EXTERN PRBool
-nssCKObject_IsAttributeTrue
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_TYPE attribute,
-  nssSession *session,
-  NSSSlot *slot,
-  PRStatus *rvStatus
-);
-
-NSS_EXTERN PRStatus 
-nssCKObject_SetAttributes
-(
-  CK_OBJECT_HANDLE object,
-  CK_ATTRIBUTE_PTR obj_template,
-  CK_ULONG count,
-  nssSession *session,
-  NSSSlot  *slot
-);
-
-NSS_EXTERN PRBool
-nssCKObject_IsTokenObjectTemplate
-(
-  CK_ATTRIBUTE_PTR objectTemplate, 
-  CK_ULONG otsize
-);
-
-PR_END_EXTERN_C
-
-#endif /* CKHELPER_H */
diff --git a/security/nss/lib/dev/config.mk b/security/nss/lib/dev/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/dev/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h
deleted file mode 100644
index 9967d32e5..000000000
--- a/security/nss/lib/dev/dev.h
+++ /dev/null
@@ -1,970 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEV_H
-#define DEV_H
-
-/*
- * dev.h
- *
- * Low-level methods for interaction with cryptoki devices
- */
-
-#ifdef DEBUG
-static const char DEV_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSDEV_H
-#include "nssdev.h"
-#endif /* NSSDEV_H */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* the global module list
- *
- * These functions are for managing the global set of modules.  Trust Domains,
- * etc., will draw from this set.  These functions are completely internal
- * and only invoked when there are changes to the global module state
- * (load or unload).
- *
- * nss_InitializeGlobalModuleList
- * nss_DestroyGlobalModuleList
- * nss_GetLoadedModules
- *
- * nssGlobalModuleList_Add
- * nssGlobalModuleList_Remove
- * nssGlobalModuleList_FindModuleByName
- * nssGlobalModuleList_FindSlotByName
- * nssGlobalModuleList_FindTokenByName
- */
-
-NSS_EXTERN PRStatus
-nss_InitializeGlobalModuleList
-(
-  void
-);
-
-NSS_EXTERN PRStatus
-nss_DestroyGlobalModuleList
-(
-  void
-);
-
-NSS_EXTERN NSSModule **
-nss_GetLoadedModules
-(
-  void
-);
-
-NSS_EXTERN PRStatus
-nssGlobalModuleList_Add
-(
-  NSSModule *module
-);
-
-NSS_EXTERN PRStatus
-nssGlobalModuleList_Remove
-(
-  NSSModule *module
-);
-
-NSS_EXTERN NSSModule *
-nssGlobalModuleList_FindModuleByName
-(
-  NSSUTF8 *moduleName
-);
-
-NSS_EXTERN NSSSlot *
-nssGlobalModuleList_FindSlotByName
-(
-  NSSUTF8 *slotName
-);
-
-NSS_EXTERN NSSToken *
-nssGlobalModuleList_FindTokenByName
-(
-  NSSUTF8 *tokenName
-);
-
-NSS_EXTERN NSSToken *
-nss_GetDefaultCryptoToken
-(
-  void
-);
-
-NSS_EXTERN NSSToken *
-nss_GetDefaultDatabaseToken
-(
-  void
-);
-
-/*
- *  |-----------|<---> NSSSlot <--> NSSToken
- *  | NSSModule |<---> NSSSlot <--> NSSToken
- *  |-----------|<---> NSSSlot <--> NSSToken
- */
-
-/* NSSModule
- *
- * nssModule_Create
- * nssModule_CreateFromSpec
- * nssModule_AddRef
- * nssModule_GetName
- * nssModule_GetSlots
- * nssModule_FindSlotByName
- * nssModule_FindTokenByName
- * nssModule_GetCertOrder
- */
-
-NSS_EXTERN NSSModule *
-nssModule_Create
-(
-  NSSUTF8 *moduleOpt,
-  NSSUTF8 *uriOpt,
-  NSSUTF8 *opaqueOpt,
-  void    *reserved
-);
-
-/* This is to use the new loading mechanism. */
-NSS_EXTERN NSSModule *
-nssModule_CreateFromSpec
-(
-  NSSUTF8 *moduleSpec,
-  NSSModule *parent,
-  PRBool loadSubModules
-);
-
-NSS_EXTERN PRStatus
-nssModule_Destroy
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN NSSModule *
-nssModule_AddRef
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN NSSUTF8 *
-nssModule_GetName
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot **
-nssModule_GetSlots
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot *
-nssModule_FindSlotByName
-(
-  NSSModule *mod,
-  NSSUTF8 *slotName
-);
-
-NSS_EXTERN NSSToken *
-nssModule_FindTokenByName
-(
-  NSSModule *mod,
-  NSSUTF8 *tokenName
-);
-
-NSS_EXTERN PRInt32
-nssModule_GetCertOrder
-(
-  NSSModule *module
-);
-
-/* NSSSlot
- *
- * nssSlot_Destroy
- * nssSlot_AddRef
- * nssSlot_GetName
- * nssSlot_GetTokenName
- * nssSlot_IsTokenPresent
- * nssSlot_IsPermanent
- * nssSlot_IsFriendly
- * nssSlot_IsHardware
- * nssSlot_Refresh
- * nssSlot_GetModule
- * nssSlot_GetToken
- * nssSlot_Login
- * nssSlot_Logout
- * nssSlot_SetPassword
- * nssSlot_CreateSession
- */
-
-NSS_EXTERN PRStatus
-nssSlot_Destroy
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN NSSSlot *
-nssSlot_AddRef
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN NSSUTF8 *
-nssSlot_GetName
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN NSSUTF8 *
-nssSlot_GetTokenName
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN NSSModule *
-nssSlot_GetModule
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN NSSToken *
-nssSlot_GetToken
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsTokenPresent
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsPermanent
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsFriendly
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsHardware
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssSlot_IsLoggedIn
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRStatus
-nssSlot_Refresh
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN PRStatus
-nssSlot_Login
-(
-  NSSSlot *slot,
-  NSSCallback *pwcb
-);
-extern const NSSError NSS_ERROR_INVALID_PASSWORD;
-extern const NSSError NSS_ERROR_USER_CANCELED;
-
-NSS_EXTERN PRStatus
-nssSlot_Logout
-(
-  NSSSlot *slot,
-  nssSession *sessionOpt
-);
-
-#define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1
-#define NSSSLOT_ASK_PASSWORD_EVERY_TIME  0
-NSS_EXTERN void
-nssSlot_SetPasswordDefaults
-(
-  NSSSlot *slot,
-  PRInt32 askPasswordTimeout
-);
-
-NSS_EXTERN PRStatus
-nssSlot_SetPassword
-(
-  NSSSlot *slot,
-  NSSUTF8 *oldPasswordOpt,
-  NSSUTF8 *newPassword
-);
-extern const NSSError NSS_ERROR_INVALID_PASSWORD;
-extern const NSSError NSS_ERROR_USER_CANCELED;
-
-/*
- * nssSlot_IsLoggedIn
- */
-
-NSS_EXTERN nssSession *
-nssSlot_CreateSession
-(
-  NSSSlot *slot,
-  NSSArena *arenaOpt,
-  PRBool readWrite /* so far, this is the only flag used */
-);
-
-/* NSSToken
- *
- * nssToken_Destroy
- * nssToken_AddRef
- * nssToken_GetName
- * nssToken_GetModule
- * nssToken_GetSlot
- * nssToken_NeedsPINInitialization
- * nssToken_ImportCertificate
- * nssToken_ImportTrust
- * nssToken_ImportCRL
- * nssToken_GenerateKeyPair
- * nssToken_GenerateSymmetricKey
- * nssToken_DeleteStoredObject
- * nssToken_FindCertificates
- * nssToken_FindCertificatesBySubject
- * nssToken_FindCertificatesByNickname
- * nssToken_FindCertificatesByEmail
- * nssToken_FindCertificateByIssuerAndSerialNumber
- * nssToken_FindCertificateByEncodedCertificate
- * nssToken_FindTrustObjects
- * nssToken_FindTrustForCertificate
- * nssToken_FindCRLs
- * nssToken_FindCRLsBySubject
- * nssToken_FindPrivateKeys
- * nssToken_FindPrivateKeyByID
- * nssToken_Digest
- * nssToken_BeginDigest
- * nssToken_ContinueDigest
- * nssToken_FinishDigest
- */
-
-NSS_EXTERN PRStatus
-nssToken_Destroy
-(
-  NSSToken *tok
-);
-
-NSS_EXTERN NSSToken *
-nssToken_AddRef
-(
-  NSSToken *tok
-);
-
-NSS_EXTERN NSSUTF8 *
-nssToken_GetName
-(
-  NSSToken *tok
-);
-
-NSS_EXTERN NSSModule *
-nssToken_GetModule
-(
-  NSSToken *token
-);
-
-NSS_EXTERN NSSSlot *
-nssToken_GetSlot
-(
-  NSSToken *tok
-);
-
-NSS_EXTERN PRBool
-nssToken_NeedsPINInitialization
-(
-  NSSToken *token
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_ImportCertificate
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSCertificateType certType,
-  NSSItem *id,
-  NSSUTF8 *nickname,
-  NSSDER *encoding,
-  NSSDER *issuer,
-  NSSDER *subject,
-  NSSDER *serial,
-  NSSASCII7 *emailAddr,
-  PRBool asTokenObject
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_ImportTrust
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSDER *certEncoding,
-  NSSDER *certIssuer,
-  NSSDER *certSerial,
-  nssTrustLevel serverAuth,
-  nssTrustLevel clientAuth,
-  nssTrustLevel codeSigning,
-  nssTrustLevel emailProtection,
-  PRBool asTokenObject
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_ImportCRL
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *subject,
-  NSSDER *encoding,
-  PRBool isKRL,
-  NSSUTF8 *url,
-  PRBool asTokenObject
-);
-
-/* Permanently remove an object from the token. */
-NSS_EXTERN PRStatus
-nssToken_DeleteStoredObject
-(
-  nssCryptokiObject *instance
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificates
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesBySubject
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *subject,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByNickname
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSUTF8 *name,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByEmail
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSASCII7 *email,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCertificatesByID
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSItem *id,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindCertificateByIssuerAndSerialNumber
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *issuer,
-  NSSDER *serial,
-  nssTokenSearchType searchType,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindCertificateByEncodedCertificate
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSBER *encodedCertificate,
-  nssTokenSearchType searchType,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindTrustObjects
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindTrustForCertificate
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *certEncoding,
-  NSSDER *certIssuer,
-  NSSDER *certSerial,
-  nssTokenSearchType searchType
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCRLs
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindCRLsBySubject
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *subject,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssToken_FindPrivateKeys
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindPrivateKeyByID
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSItem *keyID
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssToken_FindPublicKeyByID
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSItem *keyID
-);
-
-NSS_EXTERN NSSItem *
-nssToken_Digest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSAlgorithmAndParameters *ap,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN PRStatus
-nssToken_BeginDigest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSAlgorithmAndParameters *ap
-);
-
-NSS_EXTERN PRStatus
-nssToken_ContinueDigest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSItem *item
-);
-
-NSS_EXTERN NSSItem *
-nssToken_FinishDigest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/* nssSession
- *
- * nssSession_Destroy
- * nssSession_EnterMonitor
- * nssSession_ExitMonitor
- * nssSession_IsReadWrite
- */
-
-NSS_EXTERN PRStatus
-nssSession_Destroy
-(
-  nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRStatus
-nssSession_EnterMonitor
-(
-  nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRStatus
-nssSession_ExitMonitor
-(
-  nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRBool
-nssSession_IsReadWrite
-(
-  nssSession *s
-);
-
-/* nssCryptokiObject
- *
- * An object living on a cryptoki token.
- * Not really proper to mix up the object types just because 
- * nssCryptokiObject itself is generic, but doing so anyway.
- *
- * nssCryptokiObject_Destroy
- * nssCryptokiObject_Equal
- * nssCryptokiObject_Clone
- * nssCryptokiCertificate_GetAttributes
- * nssCryptokiPrivateKey_GetAttributes
- * nssCryptokiPublicKey_GetAttributes
- * nssCryptokiTrust_GetAttributes
- * nssCryptokiCRL_GetAttributes
- */
-
-NSS_EXTERN void
-nssCryptokiObject_Destroy
-(
-  nssCryptokiObject *object
-);
-
-NSS_EXTERN PRBool
-nssCryptokiObject_Equal
-(
-  nssCryptokiObject *object1,
-  nssCryptokiObject *object2
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssCryptokiObject_Clone
-(
-  nssCryptokiObject *object
-);
-
-NSS_EXTERN PRStatus
-nssCryptokiCertificate_GetAttributes
-(
-  nssCryptokiObject *object,
-  nssSession *sessionOpt,
-  NSSArena *arenaOpt,
-  NSSCertificateType *certTypeOpt,
-  NSSItem *idOpt,
-  NSSDER *encodingOpt,
-  NSSDER *issuerOpt,
-  NSSDER *serialOpt,
-  NSSDER *subjectOpt,
-  NSSASCII7 **emailOpt
-);
-
-NSS_EXTERN PRStatus
-nssCryptokiTrust_GetAttributes
-(
-  nssCryptokiObject *trustObject,
-  nssSession *sessionOpt,
-  nssTrustLevel *serverAuth,
-  nssTrustLevel *clientAuth,
-  nssTrustLevel *codeSigning,
-  nssTrustLevel *emailProtection
-);
-
-NSS_EXTERN PRStatus
-nssCryptokiCRL_GetAttributes
-(
-  nssCryptokiObject *crlObject,
-  nssSession *sessionOpt,
-  NSSArena *arenaOpt,
-  NSSItem *encodingOpt,
-  NSSUTF8 **urlOpt,
-  PRBool *isKRLOpt
-);
-
-/* I'm including this to handle import of certificates in NSS 3.5.  This
- * function will set the cert-related attributes of a key, in order to
- * associate it with a cert.  Does it stay like this for 4.0?
- */
-NSS_EXTERN PRStatus
-nssCryptokiPrivateKey_SetCertificate
-(
-  nssCryptokiObject *keyObject,
-  nssSession *sessionOpt,
-  NSSUTF8 *nickname,
-  NSSItem *id,
-  NSSDER *subject
-);
-
-NSS_EXTERN void
-nssModuleArray_Destroy
-(
-  NSSModule **modules
-);
-
-/* nssSlotArray
- *
- * nssSlotArray_Destroy
- */
-
-NSS_EXTERN void
-nssSlotArray_Destroy
-(
-  NSSSlot **slots
-);
-
-/* nssTokenArray
- *
- * nssTokenArray_Destroy
- */
-
-NSS_EXTERN void
-nssTokenArray_Destroy
-(
-  NSSToken **tokens
-);
-
-/* nssCryptokiObjectArray
- *
- * nssCryptokiObjectArray_Destroy
- */
-NSS_EXTERN void
-nssCryptokiObjectArray_Destroy
-(
-  nssCryptokiObject **object
-);
-
-/* nssSlotList
-*
- * An ordered list of slots.  The order can be anything, it is set in the
- * Add methods.  Perhaps it should be CreateInCertOrder, ...?
- *
- * nssSlotList_Create
- * nssSlotList_Destroy
- * nssSlotList_Add
- * nssSlotList_AddModuleSlots
- * nssSlotList_GetSlots
- * nssSlotList_FindSlotByName
- * nssSlotList_FindTokenByName
- * nssSlotList_GetBestSlot
- * nssSlotList_GetBestSlotForAlgorithmAndParameters
- * nssSlotList_GetBestSlotForAlgorithmsAndParameters
- */
-
-/* nssSlotList_Create
- */
-NSS_EXTERN nssSlotList *
-nssSlotList_Create
-(
-  NSSArena *arenaOpt
-);
-
-/* nssSlotList_Destroy
- */
-NSS_EXTERN void
-nssSlotList_Destroy
-(
-  nssSlotList *slotList
-);
-
-/* nssSlotList_Add
- *
- * Add the given slot in the given order.
- */
-NSS_EXTERN PRStatus
-nssSlotList_Add
-(
-  nssSlotList *slotList,
-  NSSSlot *slot,
-  PRUint32 order
-);
-
-/* nssSlotList_AddModuleSlots
- *
- * Add all slots in the module, in the given order (the slots will have
- * equal weight).
- */
-NSS_EXTERN PRStatus
-nssSlotList_AddModuleSlots
-(
-  nssSlotList *slotList,
-  NSSModule *module,
-  PRUint32 order
-);
-
-/* nssSlotList_GetSlots
- */
-NSS_EXTERN NSSSlot **
-nssSlotList_GetSlots
-(
-  nssSlotList *slotList
-);
-
-/* nssSlotList_FindSlotByName
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_FindSlotByName
-(
-  nssSlotList *slotList,
-  NSSUTF8 *slotName
-);
-
-/* nssSlotList_FindTokenByName
- */
-NSS_EXTERN NSSToken *
-nssSlotList_FindTokenByName
-(
-  nssSlotList *slotList,
-  NSSUTF8 *tokenName
-);
-
-/* nssSlotList_GetBestSlot
- *
- * The best slot is the highest ranking in order, i.e., the first in the
- * list.
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_GetBestSlot
-(
-  nssSlotList *slotList
-);
-
-/* nssSlotList_GetBestSlotForAlgorithmAndParameters
- *
- * Highest-ranking slot than can handle algorithm/parameters.
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_GetBestSlotForAlgorithmAndParameters
-(
-  nssSlotList *slotList,
-  NSSAlgorithmAndParameters *ap
-);
-
-/* nssSlotList_GetBestSlotForAlgorithmsAndParameters
- *
- * Highest-ranking slot than can handle all algorithms/parameters.
- */
-NSS_EXTERN NSSSlot *
-nssSlotList_GetBestSlotForAlgorithmsAndParameters
-(
-  nssSlotList *slotList,
-  NSSAlgorithmAndParameters **ap
-);
-
-#ifdef NSS_3_4_CODE
-
-NSS_EXTERN PRBool
-nssToken_IsPresent
-(
-  NSSToken *token
-);
-
-NSS_EXTERN nssSession *
-nssToken_GetDefaultSession
-(
-  NSSToken *token
-);
-
-NSS_EXTERN PRStatus
-nssToken_GetTrustOrder
-(
-  NSSToken *tok
-);
-
-NSS_EXTERN PRStatus
-nssToken_NotifyCertsNotVisible
-(
-  NSSToken *tok
-);
-
-NSS_EXTERN PRStatus
-nssToken_TraverseCertificates
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRStatus (* callback)(nssCryptokiObject *instance, void *arg),
-  void *arg
-);
-
-#endif
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devm.h b/security/nss/lib/dev/devm.h
deleted file mode 100644
index 0dd0d5b36..000000000
--- a/security/nss/lib/dev/devm.h
+++ /dev/null
@@ -1,242 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVM_H
-#define DEVM_H
-
-#ifdef DEBUG
-static const char DEVM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVTM_H
-#include "devtm.h"
-#endif /* DEVTM_H */
-
-PR_BEGIN_EXTERN_C
-
-/* Shortcut to cryptoki API functions. */
-#define CKAPI(epv) \
-    ((CK_FUNCTION_LIST_PTR)(epv))
-
-NSS_EXTERN void
-nssDevice_AddRef
-(
- struct nssDeviceBaseStr *device
-);
-
-NSS_EXTERN PRBool
-nssDevice_Destroy
-(
- struct nssDeviceBaseStr *device
-);
-
-NSS_EXTERN PRBool
-nssModule_IsThreadSafe
-(
-  NSSModule *module
-);
-
-NSS_EXTERN PRBool
-nssModule_IsInternal
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN PRBool
-nssModule_IsModuleDBOnly
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN void *
-nssModule_GetCryptokiEPV
-(
-  NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot *
-nssSlot_Create
-(
-  CK_SLOT_ID slotId,
-  NSSModule *parent
-);
-
-NSS_EXTERN void *
-nssSlot_GetCryptokiEPV
-(
-  NSSSlot *slot
-);
-
-NSS_EXTERN NSSToken *
-nssToken_Create
-(
-  CK_SLOT_ID slotID,
-  NSSSlot *peer
-);
-
-NSS_EXTERN void *
-nssToken_GetCryptokiEPV
-(
-  NSSToken *token
-);
-
-NSS_EXTERN nssSession *
-nssToken_GetDefaultSession
-(
-  NSSToken *token
-);
-
-NSS_EXTERN PRBool
-nssToken_IsLoginRequired
-(
-  NSSToken *token
-);
-
-NSS_EXTERN void
-nssToken_Remove
-(
-  NSSToken *token
-);
-
-NSS_EXTERN nssCryptokiObject *
-nssCryptokiObject_Create
-(
-  NSSToken *t, 
-  nssSession *session,
-  CK_OBJECT_HANDLE h
-);
-
-NSS_EXTERN nssTokenObjectCache *
-nssTokenObjectCache_Create
-(
-  NSSToken *token,
-  PRBool cacheCerts,
-  PRBool cacheTrust,
-  PRBool cacheCRLs
-);
-
-NSS_EXTERN void
-nssTokenObjectCache_Destroy
-(
-  nssTokenObjectCache *cache
-);
-
-NSS_EXTERN void
-nssTokenObjectCache_Clear
-(
-  nssTokenObjectCache *cache
-);
-
-NSS_EXTERN PRBool
-nssTokenObjectCache_HaveObjectClass
-(
-  nssTokenObjectCache *cache,
-  CK_OBJECT_CLASS objclass
-);
-
-NSS_EXTERN nssCryptokiObject **
-nssTokenObjectCache_FindObjectsByTemplate
-(
-  nssTokenObjectCache *cache,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR otemplate,
-  CK_ULONG otlen,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN PRStatus
-nssTokenObjectCache_GetObjectAttributes
-(
-  nssTokenObjectCache *cache,
-  NSSArena *arenaOpt,
-  nssCryptokiObject *object,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR atemplate,
-  CK_ULONG atlen
-);
-
-NSS_EXTERN PRStatus
-nssTokenObjectCache_ImportObject
-(
-  nssTokenObjectCache *cache,
-  nssCryptokiObject *object,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR ot,
-  CK_ULONG otlen
-);
-
-NSS_EXTERN void
-nssTokenObjectCache_RemoveObject
-(
-  nssTokenObjectCache *cache,
-  nssCryptokiObject *object
-);
-
-/* XXX allows peek back into token */
-NSS_EXTERN PRStatus
-nssToken_GetCachedObjectAttributes
-(
-  NSSToken *token,
-  NSSArena *arenaOpt,
-  nssCryptokiObject *object,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR atemplate,
-  CK_ULONG atlen
-);
-
-/* PKCS#11 stores strings in a fixed-length buffer padded with spaces.  This
- * function gets the length of the actual string.
- */
-NSS_EXTERN PRUint32
-nssPKCS11String_Length
-(
-  CK_CHAR *pkcs11str, 
-  PRUint32 bufLen
-);
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devmod.c b/security/nss/lib/dev/devmod.c
deleted file mode 100644
index e0006370f..000000000
--- a/security/nss/lib/dev/devmod.c
+++ /dev/null
@@ -1,900 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifdef PURE_STAN_CODE
-
-extern void FC_GetFunctionList(void);
-extern void NSC_GetFunctionList(void);
-extern void NSC_ModuleDBFunc(void);
-
-/* The list of boolean flags used to describe properties of a
- * module.
- */
-#define NSSMODULE_FLAGS_NOT_THREADSAFE 0x0001 /* isThreadSafe */
-#define NSSMODULE_FLAGS_INTERNAL       0x0002 /* isInternal   */
-#define NSSMODULE_FLAGS_FIPS           0x0004 /* isFIPS       */
-#define NSSMODULE_FLAGS_MODULE_DB      0x0008 /* isModuleDB   */
-#define NSSMODULE_FLAGS_MODULE_DB_ONLY 0x0010 /* moduleDBOnly */
-#define NSSMODULE_FLAGS_CRITICAL       0x0020 /* isCritical   */
-
-struct NSSModuleStr {
-  struct nssDeviceBaseStr base;
-  NSSUTF8 *libraryName;
-  PRLibrary *library;
-  char *libraryParams;
-  void *moduleDBFunc;
-  void *epv;
-  CK_INFO info;
-  NSSSlot **slots;
-  PRUint32 numSlots;
-  PRBool isLoaded;
-  struct {
-    PRInt32 trust;
-    PRInt32 cipher;
-    PRInt32 certStorage;
-  } order;
-};
-
-#define NSSMODULE_IS_THREADSAFE(module) \
-    (!(module->base.flags & NSSMODULE_FLAGS_NOT_THREADSAFE))
-
-#define NSSMODULE_IS_INTERNAL(module) \
-    (module->base.flags & NSSMODULE_FLAGS_INTERNAL)
-
-#define NSSMODULE_IS_FIPS(module) \
-    (module->base.flags & NSSMODULE_FLAGS_FIPS)
-
-#define NSSMODULE_IS_MODULE_DB(module) \
-    (module->base.flags & NSSMODULE_FLAGS_MODULE_DB)
-
-#define NSSMODULE_IS_MODULE_DB_ONLY(module) \
-    (module->base.flags & NSSMODULE_FLAGS_MODULE_DB_ONLY)
-
-#define NSSMODULE_IS_CRITICAL(module) \
-    (module->base.flags & NSSMODULE_FLAGS_CRITICAL)
-
-/* Threading callbacks for C_Initialize.  Use NSPR threads. */
-
-CK_RV PR_CALLBACK 
-nss_ck_CreateMutex(CK_VOID_PTR_PTR pMutex)
-{
-    CK_VOID_PTR mutex = (CK_VOID_PTR)PZ_NewLock(nssILockOther);
-    if (mutex != NULL) {
-	*pMutex = (CK_VOID_PTR)mutex;
-	return CKR_OK;
-    }
-    return CKR_HOST_MEMORY;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_DestroyMutex(CK_VOID_PTR mutex)
-{
-    PZ_DestroyLock((PZLock *)mutex);
-    return CKR_OK;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_LockMutex(CK_VOID_PTR mutex)
-{
-    PZ_Lock((PZLock *)mutex);
-    return CKR_OK;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_UnlockMutex(CK_VOID_PTR mutex)
-{
-    return (PZ_Unlock((PZLock *)mutex) == PR_SUCCESS) ? 
-	CKR_OK : CKR_MUTEX_NOT_LOCKED;
-}
-
-/* Default callback args to C_Initialize */
-/* XXX not const because we are modifying the pReserved argument in order
- *     to use the libraryParams extension.
- */
-static CK_C_INITIALIZE_ARGS 
-s_ck_initialize_args = {
-    nss_ck_CreateMutex,         /* CreateMutex  */
-    nss_ck_DestroyMutex,        /* DestroyMutex */
-    nss_ck_LockMutex,           /* LockMutex    */
-    nss_ck_UnlockMutex,         /* UnlockMutex  */
-    CKF_LIBRARY_CANT_CREATE_OS_THREADS |
-    CKF_OS_LOCKING_OK,          /* flags        */
-    NULL                        /* pReserved    */
-};
-
-/* load all slots in a module. */
-static PRStatus
-module_load_slots(NSSModule *mod)
-{
-    CK_ULONG i, ulNumSlots;
-    CK_SLOT_ID *slotIDs;
-    nssArenaMark *mark = NULL;
-    NSSSlot **slots;
-    PRStatus nssrv;
-    CK_RV ckrv;
-    /* Get the number of slots */
-    ckrv = CKAPI(mod->epv)->C_GetSlotList(CK_FALSE, NULL, &ulNumSlots);
-    if (ckrv != CKR_OK) {
-	/* what is the error? */
-	return PR_FAILURE;
-    }
-    /* Alloc memory for the array of slot ID's */
-    slotIDs = nss_ZNEWARRAY(NULL, CK_SLOT_ID, ulNumSlots);
-    if (!slotIDs) {
-	goto loser;
-    }
-    /* Get the actual slot list */
-    ckrv = CKAPI(mod->epv)->C_GetSlotList(CK_FALSE, slotIDs, &ulNumSlots);
-    if (ckrv != CKR_OK) {
-	/* what is the error? */
-	goto loser;
-    }
-    /* Alloc memory for the array of slots, in the module's arena */
-    mark = nssArena_Mark(mod->base.arena); /* why mark? it'll be destroyed */
-    if (!mark) {
-	return PR_FAILURE;
-    }
-    slots = nss_ZNEWARRAY(mod->base.arena, NSSSlot *, ulNumSlots);
-    if (!slots) {
-	goto loser;
-    }
-    /* Initialize each slot */
-    for (i=0; i<ulNumSlots; i++) {
-	slots[i] = nssSlot_Create(slotIDs[i], mod);
-    }
-    nss_ZFreeIf(slotIDs);
-    nssrv = nssArena_Unmark(mod->base.arena, mark);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    mod->slots = slots;
-    mod->numSlots = ulNumSlots;
-    return PR_SUCCESS;
-loser:
-    if (mark) {
-	nssArena_Release(mod->base.arena, mark);
-    }
-    nss_ZFreeIf(slotIDs);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Load
-(
-  NSSModule *mod
-)
-{
-    PRLibrary *library = NULL;
-    CK_C_GetFunctionList epv;
-    CK_RV ckrv;
-    if (NSSMODULE_IS_INTERNAL(mod)) {
-	/* internal, statically get the C_GetFunctionList function */
-	if (NSSMODULE_IS_FIPS(mod)) {
-	    epv = (CK_C_GetFunctionList) FC_GetFunctionList;
-	} else {
-	    epv = (CK_C_GetFunctionList) NSC_GetFunctionList;
-	}
-	if (NSSMODULE_IS_MODULE_DB(mod)) {
-	    mod->moduleDBFunc = (void *) NSC_ModuleDBFunc;
-	}
-	if (NSSMODULE_IS_MODULE_DB_ONLY(mod)) {
-	    mod->isLoaded = PR_TRUE; /* XXX needed? */
-	    return PR_SUCCESS;
-	}
-    } else {
-	/* Use NSPR to load the library */
-	library = PR_LoadLibrary(mod->libraryName);
-	if (!library) {
-	    /* what's the error to set? */
-	    return PR_FAILURE;
-	}
-	mod->library = library;
-	/* Skip if only getting the db loader function */
-	if (!NSSMODULE_IS_MODULE_DB_ONLY(mod)) {
-	    /* Load the cryptoki entry point function */
-	    epv = (CK_C_GetFunctionList)PR_FindSymbol(library, 
-	                                              "C_GetFunctionList");
-	}
-	/* Load the module database loader function */
-	if (NSSMODULE_IS_MODULE_DB(mod)) {
-	    mod->moduleDBFunc = (void *)PR_FindSymbol(library, 
-	                                          "NSS_ReturnModuleSpecData");
-	}
-    }
-    if (epv == NULL) {
-	goto loser;
-    }
-    /* Load the cryptoki entry point vector (function list) */
-    ckrv = (*epv)((CK_FUNCTION_LIST_PTR *)&mod->epv);
-    if (ckrv != CKR_OK) {
-	goto loser;
-    }
-    /* Initialize the module */
-    if (mod->libraryParams) {
-	s_ck_initialize_args.LibraryParameters = (void *)mod->libraryParams;
-    } else {
-	s_ck_initialize_args.LibraryParameters = NULL;
-    }
-    ckrv = CKAPI(mod->epv)->C_Initialize(&s_ck_initialize_args);
-    if (ckrv != CKR_OK) {
-	/* Apparently the token is not thread safe.  Retry without 
-	 * threading parameters. 
-	 */
-        mod->base.flags |= NSSMODULE_FLAGS_NOT_THREADSAFE;
-	ckrv = CKAPI(mod->epv)->C_Initialize((CK_VOID_PTR)NULL);
-	if (ckrv != CKR_OK) {
-	    goto loser;
-	}
-    }
-    /* TODO: check the version # using C_GetInfo */
-    ckrv = CKAPI(mod->epv)->C_GetInfo(&mod->info);
-    if (ckrv != CKR_OK) {
-	goto loser;
-    }
-    /* TODO: if the name is not set, get it from info.libraryDescription */
-    /* Now load the slots */
-    if (module_load_slots(mod) != PR_SUCCESS) {
-	goto loser;
-    }
-    /* Module has successfully loaded */
-    mod->isLoaded = PR_TRUE;
-    return PR_SUCCESS;
-loser:
-    if (library) {
-	PR_UnloadLibrary(library);
-    }
-    /* clear all values set above, they are invalid now */
-    mod->library = NULL;
-    mod->epv = NULL;
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Unload
-(
-  NSSModule *mod
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    if (mod->library) {
-	(void)CKAPI(mod->epv)->C_Finalize(NULL);
-	nssrv = PR_UnloadLibrary(mod->library);
-    }
-    /* Free the slots, yes? */
-    mod->library = NULL;
-    mod->epv = NULL;
-    mod->isLoaded = PR_FALSE;
-    return nssrv;
-}
-
-/* Alloc memory for a module.  Copy in the module name and library path
- *  if provided.  XXX use the opaque arg also, right? 
- */
-NSS_IMPLEMENT NSSModule *
-nssModule_Create
-(
-  NSSUTF8 *moduleOpt,
-  NSSUTF8 *uriOpt,
-  NSSUTF8 *opaqueOpt,
-  void    *reserved
-)
-{
-    NSSArena *arena;
-    NSSModule *rvMod;
-    arena = NSSArena_Create();
-    if(!arena) {
-	return (NSSModule *)NULL;
-    }
-    rvMod = nss_ZNEW(arena, NSSModule);
-    if (!rvMod) {
-	goto loser;
-    }
-    if (moduleOpt) {
-	/* XXX making the gross assumption this is just the module name */
-	/* if the name is a duplicate, should that be tested here?  or
-	 *  wait for Load? 
-	 */
-	rvMod->base.name = nssUTF8_Duplicate(moduleOpt, arena);
-	if (!rvMod->base.name) {
-	    goto loser;
-	}
-    }
-    if (uriOpt) {
-	/* Load the module from a URI. */
-	/* XXX at this time - only file URI (even worse, no file:// for now) */
-	rvMod->libraryName = nssUTF8_Duplicate(uriOpt, arena);
-	if (!rvMod->libraryName) {
-	    goto loser;
-	}
-    }
-    rvMod->base.arena = arena;
-    rvMod->base.refCount = 1;
-    rvMod->base.lock = PZ_NewLock(nssNSSILockOther);
-    if (!rvMod->base.lock) {
-	goto loser;
-    }
-    /* everything else is 0/NULL at this point. */
-    return rvMod;
-loser:
-    nssArena_Destroy(arena);
-    return (NSSModule *)NULL;
-}
-
-NSS_EXTERN PRStatus
-nssCryptokiArgs_ParseNextPair
-(
-  NSSUTF8 *start,
-  NSSUTF8 **attrib,
-  NSSUTF8 **value,
-  NSSUTF8 **remainder,
-  NSSArena *arenaOpt
-);
-
-static PRStatus
-parse_slot_flags
-(
-  NSSSlot *slot,
-  NSSUTF8 *slotFlags
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-#if 0
-    PRBool done = PR_FALSE;
-    NSSUTF8 *mark, *last;
-    last = mark = slotFlags;
-    while (PR_TRUE) {
-	while (*mark && *mark != ',') ++mark;
-	if (!*mark) done = PR_TRUE;
-	*mark = '\0';
-	if (nssUTF8_Equal(last, "RANDOM", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_HAS_RANDOM;
-	} else if (nssUTF8_Equal(last, "RSA", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_RSA;
-	} else if (nssUTF8_Equal(last, "DSA", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_DSA;
-	} else if (nssUTF8_Equal(last, "DH", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_DH;
-	} else if (nssUTF8_Equal(last, "RC2", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_RC2;
-	} else if (nssUTF8_Equal(last, "RC4", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_RC4;
-	} else if (nssUTF8_Equal(last, "RC5", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_RC5;
-	} else if (nssUTF8_Equal(last, "DES", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_DES;
-	} else if (nssUTF8_Equal(last, "AES", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_AES;
-	} else if (nssUTF8_Equal(last, "SHA1", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_SHA1;
-	} else if (nssUTF8_Equal(last, "MD2", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_MD2;
-	} else if (nssUTF8_Equal(last, "MD5", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_MD5;
-	} else if (nssUTF8_Equal(last, "SSL", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_SSL;
-	} else if (nssUTF8_Equal(last, "TLS", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_TLS;
-	} else if (nssUTF8_Equal(last, "PublicCerts", &nssrv)) {
-	    slot->base.flags |= NSSSLOT_FLAGS_FRIENDLY;
-	} else {
-	    return PR_FAILURE;
-	}
-	if (done) break;
-	last = ++mark;
-    }
-#endif
-    return nssrv;
-}
-
-static PRStatus
-parse_slot_parameters
-(
-  NSSSlot *slot,
-  NSSUTF8 *slotParams,
-  NSSArena *tmparena
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    NSSUTF8 *current, *remainder;
-    NSSUTF8 *attrib, *value;
-    current = slotParams;
-    while (nssrv == PR_SUCCESS) {
-	nssrv = nssCryptokiArgs_ParseNextPair(current, 
-	                                      &attrib, &value, 
-	                                      &remainder, tmparena);
-	if (nssrv != PR_SUCCESS) break;
-	if (value) {
-	    if (nssUTF8_Equal(attrib, "slotFlags", &nssrv)) {
-		nssrv = parse_slot_flags(slot, value);
-	    } else if (nssUTF8_Equal(attrib, "askpw", &nssrv)) {
-	    } else if (nssUTF8_Equal(attrib, "timeout", &nssrv)) {
-	    }
-	}
-	if (*remainder == '\0') break;
-	current = remainder;
-    }
-    return nssrv;
-}
-
-/* softoken seems to use "0x0000001", but no standard yet...  perhaps this
- * should store the number as an ID, in case the input isn't 1,2,3,...?
- */
-static PRIntn
-get_slot_number(NSSUTF8* snString)
-{
-    /* XXX super big hack */
-    return atoi(&snString[strlen(snString)-1]);
-}
-
-static PRStatus
-parse_module_slot_parameters
-(
-  NSSModule *mod,
-  NSSUTF8 *slotParams
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    NSSUTF8 *current, *remainder;
-    NSSUTF8 *attrib, *value;
-    NSSArena *tmparena;
-    PRIntn slotNum;
-    tmparena = nssArena_Create();
-    if (!tmparena) {
-	return PR_FAILURE;
-    }
-    current = slotParams;
-    while (nssrv == PR_SUCCESS) {
-	nssrv = nssCryptokiArgs_ParseNextPair(current, 
-	                                      &attrib, &value, 
-	                                      &remainder, tmparena);
-	if (nssrv != PR_SUCCESS) break;
-	if (value) {
-	    slotNum = get_slot_number(attrib);
-	    if (slotNum < 0 || slotNum > mod->numSlots) {
-		return PR_FAILURE;
-	    }
-	    nssrv = parse_slot_parameters(mod->slots[slotNum], 
-	                                  value, tmparena);
-	    if (nssrv != PR_SUCCESS) break;
-	}
-	if (*remainder == '\0') break;
-	current = remainder;
-    }
-    return nssrv;
-}
-
-static PRStatus
-parse_nss_flags
-(
-  NSSModule *mod,
-  NSSUTF8 *nssFlags
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    PRBool done = PR_FALSE;
-    NSSUTF8 *mark, *last;
-    last = mark = nssFlags;
-    while (PR_TRUE) {
-	while (*mark && *mark != ',') ++mark;
-	if (!*mark) done = PR_TRUE;
-	*mark = '\0';
-	if (nssUTF8_Equal(last, "internal", &nssrv)) {
-	    mod->base.flags |= NSSMODULE_FLAGS_INTERNAL;
-	} else if (nssUTF8_Equal(last, "moduleDB", &nssrv)) {
-	    mod->base.flags |= NSSMODULE_FLAGS_MODULE_DB;
-	} else if (nssUTF8_Equal(last, "moduleDBOnly", &nssrv)) {
-	    mod->base.flags |= NSSMODULE_FLAGS_MODULE_DB_ONLY;
-	} else if (nssUTF8_Equal(last, "critical", &nssrv)) {
-	    mod->base.flags |= NSSMODULE_FLAGS_CRITICAL;
-	} else {
-	    return PR_FAILURE;
-	}
-	if (done) break;
-	last = ++mark;
-    }
-    return nssrv;
-}
-
-static PRStatus
-parse_nss_parameters
-(
-  NSSModule *mod,
-  NSSUTF8 *nssParams,
-  NSSArena *tmparena,
-  NSSUTF8 **slotParams
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    NSSUTF8 *current, *remainder;
-    NSSUTF8 *attrib, *value;
-    current = nssParams;
-    while (nssrv == PR_SUCCESS) {
-	nssrv = nssCryptokiArgs_ParseNextPair(current, 
-	                                      &attrib, &value, 
-	                                      &remainder, tmparena);
-	if (nssrv != PR_SUCCESS) break;
-	if (value) {
-	    if (nssUTF8_Equal(attrib, "flags", &nssrv) ||
-	        nssUTF8_Equal(attrib, "Flags", &nssrv)) {
-		nssrv = parse_nss_flags(mod, value);
-	    } else if (nssUTF8_Equal(attrib, "trustOrder", &nssrv)) {
-		mod->order.trust = atoi(value);
-	    } else if (nssUTF8_Equal(attrib, "cipherOrder", &nssrv)) {
-		mod->order.cipher = atoi(value);
-	    } else if (nssUTF8_Equal(attrib, "ciphers", &nssrv)) {
-	    } else if (nssUTF8_Equal(attrib, "slotParams", &nssrv)) {
-		/* slotParams doesn't get an arena, it is handled separately */
-		*slotParams = nssUTF8_Duplicate(value, NULL);
-	    }
-	}
-	if (*remainder == '\0') break;
-	current = remainder;
-    }
-    return nssrv;
-}
-
-static PRStatus
-parse_module_parameters
-(
-  NSSModule *mod,
-  NSSUTF8 *moduleParams,
-  NSSUTF8 **slotParams
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    NSSUTF8 *current, *remainder;
-    NSSUTF8 *attrib, *value;
-    NSSArena *arena = mod->base.arena;
-    NSSArena *tmparena;
-    current = moduleParams;
-    tmparena = nssArena_Create();
-    if (!tmparena) {
-	return PR_FAILURE;
-    }
-    while (nssrv == PR_SUCCESS) {
-	nssrv = nssCryptokiArgs_ParseNextPair(current, 
-	                                      &attrib, &value, 
-	                                      &remainder, tmparena);
-	if (nssrv != PR_SUCCESS) break;
-	if (value) {
-	    if (nssUTF8_Equal(attrib, "name", &nssrv)) {
-		mod->base.name = nssUTF8_Duplicate(value, arena);
-	    } else if (nssUTF8_Equal(attrib, "library", &nssrv)) {
-		mod->libraryName = nssUTF8_Duplicate(value, arena);
-	    } else if (nssUTF8_Equal(attrib, "parameters", &nssrv)) {
-		mod->libraryParams = nssUTF8_Duplicate(value, arena);
-	    } else if (nssUTF8_Equal(attrib, "NSS", &nssrv)) {
-		parse_nss_parameters(mod, value, tmparena, slotParams);
-	    }
-	}
-	if (*remainder == '\0') break;
-	current = remainder;
-    }
-    nssArena_Destroy(tmparena);
-    return nssrv;
-}
-
-static NSSUTF8 **
-get_module_specs
-(
-  NSSModule *mod
-)
-{
-    SECMODModuleDBFunc func = (SECMODModuleDBFunc)mod->moduleDBFunc;
-    if (func) {
-	return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
-	               mod->libraryParams,
-	               NULL);
-    }
-    return NULL;
-}
-
-/* XXX continue working on */
-NSS_IMPLEMENT NSSModule *
-nssModule_CreateFromSpec
-(
-  NSSUTF8 *moduleSpec,
-  NSSModule *parent,
-  PRBool loadSubModules
-)
-{
-    PRStatus nssrv;
-    NSSModule *thisModule;
-    NSSArena *arena;
-    NSSUTF8 *slotParams = NULL;
-    arena = nssArena_Create();
-    if (!arena) {
-	return NULL;
-    }
-    thisModule = nss_ZNEW(arena, NSSModule);
-    if (!thisModule) {
-	goto loser;
-    }
-    thisModule->base.lock = PZ_NewLock(nssILockOther);
-    if (!thisModule->base.lock) {
-	goto loser;
-    }
-    PR_AtomicIncrement(&thisModule->base.refCount);
-    thisModule->base.arena = arena;
-    thisModule->base.lock = PZ_NewLock(nssNSSILockOther);
-    if (!thisModule->base.lock) {
-	goto loser;
-    }
-    nssrv = parse_module_parameters(thisModule, moduleSpec, &slotParams);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    nssrv = nssModule_Load(thisModule);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    if (slotParams) {
-	nssrv = parse_module_slot_parameters(thisModule, slotParams);
-	nss_ZFreeIf(slotParams);
-	if (nssrv != PR_SUCCESS) {
-	    goto loser;
-	}
-    }
-    if (loadSubModules && NSSMODULE_IS_MODULE_DB(thisModule)) {
-	NSSUTF8 **moduleSpecs;
-	NSSUTF8 **index;
-	/* get the array of sub modules one level below this module */
-	moduleSpecs = get_module_specs(thisModule);
-	/* iterate over the array */
-	for (index = moduleSpecs; index && *index; index++) {
-	    NSSModule *child;
-	    /* load the child recursively */
-	    child = nssModule_CreateFromSpec(*index, thisModule, PR_TRUE);
-	    if (!child) {
-		/* when children fail, does the parent? */
-		nssrv = PR_FAILURE;
-		break;
-	    }
-	    if (NSSMODULE_IS_CRITICAL(child) && !child->isLoaded) {
-		nssrv = PR_FAILURE;
-		nssModule_Destroy(child);
-		break;
-	    }
-	    nssModule_Destroy(child);
-	    /*nss_ZFreeIf(*index);*/
-	}
-	/*nss_ZFreeIf(moduleSpecs);*/
-    }
-    /* The global list inherits the reference */
-    nssrv = nssGlobalModuleList_Add(thisModule);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    return thisModule;
-loser:
-    if (thisModule->base.lock) {
-	PZ_DestroyLock(thisModule->base.lock);
-    }
-    nssArena_Destroy(arena);
-    return (NSSModule *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Destroy
-(
-  NSSModule *mod
-)
-{
-    PRUint32 i, numSlots;
-    PR_AtomicDecrement(&mod->base.refCount);
-    if (mod->base.refCount == 0) {
-	if (mod->numSlots == 0) {
-	    (void)nssModule_Unload(mod);
-	    return nssArena_Destroy(mod->base.arena);
-	} else {
-	    numSlots = mod->numSlots;
-	    for (i=0; i<numSlots; i++) {
-		nssSlot_Destroy(mod->slots[i]);
-	    }
-	}
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_DestroyFromSlot
-(
-  NSSModule *mod,
-  NSSSlot *slot
-)
-{
-    PRUint32 i, numSlots = 0;
-    PR_ASSERT(mod->base.refCount == 0);
-    for (i=0; i<mod->numSlots; i++) {
-	if (mod->slots[i] == slot) {
-	    mod->slots[i] = NULL;
-	} else if (mod->slots[i]) {
-	    numSlots++;
-	}
-    }
-    if (numSlots == 0) {
-	(void)nssModule_Unload(mod);
-	return nssArena_Destroy(mod->base.arena);
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSModule *
-nssModule_AddRef
-(
-  NSSModule *mod
-)
-{
-    PR_AtomicIncrement(&mod->base.refCount);
-    return mod;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssModule_GetName
-(
-  NSSModule *mod
-)
-{
-    return mod->base.name;
-}
-
-NSS_IMPLEMENT PRBool
-nssModule_IsThreadSafe
-(
-  NSSModule *module
-)
-{
-    return NSSMODULE_IS_THREADSAFE(module);
-}
-
-NSS_IMPLEMENT PRBool
-nssModule_IsInternal
-(
-  NSSModule *mod
-)
-{
-    return NSSMODULE_IS_INTERNAL(mod);
-}
-
-NSS_IMPLEMENT PRBool
-nssModule_IsModuleDBOnly
-(
-  NSSModule *mod
-)
-{
-    return NSSMODULE_IS_MODULE_DB_ONLY(mod);
-}
-
-NSS_IMPLEMENT void *
-nssModule_GetCryptokiEPV
-(
-  NSSModule *mod
-)
-{
-    return mod->epv;
-}
-
-NSS_IMPLEMENT NSSSlot **
-nssModule_GetSlots
-(
-  NSSModule *mod
-)
-{
-    PRUint32 i;
-    NSSSlot **rvSlots;
-    rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, mod->numSlots + 1);
-    if (rvSlots) {
-	for (i=0; i<mod->numSlots; i++) {
-	    rvSlots[i] = nssSlot_AddRef(mod->slots[i]);
-	}
-    }
-    return rvSlots;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssModule_FindSlotByName
-(
-  NSSModule *mod,
-  NSSUTF8 *slotName
-)
-{
-    PRUint32 i;
-    PRStatus nssrv;
-    NSSSlot *slot;
-    NSSUTF8 *name;
-    for (i=0; i<mod->numSlots; i++) {
-	slot = mod->slots[i];
-	name = nssSlot_GetName(slot);
-	if (nssUTF8_Equal(name, slotName, &nssrv)) {
-	    return nssSlot_AddRef(slot);
-	}
-	if (nssrv != PR_SUCCESS) {
-	    break;
-	}
-    }
-    return (NSSSlot *)NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssModule_FindTokenByName
-(
-  NSSModule *mod,
-  NSSUTF8 *tokenName
-)
-{
-    PRUint32 i;
-    PRStatus nssrv;
-    NSSToken *tok;
-    NSSUTF8 *name;
-    for (i=0; i<mod->numSlots; i++) {
-	tok = nssSlot_GetToken(mod->slots[i]);
-	if (tok) {
-	    name = nssToken_GetName(tok);
-	    if (nssUTF8_Equal(name, tokenName, &nssrv)) {
-		return tok;
-	    }
-	    if (nssrv != PR_SUCCESS) {
-		break;
-	    }
-	}
-    }
-    return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT PRInt32
-nssModule_GetCertOrder
-(
-  NSSModule *module
-)
-{
-    return 1; /* XXX */
-}
-
-#endif /* PURE_STAN_BUILD */
-
diff --git a/security/nss/lib/dev/devslot.c b/security/nss/lib/dev/devslot.c
deleted file mode 100644
index 0370b9be3..000000000
--- a/security/nss/lib/dev/devslot.c
+++ /dev/null
@@ -1,834 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-/* measured in seconds */
-#define NSSSLOT_TOKEN_DELAY_TIME 10
-
-/* this should track global and per-transaction login information */
-
-#ifdef PURE_STAN_CODE
-typedef enum {
-  nssSlotAskPasswordTimes_FirstTime = 0,
-  nssSlotAskPasswordTimes_EveryTime = 1,
-  nssSlotAskPasswordTimes_Timeout = 2
-} 
-nssSlotAskPasswordTimes;
-
-struct nssSlotAuthInfoStr
-{
-  PRTime lastLogin;
-  nssSlotAskPasswordTimes askTimes;
-  PRIntervalTime askPasswordTimeout;
-};
-
-struct NSSSlotStr
-{
-  struct nssDeviceBaseStr base;
-  NSSModule *module; /* Parent */
-  NSSToken *token;  /* Peer */
-  CK_SLOT_ID slotID;
-  CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */
-  struct nssSlotAuthInfoStr authInfo;
-  PRIntervalTime lastTokenPing;
-#ifdef NSS_3_4_CODE
-  PK11SlotInfo *pk11slot;
-#endif
-};
-#endif /* PURE_STAN_CODE */
-
-#define NSSSLOT_IS_FRIENDLY(slot) \
-  (slot->base.flags & NSSSLOT_FLAGS_FRIENDLY)
-
-/* measured as interval */
-static PRIntervalTime s_token_delay_time = 0;
-
-/* The flags needed to open a read-only session. */
-static const CK_FLAGS s_ck_readonly_flags = CKF_SERIAL_SESSION;
-
-/* In pk11slot.c, this was a no-op.  So it is here also. */
-static CK_RV PR_CALLBACK
-nss_ck_slot_notify
-(
-  CK_SESSION_HANDLE session,
-  CK_NOTIFICATION event,
-  CK_VOID_PTR pData
-)
-{
-    return CKR_OK;
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT NSSSlot *
-nssSlot_Create
-(
-  CK_SLOT_ID slotID,
-  NSSModule *parent
-)
-{
-    NSSArena *arena = NULL;
-    NSSSlot *rvSlot;
-    NSSToken *token = NULL;
-    NSSUTF8 *slotName = NULL;
-    PRUint32 length;
-    CK_SLOT_INFO slotInfo;
-    CK_RV ckrv;
-    void *epv;
-    arena = NSSArena_Create();
-    if(!arena) {
-	return (NSSSlot *)NULL;
-    }
-    rvSlot = nss_ZNEW(arena, NSSSlot);
-    if (!rvSlot) {
-	goto loser;
-    }
-    /* Get slot information */
-    epv = nssModule_GetCryptokiEPV(parent);
-    ckrv = CKAPI(epv)->C_GetSlotInfo(slotID, &slotInfo);
-    if (ckrv != CKR_OK) {
-	/* set an error here, eh? */
-	goto loser;
-    }
-    /* Grab the slot description from the PKCS#11 fixed-length buffer */
-    length = nssPKCS11String_Length(slotInfo.slotDescription, 
-                                    sizeof(slotInfo.slotDescription));
-    if (length > 0) {
-	slotName = nssUTF8_Create(arena, nssStringType_UTF8String, 
-	                          (void *)slotInfo.slotDescription, length);
-	if (!slotName) {
-	    goto loser;
-	}
-    }
-    rvSlot->base.arena = arena;
-    rvSlot->base.refCount = 1;
-    rvSlot->base.name = slotName;
-    rvSlot->base.lock = PZ_NewLock(nssNSSILockOther); /* XXX */
-    if (!rvSlot->base.lock) {
-	goto loser;
-    }
-    rvSlot->module = parent; /* refs go from module to slots */
-    rvSlot->slotID = slotID;
-    rvSlot->ckFlags = slotInfo.flags;
-    /* Initialize the token if present. */
-    if (slotInfo.flags & CKF_TOKEN_PRESENT) {
-	token = nssToken_Create(slotID, rvSlot);
-	if (!token) {
-	    goto loser;
-	}
-    }
-    rvSlot->token = token;
-    return rvSlot;
-loser:
-    nssArena_Destroy(arena);
-    /* everything was created in the arena, nothing to see here, move along */
-    return (NSSSlot *)NULL;
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Destroy
-(
-  NSSSlot *slot
-)
-{
-    if (slot) {
-	PR_AtomicDecrement(&slot->base.refCount);
-	if (slot->base.refCount == 0) {
-	    PZ_DestroyLock(slot->base.lock);
-#ifdef PURE_STAN_BUILD
-	    nssToken_Destroy(slot->token);
-	    nssModule_DestroyFromSlot(slot->module, slot);
-#endif
-	    return nssArena_Destroy(slot->base.arena);
-	}
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-NSSSlot_Destroy
-(
-  NSSSlot *slot
-)
-{
-    (void)nssSlot_Destroy(slot);
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssSlot_AddRef
-(
-  NSSSlot *slot
-)
-{
-    PR_AtomicIncrement(&slot->base.refCount);
-    return slot;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssSlot_GetName
-(
-  NSSSlot *slot
-)
-{
-    return slot->base.name;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssSlot_GetTokenName
-(
-  NSSSlot *slot
-)
-{
-    return nssToken_GetName(slot->token);
-}
-
-static PRBool
-within_token_delay_period(NSSSlot *slot)
-{
-    PRIntervalTime time, lastTime;
-    /* Set the delay time for checking the token presence */
-    if (s_token_delay_time == 0) {
-	s_token_delay_time = PR_SecondsToInterval(NSSSLOT_TOKEN_DELAY_TIME);
-    }
-    time = PR_IntervalNow();
-    lastTime = slot->lastTokenPing;
-    if ((time > lastTime) && ((time - lastTime) < s_token_delay_time)) {
-	return PR_TRUE;
-    }
-    slot->lastTokenPing = time;
-    return PR_FALSE;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsTokenPresent
-(
-  NSSSlot *slot
-)
-{
-    CK_RV ckrv;
-    PRStatus nssrv;
-    /* XXX */
-    nssSession *session;
-    CK_SLOT_INFO slotInfo;
-    void *epv;
-    /* permanent slots are always present */
-    if (nssSlot_IsPermanent(slot)) {
-	return PR_TRUE;
-    }
-    /* avoid repeated calls to check token status within set interval */
-    if (within_token_delay_period(slot)) {
-	return (PRBool)((slot->ckFlags & CKF_TOKEN_PRESENT) != 0);
-    }
-    /* First obtain the slot info */
-#ifdef PURE_STAN_BUILD
-    epv = nssModule_GetCryptokiEPV(slot->module);
-#else
-    epv = slot->epv;
-#endif
-    if (!epv) {
-	return PR_FALSE;
-    }
-    ckrv = CKAPI(epv)->C_GetSlotInfo(slot->slotID, &slotInfo);
-    if (ckrv != CKR_OK) {
-	slot->token->base.name[0] = 0; /* XXX */
-	return PR_FALSE;
-    }
-    slot->ckFlags = slotInfo.flags;
-    /* check for the presence of the token */
-    if ((slot->ckFlags & CKF_TOKEN_PRESENT) == 0) {
-	if (!slot->token) {
-	    /* token was ne'er present */
-	    return PR_FALSE;
-	}
-	session = nssToken_GetDefaultSession(slot->token);
-	nssSession_EnterMonitor(session);
-	/* token is not present */
-	if (session->handle != CK_INVALID_SESSION) {
-	    /* session is valid, close and invalidate it */
-	    CKAPI(epv)->C_CloseSession(session->handle);
-	    session->handle = CK_INVALID_SESSION;
-	}
-	nssSession_ExitMonitor(session);
-#ifdef NSS_3_4_CODE
-	if (slot->token->base.name[0] != 0) {
-	    /* notify the high-level cache that the token is removed */
-	    slot->token->base.name[0] = 0; /* XXX */
-	    nssToken_NotifyCertsNotVisible(slot->token);
-	}
-#endif
-	slot->token->base.name[0] = 0; /* XXX */
-	/* clear the token cache */
-	nssToken_Remove(slot->token);
-	return PR_FALSE;
-#ifdef PURE_STAN_CODE
-    } else if (!slot->token) {
-	/* token was not present at boot time, is now */
-	slot->token = nssToken_Create(slot->slotID, slot);
-	return (slot->token != NULL);
-#endif
-    }
-    /* token is present, use the session info to determine if the card
-     * has been removed and reinserted.
-     */
-    session = nssToken_GetDefaultSession(slot->token);
-    nssSession_EnterMonitor(session);
-    if (session->handle != CK_INVALID_SESSION) {
-	CK_SESSION_INFO sessionInfo;
-	ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
-	if (ckrv != CKR_OK) {
-	    /* session is screwy, close and invalidate it */
-	    CKAPI(epv)->C_CloseSession(session->handle);
-	    session->handle = CK_INVALID_SESSION;
-	}
-    }
-    nssSession_ExitMonitor(session);
-    /* token not removed, finished */
-    if (session->handle != CK_INVALID_SESSION) {
-	return PR_TRUE;
-    } else {
-	/* token has been removed, need to refresh with new session */
-	nssrv = nssSlot_Refresh(slot);
-	if (nssrv != PR_SUCCESS) {
-	    slot->token->base.name[0] = 0; /* XXX */
-	    return PR_FALSE;
-	}
-	return PR_TRUE;
-    }
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT NSSModule *
-nssSlot_GetModule
-(
-  NSSSlot *slot
-)
-{
-    return nssModule_AddRef(slot->module);
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT void *
-nssSlot_GetCryptokiEPV
-(
-  NSSSlot *slot
-)
-{
-#ifdef PURE_STAN_BUILD
-    return nssModule_GetCryptokiEPV(slot->module);
-#else
-    return slot->epv;
-#endif
-}
-
-NSS_IMPLEMENT NSSToken *
-nssSlot_GetToken
-(
-  NSSSlot *slot
-)
-{
-    if (nssSlot_IsTokenPresent(slot)) {
-	return nssToken_AddRef(slot->token);
-    }
-    return (NSSToken *)NULL;
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT PRBool
-nssSlot_IsPermanent
-(
-  NSSSlot *slot
-)
-{
-    return (!(slot->ckFlags & CKF_REMOVABLE_DEVICE));
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsFriendly
-(
-  NSSSlot *slot
-)
-{
-    return PR_TRUE /* XXX NSSSLOT_IS_FRIENDLY(slot)*/;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsHardware
-(
-  NSSSlot *slot
-)
-{
-    return (slot->ckFlags & CKF_HW_SLOT);
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Refresh
-(
-  NSSSlot *slot
-)
-{
-    /* XXX */
-#if 0
-    nssToken_Destroy(slot->token);
-    if (slotInfo.flags & CKF_TOKEN_PRESENT) {
-	slot->token = nssToken_Create(NULL, slotID, slot);
-    }
-#endif
-    return PR_SUCCESS;
-}
-
-static PRBool
-slot_needs_login
-(
-  NSSSlot *slot,
-  nssSession *session
-)
-{
-    PRBool needsLogin, logout;
-    struct nssSlotAuthInfoStr *authInfo = &slot->authInfo;
-    void *epv = nssModule_GetCryptokiEPV(slot->module);
-    if (!nssToken_IsLoginRequired(slot->token)) {
-	return PR_FALSE;
-    }
-    if (authInfo->askTimes == nssSlotAskPasswordTimes_EveryTime) {
-	logout = PR_TRUE;
-    } else if (authInfo->askTimes == nssSlotAskPasswordTimes_Timeout) {
-	PRIntervalTime currentTime = PR_IntervalNow();
-	if (authInfo->lastLogin - currentTime < authInfo->askPasswordTimeout) {
-	    logout = PR_FALSE;
-	} else {
-	    logout = PR_TRUE;
-	}
-    } else { /* nssSlotAskPasswordTimes_FirstTime */
-	logout = PR_FALSE;
-    }
-    if (logout) {
-	/* The login has expired, timeout */
-	nssSession_EnterMonitor(session);
-	CKAPI(epv)->C_Logout(session->handle);
-	nssSession_ExitMonitor(session);
-	needsLogin = PR_TRUE;
-    } else {
-	CK_RV ckrv;
-	CK_SESSION_INFO sessionInfo;
-	nssSession_EnterMonitor(session);
-	ckrv = CKAPI(epv)->C_GetSessionInfo(session->handle, &sessionInfo);
-	nssSession_ExitMonitor(session);
-	if (ckrv != CKR_OK) {
-	    /* XXX error -- invalidate session */ 
-	    return PR_FALSE;
-	}
-	switch (sessionInfo.state) {
-	case CKS_RW_PUBLIC_SESSION:
-	case CKS_RO_PUBLIC_SESSION:
-	default:
-	    needsLogin = PR_TRUE;
-	    break;
-	case CKS_RW_USER_FUNCTIONS:
-	case CKS_RW_SO_FUNCTIONS:
-	case CKS_RO_USER_FUNCTIONS:
-	    needsLogin = PR_FALSE;
-	    break;
-	}
-    }
-    return needsLogin;
-}
-
-static PRStatus
-slot_login
-(
-  NSSSlot *slot, 
-  nssSession *session, 
-  CK_USER_TYPE userType, 
-  NSSCallback *pwcb
-)
-{
-    PRStatus nssrv;
-    PRUint32 attempts;
-    PRBool keepTrying;
-    NSSUTF8 *password = NULL;
-    CK_ULONG pwLen;
-    CK_RV ckrv;
-    void *epv;
-    if (!pwcb->getPW) {
-	/* set error INVALID_ARG */
-	return PR_FAILURE;
-    }
-    epv = nssModule_GetCryptokiEPV(slot->module);
-    keepTrying = PR_TRUE;
-    nssrv = PR_FAILURE;
-    attempts = 0;
-    while (keepTrying) {
-	/* use the token name, since it is present */
-	NSSUTF8 *tokenName = nssToken_GetName(slot->token);
-	nssrv = pwcb->getPW(tokenName, attempts, pwcb->arg, &password);
-	if (nssrv != PR_SUCCESS) {
-	    nss_SetError(NSS_ERROR_USER_CANCELED);
-	    break;
-	}
-	pwLen = (CK_ULONG)nssUTF8_Length(password, &nssrv); 
-	if (nssrv != PR_SUCCESS) {
-	    break;
-	}
-	nssSession_EnterMonitor(session);
-	ckrv = CKAPI(epv)->C_Login(session->handle, userType, 
-                                   (CK_CHAR_PTR)password, pwLen);
-	nssSession_ExitMonitor(session);
-	switch (ckrv) {
-	case CKR_OK:
-	case CKR_USER_ALREADY_LOGGED_IN:
-	    slot->authInfo.lastLogin = PR_Now();
-	    nssrv = PR_SUCCESS;
-	    keepTrying = PR_FALSE;
-	    break;
-	case CKR_PIN_INCORRECT:
-	    nss_SetError(NSS_ERROR_INVALID_PASSWORD);
-	    keepTrying = PR_TRUE; /* received bad pw, keep going */
-	    break;
-	default:
-	    nssrv = PR_FAILURE;
-	    keepTrying = PR_FALSE;
-	    break;
-	}
-	nss_ZFreeIf(password);
-	password = NULL;
-	++attempts;
-    }
-    return nssrv;
-}
-
-static PRStatus
-init_slot_password
-(
-  NSSSlot *slot, 
-  nssSession *rwSession, 
-  NSSUTF8 *password
-)
-{
-    PRStatus status;
-    NSSUTF8 *ssoPW = "";
-    CK_ULONG userPWLen, ssoPWLen;
-    CK_RV ckrv;
-    void *epv = nssModule_GetCryptokiEPV(slot->module);
-    /* Get the SO and user passwords */
-    userPWLen = (CK_ULONG)nssUTF8_Length(password, &status); 
-    if (status != PR_SUCCESS) {
-	goto loser;
-    }
-    ssoPWLen = (CK_ULONG)nssUTF8_Length(ssoPW, &status); 
-    if (status != PR_SUCCESS) {
-	goto loser;
-    }
-    /* First log in as SO */
-    ckrv = CKAPI(epv)->C_Login(rwSession->handle, CKU_SO, 
-                               (CK_CHAR_PTR)ssoPW, ssoPWLen);
-    if (ckrv != CKR_OK) {
-	/* set error ...SO_LOGIN_FAILED */
-	goto loser;
-    }
-	/* Now change the user PIN */
-    ckrv = CKAPI(epv)->C_InitPIN(rwSession->handle, 
-                                 (CK_CHAR_PTR)password, userPWLen);
-    if (ckrv != CKR_OK) {
-	/* set error */
-	goto loser;
-    }
-    return PR_SUCCESS;
-loser:
-    return PR_FAILURE;
-}
-
-static PRStatus
-change_slot_password
-(
-  NSSSlot *slot, 
-  nssSession *rwSession, 
-  NSSUTF8 *oldPassword,
-  NSSUTF8 *newPassword
-)
-{
-    PRStatus status;
-    CK_ULONG userPWLen, newPWLen;
-    CK_RV ckrv;
-    void *epv = nssModule_GetCryptokiEPV(slot->module);
-    userPWLen = (CK_ULONG)nssUTF8_Length(oldPassword, &status); 
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    newPWLen = (CK_ULONG)nssUTF8_Length(newPassword, &status); 
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    nssSession_EnterMonitor(rwSession);
-    ckrv = CKAPI(epv)->C_SetPIN(rwSession->handle,
-                                (CK_CHAR_PTR)oldPassword, userPWLen,
-                                (CK_CHAR_PTR)newPassword, newPWLen);
-    nssSession_ExitMonitor(rwSession);
-    switch (ckrv) {
-    case CKR_OK:
-	slot->authInfo.lastLogin = PR_Now();
-	status = PR_SUCCESS;
-	break;
-    case CKR_PIN_INCORRECT:
-	nss_SetError(NSS_ERROR_INVALID_PASSWORD);
-	status = PR_FAILURE;
-	break;
-    default:
-	status = PR_FAILURE;
-	break;
-    }
-    return status;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Login
-(
-  NSSSlot *slot,
-  NSSCallback *pwcb
-)
-{
-    PRStatus status;
-    CK_USER_TYPE userType = CKU_USER;
-    NSSToken *token = nssSlot_GetToken(slot);
-    nssSession *session;
-    if (!token) {
-	return PR_FAILURE;
-    }
-    if (!nssToken_IsLoginRequired(token)) {
-	nssToken_Destroy(token);
-	return PR_SUCCESS;
-    }
-    session = nssToken_GetDefaultSession(slot->token);
-    if (nssToken_NeedsPINInitialization(token)) {
-	NSSUTF8 *password = NULL;
-	if (!pwcb->getInitPW) {
-	    nssToken_Destroy(token);
-	    return PR_FAILURE; /* don't know how to get initial password */
-	}
-	status = (*pwcb->getInitPW)(slot->base.name, pwcb->arg, &password);
-	if (status == PR_SUCCESS) {
-	    session = nssSlot_CreateSession(slot, NULL, PR_TRUE);
-	    status = init_slot_password(slot, session, password);
-	    nssSession_Destroy(session);
-	}
-    } else if (slot_needs_login(slot, session)) {
-	status = slot_login(slot, session, userType, pwcb);
-    } else {
-	status = PR_SUCCESS;
-    }
-    nssToken_Destroy(token);
-    return status;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Logout
-(
-  NSSSlot *slot,
-  nssSession *sessionOpt
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    nssSession *session;
-    CK_RV ckrv;
-    void *epv = nssModule_GetCryptokiEPV(slot->module);
-    session = sessionOpt ? 
-              sessionOpt : 
-              nssToken_GetDefaultSession(slot->token);
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_Logout(session->handle);
-    nssSession_ExitMonitor(session);
-    if (ckrv != CKR_OK) {
-	/* translate the error */
-	nssrv = PR_FAILURE;
-    }
-    return nssrv;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsLoggedIn
-(
-  NSSSlot *slot
-)
-{
-    nssSession *session = nssToken_GetDefaultSession(slot->token);
-    return !slot_needs_login(slot, session);
-}
-
-NSS_IMPLEMENT void
-nssSlot_SetPasswordDefaults
-(
-  NSSSlot *slot,
-  PRInt32 askPasswordTimeout
-)
-{
-    slot->authInfo.askPasswordTimeout = askPasswordTimeout;
-}
-
-
-NSS_IMPLEMENT PRStatus
-nssSlot_SetPassword
-(
-  NSSSlot *slot,
-  NSSUTF8 *oldPasswordOpt,
-  NSSUTF8 *newPassword
-)
-{
-    PRStatus status;
-    nssSession *rwSession;
-    NSSToken *token = nssSlot_GetToken(slot);
-    if (!token) {
-	return PR_FAILURE;
-    }
-    rwSession = nssSlot_CreateSession(slot, NULL, PR_TRUE);
-    if (nssToken_NeedsPINInitialization(token)) {
-	status = init_slot_password(slot, rwSession, newPassword);
-    } else if (oldPasswordOpt) {
-	status = change_slot_password(slot, rwSession, 
-	                              oldPasswordOpt, newPassword);
-    } else {
-	/* old password must be given in order to change */
-	status = PR_FAILURE;
-    }
-    nssSession_Destroy(rwSession);
-    nssToken_Destroy(token);
-    return status;
-}
-
-NSS_IMPLEMENT nssSession *
-nssSlot_CreateSession
-(
-  NSSSlot *slot,
-  NSSArena *arenaOpt,
-  PRBool readWrite /* so far, this is the only flag used */
-)
-{
-    CK_RV ckrv;
-    CK_FLAGS ckflags;
-    CK_SESSION_HANDLE handle;
-    void *epv = nssModule_GetCryptokiEPV(slot->module);
-    nssSession *rvSession;
-    ckflags = s_ck_readonly_flags;
-    if (readWrite) {
-	ckflags |= CKF_RW_SESSION;
-    }
-    ckrv = CKAPI(epv)->C_OpenSession(slot->slotID, ckflags,
-                                     slot, nss_ck_slot_notify, &handle);
-    if (ckrv != CKR_OK) {
-	/* set an error here, eh? */
-	return (nssSession *)NULL;
-    }
-    rvSession = nss_ZNEW(arenaOpt, nssSession);
-    if (!rvSession) {
-	return (nssSession *)NULL;
-    }
-    if (!nssModule_IsThreadSafe(slot->module)) {
-	/* If the parent module is not threadsafe, create lock to manage 
-	 * session within threads.
-	 */
-	rvSession->lock = PZ_NewLock(nssILockOther);
-	if (!rvSession->lock) {
-	    /* need to translate NSPR error? */
-	    if (arenaOpt) {
-	    } else {
-		nss_ZFreeIf(rvSession);
-	    }
-	    return (nssSession *)NULL;
-	}
-    }
-    rvSession->handle = handle;
-    rvSession->slot = slot;
-    rvSession->isRW = readWrite;
-    return rvSession;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_Destroy
-(
-  nssSession *s
-)
-{
-    CK_RV ckrv = CKR_OK;
-    if (s) {
-	void *epv = s->slot->epv;
-	ckrv = CKAPI(epv)->C_CloseSession(s->handle);
-	if (s->lock) {
-	    PZ_DestroyLock(s->lock);
-	}
-	nss_ZFreeIf(s);
-    }
-    return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT PRStatus
-nssSession_EnterMonitor
-(
-  nssSession *s
-)
-{
-    if (s->lock) PZ_Lock(s->lock);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_ExitMonitor
-(
-  nssSession *s
-)
-{
-    return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
-}
-
-NSS_EXTERN PRBool
-nssSession_IsReadWrite
-(
-  nssSession *s
-)
-{
-    return s->isRW;
-}
-
diff --git a/security/nss/lib/dev/devt.h b/security/nss/lib/dev/devt.h
deleted file mode 100644
index 10a7978c3..000000000
--- a/security/nss/lib/dev/devt.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVT_H
-#define DEVT_H
-
-#ifdef DEBUG
-static const char DEVT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * devt.h
- *
- * This file contains definitions for the low-level cryptoki devices.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifdef NSS_3_4_CODE
-#include "secmodt.h"
-#endif /* NSS_3_4_CODE */
-
-PR_BEGIN_EXTERN_C
-
-typedef struct nssSessionStr nssSession;
-
-/* XXX until NSSTokenStr is moved */
-struct nssDeviceBaseStr
-{
-  NSSArena *arena;
-  PZLock *lock;
-  PRInt32 refCount;
-  NSSUTF8 *name;
-  PRUint32 flags;
-};
-
-typedef struct nssTokenObjectCacheStr nssTokenObjectCache;
-
-/* XXX until devobject.c goes away */
-struct NSSTokenStr
-{
-    struct nssDeviceBaseStr base;
-    NSSSlot *slot;  /* Parent (or peer, if you will) */
-    CK_FLAGS ckFlags; /* from CK_TOKEN_INFO.flags */
-    PRUint32 flags;
-    void *epv;
-    nssSession *defaultSession;
-    NSSTrustDomain *trustDomain;
-    PRIntervalTime lastTime;
-    nssTokenObjectCache *cache;
-#ifdef NSS_3_4_CODE
-    PK11SlotInfo *pk11slot;
-#endif
-};
-
-typedef enum {
-  nssSlotAskPasswordTimes_FirstTime = 0,
-  nssSlotAskPasswordTimes_EveryTime = 1,
-  nssSlotAskPasswordTimes_Timeout = 2
-} 
-nssSlotAskPasswordTimes;
-
-struct nssSlotAuthInfoStr
-{
-  PRTime lastLogin;
-  nssSlotAskPasswordTimes askTimes;
-  PRIntervalTime askPasswordTimeout;
-};
-
-struct NSSSlotStr
-{
-  struct nssDeviceBaseStr base;
-  NSSModule *module; /* Parent */
-  NSSToken *token;  /* Peer */
-  CK_SLOT_ID slotID;
-  CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */
-  struct nssSlotAuthInfoStr authInfo;
-  PRIntervalTime lastTokenPing;
-#ifdef NSS_3_4_CODE
-  void *epv;
-  PK11SlotInfo *pk11slot;
-#endif
-};
-
-struct nssSessionStr
-{
-  PZLock *lock;
-  CK_SESSION_HANDLE handle;
-  NSSSlot *slot;
-  PRBool isRW;
-};
-
-typedef enum {
-    NSSCertificateType_Unknown = 0,
-    NSSCertificateType_PKIX = 1
-} NSSCertificateType;
-
-#ifdef nodef
-/* the current definition of NSSTrust depends on this value being CK_ULONG */
-typedef CK_ULONG nssTrustLevel;
-#else
-typedef enum {
-    nssTrustLevel_Unknown = 0,
-    nssTrustLevel_NotTrusted = 1,
-    nssTrustLevel_Trusted = 2,
-    nssTrustLevel_TrustedDelegator = 3,
-    nssTrustLevel_Valid = 4,
-    nssTrustLevel_ValidDelegator = 5
-} nssTrustLevel;
-#endif
-
-typedef struct nssCryptokiInstanceStr nssCryptokiInstance;
-
-struct nssCryptokiInstanceStr
-{
-    CK_OBJECT_HANDLE handle;
-    NSSToken *token;
-    PRBool isTokenObject;
-    NSSUTF8 *label;
-};
-
-typedef struct nssCryptokiInstanceStr nssCryptokiObject;
-
-typedef struct nssTokenCertSearchStr nssTokenCertSearch;
-
-typedef enum {
-    nssTokenSearchType_AllObjects = 0,
-    nssTokenSearchType_SessionOnly = 1,
-    nssTokenSearchType_TokenOnly = 2,
-    nssTokenSearchType_TokenForced = 3
-} nssTokenSearchType;
-
-struct nssTokenCertSearchStr
-{
-    nssTokenSearchType searchType;
-    PRStatus (* callback)(NSSCertificate *c, void *arg);
-    void *cbarg;
-    nssList *cached;
-    /* TODO: add a cache query callback if the list would be large 
-     *       (traversal) 
-     */
-};
-
-struct nssSlotListStr;
-typedef struct nssSlotListStr nssSlotList;
-
-struct NSSAlgorithmAndParametersStr
-{
-    CK_MECHANISM mechanism;
-};
-
-PR_END_EXTERN_C
-
-#endif /* DEVT_H */
diff --git a/security/nss/lib/dev/devtm.h b/security/nss/lib/dev/devtm.h
deleted file mode 100644
index 5e48c5d80..000000000
--- a/security/nss/lib/dev/devtm.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVTM_H
-#define DEVTM_H
-
-#ifdef DEBUG
-static const char DEVTM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * devtm.h
- *
- * This file contains module-private definitions for the low-level 
- * cryptoki devices.
- */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-#define MAX_LOCAL_CACHE_OBJECTS 10
-
-PR_END_EXTERN_C
-
-#endif /* DEVTM_H */
diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c
deleted file mode 100644
index a43ed43f4..000000000
--- a/security/nss/lib/dev/devtoken.c
+++ /dev/null
@@ -1,1664 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifdef NSS_3_4_CODE
-#include "pk11func.h"
-#include "dev3hack.h"
-#endif
-
-/* The number of object handles to grab during each call to C_FindObjects */
-#define OBJECT_STACK_SIZE 16
-
-#ifdef PURE_STAN_BUILD
-struct NSSTokenStr
-{
-  struct nssDeviceBaseStr base;
-  NSSSlot *slot;  /* Peer */
-  CK_FLAGS ckFlags; /* from CK_TOKEN_INFO.flags */
-  nssSession *defaultSession;
-  nssTokenObjectCache *cache;
-};
-
-NSS_IMPLEMENT NSSToken *
-nssToken_Create
-(
-  CK_SLOT_ID slotID,
-  NSSSlot *peer
-)
-{
-    NSSArena *arena;
-    NSSToken *rvToken;
-    nssSession *session = NULL;
-    NSSUTF8 *tokenName = NULL;
-    PRUint32 length;
-    PRBool readWrite;
-    CK_TOKEN_INFO tokenInfo;
-    CK_RV ckrv;
-    void *epv = nssSlot_GetCryptokiEPV(peer);
-    arena = NSSArena_Create();
-    if(!arena) {
-	return (NSSToken *)NULL;
-    }
-    rvToken = nss_ZNEW(arena, NSSToken);
-    if (!rvToken) {
-	goto loser;
-    }
-    /* Get token information */
-    ckrv = CKAPI(epv)->C_GetTokenInfo(slotID, &tokenInfo);
-    if (ckrv != CKR_OK) {
-	/* set an error here, eh? */
-	goto loser;
-    }
-    /* Grab the slot description from the PKCS#11 fixed-length buffer */
-    length = nssPKCS11String_Length(tokenInfo.label, sizeof(tokenInfo.label));
-    if (length > 0) {
-	tokenName = nssUTF8_Create(arena, nssStringType_UTF8String, 
-	                           (void *)tokenInfo.label, length);
-	if (!tokenName) {
-	    goto loser;
-	}
-    }
-    /* Open a default session handle for the token. */
-    if (tokenInfo.ulMaxSessionCount == 1) {
-	/* if the token can only handle one session, it must be RW. */
-	readWrite = PR_TRUE;
-    } else {
-	readWrite = PR_FALSE;
-    }
-    session = nssSlot_CreateSession(peer, arena, readWrite);
-    if (session == NULL) {
-	goto loser;
-    }
-    /* TODO: seed the RNG here */
-    rvToken->base.arena = arena;
-    rvToken->base.refCount = 1;
-    rvToken->base.name = tokenName;
-    rvToken->base.lock = PZ_NewLock(nssNSSILockOther); /* XXX */
-    if (!rvToken->base.lock) {
-	goto loser;
-    }
-    rvToken->slot = peer; /* slot owns ref to token */
-    rvToken->ckFlags = tokenInfo.flags;
-    rvToken->defaultSession = session;
-    if (nssSlot_IsHardware(peer)) {
-	rvToken->cache = nssTokenObjectCache_Create(rvToken, 
-	                                            PR_TRUE, PR_TRUE, PR_TRUE);
-	if (!rvToken->cache) {
-	    nssSlot_Destroy(peer);
-	    goto loser;
-	}
-    }
-    return rvToken;
-loser:
-    if (session) {
-	nssSession_Destroy(session);
-    }
-    nssArena_Destroy(arena);
-    return (NSSToken *)NULL;
-}
-#endif /* PURE_STAN_BUILD */
-
-NSS_IMPLEMENT PRStatus
-nssToken_Destroy
-(
-  NSSToken *tok
-)
-{
-    if (tok) {
-	PR_AtomicDecrement(&tok->base.refCount);
-	if (tok->base.refCount == 0) {
-	    PZ_DestroyLock(tok->base.lock);
-	    nssTokenObjectCache_Destroy(tok->cache);
-	    return nssArena_Destroy(tok->base.arena);
-	}
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssToken_Remove
-(
-  NSSToken *tok
-)
-{
-    nssTokenObjectCache_Clear(tok->cache);
-}
-
-NSS_IMPLEMENT void
-NSSToken_Destroy
-(
-  NSSToken *tok
-)
-{
-    (void)nssToken_Destroy(tok);
-}
-
-NSS_IMPLEMENT NSSToken *
-nssToken_AddRef
-(
-  NSSToken *tok
-)
-{
-    PR_AtomicIncrement(&tok->base.refCount);
-    return tok;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssToken_GetSlot
-(
-  NSSToken *tok
-)
-{
-    return nssSlot_AddRef(tok->slot);
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT NSSModule *
-nssToken_GetModule
-(
-  NSSToken *token
-)
-{
-    return nssSlot_GetModule(token->slot);
-}
-#endif
-
-NSS_IMPLEMENT void *
-nssToken_GetCryptokiEPV
-(
-  NSSToken *token
-)
-{
-    return nssSlot_GetCryptokiEPV(token->slot);
-}
-
-NSS_IMPLEMENT nssSession *
-nssToken_GetDefaultSession
-(
-  NSSToken *token
-)
-{
-    return token->defaultSession;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssToken_GetName
-(
-  NSSToken *tok
-)
-{
-    if (tok == NULL) {
-	return "";
-    }
-    if (tok->base.name[0] == 0) {
-	(void) nssSlot_IsTokenPresent(tok->slot);
-    } 
-    return tok->base.name;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSToken_GetName
-(
-  NSSToken *token
-)
-{
-    return nssToken_GetName(token);
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_IsLoginRequired
-(
-  NSSToken *token
-)
-{
-    return (token->ckFlags & CKF_LOGIN_REQUIRED);
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_NeedsPINInitialization
-(
-  NSSToken *token
-)
-{
-    return (!(token->ckFlags & CKF_USER_PIN_INITIALIZED));
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_DeleteStoredObject
-(
-  nssCryptokiObject *instance
-)
-{
-    CK_RV ckrv;
-    PRStatus status;
-    PRBool createdSession = PR_FALSE;
-    NSSToken *token = instance->token;
-    nssSession *session = NULL;
-    void *epv = nssToken_GetCryptokiEPV(instance->token);
-    if (token->cache) {
-	nssTokenObjectCache_RemoveObject(token->cache, instance);
-    }
-    if (instance->isTokenObject) {
-       if (nssSession_IsReadWrite(token->defaultSession)) {
-	   session = token->defaultSession;
-       } else {
-	   session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
-	   createdSession = PR_TRUE;
-       }
-    }
-    if (session == NULL) {
-	return PR_FAILURE;
-    }
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_DestroyObject(session->handle, instance->handle);
-    nssSession_ExitMonitor(session);
-    if (createdSession) {
-	nssSession_Destroy(session);
-    }
-    status = (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-    return status;
-}
-
-static nssCryptokiObject *
-import_object
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  CK_ATTRIBUTE_PTR objectTemplate,
-  CK_ULONG otsize
-)
-{
-    nssSession *session = NULL;
-    PRBool createdSession = PR_FALSE;
-    nssCryptokiObject *object = NULL;
-    CK_OBJECT_HANDLE handle;
-    CK_RV ckrv;
-    void *epv = nssToken_GetCryptokiEPV(tok);
-    if (nssCKObject_IsTokenObjectTemplate(objectTemplate, otsize)) {
-	if (sessionOpt) {
-	    if (!nssSession_IsReadWrite(sessionOpt)) {
-		return CK_INVALID_HANDLE;
-	    } else {
-		session = sessionOpt;
-	    }
-	} else if (nssSession_IsReadWrite(tok->defaultSession)) {
-	    session = tok->defaultSession;
-	} else {
-	    session = nssSlot_CreateSession(tok->slot, NULL, PR_TRUE);
-	    createdSession = PR_TRUE;
-	}
-    } else {
-	session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-    }
-    if (session == NULL) {
-	return CK_INVALID_HANDLE;
-    }
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_CreateObject(session->handle, 
-                                      objectTemplate, otsize,
-                                      &handle);
-    nssSession_ExitMonitor(session);
-    if (ckrv == CKR_OK) {
-	object = nssCryptokiObject_Create(tok, session, handle);
-    }
-    if (createdSession) {
-	nssSession_Destroy(session);
-    }
-    return object;
-}
-
-static nssCryptokiObject **
-create_objects_from_handles
-(
-  NSSToken *tok,
-  nssSession *session,
-  CK_OBJECT_HANDLE *handles,
-  PRUint32 numH
-)
-{
-    nssCryptokiObject **objects;
-    objects = nss_ZNEWARRAY(NULL, nssCryptokiObject *, numH + 1);
-    if (objects) {
-	PRInt32 i;
-	for (i=0; i<(PRInt32)numH; i++) {
-	    objects[i] = nssCryptokiObject_Create(tok, session, handles[i]);
-	    if (!objects[i]) {
-		for (--i; i>0; --i) {
-		    nssCryptokiObject_Destroy(objects[i]);
-		}
-		return (nssCryptokiObject **)NULL;
-	    }
-	}
-    }
-    return objects;
-}
-
-static nssCryptokiObject **
-find_objects
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  CK_ATTRIBUTE_PTR obj_template,
-  CK_ULONG otsize,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_RV ckrv;
-    CK_ULONG count;
-    CK_OBJECT_HANDLE *objectHandles;
-    PRUint32 arraySize, numHandles;
-    void *epv = nssToken_GetCryptokiEPV(tok);
-    nssCryptokiObject **objects;
-    NSSArena *arena;
-    nssSession *session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-    /* the arena is only for the array of object handles */
-    arena = nssArena_Create();
-    if (!arena) {
-	if (statusOpt) *statusOpt = PR_FAILURE;
-	return (nssCryptokiObject **)NULL;
-    }
-    if (maximumOpt > 0) {
-	arraySize = maximumOpt;
-    } else {
-	arraySize = OBJECT_STACK_SIZE;
-    }
-    numHandles = 0;
-    objectHandles = nss_ZNEWARRAY(arena, CK_OBJECT_HANDLE, arraySize);
-    if (!objectHandles) {
-	goto loser;
-    }
-    nssSession_EnterMonitor(session); /* ==== session lock === */
-    /* Initialize the find with the template */
-    ckrv = CKAPI(epv)->C_FindObjectsInit(session->handle, 
-                                         obj_template, otsize);
-    if (ckrv != CKR_OK) {
-	nssSession_ExitMonitor(session);
-	goto loser;
-    }
-    while (PR_TRUE) {
-	/* Issue the find for up to arraySize - numHandles objects */
-	ckrv = CKAPI(epv)->C_FindObjects(session->handle, 
-	                                 objectHandles + numHandles, 
-	                                 arraySize - numHandles, 
-	                                 &count);
-	if (ckrv != CKR_OK) {
-	    nssSession_ExitMonitor(session);
-	    goto loser;
-	}
-	/* bump the number of found objects */
-	numHandles += count;
-	if (maximumOpt > 0 || numHandles < arraySize) {
-	    /* When a maximum is provided, the search is done all at once,
-	     * so the search is finished.  If the number returned was less 
-	     * than the number sought, the search is finished.
-	     */
-	    break;
-	}
-	/* the array is filled, double it and continue */
-	arraySize *= 2;
-	objectHandles = nss_ZREALLOCARRAY(objectHandles, 
-	                                  CK_OBJECT_HANDLE, 
-	                                  arraySize);
-	if (!objectHandles) {
-	    nssSession_ExitMonitor(session);
-	    goto loser;
-	}
-    }
-    ckrv = CKAPI(epv)->C_FindObjectsFinal(session->handle);
-    nssSession_ExitMonitor(session); /* ==== end session lock === */
-    if (ckrv != CKR_OK) {
-	goto loser;
-    }
-    if (numHandles > 0) {
-	objects = create_objects_from_handles(tok, session,
-	                                      objectHandles, numHandles);
-    } else {
-	objects = NULL;
-    }
-    nssArena_Destroy(arena);
-    if (statusOpt) *statusOpt = PR_SUCCESS;
-    return objects;
-loser:
-    nssArena_Destroy(arena);
-    if (statusOpt) *statusOpt = PR_FAILURE;
-    return (nssCryptokiObject **)NULL;
-}
-
-static nssCryptokiObject **
-find_objects_by_template
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  CK_ATTRIBUTE_PTR obj_template,
-  CK_ULONG otsize,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_OBJECT_CLASS objclass;
-    nssCryptokiObject **objects = NULL;
-    PRUint32 i;
-    for (i=0; i<otsize; i++) {
-	if (obj_template[i].type == CKA_CLASS) {
-	    objclass = *(CK_OBJECT_CLASS *)obj_template[i].pValue;
-	    break;
-	}
-    }
-    PR_ASSERT(i < otsize);
-    /* If these objects are being cached, try looking there first */
-    if (token->cache && 
-        nssTokenObjectCache_HaveObjectClass(token->cache, objclass)) 
-    {
-	PRStatus status;
-	objects = nssTokenObjectCache_FindObjectsByTemplate(token->cache,
-	                                                    objclass,
-	                                                    obj_template,
-	                                                    otsize,
-	                                                    maximumOpt,
-	                                                    &status);
-	if (status == PR_SUCCESS) {
-	    if (statusOpt) *statusOpt = status;
-	    return objects;
-	}
-    }
-    /* Either they are not cached, or cache failed; look on token. */
-    objects = find_objects(token, sessionOpt, 
-                           obj_template, otsize, 
-                           maximumOpt, statusOpt);
-    return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportCertificate
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSCertificateType certType,
-  NSSItem *id,
-  NSSUTF8 *nickname,
-  NSSDER *encoding,
-  NSSDER *issuer,
-  NSSDER *subject,
-  NSSDER *serial,
-  NSSASCII7 *email,
-  PRBool asTokenObject
-)
-{
-    CK_CERTIFICATE_TYPE cert_type;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE cert_tmpl[10];
-    CK_ULONG ctsize;
-    nssTokenSearchType searchType;
-    nssCryptokiObject *rvObject = NULL;
-
-    if (certType == NSSCertificateType_PKIX) {
-	cert_type = CKC_X_509;
-    } else {
-	return (nssCryptokiObject *)NULL;
-    }
-    NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
-    if (asTokenObject) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-	searchType = nssTokenSearchType_TokenOnly;
-    } else {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-	searchType = nssTokenSearchType_SessionOnly;
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS,            &g_ck_class_cert);
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CERTIFICATE_TYPE,  cert_type);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID,                id);
-    NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL,             nickname);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE,             encoding);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER,            issuer);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT,           subject);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER,     serial);
-    if (email) {
-	NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NETSCAPE_EMAIL,    email);
-    }
-    NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
-    /* see if the cert is already there */
-    rvObject = nssToken_FindCertificateByIssuerAndSerialNumber(tok,
-                                                               sessionOpt,
-                                                               issuer,
-                                                               serial,
-                                                               searchType,
-                                                               NULL);
-    if (rvObject) {
-	NSSSlot *slot = nssToken_GetSlot(tok);
-	nssSession *session = nssSlot_CreateSession(slot, NULL, PR_TRUE);
-	if (!session) {
-	    nssCryptokiObject_Destroy(rvObject);
-	    return (nssCryptokiObject *)NULL;
-	}
-	/* according to PKCS#11, label, ID, issuer, and serial number 
-	 * may change after the object has been created.  For PKIX, the
-	 * last two attributes can't change, so for now we'll only worry
-	 * about the first two.
-	 */
-	NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize);
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID,    id);
-	NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname);
-	NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize);
-	/* reset the mutable attributes on the token */
-	nssCKObject_SetAttributes(rvObject->handle, 
-	                          cert_tmpl, ctsize,
-	                          session, slot);
-	if (!rvObject->label && nickname) {
-	    rvObject->label = nssUTF8_Duplicate(nickname, NULL);
-	}
-	nssSession_Destroy(session);
-	nssSlot_Destroy(slot);
-    } else {
-	/* Import the certificate onto the token */
-	rvObject = import_object(tok, sessionOpt, cert_tmpl, ctsize);
-    }
-    if (rvObject && tok->cache) {
-	/* The cache will overwrite the attributes if the object already
-	 * exists.
-	 */
-	nssTokenObjectCache_ImportObject(tok->cache, rvObject,
-	                                 CKO_CERTIFICATE,
-	                                 cert_tmpl, ctsize);
-    }
-    return rvObject;
-}
-
-/* traverse all certificates - this should only happen if the token
- * has been marked as "traversable"
- */
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificates
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE cert_template[2];
-    CK_ULONG ctsize;
-    nssCryptokiObject **objects;
-    NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly ||
-               searchType == nssTokenSearchType_TokenForced) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
-
-    if (searchType == nssTokenSearchType_TokenForced) {
-	objects = find_objects(token, sessionOpt,
-	                       cert_template, ctsize,
-	                       maximumOpt, statusOpt);
-    } else {
-	objects = find_objects_by_template(token, sessionOpt,
-	                                   cert_template, ctsize,
-	                                   maximumOpt, statusOpt);
-    }
-    return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesBySubject
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *subject,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE subj_template[3];
-    CK_ULONG stsize;
-    nssCryptokiObject **objects;
-    NSS_CK_TEMPLATE_START(subj_template, attr, stsize);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
-    NSS_CK_TEMPLATE_FINISH(subj_template, attr, stsize);
-    /* now locate the token certs matching this template */
-    objects = find_objects_by_template(token, sessionOpt,
-                                       subj_template, stsize,
-                                       maximumOpt, statusOpt);
-    return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByNickname
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSUTF8 *name,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE nick_template[3];
-    CK_ULONG ntsize;
-    nssCryptokiObject **objects;
-    NSS_CK_TEMPLATE_START(nick_template, attr, ntsize);
-    NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, name);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_TEMPLATE_FINISH(nick_template, attr, ntsize);
-    /* now locate the token certs matching this template */
-    objects = find_objects_by_template(token, sessionOpt,
-                                       nick_template, ntsize, 
-                                       maximumOpt, statusOpt);
-    if (!objects) {
-	/* This is to workaround the fact that PKCS#11 doesn't specify
-	 * whether the '\0' should be included.  XXX Is that still true?
-	 * im - this is not needed by the current softoken.  However, I'm 
-	 * leaving it in until I have surveyed more tokens to see if it needed.
-	 * well, its needed by the builtin token...
-	 */
-	nick_template[0].ulValueLen++;
-	objects = find_objects_by_template(token, sessionOpt,
-	                                   nick_template, ntsize, 
-	                                   maximumOpt, statusOpt);
-    }
-    return objects;
-}
-
-/* XXX
- * This function *does not* use the token object cache, because not even
- * the softoken will return a value for CKA_NETSCAPE_EMAIL from a call
- * to GetAttributes.  The softoken does allow searches with that attribute,
- * it just won't return a value for it.
- */
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByEmail
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSASCII7 *email,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE email_template[3];
-    CK_ULONG etsize;
-    nssCryptokiObject **objects;
-    NSS_CK_TEMPLATE_START(email_template, attr, etsize);
-    NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NETSCAPE_EMAIL, email);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_TEMPLATE_FINISH(email_template, attr, etsize);
-    /* now locate the token certs matching this template */
-    objects = find_objects(token, sessionOpt,
-                           email_template, etsize,
-                           maximumOpt, statusOpt);
-    if (!objects) {
-	/* This is to workaround the fact that PKCS#11 doesn't specify
-	 * whether the '\0' should be included.  XXX Is that still true?
-	 * im - this is not needed by the current softoken.  However, I'm 
-	 * leaving it in until I have surveyed more tokens to see if it needed.
-	 * well, its needed by the builtin token...
-	 */
-	email_template[0].ulValueLen++;
-	objects = find_objects(token, sessionOpt,
-	                       email_template, etsize,
-	                       maximumOpt, statusOpt);
-    }
-    return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCertificatesByID
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSItem *id,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE id_template[3];
-    CK_ULONG idtsize;
-    nssCryptokiObject **objects;
-    NSS_CK_TEMPLATE_START(id_template, attr, idtsize);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_TEMPLATE_FINISH(id_template, attr, idtsize);
-    /* now locate the token certs matching this template */
-    objects = find_objects_by_template(token, sessionOpt,
-                                       id_template, idtsize,
-                                       maximumOpt, statusOpt);
-    return objects;
-}
-
-/*
- * decode the serial item and return our result.
- * NOTE serialDecode's data is really stored in serial. Don't free it.
- */
-static PRStatus
-nssToken_decodeSerialItem(NSSItem *serial, NSSItem *serialDecode)
-{
-    unsigned char *data = (unsigned char *)serial->data;
-    int data_left, data_len, index;
-
-    if ((serial->size >= 3) && (data[0] == 0x2)) {
-	/* remove the der encoding of the serial number before generating the
-	 * key.. */
-	data_left = serial->size-2;
-	data_len = data[1];
-	index = 2;
-
-	/* extended length ? (not very likely for a serial number) */
-	if (data_len & 0x80) {
-	    int len_count = data_len & 0x7f;
-
-	    data_len = 0;
-	    data_left -= len_count;
-	    if (data_left > 0) {
-		while (len_count --) {
-		    data_len = (data_len << 8) | data[index++];
-		}
-	    } 
-	}
-	/* XXX leaving any leading zeros on the serial number for backwards
-	 * compatibility
-	 */
-	/* not a valid der, must be just an unlucky serial number value */
-	if (data_len == data_left) {
-	    serialDecode->size = data_len;
-	    serialDecode->data = &data[index];
-	    return PR_SUCCESS;
-	}
-    }
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindCertificateByIssuerAndSerialNumber
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *issuer,
-  NSSDER *serial,
-  nssTokenSearchType searchType,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE_PTR serialAttr;
-    CK_ATTRIBUTE cert_template[4];
-    CK_ULONG ctsize;
-    nssCryptokiObject **objects;
-    nssCryptokiObject *rvObject = NULL;
-    NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    /* Set the unique id */
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS,         &g_ck_class_cert);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER,         issuer);
-    serialAttr = attr;
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER,  serial);
-    NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
-    /* get the object handle */
-    objects = find_objects_by_template(token, sessionOpt,
-                                       cert_template, ctsize,
-                                       1, statusOpt);
-    if (objects) {
-	rvObject = objects[0];
-	nss_ZFreeIf(objects);
-    }
-
-    /*
-     * NSS used to incorrectly store serial numbers in their decoded form.
-     * because of this old tokens have decoded serial numbers.
-     */
-    if (!objects) {
-	NSSItem serialDecode;
-	PRStatus status;
-
-	status = nssToken_decodeSerialItem(serial, &serialDecode);
-	if (status != PR_SUCCESS) {
-	    return NULL;
-	}
-    	NSS_CK_SET_ATTRIBUTE_ITEM(serialAttr,CKA_SERIAL_NUMBER,&serialDecode);
-	objects = find_objects_by_template(token, sessionOpt,
-                                       cert_template, ctsize,
-                                       1, statusOpt);
-	if (objects) {
-	    rvObject = objects[0];
-	    nss_ZFreeIf(objects);
-	}
-    }
-    return rvObject;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindCertificateByEncodedCertificate
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSBER *encodedCertificate,
-  nssTokenSearchType searchType,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE cert_template[3];
-    CK_ULONG ctsize;
-    nssCryptokiObject **objects;
-    nssCryptokiObject *rvObject = NULL;
-    NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
-    /* Set the search to token/session only if provided */
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE, encodedCertificate);
-    NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
-    /* get the object handle */
-    objects = find_objects_by_template(token, sessionOpt,
-                                       cert_template, ctsize,
-                                       1, statusOpt);
-    if (objects) {
-	rvObject = objects[0];
-	nss_ZFreeIf(objects);
-    }
-    return rvObject;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindPrivateKeys
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE key_template[2];
-    CK_ULONG ktsize;
-    nssCryptokiObject **objects;
-
-    NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_privkey);
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
-
-    objects = find_objects_by_template(token, sessionOpt,
-                                       key_template, ktsize, 
-                                       maximumOpt, statusOpt);
-    return objects;
-}
-
-/* XXX ?there are no session cert objects, so only search token objects */
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindPrivateKeyByID
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSItem *keyID
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE key_template[3];
-    CK_ULONG ktsize;
-    nssCryptokiObject **objects;
-    nssCryptokiObject *rvKey = NULL;
-
-    NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_privkey);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, keyID);
-    NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
-
-    objects = find_objects_by_template(token, sessionOpt,
-                                       key_template, ktsize, 
-                                       1, NULL);
-    if (objects) {
-	rvKey = objects[0];
-	nss_ZFreeIf(objects);
-    }
-    return rvKey;
-}
-
-/* XXX ?there are no session cert objects, so only search token objects */
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindPublicKeyByID
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSItem *keyID
-)
-{
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE key_template[3];
-    CK_ULONG ktsize;
-    nssCryptokiObject **objects;
-    nssCryptokiObject *rvKey = NULL;
-
-    NSS_CK_TEMPLATE_START(key_template, attr, ktsize);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_pubkey);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, keyID);
-    NSS_CK_TEMPLATE_FINISH(key_template, attr, ktsize);
-
-    objects = find_objects_by_template(token, sessionOpt,
-                                       key_template, ktsize, 
-                                       1, NULL);
-    if (objects) {
-	rvKey = objects[0];
-	nss_ZFreeIf(objects);
-    }
-    return rvKey;
-}
-
-static void
-sha1_hash(NSSItem *input, NSSItem *output)
-{
-    NSSAlgorithmAndParameters *ap;
-#ifdef NSS_3_4_CODE
-    PK11SlotInfo *internal = PK11_GetInternalSlot();
-    NSSToken *token = PK11Slot_GetNSSToken(internal);
-#else
-    NSSToken *token = nss_GetDefaultCryptoToken();
-#endif
-    ap = NSSAlgorithmAndParameters_CreateSHA1Digest(NULL);
-    (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
-#ifdef NSS_3_4_CODE
-    PK11_FreeSlot(token->pk11slot);
-#endif
-    nss_ZFreeIf(ap);
-}
-
-static void
-md5_hash(NSSItem *input, NSSItem *output)
-{
-    NSSAlgorithmAndParameters *ap;
-#ifdef NSS_3_4_CODE
-    PK11SlotInfo *internal = PK11_GetInternalSlot();
-    NSSToken *token = PK11Slot_GetNSSToken(internal);
-#else
-    NSSToken *token = nss_GetDefaultCryptoToken();
-#endif
-    ap = NSSAlgorithmAndParameters_CreateMD5Digest(NULL);
-    (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
-#ifdef NSS_3_4_CODE
-    PK11_FreeSlot(token->pk11slot);
-#endif
-    nss_ZFreeIf(ap);
-}
-
-static CK_TRUST
-get_ck_trust
-(
-  nssTrustLevel nssTrust
-)
-{
-    CK_TRUST t;
-    switch (nssTrust) {
-    case nssTrustLevel_Unknown: t = CKT_NETSCAPE_TRUST_UNKNOWN; break;
-    case nssTrustLevel_NotTrusted: t = CKT_NETSCAPE_UNTRUSTED; break;
-    case nssTrustLevel_TrustedDelegator: t = CKT_NETSCAPE_TRUSTED_DELEGATOR; 
-	break;
-    case nssTrustLevel_ValidDelegator: t = CKT_NETSCAPE_VALID_DELEGATOR; break;
-    case nssTrustLevel_Trusted: t = CKT_NETSCAPE_TRUSTED; break;
-    case nssTrustLevel_Valid: t = CKT_NETSCAPE_VALID; break;
-    }
-    return t;
-}
- 
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportTrust
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSDER *certEncoding,
-  NSSDER *certIssuer,
-  NSSDER *certSerial,
-  nssTrustLevel serverAuth,
-  nssTrustLevel clientAuth,
-  nssTrustLevel codeSigning,
-  nssTrustLevel emailProtection,
-  PRBool asTokenObject
-)
-{
-    nssCryptokiObject *object;
-    CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
-    CK_TRUST ckSA, ckCA, ckCS, ckEP;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE trust_tmpl[10];
-    CK_ULONG tsize;
-    PRUint8 sha1[20]; /* this is cheating... */
-    PRUint8 md5[16];
-    NSSItem sha1_result, md5_result;
-    sha1_result.data = sha1; sha1_result.size = sizeof sha1;
-    md5_result.data = md5; md5_result.size = sizeof md5;
-    sha1_hash(certEncoding, &sha1_result);
-    md5_hash(certEncoding, &md5_result);
-    ckSA = get_ck_trust(serverAuth);
-    ckCA = get_ck_trust(clientAuth);
-    ckCS = get_ck_trust(codeSigning);
-    ckEP = get_ck_trust(emailProtection);
-    NSS_CK_TEMPLATE_START(trust_tmpl, attr, tsize);
-    if (asTokenObject) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    } else {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    }
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS,           tobjc);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER,          certIssuer);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER,   certSerial);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH, &sha1_result);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_MD5_HASH,  &md5_result);
-    /* now set the trust values */
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_SERVER_AUTH,      ckSA);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH,      ckCA);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING,     ckCS);
-    NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, ckEP);
-    NSS_CK_TEMPLATE_FINISH(trust_tmpl, attr, tsize);
-    /* import the trust object onto the token */
-    object = import_object(tok, sessionOpt, trust_tmpl, tsize);
-    if (object && tok->cache) {
-	nssTokenObjectCache_ImportObject(tok->cache, object, tobjc,
-	                                 trust_tmpl, tsize);
-    }
-    return object;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindTrustObjects
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE tobj_template[2];
-    CK_ULONG tobj_size;
-    nssCryptokiObject **objects;
-    nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-
-    NSS_CK_TEMPLATE_START(tobj_template, attr, tobj_size);
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly ||
-               searchType == nssTokenSearchType_TokenForced) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, tobjc);
-    NSS_CK_TEMPLATE_FINISH(tobj_template, attr, tobj_size);
-
-    if (searchType == nssTokenSearchType_TokenForced) {
-	objects = find_objects(token, session,
-	                       tobj_template, tobj_size,
-	                       maximumOpt, statusOpt);
-    } else {
-	objects = find_objects_by_template(token, session,
-	                                   tobj_template, tobj_size,
-	                                   maximumOpt, statusOpt);
-    }
-    return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_FindTrustForCertificate
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *certEncoding,
-  NSSDER *certIssuer,
-  NSSDER *certSerial,
-  nssTokenSearchType searchType
-)
-{
-    CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE tobj_template[5];
-    CK_ULONG tobj_size;
-    PRUint8 sha1[20]; /* this is cheating... */
-    NSSItem sha1_result;
-    nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-    nssCryptokiObject *object, **objects;
-
-    sha1_result.data = sha1; sha1_result.size = sizeof sha1;
-    sha1_hash(certEncoding, &sha1_result);
-    NSS_CK_TEMPLATE_START(tobj_template, attr, tobj_size);
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS,          tobjc);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH, &sha1_result);
-#ifdef NSS_3_4_CODE
-    if (!PK11_HasRootCerts(token->pk11slot)) {
-#endif
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ISSUER,         certIssuer);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SERIAL_NUMBER , certSerial);
-#ifdef NSS_3_4_CODE
-    }
-    /*
-     * we need to arrange for the built-in token to lose the bottom 2 
-     * attributes so that old built-in tokens will continue to work.
-     */
-#endif
-    NSS_CK_TEMPLATE_FINISH(tobj_template, attr, tobj_size);
-    object = NULL;
-    objects = find_objects_by_template(token, session,
-                                       tobj_template, tobj_size,
-                                       1, NULL);
-    if (objects) {
-	object = objects[0];
-	nss_ZFreeIf(objects);
-    }
-    return object;
-}
- 
-NSS_IMPLEMENT nssCryptokiObject *
-nssToken_ImportCRL
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *subject,
-  NSSDER *encoding,
-  PRBool isKRL,
-  NSSUTF8 *url,
-  PRBool asTokenObject
-)
-{
-    nssCryptokiObject *object;
-    CK_OBJECT_CLASS crlobjc = CKO_NETSCAPE_CRL;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE crl_tmpl[6];
-    CK_ULONG crlsize;
-
-    NSS_CK_TEMPLATE_START(crl_tmpl, attr, crlsize);
-    if (asTokenObject) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    } else {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    }
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS,        crlobjc);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT,      subject);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_VALUE,        encoding);
-    NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_NETSCAPE_URL, url);
-    if (isKRL) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_NETSCAPE_KRL, &g_ck_true);
-    } else {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_NETSCAPE_KRL, &g_ck_false);
-    }
-    NSS_CK_TEMPLATE_FINISH(crl_tmpl, attr, crlsize);
-
-    /* import the crl object onto the token */
-    object = import_object(token, sessionOpt, crl_tmpl, crlsize);
-    if (object && token->cache) {
-	nssTokenObjectCache_ImportObject(token->cache, object, crlobjc,
-	                                 crl_tmpl, crlsize);
-    }
-    return object;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCRLs
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_OBJECT_CLASS crlobjc = CKO_NETSCAPE_CRL;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE crlobj_template[2];
-    CK_ULONG crlobj_size;
-    nssCryptokiObject **objects;
-    nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-
-    NSS_CK_TEMPLATE_START(crlobj_template, attr, crlobj_size);
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly ||
-               searchType == nssTokenSearchType_TokenForced) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, crlobjc);
-    NSS_CK_TEMPLATE_FINISH(crlobj_template, attr, crlobj_size);
-
-    if (searchType == nssTokenSearchType_TokenForced) {
-	objects = find_objects(token, session,
-	                       crlobj_template, crlobj_size,
-	                       maximumOpt, statusOpt);
-    } else {
-	objects = find_objects_by_template(token, session,
-	                                   crlobj_template, crlobj_size,
-	                                   maximumOpt, statusOpt);
-    }
-    return objects;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssToken_FindCRLsBySubject
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  NSSDER *subject,
-  nssTokenSearchType searchType,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    CK_OBJECT_CLASS crlobjc = CKO_NETSCAPE_CRL;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE crlobj_template[3];
-    CK_ULONG crlobj_size;
-    nssCryptokiObject **objects;
-    nssSession *session = sessionOpt ? sessionOpt : token->defaultSession;
-
-    NSS_CK_TEMPLATE_START(crlobj_template, attr, crlobj_size);
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly ||
-               searchType == nssTokenSearchType_TokenForced) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_VAR( attr, CKA_CLASS, crlobjc);
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_SUBJECT, subject);
-    NSS_CK_TEMPLATE_FINISH(crlobj_template, attr, crlobj_size);
-
-    objects = find_objects_by_template(token, session,
-                                       crlobj_template, crlobj_size,
-                                       maximumOpt, statusOpt);
-    return objects;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_GetCachedObjectAttributes
-(
-  NSSToken *token,
-  NSSArena *arenaOpt,
-  nssCryptokiObject *object,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR atemplate,
-  CK_ULONG atlen
-)
-{
-    if (!token->cache) {
-	return PR_FAILURE;
-    }
-    return nssTokenObjectCache_GetObjectAttributes(token->cache, arenaOpt,
-                                                   object, objclass,
-                                                   atemplate, atlen);
-}
-
-NSS_IMPLEMENT NSSItem *
-nssToken_Digest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSAlgorithmAndParameters *ap,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    CK_RV ckrv;
-    CK_ULONG digestLen;
-    CK_BYTE_PTR digest;
-    NSSItem *rvItem = NULL;
-    void *epv = nssToken_GetCryptokiEPV(tok);
-    nssSession *session;
-    session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_DigestInit(session->handle, &ap->mechanism);
-    if (ckrv != CKR_OK) {
-	nssSession_ExitMonitor(session);
-	return NULL;
-    }
-#if 0
-    /* XXX the standard says this should work, but it doesn't */
-    ckrv = CKAPI(epv)->C_Digest(session->handle, NULL, 0, NULL, &digestLen);
-    if (ckrv != CKR_OK) {
-	nssSession_ExitMonitor(session);
-	return NULL;
-    }
-#endif
-    digestLen = 0; /* XXX for now */
-    digest = NULL;
-    if (rvOpt) {
-	if (rvOpt->size > 0 && rvOpt->size < digestLen) {
-	    nssSession_ExitMonitor(session);
-	    /* the error should be bad args */
-	    return NULL;
-	}
-	if (rvOpt->data) {
-	    digest = rvOpt->data;
-	}
-	digestLen = rvOpt->size;
-    }
-    if (!digest) {
-	digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
-	if (!digest) {
-	    nssSession_ExitMonitor(session);
-	    return NULL;
-	}
-    }
-    ckrv = CKAPI(epv)->C_Digest(session->handle, 
-                                (CK_BYTE_PTR)data->data, 
-                                (CK_ULONG)data->size,
-                                (CK_BYTE_PTR)digest,
-                                &digestLen);
-    nssSession_ExitMonitor(session);
-    if (ckrv != CKR_OK) {
-	nss_ZFreeIf(digest);
-	return NULL;
-    }
-    if (!rvOpt) {
-	rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
-    }
-    return rvItem;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_BeginDigest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSAlgorithmAndParameters *ap
-)
-{
-    CK_RV ckrv;
-    nssSession *session;
-    void *epv = nssToken_GetCryptokiEPV(tok);
-    session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_DigestInit(session->handle, &ap->mechanism);
-    nssSession_ExitMonitor(session);
-    return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_ContinueDigest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSItem *item
-)
-{
-    CK_RV ckrv;
-    nssSession *session;
-    void *epv = nssToken_GetCryptokiEPV(tok);
-    session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_DigestUpdate(session->handle, 
-                                      (CK_BYTE_PTR)item->data, 
-                                      (CK_ULONG)item->size);
-    nssSession_ExitMonitor(session);
-    return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssToken_FinishDigest
-(
-  NSSToken *tok,
-  nssSession *sessionOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    CK_RV ckrv;
-    CK_ULONG digestLen;
-    CK_BYTE_PTR digest;
-    NSSItem *rvItem = NULL;
-    void *epv = nssToken_GetCryptokiEPV(tok);
-    nssSession *session;
-    session = (sessionOpt) ? sessionOpt : tok->defaultSession;
-    nssSession_EnterMonitor(session);
-    ckrv = CKAPI(epv)->C_DigestFinal(session->handle, NULL, &digestLen);
-    if (ckrv != CKR_OK || digestLen == 0) {
-	nssSession_ExitMonitor(session);
-	return NULL;
-    }
-    digest = NULL;
-    if (rvOpt) {
-	if (rvOpt->size > 0 && rvOpt->size < digestLen) {
-	    nssSession_ExitMonitor(session);
-	    /* the error should be bad args */
-	    return NULL;
-	}
-	if (rvOpt->data) {
-	    digest = rvOpt->data;
-	}
-	digestLen = rvOpt->size;
-    }
-    if (!digest) {
-	digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
-	if (!digest) {
-	    nssSession_ExitMonitor(session);
-	    return NULL;
-	}
-    }
-    ckrv = CKAPI(epv)->C_DigestFinal(session->handle, digest, &digestLen);
-    nssSession_ExitMonitor(session);
-    if (ckrv != CKR_OK) {
-	nss_ZFreeIf(digest);
-	return NULL;
-    }
-    if (!rvOpt) {
-	rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
-    }
-    return rvItem;
-}
-
-NSS_IMPLEMENT PRBool
-nssToken_IsPresent
-(
-  NSSToken *token
-)
-{
-    return nssSlot_IsTokenPresent(token->slot);
-}
-
-/* Sigh.  The methods to find objects declared above cause problems with
- * the low-level object cache in the softoken -- the objects are found in 
- * toto, then one wave of GetAttributes is done, then another.  Having a 
- * large number of objects causes the cache to be thrashed, as the objects 
- * are gone before there's any chance to ask for their attributes.
- * So, for now, bringing back traversal methods for certs.  This way all of 
- * the cert's attributes can be grabbed immediately after finding it,
- * increasing the likelihood that the cache takes care of it.
- */
-NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificates
-(
-  NSSToken *token,
-  nssSession *sessionOpt,
-  nssTokenSearchType searchType,
-  PRStatus (* callback)(nssCryptokiObject *instance, void *arg),
-  void *arg
-)
-{
-    CK_RV ckrv;
-    CK_ULONG count;
-    CK_OBJECT_HANDLE *objectHandles;
-    CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE cert_template[2];
-    CK_ULONG ctsize;
-    NSSArena *arena;
-    PRStatus status;
-    PRUint32 arraySize, numHandles;
-    nssCryptokiObject **objects;
-    void *epv = nssToken_GetCryptokiEPV(token);
-    nssSession *session = (sessionOpt) ? sessionOpt : token->defaultSession;
-
-    /* template for all certs */
-    NSS_CK_TEMPLATE_START(cert_template, attr, ctsize);
-    if (searchType == nssTokenSearchType_SessionOnly) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_false);
-    } else if (searchType == nssTokenSearchType_TokenOnly ||
-               searchType == nssTokenSearchType_TokenForced) {
-	NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_TOKEN, &g_ck_true);
-    }
-    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CLASS, &g_ck_class_cert);
-    NSS_CK_TEMPLATE_FINISH(cert_template, attr, ctsize);
-
-    /* the arena is only for the array of object handles */
-    arena = nssArena_Create();
-    if (!arena) {
-	return PR_FAILURE;
-    }
-    arraySize = OBJECT_STACK_SIZE;
-    numHandles = 0;
-    objectHandles = nss_ZNEWARRAY(arena, CK_OBJECT_HANDLE, arraySize);
-    if (!objectHandles) {
-	goto loser;
-    }
-    nssSession_EnterMonitor(session); /* ==== session lock === */
-    /* Initialize the find with the template */
-    ckrv = CKAPI(epv)->C_FindObjectsInit(session->handle, 
-                                         cert_template, ctsize);
-    if (ckrv != CKR_OK) {
-	nssSession_ExitMonitor(session);
-	goto loser;
-    }
-    while (PR_TRUE) {
-	/* Issue the find for up to arraySize - numHandles objects */
-	ckrv = CKAPI(epv)->C_FindObjects(session->handle, 
-	                                 objectHandles + numHandles, 
-	                                 arraySize - numHandles, 
-	                                 &count);
-	if (ckrv != CKR_OK) {
-	    nssSession_ExitMonitor(session);
-	    goto loser;
-	}
-	/* bump the number of found objects */
-	numHandles += count;
-	if (numHandles < arraySize) {
-	    break;
-	}
-	/* the array is filled, double it and continue */
-	arraySize *= 2;
-	objectHandles = nss_ZREALLOCARRAY(objectHandles, 
-	                                  CK_OBJECT_HANDLE, 
-	                                  arraySize);
-	if (!objectHandles) {
-	    nssSession_ExitMonitor(session);
-	    goto loser;
-	}
-    }
-    ckrv = CKAPI(epv)->C_FindObjectsFinal(session->handle);
-    nssSession_ExitMonitor(session); /* ==== end session lock === */
-    if (ckrv != CKR_OK) {
-	goto loser;
-    }
-    if (numHandles > 0) {
-	objects = create_objects_from_handles(token, session,
-	                                      objectHandles, numHandles);
-	if (objects) {
-	    nssCryptokiObject **op;
-	    for (op = objects; *op; op++) {
-		status = (*callback)(*op, arg);
-	    }
-	    nss_ZFreeIf(objects);
-	}
-    }
-    nssArena_Destroy(arena);
-    return PR_SUCCESS;
-loser:
-    nssArena_Destroy(arena);
-    return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c
deleted file mode 100644
index 99218f83d..000000000
--- a/security/nss/lib/dev/devutil.c
+++ /dev/null
@@ -1,1445 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssCryptokiObject_Create
-(
-  NSSToken *t, 
-  nssSession *session,
-  CK_OBJECT_HANDLE h
-)
-{
-    PRStatus status;
-    NSSSlot *slot;
-    nssCryptokiObject *object;
-    CK_BBOOL *isTokenObject;
-    CK_ATTRIBUTE cert_template[] = {
-	{ CKA_TOKEN, NULL, 0 },
-	{ CKA_LABEL, NULL, 0 }
-    };
-    slot = nssToken_GetSlot(t);
-    status = nssCKObject_GetAttributes(h, cert_template, 2,
-                                       NULL, session, slot);
-    nssSlot_Destroy(slot);
-    if (status != PR_SUCCESS) {
-	/* a failure here indicates a device error */
-	return (nssCryptokiObject *)NULL;
-    }
-    object = nss_ZNEW(NULL, nssCryptokiObject);
-    if (!object) {
-	return (nssCryptokiObject *)NULL;
-    }
-    object->handle = h;
-    object->token = nssToken_AddRef(t);
-    isTokenObject = (CK_BBOOL *)cert_template[0].pValue;
-    object->isTokenObject = *isTokenObject;
-    nss_ZFreeIf(isTokenObject);
-    NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[1], object->label);
-    return object;
-}
-
-NSS_IMPLEMENT void
-nssCryptokiObject_Destroy
-(
-  nssCryptokiObject *object
-)
-{
-    if (object) {
-	nssToken_Destroy(object->token);
-	nss_ZFreeIf(object->label);
-	nss_ZFreeIf(object);
-    }
-}
-
-NSS_IMPLEMENT nssCryptokiObject *
-nssCryptokiObject_Clone
-(
-  nssCryptokiObject *object
-)
-{
-    nssCryptokiObject *rvObject;
-    rvObject = nss_ZNEW(NULL, nssCryptokiObject);
-    if (rvObject) {
-	rvObject->handle = object->handle;
-	rvObject->token = nssToken_AddRef(object->token);
-	rvObject->isTokenObject = object->isTokenObject;
-	if (object->label) {
-	    rvObject->label = nssUTF8_Duplicate(object->label, NULL);
-	}
-    }
-    return rvObject;
-}
-
-NSS_EXTERN PRBool
-nssCryptokiObject_Equal
-(
-  nssCryptokiObject *o1,
-  nssCryptokiObject *o2
-)
-{
-    return (o1->token == o2->token && o1->handle == o2->handle);
-}
-
-NSS_IMPLEMENT PRUint32
-nssPKCS11String_Length(CK_CHAR *pkcs11Str, PRUint32 bufLen)
-{
-    PRInt32 i;
-    for (i = bufLen - 1; i>=0; ) {
-	if (pkcs11Str[i] != ' ' && pkcs11Str[i] != '\0') break;
-	--i;
-    }
-    return (PRUint32)(i + 1);
-}
-
-/*
- * Slot arrays
- */
-
-NSS_IMPLEMENT NSSSlot **
-nssSlotArray_Clone
-(
-  NSSSlot **slots
-)
-{
-    NSSSlot **rvSlots = NULL;
-    NSSSlot **sp = slots;
-    PRUint32 count = 0;
-    while (sp && *sp) count++;
-    if (count > 0) {
-	rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1);
-	if (rvSlots) {
-	    sp = slots;
-	    count = 0;
-	    for (sp = slots; *sp; sp++) {
-		rvSlots[count++] = nssSlot_AddRef(*sp);
-	    }
-	}
-    }
-    return rvSlots;
-}
-
-#ifdef PURE_STAN_BUILD
-NSS_IMPLEMENT void
-nssModuleArray_Destroy
-(
-  NSSModule **modules
-)
-{
-    if (modules) {
-	NSSModule **mp;
-	for (mp = modules; *mp; mp++) {
-	    nssModule_Destroy(*mp);
-	}
-	nss_ZFreeIf(modules);
-    }
-}
-#endif
-
-NSS_IMPLEMENT void
-nssSlotArray_Destroy
-(
-  NSSSlot **slots
-)
-{
-    if (slots) {
-	NSSSlot **slotp;
-	for (slotp = slots; *slotp; slotp++) {
-	    nssSlot_Destroy(*slotp);
-	}
-	nss_ZFreeIf(slots);
-    }
-}
-
-NSS_IMPLEMENT void
-NSSSlotArray_Destroy
-(
-  NSSSlot **slots
-)
-{
-    nssSlotArray_Destroy(slots);
-}
-
-NSS_IMPLEMENT void
-nssTokenArray_Destroy
-(
-  NSSToken **tokens
-)
-{
-    if (tokens) {
-	NSSToken **tokenp;
-	for (tokenp = tokens; *tokenp; tokenp++) {
-	    nssToken_Destroy(*tokenp);
-	}
-	nss_ZFreeIf(tokens);
-    }
-}
-
-NSS_IMPLEMENT void
-NSSTokenArray_Destroy
-(
-  NSSToken **tokens
-)
-{
-    nssTokenArray_Destroy(tokens);
-}
-
-NSS_IMPLEMENT void
-nssCryptokiObjectArray_Destroy
-(
-  nssCryptokiObject **objects
-)
-{
-    if (objects) {
-	nssCryptokiObject **op;
-	for (op = objects; *op; op++) {
-	    nssCryptokiObject_Destroy(*op);
-	}
-	nss_ZFreeIf(objects);
-    }
-}
-
-#ifdef PURE_STAN_BUILD
-/*
- * Slot lists
- */
-
-struct nssSlotListNodeStr
-{
-  PRCList link;
-  NSSSlot *slot;
-  PRUint32 order;
-};
-
-/* XXX separate slots with non-present tokens? */
-struct nssSlotListStr 
-{
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  PZLock *lock;
-  PRCList head;
-  PRUint32 count;
-};
-
-NSS_IMPLEMENT nssSlotList *
-nssSlotList_Create
-(
-  NSSArena *arenaOpt
-)
-{
-    nssSlotList *rvList;
-    NSSArena *arena;
-    nssArenaMark *mark;
-    if (arenaOpt) {
-	arena = arenaOpt;
-	mark = nssArena_Mark(arena);
-	if (!mark) {
-	    return (nssSlotList *)NULL;
-	}
-    } else {
-	arena = nssArena_Create();
-	if (!arena) {
-	    return (nssSlotList *)NULL;
-	}
-    }
-    rvList = nss_ZNEW(arena, nssSlotList);
-    if (!rvList) {
-	goto loser;
-    }
-    rvList->lock = PZ_NewLock(nssILockOther); /* XXX */
-    if (!rvList->lock) {
-	goto loser;
-    }
-    PR_INIT_CLIST(&rvList->head);
-    rvList->arena = arena;
-    rvList->i_allocated_arena = (arenaOpt == NULL);
-    nssArena_Unmark(arena, mark);
-    return rvList;
-loser:
-    if (arenaOpt) {
-	nssArena_Release(arena, mark);
-    } else {
-	nssArena_Destroy(arena);
-    }
-    return (nssSlotList *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssSlotList_Destroy
-(
-  nssSlotList *slotList
-)
-{
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    if (slotList) {
-	link = PR_NEXT_LINK(&slotList->head);
-	while (link != &slotList->head) {
-	    node = (struct nssSlotListNodeStr *)link;
-	    nssSlot_Destroy(node->slot);
-	    link = PR_NEXT_LINK(link);
-	}
-	if (slotList->i_allocated_arena) {
-	    nssArena_Destroy(slotList->arena);
-	}
-    }
-}
-
-/* XXX should do allocs outside of lock */
-NSS_IMPLEMENT PRStatus
-nssSlotList_Add
-(
-  nssSlotList *slotList,
-  NSSSlot *slot,
-  PRUint32 order
-)
-{
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    PZ_Lock(slotList->lock);
-    link = PR_NEXT_LINK(&slotList->head);
-    while (link != &slotList->head) {
-	node = (struct nssSlotListNodeStr *)link;
-	if (order < node->order) {
-	    break;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    node = nss_ZNEW(slotList->arena, struct nssSlotListNodeStr);
-    if (!node) {
-	return PR_FAILURE;
-    }
-    PR_INIT_CLIST(&node->link);
-    node->slot = nssSlot_AddRef(slot);
-    node->order = order;
-    PR_INSERT_AFTER(&node->link, link);
-    slotList->count++;
-    PZ_Unlock(slotList->lock);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlotList_AddModuleSlots
-(
-  nssSlotList *slotList,
-  NSSModule *module,
-  PRUint32 order
-)
-{
-    nssArenaMark *mark = NULL;
-    NSSSlot **sp, **slots = NULL;
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    PZ_Lock(slotList->lock);
-    link = PR_NEXT_LINK(&slotList->head);
-    while (link != &slotList->head) {
-	node = (struct nssSlotListNodeStr *)link;
-	if (order < node->order) {
-	    break;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    slots = nssModule_GetSlots(module);
-    if (!slots) {
-	PZ_Unlock(slotList->lock);
-	return PR_SUCCESS;
-    }
-    mark = nssArena_Mark(slotList->arena);
-    if (!mark) {
-	goto loser;
-    }
-    for (sp = slots; *sp; sp++) {
-	node = nss_ZNEW(slotList->arena, struct nssSlotListNodeStr);
-	if (!node) {
-	    goto loser;
-	}
-	PR_INIT_CLIST(&node->link);
-	node->slot = *sp; /* have ref from nssModule_GetSlots */
-	node->order = order;
-	PR_INSERT_AFTER(&node->link, link);
-	slotList->count++;
-    }
-    PZ_Unlock(slotList->lock);
-    nssArena_Unmark(slotList->arena, mark);
-    return PR_SUCCESS;
-loser:
-    PZ_Unlock(slotList->lock);
-    if (mark) {
-	nssArena_Release(slotList->arena, mark);
-    }
-    if (slots) {
-	nssSlotArray_Destroy(slots);
-    }
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSlot **
-nssSlotList_GetSlots
-(
-  nssSlotList *slotList
-)
-{
-    PRUint32 i;
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    NSSSlot **rvSlots = NULL;
-    PZ_Lock(slotList->lock);
-    rvSlots = nss_ZNEWARRAY(NULL, NSSSlot *, slotList->count + 1);
-    if (!rvSlots) {
-	PZ_Unlock(slotList->lock);
-	return (NSSSlot **)NULL;
-    }
-    i = 0;
-    link = PR_NEXT_LINK(&slotList->head);
-    while (link != &slotList->head) {
-	node = (struct nssSlotListNodeStr *)link;
-	rvSlots[i] = nssSlot_AddRef(node->slot);
-	link = PR_NEXT_LINK(link);
-	i++;
-    }
-    PZ_Unlock(slotList->lock);
-    return rvSlots;
-}
-
-#if 0
-NSS_IMPLEMENT NSSSlot *
-nssSlotList_GetBestSlotForAlgorithmAndParameters
-(
-  nssSlotList *slotList,
-  NSSAlgorithmAndParameters *ap
-)
-{
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    NSSSlot *rvSlot = NULL;
-    PZ_Lock(slotList->lock);
-    link = PR_NEXT_LINK(&slotList->head);
-    while (link != &slotList->head) {
-	node = (struct nssSlotListNodeStr *)link;
-	if (nssSlot_DoesAlgorithmAndParameters(ap)) {
-	    rvSlot = nssSlot_AddRef(node->slot); /* XXX check isPresent? */
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    PZ_Unlock(slotList->lock);
-    return rvSlot;
-}
-#endif
-
-NSS_IMPLEMENT NSSSlot *
-nssSlotList_GetBestSlot
-(
-  nssSlotList *slotList
-)
-{
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    NSSSlot *rvSlot = NULL;
-    PZ_Lock(slotList->lock);
-    if (PR_CLIST_IS_EMPTY(&slotList->head)) {
-	PZ_Unlock(slotList->lock);
-	return (NSSSlot *)NULL;
-    }
-    link = PR_NEXT_LINK(&slotList->head);
-    node = (struct nssSlotListNodeStr *)link;
-    rvSlot = nssSlot_AddRef(node->slot); /* XXX check isPresent? */
-    PZ_Unlock(slotList->lock);
-    return rvSlot;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssSlotList_FindSlotByName
-(
-  nssSlotList *slotList,
-  NSSUTF8 *slotName
-)
-{
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    NSSSlot *rvSlot = NULL;
-    PZ_Lock(slotList->lock);
-    link = PR_NEXT_LINK(&slotList->head);
-    while (link != &slotList->head) {
-	NSSUTF8 *sName;
-	node = (struct nssSlotListNodeStr *)link;
-	sName = nssSlot_GetName(node->slot);
-	if (nssUTF8_Equal(sName, slotName, NULL)) {
-	    rvSlot = nssSlot_AddRef(node->slot);
-	    break;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    PZ_Unlock(slotList->lock);
-    return rvSlot;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssSlotList_FindTokenByName
-(
-  nssSlotList *slotList,
-  NSSUTF8 *tokenName
-)
-{
-    PRCList *link;
-    struct nssSlotListNodeStr *node;
-    NSSToken *rvToken = NULL;
-    PZ_Lock(slotList->lock);
-    link = PR_NEXT_LINK(&slotList->head);
-    while (link != &slotList->head) {
-	NSSUTF8 *tName;
-	node = (struct nssSlotListNodeStr *)link;
-	tName = nssSlot_GetTokenName(node->slot);
-	if (nssUTF8_Equal(tName, tokenName, NULL)) {
-	    rvToken = nssSlot_GetToken(node->slot);
-	    break;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    PZ_Unlock(slotList->lock);
-    return rvToken;
-}
-#endif /* PURE_STAN_BUILD */
-
-/* object cache for token */
-
-typedef struct
-{
-  NSSArena *arena;
-  nssCryptokiObject *object;
-  CK_ATTRIBUTE_PTR attributes;
-  CK_ULONG numAttributes;
-}
-nssCryptokiObjectAndAttributes;
-
-enum {
-  cachedCerts = 0,
-  cachedTrust = 1,
-  cachedCRLs = 2
-} cachedObjectType;
-
-struct nssTokenObjectCacheStr
-{
-  NSSToken *token;
-  PZLock *lock;
-  PRBool loggedIn;
-  PRBool doObjectType[3];
-  PRBool searchedObjectType[3];
-  nssCryptokiObjectAndAttributes **objects[3];
-};
-
-NSS_IMPLEMENT nssTokenObjectCache *
-nssTokenObjectCache_Create
-(
-  NSSToken *token,
-  PRBool cacheCerts,
-  PRBool cacheTrust,
-  PRBool cacheCRLs
-)
-{
-    nssTokenObjectCache *rvCache;
-    rvCache = nss_ZNEW(NULL, nssTokenObjectCache);
-    if (!rvCache) {
-	goto loser;
-    }
-    rvCache->lock = PZ_NewLock(nssILockOther); /* XXX */
-    if (!rvCache->lock) {
-	goto loser;
-    }
-    rvCache->doObjectType[cachedCerts] = cacheCerts;
-    rvCache->doObjectType[cachedTrust] = cacheTrust;
-    rvCache->doObjectType[cachedCRLs] = cacheCRLs;
-    rvCache->token = token; /* cache goes away with token */
-    return rvCache;
-loser:
-    return (nssTokenObjectCache *)NULL;
-}
-
-static void
-clear_cache
-(
-  nssTokenObjectCache *cache
-)
-{
-    nssCryptokiObjectAndAttributes **oa;
-    PRUint32 objectType;
-    for (objectType = cachedCerts; objectType <= cachedCRLs; objectType++) {
-	if (!cache->objects[objectType]) {
-	    continue;
-	}
-	for (oa = cache->objects[objectType]; *oa; oa++) {
-	    /* prevent the token from being destroyed */
-	    (*oa)->object->token = NULL;
-	    nssCryptokiObject_Destroy((*oa)->object);
-	    nssArena_Destroy((*oa)->arena);
-	}
-	nss_ZFreeIf(cache->objects[objectType]);
-	cache->objects[objectType] = NULL;
-	cache->searchedObjectType[objectType] = PR_FALSE;
-    }
-}
-
-NSS_IMPLEMENT void
-nssTokenObjectCache_Clear
-(
-  nssTokenObjectCache *cache
-)
-{
-    if (cache) {
-	clear_cache(cache);
-    }
-}
-
-NSS_IMPLEMENT void
-nssTokenObjectCache_Destroy
-(
-  nssTokenObjectCache *cache
-)
-{
-    if (cache) {
-	clear_cache(cache);
-	PZ_DestroyLock(cache->lock);
-	nss_ZFreeIf(cache);
-    }
-}
-
-NSS_IMPLEMENT PRBool
-nssTokenObjectCache_HaveObjectClass
-(
-  nssTokenObjectCache *cache,
-  CK_OBJECT_CLASS objclass
-)
-{
-    PRBool haveIt;
-    PZ_Lock(cache->lock);
-    switch (objclass) {
-    case CKO_CERTIFICATE:    haveIt = cache->doObjectType[cachedCerts]; break;
-    case CKO_NETSCAPE_TRUST: haveIt = cache->doObjectType[cachedTrust]; break;
-    case CKO_NETSCAPE_CRL:   haveIt = cache->doObjectType[cachedCRLs];  break;
-    default:                 haveIt = PR_FALSE;
-    }
-    PZ_Unlock(cache->lock);
-    return haveIt;
-}
-
-static nssCryptokiObjectAndAttributes **
-create_object_array
-(
-  nssCryptokiObject **objects,
-  PRBool *doObjects,
-  PRUint32 *numObjects,
-  PRStatus *status
-)
-{
-    nssCryptokiObject **op = objects;
-    nssCryptokiObjectAndAttributes **rvOandA = NULL;
-    *numObjects = 0;
-    /* There are no objects for this type */
-    if (!objects) {
-	return (nssCryptokiObjectAndAttributes **)NULL;
-    }
-    while (*op++) (*numObjects)++;
-    if (*numObjects == MAX_LOCAL_CACHE_OBJECTS) {
-	/* Hit the maximum allowed, so don't use a cache (there are
-	 * too many objects to make caching worthwhile, presumably, if
-	 * the token can handle that many objects, it can handle searching.
-	 */
-	*doObjects = PR_FALSE;
-	*status = PR_FAILURE;
-	*numObjects = 0;
-    } else if (*numObjects > 0) {
-	rvOandA = nss_ZNEWARRAY(NULL, 
-	                        nssCryptokiObjectAndAttributes *, 
-	                        *numObjects + 1);
-	*status = rvOandA ? PR_SUCCESS : PR_FALSE;
-    }
-    return rvOandA;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_object
-(
-  nssCryptokiObject *object,
-  CK_ATTRIBUTE_TYPE *types,
-  PRUint32 numTypes,
-  PRStatus *status
-)
-{
-    PRUint32 j;
-    NSSArena *arena;
-    NSSSlot *slot = NULL;
-    nssSession *session = NULL;
-    nssCryptokiObjectAndAttributes *rvCachedObject = NULL;
-
-    slot = nssToken_GetSlot(object->token);
-    session = nssToken_GetDefaultSession(object->token);
-
-    arena = nssArena_Create();
-    if (!arena) {
-	nssSlot_Destroy(slot);
-	return (nssCryptokiObjectAndAttributes *)NULL;
-    }
-    rvCachedObject = nss_ZNEW(arena, nssCryptokiObjectAndAttributes);
-    if (!rvCachedObject) {
-	goto loser;
-    }
-    rvCachedObject->arena = arena;
-    /* The cache is tied to the token, and therefore the objects
-     * in it should not hold references to the token.
-     */
-    nssToken_Destroy(object->token);
-    rvCachedObject->object = object;
-    rvCachedObject->attributes = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, numTypes);
-    if (!rvCachedObject->attributes) {
-	goto loser;
-    }
-    for (j=0; j<numTypes; j++) {
-	rvCachedObject->attributes[j].type = types[j];
-    }
-    *status = nssCKObject_GetAttributes(object->handle,
-                                        rvCachedObject->attributes,
-                                        numTypes,
-                                        arena,
-                                        session,
-                                        slot);
-    if (*status != PR_SUCCESS) {
-	goto loser;
-    }
-    rvCachedObject->numAttributes = numTypes;
-    *status = PR_SUCCESS;
-    if (slot) {
-	nssSlot_Destroy(slot);
-    }
-    return rvCachedObject;
-loser:
-    *status = PR_FAILURE;
-    if (slot) {
-	nssSlot_Destroy(slot);
-    }
-    nssArena_Destroy(arena);
-    return (nssCryptokiObjectAndAttributes *)NULL;
-}
-
-/*
- *
- * State diagram for cache:
- *
- *            token !present            token removed
- *        +-------------------------+<----------------------+
- *        |                         ^                       |
- *        v                         |                       |
- *  +----------+   slot friendly    |  token present   +----------+ 
- *  |   cache  | -----------------> % ---------------> |   cache  |
- *  | unloaded |                                       |  loaded  |
- *  +----------+                                       +----------+
- *    ^   |                                                 ^   |
- *    |   |   slot !friendly           slot logged in       |   |
- *    |   +-----------------------> % ----------------------+   |
- *    |                             |                           |
- *    | slot logged out             v  slot !friendly           |
- *    +-----------------------------+<--------------------------+
- *
- */
-static PRBool
-search_for_objects
-(
-  nssTokenObjectCache *cache
-)
-{
-    PRBool doSearch = PR_FALSE;
-    NSSSlot *slot = nssToken_GetSlot(cache->token);
-    if (!nssSlot_IsTokenPresent(slot)) {
-	/* The token is no longer present, destroy any cached objects */
-	/* clear_cache(cache); */
-	nssSlot_Destroy(slot);
-	return PR_FALSE;
-    }
-    /* Handle non-friendly slots (slots which require login for objects) */
-    if (!nssSlot_IsFriendly(slot)) {
-	if (nssSlot_IsLoggedIn(slot)) {
-	    /* Either no state change, or went from !logged in -> logged in */
-	    cache->loggedIn = PR_TRUE;
-	    doSearch = PR_TRUE;
-	} else {
-	    if (cache->loggedIn) {
-		/* went from logged in -> !logged in, destroy cached objects */
-		clear_cache(cache);
-		cache->loggedIn = PR_FALSE;
-	    } /* else no state change, still not logged in, so exit */
-	}
-    } else {
-	/* slot is friendly, thus always available for search */
-	doSearch = PR_TRUE;
-    }
-    nssSlot_Destroy(slot);
-    return doSearch;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_cert
-(
-  nssCryptokiObject *object,
-  PRStatus *status
-)
-{
-    CK_ATTRIBUTE_TYPE certAttr[] = {
-	CKA_CLASS,
-	CKA_TOKEN,
-	CKA_LABEL,
-	CKA_CERTIFICATE_TYPE,
-	CKA_ID,
-	CKA_VALUE,
-	CKA_ISSUER,
-	CKA_SERIAL_NUMBER,
-	CKA_SUBJECT,
-	CKA_NETSCAPE_EMAIL
-    };
-    PRUint32 numCertAttr = sizeof(certAttr) / sizeof(certAttr[0]);
-    return create_object(object, certAttr, numCertAttr, status);
-}
-
-static PRStatus
-get_token_certs_for_cache
-(
-  nssTokenObjectCache *cache
-)
-{
-    PRStatus status;
-    nssCryptokiObject **objects;
-    PRBool *doIt = &cache->doObjectType[cachedCerts];
-    PRUint32 i, numObjects;
-
-    if (!search_for_objects(cache) || 
-         cache->searchedObjectType[cachedCerts] || 
-        !cache->doObjectType[cachedCerts]) 
-    {
-	/* Either there was a state change that prevents a search
-	 * (token removed or logged out), or the search was already done,
-	 * or certs are not being cached.
-	 */
-	return PR_SUCCESS;
-    }
-    objects = nssToken_FindCertificates(cache->token, NULL,
-                                        nssTokenSearchType_TokenForced,
-				        MAX_LOCAL_CACHE_OBJECTS, &status);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    cache->objects[cachedCerts] = create_object_array(objects,
-                                                      doIt,
-                                                      &numObjects,
-                                                      &status);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    for (i=0; i<numObjects; i++) {
-	cache->objects[cachedCerts][i] = create_cert(objects[i], &status);
-	if (status != PR_SUCCESS) {
-	    break;
-	}
-    }
-    if (status == PR_SUCCESS) {
-	nss_ZFreeIf(objects);
-    } else {
-	PRUint32 j;
-	for (j=0; j<i; j++) {
-	    /* sigh */
-	    nssToken_AddRef(cache->objects[cachedCerts][i]->object->token);
-	    nssArena_Destroy(cache->objects[cachedCerts][i]->arena);
-	}
-	nssCryptokiObjectArray_Destroy(objects);
-    }
-    cache->searchedObjectType[cachedCerts] = PR_TRUE;
-    return status;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_trust
-(
-  nssCryptokiObject *object,
-  PRStatus *status
-)
-{
-    CK_ATTRIBUTE_TYPE trustAttr[] = {
-	CKA_CLASS,
-	CKA_TOKEN,
-	CKA_LABEL,
-	CKA_CERT_SHA1_HASH,
-	CKA_CERT_MD5_HASH,
-	CKA_ISSUER,
-	CKA_SUBJECT,
-	CKA_TRUST_SERVER_AUTH,
-	CKA_TRUST_CLIENT_AUTH,
-	CKA_TRUST_EMAIL_PROTECTION,
-	CKA_TRUST_CODE_SIGNING
-    };
-    PRUint32 numTrustAttr = sizeof(trustAttr) / sizeof(trustAttr[0]);
-    return create_object(object, trustAttr, numTrustAttr, status);
-}
-
-static PRStatus
-get_token_trust_for_cache
-(
-  nssTokenObjectCache *cache
-)
-{
-    PRStatus status;
-    nssCryptokiObject **objects;
-    PRBool *doIt = &cache->doObjectType[cachedTrust];
-    PRUint32 i, numObjects;
-
-    if (!search_for_objects(cache) || 
-         cache->searchedObjectType[cachedTrust] || 
-        !cache->doObjectType[cachedTrust]) 
-    {
-	/* Either there was a state change that prevents a search
-	 * (token removed or logged out), or the search was already done,
-	 * or trust is not being cached.
-	 */
-	return PR_SUCCESS;
-    }
-    objects = nssToken_FindTrustObjects(cache->token, NULL,
-                                        nssTokenSearchType_TokenForced,
-				        MAX_LOCAL_CACHE_OBJECTS, &status);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    cache->objects[cachedTrust] = create_object_array(objects,
-                                                      doIt,
-                                                      &numObjects,
-                                                      &status);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    for (i=0; i<numObjects; i++) {
-	cache->objects[cachedTrust][i] = create_trust(objects[i], &status);
-	if (status != PR_SUCCESS) {
-	    break;
-	}
-    }
-    if (status == PR_SUCCESS) {
-	nss_ZFreeIf(objects);
-    } else {
-	PRUint32 j;
-	for (j=0; j<i; j++) {
-	    /* sigh */
-	    nssToken_AddRef(cache->objects[cachedTrust][i]->object->token);
-	    nssArena_Destroy(cache->objects[cachedTrust][i]->arena);
-	}
-	nssCryptokiObjectArray_Destroy(objects);
-    }
-    cache->searchedObjectType[cachedTrust] = PR_TRUE;
-    return status;
-}
-
-static nssCryptokiObjectAndAttributes *
-create_crl
-(
-  nssCryptokiObject *object,
-  PRStatus *status
-)
-{
-    CK_ATTRIBUTE_TYPE crlAttr[] = {
-	CKA_CLASS,
-	CKA_TOKEN,
-	CKA_LABEL,
-	CKA_VALUE,
-	CKA_SUBJECT,
-	CKA_NETSCAPE_KRL,
-	CKA_NETSCAPE_URL
-    };
-    PRUint32 numCRLAttr = sizeof(crlAttr) / sizeof(crlAttr[0]);
-    return create_object(object, crlAttr, numCRLAttr, status);
-}
-
-static PRStatus
-get_token_crls_for_cache
-(
-  nssTokenObjectCache *cache
-)
-{
-    PRStatus status;
-    nssCryptokiObject **objects;
-    PRBool *doIt = &cache->doObjectType[cachedCRLs];
-    PRUint32 i, numObjects;
-
-    if (!search_for_objects(cache) || 
-         cache->searchedObjectType[cachedCRLs] || 
-        !cache->doObjectType[cachedCRLs]) 
-    {
-	/* Either there was a state change that prevents a search
-	 * (token removed or logged out), or the search was already done,
-	 * or CRLs are not being cached.
-	 */
-	return PR_SUCCESS;
-    }
-    objects = nssToken_FindCRLs(cache->token, NULL,
-                                nssTokenSearchType_TokenForced,
-				MAX_LOCAL_CACHE_OBJECTS, &status);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    cache->objects[cachedCRLs] = create_object_array(objects,
-                                                     doIt,
-                                                     &numObjects,
-                                                     &status);
-    if (status != PR_SUCCESS) {
-	return status;
-    }
-    for (i=0; i<numObjects; i++) {
-	cache->objects[cachedCRLs][i] = create_crl(objects[i], &status);
-	if (status != PR_SUCCESS) {
-	    break;
-	}
-    }
-    if (status == PR_SUCCESS) {
-	nss_ZFreeIf(objects);
-    } else {
-	PRUint32 j;
-	for (j=0; j<i; j++) {
-	    /* sigh */
-	    nssToken_AddRef(cache->objects[cachedCRLs][i]->object->token);
-	    nssArena_Destroy(cache->objects[cachedCRLs][i]->arena);
-	}
-	nssCryptokiObjectArray_Destroy(objects);
-    }
-    cache->searchedObjectType[cachedCRLs] = PR_TRUE;
-    return status;
-}
-
-static nssCryptokiObject **
-find_objects_in_array
-(
-  nssCryptokiObjectAndAttributes **objArray,
-  CK_ATTRIBUTE_PTR ot,
-  CK_ULONG otlen,
-  PRUint32 maximumOpt
-)
-{
-    PRIntn oi;
-    PRUint32 i, j;
-    PRBool match;
-    NSSArena *arena;
-    PRUint32 size = 8;
-    PRUint32 numMatches = 0;
-    nssCryptokiObject **objects = NULL;
-    nssCryptokiObjectAndAttributes **matches = NULL;
-    if (!objArray) {
-	return (nssCryptokiObject **)NULL;
-    }
-    arena = nssArena_Create();
-    if (!arena) {
-	return (nssCryptokiObject **)NULL;
-    }
-    matches = nss_ZNEWARRAY(arena, nssCryptokiObjectAndAttributes *, size);
-    if (!matches) {
-	goto loser;
-    }
-    if (maximumOpt == 0) maximumOpt = ~0;
-    for (; *objArray && numMatches < maximumOpt; objArray++) {
-	nssCryptokiObjectAndAttributes *obj = *objArray;
-	for (i=0; i<otlen; i++) {
-	    for (j=0; j<obj->numAttributes; j++) {
-		if (ot[i].type == obj->attributes[j].type) {
-		    if (ot[i].ulValueLen == obj->attributes[j].ulValueLen &&
-		        nsslibc_memequal(ot[i].pValue, 
-			                 obj->attributes[j].pValue,
-			                 ot[i].ulValueLen, NULL))
-		    {
-			match = PR_TRUE;
-		    } else {
-			match = PR_FALSE;
-		    }
-		    break;
-		}
-	    }
-	    if (j == obj->numAttributes || !match) {
-		break;
-	    }
-	}
-	if (match) {
-	    matches[numMatches++] = obj;
-	    if (numMatches == size) {
-		size *= 2;
-		matches = nss_ZREALLOCARRAY(matches, 
-		                            nssCryptokiObjectAndAttributes *, 
-		                            size);
-		if (!matches) {
-		    goto loser;
-		}
-	    }
-	}
-    }
-    if (numMatches > 0) {
-	objects = nss_ZNEWARRAY(NULL, nssCryptokiObject *, numMatches + 1);
-	if (!objects) {
-	    goto loser;
-	}
-	for (oi=0; oi<(PRIntn)numMatches; oi++) {
-	    objects[oi] = nssCryptokiObject_Clone(matches[oi]->object);
-	    if (!objects[oi]) {
-		goto loser;
-	    }
-	}
-    }
-    nssArena_Destroy(arena);
-    return objects;
-loser:
-    if (objects) {
-	for (--oi; oi>=0; --oi) {
-	    nssCryptokiObject_Destroy(objects[oi]);
-	}
-    }
-    nssArena_Destroy(arena);
-    return (nssCryptokiObject **)NULL;
-}
-
-NSS_IMPLEMENT nssCryptokiObject **
-nssTokenObjectCache_FindObjectsByTemplate
-(
-  nssTokenObjectCache *cache,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR otemplate,
-  CK_ULONG otlen,
-  PRUint32 maximumOpt,
-  PRStatus *statusOpt
-)
-{
-    PRStatus status = PR_FAILURE;
-    nssCryptokiObject **rvObjects = NULL;
-    PZ_Lock(cache->lock);
-    switch (objclass) {
-    case CKO_CERTIFICATE:
-	if (cache->doObjectType[cachedCerts]) {
-	    status = get_token_certs_for_cache(cache);
-	    if (status != PR_SUCCESS) {
-		goto finish;
-	    }
-	    rvObjects = find_objects_in_array(cache->objects[cachedCerts], 
-	                                      otemplate, otlen, maximumOpt);
-	}
-	break;
-    case CKO_NETSCAPE_TRUST:
-	if (cache->doObjectType[cachedTrust]) {
-	    status = get_token_trust_for_cache(cache);
-	    if (status != PR_SUCCESS) {
-		goto finish;
-	    }
-	    rvObjects = find_objects_in_array(cache->objects[cachedTrust], 
-	                                      otemplate, otlen, maximumOpt);
-	}
-	break;
-    case CKO_NETSCAPE_CRL:
-	if (cache->doObjectType[cachedCRLs]) {
-	    status = get_token_crls_for_cache(cache);
-	    if (status != PR_SUCCESS) {
-		goto finish;
-	    }
-	    rvObjects = find_objects_in_array(cache->objects[cachedCRLs], 
-	                                      otemplate, otlen, maximumOpt);
-	}
-	break;
-    default: break;
-    }
-finish:
-    PZ_Unlock(cache->lock);
-    if (statusOpt) {
-	*statusOpt = status;
-    }
-    return rvObjects;
-}
-
-static PRBool
-cache_available_for_object_type
-(
-  nssTokenObjectCache *cache,
-  PRUint32 objectType
-)
-{
-    if (!cache->doObjectType[objectType]) {
-	/* not caching this object kind */
-	return PR_FALSE;
-    }
-    if (!cache->searchedObjectType[objectType]) {
-	/* objects are not cached yet */
-	return PR_FALSE;
-    }
-    if (!search_for_objects(cache)) {
-	/* not logged in or removed */
-	return PR_FALSE;
-    }
-    return PR_TRUE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTokenObjectCache_GetObjectAttributes
-(
-  nssTokenObjectCache *cache,
-  NSSArena *arenaOpt,
-  nssCryptokiObject *object,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR atemplate,
-  CK_ULONG atlen
-)
-{
-    PRUint32 i, j;
-    NSSArena *arena = NULL;
-    nssArenaMark *mark = NULL;
-    nssCryptokiObjectAndAttributes *cachedOA = NULL;
-    nssCryptokiObjectAndAttributes **oa = NULL;
-    PRUint32 objectType;
-    PZ_Lock(cache->lock);
-    switch (objclass) {
-    case CKO_CERTIFICATE:    objectType = cachedCerts; break;
-    case CKO_NETSCAPE_TRUST: objectType = cachedTrust; break;
-    case CKO_NETSCAPE_CRL:   objectType = cachedCRLs;  break;
-    default: goto loser;
-    }
-    if (!cache_available_for_object_type(cache, objectType)) {
-	goto loser;
-    }
-    oa = cache->objects[objectType];
-    if (!oa) {
-	goto loser;
-    }
-    for (; *oa; oa++) {
-	if (nssCryptokiObject_Equal((*oa)->object, object)) {
-	    cachedOA = *oa;
-	    break;
-	}
-    }
-    if (!cachedOA) {
-	goto loser; /* don't have this object */
-    }
-    if (arenaOpt) {
-	arena = arenaOpt;
-	mark = nssArena_Mark(arena);
-    }
-    for (i=0; i<atlen; i++) {
-	for (j=0; j<cachedOA->numAttributes; j++) {
-	    if (atemplate[i].type == cachedOA->attributes[j].type) {
-		CK_ATTRIBUTE_PTR attr = &cachedOA->attributes[j];
-		if (cachedOA->attributes[j].ulValueLen == 0 ||
-		    cachedOA->attributes[j].ulValueLen == (CK_ULONG)-1) 
-		{
-		    break; /* invalid attribute */
-		}
-		if (atemplate[i].ulValueLen > 0) {
-		    if (atemplate[i].pValue == NULL ||
-		        atemplate[i].ulValueLen < attr->ulValueLen) 
-		    {
-			goto loser;
-		    }
-		} else {
-		    atemplate[i].pValue = nss_ZAlloc(arena, attr->ulValueLen);
-		    if (!atemplate[i].pValue) {
-			goto loser;
-		    }
-		}
-		nsslibc_memcpy(atemplate[i].pValue,
-		               attr->pValue, attr->ulValueLen);
-		atemplate[i].ulValueLen = attr->ulValueLen;
-		break;
-	    }
-	}
-	if (j == cachedOA->numAttributes) {
-	    atemplate[i].ulValueLen = (CK_ULONG)-1;
-	}
-    }
-    PZ_Unlock(cache->lock);
-    if (mark) {
-	nssArena_Unmark(arena, mark);
-    }
-    return PR_SUCCESS;
-loser:
-    PZ_Unlock(cache->lock);
-    if (mark) {
-	nssArena_Release(arena, mark);
-    }
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTokenObjectCache_ImportObject
-(
-  nssTokenObjectCache *cache,
-  nssCryptokiObject *object,
-  CK_OBJECT_CLASS objclass,
-  CK_ATTRIBUTE_PTR ot,
-  CK_ULONG otlen
-)
-{
-    PRStatus status = PR_SUCCESS;
-    PRUint32 count;
-    nssCryptokiObjectAndAttributes **oa, ***otype;
-    PRUint32 objectType;
-    PRBool haveIt = PR_FALSE;
-
-    PZ_Lock(cache->lock);
-    switch (objclass) {
-    case CKO_CERTIFICATE:    objectType = cachedCerts; break;
-    case CKO_NETSCAPE_TRUST: objectType = cachedTrust; break;
-    case CKO_NETSCAPE_CRL:   objectType = cachedCRLs;  break;
-    default:
-	PZ_Unlock(cache->lock);
-	return PR_SUCCESS; /* don't need to import it here */
-    }
-    if (!cache_available_for_object_type(cache, objectType)) {
-	PZ_Unlock(cache->lock);
-	return PR_SUCCESS; /* cache not active, ignored */
-    }
-    count = 0;
-    otype = &cache->objects[objectType]; /* index into array of types */
-    oa = *otype; /* the array of objects for this type */
-    while (oa && *oa) {
-	if (nssCryptokiObject_Equal((*oa)->object, object)) {
-	    haveIt = PR_TRUE;
-	    break;
-	}
-	count++;
-	oa++;
-    }
-    if (haveIt) {
-	/* Destroy the old entry */
-	(*oa)->object->token = NULL;
-	nssCryptokiObject_Destroy((*oa)->object);
-	nssArena_Destroy((*oa)->arena);
-    } else {
-	/* Create space for a new entry */
-	if (count > 0) {
-	    *otype = nss_ZREALLOCARRAY(*otype,
-	                               nssCryptokiObjectAndAttributes *, 
-	                               count + 2);
-	} else {
-	    *otype = nss_ZNEWARRAY(NULL, nssCryptokiObjectAndAttributes *, 2);
-	}
-    }
-    if (*otype) {
-	nssCryptokiObject *copyObject = nssCryptokiObject_Clone(object);
-	if (objectType == cachedCerts) {
-	    (*otype)[count] = create_cert(copyObject, &status);
-	} else if (objectType == cachedTrust) {
-	    (*otype)[count] = create_trust(copyObject, &status);
-	} else if (objectType == cachedCRLs) {
-	    (*otype)[count] = create_crl(copyObject, &status);
-	}
-    } else {
-	status = PR_FAILURE;
-    }
-    PZ_Unlock(cache->lock);
-    return status;
-}
-
-NSS_IMPLEMENT void
-nssTokenObjectCache_RemoveObject
-(
-  nssTokenObjectCache *cache,
-  nssCryptokiObject *object
-)
-{
-    PRUint32 oType;
-    nssCryptokiObjectAndAttributes **oa, **swp = NULL;
-    PZ_Lock(cache->lock);
-    for (oType=0; oType<3; oType++) {
-	if (!cache_available_for_object_type(cache, oType) ||
-	    !cache->objects[oType])
-	{
-	    continue;
-	}
-	for (oa = cache->objects[oType]; *oa; oa++) {
-	    if (nssCryptokiObject_Equal((*oa)->object, object)) {
-		swp = oa; /* the entry to remove */
-		while (oa[1]) oa++; /* go to the tail */
-		(*swp)->object->token = NULL;
-		nssCryptokiObject_Destroy((*swp)->object);
-		nssArena_Destroy((*swp)->arena); /* destroy it */
-		*swp = *oa; /* swap the last with the removed */
-		*oa = NULL; /* null-terminate the array */
-		break;
-	    }
-	}
-	if (swp) {
-	    break;
-	}
-    }
-    if ((oType <3) &&
-		cache->objects[oType] && cache->objects[oType][0] == NULL) {
-	nss_ZFreeIf(cache->objects[oType]); /* no entries remaining */
-	cache->objects[oType] = NULL;
-    }
-    PZ_Unlock(cache->lock);
-}
-
-/* XXX of course this doesn't belong here */
-NSS_IMPLEMENT NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateSHA1Digest
-(
-  NSSArena *arenaOpt
-)
-{
-    NSSAlgorithmAndParameters *rvAP = NULL;
-    rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
-    if (rvAP) {
-	rvAP->mechanism.mechanism = CKM_SHA_1;
-	rvAP->mechanism.pParameter = NULL;
-	rvAP->mechanism.ulParameterLen = 0;
-    }
-    return rvAP;
-}
-
-NSS_IMPLEMENT NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateMD5Digest
-(
-  NSSArena *arenaOpt
-)
-{
-    NSSAlgorithmAndParameters *rvAP = NULL;
-    rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
-    if (rvAP) {
-	rvAP->mechanism.mechanism = CKM_MD5;
-	rvAP->mechanism.pParameter = NULL;
-	rvAP->mechanism.ulParameterLen = 0;
-    }
-    return rvAP;
-}
-
diff --git a/security/nss/lib/dev/manifest.mn b/security/nss/lib/dev/manifest.mn
deleted file mode 100644
index effab4805..000000000
--- a/security/nss/lib/dev/manifest.mn
+++ /dev/null
@@ -1,66 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
-	ckhelper.h \
-	devt.h     \
-	dev.h      \
-	nssdevt.h  \
-	nssdev.h   \
-	$(NULL)
-
-EXPORTS =	   \
-	$(NULL)
-
-MODULE = security
-
-CSRCS =		        \
-	devmod.c        \
-	devslot.c       \
-	devtoken.c      \
-	devutil.c       \
-	ckhelper.c      \
-	$(NULL)
-
-# here is where the 3.4 glue code is added
-ifndef PURE_STAN_BUILD
-DEFINES = -DNSS_3_4_CODE
-PRIVATE_EXPORTS += devm.h devtm.h
-endif
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssdev
diff --git a/security/nss/lib/dev/nssdev.h b/security/nss/lib/dev/nssdev.h
deleted file mode 100644
index 7b219adfe..000000000
--- a/security/nss/lib/dev/nssdev.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSDEV_H
-#define NSSDEV_H
-
-#ifdef DEBUG
-static const char NSSDEV_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-/*
- * nssdev.h
- *
- * High-level methods for interaction with cryptoki devices
- */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* NSSAlgorithmAndParameters
- *
- * NSSAlgorithmAndParameters_CreateSHA1Digest
- * NSSAlgorithmAndParameters_CreateMD5Digest
- */
-
-NSS_EXTERN NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateSHA1Digest
-(
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateMD5Digest
-(
-  NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/nssdevt.h b/security/nss/lib/dev/nssdevt.h
deleted file mode 100644
index a603ce545..000000000
--- a/security/nss/lib/dev/nssdevt.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSDEVT_H
-#define NSSDEVT_H
-
-#ifdef DEBUG
-static const char NSSDEVT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssdevt.h
- *
- * This file contains definitions for the low-level cryptoki devices.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSModule and NSSSlot -- placeholders for the PKCS#11 types
- */
-
-typedef struct NSSModuleStr NSSModule;
-
-typedef struct NSSSlotStr NSSSlot;
-
-typedef struct NSSTokenStr NSSToken;
-
-PR_END_EXTERN_C
-
-#endif /* NSSDEVT_H */
diff --git a/security/nss/lib/fortcrypt/Makefile b/security/nss/lib/fortcrypt/Makefile
deleted file mode 100644
index 40609cb98..000000000
--- a/security/nss/lib/fortcrypt/Makefile
+++ /dev/null
@@ -1,168 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-CILIB                   = $(OBJDIR)/cilib.$(LIB_SUFFIX)
-ORIG_CILIB              = libci/$(OS_TARGET)$(OS_RELEASE).$(LIB_SUFFIX)
-
-ifeq (,$(filter-out WINNT WINCE,$(OS_TARGET)))  # omits WIN16 WIN95
-ORIG_CILIB              = libci/tssp32.lib
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-ORIG_CILIB              = libci/tssp.lib
-endif
-
-ifeq ($(OS_TARGET), WIN95)
-ORIG_CILIB              = libci/tssp32.lib
-endif
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-STUBDLL                 = $(OBJDIR)/stub.$(DLL_SUFFIX)
-endif
-
-STUBLIB                 = $(OBJDIR)/stub.$(LIB_SUFFIX)
-
-ifeq ($(OS_TARGET), WIN16)
-W16LIBS         += $(CILIB)
-else
-EXTRA_LIBS      += $(CILIB)
-endif
-
-INST_JS                 = inst.js
-LIBCI_JAR               = $(OBJDIR)/libfort.jar
-LIBCI_JAR_SRC           = $(INST_JS) $(SHARED_LIBRARY)
-
-ifneq ($(OS_TARGET), WIN16)
-TARGETS : $(LIBCI_JAR) 
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-# note that rules.mk is not included below for WIN16
-all:
-	@echo Skipping fortcrypt directory for 16-bit windows builds
-
-all_platforms alltags clean clobber clobber_all realclean: all
-
-boot export install libs program release: all
-
-endif
-
-$(SHARED_LIBRARY): $(CILIB) $(DIRS)
-
-cilib_name:
-	@echo $(CILIB)
-
-$(CILIB):
-	@$(MAKE_OBJDIR)
-	@if test -f $(ORIG_CILIB); then \
-		echo "Copying $(ORIG_CILIB) to $@"; \
-		cp $(ORIG_CILIB) $@; \
-	else \
-		echo "Making empty stub $@"; \
-		$(MAKE) $(STUBLIB); \
-	fi
-	@$(RANLIB) $@
-
-$(STUBLIB): $(OBJDIR)/maci$(OBJ_SUFFIX)
-	@$(MAKE_OBJDIR)
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-	$(MAKE) $(STUBDLL)
-else
-	$(AR) $<
-endif
-	cp $@ $(CILIB)
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-$(STUBDLL): $(OBJDIR)/maci.o
-	$(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJDIR)/maci.o $(OS_LIBS))
-
-$(OBJDIR)/maci.o: maci.c
-	$(CC) -Fo$@ -c $(CFLAGS) $<
-endif
-
-#
-# The following rules packages the shared library into a JAR,
-# ready to be signed
-#
-$(OBJDIR)/replace: replace.c
-	$(CC) -o $@ $<
-
-# ZIP options:
-# -5 means medium compression
-# -q means quiet
-# -j means do not store tree structure, all files go into one dir
-#
-$(LIBCI_JAR): $(DIRS) $(LIBCI_JAR_SRC)
-	@echo +++ building $@ from $(LIBCI_JAR_SRC)
-	@rm -f $@
-	zip -5qj $@ $(LIBCI_JAR_SRC) 
-
-force:
-	(cd swfort ; $(MAKE))
-
-
-MD_FILES += $(LIBCI_JAR)
-
-# coreconf doesn't build the AIX shared library for FORTEZZA,
-# so I'm going to override their shared library command and build the shared
-# library the way config used to.
-#
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS              = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS        = -lc
-MKSHLIB                 = svld $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
-	@$(MAKE_OBJDIR)
-	rm -f $@
-	$(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
-	chmod +x $@
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-LD      += -G
-endif 
-
-
-ifneq ($(OS_TARGET), WIN16)
-include $(CORE_DEPTH)/coreconf/rules.mk
-endif
-
-export:: private_export
-
-
diff --git a/security/nss/lib/fortcrypt/config.mk b/security/nss/lib/fortcrypt/config.mk
deleted file mode 100644
index d54a9dfc0..000000000
--- a/security/nss/lib/fortcrypt/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only shared libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(SHARED_LIBRARY)
-LIBRARY        =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/fortcrypt/cryptint.h b/security/nss/lib/fortcrypt/cryptint.h
deleted file mode 100644
index c4de00ff2..000000000
--- a/security/nss/lib/fortcrypt/cryptint.h
+++ /dev/null
@@ -1,703 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* @(#)cryptint.h	1.26\t10 Nov 1995 */
-/*****************************************************************************
-  Definitive Fortezza header file.
-  Application Level Interface to Fortezza CI Library.
-
-  Version for CI Library 1.52
-    November 8, 1995
-
-
-  NOTICE: Fortezza Export Policy
-
-    The Fortezza Cryptologic Interface (CI) Library (both source and 
-    object) and Fortezza CI Library based applications are defense 
-    articles, as defined in the International Traffic In Arms 
-    Regulations (ITAR), and are subject to export controls under the 
-    ITAR and the Arms Export Control Act. Any export to any country 
-    of (a) the Fortezza CI Library, related documentation, and 
-    technical data, or (b) your cryptographic application, process, 
-    or service that is the direct product of, or contains the 
-    Fortezza CI Library must comply with the requirements of the ITAR. 
-    If you or your customer intends to engage in such export, contact 
-    the United States Department of State, Office of Defense Trade 
-    Controls for specific guidance.
-
-
- ****************************************************************************/
-#ifndef __CRYPTINT_H
-#define __CRYPTINT_H
-
-#if __cplusplus__ || __cplusplus
-extern "C"
-{
-#endif /* C++ */
-
-#ifndef PROTO_LIST
-#ifdef _K_AND_R_
-#define PROTO_LIST(list)  ()
-#else
-#define PROTO_LIST(list)  list
-#endif /*_K_AND_R_ */
-#endif /* PROTO_LIST */
-
-
-#ifndef RETURN_TYPE
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE  __declspec(dllimport) int
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define RETURN_TYPE  extern int _far _pascal
-#else
-#define RETURN_TYPE  extern int
-#endif /* Windows */
-#endif /* RETURN_TYPE */
-
-/* MS Visual C++ defines _MSDOS and _WINDOWS    */
-/* Borland C/C++ defines __MSDOS__ and _Windows */
-#if defined( _WIN32 ) ||  defined ( __WIN32__ )
-#define CI_FAR
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define CI_FAR  _far
-#else
-#define CI_FAR
-#endif /* MS DOS or Windows */
-
-
-/*****************************************************************************
-  Constants
- ****************************************************************************/
-#define CI_LIB_VERSION_VAL        0x0152    /* Version 1.52 */
-
-#define CI_CERT_SIZE              2048
-#define CI_CERT_FLAGS_SIZE        16
-#define CI_CERT_NAME_SIZE         32
-#define CI_CHALLENGE_SIZE         20
-
-#define CI_G_SIZE                 128
-
-#define CI_HASHVALUE_SIZE         20
-
-#define CI_IV_SIZE                24
-
-#define CI_KEY_SIZE               12
-#define CI_KS_SIZE                10
-
-#define CI_NAME_SIZE              32
-
-#define CI_PASSWORD_SIZE          24
-#define CI_PIN_SIZE               12
-#define CI_P_SIZE                 128
-
-#define CI_Q_SIZE                 20
-
-#define CI_R_SIZE                 40
-#define CI_RANDOM_NO_SIZE         20
-#define CI_RANDOM_SEED_SIZE       8
-#define CI_RA_SIZE                128
-#define CI_RB_SIZE                128
-#define CI_REG_FLAGS_SIZE         4
-
-#define CI_S_SIZE                 40
-#define CI_SAVE_DATA_SIZE         28
-#define CI_SERIAL_NUMBER_SIZE     8
-#define CI_SIGNATURE_SIZE         40
-#define CI_STATUS_FLAGS_SIZE      4
-
-#define CI_TIME_SIZE              16
-#define CI_TIMESTAMP_SIZE         16
-
-#define CI_WRAPPED_X_SIZE         24
-
-#define CI_Y_SIZE                 128
-
-#define CI_X_SIZE                 20
-
-
-/* Miscellaneous */
-#define CI_NULL_FLAG              0 
-#define CI_POWER_DOWN_FLAG        2
-#define CI_NO_LOG_OFF_FLAG        4
-#define CI_INITIATOR_FLAG         0
-#define CI_RECIPIENT_FLAG         1
-
-#define CI_BLOCK_LOCK_FLAG        1
-#define CI_SSO_LOGGED_ON          0x40
-#define CI_USER_LOGGED_ON         0x00
-#define CI_FAST_MODE              0x10
-#define CI_SLOW_MODE              0x00
-#define CI_WORST_CASE_MODE        0x40
-#define CI_TYPICAL_CASE_MODE      0x00
-
-/* Card Public Key Algorithms Types */
-#define CI_DSA_TYPE               0xA
-#define CI_KEA_TYPE               0x5
-#define CI_DSA_KEA_TYPE           0xF
-
-/* Fortezza Pin Types */
-#define CI_SSO_PIN                0x25
-#define CI_USER_PIN               0x2A
-
-/* Crypto Types */
-#define CI_ENCRYPT_TYPE           0
-#define CI_DECRYPT_TYPE           1
-#define CI_HASH_TYPE              2
-
-/* Save and Restore Types */
-#define CI_ENCRYPT_INT_TYPE       0x00      /* Internal Encryption */
-#define CI_ENCRYPT_EXT_TYPE       0x10      /* External Encryption */
-#define CI_DECRYPT_INT_TYPE       0x01      /* Internal Decryption */
-#define CI_DECRYPT_EXT_TYPE       0x11      /* External Decryption */
-#define CI_HASH_INT_TYPE          0x02      /* Internal Hash */
-#define CI_HASH_EXT_TYPE          0x12      /* External Hash */
-#define CI_TYPE_EXT_FLAG          0x10      /* Used to differentiate */
-
-/* Configuration types */
-#define CI_SET_SPEED_TYPE         1
-#define CI_SET_TIMING_TYPE        2
-
-/* Lock States */
-#define CI_SOCKET_UNLOCKED        0
-#define CI_HOLD_LOCK              1
-#define CI_SOCKET_LOCKED          2
-
-/* Fortezza Crypto Types Modes */
-#define CI_ECB64_MODE             0
-#define CI_CBC64_MODE             1
-#define CI_OFB64_MODE             2
-#define CI_CFB64_MODE             3
-#define CI_CFB32_MODE             4
-#define CI_CFB16_MODE             5
-#define CI_CFB8_MODE              6
-
-/* Card States */
-#define CI_POWER_UP               0
-#define CI_UNINITIALIZED          1
-#define CI_INITIALIZED            2
-#define CI_SSO_INITIALIZED        3
-#define CI_LAW_INITIALIZED        4
-#define CI_USER_INITIALIZED       5
-#define CI_STANDBY                6
-#define CI_READY                  7
-#define CI_ZEROIZE                8
-#define CI_INTERNAL_FAILURE       (-1)
-
-/* Flags for Firmware Update. */
-#define CI_NOT_LAST_BLOCK_FLAG    0x00000000UL
-#define CI_LAST_BLOCK_FLAG        0x80000000UL
-#define CI_DESTRUCTIVE_FLAG       0x000000FFUL
-#define CI_NONDESTRUCTIVE_FLAG    0x0000FF00UL
-
-
-/****************************************************************************
-  Fortezza Library Return Codes
- ***************************************************************************/
-
-/* Card Responses */
-#define CI_OK                     0
-#define CI_FAIL                   1
-#define CI_CHECKWORD_FAIL         2
-#define CI_INV_TYPE               3
-#define CI_INV_MODE               4
-#define CI_INV_KEY_INDEX          5
-#define CI_INV_CERT_INDEX         6
-#define CI_INV_SIZE               7
-#define CI_INV_HEADER             8
-#define CI_INV_STATE              9
-#define CI_EXEC_FAIL              10
-#define CI_NO_KEY                 11
-#define CI_NO_IV                  12
-#define CI_NO_X                   13
-
-#define CI_NO_SAVE                15
-#define CI_REG_IN_USE             16
-#define CI_INV_COMMAND            17
-#define CI_INV_POINTER            18
-#define CI_BAD_CLOCK              19
-#define CI_NO_DSA_PARMS           20
-
-/* Library Errors */
-#define CI_ERROR                  (-1)
-#define CI_LIB_NOT_INIT           (-2)
-#define CI_CARD_NOT_READY         (-3)
-#define CI_CARD_IN_USE            (-4)
-#define CI_TIME_OUT               (-5)
-#define CI_OUT_OF_MEMORY          (-6)
-#define CI_NULL_PTR               (-7)
-#define CI_BAD_SIZE               (-8)
-#define CI_NO_DECRYPT             (-9)
-#define CI_NO_ENCRYPT             (-10)
-#define CI_NO_EXECUTE             (-11)
-#define CI_BAD_PARAMETER          (-12)
-#define CI_OUT_OF_RESOURCES       (-13)
-
-#define CI_NO_CARD                (-20)
-#define CI_NO_DRIVER              (-21)
-#define CI_NO_CRDSRV              (-22)
-#define CI_NO_SCTSRV              (-23)
-
-#define CI_BAD_CARD               (-30)
-#define CI_BAD_IOCTL              (-31)
-#define CI_BAD_READ               (-32)
-#define CI_BAD_SEEK               (-33)
-#define CI_BAD_WRITE              (-34)
-#define CI_BAD_FLUSH              (-35)
-#define CI_BAD_IOSEEK             (-36)
-#define CI_BAD_ADDR               (-37)
-
-#define CI_INV_SOCKET_INDEX       (-40)
-#define CI_SOCKET_IN_USE          (-41)
-#define CI_NO_SOCKET              (-42)
-#define CI_SOCKET_NOT_OPENED      (-43)
-#define CI_BAD_TUPLES             (-44)
-#define CI_NOT_A_CRYPTO_CARD      (-45)
-
-#define CI_INVALID_FUNCTION       (-50)
-#define CI_LIB_ALRDY_INIT         (-51)
-#define CI_SRVR_ERROR             (-52)
-
-
-/*****************************************************************************
-  Data Structures
- ****************************************************************************/
-
-typedef unsigned char   CI_CERTIFICATE[CI_CERT_SIZE];
-
-typedef unsigned char   CI_CERT_FLAGS[CI_CERT_FLAGS_SIZE];
-
-typedef unsigned char   CI_CERT_STR[CI_CERT_NAME_SIZE+4];
-
-typedef unsigned char   CI_FAR *CI_DATA;
-
-typedef unsigned char   CI_G[CI_G_SIZE];
-
-typedef unsigned char   CI_HASHVALUE[CI_HASHVALUE_SIZE];
-
-typedef unsigned char   CI_IV[CI_IV_SIZE];
-
-typedef unsigned char   CI_KEY[CI_KEY_SIZE];
-
-typedef unsigned char   CI_KS[CI_KS_SIZE];
-
-typedef unsigned char   CI_P[CI_P_SIZE];
-
-typedef unsigned char   CI_PASSWORD[CI_PASSWORD_SIZE + 4];
-
-typedef unsigned char   CI_PIN[CI_PIN_SIZE + 4];
-
-typedef unsigned char   CI_Q[CI_Q_SIZE];
-
-typedef unsigned char   CI_RA[CI_RA_SIZE];
-
-typedef unsigned char   CI_RB[CI_RB_SIZE];
-
-typedef unsigned char   CI_RANDOM[CI_RANDOM_NO_SIZE];
-
-typedef unsigned char   CI_RANDSEED[CI_RANDOM_SEED_SIZE];
-
-typedef unsigned char   CI_REG_FLAGS[CI_REG_FLAGS_SIZE];
-
-typedef unsigned char   CI_SIGNATURE[CI_SIGNATURE_SIZE];
-
-typedef unsigned char   CI_SAVE_DATA[CI_SAVE_DATA_SIZE];
-
-typedef unsigned char   CI_SERIAL_NUMBER[CI_SERIAL_NUMBER_SIZE];
-
-typedef unsigned int    CI_STATE, CI_FAR *CI_STATE_PTR;
-
-typedef unsigned char   CI_TIME[CI_TIME_SIZE];
-
-typedef unsigned char   CI_TIMESTAMP[CI_TIMESTAMP_SIZE];
-
-typedef unsigned char   CI_WRAPPED_X[CI_WRAPPED_X_SIZE];
-
-typedef unsigned char   CI_Y[CI_Y_SIZE];
-
-typedef unsigned char   CI_X[CI_X_SIZE];
-
-typedef struct {
-    int     LibraryVersion;                 /* CI Library version */
-    int     ManufacturerVersion;            /* Card's hardware version */
-    char    ManufacturerName[CI_NAME_SIZE+4]; /* Card manufacturer's name*/
-    char    ProductName[CI_NAME_SIZE+4];    /* Card's product name */
-    char    ProcessorType[CI_NAME_SIZE+4];  /* Card's processor type */
-    unsigned long  UserRAMSize;             /* Amount of User RAM in bytes */
-    unsigned long  LargestBlockSize;        /* Largest block of data to pass in */
-    int     KeyRegisterCount;               /* Number of key registers */
-    int     CertificateCount;               /* Maximum number of personalities (# certs-1) */
-    int     CryptoCardFlag;                 /* A flag that if non-zero indicates that there is
-                                               a Crypto-Card in the socket. If this value is
-                                               zero then there is NOT a Crypto-Card in the
-                                               sockets. */
-    int     ICDVersion;                     /* The ICD compliance level */
-    int     ManufacturerSWVer;              /* The Manufacturer's Software Version */
-    int     DriverVersion;                  /* Driver Version */
-} CI_CONFIG, CI_FAR *CI_CONFIG_PTR;
-
-typedef struct {
-    int          CertificateIndex;          /* Index from 1 to CertificateCount */
-    CI_CERT_STR  CertLabel;                 /* The certificate label */
-} CI_PERSON, CI_FAR *CI_PERSON_PTR;
-
-typedef struct {
-     int    CurrentSocket;                  /* The currently selected socket */
-     int    LockState;                      /* Lock status of the current socket */
-     CI_SERIAL_NUMBER  SerialNumber;        /* Serial number of the Crypto Engine chip */
-     CI_STATE  CurrentState;                /* State of The Card */
-     int    DecryptionMode;                 /* Decryption mode of The Card */
-     int    EncryptionMode;                 /* Encryption mode of The Card */
-     int    CurrentPersonality;             /* Index of the current personality */
-     int    KeyRegisterCount;               /* No. of Key Register on The Card */
-     CI_REG_FLAGS   KeyRegisterFlags;       /* Bit Masks indicating Key Register use */
-     int    CertificateCount;               /* No. of Certificates on The Card */
-     CI_CERT_FLAGS  CertificateFlags;       /* Bit Mask indicating certificate use */
-     unsigned char  Flags[CI_STATUS_FLAGS_SIZE];  
-                                            /* Flag[0] : bit 6 for Condition mode */
-                                            /*           bit 4 for Clock mode */
-} CI_STATUS, CI_FAR *CI_STATUS_PTR;
-
-
-/*****************************************************************************
-  Function Call Prototypes
- ****************************************************************************/
-
-RETURN_TYPE
-CI_ChangePIN PROTO_LIST( (
-    int            PINType,
-    CI_PIN CI_FAR  pOldPIN,
-    CI_PIN CI_FAR  pNewPIN ) );
-
-RETURN_TYPE
-CI_CheckPIN PROTO_LIST( (
-    int            PINType,
-    CI_PIN CI_FAR  pPIN ) );
-
-RETURN_TYPE
-CI_Close PROTO_LIST( (
-    unsigned int  Flags,
-    int           SocketIndex ) );
-
-RETURN_TYPE
-CI_Decrypt PROTO_LIST( (
-    unsigned int  CipherSize,
-    CI_DATA       pCipher,
-    CI_DATA       pPlain ) );
-
-RETURN_TYPE
-CI_DeleteCertificate PROTO_LIST( (
-    int  CertificateIndex ) );
-
-RETURN_TYPE
-CI_DeleteKey PROTO_LIST( (
-    int  RegisterIndex ) );
-
-RETURN_TYPE
-CI_Encrypt PROTO_LIST( (
-    unsigned int  PlainSize,
-    CI_DATA       pPlain,
-    CI_DATA       pCipher ) );
-
-RETURN_TYPE
-CI_ExtractX PROTO_LIST( (
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) );
-
-RETURN_TYPE
-CI_FirmwareUpdate PROTO_LIST( (
-    unsigned long  Flags,
-    long           Cksum,
-    unsigned int   CksumLength,
-    unsigned int   DataSize,
-    CI_DATA        pData ) );
-
-RETURN_TYPE
-CI_GenerateIV PROTO_LIST( (
-    CI_IV CI_FAR  pIV ) );
-
-RETURN_TYPE
-CI_GenerateMEK PROTO_LIST( (
-    int  RegisterIndex,
-    int  Reserved ) );
-
-RETURN_TYPE
-CI_GenerateRa PROTO_LIST( (
-    CI_RA CI_FAR  pRa ) );
-
-RETURN_TYPE
-CI_GenerateRandom PROTO_LIST( (
-    CI_RANDOM CI_FAR  pRandom ) );
-
-RETURN_TYPE
-CI_GenerateTEK PROTO_LIST( (
-    int           Flags,
-    int           RegisterIndex,
-    CI_RA CI_FAR  pRa,
-    CI_RB CI_FAR  pRb,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) );
-
-RETURN_TYPE
-CI_GenerateX PROTO_LIST( (
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) );
-
-RETURN_TYPE
-CI_GetCertificate PROTO_LIST( (
-    int                    CertificateIndex,
-    CI_CERTIFICATE CI_FAR  pCertificate ) );
-
-RETURN_TYPE
-CI_GetConfiguration PROTO_LIST( (
-    CI_CONFIG_PTR  pConfiguration ) );
-
-RETURN_TYPE
-CI_GetHash PROTO_LIST( (
-    unsigned int         DataSize,
-    CI_DATA              pData,
-    CI_HASHVALUE CI_FAR  pHashValue ) );
-
-RETURN_TYPE
-CI_GetPersonalityList PROTO_LIST( (
-    int               EntryCount,
-    CI_PERSON CI_FAR  pPersonalityList[] ) );
-
-RETURN_TYPE
-CI_GetState PROTO_LIST( (
-    CI_STATE_PTR  pState ) );
-
-RETURN_TYPE
-CI_GetStatus PROTO_LIST( (
-    CI_STATUS_PTR  pStatus ) );
-
-RETURN_TYPE
-CI_GetTime PROTO_LIST( (
-    CI_TIME CI_FAR  pTime ) );
-
-RETURN_TYPE
-CI_Hash PROTO_LIST( (
-    unsigned int  DataSize,
-    CI_DATA       pData ) );
-
-RETURN_TYPE
-CI_Initialize PROTO_LIST( (
-    int CI_FAR  *SocketCount ) );
-
-RETURN_TYPE
-CI_InitializeHash PROTO_LIST( (
-    void ) );
-
-RETURN_TYPE
-CI_InstallX PROTO_LIST( (
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pWrappedX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) );
-
-RETURN_TYPE
-CI_LoadCertificate PROTO_LIST( (
-    int                    CertificateIndex,
-    CI_CERT_STR CI_FAR     pCertLabel,
-    CI_CERTIFICATE CI_FAR  pCertificate,
-    long                   Reserved ) );
-
-RETURN_TYPE
-CI_LoadDSAParameters PROTO_LIST( (
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG ) );
-
-RETURN_TYPE
-CI_LoadInitValues PROTO_LIST( (
-    CI_RANDSEED CI_FAR  pRandSeed,
-    CI_KS CI_FAR        pKs ) );
-
-RETURN_TYPE
-CI_LoadIV PROTO_LIST( (
-    CI_IV CI_FAR  pIV ) );
-
-RETURN_TYPE
-CI_LoadX PROTO_LIST( (
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    CI_X CI_FAR   pX,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) );
-
-RETURN_TYPE
-CI_Lock PROTO_LIST( (
-    int  Flags ) );
-
-RETURN_TYPE
-CI_Open PROTO_LIST( (
-    unsigned int  Flags,
-    int           SocketIndex ) );
-
-RETURN_TYPE
-CI_RelayX PROTO_LIST( (
-    CI_PASSWORD CI_FAR   pOldPassword,
-    unsigned int         OldYSize,
-    CI_Y CI_FAR          pOldY,
-    CI_RA CI_FAR         pOldRa,
-    CI_WRAPPED_X CI_FAR  pOldWrappedX,
-    CI_PASSWORD CI_FAR   pNewPassword,
-    unsigned int         NewYSize,
-    CI_Y CI_FAR          pNewY,
-    CI_RA CI_FAR         pNewRa,
-    CI_WRAPPED_X CI_FAR  pNewWrappedX ) );
-
-RETURN_TYPE
-CI_Reset PROTO_LIST( (
-    void ) );
-
-RETURN_TYPE
-CI_Restore PROTO_LIST( (
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) );
-
-RETURN_TYPE
-CI_Save PROTO_LIST( (
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) );
-
-RETURN_TYPE
-CI_Select PROTO_LIST( (
-    int  SocketIndex ) );
-
-RETURN_TYPE
-CI_SetConfiguration PROTO_LIST( (
-    int           Type,
-    unsigned int  DataSize,
-    CI_DATA       pData ) );
-
-RETURN_TYPE
-CI_SetKey PROTO_LIST( (
-    int  RegisterIndex ) );
-
-RETURN_TYPE
-CI_SetMode PROTO_LIST( (
-    int  CryptoType,
-    int  CryptoMode ) );
-
-RETURN_TYPE
-CI_SetPersonality PROTO_LIST( (
-    int  CertificateIndex ) );
-
-RETURN_TYPE
-CI_SetTime PROTO_LIST( (
-    CI_TIME CI_FAR  pTime ) );
-
-RETURN_TYPE
-CI_Sign PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature ) );
-
-RETURN_TYPE
-CI_Terminate PROTO_LIST( (
-    void ) );
-
-RETURN_TYPE
-CI_TimeStamp PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) );
-
-RETURN_TYPE
-CI_Unlock PROTO_LIST( (
-    void ) );
-
-RETURN_TYPE
-CI_UnwrapKey PROTO_LIST( (
-    int            UnwrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) );
-
-RETURN_TYPE
-CI_VerifySignature PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_SIGNATURE CI_FAR  pSignature ) );
-
-RETURN_TYPE
-CI_VerifyTimeStamp PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) );
-
-RETURN_TYPE
-CI_WrapKey PROTO_LIST( (
-    int            WrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) );
-
-RETURN_TYPE
-CI_Zeroize PROTO_LIST( (
-    void ) );
-
-#if __cplusplus__ || __cplusplus
-}
-#endif /* C++ */
-
-#endif /* CRYPTINT_H */
diff --git a/security/nss/lib/fortcrypt/fmutex.c b/security/nss/lib/fortcrypt/fmutex.c
deleted file mode 100644
index ad98c04b6..000000000
--- a/security/nss/lib/fortcrypt/fmutex.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "fmutex.h"
-#include "fpkmem.h"
-#include <stdio.h>
-
-typedef struct PKMutexFunctions {
-  CK_CREATEMUTEX  CreateMutex;
-  CK_DESTROYMUTEX DestroyMutex;
-  CK_LOCKMUTEX    LockMutex;
-  CK_UNLOCKMUTEX  UnlockMutex;
-  int  useMutex;
-} PKMutexFunctions;
-
-static PKMutexFunctions   gMutex = {NULL, NULL, NULL, NULL, 0};
-static int gInit = 0;
-
-#define FMUTEX_CHECKS()                            \
-    if (gInit == 0) {                              \
-        return CKR_GENERAL_ERROR;                  \
-    }                                              \
-    if (!gMutex.useMutex) {                        \
-        return CKR_GENERAL_ERROR;                  \
-    }			 
-
-CK_RV FMUTEX_Init(CK_C_INITIALIZE_ARGS_PTR pArgs) {
-    if (gInit != 0) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    if (pArgs && pArgs->CreateMutex && pArgs->DestroyMutex &&
-	pArgs->LockMutex   && pArgs->UnlockMutex) {
-
-        gMutex.CreateMutex    = pArgs->CreateMutex;
-	gMutex.DestroyMutex   = pArgs->DestroyMutex;
-	gMutex.LockMutex      = pArgs->LockMutex;
-	gMutex.UnlockMutex    = pArgs->UnlockMutex;
-	gMutex.useMutex       = 1;
-	gInit                 = 1;
-    } else {
-        gInit = 0;
-	return CKR_GENERAL_ERROR;
-    }
-    
-    return CKR_OK;
-}
-
-
-CK_RV FMUTEX_Create(CK_VOID_PTR_PTR pMutex) {
-    CK_RV rv;
-    FMUTEX_CHECKS()
-
-    rv = gMutex.CreateMutex(pMutex);
-    return rv;
-}
-
-CK_RV FMUTEX_Destroy(CK_VOID_PTR pMutex) {
-    CK_RV rv;
-    FMUTEX_CHECKS()
-
-    rv = gMutex.DestroyMutex(pMutex);
-    return rv;
-}
-
-CK_RV FMUTEX_Lock(CK_VOID_PTR pMutex) {
-    CK_RV rv;
-    FMUTEX_CHECKS()
-
-    rv = gMutex.LockMutex(pMutex);
-    return rv;
-}
-
-CK_RV FMUTEX_Unlock(CK_VOID_PTR pMutex) {
-    CK_RV rv;
-    FMUTEX_CHECKS()
-
-    rv = gMutex.UnlockMutex(pMutex);
-    return rv;
-}
-
-int FMUTEX_MutexEnabled (void) {
-    return gMutex.useMutex;
-}
diff --git a/security/nss/lib/fortcrypt/fmutex.h b/security/nss/lib/fortcrypt/fmutex.h
deleted file mode 100644
index 589eea786..000000000
--- a/security/nss/lib/fortcrypt/fmutex.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _FMUTEX_H_
-#define _FMUTEX_H_ 1
-
-#include "fpkcs11t.h"
-
-/*
- * All of these functions will return CK_RV  values.
- */
-extern CK_RV FMUTEX_Init(CK_C_INITIALIZE_ARGS_PTR pArgs);
-
-
-extern CK_RV FMUTEX_Create(CK_VOID_PTR_PTR pMutex);
-
-extern CK_RV FMUTEX_Destroy(CK_VOID_PTR pMutex);
-
-extern CK_RV FMUTEX_Lock(CK_VOID_PTR pMutex);
-
-extern CK_RV FMUTEX_Unlock(CK_VOID_PTR pMutex);
-
-/* Returns 0 if mutexes have not been enabled.
- * Returns 1 if mutexes have been enabled.
- */
-extern int FMUTEX_MutexEnabled(void);
-
-#endif /*_FMUTEX_H_*/
diff --git a/security/nss/lib/fortcrypt/forsock.c b/security/nss/lib/fortcrypt/forsock.c
deleted file mode 100644
index eb4d5ef87..000000000
--- a/security/nss/lib/fortcrypt/forsock.c
+++ /dev/null
@@ -1,816 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "fortsock.h"
-#include "fpkmem.h"
-#include "fmutex.h"
-#include <string.h>
-#include <stdlib.h>
-
-#define DEF_ENCRYPT_SIZE 0x8000
-
-static unsigned char Fortezza_mail_Rb[128] = { 
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,1,
-};
-
-int InitSocket (FortezzaSocket *inSocket, int inSlotID) {
-    int        ci_rv;
-    CK_RV      mrv;
-
-    if (inSocket == NULL)
-        return SOCKET_FAILURE;
-
-    inSocket->isLoggedIn          = PR_FALSE;
-    inSocket->personalitiesLoaded = PR_FALSE;
-    inSocket->isOpen              = PR_FALSE;
-    inSocket->personalityList     = NULL;
-    inSocket->keyRegisters        = NULL;
-    inSocket->keys                = NULL;
-    inSocket->numPersonalities    = 0;
-    inSocket->numKeyRegisters     = 0;
-    inSocket->hitCount            = 0;
-
-    inSocket->slotID = inSlotID;
-    ci_rv = MACI_GetSessionID(&(inSocket->maciSession));
-    if (ci_rv != CI_OK)
-      return SOCKET_FAILURE;
-
-    ci_rv = MACI_Open (inSocket->maciSession, 0, inSlotID);
-    if (ci_rv == CI_OK) { 
-        inSocket->isOpen = PR_TRUE;
-    }  else {
-        MACI_Close (inSocket->maciSession, CI_NULL_FLAG, inSlotID);
-    }
-
-    if (FMUTEX_MutexEnabled()) {
-        mrv = FMUTEX_Create(&inSocket->registersLock);
-	if (mrv != CKR_OK) {
-	    inSocket->registersLock = NULL;
-	}
-    } else {
-        inSocket->registersLock = NULL;
-    }
-
-    return SOCKET_SUCCESS;
-}
-
-int FreeSocket (FortezzaSocket *inSocket) {
-    if (inSocket->registersLock) {
-        FMUTEX_Destroy(inSocket->registersLock);
-    }
-    MACI_Close(inSocket->maciSession, CI_NULL_FLAG, inSocket->slotID);
-    return SOCKET_SUCCESS;
-}
-
-int LoginToSocket (FortezzaSocket *inSocket, int inUserType, CI_PIN inPin) {
-    int ci_rv, i;
-    CI_STATUS ciStatus;
-    CI_CONFIG ciConfig;
-    FortezzaKey **oldRegisters, **newRegisters;
-    int oldCount;
-    HSESSION hs;
-
-    if (inSocket == NULL || inSocket->isLoggedIn)
-        return SOCKET_FAILURE;
-
-    hs = inSocket->maciSession;
-    ci_rv = MACI_Select (hs, inSocket->slotID);
-    if (ci_rv != CI_OK)
-        return ci_rv;
-    
-    ci_rv = MACI_CheckPIN(hs, inUserType, inPin);
-
-    if (ci_rv != CI_OK) {
-        return ci_rv;
-    }
-
-    ci_rv = MACI_GetStatus(hs, &ciStatus);
-
-    if (ci_rv != CI_OK) {
-        if (ci_rv == CI_FAIL) {
-	    ci_rv = CI_EXEC_FAIL;
-	}
-	return ci_rv;
-    }
-
-    ci_rv = MACI_GetConfiguration(hs, &ciConfig);
-    if (ci_rv != CI_OK) {
-      return ci_rv;
-    }
-
-    inSocket->isLoggedIn  = PR_TRUE;
-    inSocket->hasLoggedIn = PR_TRUE;
-    PORT_Memcpy (inSocket->openCardSerial, ciStatus.SerialNumber, 
-		 sizeof (CI_SERIAL_NUMBER));
-    inSocket->openCardState = ciStatus.CurrentState;
-    inSocket->numPersonalities = ciStatus.CertificateCount;
-    inSocket->numKeyRegisters  = ciConfig.KeyRegisterCount;
-    newRegisters     = 
-     (FortezzaKey**)PORT_Alloc (sizeof(FortezzaKey)*ciConfig.KeyRegisterCount);
-
-    FMUTEX_Lock(inSocket->registersLock);
-    oldRegisters = inSocket->keyRegisters;
-    oldCount = inSocket->numKeyRegisters;
-    inSocket->keyRegisters = newRegisters;
-    if (oldRegisters) {
-	for (i=0; i<oldCount; i++) {
-	    if (oldRegisters[i]) {
-		oldRegisters[i]->keyRegister = KeyNotLoaded;
-	    }
-            oldRegisters[i] = NULL;
-	}
-	PORT_Free(oldRegisters);
-    }
-
-    if (inSocket->keyRegisters == NULL) {
-        FMUTEX_Unlock(inSocket->registersLock);
-        return SOCKET_FAILURE;
-    }
-
-    for (i=0; i<ciConfig.KeyRegisterCount; i++) {
-        inSocket->keyRegisters[i] = NULL;
-    }
-    FMUTEX_Unlock(inSocket->registersLock);
-
-    return SOCKET_SUCCESS;
-}
-
-int LogoutFromSocket (FortezzaSocket *inSocket) {
-    if (inSocket == NULL)
-        return SOCKET_FAILURE;
-
-    inSocket->isLoggedIn  = PR_FALSE;
-    inSocket->hasLoggedIn = PR_FALSE;
-    if (UnloadPersonalityList(inSocket) != SOCKET_SUCCESS)
-        return SOCKET_FAILURE;
-    
-
-    return SOCKET_SUCCESS;
-}
-
-
-int FetchPersonalityList(FortezzaSocket *inSocket) {
-    int rv;
-
-    if (inSocket == NULL || inSocket->numPersonalities == 0) {
-        return SOCKET_FAILURE;
-    }
-
-    rv = MACI_Select (inSocket->maciSession, inSocket->slotID);
-
-    inSocket->personalityList = 
-        (CI_PERSON*)PORT_Alloc (sizeof(CI_PERSON)*inSocket->numPersonalities);
-
-    if (inSocket->personalityList == NULL) {
-        return SOCKET_FAILURE;
-    }
-
-    rv = MACI_GetPersonalityList(inSocket->maciSession, 
-				 inSocket->numPersonalities, 
-				 inSocket->personalityList);
-
-    if (rv != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-
-    inSocket->personalitiesLoaded = PR_TRUE;
-    return SOCKET_SUCCESS;
-}
-
-int UnloadPersonalityList(FortezzaSocket *inSocket) {
-    if (inSocket == NULL)
-        return SOCKET_FAILURE;
-
-    inSocket->personalitiesLoaded = PR_FALSE;
-    if (inSocket->personalityList) {
-        PORT_Free(inSocket->personalityList);
-    }
-    inSocket->numPersonalities = 0;
-    inSocket->personalityList = NULL;
-
-    return SOCKET_SUCCESS;
-}
-
-PRBool SocketIsLoggedIn(CI_STATE status) {
-	
-    return (PRBool)((status == CI_READY) || (status == CI_STANDBY));
-}
-
-PRBool SocketStateUnchanged(FortezzaSocket* inSocket) {
-    CI_STATUS ciStatus;
-    int       ciRV;
-
-    ciRV = MACI_Select (inSocket->maciSession, inSocket->slotID);
-    if (ciRV != CI_OK)
-        return PR_FALSE;
-
-    if (inSocket->hasLoggedIn && !inSocket->isLoggedIn) 
-        return PR_FALSE;  /* User Logged out from the socket */
-
-    /*
-     * Some vendor cards are slow. so if we think we are logged in, 
-     * and the card still thinks we're logged in, we must have the same
-     * card.
-     */
-    if (inSocket->isLoggedIn) {
-	CI_STATE state;
-	ciRV = MACI_GetState(inSocket->maciSession, &state);
-	if (ciRV != CI_OK) return PR_FALSE;
-
-	return SocketIsLoggedIn(state);
-    }
-	
-    ciRV = MACI_GetStatus(inSocket->maciSession, &ciStatus);
-    if(ciRV != CI_OK) {
-        return PR_FALSE;
-    }
-    if (inSocket->isLoggedIn) {
- 	if (PORT_Memcmp(ciStatus.SerialNumber, inSocket->openCardSerial, 
-			sizeof (CI_SERIAL_NUMBER)) != 0)
-	  return PR_FALSE;  /* Serial Number of card in slot has changed */
-	                    /* Probably means there is a new card        */
-    }
-    
-    if (inSocket->isLoggedIn  && !SocketIsLoggedIn(ciStatus.CurrentState))
-        return PR_FALSE;  /* State of card changed.         */
-                         /* Probably re-inserted same card */ 
-
-    return PR_TRUE;  /* No change in the state of the socket */
-}
-
-/*
- * can we regenerate this key on the fly?
- */
-static PRBool
-FortezzaIsRegenerating(FortezzaKey *key) {
-    /* TEK's are the only type of key that can't be regenerated */
-    if (key->keyType != TEK) return PR_TRUE;
-    /* Client TEK's can never be regenerated */
-    if (key->keyData.tek.flags == CI_INITIATOR_FLAG) return PR_FALSE; 
-    /* Only Server TEK's that use the Mail protocol can be regenerated */
-    return ((PRBool)(memcmp(key->keyData.tek.Rb,Fortezza_mail_Rb,
-			sizeof(key->keyData.tek.Rb)) == 0));
-}
-
-int GetBestKeyRegister(FortezzaSocket *inSocket) {
-    int i, candidate = -1, candidate2 = 1;
-    CK_ULONG minHitCount = 0xffffffff;
-    CK_ULONG minRegHitCount = 0xffffffff;  
-    FortezzaKey **registers;
-
-    registers = inSocket->keyRegisters;
-    for (i=1; i< inSocket->numKeyRegisters; i++) {
-        if (registers[i] == NULL)
-	    return i;
-    }
-
-    for (i=1; i < inSocket->numKeyRegisters; i++) {
-        if (registers[i]->hitCount < minHitCount) {
-	    minHitCount = registers[i]->hitCount;
-	    candidate2 = i;
-	}
-
-	if (FortezzaIsRegenerating(registers[i]) &&
-	    (registers[i]->hitCount < minRegHitCount)) {
-	    minRegHitCount = registers[i]->hitCount;
-	    candidate = i;
-	}
-    }
-
-    if (candidate == -1)
-        candidate = candidate2;
-
-    return candidate;
-}
-
-int  SetFortezzaKeyHandle (FortezzaKey *inKey, CK_OBJECT_HANDLE inHandle) {
-    inKey->keyHandle = inHandle;
-    return SOCKET_SUCCESS;
-}
-
-void
-RemoveKey (FortezzaKey *inKey) {
-    if (inKey != NULL && inKey->keySocket->keyRegisters != NULL) {
-	if (inKey->keyRegister != KeyNotLoaded) {
-	    FortezzaKey **registers = inKey->keySocket->keyRegisters;
-	    registers[inKey->keyRegister] = NULL;
-	    MACI_DeleteKey(inKey->keySocket->maciSession, inKey->keyRegister);
-	}
-	
-	PORT_Free(inKey);
-    }
-}
-
-FortezzaKey *NewFortezzaKey(FortezzaSocket  *inSocket, 
-			    FortezzaKeyType  inKeyType,
-			    CreateTEKInfo   *TEKinfo,
-			    int              inKeyRegister) {
-    FortezzaKey  *newKey, *oldKey;
-    FortezzaKey **registers;
-    HSESSION      hs = inSocket->maciSession;
-    int ciRV;
-
-    newKey = (FortezzaKey*)PORT_Alloc (sizeof(FortezzaKey));
-    if (newKey == NULL) {
-        return NULL;
-    }
-
-    newKey->keyHandle    = 0;
-    newKey->keyRegister  = KeyNotLoaded;
-    newKey->keyType      = inKeyType;
-    newKey->keySocket    = inSocket;
-    newKey->hitCount     = 0;
-    newKey->id           = TEKinfo ? TEKinfo->personality : 0;
-
-    if (inKeyType != Ks && inSocket->keyRegisters) {
-	registers = inSocket->keyRegisters;
-	oldKey    = registers[inKeyRegister];
-	if (oldKey != NULL) {
-	    oldKey->keyRegister = KeyNotLoaded;
-	}
-
-	registers[inKeyRegister] = newKey;
-	newKey->hitCount = inSocket->hitCount++;
-
-	MACI_DeleteKey (hs, inKeyRegister);
-    }
-    newKey->keyRegister = inKeyRegister;
-
-    MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
-    switch (inKeyType) {
-    case MEK:
-        ciRV = MACI_GenerateMEK (hs, inKeyRegister, 0);
-	if (ciRV != CI_OK) {
-	    RemoveKey(newKey);
-	    MACI_Unlock(hs);
-	    return NULL;
-        }
-	MACI_WrapKey(hs, 0, inKeyRegister, newKey->keyData.mek);
-	break;
-    case TEK:
-        PORT_Memcpy (newKey->keyData.tek.Rb, TEKinfo->Rb, TEKinfo->randomLen);
-	PORT_Memcpy (newKey->keyData.tek.Ra, TEKinfo->Ra, TEKinfo->randomLen);
-	PORT_Memcpy (newKey->keyData.tek.pY, TEKinfo->pY, TEKinfo->YSize);
-	newKey->keyData.tek.ySize = TEKinfo->YSize;
-	newKey->keyData.tek.randomLen = TEKinfo->randomLen;
-	newKey->keyData.tek.registerIndex = TEKinfo->personality;
-	newKey->keyData.tek.flags = TEKinfo->flag;
-
-	ciRV = MACI_SetPersonality(hs,TEKinfo->personality);
-	if (ciRV != CI_OK) {
-	    RemoveKey(newKey);
-	    MACI_Unlock(hs);
-	    return NULL;
-	}
-	ciRV = MACI_GenerateTEK(hs, TEKinfo->flag, inKeyRegister,
-			 newKey->keyData.tek.Ra, TEKinfo->Rb, 
-			 TEKinfo->YSize, TEKinfo->pY);
-	if (ciRV != CI_OK) {
-	    RemoveKey(newKey);
-	    MACI_Unlock(hs);
-	    return NULL;
-	}
-
-	
-        break;
-    case Ks:
-	break;
-    default:
-        RemoveKey(newKey);
-	MACI_Unlock(hs);
-	return NULL;
-    }
-    MACI_Unlock(hs);
-    return newKey;
-}
-
-FortezzaKey *NewUnwrappedKey(int inKeyRegister, int id,
-			     FortezzaSocket *inSocket) {
-    FortezzaKey *newKey;
-
-    newKey = (FortezzaKey*)PORT_Alloc (sizeof(FortezzaKey));
-    if (newKey == NULL) {
-        return NULL;
-    }
- 
-    newKey->keyRegister = inKeyRegister;
-    newKey->keyType     = UNWRAP;
-    newKey->keySocket   = inSocket;
-    newKey->id          = id;
-    newKey->hitCount    = inSocket->hitCount++; 
-    MACI_WrapKey(inSocket->maciSession,0 , inKeyRegister, newKey->keyData.mek);
-    inSocket->keyRegisters[inKeyRegister] = newKey;
-
-    return newKey;
-}
-
-int LoadKeyIntoRegister (FortezzaKey *inKey) {
-    int              registerIndex = GetBestKeyRegister(inKey->keySocket);
-    FortezzaSocket  *socket        = inKey->keySocket;
-    FortezzaKey    **registers     = socket->keyRegisters;
-    HSESSION         hs            = socket->maciSession;
-    FortezzaTEK     *tek           = &inKey->keyData.tek;
-    FortezzaKey     *oldKey;
-    int              rv = CI_FAIL;
-
-    if (inKey->keyRegister != KeyNotLoaded) {
-        return inKey->keyRegister;
-    }
-
-    oldKey = registers[registerIndex];
-
-    MACI_Select(hs, socket->slotID);
-    if (oldKey) {
-        oldKey->keyRegister = KeyNotLoaded;
-    }
-    MACI_DeleteKey (hs, registerIndex);
-
-    switch (inKey->keyType) {
-    case TEK:
-        if (!FortezzaIsRegenerating(inKey)) {
-	  return KeyNotLoaded;
-	}
-        if (MACI_SetPersonality(hs, tek->registerIndex) == CI_OK) {
-	    rv = MACI_GenerateTEK (hs, tek->flags, registerIndex, 
-				   tek->Ra, tek->Rb, tek->ySize, 
-				   tek->pY);   
-	} 
-	if (rv != CI_OK)
-	    return KeyNotLoaded;
-	break;
-    case MEK:
-    case UNWRAP:
-        rv = MACI_UnwrapKey (hs, 0, registerIndex, inKey->keyData.mek);
-	if (rv != CI_OK) 
-	    return KeyNotLoaded;
-	break;
-    default:
-        return KeyNotLoaded;
-    }
-    inKey->keyRegister = registerIndex;
-    registers[registerIndex] = inKey;
- 
-    return registerIndex;
-}
-
-int InitCryptoOperation (FortezzaContext *inContext, 
-			 CryptoType inCryptoOperation) {
-    inContext->cryptoOperation = inCryptoOperation;
-    return SOCKET_SUCCESS;
-}
-
-int EndCryptoOperation (FortezzaContext *inContext, 
-			CryptoType inCryptoOperation) {
-    if (inCryptoOperation != inContext->cryptoOperation) {
-      return SOCKET_FAILURE;
-    }
-    inContext->cryptoOperation = None;
-    return SOCKET_SUCCESS;
-}
-
-CryptoType GetCryptoOperation (FortezzaContext *inContext) {
-    return inContext->cryptoOperation;
-}
-
-void InitContext(FortezzaContext *inContext, FortezzaSocket *inSocket,
-		 CK_OBJECT_HANDLE hKey) {
-    inContext->fortezzaKey     = NULL;
-    inContext->fortezzaSocket  = inSocket;
-    inContext->session         = NULL;
-    inContext->mechanism       = NO_MECHANISM;
-    inContext->userRamSize     = 0;
-    inContext->cryptoOperation = None;
-    inContext->hKey            = hKey;
-}
-
-extern PRBool fort11_FortezzaIsUserCert(unsigned char *label);
-
-static int
-GetValidPersonality (FortezzaSocket *inSocket) {
-    int index = -1; /* return an invalid personalidyt if one isn't found */
-    int i;
-    PRBool unLoadList = PR_FALSE;
-    int numPersonalities = 0;
-
-    if (!inSocket->personalitiesLoaded) {
-        numPersonalities = inSocket->numPersonalities;
-        FetchPersonalityList (inSocket);
-	unLoadList = PR_TRUE;
-    }
-
-    for (i=0; i<inSocket->numPersonalities; i++) {
-        if (fort11_FortezzaIsUserCert(inSocket->personalityList[i].CertLabel)) {
-	    index = inSocket->personalityList[i].CertificateIndex;
-	    break;
-	}
-    }
-
-    if (unLoadList) {
-        UnloadPersonalityList(inSocket);
-	/* UnloadPersonality sets numPersonalities to zero,
-	 * so we set it back to what it was when this function
-	 * was called.
-	 */
-	inSocket->numPersonalities = numPersonalities;
-    }
-    return index;
-}
-
-int RestoreState (FortezzaContext *inContext, CryptoType inType) {
-    FortezzaKey    *key    = inContext->fortezzaKey;
-    FortezzaSocket *socket = inContext->fortezzaSocket;
-    HSESSION        hs     = socket->maciSession; 
-    CI_IV           bogus_iv;
-    int             rv, cryptoType = -1;
-    int             personality = inContext->fortezzaKey->id;
-
-    if (key == NULL)
-        return SOCKET_FAILURE;
-
-    if (personality == 0) {
-        personality = GetValidPersonality (socket);
-    }
-    rv = MACI_SetPersonality(hs, personality);
-    if (rv != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-    /*
-     * The cards need to have some state bits set because
-     * save and restore don't necessarily save all the state.
-     * Instead of fixing the cards, they decided to change the
-     * protocol :(.
-     */
-    switch (inType) {
-    case Encrypt:
-        rv = MACI_SetKey(hs, key->keyRegister);
-	if (rv != CI_OK)
-	    break;
-	rv = MACI_GenerateIV (hs, bogus_iv);
-	cryptoType = CI_ENCRYPT_EXT_TYPE;
-	break;
-    case Decrypt:
-	rv = MACI_SetKey(hs, key->keyRegister);
-        rv = MACI_LoadIV (hs, inContext->cardIV);
-	cryptoType = CI_DECRYPT_EXT_TYPE;
-	break;
-    default:
-      rv = CI_INV_POINTER;
-      break;
-    }
-
-    if (rv != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-    /*PORT_Assert(cryptoType != -1); */
-
-    rv = MACI_Restore(hs, cryptoType, inContext->cardState);
-    if (rv != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-
-    return SOCKET_SUCCESS;
-}
-
-int SaveState (FortezzaContext *inContext, CI_IV inIV, 
-	       PK11Session *inSession, FortezzaKey *inKey,
-	       int inCryptoType, CK_MECHANISM_TYPE inMechanism){
-    int             ciRV;
-    FortezzaSocket *socket = inContext->fortezzaSocket;
-    HSESSION        hs     = socket->maciSession;
-    CI_CONFIG       ciConfig;
-
-    ciRV = MACI_Select (hs, socket->slotID);
-    if (ciRV != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-    inContext->session     = inSession;
-    inContext->fortezzaKey = inKey;
-    inContext->mechanism   = inMechanism;
-    PORT_Memcpy (inContext->cardIV, inIV, sizeof (CI_IV));
-    ciRV = MACI_Save(hs, inCryptoType, inContext->cardState);
-    if (ciRV != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-    ciRV = MACI_GetConfiguration (hs, &ciConfig);
-    if (ciRV == CI_OK) {
-      inContext->userRamSize = ciConfig.LargestBlockSize;
-    }
-
-    if (inContext->userRamSize == 0) inContext->userRamSize = 0x4000;
-    
-    return SOCKET_SUCCESS;
-}
-
-int SocketSaveState (FortezzaContext *inContext, int inCryptoType) {
-    int ciRV;
-
-    ciRV = MACI_Save (inContext->fortezzaSocket->maciSession, inCryptoType, 
-		      inContext->cardState);
-    if (ciRV != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-    return SOCKET_SUCCESS;
-}
-
-int DecryptData (FortezzaContext *inContext, 
-		 CK_BYTE_PTR inData,
-		 CK_ULONG inDataLen, 
-		 CK_BYTE_PTR inDest, 
-		 CK_ULONG inDestLen) {
-    FortezzaSocket *socket = inContext->fortezzaSocket;
-    FortezzaKey    *key    = inContext->fortezzaKey;
-    HSESSION        hs     = socket->maciSession;
-    CK_ULONG        defaultEncryptSize;
-    CK_ULONG        left = inDataLen;
-    CK_BYTE_PTR    loopin, loopout;
-    int             rv = CI_OK;    
-    
-    MACI_Select (hs, socket->slotID);
-
-    defaultEncryptSize = (inContext->userRamSize > DEF_ENCRYPT_SIZE) 
-                          ? DEF_ENCRYPT_SIZE : inContext->userRamSize;
-
-    if (key->keyRegister == KeyNotLoaded) {
-        rv = LoadKeyIntoRegister(key);
-	if (rv == KeyNotLoaded) {
-	    return SOCKET_FAILURE;
-	}
-    }
-
-    key->hitCount = socket->hitCount++;
-    loopin  = inData; 
-    loopout = inDest;
-    left    = inDataLen;
-    rv = CI_OK;
-
-    MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
-    RestoreState (inContext, Decrypt);
-
-    while ((left > 0) && (rv  == CI_OK)) {
-        CK_ULONG current = (left > defaultEncryptSize) 
-	                         ? defaultEncryptSize : left;
-	rv = MACI_Decrypt(hs, current, loopin, loopout);
-	loopin  += current;
-	loopout += current;
-	left    -= current;
-    }
-
-    MACI_Unlock(hs);
-
-    if (rv != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-
-
-    rv = SocketSaveState (inContext, CI_DECRYPT_EXT_TYPE);
-    if (rv != SOCKET_SUCCESS) {
-      return rv;
-    }
-
-
-    return SOCKET_SUCCESS;
-}
-
-int EncryptData (FortezzaContext *inContext, 
-		 CK_BYTE_PTR inData,
-		 CK_ULONG inDataLen, 
-		 CK_BYTE_PTR inDest, 
-		 CK_ULONG inDestLen) {
-    FortezzaSocket *socket = inContext->fortezzaSocket;
-    FortezzaKey    *key    = inContext->fortezzaKey;
-    HSESSION        hs     = socket->maciSession;
-    CK_ULONG        defaultEncryptSize;
-    CK_ULONG        left = inDataLen;
-    CK_BYTE_PTR    loopin, loopout;
-    int             rv = CI_OK;
-    
-    MACI_Select (hs, socket->slotID);
-
-    defaultEncryptSize = (inContext->userRamSize > DEF_ENCRYPT_SIZE) 
-                          ? DEF_ENCRYPT_SIZE : inContext->userRamSize;
-    if (key->keyRegister == KeyNotLoaded) {
-        rv = LoadKeyIntoRegister(key);
-	if (rv == KeyNotLoaded) {
-	    return rv;
-	}
-    }
-
-    key->hitCount = socket->hitCount++;
-    loopin  = inData;
-    loopout = inDest;
-
-    RestoreState (inContext,Encrypt);
-
-    rv = CI_OK;
-    while ((left > 0) && (rv == CI_OK)) {
-      CK_ULONG current = (left > defaultEncryptSize) ? defaultEncryptSize : 
-	                                               left;
-      rv = MACI_Encrypt(hs, current, loopin, loopout);
-      loopin  += current;
-      loopout += current; 
-      left    -= current;
-    }
-
-    if (rv != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-
-    rv = SocketSaveState (inContext, CI_ENCRYPT_EXT_TYPE);
-    if (rv != SOCKET_SUCCESS) {
-      return rv;
-    }
-
-    return SOCKET_SUCCESS;
-}
-
-int WrapKey (FortezzaKey *wrappingKey, FortezzaKey *srcKey,
-	     CK_BYTE_PTR pDest, CK_ULONG ulDestLen) {
-    int ciRV;
-    HSESSION hs = wrappingKey->keySocket->maciSession;
-
-    if (wrappingKey->keyRegister == KeyNotLoaded) {
-      if (LoadKeyIntoRegister(wrappingKey) == KeyNotLoaded) {
-	  return SOCKET_FAILURE;
-      }
-    }
-
-    if (srcKey->id == 0) srcKey->id = wrappingKey->id;
-
-    ciRV = MACI_WrapKey (hs, wrappingKey->keyRegister, 
-			 srcKey->keyRegister, pDest);
-    if (ciRV != CI_OK) {
-        return SOCKET_FAILURE;
-    }
-
-    return SOCKET_SUCCESS;
-}
-
-int UnwrapKey (CK_BYTE_PTR inWrappedKey, FortezzaKey *inUnwrapKey) {
-    int newIndex;
-    int ciRV;
-    FortezzaSocket *socket = inUnwrapKey->keySocket;
-    HSESSION        hs     = socket->maciSession;
-    FortezzaKey    *oldKey;
-
-    if (inUnwrapKey->keyRegister == KeyNotLoaded) {
-        if (LoadKeyIntoRegister(inUnwrapKey) == KeyNotLoaded) {
-	    return KeyNotLoaded;
-	}
-    }
-
-    ciRV = MACI_Select(hs, socket->slotID);
-    if (ciRV != CI_OK) {
-        return KeyNotLoaded;
-    }
-
-    newIndex = GetBestKeyRegister(inUnwrapKey->keySocket);
-    oldKey = socket->keyRegisters[newIndex];
-
-    MACI_Select(hs, socket->slotID);
-    if (oldKey) {
-        oldKey->keyRegister = KeyNotLoaded;
-        socket->keyRegisters[newIndex] = NULL;
-    }
-    MACI_DeleteKey (hs, newIndex);
-    ciRV = MACI_UnwrapKey(hs,inUnwrapKey->keyRegister, newIndex, inWrappedKey);
-    if (ciRV != CI_OK) {
-        inUnwrapKey->keyRegister = KeyNotLoaded;
-	socket->keyRegisters[newIndex] = NULL;
-        return KeyNotLoaded;
-    }
-    
-    return newIndex;
-}
-
diff --git a/security/nss/lib/fortcrypt/fortinst.htm b/security/nss/lib/fortcrypt/fortinst.htm
deleted file mode 100644
index 649012c82..000000000
--- a/security/nss/lib/fortcrypt/fortinst.htm
+++ /dev/null
@@ -1,161 +0,0 @@
-<HTML>
-<TITLE>Generic PKCS #11 Installer</TITLE>
-<--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
--->
-
-<SCRIPT>
-// Crypto Mechanism Flags 
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-pkcs11MechanismFlags = 0;
-  
-
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3 // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2 // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1 // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1 // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2 // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4 // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5 // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6 // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7 // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8 // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9 // The SSL, S/MIME cipher flags are invalid 
-
-var new_window;
-var has_new_window = 0;
-
-function HandleCipher(checkBox) {
-	if (checkBox.checked) {
-		pkcs11MechanismFlags |= checkBox.value;
-	} else {
-		pkcs11MechanismFlags &= ~checkBox.value;
-	}
-}
-
-function HandleSSL(checkBox) {
-	if (checkBox.checked) {
-		pkcs11CipherFlags |= checkBox.value;
-	} else {
-		pkcs11CipherFlags &= ~checkBox.value;
-	}
-}
-
-function colonize(string) {
-	len = string.length;
-	end = len -1;
-
-	if (len == 0) return string;
-
-
-	for (i=0; i < len; i++) {
-	   if (string.charAt(i) == "/") {
-		if (i == 0) {
-		    new_string = ":" + string.substring(1,len);
-		} else if (i == end) {
-		    new_string = string.substring(0,i)+':';
-		} else {
-		    new_string = string.substring(0,i)+':'+
-						string.substring(i+1,len);
-		}
-		string = new_string;
-	   }
-	}
-
-	if (string.charAt(0) == ":") string = string.substring(1,len);
-	return string;
-}
-
-function DoInstall(name,module) {
-	if ((navigator.platform == "MacPPC") 
-			|| (navigator.platform == "Mac68K")) {
-	    module = colonize(module);
-	}
-	result = pkcs11.addmodule(name, module, 
-			pkcs11MechanismFlags, pkcs11CipherFlags); 
-	if ( result < 0) { 
-	  window.alert("New module setup failed.  Error code: " + result); 
-	}
-	if (has_new_window) new_window.close();
-}
-
-default_name = "Netscape FORTEZZA Module"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>FORTEZZA PKCS #11 Installer version 1.5</H2>");
-document.writeln(" Module name: <Input Type=Text Name=modName value=\""+default_name+"\" size=50 required><br>");
-document.writeln(" Module Library: <Input Type=FILE required Name=module><br>");
-document.writeln("<i>Note: If you use the browse button, be sure to change the filter to show all the files (*), not just the HTML files (*.html).</i><p>");
-document.writeln("<hr>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln(  "document.instform.modName.value,document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/fortpk11.c b/security/nss/lib/fortcrypt/fortpk11.c
deleted file mode 100644
index e28fd7909..000000000
--- a/security/nss/lib/fortcrypt/fortpk11.c
+++ /dev/null
@@ -1,4553 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * This file implements PKCS 11 for FORTEZZA using MACI
- *   drivers.  Except for the Mac.  They only have CI libraries, so
- *   that's what we use there.
- *
- *   For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *
- *   This implementations queries the MACI to figure out how 
- *    many slots exist on a given system.  There is an artificial boundary
- *    of 32 slots, because allocating slots dynamically caused memory
- *    problems in the client when first this module was first developed.
- *    Some how the heap was being corrupted and we couldn't find out where.
- *    Subsequent attempts to allocate dynamic memory caused no problem.
- *
- *   In this implementation, session objects are only visible to the session
- *   that created or generated them.
- */
-
-#include "fpkmem.h"
-#include "seccomon.h"
-#include "fpkcs11.h"
-#include "fpkcs11i.h"
-#include "cryptint.h"
-#include "pk11func.h"
-#include "fortsock.h"
-#include "fmutex.h"
-#ifdef notdef
-#include <ctype.h>
-#include <stdio.h>
-#endif
-
-/* sigh */
-#ifndef EOF
-/* stdio was not included */
-extern int sprintf(char *out, char *fmt, ...);
-#endif
-
-#ifdef XP_MAC 
-#ifndef __POWERPC__
-#include <A4Stuff.h>
-#endif
-
-
-/* This is not a 4.0 project, so I can't depend on
- * 4.0 defines, so instead I depend on CodeWarrior 
- * defines.  I define XP_MAC in fpkmem.h
- */
-#if __POWERPC__
-#elif __CFM68K__
-#else
-/* These include are taken fromn npmac.cpp which are used
- * by the plugin group to properly set-up a plug-in for 
- * dynamic loading on 68K.
- */
-
-#include <Quickdraw.h>
-
-/*
-** The Mixed Mode procInfos defined in npupp.h assume Think C-
-** style calling conventions.  These conventions are used by
-** Metrowerks with the exception of pointer return types, which
-** in Metrowerks 68K are returned in A0, instead of the standard
-** D0. Thus, since NPN_MemAlloc and NPN_UserAgent return pointers,
-** Mixed Mode will return the values to a 68K plugin in D0, but 
-** a 68K plugin compiled by Metrowerks will expect the result in
-** A0.  The following pragma forces Metrowerks to use D0 instead.
-*/
-#ifdef __MWERKS__
-#ifndef powerc
-#pragma pointers_in_D0
-#endif
-#endif
-
-#ifdef __MWERKS__
-#ifndef powerc
-#pragma pointers_in_A0
-#endif
-#endif
-
-/* The following fix for static initializers fixes a previous
-** incompatibility with some parts of PowerPlant.
-*/
-#ifdef __MWERKS__
-#ifdef __cplusplus
-    extern "C" {
-#endif
-#ifndef powerc
-    extern void	__InitCode__(void);
-#else
-    extern void __sinit(void);
-#endif
-    extern void	__destroy_global_chain(void);
-#ifdef __cplusplus
-    }
-#endif /* __cplusplus */
-#endif /* __MWERKS__ */
-
-#endif
-#endif
-
-
-typedef struct {
-   unsigned char *data;
-   int len;
-} CertItem;
-
-
-/*
- * ******************** Static data *******************************
- */
-
-/* The next three strings must be exactly 32 characters long */
-static char *manufacturerID      = "Netscape Communications Corp    ";
-static char *libraryDescription  = "Communicator Fortezza Crypto Svc";
-
-typedef enum {DSA_KEY, KEA_KEY, V1_KEY, INVALID_KEY } PrivKeyType;
-
-static PK11Slot           fort11_slot[NUM_SLOTS];
-static FortezzaSocket     fortezzaSockets[NUM_SLOTS];
-static PRBool             init = PR_FALSE;
-static CK_ULONG           kNumSockets    = 0;
-
-#define __PASTE(x,y)    x##y
- 
- 
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-#define fort11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define fort11_SlotFromSession  pk11_SlotFromSession
-#define fort11_isToken          pk11_isToken
-
-static CK_FUNCTION_LIST fort11_funcList = {
-    { 2, 1 },
- 
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
- 
-#define CK_EXTERN
-#define CK_FUNC(name) name,
-#define _CK_RV
- 
-#include "fpkcs11f.h"
- 
-};
- 
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef _CK_RV
- 
- 
-#undef __PASTE
-#undef pk11_SlotFromSessionHandle
-#undef pk11_SlotFromID
-
-#define MAJOR_VERSION_MASK 0xFF00
-#define MINOR_VERSION_MASK 0x00FF
-
-/* Mechanisms */
-struct mechanismList {
-    CK_MECHANISM_TYPE	type;
-    CK_MECHANISM_INFO	domestic;
-    PRBool              privkey; 
-};
-
-static struct mechanismList mechanisms[] = {
-     {CKM_DSA,              {512,1024,CKF_SIGN},                 PR_TRUE},
-     {CKM_SKIPJACK_KEY_GEN, {92, 92, CKF_GENERATE},              PR_TRUE},
-     {CKM_SKIPJACK_CBC64,   {92, 92, CKF_ENCRYPT | CKF_DECRYPT}, PR_TRUE},
-     {CKM_SKIPJACK_WRAP,    {92, 92, CKF_WRAP},                  PR_TRUE},
-     {CKM_KEA_KEY_DERIVE,   {128, 128, CKF_DERIVE},              PR_TRUE},
-};
-static CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
-
-/*************Static function prototypes********************************/
-static PRBool          fort11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type);
-static void            fort11_FreeAttribute(PK11Attribute *attribute);
-static void            fort11_DestroyAttribute(PK11Attribute *attribute);
-static PK11Object*     fort11_NewObject(PK11Slot *slot);
-static PK11FreeStatus  fort11_FreeObject(PK11Object *object);
-static CK_RV           fort11_AddAttributeType(PK11Object *object,
-					     CK_ATTRIBUTE_TYPE type,
-					     void *valPtr,
-					     CK_ULONG length);
-static void            fort11_AddSlotObject(PK11Slot *slot, PK11Object *object);
-static PK11Attribute*  fort11_FindAttribute(PK11Object *object,
-					  CK_ATTRIBUTE_TYPE type);
-static PK11Attribute*  fort11_NewAttribute(CK_ATTRIBUTE_TYPE type, 
-					 CK_VOID_PTR value, CK_ULONG len);
-static void            fort11_DeleteAttributeType(PK11Object *object,
-						CK_ATTRIBUTE_TYPE type);
-static void            fort11_AddAttribute(PK11Object *object,
-					 PK11Attribute *attribute);
-static void            fort11_AddObject(PK11Session *session, 
-				      PK11Object *object);
-static PK11Object *    fort11_ObjectFromHandle(CK_OBJECT_HANDLE handle, 
-					     PK11Session *session);
-static void            fort11_DeleteObject(PK11Session *session,PK11Object *object);
-static CK_RV           fort11_DestroyObject(PK11Object *object);
-void   fort11_FreeSession(PK11Session *session);
-
-#define FIRST_SLOT_SESS_ID   0x00000100L
-#define ADD_NEXT_SESS_ID     0x00000100L
-#define SLOT_MASK            0x000000FFL
-
-#define FAILED CKR_FUNCTION_FAILED
-
-static void
-fort11_FreeFortezzaKey (void *inFortezzaKey) {
-    RemoveKey ((FortezzaKey*) inFortezzaKey);
-}
-
-static void
-fort11_DestroySlotObjects (PK11Slot *slot, PK11Session *session) {
-    PK11Object *currObject, *nextObject = NULL, *oldObject;
-    int i;
-
-    for (i=0; i<HASH_SIZE; i++) {
-      currObject = slot->tokObjects[i];
-      slot->tokObjects[i] = NULL;
-      do {
-	  FMUTEX_Lock(slot->sessionLock);
-
-	  if (currObject) {
-	      nextObject = currObject->next;
-	      FMUTEX_Lock(currObject->refLock);
-	      currObject->refCount++;
-	      FMUTEX_Unlock(currObject->refLock);
-	      fort11_DeleteObject(session, currObject);
-	  }
-	  FMUTEX_Unlock(slot->sessionLock);
-	  if (currObject) {
-	      oldObject = currObject;
-	      currObject = nextObject;
-	      fort11_FreeObject(oldObject);
-	  }
-      } while (currObject != NULL);
-    }
-}
-
-static void
-fort11_TokenRemoved(PK11Slot *slot, PK11Session *session) {
-    FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
-
-    LogoutFromSocket (socket);
-    slot->isLoggedIn = PR_FALSE;
-    if (session && session->notify) { 
-        /*If no session pointer exists, lots of leaked memory*/
-        session->notify (session->handle, CKN_SURRENDER,
-			 session->appData);
-	fort11_FreeSession(session); /* Release the reference held
-				      * by the slot with the session
-				      */
-    }
-
-    fort11_DestroySlotObjects(slot, session);
-    fort11_FreeSession(session); /* Release the reference held
-				  * by the slot with the session
-				  */
-
-    /* All keys will have been freed at this point so we can
-     * NULL out this pointer
-     */
-    socket->keys = NULL;
-
-}
-
-PRBool
-fort11_FortezzaIsUserCert(unsigned char * label) {
-
-    if ( (!PORT_Memcmp(label, "KEAK", 4)) ||   /* v3 user certs */
-         (!PORT_Memcmp(label, "DSA1", 4)) ||
-	 (!PORT_Memcmp(label, "DSAI", 4)) ||
-         (!PORT_Memcmp(label, "DSAO", 4)) ||
-         (!PORT_Memcmp(label, "INKS", 4)) ||   /* v1 user certs */ 
-         (!PORT_Memcmp(label, "INKX", 4)) ||
-         (!PORT_Memcmp(label, "ONKS", 4)) ||
-         (!PORT_Memcmp(label, "ONKX", 4)) ||
-         (!PORT_Memcmp(label, "3IXS", 4)) ||   /* old v3 user certs */
-         (!PORT_Memcmp(label, "3OXS", 4)) ||
-         (!PORT_Memcmp(label, "3IKX", 4)) ) {  
-
-         return PR_TRUE;
-
-    } else { return PR_FALSE; }
-    
-}
-
-static PRBool
-fort11_FortezzaIsACert(unsigned char * label) {
-    if (label == NULL) return PR_FALSE;
-
-    if ( (!PORT_Memcmp(label, "DSA1", 4)) ||   /* v3 certs */
-         (!PORT_Memcmp(label, "DSAI", 4)) ||
-	 (!PORT_Memcmp(label, "DSAO", 4)) || 
-         (!PORT_Memcmp(label, "DSAX", 4)) ||
-         (!PORT_Memcmp(label, "KEAK", 4)) ||
-         (!PORT_Memcmp(label, "KEAX", 4)) ||
-         (!PORT_Memcmp(label, "CAX1", 4)) ||
-         (!PORT_Memcmp(label, "PCA1", 4)) ||
-         (!PORT_Memcmp(label, "PAA1", 4)) ||
-         (!PORT_Memcmp(label, "ICA1", 4)) ||
-
-         (!PORT_Memcmp(label, "3IXS", 4)) ||   /* old v3 certs */    
-         (!PORT_Memcmp(label, "3OXS", 4)) ||    
-         (!PORT_Memcmp(label, "3CAX", 4)) ||
-         (!PORT_Memcmp(label, "3IKX", 4)) ||
-         (!PORT_Memcmp(label, "3PCA", 4)) ||
-         (!PORT_Memcmp(label, "3PAA", 4)) ||
-         (!PORT_Memcmp(label, "3ICA", 4)) ||
-
-         (!PORT_Memcmp(label, "INKS", 4)) ||   /* v1 certs */    
-         (!PORT_Memcmp(label, "INKX", 4)) ||
-         (!PORT_Memcmp(label, "ONKS", 4)) ||
-         (!PORT_Memcmp(label, "ONKX", 4)) ||
-         (!PORT_Memcmp(label, "RRXX", 4)) ||
-         (!PORT_Memcmp(label, "RTXX", 4)) ||
-         (!PORT_Memcmp(label, "LAXX", 4)) ) {  
-
-         return PR_TRUE;
-
-    } 
-
-    return PR_FALSE; 
-}
- 
-static 
-int fort11_cert_length(unsigned char *buf, int length) {
-    unsigned char tag;
-    int used_length= 0;
-    int data_length;
-
-    tag = buf[used_length++];
-
-    /* blow out when we come to the end */
-    if (tag == 0) {
-	return 0;
-    }
-
-    data_length = buf[used_length++];
-
-    if (data_length&0x80) {
-	int  len_count = data_length & 0x7f;
-
-	data_length = 0;
-
-	while (len_count-- > 0) {
-	    data_length = (data_length << 8) | buf[used_length++];
-	} 
-    }
-
-    if (data_length > (length-used_length) ) {
-	return length;
-    }
-
-    return (data_length + used_length);	
-}
-
-unsigned char *fort11_data_start(unsigned char *buf, int length, 
-				 int *data_length, PRBool includeTag) {
-    unsigned char tag;
-    int used_length= 0;
-
-    tag = buf[used_length++];
-
-    /* blow out when we come to the end */
-    if (tag == 0) {
-	return NULL;
-    }
-
-    *data_length = buf[used_length++];
-
-    if (*data_length&0x80) {
-	int  len_count = *data_length & 0x7f;
-
-	*data_length = 0;
-
-	while (len_count-- > 0) {
-	    *data_length = (*data_length << 8) | buf[used_length++];
-	} 
-    }
-
-    if (*data_length > (length-used_length) ) {
-	*data_length = length-used_length;
-	return NULL;
-    }
-    if (includeTag) *data_length += used_length;
-
-    return (buf + (includeTag ? 0 : used_length));	
-}
-
-int
-fort11_GetCertFields(unsigned char *cert,int cert_length,CertItem *issuer,
-		     CertItem *serial,CertItem *subject)
-{
-	unsigned char *buf;
-	int buf_length;
-	unsigned char *date;
-	int datelen;
-
-	/* get past the signature wrap */
-	buf = fort11_data_start(cert,cert_length,&buf_length,PR_FALSE);
-	if (buf == NULL) return FAILED;
-	/* get into the raw cert data */
-	buf = fort11_data_start(buf,buf_length,&buf_length,PR_FALSE);
-	if (buf == NULL) return FAILED;
-	/* skip past any optional version number */
-        if ((buf[0] & 0xa0) == 0xa0) {
-            date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
-            if (date == NULL) return FAILED;
-            buf_length -= (date-buf) + datelen;
-            buf = date + datelen;
-        }
-        /* serial number */
-	serial->data = fort11_data_start(buf,buf_length,&serial->len,PR_FALSE);
-	if (serial->data == NULL) return FAILED;
-	buf_length -= (serial->data-buf) + serial->len;
-	buf = serial->data + serial->len;
-	/* skip the OID */
-	date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
-	if (date == NULL) return FAILED;
-	buf_length -= (date-buf) + datelen;
-	buf = date + datelen;
-	/* issuer */
-	issuer->data = fort11_data_start(buf,buf_length,&issuer->len,PR_TRUE);
-	if (issuer->data == NULL) return FAILED;
-	buf_length -= (issuer->data-buf) + issuer->len;
-	buf = issuer->data + issuer->len;
-	/* skip the date */
-	date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
-	if (date == NULL) return FAILED;
-	buf_length -= (date-buf) + datelen;
-	buf = date + datelen;
-	/*subject */
-	subject->data=fort11_data_start(buf,buf_length,&subject->len,PR_TRUE);
-	if (subject->data == NULL) return FAILED;
-	buf_length -= (subject->data-buf) + subject->len;
-	buf = subject->data +subject->len;
-	/*subject */
-	return CKR_OK;
-}
-
-/* quick tohex function to get rid of scanf */
-static
-int fort11_tohex(char *s) {
-    int val = 0;
-
-    for(;*s;s++) {
-	if ((*s >= '0') && (*s <= '9')) {
-	    val = (val << 4) + (*s - '0');
-	    continue;
-	} else if ((*s >= 'a') && (*s <= 'f')) {
-	    val = (val << 4) + (*s - 'a') + 10;
-	    continue;
-	} else if ((*s >= 'A') && (*s <= 'F')) {
-	    val = (val << 4) + (*s - 'A') + 10;
-	    continue;
-	}
-	break;
-    }
-    return val;
-}
-
-/* only should be called for V3 KEA cert labels. */
-
-static int
-fort11_GetSibling(CI_CERT_STR label)  {
-
-	int value = 0;
-        char s[3];
-
-        label +=4;
-
-        strcpy(s,"00");
-        memcpy(s, label, 2);
-	value = fort11_tohex(s);
-        
-	/*  sibling of 255 means no sibling */
-        if (value == 255) {
-	    value = -1;
-	}
-
-	return value;
-}
-
-
-static PrivKeyType
-fort11_GetKeyType(CI_CERT_STR label) { 
-    if (label == NULL) return INVALID_KEY;
-
-    if ( (!PORT_Memcmp(label, "DSA1", 4)) ||   /* v3 certs */ 
-         (!PORT_Memcmp(label, "DSAI", 4)) ||
-	 (!PORT_Memcmp(label, "DSAO", 4)) ||
-         (!PORT_Memcmp(label, "3IXS", 4)) ||   /* old v3 certs */ 
-         (!PORT_Memcmp(label, "3OXS", 4)) ) {
-
-        return DSA_KEY;
-    }
-
-
-    if ( (!PORT_Memcmp(label, "KEAK", 4)) || 
-         (!PORT_Memcmp(label, "3IKX", 4)) ) {
-        return KEA_KEY;
-    }
- 
-    if ( (!PORT_Memcmp(label, "INKS", 4)) ||  /* V1 Certs*/
-         (!PORT_Memcmp(label, "INKX", 4)) ||
-         (!PORT_Memcmp(label, "ONKS", 4)) ||
-         (!PORT_Memcmp(label, "ONKX", 4)) ||  
-         (!PORT_Memcmp(label, "RRXX", 4)) ||
-         (!PORT_Memcmp(label, "RTXX", 4)) ||
-         (!PORT_Memcmp(label, "LAXX", 4)) ) { 
-
-         return V1_KEY;
-    }
-
-    return INVALID_KEY;
-} 
-
-static CK_RV
-fort11_ConvertToDSAKey(PK11Object *privateKey, PK11Slot *slot) {
-    CK_KEY_TYPE     key_type  = CKK_DSA;
-    CK_BBOOL        cktrue    = TRUE;
-    CK_BBOOL        ckfalse   = FALSE;
-    CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
-    CK_CHAR         label[]   = "A DSA Private Key";
-
-
-    /* Fill in the common Default values */
-    if (fort11_AddAttributeType(privateKey,CKA_START_DATE, NULL, 0) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey,CKA_END_DATE, NULL, 0) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey,CKA_SUBJECT, NULL, 0) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_CLASS, &privClass, 
-			      sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_KEY_TYPE, &key_type, 
-			      sizeof(CK_KEY_TYPE)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType (privateKey, CKA_TOKEN, &cktrue, 
-			      sizeof (CK_BBOOL)) != CKR_OK) {
-       return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType (privateKey, CKA_LABEL, label,
-			       PORT_Strlen((char*)label)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_SENSITIVE, &cktrue, 
-			      sizeof (CK_BBOOL)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_SIGN, &cktrue, 
-			      sizeof (CK_BBOOL)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(privateKey, CKA_DERIVE, &cktrue,
-			      sizeof(cktrue)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_LOCAL, &ckfalse,
-			      sizeof(ckfalse)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_DECRYPT, &ckfalse,
-			      sizeof(ckfalse)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_SIGN_RECOVER, &ckfalse,
-			      sizeof(ckfalse)) != CKR_OK) {
- 	return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_UNWRAP, &ckfalse,
-			      sizeof(ckfalse)) != CKR_OK) {
- 	return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_EXTRACTABLE, &ckfalse,
-			      sizeof(ckfalse))  != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_ALWAYS_SENSITIVE, &cktrue,
-			      sizeof(cktrue)) != CKR_OK) {
-       return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_NEVER_EXTRACTABLE, &cktrue,
-			      sizeof(ckfalse)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_PRIME, NULL, 0) != CKR_OK){
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_SUBPRIME, NULL, 0) != CKR_OK){
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_BASE, NULL, 0) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_VALUE, NULL, 0) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_PRIVATE, &cktrue,
-			      sizeof(cktrue)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_MODIFIABLE,&ckfalse,
-			      sizeof(ckfalse)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    FMUTEX_Lock(slot->objectLock);
-    privateKey->handle = slot->tokenIDCount++;
-    privateKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
-    FMUTEX_Unlock(slot->objectLock);
-    privateKey->objclass = privClass;
-    privateKey->slot = slot;
-    privateKey->inDB = PR_TRUE;
-
-
-    return CKR_OK;
-}
-
-static int
-fort11_LoadRootPAAKey(PK11Slot *slot, PK11Session *session) {
-    CK_OBJECT_CLASS theClass   = CKO_SECRET_KEY;
-    int              id      = 0;
-    CK_BBOOL         True    = TRUE;
-    CK_BBOOL          False   = FALSE;
-    CK_CHAR          label[] = "Trusted Root PAA Key";
-    PK11Object      *rootKey;
-    FortezzaKey     *newKey;
-    FortezzaSocket *socket  = &fortezzaSockets[slot->slotID-1];
-    
-    /*Don't know the key type.  Does is matter?*/
-
-    rootKey = fort11_NewObject(slot);
-
-    if (rootKey == NULL) {
-        return CKR_HOST_MEMORY;
-    }
-
-    if (fort11_AddAttributeType(rootKey, CKA_CLASS, &theClass,
-			      sizeof(theClass)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(rootKey, CKA_TOKEN, &True,
-			      sizeof(True)) != CKR_OK) {        
-	return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(rootKey, CKA_LABEL, label,
-			      sizeof(label)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(rootKey, CKA_PRIVATE, &True,
-			      sizeof (True)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(rootKey,CKA_MODIFIABLE, &False, 
-			      sizeof(False)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-    
-    if (fort11_AddAttributeType(rootKey, CKA_ID, &id,
-			      sizeof(int)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(rootKey, CKA_DERIVE, &True,
-			      sizeof(True)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_AddAttributeType(rootKey, CKA_SENSITIVE, &True,
-			      sizeof(True)) != CKR_OK) {
-	return CKR_GENERAL_ERROR;
-    }
-
-    FMUTEX_Lock(slot->objectLock);
-    rootKey->handle = slot->tokenIDCount++;
-    rootKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
-    FMUTEX_Unlock(slot->objectLock);
-
-    rootKey->objclass = theClass;
-    rootKey->slot = slot;
-    rootKey->inDB = PR_TRUE;
-
-    newKey = NewFortezzaKey(socket, Ks, NULL, 0);
-    if (newKey == NULL) {
-        fort11_FreeObject(rootKey);
-        return CKR_HOST_MEMORY;
-    }
-
-    rootKey->objectInfo = (void*)newKey;
-    rootKey->infoFree   = fort11_FreeFortezzaKey;
-    fort11_AddObject(session, rootKey);
-
-    return CKR_OK;
-}
-
-static CK_RV
-fort11_ConvertToKEAKey (PK11Object *privateKey, PK11Slot *slot) {
-    CK_OBJECT_CLASS theClass   = CKO_PRIVATE_KEY;
-    CK_KEY_TYPE     keyType = CKK_KEA;
-    CK_CHAR         label[] = "A KEA private key Object";
-    CK_BBOOL        True    = TRUE;
-    CK_BBOOL        False   = FALSE;
-
-    if (fort11_AddAttributeType(privateKey, CKA_CLASS, &theClass,
-			      sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_KEY_TYPE, &keyType,
-			      sizeof (CK_KEY_TYPE)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_TOKEN, &True, 
-			      sizeof(CK_BBOOL)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType (privateKey, CKA_LABEL, label,
-			       PORT_Strlen((char*)label)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType (privateKey, CKA_SENSITIVE, 
-			       &True, sizeof(CK_BBOOL)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }    
-    if (fort11_AddAttributeType (privateKey, CKA_DERIVE, 
-			       &True, sizeof(CK_BBOOL)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_PRIVATE, &True,
-			      sizeof(True)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_START_DATE, NULL, 0) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    } 
-    if (fort11_AddAttributeType(privateKey, CKA_END_DATE, NULL, 0) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-    if (fort11_AddAttributeType(privateKey, CKA_LOCAL, &False,
-			      sizeof(False)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    FMUTEX_Lock(slot->objectLock);
-    privateKey->handle = slot->tokenIDCount++;
-    privateKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
-    FMUTEX_Unlock(slot->objectLock);
-    privateKey->objclass = theClass;
-    privateKey->slot = slot;
-    privateKey->inDB = PR_TRUE;
-
-    return CKR_OK;
-}
-
-static CK_RV
-fort11_ConvertToV1Key (PK11Object* privateKey, PK11Slot *slot) {
-    CK_RV    rv;
-    CK_BBOOL True = TRUE;
-
-    rv = fort11_ConvertToDSAKey(privateKey, slot);
-    if (rv != CKR_OK) {
-        return rv;
-    }
-
-    if (fort11_AddAttributeType(privateKey, CKA_DERIVE, &True, 
-			      sizeof (CK_BBOOL)) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    return CKR_OK;
-}
-
-static CK_RV
-fort11_NewPrivateKey(PK11Object *privKeyObject, PK11Slot *slot,CI_PERSON currPerson) {
-  PrivKeyType keyType = fort11_GetKeyType(currPerson.CertLabel);
-  CK_RV       rv;
-
-  switch (keyType) {
-  case DSA_KEY:
-    rv = fort11_ConvertToDSAKey(privKeyObject, slot);
-    break;
-  case KEA_KEY:
-    rv = fort11_ConvertToKEAKey(privKeyObject, slot);
-    break;
-  case V1_KEY:
-    rv = fort11_ConvertToV1Key(privKeyObject, slot);
-    break;
-  default:
-    rv = CKR_GENERAL_ERROR;
-    break;
-  }
-  return rv;
-}
-
-
-PRBool
-fort11_LoadCertObjectForSearch(CI_PERSON currPerson, PK11Slot *slot, 
-			PK11Session *session, CI_PERSON *pers_array) {
-    PK11Object          *certObject, *privKeyObject;
-    PK11Attribute       *attribute, *newAttribute;
-    int                  ci_rv;
-    CI_CERTIFICATE       cert;
-    CK_OBJECT_CLASS      certClass = CKO_CERTIFICATE;
-    CK_CERTIFICATE_TYPE  certType  = CKC_X_509;
-    CK_BBOOL             cktrue    = TRUE;
-    CK_BBOOL             ckfalse   = FALSE;
-    CertItem             issuer, serial, subject;
-    int			 certSize;
-    char                 nickname[50];
-    char                *cursor; 
-    PrivKeyType		 priv_key;
-    int			 sibling;
-  
-
-    certObject = fort11_NewObject(slot);
-    if (certObject == NULL)
-        return PR_FALSE;
-
-    ci_rv = MACI_GetCertificate (fortezzaSockets[slot->slotID-1].maciSession,
-				 currPerson.CertificateIndex, cert);
-    if (ci_rv != CI_OK){
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-
-    ci_rv = fort11_GetCertFields(cert,CI_CERT_SIZE,&issuer,&serial,&subject);
-
-    if (ci_rv != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-
-    if (fort11_AddAttributeType(certObject, CKA_CLASS, &certClass,
-			      sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
-        fort11_FreeObject (certObject);
-	return PR_FALSE;
-    }
-    if (fort11_AddAttributeType(certObject, CKA_TOKEN, &cktrue,
-			      sizeof (CK_BBOOL)) != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-    if (fort11_AddAttributeType(certObject, CKA_PRIVATE, &ckfalse,
-			      sizeof (CK_BBOOL)) != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-
-    
-    /* check if the label represents a KEA key. if so, the
-       nickname should be made the same as the corresponding DSA
-       sibling cert. */
-        
-    priv_key = fort11_GetKeyType(currPerson.CertLabel);
-
-    if (priv_key == KEA_KEY) {
-	sibling = fort11_GetSibling(currPerson.CertLabel);
-
-	/* check for failure of fort11_GetSibling.  also check that
-	   the sibling is not zero.  */
-
-	if (sibling > 0) {
-	    /* assign the KEA cert label to be the same as the
-	       sibling DSA label */
-
-	    sprintf (nickname, "%s", &pers_array[sibling-1].CertLabel[8] );
-	} else {
-	    sprintf (nickname, "%s", &currPerson.CertLabel[8]);
-	}
-    } else {
-        sprintf (nickname, "%s", &currPerson.CertLabel[8]);
-    }
-
-    cursor = nickname+PORT_Strlen(nickname)-1;
-    while ((*cursor) == ' ') {
-        cursor--;
-    }
-    cursor[1] = '\0';
-    if (fort11_AddAttributeType(certObject, CKA_LABEL, nickname,
-			      PORT_Strlen(nickname)) != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-
- 
-
-    if (fort11_AddAttributeType(certObject, CKA_CERTIFICATE_TYPE, &certType,
-			      sizeof(CK_CERTIFICATE_TYPE)) != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-    certSize = fort11_cert_length(cert,CI_CERT_SIZE);
-    if (fort11_AddAttributeType (certObject, CKA_VALUE, cert, certSize)
-	                                                        != CI_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-    if (fort11_AddAttributeType(certObject, CKA_ISSUER, issuer.data,
-			  issuer.len) != CKR_OK) {
-        fort11_FreeObject (certObject);
-	return PR_FALSE;
-    }
-    if (fort11_AddAttributeType(certObject, CKA_SUBJECT, subject.data,
-			      subject.len) != CKR_OK) {
-        fort11_FreeObject (certObject);
-	return PR_FALSE;
-    }
-    if (fort11_AddAttributeType(certObject, CKA_SERIAL_NUMBER,
-			      serial.data, serial.len) != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-    /*Change this to a byte array later*/
-    if (fort11_AddAttributeType(certObject, CKA_ID, 
-				&currPerson.CertificateIndex,
-				sizeof(int)) != CKR_OK) {
-        fort11_FreeObject(certObject);
-	return PR_FALSE;
-    }
-    certObject->objectInfo = NULL;
-    certObject->infoFree   = NULL;
-
-    certObject->objclass = certClass;
-    certObject->slot  = slot;
-    certObject->inDB  = PR_TRUE;
-
-    FMUTEX_Lock(slot->objectLock);
-      
-    certObject->handle  = slot->tokenIDCount++;
-    certObject->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_CERT);
-
-    FMUTEX_Unlock(slot->objectLock);
-
-    if (fort11_FortezzaIsUserCert (currPerson.CertLabel)) {
-        privKeyObject = fort11_NewObject(slot);
-        if (fort11_NewPrivateKey(privKeyObject, slot, currPerson) != CKR_OK) {
-	    fort11_FreeObject(privKeyObject);
-	    fort11_FreeObject(certObject);
-	    return PR_FALSE;
-	}
-	if(fort11_AddAttributeType(privKeyObject,CKA_ID,
-				 &currPerson.CertificateIndex,
-				 sizeof(int)) != CKR_OK) {
-	    fort11_FreeObject(privKeyObject);
-	    fort11_FreeObject(certObject);
-	    return PR_FALSE;
-	}	    
-	attribute = fort11_FindAttribute(certObject,CKA_SUBJECT);
-	newAttribute=
-	  fort11_NewAttribute(pk11_attr_expand(&attribute->attrib));
-	fort11_FreeAttribute(attribute);
-	if (newAttribute != NULL) {
-	    fort11_DeleteAttributeType(privKeyObject,
-				     CKA_SUBJECT);
-	    fort11_AddAttribute(privKeyObject,
-			      newAttribute);
-	}
-	fort11_AddObject (session, privKeyObject);
-    }
-
-
-    fort11_AddObject (session, certObject);
-
-    
-    return PR_TRUE;
-}
-
-#define TRUSTED_PAA "00000000Trusted Root PAA"
-
-static int
-fort11_BuildCertObjects(FortezzaSocket *currSocket, PK11Slot *slot, 
-		       PK11Session *session) {
-		       
-    int i;
-    CI_PERSON rootPAA;
-
-    PORT_Memcpy (rootPAA.CertLabel, TRUSTED_PAA, 1+PORT_Strlen (TRUSTED_PAA));
-    rootPAA.CertificateIndex = 0;
-
-    if (!fort11_LoadCertObjectForSearch(rootPAA, slot, session, 
-				 currSocket->personalityList)) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    if (fort11_LoadRootPAAKey(slot, session) != CKR_OK) {
-        return CKR_GENERAL_ERROR;
-    }
-
-    for (i=0 ; i < currSocket->numPersonalities; i++) {
-        if (fort11_FortezzaIsACert (currSocket->personalityList[i].CertLabel)){
-	    if (!fort11_LoadCertObjectForSearch(currSocket->personalityList[i],
-						slot, session, 
-						currSocket->personalityList)){
-	        return CKR_GENERAL_ERROR;
-	}
-      }
-    }
-
-    return CKR_OK;
-}
-
-PK11Slot*
-fort11_SlotFromSessionHandle(CK_SESSION_HANDLE inHandle) {
- CK_SESSION_HANDLE whichSlot = inHandle & SLOT_MASK;
-
- if (whichSlot >= kNumSockets) return NULL_PTR;
-
- return &fort11_slot[whichSlot];
-}
-
-PK11Slot* 
-fort11_SlotFromID (CK_SLOT_ID inSlotID) {
-  if (inSlotID == 0 || inSlotID > kNumSockets)
-    return NULL;
-
-  return &fort11_slot[inSlotID-1];
-}
-
-CK_ULONG fort11_firstSessionID (int inSlotNum) {
-        return (CK_ULONG)(inSlotNum);
-}
-
-/*
- * Utility to convert passed in PIN to a CI_PIN
- */
-void fort11_convertToCIPin (CI_PIN ciPin,CK_CHAR_PTR pPin, CK_ULONG ulLen) {
-  unsigned long i;
-
-  for (i=0; i<ulLen; i++) {
-    ciPin[i] = pPin[i];
-  }
-  ciPin[ulLen] = '\0';
-}
-
-
-/*
- * return true if object has attribute
- */
-static PRBool
-fort11_hasAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
-    PK11Attribute *attribute;
-
-    FMUTEX_Lock(object->attributeLock);
-    pk11queue_find(attribute,type,object->head,HASH_SIZE);
-    FMUTEX_Unlock(object->attributeLock);
-
-    return (PRBool)(attribute != NULL);
-}
-
-/*
- * create a new attribute with type, value, and length. Space is allocated
- * to hold value.
- */
-static PK11Attribute *
-fort11_NewAttribute(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, CK_ULONG len) {
-    PK11Attribute *attribute;
-    CK_RV mrv;
-
-    attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
-    if (attribute == NULL) return NULL;
-
-    attribute->attrib.type = type;
-    if (value) {
-	attribute->attrib.pValue = (CK_VOID_PTR)PORT_Alloc(len);
-	if (attribute->attrib.pValue == NULL) {
-	    PORT_Free(attribute);
-	    return NULL;
-	}
-	PORT_Memcpy(attribute->attrib.pValue,value,len);
-	attribute->attrib.ulValueLen = len;
-    } else {
-	attribute->attrib.pValue = NULL;
-	attribute->attrib.ulValueLen = 0;
-    }
-    attribute->handle = type;
-    attribute->next = attribute->prev = NULL;
-    attribute->refCount = 1;
-    if (FMUTEX_MutexEnabled()) {
-        mrv = FMUTEX_Create (&attribute->refLock);
-	if (mrv != CKR_OK) {
-	    if (attribute->attrib.pValue) PORT_Free(attribute->attrib.pValue);
-	    PORT_Free(attribute);
-	    return NULL;
-	}
-    } else {
-        attribute->refLock = NULL;
-    }
-
-    return attribute;
-}
-
-/*
- * add an attribute to an object
- */
-static
-void fort11_AddAttribute(PK11Object *object,PK11Attribute *attribute) {
-    FMUTEX_Lock (object->attributeLock);
-    pk11queue_add(attribute,attribute->handle,object->head,HASH_SIZE);
-    FMUTEX_Unlock(object->attributeLock);
-}
-
-static CK_RV
-fort11_AddAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *valPtr,
-							CK_ULONG length) {
-    PK11Attribute *attribute;
-    attribute = fort11_NewAttribute(type,valPtr,length);
-    if (attribute == NULL) { return CKR_HOST_MEMORY; }
-    fort11_AddAttribute(object,attribute);
-    return CKR_OK;
-}
-
-
-
-/* Make sure a given attribute exists. If it doesn't, initialize it to
- * value and len
- */
-static CK_RV
-fort11_forceAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *value,
-							unsigned int len) {
-    if ( !fort11_hasAttribute(object, type)) {
-	return fort11_AddAttributeType(object,type,value,len);
-    }
-    return CKR_OK;
-}
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when 
- * it is no longer needed.
- */
-static PK11Attribute *
-fort11_FindAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
-    PK11Attribute *attribute;
-
-    FMUTEX_Lock(object->attributeLock);
-    pk11queue_find(attribute,type,object->head,HASH_SIZE);
-    if (attribute) {
-	/* atomic increment would be nice here */
-        FMUTEX_Lock(attribute->refLock);
-	attribute->refCount++;
-	FMUTEX_Unlock(attribute->refLock);
-    }
-    FMUTEX_Unlock(object->attributeLock);
-
-    return(attribute);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-static PRBool
-fort11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
-    PK11Attribute *attribute;
-    PRBool tok = PR_FALSE;
-
-    attribute=fort11_FindAttribute(object,type);
-    if (attribute == NULL) { return PR_FALSE; }
-    tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
-    fort11_FreeAttribute(attribute);
-
-    return tok;
-}
-
-/*
- * add an object to a slot and session queue
- */
-static
-void fort11_AddSlotObject(PK11Slot *slot, PK11Object *object) {
-    FMUTEX_Lock(slot->objectLock);
-    pk11queue_add(object,object->handle,slot->tokObjects,HASH_SIZE);
-    FMUTEX_Unlock(slot->objectLock);
-}
-
-static
-void fort11_AddObject(PK11Session *session, PK11Object *object) {
-    PK11Slot *slot = fort11_SlotFromSession(session);
-
-    if (!fort11_isToken(object->handle)) {
-        FMUTEX_Lock(session->objectLock);
-	pk11queue_add(&object->sessionList,0,session->objects,0);
-	FMUTEX_Unlock(session->objectLock);
-    }
-    fort11_AddSlotObject(slot,object);
-} 
-
-/*
- * free all the data associated with an object. Object reference count must
- * be 'zero'.
- */
-static CK_RV
-fort11_DestroyObject(PK11Object *object) {
-    int i;
-    CK_RV crv = CKR_OK;
-/*    PORT_Assert(object->refCount == 0);*/
-
-    if (object->label) PORT_Free(object->label);
-
-    /* clean out the attributes */
-    /* since no one is referencing us, it's safe to walk the chain
-     * without a lock */
-    for (i=0; i < HASH_SIZE; i++) {
-	PK11Attribute *ap,*next;
-	for (ap = object->head[i]; ap != NULL; ap = next) {
-	    next = ap->next;
-	    /* paranoia */
-	    ap->next = ap->prev = NULL;
-	    fort11_FreeAttribute(ap);
-	}
-	object->head[i] = NULL;
-    }
-    FMUTEX_Destroy(object->attributeLock);
-    FMUTEX_Destroy(object->refLock);
-    if (object->objectInfo) {
-	(*object->infoFree)(object->objectInfo);
-    }
-    PORT_Free(object);
-    return crv;
-}
-
-
-/*
- * release a reference to an attribute structure
- */
-static void
-fort11_FreeAttribute(PK11Attribute *attribute) {
-    PRBool destroy = PR_FALSE;
-
-    FMUTEX_Lock(attribute->refLock);
-    if (attribute->refCount == 1) destroy = PR_TRUE;
-    attribute->refCount--;
-    FMUTEX_Unlock(attribute->refLock);
-
-    if (destroy) fort11_DestroyAttribute(attribute);
-}
-
-
-/*
- * release a reference to an object handle
- */
-static PK11FreeStatus
-fort11_FreeObject(PK11Object *object) {
-    PRBool destroy = PR_FALSE;
-    CK_RV crv;
-
-    FMUTEX_Lock(object->refLock);
-    if (object->refCount == 1) destroy = PR_TRUE;
-    object->refCount--;
-    FMUTEX_Unlock(object->refLock);
-      
-    if (destroy) {
-      crv = fort11_DestroyObject(object);
-      if (crv != CKR_OK) {
-	return PK11_DestroyFailure;
-      } 
-      return PK11_Destroyed;
-    }
-    return PK11_Busy;
-}
-
-static void
-fort11_update_state(PK11Slot *slot,PK11Session *session) {
-    if (slot->isLoggedIn) {
-	if (slot->ssoLoggedIn) {
-    	    session->info.state = CKS_RW_SO_FUNCTIONS;
-	} else if (session->info.flags & CKF_RW_SESSION) {
-    	    session->info.state = CKS_RW_USER_FUNCTIONS;
-	} else {
-    	    session->info.state = CKS_RO_USER_FUNCTIONS;
-	}
-    } else {
-	if (session->info.flags & CKF_RW_SESSION) {
-    	    session->info.state = CKS_RW_PUBLIC_SESSION;
-	} else {
-    	    session->info.state = CKS_RO_PUBLIC_SESSION;
-	}
-    }
-}
-
-/* update the state of all the sessions on a slot */
-static void
-fort11_update_all_states(PK11Slot *slot) {
-    int i;
-    PK11Session *session;
-
-    for (i=0; i < SESSION_HASH_SIZE; i++) {
-        FMUTEX_Lock(slot->sessionLock);
-	for (session = slot->head[i]; session; session = session->next) {
-	    fort11_update_state(slot,session);
-	}
-	FMUTEX_Unlock(slot->sessionLock);
-    }
-}
-
-
-/*
- * Create a new object
- */
-static PK11Object *
-fort11_NewObject(PK11Slot *slot) {
-    PK11Object *object;
-    CK_RV mrv;
-    int i;
-
-    object = (PK11Object*)PORT_Alloc(sizeof(PK11Object));
-    if (object == NULL) return NULL;
-
-    object->handle = 0;
-    object->next = object->prev = NULL;
-    object->sessionList.next = NULL;
-    object->sessionList.prev = NULL;
-    object->sessionList.parent = object;
-    object->inDB = PR_FALSE;
-    object->label = NULL;
-    object->refCount = 1;
-    object->session = NULL;
-    object->slot = slot;
-    object->objclass = 0xffff;
-    if (FMUTEX_MutexEnabled()) {
-        mrv = FMUTEX_Create(&object->refLock);
-	if (mrv != CKR_OK) {
-	    PORT_Free(object);
-	    return NULL;
-	}
-	mrv = FMUTEX_Create(&object->attributeLock);
-	if (mrv != CKR_OK) {
-	    FMUTEX_Destroy(object->refLock);
-	    PORT_Free(object);
-	    return NULL;
-	}
-    } else {
-        object->attributeLock = NULL;
-	object->refLock       = NULL;
-    }   
-    for (i=0; i < HASH_SIZE; i++) {
-	object->head[i] = NULL;
-    }
-    object->objectInfo = NULL;
-    object->infoFree = NULL;
-    return object;
-}
-
-/*
- * look up and object structure from a handle. OBJECT_Handles only make
- * sense in terms of a given session.  make a reference to that object
- * structure returned.
- */
-static PK11Object * fort11_ObjectFromHandle(CK_OBJECT_HANDLE handle, 
-					    PK11Session *session) {
-    PK11Object **head;
-    void *lock;
-    PK11Slot *slot = fort11_SlotFromSession(session);
-    PK11Object *object;
-
-    /*
-     * Token objects are stored in the slot. Session objects are stored
-     * with the session.
-     */
-    head = slot->tokObjects;
-    lock = slot->objectLock;
-
-    FMUTEX_Lock(lock);
-    pk11queue_find(object,handle,head,HASH_SIZE);
-    if (object) {
-        FMUTEX_Lock(object->refLock);
-	object->refCount++;
-	FMUTEX_Unlock(object->refLock);
-    }
-    FMUTEX_Unlock(lock);
-
-    return(object);
-}
-
-/*
- * add an object to a slot andsession queue
- */
-static
-void fort11_DeleteObject(PK11Session *session, PK11Object *object) {
-    PK11Slot *slot;
-    
-    if (session == NULL) 
-        return;
-    slot = fort11_SlotFromSession(session);
-    if (!fort11_isToken(object->handle)) {
-        FMUTEX_Lock(session->objectLock);
-	pk11queue_delete(&object->sessionList,0,session->objects,0);
-	FMUTEX_Unlock(session->objectLock);
-    }
-    FMUTEX_Lock(slot->objectLock);
-    pk11queue_delete(object,object->handle,slot->tokObjects,HASH_SIZE);
-    FMUTEX_Unlock(slot->objectLock);
-    fort11_FreeObject(object);
-}
-
-
-
-/*
- * ******************** Search Utilities *******************************
- */
-
-/* add an object to a search list */
-CK_RV
-fort11_AddToList(PK11ObjectListElement **list,PK11Object *object) {
-     PK11ObjectListElement *newelem = 
-	(PK11ObjectListElement *)PORT_Alloc(sizeof(PK11ObjectListElement));
-
-     if (newelem == NULL) return CKR_HOST_MEMORY;
-
-     newelem->next = *list;
-     newelem->object = object;
-     FMUTEX_Lock(object->refLock);
-     object->refCount++;
-     FMUTEX_Unlock(object->refLock);
-
-    *list = newelem;
-    return CKR_OK;
-}
-
-
-/*
- * free a single list element. Return the Next object in the list.
- */
-PK11ObjectListElement *
-fort11_FreeObjectListElement(PK11ObjectListElement *objectList) {
-    PK11ObjectListElement *ol = objectList->next;
-
-    fort11_FreeObject(objectList->object);
-    PORT_Free(objectList);
-    return ol;
-}
-
-/* free an entire object list */
-void
-fort11_FreeObjectList(PK11ObjectListElement *objectList) {
-    PK11ObjectListElement *ol;
-
-    for (ol= objectList; ol != NULL; ol = fort11_FreeObjectListElement(ol)) {}
-}
-
-/*
- * free a search structure
- */
-void
-fort11_FreeSearch(PK11SearchResults *search) {
-    if (search->handles) {
-	PORT_Free(search->handles);
-    }
-    PORT_Free(search);
-}
-
-
-/*
- * Free up all the memory associated with an attribute. Reference count
- * must be zero to call this.
- */
-static void
-fort11_DestroyAttribute(PK11Attribute *attribute) {
-    /*PORT_Assert(attribute->refCount == 0);*/
-    FMUTEX_Destroy(attribute->refLock);
-    if (attribute->attrib.pValue) {
-	 /* clear out the data in the attribute value... it may have been
-	  * sensitive data */
-	 PORT_Memset(attribute->attrib.pValue,0,attribute->attrib.ulValueLen);
-	 PORT_Free(attribute->attrib.pValue);
-    }
-    PORT_Free(attribute);
-}
-        
-/*
- * delete an attribute from an object
- */
-static void
-fort11_DeleteAttribute(PK11Object *object, PK11Attribute *attribute) {
-    FMUTEX_Lock(object->attributeLock);
-    if (attribute->next || attribute->prev) {
-	pk11queue_delete(attribute,attribute->handle,
-						object->head,HASH_SIZE);
-    }
-    FMUTEX_Unlock(object->attributeLock);
-    fort11_FreeAttribute(attribute);
-}
-
-/*
- * decode when a particular attribute may be modified
- * 	PK11_NEVER: This attribute must be set at object creation time and
- *  can never be modified.
- *	PK11_ONCOPY: This attribute may be modified only when you copy the
- *  object.
- *	PK11_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
- *  FALSE to TRUE.
- *	PK11_ALWAYS: This attribute can always be modified.
- * Some attributes vary their modification type based on the class of the 
- *   object.
- */
-PK11ModifyType
-fort11_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass) {
-    /* if we don't know about it, user user defined, always allow modify */
-    PK11ModifyType mtype = PK11_ALWAYS; 
-
-    switch(type) {
-    /* NEVER */
-    case CKA_CLASS:
-    case CKA_CERTIFICATE_TYPE:
-    case CKA_KEY_TYPE:
-    case CKA_MODULUS:
-    case CKA_MODULUS_BITS:
-    case CKA_PUBLIC_EXPONENT:
-    case CKA_PRIVATE_EXPONENT:
-    case CKA_PRIME:
-    case CKA_SUBPRIME:
-    case CKA_BASE:
-    case CKA_PRIME_1:
-    case CKA_PRIME_2:
-    case CKA_EXPONENT_1:
-    case CKA_EXPONENT_2:
-    case CKA_COEFFICIENT:
-    case CKA_VALUE_LEN:
-	mtype = PK11_NEVER;
-	break;
-
-    /* ONCOPY */
-    case CKA_TOKEN:
-    case CKA_PRIVATE:
-	mtype = PK11_ONCOPY;
-	break;
-
-    /* SENSITIVE */
-    case CKA_SENSITIVE:
-	mtype = PK11_SENSITIVE;
-	break;
-
-    /* ALWAYS */
-    case CKA_LABEL:
-    case CKA_APPLICATION:
-    case CKA_ID:
-    case CKA_SERIAL_NUMBER:
-    case CKA_START_DATE:
-    case CKA_END_DATE:
-    case CKA_DERIVE:
-    case CKA_ENCRYPT:
-    case CKA_DECRYPT:
-    case CKA_SIGN:
-    case CKA_VERIFY:
-    case CKA_SIGN_RECOVER:
-    case CKA_VERIFY_RECOVER:
-    case CKA_WRAP:
-    case CKA_UNWRAP:
-	mtype = PK11_ALWAYS;
-	break;
-
-    /* DEPENDS ON CLASS */
-    case CKA_VALUE:
-	mtype = (inClass == CKO_DATA) ? PK11_ALWAYS : PK11_NEVER;
-	break;
-
-    case CKA_SUBJECT:
-	mtype = (inClass == CKO_CERTIFICATE) ? PK11_NEVER : PK11_ALWAYS;
-	break;
-    default:
-	break;
-    }
-    return mtype;
-}
-
-/* decode if a particular attribute is sensitive (cannot be read
- * back to the user of if the object is set to SENSITIVE) */
-PRBool
-fort11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass) {
-    switch(type) {
-    /* ALWAYS */
-    case CKA_PRIVATE_EXPONENT:
-    case CKA_PRIME_1:
-    case CKA_PRIME_2:
-    case CKA_EXPONENT_1:
-    case CKA_EXPONENT_2:
-    case CKA_COEFFICIENT:
-	return PR_TRUE;
-
-    /* DEPENDS ON CLASS */
-    case CKA_VALUE:
-	/* PRIVATE and SECRET KEYS have SENSITIVE values */
-	return (PRBool)((inClass == CKO_PRIVATE_KEY) || 
-			(inClass == CKO_SECRET_KEY));
-
-    default:
-	break;
-    }
-    return PR_FALSE;
-}
-
-static void
-fort11_DeleteAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
-    PK11Attribute *attribute;
-    attribute = fort11_FindAttribute(object, type);
-    if (attribute == NULL) return ;
-    fort11_DeleteAttribute(object,attribute);
-}
-
-
-/*
- * create a new nession. NOTE: The session handle is not set, and the
- * session is not added to the slot's session queue.
- */
-static PK11Session *
-fort11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify, 
-		  CK_VOID_PTR pApplication,
-		  CK_FLAGS flags) {
-    PK11Session *session;
-    PK11Slot *slot = &fort11_slot[slotID-1];
-    CK_RV mrv;
-
-    if (slot == NULL) return NULL;
-
-    session = (PK11Session*)PORT_Alloc(sizeof(PK11Session));
-    if (session == NULL) return NULL;
-
-    session->next = session->prev = NULL;
-    session->refCount = 1;
-    session->context = NULL;
-    session->search = NULL;
-    session->objectIDCount = 1;
-    session->fortezzaContext.fortezzaKey = NULL;
-    session->fortezzaContext.fortezzaSocket = NULL;
-
-    if (FMUTEX_MutexEnabled()) {
-        mrv = FMUTEX_Create(&session->refLock);
-	if (mrv != CKR_OK) {
-	    PORT_Free(session);
-	    return NULL;
-	}
-	mrv = FMUTEX_Create(&session->objectLock);
-	if (mrv != CKR_OK) {
-	    FMUTEX_Destroy(session->refLock);
-	    PORT_Free(session);
-	    return NULL;
-	}
-    } else {
-        session->refLock    = NULL;
-	session->objectLock = NULL;
-    }
-
-    session->objects[0] = NULL;
-
-    session->slot = slot;
-    session->notify = notify;
-    session->appData = pApplication;
-    session->info.flags = flags;
-    session->info.slotID = slotID;
-    fort11_update_state(slot,session);
-    return session;
-}
-
-
-/*
- * look up a session structure from a session handle
- * generate a reference to it.
- */
-PK11Session *
-fort11_SessionFromHandle(CK_SESSION_HANDLE handle, PRBool isCloseSession) {
-    PK11Slot	*slot = fort11_SlotFromSessionHandle(handle);
-    PK11Session *session;
-
-    if (!isCloseSession && 
-	!SocketStateUnchanged(&fortezzaSockets[slot->slotID-1]))
-        return NULL;
-
-    FMUTEX_Lock(slot->sessionLock);
-    pk11queue_find(session,handle,slot->head,SESSION_HASH_SIZE);
-    if (session) session->refCount++;
-    FMUTEX_Unlock(slot->sessionLock);
-
-    return (session);
-}
-
-/* free all the data associated with a session. */
-static void
-fort11_DestroySession(PK11Session *session)
-{
-    PK11ObjectList *op,*next;
-/*    PORT_Assert(session->refCount == 0);*/
-
-    /* clean out the attributes */
-    FMUTEX_Lock(session->objectLock);
-    for (op = session->objects[0]; op != NULL; op = next) {
-        next = op->next;
-        /* paranoia */
-	op->next = op->prev = NULL;
-	fort11_DeleteObject(session,op->parent);
-    }
-    FMUTEX_Unlock(session->objectLock);
-
-    FMUTEX_Destroy(session->objectLock);
-    FMUTEX_Destroy(session->refLock);
-
-    if (session->search) {
-	fort11_FreeSearch(session->search);
-    }
-
-    pk11queue_delete(session, session->handle, session->slot->head,
-		     SESSION_HASH_SIZE);
-
-    PORT_Free(session);
-}
-
-
-/*
- * release a reference to a session handle
- */
-void
-fort11_FreeSession(PK11Session *session) {
-    PRBool destroy = PR_FALSE;
-    PK11Slot *slot = NULL;
-
-    if (!session) return;  /*Quick fix to elminate crash*/
-                           /*Fix in later version       */
-
-    if (FMUTEX_MutexEnabled()) {
-        slot = fort11_SlotFromSession(session);
-	FMUTEX_Lock(slot->sessionLock);
-    }
-    if (session->refCount == 1) destroy = PR_TRUE;
-    session->refCount--;
-    if (FMUTEX_MutexEnabled()) {
-        FMUTEX_Unlock(slot->sessionLock);
-    }
-
-    if (destroy) {
-      fort11_DestroySession(session);
-    }
-}
-
-
-/* return true if the object matches the template */
-PRBool
-fort11_objectMatch(PK11Object *object,CK_ATTRIBUTE_PTR theTemplate,int count) {
-    int i;
-
-    for (i=0; i < count; i++) {
-	PK11Attribute *attribute = 
-	    fort11_FindAttribute(object,theTemplate[i].type);
-	if (attribute == NULL) {
-	    return PR_FALSE;
-	}
-	if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
-	    if (PORT_Memcmp(attribute->attrib.pValue,theTemplate[i].pValue,
-					theTemplate[i].ulValueLen) == 0) {
-                fort11_FreeAttribute(attribute);
-		continue;
-	    }
-	}
-        fort11_FreeAttribute(attribute);
-	return PR_FALSE;
-    }
-    return PR_TRUE;
-}
-
-/* search through all the objects in the queue and return the template matches
- * in the object list.
- */
-CK_RV
-fort11_searchObjectList(PK11ObjectListElement **objectList,PK11Object **head,
-			void *lock, CK_ATTRIBUTE_PTR theTemplate, int count) {
-    int i;
-    PK11Object *object;
-    CK_RV rv;
-
-    for(i=0; i < HASH_SIZE; i++) {
-        /* We need to hold the lock to copy a consistant version of
-         * the linked list. */
-        FMUTEX_Lock(lock);
-	for (object = head[i]; object != NULL; object= object->next) {
-	    if (fort11_objectMatch(object,theTemplate,count)) {
-	        rv = fort11_AddToList(objectList,object);
-		if (rv != CKR_OK) {
-		    return rv;
-		}
-	    }
-	}
-	FMUTEX_Unlock(lock);
-    }
-    return CKR_OK;
-}
-
-static PRBool
-fort11_NotAllFuncsNULL (CK_C_INITIALIZE_ARGS_PTR pArgs) {
-    return (PRBool)(pArgs && pArgs->CreateMutex && pArgs->DestroyMutex &&
-		    pArgs->LockMutex   && pArgs->UnlockMutex);
-}
-
-static PRBool
-fort11_InArgCheck(CK_C_INITIALIZE_ARGS_PTR pArgs) {
-    PRBool rv;
-    /* The only check for now, is to make sure that all of the
-     * function pointers are either all NULL or all Non-NULL.
-     * We also need to make sure the pReserved field in pArgs is
-     * set to NULL.
-     */
-    if (pArgs == NULL) {
-        return  PR_TRUE; /* If the argument is NULL, no
-			  * inconsistencies can exist.
-			  */
-    }
-
-    if (pArgs->pReserved != NULL) {
-        return PR_FALSE;
-    }
-
-    if (pArgs->CreateMutex != NULL) {
-        rv = (PRBool) (pArgs->DestroyMutex != NULL &&
-		       pArgs->LockMutex    != NULL &&
-		       pArgs->UnlockMutex  != NULL);
-    } else { /*pArgs->CreateMutex == NULL*/
-        rv = (PRBool) (pArgs->DestroyMutex == NULL &&
-		       pArgs->LockMutex    == NULL &&
-		       pArgs->UnlockMutex  == NULL);
-    }
-    return rv;
-}
-
-
-
-/**********************************************************************
- *
- *     Start of PKCS 11 functions 
- *
- **********************************************************************/
- 
- 
-/**********************************************************************
- *
- * In order to get this to work on 68K, we have to do some special tricks,
- * First trick is that we need to make the module a Code Resource, and
- * all Code Resources on 68K have to have a main function.  So we 
- * define main to be a wrapper for C_GetFunctionList which will be the
- * first funnction called by any software that uses the PKCS11 module.
- *
- * The second trick is that whenever you access a global variable from
- * the Code Resource, it does funny things to the stack on 68K, so we 
- * need to call some macros that handle the stack for us.  First thing
- * you do is call EnterCodeResource() first thing in a function that 
- * accesses a global, right before you leave that function, you call 
- * ExitCodeResource.  This will take care of stack management.
- *
- * Third trick is to call __InitCode__() when we first enter the module
- * so that all of the global variables get initialized properly.
- *
- **********************************************************************/ 
- 
-#if defined(XP_MAC) && !defined(__POWERPC__)
-
-#define FORT11_RETURN(exp)  {ExitCodeResource(); return (exp);}
-#define FORT11_ENTER() EnterCodeResource();
-
-#else /*XP_MAC*/
-
-#define FORT11_RETURN(exp)  return (exp);
-#define FORT11_ENTER() 
-
-#endif /*XP_MAC*/
-
-#define CARD_OK(rv)   if ((rv) != CI_OK) FORT11_RETURN (CKR_DEVICE_ERROR); 
-#define SLOT_OK(slot) if ((slot) > kNumSockets) FORT11_RETURN (CKR_SLOT_ID_INVALID);
- 
-#ifdef XP_MAC 
-/* This is not a 4.0 project, so I can't depend on
- * 4.0 defines, so instead I depend on CodeWarrior 
- * defines.
- */
-#if __POWERPC__
-#elif __CFM68K__
-#else
-/* To get this to work on 68K, we need to have
- * the symbol main.  So we just make it a wrapper for C_GetFunctionList.
- */
-PR_PUBLIC_API(CK_RV) main(CK_FUNCTION_LIST_PTR *pFunctionList) {
-    FORT11_ENTER()
-    CK_RV rv;
-  
-    __InitCode__();
-  
-    rv = C_GetFunctionList(pFunctionList);
-    FORT11_RETURN (rv);
-}
-#endif
-
-#endif /*XP_MAC*/
-
-/* Return the function list */
-PR_PUBLIC_API(CK_RV) C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
-    /* No need to do a FORT11_RETURN as this function will never be directly
-     * called in the case where we need to do stack management.  
-     * The main function will call this after taking care of stack stuff.
-     */
-    *pFunctionList = &fort11_funcList;
-    return CKR_OK;
-}
-
-
-/* C_Initialize initializes the Cryptoki library. */
-PR_PUBLIC_API(CK_RV) C_Initialize(CK_VOID_PTR pReserved) {
-    FORT11_ENTER()
-    int i,j, tempNumSockets;
-    int rv = 1;
-    CK_C_INITIALIZE_ARGS_PTR pArgs = (CK_C_INITIALIZE_ARGS_PTR)pReserved;
-    CK_RV mrv;
-
-    /* intialize all the slots */
-    if (!init) {
-      init = PR_TRUE;
-
-      /* need to initialize locks before MACI_Initialize is called in
-       * software fortezza. */
-      if (pArgs) {
-	  if (!fort11_InArgCheck(pArgs)) {
-	      FORT11_RETURN (CKR_ARGUMENTS_BAD);
-	  }
-	  if (pArgs->flags & CKF_OS_LOCKING_OK){
-	      if (!fort11_NotAllFuncsNULL(pArgs)) {
-		  FORT11_RETURN (CKR_CANT_LOCK);
-	      }
-	  }
-	  if (fort11_NotAllFuncsNULL(pArgs)) {
-	      mrv = FMUTEX_Init(pArgs);
-	      if (mrv != CKR_OK) {
-		  return CKR_GENERAL_ERROR;
-	      }
-	  }
-      }
-      rv = MACI_Initialize (&tempNumSockets);
-      kNumSockets = (CK_ULONG)tempNumSockets;
-      
-      CARD_OK (rv);
-      for (i=0; i < (int) kNumSockets; i++) {
-	if (FMUTEX_MutexEnabled()) {
-	    mrv = FMUTEX_Create(&fort11_slot[i].sessionLock);
-	    if (mrv != CKR_OK) {
-	        FORT11_RETURN (CKR_GENERAL_ERROR);
-	    }
-	    mrv = FMUTEX_Create(&fort11_slot[i].objectLock);
-	    if (mrv != CKR_OK) {
-	        FMUTEX_Destroy(fort11_slot[i].sessionLock);
-	        FORT11_RETURN (CKR_GENERAL_ERROR);
-	    }
-	} else {
-	    fort11_slot[i].sessionLock = NULL;
-	    fort11_slot[i].objectLock  = NULL;
-	}
-	for(j=0; j < SESSION_HASH_SIZE; j++) {
-	  fort11_slot[i].head[j] = NULL;
-	}
-	for(j=0; j < HASH_SIZE; j++) {
-	  fort11_slot[i].tokObjects[j] = NULL;
-	}
-	fort11_slot[i].password = NULL;
-	fort11_slot[i].hasTokens = PR_FALSE;
-	fort11_slot[i].sessionIDCount = fort11_firstSessionID (i);
-	fort11_slot[i].sessionCount = 0;
-	fort11_slot[i].rwSessionCount = 0;
-	fort11_slot[i].tokenIDCount = 1;
-	fort11_slot[i].needLogin = PR_TRUE;
-	fort11_slot[i].isLoggedIn = PR_FALSE;
-	fort11_slot[i].ssoLoggedIn = PR_FALSE;
-	fort11_slot[i].DB_loaded = PR_FALSE;
-	fort11_slot[i].slotID= i+1;
-	InitSocket(&fortezzaSockets[i], i+1);
-      }
-    }
-    FORT11_RETURN (CKR_OK);
-}
-
-/*C_Finalize indicates that an application is done with the Cryptoki library.*/
-PR_PUBLIC_API(CK_RV) C_Finalize (CK_VOID_PTR pReserved) {
-    FORT11_ENTER()
-    int i;
-
-    for (i=0; i< (int) kNumSockets; i++) {
-        FreeSocket(&fortezzaSockets[i]);
-    }
-    MACI_Terminate(fortezzaSockets[0].maciSession);
-    init = PR_FALSE;
-    FORT11_RETURN (CKR_OK);
-}
-
-
-
-
-/* C_GetInfo returns general information about Cryptoki. */
-PR_PUBLIC_API(CK_RV)  C_GetInfo(CK_INFO_PTR pInfo) {
-    FORT11_ENTER()
-    pInfo->cryptokiVersion = fort11_funcList.version;
-    PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
-    pInfo->libraryVersion.major = 1;
-    pInfo->libraryVersion.minor = 7;
-    PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
-    pInfo->flags = 0;
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_GetSlotList obtains a list of slots in the system. */
-PR_PUBLIC_API(CK_RV) C_GetSlotList(CK_BBOOL	   tokenPresent,
-				   CK_SLOT_ID_PTR pSlotList, 
-				   CK_ULONG_PTR   pulCount) {
-    FORT11_ENTER()
-    int i;
-
-    if (pSlotList != NULL) {
-      if (*pulCount >= kNumSockets) {
-	for (i=0; i < (int) kNumSockets; i++) {
-	  pSlotList[i] = i+1; 
-	}
-      } else {
-	FORT11_RETURN (CKR_BUFFER_TOO_SMALL); 
-      }
-    } else {
-      *pulCount = kNumSockets;
-    }
-    FORT11_RETURN (CKR_OK);
-}
-	
-/* C_GetSlotInfo obtains information about a particular slot in the system. */
-PR_PUBLIC_API(CK_RV) C_GetSlotInfo(CK_SLOT_ID       slotID, 
-				   CK_SLOT_INFO_PTR pInfo) {
-  FORT11_ENTER()
-    int        rv;
-    CI_CONFIG  ciConfig;
-    CI_STATE   ciState;
-    HSESSION   maciSession;
-    char       slotDescription[65];
-    FortezzaSocket *socket;
-    
-
-    SLOT_OK(slotID);
-    
-    socket = &fortezzaSockets[slotID-1];
-    if (!socket->isOpen) {
-        InitSocket(socket, slotID);
-    }
-    maciSession = socket->maciSession;
-
-    rv = MACI_Select(maciSession, slotID);
-
-    CARD_OK (rv)
-
-    rv = MACI_GetConfiguration (maciSession, &ciConfig);
-
-
-    pInfo->firmwareVersion.major = 0;
-    pInfo->firmwareVersion.minor = 0;
-#ifdef SWFORT
-    PORT_Memcpy (pInfo->manufacturerID,"Netscape Communications Corp    ",32);
-    PORT_Memcpy (slotDescription,"Netscape Software Slot #        ",32);
-#define _local_BASE 24
-#else
-    PORT_Memcpy (pInfo->manufacturerID,"LITRONIC                        ",32);
-    PORT_Memcpy (slotDescription,"Litronic MACI Slot #            ",32);
-#define _local_BASE 20
-#endif
-    slotDescription[_local_BASE] = (char )((slotID < 10) ? slotID : 
-							slotID/10) + '0';
-    if (slotID >= 10) slotDescription[_local_BASE+1] = 
-						(char)(slotID % 10) + '0';
-    PORT_Memcpy (&slotDescription[32],"                                ",32);
-    PORT_Memcpy (pInfo->slotDescription, slotDescription          , 64);
-    if (rv == CI_OK) {
-        pInfo->hardwareVersion.major = 
-	    (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
-	pInfo->hardwareVersion.minor = 
-	    ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
-	pInfo->flags = CKF_TOKEN_PRESENT;
-    } else {
-       pInfo->hardwareVersion.major = 0;
-       pInfo->hardwareVersion.minor = 0;
-       pInfo->flags = 0;
-    }
-#ifdef SWFORT
-    /* do we need to make it a removable device as well?? */
-    pInfo->flags |= CKF_REMOVABLE_DEVICE;
-#else
-    pInfo->flags |= (CKF_REMOVABLE_DEVICE | CKF_HW_SLOT);
-#endif
-    
-    rv = MACI_GetState(maciSession, &ciState);
- 
-    if (rv == CI_OK) {
-        switch (ciState) {
-	case CI_ZEROIZE:
-	case CI_INTERNAL_FAILURE:
-	    pInfo->flags &= (~CKF_TOKEN_PRESENT);
-	default:
-	    break;
-	}
-    } else {
-        pInfo->flags &= (~CKF_TOKEN_PRESENT);
-    }
-
-    FORT11_RETURN (CKR_OK);
-}
-
-#define CKF_THREAD_SAFE 0x8000 
-
-/* C_GetTokenInfo obtains information about a particular token
-   in the system. */
-PR_PUBLIC_API(CK_RV) C_GetTokenInfo(CK_SLOT_ID        slotID,
-				    CK_TOKEN_INFO_PTR pInfo) {
-	FORT11_ENTER()
-    CI_STATUS cardStatus;
-    CI_CONFIG ciConfig;
-    PK11Slot *slot;
-    int rv, i;
-    char tmp[33];
-    FortezzaSocket *socket;
-
-    SLOT_OK (slotID);
-    
-    slot = &fort11_slot[slotID-1];
-    
-    socket = &fortezzaSockets[slotID-1];
-    if (!socket->isOpen) {
-        InitSocket(socket, slotID);
-    }
-
-    rv = MACI_Select (socket->maciSession, slotID);
-    rv = MACI_GetStatus (socket->maciSession, &cardStatus);
-    if (rv != CI_OK) {
-        FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-#ifdef SWFORT
-    sprintf (tmp, "Software FORTEZZA Slot #%d", (int) slotID);
-#else
-    sprintf (tmp, "FORTEZZA Slot #%d", (int) slotID);
-#endif
-    
-    PORT_Memcpy (pInfo->label, tmp, PORT_Strlen(tmp)+1);
-
-    for (i=0; i<8; i++) {
-        int serNum;
-
-	serNum = (int)cardStatus.SerialNumber[i];
-	sprintf ((char*)&pInfo->serialNumber[2*i], "%.2x", serNum);
-    }
-
-    rv = MACI_GetTime (fortezzaSockets[slotID-1].maciSession, pInfo->utcTime);
-    if (rv == CI_OK) {
-      pInfo->flags = CKF_CLOCK_ON_TOKEN;  
-    } else {
-      switch (rv) {
-      case CI_LIB_NOT_INIT:
-      case CI_INV_POINTER:
-      case CI_NO_CARD:
-      case CI_NO_SOCKET:
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-      default:
-	pInfo->flags = 0;
-	break;
-      }
-    }
-    
-    rv = MACI_GetConfiguration (fortezzaSockets[slotID-1].maciSession, 
-				&ciConfig);
-
-    if (rv == CI_OK) {
-        PORT_Memcpy(pInfo->manufacturerID,ciConfig.ManufacturerName,
-		    PORT_Strlen(ciConfig.ManufacturerName));
-	for (i=PORT_Strlen(ciConfig.ManufacturerName); i<32; i++) {
-	    pInfo->manufacturerID[i] = ' ';
-	}
-	PORT_Memcpy(pInfo->model,ciConfig.ProcessorType,16);    
-    }
-    pInfo->ulMaxPinLen = CI_PIN_SIZE;
-    pInfo->ulMinPinLen = 0;
-    pInfo->ulTotalPublicMemory = 0;
-    pInfo->ulFreePublicMemory  = 0;
-    pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED| CKF_USER_PIN_INITIALIZED | 
-                    CKF_THREAD_SAFE | CKF_WRITE_PROTECTED;
-
-    pInfo->ulMaxSessionCount = 0; 
-    pInfo->ulSessionCount = slot->sessionCount; 
-    pInfo->ulMaxRwSessionCount = 0; 
-    pInfo->ulRwSessionCount = slot->rwSessionCount; 
-
-    if (rv == CI_OK) {    
-        pInfo->firmwareVersion.major = 
-	    (ciConfig.ManufacturerSWVer & MAJOR_VERSION_MASK) >> 8; 
-	pInfo->firmwareVersion.minor = 
-	    ciConfig.ManufacturerSWVer & MINOR_VERSION_MASK;
-	pInfo->hardwareVersion.major = 
-	    (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
-	pInfo->hardwareVersion.minor = 
-	    ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
-    }
-    FORT11_RETURN (CKR_OK);
-}
-
-
-
-/* C_GetMechanismList obtains a list of mechanism types supported by a 
-   token. */
-PR_PUBLIC_API(CK_RV) C_GetMechanismList(CK_SLOT_ID            slotID,
-					CK_MECHANISM_TYPE_PTR pMechanismList, 
-					CK_ULONG_PTR          pulCount) {
-  FORT11_ENTER()
-  CK_RV rv = CKR_OK;
-  int i;
-  
-  SLOT_OK (slotID);
-
-  if (pMechanismList == NULL) {
-    *pulCount = mechanismCount;
-  } else {
-    if (*pulCount >= mechanismCount) {
-      *pulCount = mechanismCount;
-      for (i=0; i< (int)mechanismCount; i++) {
-	pMechanismList[i] = mechanisms[i].type;
-      }
-    } else {
-      rv = CKR_BUFFER_TOO_SMALL;
-    }
-  }
-  FORT11_RETURN (rv);
-}
-
-
-/* C_GetMechanismInfo obtains information about a particular mechanism 
- * possibly supported by a token. */
-PR_PUBLIC_API(CK_RV) C_GetMechanismInfo(CK_SLOT_ID            slotID, 
-					CK_MECHANISM_TYPE     type,
-					CK_MECHANISM_INFO_PTR pInfo) {
-  int i;
-  FORT11_ENTER()
-  SLOT_OK (slotID);
-
-  for (i=0; i< (int)mechanismCount; i++) {
-    if (type == mechanisms[i].type) {
-      PORT_Memcpy (pInfo, &mechanisms[i].domestic, sizeof (CK_MECHANISM_INFO));
-      FORT11_RETURN (CKR_OK);
-    }
-  }
-  FORT11_RETURN (CKR_MECHANISM_INVALID);
-}
-
-
-/* C_InitToken initializes a token. */
-PR_PUBLIC_API(CK_RV) C_InitToken(CK_SLOT_ID  slotID,
-				 CK_CHAR_PTR pPin,
-				 CK_ULONG    ulPinLen,
-				 CK_CHAR_PTR pLabel) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-PR_PUBLIC_API(CK_RV) C_InitPIN(CK_SESSION_HANDLE hSession,
-			       CK_CHAR_PTR       pPin, 
-			       CK_ULONG          ulPinLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
-PR_PUBLIC_API(CK_RV) C_SetPIN(CK_SESSION_HANDLE hSession, 
-			      CK_CHAR_PTR       pOldPin,
-			      CK_ULONG          ulOldLen, 
-			      CK_CHAR_PTR       pNewPin, 
-			      CK_ULONG          ulNewLen) {
-  FORT11_ENTER()
-#ifndef SWFORT
-  CI_PIN       ciOldPin, ciNewPin;
-#endif
-  PK11Session *session;
-  PK11Slot    *slot;
-  int          rv;
-
-  session = fort11_SessionFromHandle (hSession, PR_FALSE);
-
-  slot = fort11_SlotFromSession (session);
-  SLOT_OK(slot->slotID)
-
-  if (session == NULL) {
-      session = fort11_SessionFromHandle (hSession, PR_TRUE);
-      fort11_TokenRemoved(slot, session);
-      FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-  }
-
-  rv = MACI_Select (fortezzaSockets[slot->slotID-1].maciSession, slot->slotID);
-  CARD_OK (rv)
-  
-  if (slot->needLogin && session->info.state != CKS_RW_USER_FUNCTIONS) {
-    fort11_FreeSession (session);
-    FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-  }
-
-  fort11_FreeSession (session);
-
-  if (ulNewLen > CI_PIN_SIZE || ulOldLen > CI_PIN_SIZE) 
-    FORT11_RETURN (CKR_PIN_LEN_RANGE);
-
-#ifndef SWFORT
-  fort11_convertToCIPin (ciOldPin,pOldPin, ulOldLen);
-  fort11_convertToCIPin (ciNewPin,pNewPin, ulNewLen);
-
-  rv = MACI_ChangePIN (fortezzaSockets[slot->slotID-1].maciSession, 
-		       CI_USER_PIN, ciOldPin, ciNewPin);
-#else
-  rv = MACI_ChangePIN (fortezzaSockets[slot->slotID-1].maciSession, 
-		       CI_USER_PIN,  pOldPin, pNewPin);
-#endif
-
-  if (rv != CI_OK) {
-    switch (rv) {
-    case CI_FAIL:
-      FORT11_RETURN (CKR_PIN_INCORRECT);
-    default:
-      FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-  } 
-  FORT11_RETURN (CKR_OK);
-}
-
-/* C_OpenSession opens a session between an application and a token. */
-PR_PUBLIC_API(CK_RV) C_OpenSession(CK_SLOT_ID            slotID, 
-				   CK_FLAGS              flags,
-				   CK_VOID_PTR           pApplication,
-				   CK_NOTIFY             Notify,
-				   CK_SESSION_HANDLE_PTR phSession) {
-  FORT11_ENTER()
-  PK11Slot          *slot;
-  CK_SESSION_HANDLE  sessionID;
-  PK11Session       *session;
-  FortezzaSocket    *socket;
-
-  SLOT_OK (slotID)
-  slot = &fort11_slot[slotID-1];
-  socket = &fortezzaSockets[slotID-1];
-
-  if (!socket->isOpen) {
-      if (InitSocket(socket, slotID) != SOCKET_SUCCESS) {
-	  FORT11_RETURN (CKR_TOKEN_NOT_PRESENT);
-      }
-  }
-
-  session = fort11_NewSession (slotID, Notify, pApplication, 
-			       flags | CKF_SERIAL_SESSION);
-
-  if (session == NULL) FORT11_RETURN (CKR_HOST_MEMORY);
-
-  FMUTEX_Lock(slot->sessionLock);
-
-  slot->sessionIDCount += ADD_NEXT_SESS_ID;
-  sessionID = slot->sessionIDCount;
-  fort11_update_state (slot, session);
-  pk11queue_add (session, sessionID, slot->head, SESSION_HASH_SIZE);
-  slot->sessionCount++;
-  if (session->info.flags & CKF_RW_SESSION) {
-    slot->rwSessionCount++;
-  }
-  session->handle = sessionID;
-  session->info.ulDeviceError = 0;
-
-  FMUTEX_Unlock(slot->sessionLock);
-  
-  *phSession = sessionID;
-  FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_CloseSession closes a session between an application and a token. */
-PR_PUBLIC_API(CK_RV) C_CloseSession(CK_SESSION_HANDLE hSession) {
-  FORT11_ENTER()
-  PK11Slot    *slot;
-  PK11Session *session;
-  
-  session = fort11_SessionFromHandle  (hSession, PR_TRUE);
-  slot = fort11_SlotFromSessionHandle (hSession);
-
-  if (session == NULL) {
-      FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-  }
-  
-  FMUTEX_Lock(slot->sessionLock);
-  if (session->next || session->prev) {
-    session->refCount--;
-    if (session->info.flags & CKF_RW_SESSION) {
-      slot->rwSessionCount--;
-    }
-    if (slot->sessionCount == 0) {
-      slot->isLoggedIn = PR_FALSE;
-      slot->password = NULL;
-    }
-  }
-
-  FMUTEX_Unlock(slot->sessionLock);
-  
-  fort11_FreeSession (session);
-  FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-PR_PUBLIC_API(CK_RV) C_CloseAllSessions (CK_SLOT_ID slotID) {
-  FORT11_ENTER()
-  PK11Slot *slot;
-  PK11Session *session;
-  int i;
-  
-  
-  slot = fort11_SlotFromID(slotID);
-  if (slot == NULL) FORT11_RETURN (CKR_SLOT_ID_INVALID);
-  
-  /* first log out the card */
-  FMUTEX_Lock(slot->sessionLock);
-  slot->isLoggedIn = PR_FALSE;
-  slot->password = NULL;
-  FMUTEX_Unlock(slot->sessionLock);
-  
-  /* now close all the current sessions */
-  /* NOTE: If you try to open new sessions before C_CloseAllSessions
-   * completes, some of those new sessions may or may not be closed by
-   * C_CloseAllSessions... but any session running when this code starts
-   * will guarrenteed be close, and no session will be partially closed */
-  for (i=0; i < SESSION_HASH_SIZE; i++) {
-    do {
-      FMUTEX_Lock(slot->sessionLock);
-      session = slot->head[i];
-      /* hand deque */
-      /* this duplicates much of C_close session functionality, but because
-       * we know that we are freeing all the sessions, we and do some
-       * more efficient processing */
-      if (session) {
-	slot->head[i] = session->next;
-	if (session->next) session->next->prev = NULL;
-	session->next = session->prev = NULL;
-	slot->sessionCount--;
-	if (session->info.flags & CKF_RW_SESSION) {
-	  slot->rwSessionCount--;
-	}
-      }
-      FMUTEX_Unlock(slot->sessionLock);
-      if (session) fort11_FreeSession(session);
-    } while (session != NULL);
-  }
-  FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_GetSessionInfo obtains information about the session. */
-PR_PUBLIC_API(CK_RV) C_GetSessionInfo(CK_SESSION_HANDLE   hSession,
-				      CK_SESSION_INFO_PTR pInfo) {
-    FORT11_ENTER()
-    PK11Session    *session;
-    PK11Slot       *slot;
-    CI_STATE        cardState;
-    FortezzaSocket *socket;
-    int             ciRV;
-    
-    session = fort11_SessionFromHandle (hSession, PR_FALSE);
-    slot    = fort11_SlotFromSessionHandle(hSession);
-    socket  = &fortezzaSockets[slot->slotID-1];
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-    PORT_Memcpy (pInfo, &session->info, sizeof (CK_SESSION_INFO));
-    fort11_FreeSession(session);
-
-    ciRV = MACI_Select(socket->maciSession, slot->slotID);
-    CARD_OK(ciRV)
-
-    ciRV = MACI_GetState(socket->maciSession, &cardState);
-    CARD_OK(ciRV)
-
-    if (socket->isLoggedIn) { 
-        switch (cardState) {
-	case CI_POWER_UP:
-	case CI_UNINITIALIZED:
-	case CI_INITIALIZED:
-	case CI_SSO_INITIALIZED:
-	case CI_LAW_INITIALIZED:
-	case CI_USER_INITIALIZED:
-	  pInfo->state = CKS_RO_PUBLIC_SESSION;
-	  break;
-	case CI_STANDBY:
-	case CI_READY:
-	  pInfo->state = CKS_RO_USER_FUNCTIONS;
-	  break;
-	default:
-	  pInfo->state = CKS_RO_PUBLIC_SESSION;
-	  break;
-	}
-    } else {
-        pInfo->state = CKS_RO_PUBLIC_SESSION;
-    }
-
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_Login logs a user into a token. */
-PR_PUBLIC_API(CK_RV) C_Login(CK_SESSION_HANDLE hSession,
-			     CK_USER_TYPE      userType,
-			     CK_CHAR_PTR       pPin, 
-			     CK_ULONG          ulPinLen) {
-  FORT11_ENTER()
-  PK11Slot    *slot;
-  PK11Session *session;
-#ifndef SWFORT
-  CI_PIN       ciPin;
-#endif
-  int          rv, ciUserType;
-
-  slot = fort11_SlotFromSessionHandle (hSession);
-  session = fort11_SessionFromHandle(hSession, PR_FALSE);
-
-  if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-  }
-
-  fort11_FreeSession(session);
-
-  if (slot->isLoggedIn) FORT11_RETURN (CKR_USER_ALREADY_LOGGED_IN);
-  slot->ssoLoggedIn = PR_FALSE;
-
-#ifndef SWFORT
-  if (ulPinLen > CI_PIN_SIZE) FORT11_RETURN (CKR_PIN_LEN_RANGE);
-
-  fort11_convertToCIPin (ciPin, pPin, ulPinLen);
-#endif
-  switch (userType) {
-  case CKU_SO:
-    ciUserType = CI_SSO_PIN;
-    break;
-  case CKU_USER:
-    ciUserType = CI_USER_PIN;
-    break;
-  default:
-    FORT11_RETURN (CKR_USER_TYPE_INVALID);
-  }
-  
-#ifndef SWFORT
-  rv = LoginToSocket(&fortezzaSockets[slot->slotID-1], ciUserType, ciPin);
-#else
-  rv = LoginToSocket(&fortezzaSockets[slot->slotID-1], ciUserType, pPin);
-#endif
-
-  switch (rv) {
-  case SOCKET_SUCCESS:
-    break;
-  case CI_FAIL:
-    FORT11_RETURN (CKR_PIN_INCORRECT);
-  default:
-    FORT11_RETURN (CKR_DEVICE_ERROR);
-  }
-
-  FMUTEX_Lock(slot->sessionLock);
-  slot->isLoggedIn = PR_TRUE;
-  if (userType == CKU_SO) {
-    slot->ssoLoggedIn = PR_TRUE;
-  }
-  FMUTEX_Unlock(slot->sessionLock);
-  
-  fort11_update_all_states(slot);
-  FORT11_RETURN (CKR_OK);
-}
-
-/* C_Logout logs a user out from a token. */
-PR_PUBLIC_API(CK_RV) C_Logout(CK_SESSION_HANDLE hSession) {
-    FORT11_ENTER()
-    PK11Slot    *slot    = fort11_SlotFromSessionHandle(hSession);
-    PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (!slot->isLoggedIn)
-      FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-    
-    FMUTEX_Lock(slot->sessionLock);
-
-    slot->isLoggedIn  = PR_FALSE;
-    slot->ssoLoggedIn = PR_FALSE;
-    slot->password    = NULL;
-    LogoutFromSocket  (&fortezzaSockets[slot->slotID-1]);
-
-    FMUTEX_Unlock(slot->sessionLock);
-      
-    fort11_update_all_states(slot);
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_CreateObject creates a new object. */
-PR_PUBLIC_API(CK_RV) C_CreateObject(CK_SESSION_HANDLE    hSession,
-				    CK_ATTRIBUTE_PTR     pTemplate, 
-				    CK_ULONG             ulCount, 
-				    CK_OBJECT_HANDLE_PTR phObject) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_CopyObject copies an object, creating a new object for the copy. */
-PR_PUBLIC_API(CK_RV) C_CopyObject(CK_SESSION_HANDLE    hSession,
-				  CK_OBJECT_HANDLE     hObject, 
-				  CK_ATTRIBUTE_PTR     pTemplate, 
-				  CK_ULONG             ulCount,
-				  CK_OBJECT_HANDLE_PTR phNewObject) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DestroyObject destroys an object. */
-PR_PUBLIC_API(CK_RV) C_DestroyObject(CK_SESSION_HANDLE hSession,
-				     CK_OBJECT_HANDLE  hObject) {
-    FORT11_ENTER()
-    PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    PK11Object *object;
-    PK11FreeStatus status;
-
-    /*
-     * This whole block just makes sure we really can destroy the
-     * requested object.
-     */
-    session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    object = fort11_ObjectFromHandle(hObject,session);
-    if (object == NULL) {
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OBJECT_HANDLE_INVALID);
-    }
-
-    /* don't destroy a private object if we aren't logged in */
-    if ((!slot->isLoggedIn) && (slot->needLogin) &&
-				(fort11_isTrue(object,CKA_PRIVATE))) {
-	fort11_FreeSession(session);
-	fort11_FreeObject(object);
-	FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-    }
-
-    /* don't destroy a token object if we aren't in a rw session */
-
-    if (((session->info.flags & CKF_RW_SESSION) == 0) &&
-				(fort11_isTrue(object,CKA_TOKEN))) {
-	fort11_FreeSession(session);
-	fort11_FreeObject(object);
-	FORT11_RETURN (CKR_SESSION_READ_ONLY);
-    }
-
-    /* ACTUALLY WE NEED TO DEAL WITH TOKEN OBJECTS AS WELL */
-    FMUTEX_Lock(session->objectLock);
-    fort11_DeleteObject(session,object);
-    FMUTEX_Unlock(session->objectLock);
-
-    fort11_FreeSession(session);
-
-    /*
-     * get some indication if the object is destroyed. Note: this is not
-     * 100%. Someone may have an object reference outstanding (though that
-     * should not be the case by here. Also now that the object is "half"
-     * destroyed. Our internal representation is destroyed, but it is still
-     * in the data base.
-     */
-    status = fort11_FreeObject(object);
-
-    FORT11_RETURN ((status != PK11_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR);
-}
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-PR_PUBLIC_API(CK_RV) C_GetObjectSize(CK_SESSION_HANDLE hSession,
-				     CK_OBJECT_HANDLE  hObject, 
-				     CK_ULONG_PTR      pulSize) {
-	/* For functions that don't access globals, we don't have to worry about the
-     * stack.
-     */	
-    *pulSize = 0;
-    return CKR_OK;
-}
-
-
-/* C_GetAttributeValue obtains the value of one or more object attributes. */
-PR_PUBLIC_API(CK_RV) C_GetAttributeValue(CK_SESSION_HANDLE hSession,
-					 CK_OBJECT_HANDLE  hObject,
-					 CK_ATTRIBUTE_PTR  pTemplate,
-					 CK_ULONG          ulCount) {
-    FORT11_ENTER()
-    PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    PK11Object *object;
-    PK11Attribute *attribute;
-    PRBool sensitive;
-    int i;
-
-    /*
-     * make sure we're allowed
-     */
-    session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    object = fort11_ObjectFromHandle(hObject,session);
-    fort11_FreeSession(session);
-    if (object == NULL) {
-	FORT11_RETURN (CKR_OBJECT_HANDLE_INVALID);
-    }
-
-    /* don't read a private object if we aren't logged in */
-    if ((!slot->isLoggedIn) && (slot->needLogin) &&
-				(fort11_isTrue(object,CKA_PRIVATE))) {
-	fort11_FreeObject(object);
-	FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-    }
-
-    sensitive = fort11_isTrue(object,CKA_SENSITIVE);
-    for (i=0; i <  (int)ulCount; i++) {
-	/* Make sure that this attribute is retrievable */
-	if (sensitive && fort11_isSensitive(pTemplate[i].type,object->objclass)) {
-	    fort11_FreeObject(object);
-	    FORT11_RETURN (CKR_ATTRIBUTE_SENSITIVE);
-	}
-	attribute = fort11_FindAttribute(object,pTemplate[i].type);
-	if (attribute == NULL) {
-	    fort11_FreeObject(object);
-	    FORT11_RETURN (CKR_ATTRIBUTE_TYPE_INVALID);
-	}
-	if (pTemplate[i].pValue != NULL) {
-	    PORT_Memcpy(pTemplate[i].pValue,attribute->attrib.pValue,
-			attribute->attrib.ulValueLen);
-	}
-	pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
-	fort11_FreeAttribute(attribute);
-    }
-
-    fort11_FreeObject(object);
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_SetAttributeValue modifies the value of one or more object attributes */
-PR_PUBLIC_API(CK_RV) C_SetAttributeValue (CK_SESSION_HANDLE hSession,
-					  CK_OBJECT_HANDLE  hObject,
-					  CK_ATTRIBUTE_PTR  pTemplate,
-					  CK_ULONG          ulCount) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_FindObjectsInit initializes a search for token and session objects 
- * that match a template. */
-PR_PUBLIC_API(CK_RV) C_FindObjectsInit(CK_SESSION_HANDLE hSession,
-				       CK_ATTRIBUTE_PTR  pTemplate,
-				       CK_ULONG          ulCount) {
-    FORT11_ENTER()
-    PK11Slot              *slot = fort11_SlotFromSessionHandle(hSession);
-    PK11Session           *session;
-    PK11ObjectListElement *objectList = NULL;
-    PK11ObjectListElement *olp;
-    PK11SearchResults     *search, *freeSearch;
-    FortezzaSocket        *currSocket;
-    int                    rv, count, i;
-
-    if (slot == NULL) {
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    
-    if ((!slot->isLoggedIn) && (slot->needLogin)) 
-        FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-
-    session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-    currSocket = &fortezzaSockets[slot->slotID-1];
-    if (currSocket->personalityList == NULL) {
-        rv = FetchPersonalityList(currSocket);
-	if (rv != SOCKET_SUCCESS) {
-	    fort11_FreeSession(session);
-	    FORT11_RETURN (CKR_DEVICE_ERROR);
-	}
-
-	rv = fort11_BuildCertObjects(currSocket, slot, session);
-
-	if (rv != CKR_OK) {
-	    fort11_FreeSession(session);
-	    FORT11_RETURN (rv);
-	}
-
-	
-    }
-    rv = fort11_searchObjectList(&objectList, slot->tokObjects, 
-				slot->objectLock, pTemplate, ulCount);
-    if (rv != CKR_OK) {
-      fort11_FreeObjectList(objectList);
-      fort11_FreeSession(session);
-      FORT11_RETURN (rv);
-    }
-
-    /*copy list to session*/
-
-    count = 0;
-    for(olp = objectList; olp != NULL; olp = olp->next) {
-      count++;
-    } 
-
-    search = (PK11SearchResults *)PORT_Alloc(sizeof(PK11SearchResults));
-    if (search != NULL) {
-	search->handles = (CK_OBJECT_HANDLE *)
-				PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * count);
-	if (search->handles != NULL) {
-	    for (i=0; i < count; i++) {
-		search->handles[i] = objectList->object->handle;
-		objectList = fort11_FreeObjectListElement(objectList);
-	    }
-	} else {
-	    PORT_Free(search);
-	    search = NULL;
-	}
-    }
-    if (search == NULL) {
-	fort11_FreeObjectList(objectList);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    /* store the search info */
-    search->index = 0;
-    search->size = count;
-    if ((freeSearch = session->search) != NULL) {
-	session->search = NULL;
-	fort11_FreeSearch(freeSearch);
-    }
-    session->search = search;
-    fort11_FreeSession(session);
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_FindObjects continues a search for token and session objects 
- * that match a template, obtaining additional object handles. */
-PR_PUBLIC_API(CK_RV) C_FindObjects(CK_SESSION_HANDLE    hSession,
-				   CK_OBJECT_HANDLE_PTR phObject,
-				   CK_ULONG             ulMaxObjectCount,
-				   CK_ULONG_PTR         pulObjectCount) {
-    FORT11_ENTER()
-    PK11Session       *session;
-    PK11SearchResults *search;
-    PK11Slot          *slot;
-    int	transfer;
-    unsigned long left;
-
-    *pulObjectCount = 0;
-    session = fort11_SessionFromHandle(hSession,PR_FALSE);
-    slot    = fort11_SlotFromSessionHandle(hSession);
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-    if (session->search == NULL) {
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-    search = session->search;
-    left = session->search->size - session->search->index;
-    transfer = (ulMaxObjectCount > left) ? left : ulMaxObjectCount;
-    PORT_Memcpy(phObject,&search->handles[search->index],
-					transfer*sizeof(CK_OBJECT_HANDLE_PTR));
-    search->index += transfer;
-    if (search->index == search->size) {
-	session->search = NULL;
-	fort11_FreeSearch(search);
-    }
-    fort11_FreeSession(session);
-    *pulObjectCount = transfer;
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_FindObjectsFinal finishes a search for token and session objects. */
-PR_PUBLIC_API(CK_RV) C_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
-    FORT11_ENTER()
-    PK11Session       *session;
-    PK11SearchResults *search;
-    PK11Slot          *slot;
-
-    session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    slot    = fort11_SlotFromSessionHandle(hSession);
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-    search = session->search;
-    session->search = NULL;
-    if (search == NULL) {
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-    fort11_FreeSearch(search);
-
-    /* UnloadPersonalityList(&fortezzaSockets[session->slot->slotID-1]); */
-    fort11_FreeSession(session);
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptInit initializes an encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptInit(CK_SESSION_HANDLE hSession,
-				   CK_MECHANISM_PTR  pMechanism, 
-				   CK_OBJECT_HANDLE  hKey) {
-    FORT11_ENTER()
-    PK11Session     *session   = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot      = fort11_SlotFromSessionHandle(hSession);
-    PK11Object      *keyObject;
-    FortezzaSocket  *socket    = &fortezzaSockets[slot->slotID-1];
-    FortezzaContext *context;
-    HSESSION         hs        = socket->maciSession;
-    FortezzaKey     *fortezzaKey;
-    CI_IV            fortezzaIV;
-    int              ciRV, registerIndex;
-    
-
-    if (pMechanism->mechanism != CKM_SKIPJACK_CBC64) {
-        if (session) {
-	    fort11_FreeSession(session);
-	}
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-    
-    keyObject = fort11_ObjectFromHandle (hKey, session);
-
-    if (keyObject == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    ciRV = MACI_Select (hs, slot->slotID);
-    if (ciRV != CI_OK) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    ciRV = MACI_SetMode(hs, CI_ENCRYPT_TYPE, CI_CBC64_MODE);
-    if (ciRV != CI_OK) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    /*Load the correct key into a key register*/
-    fortezzaKey = (FortezzaKey*)keyObject->objectInfo;
-    fort11_FreeObject (keyObject);
-    if (fortezzaKey == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    if (fortezzaKey->keyRegister == KeyNotLoaded) {
-        registerIndex = LoadKeyIntoRegister (fortezzaKey);
-    } else {
-        registerIndex = fortezzaKey->keyRegister;
-    }
-
-    if (registerIndex == KeyNotLoaded) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    ciRV = MACI_SetKey (hs,registerIndex);
-    if (ciRV != CI_OK) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    ciRV = MACI_GenerateIV(hs, fortezzaIV);
-    if (ciRV != CI_OK) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-    context = &session->fortezzaContext;
-    InitContext(context, socket, hKey);
-    ciRV = SaveState(context, fortezzaIV, session, fortezzaKey, 
-		     CI_ENCRYPT_EXT_TYPE, pMechanism->mechanism);
-    if (ciRV != SOCKET_SUCCESS) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    if (pMechanism->pParameter != NULL && 
-	pMechanism->ulParameterLen >= sizeof(CI_IV)) {
-        PORT_Memcpy (pMechanism->pParameter, fortezzaIV, sizeof(CI_IV));
-    }
-
-    InitCryptoOperation(context, Encrypt);
-    fort11_FreeSession(session);
-
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_Encrypt encrypts single-part data. */
-PR_PUBLIC_API(CK_RV) C_Encrypt (CK_SESSION_HANDLE hSession, 
-				CK_BYTE_PTR       pData,
-				CK_ULONG          ulDataLen, 
-				CK_BYTE_PTR       pEncryptedData,
-				CK_ULONG_PTR      pulEncryptedDataLen) {
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle (hSession, PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket  *socket  = &fortezzaSockets[slot->slotID-1];
-    FortezzaContext *context;
-    HSESSION         hs;
-    CK_RV            rv;
-
-    
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession , PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    context = &session->fortezzaContext;
-    if (GetCryptoOperation(context) != Encrypt) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
-    }
-
-    *pulEncryptedDataLen = ulDataLen;
-    if (pEncryptedData == NULL) {
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    hs = socket->maciSession;
-    FMUTEX_Lock(socket->registersLock);
-    MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
-    rv = EncryptData (context, pData, ulDataLen, 
-		      pEncryptedData, *pulEncryptedDataLen);
-    MACI_Unlock(hs);
-    FMUTEX_Unlock(socket->registersLock);
-
-    if (rv != SOCKET_SUCCESS) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    EndCryptoOperation(context, Encrypt);
-    fort11_FreeSession(session);	      
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptUpdate continues a multiple-part encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptUpdate(CK_SESSION_HANDLE hSession,
-				     CK_BYTE_PTR       pPart, 
-				     CK_ULONG          ulPartLen, 
-				     CK_BYTE_PTR       pEncryptedPart,	
-				     CK_ULONG_PTR      pulEncryptedPartLen) {
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle(hSession,PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket  *socket  = &fortezzaSockets[slot->slotID-1];
-    FortezzaContext *context;
-    int              rv;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    context = &session->fortezzaContext;
-    
-    if (GetCryptoOperation(context) != Encrypt) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
-    }
-    
-    if (pEncryptedPart == NULL) {
-        *pulEncryptedPartLen = ulPartLen;
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    if (*pulEncryptedPartLen < ulPartLen) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
-    }
-
-    *pulEncryptedPartLen = ulPartLen;
-    
-    FMUTEX_Lock(socket->registersLock);
-    MACI_Lock(socket->maciSession, CI_BLOCK_LOCK_FLAG);
-    rv = EncryptData(context,pPart, ulPartLen, pEncryptedPart, 
-		     *pulEncryptedPartLen);
-    MACI_Unlock(socket->maciSession);
-    FMUTEX_Unlock(socket->registersLock);
-
-    fort11_FreeSession(session);
-    if (rv != SOCKET_SUCCESS) {
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptFinal finishes a multiple-part encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptFinal(CK_SESSION_HANDLE hSession,
-				    CK_BYTE_PTR       pLastEncryptedPart, 
-				    CK_ULONG_PTR      pulLastEncryptedPartLen){
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaContext *context;
-    int              rv;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-  
-    context = &session->fortezzaContext;
-
-    rv = EndCryptoOperation(context, Encrypt);
-    fort11_FreeSession(session);
-
-    FORT11_RETURN (CKR_OK);
-}
-/* C_DecryptInit initializes a decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptInit( CK_SESSION_HANDLE hSession,
-				    CK_MECHANISM_PTR  pMechanism, 
-				    CK_OBJECT_HANDLE  hKey) {
-    FORT11_ENTER()
-    PK11Session     *session   = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot      = fort11_SlotFromSessionHandle(hSession);
-    PK11Object      *keyObject;
-    FortezzaSocket  *socket    = &fortezzaSockets[slot->slotID-1];
-    FortezzaContext *context;
-    HSESSION         hs        = socket->maciSession;
-    FortezzaKey     *fortezzaKey;
-    CI_IV            fortezzaIV;
-    int              ciRV, registerIndex;
-
-    if (pMechanism->mechanism != CKM_SKIPJACK_CBC64) {
-        if (session) fort11_FreeSession(session);
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);        
-    }
-
-    keyObject = fort11_ObjectFromHandle (hKey, session);
-
-    if (keyObject == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    fortezzaKey = (FortezzaKey*)keyObject->objectInfo;
-    fort11_FreeObject(keyObject);
-
-    if (fortezzaKey == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    ciRV = MACI_Select (hs, slot->slotID);
-    if (ciRV != CI_OK) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    ciRV = MACI_SetMode(hs, CI_DECRYPT_TYPE, CI_CBC64_MODE);
-    if (ciRV != CI_OK) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    FMUTEX_Lock(socket->registersLock);
-    if (fortezzaKey->keyRegister == KeyNotLoaded) {
-        registerIndex = LoadKeyIntoRegister(fortezzaKey);
-    } else {
-        registerIndex = fortezzaKey->keyRegister;
-    }
-
-    if (registerIndex == KeyNotLoaded) {
-        FMUTEX_Unlock(socket->registersLock);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    if (pMechanism->pParameter == NULL ||
-	pMechanism->ulParameterLen < sizeof (CI_IV)) {
-        FORT11_RETURN (CKR_MECHANISM_PARAM_INVALID);
-    }
-
-    PORT_Memcpy (fortezzaIV, pMechanism->pParameter, sizeof(CI_IV));
-
-    ciRV = MACI_SetKey (hs, registerIndex);
-    if (ciRV != CI_OK) {
-        FMUTEX_Unlock(socket->registersLock);
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    ciRV = MACI_LoadIV (hs, fortezzaIV);
-    if (ciRV != CI_OK) {
-        FMUTEX_Unlock(socket->registersLock);
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    context = &session->fortezzaContext;
-    InitContext(context, socket, hKey);
-    ciRV = SaveState (context, fortezzaIV, session, fortezzaKey, 
-		      CI_DECRYPT_EXT_TYPE, pMechanism->mechanism);
-
-    FMUTEX_Unlock(socket->registersLock);
-
-    if (ciRV != SOCKET_SUCCESS) {
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    InitCryptoOperation (context, Decrypt);
-    fort11_FreeSession (session);
-
-    FORT11_RETURN (CKR_OK);
-}
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-PR_PUBLIC_API(CK_RV) C_Decrypt(CK_SESSION_HANDLE hSession,
-			       CK_BYTE_PTR       pEncryptedData,
-			       CK_ULONG          ulEncryptedDataLen,
-			       CK_BYTE_PTR       pData, 
-			       CK_ULONG_PTR      pulDataLen) {
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle (hSession, PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket  *socket  = &fortezzaSockets[slot->slotID-1];
-    FortezzaContext *context;
-    HSESSION         hs;
-    CK_RV            rv;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    context = &session->fortezzaContext;
-
-    if (GetCryptoOperation(context) != Decrypt) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
-    }
-
-    *pulDataLen = ulEncryptedDataLen;
-    if (pData == NULL) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    hs = socket->maciSession;
-    FMUTEX_Lock(socket->registersLock);
-    MACI_Lock(hs, CI_NULL_FLAG);
-    rv = DecryptData (context, pEncryptedData, ulEncryptedDataLen, 
-		      pData, *pulDataLen);
-    MACI_Unlock(hs);
-    FMUTEX_Unlock(socket->registersLock);
-    if (rv != SOCKET_SUCCESS) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    EndCryptoOperation (context, Decrypt);
-    fort11_FreeSession(session);
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DecryptUpdate continues a multiple-part decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptUpdate(CK_SESSION_HANDLE hSession, 
-				     CK_BYTE_PTR       pEncryptedPart, 
-				     CK_ULONG          ulEncryptedPartLen,
-				     CK_BYTE_PTR       pPart, 
-				     CK_ULONG_PTR      pulPartLen) {
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle(hSession,PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket  *socket  = &fortezzaSockets[slot->slotID-1];
-    FortezzaContext *context;
-    HSESSION         hs;
-    int              rv;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession (session);
-        FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    context = &session->fortezzaContext;
-    hs = socket->maciSession;
-
-    if (GetCryptoOperation(context) != Decrypt) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
-    }
-
-    if (pPart == NULL) {
-        *pulPartLen = ulEncryptedPartLen;
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    *pulPartLen = ulEncryptedPartLen;
-    
-    FMUTEX_Lock(socket->registersLock);
-    MACI_Lock (hs, CI_NULL_FLAG);
-    rv = DecryptData (context, pEncryptedPart, ulEncryptedPartLen, pPart, 
-		      *pulPartLen);
-    MACI_Unlock(hs);
-    FMUTEX_Unlock(socket->registersLock);
-
-    fort11_FreeSession(session);
-
-    if (rv != SOCKET_SUCCESS) {
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DecryptFinal finishes a multiple-part decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptFinal(CK_SESSION_HANDLE hSession, 
-				    CK_BYTE_PTR       pLastPart, 
-				    CK_ULONG_PTR      pulLastPartLen) {
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaContext *context;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    context = &session->fortezzaContext;
-    EndCryptoOperation (context, Decrypt);
-
-    fort11_FreeSession(session);
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/*
- ************** Crypto Functions:     Digest (HASH)  ************************
- */
-
-/* C_DigestInit initializes a message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestInit(CK_SESSION_HANDLE hSession,
-				  CK_MECHANISM_PTR  pMechanism) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_Digest digests data in a single part. */
-PR_PUBLIC_API(CK_RV) C_Digest(CK_SESSION_HANDLE hSession, 
-			      CK_BYTE_PTR       pData, 
-			      CK_ULONG          ulDataLen, 
-			      CK_BYTE_PTR       pDigest,
-			      CK_ULONG_PTR      pulDigestLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestUpdate(CK_SESSION_HANDLE hSession,
-				    CK_BYTE_PTR       pPart,
-				    CK_ULONG          ulPartLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestFinal(CK_SESSION_HANDLE hSession,
-				   CK_BYTE_PTR       pDigest,
-				   CK_ULONG_PTR      pulDigestLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/*
- ************** Crypto Functions:     Sign  ************************
- */
-
-/* C_SignInit initializes a signature (private key encryption) operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_SignInit(CK_SESSION_HANDLE hSession,
-				CK_MECHANISM_PTR  pMechanism, 
-				CK_OBJECT_HANDLE  hKey) {
-    FORT11_ENTER()
-    PK11Session     *session   = fort11_SessionFromHandle (hSession, PR_FALSE);
-    PK11Slot        *slot      = fort11_SlotFromSessionHandle(hSession);
-    PK11Object      *keyObject;
-    FortezzaSocket  *socket    = &fortezzaSockets[slot->slotID-1]; 
-    FortezzaContext *context;
-    PK11Attribute   *idAttribute;
-    int              personalityIndex;
-    HSESSION         hs = socket->maciSession;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (pMechanism->mechanism != CKM_DSA) {
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    keyObject = fort11_ObjectFromHandle (hKey, session);
-
-    if (keyObject == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    context = &session->fortezzaContext;
-    InitContext(context, socket, hKey);
-    InitCryptoOperation (context, Sign);
-    fort11_FreeSession(session);
-
-    idAttribute = fort11_FindAttribute(keyObject, CKA_ID);
-    fort11_FreeObject(keyObject);
-
-    if (idAttribute == NULL) {
-        FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    personalityIndex = *(int*)(idAttribute->attrib.pValue);
-    fort11_FreeAttribute(idAttribute);
-    
-    MACI_Select (hs, slot->slotID);
-    if (MACI_SetPersonality (hs,personalityIndex) != CI_OK) {
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_Sign(CK_SESSION_HANDLE hSession, 
-			    CK_BYTE_PTR       pData,
-			    CK_ULONG          ulDataLen,
-			    CK_BYTE_PTR       pSignature,
-			    CK_ULONG_PTR      pulSignatureLen) {
-
-    FORT11_ENTER()
-    PK11Session     *session   = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot      = fort11_SlotFromSessionHandle(hSession);
-    FortezzaContext *context;
-    FortezzaSocket  *socket    = &fortezzaSockets[slot->slotID-1];
-    HSESSION         hs        = socket->maciSession;
-    PK11Object      *keyObject;
-    PK11Attribute   *idAttribute;
-    int              ciRV, personalityIndex;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-	
-    context = &session->fortezzaContext;
-    if (GetCryptoOperation(context) != Sign) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
-    }
-
-    if (pSignature == NULL) {
-        *pulSignatureLen = 40;
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    if (ulDataLen > 20) {
-        FORT11_RETURN (CKR_DATA_LEN_RANGE);
-    }
-
-    if (*pulSignatureLen < 40) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
-    }
-    *pulSignatureLen = 40;
-
-    keyObject = fort11_ObjectFromHandle(context->hKey, session);
-    if (keyObject == NULL) {
-        fort11_FreeSession(session);
-	FORT11_RETURN(CKR_GENERAL_ERROR);
-    }
-
-    idAttribute = fort11_FindAttribute(keyObject, CKA_ID);
-    fort11_FreeObject(keyObject);
-
-    personalityIndex = *(int*)(idAttribute->attrib.pValue);
-    fort11_FreeAttribute(idAttribute);
-
-    MACI_Select(hs, slot->slotID);
-
-    MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
-    ciRV = MACI_SetPersonality(hs, personalityIndex);
-    if (ciRV != CI_OK) {
-        MACI_Unlock(hs);
-        fort11_FreeSession(session);
-	FORT11_RETURN(CKR_DEVICE_ERROR);
-    }
-
-    ciRV = MACI_Sign (hs, pData, pSignature);
-    if (ciRV != CI_OK) {
-        MACI_Unlock(hs);
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    MACI_Unlock(hs);
-    EndCryptoOperation (context, Sign);
-    fort11_FreeSession(session);
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_SignUpdate(CK_SESSION_HANDLE hSession,
-				  CK_BYTE_PTR       pPart,
-				  CK_ULONG          ulPartLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignFinal finishes a multiple-part signature operation, 
- * FORT11_RETURNing the signature. */
-PR_PUBLIC_API(CK_RV) C_SignFinal(CK_SESSION_HANDLE hSession,
-				 CK_BYTE_PTR       pSignature,
-				 CK_ULONG_PTR      pulSignatureLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions:     Sign Recover  ************************
- */
-/* C_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
-PR_PUBLIC_API(CK_RV) C_SignRecoverInit(CK_SESSION_HANDLE hSession,
-				       CK_MECHANISM_PTR  pMechanism,
-				       CK_OBJECT_HANDLE  hKey) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
-PR_PUBLIC_API(CK_RV) C_SignRecover(CK_SESSION_HANDLE hSession,
-				   CK_BYTE_PTR       pData,
-				   CK_ULONG          ulDataLen, 
-				   CK_BYTE_PTR       pSignature, 
-				   CK_ULONG_PTR      pulSignatureLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions:     verify  ************************
- */
-
-/* C_VerifyInit initializes a verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-PR_PUBLIC_API(CK_RV) C_VerifyInit(CK_SESSION_HANDLE hSession,
-				  CK_MECHANISM_PTR  pMechanism,
-				  CK_OBJECT_HANDLE  hKey) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_Verify verifies a signature in a single-part operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_Verify(CK_SESSION_HANDLE hSession, 
-			      CK_BYTE_PTR       pData,
-			      CK_ULONG          ulDataLen, 
-			      CK_BYTE_PTR       pSignature, 
-			      CK_ULONG          ulSignatureLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyUpdate continues a multiple-part verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_VerifyUpdate( CK_SESSION_HANDLE hSession, 
-				     CK_BYTE_PTR       pPart,
-				     CK_ULONG          ulPartLen) {
-   return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyFinal finishes a multiple-part verification operation, 
- * checking the signature. */
-PR_PUBLIC_API(CK_RV) C_VerifyFinal(CK_SESSION_HANDLE hSession,
-				   CK_BYTE_PTR       pSignature,
-				   CK_ULONG          ulSignatureLen) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions:     Verify  Recover ************************
- */
-
-/* C_VerifyRecoverInit initializes a signature verification operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
-PR_PUBLIC_API(CK_RV) C_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
-					 CK_MECHANISM_PTR  pMechanism,
-					 CK_OBJECT_HANDLE  hKey) {
-  /* For functions that don't access globals, we don't have to worry about the
-   * stack.
-   */	
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyRecover verifies a signature in a single-part operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
-PR_PUBLIC_API(CK_RV) C_VerifyRecover(CK_SESSION_HANDLE hSession,
-				     CK_BYTE_PTR       pSignature,
-				     CK_ULONG          ulSignatureLen,
-				     CK_BYTE_PTR       pData,
-				     CK_ULONG_PTR      pulDataLen) {
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- **************************** Key Functions:  ************************
- */
-
-#define MAX_KEY_LEN 256
-/* C_GenerateKey generates a secret key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_GenerateKey(CK_SESSION_HANDLE    hSession, 
-				   CK_MECHANISM_PTR     pMechanism,
-				   CK_ATTRIBUTE_PTR     pTemplate,
-				   CK_ULONG             ulCount,
-				   CK_OBJECT_HANDLE_PTR phKey) {
-    FORT11_ENTER()
-    PK11Session    *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot       *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket *socket  = &fortezzaSockets[slot->slotID-1];
-    PK11Object     *key;
-    FortezzaKey    *newKey;
-    int             i, keyRegister;
-    CK_ULONG        key_length = 0;
-    CK_RV           crv        = CKR_OK;
-    CK_OBJECT_CLASS secretKey  = CKO_SECRET_KEY;
-    CK_BBOOL        False      = FALSE;
-    CK_BBOOL        cktrue     = TRUE;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-        fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-    if (pMechanism->mechanism != CKM_SKIPJACK_KEY_GEN) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    key = fort11_NewObject(slot);
-
-    if (key == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_HOST_MEMORY);
-    }
-
-    for (i=0; i < (int) ulCount; i++) {
-        if (pTemplate[i].type == CKA_VALUE_LEN) {
-	    key_length = *(CK_ULONG *)pTemplate[i].pValue;
-	    continue;
-	}
-	crv = fort11_AddAttributeType (key, pk11_attr_expand (&pTemplate[i]));
-	if (crv != CKR_OK) 
-	  break;
-    } 
-
-    if (crv != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (crv);
-    }
-
-    /* make sure we don't have any class, key_type, or value fields */
-    fort11_DeleteAttributeType(key,CKA_CLASS);
-    fort11_DeleteAttributeType(key,CKA_KEY_TYPE);
-    fort11_DeleteAttributeType(key,CKA_VALUE);
-
-    if (MAX_KEY_LEN < key_length) {
-        crv = CKR_TEMPLATE_INCONSISTENT;
-    }
-
-    if (crv != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (crv);
-    }
-    
-    if (fort11_AddAttributeType(key, CKA_CLASS,&secretKey,
-			      sizeof(CK_OBJECT_CLASS)) != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    if (fort11_AddAttributeType(key, CKA_TOKEN, &False,
-			      sizeof(CK_BBOOL)) != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
- 
-    if (fort11_isTrue(key,CKA_SENSITIVE)) {
-	fort11_forceAttribute(key,CKA_ALWAYS_SENSITIVE,&cktrue,
-			      sizeof(CK_BBOOL));
-    }
-    if (!fort11_isTrue(key,CKA_EXTRACTABLE)) {
-	fort11_forceAttribute(key,CKA_NEVER_EXTRACTABLE,&cktrue,
-			    sizeof(CK_BBOOL));
-    }
-
-    FMUTEX_Lock(socket->registersLock);
-
-    keyRegister = GetBestKeyRegister(socket);
-    newKey = NewFortezzaKey(socket, MEK, NULL, keyRegister);
-
-    FMUTEX_Unlock(socket->registersLock);
-
-    if (newKey == NULL) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_HOST_MEMORY);
-    }
-
-    key->objectInfo = (void*)newKey;
-    key->infoFree   = fort11_FreeFortezzaKey;
-
-    FMUTEX_Lock(slot->objectLock);
-    key->handle = slot->tokenIDCount++;
-    key->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
-    FMUTEX_Unlock(slot->objectLock);
-
-    key->objclass = secretKey;
-    key->slot = slot;
-    key->inDB = PR_TRUE;
-
-    fort11_AddObject(session, key);
-    fort11_FreeSession(session);
-    SetFortezzaKeyHandle(newKey, key->handle);
-    *phKey = key->handle;
-
-    FORT11_RETURN (CKR_OK);
-    
-}
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair, 
- * creating new key objects. */
-PR_PUBLIC_API(CK_RV) C_GenerateKeyPair 
-                     (CK_SESSION_HANDLE    hSession,
-		      CK_MECHANISM_PTR     pMechanism, 
-		      CK_ATTRIBUTE_PTR     pPublicKeyTemplate,
-		      CK_ULONG             ulPublicKeyAttributeCount, 
-		      CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,
-		      CK_ULONG             ulPrivateKeyAttributeCount, 
-		      CK_OBJECT_HANDLE_PTR phPrivateKey,
-		      CK_OBJECT_HANDLE_PTR phPublicKey) {
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-PR_PUBLIC_API(CK_RV) C_WrapKey(CK_SESSION_HANDLE hSession,
-			       CK_MECHANISM_PTR  pMechanism, 
-			       CK_OBJECT_HANDLE  hWrappingKey,
-			       CK_OBJECT_HANDLE  hKey, 
-			       CK_BYTE_PTR       pWrappedKey,
-			       CK_ULONG_PTR      pulWrappedKeyLen) {
-    FORT11_ENTER()
-    PK11Session    *session = fort11_SessionFromHandle (hSession, PR_FALSE);
-    PK11Slot       *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket *socket  = &fortezzaSockets[slot->slotID-1];
-    PK11Object     *wrapKey;
-    PK11Object     *srcKey;
-    FortezzaKey    *wrapFortKey;
-    FortezzaKey    *srcFortKey;
-    int             rv;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (!socket->isLoggedIn) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-    }
-
-    if (pMechanism->mechanism != CKM_SKIPJACK_WRAP) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    wrapKey = fort11_ObjectFromHandle (hWrappingKey, session);
-    if ((wrapKey == NULL) || (wrapKey->objectInfo == NULL)) {
-        if (wrapKey) 
-	    fort11_FreeObject(wrapKey);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    srcKey = fort11_ObjectFromHandle (hKey, session);
-    fort11_FreeSession(session);
-    if ((srcKey == NULL) || (srcKey->objectInfo == NULL)) {
-        FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    wrapFortKey = (FortezzaKey*)wrapKey->objectInfo;
-    fort11_FreeObject(wrapKey);
-
-    srcFortKey = (FortezzaKey*)srcKey->objectInfo;
-    fort11_FreeObject(srcKey);
-
-    FMUTEX_Lock(socket->registersLock);
-    if (wrapFortKey->keyRegister == KeyNotLoaded) {
-      if (LoadKeyIntoRegister(wrapFortKey) == KeyNotLoaded) {
-	  FORT11_RETURN (CKR_DEVICE_ERROR);
-      }
-    }
-
-    if (srcFortKey->keyRegister == KeyNotLoaded) {
-      if (LoadKeyIntoRegister(srcFortKey) == KeyNotLoaded) {
-	  FMUTEX_Unlock(socket->registersLock);
-	  FORT11_RETURN (CKR_DEVICE_ERROR);
-      }
-    }
-
-    MACI_Lock(socket->maciSession, CI_BLOCK_LOCK_FLAG);
-    rv = WrapKey (wrapFortKey, srcFortKey, pWrappedKey, *pulWrappedKeyLen);
-    MACI_Unlock(socket->maciSession);
-    FMUTEX_Unlock(socket->registersLock);
-
-    if (rv != SOCKET_SUCCESS) {
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_UnwrapKey(CK_SESSION_HANDLE    hSession,
-				 CK_MECHANISM_PTR     pMechanism, 
-				 CK_OBJECT_HANDLE     hUnwrappingKey,
-				 CK_BYTE_PTR          pWrappedKey, 
-				 CK_ULONG             ulWrappedKeyLen,
-				 CK_ATTRIBUTE_PTR     pTemplate, 
-				 CK_ULONG             ulAttributeCount,
-				 CK_OBJECT_HANDLE_PTR phKey) {
-    FORT11_ENTER()
-    PK11Session    *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot       *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket *socket  = &fortezzaSockets[slot->slotID-1];
-    PK11Object     *wrapKey;
-    PK11Object     *newKey;
-    FortezzaKey    *fortKey;
-    FortezzaKey    *unwrapFort;
-    CK_ULONG        key_length;
-    int             i, newKeyRegister;
-    CK_RV           crv = CKR_OK;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (pMechanism->mechanism != CKM_SKIPJACK_WRAP){
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    if (!socket->isLoggedIn) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-    }    
-
-    wrapKey = fort11_ObjectFromHandle(hUnwrappingKey, session);
-    if (wrapKey == NULL || wrapKey->objectInfo == NULL) {
-        if (wrapKey)
-	    fort11_FreeObject(wrapKey);
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_UNWRAPPING_KEY_HANDLE_INVALID);
-    }
-
-    fortKey = (FortezzaKey*)wrapKey->objectInfo;
-    fort11_FreeObject(wrapKey);
-
-    newKey = fort11_NewObject(slot);
-    if (newKey == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_HOST_MEMORY);
-    }
-
-    for (i=0; i< (int)ulAttributeCount; i++) {
-        if (pTemplate[i].type == CKA_VALUE_LEN) {
-	    key_length = *(CK_ULONG*)pTemplate[i].pValue;
-	    continue;
-	}
-	crv=fort11_AddAttributeType(newKey,fort11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) {
-	    break;
-	}
-    }
-
-    if (crv != CKR_OK) {
-        fort11_FreeSession(session);
-        fort11_FreeObject(newKey);
-	FORT11_RETURN (crv);
-    }
-
-    /* make sure we don't have any class, key_type, or value fields */
-    if (!fort11_hasAttribute(newKey,CKA_CLASS)) {
-	fort11_FreeObject(newKey);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_TEMPLATE_INCOMPLETE);
-    }
-    if (!fort11_hasAttribute(newKey,CKA_KEY_TYPE)) {
-	fort11_FreeObject(newKey);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_TEMPLATE_INCOMPLETE);
-    }
-
-    FMUTEX_Lock(socket->registersLock);
-    newKeyRegister = UnwrapKey (pWrappedKey, fortKey);
-    if (newKeyRegister == KeyNotLoaded) {
-        /*Couldn't Unwrap the key*/
-        fort11_FreeObject(newKey);
-        fort11_FreeSession(session);
-	FMUTEX_Unlock(socket->registersLock);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    unwrapFort = NewUnwrappedKey(newKeyRegister, fortKey->id, socket);
-    FMUTEX_Unlock(socket->registersLock);
-
-    if (unwrapFort == NULL) {
-        fort11_FreeObject(newKey);
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_HOST_MEMORY);
-    }
-    newKey->objectInfo = unwrapFort;
-    newKey->infoFree   = fort11_FreeFortezzaKey;
-
-    FMUTEX_Lock(slot->objectLock);
-    newKey->handle = slot->tokenIDCount++;
-    newKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
-    FMUTEX_Unlock(slot->objectLock);
-    newKey->objclass = CKO_SECRET_KEY;
-    newKey->slot  = slot;
-    newKey->inDB  = PR_TRUE;
-
-    fort11_AddObject (session, newKey);
-    fort11_FreeSession(session);
-    
-    SetFortezzaKeyHandle(unwrapFort, newKey->handle);
-    *phKey = newKey->handle;
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_DeriveKey( CK_SESSION_HANDLE    hSession,
-				  CK_MECHANISM_PTR     pMechanism, 
-				  CK_OBJECT_HANDLE     hBaseKey,
-				  CK_ATTRIBUTE_PTR     pTemplate, 
-				  CK_ULONG             ulAttributeCount, 
-				  CK_OBJECT_HANDLE_PTR phKey) {
-    FORT11_ENTER()
-    PK11Session     *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot    = fort11_SlotFromSessionHandle(hSession);
-    FortezzaSocket  *socket  = &fortezzaSockets[slot->slotID-1];
-    PK11Object      *key, *sourceKey;
-    CK_ULONG         i;
-    CK_ULONG         key_length = 0;
-    CK_RV            crv        = 0;
-    CK_KEY_TYPE      keyType    = CKK_SKIPJACK;
-    CK_OBJECT_CLASS  classType  = CKO_SECRET_KEY;  
-    CK_BBOOL	     ckTrue     = TRUE;
-    CK_BBOOL         ckFalse    = FALSE;
-    int              ciRV;
-    int              personality;
-    PK11Attribute   *att;
-
-    CK_KEA_DERIVE_PARAMS_PTR  params;
-    FortezzaKey              *derivedKey;
-    CreateTEKInfo             tekInfo;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (pMechanism->mechanism != CKM_KEA_KEY_DERIVE) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_MECHANISM_INVALID);
-    }
-
-    key = fort11_NewObject (slot);
-
-    if (key == NULL) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_HOST_MEMORY);
-    }
-
-    for (i = 0; i < ulAttributeCount; i++) {
-        crv = fort11_AddAttributeType (key, fort11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) {
-	    break;
-	}
-	if (pTemplate[i].type == CKA_KEY_TYPE) {
-	    keyType = *(CK_KEY_TYPE*)pTemplate[i].pValue;
-	} else if (pTemplate[i].type == CKA_VALUE_LEN) {
-	    key_length = *(CK_ULONG*)pTemplate[i].pValue;
-	}	  
-    }
-
-    if (crv != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (crv);
-    }
-
-    if (key_length == 0) {
-        key_length = 12;
-    }
-
-    classType = CKO_SECRET_KEY;
-    crv = fort11_forceAttribute (key, CKA_CLASS, &classType, 
-				 sizeof(classType));
-    if (crv != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (crv);
-    }
-    crv = fort11_forceAttribute (key, CKA_SENSITIVE, &ckTrue, 
-				 sizeof(CK_BBOOL));
-    if (crv != CKR_OK) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (crv);
-    }
-    crv = fort11_forceAttribute (key, CKA_EXTRACTABLE, &ckFalse, 
-			       sizeof(CK_BBOOL));
-    if (crv != CKR_OK) {
-        fort11_FreeSession(session);
-	fort11_FreeObject(key);
-	FORT11_RETURN (crv);
-    }
-
-    sourceKey = fort11_ObjectFromHandle (hBaseKey, session);
-
-    if (sourceKey == NULL) {
-        fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-    }
-
-    att = fort11_FindAttribute(sourceKey,CKA_ID);
-    fort11_FreeObject(sourceKey);
-    if (att == NULL) {
-	fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_KEY_TYPE_INCONSISTENT);
-    }
-    personality = *(int *) att->attrib.pValue;
-    fort11_FreeAttribute(att);
-
-    params = (CK_KEA_DERIVE_PARAMS_PTR)pMechanism->pParameter;
-
-    if (params == NULL) {
-	fort11_FreeObject(key);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_MECHANISM_PARAM_INVALID);
-    }
-    
-    ciRV = MACI_SetPersonality(socket->maciSession,personality);
-    if (ciRV != CI_OK) {
-	fort11_FreeObject(key);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-    /*
-     * If we're sending, generate our own RA.
-     */
-    if (params->isSender) {
-	ciRV = MACI_GenerateRa(socket->maciSession,params->pRandomA);
-	if (ciRV != CI_OK) {
-	    fort11_FreeObject(key);
-	    fort11_FreeSession(session);
-	    FORT11_RETURN (CKR_DEVICE_ERROR);
-	}
-    }
-    PORT_Memcpy (tekInfo.Ra, params->pRandomA, params->ulRandomLen);
-    PORT_Memcpy (tekInfo.Rb, params->pRandomB, params->ulRandomLen);
-    tekInfo.randomLen = params->ulRandomLen;
-    tekInfo.personality = personality;
-    tekInfo.flag = (params->isSender) ? CI_INITIATOR_FLAG : CI_RECIPIENT_FLAG;
-    
-    PORT_Memcpy (tekInfo.pY, params->pPublicData, params->ulPublicDataLen);
-    tekInfo.YSize = params->ulPublicDataLen;
-
-    FMUTEX_Lock(socket->registersLock);
-    derivedKey = NewFortezzaKey(socket, TEK, &tekInfo, 
-				GetBestKeyRegister(socket));
-    FMUTEX_Unlock(socket->registersLock);
-
-    if (derivedKey == NULL) {
-	fort11_FreeObject(key);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_GENERAL_ERROR);
-    }
-
-    key->objectInfo = derivedKey;
-    key->infoFree   = fort11_FreeFortezzaKey;
-
-    FMUTEX_Lock(slot->objectLock);
-    key->handle = slot->tokenIDCount++;
-    key->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
-    FMUTEX_Unlock(slot->objectLock);
-    key->objclass = classType;
-    key->slot = slot;
-    key->inDB = PR_TRUE;
-
-    fort11_AddObject (session, key);
-    fort11_FreeSession(session);
-    
-    SetFortezzaKeyHandle(derivedKey, key->handle);
-    *phKey = key->handle;
-
-    FORT11_RETURN (CKR_OK);
-}
-
-/*
- **************************** Random Functions:  ************************
- */
-
-/* C_SeedRandom mixes additional seed material into the token's random number 
- * generator. */
-PR_PUBLIC_API(CK_RV) C_SeedRandom(CK_SESSION_HANDLE hSession, 
-				  CK_BYTE_PTR       pSeed,
-				  CK_ULONG          ulSeedLen) {
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_GenerateRandom generates random data. */
-PR_PUBLIC_API(CK_RV) C_GenerateRandom(CK_SESSION_HANDLE hSession,
-				      CK_BYTE_PTR	pRandomData, 
-				      CK_ULONG          ulRandomLen) {
-    FORT11_ENTER()
-    PK11Slot    *slot    = fort11_SlotFromSessionHandle(hSession);
-    PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
-    CI_RANDOM    randomNum;
-    CK_ULONG     randomSize = sizeof (CI_RANDOM);
-    int          ciRV;
-    CK_ULONG     bytesCopied = 0, bytesToCopy;
-    CK_ULONG     bufferSize  = 0, bytesRemaining;
-
-    if (session == NULL) {
-        session = fort11_SessionFromHandle (hSession, PR_TRUE);
-	fort11_TokenRemoved(slot, session);
-	fort11_FreeSession(session);
-        FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    fort11_FreeSession(session);
-    ciRV = MACI_Select(fortezzaSockets[slot->slotID-1].maciSession, 
-		       slot->slotID);
-    if (ciRV != CI_OK) {
-        FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-    
-    while (bytesCopied < ulRandomLen) {
-      bytesRemaining = ulRandomLen - bytesCopied;
-      if (bufferSize < bytesRemaining) {
-	  ciRV = 
-	    MACI_GenerateRandom(fortezzaSockets[slot->slotID-1].maciSession, 
-				randomNum);
-	  if (ciRV != CI_OK)
-	      FORT11_RETURN (CKR_DEVICE_ERROR);
-	  bufferSize = randomSize;
-      }
-      bytesToCopy = (bytesRemaining > randomSize) ? randomSize : 
-	                                            bytesRemaining;
-
-      PORT_Memcpy (&pRandomData[bytesCopied], 
-		   &randomNum[randomSize-bufferSize], bytesToCopy);
-
-      bytesCopied += bytesToCopy;
-      bufferSize  -= bytesToCopy; 
-    }
-
-    FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_GetFunctionStatus obtains an updated status of a function running 
- * in parallel with an application. */
-PR_PUBLIC_API(CK_RV) C_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
-    return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_CancelFunction cancels a function running in parallel */
-PR_PUBLIC_API(CK_RV) C_CancelFunction(CK_SESSION_HANDLE hSession) {
-    return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_GetOperationState saves the state of the cryptographic 
- *operation in a session. */
-PR_PUBLIC_API(CK_RV) C_GetOperationState(CK_SESSION_HANDLE hSession, 
-					 CK_BYTE_PTR       pOperationState, 
-					 CK_ULONG_PTR      pulOperationStateLen) {
-    FORT11_ENTER()
-    PK11Session     *session   = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot      = fort11_SlotFromSessionHandle(hSession);
-    FortezzaContext *context;
-
-    if (session  == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (pOperationState == NULL) {
-        *pulOperationStateLen = sizeof (FortezzaContext);
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_OK);
-    }
-
-    if (*pulOperationStateLen < sizeof (FortezzaContext)) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
-    }
-
-    context = &session->fortezzaContext;
-    fort11_FreeSession(session);
-    PORT_Memcpy (pOperationState, context, sizeof(FortezzaContext));
-    ((FortezzaContext *)pOperationState)->session = NULL;
-    ((FortezzaContext *)pOperationState)->fortezzaKey = NULL;
-    *pulOperationStateLen = sizeof(FortezzaContext);
-    FORT11_RETURN (CKR_OK);
-}
-
-
-
-/* C_SetOperationState restores the state of the cryptographic operation in a session. */
-PR_PUBLIC_API(CK_RV) C_SetOperationState(CK_SESSION_HANDLE hSession, 
-					 CK_BYTE_PTR       pOperationState, 
-					 CK_ULONG          ulOperationStateLen,
-					 CK_OBJECT_HANDLE  hEncryptionKey, 
-					 CK_OBJECT_HANDLE  hAuthenticationKey){
-    FORT11_ENTER()
-    PK11Session     *session   = fort11_SessionFromHandle(hSession, PR_FALSE);
-    PK11Slot        *slot      = fort11_SlotFromSessionHandle(hSession);
-    FortezzaContext *context;
-    FortezzaContext  passedInCxt;
-    PK11Object      *keyObject;
-    FortezzaKey     *fortKey;
-
-    if (session  == NULL) {
-        session = fort11_SessionFromHandle(hSession, PR_TRUE);
-	fort11_TokenRemoved (slot, session);
-	fort11_FreeSession(session);
-	FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
-    }
-
-    if (ulOperationStateLen != sizeof(FortezzaContext)) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_SAVED_STATE_INVALID);
-    }
-
-    PORT_Memcpy(&passedInCxt, pOperationState, sizeof(FortezzaContext));
-    if (passedInCxt.fortezzaSocket->slotID != slot->slotID) {
-        fort11_FreeSession(session);
-        FORT11_RETURN (CKR_SAVED_STATE_INVALID);
-    }
-    passedInCxt.session = NULL;
-    passedInCxt.fortezzaKey = NULL;
-    
-    if (hEncryptionKey != 0) {
-        keyObject = fort11_ObjectFromHandle(hEncryptionKey, session);
-	if (keyObject == NULL) {
-	    fort11_FreeSession(session);
-	    FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
-	}
-	fortKey = (FortezzaKey*)keyObject->objectInfo;
-	fort11_FreeObject(keyObject);
-	if (fortKey == NULL) {
-	    fort11_FreeSession(session);
-	    FORT11_RETURN (CKR_SAVED_STATE_INVALID);
-	}
-	if (fortKey->keyRegister == KeyNotLoaded) {
-	    if (LoadKeyIntoRegister (fortKey) == KeyNotLoaded) {
-	        fort11_FreeSession(session);
-		FORT11_RETURN (CKR_DEVICE_ERROR);
-	    }
-	}
-	passedInCxt.fortezzaKey = fortKey;
-
-    } 
-    if (hAuthenticationKey != 0) {
-        fort11_FreeSession(session);
-	FORT11_RETURN (CKR_DEVICE_ERROR);
-    }
-
-    passedInCxt.session = session;
-    context = &session->fortezzaContext;
-    fort11_FreeSession (session);    
-    PORT_Memcpy (context, &passedInCxt, sizeof(passedInCxt));
-
-    FORT11_RETURN (CKR_OK);
-}
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting and 
-   encryption operation. */
-PR_PUBLIC_API(CK_RV) C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, 
-					   CK_BYTE_PTR       pPart,
-					   CK_ULONG          ulPartLen, 
-					   CK_BYTE_PTR       pEncryptedPart,
-					   CK_ULONG_PTR      pulEncryptedPartLen){
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and digesting 
-   operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
-					   CK_BYTE_PTR       pEncryptedPart, 
-					   CK_ULONG          ulEncryptedPartLen,
-					   CK_BYTE_PTR       pPart, 
-			    CK_ULONG_PTR      pulPartLen){
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and encryption
-   operation. */
-PR_PUBLIC_API(CK_RV) C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, 
-					 CK_BYTE_PTR       pPart,
-					 CK_ULONG          ulPartLen, 
-					 CK_BYTE_PTR       pEncryptedPart,
-					 CK_ULONG_PTR      pulEncryptedPartLen){
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and verify 
-   operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 
-					   CK_BYTE_PTR       pEncryptedData, 
-					   CK_ULONG          ulEncryptedDataLen, 
-					   CK_BYTE_PTR       pData, 
-					   CK_ULONG_PTR      pulDataLen){
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-PR_PUBLIC_API(CK_RV) C_DigestKey(CK_SESSION_HANDLE hSession, 
-				 CK_OBJECT_HANDLE  hKey) {
-  return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-PR_PUBLIC_API(CK_RV) C_WaitForSlotEvent(CK_FLAGS flags,
-					CK_SLOT_ID_PTR pSlot,
-					CK_VOID_PTR pRserved) {
-  return CKR_FUNCTION_FAILED;
-}
-
diff --git a/security/nss/lib/fortcrypt/fortsock.h b/security/nss/lib/fortcrypt/fortsock.h
deleted file mode 100644
index f74fc80b8..000000000
--- a/security/nss/lib/fortcrypt/fortsock.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef FORSOCK_H_
-#define FORSOCK_H_
-
-#include "seccomon.h"
-#include "fpkcs11.h"
-#include "fpkcs11i.h"
-#include "fpkstrs.h"
-
-
-#ifndef prtypes_h___
-typedef enum { PR_FALSE, PR_TRUE }PRBool;
-#endif
-
-
-#define SOCKET_SUCCESS  0
-#define SOCKET_FAILURE  1
-
-#define KeyNotLoaded    -1
-#define NoCryptoType    -1
-#define NoCryptoMode    -1
-#define NO_MECHANISM    0xFFFFFFFFL
-
-
-/*Get the Fortezza context in here*/
-
-int InitSocket (FortezzaSocket *inSocket, int inSlotID);
-int FreeSocket (FortezzaSocket *inSocket);
-
-int FetchPersonalityList (FortezzaSocket *inSocket);
-int UnloadPersonalityList(FortezzaSocket *inSocket);
-
-int LoginToSocket (FortezzaSocket *inSocket, int inUserType, CI_PIN inPin); 
-
-int LogoutFromSocket (FortezzaSocket *inSocket);
-
-PRBool SocketStateUnchanged(FortezzaSocket* inSocket);
-
-int GetBestKeyRegister(FortezzaSocket *inSocket);
-
-FortezzaKey *NewFortezzaKey(FortezzaSocket  *inSocket, 
-			    FortezzaKeyType  inKeyType,
-			    CreateTEKInfo   *TEKinfo,
-			    int              inKeyRegister);
-FortezzaKey *NewUnwrappedKey(int inKeyRegister, int i, 
-			     FortezzaSocket *inSocket);
-
-int  LoadKeyIntoRegister (FortezzaKey *inKey);
-int  SetFortezzaKeyHandle (FortezzaKey *inKey, CK_OBJECT_HANDLE inHandle);
-void RemoveKey (FortezzaKey *inKey);
-
-void InitContext(FortezzaContext *inContext, FortezzaSocket *inSocket,
-		 CK_OBJECT_HANDLE hKey);
-int InitCryptoOperation (FortezzaContext *inContext, 
-			 CryptoType inCryptoOperation);
-int EndCryptoOperation  (FortezzaContext *inContext, 
-			 CryptoType inCryptoOperation);
-CryptoType GetCryptoOperation (FortezzaContext *inContext);
-int EncryptData (FortezzaContext *inContext, CK_BYTE_PTR inData,
-		 CK_ULONG inDataLen, CK_BYTE_PTR inDest, 
-		 CK_ULONG inDestLen);
-int DecryptData (FortezzaContext *inContext, CK_BYTE_PTR inData,
-		 CK_ULONG inDataLen, CK_BYTE_PTR inDest, 
-		 CK_ULONG inDestLen);
-
-int SaveState (FortezzaContext *inContext, CI_IV inIV, 
-	       PK11Session *inSession, FortezzaKey *inKey,
-	       int inCryptoType, CK_MECHANISM_TYPE inMechanism);
-
-int WrapKey (FortezzaKey *wrappingKey, FortezzaKey *srcKey,
-	     CK_BYTE_PTR pDest, CK_ULONG ulDestLen);
-int UnwrapKey (CK_BYTE_PTR inWrappedKey, FortezzaKey *inKey);
-
-#endif /*SOCKET_H_*/
diff --git a/security/nss/lib/fortcrypt/fpkcs11.h b/security/nss/lib/fortcrypt/fpkcs11.h
deleted file mode 100644
index 09f3dfe29..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* Define API */
-#ifndef _FPKCS11_H_
-#define _FPKCS11_H_ 1
-
-#include "seccomon.h"
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-
-#ifndef TRUE
-#define TRUE (!FALSE)
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* All the various pkcs11 types and #define'd values are in the file */
-/* pkcs11t.h.  CK_PTR should be defined there, too; it's the recipe for */
-/* making pointers. */
-#include "fpkcs11t.h"
-
-#define __PASTE(x,y)	x##y
-
-/* ================================================================= */
-/* Define the "extern" form of all the entry points */
-
-#define CK_EXTERN	extern
-#define CK_FUNC(name)	CK_ENTRY name
-#define CK_NEED_ARG_LIST	1
-#define _CK_RV		PR_PUBLIC_API(CK_RV)
-
-/* pkcs11f.h has all the information about the PKCS #11 functions. */
-#include "fpkcs11f.h"
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-/* ================================================================= */
-/* Define the typedef form of all the entry points. */
-/* That is, for each Cryptoki function C_XXX, define a type CK_C_XXX */
-/* which is a pointer to that kind of function. */
-
-#define CK_EXTERN               typedef
-#define CK_FUNC(name)           CK_ENTRY (CK_PTR __PASTE(CK_,name))
-#define CK_NEED_ARG_LIST	1
-#define _CK_RV		        CK_RV
-
-#include "fpkcs11f.h"
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-/* =================================================================
- * Define structed vector of entry points.
- * The CK_FUNCTION_LIST contains a CK_VERSION indicating the PKCS #11
- * version, and then a whole slew of function pointers to the routines
- * in the library.  This type was declared, but not defined, in
- * pkcs11t.h. */
-
-
-/* These data types are platform/implementation dependent. */
-#if defined(XP_WIN) 
-#if defined(_WIN32)
-#define CK_ENTRY	
-#define CK_PTR		*	/* definition for Win32 */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#pragma pack(push, cryptoki, 1)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#define CK_ENTRY	
-#define CK_PTR		*	/* definition for Win16 */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#pragma pack(push, 1)
-#else /* not Watcom 16-bit */
-#define CK_ENTRY	
-#define CK_PTR		*	/* definition for Win16 */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#pragma pack(1)
-#endif
-#endif
-#else /* not windows */
-#define CK_ENTRY
-#define CK_PTR		*	/* definition for UNIX */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#endif
-
-
-#define CK_EXTERN 
-#define CK_FUNC(name) __PASTE(CK_,name) name;
-#define _CK_RV
-
-struct CK_FUNCTION_LIST {
-
-    CK_VERSION		version;	/* PKCS #11 version */
-
-/* Pile all the function pointers into it. */
-#include "fpkcs11f.h"
-
-};
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef _CK_RV
-
-
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#pragma pack(pop, cryptoki)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#pragma pack(pop)
-#else /* not Watcom 16-bit */
-#pragma pack()
-#endif
-#endif
-#endif
-
-
-#undef __PASTE
-/* ================================================================= */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkcs11f.h b/security/nss/lib/fortcrypt/fpkcs11f.h
deleted file mode 100644
index 6fa7e755d..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11f.h
+++ /dev/null
@@ -1,953 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all */
-/* the PKCS #11 function prototypes. */
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_EXTERN _CK_RV CK_FUNC(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the PKCS #11
- * library. */
-CK_EXTERN _CK_RV CK_FUNC(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_INFO_PTR   pInfo  /* location that receives the information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList  /* receives ptr to function
-list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_BBOOL       tokenPresent,  /* only slots with token present */
-  CK_SLOT_ID_PTR pSlotList,     /* receives the array of slot IDs */
-  CK_ULONG_PTR   pulCount       /* receives the number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in the
-system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID       slotID,  /* the ID of the slot */
-  CK_SLOT_INFO_PTR pInfo    /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token in the
- * system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID        slotID,  /* ID of the token's slot */
-  CK_TOKEN_INFO_PTR pInfo    /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types supported by
- * a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,          /* ID of the token's slot */
-  CK_MECHANISM_TYPE_PTR pMechanismList,  /* receives mech. types array
-*/
-  CK_ULONG_PTR          pulCount         /* receives number of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular mechanism 
- * possibly supported by a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,  /* ID of the token's slot */
-  CK_MECHANISM_TYPE     type,    /* type of mechanism */
-  CK_MECHANISM_INFO_PTR pInfo    /* receives mechanism information */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID     slotID,    /* ID of the token's slot */
-  CK_CHAR_PTR    pPin,      /* the SO's initial PIN */
-  CK_ULONG       ulPinLen,  /* length in bytes of the PIN */
-  CK_CHAR_PTR    pLabel     /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_EXTERN _CK_RV CK_FUNC(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_CHAR_PTR       pPin,      /* the normal user's PIN */
-  CK_ULONG          ulPinLen   /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of user that is currently logged in. */
-CK_EXTERN _CK_RV CK_FUNC(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_CHAR_PTR       pOldPin,   /* the old PIN */
-  CK_ULONG          ulOldLen,  /* length of the old PIN */
-  CK_CHAR_PTR       pNewPin,   /* the new PIN */
-  CK_ULONG          ulNewLen   /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,        /* the slot's ID */
-  CK_FLAGS              flags,         /* defined in CK_SESSION_INFO */
-  CK_VOID_PTR           pApplication,  /* pointer passed to callback */
-  CK_NOTIFY             Notify,        /* notification callback function
-*/
-  CK_SESSION_HANDLE_PTR phSession      /* receives new session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a token.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID     slotID  /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE   hSession,  /* the session's handle */
-  CK_SESSION_INFO_PTR pInfo      /* receives session information */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,             /* the session's handle */
-  CK_BYTE_PTR       pOperationState,      /* location receiving state */
-  CK_ULONG_PTR      pulOperationStateLen  /* location receiving state
-length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic operation
- * in a session. */
-CK_EXTERN _CK_RV CK_FUNC(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR      pOperationState,      /* the location holding the
-state */
-  CK_ULONG         ulOperationStateLen,  /* location holding state
-length */
-  CK_OBJECT_HANDLE hEncryptionKey,       /* handle of en/decryption key
-*/
-  CK_OBJECT_HANDLE hAuthenticationKey    /* handle of sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_USER_TYPE      userType,  /* the user type */
-  CK_CHAR_PTR       pPin,      /* the user's PIN */
-  CK_ULONG          ulPinLen   /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_EXTERN _CK_RV CK_FUNC(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,   /* the object's template */
-  CK_ULONG          ulCount,     /* attributes in template */
-  CK_OBJECT_HANDLE_PTR phObject  /* receives new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the copy. */
-CK_EXTERN _CK_RV CK_FUNC(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,    /* the session's handle */
-  CK_OBJECT_HANDLE     hObject,     /* the object's handle */
-  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new object */
-  CK_ULONG             ulCount,     /* attributes in template */
-  CK_OBJECT_HANDLE_PTR phNewObject  /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_EXTERN _CK_RV CK_FUNC(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hObject    /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,   /* the object's handle */
-  CK_ULONG_PTR      pulSize    /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
-attributes. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attributes, gets values */
-  CK_ULONG          ulCount     /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
-attributes */
-CK_EXTERN _CK_RV CK_FUNC(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attributes and values */
-  CK_ULONG          ulCount     /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session objects 
- * that match a template. */
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* attribute values to match */
-  CK_ULONG          ulCount     /* attributes in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session objects 
- * that match a template, obtaining additional object handles. */
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE    hSession,          /* the session's handle */
- CK_OBJECT_HANDLE_PTR phObject,          /* receives object handle array
-*/
- CK_ULONG             ulMaxObjectCount,  /* max handles to be returned
-*/
- CK_ULONG_PTR         pulObjectCount     /* actual number returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session objects.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the encryption mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_EXTERN _CK_RV CK_FUNC(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR       pData,               /* the plaintext data */
-  CK_ULONG          ulDataLen,           /* bytes of plaintext data */
-  CK_BYTE_PTR       pEncryptedData,      /* receives encrypted data */
-  CK_ULONG_PTR      pulEncryptedDataLen  /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,           /* the session's handle */
-  CK_BYTE_PTR       pPart,              /* the plaintext data */
-  CK_ULONG          ulPartLen,          /* bytes of plaintext data */
-  CK_BYTE_PTR       pEncryptedPart,     /* receives encrypted data */
-  CK_ULONG_PTR      pulEncryptedPartLen /* receives encrypted byte count
-*/
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,                /* the session's handle */
-  CK_BYTE_PTR       pLastEncryptedPart,      /* receives encrypted last
-part */
-  CK_ULONG_PTR      pulLastEncryptedPartLen  /* receives byte count */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the decryption mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of the decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_EXTERN _CK_RV CK_FUNC(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,           /* the session's handle */
-  CK_BYTE_PTR       pEncryptedData,     /* input encrypted data */
-  CK_ULONG          ulEncryptedDataLen, /* count of bytes of input */
-  CK_BYTE_PTR       pData,              /* receives decrypted output */
-  CK_ULONG_PTR      pulDataLen          /* receives decrypted byte count
-*/
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* input encrypted data */
-  CK_ULONG          ulEncryptedPartLen,  /* count of bytes of input */
-  CK_BYTE_PTR       pPart,               /* receives decrypted output */
-  CK_ULONG_PTR      pulPartLen           /* receives decrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pLastPart,      /* receives decrypted output */
-  CK_ULONG_PTR      pulLastPartLen  /* receives decrypted byte count */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism  /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_EXTERN _CK_RV CK_FUNC(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_BYTE_PTR       pData,        /* data to be digested */
-  CK_ULONG          ulDataLen,    /* bytes of data to be digested */
-  CK_BYTE_PTR       pDigest,      /* receives the message digest */
-  CK_ULONG_PTR      pulDigestLen  /* receives byte length of digest */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting operation.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* data to be digested */
-  CK_ULONG          ulPartLen  /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting operation, by
- * digesting the value of a secret key as part of the data already
-digested.
- */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hKey       /* handle of secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting operation.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_BYTE_PTR       pDigest,      /* receives the message digest */
-  CK_ULONG_PTR      pulDigestLen  /* receives byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
-operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the signature mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of the signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pData,           /* the data (digest) to be signed
-*/
-  CK_ULONG          ulDataLen,       /* count of bytes to be signed */
-  CK_BYTE_PTR       pSignature,      /* receives the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* receives byte count of signature
-*/
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* the data (digest) to be signed */
-  CK_ULONG          ulPartLen  /* count of bytes to be signed */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation, 
- * returning the signature. */
-CK_EXTERN _CK_RV CK_FUNC(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pSignature,      /* receives the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* receives byte count of signature
-*/
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
-CK_EXTERN _CK_RV CK_FUNC(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism, /* the signature mechanism */
-  CK_OBJECT_HANDLE  hKey        /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
-CK_EXTERN _CK_RV CK_FUNC(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pData,           /* the data (digest) to be signed
-*/
-  CK_ULONG          ulDataLen,       /* count of bytes to be signed */
-  CK_BYTE_PTR       pSignature,      /* receives the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* receives byte count of signature
-*/
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of the verification key */ 
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pData,          /* plaintext data (digest) to
-compare */
-  CK_ULONG          ulDataLen,      /* length of data (digest) in bytes
-*/
-  CK_BYTE_PTR       pSignature,     /* the signature to be verified */
-  CK_ULONG          ulSignatureLen  /* count of bytes of signature */
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* plaintext data (digest) to compare */
-  CK_ULONG          ulPartLen  /* length of data (digest) in bytes */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification operation, 
- * checking the signature. */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pSignature,     /* the signature to be verified */
-  CK_ULONG          ulSignatureLen  /* count of bytes of signature */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of the verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pSignature,      /* the signature to be verified */
-  CK_ULONG          ulSignatureLen,  /* count of bytes of signature */
-  CK_BYTE_PTR       pData,           /* receives decrypted data (digest)
-*/
-  CK_ULONG_PTR      pulDataLen       /* receives byte count of data */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting and
-encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR       pPart,               /* the plaintext data */
-  CK_ULONG          ulPartLen,           /* bytes of plaintext data */
-  CK_BYTE_PTR       pEncryptedPart,      /* receives encrypted data */
-  CK_ULONG_PTR      pulEncryptedPartLen  /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* input encrypted data */
-  CK_ULONG          ulEncryptedPartLen,  /* count of bytes of input */
-  CK_BYTE_PTR       pPart,               /* receives decrypted output */
-  CK_ULONG_PTR      pulPartLen           /* receives decrypted byte
-count */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR       pPart,               /* the plaintext data */
-  CK_ULONG          ulPartLen,           /* bytes of plaintext data */
-  CK_BYTE_PTR       pEncryptedPart,      /* receives encrypted data */
-  CK_ULONG_PTR      pulEncryptedPartLen  /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* the session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* input encrypted data */
-  CK_ULONG          ulEncryptedPartLen,  /* count of byes of input */
-  CK_BYTE_PTR       pPart,               /* receives decrypted output */
-  CK_ULONG_PTR      pulPartLen           /* receives decrypted byte
-count */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key object. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,    /* the session's handle */
-  CK_MECHANISM_PTR     pMechanism,  /* the key generation mechanism */
-  CK_ATTRIBUTE_PTR     pTemplate,   /* template for the new key */
-  CK_ULONG             ulCount,     /* number of attributes in template
-*/
-  CK_OBJECT_HANDLE_PTR phKey        /* receives handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair, 
- * creating new key objects. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,                    /* the session's
-handle */
-  CK_MECHANISM_PTR     pMechanism,                  /* the key gen.
-mech. */
-  CK_ATTRIBUTE_PTR     pPublicKeyTemplate,          /* pub. attr.
-template */
-  CK_ULONG             ulPublicKeyAttributeCount,   /* # of pub. attrs.
-*/
-  CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,         /* priv. attr.
-template */
-  CK_ULONG             ulPrivateKeyAttributeCount,  /* # of priv. attrs.
-*/
-  CK_OBJECT_HANDLE_PTR phPublicKey,                 /* gets pub. key
-handle */
-  CK_OBJECT_HANDLE_PTR phPrivateKey                 /* gets priv. key
-handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_EXTERN _CK_RV CK_FUNC(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,      /* the wrapping mechanism */
-  CK_OBJECT_HANDLE  hWrappingKey,    /* handle of the wrapping key */
-  CK_OBJECT_HANDLE  hKey,            /* handle of the key to be wrapped
-*/
-  CK_BYTE_PTR       pWrappedKey,     /* receives the wrapped key */
-  CK_ULONG_PTR      pulWrappedKeyLen /* receives byte size of wrapped
-key */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key
-object. */
-CK_EXTERN _CK_RV CK_FUNC(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,          /* the session's handle */
-  CK_MECHANISM_PTR     pMechanism,        /* the unwrapping mechanism */
-  CK_OBJECT_HANDLE     hUnwrappingKey,    /* handle of the unwrapping
-key */
-  CK_BYTE_PTR          pWrappedKey,       /* the wrapped key */
-  CK_ULONG             ulWrappedKeyLen,   /* bytes length of wrapped key
-*/
-  CK_ATTRIBUTE_PTR     pTemplate,         /* template for the new key */
-  CK_ULONG             ulAttributeCount,  /* # of attributes in template
-*/
-  CK_OBJECT_HANDLE_PTR phKey              /* gets handle of recovered
-key */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key object.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,          /* the session's handle */
-  CK_MECHANISM_PTR     pMechanism,        /* the key derivation
-mechanism */
-  CK_OBJECT_HANDLE     hBaseKey,          /* handle of the base key */
-  CK_ATTRIBUTE_PTR     pTemplate,         /* template for the new key */
-  CK_ULONG             ulAttributeCount,  /* # of attributes in template
-*/
-  CK_OBJECT_HANDLE_PTR phKey              /* gets handle of derived key
-*/
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's random
-number 
- * generator. */
-CK_EXTERN _CK_RV CK_FUNC(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pSeed,     /* the seed material */
-  CK_ULONG          ulSeedLen  /* count of bytes of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_BYTE_PTR       RandomData,  /* receives the random data */
-  CK_ULONG          ulRandomLen  /* number of bytes to be generated */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus obtains an updated status of a function running 
- * in parallel with an application. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction cancels a function running in parallel. */
-CK_EXTERN _CK_RV CK_FUNC(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_EXTERN _CK_RV CK_FUNC(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_FLAGS flags,        /* blocking/nonblocking flag */
-  CK_SLOT_ID_PTR pSlot,  /* location that receives the slot ID */
-  CK_VOID_PTR pRserved   /* reserved.  Should be NULL_PTR */
-);
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkcs11i.h b/security/nss/lib/fortcrypt/fpkcs11i.h
deleted file mode 100644
index 9359bb8d6..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11i.h
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal data structures used by pkcs11.c
- */
-#ifndef _FPKCS11I_H_
-#define _FPKCS11I_H_ 1
-
-#include "fpkstrs.h"
-#ifdef SWFORT
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-#endif
-#include "genci.h"
-
-typedef struct PK11AttributeStr PK11Attribute;
-typedef struct PK11ObjectListStr PK11ObjectList;
-typedef struct PK11ObjectListElementStr PK11ObjectListElement;
-typedef struct PK11ObjectStr PK11Object;
-typedef struct PK11SessionStr PK11Session;
-typedef struct PK11SlotStr PK11Slot;
-typedef struct PK11SessionContextStr PK11SessionContext;
-typedef struct PK11SearchResultsStr PK11SearchResults;
-
-typedef void (*PK11Destroy)(void *, PRBool);
-typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
-					void *, unsigned int);
-typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*PK11Hash)(void *,void *,unsigned int);
-typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
-typedef void (*PK11Free)(void *);
-
-#define HASH_SIZE 32
-#define SESSION_HASH_SIZE 64
-
-/* Value to tell if an attribute is modifiable or not.
- *    NEVER: attribute is only set on creation.
- *    ONCOPY: attribute is set on creation and can only be changed on copy.
- *    SENSITIVE: attribute can only be changed to TRUE.
- *    ALWAYS: attribute can always be changed.
- */
-typedef enum {
-	PK11_NEVER = 0,
-	PK11_ONCOPY = 1,
-	PK11_SENSITIVE = 2,
-	PK11_ALWAYS = 3
-} PK11ModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
-	PK11_DestroyFailure,
-	PK11_Destroyed,
-	PK11_Busy
-} PK11FreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct PK11AttributeStr {
-    PK11Attribute  	*next;
-    PK11Attribute  	*prev;
-    int 		refCount;
-    void 		*refLock; 
-    /*must be called handle to make pk11queue_find work */
-    CK_ATTRIBUTE_TYPE	handle;
-    CK_ATTRIBUTE 	attrib;
-};
-
-struct PK11ObjectListStr {
-    PK11ObjectList *next;
-    PK11ObjectList *prev;
-    PK11Object	   *parent;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct PK11ObjectStr {
-    PK11Object *next;
-    PK11Object *prev;
-    PK11ObjectList sessionList;
-    CK_OBJECT_HANDLE handle;
-    int refCount;
-    void 		*refLock;
-    void		*attributeLock;
-    PK11Session   	*session;
-    PK11Slot	   	*slot;
-    CK_OBJECT_CLASS 	objclass;
-    void 		*objectInfo;
-    PK11Free 		infoFree;
-    char		*label;
-    PRBool		inDB;
-    PK11Attribute 	*head[HASH_SIZE];
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct PK11ObjectListElementStr {
-    PK11ObjectListElement	*next;
-    PK11Object 			*object;
-};
-
-/*
- * Area to hold Search results
- */
-struct PK11SearchResultsStr {
-    CK_OBJECT_HANDLE	*handles;
-    int			size;
-    int			index;
-};
-
-
-/* 
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
-    PK11_ENCRYPT,
-    PK11_DECRYPT,
-    PK11_HASH,
-    PK11_SIGN,
-    PK11_SIGN_RECOVER,
-    PK11_VERIFY,
-    PK11_VERIFY_RECOVER
-} PK11ContextType;
-
-
-struct PK11SessionContextStr {
-    PK11ContextType	type;
-    PRBool		multi; /* is multipart */
-    void		*cipherInfo;
-    unsigned int	cipherInfoLen;
-    CK_MECHANISM_TYPE	currentMech;
-    PK11Cipher		update;
-    PK11Hash		hashUpdate;
-    PK11End		end;
-    PK11Destroy		destroy;
-    PK11Verify		verify;
-    unsigned int	maxLen;
-};
-
-/*
- * Sessions (have objects)
- */
-struct PK11SessionStr {
-    PK11Session        *next;
-    PK11Session        *prev;
-    CK_SESSION_HANDLE	handle;
-    int			refCount;
-    void 		*refLock;
-    void		*objectLock;
-    int			objectIDCount;
-    CK_SESSION_INFO	info;
-    CK_NOTIFY		notify;
-    CK_VOID_PTR		appData;
-    PK11Slot		*slot;
-    PK11SearchResults	*search;
-    PK11SessionContext	*context;
-    PK11ObjectList	*objects[1];
-    FortezzaContext     fortezzaContext;
-};
-
-/*
- * slots (have sessions and objects)
- */
-struct PK11SlotStr {
-    CK_SLOT_ID		slotID;
-    void		*sessionLock;
-    void		*objectLock;
-    SECItem      	*password;
-    PRBool		hasTokens;
-    PRBool		isLoggedIn;
-    PRBool		ssoLoggedIn;
-    PRBool		needLogin;
-    PRBool		DB_loaded;
-    int			sessionIDCount;
-    int			sessionCount;
-    int			rwSessionCount;
-    int			tokenIDCount;
-    PK11Object		*tokObjects[HASH_SIZE];
-    PK11Session		*head[SESSION_HASH_SIZE];
-};
-
-/*
- * session handle modifiers
- */
-#define PK11_PRIVATE_KEY_FLAG	0x80000000L
-
-/*
- * object handle modifiers
- */
-#define PK11_TOKEN_MASK		0x80000000L
-#define PK11_TOKEN_MAGIC	0x80000000L
-#define PK11_TOKEN_TYPE_MASK	0x70000000L
-#define PK11_TOKEN_TYPE_CERT	0x00000000L
-#define PK11_TOKEN_TYPE_PRIV	0x10000000L
-
-/* how big a password/pin we can deal with */
-#define PK11_MAX_PIN	255
-
-/* slot helper macros */
-#define pk11_SlotFromSessionHandle(handle) (((handle) & PK11_PRIVATE_KEY_FLAG)\
-			 ? &pk11_slot[1] : &pk11_slot[0])
-#define PK11_TOSLOT1(handle) handle &= ~PK11_PRIVATE_KEY_FLAG
-#define PK11_TOSLOT2(handle) handle |= PK11_PRIVATE_KEY_FLAG
-#define pk11_SlotFromSession(sp) ((sp)->slot)
-#define pk11_SlotFromID(id) ((id) == NETSCAPE_SLOT_ID ? \
-	&pk11_slot[0] : (((id) == PRIVATE_KEY_SLOT_ID) ? &pk11_slot[1] : NULL))
-#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
-
-/* queueing helper macros */
-#define pk11_hash(value,size) ((value) & (size-1))/*size must be a power of 2*/
-#define pk11queue_add(element,id,head,hash_size) \
-	{ int tmp = pk11_hash(id,hash_size); \
-	(element)->next = (head)[tmp]; \
-	(element)->prev = NULL; \
-	if ((head)[tmp]) (head)[tmp]->prev = (element); \
-	(head)[tmp] = (element); }
-#define pk11queue_find(element,id,head,hash_size) \
-	for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
-					 (element) = (element)->next) { \
-	    if ((element)->handle == (id)) { break; } }
-#define pk11queue_delete(element,id,head,hash_size) \
-	if ((element)->next) (element)->next->prev = (element)->prev; \
-	if ((element)->prev) (element)->prev->next = (element)->next; \
-	   else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
-	(element)->next = NULL; \
-	(element)->prev = NULL; \
-
-/* expand an attribute & secitem structures out */
-#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define pk11_item_expand(ip) (ip)->data,(ip)->len
-
-#endif
-	
diff --git a/security/nss/lib/fortcrypt/fpkcs11t.h b/security/nss/lib/fortcrypt/fpkcs11t.h
deleted file mode 100644
index f3c6b0470..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11t.h
+++ /dev/null
@@ -1,1098 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-/* an unsigned 8-bit value */
-typedef unsigned char 	CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE 	CK_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE		CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-/* CK_LONG is new for v2.0 */
-typedef long int	CK_LONG;
-
-/* at least 32 bits, each bit is a Boolean flag */
-typedef CK_ULONG 	CK_FLAGS;
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE    0
-
-/* these data types are platform/implementation dependent. */
-#if defined(XP_WIN) 
-#if defined(_WIN32)
-#define CK_ENTRY	
-#define CK_PTR		*	/* definition for Win32 */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#pragma pack(push, cryptoki, 1)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#define CK_ENTRY
-#define CK_PTR		*	/* definition for Win16 */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#pragma pack(push, 1)
-#else /* not Watcom 16-bit */
-#define CK_ENTRY
-#define CK_PTR		*	/* definition for Win16 */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#pragma pack(1)
-#endif
-#endif
-#else /* not windows */
-#define CK_ENTRY
-#define CK_PTR		*	/* definition for UNIX */ 
-#define NULL_PTR 	0	/* NULL pointer */
-#endif
-
-
-typedef CK_BYTE     CK_PTR	CK_BYTE_PTR;     /* Pointer to a CK_BYTE */
-typedef CK_CHAR     CK_PTR	CK_CHAR_PTR;     /* Pointer to a CK_CHAR */
-typedef CK_ULONG    CK_PTR	CK_ULONG_PTR;    /* Pointer to a CK_ULONG */
-typedef void        CK_PTR	CK_VOID_PTR;     /* Pointer to a void */
-typedef CK_VOID_PTR CK_PTR      CK_VOID_PTR_PTR; /* Pointer to a CK_VOID_PTR */
-
-/* The following value is always invalid if used as a session */
-/* handle or object handle */
-#define CK_INVALID_HANDLE 0
-
-typedef struct CK_VERSION {
-    CK_BYTE	major;	/* integer    portion of the version number */
-    CK_BYTE	minor;  /* hundredths portion of the version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR; /* points to a CK_VERSION */
-
-
-typedef struct CK_INFO {
-    CK_VERSION	cryptokiVersion;	/* PKCS #11 interface version number */
-    CK_CHAR	manufacturerID[32];	/* blank padded */
-    CK_FLAGS	flags;			/* must be zero */
-
-    /* libraryDescription and libraryVersion are new for v2.0 */
-    CK_CHAR	libraryDescription[32];	/* blank padded */
-    CK_VERSION	libraryVersion;		/* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR	CK_INFO_PTR;	/* points to a CK_INFO structure */
-
-
-/* CK_NOTIFICATION enumerates the types of notifications 
- * that PKCS #11 provides to an application.  */
-/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER		0
-
-
-typedef CK_ULONG	CK_SLOT_ID;
-
-/* CK_SLOT_ID_PTR points to a CK_SLOT_ID.  */
-typedef CK_SLOT_ID CK_PTR	CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot. */
-typedef struct CK_SLOT_INFO {
-    CK_CHAR	slotDescription[64];	/* blank padded */
-    CK_CHAR	manufacturerID[32];	/* blank padded */
-    CK_FLAGS	flags;
-
-    /* hardwareVersion and firmwareVersion are new for v2.0 */
-    CK_VERSION	hardwareVersion;	/* version of hardware */
-    CK_VERSION  firmwareVersion;	/* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags:	bits flags that provide capabilities of the slot.
- *	Bit Flag		Mask		Meaning
- */
-#define CKF_TOKEN_PRESENT	0x00000001	/* a token is present in the slot */
-#define CKF_REMOVABLE_DEVICE	0x00000002	/* reader supports removable devices*/
-#define CKF_HW_SLOT		0x00000004	/* a hardware slot, not a "soft token"*/
-
-/* CK_SLOT_INFO_PTR points to a CK_SLOT_INFO. */
-typedef CK_SLOT_INFO CK_PTR	CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token. */
-typedef struct CK_TOKEN_INFO {
-    CK_CHAR	label[32];		/* blank padded */
-    CK_CHAR	manufacturerID[32];	/* blank padded */
-    CK_CHAR	model[16];		/* blank padded */
-    CK_CHAR	serialNumber[16];	/* blank padded */
-    CK_FLAGS	flags;			/* see below */
-
-    /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
-     * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
-     * changed from CK_USHORT to CK_ULONG for v2.0 */
-    CK_ULONG	ulMaxSessionCount;	/* max open sessions */
-    CK_ULONG	ulSessionCount;		/* sessions currently open */
-    CK_ULONG	ulMaxRwSessionCount;	/* max R/W sessions */
-    CK_ULONG	ulRwSessionCount;	/* R/W sessions currently open */
-    CK_ULONG	ulMaxPinLen;		/* in bytes */
-    CK_ULONG	ulMinPinLen;		/* in bytes */
-    CK_ULONG	ulTotalPublicMemory;	/* in bytes */
-    CK_ULONG	ulFreePublicMemory;	/* in bytes */
-    CK_ULONG	ulTotalPrivateMemory;	/* in bytes */
-    CK_ULONG	ulFreePrivateMemory;	/* in bytes */
-
-    /* hardwareVersion, firmwareVersion, and time are new for v2.0 */
-    CK_VERSION	hardwareVersion;	/* version of hardware */
-    CK_VERSION	firmwareVersion;	/* version of firmware */
-    CK_CHAR	utcTime[16];		/* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- * Table 7-2, Token Information Flags
- *	Bit Flag		Mask		Meaning 
- */
-#define CKF_RNG			       0x00000001  /* has random number generator */
-#define CKF_WRITE_PROTECTED	       0x00000002  /* token is write-protected */
-#define CKF_LOGIN_REQUIRED	       0x00000004  /* a user must be logged in  */
-#define CKF_USER_PIN_INITIALIZED       0x00000008  /* normal user's PIN is initialized */
-
-
-/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0.  If it is set, then that means */
-/* that *every* time the state of cryptographic operations of a session is */
-/* successfully saved, all keys needed to continue those operations are */
-/* stored in the state. */
-#define CKF_RESTORE_KEY_NOT_NEEDED   0x00000020  /* key always saved in saved sessions */
-
-/* CKF_CLOCK_ON_TOKEN is new for v2.0.  If it is set, then that means that */
-/* the token has some sort of clock.  The time on that clock is returned in */
-/* the token info structure. */
-#define CKF_CLOCK_ON_TOKEN           0x00000040  /* token has a clock */
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0.  If it is true, that means */
-/* that there is some way for the user to login without sending a PIN through */
-/* the PKCS #11 library itself. */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100  /* token has protected path */
-/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0.  If it is true, that
- * means that a single session with the token can perform dual
- * simultaneous cryptographic operations (digest and encrypt;
- * decrypt and digest; sign and encrypt; and decrypt and sign) */
-#define CKF_DUAL_CRYPTO_OPERATIONS  0x00000200  /* dual crypto operations */
-
-/* CK_TOKEN_INFO_PTR points to a CK_TOKEN_INFO. */
-typedef CK_TOKEN_INFO CK_PTR	CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a PKCS #11-assigned value that identifies a session. */
-typedef CK_ULONG 	CK_SESSION_HANDLE;
-
-/* CK_SESSION_HANDLE_PTR points to a CK_SESSION_HANDLE. */
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 
-
-
-/* CK_USER_TYPE enumerates the types of PKCS #11 users */
-/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG	CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO		0
-/* Normal user */
-#define CKU_USER	1
-
-
-/* CK_STATE enumerates the session states */
-/* CK_STATE has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG	CK_STATE;
-#define CKS_RO_PUBLIC_SESSION	0
-#define CKS_RO_USER_FUNCTIONS	1
-#define CKS_RW_PUBLIC_SESSION	2
-#define CKS_RW_SO_FUNCTIONS	3
-#define CKS_RW_USER_FUNCTIONS	4
-
-
-/* CK_SESSION_INFO provides information about a session. */
-typedef struct CK_SESSION_INFO {
-    CK_SLOT_ID	slotID;
-    CK_STATE	state;
-    CK_FLAGS	flags;		/* see below */
-
-    /* ulDeviceError was changed from CK_USHORT to CK_ULONG for v2.0 */
-    CK_ULONG	ulDeviceError;	/* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table. */
-/* Table 7-3, Session Information Flags */
-/* 	Bit Flag		Mask	   Meaning
- */
-#define CKF_RW_SESSION		0x00000002 /* session is read/write; not R/O */
-#define CKF_SERIAL_SESSION	0x00000004 /* session doesn't support parallel */
-
-/* CK_SESSION_INFO_PTR points to a CK_SESSION_INFO. */
-typedef CK_SESSION_INFO CK_PTR	CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an object.  */
-typedef CK_ULONG 	CK_OBJECT_HANDLE;
-
-/* CK_OBJECT_HANDLE_PTR points to a CK_OBJECT_HANDLE. */
-typedef CK_OBJECT_HANDLE CK_PTR	CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or types) 
- * of objects that PKCS #11 recognizes.  It is defined as follows: */
-/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG	CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-#define CKO_DATA            0x00000000
-#define CKO_CERTIFICATE     0x00000001
-#define CKO_PUBLIC_KEY      0x00000002
-#define CKO_PRIVATE_KEY     0x00000003
-#define CKO_SECRET_KEY      0x00000004
-#define CKO_VENDOR_DEFINED  0x80000000L
-
-/* CK_OBJECT_CLASS_PTR points to a CK_OBJECT_CLASS structure. */
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-
-/* CK_KEY_TYPE is a value that identifies a key type. */
-/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG 	CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA			0x00000000
-#define CKK_DSA			0x00000001
-#define CKK_DH			0x00000002
-
-/* CKK_ECDSA, and CKK_KEA are new for v2.0 */
-#define CKK_ECDSA		0x00000003
-#define CKK_KEA			0x00000005
-
-#define CKK_GENERIC_SECRET	0x00000010
-#define CKK_RC2			0x00000011
-#define CKK_RC4			0x00000012
-#define CKK_DES			0x00000013
-#define CKK_DES2		0x00000014
-#define CKK_DES3		0x00000015
-
-/* all these key types are new for v2.0 */
-#define CKK_CAST		0x00000016
-#define CKK_CAST3		0x00000017
-#define CKK_CAST5		0x00000018
-#define CKK_RC5			0x00000019
-#define CKK_IDEA		0x0000001A
-#define CKK_SKIPJACK		0x0000001B
-#define CKK_BATON		0x0000001C
-#define CKK_JUNIPER		0x0000001D
-#define CKK_CDMF		0x0000001E
-
-#define CKK_VENDOR_DEFINED	0x80000000L
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate type. */
-/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG 	CK_CERTIFICATE_TYPE;
-
-/* The following certificate types are defined: */
-#define CKC_X_509           0x00000000
-#define CKC_VENDOR_DEFINED  0x80000000L
-
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute type. */
-/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG	CK_ATTRIBUTE_TYPE;
-
-/* The following attribute types are defined: */
-#define CKA_CLASS              0x00000000
-#define CKA_TOKEN              0x00000001
-#define CKA_PRIVATE            0x00000002
-#define CKA_LABEL              0x00000003
-#define CKA_APPLICATION        0x00000010
-#define CKA_VALUE              0x00000011
-#define CKA_CERTIFICATE_TYPE   0x00000080
-#define CKA_ISSUER             0x00000081
-#define CKA_SERIAL_NUMBER      0x00000082
-#define CKA_KEY_TYPE           0x00000100
-#define CKA_SUBJECT            0x00000101
-#define CKA_ID                 0x00000102
-#define CKA_SENSITIVE          0x00000103
-#define CKA_ENCRYPT            0x00000104
-#define CKA_DECRYPT            0x00000105
-#define CKA_WRAP               0x00000106
-#define CKA_UNWRAP             0x00000107
-#define CKA_SIGN               0x00000108
-#define CKA_SIGN_RECOVER       0x00000109
-#define CKA_VERIFY             0x0000010A
-#define CKA_VERIFY_RECOVER     0x0000010B
-#define CKA_DERIVE             0x0000010C
-#define CKA_START_DATE         0x00000110
-#define CKA_END_DATE           0x00000111
-#define CKA_MODULUS            0x00000120
-#define CKA_MODULUS_BITS       0x00000121
-#define CKA_PUBLIC_EXPONENT    0x00000122
-#define CKA_PRIVATE_EXPONENT   0x00000123
-#define CKA_PRIME_1            0x00000124
-#define CKA_PRIME_2            0x00000125
-#define CKA_EXPONENT_1         0x00000126
-#define CKA_EXPONENT_2         0x00000127
-#define CKA_COEFFICIENT        0x00000128
-#define CKA_PRIME              0x00000130
-#define CKA_SUBPRIME           0x00000131
-#define CKA_BASE               0x00000132
-#define CKA_VALUE_BITS         0x00000160
-#define CKA_VALUE_LEN          0x00000161
-
-/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, CKA_ALWAYS_SENSITIVE, */
-/* and CKA_MODIFIABLE are new for v2.0 */
-#define CKA_EXTRACTABLE        0x00000162
-#define CKA_LOCAL              0x00000163
-#define CKA_NEVER_EXTRACTABLE  0x00000164
-#define CKA_ALWAYS_SENSITIVE   0x00000165
-#define CKA_MODIFIABLE         0x00000170
-
-#define CKA_VENDOR_DEFINED     0x80000000L
-
-/* CK_ATTRIBUTE is a structure that includes the type, length and value 
- * of an attribute.  */
-typedef struct CK_ATTRIBUTE {
-    CK_ATTRIBUTE_TYPE	type;
-    CK_VOID_PTR		pValue;
-
-    /* ulValueLen was changed from CK_USHORT to CK_ULONG for v2.0 */
-    CK_ULONG		ulValueLen;	/* in bytes */
-} CK_ATTRIBUTE;
-
-/* CK_ATTRIBUTE_PTR points to a CK_ATTRIBUTE. */
-typedef CK_ATTRIBUTE CK_PTR	CK_ATTRIBUTE_PTR;
-
-
-/* CK_DATE is a structure that defines a date. */
-typedef struct CK_DATE{
-    CK_CHAR		year[4];	/* the year ("1900" - "9999")	*/
-    CK_CHAR		month[2];	/* the month ("01" - "12")	*/
-    CK_CHAR		day[2];		/* the day   ("01" - "31")	*/
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism type. */
-/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG	CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN      0x00000000
-#define CKM_RSA_PKCS                   0x00000001
-#define CKM_RSA_9796                   0x00000002
-#define CKM_RSA_X_509                  0x00000003
-
-/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS are */
-/* new for v2.0.  They are mechanisms which hash and sign */
-#define CKM_MD2_RSA_PKCS               0x00000004
-#define CKM_MD5_RSA_PKCS               0x00000005
-#define CKM_SHA1_RSA_PKCS              0x00000006
-
-#define CKM_DSA_KEY_PAIR_GEN           0x00000010
-#define CKM_DSA                        0x00000011
-#define CKM_DSA_SHA1                   0x00000012
-#define CKM_DH_PKCS_KEY_PAIR_GEN       0x00000020
-#define CKM_DH_PKCS_DERIVE             0x00000021
-#define CKM_RC2_KEY_GEN                0x00000100
-#define CKM_RC2_ECB                    0x00000101
-#define CKM_RC2_CBC                    0x00000102
-#define CKM_RC2_MAC                    0x00000103
-
-/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new to v2.0 */
-#define CKM_RC2_MAC_GENERAL            0x00000104
-#define CKM_RC2_CBC_PAD                0x00000105
-
-#define CKM_RC4_KEY_GEN                0x00000110
-#define CKM_RC4                        0x00000111
-#define CKM_DES_KEY_GEN                0x00000120
-#define CKM_DES_ECB                    0x00000121
-#define CKM_DES_CBC                    0x00000122
-#define CKM_DES_MAC                    0x00000123
-
-/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new to v2.0 */
-#define CKM_DES_MAC_GENERAL            0x00000124
-#define CKM_DES_CBC_PAD                0x00000125
-
-#define CKM_DES2_KEY_GEN               0x00000130
-#define CKM_DES3_KEY_GEN               0x00000131
-#define CKM_DES3_ECB                   0x00000132
-#define CKM_DES3_CBC                   0x00000133
-#define CKM_DES3_MAC                   0x00000134
-
-/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, */
-/* CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, CKM_CDMF_MAC_GENERAL, */
-/* and CKM_CDMF_CBC_PAD are new to v2.0 */
-#define CKM_DES3_MAC_GENERAL           0x00000135
-#define CKM_DES3_CBC_PAD               0x00000136
-#define CKM_CDMF_KEY_GEN               0x00000140
-#define CKM_CDMF_ECB                   0x00000141
-#define CKM_CDMF_CBC                   0x00000142
-#define CKM_CDMF_MAC                   0x00000143
-#define CKM_CDMF_MAC_GENERAL           0x00000144
-#define CKM_CDMF_CBC_PAD               0x00000145
-
-#define CKM_MD2                        0x00000200
-
-/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new to v2.0 */
-#define CKM_MD2_HMAC                   0x00000201
-#define CKM_MD2_HMAC_GENERAL           0x00000202
-
-#define CKM_MD5                        0x00000210
-
-/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new to v2.0 */
-#define CKM_MD5_HMAC                   0x00000211
-#define CKM_MD5_HMAC_GENERAL           0x00000212
-
-#define CKM_SHA_1                      0x00000220
-
-/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new to v2.0 */
-#define CKM_SHA_1_HMAC                 0x00000221
-#define CKM_SHA_1_HMAC_GENERAL         0x00000222
-
-/* All the following mechanisms are new to v2.0 */
-#define CKM_CAST_KEY_GEN               0x00000300
-#define CKM_CAST_ECB                   0x00000301
-#define CKM_CAST_CBC                   0x00000302
-#define CKM_CAST_MAC                   0x00000303
-#define CKM_CAST_MAC_GENERAL           0x00000304
-#define CKM_CAST_CBC_PAD               0x00000305
-#define CKM_CAST3_KEY_GEN              0x00000310
-#define CKM_CAST3_ECB                  0x00000311
-#define CKM_CAST3_CBC                  0x00000312
-#define CKM_CAST3_MAC                  0x00000313
-#define CKM_CAST3_MAC_GENERAL          0x00000314
-#define CKM_CAST3_CBC_PAD              0x00000315
-#define CKM_CAST5_KEY_GEN              0x00000320
-#define CKM_CAST5_ECB                  0x00000321
-#define CKM_CAST5_CBC                  0x00000322
-#define CKM_CAST5_MAC                  0x00000323
-#define CKM_CAST5_MAC_GENERAL          0x00000324
-#define CKM_CAST5_CBC_PAD              0x00000325
-#define CKM_RC5_KEY_GEN                0x00000330
-#define CKM_RC5_ECB                    0x00000331
-#define CKM_RC5_CBC                    0x00000332
-#define CKM_RC5_MAC                    0x00000333
-#define CKM_RC5_MAC_GENERAL            0x00000334
-#define CKM_RC5_CBC_PAD                0x00000335
-#define CKM_IDEA_KEY_GEN               0x00000340
-#define CKM_IDEA_ECB                   0x00000341
-#define CKM_IDEA_CBC                   0x00000342
-#define CKM_IDEA_MAC                   0x00000343
-#define CKM_IDEA_MAC_GENERAL           0x00000344
-#define CKM_IDEA_CBC_PAD               0x00000345
-#define CKM_GENERIC_SECRET_KEY_GEN     0x00000350
-#define CKM_CONCATENATE_BASE_AND_KEY   0x00000360
-#define CKM_CONCATENATE_BASE_AND_DATA  0x00000362
-#define CKM_CONCATENATE_DATA_AND_BASE  0x00000363
-#define CKM_XOR_BASE_AND_DATA          0x00000364
-#define CKM_EXTRACT_KEY_FROM_KEY       0x00000365
-#define CKM_SSL3_PRE_MASTER_KEY_GEN    0x00000370
-#define CKM_SSL3_MASTER_KEY_DERIVE     0x00000371
-#define CKM_SSL3_KEY_AND_MAC_DERIVE    0x00000372
-#define CKM_SSL3_MD5_MAC               0x00000380
-#define CKM_SSL3_SHA1_MAC              0x00000381
-#define CKM_MD5_KEY_DERIVATION         0x00000390
-#define CKM_MD2_KEY_DERIVATION         0x00000391
-#define CKM_SHA1_KEY_DERIVATION        0x00000392
-#define CKM_PBE_MD2_DES_CBC            0x000003A0
-#define CKM_PBE_MD5_DES_CBC            0x000003A1
-#define CKM_PBE_MD5_CAST_CBC           0x000003A2
-#define CKM_PBE_MD5_CAST3_CBC          0x000003A3
-#define CKM_PBE_MD5_CAST5_CBC          0x000003A4
-#define CKM_PBE_SHA1_CAST5_CBC         0x000003A5
-#define CKM_PBE_SHA1_RC4_128           0x000003A6
-#define CKM_PBE_SHA1_RC4_40            0x000003A7
-#define CKM_PBE_SHA1_DES3_EDE_CBC      0x000003A8
-#define CKM_PBE_SHA1_DES2_EDE_CBC      0x000003A9
-#define CKM_PBE_SHA1_RC2_128_CBC       0x000003AA
-#define CKM_PBE_SHA1_RC2_40_CBC        0x000003AB
-#define CKM_KEY_WRAP_LYNKS             0x00000400
-#define CKM_KEY_WRAP_SET_OAEP          0x00000401
-
-/* Fortezza mechanisms */
-#define CKM_SKIPJACK_KEY_GEN           0x00001000
-#define CKM_SKIPJACK_ECB64             0x00001001
-#define CKM_SKIPJACK_CBC64             0x00001002
-#define CKM_SKIPJACK_OFB64             0x00001003
-#define CKM_SKIPJACK_CFB64             0x00001004
-#define CKM_SKIPJACK_CFB32             0x00001005
-#define CKM_SKIPJACK_CFB16             0x00001006
-#define CKM_SKIPJACK_CFB8              0x00001007
-#define CKM_SKIPJACK_WRAP              0x00001008
-#define CKM_SKIPJACK_PRIVATE_WRAP      0x00001009
-#define CKM_SKIPJACK_RELAYX            0x0000100a
-#define CKM_KEA_KEY_PAIR_GEN           0x00001010
-#define CKM_KEA_KEY_DERIVE             0x00001011
-#define CKM_FORTEZZA_TIMESTAMP         0x00001020
-#define CKM_BATON_KEY_GEN              0x00001030
-#define CKM_BATON_ECB128               0x00001031
-#define CKM_BATON_ECB96                0x00001032
-#define CKM_BATON_CBC128               0x00001033
-#define CKM_BATON_COUNTER              0x00001034
-#define CKM_BATON_SHUFFLE              0x00001035
-#define CKM_BATON_WRAP                 0x00001036
-#define CKM_ECDSA_KEY_PAIR_GEN         0x00001040
-#define CKM_ECDSA                      0x00001041
-#define CKM_ECDSA_SHA1                 0x00001042
-#define CKM_JUNIPER_KEY_GEN            0x00001060
-#define CKM_JUNIPER_ECB128             0x00001061
-#define CKM_JUNIPER_CBC128             0x00001062
-#define CKM_JUNIPER_COUNTER            0x00001063
-#define CKM_JUNIPER_SHUFFLE            0x00001064
-#define CKM_JUNIPER_WRAP               0x00001065
-#define CKM_FASTHASH                   0x00001070
-
-#define CKM_VENDOR_DEFINED	       0x80000000L
-
-
-/* CK_MECHANISM_TYPE_PTR points to a CK_MECHANISM_TYPE structure. */
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular mechanism.  */
-typedef struct CK_MECHANISM {
-    CK_MECHANISM_TYPE	mechanism;
-    CK_VOID_PTR		pParameter;
-
-    /* ulParameterLen was changed from CK_USHORT to CK_ULONG for v2.0 */
-    CK_ULONG		ulParameterLen;	/* in bytes */
-} CK_MECHANISM;
-
-/* CK_MECHANISM_PTR points to a CK_MECHANISM structure. */
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular mechanism. */
-typedef struct CK_MECHANISM_INFO {
-    CK_ULONG		ulMinKeySize;
-    CK_ULONG		ulMaxKeySize;
-    CK_FLAGS		flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows.
- *	Table 7-4, Mechanism Information FLags
- *	Bit Flag	Mask	Meaning */
-#define CKF_HW			0x00000001 /* performed by HW device; not SW */
-
-/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, CKG_SIGN_RECOVER, */
-/* CKF_VERIFY, CKF_VERIFY_RECOVER, CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, */
-/* CKF_UNWRAP, and CKF_DERIVE are new for v2.0 */
-#define CKF_ENCRYPT		0x00000100 /* can be used with C_EncryptInit */
-#define CKF_DECRYPT		0x00000200 /* can be used with C_DecryptInit */
-#define CKF_DIGEST		0x00000400 /* can be used with C_DigestInit */
-#define CKF_SIGN 		0x00000800 /* can be used with C_SignInit */
-#define CKF_SIGN_RECOVER	0x00001000 /* can use with C_SignRecoverInit */
-#define CKF_VERIFY		0x00002000 /* can be used with C_VerifyInit */
-#define CKF_VERIFY_RECOVER	0x00004000 /* can use w/ C_VerifyRecoverInit */
-#define CKF_GENERATE		0x00008000L /* can be used with C_GenerateKey */
-#define CKF_GENERATE_KEY_PAIR	0x00010000L /* can use with C_GenerateKeyPair */
-#define CKF_WRAP		0x00020000L /* can be used with C_WrapKey */
-#define CKF_UNWRAP		0x00040000L /* can be used with C_UnwrapKey */
-#define CKF_DERIVE		0x00080000L /* can be used with C_DeriveKey */
-
-#define CKF_EXTENSION		0x80000000L /* Must be FALSE for this version */
-
-/* CK_MECHANISM_INFO_PTR points to a CK_MECHANISM_INFO structure. */
-typedef CK_MECHANISM_INFO CK_PTR	CK_MECHANISM_INFO_PTR;
-
-
-/* CK_RV is a value that identifies the return value of a PKCS #11 function. */
-/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG          CK_RV;
-
-#define CKR_OK                                0x00000000
-#define CKR_CANCEL                            0x00000001
-#define CKR_HOST_MEMORY                       0x00000002
-#define CKR_SLOT_ID_INVALID                   0x00000003
-
-/* CKR_FLAGS_INVALID was removed for v2.0 */
-
-/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
-#define CKR_GENERAL_ERROR                     0x00000005
-#define CKR_FUNCTION_FAILED                   0x00000006
-
-/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
- * and CKR_CANT_LOCK are new for v2.01 */
-#define CKR_ARGUMENTS_BAD                     0x00000007
-#define CKR_NO_EVENT                          0x00000008
-#define CKR_NEED_TO_CREATE_THREADS            0x00000009
-#define CKR_CANT_LOCK                         0x0000000A
-
-#define CKR_ATTRIBUTE_READ_ONLY               0x00000010
-#define CKR_ATTRIBUTE_SENSITIVE               0x00000011
-#define CKR_ATTRIBUTE_TYPE_INVALID            0x00000012
-#define CKR_ATTRIBUTE_VALUE_INVALID           0x00000013
-#define CKR_DATA_INVALID                      0x00000020
-#define CKR_DATA_LEN_RANGE                    0x00000021
-#define CKR_DEVICE_ERROR                      0x00000030
-#define CKR_DEVICE_MEMORY                     0x00000031
-#define CKR_DEVICE_REMOVED                    0x00000032
-#define CKR_ENCRYPTED_DATA_INVALID            0x00000040
-#define CKR_ENCRYPTED_DATA_LEN_RANGE          0x00000041
-#define CKR_FUNCTION_CANCELED                 0x00000050
-#define CKR_FUNCTION_NOT_PARALLEL             0x00000051
-
-/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
-#define CKR_FUNCTION_NOT_SUPPORTED            0x00000054
-
-#define CKR_KEY_HANDLE_INVALID                0x00000060
-
-/* CKR_KEY_SENSITIVE was removed for v2.0 */
-
-#define CKR_KEY_SIZE_RANGE                    0x00000062
-#define CKR_KEY_TYPE_INCONSISTENT             0x00000063
-
-/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are
- * new for v2.0 */
-#define CKR_KEY_NOT_NEEDED                    0x00000064
-#define CKR_KEY_CHANGED                       0x00000065
-#define CKR_KEY_NEEDED                        0x00000066
-#define CKR_KEY_INDIGESTIBLE                  0x00000067
-#define CKR_KEY_FUNCTION_NOT_PERMITTED        0x00000068
-#define CKR_KEY_NOT_WRAPPABLE                 0x00000069
-#define CKR_KEY_UNEXTRACTABLE                 0x0000006A
-
-#define CKR_MECHANISM_INVALID                 0x00000070
-#define CKR_MECHANISM_PARAM_INVALID           0x00000071
-
-/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
- * were removed for v2.0 */
-#define CKR_OBJECT_HANDLE_INVALID             0x00000082
-#define CKR_OPERATION_ACTIVE                  0x00000090
-#define CKR_OPERATION_NOT_INITIALIZED         0x00000091
-#define CKR_PIN_INCORRECT                     0x000000A0
-#define CKR_PIN_INVALID                       0x000000A1
-#define CKR_PIN_LEN_RANGE                     0x000000A2
-
-/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
-#define CKR_PIN_EXPIRED                       0x000000A3
-#define CKR_PIN_LOCKED                        0x000000A4
-
-#define CKR_SESSION_CLOSED                    0x000000B0
-#define CKR_SESSION_COUNT                     0x000000B1
-#define CKR_SESSION_HANDLE_INVALID            0x000000B3
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED    0x000000B4
-#define CKR_SESSION_READ_ONLY                 0x000000B5
-#define CKR_SESSION_EXISTS                    0x000000B6
-
-/* CKR_SESSION_READ_ONLY_EXISTS and CKR_SESSION_READ_WRITE_SO_EXISTS
- * are new for v2.0 */
-#define CKR_SESSION_READ_ONLY_EXISTS          0x000000B7
-#define CKR_SESSION_READ_WRITE_SO_EXISTS      0x000000B8
-
-#define CKR_SIGNATURE_INVALID                 0x000000C0
-#define CKR_SIGNATURE_LEN_RANGE               0x000000C1
-#define CKR_TEMPLATE_INCOMPLETE               0x000000D0
-#define CKR_TEMPLATE_INCONSISTENT             0x000000D1
-#define CKR_TOKEN_NOT_PRESENT                 0x000000E0
-#define CKR_TOKEN_NOT_RECOGNIZED              0x000000E1
-#define CKR_TOKEN_WRITE_PROTECTED             0x000000E2
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID     0x000000F0
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE         0x000000F1
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT  0x000000F2
-#define CKR_USER_ALREADY_LOGGED_IN            0x00000100
-#define CKR_USER_NOT_LOGGED_IN                0x00000101
-#define CKR_USER_PIN_NOT_INITIALIZED          0x00000102
-#define CKR_USER_TYPE_INVALID                 0x00000103
-
-/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
- * are new to v2.01 */
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN    0x00000104
-#define CKR_USER_TOO_MANY_TYPES               0x00000105
-
-#define CKR_WRAPPED_KEY_INVALID               0x00000110
-#define CKR_WRAPPED_KEY_LEN_RANGE             0x00000112
-#define CKR_WRAPPING_KEY_HANDLE_INVALID       0x00000113
-#define CKR_WRAPPING_KEY_SIZE_RANGE           0x00000114
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT    0x00000115
-#define CKR_RANDOM_SEED_NOT_SUPPORTED         0x00000120
-
-/* These are new to v2.0 */
-#define CKR_RANDOM_NO_RNG                     0x00000121
-#define CKR_INSERTION_CALLBACK_SET            0x00000140
-#define CKR_INSERTION_CALLBACK_NOT_SUPPORTED  0x00000141
-#define CKR_BUFFER_TOO_SMALL                  0x00000150
-#define CKR_SAVED_STATE_INVALID               0x00000160
-#define CKR_INFORMATION_SENSITIVE             0x00000170
-#define CKR_STATE_UNSAVEABLE                  0x00000180
-
-/* These are new to v2.01 */
-#define CKR_CRYPTOKI_NOT_INITIALIZED          0x00000190
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED      0x00000191
-#define CKR_MUTEX_BAD                         0x000001A0
-#define CKR_MUTEX_NOT_LOCKED                  0x000001A1
-
-#define CKR_VENDOR_DEFINED                    0x80000000L
-
-
-/* CK_NOTIFY is an application callback that processes events. */
-typedef CK_RV (CK_ENTRY CK_PTR CK_NOTIFY)(
-    CK_SESSION_HANDLE	hSession,	/* the session's handle */
-    CK_NOTIFICATION	event,
-    CK_VOID_PTR		pApplication	/* same as passed to C_OpenSession. */
-);
-
-/* CK_FUNCTION_LIST is going to be a structure holding a PKCS #11 spec */
-/* version and pointers of appropriate types to all the PKCS #11 functions. */
-/* CK_FUNCTION_LIST is new for v2.0 */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR	CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-/* CK_CREATEMUTEX is an application callback for creating a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_CREATEMUTEX)(
-  CK_VOID_PTR_PTR ppMutex  /* location to receive pointer to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_DESTROYMUTEX)(
-  CK_VOID_PTR pMutex  /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_LOCKMUTEX)(
-  CK_VOID_PTR pMutex  /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_UNLOCKMUTEX)(
-  CK_VOID_PTR pMutex  /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to C_Initialize
-*/
-typedef struct CK_C_INITIALIZE_ARGS {
-  CK_CREATEMUTEX CreateMutex;
-  CK_DESTROYMUTEX DestroyMutex;
-  CK_LOCKMUTEX LockMutex;
-  CK_UNLOCKMUTEX UnlockMutex;
-  CK_FLAGS flags;
-  CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- *      Bit Flag                           Mask       Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 /* library may not
-                                                       * spawn its own
-                                                       * threads */
-#define CKF_OS_LOCKING_OK                  0x00000002 /* library can use
-                                                       * native operating
-                                                       * system thread
-                                                       * synchronization */
-
-/* CK_C_INITIALIZE_ARGS_PTR is a pointer to a CK_C_INITIALIZE_ARGS */
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK     1
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the CKM_KEA_DERIVE 
- * mechanism. */
-/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
-typedef struct CK_KEA_DERIVE_PARAMS {
-    CK_BBOOL	isSender;
-    CK_ULONG	ulRandomLen;
-    CK_BYTE_PTR	pRandomA;
-    CK_BYTE_PTR	pRandomB;
-    CK_ULONG	ulPublicDataLen;
-    CK_BYTE_PTR	pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-/* CK_KEA_DERIVE_PARAMS_PTR points to a CK_KEA_DERIVE_PARAMS. */
-typedef CK_KEA_DERIVE_PARAMS CK_PTR	CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and CKM_RC2_MAC */
-/* mechanisms.  An instance of CK_RC2_PARAMS just holds the effective keysize. */
-typedef CK_ULONG	CK_RC2_PARAMS;
-
-
-/* CK_RC2_PARAMS_PTR points to a CK_RC2_PARAMS. */
-typedef CK_RC2_PARAMS CK_PTR	CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC mechanism. */
-typedef struct CK_RC2_CBC_PARAMS {
-    /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for v2.0 */
-    CK_ULONG	ulEffectiveBits;	/* effective bits (1-1024) */
-
-    CK_BYTE	iv[8];			/* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-/* CK_RC2_CBC_PARAMS_PTR points to a CK_RC2_CBC_PARAMS. */
-typedef CK_RC2_CBC_PARAMS CK_PTR	CK_RC2_CBC_PARAMS_PTR;
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the */
-/* CKM_RC2_MAC_GENERAL mechanism. */
-/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
-    CK_ULONG	ulEffectiveBits;	/* effective bits (1-1024) */
-    CK_ULONG	ulMacLength;	/* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR	CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and CKM_RC5_MAC */
-/* mechanisms. */
-/* CK_RC5_PARAMS is new for v2.0 */
-typedef struct CK_RC5_PARAMS {
-    CK_ULONG	ulWordsize;		/* wordsize in bits */
-    CK_ULONG	ulRounds;		/* number of rounds */
-} CK_RC5_PARAMS;
-
-/* CK_RC5_PARAMS_PTR points to a CK_RC5_PARAMS. */
-typedef CK_RC5_PARAMS CK_PTR	CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC mechanism. */
-/* CK_RC5_CBC_PARAMS is new for v2.0 */
-typedef struct CK_RC5_CBC_PARAMS {
-    CK_ULONG	ulWordsize;		/* wordsize in bits */
-    CK_ULONG	ulRounds;		/* number of rounds */
-    CK_BYTE_PTR	pIv;			/* pointer to IV */
-    CK_ULONG	ulIvLen;		/* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-/* CK_RC5_CBC_PARAMS_PTR points to a CK_RC5_CBC_PARAMS. */
-typedef CK_RC5_CBC_PARAMS CK_PTR	CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the */
-/* CKM_RC5_MAC_GENERAL mechanism. */
-/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
-    CK_ULONG	ulWordsize;		/* wordsize in bits */
-    CK_ULONG	ulRounds;		/* number of rounds */
-    CK_ULONG	ulMacLength;	        /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR	CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block ciphers' */
-/* MAC_GENERAL mechanisms.  Its value is the length of the MAC. */
-/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef CK_ULONG		CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR	CK_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
-  CK_ULONG      ulPasswordLen;
-  CK_BYTE_PTR   pPassword;
-  CK_ULONG      ulPublicDataLen;
-  CK_BYTE_PTR   pPublicData;
-  CK_ULONG      ulPAndGLen;
-  CK_ULONG      ulQLen;
-  CK_ULONG      ulRandomLen;
-  CK_BYTE_PTR   pRandomA;
-  CK_BYTE_PTR   pPrimeP;
-  CK_BYTE_PTR   pBaseG;
-  CK_BYTE_PTR   pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR points to a 
- * CK_SKIPJACK_PRIVATE_WRAP_PARAMS */
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
-  CK_SKIPJACK_PRIVATE_WRAP_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism */
-/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
-  CK_ULONG      ulOldWrappedXLen;
-  CK_BYTE_PTR   pOldWrappedX;
-  CK_ULONG      ulOldPasswordLen;
-  CK_BYTE_PTR   pOldPassword;
-  CK_ULONG      ulOldPublicDataLen;
-  CK_BYTE_PTR   pOldPublicData;
-  CK_ULONG      ulOldRandomLen;
-  CK_BYTE_PTR   pOldRandomA;
-  CK_ULONG      ulNewPasswordLen;
-  CK_BYTE_PTR   pNewPassword;
-  CK_ULONG      ulNewPublicDataLen;
-  CK_BYTE_PTR   pNewPublicData;
-  CK_ULONG      ulNewRandomLen;
-  CK_BYTE_PTR   pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-/* CK_SKIPJACK_RELAYX_PARAMS_PTR points to a CK_SKIPJACK_RELAYX_PARAMS
-*/
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-typedef struct CK_PBE_PARAMS {
-    CK_CHAR_PTR		pInitVector;
-    CK_CHAR_PTR		pPassword;
-    CK_ULONG		ulPasswordLen;
-    CK_CHAR_PTR		pSalt;
-    CK_ULONG		ulSaltLen;
-    CK_ULONG		ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the */
-/* CKM_KEY_WRAP_SET_OAEP mechanism. */
-/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
-    CK_BYTE		bBC;			/* block contents byte */
-    CK_BYTE_PTR	pX;			/* extra data */
-    CK_ULONG	ulXLen;		/* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS_PTR points to a CK_KEY_WRAP_SET_OAEP_PARAMS. */
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR	CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-/* CK_BATON_PARAMS provides the parameters to the CKM_BATON_ECB128, */
-/* CKM_BATON_ECB96, CKM_BATON_CBC128, CKM_BATON_COUNTER, and */
-/* CKM_BATON_SHUFFLE mechanisms. */
-/* CK_BATON_PARAMS is new for v2.0 */
-typedef struct CK_BATON_PARAMS {
-    CK_BYTE	iv[24];
-} CK_BATON_PARAMS;
-
-/* CK_BATON_PARAMS_PTR points to a CK_BATON_PARAMS. */
-typedef CK_BATON_PARAMS CK_PTR		CK_BATON_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_RANDOM_DATA {
-  CK_BYTE_PTR  pClientRandom;
-  CK_ULONG     ulClientRandomLen;
-  CK_BYTE_PTR  pServerRandom;
-  CK_ULONG     ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
-  CK_SSL3_RANDOM_DATA RandomInfo;
-  CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
-  CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
-  CK_OBJECT_HANDLE hClientMacSecret;
-  CK_OBJECT_HANDLE hServerMacSecret;
-  CK_OBJECT_HANDLE hClientKey;
-  CK_OBJECT_HANDLE hServerKey;
-  CK_BYTE_PTR      pIVClient;
-  CK_BYTE_PTR      pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
-  CK_ULONG                ulMacSizeInBits;
-  CK_ULONG                ulKeySizeInBits;
-  CK_ULONG                ulIVSizeInBits;
-  CK_BBOOL                bIsExport;
-  CK_SSL3_RANDOM_DATA     RandomInfo;
-  CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-/* The CK_DERIVATION_STRING_DATA is used for bunches of Deriviation 
- * Mechanisms. */
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
-    CK_BYTE_PTR pData;
-    CK_ULONG ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-/* The CK_EXTRACT_PARAMS is used for the CKM_EXTRACT_KEY_FROM_KEY mechanism. */
-/* CK_EXTRACT_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-/* CK_EXTRACT_PARAMS_PTR points to a CK_EXTRACT_PARAMS. */
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-
-/* Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_KEY_GEN		0x80000001L
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC		0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC	0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC	0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC	0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4	0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4	0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC	0x80000008L
-#define CKM_TLS_MASTER_KEY_DERIVE		0x80000371L
-#define CKM_TLS_KEY_AND_MAC_DERIVE		0x80000372L
-
-/* define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB				0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST			0x80000001L
-
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#pragma pack(pop, cryptoki)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#pragma pack(pop)
-#else /* not Watcom 16-bit */
-#pragma pack()
-#endif
-#endif
-#endif
-
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkmem.h b/security/nss/lib/fortcrypt/fpkmem.h
deleted file mode 100644
index 5097828c6..000000000
--- a/security/nss/lib/fortcrypt/fpkmem.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _FPKMEM_H_
-#define _FPKMEM_H_
-
-#define PORT_Free   free
-#define PORT_Alloc  malloc
-
-#define PORT_Memcmp memcmp
-#define PORT_Memcpy memcpy
-
-#define NUM_SLOTS   32
-
-#if !defined (XP_UNIX) && !defined (_WINDOWS) && !defined (XP_OS2) && !defined (XP_BEOS)
-#define XP_MAC 1 /*Make sure we get this define in for Mac builds*/
-#endif
-
-#endif /*_FPKMEM_H_*/
diff --git a/security/nss/lib/fortcrypt/fpkstrs.h b/security/nss/lib/fortcrypt/fpkstrs.h
deleted file mode 100644
index 144ea1ee7..000000000
--- a/security/nss/lib/fortcrypt/fpkstrs.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _context_h_
-#define _context_h_
-
-#ifdef SWFORT
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-#endif
-#include "cryptint.h"
-#include "genci.h"
-#include "maci.h"
-
-typedef enum {NOKEY, TEK, MEK, UNWRAP, Ks} FortezzaKeyType;
-typedef enum {Encrypt, Decrypt, Sign, None} CryptoType;
-
-typedef struct FortezzaKeyStr *FortezzaKeyPtr;
-typedef struct FortezzaSocketStr *FortezzaSocketPtr;
-typedef struct FortezzaKeyStr FortezzaKey;
-typedef unsigned char FortezzaMEK[12]; 
-
-
-typedef struct CreateTEKInfoStr {
-    CI_RA         Ra;
-    CI_RB         Rb;
-    unsigned long randomLen;
-    int		  personality;
-    int           flag; /*Either CI_INITIATOR_FLAG or CI_RECIPIENT_FLAG*/ 
-    CI_Y          pY;
-    unsigned int  YSize; 
-} CreateTEKInfo;
-
-typedef struct FortezzaTEKStr {
-    CI_RA  Ra;  /*All the parameters necessary to create a TEK */
-    CI_RB  Rb;
-    unsigned long randomLen;
-    CI_Y   pY;
-    int    flags;
-    int    registerIndex;
-    unsigned int  ySize;
-} FortezzaTEK;
-
-struct FortezzaKeyStr {
-    FortezzaKeyPtr    next, prev;
-    CK_OBJECT_HANDLE  keyHandle;
-    int               keyRegister;
-    FortezzaKeyType   keyType;
-    FortezzaSocketPtr keySocket;
-    unsigned long     id;
-    unsigned long     hitCount;
-    union {
-        FortezzaTEK tek;
-        FortezzaMEK mek;
-    } keyData;
-};
-
-typedef struct FortezzaSocketStr {
-    PRBool            isOpen;
-    PRBool            isLoggedIn;
-    PRBool            hasLoggedIn;
-    PRBool            personalitiesLoaded;
-    unsigned long     slotID;
-    unsigned long     hitCount;
-    HSESSION          maciSession;
-    CI_SERIAL_NUMBER  openCardSerial;
-    CI_STATE          openCardState;
-    CI_PERSON        *personalityList;
-    int               numPersonalities;
-    int               numKeyRegisters;
-    FortezzaKey     **keyRegisters; /*Array of pointers to keys in registers*/
-    FortezzaKey      *keys;         /*Linked list of all the keys*/
-    void             *registersLock;
-} FortezzaSocket;
-
-typedef struct PK11SessionStr *PK11SessionPtr;
-
-typedef struct FortezzaConstextStr {
-    FortezzaKey         *fortezzaKey;
-    FortezzaSocket      *fortezzaSocket;
-    PK11SessionPtr       session;
-    CryptoType           cryptoOperation;
-    CK_MECHANISM_TYPE    mechanism;
-    CI_SAVE_DATA         cardState;
-    CI_IV                cardIV;
-    unsigned long        userRamSize;
-    CK_OBJECT_HANDLE     hKey;
-} FortezzaContext;
-
-
-
-#endif /*_context_h_*/
diff --git a/security/nss/lib/fortcrypt/genci.h b/security/nss/lib/fortcrypt/genci.h
deleted file mode 100644
index 6a44cd7a7..000000000
--- a/security/nss/lib/fortcrypt/genci.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * the following header file switches between MACI and CI based on
- * compile options. That lest the rest of the source code operate
- * without change, even if it only suports CI_ calls, not MACI_ calls
- */
-#ifndef _GENCI_H_
-#define _GENCI_H_ 1
-#include "seccomon.h"
-
-#if defined (XP_UNIX) || defined (XP_WIN32) || defined (XP_OS2) || defined (XP_BEOS)
-
-/*
- * On unix, NT, Windows '95, and OS/2 we use full maci
- */
-#include "maci.h"
-
-#define MACI_SEL(x) 
-
-/*
- * for sec-for.c
- */
-#define CI_Initialize	MACI_Initialize
-#define CI_Terminate()  { HSESSION hs;\
-			  MACI_GetSessionID(&hs);\
-			  MACI_Terminate(hs); }
-
-#else
-
-/*
- * On Mac we use the original CI_LIB
- */
-#include "cryptint.h"
-
-/*
- * MACI specific values not defined for CI lib
- */
-#define MACI_SESSION_EXCEEDED     (-53)
-
-#ifndef HSESSION_DEFINE
-typedef unsigned int HSESSION;
-#define HSESSION_DEFINE
-#endif
-
-/*
- * Map MACI_ calls to CI_ calls. NOTE: this assumes the proper CI_Select
- * calls are issued in the CI_ case
- */
-#define MACI_ChangePIN(s,pin,old,new)		CI_ChangePIN(pin,old,new)
-#define MACI_CheckPIN(s,type,pin)   		CI_CheckPIN(type,pin)
-#define MACI_Close(s,flag,socket)		CI_Close(flag,socket)
-#define MACI_Decrypt(s,size,in,out)		CI_Decrypt(size,in,out)
-#define MACI_DeleteCertificate(s,cert)		CI_DeleteCertificate(cert)
-#define MACI_DeleteKey(s,index)			CI_DeleteKey(index)
-#define MACI_Encrypt(s,size,in,out)		CI_Encrypt(size,in,out)
-#define MACI_ExtractX(s,cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g) \
-		CI_ExtractX(cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g)
-#define MACI_FirmwareUpdate(s,flags,Cksum,len,size,data) \
-			CI_FirmwareUpdate(flags,Cksum,len,size,data)
-#define MACI_GenerateIV(s,iv)			CI_GenerateIV(iv)
-#define MACI_GenerateMEK(s,index,res)		CI_GenerateMEK(index,res)
-#define MACI_GenerateRa(s,Ra)			CI_GenerateRa(Ra)
-#define MACI_GenerateRandom(s,ran)		CI_GenerateRandom(ran)
-#define MACI_GenerateTEK(s,flag,index,Ra,Rb,size,Y) \
-				CI_GenerateTEK(flag,index,Ra,Rb,size,Y)
-#define MACI_GenerateX(s,cert,type,pgSize,qSize,p,q,g,ySize,y) \
-			CI_GenerateX(cert,type,pgSize,qSize,p,q,g,ySize,y)
-#define MACI_GetCertificate(s,cert,val)		CI_GetCertificate(cert,val)
-#define MACI_GetConfiguration(s,config)		CI_GetConfiguration(config)
-#define MACI_GetHash(s,size,data,val)		CI_GetHash(size,data,val)
-#define MACI_GetPersonalityList(s,cnt,list)	CI_GetPersonalityList(cnt,list)
-#define MACI_GetSessionID(s)			CI_OK
-#define MACI_GetState(s,state)			CI_GetState(state)
-#define MACI_GetStatus(s,status)		CI_GetStatus(status)
-#define MACI_GetTime(s,time)			CI_GetTime(time)
-#define MACI_Hash(s,size,data)			CI_Hash(size,data)
-#define MACI_Initialize(count)			CI_Initialize(count)
-#define MACI_InitializeHash(s)			CI_InitializeHash()
-#define MACI_InstallX(s,cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g) \
-		CI_InstallX(cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g)
-#define MACI_LoadCertificate(s,cert,label,data,res) \
-					CI_LoadCertificate(cert,label,data,res)
-#define MACI_LoadDSAParameters(s,pgSize,qSize,p,q,g) \
-				CI_LoadDSAParameters(pgSize,qSize,p,q,g)
-#define MACI_LoadInitValues(s,seed,Ks)		CI_LoadInitValues(seed,Ks)
-#define MACI_LoadIV(s,iv)			CI_LoadIV(iv)
-#define MACI_LoadX(s,cert,type,pgSize,qSize,p,q,g,x,ySize,y) \
-			CI_LoadX(cert,type,pgSize,qSize,p,q,g,x,ySize,y)
-#define MACI_Lock(s,flags)			CI_Lock(flags)
-#define MACI_Open(s,flags,index)		CI_Open(flags,index)
-#define MACI_RelayX(s,oPass,oSize,oY,oRa,oX,nPass,nSize,nY,nRa,nX) \
-			CI_RelayX(oPass,oSize,oY,oRa,oX,nPass,nSize,nY,nRa,nX)
-#define MACI_Reset(s)				CI_Reset()
-#define MACI_Restore(s,type,data)		CI_Restore(type,data)
-#define MACI_Save(s,type,data)			CI_Save(type,data)
-#define MACI_Select(s,socket)			CI_Select(socket)
-#define MACI_SetConfiguration(s,typ,sz,d)	CI_SetConfiguration(typ,sz,d)
-#define MACI_SetKey(s,key)			CI_SetKey(key)
-#define MACI_SetMode(s,type,mode)		CI_SetMode(type,mode)
-#define MACI_SetPersonality(s,index)		CI_SetPersonality(index)
-#define MACI_SetTime(s,time)			CI_SetTime(time)
-#define MACI_Sign(s,hash,sig)			CI_Sign(hash,sig)
-#define MACI_Terminate(s)			CI_Terminate()
-#define MACI_TimeStamp(s,val,sig,time)		CI_TimeStamp(val,sig,time)
-#define MACI_Unlock(s)				CI_Unlock()
-#define MACI_UnwrapKey(s,targ,wrap,key)		CI_UnwrapKey(targ,wrap,key)
-#define MACI_VerifySignature(s,h,siz,y,sig)	CI_VerifySignature(h,siz,y,sig)
-#define MACI_VerifyTimeStamp(s,hash,sig,tim)	CI_VerityTimeStap(hash,sig,tim)
-#define MACI_WrapKey(s,src,wrap,key)		CI_WrapKey(src,wrap,key)
-#define MACI_Zeroize(s)				CI_Zeroize()
-
-#define MACI_SEL(x)	CI_Select(x)
-#endif /* ! XP_UNIX */
-#endif /* _GENCI_H_ */
diff --git a/security/nss/lib/fortcrypt/globinst.htm b/security/nss/lib/fortcrypt/globinst.htm
deleted file mode 100644
index cd0a194d4..000000000
--- a/security/nss/lib/fortcrypt/globinst.htm
+++ /dev/null
@@ -1,139 +0,0 @@
-<HTML>
-<--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
--->
-<SCRIPT>
-
-
-// ---------------------- Configuration variables ----------------
-var pkcs11jar="fortpk11.jar";
-//var pkcs11base="file://d|/dogbert/ns/dist/";
-pkcs11base="";
-
-var comm_platforms = pk_init_array (
-	"Win32", "Win16", "Mac68k", "MacPPC", 
-	"AIX4.1", "HP-UXA.09", "HP-UXB.10", 
-	"SunOS4.1.3_U1", "SunOS5.4", "SunOS5.5.1" );
-var directories = pk_init_array (
-	"win32", "win16", "none", "macppc",
-	"aix", "hpux", "hpux",
-	"sunos", "sol24", 
-	"sol251" );
-
-function mapPlatform(InPlat)
-{
-	for (i=0; i < comm_platforms.length; i++) {
-	    if (InPlat == comm_platforms[i]) {
-		return directories[i];
-	    }
-	}
-	return InPlat;
-}
-
-
-function pk_init_array()
-{
-	var numArgs = pk_init_array.arguments.length;
-	var a = new Array(numArgs);
-
-	for (var i = 0; i < numArgs; i++) {
-	    a[i] = pk_init_array.arguments[i];
-	}
-	return a;
-}
-
-function getPlatform() {
-	return navigator.platform;
-//	var string = navigator.appVersion;
-//	start = string.indexOf("(",0);
-//	if (start == -1) {
-//	    return "unknown";
-//	}
-//	end = string.indexOf(";",start);
-//	if (end == -1) {
-//	    end = string.indexOf(")",start);
-//	}
-//	if (end == -1) {
-//	   end = string.length;
-//	}
-//	platform = string.substring(start+1,end);
-//	return platform;
-}
-
-function getURLPath() {
-	var string = window.location.href;
-	end = string.lastIndexOf("/");
-	if (end == -1) {
-	   end = string.length-1;
-	}
-	return string.substring(0,end+1);
-}
-
-
-
-plat=getPlatform();
-platDir = mapPlatform(plat);
-if (pkcs11base == "") pkcs11base=getURLPath();
-
-if (plat == "MacPPC") {
-   pkcs11jar= "macinst.htm"
-}
-
-function DoInstall(url) {
-	window.location.href = url;
-}
-
-function DoCancel() {
-	// set window.location.href to your home page if you wish
-	//alert('Cancel Installation?');
-	history.back();
-}
-
-// ------  Change the following for your own Message --------
-document.write("<CENTER><H1>Netscape Fortezza PKCS #11 Module Installer</H1>");
-document.write("</CENTER>");
-document.write("<Table><TR><TD>");
-document.write("<DD><p><IMG SRC=about:logo WIDTH=90 Height=77 NAME=LITRONIC></TD>");
-document.write("<TD VAlign=Center><i> Netscape Fortezza PKCS #11 Modules require Litronic's MACI drivers to be installed on your platform.");
-document.write(" If you haven't already installed theLitronic MACI drivers, please to do so now.</I>");
-document.write("</TD></TR></Table>");
-// ----- end of generic message section --------
-document.write("<p>Netscape has detected you are installing on <b>"+plat+"</b>.<br>");
-document.write("Installing: <b>"+pkcs11base+platDir+"/"+pkcs11jar+"</b><br>");
-document.write("<FORM>");
-document.write("<CENTER><Table><TR><TD><Input Type=Button name=install value='Install Now' onclick=DoInstall("+ "\"" +pkcs11base+platDir+"/"+pkcs11jar+"\""+")>");
-document.write("</TD><TD><Input type=Button name=cancel value=Cancel Onclick=DoCancel()>");
-document.write("</TD></TR></Table></CENTER>");
-document.write("</FORM>");
-document.close();
-</SCRIPT>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/handinst.htm b/security/nss/lib/fortcrypt/handinst.htm
deleted file mode 100644
index f816432e1..000000000
--- a/security/nss/lib/fortcrypt/handinst.htm
+++ /dev/null
@@ -1,180 +0,0 @@
-<HTML>
-<TITLE>Generic PKCS #11 Installer</TITLE>
-<--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
--->
-<SCRIPT>
-// Crypto Mechanism Flags 
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG; 
-  
-
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3 // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2 // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1 // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1 // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2 // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4 // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5 // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6 // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7 // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8 // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9 // The SSL, S/MIME cipher flags are invalid 
-
-var new_window;
-var has_new_window = 0;
-
-function HandleCipher(checkBox) {
-	if (checkBox.checked) {
-		pkcs11MechanismFlags |= checkBox.value;
-	} else {
-		pkcs11MechanismFlags &= ~checkBox.value;
-	}
-}
-
-function HandleSSL(checkBox) {
-	if (checkBox.checked) {
-		pkcs11CipherFlags |= checkBox.value;
-	} else {
-		pkcs11CipherFlags &= ~checkBox.value;
-	}
-}
-
-function colonize(string) {
-	len = string.length;
-	end = len -1;
-
-	if (len == 0) return string;
-
-
-	for (i=0; i < len; i++) {
-	   if (string.charAt(i) == "/") {
-		if (i == 0) {
-		    new_string = ":" + string.substring(1,len);
-		} else if (i == end) {
-		    new_string = string.substring(0,i)+':';
-		} else {
-		    new_string = string.substring(0,i)+':'+
-						string.substring(i+1,len);
-		}
-		string = new_string;
-	   }
-	}
-
-	if (string.charAt(0) == ":") string = string.substring(1,len);
-	return string;
-}
-
-function DoInstall(name,module) {
-	if ((navigator.platform == "MacPPC") 
-			|| (navigator.platform == "Mac68K")) {
-	    module = colonize(module);
-	}
-	result = pkcs11.addmodule(name, module, 
-			pkcs11MechanismFlags, pkcs11CipherFlags); 
-	if ( result < 0) { 
-	  window.alert("New module setup failed.  Error code: " + result); 
-	}
-	if (has_new_window) new_window.close();
-}
-
-default_name = "Netscape FORTEZZA Module"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>PKCS #11 Installer</H2>");
-document.writeln(" Module name: <Input Type=Text Name=modName value=\""+default_name+"\" size=50 required><br>");
-document.writeln(" Module Library: <Input Type=FILE required Name=module><p>");
-document.writeln("<hr><TABLE><TR><TD>");
-document.writeln("<Input type=Checkbox name=RSA value="+PKCS11_MECH_RSA_FLAG+" onclick=HandleCipher(document.instform.RSA)> RSA<br>");
-document.writeln("<Input type=Checkbox name=DSA value="+PKCS11_MECH_DSA_FLAG+" onclick=HandleCipher(document.instform.DSA)> DSA<br>");
-document.writeln("<Input type=Checkbox name=RC2 value="+PKCS11_MECH_RC2_FLAG+" onclick=HandleCipher(document.instform.RC2)> RC2<br>");
-document.writeln("<Input type=Checkbox name=RC4 value="+PKCS11_MECH_RC4_FLAG+" onclick=HandleCipher(document.instform.RC4)> RC4<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=DES value="+PKCS11_MECH_DES_FLAG+" onclick=HandleCipher(document.instform.DES)> DES<br>");
-document.writeln("<Input type=Checkbox name=DH value="+PKCS11_MECH_DH_FLAG+" onclick=HandleCipher(document.instform.DH)> DH<br>");
-document.writeln("<Input type=Checkbox name=SKIPJACK value="+PKCS11_MECH_SKIPJACK_FLAG+" onclick=HandleCipher(document.instform.SKIPJACK)> SKIPJACK<br>");
-document.writeln("<Input type=Checkbox name=RC5 value="+PKCS11_MECH_RC5_FLAG+" onclick=HandleCipher(document.instform.RC5)> RC5<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=SHA1 value="+PKCS11_MECH_SHA1_FLAG+" onclick=HandleCipher(document.instform.SHA1)> SHA1<br>");
-document.writeln("<Input type=Checkbox name=MD5 value="+PKCS11_MECH_MD5_FLAG+" onclick=HandleCipher(document.instform.MD5)> MD5<br>");
-document.writeln("<Input type=Checkbox name=MD2 value="+PKCS11_MECH_MD2_FLAG+" onclick=HandleCipher(document.instform.MD2)> MD2<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=Random value="+PKCS11_MECH_RANDOM_FLAG+" CHECKED onclick=HandleCipher(document.instform.Random)> Random Number Generation<br>");
-document.writeln("<Input type=Checkbox name=readCert value="+PKCS11_PUB_READABLE_CERT_FLAG+" onclick=HandleCipher(document.instform.ReadCert)> Public Readable Certificates<br>");
-document.writeln("<Input type=Checkbox name=Disable value="+PKCS11_DISABLE_FLAG+" onclick=HandleCipher(document.instform.Disable)> Disable<br>");
-document.writeln("</TD></TR></TABLE>");
-document.writeln("<hr>");
-document.writeln("<Input type=Checkbox name=fortssl value="+ PKCS11_CIPHER_FORTEZZA_FLAG +" checked onclick=HandleSSL(document.instform.fortssl)> Enable FORTEZZA menus<br>");
-document.writeln("<hr>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln(  "document.instform.modName.value,document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/homeinst.htm b/security/nss/lib/fortcrypt/homeinst.htm
deleted file mode 100644
index a0583fbc7..000000000
--- a/security/nss/lib/fortcrypt/homeinst.htm
+++ /dev/null
@@ -1,211 +0,0 @@
-<HTML>
-<--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
--->
-<SCRIPT>
-
-
-// ---------------------- Configuration variables ----------------
-var pkcs11jar="bin/fortWIN32.jar";
-var pkcs11base="ftp://sweetlou/products/client/dogbert/new";
-//pkcs11base="";
-win_file = "libfort.jar"
-unix = "libfort-v404b9."
-mac_file = "macinst.htm"
-
-
-var winDates = pk_init_array (
-	"oct_02a_404", "oct_01a_404" );
-
-var unixDates = pk_init_array (
-	"current", "Oct_02", "Oct_O1");
-	
-
-var comm_platforms = pk_init_array (
-	"Win32", "Win16", "Mac68k", "MacPPC", 
-	"AIX4.1", "HP-UXA.09", "HP-UXB.10", 
-	"SunOS4.1.3_U1", "SunOS5.4", "SunOS5.5.1", 
-	"BSD_3861.1","BSD_3862.1", "FreeBSD2", "IRIX5.3", "IRIX6.2",
-	"LinuxELF1.2","LinusELF2.0","NCR4.0","NEC4.2","OSF1V3","SCOOS5.0",
-	"SINIX-N5.42","SunOS5.4_i86pc","UNIXWARE2.1",
-	"OS23.0","OS24.0");
-var isSupport = pk_init_array ( 1, 1, 0, 1,
-	1, 1, 1,
-	1, 1, 1, 1,
-	0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0,
-	0, 0, 0,
-	0, 0 );
-var directories = pk_init_array (
-	"32bit/fortezza", "16bit/fortezza", "", "404-fortezza-items",
-	"aix4", "hpux", "hpux10",
-	"sunos4", "sol24", "sol251",
-	// not really supported
-	"bsdi", "bsdi2", "freebsd", "irix53", "irix62",
-	"linux12","linux20","ncr","nec","osf132","sco",
-	"sinix","solx86","unixware",
-	"" ,"" );
-var files = pk_init_array (
-	win_file, win_file, mac_file, mac_file,
-	unix+"rs6000-ibm-aix4.jar",unix+"hppa1.1-hp-hpux9.jar",
-	unix+"hppa1.1-hp-hpux10.jar",
-	unix+"sparc-sun-sunos4.1.3_U1.jar",unix+"sparc-sun-solaris2.4.jar",
-	unix+"sparc-sun-solaris2.5.1.jar",
-	unix+"x86-bsdi-bsd.jar",unix+"x86-bsdi-bsd2.jar",
-	unix+"x86-unknown-freebsd.jar",
-	unix+"mips-sgi-irix5.3.jar",unix+"mips-sgi-irix6.2.jar",
-	unix+"x86-unknown-linix1.2.jar",unix+"x86-unknown-linix2.0.jar",
-	unix+"x86-ncr-sysv5.jar",unix+"mips-nec-uxv4.2.jar",
-	unix+"alpha-dec-osf3.2.jar",unix+"x86-sco-opensv5.0.2",
-	unix+"mips-sni-reliantunix.jar",unix+"x86-sun-solaris2.4.jar",
-	unix+"x86-sco-unixware2.1.jar",
-	win_file, win_file );
-
-function isSupported(InPlat)
-{
-	for (i=0; i < comm_platforms.length; i++) {
-	    if (InPlat == comm_platforms[i]) {
-		return isSupport[i];
-	    }
-	}
-	return 0;
-}
-
-function mapPlatform(InPlat)
-{
-	for (i=0; i < comm_platforms.length; i++) {
-	    if (InPlat == comm_platforms[i]) {
-		return directories[i];
-	    }
-	}
-	return InPlat;
-}
-
-function mapFile(InPlat)
-{
-	for (i=0; i < comm_platforms.length; i++) {
-	    if (InPlat == comm_platforms[i]) {
-		return files[i];
-	    }
-	}
-	return unix+"unknown-unknown-unknown.jar";
-}
-
-function mapDate(platform) {
-	if ((platform == "MacPPC") || (platform == "Mac68K")) {
-	    return "";
-	} else if ((platform == "Win32") || (platform == "Win16")) {
-	    return "/oct_2a_404";
-	} else if ((platform == "OS23.0") || (platform == "OS24.0")) {
-	    return "";
-	}
-	return "/current/signed";
-}
-function mapBaseDir(platform) {
-	if ((platform == "MacPPC") || (platform == "Mac68K")) {
-	    return "mac";
-	} else if ((platform == "Win32") || (platform == "Win16")) {
-	    return "windows"
-	} else if ((platform == "OS23.0") || (platform == "OS24.0")) {
-	    return "os2";
-	}
-	return "unix/Fortezza";
-}
-
-function pk_init_array()
-{
-	var numArgs = pk_init_array.arguments.length;
-	var a = new Array(numArgs);
-
-	for (var i = 0; i < numArgs; i++) {
-	    a[i] = pk_init_array.arguments[i];
-	}
-	return a;
-}
-
-function getPlatform() {
-	return navigator.platform;
-}
-
-function getURLPath() {
-	var string = window.location.href;
-	end = string.lastIndexOf("/");
-	if (end == -1) {
-	   end = string.length-1;
-	}
-	return string.substring(0,end+1);
-}
-
-
-
-plat=getPlatform();
-platDir = mapPlatform(plat);
-platFile = mapFile(plat);
-platBase = mapBaseDir(plat);
-platDate = mapDate(plat);
-if (pkcs11base == "") pkcs11base=getURLPath();
-pkcs11loc=pkcs11base+"/"+platBase+"/"+platDir + platDate + "/" + platFile;
-
-
-
-function DoInstall(url) {
-	window.location.href = url;
-}
-
-function DoCancel() {
-	// set window.location.href to your home page if you wish
-	//alert('Cancel Installation?');
-	history.back();
-}
-
-// ------  Change the following for your own Message --------
-document.write("<CENTER><H1>Netscape Fortezza PKCS #11 Module Installer</H1>");
-document.write("</CENTER>");
-document.write("<Table><TR><TD>");
-document.write("<DD><p><IMG SRC=litronic.gif WIDTH=110 Height=63 NAME=LITRONIC></TD>");
-document.write("<TD VAlign=Center><i> Netscape Fortezza PKCS #11 Modules require Litronic's MACI drivers to be installed on your platform.");
-document.write(" If you haven't already installed theLitronic MACI drivers, please to do so now.</I>");
-document.write("</TD></TR></Table>");
-// ----- end of generic message section --------
-document.write("<p>Netscape has detected you are installing on <b>"+plat+"</b>.<br>");
-if (!isSupported(plat)) {
-	document.write("<b>This platform is currently not suppported for FORTEZZA</b><br>");
-}
-document.write("Installing: <b>"+pkcs11loc+"</b><br>");
-document.write("<FORM>");
-document.write("<CENTER><Table><TR><TD><Input Type=Button name=install value='Install Now' onclick=DoInstall("+ "\"" +pkcs11loc+"\""+")>");
-document.write("</TD><TD><Input type=Button name=cancel value=Cancel Onclick=DoCancel()>");
-document.write("</TD></TR></Table></CENTER>");
-document.write("</FORM>");
-document.close();
-</SCRIPT>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/inst.js b/security/nss/lib/fortcrypt/inst.js
deleted file mode 100644
index 2c2b1ab64..000000000
--- a/security/nss/lib/fortcrypt/inst.js
+++ /dev/null
@@ -1,268 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-// 
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-// 
-// The Original Code is the Netscape security libraries.
-// 
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation.  Portions created by Netscape are 
-// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-// Rights Reserved.
-// 
-// Contributor(s):
-// 
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable 
-// instead of those above.  If you wish to allow use of your 
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL.  If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-////////////////////////////////////////////////////////////////////////////////////////
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-var pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG; 
-  
-////////////////////////////////////////////////////////////////////////////////////////
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-////////////////////////////////////////////////////////////////////////////////////////
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3; // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2; // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1; // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1; // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2; // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4; // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5; // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6; // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7; // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8; // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9; // The SSL, S/MIME cipher flags are invalid 
-JS_ERR_ADD_MODULE_DULICATE       =-10; // Module with the same name already installed
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Find out which library is to be installed depending on the platform
-
-// pathname seperator is platform specific
-var sep = "/";
-var vendor = "netscape";
-var moduleName = "not_supported";
-var plat = navigator.platform;
- 
-var dir = "pkcs11/" + vendor + "/" + plat + "/";
-if (plat == "Win16") {
-    dir = "pkcs11/";
-}
-
-bAbort = false;
-if (plat == "Win32") {
-    moduleName = "fort32.dll";
-    sep = "\\";
-} else if (plat == "Win16") {
-    moduleName = "FORT16.DLL";
-    sep = "\\";
-} else if (plat == "MacPPC") {
-    moduleName = "FortPK11Lib";
-    sep = ":";
-} else if (plat == "AIX4.1") {
-    moduleName = "libfort_shr.a";
-} else if (plat == "SunOS4.1.3_U1") {
-    moduleName = "libfort.so.1.0";        
-} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
-    moduleName = "libfort.so";
-} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
-    moduleName = "libfort.sl";
-} else if (plat == "IRIX6.2"){
-    // The module only works on 6.3, but Communicator returns 6.2 even when
-    // running 6.3.  So in order to prevent the user from thinking
-    // the module actually works on 6.2, we will force the name to 
-    // say 6.3 instead of 6.2.  In the even the user tries to install
-    // on 6.2, the user will see 6.3 instead.  If they don't get it that
-    // it's not going to work at this point in time, then the entire install
-    // process wil just fail miserably, and that is OK.
-    plat = "IRIX6.3";
-    moduleName = "libfort.so";
-} else {
-    window.alert("Sorry, platform "+plat+" is not supported.");
-    bAbort = true;
-}
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Installation Begins...
-if (!bAbort) {
-if (confirm("This script will install a security module. \nIt may over-write older files having the same name. \nDo you want to continue?")) { 
- // Step 1. Create a version object and a software update object 
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0); 
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module"); 
-                 // "Fortezza ... Module" is the logical name of the bundle 
-
- ////////////////////////////////////////
- // Step 2. Start the install process 
- bAbort = false; 
- err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical) 
-                       vi, 
-                       netscape.softupdate.SoftwareUpdate.FULL_INSTALL); 
-                            
- bAbort = (err!=0); 
-
- if (err == 0) { 
-     ////////////////////////////////////////
-    // Step 3. Find out the physical location of the Program dir 
-    Folder = su.GetFolder("Program"); 
-
-     ////////////////////////////////////////
-    // Step 4. Install the files. Unpack them and list where they go 
-
-    err = su.AddSubcomponent("FortezzaLibrary_"+plat, //component name (logical) 
-                                    vi, // version info 
-                                    moduleName, // source file in JAR (physical) 
-                                    Folder, // target folder (physical) 
-                                    dir + moduleName, // target path & filename (physical) 
-                                    true); // forces update 
-    if (err != 0) {
-        if (err == -200) {
-             errmsg = "Bad Package Name.";
-        } else if (err == -201) {
-             errmsg = "Unexpected error.";
-        } else if (err == -203) {
-             errmsg = "Installation script was signed by more than one certificate.";
-        } else if (err == -204) {
-             errmsg = "Installation script was not signed."
-        } else if (err == -205) {
-             errmsg = "The file to be installed is not signed."
-        } else if (err == -206) {
-             errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script.";
-        } else if (err == -207) {
-             errmsg = "JAR archive has not been opened."
-        } else if (err == -208) {
-             errmsg = "Bad arguments to AddSubcomponent( )."
-        } else if (err == -209) {
-             errmsg = "Illegal relative path( )."
-        } else if (err == -210) {
-             errmsg = "User cancelled installation."
-        } else if (err == -211) {
-             errmsg = "A problem occurred with the StartInstall( )."
-        } else {
-             errmsg = "Unknown error";
-        }
-        window.alert("Error adding sub-component: "+"("+err+")"+errmsg); 
-        //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
-        bAbort = true;
-    }
- } 
-
- ////////////////////////////////////////
- // Step 5. Unless there was a problem, move files to final location 
- // and update the Client Version Registry 
- if (bAbort) { 
-    su.AbortInstall(); 
- } else { 
-    err = su.FinalizeInstall(); 
-
-    if (err != 0) {
-
-        if (err == -900) {
-             errmsg = "Restart the computer, and install again.";
-        } else if (err == -201) {
-             errmsg = "Unexpected error.";
-        } else if (err == -202) {
-             errmsg = "Access denied. Make sure you have the permissions to write to the disk.";    
-        } else if (err == -203) {
-             errmsg = "Installation script was signed by more than one certificate.";
-        } else if (err == -204) {
-             errmsg = "Installation script was not signed."
-        } else if (err == -205) {
-             errmsg = "The file to be installed is not signed."
-        } else if (err == -206) {
-             errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script." 
-        } else if (err == -207) {
-             errmsg = "JAR archive has not been opened."
-        } else if (err == -208) {
-             errmsg = "Bad arguments to AddSubcomponent( )."
-        } else if (err == -209) {
-             errmsg = "Illegal relative path( )."
-        } else if (err == -210) {
-             errmsg = "User cancelled installation."
-        } else if (err == -211) {
-             errmsg = "A problem occurred with the StartInstall( )."
-        } else {
-             errmsg = "\nIf you have FORTEZZA module already installed, try deleting it first.";
-        }
-        window.alert("Error Finalizing Install: "+"("+err+")"+errmsg); 
-        //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
-
-    } else {
-
-        // Platform specific full path 
-        if (plat=="Win16") { 
-            fullpath = Folder +  "pkcs11" + sep + moduleName; 
-        } else { 
-            fullpath = Folder +  "pkcs11" + sep + vendor + sep + plat + sep + moduleName; 
-        } 
- 
-         ////////////////////////////////////////
-        // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
-        moduleCommonName = "Netscape FORTEZZA Module " + plat;
-        result = pkcs11.addmodule(moduleCommonName, 
-                              fullpath, 
-                              pkcs11MechanismFlags, 
-                              pkcs11CipherFlags); 
-       if (result == -10) {
-           window.alert("New module was copied to destination, \nbut setup failed because a module "
-                   +"with the same name has been installed. \nTry deleting the module "
-                   + moduleCommonName +" first.")
-       } else if (result < 0) {
-           window.alert("New module was copied to destination, but setup failed.  Error code: " + result); 
-       }           
-    } 
- } 
-}
-}
diff --git a/security/nss/lib/fortcrypt/inst_PPC.js b/security/nss/lib/fortcrypt/inst_PPC.js
deleted file mode 100644
index 490910fff..000000000
--- a/security/nss/lib/fortcrypt/inst_PPC.js
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-// 
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-// 
-// The Original Code is the Netscape security libraries.
-// 
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation.  Portions created by Netscape are 
-// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-// Rights Reserved.
-// 
-// Contributor(s):
-// 
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable 
-// instead of those above.  If you wish to allow use of your 
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL.  If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-// Crypto Mechanism Flags 
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG; 
-  
-
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3 // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2 // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1 // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1 // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2 // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4 // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5 // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6 // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7 // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8 // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9 // The SSL, S/MIME cipher flags are invalid 
-  
-
-if (confirm("This script will install and configure a security module, do you want to continue?")) { 
- // Step 1. Create a version object and a software update object 
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0); 
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module"); 
-                 // "Fortezza ... Module" is the logical name of the bundle 
-
- // Step 2. Start the install process 
- bAbort = false; 
- err = su.StartInstall("NSfortezza", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL); 
-                            // nsfortezza is the component folder (logical) 
-        bAbort = bAbort || (err !=0); 
-
- if (err == 0) { 
-
-    // Step 3. Find out the physical location of the Program dir 
-    Folder = su.GetFolder("Program"); 
-
-    // Step 4. Install the files. Unpack them and list where they go 
-    err = su.AddSubcomponent("FortezzaCardDLL", //component name (logical) 
-                                    vi, // version info 
-                                    "FortPK11Lib", // source file in JAR (physical) 
-                                    Folder, // target folder (physical) 
-                                    "FortPK11Lib", // target path & filename (physical) 
-                                    this.force); // forces update 
-    bAbort = bAbort || (err !=0); 
- } 
-
- // Step 5. Unless there was a problem, move files to final location 
- // and update the Client Version Registry 
- if (bAbort) { 
-    window.alert("Installation Aborted"); 
-    su.AbortInstall(); 
- } else { 
-    err = su.FinalizeInstall(); 
-    window.alert("Files have been installed.\nContinue to setup the newly isntalled module..."); 
-    // Add Module 
-    compFolder = su.GetComponentFolder("NSfortezza/FortezzaCardDLL") + "/FortPK11Lib"; 
-    result = pkcs11.addmodule("Netscape FORTEZZA Module", compFolder, pkcs11MechanismFlags, pkcs11CipherFlags); 
-           if ( result < 0) { 
-               window.alert("New module setup failed.  Error code: " + result); 
-           } else { 
-               window.alert("New module setup completed."); 
-           } 
- } 
-} 
diff --git a/security/nss/lib/fortcrypt/install.js b/security/nss/lib/fortcrypt/install.js
deleted file mode 100644
index e823e213b..000000000
--- a/security/nss/lib/fortcrypt/install.js
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-// 
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-// 
-// The Original Code is the Netscape security libraries.
-// 
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation.  Portions created by Netscape are 
-// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-// Rights Reserved.
-// 
-// Contributor(s):
-// 
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable 
-// instead of those above.  If you wish to allow use of your 
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL.  If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-// Crypto Mechanism Flags 
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG; 
-  
-
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3 // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2 // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1 // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1 // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2 // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4 // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5 // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6 // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7 // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8 // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9 // The SSL, S/MIME cipher flags are invalid 
-  
-
-if (confirm("This script will install and configure a security module, do you want to continue?")) { 
- // Step 1. Create a version object and a software update object 
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0); 
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module"); 
-                 // "Fortezza ... Module" is the logical name of the bundle 
-
- // Step 2. Start the install process 
- bAbort = false; 
- err = su.StartInstall("NSfortezza", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL); 
-                            // nsfortezza is the component folder (logical) 
-        bAbort = bAbort || (err !=0); 
-
- if (err == 0) { 
-
-    // Step 3. Find out the physical location of the Program dir 
-    Folder = su.GetFolder("Program"); 
-
-    // Step 4. Install the files. Unpack them and list where they go 
-    err = su.AddSubcomponent("FortezzaCardDLL", //component name (logical) 
-                                    vi, // version info 
-                                    "DUMMY_DLL", // source file in JAR (physical) 
-                                    Folder, // target folder (physical) 
-                                    "DUMMY_DLL", // target path & filename (physical) 
-                                    this.force); // forces update 
-    bAbort = bAbort || (err !=0); 
- } 
-
- // Step 5. Unless there was a problem, move files to final location 
- // and update the Client Version Registry 
- if (bAbort) { 
-    window.alert("Installation Aborted"); 
-    su.AbortInstall(); 
- } else { 
-    err = su.FinalizeInstall(); 
-    window.alert("Files have been installed.\nContinue to setup the newly isntalled module..."); 
-    // Add Module 
-    compFolder = su.GetComponentFolder("NSfortezza/FortezzaCardDLL") + "/DUMMY_DLL"; 
-    result = pkcs11.addmodule("Netscape FORTEZZA Module", compFolder, pkcs11MechanismFlags, pkcs11CipherFlags); 
-           if ( result < 0) { 
-               window.alert("New module setup failed.  Error code: " + result); 
-           } else { 
-               window.alert("New module setup completed."); 
-           } 
- } 
-} 
diff --git a/security/nss/lib/fortcrypt/maci.c b/security/nss/lib/fortcrypt/maci.c
deleted file mode 100644
index a0120b771..000000000
--- a/security/nss/lib/fortcrypt/maci.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "seccomon.h"
-
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE  extern _declspec( dllexport ) int _cdecl
-#endif /* Windows */
-#include "maci.h"
-
-
-RETURN_TYPE
-MACI_ChangePIN PROTO_LIST( (
-    HSESSION       hSession,
-    int            PINType,
-    CI_PIN CI_FAR  pOldPIN,
-    CI_PIN CI_FAR  pNewPIN ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_CheckPIN PROTO_LIST( (
-    HSESSION       hSession,
-    int            PINType,
-    CI_PIN CI_FAR  pPIN ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Close PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned int   Flags,
-    int            SocketIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Decrypt PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned int   CipherSize,
-    CI_DATA        pCipher,
-    CI_DATA        pPlain ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_DeleteCertificate PROTO_LIST( (
-    HSESSION       hSession,
-    int            CertificateIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_DeleteKey PROTO_LIST( (
-    HSESSION       hSession,
-    int            RegisterIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Encrypt PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned int   PlainSize,
-    CI_DATA        pPlain,
-    CI_DATA        pCipher ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_ExtractX PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_FirmwareUpdate PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned long  Flags,
-    long           Cksum,
-    unsigned int   CksumLength,
-    unsigned int   DataSize,
-    CI_DATA        pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateIV PROTO_LIST( (
-    HSESSION       hSession,
-    CI_IV CI_FAR  pIV ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateMEK PROTO_LIST( (
-    HSESSION       hSession,
-    int  RegisterIndex,
-    int  Reserved ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateRa PROTO_LIST( (
-    HSESSION       hSession,
-    CI_RA CI_FAR   pRa ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateRandom PROTO_LIST( (
-    HSESSION          hSession,
-    CI_RANDOM CI_FAR  pRandom ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateTEK PROTO_LIST( (
-    HSESSION      hSession,
-    int           Flags,
-    int           RegisterIndex,
-    CI_RA CI_FAR  pRa,
-    CI_RB CI_FAR  pRb,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateX PROTO_LIST( (
-    HSESSION      hSession,
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetCertificate PROTO_LIST( (
-    HSESSION               hSession,
-    int                    CertificateIndex,
-    CI_CERTIFICATE CI_FAR  pCertificate ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetConfiguration PROTO_LIST( (
-    HSESSION       hSession,
-    CI_CONFIG_PTR  pConfiguration ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetHash PROTO_LIST( (
-    HSESSION             hSession,
-    unsigned int         DataSize,
-    CI_DATA              pData,
-    CI_HASHVALUE CI_FAR  pHashValue ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetPersonalityList PROTO_LIST( (
-    HSESSION          hSession,
-    int               EntryCount,
-    CI_PERSON CI_FAR  pPersonalityList[] ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetSessionID PROTO_LIST( (
-    HSESSION     *hSession ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetState PROTO_LIST( (
-    HSESSION       hSession,
-    CI_STATE_PTR   pState ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetStatus PROTO_LIST( (
-    HSESSION       hSession,
-    CI_STATUS_PTR  pStatus ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetTime PROTO_LIST( (
-    HSESSION        hSession,
-    CI_TIME CI_FAR  pTime ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Hash PROTO_LIST( (
-    HSESSION      hSession,
-    unsigned int  DataSize,
-    CI_DATA       pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Initialize PROTO_LIST( (
-    int CI_FAR  *SocketCount ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_InitializeHash PROTO_LIST( (
-    HSESSION          hSession ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_InstallX PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pWrappedX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadCertificate PROTO_LIST( (
-    HSESSION               hSession,
-    int                    CertificateIndex,
-    CI_CERT_STR CI_FAR     pCertLabel,
-    CI_CERTIFICATE CI_FAR  pCertificate,
-    long                   Reserved ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadDSAParameters PROTO_LIST( (
-    HSESSION      hSession,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadInitValues PROTO_LIST( (
-    HSESSION            hSession,
-    CI_RANDSEED CI_FAR  pRandSeed,
-    CI_KS CI_FAR        pKs ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadIV PROTO_LIST( (
-    HSESSION      hSession,
-    CI_IV CI_FAR  pIV ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadX PROTO_LIST( (
-    HSESSION      hSession,
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    CI_X CI_FAR   pX,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Lock PROTO_LIST( (
-    HSESSION  hSession,
-    int       Flags ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Open PROTO_LIST( (
-    HSESSION      hSession,
-    unsigned int  Flags,
-    int           SocketIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_RelayX PROTO_LIST( (
-    HSESSION             hSession,
-    CI_PASSWORD CI_FAR   pOldPassword,
-    unsigned int         OldYSize,
-    CI_Y CI_FAR          pOldY,
-    CI_RA CI_FAR         pOldRa,
-    CI_WRAPPED_X CI_FAR  pOldWrappedX,
-    CI_PASSWORD CI_FAR   pNewPassword,
-    unsigned int         NewYSize,
-    CI_Y CI_FAR          pNewY,
-    CI_RA CI_FAR         pNewRa,
-    CI_WRAPPED_X CI_FAR  pNewWrappedX ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Reset PROTO_LIST( (
-    HSESSION          hSession ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Restore PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Save PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Select PROTO_LIST( (
-    HSESSION  hSession,
-    int       SocketIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetConfiguration PROTO_LIST( (
-    HSESSION      hSession,
-    int           Type,
-    unsigned int  DataSize,
-    CI_DATA       pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetKey PROTO_LIST( (
-    HSESSION     hSession,
-    int  RegisterIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetMode PROTO_LIST( (
-    HSESSION hSession,
-    int      CryptoType,
-    int      CryptoMode ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetPersonality PROTO_LIST( (
-    HSESSION hSession,
-    int      CertificateIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetTime PROTO_LIST( (
-    HSESSION        hSession,
-    CI_TIME CI_FAR  pTime ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Sign PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Terminate PROTO_LIST( (
-    HSESSION          hSession ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_TimeStamp PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) ) {
-    return CI_ERROR;
-}
-  
-RETURN_TYPE
-MACI_Unlock PROTO_LIST( (
-    HSESSION          hSession)  ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_UnwrapKey PROTO_LIST( (
-    HSESSION       hSession,
-    int            UnwrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_VerifySignature PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_SIGNATURE CI_FAR  pSignature ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_VerifyTimeStamp PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_WrapKey PROTO_LIST( (
-    HSESSION       hSession,
-    int            WrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Zeroize PROTO_LIST( (
-    HSESSION          hSession ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_ChangePIN PROTO_LIST( (
-    int            PINType,
-    CI_PIN CI_FAR  pOldPIN,
-    CI_PIN CI_FAR  pNewPIN ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_CheckPIN PROTO_LIST( (
-    int            PINType,
-    CI_PIN CI_FAR  pPIN ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Close PROTO_LIST( (
-    unsigned int   Flags,
-    int            SocketIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Decrypt PROTO_LIST( (
-    unsigned int   CipherSize,
-    CI_DATA        pCipher,
-    CI_DATA        pPlain ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_DeleteCertificate PROTO_LIST( (
-    int            CertificateIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_DeleteKey PROTO_LIST( (
-    int            RegisterIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Encrypt PROTO_LIST( (
-    unsigned int   PlainSize,
-    CI_DATA        pPlain,
-    CI_DATA        pCipher ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_ExtractX PROTO_LIST( (
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_FirmwareUpdate PROTO_LIST( (
-    unsigned long  Flags,
-    long           Cksum,
-    unsigned int   CksumLength,
-    unsigned int   DataSize,
-    CI_DATA        pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateIV PROTO_LIST( (
-    CI_IV CI_FAR  pIV ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateMEK PROTO_LIST( (
-    int  RegisterIndex,
-    int  Reserved ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateRa PROTO_LIST( (
-    CI_RA CI_FAR   pRa ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateRandom PROTO_LIST( (
-    CI_RANDOM CI_FAR  pRandom ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateTEK PROTO_LIST( (
-    int           Flags,
-    int           RegisterIndex,
-    CI_RA CI_FAR  pRa,
-    CI_RB CI_FAR  pRb,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateX PROTO_LIST( (
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetCertificate PROTO_LIST( (
-    int                    CertificateIndex,
-    CI_CERTIFICATE CI_FAR  pCertificate ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetConfiguration PROTO_LIST( (
-    CI_CONFIG_PTR  pConfiguration ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetHash PROTO_LIST( (
-    unsigned int         DataSize,
-    CI_DATA              pData,
-    CI_HASHVALUE CI_FAR  pHashValue ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetPersonalityList PROTO_LIST( (
-    int               EntryCount,
-    CI_PERSON CI_FAR  pPersonalityList[] ) ) {
-    return CI_ERROR;
-}
-
-
-RETURN_TYPE
-CI_GetState PROTO_LIST( (
-    CI_STATE_PTR   pState ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetStatus PROTO_LIST( (
-    CI_STATUS_PTR  pStatus ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetTime PROTO_LIST( (
-    CI_TIME CI_FAR  pTime ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Hash PROTO_LIST( (
-    unsigned int  DataSize,
-    CI_DATA       pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Initialize PROTO_LIST( (
-    int CI_FAR  *SocketCount ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_InitializeHash PROTO_LIST( () ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_InstallX PROTO_LIST( (
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pWrappedX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadCertificate PROTO_LIST( (
-    int                    CertificateIndex,
-    CI_CERT_STR CI_FAR     pCertLabel,
-    CI_CERTIFICATE CI_FAR  pCertificate,
-    long                   Reserved ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadDSAParameters PROTO_LIST( (
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadInitValues PROTO_LIST( (
-    CI_RANDSEED CI_FAR  pRandSeed,
-    CI_KS CI_FAR        pKs ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadIV PROTO_LIST( (
-    CI_IV CI_FAR  pIV ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadX PROTO_LIST( (
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    CI_X CI_FAR   pX,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Lock PROTO_LIST( (
-    int       Flags ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Open PROTO_LIST( (
-    unsigned int  Flags,
-    int           SocketIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_RelayX PROTO_LIST( (
-    CI_PASSWORD CI_FAR   pOldPassword,
-    unsigned int         OldYSize,
-    CI_Y CI_FAR          pOldY,
-    CI_RA CI_FAR         pOldRa,
-    CI_WRAPPED_X CI_FAR  pOldWrappedX,
-    CI_PASSWORD CI_FAR   pNewPassword,
-    unsigned int         NewYSize,
-    CI_Y CI_FAR          pNewY,
-    CI_RA CI_FAR         pNewRa,
-    CI_WRAPPED_X CI_FAR  pNewWrappedX ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Reset PROTO_LIST( ( ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Restore PROTO_LIST( (
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Save PROTO_LIST( (
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Select PROTO_LIST( (
-    int       SocketIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetConfiguration PROTO_LIST( (
-    int           Type,
-    unsigned int  DataSize,
-    CI_DATA       pData ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetKey PROTO_LIST( (
-    int  RegisterIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetMode PROTO_LIST( (
-    int      CryptoType,
-    int      CryptoMode ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetPersonality PROTO_LIST( (
-    int      CertificateIndex ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetTime PROTO_LIST( (
-    CI_TIME CI_FAR  pTime ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Sign PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Terminate PROTO_LIST( ( ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_TimeStamp PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) ) {
-    return CI_ERROR;
-}
-  
-RETURN_TYPE
-CI_Unlock PROTO_LIST( ()  ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_UnwrapKey PROTO_LIST( (
-    int            UnwrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_VerifySignature PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_SIGNATURE CI_FAR  pSignature ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_VerifyTimeStamp PROTO_LIST( (
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) ) {
-    return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_WrapKey PROTO_LIST( (
-    int            WrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) ) {
-    return CI_ERROR;
-}
-
diff --git a/security/nss/lib/fortcrypt/maci.h b/security/nss/lib/fortcrypt/maci.h
deleted file mode 100644
index eb38ff81c..000000000
--- a/security/nss/lib/fortcrypt/maci.h
+++ /dev/null
@@ -1,776 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* @(#)maci.h	1.27\t05 Jan 1996 */
-/*****************************************************************************
-  Definitive Fortezza header file.
-  Application Level Interface to Fortezza MACI Library.
- 
-  Version for CI Library 1.52
-    January 5, 1996
-
-
-  NOTICE: Fortezza Export Policy
-
-    The Fortezza Cryptologic Interface (CI) Library (both source and 
-    object) and Fortezza CI Library based applications are defense 
-    articles, as defined in the International Traffic In Arms 
-    Regulations (ITAR), and are subject to export controls under the 
-    ITAR and the Arms Export Control Act. Any export to any country 
-    of (a) the Fortezza CI Library, related documentation, and 
-    technical data, or (b) your cryptographic application, process, 
-    or service that is the direct product of, or contains the 
-    Fortezza CI Library must comply with the requirements of the ITAR. 
-    If you or your customer intends to engage in such export, contact 
-    the United States Department of State, Office of Defense Trade 
-    Controls for specific guidance.
-
-
- ****************************************************************************/
-#ifndef __MACI_H
-#define __MACI_H
-
-#if __cplusplus__ || __cplusplus
-extern "C"
-{
-#endif /* C++ */
-
-
-#ifndef __CRYPTINT_H
-
-#ifndef PROTO_LIST
-#ifdef _K_AND_R_
-#define PROTO_LIST(list)  ()
-#else
-#define PROTO_LIST(list)  list
-#endif /*_K_AND_R_ */
-#endif /* PROTO_LIST */
-
-
-#ifndef RETURN_TYPE
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE  extern _declspec( dllimport ) int _cdecl
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define RETURN_TYPE  extern int _far _pascal
-#else
-#define RETURN_TYPE  extern int
-#endif /* Windows */
-#endif /* RETURN_TYPE */
-
-/* MS Visual C++ defines _MSDOS and _WINDOWS    */
-/* Borland C/C++ defines __MSDOS__ and _Windows */
-#if (defined( _WINDOWS ) || defined( _Windows )) && \
-    !(defined( _WIN32 ) || defined( __WIN32__ ))
-#define CI_FAR  _far
-#else
-#define CI_FAR
-#endif /* MS DOS or Windows */
-
-
-/*****************************************************************************
-  Constants
- ****************************************************************************/
-#define CI_LIB_VERSION_VAL        0x0152    /* Version 1.52 */
-
-#define CI_CERT_SIZE              2048
-#define CI_CERT_FLAGS_SIZE        16
-#define CI_CERT_NAME_SIZE         32
-#define CI_CHALLENGE_SIZE         20
-
-#define CI_G_SIZE                 128
-
-#define CI_HASHVALUE_SIZE         20
-
-#define CI_IV_SIZE                24
-
-#define CI_KEY_SIZE               12
-#define CI_KS_SIZE                10
-
-#define CI_NAME_SIZE              32
-
-#define CI_PASSWORD_SIZE          24
-#define CI_PIN_SIZE               12
-#define CI_P_SIZE                 128
-
-#define CI_Q_SIZE                 20
-
-#define CI_R_SIZE                 40
-#define CI_RANDOM_NO_SIZE         20
-#define CI_RANDOM_SEED_SIZE       8
-#define CI_RA_SIZE                128
-#define CI_RB_SIZE                128
-#define CI_REG_FLAGS_SIZE         4
-
-#define CI_S_SIZE                 40
-#define CI_SAVE_DATA_SIZE         28
-#define CI_SERIAL_NUMBER_SIZE     8
-#define CI_SIGNATURE_SIZE         40
-#define CI_STATUS_FLAGS_SIZE      4
-
-#define CI_TIME_SIZE              16
-#define CI_TIMESTAMP_SIZE         16
-
-#define CI_WRAPPED_X_SIZE         24
-
-#define CI_Y_SIZE                 128
-
-#define CI_X_SIZE                 20
-
-
-/* Miscellaneous */
-#define CI_NULL_FLAG              0 
-#define CI_POWER_DOWN_FLAG        2
-#define CI_NO_LOG_OFF_FLAG        4
-#define CI_INITIATOR_FLAG         0
-#define CI_RECIPIENT_FLAG         1
-
-#define CI_BLOCK_LOCK_FLAG        1
-#define CI_SSO_LOGGED_ON          0x40
-#define CI_USER_LOGGED_ON         0x00
-#define CI_FAST_MODE              0x10
-#define CI_SLOW_MODE              0x00
-#define CI_WORST_CASE_MODE        0x40
-#define CI_TYPICAL_CASE_MODE      0x00
-
-/* Card Public Key Algorithms Types */
-#define CI_DSA_TYPE               0xA
-#define CI_KEA_TYPE               0x5
-#define CI_DSA_KEA_TYPE           0xF
-
-/* Fortezza Pin Types */
-#define CI_SSO_PIN                0x25
-#define CI_USER_PIN               0x2A
-
-/* Crypto Types */
-#define CI_ENCRYPT_TYPE           0
-#define CI_DECRYPT_TYPE           1
-#define CI_HASH_TYPE              2
-
-/* Save and Restore Types */
-#define CI_ENCRYPT_INT_TYPE       0x00      /* Internal Encryption */
-#define CI_ENCRYPT_EXT_TYPE       0x10      /* External Encryption */
-#define CI_DECRYPT_INT_TYPE       0x01      /* Internal Decryption */
-#define CI_DECRYPT_EXT_TYPE       0x11      /* External Decryption */
-#define CI_HASH_INT_TYPE          0x02      /* Internal Hash */
-#define CI_HASH_EXT_TYPE          0x12      /* External Hash */
-#define CI_TYPE_EXT_FLAG          0x10      /* Used to differentiate */
-
-/* Configuration types */
-#define CI_SET_SPEED_TYPE         1
-#define CI_SET_TIMING_TYPE        2
-
-/* Lock States */
-#define CI_SOCKET_UNLOCKED        0
-#define CI_HOLD_LOCK              1
-#define CI_SOCKET_LOCKED          2
-   
-/* Fortezza Crypto Types Modes */
-#define CI_ECB64_MODE             0
-#define CI_CBC64_MODE             1
-#define CI_OFB64_MODE             2
-#define CI_CFB64_MODE             3
-#define CI_CFB32_MODE             4
-#define CI_CFB16_MODE             5
-#define CI_CFB8_MODE              6
-
-/* Card States */
-#define CI_POWER_UP               0
-#define CI_UNINITIALIZED          1
-#define CI_INITIALIZED            2
-#define CI_SSO_INITIALIZED        3
-#define CI_LAW_INITIALIZED        4
-#define CI_USER_INITIALIZED       5
-#define CI_STANDBY                6
-#define CI_READY                  7
-#define CI_ZEROIZE                8
-#define CI_INTERNAL_FAILURE       (-1)
-
-/* Flags for Firmware Update. */
-#if !defined( _K_AND_R_ )
-
-#define CI_NOT_LAST_BLOCK_FLAG    0x00000000UL
-#define CI_LAST_BLOCK_FLAG        0x80000000UL
-#define CI_DESTRUCTIVE_FLAG       0x000000FFUL
-#define CI_NONDESTRUCTIVE_FLAG    0x0000FF00UL
-
-#else
-
-#define CI_NOT_LAST_BLOCK_FLAG    0x00000000L
-#define CI_LAST_BLOCK_FLAG        0x80000000L
-#define CI_DESTRUCTIVE_FLAG       0x000000FFL
-#define CI_NONDESTRUCTIVE_FLAG    0x0000FF00L
-
-#endif /* _K_AND_R_ */
-
-/****************************************************************************
-  Fortezza Library Return Codes
- ***************************************************************************/
-
-/* Card Responses */
-#define CI_OK                     0
-#define CI_FAIL                   1
-#define CI_CHECKWORD_FAIL         2
-#define CI_INV_TYPE               3
-#define CI_INV_MODE               4
-#define CI_INV_KEY_INDEX          5
-#define CI_INV_CERT_INDEX         6
-#define CI_INV_SIZE               7
-#define CI_INV_HEADER             8
-#define CI_INV_STATE              9
-#define CI_EXEC_FAIL              10
-#define CI_NO_KEY                 11
-#define CI_NO_IV                  12
-#define CI_NO_X                   13
-
-#define CI_NO_SAVE                15
-#define CI_REG_IN_USE             16
-#define CI_INV_COMMAND            17
-#define CI_INV_POINTER            18
-#define CI_BAD_CLOCK              19
-#define CI_NO_DSA_PARMS           20
-
-/* Library Errors */
-#define CI_ERROR                  (-1)
-#define CI_LIB_NOT_INIT           (-2)
-#define CI_CARD_NOT_READY         (-3)
-#define CI_CARD_IN_USE            (-4)
-#define CI_TIME_OUT               (-5)
-#define CI_OUT_OF_MEMORY          (-6)
-#define CI_NULL_PTR               (-7)
-#define CI_BAD_SIZE               (-8)
-#define CI_NO_DECRYPT             (-9)
-#define CI_NO_ENCRYPT             (-10)
-#define CI_NO_EXECUTE             (-11)
-#define CI_BAD_PARAMETER          (-12)
-#define CI_OUT_OF_RESOURCES       (-13)
-
-#define CI_NO_CARD                (-20)
-#define CI_NO_DRIVER              (-21)
-#define CI_NO_CRDSRV              (-22)
-#define CI_NO_SCTSRV              (-23)
-
-#define CI_BAD_CARD               (-30)
-#define CI_BAD_IOCTL              (-31)
-#define CI_BAD_READ               (-32)
-#define CI_BAD_SEEK               (-33)
-#define CI_BAD_WRITE              (-34)
-#define CI_BAD_FLUSH              (-35)
-#define CI_BAD_IOSEEK             (-36)
-#define CI_BAD_ADDR               (-37)
-
-#define CI_INV_SOCKET_INDEX       (-40)
-#define CI_SOCKET_IN_USE          (-41)
-#define CI_NO_SOCKET              (-42)
-#define CI_SOCKET_NOT_OPENED      (-43)
-#define CI_BAD_TUPLES             (-44)
-#define CI_NOT_A_CRYPTO_CARD      (-45)
-
-#define CI_INVALID_FUNCTION       (-50)
-#define CI_LIB_ALRDY_INIT         (-51)
-#define CI_SRVR_ERROR             (-52)
-#define MACI_SESSION_EXCEEDED     (-53)
-
-
-/*****************************************************************************
-  Data Structures
- ****************************************************************************/
-
-
-typedef unsigned char   CI_CERTIFICATE[CI_CERT_SIZE];
-
-typedef unsigned char   CI_CERT_FLAGS[CI_CERT_FLAGS_SIZE];
-
-typedef unsigned char   CI_CERT_STR[CI_CERT_NAME_SIZE+4];
-
-typedef unsigned char   CI_FAR *CI_DATA;
-
-typedef unsigned char   CI_G[CI_G_SIZE];
-
-typedef unsigned char   CI_HASHVALUE[CI_HASHVALUE_SIZE];
-
-typedef unsigned char   CI_IV[CI_IV_SIZE];
-
-typedef unsigned char   CI_KEY[CI_KEY_SIZE];
-
-typedef unsigned char   CI_KS[CI_KS_SIZE];
-
-typedef unsigned char   CI_P[CI_P_SIZE];
-
-typedef unsigned char   CI_PASSWORD[CI_PASSWORD_SIZE + 4];
-
-typedef unsigned char   CI_PIN[CI_PIN_SIZE + 4];
-
-typedef unsigned char   CI_Q[CI_Q_SIZE];
-
-typedef unsigned char   CI_RA[CI_RA_SIZE];
-
-typedef unsigned char   CI_RB[CI_RB_SIZE];
-
-typedef unsigned char   CI_RANDOM[CI_RANDOM_NO_SIZE];
-
-typedef unsigned char   CI_RANDSEED[CI_RANDOM_SEED_SIZE];
-
-typedef unsigned char   CI_REG_FLAGS[CI_REG_FLAGS_SIZE];
-
-typedef unsigned char   CI_SIGNATURE[CI_SIGNATURE_SIZE];
-
-typedef unsigned char   CI_SAVE_DATA[CI_SAVE_DATA_SIZE];
-
-typedef unsigned char   CI_SERIAL_NUMBER[CI_SERIAL_NUMBER_SIZE];
-
-typedef unsigned int    CI_STATE, CI_FAR *CI_STATE_PTR;
-
-typedef unsigned char   CI_TIME[CI_TIME_SIZE];
-
-typedef unsigned char   CI_TIMESTAMP[CI_TIMESTAMP_SIZE];
-
-typedef unsigned char   CI_WRAPPED_X[CI_WRAPPED_X_SIZE];
-
-typedef unsigned char   CI_Y[CI_Y_SIZE];
-
-typedef unsigned char   CI_X[CI_X_SIZE];
-
-typedef struct {
-    int     LibraryVersion;                 /* CI Library version */
-    int     ManufacturerVersion;            /* Card's hardware version */
-    char    ManufacturerName[CI_NAME_SIZE+4]; /* Card manufacturer's name*/
-    char    ProductName[CI_NAME_SIZE+4];    /* Card's product name */
-    char    ProcessorType[CI_NAME_SIZE+4];  /* Card's processor type */
-    unsigned long  UserRAMSize;             /* Amount of User RAM in bytes */
-    unsigned long  LargestBlockSize;        /* Largest block of data to pass in */
-    int     KeyRegisterCount;               /* Number of key registers */
-    int     CertificateCount;               /* Maximum number of personalities (# certs-1) */
-    int     CryptoCardFlag;                 /* A flag that if non-zero indicates that there is
-                                               a Crypto-Card in the socket. If this value is
-                                               zero then there is NOT a Crypto-Card in the
-                                               sockets. */
-    int     ICDVersion;                     /* The ICD compliance level */
-    int     ManufacturerSWVer;              /* The Manufacturer's Software Version */
-    int     DriverVersion;                  /* Driver Version */
-} CI_CONFIG, CI_FAR *CI_CONFIG_PTR;
-
-typedef struct {
-    int          CertificateIndex;          /* Index from 1 to CertificateCount */
-    CI_CERT_STR  CertLabel;                 /* The certificate label */
-} CI_PERSON, CI_FAR *CI_PERSON_PTR;
-
-typedef struct {
-     int    CurrentSocket;                  /* The currently selected socket */
-     int    LockState;                      /* Lock status of the current socket */
-     CI_SERIAL_NUMBER  SerialNumber;        /* Serial number of the Crypto Engine chip */
-     CI_STATE  CurrentState;                /* State of The Card */
-     int    DecryptionMode;                 /* Decryption mode of The Card */
-     int    EncryptionMode;                 /* Encryption mode of The Card */
-     int    CurrentPersonality;             /* Index of the current personality */
-     int    KeyRegisterCount;               /* No. of Key Register on The Card */
-     CI_REG_FLAGS   KeyRegisterFlags;       /* Bit Masks indicating Key Register use */
-     int    CertificateCount;               /* No. of Certificates on The Card */
-     CI_CERT_FLAGS  CertificateFlags;       /* Bit Mask indicating certificate use */
-     unsigned char  Flags[CI_STATUS_FLAGS_SIZE];  
-                                            /* Flag[0] : bit 6 for Condition mode */
-                                            /*           bit 4 for Clock mode */
-} CI_STATUS, CI_FAR *CI_STATUS_PTR;
-
-#endif
-
-/*  Session constants */
-#ifndef HSESSION_DEFINE
-typedef unsigned int    HSESSION;
-#define HSESSION_DEFINE
-#endif
-#define MAXSESSION 100
-
-/*****************************************************************************
-  Function Call Prototypes
- ****************************************************************************/
-
-RETURN_TYPE
-MACI_ChangePIN PROTO_LIST( (
-    HSESSION       hSession,
-    int            PINType,
-    CI_PIN CI_FAR  pOldPIN,
-    CI_PIN CI_FAR  pNewPIN ) );
-
-RETURN_TYPE
-MACI_CheckPIN PROTO_LIST( (
-    HSESSION       hSession,
-    int            PINType,
-    CI_PIN CI_FAR  pPIN ) );
-
-RETURN_TYPE
-MACI_Close PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned int   Flags,
-    int            SocketIndex ) );
-
-RETURN_TYPE
-MACI_Decrypt PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned int   CipherSize,
-    CI_DATA        pCipher,
-    CI_DATA        pPlain ) );
-
-RETURN_TYPE
-MACI_DeleteCertificate PROTO_LIST( (
-    HSESSION       hSession,
-    int            CertificateIndex ) );
-
-RETURN_TYPE
-MACI_DeleteKey PROTO_LIST( (
-    HSESSION       hSession,
-    int            RegisterIndex ) );
-
-RETURN_TYPE
-MACI_Encrypt PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned int   PlainSize,
-    CI_DATA        pPlain,
-    CI_DATA        pCipher ) );
-
-RETURN_TYPE
-MACI_ExtractX PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) );
-
-RETURN_TYPE
-MACI_FirmwareUpdate PROTO_LIST( (
-    HSESSION       hSession,
-    unsigned long  Flags,
-    long           Cksum,
-    unsigned int   CksumLength,
-    unsigned int   DataSize,
-    CI_DATA        pData ) );
-
-RETURN_TYPE
-MACI_GenerateIV PROTO_LIST( (
-    HSESSION       hSession,
-    CI_IV CI_FAR  pIV ) );
-
-RETURN_TYPE
-MACI_GenerateMEK PROTO_LIST( (
-    HSESSION       hSession,
-    int  RegisterIndex,
-    int  Reserved ) );
-
-RETURN_TYPE
-MACI_GenerateRa PROTO_LIST( (
-    HSESSION       hSession,
-    CI_RA CI_FAR   pRa ) );
-
-RETURN_TYPE
-MACI_GenerateRandom PROTO_LIST( (
-    HSESSION          hSession,
-    CI_RANDOM CI_FAR  pRandom ) );
-
-RETURN_TYPE
-MACI_GenerateTEK PROTO_LIST( (
-    HSESSION      hSession,
-    int           Flags,
-    int           RegisterIndex,
-    CI_RA CI_FAR  pRa,
-    CI_RB CI_FAR  pRb,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) );
-
-RETURN_TYPE
-MACI_GenerateX PROTO_LIST( (
-    HSESSION      hSession,
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) );
-
-RETURN_TYPE
-MACI_GetCertificate PROTO_LIST( (
-    HSESSION               hSession,
-    int                    CertificateIndex,
-    CI_CERTIFICATE CI_FAR  pCertificate ) );
-
-RETURN_TYPE
-MACI_GetConfiguration PROTO_LIST( (
-    HSESSION       hSession,
-    CI_CONFIG_PTR  pConfiguration ) );
-
-RETURN_TYPE
-MACI_GetHash PROTO_LIST( (
-    HSESSION             hSession,
-    unsigned int         DataSize,
-    CI_DATA              pData,
-    CI_HASHVALUE CI_FAR  pHashValue ) );
-
-RETURN_TYPE
-MACI_GetPersonalityList PROTO_LIST( (
-    HSESSION          hSession,
-    int               EntryCount,
-    CI_PERSON CI_FAR  pPersonalityList[] ) );
-
-RETURN_TYPE
-MACI_GetSessionID PROTO_LIST( (
-    HSESSION     *hSession ) );
-
-RETURN_TYPE
-MACI_GetState PROTO_LIST( (
-    HSESSION       hSession,
-    CI_STATE_PTR   pState ) );
-
-RETURN_TYPE
-MACI_GetStatus PROTO_LIST( (
-    HSESSION       hSession,
-    CI_STATUS_PTR  pStatus ) );
-
-RETURN_TYPE
-MACI_GetTime PROTO_LIST( (
-    HSESSION        hSession,
-    CI_TIME CI_FAR  pTime ) );
-
-RETURN_TYPE
-MACI_Hash PROTO_LIST( (
-    HSESSION      hSession,
-    unsigned int  DataSize,
-    CI_DATA       pData ) );
-
-RETURN_TYPE
-MACI_Initialize PROTO_LIST( (
-    int CI_FAR  *SocketCount ) );
-
-RETURN_TYPE
-MACI_InitializeHash PROTO_LIST( (
-    HSESSION          hSession ) );
-
-RETURN_TYPE
-MACI_InstallX PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CertificateIndex,
-    int                  AlgorithmType,
-    CI_PASSWORD CI_FAR   pPassword,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_WRAPPED_X CI_FAR  pWrappedX,
-    CI_RA CI_FAR         pRa,
-    unsigned int         PandGSize,
-    unsigned int         QSize,
-    CI_P CI_FAR          pP,
-    CI_Q CI_FAR          pQ,
-    CI_G CI_FAR          pG ) );
-
-RETURN_TYPE
-MACI_LoadCertificate PROTO_LIST( (
-    HSESSION               hSession,
-    int                    CertificateIndex,
-    CI_CERT_STR CI_FAR     pCertLabel,
-    CI_CERTIFICATE CI_FAR  pCertificate,
-    long                   Reserved ) );
-
-RETURN_TYPE
-MACI_LoadDSAParameters PROTO_LIST( (
-    HSESSION      hSession,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG ) );
-
-RETURN_TYPE
-MACI_LoadInitValues PROTO_LIST( (
-    HSESSION            hSession,
-    CI_RANDSEED CI_FAR  pRandSeed,
-    CI_KS CI_FAR        pKs ) );
-
-RETURN_TYPE
-MACI_LoadIV PROTO_LIST( (
-    HSESSION      hSession,
-    CI_IV CI_FAR  pIV ) );
-
-RETURN_TYPE
-MACI_LoadX PROTO_LIST( (
-    HSESSION      hSession,
-    int           CertificateIndex,
-    int           AlgorithmType,
-    unsigned int  PandGSize,
-    unsigned int  QSize,
-    CI_P CI_FAR   pP,
-    CI_Q CI_FAR   pQ,
-    CI_G CI_FAR   pG,
-    CI_X CI_FAR   pX,
-    unsigned int  YSize,
-    CI_Y CI_FAR   pY ) );
-
-RETURN_TYPE
-MACI_Lock PROTO_LIST( (
-    HSESSION  hSession,
-    int       Flags ) );
-
-RETURN_TYPE
-MACI_Open PROTO_LIST( (
-    HSESSION      hSession,
-    unsigned int  Flags,
-    int           SocketIndex ) );
-
-RETURN_TYPE
-MACI_RelayX PROTO_LIST( (
-    HSESSION             hSession,
-    CI_PASSWORD CI_FAR   pOldPassword,
-    unsigned int         OldYSize,
-    CI_Y CI_FAR          pOldY,
-    CI_RA CI_FAR         pOldRa,
-    CI_WRAPPED_X CI_FAR  pOldWrappedX,
-    CI_PASSWORD CI_FAR   pNewPassword,
-    unsigned int         NewYSize,
-    CI_Y CI_FAR          pNewY,
-    CI_RA CI_FAR         pNewRa,
-    CI_WRAPPED_X CI_FAR  pNewWrappedX ) );
-
-RETURN_TYPE
-MACI_Reset PROTO_LIST( (
-    HSESSION          hSession ) );
-
-RETURN_TYPE
-MACI_Restore PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) );
-
-RETURN_TYPE
-MACI_Save PROTO_LIST( (
-    HSESSION             hSession,
-    int                  CryptoType,
-    CI_SAVE_DATA CI_FAR  pData ) );
-
-RETURN_TYPE
-MACI_Select PROTO_LIST( (
-    HSESSION  hSession,
-    int       SocketIndex ) );
-
-RETURN_TYPE
-MACI_SetConfiguration PROTO_LIST( (
-    HSESSION      hSession,
-    int           Type,
-    unsigned int  DataSize,
-    CI_DATA       pData ) );
-
-RETURN_TYPE
-MACI_SetKey PROTO_LIST( (
-    HSESSION     hSession,
-    int  RegisterIndex ) );
-
-RETURN_TYPE
-MACI_SetMode PROTO_LIST( (
-    HSESSION hSession,
-    int      CryptoType,
-    int      CryptoMode ) );
-
-RETURN_TYPE
-MACI_SetPersonality PROTO_LIST( (
-    HSESSION hSession,
-    int      CertificateIndex ) );
-
-RETURN_TYPE
-MACI_SetTime PROTO_LIST( (
-    HSESSION        hSession,
-    CI_TIME CI_FAR  pTime ) );
-
-RETURN_TYPE
-MACI_Sign PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature ) );
-
-RETURN_TYPE
-MACI_Terminate PROTO_LIST( (
-    HSESSION          hSession ) );
-
-RETURN_TYPE
-MACI_TimeStamp PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) );
-  
-RETURN_TYPE
-MACI_Unlock PROTO_LIST( (
-    HSESSION          hSession)  );
-
-RETURN_TYPE
-MACI_UnwrapKey PROTO_LIST( (
-    HSESSION       hSession,
-    int            UnwrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) );
-
-RETURN_TYPE
-MACI_VerifySignature PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    unsigned int         YSize,
-    CI_Y CI_FAR          pY,
-    CI_SIGNATURE CI_FAR  pSignature ) );
-
-RETURN_TYPE
-MACI_VerifyTimeStamp PROTO_LIST( (
-    HSESSION             hSession,
-    CI_HASHVALUE CI_FAR  pHashValue,
-    CI_SIGNATURE CI_FAR  pSignature,
-    CI_TIMESTAMP CI_FAR  pTimeStamp ) );
-
-RETURN_TYPE
-MACI_WrapKey PROTO_LIST( (
-    HSESSION       hSession,
-    int            WrapIndex,
-    int            KeyIndex,
-    CI_KEY CI_FAR  pKey ) );
-
-RETURN_TYPE
-MACI_Zeroize PROTO_LIST( (
-    HSESSION          hSession ) );
-
-#if __cplusplus__ || __cplusplus
-}
-#endif /* C++ */
-
-#endif /* CRYPTINT_H */
-
diff --git a/security/nss/lib/fortcrypt/macinst.htm b/security/nss/lib/fortcrypt/macinst.htm
deleted file mode 100644
index cf3988157..000000000
--- a/security/nss/lib/fortcrypt/macinst.htm
+++ /dev/null
@@ -1,148 +0,0 @@
-<HTML>
-<--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
--->
-<TITLE>MAC Installer</TITLE>
-
-<SCRIPT>
-// Crypto Mechanism Flags 
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG; 
-  
-
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3 // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2 // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1 // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1 // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2 // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4 // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5 // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6 // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7 // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8 // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9 // The SSL, S/MIME cipher flags are invalid 
-
-var new_window;
-var has_new_window = 0;
-
-function colonize(string) {
-	len = string.length;
-	end = len -1;
-
-	if (len == 0) return string;
-
-
-	for (i=0; i < len; i++) {
-	   if (string.charAt(i) == "/") {
-		if (i == 0) {
-		    new_string = ":" + string.substring(1,len);
-		} else if (i == end) {
-		    new_string = string.substring(0,i)+':';
-		} else {
-		    new_string = string.substring(0,i)+':'+
-						string.substring(i+1,len);
-		}
-		string = new_string;
-	   }
-	}
-
-	if (string.charAt(0) == ":") string = string.substring(1,len);
-	return string;
-}
-
-function DoInstall(module) {
-	    module = colonize(module);
-	result = pkcs11.addmodule("Netscape FORTEZZA Module", module, pkcs11MechanismFlags, pkcs11CipherFlags); 
-	if ( result < 0) { 
-	  window.alert("New module setup failed.  Error code: " + result); 
-	}
-	if (has_new_window) new_window.close();
-}
-
-function DoUnpack(name) {
-	new_window = open(name,"unpacking","toolbar=no,location=no,status=yes,scrollbar=no,width=50,height=50");
-	has_new_window = 1;
-}
-
-filename=navigator.platform+".hqx"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>Mac Fortezza Installer</H2>");
-document.writeln("<I>You must first unpack the <b>"+filename+"</b> file.");
-document.writeln(" Do that by clicking on button below.</i><p>");
-document.writeln("<Input type=button value=Unpack name=unpack onclick=DoUnpack(\""+filename+"\"); ><p>");
-document.writeln("<I>Then move <b>FortPK11Lib</b> to an appropriate directory ");
-document.writeln(" enter that directory below, then click the Install button.</i><p>");
-document.writeln(" Module Name: <Input Type=FILE Name=module><p>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln(  "document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/manifest.mn b/security/nss/lib/fortcrypt/manifest.mn
deleted file mode 100644
index 6dc9019c4..000000000
--- a/security/nss/lib/fortcrypt/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH		= ../../..
-
-MODULE		= security
-LIBRARY_NAME	= fort
-#LIBRARY_VERSION	= 32
-
-DIRS = swfort
-
-CSRCS		= forsock.c  \
-		  fortpk11.c \
-		  fmutex.c   \
-		  $(NULL)
-
-EXPORTS		= 
-PRIVATE_EXPORTS = maci.h cryptint.h
-
-REQUIRES	= security dbm
-
diff --git a/security/nss/lib/fortcrypt/replace.c b/security/nss/lib/fortcrypt/replace.c
deleted file mode 100644
index b4c5edd18..000000000
--- a/security/nss/lib/fortcrypt/replace.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-# include <stdio.h>
-# include <string.h>
-
-int main(int argc, char* argv[]) {
-    FILE *templ;
-    FILE *target;
-    unsigned char buffer[81];
-    unsigned char *find, *replace;
-    int matchcount = 0;
-    int ch;
-    int len;
-
-    buffer[0] = '\0';
-
-    if (argc != 5) {
-        fprintf(stderr, "usuage: replace template.js searchstring replacestring target.js \n");
-        return 1;
-    }
-
-    templ = fopen(argv[1], "r");
-    if (!templ) {
-        fprintf(stderr, "Cannot open template script %s\n", argv[1]);
-        return 2;
-    }
-
-    find = (unsigned char*) argv[2];
-    replace = (unsigned char*) argv[3];
-
-    target = fopen(argv[4], "w");
-    if (!target) {
-        fclose(templ);
-        fprintf(stderr, "Cannot write to target script %s\n", argv[4]);
-        return 3;
-    }
-
-    for (len = 0; find[len]!='\0'; len++);
-
-    if (len > 80) {
-        fprintf(stderr, "length of searchstring exceeds 80 chars");
-        return 4;
-    }
-
-    /* get a char from templ */
-    while ((int)(ch=fgetc(templ)) != EOF) {
-        if ((unsigned char)ch == find[matchcount]) {
-            /* if it matches find[matchcount], 
-             * then store one more char in buffer,
-             * increase match count, and checks if 
-             * the whole word has been found */
-            buffer[matchcount] = (unsigned char) ch;
-            buffer[++matchcount] = '\0';
-            
-            if (matchcount == len) {
-                matchcount = 0;
-                fprintf(target, "%s", replace);
-            } 
-        } else {
-            /* reset matchcount, flush buffer */
-            if (matchcount > 0) {
-                fprintf(target, "%s", buffer);
-                matchcount = 0;
-            }
-            fputc(ch, target);
-        }
-    }
-    fclose(templ);
-    fclose(target);
-    return 0;
-}
diff --git a/security/nss/lib/fortcrypt/secmodjar.html b/security/nss/lib/fortcrypt/secmodjar.html
deleted file mode 100644
index f093a5965..000000000
--- a/security/nss/lib/fortcrypt/secmodjar.html
+++ /dev/null
@@ -1,441 +0,0 @@
-<HTML>
-<--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
--->
-<HEAD>
-   <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
-   <META NAME="Author" CONTENT="Hoi-Sheung Wilson So">
-   <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (WinNT; I) [Netscape]">
-   <TITLE>How to Package Your Security Module for use with SmartUpdate</TITLE>
-</HEAD>
-<BODY>
-<FONT SIZE=+2>Using
-JAR Installation Manager Technology to Install Your PKCS11 Security Module</FONT>
-
-<P>Table of contents
-<BR><A HREF="#intro">I. Introduction</A>
-<BR><A HREF="#procedure">II. How to Create a Security Module JAR</A>
-<BR><A HREF="#samplescript">III. Sample Installer Script</A>
-<BR><A HREF="#reference">IV. Programmers' Reference</A>
-<BR><A HREF="#copyright">VI. Copyright Notice</A>
-<BR><A NAME="intro"></A><FONT SIZE=+1>I. Introduction</FONT>
-<BR>This docuemnt describes how to prepare your security module so that
-users can download it from the Internet, verify its integrity, and install
-by only pointing and clicking mouses.&nbsp; The packaged module is a signed
-JAR archive. This JAR archive contains a dynamically-linked library which
-implements the Security Module and a pice of installer script (.js) that
-registers and configures the newly installed module.&nbsp; SmartUpdate
-allows users to download JAR archinve that has been signed digitally by
-the software vendor.&nbsp; SmartUpdate then decompresses the JAR file,
-verify the signature and validity of the files packaged into the archive.&nbsp;
-If the signature is valid, SmartUpdate will run the installer script found
-in the archive.&nbsp; The installer script will instruct SmartUpdate to
-move the downloaded security module library to a specified location.&nbsp;
-Next, the script will register the module with Navigator, and configure
-it.
-
-<P>This document does not describe how SmartUpdate works.&nbsp; For more
-information about SmartUpdate, check out <A HREF="http://developer.netscape.com/library/documentation/communicator/jarman/index.htm">JAR
-Installation Manager</A>.
-
-<P><A NAME="procedure"></A><FONT SIZE=+1>II. How to Create a Security Module
-JAR</FONT>
-<OL>
-<LI>
-Obtain a copy of PKCS#11: Cryptographic Token Interface Standard Version
-2.00, published by <A HREF="http://www.rsa.com">RSA Laboratories</A>, Redwood
-City, California.</LI>
-
-<LI>
-Implement a PKCS#11 library according to PKCS#11 standards.</LI>
-
-<LI>
-Write a installer script that will register the module with Navigator.</LI>
-
-<LI>
-Use either JAR Packager or command line tool to package the library and
-the script in a signed JAR archive.</LI>
-
-<LI>
-Publish the JAR file on the web, and notify users to install/upgrade their
-library.</LI>
-</OL>
-<A NAME="samplescript"></A><FONT SIZE=+1>III. Sample Installer Script</FONT>
-
-<P>Functions of the following installer script:
-<BR>1. Start SmartUpdate and declares the version and the name of the module
-to be installed.
-<BR>2. Extract a library called DUMMY_DLL from the JAR archive and install
-it under the Netscape Program folder.
-<BR>3. Register the installed module by calling pkcs11.addmodule( ) method
-with information about the capabilities of the module.
-<BR>4. Check to see if pkcs11.addmodule( ) has been successful, and display
-appropriate messages.
-
-<P><TT>// Crypto Mechanism Flags</TT>
-<BR><TT>PKCS11_MECH_RSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;0;</TT>
-<BR><TT>PKCS11_MECH_DSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;1;</TT>
-<BR><TT>PKCS11_MECH_RC2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;2;</TT>
-<BR><TT>PKCS11_MECH_RC4_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;3;</TT>
-<BR><TT>PKCS11_MECH_DES_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;4;</TT>
-<BR><TT>PKCS11_MECH_DH_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;5; //Diffie-Hellman</TT>
-<BR><TT>PKCS11_MECH_SKIPJACK_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;
-0x1&lt;&lt;6; //SKIPJACK algorithm as in Fortezza cards</TT>
-<BR><TT>PKCS11_MECH_RC5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;7;</TT>
-<BR><TT>PKCS11_MECH_SHA1_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;8;</TT>
-<BR><TT>PKCS11_MECH_MD5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;9;</TT>
-<BR><TT>PKCS11_MECH_MD2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;10;</TT>
-<BR><TT>PKCS11_MECH_RANDOM_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;27; //Random number generator</TT>
-<BR><TT>PKCS11_PUB_READABLE_CERT_FLAG&nbsp; =&nbsp; 0x1&lt;&lt;28; //Stored
-certs can be read off the token w/o logging in</TT>
-<BR><TT>PKCS11_DISABLE_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;30; //tell Navigator to disable this slot by default</TT>
-
-<P><TT>// Important:</TT>
-<BR><TT>// 0x1&lt;&lt;11, 0x1&lt;&lt;12, ... , 0x1&lt;&lt;26, and 0x1&lt;&lt;31
-are reserved</TT>
-<BR><TT>// for internal use in Navigator.</TT>
-<BR><TT>// Therefore, these bits should always be set to 0; otherwise,</TT>
-<BR><TT>// Navigator might exhibit unpredictable behavior.</TT>
-
-<P><TT>// These flags indicate which mechanisms should be turned on by</TT>
-<BR><TT>pkcs11MechanismFlags = PKCS11_MECH_DSA_FLAG | PKCS11_MECH_SKIPJACK_FLAG
-| PKCS11_MECH_RANDOM_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-
-<P><TT>// Ciphers that support SSL or S/MIME</TT>
-<BR><TT>PKCS11_CIPHER_FORTEZZA_FLAG&nbsp;&nbsp;&nbsp; = 0x1&lt;&lt;0;</TT>
-
-<P><TT>// Important:</TT>
-<BR><TT>// 0x1&lt;&lt;11, 0x1&lt;&lt;12, ... , 0x1&lt;&lt;26, 0x1&lt;&lt;29,
-and 0x1&lt;&lt;31 are reserved</TT>
-<BR><TT>// for internal use in Navigator.</TT>
-<BR><TT>// Therefore, these bits should ALWAYS be set to 0; otherwise,</TT>
-<BR><TT>// Navigator might exhibit unpredictable behavior.</TT>
-
-<P><TT>// These flags indicate which SSL ciphers are supported</TT>
-<BR><TT>pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-
-<P><TT>// Return values of pkcs11.addmodule() &amp; pkcs11.delmodule()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 3 // Successfully added a module</TT>
-<BR><TT>JS_OK_DEL_EXTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 2 // Successfully deleted ext. module</TT>
-<BR><TT>JS_OK_DEL_INTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 1 // Successfully deleted int. module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_DEL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -4 // Error deleting a module</TT>
-<BR><TT>JS_ERR_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -5 // Error adding a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-<BR><TT>JS_ERR_BAD_DLL_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -7 // The DLL name is bad</TT>
-<BR><TT>JS_ERR_BAD_MECHANISM_FLAGS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -8 // The mechanism flags are invalid</TT>
-<BR><TT>JS_ERR_BAD_CIPHER_ENABLE_FLAGS&nbsp;&nbsp; = -9 // The SSL, S/MIME
-cipher flags are invalid</TT>
-<BR>&nbsp;
-
-<P><TT>if (confirm("This script will install and configure a security module,
-do you want to continue?")) {</TT>
-<BR><TT>&nbsp;// Step 1. Create a version object and a software update
-object</TT>
-<BR><TT>&nbsp;vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);</TT>
-<BR><TT>&nbsp;su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza
-Card PKCS#11 Module");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-// "Fortezza ... Module" is the logical name of the bundle</TT>
-
-<P><TT>&nbsp;// Step 2. Start the install process</TT>
-<BR><TT>&nbsp;bAbort = false;</TT>
-<BR><TT>&nbsp;err = su.StartInstall("litronic", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-// litronic is the component folder (logical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bAbort = bAbort || (err
-!=0);</TT>
-
-<P><TT>&nbsp;if (err == 0) {</TT>
-
-<P><TT>&nbsp;&nbsp;&nbsp; // Step 3. Find out the physical location of
-the Program dir</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; Folder = su.GetFolder("Program");</TT>
-
-<P><TT>&nbsp;&nbsp;&nbsp; // Step 4. Install the files. Unpack them and
-list where they go</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; err = su.AddSubcomponent("FortezzaCardDLL",
-//component name (logical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-vi, // version info</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-"DUMMY_DLL", // source file in JAR (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-Folder, // target folder (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-"DUMMY_DLL", // target path &amp; filename (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-this.force); // forces update</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; bAbort = bAbort || (err !=0);</TT>
-<BR><TT>&nbsp;}</TT>
-
-<P><TT>&nbsp;// Step 5. Unless there was a problem, move files to final
-location</TT>
-<BR><TT>&nbsp;// and update the Client Version Registry</TT>
-<BR><TT>&nbsp;if (bAbort) {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; window.alert("Installation Aborted");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; su.AbortInstall();</TT>
-<BR><TT>&nbsp;} else {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; err = su.FinalizeInstall();</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; window.alert("Files have been installed.\nContinue
-to setup the newly isntalled module...");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; // Add Module</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; compFolder = su.GetComponentFolder("litronic/FortezzaCardDLL")
-+ "/DUMMY_DLL";</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; result = pkcs11.addmodule("Fortezza", compFolder,
-pkcs11MechanismFlags, pkcs11CipherFlags);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if
-( result &lt; 0) {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-window.alert("New module setup failed.&nbsp; Error code: " + result);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }
-else {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-window.alert("New module setup completed.");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }</TT>
-<BR><TT>&nbsp;}</TT>
-<BR><TT>}</TT>
-
-<P><A NAME="reference"></A><FONT SIZE=+1>IV. Appendix A: Programmers' Refernce</FONT>
-<UL>
-<LI>
-<A HREF="#delmodule">pkcs11.addmodule( )</A></LI>
-
-<LI>
-<A HREF="#delmodule">pkcs11.delmodule( )</A></LI>
-</UL>
-
-<HR ALIGN=LEFT WIDTH="70%">
-<BR><A NAME="addmodule"></A>Name
-<BR><TT>addmodule</TT>
-<BR>Adds a PKCS#11 security module to the security module database, and
-notifies Communicator which cryptographic mechanisms should be turned on
-by default, and which SSL or S/MIME ciphers are supported.&nbsp; For security
-reasons, it will pop up a dialog box to ask the user to confirm this action.&nbsp;
-It might pop up other dialog boxes if necessary.
-
-<P>Method of
-<BR><TT>pkcs11</TT>
-
-<P>Syntax
-<BR><TT>int pkcs11.addmodule( string ModuleName,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-string LibraryFullPath,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-int CryptoMechanismFlags,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-int CipherFlags);</TT>
-<BR>&nbsp;
-<BR>Parameters
-<TABLE BORDER WIDTH="90%" >
-<TR>
-<TD><TT>ModuleName</TT></TD>
-
-<TD>Name of the module</TD>
-</TR>
-
-<TR>
-<TD><TT>LibraryFullPath</TT></TD>
-
-<TD>The filename of the library prepended with its full path</TD>
-</TR>
-
-<TR>
-<TD><TT>CryptoMechanismFlags</TT></TD>
-
-<TD>A bit vector indicating all cryptographic mechanisms should be turned
-on by default&nbsp; (See below)</TD>
-</TR>
-
-<TR>
-<TD><TT>CipherFlags</TT></TD>
-
-<TD>A bit vector indicating all SSL or S/MIME cipher functions supported
-by the module (Seel below)</TD>
-</TR>
-</TABLE>
-Cryptographic Mechanism Flags
-<BR><TT>PKCS11_MECH_RSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;0;</TT>
-<BR><TT>PKCS11_MECH_DSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;1;</TT>
-<BR><TT>PKCS11_MECH_RC2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;2;</TT>
-<BR><TT>PKCS11_MECH_RC4_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;3;</TT>
-<BR><TT>PKCS11_MECH_DES_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;4;</TT>
-<BR><TT>PKCS11_MECH_DH_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;5; //Diffie-Hellman</TT>
-<BR><TT>PKCS11_MECH_SKIPJACK_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;
-0x1&lt;&lt;6; //SKIPJACK algorithm as in Fortezza cards</TT>
-<BR><TT>PKCS11_MECH_RC5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;7;</TT>
-<BR><TT>PKCS11_MECH_SHA1_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;8;</TT>
-<BR><TT>PKCS11_MECH_MD5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;9;</TT>
-<BR><TT>PKCS11_MECH_MD2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;10;</TT>
-<BR><TT>PKCS11_MECH_RANDOM_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;27; //Random number generator</TT>
-<BR><TT>PKCS11_PUB_READABLE_CERT_FLAG&nbsp; =&nbsp; 0x1&lt;&lt;28; //Stored
-certs can be read off the token w/o logging in</TT>
-<BR><TT>PKCS11_DISABLE_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;30; //tell Navigator to disable this slot by default</TT>
-
-<P>Supported SSL or S/MIME Ciphers
-<BR><TT>PKCS11_CIPHER_FORTEZZA_FLAG&nbsp;&nbsp;&nbsp; = 0x1&lt;&lt;0;</TT>
-
-<P>Important for CryptoMechanismFlags:
-<BR><TT>0x1&lt;&lt;11</TT>, <TT>0x1&lt;&lt;12</TT>, ... , <TT>0x1&lt;&lt;26</TT>,
-<TT>0x1&lt;&lt;29, </TT>and <TT>0x1&lt;&lt;31</TT> are reserved for internal
-use in Navigator.
-<BR>Therefore, these bits should always be set to 0; otherwise, Navigator
-might exhibit unpredictable behavior.
-
-<P>Important for CipherFlags:
-<BR><TT>0x1&lt;&lt;1</TT>, <TT>0x1&lt;&lt;2</TT>, ... , <TT>0x1&lt;&lt;31</TT>
-are reserved for internal use in Navigator.
-<BR>Therefore, these bits should ALWAYS be set to 0; otherwise, Navigator
-might exhibit unpredictable behavior.
-
-<P>Example of CryptoMechanismFlags and CipherFlags:
-<BR><TT>pkcs11MechanismFlags = PKCS11_MECH_DSA_FLAG | PKCS11_MECH_SKIPJACK_FLAG
-| PKCS11_MECH_RANDOM_FLAG;</TT>
-<BR><TT>pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-<BR>Return Values:
-<BR><TT>// Return values of pkcs11.addmod()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 3 // Successfully added a module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -5 // Error adding a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-<BR><TT>JS_ERR_BAD_DLL_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -7 // The DLL name is bad</TT>
-<BR><TT>JS_ERR_BAD_MECHANISM_FLAGS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -8 // The mechanism flags are invalid</TT>
-<BR><TT>JS_ERR_BAD_CIPHER_ENABLE_FLAGS&nbsp;&nbsp; = -9 // The SSL, S/MIME
-cipher flags are invalid</TT>
-<BR>&nbsp;
-<HR ALIGN=LEFT WIDTH="70%">
-<BR><A NAME="delmodule"></A>Name
-<BR><TT>delmodule</TT>
-<BR>Deletes a PKCS#11 security module from the module database, but does
-not physically remove the file.&nbsp; For security reasons, it will pop
-up a dialog box to ask the user to confirm this action.&nbsp; It might
-pop up other dialog boxes if necessary.
-
-<P>Method of
-<BR><TT>pkcs11</TT>
-
-<P>Syntax
-<BR><TT>int pkcs11.delmodule( string ModuleName);</TT>
-<BR>&nbsp;
-<BR>Parameters
-<TABLE BORDER WIDTH="90%" >
-<TR>
-<TD><TT>ModuleName</TT></TD>
-
-<TD>Name of the module</TD>
-</TR>
-</TABLE>
-<TT>&nbsp;</TT>
-<BR>Return Values:
-<BR><TT>// Return values of pkcs11.addmod() &amp; pkcs11.delmod()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_DEL_EXTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 2 // Successfully deleted ext. module</TT>
-<BR><TT>JS_OK_DEL_INTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 1 // Successfully deleted int. module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_DEL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -4 // Error deleting a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-
-<P><A NAME="copyright"></A><FONT SIZE=+1>VI. Copyright Notice</FONT>
-<BR>&nbsp;
-
-<P><FONT SIZE=+4>XXX Don't know what to put here!!!</FONT>
-
-<P>Last modified 9/26/97
-</BODY>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/swfort/Makefile b/security/nss/lib/fortcrypt/swfort/Makefile
deleted file mode 100644
index 9c5e39de2..000000000
--- a/security/nss/lib/fortcrypt/swfort/Makefile
+++ /dev/null
@@ -1,83 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-$(OBJDIR)/nslib.c: nsmap.h swflib.c
-	@$(MAKE_OBJDIR)
-	rm -f $@
-	cat $+ > $@
-
-export:: private_export
-
-
diff --git a/security/nss/lib/fortcrypt/swfort/config.mk b/security/nss/lib/fortcrypt/swfort/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/fortcrypt/swfort/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/fortcrypt/swfort/manifest.mn b/security/nss/lib/fortcrypt/swfort/manifest.mn
deleted file mode 100644
index 6320cdd62..000000000
--- a/security/nss/lib/fortcrypt/swfort/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH		= ../../../..
-
-MODULE		= security
-LIBRARY_NAME	= swfci
-#LIBRARY_VERSION	= 12
-
-BUILT_CSRCS	= nslib.c    \
-		  $(NULL)
-
-CSRCS		= swfalg.c  \
-		  swfparse.c \
-		  swflib.c   \
-		  swfutl.c   \
-		  $(NULL)
-DIRS = pkcs11
-
-EXPORTS		= swfort.h swfortt.h
-PRIVATE_EXPORTS = swforti.h swfortti.h
-
-REQUIRES	= security dbm nspr
diff --git a/security/nss/lib/fortcrypt/swfort/nsmap.h b/security/nss/lib/fortcrypt/swfort/nsmap.h
deleted file mode 100644
index b5e1c2cda..000000000
--- a/security/nss/lib/fortcrypt/swfort/nsmap.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define MACI_ChangePIN			NSCI_ChangePIN
-#define MACI_CheckPIN			NSCI_CheckPIN
-#define MACI_Close			NSCI_Close
-#define MACI_Decrypt			NSCI_Decrypt
-#define MACI_DeleteCertificate		NSCI_DeleteCertificate
-#define MACI_DeleteKey			NSCI_DeleteKey
-#define MACI_Encrypt			NSCI_Encrypt
-#define MACI_ExtractX 			NSCI_ExtractX
-#define MACI_FirmwareUpdate 		NSCI_FirmwareUpdate
-#define MACI_GenerateIV			NSCI_GenerateIV
-#define MACI_GenerateMEK		NSCI_GenerateMEK
-#define MACI_GenerateRa			NSCI_GenerateRa
-#define MACI_GenerateRandom		NSCI_GenerateRandom
-#define MACI_GenerateTEK 		NSCI_GenerateTEK
-#define MACI_GenerateX 			NSCI_GenerateX
-#define MACI_GetCertificate		NSCI_GetCertificate
-#define MACI_GetConfiguration		NSCI_GetConfiguration
-#define MACI_GetHash			NSCI_GetHash
-#define MACI_GetPersonalityList		NSCI_GetPersonalityList
-#define MACI_GetSessionID		NSCI_GetSessionID
-#define MACI_GetState			NSCI_GetState
-#define MACI_GetStatus			NSCI_GetStatus
-#define MACI_GetTime			NSCI_GetTime
-#define MACI_Hash			NSCI_Hash
-#define MACI_Initialize			NSCI_Initialize
-#define MACI_InitializeHash		NSCI_InitializeHash
-#define MACI_InstallX 			NSCI_InstallX
-#define MACI_LoadCertificate 		NSCI_LoadCertificate
-#define MACI_LoadDSAParameters	 	NSCI_LoadDSAParameters
-#define MACI_LoadInitValues		NSCI_LoadInitValues
-#define MACI_LoadIV			NSCI_LoadIV
-#define MACI_LoadX 			NSCI_LoadX
-#define MACI_Lock			NSCI_Lock
-#define MACI_Open			NSCI_Open
-#define MACI_RelayX 			NSCI_RelayX
-#define MACI_Reset			NSCI_Reset
-#define MACI_Restore			NSCI_Restore
-#define MACI_Save			NSCI_Save
-#define MACI_Select			NSCI_Select
-#define MACI_SetConfiguration		NSCI_SetConfiguration
-#define MACI_SetKey			NSCI_SetKey
-#define MACI_SetMode			NSCI_SetMode
-#define MACI_SetPersonality		NSCI_SetPersonality
-#define MACI_SetTime			NSCI_SetTime
-#define MACI_Sign			NSCI_Sign
-#define MACI_Terminate			NSCI_Terminate
-#define MACI_TimeStamp			NSCI_TimeStamp
-#define MACI_Unlock			NSCI_Unlock
-#define MACI_UnwrapKey			NSCI_UnwrapKey
-#define MACI_VerifySignature		NSCI_VerifySignature
-#define MACI_VerifyTimeStamp		NSCI_VerityTimeStap
-#define MACI_WrapKey			NSCI_WrapKey
-#define MACI_Zeroize			NSCI_Zeroize
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore b/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore
deleted file mode 100644
index 6532d294d..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore
+++ /dev/null
@@ -1,15 +0,0 @@
-forsock.c
-cryptint.h
-fmutex.h
-fortsock.h
-fpkcs11.h
-fpkcs11f.h
-fpkcs11i.h
-fpkcs11t.h
-fpkmem.h
-fpkstrs.h
-genci.h
-maci.h
-fortpk11.c
-fmutex.c
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile b/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile
deleted file mode 100644
index c148b325c..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile
+++ /dev/null
@@ -1,157 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-CRYPTO_LIB = $(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX) 
-#SWCILI    = ../$(OBJDIR)/$(LIB_PREFIX)swfci.$(LIB_SUFFIX)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-ifdef MOZILLA_SECURITY_BUILD
-CRYPTO_LIB = $(DIST)/lib/crypto.lib
-endif
-ifdef MOZILLA_BSAFE_BUILD
-CRYPTO_LIB += $(DIST)/lib/bsafe$(BSAFEVER).lib
-CRYPTO_LIB += $(DIST)/lib/freebl.lib 
-endif
-
-EXTRA_LIBS = \
-	$(DIST)/lib/swfci.lib \
-	$(DIST)/lib/softokn.lib \
-	$(CRYPTO_LIB) \
-	$(DIST)/lib/secutil.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \
-	wsock32.lib \
-	winmm.lib \
-	$(NULL)
-
-else
-
-ifdef MOZILLA_SECURITY_BUILD
-CRYPTO_LIB = $(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-endif
-ifdef MOZILLA_BSAFE_BUILD
-CRYPTO_LIB += $(DIST)/lib/$(LIB_PREFIX)bsafe.$(LIB_SUFFIX)
-CRYPTO_LIB += $(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-endif
-
-EXTRA_LIBS += \
-	$(DIST)/lib/$(LIB_PREFIX)swfci.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)softokn.$(LIB_SUFFIX) \
-	$(CRYPTO_LIB) \
-	$(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)plc4.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)plds4.$(LIB_SUFFIX) \
-	$(NULL)
-
-endif
-
-INST_JS                 = inst.js
-LIBCI_JAR               = $(OBJDIR)/lib$(LIBRARY_NAME).jar
-LIBCI_JAR_SRC           = $(INST_JS) pk11inst $(SHARED_LIBRARY)
-
-ifneq ($(OS_TARGET), WIN16)
-TARGETS : $(LIBCI_JAR)
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-# note that rules.mk is not included below for WIN16
-all:
-	@echo Skipping fortcrypt directory for 16-bit windows builds
-
-all_platforms alltags clean clobber clobber_all realclean: all
-
-boot export install libs program release: all
-
-endif
-
-#$(SHARED_LIBRARY): $(SWCILIB)
-
-#
-# The following rules packages the shared library into a JAR,
-# ready to be signed
-#
-$(OBJDIR)/replace: replace.c
-	$(CC) -o $@ $<
-
-# ZIP options:
-# -5 means medium compression
-# -q means quiet
-# -j means do not store tree structure, all files go into one dir
-#
-$(LIBCI_JAR): $(LIBCI_JAR_SRC)
-	@echo +++ building $@ from $(LIBCI_JAR_SRC)
-	@rm -f $@
-	zip -5qj $@ $(LIBCI_JAR_SRC) 
-
-$(LIBSWCI_JAR): $(LIBSWCI_JAR_SRC)
-	@echo +++ building $@ from $(LIBSWCI_JAR_SRC)
-	@rm -f $@
-	zip -5qj $@ $(LIBSWCI_JAR_SRC) 
-
-
-MD_FILES += $(LIBCI_JAR) $(LIBSWCI_JAR)
-
-# coreconf doesn't build the AIX shared library for FORTEZZA,
-# so I'm going to override their shared library command and build the shared
-# library the way config used to.
-#
-
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS              = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS        = -lc
-MKSHLIB                 = xlC $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
-	@$(MAKE_OBJDIR)
-	rm -f $@
-	$(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
-	chmod +x $@
-
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-LD      += -G
-endif 
-
-ifneq ($(OS_TARGET), WIN16)
-include $(CORE_DEPTH)/coreconf/rules.mk
-endif
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk b/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk
deleted file mode 100644
index 960774691..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only shared libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(SHARED_LIBRARY) $(SHARED_SW_LIBRARY) $(LIBCI_JAR) $(LIBCI_SW_JAR)
-LIBRARY        =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js b/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js
deleted file mode 100644
index 2f7574717..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js
+++ /dev/null
@@ -1,189 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-// 
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-// 
-// The Original Code is the Netscape security libraries.
-// 
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation.  Portions created by Netscape are 
-// Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-// Rights Reserved.
-// 
-// Contributor(s):
-// 
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable 
-// instead of those above.  If you wish to allow use of your 
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL.  If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-////////////////////////////////////////////////////////////////////////////////////////
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG           =  0x1<<0; 
-PKCS11_MECH_DSA_FLAG           =  0x1<<1; 
-PKCS11_MECH_RC2_FLAG           =  0x1<<2; 
-PKCS11_MECH_RC4_FLAG           =  0x1<<3; 
-PKCS11_MECH_DES_FLAG           =  0x1<<4; 
-PKCS11_MECH_DH_FLAG            =  0x1<<5; //Diffie-Hellman 
-PKCS11_MECH_SKIPJACK_FLAG      =  0x1<<6; //SKIPJACK algorithm as in Fortezza cards 
-PKCS11_MECH_RC5_FLAG           =  0x1<<7; 
-PKCS11_MECH_SHA1_FLAG          =  0x1<<8; 
-PKCS11_MECH_MD5_FLAG           =  0x1<<9; 
-PKCS11_MECH_MD2_FLAG           =  0x1<<10; 
-PKCS11_MECH_RANDOM_FLAG        =  0x1<<27; //Random number generator 
-PKCS11_PUB_READABLE_CERT_FLAG  =  0x1<<28; //Stored certs can be read off the token w/o logging in 
-PKCS11_DISABLE_FLAG            =  0x1<<30; //tell Navigator to disable this slot by default 
-
-// Important: 
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which mechanisms should be turned on by 
-var pkcs11MechanismFlags = 0;
-  
-////////////////////////////////////////////////////////////////////////////////////////
-// Ciphers that support SSL or S/MIME 
-PKCS11_CIPHER_FORTEZZA_FLAG    = 0x1<<0; 
-
-// Important: 
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved 
-// for internal use in Navigator. 
-// Therefore, these bits should ALWAYS be set to 0; otherwise, 
-// Navigator might exhibit unpredictable behavior. 
-
-// These flags indicate which SSL ciphers are supported 
-var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG; 
-  
-////////////////////////////////////////////////////////////////////////////////////////
-// Return values of pkcs11.addmodule() & pkcs11.delmodule() 
-// success codes 
-JS_OK_ADD_MODULE                 = 3; // Successfully added a module 
-JS_OK_DEL_EXTERNAL_MODULE        = 2; // Successfully deleted ext. module 
-JS_OK_DEL_INTERNAL_MODULE        = 1; // Successfully deleted int. module 
-
-// failure codes 
-JS_ERR_OTHER                     = -1; // Other errors than the followings 
-JS_ERR_USER_CANCEL_ACTION        = -2; // User abort an action 
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments 
-JS_ERR_DEL_MODULE                = -4; // Error deleting a module 
-JS_ERR_ADD_MODULE                = -5; // Error adding a module 
-JS_ERR_BAD_MODULE_NAME           = -6; // The module name is invalid 
-JS_ERR_BAD_DLL_NAME              = -7; // The DLL name is bad 
-JS_ERR_BAD_MECHANISM_FLAGS       = -8; // The mechanism flags are invalid 
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS   = -9; // The SSL, S/MIME cipher flags are invalid 
-
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Find out which library is to be installed depending on the platform
-
-// pathname seperator is platform specific
-var sep = "/";
-var vendor = "netscape";
-var moduleName = "not_supported";
-
-// platform-independent relative path
-var dir = "pkcs11/" + vendor + "/";
-
-var plat = navigator.platform;
-
-bAbort = false;
-progName = "instinit";
-if (plat == "Win32") {
-    moduleName = "swft32.dll";
-    // progName = "instinit.exe";
-    sep = "\\";
-} else if (plat == "AIX4.1") {
-    moduleName = "libswft.so";
-} else if (plat == "SunOS4.1.3_U1") {
-    moduleName = "libswft.so.1.0";        
-} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
-    moduleName = "libswft.so";
-} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
-    moduleName = "libswft.sl";
-} else {
-    window.alert("Sorry, platform "+plat+" is not supported.");
-    bAbort = true;
-}
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Installation Begins...
-if (!bAbort) {
-if (confirm("This script will install and configure a security module, do you want to continue?")) { 
- // Step 1. Create a version object and a software update object 
- vi = new netscape.softupdate.VersionInfo(1, 5, 0, 0); 
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module"); 
-                 // "Fortezza ... Module" is the logical name of the bundle 
-
- ////////////////////////////////////////
- // Step 2. Start the install process 
- bAbort = false; 
- err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical) 
-                       vi, 
-                       netscape.softupdate.SoftwareUpdate.FULL_INSTALL); 
-                            
- bAbort = bAbort || (err !=0); 
-
- if (err == 0) { 
-     ////////////////////////////////////////
-    // Step 3. Find out the physical location of the Program dir 
-    Folder = su.GetFolder("Program"); 
-
-     ////////////////////////////////////////
-    // Step 4. Install the files. Unpack them and list where they go 
-    err = su.AddSubcomponent("FortezzaLibrary", //component name (logical) 
-                                    vi, // version info 
-                                    moduleName, // source file in JAR (physical) 
-                                    Folder, // target folder (physical) 
-                                    dir + moduleName, // target path & filename (physical) 
-                                    this.force); // forces update 
-    bAbort = bAbort || (err !=0); 
-    if (err != 0) window.alert("Add sub err= "+ err);
- } 
-
- if (err == 0) {
-    /// Try installing the init program 
-    err = su.AddSubcomponent("FortezzaInitProg", vi, progName, Folder, progName,		this.force);
-    // don't fail because it didn't install, may just not be part of the package
-}
-
- ////////////////////////////////////////
- // Step 5. Unless there was a problem, move files to final location 
- // and update the Client Version Registry 
- if (bAbort) { 
-    window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
-    su.AbortInstall(); 
- } else { 
-    err = su.FinalizeInstall(); 
-    // Platform specific full path 
-    fullpath = Folder +  "pkcs11" + sep + vendor + sep + moduleName;
-
-     ////////////////////////////////////////
-    // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
-    result = pkcs11.addmodule("Netscape Software FORTEZZA Module", 
-                              fullpath, 
-                              pkcs11MechanismFlags, 
-                              pkcs11CipherFlags); 
-
-    if ( result < 0) { 
-       window.alert("New module setup failed.  Error code: " + result); 
-   } else { 
-       window.alert("New module setup completed."); 
-   } 
- } 
-} 
-}
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn b/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn
deleted file mode 100644
index 7ef8c2009..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn
+++ /dev/null
@@ -1,63 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH		= ../../../../..
-
-MODULE		= security
-LIBRARY_NAME	= swft
-#LIBRARY_VERSION	= 32
-
-COPIED_CSRCS	= forsock.c  \
-		  fortpk11.c \
-		  fmutex.c   \
-		  $(NULL)
-
-CSRCS		= \
-		  $(COPIED_CSRCS) \
-		  stub.c \
-		  $(NULL)
-
-vpath %.c ../../
-INCLUDES	= -I../..
-
-EXPORTS		= 
-
-REQUIRES	= security dbm
-
-
-DEFINES		= -DSWFORT
-
-GARBAGE		= $(COPIED_CSRCS) cryptint.h fmutex.h fortsock.h fpkcs11.h \
-	fpkcs11f.h fpkcs11i.h fpkcs11t.h fpkmem.h fpkstrs.h genci.h maci.h 
-
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst b/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst
deleted file mode 100755
index 31d73eb4a..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst
+++ /dev/null
@@ -1,49 +0,0 @@
-ForwardCompatible { HPUX:10:hppa1.1 Solaris:5.5.1:sparc AIX:4.1:rs6000 }
-    Platforms {
-	WINNT::x86 {
-	    ModuleName { "Netscape Software FORTEZZA Module" }
-	    ModuleFile { %root%/pkcs11/netscape/swft32.dll }
-	    DefaultMechanismFlags{0x0000}
-	    DefaultCipherFlags{0x0001}
-	    Files {
-		swft32.dll {
-                     RelativePath { %root%/pkcs11/netscape/swft32.dll }
-		}
-	    }
-	WIN95::x86 {
-	    EquivalentPlatform {WINNT::x86}
-	}
-	Solaris:5.5.1:sparc {
-	    ModuleName { "Netscape Software FORTEZZA Module" }
-	    ModuleFile { %root%/pkcs11/netscape/libswft.so }
-	    DefaultMechanismFlags{0x0000}
-	    DefaultCipherFlags{0x0001}
-	    Files {
-		libswft.so {
-                     RelativePath { %root%/pkcs11/netscape/libswft.so }
-		}
-	    }
-	}
-	AIX:4.1:rs6000 {
-	    ModuleName { "Netscape Software FORTEZZA Module" }
-	    ModuleFile { %root%/pkcs11/netscape/libswft.so }
-	    DefaultMechanismFlags{0x0000}
-	    DefaultCipherFlags{0x0001}
-	    Files {
-		libswft.so {
-                     RelativePath { %root%/pkcs11/netscape/libswft.so }
-		}
-	    }
-	}
-	HPUX:10:hppa1.1 {
-	    ModuleName { "Netscape Software FORTEZZA Module" }
-	    ModuleFile { %root%/pkcs11/netscape/libswft.sl }
-	    DefaultMechanismFlags{0x0000}
-	    DefaultCipherFlags{0x0001}
-	    Files {
-		libswft.so {
-                     RelativePath { %root%/pkcs11/netscape/libswft.sl }
-		}
-	    }
-	}
-    }
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c b/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c
deleted file mode 100644
index 0f673e77b..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c
+++ /dev/null
@@ -1,363 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- * 
- * NOTE - These are not public interfaces. These stubs are to allow the 
- * SW FORTEZZA to link with some low level security functions without dragging
- * in NSPR.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "prbit.h"
-
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.  
- *  Is this the appropriate location?  or should they be
- *     moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc  ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
-    void *rv;
-
-    /* Always allocate a non-zero amount of bytes */
-    rv = (void *)malloc(bytes ? bytes : 1);
-    if (!rv) {
-	++port_allocFailures;
-    }
-    return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
-    void *rv;
-
-    rv = (void *)realloc(oldptr, bytes);
-    if (!rv) {
-	++port_allocFailures;
-    }
-    return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
-    void *rv;
-
-    /* Always allocate a non-zero amount of bytes */
-    rv = (void *)calloc(1, bytes ? bytes : 1);
-    if (!rv) {
-	++port_allocFailures;
-    }
-    return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
-    if (ptr) {
-	free(ptr);
-    }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
-    if (ptr) {
-	memset(ptr, 0, len);
-	free(ptr);
-    }
-}
-
-char *
-PORT_Strdup(const char *str)
-{
-    size_t len = PORT_Strlen(str)+1;
-    char *newstr;
-
-    newstr = (char *)PORT_Alloc(len);
-    if (newstr) {
-        PORT_Memcpy(newstr, str, len);
-    }
-    return newstr;
-}
-
-void
-PORT_SetError(int value)
-{	
-    return;
-}
-
-int
-PORT_GetError(void)
-{
-    return(1);
-}
-
-/********************* Arena code follows *****************************/
-
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
-    PLArenaPool *arena;
-    
-    arena = (PLArenaPool*)PORT_ZAlloc(sizeof(PLArenaPool));
-    if ( arena != NULL ) {
-	PR_InitArenaPool(arena, "security", chunksize, sizeof(double));
-    }
-    return(arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
-    void *p;
-
-    PL_ARENA_ALLOCATE(p, arena, size);
-    if (p == NULL) {
-	++port_allocFailures;
-    }
-
-    return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
-    void *p;
-
-    PL_ARENA_ALLOCATE(p, arena, size);
-    if (p == NULL) {
-	++port_allocFailures;
-    } else {
-	PORT_Memset(p, 0, size);
-    }
-
-    return(p);
-}
-
-/* need to zeroize!! */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
-    PR_FinishArenaPool(arena);
-    PORT_Free(arena);
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
-    PORT_Assert(newsize >= oldsize);
-    
-    PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-    
-    return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
-    void * result;
-
-    result = PL_ARENA_MARK(arena);
-    return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
-    PL_ARENA_RELEASE(arena, mark);
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
-    /* do nothing */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena,const char *str) {
-    int len = PORT_Strlen(str)+1;
-    char *newstr;
-
-    newstr = (char*)PORT_ArenaAlloc(arena,len);
-    if (newstr) {
-        PORT_Memcpy(newstr,str,len);
-    }
-    return newstr;
-}
-
-PR_IMPLEMENT(void)
-PR_Assert(const char *expr, const char *file, int line) {
-    return; 
-}
-
-PR_IMPLEMENT(void *)
-PR_Alloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Malloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Calloc(PRUint32 blocks, PRUint32 bytes) { return calloc(blocks,bytes); }
-
-PR_IMPLEMENT(void)
-PR_Free(void *ptr) { free(ptr); }
-
-PR_IMPLEMENT(void)
-PR_SetError(PRErrorCode errorCode, PRInt32 oserr) { return; }
-
-PR_IMPLEMENT(void)
-PR_SetErrorText(PRIntn textLength, const char *text) { return; }
-
-
-/* Old template; want to expunge it eventually. */
-#include "secasn1.h"
-#include "secoid.h"
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SECAlgorithmID) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(SECAlgorithmID,algorithm), },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	  offsetof(SECAlgorithmID,parameters), },
-    { 0, }
-};
-
-/* now make the RNG happy */ /* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); }
-/* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicDecrement(PRInt32 *val) { return --(*val); }
-
-PR_IMPLEMENT(PRStatus) PR_Sleep(PRIntervalTime ticks) { return PR_SUCCESS; }
-
-#include "nssilock.h"
-#include "fmutex.h"
-PR_IMPLEMENT(PRLock *)
-PR_NewLock(void) {
-	PRLock *lock = NULL;
-
-	FMUTEX_Create((void **)&lock);
-
-	/* if we don't have a lock, FMUTEX can deal with things */
-	if (lock == NULL) lock=(PRLock *) 1;
-	return lock;
-}
-
-PR_IMPLEMENT(void) 
-PR_DestroyLock(PRLock *lock) {
-	FMUTEX_Destroy(lock);
-}
-
-PR_IMPLEMENT(void) 
-PR_Lock(PRLock *lock) {
-	FMUTEX_Lock(lock);
-}
-
-PR_IMPLEMENT(PRStatus) 
-PR_Unlock(PRLock *lock) {
-	FMUTEX_Unlock(lock);
-	return PR_SUCCESS;
-}
-
-/* this implementation is here to satisfy the PRMonitor use in plarena.c.
-** It appears that it doesn't need re-entrant locks.  It could have used
-** PRLock instead of PRMonitor.  So, this implementation just uses 
-** PRLock for a PRMonitor.
-*/
-PR_IMPLEMENT(PRMonitor*) 
-PR_NewMonitor(void)
-{
-    return (PRMonitor *) PR_NewLock();
-}
-
-
-PR_IMPLEMENT(void) 
-PR_EnterMonitor(PRMonitor *mon)
-{
-    PR_Lock( (PRLock *)mon );
-}
-
-PR_IMPLEMENT(PRStatus) 
-PR_ExitMonitor(PRMonitor *mon)
-{
-    return PR_Unlock( (PRLock *)mon );
-}
-
-#include "prinit.h"
-
-/* This is NOT threadsafe.  It is merely a pseudo-functional stub.
-*/
-PR_IMPLEMENT(PRStatus) PR_CallOnce(
-    PRCallOnceType *once,
-    PRCallOnceFN    func)
-{
-    /* This is not really atomic! */
-    if (1 == PR_AtomicIncrement(&once->initialized)) {
-	once->status = (*func)();
-    }  else {
-    	/* Should wait to be sure that func has finished before returning. */
-    }
-    return once->status;
-}
-
-
-/*
-** Compute the log of the least power of 2 greater than or equal to n
-*/
-PRIntn PR_CeilingLog2(PRUint32 i) {
-	PRIntn log2;
-	PR_CEILING_LOG2(log2,i);
-	return log2;
-}
-
-/********************** end of arena functions ***********************/
-
diff --git a/security/nss/lib/fortcrypt/swfort/swfalg.c b/security/nss/lib/fortcrypt/swfort/swfalg.c
deleted file mode 100644
index 6f8ab9f6c..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfalg.c
+++ /dev/null
@@ -1,506 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA skipjack primatives
- */
-#include "maci.h"
-#include "seccomon.h"
-#include "swforti.h" 
-
-/*
- * Xor the IV into the plaintext buffer either just before encryption, or
- * just after decryption.
- */
-static void
-fort_XorIV(unsigned char *obuffer, unsigned char *buffer, unsigned char *iv) {
-    int i;
-#ifdef USE_INT32
-    if ((buffer & 0x3) == 0) && ((iv & 0x3) == 0)) {
-	int32 *ibuffer = (int32 *)buffer;
-	int32 *iobuffer = (int32 *)obuffer;
-	int32 *iiv = (int32 *)iv;
-
-	iobuffer[0] = ibuffer[0] ^ iiv[0];
-	iobuffer[1] = ibuffer[1] ^ iiv[1];
-	return;
-    }
-#endif
-
-    for (i=0; i < SKIPJACK_BLOCK_SIZE; i++) {
-	obuffer[i] = buffer[i] ^ iv[i];
-    }
-}
-
-
-/* the F-table for Skipjack */
-unsigned char F[256] = { 
-    0xa3, 0xd7, 0x09, 0x83, 0xf8, 0x48, 0xf6, 0xf4,
-    0xb3, 0x21, 0x15, 0x78, 0x99, 0xb1, 0xaf, 0xf9,
-    0xe7, 0x2d, 0x4d, 0x8a, 0xce, 0x4c, 0xca, 0x2e,
-    0x52, 0x95, 0xd9, 0x1e, 0x4e, 0x38, 0x44, 0x28,
-    0x0a, 0xdf, 0x02, 0xa0, 0x17, 0xf1, 0x60, 0x68,
-    0x12, 0xb7, 0x7a, 0xc3, 0xe9, 0xfa, 0x3d, 0x53,
-    0x96, 0x84, 0x6b, 0xba, 0xf2, 0x63, 0x9a, 0x19,
-    0x7c, 0xae, 0xe5, 0xf5, 0xf7, 0x16, 0x6a, 0xa2,
-    0x39, 0xb6, 0x7b, 0x0f, 0xc1, 0x93, 0x81, 0x1b,
-    0xee, 0xb4, 0x1a, 0xea, 0xd0, 0x91, 0x2f, 0xb8,
-    0x55, 0xb9, 0xda, 0x85, 0x3f, 0x41, 0xbf, 0xe0,
-    0x5a, 0x58, 0x80, 0x5f, 0x66, 0x0b, 0xd8, 0x90,
-    0x35, 0xd5, 0xc0, 0xa7, 0x33, 0x06, 0x65, 0x69,
-    0x45, 0x00, 0x94, 0x56, 0x6d, 0x98, 0x9b, 0x76,
-    0x97, 0xfc, 0xb2, 0xc2, 0xb0, 0xfe, 0xdb, 0x20,
-    0xe1, 0xeb, 0xd6, 0xe4, 0xdd, 0x47, 0x4a, 0x1d,
-    0x42, 0xed, 0x9e, 0x6e, 0x49, 0x3c, 0xcd, 0x43,
-    0x27, 0xd2, 0x07, 0xd4, 0xde, 0xc7, 0x67, 0x18,
-    0x89, 0xcb, 0x30, 0x1f, 0x8d, 0xc6, 0x8f, 0xaa,
-    0xc8, 0x74, 0xdc, 0xc9, 0x5d, 0x5c, 0x31, 0xa4,
-    0x70, 0x88, 0x61, 0x2c, 0x9f, 0x0d, 0x2b, 0x87,
-    0x50, 0x82, 0x54, 0x64, 0x26, 0x7d, 0x03, 0x40,
-    0x34, 0x4b, 0x1c, 0x73, 0xd1, 0xc4, 0xfd, 0x3b,
-    0xcc, 0xfb, 0x7f, 0xab, 0xe6, 0x3e, 0x5b, 0xa5,
-    0xad, 0x04, 0x23, 0x9c, 0x14, 0x51, 0x22, 0xf0,
-    0x29, 0x79, 0x71, 0x7e, 0xff, 0x8c, 0x0e, 0xe2,
-    0x0c, 0xef, 0xbc, 0x72, 0x75, 0x6f, 0x37, 0xa1,
-    0xec, 0xd3, 0x8e, 0x62, 0x8b, 0x86, 0x10, 0xe8,
-    0x08, 0x77, 0x11, 0xbe, 0x92, 0x4f, 0x24, 0xc5,
-    0x32, 0x36, 0x9d, 0xcf, 0xf3, 0xa6, 0xbb, 0xac,
-    0x5e, 0x6c, 0xa9, 0x13, 0x57, 0x25, 0xb5, 0xe3,
-    0xbd, 0xa8, 0x3a, 0x01, 0x05, 0x59, 0x2a, 0x46
-};
-
-typedef unsigned char fort_keysched[32*4];
-
-/* do the key schedule work once for efficency */
-static void
-fort_skipKeySchedule(FORTSkipjackKeyPtr key,fort_keysched keysched)
-{
-    unsigned char *keyptr = key;
-    unsigned char *first = keyptr +sizeof(FORTSkipjackKey)-1;
-    int i;
-
-    keyptr = first;
-
-    for (i=0; i < (32*4); i++) {
-	keysched[i] = *keyptr--;
-	if (keyptr < key) keyptr = first;
-    }
-    return;
-}
-
-static void
-fort_clearShedule(fort_keysched keysched)
-{
-    PORT_Memset(keysched, 0, sizeof(keysched));
-}
-
-
-static unsigned int 
-G(fort_keysched cv, int k, unsigned int wordIn)
-{
-    unsigned char g1, g2, g3, g4, g5, g6;
-
-    g1 = (unsigned char) (wordIn >> 8) & 0xff;
-    g2 = (unsigned char) wordIn & 0xff;
-
-    g3 = F[g2^cv[4*k]]^g1;
-    g4 = F[g3^cv[4*k+1]]^g2;
-    g5 = F[g4^cv[4*k+2]]^g3;
-    g6 = F[g5^cv[4*k+3]]^g4;
-
-    return ((g5<<8)+g6);
-}
-
-static unsigned int 
-G1(fort_keysched cv, int k, unsigned int wordIn)
-{
-    unsigned char g1, g2, g3, g4, g5, g6;
-
-    g5 = (unsigned char) (wordIn >> 8) & 0xff;
-    g6 = (unsigned char) wordIn & 0xff;
-
-    g4 = F[g5^cv[4*k+3]]^g6;
-    g3 = F[g4^cv[4*k+2]]^g5;
-    g2 = F[g3^cv[4*k+1]]^g4;
-    g1 = F[g2^cv[4*k]]^g3;
-
-    return ((g1<<8)+g2);
-}
-
-static void 
-ruleA(fort_keysched cv,int round,unsigned int *w)
-{
-    unsigned int w4;
-    int i;
-
-    for(i=0; i<8; i++) {
-	int k = round*16+i;
-	int counter = k+1;
-
-	w4 = w[4];
-	w[4] = w[3];
-	w[3] = w[2];
-	w[2] = G(cv,k,w[1]);
-	w[1] = G(cv,k,w[1]) ^ w4 ^ counter;
-    }
-    return;
-}
-
-static void 
-ruleB(fort_keysched cv,int round,unsigned int *w)
-{
-    unsigned int w4;
-    int i;
-
-    for(i=0; i<8; i++) {
-	int k = round*16+i+8;
-	int counter = k+1;
-
-	w4 = w[4];
-	w[4] = w[3];
-	w[3] = w[1] ^ w[2] ^ counter; 
-	w[2] = G(cv,k,w[1]);
-	w[1] = w4;
-    }
-    return;
-}
-
-static void 
-ruleA1(fort_keysched cv,int round,unsigned int *w)
-{
-    unsigned int w4;
-    int i;
-
-    for(i=7; i>=0; i--) {
-	int k = round*16+i;
-	int counter = k+1;
-
-	w4 = w[4];
-	w[4] = w[1] ^ w[2] ^ counter;
-	w[1] = G1(cv,k,w[2]);
-	w[2] = w[3];
-	w[3] = w4;
-    }
-    return;
-}
-
-static void 
-ruleB1(fort_keysched cv,int round,unsigned int *w)
-{
-    unsigned int w4;
-    int i;
-
-    for(i=7; i>=0; i--) {
-	int k = round*16+i+8;
-	int counter = k+1;
-
-	w4 = w[4];
-	w[4] = w[1];
-	w[1] = G1(cv,k,w[2]);
-	w[2] = G1(cv,k,w[2]) ^ w[3] ^ counter; 
-	w[3] = w4;
-    }
-    return;
-}
-
-
-static void 
-fort_doskipD(fort_keysched cv,unsigned char *cipherIn,
-						 unsigned char *plainOut) {
-  unsigned int w[5]; /* ignore w[0] so the code matches the doc */
-
-  /* initial byte swap */
-  w[1]=(cipherIn[7]<<8)+cipherIn[6];
-  w[2]=(cipherIn[5]<<8)+cipherIn[4];
-  w[3]=(cipherIn[3]<<8)+cipherIn[2];
-  w[4]=(cipherIn[1]<<8)+cipherIn[0];
-
-  ruleB1(cv,1,w);
-  ruleA1(cv,1,w);
-  ruleB1(cv,0,w);
-  ruleA1(cv,0,w);
-
-  /* final byte swap */
-  plainOut[0] = w[4] & 0xff;
-  plainOut[1] = (w[4] >> 8) & 0xff;
-  plainOut[2] = w[3] & 0xff;
-  plainOut[3] = (w[3] >> 8) & 0xff;
-  plainOut[4] = w[2] & 0xff;
-  plainOut[5] = (w[2] >> 8) & 0xff;
-  plainOut[6] = w[1] & 0xff;
-  plainOut[7] = (w[1] >> 8) & 0xff;
-  return;
-}
-
-static void 
-fort_doskipE(fort_keysched cv,unsigned char *cipherIn,
-						 unsigned char *plainOut) {
-  unsigned int w[5]; /* ignore w[0] so the code matches the doc */
-
-  /* initial byte swap */
-  w[1]=(cipherIn[7]<<8)+cipherIn[6];
-  w[2]=(cipherIn[5]<<8)+cipherIn[4];
-  w[3]=(cipherIn[3]<<8)+cipherIn[2];
-  w[4]=(cipherIn[1]<<8)+cipherIn[0];
-
-  ruleA(cv,0,w);
-  ruleB(cv,0,w);
-  ruleA(cv,1,w);
-  ruleB(cv,1,w);
-
-  /* final byte swap */
-  plainOut[0] = w[4] & 0xff;
-  plainOut[1] = (w[4] >> 8) & 0xff;
-  plainOut[2] = w[3] & 0xff;
-  plainOut[3] = (w[3] >> 8) & 0xff;
-  plainOut[4] = w[2] & 0xff;
-  plainOut[5] = (w[2] >> 8) & 0xff;
-  plainOut[6] = w[1] & 0xff;
-  plainOut[7] = (w[1] >> 8) & 0xff;
-  return;
-}
-
-/* Checksums are calculated by encrypted a fixed string with the key, then
- * taking 16 bytes of the result from the block */
-static int
-fort_CalcKeyChecksum(FORTSkipjackKeyPtr key, unsigned char *sum) {
-    unsigned char ckdata[8] = {
-		 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55 };
-    unsigned char ckres[8];
-    fort_keysched keysched;
-
-
-    fort_skipKeySchedule(key,keysched);
-
-    fort_doskipE(keysched,ckdata,ckres);
-    fort_clearShedule(keysched);
-    PORT_Memcpy(sum,&ckres[1],2);
-    return CI_OK;
-}
-
-/* These function actually implements skipjack CBC Decrypt */
-int
-fort_skipjackDecrypt(FORTSkipjackKeyPtr key, unsigned char *iv, 
-		unsigned long size, unsigned char *cipherIn, 
-						unsigned char *plainOut) {
-    unsigned char ivdata1[SKIPJACK_BLOCK_SIZE];
-    unsigned char ivdata2[SKIPJACK_BLOCK_SIZE];
-    unsigned char *lastiv, *nextiv, *tmpiv;
-    fort_keysched keysched;
-
-    /* do the key schedule work once for efficency */
-    fort_skipKeySchedule(key,keysched);
-
-    /* As we decrypt, we need to save the last block so that we can
-     * Xor it out of decrypted text to get the real plain text. We actually
-     * have to save it because cipherIn and plainOut may point to the same
-     * buffer. */
-    lastiv =ivdata1;
-    nextiv = ivdata2;
-    PORT_Memcpy(lastiv,iv,SKIPJACK_BLOCK_SIZE);
-    while (size >= SKIPJACK_BLOCK_SIZE) {
-	/* save the IV for the next block */
-	PORT_Memcpy(nextiv,cipherIn,SKIPJACK_BLOCK_SIZE);
-   	fort_doskipD(keysched,cipherIn,plainOut);
-	/* xor out the last IV */
-	fort_XorIV(plainOut,plainOut,lastiv);
-
-	/* swap the IV buffers */
-	tmpiv = lastiv;
-	lastiv = nextiv;
-	nextiv =tmpiv;
-
-	/* increment the loop pointers... be sure to get the input, output,
-	 * and size (decrement) each fortdoskipD operates on an entire block*/
-	cipherIn += SKIPJACK_BLOCK_SIZE;
-	plainOut += SKIPJACK_BLOCK_SIZE;
-	size -= SKIPJACK_BLOCK_SIZE;
-    }
-    fort_clearShedule(keysched); /* don't leave the key lying around the stack*/
-    if (size != 0) return CI_INV_SIZE;
-    return CI_OK;
-}
-
-/* These function actually implements skipjack CBC Encrypt */
-int
-fort_skipjackEncrypt(FORTSkipjackKeyPtr key, unsigned char *iv, 
-		unsigned long size, unsigned char *plainIn, 
-						unsigned char *cipherOut) {
-    unsigned char *tmpiv;
-    fort_keysched keysched;
-    unsigned char plain[SKIPJACK_BLOCK_SIZE];
-
-    fort_skipKeySchedule(key,keysched);
-    tmpiv = iv;
-    while (size >= SKIPJACK_BLOCK_SIZE) {
-	/* We Xor into a temp buffer because we don't want to modify plainIn,
-	 * doing so may make the caller very unhappy:). */
-	fort_XorIV(plain,plainIn,tmpiv);
-   	fort_doskipE(keysched,plain,cipherOut);
-	tmpiv = cipherOut;
-	cipherOut += SKIPJACK_BLOCK_SIZE;
-	plainIn += SKIPJACK_BLOCK_SIZE;
-	size -= SKIPJACK_BLOCK_SIZE;
-    }
-    fort_clearShedule(keysched); /* don't leave the key lying around the stack*/
-    if (size != 0) return CI_INV_SIZE;
-    return CI_OK;
-}
-
-   
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackUnwrap(FORTSkipjackKeyPtr key,unsigned long len, 
-			unsigned char *cipherIn, unsigned char *plainOut) {
-    unsigned char low[10];
-    fort_keysched keysched;
-    int i,ret;
-
-    /* unwrap can only unwrap 80 bit symetric keys and 160 private keys 
-     * sometimes these values have checksums. When they do, we should verify
-     * those checksums. */
-    switch (len) {
-    case 20:	/* private key */
-    case 24:   /* private key with checksum */
-	ret = fort_skipjackUnwrap(key,len/2,cipherIn,plainOut);
-	if (ret != CI_OK) return ret;
-	ret = fort_skipjackUnwrap(key,len/2,&cipherIn[len/2],low);
-
-	/* unmunge the low word */
-	for (i=0; i < 10; i++) {
-	    low[i] = low[i] ^ plainOut[i];
-	}
-
-	/* the unwrap will fail above because the checkword is on
-	 * low, not low ^ high.
-	 */
-	if (ret == CI_CHECKWORD_FAIL) {
-	    unsigned char checksum[2];
-
-            ret = fort_CalcKeyChecksum(low,checksum);
-	    if (ret != CI_OK) return ret;
-	    if (PORT_Memcmp(checksum,&cipherIn[len-2],2) != 0) {
-		return CI_CHECKWORD_FAIL;
-	    }
-	}
-	if (ret != CI_OK) return ret;
-
-	/* re-order the low word */
-	PORT_Memcpy(&plainOut[10],&low[8],2);
-	PORT_Memcpy(&plainOut[12],&low[0],8);
-	return CI_OK;
-    case 10: /* 80 bit skipjack key */
-    case 12: /* 80 bit skipjack key with checksum */
-	fort_skipKeySchedule(key,keysched);
-	fort_doskipD(keysched,cipherIn,plainOut);
-	plainOut[8] = cipherIn[8] ^ plainOut[0];
-	plainOut[9] = cipherIn[9] ^ plainOut[1];
-	fort_doskipD(keysched,plainOut,plainOut);
-	fort_clearShedule(keysched); 
-	/* if we have a checkum, verify it */
-	if (len == 12) {
-	    unsigned char checksum[2];
-
-            ret = fort_CalcKeyChecksum(plainOut,checksum);
-	    if (ret != CI_OK) return ret;
-	    if (PORT_Memcmp(checksum,&cipherIn[10],2) != 0) {
-		return CI_CHECKWORD_FAIL;
-	    }
-        }
-	return CI_OK;
-    default:
-	break;
-    }
-    return CI_INV_SIZE;
-}
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackWrap(FORTSkipjackKeyPtr key,unsigned long len, 
-			unsigned char *plainIn, unsigned char *cipherOut) {
-    unsigned char low[10];
-    unsigned char checksum[2];
-    fort_keysched keysched;
-    int i,ret;
-
-
-    /* NOTE: length refers to the target in the case of wrap */
-    /* Wrap can only Wrap 80 bit symetric keys and 160 private keys 
-     * sometimes these values have checksums. When they do, we should verify
-     * those checksums. */
-    switch (len) {
-    case 20:	/* private key */
-    case 24:   /* private key with checksum */
-	/* re-order the low word */
-	PORT_Memcpy(&low[8],&plainIn[10],2);
-	PORT_Memcpy(&low[0],&plainIn[12],8);
-	if (len == 24) {
-            ret = fort_CalcKeyChecksum(low,checksum);
-	    if (ret != CI_OK) return ret;
-	}
-	/* munge the low word */
-	for (i=0; i < 10; i++) {
-	    low[i] = low[i] ^ plainIn[i];
-	}
-	ret = fort_skipjackWrap(key,len/2,plainIn,cipherOut);
-	ret = fort_skipjackWrap(key,len/2,low,&cipherOut[len/2]);
-	if (len == 24) {
-	    PORT_Memcpy(&cipherOut[len - 2], checksum, sizeof(checksum));
-	}
-
-	return CI_OK;
-    case 10: /* 80 bit skipjack key */
-    case 12: /* 80 bit skipjack key with checksum */
-
-	fort_skipKeySchedule(key,keysched);
-	fort_doskipE(keysched,plainIn,cipherOut);
-	cipherOut[8] = plainIn[8] ^ cipherOut[0];
-	cipherOut[9] = plainIn[9] ^ cipherOut[1];
-	fort_doskipE(keysched,cipherOut,cipherOut);
-	fort_clearShedule(keysched); 
-	/* if we need a checkum, get it */
-	if (len == 12) {
-            ret = fort_CalcKeyChecksum(plainIn,&cipherOut[10]);
-	    if (ret != CI_OK) return ret;
-        }
-	return CI_OK;
-    default:
-	break;
-    }
-    return CI_INV_SIZE;
-}
-
diff --git a/security/nss/lib/fortcrypt/swfort/swflib.c b/security/nss/lib/fortcrypt/swfort/swflib.c
deleted file mode 100644
index c41a878fb..000000000
--- a/security/nss/lib/fortcrypt/swfort/swflib.c
+++ /dev/null
@@ -1,1028 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * implement the MACI calls as Software Fortezza Calls.
- * only do the ones Nescape Needs. This provides a single software slot,
- * with 100 key registers, and 50 backup Ra private registers. Since we only
- * create one session per slot, this implementation only uses one session.
- * One future enhancement may be to try to improve on this for better threading
- * support.
- */
-
-#include "prtypes.h"
-#include "prio.h"
-
-#include "swforti.h"
-/*#include "keytlow.h"*/
-/* #include "dh.h" */
-#include "blapi.h"
-#include "maci.h"
-/* #include "dsa.h" */
-/* #include "hasht.h" */
-#include "secitem.h"
-#include "secrng.h"
-/*#include "keylow.h" */
-#include "secder.h"
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include <unistd.h>
-#endif
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-
-/* currently we only support one software token. In the future we can use the
- * session to determin which of many possible tokens we are talking about.
- * all the calls which need tokens take a pointer to the software token as a
- * target.
- */
-static FORTSWToken *swtoken = NULL;
-
-#define SOCKET_ID 1
-
-
-/* can't change the pin on SW fortezza for now */
-int
-MACI_ChangePIN(HSESSION session, int PINType, CI_PIN CI_FAR pOldPIN,
-						 CI_PIN CI_FAR pNewPin)
-{
-    return CI_INV_STATE;
-}
-
-
-/*
- * Check pin checks the pin, then logs the user in or out depending on if
- * the pin succedes. The General implementation would support both SSO and 
- * User mode our's only needs User mode. Pins are checked by whether or not
- * they can produce our valid Ks for this 'card'.
- */
-int
-MACI_CheckPIN(HSESSION session, int PINType, CI_PIN CI_FAR pin)
-{
-    FORTSkipjackKeyPtr Ks;
-    FORTSWFile *config_file = NULL;
-    FORTSkipjackKey seed;
-    unsigned char pinArea[13];
-    unsigned char *padPin = NULL;
-
-    /* This SW module can only log in as USER */
-    if (PINType != CI_USER_PIN) return CI_INV_TYPE;
-
-    if (swtoken == NULL) return CI_NO_CARD;
-    /* we can't check a pin if we haven't been initialized yet */
-    if (swtoken->config_file == NULL) return CI_NO_CARD;
-    config_file = swtoken->config_file;
-
-    /* Make sure the pin value meets minimum lengths */
-    if (PORT_Strlen((char *)pin) < 12) {
-	PORT_Memset(pinArea, ' ', sizeof(pinArea));
-	PORT_Memcpy(pinArea,pin,PORT_Strlen((char *)pin));
-	pinArea[12] = 0;
-	padPin = pinArea;
-    }
-
-    /* get the Ks by unwrapping it from the memphrase with the pbe generated
-     * from the pin */
-    Ks = fort_CalculateKMemPhrase(config_file, 
-			&config_file->fortezzaPhrase, (char *)pin, NULL);
-
-    if (Ks == 0) {
-	Ks = fort_CalculateKMemPhrase(config_file, 
-		&config_file->fortezzaPhrase, (char *)padPin, NULL);
-	if (Ks == 0) {
-	    PORT_Memset(pinArea, 0, sizeof(pinArea));
-	    fort_Logout(swtoken);
-	    return CI_FAIL;
-	}
-    }
-
-    /* use Ks and hash to verify that pin is correct */
-    if (! fort_CheckMemPhrase(config_file, &config_file->fortezzaPhrase, 
-						(char *)pin, Ks) ) {
-	if ((padPin == NULL) ||
-    	   ! fort_CheckMemPhrase(config_file, &config_file->fortezzaPhrase, 
-						(char *)padPin, Ks) )  {
-	    PORT_Memset(pinArea, 0, sizeof(pinArea));
-	    fort_Logout(swtoken);
-	    return CI_FAIL;
-	}
-    }
-
-    PORT_Memset(pinArea, 0, sizeof(pinArea));
-
-
-    /* OK, add the random Seed value into the random number generator */
-    fort_skipjackUnwrap(Ks,config_file->wrappedRandomSeed.len,
-	config_file->wrappedRandomSeed.data,seed);
-    RNG_RandomUpdate(seed,sizeof(seed));
-
-    /* it is, go ahead and log in */
-    swtoken->login = PR_TRUE;
-    /* Ks is always stored in keyReg[0] when we log in */
-    PORT_Memcpy(swtoken->keyReg[0].data, Ks, sizeof (FORTSkipjackKey));
-    swtoken->keyReg[0].present = PR_TRUE;
-    PORT_Memset(Ks, 0, sizeof(FORTSkipjackKey));
-    PORT_Free(Ks);
-
-
-    return CI_OK;
-}
-
-/*
- * close an open socket. Power_Down flag is set when we want to reset the
- * cards complete state.
- */
-int
-MACI_Close(HSESSION session, unsigned int flags, int socket)
-{
-    if (socket != SOCKET_ID) return CI_BAD_CARD;
-    if (swtoken == NULL) return CI_BAD_CARD;
-
-    if (flags == CI_POWER_DOWN_FLAG) {
-	fort_Logout(swtoken);
-    }
-    return CI_OK;
-}
-
-/*
- * Decrypt keeps track of it's own IV.
- */
-int
-MACI_Decrypt(HSESSION session, unsigned int size, CI_DATA cipherIn,
-				 			CI_DATA plainOut)
-{
-    int ret;
-    unsigned char IV[SKIPJACK_BLOCK_SIZE];
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK)  return ret;
-
-    /*fort_AddNoise();*/
-
-    /* save the IV, before we potentially trash the new one when we decrypt.
-     * (it's permissible to decrypt into the cipher text buffer by passing the
-     * same buffers for both cipherIn and plainOut.
-     */
-    PORT_Memcpy(IV,swtoken->IV, sizeof(IV));
-    fort_UpdateIV(cipherIn,size,swtoken->IV);
-    return fort_skipjackDecrypt(swtoken->keyReg[swtoken->key].data,
-						IV,size,cipherIn,plainOut);
-}
-
-/*
- * Clear a key from one of the key registers (indicated by index).
- * return an error if no key exists.
- */
-int
-MACI_DeleteKey(HSESSION session, int index)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
-    /* can't delete Ks */
-    if (index == 0) return CI_INV_KEY_INDEX;
-
-    if ((ret = fort_KeyOK(swtoken,index,PR_TRUE)) != CI_OK)  return ret;
-    fort_ClearKey(&swtoken->keyReg[index]);
-    return CI_OK;
-}
-
-
-/*
- * encrypt  some blocks of data and update the IV.
- */ 
-int
-MACI_Encrypt(HSESSION session, unsigned int size, CI_DATA plainIn,
-				 			CI_DATA cipherOut)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK)  return ret;
-
-    /*fort_AddNoise();*/
-
-    ret = fort_skipjackEncrypt(swtoken->keyReg[swtoken->key].data,
-				swtoken->IV,size,plainIn,cipherOut);
-    fort_UpdateIV(cipherOut,size,swtoken->IV);
-
-    return ret;
-
-}
-
-/*
- * create a new IV and encode it.
- */
-
-static char *leafbits="THIS IS NOT LEAF";
-
-int
-MACI_GenerateIV(HSESSION Session, CI_IV CI_FAR pIV)
-{
-    int ret;
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK)  return ret;
-
-    ret = fort_GenerateRandom(swtoken->IV,SKIPJACK_BLOCK_SIZE);
-    if (ret != CI_OK) return ret;
-
-    PORT_Memcpy(pIV,leafbits,SKIPJACK_LEAF_SIZE);
-    PORT_Memcpy(&pIV[SKIPJACK_LEAF_SIZE],swtoken->IV,SKIPJACK_BLOCK_SIZE);
-   
-    return CI_OK;
-}
-
-
-/*
- * create a new Key
- */
-int
-MACI_GenerateMEK(HSESSION session, int index, int reserved)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,index,PR_FALSE)) != CI_OK)  return ret;
-
-    ret = fort_GenerateRandom(swtoken->keyReg[index].data,
-					sizeof (swtoken->keyReg[index].data));
-    if (ret == CI_OK) swtoken->keyReg[index].present = PR_TRUE;
-
-    return ret;
-}
-
-/*
- * build a new Ra/ra pair for a KEA exchange.
- */
-int
-MACI_GenerateRa(HSESSION session, CI_RA CI_FAR pRa)
-{
-    int ret;
-    int counter;
-    int RaLen,raLen;
-    DSAPrivateKey *privKey = NULL;
-    PQGParams params;
-    SECStatus rv;
-    int crv = CI_EXEC_FAIL;
-    fortSlotEntry *certEntry = NULL;
-    unsigned char *unsignedRa = NULL;
-    unsigned char *unsignedra = NULL;
-    fortKeyInformation *key_info = NULL;
-	
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    /* make sure the personality is set */
-    if (swtoken->certIndex == 0) return CI_INV_STATE;
-
-    /* pick next Ra circular buffer */
-    counter = swtoken->nextRa;
-    swtoken->nextRa++;
-    if (swtoken->nextRa >= MAX_RA_SLOTS) swtoken->nextRa = 0;
-
-    /* now get the params for diffie -helman key gen */
-    certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
-    if (certEntry == NULL) return CI_INV_CERT_INDEX;
-    if (certEntry->exchangeKeyInformation) {
-	key_info = certEntry->exchangeKeyInformation;
-    } else {
-	key_info = certEntry->signatureKeyInformation;
-    }
-    if (key_info == NULL) return CI_NO_X;
-   
-    /* Generate Diffie Helman key Pair -- but we use DSA key gen to do it */
-    rv = SECITEM_CopyItem(NULL,&params.prime,&key_info->p);
-    if (rv != SECSuccess) return CI_EXEC_FAIL;
-    rv = SECITEM_CopyItem(NULL,&params.subPrime,&key_info->q);
-    if (rv != SECSuccess) return CI_EXEC_FAIL;
-    rv = SECITEM_CopyItem(NULL,&params.base,&key_info->g);
-    if (rv != SECSuccess) return CI_EXEC_FAIL;
-
-    /* KEA uses DSA like key generation with short DSA keys that have to
-     * maintain a relationship to q */
-    rv = DSA_NewKey(&params, &privKey);
-    SECITEM_FreeItem(&params.prime,PR_FALSE);
-    SECITEM_FreeItem(&params.subPrime,PR_FALSE);
-    SECITEM_FreeItem(&params.base,PR_FALSE);
-    if (rv != SECSuccess) return CI_EXEC_FAIL;
-    
-    /* save private key, public key, and param in Ra Circular buffer */
-    unsignedRa = privKey->publicValue.data;
-    RaLen      = privKey->publicValue.len;
-    while ((unsignedRa[0] == 0) && (RaLen > CI_RA_SIZE)) {
-	unsignedRa++;
-	RaLen--;
-    }
-    if (RaLen > CI_RA_SIZE) goto loser;
-
-    unsignedra = privKey->privateValue.data;
-    raLen      = privKey->privateValue.len;
-    while ((unsignedra[0] == 0) && (raLen > sizeof(fortRaPrivate))) {
-	unsignedra++;
-	raLen--;
-    }
-
-    if (raLen > sizeof(fortRaPrivate)) goto loser;
-
-    PORT_Memset(swtoken->RaValues[counter].private, 0, sizeof(fortRaPrivate));
-    PORT_Memcpy(
-	&swtoken->RaValues[counter].private[sizeof(fortRaPrivate) - raLen],
-							unsignedra, raLen);
-    PORT_Memset(pRa, 0, CI_RA_SIZE);
-    PORT_Memcpy(&pRa[CI_RA_SIZE-RaLen], unsignedRa, RaLen);
-    PORT_Memcpy(swtoken->RaValues[counter].public, pRa, CI_RA_SIZE);
-    crv = CI_OK;
-
-loser:
-    PORT_FreeArena(privKey->params.arena, PR_TRUE);
-
-    return crv;
-}
-
-
-/*
- * return some random data.
- */
-int
-MACI_GenerateRandom(HSESSION session, CI_RANDOM CI_FAR random)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
-    return fort_GenerateRandom(random,sizeof (CI_RANDOM));
-}
-
-
-static CI_RA Remail = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1
-};
-
-/*
- * build a new Token exchange key using KEA.
- */
-int
-MACI_GenerateTEK(HSESSION hSession, int flags, int target, 
-     CI_RA CI_FAR Ra, CI_RA CI_FAR Rb, unsigned int YSize, CI_Y CI_FAR pY )
-{
-    FORTEZZAPrivateKey *key 		= NULL;
-    fortSlotEntry *      certEntry;
-    unsigned char *      w		= NULL;
-    SECItem              *q;
-    SECStatus            rv;
-    int                  ret,i;
-    PRBool               email 		= PR_TRUE;
-    SECItem              R;		/* public */
-    SECItem              Y;		/* public */
-    SECItem              r;		/* private */
-    SECItem              x;		/* private */
-    SECItem              wItem;		/* derived secret */
-    fortRaPrivatePtr     ra;
-    FORTSkipjackKey      cover_key;
-
-    unsigned char pad[10] = { 0x72, 0xf1, 0xa8, 0x7e, 0x92,
-			      0x82, 0x41, 0x98, 0xab, 0x0b };
-
-    /* verify that everything is ok with the token, keys and certs */
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    /* make sure the personality is set */
-    if (swtoken->certIndex == 0) return CI_INV_STATE;
-    if ((ret = fort_KeyOK(swtoken,target,PR_FALSE)) != CI_OK)  return ret;
-
-    /* get the cert from the entry, then look up the key from that cert */
-    certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
-    if (certEntry == NULL) return CI_INV_CERT_INDEX;
-    key = fort_GetPrivKey(swtoken,fortezzaDHKey,certEntry);
-    if (key == NULL) return CI_NO_X; 
-
-    if (certEntry->exchangeKeyInformation) {
-	q = &certEntry->exchangeKeyInformation->q;
-    } else {
-	q = &certEntry->signatureKeyInformation->q;
-    }
-
-    email = (PORT_Memcmp(Rb,Remail,sizeof(Rb)) == 0) ? PR_TRUE: PR_FALSE;
-
-
-    /* load the common elements */
-    Y.data = pY;
-    Y.len = YSize;
-    x.data = key->u.dh.privateValue.data;
-    x.len = key->u.dh.privateValue.len;
-
-    /* now initialize the rest of the values */
-    if (flags == CI_INITIATOR_FLAG) {
-	if (email) { 
-	    R.data = Y.data;
-	    R.len = Y.len;
-	} else {
-	    R.data = Rb;
-	    R.len = sizeof(CI_RA);
-	}
-        ra = fort_LookupPrivR(swtoken,Ra);
-	if (ra == NULL) {
-	    ret = CI_EXEC_FAIL;
-	    goto loser;
-	}
-	r.data = ra;
-	r.len = sizeof(fortRaPrivate);
-    } else {
-	R.data = Ra;
-	R.len = sizeof(CI_RA);
-	if (email) {
-	    r.data = x.data;
-	    r.len = x.len;
-	} else {
-            ra = fort_LookupPrivR(swtoken,Rb);
-	    if (ra == NULL) {
-		ret = CI_EXEC_FAIL;
-		goto loser;
-	    }
-	    r.data = ra;
-	    r.len = sizeof(fortRaPrivate);
-	}
-    }
-
-
-    if (!KEA_Verify(&Y,&key->u.dh.prime,q)) {
-	ret = CI_EXEC_FAIL;
-	goto loser;
-    }
-    if (!KEA_Verify(&R,&key->u.dh.prime,q)) {
-	ret = CI_EXEC_FAIL;
-	goto loser;
-    }
-
-    /* calculate the base key */
-    rv = KEA_Derive(&key->u.dh.prime, &Y, &R, &r, &x, &wItem);
-    if (rv != SECSuccess) {
-	ret = CI_EXEC_FAIL;
-	goto loser;
-    }
-
-    w = wItem.data;
-    /* use the skipjack wrapping function to 'mix' the key up */
-    for (i=0; i < sizeof(FORTSkipjackKey); i++) 
-    	cover_key[i] = pad[i] ^ w[i];
-
-    ret = fort_skipjackWrap(cover_key,sizeof(FORTSkipjackKey),
-		&w[sizeof(FORTSkipjackKey)],swtoken->keyReg[target].data);
-    if (ret != CI_OK) goto loser;
-
-    swtoken->keyReg[target].present = PR_TRUE;
-
-    ret = CI_OK;
-loser:
-    if (w) PORT_Free(w);
-    if (key) fort_DestroyPrivateKey(key);
-    
-    return ret;
-}
-
-
-/*
- * return the bytes of a certificate.
- */
-int
-MACI_GetCertificate(HSESSION hSession, int certIndex,
-						 CI_CERTIFICATE CI_FAR cert)
-{
-    int len;
-    int ret;
-    fortSlotEntry *certEntry = NULL;
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
-    certEntry = fort_GetCertEntry(swtoken->config_file,certIndex);
-    if (certEntry == NULL) return CI_INV_CERT_INDEX;
-
-    len = certEntry->certificateData.dataEncryptedWithKs.len;
-    PORT_Memset(cert,0,sizeof(CI_CERTIFICATE));
-    PORT_Memcpy(cert, certEntry->certificateData.dataEncryptedWithKs.data,len);
-
-    /* Ks is always stored in keyReg[0] when we log in */
-    return fort_skipjackDecrypt(swtoken->keyReg[0].data,
-	&certEntry->certificateData.dataIV.data[SKIPJACK_LEAF_SIZE],
-						len,cert,cert);
-}
-
-
-/*
- * return out sofware configuration bytes. Those field not used by the PKCS #11
- * module may not be filled in exactly.
- */
-#define NETSCAPE "Netscape Communications Corp    "
-#define PRODUCT  "Netscape Software FORTEZZA Lib  "
-#define SOFTWARE "Software FORTEZZA Implementation"
-
-int
-MACI_GetConfiguration(HSESSION hSession, CI_CONFIG_PTR config)
-{
-    config->LibraryVersion = 0x0100;
-    config->ManufacturerVersion = 0x0100;
-    PORT_Memcpy(config->ManufacturerName,NETSCAPE,sizeof(NETSCAPE));
-    PORT_Memcpy(config->ProductName,PRODUCT,sizeof(PRODUCT));
-    PORT_Memcpy(config->ProcessorType,SOFTWARE,sizeof(SOFTWARE));
-    config->UserRAMSize = 0;
-    config->LargestBlockSize = 0x10000;
-    config->KeyRegisterCount = KEY_REGISTERS;
-    config->CertificateCount = 
-		swtoken ? fort_GetCertCount(swtoken->config_file): 0;
-    config->CryptoCardFlag = 0;
-    config->ICDVersion = 0;
-    config->ManufacturerSWVer = 0x0100;
-    config->DriverVersion = 0x0100;
-    return CI_OK;
-}
-
-/*
- * return a list of all the personalities (up to the value 'EntryCount')
- */
-int
-MACI_GetPersonalityList(HSESSION hSession, int EntryCount, 
-						CI_PERSON CI_FAR personList[])
-{
-    int count;
-    int i,ret;
-    FORTSWFile *config_file = NULL;
-    unsigned char tmp[32];
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    config_file = swtoken->config_file;
-
-    /* search for the index */
-    count= fort_GetCertCount(config_file);
-
-    /* don't return more than the user asked for */
-    if (count > EntryCount) count = EntryCount;
-    for (i=0; i < count ;i ++) {
-	int len, dataLen;
-	personList[i].CertificateIndex =
-				config_file->slotEntries[i]->certIndex;
-	len = config_file->slotEntries[i]->certificateLabel.
-						dataEncryptedWithKs.len;
-	if (len > sizeof(tmp)) len = sizeof(tmp);
-        PORT_Memset(personList[i].CertLabel, ' ',
-					sizeof(personList[i].CertLabel));
-        PORT_Memcpy(tmp, 
-	     config_file->slotEntries[i]->
-			certificateLabel.dataEncryptedWithKs.data,
-								len);
-	/* Ks is always stored in keyReg[0] when we log in */
-	ret = fort_skipjackDecrypt(swtoken->keyReg[0].data,
-	 &config_file->slotEntries[i]->
-			certificateLabel.dataIV.data[SKIPJACK_LEAF_SIZE],len,
-			tmp,tmp);
-	if (ret != CI_OK) return ret;
-	dataLen = DER_GetInteger(&config_file->slotEntries[i]->
-			certificateLabel.length);
-	if (dataLen > sizeof(tmp)) dataLen = sizeof(tmp);
-        PORT_Memcpy(personList[i].CertLabel, tmp, dataLen);
-        personList[i].CertLabel[32] = 0;
-        personList[i].CertLabel[33] = 0;
-        personList[i].CertLabel[34] = 0;
-        personList[i].CertLabel[35] = 0;
-    }
-    return CI_OK;
-}
-
-
-/*
- * get a new session ID. This function is only to make the interface happy,
- * the PKCS #11 module only uses one session per token.
- */
-int
-MACI_GetSessionID(HSESSION *session)
-{
-    *session = 1;
-    return CI_OK;
-}
-
-/*
- * return the current card state.
- */
-int
-MACI_GetState(HSESSION hSession, CI_STATE_PTR state)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
-    *state = fort_GetState(swtoken);
-    return CI_OK;
-}
-
-/*
- * return the status. NOTE that KeyRegisterFlags and CertificateFlags are never
- * really used by the PKCS #11 module, so they are not implemented.
- */
-int
-MACI_GetStatus(HSESSION hSession, CI_STATUS_PTR status)
-{
-    int ret;
-    FORTSWFile *config_file = NULL;
-
-    if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
-    config_file = swtoken->config_file;
-    status->CurrentSocket = 1;
-    status->LockState = swtoken->lock;
-    PORT_Memcpy(status->SerialNumber,
-		config_file->serialID.data, config_file->serialID.len);
-    status->CurrentState = fort_GetState(swtoken);
-    status->DecryptionMode = CI_CBC64_MODE;
-    status->EncryptionMode = CI_CBC64_MODE;
-    status->CurrentPersonality = swtoken->certIndex;
-    status->KeyRegisterCount = KEY_REGISTERS;
-    /* our code doesn't use KeyRegisters, which is good, because there's not
-     * enough of them .... */
-    PORT_Memset(status->KeyRegisterFlags,0,sizeof(status->KeyRegisterFlags));
-    status->CertificateCount = fort_GetCertCount(config_file);
-    PORT_Memset(status->CertificateFlags,0,sizeof(status->CertificateFlags));
-    PORT_Memset(status->Flags,0,sizeof(status->Flags));
-
-    return CI_OK;
-}
-
-/*
- * add the time call because the PKCS #11 module calls it, but always pretend
- * the clock is bad, so it never uses the returned time.
- */
-int
-MACI_GetTime(HSESSION hSession, CI_TIME CI_FAR time)
-{
-   return CI_BAD_CLOCK;
-}
-
-
-/* This function is copied from NSPR so that the PKCS #11 module can be
- * independent of NSPR */
-PRInt32 local_getFileInfo(const char *fn, PRFileInfo *info);
-
-/*
- * initialize the SW module, and return the number of slots we support (1).
- */
-int
-MACI_Initialize(int CI_FAR *count)
-{
-    char *filename = NULL;
-    SECItem file;
-    FORTSignedSWFile *decode_file = NULL;
-    PRFileInfo info;
-    /*PRFileDesc *fd = NULL;*/
-    int fd = -1;
-    PRStatus err;
-    int ret = CI_OK;
-    int fcount;
-
-    file.data = NULL;
-    file.len = 0;
-
-    *count = 1;
-
-    /* allocate swtoken structure */
-    swtoken = PORT_ZNew(FORTSWToken);
-    if (swtoken == NULL) return CI_OUT_OF_MEMORY;
-
-    filename = (char *)fort_LookupFORTEZZAInitFile();
-    if (filename == NULL) {
-	ret = CI_BAD_READ;
-	goto failed;
-    }
-    
-    fd = open(filename,O_RDONLY|O_BINARY,0);
-    if (fd < 0) {
-	ret = CI_BAD_READ;
-	goto failed;
-    }
-
-    err = local_getFileInfo(filename,&info);
-    if ((err != 0) || (info.size == 0)) {
-	ret = CI_BAD_READ;
-	goto failed;
-    }
-
-    file.data = PORT_ZAlloc(info.size);
-    if (file.data == NULL) {
-	ret = CI_OUT_OF_MEMORY;
-	goto failed;
-    }
-
-    fcount = read(fd,file.data,info.size);
-    close(fd);  fd = -1;
-    if (fcount != (int)info.size) {
-	ret = CI_BAD_READ;
-	goto failed;
-    }
-
-    file.len = fcount;
-
-    decode_file = FORT_GetSWFile(&file);
-    if (decode_file == NULL) {
-	ret = CI_BAD_READ;
-	goto failed;
-    }
-    swtoken->config_file = &decode_file->file;
-
-    RNG_SystemInfoForRNG();
-    RNG_FileForRNG(filename);
-
-
-failed:
-    if (filename) PORT_Free(filename);
-    if (fd != -1) close(fd);
-    if (file.data) PORT_Free(file.data);
-    if (ret != CI_OK) {
-	if (decode_file) FORT_DestroySignedSWFile(decode_file);
-	if (swtoken) PORT_Free(swtoken);
-	swtoken = NULL;
-    }
-
-    return CI_OK;
-}
-
-/*
- * load an IV from an external source. We technically should check it with the
- * key we received.
- */
-int
-MACI_LoadIV(HSESSION session, CI_IV CI_FAR iv)
-{
-    int ret;
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    PORT_Memcpy(swtoken->IV,&iv[SKIPJACK_LEAF_SIZE],SKIPJACK_BLOCK_SIZE);
-    return CI_OK;
-}
-
-/* implement token lock (should call PR_Monitor here) */
-int
-MACI_Lock(HSESSION session, int flags)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    swtoken->lock = 1;
-
-    return CI_OK;
-}
-
-/* open a token. For software there isn't much to do that hasn't already been
- * done by initialize. */
-int
-MACI_Open(HSESSION session, unsigned int flags, int socket)
-{
-    if (socket != SOCKET_ID) return CI_NO_CARD;
-    if (swtoken == NULL) return CI_NO_CARD;
-    return CI_OK;
-}
-
-/*
- * Reset logs out the token...
- */
-int
-MACI_Reset(HSESSION session)
-{
-    if (swtoken) fort_Logout(swtoken);
-    return CI_OK;
-}
-
-/*
- * restore and encrypt/decrypt state. NOTE: there is no error checking in this
- * or the save function.
- */
-int
-MACI_Restore(HSESSION session, int type, CI_SAVE_DATA CI_FAR data)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    PORT_Memcpy(swtoken->IV,data, sizeof (swtoken->IV));
-    return CI_OK;
-}
-
-/*
- * save and encrypt/decrypt state. NOTE: there is no error checking in this
- * or the restore function.
- */
-int
-MACI_Save(HSESSION session, int type,CI_SAVE_DATA CI_FAR data)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    PORT_Memcpy(data,swtoken->IV, sizeof (swtoken->IV));
-    return CI_OK;
-}
-
-/*
- * picks a token to operate against. In our case there can be only one.
- */
-int
-MACI_Select(HSESSION session, int socket)
-{
-    if (socket == SOCKET_ID) return CKR_OK;
-    return CI_NO_CARD;
-}
-
-/*
- * set a register as the key to use for encrypt/decrypt operations.
- */
-int
-MACI_SetKey(HSESSION session, int index)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,index,PR_TRUE)) != CI_OK)  return ret;
-
-    swtoken->key = index;
-    return CI_OK;
-}
-
-/*
- * only CBC64 is supported. Keep setmode for compatibility */
-int
-MACI_SetMode(HSESSION session, int type, int mode)
-{
-    if (mode != CI_CBC64_MODE) return CI_INV_MODE;
-    return CI_OK;
-}
-
-/* set the personality to use for sign/verify */
-int
-MACI_SetPersonality(HSESSION session, int cert)
-{
-    int ret;
-    fortSlotEntry *certEntry = NULL;
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
-    certEntry = fort_GetCertEntry(swtoken->config_file,cert);
-    if ((certEntry == NULL) ||
-	   ((certEntry->exchangeKeyInformation == NULL) &&
-			(certEntry->signatureKeyInformation == NULL)) )
-						 return CI_INV_CERT_INDEX;
-    swtoken->certIndex = cert;
-    return CI_OK;
-}
-
-
-/* DSA sign some data */
-int
-MACI_Sign(HSESSION session, CI_HASHVALUE CI_FAR hash, CI_SIGNATURE CI_FAR sig)
-{
-    FORTEZZAPrivateKey *key 		= NULL;
-    fortSlotEntry *      certEntry	= NULL;
-    int                  ret 		= CI_OK;
-    SECStatus            rv;
-    SECItem              signItem;
-    SECItem              hashItem;
-    unsigned char        random[DSA_SUBPRIME_LEN];
-
-    /* standard checks */
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    /* make sure the personality is set */
-    if (swtoken->certIndex == 0) return CI_INV_STATE;
-
-    /* get the current personality */
-    certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
-    if (certEntry == NULL) return CI_INV_CERT_INDEX;
-
-    /* extract the private key from the personality */
-    ret = CI_OK;
-    key = fort_GetPrivKey(swtoken,fortezzaDSAKey,certEntry);
-    if (key == NULL) {
-	ret = CI_NO_X;
-	goto loser;
-    }
-
-    /* create a random value for the signature */
-    ret = fort_GenerateRandom(random, sizeof(random));
-    if (ret != CI_OK) goto loser;
-
-    /* Sign with that private key */
-    signItem.data = sig;
-    signItem.len  = DSA_SIGNATURE_LEN;
-
-    hashItem.data = hash;
-    hashItem.len  = SHA1_LENGTH;
-
-    rv = DSA_SignDigestWithSeed(&key->u.dsa, &signItem, &hashItem, random);
-    if (rv != SECSuccess) {
-	ret = CI_EXEC_FAIL;
-    }
-
-    /* clean up */
-loser:
-    if (key != NULL) fort_DestroyPrivateKey(key);
-
-    return ret;
-}
-
-/*
- * clean up after ourselves.
- */
-int
-MACI_Terminate(HSESSION session)
-{
-    if (swtoken == NULL) return CI_OUT_OF_MEMORY;
-
-    /* clear all the keys */
-    fort_Logout(swtoken);
-    
-    FORT_DestroySWFile(swtoken->config_file);
-    PORT_Free(swtoken);
-    swtoken = NULL;
-    return CI_OK;
-}
-
-
-
-/* implement token unlock (should call PR_Monitor here) */
-int
-MACI_Unlock(HSESSION session)
-{
-    int ret;
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    swtoken->lock = 0;
-    return CI_OK;
-}
-
-/*
- * unwrap a key into our software token. NOTE: this function does not
- * verify that the wrapping key is Ks or a TEK. This is because our higher
- * level software doesn't try to wrap MEKs with MEKs. If this API was exposed
- * generically, then we would have to worry about things like this.
- */
-int
-MACI_UnwrapKey(HSESSION session, int wrapKey, int target, 
-						CI_KEY CI_FAR keyData)
-{
-    int ret = CI_OK;
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,target,PR_FALSE)) != CI_OK)  return ret;
-    if ((ret = fort_KeyOK(swtoken,wrapKey,PR_TRUE)) != CI_OK)  return ret;
-    ret = fort_skipjackUnwrap(swtoken->keyReg[wrapKey].data,
-	sizeof(CI_KEY), keyData, swtoken->keyReg[target].data);
-    if (ret != CI_OK) goto loser;
-
-    swtoken->keyReg[target].present = PR_TRUE;
-
-loser:
-    return ret;
-}
-
-/*
- * Wrap a key out of our software token. NOTE: this function does not
- * verify that the wrapping key is Ks or a TEK, or that the source key is
- * a MEK. This is because our higher level software doesn't try to wrap MEKs 
- * with MEKs, or wrap out TEKS and Ks. If this API was exposed
- * generically, then we would have to worry about things like this.
- */
-int
-MACI_WrapKey(HSESSION session, int wrapKey, int source, CI_KEY CI_FAR keyData)
-{
-    int ret;
-
-    if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-    if ((ret = fort_KeyOK(swtoken,source,PR_TRUE)) != CI_OK)  return ret;
-    if ((ret = fort_KeyOK(swtoken,wrapKey,PR_TRUE)) != CI_OK)  return ret;
-    ret = fort_skipjackWrap(swtoken->keyReg[wrapKey].data,
-	sizeof(CI_KEY), swtoken->keyReg[source].data,keyData);
-
-    return ret;
-}
-
diff --git a/security/nss/lib/fortcrypt/swfort/swfort.h b/security/nss/lib/fortcrypt/swfort/swfort.h
deleted file mode 100644
index d0cefb098..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfort.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA skipjack primatives
- */
-#ifndef _SWFORT_H_
-#define _SWFORT_H_
-
-#include "seccomon.h"
-#include "swfortt.h" 
-/*#include "genci.h"*/
-
-
-SEC_BEGIN_PROTOS
-
-FORTSignedSWFile *
-FORT_GetSWFile(SECItem *initBits);
-
-SECStatus
-FORT_CheckInitPhrase(FORTSignedSWFile *sw_init_file, char *initMemPhrase);
-
-SECStatus
-FORT_CheckUserPhrase(FORTSignedSWFile *sw_init_file, char *userMemPhrase);
-
-void
-FORT_DestroySWFile(FORTSWFile *file);
-
-void
-FORT_DestroySignedSWFile(FORTSignedSWFile *swfile);
-
-SECItem *
-FORT_GetDERCert(FORTSignedSWFile *swfile, int index);
-
-SECItem *
-FORT_PutSWFile(FORTSignedSWFile *sw_init_file);
-
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swforti.h b/security/nss/lib/fortcrypt/swfort/swforti.h
deleted file mode 100644
index bcc07ee62..000000000
--- a/security/nss/lib/fortcrypt/swfort/swforti.h
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA Skipjack primatives and helper functions.
- */
-#ifndef _SWFORTI_H_
-#define _SWFORTI_H_
-
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-
-#include "seccomon.h"
-#include "swfort.h"
-#include "swfortti.h"
-#include "maci.h"
-
-
-SEC_BEGIN_PROTOS
-/*
- * Check to see if the index is ok, and that key is appropriately present or
- * absent.
- */
-int fort_KeyOK(FORTSWToken *token, int index, PRBool isPresent);
-
-/*
- * clear out a key register
- */
-void fort_ClearKey(FORTKeySlot *key);
-
-/*
- * clear out an Ra register
- */
-void fort_ClearRaSlot(FORTRaRegisters *ra);
-
-/*
- * provide a helper function to do all the loggin out functions.
- * NOTE: Logging in only happens in MACI_CheckPIN
- */
-void fort_Logout(FORTSWToken *token);
-
-/*
- * update the new IV value based on the current cipherText (should be the last 
- * block of the cipher text).
- */
-int fort_UpdateIV(unsigned char *cipherText, unsigned int size,unsigned char *IV);
-
-
-/*
- * verify that we have a card initialized, and if necessary, logged in.
- */
-int fort_CardExists(FORTSWToken *token,PRBool needLogin);
-
-/*
- * walk down the cert slot entries, counting them.
- * return that count.
- */
-int fort_GetCertCount(FORTSWFile *file);
-
-/*
- * copy an unsigned SECItem to a signed SecItem. (if the high bit is on,
- * pad with a leading 0.
- */
-SECStatus fort_CopyUnsigned(PRArenaPool *arena, SECItem *to, const SECItem *from);
-
-/*
- * return the private key based on the token and entry.
- */
-FORTEZZAPrivateKey *fort_GetPrivKey(FORTSWToken *token,FORTEZZAKeyType keyType,fortSlotEntry *certEntry);
-
-/*
- * Free the key acquired above.
- */
-void fort_DestroyPrivateKey(FORTEZZAPrivateKey *key);
-
-/*
- * find a particulare certificate entry from the config
- * file.
- */
-fortSlotEntry * fort_GetCertEntry(FORTSWFile *file,int index);
-
-/*
- * use the token to termine it's CI_State.
- */
-CI_STATE fort_GetState(FORTSWToken *token);
-
-/*
- * find the private ra value for a given public Ra value.
- */
-fortRaPrivatePtr fort_LookupPrivR(FORTSWToken *token,CI_RA Ra);
-
-/*
- * go add more noise to the random number generator
- */
-void fort_AddNoise(void);
-
-/*
- * Get a random number
- */
-int fort_GenerateRandom(unsigned char *buf, int bytes);
-
-
-/*
- * We're deep in the bottom of MACI and PKCS #11... We need to
- * find our fortezza key file. This function lets us search manual paths to 
- * find our key file.
- */
-char *fort_FindFileInPath(char *path, char *fn);
-
-
-char *fort_LookupFORTEZZAInitFile(void);
-
-
-FORTSkipjackKeyPtr fort_CalculateKMemPhrase(FORTSWFile *file, 
-  fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey);
-
-
-PRBool fort_CheckMemPhrase(FORTSWFile *file, 
-  fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey);
-
-
-/* These function actually implements skipjack CBC64 Decrypt */
-int fort_skipjackDecrypt(FORTSkipjackKeyPtr key, unsigned char *iv, 
-		unsigned long size, unsigned char *cipherIn, 
-						unsigned char *plainOut);
-
-/* These function actually implements skipjack CBC64 Encrypt */
-int fort_skipjackEncrypt(FORTSkipjackKeyPtr key, unsigned char *iv, 
-		unsigned long size, unsigned char *plainIn, 
-						unsigned char *cipherOut);
-
-/*
- * unwrap is used for key generation and mixing
- */
-int fort_skipjackUnwrap(FORTSkipjackKeyPtr key,unsigned long len, 
-			unsigned char *cipherIn, unsigned char *plainOut);
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackWrap(FORTSkipjackKeyPtr key,unsigned long len, 
-			unsigned char *plainIn, unsigned char *cipherOut);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfortt.h b/security/nss/lib/fortcrypt/swfort/swfortt.h
deleted file mode 100644
index a5ee7b2b5..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfortt.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * All the data structures for Software fortezza are internal only.
- * The external API for Software fortezza is MACI (which is only used by
- * the PKCS #11 module.
- */
-
-#ifndef _SWFORTT_H_
-#define _SWFORTT_H_
-
-/* structure typedefs */
-typedef struct FORTKeySlotStr FORTKeySlot;
-typedef struct FORTRaRegistersStr  FORTRaRegisters;
-typedef struct FORTSWTokenStr  FORTSWToken;
-
-/* Der parsing typedefs */
-typedef struct fortKeyInformationStr fortKeyInformation;
-typedef struct fortProtectedDataStr fortProtectedData;
-typedef struct fortSlotEntryStr fortSlotEntry;
-typedef struct fortProtectedPhraseStr fortProtectedPhrase;
-typedef struct FORTSWFileStr FORTSWFile;
-typedef struct FORTSignedSWFileStr FORTSignedSWFile;
-
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfortti.h b/security/nss/lib/fortcrypt/swfort/swfortti.h
deleted file mode 100644
index 0fd2d0e34..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfortti.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * All the data structures for Software fortezza are internal only.
- * The external API for Software fortezza is MACI (which is only used by
- * the PKCS #11 module.
- */
-
-#ifndef _SWFORTTI_H_
-#define _SWFORTTI_H_
-
-#include "maci.h"
-#include "seccomon.h"
-#include "mcom_db.h"  /* really should be included by certt.h */
-#include "certt.h"
-/*#include "keyt.h"*/
-#include "blapit.h"
-#include "swfortt.h"
-
-
-typedef enum { 
-    fortezzaDSAKey = 0, 
-    fortezzaDHKey = 1
-} FORTEZZAKeyType;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct FORTEZZAPrivateKeyStr {
-    PLArenaPool *arena;
-    FORTEZZAKeyType keyType;
-    union {
-	DSAPrivateKey dsa;
-	DHPrivateKey  dh;
-    } u;
-};
-typedef struct FORTEZZAPrivateKeyStr FORTEZZAPrivateKey;
-
-
-/* the following parameters are tunable. The bigger the key registers are,
- * the less likely the PKCS #11 module will thrash. */
-#define KEY_REGISTERS	100
-#define MAX_RA_SLOTS	20
-
-/* SKIPJACK algorithm constants */
-#define SKIPJACK_KEY_SIZE 10
-#define SKIPJACK_BLOCK_SIZE 8
-#define SKIPJACK_LEAF_SIZE 16
-
-/* private typedefs */
-typedef unsigned char FORTSkipjackKey[SKIPJACK_KEY_SIZE];
-typedef unsigned char *FORTSkipjackKeyPtr;
-typedef unsigned char fortRaPrivate[20];
-typedef unsigned char *fortRaPrivatePtr;
-
-/* save a public/private key pair */
-struct FORTRaRegistersStr {
-    CI_RA	public;
-    fortRaPrivate private;
-};
-
-/* FORTEZZA Key Register */
-struct FORTKeySlotStr {
-    FORTSkipjackKey data;
-    PRBool   present;
-};
-
-/* structure to hole private key information */
-struct fortKeyInformationStr {
-    SECItem	keyFlags;
-    SECItem	privateKeyWrappedWithKs;
-    SECItem     derPublicKey;
-    SECItem	p;
-    SECItem	g;
-    SECItem	q;
-};
-
-/* struture to hole Ks wrapped data */
-struct fortProtectedDataStr {
-    SECItem	length;
-    SECItem	dataIV;
-    SECItem	dataEncryptedWithKs;
-};
-
-/* This structure represents a fortezza personality */
-struct fortSlotEntryStr {
-    SECItem	trusted;
-    SECItem	certificateIndex;
-    int 	certIndex;
-    fortProtectedData certificateLabel;
-    fortProtectedData certificateData;
-    fortKeyInformation *exchangeKeyInformation;
-    fortKeyInformation *signatureKeyInformation;
-};
-
-/* this structure represents a K value wrapped by a protected pin */
-struct fortProtectedPhraseStr {
-    SECItem	kValueIV;
-    SECItem	wrappedKValue;
-    SECItem	memPhraseIV;
-    SECItem	hashedEncryptedMemPhrase;
-};
-
-
-/* This structure represents all the relevant data stored in a der encoded
- * fortezza slot file. */
-struct FORTSWFileStr {
-    PRArenaPool *arena;
-    SECItem	version;
-    SECItem	derIssuer;
-    SECItem	serialID;
-    fortProtectedPhrase initMemPhrase;
-#define fortezzaPhrase initMemPhrase 
-    fortProtectedPhrase ssoMemPhrase;
-    fortProtectedPhrase userMemPhrase;
-    fortProtectedPhrase ssoPinPhrase;
-    fortProtectedPhrase userPinPhrase;
-    SECItem	wrappedRandomSeed;
-    fortSlotEntry **slotEntries;
-};
-
-/* This data structed represents a signed data structure */
-struct FORTSignedSWFileStr {
-    FORTSWFile  file;
-    CERTSignedData signatureWrap;
-    FORTSkipjackKeyPtr Kinit;
-    FORTSkipjackKeyPtr Ks;
-};
-
-
-/* collect all the data that makes up a token */
-struct FORTSWTokenStr {
-    PRBool	login;		       /* has this token been logged in? */
-    int		lock;		       /* the current lock state */
-    int		certIndex;	       /* index of the current personality */
-    int		key;		       /* currently selected key */
-    int		nextRa;		       /* where the next Ra/ra pair will go */
-    FORTSWFile *config_file;           /* parsed Fortezza Config file */
-    unsigned char IV[SKIPJACK_BLOCK_SIZE];
-    FORTKeySlot keyReg[KEY_REGISTERS]; /* sw fortezza key slots */
-    FORTRaRegisters RaValues[MAX_RA_SLOTS];  /* Ra/ra values */
-};
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfparse.c b/security/nss/lib/fortcrypt/swfort/swfparse.c
deleted file mode 100644
index 4422cb18a..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfparse.c
+++ /dev/null
@@ -1,531 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following program decodes the FORTEZZA Init File, and stores the result
- * into the fortezza directory.
- */
-#include "secasn1.h"
-#include "swforti.h"
-#include "blapi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-
-
-/*
- * templates for parsing the FORTEZZA Init File. These were taken from DER
- * definitions on SWF Initialization File Format Version 1.0 pp1-3.
- */
-
-/* Key info structure... There are up to two of these per slot entry  */
-static const SEC_ASN1Template fortKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(fortKeyInformation) },
-    { SEC_ASN1_INTEGER,
-          offsetof(fortKeyInformation,keyFlags) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortKeyInformation,privateKeyWrappedWithKs) },
-    { SEC_ASN1_ANY ,
-          offsetof(fortKeyInformation, derPublicKey) },
-    { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,p) },
-    { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,g) },
-    { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,q) },
-    { 0 }
-}; 
-
-/* This is data that has been wrapped by Ks */
-static const SEC_ASN1Template fortProtDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(fortProtectedData) },
-    { SEC_ASN1_INTEGER,
-          offsetof(fortProtectedData,length) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedData,dataIV) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedData,dataEncryptedWithKs) },
-    { 0 }
-};
-
-/* DER to describe each Certificate Slot ... there are an arbitrary number */
-static const SEC_ASN1Template fortSlotEntryTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(fortSlotEntry) },
-    { SEC_ASN1_BOOLEAN,
-          offsetof(fortSlotEntry,trusted) },
-    { SEC_ASN1_INTEGER,
-          offsetof(fortSlotEntry,certificateIndex) },
-    { SEC_ASN1_INLINE,
-          offsetof(fortSlotEntry,certificateLabel), fortProtDataTemplate },
-    { SEC_ASN1_INLINE,
-          offsetof(fortSlotEntry,certificateData), fortProtDataTemplate },
-    { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |  
-				SEC_ASN1_CONSTRUCTED | 0,
-          offsetof(fortSlotEntry, exchangeKeyInformation),
-						 fortKeyInfoTemplate },
-    { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 
-				SEC_ASN1_CONSTRUCTED | 1,
-          offsetof(fortSlotEntry, signatureKeyInformation), 
-						 fortKeyInfoTemplate },
-    { 0 }
-};
-
-/* This data is used to check MemPhrases, and to generate Ks
- * each file has two mem phrases, one for SSO, one for User */
-static const SEC_ASN1Template fortProtectedMemPhrase[]  = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(fortProtectedPhrase) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,kValueIV) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,wrappedKValue) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,memPhraseIV) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,hashedEncryptedMemPhrase) },
-    { 0 }
-};
-
-/* This data is used to check the Mem Init Phrases, and to generate Kinit
- * each file has one mem init phrase, which is used only in transport of
- * this file */
-static const SEC_ASN1Template fortMemInitPhrase[]  = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(fortProtectedPhrase) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,wrappedKValue) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,memPhraseIV) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(fortProtectedPhrase,hashedEncryptedMemPhrase) },
-    { 0 }
-};
-
-static const SEC_ASN1Template fortSlotEntriesTemplate[]  = {
-    { SEC_ASN1_SEQUENCE_OF, 0, fortSlotEntryTemplate }
-};
-
-/* This is the complete file with all it's data, but has not been signed
- * yet. */
-static const SEC_ASN1Template fortSwFortezzaInitFileToSign[]  = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(FORTSWFile) },
-    { SEC_ASN1_INTEGER,
-          offsetof(FORTSWFile,version) },
-    { SEC_ASN1_ANY,
-          offsetof(FORTSWFile,derIssuer) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(FORTSWFile,serialID) },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSWFile,initMemPhrase), fortMemInitPhrase },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSWFile,ssoMemPhrase), fortProtectedMemPhrase },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSWFile,userMemPhrase), fortProtectedMemPhrase },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSWFile,ssoPinPhrase), fortProtectedMemPhrase },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSWFile,userPinPhrase), fortProtectedMemPhrase },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(FORTSWFile,wrappedRandomSeed) },
-    { SEC_ASN1_SEQUENCE_OF, offsetof(FORTSWFile,slotEntries),
-						 fortSlotEntryTemplate },
-    /* optional extentions to ignore here... */
-    { 0 }
-};
-
-/* The complete, signed init file */
-static const SEC_ASN1Template fortSwFortezzaInitFile[]  = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(FORTSignedSWFile) },
-    { SEC_ASN1_SAVE,
-          offsetof(FORTSignedSWFile,signatureWrap.data) },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSignedSWFile,file),
-          fortSwFortezzaInitFileToSign },
-    { SEC_ASN1_INLINE,
-          offsetof(FORTSignedSWFile,signatureWrap.signatureAlgorithm),
-          SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-          offsetof(FORTSignedSWFile,signatureWrap.signature) },
-    { 0 }
-};
-
-FORTSkipjackKeyPtr
-fort_CalculateKMemPhrase(FORTSWFile *file, 
-  fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey)
-{
-    unsigned char *data = NULL;
-    unsigned char hashout[SHA1_LENGTH];
-    int data_len = prot_phrase->wrappedKValue.len;
-    int ret;
-    unsigned int len;
-    unsigned int version;
-    unsigned char enc_version[2];
-    FORTSkipjackKeyPtr Kout = NULL;
-    FORTSkipjackKey Kfek;
-    SHA1Context *sha;
-
-    data = (unsigned char *) PORT_ZAlloc(data_len);
-    if (data == NULL) goto fail;
-    
-    PORT_Memcpy(data,prot_phrase->wrappedKValue.data,data_len);
-
-    /* if it's a real protected mem phrase, it's been wrapped by kinit, which
-     * was passed to us. */
-    if (wrapKey) {
-	fort_skipjackDecrypt(wrapKey,
-		&prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],data_len,
-								data,data);
-	data_len = sizeof(CI_KEY);
-    }
-
-    /* now calculate the PBE key for fortezza */
-    sha = SHA1_NewContext();
-    if (sha == NULL) goto fail;
-    SHA1_Begin(sha);
-    version = DER_GetUInteger(&file->version);
-    enc_version[0] = (version >> 8) & 0xff;
-    enc_version[1] = version & 0xff;
-    SHA1_Update(sha,enc_version,sizeof(enc_version));
-    SHA1_Update(sha,file->derIssuer.data, file->derIssuer.len);
-    SHA1_Update(sha,file->serialID.data, file->serialID.len);
-    SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
-    SHA1_End(sha,hashout,&len,SHA1_LENGTH);
-    SHA1_DestroyContext(sha, PR_TRUE);
-    PORT_Memcpy(Kfek,hashout,sizeof(FORTSkipjackKey));
-
-    /* now use that key to unwrap */
-    Kout = (FORTSkipjackKeyPtr) PORT_Alloc(sizeof(FORTSkipjackKey));
-    ret = fort_skipjackUnwrap(Kfek,data_len,data,Kout);
-    if (ret != CI_OK) {
-	PORT_Free(Kout);
-	Kout = NULL;
-    }
-
-fail:
-    PORT_Memset(&Kfek, 0, sizeof(FORTSkipjackKey));
-    if (data) PORT_ZFree(data,data_len);
-    return Kout;
-}
-
-
-PRBool
-fort_CheckMemPhrase(FORTSWFile *file, 
-  fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey) 
-{
-    unsigned char *data = NULL;
-    unsigned char hashout[SHA1_LENGTH];
-    int data_len = prot_phrase->hashedEncryptedMemPhrase.len;
-    unsigned int len;
-    SHA1Context *sha;
-    PRBool pinOK = PR_FALSE;
-    unsigned char cw[4];
-    int i;
-
-
-    /* first, decrypt the hashed/Encrypted Memphrase */
-    data = (unsigned char *) PORT_ZAlloc(data_len);
-    if (data == NULL) goto failed;
-
-    PORT_Memcpy(data,prot_phrase->hashedEncryptedMemPhrase.data,data_len);
-    fort_skipjackDecrypt(wrapKey,
-		&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],data_len,
-								data,data);
-
-    /* now build the hash for comparisons */
-    sha = SHA1_NewContext();
-    if (sha == NULL) goto failed;
-    SHA1_Begin(sha);
-    SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
-    SHA1_End(sha,hashout,&len,SHA1_LENGTH);
-    SHA1_DestroyContext(sha, PR_TRUE);
-
-    /* hashes don't match... must not be the right pass mem */
-    if (PORT_Memcmp(data,hashout,len) != 0) goto failed;
-
-    /* now calcuate the checkword and compare it */
-    cw[0] = cw[1] = cw[2] = cw[3] = 0;
-    for (i=0; i <5 ; i++) {
-	cw[0] = cw[0] ^ hashout[i*4];
-	cw[1] = cw[1] ^ hashout[i*4+1];
-	cw[2] = cw[2] ^ hashout[i*4+2];
-	cw[3] = cw[3] ^ hashout[i*4+3];
-    }
-
-    /* checkword doesn't match, must not be the right pass mem */
-    if (PORT_Memcmp(data+len,cw,4) != 0) goto failed;
-
-    /* pased all our test, its OK */
-    pinOK = PR_TRUE;
-
-failed:
-    PORT_Free(data);
-
-    return pinOK;
-}
-
-/*
- * walk through the list of memphrases. This function allows us to use a
- * for loop to walk down them.
- */
-fortProtectedPhrase *
-fort_getNextPhrase( FORTSWFile *file, fortProtectedPhrase *last)
-{
-    if (last == &file->userMemPhrase) {
-	return &file->userPinPhrase;
-    }
-    /* we can add more test here if we want to support SSO mode someday. */
-
-    return NULL;
-}
-
-/*
- * decode the DER file data into our nice data structures, including turning
- * cert indexes into integers.
- */
-FORTSignedSWFile *
-FORT_GetSWFile(SECItem *initBits)
-{
-    FORTSignedSWFile *sw_init_file;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    int i, count;
-
-    /* get the local arena... be sure to free this at the end */
-
-    /* get the local arena... be sure to free this at the end */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) goto fail;
-
-    sw_init_file = (FORTSignedSWFile *)
-		PORT_ArenaZAlloc(arena,sizeof(FORTSignedSWFile));
-    if (sw_init_file == NULL) goto fail;
-
-    /* ANS1 decode the complete init file */
-    rv = SEC_ASN1DecodeItem(arena,sw_init_file,fortSwFortezzaInitFile,initBits);
-    if (rv != SECSuccess) {
-	goto fail;
-    }
-
-    /* count the certs */
-    count = 0;
-    while (sw_init_file->file.slotEntries[count]) count++;
-
-    for (i=0; i < count; i++) {
-	/* update the cert Index Pointers */
-	sw_init_file->file.slotEntries[i]->certIndex =
-		DER_GetInteger(&sw_init_file->
-				file.slotEntries[i]->certificateIndex );
-    }
-
-    /* now start checking the mem phrases and pins, as well as calculating the
-     * file's 'K' values. First we start with K(init). */
-    sw_init_file->file.arena = arena; 
-
-    return sw_init_file;
-    /* OK now that we've read in the init file, and now have Kinit, Ks, and the
-     * appropriate Pin Phrase, we need to build our database file. */
-   
-fail: 
-    if (arena) PORT_FreeArena(arena,PR_TRUE);
-    return NULL;
-}
-
-/*
- * Check the init memphrases and the user mem phrases. Remove all the init
- * memphrase wrappings. Save the Kinit and Ks values for use.
- */
-SECStatus
-FORT_CheckInitPhrase(FORTSignedSWFile *sw_init_file, char *initMemPhrase)
-{
-    SECStatus rv = SECFailure;
-
-    sw_init_file->Kinit = fort_CalculateKMemPhrase(&sw_init_file->file,
-		 &sw_init_file->file.initMemPhrase, initMemPhrase, NULL);
-    if (sw_init_file->Kinit == NULL)  goto fail;
-
-    /* now check the init Mem phrase */
-    if (!fort_CheckMemPhrase(&sw_init_file->file,
-			&sw_init_file->file.initMemPhrase, 
-				initMemPhrase, sw_init_file->Kinit)) {
-	goto fail;
-    }
-    rv = SECSuccess;
-
-fail:
-    return rv;
-}
-
-    /* now check user user mem phrase and calculate Ks */
-SECStatus
-FORT_CheckUserPhrase(FORTSignedSWFile *sw_init_file, char *userMemPhrase)
-{
-    SECStatus rv = SECFailure;
-    char tmp_data[13];
-    char *padMemPhrase = NULL;
-    fortProtectedPhrase *phrase_store;
-
-    if (strlen(userMemPhrase) < 12) {
-	PORT_Memset(tmp_data, ' ', sizeof(tmp_data));
-	PORT_Memcpy(tmp_data,userMemPhrase,strlen(userMemPhrase));
-	tmp_data[12] = 0;
-	padMemPhrase = tmp_data;
-    }
-
-    for (phrase_store = &sw_init_file->file.userMemPhrase; phrase_store;
-     phrase_store = fort_getNextPhrase(&sw_init_file->file,phrase_store)) {
-	sw_init_file->Ks = fort_CalculateKMemPhrase(&sw_init_file->file,
-		 phrase_store, userMemPhrase, sw_init_file->Kinit);
- 
-	if ((sw_init_file->Ks == NULL) && (padMemPhrase != NULL)) {
-		sw_init_file->Ks = fort_CalculateKMemPhrase(&sw_init_file->file,
-		     phrase_store, padMemPhrase, sw_init_file->Kinit);
-		userMemPhrase = padMemPhrase;
-	}
-	if (sw_init_file->Ks == NULL) {
-	    continue;
-	}
-
-	/* now check the User Mem phrase */
-	if (fort_CheckMemPhrase(&sw_init_file->file, phrase_store, 
-				userMemPhrase, sw_init_file->Ks)) {
-	    break;
-	}
-	PORT_Free(sw_init_file->Ks);
-	sw_init_file->Ks = NULL;
-    }
-
-
-    if (phrase_store == NULL) goto fail;
-
-    /* strip the Kinit wrapping */
-    fort_skipjackDecrypt(sw_init_file->Kinit,
-		&phrase_store->kValueIV.data[SKIPJACK_LEAF_SIZE],
-	phrase_store->wrappedKValue.len, phrase_store->wrappedKValue.data,
-	phrase_store->wrappedKValue.data);
-    phrase_store->wrappedKValue.len = 12;
-
-    PORT_Memset(phrase_store->kValueIV.data,0,phrase_store->kValueIV.len);
-
-    sw_init_file->file.initMemPhrase = *phrase_store;
-    sw_init_file->file.ssoMemPhrase = *phrase_store;
-    sw_init_file->file.ssoPinPhrase = *phrase_store;
-    sw_init_file->file.userMemPhrase = *phrase_store;
-    sw_init_file->file.userPinPhrase = *phrase_store;
-
-
-    rv = SECSuccess;
-   
-fail: 
-    /* don't keep the pin around */
-    PORT_Memset(tmp_data, 0, sizeof(tmp_data));
-    return rv;
-}
-
-void
-FORT_DestroySWFile(FORTSWFile *file)
-{
-    PORT_FreeArena(file->arena,PR_FALSE);
-}
-
-void
-FORT_DestroySignedSWFile(FORTSignedSWFile *swfile)
-{
-    FORT_DestroySWFile(&swfile->file);
-}
-
-
-SECItem *
-FORT_GetDERCert(FORTSignedSWFile *swfile,int index)
-{
-    SECItem *newItem = NULL;
-    unsigned char *cert = NULL;
-    int len,ret;
-    fortSlotEntry *certEntry = NULL;
-   
-
-    newItem = PORT_ZNew(SECItem);
-    if (newItem == NULL) return NULL;
-
-    certEntry = fort_GetCertEntry(&swfile->file,index);
-    if (certEntry == NULL) {
-	PORT_Free(newItem);
-	return NULL;
-    }
-
-    newItem->len = len = certEntry->certificateData.dataEncryptedWithKs.len;
-    newItem->data = cert = PORT_ZAlloc(len);
-    if (cert == NULL) {
-	PORT_Free(newItem);
-	return NULL;
-    }
-    newItem->len = DER_GetUInteger(&certEntry->certificateData.length);
-    
-
-    PORT_Memcpy(cert, certEntry->certificateData.dataEncryptedWithKs.data,len);
-
-    /* Ks is always stored in keyReg[0] when we log in */
-    ret = fort_skipjackDecrypt(swfile->Ks,
-	&certEntry->certificateData.dataIV.data[SKIPJACK_LEAF_SIZE],
-						len,cert,cert);
-    if (ret != CI_OK) {
-	SECITEM_FreeItem(newItem,PR_TRUE);
-	return NULL;
-    }
-    return newItem;
-}
-
-/*
- * decode the DER file data into our nice data structures, including turning
- * cert indexes into integers.
- */
-SECItem *
-FORT_PutSWFile(FORTSignedSWFile *sw_init_file)
-{
-    SECItem *outBits, *tmpBits;
-
-    outBits = PORT_ZNew(SECItem);
-    if (outBits == NULL) goto fail;
-
-    /* ANS1 encode the complete init file */
-    tmpBits = SEC_ASN1EncodeItem(NULL,outBits,sw_init_file,fortSwFortezzaInitFile);
-    if (tmpBits == NULL) {
-	goto fail;
-    }
-
-    return outBits;
-   
-fail: 
-    if (outBits) SECITEM_FreeItem(outBits,PR_TRUE);
-    return NULL;
-}
diff --git a/security/nss/lib/fortcrypt/swfort/swfutl.c b/security/nss/lib/fortcrypt/swfort/swfutl.c
deleted file mode 100644
index eee677f65..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfutl.c
+++ /dev/null
@@ -1,750 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This File includes utility functions used by cilib. and swfparse.c
- */
-
-#include "prtypes.h"
-#include "prsystem.h"
-#include "prio.h"
-
-#include "swforti.h"
-#include "keyt.h"
-/* #include "dh.h" */
-#include "maci.h"
-#include "secport.h"
-#include "secrng.h"
-#ifdef XP_OS2
-#include <sys/stat.h>
-#endif
-
-#ifdef XP_WIN
-#include <windows.h>
-#include <winsock.h>
-#include <direct.h>
-#endif
-
-/* no platform seem to agree on where this function is defined */
-static char *local_index(char *source, char target) {
-   while ((*source != target) && (*source != 0)) {
-	source++;
-   }
-   return (*source != 0) ? source : NULL;
-}
-
-/*
- * Check to see if the index is ok, and that key is appropriately present or
- * absent.
- */
-int
-fort_KeyOK(FORTSWToken *token, int index, PRBool isPresent)
-{
-    if (index < 0) return CI_INV_KEY_INDEX;
-    if (index >= KEY_REGISTERS) return CI_INV_KEY_INDEX;
-
-    return (token->keyReg[index].present == isPresent) ? CI_OK : 
-			(isPresent ? CI_NO_KEY : CI_REG_IN_USE);
-}
-
-/*
- * clear out a key register
- */
-void
-fort_ClearKey(FORTKeySlot *key)
-{
-    key->present = PR_FALSE;
-    PORT_Memset(key->data, 0, sizeof (key->data));
-    return;
-}
-
-/*
- * clear out an Ra register
- */
-void
-fort_ClearRaSlot(FORTRaRegisters *ra)
-{
-    PORT_Memset(ra->public, 0, sizeof(ra->public));
-    PORT_Memset(ra->private, 0, sizeof(ra->private));
-    return;
-}
-
-/*
- * provide a helper function to do all the loggin out functions.
- * NOTE: Logining in only happens in MACI_CheckPIN
- */
-void
-fort_Logout(FORTSWToken *token)
-{
-    int i;
-
-    /* ditch all the stored keys */
-    for (i=0; i < KEY_REGISTERS; i++) {
-	fort_ClearKey(&token->keyReg[i]);
-    }
-    for (i=0; i < MAX_RA_SLOTS; i++) {
-	fort_ClearRaSlot(&token->RaValues[i]);
-    }
-
-    /* mark as logged out */
-    token->login = PR_FALSE;
-    token->certIndex = 0;
-    token->key = 0;
-    return;
-}
-
-/*
- * update the new IV value based on the current cipherText (should be the last 
- * block of the cipher text).
- */
-int
-fort_UpdateIV(unsigned char *cipherText, unsigned int size,unsigned char *IV)
-{
-    if (size == 0) return CI_INV_SIZE;
-    if ((size & (SKIPJACK_BLOCK_SIZE-1)) != 0) return CI_INV_SIZE;
-    size -= SKIPJACK_BLOCK_SIZE;
-    PORT_Memcpy(IV,&cipherText[size],SKIPJACK_BLOCK_SIZE);
-    return CI_OK;
-}
-
-
-/*
- * verify that we have a card initialized, and if necessary, logged in.
- */
-int
-fort_CardExists(FORTSWToken *token,PRBool needLogin)
-{
-    if (token == NULL ) return CI_LIB_NOT_INIT; 
-    if (token->config_file == NULL) return CI_NO_CARD;
-    if (needLogin && !token->login) return CI_INV_STATE;
-    return CI_OK;
-}
-
-/*
- * walk down the cert slot entries, counting them.
- * return that count.
- */
-int
-fort_GetCertCount(FORTSWFile *file)
-{
-    int i;
-
-    if (file->slotEntries == NULL) return 0;
-
-    for (i=0; file->slotEntries[i]; i++) 
-	/* no body */ ;
-
-    return i;
-}
-
-/*
- * copy an unsigned SECItem to a signed SecItem. (if the high bit is on,
- * pad with a leading 0.
- */
-SECStatus
-fort_CopyUnsigned(PRArenaPool *arena, SECItem *to, const SECItem *from)
-{
-    int offset = 0;
-
-    if (from->data && from->len) {
-	if (from->data[0] & 0x80) offset = 1;
-	if ( arena ) {
-	    to->data = (unsigned char*) PORT_ArenaZAlloc(arena,
-							 from->len+offset);
-	} else {
-	    to->data = (unsigned char*) PORT_ZAlloc(from->len+offset);
-	}
-	
-	if (!to->data) {
-	    return SECFailure;
-	}
-	PORT_Memcpy(to->data+offset, from->data, from->len);
-	to->len = from->len+offset;
-    } else {
-	to->data = 0;
-	to->len = 0;
-    }
-    return SECSuccess;
-}
-
-/*
- * NOTE: these keys do not have the public values, and cannot be used to
- * extract the public key from the private key. Since we never do this in
- * this code, and this function is static, we're reasonably safe (as long as
- * any of your callees do not try to extract the public value as well).
- * Also -- the token must be logged in before this function is called.
- */
-FORTEZZAPrivateKey *
-fort_GetPrivKey(FORTSWToken *token,FORTEZZAKeyType keyType,
-						fortSlotEntry *certEntry)
-{
-    FORTEZZAPrivateKey *returnKey = NULL;
-    SECStatus rv = SECFailure;
-    PRArenaPool *poolp;
-    fortKeyInformation *keyInfo = NULL;
-    unsigned char *keyData;
-    int len, ret;
-
-
-    /* select the right keyinfo */
-    switch (keyType) {
-    case fortezzaDSAKey:
-	keyInfo = certEntry->signatureKeyInformation;
-	if (keyInfo ==  NULL) keyInfo = certEntry->exchangeKeyInformation;
-	break;
-    case fortezzaDHKey:
-	keyInfo = certEntry->exchangeKeyInformation;
-	if (keyInfo == NULL) keyInfo = certEntry->signatureKeyInformation;
-	break;
-    }
-
-    /* if we don't have any key information, blow out of here */
-    if (keyInfo == NULL) return NULL;
-
-    poolp = PORT_NewArena(2048);
-    if(!poolp) {
-	return NULL;
-    }
-
-    returnKey = (FORTEZZAPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(FORTEZZAPrivateKey));
-    if(!returnKey) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    returnKey->keyType = keyType;
-    returnKey->arena = poolp;
-
-    /*
-     * decrypt the private key
-     */
-    len = keyInfo->privateKeyWrappedWithKs.len;
-    keyData = PORT_ArenaZAlloc(poolp,len);
-    if (keyData == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    /* keys must be 160 bits (20 bytes) if that's not the case the Unwrap will
-     * fail.. */
-    ret = fort_skipjackUnwrap(token->keyReg[0].data, len, 
-			keyInfo->privateKeyWrappedWithKs.data, keyData);
-    if (ret != CI_OK) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    switch(keyType) {
-	case dsaKey:
-	    returnKey->u.dsa.privateValue.data = keyData;
-	    returnKey->u.dsa.privateValue.len = 20;
-	    returnKey->u.dsa.params.arena = poolp;
-	    rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.prime),
-					&(keyInfo->p));
-	    if(rv != SECSuccess) break;
-	    rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.subPrime),
-					&(keyInfo->q));
-	    if(rv != SECSuccess) break;
-	    rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.base),
-					&(keyInfo->g));
-	    if(rv != SECSuccess) break;
-	    break;
-	case dhKey:
-	    returnKey->u.dh.arena = poolp;
-	    returnKey->u.dh.privateValue.data = keyData;
-	    returnKey->u.dh.privateValue.len = 20;
-	    rv = fort_CopyUnsigned(poolp, &(returnKey->u.dh.prime),
-					&(keyInfo->p));
-	    if(rv != SECSuccess) break;
-	    rv = fort_CopyUnsigned(poolp, &(returnKey->u.dh.base),
-					&(keyInfo->g));
-	    if(rv != SECSuccess) break;
-	    rv = SECSuccess;
-	    break;
-	default:
-	    rv = SECFailure;
-    }
-
-loser:
-
-    if(rv != SECSuccess) {
-	PORT_FreeArena(poolp, PR_TRUE);
-	returnKey = NULL;
-    }
-
-    return returnKey;
-}
-
-
-void
-fort_DestroyPrivateKey(FORTEZZAPrivateKey *key)
-{
-    if (key && key->arena) {
-	PORT_FreeArena(key->arena, PR_TRUE);
-    }
-}
-
-/*
- * find a particulare certificate entry from the config
- * file.
- */
-fortSlotEntry *
-fort_GetCertEntry(FORTSWFile *file,int index)
-{
-    /* search for the index */
-    int i,count= fort_GetCertCount(file);
-
-    /* make sure the given index exists & has key material */
-    for (i=0; i < count ;i ++) {
-	if (file->slotEntries[i]->certIndex == index) {
-	    return file->slotEntries[i];
-	}
-    }
-    return NULL;
-}
-
-/*
- * use the token to determine it's CI_State.
- */
-CI_STATE
-fort_GetState(FORTSWToken *token)
-{
-    /* no file? then the token has not been initialized */
-    if (!token->config_file) {
-	return CI_UNINITIALIZED;
-    }
-    /* we're initialized, are we logged in (CI_USER_INITIALIZED is not logged
-     * in) */
-    if (!token->login) {
-	return CI_USER_INITIALIZED;
-    }
-    /* We're logged in, do we have a personality set */
-    if (token->certIndex) {
-	return CI_READY;
-    }
-    /* We're logged in, with no personality set */
-    return CI_STANDBY;
-}
-
-/*
- * find the private ra value for a given public Ra value.
- */
-fortRaPrivatePtr
-fort_LookupPrivR(FORTSWToken *token,CI_RA Ra)
-{
-    int i;
-
-    /* probably a more efficient way of doing this would be to search first
-     * several entries before nextRa (or search backwards from next Ra)
-     */
-    for (i=0; i < MAX_RA_SLOTS; i++) {
-	if (PORT_Memcmp(token->RaValues[i].public,Ra,CI_RA_SIZE) == 0) {
-	    return token->RaValues[i].private;
-	}
-    }
-    return NULL;
-}
-
-/*
- * go add more noise to the random number generator
- */
-void
-fort_AddNoise(void)
-{
-    unsigned char seed[20];
-
-    /* note: GetNoise doesn't always get 20 bytes, but adding more
-     * random data from the stack doesn't subtract entropy from the
-     * Random number generator, so just send it all.
-     */
-    RNG_GetNoise(seed,sizeof(seed));
-    RNG_RandomUpdate(seed,sizeof(seed));
-}
-
-/*
- * Get a random number
- */
-int
-fort_GenerateRandom(unsigned char *buf, int bytes)
-{
-    SECStatus rv;
-
-    fort_AddNoise();
-    rv = RNG_GenerateGlobalRandomBytes(buf,bytes);
-    if (rv != SECSuccess) return CI_EXEC_FAIL;
-    return CI_OK;
-}
-
-/*
- * NOTE: that MAC is missing below.
- */
-#if defined (XP_UNIX) || defined (XP_OS2) || defined (XP_BEOS)
-#if defined (XP_UNIX) || defined (XP_BEOS)
-#define NS_PATH_SEP ':'
-#define NS_DIR_SEP '/'
-#define NS_DEFAULT_PATH ".:/bin/netscape:/etc/netscape/:/etc"
-#endif
-
-#ifdef XP_OS2		/* for OS/2 */
-#define NS_PATH_SEP ';'
-#define NS_DIR_SEP '\\'
-#define NS_DEFAULT_PATH ".:\\bin\\netscape:\\etc\\netscape\\:\\etc"
-#endif
-
-PRInt32
-local_getFileInfo(const char *fn, PRFileInfo *info)
-{
-    PRInt32 rv;
-    struct stat sb;
-
-    rv = stat(fn, &sb);
-    if (rv < 0)
-	return -1;
-    else if (NULL != info)
-    {
-        if (S_IFREG & sb.st_mode)
-            info->type = PR_FILE_FILE;
-        else if (S_IFDIR & sb.st_mode)
-            info->type = PR_FILE_DIRECTORY;
-        else
-            info->type = PR_FILE_OTHER;
-
-#if defined(OSF1)
-        if (0x7fffffffLL < sb.st_size)
-        {
-            return -1;
-        }
-#endif /* defined(OSF1) */
-        info->size = sb.st_size;
-
-    }
-    return rv;
-}
-#endif /* UNIX, OS/2, and BEOS */
-
-#ifdef XP_WIN
-#define NS_PATH_SEP ';'
-#define NS_DIR_SEP '\\'
-#define NS_DEFAULT_PATH ".;c:\\program files\\netscape\\communicator\\program\\pkcs11\\netscape;c:\\netscape\\communicator\\program\\pkcs11\\netscape;c:\\windows\\system"
-
-
-/*
- * Since we're a pkcs #11 module, we may get 
- * loaded into lots of different binaries, each with different or no versions
- * of NSPR running... so we copy the one function we need.
- */
-
-#define _PR_IS_SLASH(ch) ((ch) == '/' || (ch) == '\\')
-
-/*
- * IsRootDirectory --
- *
- * Return PR_TRUE if the pathname 'fn' is a valid root directory,
- * else return PR_FALSE.  The char buffer pointed to by 'fn' must
- * be writable.  During the execution of this function, the contents
- * of the buffer pointed to by 'fn' may be modified, but on return
- * the original contents will be restored.  'buflen' is the size of
- * the buffer pointed to by 'fn'.
- *
- * Root directories come in three formats:
- * 1. / or \, meaning the root directory of the current drive.
- * 2. C:/ or C:\, where C is a drive letter.
- * 3. \\<server name>\<share point name>\ or
- *    \\<server name>\<share point name>, meaning the root directory
- *    of a UNC (Universal Naming Convention) name.
- */
-
-static PRBool
-IsRootDirectory(char *fn, size_t buflen)
-{
-    char *p;
-    PRBool slashAdded = PR_FALSE;
-    PRBool rv = PR_FALSE;
-
-    if (_PR_IS_SLASH(fn[0]) && fn[1] == '\0') {
-        return PR_TRUE;
-    }
-
-    if (isalpha(fn[0]) && fn[1] == ':' && _PR_IS_SLASH(fn[2])
-            && fn[3] == '\0') {
-        rv = GetDriveType(fn) > 1 ? PR_TRUE : PR_FALSE;
-        return rv;
-    }
-
-    /* The UNC root directory */
-
-    if (_PR_IS_SLASH(fn[0]) && _PR_IS_SLASH(fn[1])) {
-        /* The 'server' part should have at least one character. */
-        p = &fn[2];
-        if (*p == '\0' || _PR_IS_SLASH(*p)) {
-            return PR_FALSE;
-        }
-
-        /* look for the next slash */
-        do {
-            p++;
-        } while (*p != '\0' && !_PR_IS_SLASH(*p));
-        if (*p == '\0') {
-            return PR_FALSE;
-        }
-
-        /* The 'share' part should have at least one character. */
-        p++;
-        if (*p == '\0' || _PR_IS_SLASH(*p)) {
-            return PR_FALSE;
-        }
-
-        /* look for the final slash */
-        do {
-            p++;
-        } while (*p != '\0' && !_PR_IS_SLASH(*p));
-        if (_PR_IS_SLASH(*p) && p[1] != '\0') {
-            return PR_FALSE;
-        }
-        if (*p == '\0') {
-            /*
-             * GetDriveType() doesn't work correctly if the
-             * path is of the form \\server\share, so we add
-             * a final slash temporarily.
-             */
-            if ((p + 1) < (fn + buflen)) {
-                *p++ = '\\';
-                *p = '\0';
-                slashAdded = PR_TRUE;
-            } else {
-                return PR_FALSE; /* name too long */
-            }
-        }
-        rv = GetDriveType(fn) > 1 ? PR_TRUE : PR_FALSE;
-        /* restore the 'fn' buffer */
-        if (slashAdded) {
-            *--p = '\0';
-        }
-    }
-    return rv;
-}
-
-PRInt32
-local_getFileInfo(const char *fn, PRFileInfo *info)
-{
-    HANDLE hFindFile;
-    WIN32_FIND_DATA findFileData;
-    char pathbuf[MAX_PATH + 1];
-    
-    if (NULL == fn || '\0' == *fn) {
-        return -1;
-    }
-
-    /*
-     * FindFirstFile() expands wildcard characters.  So
-     * we make sure the pathname contains no wildcard.
-     */
-    if (NULL != strpbrk(fn, "?*")) {
-        return -1;
-    }
-
-    hFindFile = FindFirstFile(fn, &findFileData);
-    if (INVALID_HANDLE_VALUE == hFindFile) {
-        DWORD len;
-        char *filePart;
-
-        /*
-         * FindFirstFile() does not work correctly on root directories.
-         * It also doesn't work correctly on a pathname that ends in a
-         * slash.  So we first check to see if the pathname specifies a
-         * root directory.  If not, and if the pathname ends in a slash,
-         * we remove the final slash and try again.
-         */
-
-        /*
-         * If the pathname does not contain ., \, and /, it cannot be
-         * a root directory or a pathname that ends in a slash.
-         */
-        if (NULL == strpbrk(fn, ".\\/")) {
-            return -1;
-        } 
-        len = GetFullPathName(fn, sizeof(pathbuf), pathbuf,
-                &filePart);
-        if (len > sizeof(pathbuf)) {
-            return -1;
-        }
-        if (IsRootDirectory(pathbuf, sizeof(pathbuf))) {
-            info->type = PR_FILE_DIRECTORY;
-            info->size = 0;
-            /*
-             * These timestamps don't make sense for root directories.
-             */
-            info->modifyTime = 0;
-            info->creationTime = 0;
-            return 0;
-        }
-        if (!((pathbuf[len - 1] == '/') || (pathbuf[len-1] == '\\'))) {
-            return -1;
-        } else {
-            pathbuf[len - 1] = '\0';
-            hFindFile = FindFirstFile(pathbuf, &findFileData);
-            if (INVALID_HANDLE_VALUE == hFindFile) {
-                return -1;
-            }
-        }
-    }
-
-    FindClose(hFindFile);
-
-    if (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
-        info->type = PR_FILE_DIRECTORY;
-    } else {
-        info->type = PR_FILE_FILE;
-    }
-
-    info->size = findFileData.nFileSizeLow;
-
-    return 0;
-}
-
-#endif /* XP_WIN */
-
-#ifdef XP_MAC
-#error Need to write fort_FindFileInPath for Mac
-#define NS_PATH_SEP ','
-#define NS_DIR_SEP ':'
-#define NS_DEFAULT_PATH ",System Folder,System Folder:Netscape f:pkcs11:netscape"
-#endif
-
-#define NETSCAPE_INIT_FILE "nsswft.swf"
-
-/*
- * OK, We're deep in the bottom of MACI and PKCS #11... We need to
- * find our fortezza key file. We have no clue of where the our binary lives
- * or where our key file lives. This function lets us search manual paths 
- * to find our key file.
- */
-char *fort_FindFileInPath(char *path, char *fn)
-{
-    char *next;
-    char *holdData;
-    char *ret = NULL;
-    int len = 0;
-    int fn_len = PORT_Strlen(fn)+1; /* include the NULL */
-    PRFileInfo info;
-    char dirSep = NS_DIR_SEP;
-
-    holdData = PORT_Alloc(strlen(path)+1+fn_len);
-
-    while ((next = local_index(path,NS_PATH_SEP)) != NULL) {
-	len = next - path;
-
-	PORT_Memcpy(holdData,path,len);
-	if ((len != 0) && (holdData[len-1] != dirSep)) {
-	  PORT_Memcpy(&holdData[len],&dirSep,1);
-	  len++;
-	}
-	PORT_Memcpy(&holdData[len],fn,fn_len);
-	
-	if ((local_getFileInfo(holdData,&info) == 0) &&
-		(info.type == PR_FILE_FILE) && (info.size != 0)) {
-	    ret = PORT_Strdup(holdData);
-	    PORT_Free(holdData);
-	    return ret;
-	}
-	path = next+1;
-    }
-
-    len = strlen(path);
-    PORT_Memcpy(holdData,path,len);
-    if ((len != 0) && (holdData[len-1] != dirSep)) {
-	  PORT_Memcpy(&holdData[len],&dirSep,1);
-	  len++;
-    }
-    PORT_Memcpy(&holdData[len],fn,fn_len);
-	
-    if ((local_getFileInfo(holdData,&info) == 0) &&
-		(info.type == PR_FILE_FILE) && (info.size != 0)) {
-	    ret = PORT_Strdup(holdData);
-    }
-    PORT_Free(holdData);
-    return ret;
-}
-
-static char *path_table[] = {
-   "PATH","LD_LIBRARY_PATH","LIBPATH"
-};
-
-static int path_table_size = sizeof(path_table)/sizeof(path_table[0]);
-
-char *fort_LookupFORTEZZAInitFile(void)
-{
-    char *fname = NULL;
-    char *home = NULL;
-#ifdef XP_UNIX
-    char unix_home[512];
-#endif
-    int i;
-
-    /* first try to get it from the environment */
-    fname = getenv("SW_FORTEZZA_FILE");
-    if (fname != NULL) {
-	return PORT_Strdup(fname);
-    }
-
-#ifdef XP_UNIX
-    home = getenv("HOME");
-    if (home) {
-	strncpy(unix_home,home, sizeof(unix_home)-sizeof("/.netscape"));
-	strcat(unix_home,"/.netscape");
-	fname = fort_FindFileInPath(unix_home,NETSCAPE_INIT_FILE);
-	if (fname) return fname;
-    }
-#endif
-#ifdef XP_WIN
-    home = getenv("windir");
-    if (home) {
-	fname = fort_FindFileInPath(home,NETSCAPE_INIT_FILE);
-	if (fname) return fname;
-    }
-#endif
-	
-    fname = fort_FindFileInPath(NS_DEFAULT_PATH,NETSCAPE_INIT_FILE);
-    if (fname) return fname;
-
-    /* now search the system paths */
-    for (i=0; i < path_table_size; i++) {
-    	char *path = getenv(path_table[i]);
-
-	if (path != NULL) {
-	    fname = fort_FindFileInPath(path,NETSCAPE_INIT_FILE);
-	    if (fname) return fname;
-	}
-    }
-
-
-    return NULL;
-}
diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile
deleted file mode 100644
index 05cf9dc17..000000000
--- a/security/nss/lib/freebl/Makefile
+++ /dev/null
@@ -1,316 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
--include config.mk
-
-ifdef USE_64
-	DEFINES += -DNSS_USE_64
-endif
-
-ifdef USE_HYBRID
-	DEFINES += -DNSS_USE_HYBRID
-endif
-
-# des.c wants _X86_ defined for intel CPUs.  
-# coreconf does this for windows, but not for Linux, FreeBSD, etc.
-ifeq ($(CPU_ARCH),x86)
-ifneq (,$(filter-out WIN%,$(OS_TARGET)))
-	OS_REL_CFLAGS += -D_X86_
-endif
-endif
-
-ifeq ($(OS_TARGET),OSF1)
-    DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_NO_MP_WORD
-    MPI_SRCS += mpvalpha.c
-endif
-
-ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))  #omits WIN16 and WINCE
-    ASFILES  = mpi_x86.asm
-    DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-endif
-
-ifeq ($(OS_TARGET),WINCE)
-    DEFINES += -DMP_ARGCHK=0	# no assert in WinCE
-endif
-
-ifdef XP_OS2_VACPP
-    ASFILES  = mpi_x86.asm
-    DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-endif
-
-ifeq ($(OS_TARGET),IRIX)
-ifeq ($(USE_N32),1)
-    ASFILES  = mpi_mips.s
-ifeq ($(NS_USE_GCC),1)
-    ASFLAGS = -Wp,-P -Wp,-traditional -O -mips3
-else
-    ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 
-endif
-    DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-    DEFINES += -DMP_USE_UINT_DIGIT
-else
-endif
-endif
-
-ifeq ($(OS_TARGET),Linux)
-ifeq ($(CPU_ARCH),x86)
-    ASFILES  = mpi_x86.s
-    DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-endif
-endif
-
-ifeq ($(OS_TARGET),AIX)
-DEFINES += -DMP_USE_UINT_DIGIT
-ifndef USE_64
-DEFINES += -DMP_NO_DIV_WORD -DMP_NO_ADD_WORD -DMP_NO_SUB_WORD
-endif
-endif
-
-ifeq ($(OS_TARGET), HP-UX)
-ifneq ($(OS_TEST), ia64)
-MKSHLIB += +k +vshlibunsats -u FREEBL_GetVector +e FREEBL_GetVector
-ifndef FREEBL_EXTENDED_BUILD
-ifdef USE_PURE_32
-# build for DA1.1 (HP PA 1.1) pure 32 bit model
-    DEFINES  += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-else
-ifdef USE_64
-# this builds for DA2.0W (HP PA 2.0 Wide), the LP64 ABI, using 32-bit digits 
-    MPI_SRCS += mpi_hp.c 
-    ASFILES  += hpma512.s hppa20.s 
-    DEFINES  += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-else
-# this builds for DA2.0 (HP PA 2.0 Narrow) hybrid model 
-# (the 32-bit ABI with 64-bit registers) using 32-bit digits
-    MPI_SRCS += mpi_hp.c 
-    ASFILES  += hpma512.s hppa20.s 
-    DEFINES  += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-# This is done in coreconf by defining USE_LONG_LONGS
-#   OS_CFLAGS += -Aa +e +DA2.0 +DS2.0
-endif
-endif
-endif
-endif
-endif
-
-# Note: -xarch=v8 or v9 is now done in coreconf
-ifeq ($(OS_TARGET),SunOS)
-ifeq ($(CPU_ARCH),sparc)
-ifndef NS_USE_GCC
-ifdef USE_HYBRID
-    OS_CFLAGS += -xchip=ultra2
-endif
-endif
-ifeq (5.5.1,$(firstword $(sort 5.5.1 $(OS_RELEASE))))
-    SYSV_SPARC = 1
-endif
-ifeq ($(SYSV_SPARC),1)
-SOLARIS_AS = /usr/ccs/bin/as
-ifdef NS_USE_GCC
-LD = gcc
-DSO_LDOPTS += -shared -Wl,-B,symbolic,-z,defs,-z,now,-z,text,-M,mapfile.Solaris
-else
-MKSHLIB += -B symbolic -z defs -z now -z text -M mapfile.Solaris
-endif
-ifdef USE_PURE_32
-# this builds for Sparc v8 pure 32-bit architecture
-    DEFINES += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-else
-ifdef USE_64
-# this builds for Sparc v9a pure 64-bit architecture
-    MPI_SRCS += mpi_sparc.c
-    ASFILES   = mpv_sparcv9.s montmulfv9.s
-    DEFINES  += -DMP_ASSEMBLY_MULTIPLY -DMP_USING_MONT_MULF
-    DEFINES  += -DMP_USE_UINT_DIGIT 
-#   MPI_SRCS += mpv_sparc.c
-# removed -xdepend from the following line
-    SOLARIS_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt
-    SOLARIS_AS_FLAGS = -xarch=v9a -K PIC
-else
-# this builds for Sparc v8+a hybrid architecture, 64-bit registers, 32-bit ABI
-    MPI_SRCS += mpi_sparc.c
-    ASFILES  = mpv_sparcv8.s montmulfv8.s
-    DEFINES  += -DMP_NO_MP_WORD -DMP_ASSEMBLY_MULTIPLY -DMP_USING_MONT_MULF
-    DEFINES  += -DMP_USE_UINT_DIGIT 
-    SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC
-#   ASM_SUFFIX = .S
-endif
-endif
-endif
-else
-# Solaris x86
-    DEFINES += -DMP_USE_UINT_DIGIT
-    DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-    ASFILES  = mpi_i86pc.s
-ifdef NS_USE_GCC
-    LD = gcc
-    AS = gcc
-    ASFLAGS =
-endif
-
-endif
-endif
-
-$(OBJDIR)/sysrand$(OBJ_SUFFIX): sysrand.c unix_rand.c win_rand.c mac_rand.c os2_rand.c
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
-rijndael_tables:
-	$(CC) -o $(OBJDIR)/make_rijndael_tab rijndael_tables.c \
-	         $(DEFINES) $(INCLUDES) $(OBJDIR)/libfreebl.a
-	$(OBJDIR)/make_rijndael_tab
-
-ifdef MOZILLA_BSAFE_BUILD
-
-private_export::
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-	rm -f $(DIST)/lib/bsafe$(BSAFEVER).lib
-endif
-	$(NSINSTALL) -R $(BSAFEPATH) $(DIST)/lib
-endif
-
-ifdef USE_PURE_32 
-vpath %.h $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.c $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.S $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.s $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.asm $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-INCLUDES += -I$(FREEBL_PARENT) -I$(FREEBL_PARENT)/mpi
-else
-vpath %.h mpi
-vpath %.c mpi
-vpath %.S mpi
-vpath %.s mpi
-vpath %.asm mpi
-INCLUDES += -Impi
-endif
-
-
-DEFINES += -DMP_API_COMPATIBLE
-
-MPI_USERS = dh.c pqg.c dsa.c rsa.c 
-
-MPI_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_SRCS:.c=$(OBJ_SUFFIX)))
-MPI_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_USERS:.c=$(OBJ_SUFFIX)))
-
-$(MPI_OBJS): $(MPI_HDRS)
-
-$(OBJDIR)/$(PROG_PREFIX)mpprime$(OBJ_SUFFIX): primes.c
-
-$(OBJDIR)/ldvector$(OBJ_SUFFIX) $(OBJDIR)/loader$(OBJ_SUFFIX) : loader.h
-
-ifeq ($(SYSV_SPARC),1)
-
-$(OBJDIR)/mpv_sparcv8.o $(OBJDIR)/montmulfv8.o : $(OBJDIR)/%.o : %.s 
-	@$(MAKE_OBJDIR)
-	$(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $<
-
-$(OBJDIR)/mpv_sparcv9.o $(OBJDIR)/montmulfv9.o : $(OBJDIR)/%.o : %.s
-	@$(MAKE_OBJDIR)
-	$(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $<
-
-$(OBJDIR)/mpmontg.o: mpmontg.c montmulf.h
-
-endif
-
-ifdef FREEBL_EXTENDED_BUILD
-
-PURE32DIR = $(OBJDIR)/$(OS_TARGET)pure32
-ALL_TRASH += $(PURE32DIR)
-
-FILES2LN = \
- $(wildcard *.tab) \
- $(wildcard mapfile.*) \
- Makefile manifest.mn config.mk 
-
-LINKEDFILES = $(addprefix $(PURE32DIR)/, $(FILES2LN))
-
-CDDIR := $(shell pwd)
-
-$(PURE32DIR):
-	-mkdir $(PURE32DIR)
-	-ln -s $(CDDIR)/mpi $(PURE32DIR)
-
-$(LINKEDFILES) : $(PURE32DIR)/% : % 
-	ln -s $(CDDIR)/$* $(PURE32DIR)
-
-libs:: 
-	$(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 libs
-
-libs:: $(PURE32DIR) $(LINKEDFILES)
-	cd $(PURE32DIR) && $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 FREEBL_PARENT=$(CDDIR) CORE_DEPTH=$(CDDIR)/$(CORE_DEPTH) libs
-
-release_md::
-	$(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 $@
-	cd $(PURE32DIR) && $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 FREEBL_PARENT=$(CDDIR) CORE_DEPTH=$(CDDIR)/$(CORE_DEPTH) $@
-
-endif
diff --git a/security/nss/lib/freebl/alg2268.c b/security/nss/lib/freebl/alg2268.c
deleted file mode 100644
index af720f733..000000000
--- a/security/nss/lib/freebl/alg2268.c
+++ /dev/null
@@ -1,493 +0,0 @@
-/*
- * alg2268.c - implementation of the algorithm in RFC 2268
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-
-#include "blapi.h"
-#include "secerr.h"
-#ifdef XP_UNIX_XXX
-#include <stddef.h>	/* for ptrdiff_t */
-#endif
-
-/*
-** RC2 symmetric block cypher
-*/
-
-typedef SECStatus (rc2Func)(RC2Context *cx, unsigned char *output,
-		           const unsigned char *input, unsigned int inputLen);
-
-/* forward declarations */
-static rc2Func rc2_EncryptECB;
-static rc2Func rc2_DecryptECB;
-static rc2Func rc2_EncryptCBC;
-static rc2Func rc2_DecryptCBC;
-
-typedef union {
-    PRUint32	l[2];
-    PRUint16	s[4];
-    PRUint8	b[8];
-} RC2Block;
-
-struct RC2ContextStr {
-    union {
-    	PRUint8  Kb[128];
-	PRUint16 Kw[64];
-    } u;
-    RC2Block     iv;
-    rc2Func      *enc;
-    rc2Func      *dec;
-};
-
-#define B u.Kb
-#define K u.Kw
-#define BYTESWAP(x) ((x) << 8 | (x) >> 8)
-#define SWAPK(i)  cx->K[i] = (tmpS = cx->K[i], BYTESWAP(tmpS))
-#define RC2_BLOCK_SIZE 8
-
-#define LOAD_HARD(R) \
-    R[0] = (PRUint16)input[1] << 8 | input[0]; \
-    R[1] = (PRUint16)input[3] << 8 | input[2]; \
-    R[2] = (PRUint16)input[5] << 8 | input[4]; \
-    R[3] = (PRUint16)input[7] << 8 | input[6];
-#define LOAD_EASY(R) \
-    R[0] = ((PRUint16 *)input)[0]; \
-    R[1] = ((PRUint16 *)input)[1]; \
-    R[2] = ((PRUint16 *)input)[2]; \
-    R[3] = ((PRUint16 *)input)[3];
-#define STORE_HARD(R) \
-    output[0] =  (PRUint8)(R[0]);   output[1] = (PRUint8)(R[0] >> 8); \
-    output[2] =  (PRUint8)(R[1]);   output[3] = (PRUint8)(R[1] >> 8); \
-    output[4] =  (PRUint8)(R[2]);   output[5] = (PRUint8)(R[2] >> 8); \
-    output[6] =  (PRUint8)(R[3]);   output[7] = (PRUint8)(R[3] >> 8);
-#define STORE_EASY(R) \
-    ((PRUint16 *)output)[0] =  R[0]; \
-    ((PRUint16 *)output)[1] =  R[1]; \
-    ((PRUint16 *)output)[2] =  R[2]; \
-    ((PRUint16 *)output)[3] =  R[3];   
-
-#if defined (_X86_)
-#define LOAD(R)  LOAD_EASY(R)
-#define STORE(R) STORE_EASY(R)
-#elif !defined(IS_LITTLE_ENDIAN)
-#define LOAD(R)  LOAD_HARD(R)
-#define STORE(R) STORE_HARD(R)
-#else
-#define LOAD(R) if ((ptrdiff_t)input & 1) { LOAD_HARD(R) } else { LOAD_EASY(R) }
-#define STORE(R) if ((ptrdiff_t)input & 1) { STORE_HARD(R) } else { STORE_EASY(R) }
-#endif
-
-static const PRUint8 S[256] = {
-0331,0170,0371,0304,0031,0335,0265,0355,0050,0351,0375,0171,0112,0240,0330,0235,
-0306,0176,0067,0203,0053,0166,0123,0216,0142,0114,0144,0210,0104,0213,0373,0242,
-0027,0232,0131,0365,0207,0263,0117,0023,0141,0105,0155,0215,0011,0201,0175,0062,
-0275,0217,0100,0353,0206,0267,0173,0013,0360,0225,0041,0042,0134,0153,0116,0202,
-0124,0326,0145,0223,0316,0140,0262,0034,0163,0126,0300,0024,0247,0214,0361,0334,
-0022,0165,0312,0037,0073,0276,0344,0321,0102,0075,0324,0060,0243,0074,0266,0046,
-0157,0277,0016,0332,0106,0151,0007,0127,0047,0362,0035,0233,0274,0224,0103,0003,
-0370,0021,0307,0366,0220,0357,0076,0347,0006,0303,0325,0057,0310,0146,0036,0327,
-0010,0350,0352,0336,0200,0122,0356,0367,0204,0252,0162,0254,0065,0115,0152,0052,
-0226,0032,0322,0161,0132,0025,0111,0164,0113,0237,0320,0136,0004,0030,0244,0354,
-0302,0340,0101,0156,0017,0121,0313,0314,0044,0221,0257,0120,0241,0364,0160,0071,
-0231,0174,0072,0205,0043,0270,0264,0172,0374,0002,0066,0133,0045,0125,0227,0061,
-0055,0135,0372,0230,0343,0212,0222,0256,0005,0337,0051,0020,0147,0154,0272,0311,
-0323,0000,0346,0317,0341,0236,0250,0054,0143,0026,0001,0077,0130,0342,0211,0251,
-0015,0070,0064,0033,0253,0063,0377,0260,0273,0110,0014,0137,0271,0261,0315,0056,
-0305,0363,0333,0107,0345,0245,0234,0167,0012,0246,0040,0150,0376,0177,0301,0255
-};
-
-/*
-** Create a new RC2 context suitable for RC2 encryption/decryption.
-** 	"key" raw key data
-** 	"len" the number of bytes of key data
-** 	"iv" is the CBC initialization vector (if mode is NSS_RC2_CBC)
-** 	"mode" one of NSS_RC2 or NSS_RC2_CBC
-**	"effectiveKeyLen" in bytes, not bits.
-**
-** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block
-** chaining" mode.
-*/
-RC2Context *
-RC2_CreateContext(unsigned char *key, unsigned int len,
-		  unsigned char *input, int mode, unsigned efLen8)
-{
-    RC2Context *cx;
-    PRUint8    *L,*L2;
-    int         i;
-#if !defined(IS_LITTLE_ENDIAN)
-    PRUint16    tmpS;
-#endif
-    PRUint8     tmpB;
-
-    if (!key || len == 0 || len > (sizeof cx->B) || efLen8 > (sizeof cx->B)) {
-    	return NULL;
-    }
-    if (mode == NSS_RC2) {
-    	/* groovy */
-    } else if (mode == NSS_RC2_CBC) {
-    	if (!input) {
-	    return NULL;	/* not groovy */
-	}
-    } else {
-    	return NULL;
-    }
-
-    cx = PORT_ZNew(RC2Context);
-    if (!cx)
-    	return cx;
-
-    if (mode == NSS_RC2_CBC) {
-    	cx->enc = & rc2_EncryptCBC;
-	cx->dec = & rc2_DecryptCBC;
-	LOAD(cx->iv.s);
-    } else {
-    	cx->enc = & rc2_EncryptECB;
-	cx->dec = & rc2_DecryptECB;
-    }
-
-    /* Step 0. Copy key into table. */
-    memcpy(cx->B, key, len);
-
-    /* Step 1. Compute all values to the right of the key. */
-    L2 = cx->B;
-    L = L2 + len;
-    tmpB = L[-1];
-    for (i = (sizeof cx->B) - len; i > 0; --i) {
-	*L++ = tmpB = S[ (PRUint8)(tmpB + *L2++) ];
-    }
-
-    /* step 2. Adjust left most byte of effective key. */
-    i = (sizeof cx->B) - efLen8;
-    L = cx->B + i;
-    *L = tmpB = S[*L];				/* mask is always 0xff */
-
-    /* step 3. Recompute all values to the left of effective key. */
-    L2 = --L + efLen8;
-    while(L >= cx->B) {
-	*L-- = tmpB = S[ tmpB ^ *L2-- ];
-    }
-
-#if !defined(IS_LITTLE_ENDIAN)
-    for (i = 63; i >= 0; --i) {
-        SWAPK(i);		/* candidate for unrolling */
-    }
-#endif
-    return cx;
-}
-
-/*
-** Destroy an RC2 encryption/decryption context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-void 
-RC2_DestroyContext(RC2Context *cx, PRBool freeit)
-{
-    if (cx) {
-	memset(cx, 0, sizeof *cx);
-	if (freeit) {
-	    PORT_Free(cx);
-	}
-    }
-}
-
-#define ROL(x,k) (x << k | x >> (16-k))
-#define MIX(j) \
-    R0 = R0 + cx->K[ 4*j+0] + (R3 & R2) + (~R3 & R1);  R0 = ROL(R0,1);\
-    R1 = R1 + cx->K[ 4*j+1] + (R0 & R3) + (~R0 & R2);  R1 = ROL(R1,2);\
-    R2 = R2 + cx->K[ 4*j+2] + (R1 & R0) + (~R1 & R3);  R2 = ROL(R2,3);\
-    R3 = R3 + cx->K[ 4*j+3] + (R2 & R1) + (~R2 & R0);  R3 = ROL(R3,5)
-#define MASH \
-    R0 = R0 + cx->K[R3 & 63];\
-    R1 = R1 + cx->K[R0 & 63];\
-    R2 = R2 + cx->K[R1 & 63];\
-    R3 = R3 + cx->K[R2 & 63]
-
-/* Encrypt one block */
-static void 
-rc2_Encrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input)
-{
-    register PRUint16 R0, R1, R2, R3;
-
-    /* step 1. Initialize input. */
-    R0 = input->s[0];
-    R1 = input->s[1];
-    R2 = input->s[2];
-    R3 = input->s[3];
-
-    /* step 2.  Expand Key (already done, in context) */
-    /* step 3.  j = 0 */
-    /* step 4.  Perform 5 mixing rounds. */
-
-    MIX(0);
-    MIX(1);
-    MIX(2);
-    MIX(3);
-    MIX(4);
-
-    /* step 5. Perform 1 mashing round. */
-    MASH;
-
-    /* step 6. Perform 6 mixing rounds. */
-
-    MIX(5);
-    MIX(6);
-    MIX(7);
-    MIX(8);
-    MIX(9);
-    MIX(10);
-
-    /* step 7. Perform 1 mashing round. */
-    MASH;
-
-    /* step 8. Perform 5 mixing rounds. */
-
-    MIX(11);
-    MIX(12);
-    MIX(13);
-    MIX(14);
-    MIX(15);
-
-    /* output results */
-    output->s[0] = R0;
-    output->s[1] = R1;
-    output->s[2] = R2;
-    output->s[3] = R3;
-}
-
-#define ROR(x,k) (x >> k | x << (16-k))
-#define R_MIX(j) \
-    R3 = ROR(R3,5); R3 = R3 - cx->K[ 4*j+3] - (R2 & R1) - (~R2 & R0);  \
-    R2 = ROR(R2,3); R2 = R2 - cx->K[ 4*j+2] - (R1 & R0) - (~R1 & R3);  \
-    R1 = ROR(R1,2); R1 = R1 - cx->K[ 4*j+1] - (R0 & R3) - (~R0 & R2);  \
-    R0 = ROR(R0,1); R0 = R0 - cx->K[ 4*j+0] - (R3 & R2) - (~R3 & R1)
-#define R_MASH \
-    R3 = R3 - cx->K[R2 & 63];\
-    R2 = R2 - cx->K[R1 & 63];\
-    R1 = R1 - cx->K[R0 & 63];\
-    R0 = R0 - cx->K[R3 & 63]
-
-/* Encrypt one block */
-static void 
-rc2_Decrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input)
-{
-    register PRUint16 R0, R1, R2, R3;
-
-    /* step 1. Initialize input. */
-    R0 = input->s[0];
-    R1 = input->s[1];
-    R2 = input->s[2];
-    R3 = input->s[3];
-
-    /* step 2.  Expand Key (already done, in context) */
-    /* step 3.  j = 63 */
-    /* step 4.  Perform 5 r_mixing rounds. */
-    R_MIX(15);
-    R_MIX(14);
-    R_MIX(13);
-    R_MIX(12);
-    R_MIX(11);
-
-    /* step 5.  Perform 1 r_mashing round. */
-    R_MASH;
-
-    /* step 6.  Perform 6 r_mixing rounds. */
-    R_MIX(10);
-    R_MIX(9);
-    R_MIX(8);
-    R_MIX(7);
-    R_MIX(6);
-    R_MIX(5);
-
-    /* step 7.  Perform 1 r_mashing round. */
-    R_MASH;
-
-    /* step 8.  Perform 5 r_mixing rounds. */
-    R_MIX(4);
-    R_MIX(3);
-    R_MIX(2);
-    R_MIX(1);
-    R_MIX(0);
-
-    /* output results */
-    output->s[0] = R0;
-    output->s[1] = R1;
-    output->s[2] = R2;
-    output->s[3] = R3;
-}
-
-static SECStatus
-rc2_EncryptECB(RC2Context *cx, unsigned char *output,
-	       const unsigned char *input, unsigned int inputLen)
-{
-    RC2Block  iBlock;
-
-    while (inputLen > 0) {
-    	LOAD(iBlock.s)
-	rc2_Encrypt1Block(cx, &iBlock, &iBlock);
-	STORE(iBlock.s)
-	output   += RC2_BLOCK_SIZE;
-	input    += RC2_BLOCK_SIZE;
-	inputLen -= RC2_BLOCK_SIZE;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-rc2_DecryptECB(RC2Context *cx, unsigned char *output,
-	       const unsigned char *input, unsigned int inputLen)
-{
-    RC2Block  iBlock;
-
-    while (inputLen > 0) {
-    	LOAD(iBlock.s)
-	rc2_Decrypt1Block(cx, &iBlock, &iBlock);
-	STORE(iBlock.s)
-	output   += RC2_BLOCK_SIZE;
-	input    += RC2_BLOCK_SIZE;
-	inputLen -= RC2_BLOCK_SIZE;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-rc2_EncryptCBC(RC2Context *cx, unsigned char *output,
-	       const unsigned char *input, unsigned int inputLen)
-{
-    RC2Block  iBlock;
-
-    while (inputLen > 0) {
-
-	LOAD(iBlock.s)
-	iBlock.l[0] ^= cx->iv.l[0];
-	iBlock.l[1] ^= cx->iv.l[1];
-	rc2_Encrypt1Block(cx, &iBlock, &iBlock);
-	cx->iv = iBlock;
-	STORE(iBlock.s)
-	output   += RC2_BLOCK_SIZE;
-	input    += RC2_BLOCK_SIZE;
-	inputLen -= RC2_BLOCK_SIZE;
-    }
-    return SECSuccess;
-}
-
-static SECStatus
-rc2_DecryptCBC(RC2Context *cx, unsigned char *output,
-	       const unsigned char *input, unsigned int inputLen)
-{
-    RC2Block  iBlock;
-    RC2Block  oBlock;
-
-    while (inputLen > 0) {
-	LOAD(iBlock.s)
-	rc2_Decrypt1Block(cx, &oBlock, &iBlock);
-	oBlock.l[0] ^= cx->iv.l[0];
-	oBlock.l[1] ^= cx->iv.l[1];
-	cx->iv = iBlock;
-	STORE(oBlock.s)
-	output   += RC2_BLOCK_SIZE;
-	input    += RC2_BLOCK_SIZE;
-	inputLen -= RC2_BLOCK_SIZE;
-    }
-    return SECSuccess;
-}
-
-
-/*
-** Perform RC2 encryption.
-**	"cx" the context
-**	"output" the output buffer to store the encrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output,
-		      unsigned int *outputLen, unsigned int maxOutputLen,
-		      const unsigned char *input, unsigned int inputLen)
-{
-    SECStatus rv = SECSuccess;
-    if (inputLen) {
-	if (inputLen % RC2_BLOCK_SIZE) {
-	    PORT_SetError(SEC_ERROR_INPUT_LEN);
-	    return SECFailure;
-	}
-	if (maxOutputLen < inputLen) {
-	    PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-	    return SECFailure;
-	}
-	rv = (*cx->enc)(cx, output, input, inputLen);
-    }
-    if (rv == SECSuccess) {
-    	*outputLen = inputLen;
-    }
-    return rv;
-}
-
-/*
-** Perform RC2 decryption.
-**	"cx" the context
-**	"output" the output buffer to store the decrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output,
-		      unsigned int *outputLen, unsigned int maxOutputLen,
-		      const unsigned char *input, unsigned int inputLen)
-{
-    SECStatus rv = SECSuccess;
-    if (inputLen) {
-	if (inputLen % RC2_BLOCK_SIZE) {
-	    PORT_SetError(SEC_ERROR_INPUT_LEN);
-	    return SECFailure;
-	}
-	if (maxOutputLen < inputLen) {
-	    PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-	    return SECFailure;
-	}
-	rv = (*cx->dec)(cx, output, input, inputLen);
-    }
-    if (rv == SECSuccess) {
-	*outputLen = inputLen;
-    }
-    return rv;
-}
-
diff --git a/security/nss/lib/freebl/arcfive.c b/security/nss/lib/freebl/arcfive.c
deleted file mode 100644
index 2ee3f5447..000000000
--- a/security/nss/lib/freebl/arcfive.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * arcfive.c - stubs for RC5 - NOT a working implementation!
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "blapi.h"
-#include "prerror.h"
-
-/******************************************/
-/*
-** RC5 symmetric block cypher -- 64-bit block size
-*/
-
-/*
-** Create a new RC5 context suitable for RC5 encryption/decryption.
-**      "key" raw key data
-**      "len" the number of bytes of key data
-**      "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC)
-**      "mode" one of NSS_RC5 or NSS_RC5_CBC
-**
-** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block
-** chaining" mode.
-*/
-RC5Context *
-RC5_CreateContext(SECItem *key, unsigned int rounds,
-                  unsigned int wordSize, unsigned char *iv, int mode)
-{
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return NULL;
-}
-
-/*
-** Destroy an RC5 encryption/decryption context.
-**      "cx" the context
-**      "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-void 
-RC5_DestroyContext(RC5Context *cx, PRBool freeit) 
-{
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-}
-
-/*
-** Perform RC5 encryption.
-**      "cx" the context
-**      "output" the output buffer to store the encrypted data.
-**      "outputLen" how much data is stored in "output". Set by the routine
-**         after some data is stored in output.
-**      "maxOutputLen" the maximum amount of data that can ever be
-**         stored in "output"
-**      "input" the input data
-**      "inputLen" the amount of input data
-*/
-SECStatus 
-RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, 
-	    const unsigned char *input, unsigned int inputLen)
-{
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return SECFailure;
-}
-
-/*
-** Perform RC5 decryption.
-**      "cx" the context
-**      "output" the output buffer to store the decrypted data.
-**      "outputLen" how much data is stored in "output". Set by the routine
-**         after some data is stored in output.
-**      "maxOutputLen" the maximum amount of data that can ever be
-**         stored in "output"
-**      "input" the input data
-**      "inputLen" the amount of input data
-*/
-SECStatus 
-RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return SECFailure;
-}
-
diff --git a/security/nss/lib/freebl/arcfour.c b/security/nss/lib/freebl/arcfour.c
deleted file mode 100644
index 23205ba73..000000000
--- a/security/nss/lib/freebl/arcfour.c
+++ /dev/null
@@ -1,567 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-
-/* Architecture-dependent defines */
-
-#if defined(SOLARIS) || defined(HPUX) || defined(i386) || defined(IRIX)
-/* Convert the byte-stream to a word-stream */
-#define CONVERT_TO_WORDS
-#endif
-
-#if defined(AIX) || defined(OSF1)
-/* Treat array variables as longs, not bytes */
-#define USE_LONG
-#endif
-
-#if defined(_WIN32_WCE)
-#undef WORD
-#define WORD ARC4WORD
-#endif
-
-#if defined(NSS_USE_HYBRID) && !defined(SOLARIS) && !defined(NSS_USE_64) 
-typedef unsigned long long WORD;
-#else
-typedef unsigned long WORD;
-#endif
-#define WORDSIZE sizeof(WORD)
-
-#ifdef USE_LONG
-typedef unsigned long Stype;
-#else
-typedef PRUint8 Stype;
-#endif
-
-#define ARCFOUR_STATE_SIZE 256
-
-#define MASK1BYTE (WORD)(0xff)
-
-#define SWAP(a, b) \
-	tmp = a; \
-	a = b; \
-	b = tmp;
-
-/*
- * State information for stream cipher.
- */
-struct RC4ContextStr
-{
-	Stype S[ARCFOUR_STATE_SIZE];
-	PRUint8 i;
-	PRUint8 j;
-};
-
-/*
- * array indices [0..255] to initialize cx->S array (faster than loop).
- */
-static const Stype Kinit[256] = {
-	0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-	0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
-	0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
-	0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
-	0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
-	0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
-	0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
-	0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
-	0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
-	0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
-	0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
-	0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
-	0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
-	0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
-	0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
-	0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
-	0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
-	0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
-	0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
-	0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
-	0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
-	0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
-	0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
-	0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
-	0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
-	0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
-	0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
-	0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
-	0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
-	0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
-	0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
-	0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
-};
-
-/*
- * Initialize a new generator.
- */
-RC4Context *
-RC4_CreateContext(unsigned char *key, int len)
-{
-	int i;
-	PRUint8 j, tmp;
-	RC4Context *cx;
-	PRUint8 K[256];
-	PRUint8 *L;
-	/* verify the key length. */
-	PORT_Assert(len > 0 && len < ARCFOUR_STATE_SIZE);
-	if (len < 0 || len >= ARCFOUR_STATE_SIZE) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return NULL;
-	}
-	/* Create space for the context. */
-	cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context));
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return NULL;
-	}
-	/* Initialize the state using array indices. */
-	memcpy(cx->S, Kinit, sizeof cx->S);
-	/* Fill in K repeatedly with values from key. */
-	L = K;
-	for (i = sizeof K; i > len; i-= len) {
-		memcpy(L, key, len);
-		L += len;
-	}
-	memcpy(L, key, i);
-	/* Stir the state of the generator.  At this point it is assumed
-	 * that the key is the size of the state buffer.  If this is not
-	 * the case, the key bytes are repeated to fill the buffer.
-	 */
-	j = 0;
-#define ARCFOUR_STATE_STIR(ii) \
-	j = j + cx->S[ii] + K[ii]; \
-	SWAP(cx->S[ii], cx->S[j]);
-	for (i=0; i<ARCFOUR_STATE_SIZE; i++) {
-		ARCFOUR_STATE_STIR(i);
-	}
-	cx->i = 0;
-	cx->j = 0;
-	return cx;
-}
-
-void 
-RC4_DestroyContext(RC4Context *cx, PRBool freeit)
-{
-	if (freeit)
-		PORT_ZFree(cx, sizeof(*cx));
-}
-
-/*
- * Generate the next byte in the stream.
- */
-#define ARCFOUR_NEXT_BYTE() \
-	tmpSi = cx->S[++tmpi]; \
-	tmpj += tmpSi; \
-	tmpSj = cx->S[tmpj]; \
-	cx->S[tmpi] = tmpSj; \
-	cx->S[tmpj] = tmpSi; \
-	t = tmpSi + tmpSj;
-
-#ifdef CONVERT_TO_WORDS
-/*
- * Straight RC4 op.  No optimization.
- */
-static SECStatus 
-rc4_no_opt(RC4Context *cx, unsigned char *output,
-           unsigned int *outputLen, unsigned int maxOutputLen,
-           const unsigned char *input, unsigned int inputLen)
-{
-    PRUint8 t;
-	Stype tmpSi, tmpSj;
-	register PRUint8 tmpi = cx->i;
-	register PRUint8 tmpj = cx->j;
-	unsigned int index;
-	PORT_Assert(maxOutputLen >= inputLen);
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	for (index=0; index < inputLen; index++) {
-		/* Generate next byte from stream. */
-		ARCFOUR_NEXT_BYTE();
-		/* output = next stream byte XOR next input byte */
-		output[index] = cx->S[t] ^ input[index];
-	}
-	*outputLen = inputLen;
-	cx->i = tmpi;
-	cx->j = tmpj;
-	return SECSuccess;
-}
-#endif
-
-#ifndef CONVERT_TO_WORDS
-/*
- * Byte-at-a-time RC4, unrolling the loop into 8 pieces.
- */
-static SECStatus 
-rc4_unrolled(RC4Context *cx, unsigned char *output,
-             unsigned int *outputLen, unsigned int maxOutputLen,
-             const unsigned char *input, unsigned int inputLen)
-{
-	PRUint8 t;
-	Stype tmpSi, tmpSj;
-	register PRUint8 tmpi = cx->i;
-	register PRUint8 tmpj = cx->j;
-	int index;
-	PORT_Assert(maxOutputLen >= inputLen);
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	for (index = inputLen / 8; index-- > 0; input += 8, output += 8) {
-		ARCFOUR_NEXT_BYTE();
-		output[0] = cx->S[t] ^ input[0];
-		ARCFOUR_NEXT_BYTE();
-		output[1] = cx->S[t] ^ input[1];
-		ARCFOUR_NEXT_BYTE();
-		output[2] = cx->S[t] ^ input[2];
-		ARCFOUR_NEXT_BYTE();
-		output[3] = cx->S[t] ^ input[3];
-		ARCFOUR_NEXT_BYTE();
-		output[4] = cx->S[t] ^ input[4];
-		ARCFOUR_NEXT_BYTE();
-		output[5] = cx->S[t] ^ input[5];
-		ARCFOUR_NEXT_BYTE();
-		output[6] = cx->S[t] ^ input[6];
-		ARCFOUR_NEXT_BYTE();
-		output[7] = cx->S[t] ^ input[7];
-	}
-	index = inputLen % 8;
-	if (index) {
-		input += index;
-		output += index;
-		switch (index) {
-		case 7:
-			ARCFOUR_NEXT_BYTE();
-			output[-7] = cx->S[t] ^ input[-7]; /* FALLTHRU */
-		case 6:
-			ARCFOUR_NEXT_BYTE();
-			output[-6] = cx->S[t] ^ input[-6]; /* FALLTHRU */
-		case 5:
-			ARCFOUR_NEXT_BYTE();
-			output[-5] = cx->S[t] ^ input[-5]; /* FALLTHRU */
-		case 4:
-			ARCFOUR_NEXT_BYTE();
-			output[-4] = cx->S[t] ^ input[-4]; /* FALLTHRU */
-		case 3:
-			ARCFOUR_NEXT_BYTE();
-			output[-3] = cx->S[t] ^ input[-3]; /* FALLTHRU */
-		case 2:
-			ARCFOUR_NEXT_BYTE();
-			output[-2] = cx->S[t] ^ input[-2]; /* FALLTHRU */
-		case 1:
-			ARCFOUR_NEXT_BYTE();
-			output[-1] = cx->S[t] ^ input[-1]; /* FALLTHRU */
-		default:
-			/* FALLTHRU */
-			; /* hp-ux build breaks without this */
-		}
-	}
-	cx->i = tmpi;
-	cx->j = tmpj;
-	*outputLen = inputLen;
-	return SECSuccess;
-}
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-#define ARCFOUR_NEXT4BYTES_L(n) \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n     ); \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n +  8); \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 16); \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 24);
-#else
-#define ARCFOUR_NEXT4BYTES_B(n) \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 24); \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 16); \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n +  8); \
-	ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n     );
-#endif
-
-#if (defined(NSS_USE_HYBRID) && !defined(SOLARIS)) || defined(NSS_USE_64)
-/* 64-bit wordsize */
-#ifdef IS_LITTLE_ENDIAN
-#define ARCFOUR_NEXT_WORD() \
-	{ streamWord = 0; ARCFOUR_NEXT4BYTES_L(0); ARCFOUR_NEXT4BYTES_L(32); }
-#else
-#define ARCFOUR_NEXT_WORD() \
-	{ streamWord = 0; ARCFOUR_NEXT4BYTES_B(32); ARCFOUR_NEXT4BYTES_B(0); }
-#endif
-#else
-/* 32-bit wordsize */
-#ifdef IS_LITTLE_ENDIAN
-#define ARCFOUR_NEXT_WORD() \
-	{ streamWord = 0; ARCFOUR_NEXT4BYTES_L(0); }
-#else
-#define ARCFOUR_NEXT_WORD() \
-	{ streamWord = 0; ARCFOUR_NEXT4BYTES_B(0); }
-#endif
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-#define RSH <<
-#define LSH >>
-#else
-#define RSH >>
-#define LSH <<
-#endif
-
-#ifdef CONVERT_TO_WORDS
-/*
- * Convert input and output buffers to words before performing
- * RC4 operations.
- */
-static SECStatus 
-rc4_wordconv(RC4Context *cx, unsigned char *output,
-             unsigned int *outputLen, unsigned int maxOutputLen,
-             const unsigned char *input, unsigned int inputLen)
-{
-	ptrdiff_t inOffset = (ptrdiff_t)input % WORDSIZE;
-	ptrdiff_t outOffset = (ptrdiff_t)output % WORDSIZE;
-	register WORD streamWord, mask;
-	register WORD *pInWord, *pOutWord;
-	register WORD inWord, nextInWord;
-	PRUint8 t;
-	register Stype tmpSi, tmpSj;
-	register PRUint8 tmpi = cx->i;
-	register PRUint8 tmpj = cx->j;
-	unsigned int byteCount;
-	unsigned int bufShift, invBufShift;
-	int i;
-
-	PORT_Assert(maxOutputLen >= inputLen);
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if (inputLen < 2*WORDSIZE) {
-		/* Ignore word conversion, do byte-at-a-time */
-		return rc4_no_opt(cx, output, outputLen, maxOutputLen, input, inputLen);
-	}
-	*outputLen = inputLen;
-	pInWord = (WORD *)(input - inOffset);
-	if (inOffset < outOffset) {
-		bufShift = 8*(outOffset - inOffset);
-		invBufShift = 8*WORDSIZE - bufShift;
-	} else {
-		invBufShift = 8*(inOffset - outOffset);
-		bufShift = 8*WORDSIZE - invBufShift;
-	}
-	/*****************************************************************/
-	/* Step 1:                                                       */
-	/* If the first output word is partial, consume the bytes in the */
-	/* first partial output word by loading one or two words of      */
-	/* input and shifting them accordingly.  Otherwise, just load    */
-	/* in the first word of input.  At the end of this block, at     */
-	/* least one partial word of input should ALWAYS be loaded.      */
-	/*****************************************************************/
-	if (outOffset) {
-		/* Generate input and stream words aligned relative to the
-		 * partial output buffer.
-		 */
-		byteCount = WORDSIZE - outOffset; 
-		pOutWord = (WORD *)(output - outOffset);
-		mask = streamWord = 0;
-#ifdef IS_LITTLE_ENDIAN
-		for (i = WORDSIZE - byteCount; i < WORDSIZE; i++) {
-#else
-		for (i = byteCount - 1; i >= 0; --i) {
-#endif
-			ARCFOUR_NEXT_BYTE();
-			streamWord |= (WORD)(cx->S[t]) << 8*i;
-			mask |= MASK1BYTE << 8*i;
-		} /* } */
-		inWord = *pInWord++;
-		/* If buffers are relatively misaligned, shift the bytes in inWord
-		 * to be aligned to the output buffer.
-		 */
-		nextInWord = 0;
-		if (inOffset < outOffset) {
-			/* Have more bytes than needed, shift remainder into nextInWord */
-			nextInWord = inWord LSH 8*(inOffset + byteCount);
-			inWord = inWord RSH bufShift;
-		} else if (inOffset > outOffset) {
-			/* Didn't get enough bytes from current input word, load another
-			 * word and then shift remainder into nextInWord.
-			 */
-			nextInWord = *pInWord++;
-			inWord = (inWord LSH invBufShift) | 
-			         (nextInWord RSH bufShift);
-			nextInWord = nextInWord LSH invBufShift;
-		}
-		/* Store output of first partial word */
-		*pOutWord = (*pOutWord & ~mask) | ((inWord ^ streamWord) & mask);
-		/* Consumed byteCount bytes of input */
-		inputLen -= byteCount;
-		/* move to next word of output */
-		pOutWord++;
-		/* inWord has been consumed, but there may be bytes in nextInWord */
-		inWord = nextInWord;
-	} else {
-		/* output is word-aligned */
-		pOutWord = (WORD *)output;
-		if (inOffset) {
-			/* Input is not word-aligned.  The first word load of input 
-			 * will not produce a full word of input bytes, so one word
-			 * must be pre-loaded.  The main loop below will load in the
-			 * next input word and shift some of its bytes into inWord
-			 * in order to create a full input word.  Note that the main
-			 * loop must execute at least once because the input must
-			 * be at least two words.
-			 */
-			inWord = *pInWord++;
-			inWord = inWord LSH invBufShift;
-		} else {
-			/* Input is word-aligned.  The first word load of input 
-			 * will produce a full word of input bytes, so nothing
-			 * needs to be loaded here.
-			 */
-			inWord = 0;
-		}
-	}
-	/* Output buffer is aligned, inOffset is now measured relative to
-	 * outOffset (and not a word boundary).
-	 */
-	inOffset = (inOffset + WORDSIZE - outOffset) % WORDSIZE;
-	/*****************************************************************/
-	/* Step 2: main loop                                             */
-	/* At this point the output buffer is word-aligned.  Any unused  */
-	/* bytes from above will be in inWord (shifted correctly).  If   */
-	/* the input buffer is unaligned relative to the output buffer,  */
-	/* shifting has to be done.                                      */
-	/*****************************************************************/
-	if (inOffset) {
-		for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) {
-			nextInWord = *pInWord++;
-			inWord |= nextInWord RSH bufShift;
-			nextInWord = nextInWord LSH invBufShift;
-			ARCFOUR_NEXT_WORD();
-			*pOutWord++ = inWord ^ streamWord;
-			inWord = nextInWord;
-		}
-		if (inputLen == 0) {
-			/* Nothing left to do. */
-			cx->i = tmpi;
-			cx->j = tmpj;
-			return SECSuccess;
-		}
-		/* If the amount of remaining input is greater than the amount
-		 * bytes pulled from the current input word, need to do another
-		 * word load.  What's left in inWord will be consumed in step 3.
-		 */
-		if (inputLen > WORDSIZE - inOffset)
-			inWord |= *pInWord RSH bufShift;
-	} else {
-		for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) {
-			inWord = *pInWord++;
-			ARCFOUR_NEXT_WORD();
-			*pOutWord++ = inWord ^ streamWord;
-		}
-		if (inputLen == 0) {
-			/* Nothing left to do. */
-			cx->i = tmpi;
-			cx->j = tmpj;
-			return SECSuccess;
-		} else {
-			/* A partial input word remains at the tail.  Load it.  The
-			 * relevant bytes will be consumed in step 3.
-			 */
-			inWord = *pInWord;
-		}
-	}
-	/*****************************************************************/
-	/* Step 3:                                                       */
-	/* A partial word of input remains, and it is already loaded     */
-	/* into nextInWord.  Shift appropriately and consume the bytes   */
-	/* used in the partial word.                                     */
-	/*****************************************************************/
-	mask = streamWord = 0;
-#ifdef IS_LITTLE_ENDIAN
-	for (i = 0; i < inputLen; ++i) {
-#else
-	for (i = WORDSIZE - 1; i >= WORDSIZE - inputLen; --i) {
-#endif
-		ARCFOUR_NEXT_BYTE();
-		streamWord |= (WORD)(cx->S[t]) << 8*i;
-		mask |= MASK1BYTE << 8*i;
-	} /* } */
-	*pOutWord = (*pOutWord & ~mask) | ((inWord ^ streamWord) & mask);
-	cx->i = tmpi;
-	cx->j = tmpj;
-	return SECSuccess;
-}
-#endif
-
-SECStatus 
-RC4_Encrypt(RC4Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-	PORT_Assert(maxOutputLen >= inputLen);
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-#ifdef CONVERT_TO_WORDS
-	/* Convert the byte-stream to a word-stream */
-	return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen);
-#else
-	/* Operate on bytes, but unroll the main loop */
-	return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen);
-#endif
-}
-
-SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output,
-                      unsigned int *outputLen, unsigned int maxOutputLen,
-                      const unsigned char *input, unsigned int inputLen)
-{
-	PORT_Assert(maxOutputLen >= inputLen);
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	/* decrypt and encrypt are same operation. */
-#ifdef CONVERT_TO_WORDS
-	/* Convert the byte-stream to a word-stream */
-	return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen);
-#else
-	/* Operate on bytes, but unroll the main loop */
-	return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen);
-#endif
-}
-
-#undef CONVERT_TO_WORDS
-#undef USE_LONG
diff --git a/security/nss/lib/freebl/blapi.h b/security/nss/lib/freebl/blapi.h
deleted file mode 100644
index c41691e5b..000000000
--- a/security/nss/lib/freebl/blapi.h
+++ /dev/null
@@ -1,814 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _BLAPI_H_
-#define _BLAPI_H_
-
-#include "blapit.h"
-
-
-SEC_BEGIN_PROTOS
-
-/*
-** RSA encryption/decryption. When encrypting/decrypting the output
-** buffer must be at least the size of the public key modulus.
-*/
-
-/*
-** Generate and return a new RSA public and private key.
-**	Both keys are encoded in a single RSAPrivateKey structure.
-**	"cx" is the random number generator context
-**	"keySizeInBits" is the size of the key to be generated, in bits.
-**	   512, 1024, etc.
-**	"publicExponent" when not NULL is a pointer to some data that
-**	   represents the public exponent to use. The data is a byte
-**	   encoded integer, in "big endian" order.
-*/
-extern RSAPrivateKey *RSA_NewKey(int         keySizeInBits,
-				 SECItem *   publicExponent);
-
-/*
-** Perform a raw public-key operation 
-**	Length of input and output buffers are equal to key's modulus len.
-*/
-extern SECStatus RSA_PublicKeyOp(RSAPublicKey *   key,
-				 unsigned char *  output,
-				 const unsigned char *  input);
-
-/*
-** Perform a raw private-key operation 
-**	Length of input and output buffers are equal to key's modulus len.
-*/
-extern SECStatus RSA_PrivateKeyOp(RSAPrivateKey *  key,
-				  unsigned char *  output,
-				  const unsigned char *  input);
-
-/*
-** Perform a raw private-key operation, and check the parameters used in
-** the operation for validity by performing a test operation first.
-**	Length of input and output buffers are equal to key's modulus len.
-*/
-extern SECStatus RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *  key,
-				               unsigned char *  output,
-				               const unsigned char *  input);
-
-/*
-** Perform a check of private key parameters for consistency.
-*/
-extern SECStatus RSA_PrivateKeyCheck(RSAPrivateKey *key);
-
-
-/********************************************************************
-** DSA signing algorithm
-*/
-
-/*
-** Generate and return a new DSA public and private key pair,
-**	both of which are encoded into a single DSAPrivateKey struct.
-**	"params" is a pointer to the PQG parameters for the domain
-**	Uses a random seed.
-*/
-extern SECStatus DSA_NewKey(const PQGParams *     params, 
-		            DSAPrivateKey **      privKey);
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input,  signature->len == size of buffer to hold signature.
-**            digest->len    == size of digest.
-** On output, signature->len == size of signature in buffer.
-** Uses a random seed.
-*/
-extern SECStatus DSA_SignDigest(DSAPrivateKey *   key,
-				SECItem *         signature,
-				const SECItem *   digest);
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input,  signature->len == size of buffer to hold signature.
-**            digest->len    == size of digest.
-*/
-extern SECStatus DSA_VerifyDigest(DSAPublicKey *  key,
-				  const SECItem * signature,
-				  const SECItem * digest);
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes long */
-extern SECStatus DSA_NewKeyFromSeed(const PQGParams *params, 
-                                    const unsigned char * seed,
-                                    DSAPrivateKey **privKey);
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
-extern SECStatus DSA_SignDigestWithSeed(DSAPrivateKey * key,
-                                        SECItem *       signature,
-                                        const SECItem * digest,
-                                        const unsigned char * seed);
-
-/******************************************************
-** Diffie Helman key exchange algorithm 
-*/
-
-/* Generates parameters for Diffie-Helman key generation.
-**	primeLen is the length in bytes of prime P to be generated.
-*/
-extern SECStatus DH_GenParam(int primeLen, DHParams ** params);
-
-/* Generates a public and private key, both of which are encoded in a single
-**	DHPrivateKey struct. Params is input, privKey are output.  
-**	This is Phase 1 of Diffie Hellman.
-*/
-extern SECStatus DH_NewKey(DHParams *           params, 
-                           DHPrivateKey **	privKey);
-
-/* 
-** DH_Derive does the Diffie-Hellman phase 2 calculation, using the 
-** other party's publicValue, and the prime and our privateValue.
-** maxOutBytes is the requested length of the generated secret in bytes.  
-** A zero value means produce a value of any length up to the size of 
-** the prime.   If successful, derivedSecret->data is set 
-** to the address of the newly allocated buffer containing the derived 
-** secret, and derivedSecret->len is the size of the secret produced.
-** The size of the secret produced will never be larger than the length
-** of the prime, and it may be smaller than maxOutBytes.
-** It is the caller's responsibility to free the allocated buffer 
-** containing the derived secret.
-*/
-extern SECStatus DH_Derive(SECItem *    publicValue, 
-		           SECItem *    prime, 
-			   SECItem *    privateValue, 
-			   SECItem *    derivedSecret,
-			   unsigned int maxOutBytes);
-
-/* 
-** KEA_CalcKey returns octet string with the private key for a dual
-** Diffie-Helman  key generation as specified for government key exchange.
-*/
-extern SECStatus KEA_Derive(SECItem *prime, 
-                            SECItem *public1, 
-                            SECItem *public2, 
-			    SECItem *private1, 
-			    SECItem *private2,
-			    SECItem *derivedSecret);
-
-/*
- * verify that a KEA or DSA public key is a valid key for this prime and
- * subprime domain.
- */
-extern PRBool KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime);
-
-
-/******************************************/
-/*
-** RC4 symmetric stream cypher
-*/
-
-/*
-** Create a new RC4 context suitable for RC4 encryption/decryption.
-**	"key" raw key data
-**	"len" the number of bytes of key data
-*/
-extern RC4Context *RC4_CreateContext(unsigned char *key, int len);
-
-/*
-** Destroy an RC4 encryption/decryption context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void RC4_DestroyContext(RC4Context *cx, PRBool freeit);
-
-/*
-** Perform RC4 encryption.
-**	"cx" the context
-**	"output" the output buffer to store the encrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus RC4_Encrypt(RC4Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform RC4 decryption.
-**	"cx" the context
-**	"output" the output buffer to store the decrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
-/******************************************/
-/*
-** RC2 symmetric block cypher
-*/
-
-/*
-** Create a new RC2 context suitable for RC2 encryption/decryption.
-** 	"key" raw key data
-** 	"len" the number of bytes of key data
-** 	"iv" is the CBC initialization vector (if mode is NSS_RC2_CBC)
-** 	"mode" one of NSS_RC2 or NSS_RC2_CBC
-**	"effectiveKeyLen" is the effective key length (as specified in 
-**	    RFC 2268) in bytes (not bits).
-**
-** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block
-** chaining" mode.
-*/
-extern RC2Context *RC2_CreateContext(unsigned char *key, unsigned int len,
-		     unsigned char *iv, int mode, unsigned effectiveKeyLen);
-
-/*
-** Destroy an RC2 encryption/decryption context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void RC2_DestroyContext(RC2Context *cx, PRBool freeit);
-
-/*
-** Perform RC2 encryption.
-**	"cx" the context
-**	"output" the output buffer to store the encrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform RC2 decryption.
-**	"cx" the context
-**	"output" the output buffer to store the decrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
-/******************************************/
-/*
-** RC5 symmetric block cypher -- 64-bit block size
-*/
-
-/*
-** Create a new RC5 context suitable for RC5 encryption/decryption.
-**      "key" raw key data
-**      "len" the number of bytes of key data
-**      "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC)
-**      "mode" one of NSS_RC5 or NSS_RC5_CBC
-**
-** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block
-** chaining" mode.
-*/
-extern RC5Context *RC5_CreateContext(SECItem *key, unsigned int rounds,
-                     unsigned int wordSize, unsigned char *iv, int mode);
-
-/*
-** Destroy an RC5 encryption/decryption context.
-**      "cx" the context
-**      "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void RC5_DestroyContext(RC5Context *cx, PRBool freeit);
-
-/*
-** Perform RC5 encryption.
-**      "cx" the context
-**      "output" the output buffer to store the encrypted data.
-**      "outputLen" how much data is stored in "output". Set by the routine
-**         after some data is stored in output.
-**      "maxOutputLen" the maximum amount of data that can ever be
-**         stored in "output"
-**      "input" the input data
-**      "inputLen" the amount of input data
-*/
-extern SECStatus RC5_Encrypt(RC5Context *cx, unsigned char *output,
-                            unsigned int *outputLen, unsigned int maxOutputLen,
-                            const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform RC5 decryption.
-**      "cx" the context
-**      "output" the output buffer to store the decrypted data.
-**      "outputLen" how much data is stored in "output". Set by the routine
-**         after some data is stored in output.
-**      "maxOutputLen" the maximum amount of data that can ever be
-**         stored in "output"
-**      "input" the input data
-**      "inputLen" the amount of input data
-*/
-
-extern SECStatus RC5_Decrypt(RC5Context *cx, unsigned char *output,
-                            unsigned int *outputLen, unsigned int maxOutputLen,
-                            const unsigned char *input, unsigned int inputLen);
-
-
-
-/******************************************/
-/*
-** DES symmetric block cypher
-*/
-
-/*
-** Create a new DES context suitable for DES encryption/decryption.
-** 	"key" raw key data
-** 	"len" the number of bytes of key data
-** 	"iv" is the CBC initialization vector (if mode is NSS_DES_CBC or
-** 	   mode is DES_EDE3_CBC)
-** 	"mode" one of NSS_DES, NSS_DES_CBC, NSS_DES_EDE3 or NSS_DES_EDE3_CBC
-**	"encrypt" is PR_TRUE if the context will be used for encryption
-**
-** When mode is set to NSS_DES_CBC or NSS_DES_EDE3_CBC then the DES
-** cipher is run in "cipher block chaining" mode.
-*/
-extern DESContext *DES_CreateContext(unsigned char *key, unsigned char *iv,
-				     int mode, PRBool encrypt);
-
-/*
-** Destroy an DES encryption/decryption context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void DES_DestroyContext(DESContext *cx, PRBool freeit);
-
-/*
-** Perform DES encryption.
-**	"cx" the context
-**	"output" the output buffer to store the encrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-**
-** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH
-*/
-extern SECStatus DES_Encrypt(DESContext *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform DES decryption.
-**	"cx" the context
-**	"output" the output buffer to store the decrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-**
-** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH
-*/
-extern SECStatus DES_Decrypt(DESContext *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
-/******************************************/
-/*
-** AES symmetric block cypher (Rijndael)
-*/
-
-/*
-** Create a new AES context suitable for AES encryption/decryption.
-** 	"key" raw key data
-** 	"keylen" the number of bytes of key data (16, 24, or 32)
-**      "blocklen" is the blocksize to use (16, 24, or 32)
-**                        XXX currently only blocksize==16 has been tested!
-*/
-extern AESContext *
-AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt,
-                  unsigned int keylen, unsigned int blocklen);
-
-/*
-** Destroy a AES encryption/decryption context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void 
-AES_DestroyContext(AESContext *cx, PRBool freeit);
-
-/*
-** Perform AES encryption.
-**	"cx" the context
-**	"output" the output buffer to store the encrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus 
-AES_Encrypt(AESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform AES decryption.
-**	"cx" the context
-**	"output" the output buffer to store the decrypted data.
-**	"outputLen" how much data is stored in "output". Set by the routine
-**	   after some data is stored in output.
-**	"maxOutputLen" the maximum amount of data that can ever be
-**	   stored in "output"
-**	"input" the input data
-**	"inputLen" the amount of input data
-*/
-extern SECStatus 
-AES_Decrypt(AESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen);
-
-
-/******************************************/
-/*
-** MD5 secure hash function
-*/
-
-/*
-** Hash a null terminated string "src" into "dest" using MD5
-*/
-extern SECStatus MD5_Hash(unsigned char *dest, const char *src);
-
-/*
-** Hash a non-null terminated string "src" into "dest" using MD5
-*/
-extern SECStatus MD5_HashBuf(unsigned char *dest, const unsigned char *src,
-			     uint32 src_length);
-
-/*
-** Create a new MD5 context
-*/
-extern MD5Context *MD5_NewContext(void);
-
-
-/*
-** Destroy an MD5 secure hash context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void MD5_DestroyContext(MD5Context *cx, PRBool freeit);
-
-/*
-** Reset an MD5 context, preparing it for a fresh round of hashing
-*/
-extern void MD5_Begin(MD5Context *cx);
-
-/*
-** Update the MD5 hash function with more data.
-**	"cx" the context
-**	"input" the data to hash
-**	"inputLen" the amount of data to hash
-*/
-extern void MD5_Update(MD5Context *cx,
-		       const unsigned char *input, unsigned int inputLen);
-
-/*
-** Finish the MD5 hash function. Produce the digested results in "digest"
-**	"cx" the context
-**	"digest" where the 16 bytes of digest data are stored
-**	"digestLen" where the digest length (16) is stored
-**	"maxDigestLen" the maximum amount of data that can ever be
-**	   stored in "digest"
-*/
-extern void MD5_End(MD5Context *cx, unsigned char *digest,
-		    unsigned int *digestLen, unsigned int maxDigestLen);
-/*
- * Return the the size of a buffer needed to flatten the MD5 Context into
- *    "cx" the context
- *  returns size;
- */
-extern unsigned int MD5_FlattenSize(MD5Context *cx);
-
-/*
- * Flatten the MD5 Context into a buffer:
- *    "cx" the context
- *    "space" the buffer to flatten to
- *  returns status;
- */
-extern SECStatus MD5_Flatten(MD5Context *cx,unsigned char *space);
-
-/*
- * Resurrect a flattened context into a MD5 Context
- *    "space" the buffer of the flattend buffer
- *    "arg" ptr to void used by cryptographic resurrect
- *  returns resurected context;
- */
-extern MD5Context * MD5_Resurrect(unsigned char *space, void *arg);
-
-/*
-** trace the intermediate state info of the MD5 hash.
-*/
-extern void MD5_TraceState(MD5Context *cx);
-
-
-/******************************************/
-/*
-** MD2 secure hash function
-*/
-
-/*
-** Hash a null terminated string "src" into "dest" using MD2
-*/
-extern SECStatus MD2_Hash(unsigned char *dest, const char *src);
-
-/*
-** Create a new MD2 context
-*/
-extern MD2Context *MD2_NewContext(void);
-
-
-/*
-** Destroy an MD2 secure hash context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void MD2_DestroyContext(MD2Context *cx, PRBool freeit);
-
-/*
-** Reset an MD2 context, preparing it for a fresh round of hashing
-*/
-extern void MD2_Begin(MD2Context *cx);
-
-/*
-** Update the MD2 hash function with more data.
-**	"cx" the context
-**	"input" the data to hash
-**	"inputLen" the amount of data to hash
-*/
-extern void MD2_Update(MD2Context *cx,
-		       const unsigned char *input, unsigned int inputLen);
-
-/*
-** Finish the MD2 hash function. Produce the digested results in "digest"
-**	"cx" the context
-**	"digest" where the 16 bytes of digest data are stored
-**	"digestLen" where the digest length (16) is stored
-**	"maxDigestLen" the maximum amount of data that can ever be
-**	   stored in "digest"
-*/
-extern void MD2_End(MD2Context *cx, unsigned char *digest,
-		    unsigned int *digestLen, unsigned int maxDigestLen);
-
-/*
- * Return the the size of a buffer needed to flatten the MD2 Context into
- *    "cx" the context
- *  returns size;
- */
-extern unsigned int MD2_FlattenSize(MD2Context *cx);
-
-/*
- * Flatten the MD2 Context into a buffer:
- *    "cx" the context
- *    "space" the buffer to flatten to
- *  returns status;
- */
-extern SECStatus MD2_Flatten(MD2Context *cx,unsigned char *space);
-
-/*
- * Resurrect a flattened context into a MD2 Context
- *    "space" the buffer of the flattend buffer
- *    "arg" ptr to void used by cryptographic resurrect
- *  returns resurected context;
- */
-extern MD2Context * MD2_Resurrect(unsigned char *space, void *arg);
-
-/******************************************/
-/*
-** SHA-1 secure hash function
-*/
-
-/*
-** Hash a null terminated string "src" into "dest" using SHA-1
-*/
-extern SECStatus SHA1_Hash(unsigned char *dest, const char *src);
-
-/*
-** Hash a non-null terminated string "src" into "dest" using SHA-1
-*/
-extern SECStatus SHA1_HashBuf(unsigned char *dest, const unsigned char *src,
-			      uint32 src_length);
-
-/*
-** Create a new SHA-1 context
-*/
-extern SHA1Context *SHA1_NewContext(void);
-
-
-/*
-** Destroy a SHA-1 secure hash context.
-**	"cx" the context
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SHA1_DestroyContext(SHA1Context *cx, PRBool freeit);
-
-/*
-** Reset a SHA-1 context, preparing it for a fresh round of hashing
-*/
-extern void SHA1_Begin(SHA1Context *cx);
-
-/*
-** Update the SHA-1 hash function with more data.
-**	"cx" the context
-**	"input" the data to hash
-**	"inputLen" the amount of data to hash
-*/
-extern void SHA1_Update(SHA1Context *cx, const unsigned char *input,
-			unsigned int inputLen);
-
-/*
-** Finish the SHA-1 hash function. Produce the digested results in "digest"
-**	"cx" the context
-**	"digest" where the 16 bytes of digest data are stored
-**	"digestLen" where the digest length (20) is stored
-**	"maxDigestLen" the maximum amount of data that can ever be
-**	   stored in "digest"
-*/
-extern void SHA1_End(SHA1Context *cx, unsigned char *digest,
-		     unsigned int *digestLen, unsigned int maxDigestLen);
-
-/*
-** trace the intermediate state info of the SHA1 hash.
-*/
-extern void SHA1_TraceState(SHA1Context *cx);
-
-/*
- * Return the the size of a buffer needed to flatten the SHA-1 Context into
- *    "cx" the context
- *  returns size;
- */
-extern unsigned int SHA1_FlattenSize(SHA1Context *cx);
-
-/*
- * Flatten the SHA-1 Context into a buffer:
- *    "cx" the context
- *    "space" the buffer to flatten to
- *  returns status;
- */
-extern SECStatus SHA1_Flatten(SHA1Context *cx,unsigned char *space);
-
-/*
- * Resurrect a flattened context into a SHA-1 Context
- *    "space" the buffer of the flattend buffer
- *    "arg" ptr to void used by cryptographic resurrect
- *  returns resurected context;
- */
-extern SHA1Context * SHA1_Resurrect(unsigned char *space, void *arg);
-
-
-/******************************************/
-/*
-** Pseudo Random Number Generation.  FIPS compliance desirable.
-*/
-
-/*
-** Initialize the global RNG context and give it some seed input taken
-** from the system.  This function is thread-safe and will only allow
-** the global context to be initialized once.  The seed input is likely
-** small, so it is imperative that RNG_RandomUpdate() be called with
-** additional seed data before the generator is used.  A good way to
-** provide the generator with additional entropy is to call
-** RNG_SystemInfoForRNG().  Note that NSS_Init() does exactly that.
-*/
-extern SECStatus RNG_RNGInit(void);
-
-/*
-** Update the global random number generator with more seeding
-** material
-*/
-extern SECStatus RNG_RandomUpdate(const void *data, size_t bytes);
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.
-*/
-extern SECStatus RNG_GenerateGlobalRandomBytes(void *dest, size_t len);
-
-/* Destroy the global RNG context.  After a call to RNG_RNGShutdown()
-** a call to RNG_RNGInit() is required in order to use the generator again,
-** along with seed data (see the comment above RNG_RNGInit()).
-*/
-extern void  RNG_RNGShutdown(void);
-
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P. 
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus
-PQG_ParamGen(unsigned int j, 	   /* input : determines length of P. */
-             PQGParams **pParams,  /* output: P Q and G returned here */
-	     PQGVerify **pVfy);    /* output: counter and seed. */
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j.  Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus
-PQG_ParamGenSeedLen(
-             unsigned int j, 	     /* input : determines length of P. */
-	     unsigned int seedBytes, /* input : length of seed in bytes.*/
-             PQGParams **pParams,    /* output: P Q and G returned here */
-	     PQGVerify **pVfy);      /* output: counter and seed. */
-
-
-/*  Test PQGParams for validity as DSS PQG values.
- *  If vfy is non-NULL, test PQGParams to make sure they were generated
- *       using the specified seed, counter, and h values.
- *
- *  Return value indicates whether Verification operation ran succesfully
- *  to completion, but does not indicate if PQGParams are valid or not.
- *  If return value is SECSuccess, then *pResult has these meanings:
- *       SECSuccess: PQGParams are valid.
- *       SECFailure: PQGParams are invalid.
- *
- * Verify the following 12 facts about PQG counter SEED g and h
- * 1.  Q is 160 bits long.
- * 2.  P is one of the 9 valid lengths.
- * 3.  G < P
- * 4.  P % Q == 1
- * 5.  Q is prime
- * 6.  P is prime
- * Steps 7-12 are done only if the optional PQGVerify is supplied.
- * 7.  counter < 4096
- * 8.  g >= 160 and g < 2048   (g is length of seed in bits)
- * 9.  Q generated from SEED matches Q in PQGParams.
- * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
- * 11. 1 < h < P-1
- * 12. G generated from h matches G in PQGParams.
- */
-
-extern SECStatus   PQG_VerifyParams(const PQGParams *params, 
-                                    const PQGVerify *vfy, SECStatus *result);
-
-
-/*
- * clean-up any global tables freebl may have allocated after it starts up.
- * This function is not thread safe and should be called only after the
- * library has been quiessed.
- */
-extern void BL_Cleanup(void);
-
-/**************************************************************************
- *  Free the PQGParams struct and the things it points to.                *
- **************************************************************************/
-extern void PQG_DestroyParams(PQGParams *params);
-
-/**************************************************************************
- *  Free the PQGVerify struct and the things it points to.                *
- **************************************************************************/
-extern void PQG_DestroyVerify(PQGVerify *vfy);
-
-SEC_END_PROTOS
-
-#endif /* _BLAPI_H_ */
diff --git a/security/nss/lib/freebl/blapi_bsf.c b/security/nss/lib/freebl/blapi_bsf.c
deleted file mode 100644
index 1204306d9..000000000
--- a/security/nss/lib/freebl/blapi_bsf.c
+++ /dev/null
@@ -1,2114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*****************************************************************************
-**
-**	Implementation of BLAPI using RSA BSAFE Crypto-C 4.1
-**
-******************************************************************************/
-
-/*
-**  Notes:
-**
-**  1.  SHA1, MD2, and MD5 are not implemented here.  This is because 
-**      BSAFE Crypto-C 4.1 does not provide a mechanism for saving and 
-**      restoring intermediate hash values.  BLAPI uses the functions 
-**      <hash>_Flatten and <hash>_Resurrect to accomplish this, so the 
-**      hashes are implemented elsewhere.
-**
-**  2.  The DSA and PQG functions which use seeds are not consistent across
-**      implementations.  In this BSAFE-dependent implementation of BLAPI, 
-**      the seed is understood to be an initial value sent to a random number 
-**      generator used during the key/param generation.  In the implementation
-**      used by Netscape-branded products, the seed is understood to be actual 
-**      bytes used for the creation of a key or parameters.  This means that 
-**      while the BSAFE-dependent implementation may be self-consistent (using 
-**      the same seed will produce the same key/parameters), it is not 
-**      consistent with the Netscape-branded implementation.  
-**      Also, according to the BSAFE Crypto-C 4.0 Library Reference Manual, the
-**      SHA1 Random Number Generator is implemented according to the X9.62
-**      Draft Standard.  Random number generation in the Netscape-branded
-**      implementation of BLAPI is compliant with FIPS-186, thus random
-**      numbers generated using the same seed will differ across 
-**      implementations.
-**
-**  3.  PQG_VerifyParams is not implemented here.  BSAFE Crypto-C 4.1 
-**      allows access to the seed and counter values used in generating
-**      p and q, but does not provide a mechanism for verifying that
-**      p, q, and g were generated from that seed and counter.  At this
-**      time, this implementation will set a PR_NOT_IMPLEMENTED_ERROR 
-**      in a call to PQG_VerifyParams.
-**
-*/
-
-#include "prerr.h"
-#include "secerr.h"
-
-/* BSAFE headers */
-#include "aglobal.h"
-#include "bsafe.h"
-
-/* BLAPI definition */
-#include "blapi.h"
-
-/* default block sizes for algorithms */
-#define DES_BLOCK_SIZE       8
-#define RC2_BLOCK_SIZE       8
-#define RC5_BLOCK_SIZE       8
-
-#define MAX_RC5_KEY_BYTES 255
-#define MAX_RC5_ROUNDS    255
-#define RC5_VERSION_NUMBER   0x10
-
-#define SECITEMFROMITEM(arena, to, from) \
-	tmp.data = from.data; tmp.len = from.len; to.type = siBuffer; \
-	if (SECITEM_CopyItem(arena, &to, &tmp) != SECSuccess) goto loser;
-
-#define ITEMFROMSECITEM(to, from) \
-	to.data = from.data; to.len = from.len;
-
-static const B_ALGORITHM_METHOD *rand_chooser[] = {
-	&AM_SHA_RANDOM,
-	(B_ALGORITHM_METHOD *)NULL_PTR
-};
-
-static B_ALGORITHM_OBJ 
-generateRandomAlgorithm(int numBytes, unsigned char *seedData)
-{
-	SECItem seed = { siBuffer, 0, 0 };
-	B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR;
-	int status;
-
-	/*  Allocate space for random seed.  */
-	if (seedData) {
-		seed.len = numBytes;
-		seed.data = seedData;
-	} else {
-		if (SECITEM_AllocItem(NULL, &seed, numBytes) == NULL) {
-			PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-			goto loser;
-		}
-		if ((status = RNG_GenerateGlobalRandomBytes(seed.data, seed.len)) 
-		     != 0) {
-			PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-			goto loser;
-		}
-	}
-
-	/*  Generate the random seed.  */
-	if ((status = B_CreateAlgorithmObject(&randomAlgorithm)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(randomAlgorithm, AI_SHA1Random, 
-	                                 NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_RandomInit(randomAlgorithm, rand_chooser,
-	                           (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_RandomUpdate(randomAlgorithm, seed.data, seed.len,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-
-	if (seedData == NULL)
-		SECITEM_FreeItem(&seed, PR_FALSE);
-
-	return randomAlgorithm;
-
-loser:
-	if (randomAlgorithm != NULL_PTR)
-		B_DestroyAlgorithmObject(&randomAlgorithm);
-	if (seedData == NULL)
-		SECITEM_FreeItem(&seed, PR_FALSE);
-	return NULL_PTR;
-}
-
-/*****************************************************************************
-** BLAPI implementation of DES
-******************************************************************************/
-
-struct DESContextStr {
-    B_ALGORITHM_OBJ     algobj;
-	B_ALGORITHM_METHOD *alg_chooser[3];
-	B_KEY_OBJ           keyobj;
-};
-
-DESContext *
-DES_CreateContext(unsigned char *key, unsigned char *iv,
-                  int mode, PRBool encrypt)
-{
-    /* BLAPI */
-	DESContext *cx;
-	/* BSAFE */
-	B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
-	ITEM                           ivItem;
-	unsigned int                   blockLength = DES_BLOCK_SIZE;
-	int status;
-
-	cx = (DESContext *)PORT_ZAlloc(sizeof(DESContext));
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return NULL;
-	}
-
-	/* Create an encryption object. */
-	cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
-	if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	/* Set the IV. */
-	ivItem.data = iv;
-	ivItem.len = DES_BLOCK_SIZE;
-
-	/* Create the key. */
-	cx->keyobj = (B_KEY_OBJ)NULL_PTR;
-	if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	/* Set fields common to all DES modes. */
-	fbParams.encryptionParams     = NULL_PTR;
-	fbParams.paddingMethodName    = (unsigned char *)"nopad";
-	fbParams.paddingParams        = NULL_PTR;
-
-	/* Set mode-specific fields. */
-	switch (mode) {
-	case NSS_DES:
-		fbParams.encryptionMethodName = (unsigned char *)"des";
-		fbParams.feedbackMethodName   = (unsigned char *)"ecb";
-		fbParams.feedbackParams       = (POINTER)&blockLength;
-		if ((status = B_SetKeyInfo(cx->keyobj, KI_DES8Strong, (POINTER)key)) 
-		     != 0) {
-			PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-			goto loser;
-		}
-		if (encrypt) {
-			cx->alg_chooser[0] = &AM_DES_ENCRYPT;
-			cx->alg_chooser[1] = &AM_ECB_ENCRYPT;
-		} else {
-			cx->alg_chooser[0] = &AM_DES_DECRYPT;
-			cx->alg_chooser[1] = &AM_ECB_DECRYPT;
-		}
-		cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
-		break;
-
-	case NSS_DES_CBC:
-		fbParams.encryptionMethodName = (unsigned char *)"des";
-		fbParams.feedbackMethodName   = (unsigned char *)"cbc";
-		fbParams.feedbackParams       = (POINTER)&ivItem;
-		if ((status = B_SetKeyInfo(cx->keyobj, KI_DES8Strong, (POINTER)key)) 
-		     != 0) {
-			PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-			goto loser;
-		}
-		if (encrypt) {
-			cx->alg_chooser[0] = &AM_DES_ENCRYPT;
-			cx->alg_chooser[1] = &AM_CBC_ENCRYPT;
-		} else {
-			cx->alg_chooser[0] = &AM_DES_DECRYPT;
-			cx->alg_chooser[1] = &AM_CBC_DECRYPT;
-		}
-		cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
-		break;
-
-	case NSS_DES_EDE3:
-		fbParams.encryptionMethodName = (unsigned char *)"des_ede";
-		fbParams.feedbackMethodName   = (unsigned char *)"ecb";
-		fbParams.feedbackParams       = (POINTER)&blockLength;
-		if ((status = B_SetKeyInfo(cx->keyobj, KI_DES24Strong, (POINTER)key)) 
-		     != 0) {
-			PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-			goto loser;
-		}
-		if (encrypt) {
-			cx->alg_chooser[0] = &AM_DES_EDE_ENCRYPT;
-			cx->alg_chooser[1] = &AM_ECB_ENCRYPT;
-		} else {
-			cx->alg_chooser[0] = &AM_DES_EDE_DECRYPT;
-			cx->alg_chooser[1] = &AM_ECB_DECRYPT;
-		}
-		cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
-		break;
-
-	case NSS_DES_EDE3_CBC:
-		fbParams.encryptionMethodName = (unsigned char *)"des_ede";
-		fbParams.feedbackMethodName   = (unsigned char *)"cbc";
-		fbParams.feedbackParams       = (POINTER)&ivItem;
-		if ((status = B_SetKeyInfo(cx->keyobj, KI_DES24Strong, (POINTER)key)) 
-		     != 0) {
-			PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-			goto loser;
-		}
-		if (encrypt) {
-			cx->alg_chooser[0] = &AM_DES_EDE_ENCRYPT;
-			cx->alg_chooser[1] = &AM_CBC_ENCRYPT;
-		} else {
-			cx->alg_chooser[0] = &AM_DES_EDE_DECRYPT;
-			cx->alg_chooser[1] = &AM_CBC_DECRYPT;
-		}
-		cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
-		break;
-
-	default:
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
-	                                 (POINTER)&fbParams)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	return cx;
-
-loser:
-	DES_DestroyContext(cx, PR_TRUE);
-	return NULL;
-}
-
-void 
-DES_DestroyContext(DESContext *cx, PRBool freeit)
-{
-	if (freeit) {
-		PORT_Assert(cx != NULL);
-		if (cx == NULL) {
-			PORT_SetError(SEC_ERROR_INVALID_ARGS);
-			return;
-		}
-		if (cx->keyobj != NULL_PTR)
-			B_DestroyKeyObject(&cx->keyobj);
-		if (cx->algobj != NULL_PTR)
-			B_DestroyAlgorithmObject(&cx->algobj);
-		PORT_ZFree(cx, sizeof(DESContext));
-	}
-}
-
-SECStatus 
-DES_Encrypt(DESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            unsigned char *input, unsigned int inputLen)
-{
-	unsigned int outputLenUpdate, outputLenFinal;
-	int status;
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert((inputLen & (DES_BLOCK_SIZE -1 )) == 0);
-	if (inputLen & (DES_BLOCK_SIZE -1 )) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if ((status = B_EncryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	if ((status = B_EncryptFinal(cx->algobj, 
-	                             output + outputLenUpdate, 
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-	return SECSuccess;
-}
-
-SECStatus 
-DES_Decrypt(DESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            unsigned char *input, unsigned int inputLen)
-{
-	unsigned int outputLenUpdate, outputLenFinal;
-	int status;
-	ptrdiff_t inpptr;
-	unsigned char *inp = NULL;
-	PRBool cpybuffer = PR_FALSE;
-
-	/*  The BSAFE Crypto-C 4.1 library with which we tested on a Sun 
-	 *  UltraSparc crashed when the input to an DES CBC decryption operation
-	 *  was not 4-byte aligned.
-	 *  So, we work around this problem by aligning unaligned input in a
-	 *  temporary buffer.
-	 */
-	inpptr = (ptrdiff_t)input;
-	if (inpptr & 0x03) {
-		inp = PORT_ZAlloc(inputLen);
-		if (inp == NULL) {
-			PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-			return SECFailure;
-		}
-		PORT_Memcpy(inp, input, inputLen);
-		cpybuffer = PR_TRUE;
-	} else {
-		inp = input;
-	}
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	PORT_Assert((inputLen & (DES_BLOCK_SIZE - 1)) == 0);
-	if (inputLen & (DES_BLOCK_SIZE - 1)) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	if ((status = B_DecryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-	if ((status = B_DecryptFinal(cx->algobj, 
-	                             output + outputLenUpdate, 
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-
-	if (cpybuffer)
-		PORT_ZFree(inp, inputLen);
-	return SECSuccess;
-
-loser:
-	if (cpybuffer)
-		PORT_ZFree(inp, inputLen);
-	return SECFailure;
-}
-}
-
-/*****************************************************************************
-** BLAPI implementation of RC2
-******************************************************************************/
-
-struct RC2ContextStr
-{
-	B_ALGORITHM_OBJ     algobj;
-	B_ALGORITHM_METHOD *alg_chooser[6];
-	B_KEY_OBJ           keyobj;
-};
-
-RC2Context *
-RC2_CreateContext(unsigned char *key, unsigned int len,
-                  unsigned char *iv, int mode, unsigned effectiveKeyLen)
-{
-	/* BLAPI */
-	RC2Context *cx;
-	/* BSAFE */
-	B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
-	A_RC2_PARAMS                   rc2Params;
-	ITEM                           ivItem;
-	ITEM                           keyItem;
-	unsigned int                   blockLength = RC2_BLOCK_SIZE;
-	int status;
-
-	if (mode == NSS_RC2_CBC && iv == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return NULL;
-	}
-
-	cx = (RC2Context *)PORT_ZAlloc(sizeof(RC2Context));
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return NULL;
-	}
-	cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
-	if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	cx->keyobj = (B_KEY_OBJ)NULL_PTR;
-	if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	rc2Params.effectiveKeyBits = effectiveKeyLen * BITS_PER_BYTE;
-	ivItem.data = iv;
-	ivItem.len = RC2_BLOCK_SIZE;
-
-	fbParams.encryptionMethodName = (unsigned char *)"rc2";
-	fbParams.encryptionParams = (POINTER)&rc2Params;
-	fbParams.paddingMethodName = (unsigned char *)"nopad";
-	fbParams.paddingParams = NULL_PTR;
-	cx->alg_chooser[0] = &AM_RC2_ENCRYPT;
-	cx->alg_chooser[1] = &AM_RC2_DECRYPT;
-	cx->alg_chooser[4] = &AM_SHA_RANDOM;
-	cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL;
-
-	switch (mode) {
-	case NSS_RC2:
-		fbParams.feedbackMethodName = (unsigned char *)"ecb";
-		fbParams.feedbackParams = (POINTER)&blockLength;
-		cx->alg_chooser[2] = &AM_ECB_ENCRYPT;
-		cx->alg_chooser[3] = &AM_ECB_DECRYPT;
-		break;
-	case NSS_RC2_CBC:
-		fbParams.feedbackMethodName = (unsigned char *)"cbc";
-		fbParams.feedbackParams = (POINTER)&ivItem;
-		cx->alg_chooser[2] = &AM_CBC_ENCRYPT;
-		cx->alg_chooser[3] = &AM_CBC_DECRYPT;
-		break;
-	default:
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
-	                                 (POINTER)&fbParams)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	keyItem.len = len;
-	keyItem.data = key;
-	if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	return cx;
-
-loser:
-	RC2_DestroyContext(cx, PR_TRUE);
-	return NULL;
-}
-
-void 
-RC2_DestroyContext(RC2Context *cx, PRBool freeit)
-{
-	if (freeit) {
-		PORT_Assert(cx != NULL);
-		if (cx == NULL) {
-			PORT_SetError(SEC_ERROR_INVALID_ARGS);
-			return;
-		}
-		if (cx->keyobj != NULL_PTR)
-			B_DestroyKeyObject(&cx->keyobj);
-		if (cx->algobj != NULL_PTR)
-			B_DestroyAlgorithmObject(&cx->algobj);
-		PORT_ZFree(cx, sizeof(RC2Context));
-	}
-}
-
-SECStatus 
-RC2_Encrypt(RC2Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            unsigned char *input, unsigned int inputLen)
-{
-	int status;
-	unsigned int outputLenUpdate, outputLenFinal;
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0);
-	if (inputLen & (RC2_BLOCK_SIZE - 1)) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if ((status = B_EncryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	if ((status = B_EncryptFinal(cx->algobj, 
-	                             output + outputLenUpdate,
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-	return SECSuccess;
-}
-
-SECStatus 
-RC2_Decrypt(RC2Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            unsigned char *input, unsigned int inputLen)
-{
-	int status;
-	unsigned int outputLenUpdate, outputLenFinal;
-	ptrdiff_t inpptr;
-	unsigned char *inp = NULL;
-	PRBool cpybuffer = PR_FALSE;
-
-	/*  The BSAFE Crypto-C 4.1 library with which we tested on a Sun 
-	 *  UltraSparc crashed when the input to an RC2 CBC decryption operation
-	 *  was not 4-byte aligned.
-	 *  So, we work around this problem by aligning unaligned input in a
-	 *  temporary buffer.
-	 */
-	inpptr = (ptrdiff_t)input;
-	if (inpptr & 0x03) {
-		inp = PORT_ZAlloc(inputLen);
-		if (inp == NULL) {
-			PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-			return SECFailure;
-		}
-		PORT_Memcpy(inp, input, inputLen);
-		cpybuffer = PR_TRUE;
-	} else {
-		inp = input;
-	}
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0);
-	if (inputLen & (RC2_BLOCK_SIZE - 1)) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	if ((status = B_DecryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              inp,
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-	if ((status = B_DecryptFinal(cx->algobj, 
-	                             output + outputLenUpdate,
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-
-	if (cpybuffer)
-		PORT_ZFree(inp, inputLen);
-	return SECSuccess;
-
-loser:
-	if (cpybuffer)
-		PORT_ZFree(inp, inputLen);
-	return SECFailure;
-}
-
-/*****************************************************************************
-** BLAPI implementation of RC4
-******************************************************************************/
-
-struct RC4ContextStr
-{
-	B_ALGORITHM_OBJ     algobj;
-	B_ALGORITHM_METHOD *alg_chooser[3];
-	B_KEY_OBJ           keyobj;
-};
-
-RC4Context *
-RC4_CreateContext(unsigned char *key, int len)
-{
-	/* BLAPI */
-	RC4Context *cx;
-	/* BSAFE */
-	ITEM keyItem;
-	int status;
-
-	cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context));
-	if (cx == NULL) {
-		/* set out of memory error */
-		return NULL;
-	}
-
-	cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
-	if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	cx->keyobj = (B_KEY_OBJ)NULL_PTR;
-	if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(cx->algobj, AI_RC4, NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	cx->alg_chooser[0] = &AM_RC4_ENCRYPT;
-	cx->alg_chooser[1] = &AM_RC4_DECRYPT;
-	cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL;
-
-	keyItem.len = len;
-	keyItem.data = key;
-	if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	return cx;
-
-loser:
-	RC4_DestroyContext(cx, PR_TRUE);
-	return NULL;
-}
-
-void 
-RC4_DestroyContext(RC4Context *cx, PRBool freeit)
-{
-	if (freeit) {
-		PORT_Assert(cx != NULL);
-		if (cx == NULL) {
-			PORT_SetError(SEC_ERROR_INVALID_ARGS);
-			return;
-		}
-		if (cx->keyobj != NULL_PTR)
-			B_DestroyKeyObject(&cx->keyobj);
-		if (cx->algobj != NULL_PTR)
-			B_DestroyAlgorithmObject(&cx->algobj);
-		PORT_ZFree(cx, sizeof(RC4Context));
-	}
-}
-
-SECStatus 
-RC4_Encrypt(RC4Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-	int status;
-	unsigned int outputLenUpdate, outputLenFinal;
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if ((status = B_EncryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	if ((status = B_EncryptFinal(cx->algobj, 
-	                             output + outputLenUpdate,
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-	return SECSuccess;
-}
-
-SECStatus 
-RC4_Decrypt(RC4Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-	int status;
-	unsigned int outputLenUpdate, outputLenFinal;
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if ((status = B_DecryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	if ((status = B_DecryptFinal(cx->algobj, 
-	                             output + outputLenUpdate,
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-	return SECSuccess;
-}
-
-
-/*****************************************************************************
-** BLAPI implementation of RC5
-******************************************************************************/
-
-struct RC5ContextStr
-{
-	B_ALGORITHM_OBJ     algobj;
-	B_ALGORITHM_METHOD *alg_chooser[6];
-	B_KEY_OBJ           keyobj;
-	unsigned int        blocksize;
-};
-
-RC5Context *
-RC5_CreateContext(SECItem *key, unsigned int rounds,
-                  unsigned int wordSize, unsigned char *iv, int mode)
-{
-	/* BLAPI */
-	RC5Context *cx;
-	/* BSAFE */
-	B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
-	A_RC5_PARAMS                   rc5Params;
-	ITEM                           keyItem;
-	ITEM                           ivItem;
-	unsigned int                   blocksize;
-	int status;
-
-	if (rounds > MAX_RC5_ROUNDS) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return NULL;
-	}
-	if (key->len > MAX_RC5_KEY_BYTES) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return NULL;
-	}
-	if (mode == NSS_RC5_CBC && (iv == NULL)) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return NULL;
-	}
-
-	cx = (RC5Context *)PORT_ZAlloc(sizeof(RC5Context));
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return NULL;
-	}
-	cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
-	if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	cx->keyobj = (B_KEY_OBJ)NULL_PTR;
-	if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	rc5Params.version = RC5_VERSION_NUMBER;
-	rc5Params.rounds = rounds;
-	rc5Params.wordSizeInBits = wordSize * BITS_PER_BYTE;
-	if (rc5Params.wordSizeInBits == 64) {
-		fbParams.encryptionMethodName = (unsigned char *)"rc5_64";
-		cx->alg_chooser[0] = &AM_RC5_64ENCRYPT;
-		cx->alg_chooser[1] = &AM_RC5_64DECRYPT;
-	} else {
-		fbParams.encryptionMethodName = (unsigned char *)"rc5";
-		cx->alg_chooser[0] = &AM_RC5_ENCRYPT;
-		cx->alg_chooser[1] = &AM_RC5_DECRYPT;
-	}
-	fbParams.encryptionParams = (POINTER)&rc5Params;
-	fbParams.paddingMethodName = (unsigned char *)"nopad";
-	fbParams.paddingParams = NULL_PTR;
-	cx->alg_chooser[4] = &AM_SHA_RANDOM;
-	cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL;
-	switch (mode) {
-	case NSS_RC5:  
-		blocksize = 2 * wordSize;
-		cx->blocksize = blocksize;
-		fbParams.feedbackMethodName = (unsigned char *)"ecb";
-		fbParams.feedbackParams = (POINTER)&blocksize;
-		cx->alg_chooser[2] = &AM_ECB_ENCRYPT;
-		cx->alg_chooser[3] = &AM_ECB_DECRYPT;
-		break;
-	case NSS_RC5_CBC: 
-		ivItem.len = 2 * wordSize;
-		ivItem.data = iv;
-		cx->blocksize = RC5_BLOCK_SIZE;
-		fbParams.feedbackMethodName = (unsigned char *)"cbc";
-		fbParams.feedbackParams = (POINTER)&ivItem;
-		cx->alg_chooser[2] = &AM_CBC_ENCRYPT;
-		cx->alg_chooser[3] = &AM_CBC_DECRYPT;
-		break;
-	default:
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-	if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
-	                                 (POINTER)&fbParams)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	keyItem.len = key->len;
-	keyItem.data = key->data;
-	if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	return cx;
-
-loser:
-	RC5_DestroyContext(cx, PR_TRUE);
-	return NULL;
-}
-
-void RC5_DestroyContext(RC5Context *cx, PRBool freeit)
-{
-	if (freeit) {
-		PORT_Assert(cx != NULL);
-		if (cx == NULL) {
-			PORT_SetError(SEC_ERROR_INVALID_ARGS);
-			return;
-		}
-		if (cx->keyobj != NULL_PTR)
-			B_DestroyKeyObject(&cx->keyobj);
-		if (cx->algobj != NULL_PTR)
-			B_DestroyAlgorithmObject(&cx->algobj);
-		PORT_ZFree(cx, sizeof(RC5Context));
-	}
-}
-
-SECStatus 
-RC5_Encrypt(RC5Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            unsigned char *input, unsigned int inputLen)
-{
-	int status;
-	unsigned int outputLenUpdate, outputLenFinal;
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert((inputLen & (RC5_BLOCK_SIZE - 1)) == 0);
-	if (inputLen & (RC5_BLOCK_SIZE - 1)) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if ((status = B_EncryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	if ((status = B_EncryptFinal(cx->algobj, 
-	                             output + outputLenUpdate,
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-	return SECSuccess;
-}
-
-SECStatus 
-RC5_Decrypt(RC5Context *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            unsigned char *input, unsigned int inputLen)
-{
-	int status;
-	unsigned int outputLenUpdate, outputLenFinal;
-	ptrdiff_t inpptr;
-	unsigned char *inp = NULL;
-	PRBool cpybuffer = PR_FALSE;
-
-	/*  The BSAFE Crypto-C 4.1 library with which we tested on a Sun 
-	 *  UltraSparc crashed when the input to an RC5 CBC decryption operation
-	 *  was not 4-byte aligned.
-	 *  So, we work around this problem by aligning unaligned input in a
-	 *  temporary buffer.
-	 */
-	inpptr = (ptrdiff_t)input;
-	if (inpptr & 0x03) {
-		inp = PORT_ZAlloc(inputLen);
-		if (inp == NULL) {
-			PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-			return SECFailure;
-		}
-		PORT_Memcpy(inp, input, inputLen);
-		cpybuffer = PR_TRUE;
-	} else {
-		inp = input;
-	}
-
-	PORT_Assert(cx != NULL);
-	if (cx == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert((inputLen & (cx->blocksize - 1)) == 0);
-	if (inputLen & (cx->blocksize - 1)) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
-	if (maxOutputLen < inputLen) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if ((status = B_DecryptUpdate(cx->algobj, 
-	                              output, 
-	                              &outputLenUpdate,
-	                              maxOutputLen, 
-	                              input, 
-	                              inputLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	if ((status = B_DecryptFinal(cx->algobj, 
-	                             output + outputLenUpdate,
-	                             &outputLenFinal, 
-	                             maxOutputLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	*outputLen = outputLenUpdate + outputLenFinal;
-	return SECSuccess;
-}
-
-/*****************************************************************************
-** BLAPI implementation of RSA
-******************************************************************************/
-
-static const SECItem defaultPublicExponent = 
-{
-	siBuffer,
-	(unsigned char *)"\001\000\001",
-	3
-};
-
-static const B_ALGORITHM_METHOD *rsa_alg_chooser[] = {
-	&AM_SHA_RANDOM,
-	&AM_RSA_KEY_GEN,
-	&AM_RSA_ENCRYPT,
-	&AM_RSA_DECRYPT,
-	&AM_RSA_CRT_ENCRYPT,
-	&AM_RSA_CRT_DECRYPT,
-	(B_ALGORITHM_METHOD *)NULL_PTR
-};
-
-static SECStatus
-rsaZFreePrivateKeyInfo(A_PKCS_RSA_PRIVATE_KEY *privateKeyInfo)
-{
-	PORT_ZFree(privateKeyInfo->modulus.data, privateKeyInfo->modulus.len);
-	PORT_ZFree(privateKeyInfo->publicExponent.data, 
-	           privateKeyInfo->publicExponent.len);
-	PORT_ZFree(privateKeyInfo->privateExponent.data, 
-	           privateKeyInfo->privateExponent.len);
-	PORT_ZFree(privateKeyInfo->prime[0].data, privateKeyInfo->prime[0].len);
-	PORT_ZFree(privateKeyInfo->prime[1].data, privateKeyInfo->prime[1].len);
-	PORT_ZFree(privateKeyInfo->primeExponent[0].data, 
-	           privateKeyInfo->primeExponent[0].len);
-	PORT_ZFree(privateKeyInfo->primeExponent[1].data, 
-	           privateKeyInfo->primeExponent[1].len);
-	PORT_ZFree(privateKeyInfo->coefficient.data, 
-	           privateKeyInfo->coefficient.len);
-	return SECSuccess;
-}
-
-static SECStatus
-rsaConvertKeyInfoToBLKey(A_PKCS_RSA_PRIVATE_KEY *keyInfo, RSAPrivateKey *key)
-{
-	PRArenaPool *arena = key->arena;
-	SECItem tmp;
-
-	SECITEMFROMITEM(arena, key->modulus,         keyInfo->modulus);
-	SECITEMFROMITEM(arena, key->publicExponent,  keyInfo->publicExponent);
-	SECITEMFROMITEM(arena, key->privateExponent, keyInfo->privateExponent);
-	SECITEMFROMITEM(arena, key->prime1,          keyInfo->prime[0]);
-	SECITEMFROMITEM(arena, key->prime2,          keyInfo->prime[1]);
-	SECITEMFROMITEM(arena, key->exponent1,       keyInfo->primeExponent[0]);
-	SECITEMFROMITEM(arena, key->exponent2,       keyInfo->primeExponent[1]);
-	SECITEMFROMITEM(arena, key->coefficient,     keyInfo->coefficient);
-	/* Version field is to be handled at a higher level. */
-	key->version.data = NULL;
-	key->version.len = 0;
-	return SECSuccess;
-
-loser:
-	PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-	return SECFailure;
-}
-
-static SECStatus
-rsaConvertBLKeyToKeyInfo(RSAPrivateKey *key, A_PKCS_RSA_PRIVATE_KEY *keyInfo)
-{
-	ITEMFROMSECITEM(keyInfo->modulus,          key->modulus);
-	ITEMFROMSECITEM(keyInfo->publicExponent,   key->publicExponent);
-	ITEMFROMSECITEM(keyInfo->privateExponent,  key->privateExponent);
-	ITEMFROMSECITEM(keyInfo->prime[0],         key->prime1);
-	ITEMFROMSECITEM(keyInfo->prime[1],         key->prime2);
-	ITEMFROMSECITEM(keyInfo->primeExponent[0], key->exponent1);
-	ITEMFROMSECITEM(keyInfo->primeExponent[1], key->exponent2);
-	ITEMFROMSECITEM(keyInfo->coefficient,      key->coefficient);
-	return SECSuccess;
-}
-
-RSAPrivateKey *
-RSA_NewKey(int         keySizeInBits,
-           SECItem *   publicExponent)
-{
-	/* BLAPI */
-	RSAPrivateKey *privateKey;
-	/* BSAFE */
-	A_RSA_KEY_GEN_PARAMS    keygenParams;
-	A_PKCS_RSA_PRIVATE_KEY *privateKeyInfo = (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR;
-	B_ALGORITHM_OBJ         keypairGenerator = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_ALGORITHM_OBJ         randomAlgorithm = NULL;
-	B_KEY_OBJ               publicKeyObj = (B_KEY_OBJ)NULL_PTR;
-	B_KEY_OBJ               privateKeyObj = (B_KEY_OBJ)NULL_PTR;
-	PRArenaPool *arena;
-	int status;
-
-	/*  Allocate space for key structure. */
-	arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-	privateKey = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, 
-	                                               sizeof(RSAPrivateKey));
-	if (privateKey == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-	privateKey->arena = arena;
-
-	randomAlgorithm = generateRandomAlgorithm(keySizeInBits / BITS_PER_BYTE, 0);
-	if (randomAlgorithm == NULL_PTR) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateAlgorithmObject(&keypairGenerator)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if (publicExponent == NULL) publicExponent = &defaultPublicExponent;
-	keygenParams.modulusBits = keySizeInBits;
-	keygenParams.publicExponent.data = publicExponent->data;
-	keygenParams.publicExponent.len = publicExponent->len;
-
-	if ((status = B_SetAlgorithmInfo(keypairGenerator, AI_RSAKeyGen,
-	                                 (POINTER)&keygenParams)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_GenerateInit(keypairGenerator, rsa_alg_chooser,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_GenerateKeypair(keypairGenerator, publicKeyObj,
-	                                privateKeyObj, randomAlgorithm,
-	                                (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj,
-	                           KI_PKCS_RSAPrivate)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	/*  Convert the BSAFE key info to an RSAPrivateKey.  */
-	if ((status = rsaConvertKeyInfoToBLKey(privateKeyInfo, privateKey)) != 0) {
-		goto loser;
-	}
-
-	B_DestroyAlgorithmObject(&publicKeyObj);
-	B_DestroyKeyObject(&publicKeyObj);
-	B_DestroyKeyObject(&privateKeyObj);
-	rsaZFreePrivateKeyInfo(privateKeyInfo);
-	B_DestroyAlgorithmObject(&randomAlgorithm);
-	return privateKey;
-
-loser:
-	if (keypairGenerator != NULL_PTR)
-		B_DestroyAlgorithmObject(&keypairGenerator);
-	if (publicKeyObj != NULL_PTR)
-		B_DestroyKeyObject(&publicKeyObj);
-	if (privateKeyObj != NULL_PTR)
-		B_DestroyKeyObject(&privateKeyObj);
-	if (privateKeyInfo != (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR)
-		rsaZFreePrivateKeyInfo(privateKeyInfo);
-	if (randomAlgorithm != NULL_PTR)
-		B_DestroyAlgorithmObject(&randomAlgorithm);
-	PORT_FreeArena(arena, PR_TRUE);
-	return NULL;
-}
-
-static unsigned int
-rsa_modulusLen(SECItem *modulus)
-{
-	unsigned char byteZero = modulus->data[0];
-	unsigned int modLen = modulus->len - !byteZero;
-	return modLen;
-}
-
-SECStatus 
-RSA_PublicKeyOp(RSAPublicKey *   key,
-                unsigned char *  output,
-                unsigned char *  input)
-{
-	B_ALGORITHM_OBJ rsaPubKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_KEY_OBJ       publicKeyObj = (B_KEY_OBJ)NULL_PTR;
-	A_RSA_KEY       pubKeyInfo;
-	unsigned int outputLenUpdate;
-	unsigned int modulusLen;
-	int status;
-
-	PORT_Assert(key != NULL);
-	if (key == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	if ((status = B_CreateAlgorithmObject(&rsaPubKeyAlg)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(rsaPubKeyAlg, AI_RSAPublic,
-	                                 NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	modulusLen = rsa_modulusLen(&key->modulus);
-	pubKeyInfo.modulus.len = key->modulus.len;
-	pubKeyInfo.modulus.data = key->modulus.data;
-	pubKeyInfo.exponent.len = key->publicExponent.len;
-	pubKeyInfo.exponent.data = key->publicExponent.data;
-
-	if ((status = B_SetKeyInfo(publicKeyObj, KI_RSAPublic, 
-	                           (POINTER)&pubKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_EncryptInit(rsaPubKeyAlg, publicKeyObj, rsa_alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-	if ((status = B_EncryptUpdate(rsaPubKeyAlg,
-	                              output, 
-	                              &outputLenUpdate,
-	                              modulusLen, 
-	                              input, 
-	                              modulusLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-	if ((status = B_EncryptFinal(rsaPubKeyAlg,
-	                             output + outputLenUpdate,
-	                             &outputLenUpdate, 
-	                             modulusLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-
-	B_DestroyAlgorithmObject(&rsaPubKeyAlg);
-	B_DestroyAlgorithmObject(&publicKeyObj);
-	/*  Don't delete pubKeyInfo data -- it was a shallow copy.  */
-	return SECSuccess;
-
-loser:
-	if (rsaPubKeyAlg != NULL_PTR)
-		B_DestroyAlgorithmObject(&rsaPubKeyAlg);
-	if (publicKeyObj != NULL_PTR)
-		B_DestroyAlgorithmObject(&publicKeyObj);
-	return SECFailure;
-}
-
-SECStatus 
-RSA_PrivateKeyOp(RSAPrivateKey *  key,
-                 unsigned char *  output,
-                 unsigned char *  input)
-{
-	A_PKCS_RSA_PRIVATE_KEY privKeyInfo;
-	B_ALGORITHM_OBJ        rsaPrivKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_KEY_OBJ              privateKeyObj = (B_KEY_OBJ)NULL_PTR;
-	unsigned int outputLenUpdate;
-	unsigned int modulusLen;
-	int status;
-
-	if ((status = B_CreateAlgorithmObject(&rsaPrivKeyAlg)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(rsaPrivKeyAlg, AI_RSAPrivate,
-	                                 NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = rsaConvertBLKeyToKeyInfo(key, &privKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetKeyInfo(privateKeyObj, KI_PKCS_RSAPrivate,
-	                           (POINTER)&privKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	modulusLen = rsa_modulusLen(&key->modulus);
-
-	if ((status = B_DecryptInit(rsaPrivKeyAlg, privateKeyObj, rsa_alg_chooser,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-	if ((status = B_DecryptUpdate(rsaPrivKeyAlg,
-	                              output, 
-	                              &outputLenUpdate,
-	                              modulusLen, 
-	                              input, 
-	                              modulusLen,
-	                              (B_ALGORITHM_OBJ)NULL_PTR,
-	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-	if ((status = B_DecryptFinal(rsaPrivKeyAlg,
-	                             output + outputLenUpdate,
-	                             &outputLenUpdate, 
-	                             modulusLen - outputLenUpdate,
-	                             (B_ALGORITHM_OBJ)NULL_PTR,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-
-	B_DestroyAlgorithmObject(&rsaPrivKeyAlg);
-	B_DestroyAlgorithmObject(&privateKeyObj);
-	/*  Don't delete privKeyInfo data -- it was a shallow copy.  */
-	return SECSuccess;
-
-loser:
-	if (rsaPrivKeyAlg != NULL_PTR)
-		B_DestroyAlgorithmObject(&rsaPrivKeyAlg);
-	if (privateKeyObj != NULL_PTR)
-		B_DestroyAlgorithmObject(&privateKeyObj);
-	return SECFailure;
-}
-
-/*
- * this should check the operation!!!!
- */
-SECStatus
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
-                              unsigned char *output,
-                              const unsigned char *input)
-{
-    return RSA_PrivateKeyOp(key, output, input);
-}
-
-/*
- * this should check the key!!!
- */
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
-    return SECSuccess;
-}
-
-/*****************************************************************************
-** BLAPI implementation of DSA
-******************************************************************************/
-
-static const B_ALGORITHM_METHOD *dsa_pk_gen_chooser[] = {
-	&AM_SHA_RANDOM,
-	&AM_DSA_PARAM_GEN,
-	&AM_DSA_KEY_GEN,
-	(B_ALGORITHM_METHOD *)NULL_PTR
-};
-
-static SECStatus
-dsaConvertKeyInfoToBLKey(A_DSA_PRIVATE_KEY *privateKeyInfo, 
-                         A_DSA_PUBLIC_KEY *publicKeyInfo, 
-                         DSAPrivateKey *privateKey)
-{
-	PRArenaPool *arena;
-	SECItem tmp;
-
-	arena = privateKey->params.arena;
-	SECITEMFROMITEM(arena, privateKey->params.prime, 
-	                       privateKeyInfo->params.prime);
-	SECITEMFROMITEM(arena, privateKey->params.subPrime, 
-	                       privateKeyInfo->params.subPrime);
-	SECITEMFROMITEM(arena, privateKey->params.base, 
-	                       privateKeyInfo->params.base);
-	SECITEMFROMITEM(arena, privateKey->privateValue,
-	                       privateKeyInfo->x);
-	SECITEMFROMITEM(arena, privateKey->publicValue,
-	                       publicKeyInfo->y);
-
-	return SECSuccess;
-
-loser:
-	PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-	return SECFailure;
-}
-
-static SECStatus
-dsaConvertBLKeyToPrKeyInfo(DSAPrivateKey *privateKey,
-                           A_DSA_PRIVATE_KEY *privateKeyInfo)
-{
-	ITEMFROMSECITEM(privateKeyInfo->params.prime, privateKey->params.prime)
-	ITEMFROMSECITEM(privateKeyInfo->params.subPrime,
-	                privateKey->params.subPrime);
-	ITEMFROMSECITEM(privateKeyInfo->params.base, privateKey->params.base);
-	ITEMFROMSECITEM(privateKeyInfo->x, privateKey->privateValue);
-	return SECSuccess;
-}
-
-static SECStatus
-dsaConvertBLKeyToPubKeyInfo(DSAPublicKey *publicKey,
-                            A_DSA_PUBLIC_KEY *publicKeyInfo)
-{
-	ITEMFROMSECITEM(publicKeyInfo->params.prime, publicKey->params.prime)
-	ITEMFROMSECITEM(publicKeyInfo->params.subPrime,
-	                publicKey->params.subPrime);
-	ITEMFROMSECITEM(publicKeyInfo->params.base, publicKey->params.base);
-	ITEMFROMSECITEM(publicKeyInfo->y, publicKey->publicValue);
-	return SECSuccess;
-}
-
-static SECStatus
-dsaZFreeKeyInfoParams(A_DSA_PARAMS *params)
-{
-	PORT_ZFree(params->prime.data, 
-	           params->prime.len);
-	PORT_ZFree(params->subPrime.data, 
-	           params->subPrime.len);
-	PORT_ZFree(params->base.data, 
-	           params->base.len);
-	return SECSuccess;
-}
-
-static SECStatus
-dsaZFreePrivateKeyInfo(A_DSA_PRIVATE_KEY *privateKeyInfo)
-{
-	dsaZFreeKeyInfoParams(&privateKeyInfo->params);
-	PORT_ZFree(privateKeyInfo->x.data,
-	           privateKeyInfo->x.len);
-	return SECSuccess;
-}
-
-static SECStatus
-dsaZFreePublicKeyInfo(A_DSA_PUBLIC_KEY *publicKeyInfo)
-{
-	dsaZFreeKeyInfoParams(&publicKeyInfo->params);
-	PORT_ZFree(publicKeyInfo->y.data,
-	           publicKeyInfo->y.len);
-	return SECSuccess;
-}
-
-SECStatus 
-DSA_NewKey(PQGParams *           params, 
-           DSAPrivateKey **      privKey)
-{
-	return DSA_NewKeyFromSeed(params, NULL, privKey);
-}
-
-SECStatus 
-DSA_SignDigest(DSAPrivateKey *   key,
-               SECItem *         signature,
-               SECItem *         digest)
-{
-	return DSA_SignDigestWithSeed(key, signature, digest, NULL);
-}
-
-SECStatus 
-DSA_VerifyDigest(DSAPublicKey *  key,
-                 SECItem *       signature,
-                 SECItem *       digest)
-{
-	B_ALGORITHM_OBJ           dsaVerifier = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_KEY_OBJ                 publicKeyObj = (B_KEY_OBJ)NULL_PTR;
-	A_DSA_PUBLIC_KEY          publicKeyInfo;
-	const B_ALGORITHM_METHOD *dsa_verify_chooser[] = {
-	                            &AM_DSA_VERIFY,
-	                            (B_ALGORITHM_METHOD *)NULL_PTR
-	};
-	int status;
-
-	if ((status = B_CreateAlgorithmObject(&dsaVerifier)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = dsaConvertBLKeyToPubKeyInfo(key, &publicKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetKeyInfo(publicKeyObj, KI_DSAPublic, 
-	                           (POINTER)&publicKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(dsaVerifier, AI_DSA, NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_VerifyInit(dsaVerifier, publicKeyObj, dsa_verify_chooser,
-	                           (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_VerifyUpdate(dsaVerifier, digest->data, digest->len,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		goto loser;
-	}
-
-	if ((status = B_VerifyFinal(dsaVerifier, signature->data, signature->len,
-	                            (B_ALGORITHM_OBJ)NULL_PTR,
-	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		if (status == BE_SIGNATURE) {
-			PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-		} else {
-			PORT_SetError(SEC_ERROR_BAD_DATA);
-			goto loser;
-		}
-	}
-
-	B_DestroyAlgorithmObject(&dsaVerifier);
-	B_DestroyKeyObject(&publicKeyObj);
-	/*  publicKeyInfo data is shallow copy */
-	return (status == BE_SIGNATURE) ? SECFailure : SECSuccess;
-
-loser:
-	if (dsaVerifier != NULL_PTR)
-		B_DestroyAlgorithmObject(&dsaVerifier);
-	if (publicKeyObj != NULL_PTR)
-		B_DestroyKeyObject(&publicKeyObj);
-	return SECFailure;
-}
-
-SECStatus 
-DSA_NewKeyFromSeed(PQGParams *params, unsigned char * seed,
-                   DSAPrivateKey **privKey)
-{
-	PRArenaPool *arena;
-	DSAPrivateKey *privateKey;
-	/* BSAFE */
-	B_ALGORITHM_OBJ           dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_ALGORITHM_OBJ           randomAlgorithm = NULL_PTR;
-	A_DSA_PRIVATE_KEY        *privateKeyInfo = (A_DSA_PRIVATE_KEY *)NULL_PTR;
-	A_DSA_PUBLIC_KEY         *publicKeyInfo = (A_DSA_PUBLIC_KEY *)NULL_PTR;
-	A_DSA_PARAMS              dsaParamInfo;
-	B_KEY_OBJ                 publicKeyObj = (B_KEY_OBJ)NULL_PTR;
-	B_KEY_OBJ                 privateKeyObj = (B_KEY_OBJ)NULL_PTR;
-	int status;
-
-	/*  Allocate space for key structure. */
-	arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-	privateKey = (DSAPrivateKey *)
-	              PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
-	if (privateKey == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-	privateKey->params.arena = arena;
-
-	if ((status = B_CreateAlgorithmObject(&dsaKeyGenObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	randomAlgorithm = generateRandomAlgorithm(DSA_SUBPRIME_LEN, seed);
-	if (randomAlgorithm == NULL_PTR) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	ITEMFROMSECITEM(dsaParamInfo.prime,    params->prime);
-	ITEMFROMSECITEM(dsaParamInfo.subPrime, params->subPrime);
-	ITEMFROMSECITEM(dsaParamInfo.base,     params->base);
-
-	if ((status = B_SetAlgorithmInfo(dsaKeyGenObj, AI_DSAKeyGen, 
-	                                 (POINTER)&dsaParamInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_GenerateInit(dsaKeyGenObj, dsa_pk_gen_chooser,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_GenerateKeypair(dsaKeyGenObj, publicKeyObj, privateKeyObj,
-	                                randomAlgorithm,
-	                                (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj,
-	                           KI_DSAPrivate)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_GetKeyInfo((POINTER *)&publicKeyInfo, publicKeyObj,
-	                           KI_DSAPublic)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = dsaConvertKeyInfoToBLKey(privateKeyInfo, publicKeyInfo,
-	                                       privateKey)) != 0) {
-		goto loser;
-	}
-
-	B_DestroyAlgorithmObject(&dsaKeyGenObj);
-	B_DestroyAlgorithmObject(&randomAlgorithm);
-	B_DestroyKeyObject(&publicKeyObj);
-	B_DestroyKeyObject(&privateKeyObj);
-	dsaZFreePrivateKeyInfo(privateKeyInfo);
-	dsaZFreePublicKeyInfo(publicKeyInfo);
-	/* dsaParamInfo contains only public info, no need to ZFree */
-
-	*privKey = privateKey;
-	return SECSuccess;
-
-loser:
-	if (dsaKeyGenObj != NULL_PTR)
-		B_DestroyAlgorithmObject(&dsaKeyGenObj);
-	if (randomAlgorithm != NULL_PTR)
-		B_DestroyAlgorithmObject(&randomAlgorithm);
-	if (privateKeyObj != NULL_PTR)
-		B_DestroyKeyObject(&privateKeyObj);
-	if (publicKeyObj != NULL_PTR)
-		B_DestroyKeyObject(&publicKeyObj);
-	if (privateKeyInfo != (A_DSA_PRIVATE_KEY *)NULL_PTR)
-		dsaZFreePrivateKeyInfo(privateKeyInfo);
-	if (publicKeyInfo != (A_DSA_PUBLIC_KEY *)NULL_PTR)
-		dsaZFreePublicKeyInfo(publicKeyInfo);
-	if (arena != NULL)
-		PORT_FreeArena(arena, PR_TRUE);
-	*privKey = NULL;
-	return SECFailure;
-}
-
-SECStatus 
-DSA_SignDigestWithSeed(DSAPrivateKey * key,
-                       SECItem *       signature,
-                       SECItem *       digest,
-                       unsigned char * seed)
-{
-	B_ALGORITHM_OBJ           dsaSigner = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_ALGORITHM_OBJ           randomAlgorithm = NULL_PTR;
-	B_KEY_OBJ                 privateKeyObj = (B_KEY_OBJ)NULL_PTR;
-	A_DSA_PRIVATE_KEY         privateKeyInfo;
-	const B_ALGORITHM_METHOD *dsa_sign_chooser[] = {
-	                            &AM_DSA_SIGN,
-	                            (B_ALGORITHM_METHOD *)NULL_PTR
-	};
-	int status;
-	unsigned int siglen;
-
-	randomAlgorithm = generateRandomAlgorithm(DSA_SUBPRIME_LEN, seed);
-
-	if ((status = B_CreateAlgorithmObject(&dsaSigner)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = dsaConvertBLKeyToPrKeyInfo(key, &privateKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetKeyInfo(privateKeyObj, KI_DSAPrivate, 
-	                           (POINTER)&privateKeyInfo)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SetAlgorithmInfo(dsaSigner, AI_DSA, NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SignInit(dsaSigner, privateKeyObj, dsa_sign_chooser,
-	                         (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SignUpdate(dsaSigner, digest->data, digest->len,
-	                           (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_SignFinal(dsaSigner, signature->data, &siglen,
-	                          signature->len, randomAlgorithm,
-	                          (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	SECITEM_ReallocItem(NULL, signature, signature->len, siglen);
-	signature->len = siglen; /* shouldn't realloc do this? */
-
-	B_DestroyAlgorithmObject(&dsaSigner);
-	B_DestroyKeyObject(&privateKeyObj);
-	B_DestroyAlgorithmObject(&randomAlgorithm);
-	/*  privateKeyInfo is shallow copy */
-	return SECSuccess;
-
-loser:
-	if (dsaSigner != NULL_PTR)
-		B_DestroyAlgorithmObject(&dsaSigner);
-	if (privateKeyObj != NULL_PTR)
-		B_DestroyKeyObject(&privateKeyObj);
-	if (randomAlgorithm != NULL_PTR)
-		B_DestroyAlgorithmObject(&randomAlgorithm);
-	return SECFailure;
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, 	   /* input : determines length of P. */
-             PQGParams **pParams,  /* output: P Q and G returned here */
-             PQGVerify **pVfy)     /* output: counter and seed. */
-{
-	return PQG_ParamGenSeedLen(j, DSA_SUBPRIME_LEN, pParams, pVfy);
-}
-
-SECStatus
-PQG_ParamGenSeedLen(
-                  unsigned int j,         /* input : determines length of P. */
-                  unsigned int seedBytes, /* input : length of seed in bytes.*/
-                  PQGParams **pParams,    /* output: P Q and G returned here */
-                  PQGVerify **pVfy)       /* output: counter and seed. */
-{
-	B_DSA_PARAM_GEN_PARAMS    dsaParams;
-	B_ALGORITHM_OBJ           dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_ALGORITHM_OBJ           dsaParamGenerator = (B_ALGORITHM_OBJ)NULL_PTR;
-	B_ALGORITHM_OBJ           randomAlgorithm = NULL_PTR;
-	A_DSA_PARAMS             *dsaParamInfo;
-	SECItem tmp;
-	PQGParams *params;
-	PRArenaPool *arena;
-	int status;
-
-	if (!pParams || j > 8) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-
-	/*  Allocate space for key structure. */
-	arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-	params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
-	if (params == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-	params->arena = arena;
-
-	if ((status = B_CreateAlgorithmObject(&dsaParamGenerator)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	if ((status = B_CreateAlgorithmObject(&dsaKeyGenObj)) != 0) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		goto loser;
-	}
-
-	randomAlgorithm = generateRandomAlgorithm(seedBytes, NULL);
-
-	dsaParams.primeBits = 512 + (j * 64);
-	if ((status = B_SetAlgorithmInfo(dsaParamGenerator, AI_DSAParamGen,
-	                                 (POINTER)&dsaParams)) != 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		goto loser;
-	}
-
-	if ((status = B_GenerateInit(dsaParamGenerator, dsa_pk_gen_chooser,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_GenerateParameters(dsaParamGenerator, dsaKeyGenObj,
-	                                   randomAlgorithm,
-	                                   (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	if ((status = B_GetAlgorithmInfo((POINTER *)&dsaParamInfo, dsaKeyGenObj,
-	                                 AI_DSAKeyGen)) != 0) {
-		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-		goto loser;
-	}
-
-	SECITEMFROMITEM(arena, params->prime,    dsaParamInfo->prime);
-	SECITEMFROMITEM(arena, params->subPrime, dsaParamInfo->subPrime);
-	SECITEMFROMITEM(arena, params->base,     dsaParamInfo->base);
-
-	B_DestroyAlgorithmObject(&dsaKeyGenObj);
-	B_DestroyAlgorithmObject(&dsaParamGenerator);
-	B_DestroyAlgorithmObject(&randomAlgorithm);
-	dsaZFreeKeyInfoParams(dsaParamInfo);
-
-	*pParams = params;
-	return SECSuccess;
-
-loser:
-	if (dsaParamGenerator != NULL_PTR)
-		B_DestroyAlgorithmObject(&dsaParamGenerator);
-	if (dsaKeyGenObj != NULL_PTR)
-		B_DestroyAlgorithmObject(&dsaKeyGenObj);
-	if (randomAlgorithm != NULL_PTR)
-		B_DestroyAlgorithmObject(&randomAlgorithm);
-	if (dsaParamInfo != NULL)
-		dsaZFreeKeyInfoParams(dsaParamInfo);
-	if (arena != NULL)
-		PORT_FreeArena(arena, PR_TRUE);
-	*pParams = NULL;
-	return SECFailure;
-}
-
-SECStatus
-PQG_VerifyParams(const PQGParams *params, 
-                 const PQGVerify *vfy, SECStatus *result)
-{
-	/*  BSAFE does not provide access to h.
-	 *  Verification is thus skipped.
-	 */
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-	return SECFailure;
-}
-
-/*  Destroy functions are implemented in util/pqgutil.c */
-
-/*****************************************************************************
-** BLAPI implementation of RNG
-******************************************************************************/
-
-static SECItem globalseed;
-static B_ALGORITHM_OBJ globalrng = NULL_PTR;
-
-SECStatus 
-RNG_RNGInit(void)
-{
-	int status;
-	PRInt32 nBytes;
-	if (globalrng == NULL) {
-		globalseed.len = 20;
-		globalseed.data = (unsigned char *)PORT_Alloc(globalseed.len);
-	} else {
-		B_DestroyAlgorithmObject(&globalrng);
-	}
-	nBytes = RNG_GetNoise(globalseed.data, globalseed.len);
-	globalrng = generateRandomAlgorithm(globalseed.len, globalseed.data);
-	if (globalrng == NULL_PTR) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return SECFailure;
-	}
-	return SECSuccess;
-}
-
-SECStatus 
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
-	int status;
-	if (data == NULL || bytes <= 0) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if (globalrng == NULL_PTR) {
-		PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-		return SECFailure;
-	}
-	if ((status = B_RandomUpdate(globalrng, data, bytes,
-	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	return SECSuccess;
-}
-
-SECStatus 
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
-	int status;
-	if (dest == NULL) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return SECFailure;
-	}
-	if (globalrng == NULL_PTR) {
-		PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-		return SECFailure;
-	}
-	if ((status = B_GenerateRandomBytes(globalrng, dest, len,
-	                                    (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
-		PORT_SetError(SEC_ERROR_BAD_DATA);
-		return SECFailure;
-	}
-	return SECSuccess;
-}
-
-void 
-RNG_RNGShutdown(void)
-{
-	if (globalrng == NULL_PTR)
-		/* no-op */
-		return;
-	B_DestroyAlgorithmObject(&globalrng);
-	SECITEM_ZfreeItem(&globalseed, PR_FALSE);
-	globalrng = NULL_PTR;
-}
diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h
deleted file mode 100644
index 0e1b2b0e2..000000000
--- a/security/nss/lib/freebl/blapit.h
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * blapit.h - public data structures for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _BLAPIT_H_
-#define _BLAPIT_H_
-
-#include "seccomon.h"
-#include "plarena.h"
-
-/* RC2 operation modes */
-#define NSS_RC2			0
-#define NSS_RC2_CBC		1
-
-/* RC5 operation modes */
-#define NSS_RC5                 0
-#define NSS_RC5_CBC             1
-
-/* DES operation modes */
-#define NSS_DES			0
-#define NSS_DES_CBC		1
-#define NSS_DES_EDE3		2
-#define NSS_DES_EDE3_CBC	3
-
-#define DES_KEY_LENGTH		8	/* Bytes */
-
-/* AES operation modes */
-#define NSS_AES                 0
-#define NSS_AES_CBC             1
-
-#define DSA_SIGNATURE_LEN 	40	/* Bytes */
-#define DSA_SUBPRIME_LEN	20	/* Bytes */
-
-/*
- * Number of bytes each hash algorithm produces
- */
-#define MD2_LENGTH		16	/* Bytes */
-#define MD5_LENGTH		16	/* Bytes */
-#define SHA1_LENGTH		20	/* Bytes */
-
-#define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
-
-/*
- * The FIPS 186 algorithm for generating primes P and Q allows only 9
- * distinct values for the length of P, and only one value for the
- * length of Q.
- * The algorithm uses a variable j to indicate which of the 9 lengths
- * of P is to be used.
- * The following table relates j to the lengths of P and Q in bits.
- *
- *	j	bits in P	bits in Q
- *	_	_________	_________
- *	0	 512		160
- *	1	 576		160
- *	2	 640		160
- *	3	 704		160
- *	4	 768		160
- *	5	 832		160
- *	6	 896		160
- *	7	 960		160
- *	8	1024		160
- *
- * The FIPS-186 compliant PQG generator takes j as an input parameter.
- */
-
-#define DSA_Q_BITS       160
-#define DSA_MAX_P_BITS	1024
-#define DSA_MIN_P_BITS	 512
-
-/*
- * function takes desired number of bits in P,
- * returns index (0..8) or -1 if number of bits is invalid.
- */
-#define PQG_PBITS_TO_INDEX(bits) ((((bits)-512) % 64) ? -1 : (int)((bits)-512)/64)
-
-/*
- * function takes index (0-8)
- * returns number of bits in P for that index, or -1 if index is invalid.
- */
-#define PQG_INDEX_TO_PBITS(j) (((unsigned)(j) > 8) ? -1 : (512 + 64 * (j)))
-
-
-/***************************************************************************
-** Opaque objects 
-*/
-
-struct DESContextStr        ;
-struct RC2ContextStr        ;
-struct RC4ContextStr        ;
-struct RC5ContextStr        ;
-struct AESContextStr        ;
-struct MD2ContextStr        ;
-struct MD5ContextStr        ;
-struct SHA1ContextStr       ;
-
-typedef struct DESContextStr        DESContext;
-typedef struct RC2ContextStr        RC2Context;
-typedef struct RC4ContextStr        RC4Context;
-typedef struct RC5ContextStr        RC5Context;
-typedef struct AESContextStr        AESContext;
-typedef struct MD2ContextStr        MD2Context;
-typedef struct MD5ContextStr        MD5Context;
-typedef struct SHA1ContextStr       SHA1Context;
-
-/***************************************************************************
-** RSA Public and Private Key structures
-*/
-
-/* member names from PKCS#1, section 7.1 */
-struct RSAPublicKeyStr {
-    PRArenaPool * arena;
-    SECItem modulus;
-    SECItem publicExponent;
-};
-typedef struct RSAPublicKeyStr RSAPublicKey;
-
-/* member names from PKCS#1, section 7.2 */
-struct RSAPrivateKeyStr {
-    PRArenaPool * arena;
-    SECItem version;
-    SECItem modulus;
-    SECItem publicExponent;
-    SECItem privateExponent;
-    SECItem prime1;
-    SECItem prime2;
-    SECItem exponent1;
-    SECItem exponent2;
-    SECItem coefficient;
-};
-typedef struct RSAPrivateKeyStr RSAPrivateKey;
-
-
-/***************************************************************************
-** DSA Public and Private Key and related structures
-*/
-
-struct PQGParamsStr {
-    PRArenaPool *arena;
-    SECItem prime;    /* p */
-    SECItem subPrime; /* q */
-    SECItem base;     /* g */
-    /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
-};
-typedef struct PQGParamsStr PQGParams;
-
-struct PQGVerifyStr {
-    PRArenaPool * arena;	/* includes this struct, seed, & h. */
-    unsigned int  counter;
-    SECItem       seed;
-    SECItem       h;
-};
-typedef struct PQGVerifyStr PQGVerify;
-
-struct DSAPublicKeyStr {
-    PQGParams params;
-    SECItem publicValue;
-};
-typedef struct DSAPublicKeyStr DSAPublicKey;
-
-struct DSAPrivateKeyStr {
-    PQGParams params;
-    SECItem publicValue;
-    SECItem privateValue;
-};
-typedef struct DSAPrivateKeyStr DSAPrivateKey;
-
-/***************************************************************************
-** Diffie-Hellman Public and Private Key and related structures
-** Structure member names suggested by PKCS#3.
-*/
-
-struct DHParamsStr {
-    PRArenaPool * arena;
-    SECItem prime; /* p */
-    SECItem base; /* g */
-};
-typedef struct DHParamsStr DHParams;
-
-struct DHPublicKeyStr {
-    PRArenaPool * arena;
-    SECItem prime;
-    SECItem base;
-    SECItem publicValue;
-};
-typedef struct DHPublicKeyStr DHPublicKey;
-
-struct DHPrivateKeyStr {
-    PRArenaPool * arena;
-    SECItem prime;
-    SECItem base;
-    SECItem publicValue;
-    SECItem privateValue;
-};
-typedef struct DHPrivateKeyStr DHPrivateKey;
-
-
-#endif /* _BLAPIT_H_ */
diff --git a/security/nss/lib/freebl/config.mk b/security/nss/lib/freebl/config.mk
deleted file mode 100644
index 6bae7893b..000000000
--- a/security/nss/lib/freebl/config.mk
+++ /dev/null
@@ -1,103 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# only do this in the outermost freebl build.
-ifndef FREEBL_RECURSIVE_BUILD
-# we only do this stuff for some of the 32-bit builds, no 64-bit builds
-ifndef USE_64
-
-ifeq ($(OS_TARGET), HP-UX)
-  ifneq ($(OS_TEST), ia64)
-    FREEBL_EXTENDED_BUILD = 1
-  endif
-endif
-
-ifeq ($(OS_TARGET),SunOS)
-  ifeq ($(CPU_ARCH),sparc)
-    FREEBL_EXTENDED_BUILD = 1
-  endif
-endif
-
-ifdef FREEBL_EXTENDED_BUILD
-# We're going to change this build so that it builds libfreebl.a with
-# just loader.c.  Then we have to build this directory twice again to 
-# build the two DSOs.
-# To build libfreebl.a with just loader.c, we must now override many
-# of the make variables setup by the prior inclusion of CORECONF's config.mk
-
-CSRCS		= loader.c sysrand.c
-SIMPLE_OBJS 	= $(CSRCS:.c=$(OBJ_SUFFIX))
-OBJS 		= $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS))
-ALL_TRASH :=    $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \
-                $(NOSUCHFILE) so_locations 
-endif
-
-#end of 32-bit only stuff.
-endif
-
-# Override the values defined in coreconf's ruleset.mk.
-#
-# - (1) LIBRARY: a static (archival) library
-# - (2) SHARED_LIBRARY: a shared (dynamic link) library
-# - (3) IMPORT_LIBRARY: an import library, used only on Windows
-# - (4) PROGRAM: an executable binary
-#
-# override these variables to prevent building a DSO/DLL.
-  TARGETS        = $(LIBRARY)
-  SHARED_LIBRARY =
-  IMPORT_LIBRARY =
-  PROGRAM        =
-
-else
-# This is a recursive build.  
-
-TARGETS	     = $(SHARED_LIBRARY)
-LIBRARY      =
-PROGRAM      =
-
-#ifeq ($(OS_TARGET), HP-UX)
-  EXTRA_LIBS        += \
-	$(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
-	$(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-  EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	-lc
-#endif
-
-endif
diff --git a/security/nss/lib/freebl/des.c b/security/nss/lib/freebl/des.c
deleted file mode 100644
index 9b44f8c35..000000000
--- a/security/nss/lib/freebl/des.c
+++ /dev/null
@@ -1,683 +0,0 @@
-/*
- *  des.c
- *
- *  core source file for DES-150 library
- *  Make key schedule from DES key.
- *  Encrypt/Decrypt one 8-byte block.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com.  Portions created by Nelson B. Bolyard are 
- * Copyright (C) 1990, 2000  Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "des.h"
-#include <stddef.h>	/* for ptrdiff_t */
-/* #define USE_INDEXING 1 */
-
-/*
- * The tables below are the 8 sbox functions, with the 6-bit input permutation 
- * and the 32-bit output permutation pre-computed.
- * They are shifted circularly to the left 3 bits, which removes 2 shifts
- * and an or from each round by reducing the number of sboxes whose
- * indices cross word broundaries from 2 to 1.  
- */
-
-static const HALF SP[8][64] = {
-/* Box S1 */ { 
-	0x04041000, 0x00000000, 0x00040000, 0x04041010, 
-	0x04040010, 0x00041010, 0x00000010, 0x00040000, 
-	0x00001000, 0x04041000, 0x04041010, 0x00001000, 
-	0x04001010, 0x04040010, 0x04000000, 0x00000010, 
-	0x00001010, 0x04001000, 0x04001000, 0x00041000, 
-	0x00041000, 0x04040000, 0x04040000, 0x04001010, 
-	0x00040010, 0x04000010, 0x04000010, 0x00040010, 
-	0x00000000, 0x00001010, 0x00041010, 0x04000000, 
-	0x00040000, 0x04041010, 0x00000010, 0x04040000, 
-	0x04041000, 0x04000000, 0x04000000, 0x00001000, 
-	0x04040010, 0x00040000, 0x00041000, 0x04000010, 
-	0x00001000, 0x00000010, 0x04001010, 0x00041010, 
-	0x04041010, 0x00040010, 0x04040000, 0x04001010, 
-	0x04000010, 0x00001010, 0x00041010, 0x04041000, 
-	0x00001010, 0x04001000, 0x04001000, 0x00000000, 
-	0x00040010, 0x00041000, 0x00000000, 0x04040010
-    },
-/* Box S2 */ { 
-	0x00420082, 0x00020002, 0x00020000, 0x00420080, 
-	0x00400000, 0x00000080, 0x00400082, 0x00020082, 
-	0x00000082, 0x00420082, 0x00420002, 0x00000002, 
-	0x00020002, 0x00400000, 0x00000080, 0x00400082, 
-	0x00420000, 0x00400080, 0x00020082, 0x00000000, 
-	0x00000002, 0x00020000, 0x00420080, 0x00400002, 
-	0x00400080, 0x00000082, 0x00000000, 0x00420000, 
-	0x00020080, 0x00420002, 0x00400002, 0x00020080, 
-	0x00000000, 0x00420080, 0x00400082, 0x00400000, 
-	0x00020082, 0x00400002, 0x00420002, 0x00020000, 
-	0x00400002, 0x00020002, 0x00000080, 0x00420082, 
-	0x00420080, 0x00000080, 0x00020000, 0x00000002, 
-	0x00020080, 0x00420002, 0x00400000, 0x00000082, 
-	0x00400080, 0x00020082, 0x00000082, 0x00400080, 
-	0x00420000, 0x00000000, 0x00020002, 0x00020080, 
-	0x00000002, 0x00400082, 0x00420082, 0x00420000 
-    },
-/* Box S3 */ { 
-	0x00000820, 0x20080800, 0x00000000, 0x20080020, 
-	0x20000800, 0x00000000, 0x00080820, 0x20000800, 
-	0x00080020, 0x20000020, 0x20000020, 0x00080000, 
-	0x20080820, 0x00080020, 0x20080000, 0x00000820, 
-	0x20000000, 0x00000020, 0x20080800, 0x00000800, 
-	0x00080800, 0x20080000, 0x20080020, 0x00080820, 
-	0x20000820, 0x00080800, 0x00080000, 0x20000820, 
-	0x00000020, 0x20080820, 0x00000800, 0x20000000, 
-	0x20080800, 0x20000000, 0x00080020, 0x00000820, 
-	0x00080000, 0x20080800, 0x20000800, 0x00000000, 
-	0x00000800, 0x00080020, 0x20080820, 0x20000800, 
-	0x20000020, 0x00000800, 0x00000000, 0x20080020, 
-	0x20000820, 0x00080000, 0x20000000, 0x20080820, 
-	0x00000020, 0x00080820, 0x00080800, 0x20000020, 
-	0x20080000, 0x20000820, 0x00000820, 0x20080000, 
-	0x00080820, 0x00000020, 0x20080020, 0x00080800 
-    },
-/* Box S4 */ { 
-	0x02008004, 0x00008204, 0x00008204, 0x00000200, 
-	0x02008200, 0x02000204, 0x02000004, 0x00008004, 
-	0x00000000, 0x02008000, 0x02008000, 0x02008204, 
-	0x00000204, 0x00000000, 0x02000200, 0x02000004, 
-	0x00000004, 0x00008000, 0x02000000, 0x02008004, 
-	0x00000200, 0x02000000, 0x00008004, 0x00008200, 
-	0x02000204, 0x00000004, 0x00008200, 0x02000200, 
-	0x00008000, 0x02008200, 0x02008204, 0x00000204, 
-	0x02000200, 0x02000004, 0x02008000, 0x02008204, 
-	0x00000204, 0x00000000, 0x00000000, 0x02008000, 
-	0x00008200, 0x02000200, 0x02000204, 0x00000004, 
-	0x02008004, 0x00008204, 0x00008204, 0x00000200, 
-	0x02008204, 0x00000204, 0x00000004, 0x00008000, 
-	0x02000004, 0x00008004, 0x02008200, 0x02000204, 
-	0x00008004, 0x00008200, 0x02000000, 0x02008004, 
-	0x00000200, 0x02000000, 0x00008000, 0x02008200 
-    },
-/* Box S5 */ { 
-	0x00000400, 0x08200400, 0x08200000, 0x08000401, 
-	0x00200000, 0x00000400, 0x00000001, 0x08200000, 
-	0x00200401, 0x00200000, 0x08000400, 0x00200401, 
-	0x08000401, 0x08200001, 0x00200400, 0x00000001, 
-	0x08000000, 0x00200001, 0x00200001, 0x00000000, 
-	0x00000401, 0x08200401, 0x08200401, 0x08000400, 
-	0x08200001, 0x00000401, 0x00000000, 0x08000001, 
-	0x08200400, 0x08000000, 0x08000001, 0x00200400, 
-	0x00200000, 0x08000401, 0x00000400, 0x08000000, 
-	0x00000001, 0x08200000, 0x08000401, 0x00200401, 
-	0x08000400, 0x00000001, 0x08200001, 0x08200400, 
-	0x00200401, 0x00000400, 0x08000000, 0x08200001, 
-	0x08200401, 0x00200400, 0x08000001, 0x08200401, 
-	0x08200000, 0x00000000, 0x00200001, 0x08000001, 
-	0x00200400, 0x08000400, 0x00000401, 0x00200000, 
-	0x00000000, 0x00200001, 0x08200400, 0x00000401
-    },
-/* Box S6 */ { 
-	0x80000040, 0x81000000, 0x00010000, 0x81010040, 
-	0x81000000, 0x00000040, 0x81010040, 0x01000000, 
-	0x80010000, 0x01010040, 0x01000000, 0x80000040, 
-	0x01000040, 0x80010000, 0x80000000, 0x00010040, 
-	0x00000000, 0x01000040, 0x80010040, 0x00010000, 
-	0x01010000, 0x80010040, 0x00000040, 0x81000040, 
-	0x81000040, 0x00000000, 0x01010040, 0x81010000, 
-	0x00010040, 0x01010000, 0x81010000, 0x80000000, 
-	0x80010000, 0x00000040, 0x81000040, 0x01010000, 
-	0x81010040, 0x01000000, 0x00010040, 0x80000040, 
-	0x01000000, 0x80010000, 0x80000000, 0x00010040, 
-	0x80000040, 0x81010040, 0x01010000, 0x81000000, 
-	0x01010040, 0x81010000, 0x00000000, 0x81000040, 
-	0x00000040, 0x00010000, 0x81000000, 0x01010040, 
-	0x00010000, 0x01000040, 0x80010040, 0x00000000, 
-	0x81010000, 0x80000000, 0x01000040, 0x80010040 
-    },
-/* Box S7 */ { 
-	0x00800000, 0x10800008, 0x10002008, 0x00000000, 
-	0x00002000, 0x10002008, 0x00802008, 0x10802000, 
-	0x10802008, 0x00800000, 0x00000000, 0x10000008, 
-	0x00000008, 0x10000000, 0x10800008, 0x00002008, 
-	0x10002000, 0x00802008, 0x00800008, 0x10002000, 
-	0x10000008, 0x10800000, 0x10802000, 0x00800008, 
-	0x10800000, 0x00002000, 0x00002008, 0x10802008, 
-	0x00802000, 0x00000008, 0x10000000, 0x00802000, 
-	0x10000000, 0x00802000, 0x00800000, 0x10002008, 
-	0x10002008, 0x10800008, 0x10800008, 0x00000008, 
-	0x00800008, 0x10000000, 0x10002000, 0x00800000, 
-	0x10802000, 0x00002008, 0x00802008, 0x10802000, 
-	0x00002008, 0x10000008, 0x10802008, 0x10800000, 
-	0x00802000, 0x00000000, 0x00000008, 0x10802008, 
-	0x00000000, 0x00802008, 0x10800000, 0x00002000, 
-	0x10000008, 0x10002000, 0x00002000, 0x00800008 
-    },
-/* Box S8 */ { 
-	0x40004100, 0x00004000, 0x00100000, 0x40104100, 
-	0x40000000, 0x40004100, 0x00000100, 0x40000000, 
-	0x00100100, 0x40100000, 0x40104100, 0x00104000, 
-	0x40104000, 0x00104100, 0x00004000, 0x00000100, 
-	0x40100000, 0x40000100, 0x40004000, 0x00004100, 
-	0x00104000, 0x00100100, 0x40100100, 0x40104000, 
-	0x00004100, 0x00000000, 0x00000000, 0x40100100, 
-	0x40000100, 0x40004000, 0x00104100, 0x00100000, 
-	0x00104100, 0x00100000, 0x40104000, 0x00004000, 
-	0x00000100, 0x40100100, 0x00004000, 0x00104100, 
-	0x40004000, 0x00000100, 0x40000100, 0x40100000, 
-	0x40100100, 0x40000000, 0x00100000, 0x40004100, 
-	0x00000000, 0x40104100, 0x00100100, 0x40000100, 
-	0x40100000, 0x40004000, 0x40004100, 0x00000000, 
-	0x40104100, 0x00104000, 0x00104000, 0x00004100, 
-	0x00004100, 0x00100100, 0x40000000, 0x40104000 
-    }
-};
-
-static const HALF PC2[8][64] = {
-/* table 0 */ {
-    0x00000000, 0x00001000, 0x04000000, 0x04001000, 
-    0x00100000, 0x00101000, 0x04100000, 0x04101000, 
-    0x00008000, 0x00009000, 0x04008000, 0x04009000, 
-    0x00108000, 0x00109000, 0x04108000, 0x04109000, 
-    0x00000004, 0x00001004, 0x04000004, 0x04001004, 
-    0x00100004, 0x00101004, 0x04100004, 0x04101004, 
-    0x00008004, 0x00009004, 0x04008004, 0x04009004, 
-    0x00108004, 0x00109004, 0x04108004, 0x04109004, 
-    0x08000000, 0x08001000, 0x0c000000, 0x0c001000, 
-    0x08100000, 0x08101000, 0x0c100000, 0x0c101000, 
-    0x08008000, 0x08009000, 0x0c008000, 0x0c009000, 
-    0x08108000, 0x08109000, 0x0c108000, 0x0c109000, 
-    0x08000004, 0x08001004, 0x0c000004, 0x0c001004, 
-    0x08100004, 0x08101004, 0x0c100004, 0x0c101004, 
-    0x08008004, 0x08009004, 0x0c008004, 0x0c009004, 
-    0x08108004, 0x08109004, 0x0c108004, 0x0c109004
-  },
-/* table 1 */ {
-    0x00000000, 0x00002000, 0x80000000, 0x80002000, 
-    0x00000008, 0x00002008, 0x80000008, 0x80002008, 
-    0x00200000, 0x00202000, 0x80200000, 0x80202000, 
-    0x00200008, 0x00202008, 0x80200008, 0x80202008, 
-    0x20000000, 0x20002000, 0xa0000000, 0xa0002000, 
-    0x20000008, 0x20002008, 0xa0000008, 0xa0002008, 
-    0x20200000, 0x20202000, 0xa0200000, 0xa0202000, 
-    0x20200008, 0x20202008, 0xa0200008, 0xa0202008, 
-    0x00000400, 0x00002400, 0x80000400, 0x80002400, 
-    0x00000408, 0x00002408, 0x80000408, 0x80002408, 
-    0x00200400, 0x00202400, 0x80200400, 0x80202400, 
-    0x00200408, 0x00202408, 0x80200408, 0x80202408, 
-    0x20000400, 0x20002400, 0xa0000400, 0xa0002400, 
-    0x20000408, 0x20002408, 0xa0000408, 0xa0002408, 
-    0x20200400, 0x20202400, 0xa0200400, 0xa0202400, 
-    0x20200408, 0x20202408, 0xa0200408, 0xa0202408
-  },
-/* table 2 */ {
-    0x00000000, 0x00004000, 0x00000020, 0x00004020, 
-    0x00080000, 0x00084000, 0x00080020, 0x00084020, 
-    0x00000800, 0x00004800, 0x00000820, 0x00004820, 
-    0x00080800, 0x00084800, 0x00080820, 0x00084820, 
-    0x00000010, 0x00004010, 0x00000030, 0x00004030, 
-    0x00080010, 0x00084010, 0x00080030, 0x00084030, 
-    0x00000810, 0x00004810, 0x00000830, 0x00004830, 
-    0x00080810, 0x00084810, 0x00080830, 0x00084830, 
-    0x00400000, 0x00404000, 0x00400020, 0x00404020, 
-    0x00480000, 0x00484000, 0x00480020, 0x00484020, 
-    0x00400800, 0x00404800, 0x00400820, 0x00404820, 
-    0x00480800, 0x00484800, 0x00480820, 0x00484820, 
-    0x00400010, 0x00404010, 0x00400030, 0x00404030, 
-    0x00480010, 0x00484010, 0x00480030, 0x00484030, 
-    0x00400810, 0x00404810, 0x00400830, 0x00404830, 
-    0x00480810, 0x00484810, 0x00480830, 0x00484830 
-  },
-/* table 3 */ {
-    0x00000000, 0x40000000, 0x00000080, 0x40000080, 
-    0x00040000, 0x40040000, 0x00040080, 0x40040080, 
-    0x00000040, 0x40000040, 0x000000c0, 0x400000c0, 
-    0x00040040, 0x40040040, 0x000400c0, 0x400400c0, 
-    0x10000000, 0x50000000, 0x10000080, 0x50000080, 
-    0x10040000, 0x50040000, 0x10040080, 0x50040080, 
-    0x10000040, 0x50000040, 0x100000c0, 0x500000c0, 
-    0x10040040, 0x50040040, 0x100400c0, 0x500400c0, 
-    0x00800000, 0x40800000, 0x00800080, 0x40800080, 
-    0x00840000, 0x40840000, 0x00840080, 0x40840080, 
-    0x00800040, 0x40800040, 0x008000c0, 0x408000c0, 
-    0x00840040, 0x40840040, 0x008400c0, 0x408400c0, 
-    0x10800000, 0x50800000, 0x10800080, 0x50800080, 
-    0x10840000, 0x50840000, 0x10840080, 0x50840080, 
-    0x10800040, 0x50800040, 0x108000c0, 0x508000c0, 
-    0x10840040, 0x50840040, 0x108400c0, 0x508400c0 
-  },
-/* table 4 */ {
-    0x00000000, 0x00000008, 0x08000000, 0x08000008, 
-    0x00040000, 0x00040008, 0x08040000, 0x08040008, 
-    0x00002000, 0x00002008, 0x08002000, 0x08002008, 
-    0x00042000, 0x00042008, 0x08042000, 0x08042008, 
-    0x80000000, 0x80000008, 0x88000000, 0x88000008, 
-    0x80040000, 0x80040008, 0x88040000, 0x88040008, 
-    0x80002000, 0x80002008, 0x88002000, 0x88002008, 
-    0x80042000, 0x80042008, 0x88042000, 0x88042008, 
-    0x00080000, 0x00080008, 0x08080000, 0x08080008, 
-    0x000c0000, 0x000c0008, 0x080c0000, 0x080c0008, 
-    0x00082000, 0x00082008, 0x08082000, 0x08082008, 
-    0x000c2000, 0x000c2008, 0x080c2000, 0x080c2008, 
-    0x80080000, 0x80080008, 0x88080000, 0x88080008, 
-    0x800c0000, 0x800c0008, 0x880c0000, 0x880c0008, 
-    0x80082000, 0x80082008, 0x88082000, 0x88082008, 
-    0x800c2000, 0x800c2008, 0x880c2000, 0x880c2008 
-  },
-/* table 5 */ {
-    0x00000000, 0x00400000, 0x00008000, 0x00408000, 
-    0x40000000, 0x40400000, 0x40008000, 0x40408000, 
-    0x00000020, 0x00400020, 0x00008020, 0x00408020, 
-    0x40000020, 0x40400020, 0x40008020, 0x40408020, 
-    0x00001000, 0x00401000, 0x00009000, 0x00409000, 
-    0x40001000, 0x40401000, 0x40009000, 0x40409000, 
-    0x00001020, 0x00401020, 0x00009020, 0x00409020, 
-    0x40001020, 0x40401020, 0x40009020, 0x40409020, 
-    0x00100000, 0x00500000, 0x00108000, 0x00508000, 
-    0x40100000, 0x40500000, 0x40108000, 0x40508000, 
-    0x00100020, 0x00500020, 0x00108020, 0x00508020, 
-    0x40100020, 0x40500020, 0x40108020, 0x40508020, 
-    0x00101000, 0x00501000, 0x00109000, 0x00509000, 
-    0x40101000, 0x40501000, 0x40109000, 0x40509000, 
-    0x00101020, 0x00501020, 0x00109020, 0x00509020, 
-    0x40101020, 0x40501020, 0x40109020, 0x40509020 
-  },
-/* table 6 */ {
-    0x00000000, 0x00000040, 0x04000000, 0x04000040, 
-    0x00000800, 0x00000840, 0x04000800, 0x04000840, 
-    0x00800000, 0x00800040, 0x04800000, 0x04800040, 
-    0x00800800, 0x00800840, 0x04800800, 0x04800840, 
-    0x10000000, 0x10000040, 0x14000000, 0x14000040, 
-    0x10000800, 0x10000840, 0x14000800, 0x14000840, 
-    0x10800000, 0x10800040, 0x14800000, 0x14800040, 
-    0x10800800, 0x10800840, 0x14800800, 0x14800840, 
-    0x00000080, 0x000000c0, 0x04000080, 0x040000c0, 
-    0x00000880, 0x000008c0, 0x04000880, 0x040008c0, 
-    0x00800080, 0x008000c0, 0x04800080, 0x048000c0, 
-    0x00800880, 0x008008c0, 0x04800880, 0x048008c0, 
-    0x10000080, 0x100000c0, 0x14000080, 0x140000c0, 
-    0x10000880, 0x100008c0, 0x14000880, 0x140008c0, 
-    0x10800080, 0x108000c0, 0x14800080, 0x148000c0, 
-    0x10800880, 0x108008c0, 0x14800880, 0x148008c0 
-  },
-/* table 7 */ {
-    0x00000000, 0x00000010, 0x00000400, 0x00000410, 
-    0x00000004, 0x00000014, 0x00000404, 0x00000414, 
-    0x00004000, 0x00004010, 0x00004400, 0x00004410, 
-    0x00004004, 0x00004014, 0x00004404, 0x00004414, 
-    0x20000000, 0x20000010, 0x20000400, 0x20000410, 
-    0x20000004, 0x20000014, 0x20000404, 0x20000414, 
-    0x20004000, 0x20004010, 0x20004400, 0x20004410, 
-    0x20004004, 0x20004014, 0x20004404, 0x20004414, 
-    0x00200000, 0x00200010, 0x00200400, 0x00200410, 
-    0x00200004, 0x00200014, 0x00200404, 0x00200414, 
-    0x00204000, 0x00204010, 0x00204400, 0x00204410, 
-    0x00204004, 0x00204014, 0x00204404, 0x00204414, 
-    0x20200000, 0x20200010, 0x20200400, 0x20200410, 
-    0x20200004, 0x20200014, 0x20200404, 0x20200414, 
-    0x20204000, 0x20204010, 0x20204400, 0x20204410, 
-    0x20204004, 0x20204014, 0x20204404, 0x20204414 
-  }
-};
-
-/*
- * The PC-1 Permutation
- * If we number the bits of the 8 bytes of key input like this (in octal):
- *     00 01 02 03 04 05 06 07 
- *     10 11 12 13 14 15 16 17 
- *     20 21 22 23 24 25 26 27 
- *     30 31 32 33 34 35 36 37 
- *     40 41 42 43 44 45 46 47 
- *     50 51 52 53 54 55 56 57 
- *     60 61 62 63 64 65 66 67 
- *     70 71 72 73 74 75 76 77 
- * then after the PC-1 permutation, 
- * C0 is
- *     70 60 50 40 30 20 10 00 
- *     71 61 51 41 31 21 11 01 
- *     72 62 52 42 32 22 12 02 
- *     73 63 53 43 
- * D0 is
- *     76 66 56 46 36 26 16 06 
- *     75 65 55 45 35 25 15 05 
- *     74 64 54 44 34 24 14 04 
- *                 33 23 13 03 
- * and these parity bits have been discarded:
- *     77 67 57 47 37 27 17 07 
- * 
- * We achieve this by flipping the input matrix about the diagonal from 70-07,
- * getting left = 
- *     77 67 57 47 37 27 17 07 	(these are the parity bits)
- *     76 66 56 46 36 26 16 06 
- *     75 65 55 45 35 25 15 05 
- *     74 64 54 44 34 24 14 04 
- * right = 
- *     73 63 53 43 33 23 13 03 
- *     72 62 52 42 32 22 12 02 
- *     71 61 51 41 31 21 11 01 
- *     70 60 50 40 30 20 10 00 
- * then byte swap right, ala htonl() on a little endian machine.
- * right = 
- *     70 60 50 40 30 20 10 00 
- *     71 67 57 47 37 27 11 07 
- *     72 62 52 42 32 22 12 02 
- *     73 63 53 43 33 23 13 03 
- * then
- *     c0 = right >> 4;
- *     d0 = ((left & 0x00ffffff) << 4) | (right & 0xf);
-*/
-
-#define FLIP_RIGHT_DIAGONAL(word, temp) \
-    temp  = (word ^ (word >> 18)) & 0x00003333; \
-    word ^=  temp | (temp << 18); \
-    temp  = (word ^ (word >> 9)) & 0x00550055; \
-    word ^=  temp | (temp << 9);
-
-#define BYTESWAP(word, temp) \
-    word = (word >> 16) | (word << 16); \
-    temp = 0x00ff00ff; \
-    word = ((word & temp) << 8) | ((word >> 8) & temp); 
-
-#define PC1(left, right, c0, d0, temp) \
-    right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
-    left  ^= temp << 4; \
-    FLIP_RIGHT_DIAGONAL(left, temp); \
-    FLIP_RIGHT_DIAGONAL(right, temp); \
-    BYTESWAP(right, temp); \
-    c0 = right >> 4; \
-    d0 = ((left & 0x00ffffff) << 4) | (right & 0xf); 
-
-#define LEFT_SHIFT_1( reg ) (((reg << 1) | (reg >> 27)) & 0x0FFFFFFF)
-#define LEFT_SHIFT_2( reg ) (((reg << 2) | (reg >> 26)) & 0x0FFFFFFF)
-
-/*
- *   setup key schedules from key
- */
-
-void 
-DES_MakeSchedule( HALF * ks, BYTE * key,   DESDirection direction)
-{
-    register HALF left, right;
-    register HALF c0, d0;
-    register HALF temp;
-    int           delta;
-    unsigned int  ls;
-
-#if defined(_X86_)
-    left  = HALFPTR(key)[0]; 
-    right = HALFPTR(key)[1]; 
-    BYTESWAP(left, temp);
-    BYTESWAP(right, temp);
-#else
-    if (((ptrdiff_t)key & 0x03) == 0) {
-	left  = HALFPTR(key)[0]; 
-	right = HALFPTR(key)[1]; 
-#if defined(IS_LITTLE_ENDIAN)
-	BYTESWAP(left, temp);
-	BYTESWAP(right, temp);
-#endif
-    } else {
-	left    = ((HALF)key[0] << 24) | ((HALF)key[1] << 16) | 
-		  ((HALF)key[2] << 8)  | key[3];
-	right   = ((HALF)key[4] << 24) | ((HALF)key[5] << 16) | 
-		  ((HALF)key[6] << 8)  | key[7];
-    }
-#endif
-
-    PC1(left, right, c0, d0, temp);
-
-    if (direction == DES_ENCRYPT) {
-	delta = 2 * (int)sizeof(HALF);
-    } else {
-	ks += 30;
-	delta = (-2) * (int)sizeof(HALF);
-    }
-
-    for (ls = 0x8103; ls; ls >>= 1) {
-	if ( ls & 1 ) {
-	    c0 = LEFT_SHIFT_1( c0 );
-	    d0 = LEFT_SHIFT_1( d0 );
-	} else {
-	    c0 = LEFT_SHIFT_2( c0 );
-	    d0 = LEFT_SHIFT_2( d0 );
-	}
-
-#ifdef USE_INDEXING
-#define PC2LOOKUP(b,c) PC2[b][c]
-
-	left   = PC2LOOKUP(0, ((c0 >> 22) & 0x3F) );
-	left  |= PC2LOOKUP(1, ((c0 >> 13) & 0x3F) );
-	left  |= PC2LOOKUP(2, ((c0 >>  4) & 0x38) | (c0 & 0x7) );
-	left  |= PC2LOOKUP(3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30));
-
-	right  = PC2LOOKUP(4, ((d0 >> 22) & 0x3F) );
-	right |= PC2LOOKUP(5, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) );
-	right |= PC2LOOKUP(6, ((d0 >>  7) & 0x3F) );
-	right |= PC2LOOKUP(7, ((d0 >>  1) & 0x3C) | (d0 & 0x3));
-#else
-#define PC2LOOKUP(b,c) *(HALF *)((BYTE *)&PC2[b][0]+(c))
-
-	left   = PC2LOOKUP(0, ((c0 >> 20) & 0xFC) );
-	left  |= PC2LOOKUP(1, ((c0 >> 11) & 0xFC) );
-	left  |= PC2LOOKUP(2, ((c0 >>  2) & 0xE0) | ((c0 <<  2) & 0x1C) );
-	left  |= PC2LOOKUP(3, ((c0>>16)&0x30)|((c0>>9)&0xC)|((c0<<2)&0xC0));
-
-	right  = PC2LOOKUP(4, ((d0 >> 20) & 0xFC) );
-	right |= PC2LOOKUP(5, ((d0 >> 13) & 0xC0) | ((d0 >> 12) & 0x3C) );
-	right |= PC2LOOKUP(6, ((d0 >>  5) & 0xFC) );
-	right |= PC2LOOKUP(7, ((d0 <<  1) & 0xF0) | ((d0 << 2) & 0x0C));
-#endif
-	/* left  contains key bits for S1 S3 S2 S4 */
-	/* right contains key bits for S6 S8 S5 S7 */
-	temp = (left  << 16)        /* S2 S4 XX XX */
-	     | (right >> 16);       /* XX XX S6 S8 */
-	ks[0] = temp;
-
-	temp = (left  & 0xffff0000) /* S1 S3 XX XX */
-	     | (right & 0x0000ffff);/* XX XX S5 S7 */
-	ks[1] = temp;
-
-	ks = (HALF*)((BYTE *)ks + delta);
-    }
-}
-
-/*
- * The DES Initial Permutation
- * if we number the bits of the 8 bytes of input like this (in octal):
- *     00 01 02 03 04 05 06 07 
- *     10 11 12 13 14 15 16 17 
- *     20 21 22 23 24 25 26 27 
- *     30 31 32 33 34 35 36 37 
- *     40 41 42 43 44 45 46 47 
- *     50 51 52 53 54 55 56 57 
- *     60 61 62 63 64 65 66 67 
- *     70 71 72 73 74 75 76 77 
- * then after the initial permutation, they will be in this order. 
- *     71 61 51 41 31 21 11 01 
- *     73 63 53 43 33 23 13 03 
- *     75 65 55 45 35 25 15 05 
- *     77 67 57 47 37 27 17 07 
- *     70 60 50 40 30 20 10 00 
- *     72 62 52 42 32 22 12 02 
- *     74 64 54 44 34 24 14 04 
- *     76 66 56 46 36 26 16 06 
- *
- * One way to do this is in two steps:
- * 1. Flip this matrix about the diagonal from 70-07 as done for PC1.
- * 2. Rearrange the bytes (rows in the matrix above) with the following code.
- *
- * #define swapHiLo(word, temp) \
- *   temp  = (word ^ (word >> 24)) & 0x000000ff; \
- *   word ^=  temp | (temp << 24); 
- *
- *   right ^= temp = ((left << 8) ^ right) & 0xff00ff00; 
- *   left  ^= temp >> 8; 
- *   swapHiLo(left, temp);
- *   swapHiLo(right,temp);
- *
- * However, the two steps can be combined, so that the rows are rearranged
- * while the matrix is being flipped, reducing the number of bit exchange
- * operations from 8 ot 5.  
- *
- * Initial Permutation */
-#define IP(left, right, temp) \
-    right ^= temp = ((left >> 4) ^  right) & 0x0f0f0f0f; \
-    left  ^= temp << 4; \
-    right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \
-    left  ^= temp << 16; \
-    right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \
-    left  ^= temp >> 2; \
-    right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \
-    left  ^= temp >> 8; \
-    right ^= temp = ((left >> 1) ^ right) & 0x55555555; \
-    left  ^= temp << 1; 
-
-/* The Final (Inverse Initial) permutation is done by reversing the 
-** steps of the Initital Permutation 
-*/
-
-#define FP(left, right, temp) \
-    right ^= temp = ((left >> 1) ^ right) & 0x55555555; \
-    left  ^= temp << 1; \
-    right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \
-    left  ^= temp >> 8; \
-    right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \
-    left  ^= temp >> 2; \
-    right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \
-    left  ^= temp << 16; \
-    right ^= temp = ((left >> 4) ^  right) & 0x0f0f0f0f; \
-    left  ^= temp << 4; 
-
-void 
-DES_Do1Block(HALF * ks, const BYTE * inbuf, BYTE * outbuf)
-{
-    register HALF left, right;
-    register HALF temp;
-
-#if defined(_X86_)
-    left  = HALFPTR(inbuf)[0]; 
-    right = HALFPTR(inbuf)[1]; 
-    BYTESWAP(left, temp);
-    BYTESWAP(right, temp);
-#else
-    if (((ptrdiff_t)inbuf & 0x03) == 0) {
-	left  = HALFPTR(inbuf)[0]; 
-	right = HALFPTR(inbuf)[1]; 
-#if defined(IS_LITTLE_ENDIAN)
-	BYTESWAP(left, temp);
-	BYTESWAP(right, temp);
-#endif
-    } else {
-	left    = ((HALF)inbuf[0] << 24) | ((HALF)inbuf[1] << 16) | 
-		  ((HALF)inbuf[2] << 8)  | inbuf[3];
-	right   = ((HALF)inbuf[4] << 24) | ((HALF)inbuf[5] << 16) | 
-		  ((HALF)inbuf[6] << 8)  | inbuf[7];
-    }
-#endif
-
-    IP(left, right, temp);
-
-    /* shift the values left circularly 3 bits. */
-    left  = (left  << 3) | (left  >> 29);
-    right = (right << 3) | (right >> 29);
-
-#ifdef USE_INDEXING
-#define KSLOOKUP(s,b) SP[s][((temp >> (b+2)) & 0x3f)]
-#else
-#define KSLOOKUP(s,b) *(HALF*)((BYTE*)&SP[s][0]+((temp >> b) & 0xFC))
-#endif
-#define ROUND(out, in, r) \
-    temp  = in ^ ks[2*r]; \
-    out ^= KSLOOKUP( 1,  24 ); \
-    out ^= KSLOOKUP( 3,  16 ); \
-    out ^= KSLOOKUP( 5,   8 ); \
-    out ^= KSLOOKUP( 7,   0 ); \
-    temp  = ((in >> 4) | (in << 28)) ^ ks[2*r+1]; \
-    out ^= KSLOOKUP( 0,  24 ); \
-    out ^= KSLOOKUP( 2,  16 ); \
-    out ^= KSLOOKUP( 4,   8 ); \
-    out ^= KSLOOKUP( 6,   0 ); 
-
-    /* Do the 16 Feistel rounds */
-    ROUND(left, right, 0)
-    ROUND(right, left, 1)
-    ROUND(left, right, 2)
-    ROUND(right, left, 3)
-    ROUND(left, right, 4)
-    ROUND(right, left, 5)
-    ROUND(left, right, 6)
-    ROUND(right, left, 7)
-    ROUND(left, right, 8)
-    ROUND(right, left, 9)
-    ROUND(left, right, 10)
-    ROUND(right, left, 11)
-    ROUND(left, right, 12)
-    ROUND(right, left, 13)
-    ROUND(left, right, 14)
-    ROUND(right, left, 15)
-
-    /* now shift circularly right 3 bits to undo the shifting done 
-    ** above.  switch left and right here. 
-    */
-    temp  = (left >> 3) | (left << 29); 
-    left  = (right >> 3) | (right << 29); 
-    right = temp;
-
-    FP(left, right, temp);
-
-#if defined(_X86_)
-    BYTESWAP(left, temp);
-    BYTESWAP(right, temp);
-    HALFPTR(outbuf)[0]  = left; 
-    HALFPTR(outbuf)[1]  = right; 
-#else
-    if (((ptrdiff_t)inbuf & 0x03) == 0) {
-#if defined(IS_LITTLE_ENDIAN)
-	BYTESWAP(left, temp);
-	BYTESWAP(right, temp);
-#endif
-	HALFPTR(outbuf)[0]  = left; 
-	HALFPTR(outbuf)[1]  = right; 
-    } else {
-	outbuf[0] = (BYTE)(left >> 24);
-	outbuf[1] = (BYTE)(left >> 16);
-	outbuf[2] = (BYTE)(left >>  8);
-	outbuf[3] = (BYTE)(left      );
-
-	outbuf[4] = (BYTE)(right >> 24);
-	outbuf[5] = (BYTE)(right >> 16);
-	outbuf[6] = (BYTE)(right >>  8);
-	outbuf[7] = (BYTE)(right      );
-    }
-#endif
-
-}
-
-/* Ackowledgements:
-** Two ideas used in this implementation were shown to me by Dennis Ferguson 
-** in 1990.  He credits them to Richard Outerbridge and Dan Hoey.  They were:
-** 1. The method of computing the Initial and Final permutations.
-** 2. Circularly rotating the SP tables and the initial values of left and 
-**	right to reduce the number of shifts required during the 16 rounds.
-*/
diff --git a/security/nss/lib/freebl/des.h b/security/nss/lib/freebl/des.h
deleted file mode 100644
index 472896ef1..000000000
--- a/security/nss/lib/freebl/des.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- *  des.h
- *
- *  header file for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com.  Portions created by Nelson B. Bolyard are 
- * Copyright (C) 1990, 2000  Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#ifndef _DES_H_
-#define _DES_H_ 1
-
-#include "blapi.h"
-
-typedef unsigned char BYTE;
-typedef unsigned int  HALF;
-
-#define HALFPTR(x) ((HALF *)(x))
-#define SHORTPTR(x) ((unsigned short *)(x))
-#define BYTEPTR(x) ((BYTE *)(x))
-
-typedef enum {
-    DES_ENCRYPT = 0x5555,
-    DES_DECRYPT = 0xAAAA
-} DESDirection;
-
-typedef void DESFunc(struct DESContextStr *cx, BYTE *out, const BYTE *in, 
-                     unsigned int len);
-
-struct DESContextStr {
-    /* key schedule, 16 internal keys, each with 8 6-bit parts */
-    HALF ks0 [32];
-    HALF ks1 [32];
-    HALF ks2 [32];
-    HALF iv  [2];
-    DESDirection direction;
-    DESFunc  *worker;
-};
-
-void DES_MakeSchedule( HALF * ks, BYTE * key,   DESDirection direction);
-void DES_Do1Block(     HALF * ks, const BYTE * inbuf, BYTE * outbuf);
-
-#endif
diff --git a/security/nss/lib/freebl/desblapi.c b/security/nss/lib/freebl/desblapi.c
deleted file mode 100644
index af7e9ca2d..000000000
--- a/security/nss/lib/freebl/desblapi.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- *  desblapi.c
- *
- *  core source file for DES-150 library
- *  Implement DES Modes of Operation and Triple-DES.
- *  Adapt DES-150 to blapi API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com.  Portions created by Nelson B. Bolyard are 
- * Copyright (C) 1990, 2000  Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "des.h"
-#include <stddef.h>
-#include "secerr.h"
-
-#if defined(_X86_)
-/* Intel X86 CPUs do unaligned loads and stores without complaint. */
-#define COPY8B(to, from, ptr) \
-    	HALFPTR(to)[0] = HALFPTR(from)[0]; \
-    	HALFPTR(to)[1] = HALFPTR(from)[1]; 
-#elif defined(USE_MEMCPY)
-#define COPY8B(to, from, ptr) memcpy(to, from, 8)
-#else
-#define COPY8B(to, from, ptr) \
-    if (((ptrdiff_t)(ptr) & 0x3) == 0) { \
-    	HALFPTR(to)[0] = HALFPTR(from)[0]; \
-    	HALFPTR(to)[1] = HALFPTR(from)[1]; \
-    } else if (((ptrdiff_t)(ptr) & 0x1) == 0) { \
-    	SHORTPTR(to)[0] = SHORTPTR(from)[0]; \
-    	SHORTPTR(to)[1] = SHORTPTR(from)[1]; \
-    	SHORTPTR(to)[2] = SHORTPTR(from)[2]; \
-    	SHORTPTR(to)[3] = SHORTPTR(from)[3]; \
-    } else { \
-    	BYTEPTR(to)[0] = BYTEPTR(from)[0]; \
-    	BYTEPTR(to)[1] = BYTEPTR(from)[1]; \
-    	BYTEPTR(to)[2] = BYTEPTR(from)[2]; \
-    	BYTEPTR(to)[3] = BYTEPTR(from)[3]; \
-    	BYTEPTR(to)[4] = BYTEPTR(from)[4]; \
-    	BYTEPTR(to)[5] = BYTEPTR(from)[5]; \
-    	BYTEPTR(to)[6] = BYTEPTR(from)[6]; \
-    	BYTEPTR(to)[7] = BYTEPTR(from)[7]; \
-    } 
-#endif
-#define COPY8BTOHALF(to, from) COPY8B(to, from, from)
-#define COPY8BFROMHALF(to, from) COPY8B(to, from, to)
-
-static void 
-DES_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
-    while (len) {
-	DES_Do1Block(cx->ks0, in, out);
-	len -= 8;
-	in  += 8;
-	out += 8;
-    }
-}
-
-static void 
-DES_EDE3_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
-    while (len) {
-	DES_Do1Block(cx->ks0,  in, out);
-	len -= 8;
-	in  += 8;
-	DES_Do1Block(cx->ks1, out, out);
-	DES_Do1Block(cx->ks2, out, out);
-	out += 8;
-    }
-}
-
-static void 
-DES_CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
-    const BYTE * bufend = in + len;
-    HALF  vec[2];
-
-    while (in != bufend) {
-	COPY8BTOHALF(vec, in);
-	in += 8;
-	vec[0] ^= cx->iv[0];
-	vec[1] ^= cx->iv[1];
-	DES_Do1Block( cx->ks0, (BYTE *)vec, (BYTE *)cx->iv);
-	COPY8BFROMHALF(out, cx->iv);
-	out += 8;
-    }
-}
-
-static void 
-DES_CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
-    const BYTE * bufend;
-    HALF oldciphertext[2];
-    HALF plaintext    [2];
-
-    for (bufend = in + len; in != bufend; ) {
-	oldciphertext[0] = cx->iv[0];
-	oldciphertext[1] = cx->iv[1];
-	COPY8BTOHALF(cx->iv, in);
-	in += 8;
-	DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext);
-	plaintext[0] ^= oldciphertext[0];
-	plaintext[1] ^= oldciphertext[1];
-	COPY8BFROMHALF(out, plaintext);
-	out += 8;
-    }
-}
-
-static void 
-DES_EDE3CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
-    const BYTE * bufend = in + len;
-    HALF  vec[2];
-
-    while (in != bufend) {
-	COPY8BTOHALF(vec, in);
-	in += 8;
-	vec[0] ^= cx->iv[0];
-	vec[1] ^= cx->iv[1];
-	DES_Do1Block( cx->ks0, (BYTE *)vec,    (BYTE *)cx->iv);
-	DES_Do1Block( cx->ks1, (BYTE *)cx->iv, (BYTE *)cx->iv);
-	DES_Do1Block( cx->ks2, (BYTE *)cx->iv, (BYTE *)cx->iv);
-	COPY8BFROMHALF(out, cx->iv);
-	out += 8;
-    }
-}
-
-static void 
-DES_EDE3CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
-    const BYTE * bufend;
-    HALF oldciphertext[2];
-    HALF plaintext    [2];
-
-    for (bufend = in + len; in != bufend; ) {
-	oldciphertext[0] = cx->iv[0];
-	oldciphertext[1] = cx->iv[1];
-	COPY8BTOHALF(cx->iv, in);
-	in += 8;
-	DES_Do1Block(cx->ks0, (BYTE *)cx->iv,    (BYTE *)plaintext);
-	DES_Do1Block(cx->ks1, (BYTE *)plaintext, (BYTE *)plaintext);
-	DES_Do1Block(cx->ks2, (BYTE *)plaintext, (BYTE *)plaintext);
-	plaintext[0] ^= oldciphertext[0];
-	plaintext[1] ^= oldciphertext[1];
-	COPY8BFROMHALF(out, plaintext);
-	out += 8;
-    }
-}
-
-DESContext *
-DES_CreateContext(BYTE * key, BYTE *iv, int mode, PRBool encrypt)
-{
-    DESContext *cx = PORT_ZNew(DESContext);
-    DESDirection opposite;
-    if (!cx) 
-    	return 0;
-    cx->direction = encrypt ? DES_ENCRYPT : DES_DECRYPT;
-    opposite      = encrypt ? DES_DECRYPT : DES_ENCRYPT;
-    switch (mode) {
-    case NSS_DES:	/* DES ECB */
-	DES_MakeSchedule( cx->ks0, key, cx->direction);
-	cx->worker = &DES_ECB;
-	break;
-
-    case NSS_DES_EDE3:	/* DES EDE ECB */
-	cx->worker = &DES_EDE3_ECB;
-	if (encrypt) {
-	    DES_MakeSchedule(cx->ks0, key,      cx->direction);
-	    DES_MakeSchedule(cx->ks1, key +  8, opposite);
-	    DES_MakeSchedule(cx->ks2, key + 16, cx->direction);
-	} else {
-	    DES_MakeSchedule(cx->ks2, key,      cx->direction);
-	    DES_MakeSchedule(cx->ks1, key +  8, opposite);
-	    DES_MakeSchedule(cx->ks0, key + 16, cx->direction);
-	}
-	break;
-
-    case NSS_DES_CBC:	/* DES CBC */
-	COPY8BTOHALF(cx->iv, iv);
-	cx->worker = encrypt ? &DES_CBCEn : &DES_CBCDe;
-	DES_MakeSchedule(cx->ks0, key, cx->direction);
-	break;
-
-    case NSS_DES_EDE3_CBC:	/* DES EDE CBC */
-	COPY8BTOHALF(cx->iv, iv);
-	if (encrypt) {
-	    cx->worker = &DES_EDE3CBCEn;
-	    DES_MakeSchedule(cx->ks0, key,      cx->direction);
-	    DES_MakeSchedule(cx->ks1, key +  8, opposite);
-	    DES_MakeSchedule(cx->ks2, key + 16, cx->direction);
-	} else {
-	    cx->worker = &DES_EDE3CBCDe;
-	    DES_MakeSchedule(cx->ks2, key,      cx->direction);
-	    DES_MakeSchedule(cx->ks1, key +  8, opposite);
-	    DES_MakeSchedule(cx->ks0, key + 16, cx->direction);
-	}
-	break;
-
-    default:
-    	PORT_Free(cx);
-	cx = 0;
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	break;
-    }
-    return cx;
-}
-
-void
-DES_DestroyContext(DESContext *cx, PRBool freeit)
-{
-    if (cx) {
-    	memset(cx, 0, sizeof *cx);
-	if (freeit)
-	    PORT_Free(cx);
-    }
-}
-
-SECStatus
-DES_Encrypt(DESContext *cx, BYTE *out, unsigned int *outLen,
-            unsigned int maxOutLen, const BYTE *in, unsigned int inLen)
-{
-
-    if (inLen < 0 || (inLen % 8) != 0 || maxOutLen < inLen || !cx || 
-        cx->direction != DES_ENCRYPT) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    cx->worker(cx, out, in, inLen);
-    if (outLen)
-	*outLen = inLen;
-    return SECSuccess;
-}
-
-SECStatus
-DES_Decrypt(DESContext *cx, BYTE *out, unsigned int *outLen,
-            unsigned int maxOutLen, const BYTE *in, unsigned int inLen)
-{
-
-    if (inLen < 0 || (inLen % 8) != 0 || maxOutLen < inLen || !cx || 
-        cx->direction != DES_DECRYPT) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    cx->worker(cx, out, in, inLen);
-    if (outLen)
-	*outLen = inLen;
-    return SECSuccess;
-}
diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c
deleted file mode 100644
index 6c369b6dd..000000000
--- a/security/nss/lib/freebl/dh.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Diffie-Hellman parameter generation, key generation, and secret derivation.
- * KEA secret generation and verification.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "blapi.h"
-#include "secitem.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "secmpi.h"
-
-#define DH_SECRET_KEY_LEN      20
-#define KEA_DERIVED_SECRET_LEN 128
-
-SECStatus 
-DH_GenParam(int primeLen, DHParams **params)
-{
-    PRArenaPool *arena;
-    DHParams *dhparams;
-    unsigned char *pb = NULL;
-    unsigned char *ab = NULL;
-    unsigned long counter = 0;
-    mp_int p, q, a, h, psub1, test;
-    mp_err err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    if (!params || primeLen < 0) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-    if (!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    dhparams = (DHParams *)PORT_ArenaZAlloc(arena, sizeof(DHParams));
-    if (!dhparams) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(arena, PR_TRUE);
-	return SECFailure;
-    }
-    dhparams->arena = arena;
-    MP_DIGITS(&p) = 0;
-    MP_DIGITS(&q) = 0;
-    MP_DIGITS(&a) = 0;
-    MP_DIGITS(&h) = 0;
-    MP_DIGITS(&psub1) = 0;
-    MP_DIGITS(&test) = 0;
-    CHECK_MPI_OK( mp_init(&p) );
-    CHECK_MPI_OK( mp_init(&q) );
-    CHECK_MPI_OK( mp_init(&a) );
-    CHECK_MPI_OK( mp_init(&h) );
-    CHECK_MPI_OK( mp_init(&psub1) );
-    CHECK_MPI_OK( mp_init(&test) );
-    /* generate prime with MPI, uses Miller-Rabin to generate strong prime. */
-    pb = PORT_Alloc(primeLen);
-    CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) );
-    pb[0]          |= 0x80; /* set high-order bit */
-    pb[primeLen-1] |= 0x01; /* set low-order bit  */
-    CHECK_MPI_OK( mp_read_unsigned_octets(&p, pb, primeLen) );
-    CHECK_MPI_OK( mpp_make_prime(&p, primeLen * 8, PR_TRUE, &counter) );
-    /* construct Sophie-Germain prime q = (p-1)/2. */
-    CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) );
-    CHECK_MPI_OK( mp_div_2(&psub1, &q)    );
-    /* construct a generator from the prime. */
-    ab = PORT_Alloc(primeLen);
-    /* generate a candidate number a in p's field */
-    CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(ab, primeLen) );
-    CHECK_MPI_OK( mp_read_unsigned_octets(&a, ab, primeLen) );
-    /* force a < p (note that quot(a/p) <= 1) */
-    if ( mp_cmp(&a, &p) > 0 )
-	CHECK_MPI_OK( mp_sub(&a, &p, &a) );
-    do {
-	/* check that a is in the range [2..p-1] */
-	if ( mp_cmp_d(&a, 2) < 0 || mp_cmp(&a, &psub1) >= 0) {
-	    /* a is outside of the allowed range.  Set a=3 and keep going. */
-            mp_set(&a, 3);
-	}
-	/* if a**q mod p != 1 then a is a generator */
-	CHECK_MPI_OK( mp_exptmod(&a, &q, &p, &test) );
-	if ( mp_cmp_d(&test, 1) != 0 )
-	    break;
-	/* increment the candidate and try again. */
-	CHECK_MPI_OK( mp_add_d(&a, 1, &a) );
-    } while (PR_TRUE);
-    MPINT_TO_SECITEM(&p, &dhparams->prime, arena);
-    MPINT_TO_SECITEM(&a, &dhparams->base, arena);
-    *params = dhparams;
-cleanup:
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&a);
-    mp_clear(&h);
-    mp_clear(&psub1);
-    mp_clear(&test);
-    if (pb) PORT_ZFree(pb, primeLen);
-    if (ab) PORT_ZFree(ab, primeLen);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    if (rv)
-	PORT_FreeArena(arena, PR_TRUE);
-    return rv;
-}
-
-SECStatus 
-DH_NewKey(DHParams *params, DHPrivateKey **privKey)
-{
-    PRArenaPool *arena;
-    DHPrivateKey *key;
-    mp_int g, xa, p, Ya;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    if (!params || !privKey) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-    if (!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    key = (DHPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DHPrivateKey));
-    if (!key) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(arena, PR_TRUE);
-	return SECFailure;
-    }
-    key->arena = arena;
-    MP_DIGITS(&g)  = 0;
-    MP_DIGITS(&xa) = 0;
-    MP_DIGITS(&p)  = 0;
-    MP_DIGITS(&Ya) = 0;
-    CHECK_MPI_OK( mp_init(&g)  );
-    CHECK_MPI_OK( mp_init(&xa) );
-    CHECK_MPI_OK( mp_init(&p)  );
-    CHECK_MPI_OK( mp_init(&Ya) );
-    /* Set private key's p */
-    CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->prime, &params->prime) );
-    SECITEM_TO_MPINT(key->prime, &p);
-    /* Set private key's g */
-    CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->base, &params->base) );
-    SECITEM_TO_MPINT(key->base, &g);
-    /* Generate private key xa */
-    SECITEM_AllocItem(arena, &key->privateValue, DH_SECRET_KEY_LEN);
-    RNG_GenerateGlobalRandomBytes(key->privateValue.data, 
-                                  key->privateValue.len);
-    SECITEM_TO_MPINT( key->privateValue, &xa );
-    /* xa < p */
-    CHECK_MPI_OK( mp_mod(&xa, &p, &xa) );
-    /* Compute public key Ya = g ** xa mod p */
-    CHECK_MPI_OK( mp_exptmod(&g, &xa, &p, &Ya) );
-    MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena);
-    *privKey = key;
-cleanup:
-    mp_clear(&g);
-    mp_clear(&xa);
-    mp_clear(&p);
-    mp_clear(&Ya);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    if (rv)
-	PORT_FreeArena(arena, PR_TRUE);
-    return rv;
-}
-
-SECStatus 
-DH_Derive(SECItem *publicValue, 
-          SECItem *prime, 
-          SECItem *privateValue, 
-          SECItem *derivedSecret, 
-          unsigned int maxOutBytes)
-{
-    mp_int p, Xa, Yb, ZZ;
-    mp_err err = MP_OKAY;
-    unsigned int len = 0, nb;
-    unsigned char *secret = NULL;
-    if (!publicValue || !prime || !privateValue || !derivedSecret) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    memset(derivedSecret, 0, sizeof *derivedSecret);
-    MP_DIGITS(&p)  = 0;
-    MP_DIGITS(&Xa) = 0;
-    MP_DIGITS(&Yb) = 0;
-    MP_DIGITS(&ZZ) = 0;
-    CHECK_MPI_OK( mp_init(&p)  );
-    CHECK_MPI_OK( mp_init(&Xa) );
-    CHECK_MPI_OK( mp_init(&Yb) );
-    CHECK_MPI_OK( mp_init(&ZZ) );
-    SECITEM_TO_MPINT(*publicValue,  &Yb);
-    SECITEM_TO_MPINT(*privateValue, &Xa);
-    SECITEM_TO_MPINT(*prime,        &p);
-    /* ZZ = (Yb)**Xa mod p */
-    CHECK_MPI_OK( mp_exptmod(&Yb, &Xa, &p, &ZZ) );
-    /* number of bytes in the derived secret */
-    len = mp_unsigned_octet_size(&ZZ);
-    /* allocate a buffer which can hold the entire derived secret. */
-    secret = PORT_Alloc(len);
-    /* grab the derived secret */
-    err = mp_to_unsigned_octets(&ZZ, secret, len);
-    if (err >= 0) err = MP_OKAY;
-    /* Take minimum of bytes requested and bytes in derived secret,
-    ** if maxOutBytes is 0 take all of the bytes from the derived secret.
-    */
-    if (maxOutBytes > 0)
-	nb = PR_MIN(len, maxOutBytes);
-    else
-	nb = len;
-    SECITEM_AllocItem(NULL, derivedSecret, nb);
-    memcpy(derivedSecret->data, secret, nb);
-cleanup:
-    mp_clear(&p);
-    mp_clear(&Xa);
-    mp_clear(&Yb);
-    mp_clear(&ZZ);
-    if (secret) {
-	/* free the buffer allocated for the full secret. */
-	PORT_ZFree(secret, len);
-    }
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	if (derivedSecret->data) 
-	    PORT_ZFree(derivedSecret->data, derivedSecret->len);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-KEA_Derive(SECItem *prime, 
-           SECItem *public1, 
-           SECItem *public2, 
-           SECItem *private1, 
-           SECItem *private2,
-           SECItem *derivedSecret)
-{
-    mp_int p, Y, R, r, x, t, u, w;
-    mp_err err;
-    unsigned char *secret = NULL;
-    unsigned int len = 0, offset;
-    if (!prime || !public1 || !public2 || !private1 || !private2 ||
-        !derivedSecret) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    memset(derivedSecret, 0, sizeof *derivedSecret);
-    MP_DIGITS(&p) = 0;
-    MP_DIGITS(&Y) = 0;
-    MP_DIGITS(&R) = 0;
-    MP_DIGITS(&r) = 0;
-    MP_DIGITS(&x) = 0;
-    MP_DIGITS(&t) = 0;
-    MP_DIGITS(&u) = 0;
-    MP_DIGITS(&w) = 0;
-    CHECK_MPI_OK( mp_init(&p) );
-    CHECK_MPI_OK( mp_init(&Y) );
-    CHECK_MPI_OK( mp_init(&R) );
-    CHECK_MPI_OK( mp_init(&r) );
-    CHECK_MPI_OK( mp_init(&x) );
-    CHECK_MPI_OK( mp_init(&t) );
-    CHECK_MPI_OK( mp_init(&u) );
-    CHECK_MPI_OK( mp_init(&w) );
-    SECITEM_TO_MPINT(*prime,    &p);
-    SECITEM_TO_MPINT(*public1,  &Y);
-    SECITEM_TO_MPINT(*public2,  &R);
-    SECITEM_TO_MPINT(*private1, &r);
-    SECITEM_TO_MPINT(*private2, &x);
-    /* t = DH(Y, r, p) = Y ** r mod p */
-    CHECK_MPI_OK( mp_exptmod(&Y, &r, &p, &t) );
-    /* u = DH(R, x, p) = R ** x mod p */
-    CHECK_MPI_OK( mp_exptmod(&R, &x, &p, &u) );
-    /* w = (t + u) mod p */
-    CHECK_MPI_OK( mp_addmod(&t, &u, &p, &w) );
-    /* allocate a buffer for the full derived secret */
-    len = mp_unsigned_octet_size(&w);
-    secret = PORT_Alloc(len);
-    /* grab the secret */
-    err = mp_to_unsigned_octets(&w, secret, len);
-    if (err > 0) err = MP_OKAY;
-    /* allocate output buffer */
-    SECITEM_AllocItem(NULL, derivedSecret, KEA_DERIVED_SECRET_LEN);
-    memset(derivedSecret->data, 0, derivedSecret->len);
-    /* copy in the 128 lsb of the secret */
-    if (len >= KEA_DERIVED_SECRET_LEN) {
-	memcpy(derivedSecret->data, secret + (len - KEA_DERIVED_SECRET_LEN),
-	       KEA_DERIVED_SECRET_LEN);
-    } else {
-	offset = KEA_DERIVED_SECRET_LEN - len;
-	memcpy(derivedSecret->data + offset, secret, len);
-    }
-cleanup:
-    mp_clear(&p);
-    mp_clear(&Y);
-    mp_clear(&R);
-    mp_clear(&r);
-    mp_clear(&x);
-    mp_clear(&t);
-    mp_clear(&u);
-    mp_clear(&w);
-    if (secret)
-	PORT_ZFree(secret, len);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-PRBool 
-KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
-{
-    mp_int p, q, y, r;
-    mp_err err;
-    int cmp = 1;  /* default is false */
-    if (!Y || !prime || !subPrime) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    MP_DIGITS(&p) = 0;
-    MP_DIGITS(&q) = 0;
-    MP_DIGITS(&y) = 0;
-    MP_DIGITS(&r) = 0;
-    CHECK_MPI_OK( mp_init(&p) );
-    CHECK_MPI_OK( mp_init(&q) );
-    CHECK_MPI_OK( mp_init(&y) );
-    CHECK_MPI_OK( mp_init(&r) );
-    SECITEM_TO_MPINT(*prime,    &p);
-    SECITEM_TO_MPINT(*subPrime, &q);
-    SECITEM_TO_MPINT(*Y,        &y);
-    /* compute r = y**q mod p */
-    CHECK_MPI_OK( mp_exptmod(&y, &q, &p, &r) );
-    /* compare to 1 */
-    cmp = mp_cmp_d(&r, 1);
-cleanup:
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&y);
-    mp_clear(&r);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	return PR_FALSE;
-    }
-    return (cmp == 0) ? PR_TRUE : PR_FALSE;
-}
diff --git a/security/nss/lib/freebl/dh_bsf.c b/security/nss/lib/freebl/dh_bsf.c
deleted file mode 100644
index f366363bf..000000000
--- a/security/nss/lib/freebl/dh_bsf.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "blapi.h"
-
-SECStatus 
-DH_GenParam(int primeLen, DHParams ** params)
-{
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-	return SECFailure;
-}
-
-SECStatus 
-DH_NewKey(DHParams *           params, 
-          DHPrivateKey **      privKey)
-{
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-	return SECFailure;
-}
-
-SECStatus 
-DH_Derive(SECItem *    publicValue, 
-          SECItem *    prime, 
-          SECItem *    privateValue, 
-          SECItem *    derivedSecret,
-          unsigned int maxOutBytes)
-{
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-	return SECFailure;
-}
-
-SECStatus 
-KEA_Derive(SECItem *prime, 
-           SECItem *public1, 
-           SECItem *public2, 
-           SECItem *private1, 
-           SECItem *private2,
-           SECItem *derivedSecret)
-{
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-	return SECFailure;
-}
-
-PRBool 
-KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
-{
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-	return PR_FALSE;
-}
diff --git a/security/nss/lib/freebl/dsa.c b/security/nss/lib/freebl/dsa.c
deleted file mode 100644
index 63a5e08b3..000000000
--- a/security/nss/lib/freebl/dsa.c
+++ /dev/null
@@ -1,415 +0,0 @@
-/*
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "nssilock.h"
-#include "secitem.h"
-#include "blapi.h"
-#include "mpi.h"
-
- /* XXX to be replaced by define in blapit.h */
-#define NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE 2048
-
-#define CHECKOK(func) if (MP_OKAY > (err = func)) goto cleanup
-
-#define SECITEM_TO_MPINT(it, mp) \
-    CHECKOK(mp_read_unsigned_octets((mp), (it).data, (it).len))
-
-/* DSA-specific random number functions defined in prng_fips1861.c. */
-extern SECStatus 
-DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q);
-
-extern SECStatus 
-DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q);
-
-static void translate_mpi_error(mp_err err)
-{
-    switch (err) {
-    case MP_MEM:    PORT_SetError(SEC_ERROR_NO_MEMORY);       break;
-    case MP_RANGE:  PORT_SetError(SEC_ERROR_BAD_DATA);        break;
-    case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS);    break;
-    default:        PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break;
-    }
-}
-
-SECStatus 
-dsa_NewKey(const PQGParams *params, DSAPrivateKey **privKey, 
-           const unsigned char *xb)
-{
-    unsigned int y_len;
-    mp_int p, g;
-    mp_int x, y;
-    mp_err err;
-    PRArenaPool *arena;
-    DSAPrivateKey *key;
-    /* Check args. */
-    if (!params || !privKey) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* Initialize an arena for the DSA key. */
-    arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE);
-    if (!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
-    if (!key) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(arena, PR_TRUE);
-	return SECFailure;
-    }
-    key->params.arena = arena;
-    /* Initialize MPI integers. */
-    MP_DIGITS(&p) = 0;
-    MP_DIGITS(&g) = 0;
-    MP_DIGITS(&x) = 0;
-    MP_DIGITS(&y) = 0;
-    CHECKOK( mp_init(&p) );
-    CHECKOK( mp_init(&g) );
-    CHECKOK( mp_init(&x) );
-    CHECKOK( mp_init(&y) );
-    /* Copy over the PQG params */
-    CHECKOK( SECITEM_CopyItem(arena, &key->params.prime, &params->prime) );
-    CHECKOK( SECITEM_CopyItem(arena, &key->params.subPrime, &params->subPrime));
-    CHECKOK( SECITEM_CopyItem(arena, &key->params.base, &params->base) );
-    /* Convert stored p, g, and received x into MPI integers. */
-    SECITEM_TO_MPINT(params->prime, &p);
-    SECITEM_TO_MPINT(params->base,  &g);
-    CHECKOK( mp_read_unsigned_octets(&x, xb, DSA_SUBPRIME_LEN) );
-    /* Store x in private key */
-    SECITEM_AllocItem(arena, &key->privateValue, DSA_SUBPRIME_LEN);
-    memcpy(key->privateValue.data, xb, DSA_SUBPRIME_LEN);
-    /* Compute public key y = g**x mod p */
-    CHECKOK( mp_exptmod(&g, &x, &p, &y) );
-    /* Store y in public key */
-    y_len = mp_unsigned_octet_size(&y);
-    SECITEM_AllocItem(arena, &key->publicValue, y_len);
-    err = mp_to_unsigned_octets(&y, key->publicValue.data, y_len);
-    /*   mp_to_unsigned_octets returns bytes written (y_len) if okay */
-    if (err < 0) goto cleanup; else err = MP_OKAY;
-    *privKey = key;
-    key = NULL;
-cleanup:
-    mp_clear(&p);
-    mp_clear(&g);
-    mp_clear(&x);
-    mp_clear(&y);
-    if (key)
-	PORT_FreeArena(key->params.arena, PR_TRUE);
-    if (err) {
-	translate_mpi_error(err);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
-** Generate and return a new DSA public and private key pair,
-**	both of which are encoded into a single DSAPrivateKey struct.
-**	"params" is a pointer to the PQG parameters for the domain
-**	Uses a random seed.
-*/
-SECStatus 
-DSA_NewKey(const PQGParams *params, DSAPrivateKey **privKey)
-{
-    SECStatus rv;
-    unsigned char seed[DSA_SUBPRIME_LEN];
-    /* Generate seed bytes for x according to FIPS 186-1 appendix 3 */
-    if (DSA_GenerateGlobalRandomBytes(seed, DSA_SUBPRIME_LEN, 
-                                      params->subPrime.data))
-	return SECFailure;
-    /* Generate a new DSA key using random seed. */
-    rv = dsa_NewKey(params, privKey, seed);
-    return rv;
-}
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes long */
-SECStatus 
-DSA_NewKeyFromSeed(const PQGParams *params, 
-                   const unsigned char *seed,
-                   DSAPrivateKey **privKey)
-{
-    SECStatus rv;
-    rv = dsa_NewKey(params, privKey, seed);
-    return rv;
-}
-
-SECStatus 
-dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest,
-               const unsigned char *kb)
-{
-    mp_int p, q, g;  /* PQG parameters */
-    mp_int x, k;     /* private key & pseudo-random integer */
-    mp_int r, s;     /* tuple (r, s) is signature) */
-    mp_err err;
-
-    /* FIPS-compliance dictates that digest is a SHA1 hash. */
-    /* Check args. */
-    if (!key || !signature || !digest ||
-        (signature->len != DSA_SIGNATURE_LEN) ||
-	(digest->len != SHA1_LENGTH)) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* Initialize MPI integers. */
-    MP_DIGITS(&p) = 0;
-    MP_DIGITS(&q) = 0;
-    MP_DIGITS(&g) = 0;
-    MP_DIGITS(&x) = 0;
-    MP_DIGITS(&k) = 0;
-    MP_DIGITS(&r) = 0;
-    MP_DIGITS(&s) = 0;
-    CHECKOK( mp_init(&p) );
-    CHECKOK( mp_init(&q) );
-    CHECKOK( mp_init(&g) );
-    CHECKOK( mp_init(&x) );
-    CHECKOK( mp_init(&k) );
-    CHECKOK( mp_init(&r) );
-    CHECKOK( mp_init(&s) );
-    /*
-    ** Convert stored PQG and private key into MPI integers.
-    */
-    SECITEM_TO_MPINT(key->params.prime,    &p);
-    SECITEM_TO_MPINT(key->params.subPrime, &q);
-    SECITEM_TO_MPINT(key->params.base,     &g);
-    SECITEM_TO_MPINT(key->privateValue,    &x);
-    CHECKOK( mp_read_unsigned_octets(&k, kb, DSA_SUBPRIME_LEN) );
-    /*
-    ** FIPS 186-1, Section 5, Step 1
-    **
-    ** r = (g**k mod p) mod q
-    */
-    CHECKOK( mp_exptmod(&g, &k, &p, &r) ); /* r = g**k mod p */
-    CHECKOK(     mp_mod(&r, &q, &r) );     /* r = r mod q    */
-    /*                                  
-    ** FIPS 186-1, Section 5, Step 2
-    **
-    ** s = (k**-1 * (SHA1(M) + x*r)) mod q
-    */
-    SECITEM_TO_MPINT(*digest, &s);         /* s = SHA1(M)     */
-    CHECKOK( mp_invmod(&k, &q, &k) );      /* k = k**-1 mod q */
-    CHECKOK( mp_mulmod(&x, &r, &q, &x) );  /* x = x * r mod q */
-    CHECKOK( mp_addmod(&s, &x, &q, &s) );  /* s = s + x mod q */
-    CHECKOK( mp_mulmod(&s, &k, &q, &s) );  /* s = s * k mod q */
-    /*
-    ** verify r != 0 and s != 0
-    ** mentioned as optional in FIPS 186-1.
-    */
-    if (mp_cmp_z(&r) == 0 || mp_cmp_z(&s) == 0) {
-	PORT_SetError(SEC_ERROR_NEED_RANDOM);
-	err = MP_UNDEF;
-	goto cleanup;
-    }
-    /*
-    ** Step 4
-    **
-    ** Signature is tuple (r, s)
-    */
-    err = mp_to_fixlen_octets(&r, signature->data, DSA_SUBPRIME_LEN);
-    if (err < 0) goto cleanup; else err = MP_OKAY;
-    err = mp_to_fixlen_octets(&s, signature->data + DSA_SUBPRIME_LEN, 
-                                  DSA_SUBPRIME_LEN);
-    if (err < 0) goto cleanup; else err = MP_OKAY;
-cleanup:
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&g);
-    mp_clear(&x);
-    mp_clear(&k);
-    mp_clear(&r);
-    mp_clear(&s);
-    if (err) {
-	translate_mpi_error(err);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input,  signature->len == size of buffer to hold signature.
-**            digest->len    == size of digest.
-** On output, signature->len == size of signature in buffer.
-** Uses a random seed.
-*/
-SECStatus 
-DSA_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest)
-{
-    SECStatus rv;
-    int prerr = 0;
-    unsigned char KSEED[DSA_SUBPRIME_LEN];
-    rv = DSA_GenerateGlobalRandomBytes(KSEED, DSA_SUBPRIME_LEN, 
-                                       key->params.subPrime.data);
-    if (rv) return rv;
-    do {
-	rv = dsa_SignDigest(key, signature, digest, KSEED);
-	if (rv) prerr = PORT_GetError();
-    } while (prerr == SEC_ERROR_NEED_RANDOM);
-    return rv;
-}
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
-SECStatus 
-DSA_SignDigestWithSeed(DSAPrivateKey * key,
-                       SECItem *       signature,
-                       const SECItem * digest,
-                       const unsigned char * seed)
-{
-    SECStatus rv;
-    rv = dsa_SignDigest(key, signature, digest, seed);
-    return rv;
-}
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input,  signature->len == size of buffer to hold signature.
-**            digest->len    == size of digest.
-*/
-SECStatus 
-DSA_VerifyDigest(DSAPublicKey *key, const SECItem *signature, 
-                 const SECItem *digest)
-{
-    /* FIPS-compliance dictates that digest is a SHA1 hash. */
-    mp_int p, q, g;      /* PQG parameters */
-    mp_int r_, s_;       /* tuple (r', s') is received signature) */
-    mp_int u1, u2, v, w; /* intermediate values used in verification */
-    mp_int y;            /* public key */
-    mp_err err;
-    SECStatus verified = SECFailure;
-
-    /* Check args. */
-    if (!key || !signature || !digest ||
-        (signature->len != DSA_SIGNATURE_LEN) ||
-	(digest->len != SHA1_LENGTH)) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* Initialize MPI integers. */
-    MP_DIGITS(&p)  = 0;
-    MP_DIGITS(&q)  = 0;
-    MP_DIGITS(&g)  = 0;
-    MP_DIGITS(&y)  = 0;
-    MP_DIGITS(&r_) = 0;
-    MP_DIGITS(&s_) = 0;
-    MP_DIGITS(&u1) = 0;
-    MP_DIGITS(&u2) = 0;
-    MP_DIGITS(&v)  = 0;
-    MP_DIGITS(&w)  = 0;
-    CHECKOK( mp_init(&p)  );
-    CHECKOK( mp_init(&q)  );
-    CHECKOK( mp_init(&g)  );
-    CHECKOK( mp_init(&y)  );
-    CHECKOK( mp_init(&r_) );
-    CHECKOK( mp_init(&s_) );
-    CHECKOK( mp_init(&u1) );
-    CHECKOK( mp_init(&u2) );
-    CHECKOK( mp_init(&v)  );
-    CHECKOK( mp_init(&w)  );
-    /*
-    ** Convert stored PQG and public key into MPI integers.
-    */
-    SECITEM_TO_MPINT(key->params.prime,    &p);
-    SECITEM_TO_MPINT(key->params.subPrime, &q);
-    SECITEM_TO_MPINT(key->params.base,     &g);
-    SECITEM_TO_MPINT(key->publicValue,     &y);
-    /*
-    ** Convert received signature (r', s') into MPI integers.
-    */
-    CHECKOK( mp_read_unsigned_octets(&r_, signature->data, DSA_SUBPRIME_LEN) );
-    CHECKOK( mp_read_unsigned_octets(&s_, signature->data + DSA_SUBPRIME_LEN, 
-                                          DSA_SUBPRIME_LEN) );
-    /*
-    ** Verify that 0 < r' < q and 0 < s' < q
-    */
-    if (mp_cmp_z(&r_) <= 0 || mp_cmp_z(&s_) <= 0 ||
-        mp_cmp(&r_, &q) >= 0 || mp_cmp(&s_, &q) >= 0)
-	goto cleanup; /* will return verified == SECFailure */
-    /*
-    ** FIPS 186-1, Section 6, Step 1
-    **
-    ** w = (s')**-1 mod q
-    */
-    CHECKOK( mp_invmod(&s_, &q, &w) );      /* w = (s')**-1 mod q */
-    /*
-    ** FIPS 186-1, Section 6, Step 2
-    **
-    ** u1 = ((SHA1(M')) * w) mod q
-    */
-    SECITEM_TO_MPINT(*digest, &u1);         /* u1 = SHA1(M')     */
-    CHECKOK( mp_mulmod(&u1, &w, &q, &u1) ); /* u1 = u1 * w mod q */
-    /*
-    ** FIPS 186-1, Section 6, Step 3
-    **
-    ** u2 = ((r') * w) mod q
-    */
-    CHECKOK( mp_mulmod(&r_, &w, &q, &u2) );
-    /*
-    ** FIPS 186-1, Section 6, Step 4
-    **
-    ** v = ((g**u1 * y**u2) mod p) mod q
-    */
-    CHECKOK( mp_exptmod(&g, &u1, &p, &g) ); /* g = g**u1 mod p */
-    CHECKOK( mp_exptmod(&y, &u2, &p, &y) ); /* y = y**u2 mod p */
-    CHECKOK(  mp_mulmod(&g, &y, &p, &v)  ); /* v = g * y mod p */
-    CHECKOK(     mp_mod(&v, &q, &v)      ); /* v = v mod q     */
-    /*
-    ** Verification:  v == r'
-    */
-    if (mp_cmp(&v, &r_)) {
-	PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-	verified = SECFailure; /* Signature failed to verify. */
-    } else {
-	verified = SECSuccess; /* Signature verified. */
-    }
-cleanup:
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&g);
-    mp_clear(&y);
-    mp_clear(&r_);
-    mp_clear(&s_);
-    mp_clear(&u1);
-    mp_clear(&u2);
-    mp_clear(&v);
-    mp_clear(&w);
-    if (err) {
-	translate_mpi_error(err);
-    }
-    return verified;
-}
diff --git a/security/nss/lib/freebl/fblstdlib.c b/security/nss/lib/freebl/fblstdlib.c
deleted file mode 100755
index 7aeb8efef..000000000
--- a/security/nss/lib/freebl/fblstdlib.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <plstr.h>
-#include "aglobal.h"
-#include "bsafe.h"
-#include "secport.h"
-
-void CALL_CONV T_memset (p, c, count)
-POINTER p;
-int c;
-unsigned int count;
-{
-	if (count >= 0)
-		memset(p, c, count);
-}
-
-void CALL_CONV T_memcpy (d, s, count)
-POINTER d, s;
-unsigned int count;
-{
-	if (count >= 0)
-		memcpy(d, s, count);
-}
-
-void CALL_CONV T_memmove (d, s, count)
-POINTER d, s;
-unsigned int count;
-{
-	if (count >= 0)
-		PORT_Memmove(d, s, count);
-}
-
-int CALL_CONV T_memcmp (s1, s2, count)
-POINTER s1, s2;
-unsigned int count;
-{
-	if (count == 0)
-		return (0);
-	else
-		return(memcmp(s1, s2, count));
-}
-
-POINTER CALL_CONV T_malloc (size)
-unsigned int size;
-{
-	return((POINTER)PORT_Alloc(size == 0 ? 1 : size));
-}
-
-POINTER CALL_CONV T_realloc (p, size)
-POINTER p;
-unsigned int size;
-{
-	POINTER result;
-  
-	if (p == NULL_PTR)
-		return (T_malloc(size));
-
-	if ((result = (POINTER)PORT_Realloc(p, size == 0 ? 1 : size)) == NULL_PTR)
-		PORT_Free(p);
-  return (result);
-}
-
-void CALL_CONV T_free (p)
-POINTER p;
-{
-	if (p != NULL_PTR)
-		PORT_Free(p);
-}
-
-unsigned int CALL_CONV T_strlen(p)
-char *p;
-{
-    return PL_strlen(p);
-}
-
-void CALL_CONV T_strcpy(dest, src)
-char *dest;
-char *src;
-{
-    PL_strcpy(dest, src);
-}
-
-int CALL_CONV T_strcmp (a, b)
-char *a, *b;
-{
-  return (PL_strcmp (a, b));
-}
diff --git a/security/nss/lib/freebl/ldvector.c b/security/nss/lib/freebl/ldvector.c
deleted file mode 100644
index ef97116e3..000000000
--- a/security/nss/lib/freebl/ldvector.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * ldvector.c - platform dependent DSO containing freebl implementation.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "loader.h"
-
-static const struct FREEBLVectorStr vector = {
-
-    sizeof vector,
-    FREEBL_VERSION,
-
-    RSA_NewKey,
-    RSA_PublicKeyOp,
-    RSA_PrivateKeyOp,
-    DSA_NewKey,
-    DSA_SignDigest,
-    DSA_VerifyDigest,
-    DSA_NewKeyFromSeed,
-    DSA_SignDigestWithSeed,
-    DH_GenParam,
-    DH_NewKey,
-    DH_Derive,
-    KEA_Derive,
-    KEA_Verify,
-    RC4_CreateContext,
-    RC4_DestroyContext,
-    RC4_Encrypt,
-    RC4_Decrypt,
-    RC2_CreateContext,
-    RC2_DestroyContext,
-    RC2_Encrypt,
-    RC2_Decrypt,
-    RC5_CreateContext,
-    RC5_DestroyContext,
-    RC5_Encrypt,
-    RC5_Decrypt,
-    DES_CreateContext,
-    DES_DestroyContext,
-    DES_Encrypt,
-    DES_Decrypt,
-    AES_CreateContext,
-    AES_DestroyContext,
-    AES_Encrypt,
-    AES_Decrypt,
-    MD5_Hash,
-    MD5_HashBuf,
-    MD5_NewContext,
-    MD5_DestroyContext,
-    MD5_Begin,
-    MD5_Update,
-    MD5_End,
-    MD5_FlattenSize,
-    MD5_Flatten,
-    MD5_Resurrect,
-    MD5_TraceState,
-    MD2_Hash,
-    MD2_NewContext,
-    MD2_DestroyContext,
-    MD2_Begin,
-    MD2_Update,
-    MD2_End,
-    MD2_FlattenSize,
-    MD2_Flatten,
-    MD2_Resurrect,
-    SHA1_Hash,
-    SHA1_HashBuf,
-    SHA1_NewContext,
-    SHA1_DestroyContext,
-    SHA1_Begin,
-    SHA1_Update,
-    SHA1_End,
-    SHA1_TraceState,
-    SHA1_FlattenSize,
-    SHA1_Flatten,
-    SHA1_Resurrect,
-    RNG_RNGInit,
-    RNG_RandomUpdate,
-    RNG_GenerateGlobalRandomBytes,
-    RNG_RNGShutdown,
-    PQG_ParamGen,
-    PQG_ParamGenSeedLen,
-    PQG_VerifyParams,
-    RSA_PrivateKeyOpDoubleChecked,
-    RSA_PrivateKeyCheck,
-    BL_Cleanup,
-};
-
-
-const FREEBLVector * 
-FREEBL_GetVector(void)
-{
-  return &vector;
-}
-
diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c
deleted file mode 100644
index c1045faef..000000000
--- a/security/nss/lib/freebl/loader.c
+++ /dev/null
@@ -1,959 +0,0 @@
-/*
- * loader.c - load platform dependent DSO containing freebl implementation.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "loader.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "prinit.h"
-
-#if defined(SOLARIS)
-#include <stddef.h>
-#include <strings.h>
-#include <sys/systeminfo.h>
-#if defined(SOLARIS2_5)
-static int
-isHybrid(void)
-{
-    long buflen;
-    int  rv             = 0;    /* false */
-    char buf[256];
-    buflen = sysinfo(SI_MACHINE, buf, sizeof buf);
-    if (buflen > 0) {
-        rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1"));
-    }
-    return rv;
-}
-#else   /* SunOS2.6or higher has SI_ISALIST */
-
-static int
-isHybrid(void)
-{
-    long buflen;
-    int  rv             = 0;    /* false */
-    char buf[256];
-    buflen = sysinfo(SI_ISALIST, buf, sizeof buf);
-    if (buflen > 0) {
-#if defined(NSS_USE_64)
-        char * found = strstr(buf, "sparcv9+vis");
-#else
-        char * found = strstr(buf, "sparcv8plus+vis");
-#endif
-        rv = (found != 0);
-    }
-    return rv;
-}
-#endif
-#elif defined(HPUX)
-/* This code tests to see if we're running on a PA2.x CPU.
-** It returns true (1) if so, and false (0) otherwise.
-*/
-static int 
-isHybrid(void)
-{
-    long cpu = sysconf(_SC_CPU_VERSION);
-    return (cpu == CPU_PA_RISC2_0);
-}
-
-#else
-#error "code for this platform is missing."
-#endif
-
-/*
- * On Solaris, if an application using libnss3.so is linked
- * with the -R linker option, the -R search patch is only used
- * to search for the direct dependencies of the application
- * (such as libnss3.so) and is not used to search for the
- * dependencies of libnss3.so.  So we build libnss3.so with
- * the -R '$ORIGIN' linker option to instruct it to search for
- * its dependencies (libfreebl_*.so) in the same directory
- * where it resides.  This requires that libnss3.so, not
- * libnspr4.so, be the shared library that calls dlopen().
- * Therefore we have to duplicate the relevant code in the PR
- * load library functions here.
- */
-
-#if defined(SOLARIS)
-
-#include <dlfcn.h>
-
-typedef struct {
-    void *dlh;
-} BLLibrary;
-
-static BLLibrary *
-bl_LoadLibrary(const char *name)
-{
-    BLLibrary *lib;
-    const char *error;
-
-    lib = PR_NEWZAP(BLLibrary);
-    if (NULL == lib) {
-        PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
-        return NULL;
-    }
-    lib->dlh = dlopen(name, RTLD_NOW | RTLD_LOCAL);
-    if (NULL == lib->dlh) {
-        PR_SetError(PR_LOAD_LIBRARY_ERROR, 0);
-        error = dlerror();
-        if (NULL != error)
-            PR_SetErrorText(strlen(error), error);
-        PR_Free(lib);
-        return NULL;
-    }
-    return lib;
-}
-
-static void *
-bl_FindSymbol(BLLibrary *lib, const char *name)
-{
-    void *f;
-    const char *error;
-
-    f = dlsym(lib->dlh, name);
-    if (NULL == f) {
-        PR_SetError(PR_FIND_SYMBOL_ERROR, 0);
-        error = dlerror();
-        if (NULL != error)
-            PR_SetErrorText(strlen(error), error);
-    }
-    return f;
-}
-
-static PRStatus
-bl_UnloadLibrary(BLLibrary *lib)
-{
-    const char *error;
-
-    if (dlclose(lib->dlh) == -1) {
-        PR_SetError(PR_UNLOAD_LIBRARY_ERROR, 0);
-        error = dlerror();
-        if (NULL != error)
-            PR_SetErrorText(strlen(error), error);
-        return PR_FAILURE;
-    }
-    PR_Free(lib);
-    return PR_SUCCESS;
-}
-
-#elif defined(HPUX)
-
-#include <dl.h>
-#include <string.h>
-#include <errno.h>
-
-typedef struct {
-    shl_t dlh;
-} BLLibrary;
-
-static BLLibrary *
-bl_LoadLibrary(const char *name)
-{
-    BLLibrary *lib;
-    const char *error;
-
-    lib = PR_NEWZAP(BLLibrary);
-    if (NULL == lib) {
-        PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
-        return NULL;
-    }
-    lib->dlh = shl_load(name, DYNAMIC_PATH | BIND_IMMEDIATE, 0L);
-    if (NULL == lib->dlh) {
-        PR_SetError(PR_LOAD_LIBRARY_ERROR, errno);
-        error = strerror(errno);
-        if (NULL != error)
-            PR_SetErrorText(strlen(error), error);
-        PR_Free(lib);
-        return NULL;
-    }
-    return lib;
-}
-
-static void *
-bl_FindSymbol(BLLibrary *lib, const char *name)
-{
-    void *f;
-    const char *error;
-
-    if (shl_findsym(&lib->dlh, name, TYPE_PROCEDURE, &f) == -1) {
-        f = NULL;
-        PR_SetError(PR_FIND_SYMBOL_ERROR, errno);
-        error = strerror(errno);
-        if (NULL != error)
-            PR_SetErrorText(strlen(error), error);
-    }
-    return f;
-}
-
-static PRStatus
-bl_UnloadLibrary(BLLibrary *lib)
-{
-    const char *error;
-
-    if (shl_unload(lib->dlh) == -1) {
-        PR_SetError(PR_UNLOAD_LIBRARY_ERROR, errno);
-        error = strerror(errno);
-        if (NULL != error)
-            PR_SetErrorText(strlen(error), error);
-        return PR_FAILURE;
-    }
-    PR_Free(lib);
-    return PR_SUCCESS;
-}
-
-#else
-#error "code for this platform is missing."
-#endif
-
-#define LSB(x) ((x)&0xff)
-#define MSB(x) ((x)>>8)
-
-static const FREEBLVector *vector;
-
-/* This function must be run only once. */
-/*  determine if hybrid platform, then actually load the DSO. */
-static PRStatus
-freebl_LoadDSO( void ) 
-{
-  int          hybrid   = isHybrid();
-  BLLibrary *  handle;
-  const char * name;
-
-  name = hybrid ?
-#if defined( AIX )
-	       "libfreebl_hybrid_3_shr.a" : "libfreebl_pure32_3_shr.a";
-#elif defined( HPUX )
-               "libfreebl_hybrid_3.sl"    : "libfreebl_pure32_3.sl";
-#else
-               "libfreebl_hybrid_3.so"    : "libfreebl_pure32_3.so";
-#endif
-
-  handle = bl_LoadLibrary(name);
-  if (handle) {
-    void * address = bl_FindSymbol(handle, "FREEBL_GetVector");
-    if (address) {
-      FREEBLGetVectorFn  * getVector = (FREEBLGetVectorFn *)address;
-      const FREEBLVector * dsoVector = getVector();
-      if (dsoVector) {
-	unsigned short dsoVersion = dsoVector->version;
-	unsigned short  myVersion = FREEBL_VERSION;
-	if (MSB(dsoVersion) == MSB(myVersion) && 
-	    LSB(dsoVersion) >= LSB(myVersion) &&
-	    dsoVector->length >= sizeof(FREEBLVector)) {
-	  vector = dsoVector;
-	  return PR_SUCCESS;
-	}
-      }
-    }
-    bl_UnloadLibrary(handle);
-  }
-  return PR_FAILURE;
-}
-
-static PRStatus
-freebl_RunLoaderOnce( void )
-{
-  PRStatus status;
-  static PRCallOnceType once;
-
-  status = PR_CallOnce(&once, &freebl_LoadDSO);
-  return status;
-}
-
-
-RSAPrivateKey * 
-RSA_NewKey(int keySizeInBits, SECItem * publicExponent)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_RSA_NewKey)(keySizeInBits, publicExponent);
-}
-
-SECStatus 
-RSA_PublicKeyOp(RSAPublicKey *   key,
-				 unsigned char *  output,
-				 const unsigned char *  input)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RSA_PublicKeyOp)(key, output, input);
-}
-
-SECStatus 
-RSA_PrivateKeyOp(RSAPrivateKey *  key,
-				  unsigned char *  output,
-				  const unsigned char *  input)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RSA_PrivateKeyOp)(key, output, input);
-}
-
-SECStatus
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
-                              unsigned char *output,
-                              const unsigned char *input)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RSA_PrivateKeyOpDoubleChecked)(key, output, input);
-}
-
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RSA_PrivateKeyCheck)(key);
-}
-
-SECStatus 
-DSA_NewKey(const PQGParams * params, DSAPrivateKey ** privKey)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DSA_NewKey)(params, privKey);
-}
-
-SECStatus 
-DSA_SignDigest(DSAPrivateKey * key, SECItem * signature, const SECItem * digest)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DSA_SignDigest)( key,  signature,  digest);
-}
-
-SECStatus 
-DSA_VerifyDigest(DSAPublicKey * key, const SECItem * signature, 
-                 const SECItem * digest)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DSA_VerifyDigest)( key,  signature,  digest);
-}
-
-SECStatus 
-DSA_NewKeyFromSeed(const PQGParams *params, const unsigned char * seed,
-                   DSAPrivateKey **privKey)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DSA_NewKeyFromSeed)(params,  seed, privKey);
-}
-
-SECStatus 
-DSA_SignDigestWithSeed(DSAPrivateKey * key, SECItem * signature,
-		       const SECItem * digest, const unsigned char * seed)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DSA_SignDigestWithSeed)( key, signature, digest, seed);
-}
-
-SECStatus 
-DH_GenParam(int primeLen, DHParams ** params)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DH_GenParam)(primeLen, params);
-}
-
-SECStatus 
-DH_NewKey(DHParams * params, DHPrivateKey ** privKey)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DH_NewKey)( params, privKey);
-}
-
-SECStatus 
-DH_Derive(SECItem * publicValue, SECItem * prime, SECItem * privateValue, 
-			 SECItem * derivedSecret, unsigned int maxOutBytes)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DH_Derive)( publicValue, prime, privateValue, 
-				derivedSecret, maxOutBytes);
-}
-
-SECStatus 
-KEA_Derive(SECItem *prime, SECItem *public1, SECItem *public2, 
-	   SECItem *private1, SECItem *private2, SECItem *derivedSecret)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_KEA_Derive)(prime, public1, public2, 
-	                        private1, private2, derivedSecret);
-}
-
-PRBool 
-KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return PR_FALSE;
-  return (vector->p_KEA_Verify)(Y, prime, subPrime);
-}
-
-RC4Context *
-RC4_CreateContext(unsigned char *key, int len)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_RC4_CreateContext)(key, len);
-}
-
-void 
-RC4_DestroyContext(RC4Context *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_RC4_DestroyContext)(cx, freeit);
-}
-
-SECStatus 
-RC4_Encrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RC4_Encrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-SECStatus 
-RC4_Decrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RC4_Decrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-RC2Context *
-RC2_CreateContext(unsigned char *key, unsigned int len,
-		  unsigned char *iv, int mode, unsigned effectiveKeyLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_RC2_CreateContext)(key, len, iv, mode, effectiveKeyLen);
-}
-
-void 
-RC2_DestroyContext(RC2Context *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_RC2_DestroyContext)(cx, freeit);
-}
-
-SECStatus 
-RC2_Encrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RC2_Encrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-SECStatus 
-RC2_Decrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RC2_Decrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-RC5Context *
-RC5_CreateContext(SECItem *key, unsigned int rounds,
-                     unsigned int wordSize, unsigned char *iv, int mode)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_RC5_CreateContext)(key, rounds, wordSize, iv, mode);
-}
-
-void 
-RC5_DestroyContext(RC5Context *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_RC5_DestroyContext)(cx, freeit);
-}
-
-SECStatus 
-RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RC5_Encrypt)(cx, output, outputLen, maxOutputLen, input, 
-				 inputLen);
-}
-
-SECStatus 
-RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RC5_Decrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-DESContext *
-DES_CreateContext(unsigned char *key, unsigned char *iv,
-				     int mode, PRBool encrypt)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_DES_CreateContext)(key, iv, mode, encrypt);
-}
-
-void 
-DES_DestroyContext(DESContext *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_DES_DestroyContext)(cx, freeit);
-}
-
-SECStatus 
-DES_Encrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DES_Encrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-SECStatus 
-DES_Decrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen, 
-	    unsigned int maxOutputLen, const unsigned char *input, 
-	    unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_DES_Decrypt)(cx, output, outputLen, maxOutputLen, input, 
-	                         inputLen);
-}
-
-AESContext *
-AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt,
-                  unsigned int keylen, unsigned int blocklen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_AES_CreateContext)(key, iv, mode, encrypt, keylen, 
-				       blocklen);
-}
-
-void 
-AES_DestroyContext(AESContext *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_AES_DestroyContext)(cx, freeit);
-}
-
-SECStatus 
-AES_Encrypt(AESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_AES_Encrypt)(cx, output, outputLen, maxOutputLen, 
-				 input, inputLen);
-}
-
-SECStatus 
-AES_Decrypt(AESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_AES_Decrypt)(cx, output, outputLen, maxOutputLen, 
-				 input, inputLen);
-}
-
-SECStatus 
-MD5_Hash(unsigned char *dest, const char *src)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_MD5_Hash)(dest, src);
-}
-
-SECStatus 
-MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_MD5_HashBuf)(dest, src, src_length);
-}
-
-MD5Context *
-MD5_NewContext(void)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_MD5_NewContext)();
-}
-
-void 
-MD5_DestroyContext(MD5Context *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_MD5_DestroyContext)(cx, freeit);
-}
-
-void 
-MD5_Begin(MD5Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_MD5_Begin)(cx);
-}
-
-void 
-MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_MD5_Update)(cx, input, inputLen);
-}
-
-void 
-MD5_End(MD5Context *cx, unsigned char *digest,
-		    unsigned int *digestLen, unsigned int maxDigestLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_MD5_End)(cx, digest, digestLen, maxDigestLen);
-}
-
-unsigned int 
-MD5_FlattenSize(MD5Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return 0;
-  return (vector->p_MD5_FlattenSize)(cx);
-}
-
-SECStatus 
-MD5_Flatten(MD5Context *cx,unsigned char *space)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_MD5_Flatten)(cx, space);
-}
-
-MD5Context * 
-MD5_Resurrect(unsigned char *space, void *arg)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_MD5_Resurrect)(space, arg);
-}
-
-void 
-MD5_TraceState(MD5Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_MD5_TraceState)(cx);
-}
-
-SECStatus 
-MD2_Hash(unsigned char *dest, const char *src)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_MD2_Hash)(dest, src);
-}
-
-MD2Context *
-MD2_NewContext(void)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_MD2_NewContext)();
-}
-
-void 
-MD2_DestroyContext(MD2Context *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_MD2_DestroyContext)(cx, freeit);
-}
-
-void 
-MD2_Begin(MD2Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_MD2_Begin)(cx);
-}
-
-void 
-MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_MD2_Update)(cx, input, inputLen);
-}
-
-void 
-MD2_End(MD2Context *cx, unsigned char *digest,
-		    unsigned int *digestLen, unsigned int maxDigestLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_MD2_End)(cx, digest, digestLen, maxDigestLen);
-}
-
-unsigned int 
-MD2_FlattenSize(MD2Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return 0;
-  return (vector->p_MD2_FlattenSize)(cx);
-}
-
-SECStatus 
-MD2_Flatten(MD2Context *cx,unsigned char *space)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_MD2_Flatten)(cx, space);
-}
-
-MD2Context * 
-MD2_Resurrect(unsigned char *space, void *arg)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_MD2_Resurrect)(space, arg);
-}
-
-
-SECStatus 
-SHA1_Hash(unsigned char *dest, const char *src)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_SHA1_Hash)(dest, src);
-}
-
-SECStatus 
-SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_SHA1_HashBuf)(dest, src, src_length);
-}
-
-SHA1Context *
-SHA1_NewContext(void)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_SHA1_NewContext)();
-}
-
-void 
-SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_SHA1_DestroyContext)(cx, freeit);
-}
-
-void 
-SHA1_Begin(SHA1Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_SHA1_Begin)(cx);
-}
-
-void 
-SHA1_Update(SHA1Context *cx, const unsigned char *input,
-			unsigned int inputLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_SHA1_Update)(cx, input, inputLen);
-}
-
-void 
-SHA1_End(SHA1Context *cx, unsigned char *digest,
-		     unsigned int *digestLen, unsigned int maxDigestLen)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_SHA1_End)(cx, digest, digestLen, maxDigestLen);
-}
-
-void 
-SHA1_TraceState(SHA1Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_SHA1_TraceState)(cx);
-}
-
-unsigned int 
-SHA1_FlattenSize(SHA1Context *cx)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return 0;
-  return (vector->p_SHA1_FlattenSize)(cx);
-}
-
-SECStatus 
-SHA1_Flatten(SHA1Context *cx,unsigned char *space)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_SHA1_Flatten)(cx, space);
-}
-
-SHA1Context * 
-SHA1_Resurrect(unsigned char *space, void *arg)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return NULL;
-  return (vector->p_SHA1_Resurrect)(space, arg);
-}
-
-SECStatus 
-RNG_RNGInit(void)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RNG_RNGInit)();
-}
-
-SECStatus 
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RNG_RandomUpdate)(data, bytes);
-}
-
-SECStatus 
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_RNG_GenerateGlobalRandomBytes)(dest, len);
-}
-
-void  
-RNG_RNGShutdown(void)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return ;
-  (vector->p_RNG_RNGShutdown)();
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_PQG_ParamGen)(j, pParams, pVfy); 
-}
-
-SECStatus
-PQG_ParamGenSeedLen( unsigned int j, unsigned int seedBytes, 
-                     PQGParams **pParams, PQGVerify **pVfy)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_PQG_ParamGenSeedLen)(j, seedBytes, pParams, pVfy);
-}
-
-SECStatus   
-PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy, 
-		 SECStatus *result)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return SECFailure;
-  return (vector->p_PQG_VerifyParams)(params, vfy, result);
-}
-#if 0
-void 
-PQG_DestroyParams(PQGParams *params)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_PQG_DestroyParams)( params);
-}
-
-void 
-PQG_DestroyVerify(PQGVerify *vfy)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_PQG_DestroyVerify)( vfy);
-}
-#endif
-
-void 
-BL_Cleanup(void)
-{
-  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
-      return;
-  (vector->p_BL_Cleanup)();
-}
diff --git a/security/nss/lib/freebl/loader.h b/security/nss/lib/freebl/loader.h
deleted file mode 100644
index 33a4d1bdf..000000000
--- a/security/nss/lib/freebl/loader.h
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- * loader.h - load platform dependent DSO containing freebl implementation.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _LOADER_H_
-#define _LOADER_H_ 1
-
-#include "blapi.h"
-
-#define FREEBL_VERSION 0x0302
-
-struct FREEBLVectorStr {
-
-  unsigned short length;  /* of this struct in bytes */
-  unsigned short version; /* of this struct. */
-
-  RSAPrivateKey * (* p_RSA_NewKey)(int         keySizeInBits,
-				 SECItem *   publicExponent);
-
-  SECStatus (* p_RSA_PublicKeyOp) (RSAPublicKey *   key,
-				 unsigned char *  output,
-				 const unsigned char *  input);
-
-  SECStatus (* p_RSA_PrivateKeyOp)(RSAPrivateKey *  key,
-				  unsigned char *  output,
-				  const unsigned char *  input);
-
-  SECStatus (* p_DSA_NewKey)(const PQGParams *    params, 
-		            DSAPrivateKey **      privKey);
-
-  SECStatus (* p_DSA_SignDigest)(DSAPrivateKey *   key,
-				SECItem *         signature,
-				const SECItem *   digest);
-
-  SECStatus (* p_DSA_VerifyDigest)(DSAPublicKey *  key,
-				  const SECItem *  signature,
-				  const SECItem *  digest);
-
-  SECStatus (* p_DSA_NewKeyFromSeed)(const PQGParams *params, 
-				     const unsigned char * seed,
-                                     DSAPrivateKey **privKey);
-
-  SECStatus (* p_DSA_SignDigestWithSeed)(DSAPrivateKey * key,
-				        SECItem *             signature,
-				        const SECItem *       digest,
-				        const unsigned char * seed);
-
- SECStatus (* p_DH_GenParam)(int primeLen, DHParams ** params);
-
- SECStatus (* p_DH_NewKey)(DHParams *           params, 
-                           DHPrivateKey **	privKey);
-
- SECStatus (* p_DH_Derive)(SECItem *    publicValue, 
-		           SECItem *    prime, 
-			   SECItem *    privateValue, 
-			   SECItem *    derivedSecret,
-			   unsigned int maxOutBytes);
-
- SECStatus (* p_KEA_Derive)(SECItem *prime, 
-                            SECItem *public1, 
-                            SECItem *public2, 
-			    SECItem *private1, 
-			    SECItem *private2,
-			    SECItem *derivedSecret);
-
- PRBool (* p_KEA_Verify)(SECItem *Y, SECItem *prime, SECItem *subPrime);
-
- RC4Context * (* p_RC4_CreateContext)(unsigned char *key, int len);
-
- void (* p_RC4_DestroyContext)(RC4Context *cx, PRBool freeit);
-
- SECStatus (* p_RC4_Encrypt)(RC4Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_RC4_Decrypt)(RC4Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- RC2Context * (* p_RC2_CreateContext)(unsigned char *key, unsigned int len,
-		     unsigned char *iv, int mode, unsigned effectiveKeyLen);
-
- void (* p_RC2_DestroyContext)(RC2Context *cx, PRBool freeit);
-
- SECStatus (* p_RC2_Encrypt)(RC2Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_RC2_Decrypt)(RC2Context *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- RC5Context *(* p_RC5_CreateContext)(SECItem *key, unsigned int rounds,
-                     unsigned int wordSize, unsigned char *iv, int mode);
-
- void (* p_RC5_DestroyContext)(RC5Context *cx, PRBool freeit);
-
- SECStatus (* p_RC5_Encrypt)(RC5Context *cx, unsigned char *output,
-                            unsigned int *outputLen, unsigned int maxOutputLen,
-                            const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_RC5_Decrypt)(RC5Context *cx, unsigned char *output,
-                            unsigned int *outputLen, unsigned int maxOutputLen,
-                            const unsigned char *input, unsigned int inputLen);
-
- DESContext *(* p_DES_CreateContext)(unsigned char *key, unsigned char *iv,
-				     int mode, PRBool encrypt);
-
- void (* p_DES_DestroyContext)(DESContext *cx, PRBool freeit);
-
- SECStatus (* p_DES_Encrypt)(DESContext *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_DES_Decrypt)(DESContext *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- AESContext * (* p_AES_CreateContext)(unsigned char *key, unsigned char *iv, 
-			    int mode, int encrypt, unsigned int keylen, 
-			    unsigned int blocklen);
-
- void (* p_AES_DestroyContext)(AESContext *cx, PRBool freeit);
-
- SECStatus (* p_AES_Encrypt)(AESContext *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_AES_Decrypt)(AESContext *cx, unsigned char *output,
-			    unsigned int *outputLen, unsigned int maxOutputLen,
-			    const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_MD5_Hash)(unsigned char *dest, const char *src);
-
- SECStatus (* p_MD5_HashBuf)(unsigned char *dest, const unsigned char *src,
-			     uint32 src_length);
-
- MD5Context *(* p_MD5_NewContext)(void);
-
- void (* p_MD5_DestroyContext)(MD5Context *cx, PRBool freeit);
-
- void (* p_MD5_Begin)(MD5Context *cx);
-
- void (* p_MD5_Update)(MD5Context *cx,
-		       const unsigned char *input, unsigned int inputLen);
-
- void (* p_MD5_End)(MD5Context *cx, unsigned char *digest,
-		    unsigned int *digestLen, unsigned int maxDigestLen);
-
- unsigned int (* p_MD5_FlattenSize)(MD5Context *cx);
-
- SECStatus (* p_MD5_Flatten)(MD5Context *cx,unsigned char *space);
-
- MD5Context * (* p_MD5_Resurrect)(unsigned char *space, void *arg);
-
- void (* p_MD5_TraceState)(MD5Context *cx);
-
- SECStatus (* p_MD2_Hash)(unsigned char *dest, const char *src);
-
- MD2Context *(* p_MD2_NewContext)(void);
-
- void (* p_MD2_DestroyContext)(MD2Context *cx, PRBool freeit);
-
- void (* p_MD2_Begin)(MD2Context *cx);
-
- void (* p_MD2_Update)(MD2Context *cx,
-		       const unsigned char *input, unsigned int inputLen);
-
- void (* p_MD2_End)(MD2Context *cx, unsigned char *digest,
-		    unsigned int *digestLen, unsigned int maxDigestLen);
-
- unsigned int (* p_MD2_FlattenSize)(MD2Context *cx);
-
- SECStatus (* p_MD2_Flatten)(MD2Context *cx,unsigned char *space);
-
- MD2Context * (* p_MD2_Resurrect)(unsigned char *space, void *arg);
-
- SECStatus (* p_SHA1_Hash)(unsigned char *dest, const char *src);
-
- SECStatus (* p_SHA1_HashBuf)(unsigned char *dest, const unsigned char *src,
-			      uint32 src_length);
-
- SHA1Context *(* p_SHA1_NewContext)(void);
-
- void (* p_SHA1_DestroyContext)(SHA1Context *cx, PRBool freeit);
-
- void (* p_SHA1_Begin)(SHA1Context *cx);
-
- void (* p_SHA1_Update)(SHA1Context *cx, const unsigned char *input,
-			unsigned int inputLen);
-
- void (* p_SHA1_End)(SHA1Context *cx, unsigned char *digest,
-		     unsigned int *digestLen, unsigned int maxDigestLen);
-
- void (* p_SHA1_TraceState)(SHA1Context *cx);
-
- unsigned int (* p_SHA1_FlattenSize)(SHA1Context *cx);
-
- SECStatus (* p_SHA1_Flatten)(SHA1Context *cx,unsigned char *space);
-
- SHA1Context * (* p_SHA1_Resurrect)(unsigned char *space, void *arg);
-
- SECStatus (* p_RNG_RNGInit)(void);
-
- SECStatus (* p_RNG_RandomUpdate)(const void *data, size_t bytes);
-
- SECStatus (* p_RNG_GenerateGlobalRandomBytes)(void *dest, size_t len);
-
- void  (* p_RNG_RNGShutdown)(void);
-
- SECStatus (* p_PQG_ParamGen)(unsigned int j, PQGParams **pParams,  
-	                      PQGVerify **pVfy);    
-
- SECStatus (* p_PQG_ParamGenSeedLen)( unsigned int j, unsigned int seedBytes, 
-                                     PQGParams **pParams, PQGVerify **pVfy); 
-
- SECStatus (* p_PQG_VerifyParams)(const PQGParams *params, 
-                                  const PQGVerify *vfy, SECStatus *result);
-
-  SECStatus (* p_RSA_PrivateKeyOpDoubleChecked)(RSAPrivateKey *key,
-                              unsigned char *output,
-                              const unsigned char *input);
-
-  SECStatus (* p_RSA_PrivateKeyCheck)(RSAPrivateKey *key);
-
-  void (* p_BL_Cleanup)(void);
-
-};
-
-typedef struct FREEBLVectorStr FREEBLVector;
-
-SEC_BEGIN_PROTOS
-
-typedef const FREEBLVector * FREEBLGetVectorFn(void);
-
-extern FREEBLGetVectorFn FREEBL_GetVector;
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/freebl/mac_rand.c b/security/nss/lib/freebl/mac_rand.c
deleted file mode 100644
index 27efdde68..000000000
--- a/security/nss/lib/freebl/mac_rand.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef notdef
-#include "xp_core.h"
-#include "xp_file.h"
-#endif
-#include "secrng.h"
-#include "mcom_db.h"
-#ifdef XP_MAC
-#include <Events.h>
-#include <OSUtils.h>
-#include <QDOffscreen.h>
-#include <PPCToolbox.h>
-#include <Processes.h>
-#include <LowMem.h>
-#include <Scrap.h>
-
-/* Static prototypes */
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen);
-void FE_ReadScreen();
-
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen)
-{
-    union endianness {
-        int32 i;
-        char c[4];
-    } u;
-
-    if (srclen <= dstlen) {
-        memcpy(dst, src, srclen);
-        return srclen;
-    }
-    u.i = 0x01020304;
-    if (u.c[0] == 0x01) {
-        /* big-endian case */
-        memcpy(dst, (char*)src + (srclen - dstlen), dstlen);
-    } else {
-        /* little-endian case */
-        memcpy(dst, src, dstlen);
-    }
-    return dstlen;
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbytes)
-{
-    UnsignedWide microTickCount;
-    Microseconds(&microTickCount);
-    return CopyLowBits(buf, maxbytes,  &microTickCount, sizeof(microTickCount));
-}
-
-void RNG_FileForRNG(const char *filename)
-{   
-    unsigned char buffer[BUFSIZ];
-    size_t bytes;
-#ifdef notdef /*sigh*/
-    XP_File file;
-	unsigned long totalFileBytes = 0;
-
-	if (filename == NULL)	/* For now, read in global history if filename is null */
-		file = XP_FileOpen(NULL, xpGlobalHistory,XP_FILE_READ_BIN);
-	else
-		file = XP_FileOpen(NULL, xpURL,XP_FILE_READ_BIN);
-    if (file != NULL) {
-        for (;;) {
-            bytes = XP_FileRead(buffer, sizeof(buffer), file);
-            if (bytes == 0) break;
-            RNG_RandomUpdate( buffer, bytes);
-            totalFileBytes += bytes;
-            if (totalFileBytes > 100*1024) break;	/* No more than 100 K */
-        }
-		XP_FileClose(file);
-    }
-#endif
-    /*
-     * Pass yet another snapshot of our highest resolution clock into
-     * the hash function.
-     */
-    bytes = RNG_GetNoise(buffer, sizeof(buffer));
-    RNG_RandomUpdate(buffer, sizeof(buffer));
-}
-
-void RNG_SystemInfoForRNG()
-{
-/* Time */
-	{
-		unsigned long sec;
-		size_t bytes;
-		GetDateTime(&sec);	/* Current time since 1970 */
-		RNG_RandomUpdate( &sec, sizeof(sec));
-	    bytes = RNG_GetNoise(&sec, sizeof(sec));
-	    RNG_RandomUpdate(&sec, bytes);
-    }
-/* User specific variables */
-	{
-		MachineLocation loc;
-		ReadLocation(&loc);
-		RNG_RandomUpdate( &loc, sizeof(loc));
-	}
-#if !TARGET_CARBON
-/* User name */
-	{
-		unsigned long userRef;
-		Str32 userName;
-		GetDefaultUser(&userRef, userName);
-		RNG_RandomUpdate( &userRef, sizeof(userRef));
-		RNG_RandomUpdate( userName, sizeof(userName));
-	}
-#endif
-/* Mouse location */
-	{
-		Point mouseLoc;
-		GetMouse(&mouseLoc);
-		RNG_RandomUpdate( &mouseLoc, sizeof(mouseLoc));
-	}
-/* Keyboard time threshold */
-	{
-		SInt16 keyTresh = LMGetKeyThresh();
-		RNG_RandomUpdate( &keyTresh, sizeof(keyTresh));
-	}
-/* Last key pressed */
-	{
-		SInt8 keyLast;
-		keyLast = LMGetKbdLast();
-		RNG_RandomUpdate( &keyLast, sizeof(keyLast));
-	}
-/* Volume */
-	{
-		UInt8 volume = LMGetSdVolume();
-		RNG_RandomUpdate( &volume, sizeof(volume));
-	}
-#if !TARGET_CARBON
-/* Current directory */
-	{
-		SInt32 dir = LMGetCurDirStore();
-		RNG_RandomUpdate( &dir, sizeof(dir));
-	}
-#endif
-/* Process information about all the processes in the machine */
-	{
-		ProcessSerialNumber 	process;
-		ProcessInfoRec pi;
-	
-		process.highLongOfPSN = process.lowLongOfPSN  = kNoProcess;
-		
-		while (GetNextProcess(&process) == noErr)
-		{
-			FSSpec fileSpec;
-			pi.processInfoLength = sizeof(ProcessInfoRec);
-			pi.processName = NULL;
-			pi.processAppSpec = &fileSpec;
-			GetProcessInformation(&process, &pi);
-			RNG_RandomUpdate( &pi, sizeof(pi));
-			RNG_RandomUpdate( &fileSpec, sizeof(fileSpec));
-		}
-	}
-	
-#if !TARGET_CARBON
-/* Heap */
-	{
-		THz zone = LMGetTheZone();
-		RNG_RandomUpdate( &zone, sizeof(zone));
-	}
-#endif
-	
-/* Screen */
-	{
-		GDHandle h = GetMainDevice();		/* GDHandle is **GDevice */
-		RNG_RandomUpdate( *h, sizeof(GDevice));
-	}
-
-#if !TARGET_CARBON
-/* Scrap size */
-	{
-		SInt32 scrapSize = LMGetScrapSize();
-		RNG_RandomUpdate( &scrapSize, sizeof(scrapSize));
-	}
-/* Scrap count */
-	{
-		SInt16 scrapCount = LMGetScrapCount();
-		RNG_RandomUpdate( &scrapCount, sizeof(scrapCount));
-	}
-#else
-	{
-	    ScrapRef scrap;
-        if (GetCurrentScrap(&scrap) == noErr) {
-            UInt32 flavorCount;
-            if (GetScrapFlavorCount(scrap, &flavorCount) == noErr) {
-                ScrapFlavorInfo* flavorInfo = (ScrapFlavorInfo*) malloc(flavorCount * sizeof(ScrapFlavorInfo));
-                if (flavorInfo != NULL) {
-                    if (GetScrapFlavorInfoList(scrap, &flavorCount, flavorInfo) == noErr) {
-                        UInt32 i;
-                        RNG_RandomUpdate(&flavorCount, sizeof(flavorCount));
-                        for (i = 0; i < flavorCount; ++i) {
-                            Size flavorSize;
-                            if (GetScrapFlavorSize(scrap, flavorInfo[i].flavorType, &flavorSize) == noErr)
-                                RNG_RandomUpdate(&flavorSize, sizeof(flavorSize));
-                        }
-                    }
-                    free(flavorInfo);
-                }
-            }
-        }
-    }
-#endif
-/*  File stuff, last modified, etc. */
-	{
-		HParamBlockRec			pb;
-		GetVolParmsInfoBuffer	volInfo;
-		pb.ioParam.ioVRefNum = 0;
-		pb.ioParam.ioNamePtr = nil;
-		pb.ioParam.ioBuffer = (Ptr) &volInfo;
-		pb.ioParam.ioReqCount = sizeof(volInfo);
-		PBHGetVolParmsSync(&pb);
-		RNG_RandomUpdate( &volInfo, sizeof(volInfo));
-	}
-#if !TARGET_CARBON
-/* Event queue */
-	{
-		EvQElPtr		eventQ;
-		for (eventQ = (EvQElPtr) LMGetEventQueue()->qHead; 
-				eventQ; 
-				eventQ = (EvQElPtr)eventQ->qLink)
-			RNG_RandomUpdate( &eventQ->evtQWhat, sizeof(EventRecord));
-	}
-#endif
-	FE_ReadScreen();
-	RNG_FileForRNG(NULL);
-}
-
-void FE_ReadScreen()
-{
-	UInt16				coords[4];
-	PixMapHandle 		pmap;
-	GDHandle			gh;	
-	UInt16				screenHeight;
-	UInt16				screenWidth;			/* just what they say */
-	UInt32				bytesToRead;			/* number of bytes we're giving */
-	UInt32				offset;					/* offset into the graphics buffer */
-	UInt16				rowBytes;
-	UInt32				rowsToRead;
-	float				bytesPerPixel;			/* dependent on buffer depth */
-	Ptr					p;						/* temporary */
-	UInt16				x, y, w, h;
-
-	gh = LMGetMainDevice();
-	if ( !gh )
-		return;
-	pmap = (**gh).gdPMap;
-	if ( !pmap )
-		return;
-		
-	RNG_GenerateGlobalRandomBytes( coords, sizeof( coords ) );
-	
-	/* make x and y inside the screen rect */	
-	screenHeight = (**pmap).bounds.bottom - (**pmap).bounds.top;
-	screenWidth = (**pmap).bounds.right - (**pmap).bounds.left;
-	x = coords[0] % screenWidth;
-	y = coords[1] % screenHeight;
-	w = ( coords[2] & 0x7F ) | 0x40;		/* Make sure that w is in the range 64..128 */
-	h = ( coords[3] & 0x7F ) | 0x40;		/* same for h */
-
-	bytesPerPixel = (**pmap).pixelSize / 8;
-	rowBytes = (**pmap).rowBytes & 0x7FFF;
-
-	/* starting address */
-	offset = ( rowBytes * y ) + (UInt32)( (float)x * bytesPerPixel );
-	
-	/* don't read past the end of the pixmap's rowbytes */
-	bytesToRead = PR_MIN(	(UInt32)( w * bytesPerPixel ),
-						(UInt32)( rowBytes - ( x * bytesPerPixel ) ) );
-
-	/* don't read past the end of the graphics device pixmap */
-	rowsToRead = PR_MIN(	h, 
-						( screenHeight - y ) );
-	
-	p = GetPixBaseAddr( pmap ) + offset;
-	
-	while ( rowsToRead-- )
-	{
-		RNG_RandomUpdate( p, bytesToRead );
-		p += rowBytes;
-	}
-}
-#endif
diff --git a/security/nss/lib/freebl/manifest.mn b/security/nss/lib/freebl/manifest.mn
deleted file mode 100644
index 0a102e6ed..000000000
--- a/security/nss/lib/freebl/manifest.mn
+++ /dev/null
@@ -1,128 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-ifndef FREEBL_RECURSIVE_BUILD
-  LIBRARY_NAME = freebl
-else
-  ifdef USE_PURE_32
-    CORE_DEPTH = ../../../..
-    LIBRARY_NAME = freebl_pure32
-  else
-    LIBRARY_NAME = freebl_hybrid
-  endif
-endif
-
-# same version as rest of freebl
-LIBRARY_VERSION = _3
-
-REQUIRES = 
-
-EXPORTS = \
-	blapi.h \
-	blapit.h \
-	secrng.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	secmpi.h \
-	$(NULL)
-
-MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h
-MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c 
-
-ifdef MOZILLA_BSAFE_BUILD
-CSRCS = \
-	fblstdlib.c \
-	sha_fast.c \
-	md2.c \
-	md5.c \
-	blapi_bsf.c \
-	$(MPI_SRCS) \
-	dh.c \
-	$(NULL)
-else
-CSRCS = \
-	ldvector.c \
-	prng_fips1861.c \
-	sysrand.c \
-	sha_fast.c \
-	md2.c \
-	md5.c \
-	alg2268.c \
-	arcfour.c \
-	arcfive.c \
-	desblapi.c \
-	des.c \
-	rijndael.c \
-	dh.c \
-	pqg.c \
-	dsa.c \
-	rsa.c \
-	$(MPI_SRCS) \
-	$(NULL)
-endif
-
-ALL_CSRCS := $(CSRCS)
-
-ALL_HDRS =  \
-	blapi.h \
-	blapit.h \
-	des.h \
-	loader.h \
-	rijndael.h \
-	secmpi.h \
-	sha.h \
-	sha_fast.h \
-	vis_proto.h \
-	$(NULL)
-
-ifdef AES_GEN_TBL
-DEFINES += -DRIJNDAEL_GENERATE_TABLES
-else 
-ifdef AES_GEN_TBL_M
-DEFINES += -DRIJNDAEL_GENERATE_TABLES_MACRO
-else
-ifdef AES_GEN_VAL
-DEFINES += -DRIJNDAEL_GENERATE_VALUES
-else
-ifdef AES_GEN_VAL_M
-DEFINES += -DRIJNDAEL_GENERATE_VALUES_MACRO
-else
-DEFINES += -DRIJNDAEL_INCLUDE_TABLES
-endif
-endif
-endif
-endif
diff --git a/security/nss/lib/freebl/mapfile.Solaris b/security/nss/lib/freebl/mapfile.Solaris
deleted file mode 100644
index 8a39ceceb..000000000
--- a/security/nss/lib/freebl/mapfile.Solaris
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-libfreebl_3.so {
-	global:
-		FREEBL_GetVector;
-	local:
-		*;
-};
diff --git a/security/nss/lib/freebl/md2.c b/security/nss/lib/freebl/md2.c
deleted file mode 100644
index 3f7427c14..000000000
--- a/security/nss/lib/freebl/md2.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-
-#include "blapi.h"
-
-#define MD2_DIGEST_LEN    16
-#define MD2_BUFSIZE       16
-#define MD2_X_SIZE        48  /* The X array, [CV | INPUT | TMP VARS] */
-#define MD2_CV             0  /* index into X for chaining variables */
-#define MD2_INPUT         16  /* index into X for input */
-#define MD2_TMPVARS       32  /* index into X for temporary variables */
-#define MD2_CHECKSUM_SIZE 16
-
-struct MD2ContextStr {
-	unsigned char checksum[MD2_BUFSIZE];
-	unsigned char X[MD2_X_SIZE];
-	PRUint8 unusedBuffer;
-};
-
-static const PRUint8 MD2S[256] = {
- 0051, 0056, 0103, 0311, 0242, 0330, 0174, 0001,
- 0075, 0066, 0124, 0241, 0354, 0360, 0006, 0023,
- 0142, 0247, 0005, 0363, 0300, 0307, 0163, 0214,
- 0230, 0223, 0053, 0331, 0274, 0114, 0202, 0312,
- 0036, 0233, 0127, 0074, 0375, 0324, 0340, 0026,
- 0147, 0102, 0157, 0030, 0212, 0027, 0345, 0022,
- 0276, 0116, 0304, 0326, 0332, 0236, 0336, 0111,
- 0240, 0373, 0365, 0216, 0273, 0057, 0356, 0172,
- 0251, 0150, 0171, 0221, 0025, 0262, 0007, 0077,
- 0224, 0302, 0020, 0211, 0013, 0042, 0137, 0041,
- 0200, 0177, 0135, 0232, 0132, 0220, 0062, 0047,
- 0065, 0076, 0314, 0347, 0277, 0367, 0227, 0003,
- 0377, 0031, 0060, 0263, 0110, 0245, 0265, 0321,
- 0327, 0136, 0222, 0052, 0254, 0126, 0252, 0306,
- 0117, 0270, 0070, 0322, 0226, 0244, 0175, 0266,
- 0166, 0374, 0153, 0342, 0234, 0164, 0004, 0361,
- 0105, 0235, 0160, 0131, 0144, 0161, 0207, 0040,
- 0206, 0133, 0317, 0145, 0346, 0055, 0250, 0002,
- 0033, 0140, 0045, 0255, 0256, 0260, 0271, 0366,
- 0034, 0106, 0141, 0151, 0064, 0100, 0176, 0017,
- 0125, 0107, 0243, 0043, 0335, 0121, 0257, 0072,
- 0303, 0134, 0371, 0316, 0272, 0305, 0352, 0046,
- 0054, 0123, 0015, 0156, 0205, 0050, 0204, 0011,
- 0323, 0337, 0315, 0364, 0101, 0201, 0115, 0122,
- 0152, 0334, 0067, 0310, 0154, 0301, 0253, 0372,
- 0044, 0341, 0173, 0010, 0014, 0275, 0261, 0112,
- 0170, 0210, 0225, 0213, 0343, 0143, 0350, 0155,
- 0351, 0313, 0325, 0376, 0073, 0000, 0035, 0071,
- 0362, 0357, 0267, 0016, 0146, 0130, 0320, 0344,
- 0246, 0167, 0162, 0370, 0353, 0165, 0113, 0012,
- 0061, 0104, 0120, 0264, 0217, 0355, 0037, 0032,
- 0333, 0231, 0215, 0063, 0237, 0021, 0203, 0024
-};
-
-SECStatus 
-MD2_Hash(unsigned char *dest, const char *src)
-{
-	unsigned int len;
-	MD2Context *cx = MD2_NewContext();
-	if (!cx) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return SECFailure;
-	}
-	MD2_Begin(cx);
-	MD2_Update(cx, (unsigned char *)src, PL_strlen(src));
-	MD2_End(cx, dest, &len, MD2_DIGEST_LEN);
-	MD2_DestroyContext(cx, PR_TRUE);
-	return SECSuccess;
-}
-
-MD2Context *
-MD2_NewContext(void)
-{
-	MD2Context *cx = (MD2Context *)PORT_ZAlloc(sizeof(MD2Context));
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return NULL;
-	}
-	return cx;
-}
-
-void 
-MD2_DestroyContext(MD2Context *cx, PRBool freeit)
-{
-	if (freeit)
-		PORT_ZFree(cx, sizeof(*cx));
-}
-
-void 
-MD2_Begin(MD2Context *cx)
-{
-	memset(cx, 0, sizeof(*cx));
-	cx->unusedBuffer = MD2_BUFSIZE;
-}
-
-static void
-md2_compress(MD2Context *cx)
-{
-	int j;
-	unsigned char P;
-	P = cx->checksum[MD2_CHECKSUM_SIZE-1];
-	/* Compute the running checksum, and set the tmp variables to be 
-	 * CV[i] XOR input[i] 
-	 */
-#define CKSUMFN(n) \
-	P = cx->checksum[n] ^ MD2S[cx->X[MD2_INPUT+n] ^ P]; \
-	cx->checksum[n] = P; \
-	cx->X[MD2_TMPVARS+n] = cx->X[n] ^ cx->X[MD2_INPUT+n];
-	CKSUMFN(0);
-	CKSUMFN(1);
-	CKSUMFN(2);
-	CKSUMFN(3);
-	CKSUMFN(4);
-	CKSUMFN(5);
-	CKSUMFN(6);
-	CKSUMFN(7);
-	CKSUMFN(8);
-	CKSUMFN(9);
-	CKSUMFN(10);
-	CKSUMFN(11);
-	CKSUMFN(12);
-	CKSUMFN(13);
-	CKSUMFN(14);
-	CKSUMFN(15);
-	/* The compression function. */
-#define COMPRESS(n) \
-	P = cx->X[n] ^ MD2S[P]; \
-	cx->X[n] = P;
-	P = 0x00;
-	for (j=0; j<18; j++) {
-		COMPRESS(0);
-		COMPRESS(1);
-		COMPRESS(2);
-		COMPRESS(3);
-		COMPRESS(4);
-		COMPRESS(5);
-		COMPRESS(6);
-		COMPRESS(7);
-		COMPRESS(8);
-		COMPRESS(9);
-		COMPRESS(10);
-		COMPRESS(11);
-		COMPRESS(12);
-		COMPRESS(13);
-		COMPRESS(14);
-		COMPRESS(15);
-		COMPRESS(16);
-		COMPRESS(17);
-		COMPRESS(18);
-		COMPRESS(19);
-		COMPRESS(20);
-		COMPRESS(21);
-		COMPRESS(22);
-		COMPRESS(23);
-		COMPRESS(24);
-		COMPRESS(25);
-		COMPRESS(26);
-		COMPRESS(27);
-		COMPRESS(28);
-		COMPRESS(29);
-		COMPRESS(30);
-		COMPRESS(31);
-		COMPRESS(32);
-		COMPRESS(33);
-		COMPRESS(34);
-		COMPRESS(35);
-		COMPRESS(36);
-		COMPRESS(37);
-		COMPRESS(38);
-		COMPRESS(39);
-		COMPRESS(40);
-		COMPRESS(41);
-		COMPRESS(42);
-		COMPRESS(43);
-		COMPRESS(44);
-		COMPRESS(45);
-		COMPRESS(46);
-		COMPRESS(47);
-		P = (P + j) % 256;
-	}
-	cx->unusedBuffer = MD2_BUFSIZE;
-}
-
-void 
-MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
-{
-	PRUint32 bytesToConsume;
-	
-	/* Fill the remaining input buffer. */
-	if (cx->unusedBuffer != MD2_BUFSIZE) {
-		bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer);
-		memcpy(&cx->X[MD2_INPUT + (MD2_BUFSIZE - cx->unusedBuffer)],
-		            input, bytesToConsume);
-		if (cx->unusedBuffer + bytesToConsume >= MD2_BUFSIZE)
-			md2_compress(cx);
-		inputLen -= bytesToConsume;
-		input += bytesToConsume;
-	}
-
-	/* Iterate over 16-byte chunks of the input. */
-	while (inputLen >= MD2_BUFSIZE) {
-		memcpy(&cx->X[MD2_INPUT], input, MD2_BUFSIZE);
-		md2_compress(cx);
-		inputLen -= MD2_BUFSIZE;
-		input += MD2_BUFSIZE;
-	}
-
-	/* Copy any input that remains into the buffer. */
-	if (inputLen)
-		memcpy(&cx->X[MD2_INPUT], input, inputLen);
-	cx->unusedBuffer = MD2_BUFSIZE - inputLen;
-}
-
-void 
-MD2_End(MD2Context *cx, unsigned char *digest,
-        unsigned int *digestLen, unsigned int maxDigestLen)
-{
-	PRUint8 padStart;
-	if (maxDigestLen < MD2_BUFSIZE) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return;
-	}
-	padStart = MD2_BUFSIZE - cx->unusedBuffer;
-	memset(&cx->X[MD2_INPUT + padStart], cx->unusedBuffer, 
-	            cx->unusedBuffer);
-	md2_compress(cx);
-	memcpy(&cx->X[MD2_INPUT], cx->checksum, MD2_BUFSIZE);
-	md2_compress(cx);
-	*digestLen = MD2_DIGEST_LEN;
-	memcpy(digest, &cx->X[MD2_CV], MD2_DIGEST_LEN);
-}
-
-unsigned int 
-MD2_FlattenSize(MD2Context *cx)
-{
-	return sizeof(*cx);
-}
-
-SECStatus 
-MD2_Flatten(MD2Context *cx, unsigned char *space)
-{
-	memcpy(space, cx, sizeof(*cx));
-	return SECSuccess;
-}
-
-MD2Context * 
-MD2_Resurrect(unsigned char *space, void *arg)
-{
-	MD2Context *cx = MD2_NewContext();
-	if (cx)
-		memcpy(cx, space, sizeof(*cx));
-	return cx;
-}
diff --git a/security/nss/lib/freebl/md5.c b/security/nss/lib/freebl/md5.c
deleted file mode 100644
index c1e55902c..000000000
--- a/security/nss/lib/freebl/md5.c
+++ /dev/null
@@ -1,531 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prlong.h"
-
-#include "blapi.h"
-
-#define MD5_HASH_LEN 16
-#define MD5_BUFFER_SIZE 64
-#define MD5_END_BUFFER (MD5_BUFFER_SIZE - 8)
-
-#define CV0_1 0x67452301
-#define CV0_2 0xefcdab89
-#define CV0_3 0x98badcfe
-#define CV0_4 0x10325476
-
-#define T1_0  0xd76aa478
-#define T1_1  0xe8c7b756
-#define T1_2  0x242070db
-#define T1_3  0xc1bdceee
-#define T1_4  0xf57c0faf
-#define T1_5  0x4787c62a
-#define T1_6  0xa8304613
-#define T1_7  0xfd469501
-#define T1_8  0x698098d8
-#define T1_9  0x8b44f7af
-#define T1_10 0xffff5bb1
-#define T1_11 0x895cd7be
-#define T1_12 0x6b901122
-#define T1_13 0xfd987193
-#define T1_14 0xa679438e
-#define T1_15 0x49b40821
-
-#define T2_0  0xf61e2562
-#define T2_1  0xc040b340
-#define T2_2  0x265e5a51
-#define T2_3  0xe9b6c7aa
-#define T2_4  0xd62f105d
-#define T2_5  0x02441453
-#define T2_6  0xd8a1e681
-#define T2_7  0xe7d3fbc8
-#define T2_8  0x21e1cde6
-#define T2_9  0xc33707d6
-#define T2_10 0xf4d50d87
-#define T2_11 0x455a14ed
-#define T2_12 0xa9e3e905
-#define T2_13 0xfcefa3f8
-#define T2_14 0x676f02d9
-#define T2_15 0x8d2a4c8a
-
-#define T3_0  0xfffa3942
-#define T3_1  0x8771f681
-#define T3_2  0x6d9d6122
-#define T3_3  0xfde5380c
-#define T3_4  0xa4beea44
-#define T3_5  0x4bdecfa9
-#define T3_6  0xf6bb4b60
-#define T3_7  0xbebfbc70
-#define T3_8  0x289b7ec6
-#define T3_9  0xeaa127fa
-#define T3_10 0xd4ef3085
-#define T3_11 0x04881d05
-#define T3_12 0xd9d4d039
-#define T3_13 0xe6db99e5
-#define T3_14 0x1fa27cf8
-#define T3_15 0xc4ac5665
-
-#define T4_0  0xf4292244
-#define T4_1  0x432aff97
-#define T4_2  0xab9423a7
-#define T4_3  0xfc93a039
-#define T4_4  0x655b59c3
-#define T4_5  0x8f0ccc92
-#define T4_6  0xffeff47d
-#define T4_7  0x85845dd1
-#define T4_8  0x6fa87e4f
-#define T4_9  0xfe2ce6e0
-#define T4_10 0xa3014314
-#define T4_11 0x4e0811a1
-#define T4_12 0xf7537e82
-#define T4_13 0xbd3af235
-#define T4_14 0x2ad7d2bb
-#define T4_15 0xeb86d391
-
-#define R1B0  0
-#define R1B1  1
-#define R1B2  2
-#define R1B3  3
-#define R1B4  4
-#define R1B5  5
-#define R1B6  6
-#define R1B7  7
-#define R1B8  8
-#define R1B9  9
-#define R1B10 10
-#define R1B11 11
-#define R1B12 12
-#define R1B13 13
-#define R1B14 14
-#define R1B15 15
-
-#define R2B0  1
-#define R2B1  6
-#define R2B2  11
-#define R2B3  0
-#define R2B4  5
-#define R2B5  10
-#define R2B6  15
-#define R2B7  4
-#define R2B8  9
-#define R2B9  14
-#define R2B10 3 
-#define R2B11 8 
-#define R2B12 13
-#define R2B13 2 
-#define R2B14 7 
-#define R2B15 12
-
-#define R3B0  5
-#define R3B1  8
-#define R3B2  11
-#define R3B3  14
-#define R3B4  1
-#define R3B5  4
-#define R3B6  7
-#define R3B7  10
-#define R3B8  13
-#define R3B9  0
-#define R3B10 3 
-#define R3B11 6 
-#define R3B12 9 
-#define R3B13 12
-#define R3B14 15
-#define R3B15 2 
-
-#define R4B0  0
-#define R4B1  7
-#define R4B2  14
-#define R4B3  5
-#define R4B4  12
-#define R4B5  3
-#define R4B6  10
-#define R4B7  1
-#define R4B8  8
-#define R4B9  15
-#define R4B10 6 
-#define R4B11 13
-#define R4B12 4 
-#define R4B13 11
-#define R4B14 2 
-#define R4B15 9 
-
-#define S1_0 7
-#define S1_1 12
-#define S1_2 17
-#define S1_3 22
-
-#define S2_0 5
-#define S2_1 9
-#define S2_2 14
-#define S2_3 20
-
-#define S3_0 4
-#define S3_1 11
-#define S3_2 16
-#define S3_3 23
-
-#define S4_0 6
-#define S4_1 10
-#define S4_2 15
-#define S4_3 21
-
-struct MD5ContextStr {
-	PRUint32      lsbInput;
-	PRUint32      msbInput;
-	PRUint32      cv[4];
-	union {
-		PRUint8 b[64];
-		PRUint32 w[16];
-	} u;
-};
-
-#define inBuf u.b
-
-SECStatus 
-MD5_Hash(unsigned char *dest, const char *src)
-{
-	return MD5_HashBuf(dest, (unsigned char *)src, PL_strlen(src));
-}
-
-SECStatus 
-MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-	unsigned int len;
-	MD5Context *cx = MD5_NewContext();
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return SECFailure;
-	}
-	MD5_Begin(cx);
-	MD5_Update(cx, src, src_length);
-	MD5_End(cx, dest, &len, MD5_HASH_LEN);
-	MD5_DestroyContext(cx, PR_TRUE);
-	return SECSuccess;
-}
-
-MD5Context *
-MD5_NewContext(void)
-{
-	MD5Context *cx = (MD5Context *)PORT_ZAlloc(sizeof(MD5Context));
-	if (cx == NULL) {
-		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-		return NULL;
-	}
-	return cx;
-}
-
-void 
-MD5_DestroyContext(MD5Context *cx, PRBool freeit)
-{
-	if (freeit) {
-		PORT_ZFree(cx, sizeof(MD5Context));
-	}
-}
-
-void 
-MD5_Begin(MD5Context *cx)
-{
-	cx->lsbInput = 0;
-	cx->msbInput = 0;
-	memset(cx->inBuf, 0, sizeof(cx->inBuf));
-	cx->cv[0] = CV0_1;
-	cx->cv[1] = CV0_2;
-	cx->cv[2] = CV0_3;
-	cx->cv[3] = CV0_4;
-}
-
-#define cls(i32, s) (tmp = i32, tmp << s | tmp >> (32 - s))
-
-#define MASK 0x00ff00ff
-#ifdef IS_LITTLE_ENDIAN
-#define lendian(i32) \
-	(i32)
-#else
-#define lendian(i32) \
-	(tmp = i32 >> 16 | i32 << 16, (tmp & MASK) << 8 | tmp >> 8 & MASK)
-#endif
-
-#if defined(SOLARIS) || defined(HPUX)
-#define addto64(sumhigh, sumlow, addend) \
-	sumlow += addend; sumhigh += (sumlow < addend);
-#else
-#define addto64(sumhigh, sumlow, addend) \
-	sumlow += addend; if (sumlow < addend) ++sumhigh;
-#endif
-
-#define F(X, Y, Z) \
-	((X & Y) | ((~X) & Z))
-
-#define G(X, Y, Z) \
-	((X & Z) | (Y & (~Z)))
-
-#define H(X, Y, Z) \
-	(X ^ Y ^ Z)
-
-#define I(X, Y, Z) \
-	(Y ^ (X | (~Z)))
-
-#define FF(a, b, c, d, bufint, s, ti) \
-	a = b + cls(a + F(b, c, d) + bufint + ti, s)
-
-#define GG(a, b, c, d, bufint, s, ti) \
-	a = b + cls(a + G(b, c, d) + bufint + ti, s)
-
-#define HH(a, b, c, d, bufint, s, ti) \
-	a = b + cls(a + H(b, c, d) + bufint + ti, s)
-
-#define II(a, b, c, d, bufint, s, ti) \
-	a = b + cls(a + I(b, c, d) + bufint + ti, s)
-
-static void
-md5_compress(MD5Context *cx)
-{
-	PRUint32 a, b, c, d;
-	PRUint32 tmp;
-	a = cx->cv[0];
-	b = cx->cv[1];
-	c = cx->cv[2];
-	d = cx->cv[3];
-#ifndef IS_LITTLE_ENDIAN
-	cx->u.w[0] = lendian(cx->u.w[0]);
-	cx->u.w[1] = lendian(cx->u.w[1]);
-	cx->u.w[2] = lendian(cx->u.w[2]);
-	cx->u.w[3] = lendian(cx->u.w[3]);
-	cx->u.w[4] = lendian(cx->u.w[4]);
-	cx->u.w[5] = lendian(cx->u.w[5]);
-	cx->u.w[6] = lendian(cx->u.w[6]);
-	cx->u.w[7] = lendian(cx->u.w[7]);
-	cx->u.w[8] = lendian(cx->u.w[8]);
-	cx->u.w[9] = lendian(cx->u.w[9]);
-	cx->u.w[10] = lendian(cx->u.w[10]);
-	cx->u.w[11] = lendian(cx->u.w[11]);
-	cx->u.w[12] = lendian(cx->u.w[12]);
-	cx->u.w[13] = lendian(cx->u.w[13]);
-	cx->u.w[14] = lendian(cx->u.w[14]);
-	cx->u.w[15] = lendian(cx->u.w[15]);
-#endif
-	FF(a, b, c, d, cx->u.w[R1B0 ], S1_0, T1_0);
-	FF(d, a, b, c, cx->u.w[R1B1 ], S1_1, T1_1);
-	FF(c, d, a, b, cx->u.w[R1B2 ], S1_2, T1_2);
-	FF(b, c, d, a, cx->u.w[R1B3 ], S1_3, T1_3);
-	FF(a, b, c, d, cx->u.w[R1B4 ], S1_0, T1_4);
-	FF(d, a, b, c, cx->u.w[R1B5 ], S1_1, T1_5);
-	FF(c, d, a, b, cx->u.w[R1B6 ], S1_2, T1_6);
-	FF(b, c, d, a, cx->u.w[R1B7 ], S1_3, T1_7);
-	FF(a, b, c, d, cx->u.w[R1B8 ], S1_0, T1_8);
-	FF(d, a, b, c, cx->u.w[R1B9 ], S1_1, T1_9);
-	FF(c, d, a, b, cx->u.w[R1B10], S1_2, T1_10);
-	FF(b, c, d, a, cx->u.w[R1B11], S1_3, T1_11);
-	FF(a, b, c, d, cx->u.w[R1B12], S1_0, T1_12);
-	FF(d, a, b, c, cx->u.w[R1B13], S1_1, T1_13);
-	FF(c, d, a, b, cx->u.w[R1B14], S1_2, T1_14);
-	FF(b, c, d, a, cx->u.w[R1B15], S1_3, T1_15);
-	GG(a, b, c, d, cx->u.w[R2B0 ], S2_0, T2_0);
-	GG(d, a, b, c, cx->u.w[R2B1 ], S2_1, T2_1);
-	GG(c, d, a, b, cx->u.w[R2B2 ], S2_2, T2_2);
-	GG(b, c, d, a, cx->u.w[R2B3 ], S2_3, T2_3);
-	GG(a, b, c, d, cx->u.w[R2B4 ], S2_0, T2_4);
-	GG(d, a, b, c, cx->u.w[R2B5 ], S2_1, T2_5);
-	GG(c, d, a, b, cx->u.w[R2B6 ], S2_2, T2_6);
-	GG(b, c, d, a, cx->u.w[R2B7 ], S2_3, T2_7);
-	GG(a, b, c, d, cx->u.w[R2B8 ], S2_0, T2_8);
-	GG(d, a, b, c, cx->u.w[R2B9 ], S2_1, T2_9);
-	GG(c, d, a, b, cx->u.w[R2B10], S2_2, T2_10);
-	GG(b, c, d, a, cx->u.w[R2B11], S2_3, T2_11);
-	GG(a, b, c, d, cx->u.w[R2B12], S2_0, T2_12);
-	GG(d, a, b, c, cx->u.w[R2B13], S2_1, T2_13);
-	GG(c, d, a, b, cx->u.w[R2B14], S2_2, T2_14);
-	GG(b, c, d, a, cx->u.w[R2B15], S2_3, T2_15);
-	HH(a, b, c, d, cx->u.w[R3B0 ], S3_0, T3_0);
-	HH(d, a, b, c, cx->u.w[R3B1 ], S3_1, T3_1);
-	HH(c, d, a, b, cx->u.w[R3B2 ], S3_2, T3_2);
-	HH(b, c, d, a, cx->u.w[R3B3 ], S3_3, T3_3);
-	HH(a, b, c, d, cx->u.w[R3B4 ], S3_0, T3_4);
-	HH(d, a, b, c, cx->u.w[R3B5 ], S3_1, T3_5);
-	HH(c, d, a, b, cx->u.w[R3B6 ], S3_2, T3_6);
-	HH(b, c, d, a, cx->u.w[R3B7 ], S3_3, T3_7);
-	HH(a, b, c, d, cx->u.w[R3B8 ], S3_0, T3_8);
-	HH(d, a, b, c, cx->u.w[R3B9 ], S3_1, T3_9);
-	HH(c, d, a, b, cx->u.w[R3B10], S3_2, T3_10);
-	HH(b, c, d, a, cx->u.w[R3B11], S3_3, T3_11);
-	HH(a, b, c, d, cx->u.w[R3B12], S3_0, T3_12);
-	HH(d, a, b, c, cx->u.w[R3B13], S3_1, T3_13);
-	HH(c, d, a, b, cx->u.w[R3B14], S3_2, T3_14);
-	HH(b, c, d, a, cx->u.w[R3B15], S3_3, T3_15);
-	II(a, b, c, d, cx->u.w[R4B0 ], S4_0, T4_0);
-	II(d, a, b, c, cx->u.w[R4B1 ], S4_1, T4_1);
-	II(c, d, a, b, cx->u.w[R4B2 ], S4_2, T4_2);
-	II(b, c, d, a, cx->u.w[R4B3 ], S4_3, T4_3);
-	II(a, b, c, d, cx->u.w[R4B4 ], S4_0, T4_4);
-	II(d, a, b, c, cx->u.w[R4B5 ], S4_1, T4_5);
-	II(c, d, a, b, cx->u.w[R4B6 ], S4_2, T4_6);
-	II(b, c, d, a, cx->u.w[R4B7 ], S4_3, T4_7);
-	II(a, b, c, d, cx->u.w[R4B8 ], S4_0, T4_8);
-	II(d, a, b, c, cx->u.w[R4B9 ], S4_1, T4_9);
-	II(c, d, a, b, cx->u.w[R4B10], S4_2, T4_10);
-	II(b, c, d, a, cx->u.w[R4B11], S4_3, T4_11);
-	II(a, b, c, d, cx->u.w[R4B12], S4_0, T4_12);
-	II(d, a, b, c, cx->u.w[R4B13], S4_1, T4_13);
-	II(c, d, a, b, cx->u.w[R4B14], S4_2, T4_14);
-	II(b, c, d, a, cx->u.w[R4B15], S4_3, T4_15);
-	cx->cv[0] += a;
-	cx->cv[1] += b;
-	cx->cv[2] += c;
-	cx->cv[3] += d;
-}
-
-void 
-MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
-{
-	PRUint32 bytesToConsume;
-	PRUint32 inBufIndex = cx->lsbInput & 63;
-
-	/* Add the number of input bytes to the 64-bit input counter. */
-	addto64(cx->msbInput, cx->lsbInput, inputLen);
-	if (inBufIndex) {
-		/* There is already data in the buffer.  Fill with input. */
-		bytesToConsume = PR_MIN(inputLen, MD5_BUFFER_SIZE - inBufIndex);
-		memcpy(&cx->inBuf[inBufIndex], input, bytesToConsume);
-		if (inBufIndex + bytesToConsume >= MD5_BUFFER_SIZE)
-			/* The buffer is filled.  Run the compression function. */
-			md5_compress(cx);
-		/* Remaining input. */
-		inputLen -= bytesToConsume;
-		input += bytesToConsume;
-	}
-
-	/* Iterate over 64-byte chunks of the message. */
-	while (inputLen >= MD5_BUFFER_SIZE) {
-		memcpy(cx->inBuf, input, MD5_BUFFER_SIZE);
-		md5_compress(cx);
-		inputLen -= MD5_BUFFER_SIZE;
-		input += MD5_BUFFER_SIZE;
-	}
-
-	/* Tail of message (message bytes mod 64). */
-	if (inputLen)
-		memcpy(cx->inBuf, input, inputLen);
-}
-
-static const unsigned char padbytes[] = {
-	0x80, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,
-	0x00, 0x00, 0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00,  0x00
-};
-
-void 
-MD5_End(MD5Context *cx, unsigned char *digest,
-        unsigned int *digestLen, unsigned int maxDigestLen)
-{
-#ifndef IS_LITTLE_ENDIAN
-	PRUint32 tmp;
-#endif
-	PRUint32 lowInput, highInput;
-	PRUint32 inBufIndex = cx->lsbInput & 63;
-
-	if (maxDigestLen < MD5_HASH_LEN) {
-		PORT_SetError(SEC_ERROR_INVALID_ARGS);
-		return;
-	}
-
-	/* Copy out the length of bits input before padding. */
-	lowInput = cx->lsbInput; 
-	highInput = (cx->msbInput << 3) | (lowInput >> 29);
-	lowInput <<= 3;
-
-	if (inBufIndex < MD5_END_BUFFER) {
-		MD5_Update(cx, padbytes, MD5_END_BUFFER - inBufIndex);
-	} else {
-		MD5_Update(cx, padbytes, 
-		           MD5_END_BUFFER + MD5_BUFFER_SIZE - inBufIndex);
-	}
-
-	/* Store the number of bytes input (before padding) in final 64 bits. */
-	cx->u.w[14] = lendian(lowInput);
-	cx->u.w[15] = lendian(highInput);
-
-	/* Final call to compress. */
-	md5_compress(cx);
-
-	/* Copy the resulting values out of the chain variables into return buf. */
-	*digestLen = MD5_HASH_LEN;
-#ifndef IS_LITTLE_ENDIAN
-	cx->cv[0] = lendian(cx->cv[0]);
-	cx->cv[1] = lendian(cx->cv[1]);
-	cx->cv[2] = lendian(cx->cv[2]);
-	cx->cv[3] = lendian(cx->cv[3]);
-#endif
-	memcpy(digest, cx->cv, MD5_HASH_LEN);
-}
-
-unsigned int 
-MD5_FlattenSize(MD5Context *cx)
-{
-	return sizeof(*cx);
-}
-
-SECStatus 
-MD5_Flatten(MD5Context *cx, unsigned char *space)
-{
-	memcpy(space, cx, sizeof(*cx));
-	return SECSuccess;
-}
-
-MD5Context * 
-MD5_Resurrect(unsigned char *space, void *arg)
-{
-	MD5Context *cx = MD5_NewContext();
-	if (cx)
-		memcpy(cx, space, sizeof(*cx));
-	return cx;
-}
-
-void 
-MD5_TraceState(MD5Context *cx)
-{
-	PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-}
diff --git a/security/nss/lib/freebl/mknewpc2.c b/security/nss/lib/freebl/mknewpc2.c
deleted file mode 100644
index 3bd3f0cf0..000000000
--- a/security/nss/lib/freebl/mknewpc2.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
- *  mknewpc2.c
- *
- *  Generate PC-2 tables for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com.  Portions created by Nelson B. Bolyard are 
- * Copyright (C) 1990, 2000  Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-typedef unsigned char BYTE;
-typedef unsigned int  HALF;
-
-#define DES_ENCRYPT 0
-#define DES_DECRYPT 1
-
-/* two 28-bit registers defined in key schedule production process */
-static HALF C0, D0;
-
-static HALF L0, R0;
-
-/* key schedule, 16 internal keys, each with 8 6-bit parts */
-static BYTE KS [8] [16];
-
-
-/*
- * This table takes the 56 bits in C0 and D0 and shows show they are 
- * permuted into the 8 6-bit parts of the key in the key schedule.
- * The bits of C0 are numbered left to right, 1-28.
- * The bits of D0 are numbered left to right, 29-56.
- * Zeros in this table represent bits that are always zero.
- * Note that all the bits in the first  4 rows come from C0, 
- *       and all the bits in the second 4 rows come from D0.
- */
-static const BYTE PC2[64] = {
-    14, 17, 11, 24,  1,  5,  0,  0,	/* S1 */
-     3, 28, 15,  6, 21, 10,  0,  0,	/* S2 */
-    23, 19, 12,  4, 26,  8,  0,  0,	/* S3 */
-    16,  7, 27, 20, 13,  2,  0,  0,	/* S4 */
-
-    41, 52, 31, 37, 47, 55,  0,  0,	/* S5 */
-    30, 40, 51, 45, 33, 48,  0,  0,	/* S6 */
-    44, 49, 39, 56, 34, 53,  0,  0,	/* S7 */
-    46, 42, 50, 36, 29, 32,  0,  0	/* S8 */
-};
-
-/* This table represents the same info as PC2, except that 
- * The bits of C0 and D0 are each numbered right to left, 0-27.
- * -1 values indicate bits that are always zero.
- * As before all the bits in the first  4 rows come from C0, 
- *       and all the bits in the second 4 rows come from D0.
- */
-static       signed char PC2a[64] = {
-/* bits of C0 */
-    14, 11, 17,  4, 27, 23, -1, -1,	/* S1 */
-    25,  0, 13, 22,  7, 18, -1, -1,	/* S2 */
-     5,  9, 16, 24,  2, 20, -1, -1,	/* S3 */
-    12, 21,  1,  8, 15, 26, -1, -1,	/* S4 */
-/* bits of D0 */
-    15,  4, 25, 19,  9,  1, -1, -1,	/* S5 */
-    26, 16,  5, 11, 23,  8, -1, -1,	/* S6 */
-    12,  7, 17,  0, 22,  3, -1, -1,	/* S7 */
-    10, 14,  6, 20, 27, 24, -1, -1 	/* S8 */
-};
-
-/* This table represents the same info as PC2a, except that 
- * The order of of the rows has been changed to increase the efficiency
- * with which the key sechedule is created.
- * Fewer shifts and ANDs are required to make the KS from these.
- */
-static const signed char PC2b[64] = {
-/* bits of C0 */
-    14, 11, 17,  4, 27, 23, -1, -1,	/* S1 */
-     5,  9, 16, 24,  2, 20, -1, -1,	/* S3 */
-    25,  0, 13, 22,  7, 18, -1, -1,	/* S2 */
-    12, 21,  1,  8, 15, 26, -1, -1,	/* S4 */
-/* bits of D0 */
-    26, 16,  5, 11, 23,  8, -1, -1,	/* S6 */
-    10, 14,  6, 20, 27, 24, -1, -1,	/* S8 */
-    15,  4, 25, 19,  9,  1, -1, -1,	/* S5 */
-    12,  7, 17,  0, 22,  3, -1, -1 	/* S7 */
-};
-
-/* Only 24 of the 28 bits in C0 and D0 are used in PC2.
- * The used bits of C0 and D0 are grouped into 4 groups of 6,
- * so that the PC2 permutation can be accomplished with 4 lookups
- * in tables of 64 entries.
- * The following table shows how the bits of C0 and D0 are grouped
- * into indexes for the respective table lookups.  
- * Bits are numbered right-to-left, 0-27, as in PC2b.
- */
-static BYTE NDX[48] = {
-/* Bits of C0 */
-    27, 26, 25, 24, 23, 22,	/* C0 table 0 */
-    18, 17, 16, 15, 14, 13,	/* C0 table 1 */
-     9,  8,  7,  2,  1,  0,	/* C0 table 2 */
-     5,  4, 21, 20, 12, 11,	/* C0 table 3 */
-/* bits of D0 */
-    27, 26, 25, 24, 23, 22,	/* D0 table 0 */
-    20, 19, 17, 16, 15, 14,	/* D0 table 1 */
-    12, 11, 10,  9,  8,  7,	/* D0 table 2 */
-     6,  5,  4,  3,  1,  0	/* D0 table 3 */
-};
-
-/* Here's the code that does that grouping. 
-	left   = PC2LOOKUP(0, 0, ((c0 >> 22) & 0x3F) );
-	left  |= PC2LOOKUP(0, 1, ((c0 >> 13) & 0x3F) );
-	left  |= PC2LOOKUP(0, 2, ((c0 >>  4) & 0x38) | (c0 & 0x7) );
-	left  |= PC2LOOKUP(0, 3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30));
-
-	right  = PC2LOOKUP(1, 0, ((d0 >> 22) & 0x3F) );
-	right |= PC2LOOKUP(1, 1, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) );
-	right |= PC2LOOKUP(1, 2, ((d0 >>  7) & 0x3F) );
-	right |= PC2LOOKUP(1, 3, ((d0 >>  1) & 0x3C) | (d0 & 0x3));
-*/
-
-void
-make_pc2a( void )
-{
-
-    int i, j;
-
-    for ( i = 0; i < 64; ++i ) {
-	j = PC2[i];
-	if (j == 0)
-	    j = -1;
-	else if ( j < 29 )
-	    j = 28 - j ;
-	else
-	    j = 56 - j;
-	PC2a[i] = j;
-    }
-    for ( i = 0; i < 64; i += 8 ) {
-	printf("%3d,%3d,%3d,%3d,%3d,%3d,%3d,%3d,\n",
-		PC2a[i+0],PC2a[i+1],PC2a[i+2],PC2a[i+3],
-		PC2a[i+4],PC2a[i+5],PC2a[i+6],PC2a[i+7] );
-    }
-}
-
-HALF PC2cd0[64];
-
-HALF PC_2H[8][64];
-
-void
-mktable( )
-{
-    int i;
-    int table;
-    const BYTE * ndx   = NDX;
-    HALF         mask;
-
-    mask  = 0x80000000;
-    for (i = 0; i < 32; ++i, mask >>= 1) {
-	int bit = PC2b[i];
-	if (bit < 0)
-	    continue;
-	PC2cd0[bit + 32] = mask;
-    }
-
-    mask  = 0x80000000;
-    for (i = 32; i < 64; ++i, mask >>= 1) {
-	int bit = PC2b[i];
-	if (bit < 0)
-	    continue;
-	PC2cd0[bit] = mask;
-    }
-
-#if DEBUG
-    for (i = 0; i < 64; ++i) {
-    	printf("0x%08x,\n", PC2cd0[i]);
-    }
-#endif
-    for (i = 0; i < 24; ++i) {
-    	NDX[i] += 32;	/* because c0 is the upper half */
-    }
-
-    for (table = 0; table < 8; ++table) {
-	HALF bitvals[6];
-    	for (i = 0; i < 6; ++i) {
-	    bitvals[5-i] = PC2cd0[*ndx++];
-	}
-	for (i = 0; i < 64; ++i) {
-	    int  j;
-	    int  k     = 0;
-	    HALF value = 0;
-
-	    for (j = i; j; j >>= 1, ++k) {
-	    	if (j & 1) {
-		    value |= bitvals[k];
-		}
-	    }
-	    PC_2H[table][i] = value;
-	}
-	printf("/* table %d */ {\n", table );
-	for (i = 0; i < 64; i += 4) {
-	    printf("    0x%08x, 0x%08x, 0x%08x, 0x%08x, \n",
-		    PC_2H[table][i],   PC_2H[table][i+1],
-		    PC_2H[table][i+2], PC_2H[table][i+3]);
-	}
-	printf("  },\n");
-    }
-}
-
-
-int
-main(void)
-{
-/*   make_pc2a(); */
-   mktable();
-   return 0;
-}
diff --git a/security/nss/lib/freebl/mksp.c b/security/nss/lib/freebl/mksp.c
deleted file mode 100644
index 17ce7bc2a..000000000
--- a/security/nss/lib/freebl/mksp.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- *  mksp.c
- *
- *  Generate SP tables for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com.  Portions created by Nelson B. Bolyard are 
- * Copyright (C) 1990, 2000  Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-
-/*
- * sboxes - the tables for the s-box functions
- *        from FIPS 46, pages 15-16.
- */
-unsigned char S[8][64] = {
-/* Func S1 = */ {
-	14,  0,  4, 15, 13,  7,  1,  4,  2, 14, 15,  2, 11, 13,  8,  1,
-	 3, 10, 10,  6,  6, 12, 12, 11,  5,  9,  9,  5,  0,  3,  7,  8,
-	 4, 15,  1, 12, 14,  8,  8,  2, 13,  4,  6,  9,  2,  1, 11,  7,
-	15,  5, 12, 11,  9,  3,  7, 14,  3, 10, 10,  0,  5,  6,  0, 13
-    },
-/* Func S2 = */ {
-	15,  3,  1, 13,  8,  4, 14,  7,  6, 15, 11,  2,  3,  8,  4, 14,
-	 9, 12,  7,  0,  2,  1, 13, 10, 12,  6,  0,  9,  5, 11, 10,  5,
-	 0, 13, 14,  8,  7, 10, 11,  1, 10,  3,  4, 15, 13,  4,  1,  2,
-	 5, 11,  8,  6, 12,  7,  6, 12,  9,  0,  3,  5,  2, 14, 15,  9
-    },
-/* Func S3 = */ {
-	10, 13,  0,  7,  9,  0, 14,  9,  6,  3,  3,  4, 15,  6,  5, 10,
-	 1,  2, 13,  8, 12,  5,  7, 14, 11, 12,  4, 11,  2, 15,  8,  1,
-	13,  1,  6, 10,  4, 13,  9,  0,  8,  6, 15,  9,  3,  8,  0,  7,
-	11,  4,  1, 15,  2, 14, 12,  3,  5, 11, 10,  5, 14,  2,  7, 12
-    },
-/* Func S4 = */ {
-	 7, 13, 13,  8, 14, 11,  3,  5,  0,  6,  6, 15,  9,  0, 10,  3,
-	 1,  4,  2,  7,  8,  2,  5, 12, 11,  1, 12, 10,  4, 14, 15,  9,
-	10,  3,  6, 15,  9,  0,  0,  6, 12, 10, 11,  1,  7, 13, 13,  8,
-	15,  9,  1,  4,  3,  5, 14, 11,  5, 12,  2,  7,  8,  2,  4, 14
-    },
-/* Func S5 = */ {
-	 2, 14, 12, 11,  4,  2,  1, 12,  7,  4, 10,  7, 11, 13,  6,  1,
-	 8,  5,  5,  0,  3, 15, 15, 10, 13,  3,  0,  9, 14,  8,  9,  6,
-	 4, 11,  2,  8,  1, 12, 11,  7, 10,  1, 13, 14,  7,  2,  8, 13,
-	15,  6,  9, 15, 12,  0,  5,  9,  6, 10,  3,  4,  0,  5, 14,  3
-    },
-/* Func S6 = */ {
-	12, 10,  1, 15, 10,  4, 15,  2,  9,  7,  2, 12,  6,  9,  8,  5,
-	 0,  6, 13,  1,  3, 13,  4, 14, 14,  0,  7, 11,  5,  3, 11,  8,
-	 9,  4, 14,  3, 15,  2,  5, 12,  2,  9,  8,  5, 12, 15,  3, 10,
-	 7, 11,  0, 14,  4,  1, 10,  7,  1,  6, 13,  0, 11,  8,  6, 13
-    },
-/* Func S7 = */ {
-	 4, 13, 11,  0,  2, 11, 14,  7, 15,  4,  0,  9,  8,  1, 13, 10,
-	 3, 14, 12,  3,  9,  5,  7, 12,  5,  2, 10, 15,  6,  8,  1,  6,
-	 1,  6,  4, 11, 11, 13, 13,  8, 12,  1,  3,  4,  7, 10, 14,  7,
-	10,  9, 15,  5,  6,  0,  8, 15,  0, 14,  5,  2,  9,  3,  2, 12
-    },
-/* Func S8 = */ {
-	13,  1,  2, 15,  8, 13,  4,  8,  6, 10, 15,  3, 11,  7,  1,  4,
-	10, 12,  9,  5,  3,  6, 14, 11,  5,  0,  0, 14, 12,  9,  7,  2,
-	 7,  2, 11,  1,  4, 14,  1,  7,  9,  4, 12, 10, 14,  8,  2, 13,
-	 0, 15,  6, 12, 10,  9, 13,  0, 15,  3,  3,  5,  5,  6,  8, 11
-    }
-};
-
-/*
- * Permutation function for results from s-boxes
- *   from FIPS 46 pages 12 and 16.
- * P = 
- */
-unsigned char P[32] = {
-	16,   7,  20,  21,  29,  12,  28,  17,
-	 1,  15,  23,  26,   5,  18,  31,  10,
-	 2,   8,  24,  14,  32,  27,   3,   9,
-	19,  13,  30,   6,  22,  11,   4,  25
-};
-
-unsigned int Pinv[32];
-unsigned int SP[8][64];
-
-void
-makePinv(void)
-{
-    int i;
-    unsigned int Pi = 0x80000000;
-    for (i = 0; i < 32; ++i) {
-    	int j = 32 - P[i];
-	Pinv[j] = Pi;
-	Pi >>= 1;
-    }
-}
-
-void
-makeSP(void)
-{
-    int box;
-    for (box = 0; box < 8; ++box) {
-	int item;
-	printf("/* box S%d */ {\n", box + 1);
-    	for (item = 0; item < 64; ++item ) {
-	    unsigned int s = S[box][item];
-	    unsigned int val = 0;
-	    unsigned int bitnum = (7-box) * 4;
-	    for (; s; s >>= 1, ++bitnum) {
-		if (s & 1) {
-		    val |= Pinv[bitnum];
-		}
-	    }
-	    val = (val << 3) | (val >> 29);
-	    SP[box][item] = val;
-	}
-	for (item = 0; item < 64; item += 4) {
-	    printf("\t0x%08x, 0x%08x, 0x%08x, 0x%08x,\n",
-	    SP[box][item], SP[box][item+1], SP[box][item+2], SP[box][item+3]);
-	}
-	printf("    },\n");
-    }
-}
-
-int
-main()
-{
-    makePinv();
-    makeSP();
-    return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/Makefile b/security/nss/lib/freebl/mpi/Makefile
deleted file mode 100644
index a4724af90..000000000
--- a/security/nss/lib/freebl/mpi/Makefile
+++ /dev/null
@@ -1,424 +0,0 @@
-##
-## Makefile for MPI library
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##	Netscape Communications Corporation
-## 	Richard C. Swift	(swift@netscape.com)
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-## 
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use.  The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-
-## 
-## Define PERL to point to your local Perl interpreter.  It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
-CFLAGS= -O $(MPICMN)
-#CFLAGS=-ansi -fullwarn -woff 1521 -O3 $(MPICMN)
-#CFLAGS=-ansi -pedantic -Wall -O3 $(MPICMN)
-#CFLAGS=-ansi -pedantic -Wall -g -O2 -DMP_DEBUG=1 $(MPICMN)
-
-ifeq ($(TARGET),mipsIRIX)
-#IRIX
-#MPICMN += -DMP_MONT_USE_MP_MUL 
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-MPICMN += -DMP_USE_UINT_DIGIT
-#MPICMN += -DMP_NO_MP_WORD
-AS_OBJS = mpi_mips.o
-#ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 -exceptions
-ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 
-#CFLAGS=-ansi -n32 -O3 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-CFLAGS=-ansi -n32 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-#CFLAGS=-ansi -n32 -g -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-#CFLAGS=-ansi -64 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE -DMP_NO_MP_WORD \
- $(MPICMN)
-endif
-
-ifeq ($(TARGET),alphaOSF1)
-#Alpha/OSF1
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-AS_OBJS+= mpvalpha.o
-#CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT $(MPICMN)
-CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT \
- -DMP_NO_MP_WORD $(MPICMN)
-endif
-
-ifeq ($(TARGET),v9SOLARIS)
-#Solaris 64
-SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt
-#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v9a -KPIC -mt
-SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v9a -KPIC -mt 
-AS_OBJS += montmulfv9.o 
-AS_OBJS += mpi_sparc.o mpv_sparcv9.o
-MPICMN += -DMP_USE_UINT_DIGIT 
-#MPICMN += -DMP_NO_MP_WORD 
-MPICMN += -DMP_ASSEMBLY_MULTIPLY 
-MPICMN += -DMP_USING_MONT_MULF
-CFLAGS= -O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN)
-#CFLAGS= -g -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),v8plusSOLARIS)
-#Solaris 32
-SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8plusa -KPIC -mt
-SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt 
-AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o
-#AS_OBJS = montmulf.o
-MPICMN += -DMP_ASSEMBLY_MULTIPLY 
-MPICMN += -DMP_USING_MONT_MULF -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_MP_WORD
-CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8plus -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),v8SOLARIS)
-#Solaris 32
-#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8 -KPIC -mt
-#SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt 
-#AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o
-#AS_OBJS = montmulf.o
-#MPICMN += -DMP_USING_MONT_MULF
-#MPICMN += -DMP_ASSEMBLY_MULTIPLY 
-MPICMN += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_MP_WORD
-CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),PA2.0WHPUX)
-#HPUX64 (HP PA 2.0 Wide) using MAXPY and 64-bit digits
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-AS_OBJS = mpi_hp.o hpma512.o hppa20.o 
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +O3 +DChpux -DHPUX11  -DXP_UNIX \
- $(MPICMN)
-AS = $(CC) $(CFLAGS) -c
-endif
-
-ifeq ($(TARGET),PA2.0NHPUX)
-#HPUX32 (HP PA 2.0 Narrow) hybrid model, using 32-bit digits
-# This one is for DA2.0 (N) which is the 32-bit ABI with 64-bit registers.
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-AS_OBJS = mpi_hp.o hpma512.o hppa20.o 
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +O3 +DChpux -DHPUX11  -DXP_UNIX \
- -Wl,+k $(MPICMN)
-#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11  -DXP_UNIX \
- -Wl,+k $(MPICMN)
-AS = $(CC) $(CFLAGS) -c
-endif
-
-ifeq ($(TARGET),PA1.1HPUX)
-#HPUX32 (HP PA 1.1) Pure 32 bit
-MPICMN += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
-##CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
-# -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),32AIX)
-#
-CC = xlC_r
-MPICMN += -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_DIV_WORD
-#MPICMN += -DMP_NO_MUL_WORD
-MPICMN += -DMP_NO_ADD_WORD
-MPICMN += -DMP_NO_SUB_WORD
-#MPICMN += -DMP_NO_MP_WORD
-#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
-CFLAGS = -O -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG  $(MPICMN)
-#CFLAGS = -g -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG  $(MPICMN)
-#CFLAGS += -pg
-endif
-
-ifeq ($(TARGET),64AIX)
-#
-CC = xlC_r
-MPICMN += -DMP_USE_UINT_DIGIT
-CFLAGS = -O -O2 -DAIX -DSYSV -qarch=com -DAIX_64BIT -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-OBJECT_MODE=64
-export OBJECT_MODE
-endif
-
-ifeq ($(TARGET),x86LINUX)
-#Linux
-AS_OBJS = mpi_x86.o
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-MPICMN += -DMP_MONT_USE_MP_MUL
-CFLAGS= -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
-#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -DDEBUG -UNDEBUG -D_REENTRANT $(MPICMN)
-#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
-endif
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library.  Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-## 
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and 
-## building the distribution tarball.  Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS=   mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
-	utils/gcd.c utils/invmod.c utils/lap.c \
-	utils/ptab.pl utils/sieve.c utils/isprime.c\
-	utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
-	utils/bbsrand.c utils/prng.c utils/primegen.c \
-	utils/basecvt.c utils/makeprime.c\
-	utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
-	utils/mpi.h utils/mpprime.h mulsqr.c \
-	make-test-arrays test-arrays.txt all-tests make-logtab \
-	types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
-     utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES 
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd invmod isprime lap dec2hex hex2dec primegen prng \
-	basecvt fact exptmod pi makeprime identest
-
-LIBOBJS = mpprime.o mpmontg.o mplogic.o mpi.o $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-help:
-	@ echo ""
-	@ echo "The following targets can be built with this Makefile:"
-	@ echo ""
-	@ echo "libmpi.a     - arithmetic and prime testing library"
-	@ echo "mpi-test     - test driver (requires MP_IOFUNC)"
-	@ echo "tools        - command line tools"
-	@ echo "doc          - manual pages for tools"
-	@ echo "clean        - clean up objects and such"
-	@ echo "distclean    - get ready for distribution"
-	@ echo "dist         - distribution tarball"
-	@ echo ""
-
-.SUFFIXES: .c .o .i
-
-.c.i:
-	$(CC) $(CFLAGS) -E $< > $@
-
-#.c.o: $*.h $*.c
-#	$(CC) $(CFLAGS) -c $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
-	$(PERL) make-logtab > logtab.h
-
-mpi.o: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.o: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.o: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.o: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.o: mpi_mips.s
-	$(CC) -o $@ $(ASFLAGS) -c mpi_mips.s
-
-mpi_sparc.o : montmulf.h
-
-mpv_sparcv9.s: vis_64.il mpv_sparc.c
-	$(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_64.il mpv_sparc.c
-
-mpv_sparcv8.s: vis_64.il mpv_sparc.c
-	$(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_32.il mpv_sparc.c
-
-montmulfv8.o montmulfv9.o mpv_sparcv8.o mpv_sparcv9.o : %.o : %.s 
-	$(CC) -o $@ $(SOLARIS_ASM_FLAGS) -c $<
-
-# This rule is used to build the .s sources, which are then hand optimized.
-#montmulfv8.s montmulfv9.s : montmulf%.s : montmulf%.il montmulf.c montmulf.h 
-#	$(CC) -o $@ $(SOLARIS_ASM_FLAGS) -S montmulf$*.il montmulf.c
-
-
-libmpi.a: $(LIBOBJS)
-	ar -cvr libmpi.a $(LIBOBJS)
-	$(RANLIB) libmpi.a
-
-lib libs: libmpi.a
-
-mpi.i: mpi.h
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.o mptest2.o mptest3.o mptest3a.o mptest4.o mptest4a.o \
-	mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o
-MPTESTS = $(MPTESTOBJS:.o=)
-
-$(MPTESTOBJS): mptest%.o: tests/mptest-%.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -o $@ -c $<
-
-$(MPTESTS): mptest%: mptest%.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^  $(LIBS)
-
-tests: mptest1 mptest2 mptest3 mptest3a mptest4 mptest4a mptest4b mptest6 \
-	bbsrand
-
-utests: mptest7 mptest8 mptest9
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.o bbs_rand.o prng.o
-UTILOBJS = primegen.o metime.o identest.o basecvt.o fact.o exptmod.o pi.o \
-	makeprime.o gcd.o invmod.o lap.o isprime.o \
-	dec2hex.o hex2dec.o
-UTILS = $(UTILOBJS:.o=) 
-
-$(UTILS): % : %.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-$(UTILOBJS) $(EXTRAOBJS): %.o : utils/%.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -o $@ -c $<
-
-prng: prng.o bbs_rand.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-bbsrand: bbsrand.o bbs_rand.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-utils: $(UTILS) prng bbsrand
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
-	$(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.o: mpi-test.c test-info.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -o $@ -c $<
-
-mpi-test: mpi-test.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-mdxptest.o: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest: mdxptest.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-mulsqr.o: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h 
-	$(CC) $(CFLAGS) -DMP_SQUARE=1 -o $@ -c mulsqr.c 
-
-mulsqr: mulsqr.o libmpi.a
-	$(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-#---------------------------------------
-
-alltests: tests utests mpi-test
-
-tools: $(TOOLS)
-
-doc:
-	(cd doc; ./build)
-
-clean:
-	rm -f *.o *.a *.i
-	rm -f core
-	rm -f *~ .*~
-	rm -f utils/*.o
-	rm -f utils/core
-	rm -f utils/*~ utils/.*~
-
-clobber: clean
-	rm -f $(TOOLS) $(UTILS)
-
-distclean: clean
-	rm -f mptest? mpi-test metime mulsqr karatsuba
-	rm -f mptest?a mptest?b
-	rm -f utils/mptest?
-	rm -f test-info.c logtab.h
-	rm -f libmpi.a
-	rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
-	tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
-	pgps -ab mpi-$(VERS).tar
-	chmod +r mpi-$(VERS).tar.asc
-	gzip -9 mpi-$(VERS).tar
-
-# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.os2 b/security/nss/lib/freebl/mpi/Makefile.os2
deleted file mode 100644
index e81b64649..000000000
--- a/security/nss/lib/freebl/mpi/Makefile.os2
+++ /dev/null
@@ -1,277 +0,0 @@
-##
-## Makefile.win - gmake Makefile for building MPI with VACPP on OS/2
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##	Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-## 
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use.  The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-CC=icc.exe
-AS=alp.exe
-
-## 
-## Define PERL to point to your local Perl interpreter.  It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-
-#OS/2
-AS_SRCS = mpi_x86.asm
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
- -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-CFLAGS = /Ti+ -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- $(MPICMN)
-ASFLAGS =
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library.  Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-## 
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and 
-## building the distribution tarball.  Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS=   mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
-	utils/gcd.c utils/invmod.c utils/lap.c \
-	utils/ptab.pl utils/sieve.c utils/isprime.c\
-	utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
-	utils/bbsrand.c utils/prng.c utils/primegen.c \
-	utils/basecvt.c utils/makeprime.c\
-	utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
-	utils/mpi.h utils/mpprime.h mulsqr.c \
-	make-test-arrays test-arrays.txt all-tests make-logtab \
-	types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
-     utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES 
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
- primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
-
-AS_OBJS = $(AS_SRCS:.asm=.obj)
-LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-
-help:
-	@ echo ""
-	@ echo "The following targets can be built with this Makefile:"
-	@ echo ""
-	@ echo "mpi.lib      - arithmetic and prime testing library"
-	@ echo "mpi-test.exe - test driver (requires MP_IOFUNC)"
-	@ echo "tools        - command line tools"
-	@ echo "doc          - manual pages for tools"
-	@ echo "clean        - clean up objects and such"
-	@ echo "distclean    - get ready for distribution"
-	@ echo "dist         - distribution tarball"
-	@ echo ""
-
-.SUFFIXES: .c .obj .i .lib .exe .asm
-
-.c.i:
-	$(CC) $(CFLAGS) -E $< > $@
-
-.c.obj: 
-	$(CC) $(CFLAGS) -c $<
-
-.asm.obj:
-	$(AS) $(ASFLAGS) $<
-
-.obj.exe:
-	$(CC) $(CFLAGS) -Fo$@ $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
-	$(PERL) make-logtab > logtab.h
-
-mpi.obj: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.obj: mpi_mips.s
-	$(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
-
-mpi.lib: $(LIBOBJS)
-	ilib /out:mpi.lib $(LIBOBJS)
-	$(RANLIB) mpi.lib
-
-lib libs: mpi.lib
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
- mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
-MPTESTS = $(MPTESTOBJS:.obj=.exe)
-
-$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -Fo$@ -c $<
-
-$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^ 
-
-tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
- mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
-
-utests: mptest7.exe mptest8.exe mptest9.exe
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
-UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
- exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
- isprime.obj dec2hex.obj hex2dec.obj
-UTILS = $(UTILOBJS:.obj=.exe) 
-
-$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^ 
-
-$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -Fo$@ -c $<
-
-prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-utils: $(UTILS) prng.exe bbsrand.exe
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
-	$(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -Fo$@ -c $<
-
-mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h 
-	$(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c 
-
-mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-#---------------------------------------
-
-alltests: tests utests mpi-test.exe
-
-tools: $(TOOLS)
-
-doc:
-	(cd doc; ./build)
-
-clean:
-	rm -f *.obj *.lib *.pdb *.ilk
-	cd utils; rm -f *.obj *.lib *.pdb *.ilk
-
-distclean: clean
-	rm -f mptest? mpi-test metime mulsqr karatsuba
-	rm -f mptest?a mptest?b
-	rm -f utils/mptest?
-	rm -f test-info.c logtab.h
-	rm -f mpi.lib
-	rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
-	tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
-	pgps -ab mpi-$(VERS).tar
-	chmod +r mpi-$(VERS).tar.asc
-	gzip -9 mpi-$(VERS).tar
-
-
-print: 
-	@echo LIBOBJS = $(LIBOBJS)
-# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.win b/security/nss/lib/freebl/mpi/Makefile.win
deleted file mode 100644
index 1c403f4d3..000000000
--- a/security/nss/lib/freebl/mpi/Makefile.win
+++ /dev/null
@@ -1,277 +0,0 @@
-##
-## Makefile.win - gmake Makefile for building MPI with MSVC on NT
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##	Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-## 
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use.  The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-CC=cl.exe
-AS=ml.exe
-
-## 
-## Define PERL to point to your local Perl interpreter.  It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
-
-#NT
-AS_SRCS = mpi_x86.asm
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
- -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-CFLAGS = -O2 -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-ASFLAGS = -Cp -Sn -Zi -coff -I. 
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library.  Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-## 
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and 
-## building the distribution tarball.  Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS=   mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
-	utils/gcd.c utils/invmod.c utils/lap.c \
-	utils/ptab.pl utils/sieve.c utils/isprime.c\
-	utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
-	utils/bbsrand.c utils/prng.c utils/primegen.c \
-	utils/basecvt.c utils/makeprime.c\
-	utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
-	utils/mpi.h utils/mpprime.h mulsqr.c \
-	make-test-arrays test-arrays.txt all-tests make-logtab \
-	types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
-     utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES 
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
- primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
-
-AS_OBJS = $(AS_SRCS:.asm=.obj)
-LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-
-help:
-	@ echo ""
-	@ echo "The following targets can be built with this Makefile:"
-	@ echo ""
-	@ echo "mpi.lib     - arithmetic and prime testing library"
-	@ echo "mpi-test     - test driver (requires MP_IOFUNC)"
-	@ echo "tools        - command line tools"
-	@ echo "doc          - manual pages for tools"
-	@ echo "clean        - clean up objects and such"
-	@ echo "distclean    - get ready for distribution"
-	@ echo "dist         - distribution tarball"
-	@ echo ""
-
-.SUFFIXES: .c .obj .i .lib .exe .asm
-
-.c.i:
-	$(CC) $(CFLAGS) -E $< > $@
-
-.c.obj: 
-	$(CC) $(CFLAGS) -c $<
-
-.asm.obj:
-	$(AS) $(ASFLAGS) -c $<
-
-.obj.exe:
-	$(CC) $(CFLAGS) -Fo$@ $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
-	$(PERL) make-logtab > logtab.h
-
-mpi.obj: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.obj: mpi_mips.s
-	$(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
-
-mpi.lib: $(LIBOBJS)
-	ar -cvr mpi.lib $(LIBOBJS)
-	$(RANLIB) mpi.lib
-
-lib libs: mpi.lib
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
- mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
-MPTESTS = $(MPTESTOBJS:.obj=.exe)
-
-$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -Fo$@ -c $<
-
-$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^ 
-
-tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
- mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
-
-utests: mptest7.exe mptest8.exe mptest9.exe
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
-UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
- exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
- isprime.obj dec2hex.obj hex2dec.obj
-UTILS = $(UTILOBJS:.obj=.exe) 
-
-$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^ 
-
-$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -Fo$@ -c $<
-
-prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-utils: $(UTILS) prng.exe bbsrand.exe
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
-	$(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
-	$(CC) $(CFLAGS) -Fo$@ -c $<
-
-mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h 
-	$(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c 
-
-mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
-	$(CC) $(CFLAGS) -Fo$@ $^
-
-#---------------------------------------
-
-alltests: tests utests mpi-test.exe
-
-tools: $(TOOLS)
-
-doc:
-	(cd doc; ./build)
-
-clean:
-	rm -f *.obj *.lib *.pdb *.ilk
-	cd utils; rm -f *.obj *.lib *.pdb *.ilk
-
-distclean: clean
-	rm -f mptest? mpi-test metime mulsqr karatsuba
-	rm -f mptest?a mptest?b
-	rm -f utils/mptest?
-	rm -f test-info.c logtab.h
-	rm -f mpi.lib
-	rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
-	tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
-	pgps -ab mpi-$(VERS).tar
-	chmod +r mpi-$(VERS).tar.asc
-	gzip -9 mpi-$(VERS).tar
-
-
-print: 
-	@echo LIBOBJS = $(LIBOBJS)
-# END
diff --git a/security/nss/lib/freebl/mpi/README b/security/nss/lib/freebl/mpi/README
deleted file mode 100644
index 3c5cbdaa6..000000000
--- a/security/nss/lib/freebl/mpi/README
+++ /dev/null
@@ -1,795 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
-All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-About the MPI Library
----------------------
-
-The files 'mpi.h' and 'mpi.c' define a simple, arbitrary precision
-signed integer arithmetic package.  The implementation is not the most
-efficient possible, but the code is small and should be fairly easily
-portable to just about any machine that supports an ANSI C compiler,
-as long as it is capable of at least 16-bit arithmetic (but also see
-below for more on this).
-
-This library was written with an eye to cryptographic applications;
-thus, some care is taken to make sure that temporary values are not
-left lying around in memory when they are no longer in use.  This adds
-some overhead for zeroing buffers before they are released back into
-the free pool; however, it gives you the assurance that there is only
-one copy of your important values residing in your process's address
-space at a time.  Obviously, it is difficult to guarantee anything, in
-a pre-emptive multitasking environment, but this at least helps you
-keep a lid on the more obvious ways your data can get spread around in
-memory.
-
-
-Using the Library
------------------
-
-To use the MPI library in your program, you must include the header:
-
-#include "mpi.h"
-
-This header provides all the type and function declarations you'll
-need to use the library.  Almost all the names defined by the library
-begin with the prefix 'mp_', so it should be easy to keep them from
-clashing with your program's namespace (he says, glibly, knowing full
-well there are always pathological cases).
-
-There are a few things you may want to configure about the library.
-By default, the MPI library uses an unsigned short for its digit type,
-and an unsigned int for its word type.  The word type must be big
-enough to contain at least two digits, for the primitive arithmetic to
-work out.  On my machine, a short is 2 bytes and an int is 4 bytes --
-but if you have 64-bit ints, you might want to use a 4-byte digit and
-an 8-byte word.  I have tested the library using 1-byte digits and
-2-byte words, as well.  Whatever you choose to do, the things you need
-to change are:
-
-(1) The type definitions for mp_digit and mp_word.
-
-(2) The macro DIGIT_FMT which tells mp_print() how to display a
-    single digit.  This is just a printf() format string, so you
-    can adjust it appropriately.
-
-(3) The macros DIGIT_MAX and MP_WORD_MAX, which specify the 
-    largest value expressible in an mp_digit and an mp_word,
-    respectively.
-
-Both the mp_digit and mp_word should be UNSIGNED integer types.  The
-code relies on having the full positive precision of the type used for
-digits and words.
-
-The remaining type definitions should be left alone, for the most
-part.  The code in the library does not make any significant
-assumptions about the sizes of things, but there is little if any
-reason to change the other parameters, so I would recommend you leave
-them as you found them.
-
-The library comes with a Perl script, 'types.pl', which will scan your
-current Makefile settings, and attempt to find good definitions for
-these types.  It relies on a Unix sort of build environment, so it
-probably won't work under MacOS or Windows, but it can be convenient
-if you're porting to a new flavour of Unix.  Just run 'types.pl' at
-the command line, and it will spit out its results to the standard
-output.
-
-
-Conventions
------------
-
-Most functions in the library return a value of type mp_err.  This
-permits the library to communicate success or various kinds of failure
-to the calling program.  The return values currently defined are:
-
-        MP_OKAY         - okay, operation succeeded, all's well
-        MP_YES          - okay, the answer is yes (same as MP_OKAY)
-        MP_NO           - okay, but answer is no (not MP_OKAY)
-        MP_MEM          - operation ran out of memory
-        MP_RANGE        - input parameter was out of range
-        MP_BADARG       - an invalid input parameter was provided
-        MP_UNDEF        - no output value is defined for this input
-
-The only function which currently uses MP_UNDEF is mp_invmod().
-Division by zero is undefined, but the division functions will return
-MP_RANGE for a zero divisor.  MP_BADARG usually means you passed a
-bogus mp_int structure to the function.  MP_YES and MP_NO are not used
-by the library itself; they're defined so you can use them in your own
-extensions.
-
-If you need a readable interpretation of these error codes in your
-program, you may also use the mp_strerror() function.  This function
-takes an mp_err as input, and returns a pointer to a human-readable
-string describing the meaning of the error.  These strings are stored
-as constants within the library, so the caller should not attempt to
-modify or free the memory associated with these strings.
-
-The library represents values in signed-magnitude format.  Values
-strictly less than zero are negative, all others are considered
-positive (zero is positive by fiat).  You can access the 'sign' member
-of the mp_int structure directly, but better is to use the mp_cmp_z()
-function, to find out which side of zero the value lies on.
-
-Most arithmetic functions have a single-digit variant, as well as the
-full arbitrary-precision.  An mp_digit is an unsigned value between 0
-and DIGIT_MAX inclusive.  The radix is available as RADIX.  The number
-of bits in a given digit is given as DIGIT_BIT.
-
-Generally, input parameters are given before output parameters.
-Unless otherwise specified, any input parameter can be re-used as an
-output parameter, without confusing anything.
-
-The basic numeric type defined by the library is an mp_int.  Virtually
-all the functions in the library take a pointer to an mp_int as one of
-their parameters.  An explanation of how to create and use these
-<HR>
-<A NAME="p23">
-<H3>Problem 23:</H3>
-
-structures follows.  And so, without further ado...
-
-
-Initialization and Cleanup
---------------------------
-
-The basic numeric type defined by the library is an 'mp_int'.
-However, it is not sufficient to simply declare a variable of type
-mp_int in your program.  These variables also need to be initialized
-before they can be used, to allocate the internal storage they require
-for computation.
-
-This is done using one of the following functions:
-
-        mp_init(mp_int *mp);
-        mp_init_copy(mp_int *mp, mp_int *from);
-        mp_init_size(mp_int *mp, mp_size p);
-
-Each of these requires a pointer to a structure of type mp_int.  The
-basic mp_init() simply initializes the mp_int to a default size, and
-sets its value to zero.  If you would like to initialize a copy of an
-existing mp_int, use mp_init_copy(), where the 'from' parameter is the
-mp_int you'd like to make a copy of.  The third function,
-mp_init_size(), permits you to specify how many digits of precision
-should be preallocated for your mp_int.  This can help the library
-avoid unnecessary re-allocations later on.
-
-The default precision used by mp_init() can be retrieved using:
-
-        precision = mp_get_prec();
-
-This returns the number of digits that will be allocated.  You can
-change this value by using:
-
-        mp_set_prec(unsigned int prec);
-
-Any positive value is acceptable -- if you pass zero, the default
-precision will be re-set to the compiled-in library default (this is
-specified in the header file 'mpi-config.h', and typically defaults to
-8 or 16).
-
-Just as you must allocate an mp_int before you can use it, you must
-clean up the structure when you are done with it.  This is performed
-using the mp_clear() function.  Remember that any mp_int that you
-create as a local variable in a function must be mp_clear()'d before
-that function exits, or else the memory allocated to that mp_int will
-be orphaned and unrecoverable.
-
-To set an mp_int to a given value, the following functions are given:
-
-        mp_set(mp_int *mp, mp_digit d);
-        mp_set_int(mp_int *mp, long z);
-
-The mp_set() function sets the mp_int to a single digit value, while
-mp_set_int() sets the mp_int to a signed long integer value.
-
-To set an mp_int to zero, use:
-
-        mp_zero(mp_int *mp);
-
-
-Copying and Moving
-------------------
-
-If you have two initialized mp_int's, and you want to copy the value
-of one into the other, use:
-
-        mp_copy(from, to)
-
-This takes care of clearing the old value of 'to', and copies the new
-value into it.  If 'to' is not yet initialized, use mp_init_copy()
-instead (see above).
-
-Note:   The library tries, whenever possible, to avoid allocating
-----    new memory.  Thus, mp_copy() tries first to satisfy the needs
-        of the copy by re-using the memory already allocated to 'to'.
-        Only if this proves insufficient will mp_copy() actually
-        allocate new memory.
-
-        For this reason, if you know a priori that 'to' has enough
-        available space to hold 'from', you don't need to check the
-        return value of mp_copy() for memory failure.  The USED()
-        macro tells you how many digits are used by an mp_int, and
-        the ALLOC() macro tells you how many are allocated.
-
-If you have two initialized mp_int's, and you want to exchange their
-values, use:
-
-        mp_exch(a, b)
-
-This is better than using mp_copy() with a temporary, since it will
-not (ever) touch the memory allocator -- it just swaps the exact
-contents of the two structures.  The mp_exch() function cannot fail;
-if you pass it an invalid structure, it just ignores it, and does
-nothing.
-
-
-Basic Arithmetic
-----------------
-
-Once you have initialized your integers, you can operate on them.  The
-basic arithmetic functions on full mp_int values are:
-
-mp_add(a, b, c)         - computes c = a + b
-mp_sub(a, b, c)         - computes c = a - b
-mp_mul(a, b, c)         - computes c = a * b
-mp_sqr(a, b)            - computes b = a * a
-mp_div(a, b, q, r)      - computes q, r such that a = bq + r
-mp_div_2d(a, d, q, r)   - computes q = a / 2^d, r = a % 2^d
-mp_expt(a, b, c)        - computes c = a ** b
-mp_2expt(a, k)          - computes a = 2^k
-mp_sqrt(a, c)           - computes c = floor(sqrt(a))
-
-The mp_div_2d() function efficiently computes division by powers of
-two.  Either the q or r parameter may be NULL, in which case that
-portion of the computation will be discarded.
-
-The algorithms used for some of the computations here are described in
-the following files which are included with this distribution:
-
-mul.txt         Describes the multiplication algorithm
-div.txt         Describes the division algorithm
-expt.txt        Describes the exponentiation algorithm
-sqrt.txt        Describes the square-root algorithm
-square.txt      Describes the squaring algorithm
-
-There are single-digit versions of most of these routines, as well.
-In the following prototypes, 'd' is a single mp_digit:
-
-mp_add_d(a, d, c)       - computes c = a + d
-mp_sub_d(a, d, c)       - computes c = a - d
-mp_mul_d(a, d, c)       - computes c = a * d
-mp_mul_2(a, c)          - computes c = a * 2
-mp_div_d(a, d, q, r)    - computes q, r such that a = bq + r
-mp_div_2(a, c)          - computes c = a / 2
-mp_expt_d(a, d, c)      - computes c = a ** d
-
-The mp_mul_2() and mp_div_2() functions take advantage of the internal
-representation of an mp_int to do multiplication by two more quickly
-than mp_mul_d() would.  Other basic functions of an arithmetic variety
-include:
-
-mp_zero(a)              - assign 0 to a
-mp_neg(a, c)            - negate a: c = -a
-mp_abs(a, c)            - absolute value: c = |a|
-
-
-Comparisons
------------
-
-Several comparison functions are provided.  Each of these, unless
-otherwise specified, returns zero if the comparands are equal, < 0 if
-the first is less than the second, and > 0 if the first is greater
-than the second:
-
-mp_cmp_z(a)             - compare a <=> 0
-mp_cmp_d(a, d)          - compare a <=> d, d is a single digit
-mp_cmp(a, b)            - compare a <=> b
-mp_cmp_mag(a, b)        - compare |a| <=> |b|
-mp_cmp_int(a, z)        - compare a <=> z, z is a signed long integer
-mp_isodd(a)             - return nonzero if odd, zero otherwise
-mp_iseven(a)            - return nonzero if even, zero otherwise
-
-
-Modular Arithmetic
-------------------
-
-Modular variations of the basic arithmetic functions are also
-supported.  These are available if the MP_MODARITH parameter in
-mpi-config.h is turned on (it is by default).  The modular arithmetic
-functions are:
-
-mp_mod(a, m, c)         - compute c = a (mod m), 0 <= c < m
-mp_mod_d(a, d, c)       - compute c = a (mod d), 0 <= c < d (see below)
-mp_addmod(a, b, m, c)   - compute c = (a + b) mod m
-mp_submod(a, b, m, c)   - compute c = (a - b) mod m
-mp_mulmod(a, b, m, c)   - compute c = (a * b) mod m
-mp_sqrmod(a, m, c)      - compute c = (a * a) mod m
-mp_exptmod(a, b, m, c)  - compute c = (a ** b) mod m
-mp_exptmod_d(a, d, m, c)- compute c = (a ** d) mod m
-
-The mp_sqr() function squares its input argument.  A call to mp_sqr(a,
-c) is identical in meaning to mp_mul(a, a, c); however, if the
-MP_SQUARE variable is set true in mpi-config.h (see below), then it
-will be implemented with a different algorithm, that is supposed to
-take advantage of the redundant computation that takes place during
-squaring.  Unfortunately, some compilers result in worse performance
-on this code, so you can change the behaviour at will.  There is a
-utility program "mulsqr.c" that lets you test which does better on
-your system.
-
-The mp_sqrmod() function is analogous to the mp_sqr() function; it
-uses the mp_sqr() function rather than mp_mul(), and then performs the
-modular reduction.  This probably won't help much unless you are doing
-a lot of them.
-
-See the file 'square.txt' for a synopsis of the algorithm used.
-
-Note:   The mp_mod_d() function computes a modular reduction around
-----    a single digit d.  The result is a single digit c.
-
-Because an inverse is defined for a (mod m) if and only if (a, m) = 1
-(that is, if a and m are relatively prime), mp_invmod() may not be
-able to compute an inverse for the arguments.  In this case, it
-returns the value MP_UNDEF, and does not modify c.  If an inverse is
-defined, however, it returns MP_OKAY, and sets c to the value of the
-inverse (mod m).
-
-See the file 'redux.txt' for a description of the modular reduction
-algorithm used by mp_exptmod().
-
-
-Greatest Common Divisor
------------------------
-
-If The greates common divisor of two values can be found using one of the
-following functions:
-
-mp_gcd(a, b, c)         - compute c = (a, b) using binary algorithm
-mp_lcm(a, b, c)         - compute c = [a, b] = ab / (a, b)
-mp_xgcd(a, b, g, x, y)  - compute g, x, y so that ax + by = g = (a, b)
-
-Also provided is a function to compute modular inverses, if they
-exist:
-
-mp_invmod(a, m, c)      - compute c = a^-1 (mod m), if it exists
-
-The function mp_xgcd() computes the greatest common divisor, and also
-returns values of x and y satisfying Bezout's identity.  This is used
-by mp_invmod() to find modular inverses.  However, if you do not need
-these values, you will find that mp_gcd() is MUCH more efficient,
-since it doesn't need all the intermediate values that mp_xgcd()
-requires in order to compute x and y. 
-
-The mp_gcd() (and mp_xgcd()) functions use the binary (extended) GCD
-algorithm due to Josef Stein.
-
-
-Input & Output Functions
-------------------------
-
-The following basic I/O routines are provided.  These are present at
-all times:
-
-mp_read_radix(mp, str, r)  - convert a string in radix r to an mp_int
-mp_read_raw(mp, s, len)    - convert a string of bytes to an mp_int
-mp_radix_size(mp, r)       - return length of buffer needed by mp_toradix()
-mp_raw_size(mp)            - return length of buffer needed by mp_toraw()
-mp_toradix(mp, str, r)     - convert an mp_int to a string of radix r 
-                             digits
-mp_toraw(mp, str)          - convert an mp_int to a string of bytes
-mp_tovalue(ch, r)          - convert ch to its value when taken as
-                             a radix r digit, or -1 if invalid
-mp_strerror(err)           - get a string describing mp_err value 'err'
-
-If you compile the MPI library with MP_IOFUNC defined, you will also
-have access to the following additional I/O function:
-
-mp_print(mp, ofp)       - print an mp_int as text to output stream ofp
-
-Note that mp_radix_size() returns a size in bytes guaranteed to be AT
-LEAST big enough for the digits output by mp_toradix().  Because it
-uses an approximation technique to figure out how many digits will be
-needed, it may return a figure which is larger than necessary.  Thus,
-the caller should not rely on the value to determine how many bytes
-will actually be written by mp_toradix().  The string mp_toradix()
-creates will be NUL terminated, so the standard C library function
-strlen() should be able to ascertain this for you, if you need it.
-
-The mp_read_radix() and mp_toradix() functions support bases from 2 to
-64 inclusive.  If you require more general radix conversion facilities
-than this, you will need to write them yourself (that's why mp_div_d()
-is provided, after all).
-
-Note:   mp_read_radix() will accept as digits either capital or 
-----    lower-case letters.  However, the current implementation of
-        mp_toradix() only outputs upper-case letters, when writing
-        bases betwee 10 and 36.  The underlying code supports using
-        lower-case letters, but the interface stub does not have a
-        selector for it.  You can add one yourself if you think it
-        is worthwhile -- I do not.  Bases from 36 to 64 use lower-
-        case letters as distinct from upper-case.  Bases 63 and
-        64 use the characters '+' and '/' as digits.
-
-        Note also that compiling with MP_IOFUNC defined will cause
-        inclusion of <stdio.h>, so if you are trying to write code
-        which does not depend on the standard C library, you will
-        probably want to avoid this option.  This is needed because
-        the mp_print() function takes a standard library FILE * as
-        one of its parameters, and uses the fprintf() function.
-
-The mp_toraw() function converts the integer to a sequence of bytes,
-in big-endian ordering (most-significant byte first).  Assuming your
-bytes are 8 bits wide, this corresponds to base 256.  The sign is
-encoded as a single leading byte, whose value is 0 for zero or
-positive values, or 1 for negative values.  The mp_read_raw() function
-reverses this process -- it takes a buffer of bytes, interprets the
-first as a sign indicator (0 = zero/positive, nonzero = negative), and
-the rest as a sequence of 1-byte digits in big-endian ordering.
-
-The mp_raw_size() function returns the exact number of bytes required
-to store the given integer in "raw" format (as described in the
-previous paragraph).  Zero is returned in case of error; a valid
-integer will require at least three bytes of storage.
-
-In previous versions of the MPI library, an "external representation
-format" was supported.  This was removed, however, because I found I
-was never using it, it was not as portable as I would have liked, and
-I decided it was a waste of space.
-
-
-Other Functions
----------------
-
-The files 'mpprime.h' and 'mpprime.c' define some routines which are
-useful for divisibility testing and probabilistic primality testing.
-The routines defined are:
-
-mpp_divis(a, b)          - is a divisible by b?
-mpp_divis_d(a, d)        - is a divisible by digit d?
-mpp_random(a)            - set a to random value at current precision
-mpp_random_size(a, prec) - set a to random value at given precision
-
-Note:  The mpp_random() and mpp_random_size() functions use the C
-----   library's rand() function to generate random values.  It is
-       up to the caller to seed this generator before it is called.
-       These functions are not suitable for generating quantities
-       requiring cryptographic-quality randomness; they are intended
-       primarily for use in primality testing.
-
-       Note too that the MPI library does not call srand(), so your
-       application should do this, if you ever want the sequence
-       to change.
-
-mpp_divis_vector(a, v, s, w)  - is a divisible by any of the s digits
-                                in v?  If so, let w be the index of 
-                                that digit
-
-mpp_divis_primes(a, np)       - is a divisible by any of the first np
-                                primes?  If so, set np to the prime 
-                                which divided a.
-
-mpp_fermat(a, d)              - test if w^a = w (mod a).  If so, 
-                                returns MP_YES, otherwise MP_NO.
-
-mpp_pprime(a, nt)             - perform nt iterations of the Rabin-
-                                Miller probabilistic primality test
-                                on a.  Returns MP_YES if all tests
-                                passed, or MP_NO if any test fails.
-
-The mpp_fermat() function works based on Fermat's little theorem, a
-consequence of which is that if p is a prime, and (w, p) = 1, then:
-
-        w^p = w (mod p)
-
-Put another way, if w^p != w (mod p), then p is not prime.  The test
-is expensive to compute, but it helps to quickly eliminate an enormous
-class of composite numbers prior to Rabin-Miller testing.
-
-Building the Library
---------------------
-
-The MPI library is designed to be as self-contained as possible.  You
-should be able to compile it with your favourite ANSI C compiler, and
-link it into your program directly.  If you are on a Unix system using
-the GNU C compiler (gcc), the following should work:
-
-% gcc -ansi -pedantic -Wall -O2 -c mpi.c
-
-The file 'mpi-config.h' defines several configurable parameters for
-the library, which you can adjust to suit your application.  At the
-time of this writing, the available options are:
-
-MP_IOFUNC       - Define true to include the mp_print() function, 
-                  which is moderately useful for debugging.  This
-                  implicitly includes <stdio.h>.
-
-MP_MODARITH     - Define true to include the modular arithmetic
-                  functions.  If you don't need modular arithmetic
-                  in your application, you can set this to zero to
-                  leave out all the modular routines.
-
-MP_NUMTH        - Define true to include number theoretic functions
-                  such as mp_gcd(), mp_lcm(), and mp_invmod().
-
-MP_LOGTAB       - If true, the file "logtab.h" is included, which
-                  is basically a static table of base 2 logarithms.
-                  These are used to compute how big the buffers for
-                  radix conversion need to be.  If you set this false,
-                  the library includes <math.h> and uses log().  This
-                  typically forces you to link against math libraries.
-
-MP_MEMSET       - If true, use memset() to zero buffers.  If you run
-                  into weird alignment related bugs, set this to zero
-                  and an explicit loop will be used.
-
-MP_MEMCPY       - If true, use memcpy() to copy buffers.  If you run
-                  into weird alignment bugs, set this to zero and an
-                  explicit loop will be used.
-
-MP_CRYPTO       - If true, whenever arrays of digits are free'd, they
-                  are zeroed first.  This is useful if you're using
-                  the library in a cryptographic environment; however,
-                  it does add overhead to each free operation.  For
-                  performance, if you don't care about zeroing your
-                  buffers, set this to false.
-
-MP_ARGCHK       - Set to 0, 1, or 2.  This defines how the argument
-                  checking macro, ARGCHK(), gets expanded.  If this 
-                  is set to zero, ARGCHK() expands to nothing; no 
-                  argument checks are performed.  If this is 1, the
-                  ARGCHK() macro expands to code that returns MP_BADARG
-                  or similar at runtime.  If it is 2, ARGCHK() expands 
-                  to an assert() call that aborts the program on a 
-                  bad input.
-
-MP_DEBUG        - Turns on debugging output.  This is probably not at
-                  all useful unless you are debugging the library.  It
-                  tends to spit out a LOT of output.
-
-MP_DEFPREC      - The default precision of a newly-created mp_int, in
-                  digits.  The precision can be changed at runtime by
-                  the mp_set_prec() function, but this is its initial
-                  value.
-
-MP_SQUARE       - If this is set to a nonzero value, the mp_sqr() 
-                  function will use an alternate algorithm that takes
-                  advantage of the redundant inner product computation
-                  when both multiplicands are identical.  Unfortunately,
-                  with some compilers this is actually SLOWER than just
-                  calling mp_mul() with the same argument twice.  So
-                  if you set MP_SQUARE to zero, mp_sqr() will be expan-
-                  ded into a call to mp_mul().  This applies to all 
-                  the uses of mp_sqr(), including mp_sqrmod() and the
-                  internal calls to s_mp_sqr() inside mpi.c
-
-                  The program 'mulsqr' (mulsqr.c) can be used to test
-                  which works best for your configuration.  Set up the
-                  CC and CFLAGS variables in the Makefile, then type:
-
-                        make mulsqr
-
-                  Invoke it with arguments similar to the following:
-
-                        mulsqr 25000 1024
-
-                  That is, 25000 products computed on 1024-bit values.
-                  The output will compare the two timings, and recommend
-                  a setting for MP_SQUARE.  It is off by default.
-
-If you would like to use the mp_print() function (see above), be sure
-to define MP_IOFUNC in mpi-config.h.  Many of the test drivers in the
-'tests' subdirectory expect this to be defined (although the test
-driver 'mpi-test' doesn't need it)
-
-The Makefile which comes with the library should take care of building
-the library for you, if you have set the CC and CFLAGS variables at
-the top of the file appropriately.  By default, they are set up to
-use the GNU C compiler:
-
-CC=gcc
-CFLAGS=-ansi -pedantic -Wall -O2
-
-If all goes well, the library should compile without warnings using
-this combination.  You should, of course, make whatever adjustments
-you find necessary.  
-
-The MPI library distribution comes with several additional programs
-which are intended to demonstrate the use of the library, and provide
-a framework for testing it.  There are a handful of test driver
-programs, in the files named 'mptest-X.c', where X is a digit.  Also,
-there are some simple command-line utilities (in the 'utils'
-directory) for manipulating large numbers.  These include:
-
-basecvt.c       A radix-conversion program, supporting bases from
-                2 to 64 inclusive.
-
-bbsrand.c       A BBS (quadratic residue) pseudo-random number 
-                generator.  The file 'bbsrand.c' is just the driver
-                for the program; the real code lives in the files
-                'bbs_rand.h' and 'bbs_rand.c'
-
-dec2hex.c       Converts decimal to hexadecimal
-
-gcd.c           Computes the greatest common divisor of two values.
-                If invoked as 'xgcd', also computes constants x and
-                y such that (a, b) = ax + by, in accordance with
-                Bezout's identity.
-
-hex2dec.c       Converts hexadecimal to decimal
-
-invmod.c        Computes modular inverses
-
-isprime.c       Performs the Rabin-Miller probabilistic primality
-                test on a number.  Values which fail this test are
-                definitely composite, and those which pass are very
-                likely to be prime (although there are no guarantees)
-
-lap.c           Computes the order (least annihilating power) of
-                a value v modulo m.  Very dumb algorithm.
-
-primegen.c      Generates large (probable) primes.
-
-prng.c          A pseudo-random number generator based on the
-                BBS generator code in 'bbs_rand.c'
-
-sieve.c         Implements the Sieve of Eratosthenes, using a big
-                bitmap, to generate a list of prime numbers.
-
-fact.c          Computes the factorial of an arbitrary precision
-                integer (iterative).
-
-exptmod.c       Computes arbitrary precision modular exponentiation
-                from the command line (exptmod a b m -> a^b (mod m))
-
-Most of these can be built from the Makefile that comes with the
-library.  Try 'make tools', if your environment supports it.  (If you
-are compiling on a Macintosh, I'm afraid you'll have to build them by
-hand -- fortunately, this is not difficult -- the library itself
-should compile just fine under Metrowerks CodeWarrior).
-
-
-Testing the Library
--------------------
-
-Automatic test vectors are included, in the form of a program called
-'mpi-test'.  To build this program and run all the tests, simply
-invoke the shell script 'all-tests'.  If all the tests pass, you
-should see a message:
-
-        All tests passed
-
-If something went wrong, you'll get:
-
-        One or more tests failed.
-
-If this happens, scan back through the preceding lines, to see which
-test failed.  Any failure indicates a bug in the library, which needs
-to be fixed before it will give accurate results.  If you get any such
-thing, please let me know, and I'll try to fix it.  Please let me know
-what platform and compiler you were using, as well as which test
-failed.  If a reason for failure was given, please send me that text
-as well.
-
-If you're on a system such as the Macintosh, where the standard Unix
-build tools don't work, you can build the 'mpi-test' program manually,
-and run it by hand.  This is tedious and obnoxious, sorry.
-
-Further manual testing can be performed by building the manual testing
-programs, whose source is found in the 'tests' subdirectory.  Each
-test is in a source file called 'mptest-X.c'.  The Makefile contains a
-target to build all of them at once:
-
-        make tests
-
-Read the comments at the top of each source file to see what the
-driver is supposed to test.  You probably don't need to do this; these
-programs were only written to help me as I was developing the library.
-
-The relevant files are:
-
-mpi-test.c              The source for the test driver
-
-make-test-arrays        A Perl script to generate some of the internal
-                        data structures used by mpi-test.c
-
-test-arrays.txt         The source file for make-test-arrays
-
-all-tests               A Bourne shell script which runs all the
-                        tests in the mpi-test suite
-
-Running 'make mpi-test' should build the mpi-test program.  If you
-cannot use make, here is what needs to be done:
-
-(1) Use 'make-test-arrays' to generate the file 'test-info.c' from
-    the 'test-arrays.txt' file.  Since Perl can be found everywhere,
-    even on the Macintosh, this should be no trouble.  Under Unix, 
-    this looks like:
-
-        make-test-arrays test-arrays.txt > test-info.c
-
-(2) Build the MPI library:
-
-        gcc -ansi -pedantic -Wall -c mpi.c
-
-(3) Build the mpi-test program:
-
-        gcc -ansi -pedantic -Wall -o mpi-test mpi.o mpi-test.c
-
-When you've got mpi-test, you can use 'all-tests' to run all the tests
-made available by mpi-test.  If any of them fail, there should be a
-diagnostic indicating what went wrong.  These are fairly high-level
-diagnostics, and won't really help you debug the problem; they're
-simply intended to help you isolate which function caused the problem.
-If you encounter a problem of this sort, feel free to e-mail me, and I
-will certainly attempt to help you debug it.
-
-Note:   Several of the tests hard-wired into 'mpi-test' operate under
-----    the assumption that you are using at least a 16-bit mp_digit 
-        type.  If that is not true, several tests might fail, because 
-        of range problems with the maximum digit value.
-
-        If you are using an 8-bit digit, you will also need to 
-        modify the code for mp_read_raw(), which assumes that
-        multiplication by 256 can be done with mp_mul_d(), a
-        fact that fails when DIGIT_MAX is 255.  You can replace
-        the call with s_mp_lshd(), which will give you the same
-        effect, and without doing as much work. :)
-
-Acknowledgements:
-----------------
-
-The algorithms used in this library were drawn primarily from Volume
-2 of Donald Knuth's magnum opus, _The Art of Computer Programming_, 
-"Semi-Numerical Methods".  Barrett's algorithm for modular reduction
-came from Menezes, Oorschot, and Vanstone's _Handbook of Applied
-Cryptography_, Chapter 14.
-
-Thanks are due to Tom St. Denis, for finding an obnoxious sign-related
-bug in mp_read_raw() that made things break on platforms which use
-signed chars.
-
-About the Author
-----------------
-
-This software was written by Michael J. Fromberger.  You can contact
-the author as follows:
-
-E-mail:   <sting@linguist.dartmouth.edu>
-
-Postal:   8000 Cummings Hall, Thayer School of Engineering
-          Dartmouth College, Hanover, New Hampshire, USA
-
-PGP key:  http://linguist.dartmouth.edu/~sting/keys/mjf.html
-          9736 188B 5AFA 23D6 D6AA  BE0D 5856 4525 289D 9907
-
-Last updated:  16-Jan-2000
diff --git a/security/nss/lib/freebl/mpi/all-tests b/security/nss/lib/freebl/mpi/all-tests
deleted file mode 100755
index fa60e95ed..000000000
--- a/security/nss/lib/freebl/mpi/all-tests
+++ /dev/null
@@ -1,112 +0,0 @@
-#!/bin/sh
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
-## All Rights Reserved.
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-
-ECHO=/bin/echo
-MAKE=gmake
-
-$ECHO "\n** Running unit tests for MPI library\n"
-
-# Build the mpi-test program, which comprises all the unit tests for
-# the MPI library...
-
-$ECHO "Bringing mpi-test up to date ... "
-if $MAKE mpi-test ; then
-  :
-else
-  $ECHO " "
-  $ECHO "Make failed to build mpi-test."
-  $ECHO " "
-  exit 1
-fi
-
-if [ ! -x mpi-test ] ; then
-  $ECHO " "
-  $ECHO "Cannot find 'mpi-test' program, testing cannot continue."
-  $ECHO " "
-  exit 1
-fi
-
-# Get the list of available test suites...
-tests=`mpi-test list | awk '{print $1}'`
-errs=0
-
-# Run each test suite and check the result code of mpi-test
-for test in $tests ; do
-  $ECHO "$test ... \c"
-  if mpi-test $test ; then
-    $ECHO "passed"
-  else
-    $ECHO "FAILED"
-    errs=1
-  fi
-done
-
-# If any tests failed, we'll stop at this point
-if [ "$errs" = "0" ] ; then
-  $ECHO "All unit tests passed"
-else
-  $ECHO "One or more tests failed"
-  exit 1
-fi
-
-# Now try to build the 'pi' program, and see if it can compute the
-# first thousand digits of pi correctly
-$ECHO "\n** Running other tests\n"
-
-$ECHO "Bringing 'pi' up to date ... "
-if $MAKE pi ; then
-    :
-else
-    $ECHO "\nMake failed to build pi.\n"
-    exit 1
-fi
-
-if [ ! -x pi ] ; then
-    $ECHO "\nCannot find 'pi' program; testing cannot continue.\n"
-    exit 1
-fi
-
-./pi 2000 > /tmp/pi.tmp.$$
-if cmp tests/pi2k.txt /tmp/pi.tmp.$$ ; then
-    $ECHO "Okay!  The pi test passes."
-else
-    $ECHO "Oops!  The pi test failed. :("
-    exit 1
-fi
-
-rm -f /tmp/pi.tmp.$$
-
-exit 0
-
-# Here there be dragons
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE b/security/nss/lib/freebl/mpi/doc/LICENSE
deleted file mode 100644
index 35cca68ce..000000000
--- a/security/nss/lib/freebl/mpi/doc/LICENSE
+++ /dev/null
@@ -1,11 +0,0 @@
-Within this directory, each of the file listed below is licensed under 
-the terms given in the file LICENSE-MPL, also in this directory.
-
-basecvt.pod
-gcd.pod
-invmod.pod
-isprime.pod
-lap.pod
-mpi-test.pod
-prime.txt
-prng.pod
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation.  Portions created by Netscape are 
-Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable 
-instead of those above.  If you wish to allow use of your 
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/basecvt.pod b/security/nss/lib/freebl/mpi/doc/basecvt.pod
deleted file mode 100644
index 5c072ccd6..000000000
--- a/security/nss/lib/freebl/mpi/doc/basecvt.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=head1 NAME
-
- basecvt - radix conversion for arbitrary precision integers
-
-=head1 SYNOPSIS
-
- basecvt <ibase> <obase> [values]
-
-=head1 DESCRIPTION
-
-The B<basecvt> program is a command-line tool for converting integers
-of arbitrary precision from one radix to another.  The current version
-supports radix values from 2 (binary) to 64, inclusive.  The first two
-command line arguments specify the input and output radix, in base 10.
-Any further arguments are taken to be integers notated in the input
-radix, and these are converted to the output radix.  The output is
-written, one integer per line, to standard output.
-
-When reading integers, only digits considered "valid" for the input
-radix are considered.  Processing of an integer terminates when an
-invalid input digit is encountered.  So, for example, if you set the
-input radix to 10 and enter '10ACF', B<basecvt> would assume that you
-had entered '10' and ignore the rest of the string.
-
-If no values are provided, no output is written, but the program
-simply terminates with a zero exit status.  Error diagnostics are
-written to standard error in the event of out-of-range radix
-specifications.  Regardless of the actual values of the input and
-output radix, the radix arguments are taken to be in base 10 (decimal)
-notation.
-
-=head1 DIGITS
-
-For radices from 2-10, standard ASCII decimal digits 0-9 are used for
-both input and output.  For radices from 11-36, the ASCII letters A-Z
-are also included, following the convention used in hexadecimal.  In
-this range, input is accepted in either upper or lower case, although
-on output only lower-case letters are used.
-
-For radices from 37-62, the output includes both upper- and lower-case
-ASCII letters, and case matters.  In this range, case is distinguished
-both for input and for output values.
-
-For radices 63 and 64, the characters '+' (plus) and '/' (forward
-solidus) are also used.  These are derived from the MIME base64
-encoding scheme.  The overall encoding is not the same as base64,
-because the ASCII digits are used for the bottom of the range, and the
-letters are shifted upward; however, the output will consist of the
-same character set.
-
-This input and output behaviour is inherited from the MPI library used
-by B<basecvt>, and so is not configurable at runtime.
-
-=head1 SEE ALSO
-
- dec2hex(1), hex2dec(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
diff --git a/security/nss/lib/freebl/mpi/doc/build b/security/nss/lib/freebl/mpi/doc/build
deleted file mode 100755
index 5b6f921fc..000000000
--- a/security/nss/lib/freebl/mpi/doc/build
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##	Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-## 
-## $Id$
-##
-
-VERS="1.7p6"
-SECT="1"
-NAME="MPI Tools"
-
-echo "Building manual pages ..."
-case $# in
-  0)
-    files=`ls *.pod`
-    ;;
-  *)
-    files=$*
-    ;;
-esac
-
-for name in $files
-do
-   echo -n "$name ... "
-#  sname=`noext $name`
-   sname=`basename $name .pod`
-   pod2man --section="$SECT" --center="$NAME" --release="$VERS" $name > $sname.$SECT
-   echo "(done)"
-done
-
-echo "Finished building."
-
diff --git a/security/nss/lib/freebl/mpi/doc/div.txt b/security/nss/lib/freebl/mpi/doc/div.txt
deleted file mode 100644
index b1ca744e1..000000000
--- a/security/nss/lib/freebl/mpi/doc/div.txt
+++ /dev/null
@@ -1,96 +0,0 @@
-Division
-
-This describes the division algorithm used by the MPI library.
-
-Input:    a, b; a > b
-Compute:  Q, R; a = Qb + R
-
-The input numbers are normalized so that the high-order digit of b is
-at least half the radix.  This guarantees that we have a reasonable
-way to guess at the digits of the quotient (this method was taken from
-Knuth, vol. 2, with adaptations).
-
-To normalize, test the high-order digit of b.  If it is less than half
-the radix, multiply both a and b by d, where:
-
-             radix - 1
-	d = -----------
-              bmax + 1
-
-...where bmax is the high-order digit of b.  Otherwise, set d = 1.
-
-Given normalize values for a and b, let the notation a[n] denote the
-nth digit of a.  Let #a be the number of significant figures of a (not
-including any leading zeroes).
-
-	Let R = 0
-	Let p = #a - 1
-
-	while(p >= 0)
-	  do
-	    R = (R * radix) + a[p]
-	    p = p - 1
-	  while(R < b and p >= 0)
-
-	  if(R < b)
-	    break
-
-	  q = (R[#R - 1] * radix) + R[#R - 2]
-	  q = q / b[#b - 1]
-
-	  T = b * q
-
-	  while(T > L)
-	    q = q - 1
-	    T = T - b
-	  endwhile
-
-	  L = L - T
-
-	  Q = (Q * radix) + q
-
-	endwhile
-
-At this point, Q is the quotient, and R is the normalized remainder.
-To denormalize R, compute:
-
-	R = (R / d)
-
-At this point, you are finished.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/expt.txt b/security/nss/lib/freebl/mpi/doc/expt.txt
deleted file mode 100644
index 4c12eb2af..000000000
--- a/security/nss/lib/freebl/mpi/doc/expt.txt
+++ /dev/null
@@ -1,127 +0,0 @@
-Exponentiation
-
-For exponentiation, the MPI library uses a simple and fairly standard
-square-and-multiply method.  The algorithm is this:
-
-Input:	a, b
-Output: a ** b
-
-	s = 1
-
-	while(b != 0)
-	  if(b is odd)
-	    s = s * a
-	  endif
-
-	  b = b / 2
-
-	  x = x * x
-	endwhile
-
-	return s
-
-The modular exponentiation is done the same way, except replacing:
-
-	s = s * a
-
-with
-	s = (s * a) mod m
-
-and replacing
-
-	x = x * x
-
-with
-
-	x = (x * x) mod m
-
-Here is a sample exponentiation using the MPI library, as compared to
-the same problem solved by the Unix 'bc' program on my system:
-
-Computation of 2,381,283 ** 235
-
-'bc' says:
-
-4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
-4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
-6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
-4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
-6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
-FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
-CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
-5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
-CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
-49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
-5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
-A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
-D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
-92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
-A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
-AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
-E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
-1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
-CFFF2E1AC93F3CA264A1B
-
-MPI says:
-
-4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
-4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
-6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
-4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
-6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
-FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
-CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
-5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
-CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
-49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
-5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
-A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
-D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
-92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
-A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
-AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
-E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
-1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
-CFFF2E1AC93F3CA264A1B
-
-Diff says:
-% diff bc.txt mp.txt
-%
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/gcd.pod b/security/nss/lib/freebl/mpi/doc/gcd.pod
deleted file mode 100644
index 53b955f7e..000000000
--- a/security/nss/lib/freebl/mpi/doc/gcd.pod
+++ /dev/null
@@ -1,27 +0,0 @@
-=head1 NAME
-
- gcd - compute greatest common divisor of two integers
-
-=head1 SYNOPSIS
-
- gcd <a> <b>
-
-=head1 DESCRIPTION
-
-The B<gcd> program computes the greatest common divisor of two
-arbitrary-precision integers I<a> and I<b>.  The result is written in
-standard decimal notation to the standard output.
-
-If I<b> is zero, B<gcd> will print an error message and exit.
-
-=head1 SEE ALSO
-
-invmod(1), isprime(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
- 
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/invmod.pod b/security/nss/lib/freebl/mpi/doc/invmod.pod
deleted file mode 100644
index faa8f9d0c..000000000
--- a/security/nss/lib/freebl/mpi/doc/invmod.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=head1 NAME
-
- invmod - compute modular inverse of an integer
-
-=head1 SYNOPSIS
-
- invmod <a> <m>
-
-=head1 DESCRIPTION
-
-The B<invmod> program computes the inverse of I<a>, modulo I<m>, if
-that inverse exists.  Both I<a> and I<m> are arbitrary-precision
-integers in decimal notation.  The result is written in standard
-decimal notation to the standard output.
-
-If there is no inverse, the message:
-
- No inverse
-
-...will be printed to the standard output (an inverse exists if and
-only if the greatest common divisor of I<a> and I<m> is 1).
-
-=head1 SEE ALSO
-
-gcd(1), isprime(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
- 
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/isprime.pod b/security/nss/lib/freebl/mpi/doc/isprime.pod
deleted file mode 100644
index a17c1c1bd..000000000
--- a/security/nss/lib/freebl/mpi/doc/isprime.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=head1 NAME
-
- isprime - probabilistic primality testing
-
-=head1 SYNOPSIS
-
- isprime <a>
-
-=head1 DESCRIPTION
-
-The B<isprime> program attempts to determine whether the arbitrary
-precision integer I<a> is prime.  It first tests I<a> for divisibility
-by the first 170 or so small primes, and assuming I<a> is not
-divisible by any of these, applies 15 iterations of the Rabin-Miller
-probabilistic primality test.
-
-If the program discovers that the number is composite, it will print:
-
- Not prime (reason)
-
-Where I<reason> is either:
-
-	divisible by small prime x
-
-Or:
-
-	failed nth pseudoprime test
-
-In the first case, I<x> indicates the first small prime factor that
-was found.  In the second case, I<n> indicates which of the
-pseudoprime tests failed (numbered from 1)
-
-If this happens, the number is definitely not prime.  However, if the
-number succeeds, this message results:
-
- Probably prime, 1 in 4^15 chance of false positive
-
-If this happens, the number is prime with very high probability, but
-its primality has not been absolutely proven, only demonstrated to a
-very convincing degree.
-
-The value I<a> can be input in standard decimal notation, or, if it is
-prefixed with I<Ox>, it will be read as hexadecimal.
-
-=head1 ENVIRONMENT
-
-You can control how many iterations of Rabin-Miller are performed on
-the candidate number by setting the I<RM_TESTS> environment variable
-to an integer value before starting up B<isprime>.  This will change
-the output slightly if the number passes all the tests.
-
-=head1 SEE ALSO
-
-gcd(1), invmod(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
- 
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/lap.pod b/security/nss/lib/freebl/mpi/doc/lap.pod
deleted file mode 100644
index ac100639b..000000000
--- a/security/nss/lib/freebl/mpi/doc/lap.pod
+++ /dev/null
@@ -1,35 +0,0 @@
-=head1 NAME
-
- lap - compute least annihilating power of a number
-
-=head1 SYNOPSIS
-
- lap <a> <m>
-
-=head1 DESCRIPTION
-
-The B<lap> program computes the order of I<a> modulo I<m>, for
-arbitrary precision integers I<a> and I<m>.  The B<order> of I<a>
-modulo I<m> is defined as the smallest positive value I<n> for which
-I<a> raised to the I<n>th power, modulo I<m>, is equal to 1.  The
-order may not exist, if I<m> is composite.
-
-=head1 RESTRICTIONS
-
-This program is very slow, especially for large moduli.  It is
-intended as a way to help find primitive elements in a modular field,
-but it does not do so in a particularly inefficient manner.  It was
-written simply to help verify that a particular candidate does not
-have an obviously short cycle mod I<m>.
-
-=head1 SEE ALSO
-
-gcd(1), invmod(1), isprime(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
- 
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/mpi-test.pod b/security/nss/lib/freebl/mpi/doc/mpi-test.pod
deleted file mode 100644
index 16050f09f..000000000
--- a/security/nss/lib/freebl/mpi/doc/mpi-test.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=head1 NAME
-
- mpi-test - automated test program for MPI library
-
-=head1 SYNOPSIS
-
- mpi-test <suite-name> [quiet]
- mpi-test list
- mpi-test help
-
-=head1 DESCRIPTION
-
-The B<mpi-test> program is a general unit test driver for the MPI
-library.  It is used to verify that the library works as it is
-supposed to on your architecture.  As with most such things, passing
-all the tests in B<mpi-test> does not guarantee the code is correct,
-but if any of them fail, there are certainly problems.
-
-Each major function of the library can be tested individually.  For a
-list of the test suites understood by B<mpi-test>, run it with the
-I<list> command line option:
-
- mpi-test list
-
-This will display a list of the available test suites and a brief
-synopsis of what each one does.  For a brief overview of this
-document, run B<mpi-test> I<help>.
-
-B<mpi-test> exits with a zero status if the selected test succeeds, or
-a nonzero status if it fails.  If a I<suite-name> which is not
-understood by B<mpi-test> is given, a diagnostic is printed to the
-standard error, and the program exits with a result code of 2.  If a
-test fails, the result code will be 1, and a diagnostic is ordinarily
-printed to the standard error.  However, if the I<quiet> option is
-provided, these diagnostics will be suppressed.
-
-=head1 RESTRICTIONS
-
-Only a few canned test cases are provided.  The solutions have been
-verified using the GNU bc(1) program, so bugs there may cause problems
-here; however, this is very unlikely, so if a test fails, it is almost
-certainly my fault, not bc(1)'s.
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
- 
- $Date$
diff --git a/security/nss/lib/freebl/mpi/doc/mul.txt b/security/nss/lib/freebl/mpi/doc/mul.txt
deleted file mode 100644
index 436d01bf7..000000000
--- a/security/nss/lib/freebl/mpi/doc/mul.txt
+++ /dev/null
@@ -1,109 +0,0 @@
-Multiplication
-
-This describes the multiplication algorithm used by the MPI library.
-
-This is basically a standard "schoolbook" algorithm.  It is slow --
-O(mn) for m = #a, n = #b -- but easy to implement and verify.
-Basically, we run two nested loops, as illustrated here (R is the
-radix):
-
-k = 0
-for j <- 0 to (#b - 1)
-  for i <- 0 to (#a - 1)
-    w = (a[j] * b[i]) + k + c[i+j]
-    c[i+j] = w mod R
-    k = w div R
-  endfor
-  c[i+j] = k;
-  k = 0;
-endfor
-
-It is necessary that 'w' have room for at least two radix R digits.
-The product of any two digits in radix R is at most:
-
-	(R - 1)(R - 1) = R^2 - 2R + 1
-
-Since a two-digit radix-R number can hold R^2 - 1 distinct values,
-this insures that the product will fit into the two-digit register.
-
-To insure that two digits is enough for w, we must also show that
-there is room for the carry-in from the previous multiplication, and
-the current value of the product digit that is being recomputed.
-Assuming each of these may be as big as R - 1 (and no larger,
-certainly), two digits will be enough if and only if:
-
-	(R^2 - 2R + 1) + 2(R - 1) <= R^2 - 1
-
-Solving this equation shows that, indeed, this is the case:
-
-	R^2 - 2R + 1 + 2R - 2 <= R^2 - 1
-
-	R^2 - 1 <= R^2 - 1
-
-This suggests that a good radix would be one more than the largest
-value that can be held in half a machine word -- so, for example, as
-in this implementation, where we used a radix of 65536 on a machine
-with 4-byte words.  Another advantage of a radix of this sort is that
-binary-level operations are easy on numbers in this representation.
-
-Here's an example multiplication worked out longhand in radix-10,
-using the above algorithm:
-
-   a =     999
-   b =   x 999
-  -------------
-   p =   98001
-
-w = (a[jx] * b[ix]) + kin + c[ix + jx]
-c[ix+jx] = w % RADIX
-k = w / RADIX
-                                                               product
-ix	jx	a[jx]	b[ix]	kin	w	c[i+j]	kout	000000
-0	0	9	9	0	81+0+0	1	8	000001
-0	1	9	9	8	81+8+0	9	8	000091
-0	2	9	9	8	81+8+0	9	8	000991
-				8			0	008991
-1	0	9	9	0	81+0+9	0	9	008901
-1	1	9	9	9	81+9+9	9	9	008901
-1	2	9	9	9	81+9+8	8	9	008901
-				9			0	098901
-2	0	9	9	0	81+0+9	0	9	098001
-2	1	9	9	9	81+9+8	8	9	098001
-2	2	9	9	9	81+9+9	9	9	098001
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/pi.txt b/security/nss/lib/freebl/mpi/doc/pi.txt
deleted file mode 100644
index 5edfdb4cb..000000000
--- a/security/nss/lib/freebl/mpi/doc/pi.txt
+++ /dev/null
@@ -1,85 +0,0 @@
-This file describes how pi is computed by the program in 'pi.c' (see
-the utils subdirectory).
-
-Basically, we use Machin's formula, which is what everyone in the
-world uses as a simple method for computing approximations to pi.
-This works for up to a few thousand digits without too much effort.
-Beyond that, though, it gets too slow.
-
-Machin's formula states:
-
-	 pi := 16 * arctan(1/5) - 4 * arctan(1/239)
-
-We compute this in integer arithmetic by first multiplying everything
-through by 10^d, where 'd' is the number of digits of pi we wanted to
-compute.  It turns out, the last few digits will be wrong, but the
-number that are wrong is usually very small (ordinarly only 2-3).
-Having done this, we compute the arctan() function using the formula:
-
-                       1      1       1       1       1     
-       arctan(1/x) := --- - ----- + ----- - ----- + ----- - ...
-                       x    3 x^3   5 x^5   7 x^7   9 x^9
-
-This is done iteratively by computing the first term manually, and
-then iteratively dividing x^2 and k, where k = 3, 5, 7, ... out of the
-current figure.  This is then added to (or subtracted from) a running
-sum, as appropriate.  The iteration continues until we overflow our
-available precision and the current figure goes to zero under integer
-division.  At that point, we're finished.
-
-Actually, we get a couple extra bits of precision out of the fact that
-we know we're computing y * arctan(1/x), by setting up the multiplier
-as:
-
-      y * 10^d
-
-... instead of just 10^d.  There is also a bit of cleverness in how
-the loop is constructed, to avoid special-casing the first term.
-Check out the code for arctan() in 'pi.c', if you are interested in
-seeing how it is set up.
-
-Thanks to Jason P. for this algorithm, which I assembled from notes
-and programs found on his cool "Pile of Pi Programs" page, at:
-
-      http://www.isr.umd.edu/~jasonp/pipage.html
-
-Thanks also to Henrik Johansson <Henrik.Johansson@Nexus.Comm.SE>, from
-whose pi program I borrowed the clever idea of pre-multiplying by x in
-order to avoid a special case on the loop iteration.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/prime.txt b/security/nss/lib/freebl/mpi/doc/prime.txt
deleted file mode 100644
index 694797d5f..000000000
--- a/security/nss/lib/freebl/mpi/doc/prime.txt
+++ /dev/null
@@ -1,6542 +0,0 @@
-2
-3
-5
-7
-11
-13
-17
-19
-23
-29
-31
-37
-41
-43
-47
-53
-59
-61
-67
-71
-73
-79
-83
-89
-97
-101
-103
-107
-109
-113
-127
-131
-137
-139
-149
-151
-157
-163
-167
-173
-179
-181
-191
-193
-197
-199
-211
-223
-227
-229
-233
-239
-241
-251
-257
-263
-269
-271
-277
-281
-283
-293
-307
-311
-313
-317
-331
-337
-347
-349
-353
-359
-367
-373
-379
-383
-389
-397
-401
-409
-419
-421
-431
-433
-439
-443
-449
-457
-461
-463
-467
-479
-487
-491
-499
-503
-509
-521
-523
-541
-547
-557
-563
-569
-571
-577
-587
-593
-599
-601
-607
-613
-617
-619
-631
-641
-643
-647
-653
-659
-661
-673
-677
-683
-691
-701
-709
-719
-727
-733
-739
-743
-751
-757
-761
-769
-773
-787
-797
-809
-811
-821
-823
-827
-829
-839
-853
-857
-859
-863
-877
-881
-883
-887
-907
-911
-919
-929
-937
-941
-947
-953
-967
-971
-977
-983
-991
-997
-1009
-1013
-1019
-1021
-1031
-1033
-1039
-1049
-1051
-1061
-1063
-1069
-1087
-1091
-1093
-1097
-1103
-1109
-1117
-1123
-1129
-1151
-1153
-1163
-1171
-1181
-1187
-1193
-1201
-1213
-1217
-1223
-1229
-1231
-1237
-1249
-1259
-1277
-1279
-1283
-1289
-1291
-1297
-1301
-1303
-1307
-1319
-1321
-1327
-1361
-1367
-1373
-1381
-1399
-1409
-1423
-1427
-1429
-1433
-1439
-1447
-1451
-1453
-1459
-1471
-1481
-1483
-1487
-1489
-1493
-1499
-1511
-1523
-1531
-1543
-1549
-1553
-1559
-1567
-1571
-1579
-1583
-1597
-1601
-1607
-1609
-1613
-1619
-1621
-1627
-1637
-1657
-1663
-1667
-1669
-1693
-1697
-1699
-1709
-1721
-1723
-1733
-1741
-1747
-1753
-1759
-1777
-1783
-1787
-1789
-1801
-1811
-1823
-1831
-1847
-1861
-1867
-1871
-1873
-1877
-1879
-1889
-1901
-1907
-1913
-1931
-1933
-1949
-1951
-1973
-1979
-1987
-1993
-1997
-1999
-2003
-2011
-2017
-2027
-2029
-2039
-2053
-2063
-2069
-2081
-2083
-2087
-2089
-2099
-2111
-2113
-2129
-2131
-2137
-2141
-2143
-2153
-2161
-2179
-2203
-2207
-2213
-2221
-2237
-2239
-2243
-2251
-2267
-2269
-2273
-2281
-2287
-2293
-2297
-2309
-2311
-2333
-2339
-2341
-2347
-2351
-2357
-2371
-2377
-2381
-2383
-2389
-2393
-2399
-2411
-2417
-2423
-2437
-2441
-2447
-2459
-2467
-2473
-2477
-2503
-2521
-2531
-2539
-2543
-2549
-2551
-2557
-2579
-2591
-2593
-2609
-2617
-2621
-2633
-2647
-2657
-2659
-2663
-2671
-2677
-2683
-2687
-2689
-2693
-2699
-2707
-2711
-2713
-2719
-2729
-2731
-2741
-2749
-2753
-2767
-2777
-2789
-2791
-2797
-2801
-2803
-2819
-2833
-2837
-2843
-2851
-2857
-2861
-2879
-2887
-2897
-2903
-2909
-2917
-2927
-2939
-2953
-2957
-2963
-2969
-2971
-2999
-3001
-3011
-3019
-3023
-3037
-3041
-3049
-3061
-3067
-3079
-3083
-3089
-3109
-3119
-3121
-3137
-3163
-3167
-3169
-3181
-3187
-3191
-3203
-3209
-3217
-3221
-3229
-3251
-3253
-3257
-3259
-3271
-3299
-3301
-3307
-3313
-3319
-3323
-3329
-3331
-3343
-3347
-3359
-3361
-3371
-3373
-3389
-3391
-3407
-3413
-3433
-3449
-3457
-3461
-3463
-3467
-3469
-3491
-3499
-3511
-3517
-3527
-3529
-3533
-3539
-3541
-3547
-3557
-3559
-3571
-3581
-3583
-3593
-3607
-3613
-3617
-3623
-3631
-3637
-3643
-3659
-3671
-3673
-3677
-3691
-3697
-3701
-3709
-3719
-3727
-3733
-3739
-3761
-3767
-3769
-3779
-3793
-3797
-3803
-3821
-3823
-3833
-3847
-3851
-3853
-3863
-3877
-3881
-3889
-3907
-3911
-3917
-3919
-3923
-3929
-3931
-3943
-3947
-3967
-3989
-4001
-4003
-4007
-4013
-4019
-4021
-4027
-4049
-4051
-4057
-4073
-4079
-4091
-4093
-4099
-4111
-4127
-4129
-4133
-4139
-4153
-4157
-4159
-4177
-4201
-4211
-4217
-4219
-4229
-4231
-4241
-4243
-4253
-4259
-4261
-4271
-4273
-4283
-4289
-4297
-4327
-4337
-4339
-4349
-4357
-4363
-4373
-4391
-4397
-4409
-4421
-4423
-4441
-4447
-4451
-4457
-4463
-4481
-4483
-4493
-4507
-4513
-4517
-4519
-4523
-4547
-4549
-4561
-4567
-4583
-4591
-4597
-4603
-4621
-4637
-4639
-4643
-4649
-4651
-4657
-4663
-4673
-4679
-4691
-4703
-4721
-4723
-4729
-4733
-4751
-4759
-4783
-4787
-4789
-4793
-4799
-4801
-4813
-4817
-4831
-4861
-4871
-4877
-4889
-4903
-4909
-4919
-4931
-4933
-4937
-4943
-4951
-4957
-4967
-4969
-4973
-4987
-4993
-4999
-5003
-5009
-5011
-5021
-5023
-5039
-5051
-5059
-5077
-5081
-5087
-5099
-5101
-5107
-5113
-5119
-5147
-5153
-5167
-5171
-5179
-5189
-5197
-5209
-5227
-5231
-5233
-5237
-5261
-5273
-5279
-5281
-5297
-5303
-5309
-5323
-5333
-5347
-5351
-5381
-5387
-5393
-5399
-5407
-5413
-5417
-5419
-5431
-5437
-5441
-5443
-5449
-5471
-5477
-5479
-5483
-5501
-5503
-5507
-5519
-5521
-5527
-5531
-5557
-5563
-5569
-5573
-5581
-5591
-5623
-5639
-5641
-5647
-5651
-5653
-5657
-5659
-5669
-5683
-5689
-5693
-5701
-5711
-5717
-5737
-5741
-5743
-5749
-5779
-5783
-5791
-5801
-5807
-5813
-5821
-5827
-5839
-5843
-5849
-5851
-5857
-5861
-5867
-5869
-5879
-5881
-5897
-5903
-5923
-5927
-5939
-5953
-5981
-5987
-6007
-6011
-6029
-6037
-6043
-6047
-6053
-6067
-6073
-6079
-6089
-6091
-6101
-6113
-6121
-6131
-6133
-6143
-6151
-6163
-6173
-6197
-6199
-6203
-6211
-6217
-6221
-6229
-6247
-6257
-6263
-6269
-6271
-6277
-6287
-6299
-6301
-6311
-6317
-6323
-6329
-6337
-6343
-6353
-6359
-6361
-6367
-6373
-6379
-6389
-6397
-6421
-6427
-6449
-6451
-6469
-6473
-6481
-6491
-6521
-6529
-6547
-6551
-6553
-6563
-6569
-6571
-6577
-6581
-6599
-6607
-6619
-6637
-6653
-6659
-6661
-6673
-6679
-6689
-6691
-6701
-6703
-6709
-6719
-6733
-6737
-6761
-6763
-6779
-6781
-6791
-6793
-6803
-6823
-6827
-6829
-6833
-6841
-6857
-6863
-6869
-6871
-6883
-6899
-6907
-6911
-6917
-6947
-6949
-6959
-6961
-6967
-6971
-6977
-6983
-6991
-6997
-7001
-7013
-7019
-7027
-7039
-7043
-7057
-7069
-7079
-7103
-7109
-7121
-7127
-7129
-7151
-7159
-7177
-7187
-7193
-7207
-7211
-7213
-7219
-7229
-7237
-7243
-7247
-7253
-7283
-7297
-7307
-7309
-7321
-7331
-7333
-7349
-7351
-7369
-7393
-7411
-7417
-7433
-7451
-7457
-7459
-7477
-7481
-7487
-7489
-7499
-7507
-7517
-7523
-7529
-7537
-7541
-7547
-7549
-7559
-7561
-7573
-7577
-7583
-7589
-7591
-7603
-7607
-7621
-7639
-7643
-7649
-7669
-7673
-7681
-7687
-7691
-7699
-7703
-7717
-7723
-7727
-7741
-7753
-7757
-7759
-7789
-7793
-7817
-7823
-7829
-7841
-7853
-7867
-7873
-7877
-7879
-7883
-7901
-7907
-7919
-7927
-7933
-7937
-7949
-7951
-7963
-7993
-8009
-8011
-8017
-8039
-8053
-8059
-8069
-8081
-8087
-8089
-8093
-8101
-8111
-8117
-8123
-8147
-8161
-8167
-8171
-8179
-8191
-8209
-8219
-8221
-8231
-8233
-8237
-8243
-8263
-8269
-8273
-8287
-8291
-8293
-8297
-8311
-8317
-8329
-8353
-8363
-8369
-8377
-8387
-8389
-8419
-8423
-8429
-8431
-8443
-8447
-8461
-8467
-8501
-8513
-8521
-8527
-8537
-8539
-8543
-8563
-8573
-8581
-8597
-8599
-8609
-8623
-8627
-8629
-8641
-8647
-8663
-8669
-8677
-8681
-8689
-8693
-8699
-8707
-8713
-8719
-8731
-8737
-8741
-8747
-8753
-8761
-8779
-8783
-8803
-8807
-8819
-8821
-8831
-8837
-8839
-8849
-8861
-8863
-8867
-8887
-8893
-8923
-8929
-8933
-8941
-8951
-8963
-8969
-8971
-8999
-9001
-9007
-9011
-9013
-9029
-9041
-9043
-9049
-9059
-9067
-9091
-9103
-9109
-9127
-9133
-9137
-9151
-9157
-9161
-9173
-9181
-9187
-9199
-9203
-9209
-9221
-9227
-9239
-9241
-9257
-9277
-9281
-9283
-9293
-9311
-9319
-9323
-9337
-9341
-9343
-9349
-9371
-9377
-9391
-9397
-9403
-9413
-9419
-9421
-9431
-9433
-9437
-9439
-9461
-9463
-9467
-9473
-9479
-9491
-9497
-9511
-9521
-9533
-9539
-9547
-9551
-9587
-9601
-9613
-9619
-9623
-9629
-9631
-9643
-9649
-9661
-9677
-9679
-9689
-9697
-9719
-9721
-9733
-9739
-9743
-9749
-9767
-9769
-9781
-9787
-9791
-9803
-9811
-9817
-9829
-9833
-9839
-9851
-9857
-9859
-9871
-9883
-9887
-9901
-9907
-9923
-9929
-9931
-9941
-9949
-9967
-9973
-10007
-10009
-10037
-10039
-10061
-10067
-10069
-10079
-10091
-10093
-10099
-10103
-10111
-10133
-10139
-10141
-10151
-10159
-10163
-10169
-10177
-10181
-10193
-10211
-10223
-10243
-10247
-10253
-10259
-10267
-10271
-10273
-10289
-10301
-10303
-10313
-10321
-10331
-10333
-10337
-10343
-10357
-10369
-10391
-10399
-10427
-10429
-10433
-10453
-10457
-10459
-10463
-10477
-10487
-10499
-10501
-10513
-10529
-10531
-10559
-10567
-10589
-10597
-10601
-10607
-10613
-10627
-10631
-10639
-10651
-10657
-10663
-10667
-10687
-10691
-10709
-10711
-10723
-10729
-10733
-10739
-10753
-10771
-10781
-10789
-10799
-10831
-10837
-10847
-10853
-10859
-10861
-10867
-10883
-10889
-10891
-10903
-10909
-10937
-10939
-10949
-10957
-10973
-10979
-10987
-10993
-11003
-11027
-11047
-11057
-11059
-11069
-11071
-11083
-11087
-11093
-11113
-11117
-11119
-11131
-11149
-11159
-11161
-11171
-11173
-11177
-11197
-11213
-11239
-11243
-11251
-11257
-11261
-11273
-11279
-11287
-11299
-11311
-11317
-11321
-11329
-11351
-11353
-11369
-11383
-11393
-11399
-11411
-11423
-11437
-11443
-11447
-11467
-11471
-11483
-11489
-11491
-11497
-11503
-11519
-11527
-11549
-11551
-11579
-11587
-11593
-11597
-11617
-11621
-11633
-11657
-11677
-11681
-11689
-11699
-11701
-11717
-11719
-11731
-11743
-11777
-11779
-11783
-11789
-11801
-11807
-11813
-11821
-11827
-11831
-11833
-11839
-11863
-11867
-11887
-11897
-11903
-11909
-11923
-11927
-11933
-11939
-11941
-11953
-11959
-11969
-11971
-11981
-11987
-12007
-12011
-12037
-12041
-12043
-12049
-12071
-12073
-12097
-12101
-12107
-12109
-12113
-12119
-12143
-12149
-12157
-12161
-12163
-12197
-12203
-12211
-12227
-12239
-12241
-12251
-12253
-12263
-12269
-12277
-12281
-12289
-12301
-12323
-12329
-12343
-12347
-12373
-12377
-12379
-12391
-12401
-12409
-12413
-12421
-12433
-12437
-12451
-12457
-12473
-12479
-12487
-12491
-12497
-12503
-12511
-12517
-12527
-12539
-12541
-12547
-12553
-12569
-12577
-12583
-12589
-12601
-12611
-12613
-12619
-12637
-12641
-12647
-12653
-12659
-12671
-12689
-12697
-12703
-12713
-12721
-12739
-12743
-12757
-12763
-12781
-12791
-12799
-12809
-12821
-12823
-12829
-12841
-12853
-12889
-12893
-12899
-12907
-12911
-12917
-12919
-12923
-12941
-12953
-12959
-12967
-12973
-12979
-12983
-13001
-13003
-13007
-13009
-13033
-13037
-13043
-13049
-13063
-13093
-13099
-13103
-13109
-13121
-13127
-13147
-13151
-13159
-13163
-13171
-13177
-13183
-13187
-13217
-13219
-13229
-13241
-13249
-13259
-13267
-13291
-13297
-13309
-13313
-13327
-13331
-13337
-13339
-13367
-13381
-13397
-13399
-13411
-13417
-13421
-13441
-13451
-13457
-13463
-13469
-13477
-13487
-13499
-13513
-13523
-13537
-13553
-13567
-13577
-13591
-13597
-13613
-13619
-13627
-13633
-13649
-13669
-13679
-13681
-13687
-13691
-13693
-13697
-13709
-13711
-13721
-13723
-13729
-13751
-13757
-13759
-13763
-13781
-13789
-13799
-13807
-13829
-13831
-13841
-13859
-13873
-13877
-13879
-13883
-13901
-13903
-13907
-13913
-13921
-13931
-13933
-13963
-13967
-13997
-13999
-14009
-14011
-14029
-14033
-14051
-14057
-14071
-14081
-14083
-14087
-14107
-14143
-14149
-14153
-14159
-14173
-14177
-14197
-14207
-14221
-14243
-14249
-14251
-14281
-14293
-14303
-14321
-14323
-14327
-14341
-14347
-14369
-14387
-14389
-14401
-14407
-14411
-14419
-14423
-14431
-14437
-14447
-14449
-14461
-14479
-14489
-14503
-14519
-14533
-14537
-14543
-14549
-14551
-14557
-14561
-14563
-14591
-14593
-14621
-14627
-14629
-14633
-14639
-14653
-14657
-14669
-14683
-14699
-14713
-14717
-14723
-14731
-14737
-14741
-14747
-14753
-14759
-14767
-14771
-14779
-14783
-14797
-14813
-14821
-14827
-14831
-14843
-14851
-14867
-14869
-14879
-14887
-14891
-14897
-14923
-14929
-14939
-14947
-14951
-14957
-14969
-14983
-15013
-15017
-15031
-15053
-15061
-15073
-15077
-15083
-15091
-15101
-15107
-15121
-15131
-15137
-15139
-15149
-15161
-15173
-15187
-15193
-15199
-15217
-15227
-15233
-15241
-15259
-15263
-15269
-15271
-15277
-15287
-15289
-15299
-15307
-15313
-15319
-15329
-15331
-15349
-15359
-15361
-15373
-15377
-15383
-15391
-15401
-15413
-15427
-15439
-15443
-15451
-15461
-15467
-15473
-15493
-15497
-15511
-15527
-15541
-15551
-15559
-15569
-15581
-15583
-15601
-15607
-15619
-15629
-15641
-15643
-15647
-15649
-15661
-15667
-15671
-15679
-15683
-15727
-15731
-15733
-15737
-15739
-15749
-15761
-15767
-15773
-15787
-15791
-15797
-15803
-15809
-15817
-15823
-15859
-15877
-15881
-15887
-15889
-15901
-15907
-15913
-15919
-15923
-15937
-15959
-15971
-15973
-15991
-16001
-16007
-16033
-16057
-16061
-16063
-16067
-16069
-16073
-16087
-16091
-16097
-16103
-16111
-16127
-16139
-16141
-16183
-16187
-16189
-16193
-16217
-16223
-16229
-16231
-16249
-16253
-16267
-16273
-16301
-16319
-16333
-16339
-16349
-16361
-16363
-16369
-16381
-16411
-16417
-16421
-16427
-16433
-16447
-16451
-16453
-16477
-16481
-16487
-16493
-16519
-16529
-16547
-16553
-16561
-16567
-16573
-16603
-16607
-16619
-16631
-16633
-16649
-16651
-16657
-16661
-16673
-16691
-16693
-16699
-16703
-16729
-16741
-16747
-16759
-16763
-16787
-16811
-16823
-16829
-16831
-16843
-16871
-16879
-16883
-16889
-16901
-16903
-16921
-16927
-16931
-16937
-16943
-16963
-16979
-16981
-16987
-16993
-17011
-17021
-17027
-17029
-17033
-17041
-17047
-17053
-17077
-17093
-17099
-17107
-17117
-17123
-17137
-17159
-17167
-17183
-17189
-17191
-17203
-17207
-17209
-17231
-17239
-17257
-17291
-17293
-17299
-17317
-17321
-17327
-17333
-17341
-17351
-17359
-17377
-17383
-17387
-17389
-17393
-17401
-17417
-17419
-17431
-17443
-17449
-17467
-17471
-17477
-17483
-17489
-17491
-17497
-17509
-17519
-17539
-17551
-17569
-17573
-17579
-17581
-17597
-17599
-17609
-17623
-17627
-17657
-17659
-17669
-17681
-17683
-17707
-17713
-17729
-17737
-17747
-17749
-17761
-17783
-17789
-17791
-17807
-17827
-17837
-17839
-17851
-17863
-17881
-17891
-17903
-17909
-17911
-17921
-17923
-17929
-17939
-17957
-17959
-17971
-17977
-17981
-17987
-17989
-18013
-18041
-18043
-18047
-18049
-18059
-18061
-18077
-18089
-18097
-18119
-18121
-18127
-18131
-18133
-18143
-18149
-18169
-18181
-18191
-18199
-18211
-18217
-18223
-18229
-18233
-18251
-18253
-18257
-18269
-18287
-18289
-18301
-18307
-18311
-18313
-18329
-18341
-18353
-18367
-18371
-18379
-18397
-18401
-18413
-18427
-18433
-18439
-18443
-18451
-18457
-18461
-18481
-18493
-18503
-18517
-18521
-18523
-18539
-18541
-18553
-18583
-18587
-18593
-18617
-18637
-18661
-18671
-18679
-18691
-18701
-18713
-18719
-18731
-18743
-18749
-18757
-18773
-18787
-18793
-18797
-18803
-18839
-18859
-18869
-18899
-18911
-18913
-18917
-18919
-18947
-18959
-18973
-18979
-19001
-19009
-19013
-19031
-19037
-19051
-19069
-19073
-19079
-19081
-19087
-19121
-19139
-19141
-19157
-19163
-19181
-19183
-19207
-19211
-19213
-19219
-19231
-19237
-19249
-19259
-19267
-19273
-19289
-19301
-19309
-19319
-19333
-19373
-19379
-19381
-19387
-19391
-19403
-19417
-19421
-19423
-19427
-19429
-19433
-19441
-19447
-19457
-19463
-19469
-19471
-19477
-19483
-19489
-19501
-19507
-19531
-19541
-19543
-19553
-19559
-19571
-19577
-19583
-19597
-19603
-19609
-19661
-19681
-19687
-19697
-19699
-19709
-19717
-19727
-19739
-19751
-19753
-19759
-19763
-19777
-19793
-19801
-19813
-19819
-19841
-19843
-19853
-19861
-19867
-19889
-19891
-19913
-19919
-19927
-19937
-19949
-19961
-19963
-19973
-19979
-19991
-19993
-19997
-20011
-20021
-20023
-20029
-20047
-20051
-20063
-20071
-20089
-20101
-20107
-20113
-20117
-20123
-20129
-20143
-20147
-20149
-20161
-20173
-20177
-20183
-20201
-20219
-20231
-20233
-20249
-20261
-20269
-20287
-20297
-20323
-20327
-20333
-20341
-20347
-20353
-20357
-20359
-20369
-20389
-20393
-20399
-20407
-20411
-20431
-20441
-20443
-20477
-20479
-20483
-20507
-20509
-20521
-20533
-20543
-20549
-20551
-20563
-20593
-20599
-20611
-20627
-20639
-20641
-20663
-20681
-20693
-20707
-20717
-20719
-20731
-20743
-20747
-20749
-20753
-20759
-20771
-20773
-20789
-20807
-20809
-20849
-20857
-20873
-20879
-20887
-20897
-20899
-20903
-20921
-20929
-20939
-20947
-20959
-20963
-20981
-20983
-21001
-21011
-21013
-21017
-21019
-21023
-21031
-21059
-21061
-21067
-21089
-21101
-21107
-21121
-21139
-21143
-21149
-21157
-21163
-21169
-21179
-21187
-21191
-21193
-21211
-21221
-21227
-21247
-21269
-21277
-21283
-21313
-21317
-21319
-21323
-21341
-21347
-21377
-21379
-21383
-21391
-21397
-21401
-21407
-21419
-21433
-21467
-21481
-21487
-21491
-21493
-21499
-21503
-21517
-21521
-21523
-21529
-21557
-21559
-21563
-21569
-21577
-21587
-21589
-21599
-21601
-21611
-21613
-21617
-21647
-21649
-21661
-21673
-21683
-21701
-21713
-21727
-21737
-21739
-21751
-21757
-21767
-21773
-21787
-21799
-21803
-21817
-21821
-21839
-21841
-21851
-21859
-21863
-21871
-21881
-21893
-21911
-21929
-21937
-21943
-21961
-21977
-21991
-21997
-22003
-22013
-22027
-22031
-22037
-22039
-22051
-22063
-22067
-22073
-22079
-22091
-22093
-22109
-22111
-22123
-22129
-22133
-22147
-22153
-22157
-22159
-22171
-22189
-22193
-22229
-22247
-22259
-22271
-22273
-22277
-22279
-22283
-22291
-22303
-22307
-22343
-22349
-22367
-22369
-22381
-22391
-22397
-22409
-22433
-22441
-22447
-22453
-22469
-22481
-22483
-22501
-22511
-22531
-22541
-22543
-22549
-22567
-22571
-22573
-22613
-22619
-22621
-22637
-22639
-22643
-22651
-22669
-22679
-22691
-22697
-22699
-22709
-22717
-22721
-22727
-22739
-22741
-22751
-22769
-22777
-22783
-22787
-22807
-22811
-22817
-22853
-22859
-22861
-22871
-22877
-22901
-22907
-22921
-22937
-22943
-22961
-22963
-22973
-22993
-23003
-23011
-23017
-23021
-23027
-23029
-23039
-23041
-23053
-23057
-23059
-23063
-23071
-23081
-23087
-23099
-23117
-23131
-23143
-23159
-23167
-23173
-23189
-23197
-23201
-23203
-23209
-23227
-23251
-23269
-23279
-23291
-23293
-23297
-23311
-23321
-23327
-23333
-23339
-23357
-23369
-23371
-23399
-23417
-23431
-23447
-23459
-23473
-23497
-23509
-23531
-23537
-23539
-23549
-23557
-23561
-23563
-23567
-23581
-23593
-23599
-23603
-23609
-23623
-23627
-23629
-23633
-23663
-23669
-23671
-23677
-23687
-23689
-23719
-23741
-23743
-23747
-23753
-23761
-23767
-23773
-23789
-23801
-23813
-23819
-23827
-23831
-23833
-23857
-23869
-23873
-23879
-23887
-23893
-23899
-23909
-23911
-23917
-23929
-23957
-23971
-23977
-23981
-23993
-24001
-24007
-24019
-24023
-24029
-24043
-24049
-24061
-24071
-24077
-24083
-24091
-24097
-24103
-24107
-24109
-24113
-24121
-24133
-24137
-24151
-24169
-24179
-24181
-24197
-24203
-24223
-24229
-24239
-24247
-24251
-24281
-24317
-24329
-24337
-24359
-24371
-24373
-24379
-24391
-24407
-24413
-24419
-24421
-24439
-24443
-24469
-24473
-24481
-24499
-24509
-24517
-24527
-24533
-24547
-24551
-24571
-24593
-24611
-24623
-24631
-24659
-24671
-24677
-24683
-24691
-24697
-24709
-24733
-24749
-24763
-24767
-24781
-24793
-24799
-24809
-24821
-24841
-24847
-24851
-24859
-24877
-24889
-24907
-24917
-24919
-24923
-24943
-24953
-24967
-24971
-24977
-24979
-24989
-25013
-25031
-25033
-25037
-25057
-25073
-25087
-25097
-25111
-25117
-25121
-25127
-25147
-25153
-25163
-25169
-25171
-25183
-25189
-25219
-25229
-25237
-25243
-25247
-25253
-25261
-25301
-25303
-25307
-25309
-25321
-25339
-25343
-25349
-25357
-25367
-25373
-25391
-25409
-25411
-25423
-25439
-25447
-25453
-25457
-25463
-25469
-25471
-25523
-25537
-25541
-25561
-25577
-25579
-25583
-25589
-25601
-25603
-25609
-25621
-25633
-25639
-25643
-25657
-25667
-25673
-25679
-25693
-25703
-25717
-25733
-25741
-25747
-25759
-25763
-25771
-25793
-25799
-25801
-25819
-25841
-25847
-25849
-25867
-25873
-25889
-25903
-25913
-25919
-25931
-25933
-25939
-25943
-25951
-25969
-25981
-25997
-25999
-26003
-26017
-26021
-26029
-26041
-26053
-26083
-26099
-26107
-26111
-26113
-26119
-26141
-26153
-26161
-26171
-26177
-26183
-26189
-26203
-26209
-26227
-26237
-26249
-26251
-26261
-26263
-26267
-26293
-26297
-26309
-26317
-26321
-26339
-26347
-26357
-26371
-26387
-26393
-26399
-26407
-26417
-26423
-26431
-26437
-26449
-26459
-26479
-26489
-26497
-26501
-26513
-26539
-26557
-26561
-26573
-26591
-26597
-26627
-26633
-26641
-26647
-26669
-26681
-26683
-26687
-26693
-26699
-26701
-26711
-26713
-26717
-26723
-26729
-26731
-26737
-26759
-26777
-26783
-26801
-26813
-26821
-26833
-26839
-26849
-26861
-26863
-26879
-26881
-26891
-26893
-26903
-26921
-26927
-26947
-26951
-26953
-26959
-26981
-26987
-26993
-27011
-27017
-27031
-27043
-27059
-27061
-27067
-27073
-27077
-27091
-27103
-27107
-27109
-27127
-27143
-27179
-27191
-27197
-27211
-27239
-27241
-27253
-27259
-27271
-27277
-27281
-27283
-27299
-27329
-27337
-27361
-27367
-27397
-27407
-27409
-27427
-27431
-27437
-27449
-27457
-27479
-27481
-27487
-27509
-27527
-27529
-27539
-27541
-27551
-27581
-27583
-27611
-27617
-27631
-27647
-27653
-27673
-27689
-27691
-27697
-27701
-27733
-27737
-27739
-27743
-27749
-27751
-27763
-27767
-27773
-27779
-27791
-27793
-27799
-27803
-27809
-27817
-27823
-27827
-27847
-27851
-27883
-27893
-27901
-27917
-27919
-27941
-27943
-27947
-27953
-27961
-27967
-27983
-27997
-28001
-28019
-28027
-28031
-28051
-28057
-28069
-28081
-28087
-28097
-28099
-28109
-28111
-28123
-28151
-28163
-28181
-28183
-28201
-28211
-28219
-28229
-28277
-28279
-28283
-28289
-28297
-28307
-28309
-28319
-28349
-28351
-28387
-28393
-28403
-28409
-28411
-28429
-28433
-28439
-28447
-28463
-28477
-28493
-28499
-28513
-28517
-28537
-28541
-28547
-28549
-28559
-28571
-28573
-28579
-28591
-28597
-28603
-28607
-28619
-28621
-28627
-28631
-28643
-28649
-28657
-28661
-28663
-28669
-28687
-28697
-28703
-28711
-28723
-28729
-28751
-28753
-28759
-28771
-28789
-28793
-28807
-28813
-28817
-28837
-28843
-28859
-28867
-28871
-28879
-28901
-28909
-28921
-28927
-28933
-28949
-28961
-28979
-29009
-29017
-29021
-29023
-29027
-29033
-29059
-29063
-29077
-29101
-29123
-29129
-29131
-29137
-29147
-29153
-29167
-29173
-29179
-29191
-29201
-29207
-29209
-29221
-29231
-29243
-29251
-29269
-29287
-29297
-29303
-29311
-29327
-29333
-29339
-29347
-29363
-29383
-29387
-29389
-29399
-29401
-29411
-29423
-29429
-29437
-29443
-29453
-29473
-29483
-29501
-29527
-29531
-29537
-29567
-29569
-29573
-29581
-29587
-29599
-29611
-29629
-29633
-29641
-29663
-29669
-29671
-29683
-29717
-29723
-29741
-29753
-29759
-29761
-29789
-29803
-29819
-29833
-29837
-29851
-29863
-29867
-29873
-29879
-29881
-29917
-29921
-29927
-29947
-29959
-29983
-29989
-30011
-30013
-30029
-30047
-30059
-30071
-30089
-30091
-30097
-30103
-30109
-30113
-30119
-30133
-30137
-30139
-30161
-30169
-30181
-30187
-30197
-30203
-30211
-30223
-30241
-30253
-30259
-30269
-30271
-30293
-30307
-30313
-30319
-30323
-30341
-30347
-30367
-30389
-30391
-30403
-30427
-30431
-30449
-30467
-30469
-30491
-30493
-30497
-30509
-30517
-30529
-30539
-30553
-30557
-30559
-30577
-30593
-30631
-30637
-30643
-30649
-30661
-30671
-30677
-30689
-30697
-30703
-30707
-30713
-30727
-30757
-30763
-30773
-30781
-30803
-30809
-30817
-30829
-30839
-30841
-30851
-30853
-30859
-30869
-30871
-30881
-30893
-30911
-30931
-30937
-30941
-30949
-30971
-30977
-30983
-31013
-31019
-31033
-31039
-31051
-31063
-31069
-31079
-31081
-31091
-31121
-31123
-31139
-31147
-31151
-31153
-31159
-31177
-31181
-31183
-31189
-31193
-31219
-31223
-31231
-31237
-31247
-31249
-31253
-31259
-31267
-31271
-31277
-31307
-31319
-31321
-31327
-31333
-31337
-31357
-31379
-31387
-31391
-31393
-31397
-31469
-31477
-31481
-31489
-31511
-31513
-31517
-31531
-31541
-31543
-31547
-31567
-31573
-31583
-31601
-31607
-31627
-31643
-31649
-31657
-31663
-31667
-31687
-31699
-31721
-31723
-31727
-31729
-31741
-31751
-31769
-31771
-31793
-31799
-31817
-31847
-31849
-31859
-31873
-31883
-31891
-31907
-31957
-31963
-31973
-31981
-31991
-32003
-32009
-32027
-32029
-32051
-32057
-32059
-32063
-32069
-32077
-32083
-32089
-32099
-32117
-32119
-32141
-32143
-32159
-32173
-32183
-32189
-32191
-32203
-32213
-32233
-32237
-32251
-32257
-32261
-32297
-32299
-32303
-32309
-32321
-32323
-32327
-32341
-32353
-32359
-32363
-32369
-32371
-32377
-32381
-32401
-32411
-32413
-32423
-32429
-32441
-32443
-32467
-32479
-32491
-32497
-32503
-32507
-32531
-32533
-32537
-32561
-32563
-32569
-32573
-32579
-32587
-32603
-32609
-32611
-32621
-32633
-32647
-32653
-32687
-32693
-32707
-32713
-32717
-32719
-32749
-32771
-32779
-32783
-32789
-32797
-32801
-32803
-32831
-32833
-32839
-32843
-32869
-32887
-32909
-32911
-32917
-32933
-32939
-32941
-32957
-32969
-32971
-32983
-32987
-32993
-32999
-33013
-33023
-33029
-33037
-33049
-33053
-33071
-33073
-33083
-33091
-33107
-33113
-33119
-33149
-33151
-33161
-33179
-33181
-33191
-33199
-33203
-33211
-33223
-33247
-33287
-33289
-33301
-33311
-33317
-33329
-33331
-33343
-33347
-33349
-33353
-33359
-33377
-33391
-33403
-33409
-33413
-33427
-33457
-33461
-33469
-33479
-33487
-33493
-33503
-33521
-33529
-33533
-33547
-33563
-33569
-33577
-33581
-33587
-33589
-33599
-33601
-33613
-33617
-33619
-33623
-33629
-33637
-33641
-33647
-33679
-33703
-33713
-33721
-33739
-33749
-33751
-33757
-33767
-33769
-33773
-33791
-33797
-33809
-33811
-33827
-33829
-33851
-33857
-33863
-33871
-33889
-33893
-33911
-33923
-33931
-33937
-33941
-33961
-33967
-33997
-34019
-34031
-34033
-34039
-34057
-34061
-34123
-34127
-34129
-34141
-34147
-34157
-34159
-34171
-34183
-34211
-34213
-34217
-34231
-34253
-34259
-34261
-34267
-34273
-34283
-34297
-34301
-34303
-34313
-34319
-34327
-34337
-34351
-34361
-34367
-34369
-34381
-34403
-34421
-34429
-34439
-34457
-34469
-34471
-34483
-34487
-34499
-34501
-34511
-34513
-34519
-34537
-34543
-34549
-34583
-34589
-34591
-34603
-34607
-34613
-34631
-34649
-34651
-34667
-34673
-34679
-34687
-34693
-34703
-34721
-34729
-34739
-34747
-34757
-34759
-34763
-34781
-34807
-34819
-34841
-34843
-34847
-34849
-34871
-34877
-34883
-34897
-34913
-34919
-34939
-34949
-34961
-34963
-34981
-35023
-35027
-35051
-35053
-35059
-35069
-35081
-35083
-35089
-35099
-35107
-35111
-35117
-35129
-35141
-35149
-35153
-35159
-35171
-35201
-35221
-35227
-35251
-35257
-35267
-35279
-35281
-35291
-35311
-35317
-35323
-35327
-35339
-35353
-35363
-35381
-35393
-35401
-35407
-35419
-35423
-35437
-35447
-35449
-35461
-35491
-35507
-35509
-35521
-35527
-35531
-35533
-35537
-35543
-35569
-35573
-35591
-35593
-35597
-35603
-35617
-35671
-35677
-35729
-35731
-35747
-35753
-35759
-35771
-35797
-35801
-35803
-35809
-35831
-35837
-35839
-35851
-35863
-35869
-35879
-35897
-35899
-35911
-35923
-35933
-35951
-35963
-35969
-35977
-35983
-35993
-35999
-36007
-36011
-36013
-36017
-36037
-36061
-36067
-36073
-36083
-36097
-36107
-36109
-36131
-36137
-36151
-36161
-36187
-36191
-36209
-36217
-36229
-36241
-36251
-36263
-36269
-36277
-36293
-36299
-36307
-36313
-36319
-36341
-36343
-36353
-36373
-36383
-36389
-36433
-36451
-36457
-36467
-36469
-36473
-36479
-36493
-36497
-36523
-36527
-36529
-36541
-36551
-36559
-36563
-36571
-36583
-36587
-36599
-36607
-36629
-36637
-36643
-36653
-36671
-36677
-36683
-36691
-36697
-36709
-36713
-36721
-36739
-36749
-36761
-36767
-36779
-36781
-36787
-36791
-36793
-36809
-36821
-36833
-36847
-36857
-36871
-36877
-36887
-36899
-36901
-36913
-36919
-36923
-36929
-36931
-36943
-36947
-36973
-36979
-36997
-37003
-37013
-37019
-37021
-37039
-37049
-37057
-37061
-37087
-37097
-37117
-37123
-37139
-37159
-37171
-37181
-37189
-37199
-37201
-37217
-37223
-37243
-37253
-37273
-37277
-37307
-37309
-37313
-37321
-37337
-37339
-37357
-37361
-37363
-37369
-37379
-37397
-37409
-37423
-37441
-37447
-37463
-37483
-37489
-37493
-37501
-37507
-37511
-37517
-37529
-37537
-37547
-37549
-37561
-37567
-37571
-37573
-37579
-37589
-37591
-37607
-37619
-37633
-37643
-37649
-37657
-37663
-37691
-37693
-37699
-37717
-37747
-37781
-37783
-37799
-37811
-37813
-37831
-37847
-37853
-37861
-37871
-37879
-37889
-37897
-37907
-37951
-37957
-37963
-37967
-37987
-37991
-37993
-37997
-38011
-38039
-38047
-38053
-38069
-38083
-38113
-38119
-38149
-38153
-38167
-38177
-38183
-38189
-38197
-38201
-38219
-38231
-38237
-38239
-38261
-38273
-38281
-38287
-38299
-38303
-38317
-38321
-38327
-38329
-38333
-38351
-38371
-38377
-38393
-38431
-38447
-38449
-38453
-38459
-38461
-38501
-38543
-38557
-38561
-38567
-38569
-38593
-38603
-38609
-38611
-38629
-38639
-38651
-38653
-38669
-38671
-38677
-38693
-38699
-38707
-38711
-38713
-38723
-38729
-38737
-38747
-38749
-38767
-38783
-38791
-38803
-38821
-38833
-38839
-38851
-38861
-38867
-38873
-38891
-38903
-38917
-38921
-38923
-38933
-38953
-38959
-38971
-38977
-38993
-39019
-39023
-39041
-39043
-39047
-39079
-39089
-39097
-39103
-39107
-39113
-39119
-39133
-39139
-39157
-39161
-39163
-39181
-39191
-39199
-39209
-39217
-39227
-39229
-39233
-39239
-39241
-39251
-39293
-39301
-39313
-39317
-39323
-39341
-39343
-39359
-39367
-39371
-39373
-39383
-39397
-39409
-39419
-39439
-39443
-39451
-39461
-39499
-39503
-39509
-39511
-39521
-39541
-39551
-39563
-39569
-39581
-39607
-39619
-39623
-39631
-39659
-39667
-39671
-39679
-39703
-39709
-39719
-39727
-39733
-39749
-39761
-39769
-39779
-39791
-39799
-39821
-39827
-39829
-39839
-39841
-39847
-39857
-39863
-39869
-39877
-39883
-39887
-39901
-39929
-39937
-39953
-39971
-39979
-39983
-39989
-40009
-40013
-40031
-40037
-40039
-40063
-40087
-40093
-40099
-40111
-40123
-40127
-40129
-40151
-40153
-40163
-40169
-40177
-40189
-40193
-40213
-40231
-40237
-40241
-40253
-40277
-40283
-40289
-40343
-40351
-40357
-40361
-40387
-40423
-40427
-40429
-40433
-40459
-40471
-40483
-40487
-40493
-40499
-40507
-40519
-40529
-40531
-40543
-40559
-40577
-40583
-40591
-40597
-40609
-40627
-40637
-40639
-40693
-40697
-40699
-40709
-40739
-40751
-40759
-40763
-40771
-40787
-40801
-40813
-40819
-40823
-40829
-40841
-40847
-40849
-40853
-40867
-40879
-40883
-40897
-40903
-40927
-40933
-40939
-40949
-40961
-40973
-40993
-41011
-41017
-41023
-41039
-41047
-41051
-41057
-41077
-41081
-41113
-41117
-41131
-41141
-41143
-41149
-41161
-41177
-41179
-41183
-41189
-41201
-41203
-41213
-41221
-41227
-41231
-41233
-41243
-41257
-41263
-41269
-41281
-41299
-41333
-41341
-41351
-41357
-41381
-41387
-41389
-41399
-41411
-41413
-41443
-41453
-41467
-41479
-41491
-41507
-41513
-41519
-41521
-41539
-41543
-41549
-41579
-41593
-41597
-41603
-41609
-41611
-41617
-41621
-41627
-41641
-41647
-41651
-41659
-41669
-41681
-41687
-41719
-41729
-41737
-41759
-41761
-41771
-41777
-41801
-41809
-41813
-41843
-41849
-41851
-41863
-41879
-41887
-41893
-41897
-41903
-41911
-41927
-41941
-41947
-41953
-41957
-41959
-41969
-41981
-41983
-41999
-42013
-42017
-42019
-42023
-42043
-42061
-42071
-42073
-42083
-42089
-42101
-42131
-42139
-42157
-42169
-42179
-42181
-42187
-42193
-42197
-42209
-42221
-42223
-42227
-42239
-42257
-42281
-42283
-42293
-42299
-42307
-42323
-42331
-42337
-42349
-42359
-42373
-42379
-42391
-42397
-42403
-42407
-42409
-42433
-42437
-42443
-42451
-42457
-42461
-42463
-42467
-42473
-42487
-42491
-42499
-42509
-42533
-42557
-42569
-42571
-42577
-42589
-42611
-42641
-42643
-42649
-42667
-42677
-42683
-42689
-42697
-42701
-42703
-42709
-42719
-42727
-42737
-42743
-42751
-42767
-42773
-42787
-42793
-42797
-42821
-42829
-42839
-42841
-42853
-42859
-42863
-42899
-42901
-42923
-42929
-42937
-42943
-42953
-42961
-42967
-42979
-42989
-43003
-43013
-43019
-43037
-43049
-43051
-43063
-43067
-43093
-43103
-43117
-43133
-43151
-43159
-43177
-43189
-43201
-43207
-43223
-43237
-43261
-43271
-43283
-43291
-43313
-43319
-43321
-43331
-43391
-43397
-43399
-43403
-43411
-43427
-43441
-43451
-43457
-43481
-43487
-43499
-43517
-43541
-43543
-43573
-43577
-43579
-43591
-43597
-43607
-43609
-43613
-43627
-43633
-43649
-43651
-43661
-43669
-43691
-43711
-43717
-43721
-43753
-43759
-43777
-43781
-43783
-43787
-43789
-43793
-43801
-43853
-43867
-43889
-43891
-43913
-43933
-43943
-43951
-43961
-43963
-43969
-43973
-43987
-43991
-43997
-44017
-44021
-44027
-44029
-44041
-44053
-44059
-44071
-44087
-44089
-44101
-44111
-44119
-44123
-44129
-44131
-44159
-44171
-44179
-44189
-44201
-44203
-44207
-44221
-44249
-44257
-44263
-44267
-44269
-44273
-44279
-44281
-44293
-44351
-44357
-44371
-44381
-44383
-44389
-44417
-44449
-44453
-44483
-44491
-44497
-44501
-44507
-44519
-44531
-44533
-44537
-44543
-44549
-44563
-44579
-44587
-44617
-44621
-44623
-44633
-44641
-44647
-44651
-44657
-44683
-44687
-44699
-44701
-44711
-44729
-44741
-44753
-44771
-44773
-44777
-44789
-44797
-44809
-44819
-44839
-44843
-44851
-44867
-44879
-44887
-44893
-44909
-44917
-44927
-44939
-44953
-44959
-44963
-44971
-44983
-44987
-45007
-45013
-45053
-45061
-45077
-45083
-45119
-45121
-45127
-45131
-45137
-45139
-45161
-45179
-45181
-45191
-45197
-45233
-45247
-45259
-45263
-45281
-45289
-45293
-45307
-45317
-45319
-45329
-45337
-45341
-45343
-45361
-45377
-45389
-45403
-45413
-45427
-45433
-45439
-45481
-45491
-45497
-45503
-45523
-45533
-45541
-45553
-45557
-45569
-45587
-45589
-45599
-45613
-45631
-45641
-45659
-45667
-45673
-45677
-45691
-45697
-45707
-45737
-45751
-45757
-45763
-45767
-45779
-45817
-45821
-45823
-45827
-45833
-45841
-45853
-45863
-45869
-45887
-45893
-45943
-45949
-45953
-45959
-45971
-45979
-45989
-46021
-46027
-46049
-46051
-46061
-46073
-46091
-46093
-46099
-46103
-46133
-46141
-46147
-46153
-46171
-46181
-46183
-46187
-46199
-46219
-46229
-46237
-46261
-46271
-46273
-46279
-46301
-46307
-46309
-46327
-46337
-46349
-46351
-46381
-46399
-46411
-46439
-46441
-46447
-46451
-46457
-46471
-46477
-46489
-46499
-46507
-46511
-46523
-46549
-46559
-46567
-46573
-46589
-46591
-46601
-46619
-46633
-46639
-46643
-46649
-46663
-46679
-46681
-46687
-46691
-46703
-46723
-46727
-46747
-46751
-46757
-46769
-46771
-46807
-46811
-46817
-46819
-46829
-46831
-46853
-46861
-46867
-46877
-46889
-46901
-46919
-46933
-46957
-46993
-46997
-47017
-47041
-47051
-47057
-47059
-47087
-47093
-47111
-47119
-47123
-47129
-47137
-47143
-47147
-47149
-47161
-47189
-47207
-47221
-47237
-47251
-47269
-47279
-47287
-47293
-47297
-47303
-47309
-47317
-47339
-47351
-47353
-47363
-47381
-47387
-47389
-47407
-47417
-47419
-47431
-47441
-47459
-47491
-47497
-47501
-47507
-47513
-47521
-47527
-47533
-47543
-47563
-47569
-47581
-47591
-47599
-47609
-47623
-47629
-47639
-47653
-47657
-47659
-47681
-47699
-47701
-47711
-47713
-47717
-47737
-47741
-47743
-47777
-47779
-47791
-47797
-47807
-47809
-47819
-47837
-47843
-47857
-47869
-47881
-47903
-47911
-47917
-47933
-47939
-47947
-47951
-47963
-47969
-47977
-47981
-48017
-48023
-48029
-48049
-48073
-48079
-48091
-48109
-48119
-48121
-48131
-48157
-48163
-48179
-48187
-48193
-48197
-48221
-48239
-48247
-48259
-48271
-48281
-48299
-48311
-48313
-48337
-48341
-48353
-48371
-48383
-48397
-48407
-48409
-48413
-48437
-48449
-48463
-48473
-48479
-48481
-48487
-48491
-48497
-48523
-48527
-48533
-48539
-48541
-48563
-48571
-48589
-48593
-48611
-48619
-48623
-48647
-48649
-48661
-48673
-48677
-48679
-48731
-48733
-48751
-48757
-48761
-48767
-48779
-48781
-48787
-48799
-48809
-48817
-48821
-48823
-48847
-48857
-48859
-48869
-48871
-48883
-48889
-48907
-48947
-48953
-48973
-48989
-48991
-49003
-49009
-49019
-49031
-49033
-49037
-49043
-49057
-49069
-49081
-49103
-49109
-49117
-49121
-49123
-49139
-49157
-49169
-49171
-49177
-49193
-49199
-49201
-49207
-49211
-49223
-49253
-49261
-49277
-49279
-49297
-49307
-49331
-49333
-49339
-49363
-49367
-49369
-49391
-49393
-49409
-49411
-49417
-49429
-49433
-49451
-49459
-49463
-49477
-49481
-49499
-49523
-49529
-49531
-49537
-49547
-49549
-49559
-49597
-49603
-49613
-49627
-49633
-49639
-49663
-49667
-49669
-49681
-49697
-49711
-49727
-49739
-49741
-49747
-49757
-49783
-49787
-49789
-49801
-49807
-49811
-49823
-49831
-49843
-49853
-49871
-49877
-49891
-49919
-49921
-49927
-49937
-49939
-49943
-49957
-49991
-49993
-49999
-50021
-50023
-50033
-50047
-50051
-50053
-50069
-50077
-50087
-50093
-50101
-50111
-50119
-50123
-50129
-50131
-50147
-50153
-50159
-50177
-50207
-50221
-50227
-50231
-50261
-50263
-50273
-50287
-50291
-50311
-50321
-50329
-50333
-50341
-50359
-50363
-50377
-50383
-50387
-50411
-50417
-50423
-50441
-50459
-50461
-50497
-50503
-50513
-50527
-50539
-50543
-50549
-50551
-50581
-50587
-50591
-50593
-50599
-50627
-50647
-50651
-50671
-50683
-50707
-50723
-50741
-50753
-50767
-50773
-50777
-50789
-50821
-50833
-50839
-50849
-50857
-50867
-50873
-50891
-50893
-50909
-50923
-50929
-50951
-50957
-50969
-50971
-50989
-50993
-51001
-51031
-51043
-51047
-51059
-51061
-51071
-51109
-51131
-51133
-51137
-51151
-51157
-51169
-51193
-51197
-51199
-51203
-51217
-51229
-51239
-51241
-51257
-51263
-51283
-51287
-51307
-51329
-51341
-51343
-51347
-51349
-51361
-51383
-51407
-51413
-51419
-51421
-51427
-51431
-51437
-51439
-51449
-51461
-51473
-51479
-51481
-51487
-51503
-51511
-51517
-51521
-51539
-51551
-51563
-51577
-51581
-51593
-51599
-51607
-51613
-51631
-51637
-51647
-51659
-51673
-51679
-51683
-51691
-51713
-51719
-51721
-51749
-51767
-51769
-51787
-51797
-51803
-51817
-51827
-51829
-51839
-51853
-51859
-51869
-51871
-51893
-51899
-51907
-51913
-51929
-51941
-51949
-51971
-51973
-51977
-51991
-52009
-52021
-52027
-52051
-52057
-52067
-52069
-52081
-52103
-52121
-52127
-52147
-52153
-52163
-52177
-52181
-52183
-52189
-52201
-52223
-52237
-52249
-52253
-52259
-52267
-52289
-52291
-52301
-52313
-52321
-52361
-52363
-52369
-52379
-52387
-52391
-52433
-52453
-52457
-52489
-52501
-52511
-52517
-52529
-52541
-52543
-52553
-52561
-52567
-52571
-52579
-52583
-52609
-52627
-52631
-52639
-52667
-52673
-52691
-52697
-52709
-52711
-52721
-52727
-52733
-52747
-52757
-52769
-52783
-52807
-52813
-52817
-52837
-52859
-52861
-52879
-52883
-52889
-52901
-52903
-52919
-52937
-52951
-52957
-52963
-52967
-52973
-52981
-52999
-53003
-53017
-53047
-53051
-53069
-53077
-53087
-53089
-53093
-53101
-53113
-53117
-53129
-53147
-53149
-53161
-53171
-53173
-53189
-53197
-53201
-53231
-53233
-53239
-53267
-53269
-53279
-53281
-53299
-53309
-53323
-53327
-53353
-53359
-53377
-53381
-53401
-53407
-53411
-53419
-53437
-53441
-53453
-53479
-53503
-53507
-53527
-53549
-53551
-53569
-53591
-53593
-53597
-53609
-53611
-53617
-53623
-53629
-53633
-53639
-53653
-53657
-53681
-53693
-53699
-53717
-53719
-53731
-53759
-53773
-53777
-53783
-53791
-53813
-53819
-53831
-53849
-53857
-53861
-53881
-53887
-53891
-53897
-53899
-53917
-53923
-53927
-53939
-53951
-53959
-53987
-53993
-54001
-54011
-54013
-54037
-54049
-54059
-54083
-54091
-54101
-54121
-54133
-54139
-54151
-54163
-54167
-54181
-54193
-54217
-54251
-54269
-54277
-54287
-54293
-54311
-54319
-54323
-54331
-54347
-54361
-54367
-54371
-54377
-54401
-54403
-54409
-54413
-54419
-54421
-54437
-54443
-54449
-54469
-54493
-54497
-54499
-54503
-54517
-54521
-54539
-54541
-54547
-54559
-54563
-54577
-54581
-54583
-54601
-54617
-54623
-54629
-54631
-54647
-54667
-54673
-54679
-54709
-54713
-54721
-54727
-54751
-54767
-54773
-54779
-54787
-54799
-54829
-54833
-54851
-54869
-54877
-54881
-54907
-54917
-54919
-54941
-54949
-54959
-54973
-54979
-54983
-55001
-55009
-55021
-55049
-55051
-55057
-55061
-55073
-55079
-55103
-55109
-55117
-55127
-55147
-55163
-55171
-55201
-55207
-55213
-55217
-55219
-55229
-55243
-55249
-55259
-55291
-55313
-55331
-55333
-55337
-55339
-55343
-55351
-55373
-55381
-55399
-55411
-55439
-55441
-55457
-55469
-55487
-55501
-55511
-55529
-55541
-55547
-55579
-55589
-55603
-55609
-55619
-55621
-55631
-55633
-55639
-55661
-55663
-55667
-55673
-55681
-55691
-55697
-55711
-55717
-55721
-55733
-55763
-55787
-55793
-55799
-55807
-55813
-55817
-55819
-55823
-55829
-55837
-55843
-55849
-55871
-55889
-55897
-55901
-55903
-55921
-55927
-55931
-55933
-55949
-55967
-55987
-55997
-56003
-56009
-56039
-56041
-56053
-56081
-56087
-56093
-56099
-56101
-56113
-56123
-56131
-56149
-56167
-56171
-56179
-56197
-56207
-56209
-56237
-56239
-56249
-56263
-56267
-56269
-56299
-56311
-56333
-56359
-56369
-56377
-56383
-56393
-56401
-56417
-56431
-56437
-56443
-56453
-56467
-56473
-56477
-56479
-56489
-56501
-56503
-56509
-56519
-56527
-56531
-56533
-56543
-56569
-56591
-56597
-56599
-56611
-56629
-56633
-56659
-56663
-56671
-56681
-56687
-56701
-56711
-56713
-56731
-56737
-56747
-56767
-56773
-56779
-56783
-56807
-56809
-56813
-56821
-56827
-56843
-56857
-56873
-56891
-56893
-56897
-56909
-56911
-56921
-56923
-56929
-56941
-56951
-56957
-56963
-56983
-56989
-56993
-56999
-57037
-57041
-57047
-57059
-57073
-57077
-57089
-57097
-57107
-57119
-57131
-57139
-57143
-57149
-57163
-57173
-57179
-57191
-57193
-57203
-57221
-57223
-57241
-57251
-57259
-57269
-57271
-57283
-57287
-57301
-57329
-57331
-57347
-57349
-57367
-57373
-57383
-57389
-57397
-57413
-57427
-57457
-57467
-57487
-57493
-57503
-57527
-57529
-57557
-57559
-57571
-57587
-57593
-57601
-57637
-57641
-57649
-57653
-57667
-57679
-57689
-57697
-57709
-57713
-57719
-57727
-57731
-57737
-57751
-57773
-57781
-57787
-57791
-57793
-57803
-57809
-57829
-57839
-57847
-57853
-57859
-57881
-57899
-57901
-57917
-57923
-57943
-57947
-57973
-57977
-57991
-58013
-58027
-58031
-58043
-58049
-58057
-58061
-58067
-58073
-58099
-58109
-58111
-58129
-58147
-58151
-58153
-58169
-58171
-58189
-58193
-58199
-58207
-58211
-58217
-58229
-58231
-58237
-58243
-58271
-58309
-58313
-58321
-58337
-58363
-58367
-58369
-58379
-58391
-58393
-58403
-58411
-58417
-58427
-58439
-58441
-58451
-58453
-58477
-58481
-58511
-58537
-58543
-58549
-58567
-58573
-58579
-58601
-58603
-58613
-58631
-58657
-58661
-58679
-58687
-58693
-58699
-58711
-58727
-58733
-58741
-58757
-58763
-58771
-58787
-58789
-58831
-58889
-58897
-58901
-58907
-58909
-58913
-58921
-58937
-58943
-58963
-58967
-58979
-58991
-58997
-59009
-59011
-59021
-59023
-59029
-59051
-59053
-59063
-59069
-59077
-59083
-59093
-59107
-59113
-59119
-59123
-59141
-59149
-59159
-59167
-59183
-59197
-59207
-59209
-59219
-59221
-59233
-59239
-59243
-59263
-59273
-59281
-59333
-59341
-59351
-59357
-59359
-59369
-59377
-59387
-59393
-59399
-59407
-59417
-59419
-59441
-59443
-59447
-59453
-59467
-59471
-59473
-59497
-59509
-59513
-59539
-59557
-59561
-59567
-59581
-59611
-59617
-59621
-59627
-59629
-59651
-59659
-59663
-59669
-59671
-59693
-59699
-59707
-59723
-59729
-59743
-59747
-59753
-59771
-59779
-59791
-59797
-59809
-59833
-59863
-59879
-59887
-59921
-59929
-59951
-59957
-59971
-59981
-59999
-60013
-60017
-60029
-60037
-60041
-60077
-60083
-60089
-60091
-60101
-60103
-60107
-60127
-60133
-60139
-60149
-60161
-60167
-60169
-60209
-60217
-60223
-60251
-60257
-60259
-60271
-60289
-60293
-60317
-60331
-60337
-60343
-60353
-60373
-60383
-60397
-60413
-60427
-60443
-60449
-60457
-60493
-60497
-60509
-60521
-60527
-60539
-60589
-60601
-60607
-60611
-60617
-60623
-60631
-60637
-60647
-60649
-60659
-60661
-60679
-60689
-60703
-60719
-60727
-60733
-60737
-60757
-60761
-60763
-60773
-60779
-60793
-60811
-60821
-60859
-60869
-60887
-60889
-60899
-60901
-60913
-60917
-60919
-60923
-60937
-60943
-60953
-60961
-61001
-61007
-61027
-61031
-61043
-61051
-61057
-61091
-61099
-61121
-61129
-61141
-61151
-61153
-61169
-61211
-61223
-61231
-61253
-61261
-61283
-61291
-61297
-61331
-61333
-61339
-61343
-61357
-61363
-61379
-61381
-61403
-61409
-61417
-61441
-61463
-61469
-61471
-61483
-61487
-61493
-61507
-61511
-61519
-61543
-61547
-61553
-61559
-61561
-61583
-61603
-61609
-61613
-61627
-61631
-61637
-61643
-61651
-61657
-61667
-61673
-61681
-61687
-61703
-61717
-61723
-61729
-61751
-61757
-61781
-61813
-61819
-61837
-61843
-61861
-61871
-61879
-61909
-61927
-61933
-61949
-61961
-61967
-61979
-61981
-61987
-61991
-62003
-62011
-62017
-62039
-62047
-62053
-62057
-62071
-62081
-62099
-62119
-62129
-62131
-62137
-62141
-62143
-62171
-62189
-62191
-62201
-62207
-62213
-62219
-62233
-62273
-62297
-62299
-62303
-62311
-62323
-62327
-62347
-62351
-62383
-62401
-62417
-62423
-62459
-62467
-62473
-62477
-62483
-62497
-62501
-62507
-62533
-62539
-62549
-62563
-62581
-62591
-62597
-62603
-62617
-62627
-62633
-62639
-62653
-62659
-62683
-62687
-62701
-62723
-62731
-62743
-62753
-62761
-62773
-62791
-62801
-62819
-62827
-62851
-62861
-62869
-62873
-62897
-62903
-62921
-62927
-62929
-62939
-62969
-62971
-62981
-62983
-62987
-62989
-63029
-63031
-63059
-63067
-63073
-63079
-63097
-63103
-63113
-63127
-63131
-63149
-63179
-63197
-63199
-63211
-63241
-63247
-63277
-63281
-63299
-63311
-63313
-63317
-63331
-63337
-63347
-63353
-63361
-63367
-63377
-63389
-63391
-63397
-63409
-63419
-63421
-63439
-63443
-63463
-63467
-63473
-63487
-63493
-63499
-63521
-63527
-63533
-63541
-63559
-63577
-63587
-63589
-63599
-63601
-63607
-63611
-63617
-63629
-63647
-63649
-63659
-63667
-63671
-63689
-63691
-63697
-63703
-63709
-63719
-63727
-63737
-63743
-63761
-63773
-63781
-63793
-63799
-63803
-63809
-63823
-63839
-63841
-63853
-63857
-63863
-63901
-63907
-63913
-63929
-63949
-63977
-63997
-64007
-64013
-64019
-64033
-64037
-64063
-64067
-64081
-64091
-64109
-64123
-64151
-64153
-64157
-64171
-64187
-64189
-64217
-64223
-64231
-64237
-64271
-64279
-64283
-64301
-64303
-64319
-64327
-64333
-64373
-64381
-64399
-64403
-64433
-64439
-64451
-64453
-64483
-64489
-64499
-64513
-64553
-64567
-64577
-64579
-64591
-64601
-64609
-64613
-64621
-64627
-64633
-64661
-64663
-64667
-64679
-64693
-64709
-64717
-64747
-64763
-64781
-64783
-64793
-64811
-64817
-64849
-64853
-64871
-64877
-64879
-64891
-64901
-64919
-64921
-64927
-64937
-64951
-64969
-64997
-65003
-65011
-65027
-65029
-65033
-65053
-65063
-65071
-65089
-65099
-65101
-65111
-65119
-65123
-65129
-65141
-65147
-65167
-65171
-65173
-65179
-65183
-65203
-65213
-65239
-65257
-65267
-65269
-65287
-65293
-65309
-65323
-65327
-65353
-65357
-65371
-65381
-65393
-65407
-65413
-65419
-65423
-65437
-65447
-65449
-65479
-65497
-65519
-65521
diff --git a/security/nss/lib/freebl/mpi/doc/prng.pod b/security/nss/lib/freebl/mpi/doc/prng.pod
deleted file mode 100644
index 1ae75da82..000000000
--- a/security/nss/lib/freebl/mpi/doc/prng.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=head1 NAME
-
- prng - pseudo-random number generator
-
-=head1 SYNOPSIS
-
- prng [count]
-
-=head1 DESCRIPTION
-
-B<Prng> generates 32-bit pseudo-random integers using the
-Blum-Blum-Shub (BBS) quadratic residue generator.  It is seeded using
-the standard C library's rand() function, which itself seeded from the
-system clock and the process ID number.  Thus, the values generated
-are not particularly useful for cryptographic applications, but they
-are in general much better than the typical output of the usual
-multiplicative congruency generator used by most runtime libraries.
-
-You may optionally specify how many random values should be generated
-by giving a I<count> argument on the command line.  If you do not
-specify a count, only one random value will be generated.  The results
-are output to the standard output in decimal notation, one value per
-line.
-
-=head1 RESTRICTIONS
-
-As stated above, B<prng> uses the C library's rand() function to seed
-the generator, so it is not terribly suitable for cryptographic
-applications.  Also note that each time you run the program, a new
-seed is generated, so it is better to run it once with a I<count>
-parameter than it is to run it multiple times to generate several
-values.
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved
- Thayer School of Engineering, Dartmouth College, Hanover, NH  USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/redux.txt b/security/nss/lib/freebl/mpi/doc/redux.txt
deleted file mode 100644
index f6f8b6ad4..000000000
--- a/security/nss/lib/freebl/mpi/doc/redux.txt
+++ /dev/null
@@ -1,118 +0,0 @@
-Modular Reduction
-
-Usually, modular reduction is accomplished by long division, using the
-mp_div() or mp_mod() functions.  However, when performing modular
-exponentiation, you spend a lot of time reducing by the same modulus
-again and again.  For this purpose, doing a full division for each
-multiplication is quite inefficient.
-
-For this reason, the mp_exptmod() function does not perform modular
-reductions in the usual way, but instead takes advantage of an
-algorithm due to Barrett, as described by Menezes, Oorschot and
-VanStone in their book _Handbook of Applied Cryptography_, published
-by the CRC Press (see Chapter 14 for details).  This method reduces
-most of the computation of reduction to efficient shifting and masking
-operations, and avoids the multiple-precision division entirely.
-
-Here is a brief synopsis of Barrett reduction, as it is implemented in
-this library.
-
-Let b denote the radix of the computation (one more than the maximum
-value that can be denoted by an mp_digit).  Let m be the modulus, and
-let k be the number of significant digits of m.  Let x be the value to
-be reduced modulo m.  By the Division Theorem, there exist unique
-integers Q and R such that:
-
-	 x = Qm + R, 0 <= R < m
-
-Barrett reduction takes advantage of the fact that you can easily
-approximate Q to within two, given a value M such that:
-
-	                  2k
-	                 b
-	    M = floor( ----- )
-	                 m
-
-Computation of M requires a full-precision division step, so if you
-are only doing a single reduction by m, you gain no advantage.
-However, when multiple reductions by the same m are required, this
-division need only be done once, beforehand.  Using this, we can use
-the following equation to compute Q', an approximation of Q:
-
-                     x
-            floor( ------ ) M
-                      k-1
-                     b
-Q' = floor( ----------------- )
-                    k+1
-                   b
-
-The divisions by b^(k-1) and b^(k+1) and the floor() functions can be
-efficiently implemented with shifts and masks, leaving only a single
-multiplication to be performed to get this approximation.  It can be
-shown that Q - 2 <= Q' <= Q, so in the worst case, we can get out with
-two additional subtractions to bring the value into line with the
-actual value of Q.
-
-Once we've got Q', we basically multiply that by m and subtract from
-x, yielding:
-
-   x - Q'm = Qm + R - Q'm
-
-Since we know the constraint on Q', this is one of:
-
-      R
-      m + R
-      2m + R
-
-Since R < m by the Division Theorem, we can simply subtract off m
-until we get a value in the correct range, which will happen with no
-more than 2 subtractions:
-
-     v = x - Q'm
-
-     while(v >= m)
-       v = v - m
-     endwhile
-
-
-In random performance trials, modular exponentiation using this method
-of reduction gave around a 40% speedup over using the division for
-reduction.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/sqrt.txt b/security/nss/lib/freebl/mpi/doc/sqrt.txt
deleted file mode 100644
index e14157caa..000000000
--- a/security/nss/lib/freebl/mpi/doc/sqrt.txt
+++ /dev/null
@@ -1,82 +0,0 @@
-Square Root
-
-A simple iterative algorithm is used to compute the greatest integer
-less than or equal to the square root.  Essentially, this is Newton's
-linear approximation, computed by finding successive values of the
-equation:
-
-		    x[k]^2 - V
-x[k+1]	 =  x[k] - ------------
-	             2 x[k]
-
-...where V is the value for which the square root is being sought.  In
-essence, what is happening here is that we guess a value for the
-square root, then figure out how far off we were by squaring our guess
-and subtracting the target.  Using this value, we compute a linear
-approximation for the error, and adjust the "guess".  We keep doing
-this until the precision gets low enough that the above equation
-yields a quotient of zero.  At this point, our last guess is one
-greater than the square root we're seeking.
-
-The initial guess is computed by dividing V by 4, which is a heuristic
-I have found to be fairly good on average.  This also has the
-advantage of being very easy to compute efficiently, even for large
-values.
-
-So, the resulting algorithm works as follows:
-
-    x = V / 4   /* compute initial guess */
-    
-    loop
-	t = (x * x) - V   /* Compute absolute error  */
-	u = 2 * x         /* Adjust by tangent slope */
-	t = t / u
-
-	/* Loop is done if error is zero */
-	if(t == 0)
-	    break
-
-	/* Adjust guess by error term    */
-	x = x - t
-    end
-
-    x = x - 1
-
-The result of the computation is the value of x.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/square.txt b/security/nss/lib/freebl/mpi/doc/square.txt
deleted file mode 100644
index e0d28798a..000000000
--- a/security/nss/lib/freebl/mpi/doc/square.txt
+++ /dev/null
@@ -1,104 +0,0 @@
-Squaring Algorithm
-
-When you are squaring a value, you can take advantage of the fact that
-half the multiplications performed by the more general multiplication
-algorithm (see 'mul.txt' for a description) are redundant when the
-multiplicand equals the multiplier.
-
-In particular, the modified algorithm is:
-
-k = 0
-for j <- 0 to (#a - 1)
-  w = c[2*j] + (a[j] ^ 2);
-  k = w div R
-
-  for i <- j+1 to (#a - 1)
-    w = (2 * a[j] * a[i]) + k + c[i+j]
-    c[i+j] = w mod R
-    k = w div R
-  endfor
-  c[i+j] = k;
-  k = 0;
-endfor
-
-On the surface, this looks identical to the multiplication algorithm;
-however, note the following differences:
-
-  - precomputation of the leading term in the outer loop
-
-  - i runs from j+1 instead of from zero
-
-  - doubling of a[i] * a[j] in the inner product
-
-Unfortunately, the construction of the inner product is such that we
-need more than two digits to represent the inner product, in some
-cases.  In a C implementation, this means that some gymnastics must be
-performed in order to handle overflow, for which C has no direct
-abstraction.  We do this by observing the following:
-
-If we have multiplied a[i] and a[j], and the product is more than half
-the maximum value expressible in two digits, then doubling this result
-will overflow into a third digit.  If this occurs, we take note of the
-overflow, and double it anyway -- C integer arithmetic ignores
-overflow, so the two digits we get back should still be valid, modulo
-the overflow.
-
-Having doubled this value, we now have to add in the remainders and
-the digits already computed by earlier steps.  If we did not overflow
-in the previous step, we might still cause an overflow here.  That
-will happen whenever the maximum value expressible in two digits, less
-the amount we have to add, is greater than the result of the previous
-step.  Thus, the overflow computation is:
-
-
-  u = 0
-  w = a[i] * a[j]
-
-  if(w > (R - 1)/ 2)
-    u = 1;
-
-  w = w * 2
-  v = c[i + j] + k
-
-  if(u == 0 && (R - 1 - v) < w)
-    u = 1
-
-If there is an overflow, u will be 1, otherwise u will be 0.  The rest
-of the parameters are the same as they are in the above description.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/timing.txt b/security/nss/lib/freebl/mpi/doc/timing.txt
deleted file mode 100644
index c1701063a..000000000
--- a/security/nss/lib/freebl/mpi/doc/timing.txt
+++ /dev/null
@@ -1,245 +0,0 @@
-MPI Library Timing Tests
-
-Hardware/OS
-(A) SGI O2 1 x MIPS R10000 250MHz IRIX 6.5.3
-(B) IBM RS/6000 43P-240 1 x PowerPC 603e 223MHz AIX 4.3
-(C) Dell GX1/L+ 1 x Pentium III 550MHz Linux 2.2.12-20
-(D) PowerBook G3 1 x PowerPC 750 266MHz LinuxPPC 2.2.6-15apmac
-(E) PowerBook G3 1 x PowerPC 750 266MHz MacOS 8.5.1
-(F) PowerBook G3 1 x PowerPC 750 400MHz MacOS 9.0.2
-
-Compiler
-(1) MIPSpro C 7.2.1 -O3 optimizations
-(2) GCC 2.95.1 -O3 optimizations
-(3) IBM AIX xlc -O3 optimizations (version unknown)
-(4) EGCS 2.91.66 -O3 optimizations
-(5) Metrowerks CodeWarrior 5.0 C, all optimizations
-(6) MIPSpro C 7.30 -O3 optimizations
-(7) same as (6), with optimized libmalloc.so
-
-Timings are given in seconds, computed using the C library's clock()
-function.  The first column gives the hardware and compiler
-configuration used for the test. The second column indicates the
-number of tests that were aggregated to get the statistics for that
-size.  These were compiled using 16 bit digits.
-
-Source data were generated randomly using a fixed seed, so they should
-be internally consistent, but may vary on different systems depending
-on the C library.  Also, since the resolution of the timer accessed by
-clock() varies, there may be some variance in the precision of these
-measurements.
-
-Prime Generation (primegen)
-
-128 bits:
-A1      200     min=0.03, avg=0.19, max=0.72, sum=38.46
-A2      200     min=0.02, avg=0.16, max=0.62, sum=32.55
-B3      200     min=0.01, avg=0.07, max=0.22, sum=13.29
-C4      200     min=0.00, avg=0.03, max=0.20, sum=6.14
-D4      200     min=0.00, avg=0.05, max=0.33, sum=9.70
-A6      200     min=0.01, avg=0.09, max=0.36, sum=17.48
-A7      200     min=0.00, avg=0.05, max=0.24, sum=10.07
-
-192 bits:
-A1      200     min=0.05, avg=0.45, max=3.13, sum=89.96
-A2      200     min=0.04, avg=0.39, max=2.61, sum=77.55
-B3      200     min=0.02, avg=0.18, max=1.25, sum=36.97
-C4      200     min=0.01, avg=0.09, max=0.33, sum=18.24
-D4      200     min=0.02, avg=0.15, max=0.54, sum=29.63
-A6      200     min=0.02, avg=0.24, max=1.70, sum=47.84
-A7      200     min=0.01, avg=0.15, max=1.05, sum=30.88
-
-256 bits:
-A1      200     min=0.08, avg=0.92, max=6.13, sum=184.79
-A2      200     min=0.06, avg=0.76, max=5.03, sum=151.11
-B3      200     min=0.04, avg=0.41, max=2.68, sum=82.35
-C4      200     min=0.02, avg=0.19, max=0.69, sum=37.91
-D4      200     min=0.03, avg=0.31, max=1.15, sum=63.00
-A6      200     min=0.04, avg=0.48, max=3.13, sum=95.46
-A7      200     min=0.03, avg=0.37, max=2.36, sum=73.60
-
-320 bits:
-A1      200     min=0.11, avg=1.59, max=6.14, sum=318.81
-A2      200     min=0.09, avg=1.27, max=4.93, sum=254.03
-B3      200     min=0.07, avg=0.82, max=3.13, sum=163.80
-C4      200     min=0.04, avg=0.44, max=1.91, sum=87.59
-D4      200     min=0.06, avg=0.73, max=3.22, sum=146.73
-A6      200     min=0.07, avg=0.93, max=3.50, sum=185.01
-A7      200     min=0.05, avg=0.76, max=2.94, sum=151.78
-
-384 bits:
-A1      200     min=0.16, avg=2.69, max=11.41, sum=537.89
-A2      200     min=0.13, avg=2.15, max=9.03, sum=429.14
-B3      200     min=0.11, avg=1.54, max=6.49, sum=307.78
-C4      200     min=0.06, avg=0.81, max=4.84, sum=161.13
-D4      200     min=0.10, avg=1.38, max=8.31, sum=276.81
-A6      200     min=0.11, avg=1.73, max=7.36, sum=345.55
-A7      200     min=0.09, avg=1.46, max=6.12, sum=292.02
-
-448 bits:
-A1      200     min=0.23, avg=3.36, max=15.92, sum=672.63
-A2      200     min=0.17, avg=2.61, max=12.25, sum=522.86
-B3      200     min=0.16, avg=2.10, max=9.83, sum=420.86
-C4      200     min=0.09, avg=1.44, max=7.64, sum=288.36
-D4      200     min=0.16, avg=2.50, max=13.29, sum=500.17
-A6      200     min=0.15, avg=2.31, max=10.81, sum=461.58
-A7      200     min=0.14, avg=2.03, max=9.53, sum=405.16
-
-512 bits:
-A1      200     min=0.30, avg=6.12, max=22.18, sum=1223.35
-A2      200     min=0.25, avg=4.67, max=16.90, sum=933.18
-B3      200     min=0.23, avg=4.13, max=14.94, sum=825.45
-C4      200     min=0.13, avg=2.08, max=9.75, sum=415.22
-D4      200     min=0.24, avg=4.04, max=20.18, sum=808.11
-A6      200     min=0.22, avg=4.47, max=16.19, sum=893.83
-A7      200     min=0.20, avg=4.03, max=14.65, sum=806.02
-
-Modular Exponentation (metime)
-
-The following results are aggregated from 200 pseudo-randomly
-generated tests, based on a fixed seed. 
-
-                      base, exponent, and modulus size (bits)
-P/C       128   192   256   320   384   448   512   640   768   896  1024
-------- -----------------------------------------------------------------
-A1      0.015 0.027 0.047 0.069 0.098 0.133 0.176 0.294 0.458 0.680 1.040
-A2      0.013 0.024 0.037 0.053 0.077 0.102 0.133 0.214 0.326 0.476 0.668
-B3      0.005 0.011 0.021 0.036 0.056 0.084 0.121 0.222 0.370 0.573 0.840
-C4      0.002 0.006 0.011 0.020 0.032 0.048 0.069 0.129 0.223 0.344 0.507
-D4      0.004 0.010 0.019 0.034 0.056 0.085 0.123 0.232 0.390 0.609 0.899
-E5      0.007 0.015 0.031 0.055 0.088 0.133 0.183 0.342 0.574 0.893 1.317
-A6      0.008 0.016 0.038 0.042 0.064 0.093 0.133 0.239 0.393 0.604 0.880
-A7      0.005 0.011 0.020 0.036 0.056 0.083 0.121 0.223 0.374 0.583 0.855
-
-Multiplication and Squaring tests, (mulsqr)
-
-The following results are aggregated from 500000 pseudo-randomly
-generated tests, based on a per-run wall-clock seed.  Times are given
-in seconds, except where indicated in microseconds (us).
-
-(A1)
-
-bits    multiply    square  ad  percent time/mult   time/square
-64      9.33        9.15    >   1.9     18.7us      18.3us
-128     10.88       10.44   >   4.0     21.8us      20.9us
-192     13.30       11.89   >   10.6    26.7us      23.8us
-256     14.88       12.64   >   15.1    29.8us      25.3us
-320     18.64       15.01   >   19.5    37.3us      30.0us
-384     23.11       17.70   >   23.4    46.2us      35.4us
-448     28.28       20.88   >   26.2    56.6us      41.8us
-512     34.09       24.51   >   28.1    68.2us      49.0us
-640     47.86       33.25   >   30.5    95.7us      66.5us
-768     64.91       43.54   >   32.9    129.8us     87.1us
-896     84.49       55.48   >   34.3    169.0us     111.0us
-1024    107.25      69.21   >   35.5    214.5us     138.4us
-1536    227.97      141.91  >   37.8    456.0us     283.8us
-2048    394.05      242.15  >   38.5    788.1us     484.3us
-
-(A2)
-
-bits    multiply    square  ad  percent time/mult   time/square
-64      7.87        7.95    <   1.0     15.7us      15.9us
-128     9.40        9.19    >   2.2     18.8us      18.4us
-192     11.15       10.59   >   5.0     22.3us      21.2us
-256     12.02       11.16   >   7.2     24.0us      22.3us
-320     14.62       13.43   >   8.1     29.2us      26.9us
-384     17.72       15.80   >   10.8    35.4us      31.6us
-448     21.24       18.51   >   12.9    42.5us      37.0us
-512     25.36       21.78   >   14.1    50.7us      43.6us
-640     34.57       29.00   >   16.1    69.1us      58.0us
-768     46.10       37.60   >   18.4    92.2us      75.2us
-896     58.94       47.72   >   19.0    117.9us     95.4us
-1024    73.76       59.12   >   19.8    147.5us     118.2us
-1536    152.00      118.80  >   21.8    304.0us     237.6us
-2048    259.41      199.57  >   23.1    518.8us     399.1us
-
-(B3)
-
-bits    multiply    square  ad  percent time/mult   time/square
-64      2.60        2.47    >   5.0     5.20us      4.94us
-128     4.43        4.06    >   8.4     8.86us      8.12us
-192     7.03        6.10    >   13.2    14.1us      12.2us
-256     10.44       8.59    >   17.7    20.9us      17.2us
-320     14.44       11.64   >   19.4    28.9us      23.3us
-384     19.12       15.08   >   21.1    38.2us      30.2us
-448     24.55       19.09   >   22.2    49.1us      38.2us
-512     31.03       23.53   >   24.2    62.1us      47.1us
-640     45.05       33.80   >   25.0    90.1us      67.6us
-768     63.02       46.05   >   26.9    126.0us     92.1us
-896     83.74       60.29   >   28.0    167.5us     120.6us
-1024    106.73      76.65   >   28.2    213.5us     153.3us
-1536    228.94      160.98  >   29.7    457.9us     322.0us
-2048    398.08      275.93  >   30.7    796.2us     551.9us
-
-(C4)
-
-bits    multiply    square  ad  percent time/mult   time/square
-64      1.34        1.28    >   4.5     2.68us      2.56us
-128     2.76        2.59    >   6.2     5.52us      5.18us
-192     4.52        4.16    >   8.0     9.04us      8.32us
-256     6.64        5.99    >   9.8     13.3us      12.0us
-320     9.20        8.13    >   11.6    18.4us      16.3us
-384     12.01       10.58   >   11.9    24.0us      21.2us
-448     15.24       13.33   >   12.5    30.5us      26.7us
-512     19.02       16.46   >   13.5    38.0us      32.9us
-640     27.56       23.54   >   14.6    55.1us      47.1us
-768     37.89       31.78   >   16.1    75.8us      63.6us
-896     49.24       41.42   >   15.9    98.5us      82.8us
-1024    62.59       52.18   >   16.6    125.2us     104.3us
-1536    131.66      107.72  >   18.2    263.3us     215.4us
-2048    226.45      182.95  >   19.2    453.0us     365.9us
-
-(A7)
-
-bits    multiply    square  ad  percent time/mult   time/square
-64      1.74        1.71    >   1.7     3.48us      3.42us
-128     3.48        2.96    >   14.9    6.96us      5.92us
-192     5.74        4.60    >   19.9    11.5us      9.20us
-256     8.75        6.61    >   24.5    17.5us      13.2us
-320     12.5        8.99    >   28.1    25.0us      18.0us
-384     16.9        11.9    >   29.6    33.8us      23.8us
-448     22.2        15.2    >   31.7    44.4us      30.4us
-512     28.3        19.0    >   32.7    56.6us      38.0us
-640     42.4        28.0    >   34.0    84.8us      56.0us
-768     59.4        38.5    >   35.2    118.8us     77.0us
-896     79.5        51.2    >   35.6    159.0us     102.4us
-1024    102.6	    65.5    >	36.2	205.2us	    131.0us
-1536    224.3	    140.6   >	37.3	448.6us	    281.2us
-2048    393.4	    244.3   >	37.9	786.8us	    488.6us
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/hpma512.s b/security/nss/lib/freebl/mpi/hpma512.s
deleted file mode 100644
index f8241ac3e..000000000
--- a/security/nss/lib/freebl/mpi/hpma512.s
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is multacc512 multiple-precision integer arithmetic.
- * 
- * The Initial Developer of the Original Code is Hewlett-Packard Company.
- * Portions created by Hewlett-Packard Company are 
- * Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved.
- * 
- * Contributor(s):
- *  coded by:   Bill Worley, Hewlett-Packard labs
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- *  This PA-RISC 2.0 function computes the product of two unsigned integers,
- *  and adds the result to a previously computed integer.  The multiplicand
- *  is a 512-bit (64-byte, eight doubleword) unsigned integer, stored in
- *  memory in little-double-wordian order.  The multiplier is an unsigned
- *  64-bit integer.  The previously computed integer to which the product is
- *  added is located in the result ("res") area, and is assumed to be a
- *  576-bit (72-byte, nine doubleword) unsigned integer, stored in memory
- *  in little-double-wordian order.  This value normally will be the result
- *  of a previously computed nine doubleword result.  It is not necessary
- *  to pad the multiplicand with an additional 64-bit zero doubleword.
- *
- *  Multiplicand, multiplier, and addend ideally should be aligned at
- *  16-byte boundaries for best performance.  The code will function
- *  correctly for alignment at eight-byte boundaries which are not 16-byte
- *  boundaries, but the execution may be slightly slower due to even/odd
- *  bank conflicts on PA-RISC 8000 processors.
- *
- *  This function is designed to accept the same calling sequence as Bill
- *  Ackerman's "maxpy_little" function.  The carry from the ninth doubleword
- *  of the result is written to the tenth word of the result, as is done by
- *  Bill Ackerman's function.  The final carry also is returned as an
- *  integer, which may be ignored.  The function prototype may be either
- *  of the following:
- *
- *      void multacc512( int l, chunk* m, const chunk* a, chunk* res );
- *          or
- *      int multacc512( int l, chunk* m, const chunk* a, chunk* res );
- *
- *  where:  "l" originally denoted vector lengths.  This parameter is
- *      ignored.  This function always assumes a multiplicand length of
- *      512 bits (eight doublewords), and addend and result lengths of
- *      576 bits (nine doublewords).
- *
- *      "m" is a pointer to the doubleword multiplier, ideally aligned
- *      on a 16-byte boundary.
- *
- *      "a" is a pointer to the eight-doubleword multiplicand, stored
- *      in little-double-wordian order, and ideally aligned on a 16-byte
- *      boundary.
- *
- *      "res" is a pointer to the nine doubleword addend, and to the
- *      nine-doubleword product computed by this function.  The result
- *      also is stored in little-double-wordian order, and ideally is
- *      aligned on a 16-byte boundary. It is expected that the alignment
- *      of the "res" area may alternate between even/odd doubleword
- *      boundaries for successive calls for 512-bit x 512-bit
- *      multiplications.
- *
- *  The code for this function has been scheduled to use the parallelism
- *  of the PA-RISC 8000 series microprocessors as well as the author was
- *  able.  Comments and/or suggestions for improvement are welcomed.
- *
- *  The code is "64-bit safe".  This means it may be called in either
- *  the 32ILP context or the 64LP context.  All 64-bits of registers are
- *  saved and restored.
- *
- *  This code is self-contained.  It requires no other header files in order
- *  to compile and to be linkable on a PA-RISC 2.0 machine.  Symbolic
- *  definitions for registers and stack offsets are included within this
- *  one source file.
- *
- *  This is a leaf routine.  As such, minimal use is made of the stack area.
- *  Of the 192 bytes allocated, 64 bytes are used for saving/restoring eight
- *  general registers, and 128 bytes are used to move intermediate products
- *  from the floating-point registers to the general registers.  Stack
- *  protocols assure proper alignment of these areas.
- *
- */
-
-
-/*  ====================================================================*/
-/*      symbolic definitions for PA-RISC registers      */
-/*      in the MIPS style, avoids lots of case shifts       */
-/*      assigments (except t4) preserve register number parity  */
-/*  ====================================================================*/
-
-#define zero    %r0         /* permanent zero */
-#define t5      %r1         /* temp register, altered by addil */
-
-#define rp      %r2         /* return pointer */
-
-#define s1      %r3         /* callee saves register*/
-#define s0      %r4         /* callee saves register*/
-#define s3      %r5         /* callee saves register*/
-#define s2      %r6         /* callee saves register*/
-#define s5      %r7         /* callee saves register*/
-#define s4      %r8         /* callee saves register*/
-#define s7      %r9         /* callee saves register*/
-#define s6      %r10        /* callee saves register*/
-
-#define t1      %r19        /* caller saves register*/
-#define t0      %r20        /* caller saves register*/
-#define t3      %r21        /* caller saves register*/
-#define t2      %r22        /* caller saves register*/
-
-#define a3      %r23        /* fourth argument register, high word */
-#define a2      %r24        /* third argument register, low word*/
-#define a1      %r25        /* second argument register, high word*/
-#define a0      %r26        /* first argument register, low word*/
-
-#define v0      %r28        /* high order return value*/
-#define v1      %r29        /* low order return value*/
-
-#define sp      %r30        /* stack pointer*/
-#define t4      %r31        /* temporary register   */
-
-#define fa0     %fr4        /* first argument register*/
-#define fa1     %fr5        /* second argument register*/
-#define fa2     %fr6        /* third argument register*/
-#define fa3     %fr7        /* fourth argument register*/
-
-#define fa0r    %fr4R       /* first argument register*/
-#define fa1r    %fr5R       /* second argument register*/
-#define fa2r    %fr6R       /* third argument register*/
-#define fa3r    %fr7R       /* fourth argument register*/
-
-#define ft0     %fr8        /* caller saves register*/
-#define ft1     %fr9        /* caller saves register*/
-#define ft2     %fr10       /* caller saves register*/
-#define ft3     %fr11       /* caller saves register*/
-
-#define ft0r    %fr8R       /* caller saves register*/
-#define ft1r    %fr9R       /* caller saves register*/
-#define ft2r    %fr10R      /* caller saves register*/
-#define ft3r    %fr11R      /* caller saves register*/
-
-#define ft4     %fr22       /* caller saves register*/
-#define ft5     %fr23       /* caller saves register*/
-#define ft6     %fr24       /* caller saves register*/
-#define ft7     %fr25       /* caller saves register*/
-#define ft8     %fr26       /* caller saves register*/
-#define ft9     %fr27       /* caller saves register*/
-#define ft10    %fr28       /* caller saves register*/
-#define ft11    %fr29       /* caller saves register*/
-#define ft12    %fr30       /* caller saves register*/
-#define ft13    %fr31       /* caller saves register*/
-
-#define ft4r    %fr22R      /* caller saves register*/
-#define ft5r    %fr23R      /* caller saves register*/
-#define ft6r    %fr24R      /* caller saves register*/
-#define ft7r    %fr25R      /* caller saves register*/
-#define ft8r    %fr26R      /* caller saves register*/
-#define ft9r    %fr27R      /* caller saves register*/
-#define ft10r   %fr28R      /* caller saves register*/
-#define ft11r   %fr29R      /* caller saves register*/
-#define ft12r   %fr30R      /* caller saves register*/
-#define ft13r   %fr31R      /* caller saves register*/
-
-
-
-/*  ================================================================== */
-/*      functional definitions for PA-RISC registers           */
-/*  ================================================================== */
-
-/*              general registers           */
-
-#define T1      a0          /* temp, (length parameter ignored)             */
-
-#define pM      a1          /* -> 64-bit multiplier                         */
-#define T2      a1          /* temp, (after fetching multiplier)            */
-
-#define pA      a2          /* -> multiplicand vector (8 64-bit words)      */
-#define T3      a2          /* temp, (after fetching multiplicand)          */
-
-#define pR      a3          /* -> addend vector (8 64-bit doublewords,
-                                  result vector (9 64-bit words)            */
-
-#define S0      s0          /* callee saves summand registers               */
-#define S1      s1
-#define S2      s2
-#define S3      s3
-#define S4      s4
-#define S5      s5
-#define S6      s6
-#define S7      s7
-
-#define S8      v0          /* caller saves summand registers               */
-#define S9      v1
-#define S10     t0
-#define S11     t1
-#define S12     t2
-#define S13     t3
-#define S14     t4
-#define S15     t5
-
-
-
-/*              floating-point registers                                    */
-
-#define M       fa0         /* multiplier double word                       */
-#define MR      fa0r        /* low order half of multiplier double word     */
-#define ML      fa0         /* high order half of multiplier double word    */
-
-#define A0      fa2         /* multiplicand double word 0                   */
-#define A0R     fa2r        /* low order half of multiplicand double word   */
-#define A0L     fa2         /* high order half of multiplicand double word  */
-
-#define A1      fa3         /* multiplicand double word 1                   */
-#define A1R     fa3r        /* low order half of multiplicand double word   */
-#define A1L     fa3         /* high order half of multiplicand double word  */
-
-#define A2      ft0         /* multiplicand double word 2                   */
-#define A2R     ft0r        /* low order half of multiplicand double word   */
-#define A2L     ft0         /* high order half of multiplicand double word  */
-
-#define A3      ft1         /* multiplicand double word 3                   */
-#define A3R     ft1r        /* low order half of multiplicand double word   */
-#define A3L     ft1         /* high order half of multiplicand double word  */
-
-#define A4      ft2         /* multiplicand double word 4                   */
-#define A4R     ft2r        /* low order half of multiplicand double word   */
-#define A4L     ft2         /* high order half of multiplicand double word  */
-
-#define A5      ft3         /* multiplicand double word 5                   */
-#define A5R     ft3r        /* low order half of multiplicand double word   */
-#define A5L     ft3         /* high order half of multiplicand double word  */
-
-#define A6      ft4         /* multiplicand double word 6                   */
-#define A6R     ft4r        /* low order half of multiplicand double word   */
-#define A6L     ft4         /* high order half of multiplicand double word  */
-
-#define A7      ft5         /* multiplicand double word 7                   */
-#define A7R     ft5r        /* low order half of multiplicand double word   */
-#define A7L     ft5         /* high order half of multiplicand double word  */
-
-#define P0      ft6         /* product word 0                               */
-#define P1      ft7         /* product word 0                               */
-#define P2      ft8         /* product word 0                               */
-#define P3      ft9         /* product word 0                               */
-#define P4      ft10        /* product word 0                               */
-#define P5      ft11        /* product word 0                               */
-#define P6      ft12        /* product word 0                               */
-#define P7      ft13        /* product word 0                               */
-
-
-
-
-/*  ======================================================================  */
-/*      symbolic definitions for HP-UX stack offsets                        */
-/*      symbolic definitions for memory NOPs                                */
-/*  ======================================================================  */
-
-#define ST_SZ       192         /* stack area total size                    */
-
-#define SV0         -192(sp)    /* general register save area               */
-#define SV1         -184(sp)
-#define SV2         -176(sp)
-#define SV3         -168(sp)
-#define SV4         -160(sp)
-#define SV5         -152(sp)
-#define SV6         -144(sp)
-#define SV7         -136(sp)
-
-#define XF0         -128(sp)    /* data transfer area                       */
-#define XF1         -120(sp)    /* for floating-pt to integer regs          */
-#define XF2         -112(sp)
-#define XF3         -104(sp)
-#define XF4         -96(sp)
-#define XF5         -88(sp)
-#define XF6         -80(sp)
-#define XF7         -72(sp)
-#define XF8         -64(sp)
-#define XF9         -56(sp)
-#define XF10        -48(sp)
-#define XF11        -40(sp)
-#define XF12        -32(sp)
-#define XF13        -24(sp)
-#define XF14        -16(sp)
-#define XF15        -8(sp)
-
-#define mnop    proberi (sp),3,zero     /* memory NOP                       */
-
-
-
-
-/*  ======================================================================  */
-/*      assembler formalities                                               */
-/*  ======================================================================  */
-
-#ifdef __LP64__
-                .level  2.0W
-#else
-                .level  2.0
-#endif
-                .space    $TEXT$
-                .subspa   $CODE$
-                .align    16
-
-/*  ======================================================================  */
-/*      here to compute 64-bit x 512-bit product + 512-bit addend           */
-/*  ======================================================================  */
-
-multacc512
-        .PROC
-        .CALLINFO
-        .ENTER
-    fldd    0(pM),M                 ; multiplier double word
-    ldo     ST_SZ(sp),sp            ; push stack
-
-    fldd    0(pA),A0                ; multiplicand double word 0
-    std     S1,SV1                  ; save s1
-
-    fldd    16(pA),A2               ; multiplicand double word 2
-    std     S3,SV3                  ; save s3
-
-    fldd    32(pA),A4               ; multiplicand double word 4
-    std     S5,SV5                  ; save s5
-
-    fldd    48(pA),A6               ; multiplicand double word 6
-    std     S7,SV7                  ; save s7
-
-
-    std     S0,SV0                  ; save s0
-    fldd    8(pA),A1                ; multiplicand double word 1
-    xmpyu   MR,A0L,P0               ; A0 cross 32-bit word products
-    xmpyu   ML,A0R,P2
-
-    std     S2,SV2                  ; save s2
-    fldd    24(pA),A3               ; multiplicand double word 3
-    xmpyu   MR,A2L,P4               ; A2 cross 32-bit word products
-    xmpyu   ML,A2R,P6
-
-    std     S4,SV4                  ; save s4
-    fldd    40(pA),A5               ; multiplicand double word 5
-
-    std     S6,SV6                  ; save s6
-    fldd    56(pA),A7               ; multiplicand double word 7
-
-
-    fstd    P0,XF0                  ; MR * A0L
-    xmpyu   MR,A0R,P0               ; A0 right 32-bit word product
-    xmpyu   MR,A1L,P1               ; A1 cross 32-bit word product
-
-    fstd    P2,XF2                  ; ML * A0R
-    xmpyu   ML,A0L,P2               ; A0 left 32-bit word product
-    xmpyu   ML,A1R,P3               ; A1 cross 32-bit word product
-
-    fstd    P4,XF4                  ; MR * A2L
-    xmpyu   MR,A2R,P4               ; A2 right 32-bit word product
-    xmpyu   MR,A3L,P5               ; A3 cross 32-bit word product
-
-    fstd    P6,XF6                  ; ML * A2R
-    xmpyu   ML,A2L,P6               ; A2 parallel 32-bit word product
-    xmpyu   ML,A3R,P7               ; A3 cross 32-bit word product
-
-
-    ldd     XF0,S0                  ; MR * A0L
-    fstd    P1,XF1                  ; MR * A1L
-
-    ldd     XF2,S2                  ; ML * A0R
-    fstd    P3,XF3                  ; ML * A1R
-
-    ldd     XF4,S4                  ; MR * A2L
-    fstd    P5,XF5                  ; MR * A3L
-    xmpyu   MR,A1R,P1               ; A1 parallel 32-bit word products
-    xmpyu   ML,A1L,P3
-
-    ldd     XF6,S6                  ; ML * A2R
-    fstd    P7,XF7                  ; ML * A3R
-    xmpyu   MR,A3R,P5               ; A3 parallel 32-bit word products
-    xmpyu   ML,A3L,P7
-
-
-    fstd    P0,XF0                  ; MR * A0R
-    ldd     XF1,S1                  ; MR * A1L
-    nop
-    add     S0,S2,T1                ; A0 cross product sum
-
-    fstd    P2,XF2                  ; ML * A0L
-    ldd     XF3,S3                  ; ML * A1R
-    add,dc  zero,zero,S0            ; A0 cross product sum carry
-    depd,z  T1,31,32,S2             ; A0 cross product sum << 32
-
-    fstd    P4,XF4                  ; MR * A2R
-    ldd     XF5,S5                  ; MR * A3L
-    shrpd   S0,T1,32,S0             ; A0 carry | cross product sum >> 32
-    add     S4,S6,T3                ; A2 cross product sum
-
-    fstd    P6,XF6                  ; ML * A2L
-    ldd     XF7,S7                  ; ML * A3R
-    add,dc  zero,zero,S4            ; A2 cross product sum carry
-    depd,z  T3,31,32,S6             ; A2 cross product sum << 32
-
-
-    ldd     XF0,S8                  ; MR * A0R
-    fstd    P1,XF1                  ; MR * A1R
-    xmpyu   MR,A4L,P0               ; A4 cross 32-bit word product
-    xmpyu   MR,A5L,P1               ; A5 cross 32-bit word product
-
-    ldd     XF2,S10                 ; ML * A0L
-    fstd    P3,XF3                  ; ML * A1L
-    xmpyu   ML,A4R,P2               ; A4 cross 32-bit word product
-    xmpyu   ML,A5R,P3               ; A5 cross 32-bit word product
-
-    ldd     XF4,S12                 ; MR * A2R
-    fstd    P5,XF5                  ; MR * A3L
-    xmpyu   MR,A6L,P4               ; A6 cross 32-bit word product
-    xmpyu   MR,A7L,P5               ; A7 cross 32-bit word product
-
-    ldd     XF6,S14                 ; ML * A2L
-    fstd    P7,XF7                  ; ML * A3L
-    xmpyu   ML,A6R,P6               ; A6 cross 32-bit word product
-    xmpyu   ML,A7R,P7               ; A7 cross 32-bit word product
-
-
-    fstd    P0,XF0                  ; MR * A4L
-    ldd     XF1,S9                  ; MR * A1R
-    shrpd   S4,T3,32,S4             ; A2 carry | cross product sum >> 32
-    add     S1,S3,T1                ; A1 cross product sum
-
-    fstd    P2,XF2                  ; ML * A4R
-    ldd     XF3,S11                 ; ML * A1L
-    add,dc  zero,zero,S1            ; A1 cross product sum carry
-    depd,z  T1,31,32,S3             ; A1 cross product sum << 32
-
-    fstd    P4,XF4                  ; MR * A6L
-    ldd     XF5,S13                 ; MR * A3R
-    shrpd   S1,T1,32,S1             ; A1 carry | cross product sum >> 32
-    add     S5,S7,T3                ; A3 cross product sum
-
-    fstd    P6,XF6                  ; ML * A6R
-    ldd     XF7,S15                 ; ML * A3L
-    add,dc  zero,zero,S5            ; A3 cross product sum carry
-    depd,z  T3,31,32,S7             ; A3 cross product sum << 32
-
-
-    shrpd   S5,T3,32,S5             ; A3 carry | cross product sum >> 32
-    add     S2,S8,S8                ; M * A0 right doubleword, P0 doubleword
-
-    add,dc  S0,S10,S10              ; M * A0 left doubleword
-    add     S3,S9,S9                ; M * A1 right doubleword
-
-    add,dc  S1,S11,S11              ; M * A1 left doubleword
-    add     S6,S12,S12              ; M * A2 right doubleword
-
-
-    ldd     24(pR),S3               ; Addend word 3
-    fstd    P1,XF1                  ; MR * A5L
-    add,dc  S4,S14,S14              ; M * A2 left doubleword
-    xmpyu   MR,A5R,P1               ; A5 right 32-bit word product
-
-    ldd     8(pR),S1                ; Addend word 1
-    fstd    P3,XF3                  ; ML * A5R
-    add     S7,S13,S13              ; M * A3 right doubleword
-    xmpyu   ML,A5L,P3               ; A5 left 32-bit word product
-
-    ldd     0(pR),S7                ; Addend word 0
-    fstd    P5,XF5                  ; MR * A7L
-    add,dc  S5,S15,S15              ; M * A3 left doubleword
-    xmpyu   MR,A7R,P5               ; A7 right 32-bit word product
-
-    ldd     16(pR),S5               ; Addend word 2
-    fstd    P7,XF7                  ; ML * A7R
-    add     S10,S9,S9               ; P1 doubleword
-    xmpyu   ML,A7L,P7               ; A7 left 32-bit word products
-
-
-    ldd     XF0,S0                  ; MR * A4L
-    fstd    P1,XF9                  ; MR * A5R
-    add,dc  S11,S12,S12             ; P2 doubleword
-    xmpyu   MR,A4R,P0               ; A4 right 32-bit word product
-
-    ldd     XF2,S2                  ; ML * A4R
-    fstd    P3,XF11                 ; ML * A5L
-    add,dc  S14,S13,S13             ; P3 doubleword
-    xmpyu   ML,A4L,P2               ; A4 left 32-bit word product
-
-    ldd     XF6,S6                  ; ML * A6R
-    fstd    P5,XF13                 ; MR * A7R
-    add,dc  zero,S15,T2             ; P4 partial doubleword
-    xmpyu   MR,A6R,P4               ; A6 right 32-bit word product
-
-    ldd     XF4,S4                  ; MR * A6L
-    fstd    P7,XF15                 ; ML * A7L
-    add     S7,S8,S8                ; R0 + P0, new R0 doubleword
-    xmpyu   ML,A6L,P6               ; A6 left 32-bit word product
-
-
-    fstd    P0,XF0                  ; MR * A4R
-    ldd     XF7,S7                  ; ML * A7R
-    add,dc  S1,S9,S9                ; c + R1 + P1, new R1 doubleword
-
-    fstd    P2,XF2                  ; ML * A4L
-    ldd     XF1,S1                  ; MR * A5L
-    add,dc  S5,S12,S12              ; c + R2 + P2, new R2 doubleword
-
-    fstd    P4,XF4                  ; MR * A6R
-    ldd     XF5,S5                  ; MR * A7L
-    add,dc  S3,S13,S13              ; c + R3 + P3, new R3 doubleword
-
-    fstd    P6,XF6                  ; ML * A6L
-    ldd     XF3,S3                  ; ML * A5R
-    add,dc  zero,T2,T2              ; c + partial P4
-    add     S0,S2,T1                ; A4 cross product sum
-
-
-    std     S8,0(pR)                ; save R0
-    add,dc  zero,zero,S0            ; A4 cross product sum carry
-    depd,z  T1,31,32,S2             ; A4 cross product sum << 32
-
-    std     S9,8(pR)                ; save R1
-    shrpd   S0,T1,32,S0             ; A4 carry | cross product sum >> 32
-    add     S4,S6,T3                ; A6 cross product sum
-
-    std     S12,16(pR)              ; save R2
-    add,dc  zero,zero,S4            ; A6 cross product sum carry
-    depd,z  T3,31,32,S6             ; A6 cross product sum << 32
-
-
-    std     S13,24(pR)              ; save R3
-    shrpd   S4,T3,32,S4             ; A6 carry | cross product sum >> 32
-    add     S1,S3,T1                ; A5 cross product sum
-
-    ldd     XF0,S8                  ; MR * A4R
-    add,dc  zero,zero,S1            ; A5 cross product sum carry
-    depd,z  T1,31,32,S3             ; A5 cross product sum << 32
-
-    ldd     XF2,S10                 ; ML * A4L
-    ldd     XF9,S9                  ; MR * A5R
-    shrpd   S1,T1,32,S1             ; A5 carry | cross product sum >> 32
-    add     S5,S7,T3                ; A7 cross product sum
-
-    ldd     XF4,S12                 ; MR * A6R
-    ldd     XF11,S11                ; ML * A5L
-    add,dc  zero,zero,S5            ; A7 cross product sum carry
-    depd,z  T3,31,32,S7             ; A7 cross product sum << 32
-
-    ldd     XF6,S14                 ; ML * A6L
-    ldd     XF13,S13                ; MR * A7R
-    shrpd   S5,T3,32,S5             ; A7 carry | cross product sum >> 32
-    add     S2,S8,S8                ; M * A4 right doubleword
-
-
-    ldd     XF15,S15                ; ML * A7L
-    add,dc  S0,S10,S10              ; M * A4 left doubleword
-    add     S3,S9,S9                ; M * A5 right doubleword
-
-    add,dc  S1,S11,S11              ; M * A5 left doubleword
-    add     S6,S12,S12              ; M * A6 right doubleword
-
-    ldd     32(pR),S0               ; Addend word 4
-    ldd     40(pR),S1               ; Addend word 5
-    add,dc  S4,S14,S14              ; M * A6 left doubleword
-    add     S7,S13,S13              ; M * A7 right doubleword
-
-    ldd     48(pR),S2               ; Addend word 6
-    ldd     56(pR),S3               ; Addend word 7
-    add,dc  S5,S15,S15              ; M * A7 left doubleword
-    add     S8,T2,S8                ; P4 doubleword
-
-    ldd     64(pR),S4               ; Addend word 8
-    ldd     SV5,s5                  ; restore s5
-    add,dc  S10,S9,S9               ; P5 doubleword
-    add,dc  S11,S12,S12             ; P6 doubleword
-
-
-    ldd     SV6,s6                  ; restore s6
-    ldd     SV7,s7                  ; restore s7
-    add,dc  S14,S13,S13             ; P7 doubleword
-    add,dc  zero,S15,S15            ; P8 doubleword
-
-    add     S0,S8,S8                ; new R4 doubleword
-
-    ldd     SV0,s0                  ; restore s0
-    std     S8,32(pR)               ; save R4
-    add,dc  S1,S9,S9                ; new R5 doubleword
-
-    ldd     SV1,s1                  ; restore s1
-    std     S9,40(pR)               ; save R5
-    add,dc  S2,S12,S12              ; new R6 doubleword
-
-    ldd     SV2,s2                  ; restore s2
-    std     S12,48(pR)              ; save R6
-    add,dc  S3,S13,S13              ; new R7 doubleword
-
-    ldd     SV3,s3                  ; restore s3
-    std     S13,56(pR)              ; save R7
-    add,dc  S4,S15,S15              ; new R8 doubleword
-
-    ldd     SV4,s4                  ; restore s4
-    std     S15,64(pR)              ; save result[8]
-    add,dc  zero,zero,v0            ; return carry from R8
-
-    CMPIB,*= 0,v0,$L0               ; if no overflow, exit
-    LDO     8(pR),pR
-
-$FINAL1                             ; Final carry propagation
-    LDD     64(pR),v0
-    LDO     8(pR),pR
-    ADDI    1,v0,v0
-    CMPIB,*= 0,v0,$FINAL1           ; Keep looping if there is a carry.
-    STD     v0,56(pR)
-$L0
-    bv      zero(rp)                ; -> caller
-    ldo     -ST_SZ(sp),sp           ; pop stack
-
-/*  ======================================================================  */
-/*      end of module                                                       */
-/*  ======================================================================  */
-
-                .LEAVE
-
-                .PROCEND
-                .SPACE         $TEXT$
-                .SUBSPA        $CODE$
-                .EXPORT        multacc512,ENTRY
-
-        .end
diff --git a/security/nss/lib/freebl/mpi/hppa20.s b/security/nss/lib/freebl/mpi/hppa20.s
deleted file mode 100644
index f7579b805..000000000
--- a/security/nss/lib/freebl/mpi/hppa20.s
+++ /dev/null
@@ -1,929 +0,0 @@
-; The contents of this file are subject to the Mozilla Public
-; License Version 1.1 (the "License"); you may not use this file
-; except in compliance with the License. You may obtain a copy of
-; the License at http://www.mozilla.org/MPL/
-; 
-; Software distributed under the License is distributed on an "AS
-; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-; implied. See the License for the specific language governing
-; rights and limitations under the License.
-; 
-; The Original Code is MAXPY multiple-precision integer arithmetic.
-; 
-; The Initial Developer of the Original Code is the Hewlett-Packard Company.
-; Portions created by Hewlett-Packard Company are 
-; Copyright (C) 1997 Hewlett-Packard Company.  All Rights Reserved.
-; 
-; Contributor(s):
-;  coded by:   William B. Ackerman
-; 
-; Alternatively, the contents of this file may be used under the
-; terms of the GNU General Public License Version 2 or later (the
-; "GPL"), in which case the provisions of the GPL are applicable 
-; instead of those above.  If you wish to allow use of your 
-; version of this file only under the terms of the GPL and not to
-; allow others to use your version of this file under the MPL,
-; indicate your decision by deleting the provisions above and
-; replace them with the notice and other provisions required by
-; the GPL.  If you do not delete the provisions above, a recipient
-; may use your version of this file under either the MPL or the
-; GPL.
-
-#ifdef __LP64__
-        .LEVEL   2.0W
-#else
-;       .LEVEL   1.1
-;       .ALLOW   2.0N
-        .LEVEL   2.0N
-#endif
-        .SPACE   $TEXT$,SORT=8
-        .SUBSPA  $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
-
-; ***************************************************************
-;
-;                 maxpy_[little/big]
-;
-; ***************************************************************
-
-; There is no default -- you must specify one or the other.
-#define LITTLE_WORDIAN 1
-
-#ifdef LITTLE_WORDIAN
-#define EIGHT 8
-#define SIXTEEN 16
-#define THIRTY_TWO 32
-#define UN_EIGHT -8
-#define UN_SIXTEEN -16
-#define UN_TWENTY_FOUR -24
-#endif
-
-#ifdef BIG_WORDIAN
-#define EIGHT -8
-#define SIXTEEN -16
-#define THIRTY_TWO -32
-#define UN_EIGHT 8
-#define UN_SIXTEEN 16
-#define UN_TWENTY_FOUR 24
-#endif
-
-; This performs a multiple-precision integer version of "daxpy",
-; Using the selected addressing direction.  "Little-wordian" means that
-; the least significant word of a number is stored at the lowest address.
-; "Big-wordian" means that the most significant word is at the lowest
-; address.  Either way, the incoming address of the vector is that
-; of the least significant word.  That means that, for little-wordian
-; addressing, we move the address upward as we propagate carries
-; from the least significant word to the most significant.  For
-; big-wordian we move the address downward.
-
-; We use the following registers:
-;
-;     r2   return PC, of course
-;     r26 = arg1 =  length
-;     r25 = arg2 =  address of scalar
-;     r24 = arg3 =  multiplicand vector
-;     r23 = arg4 =  result vector
-;
-;     fr9 = scalar loaded once only from r25
-
-; The cycle counts shown in the bodies below are simply the result of a
-; scheduling by hand.  The actual PCX-U hardware does it differently.
-; The intention is that the overall speed is the same.
-
-; The pipeline startup and shutdown code is constructed in the usual way,
-; by taking the loop bodies and removing unnecessary instructions.
-; We have left the comments describing cycle numbers in the code.
-; These are intended for reference when comparing with the main loop,
-; and have no particular relationship to actual cycle numbers.
-
-#ifdef LITTLE_WORDIAN
-maxpy_little
-#else
-maxpy_big
-#endif
-        .PROC
-        .CALLINFO FRAME=120,ENTRY_GR=%r4
-        .ENTER
-
-; Of course, real men don't use the sissy "enter" and "leave" commands.
-; They write their own stack manipulation stuff.  Unfortunately,
-; that doesn't generate complete unwind info, whereas "enter" and
-; "leave" (if the documentation is to be believed) do so.  Therefore,
-; we use the sissy commands.  We have verified (by real-man methods)
-; that the above command generates what we want:
-;       STW,MA  %r3,128(%sp)
-;       STW     %r4,-124(%sp)
-
-        ADDIB,< -1,%r26,$L0         ; If N = 0, exit immediately.
-        FLDD    0(%r25),%fr9        ; fr9 = scalar
-
-; First startup
-
-        FLDD    0(%r24),%fr24       ; Cycle 1
-        XMPYU   %fr9R,%fr24R,%fr27  ; Cycle 3
-        XMPYU   %fr9R,%fr24L,%fr25  ; Cycle 4
-        XMPYU   %fr9L,%fr24L,%fr26  ; Cycle 5
-        CMPIB,> 3,%r26,$N_IS_SMALL  ; Pick out cases N = 1, 2, or 3
-        XMPYU   %fr9L,%fr24R,%fr24  ; Cycle 6
-        FLDD    EIGHT(%r24),%fr28   ; Cycle 8
-        XMPYU   %fr9L,%fr28R,%fr31  ; Cycle 10
-        FSTD    %fr24,-96(%sp)
-        XMPYU   %fr9R,%fr28L,%fr30  ; Cycle 11
-        FSTD    %fr25,-80(%sp)
-        LDO     SIXTEEN(%r24),%r24  ; Cycle 12
-        FSTD    %fr31,-64(%sp)
-        XMPYU   %fr9R,%fr28R,%fr29  ; Cycle 13
-        FSTD    %fr27,-48(%sp)
-
-; Second startup
-
-        XMPYU   %fr9L,%fr28L,%fr28  ; Cycle 1
-        FSTD    %fr30,-56(%sp)
-        FLDD    0(%r24),%fr24
-
-        FSTD    %fr26,-88(%sp)      ; Cycle 2
-
-        XMPYU   %fr9R,%fr24R,%fr27  ; Cycle 3
-        FSTD    %fr28,-104(%sp)
-
-        XMPYU   %fr9R,%fr24L,%fr25  ; Cycle 4
-        LDD     -96(%sp),%r3
-        FSTD    %fr29,-72(%sp)
-
-        XMPYU   %fr9L,%fr24L,%fr26  ; Cycle 5
-        LDD     -64(%sp),%r19
-        LDD     -80(%sp),%r21
-
-        XMPYU   %fr9L,%fr24R,%fr24  ; Cycle 6
-        LDD     -56(%sp),%r20
-        ADD     %r21,%r3,%r3
-
-        ADD,DC  %r20,%r19,%r19      ; Cycle 7
-        LDD     -88(%sp),%r4
-        SHRPD   %r3,%r0,32,%r21
-        LDD     -48(%sp),%r1
-
-        FLDD    EIGHT(%r24),%fr28   ; Cycle 8
-        LDD     -104(%sp),%r31
-        ADD,DC  %r0,%r0,%r20
-        SHRPD   %r19,%r3,32,%r3
-
-        LDD     -72(%sp),%r29       ; Cycle 9
-        SHRPD   %r20,%r19,32,%r20
-        ADD     %r21,%r1,%r1
-
-        XMPYU   %fr9L,%fr28R,%fr31  ; Cycle 10
-        ADD,DC  %r3,%r4,%r4
-        FSTD    %fr24,-96(%sp)
-
-        XMPYU   %fr9R,%fr28L,%fr30  ; Cycle 11
-        ADD,DC  %r0,%r20,%r20
-        LDD     0(%r23),%r3
-        FSTD    %fr25,-80(%sp)
-
-        LDO     SIXTEEN(%r24),%r24  ; Cycle 12
-        FSTD    %fr31,-64(%sp)
-
-        XMPYU   %fr9R,%fr28R,%fr29  ; Cycle 13
-        ADD     %r0,%r0,%r0         ; clear the carry bit
-        ADDIB,<= -4,%r26,$ENDLOOP   ; actually happens in cycle 12
-        FSTD    %fr27,-48(%sp)
-;        MFCTL   %cr16,%r21         ; for timing
-;        STD     %r21,-112(%sp)
-
-; Here is the loop.
-
-$LOOP   XMPYU   %fr9L,%fr28L,%fr28  ; Cycle 1
-        ADD,DC  %r29,%r4,%r4
-        FSTD    %fr30,-56(%sp)
-        FLDD    0(%r24),%fr24
-
-        LDO     SIXTEEN(%r23),%r23  ; Cycle 2
-        ADD,DC  %r0,%r20,%r20
-        FSTD    %fr26,-88(%sp)
-
-        XMPYU   %fr9R,%fr24R,%fr27  ; Cycle 3
-        ADD     %r3,%r1,%r1
-        FSTD    %fr28,-104(%sp)
-        LDD     UN_EIGHT(%r23),%r21
-
-        XMPYU   %fr9R,%fr24L,%fr25  ; Cycle 4
-        ADD,DC  %r21,%r4,%r28
-        FSTD    %fr29,-72(%sp)    
-        LDD     -96(%sp),%r3
-
-        XMPYU   %fr9L,%fr24L,%fr26  ; Cycle 5
-        ADD,DC  %r20,%r31,%r22
-        LDD     -64(%sp),%r19
-        LDD     -80(%sp),%r21
-
-        XMPYU   %fr9L,%fr24R,%fr24  ; Cycle 6
-        ADD     %r21,%r3,%r3
-        LDD     -56(%sp),%r20
-        STD     %r1,UN_SIXTEEN(%r23)
-
-        ADD,DC  %r20,%r19,%r19      ; Cycle 7
-        SHRPD   %r3,%r0,32,%r21
-        LDD     -88(%sp),%r4
-        LDD     -48(%sp),%r1
-
-        ADD,DC  %r0,%r0,%r20        ; Cycle 8
-        SHRPD   %r19,%r3,32,%r3
-        FLDD    EIGHT(%r24),%fr28
-        LDD     -104(%sp),%r31
-
-        SHRPD   %r20,%r19,32,%r20   ; Cycle 9
-        ADD     %r21,%r1,%r1
-        STD     %r28,UN_EIGHT(%r23)
-        LDD     -72(%sp),%r29
-
-        XMPYU   %fr9L,%fr28R,%fr31  ; Cycle 10
-        ADD,DC  %r3,%r4,%r4
-        FSTD    %fr24,-96(%sp)
-
-        XMPYU   %fr9R,%fr28L,%fr30  ; Cycle 11
-        ADD,DC  %r0,%r20,%r20
-        FSTD    %fr25,-80(%sp)
-        LDD     0(%r23),%r3
-
-        LDO     SIXTEEN(%r24),%r24  ; Cycle 12
-        FSTD    %fr31,-64(%sp)
-
-        XMPYU   %fr9R,%fr28R,%fr29  ; Cycle 13
-        ADD     %r22,%r1,%r1
-        ADDIB,> -2,%r26,$LOOP       ; actually happens in cycle 12
-        FSTD    %fr27,-48(%sp)
-
-$ENDLOOP
-
-; Shutdown code, first stage.
-
-;        MFCTL   %cr16,%r21         ; for timing
-;        STD     %r21,UN_SIXTEEN(%r23)
-;        LDD     -112(%sp),%r21
-;        STD     %r21,UN_EIGHT(%r23)
-
-        XMPYU   %fr9L,%fr28L,%fr28  ; Cycle 1
-        ADD,DC  %r29,%r4,%r4
-        CMPIB,= 0,%r26,$ONEMORE
-        FSTD    %fr30,-56(%sp)
-
-        LDO     SIXTEEN(%r23),%r23  ; Cycle 2
-        ADD,DC  %r0,%r20,%r20
-        FSTD    %fr26,-88(%sp)
-
-        ADD     %r3,%r1,%r1         ; Cycle 3
-        FSTD    %fr28,-104(%sp)
-        LDD     UN_EIGHT(%r23),%r21
-
-        ADD,DC  %r21,%r4,%r28       ; Cycle 4
-        FSTD    %fr29,-72(%sp)    
-        STD     %r28,UN_EIGHT(%r23) ; moved up from cycle 9
-        LDD     -96(%sp),%r3
-
-        ADD,DC  %r20,%r31,%r22      ; Cycle 5
-        STD     %r1,UN_SIXTEEN(%r23)
-$JOIN4
-        LDD     -64(%sp),%r19
-        LDD     -80(%sp),%r21
-
-        ADD     %r21,%r3,%r3        ; Cycle 6
-        LDD     -56(%sp),%r20
-
-        ADD,DC  %r20,%r19,%r19      ; Cycle 7
-        SHRPD   %r3,%r0,32,%r21
-        LDD     -88(%sp),%r4
-        LDD     -48(%sp),%r1
-
-        ADD,DC  %r0,%r0,%r20        ; Cycle 8
-        SHRPD   %r19,%r3,32,%r3
-        LDD     -104(%sp),%r31
-
-        SHRPD   %r20,%r19,32,%r20   ; Cycle 9
-        ADD     %r21,%r1,%r1
-        LDD     -72(%sp),%r29
-
-        ADD,DC  %r3,%r4,%r4         ; Cycle 10
-
-        ADD,DC  %r0,%r20,%r20       ; Cycle 11
-        LDD     0(%r23),%r3
-
-        ADD     %r22,%r1,%r1        ; Cycle 13
-
-; Shutdown code, second stage.
-
-        ADD,DC  %r29,%r4,%r4        ; Cycle 1
-
-        LDO     SIXTEEN(%r23),%r23  ; Cycle 2
-        ADD,DC  %r0,%r20,%r20
-
-        LDD     UN_EIGHT(%r23),%r21 ; Cycle 3
-        ADD     %r3,%r1,%r1
-
-        ADD,DC  %r21,%r4,%r28       ; Cycle 4
-
-        ADD,DC  %r20,%r31,%r22      ; Cycle 5
-
-        STD     %r1,UN_SIXTEEN(%r23); Cycle 6
-
-        STD     %r28,UN_EIGHT(%r23) ; Cycle 9
-
-        LDD     0(%r23),%r3         ; Cycle 11
-
-; Shutdown code, third stage.
-
-        LDO     SIXTEEN(%r23),%r23
-        ADD     %r3,%r22,%r1
-$JOIN1  ADD,DC  %r0,%r0,%r21
-        CMPIB,*= 0,%r21,$L0         ; if no overflow, exit
-        STD     %r1,UN_SIXTEEN(%r23)
-
-; Final carry propagation
-
-$FINAL1 LDO     EIGHT(%r23),%r23
-        LDD     UN_SIXTEEN(%r23),%r21
-        ADDI    1,%r21,%r21
-        CMPIB,*= 0,%r21,$FINAL1     ; Keep looping if there is a carry.
-        STD     %r21,UN_SIXTEEN(%r23)
-        B       $L0
-        NOP
-
-; Here is the code that handles the difficult cases N=1, N=2, and N=3.
-; We do the usual trick -- branch out of the startup code at appropriate
-; points, and branch into the shutdown code.
-
-$N_IS_SMALL
-        CMPIB,= 0,%r26,$N_IS_ONE
-        FSTD    %fr24,-96(%sp)      ; Cycle 10
-        FLDD    EIGHT(%r24),%fr28   ; Cycle 8
-        XMPYU   %fr9L,%fr28R,%fr31  ; Cycle 10
-        XMPYU   %fr9R,%fr28L,%fr30  ; Cycle 11
-        FSTD    %fr25,-80(%sp)
-        FSTD    %fr31,-64(%sp)      ; Cycle 12
-        XMPYU   %fr9R,%fr28R,%fr29  ; Cycle 13
-        FSTD    %fr27,-48(%sp)
-        XMPYU   %fr9L,%fr28L,%fr28  ; Cycle 1
-        CMPIB,= 2,%r26,$N_IS_THREE
-        FSTD    %fr30,-56(%sp)
-
-; N = 2
-        FSTD    %fr26,-88(%sp)      ; Cycle 2
-        FSTD    %fr28,-104(%sp)     ; Cycle 3
-        LDD     -96(%sp),%r3        ; Cycle 4
-        FSTD    %fr29,-72(%sp)
-        B       $JOIN4
-        ADD     %r0,%r0,%r22
-
-$N_IS_THREE
-        FLDD    SIXTEEN(%r24),%fr24
-        FSTD    %fr26,-88(%sp)      ; Cycle 2
-        XMPYU   %fr9R,%fr24R,%fr27  ; Cycle 3
-        FSTD    %fr28,-104(%sp)
-        XMPYU   %fr9R,%fr24L,%fr25  ; Cycle 4
-        LDD     -96(%sp),%r3
-        FSTD    %fr29,-72(%sp)
-        XMPYU   %fr9L,%fr24L,%fr26  ; Cycle 5
-        LDD     -64(%sp),%r19
-        LDD     -80(%sp),%r21
-        B       $JOIN3
-        ADD     %r0,%r0,%r22
-
-$N_IS_ONE
-        FSTD    %fr25,-80(%sp)
-        FSTD    %fr27,-48(%sp)
-        FSTD    %fr26,-88(%sp)      ; Cycle 2
-        B       $JOIN5
-        ADD     %r0,%r0,%r22
-
-; We came out of the unrolled loop with wrong parity.  Do one more
-; single cycle.  This is quite tricky, because of the way the
-; carry chains and SHRPD chains have been chopped up.
-
-$ONEMORE
-
-        FLDD    0(%r24),%fr24
-
-        LDO     SIXTEEN(%r23),%r23  ; Cycle 2
-        ADD,DC  %r0,%r20,%r20
-        FSTD    %fr26,-88(%sp)
-
-        XMPYU   %fr9R,%fr24R,%fr27  ; Cycle 3
-        FSTD    %fr28,-104(%sp)
-        LDD     UN_EIGHT(%r23),%r21
-        ADD     %r3,%r1,%r1
-
-        XMPYU   %fr9R,%fr24L,%fr25  ; Cycle 4
-        ADD,DC  %r21,%r4,%r28
-        STD     %r28,UN_EIGHT(%r23) ; moved from cycle 9
-        LDD     -96(%sp),%r3
-        FSTD    %fr29,-72(%sp)    
-
-        XMPYU   %fr9L,%fr24L,%fr26  ; Cycle 5
-        ADD,DC  %r20,%r31,%r22
-        LDD     -64(%sp),%r19
-        LDD     -80(%sp),%r21
-
-        STD     %r1,UN_SIXTEEN(%r23); Cycle 6
-$JOIN3
-        XMPYU   %fr9L,%fr24R,%fr24
-        LDD     -56(%sp),%r20
-        ADD     %r21,%r3,%r3
-
-        ADD,DC  %r20,%r19,%r19      ; Cycle 7
-        LDD     -88(%sp),%r4
-        SHRPD   %r3,%r0,32,%r21
-        LDD     -48(%sp),%r1
-
-        LDD     -104(%sp),%r31      ; Cycle 8
-        ADD,DC  %r0,%r0,%r20
-        SHRPD   %r19,%r3,32,%r3
-
-        LDD     -72(%sp),%r29       ; Cycle 9
-        SHRPD   %r20,%r19,32,%r20
-        ADD     %r21,%r1,%r1
-
-        ADD,DC  %r3,%r4,%r4         ; Cycle 10
-        FSTD    %fr24,-96(%sp)
-
-        ADD,DC  %r0,%r20,%r20       ; Cycle 11
-        LDD     0(%r23),%r3
-        FSTD    %fr25,-80(%sp)
-
-        ADD     %r22,%r1,%r1        ; Cycle 13
-        FSTD    %fr27,-48(%sp)
-
-; Shutdown code, stage 1-1/2.
-
-        ADD,DC  %r29,%r4,%r4        ; Cycle 1
-
-        LDO     SIXTEEN(%r23),%r23  ; Cycle 2
-        ADD,DC  %r0,%r20,%r20     
-        FSTD    %fr26,-88(%sp)
-
-        LDD     UN_EIGHT(%r23),%r21 ; Cycle 3
-        ADD     %r3,%r1,%r1
-
-        ADD,DC  %r21,%r4,%r28       ; Cycle 4
-        STD     %r28,UN_EIGHT(%r23) ; moved from cycle 9
-
-        ADD,DC  %r20,%r31,%r22      ; Cycle 5
-        STD     %r1,UN_SIXTEEN(%r23)
-$JOIN5
-        LDD     -96(%sp),%r3        ; moved from cycle 4
-        LDD     -80(%sp),%r21
-        ADD     %r21,%r3,%r3        ; Cycle 6
-        ADD,DC  %r0,%r0,%r19        ; Cycle 7
-        LDD     -88(%sp),%r4
-        SHRPD   %r3,%r0,32,%r21
-        LDD     -48(%sp),%r1
-        SHRPD   %r19,%r3,32,%r3     ; Cycle 8
-        ADD     %r21,%r1,%r1        ; Cycle 9
-        ADD,DC  %r3,%r4,%r4         ; Cycle 10
-        LDD     0(%r23),%r3         ; Cycle 11
-        ADD     %r22,%r1,%r1        ; Cycle 13
-
-; Shutdown code, stage 2-1/2.
-
-        ADD,DC  %r0,%r4,%r4         ; Cycle 1
-        LDO     SIXTEEN(%r23),%r23  ; Cycle 2
-        LDD     UN_EIGHT(%r23),%r21 ; Cycle 3
-        ADD     %r3,%r1,%r1
-        STD     %r1,UN_SIXTEEN(%r23)
-        ADD,DC  %r21,%r4,%r1
-        B       $JOIN1
-        LDO     EIGHT(%r23),%r23
-
-; exit
-
-$L0
-        .LEAVE
-
-; We have verified that the above command generates what we want:
-;       LDW     -124(%sp),%r4
-;       BVE     (%r2)
-;       LDW,MB  -128(%sp),%r3
-
-        .PROCEND
-
-; ***************************************************************
-;
-;                 add_diag_[little/big]
-;
-; ***************************************************************
-
-; The arguments are as follows:
-;     r2   return PC, of course
-;     r26 = arg1 =  length
-;     r25 = arg2 =  vector to square
-;     r24 = arg3 =  result vector
-
-#ifdef LITTLE_WORDIAN
-add_diag_little
-#else
-add_diag_big
-#endif
-        .PROC
-        .CALLINFO FRAME=120,ENTRY_GR=%r4
-        .ENTER
-
-        ADDIB,< -1,%r26,$Z0         ; If N=0, exit immediately.
-        NOP
-
-; Startup code
-
-        FLDD    0(%r25),%fr7        ; Cycle 2 (alternate body)
-        XMPYU   %fr7R,%fr7R,%fr29   ; Cycle 4
-        XMPYU   %fr7L,%fr7R,%fr27   ; Cycle 5
-        XMPYU   %fr7L,%fr7L,%fr30
-        LDO     SIXTEEN(%r25),%r25  ; Cycle 6
-        FSTD    %fr29,-88(%sp)
-        FSTD    %fr27,-72(%sp)      ; Cycle 7
-        CMPIB,= 0,%r26,$DIAG_N_IS_ONE ; Cycle 1 (main body)
-        FSTD    %fr30,-96(%sp)
-        FLDD    UN_EIGHT(%r25),%fr7 ; Cycle 2
-        LDD     -88(%sp),%r22       ; Cycle 3
-        LDD     -72(%sp),%r31       ; Cycle 4
-        XMPYU   %fr7R,%fr7R,%fr28
-        XMPYU   %fr7L,%fr7R,%fr24   ; Cycle 5
-        XMPYU   %fr7L,%fr7L,%fr31
-        LDD     -96(%sp),%r20       ; Cycle 6
-        FSTD    %fr28,-80(%sp)
-        ADD     %r0,%r0,%r0         ; clear the carry bit
-        ADDIB,<= -2,%r26,$ENDDIAGLOOP ; Cycle 7
-        FSTD    %fr24,-64(%sp)
-
-; Here is the loop.  It is unrolled twice, modelled after the "alternate body" and then the "main body".
-
-$DIAGLOOP
-        SHRPD   %r31,%r0,31,%r3     ; Cycle 1 (alternate body)
-        LDO     SIXTEEN(%r25),%r25
-        LDD     0(%r24),%r1
-        FSTD    %fr31,-104(%sp)
-        SHRPD   %r0,%r31,31,%r4     ; Cycle 2
-        ADD,DC  %r22,%r3,%r3
-        FLDD    UN_SIXTEEN(%r25),%fr7   
-        ADD,DC  %r0,%r20,%r20       ; Cycle 3
-        ADD     %r1,%r3,%r3
-        XMPYU   %fr7R,%fr7R,%fr29   ; Cycle 4
-        LDD     -80(%sp),%r21
-        STD     %r3,0(%r24)
-        XMPYU   %fr7L,%fr7R,%fr27   ; Cycle 5
-        XMPYU   %fr7L,%fr7L,%fr30
-        LDD     -64(%sp),%r29       
-        LDD     EIGHT(%r24),%r1  
-        ADD,DC  %r4,%r20,%r20       ; Cycle 6
-        LDD     -104(%sp),%r19
-        FSTD    %fr29,-88(%sp)
-        ADD     %r20,%r1,%r1        ; Cycle 7
-        FSTD    %fr27,-72(%sp)
-        SHRPD   %r29,%r0,31,%r4     ; Cycle 1 (main body)
-        LDO     THIRTY_TWO(%r24),%r24
-        LDD     UN_SIXTEEN(%r24),%r28
-        FSTD    %fr30,-96(%sp)
-        SHRPD   %r0,%r29,31,%r3     ; Cycle 2
-        ADD,DC  %r21,%r4,%r4
-        FLDD    UN_EIGHT(%r25),%fr7
-        STD     %r1,UN_TWENTY_FOUR(%r24)
-        ADD,DC  %r0,%r19,%r19       ; Cycle 3
-        ADD     %r28,%r4,%r4
-        XMPYU   %fr7R,%fr7R,%fr28   ; Cycle 4
-        LDD     -88(%sp),%r22
-        STD     %r4,UN_SIXTEEN(%r24)
-        XMPYU   %fr7L,%fr7R,%fr24   ; Cycle 5
-        XMPYU   %fr7L,%fr7L,%fr31
-        LDD     -72(%sp),%r31
-        LDD     UN_EIGHT(%r24),%r28
-        ADD,DC  %r3,%r19,%r19       ; Cycle 6
-        LDD     -96(%sp),%r20
-        FSTD    %fr28,-80(%sp)
-        ADD     %r19,%r28,%r28      ; Cycle 7
-        FSTD    %fr24,-64(%sp)
-        ADDIB,> -2,%r26,$DIAGLOOP   ; Cycle 8
-        STD     %r28,UN_EIGHT(%r24)
-
-$ENDDIAGLOOP
-
-        ADD,DC  %r0,%r22,%r22    
-        CMPIB,= 0,%r26,$ONEMOREDIAG
-        SHRPD   %r31,%r0,31,%r3
-
-; Shutdown code, first stage.
-
-        FSTD    %fr31,-104(%sp)     ; Cycle 1 (alternate body)
-        LDD     0(%r24),%r28
-        SHRPD   %r0,%r31,31,%r4     ; Cycle 2
-        ADD     %r3,%r22,%r3
-        ADD,DC  %r0,%r20,%r20       ; Cycle 3
-        LDD     -80(%sp),%r21
-        ADD     %r3,%r28,%r3
-        LDD     -64(%sp),%r29       ; Cycle 4
-        STD     %r3,0(%r24)
-        LDD     EIGHT(%r24),%r1     ; Cycle 5
-        LDO     SIXTEEN(%r25),%r25  ; Cycle 6
-        LDD     -104(%sp),%r19
-        ADD,DC  %r4,%r20,%r20
-        ADD     %r20,%r1,%r1        ; Cycle 7
-        ADD,DC  %r0,%r21,%r21       ; Cycle 8
-        STD     %r1,EIGHT(%r24)
-
-; Shutdown code, second stage.
-
-        SHRPD   %r29,%r0,31,%r4     ; Cycle 1 (main body)
-        LDO     THIRTY_TWO(%r24),%r24
-        LDD     UN_SIXTEEN(%r24),%r1
-        SHRPD   %r0,%r29,31,%r3      ; Cycle 2
-        ADD     %r4,%r21,%r4
-        ADD,DC  %r0,%r19,%r19       ; Cycle 3
-        ADD     %r4,%r1,%r4
-        STD     %r4,UN_SIXTEEN(%r24); Cycle 4
-        LDD     UN_EIGHT(%r24),%r28 ; Cycle 5
-        ADD,DC  %r3,%r19,%r19       ; Cycle 6       
-        ADD     %r19,%r28,%r28      ; Cycle 7
-        ADD,DC  %r0,%r0,%r22        ; Cycle 8
-        CMPIB,*= 0,%r22,$Z0         ; if no overflow, exit
-        STD     %r28,UN_EIGHT(%r24)
-
-; Final carry propagation
-
-$FDIAG2
-        LDO     EIGHT(%r24),%r24
-        LDD     UN_EIGHT(%r24),%r26
-        ADDI    1,%r26,%r26
-        CMPIB,*= 0,%r26,$FDIAG2     ; Keep looping if there is a carry.
-        STD     %r26,UN_EIGHT(%r24)
-
-        B   $Z0
-        NOP
-
-; Here is the code that handles the difficult case N=1.
-; We do the usual trick -- branch out of the startup code at appropriate
-; points, and branch into the shutdown code.
-
-$DIAG_N_IS_ONE
-
-        LDD     -88(%sp),%r22
-        LDD     -72(%sp),%r31
-        B       $JOINDIAG
-        LDD     -96(%sp),%r20
-
-; We came out of the unrolled loop with wrong parity.  Do one more
-; single cycle.  This is the "alternate body".  It will, of course,
-; give us opposite registers from the other case, so we need
-; completely different shutdown code.
-
-$ONEMOREDIAG
-        FSTD    %fr31,-104(%sp)     ; Cycle 1 (alternate body)
-        LDD     0(%r24),%r28
-        FLDD    0(%r25),%fr7        ; Cycle 2
-        SHRPD   %r0,%r31,31,%r4
-        ADD     %r3,%r22,%r3
-        ADD,DC  %r0,%r20,%r20       ; Cycle 3
-        LDD     -80(%sp),%r21
-        ADD     %r3,%r28,%r3
-        LDD     -64(%sp),%r29       ; Cycle 4
-        STD     %r3,0(%r24)
-        XMPYU   %fr7R,%fr7R,%fr29
-        LDD     EIGHT(%r24),%r1     ; Cycle 5
-        XMPYU   %fr7L,%fr7R,%fr27
-        XMPYU   %fr7L,%fr7L,%fr30
-        LDD     -104(%sp),%r19      ; Cycle 6
-        FSTD    %fr29,-88(%sp)
-        ADD,DC  %r4,%r20,%r20
-        FSTD    %fr27,-72(%sp)      ; Cycle 7
-        ADD     %r20,%r1,%r1
-        ADD,DC  %r0,%r21,%r21       ; Cycle 8
-        STD     %r1,EIGHT(%r24)
-
-; Shutdown code, first stage.
-
-        SHRPD   %r29,%r0,31,%r4     ; Cycle 1 (main body)
-        LDO     THIRTY_TWO(%r24),%r24
-        FSTD    %fr30,-96(%sp)
-        LDD     UN_SIXTEEN(%r24),%r1
-        SHRPD   %r0,%r29,31,%r3     ; Cycle 2
-        ADD     %r4,%r21,%r4
-        ADD,DC  %r0,%r19,%r19       ; Cycle 3
-        LDD     -88(%sp),%r22
-        ADD     %r4,%r1,%r4
-        LDD     -72(%sp),%r31       ; Cycle 4
-        STD     %r4,UN_SIXTEEN(%r24)
-        LDD     UN_EIGHT(%r24),%r28 ; Cycle 5
-        LDD     -96(%sp),%r20       ; Cycle 6
-        ADD,DC  %r3,%r19,%r19
-        ADD     %r19,%r28,%r28      ; Cycle 7
-        ADD,DC  %r0,%r22,%r22       ; Cycle 8
-        STD     %r28,UN_EIGHT(%r24)
-
-; Shutdown code, second stage.
-
-$JOINDIAG
-        SHRPD   %r31,%r0,31,%r3     ; Cycle 1 (alternate body)
-        LDD     0(%r24),%r28        
-        SHRPD   %r0,%r31,31,%r4     ; Cycle 2
-        ADD     %r3,%r22,%r3
-        ADD,DC  %r0,%r20,%r20       ; Cycle 3
-        ADD     %r3,%r28,%r3
-        STD     %r3,0(%r24)         ; Cycle 4
-        LDD     EIGHT(%r24),%r1     ; Cycle 5
-        ADD,DC  %r4,%r20,%r20
-        ADD     %r20,%r1,%r1        ; Cycle 7
-        ADD,DC  %r0,%r0,%r21        ; Cycle 8
-        CMPIB,*= 0,%r21,$Z0         ; if no overflow, exit
-        STD     %r1,EIGHT(%r24)
-
-; Final carry propagation
-
-$FDIAG1
-        LDO     EIGHT(%r24),%r24
-        LDD     EIGHT(%r24),%r26
-        ADDI    1,%r26,%r26
-        CMPIB,*= 0,%r26,$FDIAG1    ; Keep looping if there is a carry.
-        STD     %r26,EIGHT(%r24)
-
-$Z0
-        .LEAVE
-        .PROCEND
-;	.ALLOW
-
-        .SPACE         $TEXT$
-        .SUBSPA        $CODE$
-#ifdef LITTLE_WORDIAN
-        .EXPORT        maxpy_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
-        .EXPORT        add_diag_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
-#else
-        .EXPORT        maxpy_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
-        .EXPORT        add_diag_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
-#endif
-        .END
-
-
-; How to use "maxpy_PA20_little" and "maxpy_PA20_big"
-; 
-; The routine "maxpy_PA20_little" or "maxpy_PA20_big"
-; performs a 64-bit x any-size multiply, and adds the
-; result to an area of memory.  That is, it performs
-; something like
-; 
-;      A B C D
-;    *       Z
-;   __________
-;    P Q R S T
-; 
-; and then adds the "PQRST" vector into an area of memory,
-; handling all carries.
-; 
-; Digression on nomenclature and endian-ness:
-; 
-; Each of the capital letters in the above represents a 64-bit
-; quantity.  That is, you could think of the discussion as
-; being in terms of radix-16-quintillion arithmetic.  The data
-; type being manipulated is "unsigned long long int".  This
-; requires the 64-bit extension of the HP-UX C compiler,
-; available at release 10.  You need these compiler flags to
-; enable these extensions:
-; 
-;       -Aa +e +DA2.0 +DS2.0
-; 
-; (The first specifies ANSI C, the second enables the
-; extensions, which are beyond ANSI C, and the third and
-; fourth tell the compiler to use whatever features of the
-; PA2.0 architecture it wishes, in order to made the code more
-; efficient.  Since the presence of the assembly code will
-; make the program unable to run on anything less than PA2.0,
-; you might as well gain the performance enhancements in the C
-; code as well.)
-; 
-; Questions of "endian-ness" often come up, usually in the
-; context of byte ordering in a word.  These routines have a
-; similar issue, that could be called "wordian-ness".
-; Independent of byte ordering (PA is always big-endian), one
-; can make two choices when representing extremely large
-; numbers as arrays of 64-bit doublewords in memory.
-; 
-; "Little-wordian" layout means that the least significant
-; word of a number is stored at the lowest address.
-; 
-;   MSW     LSW
-;    |       |
-;    V       V
-; 
-;    A B C D E
-; 
-;    ^     ^ ^
-;    |     | |____ address 0
-;    |     |
-;    |     |_______address 8
-;    |
-;    address 32
-; 
-; "Big-wordian" means that the most significant word is at the
-; lowest address.
-; 
-;   MSW     LSW
-;    |       |
-;    V       V
-; 
-;    A B C D E
-; 
-;    ^     ^ ^
-;    |     | |____ address 32
-;    |     |
-;    |     |_______address 24
-;    |
-;    address 0
-; 
-; When you compile the file, you must specify one or the other, with
-; a switch "-DLITTLE_WORDIAN" or "-DBIG_WORDIAN".
-; 
-;     Incidentally, you assemble this file as part of your
-;     project with the same C compiler as the rest of the program.
-;     My "makefile" for a superprecision arithmetic package has
-;     the following stuff:
-; 
-;     # definitions:
-;     CC = cc -Aa +e -z +DA2.0 +DS2.0 +w1
-;     CFLAGS = +O3
-;     LDFLAGS = -L /usr/lib -Wl,-aarchive
-; 
-;     # general build rule for ".s" files:
-;     .s.o:
-;             $(CC) $(CFLAGS) -c $< -DBIG_WORDIAN
-; 
-;     # Now any bind step that calls for pa20.o will assemble pa20.s
-; 
-; End of digression, back to arithmetic:
-; 
-; The way we multiply two huge numbers is, of course, to multiply
-; the "ABCD" vector by each of the "WXYZ" doublewords, adding
-; the result vectors with increasing offsets, the way we learned
-; in school, back before we all used calculators:
-; 
-;            A B C D
-;          * W X Y Z
-;         __________
-;          P Q R S T
-;        E F G H I
-;      M N O P Q
-;  + R S T U V
-;    _______________
-;    F I N A L S U M
-; 
-; So we call maxpy_PA20_big (in my case; my package is
-; big-wordian) repeatedly, giving the W, X, Y, and Z arguments
-; in turn as the "scalar", and giving the "ABCD" vector each
-; time.  We direct it to add its result into an area of memory
-; that we have cleared at the start.  We skew the exact
-; location into that area with each call.
-; 
-; The prototype for the function is
-; 
-; extern void maxpy_PA20_big(
-;    int length,        /* Number of doublewords in the multiplicand vector. */
-;    const long long int *scalaraddr,    /* Address to fetch the scalar. */
-;    const long long int *multiplicand,  /* The multiplicand vector. */
-;    long long int *result);             /* Where to accumulate the result. */
-; 
-; (You should place a copy of this prototype in an include file
-; or in your C file.)
-; 
-; Now, IN ALL CASES, the given address for the multiplicand or
-; the result is that of the LEAST SIGNIFICANT DOUBLEWORD.
-; That word is, of course, the word at which the routine
-; starts processing.  "maxpy_PA20_little" then increases the
-; addresses as it computes.  "maxpy_PA20_big" decreases them.
-; 
-; In our example above, "length" would be 4 in each case.
-; "multiplicand" would be the "ABCD" vector.  Specifically,
-; the address of the element "D".  "scalaraddr" would be the
-; address of "W", "X", "Y", or "Z" on the four calls that we
-; would make.  (The order doesn't matter, of course.)
-; "result" would be the appropriate address in the result
-; area.  When multiplying by "Z", that would be the least
-; significant word.  When multiplying by "Y", it would be the
-; next higher word (8 bytes higher if little-wordian; 8 bytes
-; lower if big-wordian), and so on.  The size of the result
-; area must be the the sum of the sizes of the multiplicand
-; and multiplier vectors, and must be initialized to zero
-; before we start.
-; 
-; Whenever the routine adds its partial product into the result
-; vector, it follows carry chains as far as they need to go.
-; 
-; Here is the super-precision multiply routine that I use for
-; my package.  The package is big-wordian.  I have taken out
-; handling of exponents (it's a floating point package):
-; 
-; static void mul_PA20(
-;   int size,
-;   const long long int *arg1,
-;   const long long int *arg2,
-;   long long int *result)
-; {
-;    int i;
-; 
-;    for (i=0 ; i<2*size ; i++) result[i] = 0ULL;
-; 
-;    for (i=0 ; i<size ; i++) {
-;       maxpy_PA20_big(size, &arg2[i], &arg1[size-1], &result[size+i]);
-;    }
-; }
diff --git a/security/nss/lib/freebl/mpi/hppatch.adb b/security/nss/lib/freebl/mpi/hppatch.adb
deleted file mode 100644
index 7b7aaef76..000000000
--- a/security/nss/lib/freebl/mpi/hppatch.adb
+++ /dev/null
@@ -1,49 +0,0 @@
-#/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is script to change the system id in an object file 
-# from PA-RISC 2.0 to 1.1.
-#
-# The Initial Developer of the Original Code is Hewlett-Packard Company.
-# Portions created by Hewlett-Packard Company are
-# Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved.
-#
-# Contributor(s):
-#   wrapped by Dennis Handly on Tue Mar 23 15:23:43 1999
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-# script to change the system id in an object file from PA-RISC 2.0 to 1.1
-
-adb -w $1 << EOF
-?m 0 -1 0
-0x0?X
-0x0?W (@0x0&~0x40000)|(~@0x0&0x40000)
-
-0?"change checksum"
-0x7c?X
-0x7c?W (@0x7c&~0x40000)|(~@0x7c&0x40000)
-$q
-EOF
-
-exit 0
-
diff --git a/security/nss/lib/freebl/mpi/logtab.h b/security/nss/lib/freebl/mpi/logtab.h
deleted file mode 100644
index 6f28be96f..000000000
--- a/security/nss/lib/freebl/mpi/logtab.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- *  logtab.h
- *
- *  Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-const float s_logv_2[] = {
-   0.000000000f, 0.000000000f, 1.000000000f, 0.630929754f,  /*  0  1  2  3 */
-   0.500000000f, 0.430676558f, 0.386852807f, 0.356207187f,  /*  4  5  6  7 */
-   0.333333333f, 0.315464877f, 0.301029996f, 0.289064826f,  /*  8  9 10 11 */
-   0.278942946f, 0.270238154f, 0.262649535f, 0.255958025f,  /* 12 13 14 15 */
-   0.250000000f, 0.244650542f, 0.239812467f, 0.235408913f,  /* 16 17 18 19 */
-   0.231378213f, 0.227670249f, 0.224243824f, 0.221064729f,  /* 20 21 22 23 */
-   0.218104292f, 0.215338279f, 0.212746054f, 0.210309918f,  /* 24 25 26 27 */
-   0.208014598f, 0.205846832f, 0.203795047f, 0.201849087f,  /* 28 29 30 31 */
-   0.200000000f, 0.198239863f, 0.196561632f, 0.194959022f,  /* 32 33 34 35 */
-   0.193426404f, 0.191958720f, 0.190551412f, 0.189200360f,  /* 36 37 38 39 */
-   0.187901825f, 0.186652411f, 0.185449023f, 0.184288833f,  /* 40 41 42 43 */
-   0.183169251f, 0.182087900f, 0.181042597f, 0.180031327f,  /* 44 45 46 47 */
-   0.179052232f, 0.178103594f, 0.177183820f, 0.176291434f,  /* 48 49 50 51 */
-   0.175425064f, 0.174583430f, 0.173765343f, 0.172969690f,  /* 52 53 54 55 */
-   0.172195434f, 0.171441601f, 0.170707280f, 0.169991616f,  /* 56 57 58 59 */
-   0.169293808f, 0.168613099f, 0.167948779f, 0.167300179f,  /* 60 61 62 63 */
-   0.166666667f
-};
-
diff --git a/security/nss/lib/freebl/mpi/make-logtab b/security/nss/lib/freebl/mpi/make-logtab
deleted file mode 100755
index 0ed950c70..000000000
--- a/security/nss/lib/freebl/mpi/make-logtab
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/linguist/bin/perl
-
-#
-# make-logtab
-#
-# Generate a table of logarithms of 2 in various bases, for use in
-# estimating the output sizes of various bases.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-#
-# $Id$
-
-$ARRAYNAME = $ENV{'ARRAYNAME'} || "s_logv_2";
-$ARRAYTYPE = $ENV{'ARRAYTYPE'} || "float";
-
-printf("const %s %s[] = {\n   %0.9ff, %0.9ff, ", 
-       $ARRAYTYPE, $ARRAYNAME, 0, 0);
-$brk = 2;
-for($ix = 2; $ix < 64; $ix++) {
-    printf("%0.9ff, ", (log(2)/log($ix)));
-    $brk = ($brk + 1) & 3;
-    if(!$brk) {
-	printf(" /* %2d %2d %2d %2d */\n   ",
-	       $ix - 3, $ix - 2, $ix - 1, $ix);
-    }
-}
-printf("%0.9ff\n};\n\n", (log(2)/log($ix)));
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/make-test-arrays b/security/nss/lib/freebl/mpi/make-test-arrays
deleted file mode 100755
index a55bf3a1e..000000000
--- a/security/nss/lib/freebl/mpi/make-test-arrays
+++ /dev/null
@@ -1,129 +0,0 @@
-#!/usr/linguist/bin/perl
-
-#
-# make-test-arrays
-#
-# Given a test-arrays file, which specifies the test suite names, the
-# names of the functions which perform those test suites, and
-# descriptive comments, this script generates C structures for the
-# mpi-test program.  The input consists of lines of the form:
-#
-# suite-name:function-name:comment
-#
-# The output is written to the standard output.  Blank lines are
-# ignored, and comments beginning with '#' are stripped.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-## 
-# $Id$
-#
-
-# Read parameters from the environment, if available
-$NAMEVAR = $ENV{'NAMEVAR'} || "g_names";
-$COUNTVAR = $ENV{'COUNTVAR'} || "g_count";
-$FUNCVAR = $ENV{'FUNCVAR'} || "g_tests";
-$DESCVAR = $ENV{'DESCVAR'} || "g_descs";
-$FUNCLEN = 13;
-$NAMELEN = 18;
-$DESCLEN = 45;
-
-#------------------------------------------------------------------------
-# Suck in input from the files on the command line, or standard input
-while(<>) {
-    chomp;
-    s/\#.*$//;
-    next if /^\s*$/;
-
-    ($suite, $func, $desc) = split(/:/, $_);
-
-    $tmp = { "suite" => $suite,
-	     "func"  => $func,
-	     "desc"  => $desc };
-
-    push(@item, $tmp);
-}
-$count = scalar(@item);
-$last = pop(@item);
-
-#------------------------------------------------------------------------
-# Output the table of names
-print "/* Table mapping test suite names to index numbers */\n";
-printf("const int   %s = %d;\n", $COUNTVAR, $count);
-printf("const char *%s[] = {\n", $NAMEVAR);
-
-foreach $elt (@item) {
-    printf("   \"%s\",%s/* %s%s */\n", $elt->{"suite"},
-	   " " x ($NAMELEN - length($elt->{"suite"})),
-	   $elt->{"desc"},
-	   " " x ($DESCLEN - length($elt->{"desc"})));
-}
-printf("   \"%s\" %s/* %s%s */\n", $last->{"suite"},
-       " " x ($NAMELEN - length($last->{"suite"})),
-       $last->{"desc"},
-       " " x ($DESCLEN - length($last->{"desc"})));
-print "};\n\n";
-
-#------------------------------------------------------------------------
-# Output the driver function prototypes
-print "/* Test function prototypes */\n";
-foreach $elt (@item, $last) {
-    printf("int  %s(void);\n", $elt->{"func"});
-}
-print "\n";
-
-#------------------------------------------------------------------------
-# Output the table of functions
-print "/* Table mapping index numbers to functions */\n";
-printf("int (*%s[])(void)  = {\n   ", $FUNCVAR);
-$brk = 0;
-
-foreach $elt (@item) {
-    print($elt->{"func"}, ", ", 
-	  " " x ($FUNCLEN - length($elt->{"func"})));
-    $brk = ($brk + 1) & 3;
-    print "\n   " unless($brk);
-}
-print $last->{"func"}, "\n};\n\n";
-
-#------------------------------------------------------------------------
-# Output the table of descriptions
-print "/* Table mapping index numbers to descriptions */\n";
-printf("const char *%s[] = {\n", $DESCVAR);
-
-foreach $elt (@item) {
-    printf("   \"%s\",\n", $elt->{"desc"});
-}
-printf("   \"%s\"\n};\n\n", $last->{"desc"});
-
-exit 0;
-
diff --git a/security/nss/lib/freebl/mpi/mdxptest.c b/security/nss/lib/freebl/mpi/mdxptest.c
deleted file mode 100644
index 61d02e9a9..000000000
--- a/security/nss/lib/freebl/mpi/mdxptest.c
+++ /dev/null
@@ -1,339 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <malloc.h>
-#include <time.h>
-#include "mpi.h"
-#include "mpi-priv.h"
-
-/* #define OLD_WAY 1  */
-
-/* This key is the 1024-bit test key used for speed testing of RSA private 
-** key ops.
-*/
-
-#define CONST const
-
-static CONST unsigned char default_n[128] = {
-0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1,
-0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39,
-0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae,
-0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8,
-0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62,
-0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8,
-0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b,
-0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17
-};
-
-static CONST unsigned char default_d[128] = {
-0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80,
-0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e,
-0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94,
-0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d,
-0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0,
-0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20,
-0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee,
-0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01
-};
-
-
-#define DEFAULT_ITERS 50
-
-typedef clock_t timetype;
-#define gettime(x) *(x) = clock()
-#define subtime(a, b) a -= b
-#define msec(x) ((clock_t)((double)x * 1000.0 / CLOCKS_PER_SEC))
-#define sec(x) (x / CLOCKS_PER_SEC)
-
-struct TimingContextStr {
-    timetype start;
-    timetype end;
-    timetype interval;
-
-    int   minutes;  
-    int   seconds;  
-    int   millisecs;
-};
-
-typedef struct TimingContextStr TimingContext;
-
-TimingContext *CreateTimingContext(void) 
-{
-    return (TimingContext *)malloc(sizeof(TimingContext));
-}
-
-void DestroyTimingContext(TimingContext *ctx) 
-{
-    free(ctx);
-}
-
-void TimingBegin(TimingContext *ctx) 
-{
-    gettime(&ctx->start);
-}
-
-static void timingUpdate(TimingContext *ctx) 
-{
-
-    ctx->millisecs = msec(ctx->interval) % 1000;
-    ctx->seconds   = sec(ctx->interval);
-    ctx->minutes   = ctx->seconds / 60;
-    ctx->seconds  %= 60;
-
-}
-
-void TimingEnd(TimingContext *ctx) 
-{
-    gettime(&ctx->end);
-    ctx->interval = ctx->end;
-    subtime(ctx->interval, ctx->start);
-    timingUpdate(ctx);
-}
-
-char *TimingGenerateString(TimingContext *ctx) 
-{
-    static char sBuf[4096];
-
-    sprintf(sBuf, "%d minutes, %d.%03d seconds", ctx->minutes,
-				ctx->seconds, ctx->millisecs);
-    return sBuf;
-}
-
-static void
-dumpBytes( unsigned char * b, int l)
-{
-    int i;
-    if (l <= 0)
-        return;
-    for (i = 0; i < l; ++i) {
-        if (i % 16 == 0)
-            printf("\t");
-        printf(" %02x", b[i]);
-        if (i % 16 == 15)
-            printf("\n");
-    }
-    if ((i % 16) != 0)
-        printf("\n");
-    printf("\n");
-}
-
-static mp_err
-testNewFuncs(const unsigned char * modulusBytes, int modulus_len)
-{
-    mp_err mperr	= MP_OKAY;
-    mp_int modulus;
-    unsigned char buf[512];
-
-    mperr = mp_init(&modulus);
-    mperr = mp_read_unsigned_octets(&modulus,  modulusBytes,  modulus_len );
-    mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len);
-    mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+1);
-    mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+4);
-    mperr = mp_to_unsigned_octets(&modulus, buf, modulus_len);
-    mperr = mp_to_signed_octets(&modulus, buf, modulus_len + 1);
-    mp_clear(&modulus);
-    return mperr;
-}
-
-int
-testModExp( const unsigned char *      modulusBytes, 
-	    const unsigned int         expo,
-	    const unsigned char *      input, 
-	          unsigned char *      output,
-	          int                  modulus_len)
-{
-    mp_err mperr	= MP_OKAY;
-    mp_int modulus;
-    mp_int base;
-    mp_int exponent;
-    mp_int result;
-
-    mperr  = mp_init(&modulus);
-    mperr += mp_init(&base);
-    mperr += mp_init(&exponent);
-    mperr += mp_init(&result);
-    /* we initialize all mp_ints unconditionally, even if some fail.
-    ** This guarantees that the DIGITS pointer is valid (even if null).
-    ** So, mp_clear will do the right thing below. 
-    */
-    if (mperr == MP_OKAY) {
-      mperr  = mp_read_unsigned_octets(&modulus,  
-		modulusBytes + (sizeof default_n - modulus_len),  modulus_len );
-      mperr += mp_read_unsigned_octets(&base,     input,         modulus_len );
-      mp_set(&exponent, expo);
-      if (mperr == MP_OKAY) {
-#if OLD_WAY
-	mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
-#else
-	mperr = mp_exptmod(&base, &exponent, &modulus, &result);
-#endif
-	if (mperr == MP_OKAY) {
-	  mperr = mp_to_fixlen_octets(&result, output, modulus_len);
-	}
-      }
-    }
-    mp_clear(&base);
-    mp_clear(&result);
-
-    mp_clear(&modulus);
-    mp_clear(&exponent);
-
-    return (int)mperr;
-}
-
-int
-doModExp(   const unsigned char *      modulusBytes, 
-	    const unsigned char *      exponentBytes, 
-	    const unsigned char *      input, 
-	          unsigned char *      output,
-	          int                  modulus_len)
-{
-    mp_err mperr	= MP_OKAY;
-    mp_int modulus;
-    mp_int base;
-    mp_int exponent;
-    mp_int result;
-
-    mperr  = mp_init(&modulus);
-    mperr += mp_init(&base);
-    mperr += mp_init(&exponent);
-    mperr += mp_init(&result);
-    /* we initialize all mp_ints unconditionally, even if some fail.
-    ** This guarantees that the DIGITS pointer is valid (even if null).
-    ** So, mp_clear will do the right thing below. 
-    */
-    if (mperr == MP_OKAY) {
-      mperr  = mp_read_unsigned_octets(&modulus,  
-		modulusBytes + (sizeof default_n - modulus_len),  modulus_len );
-      mperr += mp_read_unsigned_octets(&exponent, exponentBytes, modulus_len );
-      mperr += mp_read_unsigned_octets(&base,     input,         modulus_len );
-      if (mperr == MP_OKAY) {
-#if OLD_WAY
-	mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
-#else
-	mperr = mp_exptmod(&base, &exponent, &modulus, &result);
-#endif
-	if (mperr == MP_OKAY) {
-	  mperr = mp_to_fixlen_octets(&result, output, modulus_len);
-	}
-      }
-    }
-    mp_clear(&base);
-    mp_clear(&result);
-
-    mp_clear(&modulus);
-    mp_clear(&exponent);
-
-    return (int)mperr;
-}
-
-int
-main(int argc, char **argv)
-{
-    TimingContext *	  timeCtx;
-    char *		  progName;
-    long 		  iters 	= DEFAULT_ITERS;
-    unsigned int 	  modulus_len;
-    int		 	  i;
-    int 		  rv;
-    unsigned char 	  buf [1024];
-    unsigned char 	  buf2[1024];
-
-    progName = strrchr(argv[0], '/');
-    if (!progName)
-	progName = strrchr(argv[0], '\\');
-    progName = progName ? progName+1 : argv[0];
-
-    if (argc >= 2) {
-	iters = atol(argv[1]);
-    }
-
-    if (argc >= 3) {
-	modulus_len = atol(argv[2]);
-    } else 
-	modulus_len = sizeof default_n;
-
-    /* no library init function !? */
-
-    memset(buf, 0x41, sizeof buf);
-
-  if (iters < 2) {
-    testNewFuncs( default_n, modulus_len);
-    testNewFuncs( default_n+1, modulus_len - 1);
-    testNewFuncs( default_n+2, modulus_len - 2);
-    testNewFuncs( default_n+3, modulus_len - 3);
-
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-    rv = testModExp(default_n, 0, buf, buf2, modulus_len);
-    dumpBytes((unsigned char *)buf2, modulus_len);
-
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-    rv = testModExp(default_n, 1, buf, buf2, modulus_len);
-    dumpBytes((unsigned char *)buf2, modulus_len);
-
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-    rv = testModExp(default_n, 2, buf, buf2, modulus_len);
-    dumpBytes((unsigned char *)buf2, modulus_len);
-
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-    rv = testModExp(default_n, 3, buf, buf2, modulus_len);
-    dumpBytes((unsigned char *)buf2, modulus_len);
-  }
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-    rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
-    if (rv != 0) {
-	fprintf(stderr, "Error in modexp operation:\n");
-	exit(1);
-    }
-    dumpBytes((unsigned char *)buf2, modulus_len);
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-
-    timeCtx = CreateTimingContext();
-    TimingBegin(timeCtx);
-    i = iters;
-    while (i--) {
-	rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
-	if (rv != 0) {
-	    fprintf(stderr, "Error in modexp operation\n");
-	    exit(1);
-	}
-    }
-    TimingEnd(timeCtx);
-    printf("%ld iterations in %s\n", iters, TimingGenerateString(timeCtx));
-    printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-
-    return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/montmulf.c b/security/nss/lib/freebl/mpi/montmulf.c
deleted file mode 100644
index 2cf0825f8..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is SPARC optimized Montgomery multiply functions.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are 
- * Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
- * 
- * Contributor(s):
- *	Netscape Communications Corporation
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- *  $Id$
- */
-
-#ifdef SOLARIS
-#define RF_INLINE_MACROS 1
-#endif
-
-static const double TwoTo16=65536.0;
-static const double TwoToMinus16=1.0/65536.0;
-static const double Zero=0.0;
-static const double TwoTo32=65536.0*65536.0;
-static const double TwoToMinus32=1.0/(65536.0*65536.0);
-
-#ifdef RF_INLINE_MACROS
-
-double upper32(double);
-double lower32(double, double);
-double mod(double, double, double);
-
-void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/, 
-			  const double * /* 2^16*/,
-			  const double * /* 0 */,
-			  double *       /*result16*/, 
-			  double *       /* result32 */,
-			  float *  /*source - should be unsigned int*
-		          	       converted to float* */);
-
-#else
-#ifdef MP_USE_FLOOR
-#include <math.h>
-#else
-#define floor(d) ((double)((unsigned long long)(d)))
-#endif
-
-static double upper32(double x)
-{
-  return floor(x*TwoToMinus32);
-}
-
-static double lower32(double x, double y)
-{
-  return x-TwoTo32*floor(x*TwoToMinus32);
-}
-
-static double mod(double x, double oneoverm, double m)
-{
-  return x-m*floor(x*oneoverm);
-}
-
-#endif
-
-
-static void cleanup(double *dt, int from, int tlen)
-{
- int i;
- double tmp,tmp1,x,x1;
-
- tmp=tmp1=Zero;
- /* original code **
- for(i=2*from;i<2*tlen-2;i++)
-   {
-     x=dt[i];
-     dt[i]=lower32(x,Zero)+tmp1;
-     tmp1=tmp;
-     tmp=upper32(x);
-   }
- dt[tlen-2]+=tmp1;
- dt[tlen-1]+=tmp;
- **end original code ***/
- /* new code ***/
- for(i=2*from;i<2*tlen;i+=2)
-   {
-     x=dt[i];
-     x1=dt[i+1];
-     dt[i]=lower32(x,Zero)+tmp;
-     dt[i+1]=lower32(x1,Zero)+tmp1;
-     tmp=upper32(x);
-     tmp1=upper32(x1);
-   }
-  /** end new code **/
-}
-
-
-void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-{
-int i;
-long long t, t1, a, b, c, d;
-
- t1=0;
- a=(long long)d16[0];
- b=(long long)d16[1];
- for(i=0; i<ilen-1; i++)
-   {
-     c=(long long)d16[2*i+2];
-     t1+=(unsigned int)a;
-     t=(a>>32);
-     d=(long long)d16[2*i+3];
-     t1+=(b&0xffff)<<16;
-     t+=(b>>16)+(t1>>32);
-     i32[i]=(unsigned int)t1;
-     t1=t;
-     a=c;
-     b=d;
-   }
- t1+=(unsigned int)a;
- t=(a>>32);
- t1+=(b&0xffff)<<16;
- i32[i]=(unsigned int)t1;
-}
-
-void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-{
-int i;
-
-#pragma pipeloop(0)
- for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-}
-
-
-void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-{
-int i;
-unsigned int a;
-
-#pragma pipeloop(0)
- for(i=0;i<len;i++)
-   {
-     a=i32[i];
-     d16[2*i]=(double)(a&0xffff);
-     d16[2*i+1]=(double)(a>>16);
-   }
-}
-
-
-void conv_i32_to_d32_and_d16(double *d32, double *d16, 
-			     unsigned int *i32, int len)
-{
-int i = 0;
-unsigned int a;
-
-#pragma pipeloop(0)
-#ifdef RF_INLINE_MACROS
- for(;i<len-3;i+=4)
-   {
-     i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-			  &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-   }
-#endif
- for(;i<len;i++)
-   {
-     a=i32[i];
-     d32[i]=(double)(i32[i]);
-     d16[2*i]=(double)(a&0xffff);
-     d16[2*i+1]=(double)(a>>16);
-   }
-}
-
-
-void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-{
-long long acc;
-int i;
-
- if(i32[len]>0) i=-1;
- else
-   {
-     for(i=len-1; i>=0; i--)
-       {
-	 if(i32[i]!=nint[i]) break;
-       }
-   }
- if((i<0)||(i32[i]>nint[i]))
-   {
-     acc=0;
-     for(i=0;i<len;i++)
-       {
-	 acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-	 i32[i]=(unsigned int)acc;
-	 acc=acc>>32;
-       }
-   }
-}
-
-
-
-
-/*
-** the lengths of the input arrays should be at least the following:
-** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-** all of them should be different from one another
-**
-*/
-void mont_mulf_noconv(unsigned int *result,
-		     double *dm1, double *dm2, double *dt,
-		     double *dn, unsigned int *nint,
-		     int nlen, double dn0)
-{
- int i, j, jj;
- int tmp;
- double digit, m2j, nextm2j, a, b;
- double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-
- pdm1=&(dm1[0]);
- pdm2=&(dm2[0]);
- pdn=&(dn[0]);
- pdm2[2*nlen]=Zero;
-
- if (nlen!=16)
-   {
-     for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-
-     a=dt[0]=pdm1[0]*pdm2[0];
-     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-     pdtj=&(dt[0]);
-     for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-       {
-	 m2j=pdm2[j];
-	 a=pdtj[0]+pdn[0]*digit;
-	 b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-	 pdtj[1]=b;
-
-#pragma pipeloop(0)
-	 for(i=1;i<nlen;i++)
-	   {
-	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-	   }
- 	 if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-	 
-	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-       }
-   }
- else
-   {
-     a=dt[0]=pdm1[0]*pdm2[0];
-
-     dt[65]=     dt[64]=     dt[63]=     dt[62]=     dt[61]=     dt[60]=
-     dt[59]=     dt[58]=     dt[57]=     dt[56]=     dt[55]=     dt[54]=
-     dt[53]=     dt[52]=     dt[51]=     dt[50]=     dt[49]=     dt[48]=
-     dt[47]=     dt[46]=     dt[45]=     dt[44]=     dt[43]=     dt[42]=
-     dt[41]=     dt[40]=     dt[39]=     dt[38]=     dt[37]=     dt[36]=
-     dt[35]=     dt[34]=     dt[33]=     dt[32]=     dt[31]=     dt[30]=
-     dt[29]=     dt[28]=     dt[27]=     dt[26]=     dt[25]=     dt[24]=
-     dt[23]=     dt[22]=     dt[21]=     dt[20]=     dt[19]=     dt[18]=
-     dt[17]=     dt[16]=     dt[15]=     dt[14]=     dt[13]=     dt[12]=
-     dt[11]=     dt[10]=     dt[ 9]=     dt[ 8]=     dt[ 7]=     dt[ 6]=
-     dt[ 5]=     dt[ 4]=     dt[ 3]=     dt[ 2]=     dt[ 1]=Zero;
-
-     pdn_0=pdn[0];
-     pdm1_0=pdm1[0];
-
-     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-     pdtj=&(dt[0]);
-
-     for(j=0;j<32;j++,pdtj++)
-       {
-
-	 m2j=pdm2[j];
-	 a=pdtj[0]+pdn_0*digit;
-	 b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-	 pdtj[1]=b;
-
-	 /**** this loop will be fully unrolled:
-	 for(i=1;i<16;i++)
-	   {
-	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-	   }
-	 *************************************/
-	     pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-	     pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-	     pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-	     pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-	     pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-	     pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-	     pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-	     pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-	     pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-	     pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-	     pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-	     pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-	     pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-	     pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-	     pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-	 /* no need for cleenup, cannot overflow */
-	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-       }
-   }
-
- conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
- adjust_montf_result(result,nint,nlen); 
- 
-}
-
diff --git a/security/nss/lib/freebl/mpi/montmulf.h b/security/nss/lib/freebl/mpi/montmulf.h
deleted file mode 100644
index 5fd5dd4e3..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is interface file for SPARC Montgomery multiply functions.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are 
- * Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
- * 
- * Contributor(s):
- *	Netscape Communications Corporation
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- *  $Id$
- */
-
-/*  The functions that are to be called from outside of the .s file have the
- *  following interfaces and array size requirements:
- */
-
-
-void conv_i32_to_d32(double *d32, unsigned int *i32, int len);
-
-/*  Converts an array of int's to an array of doubles, so that each double
- *  corresponds to an int.  len is the number of items converted.
- *  Does not allocate the output array.
- *  The pointers d32 and i32 should point to arrays of size at least  len
- *  (doubles and unsigned ints, respectively)
- */
-
-
-void conv_i32_to_d16(double *d16, unsigned int *i32, int len);
-
-/*  Converts an array of int's to an array of doubles so that each element
- *  of the int array is converted to a pair of doubles, the first one
- *  corresponding to the lower (least significant) 16 bits of the int and
- *  the second one corresponding to the upper (most significant) 16 bits of
- *  the 32-bit int. len is the number of ints converted.
- *  Does not allocate the output array.
- *  The pointer d16 should point to an array of doubles of size at least
- *  2*len and i32 should point an array of ints of size at least  len
- */
-
-
-void conv_i32_to_d32_and_d16(double *d32, double *d16, 
-			     unsigned int *i32, int len);
-
-/*  Does the above two conversions together, it is much faster than doing
- *  both of those in succession
- */
-
-
-void mont_mulf_noconv(unsigned int *result,
-		     double *dm1, double *dm2, double *dt,
-		     double *dn, unsigned int *nint,
-		     int nlen, double dn0);
-
-/*  Does the Montgomery multiplication of the numbers stored in the arrays
- *  pointed to by dm1 and dm2, writing the result to the array pointed to by
- *  result. It uses the array pointed to by dt as a temporary work area.
- *  nint should point to the modulus in the array-of-integers representation, 
- *  dn should point to its array-of-doubles as obtained as a result of the
- *  function call   conv_i32_to_d32(dn, nint, nlen);
- *  nlen is the length of the array containing the modulus.
- *  The representation used for dm1 is the one that is a result of the function
- *  call   conv_i32_to_d32(dm1, m1, nlen), the representation for dm2 is the
- *  result of the function call   conv_i32_to_d16(dm2, m2, nlen).
- *  Note that m1 and m2 should both be of length nlen, so they should be
- *  padded with 0's if necessary before the conversion. The result comes in 
- *  this form (int representation, padded with 0's).
- *  dn0 is the value of the 16 least significant bits of n0'.
- *  The function does not allocate memory for any of the arrays, so the 
- *  pointers should point to arrays with the following minimal sizes:
- *  result - nlen+1
- *  dm1    - nlen
- *  dm2    - 2*nlen+1  ( the +1 is necessary for technical reasons )
- *  dt     - 4*nlen+2
- *  dn     - nlen
- *  nint   - nlen
- *  No two arrays should point to overlapping areas of memory.
- */  
diff --git a/security/nss/lib/freebl/mpi/montmulf.il b/security/nss/lib/freebl/mpi/montmulf.il
deleted file mode 100644
index b3dd734b6..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.il
+++ /dev/null
@@ -1,137 +0,0 @@
-!  
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is inline macros for SPARC Montgomery multiply functions.
-!  
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!  
-!   $Id$
-!  
-
-!
-! double upper32(double /*frs1*/);
-!
-        .inline upper32,8
-        std     %o0,[%sp+0x48]
-        ldd     [%sp+0x48],%f10
-
-	fdtox	%f10,%f10
-	fitod	%f10,%f0
-        .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
-        .inline lower32,8
-        std     %o0,[%sp+0x48]
-        ldd     [%sp+0x48],%f10
-        std     %o2,[%sp+0x48]
-        ldd     [%sp+0x48],%f12
-
-	fdtox	%f10,%f10
-	fmovs	%f12,%f10
-	fxtod	%f10,%f0
-        .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
-        .inline mod,12
-        std     %o0,[%sp+0x48]
-        ldd     [%sp+0x48],%f2
-        std     %o2,[%sp+0x48]
-        ldd     [%sp+0x48],%f4
-        std     %o4,[%sp+0x48]
-        ldd     [%sp+0x48],%f6
-
-	fmuld	%f2,%f4,%f4
-	fdtox	%f4,%f4
-	fxtod	%f4,%f4
-	fmuld	%f4,%f6,%f4
-	fsubd	%f2,%f4,%f0
-        .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-!			    double * /* 0 */,
-!			    double * /*result16*/, double * /* result32 */
-!			    float *  /*source - should be unsigned int*
-!		            	       converted to float* */);
-!
-        .inline i16_to_d16_and_d32x4,24
-        ldd     [%o0],%f2  ! 1/(2^16)
-        ldd     [%o1],%f4  ! 2^16
-	ldd	[%o2],%f22
-
-	fmovd	%f22,%f6
-	ld	[%o5],%f7
-	fmovd	%f22,%f10
-	ld	[%o5+4],%f11
-	fmovd	%f22,%f14
-	ld	[%o5+8],%f15
-	fmovd	%f22,%f18
-	ld	[%o5+12],%f19
-	fxtod	%f6,%f6
-	std	%f6,[%o4]
-	fxtod	%f10,%f10
-	std	%f10,[%o4+8]
-	fxtod	%f14,%f14
-	std	%f14,[%o4+16]
-	fxtod	%f18,%f18
-	std	%f18,[%o4+24]
-	fmuld	%f2,%f6,%f8
-	fmuld	%f2,%f10,%f12
-	fmuld	%f2,%f14,%f16
-	fmuld	%f2,%f18,%f20
-	fdtox	%f8,%f8
-	fdtox	%f12,%f12
-	fdtox	%f16,%f16
-	fdtox	%f20,%f20
-	fxtod	%f8,%f8
-	std	%f8,[%o3+8]
-	fxtod	%f12,%f12
-	std	%f12,[%o3+24]
-	fxtod	%f16,%f16
-	std	%f16,[%o3+40]
-	fxtod	%f20,%f20
-	std	%f20,[%o3+56]
-	fmuld	%f8,%f4,%f8
-	fmuld	%f12,%f4,%f12
-	fmuld	%f16,%f4,%f16
-	fmuld	%f20,%f4,%f20
-	fsubd	%f6,%f8,%f8
-	std	%f8,[%o3]
-	fsubd	%f10,%f12,%f12
-	std	%f12,[%o3+16]
-	fsubd	%f14,%f16,%f16
-	std	%f16,[%o3+32]
-	fsubd	%f18,%f20,%f20
-	std	%f20,[%o3+48]
-        .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulf.s b/security/nss/lib/freebl/mpi/montmulf.s
deleted file mode 100644
index cdb5d376e..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.s
+++ /dev/null
@@ -1,1967 +0,0 @@
-!  
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!   
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!  
-!   $Id$
-!  
-
-	.section	".text",#alloc,#execinstr
-	.file	"montmulf.c"
-
-	.section	".data",#alloc,#write
-	.align	8
-TwoTo16:		/* frequency 1.0 confidence 0.0 */
-	.word	1089470464
-	.word	0
-	.type	TwoTo16,#object
-	.size	TwoTo16,8
-TwoToMinus16:		/* frequency 1.0 confidence 0.0 */
-	.word	1055916032
-	.word	0
-	.type	TwoToMinus16,#object
-	.size	TwoToMinus16,8
-Zero:		/* frequency 1.0 confidence 0.0 */
-	.word	0
-	.word	0
-	.type	Zero,#object
-	.size	Zero,8
-TwoTo32:		/* frequency 1.0 confidence 0.0 */
-	.word	1106247680
-	.word	0
-	.type	TwoTo32,#object
-	.size	TwoTo32,8
-TwoToMinus32:		/* frequency 1.0 confidence 0.0 */
-	.word	1039138816
-	.word	0
-	.type	TwoToMinus32,#object
-	.size	TwoToMinus32,8
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	4
-!
-! SUBROUTINE cleanup
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global cleanup
-                                   cleanup:		/* frequency 1.0 confidence 0.0 */
-! FILE montmulf.c
-
-!    1		                    !#define RF_INLINE_MACROS
-!    3		                    !static double TwoTo16=65536.0;
-!    4		                    !static double TwoToMinus16=1.0/65536.0;
-!    5		                    !static double Zero=0.0;
-!    6		                    !static double TwoTo32=65536.0*65536.0;
-!    7		                    !static double TwoToMinus32=1.0/(65536.0*65536.0);
-!    9		                    !#ifdef RF_INLINE_MACROS
-!   11		                    !double upper32(double);
-!   12		                    !double lower32(double, double);
-!   13		                    !double mod(double, double, double);
-!   15		                    !#else
-!   17		                    !static double upper32(double x)
-!   18		                    !{
-!   19		                    !  return floor(x*TwoToMinus32);
-!   20		                    !}
-!   22		                    !static double lower32(double x, double y)
-!   23		                    !{
-!   24		                    !  return x-TwoTo32*floor(x*TwoToMinus32);
-!   25		                    !}
-!   27		                    !static double mod(double x, double oneoverm, double m)
-!   28		                    !{
-!   29		                    !  return x-m*floor(x*oneoverm);
-!   30		                    !}
-!   32		                    !#endif
-!   35		                    !void cleanup(double *dt, int from, int tlen)
-!   36		                    !{
-!   37		                    ! int i;
-!   38		                    ! double tmp,tmp1,x,x1;
-!   40		                    ! tmp=tmp1=Zero;
-
-/* 000000	  40 ( 0  1) */		sethi	%hi(Zero),%g2
-
-!   41		                    ! /* original code **
-!   42		                    ! for(i=2*from;i<2*tlen-2;i++)
-!   43		                    !   {
-!   44		                    !     x=dt[i];
-!   45		                    !     dt[i]=lower32(x,Zero)+tmp1;
-!   46		                    !     tmp1=tmp;
-!   47		                    !     tmp=upper32(x);
-!   48		                    !   }
-!   49		                    ! dt[tlen-2]+=tmp1;
-!   50		                    ! dt[tlen-1]+=tmp;
-!   51		                    ! **end original code ***/
-!   52		                    ! /* new code ***/
-!   53		                    ! for(i=2*from;i<2*tlen;i+=2)
-
-/* 0x0004	  53 ( 1  2) */		sll	%o2,1,%g3
-/* 0x0008	  40 ( 1  4) */		ldd	[%g2+%lo(Zero)],%f0
-/* 0x000c	     ( 1  2) */		add	%g2,%lo(Zero),%g2
-/* 0x0010	  53 ( 2  3) */		sll	%o1,1,%g4
-/* 0x0014	  36 ( 3  4) */		sll	%o1,4,%g1
-/* 0x0018	  40 ( 3  4) */		fmovd	%f0,%f4
-/* 0x001c	  53 ( 3  4) */		cmp	%g4,%g3
-/* 0x0020	     ( 3  4) */		bge,pt	%icc,.L77000116	! tprob=0.56
-/* 0x0024	     ( 4  5) */		fmovd	%f0,%f2
-/* 0x0028	  36 ( 4  5) */		add	%o0,%g1,%g1
-/* 0x002c	     ( 4  5) */		sub	%g3,1,%g3
-
-!   54		                    !   {
-!   55		                    !     x=dt[i];
-
-/* 0x0030	  55 ( 5  8) */		ldd	[%g1],%f8
-                                   .L900000114:		/* frequency 6.4 confidence 0.0 */
-/* 0x0034	     ( 0  3) */		fdtox	%f8,%f6
-
-!   56		                    !     x1=dt[i+1];
-
-/* 0x0038	  56 ( 0  3) */		ldd	[%g1+8],%f10
-
-!   57		                    !     dt[i]=lower32(x,Zero)+tmp;
-!   58		                    !     dt[i+1]=lower32(x1,Zero)+tmp1;
-!   59		                    !     tmp=upper32(x);
-!   60		                    !     tmp1=upper32(x1);
-
-/* 0x003c	  60 ( 0  1) */		add	%g4,2,%g4
-/* 0x0040	     ( 1  4) */		fdtox	%f8,%f8
-/* 0x0044	     ( 1  2) */		cmp	%g4,%g3
-/* 0x0048	     ( 5  6) */		fmovs	%f0,%f6
-/* 0x004c	     ( 7 10) */		fxtod	%f6,%f6
-/* 0x0050	     ( 8 11) */		fdtox	%f10,%f0
-/* 0x0054	  57 (10 13) */		faddd	%f6,%f2,%f2
-/* 0x0058	     (10 11) */		std	%f2,[%g1]
-/* 0x005c	     (12 15) */		ldd	[%g2],%f2
-/* 0x0060	     (14 15) */		fmovs	%f2,%f0
-/* 0x0064	     (16 19) */		fxtod	%f0,%f6
-/* 0x0068	     (17 20) */		fdtox	%f10,%f0
-/* 0x006c	     (18 21) */		fitod	%f8,%f2
-/* 0x0070	  58 (19 22) */		faddd	%f6,%f4,%f4
-/* 0x0074	     (19 20) */		std	%f4,[%g1+8]
-/* 0x0078	  60 (19 20) */		add	%g1,16,%g1
-/* 0x007c	     (20 23) */		fitod	%f0,%f4
-/* 0x0080	     (20 23) */		ldd	[%g2],%f0
-/* 0x0084	     (20 21) */		ble,a,pt	%icc,.L900000114	! tprob=0.86
-/* 0x0088	     (21 24) */		ldd	[%g1],%f8
-                                   .L77000116:		/* frequency 1.0 confidence 0.0 */
-/* 0x008c	     ( 0  2) */		retl	! Result = 
-/* 0x0090	     ( 1  2) */		nop
-/* 0x0094	   0 ( 0  0) */		.type	cleanup,2
-/* 0x0094	     ( 0  0) */		.size	cleanup,(.-cleanup)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	4
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global conv_d16_to_i32
-                                   conv_d16_to_i32:		/* frequency 1.0 confidence 0.0 */
-/* 000000	     ( 0  1) */		save	%sp,-136,%sp
-
-!   61		                    !   }
-!   62		                    !  /** end new code **/
-!   63		                    !}
-!   66		                    !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-!   67		                    !{
-!   68		                    !int i;
-!   69		                    !long long t, t1, a, b, c, d;
-!   71		                    ! t1=0;
-!   72		                    ! a=(long long)d16[0];
-
-/* 0x0004	  72 ( 1  4) */		ldd	[%i1],%f0
-
-!   73		                    ! b=(long long)d16[1];
-!   74		                    ! for(i=0; i<ilen-1; i++)
-
-/* 0x0008	  74 ( 1  2) */		sub	%i3,1,%g2
-/* 0x000c	  67 ( 1  2) */		or	%g0,%i0,%g5
-/* 0x0010	  74 ( 2  3) */		cmp	%g2,0
-/* 0x0014	  71 ( 2  3) */		or	%g0,0,%o4
-/* 0x0018	  72 ( 3  6) */		fdtox	%f0,%f0
-/* 0x001c	     ( 3  4) */		std	%f0,[%sp+120]
-/* 0x0020	  74 ( 3  4) */		or	%g0,0,%o7
-/* 0x0024	  67 ( 4  5) */		or	%g0,%i3,%o0
-/* 0x0028	     ( 4  5) */		sub	%i3,2,%o2
-/* 0x002c	  73 ( 5  8) */		ldd	[%i1+8],%f0
-/* 0x0030	  67 ( 5  6) */		sethi	%hi(0xfc00),%o0
-/* 0x0034	     ( 5  6) */		add	%o2,1,%g3
-/* 0x0038	     ( 6  7) */		add	%o0,1023,%o1
-/* 0x003c	     ( 6  7) */		or	%g0,%g5,%o5
-/* 0x0040	  73 ( 7 10) */		fdtox	%f0,%f0
-/* 0x0044	     ( 7  8) */		std	%f0,[%sp+112]
-/* 0x0048	  72 (11 13) */		ldx	[%sp+120],%g4
-/* 0x004c	  73 (12 14) */		ldx	[%sp+112],%g1
-/* 0x0050	  74 (12 13) */		ble,pt	%icc,.L900000214	! tprob=0.56
-/* 0x0054	     (12 13) */		sethi	%hi(0xfc00),%g2
-/* 0x0058	  67 (13 14) */		or	%g0,-1,%g2
-/* 0x005c	  74 (13 14) */		cmp	%g3,3
-/* 0x0060	  67 (14 15) */		srl	%g2,0,%o3
-/* 0x0064	     (14 15) */		or	%g0,%i1,%g2
-/* 0x0068	  74 (14 15) */		bl,pn	%icc,.L77000134	! tprob=0.44
-/* 0x006c	     (15 18) */		ldd	[%g2+16],%f0
-
-!   75		                    !   {
-!   76		                    !     c=(long long)d16[2*i+2];
-!   77		                    !     t1+=a&0xffffffff;
-!   78		                    !     t=(a>>32);
-!   79		                    !     d=(long long)d16[2*i+3];
-!   80		                    !     t1+=(b&0xffff)<<16;
-
-/* 0x0070	  80 (15 16) */		and	%g1,%o1,%o0
-
-!   81		                    !     t+=(b>>16)+(t1>>32);
-!   82		                    !     i32[i]=t1&0xffffffff;
-!   83		                    !     t1=t;
-!   84		                    !     a=c;
-!   85		                    !     b=d;
-
-/* 0x0074	  85 (15 16) */		add	%g2,16,%g2
-/* 0x0078	  80 (16 17) */		sllx	%o0,16,%g3
-/* 0x007c	  77 (16 17) */		and	%g4,%o3,%o0
-/* 0x0080	  76 (17 20) */		fdtox	%f0,%f0
-/* 0x0084	     (17 18) */		std	%f0,[%sp+104]
-/* 0x0088	  74 (17 18) */		add	%o0,%g3,%o4
-/* 0x008c	  79 (18 21) */		ldd	[%g2+8],%f2
-/* 0x0090	  81 (18 19) */		srax	%g1,16,%o0
-/* 0x0094	  82 (18 19) */		and	%o4,%o3,%o7
-/* 0x0098	  81 (19 20) */		stx	%o0,[%sp+112]
-/* 0x009c	     (19 20) */		srax	%o4,32,%o0
-/* 0x00a0	  85 (19 20) */		add	%g5,4,%o5
-/* 0x00a4	  81 (20 21) */		stx	%o0,[%sp+120]
-/* 0x00a8	  78 (20 21) */		srax	%g4,32,%o4
-/* 0x00ac	  79 (20 23) */		fdtox	%f2,%f0
-/* 0x00b0	     (21 22) */		std	%f0,[%sp+96]
-/* 0x00b4	  81 (22 24) */		ldx	[%sp+112],%o0
-/* 0x00b8	     (23 25) */		ldx	[%sp+120],%g4
-/* 0x00bc	  76 (25 27) */		ldx	[%sp+104],%g3
-/* 0x00c0	  81 (25 26) */		add	%o0,%g4,%g4
-/* 0x00c4	  79 (26 28) */		ldx	[%sp+96],%g1
-/* 0x00c8	  81 (26 27) */		add	%o4,%g4,%o4
-/* 0x00cc	  82 (27 28) */		st	%o7,[%g5]
-/* 0x00d0	     (27 28) */		or	%g0,1,%o7
-/* 0x00d4	  84 (27 28) */		or	%g0,%g3,%g4
-                                   .L900000209:		/* frequency 64.0 confidence 0.0 */
-/* 0x00d8	  76 (17 19) */		ldd	[%g2+16],%f0
-/* 0x00dc	  85 (17 18) */		add	%o7,1,%o7
-/* 0x00e0	     (17 18) */		add	%o5,4,%o5
-/* 0x00e4	     (18 18) */		cmp	%o7,%o2
-/* 0x00e8	     (18 19) */		add	%g2,16,%g2
-/* 0x00ec	  76 (19 22) */		fdtox	%f0,%f0
-/* 0x00f0	     (20 21) */		std	%f0,[%sp+104]
-/* 0x00f4	  79 (21 23) */		ldd	[%g2+8],%f0
-/* 0x00f8	     (23 26) */		fdtox	%f0,%f0
-/* 0x00fc	     (24 25) */		std	%f0,[%sp+96]
-/* 0x0100	  80 (25 26) */		and	%g1,%o1,%g3
-/* 0x0104	     (26 27) */		sllx	%g3,16,%g3
-/* 0x0108	     ( 0  0) */		stx	%g3,[%sp+120]
-/* 0x010c	  77 (26 27) */		and	%g4,%o3,%g3
-/* 0x0110	  74 ( 0  0) */		stx	%o7,[%sp+128]
-/* 0x0114	     ( 0  0) */		ldx	[%sp+120],%o7
-/* 0x0118	     (27 27) */		add	%g3,%o7,%g3
-/* 0x011c	     ( 0  0) */		ldx	[%sp+128],%o7
-/* 0x0120	  81 (28 29) */		srax	%g1,16,%g1
-/* 0x0124	  74 (28 28) */		add	%g3,%o4,%g3
-/* 0x0128	  81 (29 30) */		srax	%g3,32,%o4
-/* 0x012c	     ( 0  0) */		stx	%o4,[%sp+112]
-/* 0x0130	  78 (30 31) */		srax	%g4,32,%o4
-/* 0x0134	  81 ( 0  0) */		ldx	[%sp+112],%g4
-/* 0x0138	     (30 31) */		add	%g1,%g4,%g4
-/* 0x013c	  79 (31 33) */		ldx	[%sp+96],%g1
-/* 0x0140	  81 (31 32) */		add	%o4,%g4,%o4
-/* 0x0144	  82 (32 33) */		and	%g3,%o3,%g3
-/* 0x0148	  84 ( 0  0) */		ldx	[%sp+104],%g4
-/* 0x014c	  85 (33 34) */		ble,pt	%icc,.L900000209	! tprob=0.50
-/* 0x0150	     (33 34) */		st	%g3,[%o5-4]
-                                   .L900000212:		/* frequency 8.0 confidence 0.0 */
-/* 0x0154	  85 ( 0  1) */		ba	.L900000214	! tprob=1.00
-/* 0x0158	     ( 0  1) */		sethi	%hi(0xfc00),%g2
-                                   .L77000134:		/* frequency 0.7 confidence 0.0 */
-                                   .L900000213:		/* frequency 6.4 confidence 0.0 */
-/* 0x015c	  77 ( 0  1) */		and	%g4,%o3,%o0
-/* 0x0160	  80 ( 0  1) */		and	%g1,%o1,%g3
-/* 0x0164	  76 ( 0  3) */		fdtox	%f0,%f0
-/* 0x0168	  77 ( 1  2) */		add	%o4,%o0,%o0
-/* 0x016c	  76 ( 1  2) */		std	%f0,[%sp+104]
-/* 0x0170	  85 ( 1  2) */		add	%o7,1,%o7
-/* 0x0174	  80 ( 2  3) */		sllx	%g3,16,%o4
-/* 0x0178	  79 ( 2  5) */		ldd	[%g2+24],%f2
-/* 0x017c	  85 ( 2  3) */		add	%g2,16,%g2
-/* 0x0180	  80 ( 3  4) */		add	%o0,%o4,%o4
-/* 0x0184	  81 ( 3  4) */		stx	%o7,[%sp+128]
-/* 0x0188	     ( 4  5) */		srax	%g1,16,%o0
-/* 0x018c	     ( 4  5) */		stx	%o0,[%sp+112]
-/* 0x0190	  82 ( 4  5) */		and	%o4,%o3,%g3
-/* 0x0194	  81 ( 5  6) */		srax	%o4,32,%o0
-/* 0x0198	     ( 5  6) */		stx	%o0,[%sp+120]
-/* 0x019c	  79 ( 5  8) */		fdtox	%f2,%f0
-/* 0x01a0	     ( 6  7) */		std	%f0,[%sp+96]
-/* 0x01a4	  78 ( 6  7) */		srax	%g4,32,%o4
-/* 0x01a8	  81 ( 7  9) */		ldx	[%sp+120],%o7
-/* 0x01ac	     ( 8 10) */		ldx	[%sp+112],%g4
-/* 0x01b0	  76 (10 12) */		ldx	[%sp+104],%g1
-/* 0x01b4	  81 (10 11) */		add	%g4,%o7,%g4
-/* 0x01b8	     (11 13) */		ldx	[%sp+128],%o7
-/* 0x01bc	     (11 12) */		add	%o4,%g4,%o4
-/* 0x01c0	  79 (12 14) */		ldx	[%sp+96],%o0
-/* 0x01c4	  84 (12 13) */		or	%g0,%g1,%g4
-/* 0x01c8	  82 (13 14) */		st	%g3,[%o5]
-/* 0x01cc	  85 (13 14) */		add	%o5,4,%o5
-/* 0x01d0	     (13 14) */		cmp	%o7,%o2
-/* 0x01d4	     (14 15) */		or	%g0,%o0,%g1
-/* 0x01d8	     (14 15) */		ble,a,pt	%icc,.L900000213	! tprob=0.86
-/* 0x01dc	     (14 17) */		ldd	[%g2+16],%f0
-                                   .L77000127:		/* frequency 1.0 confidence 0.0 */
-
-!   86		                    !   }
-!   87		                    !     t1+=a&0xffffffff;
-!   88		                    !     t=(a>>32);
-!   89		                    !     t1+=(b&0xffff)<<16;
-!   90		                    !     i32[i]=t1&0xffffffff;
-
-/* 0x01e0	  90 ( 0  1) */		sethi	%hi(0xfc00),%g2
-                                   .L900000214:		/* frequency 1.0 confidence 0.0 */
-/* 0x01e4	  90 ( 0  1) */		or	%g0,-1,%g3
-/* 0x01e8	     ( 0  1) */		add	%g2,1023,%g2
-/* 0x01ec	     ( 1  2) */		srl	%g3,0,%g3
-/* 0x01f0	     ( 1  2) */		and	%g1,%g2,%g2
-/* 0x01f4	     ( 2  3) */		and	%g4,%g3,%g4
-/* 0x01f8	     ( 3  4) */		sllx	%g2,16,%g2
-/* 0x01fc	     ( 3  4) */		add	%o4,%g4,%g4
-/* 0x0200	     ( 4  5) */		add	%g4,%g2,%g2
-/* 0x0204	     ( 5  6) */		sll	%o7,2,%g4
-/* 0x0208	     ( 5  6) */		and	%g2,%g3,%g2
-/* 0x020c	     ( 6  7) */		st	%g2,[%g5+%g4]
-/* 0x0210	     ( 7  9) */		ret	! Result = 
-/* 0x0214	     ( 9 10) */		restore	%g0,%g0,%g0
-/* 0x0218	   0 ( 0  0) */		.type	conv_d16_to_i32,2
-/* 0x0218	     ( 0  0) */		.size	conv_d16_to_i32,(.-conv_d16_to_i32)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	8
-!
-! CONSTANT POOL
-!
-                                   .L_const_seg_900000301:		/* frequency 1.0 confidence 0.0 */
-/* 000000	   0 ( 0  0) */		.word	1127219200,0
-/* 0x0008	   0 ( 0  0) */		.align	4
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global conv_i32_to_d32
-                                   conv_i32_to_d32:		/* frequency 1.0 confidence 0.0 */
-/* 000000	     ( 0  1) */		orcc	%g0,%o2,%g1
-
-!   92		                    !}
-!   94		                    !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-!   95		                    !{
-!   96		                    !int i;
-!   98		                    !#pragma pipeloop(0)
-!   99		                    ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004	  99 ( 0  1) */		ble,pt	%icc,.L77000140	! tprob=0.56
-/* 0x0008	     ( 0  1) */		nop
-/* 0x000c	     ( 1  2) */		sethi	%hi(.L_const_seg_900000301),%g2
-/* 0x0010	  95 ( 1  2) */		or	%g0,%o1,%g4
-/* 0x0014	  99 ( 2  3) */		add	%g2,%lo(.L_const_seg_900000301),%g2
-/* 0x0018	     ( 2  3) */		or	%g0,0,%o5
-/* 0x001c	  95 ( 3  4) */		or	%g0,%o0,%g5
-/* 0x0020	  99 ( 3  4) */		sub	%o2,1,%g3
-/* 0x0024	     ( 4  5) */		cmp	%o2,9
-/* 0x0028	     ( 4  5) */		bl,pn	%icc,.L77000144	! tprob=0.44
-/* 0x002c	     ( 4  7) */		ldd	[%g2],%f8
-/* 0x0030	     ( 5  8) */		ld	[%o1],%f7
-/* 0x0034	     ( 5  6) */		add	%o1,16,%g4
-/* 0x0038	     ( 5  6) */		sub	%o2,5,%g1
-/* 0x003c	     ( 6  9) */		ld	[%o1+4],%f5
-/* 0x0040	     ( 6  7) */		or	%g0,4,%o5
-/* 0x0044	     ( 7 10) */		ld	[%o1+8],%f3
-/* 0x0048	     ( 7  8) */		fmovs	%f8,%f6
-/* 0x004c	     ( 8 11) */		ld	[%o1+12],%f1
-                                   .L900000305:		/* frequency 64.0 confidence 0.0 */
-/* 0x0050	     ( 8 16) */		ld	[%g4],%f11
-/* 0x0054	     ( 8  9) */		add	%o5,5,%o5
-/* 0x0058	     ( 8  9) */		add	%g4,20,%g4
-/* 0x005c	     ( 8 11) */		fsubd	%f6,%f8,%f6
-/* 0x0060	     ( 9 10) */		std	%f6,[%g5]
-/* 0x0064	     ( 9  9) */		cmp	%o5,%g1
-/* 0x0068	     ( 9 10) */		add	%g5,40,%g5
-/* 0x006c	     ( 0  0) */		fmovs	%f8,%f4
-/* 0x0070	     (10 18) */		ld	[%g4-16],%f7
-/* 0x0074	     (10 13) */		fsubd	%f4,%f8,%f12
-/* 0x0078	     ( 0  0) */		fmovs	%f8,%f2
-/* 0x007c	     (11 12) */		std	%f12,[%g5-32]
-/* 0x0080	     (12 20) */		ld	[%g4-12],%f5
-/* 0x0084	     (12 15) */		fsubd	%f2,%f8,%f12
-/* 0x0088	     ( 0  0) */		fmovs	%f8,%f0
-/* 0x008c	     (13 14) */		std	%f12,[%g5-24]
-/* 0x0090	     (14 22) */		ld	[%g4-8],%f3
-/* 0x0094	     (14 17) */		fsubd	%f0,%f8,%f12
-/* 0x0098	     ( 0  0) */		fmovs	%f8,%f10
-/* 0x009c	     (15 16) */		std	%f12,[%g5-16]
-/* 0x00a0	     (16 24) */		ld	[%g4-4],%f1
-/* 0x00a4	     (16 19) */		fsubd	%f10,%f8,%f10
-/* 0x00a8	     ( 0  0) */		fmovs	%f8,%f6
-/* 0x00ac	     (17 18) */		ble,pt	%icc,.L900000305	! tprob=0.50
-/* 0x00b0	     (17 18) */		std	%f10,[%g5-8]
-                                   .L900000308:		/* frequency 8.0 confidence 0.0 */
-/* 0x00b4	     ( 0  1) */		fmovs	%f8,%f4
-/* 0x00b8	     ( 0  1) */		add	%g5,32,%g5
-/* 0x00bc	     ( 0  1) */		cmp	%o5,%g3
-/* 0x00c0	     ( 1  2) */		fmovs	%f8,%f2
-/* 0x00c4	     ( 2  3) */		fmovs	%f8,%f0
-/* 0x00c8	     ( 4  7) */		fsubd	%f6,%f8,%f6
-/* 0x00cc	     ( 4  5) */		std	%f6,[%g5-32]
-/* 0x00d0	     ( 5  8) */		fsubd	%f4,%f8,%f4
-/* 0x00d4	     ( 5  6) */		std	%f4,[%g5-24]
-/* 0x00d8	     ( 6  9) */		fsubd	%f2,%f8,%f2
-/* 0x00dc	     ( 6  7) */		std	%f2,[%g5-16]
-/* 0x00e0	     ( 7 10) */		fsubd	%f0,%f8,%f0
-/* 0x00e4	     ( 7  8) */		bg,pn	%icc,.L77000140	! tprob=0.14
-/* 0x00e8	     ( 7  8) */		std	%f0,[%g5-8]
-                                   .L77000144:		/* frequency 0.7 confidence 0.0 */
-/* 0x00ec	     ( 0  3) */		ld	[%g4],%f1
-                                   .L900000309:		/* frequency 6.4 confidence 0.0 */
-/* 0x00f0	     ( 0  3) */		ldd	[%g2],%f8
-/* 0x00f4	     ( 0  1) */		add	%o5,1,%o5
-/* 0x00f8	     ( 0  1) */		add	%g4,4,%g4
-/* 0x00fc	     ( 1  2) */		cmp	%o5,%g3
-/* 0x0100	     ( 2  3) */		fmovs	%f8,%f0
-/* 0x0104	     ( 4  7) */		fsubd	%f0,%f8,%f0
-/* 0x0108	     ( 4  5) */		std	%f0,[%g5]
-/* 0x010c	     ( 4  5) */		add	%g5,8,%g5
-/* 0x0110	     ( 4  5) */		ble,a,pt	%icc,.L900000309	! tprob=0.86
-/* 0x0114	     ( 6  9) */		ld	[%g4],%f1
-                                   .L77000140:		/* frequency 1.0 confidence 0.0 */
-/* 0x0118	     ( 0  2) */		retl	! Result = 
-/* 0x011c	     ( 1  2) */		nop
-/* 0x0120	   0 ( 0  0) */		.type	conv_i32_to_d32,2
-/* 0x0120	     ( 0  0) */		.size	conv_i32_to_d32,(.-conv_i32_to_d32)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	8
-!
-! CONSTANT POOL
-!
-                                   .L_const_seg_900000401:		/* frequency 1.0 confidence 0.0 */
-/* 000000	   0 ( 0  0) */		.word	1127219200,0
-/* 0x0008	   0 ( 0  0) */		.align	4
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global conv_i32_to_d16
-                                   conv_i32_to_d16:		/* frequency 1.0 confidence 0.0 */
-/* 000000	     ( 0  1) */		save	%sp,-104,%sp
-/* 0x0004	     ( 1  2) */		orcc	%g0,%i2,%o0
-
-!  100		                    !}
-!  103		                    !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-!  104		                    !{
-!  105		                    !int i;
-!  106		                    !unsigned int a;
-!  108		                    !#pragma pipeloop(0)
-!  109		                    ! for(i=0;i<len;i++)
-
-/* 0x0008	 109 ( 1  2) */		ble,pt	%icc,.L77000150	! tprob=0.56
-/* 0x000c	     ( 1  2) */		nop
-/* 0x0010	     ( 2  3) */		sub	%o0,1,%o5
-/* 0x0014	     ( 2  3) */		sethi	%hi(0xfc00),%g2
-
-!  110		                    !   {
-!  111		                    !     a=i32[i];
-!  112		                    !     d16[2*i]=(double)(a&0xffff);
-!  113		                    !     d16[2*i+1]=(double)(a>>16);
-
-/* 0x0018	 113 ( 3  4) */		sethi	%hi(.L_const_seg_900000401),%o0
-/* 0x001c	     ( 3  4) */		add	%o5,1,%g3
-/* 0x0020	     ( 4  5) */		add	%g2,1023,%o4
-/* 0x0024	 109 ( 4  5) */		or	%g0,0,%g1
-/* 0x0028	     ( 5  6) */		cmp	%g3,3
-/* 0x002c	     ( 5  6) */		or	%g0,%i1,%o7
-/* 0x0030	     ( 6  7) */		add	%o0,%lo(.L_const_seg_900000401),%o3
-/* 0x0034	     ( 6  7) */		or	%g0,%i0,%g2
-/* 0x0038	     ( 6  7) */		bl,pn	%icc,.L77000154	! tprob=0.44
-/* 0x003c	     ( 7  8) */		add	%o7,4,%o0
-/* 0x0040	 112 ( 7 10) */		ldd	[%o3],%f0
-/* 0x0044	 113 ( 7  8) */		or	%g0,1,%g1
-/* 0x0048	 111 ( 8 11) */		ld	[%o0-4],%o1
-/* 0x004c	   0 ( 8  9) */		or	%g0,%o0,%o7
-/* 0x0050	 112 (10 11) */		and	%o1,%o4,%o0
-                                   .L900000406:		/* frequency 64.0 confidence 0.0 */
-/* 0x0054	 112 (22 23) */		st	%o0,[%sp+96]
-/* 0x0058	 113 (22 23) */		add	%g1,1,%g1
-/* 0x005c	     (22 23) */		add	%g2,16,%g2
-/* 0x0060	     (23 23) */		cmp	%g1,%o5
-/* 0x0064	     (23 24) */		add	%o7,4,%o7
-/* 0x0068	 112 (29 31) */		ld	[%sp+96],%f3
-/* 0x006c	     ( 0  0) */		fmovs	%f0,%f2
-/* 0x0070	     (31 34) */		fsubd	%f2,%f0,%f2
-/* 0x0074	 113 (32 33) */		srl	%o1,16,%o0
-/* 0x0078	 112 (32 33) */		std	%f2,[%g2-16]
-/* 0x007c	 113 (33 34) */		st	%o0,[%sp+92]
-/* 0x0080	     (40 42) */		ld	[%sp+92],%f3
-/* 0x0084	 111 (41 43) */		ld	[%o7-4],%o1
-/* 0x0088	 113 ( 0  0) */		fmovs	%f0,%f2
-/* 0x008c	     (42 45) */		fsubd	%f2,%f0,%f2
-/* 0x0090	 112 (43 44) */		and	%o1,%o4,%o0
-/* 0x0094	 113 (43 44) */		ble,pt	%icc,.L900000406	! tprob=0.50
-/* 0x0098	     (43 44) */		std	%f2,[%g2-8]
-                                   .L900000409:		/* frequency 8.0 confidence 0.0 */
-/* 0x009c	 112 ( 0  1) */		st	%o0,[%sp+96]
-/* 0x00a0	     ( 0  1) */		fmovs	%f0,%f2
-/* 0x00a4	 113 ( 0  1) */		add	%g2,16,%g2
-/* 0x00a8	     ( 1  2) */		srl	%o1,16,%o0
-/* 0x00ac	 112 ( 4  7) */		ld	[%sp+96],%f3
-/* 0x00b0	     ( 6  9) */		fsubd	%f2,%f0,%f2
-/* 0x00b4	     ( 6  7) */		std	%f2,[%g2-16]
-/* 0x00b8	 113 ( 7  8) */		st	%o0,[%sp+92]
-/* 0x00bc	     (10 11) */		fmovs	%f0,%f2
-/* 0x00c0	     (11 14) */		ld	[%sp+92],%f3
-/* 0x00c4	     (13 16) */		fsubd	%f2,%f0,%f0
-/* 0x00c8	     (13 14) */		std	%f0,[%g2-8]
-/* 0x00cc	     (14 16) */		ret	! Result = 
-/* 0x00d0	     (16 17) */		restore	%g0,%g0,%g0
-                                   .L77000154:		/* frequency 0.7 confidence 0.0 */
-/* 0x00d4	 111 ( 0  3) */		ld	[%o7],%o0
-                                   .L900000410:		/* frequency 6.4 confidence 0.0 */
-/* 0x00d8	 112 ( 0  1) */		and	%o0,%o4,%o1
-/* 0x00dc	     ( 0  1) */		st	%o1,[%sp+96]
-/* 0x00e0	 113 ( 0  1) */		add	%g1,1,%g1
-/* 0x00e4	 112 ( 1  4) */		ldd	[%o3],%f0
-/* 0x00e8	 113 ( 1  2) */		srl	%o0,16,%o0
-/* 0x00ec	     ( 1  2) */		add	%o7,4,%o7
-/* 0x00f0	     ( 2  3) */		cmp	%g1,%o5
-/* 0x00f4	 112 ( 3  4) */		fmovs	%f0,%f2
-/* 0x00f8	     ( 4  7) */		ld	[%sp+96],%f3
-/* 0x00fc	     ( 6  9) */		fsubd	%f2,%f0,%f2
-/* 0x0100	     ( 6  7) */		std	%f2,[%g2]
-/* 0x0104	 113 ( 7  8) */		st	%o0,[%sp+92]
-/* 0x0108	     (10 11) */		fmovs	%f0,%f2
-/* 0x010c	     (11 14) */		ld	[%sp+92],%f3
-/* 0x0110	     (13 16) */		fsubd	%f2,%f0,%f0
-/* 0x0114	     (13 14) */		std	%f0,[%g2+8]
-/* 0x0118	     (13 14) */		add	%g2,16,%g2
-/* 0x011c	     (13 14) */		ble,a,pt	%icc,.L900000410	! tprob=0.86
-/* 0x0120	     (14 17) */		ld	[%o7],%o0
-                                   .L77000150:		/* frequency 1.0 confidence 0.0 */
-/* 0x0124	     ( 0  2) */		ret	! Result = 
-/* 0x0128	     ( 2  3) */		restore	%g0,%g0,%g0
-/* 0x012c	   0 ( 0  0) */		.type	conv_i32_to_d16,2
-/* 0x012c	     ( 0  0) */		.size	conv_i32_to_d16,(.-conv_i32_to_d16)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	8
-!
-! CONSTANT POOL
-!
-                                   .L_const_seg_900000501:		/* frequency 1.0 confidence 0.0 */
-/* 000000	   0 ( 0  0) */		.word	1127219200,0
-/* 0x0008	   0 ( 0  0) */		.align	4
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global conv_i32_to_d32_and_d16
-                                   conv_i32_to_d32_and_d16:		/* frequency 1.0 confidence 0.0 */
-/* 000000	     ( 0  1) */		save	%sp,-104,%sp
-/* 0x0004	     ( 1  2) */		or	%g0,%i3,%i4
-/* 0x0008	     ( 1  2) */		or	%g0,%i2,%g1
-
-!  114		                    !   }
-!  115		                    !}
-!  118		                    !void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-!  119		                    !			  double * /* 0 */,
-!  120		                    !			  double * /*result16*/, double * /* result32 */,
-!  121		                    !			  float *  /*source - should be unsigned int*
-!  122		                    !		          	       converted to float* */);
-!  126		                    !void conv_i32_to_d32_and_d16(double *d32, double *d16, 
-!  127		                    !			     unsigned int *i32, int len)
-!  128		                    !{
-!  129		                    !int i;
-!  130		                    !unsigned int a;
-!  132		                    !#pragma pipeloop(0)
-!  133		                    ! for(i=0;i<len-3;i+=4)
-
-/* 0x000c	 133 ( 2  3) */		sub	%i4,3,%g2
-/* 0x0010	     ( 2  3) */		or	%g0,0,%o7
-/* 0x0014	     ( 3  4) */		cmp	%g2,0
-/* 0x0018	 128 ( 3  4) */		or	%g0,%i0,%i3
-/* 0x001c	 133 ( 3  4) */		ble,pt	%icc,.L900000515	! tprob=0.56
-/* 0x0020	     ( 4  5) */		cmp	%o7,%i4
-
-!  134		                    !   {
-!  135		                    !     i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-!  136		                    !			  &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x0024	 136 ( 4  5) */		sethi	%hi(Zero),%g2
-/* 0x0028	 133 ( 5  6) */		or	%g0,%g1,%o3
-/* 0x002c	     ( 5  6) */		sub	%i4,4,%o2
-/* 0x0030	 136 ( 6  7) */		add	%g2,%lo(Zero),%o1
-/* 0x0034	 133 ( 6  7) */		or	%g0,0,%o5
-/* 0x0038	     ( 7  8) */		or	%g0,0,%o4
-/* 0x003c	 136 ( 7  8) */		or	%g0,%o3,%g4
-                                   .L900000514:		/* frequency 6.4 confidence 0.0 */
-/* 0x0040	     ( 0  3) */		ldd	[%o1],%f2
-/* 0x0044	 136 ( 0  1) */		add	%i3,%o5,%g2
-/* 0x0048	     ( 0  1) */		add	%i1,%o4,%g3
-/* 0x004c	     ( 1  4) */		ldd	[%o1-8],%f0
-/* 0x0050	     ( 1  2) */		add	%o7,4,%o7
-/* 0x0054	     ( 1  2) */		add	%o3,16,%o3
-/* 0x0058	     ( 2  3) */		fmovd	%f2,%f14
-/* 0x005c	     ( 2  5) */		ld	[%g4],%f15
-/* 0x0060	     ( 2  3) */		cmp	%o7,%o2
-/* 0x0064	     ( 3  4) */		fmovd	%f2,%f10
-/* 0x0068	     ( 3  6) */		ld	[%g4+4],%f11
-/* 0x006c	     ( 4  5) */		fmovd	%f2,%f6
-/* 0x0070	     ( 4  7) */		ld	[%g4+8],%f7
-/* 0x0074	     ( 5  8) */		ld	[%g4+12],%f3
-/* 0x0078	     ( 5  8) */		fxtod	%f14,%f14
-/* 0x007c	     ( 6  9) */		fxtod	%f10,%f10
-/* 0x0080	     ( 6  9) */		ldd	[%o1-16],%f16
-/* 0x0084	     ( 7 10) */		fxtod	%f6,%f6
-/* 0x0088	     ( 7  8) */		std	%f14,[%i3+%o5]
-/* 0x008c	     ( 7  8) */		add	%o5,32,%o5
-/* 0x0090	     ( 8 11) */		fxtod	%f2,%f2
-/* 0x0094	     ( 8 11) */		fmuld	%f0,%f14,%f12
-/* 0x0098	     ( 8  9) */		std	%f10,[%g2+8]
-/* 0x009c	     ( 9 12) */		fmuld	%f0,%f10,%f8
-/* 0x00a0	     ( 9 10) */		std	%f6,[%g2+16]
-/* 0x00a4	     (10 13) */		fmuld	%f0,%f6,%f4
-/* 0x00a8	     (10 11) */		std	%f2,[%g2+24]
-/* 0x00ac	     (11 14) */		fmuld	%f0,%f2,%f0
-/* 0x00b0	     (11 14) */		fdtox	%f12,%f12
-/* 0x00b4	     (12 15) */		fdtox	%f8,%f8
-/* 0x00b8	     (13 16) */		fdtox	%f4,%f4
-/* 0x00bc	     (14 17) */		fdtox	%f0,%f0
-/* 0x00c0	     (15 18) */		fxtod	%f12,%f12
-/* 0x00c4	     (15 16) */		std	%f12,[%g3+8]
-/* 0x00c8	     (16 19) */		fxtod	%f8,%f8
-/* 0x00cc	     (16 17) */		std	%f8,[%g3+24]
-/* 0x00d0	     (17 20) */		fxtod	%f4,%f4
-/* 0x00d4	     (17 18) */		std	%f4,[%g3+40]
-/* 0x00d8	     (18 21) */		fxtod	%f0,%f0
-/* 0x00dc	     (18 21) */		fmuld	%f12,%f16,%f12
-/* 0x00e0	     (18 19) */		std	%f0,[%g3+56]
-/* 0x00e4	     (19 22) */		fmuld	%f8,%f16,%f8
-/* 0x00e8	     (20 23) */		fmuld	%f4,%f16,%f4
-/* 0x00ec	     (21 24) */		fmuld	%f0,%f16,%f0
-/* 0x00f0	     (21 24) */		fsubd	%f14,%f12,%f12
-/* 0x00f4	     (21 22) */		std	%f12,[%i1+%o4]
-/* 0x00f8	     (22 25) */		fsubd	%f10,%f8,%f8
-/* 0x00fc	     (22 23) */		std	%f8,[%g3+16]
-/* 0x0100	     (22 23) */		add	%o4,64,%o4
-/* 0x0104	     (23 26) */		fsubd	%f6,%f4,%f4
-/* 0x0108	     (23 24) */		std	%f4,[%g3+32]
-/* 0x010c	     (24 27) */		fsubd	%f2,%f0,%f0
-/* 0x0110	     (24 25) */		std	%f0,[%g3+48]
-/* 0x0114	     (24 25) */		ble,pt	%icc,.L900000514	! tprob=0.86
-/* 0x0118	     (25 26) */		or	%g0,%o3,%g4
-                                   .L77000159:		/* frequency 1.0 confidence 0.0 */
-
-!  137		                    !   }
-!  138		                    ! for(;i<len;i++)
-
-/* 0x011c	 138 ( 0  1) */		cmp	%o7,%i4
-                                   .L900000515:		/* frequency 1.0 confidence 0.0 */
-/* 0x0120	 138 ( 0  1) */		bge,pt	%icc,.L77000164	! tprob=0.56
-/* 0x0124	     ( 0  1) */		nop
-
-!  139		                    !   {
-!  140		                    !     a=i32[i];
-!  141		                    !     d32[i]=(double)(i32[i]);
-!  142		                    !     d16[2*i]=(double)(a&0xffff);
-!  143		                    !     d16[2*i+1]=(double)(a>>16);
-
-/* 0x0128	 143 ( 0  1) */		sethi	%hi(.L_const_seg_900000501),%o1
-/* 0x012c	 138 ( 1  2) */		sethi	%hi(0xfc00),%o0
-/* 0x0130	 141 ( 1  4) */		ldd	[%o1+%lo(.L_const_seg_900000501)],%f0
-/* 0x0134	 138 ( 1  2) */		sub	%i4,%o7,%g3
-/* 0x0138	     ( 2  3) */		sll	%o7,2,%g2
-/* 0x013c	     ( 2  3) */		add	%o0,1023,%o3
-/* 0x0140	     ( 3  4) */		sll	%o7,3,%g4
-/* 0x0144	     ( 3  4) */		cmp	%g3,3
-/* 0x0148	     ( 4  5) */		add	%g1,%g2,%o0
-/* 0x014c	     ( 4  5) */		add	%o1,%lo(.L_const_seg_900000501),%o2
-/* 0x0150	     ( 5  6) */		add	%i3,%g4,%o4
-/* 0x0154	     ( 5  6) */		sub	%i4,1,%o1
-/* 0x0158	     ( 6  7) */		sll	%o7,4,%g5
-/* 0x015c	     ( 6  7) */		bl,pn	%icc,.L77000161	! tprob=0.44
-/* 0x0160	     ( 7  8) */		add	%i1,%g5,%o5
-/* 0x0164	 141 ( 7 10) */		ld	[%g1+%g2],%f3
-/* 0x0168	 143 ( 7  8) */		add	%o4,8,%o4
-/* 0x016c	 140 ( 8 11) */		ld	[%g1+%g2],%g1
-/* 0x0170	 143 ( 8  9) */		add	%o5,16,%o5
-/* 0x0174	     ( 8  9) */		add	%o7,1,%o7
-/* 0x0178	 141 ( 9 10) */		fmovs	%f0,%f2
-/* 0x017c	 143 ( 9 10) */		add	%o0,4,%o0
-/* 0x0180	 142 (10 11) */		and	%g1,%o3,%g2
-/* 0x0184	 141 (11 14) */		fsubd	%f2,%f0,%f2
-/* 0x0188	     (11 12) */		std	%f2,[%o4-8]
-/* 0x018c	 143 (11 12) */		srl	%g1,16,%g1
-/* 0x0190	 142 (12 13) */		st	%g2,[%sp+96]
-/* 0x0194	     (15 16) */		fmovs	%f0,%f2
-/* 0x0198	     (16 19) */		ld	[%sp+96],%f3
-/* 0x019c	     (18 21) */		fsubd	%f2,%f0,%f2
-/* 0x01a0	     (18 19) */		std	%f2,[%o5-16]
-/* 0x01a4	 143 (19 20) */		st	%g1,[%sp+92]
-/* 0x01a8	     (22 23) */		fmovs	%f0,%f2
-/* 0x01ac	     (23 26) */		ld	[%sp+92],%f3
-/* 0x01b0	     (25 28) */		fsubd	%f2,%f0,%f2
-/* 0x01b4	     (25 26) */		std	%f2,[%o5-8]
-                                   .L900000509:		/* frequency 64.0 confidence 0.0 */
-/* 0x01b8	 141 (26 28) */		ld	[%o0],%f3
-/* 0x01bc	 143 (26 27) */		add	%o7,2,%o7
-/* 0x01c0	     (26 27) */		add	%o5,32,%o5
-/* 0x01c4	 140 (27 29) */		ld	[%o0],%g1
-/* 0x01c8	 143 (27 27) */		cmp	%o7,%o1
-/* 0x01cc	     (27 28) */		add	%o4,16,%o4
-/* 0x01d0	 141 ( 0  0) */		fmovs	%f0,%f2
-/* 0x01d4	     (28 31) */		fsubd	%f2,%f0,%f2
-/* 0x01d8	     (29 30) */		std	%f2,[%o4-16]
-/* 0x01dc	 142 (29 30) */		and	%g1,%o3,%g2
-/* 0x01e0	     (30 31) */		st	%g2,[%sp+96]
-/* 0x01e4	     (37 39) */		ld	[%sp+96],%f3
-/* 0x01e8	     ( 0  0) */		fmovs	%f0,%f2
-/* 0x01ec	     (39 42) */		fsubd	%f2,%f0,%f2
-/* 0x01f0	 143 (40 41) */		srl	%g1,16,%g1
-/* 0x01f4	 142 (40 41) */		std	%f2,[%o5-32]
-/* 0x01f8	 143 (41 42) */		st	%g1,[%sp+92]
-/* 0x01fc	     (48 50) */		ld	[%sp+92],%f3
-/* 0x0200	     ( 0  0) */		fmovs	%f0,%f2
-/* 0x0204	     (50 53) */		fsubd	%f2,%f0,%f2
-/* 0x0208	     (51 52) */		std	%f2,[%o5-24]
-/* 0x020c	     (51 52) */		add	%o0,4,%o0
-/* 0x0210	 141 (52 54) */		ld	[%o0],%f3
-/* 0x0214	 140 (53 55) */		ld	[%o0],%g1
-/* 0x0218	 141 ( 0  0) */		fmovs	%f0,%f2
-/* 0x021c	     (54 57) */		fsubd	%f2,%f0,%f2
-/* 0x0220	     (55 56) */		std	%f2,[%o4-8]
-/* 0x0224	 142 (55 56) */		and	%g1,%o3,%g2
-/* 0x0228	     (56 57) */		st	%g2,[%sp+96]
-/* 0x022c	     (63 65) */		ld	[%sp+96],%f3
-/* 0x0230	     ( 0  0) */		fmovs	%f0,%f2
-/* 0x0234	     (65 68) */		fsubd	%f2,%f0,%f2
-/* 0x0238	 143 (66 67) */		srl	%g1,16,%g1
-/* 0x023c	 142 (66 67) */		std	%f2,[%o5-16]
-/* 0x0240	 143 (67 68) */		st	%g1,[%sp+92]
-/* 0x0244	     (74 76) */		ld	[%sp+92],%f3
-/* 0x0248	     ( 0  0) */		fmovs	%f0,%f2
-/* 0x024c	     (76 79) */		fsubd	%f2,%f0,%f2
-/* 0x0250	     (77 78) */		std	%f2,[%o5-8]
-/* 0x0254	     (77 78) */		bl,pt	%icc,.L900000509	! tprob=0.50
-/* 0x0258	     (77 78) */		add	%o0,4,%o0
-                                   .L900000512:		/* frequency 8.0 confidence 0.0 */
-/* 0x025c	 143 ( 0  1) */		cmp	%o7,%i4
-/* 0x0260	     ( 0  1) */		bge,pn	%icc,.L77000164	! tprob=0.14
-/* 0x0264	     ( 0  1) */		nop
-                                   .L77000161:		/* frequency 0.7 confidence 0.0 */
-/* 0x0268	 141 ( 0  3) */		ld	[%o0],%f3
-                                   .L900000513:		/* frequency 6.4 confidence 0.0 */
-/* 0x026c	 141 ( 0  3) */		ldd	[%o2],%f0
-/* 0x0270	 143 ( 0  1) */		add	%o7,1,%o7
-/* 0x0274	 140 ( 1  4) */		ld	[%o0],%o1
-/* 0x0278	 143 ( 1  2) */		add	%o0,4,%o0
-/* 0x027c	     ( 1  2) */		cmp	%o7,%i4
-/* 0x0280	 141 ( 2  3) */		fmovs	%f0,%f2
-/* 0x0284	 142 ( 3  4) */		and	%o1,%o3,%g1
-/* 0x0288	 141 ( 4  7) */		fsubd	%f2,%f0,%f2
-/* 0x028c	     ( 4  5) */		std	%f2,[%o4]
-/* 0x0290	 143 ( 4  5) */		srl	%o1,16,%o1
-/* 0x0294	 142 ( 5  6) */		st	%g1,[%sp+96]
-/* 0x0298	 143 ( 5  6) */		add	%o4,8,%o4
-/* 0x029c	 142 ( 8  9) */		fmovs	%f0,%f2
-/* 0x02a0	     ( 9 12) */		ld	[%sp+96],%f3
-/* 0x02a4	     (11 14) */		fsubd	%f2,%f0,%f2
-/* 0x02a8	     (11 12) */		std	%f2,[%o5]
-/* 0x02ac	 143 (12 13) */		st	%o1,[%sp+92]
-/* 0x02b0	     (15 16) */		fmovs	%f0,%f2
-/* 0x02b4	     (16 19) */		ld	[%sp+92],%f3
-/* 0x02b8	     (18 21) */		fsubd	%f2,%f0,%f0
-/* 0x02bc	     (18 19) */		std	%f0,[%o5+8]
-/* 0x02c0	     (18 19) */		add	%o5,16,%o5
-/* 0x02c4	     (18 19) */		bl,a,pt	%icc,.L900000513	! tprob=0.86
-/* 0x02c8	     (19 22) */		ld	[%o0],%f3
-                                   .L77000164:		/* frequency 1.0 confidence 0.0 */
-/* 0x02cc	     ( 0  2) */		ret	! Result = 
-/* 0x02d0	     ( 2  3) */		restore	%g0,%g0,%g0
-/* 0x02d4	   0 ( 0  0) */		.type	conv_i32_to_d32_and_d16,2
-/* 0x02d4	     ( 0  0) */		.size	conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	4
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global adjust_montf_result
-                                   adjust_montf_result:		/* frequency 1.0 confidence 0.0 */
-
-!  144		                    !   }
-!  145		                    !}
-!  148		                    !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-!  149		                    !{
-!  150		                    !long long acc;
-!  151		                    !int i;
-!  153		                    ! if(i32[len]>0) i=-1;
-
-/* 000000	 153 ( 0  1) */		sll	%o2,2,%g1
-/* 0x0004	     ( 0  1) */		or	%g0,-1,%g3
-/* 0x0008	     ( 1  4) */		ld	[%o0+%g1],%g1
-/* 0x000c	     ( 3  4) */		cmp	%g1,0
-/* 0x0010	     ( 3  4) */		bleu,pn	%icc,.L77000175	! tprob=0.50
-/* 0x0014	     ( 3  4) */		or	%g0,%o1,%o3
-/* 0x0018	     ( 4  5) */		ba	.L900000611	! tprob=1.00
-/* 0x001c	     ( 4  5) */		cmp	%g3,0
-                                   .L77000175:		/* frequency 0.8 confidence 0.0 */
-
-!  154		                    ! else
-!  155		                    !   {
-!  156		                    !     for(i=len-1; i>=0; i++)
-
-/* 0x0020	 156 ( 0  1) */		subcc	%o2,1,%g3
-/* 0x0024	     ( 0  1) */		bneg,pt	%icc,.L900000611	! tprob=0.60
-/* 0x0028	     ( 1  2) */		cmp	%g3,0
-/* 0x002c	     ( 1  2) */		sll	%g3,2,%g1
-/* 0x0030	     ( 2  3) */		add	%o0,%g1,%g2
-/* 0x0034	     ( 2  3) */		add	%o1,%g1,%g1
-
-!  157		                    !       {
-!  158		                    !	 if(i32[i]!=nint[i]) break;
-
-/* 0x0038	 158 ( 3  6) */		ld	[%g1],%g5
-                                   .L900000610:		/* frequency 5.3 confidence 0.0 */
-/* 0x003c	 158 ( 0  3) */		ld	[%g2],%o5
-/* 0x0040	     ( 0  1) */		add	%g1,4,%g1
-/* 0x0044	     ( 0  1) */		add	%g2,4,%g2
-/* 0x0048	     ( 2  3) */		cmp	%o5,%g5
-/* 0x004c	     ( 2  3) */		bne,pn	%icc,.L77000182	! tprob=0.16
-/* 0x0050	     ( 2  3) */		nop
-/* 0x0054	     ( 3  4) */		addcc	%g3,1,%g3
-/* 0x0058	     ( 3  4) */		bpos,a,pt	%icc,.L900000610	! tprob=0.84
-/* 0x005c	     ( 3  6) */		ld	[%g1],%g5
-                                   .L77000182:		/* frequency 1.0 confidence 0.0 */
-
-!  159		                    !       }
-!  160		                    !   }
-!  161		                    ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x0060	 161 ( 0  1) */		cmp	%g3,0
-                                   .L900000611:		/* frequency 1.0 confidence 0.0 */
-/* 0x0064	 161 ( 0  1) */		bl,pn	%icc,.L77000198	! tprob=0.50
-/* 0x0068	     ( 0  1) */		sll	%g3,2,%g2
-/* 0x006c	     ( 1  4) */		ld	[%o1+%g2],%g1
-/* 0x0070	     ( 2  5) */		ld	[%o0+%g2],%g2
-/* 0x0074	     ( 4  5) */		cmp	%g2,%g1
-/* 0x0078	     ( 4  5) */		bleu,pt	%icc,.L77000191	! tprob=0.56
-/* 0x007c	     ( 4  5) */		nop
-                                   .L77000198:		/* frequency 0.8 confidence 0.0 */
-
-!  162		                    !   {
-!  163		                    !     acc=0;
-!  164		                    !     for(i=0;i<len;i++)
-
-/* 0x0080	 164 ( 0  1) */		cmp	%o2,0
-/* 0x0084	     ( 0  1) */		ble,pt	%icc,.L77000191	! tprob=0.60
-/* 0x0088	     ( 0  1) */		nop
-/* 0x008c	 161 ( 1  2) */		or	%g0,-1,%g2
-/* 0x0090	     ( 1  2) */		sub	%o2,1,%g4
-/* 0x0094	     ( 2  3) */		srl	%g2,0,%g3
-/* 0x0098	 163 ( 2  3) */		or	%g0,0,%g5
-/* 0x009c	 164 ( 3  4) */		or	%g0,0,%o5
-/* 0x00a0	 161 ( 3  4) */		or	%g0,%o0,%o4
-/* 0x00a4	     ( 4  5) */		cmp	%o2,3
-/* 0x00a8	     ( 4  5) */		add	%o1,4,%g2
-/* 0x00ac	 164 ( 4  5) */		bl,pn	%icc,.L77000199	! tprob=0.40
-/* 0x00b0	     ( 5  6) */		add	%o0,8,%g1
-
-!  165		                    !       {
-!  166		                    !	 acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00b4	 166 ( 5  8) */		ld	[%o0],%o2
-/* 0x00b8	   0 ( 5  6) */		or	%g0,%g2,%o3
-/* 0x00bc	 166 ( 6  9) */		ld	[%o1],%o1
-/* 0x00c0	   0 ( 6  7) */		or	%g0,%g1,%o4
-
-!  167		                    !	 i32[i]=acc&0xffffffff;
-!  168		                    !	 acc=acc>>32;
-
-/* 0x00c4	 168 ( 6  7) */		or	%g0,2,%o5
-/* 0x00c8	 166 ( 7 10) */		ld	[%o0+4],%g1
-/* 0x00cc	 164 ( 8  9) */		sub	%o2,%o1,%o2
-/* 0x00d0	     ( 9 10) */		or	%g0,%o2,%g5
-/* 0x00d4	 167 ( 9 10) */		and	%o2,%g3,%o2
-/* 0x00d8	     ( 9 10) */		st	%o2,[%o0]
-/* 0x00dc	 168 (10 11) */		srax	%g5,32,%g5
-                                   .L900000605:		/* frequency 64.0 confidence 0.0 */
-/* 0x00e0	 166 (12 20) */		ld	[%o3],%o2
-/* 0x00e4	 168 (12 13) */		add	%o5,1,%o5
-/* 0x00e8	     (12 13) */		add	%o3,4,%o3
-/* 0x00ec	     (13 13) */		cmp	%o5,%g4
-/* 0x00f0	     (13 14) */		add	%o4,4,%o4
-/* 0x00f4	 164 (14 14) */		sub	%g1,%o2,%g1
-/* 0x00f8	     (15 15) */		add	%g1,%g5,%g5
-/* 0x00fc	 167 (16 17) */		and	%g5,%g3,%o2
-/* 0x0100	 166 (16 24) */		ld	[%o4-4],%g1
-/* 0x0104	 167 (17 18) */		st	%o2,[%o4-8]
-/* 0x0108	 168 (17 18) */		ble,pt	%icc,.L900000605	! tprob=0.50
-/* 0x010c	     (17 18) */		srax	%g5,32,%g5
-                                   .L900000608:		/* frequency 8.0 confidence 0.0 */
-/* 0x0110	 166 ( 0  3) */		ld	[%o3],%g2
-/* 0x0114	 164 ( 2  3) */		sub	%g1,%g2,%g1
-/* 0x0118	     ( 3  4) */		add	%g1,%g5,%g1
-/* 0x011c	 167 ( 4  5) */		and	%g1,%g3,%g2
-/* 0x0120	     ( 5  7) */		retl	! Result = 
-/* 0x0124	     ( 6  7) */		st	%g2,[%o4-4]
-                                   .L77000199:		/* frequency 0.6 confidence 0.0 */
-/* 0x0128	 166 ( 0  3) */		ld	[%o4],%g1
-                                   .L900000609:		/* frequency 5.3 confidence 0.0 */
-/* 0x012c	 166 ( 0  3) */		ld	[%o3],%g2
-/* 0x0130	     ( 0  1) */		add	%g5,%g1,%g1
-/* 0x0134	 168 ( 0  1) */		add	%o5,1,%o5
-/* 0x0138	     ( 1  2) */		add	%o3,4,%o3
-/* 0x013c	     ( 1  2) */		cmp	%o5,%g4
-/* 0x0140	 166 ( 2  3) */		sub	%g1,%g2,%g1
-/* 0x0144	 167 ( 3  4) */		and	%g1,%g3,%g2
-/* 0x0148	     ( 3  4) */		st	%g2,[%o4]
-/* 0x014c	 168 ( 3  4) */		add	%o4,4,%o4
-/* 0x0150	     ( 4  5) */		srax	%g1,32,%g5
-/* 0x0154	     ( 4  5) */		ble,a,pt	%icc,.L900000609	! tprob=0.84
-/* 0x0158	     ( 4  7) */		ld	[%o4],%g1
-                                   .L77000191:		/* frequency 1.0 confidence 0.0 */
-/* 0x015c	     ( 0  2) */		retl	! Result = 
-/* 0x0160	     ( 1  2) */		nop
-/* 0x0164	   0 ( 0  0) */		.type	adjust_montf_result,2
-/* 0x0164	     ( 0  0) */		.size	adjust_montf_result,(.-adjust_montf_result)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.align	32
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   	.global mont_mulf_noconv
-                                   mont_mulf_noconv:		/* frequency 1.0 confidence 0.0 */
-/* 000000	     ( 0  1) */		save	%sp,-144,%sp
-/* 0x0004	     ( 1  2) */		st	%i0,[%fp+68]
-
-!  169		                    !       }
-!  170		                    !   }
-!  171		                    !}
-!  175		                    !void cleanup(double *dt, int from, int tlen);
-!  177		                    !/*
-!  178		                    !** the lengths of the input arrays should be at least the following:
-!  179		                    !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-!  180		                    !** all of them should be different from one another
-!  181		                    !**
-!  182		                    !*/
-!  183		                    !void mont_mulf_noconv(unsigned int *result,
-!  184		                    !		     double *dm1, double *dm2, double *dt,
-!  185		                    !		     double *dn, unsigned int *nint,
-!  186		                    !		     int nlen, double dn0)
-!  187		                    !{
-!  188		                    ! int i, j, jj;
-!  189		                    ! int tmp;
-!  190		                    ! double digit, m2j, nextm2j, a, b;
-!  191		                    ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-!  193		                    ! pdm1=&(dm1[0]);
-!  194		                    ! pdm2=&(dm2[0]);
-!  195		                    ! pdn=&(dn[0]);
-!  196		                    ! pdm2[2*nlen]=Zero;
-
-/* 0x0008	 196 ( 1  2) */		sethi	%hi(Zero),%g2
-/* 0x000c	 187 ( 1  2) */		or	%g0,%i2,%o1
-/* 0x0010	     ( 2  3) */		st	%i5,[%fp+88]
-/* 0x0014	     ( 2  3) */		or	%g0,%i3,%o2
-/* 0x0018	 196 ( 2  3) */		add	%g2,%lo(Zero),%g4
-/* 0x001c	     ( 3  6) */		ldd	[%g2+%lo(Zero)],%f2
-/* 0x0020	 187 ( 3  4) */		or	%g0,%o2,%g5
-/* 0x0024	 196 ( 3  4) */		or	%g0,%o1,%i0
-/* 0x0028	 187 ( 4  5) */		or	%g0,%i4,%i2
-
-!  198		                    ! if (nlen!=16)
-!  199		                    !   {
-!  200		                    !     for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-!  202		                    !     a=dt[0]=pdm1[0]*pdm2[0];
-!  203		                    !     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  205		                    !     pdtj=&(dt[0]);
-!  206		                    !     for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-!  207		                    !       {
-!  208		                    !	 m2j=pdm2[j];
-!  209		                    !	 a=pdtj[0]+pdn[0]*digit;
-!  210		                    !	 b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-!  211		                    !	 pdtj[1]=b;
-!  213		                    !#pragma pipeloop(0)
-!  214		                    !	 for(i=1;i<nlen;i++)
-!  215		                    !	   {
-!  216		                    !	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-!  217		                    !	   }
-!  218		                    ! 	 if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-!  219		                    !	 
-!  220		                    !	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  221		                    !       }
-!  222		                    !   }
-!  223		                    ! else
-!  224		                    !   {
-!  225		                    !     a=dt[0]=pdm1[0]*pdm2[0];
-!  227		                    !     dt[65]=     dt[64]=     dt[63]=     dt[62]=     dt[61]=     dt[60]=
-!  228		                    !     dt[59]=     dt[58]=     dt[57]=     dt[56]=     dt[55]=     dt[54]=
-!  229		                    !     dt[53]=     dt[52]=     dt[51]=     dt[50]=     dt[49]=     dt[48]=
-!  230		                    !     dt[47]=     dt[46]=     dt[45]=     dt[44]=     dt[43]=     dt[42]=
-!  231		                    !     dt[41]=     dt[40]=     dt[39]=     dt[38]=     dt[37]=     dt[36]=
-!  232		                    !     dt[35]=     dt[34]=     dt[33]=     dt[32]=     dt[31]=     dt[30]=
-!  233		                    !     dt[29]=     dt[28]=     dt[27]=     dt[26]=     dt[25]=     dt[24]=
-!  234		                    !     dt[23]=     dt[22]=     dt[21]=     dt[20]=     dt[19]=     dt[18]=
-!  235		                    !     dt[17]=     dt[16]=     dt[15]=     dt[14]=     dt[13]=     dt[12]=
-!  236		                    !     dt[11]=     dt[10]=     dt[ 9]=     dt[ 8]=     dt[ 7]=     dt[ 6]=
-!  237		                    !     dt[ 5]=     dt[ 4]=     dt[ 3]=     dt[ 2]=     dt[ 1]=Zero;
-!  239		                    !     pdn_0=pdn[0];
-!  240		                    !     pdm1_0=pdm1[0];
-!  242		                    !     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  243		                    !     pdtj=&(dt[0]);
-!  245		                    !     for(j=0;j<32;j++,pdtj++)
-!  246		                    !       {
-!  248		                    !	 m2j=pdm2[j];
-!  249		                    !	 a=pdtj[0]+pdn_0*digit;
-!  250		                    !	 b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-!  251		                    !	 pdtj[1]=b;
-!  253		                    !	 /**** this loop will be fully unrolled:
-!  254		                    !	 for(i=1;i<16;i++)
-!  255		                    !	   {
-!  256		                    !	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-!  257		                    !	   }
-!  258		                    !	 *************************************/
-!  259		                    !	     pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-!  260		                    !	     pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-!  261		                    !	     pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-!  262		                    !	     pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-!  263		                    !	     pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-!  264		                    !	     pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-!  265		                    !	     pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-!  266		                    !	     pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-!  267		                    !	     pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-!  268		                    !	     pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-!  269		                    !	     pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-!  270		                    !	     pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-!  271		                    !	     pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-!  272		                    !	     pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-!  273		                    !	     pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-!  274		                    !	 /* no need for cleenup, cannot overflow */
-!  275		                    !	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  276		                    !       }
-!  277		                    !   }
-!  279		                    ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-!  281		                    ! adjust_montf_result(result,nint,nlen); 
-
-/* 0x002c	 281 ( 4  5) */		or	%g0,1,%o4
-/* 0x0030	 187 ( 6  9) */		ldd	[%fp+96],%f0
-/* 0x0034	 196 ( 7 10) */		ld	[%fp+92],%o0
-/* 0x0038	 187 ( 8  9) */		fmovd	%f0,%f16
-/* 0x003c	 196 ( 9 10) */		sll	%o0,4,%g2
-/* 0x0040	     ( 9 10) */		or	%g0,%o0,%g1
-/* 0x0044	 198 (10 11) */		cmp	%o0,16
-/* 0x0048	     (10 11) */		be,pn	%icc,.L77000289	! tprob=0.50
-/* 0x004c	     (10 11) */		std	%f2,[%o1+%g2]
-/* 0x0050	 200 (11 12) */		sll	%o0,2,%g2
-/* 0x0054	     (11 14) */		ldd	[%g4],%f2
-/* 0x0058	     (12 13) */		add	%g2,2,%o1
-/* 0x005c	     (12 13) */		add	%g2,1,%o3
-/* 0x0060	 196 (13 14) */		sll	%o0,1,%o7
-/* 0x0064	 200 (13 14) */		cmp	%o1,0
-/* 0x0068	     (13 14) */		ble,a,pt	%icc,.L900000755	! tprob=0.55
-/* 0x006c	     (14 17) */		ldd	[%i1],%f0
-/* 0x0070	     (14 15) */		cmp	%o1,3
-/* 0x0074	 281 (14 15) */		or	%g0,1,%o1
-/* 0x0078	     (14 15) */		bl,pn	%icc,.L77000279	! tprob=0.40
-/* 0x007c	     (15 16) */		add	%o2,8,%o0
-/* 0x0080	     (15 16) */		std	%f2,[%g5]
-/* 0x0084	   0 (16 17) */		or	%g0,%o0,%o2
-                                   .L900000726:		/* frequency 64.0 confidence 0.0 */
-/* 0x0088	     ( 3  5) */		ldd	[%g4],%f0
-/* 0x008c	     ( 3  4) */		add	%o4,1,%o4
-/* 0x0090	     ( 3  4) */		add	%o2,8,%o2
-/* 0x0094	     ( 4  4) */		cmp	%o4,%o3
-/* 0x0098	     ( 5  6) */		ble,pt	%icc,.L900000726	! tprob=0.50
-/* 0x009c	     ( 5  6) */		std	%f0,[%o2-8]
-                                   .L900000729:		/* frequency 8.0 confidence 0.0 */
-/* 0x00a0	     ( 0  1) */		ba	.L900000755	! tprob=1.00
-/* 0x00a4	     ( 0  3) */		ldd	[%i1],%f0
-                                   .L77000279:		/* frequency 0.6 confidence 0.0 */
-/* 0x00a8	     ( 0  1) */		std	%f2,[%o2]
-                                   .L900000754:		/* frequency 5.3 confidence 0.0 */
-/* 0x00ac	     ( 0  3) */		ldd	[%g4],%f2
-/* 0x00b0	     ( 0  1) */		cmp	%o1,%o3
-/* 0x00b4	     ( 0  1) */		add	%o2,8,%o2
-/* 0x00b8	     ( 1  2) */		add	%o1,1,%o1
-/* 0x00bc	     ( 1  2) */		ble,a,pt	%icc,.L900000754	! tprob=0.87
-/* 0x00c0	     ( 3  4) */		std	%f2,[%o2]
-                                   .L77000284:		/* frequency 0.8 confidence 0.0 */
-/* 0x00c4	 202 ( 0  3) */		ldd	[%i1],%f0
-                                   .L900000755:		/* frequency 0.8 confidence 0.0 */
-/* 0x00c8	 202 ( 0  3) */		ldd	[%i0],%f2
-/* 0x00cc	     ( 0  1) */		add	%o7,1,%o2
-/* 0x00d0	 206 ( 0  1) */		cmp	%o7,0
-/* 0x00d4	     ( 1  2) */		sll	%o2,1,%o0
-/* 0x00d8	     ( 1  2) */		sub	%o7,1,%o1
-/* 0x00dc	 202 ( 2  5) */		fmuld	%f0,%f2,%f0
-/* 0x00e0	     ( 2  3) */		std	%f0,[%g5]
-/* 0x00e4	     ( 2  3) */		sub	%g1,1,%o7
-/* 0x00e8	     ( 3  6) */		ldd	[%g4],%f6
-/* 0x00ec	   0 ( 3  4) */		or	%g0,%o7,%g3
-/* 0x00f0	     ( 3  4) */		or	%g0,0,%l0
-/* 0x00f4	     ( 4  7) */		ldd	[%g4-8],%f2
-/* 0x00f8	     ( 4  5) */		or	%g0,0,%i5
-/* 0x00fc	     ( 4  5) */		or	%g0,%o1,%o5
-/* 0x0100	     ( 5  8) */		fdtox	%f0,%f0
-/* 0x0104	     ( 5  8) */		ldd	[%g4-16],%f4
-/* 0x0108	     ( 5  6) */		or	%g0,%o0,%o3
-/* 0x010c	 210 ( 6  7) */		add	%i0,8,%o4
-/* 0x0110	     ( 6  7) */		or	%g0,0,%i4
-/* 0x0114	     ( 9 10) */		fmovs	%f6,%f0
-/* 0x0118	     (11 14) */		fxtod	%f0,%f0
-/* 0x011c	 203 (14 17) */		fmuld	%f0,%f16,%f0
-/* 0x0120	     (17 20) */		fmuld	%f0,%f2,%f2
-/* 0x0124	     (20 23) */		fdtox	%f2,%f2
-/* 0x0128	     (23 26) */		fxtod	%f2,%f2
-/* 0x012c	     (26 29) */		fmuld	%f2,%f4,%f2
-/* 0x0130	     (29 32) */		fsubd	%f0,%f2,%f22
-/* 0x0134	 206 (29 30) */		ble,pt	%icc,.L900000748	! tprob=0.60
-/* 0x0138	     (29 30) */		sll	%g1,4,%g2
-/* 0x013c	 210 (30 33) */		ldd	[%i2],%f0
-                                   .L900000749:		/* frequency 5.3 confidence 0.0 */
-/* 0x0140	 210 ( 0  3) */		fmuld	%f0,%f22,%f8
-/* 0x0144	     ( 0  3) */		ldd	[%i1],%f0
-/* 0x0148	 214 ( 0  1) */		cmp	%g1,1
-/* 0x014c	 210 ( 1  4) */		ldd	[%o4+%i4],%f6
-/* 0x0150	     ( 1  2) */		add	%i1,8,%o0
-/* 0x0154	 214 ( 1  2) */		or	%g0,1,%o1
-/* 0x0158	 210 ( 2  5) */		ldd	[%i3],%f2
-/* 0x015c	     ( 2  3) */		add	%i3,16,%l1
-/* 0x0160	     ( 3  6) */		fmuld	%f0,%f6,%f6
-/* 0x0164	     ( 3  6) */		ldd	[%g4-8],%f4
-/* 0x0168	     ( 4  7) */		faddd	%f2,%f8,%f2
-/* 0x016c	     ( 4  7) */		ldd	[%i3+8],%f0
-/* 0x0170	 208 ( 5  8) */		ldd	[%i0+%i4],%f20
-/* 0x0174	 210 ( 6  9) */		faddd	%f0,%f6,%f0
-/* 0x0178	     ( 7 10) */		fmuld	%f2,%f4,%f2
-/* 0x017c	     (10 13) */		faddd	%f0,%f2,%f18
-/* 0x0180	 211 (10 11) */		std	%f18,[%i3+8]
-/* 0x0184	 214 (10 11) */		ble,pt	%icc,.L900000753	! tprob=0.54
-/* 0x0188	     (11 12) */		srl	%i5,31,%g2
-/* 0x018c	     (11 12) */		cmp	%g3,7
-/* 0x0190	 210 (12 13) */		add	%i2,8,%g2
-/* 0x0194	 214 (12 13) */		bl,pn	%icc,.L77000281	! tprob=0.36
-/* 0x0198	     (13 14) */		add	%g2,24,%o2
-/* 0x019c	 216 (13 16) */		ldd	[%o0+16],%f14
-/* 0x01a0	     (13 14) */		add	%i3,48,%l1
-/* 0x01a4	     (14 17) */		ldd	[%o0+24],%f12
-/* 0x01a8	   0 (14 15) */		or	%g0,%o2,%g2
-/* 0x01ac	 214 (14 15) */		sub	%g1,3,%o2
-/* 0x01b0	 216 (15 18) */		ldd	[%o0],%f2
-/* 0x01b4	     (15 16) */		or	%g0,5,%o1
-/* 0x01b8	     (16 19) */		ldd	[%g2-24],%f0
-/* 0x01bc	     (17 20) */		ldd	[%o0+8],%f6
-/* 0x01c0	     (17 20) */		fmuld	%f2,%f20,%f2
-/* 0x01c4	     (17 18) */		add	%o0,32,%o0
-/* 0x01c8	     (18 21) */		ldd	[%g2-16],%f8
-/* 0x01cc	     (18 21) */		fmuld	%f0,%f22,%f4
-/* 0x01d0	     (19 22) */		ldd	[%i3+16],%f0
-/* 0x01d4	     (19 22) */		fmuld	%f6,%f20,%f10
-/* 0x01d8	     (20 23) */		ldd	[%g2-8],%f6
-/* 0x01dc	     (21 24) */		faddd	%f2,%f4,%f4
-/* 0x01e0	     (21 24) */		ldd	[%i3+32],%f2
-                                   .L900000738:		/* frequency 512.0 confidence 0.0 */
-/* 0x01e4	 216 (16 24) */		ldd	[%g2],%f24
-/* 0x01e8	     (16 17) */		add	%o1,3,%o1
-/* 0x01ec	     (16 17) */		add	%g2,24,%g2
-/* 0x01f0	     (16 19) */		fmuld	%f8,%f22,%f8
-/* 0x01f4	     (17 25) */		ldd	[%l1],%f28
-/* 0x01f8	     (17 17) */		cmp	%o1,%o2
-/* 0x01fc	     (17 18) */		add	%o0,24,%o0
-/* 0x0200	     (18 26) */		ldd	[%o0-24],%f26
-/* 0x0204	     (18 21) */		faddd	%f0,%f4,%f0
-/* 0x0208	     (18 19) */		add	%l1,48,%l1
-/* 0x020c	     (19 22) */		faddd	%f10,%f8,%f10
-/* 0x0210	     (19 22) */		fmuld	%f14,%f20,%f4
-/* 0x0214	     (19 20) */		std	%f0,[%l1-80]
-/* 0x0218	     (20 28) */		ldd	[%g2-16],%f8
-/* 0x021c	     (20 23) */		fmuld	%f6,%f22,%f6
-/* 0x0220	     (21 29) */		ldd	[%l1-32],%f0
-/* 0x0224	     (22 30) */		ldd	[%o0-16],%f14
-/* 0x0228	     (22 25) */		faddd	%f2,%f10,%f2
-/* 0x022c	     (23 26) */		faddd	%f4,%f6,%f10
-/* 0x0230	     (23 26) */		fmuld	%f12,%f20,%f4
-/* 0x0234	     (23 24) */		std	%f2,[%l1-64]
-/* 0x0238	     (24 32) */		ldd	[%g2-8],%f6
-/* 0x023c	     (24 27) */		fmuld	%f24,%f22,%f24
-/* 0x0240	     (25 33) */		ldd	[%l1-16],%f2
-/* 0x0244	     (26 34) */		ldd	[%o0-8],%f12
-/* 0x0248	     (26 29) */		faddd	%f28,%f10,%f10
-/* 0x024c	     (27 28) */		std	%f10,[%l1-48]
-/* 0x0250	     (27 30) */		fmuld	%f26,%f20,%f10
-/* 0x0254	     (27 28) */		ble,pt	%icc,.L900000738	! tprob=0.50
-/* 0x0258	     (27 30) */		faddd	%f4,%f24,%f4
-                                   .L900000741:		/* frequency 64.0 confidence 0.0 */
-/* 0x025c	 216 ( 0  3) */		fmuld	%f8,%f22,%f28
-/* 0x0260	     ( 0  3) */		ldd	[%g2],%f24
-/* 0x0264	     ( 0  3) */		faddd	%f0,%f4,%f26
-/* 0x0268	     ( 1  4) */		fmuld	%f12,%f20,%f8
-/* 0x026c	     ( 1  2) */		add	%l1,32,%l1
-/* 0x0270	     ( 1  2) */		cmp	%o1,%g3
-/* 0x0274	     ( 2  5) */		fmuld	%f14,%f20,%f14
-/* 0x0278	     ( 2  5) */		ldd	[%l1-32],%f4
-/* 0x027c	     ( 2  3) */		add	%g2,8,%g2
-/* 0x0280	     ( 3  6) */		faddd	%f10,%f28,%f12
-/* 0x0284	     ( 3  6) */		fmuld	%f6,%f22,%f6
-/* 0x0288	     ( 3  6) */		ldd	[%l1-16],%f0
-/* 0x028c	     ( 4  7) */		fmuld	%f24,%f22,%f10
-/* 0x0290	     ( 4  5) */		std	%f26,[%l1-64]
-/* 0x0294	     ( 6  9) */		faddd	%f2,%f12,%f2
-/* 0x0298	     ( 6  7) */		std	%f2,[%l1-48]
-/* 0x029c	     ( 7 10) */		faddd	%f14,%f6,%f6
-/* 0x02a0	     ( 8 11) */		faddd	%f8,%f10,%f2
-/* 0x02a4	     (10 13) */		faddd	%f4,%f6,%f4
-/* 0x02a8	     (10 11) */		std	%f4,[%l1-32]
-/* 0x02ac	     (11 14) */		faddd	%f0,%f2,%f0
-/* 0x02b0	     (11 12) */		bg,pn	%icc,.L77000213	! tprob=0.13
-/* 0x02b4	     (11 12) */		std	%f0,[%l1-16]
-                                   .L77000281:		/* frequency 4.0 confidence 0.0 */
-/* 0x02b8	 216 ( 0  3) */		ldd	[%o0],%f0
-                                   .L900000752:		/* frequency 36.6 confidence 0.0 */
-/* 0x02bc	 216 ( 0  3) */		ldd	[%g2],%f4
-/* 0x02c0	     ( 0  3) */		fmuld	%f0,%f20,%f2
-/* 0x02c4	     ( 0  1) */		add	%o1,1,%o1
-/* 0x02c8	     ( 1  4) */		ldd	[%l1],%f0
-/* 0x02cc	     ( 1  2) */		add	%o0,8,%o0
-/* 0x02d0	     ( 1  2) */		add	%g2,8,%g2
-/* 0x02d4	     ( 2  5) */		fmuld	%f4,%f22,%f4
-/* 0x02d8	     ( 2  3) */		cmp	%o1,%g3
-/* 0x02dc	     ( 5  8) */		faddd	%f2,%f4,%f2
-/* 0x02e0	     ( 8 11) */		faddd	%f0,%f2,%f0
-/* 0x02e4	     ( 8  9) */		std	%f0,[%l1]
-/* 0x02e8	     ( 8  9) */		add	%l1,16,%l1
-/* 0x02ec	     ( 8  9) */		ble,a,pt	%icc,.L900000752	! tprob=0.87
-/* 0x02f0	     (10 13) */		ldd	[%o0],%f0
-                                   .L77000213:		/* frequency 5.3 confidence 0.0 */
-/* 0x02f4	     ( 0  1) */		srl	%i5,31,%g2
-                                   .L900000753:		/* frequency 5.3 confidence 0.0 */
-/* 0x02f8	 218 ( 0  1) */		cmp	%l0,30
-/* 0x02fc	     ( 0  1) */		bne,a,pt	%icc,.L900000751	! tprob=0.54
-/* 0x0300	     ( 0  3) */		fdtox	%f18,%f0
-/* 0x0304	     ( 1  2) */		add	%i5,%g2,%g2
-/* 0x0308	     ( 1  2) */		sub	%o3,1,%o2
-/* 0x030c	     ( 2  3) */		sra	%g2,1,%o0
-/* 0x0310	 216 ( 2  5) */		ldd	[%g4],%f0
-/* 0x0314	     ( 3  4) */		add	%o0,1,%g2
-/* 0x0318	     ( 4  5) */		sll	%g2,1,%o0
-/* 0x031c	     ( 4  5) */		fmovd	%f0,%f2
-/* 0x0320	     ( 5  6) */		sll	%g2,4,%o1
-/* 0x0324	     ( 5  6) */		cmp	%o0,%o3
-/* 0x0328	     ( 5  6) */		bge,pt	%icc,.L77000215	! tprob=0.53
-/* 0x032c	     ( 6  7) */		or	%g0,0,%l0
-/* 0x0330	 218 ( 6  7) */		add	%g5,%o1,%o1
-/* 0x0334	 216 ( 7 10) */		ldd	[%o1],%f8
-                                   .L900000750:		/* frequency 32.0 confidence 0.0 */
-/* 0x0338	     ( 0  3) */		fdtox	%f8,%f6
-/* 0x033c	     ( 0  3) */		ldd	[%g4],%f10
-/* 0x0340	     ( 0  1) */		add	%o0,2,%o0
-/* 0x0344	     ( 1  4) */		ldd	[%o1+8],%f4
-/* 0x0348	     ( 1  4) */		fdtox	%f8,%f8
-/* 0x034c	     ( 1  2) */		cmp	%o0,%o2
-/* 0x0350	     ( 5  6) */		fmovs	%f10,%f6
-/* 0x0354	     ( 7 10) */		fxtod	%f6,%f10
-/* 0x0358	     ( 8 11) */		fdtox	%f4,%f6
-/* 0x035c	     ( 9 12) */		fdtox	%f4,%f4
-/* 0x0360	     (10 13) */		faddd	%f10,%f2,%f2
-/* 0x0364	     (10 11) */		std	%f2,[%o1]
-/* 0x0368	     (12 15) */		ldd	[%g4],%f2
-/* 0x036c	     (14 15) */		fmovs	%f2,%f6
-/* 0x0370	     (16 19) */		fxtod	%f6,%f6
-/* 0x0374	     (17 20) */		fitod	%f8,%f2
-/* 0x0378	     (19 22) */		faddd	%f6,%f0,%f0
-/* 0x037c	     (19 20) */		std	%f0,[%o1+8]
-/* 0x0380	     (19 20) */		add	%o1,16,%o1
-/* 0x0384	     (20 23) */		fitod	%f4,%f0
-/* 0x0388	     (20 21) */		ble,a,pt	%icc,.L900000750	! tprob=0.87
-/* 0x038c	     (20 23) */		ldd	[%o1],%f8
-                                   .L77000233:		/* frequency 4.6 confidence 0.0 */
-/* 0x0390	     ( 0  0) */		or	%g0,0,%l0
-                                   .L77000215:		/* frequency 5.3 confidence 0.0 */
-/* 0x0394	     ( 0  3) */		fdtox	%f18,%f0
-                                   .L900000751:		/* frequency 5.3 confidence 0.0 */
-/* 0x0398	     ( 0  3) */		ldd	[%g4],%f6
-/* 0x039c	 220 ( 0  1) */		add	%i5,1,%i5
-/* 0x03a0	     ( 0  1) */		add	%i4,8,%i4
-/* 0x03a4	     ( 1  4) */		ldd	[%g4-8],%f2
-/* 0x03a8	     ( 1  2) */		add	%l0,1,%l0
-/* 0x03ac	     ( 1  2) */		add	%i3,8,%i3
-/* 0x03b0	     ( 2  3) */		fmovs	%f6,%f0
-/* 0x03b4	     ( 2  5) */		ldd	[%g4-16],%f4
-/* 0x03b8	     ( 2  3) */		cmp	%i5,%o5
-/* 0x03bc	     ( 4  7) */		fxtod	%f0,%f0
-/* 0x03c0	     ( 7 10) */		fmuld	%f0,%f16,%f0
-/* 0x03c4	     (10 13) */		fmuld	%f0,%f2,%f2
-/* 0x03c8	     (13 16) */		fdtox	%f2,%f2
-/* 0x03cc	     (16 19) */		fxtod	%f2,%f2
-/* 0x03d0	     (19 22) */		fmuld	%f2,%f4,%f2
-/* 0x03d4	     (22 25) */		fsubd	%f0,%f2,%f22
-/* 0x03d8	     (22 23) */		ble,a,pt	%icc,.L900000749	! tprob=0.89
-/* 0x03dc	     (22 25) */		ldd	[%i2],%f0
-                                   .L900000725:		/* frequency 0.7 confidence 0.0 */
-/* 0x03e0	 220 ( 0  1) */		ba	.L900000748	! tprob=1.00
-/* 0x03e4	     ( 0  1) */		sll	%g1,4,%g2
-
-	
-                                   .L77000289:		/* frequency 0.8 confidence 0.0 */
-/* 0x03e8	 225 ( 0  3) */		ldd	[%o1],%f6
-/* 0x03ec	 242 ( 0  1) */		add	%g4,-8,%g2
-/* 0x03f0	     ( 0  1) */		add	%g4,-16,%g3
-/* 0x03f4	 225 ( 1  4) */		ldd	[%i1],%f2
-/* 0x03f8	 245 ( 1  2) */		or	%g0,0,%o3
-/* 0x03fc	     ( 1  2) */		or	%g0,0,%o0
-/* 0x0400	 225 ( 3  6) */		fmuld	%f2,%f6,%f2
-/* 0x0404	     ( 3  4) */		std	%f2,[%o2]
-/* 0x0408	     ( 4  7) */		ldd	[%g4],%f6
-/* 0x040c	 237 ( 7  8) */		std	%f6,[%o2+8]
-/* 0x0410	     ( 8  9) */		std	%f6,[%o2+16]
-/* 0x0414	     ( 9 10) */		std	%f6,[%o2+24]
-/* 0x0418	     (10 11) */		std	%f6,[%o2+32]
-/* 0x041c	     (11 12) */		std	%f6,[%o2+40]
-/* 0x0420	     (12 13) */		std	%f6,[%o2+48]
-/* 0x0424	     (13 14) */		std	%f6,[%o2+56]
-/* 0x0428	     (14 15) */		std	%f6,[%o2+64]
-/* 0x042c	     (15 16) */		std	%f6,[%o2+72]
-!	prefetch	[%i4],0
-!	prefetch	[%i4+32],0
-!	prefetch	[%i4+64],0
-!	prefetch	[%i4+96],0
-!	prefetch	[%i4+120],0
-!	prefetch	[%i1],0
-!	prefetch	[%i1+32],0
-!	prefetch	[%i1+64],0
-!	prefetch	[%i1+96],0
-!	prefetch	[%i1+120],0
-/* 0x0430	     (16 17) */		std	%f6,[%o2+80]
-/* 0x0434	     (17 18) */		std	%f6,[%o2+88]
-/* 0x0438	     (18 19) */		std	%f6,[%o2+96]
-/* 0x043c	     (19 20) */		std	%f6,[%o2+104]
-/* 0x0440	     (20 21) */		std	%f6,[%o2+112]
-/* 0x0444	     (21 22) */		std	%f6,[%o2+120]
-/* 0x0448	     (22 23) */		std	%f6,[%o2+128]
-/* 0x044c	     (23 24) */		std	%f6,[%o2+136]
-/* 0x0450	     (24 25) */		std	%f6,[%o2+144]
-/* 0x0454	     (25 26) */		std	%f6,[%o2+152]
-/* 0x0458	     (26 27) */		std	%f6,[%o2+160]
-/* 0x045c	     (27 28) */		std	%f6,[%o2+168]
-/* 0x0460	     (27 30) */		fdtox	%f2,%f2
-/* 0x0464	     (28 29) */		std	%f6,[%o2+176]
-/* 0x0468	     (29 30) */		std	%f6,[%o2+184]
-/* 0x046c	     (30 31) */		std	%f6,[%o2+192]
-/* 0x0470	     (31 32) */		std	%f6,[%o2+200]
-/* 0x0474	     (32 33) */		std	%f6,[%o2+208]
-/* 0x0478	     (33 34) */		std	%f6,[%o2+216]
-/* 0x047c	     (34 35) */		std	%f6,[%o2+224]
-/* 0x0480	     (35 36) */		std	%f6,[%o2+232]
-/* 0x0484	     (36 37) */		std	%f6,[%o2+240]
-/* 0x0488	     (37 38) */		std	%f6,[%o2+248]
-/* 0x048c	     (38 39) */		std	%f6,[%o2+256]
-/* 0x0490	     (39 40) */		std	%f6,[%o2+264]
-/* 0x0494	     (40 41) */		std	%f6,[%o2+272]
-/* 0x0498	     (41 42) */		std	%f6,[%o2+280]
-/* 0x049c	     (42 43) */		std	%f6,[%o2+288]
-/* 0x04a0	     (43 44) */		std	%f6,[%o2+296]
-/* 0x04a4	     (44 45) */		std	%f6,[%o2+304]
-/* 0x04a8	     (45 46) */		std	%f6,[%o2+312]
-/* 0x04ac	     (46 47) */		std	%f6,[%o2+320]
-/* 0x04b0	     (47 48) */		std	%f6,[%o2+328]
-/* 0x04b4	     (48 49) */		std	%f6,[%o2+336]
-/* 0x04b8	     (49 50) */		std	%f6,[%o2+344]
-/* 0x04bc	     (50 51) */		std	%f6,[%o2+352]
-/* 0x04c0	     (51 52) */		std	%f6,[%o2+360]
-/* 0x04c4	     (52 53) */		std	%f6,[%o2+368]
-/* 0x04c8	     (53 54) */		std	%f6,[%o2+376]
-/* 0x04cc	     (54 55) */		std	%f6,[%o2+384]
-/* 0x04d0	     (55 56) */		std	%f6,[%o2+392]
-/* 0x04d4	     (56 57) */		std	%f6,[%o2+400]
-/* 0x04d8	     (57 58) */		std	%f6,[%o2+408]
-/* 0x04dc	     (58 59) */		std	%f6,[%o2+416]
-/* 0x04e0	     (59 60) */		std	%f6,[%o2+424]
-/* 0x04e4	     (60 61) */		std	%f6,[%o2+432]
-/* 0x04e8	     (61 62) */		std	%f6,[%o2+440]
-/* 0x04ec	     (62 63) */		std	%f6,[%o2+448]
-/* 0x04f0	     (63 64) */		std	%f6,[%o2+456]
-/* 0x04f4	     (64 65) */		std	%f6,[%o2+464]
-/* 0x04f8	     (65 66) */		std	%f6,[%o2+472]
-/* 0x04fc	     (66 67) */		std	%f6,[%o2+480]
-/* 0x0500	     (67 68) */		std	%f6,[%o2+488]
-/* 0x0504	     (68 69) */		std	%f6,[%o2+496]
-/* 0x0508	     (69 70) */		std	%f6,[%o2+504]
-/* 0x050c	     (70 71) */		std	%f6,[%o2+512]
-/* 0x0510	     (71 72) */		std	%f6,[%o2+520]
-/* 0x0514	 242 (72 75) */		ld	[%g4],%f2 ! dalign
-/* 0x0518	     (73 76) */		ld	[%g2],%f6 ! dalign
-/* 0x051c	     (74 77) */		fxtod	%f2,%f10
-/* 0x0520	     (74 77) */		ld	[%g2+4],%f7
-/* 0x0524	     (75 78) */		ld	[%g3],%f8 ! dalign
-/* 0x0528	     (76 79) */		ld	[%g3+4],%f9
-/* 0x052c	     (77 80) */		fmuld	%f10,%f0,%f0
-/* 0x0530	 239 (77 80) */		ldd	[%i4],%f4
-/* 0x0534	 240 (78 81) */		ldd	[%i1],%f2
-/* 0x0538	     (80 83) */		fmuld	%f0,%f6,%f6
-/* 0x053c	     (83 86) */		fdtox	%f6,%f6
-/* 0x0540	     (86 89) */		fxtod	%f6,%f6
-/* 0x0544	     (89 92) */		fmuld	%f6,%f8,%f6
-/* 0x0548	     (92 95) */		fsubd	%f0,%f6,%f0
-/* 0x054c	 250 (95 98) */		fmuld	%f4,%f0,%f10
-                                   .L900000747:		/* frequency 6.4 confidence 0.0 */
-
-
-	fmovd %f0,%f0
-	fmovd %f16,%f18
-	ldd [%i4],%f2
-	ldd [%o2],%f8
-	ldd [%i1],%f10
-	ldd [%g4-8],%f14
-	ldd [%g4-16],%f16
-	ldd [%o1],%f24
-
-	ldd [%i1+8],%f26
-	ldd [%i1+16],%f40
-	ldd [%i1+48],%f46
-	ldd [%i1+56],%f30
-	ldd [%i1+64],%f54
-	ldd [%i1+104],%f34
-	ldd [%i1+112],%f58
-
-	ldd [%i4+112],%f60
-	ldd [%i4+8],%f28	
-	ldd [%i4+104],%f38
-
-	nop
-	nop
-!
-	.L99999999:
-!1
-!!!
-	ldd	[%i1+24],%f32
-	fmuld	%f0,%f2,%f4
-!2
-!!!
-	ldd	[%i4+24],%f36
-	fmuld	%f26,%f24,%f20
-!3
-!!!
-	ldd	[%i1+40],%f42
-	fmuld	%f28,%f0,%f22
-!4
-!!!
-	ldd	[%i4+40],%f44
-	fmuld	%f32,%f24,%f32
-!5
-!!!
-	ldd	[%o1+8],%f6
-	faddd	%f4,%f8,%f4
-	fmuld	%f36,%f0,%f36
-!6
-!!!
-	add	%o1,8,%o1
-	ldd	[%i4+56],%f50
-	fmuld	%f42,%f24,%f42
-!7
-!!!
-	ldd	[%i1+72],%f52
-	faddd	%f20,%f22,%f20
-	fmuld	%f44,%f0,%f44
-!8
-!!!
-	ldd	[%o2+16],%f22
-	fmuld	%f10,%f6,%f12
-!9
-!!!
-	ldd	[%i4+72],%f56
-	faddd	%f32,%f36,%f32
-	fmuld	%f14,%f4,%f4
-!10
-!!!
-	ldd	[%o2+48],%f36
-	fmuld	%f30,%f24,%f48
-!11
-!!!
-	ldd	[%o2+8],%f8
-	faddd	%f20,%f22,%f20
-	fmuld	%f50,%f0,%f50	
-!12
-!!!
-	std	%f20,[%o2+16]
-	faddd	%f42,%f44,%f42
-	fmuld	%f52,%f24,%f52
-!13
-!!!
-	ldd	[%o2+80],%f44
-	faddd	%f4,%f12,%f4
-	fmuld	%f56,%f0,%f56
-!14
-!!!
-	ldd	[%i1+88],%f20
-	faddd	%f32,%f36,%f32
-!15
-!!!
-	ldd	[%i4+88],%f22
-	faddd	%f48,%f50,%f48
-!16
-!!!
-	ldd	[%o2+112],%f50
-	faddd	%f52,%f56,%f52
-!17
-!!!
-	ldd	[%o2+144],%f56
-	faddd	%f4,%f8,%f8
-	fmuld	%f20,%f24,%f20
-!18
-!!!
-	std	%f32,[%o2+48]
-	faddd	%f42,%f44,%f42
-	fmuld	%f22,%f0,%f22
-!19
-!!!
-	std	%f42,[%o2+80]
-	faddd	%f48,%f50,%f48
-	fmuld	%f34,%f24,%f32
-!20
-!!!
-	std	%f48,[%o2+112]
-	faddd	%f52,%f56,%f52
-	fmuld	%f38,%f0,%f36
-!21
-!!!
-	ldd	[%i1+120],%f42
-	fdtox	%f8,%f4
-!22
-!!!
-	std	%f52,[%o2+144]
-	faddd	%f20,%f22,%f20
-!23
-!!!
-	ldd	[%i4+120],%f44
-!24
-!!!
-	ldd	[%o2+176],%f22
-	faddd	%f32,%f36,%f32
-	fmuld	%f42,%f24,%f42
-!25
-!!!
-	ldd	[%i4+16],%f50
-	fmovs	%f17,%f4
-!26
-!!!
-	ldd	[%i1+32],%f52
-	fmuld	%f44,%f0,%f44
-!27
-!!!
-	ldd	[%i4+32],%f56
-	fmuld	%f40,%f24,%f48
-!28
-!!!
-	ldd	[%o2+208],%f36
-	faddd	%f20,%f22,%f20
-	fmuld	%f50,%f0,%f50
-!29
-!!!
-	std	%f20,[%o2+176]
-	fxtod	%f4,%f4
-	fmuld	%f52,%f24,%f52
-!30
-!!!
-	ldd	[%i4+48],%f22
-	faddd	%f42,%f44,%f42
-	fmuld	%f56,%f0,%f56
-!31
-!!!
-	ldd	[%o2+240],%f44
-	faddd	%f32,%f36,%f32
-!32
-!!!
-	std	%f32,[%o2+208]
-	faddd	%f48,%f50,%f48
-	fmuld	%f46,%f24,%f20
-!33
-!!!
-	ldd	[%o2+32],%f50
-	fmuld	%f4,%f18,%f12
-!34
-!!!
-	ldd	[%i4+64],%f36
-	faddd	%f52,%f56,%f52
-	fmuld	%f22,%f0,%f22
-!35
-!!!
-	ldd	[%o2+64],%f56
-	faddd	%f42,%f44,%f42
-!36
-!!!
-	std	%f42,[%o2+240]
-	faddd	%f48,%f50,%f48
-	fmuld	%f54,%f24,%f32
-!37
-!!!
-	std	%f48,[%o2+32]
-	fmuld	%f12,%f14,%f4
-!38
-!!!
-	ldd	[%i1+80],%f42
-	faddd	%f52,%f56,%f56	! yes, tmp52!
-	fmuld	%f36,%f0,%f36
-!39
-!!!
-	ldd	[%i4+80],%f44
-	faddd	%f20,%f22,%f20
-!40
-!!!
-	ldd	[%i1+96],%f48
-	fmuld	%f58,%f24,%f52
-!41
-!!!
-	ldd	[%i4+96],%f50
-	fdtox	%f4,%f4
-	fmuld	%f42,%f24,%f42
-!42
-!!!
-	std	%f56,[%o2+64]	! yes, tmp52!
-	faddd	%f32,%f36,%f32
-	fmuld	%f44,%f0,%f44
-!43
-!!!
-	ldd	[%o2+96],%f22
-	fmuld	%f48,%f24,%f48
-!44
-!!!
-	ldd	[%o2+128],%f36
-	fmovd	%f6,%f24
-	fmuld	%f50,%f0,%f50
-!45
-!!!
-	fxtod	%f4,%f4
-	fmuld	%f60,%f0,%f56
-!46
-!!!
-	add	%o2,8,%o2
-	faddd	%f42,%f44,%f42
-!47
-!!!
-	ldd	[%o2+160-8],%f44
-	faddd	%f20,%f22,%f20
-!48
-!!!
-	std	%f20,[%o2+96-8]
-	faddd	%f48,%f50,%f48
-!49
-!!!
-	ldd	[%o2+192-8],%f50
-	faddd	%f52,%f56,%f52
-	fmuld	%f4,%f16,%f4
-!50
-!!!
-	ldd	[%o2+224-8],%f56
-	faddd	%f32,%f36,%f32
-!51
-!!!
-	std	%f32,[%o2+128-8]
-	faddd	%f42,%f44,%f42
-!52
-	add	%o3,1,%o3
-	std	%f42,[%o2+160-8]
-	faddd	%f48,%f50,%f48
-!53
-!!!
-	cmp	%o3,31
-	std	%f48,[%o2+192-8]
-	faddd	%f52,%f56,%f52
-!54
-	std	%f52,[%o2+224-8]
-	ble,pt	%icc,.L99999999
-	fsubd	%f12,%f4,%f0
-
-
-
-!55
-	std %f8,[%o2]
-
-	
-	
-	
-	
-	
-	                                   .L77000285:		/* frequency 1.0 confidence 0.0 */
-/* 0x07a8	 279 ( 0  1) */		sll	%g1,4,%g2
-                                   .L900000748:		/* frequency 1.0 confidence 0.0 */
-/* 0x07ac	 279 ( 0  3) */		ldd	[%g5+%g2],%f0
-/* 0x07b0	     ( 0  1) */		add	%g5,%g2,%i1
-/* 0x07b4	     ( 0  1) */		or	%g0,0,%o4
-/* 0x07b8	 206 ( 1  4) */		ld	[%fp+68],%o0
-/* 0x07bc	 279 ( 1  2) */		or	%g0,0,%i0
-/* 0x07c0	     ( 1  2) */		cmp	%g1,0
-/* 0x07c4	     ( 2  5) */		fdtox	%f0,%f0
-/* 0x07c8	     ( 2  3) */		std	%f0,[%sp+120]
-/* 0x07cc	 275 ( 2  3) */		sethi	%hi(0xfc00),%o1
-/* 0x07d0	 206 ( 3  4) */		or	%g0,%o0,%o3
-/* 0x07d4	 275 ( 3  4) */		sub	%g1,1,%g4
-/* 0x07d8	 279 ( 4  7) */		ldd	[%i1+8],%f0
-/* 0x07dc	     ( 4  5) */		or	%g0,%o0,%g5
-/* 0x07e0	     ( 4  5) */		add	%o1,1023,%o1
-/* 0x07e4	     ( 6  9) */		fdtox	%f0,%f0
-/* 0x07e8	     ( 6  7) */		std	%f0,[%sp+112]
-/* 0x07ec	     (10 12) */		ldx	[%sp+112],%o5
-/* 0x07f0	     (11 13) */		ldx	[%sp+120],%o7
-/* 0x07f4	     (11 12) */		ble,pt	%icc,.L900000746	! tprob=0.56
-/* 0x07f8	     (11 12) */		sethi	%hi(0xfc00),%g2
-/* 0x07fc	 275 (12 13) */		or	%g0,-1,%g2
-/* 0x0800	 279 (12 13) */		cmp	%g1,3
-/* 0x0804	 275 (13 14) */		srl	%g2,0,%o2
-/* 0x0808	 279 (13 14) */		bl,pn	%icc,.L77000286	! tprob=0.44
-/* 0x080c	     (13 14) */		or	%g0,%i1,%g2
-/* 0x0810	     (14 17) */		ldd	[%i1+16],%f0
-/* 0x0814	     (14 15) */		and	%o5,%o1,%o0
-/* 0x0818	     (14 15) */		add	%i1,16,%g2
-/* 0x081c	     (15 16) */		sllx	%o0,16,%g3
-/* 0x0820	     (15 16) */		and	%o7,%o2,%o0
-/* 0x0824	     (16 19) */		fdtox	%f0,%f0
-/* 0x0828	     (16 17) */		std	%f0,[%sp+104]
-/* 0x082c	     (16 17) */		add	%o0,%g3,%o4
-/* 0x0830	     (17 20) */		ldd	[%i1+24],%f2
-/* 0x0834	     (17 18) */		srax	%o5,16,%o0
-/* 0x0838	     (17 18) */		add	%o3,4,%g5
-/* 0x083c	     (18 19) */		stx	%o0,[%sp+128]
-/* 0x0840	     (18 19) */		and	%o4,%o2,%o0
-/* 0x0844	     (18 19) */		or	%g0,1,%i0
-/* 0x0848	     (19 20) */		stx	%o0,[%sp+112]
-/* 0x084c	     (19 20) */		srax	%o4,32,%o0
-/* 0x0850	     (19 22) */		fdtox	%f2,%f0
-/* 0x0854	     (20 21) */		stx	%o0,[%sp+136]
-/* 0x0858	     (20 21) */		srax	%o7,32,%o4
-/* 0x085c	     (21 22) */		std	%f0,[%sp+96]
-/* 0x0860	     (22 24) */		ldx	[%sp+136],%o7
-/* 0x0864	     (23 25) */		ldx	[%sp+128],%o0
-/* 0x0868	     (25 27) */		ldx	[%sp+104],%g3
-/* 0x086c	     (25 26) */		add	%o0,%o7,%o0
-/* 0x0870	     (26 28) */		ldx	[%sp+112],%o7
-/* 0x0874	     (26 27) */		add	%o4,%o0,%o4
-/* 0x0878	     (27 29) */		ldx	[%sp+96],%o5
-/* 0x087c	     (28 29) */		st	%o7,[%o3]
-/* 0x0880	     (28 29) */		or	%g0,%g3,%o7
-                                   .L900000730:		/* frequency 64.0 confidence 0.0 */
-/* 0x0884	     (17 19) */		ldd	[%g2+16],%f0
-/* 0x0888	     (17 18) */		add	%i0,1,%i0
-/* 0x088c	     (17 18) */		add	%g5,4,%g5
-/* 0x0890	     (18 18) */		cmp	%i0,%g4
-/* 0x0894	     (18 19) */		add	%g2,16,%g2
-/* 0x0898	     (19 22) */		fdtox	%f0,%f0
-/* 0x089c	     (20 21) */		std	%f0,[%sp+104]
-/* 0x08a0	     (21 23) */		ldd	[%g2+8],%f0
-/* 0x08a4	     (23 26) */		fdtox	%f0,%f0
-/* 0x08a8	     (24 25) */		std	%f0,[%sp+96]
-/* 0x08ac	     (25 26) */		and	%o5,%o1,%g3
-/* 0x08b0	     (26 27) */		sllx	%g3,16,%g3
-/* 0x08b4	     ( 0  0) */		stx	%g3,[%sp+120]
-/* 0x08b8	     (26 27) */		and	%o7,%o2,%g3
-/* 0x08bc	     ( 0  0) */		stx	%o7,[%sp+128]
-/* 0x08c0	     ( 0  0) */		ldx	[%sp+120],%o7
-/* 0x08c4	     (27 27) */		add	%g3,%o7,%g3
-/* 0x08c8	     ( 0  0) */		ldx	[%sp+128],%o7
-/* 0x08cc	     (28 29) */		srax	%o5,16,%o5
-/* 0x08d0	     (28 28) */		add	%g3,%o4,%g3
-/* 0x08d4	     (29 30) */		srax	%g3,32,%o4
-/* 0x08d8	     ( 0  0) */		stx	%o4,[%sp+112]
-/* 0x08dc	     (30 31) */		srax	%o7,32,%o4
-/* 0x08e0	     ( 0  0) */		ldx	[%sp+112],%o7
-/* 0x08e4	     (30 31) */		add	%o5,%o7,%o7
-/* 0x08e8	     (31 33) */		ldx	[%sp+96],%o5
-/* 0x08ec	     (31 32) */		add	%o4,%o7,%o4
-/* 0x08f0	     (32 33) */		and	%g3,%o2,%g3
-/* 0x08f4	     ( 0  0) */		ldx	[%sp+104],%o7
-/* 0x08f8	     (33 34) */		ble,pt	%icc,.L900000730	! tprob=0.50
-/* 0x08fc	     (33 34) */		st	%g3,[%g5-4]
-                                   .L900000733:		/* frequency 8.0 confidence 0.0 */
-/* 0x0900	     ( 0  1) */		ba	.L900000746	! tprob=1.00
-/* 0x0904	     ( 0  1) */		sethi	%hi(0xfc00),%g2
-                                   .L77000286:		/* frequency 0.7 confidence 0.0 */
-/* 0x0908	     ( 0  3) */		ldd	[%g2+16],%f0
-                                   .L900000745:		/* frequency 6.4 confidence 0.0 */
-/* 0x090c	     ( 0  1) */		and	%o7,%o2,%o0
-/* 0x0910	     ( 0  1) */		and	%o5,%o1,%g3
-/* 0x0914	     ( 0  3) */		fdtox	%f0,%f0
-/* 0x0918	     ( 1  2) */		add	%o4,%o0,%o0
-/* 0x091c	     ( 1  2) */		std	%f0,[%sp+104]
-/* 0x0920	     ( 1  2) */		add	%i0,1,%i0
-/* 0x0924	     ( 2  3) */		sllx	%g3,16,%o4
-/* 0x0928	     ( 2  5) */		ldd	[%g2+24],%f2
-/* 0x092c	     ( 2  3) */		add	%g2,16,%g2
-/* 0x0930	     ( 3  4) */		add	%o0,%o4,%o4
-/* 0x0934	     ( 3  4) */		cmp	%i0,%g4
-/* 0x0938	     ( 4  5) */		srax	%o5,16,%o0
-/* 0x093c	     ( 4  5) */		stx	%o0,[%sp+112]
-/* 0x0940	     ( 4  5) */		and	%o4,%o2,%g3
-/* 0x0944	     ( 5  6) */		srax	%o4,32,%o5
-/* 0x0948	     ( 5  8) */		fdtox	%f2,%f0
-/* 0x094c	     ( 5  6) */		std	%f0,[%sp+96]
-/* 0x0950	     ( 6  7) */		srax	%o7,32,%o4
-/* 0x0954	     ( 6  8) */		ldx	[%sp+112],%o7
-/* 0x0958	     ( 8  9) */		add	%o7,%o5,%o7
-/* 0x095c	     ( 9 11) */		ldx	[%sp+104],%o5
-/* 0x0960	     ( 9 10) */		add	%o4,%o7,%o4
-/* 0x0964	     (10 12) */		ldx	[%sp+96],%o0
-/* 0x0968	     (11 12) */		st	%g3,[%g5]
-/* 0x096c	     (11 12) */		or	%g0,%o5,%o7
-/* 0x0970	     (11 12) */		add	%g5,4,%g5
-/* 0x0974	     (12 13) */		or	%g0,%o0,%o5
-/* 0x0978	     (12 13) */		ble,a,pt	%icc,.L900000745	! tprob=0.86
-/* 0x097c	     (12 15) */		ldd	[%g2+16],%f0
-                                   .L77000236:		/* frequency 1.0 confidence 0.0 */
-/* 0x0980	     ( 0  1) */		sethi	%hi(0xfc00),%g2
-                                   .L900000746:		/* frequency 1.0 confidence 0.0 */
-/* 0x0984	     ( 0  1) */		or	%g0,-1,%o0
-/* 0x0988	     ( 0  1) */		add	%g2,1023,%g2
-/* 0x098c	     ( 0  3) */		ld	[%fp+88],%o1
-/* 0x0990	     ( 1  2) */		srl	%o0,0,%g3
-/* 0x0994	     ( 1  2) */		and	%o5,%g2,%g2
-/* 0x0998	     ( 2  3) */		and	%o7,%g3,%g4
-/* 0x099c	 281 ( 2  3) */		or	%g0,-1,%o5
-/* 0x09a0	 275 ( 3  4) */		sllx	%g2,16,%g2
-/* 0x09a4	     ( 3  4) */		add	%o4,%g4,%g4
-/* 0x09a8	     ( 4  5) */		add	%g4,%g2,%g2
-/* 0x09ac	     ( 5  6) */		sll	%i0,2,%g4
-/* 0x09b0	     ( 5  6) */		and	%g2,%g3,%g2
-/* 0x09b4	     ( 6  7) */		st	%g2,[%o3+%g4]
-/* 0x09b8	 281 ( 6  7) */		sll	%g1,2,%g2
-/* 0x09bc	     ( 7 10) */		ld	[%o3+%g2],%g2
-/* 0x09c0	     ( 9 10) */		cmp	%g2,0
-/* 0x09c4	     ( 9 10) */		bleu,pn	%icc,.L77000241	! tprob=0.50
-/* 0x09c8	     ( 9 10) */		or	%g0,%o1,%o2
-/* 0x09cc	     (10 11) */		ba	.L900000744	! tprob=1.00
-/* 0x09d0	     (10 11) */		cmp	%o5,0
-                                   .L77000241:		/* frequency 0.8 confidence 0.0 */
-/* 0x09d4	     ( 0  1) */		subcc	%g1,1,%o5
-/* 0x09d8	     ( 0  1) */		bneg,pt	%icc,.L900000744	! tprob=0.60
-/* 0x09dc	     ( 1  2) */		cmp	%o5,0
-/* 0x09e0	     ( 1  2) */		sll	%o5,2,%g2
-/* 0x09e4	     ( 2  3) */		add	%o1,%g2,%o0
-/* 0x09e8	     ( 2  3) */		add	%o3,%g2,%o4
-/* 0x09ec	     ( 3  6) */		ld	[%o0],%g2
-                                   .L900000743:		/* frequency 5.3 confidence 0.0 */
-/* 0x09f0	     ( 0  3) */		ld	[%o4],%g3
-/* 0x09f4	     ( 0  1) */		add	%o0,4,%o0
-/* 0x09f8	     ( 0  1) */		add	%o4,4,%o4
-/* 0x09fc	     ( 2  3) */		cmp	%g3,%g2
-/* 0x0a00	     ( 2  3) */		bne,pn	%icc,.L77000244	! tprob=0.16
-/* 0x0a04	     ( 2  3) */		nop
-/* 0x0a08	     ( 3  4) */		addcc	%o5,1,%o5
-/* 0x0a0c	     ( 3  4) */		bpos,a,pt	%icc,.L900000743	! tprob=0.84
-/* 0x0a10	     ( 3  6) */		ld	[%o0],%g2
-                                   .L77000244:		/* frequency 1.0 confidence 0.0 */
-/* 0x0a14	     ( 0  1) */		cmp	%o5,0
-                                   .L900000744:		/* frequency 1.0 confidence 0.0 */
-/* 0x0a18	     ( 0  1) */		bl,pn	%icc,.L77000287	! tprob=0.50
-/* 0x0a1c	     ( 0  1) */		sll	%o5,2,%g2
-/* 0x0a20	     ( 1  4) */		ld	[%o2+%g2],%g3
-/* 0x0a24	     ( 2  5) */		ld	[%o3+%g2],%g2
-/* 0x0a28	     ( 4  5) */		cmp	%g2,%g3
-/* 0x0a2c	     ( 4  5) */		bleu,pt	%icc,.L77000224	! tprob=0.56
-/* 0x0a30	     ( 4  5) */		nop
-                                   .L77000287:		/* frequency 0.8 confidence 0.0 */
-/* 0x0a34	     ( 0  1) */		cmp	%g1,0
-/* 0x0a38	     ( 0  1) */		ble,pt	%icc,.L77000224	! tprob=0.60
-/* 0x0a3c	     ( 0  1) */		nop
-/* 0x0a40	 281 ( 1  2) */		sub	%g1,1,%o7
-/* 0x0a44	     ( 1  2) */		or	%g0,-1,%g2
-/* 0x0a48	     ( 2  3) */		srl	%g2,0,%o4
-/* 0x0a4c	     ( 2  3) */		add	%o7,1,%o0
-/* 0x0a50	 279 ( 3  4) */		or	%g0,0,%o5
-/* 0x0a54	     ( 3  4) */		or	%g0,0,%g1
-/* 0x0a58	     ( 4  5) */		cmp	%o0,3
-/* 0x0a5c	     ( 4  5) */		bl,pn	%icc,.L77000288	! tprob=0.40
-/* 0x0a60	     ( 4  5) */		add	%o3,8,%o1
-/* 0x0a64	     ( 5  6) */		add	%o2,4,%o0
-/* 0x0a68	     ( 5  8) */		ld	[%o1-8],%g2
-/* 0x0a6c	   0 ( 5  6) */		or	%g0,%o1,%o3
-/* 0x0a70	 279 ( 6  9) */		ld	[%o0-4],%g3
-/* 0x0a74	   0 ( 6  7) */		or	%g0,%o0,%o2
-/* 0x0a78	 279 ( 6  7) */		or	%g0,2,%g1
-/* 0x0a7c	     ( 7 10) */		ld	[%o3-4],%o0
-/* 0x0a80	     ( 8  9) */		sub	%g2,%g3,%g2
-/* 0x0a84	     ( 9 10) */		or	%g0,%g2,%o5
-/* 0x0a88	     ( 9 10) */		and	%g2,%o4,%g2
-/* 0x0a8c	     ( 9 10) */		st	%g2,[%o3-8]
-/* 0x0a90	     (10 11) */		srax	%o5,32,%o5
-                                   .L900000734:		/* frequency 64.0 confidence 0.0 */
-/* 0x0a94	     (12 20) */		ld	[%o2],%g2
-/* 0x0a98	     (12 13) */		add	%g1,1,%g1
-/* 0x0a9c	     (12 13) */		add	%o2,4,%o2
-/* 0x0aa0	     (13 13) */		cmp	%g1,%o7
-/* 0x0aa4	     (13 14) */		add	%o3,4,%o3
-/* 0x0aa8	     (14 14) */		sub	%o0,%g2,%o0
-/* 0x0aac	     (15 15) */		add	%o0,%o5,%o5
-/* 0x0ab0	     (16 17) */		and	%o5,%o4,%g2
-/* 0x0ab4	     (16 24) */		ld	[%o3-4],%o0
-/* 0x0ab8	     (17 18) */		st	%g2,[%o3-8]
-/* 0x0abc	     (17 18) */		ble,pt	%icc,.L900000734	! tprob=0.50
-/* 0x0ac0	     (17 18) */		srax	%o5,32,%o5
-                                   .L900000737:		/* frequency 8.0 confidence 0.0 */
-/* 0x0ac4	     ( 0  3) */		ld	[%o2],%o1
-/* 0x0ac8	     ( 2  3) */		sub	%o0,%o1,%o0
-/* 0x0acc	     ( 3  4) */		add	%o0,%o5,%o0
-/* 0x0ad0	     ( 4  5) */		and	%o0,%o4,%o1
-/* 0x0ad4	     ( 4  5) */		st	%o1,[%o3-4]
-/* 0x0ad8	     ( 5  7) */		ret	! Result = 
-/* 0x0adc	     ( 7  8) */		restore	%g0,%g0,%g0
-                                   .L77000288:		/* frequency 0.6 confidence 0.0 */
-/* 0x0ae0	     ( 0  3) */		ld	[%o3],%o0
-                                   .L900000742:		/* frequency 5.3 confidence 0.0 */
-/* 0x0ae4	     ( 0  3) */		ld	[%o2],%o1
-/* 0x0ae8	     ( 0  1) */		add	%o5,%o0,%o0
-/* 0x0aec	     ( 0  1) */		add	%g1,1,%g1
-/* 0x0af0	     ( 1  2) */		add	%o2,4,%o2
-/* 0x0af4	     ( 1  2) */		cmp	%g1,%o7
-/* 0x0af8	     ( 2  3) */		sub	%o0,%o1,%o0
-/* 0x0afc	     ( 3  4) */		and	%o0,%o4,%o1
-/* 0x0b00	     ( 3  4) */		st	%o1,[%o3]
-/* 0x0b04	     ( 3  4) */		add	%o3,4,%o3
-/* 0x0b08	     ( 4  5) */		srax	%o0,32,%o5
-/* 0x0b0c	     ( 4  5) */		ble,a,pt	%icc,.L900000742	! tprob=0.84
-/* 0x0b10	     ( 4  7) */		ld	[%o3],%o0
-                                   .L77000224:		/* frequency 1.0 confidence 0.0 */
-/* 0x0b14	     ( 0  2) */		ret	! Result = 
-/* 0x0b18	     ( 2  3) */		restore	%g0,%g0,%g0
-/* 0x0b1c	   0 ( 0  0) */		.type	mont_mulf_noconv,2
-/* 0x0b1c	     ( 0  0) */		.size	mont_mulf_noconv,(.-mont_mulf_noconv)
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.il b/security/nss/lib/freebl/mpi/montmulfv8.il
deleted file mode 100644
index b3dd734b6..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv8.il
+++ /dev/null
@@ -1,137 +0,0 @@
-!  
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is inline macros for SPARC Montgomery multiply functions.
-!  
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!  
-!   $Id$
-!  
-
-!
-! double upper32(double /*frs1*/);
-!
-        .inline upper32,8
-        std     %o0,[%sp+0x48]
-        ldd     [%sp+0x48],%f10
-
-	fdtox	%f10,%f10
-	fitod	%f10,%f0
-        .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
-        .inline lower32,8
-        std     %o0,[%sp+0x48]
-        ldd     [%sp+0x48],%f10
-        std     %o2,[%sp+0x48]
-        ldd     [%sp+0x48],%f12
-
-	fdtox	%f10,%f10
-	fmovs	%f12,%f10
-	fxtod	%f10,%f0
-        .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
-        .inline mod,12
-        std     %o0,[%sp+0x48]
-        ldd     [%sp+0x48],%f2
-        std     %o2,[%sp+0x48]
-        ldd     [%sp+0x48],%f4
-        std     %o4,[%sp+0x48]
-        ldd     [%sp+0x48],%f6
-
-	fmuld	%f2,%f4,%f4
-	fdtox	%f4,%f4
-	fxtod	%f4,%f4
-	fmuld	%f4,%f6,%f4
-	fsubd	%f2,%f4,%f0
-        .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-!			    double * /* 0 */,
-!			    double * /*result16*/, double * /* result32 */
-!			    float *  /*source - should be unsigned int*
-!		            	       converted to float* */);
-!
-        .inline i16_to_d16_and_d32x4,24
-        ldd     [%o0],%f2  ! 1/(2^16)
-        ldd     [%o1],%f4  ! 2^16
-	ldd	[%o2],%f22
-
-	fmovd	%f22,%f6
-	ld	[%o5],%f7
-	fmovd	%f22,%f10
-	ld	[%o5+4],%f11
-	fmovd	%f22,%f14
-	ld	[%o5+8],%f15
-	fmovd	%f22,%f18
-	ld	[%o5+12],%f19
-	fxtod	%f6,%f6
-	std	%f6,[%o4]
-	fxtod	%f10,%f10
-	std	%f10,[%o4+8]
-	fxtod	%f14,%f14
-	std	%f14,[%o4+16]
-	fxtod	%f18,%f18
-	std	%f18,[%o4+24]
-	fmuld	%f2,%f6,%f8
-	fmuld	%f2,%f10,%f12
-	fmuld	%f2,%f14,%f16
-	fmuld	%f2,%f18,%f20
-	fdtox	%f8,%f8
-	fdtox	%f12,%f12
-	fdtox	%f16,%f16
-	fdtox	%f20,%f20
-	fxtod	%f8,%f8
-	std	%f8,[%o3+8]
-	fxtod	%f12,%f12
-	std	%f12,[%o3+24]
-	fxtod	%f16,%f16
-	std	%f16,[%o3+40]
-	fxtod	%f20,%f20
-	std	%f20,[%o3+56]
-	fmuld	%f8,%f4,%f8
-	fmuld	%f12,%f4,%f12
-	fmuld	%f16,%f4,%f16
-	fmuld	%f20,%f4,%f20
-	fsubd	%f6,%f8,%f8
-	std	%f8,[%o3]
-	fsubd	%f10,%f12,%f12
-	std	%f12,[%o3+16]
-	fsubd	%f14,%f16,%f16
-	std	%f16,[%o3+32]
-	fsubd	%f18,%f20,%f20
-	std	%f20,[%o3+48]
-        .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.s b/security/nss/lib/freebl/mpi/montmulfv8.s
deleted file mode 100644
index ac74a530d..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv8.s
+++ /dev/null
@@ -1,1847 +0,0 @@
-!  
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!   
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!  
-!   $Id$
-!  
-
-	.section	".text",#alloc,#execinstr
-	.file	"montmulf.c"
-
-	.section	".rodata",#alloc
-	.global	TwoTo16
-	.align	8
-!
-! CONSTANT POOL
-!
-	.global TwoTo16
-TwoTo16:
-	.word	1089470464
-	.word	0
-	.type	TwoTo16,#object
-	.size	TwoTo16,8
-	.global	TwoToMinus16
-!
-! CONSTANT POOL
-!
-	.global TwoToMinus16
-TwoToMinus16:
-	.word	1055916032
-	.word	0
-	.type	TwoToMinus16,#object
-	.size	TwoToMinus16,8
-	.global	Zero
-!
-! CONSTANT POOL
-!
-	.global Zero
-Zero:
-	.word	0
-	.word	0
-	.type	Zero,#object
-	.size	Zero,8
-	.global	TwoTo32
-!
-! CONSTANT POOL
-!
-	.global TwoTo32
-TwoTo32:
-	.word	1106247680
-	.word	0
-	.type	TwoTo32,#object
-	.size	TwoTo32,8
-	.global	TwoToMinus32
-!
-! CONSTANT POOL
-!
-	.global TwoToMinus32
-TwoToMinus32:
-	.word	1039138816
-	.word	0
-	.type	TwoToMinus32,#object
-	.size	TwoToMinus32,8
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	4
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_d16_to_i32
-                       conv_d16_to_i32:
-/* 000000	     */		save	%sp,-128,%sp
-! FILE montmulf.c
-
-!   36		      !#define RF_INLINE_MACROS
-!   38		      !static const double TwoTo16=65536.0;
-!   39		      !static const double TwoToMinus16=1.0/65536.0;
-!   40		      !static const double Zero=0.0;
-!   41		      !static const double TwoTo32=65536.0*65536.0;
-!   42		      !static const double TwoToMinus32=1.0/(65536.0*65536.0);
-!   44		      !#ifdef RF_INLINE_MACROS
-!   46		      !double upper32(double);
-!   47		      !double lower32(double, double);
-!   48		      !double mod(double, double, double);
-!   50		      !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/, 
-!   51		      !			  const double * /* 2^16*/,
-!   52		      !			  const double * /* 0 */,
-!   53		      !			  double *       /*result16*/, 
-!   54		      !			  double *       /* result32 */,
-!   55		      !			  float *  /*source - should be unsigned int*
-!   56		      !		          	       converted to float* */);
-!   58		      !#else
-!   60		      !static double upper32(double x)
-!   61		      !{
-!   62		      !  return floor(x*TwoToMinus32);
-!   63		      !}
-!   65		      !static double lower32(double x, double y)
-!   66		      !{
-!   67		      !  return x-TwoTo32*floor(x*TwoToMinus32);
-!   68		      !}
-!   70		      !static double mod(double x, double oneoverm, double m)
-!   71		      !{
-!   72		      !  return x-m*floor(x*oneoverm);
-!   73		      !}
-!   75		      !#endif
-!   78		      !static void cleanup(double *dt, int from, int tlen)
-!   79		      !{
-!   80		      ! int i;
-!   81		      ! double tmp,tmp1,x,x1;
-!   83		      ! tmp=tmp1=Zero;
-!   84		      ! /* original code **
-!   85		      ! for(i=2*from;i<2*tlen-2;i++)
-!   86		      !   {
-!   87		      !     x=dt[i];
-!   88		      !     dt[i]=lower32(x,Zero)+tmp1;
-!   89		      !     tmp1=tmp;
-!   90		      !     tmp=upper32(x);
-!   91		      !   }
-!   92		      ! dt[tlen-2]+=tmp1;
-!   93		      ! dt[tlen-1]+=tmp;
-!   94		      ! **end original code ***/
-!   95		      ! /* new code ***/
-!   96		      ! for(i=2*from;i<2*tlen;i+=2)
-!   97		      !   {
-!   98		      !     x=dt[i];
-!   99		      !     x1=dt[i+1];
-!  100		      !     dt[i]=lower32(x,Zero)+tmp;
-!  101		      !     dt[i+1]=lower32(x1,Zero)+tmp1;
-!  102		      !     tmp=upper32(x);
-!  103		      !     tmp1=upper32(x1);
-!  104		      !   }
-!  105		      !  /** end new code **/
-!  106		      !}
-!  109		      !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-!  110		      !{
-!  111		      !int i;
-!  112		      !long long t, t1, a, b, c, d;
-!  114		      ! t1=0;
-!  115		      ! a=(long long)d16[0];
-
-/* 0x0004	 115 */		ldd	[%i1],%f0
-/* 0x0008	 110 */		or	%g0,%i1,%o0
-
-!  116		      ! b=(long long)d16[1];
-!  117		      ! for(i=0; i<ilen-1; i++)
-
-/* 0x000c	 117 */		sub	%i3,1,%g2
-/* 0x0010	     */		cmp	%g2,0
-/* 0x0014	 114 */		or	%g0,0,%o4
-/* 0x0018	 115 */		fdtox	%f0,%f0
-/* 0x001c	     */		std	%f0,[%sp+120]
-/* 0x0020	 117 */		or	%g0,0,%o7
-/* 0x0024	 110 */		or	%g0,%i3,%o1
-/* 0x0028	     */		sub	%i3,2,%o2
-/* 0x002c	 116 */		ldd	[%o0+8],%f0
-/* 0x0030	 110 */		sethi	%hi(0xfc00),%o1
-/* 0x0034	     */		add	%o2,1,%g3
-/* 0x0038	     */		add	%o1,1023,%o1
-/* 0x003c	     */		or	%g0,%i0,%o5
-/* 0x0040	 116 */		fdtox	%f0,%f0
-/* 0x0044	     */		std	%f0,[%sp+112]
-/* 0x0048	     */		ldx	[%sp+112],%g1
-/* 0x004c	 115 */		ldx	[%sp+120],%g4
-/* 0x0050	 117 */		ble,pt	%icc,.L900000117
-/* 0x0054	     */		sethi	%hi(0xfc00),%g2
-/* 0x0058	 110 */		or	%g0,-1,%g2
-/* 0x005c	 117 */		cmp	%g3,3
-/* 0x0060	 110 */		srl	%g2,0,%o3
-/* 0x0064	 117 */		bl,pn	%icc,.L77000134
-/* 0x0068	     */		or	%g0,%o0,%g2
-
-!  118		      !   {
-!  119		      !     c=(long long)d16[2*i+2];
-
-/* 0x006c	 119 */		ldd	[%o0+16],%f0
-
-!  120		      !     t1+=a&0xffffffff;
-!  121		      !     t=(a>>32);
-!  122		      !     d=(long long)d16[2*i+3];
-!  123		      !     t1+=(b&0xffff)<<16;
-!  124		      !     t+=(b>>16)+(t1>>32);
-!  125		      !     i32[i]=t1&0xffffffff;
-!  126		      !     t1=t;
-!  127		      !     a=c;
-!  128		      !     b=d;
-
-/* 0x0070	 128 */		add	%o0,16,%g2
-/* 0x0074	 123 */		and	%g1,%o1,%o0
-/* 0x0078	     */		sllx	%o0,16,%g3
-/* 0x007c	 120 */		and	%g4,%o3,%o0
-/* 0x0080	 117 */		add	%o0,%g3,%o4
-/* 0x0084	 119 */		fdtox	%f0,%f0
-/* 0x0088	     */		std	%f0,[%sp+104]
-/* 0x008c	 125 */		and	%o4,%o3,%g5
-/* 0x0090	 122 */		ldd	[%g2+8],%f2
-/* 0x0094	 128 */		add	%o5,4,%o5
-/* 0x0098	 124 */		srax	%o4,32,%o4
-/* 0x009c	     */		stx	%o4,[%sp+112]
-/* 0x00a0	 122 */		fdtox	%f2,%f0
-/* 0x00a4	     */		std	%f0,[%sp+96]
-/* 0x00a8	 124 */		srax	%g1,16,%o0
-/* 0x00ac	     */		ldx	[%sp+112],%o7
-/* 0x00b0	 121 */		srax	%g4,32,%o4
-/* 0x00b4	 124 */		add	%o0,%o7,%g4
-/* 0x00b8	 128 */		or	%g0,1,%o7
-/* 0x00bc	 119 */		ldx	[%sp+104],%g3
-/* 0x00c0	 124 */		add	%o4,%g4,%o4
-/* 0x00c4	 122 */		ldx	[%sp+96],%g1
-/* 0x00c8	 125 */		st	%g5,[%o5-4]
-/* 0x00cc	 127 */		or	%g0,%g3,%g4
-                       .L900000112:
-/* 0x00d0	 119 */		ldd	[%g2+16],%f0
-/* 0x00d4	 128 */		add	%o7,1,%o7
-/* 0x00d8	     */		add	%o5,4,%o5
-/* 0x00dc	     */		cmp	%o7,%o2
-/* 0x00e0	     */		add	%g2,16,%g2
-/* 0x00e4	 119 */		fdtox	%f0,%f0
-/* 0x00e8	     */		std	%f0,[%sp+104]
-/* 0x00ec	 122 */		ldd	[%g2+8],%f0
-/* 0x00f0	     */		fdtox	%f0,%f0
-/* 0x00f4	     */		std	%f0,[%sp+96]
-/* 0x00f8	 123 */		and	%g1,%o1,%g3
-/* 0x00fc	     */		sllx	%g3,16,%g5
-/* 0x0100	 120 */		and	%g4,%o3,%g3
-/* 0x0104	 117 */		add	%g3,%g5,%g3
-/* 0x0108	 124 */		srax	%g1,16,%g1
-/* 0x010c	 117 */		add	%g3,%o4,%g3
-/* 0x0110	 124 */		srax	%g3,32,%o4
-/* 0x0114	     */		stx	%o4,[%sp+112]
-/* 0x0118	 119 */		ldx	[%sp+104],%g5
-/* 0x011c	 121 */		srax	%g4,32,%o4
-/* 0x0120	 124 */		ldx	[%sp+112],%g4
-/* 0x0124	     */		add	%g1,%g4,%g4
-/* 0x0128	 122 */		ldx	[%sp+96],%g1
-/* 0x012c	 124 */		add	%o4,%g4,%o4
-/* 0x0130	 125 */		and	%g3,%o3,%g3
-/* 0x0134	 127 */		or	%g0,%g5,%g4
-/* 0x0138	 128 */		ble,pt	%icc,.L900000112
-/* 0x013c	     */		st	%g3,[%o5-4]
-                       .L900000115:
-/* 0x0140	 128 */		ba	.L900000117
-/* 0x0144	     */		sethi	%hi(0xfc00),%g2
-                       .L77000134:
-/* 0x0148	 119 */		ldd	[%g2+16],%f0
-                       .L900000116:
-/* 0x014c	 120 */		and	%g4,%o3,%o0
-/* 0x0150	 123 */		and	%g1,%o1,%g3
-/* 0x0154	 119 */		fdtox	%f0,%f0
-/* 0x0158	 120 */		add	%o4,%o0,%o0
-/* 0x015c	 119 */		std	%f0,[%sp+104]
-/* 0x0160	 128 */		add	%o7,1,%o7
-/* 0x0164	 123 */		sllx	%g3,16,%o4
-/* 0x0168	 122 */		ldd	[%g2+24],%f2
-/* 0x016c	 128 */		add	%g2,16,%g2
-/* 0x0170	 123 */		add	%o0,%o4,%o0
-/* 0x0174	 128 */		cmp	%o7,%o2
-/* 0x0178	 125 */		and	%o0,%o3,%g3
-/* 0x017c	 122 */		fdtox	%f2,%f0
-/* 0x0180	     */		std	%f0,[%sp+96]
-/* 0x0184	 124 */		srax	%o0,32,%o0
-/* 0x0188	     */		stx	%o0,[%sp+112]
-/* 0x018c	 121 */		srax	%g4,32,%o4
-/* 0x0190	 122 */		ldx	[%sp+96],%o0
-/* 0x0194	 124 */		srax	%g1,16,%g5
-/* 0x0198	     */		ldx	[%sp+112],%g4
-/* 0x019c	 119 */		ldx	[%sp+104],%g1
-/* 0x01a0	 125 */		st	%g3,[%o5]
-/* 0x01a4	 124 */		add	%g5,%g4,%g4
-/* 0x01a8	 128 */		add	%o5,4,%o5
-/* 0x01ac	 124 */		add	%o4,%g4,%o4
-/* 0x01b0	 127 */		or	%g0,%g1,%g4
-/* 0x01b4	 128 */		or	%g0,%o0,%g1
-/* 0x01b8	     */		ble,a,pt	%icc,.L900000116
-/* 0x01bc	     */		ldd	[%g2+16],%f0
-                       .L77000127:
-
-!  129		      !   }
-!  130		      !     t1+=a&0xffffffff;
-!  131		      !     t=(a>>32);
-!  132		      !     t1+=(b&0xffff)<<16;
-!  133		      !     i32[i]=t1&0xffffffff;
-
-/* 0x01c0	 133 */		sethi	%hi(0xfc00),%g2
-                       .L900000117:
-/* 0x01c4	 133 */		or	%g0,-1,%g3
-/* 0x01c8	     */		add	%g2,1023,%g2
-/* 0x01cc	     */		srl	%g3,0,%g3
-/* 0x01d0	     */		and	%g1,%g2,%g2
-/* 0x01d4	     */		and	%g4,%g3,%g4
-/* 0x01d8	     */		sllx	%g2,16,%g2
-/* 0x01dc	     */		add	%o4,%g4,%g4
-/* 0x01e0	     */		add	%g4,%g2,%g2
-/* 0x01e4	     */		sll	%o7,2,%g4
-/* 0x01e8	     */		and	%g2,%g3,%g2
-/* 0x01ec	     */		st	%g2,[%i0+%g4]
-/* 0x01f0	     */		ret	! Result = 
-/* 0x01f4	     */		restore	%g0,%g0,%g0
-/* 0x01f8	   0 */		.type	conv_d16_to_i32,2
-/* 0x01f8	     */		.size	conv_d16_to_i32,(.-conv_d16_to_i32)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! CONSTANT POOL
-!
-                       .L_const_seg_900000201:
-/* 000000	   0 */		.word	1127219200,0
-/* 0x0008	   0 */		.align	4
-/* 0x0008	     */		.skip	16
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_i32_to_d32
-                       conv_i32_to_d32:
-/* 000000	     */		or	%g0,%o7,%g2
-
-!  135		      !}
-!  137		      !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-!  138		      !{
-!  139		      !int i;
-!  141		      !#pragma pipeloop(0)
-!  142		      ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004	 142 */		cmp	%o2,0
-                       .L900000210:
-/* 0x0008	     */		call	.+8
-/* 0x000c	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0010	 142 */		or	%g0,0,%o5
-/* 0x0014	 138 */		add	%g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0018	     */		or	%g0,%o0,%g5
-/* 0x001c	     */		add	%g4,%o7,%g1
-/* 0x0020	 142 */		ble,pt	%icc,.L77000140
-/* 0x0024	     */		or	%g0,%g2,%o7
-/* 0x0028	     */		sethi	%hi(.L_const_seg_900000201),%g2
-/* 0x002c	 138 */		or	%g0,%o1,%g4
-/* 0x0030	 142 */		add	%g2,%lo(.L_const_seg_900000201),%g2
-/* 0x0034	     */		sub	%o2,1,%g3
-/* 0x0038	     */		ld	[%g1+%g2],%g2
-/* 0x003c	     */		cmp	%o2,9
-/* 0x0040	     */		bl,pn	%icc,.L77000144
-/* 0x0044	     */		ldd	[%g2],%f8
-/* 0x0048	     */		add	%o1,16,%g4
-/* 0x004c	     */		sub	%o2,5,%g1
-/* 0x0050	     */		ld	[%o1],%f7
-/* 0x0054	     */		or	%g0,4,%o5
-/* 0x0058	     */		ld	[%o1+4],%f5
-/* 0x005c	     */		ld	[%o1+8],%f3
-/* 0x0060	     */		fmovs	%f8,%f6
-/* 0x0064	     */		ld	[%o1+12],%f1
-                       .L900000205:
-/* 0x0068	     */		ld	[%g4],%f11
-/* 0x006c	     */		add	%o5,5,%o5
-/* 0x0070	     */		add	%g4,20,%g4
-/* 0x0074	     */		fsubd	%f6,%f8,%f6
-/* 0x0078	     */		std	%f6,[%g5]
-/* 0x007c	     */		cmp	%o5,%g1
-/* 0x0080	     */		add	%g5,40,%g5
-/* 0x0084	     */		fmovs	%f8,%f4
-/* 0x0088	     */		ld	[%g4-16],%f7
-/* 0x008c	     */		fsubd	%f4,%f8,%f12
-/* 0x0090	     */		fmovs	%f8,%f2
-/* 0x0094	     */		std	%f12,[%g5-32]
-/* 0x0098	     */		ld	[%g4-12],%f5
-/* 0x009c	     */		fsubd	%f2,%f8,%f12
-/* 0x00a0	     */		fmovs	%f8,%f0
-/* 0x00a4	     */		std	%f12,[%g5-24]
-/* 0x00a8	     */		ld	[%g4-8],%f3
-/* 0x00ac	     */		fsubd	%f0,%f8,%f12
-/* 0x00b0	     */		fmovs	%f8,%f10
-/* 0x00b4	     */		std	%f12,[%g5-16]
-/* 0x00b8	     */		ld	[%g4-4],%f1
-/* 0x00bc	     */		fsubd	%f10,%f8,%f10
-/* 0x00c0	     */		fmovs	%f8,%f6
-/* 0x00c4	     */		ble,pt	%icc,.L900000205
-/* 0x00c8	     */		std	%f10,[%g5-8]
-                       .L900000208:
-/* 0x00cc	     */		fmovs	%f8,%f4
-/* 0x00d0	     */		add	%g5,32,%g5
-/* 0x00d4	     */		cmp	%o5,%g3
-/* 0x00d8	     */		fmovs	%f8,%f2
-/* 0x00dc	     */		fmovs	%f8,%f0
-/* 0x00e0	     */		fsubd	%f6,%f8,%f6
-/* 0x00e4	     */		std	%f6,[%g5-32]
-/* 0x00e8	     */		fsubd	%f4,%f8,%f4
-/* 0x00ec	     */		std	%f4,[%g5-24]
-/* 0x00f0	     */		fsubd	%f2,%f8,%f2
-/* 0x00f4	     */		std	%f2,[%g5-16]
-/* 0x00f8	     */		fsubd	%f0,%f8,%f0
-/* 0x00fc	     */		bg,pn	%icc,.L77000140
-/* 0x0100	     */		std	%f0,[%g5-8]
-                       .L77000144:
-/* 0x0104	     */		ld	[%g4],%f1
-                       .L900000211:
-/* 0x0108	     */		ldd	[%g2],%f8
-/* 0x010c	     */		add	%o5,1,%o5
-/* 0x0110	     */		add	%g4,4,%g4
-/* 0x0114	     */		cmp	%o5,%g3
-/* 0x0118	     */		fmovs	%f8,%f0
-/* 0x011c	     */		fsubd	%f0,%f8,%f0
-/* 0x0120	     */		std	%f0,[%g5]
-/* 0x0124	     */		add	%g5,8,%g5
-/* 0x0128	     */		ble,a,pt	%icc,.L900000211
-/* 0x012c	     */		ld	[%g4],%f1
-                       .L77000140:
-/* 0x0130	     */		retl	! Result = 
-/* 0x0134	     */		nop
-/* 0x0138	   0 */		.type	conv_i32_to_d32,2
-/* 0x0138	     */		.size	conv_i32_to_d32,(.-conv_i32_to_d32)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! CONSTANT POOL
-!
-                       .L_const_seg_900000301:
-/* 000000	   0 */		.word	1127219200,0
-/* 0x0008	   0 */		.align	4
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_i32_to_d16
-                       conv_i32_to_d16:
-/* 000000	     */		save	%sp,-104,%sp
-/* 0x0004	     */		or	%g0,%i2,%o0
-
-!  143		      !}
-!  146		      !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-!  147		      !{
-!  148		      !int i;
-!  149		      !unsigned int a;
-!  151		      !#pragma pipeloop(0)
-!  152		      ! for(i=0;i<len;i++)
-!  153		      !   {
-!  154		      !     a=i32[i];
-!  155		      !     d16[2*i]=(double)(a&0xffff);
-!  156		      !     d16[2*i+1]=(double)(a>>16);
-
-/* 0x0008	 156 */		sethi	%hi(.L_const_seg_900000301),%g2
-                       .L900000310:
-/* 0x000c	     */		call	.+8
-/* 0x0010	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x0014	 152 */		cmp	%o0,0
-/* 0x0018	 147 */		add	%g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x001c	 152 */		ble,pt	%icc,.L77000150
-/* 0x0020	     */		add	%g3,%o7,%o2
-/* 0x0024	     */		sub	%i2,1,%o5
-/* 0x0028	 156 */		add	%g2,%lo(.L_const_seg_900000301),%o1
-/* 0x002c	 152 */		sethi	%hi(0xfc00),%o0
-/* 0x0030	     */		ld	[%o2+%o1],%o3
-/* 0x0034	     */		add	%o5,1,%g2
-/* 0x0038	     */		or	%g0,0,%g1
-/* 0x003c	     */		cmp	%g2,3
-/* 0x0040	     */		or	%g0,%i1,%o7
-/* 0x0044	     */		add	%o0,1023,%o4
-/* 0x0048	     */		or	%g0,%i0,%g3
-/* 0x004c	     */		bl,pn	%icc,.L77000154
-/* 0x0050	     */		add	%o7,4,%o0
-/* 0x0054	 155 */		ldd	[%o3],%f0
-/* 0x0058	 156 */		or	%g0,1,%g1
-/* 0x005c	 154 */		ld	[%o0-4],%o1
-/* 0x0060	   0 */		or	%g0,%o0,%o7
-/* 0x0064	 155 */		and	%o1,%o4,%o0
-                       .L900000306:
-/* 0x0068	 155 */		st	%o0,[%sp+96]
-/* 0x006c	 156 */		add	%g1,1,%g1
-/* 0x0070	     */		add	%g3,16,%g3
-/* 0x0074	     */		cmp	%g1,%o5
-/* 0x0078	     */		add	%o7,4,%o7
-/* 0x007c	 155 */		ld	[%sp+96],%f3
-/* 0x0080	     */		fmovs	%f0,%f2
-/* 0x0084	     */		fsubd	%f2,%f0,%f2
-/* 0x0088	 156 */		srl	%o1,16,%o0
-/* 0x008c	 155 */		std	%f2,[%g3-16]
-/* 0x0090	 156 */		st	%o0,[%sp+92]
-/* 0x0094	     */		ld	[%sp+92],%f3
-/* 0x0098	 154 */		ld	[%o7-4],%o1
-/* 0x009c	 156 */		fmovs	%f0,%f2
-/* 0x00a0	     */		fsubd	%f2,%f0,%f2
-/* 0x00a4	 155 */		and	%o1,%o4,%o0
-/* 0x00a8	 156 */		ble,pt	%icc,.L900000306
-/* 0x00ac	     */		std	%f2,[%g3-8]
-                       .L900000309:
-/* 0x00b0	 155 */		st	%o0,[%sp+96]
-/* 0x00b4	     */		fmovs	%f0,%f2
-/* 0x00b8	 156 */		add	%g3,16,%g3
-/* 0x00bc	     */		srl	%o1,16,%o0
-/* 0x00c0	 155 */		ld	[%sp+96],%f3
-/* 0x00c4	     */		fsubd	%f2,%f0,%f2
-/* 0x00c8	     */		std	%f2,[%g3-16]
-/* 0x00cc	 156 */		st	%o0,[%sp+92]
-/* 0x00d0	     */		fmovs	%f0,%f2
-/* 0x00d4	     */		ld	[%sp+92],%f3
-/* 0x00d8	     */		fsubd	%f2,%f0,%f0
-/* 0x00dc	     */		std	%f0,[%g3-8]
-/* 0x00e0	     */		ret	! Result = 
-/* 0x00e4	     */		restore	%g0,%g0,%g0
-                       .L77000154:
-/* 0x00e8	 154 */		ld	[%o7],%o0
-                       .L900000311:
-/* 0x00ec	 155 */		and	%o0,%o4,%o1
-/* 0x00f0	     */		st	%o1,[%sp+96]
-/* 0x00f4	 156 */		add	%g1,1,%g1
-/* 0x00f8	 155 */		ldd	[%o3],%f0
-/* 0x00fc	 156 */		srl	%o0,16,%o0
-/* 0x0100	     */		add	%o7,4,%o7
-/* 0x0104	     */		cmp	%g1,%o5
-/* 0x0108	 155 */		fmovs	%f0,%f2
-/* 0x010c	     */		ld	[%sp+96],%f3
-/* 0x0110	     */		fsubd	%f2,%f0,%f2
-/* 0x0114	     */		std	%f2,[%g3]
-/* 0x0118	 156 */		st	%o0,[%sp+92]
-/* 0x011c	     */		fmovs	%f0,%f2
-/* 0x0120	     */		ld	[%sp+92],%f3
-/* 0x0124	     */		fsubd	%f2,%f0,%f0
-/* 0x0128	     */		std	%f0,[%g3+8]
-/* 0x012c	     */		add	%g3,16,%g3
-/* 0x0130	     */		ble,a,pt	%icc,.L900000311
-/* 0x0134	     */		ld	[%o7],%o0
-                       .L77000150:
-/* 0x0138	     */		ret	! Result = 
-/* 0x013c	     */		restore	%g0,%g0,%g0
-/* 0x0140	   0 */		.type	conv_i32_to_d16,2
-/* 0x0140	     */		.size	conv_i32_to_d16,(.-conv_i32_to_d16)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! CONSTANT POOL
-!
-                       .L_const_seg_900000401:
-/* 000000	   0 */		.word	1127219200,0
-/* 0x0008	   0 */		.align	4
-/* 0x0008	     */		.skip	16
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_i32_to_d32_and_d16
-                       conv_i32_to_d32_and_d16:
-/* 000000	     */		save	%sp,-120,%sp
-                       .L900000415:
-/* 0x0004	     */		call	.+8
-/* 0x0008	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
-
-!  157		      !   }
-!  158		      !}
-!  161		      !void conv_i32_to_d32_and_d16(double *d32, double *d16, 
-!  162		      !			     unsigned int *i32, int len)
-!  163		      !{
-!  164		      !int i = 0;
-!  165		      !unsigned int a;
-!  167		      !#pragma pipeloop(0)
-!  168		      !#ifdef RF_INLINE_MACROS
-!  169		      ! for(;i<len-3;i+=4)
-
-/* 0x000c	 169 */		sub	%i3,3,%g2
-/* 0x0010	     */		cmp	%g2,0
-/* 0x0014	 163 */		add	%g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
-
-!  170		      !   {
-!  171		      !     i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-!  172		      !			  &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x0018	 172 */		sethi	%hi(Zero),%g2
-/* 0x001c	 163 */		add	%g4,%o7,%o4
-/* 0x0020	 172 */		add	%g2,%lo(Zero),%g2
-/* 0x0024	     */		sethi	%hi(TwoToMinus16),%g3
-/* 0x0028	     */		ld	[%o4+%g2],%o1
-/* 0x002c	     */		sethi	%hi(TwoTo16),%g4
-/* 0x0030	     */		add	%g3,%lo(TwoToMinus16),%g2
-/* 0x0034	     */		ld	[%o4+%g2],%o3
-/* 0x0038	 164 */		or	%g0,0,%g5
-/* 0x003c	 172 */		add	%g4,%lo(TwoTo16),%g3
-/* 0x0040	     */		ld	[%o4+%g3],%o2
-/* 0x0044	 163 */		or	%g0,%i0,%i4
-/* 0x0048	 169 */		or	%g0,%i2,%o7
-/* 0x004c	     */		ble,pt	%icc,.L900000418
-/* 0x0050	     */		cmp	%g5,%i3
-/* 0x0054	 172 */		stx	%o7,[%sp+104]
-/* 0x0058	 169 */		sub	%i3,4,%o5
-/* 0x005c	     */		or	%g0,0,%g4
-/* 0x0060	     */		or	%g0,0,%g1
-                       .L900000417:
-/* 0x0064	     */		ldd	[%o1],%f2
-/* 0x0068	 172 */		add	%i4,%g4,%g2
-/* 0x006c	     */		add	%i1,%g1,%g3
-/* 0x0070	     */		ldd	[%o3],%f0
-/* 0x0074	     */		add	%g5,4,%g5
-/* 0x0078	     */		fmovd	%f2,%f14
-/* 0x007c	     */		ld	[%o7],%f15
-/* 0x0080	     */		cmp	%g5,%o5
-/* 0x0084	     */		fmovd	%f2,%f10
-/* 0x0088	     */		ld	[%o7+4],%f11
-/* 0x008c	     */		add	%o7,16,%o7
-/* 0x0090	     */		ldx	[%sp+104],%o0
-/* 0x0094	     */		fmovd	%f2,%f6
-/* 0x0098	     */		stx	%o7,[%sp+112]
-/* 0x009c	     */		fxtod	%f14,%f14
-/* 0x00a0	     */		ld	[%o0+8],%f7
-/* 0x00a4	     */		fxtod	%f10,%f10
-/* 0x00a8	     */		ld	[%o0+12],%f3
-/* 0x00ac	     */		fxtod	%f6,%f6
-/* 0x00b0	     */		ldd	[%o2],%f16
-/* 0x00b4	     */		fmuld	%f0,%f14,%f12
-/* 0x00b8	     */		fxtod	%f2,%f2
-/* 0x00bc	     */		fmuld	%f0,%f10,%f8
-/* 0x00c0	     */		std	%f14,[%i4+%g4]
-/* 0x00c4	     */		ldx	[%sp+112],%o7
-/* 0x00c8	     */		add	%g4,32,%g4
-/* 0x00cc	     */		fmuld	%f0,%f6,%f4
-/* 0x00d0	     */		fdtox	%f12,%f12
-/* 0x00d4	     */		std	%f10,[%g2+8]
-/* 0x00d8	     */		fmuld	%f0,%f2,%f0
-/* 0x00dc	     */		fdtox	%f8,%f8
-/* 0x00e0	     */		std	%f6,[%g2+16]
-/* 0x00e4	     */		std	%f2,[%g2+24]
-/* 0x00e8	     */		fdtox	%f4,%f4
-/* 0x00ec	     */		fdtox	%f0,%f0
-/* 0x00f0	     */		fxtod	%f12,%f12
-/* 0x00f4	     */		std	%f12,[%g3+8]
-/* 0x00f8	     */		fxtod	%f8,%f8
-/* 0x00fc	     */		std	%f8,[%g3+24]
-/* 0x0100	     */		fxtod	%f4,%f4
-/* 0x0104	     */		std	%f4,[%g3+40]
-/* 0x0108	     */		fxtod	%f0,%f0
-/* 0x010c	     */		std	%f0,[%g3+56]
-/* 0x0110	     */		fmuld	%f12,%f16,%f12
-/* 0x0114	     */		fmuld	%f8,%f16,%f8
-/* 0x0118	     */		fmuld	%f4,%f16,%f4
-/* 0x011c	     */		fsubd	%f14,%f12,%f12
-/* 0x0120	     */		std	%f12,[%i1+%g1]
-/* 0x0124	     */		fmuld	%f0,%f16,%f0
-/* 0x0128	     */		fsubd	%f10,%f8,%f8
-/* 0x012c	     */		std	%f8,[%g3+16]
-/* 0x0130	     */		add	%g1,64,%g1
-/* 0x0134	     */		fsubd	%f6,%f4,%f4
-/* 0x0138	     */		std	%f4,[%g3+32]
-/* 0x013c	     */		fsubd	%f2,%f0,%f0
-/* 0x0140	     */		std	%f0,[%g3+48]
-/* 0x0144	     */		ble,a,pt	%icc,.L900000417
-/* 0x0148	     */		stx	%o7,[%sp+104]
-                       .L77000159:
-
-!  173		      !   }
-!  174		      !#endif
-!  175		      ! for(;i<len;i++)
-
-/* 0x014c	 175 */		cmp	%g5,%i3
-                       .L900000418:
-/* 0x0150	 175 */		bge,pt	%icc,.L77000164
-/* 0x0154	     */		nop
-
-!  176		      !   {
-!  177		      !     a=i32[i];
-!  178		      !     d32[i]=(double)(i32[i]);
-!  179		      !     d16[2*i]=(double)(a&0xffff);
-!  180		      !     d16[2*i+1]=(double)(a>>16);
-
-/* 0x0158	 180 */		sethi	%hi(.L_const_seg_900000401),%g2
-/* 0x015c	     */		add	%g2,%lo(.L_const_seg_900000401),%o1
-/* 0x0160	 175 */		sethi	%hi(0xfc00),%o0
-/* 0x0164	     */		ld	[%o4+%o1],%o2
-/* 0x0168	     */		sll	%g5,2,%o3
-/* 0x016c	     */		sub	%i3,%g5,%g3
-/* 0x0170	     */		sll	%g5,3,%g2
-/* 0x0174	     */		add	%o0,1023,%o4
-/* 0x0178	 178 */		ldd	[%o2],%f0
-/* 0x017c	     */		add	%i2,%o3,%o0
-/* 0x0180	 175 */		cmp	%g3,3
-/* 0x0184	     */		add	%i4,%g2,%o3
-/* 0x0188	     */		sub	%i3,1,%o1
-/* 0x018c	     */		sll	%g5,4,%g4
-/* 0x0190	     */		bl,pn	%icc,.L77000161
-/* 0x0194	     */		add	%i1,%g4,%o5
-/* 0x0198	 178 */		ld	[%o0],%f3
-/* 0x019c	 180 */		add	%o3,8,%o3
-/* 0x01a0	 177 */		ld	[%o0],%o7
-/* 0x01a4	 180 */		add	%o5,16,%o5
-/* 0x01a8	     */		add	%g5,1,%g5
-/* 0x01ac	 178 */		fmovs	%f0,%f2
-/* 0x01b0	 180 */		add	%o0,4,%o0
-/* 0x01b4	 179 */		and	%o7,%o4,%g1
-/* 0x01b8	 178 */		fsubd	%f2,%f0,%f2
-/* 0x01bc	     */		std	%f2,[%o3-8]
-/* 0x01c0	 180 */		srl	%o7,16,%o7
-/* 0x01c4	 179 */		st	%g1,[%sp+96]
-/* 0x01c8	     */		fmovs	%f0,%f2
-/* 0x01cc	     */		ld	[%sp+96],%f3
-/* 0x01d0	     */		fsubd	%f2,%f0,%f2
-/* 0x01d4	     */		std	%f2,[%o5-16]
-/* 0x01d8	 180 */		st	%o7,[%sp+92]
-/* 0x01dc	     */		fmovs	%f0,%f2
-/* 0x01e0	     */		ld	[%sp+92],%f3
-/* 0x01e4	     */		fsubd	%f2,%f0,%f2
-/* 0x01e8	     */		std	%f2,[%o5-8]
-                       .L900000411:
-/* 0x01ec	 178 */		ld	[%o0],%f3
-/* 0x01f0	 180 */		add	%g5,2,%g5
-/* 0x01f4	     */		add	%o5,32,%o5
-/* 0x01f8	 177 */		ld	[%o0],%o7
-/* 0x01fc	 180 */		cmp	%g5,%o1
-/* 0x0200	     */		add	%o3,16,%o3
-/* 0x0204	 178 */		fmovs	%f0,%f2
-/* 0x0208	     */		fsubd	%f2,%f0,%f2
-/* 0x020c	     */		std	%f2,[%o3-16]
-/* 0x0210	 179 */		and	%o7,%o4,%g1
-/* 0x0214	     */		st	%g1,[%sp+96]
-/* 0x0218	     */		ld	[%sp+96],%f3
-/* 0x021c	     */		fmovs	%f0,%f2
-/* 0x0220	     */		fsubd	%f2,%f0,%f2
-/* 0x0224	 180 */		srl	%o7,16,%o7
-/* 0x0228	 179 */		std	%f2,[%o5-32]
-/* 0x022c	 180 */		st	%o7,[%sp+92]
-/* 0x0230	     */		ld	[%sp+92],%f3
-/* 0x0234	     */		fmovs	%f0,%f2
-/* 0x0238	     */		fsubd	%f2,%f0,%f2
-/* 0x023c	     */		std	%f2,[%o5-24]
-/* 0x0240	     */		add	%o0,4,%o0
-/* 0x0244	 178 */		ld	[%o0],%f3
-/* 0x0248	 177 */		ld	[%o0],%o7
-/* 0x024c	 178 */		fmovs	%f0,%f2
-/* 0x0250	     */		fsubd	%f2,%f0,%f2
-/* 0x0254	     */		std	%f2,[%o3-8]
-/* 0x0258	 179 */		and	%o7,%o4,%g1
-/* 0x025c	     */		st	%g1,[%sp+96]
-/* 0x0260	     */		ld	[%sp+96],%f3
-/* 0x0264	     */		fmovs	%f0,%f2
-/* 0x0268	     */		fsubd	%f2,%f0,%f2
-/* 0x026c	 180 */		srl	%o7,16,%o7
-/* 0x0270	 179 */		std	%f2,[%o5-16]
-/* 0x0274	 180 */		st	%o7,[%sp+92]
-/* 0x0278	     */		ld	[%sp+92],%f3
-/* 0x027c	     */		fmovs	%f0,%f2
-/* 0x0280	     */		fsubd	%f2,%f0,%f2
-/* 0x0284	     */		std	%f2,[%o5-8]
-/* 0x0288	     */		bl,pt	%icc,.L900000411
-/* 0x028c	     */		add	%o0,4,%o0
-                       .L900000414:
-/* 0x0290	 180 */		cmp	%g5,%i3
-/* 0x0294	     */		bge,pn	%icc,.L77000164
-/* 0x0298	     */		nop
-                       .L77000161:
-/* 0x029c	 178 */		ld	[%o0],%f3
-                       .L900000416:
-/* 0x02a0	 178 */		ldd	[%o2],%f0
-/* 0x02a4	 180 */		add	%g5,1,%g5
-/* 0x02a8	 177 */		ld	[%o0],%o1
-/* 0x02ac	 180 */		add	%o0,4,%o0
-/* 0x02b0	     */		cmp	%g5,%i3
-/* 0x02b4	 178 */		fmovs	%f0,%f2
-/* 0x02b8	 179 */		and	%o1,%o4,%o7
-/* 0x02bc	 178 */		fsubd	%f2,%f0,%f2
-/* 0x02c0	     */		std	%f2,[%o3]
-/* 0x02c4	 180 */		srl	%o1,16,%o1
-/* 0x02c8	 179 */		st	%o7,[%sp+96]
-/* 0x02cc	 180 */		add	%o3,8,%o3
-/* 0x02d0	 179 */		fmovs	%f0,%f2
-/* 0x02d4	     */		ld	[%sp+96],%f3
-/* 0x02d8	     */		fsubd	%f2,%f0,%f2
-/* 0x02dc	     */		std	%f2,[%o5]
-/* 0x02e0	 180 */		st	%o1,[%sp+92]
-/* 0x02e4	     */		fmovs	%f0,%f2
-/* 0x02e8	     */		ld	[%sp+92],%f3
-/* 0x02ec	     */		fsubd	%f2,%f0,%f0
-/* 0x02f0	     */		std	%f0,[%o5+8]
-/* 0x02f4	     */		add	%o5,16,%o5
-/* 0x02f8	     */		bl,a,pt	%icc,.L900000416
-/* 0x02fc	     */		ld	[%o0],%f3
-                       .L77000164:
-/* 0x0300	     */		ret	! Result = 
-/* 0x0304	     */		restore	%g0,%g0,%g0
-/* 0x0308	   0 */		.type	conv_i32_to_d32_and_d16,2
-/* 0x0308	     */		.size	conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	4
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global adjust_montf_result
-                       adjust_montf_result:
-/* 000000	     */		or	%g0,%o2,%g5
-
-!  181		      !   }
-!  182		      !}
-!  185		      !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-!  186		      !{
-!  187		      !long long acc;
-!  188		      !int i;
-!  190		      ! if(i32[len]>0) i=-1;
-
-/* 0x0004	 190 */		or	%g0,-1,%g4
-/* 0x0008	     */		sll	%o2,2,%g1
-/* 0x000c	     */		ld	[%o0+%g1],%g1
-/* 0x0010	     */		cmp	%g1,0
-/* 0x0014	     */		bleu,pn	%icc,.L77000175
-/* 0x0018	     */		or	%g0,%o1,%o3
-/* 0x001c	     */		ba	.L900000511
-/* 0x0020	     */		cmp	%g4,0
-                       .L77000175:
-
-!  191		      ! else
-!  192		      !   {
-!  193		      !     for(i=len-1; i>=0; i--)
-
-/* 0x0024	 193 */		sub	%o2,1,%g4
-/* 0x0028	     */		sll	%g4,2,%g1
-/* 0x002c	     */		cmp	%g4,0
-/* 0x0030	     */		bl,pt	%icc,.L900000511
-/* 0x0034	     */		cmp	%g4,0
-/* 0x0038	     */		add	%o1,%g1,%g2
-
-!  194		      !       {
-!  195		      !	 if(i32[i]!=nint[i]) break;
-
-/* 0x003c	 195 */		ld	[%g2],%o5
-/* 0x0040	 193 */		add	%o0,%g1,%g3
-                       .L900000510:
-/* 0x0044	 195 */		ld	[%g3],%o2
-/* 0x0048	     */		sub	%g4,1,%g1
-/* 0x004c	     */		sub	%g2,4,%g2
-/* 0x0050	     */		sub	%g3,4,%g3
-/* 0x0054	     */		cmp	%o2,%o5
-/* 0x0058	     */		bne,pn	%icc,.L77000182
-/* 0x005c	     */		nop
-/* 0x0060	   0 */		or	%g0,%g1,%g4
-/* 0x0064	 195 */		cmp	%g1,0
-/* 0x0068	     */		bge,a,pt	%icc,.L900000510
-/* 0x006c	     */		ld	[%g2],%o5
-                       .L77000182:
-
-!  196		      !       }
-!  197		      !   }
-!  198		      ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x0070	 198 */		cmp	%g4,0
-                       .L900000511:
-/* 0x0074	 198 */		bl,pn	%icc,.L77000198
-/* 0x0078	     */		sll	%g4,2,%g2
-/* 0x007c	     */		ld	[%o1+%g2],%g1
-/* 0x0080	     */		ld	[%o0+%g2],%g2
-/* 0x0084	     */		cmp	%g2,%g1
-/* 0x0088	     */		bleu,pt	%icc,.L77000191
-/* 0x008c	     */		nop
-                       .L77000198:
-
-!  199		      !   {
-!  200		      !     acc=0;
-!  201		      !     for(i=0;i<len;i++)
-
-/* 0x0090	 201 */		cmp	%g5,0
-/* 0x0094	     */		ble,pt	%icc,.L77000191
-/* 0x0098	     */		nop
-/* 0x009c	     */		or	%g0,%g5,%g1
-/* 0x00a0	 198 */		or	%g0,-1,%g2
-/* 0x00a4	     */		srl	%g2,0,%g3
-/* 0x00a8	     */		sub	%g5,1,%g4
-/* 0x00ac	 200 */		or	%g0,0,%g5
-/* 0x00b0	 201 */		or	%g0,0,%o5
-/* 0x00b4	 198 */		or	%g0,%o0,%o4
-/* 0x00b8	     */		cmp	%g1,3
-/* 0x00bc	 201 */		bl,pn	%icc,.L77000199
-/* 0x00c0	     */		add	%o0,8,%g1
-/* 0x00c4	     */		add	%o1,4,%g2
-
-!  202		      !       {
-!  203		      !	 acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00c8	 203 */		ld	[%o0],%o2
-/* 0x00cc	     */		ld	[%o1],%o1
-/* 0x00d0	   0 */		or	%g0,%g1,%o4
-/* 0x00d4	     */		or	%g0,%g2,%o3
-/* 0x00d8	 203 */		ld	[%o0+4],%g1
-
-!  204		      !	 i32[i]=acc&0xffffffff;
-!  205		      !	 acc=acc>>32;
-
-/* 0x00dc	 205 */		or	%g0,2,%o5
-/* 0x00e0	 201 */		sub	%o2,%o1,%o2
-/* 0x00e4	     */		or	%g0,%o2,%g5
-/* 0x00e8	 204 */		and	%o2,%g3,%o2
-/* 0x00ec	     */		st	%o2,[%o0]
-/* 0x00f0	 205 */		srax	%g5,32,%g5
-                       .L900000505:
-/* 0x00f4	 203 */		ld	[%o3],%o2
-/* 0x00f8	 205 */		add	%o5,1,%o5
-/* 0x00fc	     */		add	%o3,4,%o3
-/* 0x0100	     */		cmp	%o5,%g4
-/* 0x0104	     */		add	%o4,4,%o4
-/* 0x0108	 201 */		sub	%g1,%o2,%g1
-/* 0x010c	     */		add	%g1,%g5,%g5
-/* 0x0110	 204 */		and	%g5,%g3,%o2
-/* 0x0114	 203 */		ld	[%o4-4],%g1
-/* 0x0118	 204 */		st	%o2,[%o4-8]
-/* 0x011c	 205 */		ble,pt	%icc,.L900000505
-/* 0x0120	     */		srax	%g5,32,%g5
-                       .L900000508:
-/* 0x0124	 203 */		ld	[%o3],%g2
-/* 0x0128	 201 */		sub	%g1,%g2,%g1
-/* 0x012c	     */		add	%g1,%g5,%g1
-/* 0x0130	 204 */		and	%g1,%g3,%g2
-/* 0x0134	     */		retl	! Result = 
-/* 0x0138	     */		st	%g2,[%o4-4]
-                       .L77000199:
-/* 0x013c	 203 */		ld	[%o4],%g1
-                       .L900000509:
-/* 0x0140	 203 */		ld	[%o3],%g2
-/* 0x0144	     */		add	%g5,%g1,%g1
-/* 0x0148	 205 */		add	%o5,1,%o5
-/* 0x014c	     */		add	%o3,4,%o3
-/* 0x0150	     */		cmp	%o5,%g4
-/* 0x0154	 203 */		sub	%g1,%g2,%g1
-/* 0x0158	 204 */		and	%g1,%g3,%g2
-/* 0x015c	     */		st	%g2,[%o4]
-/* 0x0160	 205 */		add	%o4,4,%o4
-/* 0x0164	     */		srax	%g1,32,%g5
-/* 0x0168	     */		ble,a,pt	%icc,.L900000509
-/* 0x016c	     */		ld	[%o4],%g1
-                       .L77000191:
-/* 0x0170	     */		retl	! Result = 
-/* 0x0174	     */		nop
-/* 0x0178	   0 */		.type	adjust_montf_result,2
-/* 0x0178	     */		.size	adjust_montf_result,(.-adjust_montf_result)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	4
-/* 000000	     */		.skip	16
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global mont_mulf_noconv
-                       mont_mulf_noconv:
-/* 000000	     */		save	%sp,-144,%sp
-                       .L900000646:
-/* 0x0004	     */		call	.+8
-/* 0x0008	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
-
-!  206		      !       }
-!  207		      !   }
-!  208		      !}
-!  213		      !/*
-!  214		      !** the lengths of the input arrays should be at least the following:
-!  215		      !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-!  216		      !** all of them should be different from one another
-!  217		      !**
-!  218		      !*/
-!  219		      !void mont_mulf_noconv(unsigned int *result,
-!  220		      !		     double *dm1, double *dm2, double *dt,
-!  221		      !		     double *dn, unsigned int *nint,
-!  222		      !		     int nlen, double dn0)
-!  223		      !{
-!  224		      ! int i, j, jj;
-!  225		      ! int tmp;
-!  226		      ! double digit, m2j, nextm2j, a, b;
-!  227		      ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-!  229		      ! pdm1=&(dm1[0]);
-!  230		      ! pdm2=&(dm2[0]);
-!  231		      ! pdn=&(dn[0]);
-!  232		      ! pdm2[2*nlen]=Zero;
-
-/* 0x000c	 232 */		ld	[%fp+92],%o1
-/* 0x0010	     */		sethi	%hi(Zero),%g2
-/* 0x0014	 223 */		ldd	[%fp+96],%f2
-/* 0x0018	     */		add	%g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
-/* 0x001c	 232 */		add	%g2,%lo(Zero),%g2
-/* 0x0020	 223 */		st	%i0,[%fp+68]
-/* 0x0024	     */		add	%g5,%o7,%o3
-
-!  234		      ! if (nlen!=16)
-!  235		      !   {
-!  236		      !     for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-!  238		      !     a=dt[0]=pdm1[0]*pdm2[0];
-!  239		      !     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-/* 0x0028	 239 */		sethi	%hi(TwoToMinus16),%g3
-/* 0x002c	 232 */		ld	[%o3+%g2],%l0
-/* 0x0030	 239 */		sethi	%hi(TwoTo16),%g4
-/* 0x0034	 223 */		or	%g0,%i2,%o2
-/* 0x0038	     */		fmovd	%f2,%f16
-/* 0x003c	     */		st	%i5,[%fp+88]
-/* 0x0040	 239 */		add	%g3,%lo(TwoToMinus16),%g2
-/* 0x0044	 223 */		or	%g0,%i1,%i2
-/* 0x0048	 232 */		ldd	[%l0],%f0
-/* 0x004c	 239 */		add	%g4,%lo(TwoTo16),%g3
-/* 0x0050	 223 */		or	%g0,%i3,%o0
-/* 0x0054	 232 */		sll	%o1,4,%g4
-/* 0x0058	 239 */		ld	[%o3+%g2],%g5
-/* 0x005c	 223 */		or	%g0,%i3,%i1
-/* 0x0060	 239 */		ld	[%o3+%g3],%g1
-/* 0x0064	 232 */		or	%g0,%o1,%i0
-/* 0x0068	     */		or	%g0,%o2,%i3
-/* 0x006c	 234 */		cmp	%o1,16
-/* 0x0070	     */		be,pn	%icc,.L77000279
-/* 0x0074	     */		std	%f0,[%o2+%g4]
-/* 0x0078	 236 */		sll	%o1,2,%g2
-/* 0x007c	     */		or	%g0,%o0,%o3
-/* 0x0080	 232 */		sll	%o1,1,%o1
-/* 0x0084	 236 */		add	%g2,2,%o2
-/* 0x0088	     */		cmp	%o2,0
-/* 0x008c	     */		ble,a,pt	%icc,.L900000660
-/* 0x0090	     */		ldd	[%i2],%f0
-
-!  241		      !     pdtj=&(dt[0]);
-!  242		      !     for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-!  243		      !       {
-!  244		      !	 m2j=pdm2[j];
-!  245		      !	 a=pdtj[0]+pdn[0]*digit;
-!  246		      !	 b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-!  247		      !	 pdtj[1]=b;
-!  249		      !#pragma pipeloop(0)
-!  250		      !	 for(i=1;i<nlen;i++)
-!  251		      !	   {
-!  252		      !	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-!  253		      !	   }
-!  254		      ! 	 if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-!  255		      !	 
-!  256		      !	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  257		      !       }
-!  258		      !   }
-!  259		      ! else
-!  260		      !   {
-!  261		      !     a=dt[0]=pdm1[0]*pdm2[0];
-!  263		      !     dt[65]=     dt[64]=     dt[63]=     dt[62]=     dt[61]=     dt[60]=
-!  264		      !     dt[59]=     dt[58]=     dt[57]=     dt[56]=     dt[55]=     dt[54]=
-!  265		      !     dt[53]=     dt[52]=     dt[51]=     dt[50]=     dt[49]=     dt[48]=
-!  266		      !     dt[47]=     dt[46]=     dt[45]=     dt[44]=     dt[43]=     dt[42]=
-!  267		      !     dt[41]=     dt[40]=     dt[39]=     dt[38]=     dt[37]=     dt[36]=
-!  268		      !     dt[35]=     dt[34]=     dt[33]=     dt[32]=     dt[31]=     dt[30]=
-!  269		      !     dt[29]=     dt[28]=     dt[27]=     dt[26]=     dt[25]=     dt[24]=
-!  270		      !     dt[23]=     dt[22]=     dt[21]=     dt[20]=     dt[19]=     dt[18]=
-!  271		      !     dt[17]=     dt[16]=     dt[15]=     dt[14]=     dt[13]=     dt[12]=
-!  272		      !     dt[11]=     dt[10]=     dt[ 9]=     dt[ 8]=     dt[ 7]=     dt[ 6]=
-!  273		      !     dt[ 5]=     dt[ 4]=     dt[ 3]=     dt[ 2]=     dt[ 1]=Zero;
-!  275		      !     pdn_0=pdn[0];
-!  276		      !     pdm1_0=pdm1[0];
-!  278		      !     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  279		      !     pdtj=&(dt[0]);
-!  281		      !     for(j=0;j<32;j++,pdtj++)
-
-/* 0x0094	 281 */		add	%g2,2,%o0
-/* 0x0098	 236 */		add	%g2,1,%o2
-/* 0x009c	 281 */		cmp	%o0,3
-/* 0x00a0	     */		bl,pn	%icc,.L77000280
-/* 0x00a4	     */		or	%g0,1,%o0
-/* 0x00a8	     */		add	%o3,8,%o3
-/* 0x00ac	     */		or	%g0,1,%o4
-/* 0x00b0	     */		std	%f0,[%o3-8]
-                       .L900000630:
-/* 0x00b4	     */		std	%f0,[%o3]
-/* 0x00b8	     */		add	%o4,2,%o4
-/* 0x00bc	     */		add	%o3,16,%o3
-/* 0x00c0	     */		cmp	%o4,%g2
-/* 0x00c4	     */		ble,pt	%icc,.L900000630
-/* 0x00c8	     */		std	%f0,[%o3-8]
-                       .L900000633:
-/* 0x00cc	     */		cmp	%o4,%o2
-/* 0x00d0	     */		bg,pn	%icc,.L77000285
-/* 0x00d4	     */		add	%o4,1,%o0
-                       .L77000280:
-/* 0x00d8	     */		std	%f0,[%o3]
-                       .L900000659:
-/* 0x00dc	     */		ldd	[%l0],%f0
-/* 0x00e0	     */		cmp	%o0,%o2
-/* 0x00e4	     */		add	%o3,8,%o3
-/* 0x00e8	     */		add	%o0,1,%o0
-/* 0x00ec	     */		ble,a,pt	%icc,.L900000659
-/* 0x00f0	     */		std	%f0,[%o3]
-                       .L77000285:
-/* 0x00f4	 238 */		ldd	[%i2],%f0
-                       .L900000660:
-/* 0x00f8	 238 */		ldd	[%i3],%f2
-/* 0x00fc	     */		add	%o1,1,%o2
-/* 0x0100	 242 */		cmp	%o1,0
-/* 0x0104	     */		sll	%o2,1,%o0
-/* 0x0108	     */		sub	%o1,1,%o1
-/* 0x010c	 238 */		fmuld	%f0,%f2,%f0
-/* 0x0110	     */		std	%f0,[%i1]
-/* 0x0114	   0 */		or	%g0,0,%l1
-/* 0x0118	     */		ldd	[%l0],%f6
-/* 0x011c	     */		or	%g0,0,%g4
-/* 0x0120	     */		or	%g0,%o2,%i5
-/* 0x0124	     */		ldd	[%g5],%f2
-/* 0x0128	     */		or	%g0,%o1,%g3
-/* 0x012c	     */		or	%g0,%o0,%o3
-/* 0x0130	     */		fdtox	%f0,%f0
-/* 0x0134	     */		ldd	[%g1],%f4
-/* 0x0138	 246 */		add	%i3,8,%o4
-/* 0x013c	     */		or	%g0,0,%l2
-/* 0x0140	     */		or	%g0,%i1,%o5
-/* 0x0144	     */		sub	%i0,1,%o7
-/* 0x0148	     */		fmovs	%f6,%f0
-/* 0x014c	     */		fxtod	%f0,%f0
-/* 0x0150	 239 */		fmuld	%f0,%f16,%f0
-/* 0x0154	     */		fmuld	%f0,%f2,%f2
-/* 0x0158	     */		fdtox	%f2,%f2
-/* 0x015c	     */		fxtod	%f2,%f2
-/* 0x0160	     */		fmuld	%f2,%f4,%f2
-/* 0x0164	     */		fsubd	%f0,%f2,%f22
-/* 0x0168	 242 */		ble,pt	%icc,.L900000653
-/* 0x016c	     */		sll	%i0,4,%g2
-/* 0x0170	 246 */		ldd	[%i4],%f0
-                       .L900000654:
-/* 0x0174	 246 */		fmuld	%f0,%f22,%f8
-/* 0x0178	     */		ldd	[%i2],%f0
-/* 0x017c	 250 */		cmp	%i0,1
-/* 0x0180	 246 */		ldd	[%o4+%l2],%f6
-/* 0x0184	     */		add	%i2,8,%o0
-/* 0x0188	 250 */		or	%g0,1,%o1
-/* 0x018c	 246 */		ldd	[%o5],%f2
-/* 0x0190	     */		add	%o5,16,%l3
-/* 0x0194	     */		fmuld	%f0,%f6,%f6
-/* 0x0198	     */		ldd	[%g5],%f4
-/* 0x019c	     */		faddd	%f2,%f8,%f2
-/* 0x01a0	     */		ldd	[%o5+8],%f0
-/* 0x01a4	 244 */		ldd	[%i3+%l2],%f20
-/* 0x01a8	 246 */		faddd	%f0,%f6,%f0
-/* 0x01ac	     */		fmuld	%f2,%f4,%f2
-/* 0x01b0	     */		faddd	%f0,%f2,%f18
-/* 0x01b4	 247 */		std	%f18,[%o5+8]
-/* 0x01b8	 250 */		ble,pt	%icc,.L900000658
-/* 0x01bc	     */		srl	%g4,31,%g2
-/* 0x01c0	     */		cmp	%o7,7
-/* 0x01c4	 246 */		add	%i4,8,%g2
-/* 0x01c8	 250 */		bl,pn	%icc,.L77000284
-/* 0x01cc	     */		add	%g2,24,%o2
-/* 0x01d0	 252 */		ldd	[%o0+24],%f12
-/* 0x01d4	     */		add	%o5,48,%l3
-/* 0x01d8	     */		ldd	[%o0],%f2
-/* 0x01dc	   0 */		or	%g0,%o2,%g2
-/* 0x01e0	 250 */		sub	%o7,2,%o2
-/* 0x01e4	 252 */		ldd	[%g2-24],%f0
-/* 0x01e8	     */		or	%g0,5,%o1
-/* 0x01ec	     */		ldd	[%o0+8],%f6
-/* 0x01f0	     */		fmuld	%f2,%f20,%f2
-/* 0x01f4	     */		ldd	[%o0+16],%f14
-/* 0x01f8	     */		fmuld	%f0,%f22,%f4
-/* 0x01fc	     */		add	%o0,32,%o0
-/* 0x0200	     */		ldd	[%g2-16],%f8
-/* 0x0204	     */		fmuld	%f6,%f20,%f10
-/* 0x0208	     */		ldd	[%o5+16],%f0
-/* 0x020c	     */		ldd	[%g2-8],%f6
-/* 0x0210	     */		faddd	%f2,%f4,%f4
-/* 0x0214	     */		ldd	[%o5+32],%f2
-                       .L900000642:
-/* 0x0218	 252 */		ldd	[%g2],%f24
-/* 0x021c	     */		add	%o1,3,%o1
-/* 0x0220	     */		add	%g2,24,%g2
-/* 0x0224	     */		fmuld	%f8,%f22,%f8
-/* 0x0228	     */		ldd	[%l3],%f28
-/* 0x022c	     */		cmp	%o1,%o2
-/* 0x0230	     */		add	%o0,24,%o0
-/* 0x0234	     */		ldd	[%o0-24],%f26
-/* 0x0238	     */		faddd	%f0,%f4,%f0
-/* 0x023c	     */		add	%l3,48,%l3
-/* 0x0240	     */		faddd	%f10,%f8,%f10
-/* 0x0244	     */		fmuld	%f14,%f20,%f4
-/* 0x0248	     */		std	%f0,[%l3-80]
-/* 0x024c	     */		ldd	[%g2-16],%f8
-/* 0x0250	     */		fmuld	%f6,%f22,%f6
-/* 0x0254	     */		ldd	[%l3-32],%f0
-/* 0x0258	     */		ldd	[%o0-16],%f14
-/* 0x025c	     */		faddd	%f2,%f10,%f2
-/* 0x0260	     */		faddd	%f4,%f6,%f10
-/* 0x0264	     */		fmuld	%f12,%f20,%f4
-/* 0x0268	     */		std	%f2,[%l3-64]
-/* 0x026c	     */		ldd	[%g2-8],%f6
-/* 0x0270	     */		fmuld	%f24,%f22,%f24
-/* 0x0274	     */		ldd	[%l3-16],%f2
-/* 0x0278	     */		ldd	[%o0-8],%f12
-/* 0x027c	     */		faddd	%f28,%f10,%f10
-/* 0x0280	     */		std	%f10,[%l3-48]
-/* 0x0284	     */		fmuld	%f26,%f20,%f10
-/* 0x0288	     */		ble,pt	%icc,.L900000642
-/* 0x028c	     */		faddd	%f4,%f24,%f4
-                       .L900000645:
-/* 0x0290	 252 */		fmuld	%f8,%f22,%f28
-/* 0x0294	     */		ldd	[%g2],%f24
-/* 0x0298	     */		faddd	%f0,%f4,%f26
-/* 0x029c	     */		fmuld	%f12,%f20,%f8
-/* 0x02a0	     */		add	%l3,32,%l3
-/* 0x02a4	     */		cmp	%o1,%o7
-/* 0x02a8	     */		fmuld	%f14,%f20,%f14
-/* 0x02ac	     */		ldd	[%l3-32],%f4
-/* 0x02b0	     */		add	%g2,8,%g2
-/* 0x02b4	     */		faddd	%f10,%f28,%f12
-/* 0x02b8	     */		fmuld	%f6,%f22,%f6
-/* 0x02bc	     */		ldd	[%l3-16],%f0
-/* 0x02c0	     */		fmuld	%f24,%f22,%f10
-/* 0x02c4	     */		std	%f26,[%l3-64]
-/* 0x02c8	     */		faddd	%f2,%f12,%f2
-/* 0x02cc	     */		std	%f2,[%l3-48]
-/* 0x02d0	     */		faddd	%f14,%f6,%f6
-/* 0x02d4	     */		faddd	%f8,%f10,%f2
-/* 0x02d8	     */		faddd	%f4,%f6,%f4
-/* 0x02dc	     */		std	%f4,[%l3-32]
-/* 0x02e0	     */		faddd	%f0,%f2,%f0
-/* 0x02e4	     */		bg,pn	%icc,.L77000213
-/* 0x02e8	     */		std	%f0,[%l3-16]
-                       .L77000284:
-/* 0x02ec	 252 */		ldd	[%o0],%f0
-                       .L900000657:
-/* 0x02f0	 252 */		ldd	[%g2],%f4
-/* 0x02f4	     */		fmuld	%f0,%f20,%f2
-/* 0x02f8	     */		add	%o1,1,%o1
-/* 0x02fc	     */		ldd	[%l3],%f0
-/* 0x0300	     */		add	%o0,8,%o0
-/* 0x0304	     */		add	%g2,8,%g2
-/* 0x0308	     */		fmuld	%f4,%f22,%f4
-/* 0x030c	     */		cmp	%o1,%o7
-/* 0x0310	     */		faddd	%f2,%f4,%f2
-/* 0x0314	     */		faddd	%f0,%f2,%f0
-/* 0x0318	     */		std	%f0,[%l3]
-/* 0x031c	     */		add	%l3,16,%l3
-/* 0x0320	     */		ble,a,pt	%icc,.L900000657
-/* 0x0324	     */		ldd	[%o0],%f0
-                       .L77000213:
-/* 0x0328	     */		srl	%g4,31,%g2
-                       .L900000658:
-/* 0x032c	 254 */		cmp	%l1,30
-/* 0x0330	     */		bne,a,pt	%icc,.L900000656
-/* 0x0334	     */		fdtox	%f18,%f0
-/* 0x0338	     */		add	%g4,%g2,%g2
-/* 0x033c	     */		sra	%g2,1,%o0
-/* 0x0340	 281 */		ldd	[%l0],%f0
-/* 0x0344	     */		sll	%i5,1,%o2
-/* 0x0348	     */		add	%o0,1,%g2
-/* 0x034c	     */		sll	%g2,1,%o0
-/* 0x0350	 254 */		sub	%o2,1,%o2
-/* 0x0354	 281 */		fmovd	%f0,%f2
-/* 0x0358	     */		sll	%g2,4,%o1
-/* 0x035c	     */		cmp	%o0,%o3
-/* 0x0360	     */		bge,pt	%icc,.L77000215
-/* 0x0364	     */		or	%g0,0,%l1
-/* 0x0368	 254 */		add	%i1,%o1,%o1
-/* 0x036c	 281 */		ldd	[%o1],%f6
-                       .L900000655:
-/* 0x0370	     */		fdtox	%f6,%f10
-/* 0x0374	     */		ldd	[%o1+8],%f4
-/* 0x0378	     */		add	%o0,2,%o0
-/* 0x037c	     */		ldd	[%l0],%f12
-/* 0x0380	     */		fdtox	%f6,%f6
-/* 0x0384	     */		cmp	%o0,%o2
-/* 0x0388	     */		fdtox	%f4,%f8
-/* 0x038c	     */		fdtox	%f4,%f4
-/* 0x0390	     */		fmovs	%f12,%f10
-/* 0x0394	     */		fmovs	%f12,%f8
-/* 0x0398	     */		fxtod	%f10,%f10
-/* 0x039c	     */		fxtod	%f8,%f8
-/* 0x03a0	     */		faddd	%f10,%f2,%f2
-/* 0x03a4	     */		std	%f2,[%o1]
-/* 0x03a8	     */		faddd	%f8,%f0,%f0
-/* 0x03ac	     */		std	%f0,[%o1+8]
-/* 0x03b0	     */		add	%o1,16,%o1
-/* 0x03b4	     */		fitod	%f6,%f2
-/* 0x03b8	     */		fitod	%f4,%f0
-/* 0x03bc	     */		ble,a,pt	%icc,.L900000655
-/* 0x03c0	     */		ldd	[%o1],%f6
-                       .L77000233:
-/* 0x03c4	     */		or	%g0,0,%l1
-                       .L77000215:
-/* 0x03c8	     */		fdtox	%f18,%f0
-                       .L900000656:
-/* 0x03cc	     */		ldd	[%l0],%f6
-/* 0x03d0	 256 */		add	%g4,1,%g4
-/* 0x03d4	     */		add	%l2,8,%l2
-/* 0x03d8	     */		ldd	[%g5],%f2
-/* 0x03dc	     */		add	%l1,1,%l1
-/* 0x03e0	     */		add	%o5,8,%o5
-/* 0x03e4	     */		fmovs	%f6,%f0
-/* 0x03e8	     */		ldd	[%g1],%f4
-/* 0x03ec	     */		cmp	%g4,%g3
-/* 0x03f0	     */		fxtod	%f0,%f0
-/* 0x03f4	     */		fmuld	%f0,%f16,%f0
-/* 0x03f8	     */		fmuld	%f0,%f2,%f2
-/* 0x03fc	     */		fdtox	%f2,%f2
-/* 0x0400	     */		fxtod	%f2,%f2
-/* 0x0404	     */		fmuld	%f2,%f4,%f2
-/* 0x0408	     */		fsubd	%f0,%f2,%f22
-/* 0x040c	     */		ble,a,pt	%icc,.L900000654
-/* 0x0410	     */		ldd	[%i4],%f0
-                       .L900000629:
-/* 0x0414	 256 */		ba	.L900000653
-/* 0x0418	     */		sll	%i0,4,%g2
-                       .L77000279:
-/* 0x041c	 261 */		ldd	[%o2],%f6
-/* 0x0420	 279 */		or	%g0,%o0,%o4
-/* 0x0424	 281 */		or	%g0,0,%o3
-/* 0x0428	 261 */		ldd	[%i2],%f4
-/* 0x042c	 273 */		std	%f0,[%o0+8]
-/* 0x0430	     */		std	%f0,[%o0+16]
-/* 0x0434	 261 */		fmuld	%f4,%f6,%f4
-/* 0x0438	     */		std	%f4,[%o0]
-/* 0x043c	 273 */		std	%f0,[%o0+24]
-/* 0x0440	     */		std	%f0,[%o0+32]
-/* 0x0444	     */		fdtox	%f4,%f4
-/* 0x0448	     */		std	%f0,[%o0+40]
-/* 0x044c	     */		std	%f0,[%o0+48]
-/* 0x0450	     */		std	%f0,[%o0+56]
-/* 0x0454	     */		std	%f0,[%o0+64]
-/* 0x0458	     */		std	%f0,[%o0+72]
-/* 0x045c	     */		std	%f0,[%o0+80]
-/* 0x0460	     */		std	%f0,[%o0+88]
-/* 0x0464	     */		std	%f0,[%o0+96]
-/* 0x0468	     */		std	%f0,[%o0+104]
-/* 0x046c	     */		std	%f0,[%o0+112]
-/* 0x0470	     */		std	%f0,[%o0+120]
-/* 0x0474	     */		std	%f0,[%o0+128]
-/* 0x0478	     */		std	%f0,[%o0+136]
-/* 0x047c	     */		std	%f0,[%o0+144]
-/* 0x0480	     */		std	%f0,[%o0+152]
-/* 0x0484	     */		std	%f0,[%o0+160]
-/* 0x0488	     */		std	%f0,[%o0+168]
-/* 0x048c	     */		fmovs	%f0,%f4
-/* 0x0490	     */		std	%f0,[%o0+176]
-/* 0x0494	 281 */		or	%g0,0,%o1
-/* 0x0498	 273 */		std	%f0,[%o0+184]
-/* 0x049c	     */		fxtod	%f4,%f4
-/* 0x04a0	     */		std	%f0,[%o0+192]
-/* 0x04a4	     */		std	%f0,[%o0+200]
-/* 0x04a8	     */		std	%f0,[%o0+208]
-/* 0x04ac	 278 */		fmuld	%f4,%f2,%f2
-/* 0x04b0	 273 */		std	%f0,[%o0+216]
-/* 0x04b4	     */		std	%f0,[%o0+224]
-/* 0x04b8	     */		std	%f0,[%o0+232]
-/* 0x04bc	     */		std	%f0,[%o0+240]
-/* 0x04c0	     */		std	%f0,[%o0+248]
-/* 0x04c4	     */		std	%f0,[%o0+256]
-/* 0x04c8	     */		std	%f0,[%o0+264]
-/* 0x04cc	     */		std	%f0,[%o0+272]
-/* 0x04d0	     */		std	%f0,[%o0+280]
-/* 0x04d4	     */		std	%f0,[%o0+288]
-/* 0x04d8	     */		std	%f0,[%o0+296]
-/* 0x04dc	     */		std	%f0,[%o0+304]
-/* 0x04e0	     */		std	%f0,[%o0+312]
-/* 0x04e4	     */		std	%f0,[%o0+320]
-/* 0x04e8	     */		std	%f0,[%o0+328]
-/* 0x04ec	     */		std	%f0,[%o0+336]
-/* 0x04f0	     */		std	%f0,[%o0+344]
-/* 0x04f4	     */		std	%f0,[%o0+352]
-/* 0x04f8	     */		std	%f0,[%o0+360]
-/* 0x04fc	     */		std	%f0,[%o0+368]
-/* 0x0500	     */		std	%f0,[%o0+376]
-/* 0x0504	     */		std	%f0,[%o0+384]
-/* 0x0508	     */		std	%f0,[%o0+392]
-/* 0x050c	     */		std	%f0,[%o0+400]
-/* 0x0510	     */		std	%f0,[%o0+408]
-/* 0x0514	     */		std	%f0,[%o0+416]
-/* 0x0518	     */		std	%f0,[%o0+424]
-/* 0x051c	     */		std	%f0,[%o0+432]
-/* 0x0520	     */		std	%f0,[%o0+440]
-/* 0x0524	     */		std	%f0,[%o0+448]
-/* 0x0528	     */		std	%f0,[%o0+456]
-/* 0x052c	     */		std	%f0,[%o0+464]
-/* 0x0530	     */		std	%f0,[%o0+472]
-/* 0x0534	     */		std	%f0,[%o0+480]
-/* 0x0538	     */		std	%f0,[%o0+488]
-/* 0x053c	     */		std	%f0,[%o0+496]
-/* 0x0540	     */		std	%f0,[%o0+504]
-/* 0x0544	     */		std	%f0,[%o0+512]
-/* 0x0548	     */		std	%f0,[%o0+520]
-/* 0x054c	     */		ldd	[%g5],%f0
-/* 0x0550	     */		ldd	[%g1],%f8
-/* 0x0554	     */		fmuld	%f2,%f0,%f6
-/* 0x0558	 275 */		ldd	[%i4],%f4
-/* 0x055c	 276 */		ldd	[%i2],%f0
-/* 0x0560	     */		fdtox	%f6,%f6
-/* 0x0564	     */		fxtod	%f6,%f6
-/* 0x0568	     */		fmuld	%f6,%f8,%f6
-/* 0x056c	     */		fsubd	%f2,%f6,%f2
-/* 0x0570	 286 */		fmuld	%f4,%f2,%f12
-
-!  282		      !       {
-!  284		      !	 m2j=pdm2[j];
-!  285		      !	 a=pdtj[0]+pdn_0*digit;
-!  286		      !	 b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-
-!  287		      !	 pdtj[1]=b;
-!  289		      !	 /**** this loop will be fully unrolled:
-!  290		      !	 for(i=1;i<16;i++)
-!  291		      !	   {
-!  292		      !	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-!  293		      !	   }
-!  294		      !	 *************************************/
-!  295		      !	     pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-!  296		      !	     pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-!  297		      !	     pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-!  298		      !	     pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-!  299		      !	     pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-!  300		      !	     pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-!  301		      !	     pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-!  302		      !	     pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-!  303		      !	     pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-!  304		      !	     pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-!  305		      !	     pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-!  306		      !	     pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-!  307		      !	     pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-!  308		      !	     pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-!  309		      !	     pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-!  310		      !	 /* no need for cleenup, cannot overflow */
-!  311		      !	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-	fmovd %f2,%f0		! hand modified
-	fmovd %f16,%f18			! hand modified
-	ldd [%i4],%f2
-	ldd [%o4],%f8
-	ldd [%i2],%f10
-	ldd [%g5],%f14		! hand modified
-	ldd [%g1],%f16		! hand modified
-	ldd [%i3],%f24
-
-	ldd [%i2+8],%f26
-	ldd [%i2+16],%f40
-	ldd [%i2+48],%f46
-	ldd [%i2+56],%f30
-	ldd [%i2+64],%f54
-	ldd [%i2+104],%f34
-	ldd [%i2+112],%f58
-
-	ldd [%i4+8],%f28	
-	ldd [%i4+104],%f38
-	ldd [%i4+112],%f60
-
-	.L99999999: 			!1
-	ldd	[%i2+24],%f32
-	fmuld	%f0,%f2,%f4 	!2
-	ldd	[%i4+24],%f36
-	fmuld	%f26,%f24,%f20 	!3
-	ldd	[%i2+40],%f42
-	fmuld	%f28,%f0,%f22 	!4
-	ldd	[%i4+40],%f44
-	fmuld	%f32,%f24,%f32 	!5
-	ldd	[%i3+8],%f6
-	faddd	%f4,%f8,%f4
-	fmuld	%f36,%f0,%f36 	!6
-	add	%i3,8,%i3
-	ldd	[%i4+56],%f50
-	fmuld	%f42,%f24,%f42 	!7
-	ldd	[%i2+72],%f52
-	faddd	%f20,%f22,%f20
-	fmuld	%f44,%f0,%f44 	!8
-	ldd	[%o4+16],%f22
-	fmuld	%f10,%f6,%f12 	!9
-	ldd	[%i4+72],%f56
-	faddd	%f32,%f36,%f32
-	fmuld	%f14,%f4,%f4 !10
-	ldd	[%o4+48],%f36
-	fmuld	%f30,%f24,%f48 	!11
-	ldd	[%o4+8],%f8
-	faddd	%f20,%f22,%f20
-	fmuld	%f50,%f0,%f50	!12
-	std	%f20,[%o4+16]
-	faddd	%f42,%f44,%f42
-	fmuld	%f52,%f24,%f52 	!13
-	ldd	[%o4+80],%f44
-	faddd	%f4,%f12,%f4
-	fmuld	%f56,%f0,%f56 	!14
-	ldd	[%i2+88],%f20
-	faddd	%f32,%f36,%f32 	!15
-	ldd	[%i4+88],%f22
-	faddd	%f48,%f50,%f48 	!16
-	ldd	[%o4+112],%f50
-	faddd	%f52,%f56,%f52 	!17
-	ldd	[%o4+144],%f56
-	faddd	%f4,%f8,%f8
-	fmuld	%f20,%f24,%f20 	!18
-	std	%f32,[%o4+48]
-	faddd	%f42,%f44,%f42
-	fmuld	%f22,%f0,%f22 	!19
-	std	%f42,[%o4+80]
-	faddd	%f48,%f50,%f48
-	fmuld	%f34,%f24,%f32 	!20
-	std	%f48,[%o4+112]
-	faddd	%f52,%f56,%f52
-	fmuld	%f38,%f0,%f36 	!21
-	ldd	[%i2+120],%f42
-	fdtox	%f8,%f4 		!22
-	std	%f52,[%o4+144]
-	faddd	%f20,%f22,%f20 	!23
-	ldd	[%i4+120],%f44 	!24
-	ldd	[%o4+176],%f22
-	faddd	%f32,%f36,%f32
-	fmuld	%f42,%f24,%f42 	!25
-	ldd	[%i4+16],%f50
-	fmovs	%f17,%f4 	!26
-	ldd	[%i2+32],%f52
-	fmuld	%f44,%f0,%f44 	!27
-	ldd	[%i4+32],%f56
-	fmuld	%f40,%f24,%f48 	!28
-	ldd	[%o4+208],%f36
-	faddd	%f20,%f22,%f20
-	fmuld	%f50,%f0,%f50 	!29
-	std	%f20,[%o4+176]
-	fxtod	%f4,%f4
-	fmuld	%f52,%f24,%f52 	!30
-	ldd	[%i4+48],%f22
-	faddd	%f42,%f44,%f42
-	fmuld	%f56,%f0,%f56 	!31
-	ldd	[%o4+240],%f44
-	faddd	%f32,%f36,%f32 	!32
-	std	%f32,[%o4+208]
-	faddd	%f48,%f50,%f48
-	fmuld	%f46,%f24,%f20 	!33
-	ldd	[%o4+32],%f50
-	fmuld	%f4,%f18,%f12 	!34
-	ldd	[%i4+64],%f36
-	faddd	%f52,%f56,%f52
-	fmuld	%f22,%f0,%f22 	!35
-	ldd	[%o4+64],%f56
-	faddd	%f42,%f44,%f42 	!36
-	std	%f42,[%o4+240]
-	faddd	%f48,%f50,%f48
-	fmuld	%f54,%f24,%f32 	!37
-	std	%f48,[%o4+32]
-	fmuld	%f12,%f14,%f4 !38
-	ldd	[%i2+80],%f42
-	faddd	%f52,%f56,%f56	! yes, tmp52!
-	fmuld	%f36,%f0,%f36 	!39
-	ldd	[%i4+80],%f44
-	faddd	%f20,%f22,%f20 	!40
-	ldd	[%i2+96],%f48
-	fmuld	%f58,%f24,%f52 	!41
-	ldd	[%i4+96],%f50
-	fdtox	%f4,%f4
-	fmuld	%f42,%f24,%f42 	!42
-	std	%f56,[%o4+64]	! yes, tmp52!
-	faddd	%f32,%f36,%f32
-	fmuld	%f44,%f0,%f44 	!43
-	ldd	[%o4+96],%f22
-	fmuld	%f48,%f24,%f48 	!44
-	ldd	[%o4+128],%f36
-	fmovd	%f6,%f24
-	fmuld	%f50,%f0,%f50 	!45
-	fxtod	%f4,%f4
-	fmuld	%f60,%f0,%f56 	!46
-	add	%o4,8,%o4
-	faddd	%f42,%f44,%f42 	!47
-	ldd	[%o4+160-8],%f44
-	faddd	%f20,%f22,%f20 	!48
-	std	%f20,[%o4+96-8]
-	faddd	%f48,%f50,%f48 	!49
-	ldd	[%o4+192-8],%f50
-	faddd	%f52,%f56,%f52
-	fmuld	%f4,%f16,%f4 	!50
-	ldd	[%o4+224-8],%f56
-	faddd	%f32,%f36,%f32 	!51
-	std	%f32,[%o4+128-8]
-	faddd	%f42,%f44,%f42 	!52
-	add	%o3,1,%o3
-	std	%f42,[%o4+160-8]
-	faddd	%f48,%f50,%f48 	!53
-	cmp	%o3,31
-	std	%f48,[%o4+192-8]
-	fsubd	%f12,%f4,%f0 	!54
-	faddd	%f52,%f56,%f52
-	ble,pt	%icc,.L99999999
-	std	%f52,[%o4+224-8] 	!55
-	std %f8,[%o4]
-
-!  312		      !       }
-!  313		      !   }
-!  315		      ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
-/* 0x07c8	 315 */		sll	%i0,4,%g2
-                       .L900000653:
-/* 0x07cc	 315 */		add	%i1,%g2,%i1
-/* 0x07d0	 242 */		ld	[%fp+68],%o0
-/* 0x07d4	 315 */		or	%g0,0,%o4
-/* 0x07d8	     */		ldd	[%i1],%f0
-/* 0x07dc	     */		or	%g0,0,%g5
-/* 0x07e0	     */		cmp	%i0,0
-/* 0x07e4	 242 */		or	%g0,%o0,%o3
-/* 0x07e8	 311 */		sub	%i0,1,%g1
-/* 0x07ec	 315 */		fdtox	%f0,%f0
-/* 0x07f0	     */		std	%f0,[%sp+120]
-/* 0x07f4	 311 */		sethi	%hi(0xfc00),%o1
-/* 0x07f8	     */		add	%g1,1,%g3
-/* 0x07fc	     */		or	%g0,%o0,%g4
-/* 0x0800	 315 */		ldd	[%i1+8],%f0
-/* 0x0804	     */		add	%o1,1023,%o1
-/* 0x0808	     */		fdtox	%f0,%f0
-/* 0x080c	     */		std	%f0,[%sp+112]
-/* 0x0810	     */		ldx	[%sp+112],%o5
-/* 0x0814	     */		ldx	[%sp+120],%o7
-/* 0x0818	     */		ble,pt	%icc,.L900000651
-/* 0x081c	     */		sethi	%hi(0xfc00),%g2
-/* 0x0820	 311 */		or	%g0,-1,%g2
-/* 0x0824	 315 */		cmp	%g3,3
-/* 0x0828	 311 */		srl	%g2,0,%o2
-/* 0x082c	 315 */		bl,pn	%icc,.L77000287
-/* 0x0830	     */		or	%g0,%i1,%g2
-/* 0x0834	     */		ldd	[%i1+16],%f0
-/* 0x0838	     */		and	%o5,%o1,%o0
-/* 0x083c	     */		add	%i1,16,%g2
-/* 0x0840	     */		sllx	%o0,16,%g3
-/* 0x0844	     */		and	%o7,%o2,%o0
-/* 0x0848	     */		fdtox	%f0,%f0
-/* 0x084c	     */		std	%f0,[%sp+104]
-/* 0x0850	     */		add	%o0,%g3,%o4
-/* 0x0854	     */		ldd	[%i1+24],%f2
-/* 0x0858	     */		srax	%o5,16,%o0
-/* 0x085c	     */		add	%o3,4,%g4
-/* 0x0860	     */		stx	%o0,[%sp+128]
-/* 0x0864	     */		and	%o4,%o2,%o0
-/* 0x0868	     */		stx	%o0,[%sp+112]
-/* 0x086c	     */		srax	%o4,32,%o0
-/* 0x0870	     */		fdtox	%f2,%f0
-/* 0x0874	     */		stx	%o0,[%sp+136]
-/* 0x0878	     */		srax	%o7,32,%o4
-/* 0x087c	     */		std	%f0,[%sp+96]
-/* 0x0880	     */		ldx	[%sp+128],%g5
-/* 0x0884	     */		ldx	[%sp+136],%o7
-/* 0x0888	     */		ldx	[%sp+104],%g3
-/* 0x088c	     */		add	%g5,%o7,%o0
-/* 0x0890	     */		or	%g0,1,%g5
-/* 0x0894	     */		ldx	[%sp+112],%o7
-/* 0x0898	     */		add	%o4,%o0,%o4
-/* 0x089c	     */		ldx	[%sp+96],%o5
-/* 0x08a0	     */		st	%o7,[%o3]
-/* 0x08a4	     */		or	%g0,%g3,%o7
-                       .L900000634:
-/* 0x08a8	     */		ldd	[%g2+16],%f0
-/* 0x08ac	     */		add	%g5,1,%g5
-/* 0x08b0	     */		add	%g4,4,%g4
-/* 0x08b4	     */		cmp	%g5,%g1
-/* 0x08b8	     */		add	%g2,16,%g2
-/* 0x08bc	     */		fdtox	%f0,%f0
-/* 0x08c0	     */		std	%f0,[%sp+104]
-/* 0x08c4	     */		ldd	[%g2+8],%f0
-/* 0x08c8	     */		fdtox	%f0,%f0
-/* 0x08cc	     */		std	%f0,[%sp+96]
-/* 0x08d0	     */		and	%o5,%o1,%g3
-/* 0x08d4	     */		sllx	%g3,16,%g3
-/* 0x08d8	     */		stx	%g3,[%sp+120]
-/* 0x08dc	     */		and	%o7,%o2,%g3
-/* 0x08e0	     */		stx	%o7,[%sp+128]
-/* 0x08e4	     */		ldx	[%sp+120],%o7
-/* 0x08e8	     */		add	%g3,%o7,%g3
-/* 0x08ec	     */		ldx	[%sp+128],%o7
-/* 0x08f0	     */		srax	%o5,16,%o5
-/* 0x08f4	     */		add	%g3,%o4,%g3
-/* 0x08f8	     */		srax	%g3,32,%o4
-/* 0x08fc	     */		stx	%o4,[%sp+112]
-/* 0x0900	     */		srax	%o7,32,%o4
-/* 0x0904	     */		ldx	[%sp+112],%o7
-/* 0x0908	     */		add	%o5,%o7,%o7
-/* 0x090c	     */		ldx	[%sp+96],%o5
-/* 0x0910	     */		add	%o4,%o7,%o4
-/* 0x0914	     */		and	%g3,%o2,%g3
-/* 0x0918	     */		ldx	[%sp+104],%o7
-/* 0x091c	     */		ble,pt	%icc,.L900000634
-/* 0x0920	     */		st	%g3,[%g4-4]
-                       .L900000637:
-/* 0x0924	     */		ba	.L900000651
-/* 0x0928	     */		sethi	%hi(0xfc00),%g2
-                       .L77000287:
-/* 0x092c	     */		ldd	[%g2+16],%f0
-                       .L900000650:
-/* 0x0930	     */		and	%o7,%o2,%o0
-/* 0x0934	     */		and	%o5,%o1,%g3
-/* 0x0938	     */		fdtox	%f0,%f0
-/* 0x093c	     */		add	%o4,%o0,%o0
-/* 0x0940	     */		std	%f0,[%sp+104]
-/* 0x0944	     */		add	%g5,1,%g5
-/* 0x0948	     */		sllx	%g3,16,%o4
-/* 0x094c	     */		ldd	[%g2+24],%f2
-/* 0x0950	     */		add	%g2,16,%g2
-/* 0x0954	     */		add	%o0,%o4,%o4
-/* 0x0958	     */		cmp	%g5,%g1
-/* 0x095c	     */		srax	%o5,16,%o0
-/* 0x0960	     */		stx	%o0,[%sp+112]
-/* 0x0964	     */		and	%o4,%o2,%g3
-/* 0x0968	     */		srax	%o4,32,%o5
-/* 0x096c	     */		fdtox	%f2,%f0
-/* 0x0970	     */		std	%f0,[%sp+96]
-/* 0x0974	     */		srax	%o7,32,%o4
-/* 0x0978	     */		ldx	[%sp+112],%o7
-/* 0x097c	     */		add	%o7,%o5,%o7
-/* 0x0980	     */		ldx	[%sp+104],%o5
-/* 0x0984	     */		add	%o4,%o7,%o4
-/* 0x0988	     */		ldx	[%sp+96],%o0
-/* 0x098c	     */		st	%g3,[%g4]
-/* 0x0990	     */		or	%g0,%o5,%o7
-/* 0x0994	     */		add	%g4,4,%g4
-/* 0x0998	     */		or	%g0,%o0,%o5
-/* 0x099c	     */		ble,a,pt	%icc,.L900000650
-/* 0x09a0	     */		ldd	[%g2+16],%f0
-                       .L77000236:
-/* 0x09a4	     */		sethi	%hi(0xfc00),%g2
-                       .L900000651:
-/* 0x09a8	     */		or	%g0,-1,%o0
-/* 0x09ac	     */		add	%g2,1023,%g2
-/* 0x09b0	     */		ld	[%fp+88],%o1
-/* 0x09b4	     */		srl	%o0,0,%g3
-/* 0x09b8	     */		and	%o5,%g2,%g2
-/* 0x09bc	     */		and	%o7,%g3,%g4
-
-!  317		      ! adjust_montf_result(result,nint,nlen); 
-
-/* 0x09c0	 317 */		or	%g0,-1,%o5
-/* 0x09c4	 311 */		sllx	%g2,16,%g2
-/* 0x09c8	     */		add	%o4,%g4,%g4
-/* 0x09cc	     */		add	%g4,%g2,%g2
-/* 0x09d0	     */		sll	%g5,2,%g4
-/* 0x09d4	     */		and	%g2,%g3,%g2
-/* 0x09d8	     */		st	%g2,[%o3+%g4]
-/* 0x09dc	 317 */		sll	%i0,2,%g2
-/* 0x09e0	     */		ld	[%o3+%g2],%g2
-/* 0x09e4	     */		cmp	%g2,0
-/* 0x09e8	     */		bleu,pn	%icc,.L77000241
-/* 0x09ec	     */		or	%g0,%o1,%o2
-/* 0x09f0	     */		ba	.L900000649
-/* 0x09f4	     */		cmp	%o5,0
-                       .L77000241:
-/* 0x09f8	     */		sub	%i0,1,%o5
-/* 0x09fc	     */		sll	%o5,2,%g2
-/* 0x0a00	     */		cmp	%o5,0
-/* 0x0a04	     */		bl,pt	%icc,.L900000649
-/* 0x0a08	     */		cmp	%o5,0
-/* 0x0a0c	     */		add	%o1,%g2,%o1
-/* 0x0a10	     */		add	%o3,%g2,%o4
-/* 0x0a14	     */		ld	[%o1],%g2
-                       .L900000648:
-/* 0x0a18	     */		ld	[%o4],%g3
-/* 0x0a1c	     */		sub	%o5,1,%o0
-/* 0x0a20	     */		sub	%o1,4,%o1
-/* 0x0a24	     */		sub	%o4,4,%o4
-/* 0x0a28	     */		cmp	%g3,%g2
-/* 0x0a2c	     */		bne,pn	%icc,.L77000244
-/* 0x0a30	     */		nop
-/* 0x0a34	   0 */		or	%g0,%o0,%o5
-/* 0x0a38	 317 */		cmp	%o0,0
-/* 0x0a3c	     */		bge,a,pt	%icc,.L900000648
-/* 0x0a40	     */		ld	[%o1],%g2
-                       .L77000244:
-/* 0x0a44	     */		cmp	%o5,0
-                       .L900000649:
-/* 0x0a48	     */		bl,pn	%icc,.L77000288
-/* 0x0a4c	     */		sll	%o5,2,%g2
-/* 0x0a50	     */		ld	[%o2+%g2],%g3
-/* 0x0a54	     */		ld	[%o3+%g2],%g2
-/* 0x0a58	     */		cmp	%g2,%g3
-/* 0x0a5c	     */		bleu,pt	%icc,.L77000224
-/* 0x0a60	     */		nop
-                       .L77000288:
-/* 0x0a64	     */		cmp	%i0,0
-/* 0x0a68	     */		ble,pt	%icc,.L77000224
-/* 0x0a6c	     */		nop
-/* 0x0a70	 317 */		sub	%i0,1,%o7
-/* 0x0a74	     */		or	%g0,-1,%g2
-/* 0x0a78	     */		srl	%g2,0,%o4
-/* 0x0a7c	     */		add	%o7,1,%o0
-/* 0x0a80	 315 */		or	%g0,0,%o5
-/* 0x0a84	     */		or	%g0,0,%g1
-/* 0x0a88	     */		cmp	%o0,3
-/* 0x0a8c	     */		bl,pn	%icc,.L77000289
-/* 0x0a90	     */		add	%o3,8,%o1
-/* 0x0a94	     */		add	%o2,4,%o0
-/* 0x0a98	     */		ld	[%o1-8],%g2
-/* 0x0a9c	   0 */		or	%g0,%o1,%o3
-/* 0x0aa0	 315 */		ld	[%o0-4],%g3
-/* 0x0aa4	   0 */		or	%g0,%o0,%o2
-/* 0x0aa8	 315 */		or	%g0,2,%g1
-/* 0x0aac	     */		ld	[%o3-4],%o0
-/* 0x0ab0	     */		sub	%g2,%g3,%g2
-/* 0x0ab4	     */		or	%g0,%g2,%o5
-/* 0x0ab8	     */		and	%g2,%o4,%g2
-/* 0x0abc	     */		st	%g2,[%o3-8]
-/* 0x0ac0	     */		srax	%o5,32,%o5
-                       .L900000638:
-/* 0x0ac4	     */		ld	[%o2],%g2
-/* 0x0ac8	     */		add	%g1,1,%g1
-/* 0x0acc	     */		add	%o2,4,%o2
-/* 0x0ad0	     */		cmp	%g1,%o7
-/* 0x0ad4	     */		add	%o3,4,%o3
-/* 0x0ad8	     */		sub	%o0,%g2,%o0
-/* 0x0adc	     */		add	%o0,%o5,%o5
-/* 0x0ae0	     */		and	%o5,%o4,%g2
-/* 0x0ae4	     */		ld	[%o3-4],%o0
-/* 0x0ae8	     */		st	%g2,[%o3-8]
-/* 0x0aec	     */		ble,pt	%icc,.L900000638
-/* 0x0af0	     */		srax	%o5,32,%o5
-                       .L900000641:
-/* 0x0af4	     */		ld	[%o2],%o1
-/* 0x0af8	     */		sub	%o0,%o1,%o0
-/* 0x0afc	     */		add	%o0,%o5,%o0
-/* 0x0b00	     */		and	%o0,%o4,%o1
-/* 0x0b04	     */		st	%o1,[%o3-4]
-/* 0x0b08	     */		ret	! Result = 
-/* 0x0b0c	     */		restore	%g0,%g0,%g0
-                       .L77000289:
-/* 0x0b10	     */		ld	[%o3],%o0
-                       .L900000647:
-/* 0x0b14	     */		ld	[%o2],%o1
-/* 0x0b18	     */		add	%o5,%o0,%o0
-/* 0x0b1c	     */		add	%g1,1,%g1
-/* 0x0b20	     */		add	%o2,4,%o2
-/* 0x0b24	     */		cmp	%g1,%o7
-/* 0x0b28	     */		sub	%o0,%o1,%o0
-/* 0x0b2c	     */		and	%o0,%o4,%o1
-/* 0x0b30	     */		st	%o1,[%o3]
-/* 0x0b34	     */		add	%o3,4,%o3
-/* 0x0b38	     */		srax	%o0,32,%o5
-/* 0x0b3c	     */		ble,a,pt	%icc,.L900000647
-/* 0x0b40	     */		ld	[%o3],%o0
-                       .L77000224:
-/* 0x0b44	     */		ret	! Result = 
-/* 0x0b48	     */		restore	%g0,%g0,%g0
-/* 0x0b4c	   0 */		.type	mont_mulf_noconv,2
-/* 0x0b4c	     */		.size	mont_mulf_noconv,(.-mont_mulf_noconv)
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.il b/security/nss/lib/freebl/mpi/montmulfv9.il
deleted file mode 100644
index 047785161..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv9.il
+++ /dev/null
@@ -1,122 +0,0 @@
-!  
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is inline macros for SPARC Montgomery multiply functions.
-!  
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!  
-!   $Id$
-!  
-
-!
-! double upper32(double /*frs1*/);
-!
-        .inline upper32,8
-	fdtox	%f0,%f10
-	fitod	%f10,%f0
-        .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
-        .inline lower32,8
-	fdtox	%f0,%f10
-	fmovs	%f2,%f10
-	fxtod	%f10,%f0
-        .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
-        .inline mod,12
-	fmuld	%f0,%f2,%f2
-	fdtox	%f2,%f2
-	fxtod	%f2,%f2
-	fmuld	%f2,%f4,%f2
-	fsubd	%f0,%f2,%f0
-        .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-!			    double * /* 0 */,
-!			    double * /*result16*/, double * /* result32 */
-!			    float *  /*source - should be unsigned int*
-!		            	       converted to float* */);
-!
-        .inline i16_to_d16_and_d32x4,24
-        ldd     [%o0],%f2  ! 1/(2^16)
-        ldd     [%o1],%f4  ! 2^16
-	ldd	[%o2],%f22
-
-	fmovd	%f22,%f6
-	ld	[%o5],%f7
-	fmovd	%f22,%f10
-	ld	[%o5+4],%f11
-	fmovd	%f22,%f14
-	ld	[%o5+8],%f15
-	fmovd	%f22,%f18
-	ld	[%o5+12],%f19
-	fxtod	%f6,%f6
-	std	%f6,[%o4]
-	fxtod	%f10,%f10
-	std	%f10,[%o4+8]
-	fxtod	%f14,%f14
-	std	%f14,[%o4+16]
-	fxtod	%f18,%f18
-	std	%f18,[%o4+24]
-	fmuld	%f2,%f6,%f8
-	fmuld	%f2,%f10,%f12
-	fmuld	%f2,%f14,%f16
-	fmuld	%f2,%f18,%f20
-	fdtox	%f8,%f8
-	fdtox	%f12,%f12
-	fdtox	%f16,%f16
-	fdtox	%f20,%f20
-	fxtod	%f8,%f8
-	std	%f8,[%o3+8]
-	fxtod	%f12,%f12
-	std	%f12,[%o3+24]
-	fxtod	%f16,%f16
-	std	%f16,[%o3+40]
-	fxtod	%f20,%f20
-	std	%f20,[%o3+56]
-	fmuld	%f8,%f4,%f8
-	fmuld	%f12,%f4,%f12
-	fmuld	%f16,%f4,%f16
-	fmuld	%f20,%f4,%f20
-	fsubd	%f6,%f8,%f8
-	std	%f8,[%o3]
-	fsubd	%f10,%f12,%f12
-	std	%f12,[%o3+16]
-	fsubd	%f14,%f16,%f16
-	std	%f16,[%o3+32]
-	fsubd	%f18,%f20,%f20
-	std	%f20,[%o3+48]
-        .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.s b/security/nss/lib/freebl/mpi/montmulfv9.s
deleted file mode 100644
index 30fc4f645..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv9.s
+++ /dev/null
@@ -1,2377 +0,0 @@
-!  
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!   
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!  
-!   $Id$
-!  
-
-	.section	".text",#alloc,#execinstr
-	.file	"montmulf.c"
-
-	.section	".rodata",#alloc
-	.global	TwoTo16
-	.align	8
-!
-! CONSTANT POOL
-!
-	.global TwoTo16
-TwoTo16:
-	.word	1089470464
-	.word	0
-	.type	TwoTo16,#object
-	.size	TwoTo16,8
-	.global	TwoToMinus16
-!
-! CONSTANT POOL
-!
-	.global TwoToMinus16
-TwoToMinus16:
-	.word	1055916032
-	.word	0
-	.type	TwoToMinus16,#object
-	.size	TwoToMinus16,8
-	.global	Zero
-!
-! CONSTANT POOL
-!
-	.global Zero
-Zero:
-	.word	0
-	.word	0
-	.type	Zero,#object
-	.size	Zero,8
-	.global	TwoTo32
-!
-! CONSTANT POOL
-!
-	.global TwoTo32
-TwoTo32:
-	.word	1106247680
-	.word	0
-	.type	TwoTo32,#object
-	.size	TwoTo32,8
-	.global	TwoToMinus32
-!
-! CONSTANT POOL
-!
-	.global TwoToMinus32
-TwoToMinus32:
-	.word	1039138816
-	.word	0
-	.type	TwoToMinus32,#object
-	.size	TwoToMinus32,8
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.register	%g3,#scratch
-/* 000000	     */		.register	%g2,#scratch
-/* 000000	   0 */		.align	8
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_d16_to_i32
-                       conv_d16_to_i32:
-/* 000000	     */		save	%sp,-208,%sp
-! FILE montmulf.c
-
-!    1		      !/*
-!    2		      ! * The contents of this file are subject to the Mozilla Public
-!    3		      ! * License Version 1.1 (the "License"); you may not use this file
-!    4		      ! * except in compliance with the License. You may obtain a copy of
-!    5		      ! * the License at http://www.mozilla.org/MPL/
-!    6		      ! * 
-!    7		      ! * Software distributed under the License is distributed on an "AS
-!    8		      ! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!    9		      ! * implied. See the License for the specific language governing
-!   10		      ! * rights and limitations under the License.
-!   11		      ! * 
-!   12		      ! * The Original Code is SPARC optimized Montgomery multiply functions.
-!   13		      ! *
-!   14		      ! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-!   15		      ! * Portions created by Sun Microsystems Inc. are 
-!   16		      ! * Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-!   17		      ! * 
-!   18		      ! * Contributor(s):
-!   19		      ! *	Netscape Communications Corporation
-!   20		      ! * 
-!   21		      ! * Alternatively, the contents of this file may be used under the
-!   22		      ! * terms of the GNU General Public License Version 2 or later (the
-!   23		      ! * "GPL"), in which case the provisions of the GPL are applicable 
-!   24		      ! * instead of those above.	If you wish to allow use of your 
-!   25		      ! * version of this file only under the terms of the GPL and not to
-!   26		      ! * allow others to use your version of this file under the MPL,
-!   27		      ! * indicate your decision by deleting the provisions above and
-!   28		      ! * replace them with the notice and other provisions required by
-!   29		      ! * the GPL.  If you do not delete the provisions above, a recipient
-!   30		      ! * may use your version of this file under either the MPL or the
-!   31		      ! * GPL.
-!   32		      ! *
-!   33		      ! *  $Id$
-!   34		      ! */
-!   36		      !#define RF_INLINE_MACROS
-!   38		      !static const double TwoTo16=65536.0;
-!   39		      !static const double TwoToMinus16=1.0/65536.0;
-!   40		      !static const double Zero=0.0;
-!   41		      !static const double TwoTo32=65536.0*65536.0;
-!   42		      !static const double TwoToMinus32=1.0/(65536.0*65536.0);
-!   44		      !#ifdef RF_INLINE_MACROS
-!   46		      !double upper32(double);
-!   47		      !double lower32(double, double);
-!   48		      !double mod(double, double, double);
-!   50		      !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/, 
-!   51		      !			  const double * /* 2^16*/,
-!   52		      !			  const double * /* 0 */,
-!   53		      !			  double *       /*result16*/, 
-!   54		      !			  double *       /* result32 */,
-!   55		      !			  float *  /*source - should be unsigned int*
-!   56		      !		          	       converted to float* */);
-!   58		      !#else
-!   60		      !static double upper32(double x)
-!   61		      !{
-!   62		      !  return floor(x*TwoToMinus32);
-!   63		      !}
-!   65		      !static double lower32(double x, double y)
-!   66		      !{
-!   67		      !  return x-TwoTo32*floor(x*TwoToMinus32);
-!   68		      !}
-!   70		      !static double mod(double x, double oneoverm, double m)
-!   71		      !{
-!   72		      !  return x-m*floor(x*oneoverm);
-!   73		      !}
-!   75		      !#endif
-!   78		      !static void cleanup(double *dt, int from, int tlen)
-!   79		      !{
-!   80		      ! int i;
-!   81		      ! double tmp,tmp1,x,x1;
-!   83		      ! tmp=tmp1=Zero;
-!   84		      ! /* original code **
-!   85		      ! for(i=2*from;i<2*tlen-2;i++)
-!   86		      !   {
-!   87		      !     x=dt[i];
-!   88		      !     dt[i]=lower32(x,Zero)+tmp1;
-!   89		      !     tmp1=tmp;
-!   90		      !     tmp=upper32(x);
-!   91		      !   }
-!   92		      ! dt[tlen-2]+=tmp1;
-!   93		      ! dt[tlen-1]+=tmp;
-!   94		      ! **end original code ***/
-!   95		      ! /* new code ***/
-!   96		      ! for(i=2*from;i<2*tlen;i+=2)
-!   97		      !   {
-!   98		      !     x=dt[i];
-!   99		      !     x1=dt[i+1];
-!  100		      !     dt[i]=lower32(x,Zero)+tmp;
-!  101		      !     dt[i+1]=lower32(x1,Zero)+tmp1;
-!  102		      !     tmp=upper32(x);
-!  103		      !     tmp1=upper32(x1);
-!  104		      !   }
-!  105		      !  /** end new code **/
-!  106		      !}
-!  109		      !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-!  110		      !{
-!  111		      !int i;
-!  112		      !long long t, t1, a, b, c, d;
-!  114		      ! t1=0;
-!  115		      ! a=(long long)d16[0];
-
-/* 0x0004	 115 */		ldd	[%i1],%f2
-
-!  116		      ! b=(long long)d16[1];
-!  117		      ! for(i=0; i<ilen-1; i++)
-
-/* 0x0008	 117 */		sub	%i3,1,%o1
-/* 0x000c	 110 */		or	%g0,%i0,%g1
-/* 0x0010	 116 */		ldd	[%i1+8],%f4
-/* 0x0014	 117 */		cmp	%o1,0
-/* 0x0018	 114 */		or	%g0,0,%g5
-/* 0x001c	 115 */		fdtox	%f2,%f2
-/* 0x0020	     */		std	%f2,[%sp+2247]
-/* 0x0024	 117 */		or	%g0,0,%o0
-/* 0x0028	 116 */		fdtox	%f4,%f2
-/* 0x002c	     */		std	%f2,[%sp+2239]
-/* 0x0030	 110 */		sub	%o1,1,%o7
-/* 0x0034	     */		or	%g0,%i1,%o4
-/* 0x0038	     */		sethi	%hi(0xfc00),%o3
-/* 0x003c	     */		or	%g0,-1,%o1
-/* 0x0040	     */		or	%g0,2,%i1
-/* 0x0044	     */		srl	%o1,0,%g3
-/* 0x0048	     */		or	%g0,%o4,%g4
-/* 0x004c	 116 */		ldx	[%sp+2239],%i2
-/* 0x0050	     */		add	%o3,1023,%o5
-/* 0x0054	 117 */		sub	%o7,1,%o2
-/* 0x0058	 115 */		ldx	[%sp+2247],%i3
-/* 0x005c	 117 */		ble,pt	%icc,.L900000113
-/* 0x0060	     */		sethi	%hi(0xfc00),%g2
-/* 0x0064	     */		add	%o7,1,%g2
-
-!  118		      !   {
-!  119		      !     c=(long long)d16[2*i+2];
-!  120		      !     t1+=a&0xffffffff;
-!  121		      !     t=(a>>32);
-!  122		      !     d=(long long)d16[2*i+3];
-!  123		      !     t1+=(b&0xffff)<<16;
-
-/* 0x0068	 123 */		and	%i2,%o5,%i4
-/* 0x006c	     */		sllx	%i4,16,%o1
-/* 0x0070	 117 */		cmp	%g2,6
-/* 0x0074	     */		bl,pn	%icc,.L77000134
-/* 0x0078	     */		or	%g0,3,%i0
-/* 0x007c	 119 */		ldd	[%o4+16],%f0
-/* 0x0080	 120 */		and	%i3,%g3,%o3
-
-!  124		      !     t+=(b>>16)+(t1>>32);
-
-/* 0x0084	 124 */		srax	%i2,16,%i5
-/* 0x0088	 117 */		add	%o3,%o1,%i4
-/* 0x008c	 121 */		srax	%i3,32,%i3
-/* 0x0090	 119 */		fdtox	%f0,%f0
-/* 0x0094	     */		std	%f0,[%sp+2231]
-
-!  125		      !     i32[i]=t1&0xffffffff;
-
-/* 0x0098	 125 */		and	%i4,%g3,%l0
-/* 0x009c	 117 */		or	%g0,72,%o3
-/* 0x00a0	 122 */		ldd	[%g4+24],%f0
-/* 0x00a4	 117 */		or	%g0,64,%o4
-/* 0x00a8	     */		or	%g0,4,%o1
-
-!  126		      !     t1=t;
-!  127		      !     a=c;
-!  128		      !     b=d;
-
-/* 0x00ac	 128 */		or	%g0,5,%i0
-/* 0x00b0	     */		or	%g0,4,%i1
-/* 0x00b4	 119 */		ldx	[%sp+2231],%g2
-/* 0x00b8	 122 */		fdtox	%f0,%f0
-/* 0x00bc	 128 */		or	%g0,4,%o0
-/* 0x00c0	 122 */		std	%f0,[%sp+2223]
-/* 0x00c4	     */		ldd	[%g4+40],%f2
-/* 0x00c8	 120 */		and	%g2,%g3,%i2
-/* 0x00cc	 119 */		ldd	[%g4+32],%f0
-/* 0x00d0	 121 */		srax	%g2,32,%g2
-/* 0x00d4	 122 */		ldd	[%g4+56],%f4
-/* 0x00d8	     */		fdtox	%f2,%f2
-/* 0x00dc	     */		ldx	[%sp+2223],%g5
-/* 0x00e0	 119 */		fdtox	%f0,%f0
-/* 0x00e4	 125 */		st	%l0,[%g1]
-/* 0x00e8	 124 */		srax	%i4,32,%l0
-/* 0x00ec	 122 */		fdtox	%f4,%f4
-/* 0x00f0	     */		std	%f2,[%sp+2223]
-/* 0x00f4	 123 */		and	%g5,%o5,%i4
-/* 0x00f8	 124 */		add	%i5,%l0,%i5
-/* 0x00fc	 119 */		std	%f0,[%sp+2231]
-/* 0x0100	 123 */		sllx	%i4,16,%i4
-/* 0x0104	 124 */		add	%i3,%i5,%i3
-/* 0x0108	 119 */		ldd	[%g4+48],%f2
-/* 0x010c	 124 */		srax	%g5,16,%g5
-/* 0x0110	 117 */		add	%i2,%i4,%i2
-/* 0x0114	 122 */		ldd	[%g4+72],%f0
-/* 0x0118	 117 */		add	%i2,%i3,%i4
-/* 0x011c	 124 */		srax	%i4,32,%i5
-/* 0x0120	 119 */		fdtox	%f2,%f2
-/* 0x0124	 125 */		and	%i4,%g3,%i4
-/* 0x0128	 122 */		ldx	[%sp+2223],%i2
-/* 0x012c	 124 */		add	%g5,%i5,%g5
-/* 0x0130	 119 */		ldx	[%sp+2231],%i3
-/* 0x0134	 124 */		add	%g2,%g5,%g5
-/* 0x0138	 119 */		std	%f2,[%sp+2231]
-/* 0x013c	 122 */		std	%f4,[%sp+2223]
-/* 0x0140	 119 */		ldd	[%g4+64],%f2
-/* 0x0144	 125 */		st	%i4,[%g1+4]
-                       .L900000108:
-/* 0x0148	 122 */		ldx	[%sp+2223],%i4
-/* 0x014c	 128 */		add	%o0,2,%o0
-/* 0x0150	     */		add	%i0,4,%i0
-/* 0x0154	 119 */		ldx	[%sp+2231],%l0
-/* 0x0158	 117 */		add	%o3,16,%o3
-/* 0x015c	 123 */		and	%i2,%o5,%g2
-/* 0x0160	     */		sllx	%g2,16,%i5
-/* 0x0164	 120 */		and	%i3,%g3,%g2
-/* 0x0168	 122 */		ldd	[%g4+%o3],%f4
-/* 0x016c	     */		fdtox	%f0,%f0
-/* 0x0170	     */		std	%f0,[%sp+2223]
-/* 0x0174	 124 */		srax	%i2,16,%i2
-/* 0x0178	 117 */		add	%g2,%i5,%g2
-/* 0x017c	 119 */		fdtox	%f2,%f0
-/* 0x0180	 117 */		add	%o4,16,%o4
-/* 0x0184	 119 */		std	%f0,[%sp+2231]
-/* 0x0188	 117 */		add	%g2,%g5,%g2
-/* 0x018c	 119 */		ldd	[%g4+%o4],%f2
-/* 0x0190	 124 */		srax	%g2,32,%i5
-/* 0x0194	 128 */		cmp	%o0,%o2
-/* 0x0198	 121 */		srax	%i3,32,%g5
-/* 0x019c	 124 */		add	%i2,%i5,%i2
-/* 0x01a0	     */		add	%g5,%i2,%i5
-/* 0x01a4	 117 */		add	%o1,4,%o1
-/* 0x01a8	 125 */		and	%g2,%g3,%g2
-/* 0x01ac	 127 */		or	%g0,%l0,%g5
-/* 0x01b0	 125 */		st	%g2,[%g1+%o1]
-/* 0x01b4	 128 */		add	%i1,4,%i1
-/* 0x01b8	 122 */		ldx	[%sp+2223],%i2
-/* 0x01bc	 119 */		ldx	[%sp+2231],%i3
-/* 0x01c0	 117 */		add	%o3,16,%o3
-/* 0x01c4	 123 */		and	%i4,%o5,%g2
-/* 0x01c8	     */		sllx	%g2,16,%l0
-/* 0x01cc	 120 */		and	%g5,%g3,%g2
-/* 0x01d0	 122 */		ldd	[%g4+%o3],%f0
-/* 0x01d4	     */		fdtox	%f4,%f4
-/* 0x01d8	     */		std	%f4,[%sp+2223]
-/* 0x01dc	 124 */		srax	%i4,16,%i4
-/* 0x01e0	 117 */		add	%g2,%l0,%g2
-/* 0x01e4	 119 */		fdtox	%f2,%f2
-/* 0x01e8	 117 */		add	%o4,16,%o4
-/* 0x01ec	 119 */		std	%f2,[%sp+2231]
-/* 0x01f0	 117 */		add	%g2,%i5,%g2
-/* 0x01f4	 119 */		ldd	[%g4+%o4],%f2
-/* 0x01f8	 124 */		srax	%g2,32,%i5
-/* 0x01fc	 121 */		srax	%g5,32,%g5
-/* 0x0200	 124 */		add	%i4,%i5,%i4
-/* 0x0204	     */		add	%g5,%i4,%g5
-/* 0x0208	 117 */		add	%o1,4,%o1
-/* 0x020c	 125 */		and	%g2,%g3,%g2
-/* 0x0210	 128 */		ble,pt	%icc,.L900000108
-/* 0x0214	     */		st	%g2,[%g1+%o1]
-                       .L900000111:
-/* 0x0218	 122 */		ldx	[%sp+2223],%o2
-/* 0x021c	 123 */		and	%i2,%o5,%i4
-/* 0x0220	 120 */		and	%i3,%g3,%g2
-/* 0x0224	 123 */		sllx	%i4,16,%i4
-/* 0x0228	 119 */		ldx	[%sp+2231],%i5
-/* 0x022c	 128 */		cmp	%o0,%o7
-/* 0x0230	 124 */		srax	%i2,16,%i2
-/* 0x0234	 117 */		add	%g2,%i4,%g2
-/* 0x0238	 122 */		fdtox	%f0,%f4
-/* 0x023c	     */		std	%f4,[%sp+2223]
-/* 0x0240	 117 */		add	%g2,%g5,%g5
-/* 0x0244	 123 */		and	%o2,%o5,%l0
-/* 0x0248	 124 */		srax	%g5,32,%l1
-/* 0x024c	 120 */		and	%i5,%g3,%i4
-/* 0x0250	 119 */		fdtox	%f2,%f0
-/* 0x0254	 121 */		srax	%i3,32,%g2
-/* 0x0258	 119 */		std	%f0,[%sp+2231]
-/* 0x025c	 124 */		add	%i2,%l1,%i2
-/* 0x0260	 123 */		sllx	%l0,16,%i3
-/* 0x0264	 124 */		add	%g2,%i2,%i2
-/* 0x0268	     */		srax	%o2,16,%o2
-/* 0x026c	 117 */		add	%o1,4,%g2
-/* 0x0270	     */		add	%i4,%i3,%o1
-/* 0x0274	 125 */		and	%g5,%g3,%g5
-/* 0x0278	     */		st	%g5,[%g1+%g2]
-/* 0x027c	 119 */		ldx	[%sp+2231],%i3
-/* 0x0280	 117 */		add	%o1,%i2,%o1
-/* 0x0284	     */		add	%g2,4,%g2
-/* 0x0288	 124 */		srax	%o1,32,%i4
-/* 0x028c	 122 */		ldx	[%sp+2223],%i2
-/* 0x0290	 125 */		and	%o1,%g3,%g5
-/* 0x0294	 121 */		srax	%i5,32,%o1
-/* 0x0298	 124 */		add	%o2,%i4,%o2
-/* 0x029c	 125 */		st	%g5,[%g1+%g2]
-/* 0x02a0	 128 */		bg,pn	%icc,.L77000127
-/* 0x02a4	     */		add	%o1,%o2,%g5
-/* 0x02a8	     */		add	%i0,6,%i0
-/* 0x02ac	     */		add	%i1,6,%i1
-                       .L77000134:
-/* 0x02b0	 119 */		sra	%i1,0,%o2
-                       .L900000112:
-/* 0x02b4	 119 */		sllx	%o2,3,%o3
-/* 0x02b8	 120 */		and	%i3,%g3,%o1
-/* 0x02bc	 119 */		ldd	[%g4+%o3],%f0
-/* 0x02c0	 122 */		sra	%i0,0,%o3
-/* 0x02c4	 123 */		and	%i2,%o5,%o2
-/* 0x02c8	 122 */		sllx	%o3,3,%o3
-/* 0x02cc	 120 */		add	%g5,%o1,%o1
-/* 0x02d0	 119 */		fdtox	%f0,%f0
-/* 0x02d4	     */		std	%f0,[%sp+2231]
-/* 0x02d8	 123 */		sllx	%o2,16,%o2
-/* 0x02dc	     */		add	%o1,%o2,%o2
-/* 0x02e0	 128 */		add	%i1,2,%i1
-/* 0x02e4	 122 */		ldd	[%g4+%o3],%f0
-/* 0x02e8	 124 */		srax	%o2,32,%g2
-/* 0x02ec	 125 */		and	%o2,%g3,%o3
-/* 0x02f0	 124 */		srax	%i2,16,%o1
-/* 0x02f4	 128 */		add	%i0,2,%i0
-/* 0x02f8	 122 */		fdtox	%f0,%f0
-/* 0x02fc	     */		std	%f0,[%sp+2223]
-/* 0x0300	 125 */		sra	%o0,0,%o2
-/* 0x0304	     */		sllx	%o2,2,%o2
-/* 0x0308	 124 */		add	%o1,%g2,%g5
-/* 0x030c	 121 */		srax	%i3,32,%g2
-/* 0x0310	 128 */		add	%o0,1,%o0
-/* 0x0314	 124 */		add	%g2,%g5,%g5
-/* 0x0318	 128 */		cmp	%o0,%o7
-/* 0x031c	 119 */		ldx	[%sp+2231],%o4
-/* 0x0320	 122 */		ldx	[%sp+2223],%i2
-/* 0x0324	 125 */		st	%o3,[%g1+%o2]
-/* 0x0328	 127 */		or	%g0,%o4,%i3
-/* 0x032c	 128 */		ble,pt	%icc,.L900000112
-/* 0x0330	     */		sra	%i1,0,%o2
-                       .L77000127:
-
-!  129		      !   }
-!  130		      !     t1+=a&0xffffffff;
-!  131		      !     t=(a>>32);
-!  132		      !     t1+=(b&0xffff)<<16;
-!  133		      !     i32[i]=t1&0xffffffff;
-
-/* 0x0334	 133 */		sethi	%hi(0xfc00),%g2
-                       .L900000113:
-/* 0x0338	 133 */		or	%g0,-1,%g3
-/* 0x033c	     */		add	%g2,1023,%g2
-/* 0x0340	     */		srl	%g3,0,%g3
-/* 0x0344	     */		and	%i2,%g2,%g2
-/* 0x0348	     */		and	%i3,%g3,%g4
-/* 0x034c	     */		sllx	%g2,16,%g2
-/* 0x0350	     */		add	%g5,%g4,%g4
-/* 0x0354	     */		sra	%o0,0,%g5
-/* 0x0358	     */		add	%g4,%g2,%g4
-/* 0x035c	     */		sllx	%g5,2,%g2
-/* 0x0360	     */		and	%g4,%g3,%g3
-/* 0x0364	     */		st	%g3,[%g1+%g2]
-/* 0x0368	     */		ret	! Result = 
-/* 0x036c	     */		restore	%g0,%g0,%g0
-/* 0x0370	   0 */		.type	conv_d16_to_i32,2
-/* 0x0370	     */		.size	conv_d16_to_i32,(.-conv_d16_to_i32)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! CONSTANT POOL
-!
-                       .L_const_seg_900000201:
-/* 000000	   0 */		.word	1127219200,0
-/* 0x0008	   0 */		.align	8
-/* 0x0008	     */		.skip	24
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_i32_to_d32
-                       conv_i32_to_d32:
-/* 000000	     */		or	%g0,%o7,%g3
-
-!  135		      !}
-!  137		      !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-!  138		      !{
-!  139		      !int i;
-!  141		      !#pragma pipeloop(0)
-!  142		      ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004	 142 */		cmp	%o2,0
-                       .L900000210:
-/* 0x0008	     */		call	.+8
-/* 0x000c	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0010	 142 */		or	%g0,0,%o3
-/* 0x0014	 138 */		add	%g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0018	 142 */		sub	%o2,1,%o4
-/* 0x001c	 138 */		add	%g4,%o7,%g1
-/* 0x0020	 142 */		ble,pt	%icc,.L77000140
-/* 0x0024	     */		or	%g0,%g3,%o7
-/* 0x0028	     */		sethi	%hi(.L_const_seg_900000201),%g3
-/* 0x002c	     */		cmp	%o2,12
-/* 0x0030	     */		add	%g3,%lo(.L_const_seg_900000201),%g2
-/* 0x0034	     */		or	%g0,%o1,%g5
-/* 0x0038	     */		ldx	[%g1+%g2],%g4
-/* 0x003c	     */		or	%g0,0,%g1
-/* 0x0040	     */		or	%g0,24,%g2
-/* 0x0044	     */		bl,pn	%icc,.L77000144
-/* 0x0048	     */		or	%g0,0,%g3
-/* 0x004c	     */		ld	[%o1],%f13
-/* 0x0050	     */		or	%g0,7,%o3
-/* 0x0054	     */		ldd	[%g4],%f8
-/* 0x0058	     */		sub	%o2,5,%g3
-/* 0x005c	     */		or	%g0,8,%g1
-/* 0x0060	     */		ld	[%o1+4],%f11
-/* 0x0064	     */		ld	[%o1+8],%f7
-/* 0x0068	     */		fmovs	%f8,%f12
-/* 0x006c	     */		ld	[%o1+12],%f5
-/* 0x0070	     */		fmovs	%f8,%f10
-/* 0x0074	     */		ld	[%o1+16],%f3
-/* 0x0078	     */		fmovs	%f8,%f6
-/* 0x007c	     */		ld	[%o1+20],%f1
-/* 0x0080	     */		fsubd	%f12,%f8,%f12
-/* 0x0084	     */		std	%f12,[%o0]
-/* 0x0088	     */		fsubd	%f10,%f8,%f10
-/* 0x008c	     */		std	%f10,[%o0+8]
-                       .L900000205:
-/* 0x0090	     */		ld	[%o1+%g2],%f11
-/* 0x0094	     */		add	%g1,8,%g1
-/* 0x0098	     */		add	%o3,5,%o3
-/* 0x009c	     */		fsubd	%f6,%f8,%f6
-/* 0x00a0	     */		add	%g2,4,%g2
-/* 0x00a4	     */		std	%f6,[%o0+%g1]
-/* 0x00a8	     */		cmp	%o3,%g3
-/* 0x00ac	     */		fmovs	%f8,%f4
-/* 0x00b0	     */		ld	[%o1+%g2],%f7
-/* 0x00b4	     */		fsubd	%f4,%f8,%f12
-/* 0x00b8	     */		add	%g1,8,%g1
-/* 0x00bc	     */		add	%g2,4,%g2
-/* 0x00c0	     */		fmovs	%f8,%f2
-/* 0x00c4	     */		std	%f12,[%o0+%g1]
-/* 0x00c8	     */		ld	[%o1+%g2],%f5
-/* 0x00cc	     */		fsubd	%f2,%f8,%f12
-/* 0x00d0	     */		add	%g1,8,%g1
-/* 0x00d4	     */		add	%g2,4,%g2
-/* 0x00d8	     */		fmovs	%f8,%f0
-/* 0x00dc	     */		std	%f12,[%o0+%g1]
-/* 0x00e0	     */		ld	[%o1+%g2],%f3
-/* 0x00e4	     */		fsubd	%f0,%f8,%f12
-/* 0x00e8	     */		add	%g1,8,%g1
-/* 0x00ec	     */		add	%g2,4,%g2
-/* 0x00f0	     */		fmovs	%f8,%f10
-/* 0x00f4	     */		std	%f12,[%o0+%g1]
-/* 0x00f8	     */		ld	[%o1+%g2],%f1
-/* 0x00fc	     */		fsubd	%f10,%f8,%f10
-/* 0x0100	     */		add	%g1,8,%g1
-/* 0x0104	     */		add	%g2,4,%g2
-/* 0x0108	     */		std	%f10,[%o0+%g1]
-/* 0x010c	     */		ble,pt	%icc,.L900000205
-/* 0x0110	     */		fmovs	%f8,%f6
-                       .L900000208:
-/* 0x0114	     */		fmovs	%f8,%f4
-/* 0x0118	     */		ld	[%o1+%g2],%f11
-/* 0x011c	     */		add	%g1,8,%g3
-/* 0x0120	     */		fmovs	%f8,%f2
-/* 0x0124	     */		add	%g1,16,%g1
-/* 0x0128	     */		cmp	%o3,%o4
-/* 0x012c	     */		fmovs	%f8,%f0
-/* 0x0130	     */		add	%g1,8,%o1
-/* 0x0134	     */		add	%g1,16,%o2
-/* 0x0138	     */		fmovs	%f8,%f10
-/* 0x013c	     */		add	%g1,24,%g2
-/* 0x0140	     */		fsubd	%f6,%f8,%f6
-/* 0x0144	     */		std	%f6,[%o0+%g3]
-/* 0x0148	     */		fsubd	%f4,%f8,%f4
-/* 0x014c	     */		std	%f4,[%o0+%g1]
-/* 0x0150	     */		sra	%o3,0,%g1
-/* 0x0154	     */		fsubd	%f2,%f8,%f2
-/* 0x0158	     */		std	%f2,[%o0+%o1]
-/* 0x015c	     */		sllx	%g1,2,%g3
-/* 0x0160	     */		fsubd	%f0,%f8,%f0
-/* 0x0164	     */		std	%f0,[%o0+%o2]
-/* 0x0168	     */		fsubd	%f10,%f8,%f0
-/* 0x016c	     */		bg,pn	%icc,.L77000140
-/* 0x0170	     */		std	%f0,[%o0+%g2]
-                       .L77000144:
-/* 0x0174	     */		ldd	[%g4],%f8
-                       .L900000211:
-/* 0x0178	     */		ld	[%g5+%g3],%f13
-/* 0x017c	     */		sllx	%g1,3,%g2
-/* 0x0180	     */		add	%o3,1,%o3
-/* 0x0184	     */		sra	%o3,0,%g1
-/* 0x0188	     */		cmp	%o3,%o4
-/* 0x018c	     */		fmovs	%f8,%f12
-/* 0x0190	     */		sllx	%g1,2,%g3
-/* 0x0194	     */		fsubd	%f12,%f8,%f0
-/* 0x0198	     */		std	%f0,[%o0+%g2]
-/* 0x019c	     */		ble,a,pt	%icc,.L900000211
-/* 0x01a0	     */		ldd	[%g4],%f8
-                       .L77000140:
-/* 0x01a4	     */		retl	! Result = 
-/* 0x01a8	     */		nop
-/* 0x01ac	   0 */		.type	conv_i32_to_d32,2
-/* 0x01ac	     */		.size	conv_i32_to_d32,(.-conv_i32_to_d32)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! CONSTANT POOL
-!
-                       .L_const_seg_900000301:
-/* 000000	   0 */		.word	1127219200,0
-/* 0x0008	   0 */		.align	8
-/* 0x0008	     */		.skip	24
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_i32_to_d16
-                       conv_i32_to_d16:
-/* 000000	     */		save	%sp,-192,%sp
-                       .L900000310:
-/* 0x0004	     */		call	.+8
-/* 0x0008	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-
-!  143		      !}
-!  146		      !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-!  147		      !{
-!  148		      !int i;
-!  149		      !unsigned int a;
-!  151		      !#pragma pipeloop(0)
-!  152		      ! for(i=0;i<len;i++)
-
-/* 0x000c	 152 */		cmp	%i2,0
-/* 0x0010	 147 */		add	%g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x0014	 152 */		ble,pt	%icc,.L77000150
-/* 0x0018	     */		add	%g3,%o7,%o0
-
-!  153		      !   {
-!  154		      !     a=i32[i];
-!  155		      !     d16[2*i]=(double)(a&0xffff);
-!  156		      !     d16[2*i+1]=(double)(a>>16);
-
-/* 0x001c	 156 */		sethi	%hi(.L_const_seg_900000301),%g2
-/* 0x0020	 147 */		or	%g0,%i2,%o1
-/* 0x0024	 152 */		sethi	%hi(0xfc00),%g3
-/* 0x0028	 156 */		add	%g2,%lo(.L_const_seg_900000301),%g2
-/* 0x002c	 152 */		or	%g0,%o1,%g4
-/* 0x0030	 156 */		ldx	[%o0+%g2],%o5
-/* 0x0034	 152 */		add	%g3,1023,%g1
-/* 0x0038	 147 */		or	%g0,%i1,%o7
-/* 0x003c	 152 */		or	%g0,0,%i2
-/* 0x0040	     */		sub	%o1,1,%g5
-/* 0x0044	     */		or	%g0,0,%g3
-/* 0x0048	     */		or	%g0,1,%g2
-/* 0x004c	 154 */		or	%g0,0,%o2
-/* 0x0050	     */		cmp	%g4,6
-/* 0x0054	 152 */		bl,pn	%icc,.L77000154
-/* 0x0058	     */		ldd	[%o5],%f0
-/* 0x005c	     */		sub	%o1,2,%o3
-/* 0x0060	     */		or	%g0,16,%o2
-/* 0x0064	 154 */		ld	[%i1],%o4
-/* 0x0068	 156 */		or	%g0,3,%g2
-/* 0x006c	     */		or	%g0,2,%g3
-/* 0x0070	 155 */		fmovs	%f0,%f2
-/* 0x0074	 156 */		or	%g0,4,%i2
-/* 0x0078	 155 */		and	%o4,%g1,%o0
-/* 0x007c	     */		st	%o0,[%sp+2227]
-/* 0x0080	     */		fmovs	%f0,%f4
-/* 0x0084	 156 */		srl	%o4,16,%i4
-/* 0x0088	 152 */		or	%g0,12,%o4
-/* 0x008c	     */		or	%g0,24,%o0
-/* 0x0090	 155 */		ld	[%sp+2227],%f3
-/* 0x0094	     */		fsubd	%f2,%f0,%f2
-/* 0x0098	     */		std	%f2,[%i0]
-/* 0x009c	 156 */		st	%i4,[%sp+2223]
-/* 0x00a0	 154 */		ld	[%o7+4],%o1
-/* 0x00a4	 156 */		fmovs	%f0,%f2
-/* 0x00a8	 155 */		and	%o1,%g1,%i1
-/* 0x00ac	 156 */		ld	[%sp+2223],%f3
-/* 0x00b0	     */		srl	%o1,16,%o1
-/* 0x00b4	     */		fsubd	%f2,%f0,%f2
-/* 0x00b8	     */		std	%f2,[%i0+8]
-/* 0x00bc	     */		st	%o1,[%sp+2223]
-/* 0x00c0	 155 */		st	%i1,[%sp+2227]
-/* 0x00c4	 154 */		ld	[%o7+8],%o1
-/* 0x00c8	 156 */		fmovs	%f0,%f2
-/* 0x00cc	 155 */		and	%o1,%g1,%g4
-/* 0x00d0	     */		ld	[%sp+2227],%f5
-/* 0x00d4	 156 */		srl	%o1,16,%o1
-/* 0x00d8	     */		ld	[%sp+2223],%f3
-/* 0x00dc	     */		st	%o1,[%sp+2223]
-/* 0x00e0	 155 */		fsubd	%f4,%f0,%f4
-/* 0x00e4	     */		st	%g4,[%sp+2227]
-/* 0x00e8	 156 */		fsubd	%f2,%f0,%f2
-/* 0x00ec	 154 */		ld	[%o7+12],%o1
-/* 0x00f0	 155 */		std	%f4,[%i0+16]
-/* 0x00f4	 156 */		std	%f2,[%i0+24]
-                       .L900000306:
-/* 0x00f8	 155 */		ld	[%sp+2227],%f5
-/* 0x00fc	 156 */		add	%i2,2,%i2
-/* 0x0100	     */		add	%g2,4,%g2
-/* 0x0104	     */		ld	[%sp+2223],%f3
-/* 0x0108	     */		cmp	%i2,%o3
-/* 0x010c	     */		add	%g3,4,%g3
-/* 0x0110	 155 */		and	%o1,%g1,%g4
-/* 0x0114	 156 */		srl	%o1,16,%o1
-/* 0x0118	 155 */		st	%g4,[%sp+2227]
-/* 0x011c	 156 */		st	%o1,[%sp+2223]
-/* 0x0120	 152 */		add	%o4,4,%o1
-/* 0x0124	 154 */		ld	[%o7+%o1],%o4
-/* 0x0128	 156 */		fmovs	%f0,%f2
-/* 0x012c	 155 */		fmovs	%f0,%f4
-/* 0x0130	     */		fsubd	%f4,%f0,%f4
-/* 0x0134	 152 */		add	%o2,16,%o2
-/* 0x0138	 156 */		fsubd	%f2,%f0,%f2
-/* 0x013c	 155 */		std	%f4,[%i0+%o2]
-/* 0x0140	 152 */		add	%o0,16,%o0
-/* 0x0144	 156 */		std	%f2,[%i0+%o0]
-/* 0x0148	 155 */		ld	[%sp+2227],%f5
-/* 0x014c	 156 */		ld	[%sp+2223],%f3
-/* 0x0150	 155 */		and	%o4,%g1,%g4
-/* 0x0154	 156 */		srl	%o4,16,%o4
-/* 0x0158	 155 */		st	%g4,[%sp+2227]
-/* 0x015c	 156 */		st	%o4,[%sp+2223]
-/* 0x0160	 152 */		add	%o1,4,%o4
-/* 0x0164	 154 */		ld	[%o7+%o4],%o1
-/* 0x0168	 156 */		fmovs	%f0,%f2
-/* 0x016c	 155 */		fmovs	%f0,%f4
-/* 0x0170	     */		fsubd	%f4,%f0,%f4
-/* 0x0174	 152 */		add	%o2,16,%o2
-/* 0x0178	 156 */		fsubd	%f2,%f0,%f2
-/* 0x017c	 155 */		std	%f4,[%i0+%o2]
-/* 0x0180	 152 */		add	%o0,16,%o0
-/* 0x0184	 156 */		ble,pt	%icc,.L900000306
-/* 0x0188	     */		std	%f2,[%i0+%o0]
-                       .L900000309:
-/* 0x018c	 155 */		ld	[%sp+2227],%f5
-/* 0x0190	 156 */		fmovs	%f0,%f2
-/* 0x0194	     */		srl	%o1,16,%o3
-/* 0x0198	     */		ld	[%sp+2223],%f3
-/* 0x019c	 155 */		and	%o1,%g1,%i1
-/* 0x01a0	 152 */		add	%o2,16,%g4
-/* 0x01a4	 155 */		fmovs	%f0,%f4
-/* 0x01a8	     */		st	%i1,[%sp+2227]
-/* 0x01ac	 152 */		add	%o0,16,%o2
-/* 0x01b0	 156 */		st	%o3,[%sp+2223]
-/* 0x01b4	 154 */		sra	%i2,0,%o3
-/* 0x01b8	 152 */		add	%g4,16,%o1
-/* 0x01bc	 155 */		fsubd	%f4,%f0,%f4
-/* 0x01c0	     */		std	%f4,[%i0+%g4]
-/* 0x01c4	 152 */		add	%o0,32,%o0
-/* 0x01c8	 156 */		fsubd	%f2,%f0,%f2
-/* 0x01cc	     */		std	%f2,[%i0+%o2]
-/* 0x01d0	     */		sllx	%o3,2,%o2
-/* 0x01d4	 155 */		ld	[%sp+2227],%f5
-/* 0x01d8	 156 */		cmp	%i2,%g5
-/* 0x01dc	     */		add	%g2,6,%g2
-/* 0x01e0	     */		ld	[%sp+2223],%f3
-/* 0x01e4	     */		add	%g3,6,%g3
-/* 0x01e8	 155 */		fmovs	%f0,%f4
-/* 0x01ec	 156 */		fmovs	%f0,%f2
-/* 0x01f0	 155 */		fsubd	%f4,%f0,%f4
-/* 0x01f4	     */		std	%f4,[%i0+%o1]
-/* 0x01f8	 156 */		fsubd	%f2,%f0,%f0
-/* 0x01fc	     */		bg,pn	%icc,.L77000150
-/* 0x0200	     */		std	%f0,[%i0+%o0]
-                       .L77000154:
-/* 0x0204	 155 */		ldd	[%o5],%f0
-                       .L900000311:
-/* 0x0208	 154 */		ld	[%o7+%o2],%o0
-/* 0x020c	 155 */		sra	%g3,0,%o1
-/* 0x0210	     */		fmovs	%f0,%f2
-/* 0x0214	     */		sllx	%o1,3,%o2
-/* 0x0218	 156 */		add	%i2,1,%i2
-/* 0x021c	 155 */		and	%o0,%g1,%o1
-/* 0x0220	     */		st	%o1,[%sp+2227]
-/* 0x0224	 156 */		add	%g3,2,%g3
-/* 0x0228	     */		srl	%o0,16,%o1
-/* 0x022c	     */		cmp	%i2,%g5
-/* 0x0230	     */		sra	%g2,0,%o0
-/* 0x0234	     */		add	%g2,2,%g2
-/* 0x0238	     */		sllx	%o0,3,%o0
-/* 0x023c	 155 */		ld	[%sp+2227],%f3
-/* 0x0240	 154 */		sra	%i2,0,%o3
-/* 0x0244	 155 */		fsubd	%f2,%f0,%f2
-/* 0x0248	     */		std	%f2,[%i0+%o2]
-/* 0x024c	     */		sllx	%o3,2,%o2
-/* 0x0250	 156 */		st	%o1,[%sp+2223]
-/* 0x0254	     */		fmovs	%f0,%f2
-/* 0x0258	     */		ld	[%sp+2223],%f3
-/* 0x025c	     */		fsubd	%f2,%f0,%f0
-/* 0x0260	     */		std	%f0,[%i0+%o0]
-/* 0x0264	     */		ble,a,pt	%icc,.L900000311
-/* 0x0268	     */		ldd	[%o5],%f0
-                       .L77000150:
-/* 0x026c	     */		ret	! Result = 
-/* 0x0270	     */		restore	%g0,%g0,%g0
-/* 0x0274	   0 */		.type	conv_i32_to_d16,2
-/* 0x0274	     */		.size	conv_i32_to_d16,(.-conv_i32_to_d16)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! CONSTANT POOL
-!
-                       .L_const_seg_900000401:
-/* 000000	   0 */		.word	1127219200,0
-/* 0x0008	   0 */		.align	8
-/* 0x0008	     */		.skip	24
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global conv_i32_to_d32_and_d16
-                       conv_i32_to_d32_and_d16:
-/* 000000	     */		save	%sp,-192,%sp
-                       .L900000415:
-/* 0x0004	     */		call	.+8
-/* 0x0008	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
-
-!  157		      !   }
-!  158		      !}
-!  161		      !void conv_i32_to_d32_and_d16(double *d32, double *d16, 
-!  162		      !			     unsigned int *i32, int len)
-!  163		      !{
-!  164		      !int i = 0;
-!  165		      !unsigned int a;
-!  167		      !#pragma pipeloop(0)
-!  168		      !#ifdef RF_INLINE_MACROS
-!  169		      ! for(;i<len-3;i+=4)
-!  170		      !   {
-!  171		      !     i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-!  172		      !			  &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x000c	 172 */		sethi	%hi(Zero),%g2
-/* 0x0010	 163 */		add	%g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
-/* 0x0014	     */		or	%g0,%i3,%g5
-/* 0x0018	     */		add	%g3,%o7,%o3
-/* 0x001c	 172 */		add	%g2,%lo(Zero),%g2
-/* 0x0020	     */		ldx	[%o3+%g2],%o0
-/* 0x0024	     */		sethi	%hi(TwoToMinus16),%g3
-/* 0x0028	 163 */		or	%g0,%i0,%i3
-/* 0x002c	 169 */		sub	%g5,3,%o1
-/* 0x0030	 172 */		sethi	%hi(TwoTo16),%g4
-/* 0x0034	 163 */		or	%g0,%i2,%i0
-/* 0x0038	 172 */		add	%g3,%lo(TwoToMinus16),%g2
-/* 0x003c	     */		ldx	[%o3+%g2],%o2
-/* 0x0040	 169 */		cmp	%o1,0
-/* 0x0044	 164 */		or	%g0,0,%i2
-/* 0x0048	 169 */		ble,pt	%icc,.L900000418
-/* 0x004c	     */		cmp	%i2,%g5
-/* 0x0050	     */		ldd	[%o0],%f2
-/* 0x0054	 172 */		add	%g4,%lo(TwoTo16),%g3
-/* 0x0058	     */		ldx	[%o3+%g3],%o1
-/* 0x005c	 169 */		sub	%g5,4,%o4
-/* 0x0060	     */		or	%g0,0,%o5
-                       .L900000417:
-/* 0x0064	 172 */		sra	%i2,0,%g2
-/* 0x0068	     */		fmovd	%f2,%f14
-/* 0x006c	     */		ldd	[%o2],%f0
-/* 0x0070	     */		sllx	%g2,2,%g3
-/* 0x0074	     */		fmovd	%f2,%f10
-/* 0x0078	     */		ldd	[%o1],%f16
-/* 0x007c	     */		ld	[%g3+%i0],%f15
-/* 0x0080	     */		add	%i0,%g3,%g3
-/* 0x0084	     */		fmovd	%f2,%f6
-/* 0x0088	     */		ld	[%g3+4],%f11
-/* 0x008c	     */		sra	%o5,0,%g4
-/* 0x0090	     */		add	%i2,4,%i2
-/* 0x0094	     */		ld	[%g3+8],%f7
-/* 0x0098	     */		fxtod	%f14,%f14
-/* 0x009c	     */		sllx	%g2,3,%g2
-/* 0x00a0	     */		ld	[%g3+12],%f3
-/* 0x00a4	     */		fxtod	%f10,%f10
-/* 0x00a8	     */		sllx	%g4,3,%g3
-/* 0x00ac	     */		fxtod	%f6,%f6
-/* 0x00b0	     */		std	%f14,[%g2+%i3]
-/* 0x00b4	     */		add	%i3,%g2,%g4
-/* 0x00b8	     */		fxtod	%f2,%f2
-/* 0x00bc	     */		fmuld	%f0,%f14,%f12
-/* 0x00c0	     */		std	%f2,[%g4+24]
-/* 0x00c4	     */		fmuld	%f0,%f10,%f8
-/* 0x00c8	     */		std	%f10,[%g4+8]
-/* 0x00cc	     */		add	%i1,%g3,%g2
-/* 0x00d0	     */		fmuld	%f0,%f6,%f4
-/* 0x00d4	     */		std	%f6,[%g4+16]
-/* 0x00d8	     */		cmp	%i2,%o4
-/* 0x00dc	     */		fmuld	%f0,%f2,%f0
-/* 0x00e0	     */		fdtox	%f12,%f12
-/* 0x00e4	     */		add	%o5,8,%o5
-/* 0x00e8	     */		fdtox	%f8,%f8
-/* 0x00ec	     */		fdtox	%f4,%f4
-/* 0x00f0	     */		fdtox	%f0,%f0
-/* 0x00f4	     */		fxtod	%f12,%f12
-/* 0x00f8	     */		std	%f12,[%g2+8]
-/* 0x00fc	     */		fxtod	%f8,%f8
-/* 0x0100	     */		std	%f8,[%g2+24]
-/* 0x0104	     */		fxtod	%f4,%f4
-/* 0x0108	     */		std	%f4,[%g2+40]
-/* 0x010c	     */		fxtod	%f0,%f0
-/* 0x0110	     */		std	%f0,[%g2+56]
-/* 0x0114	     */		fmuld	%f12,%f16,%f12
-/* 0x0118	     */		fmuld	%f8,%f16,%f8
-/* 0x011c	     */		fmuld	%f4,%f16,%f4
-/* 0x0120	     */		fsubd	%f14,%f12,%f12
-/* 0x0124	     */		std	%f12,[%g3+%i1]
-/* 0x0128	     */		fmuld	%f0,%f16,%f0
-/* 0x012c	     */		fsubd	%f10,%f8,%f8
-/* 0x0130	     */		std	%f8,[%g2+16]
-/* 0x0134	     */		fsubd	%f6,%f4,%f4
-/* 0x0138	     */		std	%f4,[%g2+32]
-/* 0x013c	     */		fsubd	%f2,%f0,%f0
-/* 0x0140	     */		std	%f0,[%g2+48]
-/* 0x0144	     */		ble,a,pt	%icc,.L900000417
-/* 0x0148	     */		ldd	[%o0],%f2
-                       .L77000159:
-
-!  173		      !   }
-!  174		      !#endif
-!  175		      ! for(;i<len;i++)
-
-/* 0x014c	 175 */		cmp	%i2,%g5
-                       .L900000418:
-/* 0x0150	 175 */		bge,pt	%icc,.L77000164
-/* 0x0154	     */		nop
-
-!  176		      !   {
-!  177		      !     a=i32[i];
-!  178		      !     d32[i]=(double)(i32[i]);
-!  179		      !     d16[2*i]=(double)(a&0xffff);
-!  180		      !     d16[2*i+1]=(double)(a>>16);
-
-/* 0x0158	 180 */		sethi	%hi(.L_const_seg_900000401),%g2
-/* 0x015c	     */		add	%g2,%lo(.L_const_seg_900000401),%g2
-/* 0x0160	 175 */		sethi	%hi(0xfc00),%g3
-/* 0x0164	 180 */		ldx	[%o3+%g2],%g1
-/* 0x0168	 175 */		sll	%i2,1,%i4
-/* 0x016c	     */		sub	%g5,%i2,%g4
-/* 0x0170	 177 */		sra	%i2,0,%o3
-/* 0x0174	 175 */		add	%g3,1023,%g3
-/* 0x0178	 178 */		ldd	[%g1],%f2
-/* 0x017c	     */		sllx	%o3,2,%o2
-/* 0x0180	 175 */		add	%i4,1,%g2
-/* 0x0184	 177 */		or	%g0,%o3,%o1
-/* 0x0188	     */		cmp	%g4,6
-/* 0x018c	 175 */		bl,pn	%icc,.L77000161
-/* 0x0190	     */		sra	%i2,0,%o3
-/* 0x0194	 177 */		or	%g0,%o2,%o0
-/* 0x0198	 178 */		ld	[%i0+%o2],%f5
-/* 0x019c	 179 */		fmovs	%f2,%f8
-/* 0x01a0	 175 */		add	%o0,4,%o3
-/* 0x01a4	 177 */		ld	[%i0+%o0],%o7
-/* 0x01a8	 180 */		fmovs	%f2,%f6
-/* 0x01ac	 178 */		fmovs	%f2,%f4
-/* 0x01b0	     */		sllx	%o1,3,%o2
-/* 0x01b4	 175 */		add	%o3,4,%o5
-/* 0x01b8	 179 */		sra	%i4,0,%o0
-/* 0x01bc	 175 */		add	%o3,8,%o4
-/* 0x01c0	 178 */		fsubd	%f4,%f2,%f4
-/* 0x01c4	     */		std	%f4,[%i3+%o2]
-/* 0x01c8	 179 */		sllx	%o0,3,%i5
-/* 0x01cc	     */		and	%o7,%g3,%o0
-/* 0x01d0	     */		st	%o0,[%sp+2227]
-/* 0x01d4	 175 */		add	%i5,16,%o1
-/* 0x01d8	 180 */		srl	%o7,16,%g4
-/* 0x01dc	     */		add	%i2,1,%i2
-/* 0x01e0	     */		sra	%g2,0,%o0
-/* 0x01e4	 175 */		add	%o2,8,%o2
-/* 0x01e8	 179 */		fmovs	%f2,%f4
-/* 0x01ec	 180 */		sllx	%o0,3,%l0
-/* 0x01f0	     */		add	%i4,3,%g2
-/* 0x01f4	 179 */		ld	[%sp+2227],%f5
-/* 0x01f8	 175 */		add	%l0,16,%o0
-/* 0x01fc	 180 */		add	%i4,2,%i4
-/* 0x0200	 175 */		sub	%g5,1,%o7
-/* 0x0204	 180 */		add	%i2,3,%i2
-/* 0x0208	 179 */		fsubd	%f4,%f2,%f4
-/* 0x020c	     */		std	%f4,[%i1+%i5]
-/* 0x0210	 180 */		st	%g4,[%sp+2223]
-/* 0x0214	 177 */		ld	[%i0+%o3],%i5
-/* 0x0218	 180 */		fmovs	%f2,%f4
-/* 0x021c	     */		srl	%i5,16,%g4
-/* 0x0220	 179 */		and	%i5,%g3,%i5
-/* 0x0224	 180 */		ld	[%sp+2223],%f5
-/* 0x0228	     */		fsubd	%f4,%f2,%f4
-/* 0x022c	     */		std	%f4,[%i1+%l0]
-/* 0x0230	     */		st	%g4,[%sp+2223]
-/* 0x0234	 177 */		ld	[%i0+%o5],%g4
-/* 0x0238	 179 */		st	%i5,[%sp+2227]
-/* 0x023c	 178 */		fmovs	%f2,%f4
-/* 0x0240	 180 */		srl	%g4,16,%i5
-/* 0x0244	 179 */		and	%g4,%g3,%g4
-/* 0x0248	 180 */		ld	[%sp+2223],%f7
-/* 0x024c	     */		st	%i5,[%sp+2223]
-/* 0x0250	 178 */		ld	[%i0+%o3],%f5
-/* 0x0254	 180 */		fsubd	%f6,%f2,%f6
-/* 0x0258	 177 */		ld	[%i0+%o4],%o3
-/* 0x025c	 178 */		fsubd	%f4,%f2,%f4
-/* 0x0260	 179 */		ld	[%sp+2227],%f9
-/* 0x0264	 180 */		ld	[%sp+2223],%f1
-/* 0x0268	 179 */		st	%g4,[%sp+2227]
-/* 0x026c	     */		fsubd	%f8,%f2,%f8
-/* 0x0270	     */		std	%f8,[%i1+%o1]
-/* 0x0274	 180 */		std	%f6,[%i1+%o0]
-/* 0x0278	 178 */		std	%f4,[%i3+%o2]
-                       .L900000411:
-/* 0x027c	 179 */		ld	[%sp+2227],%f13
-/* 0x0280	 180 */		srl	%o3,16,%g4
-/* 0x0284	     */		add	%i2,2,%i2
-/* 0x0288	     */		st	%g4,[%sp+2223]
-/* 0x028c	     */		cmp	%i2,%o7
-/* 0x0290	     */		add	%g2,4,%g2
-/* 0x0294	 178 */		ld	[%i0+%o5],%f11
-/* 0x0298	 180 */		add	%i4,4,%i4
-/* 0x029c	 175 */		add	%o4,4,%o5
-/* 0x02a0	 177 */		ld	[%i0+%o5],%g4
-/* 0x02a4	 179 */		and	%o3,%g3,%o3
-/* 0x02a8	     */		st	%o3,[%sp+2227]
-/* 0x02ac	 180 */		fmovs	%f2,%f0
-/* 0x02b0	 179 */		fmovs	%f2,%f12
-/* 0x02b4	 180 */		fsubd	%f0,%f2,%f8
-/* 0x02b8	 179 */		fsubd	%f12,%f2,%f4
-/* 0x02bc	 175 */		add	%o1,16,%o1
-/* 0x02c0	 180 */		ld	[%sp+2223],%f7
-/* 0x02c4	 178 */		fmovs	%f2,%f10
-/* 0x02c8	 179 */		std	%f4,[%i1+%o1]
-/* 0x02cc	 175 */		add	%o0,16,%o0
-/* 0x02d0	 178 */		fsubd	%f10,%f2,%f4
-/* 0x02d4	 175 */		add	%o2,8,%o2
-/* 0x02d8	 180 */		std	%f8,[%i1+%o0]
-/* 0x02dc	 178 */		std	%f4,[%i3+%o2]
-/* 0x02e0	 179 */		ld	[%sp+2227],%f9
-/* 0x02e4	 180 */		srl	%g4,16,%o3
-/* 0x02e8	     */		st	%o3,[%sp+2223]
-/* 0x02ec	 178 */		ld	[%i0+%o4],%f5
-/* 0x02f0	 175 */		add	%o4,8,%o4
-/* 0x02f4	 177 */		ld	[%i0+%o4],%o3
-/* 0x02f8	 179 */		and	%g4,%g3,%g4
-/* 0x02fc	     */		st	%g4,[%sp+2227]
-/* 0x0300	 180 */		fmovs	%f2,%f6
-/* 0x0304	 179 */		fmovs	%f2,%f8
-/* 0x0308	 180 */		fsubd	%f6,%f2,%f6
-/* 0x030c	 179 */		fsubd	%f8,%f2,%f8
-/* 0x0310	 175 */		add	%o1,16,%o1
-/* 0x0314	 180 */		ld	[%sp+2223],%f1
-/* 0x0318	 178 */		fmovs	%f2,%f4
-/* 0x031c	 179 */		std	%f8,[%i1+%o1]
-/* 0x0320	 175 */		add	%o0,16,%o0
-/* 0x0324	 178 */		fsubd	%f4,%f2,%f4
-/* 0x0328	 175 */		add	%o2,8,%o2
-/* 0x032c	 180 */		std	%f6,[%i1+%o0]
-/* 0x0330	     */		bl,pt	%icc,.L900000411
-/* 0x0334	     */		std	%f4,[%i3+%o2]
-                       .L900000414:
-/* 0x0338	 180 */		srl	%o3,16,%o7
-/* 0x033c	     */		st	%o7,[%sp+2223]
-/* 0x0340	 179 */		fmovs	%f2,%f12
-/* 0x0344	 178 */		ld	[%i0+%o5],%f11
-/* 0x0348	 180 */		fmovs	%f2,%f0
-/* 0x034c	 179 */		and	%o3,%g3,%g4
-/* 0x0350	 180 */		fmovs	%f2,%f6
-/* 0x0354	 175 */		add	%o1,16,%o3
-/* 0x0358	     */		add	%o0,16,%o7
-/* 0x035c	 178 */		fmovs	%f2,%f10
-/* 0x0360	 175 */		add	%o2,8,%o2
-/* 0x0364	     */		add	%o1,32,%o5
-/* 0x0368	 179 */		ld	[%sp+2227],%f13
-/* 0x036c	 178 */		fmovs	%f2,%f4
-/* 0x0370	 175 */		add	%o0,32,%o1
-/* 0x0374	 180 */		ld	[%sp+2223],%f7
-/* 0x0378	 175 */		add	%o2,8,%o0
-/* 0x037c	 180 */		cmp	%i2,%g5
-/* 0x0380	 179 */		st	%g4,[%sp+2227]
-/* 0x0384	     */		fsubd	%f12,%f2,%f8
-/* 0x0388	 180 */		add	%g2,6,%g2
-/* 0x038c	 179 */		std	%f8,[%i1+%o3]
-/* 0x0390	 180 */		fsubd	%f0,%f2,%f0
-/* 0x0394	 177 */		sra	%i2,0,%o3
-/* 0x0398	 180 */		std	%f0,[%i1+%o7]
-/* 0x039c	 178 */		fsubd	%f10,%f2,%f0
-/* 0x03a0	 180 */		add	%i4,6,%i4
-/* 0x03a4	 178 */		std	%f0,[%i3+%o2]
-/* 0x03a8	     */		sllx	%o3,2,%o2
-/* 0x03ac	 179 */		ld	[%sp+2227],%f9
-/* 0x03b0	 178 */		ld	[%i0+%o4],%f5
-/* 0x03b4	 179 */		fmovs	%f2,%f8
-/* 0x03b8	     */		fsubd	%f8,%f2,%f0
-/* 0x03bc	     */		std	%f0,[%i1+%o5]
-/* 0x03c0	 180 */		fsubd	%f6,%f2,%f0
-/* 0x03c4	     */		std	%f0,[%i1+%o1]
-/* 0x03c8	 178 */		fsubd	%f4,%f2,%f0
-/* 0x03cc	 180 */		bge,pn	%icc,.L77000164
-/* 0x03d0	     */		std	%f0,[%i3+%o0]
-                       .L77000161:
-/* 0x03d4	 178 */		ldd	[%g1],%f2
-                       .L900000416:
-/* 0x03d8	 178 */		ld	[%i0+%o2],%f5
-/* 0x03dc	 179 */		sra	%i4,0,%o0
-/* 0x03e0	 180 */		add	%i2,1,%i2
-/* 0x03e4	 177 */		ld	[%i0+%o2],%o1
-/* 0x03e8	 178 */		sllx	%o3,3,%o3
-/* 0x03ec	 180 */		add	%i4,2,%i4
-/* 0x03f0	 178 */		fmovs	%f2,%f4
-/* 0x03f4	 179 */		sllx	%o0,3,%o4
-/* 0x03f8	 180 */		cmp	%i2,%g5
-/* 0x03fc	 179 */		and	%o1,%g3,%o0
-/* 0x0400	 178 */		fsubd	%f4,%f2,%f0
-/* 0x0404	     */		std	%f0,[%i3+%o3]
-/* 0x0408	 180 */		srl	%o1,16,%o1
-/* 0x040c	 179 */		st	%o0,[%sp+2227]
-/* 0x0410	 180 */		sra	%g2,0,%o0
-/* 0x0414	     */		add	%g2,2,%g2
-/* 0x0418	 177 */		sra	%i2,0,%o3
-/* 0x041c	 180 */		sllx	%o0,3,%o0
-/* 0x0420	 179 */		fmovs	%f2,%f4
-/* 0x0424	     */		sllx	%o3,2,%o2
-/* 0x0428	     */		ld	[%sp+2227],%f5
-/* 0x042c	     */		fsubd	%f4,%f2,%f0
-/* 0x0430	     */		std	%f0,[%i1+%o4]
-/* 0x0434	 180 */		st	%o1,[%sp+2223]
-/* 0x0438	     */		fmovs	%f2,%f4
-/* 0x043c	     */		ld	[%sp+2223],%f5
-/* 0x0440	     */		fsubd	%f4,%f2,%f0
-/* 0x0444	     */		std	%f0,[%i1+%o0]
-/* 0x0448	     */		bl,a,pt	%icc,.L900000416
-/* 0x044c	     */		ldd	[%g1],%f2
-                       .L77000164:
-/* 0x0450	     */		ret	! Result = 
-/* 0x0454	     */		restore	%g0,%g0,%g0
-/* 0x0458	   0 */		.type	conv_i32_to_d32_and_d16,2
-/* 0x0458	     */		.size	conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global adjust_montf_result
-                       adjust_montf_result:
-/* 000000	     */		save	%sp,-176,%sp
-/* 0x0004	     */		or	%g0,%i2,%o1
-/* 0x0008	     */		or	%g0,%i0,%i2
-
-!  181		      !   }
-!  182		      !}
-!  185		      !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-!  186		      !{
-!  187		      !long long acc;
-!  188		      !int i;
-!  190		      ! if(i32[len]>0) i=-1;
-
-/* 0x000c	 190 */		sra	%o1,0,%g2
-/* 0x0010	     */		or	%g0,-1,%o2
-/* 0x0014	     */		sllx	%g2,2,%g2
-/* 0x0018	     */		ld	[%i2+%g2],%g2
-/* 0x001c	     */		cmp	%g2,0
-/* 0x0020	     */		bleu,pn	%icc,.L77000175
-/* 0x0024	     */		or	%g0,%i1,%i0
-/* 0x0028	     */		ba	.L900000511
-/* 0x002c	     */		cmp	%o2,0
-                       .L77000175:
-
-!  191		      ! else
-!  192		      !   {
-!  193		      !     for(i=len-1; i>=0; i--)
-
-/* 0x0030	 193 */		sub	%o1,1,%o2
-/* 0x0034	     */		cmp	%o2,0
-/* 0x0038	     */		bl,pn	%icc,.L77000182
-/* 0x003c	     */		sra	%o2,0,%g2
-                       .L900000510:
-
-!  194		      !       {
-!  195		      !	 if(i32[i]!=nint[i]) break;
-
-/* 0x0040	 195 */		sllx	%g2,2,%g2
-/* 0x0044	     */		sub	%o2,1,%o0
-/* 0x0048	     */		ld	[%i1+%g2],%g3
-/* 0x004c	     */		ld	[%i2+%g2],%g2
-/* 0x0050	     */		cmp	%g2,%g3
-/* 0x0054	     */		bne,pn	%icc,.L77000182
-/* 0x0058	     */		nop
-/* 0x005c	   0 */		or	%g0,%o0,%o2
-/* 0x0060	 195 */		cmp	%o0,0
-/* 0x0064	     */		bge,pt	%icc,.L900000510
-/* 0x0068	     */		sra	%o2,0,%g2
-                       .L77000182:
-
-!  196		      !       }
-!  197		      !   }
-!  198		      ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x006c	 198 */		cmp	%o2,0
-                       .L900000511:
-/* 0x0070	 198 */		bl,pn	%icc,.L77000198
-/* 0x0074	     */		sra	%o2,0,%g2
-/* 0x0078	     */		sllx	%g2,2,%g2
-/* 0x007c	     */		ld	[%i1+%g2],%g3
-/* 0x0080	     */		ld	[%i2+%g2],%g2
-/* 0x0084	     */		cmp	%g2,%g3
-/* 0x0088	     */		bleu,pt	%icc,.L77000191
-/* 0x008c	     */		nop
-                       .L77000198:
-
-!  199		      !   {
-!  200		      !     acc=0;
-!  201		      !     for(i=0;i<len;i++)
-
-/* 0x0090	 201 */		cmp	%o1,0
-/* 0x0094	     */		ble,pt	%icc,.L77000191
-/* 0x0098	     */		nop
-/* 0x009c	 198 */		or	%g0,-1,%g2
-/* 0x00a0	 201 */		or	%g0,%o1,%g3
-/* 0x00a4	 198 */		srl	%g2,0,%g2
-/* 0x00a8	     */		sub	%o1,1,%g4
-/* 0x00ac	     */		cmp	%o1,9
-/* 0x00b0	 201 */		or	%g0,0,%i1
-/* 0x00b4	 200 */		or	%g0,0,%g5
-
-!  202		      !       {
-!  203		      !	 acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00b8	 203 */		or	%g0,0,%o1
-/* 0x00bc	 201 */		bl,pn	%icc,.L77000199
-/* 0x00c0	     */		sub	%g3,4,%o7
-/* 0x00c4	 203 */		ld	[%i2],%o1
-
-!  204		      !	 i32[i]=acc&0xffffffff;
-!  205		      !	 acc=acc>>32;
-
-/* 0x00c8	 205 */		or	%g0,5,%i1
-/* 0x00cc	 203 */		ld	[%i0],%o2
-/* 0x00d0	 201 */		or	%g0,8,%o5
-/* 0x00d4	     */		or	%g0,12,%o4
-/* 0x00d8	 203 */		ld	[%i0+4],%o3
-/* 0x00dc	 201 */		or	%g0,16,%g1
-/* 0x00e0	 203 */		ld	[%i2+4],%o0
-/* 0x00e4	 201 */		sub	%o1,%o2,%o1
-/* 0x00e8	 203 */		ld	[%i0+8],%i3
-/* 0x00ec	 204 */		and	%o1,%g2,%g5
-/* 0x00f0	     */		st	%g5,[%i2]
-/* 0x00f4	 205 */		srax	%o1,32,%g5
-/* 0x00f8	 201 */		sub	%o0,%o3,%o0
-/* 0x00fc	 203 */		ld	[%i0+12],%o2
-/* 0x0100	 201 */		add	%o0,%g5,%o0
-/* 0x0104	 204 */		and	%o0,%g2,%g5
-/* 0x0108	     */		st	%g5,[%i2+4]
-/* 0x010c	 205 */		srax	%o0,32,%o0
-/* 0x0110	 203 */		ld	[%i2+8],%o1
-/* 0x0114	     */		ld	[%i2+12],%o3
-/* 0x0118	 201 */		sub	%o1,%i3,%o1
-                       .L900000505:
-/* 0x011c	     */		add	%g1,4,%g3
-/* 0x0120	 203 */		ld	[%g1+%i2],%g5
-/* 0x0124	 201 */		add	%o1,%o0,%o0
-/* 0x0128	 203 */		ld	[%i0+%g1],%i3
-/* 0x012c	 201 */		sub	%o3,%o2,%o1
-/* 0x0130	 204 */		and	%o0,%g2,%o2
-/* 0x0134	     */		st	%o2,[%o5+%i2]
-/* 0x0138	 205 */		srax	%o0,32,%o2
-/* 0x013c	     */		add	%i1,4,%i1
-/* 0x0140	 201 */		add	%g1,8,%o5
-/* 0x0144	 203 */		ld	[%g3+%i2],%o0
-/* 0x0148	 201 */		add	%o1,%o2,%o1
-/* 0x014c	 203 */		ld	[%i0+%g3],%o3
-/* 0x0150	 201 */		sub	%g5,%i3,%o2
-/* 0x0154	 204 */		and	%o1,%g2,%g5
-/* 0x0158	     */		st	%g5,[%o4+%i2]
-/* 0x015c	 205 */		srax	%o1,32,%g5
-/* 0x0160	     */		cmp	%i1,%o7
-/* 0x0164	 201 */		add	%g1,12,%o4
-/* 0x0168	 203 */		ld	[%o5+%i2],%o1
-/* 0x016c	 201 */		add	%o2,%g5,%o2
-/* 0x0170	 203 */		ld	[%i0+%o5],%i3
-/* 0x0174	 201 */		sub	%o0,%o3,%o0
-/* 0x0178	 204 */		and	%o2,%g2,%o3
-/* 0x017c	     */		st	%o3,[%g1+%i2]
-/* 0x0180	 205 */		srax	%o2,32,%g5
-/* 0x0184	 203 */		ld	[%o4+%i2],%o3
-/* 0x0188	 201 */		add	%g1,16,%g1
-/* 0x018c	     */		add	%o0,%g5,%o0
-/* 0x0190	 203 */		ld	[%i0+%o4],%o2
-/* 0x0194	 201 */		sub	%o1,%i3,%o1
-/* 0x0198	 204 */		and	%o0,%g2,%g5
-/* 0x019c	     */		st	%g5,[%g3+%i2]
-/* 0x01a0	 205 */		ble,pt	%icc,.L900000505
-/* 0x01a4	     */		srax	%o0,32,%o0
-                       .L900000508:
-/* 0x01a8	     */		add	%o1,%o0,%g3
-/* 0x01ac	     */		sub	%o3,%o2,%o1
-/* 0x01b0	 203 */		ld	[%g1+%i2],%o0
-/* 0x01b4	     */		ld	[%i0+%g1],%o2
-/* 0x01b8	 205 */		srax	%g3,32,%o7
-/* 0x01bc	 204 */		and	%g3,%g2,%o3
-/* 0x01c0	 201 */		add	%o1,%o7,%o1
-/* 0x01c4	 204 */		st	%o3,[%o5+%i2]
-/* 0x01c8	 205 */		cmp	%i1,%g4
-/* 0x01cc	 201 */		sub	%o0,%o2,%o0
-/* 0x01d0	 204 */		and	%o1,%g2,%o2
-/* 0x01d4	     */		st	%o2,[%o4+%i2]
-/* 0x01d8	 205 */		srax	%o1,32,%o1
-/* 0x01dc	 203 */		sra	%i1,0,%o2
-/* 0x01e0	 201 */		add	%o0,%o1,%o0
-/* 0x01e4	 205 */		srax	%o0,32,%g5
-/* 0x01e8	 204 */		and	%o0,%g2,%o1
-/* 0x01ec	     */		st	%o1,[%g1+%i2]
-/* 0x01f0	 205 */		bg,pn	%icc,.L77000191
-/* 0x01f4	     */		sllx	%o2,2,%o1
-                       .L77000199:
-/* 0x01f8	   0 */		or	%g0,%o1,%g1
-                       .L900000509:
-/* 0x01fc	 203 */		ld	[%o1+%i2],%o0
-/* 0x0200	 205 */		add	%i1,1,%i1
-/* 0x0204	 203 */		ld	[%i0+%o1],%o1
-/* 0x0208	     */		sra	%i1,0,%o2
-/* 0x020c	 205 */		cmp	%i1,%g4
-/* 0x0210	 203 */		add	%g5,%o0,%o0
-/* 0x0214	     */		sub	%o0,%o1,%o0
-/* 0x0218	 205 */		srax	%o0,32,%g5
-/* 0x021c	 204 */		and	%o0,%g2,%o1
-/* 0x0220	     */		st	%o1,[%g1+%i2]
-/* 0x0224	     */		sllx	%o2,2,%o1
-/* 0x0228	 205 */		ble,pt	%icc,.L900000509
-/* 0x022c	     */		or	%g0,%o1,%g1
-                       .L77000191:
-/* 0x0230	     */		ret	! Result = 
-/* 0x0234	     */		restore	%g0,%g0,%g0
-/* 0x0238	   0 */		.type	adjust_montf_result,2
-/* 0x0238	     */		.size	adjust_montf_result,(.-adjust_montf_result)
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 */		.align	8
-/* 000000	     */		.skip	24
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION
-
-                       	.global mont_mulf_noconv
-                       mont_mulf_noconv:
-/* 000000	     */		save	%sp,-224,%sp
-                       .L900000643:
-/* 0x0004	     */		call	.+8
-/* 0x0008	     */		sethi	/*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
-/* 0x000c	     */		ldx	[%fp+2223],%l0
-
-!  206		      !       }
-!  207		      !   }
-!  208		      !}
-!  213		      !/*
-!  214		      !** the lengths of the input arrays should be at least the following:
-!  215		      !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-!  216		      !** all of them should be different from one another
-!  217		      !**
-!  218		      !*/
-!  219		      !void mont_mulf_noconv(unsigned int *result,
-!  220		      !		     double *dm1, double *dm2, double *dt,
-!  221		      !		     double *dn, unsigned int *nint,
-!  222		      !		     int nlen, double dn0)
-!  223		      !{
-!  224		      ! int i, j, jj;
-!  225		      ! int tmp;
-!  226		      ! double digit, m2j, nextm2j, a, b;
-!  227		      ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-!  229		      ! pdm1=&(dm1[0]);
-!  230		      ! pdm2=&(dm2[0]);
-!  231		      ! pdn=&(dn[0]);
-!  232		      ! pdm2[2*nlen]=Zero;
-
-/* 0x0010	 232 */		sethi	%hi(Zero),%g2
-/* 0x0014	 223 */		fmovd	%f14,%f30
-/* 0x0018	     */		add	%g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
-/* 0x001c	 232 */		add	%g2,%lo(Zero),%g2
-/* 0x0020	     */		sll	%l0,1,%o3
-/* 0x0024	 223 */		add	%g5,%o7,%o4
-/* 0x0028	 232 */		sra	%o3,0,%g5
-/* 0x002c	     */		ldx	[%o4+%g2],%o7
-
-!  234		      ! if (nlen!=16)
-!  235		      !   {
-!  236		      !     for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-!  238		      !     a=dt[0]=pdm1[0]*pdm2[0];
-!  239		      !     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-/* 0x0030	 239 */		sethi	%hi(TwoToMinus16),%g3
-/* 0x0034	     */		sethi	%hi(TwoTo16),%g4
-/* 0x0038	     */		add	%g3,%lo(TwoToMinus16),%g2
-/* 0x003c	 232 */		ldd	[%o7],%f0
-/* 0x0040	 239 */		add	%g4,%lo(TwoTo16),%g3
-/* 0x0044	 223 */		or	%g0,%i4,%o0
-/* 0x0048	 232 */		sllx	%g5,3,%g4
-/* 0x004c	 239 */		ldx	[%o4+%g2],%o5
-/* 0x0050	 223 */		or	%g0,%i5,%l3
-/* 0x0054	     */		or	%g0,%i0,%l2
-/* 0x0058	 239 */		ldx	[%o4+%g3],%o4
-/* 0x005c	 234 */		cmp	%l0,16
-/* 0x0060	 232 */		std	%f0,[%i2+%g4]
-/* 0x0064	 234 */		be,pn	%icc,.L77000279
-/* 0x0068	     */		or	%g0,%i3,%l4
-/* 0x006c	 236 */		sll	%l0,2,%g2
-/* 0x0070	 223 */		or	%g0,%o0,%i5
-/* 0x0074	 236 */		add	%g2,2,%o0
-/* 0x0078	 223 */		or	%g0,%i1,%i4
-/* 0x007c	 236 */		cmp	%o0,0
-/* 0x0080	 223 */		or	%g0,%i2,%l1
-/* 0x0084	 236 */		ble,a,pt	%icc,.L900000657
-/* 0x0088	     */		ldd	[%i1],%f6
-
-!  241		      !     pdtj=&(dt[0]);
-!  242		      !     for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-!  243		      !       {
-!  244		      !	 m2j=pdm2[j];
-!  245		      !	 a=pdtj[0]+pdn[0]*digit;
-!  246		      !	 b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-!  247		      !	 pdtj[1]=b;
-!  249		      !#pragma pipeloop(0)
-!  250		      !	 for(i=1;i<nlen;i++)
-!  251		      !	   {
-!  252		      !	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-!  253		      !	   }
-!  254		      ! 	 if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-!  255		      !	 
-!  256		      !	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  257		      !       }
-!  258		      !   }
-!  259		      ! else
-!  260		      !   {
-!  261		      !     a=dt[0]=pdm1[0]*pdm2[0];
-!  263		      !     dt[65]=     dt[64]=     dt[63]=     dt[62]=     dt[61]=     dt[60]=
-!  264		      !     dt[59]=     dt[58]=     dt[57]=     dt[56]=     dt[55]=     dt[54]=
-!  265		      !     dt[53]=     dt[52]=     dt[51]=     dt[50]=     dt[49]=     dt[48]=
-!  266		      !     dt[47]=     dt[46]=     dt[45]=     dt[44]=     dt[43]=     dt[42]=
-!  267		      !     dt[41]=     dt[40]=     dt[39]=     dt[38]=     dt[37]=     dt[36]=
-!  268		      !     dt[35]=     dt[34]=     dt[33]=     dt[32]=     dt[31]=     dt[30]=
-!  269		      !     dt[29]=     dt[28]=     dt[27]=     dt[26]=     dt[25]=     dt[24]=
-!  270		      !     dt[23]=     dt[22]=     dt[21]=     dt[20]=     dt[19]=     dt[18]=
-!  271		      !     dt[17]=     dt[16]=     dt[15]=     dt[14]=     dt[13]=     dt[12]=
-!  272		      !     dt[11]=     dt[10]=     dt[ 9]=     dt[ 8]=     dt[ 7]=     dt[ 6]=
-!  273		      !     dt[ 5]=     dt[ 4]=     dt[ 3]=     dt[ 2]=     dt[ 1]=Zero;
-!  275		      !     pdn_0=pdn[0];
-!  276		      !     pdm1_0=pdm1[0];
-!  278		      !     digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-!  279		      !     pdtj=&(dt[0]);
-!  281		      !     for(j=0;j<32;j++,pdtj++)
-
-/* 0x008c	 281 */		or	%g0,%o0,%o1
-/* 0x0090	 236 */		sub	%o0,1,%g1
-/* 0x0094	     */		or	%g0,0,%g2
-/* 0x0098	 281 */		cmp	%o1,5
-/* 0x009c	     */		bl,pn	%icc,.L77000280
-/* 0x00a0	     */		or	%g0,8,%o0
-/* 0x00a4	     */		std	%f0,[%i3]
-/* 0x00a8	     */		or	%g0,2,%g2
-/* 0x00ac	     */		sub	%g1,2,%o1
-                       .L900000627:
-/* 0x00b0	     */		add	%o0,8,%g3
-/* 0x00b4	     */		std	%f0,[%i3+%o0]
-/* 0x00b8	     */		add	%g2,3,%g2
-/* 0x00bc	     */		add	%o0,16,%o2
-/* 0x00c0	     */		std	%f0,[%i3+%g3]
-/* 0x00c4	     */		cmp	%g2,%o1
-/* 0x00c8	     */		add	%o0,24,%o0
-/* 0x00cc	     */		ble,pt	%icc,.L900000627
-/* 0x00d0	     */		std	%f0,[%i3+%o2]
-                       .L900000630:
-/* 0x00d4	     */		cmp	%g2,%g1
-/* 0x00d8	     */		bg,pn	%icc,.L77000285
-/* 0x00dc	     */		std	%f0,[%i3+%o0]
-                       .L77000280:
-/* 0x00e0	     */		ldd	[%o7],%f0
-                       .L900000656:
-/* 0x00e4	     */		sra	%g2,0,%o0
-/* 0x00e8	     */		add	%g2,1,%g2
-/* 0x00ec	     */		sllx	%o0,3,%o0
-/* 0x00f0	     */		cmp	%g2,%g1
-/* 0x00f4	     */		std	%f0,[%i3+%o0]
-/* 0x00f8	     */		ble,a,pt	%icc,.L900000656
-/* 0x00fc	     */		ldd	[%o7],%f0
-                       .L77000285:
-/* 0x0100	 238 */		ldd	[%i1],%f6
-                       .L900000657:
-/* 0x0104	 238 */		ldd	[%i2],%f8
-/* 0x0108	 242 */		cmp	%o3,0
-/* 0x010c	     */		sub	%o3,1,%o1
-/* 0x0110	 239 */		ldd	[%o7],%f10
-/* 0x0114	     */		add	%o3,1,%o2
-/* 0x0118	   0 */		or	%g0,0,%i2
-/* 0x011c	 238 */		fmuld	%f6,%f8,%f6
-/* 0x0120	     */		std	%f6,[%i3]
-/* 0x0124	   0 */		or	%g0,0,%g3
-/* 0x0128	 239 */		ldd	[%o5],%f8
-/* 0x012c	   0 */		or	%g0,%o2,%g1
-/* 0x0130	 236 */		sub	%l0,1,%i1
-/* 0x0134	 239 */		ldd	[%o4],%f12
-/* 0x0138	 236 */		or	%g0,1,%g4
-/* 0x013c	     */		fdtox	%f6,%f0
-/* 0x0140	     */		fmovs	%f10,%f0
-/* 0x0144	     */		fxtod	%f0,%f6
-/* 0x0148	 239 */		fmuld	%f6,%f14,%f6
-/* 0x014c	     */		fmuld	%f6,%f8,%f8
-/* 0x0150	     */		fdtox	%f8,%f8
-/* 0x0154	     */		fxtod	%f8,%f8
-/* 0x0158	     */		fmuld	%f8,%f12,%f8
-/* 0x015c	     */		fsubd	%f6,%f8,%f20
-/* 0x0160	 242 */		ble,pt	%icc,.L900000650
-/* 0x0164	     */		sllx	%g5,3,%g2
-/* 0x0168	   0 */		st	%o1,[%sp+2223]
-/* 0x016c	 246 */		ldd	[%i5],%f6
-                       .L900000651:
-/* 0x0170	 246 */		sra	%g4,0,%g2
-/* 0x0174	     */		fmuld	%f6,%f20,%f6
-/* 0x0178	     */		ldd	[%i3],%f12
-/* 0x017c	     */		sllx	%g2,3,%g2
-/* 0x0180	     */		ldd	[%i4],%f8
-/* 0x0184	 250 */		cmp	%l0,1
-/* 0x0188	 246 */		ldd	[%l1+%g2],%f10
-/* 0x018c	 244 */		sra	%i2,0,%g2
-/* 0x0190	     */		add	%i2,1,%i0
-/* 0x0194	 246 */		faddd	%f12,%f6,%f6
-/* 0x0198	     */		ldd	[%o5],%f12
-/* 0x019c	 244 */		sllx	%g2,3,%g2
-/* 0x01a0	 246 */		fmuld	%f8,%f10,%f8
-/* 0x01a4	     */		ldd	[%i3+8],%f10
-/* 0x01a8	     */		srl	%i2,31,%o3
-/* 0x01ac	 244 */		ldd	[%l1+%g2],%f18
-/* 0x01b0	   0 */		or	%g0,1,%l5
-/* 0x01b4	 236 */		or	%g0,2,%g2
-/* 0x01b8	 246 */		fmuld	%f6,%f12,%f6
-/* 0x01bc	 250 */		or	%g0,32,%o1
-/* 0x01c0	     */		or	%g0,48,%o2
-/* 0x01c4	 246 */		faddd	%f10,%f8,%f8
-/* 0x01c8	     */		faddd	%f8,%f6,%f16
-/* 0x01cc	 250 */		ble,pn	%icc,.L77000213
-/* 0x01d0	     */		std	%f16,[%i3+8]
-/* 0x01d4	     */		cmp	%i1,8
-/* 0x01d8	     */		sub	%l0,3,%o3
-/* 0x01dc	     */		bl,pn	%icc,.L77000284
-/* 0x01e0	     */		or	%g0,8,%o0
-/* 0x01e4	 252 */		ldd	[%i5+8],%f0
-/* 0x01e8	     */		or	%g0,6,%l5
-/* 0x01ec	     */		ldd	[%i4+8],%f2
-/* 0x01f0	     */		or	%g0,4,%g2
-/* 0x01f4	 250 */		or	%g0,40,%o0
-/* 0x01f8	 252 */		ldd	[%i5+16],%f8
-/* 0x01fc	     */		fmuld	%f0,%f20,%f10
-/* 0x0200	     */		ldd	[%i4+16],%f4
-/* 0x0204	     */		fmuld	%f2,%f18,%f2
-/* 0x0208	     */		ldd	[%i3+16],%f0
-/* 0x020c	     */		fmuld	%f8,%f20,%f12
-/* 0x0210	     */		ldd	[%i4+24],%f6
-/* 0x0214	     */		fmuld	%f4,%f18,%f4
-/* 0x0218	     */		ldd	[%i5+24],%f8
-/* 0x021c	     */		faddd	%f2,%f10,%f2
-/* 0x0220	     */		ldd	[%i4+32],%f14
-/* 0x0224	     */		fmuld	%f6,%f18,%f10
-/* 0x0228	     */		ldd	[%i5+32],%f6
-/* 0x022c	     */		faddd	%f4,%f12,%f4
-/* 0x0230	     */		ldd	[%i4+40],%f12
-/* 0x0234	     */		faddd	%f0,%f2,%f0
-/* 0x0238	     */		std	%f0,[%i3+16]
-/* 0x023c	     */		ldd	[%i3+32],%f0
-/* 0x0240	     */		ldd	[%i3+48],%f2
-                       .L900000639:
-/* 0x0244	     */		add	%o2,16,%l6
-/* 0x0248	 252 */		ldd	[%i5+%o0],%f22
-/* 0x024c	     */		add	%l5,3,%l5
-/* 0x0250	     */		fmuld	%f8,%f20,%f8
-/* 0x0254	 250 */		add	%o0,8,%o0
-/* 0x0258	 252 */		ldd	[%l6+%i3],%f26
-/* 0x025c	     */		cmp	%l5,%o3
-/* 0x0260	     */		ldd	[%i4+%o0],%f24
-/* 0x0264	     */		faddd	%f0,%f4,%f0
-/* 0x0268	     */		add	%g2,6,%g2
-/* 0x026c	     */		faddd	%f10,%f8,%f10
-/* 0x0270	     */		fmuld	%f14,%f18,%f4
-/* 0x0274	     */		std	%f0,[%o1+%i3]
-/* 0x0278	 250 */		add	%o2,32,%o1
-/* 0x027c	 252 */		ldd	[%i5+%o0],%f8
-/* 0x0280	     */		fmuld	%f6,%f20,%f6
-/* 0x0284	 250 */		add	%o0,8,%o0
-/* 0x0288	 252 */		ldd	[%o1+%i3],%f0
-/* 0x028c	     */		ldd	[%i4+%o0],%f14
-/* 0x0290	     */		faddd	%f2,%f10,%f2
-/* 0x0294	     */		faddd	%f4,%f6,%f10
-/* 0x0298	     */		fmuld	%f12,%f18,%f4
-/* 0x029c	     */		std	%f2,[%o2+%i3]
-/* 0x02a0	 250 */		add	%o2,48,%o2
-/* 0x02a4	 252 */		ldd	[%i5+%o0],%f6
-/* 0x02a8	     */		fmuld	%f22,%f20,%f22
-/* 0x02ac	 250 */		add	%o0,8,%o0
-/* 0x02b0	 252 */		ldd	[%o2+%i3],%f2
-/* 0x02b4	     */		ldd	[%i4+%o0],%f12
-/* 0x02b8	     */		faddd	%f26,%f10,%f10
-/* 0x02bc	     */		std	%f10,[%l6+%i3]
-/* 0x02c0	     */		fmuld	%f24,%f18,%f10
-/* 0x02c4	     */		ble,pt	%icc,.L900000639
-/* 0x02c8	     */		faddd	%f4,%f22,%f4
-                       .L900000642:
-/* 0x02cc	 252 */		fmuld	%f8,%f20,%f24
-/* 0x02d0	     */		faddd	%f0,%f4,%f8
-/* 0x02d4	 250 */		add	%o2,16,%o3
-/* 0x02d8	 252 */		ldd	[%o3+%i3],%f4
-/* 0x02dc	     */		fmuld	%f14,%f18,%f0
-/* 0x02e0	     */		cmp	%l5,%i1
-/* 0x02e4	     */		std	%f8,[%o1+%i3]
-/* 0x02e8	     */		fmuld	%f12,%f18,%f8
-/* 0x02ec	 250 */		add	%o2,32,%o1
-/* 0x02f0	 252 */		faddd	%f10,%f24,%f12
-/* 0x02f4	     */		ldd	[%i5+%o0],%f22
-/* 0x02f8	     */		fmuld	%f6,%f20,%f6
-/* 0x02fc	     */		add	%g2,8,%g2
-/* 0x0300	     */		fmuld	%f22,%f20,%f10
-/* 0x0304	     */		faddd	%f2,%f12,%f2
-/* 0x0308	     */		faddd	%f0,%f6,%f6
-/* 0x030c	     */		ldd	[%o1+%i3],%f0
-/* 0x0310	     */		std	%f2,[%o2+%i3]
-/* 0x0314	     */		faddd	%f8,%f10,%f2
-/* 0x0318	     */		sra	%l5,0,%o2
-/* 0x031c	     */		sllx	%o2,3,%o0
-/* 0x0320	     */		faddd	%f4,%f6,%f4
-/* 0x0324	     */		std	%f4,[%o3+%i3]
-/* 0x0328	     */		faddd	%f0,%f2,%f0
-/* 0x032c	     */		std	%f0,[%o1+%i3]
-/* 0x0330	     */		bg,a,pn	%icc,.L77000213
-/* 0x0334	     */		srl	%i2,31,%o3
-                       .L77000284:
-/* 0x0338	 252 */		ldd	[%i4+%o0],%f2
-                       .L900000655:
-/* 0x033c	 252 */		ldd	[%i5+%o0],%f0
-/* 0x0340	     */		fmuld	%f2,%f18,%f2
-/* 0x0344	     */		sra	%g2,0,%o0
-/* 0x0348	     */		sllx	%o0,3,%o1
-/* 0x034c	     */		add	%l5,1,%l5
-/* 0x0350	     */		fmuld	%f0,%f20,%f4
-/* 0x0354	     */		ldd	[%o1+%i3],%f0
-/* 0x0358	     */		sra	%l5,0,%o2
-/* 0x035c	     */		sllx	%o2,3,%o0
-/* 0x0360	     */		add	%g2,2,%g2
-/* 0x0364	     */		cmp	%l5,%i1
-/* 0x0368	     */		faddd	%f2,%f4,%f2
-/* 0x036c	     */		faddd	%f0,%f2,%f0
-/* 0x0370	     */		std	%f0,[%o1+%i3]
-/* 0x0374	     */		ble,a,pt	%icc,.L900000655
-/* 0x0378	     */		ldd	[%i4+%o0],%f2
-                       .L900000626:
-/* 0x037c	     */		srl	%i2,31,%o3
-/* 0x0380	 252 */		ba	.L900000654
-/* 0x0384	     */		cmp	%g3,30
-                       .L77000213:
-/* 0x0388	 254 */		cmp	%g3,30
-                       .L900000654:
-/* 0x038c	     */		add	%i2,%o3,%o0
-/* 0x0390	 254 */		bne,a,pt	%icc,.L900000653
-/* 0x0394	     */		fdtox	%f16,%f0
-/* 0x0398	 281 */		sra	%o0,1,%g2
-/* 0x039c	     */		add	%g2,1,%g2
-/* 0x03a0	     */		ldd	[%o7],%f0
-/* 0x03a4	     */		sll	%g2,1,%o1
-/* 0x03a8	     */		sll	%g1,1,%g2
-/* 0x03ac	     */		or	%g0,%o1,%o2
-/* 0x03b0	     */		fmovd	%f0,%f2
-/* 0x03b4	     */		or	%g0,%g2,%o0
-/* 0x03b8	     */		cmp	%o1,%o0
-/* 0x03bc	     */		sub	%g2,1,%o0
-/* 0x03c0	     */		bge,pt	%icc,.L77000215
-/* 0x03c4	     */		or	%g0,0,%g3
-/* 0x03c8	 254 */		add	%o1,1,%o1
-/* 0x03cc	 281 */		sra	%o2,0,%g2
-                       .L900000652:
-/* 0x03d0	     */		sllx	%g2,3,%g2
-/* 0x03d4	     */		ldd	[%o7],%f6
-/* 0x03d8	     */		add	%o2,2,%o2
-/* 0x03dc	     */		sra	%o1,0,%g3
-/* 0x03e0	     */		ldd	[%g2+%l4],%f8
-/* 0x03e4	     */		cmp	%o2,%o0
-/* 0x03e8	     */		sllx	%g3,3,%g3
-/* 0x03ec	     */		add	%o1,2,%o1
-/* 0x03f0	     */		ldd	[%l4+%g3],%f10
-/* 0x03f4	     */		fdtox	%f8,%f12
-/* 0x03f8	     */		fdtox	%f10,%f4
-/* 0x03fc	     */		fmovd	%f12,%f8
-/* 0x0400	     */		fmovs	%f6,%f12
-/* 0x0404	     */		fmovs	%f6,%f4
-/* 0x0408	     */		fxtod	%f12,%f6
-/* 0x040c	     */		fxtod	%f4,%f12
-/* 0x0410	     */		fdtox	%f10,%f4
-/* 0x0414	     */		faddd	%f6,%f2,%f6
-/* 0x0418	     */		std	%f6,[%g2+%l4]
-/* 0x041c	     */		faddd	%f12,%f0,%f6
-/* 0x0420	     */		std	%f6,[%l4+%g3]
-/* 0x0424	     */		fitod	%f8,%f2
-/* 0x0428	     */		fitod	%f4,%f0
-/* 0x042c	     */		ble,pt	%icc,.L900000652
-/* 0x0430	     */		sra	%o2,0,%g2
-                       .L77000233:
-/* 0x0434	     */		or	%g0,0,%g3
-                       .L77000215:
-/* 0x0438	     */		fdtox	%f16,%f0
-                       .L900000653:
-/* 0x043c	 256 */		ldd	[%o7],%f6
-/* 0x0440	     */		add	%g4,1,%g4
-/* 0x0444	     */		or	%g0,%i0,%i2
-/* 0x0448	     */		ldd	[%o5],%f8
-/* 0x044c	     */		add	%g3,1,%g3
-/* 0x0450	     */		add	%i3,8,%i3
-/* 0x0454	     */		fmovs	%f6,%f0
-/* 0x0458	     */		ldd	[%o4],%f10
-/* 0x045c	     */		ld	[%sp+2223],%o0
-/* 0x0460	     */		fxtod	%f0,%f6
-/* 0x0464	     */		cmp	%i0,%o0
-/* 0x0468	     */		fmuld	%f6,%f30,%f6
-/* 0x046c	     */		fmuld	%f6,%f8,%f8
-/* 0x0470	     */		fdtox	%f8,%f8
-/* 0x0474	     */		fxtod	%f8,%f8
-/* 0x0478	     */		fmuld	%f8,%f10,%f8
-/* 0x047c	     */		fsubd	%f6,%f8,%f20
-/* 0x0480	     */		ble,a,pt	%icc,.L900000651
-/* 0x0484	     */		ldd	[%i5],%f6
-                       .L900000625:
-/* 0x0488	 256 */		ba	.L900000650
-/* 0x048c	     */		sllx	%g5,3,%g2
-                       .L77000279:
-/* 0x0490	 261 */		ldd	[%i1],%f4
-/* 0x0494	     */		ldd	[%i2],%f6
-/* 0x0498	 273 */		std	%f0,[%i3+8]
-/* 0x049c	     */		std	%f0,[%i3+16]
-/* 0x04a0	 261 */		fmuld	%f4,%f6,%f6
-/* 0x04a4	     */		std	%f6,[%i3]
-/* 0x04a8	 273 */		std	%f0,[%i3+24]
-/* 0x04ac	     */		std	%f0,[%i3+32]
-/* 0x04b0	     */		fdtox	%f6,%f2
-/* 0x04b4	     */		std	%f0,[%i3+40]
-/* 0x04b8	     */		std	%f0,[%i3+48]
-/* 0x04bc	     */		std	%f0,[%i3+56]
-/* 0x04c0	     */		std	%f0,[%i3+64]
-/* 0x04c4	     */		fmovs	%f0,%f2
-/* 0x04c8	     */		std	%f0,[%i3+72]
-/* 0x04cc	     */		std	%f0,[%i3+80]
-/* 0x04d0	     */		std	%f0,[%i3+88]
-/* 0x04d4	     */		std	%f0,[%i3+96]
-/* 0x04d8	     */		std	%f0,[%i3+104]
-/* 0x04dc	     */		std	%f0,[%i3+112]
-/* 0x04e0	     */		std	%f0,[%i3+120]
-/* 0x04e4	     */		std	%f0,[%i3+128]
-/* 0x04e8	     */		std	%f0,[%i3+136]
-/* 0x04ec	     */		std	%f0,[%i3+144]
-/* 0x04f0	     */		std	%f0,[%i3+152]
-/* 0x04f4	     */		std	%f0,[%i3+160]
-/* 0x04f8	     */		std	%f0,[%i3+168]
-/* 0x04fc	     */		fxtod	%f2,%f6
-/* 0x0500	     */		std	%f0,[%i3+176]
-/* 0x0504	 281 */		or	%g0,1,%o2
-/* 0x0508	 273 */		std	%f0,[%i3+184]
-
-!  282		      !       {
-!  284		      !	 m2j=pdm2[j];
-!  285		      !	 a=pdtj[0]+pdn_0*digit;
-!  286		      !	 b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-
-/* 0x050c	 286 */		sra	%o2,0,%g2
-/* 0x0510	 279 */		or	%g0,%i3,%o3
-/* 0x0514	 273 */		std	%f0,[%i3+192]
-/* 0x0518	 278 */		fmuld	%f6,%f14,%f6
-/* 0x051c	 281 */		or	%g0,0,%g1
-/* 0x0520	 273 */		std	%f0,[%i3+200]
-/* 0x0524	     */		std	%f0,[%i3+208]
-/* 0x0528	     */		std	%f0,[%i3+216]
-/* 0x052c	     */		std	%f0,[%i3+224]
-/* 0x0530	     */		std	%f0,[%i3+232]
-/* 0x0534	     */		std	%f0,[%i3+240]
-/* 0x0538	     */		std	%f0,[%i3+248]
-/* 0x053c	     */		std	%f0,[%i3+256]
-/* 0x0540	     */		std	%f0,[%i3+264]
-/* 0x0544	     */		std	%f0,[%i3+272]
-/* 0x0548	     */		std	%f0,[%i3+280]
-/* 0x054c	     */		std	%f0,[%i3+288]
-/* 0x0550	     */		std	%f0,[%i3+296]
-/* 0x0554	     */		std	%f0,[%i3+304]
-/* 0x0558	     */		std	%f0,[%i3+312]
-/* 0x055c	     */		std	%f0,[%i3+320]
-/* 0x0560	     */		std	%f0,[%i3+328]
-/* 0x0564	     */		std	%f0,[%i3+336]
-/* 0x0568	     */		std	%f0,[%i3+344]
-/* 0x056c	     */		std	%f0,[%i3+352]
-/* 0x0570	     */		std	%f0,[%i3+360]
-/* 0x0574	     */		std	%f0,[%i3+368]
-/* 0x0578	     */		std	%f0,[%i3+376]
-/* 0x057c	     */		std	%f0,[%i3+384]
-/* 0x0580	     */		std	%f0,[%i3+392]
-/* 0x0584	     */		std	%f0,[%i3+400]
-/* 0x0588	     */		std	%f0,[%i3+408]
-/* 0x058c	     */		std	%f0,[%i3+416]
-/* 0x0590	     */		std	%f0,[%i3+424]
-/* 0x0594	     */		std	%f0,[%i3+432]
-/* 0x0598	     */		std	%f0,[%i3+440]
-/* 0x059c	     */		std	%f0,[%i3+448]
-/* 0x05a0	     */		std	%f0,[%i3+456]
-/* 0x05a4	     */		std	%f0,[%i3+464]
-/* 0x05a8	     */		std	%f0,[%i3+472]
-/* 0x05ac	     */		std	%f0,[%i3+480]
-/* 0x05b0	     */		std	%f0,[%i3+488]
-/* 0x05b4	     */		std	%f0,[%i3+496]
-/* 0x05b8	 278 */		ldd	[%o5],%f8
-/* 0x05bc	     */		ldd	[%o4],%f10
-/* 0x05c0	     */		fmuld	%f6,%f8,%f8
-/* 0x05c4	 273 */		std	%f0,[%i3+504]
-/* 0x05c8	     */		std	%f0,[%i3+512]
-/* 0x05cc	     */		std	%f0,[%i3+520]
-/* 0x05d0	     */		fdtox	%f8,%f8
-/* 0x05d4	 275 */		ldd	[%o0],%f0
-/* 0x05d8	     */		fxtod	%f8,%f8
-/* 0x05dc	     */		fmuld	%f8,%f10,%f8
-/* 0x05e0	     */		fsubd	%f6,%f8,%f2
-
-!  287		      !	 pdtj[1]=b;
-!  289		      !	 /**** this loop will be fully unrolled:
-!  290		      !	 for(i=1;i<16;i++)
-!  291		      !	   {
-!  292		      !	     pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-!  293		      !	   }
-!  294		      !	 *************************************/
-!  295		      !	     pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-!  296		      !	     pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-!  297		      !	     pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-!  298		      !	     pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-!  299		      !	     pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-!  300		      !	     pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-!  301		      !	     pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-!  302		      !	     pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-!  303		      !	     pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-!  304		      !	     pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-!  305		      !	     pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-!  306		      !	     pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-!  307		      !	     pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-!  308		      !	     pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-!  309		      !	     pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-!  310		      !	 /* no need for cleenup, cannot overflow */
-!  311		      !	 digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-
-	fmovd %f2,%f0		! hand modified
-	fmovd %f30,%f18		! hand modified
-	ldd [%o0],%f2
-	ldd [%o3],%f8
-	ldd [%i1],%f10
-	ldd [%o5],%f14		! hand modified
-	ldd [%o4],%f16		! hand modified
-	ldd [%i2],%f24
-
-	ldd [%i1+8],%f26
-	ldd [%i1+16],%f40
-	ldd [%i1+48],%f46
-	ldd [%i1+56],%f30
-	ldd [%i1+64],%f54
-	ldd [%i1+104],%f34
-	ldd [%i1+112],%f58
-
-	ldd [%o0+8],%f28	
-	ldd [%o0+104],%f38
-	ldd [%o0+112],%f60
-
-	.L99999999: 			!1
-	ldd	[%i1+24],%f32
-	fmuld	%f0,%f2,%f4 	!2
-	ldd	[%o0+24],%f36
-	fmuld	%f26,%f24,%f20 	!3
-	ldd	[%i1+40],%f42
-	fmuld	%f28,%f0,%f22 	!4
-	ldd	[%o0+40],%f44
-	fmuld	%f32,%f24,%f32 	!5
-	ldd	[%i2+8],%f6
-	faddd	%f4,%f8,%f4
-	fmuld	%f36,%f0,%f36 	!6
-	add	%i2,8,%i2
-	ldd	[%o0+56],%f50
-	fmuld	%f42,%f24,%f42 	!7
-	ldd	[%i1+72],%f52
-	faddd	%f20,%f22,%f20
-	fmuld	%f44,%f0,%f44 	!8
-	ldd	[%o3+16],%f22
-	fmuld	%f10,%f6,%f12 	!9
-	ldd	[%o0+72],%f56
-	faddd	%f32,%f36,%f32
-	fmuld	%f14,%f4,%f4 !10
-	ldd	[%o3+48],%f36
-	fmuld	%f30,%f24,%f48 	!11
-	ldd	[%o3+8],%f8
-	faddd	%f20,%f22,%f20
-	fmuld	%f50,%f0,%f50	!12
-	std	%f20,[%o3+16]
-	faddd	%f42,%f44,%f42
-	fmuld	%f52,%f24,%f52 	!13
-	ldd	[%o3+80],%f44
-	faddd	%f4,%f12,%f4
-	fmuld	%f56,%f0,%f56 	!14
-	ldd	[%i1+88],%f20
-	faddd	%f32,%f36,%f32 	!15
-	ldd	[%o0+88],%f22
-	faddd	%f48,%f50,%f48 	!16
-	ldd	[%o3+112],%f50
-	faddd	%f52,%f56,%f52 	!17
-	ldd	[%o3+144],%f56
-	faddd	%f4,%f8,%f8
-	fmuld	%f20,%f24,%f20 	!18
-	std	%f32,[%o3+48]
-	faddd	%f42,%f44,%f42
-	fmuld	%f22,%f0,%f22 	!19
-	std	%f42,[%o3+80]
-	faddd	%f48,%f50,%f48
-	fmuld	%f34,%f24,%f32 	!20
-	std	%f48,[%o3+112]
-	faddd	%f52,%f56,%f52
-	fmuld	%f38,%f0,%f36 	!21
-	ldd	[%i1+120],%f42
-	fdtox	%f8,%f4 		!22
-	std	%f52,[%o3+144]
-	faddd	%f20,%f22,%f20 	!23
-	ldd	[%o0+120],%f44 	!24
-	ldd	[%o3+176],%f22
-	faddd	%f32,%f36,%f32
-	fmuld	%f42,%f24,%f42 	!25
-	ldd	[%o0+16],%f50
-	fmovs	%f17,%f4 	!26
-	ldd	[%i1+32],%f52
-	fmuld	%f44,%f0,%f44 	!27
-	ldd	[%o0+32],%f56
-	fmuld	%f40,%f24,%f48 	!28
-	ldd	[%o3+208],%f36
-	faddd	%f20,%f22,%f20
-	fmuld	%f50,%f0,%f50 	!29
-	std	%f20,[%o3+176]
-	fxtod	%f4,%f4
-	fmuld	%f52,%f24,%f52 	!30
-	ldd	[%o0+48],%f22
-	faddd	%f42,%f44,%f42
-	fmuld	%f56,%f0,%f56 	!31
-	ldd	[%o3+240],%f44
-	faddd	%f32,%f36,%f32 	!32
-	std	%f32,[%o3+208]
-	faddd	%f48,%f50,%f48
-	fmuld	%f46,%f24,%f20 	!33
-	ldd	[%o3+32],%f50
-	fmuld	%f4,%f18,%f12 	!34
-	ldd	[%o0+64],%f36
-	faddd	%f52,%f56,%f52
-	fmuld	%f22,%f0,%f22 	!35
-	ldd	[%o3+64],%f56
-	faddd	%f42,%f44,%f42 	!36
-	std	%f42,[%o3+240]
-	faddd	%f48,%f50,%f48
-	fmuld	%f54,%f24,%f32 	!37
-	std	%f48,[%o3+32]
-	fmuld	%f12,%f14,%f4 !38
-	ldd	[%i1+80],%f42
-	faddd	%f52,%f56,%f56	! yes, tmp52!
-	fmuld	%f36,%f0,%f36 	!39
-	ldd	[%o0+80],%f44
-	faddd	%f20,%f22,%f20 	!40
-	ldd	[%i1+96],%f48
-	fmuld	%f58,%f24,%f52 	!41
-	ldd	[%o0+96],%f50
-	fdtox	%f4,%f4
-	fmuld	%f42,%f24,%f42 	!42
-	std	%f56,[%o3+64]	! yes, tmp52!
-	faddd	%f32,%f36,%f32
-	fmuld	%f44,%f0,%f44 	!43
-	ldd	[%o3+96],%f22
-	fmuld	%f48,%f24,%f48 	!44
-	ldd	[%o3+128],%f36
-	fmovd	%f6,%f24
-	fmuld	%f50,%f0,%f50 	!45
-	fxtod	%f4,%f4
-	fmuld	%f60,%f0,%f56 	!46
-	add	%o3,8,%o3
-	faddd	%f42,%f44,%f42 	!47
-	ldd	[%o3+160-8],%f44
-	faddd	%f20,%f22,%f20 	!48
-	std	%f20,[%o3+96-8]
-	faddd	%f48,%f50,%f48 	!49
-	ldd	[%o3+192-8],%f50
-	faddd	%f52,%f56,%f52
-	fmuld	%f4,%f16,%f4 	!50
-	ldd	[%o3+224-8],%f56
-	faddd	%f32,%f36,%f32 	!51
-	std	%f32,[%o3+128-8]
-	faddd	%f42,%f44,%f42 	!52
-	add	%g1,1,%g1
-	std	%f42,[%o3+160-8]
-	faddd	%f48,%f50,%f48 	!53
-	cmp	%g1,31
-	std	%f48,[%o3+192-8]
-	fsubd	%f12,%f4,%f0 	!54
-	faddd	%f52,%f56,%f52
-	ble,pt	%icc,.L99999999
-	std	%f52,[%o3+224-8] 	!55
-	std %f8,[%o3]
-!  312		      !       }
-!  313		      !   }
-!  315		      ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
-/* 0x0844	 315 */		sllx	%g5,3,%g2
-                       .L900000650:
-/* 0x0848	 315 */		ldd	[%g2+%l4],%f2
-/* 0x084c	     */		add	%l4,%g2,%o0
-/* 0x0850	     */		or	%g0,0,%g1
-/* 0x0854	     */		ldd	[%o0+8],%f4
-/* 0x0858	     */		or	%g0,0,%i2
-/* 0x085c	     */		cmp	%l0,0
-/* 0x0860	     */		fdtox	%f2,%f2
-/* 0x0864	     */		std	%f2,[%sp+2255]
-/* 0x0868	 311 */		sethi	%hi(0xfc00),%o3
-/* 0x086c	 315 */		fdtox	%f4,%f2
-/* 0x0870	     */		std	%f2,[%sp+2247]
-/* 0x0874	 311 */		or	%g0,-1,%o2
-/* 0x0878	     */		srl	%o2,0,%o5
-/* 0x087c	     */		or	%g0,2,%g5
-/* 0x0880	     */		sub	%l0,1,%g3
-/* 0x0884	     */		or	%g0,%o0,%o7
-/* 0x0888	     */		add	%o3,1023,%o4
-/* 0x088c	 315 */		or	%g0,64,%o3
-/* 0x0890	     */		ldx	[%sp+2255],%i0
-/* 0x0894	     */		sub	%l0,2,%o1
-/* 0x0898	     */		ldx	[%sp+2247],%i1
-/* 0x089c	     */		ble,pt	%icc,.L900000648
-/* 0x08a0	     */		sethi	%hi(0xfc00),%g2
-/* 0x08a4	     */		cmp	%l0,6
-/* 0x08a8	     */		and	%i0,%o5,%o2
-/* 0x08ac	     */		bl,pn	%icc,.L77000287
-/* 0x08b0	     */		or	%g0,3,%g4
-/* 0x08b4	     */		ldd	[%o7+16],%f0
-/* 0x08b8	     */		and	%i1,%o4,%i3
-/* 0x08bc	     */		sllx	%i3,16,%o0
-/* 0x08c0	     */		or	%g0,5,%g4
-/* 0x08c4	     */		srax	%i1,16,%i4
-/* 0x08c8	     */		fdtox	%f0,%f0
-/* 0x08cc	     */		std	%f0,[%sp+2239]
-/* 0x08d0	     */		srax	%i0,32,%i1
-/* 0x08d4	     */		add	%o2,%o0,%i5
-/* 0x08d8	     */		ldd	[%o7+24],%f0
-/* 0x08dc	     */		and	%i5,%o5,%l1
-/* 0x08e0	     */		or	%g0,72,%o2
-/* 0x08e4	     */		or	%g0,4,%o0
-/* 0x08e8	     */		or	%g0,4,%g5
-/* 0x08ec	     */		ldx	[%sp+2239],%g1
-/* 0x08f0	     */		fdtox	%f0,%f0
-/* 0x08f4	     */		or	%g0,4,%i2
-/* 0x08f8	     */		std	%f0,[%sp+2231]
-/* 0x08fc	     */		ldd	[%o7+40],%f2
-/* 0x0900	     */		and	%g1,%o5,%i3
-/* 0x0904	     */		ldd	[%o7+32],%f0
-/* 0x0908	     */		srax	%g1,32,%g1
-/* 0x090c	     */		ldd	[%o7+56],%f4
-/* 0x0910	     */		fdtox	%f2,%f2
-/* 0x0914	     */		ldx	[%sp+2231],%g2
-/* 0x0918	     */		fdtox	%f0,%f0
-/* 0x091c	     */		st	%l1,[%l2]
-/* 0x0920	     */		srax	%i5,32,%l1
-/* 0x0924	     */		fdtox	%f4,%f4
-/* 0x0928	     */		std	%f2,[%sp+2231]
-/* 0x092c	     */		and	%g2,%o4,%i5
-/* 0x0930	     */		add	%i4,%l1,%i4
-/* 0x0934	     */		std	%f0,[%sp+2239]
-/* 0x0938	     */		sllx	%i5,16,%i0
-/* 0x093c	     */		add	%i1,%i4,%i1
-/* 0x0940	     */		ldd	[%o7+48],%f2
-/* 0x0944	     */		srax	%g2,16,%g2
-/* 0x0948	     */		add	%i3,%i0,%i0
-/* 0x094c	     */		ldd	[%o7+72],%f0
-/* 0x0950	     */		add	%i0,%i1,%i3
-/* 0x0954	     */		srax	%i3,32,%i4
-/* 0x0958	     */		fdtox	%f2,%f2
-/* 0x095c	     */		and	%i3,%o5,%i3
-/* 0x0960	     */		ldx	[%sp+2231],%i1
-/* 0x0964	     */		add	%g2,%i4,%g2
-/* 0x0968	     */		ldx	[%sp+2239],%i0
-/* 0x096c	     */		add	%g1,%g2,%g1
-/* 0x0970	     */		std	%f2,[%sp+2239]
-/* 0x0974	     */		std	%f4,[%sp+2231]
-/* 0x0978	     */		ldd	[%o7+64],%f2
-/* 0x097c	     */		st	%i3,[%l2+4]
-                       .L900000631:
-/* 0x0980	     */		ldx	[%sp+2231],%i3
-/* 0x0984	     */		add	%i2,2,%i2
-/* 0x0988	     */		add	%g4,4,%g4
-/* 0x098c	     */		ldx	[%sp+2239],%i5
-/* 0x0990	     */		add	%o2,16,%o2
-/* 0x0994	     */		and	%i1,%o4,%g2
-/* 0x0998	     */		sllx	%g2,16,%i4
-/* 0x099c	     */		and	%i0,%o5,%g2
-/* 0x09a0	     */		ldd	[%o7+%o2],%f4
-/* 0x09a4	     */		fdtox	%f0,%f0
-/* 0x09a8	     */		std	%f0,[%sp+2231]
-/* 0x09ac	     */		srax	%i1,16,%i1
-/* 0x09b0	     */		add	%g2,%i4,%g2
-/* 0x09b4	     */		fdtox	%f2,%f0
-/* 0x09b8	     */		add	%o3,16,%o3
-/* 0x09bc	     */		std	%f0,[%sp+2239]
-/* 0x09c0	     */		add	%g2,%g1,%g1
-/* 0x09c4	     */		ldd	[%o7+%o3],%f2
-/* 0x09c8	     */		srax	%g1,32,%i4
-/* 0x09cc	     */		cmp	%i2,%o1
-/* 0x09d0	     */		srax	%i0,32,%g2
-/* 0x09d4	     */		add	%i1,%i4,%i0
-/* 0x09d8	     */		add	%g2,%i0,%i4
-/* 0x09dc	     */		add	%o0,4,%o0
-/* 0x09e0	     */		and	%g1,%o5,%g2
-/* 0x09e4	     */		or	%g0,%i5,%g1
-/* 0x09e8	     */		st	%g2,[%l2+%o0]
-/* 0x09ec	     */		add	%g5,4,%g5
-/* 0x09f0	     */		ldx	[%sp+2231],%i1
-/* 0x09f4	     */		ldx	[%sp+2239],%i0
-/* 0x09f8	     */		add	%o2,16,%o2
-/* 0x09fc	     */		and	%i3,%o4,%g2
-/* 0x0a00	     */		sllx	%g2,16,%i5
-/* 0x0a04	     */		and	%g1,%o5,%g2
-/* 0x0a08	     */		ldd	[%o7+%o2],%f0
-/* 0x0a0c	     */		fdtox	%f4,%f4
-/* 0x0a10	     */		std	%f4,[%sp+2231]
-/* 0x0a14	     */		srax	%i3,16,%i3
-/* 0x0a18	     */		add	%g2,%i5,%g2
-/* 0x0a1c	     */		fdtox	%f2,%f2
-/* 0x0a20	     */		add	%o3,16,%o3
-/* 0x0a24	     */		std	%f2,[%sp+2239]
-/* 0x0a28	     */		add	%g2,%i4,%g2
-/* 0x0a2c	     */		ldd	[%o7+%o3],%f2
-/* 0x0a30	     */		srax	%g2,32,%i4
-/* 0x0a34	     */		srax	%g1,32,%g1
-/* 0x0a38	     */		add	%i3,%i4,%i3
-/* 0x0a3c	     */		add	%g1,%i3,%g1
-/* 0x0a40	     */		add	%o0,4,%o0
-/* 0x0a44	     */		and	%g2,%o5,%g2
-/* 0x0a48	     */		ble,pt	%icc,.L900000631
-/* 0x0a4c	     */		st	%g2,[%l2+%o0]
-                       .L900000634:
-/* 0x0a50	     */		srax	%i1,16,%i5
-/* 0x0a54	     */		ldx	[%sp+2231],%o1
-/* 0x0a58	     */		and	%i1,%o4,%i3
-/* 0x0a5c	     */		sllx	%i3,16,%i3
-/* 0x0a60	     */		ldx	[%sp+2239],%i4
-/* 0x0a64	     */		and	%i0,%o5,%g2
-/* 0x0a68	     */		add	%g2,%i3,%g2
-/* 0x0a6c	     */		and	%o1,%o4,%i3
-/* 0x0a70	     */		fdtox	%f0,%f4
-/* 0x0a74	     */		sllx	%i3,16,%i3
-/* 0x0a78	     */		std	%f4,[%sp+2231]
-/* 0x0a7c	     */		add	%g2,%g1,%g2
-/* 0x0a80	     */		srax	%g2,32,%l1
-/* 0x0a84	     */		and	%i4,%o5,%i1
-/* 0x0a88	     */		fdtox	%f2,%f0
-/* 0x0a8c	     */		srax	%i0,32,%g1
-/* 0x0a90	     */		std	%f0,[%sp+2239]
-/* 0x0a94	     */		add	%i5,%l1,%i0
-/* 0x0a98	     */		srax	%o1,16,%o1
-/* 0x0a9c	     */		add	%g1,%i0,%i0
-/* 0x0aa0	     */		add	%o0,4,%g1
-/* 0x0aa4	     */		add	%i1,%i3,%o0
-/* 0x0aa8	     */		and	%g2,%o5,%g2
-/* 0x0aac	     */		st	%g2,[%l2+%g1]
-/* 0x0ab0	     */		add	%o0,%i0,%o0
-/* 0x0ab4	     */		srax	%o0,32,%i3
-/* 0x0ab8	     */		ldx	[%sp+2231],%i1
-/* 0x0abc	     */		add	%g1,4,%g1
-/* 0x0ac0	     */		ldx	[%sp+2239],%i0
-/* 0x0ac4	     */		and	%o0,%o5,%g2
-/* 0x0ac8	     */		add	%o1,%i3,%o1
-/* 0x0acc	     */		srax	%i4,32,%o0
-/* 0x0ad0	     */		cmp	%i2,%g3
-/* 0x0ad4	     */		st	%g2,[%l2+%g1]
-/* 0x0ad8	     */		bg,pn	%icc,.L77000236
-/* 0x0adc	     */		add	%o0,%o1,%g1
-/* 0x0ae0	     */		add	%g4,6,%g4
-/* 0x0ae4	     */		add	%g5,6,%g5
-                       .L77000287:
-/* 0x0ae8	     */		sra	%g5,0,%o1
-                       .L900000647:
-/* 0x0aec	     */		sllx	%o1,3,%o2
-/* 0x0af0	     */		and	%i0,%o5,%o0
-/* 0x0af4	     */		ldd	[%o7+%o2],%f0
-/* 0x0af8	     */		sra	%g4,0,%o2
-/* 0x0afc	     */		and	%i1,%o4,%o1
-/* 0x0b00	     */		sllx	%o2,3,%o2
-/* 0x0b04	     */		add	%g1,%o0,%o0
-/* 0x0b08	     */		fdtox	%f0,%f0
-/* 0x0b0c	     */		std	%f0,[%sp+2239]
-/* 0x0b10	     */		sllx	%o1,16,%o1
-/* 0x0b14	     */		add	%o0,%o1,%o1
-/* 0x0b18	     */		add	%g5,2,%g5
-/* 0x0b1c	     */		ldd	[%o7+%o2],%f0
-/* 0x0b20	     */		srax	%o1,32,%g1
-/* 0x0b24	     */		and	%o1,%o5,%o2
-/* 0x0b28	     */		srax	%i1,16,%o0
-/* 0x0b2c	     */		add	%g4,2,%g4
-/* 0x0b30	     */		fdtox	%f0,%f0
-/* 0x0b34	     */		std	%f0,[%sp+2231]
-/* 0x0b38	     */		sra	%i2,0,%o1
-/* 0x0b3c	     */		sllx	%o1,2,%o1
-/* 0x0b40	     */		add	%o0,%g1,%g2
-/* 0x0b44	     */		srax	%i0,32,%g1
-/* 0x0b48	     */		add	%i2,1,%i2
-/* 0x0b4c	     */		add	%g1,%g2,%g1
-/* 0x0b50	     */		cmp	%i2,%g3
-/* 0x0b54	     */		ldx	[%sp+2239],%o3
-/* 0x0b58	     */		ldx	[%sp+2231],%i1
-/* 0x0b5c	     */		st	%o2,[%l2+%o1]
-/* 0x0b60	     */		or	%g0,%o3,%i0
-/* 0x0b64	     */		ble,pt	%icc,.L900000647
-/* 0x0b68	     */		sra	%g5,0,%o1
-                       .L77000236:
-/* 0x0b6c	     */		sethi	%hi(0xfc00),%g2
-                       .L900000648:
-/* 0x0b70	     */		or	%g0,-1,%o0
-/* 0x0b74	     */		add	%g2,1023,%g2
-/* 0x0b78	     */		srl	%o0,0,%g3
-/* 0x0b7c	     */		and	%i1,%g2,%g2
-/* 0x0b80	     */		and	%i0,%g3,%g4
-/* 0x0b84	     */		sllx	%g2,16,%g2
-/* 0x0b88	     */		add	%g1,%g4,%g4
-/* 0x0b8c	     */		sra	%i2,0,%g5
-/* 0x0b90	     */		add	%g4,%g2,%g4
-/* 0x0b94	     */		sllx	%g5,2,%g2
-/* 0x0b98	     */		and	%g4,%g3,%g3
-/* 0x0b9c	     */		st	%g3,[%l2+%g2]
-
-!  317		      ! adjust_montf_result(result,nint,nlen); 
-
-/* 0x0ba0	 317 */		sra	%l0,0,%g4
-/* 0x0ba4	     */		sllx	%g4,2,%g2
-/* 0x0ba8	     */		ld	[%l2+%g2],%g2
-/* 0x0bac	     */		cmp	%g2,0
-/* 0x0bb0	     */		bleu,pn	%icc,.L77000241
-/* 0x0bb4	     */		or	%g0,-1,%o1
-/* 0x0bb8	     */		ba	.L900000646
-/* 0x0bbc	     */		cmp	%o1,0
-                       .L77000241:
-/* 0x0bc0	     */		sub	%l0,1,%o1
-/* 0x0bc4	     */		cmp	%o1,0
-/* 0x0bc8	     */		bl,pn	%icc,.L77000244
-/* 0x0bcc	     */		sra	%o1,0,%g2
-                       .L900000645:
-/* 0x0bd0	     */		sllx	%g2,2,%g2
-/* 0x0bd4	     */		sub	%o1,1,%o0
-/* 0x0bd8	     */		ld	[%l3+%g2],%g3
-/* 0x0bdc	     */		ld	[%l2+%g2],%g2
-/* 0x0be0	     */		cmp	%g2,%g3
-/* 0x0be4	     */		bne,pn	%icc,.L77000244
-/* 0x0be8	     */		nop
-/* 0x0bec	   0 */		or	%g0,%o0,%o1
-/* 0x0bf0	 317 */		cmp	%o0,0
-/* 0x0bf4	     */		bge,pt	%icc,.L900000645
-/* 0x0bf8	     */		sra	%o1,0,%g2
-                       .L77000244:
-/* 0x0bfc	     */		cmp	%o1,0
-                       .L900000646:
-/* 0x0c00	     */		bl,pn	%icc,.L77000288
-/* 0x0c04	     */		sra	%o1,0,%g2
-/* 0x0c08	     */		sllx	%g2,2,%g2
-/* 0x0c0c	     */		ld	[%l3+%g2],%g3
-/* 0x0c10	     */		ld	[%l2+%g2],%g2
-/* 0x0c14	     */		cmp	%g2,%g3
-/* 0x0c18	     */		bleu,pt	%icc,.L77000224
-/* 0x0c1c	     */		nop
-                       .L77000288:
-/* 0x0c20	     */		cmp	%l0,0
-/* 0x0c24	     */		ble,pt	%icc,.L77000224
-/* 0x0c28	     */		nop
-/* 0x0c2c	 317 */		or	%g0,-1,%g2
-/* 0x0c30	 315 */		or	%g0,0,%i0
-/* 0x0c34	 317 */		srl	%g2,0,%g2
-/* 0x0c38	 315 */		or	%g0,0,%g4
-/* 0x0c3c	     */		or	%g0,0,%o1
-/* 0x0c40	 317 */		sub	%l0,1,%g5
-/* 0x0c44	     */		cmp	%l0,9
-/* 0x0c48	 315 */		or	%g0,8,%o5
-/* 0x0c4c	     */		bl,pn	%icc,.L77000289
-/* 0x0c50	     */		sub	%l0,4,%o7
-/* 0x0c54	     */		ld	[%l2],%o1
-/* 0x0c58	     */		or	%g0,5,%i0
-/* 0x0c5c	     */		ld	[%l3],%o2
-/* 0x0c60	     */		or	%g0,12,%o4
-/* 0x0c64	     */		or	%g0,16,%g1
-/* 0x0c68	     */		ld	[%l3+4],%o3
-/* 0x0c6c	     */		ld	[%l2+4],%o0
-/* 0x0c70	     */		sub	%o1,%o2,%o1
-/* 0x0c74	     */		ld	[%l3+8],%i1
-/* 0x0c78	     */		and	%o1,%g2,%g4
-/* 0x0c7c	     */		st	%g4,[%l2]
-/* 0x0c80	     */		srax	%o1,32,%g4
-/* 0x0c84	     */		sub	%o0,%o3,%o0
-/* 0x0c88	     */		ld	[%l3+12],%o2
-/* 0x0c8c	     */		add	%o0,%g4,%o0
-/* 0x0c90	     */		and	%o0,%g2,%g4
-/* 0x0c94	     */		st	%g4,[%l2+4]
-/* 0x0c98	     */		srax	%o0,32,%o0
-/* 0x0c9c	     */		ld	[%l2+8],%o1
-/* 0x0ca0	     */		ld	[%l2+12],%o3
-/* 0x0ca4	     */		sub	%o1,%i1,%o1
-                       .L900000635:
-/* 0x0ca8	     */		add	%g1,4,%g3
-/* 0x0cac	     */		ld	[%g1+%l2],%g4
-/* 0x0cb0	     */		add	%o1,%o0,%o0
-/* 0x0cb4	     */		ld	[%l3+%g1],%i1
-/* 0x0cb8	     */		sub	%o3,%o2,%o1
-/* 0x0cbc	     */		and	%o0,%g2,%o2
-/* 0x0cc0	     */		st	%o2,[%o5+%l2]
-/* 0x0cc4	     */		srax	%o0,32,%o2
-/* 0x0cc8	     */		add	%i0,4,%i0
-/* 0x0ccc	     */		add	%g1,8,%o5
-/* 0x0cd0	     */		ld	[%g3+%l2],%o0
-/* 0x0cd4	     */		add	%o1,%o2,%o1
-/* 0x0cd8	     */		ld	[%l3+%g3],%o3
-/* 0x0cdc	     */		sub	%g4,%i1,%o2
-/* 0x0ce0	     */		and	%o1,%g2,%g4
-/* 0x0ce4	     */		st	%g4,[%o4+%l2]
-/* 0x0ce8	     */		srax	%o1,32,%g4
-/* 0x0cec	     */		cmp	%i0,%o7
-/* 0x0cf0	     */		add	%g1,12,%o4
-/* 0x0cf4	     */		ld	[%o5+%l2],%o1
-/* 0x0cf8	     */		add	%o2,%g4,%o2
-/* 0x0cfc	     */		ld	[%l3+%o5],%i1
-/* 0x0d00	     */		sub	%o0,%o3,%o0
-/* 0x0d04	     */		and	%o2,%g2,%o3
-/* 0x0d08	     */		st	%o3,[%g1+%l2]
-/* 0x0d0c	     */		srax	%o2,32,%g4
-/* 0x0d10	     */		ld	[%o4+%l2],%o3
-/* 0x0d14	     */		add	%g1,16,%g1
-/* 0x0d18	     */		add	%o0,%g4,%o0
-/* 0x0d1c	     */		ld	[%l3+%o4],%o2
-/* 0x0d20	     */		sub	%o1,%i1,%o1
-/* 0x0d24	     */		and	%o0,%g2,%g4
-/* 0x0d28	     */		st	%g4,[%g3+%l2]
-/* 0x0d2c	     */		ble,pt	%icc,.L900000635
-/* 0x0d30	     */		srax	%o0,32,%o0
-                       .L900000638:
-/* 0x0d34	     */		add	%o1,%o0,%g3
-/* 0x0d38	     */		sub	%o3,%o2,%o1
-/* 0x0d3c	     */		ld	[%g1+%l2],%o0
-/* 0x0d40	     */		ld	[%l3+%g1],%o2
-/* 0x0d44	     */		srax	%g3,32,%o7
-/* 0x0d48	     */		and	%g3,%g2,%o3
-/* 0x0d4c	     */		add	%o1,%o7,%o1
-/* 0x0d50	     */		st	%o3,[%o5+%l2]
-/* 0x0d54	     */		cmp	%i0,%g5
-/* 0x0d58	     */		sub	%o0,%o2,%o0
-/* 0x0d5c	     */		and	%o1,%g2,%o2
-/* 0x0d60	     */		st	%o2,[%o4+%l2]
-/* 0x0d64	     */		srax	%o1,32,%o1
-/* 0x0d68	     */		sra	%i0,0,%o2
-/* 0x0d6c	     */		add	%o0,%o1,%o0
-/* 0x0d70	     */		srax	%o0,32,%g4
-/* 0x0d74	     */		and	%o0,%g2,%o1
-/* 0x0d78	     */		st	%o1,[%g1+%l2]
-/* 0x0d7c	     */		bg,pn	%icc,.L77000224
-/* 0x0d80	     */		sllx	%o2,2,%o1
-                       .L77000289:
-/* 0x0d84	   0 */		or	%g0,%o1,%g1
-                       .L900000644:
-/* 0x0d88	     */		ld	[%o1+%l2],%o0
-/* 0x0d8c	     */		add	%i0,1,%i0
-/* 0x0d90	     */		ld	[%l3+%o1],%o1
-/* 0x0d94	     */		sra	%i0,0,%o2
-/* 0x0d98	     */		cmp	%i0,%g5
-/* 0x0d9c	     */		add	%g4,%o0,%o0
-/* 0x0da0	     */		sub	%o0,%o1,%o0
-/* 0x0da4	     */		srax	%o0,32,%g4
-/* 0x0da8	     */		and	%o0,%g2,%o1
-/* 0x0dac	     */		st	%o1,[%g1+%l2]
-/* 0x0db0	     */		sllx	%o2,2,%o1
-/* 0x0db4	     */		ble,pt	%icc,.L900000644
-/* 0x0db8	     */		or	%g0,%o1,%g1
-                       .L77000224:
-/* 0x0dbc	     */		ret	! Result = 
-/* 0x0dc0	     */		restore	%g0,%g0,%g0
-/* 0x0dc4	   0 */		.type	mont_mulf_noconv,2
-/* 0x0dc4	     */		.size	mont_mulf_noconv,(.-mont_mulf_noconv)
-
diff --git a/security/nss/lib/freebl/mpi/mpi-config.h b/security/nss/lib/freebl/mpi/mpi-config.h
deleted file mode 100644
index bf573e254..000000000
--- a/security/nss/lib/freebl/mpi/mpi-config.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/* Default configuration for MPI library 
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* $Id$ */
-
-#ifndef MPI_CONFIG_H_
-#define MPI_CONFIG_H_
-
-/*
-  For boolean options, 
-  0 = no
-  1 = yes
-
-  Other options are documented individually.
-
- */
-
-#ifndef MP_IOFUNC
-#define MP_IOFUNC     0  /* include mp_print() ?                */
-#endif
-
-#ifndef MP_MODARITH
-#define MP_MODARITH   1  /* include modular arithmetic ?        */
-#endif
-
-#ifndef MP_NUMTH
-#define MP_NUMTH      1  /* include number theoretic functions? */
-#endif
-
-#ifndef MP_LOGTAB
-#define MP_LOGTAB     1  /* use table of logs instead of log()? */
-#endif
-
-#ifndef MP_MEMSET
-#define MP_MEMSET     1  /* use memset() to zero buffers?       */
-#endif
-
-#ifndef MP_MEMCPY
-#define MP_MEMCPY     1  /* use memcpy() to copy buffers?       */
-#endif
-
-#ifndef MP_CRYPTO
-#define MP_CRYPTO     1  /* erase memory on free?               */
-#endif
-
-#ifndef MP_ARGCHK
-/*
-  0 = no parameter checks
-  1 = runtime checks, continue execution and return an error to caller
-  2 = assertions; dump core on parameter errors
- */
-#ifdef DEBUG
-#define MP_ARGCHK     2  /* how to check input arguments        */
-#else
-#define MP_ARGCHK     1  /* how to check input arguments        */
-#endif
-#endif
-
-#ifndef MP_DEBUG
-#define MP_DEBUG      0  /* print diagnostic output?            */
-#endif
-
-#ifndef MP_DEFPREC
-#define MP_DEFPREC    64 /* default precision, in digits        */
-#endif
-
-#ifndef MP_MACRO
-#define MP_MACRO      0  /* use macros for frequent calls?      */
-#endif
-
-#ifndef MP_SQUARE
-#define MP_SQUARE     1  /* use separate squaring code?         */
-#endif
-
-#endif /* ifndef MPI_CONFIG_H_ */
-
-
diff --git a/security/nss/lib/freebl/mpi/mpi-priv.h b/security/nss/lib/freebl/mpi/mpi-priv.h
deleted file mode 100644
index eaa683a77..000000000
--- a/security/nss/lib/freebl/mpi/mpi-priv.h
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- *  mpi-priv.h	- Private header file for MPI 
- *  Arbitrary precision integer arithmetic library
- *
- *  NOTE WELL: the content of this header file is NOT part of the "public"
- *  API for the MPI library, and may change at any time.  
- *  Application programs that use libmpi should NOT include this header file.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation 
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-#ifndef _MPI_PRIV_H_
-#define _MPI_PRIV_H_ 1
-
-#include "mpi.h"
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-
-#if MP_DEBUG
-#include <stdio.h>
-
-#define DIAG(T,V) {fprintf(stderr,T);mp_print(V,stderr);fputc('\n',stderr);}
-#else
-#define DIAG(T,V)
-#endif
-
-/* If we aren't using a wired-in logarithm table, we need to include
-   the math library to get the log() function
- */
-
-/* {{{ s_logv_2[] - log table for 2 in various bases */
-
-#if MP_LOGTAB
-/*
-  A table of the logs of 2 for various bases (the 0 and 1 entries of
-  this table are meaningless and should not be referenced).  
-
-  This table is used to compute output lengths for the mp_toradix()
-  function.  Since a number n in radix r takes up about log_r(n)
-  digits, we estimate the output size by taking the least integer
-  greater than log_r(n), where:
-
-  log_r(n) = log_2(n) * log_r(2)
-
-  This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
-  which are the output bases supported.  
- */
-
-extern const float s_logv_2[];
-#define LOG_V_2(R)  s_logv_2[(R)]
-
-#else
-
-/* 
-   If MP_LOGTAB is not defined, use the math library to compute the
-   logarithms on the fly.  Otherwise, use the table.
-   Pick which works best for your system.
- */
-
-#include <math.h>
-#define LOG_V_2(R)  (log(2.0)/log(R))
-
-#endif /* if MP_LOGTAB */
-
-/* }}} */
-
-/* {{{ Digit arithmetic macros */
-
-/*
-  When adding and multiplying digits, the results can be larger than
-  can be contained in an mp_digit.  Thus, an mp_word is used.  These
-  macros mask off the upper and lower digits of the mp_word (the
-  mp_word may be more than 2 mp_digits wide, but we only concern
-  ourselves with the low-order 2 mp_digits)
- */
-
-#define  CARRYOUT(W)  (mp_digit)((W)>>DIGIT_BIT)
-#define  ACCUM(W)     (mp_digit)(W)
-
-#define MP_MIN(a,b)   (((a) < (b)) ? (a) : (b))
-#define MP_MAX(a,b)   (((a) > (b)) ? (a) : (b))
-#define MP_HOWMANY(a,b) (((a) + (b) - 1)/(b))
-#define MP_ROUNDUP(a,b) (MP_HOWMANY(a,b) * (b))
-
-/* }}} */
-
-/* {{{ Comparison constants */
-
-#define  MP_LT       -1
-#define  MP_EQ        0
-#define  MP_GT        1
-
-/* }}} */
-
-/* {{{ private function declarations */
-
-/* 
-   If MP_MACRO is false, these will be defined as actual functions;
-   otherwise, suitable macro definitions will be used.  This works
-   around the fact that ANSI C89 doesn't support an 'inline' keyword
-   (although I hear C9x will ... about bloody time).  At present, the
-   macro definitions are identical to the function bodies, but they'll
-   expand in place, instead of generating a function call.
-
-   I chose these particular functions to be made into macros because
-   some profiling showed they are called a lot on a typical workload,
-   and yet they are primarily housekeeping.
- */
-#if MP_MACRO == 0
- void     s_mp_setz(mp_digit *dp, mp_size count); /* zero digits           */
- void     s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count); /* copy */
- void    *s_mp_alloc(size_t nb, size_t ni);       /* general allocator     */
- void     s_mp_free(void *ptr);                   /* general free function */
-extern unsigned long mp_allocs;
-extern unsigned long mp_frees;
-extern unsigned long mp_copies;
-#else
-
- /* Even if these are defined as macros, we need to respect the settings
-    of the MP_MEMSET and MP_MEMCPY configuration options...
-  */
- #if MP_MEMSET == 0
-  #define  s_mp_setz(dp, count) \
-       {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=0;}
- #else
-  #define  s_mp_setz(dp, count) memset(dp, 0, (count) * sizeof(mp_digit))
- #endif /* MP_MEMSET */
-
- #if MP_MEMCPY == 0
-  #define  s_mp_copy(sp, dp, count) \
-       {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=(sp)[ix];}
- #else
-  #define  s_mp_copy(sp, dp, count) memcpy(dp, sp, (count) * sizeof(mp_digit))
- #endif /* MP_MEMCPY */
-
- #define  s_mp_alloc(nb, ni)  calloc(nb, ni)
- #define  s_mp_free(ptr) {if(ptr) free(ptr);}
-#endif /* MP_MACRO */
-
-mp_err   s_mp_grow(mp_int *mp, mp_size min);   /* increase allocated size */
-mp_err   s_mp_pad(mp_int *mp, mp_size min);    /* left pad with zeroes    */
-
-#if MP_MACRO == 0
- void     s_mp_clamp(mp_int *mp);               /* clip leading zeroes     */
-#else
- #define  s_mp_clamp(mp)\
-  { mp_size used = MP_USED(mp); \
-    while (used > 1 && DIGIT(mp, used - 1) == 0) --used; \
-    MP_USED(mp) = used; \
-  } 
-#endif /* MP_MACRO */
-
-void     s_mp_exch(mp_int *a, mp_int *b);      /* swap a and b in place   */
-
-mp_err   s_mp_lshd(mp_int *mp, mp_size p);     /* left-shift by p digits  */
-void     s_mp_rshd(mp_int *mp, mp_size p);     /* right-shift by p digits */
-mp_err   s_mp_mul_2d(mp_int *mp, mp_digit d);  /* multiply by 2^d in place */
-void     s_mp_div_2d(mp_int *mp, mp_digit d);  /* divide by 2^d in place  */
-void     s_mp_mod_2d(mp_int *mp, mp_digit d);  /* modulo 2^d in place     */
-void     s_mp_div_2(mp_int *mp);               /* divide by 2 in place    */
-mp_err   s_mp_mul_2(mp_int *mp);               /* multiply by 2 in place  */
-mp_err   s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd); 
-                                               /* normalize for division  */
-mp_err   s_mp_add_d(mp_int *mp, mp_digit d);   /* unsigned digit addition */
-mp_err   s_mp_sub_d(mp_int *mp, mp_digit d);   /* unsigned digit subtract */
-mp_err   s_mp_mul_d(mp_int *mp, mp_digit d);   /* unsigned digit multiply */
-mp_err   s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r);
-		                               /* unsigned digit divide   */
-mp_err   s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu);
-                                               /* Barrett reduction       */
-mp_err   s_mp_add(mp_int *a, const mp_int *b); /* magnitude addition      */
-mp_err   s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err   s_mp_sub(mp_int *a, const mp_int *b); /* magnitude subtract      */
-mp_err   s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err   s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset);
-                                               /* a += b * RADIX^offset   */
-mp_err   s_mp_mul(mp_int *a, const mp_int *b); /* magnitude multiply      */
-#if MP_SQUARE
-mp_err   s_mp_sqr(mp_int *a);                  /* magnitude square        */
-#else
-#define  s_mp_sqr(a) s_mp_mul(a, a)
-#endif
-mp_err   s_mp_div(mp_int *rem, mp_int *div, mp_int *quot); /* magnitude div */
-mp_err   s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err   s_mp_2expt(mp_int *a, mp_digit k);    /* a = 2^k                 */
-int      s_mp_cmp(const mp_int *a, const mp_int *b); /* magnitude comparison */
-int      s_mp_cmp_d(const mp_int *a, mp_digit d); /* magnitude digit compare */
-int      s_mp_ispow2(const mp_int *v);         /* is v a power of 2?      */
-int      s_mp_ispow2d(mp_digit d);             /* is d a power of 2?      */
-
-int      s_mp_tovalue(char ch, int r);          /* convert ch to value    */
-char     s_mp_todigit(mp_digit val, int r, int low); /* convert val to digit */
-int      s_mp_outlen(int bits, int r);          /* output length in bytes */
-mp_digit s_mp_invmod_radix(mp_digit P);   /* returns (P ** -1) mod RADIX */
-mp_err   s_mp_invmod_odd_m( const mp_int *a, const mp_int *m, mp_int *c);
-mp_err   s_mp_invmod_2d(    const mp_int *a, mp_size k,       mp_int *c);
-mp_err   s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c);
-
-/* ------ mpv functions, operate on arrays of digits, not on mp_int's ------ */
-#if defined (__OS2__) && defined (__IBMC__)
-#define MPI_ASM_DECL __cdecl
-#else
-#define MPI_ASM_DECL
-#endif
-
-void     MPI_ASM_DECL s_mpv_mul_d(const mp_digit *a, mp_size a_len,
-                                        mp_digit b, mp_digit *c);
-void     MPI_ASM_DECL s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
-                                            mp_digit b, mp_digit *c);
-void     MPI_ASM_DECL s_mpv_mul_d_add_prop(const mp_digit *a,
-                                                mp_size a_len, mp_digit b, 
-			                        mp_digit *c);
-void     MPI_ASM_DECL s_mpv_sqr_add_prop(const mp_digit *a,
-                                                mp_size a_len,
-                                                mp_digit *sqrs);
-
-mp_err   MPI_ASM_DECL s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo,
-                            mp_digit divisor, mp_digit *quot, mp_digit *rem);
-
-/* c += a * b * (MP_RADIX ** offset);  */
-#define s_mp_mul_d_add_offset(a, b, c, off) \
-(s_mpv_mul_d_add_prop(MP_DIGITS(a), MP_USED(a), b, MP_DIGITS(c) + off), MP_OKAY)
-
-/* }}} */
-#endif
-
diff --git a/security/nss/lib/freebl/mpi/mpi-test.c b/security/nss/lib/freebl/mpi/mpi-test.c
deleted file mode 100644
index ed3880631..000000000
--- a/security/nss/lib/freebl/mpi/mpi-test.c
+++ /dev/null
@@ -1,1973 +0,0 @@
-/*
- * mpi-test.c
- *
- * This is a general test suite for the MPI library, which tests
- * all the functions in the library with known values.  The program
- * exits with a zero (successful) status if the tests pass, or a 
- * nonzero status if the tests fail.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-#include "test-info.c"
-
-/* ZS means Zero Suppressed (no leading zeros) */
-#if MP_USE_LONG_DIGIT 
-#define ZS_DIGIT_FMT         "%lX"
-#elif MP_USE_LONG_LONG_DIGIT
-#define ZS_DIGIT_FMT         "%llX"
-#elif MP_USE_UINT_DIGIT 
-#define ZS_DIGIT_FMT         "%X"
-#else
-#error "unknown type of digit"
-#endif
-
-/*
-  Test vectors
-
-  If you intend to change any of these values, you must also recompute
-  the corresponding solutions below.  Basically, these are just hex
-  strings (for the big integers) or integer values (for the digits).
-
-  The comparison tests think they know what relationships hold between
-  these values.  If you change that, you may have to adjust the code
-  for the comparison tests accordingly.  Most of the other tests
-  should be fine as long as you re-compute the solutions, though.
- */
-const char   *mp1  = "639A868CDA0C569861B";
-const char   *mp2  = "AAFC0A3FE45E5E09DBE2C29";
-const char   *mp3  = "B55AA8DF8A7E83241F38AC7A9E479CAEF2E4D7C5";
-const char   *mp4  = "-63DBC2265B88268DC801C10EA68476B7BDE0090F";
-const char   *mp5  = "F595CB42";
-const char   *mp5a = "-4B597E";
-const char   *mp6  = "0";
-const char   *mp7  = "EBFA7121CD838CE6439CC59DDB4CBEF3";
-const char   *mp8  = "5";
-const char   *mp9  = "F74A2876A1432698923B0767DA19DCF3D71795EE";
-const char   *mp10 = "9184E72A000";
-const char   *mp11 = "54D79A3557E8";
-const char   *mp12 = "10000000000000000";
-const char   *mp13 = 
-"34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342BDAB6163963C"
-"D5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45F2B050D226E6DA88";
-const char   *mp14 =
-"AC3FA0EABAAC45724814D798942A1E28E14C81E0DE8055CED630E7689DA648683645DB6E"
-"458D9F5338CC3D4E33A5D1C9BF42780133599E60DEE0049AFA8F9489501AE5C9AA2B8C13"
-"FD21285A538B2CA87A626BB56E0A654C8707535E637FF4E39174157402BDE3AA30C9F134"
-"0C1307BAA864B075A9CC828B6A5E2B2BF1AE406D920CC5E7657D7C0E697DEE5375773AF9"
-"E200A1B8FAD7CD141F9EE47ABB55511FEB9A4D99EBA22F3A3FF6792FA7EE9E5DC0EE94F7"
-"7A631EDF3D7DD7C2DAAAFDF234D60302AB63D5234CEAE941B9AF0ADDD9E6E3A940A94EE5"
-"5DB45A7C66E61EDD0477419BBEFA44C325129601C4F45671C6A0E64665DF341D17FBC71F"
-"77418BD9F4375DDB3B9D56126526D8E5E0F35A121FD4F347013DA880020A752324F31DDD"
-"9BCDB13A3B86E207A2DE086825E6EEB87B3A64232CFD8205B799BC018634AAE193F19531"
-"D6EBC19A75F27CFFAA03EB5974898F53FD569AA5CE60F431B53B0CDE715A5F382405C9C4"
-"761A8E24888328F09F7BCE4E8D80C957DF177629C8421ACCD0C268C63C0DD47C3C0D954F"
-"D79F7D7297C6788DF4B3E51381759864D880ACA246DF09533739B8BB6085EAF7AE8DC2D9"
-"F224E6874926C8D24D34B457FD2C9A586C6B99582DC24F787A39E3942786CF1D494B6EB4"
-"A513498CDA0B217C4E80BCE7DA1C704C35E071AC21E0DA9F57C27C3533F46A8D20B04137"
-"C1B1384BE4B2EB46";
-const char   *mp15 = 
-"39849CF7FD65AF2E3C4D87FE5526221103D90BA26A6642FFE3C3ECC0887BBBC57E011BF1"
-"05D822A841653509C68F79EBE51C0099B8CBB04DEF31F36F5954208A3209AC122F0E11D8"
-"4AE67A494D78336A2066D394D42E27EF6B03DDAF6D69F5112C93E714D27C94F82FC7EF77"
-"445768C68EAE1C4A1407BE1B303243391D325090449764AE469CC53EC8012C4C02A72F37"
-"07ED7275D2CC8D0A14B5BCC6BF264941520EBA97E3E6BAE4EE8BC87EE0DDA1F5611A6ECB"
-"65F8AEF4F184E10CADBDFA5A2FEF828901D18C20785E5CC63473D638762DA80625003711"
-"9E984AC43E707915B133543AF9D5522C3E7180DC58E1E5381C1FB7DC6A5F4198F3E88FA6"
-"CBB6DFA8B2D1C763226B253E18BCCB79A29EE82D2DE735078C8AE3C3C86D476AAA08434C"
-"09C274BDD40A1D8FDE38D6536C22F44E807EB73DE4FB36C9F51E0BC835DDBE3A8EFCF2FE"
-"672B525769DC39230EE624D5EEDBD837C82A52E153F37378C3AD68A81A7ADBDF3345DBCE"
-"8FA18CA1DE618EF94DF72EAD928D4F45B9E51632ACF158CF8332C51891D1D12C2A7E6684"
-"360C4BF177C952579A9F442CFFEC8DAE4821A8E7A31C4861D8464CA9116C60866C5E72F7"
-"434ADBED36D54ACDFDFF70A4EFB46E285131FE725F1C637D1C62115EDAD01C4189716327"
-"BFAA79618B1656CBFA22C2C965687D0381CC2FE0245913C4D8D96108213680BD8E93E821"
-"822AD9DDBFE4BD04";
-const char   *mp16 = "4A724340668DB150339A70";
-const char   *mp17 = "8ADB90F58";
-const char   *mp18 = "C64C230AB20E5";
-const char *mp19 = 
-"F1C9DACDA287F2E3C88DCE2393B8F53DAAAC1196DC36510962B6B59454CFE64B";
-const char *mp20 = 
-"D445662C8B6FE394107B867797750C326E0F4A967E135FC430F6CD7207913AC7";
-
-const mp_digit md1 = 0;
-const mp_digit md2 = 0x1;
-const mp_digit md3 = 0x80;
-const mp_digit md4 = 0x9C97;
-const mp_digit md5 = 0xF5BF;
-const mp_digit md6 = 0x14A0;
-const mp_digit md7 = 0x03E8;
-const mp_digit md8 = 0x0101;
-const mp_digit md9 = 0xA;
-
-/* 
-   Solutions of the form x_mpABC, where:
-
-   x = (p)roduct, (s)um, (d)ifference, (q)uotient, (r)emainder, (g)cd,
-       (i)nverse, (e)xponent, square roo(t), (g)cd, (l)cm.  A
-       leading 'm' indicates a modular operation, e.g. ms_mp12 is the
-       modular sum of operands 1 and 2
-
-   ABC are the operand numbers involved in the computation.  If a 'd'
-   precedes the number, it is a digit operand; if a 'c' precedes it,
-   it is a constant; otherwise, it is a full integer.  
- */
-
-const char *p_mp12   = "4286AD72E095C9FE009938750743174ADDD7FD1E53";
-const char *p_mp34   = "-46BDBD66CA108C94A8CF46C325F7B6E2F2BA82D35"
-                       "A1BFD6934C441EE369B60CA29BADC26845E918B";
-const char *p_mp57   = "E260C265A0A27C17AD5F4E59D6E0360217A2EBA6";
-const char *p_mp22   = "7233B5C1097FFC77CCF55928FDC3A5D31B712FDE7A1E91";
-const char *p_mp1d4  = "3CECEA2331F4220BEF68DED";
-const char *p_mp8d6  = "6720";
-const char *p_mp1113 =
-"11590FC3831C8C3C51813142C88E566408DB04F9E27642F6471A1822E0100B12F7F1"
-"5699A127C0FA9D26DCBFF458522661F30C6ADA4A07C8C90F9116893F6DBFBF24C3A2"
-"4340";
-const char *p_mp1415 = 
-"26B36540DE8B3586699CCEAE218A2842C7D5A01590E70C4A26E789107FBCDB06AA2C"
-"6DDC39E6FA18B16FCB2E934C9A5F844DAD60EE3B1EA82199EC5E9608F67F860FB965"
-"736055DF0E8F2540EB28D07F47E309B5F5D7C94FF190AB9C83A6970160CA700B1081"
-"F60518132AF28C6CEE6B7C473E461ABAC52C39CED50A08DD4E7EA8BA18DAD545126D"
-"A388F6983C29B6BE3F9DCBC15766E8E6D626A92C5296A9C4653CAE5788350C0E2107"
-"F57E5E8B6994C4847D727FF1A63A66A6CEF42B9C9E6BD04C92550B85D5527DE8A132"
-"E6BE89341A9285C7CE7FB929D871BBCBD0ED2863B6B078B0DBB30FCA66D6C64284D6"
-"57F394A0271E15B6EC7A9D530EBAC6CA262EF6F97E1A29FCE7749240E4AECA591ECF"
-"272122BC587370F9371B67BB696B3CDC1BC8C5B64B6280994EBA00CDEB8EB0F5D06E"
-"18F401D65FDCECF23DD7B9BB5B4C5458AEF2CCC09BA7F70EACB844750ACFD027521E"
-"2E047DE8388B35F8512D3DA46FF1A12D4260213602BF7BFFDB6059439B1BD0676449"
-"8D98C74F48FB3F548948D5BA0C8ECFCD054465132DC43466D6BBD59FBAF8D6D4E157"
-"2D612B40A956C7D3E140F3B8562EF18568B24D335707D5BAC7495014DF2444172426"
-"FD099DED560D30D1F945386604AFC85C64BD1E5F531F5C7840475FC0CF0F79810012"
-"4572BAF5A9910CDBD02B27FFCC3C7E5E88EF59F3AE152476E33EDA696A4F751E0AE4"
-"A3D2792DEA78E25B9110E12A19EFD09EA47FF9D6594DA445478BEB6901EAF8A35B2D"
-"FD59BEE9BF7AA8535B7D326EFA5AA2121B5EBE04DD85827A3D43BD04F4AA6D7B62A2"
-"B6D7A3077286A511A431E1EF75FCEBA3FAE9D5843A8ED17AA02BBB1B571F904699C5"
-"A6073F87DDD012E2322AB3F41F2A61F428636FE86914148E19B8EF8314ED83332F2F"
-"8C2ADE95071E792C0A68B903E060DD322A75FD0C2B992059FCCBB58AFA06B50D1634"
-"BBD93F187FCE0566609FCC2BABB269C66CEB097598AA17957BB4FDA3E64A1B30402E"
-"851CF9208E33D52E459A92C63FBB66435BB018E155E2C7F055E0B7AB82CD58FC4889"
-"372ED9EEAC2A07E8E654AB445B9298D2830D6D4DFD117B9C8ABE3968927DC24B3633"
-"BAD6E6466DB45DDAE87A0AB00336AC2CCCE176704F7214FCAB55743AB76C2B6CA231"
-"7984610B27B5786DE55C184DDF556EDFEA79A3652831940DAD941E243F482DC17E50"
-"284BC2FB1AD712A92542C573E55678878F02DFD9E3A863C7DF863227AEDE14B47AD3"
-"957190124820ADC19F5353878EDB6BF7D0C77352A6E3BDB53EEB88F5AEF6226D6E68"
-"756776A8FB49B77564147A641664C2A54F7E5B680CCC6A4D22D894E464DF20537094"
-"548F1732452F9E7F810C0B4B430C073C0FBCE03F0D03F82630654BCE166AA772E1EE"
-"DD0C08D3E3EBDF0AF54203B43AFDFC40D8FC79C97A4B0A4E1BEB14D8FCEFDDED8758"
-"6ED65B18";
-
-const char *mp_mp345 = "B9B6D3A3";
-const char *mp_mp335 = "16609C2D";
-
-const char *s_mp13   = "B55AA8DF8A7E83241F38B2B446B06A4FB84E5DE0";
-const char *s_mp34   = "517EE6B92EF65C965736EB6BF7C325F73504CEB6";
-const char *s_mp46   = "-63DBC2265B88268DC801C10EA68476B7BDE0090F";
-const char *s_mp5d4  = "F59667D9";
-const char *s_mp2d5  = "AAFC0A3FE45E5E09DBF21E8";
-const char *s_mp1415 = 
-"E5C43DE2B811F4A084625F96E9504039E5258D8348E698CEB9F4D4292622042DB446"
-"F75F4B65C1FB7A317257FA354BB5A45E789AEC254EAECE11F80A53E3B513822491DB"
-"D9399DEC4807A2A3A10360129AC93F4A42388D3BF20B310DD0E9E9F4BE07FC88D53A"
-"78A26091E0AB506A70813712CCBFBDD440A69A906E650EE090FDD6A42A95AC1A414D"
-"317F1A9F781E6A30E9EE142ECDA45A1E3454A1417A7B9A613DA90831CF88EA1F2E82"
-"41AE88CC4053220903C2E05BCDD42F02B8CF8868F84C64C5858BAD356143C5494607"
-"EE22E11650148BAF65A985F6FC4CA540A55697F2B5AA95D6B8CF96EF638416DE1DD6"
-"3BA9E2C09E22D03E75B60BE456C642F86B82A709253E5E087B507DE3A45F8392423F"
-"4DBC284E8DC88C43CA77BC8DCEFB6129A59025F80F90FF978116DEBB9209E306FBB9"
-"1B6111F8B8CFACB7C7C9BC12691C22EE88303E1713F1DFCEB622B8EA102F6365678B"
-"C580ED87225467AA78E875868BD53B17574BA59305BC1AC666E4B7E9ED72FCFC200E"
-"189D98FC8C5C7533739C53F52DDECDDFA5A8668BFBD40DABC9640F8FCAE58F532940"
-"8162261320A25589E9FB51B50F80056471F24B7E1AEC35D1356FC2747FFC13A04B34"
-"24FCECE10880BD9D97CA8CDEB2F5969BF4F30256EB5ED2BCD1DC64BDC2EE65217848"
-"48A37FB13F84ED4FB7ACA18C4639EE64309BDD3D552AEB4AAF44295943DC1229A497"
-"A84A";
-
-const char *ms_mp345 = "1E71E292";
-
-const char *d_mp12   = "-AAFBA6A55DD183FD854A60E";
-const char *d_mp34   = "119366B05E606A9B1E73A6D8944CC1366B0C4E0D4";
-const char *d_mp5d4  = "F5952EAB";
-const char *d_mp6d2  = "-1";
-const char *md_mp345 = "26596B86";
-
-const char *q_mp42   = "-95825A1FFA1A155D5";
-const char *r_mp42   = "-6312E99D7700A3DCB32ADF2";
-const char *q_mp45a  = "15344CDA3D841F661D2B61B6EDF7828CE36";
-const char *r_mp45a  = "-47C47B";
-const char *q_mp7c2  = "75FD3890E6C1C67321CE62CEEDA65F79";
-const char *q_mp3d6  = "8CAFD53C272BD6FE8B0847BDC3B539EFAB5C3";
-const char *r_mp3d6  = "1E5";
-const char *r_mp5d5  = "1257";
-const char *r_mp47   = "B3A9018D970281A90FB729A181D95CB8";
-const char *q_mp1404 = 
-"-1B994D869142D3EF6123A3CBBC3C0114FA071CFCEEF4B7D231D65591D32501AD80F"
-"FF49AE4EC80514CC071EF6B42521C2508F4CB2FEAD69A2D2EF3934087DCAF88CC4C4"
-"659F1CA8A7F4D36817D802F778F1392337FE36302D6865BF0D4645625DF8BB044E19"
-"930635BE2609FAC8D99357D3A9F81F2578DE15A300964188292107DAC980E0A08CD7"
-"E938A2135FAD45D50CB1D8C2D4C4E60C27AB98B9FBD7E4DBF752C57D2674520E4BB2"
-"7E42324C0EFE84FB3E38CF6950E699E86FD45FE40D428400F2F94EDF7E94FAE10B45"
-"89329E1BF61E5A378C7B31C9C6A234F8254D4C24823B84D0BF8D671D8BC9154DFAC9"
-"49BD8ACABD6BD32DD4DC587F22C86153CB3954BDF7C2A890D623642492C482CF3E2C"
-"776FC019C3BBC61688B485E6FD35D6376089C1E33F880E84C4E51E8ABEACE1B3FB70"
-"3EAD0E28D2D44E7F1C0A859C840775E94F8C1369D985A3C5E8114B21D68B3CBB75D2"
-"791C586153C85B90CAA483E57A40E2D97950AAB84920A4396C950C87C7FFFE748358"
-"42A0BF65445B26D40F05BE164B822CA96321F41D85A289C5F5CD5F438A78704C9683"
-"422299D21899A22F853B0C93081CC9925E350132A0717A611DD932A68A0ACC6E4C7F"
-"7F685EF8C1F4910AEA5DC00BB5A36FCA07FFEAA490C547F6E14A08FE87041AB803E1"
-"BD9E23E4D367A2C35762F209073DFF48F3";
-const char *r_mp1404 = "12FF98621ABF63144BFFC3207AC8FC10D8D1A09";
-
-const char *q_mp13c  = 
-		"34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342"
-		"BDAB6163963CD5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45";
-const char *r_mp13c  = "F2B050D226E6DA88";
-const char *q_mp9c16 = "F74A2876A1432698923B0767DA19DCF3D71795E";
-const char *r_mp9c16 = "E";
-
-const char *e_mp5d9 = "A8FD7145E727A20E52E73D22990D35D158090307A"
-		      "13A5215AAC4E9AB1E96BD34E531209E03310400";
-const char *e_mp78  = "AA5F72C737DFFD8CCD108008BFE7C79ADC01A819B"
-		      "32B75FB82EC0FB8CA83311DA36D4063F1E57857A2"
-		      "1AB226563D84A15BB63CE975FF1453BD6750C58D9"
-		      "D113175764F5D0B3C89B262D4702F4D9640A3";
-const char *me_mp817 = "E504493ACB02F7F802B327AB13BF25";
-const char *me_mp5d47 = "1D45ED0D78F2778157992C951DD2734C";
-const char *me_mp1512 = "FB5B2A28D902B9D9";
-const char *me_mp161718 = "423C6AC6DBD74";
-const char *me_mp5114 =
-"64F0F72807993578BBA3C7C36FFB184028F9EB9A810C92079E1498D8A80FC848E1F0"
-"25F1DE43B7F6AC063F5CC29D8A7C2D7A66269D72BF5CDC327AF88AF8EF9E601DCB0A"
-"3F35BFF3525FB1B61CE3A25182F17C0A0633B4089EA15BDC47664A43FEF639748AAC"
-"19CF58E83D8FA32CD10661D2D4210CC84792937E6F36CB601851356622E63ADD4BD5"
-"542412C2E0C4958E51FD2524AABDC7D60CFB5DB332EEC9DC84210F10FAE0BA2018F2"
-"14C9D6867C9D6E49CF28C18D06CE009FD4D04BFC8837C3FAAA773F5CCF6DED1C22DE"
-"181786AFE188540586F2D74BF312E595244E6936AE52E45742109BAA76C36F2692F5"
-"CEF97AD462B138BE92721194B163254CBAAEE9B9864B21CCDD5375BCAD0D24132724"
-"113D3374B4BCF9AA49BA5ACBC12288C0BCF46DCE6CB4A241A91BD559B130B6E9CD3D"
-"D7A2C8B280C2A278BA9BF5D93244D563015C9484B86D9FEB602501DC16EEBC3EFF19"
-"53D7999682BF1A1E3B2E7B21F4BDCA3C355039FEF55B9C0885F98DC355CA7A6D8ECF"
-"5F7F1A6E11A764F2343C823B879B44616B56BF6AE3FA2ACF5483660E618882018E3F"
-"C8459313BACFE1F93CECC37B2576A5C0B2714BD3EEDEEC22F0E7E3E77B11396B9B99"
-"D683F2447A4004BBD4A57F6A616CDDFEC595C4FC19884CC2FC21CF5BF5B0B81E0F83"
-"B9DDA0CF4DFF35BB8D31245912BF4497FD0BD95F0C604E26EA5A8EA4F5EAE870A5BD"
-"FE8C";
-
-const char *e_mpc2d3 = "100000000000000000000000000000000";
-
-const char *t_mp9    = "FB9B6E32FF0452A34746";
-const char *i_mp27   = "B6AD8DCCDAF92B6FE57D062FFEE3A99";
-const char *i_mp2019 = 
-"BDF3D88DC373A63EED92903115B03FC8501910AF68297B4C41870AED3EA9F839";
-/* "15E3FE09E8AE5523AABA197BD2D16318D3CA148EDF4AE1C1C52FC96AFAF5680B"; */
-
-
-const char *t_mp15 =
-"795853094E59B0008093BCA8DECF68587C64BDCA2F3F7F8963DABC12F1CFFFA9B8C4"
-"365232FD4751870A0EF6CA619287C5D8B7F1747D95076AB19645EF309773E9EACEA0"
-"975FA4AE16251A8DA5865349C3A903E3B8A2C0DEA3C0720B6020C7FED69AFF62BB72"
-"10FAC443F9FFA2950776F949E819260C2AF8D94E8A1431A40F8C23C1973DE5D49AA2"
-"0B3FF5DA5C1D5324E712A78FF33A9B1748F83FA529905924A31DF38643B3F693EF9B"
-"58D846BB1AEAE4523ECC843FF551C1B300A130B65C1677402778F98C51C10813250E"
-"2496882877B069E877B59740DC1226F18A5C0F66F64A5F59A9FAFC5E9FC45AEC0E7A"
-"BEE244F7DD3AC268CF512A0E52E4F5BE5B94";
-
-const char *g_mp71   = "1";
-const char *g_mp25   = "7";
-const char *l_mp1011 = "C589E3D7D64A6942A000";
-
-/* mp9 in radices from 5 to 64 inclusive */
-#define LOW_RADIX   5
-#define HIGH_RADIX  64
-const char *v_mp9[] = {
-  "404041130042310320100141302000203430214122130002340212132414134210033",
-  "44515230120451152500101352430105520150025145320010504454125502",
-  "644641136612541136016610100564613624243140151310023515322",
-  "173512120732412062323044435407317550316717172705712756",
-  "265785018434285762514442046172754680368422060744852",
-  "1411774500397290569709059837552310354075408897518",
-  "184064268501499311A17746095910428222A241708032A",
-  "47706011B225950B02BB45602AA039893118A85950892",
-  "1A188C826B982353CB58422563AC602B783101671A86",
-  "105957B358B89B018958908A9114BC3DDC410B77982",
-  "CB7B3387E23452178846C55DD9D70C7CA9AEA78E8",
-  "F74A2876A1432698923B0767DA19DCF3D71795EE",
-  "17BF7C3673B76D7G7A5GA836277296F806E7453A",
-  "2EBG8HH3HFA6185D6H0596AH96G24C966DD3HG2",
-  "6G3HGBFEG8I3F25EAF61B904EIA40CFDH2124F",
-  "10AHC3D29EBHDF3HD97905CG0JA8061855C3FI",
-  "3BA5A55J5K699B2D09C38A4B237CH51IHA132",
-  "EDEA90DJ0B5CB3FGG1C8587FEB99D3C143CA",
-  "31M26JI1BBD56K3I028MML4EEDMAJK60LGLE",
-  "GGG5M3142FKKG82EJ28111D70EMHC241E4E",
-  "4446F4D5H10982023N297BF0DKBBHLLJB0I",
-  "12E9DEEOBMKAKEP0IM284MIP7FO1O521M46",
-  "85NN0HD48NN2FDDB1F5BMMKIB8CK20MDPK",
-  "2D882A7A0O0JPCJ4APDRIB77IABAKDGJP2",
-  "MFMCI0R7S27AAA3O3L2S8K44HKA7O02CN",
-  "7IGQS73FFSHC50NNH44B6PTTNLC3M6H78",
-  "2KLUB3U9850CSN6ANIDNIF1LB29MJ43LH",
-  "UT52GTL18CJ9H4HR0TJTK6ESUFBHF5FE",
-  "BTVL87QQBMUGF8PFWU4W3VU7U922QTMW",
-  "4OG10HW0MSWJBIDEE2PDH24GA7RIHIAA",
-  "1W8W9AX2DRUX48GXOLMK0PE42H0FEUWN",
-  "SVWI84VBH069WR15W1U2VTK06USY8Z2",
-  "CPTPNPDa5TYCPPNLALENT9IMX2GL0W2",
-  "5QU21UJMRaUYYYYYN6GHSMPOYOXEEUY",
-  "2O2Q7C6RPPB1SXJ9bR4035SPaQQ3H2W",
-  "18d994IbT4PHbD7cGIPCRP00bbQO0bc",
-  "NcDUEEWRO7XT76260WGeBHPVa72RdA",
-  "BbX2WCF9VfSB5LPdJAdeXKV1fd6LC2",
-  "60QDKW67P4JSQaTdQg7JE9ISafLaVU",
-  "33ba9XbDbRdNF4BeDB2XYMhAVDaBdA",
-  "1RIPZJA8gT5L5H7fTcaRhQ39geMMTc",
-  "d65j70fBATjcDiidPYXUGcaBVVLME",
-  "LKA9jhPabDG612TXWkhfT2gMXNIP2",
-  "BgNaYhjfT0G8PBcYRP8khJCR3C9QE",
-  "6Wk8RhJTAgDh10fYAiUVB1aM0HacG",
-  "3dOCjaf78kd5EQNViUZWj3AfFL90I",
-  "290VWkL3aiJoW4MBbHk0Z0bDo22Ni",
-  "1DbDZ1hpPZNUDBUp6UigcJllEdC26",
-  "dFSOLBUM7UZX8Vnc6qokGIOiFo1h",
-  "NcoUYJOg0HVmKI9fR2ag0S8R2hrK",
-  "EOpiJ5Te7oDe2pn8ZhAUKkhFHlZh",
-  "8nXK8rp8neV8LWta1WDgd1QnlWsU",
-  "5T3d6bcSBtHgrH9bCbu84tblaa7r",
-  "3PlUDIYUvMqOVCir7AtquK5dWanq",
-  "2A70gDPX2AtiicvIGGk9poiMtgvu",
-  "1MjiRxjk10J6SVAxFguv9kZiUnIc",
-  "rpre2vIDeb4h3sp50r1YBbtEx9L",
-  "ZHcoip0AglDAfibrsUcJ9M1C8fm",
-  "NHP18+eoe6uU54W49Kc6ZK7+bT2",
-  "FTAA7QXGoQOaZi7PzePtFFN5vNk"
-};
-
-const unsigned char b_mp4[] = {
-  0x01, 
-#if MP_DIGIT_MAX > MP_32BIT_MAX
-  0x00, 0x00, 0x00, 0x00,
-#endif
-  0x63, 0xDB, 0xC2, 0x26, 
-  0x5B, 0x88, 0x26, 0x8D, 
-  0xC8, 0x01, 0xC1, 0x0E, 
-  0xA6, 0x84, 0x76, 0xB7, 
-  0xBD, 0xE0, 0x09, 0x0F
-};
-
-/* Search for a test suite name in the names table  */
-int  find_name(char *name);
-void reason(char *fmt, ...);
-
-/*------------------------------------------------------------------------*/
-/*------------------------------------------------------------------------*/
-
-char g_intbuf[4096];  /* buffer for integer comparison   */
-char a_intbuf[4096];  /* buffer for integer comparison   */
-int  g_verbose = 1;   /* print out reasons for failure?  */
-int  res;
-
-#define IFOK(x) { if (MP_OKAY > (res = (x))) { \
-  reason("test %s failed: error %d\n", #x, res); return 1; }}
-
-int main(int argc, char *argv[])
-{
-  int which, res;
-
-  srand((unsigned int)time(NULL));
-
-  if (argc < 2) {
-    fprintf(stderr, "Usage: %s <test-suite> | list\n"
-	    "Type '%s help' for assistance\n", argv[0], argv[0]);
-    return 2;
-  } else if(argc > 2) {
-    if(strcmp(argv[2], "quiet") == 0)
-      g_verbose = 0;
-  }
-
-  if(strcmp(argv[1], "help") == 0) {
-    fprintf(stderr, "Help for mpi-test\n\n"
-	    "This program is a test driver for the MPI library, which\n"
-	    "tests all the various functions in the library to make sure\n"
-	    "they are working correctly.  The syntax is:\n"
-	    "    %s <suite-name>\n"
-	    "...where <suite-name> is the name of the test you wish to\n"
-	    "run.  To get a list of the tests, use '%s list'.\n\n"
-	    "The program exits with a status of zero if the test passes,\n"
-	    "or non-zero if it fails.  Ordinarily, failure is accompanied\n"
-	    "by a diagnostic message to standard error.  To suppress this\n"
-	    "add the keyword 'quiet' after the suite-name on the command\n"
-	    "line.\n\n", argv[0], argv[0]);
-    return 0;
-  }
-
-  if ((which = find_name(argv[1])) < 0) {
-    fprintf(stderr, "%s: test suite '%s' is not known\n", argv[0], argv[1]);
-    return 2;
-  }
-
-  if((res = (g_tests[which])()) < 0) {
-    fprintf(stderr, "%s: test suite not implemented yet\n", argv[0]);
-    return 2;
-  } else {
-    return res; 
-  }
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int find_name(char *name)
-{
-  int ix = 0;
-  
-  while(ix < g_count) {
-    if (strcmp(name, g_names[ix]) == 0)
-      return ix;
-    
-    ++ix;
-  }
-  
-  return -1;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_list(void)
-{
-  int ix;
-  
-  fprintf(stderr, "There are currently %d test suites available\n",
-	  g_count);
-  
-  for(ix = 1; ix < g_count; ix++)
-    fprintf(stdout, "%-20s %s\n", g_names[ix], g_descs[ix]);
-  
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_copy(void)
-{
-  mp_int  a, b;
-  int     ix;
-
-  mp_init(&a); mp_init(&b);
-
-  mp_read_radix(&a, mp3, 16);
-  mp_copy(&a, &b);
-
-  if(SIGN(&a) != SIGN(&b) || USED(&a) != USED(&b)) {
-    if(SIGN(&a) != SIGN(&b)) {
-      reason("error: sign of original is %d, sign of copy is %d\n", 
-	     SIGN(&a), SIGN(&b));
-    } else {
-      reason("error: original precision is %d, copy precision is %d\n",
-	     USED(&a), USED(&b));
-    }
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  for(ix = 0; ix < USED(&b); ix++) {
-    if(DIGIT(&a, ix) != DIGIT(&b, ix)) {
-      reason("error: digit %d " DIGIT_FMT " != " DIGIT_FMT "\n",
-	     ix, DIGIT(&a, ix), DIGIT(&b, ix));
-      mp_clear(&a); mp_clear(&b);
-      return 1;
-    }
-  }
-     
-  mp_clear(&a); mp_clear(&b);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exch(void)
-{
-  mp_int  a, b;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16);
-
-  mp_exch(&a, &b);
-  mp_toradix(&a, g_intbuf, 16);
-
-  mp_clear(&a);
-  if(strcmp(g_intbuf, mp1) != 0) {
-    mp_clear(&b);
-    reason("error: exchange failed\n");
-    return 1;
-  }
-
-  mp_toradix(&b, g_intbuf, 16);
-
-  mp_clear(&b);
-  if(strcmp(g_intbuf, mp7) != 0) {
-    reason("error: exchange failed\n");
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_zero(void)
-{
-  mp_int   a;
-
-  mp_init(&a); mp_read_radix(&a, mp7, 16);
-  mp_zero(&a);
-
-  if(USED(&a) != 1 || DIGIT(&a, 1) != 0) {
-    mp_toradix(&a, g_intbuf, 16);
-    reason("error: result is %s\n", g_intbuf);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_set(void)
-{
-  mp_int   a;
-
-  /* Test single digit set */
-  mp_init(&a); mp_set(&a, 5);
-  if(DIGIT(&a, 0) != 5) {
-    mp_toradix(&a, g_intbuf, 16);
-    reason("error: result is %s, expected 5\n", g_intbuf);
-    mp_clear(&a);
-    return 1;
-  }
-
-  /* Test integer set */
-  mp_set_int(&a, -4938110);
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a);
-  if(strcmp(g_intbuf, mp5a) != 0) {
-    reason("error: result is %s, expected %s\n", g_intbuf, mp5a);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_abs(void)
-{
-  mp_int  a;
-
-  mp_init(&a); mp_read_radix(&a, mp4, 16);
-  mp_abs(&a, &a);
-  
-  if(SIGN(&a) != ZPOS) {
-    reason("error: sign of result is negative\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_neg(void)
-{
-  mp_int  a;
-  mp_sign s;
-
-  mp_init(&a); mp_read_radix(&a, mp4, 16);
-
-  s = SIGN(&a);
-  mp_neg(&a, &a);
-  if(SIGN(&a) == s) {
-    reason("error: sign of result is same as sign of nonzero input\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_add_d(void)
-{
-  mp_int  a;
-
-  mp_init(&a);
-  
-  mp_read_radix(&a, mp5, 16);
-  mp_add_d(&a, md4, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, s_mp5d4) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, s_mp5d4);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp2, 16);
-  mp_add_d(&a, md5, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, s_mp2d5) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, s_mp2d5);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_add(void)
-{
-  mp_int  a, b;
-  int     res = 0;
-
-  mp_init(&a); mp_init(&b);
-
-  mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp3, 16);
-  mp_add(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, s_mp13) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, s_mp13);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp4, 16);
-  mp_add(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, s_mp34) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, s_mp34);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp6, 16);
-  mp_add(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, s_mp46) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, s_mp46);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16);
-  mp_add(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, s_mp1415) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, s_mp1415);
-    res = 1;
-  }
-
- CLEANUP:
-  mp_clear(&a); mp_clear(&b);
-  return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sub_d(void)
-{
-  mp_int   a;
-
-  mp_init(&a);
-  mp_read_radix(&a, mp5, 16);
-
-  mp_sub_d(&a, md4, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, d_mp5d4) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, d_mp5d4);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp6, 16);
-  
-  mp_sub_d(&a, md2, &a);
-  mp_toradix(&a, g_intbuf, 16);
-  
-  mp_clear(&a);
-  if(strcmp(g_intbuf, d_mp6d2) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, d_mp6d2);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sub(void)
-{
-  mp_int  a, b;
-
-  mp_init(&a); mp_init(&b);
-
-  mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16);
-  mp_sub(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, d_mp12) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, d_mp12);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-  mp_sub(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, d_mp34) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, d_mp34);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_clear(&a); mp_clear(&b);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mul_d(void)
-{
-  mp_int   a;
-
-  mp_init(&a);
-  mp_read_radix(&a, mp1, 16);
-
-  IFOK( mp_mul_d(&a, md4, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  
-  if(strcmp(g_intbuf, p_mp1d4) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp1d4);    
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp8, 16);
-  IFOK( mp_mul_d(&a, md6, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  mp_clear(&a);
-  if(strcmp(g_intbuf, p_mp8d6) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp8d6); 
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mul(void)
-{
-  mp_int   a, b;
-  int      res = 0;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16);
-
-  IFOK( mp_mul(&a, &b, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, p_mp12) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp12);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-  IFOK( mp_mul(&a, &b, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, p_mp34) !=0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp34);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp7, 16);
-  IFOK( mp_mul(&a, &b, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, p_mp57) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp57);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp11, 16); mp_read_radix(&b, mp13, 16);
-  IFOK( mp_mul(&a, &b, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, p_mp1113) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp1113);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16);
-  IFOK( mp_mul(&a, &b, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, p_mp1415) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp1415);
-    res = 1;
-  }
-
- CLEANUP:
-  mp_clear(&a); mp_clear(&b);
-  return res;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqr(void)
-{
-  mp_int  a;
-
-  mp_init(&a); mp_read_radix(&a, mp2, 16);
-
-  mp_sqr(&a, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  mp_clear(&a);
-  if(strcmp(g_intbuf, p_mp22) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, p_mp22);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_d(void)
-{
-  mp_int    a, q;
-  mp_digit  r;
-  int       err = 0;
-
-  mp_init(&a); mp_init(&q);
-  mp_read_radix(&a, mp3, 16);
-
-  IFOK( mp_div_d(&a, md6, &q, &r) );
-  mp_toradix(&q, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, q_mp3d6) != 0) {
-    reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp3d6);
-    ++err;
-  }
-
-  sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-
-  if(strcmp(g_intbuf, r_mp3d6) != 0) {
-    reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp3d6);
-    ++err;
-  }
-
-  mp_read_radix(&a, mp9, 16);
-  IFOK( mp_div_d(&a, 16, &q, &r) );
-  mp_toradix(&q, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, q_mp9c16) != 0) {
-    reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp9c16);
-    ++err;
-  }
-
-  sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-
-  if(strcmp(g_intbuf, r_mp9c16) != 0) {
-    reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp9c16);
-    ++err;
-  }
-
-  mp_clear(&a); mp_clear(&q);
-  return err;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_2(void)
-{
-  mp_int  a;
-
-  mp_init(&a); mp_read_radix(&a, mp7, 16);
-  IFOK( mp_div_2(&a, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  mp_clear(&a);
-  if(strcmp(g_intbuf, q_mp7c2) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, q_mp7c2);
-    return 1;
-  }
-    
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_2d(void)
-{
-  mp_int  a, q, r;
-
-  mp_init(&q); mp_init(&r);
-  mp_init(&a); mp_read_radix(&a, mp13, 16);
-
-  IFOK( mp_div_2d(&a, 64, &q, &r) );
-  mp_clear(&a);
-
-  mp_toradix(&q, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, q_mp13c) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, q_mp13c);
-    mp_clear(&q); mp_clear(&r);
-    return 1;
-  }
-
-  mp_clear(&q);
-
-  mp_toradix(&r, g_intbuf, 16);
-  if(strcmp(g_intbuf, r_mp13c) != 0) {
-    reason("error, computed %s, expected %s\n", g_intbuf, r_mp13c);
-    mp_clear(&r);
-    return 1;
-  }
-
-  mp_clear(&r);
-  
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div(void)
-{
-  mp_int  a, b, r;
-  int     err = 0;
-
-  mp_init(&a); mp_init(&b); mp_init(&r);
-
-  mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp2, 16);
-  IFOK( mp_div(&a, &b, &a, &r) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, q_mp42) != 0) {
-    reason("error: test 1 computed quot %s, expected %s\n", g_intbuf, q_mp42);
-    ++err;
-  }
-
-  mp_toradix(&r, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, r_mp42) != 0) {
-    reason("error: test 1 computed rem %s, expected %s\n", g_intbuf, r_mp42);
-    ++err;
-  }
-
-  mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp5a, 16);
-  IFOK( mp_div(&a, &b, &a, &r) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, q_mp45a) != 0) {
-    reason("error: test 2 computed quot %s, expected %s\n", g_intbuf, q_mp45a);
-    ++err;
-  }
-
-  mp_toradix(&r, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, r_mp45a) != 0) {
-    reason("error: test 2 computed rem %s, expected %s\n", g_intbuf, r_mp45a);
-    ++err;
-  }
-
-  mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp4, 16);
-  IFOK( mp_div(&a, &b, &a, &r) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, q_mp1404) != 0) {
-    reason("error: test 3 computed quot %s, expected %s\n", g_intbuf, q_mp1404);
-    ++err;
-  }
-
-  mp_toradix(&r, g_intbuf, 16);
-  
-  if(strcmp(g_intbuf, r_mp1404) != 0) {
-    reason("error: test 3 computed rem %s, expected %s\n", g_intbuf, r_mp1404);
-    ++err;
-  }
-
-  mp_clear(&a); mp_clear(&b); mp_clear(&r);
-
-  return err;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_expt_d(void)
-{
-  mp_int   a;
-
-  mp_init(&a); mp_read_radix(&a, mp5, 16);
-  mp_expt_d(&a, md9, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  mp_clear(&a);
-  if(strcmp(g_intbuf, e_mp5d9) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, e_mp5d9);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_expt(void)
-{
-  mp_int   a, b;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp8, 16);
-
-  mp_expt(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&b);
-
-  if(strcmp(g_intbuf, e_mp78) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, e_mp78);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_2expt(void)
-{
-  mp_int   a;
-
-  mp_init(&a);
-  mp_2expt(&a, md3);
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a);
-
-  if(strcmp(g_intbuf, e_mpc2d3) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, e_mpc2d3);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqrt(void)
-{
-  mp_int  a;
-  int     res = 0;
-
-  mp_init(&a); mp_read_radix(&a, mp9, 16);
-  mp_sqrt(&a, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, t_mp9) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, t_mp9);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp15, 16);
-  mp_sqrt(&a, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, t_mp15) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, t_mp15);
-    res = 1;
-  }
-
- CLEANUP:
-  mp_clear(&a);
-  return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mod_d(void)
-{
-  mp_int     a;
-  mp_digit   r;
-
-  mp_init(&a); mp_read_radix(&a, mp5, 16);
-  IFOK( mp_mod_d(&a, md5, &r) );
-  sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-  mp_clear(&a);
-
-  if(strcmp(g_intbuf, r_mp5d5) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, r_mp5d5);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mod(void)
-{
-  mp_int  a, m;
-
-  mp_init(&a); mp_init(&m);
-  mp_read_radix(&a, mp4, 16); mp_read_radix(&m, mp7, 16);
-  IFOK( mp_mod(&a, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&m);
-
-  if(strcmp(g_intbuf, r_mp47) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, r_mp47);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_addmod(void)
-{
-  mp_int a, b, m;
-
-  mp_init(&a); mp_init(&b); mp_init(&m);
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-  mp_read_radix(&m, mp5, 16);
-
-  IFOK( mp_addmod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
-  if(strcmp(g_intbuf, ms_mp345) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, ms_mp345);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_submod(void)
-{
-  mp_int a, b, m;
-
-  mp_init(&a); mp_init(&b); mp_init(&m);
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-  mp_read_radix(&m, mp5, 16);
-
-  IFOK( mp_submod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
-  if(strcmp(g_intbuf, md_mp345) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, md_mp345);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mulmod(void)
-{
-  mp_int a, b, m;
-
-  mp_init(&a); mp_init(&b); mp_init(&m);
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-  mp_read_radix(&m, mp5, 16);
-
-  IFOK( mp_mulmod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
-  if(strcmp(g_intbuf, mp_mp345) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, mp_mp345);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqrmod(void)
-{
-  mp_int a, m;
-
-  mp_init(&a); mp_init(&m);
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&m, mp5, 16);
-
-  IFOK( mp_sqrmod(&a, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&m);
-
-  if(strcmp(g_intbuf, mp_mp335) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, mp_mp335);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exptmod(void)
-{
-  mp_int  a, b, m;
-  int     res = 0;
-
-  mp_init(&a); mp_init(&b); mp_init(&m);
-  mp_read_radix(&a, mp8, 16); mp_read_radix(&b, mp1, 16);
-  mp_read_radix(&m, mp7, 16);
-
-  IFOK( mp_exptmod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, me_mp817) != 0) {
-    reason("case 1: error: computed %s, expected %s\n", g_intbuf, me_mp817);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp5, 16);
-  mp_read_radix(&m, mp12, 16);
-
-  IFOK( mp_exptmod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, me_mp1512) != 0) {
-    reason("case 2: error: computed %s, expected %s\n", g_intbuf, me_mp1512);
-    res = 1; goto CLEANUP;
-  }
-
-  mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp1, 16);
-  mp_read_radix(&m, mp14, 16);
-
-  IFOK( mp_exptmod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, me_mp5114) != 0) {
-    reason("case 3: error: computed %s, expected %s\n", g_intbuf, me_mp5114);
-    res = 1;
-  }
-
-  mp_read_radix(&a, mp16, 16); mp_read_radix(&b, mp17, 16);
-  mp_read_radix(&m, mp18, 16);
-
-  IFOK( mp_exptmod(&a, &b, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, me_mp161718) != 0) {
-    reason("case 4: error: computed %s, expected %s\n", g_intbuf, me_mp161718);
-    res = 1;
-  }
-
- CLEANUP:
-  mp_clear(&a); mp_clear(&b); mp_clear(&m);
-  return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exptmod_d(void)
-{
-  mp_int  a, m;
-
-  mp_init(&a); mp_init(&m);
-  mp_read_radix(&a, mp5, 16); mp_read_radix(&m, mp7, 16);
-
-  IFOK( mp_exptmod_d(&a, md4, &m, &a) );
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&m);
-
-  if(strcmp(g_intbuf, me_mp5d47) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, me_mp5d47);
-    return 1;
-  }
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_invmod(void)
-{
-  mp_int  a, m, c;
-  mp_int  p1, p2, p3, p4, p5;
-  mp_int  t1, t2, t3, t4;
-  mp_err  res;
-
-  /* 5 128-bit primes. */
-  static const char ivp1[] = { "AAD8A5A2A2BEF644BAEE7DB0CA643719" };
-  static const char ivp2[] = { "CB371AD2B79A90BCC88D0430663E40B9" };
-  static const char ivp3[] = { "C6C818D4DF2618406CA09280C0400099" };
-  static const char ivp4[] = { "CE949C04512E68918006B1F0D7E93F27" };
-  static const char ivp5[] = { "F8EE999B6416645040687440E0B89F51" };
-
-  mp_init(&a); mp_init(&m);
-  mp_read_radix(&a, mp2, 16); mp_read_radix(&m, mp7, 16);
-
-  IFOK( mp_invmod(&a, &m, &a) );
-
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&m);
-
-  if(strcmp(g_intbuf, i_mp27) != 0) {
-    reason("error: invmod test 1 computed %s, expected %s\n", g_intbuf, i_mp27);
-    return 1;
-  }
-
-  mp_init(&a); mp_init(&m);
-  mp_read_radix(&a, mp20, 16); mp_read_radix(&m, mp19, 16);
-
-  IFOK( mp_invmod(&a, &m, &a) );
-
-  mp_toradix(&a, g_intbuf, 16);
-  mp_clear(&a); mp_clear(&m);
-
-  if(strcmp(g_intbuf, i_mp2019) != 0) {
-    reason("error: invmod test 2 computed %s, expected %s\n", g_intbuf, i_mp2019);
-    return 1;
-  }
-
-/* Need the following test cases:
-  Odd modulus
-    - a is odd,      relatively prime to m
-    - a is odd,  not relatively prime to m
-    - a is even,     relatively prime to m
-    - a is even, not relatively prime to m
-  Even modulus
-    - a is even  (should fail)
-    - a is odd,  not relatively prime to m
-    - a is odd,      relatively prime to m,
-      m is not a power of 2
-	- m has factor 2**k, k < 32
-	- m has factor 2**k, k > 32
-      m is a power of 2, 2**k
-	- k < 32
-	- k > 32
-*/
-
-  mp_init(&a);  mp_init(&m);  mp_init(&c);  
-  mp_init(&p1); mp_init(&p2); mp_init(&p3); mp_init(&p4); mp_init(&p5); 
-  mp_init(&t1); mp_init(&t2); mp_init(&t3); mp_init(&t4); 
-
-  mp_read_radix(&p1, ivp1, 16);
-  mp_read_radix(&p2, ivp2, 16);
-  mp_read_radix(&p3, ivp3, 16);
-  mp_read_radix(&p4, ivp4, 16);
-  mp_read_radix(&p5, ivp5, 16);
-
-  IFOK( mp_2expt(&t2, 68) );	/* t2 = 2**68 */
-  IFOK( mp_2expt(&t3, 128) );	/* t3 = 2**128 */
-  IFOK( mp_2expt(&t4, 31) );	/* t4 = 2**31 */
-
-/* test 3: Odd modulus - a is odd, relatively prime to m */
-
-  IFOK( mp_mul(&p1, &p2, &a) );
-  IFOK( mp_mul(&p3, &p4, &m) );
-  IFOK( mp_invmod(&a, &m, &t1) );
-  IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
-  if (mp_cmp(&t1, &c) != 0) {
-    mp_toradix(&t1, g_intbuf, 16);
-    mp_toradix(&c,  a_intbuf, 16);
-    reason("error: invmod test 3 computed %s, expected %s\n", 
-           g_intbuf, a_intbuf);
-    return 1;
-  }
-  mp_clear(&a);  mp_clear(&t1); mp_clear(&c);  
-  mp_init(&a);   mp_init(&t1);  mp_init(&c);   
-
-/* test 4: Odd modulus - a is odd, NOT relatively prime to m */
-
-  IFOK( mp_mul(&p1, &p3, &a) );
-  /* reuse same m as before */
-
-  res = mp_invmod_xgcd(&a, &m, &c);
-  if (res != MP_UNDEF) 
-    goto CLEANUP4;
-
-  res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
-  if (res != MP_UNDEF) {
-CLEANUP4:
-    reason("error: invmod test 4 succeeded, should have failed.\n");
-    return 1;
-  }
-  mp_clear(&a);  mp_clear(&t1); mp_clear(&c);  
-  mp_init(&a);   mp_init(&t1);  mp_init(&c);   
-
-/* test 5: Odd modulus - a is even, relatively prime to m */
-
-  IFOK( mp_mul(&p1, &t2, &a) );
-  /* reuse m */
-  IFOK( mp_invmod(&a, &m, &t1) );
-  IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
-  if (mp_cmp(&t1, &c) != 0) {
-    mp_toradix(&t1, g_intbuf, 16);
-    mp_toradix(&c,  a_intbuf, 16);
-    reason("error: invmod test 5 computed %s, expected %s\n", 
-           g_intbuf, a_intbuf);
-    return 1;
-  }
-  mp_clear(&a);  mp_clear(&t1); mp_clear(&c);  
-  mp_init(&a);   mp_init(&t1);  mp_init(&c);   
-
-/* test 6: Odd modulus - a is odd, NOT relatively prime to m */
-
-  /* reuse t2 */
-  IFOK( mp_mul(&t2, &p3, &a) );
-  /* reuse same m as before */
-
-  res = mp_invmod_xgcd(&a, &m, &c);
-  if (res != MP_UNDEF) 
-    goto CLEANUP6;
-
-  res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
-  if (res != MP_UNDEF) {
-CLEANUP6:
-    reason("error: invmod test 6 succeeded, should have failed.\n");
-    return 1;
-  }
-  mp_clear(&a);  mp_clear(&m); mp_clear(&c);  mp_clear(&t1); 
-  mp_init(&a);   mp_init(&m);  mp_init(&c);   mp_init(&t1); 
-
-/* test 7: Even modulus, even a, should fail */
-
-  IFOK( mp_mul(&p3, &t3, &m) ); /* even m */
-  /* reuse t2 */
-  IFOK( mp_mul(&p1, &t2, &a) ); /* even a */
-
-  res = mp_invmod_xgcd(&a, &m, &c);
-  if (res != MP_UNDEF) 
-    goto CLEANUP7;
-
-  res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
-  if (res != MP_UNDEF) {
-CLEANUP7:
-    reason("error: invmod test 7 succeeded, should have failed.\n");
-    return 1;
-  }
-  mp_clear(&a);  mp_clear(&c);  mp_clear(&t1); 
-  mp_init(&a);   mp_init(&c);   mp_init(&t1); 
-
-/* test 8: Even modulus    - a is odd,  not relatively prime to m */
-
-  /* reuse m */
-  IFOK( mp_mul(&p3, &p1, &a) ); /* even a */
-
-  res = mp_invmod_xgcd(&a, &m, &c);
-  if (res != MP_UNDEF) 
-    goto CLEANUP8;
-
-  res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
-  if (res != MP_UNDEF) {
-CLEANUP8:
-    reason("error: invmod test 8 succeeded, should have failed.\n");
-    return 1;
-  }
-  mp_clear(&a);  mp_clear(&m); mp_clear(&c);  mp_clear(&t1); 
-  mp_init(&a);   mp_init(&m);  mp_init(&c);   mp_init(&t1); 
-
-/* test 9: Even modulus    - m has factor 2**k, k < 32
- *	                   - a is odd, relatively prime to m,
- */
-  IFOK( mp_mul(&p3, &t4, &m) ); /* even m */
-  IFOK( mp_mul(&p1, &p2, &a) );
-  IFOK( mp_invmod(&a, &m, &t1) );
-  IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
-  if (mp_cmp(&t1, &c) != 0) {
-    mp_toradix(&t1, g_intbuf, 16);
-    mp_toradix(&c,  a_intbuf, 16);
-    reason("error: invmod test 9 computed %s, expected %s\n", 
-           g_intbuf, a_intbuf);
-    return 1;
-  }
-  mp_clear(&m);  mp_clear(&t1); mp_clear(&c);  
-  mp_init(&m);   mp_init(&t1);  mp_init(&c);   
-
-/* test 10: Even modulus    - m has factor 2**k, k > 32
- *	                    - a is odd, relatively prime to m,
- */
-  IFOK( mp_mul(&p3, &t3, &m) ); /* even m */
-  /* reuse a */
-  IFOK( mp_invmod(&a, &m, &t1) );
-  IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
-  if (mp_cmp(&t1, &c) != 0) {
-    mp_toradix(&t1, g_intbuf, 16);
-    mp_toradix(&c,  a_intbuf, 16);
-    reason("error: invmod test 10 computed %s, expected %s\n", 
-           g_intbuf, a_intbuf);
-    return 1;
-  }
-  mp_clear(&t1); mp_clear(&c);  
-  mp_init(&t1);  mp_init(&c);   
-
-/* test 11: Even modulus    - m is a power of 2, 2**k | k < 32
- *                          - a is odd, relatively prime to m,
- */
-  IFOK( mp_invmod(&a, &t4, &t1) );
-  IFOK( mp_invmod_xgcd(&a, &t4, &c) );
-
-  if (mp_cmp(&t1, &c) != 0) {
-    mp_toradix(&t1, g_intbuf, 16);
-    mp_toradix(&c,  a_intbuf, 16);
-    reason("error: invmod test 11 computed %s, expected %s\n", 
-           g_intbuf, a_intbuf);
-    return 1;
-  }
-  mp_clear(&t1); mp_clear(&c);  
-  mp_init(&t1);  mp_init(&c);   
-
-/* test 12: Even modulus    - m is a power of 2, 2**k | k > 32
- *                          - a is odd, relatively prime to m,
- */
-  IFOK( mp_invmod(&a, &t3, &t1) );
-  IFOK( mp_invmod_xgcd(&a, &t3, &c) );
-
-  if (mp_cmp(&t1, &c) != 0) {
-    mp_toradix(&t1, g_intbuf, 16);
-    mp_toradix(&c,  a_intbuf, 16);
-    reason("error: invmod test 12 computed %s, expected %s\n", 
-           g_intbuf, a_intbuf);
-    return 1;
-  }
-
-  mp_clear(&a);  mp_clear(&m);  mp_clear(&c);  
-  mp_clear(&t1); mp_clear(&t2); mp_clear(&t3); mp_clear(&t4); 
-  mp_clear(&p1); mp_clear(&p2); mp_clear(&p3); mp_clear(&p4); mp_clear(&p5); 
-
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_d(void)
-{
-  mp_int  a;
-
-  mp_init(&a); mp_read_radix(&a, mp8, 16);
-
-  if(mp_cmp_d(&a, md8) >= 0) {
-    reason("error: %s >= " DIGIT_FMT "\n", mp8, md8);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp5, 16);
-
-  if(mp_cmp_d(&a, md8) <= 0) {
-    reason("error: %s <= " DIGIT_FMT "\n", mp5, md8);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp6, 16);
-
-  if(mp_cmp_d(&a, md1) != 0) {
-    reason("error: %s != " DIGIT_FMT "\n", mp6, md1);
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_z(void)
-{
-  mp_int  a;
-
-  mp_init(&a); mp_read_radix(&a, mp6, 16);
-
-  if(mp_cmp_z(&a) != 0) {
-    reason("error: someone thinks a zero value is non-zero\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp1, 16);
-  
-  if(mp_cmp_z(&a) <= 0) {
-    reason("error: someone thinks a positive value is non-positive\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp4, 16);
-
-  if(mp_cmp_z(&a) >= 0) {
-    reason("error: someone thinks a negative value is non-negative\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp(void)
-{
-  mp_int  a, b;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-
-  if(mp_cmp(&a, &b) <= 0) {
-    reason("error: %s <= %s\n", mp3, mp4);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_read_radix(&b, mp3, 16);
-  if(mp_cmp(&a, &b) != 0) {
-    reason("error: %s != %s\n", mp3, mp3);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp5, 16);
-  if(mp_cmp(&a, &b) >= 0) {
-    reason("error: %s >= %s\n", mp5, mp3);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp5a, 16);
-  if(mp_cmp_int(&a, 1000000) >= 0 ||
-     (mp_cmp_int(&a, -5000000) <= 0) ||
-     (mp_cmp_int(&a, -4938110) != 0)) {
-    reason("error: long integer comparison failed (%s)", mp5a);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_clear(&a); mp_clear(&b);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_mag(void)
-{
-  mp_int  a, b;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp4, 16);
-
-  if(mp_cmp_mag(&a, &b) >= 0) {
-    reason("error: %s >= %s\n", mp5, mp4);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_read_radix(&b, mp5, 16);
-  if(mp_cmp_mag(&a, &b) != 0) {
-    reason("error: %s != %s\n", mp5, mp5);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp1, 16);
-  if(mp_cmp_mag(&b, &a) >= 0) {
-    reason("error: %s >= %s\n", mp5, mp1);
-    mp_clear(&a); mp_clear(&b);
-    return 1;
-  }
-
-  mp_clear(&a); mp_clear(&b);
-  return 0;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_parity(void)
-{
-  mp_int  a;
-
-  mp_init(&a); mp_read_radix(&a, mp1, 16);
-
-  if(!mp_isodd(&a)) {
-    reason("error: expected operand to be odd, but it isn't\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_read_radix(&a, mp6, 16);
-  
-  if(!mp_iseven(&a)) {
-    reason("error: expected operand to be even, but it isn't\n");
-    mp_clear(&a);
-    return 1;
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_gcd(void)
-{
-  mp_int  a, b;
-  int     out = 0;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16);
-
-  mp_gcd(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, g_mp71) != 0) {
-    reason("error: computed %s, expected %s\n", g_intbuf, g_mp71);
-    out = 1;
-  }
-
-  mp_clear(&a); mp_clear(&b);
-  return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_lcm(void)
-{
-  mp_int  a, b;
-  int     out = 0;
-
-  mp_init(&a); mp_init(&b);
-  mp_read_radix(&a, mp10, 16); mp_read_radix(&b, mp11, 16);
-
-  mp_lcm(&a, &b, &a);
-  mp_toradix(&a, g_intbuf, 16);
-
-  if(strcmp(g_intbuf, l_mp1011) != 0) {
-    reason("error: computed %s, expected%s\n", g_intbuf, l_mp1011);
-    out = 1;
-  }
-
-  mp_clear(&a); mp_clear(&b);
-
-  return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_convert(void)
-{
-  int    ix;
-  mp_int a;
-
-  mp_init(&a); mp_read_radix(&a, mp9, 16);
-
-  for(ix = LOW_RADIX; ix <= HIGH_RADIX; ix++) {
-    mp_toradix(&a, g_intbuf, ix);
-
-    if(strcmp(g_intbuf, v_mp9[ix - LOW_RADIX]) != 0) {
-      reason("error: radix %d, computed %s, expected %s\n",
-	     ix, g_intbuf, v_mp9[ix - LOW_RADIX]);
-      mp_clear(&a);
-      return 1;
-    }
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_raw(void)
-{
-  int    len, out = 0;
-  mp_int a;
-  char   *buf;
-
-  mp_init(&a); mp_read_radix(&a, mp4, 16);
-
-  len = mp_raw_size(&a);
-  if(len != sizeof(b_mp4)) {
-    reason("error: test_raw: expected length %d, computed %d\n", sizeof(b_mp4),
-	   len);
-    mp_clear(&a);
-    return 1;
-  }
-
-  buf = calloc(len, sizeof(char));
-  mp_toraw(&a, buf);
-
-  if(memcmp(buf, b_mp4, sizeof(b_mp4)) != 0) {
-    reason("error: test_raw: binary output does not match test vector\n");
-    out = 1;
-  }
-
-  free(buf);
-  mp_clear(&a);
-
-  return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_pprime(void)
-{
-  mp_int   p;
-  int      err = 0;
-  mp_err   res;
-
-  mp_init(&p);
-  mp_read_radix(&p, mp7, 16);
-
-  if(mpp_pprime(&p, 5) != MP_YES) {
-    reason("error: %s failed Rabin-Miller test, but is prime\n", mp7);
-    err = 1;
-  }
-
-  IFOK( mp_set_int(&p, 9) );
-  res = mpp_pprime(&p, 50);
-  if (res == MP_YES) {
-    reason("error: 9 is composite but passed Rabin-Miller test\n");
-    err = 1;
-  } else if (res != MP_NO) {
-    reason("test mpp_pprime(9, 50) failed: error %d\n", res); 
-    err = 1;
-  }
-
-  IFOK( mp_set_int(&p, 15) );
-  res = mpp_pprime(&p, 50);
-  if (res == MP_YES) {
-    reason("error: 15 is composite but passed Rabin-Miller test\n");
-    err = 1;
-  } else if (res != MP_NO) {
-    reason("test mpp_pprime(15, 50) failed: error %d\n", res); 
-    err = 1;
-  }
-
-  mp_clear(&p);
-
-  return err;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_fermat(void)
-{
-  mp_int p;
-  mp_err res;
-  int    err = 0;
-
-  mp_init(&p);
-  mp_read_radix(&p, mp7, 16);
-  
-  if((res = mpp_fermat(&p, 2)) != MP_YES) {
-    reason("error: %s failed Fermat test on 2: %s\n", mp7, 
-	   mp_strerror(res));
-    ++err;
-  }
-
-  if((res = mpp_fermat(&p, 3)) != MP_YES) {
-    reason("error: %s failed Fermat test on 3: %s\n", mp7, 
-	   mp_strerror(res));
-    ++err;
-  }
-
-  mp_clear(&p);
-
-  return err;
-
-}
-
-/*------------------------------------------------------------------------*/
-/* Like fprintf(), but only if we are behaving in a verbose manner        */
-
-void reason(char *fmt, ...)
-{
-  va_list    ap;
-
-  if(!g_verbose)
-    return;
-
-  va_start(ap, fmt);
-  vfprintf(stderr, fmt, ap);
-  va_end(ap);
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c
deleted file mode 100644
index 83bd86764..000000000
--- a/security/nss/lib/freebl/mpi/mpi.c
+++ /dev/null
@@ -1,4795 +0,0 @@
-/*
- *  mpi.c
- *
- *  Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation 
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include "mpi-priv.h"
-#if defined(OSF1)
-#include <c_asm.h>
-#endif
-
-#if MP_LOGTAB
-/*
-  A table of the logs of 2 for various bases (the 0 and 1 entries of
-  this table are meaningless and should not be referenced).  
-
-  This table is used to compute output lengths for the mp_toradix()
-  function.  Since a number n in radix r takes up about log_r(n)
-  digits, we estimate the output size by taking the least integer
-  greater than log_r(n), where:
-
-  log_r(n) = log_2(n) * log_r(2)
-
-  This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
-  which are the output bases supported.  
- */
-#include "logtab.h"
-#endif
-
-/* {{{ Constant strings */
-
-/* Constant strings returned by mp_strerror() */
-static const char *mp_err_string[] = {
-  "unknown result code",     /* say what?            */
-  "boolean true",            /* MP_OKAY, MP_YES      */
-  "boolean false",           /* MP_NO                */
-  "out of memory",           /* MP_MEM               */
-  "argument out of range",   /* MP_RANGE             */
-  "invalid input parameter", /* MP_BADARG            */
-  "result is undefined"      /* MP_UNDEF             */
-};
-
-/* Value to digit maps for radix conversion   */
-
-/* s_dmap_1 - standard digits and letters */
-static const char *s_dmap_1 = 
-  "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
-
-/* }}} */
-
-unsigned long mp_allocs;
-unsigned long mp_frees;
-unsigned long mp_copies;
-
-/* {{{ Default precision manipulation */
-
-/* Default precision for newly created mp_int's      */
-static mp_size s_mp_defprec = MP_DEFPREC;
-
-mp_size mp_get_prec(void)
-{
-  return s_mp_defprec;
-
-} /* end mp_get_prec() */
-
-void         mp_set_prec(mp_size prec)
-{
-  if(prec == 0)
-    s_mp_defprec = MP_DEFPREC;
-  else
-    s_mp_defprec = prec;
-
-} /* end mp_set_prec() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ mp_init(mp) */
-
-/*
-  mp_init(mp)
-
-  Initialize a new zero-valued mp_int.  Returns MP_OKAY if successful,
-  MP_MEM if memory could not be allocated for the structure.
- */
-
-mp_err mp_init(mp_int *mp)
-{
-  return mp_init_size(mp, s_mp_defprec);
-
-} /* end mp_init() */
-
-/* }}} */
-
-/* {{{ mp_init_size(mp, prec) */
-
-/*
-  mp_init_size(mp, prec)
-
-  Initialize a new zero-valued mp_int with at least the given
-  precision; returns MP_OKAY if successful, or MP_MEM if memory could
-  not be allocated for the structure.
- */
-
-mp_err mp_init_size(mp_int *mp, mp_size prec)
-{
-  ARGCHK(mp != NULL && prec > 0, MP_BADARG);
-
-  prec = MP_ROUNDUP(prec, s_mp_defprec);
-  if((DIGITS(mp) = s_mp_alloc(prec, sizeof(mp_digit))) == NULL)
-    return MP_MEM;
-
-  SIGN(mp) = ZPOS;
-  USED(mp) = 1;
-  ALLOC(mp) = prec;
-
-  return MP_OKAY;
-
-} /* end mp_init_size() */
-
-/* }}} */
-
-/* {{{ mp_init_copy(mp, from) */
-
-/*
-  mp_init_copy(mp, from)
-
-  Initialize mp as an exact copy of from.  Returns MP_OKAY if
-  successful, MP_MEM if memory could not be allocated for the new
-  structure.
- */
-
-mp_err mp_init_copy(mp_int *mp, const mp_int *from)
-{
-  ARGCHK(mp != NULL && from != NULL, MP_BADARG);
-
-  if(mp == from)
-    return MP_OKAY;
-
-  if((DIGITS(mp) = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
-    return MP_MEM;
-
-  s_mp_copy(DIGITS(from), DIGITS(mp), USED(from));
-  USED(mp) = USED(from);
-  ALLOC(mp) = ALLOC(from);
-  SIGN(mp) = SIGN(from);
-
-  return MP_OKAY;
-
-} /* end mp_init_copy() */
-
-/* }}} */
-
-/* {{{ mp_copy(from, to) */
-
-/*
-  mp_copy(from, to)
-
-  Copies the mp_int 'from' to the mp_int 'to'.  It is presumed that
-  'to' has already been initialized (if not, use mp_init_copy()
-  instead). If 'from' and 'to' are identical, nothing happens.
- */
-
-mp_err mp_copy(const mp_int *from, mp_int *to)
-{
-  ARGCHK(from != NULL && to != NULL, MP_BADARG);
-
-  if(from == to)
-    return MP_OKAY;
-
-  ++mp_copies;
-  { /* copy */
-    mp_digit   *tmp;
-
-    /*
-      If the allocated buffer in 'to' already has enough space to hold
-      all the used digits of 'from', we'll re-use it to avoid hitting
-      the memory allocater more than necessary; otherwise, we'd have
-      to grow anyway, so we just allocate a hunk and make the copy as
-      usual
-     */
-    if(ALLOC(to) >= USED(from)) {
-      s_mp_setz(DIGITS(to) + USED(from), ALLOC(to) - USED(from));
-      s_mp_copy(DIGITS(from), DIGITS(to), USED(from));
-      
-    } else {
-      if((tmp = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
-	return MP_MEM;
-
-      s_mp_copy(DIGITS(from), tmp, USED(from));
-
-      if(DIGITS(to) != NULL) {
-#if MP_CRYPTO
-	s_mp_setz(DIGITS(to), ALLOC(to));
-#endif
-	s_mp_free(DIGITS(to));
-      }
-
-      DIGITS(to) = tmp;
-      ALLOC(to) = ALLOC(from);
-    }
-
-    /* Copy the precision and sign from the original */
-    USED(to) = USED(from);
-    SIGN(to) = SIGN(from);
-  } /* end copy */
-
-  return MP_OKAY;
-
-} /* end mp_copy() */
-
-/* }}} */
-
-/* {{{ mp_exch(mp1, mp2) */
-
-/*
-  mp_exch(mp1, mp2)
-
-  Exchange mp1 and mp2 without allocating any intermediate memory
-  (well, unless you count the stack space needed for this call and the
-  locals it creates...).  This cannot fail.
- */
-
-void mp_exch(mp_int *mp1, mp_int *mp2)
-{
-#if MP_ARGCHK == 2
-  assert(mp1 != NULL && mp2 != NULL);
-#else
-  if(mp1 == NULL || mp2 == NULL)
-    return;
-#endif
-
-  s_mp_exch(mp1, mp2);
-
-} /* end mp_exch() */
-
-/* }}} */
-
-/* {{{ mp_clear(mp) */
-
-/*
-  mp_clear(mp)
-
-  Release the storage used by an mp_int, and void its fields so that
-  if someone calls mp_clear() again for the same int later, we won't
-  get tollchocked.
- */
-
-void   mp_clear(mp_int *mp)
-{
-  if(mp == NULL)
-    return;
-
-  if(DIGITS(mp) != NULL) {
-#if MP_CRYPTO
-    s_mp_setz(DIGITS(mp), ALLOC(mp));
-#endif
-    s_mp_free(DIGITS(mp));
-    DIGITS(mp) = NULL;
-  }
-
-  USED(mp) = 0;
-  ALLOC(mp) = 0;
-
-} /* end mp_clear() */
-
-/* }}} */
-
-/* {{{ mp_zero(mp) */
-
-/*
-  mp_zero(mp) 
-
-  Set mp to zero.  Does not change the allocated size of the structure,
-  and therefore cannot fail (except on a bad argument, which we ignore)
- */
-void   mp_zero(mp_int *mp)
-{
-  if(mp == NULL)
-    return;
-
-  s_mp_setz(DIGITS(mp), ALLOC(mp));
-  USED(mp) = 1;
-  SIGN(mp) = ZPOS;
-
-} /* end mp_zero() */
-
-/* }}} */
-
-/* {{{ mp_set(mp, d) */
-
-void   mp_set(mp_int *mp, mp_digit d)
-{
-  if(mp == NULL)
-    return;
-
-  mp_zero(mp);
-  DIGIT(mp, 0) = d;
-
-} /* end mp_set() */
-
-/* }}} */
-
-/* {{{ mp_set_int(mp, z) */
-
-mp_err mp_set_int(mp_int *mp, long z)
-{
-  int            ix;
-  unsigned long  v = labs(z);
-  mp_err         res;
-
-  ARGCHK(mp != NULL, MP_BADARG);
-
-  mp_zero(mp);
-  if(z == 0)
-    return MP_OKAY;  /* shortcut for zero */
-
-  if (sizeof v <= sizeof(mp_digit)) {
-    DIGIT(mp,0) = v;
-  } else {
-    for (ix = sizeof(long) - 1; ix >= 0; ix--) {
-      if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
-	return res;
-
-      res = s_mp_add_d(mp, (mp_digit)((v >> (ix * CHAR_BIT)) & UCHAR_MAX));
-      if (res != MP_OKAY)
-	return res;
-    }
-  }
-  if(z < 0)
-    SIGN(mp) = NEG;
-
-  return MP_OKAY;
-
-} /* end mp_set_int() */
-
-/* }}} */
-
-/* {{{ mp_set_ulong(mp, z) */
-
-mp_err mp_set_ulong(mp_int *mp, unsigned long z)
-{
-  int            ix;
-  mp_err         res;
-
-  ARGCHK(mp != NULL, MP_BADARG);
-
-  mp_zero(mp);
-  if(z == 0)
-    return MP_OKAY;  /* shortcut for zero */
-
-  if (sizeof z <= sizeof(mp_digit)) {
-    DIGIT(mp,0) = z;
-  } else {
-    for (ix = sizeof(long) - 1; ix >= 0; ix--) {
-      if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
-	return res;
-
-      res = s_mp_add_d(mp, (mp_digit)((z >> (ix * CHAR_BIT)) & UCHAR_MAX));
-      if (res != MP_OKAY)
-	return res;
-    }
-  }
-  return MP_OKAY;
-} /* end mp_set_ulong() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Digit arithmetic */
-
-/* {{{ mp_add_d(a, d, b) */
-
-/*
-  mp_add_d(a, d, b)
-
-  Compute the sum b = a + d, for a single digit d.  Respects the sign of
-  its primary addend (single digits are unsigned anyway).
- */
-
-mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b)
-{
-  mp_int   tmp;
-  mp_err   res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
-    return res;
-
-  if(SIGN(&tmp) == ZPOS) {
-    if((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
-      goto CLEANUP;
-  } else if(s_mp_cmp_d(&tmp, d) >= 0) {
-    if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
-      goto CLEANUP;
-  } else {
-    mp_neg(&tmp, &tmp);
-
-    DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
-  }
-
-  if(s_mp_cmp_d(&tmp, 0) == 0)
-    SIGN(&tmp) = ZPOS;
-
-  s_mp_exch(&tmp, b);
-
-CLEANUP:
-  mp_clear(&tmp);
-  return res;
-
-} /* end mp_add_d() */
-
-/* }}} */
-
-/* {{{ mp_sub_d(a, d, b) */
-
-/*
-  mp_sub_d(a, d, b)
-
-  Compute the difference b = a - d, for a single digit d.  Respects the
-  sign of its subtrahend (single digits are unsigned anyway).
- */
-
-mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b)
-{
-  mp_int   tmp;
-  mp_err   res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
-    return res;
-
-  if(SIGN(&tmp) == NEG) {
-    if((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
-      goto CLEANUP;
-  } else if(s_mp_cmp_d(&tmp, d) >= 0) {
-    if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
-      goto CLEANUP;
-  } else {
-    mp_neg(&tmp, &tmp);
-
-    DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
-    SIGN(&tmp) = NEG;
-  }
-
-  if(s_mp_cmp_d(&tmp, 0) == 0)
-    SIGN(&tmp) = ZPOS;
-
-  s_mp_exch(&tmp, b);
-
-CLEANUP:
-  mp_clear(&tmp);
-  return res;
-
-} /* end mp_sub_d() */
-
-/* }}} */
-
-/* {{{ mp_mul_d(a, d, b) */
-
-/*
-  mp_mul_d(a, d, b)
-
-  Compute the product b = a * d, for a single digit d.  Respects the sign
-  of its multiplicand (single digits are unsigned anyway)
- */
-
-mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if(d == 0) {
-    mp_zero(b);
-    return MP_OKAY;
-  }
-
-  if((res = mp_copy(a, b)) != MP_OKAY)
-    return res;
-
-  res = s_mp_mul_d(b, d);
-
-  return res;
-
-} /* end mp_mul_d() */
-
-/* }}} */
-
-/* {{{ mp_mul_2(a, c) */
-
-mp_err mp_mul_2(const mp_int *a, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, c)) != MP_OKAY)
-    return res;
-
-  return s_mp_mul_2(c);
-
-} /* end mp_mul_2() */
-
-/* }}} */
-
-/* {{{ mp_div_d(a, d, q, r) */
-
-/*
-  mp_div_d(a, d, q, r)
-
-  Compute the quotient q = a / d and remainder r = a mod d, for a
-  single digit d.  Respects the sign of its divisor (single digits are
-  unsigned anyway).
- */
-
-mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r)
-{
-  mp_err   res;
-  mp_int   qp;
-  mp_digit rem;
-  int      pow;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  if(d == 0)
-    return MP_RANGE;
-
-  /* Shortcut for powers of two ... */
-  if((pow = s_mp_ispow2d(d)) >= 0) {
-    mp_digit  mask;
-
-    mask = ((mp_digit)1 << pow) - 1;
-    rem = DIGIT(a, 0) & mask;
-
-    if(q) {
-      mp_copy(a, q);
-      s_mp_div_2d(q, pow);
-    }
-
-    if(r)
-      *r = rem;
-
-    return MP_OKAY;
-  }
-
-  if((res = mp_init_copy(&qp, a)) != MP_OKAY)
-    return res;
-
-  res = s_mp_div_d(&qp, d, &rem);
-
-  if(s_mp_cmp_d(&qp, 0) == 0)
-    SIGN(q) = ZPOS;
-
-  if(r)
-    *r = rem;
-
-  if(q)
-    s_mp_exch(&qp, q);
-
-  mp_clear(&qp);
-  return res;
-
-} /* end mp_div_d() */
-
-/* }}} */
-
-/* {{{ mp_div_2(a, c) */
-
-/*
-  mp_div_2(a, c)
-
-  Compute c = a / 2, disregarding the remainder.
- */
-
-mp_err mp_div_2(const mp_int *a, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, c)) != MP_OKAY)
-    return res;
-
-  s_mp_div_2(c);
-
-  return MP_OKAY;
-
-} /* end mp_div_2() */
-
-/* }}} */
-
-/* {{{ mp_expt_d(a, d, b) */
-
-mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c)
-{
-  mp_int   s, x;
-  mp_err   res;
-
-  ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_init(&s)) != MP_OKAY)
-    return res;
-  if((res = mp_init_copy(&x, a)) != MP_OKAY)
-    goto X;
-
-  DIGIT(&s, 0) = 1;
-
-  while(d != 0) {
-    if(d & 1) {
-      if((res = s_mp_mul(&s, &x)) != MP_OKAY)
-	goto CLEANUP;
-    }
-
-    d /= 2;
-
-    if((res = s_mp_sqr(&x)) != MP_OKAY)
-      goto CLEANUP;
-  }
-
-  s_mp_exch(&s, c);
-
-CLEANUP:
-  mp_clear(&x);
-X:
-  mp_clear(&s);
-
-  return res;
-
-} /* end mp_expt_d() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Full arithmetic */
-
-/* {{{ mp_abs(a, b) */
-
-/*
-  mp_abs(a, b)
-
-  Compute b = |a|.  'a' and 'b' may be identical.
- */
-
-mp_err mp_abs(const mp_int *a, mp_int *b)
-{
-  mp_err   res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, b)) != MP_OKAY)
-    return res;
-
-  SIGN(b) = ZPOS;
-
-  return MP_OKAY;
-
-} /* end mp_abs() */
-
-/* }}} */
-
-/* {{{ mp_neg(a, b) */
-
-/*
-  mp_neg(a, b)
-
-  Compute b = -a.  'a' and 'b' may be identical.
- */
-
-mp_err mp_neg(const mp_int *a, mp_int *b)
-{
-  mp_err   res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, b)) != MP_OKAY)
-    return res;
-
-  if(s_mp_cmp_d(b, 0) == MP_EQ) 
-    SIGN(b) = ZPOS;
-  else 
-    SIGN(b) = (SIGN(b) == NEG) ? ZPOS : NEG;
-
-  return MP_OKAY;
-
-} /* end mp_neg() */
-
-/* }}} */
-
-/* {{{ mp_add(a, b, c) */
-
-/*
-  mp_add(a, b, c)
-
-  Compute c = a + b.  All parameters may be identical.
- */
-
-mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(SIGN(a) == SIGN(b)) { /* same sign:  add values, keep sign */
-    MP_CHECKOK( s_mp_add_3arg(a, b, c) );
-  } else if(s_mp_cmp(a, b) >= 0) {  /* different sign: |a| >= |b|   */
-    MP_CHECKOK( s_mp_sub_3arg(a, b, c) );
-  } else {                          /* different sign: |a|  < |b|   */
-    MP_CHECKOK( s_mp_sub_3arg(b, a, c) );
-  }
-
-  if (s_mp_cmp_d(c, 0) == MP_EQ)
-    SIGN(c) = ZPOS;
-
-CLEANUP:
-  return res;
-
-} /* end mp_add() */
-
-/* }}} */
-
-/* {{{ mp_sub(a, b, c) */
-
-/*
-  mp_sub(a, b, c)
-
-  Compute c = a - b.  All parameters may be identical.
- */
-
-mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c)
-{
-  mp_err  res;
-  int     magDiff;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if (a == b) {
-    mp_zero(c);
-    return MP_OKAY;
-  }
-
-  if (MP_SIGN(a) != MP_SIGN(b)) {
-    MP_CHECKOK( s_mp_add_3arg(a, b, c) );
-  } else if (!(magDiff = s_mp_cmp(a, b))) {
-    mp_zero(c);
-    res = MP_OKAY;
-  } else if (magDiff > 0) {
-    MP_CHECKOK( s_mp_sub_3arg(a, b, c) );
-  } else {
-    MP_CHECKOK( s_mp_sub_3arg(b, a, c) );
-    MP_SIGN(c) = !MP_SIGN(a);
-  }
-
-  if (s_mp_cmp_d(c, 0) == MP_EQ)
-    MP_SIGN(c) = MP_ZPOS;
-
-CLEANUP:
-  return res;
-
-} /* end mp_sub() */
-
-/* }}} */
-
-/* {{{ mp_mul(a, b, c) */
-
-/*
-  mp_mul(a, b, c)
-
-  Compute c = a * b.  All parameters may be identical.
- */
-mp_err   mp_mul(const mp_int *a, const mp_int *b, mp_int * c)
-{
-  mp_digit *pb;
-  mp_int   tmp;
-  mp_err   res;
-  mp_size  ib;
-  mp_size  useda, usedb;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if (a == c) {
-    if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
-      return res;
-    if (a == b) 
-      b = &tmp;
-    a = &tmp;
-  } else if (b == c) {
-    if ((res = mp_init_copy(&tmp, b)) != MP_OKAY)
-      return res;
-    b = &tmp;
-  } else {
-    MP_DIGITS(&tmp) = 0;
-  }
-
-  if (MP_USED(a) < MP_USED(b)) {
-    const mp_int *xch = b;	/* switch a and b, to do fewer outer loops */
-    b = a;
-    a = xch;
-  }
-
-  MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
-  if((res = s_mp_pad(c, USED(a) + USED(b))) != MP_OKAY)
-    goto CLEANUP;
-
-  pb = MP_DIGITS(b);
-  s_mpv_mul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c));
-
-  /* Outer loop:  Digits of b */
-  useda = MP_USED(a);
-  usedb = MP_USED(b);
-  for (ib = 1; ib < usedb; ib++) {
-    mp_digit b_i    = *pb++;
-
-    /* Inner product:  Digits of a */
-    if (b_i)
-      s_mpv_mul_d_add(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
-    else
-      MP_DIGIT(c, ib + useda) = b_i;
-  }
-
-  s_mp_clamp(c);
-
-  if(SIGN(a) == SIGN(b) || s_mp_cmp_d(c, 0) == MP_EQ)
-    SIGN(c) = ZPOS;
-  else
-    SIGN(c) = NEG;
-
-CLEANUP:
-  mp_clear(&tmp);
-  return res;
-} /* end mp_mul() */
-
-/* }}} */
-
-/* {{{ mp_sqr(a, sqr) */
-
-#if MP_SQUARE
-/*
-  Computes the square of a.  This can be done more
-  efficiently than a general multiplication, because many of the
-  computation steps are redundant when squaring.  The inner product
-  step is a bit more complicated, but we save a fair number of
-  iterations of the multiplication loop.
- */
-
-/* sqr = a^2;   Caller provides both a and tmp; */
-mp_err   mp_sqr(const mp_int *a, mp_int *sqr)
-{
-  mp_digit *pa;
-  mp_digit d;
-  mp_err   res;
-  mp_size  ix;
-  mp_int   tmp;
-  int      count;
-
-  ARGCHK(a != NULL && sqr != NULL, MP_BADARG);
-
-  if (a == sqr) {
-    if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
-      return res;
-    a = &tmp;
-  } else {
-    DIGITS(&tmp) = 0;
-    res = MP_OKAY;
-  }
-
-  ix = 2 * MP_USED(a);
-  if (ix > MP_ALLOC(sqr)) {
-    MP_USED(sqr) = 1; 
-    MP_CHECKOK( s_mp_grow(sqr, ix) );
-  } 
-  MP_USED(sqr) = ix;
-  MP_DIGIT(sqr, 0) = 0;
-
-  pa = MP_DIGITS(a);
-  count = MP_USED(a) - 1;
-  if (count > 0) {
-    d = *pa++;
-    s_mpv_mul_d(pa, count, d, MP_DIGITS(sqr) + 1);
-    for (ix = 3; --count > 0; ix += 2) {
-      d = *pa++;
-      s_mpv_mul_d_add(pa, count, d, MP_DIGITS(sqr) + ix);
-    } /* for(ix ...) */
-    MP_DIGIT(sqr, MP_USED(sqr)-1) = 0; /* above loop stopped short of this. */
-
-    /* now sqr *= 2 */
-    s_mp_mul_2(sqr);
-  } else {
-    MP_DIGIT(sqr, 1) = 0;
-  }
-
-  /* now add the squares of the digits of a to sqr. */
-  s_mpv_sqr_add_prop(MP_DIGITS(a), MP_USED(a), MP_DIGITS(sqr));
-
-  SIGN(sqr) = ZPOS;
-  s_mp_clamp(sqr);
-
-CLEANUP:
-  mp_clear(&tmp);
-  return res;
-
-} /* end mp_sqr() */
-#endif
-
-/* }}} */
-
-/* {{{ mp_div(a, b, q, r) */
-
-/*
-  mp_div(a, b, q, r)
-
-  Compute q = a / b and r = a mod b.  Input parameters may be re-used
-  as output parameters.  If q or r is NULL, that portion of the
-  computation will be discarded (although it will still be computed)
- */
-mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r)
-{
-  mp_err   res;
-  mp_int   *pQ, *pR;
-  mp_int   qtmp, rtmp, btmp;
-  int      cmp;
-  mp_sign  signA = MP_SIGN(a);
-  mp_sign  signB = MP_SIGN(b);
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if(mp_cmp_z(b) == MP_EQ)
-    return MP_RANGE;
-
-  DIGITS(&qtmp) = 0;
-  DIGITS(&rtmp) = 0;
-  DIGITS(&btmp) = 0;
-
-  /* Set up some temporaries... */
-  if (!r || r == a || r == b) {
-    MP_CHECKOK( mp_init_copy(&rtmp, a) );
-    pR = &rtmp;
-  } else {
-    MP_CHECKOK( mp_copy(a, r) );
-    pR = r;
-  }
-
-  if (!q || q == a || q == b) {
-    MP_CHECKOK( mp_init_size(&qtmp, MP_USED(a)) );
-    pQ = &qtmp;
-  } else {
-    MP_CHECKOK( s_mp_pad(q, MP_USED(a)) );
-    pQ = q;
-    mp_zero(pQ);
-  }
-
-  /*
-    If |a| <= |b|, we can compute the solution without division;
-    otherwise, we actually do the work required.
-   */
-  if ((cmp = s_mp_cmp(a, b)) <= 0) {
-    if (cmp) {
-      /* r was set to a above. */
-      mp_zero(pQ);
-    } else {
-      mp_set(pQ, 1);
-      mp_zero(pR);
-    }
-  } else {
-    MP_CHECKOK( mp_init_copy(&btmp, b) );
-    MP_CHECKOK( s_mp_div(pR, &btmp, pQ) );
-  }
-
-  /* Compute the signs for the output  */
-  MP_SIGN(pR) = signA;   /* Sr = Sa              */
-  /* Sq = ZPOS if Sa == Sb */ /* Sq = NEG if Sa != Sb */
-  MP_SIGN(pQ) = (signA == signB) ? ZPOS : NEG;
-
-  if(s_mp_cmp_d(pQ, 0) == MP_EQ)
-    SIGN(pQ) = ZPOS;
-  if(s_mp_cmp_d(pR, 0) == MP_EQ)
-    SIGN(pR) = ZPOS;
-
-  /* Copy output, if it is needed      */
-  if(q && q != pQ) 
-    s_mp_exch(pQ, q);
-
-  if(r && r != pR) 
-    s_mp_exch(pR, r);
-
-CLEANUP:
-  mp_clear(&btmp);
-  mp_clear(&rtmp);
-  mp_clear(&qtmp);
-
-  return res;
-
-} /* end mp_div() */
-
-/* }}} */
-
-/* {{{ mp_div_2d(a, d, q, r) */
-
-mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  if(q) {
-    if((res = mp_copy(a, q)) != MP_OKAY)
-      return res;
-  }
-  if(r) {
-    if((res = mp_copy(a, r)) != MP_OKAY)
-      return res;
-  }
-  if(q) {
-    s_mp_div_2d(q, d);
-  }
-  if(r) {
-    s_mp_mod_2d(r, d);
-  }
-
-  return MP_OKAY;
-
-} /* end mp_div_2d() */
-
-/* }}} */
-
-/* {{{ mp_expt(a, b, c) */
-
-/*
-  mp_expt(a, b, c)
-
-  Compute c = a ** b, that is, raise a to the b power.  Uses a
-  standard iterative square-and-multiply technique.
- */
-
-mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c)
-{
-  mp_int   s, x;
-  mp_err   res;
-  mp_digit d;
-  int      dig, bit;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(mp_cmp_z(b) < 0)
-    return MP_RANGE;
-
-  if((res = mp_init(&s)) != MP_OKAY)
-    return res;
-
-  mp_set(&s, 1);
-
-  if((res = mp_init_copy(&x, a)) != MP_OKAY)
-    goto X;
-
-  /* Loop over low-order digits in ascending order */
-  for(dig = 0; dig < (USED(b) - 1); dig++) {
-    d = DIGIT(b, dig);
-
-    /* Loop over bits of each non-maximal digit */
-    for(bit = 0; bit < DIGIT_BIT; bit++) {
-      if(d & 1) {
-	if((res = s_mp_mul(&s, &x)) != MP_OKAY) 
-	  goto CLEANUP;
-      }
-
-      d >>= 1;
-      
-      if((res = s_mp_sqr(&x)) != MP_OKAY)
-	goto CLEANUP;
-    }
-  }
-
-  /* Consider now the last digit... */
-  d = DIGIT(b, dig);
-
-  while(d) {
-    if(d & 1) {
-      if((res = s_mp_mul(&s, &x)) != MP_OKAY)
-	goto CLEANUP;
-    }
-
-    d >>= 1;
-
-    if((res = s_mp_sqr(&x)) != MP_OKAY)
-      goto CLEANUP;
-  }
-  
-  if(mp_iseven(b))
-    SIGN(&s) = SIGN(a);
-
-  res = mp_copy(&s, c);
-
-CLEANUP:
-  mp_clear(&x);
-X:
-  mp_clear(&s);
-
-  return res;
-
-} /* end mp_expt() */
-
-/* }}} */
-
-/* {{{ mp_2expt(a, k) */
-
-/* Compute a = 2^k */
-
-mp_err mp_2expt(mp_int *a, mp_digit k)
-{
-  ARGCHK(a != NULL, MP_BADARG);
-
-  return s_mp_2expt(a, k);
-
-} /* end mp_2expt() */
-
-/* }}} */
-
-/* {{{ mp_mod(a, m, c) */
-
-/*
-  mp_mod(a, m, c)
-
-  Compute c = a (mod m).  Result will always be 0 <= c < m.
- */
-
-mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c)
-{
-  mp_err  res;
-  int     mag;
-
-  ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
-
-  if(SIGN(m) == NEG)
-    return MP_RANGE;
-
-  /*
-     If |a| > m, we need to divide to get the remainder and take the
-     absolute value.  
-
-     If |a| < m, we don't need to do any division, just copy and adjust
-     the sign (if a is negative).
-
-     If |a| == m, we can simply set the result to zero.
-
-     This order is intended to minimize the average path length of the
-     comparison chain on common workloads -- the most frequent cases are
-     that |a| != m, so we do those first.
-   */
-  if((mag = s_mp_cmp(a, m)) > 0) {
-    if((res = mp_div(a, m, NULL, c)) != MP_OKAY)
-      return res;
-    
-    if(SIGN(c) == NEG) {
-      if((res = mp_add(c, m, c)) != MP_OKAY)
-	return res;
-    }
-
-  } else if(mag < 0) {
-    if((res = mp_copy(a, c)) != MP_OKAY)
-      return res;
-
-    if(mp_cmp_z(a) < 0) {
-      if((res = mp_add(c, m, c)) != MP_OKAY)
-	return res;
-
-    }
-    
-  } else {
-    mp_zero(c);
-
-  }
-
-  return MP_OKAY;
-
-} /* end mp_mod() */
-
-/* }}} */
-
-/* {{{ mp_mod_d(a, d, c) */
-
-/*
-  mp_mod_d(a, d, c)
-
-  Compute c = a (mod d).  Result will always be 0 <= c < d
- */
-mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c)
-{
-  mp_err   res;
-  mp_digit rem;
-
-  ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
-  if(s_mp_cmp_d(a, d) > 0) {
-    if((res = mp_div_d(a, d, NULL, &rem)) != MP_OKAY)
-      return res;
-
-  } else {
-    if(SIGN(a) == NEG)
-      rem = d - DIGIT(a, 0);
-    else
-      rem = DIGIT(a, 0);
-  }
-
-  if(c)
-    *c = rem;
-
-  return MP_OKAY;
-
-} /* end mp_mod_d() */
-
-/* }}} */
-
-/* {{{ mp_sqrt(a, b) */
-
-/*
-  mp_sqrt(a, b)
-
-  Compute the integer square root of a, and store the result in b.
-  Uses an integer-arithmetic version of Newton's iterative linear
-  approximation technique to determine this value; the result has the
-  following two properties:
-
-     b^2 <= a
-     (b+1)^2 >= a
-
-  It is a range error to pass a negative value.
- */
-mp_err mp_sqrt(const mp_int *a, mp_int *b)
-{
-  mp_int   x, t;
-  mp_err   res;
-  mp_size  used;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  /* Cannot take square root of a negative value */
-  if(SIGN(a) == NEG)
-    return MP_RANGE;
-
-  /* Special cases for zero and one, trivial     */
-  if(mp_cmp_d(a, 1) <= 0)
-    return mp_copy(a, b);
-    
-  /* Initialize the temporaries we'll use below  */
-  if((res = mp_init_size(&t, USED(a))) != MP_OKAY)
-    return res;
-
-  /* Compute an initial guess for the iteration as a itself */
-  if((res = mp_init_copy(&x, a)) != MP_OKAY)
-    goto X;
-
-  used = MP_USED(&x);
-  if (used > 1) {
-    s_mp_rshd(&x, used / 2);
-  }
-
-  for(;;) {
-    /* t = (x * x) - a */
-    mp_copy(&x, &t);      /* can't fail, t is big enough for original x */
-    if((res = mp_sqr(&t, &t)) != MP_OKAY ||
-       (res = mp_sub(&t, a, &t)) != MP_OKAY)
-      goto CLEANUP;
-
-    /* t = t / 2x       */
-    s_mp_mul_2(&x);
-    if((res = mp_div(&t, &x, &t, NULL)) != MP_OKAY)
-      goto CLEANUP;
-    s_mp_div_2(&x);
-
-    /* Terminate the loop, if the quotient is zero */
-    if(mp_cmp_z(&t) == MP_EQ)
-      break;
-
-    /* x = x - t       */
-    if((res = mp_sub(&x, &t, &x)) != MP_OKAY)
-      goto CLEANUP;
-
-  }
-
-  /* Copy result to output parameter */
-  mp_sub_d(&x, 1, &x);
-  s_mp_exch(&x, b);
-
- CLEANUP:
-  mp_clear(&x);
- X:
-  mp_clear(&t); 
-
-  return res;
-
-} /* end mp_sqrt() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Modular arithmetic */
-
-#if MP_MODARITH
-/* {{{ mp_addmod(a, b, m, c) */
-
-/*
-  mp_addmod(a, b, m, c)
-
-  Compute c = (a + b) mod m
- */
-
-mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_add(a, b, c)) != MP_OKAY)
-    return res;
-  if((res = mp_mod(c, m, c)) != MP_OKAY)
-    return res;
-
-  return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_submod(a, b, m, c) */
-
-/*
-  mp_submod(a, b, m, c)
-
-  Compute c = (a - b) mod m
- */
-
-mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_sub(a, b, c)) != MP_OKAY)
-    return res;
-  if((res = mp_mod(c, m, c)) != MP_OKAY)
-    return res;
-
-  return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_mulmod(a, b, m, c) */
-
-/*
-  mp_mulmod(a, b, m, c)
-
-  Compute c = (a * b) mod m
- */
-
-mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_mul(a, b, c)) != MP_OKAY)
-    return res;
-  if((res = mp_mod(c, m, c)) != MP_OKAY)
-    return res;
-
-  return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_sqrmod(a, m, c) */
-
-#if MP_SQUARE
-mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c)
-{
-  mp_err  res;
-
-  ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_sqr(a, c)) != MP_OKAY)
-    return res;
-  if((res = mp_mod(c, m, c)) != MP_OKAY)
-    return res;
-
-  return MP_OKAY;
-
-} /* end mp_sqrmod() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_exptmod(a, b, m, c) */
-
-/*
-  s_mp_exptmod(a, b, m, c)
-
-  Compute c = (a ** b) mod m.  Uses a standard square-and-multiply
-  method with modular reductions at each step. (This is basically the
-  same code as mp_expt(), except for the addition of the reductions)
-  
-  The modular reductions are done using Barrett's algorithm (see
-  s_mp_reduce() below for details)
- */
-
-mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
-  mp_int   s, x, mu;
-  mp_err   res;
-  mp_digit d;
-  int      dig, bit;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(mp_cmp_z(b) < 0 || mp_cmp_z(m) <= 0)
-    return MP_RANGE;
-
-  if((res = mp_init(&s)) != MP_OKAY)
-    return res;
-  if((res = mp_init_copy(&x, a)) != MP_OKAY ||
-     (res = mp_mod(&x, m, &x)) != MP_OKAY)
-    goto X;
-  if((res = mp_init(&mu)) != MP_OKAY)
-    goto MU;
-
-  mp_set(&s, 1);
-
-  /* mu = b^2k / m */
-  s_mp_add_d(&mu, 1); 
-  s_mp_lshd(&mu, 2 * USED(m));
-  if((res = mp_div(&mu, m, &mu, NULL)) != MP_OKAY)
-    goto CLEANUP;
-
-  /* Loop over digits of b in ascending order, except highest order */
-  for(dig = 0; dig < (USED(b) - 1); dig++) {
-    d = DIGIT(b, dig);
-
-    /* Loop over the bits of the lower-order digits */
-    for(bit = 0; bit < DIGIT_BIT; bit++) {
-      if(d & 1) {
-	if((res = s_mp_mul(&s, &x)) != MP_OKAY)
-	  goto CLEANUP;
-	if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
-	  goto CLEANUP;
-      }
-
-      d >>= 1;
-
-      if((res = s_mp_sqr(&x)) != MP_OKAY)
-	goto CLEANUP;
-      if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
-	goto CLEANUP;
-    }
-  }
-
-  /* Now do the last digit... */
-  d = DIGIT(b, dig);
-
-  while(d) {
-    if(d & 1) {
-      if((res = s_mp_mul(&s, &x)) != MP_OKAY)
-	goto CLEANUP;
-      if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
-	goto CLEANUP;
-    }
-
-    d >>= 1;
-
-    if((res = s_mp_sqr(&x)) != MP_OKAY)
-      goto CLEANUP;
-    if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
-      goto CLEANUP;
-  }
-
-  s_mp_exch(&s, c);
-
- CLEANUP:
-  mp_clear(&mu);
- MU:
-  mp_clear(&x);
- X:
-  mp_clear(&s);
-
-  return res;
-
-} /* end s_mp_exptmod() */
-
-/* }}} */
-
-/* {{{ mp_exptmod_d(a, d, m, c) */
-
-mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c)
-{
-  mp_int   s, x;
-  mp_err   res;
-
-  ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
-  if((res = mp_init(&s)) != MP_OKAY)
-    return res;
-  if((res = mp_init_copy(&x, a)) != MP_OKAY)
-    goto X;
-
-  mp_set(&s, 1);
-
-  while(d != 0) {
-    if(d & 1) {
-      if((res = s_mp_mul(&s, &x)) != MP_OKAY ||
-	 (res = mp_mod(&s, m, &s)) != MP_OKAY)
-	goto CLEANUP;
-    }
-
-    d /= 2;
-
-    if((res = s_mp_sqr(&x)) != MP_OKAY ||
-       (res = mp_mod(&x, m, &x)) != MP_OKAY)
-      goto CLEANUP;
-  }
-
-  s_mp_exch(&s, c);
-
-CLEANUP:
-  mp_clear(&x);
-X:
-  mp_clear(&s);
-
-  return res;
-
-} /* end mp_exptmod_d() */
-
-/* }}} */
-#endif /* if MP_MODARITH */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Comparison functions */
-
-/* {{{ mp_cmp_z(a) */
-
-/*
-  mp_cmp_z(a)
-
-  Compare a <=> 0.  Returns <0 if a<0, 0 if a=0, >0 if a>0.
- */
-
-int    mp_cmp_z(const mp_int *a)
-{
-  if(SIGN(a) == NEG)
-    return MP_LT;
-  else if(USED(a) == 1 && DIGIT(a, 0) == 0)
-    return MP_EQ;
-  else
-    return MP_GT;
-
-} /* end mp_cmp_z() */
-
-/* }}} */
-
-/* {{{ mp_cmp_d(a, d) */
-
-/*
-  mp_cmp_d(a, d)
-
-  Compare a <=> d.  Returns <0 if a<d, 0 if a=d, >0 if a>d
- */
-
-int    mp_cmp_d(const mp_int *a, mp_digit d)
-{
-  ARGCHK(a != NULL, MP_EQ);
-
-  if(SIGN(a) == NEG)
-    return MP_LT;
-
-  return s_mp_cmp_d(a, d);
-
-} /* end mp_cmp_d() */
-
-/* }}} */
-
-/* {{{ mp_cmp(a, b) */
-
-int    mp_cmp(const mp_int *a, const mp_int *b)
-{
-  ARGCHK(a != NULL && b != NULL, MP_EQ);
-
-  if(SIGN(a) == SIGN(b)) {
-    int  mag;
-
-    if((mag = s_mp_cmp(a, b)) == MP_EQ)
-      return MP_EQ;
-
-    if(SIGN(a) == ZPOS)
-      return mag;
-    else
-      return -mag;
-
-  } else if(SIGN(a) == ZPOS) {
-    return MP_GT;
-  } else {
-    return MP_LT;
-  }
-
-} /* end mp_cmp() */
-
-/* }}} */
-
-/* {{{ mp_cmp_mag(a, b) */
-
-/*
-  mp_cmp_mag(a, b)
-
-  Compares |a| <=> |b|, and returns an appropriate comparison result
- */
-
-int    mp_cmp_mag(mp_int *a, mp_int *b)
-{
-  ARGCHK(a != NULL && b != NULL, MP_EQ);
-
-  return s_mp_cmp(a, b);
-
-} /* end mp_cmp_mag() */
-
-/* }}} */
-
-/* {{{ mp_cmp_int(a, z) */
-
-/*
-  This just converts z to an mp_int, and uses the existing comparison
-  routines.  This is sort of inefficient, but it's not clear to me how
-  frequently this wil get used anyway.  For small positive constants,
-  you can always use mp_cmp_d(), and for zero, there is mp_cmp_z().
- */
-int    mp_cmp_int(const mp_int *a, long z)
-{
-  mp_int  tmp;
-  int     out;
-
-  ARGCHK(a != NULL, MP_EQ);
-  
-  mp_init(&tmp); mp_set_int(&tmp, z);
-  out = mp_cmp(a, &tmp);
-  mp_clear(&tmp);
-
-  return out;
-
-} /* end mp_cmp_int() */
-
-/* }}} */
-
-/* {{{ mp_isodd(a) */
-
-/*
-  mp_isodd(a)
-
-  Returns a true (non-zero) value if a is odd, false (zero) otherwise.
- */
-int    mp_isodd(const mp_int *a)
-{
-  ARGCHK(a != NULL, 0);
-
-  return (int)(DIGIT(a, 0) & 1);
-
-} /* end mp_isodd() */
-
-/* }}} */
-
-/* {{{ mp_iseven(a) */
-
-int    mp_iseven(const mp_int *a)
-{
-  return !mp_isodd(a);
-
-} /* end mp_iseven() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Number theoretic functions */
-
-#if MP_NUMTH
-/* {{{ mp_gcd(a, b, c) */
-
-/*
-  Like the old mp_gcd() function, except computes the GCD using the
-  binary algorithm due to Josef Stein in 1961 (via Knuth).
- */
-mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c)
-{
-  mp_err   res;
-  mp_int   u, v, t;
-  mp_size  k = 0;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(mp_cmp_z(a) == MP_EQ && mp_cmp_z(b) == MP_EQ)
-      return MP_RANGE;
-  if(mp_cmp_z(a) == MP_EQ) {
-    return mp_copy(b, c);
-  } else if(mp_cmp_z(b) == MP_EQ) {
-    return mp_copy(a, c);
-  }
-
-  if((res = mp_init(&t)) != MP_OKAY)
-    return res;
-  if((res = mp_init_copy(&u, a)) != MP_OKAY)
-    goto U;
-  if((res = mp_init_copy(&v, b)) != MP_OKAY)
-    goto V;
-
-  SIGN(&u) = ZPOS;
-  SIGN(&v) = ZPOS;
-
-  /* Divide out common factors of 2 until at least 1 of a, b is even */
-  while(mp_iseven(&u) && mp_iseven(&v)) {
-    s_mp_div_2(&u);
-    s_mp_div_2(&v);
-    ++k;
-  }
-
-  /* Initialize t */
-  if(mp_isodd(&u)) {
-    if((res = mp_copy(&v, &t)) != MP_OKAY)
-      goto CLEANUP;
-    
-    /* t = -v */
-    if(SIGN(&v) == ZPOS)
-      SIGN(&t) = NEG;
-    else
-      SIGN(&t) = ZPOS;
-    
-  } else {
-    if((res = mp_copy(&u, &t)) != MP_OKAY)
-      goto CLEANUP;
-
-  }
-
-  for(;;) {
-    while(mp_iseven(&t)) {
-      s_mp_div_2(&t);
-    }
-
-    if(mp_cmp_z(&t) == MP_GT) {
-      if((res = mp_copy(&t, &u)) != MP_OKAY)
-	goto CLEANUP;
-
-    } else {
-      if((res = mp_copy(&t, &v)) != MP_OKAY)
-	goto CLEANUP;
-
-      /* v = -t */
-      if(SIGN(&t) == ZPOS)
-	SIGN(&v) = NEG;
-      else
-	SIGN(&v) = ZPOS;
-    }
-
-    if((res = mp_sub(&u, &v, &t)) != MP_OKAY)
-      goto CLEANUP;
-
-    if(s_mp_cmp_d(&t, 0) == MP_EQ)
-      break;
-  }
-
-  s_mp_2expt(&v, k);       /* v = 2^k   */
-  res = mp_mul(&u, &v, c); /* c = u * v */
-
- CLEANUP:
-  mp_clear(&v);
- V:
-  mp_clear(&u);
- U:
-  mp_clear(&t);
-
-  return res;
-
-} /* end mp_gcd() */
-
-/* }}} */
-
-/* {{{ mp_lcm(a, b, c) */
-
-/* We compute the least common multiple using the rule:
-
-   ab = [a, b](a, b)
-
-   ... by computing the product, and dividing out the gcd.
- */
-
-mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c)
-{
-  mp_int  gcd, prod;
-  mp_err  res;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  /* Set up temporaries */
-  if((res = mp_init(&gcd)) != MP_OKAY)
-    return res;
-  if((res = mp_init(&prod)) != MP_OKAY)
-    goto GCD;
-
-  if((res = mp_mul(a, b, &prod)) != MP_OKAY)
-    goto CLEANUP;
-  if((res = mp_gcd(a, b, &gcd)) != MP_OKAY)
-    goto CLEANUP;
-
-  res = mp_div(&prod, &gcd, c, NULL);
-
- CLEANUP:
-  mp_clear(&prod);
- GCD:
-  mp_clear(&gcd);
-
-  return res;
-
-} /* end mp_lcm() */
-
-/* }}} */
-
-/* {{{ mp_xgcd(a, b, g, x, y) */
-
-/*
-  mp_xgcd(a, b, g, x, y)
-
-  Compute g = (a, b) and values x and y satisfying Bezout's identity
-  (that is, ax + by = g).  This uses the binary extended GCD algorithm
-  based on the Stein algorithm used for mp_gcd()
-  See algorithm 14.61 in Handbook of Applied Cryptogrpahy.
- */
-
-mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y)
-{
-  mp_int   gx, xc, yc, u, v, A, B, C, D;
-  mp_int  *clean[9];
-  mp_err   res;
-  int      last = -1;
-
-  if(mp_cmp_z(b) == 0)
-    return MP_RANGE;
-
-  /* Initialize all these variables we need */
-  MP_CHECKOK( mp_init(&u) );
-  clean[++last] = &u;
-  MP_CHECKOK( mp_init(&v) );
-  clean[++last] = &v;
-  MP_CHECKOK( mp_init(&gx) );
-  clean[++last] = &gx;
-  MP_CHECKOK( mp_init(&A) );
-  clean[++last] = &A;
-  MP_CHECKOK( mp_init(&B) );
-  clean[++last] = &B;
-  MP_CHECKOK( mp_init(&C) );
-  clean[++last] = &C;
-  MP_CHECKOK( mp_init(&D) );
-  clean[++last] = &D;
-  MP_CHECKOK( mp_init_copy(&xc, a) );
-  clean[++last] = &xc;
-  mp_abs(&xc, &xc);
-  MP_CHECKOK( mp_init_copy(&yc, b) );
-  clean[++last] = &yc;
-  mp_abs(&yc, &yc);
-
-  mp_set(&gx, 1);
-
-  /* Divide by two until at least one of them is odd */
-  while(mp_iseven(&xc) && mp_iseven(&yc)) {
-    mp_size nx = mp_trailing_zeros(&xc);
-    mp_size ny = mp_trailing_zeros(&yc);
-    mp_size n  = MP_MIN(nx, ny);
-    s_mp_div_2d(&xc,n);
-    s_mp_div_2d(&yc,n);
-    MP_CHECKOK( s_mp_mul_2d(&gx,n) );
-  }
-
-  mp_copy(&xc, &u);
-  mp_copy(&yc, &v);
-  mp_set(&A, 1); mp_set(&D, 1);
-
-  /* Loop through binary GCD algorithm */
-  do {
-    while(mp_iseven(&u)) {
-      s_mp_div_2(&u);
-
-      if(mp_iseven(&A) && mp_iseven(&B)) {
-	s_mp_div_2(&A); s_mp_div_2(&B);
-      } else {
-	MP_CHECKOK( mp_add(&A, &yc, &A) );
-	s_mp_div_2(&A);
-	MP_CHECKOK( mp_sub(&B, &xc, &B) );
-	s_mp_div_2(&B);
-      }
-    }
-
-    while(mp_iseven(&v)) {
-      s_mp_div_2(&v);
-
-      if(mp_iseven(&C) && mp_iseven(&D)) {
-	s_mp_div_2(&C); s_mp_div_2(&D);
-      } else {
-	MP_CHECKOK( mp_add(&C, &yc, &C) );
-	s_mp_div_2(&C);
-	MP_CHECKOK( mp_sub(&D, &xc, &D) );
-	s_mp_div_2(&D);
-      }
-    }
-
-    if(mp_cmp(&u, &v) >= 0) {
-      MP_CHECKOK( mp_sub(&u, &v, &u) );
-      MP_CHECKOK( mp_sub(&A, &C, &A) );
-      MP_CHECKOK( mp_sub(&B, &D, &B) );
-    } else {
-      MP_CHECKOK( mp_sub(&v, &u, &v) );
-      MP_CHECKOK( mp_sub(&C, &A, &C) );
-      MP_CHECKOK( mp_sub(&D, &B, &D) );
-    }
-  } while (mp_cmp_z(&u) != 0);
-
-  /* copy results to output */
-  if(x)
-    MP_CHECKOK( mp_copy(&C, x) );
-
-  if(y)
-    MP_CHECKOK( mp_copy(&D, y) );
-      
-  if(g)
-    MP_CHECKOK( mp_mul(&gx, &v, g) );
-
- CLEANUP:
-  while(last >= 0)
-    mp_clear(clean[last--]);
-
-  return res;
-
-} /* end mp_xgcd() */
-
-/* }}} */
-
-mp_size mp_trailing_zeros(const mp_int *mp)
-{
-  mp_digit d;
-  mp_size  n = 0;
-  int      ix;
-
-  if (!mp || !MP_DIGITS(mp) || !mp_cmp_z(mp))
-    return n;
-
-  for (ix = 0; !(d = MP_DIGIT(mp,ix)) && (ix < MP_USED(mp)); ++ix)
-    n += MP_DIGIT_BIT;
-  if (!d)
-    return 0;	/* shouldn't happen, but ... */
-#if !defined(MP_USE_UINT_DIGIT)
-  if (!(d & 0xffffffffU)) {
-    d >>= 32;
-    n  += 32;
-  }
-#endif
-  if (!(d & 0xffffU)) {
-    d >>= 16;
-    n  += 16;
-  }
-  if (!(d & 0xffU)) {
-    d >>= 8;
-    n  += 8;
-  }
-  if (!(d & 0xfU)) {
-    d >>= 4;
-    n  += 4;
-  }
-  if (!(d & 0x3U)) {
-    d >>= 2;
-    n  += 2;
-  }
-  if (!(d & 0x1U)) {
-    d >>= 1;
-    n  += 1;
-  }
-#if MP_ARGCHK == 2
-  assert(0 != (d & 1));
-#endif
-  return n;
-}
-
-/* Given a and prime p, computes c and k such that a*c == 2**k (mod p).
-** Returns k (positive) or error (negative).
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_err s_mp_almost_inverse(const mp_int *a, const mp_int *p, mp_int *c)
-{
-  mp_err res;
-  mp_err k    = 0;
-  mp_int d, f, g;
-
-  ARGCHK(a && p && c, MP_BADARG);
-
-  MP_DIGITS(&d) = 0;
-  MP_DIGITS(&f) = 0;
-  MP_DIGITS(&g) = 0;
-  MP_CHECKOK( mp_init(&d) );
-  MP_CHECKOK( mp_init_copy(&f, a) );	/* f = a */
-  MP_CHECKOK( mp_init_copy(&g, p) );	/* g = p */
-
-  mp_set(c, 1);
-  mp_zero(&d);
-
-  if (mp_cmp_z(&f) == 0) {
-    res = MP_UNDEF;
-  } else 
-  for (;;) {
-    int diff_sign;
-    while (mp_iseven(&f)) {
-      mp_size n = mp_trailing_zeros(&f);
-      if (!n) {
-	res = MP_UNDEF;
-	goto CLEANUP;
-      }
-      s_mp_div_2d(&f, n);
-      MP_CHECKOK( s_mp_mul_2d(&d, n) );
-      k += n;
-    }
-    if (mp_cmp_d(&f, 1) == MP_EQ) {	/* f == 1 */
-      res = k;
-      break;
-    }
-    diff_sign = mp_cmp(&f, &g);
-    if (diff_sign < 0) {		/* f < g */
-      s_mp_exch(&f, &g);
-      s_mp_exch(c, &d);
-    } else if (diff_sign == 0) {		/* f == g */
-      res = MP_UNDEF;		/* a and p are not relatively prime */
-      break;
-    }
-    if ((MP_DIGIT(&f,0) % 4) == (MP_DIGIT(&g,0) % 4)) {
-      MP_CHECKOK( mp_sub(&f, &g, &f) );	/* f = f - g */
-      MP_CHECKOK( mp_sub(c,  &d,  c) );	/* c = c - d */
-    } else {
-      MP_CHECKOK( mp_add(&f, &g, &f) );	/* f = f + g */
-      MP_CHECKOK( mp_add(c,  &d,  c) );	/* c = c + d */
-    }
-  }
-  if (res >= 0) {
-    while (MP_SIGN(c) != MP_ZPOS) {
-      MP_CHECKOK( mp_add(c, p, c) );
-    }
-    res = k;
-  }
-
-CLEANUP:
-  mp_clear(&d);
-  mp_clear(&f);
-  mp_clear(&g);
-  return res;
-}
-
-/* Compute T = (P ** -1) mod MP_RADIX.  Also works for 16-bit mp_digits.
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_digit  s_mp_invmod_radix(mp_digit P)
-{
-  mp_digit T = P;
-  T *= 2 - (P * T);
-  T *= 2 - (P * T);
-  T *= 2 - (P * T);
-  T *= 2 - (P * T);
-#if !defined(MP_USE_UINT_DIGIT)
-  T *= 2 - (P * T);
-  T *= 2 - (P * T);
-#endif
-  return T;
-}
-
-/* Given c, k, and prime p, where a*c == 2**k (mod p), 
-** Compute x = (a ** -1) mod p.  This is similar to Montgomery reduction.
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_err  s_mp_fixup_reciprocal(const mp_int *c, const mp_int *p, int k, mp_int *x)
-{
-  int      k_orig = k;
-  mp_digit r;
-  mp_size  ix;
-  mp_err   res;
-
-  if (mp_cmp_z(c) < 0) {		/* c < 0 */
-    MP_CHECKOK( mp_add(c, p, x) );	/* x = c + p */
-  } else {
-    MP_CHECKOK( mp_copy(c, x) );	/* x = c */
-  }
-
-  /* make sure x is large enough */
-  ix = MP_HOWMANY(k, MP_DIGIT_BIT) + MP_USED(p) + 1;
-  ix = MP_MAX(ix, MP_USED(x));
-  MP_CHECKOK( s_mp_pad(x, ix) );
-
-  r = 0 - s_mp_invmod_radix(MP_DIGIT(p,0));
-
-  for (ix = 0; k > 0; ix++) {
-    int      j = MP_MIN(k, MP_DIGIT_BIT);
-    mp_digit v = r * MP_DIGIT(x, ix);
-    if (j < MP_DIGIT_BIT) {
-      v &= ((mp_digit)1 << j) - 1;	/* v = v mod (2 ** j) */
-    }
-    s_mp_mul_d_add_offset(p, v, x, ix); /* x += p * v * (RADIX ** ix) */
-    k -= j;
-  }
-  s_mp_clamp(x);
-  s_mp_div_2d(x, k_orig);
-  res = MP_OKAY;
-
-CLEANUP:
-  return res;
-}
-
-/* compute mod inverse using Schroeppel's method, only if m is odd */
-mp_err s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c)
-{
-  int k;
-  mp_err  res;
-  mp_int  x;
-
-  ARGCHK(a && m && c, MP_BADARG);
-
-  if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
-    return MP_RANGE;
-  if (mp_iseven(m))
-    return MP_UNDEF;
-
-  MP_DIGITS(&x) = 0;
-
-  if (a == c) {
-    if ((res = mp_init_copy(&x, a)) != MP_OKAY)
-      return res;
-    if (a == m) 
-      m = &x;
-    a = &x;
-  } else if (m == c) {
-    if ((res = mp_init_copy(&x, m)) != MP_OKAY)
-      return res;
-    m = &x;
-  } else {
-    MP_DIGITS(&x) = 0;
-  }
-
-  MP_CHECKOK( s_mp_almost_inverse(a, m, c) );
-  k = res;
-  MP_CHECKOK( s_mp_fixup_reciprocal(c, m, k, c) );
-CLEANUP:
-  mp_clear(&x);
-  return res;
-}
-
-/* Known good algorithm for computing modular inverse.  But slow. */
-mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c)
-{
-  mp_int  g, x;
-  mp_err  res;
-
-  ARGCHK(a && m && c, MP_BADARG);
-
-  if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
-    return MP_RANGE;
-
-  MP_DIGITS(&g) = 0;
-  MP_DIGITS(&x) = 0;
-  MP_CHECKOK( mp_init(&x) );
-  MP_CHECKOK( mp_init(&g) );
-
-  MP_CHECKOK( mp_xgcd(a, m, &g, &x, NULL) );
-
-  if (mp_cmp_d(&g, 1) != MP_EQ) {
-    res = MP_UNDEF;
-    goto CLEANUP;
-  }
-
-  res = mp_mod(&x, m, c);
-  SIGN(c) = SIGN(a);
-
-CLEANUP:
-  mp_clear(&x);
-  mp_clear(&g);
-
-  return res;
-}
-
-/* modular inverse where modulus is 2**k. */
-/* c = a**-1 mod 2**k */
-mp_err s_mp_invmod_2d(const mp_int *a, mp_size k, mp_int *c)
-{
-  mp_err res;
-  mp_size ix = k + 4;
-  mp_int t0, t1, val, tmp, two2k;
-
-  static const mp_digit d2 = 2;
-  static const mp_int two = { MP_ZPOS, 1, 1, (mp_digit *)&d2 };
-
-  if (mp_iseven(a))
-    return MP_UNDEF;
-  if (k <= MP_DIGIT_BIT) {
-    mp_digit i = s_mp_invmod_radix(MP_DIGIT(a,0));
-    if (k < MP_DIGIT_BIT)
-      i &= ((mp_digit)1 << k) - (mp_digit)1;
-    mp_set(c, i);
-    return MP_OKAY;
-  }
-  MP_DIGITS(&t0) = 0;
-  MP_DIGITS(&t1) = 0;
-  MP_DIGITS(&val) = 0;
-  MP_DIGITS(&tmp) = 0;
-  MP_DIGITS(&two2k) = 0;
-  MP_CHECKOK( mp_init_copy(&val, a) );
-  s_mp_mod_2d(&val, k);
-  MP_CHECKOK( mp_init_copy(&t0, &val) );
-  MP_CHECKOK( mp_init_copy(&t1, &t0)  );
-  MP_CHECKOK( mp_init(&tmp) );
-  MP_CHECKOK( mp_init(&two2k) );
-  MP_CHECKOK( s_mp_2expt(&two2k, k) );
-  do {
-    MP_CHECKOK( mp_mul(&val, &t1, &tmp)  );
-    MP_CHECKOK( mp_sub(&two, &tmp, &tmp) );
-    MP_CHECKOK( mp_mul(&t1, &tmp, &t1)   );
-    s_mp_mod_2d(&t1, k);
-    while (MP_SIGN(&t1) != MP_ZPOS) {
-      MP_CHECKOK( mp_add(&t1, &two2k, &t1) );
-    }
-    if (mp_cmp(&t1, &t0) == MP_EQ) 
-      break;
-    MP_CHECKOK( mp_copy(&t1, &t0) );
-  } while (--ix > 0);
-  if (!ix) {
-    res = MP_UNDEF;
-  } else {
-    mp_exch(c, &t1);
-  }
-
-CLEANUP:
-  mp_clear(&t0);
-  mp_clear(&t1);
-  mp_clear(&val);
-  mp_clear(&tmp);
-  mp_clear(&two2k);
-  return res;
-}
-
-mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c)
-{
-  mp_err res;
-  mp_size k;
-  mp_int oddFactor, evenFactor;	/* factors of the modulus */
-  mp_int oddPart, evenPart;	/* parts to combine via CRT. */
-  mp_int C2, tmp1, tmp2;
-
-  /*static const mp_digit d1 = 1; */
-  /*static const mp_int one = { MP_ZPOS, 1, 1, (mp_digit *)&d1 }; */
-
-  if ((res = s_mp_ispow2(m)) >= 0) {
-    k = res;
-    return s_mp_invmod_2d(a, k, c);
-  }
-  MP_DIGITS(&oddFactor) = 0;
-  MP_DIGITS(&evenFactor) = 0;
-  MP_DIGITS(&oddPart) = 0;
-  MP_DIGITS(&evenPart) = 0;
-  MP_DIGITS(&C2)     = 0;
-  MP_DIGITS(&tmp1)   = 0;
-  MP_DIGITS(&tmp2)   = 0;
-
-  MP_CHECKOK( mp_init_copy(&oddFactor, m) );    /* oddFactor = m */
-  MP_CHECKOK( mp_init(&evenFactor) );
-  MP_CHECKOK( mp_init(&oddPart) );
-  MP_CHECKOK( mp_init(&evenPart) );
-  MP_CHECKOK( mp_init(&C2)     );
-  MP_CHECKOK( mp_init(&tmp1)   );
-  MP_CHECKOK( mp_init(&tmp2)   );
-
-  k = mp_trailing_zeros(m);
-  s_mp_div_2d(&oddFactor, k);
-  MP_CHECKOK( s_mp_2expt(&evenFactor, k) );
-
-  /* compute a**-1 mod oddFactor. */
-  MP_CHECKOK( s_mp_invmod_odd_m(a, &oddFactor, &oddPart) );
-  /* compute a**-1 mod evenFactor, where evenFactor == 2**k. */
-  MP_CHECKOK( s_mp_invmod_2d(   a,       k,    &evenPart) );
-
-  /* Use Chinese Remainer theorem to compute a**-1 mod m. */
-  /* let m1 = oddFactor,  v1 = oddPart, 
-   * let m2 = evenFactor, v2 = evenPart.
-   */
-
-  /* Compute C2 = m1**-1 mod m2. */
-  MP_CHECKOK( s_mp_invmod_2d(&oddFactor, k,    &C2) );
-
-  /* compute u = (v2 - v1)*C2 mod m2 */
-  MP_CHECKOK( mp_sub(&evenPart, &oddPart,   &tmp1) );
-  MP_CHECKOK( mp_mul(&tmp1,     &C2,        &tmp2) );
-  s_mp_mod_2d(&tmp2, k);
-  while (MP_SIGN(&tmp2) != MP_ZPOS) {
-    MP_CHECKOK( mp_add(&tmp2, &evenFactor, &tmp2) );
-  }
-
-  /* compute answer = v1 + u*m1 */
-  MP_CHECKOK( mp_mul(&tmp2,     &oddFactor, c) );
-  MP_CHECKOK( mp_add(&oddPart,  c,          c) );
-  /* not sure this is necessary, but it's low cost if not. */
-  MP_CHECKOK( mp_mod(c,         m,          c) );
-
-CLEANUP:
-  mp_clear(&oddFactor);
-  mp_clear(&evenFactor);
-  mp_clear(&oddPart);
-  mp_clear(&evenPart);
-  mp_clear(&C2);
-  mp_clear(&tmp1);
-  mp_clear(&tmp2);
-  return res;
-}
-
-
-/* {{{ mp_invmod(a, m, c) */
-
-/*
-  mp_invmod(a, m, c)
-
-  Compute c = a^-1 (mod m), if there is an inverse for a (mod m).
-  This is equivalent to the question of whether (a, m) = 1.  If not,
-  MP_UNDEF is returned, and there is no inverse.
- */
-
-mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c)
-{
-
-  ARGCHK(a && m && c, MP_BADARG);
-
-  if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
-    return MP_RANGE;
-
-  if (mp_isodd(m)) {
-    return s_mp_invmod_odd_m(a, m, c);
-  }
-  if (mp_iseven(a))
-    return MP_UNDEF;	/* not invertable */
-
-  return s_mp_invmod_even_m(a, m, c);
-
-} /* end mp_invmod() */
-
-/* }}} */
-#endif /* if MP_NUMTH */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ mp_print(mp, ofp) */
-
-#if MP_IOFUNC
-/*
-  mp_print(mp, ofp)
-
-  Print a textual representation of the given mp_int on the output
-  stream 'ofp'.  Output is generated using the internal radix.
- */
-
-void   mp_print(mp_int *mp, FILE *ofp)
-{
-  int   ix;
-
-  if(mp == NULL || ofp == NULL)
-    return;
-
-  fputc((SIGN(mp) == NEG) ? '-' : '+', ofp);
-
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    fprintf(ofp, DIGIT_FMT, DIGIT(mp, ix));
-  }
-
-} /* end mp_print() */
-
-#endif /* if MP_IOFUNC */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ More I/O Functions */
-
-/* {{{ mp_read_raw(mp, str, len) */
-
-/* 
-   mp_read_raw(mp, str, len)
-
-   Read in a raw value (base 256) into the given mp_int
- */
-
-mp_err  mp_read_raw(mp_int *mp, char *str, int len)
-{
-  int            ix;
-  mp_err         res;
-  unsigned char *ustr = (unsigned char *)str;
-
-  ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
-
-  mp_zero(mp);
-
-  /* Get sign from first byte */
-  if(ustr[0])
-    SIGN(mp) = NEG;
-  else
-    SIGN(mp) = ZPOS;
-
-  /* Read the rest of the digits */
-  for(ix = 1; ix < len; ix++) {
-    if((res = mp_mul_d(mp, 256, mp)) != MP_OKAY)
-      return res;
-    if((res = mp_add_d(mp, ustr[ix], mp)) != MP_OKAY)
-      return res;
-  }
-
-  return MP_OKAY;
-
-} /* end mp_read_raw() */
-
-/* }}} */
-
-/* {{{ mp_raw_size(mp) */
-
-int    mp_raw_size(mp_int *mp)
-{
-  ARGCHK(mp != NULL, 0);
-
-  return (USED(mp) * sizeof(mp_digit)) + 1;
-
-} /* end mp_raw_size() */
-
-/* }}} */
-
-/* {{{ mp_toraw(mp, str) */
-
-mp_err mp_toraw(mp_int *mp, char *str)
-{
-  int  ix, jx, pos = 1;
-
-  ARGCHK(mp != NULL && str != NULL, MP_BADARG);
-
-  str[0] = (char)SIGN(mp);
-
-  /* Iterate over each digit... */
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    mp_digit  d = DIGIT(mp, ix);
-
-    /* Unpack digit bytes, high order first */
-    for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
-      str[pos++] = (char)(d >> (jx * CHAR_BIT));
-    }
-  }
-
-  return MP_OKAY;
-
-} /* end mp_toraw() */
-
-/* }}} */
-
-/* {{{ mp_read_radix(mp, str, radix) */
-
-/*
-  mp_read_radix(mp, str, radix)
-
-  Read an integer from the given string, and set mp to the resulting
-  value.  The input is presumed to be in base 10.  Leading non-digit
-  characters are ignored, and the function reads until a non-digit
-  character or the end of the string.
- */
-
-mp_err  mp_read_radix(mp_int *mp, const char *str, int radix)
-{
-  int     ix = 0, val = 0;
-  mp_err  res;
-  mp_sign sig = ZPOS;
-
-  ARGCHK(mp != NULL && str != NULL && radix >= 2 && radix <= MAX_RADIX, 
-	 MP_BADARG);
-
-  mp_zero(mp);
-
-  /* Skip leading non-digit characters until a digit or '-' or '+' */
-  while(str[ix] && 
-	(s_mp_tovalue(str[ix], radix) < 0) && 
-	str[ix] != '-' &&
-	str[ix] != '+') {
-    ++ix;
-  }
-
-  if(str[ix] == '-') {
-    sig = NEG;
-    ++ix;
-  } else if(str[ix] == '+') {
-    sig = ZPOS; /* this is the default anyway... */
-    ++ix;
-  }
-
-  while((val = s_mp_tovalue(str[ix], radix)) >= 0) {
-    if((res = s_mp_mul_d(mp, radix)) != MP_OKAY)
-      return res;
-    if((res = s_mp_add_d(mp, val)) != MP_OKAY)
-      return res;
-    ++ix;
-  }
-
-  if(s_mp_cmp_d(mp, 0) == MP_EQ)
-    SIGN(mp) = ZPOS;
-  else
-    SIGN(mp) = sig;
-
-  return MP_OKAY;
-
-} /* end mp_read_radix() */
-
-mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix)
-{
-  int     radix = default_radix;
-  int     cx;
-  mp_sign sig   = ZPOS;
-  mp_err  res;
-
-  /* Skip leading non-digit characters until a digit or '-' or '+' */
-  while ((cx = *str) != 0 && 
-	(s_mp_tovalue(cx, radix) < 0) && 
-	cx != '-' &&
-	cx != '+') {
-    ++str;
-  }
-
-  if (cx == '-') {
-    sig = NEG;
-    ++str;
-  } else if (cx == '+') {
-    sig = ZPOS; /* this is the default anyway... */
-    ++str;
-  }
-
-  if (str[0] == '0') {
-    if ((str[1] | 0x20) == 'x') {
-      radix = 16;
-      str += 2;
-    } else {
-      radix = 8;
-      str++;
-    }
-  }
-  res = mp_read_radix(a, str, radix);
-  if (res == MP_OKAY) {
-    MP_SIGN(a) = (s_mp_cmp_d(a, 0) == MP_EQ) ? ZPOS : sig;
-  }
-  return res;
-}
-
-/* }}} */
-
-/* {{{ mp_radix_size(mp, radix) */
-
-int    mp_radix_size(mp_int *mp, int radix)
-{
-  int  bits;
-
-  if(!mp || radix < 2 || radix > MAX_RADIX)
-    return 0;
-
-  bits = USED(mp) * DIGIT_BIT - 1;
- 
-  return s_mp_outlen(bits, radix);
-
-} /* end mp_radix_size() */
-
-/* }}} */
-
-/* {{{ mp_toradix(mp, str, radix) */
-
-mp_err mp_toradix(mp_int *mp, char *str, int radix)
-{
-  int  ix, pos = 0;
-
-  ARGCHK(mp != NULL && str != NULL, MP_BADARG);
-  ARGCHK(radix > 1 && radix <= MAX_RADIX, MP_RANGE);
-
-  if(mp_cmp_z(mp) == MP_EQ) {
-    str[0] = '0';
-    str[1] = '\0';
-  } else {
-    mp_err   res;
-    mp_int   tmp;
-    mp_sign  sgn;
-    mp_digit rem, rdx = (mp_digit)radix;
-    char     ch;
-
-    if((res = mp_init_copy(&tmp, mp)) != MP_OKAY)
-      return res;
-
-    /* Save sign for later, and take absolute value */
-    sgn = SIGN(&tmp); SIGN(&tmp) = ZPOS;
-
-    /* Generate output digits in reverse order      */
-    while(mp_cmp_z(&tmp) != 0) {
-      if((res = mp_div_d(&tmp, rdx, &tmp, &rem)) != MP_OKAY) {
-	mp_clear(&tmp);
-	return res;
-      }
-
-      /* Generate digits, use capital letters */
-      ch = s_mp_todigit(rem, radix, 0);
-
-      str[pos++] = ch;
-    }
-
-    /* Add - sign if original value was negative */
-    if(sgn == NEG)
-      str[pos++] = '-';
-
-    /* Add trailing NUL to end the string        */
-    str[pos--] = '\0';
-
-    /* Reverse the digits and sign indicator     */
-    ix = 0;
-    while(ix < pos) {
-      char tmp = str[ix];
-
-      str[ix] = str[pos];
-      str[pos] = tmp;
-      ++ix;
-      --pos;
-    }
-    
-    mp_clear(&tmp);
-  }
-
-  return MP_OKAY;
-
-} /* end mp_toradix() */
-
-/* }}} */
-
-/* {{{ mp_tovalue(ch, r) */
-
-int    mp_tovalue(char ch, int r)
-{
-  return s_mp_tovalue(ch, r);
-
-} /* end mp_tovalue() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ mp_strerror(ec) */
-
-/*
-  mp_strerror(ec)
-
-  Return a string describing the meaning of error code 'ec'.  The
-  string returned is allocated in static memory, so the caller should
-  not attempt to modify or free the memory associated with this
-  string.
- */
-const char  *mp_strerror(mp_err ec)
-{
-  int   aec = (ec < 0) ? -ec : ec;
-
-  /* Code values are negative, so the senses of these comparisons
-     are accurate */
-  if(ec < MP_LAST_CODE || ec > MP_OKAY) {
-    return mp_err_string[0];  /* unknown error code */
-  } else {
-    return mp_err_string[aec + 1];
-  }
-
-} /* end mp_strerror() */
-
-/* }}} */
-
-/*========================================================================*/
-/*------------------------------------------------------------------------*/
-/* Static function definitions (internal use only)                        */
-
-/* {{{ Memory management */
-
-/* {{{ s_mp_grow(mp, min) */
-
-/* Make sure there are at least 'min' digits allocated to mp              */
-mp_err   s_mp_grow(mp_int *mp, mp_size min)
-{
-  if(min > ALLOC(mp)) {
-    mp_digit   *tmp;
-
-    /* Set min to next nearest default precision block size */
-    min = MP_ROUNDUP(min, s_mp_defprec);
-
-    if((tmp = s_mp_alloc(min, sizeof(mp_digit))) == NULL)
-      return MP_MEM;
-
-    s_mp_copy(DIGITS(mp), tmp, USED(mp));
-
-#if MP_CRYPTO
-    s_mp_setz(DIGITS(mp), ALLOC(mp));
-#endif
-    s_mp_free(DIGITS(mp));
-    DIGITS(mp) = tmp;
-    ALLOC(mp) = min;
-  }
-
-  return MP_OKAY;
-
-} /* end s_mp_grow() */
-
-/* }}} */
-
-/* {{{ s_mp_pad(mp, min) */
-
-/* Make sure the used size of mp is at least 'min', growing if needed     */
-mp_err   s_mp_pad(mp_int *mp, mp_size min)
-{
-  if(min > USED(mp)) {
-    mp_err  res;
-
-    /* Make sure there is room to increase precision  */
-    if (min > ALLOC(mp)) {
-      if ((res = s_mp_grow(mp, min)) != MP_OKAY)
-	return res;
-    } else {
-/*    s_mp_setz(DIGITS(mp) + USED(mp), min - USED(mp)); */
-    }
-
-    /* Increase precision; should already be 0-filled */
-    USED(mp) = min;
-  }
-
-  return MP_OKAY;
-
-} /* end s_mp_pad() */
-
-/* }}} */
-
-/* {{{ s_mp_setz(dp, count) */
-
-#if MP_MACRO == 0
-/* Set 'count' digits pointed to by dp to be zeroes                       */
-void s_mp_setz(mp_digit *dp, mp_size count)
-{
-#if MP_MEMSET == 0
-  int  ix;
-
-  for(ix = 0; ix < count; ix++)
-    dp[ix] = 0;
-#else
-  memset(dp, 0, count * sizeof(mp_digit));
-#endif
-
-} /* end s_mp_setz() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_copy(sp, dp, count) */
-
-#if MP_MACRO == 0
-/* Copy 'count' digits from sp to dp                                      */
-void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count)
-{
-#if MP_MEMCPY == 0
-  int  ix;
-
-  for(ix = 0; ix < count; ix++)
-    dp[ix] = sp[ix];
-#else
-  memcpy(dp, sp, count * sizeof(mp_digit));
-#endif
-
-} /* end s_mp_copy() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_alloc(nb, ni) */
-
-#if MP_MACRO == 0
-/* Allocate ni records of nb bytes each, and return a pointer to that     */
-void    *s_mp_alloc(size_t nb, size_t ni)
-{
-  ++mp_allocs;
-  return calloc(nb, ni);
-
-} /* end s_mp_alloc() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_free(ptr) */
-
-#if MP_MACRO == 0
-/* Free the memory pointed to by ptr                                      */
-void     s_mp_free(void *ptr)
-{
-  if(ptr) {
-    ++mp_frees;
-    free(ptr);
-  }
-} /* end s_mp_free() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_clamp(mp) */
-
-#if MP_MACRO == 0
-/* Remove leading zeroes from the given value                             */
-void     s_mp_clamp(mp_int *mp)
-{
-  mp_size used = MP_USED(mp);
-  while (used > 1 && DIGIT(mp, used - 1) == 0)
-    --used;
-  MP_USED(mp) = used;
-} /* end s_mp_clamp() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_exch(a, b) */
-
-/* Exchange the data for a and b; (b, a) = (a, b)                         */
-void     s_mp_exch(mp_int *a, mp_int *b)
-{
-  mp_int   tmp;
-
-  tmp = *a;
-  *a = *b;
-  *b = tmp;
-
-} /* end s_mp_exch() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Arithmetic helpers */
-
-/* {{{ s_mp_lshd(mp, p) */
-
-/* 
-   Shift mp leftward by p digits, growing if needed, and zero-filling
-   the in-shifted digits at the right end.  This is a convenient
-   alternative to multiplication by powers of the radix
-   The value of USED(mp) must already have been set to the value for
-   the shifted result.
- */   
-
-mp_err   s_mp_lshd(mp_int *mp, mp_size p)
-{
-  mp_err  res;
-  mp_size pos;
-  int     ix;
-
-  if(p == 0)
-    return MP_OKAY;
-
-  if (MP_USED(mp) == 1 && MP_DIGIT(mp, 0) == 0)
-    return MP_OKAY;
-
-  if((res = s_mp_pad(mp, USED(mp) + p)) != MP_OKAY)
-    return res;
-
-  pos = USED(mp) - 1;
-
-  /* Shift all the significant figures over as needed */
-  for(ix = pos - p; ix >= 0; ix--) 
-    DIGIT(mp, ix + p) = DIGIT(mp, ix);
-
-  /* Fill the bottom digits with zeroes */
-  for(ix = 0; ix < p; ix++)
-    DIGIT(mp, ix) = 0;
-
-  return MP_OKAY;
-
-} /* end s_mp_lshd() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_2d(mp, d) */
-
-/*
-  Multiply the integer by 2^d, where d is a number of bits.  This
-  amounts to a bitwise shift of the value.
- */
-mp_err   s_mp_mul_2d(mp_int *mp, mp_digit d)
-{
-  mp_err   res;
-  mp_digit dshift, bshift;
-  mp_digit mask;
-
-  ARGCHK(mp != NULL,  MP_BADARG);
-
-  dshift = d / MP_DIGIT_BIT;
-  bshift = d % MP_DIGIT_BIT;
-  /* bits to be shifted out of the top word */
-  mask   = ((mp_digit)~0 << (MP_DIGIT_BIT - bshift)); 
-  mask  &= MP_DIGIT(mp, MP_USED(mp) - 1);
-
-  if (MP_OKAY != (res = s_mp_pad(mp, MP_USED(mp) + dshift + (mask != 0) )))
-    return res;
-
-  if (dshift && MP_OKAY != (res = s_mp_lshd(mp, dshift)))
-    return res;
-
-  if (bshift) { 
-    mp_digit *pa = MP_DIGITS(mp);
-    mp_digit *alim = pa + MP_USED(mp);
-    mp_digit  prev = 0;
-
-    for (pa += dshift; pa < alim; ) {
-      mp_digit x = *pa;
-      *pa++ = (x << bshift) | prev;
-      prev = x >> (DIGIT_BIT - bshift);
-    }
-  }
-
-  s_mp_clamp(mp);
-  return MP_OKAY;
-} /* end s_mp_mul_2d() */
-
-/* {{{ s_mp_rshd(mp, p) */
-
-/* 
-   Shift mp rightward by p digits.  Maintains the invariant that
-   digits above the precision are all zero.  Digits shifted off the
-   end are lost.  Cannot fail.
- */
-
-void     s_mp_rshd(mp_int *mp, mp_size p)
-{
-  mp_size  ix;
-  mp_digit *src, *dst;
-
-  if(p == 0)
-    return;
-
-  /* Shortcut when all digits are to be shifted off */
-  if(p >= USED(mp)) {
-    s_mp_setz(DIGITS(mp), ALLOC(mp));
-    USED(mp) = 1;
-    SIGN(mp) = ZPOS;
-    return;
-  }
-
-  /* Shift all the significant figures over as needed */
-  dst = MP_DIGITS(mp);
-  src = dst + p;
-  for (ix = USED(mp) - p; ix > 0; ix--)
-    *dst++ = *src++;
-
-  MP_USED(mp) -= p;
-  /* Fill the top digits with zeroes */
-  while (p-- > 0)
-    *dst++ = 0;
-
-#if 0
-  /* Strip off any leading zeroes    */
-  s_mp_clamp(mp);
-#endif
-
-} /* end s_mp_rshd() */
-
-/* }}} */
-
-/* {{{ s_mp_div_2(mp) */
-
-/* Divide by two -- take advantage of radix properties to do it fast      */
-void     s_mp_div_2(mp_int *mp)
-{
-  s_mp_div_2d(mp, 1);
-
-} /* end s_mp_div_2() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_2(mp) */
-
-mp_err s_mp_mul_2(mp_int *mp)
-{
-  mp_digit *pd;
-  int      ix, used;
-  mp_digit kin = 0;
-
-  /* Shift digits leftward by 1 bit */
-  used = MP_USED(mp);
-  pd = MP_DIGITS(mp);
-  for (ix = 0; ix < used; ix++) {
-    mp_digit d = *pd;
-    *pd++ = (d << 1) | kin;
-    kin = (d >> (DIGIT_BIT - 1));
-  }
-
-  /* Deal with rollover from last digit */
-  if (kin) {
-    if (ix >= ALLOC(mp)) {
-      mp_err res;
-      if((res = s_mp_grow(mp, ALLOC(mp) + 1)) != MP_OKAY)
-	return res;
-    }
-
-    DIGIT(mp, ix) = kin;
-    USED(mp) += 1;
-  }
-
-  return MP_OKAY;
-
-} /* end s_mp_mul_2() */
-
-/* }}} */
-
-/* {{{ s_mp_mod_2d(mp, d) */
-
-/*
-  Remainder the integer by 2^d, where d is a number of bits.  This
-  amounts to a bitwise AND of the value, and does not require the full
-  division code
- */
-void     s_mp_mod_2d(mp_int *mp, mp_digit d)
-{
-  mp_size  ndig = (d / DIGIT_BIT), nbit = (d % DIGIT_BIT);
-  mp_size  ix;
-  mp_digit dmask;
-
-  if(ndig >= USED(mp))
-    return;
-
-  /* Flush all the bits above 2^d in its digit */
-  dmask = ((mp_digit)1 << nbit) - 1;
-  DIGIT(mp, ndig) &= dmask;
-
-  /* Flush all digits above the one with 2^d in it */
-  for(ix = ndig + 1; ix < USED(mp); ix++)
-    DIGIT(mp, ix) = 0;
-
-  s_mp_clamp(mp);
-
-} /* end s_mp_mod_2d() */
-
-/* }}} */
-
-/* {{{ s_mp_div_2d(mp, d) */
-
-/*
-  Divide the integer by 2^d, where d is a number of bits.  This
-  amounts to a bitwise shift of the value, and does not require the
-  full division code (used in Barrett reduction, see below)
- */
-void     s_mp_div_2d(mp_int *mp, mp_digit d)
-{
-  int       ix;
-  mp_digit  save, next, mask;
-
-  s_mp_rshd(mp, d / DIGIT_BIT);
-  d %= DIGIT_BIT;
-  if (d) {
-    mask = ((mp_digit)1 << d) - 1;
-    save = 0;
-    for(ix = USED(mp) - 1; ix >= 0; ix--) {
-      next = DIGIT(mp, ix) & mask;
-      DIGIT(mp, ix) = (DIGIT(mp, ix) >> d) | (save << (DIGIT_BIT - d));
-      save = next;
-    }
-  }
-  s_mp_clamp(mp);
-
-} /* end s_mp_div_2d() */
-
-/* }}} */
-
-/* {{{ s_mp_norm(a, b, *d) */
-
-/*
-  s_mp_norm(a, b, *d)
-
-  Normalize a and b for division, where b is the divisor.  In order
-  that we might make good guesses for quotient digits, we want the
-  leading digit of b to be at least half the radix, which we
-  accomplish by multiplying a and b by a power of 2.  The exponent 
-  (shift count) is placed in *pd, so that the remainder can be shifted 
-  back at the end of the division process.
- */
-
-mp_err   s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd)
-{
-  mp_digit  d;
-  mp_digit  mask;
-  mp_digit  b_msd;
-  mp_err    res    = MP_OKAY;
-
-  d = 0;
-  mask  = DIGIT_MAX & ~(DIGIT_MAX >> 1);	/* mask is msb of digit */
-  b_msd = DIGIT(b, USED(b) - 1);
-  while (!(b_msd & mask)) {
-    b_msd <<= 1;
-    ++d;
-  }
-
-  if (d) {
-    MP_CHECKOK( s_mp_mul_2d(a, d) );
-    MP_CHECKOK( s_mp_mul_2d(b, d) );
-  }
-
-  *pd = d;
-CLEANUP:
-  return res;
-
-} /* end s_mp_norm() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive digit arithmetic */
-
-/* {{{ s_mp_add_d(mp, d) */
-
-/* Add d to |mp| in place                                                 */
-mp_err   s_mp_add_d(mp_int *mp, mp_digit d)    /* unsigned digit addition */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  mp_word   w, k = 0;
-  mp_size   ix = 1;
-
-  w = (mp_word)DIGIT(mp, 0) + d;
-  DIGIT(mp, 0) = ACCUM(w);
-  k = CARRYOUT(w);
-
-  while(ix < USED(mp) && k) {
-    w = (mp_word)DIGIT(mp, ix) + k;
-    DIGIT(mp, ix) = ACCUM(w);
-    k = CARRYOUT(w);
-    ++ix;
-  }
-
-  if(k != 0) {
-    mp_err  res;
-
-    if((res = s_mp_pad(mp, USED(mp) + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(mp, ix) = (mp_digit)k;
-  }
-
-  return MP_OKAY;
-#else
-  mp_digit * pmp = MP_DIGITS(mp);
-  mp_digit sum, mp_i, carry = 0;
-  mp_err   res = MP_OKAY;
-  int used = (int)MP_USED(mp);
-
-  mp_i = *pmp;
-  *pmp++ = sum = d + mp_i;
-  carry = (sum < d);
-  while (carry && --used > 0) {
-    mp_i = *pmp;
-    *pmp++ = sum = carry + mp_i;
-    carry = !sum;
-  }
-  if (carry && !used) {
-    /* mp is growing */
-    used = MP_USED(mp);
-    MP_CHECKOK( s_mp_pad(mp, used + 1) );
-    MP_DIGIT(mp, used) = carry;
-  }
-CLEANUP:
-  return res;
-#endif
-} /* end s_mp_add_d() */
-
-/* }}} */
-
-/* {{{ s_mp_sub_d(mp, d) */
-
-/* Subtract d from |mp| in place, assumes |mp| > d                        */
-mp_err   s_mp_sub_d(mp_int *mp, mp_digit d)    /* unsigned digit subtract */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-  mp_word   w, b = 0;
-  mp_size   ix = 1;
-
-  /* Compute initial subtraction    */
-  w = (RADIX + (mp_word)DIGIT(mp, 0)) - d;
-  b = CARRYOUT(w) ? 0 : 1;
-  DIGIT(mp, 0) = ACCUM(w);
-
-  /* Propagate borrows leftward     */
-  while(b && ix < USED(mp)) {
-    w = (RADIX + (mp_word)DIGIT(mp, ix)) - b;
-    b = CARRYOUT(w) ? 0 : 1;
-    DIGIT(mp, ix) = ACCUM(w);
-    ++ix;
-  }
-
-  /* Remove leading zeroes          */
-  s_mp_clamp(mp);
-
-  /* If we have a borrow out, it's a violation of the input invariant */
-  if(b)
-    return MP_RANGE;
-  else
-    return MP_OKAY;
-#else
-  mp_digit *pmp = MP_DIGITS(mp);
-  mp_digit mp_i, diff, borrow;
-  mp_size  used = MP_USED(mp);
-
-  mp_i = *pmp;
-  *pmp++ = diff = mp_i - d;
-  borrow = (diff > mp_i);
-  while (borrow && --used) {
-    mp_i = *pmp;
-    *pmp++ = diff = mp_i - borrow;
-    borrow = (diff > mp_i);
-  }
-  s_mp_clamp(mp);
-  return (borrow && !used) ? MP_RANGE : MP_OKAY;
-#endif
-} /* end s_mp_sub_d() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_d(a, d) */
-
-/* Compute a = a * d, single digit multiplication                         */
-mp_err   s_mp_mul_d(mp_int *a, mp_digit d)
-{
-  mp_err  res;
-  mp_size used;
-  int     pow;
-
-  if (!d) {
-    mp_zero(a);
-    return MP_OKAY;
-  }
-  if (d == 1)
-    return MP_OKAY;
-  if (0 <= (pow = s_mp_ispow2d(d))) {
-    return s_mp_mul_2d(a, (mp_digit)pow);
-  }
-
-  used = MP_USED(a);
-  MP_CHECKOK( s_mp_pad(a, used + 1) );
-
-  s_mpv_mul_d(MP_DIGITS(a), used, d, MP_DIGITS(a));
-
-  s_mp_clamp(a);
-
-CLEANUP:
-  return res;
-  
-} /* end s_mp_mul_d() */
-
-/* }}} */
-
-/* {{{ s_mp_div_d(mp, d, r) */
-
-/*
-  s_mp_div_d(mp, d, r)
-
-  Compute the quotient mp = mp / d and remainder r = mp mod d, for a
-  single digit d.  If r is null, the remainder will be discarded.
- */
-
-mp_err   s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
-  mp_word   w = 0, q;
-#else
-  mp_digit  w, q;
-#endif
-  int       ix;
-  mp_err    res;
-  mp_int    quot;
-  mp_int    rem;
-
-  if(d == 0)
-    return MP_RANGE;
-  if (d == 1) {
-    if (r)
-      *r = 0;
-    return MP_OKAY;
-  }
-  /* could check for power of 2 here, but mp_div_d does that. */
-  if (MP_USED(mp) == 1) {
-    mp_digit n   = MP_DIGIT(mp,0);
-    mp_digit rem;
-
-    q   = n / d;
-    rem = n % d;
-    MP_DIGIT(mp,0) = q;
-    if (r)
-      *r = rem;
-    return MP_OKAY;
-  }
-
-  MP_DIGITS(&rem)  = 0;
-  MP_DIGITS(&quot) = 0;
-  /* Make room for the quotient */
-  MP_CHECKOK( mp_init_size(&quot, USED(mp)) );
-
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    w = (w << DIGIT_BIT) | DIGIT(mp, ix);
-
-    if(w >= d) {
-      q = w / d;
-      w = w % d;
-    } else {
-      q = 0;
-    }
-
-    s_mp_lshd(&quot, 1);
-    DIGIT(&quot, 0) = (mp_digit)q;
-  }
-#else
-  {
-    mp_digit p;
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
-    mp_digit norm;
-#endif
-
-    MP_CHECKOK( mp_init_copy(&rem, mp) );
-
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
-    MP_DIGIT(&quot, 0) = d;
-    MP_CHECKOK( s_mp_norm(&rem, &quot, &norm) );
-    if (norm)
-      d <<= norm;
-    MP_DIGIT(&quot, 0) = 0;
-#endif
-
-    p = 0;
-    for (ix = USED(&rem) - 1; ix >= 0; ix--) {
-      w = DIGIT(&rem, ix);
-
-      if (p) {
-        MP_CHECKOK( s_mpv_div_2dx1d(p, w, d, &q, &w) );
-      } else if (w >= d) {
-	q = w / d;
-	w = w % d;
-      } else {
-	q = 0;
-      }
-
-      MP_CHECKOK( s_mp_lshd(&quot, 1) );
-      DIGIT(&quot, 0) = q;
-      p = w;
-    }
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
-    if (norm)
-      w >>= norm;
-#endif
-  }
-#endif
-
-  /* Deliver the remainder, if desired */
-  if(r)
-    *r = (mp_digit)w;
-
-  s_mp_clamp(&quot);
-  mp_exch(&quot, mp);
-CLEANUP:
-  mp_clear(&quot);
-  mp_clear(&rem);
-
-  return res;
-} /* end s_mp_div_d() */
-
-/* }}} */
-
-
-/* }}} */
-
-/* {{{ Primitive full arithmetic */
-
-/* {{{ s_mp_add(a, b) */
-
-/* Compute a = |a| + |b|                                                  */
-mp_err   s_mp_add(mp_int *a, const mp_int *b)  /* magnitude addition      */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  mp_word   w = 0;
-#else
-  mp_digit  d, sum, carry = 0;
-#endif
-  mp_digit *pa, *pb;
-  mp_size   ix;
-  mp_size   used;
-  mp_err    res;
-
-  /* Make sure a has enough precision for the output value */
-  if((USED(b) > USED(a)) && (res = s_mp_pad(a, USED(b))) != MP_OKAY)
-    return res;
-
-  /*
-    Add up all digits up to the precision of b.  If b had initially
-    the same precision as a, or greater, we took care of it by the
-    padding step above, so there is no problem.  If b had initially
-    less precision, we'll have to make sure the carry out is duly
-    propagated upward among the higher-order digits of the sum.
-   */
-  pa = MP_DIGITS(a);
-  pb = MP_DIGITS(b);
-  used = MP_USED(b);
-  for(ix = 0; ix < used; ix++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-    w = w + *pa + *pb++;
-    *pa++ = ACCUM(w);
-    w = CARRYOUT(w);
-#else
-    d = *pa;
-    sum = d + *pb++;
-    d = (sum < d);			/* detect overflow */
-    *pa++ = sum += carry;
-    carry = d + (sum < carry);		/* detect overflow */
-#endif
-  }
-
-  /* If we run out of 'b' digits before we're actually done, make
-     sure the carries get propagated upward...  
-   */
-  used = MP_USED(a);
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  while (w && ix < used) {
-    w = w + *pa;
-    *pa++ = ACCUM(w);
-    w = CARRYOUT(w);
-    ++ix;
-  }
-#else
-  while (carry && ix < used) {
-    sum = carry + *pa;
-    *pa++ = sum;
-    carry = !sum;
-    ++ix;
-  }
-#endif
-
-  /* If there's an overall carry out, increase precision and include
-     it.  We could have done this initially, but why touch the memory
-     allocator unless we're sure we have to?
-   */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  if (w) {
-    if((res = s_mp_pad(a, used + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(a, ix) = (mp_digit)w;
-  }
-#else
-  if (carry) {
-    if((res = s_mp_pad(a, used + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(a, used) = carry;
-  }
-#endif
-
-  return MP_OKAY;
-} /* end s_mp_add() */
-
-/* }}} */
-
-/* Compute c = |a| + |b|         */ /* magnitude addition      */
-mp_err   s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c)  
-{
-  mp_digit *pa, *pb, *pc;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  mp_word   w = 0;
-#else
-  mp_digit  sum, carry = 0, d;
-#endif
-  mp_size   ix;
-  mp_size   used;
-  mp_err    res;
-
-  MP_SIGN(c) = MP_SIGN(a);
-  if (MP_USED(a) < MP_USED(b)) {
-    const mp_int *xch = a;
-    a = b;
-    b = xch;
-  }
-
-  /* Make sure a has enough precision for the output value */
-  if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
-    return res;
-
-  /*
-    Add up all digits up to the precision of b.  If b had initially
-    the same precision as a, or greater, we took care of it by the
-    exchange step above, so there is no problem.  If b had initially
-    less precision, we'll have to make sure the carry out is duly
-    propagated upward among the higher-order digits of the sum.
-   */
-  pa = MP_DIGITS(a);
-  pb = MP_DIGITS(b);
-  pc = MP_DIGITS(c);
-  used = MP_USED(b);
-  for (ix = 0; ix < used; ix++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-    w = w + *pa++ + *pb++;
-    *pc++ = ACCUM(w);
-    w = CARRYOUT(w);
-#else
-    d = *pa++;
-    sum = d + *pb++;
-    d = (sum < d);			/* detect overflow */
-    *pc++ = sum += carry;
-    carry = d + (sum < carry);		/* detect overflow */
-#endif
-  }
-
-  /* If we run out of 'b' digits before we're actually done, make
-     sure the carries get propagated upward...  
-   */
-  for (used = MP_USED(a); ix < used; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-    w = w + *pa++;
-    *pc++ = ACCUM(w);
-    w = CARRYOUT(w);
-#else
-    *pc++ = sum = carry + *pa++;
-    carry = (sum < carry);
-#endif
-  }
-
-  /* If there's an overall carry out, increase precision and include
-     it.  We could have done this initially, but why touch the memory
-     allocator unless we're sure we have to?
-   */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  if (w) {
-    if((res = s_mp_pad(c, used + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(c, used) = (mp_digit)w;
-    ++used;
-  }
-#else
-  if (carry) {
-    if((res = s_mp_pad(c, used + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(c, used) = carry;
-    ++used;
-  }
-#endif
-  MP_USED(c) = used;
-  return MP_OKAY;
-}
-/* {{{ s_mp_add_offset(a, b, offset) */
-
-/* Compute a = |a| + ( |b| * (RADIX ** offset) )             */
-mp_err   s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset)   
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  mp_word   w, k = 0;
-#else
-  mp_digit  d, sum, carry = 0;
-#endif
-  mp_size   ib;
-  mp_size   ia;
-  mp_size   lim;
-  mp_err    res;
-
-  /* Make sure a has enough precision for the output value */
-  lim = MP_USED(b) + offset;
-  if((lim > USED(a)) && (res = s_mp_pad(a, lim)) != MP_OKAY)
-    return res;
-
-  /*
-    Add up all digits up to the precision of b.  If b had initially
-    the same precision as a, or greater, we took care of it by the
-    padding step above, so there is no problem.  If b had initially
-    less precision, we'll have to make sure the carry out is duly
-    propagated upward among the higher-order digits of the sum.
-   */
-  lim = USED(b);
-  for(ib = 0, ia = offset; ib < lim; ib++, ia++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-    w = (mp_word)DIGIT(a, ia) + DIGIT(b, ib) + k;
-    DIGIT(a, ia) = ACCUM(w);
-    k = CARRYOUT(w);
-#else
-    d = MP_DIGIT(a, ia);
-    sum = d + MP_DIGIT(b, ib);
-    d = (sum < d);
-    MP_DIGIT(a,ia) = sum += carry;
-    carry = d + (sum < carry);
-#endif
-  }
-
-  /* If we run out of 'b' digits before we're actually done, make
-     sure the carries get propagated upward...  
-   */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  for (lim = MP_USED(a); k && (ia < lim); ++ia) {
-    w = (mp_word)DIGIT(a, ia) + k;
-    DIGIT(a, ia) = ACCUM(w);
-    k = CARRYOUT(w);
-  }
-#else
-  for (lim = MP_USED(a); carry && (ia < lim); ++ia) {
-    d = MP_DIGIT(a, ia);
-    MP_DIGIT(a,ia) = sum = d + carry;
-    carry = (sum < d);
-  }
-#endif
-
-  /* If there's an overall carry out, increase precision and include
-     it.  We could have done this initially, but why touch the memory
-     allocator unless we're sure we have to?
-   */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
-  if(k) {
-    if((res = s_mp_pad(a, USED(a) + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(a, ia) = (mp_digit)k;
-  }
-#else
-  if (carry) {
-    if((res = s_mp_pad(a, lim + 1)) != MP_OKAY)
-      return res;
-
-    DIGIT(a, lim) = carry;
-  }
-#endif
-  s_mp_clamp(a);
-
-  return MP_OKAY;
-
-} /* end s_mp_add_offset() */
-
-/* }}} */
-
-/* {{{ s_mp_sub(a, b) */
-
-/* Compute a = |a| - |b|, assumes |a| >= |b|                              */
-mp_err   s_mp_sub(mp_int *a, const mp_int *b)  /* magnitude subtract      */
-{
-  mp_digit *pa, *pb, *limit;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-  mp_sword  w = 0;
-#else
-  mp_digit  d, diff, borrow = 0;
-#endif
-
-  /*
-    Subtract and propagate borrow.  Up to the precision of b, this
-    accounts for the digits of b; after that, we just make sure the
-    carries get to the right place.  This saves having to pad b out to
-    the precision of a just to make the loops work right...
-   */
-  pa = MP_DIGITS(a);
-  pb = MP_DIGITS(b);
-  limit = pb + MP_USED(b);
-  while (pb < limit) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-    w = w + *pa - *pb++;
-    *pa++ = ACCUM(w);
-    w >>= MP_DIGIT_BIT;
-#else
-    d = *pa;
-    diff = d - *pb++;
-    d = (diff > d);				/* detect borrow */
-    if (borrow && --diff == MP_DIGIT_MAX)
-      ++d;
-    *pa++ = diff;
-    borrow = d;	
-#endif
-  }
-  limit = MP_DIGITS(a) + MP_USED(a);
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-  while (w && pa < limit) {
-    w = w + *pa;
-    *pa++ = ACCUM(w);
-    w >>= MP_DIGIT_BIT;
-  }
-#else
-  while (borrow && pa < limit) {
-    d = *pa;
-    *pa++ = diff = d - borrow;
-    borrow = (diff > d);
-  }
-#endif
-
-  /* Clobber any leading zeroes we created    */
-  s_mp_clamp(a);
-
-  /* 
-     If there was a borrow out, then |b| > |a| in violation
-     of our input invariant.  We've already done the work,
-     but we'll at least complain about it...
-   */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-  return w ? MP_RANGE : MP_OKAY;
-#else
-  return borrow ? MP_RANGE : MP_OKAY;
-#endif
-} /* end s_mp_sub() */
-
-/* }}} */
-
-/* Compute c = |a| - |b|, assumes |a| >= |b| */ /* magnitude subtract      */
-mp_err   s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c)  
-{
-  mp_digit *pa, *pb, *pc;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-  mp_sword  w = 0;
-#else
-  mp_digit  d, diff, borrow = 0;
-#endif
-  int       ix, limit;
-  mp_err    res;
-
-  MP_SIGN(c) = MP_SIGN(a);
-
-  /* Make sure a has enough precision for the output value */
-  if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
-    return res;
-
-  /*
-    Subtract and propagate borrow.  Up to the precision of b, this
-    accounts for the digits of b; after that, we just make sure the
-    carries get to the right place.  This saves having to pad b out to
-    the precision of a just to make the loops work right...
-   */
-  pa = MP_DIGITS(a);
-  pb = MP_DIGITS(b);
-  pc = MP_DIGITS(c);
-  limit = MP_USED(b);
-  for (ix = 0; ix < limit; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-    w = w + *pa++ - *pb++;
-    *pc++ = ACCUM(w);
-    w >>= MP_DIGIT_BIT;
-#else
-    d = *pa++;
-    diff = d - *pb++;
-    d = (diff > d);
-    if (borrow && --diff == MP_DIGIT_MAX)
-      ++d;
-    *pc++ = diff;
-    borrow = d;
-#endif
-  }
-  for (limit = MP_USED(a); ix < limit; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-    w = w + *pa++;
-    *pc++ = ACCUM(w);
-    w >>= MP_DIGIT_BIT;
-#else
-    d = *pa++;
-    *pc++ = diff = d - borrow;
-    borrow = (diff > d);
-#endif
-  }
-
-  /* Clobber any leading zeroes we created    */
-  MP_USED(c) = ix;
-  s_mp_clamp(c);
-
-  /* 
-     If there was a borrow out, then |b| > |a| in violation
-     of our input invariant.  We've already done the work,
-     but we'll at least complain about it...
-   */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
-  return w ? MP_RANGE : MP_OKAY;
-#else
-  return borrow ? MP_RANGE : MP_OKAY;
-#endif
-}
-/* {{{ s_mp_mul(a, b) */
-
-/* Compute a = |a| * |b|                                                  */
-mp_err   s_mp_mul(mp_int *a, const mp_int *b)
-{
-  return mp_mul(a, b, a);
-} /* end s_mp_mul() */
-
-/* }}} */
-
-#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_MUL_DxD(a, b, Phi, Plo) \
-  { unsigned long long product = (unsigned long long)a * b; \
-    Plo = (mp_digit)product; \
-    Phi = (mp_digit)(product >> MP_DIGIT_BIT); }
-#elif defined(OSF1)
-#define MP_MUL_DxD(a, b, Phi, Plo) \
-  { Plo = asm ("mulq %a0, %a1, %v0", a, b);\
-    Phi = asm ("umulh %a0, %a1, %v0", a, b); }
-#else
-#define MP_MUL_DxD(a, b, Phi, Plo) \
-  { mp_digit a0b1, a1b0; \
-    Plo = (a & MP_HALF_DIGIT_MAX) * (b & MP_HALF_DIGIT_MAX); \
-    Phi = (a >> MP_HALF_DIGIT_BIT) * (b >> MP_HALF_DIGIT_BIT); \
-    a0b1 = (a & MP_HALF_DIGIT_MAX) * (b >> MP_HALF_DIGIT_BIT); \
-    a1b0 = (a >> MP_HALF_DIGIT_BIT) * (b & MP_HALF_DIGIT_MAX); \
-    a1b0 += a0b1; \
-    Phi += a1b0 >> MP_HALF_DIGIT_BIT; \
-    if (a1b0 < a0b1)  \
-      Phi += MP_HALF_RADIX; \
-    a1b0 <<= MP_HALF_DIGIT_BIT; \
-    Plo += a1b0; \
-    if (Plo < a1b0) \
-      ++Phi; \
-  }
-#endif
-
-#if !defined(MP_ASSEMBLY_MULTIPLY)
-/* c = a * b */
-void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
-  mp_digit   d = 0;
-
-  /* Inner product:  Digits of a */
-  while (a_len--) {
-    mp_word w = ((mp_word)b * *a++) + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-  *c = d;
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-  *c = carry;
-#endif
-}
-
-/* c += a * b */
-void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, 
-			      mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
-  mp_digit   d = 0;
-
-  /* Inner product:  Digits of a */
-  while (a_len--) {
-    mp_word w = ((mp_word)b * *a++) + *c + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-  *c = d;
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-    a0b0 += a_i = *c;
-    if (a0b0 < a_i)
-      ++a1b1;
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-  *c = carry;
-#endif
-}
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
-  mp_digit   d = 0;
-
-  /* Inner product:  Digits of a */
-  while (a_len--) {
-    mp_word w = ((mp_word)b * *a++) + *c + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-
-  while (d) {
-    mp_word w = (mp_word)*c + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-
-    a0b0 += a_i = *c;
-    if (a0b0 < a_i)
-      ++a1b1;
-
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-  while (carry) {
-    mp_digit c_i = *c;
-    carry += c_i;
-    *c++ = carry;
-    carry = carry < c_i;
-  }
-#endif
-}
-#endif
-
-#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_SQR_D(a, Phi, Plo) \
-  { unsigned long long square = (unsigned long long)a * a; \
-    Plo = (mp_digit)square; \
-    Phi = (mp_digit)(square >> MP_DIGIT_BIT); }
-#elif defined(OSF1)
-#define MP_SQR_D(a, Phi, Plo) \
-  { Plo = asm ("mulq  %a0, %a0, %v0", a);\
-    Phi = asm ("umulh %a0, %a0, %v0", a); }
-#else
-#define MP_SQR_D(a, Phi, Plo) \
-  { mp_digit Pmid; \
-    Plo  = (a  & MP_HALF_DIGIT_MAX) * (a  & MP_HALF_DIGIT_MAX); \
-    Phi  = (a >> MP_HALF_DIGIT_BIT) * (a >> MP_HALF_DIGIT_BIT); \
-    Pmid = (a  & MP_HALF_DIGIT_MAX) * (a >> MP_HALF_DIGIT_BIT); \
-    Phi += Pmid >> (MP_HALF_DIGIT_BIT - 1);  \
-    Pmid <<= (MP_HALF_DIGIT_BIT + 1);  \
-    Plo += Pmid;  \
-    if (Plo < Pmid)  \
-      ++Phi;  \
-  }
-#endif
-
-#if !defined(MP_ASSEMBLY_SQUARE)
-/* Add the squares of the digits of a to the digits of b. */
-void s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
-  mp_word  w;
-  mp_digit d;
-  mp_size  ix;
-
-  w  = 0;
-#define ADD_SQUARE(n) \
-    d = pa[n]; \
-    w += (d * (mp_word)d) + ps[2*n]; \
-    ps[2*n] = ACCUM(w); \
-    w = (w >> DIGIT_BIT) + ps[2*n+1]; \
-    ps[2*n+1] = ACCUM(w); \
-    w = (w >> DIGIT_BIT)
-
-  for (ix = a_len; ix >= 4; ix -= 4) {
-    ADD_SQUARE(0);
-    ADD_SQUARE(1);
-    ADD_SQUARE(2);
-    ADD_SQUARE(3);
-    pa += 4;
-    ps += 8;
-  }
-  if (ix) {
-    ps += 2*ix;
-    pa += ix;
-    switch (ix) {
-    case 3: ADD_SQUARE(-3); /* FALLTHRU */
-    case 2: ADD_SQUARE(-2); /* FALLTHRU */
-    case 1: ADD_SQUARE(-1); /* FALLTHRU */
-    case 0: break;
-    }
-  }
-  while (w) {
-    w += *ps;
-    *ps++ = ACCUM(w);
-    w = (w >> DIGIT_BIT);
-  }
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *pa++;
-    mp_digit a0a0, a1a1;
-
-    MP_SQR_D(a_i, a1a1, a0a0);
-
-    /* here a1a1 and a0a0 constitute a_i ** 2 */
-    a0a0 += carry;
-    if (a0a0 < carry)
-      ++a1a1;
-
-    /* now add to ps */
-    a0a0 += a_i = *ps;
-    if (a0a0 < a_i)
-      ++a1a1;
-    *ps++ = a0a0;
-    a1a1 += a_i = *ps;
-    carry = (a1a1 < a_i);
-    *ps++ = a1a1;
-  }
-  while (carry) {
-    mp_digit s_i = *ps;
-    carry += s_i;
-    *ps++ = carry;
-    carry = carry < s_i;
-  }
-#endif
-}
-#endif
-
-#if (defined(MP_NO_MP_WORD) || defined(MP_NO_DIV_WORD)) \
-&& !defined(MP_ASSEMBLY_DIV_2DX1D)
-/*
-** Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized 
-** so its high bit is 1.   This code is from NSPR.
-*/
-mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor, 
-		       mp_digit *qp, mp_digit *rp)
-{
-    mp_digit d1, d0, q1, q0;
-    mp_digit r1, r0, m;
-
-    d1 = divisor >> MP_HALF_DIGIT_BIT;
-    d0 = divisor & MP_HALF_DIGIT_MAX;
-    r1 = Nhi % d1;
-    q1 = Nhi / d1;
-    m = q1 * d0;
-    r1 = (r1 << MP_HALF_DIGIT_BIT) | (Nlo >> MP_HALF_DIGIT_BIT);
-    if (r1 < m) {
-        q1--, r1 += divisor;
-        if (r1 >= divisor && r1 < m) {
-	    q1--, r1 += divisor;
-	}
-    }
-    r1 -= m;
-    r0 = r1 % d1;
-    q0 = r1 / d1;
-    m = q0 * d0;
-    r0 = (r0 << MP_HALF_DIGIT_BIT) | (Nlo & MP_HALF_DIGIT_MAX);
-    if (r0 < m) {
-        q0--, r0 += divisor;
-        if (r0 >= divisor && r0 < m) {
-	    q0--, r0 += divisor;
-	}
-    }
-    if (qp)
-	*qp = (q1 << MP_HALF_DIGIT_BIT) | q0;
-    if (rp)
-	*rp = r0 - m;
-    return MP_OKAY;
-}
-#endif
-
-#if MP_SQUARE
-/* {{{ s_mp_sqr(a) */
-
-mp_err   s_mp_sqr(mp_int *a)
-{
-  mp_err   res;
-  mp_int   tmp;
-
-  if((res = mp_init_size(&tmp, 2 * USED(a))) != MP_OKAY)
-    return res;
-  res = mp_sqr(a, &tmp);
-  if (res == MP_OKAY) {
-    s_mp_exch(&tmp, a);
-  }
-  mp_clear(&tmp);
-  return res;
-}
-
-/* }}} */
-#endif
-
-/* {{{ s_mp_div(a, b) */
-
-/*
-  s_mp_div(a, b)
-
-  Compute a = a / b and b = a mod b.  Assumes b > a.
- */
-
-mp_err   s_mp_div(mp_int *rem, 	/* i: dividend, o: remainder */
-                  mp_int *div, 	/* i: divisor                */
-		  mp_int *quot)	/* i: 0;        o: quotient  */
-{
-  mp_int   part, t;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
-  mp_word  q_msd;
-#else
-  mp_digit q_msd;
-#endif
-  mp_err   res;
-  mp_digit d;
-  mp_digit div_msd;
-  int      ix;
-
-  if(mp_cmp_z(div) == 0)
-    return MP_RANGE;
-
-  /* Shortcut if divisor is power of two */
-  if((ix = s_mp_ispow2(div)) >= 0) {
-    MP_CHECKOK( mp_copy(rem, quot) );
-    s_mp_div_2d(quot, (mp_digit)ix);
-    s_mp_mod_2d(rem,  (mp_digit)ix);
-
-    return MP_OKAY;
-  }
-
-  DIGITS(&t) = 0;
-  MP_SIGN(rem) = ZPOS;
-  MP_SIGN(div) = ZPOS;
-
-  /* A working temporary for division     */
-  MP_CHECKOK( mp_init_size(&t, MP_ALLOC(rem)));
-
-  /* Normalize to optimize guessing       */
-  MP_CHECKOK( s_mp_norm(rem, div, &d) );
-
-  part = *rem;
-
-  /* Perform the division itself...woo!   */
-  MP_USED(quot) = MP_ALLOC(quot);
-
-  /* Find a partial substring of rem which is at least div */
-  /* If we didn't find one, we're finished dividing    */
-  while (MP_USED(rem) > MP_USED(div) || s_mp_cmp(rem, div) >= 0) {
-    int i;
-    int unusedRem;
-
-    unusedRem = MP_USED(rem) - MP_USED(div);
-    MP_DIGITS(&part) = MP_DIGITS(rem) + unusedRem;
-    MP_ALLOC(&part)  = MP_ALLOC(rem)  - unusedRem;
-    MP_USED(&part)   = MP_USED(div);
-    if (s_mp_cmp(&part, div) < 0) {
-      -- unusedRem;
-#if MP_ARGCHK == 2
-      assert(unusedRem >= 0);
-#endif
-      -- MP_DIGITS(&part);
-      ++ MP_USED(&part);
-      ++ MP_ALLOC(&part);
-    }
-
-    /* Compute a guess for the next quotient digit       */
-    q_msd = MP_DIGIT(&part, MP_USED(&part) - 1);
-    div_msd = MP_DIGIT(div, MP_USED(div) - 1);
-    if (q_msd >= div_msd) {
-      q_msd = 1;
-    } else if (MP_USED(&part) > 1) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
-      q_msd = (q_msd << MP_DIGIT_BIT) | MP_DIGIT(&part, MP_USED(&part) - 2);
-      q_msd /= div_msd;
-      if (q_msd == RADIX)
-        --q_msd;
-#else
-      mp_digit r;
-      MP_CHECKOK( s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2), 
-				  div_msd, &q_msd, &r) );
-#endif
-    } else {
-      q_msd = 0;
-    }
-#if MP_ARGCHK == 2
-    assert(q_msd > 0); /* This case should never occur any more. */
-#endif
-    if (q_msd <= 0)
-      break;
-
-    /* See what that multiplies out to                   */
-    mp_copy(div, &t);
-    MP_CHECKOK( s_mp_mul_d(&t, (mp_digit)q_msd) );
-
-    /* 
-       If it's too big, back it off.  We should not have to do this
-       more than once, or, in rare cases, twice.  Knuth describes a
-       method by which this could be reduced to a maximum of once, but
-       I didn't implement that here.
-     * When using s_mpv_div_2dx1d, we may have to do this 3 times.
-     */
-    for (i = 4; s_mp_cmp(&t, &part) > 0 && i > 0; --i) {
-      --q_msd;
-      s_mp_sub(&t, div);	/* t -= div */
-    }
-    if (i < 0) {
-      res = MP_RANGE;
-      goto CLEANUP;
-    }
-
-    /* At this point, q_msd should be the right next digit   */
-    MP_CHECKOK( s_mp_sub(&part, &t) );	/* part -= t */
-    s_mp_clamp(rem);
-
-    /*
-      Include the digit in the quotient.  We allocated enough memory
-      for any quotient we could ever possibly get, so we should not
-      have to check for failures here
-     */
-    MP_DIGIT(quot, unusedRem) = (mp_digit)q_msd;
-  }
-
-  /* Denormalize remainder                */
-  if (d) {
-    s_mp_div_2d(rem, d);
-  }
-
-  s_mp_clamp(quot);
-
-CLEANUP:
-  mp_clear(&t);
-
-  return res;
-
-} /* end s_mp_div() */
-
-
-/* }}} */
-
-/* {{{ s_mp_2expt(a, k) */
-
-mp_err   s_mp_2expt(mp_int *a, mp_digit k)
-{
-  mp_err    res;
-  mp_size   dig, bit;
-
-  dig = k / DIGIT_BIT;
-  bit = k % DIGIT_BIT;
-
-  mp_zero(a);
-  if((res = s_mp_pad(a, dig + 1)) != MP_OKAY)
-    return res;
-  
-  DIGIT(a, dig) |= ((mp_digit)1 << bit);
-
-  return MP_OKAY;
-
-} /* end s_mp_2expt() */
-
-/* }}} */
-
-/* {{{ s_mp_reduce(x, m, mu) */
-
-/*
-  Compute Barrett reduction, x (mod m), given a precomputed value for
-  mu = b^2k / m, where b = RADIX and k = #digits(m).  This should be
-  faster than straight division, when many reductions by the same
-  value of m are required (such as in modular exponentiation).  This
-  can nearly halve the time required to do modular exponentiation,
-  as compared to using the full integer divide to reduce.
-
-  This algorithm was derived from the _Handbook of Applied
-  Cryptography_ by Menezes, Oorschot and VanStone, Ch. 14,
-  pp. 603-604.  
- */
-
-mp_err   s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu)
-{
-  mp_int   q;
-  mp_err   res;
-
-  if((res = mp_init_copy(&q, x)) != MP_OKAY)
-    return res;
-
-  s_mp_rshd(&q, USED(m) - 1);  /* q1 = x / b^(k-1)  */
-  s_mp_mul(&q, mu);            /* q2 = q1 * mu      */
-  s_mp_rshd(&q, USED(m) + 1);  /* q3 = q2 / b^(k+1) */
-
-  /* x = x mod b^(k+1), quick (no division) */
-  s_mp_mod_2d(x, DIGIT_BIT * (USED(m) + 1));
-
-  /* q = q * m mod b^(k+1), quick (no division) */
-  s_mp_mul(&q, m);
-  s_mp_mod_2d(&q, DIGIT_BIT * (USED(m) + 1));
-
-  /* x = x - q */
-  if((res = mp_sub(x, &q, x)) != MP_OKAY)
-    goto CLEANUP;
-
-  /* If x < 0, add b^(k+1) to it */
-  if(mp_cmp_z(x) < 0) {
-    mp_set(&q, 1);
-    if((res = s_mp_lshd(&q, USED(m) + 1)) != MP_OKAY)
-      goto CLEANUP;
-    if((res = mp_add(x, &q, x)) != MP_OKAY)
-      goto CLEANUP;
-  }
-
-  /* Back off if it's too big */
-  while(mp_cmp(x, m) >= 0) {
-    if((res = s_mp_sub(x, m)) != MP_OKAY)
-      break;
-  }
-
- CLEANUP:
-  mp_clear(&q);
-
-  return res;
-
-} /* end s_mp_reduce() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive comparisons */
-
-/* {{{ s_mp_cmp(a, b) */
-
-/* Compare |a| <=> |b|, return 0 if equal, <0 if a<b, >0 if a>b           */
-int      s_mp_cmp(const mp_int *a, const mp_int *b)
-{
-  mp_size used_a = MP_USED(a);
-  {
-    mp_size used_b = MP_USED(b);
-
-    if (used_a > used_b)
-      goto IS_GT;
-    if (used_a < used_b)
-      goto IS_LT;
-  }
-  {
-    mp_digit *pa, *pb;
-    mp_digit da = 0, db = 0;
-
-#define CMP_AB(n) if ((da = pa[n]) != (db = pb[n])) goto done
-
-    pa = MP_DIGITS(a) + used_a;
-    pb = MP_DIGITS(b) + used_a;
-    while (used_a >= 4) {
-      pa     -= 4;
-      pb     -= 4;
-      used_a -= 4;
-      CMP_AB(3);
-      CMP_AB(2);
-      CMP_AB(1);
-      CMP_AB(0);
-    }
-    while (used_a-- > 0 && ((da = *--pa) == (db = *--pb))) 
-      /* do nothing */;
-done:
-    if (da > db)
-      goto IS_GT;
-    if (da < db) 
-      goto IS_LT;
-  }
-  return MP_EQ;
-IS_LT:
-  return MP_LT;
-IS_GT:
-  return MP_GT;
-} /* end s_mp_cmp() */
-
-/* }}} */
-
-/* {{{ s_mp_cmp_d(a, d) */
-
-/* Compare |a| <=> d, return 0 if equal, <0 if a<d, >0 if a>d             */
-int      s_mp_cmp_d(const mp_int *a, mp_digit d)
-{
-  if(USED(a) > 1)
-    return MP_GT;
-
-  if(DIGIT(a, 0) < d)
-    return MP_LT;
-  else if(DIGIT(a, 0) > d)
-    return MP_GT;
-  else
-    return MP_EQ;
-
-} /* end s_mp_cmp_d() */
-
-/* }}} */
-
-/* {{{ s_mp_ispow2(v) */
-
-/*
-  Returns -1 if the value is not a power of two; otherwise, it returns
-  k such that v = 2^k, i.e. lg(v).
- */
-int      s_mp_ispow2(const mp_int *v)
-{
-  mp_digit d;
-  int      extra = 0, ix;
-
-  ix = MP_USED(v) - 1;
-  d = MP_DIGIT(v, ix); /* most significant digit of v */
-
-  extra = s_mp_ispow2d(d);
-  if (extra < 0 || ix == 0)
-    return extra;
-
-  while (--ix >= 0) {
-    if (DIGIT(v, ix) != 0)
-      return -1; /* not a power of two */
-    extra += MP_DIGIT_BIT;
-  }
-
-  return extra;
-
-} /* end s_mp_ispow2() */
-
-/* }}} */
-
-/* {{{ s_mp_ispow2d(d) */
-
-int      s_mp_ispow2d(mp_digit d)
-{
-  if ((d != 0) && ((d & (d-1)) == 0)) { /* d is a power of 2 */
-    int pow = 0;
-#if defined (MP_USE_UINT_DIGIT)
-    if (d & 0xffff0000U)
-      pow += 16;
-    if (d & 0xff00ff00U)
-      pow += 8;
-    if (d & 0xf0f0f0f0U)
-      pow += 4;
-    if (d & 0xccccccccU)
-      pow += 2;
-    if (d & 0xaaaaaaaaU)
-      pow += 1;
-#elif defined(MP_USE_LONG_LONG_DIGIT)
-    if (d & 0xffffffff00000000ULL)
-      pow += 32;
-    if (d & 0xffff0000ffff0000ULL)
-      pow += 16;
-    if (d & 0xff00ff00ff00ff00ULL)
-      pow += 8;
-    if (d & 0xf0f0f0f0f0f0f0f0ULL)
-      pow += 4;
-    if (d & 0xccccccccccccccccULL)
-      pow += 2;
-    if (d & 0xaaaaaaaaaaaaaaaaULL)
-      pow += 1;
-#elif defined(MP_USE_LONG_DIGIT)
-    if (d & 0xffffffff00000000UL)
-      pow += 32;
-    if (d & 0xffff0000ffff0000UL)
-      pow += 16;
-    if (d & 0xff00ff00ff00ff00UL)
-      pow += 8;
-    if (d & 0xf0f0f0f0f0f0f0f0UL)
-      pow += 4;
-    if (d & 0xccccccccccccccccUL)
-      pow += 2;
-    if (d & 0xaaaaaaaaaaaaaaaaUL)
-      pow += 1;
-#else
-#error "unknown type for mp_digit"
-#endif
-    return pow;
-  }
-  return -1;
-
-} /* end s_mp_ispow2d() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive I/O helpers */
-
-/* {{{ s_mp_tovalue(ch, r) */
-
-/*
-  Convert the given character to its digit value, in the given radix.
-  If the given character is not understood in the given radix, -1 is
-  returned.  Otherwise the digit's numeric value is returned.
-
-  The results will be odd if you use a radix < 2 or > 62, you are
-  expected to know what you're up to.
- */
-int      s_mp_tovalue(char ch, int r)
-{
-  int    val, xch;
-  
-  if(r > 36)
-    xch = ch;
-  else
-    xch = toupper(ch);
-
-  if(isdigit(xch))
-    val = xch - '0';
-  else if(isupper(xch))
-    val = xch - 'A' + 10;
-  else if(islower(xch))
-    val = xch - 'a' + 36;
-  else if(xch == '+')
-    val = 62;
-  else if(xch == '/')
-    val = 63;
-  else 
-    return -1;
-
-  if(val < 0 || val >= r)
-    return -1;
-
-  return val;
-
-} /* end s_mp_tovalue() */
-
-/* }}} */
-
-/* {{{ s_mp_todigit(val, r, low) */
-
-/*
-  Convert val to a radix-r digit, if possible.  If val is out of range
-  for r, returns zero.  Otherwise, returns an ASCII character denoting
-  the value in the given radix.
-
-  The results may be odd if you use a radix < 2 or > 64, you are
-  expected to know what you're doing.
- */
-  
-char     s_mp_todigit(mp_digit val, int r, int low)
-{
-  char   ch;
-
-  if(val >= r)
-    return 0;
-
-  ch = s_dmap_1[val];
-
-  if(r <= 36 && low)
-    ch = tolower(ch);
-
-  return ch;
-
-} /* end s_mp_todigit() */
-
-/* }}} */
-
-/* {{{ s_mp_outlen(bits, radix) */
-
-/* 
-   Return an estimate for how long a string is needed to hold a radix
-   r representation of a number with 'bits' significant bits, plus an
-   extra for a zero terminator (assuming C style strings here)
- */
-int      s_mp_outlen(int bits, int r)
-{
-  return (int)((double)bits * LOG_V_2(r) + 1.5) + 1;
-
-} /* end s_mp_outlen() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ mp_read_unsigned_octets(mp, str, len) */
-/* mp_read_unsigned_octets(mp, str, len)
-   Read in a raw value (base 256) into the given mp_int
-   No sign bit, number is positive.  Leading zeros ignored.
- */
-
-mp_err  
-mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len)
-{
-  int            count;
-  mp_err         res;
-  mp_digit       d;
-
-  ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
-
-  mp_zero(mp);
-
-  count = len % sizeof(mp_digit);
-  if (count) {
-    for (d = 0; count-- > 0; --len) {
-      d = (d << 8) | *str++;
-    }
-    MP_DIGIT(mp, 0) = d;
-  }
-
-  /* Read the rest of the digits */
-  for(; len > 0; len -= sizeof(mp_digit)) {
-    for (d = 0, count = sizeof(mp_digit); count > 0; --count) {
-      d = (d << 8) | *str++;
-    }
-    if (MP_EQ == mp_cmp_z(mp)) {
-      if (!d)
-	continue;
-    } else {
-      if((res = s_mp_lshd(mp, 1)) != MP_OKAY)
-	return res;
-    }
-    MP_DIGIT(mp, 0) = d;
-  }
-  return MP_OKAY;
-} /* end mp_read_unsigned_octets() */
-/* }}} */
-
-/* {{{ mp_unsigned_octet_size(mp) */
-int    
-mp_unsigned_octet_size(const mp_int *mp)
-{
-  int  bytes;
-  int  ix;
-  mp_digit  d = 0;
-
-  ARGCHK(mp != NULL, MP_BADARG);
-  ARGCHK(MP_ZPOS == SIGN(mp), MP_BADARG);
-
-  bytes = (USED(mp) * sizeof(mp_digit));
-
-  /* subtract leading zeros. */
-  /* Iterate over each digit... */
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    d = DIGIT(mp, ix);
-    if (d) 
-	break;
-    bytes -= sizeof(d);
-  }
-  if (!bytes)
-    return 1;
-
-  /* Have MSD, check digit bytes, high order first */
-  for(ix = sizeof(mp_digit) - 1; ix >= 0; ix--) {
-    unsigned char x = (unsigned char)(d >> (ix * CHAR_BIT));
-    if (x) 
-	break;
-    --bytes;
-  }
-  return bytes;
-} /* end mp_unsigned_octet_size() */
-/* }}} */
-
-/* {{{ mp_to_unsigned_octets(mp, str) */
-/* output a buffer of big endian octets no longer than specified. */
-mp_err 
-mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
-{
-  int  ix, pos = 0;
-  int  bytes;
-
-  ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
-  bytes = mp_unsigned_octet_size(mp);
-  ARGCHK(bytes <= maxlen, MP_BADARG);
-
-  /* Iterate over each digit... */
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    mp_digit  d = DIGIT(mp, ix);
-    int       jx;
-
-    /* Unpack digit bytes, high order first */
-    for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
-      unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
-      if (!pos && !x)	/* suppress leading zeros */
-	continue;
-      str[pos++] = x;
-    }
-  }
-  return pos;
-} /* end mp_to_unsigned_octets() */
-/* }}} */
-
-/* {{{ mp_to_signed_octets(mp, str) */
-/* output a buffer of big endian octets no longer than specified. */
-mp_err 
-mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
-{
-  int  ix, pos = 0;
-  int  bytes;
-
-  ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
-  bytes = mp_unsigned_octet_size(mp);
-  ARGCHK(bytes <= maxlen, MP_BADARG);
-
-  /* Iterate over each digit... */
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    mp_digit  d = DIGIT(mp, ix);
-    int       jx;
-
-    /* Unpack digit bytes, high order first */
-    for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
-      unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
-      if (!pos) {
-	if (!x)		/* suppress leading zeros */
-	  continue;
-	if (x & 0x80) { /* add one leading zero to make output positive.  */
-	  ARGCHK(bytes + 1 <= maxlen, MP_BADARG);
-	  if (bytes + 1 > maxlen)
-	    return MP_BADARG;
-	  str[pos++] = 0;
-	}
-      }
-      str[pos++] = x;
-    }
-  }
-  return pos;
-} /* end mp_to_signed_octets() */
-/* }}} */
-
-/* {{{ mp_to_fixlen_octets(mp, str) */
-/* output a buffer of big endian octets exactly as long as requested. */
-mp_err 
-mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length)
-{
-  int  ix, pos = 0;
-  int  bytes;
-
-  ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
-  bytes = mp_unsigned_octet_size(mp);
-  ARGCHK(bytes <= length, MP_BADARG);
-
-  /* place any needed leading zeros */
-  for (;length > bytes; --length) {
-	*str++ = 0;
-  }
-
-  /* Iterate over each digit... */
-  for(ix = USED(mp) - 1; ix >= 0; ix--) {
-    mp_digit  d = DIGIT(mp, ix);
-    int       jx;
-
-    /* Unpack digit bytes, high order first */
-    for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
-      unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
-      if (!pos && !x)	/* suppress leading zeros */
-	continue;
-      str[pos++] = x;
-    }
-  }
-  return MP_OKAY;
-} /* end mp_to_fixlen_octets() */
-/* }}} */
-
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/mpi.h b/security/nss/lib/freebl/mpi/mpi.h
deleted file mode 100644
index a587c0a76..000000000
--- a/security/nss/lib/freebl/mpi/mpi.h
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- *  mpi.h
- *
- *  Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- *  $Id$
- */
-
-#ifndef _H_MPI_
-#define _H_MPI_
-
-#include "mpi-config.h"
-
-#if MP_DEBUG
-#undef MP_IOFUNC
-#define MP_IOFUNC 1
-#endif
-
-#if MP_IOFUNC
-#include <stdio.h>
-#include <ctype.h>
-#endif
-
-#include <limits.h>
-
-#if defined(BSDI)
-#undef ULLONG_MAX
-#endif
-
-#if defined( macintosh )
-#include <Types.h>
-#elif defined( _WIN32_WCE)
-/* #include <sys/types.h> What do we need here ?? */
-#else
-#include <sys/types.h>
-#endif
-
-#define  MP_NEG    1
-#define  MP_ZPOS   0
-
-#define  MP_OKAY          0 /* no error, all is well */
-#define  MP_YES           0 /* yes (boolean result)  */
-#define  MP_NO           -1 /* no (boolean result)   */
-#define  MP_MEM          -2 /* out of memory         */
-#define  MP_RANGE        -3 /* argument out of range */
-#define  MP_BADARG       -4 /* invalid parameter     */
-#define  MP_UNDEF        -5 /* answer is undefined   */
-#define  MP_LAST_CODE    MP_UNDEF
-
-typedef unsigned int      mp_sign;
-typedef unsigned int      mp_size;
-typedef int               mp_err;
-
-#define MP_32BIT_MAX 4294967295U
-
-#if !defined(ULONG_MAX) 
-#error "ULONG_MAX not defined"
-#elif !defined(UINT_MAX)
-#error "UINT_MAX not defined"
-#elif !defined(USHRT_MAX)
-#error "USHRT_MAX not defined"
-#endif
-
-#if defined(ULONG_LONG_MAX)			/* GCC, HPUX */
-#define MP_ULONG_LONG_MAX ULONG_LONG_MAX
-#elif defined(ULLONG_MAX)			/* Solaris */
-#define MP_ULONG_LONG_MAX ULLONG_MAX
-/* MP_ULONG_LONG_MAX was defined to be ULLONG_MAX */
-#elif defined(ULONGLONG_MAX)			/* IRIX, AIX */
-#define MP_ULONG_LONG_MAX ULONGLONG_MAX
-#endif
-
-/* We only use unsigned long for mp_digit iff long is more than 32 bits. */
-#if !defined(MP_USE_UINT_DIGIT) && ULONG_MAX > MP_32BIT_MAX
-typedef unsigned long     mp_digit;
-#define MP_DIGIT_MAX      ULONG_MAX
-#define MP_DIGIT_FMT      "%016lX"   /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX UINT_MAX
-#undef  MP_NO_MP_WORD
-#define MP_NO_MP_WORD 1
-#undef  MP_USE_LONG_DIGIT
-#define MP_USE_LONG_DIGIT 1
-#undef  MP_USE_LONG_LONG_DIGIT
-
-#elif !defined(MP_USE_UINT_DIGIT) && defined(MP_ULONG_LONG_MAX) 
-typedef unsigned long long mp_digit;
-#define MP_DIGIT_MAX       MP_ULONG_LONG_MAX
-#define MP_DIGIT_FMT      "%016llX"  /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX  UINT_MAX
-#undef  MP_NO_MP_WORD
-#define MP_NO_MP_WORD 1
-#undef  MP_USE_LONG_LONG_DIGIT
-#define MP_USE_LONG_LONG_DIGIT 1
-#undef  MP_USE_LONG_DIGIT
-
-#else
-typedef unsigned int      mp_digit;
-#define MP_DIGIT_MAX      UINT_MAX
-#define MP_DIGIT_FMT      "%08X"     /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX USHRT_MAX
-#undef  MP_USE_UINT_DIGIT
-#define MP_USE_UINT_DIGIT 1
-#undef  MP_USE_LONG_LONG_DIGIT
-#undef  MP_USE_LONG_DIGIT
-#endif
-
-#if !defined(MP_NO_MP_WORD) 
-#if  defined(MP_USE_UINT_DIGIT) && \
-    (defined(MP_ULONG_LONG_MAX) || (ULONG_MAX > UINT_MAX))
-
-#if (ULONG_MAX > UINT_MAX)
-typedef unsigned long     mp_word;
-typedef          long     mp_sword;
-#define MP_WORD_MAX       ULONG_MAX
-
-#else
-typedef unsigned long long mp_word;
-typedef          long long mp_sword;
-#define MP_WORD_MAX       MP_ULONG_LONG_MAX
-#endif
-
-#else 
-#define MP_NO_MP_WORD 1
-#endif
-#endif /* !defined(MP_NO_MP_WORD) */
-
-#if !defined(MP_WORD_MAX) && defined(MP_DEFINE_SMALL_WORD)
-typedef unsigned int      mp_word;
-typedef          int      mp_sword;
-#define MP_WORD_MAX       UINT_MAX
-#endif
-
-#define MP_DIGIT_BIT      (CHAR_BIT*sizeof(mp_digit))
-#define MP_WORD_BIT       (CHAR_BIT*sizeof(mp_word))
-#define MP_RADIX          (1+(mp_word)MP_DIGIT_MAX)
-
-#define MP_HALF_DIGIT_BIT (MP_DIGIT_BIT/2)
-#define MP_HALF_RADIX     (1+(mp_digit)MP_HALF_DIGIT_MAX)
-/* MP_HALF_RADIX really ought to be called MP_SQRT_RADIX, but it's named 
-** MP_HALF_RADIX because it's the radix for MP_HALF_DIGITs, and it's 
-** consistent with the other _HALF_ names.
-*/
-
-
-/* Macros for accessing the mp_int internals           */
-#define  MP_SIGN(MP)     ((MP)->sign)
-#define  MP_USED(MP)     ((MP)->used)
-#define  MP_ALLOC(MP)    ((MP)->alloc)
-#define  MP_DIGITS(MP)   ((MP)->dp)
-#define  MP_DIGIT(MP,N)  (MP)->dp[(N)]
-
-/* This defines the maximum I/O base (minimum is 2)   */
-#define MP_MAX_RADIX         64
-
-typedef struct {
-  mp_sign       sign;    /* sign of this quantity      */
-  mp_size       alloc;   /* how many digits allocated  */
-  mp_size       used;    /* how many digits used       */
-  mp_digit     *dp;      /* the digits themselves      */
-} mp_int;
-
-/* Default precision       */
-mp_size mp_get_prec(void);
-void    mp_set_prec(mp_size prec);
-
-/* Memory management       */
-mp_err mp_init(mp_int *mp);
-mp_err mp_init_size(mp_int *mp, mp_size prec);
-mp_err mp_init_copy(mp_int *mp, const mp_int *from);
-mp_err mp_copy(const mp_int *from, mp_int *to);
-void   mp_exch(mp_int *mp1, mp_int *mp2);
-void   mp_clear(mp_int *mp);
-void   mp_zero(mp_int *mp);
-void   mp_set(mp_int *mp, mp_digit d);
-mp_err mp_set_int(mp_int *mp, long z);
-#define mp_set_long(mp,z) mp_set_int(mp,z)
-mp_err mp_set_ulong(mp_int *mp, unsigned long z);
-
-/* Single digit arithmetic */
-mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_mul_2(const mp_int *a, mp_int *c);
-mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r);
-mp_err mp_div_2(const mp_int *a, mp_int *c);
-mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c);
-
-/* Sign manipulations      */
-mp_err mp_abs(const mp_int *a, mp_int *b);
-mp_err mp_neg(const mp_int *a, mp_int *b);
-
-/* Full arithmetic         */
-mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int *c);
-#if MP_SQUARE
-mp_err mp_sqr(const mp_int *a, mp_int *b);
-#else
-#define mp_sqr(a, b) mp_mul(a, a, b)
-#endif
-mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r);
-mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r);
-mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_2expt(mp_int *a, mp_digit k);
-mp_err mp_sqrt(const mp_int *a, mp_int *b);
-
-/* Modular arithmetic      */
-#if MP_MODARITH
-mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c);
-mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c);
-mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-#if MP_SQUARE
-mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c);
-#else
-#define mp_sqrmod(a, m, c) mp_mulmod(a, a, m, c)
-#endif
-mp_err mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c);
-#endif /* MP_MODARITH */
-
-/* Comparisons             */
-int    mp_cmp_z(const mp_int *a);
-int    mp_cmp_d(const mp_int *a, mp_digit d);
-int    mp_cmp(const mp_int *a, const mp_int *b);
-int    mp_cmp_mag(mp_int *a, mp_int *b);
-int    mp_cmp_int(const mp_int *a, long z);
-int    mp_isodd(const mp_int *a);
-int    mp_iseven(const mp_int *a);
-
-/* Number theoretic        */
-#if MP_NUMTH
-mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y);
-mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c);
-mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c);
-#endif /* end MP_NUMTH */
-
-/* Input and output        */
-#if MP_IOFUNC
-void   mp_print(mp_int *mp, FILE *ofp);
-#endif /* end MP_IOFUNC */
-
-/* Base conversion         */
-mp_err mp_read_raw(mp_int *mp, char *str, int len);
-int    mp_raw_size(mp_int *mp);
-mp_err mp_toraw(mp_int *mp, char *str);
-mp_err mp_read_radix(mp_int *mp, const char *str, int radix);
-mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix);
-int    mp_radix_size(mp_int *mp, int radix);
-mp_err mp_toradix(mp_int *mp, char *str, int radix);
-int    mp_tovalue(char ch, int r);
-
-#define mp_tobinary(M, S)  mp_toradix((M), (S), 2)
-#define mp_tooctal(M, S)   mp_toradix((M), (S), 8)
-#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
-#define mp_tohex(M, S)     mp_toradix((M), (S), 16)
-
-/* Error strings           */
-const  char  *mp_strerror(mp_err ec);
-
-/* Octet string conversion functions */
-mp_err mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len);
-int    mp_unsigned_octet_size(const mp_int *mp);
-mp_err mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
-mp_err mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
-mp_err mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size len);
-
-/* Miscellaneous */
-mp_size mp_trailing_zeros(const mp_int *mp);
-
-#define MP_CHECKOK(x)  if (MP_OKAY > (res = (x))) goto CLEANUP
-#define MP_CHECKERR(x) if (MP_OKAY > (res = (x))) goto CLEANUP
-
-#if defined(MP_API_COMPATIBLE)
-#define NEG             MP_NEG
-#define ZPOS            MP_ZPOS
-#define DIGIT_MAX       MP_DIGIT_MAX
-#define DIGIT_BIT       MP_DIGIT_BIT
-#define DIGIT_FMT       MP_DIGIT_FMT
-#define RADIX           MP_RADIX
-#define MAX_RADIX       MP_MAX_RADIX
-#define SIGN(MP)        MP_SIGN(MP)
-#define USED(MP)        MP_USED(MP)
-#define ALLOC(MP)       MP_ALLOC(MP)
-#define DIGITS(MP)      MP_DIGITS(MP)
-#define DIGIT(MP,N)     MP_DIGIT(MP,N)
-
-#if MP_ARGCHK == 1
-#define  ARGCHK(X,Y)  {if(!(X)){return (Y);}}
-#elif MP_ARGCHK == 2
-#include <assert.h>
-#define  ARGCHK(X,Y)  assert(X)
-#else
-#define  ARGCHK(X,Y)  /*  */
-#endif
-#endif /* defined MP_API_COMPATIBLE */
-
-#endif /* end _H_MPI_ */
diff --git a/security/nss/lib/freebl/mpi/mpi_hp.c b/security/nss/lib/freebl/mpi/mpi_hp.c
deleted file mode 100644
index e30630c19..000000000
--- a/security/nss/lib/freebl/mpi/mpi_hp.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-
-/* This file contains routines that perform vector multiplication.  */
-
-#include "mpi-priv.h"
-#include <unistd.h>
-
-#include <stddef.h>
-/* #include <sys/systeminfo.h> */
-#include <strings.h>
-
-extern void multacc512( 
-   int             length,        /* doublewords in multiplicand vector. */
-   const mp_digit *scalaraddr,    /* Address of scalar. */
-   const mp_digit *multiplicand,  /* The multiplicand vector. */
-   mp_digit *      result);       /* Where to accumulate the result. */
-
-extern void maxpy_little(
-   int             length,        /* doublewords in multiplicand vector. */
-   const mp_digit *scalaraddr,    /* Address of scalar. */
-   const mp_digit *multiplicand,  /* The multiplicand vector. */
-   mp_digit *      result);       /* Where to accumulate the result. */
-
-extern void add_diag_little(
-   int            length,       /* doublewords in input vector. */
-   const mp_digit *root,         /* The vector to square. */
-   mp_digit *      result);      /* Where to accumulate the result. */
-
-void 
-s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
-{
-    add_diag_little(a_len, pa, ps);
-}
-
-#define MAX_STACK_DIGITS 258
-#define MULTACC512_LEN   (512 / MP_DIGIT_BIT)
-#define HP_MPY_ADD_FN    (a_len == MULTACC512_LEN ? multacc512 : maxpy_little)
-
-/* c = a * b */
-void 
-s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    mp_digit x[MAX_STACK_DIGITS];
-    mp_digit *px = x;
-    size_t   xSize = 0;
-
-    if (a == c) {
-	if (a_len > MAX_STACK_DIGITS) {
-	    xSize = sizeof(mp_digit) * (a_len + 2);
-	    px = malloc(xSize);
-	    if (!px)
-		return;
-	}
-	memcpy(px, a, a_len * sizeof(*a));
-	a = px;
-    }
-    s_mp_setz(c, a_len + 1);
-    HP_MPY_ADD_FN(a_len, &b, a, c);
-    if (px != x && px) {
-	memset(px, 0, xSize);
-	free(px);
-    }
-}
-
-/* c += a * b, where a is a_len words long. */
-void     
-s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    c[a_len] = 0;	/* so carry propagation stops here. */
-    HP_MPY_ADD_FN(a_len, &b, a, c);
-}
-
-/* c += a * b, where a is y words long. */
-void     
-s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, 
-			 mp_digit *c)
-{
-    HP_MPY_ADD_FN(a_len, &b, a, c);
-}
-
diff --git a/security/nss/lib/freebl/mpi/mpi_i86pc.s b/security/nss/lib/freebl/mpi/mpi_i86pc.s
deleted file mode 100644
index f6c167b1a..000000000
--- a/security/nss/lib/freebl/mpi/mpi_i86pc.s
+++ /dev/null
@@ -1,342 +0,0 @@
- /
- / The contents of this file are subject to the Mozilla Public
- / License Version 1.1 (the "License"); you may not use this file
- / except in compliance with the License. You may obtain a copy of
- / the License at http://www.mozilla.org/MPL/
- / 
- / Software distributed under the License is distributed on an "AS
- / IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- / implied. See the License for the specific language governing
- / rights and limitations under the License.
- / 
- / The Original Code is the Netscape security libraries.
- / 
- / The Initial Developer of the Original Code is Netscape
- / Communications Corporation.	Portions created by Netscape are 
- / Copyright (C) 2001 Netscape Communications Corporation.  All
- / Rights Reserved.
- / 
- / Contributor(s):
- / 
- / Alternatively, the contents of this file may be used under the
- / terms of the GNU General Public License Version 2 or later (the
- / "GPL"), in which case the provisions of the GPL are applicable 
- / instead of those above. If you wish to allow use of your 
- / version of this file only under the terms of the GPL and not to
- / allow others to use your version of this file under the MPL,
- / indicate your decision by deleting the provisions above and
- / replace them with the notice and other provisions required by
- / the GPL.  If you do not delete the provisions above, a recipient
- / may use your version of this file under either the MPL or the
- / GPL.
- /  $Id$
- /
-
-.text
-
- /  ebp - 36:	caller's esi
- /  ebp - 32:	caller's edi
- /  ebp - 28:	
- /  ebp - 24:	
- /  ebp - 20:	
- /  ebp - 16:	
- /  ebp - 12:	
- /  ebp - 8:	
- /  ebp - 4:	
- /  ebp + 0:	caller's ebp
- /  ebp + 4:	return address
- /  ebp + 8:	a	argument
- /  ebp + 12:	a_len	argument
- /  ebp + 16:	b	argument
- /  ebp + 20:	c	argument
- /  registers:
- / 	eax:
- /	ebx:	carry
- /	ecx:	a_len
- /	edx:
- /	esi:	a ptr
- /	edi:	c ptr
-.globl	s_mpv_mul_d
-.type	s_mpv_mul_d,@function
-s_mpv_mul_d:
-    push   %ebp
-    mov    %esp,%ebp
-    sub    $28,%esp
-    push   %edi
-    push   %esi
-    push   %ebx
-    movl   $0,%ebx		/ carry = 0
-    mov    12(%ebp),%ecx	/ ecx = a_len
-    mov    20(%ebp),%edi
-    cmp    $0,%ecx
-    je     L2			/ jmp if a_len == 0
-    mov    8(%ebp),%esi		/ esi = a
-    cld
-L1:
-    lodsl			/ eax = [ds:esi]; esi += 4
-    mov    16(%ebp),%edx	/ edx = b
-    mull   %edx			/ edx:eax = Phi:Plo = a_i * b
-
-    add    %ebx,%eax		/ add carry (%ebx) to edx:eax
-    adc    $0,%edx
-    mov    %edx,%ebx		/ high half of product becomes next carry
-
-    stosl			/ [es:edi] = ax; edi += 4;
-    dec    %ecx			/ --a_len
-    jnz    L1			/ jmp if a_len != 0
-L2:
-    mov    %ebx,0(%edi)		/ *c = carry
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- /  ebp - 36:	caller's esi
- /  ebp - 32:	caller's edi
- /  ebp - 28:	
- /  ebp - 24:	
- /  ebp - 20:	
- /  ebp - 16:	
- /  ebp - 12:	
- /  ebp - 8:	
- /  ebp - 4:	
- /  ebp + 0:	caller's ebp
- /  ebp + 4:	return address
- /  ebp + 8:	a	argument
- /  ebp + 12:	a_len	argument
- /  ebp + 16:	b	argument
- /  ebp + 20:	c	argument
- /  registers:
- / 	eax:
- /	ebx:	carry
- /	ecx:	a_len
- /	edx:
- /	esi:	a ptr
- /	edi:	c ptr
-.globl	s_mpv_mul_d_add
-.type	s_mpv_mul_d_add,@function
-s_mpv_mul_d_add:
-    push   %ebp
-    mov    %esp,%ebp
-    sub    $28,%esp
-    push   %edi
-    push   %esi
-    push   %ebx
-    movl   $0,%ebx		/ carry = 0
-    mov    12(%ebp),%ecx	/ ecx = a_len
-    mov    20(%ebp),%edi
-    cmp    $0,%ecx
-    je     L4			/ jmp if a_len == 0
-    mov    8(%ebp),%esi		/ esi = a
-    cld
-L3:
-    lodsl			/ eax = [ds:esi]; esi += 4
-    mov    16(%ebp),%edx	/ edx = b
-    mull   %edx			/ edx:eax = Phi:Plo = a_i * b
-
-    add    %ebx,%eax		/ add carry (%ebx) to edx:eax
-    adc    $0,%edx
-    mov    0(%edi),%ebx		/ add in current word from *c
-    add    %ebx,%eax		
-    adc    $0,%edx
-    mov    %edx,%ebx		/ high half of product becomes next carry
-
-    stosl			/ [es:edi] = ax; edi += 4;
-    dec    %ecx			/ --a_len
-    jnz    L3			/ jmp if a_len != 0
-L4:
-    mov    %ebx,0(%edi)		/ *c = carry
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- /  ebp - 36:	caller's esi
- /  ebp - 32:	caller's edi
- /  ebp - 28:	
- /  ebp - 24:	
- /  ebp - 20:	
- /  ebp - 16:	
- /  ebp - 12:	
- /  ebp - 8:	
- /  ebp - 4:	
- /  ebp + 0:	caller's ebp
- /  ebp + 4:	return address
- /  ebp + 8:	a	argument
- /  ebp + 12:	a_len	argument
- /  ebp + 16:	b	argument
- /  ebp + 20:	c	argument
- /  registers:
- / 	eax:
- /	ebx:	carry
- /	ecx:	a_len
- /	edx:
- /	esi:	a ptr
- /	edi:	c ptr
-.globl	s_mpv_mul_d_add_prop
-.type	s_mpv_mul_d_add_prop,@function
-s_mpv_mul_d_add_prop:
-    push   %ebp
-    mov    %esp,%ebp
-    sub    $28,%esp
-    push   %edi
-    push   %esi
-    push   %ebx
-    movl   $0,%ebx		/ carry = 0
-    mov    12(%ebp),%ecx	/ ecx = a_len
-    mov    20(%ebp),%edi
-    cmp    $0,%ecx
-    je     L6			/ jmp if a_len == 0
-    cld
-    mov    8(%ebp),%esi		/ esi = a
-L5:
-    lodsl			/ eax = [ds:esi]; esi += 4
-    mov    16(%ebp),%edx	/ edx = b
-    mull   %edx			/ edx:eax = Phi:Plo = a_i * b
-
-    add    %ebx,%eax		/ add carry (%ebx) to edx:eax
-    adc    $0,%edx
-    mov    0(%edi),%ebx		/ add in current word from *c
-    add    %ebx,%eax		
-    adc    $0,%edx
-    mov    %edx,%ebx		/ high half of product becomes next carry
-
-    stosl			/ [es:edi] = ax; edi += 4;
-    dec    %ecx			/ --a_len
-    jnz    L5			/ jmp if a_len != 0
-L6:
-    cmp    $0,%ebx		/ is carry zero?
-    jz     L8
-    mov    0(%edi),%eax		/ add in current word from *c
-    add	   %ebx,%eax
-    stosl			/ [es:edi] = ax; edi += 4;
-    jnc    L8
-L7:
-    mov    0(%edi),%eax		/ add in current word from *c
-    adc	   $0,%eax
-    stosl			/ [es:edi] = ax; edi += 4;
-    jc     L7
-L8:
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- /  ebp - 20:	caller's esi
- /  ebp - 16:	caller's edi
- /  ebp - 12:	
- /  ebp - 8:	carry
- /  ebp - 4:	a_len	local
- /  ebp + 0:	caller's ebp
- /  ebp + 4:	return address
- /  ebp + 8:	pa	argument
- /  ebp + 12:	a_len	argument
- /  ebp + 16:	ps	argument
- /  ebp + 20:	
- /  registers:
- / 	eax:
- /	ebx:	carry
- /	ecx:	a_len
- /	edx:
- /	esi:	a ptr
- /	edi:	c ptr
-
-.globl	s_mpv_sqr_add_prop
-.type	s_mpv_sqr_add_prop,@function
-s_mpv_sqr_add_prop:
-     push   %ebp
-     mov    %esp,%ebp
-     sub    $12,%esp
-     push   %edi
-     push   %esi
-     push   %ebx
-     movl   $0,%ebx		/ carry = 0
-     mov    12(%ebp),%ecx	/ a_len
-     mov    16(%ebp),%edi	/ edi = ps
-     cmp    $0,%ecx
-     je     L11			/ jump if a_len == 0
-     cld
-     mov    8(%ebp),%esi	/ esi = pa
-L10:
-     lodsl			/ %eax = [ds:si]; si += 4;
-     mull   %eax
-
-     add    %ebx,%eax		/ add "carry"
-     adc    $0,%edx
-     mov    0(%edi),%ebx
-     add    %ebx,%eax		/ add low word from result
-     mov    4(%edi),%ebx
-     stosl			/ [es:di] = %eax; di += 4;
-     adc    %ebx,%edx		/ add high word from result
-     movl   $0,%ebx
-     mov    %edx,%eax
-     adc    $0,%ebx
-     stosl			/ [es:di] = %eax; di += 4;
-     dec    %ecx		/ --a_len
-     jnz    L10			/ jmp if a_len != 0
-L11:
-    cmp    $0,%ebx		/ is carry zero?
-    jz     L14
-    mov    0(%edi),%eax		/ add in current word from *c
-    add	   %ebx,%eax
-    stosl			/ [es:edi] = ax; edi += 4;
-    jnc    L14
-L12:
-    mov    0(%edi),%eax		/ add in current word from *c
-    adc	   $0,%eax
-    stosl			/ [es:edi] = ax; edi += 4;
-    jc     L12
-L14:
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- /
- / Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
- / so its high bit is 1.   This code is from NSPR.
- /
- / mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- / 		          mp_digit *qp, mp_digit *rp)
-
- /  esp +  0:   Caller's ebx
- /  esp +  4:	return address
- /  esp +  8:	Nhi	argument
- /  esp + 12:	Nlo	argument
- /  esp + 16:	divisor	argument
- /  esp + 20:	qp	argument
- /  esp + 24:   rp	argument
- /  registers:
- / 	eax:
- /	ebx:	carry
- /	ecx:	a_len
- /	edx:
- /	esi:	a ptr
- /	edi:	c ptr
- / 
-
-.globl	s_mpv_div_2dx1d
-.type	s_mpv_div_2dx1d,@function
-s_mpv_div_2dx1d:
-       push   %ebx
-       mov    8(%esp),%edx
-       mov    12(%esp),%eax
-       mov    16(%esp),%ebx
-       div    %ebx
-       mov    20(%esp),%ebx
-       mov    %eax,0(%ebx)
-       mov    24(%esp),%ebx
-       mov    %edx,0(%ebx)
-       xor    %eax,%eax		/ return zero
-       pop    %ebx
-       ret    
-       nop
-  
diff --git a/security/nss/lib/freebl/mpi/mpi_mips.s b/security/nss/lib/freebl/mpi/mpi_mips.s
deleted file mode 100644
index bb846ee57..000000000
--- a/security/nss/lib/freebl/mpi/mpi_mips.s
+++ /dev/null
@@ -1,502 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-#include <regdef.h>
-        .set    noreorder
-        .set    noat
-
-        .section        .text, 1, 0x00000006, 4, 4
-.text:
-        .section        .text
-
-        .ent    s_mpv_mul_d_add
-        .globl  s_mpv_mul_d_add
-
-s_mpv_mul_d_add: 
- #/* c += a * b */
- #void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, 
- #			      mp_digit *c)
- #{
- #  mp_digit   a0, a1;	regs a4, a5
- #  mp_digit   c0, c1;  regs a6, a7
- #  mp_digit   cy = 0;  reg t2
- #  mp_word    w0, w1;  regs t0, t1
- #
- #  if (a_len) {
-	beq	a1,zero,.L.1
-	move	t2,zero		# cy = 0
-	dsll32	a2,a2,0		# "b" is sometimes negative (?!?!)
-	dsrl32	a2,a2,0		# This clears the upper 32 bits.
- #    a0 = a[0];
-	lwu	a4,0(a0)
- #    w0 = ((mp_word)b * a0);
-	dmultu	a2,a4
- #    if (--a_len) {
-	addiu	a1,a1,-1
-	beq	a1,zero,.L.2
- #      while (a_len >= 2) {
-	sltiu	t3,a1,2
-	bne	t3,zero,.L.3
- #	  a1     = a[1];
-	lwu	a5,4(a0)
-.L.4:
- #	  a_len -= 2;
-        addiu	a1,a1,-2
- #	  c0     = c[0];
-	lwu	a6,0(a3)
- #	  w0    += cy;
-	mflo	t0
-	daddu	t0,t0,t2
- #	  w0    += c0;
-	daddu	t0,t0,a6
- #	  w1     = (mp_word)b * a1; 
-	dmultu	a2,a5			#
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  a0     = a[2];
-	lwu	a4,8(a0)
- #	  a     += 2;
-	addiu	a0,a0,8
- #	  c1     = c[1];
-	lwu	a7,4(a3)
- #	  w1    += cy;
-	mflo	t1
-	daddu	t1,t1,t2
- #	  w1    += c1;
-	daddu	t1,t1,a7
- #	  w0     = (mp_word)b * a0;
-	dmultu	a2,a4			#
- #	  cy     = CARRYOUT(w1);
-	dsrl32	t2,t1,0
- #	  c[1]   = ACCUM(w1);
-	sw	t1,4(a3)
- #	  c     += 2;
-	addiu	a3,a3,8
-	sltiu	t3,a1,2
-	beq	t3,zero,.L.4
- #	  a1     = a[1];
-	lwu	a5,4(a0)
- #      }
-.L.3:
- #      c0       = c[0];
-	lwu	a6,0(a3)
- #      w0      += cy;
- #      if (a_len) {
-	mflo	t0
-	beq	a1,zero,.L.5
-	daddu	t0,t0,t2
- #	  w1     = (mp_word)b * a1; 
-	dmultu	a2,a5
- #	  w0    += c0;
-	daddu	t0,t0,a6		#
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  c1     = c[1];
-	lwu	a7,4(a3)
- #	  w1    += cy;
-	mflo	t1
-	daddu	t1,t1,t2
- #	  w1    += c1;
-	daddu	t1,t1,a7
- #	  c[1]   = ACCUM(w1);
-	sw	t1,4(a3)
- #	  cy     = CARRYOUT(w1);
-	dsrl32	t2,t1,0
- #	  c     += 1;
-	b	.L.6
-	addiu	a3,a3,4
- #      } else {
-.L.5:
- #	  w0    += c0;
-	daddu	t0,t0,a6
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  cy     = CARRYOUT(w0);
-	b	.L.6
-	dsrl32	t2,t0,0
- #      }
- #    } else {
-.L.2:
- #      c0     = c[0];
-	lwu	a6,0(a3)
- #      w0    += c0;
-	mflo	t0
-	daddu	t0,t0,a6
- #      c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #      cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #    }
-.L.6:
- #    c[1] = cy;
-	jr	ra
-	sw	t2,4(a3)
- #  }
-.L.1:
-	jr	ra
-	nop
- #}
- #
-        .end    s_mpv_mul_d_add
-
-        .ent    s_mpv_mul_d_add_prop
-        .globl  s_mpv_mul_d_add_prop
-
-s_mpv_mul_d_add_prop: 
- #/* c += a * b */
- #void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, 
- #			      mp_digit *c)
- #{
- #  mp_digit   a0, a1;	regs a4, a5
- #  mp_digit   c0, c1;  regs a6, a7
- #  mp_digit   cy = 0;  reg t2
- #  mp_word    w0, w1;  regs t0, t1
- #
- #  if (a_len) {
-	beq	a1,zero,.M.1
-	move	t2,zero		# cy = 0
-	dsll32	a2,a2,0		# "b" is sometimes negative (?!?!)
-	dsrl32	a2,a2,0		# This clears the upper 32 bits.
- #    a0 = a[0];
-	lwu	a4,0(a0)
- #    w0 = ((mp_word)b * a0);
-	dmultu	a2,a4
- #    if (--a_len) {
-	addiu	a1,a1,-1
-	beq	a1,zero,.M.2
- #      while (a_len >= 2) {
-	sltiu	t3,a1,2
-	bne	t3,zero,.M.3
- #	  a1     = a[1];
-	lwu	a5,4(a0)
-.M.4:
- #	  a_len -= 2;
-        addiu	a1,a1,-2
- #	  c0     = c[0];
-	lwu	a6,0(a3)
- #	  w0    += cy;
-	mflo	t0
-	daddu	t0,t0,t2
- #	  w0    += c0;
-	daddu	t0,t0,a6
- #	  w1     = (mp_word)b * a1; 
-	dmultu	a2,a5			#
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  a0     = a[2];
-	lwu	a4,8(a0)
- #	  a     += 2;
-	addiu	a0,a0,8
- #	  c1     = c[1];
-	lwu	a7,4(a3)
- #	  w1    += cy;
-	mflo	t1
-	daddu	t1,t1,t2
- #	  w1    += c1;
-	daddu	t1,t1,a7
- #	  w0     = (mp_word)b * a0;
-	dmultu	a2,a4			#
- #	  cy     = CARRYOUT(w1);
-	dsrl32	t2,t1,0
- #	  c[1]   = ACCUM(w1);
-	sw	t1,4(a3)
- #	  c     += 2;
-	addiu	a3,a3,8
-	sltiu	t3,a1,2
-	beq	t3,zero,.M.4
- #	  a1     = a[1];
-	lwu	a5,4(a0)
- #      }
-.M.3:
- #      c0       = c[0];
-	lwu	a6,0(a3)
- #      w0      += cy;
- #      if (a_len) {
-	mflo	t0
-	beq	a1,zero,.M.5
-	daddu	t0,t0,t2
- #	  w1     = (mp_word)b * a1; 
-	dmultu	a2,a5
- #	  w0    += c0;
-	daddu	t0,t0,a6		#
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  c1     = c[1];
-	lwu	a7,4(a3)
- #	  w1    += cy;
-	mflo	t1
-	daddu	t1,t1,t2
- #	  w1    += c1;
-	daddu	t1,t1,a7
- #	  c[1]   = ACCUM(w1);
-	sw	t1,4(a3)
- #	  cy     = CARRYOUT(w1);
-	dsrl32	t2,t1,0
- #	  c     += 1;
-	b	.M.6
-	addiu	a3,a3,8
- #      } else {
-.M.5:
- #	  w0    += c0;
-	daddu	t0,t0,a6
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
-	b	.M.6
-	addiu	a3,a3,4
- #      }
- #    } else {
-.M.2:
- #      c0     = c[0];
-	lwu	a6,0(a3)
- #      w0    += c0;
-	mflo	t0
-	daddu	t0,t0,a6
- #      c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #      cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
-	addiu	a3,a3,4
- #    }
-.M.6:
-
- #    while (cy) {
-	beq	t2,zero,.M.1
-	nop
-.M.7:
- #      mp_word w = (mp_word)*c + cy;
-	lwu	a6,0(a3)
-	daddu	t2,t2,a6
- #      *c++ = ACCUM(w);
-	sw	t2,0(a3)
- #      cy = CARRYOUT(w);
-	dsrl32	t2,t2,0
-	bne	t2,zero,.M.7
-	addiu	a3,a3,4
-
- #  }
-.M.1:
-	jr	ra
-	nop
- #}
- #
-        .end    s_mpv_mul_d_add_prop
-
-        .ent    s_mpv_mul_d
-        .globl  s_mpv_mul_d
-
-s_mpv_mul_d: 
- #/* c = a * b */
- #void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, 
- #			      mp_digit *c)
- #{
- #  mp_digit   a0, a1;	regs a4, a5
- #  mp_digit   cy = 0;  reg t2
- #  mp_word    w0, w1;  regs t0, t1
- #
- #  if (a_len) {
-	beq	a1,zero,.N.1
-	move	t2,zero		# cy = 0
-	dsll32	a2,a2,0		# "b" is sometimes negative (?!?!)
-	dsrl32	a2,a2,0		# This clears the upper 32 bits.
- #    a0 = a[0];
-	lwu	a4,0(a0)
- #    w0 = ((mp_word)b * a0);
-	dmultu	a2,a4
- #    if (--a_len) {
-	addiu	a1,a1,-1
-	beq	a1,zero,.N.2
- #      while (a_len >= 2) {
-	sltiu	t3,a1,2
-	bne	t3,zero,.N.3
- #	  a1     = a[1];
-	lwu	a5,4(a0)
-.N.4:
- #	  a_len -= 2;
-        addiu	a1,a1,-2
- #	  w0    += cy;
-	mflo	t0
-	daddu	t0,t0,t2
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #	  w1     = (mp_word)b * a1; 
-	dmultu	a2,a5	
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  a0     = a[2];
-	lwu	a4,8(a0)
- #	  a     += 2;
-	addiu	a0,a0,8
- #	  w1    += cy;
-	mflo	t1
-	daddu	t1,t1,t2
- #	  cy     = CARRYOUT(w1);
-	dsrl32	t2,t1,0
- #	  w0     = (mp_word)b * a0;
-	dmultu	a2,a4	
- #	  c[1]   = ACCUM(w1);
-	sw	t1,4(a3)
- #	  c     += 2;
-	addiu	a3,a3,8
-	sltiu	t3,a1,2
-	beq	t3,zero,.N.4
- #	  a1     = a[1];
-	lwu	a5,4(a0)
- #      }
-.N.3:
- #      w0      += cy;
- #      if (a_len) {
-	mflo	t0
-	beq	a1,zero,.N.5
-	daddu	t0,t0,t2
- #	  w1     = (mp_word)b * a1; 
-	dmultu	a2,a5			#
- #	  cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  w1    += cy;
-	mflo	t1
-	daddu	t1,t1,t2
- #	  c[1]   = ACCUM(w1);
-	sw	t1,4(a3)
- #	  cy     = CARRYOUT(w1);
-	dsrl32	t2,t1,0
- #	  c     += 1;
-	b	.N.6
-	addiu	a3,a3,4
- #      } else {
-.N.5:
- #	  c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #	  cy     = CARRYOUT(w0);
-	b	.N.6
-	dsrl32	t2,t0,0
- #      }
- #    } else {
-.N.2:
-	mflo	t0
- #      c[0]   = ACCUM(w0);
-	sw	t0,0(a3)
- #      cy     = CARRYOUT(w0);
-	dsrl32	t2,t0,0
- #    }
-.N.6:
- #    c[1] = cy;
-	jr	ra
-	sw	t2,4(a3)
- #  }
-.N.1:
-	jr	ra
-	nop
- #}
- #
-        .end    s_mpv_mul_d
-
-
-        .ent    s_mpv_sqr_add_prop
-        .globl  s_mpv_sqr_add_prop
- #void   s_mpv_sqr_add_prop(const mp_digit *a, mp_size a_len, mp_digit *sqrs);
- #	registers
- #	a0		*a
- #	a1		a_len
- #	a2		*sqr
- #	a3		digit from *a, a_i
- #	a4		square of digit from a
- #	a5,a6		next 2 digits in sqr
- #	a7,t0		carry 
-s_mpv_sqr_add_prop:
-	move	a7,zero
-	move	t0,zero
-	lwu	a3,0(a0)
-	addiu	a1,a1,-1	# --a_len
-	dmultu	a3,a3
-	beq	a1,zero,.P.3	# jump if we've already done the only sqr
-	addiu	a0,a0,4		# ++a
-.P.2:
-        lwu	a5,0(a2)
-        lwu	a6,4(a2)
-	addiu	a2,a2,8		# sqrs += 2;
-	dsll32	a6,a6,0
-	daddu	a5,a5,a6
-	lwu	a3,0(a0)
-	addiu	a0,a0,4		# ++a
-	mflo	a4
-	daddu	a6,a5,a4
-	sltu	a7,a6,a5	# a7 = a6 < a5	detect overflow
-	dmultu	a3,a3
-	daddu	a4,a6,t0
-	sltu	t0,a4,a6
-	add	t0,t0,a7
-	sw	a4,-8(a2)
-	addiu	a1,a1,-1	# --a_len
-	dsrl32	a4,a4,0
-	bne	a1,zero,.P.2	# loop if a_len > 0
-	sw	a4,-4(a2)
-.P.3:
-        lwu	a5,0(a2)
-        lwu	a6,4(a2)
-	addiu	a2,a2,8		# sqrs += 2;
-	dsll32	a6,a6,0
-	daddu	a5,a5,a6
-	mflo	a4
-	daddu	a6,a5,a4
-	sltu	a7,a6,a5	# a7 = a6 < a5	detect overflow
-	daddu	a4,a6,t0
-	sltu	t0,a4,a6
-	add	t0,t0,a7
-	sw	a4,-8(a2)
-	beq	t0,zero,.P.9	# jump if no carry
-	dsrl32	a4,a4,0
-.P.8:
-	sw	a4,-4(a2)
-	/* propagate final carry */
-	lwu	a5,0(a2)
-	daddu	a6,a5,t0
-	sltu	t0,a6,a5
-	bne	t0,zero,.P.8	# loop if carry persists
-	addiu	a2,a2,4		# sqrs++
-.P.9:
-	jr	ra
-	sw	a4,-4(a2)
-
-        .end    s_mpv_sqr_add_prop
diff --git a/security/nss/lib/freebl/mpi/mpi_sparc.c b/security/nss/lib/freebl/mpi/mpi_sparc.c
deleted file mode 100644
index a7bf863fd..000000000
--- a/security/nss/lib/freebl/mpi/mpi_sparc.c
+++ /dev/null
@@ -1,358 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-
-/* Multiplication performance enhancements for sparc v8+vis CPUs. */
-
-#include "mpi-priv.h"
-#include <stddef.h>
-#include <sys/systeminfo.h>
-#include <strings.h>
-
-/* In the functions below, */
-/* vector y must be 8-byte aligned, and n must be even */
-/* returns carry out of high order word of result */
-/* maximum n is 256 */
-
-/* vector x += vector y * scaler a; where y is of length n words. */
-extern mp_digit mul_add_inp(mp_digit *x, const mp_digit *y, int n, mp_digit a);
-
-/* vector z = vector x + vector y * scaler a; where y is of length n words. */
-extern mp_digit mul_add(mp_digit *z, const mp_digit *x, const mp_digit *y, 
-			int n, mp_digit a);
-
-/* v8 versions of these functions run on any Sparc v8 CPU. */
-
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_MUL_DxD(a, b, Phi, Plo) \
-  { unsigned long long product = (unsigned long long)a * b; \
-    Plo = (mp_digit)product; \
-    Phi = (mp_digit)(product >> MP_DIGIT_BIT); }
-
-/* c = a * b */
-static void 
-v8_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
-  mp_digit   d = 0;
-
-  /* Inner product:  Digits of a */
-  while (a_len--) {
-    mp_word w = ((mp_word)b * *a++) + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-  *c = d;
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-  *c = carry;
-#endif
-}
-
-/* c += a * b */
-static void 
-v8_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
-  mp_digit   d = 0;
-
-  /* Inner product:  Digits of a */
-  while (a_len--) {
-    mp_word w = ((mp_word)b * *a++) + *c + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-  *c = d;
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-    a0b0 += a_i = *c;
-    if (a0b0 < a_i)
-      ++a1b1;
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-  *c = carry;
-#endif
-}
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-static void 
-v8_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
-  mp_digit   d = 0;
-
-  /* Inner product:  Digits of a */
-  while (a_len--) {
-    mp_word w = ((mp_word)b * *a++) + *c + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-
-  while (d) {
-    mp_word w = (mp_word)*c + d;
-    *c++ = ACCUM(w);
-    d = CARRYOUT(w);
-  }
-#else
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-
-    a0b0 += a_i = *c;
-    if (a0b0 < a_i)
-      ++a1b1;
-
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-  while (carry) {
-    mp_digit c_i = *c;
-    carry += c_i;
-    *c++ = carry;
-    carry = carry < c_i;
-  }
-#endif
-}
-
-/* vis versions of these functions run only on v8+vis or v9+vis CPUs. */
-
-/* c = a * b */
-static void 
-vis_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    mp_digit d;
-    mp_digit x[258];
-    if (a_len <= 256) {
-	if (a == c || ((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
-	    mp_digit * px;
-	    px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
-	    memcpy(px, a, a_len * sizeof(*a));
-	    a = px;
-	    if (a_len & 1) {
-		px[a_len] = 0;
-	    }
-	}
-	s_mp_setz(c, a_len + 1);
-	d = mul_add_inp(c, a, a_len, b);
-	c[a_len] = d;
-    } else {
-	v8_mpv_mul_d(a, a_len, b, c);
-    }
-}
-
-/* c += a * b, where a is a_len words long. */
-static void     
-vis_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    mp_digit d;
-    mp_digit x[258];
-    if (a_len <= 256) {
-	if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
-	    mp_digit * px;
-	    px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
-	    memcpy(px, a, a_len * sizeof(*a));
-	    a = px;
-	    if (a_len & 1) {
-		px[a_len] = 0;
-	    }
-	}
-	d = mul_add_inp(c, a, a_len, b);
-	c[a_len] = d;
-    } else {
-	v8_mpv_mul_d_add(a, a_len, b, c);
-    }
-}
-
-/* c += a * b, where a is y words long. */
-static void     
-vis_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, 
-			 mp_digit *c)
-{
-    mp_digit d;
-    mp_digit x[258];
-    if (a_len <= 256) {
-	if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
-	    mp_digit * px;
-	    px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
-	    memcpy(px, a, a_len * sizeof(*a));
-	    a = px;
-	    if (a_len & 1) {
-		px[a_len] = 0;
-	    }
-	}
-	d = mul_add_inp(c, a, a_len, b);
-	if (d) {
-	    c += a_len;
-	    do {
-		mp_digit sum = d + *c;
-		*c++ = sum;
-		d = sum < d;
-	    } while (d);
-	}
-    } else {
-	v8_mpv_mul_d_add_prop(a, a_len, b, c);
-    }
-}
-
-#if defined(SOLARIS2_5)
-static int
-isSparcV8PlusVis(void)
-{
-    long buflen;
-    int  rv             = 0;    /* false */
-    char buf[256];
-    buflen = sysinfo(SI_MACHINE, buf, sizeof buf);
-    if (buflen > 0) {
-        rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1"));
-    }
-    return rv;
-}
-#else   /* SunOS2.6or higher has SI_ISALIST */
-
-static int
-isSparcV8PlusVis(void)
-{
-    long buflen;
-    int  rv             = 0;    /* false */
-    char buf[256];
-    buflen = sysinfo(SI_ISALIST, buf, sizeof buf);
-    if (buflen > 0) {
-#if defined(MP_USE_LONG_DIGIT)
-        char * found = strstr(buf, "sparcv9+vis");
-#else
-        char * found = strstr(buf, "sparcv8plus+vis");
-#endif
-        rv = (found != 0);
-    }
-    return rv;
-}
-#endif
-
-typedef void MPVmpy(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c);
-
-/* forward static function declarations */
-static MPVmpy sp_mpv_mul_d;
-static MPVmpy sp_mpv_mul_d_add;
-static MPVmpy sp_mpv_mul_d_add_prop;
-
-static MPVmpy *p_mpv_mul_d		= &sp_mpv_mul_d;
-static MPVmpy *p_mpv_mul_d_add		= &sp_mpv_mul_d_add;
-static MPVmpy *p_mpv_mul_d_add_prop	= &sp_mpv_mul_d_add_prop;
-
-static void
-initPtrs(void)
-{
-    if (isSparcV8PlusVis()) {
-	p_mpv_mul_d = 		&vis_mpv_mul_d;
-	p_mpv_mul_d_add = 	&vis_mpv_mul_d_add;
-	p_mpv_mul_d_add_prop = 	&vis_mpv_mul_d_add_prop;
-    } else {
-	p_mpv_mul_d = 		&v8_mpv_mul_d;
-	p_mpv_mul_d_add = 	&v8_mpv_mul_d_add;
-	p_mpv_mul_d_add_prop = 	&v8_mpv_mul_d_add_prop;
-    }
-}
-
-static void 
-sp_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    initPtrs();
-    (* p_mpv_mul_d)(a, a_len, b, c);
-}
-
-static void 
-sp_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    initPtrs();
-    (* p_mpv_mul_d_add)(a, a_len, b, c);
-}
-
-static void 
-sp_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    initPtrs();
-    (* p_mpv_mul_d_add_prop)(a, a_len, b, c);
-}
-
-
-/* This is the external interface */
-
-void 
-s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    (* p_mpv_mul_d)(a, a_len, b, c);
-}
-
-void 
-s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    (* p_mpv_mul_d_add)(a, a_len, b, c);
-}
-
-void 
-s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-    (* p_mpv_mul_d_add_prop)(a, a_len, b, c);
-}
-
-
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.asm b/security/nss/lib/freebl/mpi/mpi_x86.asm
deleted file mode 100644
index ed2fc5e58..000000000
--- a/security/nss/lib/freebl/mpi/mpi_x86.asm
+++ /dev/null
@@ -1,351 +0,0 @@
-;
-;  mpi_x86.asm - assembly language implementation of s_mpv_ functions.
-; 
-;  The contents of this file are subject to the Mozilla Public
-;  License Version 1.1 (the "License"); you may not use this file
-;  except in compliance with the License. You may obtain a copy of
-;  the License at http://www.mozilla.org/MPL/
-;  
-;  Software distributed under the License is distributed on an "AS
-;  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;  implied. See the License for the specific language governing
-;  rights and limitations under the License.
-;  
-;  The Original Code is the Netscape security libraries.
-;  
-;  The Initial Developer of the Original Code is Netscape
-;  Communications Corporation.	Portions created by Netscape are 
-;  Copyright (C) 2000 Netscape Communications Corporation.  All
-;  Rights Reserved.
-;  
-;  Contributor(s):
-;  
-;  Alternatively, the contents of this file may be used under the
-;  terms of the GNU General Public License Version 2 or later (the
-;  "GPL"), in which case the provisions of the GPL are applicable 
-;  instead of those above.	If you wish to allow use of your 
-;  version of this file only under the terms of the GPL and not to
-;  allow others to use your version of this file under the MPL,
-;  indicate your decision by deleting the provisions above and
-;  replace them with the notice and other provisions required by
-;  the GPL.  If you do not delete the provisions above, a recipient
-;  may use your version of this file under either the MPL or the
-;  GPL.
-;   $Id$
-; 
-
-	.386p
-	.MODEL	FLAT
-	ASSUME  CS: FLAT, DS: FLAT, SS: FLAT
-_TEXT   SEGMENT
-
-;   ebp - 36:	caller's esi
-;   ebp - 32:	caller's edi
-;   ebp - 28:	
-;   ebp - 24:	
-;   ebp - 20:	
-;   ebp - 16:	
-;   ebp - 12:	
-;   ebp - 8:	
-;   ebp - 4:	
-;   ebp + 0:	caller's ebp
-;   ebp + 4:	return address
-;   ebp + 8:	a	argument
-;   ebp + 12:	a_len	argument
-;   ebp + 16:	b	argument
-;   ebp + 20:	c	argument
-;   registers:
-;  	eax:
-; 	ebx:	carry
-; 	ecx:	a_len
-; 	edx:
-; 	esi:	a ptr
-; 	edi:	c ptr
-
-public	_s_mpv_mul_d
-_s_mpv_mul_d PROC NEAR
-    push   ebp
-    mov    ebp,esp
-    sub    esp,28
-    push   edi
-    push   esi
-    push   ebx
-    mov    ebx,0		; carry = 0
-    mov    ecx,[ebp+12]		; ecx = a_len
-    mov    edi,[ebp+20]
-    cmp    ecx,0
-    je     L_2			; jmp if a_len == 0
-    mov    esi,[ebp+8]		; esi = a
-    cld
-L_1:
-    lodsd			; eax = [ds:esi]; esi += 4
-    mov    edx,[ebp+16]		; edx = b
-    mul    edx			; edx:eax = Phi:Plo = a_i * b
-
-    add    eax,ebx		; add carry (ebx) to edx:eax
-    adc    edx,0
-    mov    ebx,edx		; high half of product becomes next carry
-
-    stosd			; [es:edi] = ax; edi += 4;
-    dec    ecx			; --a_len
-    jnz    L_1			; jmp if a_len != 0
-L_2:
-    mov    [edi],ebx		; *c = carry
-    pop    ebx
-    pop    esi
-    pop    edi
-    leave  
-    ret    
-    nop
-_s_mpv_mul_d ENDP
-
-;   ebp - 36:	caller's esi
-;   ebp - 32:	caller's edi
-;   ebp - 28:	
-;   ebp - 24:	
-;   ebp - 20:	
-;   ebp - 16:	
-;   ebp - 12:	
-;   ebp - 8:	
-;   ebp - 4:	
-;   ebp + 0:	caller's ebp
-;   ebp + 4:	return address
-;   ebp + 8:	a	argument
-;   ebp + 12:	a_len	argument
-;   ebp + 16:	b	argument
-;   ebp + 20:	c	argument
-;   registers:
-;  	eax:
-; 	ebx:	carry
-; 	ecx:	a_len
-; 	edx:
-; 	esi:	a ptr
-; 	edi:	c ptr
-public	_s_mpv_mul_d_add
-_s_mpv_mul_d_add PROC NEAR
-    push   ebp
-    mov    ebp,esp
-    sub    esp,28
-    push   edi
-    push   esi
-    push   ebx
-    mov    ebx,0		; carry = 0
-    mov    ecx,[ebp+12]		; ecx = a_len
-    mov    edi,[ebp+20]
-    cmp    ecx,0
-    je     L_4			; jmp if a_len == 0
-    mov    esi,[ebp+8]		; esi = a
-    cld
-L_3:
-    lodsd			; eax = [ds:esi]; esi += 4
-    mov    edx,[ebp+16]		; edx = b
-    mul    edx			; edx:eax = Phi:Plo = a_i * b
-
-    add    eax,ebx		; add carry (ebx) to edx:eax
-    adc    edx,0
-    mov    ebx,[edi]		; add in current word from *c
-    add    eax,ebx		
-    adc    edx,0
-    mov    ebx,edx		; high half of product becomes next carry
-
-    stosd			; [es:edi] = ax; edi += 4;
-    dec    ecx			; --a_len
-    jnz    L_3			; jmp if a_len != 0
-L_4:
-    mov    [edi],ebx		; *c = carry
-    pop    ebx
-    pop    esi
-    pop    edi
-    leave  
-    ret    
-    nop
-_s_mpv_mul_d_add ENDP
-
-;   ebp - 36:	caller's esi
-;   ebp - 32:	caller's edi
-;   ebp - 28:	
-;   ebp - 24:	
-;   ebp - 20:	
-;   ebp - 16:	
-;   ebp - 12:	
-;   ebp - 8:	
-;   ebp - 4:	
-;   ebp + 0:	caller's ebp
-;   ebp + 4:	return address
-;   ebp + 8:	a	argument
-;   ebp + 12:	a_len	argument
-;   ebp + 16:	b	argument
-;   ebp + 20:	c	argument
-;   registers:
-;  	eax:
-; 	ebx:	carry
-; 	ecx:	a_len
-; 	edx:
-; 	esi:	a ptr
-; 	edi:	c ptr
-public	_s_mpv_mul_d_add_prop
-_s_mpv_mul_d_add_prop PROC NEAR
-    push   ebp
-    mov    ebp,esp
-    sub    esp,28
-    push   edi
-    push   esi
-    push   ebx
-    mov    ebx,0		; carry = 0
-    mov    ecx,[ebp+12]		; ecx = a_len
-    mov    edi,[ebp+20]
-    cmp    ecx,0
-    je     L_6			; jmp if a_len == 0
-    cld
-    mov    esi,[ebp+8]		; esi = a
-L_5:
-    lodsd			; eax = [ds:esi]; esi += 4
-    mov    edx,[ebp+16]		; edx = b
-    mul    edx			; edx:eax = Phi:Plo = a_i * b
-
-    add    eax,ebx		; add carry (ebx) to edx:eax
-    adc    edx,0
-    mov    ebx,[edi]		; add in current word from *c
-    add    eax,ebx		
-    adc    edx,0
-    mov    ebx,edx		; high half of product becomes next carry
-
-    stosd			; [es:edi] = ax; edi += 4;
-    dec    ecx			; --a_len
-    jnz    L_5			; jmp if a_len != 0
-L_6:
-    cmp    ebx,0		; is carry zero?
-    jz     L_8
-    mov    eax,[edi]		; add in current word from *c
-    add    eax,ebx
-    stosd			; [es:edi] = ax; edi += 4;
-    jnc    L_8
-L_7:
-    mov    eax,[edi]		; add in current word from *c
-    adc    eax,0
-    stosd			; [es:edi] = ax; edi += 4;
-    jc     L_7
-L_8:
-    pop    ebx
-    pop    esi
-    pop    edi
-    leave  
-    ret    
-    nop
-_s_mpv_mul_d_add_prop ENDP
-
-;   ebp - 20:	caller's esi
-;   ebp - 16:	caller's edi
-;   ebp - 12:	
-;   ebp - 8:	carry
-;   ebp - 4:	a_len	local
-;   ebp + 0:	caller's ebp
-;   ebp + 4:	return address
-;   ebp + 8:	pa	argument
-;   ebp + 12:	a_len	argument
-;   ebp + 16:	ps	argument
-;   ebp + 20:	
-;   registers:
-;  	eax:
-; 	ebx:	carry
-; 	ecx:	a_len
-; 	edx:
-; 	esi:	a ptr
-; 	edi:	c ptr
-
-public	_s_mpv_sqr_add_prop
-_s_mpv_sqr_add_prop PROC NEAR
-     push   ebp
-     mov    ebp,esp
-     sub    esp,12
-     push   edi
-     push   esi
-     push   ebx
-     mov    ebx,0		; carry = 0
-     mov    ecx,[ebp+12]	; a_len
-     mov    edi,[ebp+16]	; edi = ps
-     cmp    ecx,0
-     je     L_11		; jump if a_len == 0
-     cld
-     mov    esi,[ebp+8]		; esi = pa
-L_10:
-     lodsd			; eax = [ds:si]; si += 4;
-     mul    eax
-
-     add    eax,ebx		; add "carry"
-     adc    edx,0
-     mov    ebx,[edi]
-     add    eax,ebx		; add low word from result
-     mov    ebx,[edi+4]
-     stosd			; [es:di] = eax; di += 4;
-     adc    edx,ebx		; add high word from result
-     mov    ebx,0
-     mov    eax,edx
-     adc    ebx,0
-     stosd			; [es:di] = eax; di += 4;
-     dec    ecx			; --a_len
-     jnz    L_10		; jmp if a_len != 0
-L_11:
-    cmp    ebx,0		; is carry zero?
-    jz     L_14
-    mov    eax,[edi]		; add in current word from *c
-    add    eax,ebx
-    stosd			; [es:edi] = ax; edi += 4;
-    jnc    L_14
-L_12:
-    mov    eax,[edi]		; add in current word from *c
-    adc    eax,0
-    stosd			; [es:edi] = ax; edi += 4;
-    jc     L_12
-L_14:
-    pop    ebx
-    pop    esi
-    pop    edi
-    leave  
-    ret    
-    nop
-_s_mpv_sqr_add_prop ENDP
-
-; 
-;  Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
-;  so its high bit is 1.   This code is from NSPR.
-; 
-;  mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
-;  		          mp_digit *qp, mp_digit *rp)
-
-;  Dump of assembler code for function s_mpv_div_2dx1d:
-;  
-;   esp +  0:   Caller's ebx
-;   esp +  4:	return address
-;   esp +  8:	Nhi	argument
-;   esp + 12:	Nlo	argument
-;   esp + 16:	divisor	argument
-;   esp + 20:	qp	argument
-;   esp + 24:   rp	argument
-;   registers:
-;  	eax:
-; 	ebx:	carry
-; 	ecx:	a_len
-; 	edx:
-; 	esi:	a ptr
-; 	edi:	c ptr
-;  
-public	_s_mpv_div_2dx1d
-_s_mpv_div_2dx1d PROC NEAR
-       push   ebx
-       mov    edx,[esp+8]
-       mov    eax,[esp+12]
-       mov    ebx,[esp+16]
-       div    ebx
-       mov    ebx,[esp+20]
-       mov    [ebx],eax
-       mov    ebx,[esp+24]
-       mov    [ebx],edx
-       xor    eax,eax		; return zero
-       pop    ebx
-       ret    
-       nop
-_s_mpv_div_2dx1d ENDP
-
-_TEXT	ENDS
-END
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.s b/security/nss/lib/freebl/mpi/mpi_x86.s
deleted file mode 100644
index 427b7e61e..000000000
--- a/security/nss/lib/freebl/mpi/mpi_x86.s
+++ /dev/null
@@ -1,342 +0,0 @@
- #
- # The contents of this file are subject to the Mozilla Public
- # License Version 1.1 (the "License"); you may not use this file
- # except in compliance with the License. You may obtain a copy of
- # the License at http://www.mozilla.org/MPL/
- # 
- # Software distributed under the License is distributed on an "AS
- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- # implied. See the License for the specific language governing
- # rights and limitations under the License.
- # 
- # The Original Code is the Netscape security libraries.
- # 
- # The Initial Developer of the Original Code is Netscape
- # Communications Corporation.	Portions created by Netscape are 
- # Copyright (C) 2000 Netscape Communications Corporation.  All
- # Rights Reserved.
- # 
- # Contributor(s):
- # 
- # Alternatively, the contents of this file may be used under the
- # terms of the GNU General Public License Version 2 or later (the
- # "GPL"), in which case the provisions of the GPL are applicable 
- # instead of those above.	If you wish to allow use of your 
- # version of this file only under the terms of the GPL and not to
- # allow others to use your version of this file under the MPL,
- # indicate your decision by deleting the provisions above and
- # replace them with the notice and other provisions required by
- # the GPL.  If you do not delete the provisions above, a recipient
- # may use your version of this file under either the MPL or the
- # GPL.
- #  $Id$
- #
-
-.text
-
- #  ebp - 36:	caller's esi
- #  ebp - 32:	caller's edi
- #  ebp - 28:	
- #  ebp - 24:	
- #  ebp - 20:	
- #  ebp - 16:	
- #  ebp - 12:	
- #  ebp - 8:	
- #  ebp - 4:	
- #  ebp + 0:	caller's ebp
- #  ebp + 4:	return address
- #  ebp + 8:	a	argument
- #  ebp + 12:	a_len	argument
- #  ebp + 16:	b	argument
- #  ebp + 20:	c	argument
- #  registers:
- # 	eax:
- #	ebx:	carry
- #	ecx:	a_len
- #	edx:
- #	esi:	a ptr
- #	edi:	c ptr
-.globl	s_mpv_mul_d
-.type	s_mpv_mul_d,@function
-s_mpv_mul_d:
-    push   %ebp
-    mov    %esp,%ebp
-    sub    $28,%esp
-    push   %edi
-    push   %esi
-    push   %ebx
-    movl   $0,%ebx		# carry = 0
-    mov    12(%ebp),%ecx	# ecx = a_len
-    mov    20(%ebp),%edi
-    cmp    $0,%ecx
-    je     2f			# jmp if a_len == 0
-    mov    8(%ebp),%esi		# esi = a
-    cld
-1:
-    lodsl			# eax = [ds:esi]; esi += 4
-    mov    16(%ebp),%edx	# edx = b
-    mull   %edx			# edx:eax = Phi:Plo = a_i * b
-
-    add    %ebx,%eax		# add carry (%ebx) to edx:eax
-    adc    $0,%edx
-    mov    %edx,%ebx		# high half of product becomes next carry
-
-    stosl			# [es:edi] = ax; edi += 4;
-    dec    %ecx			# --a_len
-    jnz    1b			# jmp if a_len != 0
-2:
-    mov    %ebx,0(%edi)		# *c = carry
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- #  ebp - 36:	caller's esi
- #  ebp - 32:	caller's edi
- #  ebp - 28:	
- #  ebp - 24:	
- #  ebp - 20:	
- #  ebp - 16:	
- #  ebp - 12:	
- #  ebp - 8:	
- #  ebp - 4:	
- #  ebp + 0:	caller's ebp
- #  ebp + 4:	return address
- #  ebp + 8:	a	argument
- #  ebp + 12:	a_len	argument
- #  ebp + 16:	b	argument
- #  ebp + 20:	c	argument
- #  registers:
- # 	eax:
- #	ebx:	carry
- #	ecx:	a_len
- #	edx:
- #	esi:	a ptr
- #	edi:	c ptr
-.globl	s_mpv_mul_d_add
-.type	s_mpv_mul_d_add,@function
-s_mpv_mul_d_add:
-    push   %ebp
-    mov    %esp,%ebp
-    sub    $28,%esp
-    push   %edi
-    push   %esi
-    push   %ebx
-    movl   $0,%ebx		# carry = 0
-    mov    12(%ebp),%ecx	# ecx = a_len
-    mov    20(%ebp),%edi
-    cmp    $0,%ecx
-    je     4f			# jmp if a_len == 0
-    mov    8(%ebp),%esi		# esi = a
-    cld
-3:
-    lodsl			# eax = [ds:esi]; esi += 4
-    mov    16(%ebp),%edx	# edx = b
-    mull   %edx			# edx:eax = Phi:Plo = a_i * b
-
-    add    %ebx,%eax		# add carry (%ebx) to edx:eax
-    adc    $0,%edx
-    mov    0(%edi),%ebx		# add in current word from *c
-    add    %ebx,%eax		
-    adc    $0,%edx
-    mov    %edx,%ebx		# high half of product becomes next carry
-
-    stosl			# [es:edi] = ax; edi += 4;
-    dec    %ecx			# --a_len
-    jnz    3b			# jmp if a_len != 0
-4:
-    mov    %ebx,0(%edi)		# *c = carry
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- #  ebp - 36:	caller's esi
- #  ebp - 32:	caller's edi
- #  ebp - 28:	
- #  ebp - 24:	
- #  ebp - 20:	
- #  ebp - 16:	
- #  ebp - 12:	
- #  ebp - 8:	
- #  ebp - 4:	
- #  ebp + 0:	caller's ebp
- #  ebp + 4:	return address
- #  ebp + 8:	a	argument
- #  ebp + 12:	a_len	argument
- #  ebp + 16:	b	argument
- #  ebp + 20:	c	argument
- #  registers:
- # 	eax:
- #	ebx:	carry
- #	ecx:	a_len
- #	edx:
- #	esi:	a ptr
- #	edi:	c ptr
-.globl	s_mpv_mul_d_add_prop
-.type	s_mpv_mul_d_add_prop,@function
-s_mpv_mul_d_add_prop:
-    push   %ebp
-    mov    %esp,%ebp
-    sub    $28,%esp
-    push   %edi
-    push   %esi
-    push   %ebx
-    movl   $0,%ebx		# carry = 0
-    mov    12(%ebp),%ecx	# ecx = a_len
-    mov    20(%ebp),%edi
-    cmp    $0,%ecx
-    je     6f			# jmp if a_len == 0
-    cld
-    mov    8(%ebp),%esi		# esi = a
-5:
-    lodsl			# eax = [ds:esi]; esi += 4
-    mov    16(%ebp),%edx	# edx = b
-    mull   %edx			# edx:eax = Phi:Plo = a_i * b
-
-    add    %ebx,%eax		# add carry (%ebx) to edx:eax
-    adc    $0,%edx
-    mov    0(%edi),%ebx		# add in current word from *c
-    add    %ebx,%eax		
-    adc    $0,%edx
-    mov    %edx,%ebx		# high half of product becomes next carry
-
-    stosl			# [es:edi] = ax; edi += 4;
-    dec    %ecx			# --a_len
-    jnz    5b			# jmp if a_len != 0
-6:
-    cmp    $0,%ebx		# is carry zero?
-    jz     8f
-    mov    0(%edi),%eax		# add in current word from *c
-    add	   %ebx,%eax
-    stosl			# [es:edi] = ax; edi += 4;
-    jnc    8f
-7:
-    mov    0(%edi),%eax		# add in current word from *c
-    adc	   $0,%eax
-    stosl			# [es:edi] = ax; edi += 4;
-    jc     7b
-8:
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- #  ebp - 20:	caller's esi
- #  ebp - 16:	caller's edi
- #  ebp - 12:	
- #  ebp - 8:	carry
- #  ebp - 4:	a_len	local
- #  ebp + 0:	caller's ebp
- #  ebp + 4:	return address
- #  ebp + 8:	pa	argument
- #  ebp + 12:	a_len	argument
- #  ebp + 16:	ps	argument
- #  ebp + 20:	
- #  registers:
- # 	eax:
- #	ebx:	carry
- #	ecx:	a_len
- #	edx:
- #	esi:	a ptr
- #	edi:	c ptr
-
-.globl	s_mpv_sqr_add_prop
-.type	s_mpv_sqr_add_prop,@function
-s_mpv_sqr_add_prop:
-     push   %ebp
-     mov    %esp,%ebp
-     sub    $12,%esp
-     push   %edi
-     push   %esi
-     push   %ebx
-     movl   $0,%ebx		# carry = 0
-     mov    12(%ebp),%ecx	# a_len
-     mov    16(%ebp),%edi	# edi = ps
-     cmp    $0,%ecx
-     je     11f			# jump if a_len == 0
-     cld
-     mov    8(%ebp),%esi	# esi = pa
-10:
-     lodsl			# %eax = [ds:si]; si += 4;
-     mull   %eax
-
-     add    %ebx,%eax		# add "carry"
-     adc    $0,%edx
-     mov    0(%edi),%ebx
-     add    %ebx,%eax		# add low word from result
-     mov    4(%edi),%ebx
-     stosl			# [es:di] = %eax; di += 4;
-     adc    %ebx,%edx		# add high word from result
-     movl   $0,%ebx
-     mov    %edx,%eax
-     adc    $0,%ebx
-     stosl			# [es:di] = %eax; di += 4;
-     dec    %ecx		# --a_len
-     jnz    10b			# jmp if a_len != 0
-11:
-    cmp    $0,%ebx		# is carry zero?
-    jz     14f
-    mov    0(%edi),%eax		# add in current word from *c
-    add	   %ebx,%eax
-    stosl			# [es:edi] = ax; edi += 4;
-    jnc    14f
-12:
-    mov    0(%edi),%eax		# add in current word from *c
-    adc	   $0,%eax
-    stosl			# [es:edi] = ax; edi += 4;
-    jc     12b
-14:
-    pop    %ebx
-    pop    %esi
-    pop    %edi
-    leave  
-    ret    
-    nop
-
- #
- # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
- # so its high bit is 1.   This code is from NSPR.
- #
- # mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- # 		          mp_digit *qp, mp_digit *rp)
-
- #  esp +  0:   Caller's ebx
- #  esp +  4:	return address
- #  esp +  8:	Nhi	argument
- #  esp + 12:	Nlo	argument
- #  esp + 16:	divisor	argument
- #  esp + 20:	qp	argument
- #  esp + 24:   rp	argument
- #  registers:
- # 	eax:
- #	ebx:	carry
- #	ecx:	a_len
- #	edx:
- #	esi:	a ptr
- #	edi:	c ptr
- # 
-
-.globl	s_mpv_div_2dx1d
-.type	s_mpv_div_2dx1d,@function
-s_mpv_div_2dx1d:
-       push   %ebx
-       mov    8(%esp),%edx
-       mov    12(%esp),%eax
-       mov    16(%esp),%ebx
-       div    %ebx
-       mov    20(%esp),%ebx
-       mov    %eax,0(%ebx)
-       mov    24(%esp),%ebx
-       mov    %edx,0(%ebx)
-       xor    %eax,%eax		# return zero
-       pop    %ebx
-       ret    
-       nop
-  
diff --git a/security/nss/lib/freebl/mpi/mplogic.c b/security/nss/lib/freebl/mpi/mplogic.c
deleted file mode 100644
index e1b6e5048..000000000
--- a/security/nss/lib/freebl/mpi/mplogic.c
+++ /dev/null
@@ -1,459 +0,0 @@
-/*
- *  mplogic.c
- *
- *  Bitwise logical operations on MPI values
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include "mpi-priv.h"
-#include "mplogic.h"
-
-/* {{{ Lookup table for population count */
-
-static unsigned char bitc[] = {
-   0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4, 
-   1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, 
-   1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, 
-   2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 
-   1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, 
-   2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 
-   2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 
-   3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, 
-   1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, 
-   2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 
-   2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 
-   3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, 
-   2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 
-   3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, 
-   3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, 
-   4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8
-};
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
-  mpl_not(a, b)    - compute b = ~a
-  mpl_and(a, b, c) - compute c = a & b
-  mpl_or(a, b, c)  - compute c = a | b
-  mpl_xor(a, b, c) - compute c = a ^ b
- */
-
-/* {{{ mpl_not(a, b) */
-
-mp_err mpl_not(mp_int *a, mp_int *b)
-{
-  mp_err   res;
-  int      ix;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, b)) != MP_OKAY)
-    return res;
-
-  /* This relies on the fact that the digit type is unsigned */
-  for(ix = 0; ix < USED(b); ix++) 
-    DIGIT(b, ix) = ~DIGIT(b, ix);
-
-  s_mp_clamp(b);
-
-  return MP_OKAY;
-
-} /* end mpl_not() */
-
-/* }}} */
-
-/* {{{ mpl_and(a, b, c) */
-
-mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c)
-{
-  mp_int  *which, *other;
-  mp_err   res;
-  int      ix;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(USED(a) <= USED(b)) {
-    which = a;
-    other = b;
-  } else {
-    which = b;
-    other = a;
-  }
-
-  if((res = mp_copy(which, c)) != MP_OKAY)
-    return res;
-
-  for(ix = 0; ix < USED(which); ix++)
-    DIGIT(c, ix) &= DIGIT(other, ix);
-
-  s_mp_clamp(c);
-
-  return MP_OKAY;
-
-} /* end mpl_and() */
-
-/* }}} */
-
-/* {{{ mpl_or(a, b, c) */
-
-mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c)
-{
-  mp_int  *which, *other;
-  mp_err   res;
-  int      ix;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(USED(a) >= USED(b)) {
-    which = a;
-    other = b;
-  } else {
-    which = b;
-    other = a;
-  }
-
-  if((res = mp_copy(which, c)) != MP_OKAY)
-    return res;
-
-  for(ix = 0; ix < USED(which); ix++)
-    DIGIT(c, ix) |= DIGIT(other, ix);
-
-  return MP_OKAY;
-
-} /* end mpl_or() */
-
-/* }}} */
-
-/* {{{ mpl_xor(a, b, c) */
-
-mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c)
-{
-  mp_int  *which, *other;
-  mp_err   res;
-  int      ix;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if(USED(a) >= USED(b)) {
-    which = a;
-    other = b;
-  } else {
-    which = b;
-    other = a;
-  }
-
-  if((res = mp_copy(which, c)) != MP_OKAY)
-    return res;
-
-  for(ix = 0; ix < USED(which); ix++)
-    DIGIT(c, ix) ^= DIGIT(other, ix);
-
-  s_mp_clamp(c);
-
-  return MP_OKAY;
-
-} /* end mpl_xor() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
-  mpl_rsh(a, b, d)     - b = a >> d
-  mpl_lsh(a, b, d)     - b = a << d
- */
-
-/* {{{ mpl_rsh(a, b, d) */
-
-mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d)
-{
-  mp_err   res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, b)) != MP_OKAY)
-    return res;
-
-  s_mp_div_2d(b, d);
-
-  return MP_OKAY;
-
-} /* end mpl_rsh() */
-
-/* }}} */
-
-/* {{{ mpl_lsh(a, b, d) */
-
-mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d)
-{
-  mp_err   res;
-
-  ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
-  if((res = mp_copy(a, b)) != MP_OKAY)
-    return res;
-
-  return s_mp_mul_2d(b, d);
-
-} /* end mpl_lsh() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
-  mpl_num_set(a, num)
-
-  Count the number of set bits in the binary representation of a.
-  Returns MP_OKAY and sets 'num' to be the number of such bits, if
-  possible.  If num is NULL, the result is thrown away, but it is
-  not considered an error.
-
-  mpl_num_clear() does basically the same thing for clear bits.
- */
-
-/* {{{ mpl_num_set(a, num) */
-
-mp_err mpl_num_set(mp_int *a, int *num)
-{
-  int            ix, db, nset = 0;
-  mp_digit       cur;
-  unsigned char  reg;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  for(ix = 0; ix < USED(a); ix++) {
-    cur = DIGIT(a, ix);
-    
-    for(db = 0; db < sizeof(mp_digit); db++) {
-      reg = (unsigned char)(cur >> (CHAR_BIT * db));
-
-      nset += bitc[reg];
-    }
-  }
-
-  if(num)
-    *num = nset;
-
-  return MP_OKAY;
-
-} /* end mpl_num_set() */
-
-/* }}} */
-
-/* {{{ mpl_num_clear(a, num) */
-
-mp_err mpl_num_clear(mp_int *a, int *num)
-{
-  int            ix, db, nset = 0;
-  mp_digit       cur;
-  unsigned char  reg;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  for(ix = 0; ix < USED(a); ix++) {
-    cur = DIGIT(a, ix);
-    
-    for(db = 0; db < sizeof(mp_digit); db++) {
-      reg = (unsigned char)(cur >> (CHAR_BIT * db));
-
-      nset += bitc[UCHAR_MAX - reg];
-    }
-  }
-
-  if(num)
-    *num = nset;
-
-  return MP_OKAY;
-
-
-} /* end mpl_num_clear() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
-  mpl_parity(a)
-
-  Determines the bitwise parity of the value given.  Returns MP_EVEN
-  if an even number of digits are set, MP_ODD if an odd number are
-  set.
- */
-
-/* {{{ mpl_parity(a) */
-
-mp_err mpl_parity(mp_int *a)
-{
-  int      ix, par = 0;
-  mp_digit cur;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  for(ix = 0; ix < USED(a); ix++) {
-    int   shft = (sizeof(mp_digit) * CHAR_BIT) / 2;
-
-    cur = DIGIT(a, ix);
-
-    /* Compute parity for current digit */
-    while(shft != 0) {
-      cur ^= (cur >> shft);
-      shft >>= 1;
-    }
-    cur &= 1;
-
-    /* XOR with running parity so far   */
-    par ^= cur;
-  }
-
-  if(par)
-    return MP_ODD;
-  else
-    return MP_EVEN;
-
-} /* end mpl_parity() */
-
-/* }}} */
-
-/*
-  mpl_set_bit
-
-  Returns MP_OKAY or some error code.
-  Grows a if needed to set a bit to 1.
- */
-mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value)
-{
-  mp_size      ix;
-  mp_err       rv;
-  mp_digit     mask;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  ix = bitNum / MP_DIGIT_BIT;
-  if (ix + 1 > MP_USED(a)) {
-    rv = s_mp_pad(a, ix + 1);
-    if (rv != MP_OKAY)
-      return rv;
-  }
-
-  bitNum = bitNum % MP_DIGIT_BIT;
-  mask = (mp_digit)1 << bitNum;
-  if (value)
-    MP_DIGIT(a,ix) |= mask;
-  else
-    MP_DIGIT(a,ix) &= ~mask;
-  s_mp_clamp(a);
-  return MP_OKAY;
-}
-
-/*
-  mpl_get_bit
-
-  returns 0 or 1 or some (negative) error code.
- */
-mp_err mpl_get_bit(const mp_int *a, mp_size bitNum)
-{
-  mp_size      bit, ix;
-  mp_err       rv;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  ix = bitNum / MP_DIGIT_BIT;
-  ARGCHK(ix <= MP_USED(a) - 1, MP_RANGE);
-
-  bit   = bitNum % MP_DIGIT_BIT;
-  rv = (mp_err)(MP_DIGIT(a, ix) >> bit) & 1;
-  return rv;
-}
-
-/*
-  mpl_get_bits
-  - Extracts numBits bits from a, where the least significant extracted bit
-  is bit lsbNum.  Returns a negative value if error occurs.
-  - Because sign bit is used to indicate error, maximum number of bits to 
-  be returned is the lesser of (a) the number of bits in an mp_digit, or
-  (b) one less than the number of bits in an mp_err.
-  - lsbNum + numbits can be greater than the number of significant bits in
-  integer a, as long as bit lsbNum is in the high order digit of a.
- */
-mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits) 
-{
-  mp_size    rshift = (lsbNum % MP_DIGIT_BIT);
-  mp_size    lsWndx = (lsbNum / MP_DIGIT_BIT);
-  mp_digit * digit  = MP_DIGITS(a) + lsWndx;
-  mp_digit   mask   = ((1 << numBits) - 1);
-
-  ARGCHK(numBits < CHAR_BIT * sizeof mask, MP_BADARG);
-  ARGCHK(MP_HOWMANY(lsbNum, MP_DIGIT_BIT) <= MP_USED(a), MP_RANGE);
-
-  if ((numBits + lsbNum % MP_DIGIT_BIT <= MP_DIGIT_BIT) ||
-      (lsWndx + 1 >= MP_USED(a))) {
-    mask &= (digit[0] >> rshift);
-  } else {
-    mask &= ((digit[0] >> rshift) | (digit[1] << (MP_DIGIT_BIT - rshift)));
-  }
-  return (mp_err)mask;
-}
-
-/*
-  mpl_significant_bits
-  returns number of significnant bits in abs(a).
-  returns 1 if value is zero.
- */
-mp_err mpl_significant_bits(const mp_int *a)
-{
-  mp_err bits 	= 0;
-  int    ix;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  ix = MP_USED(a);
-  for (ix = MP_USED(a); ix > 0; ) {
-    mp_digit d;
-    d = MP_DIGIT(a, --ix);
-    if (d) {
-      while (d) {
-	++bits;
-	d >>= 1;
-      }
-      break;
-    }
-  }
-  bits += ix * MP_DIGIT_BIT;
-  if (!bits)
-    bits = 1;
-  return bits;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/mplogic.h b/security/nss/lib/freebl/mpi/mplogic.h
deleted file mode 100644
index 8efa4327c..000000000
--- a/security/nss/lib/freebl/mpi/mplogic.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- *  mplogic.h
- *
- *  Bitwise logical operations on MPI values
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#ifndef _H_MPLOGIC_
-#define _H_MPLOGIC_
-
-#include "mpi.h"
-
-/*
-  The logical operations treat an mp_int as if it were a bit vector,
-  without regard to its sign (an mp_int is represented in a signed
-  magnitude format).  Values are treated as if they had an infinite
-  string of zeros left of the most-significant bit.
- */
-
-/* Parity results                    */
-
-#define MP_EVEN       MP_YES
-#define MP_ODD        MP_NO
-
-/* Bitwise functions                 */
-
-mp_err mpl_not(mp_int *a, mp_int *b);            /* one's complement  */
-mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c); /* bitwise AND       */
-mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c);  /* bitwise OR        */
-mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c); /* bitwise XOR       */
-
-/* Shift functions                   */
-
-mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d);   /* right shift    */
-mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d);   /* left shift     */
-
-/* Bit count and parity              */
-
-mp_err mpl_num_set(mp_int *a, int *num);         /* count set bits    */
-mp_err mpl_num_clear(mp_int *a, int *num);       /* count clear bits  */
-mp_err mpl_parity(mp_int *a);                    /* determine parity  */
-
-/* Get & Set the value of a bit */
-
-mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value);
-mp_err mpl_get_bit(const mp_int *a, mp_size bitNum);
-mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits);
-mp_err mpl_significant_bits(const mp_int *a);
-
-#endif /* end _H_MPLOGIC_ */
diff --git a/security/nss/lib/freebl/mpi/mpmontg.c b/security/nss/lib/freebl/mpi/mpmontg.c
deleted file mode 100644
index a4c5022ad..000000000
--- a/security/nss/lib/freebl/mpi/mpmontg.c
+++ /dev/null
@@ -1,567 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-
-/* This file implements moduluar exponentiation using Montgomery's
- * method for modular reduction.  This file implements the method
- * described as "Improvement 1" in the paper "A Cryptogrpahic Library for
- * the Motorola DSP56000" by Stephen R. Dusse' and Burton S. Kaliski Jr.
- * published in "Advances in Cryptology: Proceedings of EUROCRYPT '90"
- * "Lecture Notes in Computer Science" volume 473, 1991, pg 230-244,
- * published by Springer Verlag.
- */
-
-/* #define MP_USING_MONT_MULF 1 */
-#include <string.h>
-#include "mpi-priv.h"
-#include "mplogic.h"
-#include "mpprime.h"
-#ifdef MP_USING_MONT_MULF
-#include "montmulf.h"
-#endif
-
-#define STATIC
-/* #define DEBUG 1  */
-
-#define MAX_WINDOW_BITS 6
-#define MAX_ODD_INTS    32   /* 2 ** (WINDOW_BITS - 1) */
-
-#if defined(_WIN32_WCE)
-#define ABORT  res = MP_UNDEF; goto CLEANUP
-#else
-#define ABORT abort()
-#endif
-
-typedef struct {
-  mp_int       N;	/* modulus N */
-  mp_digit     n0prime; /* n0' = - (n0 ** -1) mod MP_RADIX */
-  mp_size      b;	/* R == 2 ** b,  also b = # significant bits in N */
-} mp_mont_modulus;
-
-mp_err   s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c, 
-	               mp_mont_modulus *mmm);
-
-/* computes T = REDC(T), 2^b == R */
-STATIC
-mp_err s_mp_redc(mp_int *T, mp_mont_modulus *mmm)
-{
-  mp_err res;
-  mp_size i;
-
-  i = MP_USED(T) + MP_USED(&mmm->N) + 2;
-  MP_CHECKOK( s_mp_pad(T, i) );
-  for (i = 0; i < MP_USED(&mmm->N); ++i ) {
-    mp_digit m_i = MP_DIGIT(T, i) * mmm->n0prime;
-    /* T += N * m_i * (MP_RADIX ** i); */
-    MP_CHECKOK( s_mp_mul_d_add_offset(&mmm->N, m_i, T, i) );
-  }
-  s_mp_clamp(T);
-
-  /* T /= R */
-  s_mp_div_2d(T, mmm->b); 
-
-  if ((res = s_mp_cmp(T, &mmm->N)) >= 0) {
-    /* T = T - N */
-    MP_CHECKOK( s_mp_sub(T, &mmm->N) );
-#ifdef DEBUG
-    if ((res = mp_cmp(T, &mmm->N)) >= 0) {
-      res = MP_UNDEF;
-      goto CLEANUP;
-    }
-#endif
-  }
-  res = MP_OKAY;
-CLEANUP:
-  return res;
-}
-
-#if !defined(MP_ASSEMBLY_MUL_MONT) && !defined(MP_MONT_USE_MP_MUL)
-mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c, 
-	           mp_mont_modulus *mmm)
-{
-  mp_digit *pb;
-  mp_digit m_i;
-  mp_err   res;
-  mp_size  ib;
-  mp_size  useda, usedb;
-
-  ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
-  if (MP_USED(a) < MP_USED(b)) {
-    const mp_int *xch = b;	/* switch a and b, to do fewer outer loops */
-    b = a;
-    a = xch;
-  }
-
-  MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
-  ib = MP_USED(a) + MP_MAX(MP_USED(b), MP_USED(&mmm->N)) + 2;
-  if((res = s_mp_pad(c, ib)) != MP_OKAY)
-    goto CLEANUP;
-
-  useda = MP_USED(a);
-  pb = MP_DIGITS(b);
-  s_mpv_mul_d(MP_DIGITS(a), useda, *pb++, MP_DIGITS(c));
-  s_mp_setz(MP_DIGITS(c) + useda + 1, ib - (useda + 1));
-  m_i = MP_DIGIT(c, 0) * mmm->n0prime;
-  s_mp_mul_d_add_offset(&mmm->N, m_i, c, 0);
-
-  /* Outer loop:  Digits of b */
-  usedb = MP_USED(b);
-  for (ib = 1; ib < usedb; ib++) {
-    mp_digit b_i    = *pb++;
-
-    /* Inner product:  Digits of a */
-    if (b_i)
-      s_mpv_mul_d_add_prop(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
-    m_i = MP_DIGIT(c, ib) * mmm->n0prime;
-    s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
-  }
-  if (usedb < MP_USED(&mmm->N)) {
-    for (usedb = MP_USED(&mmm->N); ib < usedb; ++ib ) {
-      m_i = MP_DIGIT(c, ib) * mmm->n0prime;
-      s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
-    }
-  }
-  s_mp_clamp(c);
-  s_mp_div_2d(c, mmm->b); 
-  if (s_mp_cmp(c, &mmm->N) >= 0) {
-    MP_CHECKOK( s_mp_sub(c, &mmm->N) );
-  }
-  res = MP_OKAY;
-
-CLEANUP:
-  return res;
-}
-#endif
-
-STATIC
-mp_err s_mp_to_mont(const mp_int *x, mp_mont_modulus *mmm, mp_int *xMont)
-{
-  mp_err res;
-
-  /* xMont = x * R mod N   where  N is modulus */
-  MP_CHECKOK( mpl_lsh(x, xMont, mmm->b) );  		/* xMont = x << b */
-  MP_CHECKOK( mp_div(xMont, &mmm->N, 0, xMont) );	/*         mod N */
-CLEANUP:
-  return res;
-}
-
-#ifdef MP_USING_MONT_MULF
-
-unsigned int mp_using_mont_mulf = 1;
-
-/* computes montgomery square of the integer in mResult */
-#define SQR \
-  conv_i32_to_d32_and_d16(dm1, d16Tmp, mResult, nLen); \
-  mont_mulf_noconv(mResult, dm1, d16Tmp, \
-		   dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
-
-/* computes montgomery product of x and the integer in mResult */
-#define MUL(x) \
-  conv_i32_to_d32(dm1, mResult, nLen); \
-  mont_mulf_noconv(mResult, dm1, oddPowers[x], \
-		   dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
-
-/* Do modular exponentiation using floating point multiply code. */
-mp_err mp_exptmod_f(const mp_int *   montBase, 
-                    const mp_int *   exponent, 
-		    const mp_int *   modulus, 
-		    mp_int *         result, 
-		    mp_mont_modulus *mmm, 
-		    int              nLen, 
-		    mp_size          bits_in_exponent, 
-		    mp_size          window_bits,
-		    mp_size          odd_ints)
-{
-  mp_digit *mResult;
-  double   *dBuf = 0, *dm1, *dn, *dSqr, *d16Tmp, *dTmp;
-  double    dn0;
-  mp_size   i;
-  mp_err    res;
-  int       expOff;
-  int       dSize = 0, oddPowSize, dTmpSize;
-  mp_int    accum1;
-  double   *oddPowers[MAX_ODD_INTS];
-
-  /* function for computing n0prime only works if n0 is odd */
-
-  MP_DIGITS(&accum1) = 0;
-
-  for (i = 0; i < MAX_ODD_INTS; ++i)
-    oddPowers[i] = 0;
-
-  MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
-
-  mp_set(&accum1, 1);
-  MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) );
-  MP_CHECKOK( s_mp_pad(&accum1, nLen) );
-
-  oddPowSize = 2 * nLen + 1;
-  dTmpSize   = 2 * oddPowSize;
-  dSize = sizeof(double) * (nLen * 4 + 1 + 
-			    ((odd_ints + 1) * oddPowSize) + dTmpSize);
-  dBuf   = (double *)malloc(dSize);
-  dm1    = dBuf;		/* array of d32 */
-  dn     = dBuf   + nLen;	/* array of d32 */
-  dSqr   = dn     + nLen;    	/* array of d32 */
-  d16Tmp = dSqr   + nLen;	/* array of d16 */
-  dTmp   = d16Tmp + oddPowSize;
-
-  for (i = 0; i < odd_ints; ++i) {
-      oddPowers[i] = dTmp;
-      dTmp += oddPowSize;
-  }
-  mResult = (mp_digit *)(dTmp + dTmpSize);	/* size is nLen + 1 */
-
-  /* Make dn and dn0 */
-  conv_i32_to_d32(dn, MP_DIGITS(modulus), nLen);
-  dn0 = (double)(mmm->n0prime & 0xffff);
-
-  /* Make dSqr */
-  conv_i32_to_d32_and_d16(dm1, oddPowers[0], MP_DIGITS(montBase), nLen);
-  mont_mulf_noconv(mResult, dm1, oddPowers[0], 
-		   dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
-  conv_i32_to_d32(dSqr, mResult, nLen);
-
-  for (i = 1; i < odd_ints; ++i) {
-    mont_mulf_noconv(mResult, dSqr, oddPowers[i - 1], 
-		     dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
-    conv_i32_to_d16(oddPowers[i], mResult, nLen);
-  }
-
-  s_mp_copy(MP_DIGITS(&accum1), mResult, nLen); /* from, to, len */
-
-  for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
-    mp_size smallExp;
-    MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
-    smallExp = (mp_size)res;
-
-    if (window_bits == 4) {
-      if (!smallExp) {
-	SQR; SQR; SQR; SQR;
-      } else if (smallExp & 1) {
-	SQR; SQR; SQR; SQR; MUL(smallExp/2); 
-      } else if (smallExp & 2) {
-	SQR; SQR; SQR; MUL(smallExp/4); SQR; 
-      } else if (smallExp & 4) {
-	SQR; SQR; MUL(smallExp/8); SQR; SQR; 
-      } else if (smallExp & 8) {
-	SQR; MUL(smallExp/16); SQR; SQR; SQR; 
-      } else {
-	ABORT;
-      }
-    } else if (window_bits == 5) {
-      if (!smallExp) {
-	SQR; SQR; SQR; SQR; SQR; 
-      } else if (smallExp & 1) {
-	SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2);
-      } else if (smallExp & 2) {
-	SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR;
-      } else if (smallExp & 4) {
-	SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR;
-      } else if (smallExp & 8) {
-	SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR;
-      } else if (smallExp & 0x10) {
-	SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR;
-      } else {
-	ABORT;
-      }
-    } else if (window_bits == 6) {
-      if (!smallExp) {
-	SQR; SQR; SQR; SQR; SQR; SQR;
-      } else if (smallExp & 1) {
-	SQR; SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2); 
-      } else if (smallExp & 2) {
-	SQR; SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR; 
-      } else if (smallExp & 4) {
-	SQR; SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR; 
-      } else if (smallExp & 8) {
-	SQR; SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR; 
-      } else if (smallExp & 0x10) {
-	SQR; SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR; 
-      } else if (smallExp & 0x20) {
-	SQR; MUL(smallExp/64); SQR; SQR; SQR; SQR; SQR; 
-      } else {
-	ABORT;
-      }
-    } else {
-      ABORT;
-    }
-  }
-
-  s_mp_copy(mResult, MP_DIGITS(&accum1), nLen); /* from, to, len */
-
-  res = s_mp_redc(&accum1, mmm);
-  mp_exch(&accum1, result);
-
-CLEANUP:
-  mp_clear(&accum1);
-  if (dBuf) {
-    if (dSize)
-      memset(dBuf, 0, dSize);
-    free(dBuf);
-  }
-
-  return res;
-}
-#undef SQR
-#undef MUL
-#endif
-
-#define SQR(a,b) \
-  MP_CHECKOK( mp_sqr(a, b) );\
-  MP_CHECKOK( s_mp_redc(b, mmm) )
-
-#if defined(MP_MONT_USE_MP_MUL)
-#define MUL(x,a,b) \
-  MP_CHECKOK( mp_mul(a, oddPowers + (x), b) ); \
-  MP_CHECKOK( s_mp_redc(b, mmm) ) 
-#else
-#define MUL(x,a,b) \
-  MP_CHECKOK( s_mp_mul_mont(a, oddPowers + (x), b, mmm) )
-#endif
-
-#define SWAPPA ptmp = pa1; pa1 = pa2; pa2 = ptmp
-
-/* Do modular exponentiation using integer multiply code. */
-mp_err mp_exptmod_i(const mp_int *   montBase, 
-                    const mp_int *   exponent, 
-		    const mp_int *   modulus, 
-		    mp_int *         result, 
-		    mp_mont_modulus *mmm, 
-		    int              nLen, 
-		    mp_size          bits_in_exponent, 
-		    mp_size          window_bits,
-		    mp_size          odd_ints)
-{
-  mp_int *pa1, *pa2, *ptmp;
-  mp_size i;
-  mp_err  res;
-  int     expOff;
-  mp_int  accum1, accum2, power2, oddPowers[MAX_ODD_INTS];
-
-  /* power2 = base ** 2; oddPowers[i] = base ** (2*i + 1); */
-  /* oddPowers[i] = base ** (2*i + 1); */
-
-  MP_DIGITS(&accum1) = 0;
-  MP_DIGITS(&accum2) = 0;
-  MP_DIGITS(&power2) = 0;
-  for (i = 0; i < MAX_ODD_INTS; ++i) {
-    MP_DIGITS(oddPowers + i) = 0;
-  }
-
-  MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
-  MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) );
-
-  MP_CHECKOK( mp_init_copy(&oddPowers[0], montBase) );
-
-  mp_init_size(&power2, nLen + 2 * MP_USED(montBase) + 2);
-  MP_CHECKOK( mp_sqr(montBase, &power2) );	/* power2 = montBase ** 2 */
-  MP_CHECKOK( s_mp_redc(&power2, mmm) );
-
-  for (i = 1; i < odd_ints; ++i) {
-    mp_init_size(oddPowers + i, nLen + 2 * MP_USED(&power2) + 2);
-    MP_CHECKOK( mp_mul(oddPowers + (i - 1), &power2, oddPowers + i) );
-    MP_CHECKOK( s_mp_redc(oddPowers + i, mmm) );
-  }
-
-  /* set accumulator to montgomery residue of 1 */
-  mp_set(&accum1, 1);
-  MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) );
-  pa1 = &accum1;
-  pa2 = &accum2;
-
-  for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
-    mp_size smallExp;
-    MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
-    smallExp = (mp_size)res;
-
-    if (window_bits == 4) {
-      if (!smallExp) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
-      } else if (smallExp & 1) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	MUL(smallExp/2, pa1,pa2); SWAPPA;
-      } else if (smallExp & 2) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); 
-	MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 4) {
-	SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/8,pa1,pa2); 
-	SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 8) {
-	SQR(pa1,pa2); MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2); 
-	SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else {
-	ABORT;
-      }
-    } else if (window_bits == 5) {
-      if (!smallExp) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 1) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	SQR(pa1,pa2); MUL(smallExp/2,pa2,pa1);
-      } else if (smallExp & 2) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	MUL(smallExp/4,pa1,pa2); SQR(pa2,pa1);
-      } else if (smallExp & 4) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); 
-	MUL(smallExp/8,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
-      } else if (smallExp & 8) {
-	SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/16,pa1,pa2); 
-	SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
-      } else if (smallExp & 0x10) {
-	SQR(pa1,pa2); MUL(smallExp/32,pa2,pa1); SQR(pa1,pa2); 
-	SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
-      } else {
-	ABORT;
-      }
-    } else if (window_bits == 6) {
-      if (!smallExp) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	SQR(pa1,pa2); SQR(pa2,pa1);
-      } else if (smallExp & 1) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/2,pa1,pa2); SWAPPA;
-      } else if (smallExp & 2) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	SQR(pa1,pa2); MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 4) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	MUL(smallExp/8,pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 8) {
-	SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); 
-	MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); 
-	SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 0x10) {
-	SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/32,pa1,pa2); 
-	SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else if (smallExp & 0x20) {
-	SQR(pa1,pa2); MUL(smallExp/64,pa2,pa1); SQR(pa1,pa2); 
-	SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
-      } else {
-	ABORT;
-      }
-    } else {
-      ABORT;
-    }
-  }
-
-  res = s_mp_redc(pa1, mmm);
-  mp_exch(pa1, result);
-
-CLEANUP:
-  mp_clear(&accum1);
-  mp_clear(&accum2);
-  mp_clear(&power2);
-  for (i = 0; i < odd_ints; ++i) {
-    mp_clear(oddPowers + i);
-  }
-  return res;
-}
-#undef SQR
-#undef MUL
-
-
-mp_err mp_exptmod(const mp_int *inBase, const mp_int *exponent, 
-		  const mp_int *modulus, mp_int *result)
-{
-  const mp_int *base;
-  mp_size bits_in_exponent, i, window_bits, odd_ints;
-  mp_err  res;
-  int     nLen;
-  mp_int  montBase, goodBase;
-  mp_mont_modulus mmm;
-
-  /* function for computing n0prime only works if n0 is odd */
-  if (!mp_isodd(modulus))
-    return s_mp_exptmod(inBase, exponent, modulus, result);
-
-  MP_DIGITS(&montBase) = 0;
-  MP_DIGITS(&goodBase) = 0;
-
-  if (mp_cmp(inBase, modulus) < 0) {
-    base = inBase;
-  } else {
-    MP_CHECKOK( mp_init(&goodBase) );
-    base = &goodBase;
-    MP_CHECKOK( mp_mod(inBase, modulus, &goodBase) );
-  }
-
-  nLen  = MP_USED(modulus);
-  MP_CHECKOK( mp_init_size(&montBase, 2 * nLen + 2) );
-
-  mmm.N = *modulus;			/* a copy of the mp_int struct */
-  i = mpl_significant_bits(modulus);
-  i += MP_DIGIT_BIT - 1;
-  mmm.b = i - i % MP_DIGIT_BIT;
-
-  /* compute n0', given n0, n0' = -(n0 ** -1) mod MP_RADIX
-  **		where n0 = least significant mp_digit of N, the modulus.
-  */
-  mmm.n0prime = 0 - s_mp_invmod_radix( MP_DIGIT(modulus, 0) );
-
-  MP_CHECKOK( s_mp_to_mont(base, &mmm, &montBase) );
-
-  bits_in_exponent = mpl_significant_bits(exponent);
-  if (bits_in_exponent > 480)
-    window_bits = 6;
-  else if (bits_in_exponent > 160)
-    window_bits = 5;
-  else
-    window_bits = 4;
-  odd_ints = 1 << (window_bits - 1);
-  i = bits_in_exponent % window_bits;
-  if (i != 0) {
-    bits_in_exponent += window_bits - i;
-  } 
-
-#ifdef MP_USING_MONT_MULF
-  if (mp_using_mont_mulf) {
-    MP_CHECKOK( s_mp_pad(&montBase, nLen) );
-    res = mp_exptmod_f(&montBase, exponent, modulus, result, &mmm, nLen, 
-		     bits_in_exponent, window_bits, odd_ints);
-  } else
-#endif
-  res = mp_exptmod_i(&montBase, exponent, modulus, result, &mmm, nLen, 
-		     bits_in_exponent, window_bits, odd_ints);
-
-CLEANUP:
-  mp_clear(&montBase);
-  mp_clear(&goodBase);
-  /* Don't mp_clear mmm.N because it is merely a copy of modulus.
-  ** Just zap it.
-  */
-  memset(&mmm, 0, sizeof mmm);
-  return res;
-}
diff --git a/security/nss/lib/freebl/mpi/mpprime.c b/security/nss/lib/freebl/mpi/mpprime.c
deleted file mode 100644
index 7317eeab1..000000000
--- a/security/nss/lib/freebl/mpi/mpprime.c
+++ /dev/null
@@ -1,619 +0,0 @@
-/*
- *  mpprime.c
- *
- *  Utilities for finding and working with prime and pseudo-prime
- *  integers
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "mpi-priv.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include <stdlib.h>
-#include <string.h>
-
-#define SMALL_TABLE 0 /* determines size of hard-wired prime table */
-
-#define RANDOM() rand()
-
-#include "primes.c"  /* pull in the prime digit table */
-
-/* 
-   Test if any of a given vector of digits divides a.  If not, MP_NO
-   is returned; otherwise, MP_YES is returned and 'which' is set to
-   the index of the integer in the vector which divided a.
- */
-mp_err    s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which);
-
-/* {{{ mpp_divis(a, b) */
-
-/*
-  mpp_divis(a, b)
-
-  Returns MP_YES if a is divisible by b, or MP_NO if it is not.
- */
-
-mp_err  mpp_divis(mp_int *a, mp_int *b)
-{
-  mp_err  res;
-  mp_int  rem;
-
-  if((res = mp_init(&rem)) != MP_OKAY)
-    return res;
-
-  if((res = mp_mod(a, b, &rem)) != MP_OKAY)
-    goto CLEANUP;
-
-  if(mp_cmp_z(&rem) == 0)
-    res = MP_YES;
-  else
-    res = MP_NO;
-
-CLEANUP:
-  mp_clear(&rem);
-  return res;
-
-} /* end mpp_divis() */
-
-/* }}} */
-
-/* {{{ mpp_divis_d(a, d) */
-
-/*
-  mpp_divis_d(a, d)
-
-  Return MP_YES if a is divisible by d, or MP_NO if it is not.
- */
-
-mp_err  mpp_divis_d(mp_int *a, mp_digit d)
-{
-  mp_err     res;
-  mp_digit   rem;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  if(d == 0)
-    return MP_NO;
-
-  if((res = mp_mod_d(a, d, &rem)) != MP_OKAY)
-    return res;
-
-  if(rem == 0)
-    return MP_YES;
-  else
-    return MP_NO;
-
-} /* end mpp_divis_d() */
-
-/* }}} */
-
-/* {{{ mpp_random(a) */
-
-/*
-  mpp_random(a)
-
-  Assigns a random value to a.  This value is generated using the
-  standard C library's rand() function, so it should not be used for
-  cryptographic purposes, but it should be fine for primality testing,
-  since all we really care about there is good statistical properties.
-
-  As many digits as a currently has are filled with random digits.
- */
-
-mp_err  mpp_random(mp_int *a)
-
-{
-  mp_digit  next = 0;
-  int       ix, jx;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  for(ix = 0; ix < USED(a); ix++) {
-    for(jx = 0; jx < sizeof(mp_digit); jx++) {
-      next = (next << CHAR_BIT) | (RANDOM() & UCHAR_MAX);
-    }
-    DIGIT(a, ix) = next;
-  }
-
-  return MP_OKAY;
-
-} /* end mpp_random() */
-
-/* }}} */
-
-/* {{{ mpp_random_size(a, prec) */
-
-mp_err  mpp_random_size(mp_int *a, mp_size prec)
-{
-  mp_err   res;
-
-  ARGCHK(a != NULL && prec > 0, MP_BADARG);
-  
-  if((res = s_mp_pad(a, prec)) != MP_OKAY)
-    return res;
-
-  return mpp_random(a);
-
-} /* end mpp_random_size() */
-
-/* }}} */
-
-/* {{{ mpp_divis_vector(a, vec, size, which) */
-
-/*
-  mpp_divis_vector(a, vec, size, which)
-
-  Determines if a is divisible by any of the 'size' digits in vec.
-  Returns MP_YES and sets 'which' to the index of the offending digit,
-  if it is; returns MP_NO if it is not.
- */
-
-mp_err  mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which)
-{
-  ARGCHK(a != NULL && vec != NULL && size > 0, MP_BADARG);
-  
-  return s_mpp_divp(a, vec, size, which);
-
-} /* end mpp_divis_vector() */
-
-/* }}} */
-
-/* {{{ mpp_divis_primes(a, np) */
-
-/*
-  mpp_divis_primes(a, np)
-
-  Test whether a is divisible by any of the first 'np' primes.  If it
-  is, returns MP_YES and sets *np to the value of the digit that did
-  it.  If not, returns MP_NO.
- */
-mp_err  mpp_divis_primes(mp_int *a, mp_digit *np)
-{
-  int     size, which;
-  mp_err  res;
-
-  ARGCHK(a != NULL && np != NULL, MP_BADARG);
-
-  size = (int)*np;
-  if(size > prime_tab_size)
-    size = prime_tab_size;
-
-  res = mpp_divis_vector(a, prime_tab, size, &which);
-  if(res == MP_YES) 
-    *np = prime_tab[which];
-
-  return res;
-
-} /* end mpp_divis_primes() */
-
-/* }}} */
-
-/* {{{ mpp_fermat(a, w) */
-
-/*
-  Using w as a witness, try pseudo-primality testing based on Fermat's
-  little theorem.  If a is prime, and (w, a) = 1, then w^a == w (mod
-  a).  So, we compute z = w^a (mod a) and compare z to w; if they are
-  equal, the test passes and we return MP_YES.  Otherwise, we return
-  MP_NO.
- */
-mp_err  mpp_fermat(mp_int *a, mp_digit w)
-{
-  mp_int  base, test;
-  mp_err  res;
-  
-  if((res = mp_init(&base)) != MP_OKAY)
-    return res;
-
-  mp_set(&base, w);
-
-  if((res = mp_init(&test)) != MP_OKAY)
-    goto TEST;
-
-  /* Compute test = base^a (mod a) */
-  if((res = mp_exptmod(&base, a, a, &test)) != MP_OKAY)
-    goto CLEANUP;
-
-  
-  if(mp_cmp(&base, &test) == 0)
-    res = MP_YES;
-  else
-    res = MP_NO;
-
- CLEANUP:
-  mp_clear(&test);
- TEST:
-  mp_clear(&base);
-
-  return res;
-
-} /* end mpp_fermat() */
-
-/* }}} */
-
-/*
-  Perform the fermat test on each of the primes in a list until
-  a) one of them shows a is not prime, or 
-  b) the list is exhausted.
-  Returns:  MP_YES if it passes tests.
-	    MP_NO  if fermat test reveals it is composite
-	    Some MP error code if some other error occurs.
- */
-mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes)
-{
-  mp_err rv = MP_YES;
-
-  while (nPrimes-- > 0 && rv == MP_YES) {
-    rv = mpp_fermat(a, *primes++);
-  }
-  return rv;
-}
-
-/* {{{ mpp_pprime(a, nt) */
-
-/*
-  mpp_pprime(a, nt)
-
-  Performs nt iteration of the Miller-Rabin probabilistic primality
-  test on a.  Returns MP_YES if the tests pass, MP_NO if one fails.
-  If MP_NO is returned, the number is definitely composite.  If MP_YES
-  is returned, it is probably prime (but that is not guaranteed).
- */
-
-mp_err  mpp_pprime(mp_int *a, int nt)
-{
-  mp_err   res;
-  mp_int   x, amo, m, z;	/* "amo" = "a minus one" */
-  int      iter, jx;
-  mp_size  b;
-
-  ARGCHK(a != NULL, MP_BADARG);
-
-  MP_DIGITS(&x) = 0;
-  MP_DIGITS(&amo) = 0;
-  MP_DIGITS(&m) = 0;
-  MP_DIGITS(&z) = 0;
-
-  /* Initialize temporaries... */
-  MP_CHECKOK( mp_init(&amo));
-  /* Compute amo = a - 1 for what follows...    */
-  MP_CHECKOK( mp_sub_d(a, 1, &amo) );
-
-  b = mp_trailing_zeros(&amo);
-  if (!b) { /* a was even ? */
-    res = MP_NO;
-    goto CLEANUP;
-  }
-
-  MP_CHECKOK( mp_init_size(&x, MP_USED(a)) );
-  MP_CHECKOK( mp_init(&z) );
-  MP_CHECKOK( mp_init(&m) );
-  MP_CHECKOK( mp_div_2d(&amo, b, &m, 0) );
-
-  /* Do the test nt times... */
-  for(iter = 0; iter < nt; iter++) {
-
-    /* Choose a random value for x < a          */
-    s_mp_pad(&x, USED(a));
-    mpp_random(&x);
-    MP_CHECKOK( mp_mod(&x, a, &x) );
-
-    /* Compute z = (x ** m) mod a               */
-    MP_CHECKOK( mp_exptmod(&x, &m, a, &z) );
-    
-    if(mp_cmp_d(&z, 1) == 0 || mp_cmp(&z, &amo) == 0) {
-      res = MP_YES;
-      continue;
-    }
-    
-    res = MP_NO;  /* just in case the following for loop never executes. */
-    for (jx = 1; jx < b; jx++) {
-      /* z = z^2 (mod a) */
-      MP_CHECKOK( mp_sqrmod(&z, a, &z) );
-      res = MP_NO;	/* previous line set res to MP_YES */
-
-      if(mp_cmp_d(&z, 1) == 0) {
-	break;
-      }
-      if(mp_cmp(&z, &amo) == 0) {
-	res = MP_YES;
-	break;
-      } 
-    } /* end testing loop */
-
-    /* If the test passes, we will continue iterating, but a failed
-       test means the candidate is definitely NOT prime, so we will
-       immediately break out of this loop
-     */
-    if(res == MP_NO)
-      break;
-
-  } /* end iterations loop */
-  
-CLEANUP:
-  mp_clear(&m);
-  mp_clear(&z);
-  mp_clear(&x);
-  mp_clear(&amo);
-  return res;
-
-} /* end mpp_pprime() */
-
-/* }}} */
-
-/* Produce table of composites from list of primes and trial value.  
-** trial must be odd. List of primes must not include 2.
-** sieve should have dimension >= MAXPRIME/2, where MAXPRIME is largest 
-** prime in list of primes.  After this function is finished,
-** if sieve[i] is non-zero, then (trial + 2*i) is composite.
-** Each prime used in the sieve costs one division of trial, and eliminates
-** one or more values from the search space. (3 eliminates 1/3 of the values
-** alone!)  Each value left in the search space costs 1 or more modular 
-** exponentations.  So, these divisions are a bargain!
-*/
-mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes, 
-		 unsigned char *sieve, mp_size nSieve)
-{
-  mp_err       res;
-  mp_digit     rem;
-  mp_size      ix;
-  unsigned long offset;
-
-  memset(sieve, 0, nSieve);
-
-  for(ix = 0; ix < nPrimes; ix++) {
-    mp_digit prime = primes[ix];
-    mp_size  i;
-    if((res = mp_mod_d(trial, prime, &rem)) != MP_OKAY) 
-      return res;
-
-    if (rem == 0) {
-      offset = 0;
-    } else {
-      offset = prime - (rem / 2);
-    }
-    for (i = offset; i < nSieve ; i += prime) {
-      sieve[i] = 1;
-    }
-  }
-
-  return MP_OKAY;
-}
-
-#define SIEVE_SIZE 32*1024
-
-mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
-		      unsigned long * nTries)
-{
-  mp_digit      np;
-  mp_err        res;
-  int           i	= 0;
-  mp_int        trial;
-  mp_int        q;
-  mp_size       num_tests;
-  /*
-   * Always make sieve the last variabale allocated so that 
-   * Mac builds don't break by adding an extra variable
-   * on the stack. -javi
-   */
-#if defined(macintosh) || defined (XP_OS2)
-  unsigned char *sieve;
-  
-  sieve = malloc(SIEVE_SIZE);
-  ARGCHK(sieve != NULL, MP_MEM);
-#else
-  unsigned char sieve[SIEVE_SIZE];
-#endif  
-
-  ARGCHK(start != 0, MP_BADARG);
-  ARGCHK(nBits > 16, MP_RANGE);
-
-  MP_DIGITS(&trial) = 0;
-  MP_DIGITS(&q) = 0;
-  MP_CHECKOK( mp_init(&trial) );
-  MP_CHECKOK( mp_init(&q)     );
-  /* values taken from table 4.4, HandBook of Applied Cryptography */
-  if (nBits >= 1300) {
-    num_tests = 2;
-  } else if (nBits >= 850) {
-    num_tests = 3;
-  } else if (nBits >= 650) {
-    num_tests = 4;
-  } else if (nBits >= 550) {
-    num_tests = 5;
-  } else if (nBits >= 450) {
-    num_tests = 6;
-  } else if (nBits >= 400) {
-    num_tests = 7;
-  } else if (nBits >= 350) {
-    num_tests = 8;
-  } else if (nBits >= 300) {
-    num_tests = 9;
-  } else if (nBits >= 250) {
-    num_tests = 12;
-  } else if (nBits >= 200) {
-    num_tests = 15;
-  } else if (nBits >= 150) {
-    num_tests = 18;
-  } else if (nBits >= 100) {
-    num_tests = 27;
-  } else
-    num_tests = 50;
-
-  if (strong) 
-    --nBits;
-  MP_CHECKOK( mpl_set_bit(start, nBits - 1, 1) );
-  MP_CHECKOK( mpl_set_bit(start,         0, 1) );
-  for (i = mpl_significant_bits(start) - 1; i >= nBits; --i) {
-    MP_CHECKOK( mpl_set_bit(start, i, 0) );
-  }
-  /* start sieveing with prime value of 3. */
-  MP_CHECKOK(mpp_sieve(start, prime_tab + 1, prime_tab_size - 1, 
-		       sieve, SIEVE_SIZE) );
-
-#ifdef DEBUG_SIEVE
-  res = 0;
-  for (i = 0; i < SIEVE_SIZE; ++i) {
-    if (!sieve[i])
-      ++res;
-  }
-  fprintf(stderr,"sieve found %d potential primes.\n", res);
-#define FPUTC(x,y) fputc(x,y)
-#else
-#define FPUTC(x,y) 
-#endif
-
-  res = MP_NO;
-  for(i = 0; i < SIEVE_SIZE; ++i) {
-    if (sieve[i])	/* this number is composite */
-      continue;
-    MP_CHECKOK( mp_add_d(start, 2 * i, &trial) );
-    FPUTC('.', stderr);
-    /* run a Fermat test */
-    res = mpp_fermat(&trial, 2);
-    if (res != MP_OKAY) {
-      if (res == MP_NO)
-	continue;	/* was composite */
-      goto CLEANUP;
-    }
-      
-    FPUTC('+', stderr);
-    /* If that passed, run some Miller-Rabin tests	*/
-    res = mpp_pprime(&trial, num_tests);
-    if (res != MP_OKAY) {
-      if (res == MP_NO)
-	continue;	/* was composite */
-      goto CLEANUP;
-    }
-    FPUTC('!', stderr);
-
-    if (!strong) 
-      break;	/* success !! */
-
-    /* At this point, we have strong evidence that our candidate
-       is itself prime.  If we want a strong prime, we need now
-       to test q = 2p + 1 for primality...
-     */
-    MP_CHECKOK( mp_mul_2(&trial, &q) );
-    MP_CHECKOK( mp_add_d(&q, 1, &q)  );
-
-    /* Test q for small prime divisors ... */
-    np = prime_tab_size;
-    res = mpp_divis_primes(&q, &np);
-    if (res == MP_YES) { /* is composite */
-      mp_clear(&q);
-      continue;
-    }
-    if (res != MP_NO) 
-      goto CLEANUP;
-
-    /* And test with Fermat, as with its parent ... */
-    res = mpp_fermat(&q, 2);
-    if (res != MP_YES) {
-      mp_clear(&q);
-      if (res == MP_NO)
-	continue;	/* was composite */
-      goto CLEANUP;
-    }
-
-    /* And test with Miller-Rabin, as with its parent ... */
-    res = mpp_pprime(&q, num_tests);
-    if (res != MP_YES) {
-      mp_clear(&q);
-      if (res == MP_NO)
-	continue;	/* was composite */
-      goto CLEANUP;
-    }
-
-    /* If it passed, we've got a winner */
-    mp_exch(&q, &trial);
-    mp_clear(&q);
-    break;
-
-  } /* end of loop through sieved values */
-  if (res == MP_YES) 
-    mp_exch(&trial, start);
-CLEANUP:
-  mp_clear(&trial);
-  mp_clear(&q);
-  if (nTries)
-    *nTries += i;
-#if defined(macintosh) || defined(XP_OS2)
-  if (sieve != NULL) {
-  	memset(sieve, 0, SIEVE_SIZE);
-  	free (sieve);
-  }
-#endif    
-  return res;
-}
-
-/*========================================================================*/
-/*------------------------------------------------------------------------*/
-/* Static functions visible only to the library internally                */
-
-/* {{{ s_mpp_divp(a, vec, size, which) */
-
-/* 
-   Test for divisibility by members of a vector of digits.  Returns
-   MP_NO if a is not divisible by any of them; returns MP_YES and sets
-   'which' to the index of the offender, if it is.  Will stop on the
-   first digit against which a is divisible.
- */
-
-mp_err    s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which)
-{
-  mp_err    res;
-  mp_digit  rem;
-
-  int     ix;
-
-  for(ix = 0; ix < size; ix++) {
-    if((res = mp_mod_d(a, vec[ix], &rem)) != MP_OKAY) 
-      return res;
-
-    if(rem == 0) {
-      if(which)
-	*which = ix;
-      return MP_YES;
-    }
-  }
-
-  return MP_NO;
-
-} /* end s_mpp_divp() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/mpprime.h b/security/nss/lib/freebl/mpi/mpprime.h
deleted file mode 100644
index 1204580f6..000000000
--- a/security/nss/lib/freebl/mpi/mpprime.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- *  mpprime.h
- *
- *  Utilities for finding and working with prime and pseudo-prime
- *  integers
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _H_MP_PRIME_
-#define _H_MP_PRIME_
-
-#include "mpi.h"
-
-extern const int prime_tab_size;   /* number of primes available */
-extern const mp_digit prime_tab[];
-
-/* Tests for divisibility    */
-mp_err  mpp_divis(mp_int *a, mp_int *b);
-mp_err  mpp_divis_d(mp_int *a, mp_digit d);
-
-/* Random selection          */
-mp_err  mpp_random(mp_int *a);
-mp_err  mpp_random_size(mp_int *a, mp_size prec);
-
-/* Pseudo-primality testing  */
-mp_err  mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which);
-mp_err  mpp_divis_primes(mp_int *a, mp_digit *np);
-mp_err  mpp_fermat(mp_int *a, mp_digit w);
-mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes);
-mp_err  mpp_pprime(mp_int *a, int nt);
-mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes, 
-		 unsigned char *sieve, mp_size nSieve);
-mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
-		      unsigned long * nTries);
-
-#endif /* end _H_MP_PRIME_ */
diff --git a/security/nss/lib/freebl/mpi/mpv_sparc.c b/security/nss/lib/freebl/mpi/mpv_sparc.c
deleted file mode 100644
index a0a0b78fb..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparc.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is a SPARC/VIS optimized multiply and add function
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are 
- * Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.   If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-
-#include "vis_proto.h"
-
-/***************************************************************/
-
-typedef  int                t_s32;
-typedef  unsigned int       t_u32;
-#if defined(__sparcv9)
-typedef  long               t_s64;
-typedef  unsigned long      t_u64;
-#else
-typedef  long long          t_s64;
-typedef  unsigned long long t_u64;
-#endif
-typedef  double             t_d64;
-
-/***************************************************************/
-
-typedef union {
-  t_d64 d64;
-  struct {
-    t_s32 i0;
-    t_s32 i1;
-  } i32s;
-} d64_2_i32;
-
-/***************************************************************/
-
-#define BUFF_SIZE  256
-
-#define A_BITS  19
-#define A_MASK  ((1 << A_BITS) - 1)
-
-/***************************************************************/
-
-static t_u64 mask_cnst[] = {
-  0x8000000080000000ull
-};
-
-/***************************************************************/
-
-#define DEF_VARS(N)                     \
-  t_d64 *py = (t_d64*)y;                \
-  t_d64 mask = *((t_d64*)mask_cnst);    \
-  t_d64 ca = (1u << 31) - 1;            \
-  t_d64 da = (t_d64)a;                  \
-  t_s64 buff[N], s;                     \
-  d64_2_i32 dy
-
-/***************************************************************/
-
-#define MUL_U32_S64_2(i)                                \
-  dy.d64 = vis_fxnor(mask, py[i]);                      \
-  buff[2*(i)  ] = (ca - (t_d64)dy.i32s.i0) * da;        \
-  buff[2*(i)+1] = (ca - (t_d64)dy.i32s.i1) * da
-
-#define MUL_U32_S64_2_D(i)              \
-  dy.d64 = vis_fxnor(mask, py[i]);      \
-  d0 = ca - (t_d64)dy.i32s.i0;          \
-  d1 = ca - (t_d64)dy.i32s.i1;          \
-  buff[4*(i)  ] = (t_s64)(d0 * da);     \
-  buff[4*(i)+1] = (t_s64)(d0 * db);     \
-  buff[4*(i)+2] = (t_s64)(d1 * da);     \
-  buff[4*(i)+3] = (t_s64)(d1 * db)
-
-/***************************************************************/
-
-#define ADD_S64_U32(i)          \
-  s = buff[i] + x[i] + c;       \
-  z[i] = s;                     \
-  c = (s >> 32)
-
-#define ADD_S64_U32_D(i)                        \
-  s = buff[2*(i)] +(((t_s64)(buff[2*(i)+1]))<<A_BITS) + x[i] + uc;   \
-  z[i] = s;                                     \
-  uc = ((t_u64)s >> 32)
-
-/***************************************************************/
-
-#define MUL_U32_S64_8(i)        \
-  MUL_U32_S64_2(i);             \
-  MUL_U32_S64_2(i+1);           \
-  MUL_U32_S64_2(i+2);           \
-  MUL_U32_S64_2(i+3)
-
-#define MUL_U32_S64_D_8(i)      \
-  MUL_U32_S64_2_D(i);           \
-  MUL_U32_S64_2_D(i+1);         \
-  MUL_U32_S64_2_D(i+2);         \
-  MUL_U32_S64_2_D(i+3)
-
-/***************************************************************/
-
-#define ADD_S64_U32_8(i)        \
-  ADD_S64_U32(i);               \
-  ADD_S64_U32(i+1);             \
-  ADD_S64_U32(i+2);             \
-  ADD_S64_U32(i+3);             \
-  ADD_S64_U32(i+4);             \
-  ADD_S64_U32(i+5);             \
-  ADD_S64_U32(i+6);             \
-  ADD_S64_U32(i+7)
-
-#define ADD_S64_U32_D_8(i)      \
-  ADD_S64_U32_D(i);             \
-  ADD_S64_U32_D(i+1);           \
-  ADD_S64_U32_D(i+2);           \
-  ADD_S64_U32_D(i+3);           \
-  ADD_S64_U32_D(i+4);           \
-  ADD_S64_U32_D(i+5);           \
-  ADD_S64_U32_D(i+6);           \
-  ADD_S64_U32_D(i+7)
-
-/***************************************************************/
-
-t_u32 mul_add(t_u32 *z, t_u32 *x, t_u32 *y, int n, t_u32 a)
-{
-  if (a < (1 << A_BITS)) {
-
-    if (n == 8) {
-      DEF_VARS(8);
-      t_s32 c = 0;
-
-      MUL_U32_S64_8(0);
-      ADD_S64_U32_8(0);
-
-      return c;
-
-    } else if (n == 16) {
-      DEF_VARS(16);
-      t_s32 c = 0;
-
-      MUL_U32_S64_8(0);
-      MUL_U32_S64_8(4);
-      ADD_S64_U32_8(0);
-      ADD_S64_U32_8(8);
-
-      return c;
-
-    } else {
-      DEF_VARS(BUFF_SIZE);
-      t_s32 i, c = 0;
-
-#pragma pipeloop(0)
-      for (i = 0; i < (n+1)/2; i ++) {
-        MUL_U32_S64_2(i);
-      }
-
-#pragma pipeloop(0)
-      for (i = 0; i < n; i ++) {
-        ADD_S64_U32(i);
-      }
-
-      return c;
-
-    }
-  } else {
-
-    if (n == 8) {
-      DEF_VARS(2*8);
-      t_d64 d0, d1, db;
-      t_u32 uc = 0;
-
-      da = (t_d64)(a &  A_MASK);
-      db = (t_d64)(a >> A_BITS);
-
-      MUL_U32_S64_D_8(0);
-      ADD_S64_U32_D_8(0);
-
-      return uc;
-
-    } else if (n == 16) {
-      DEF_VARS(2*16);
-      t_d64 d0, d1, db;
-      t_u32 uc = 0;
-
-      da = (t_d64)(a &  A_MASK);
-      db = (t_d64)(a >> A_BITS);
-
-      MUL_U32_S64_D_8(0);
-      MUL_U32_S64_D_8(4);
-      ADD_S64_U32_D_8(0);
-      ADD_S64_U32_D_8(8);
-
-      return uc;
-
-    } else {
-      DEF_VARS(2*BUFF_SIZE);
-      t_d64 d0, d1, db;
-      t_u32 i, uc = 0;
-
-      da = (t_d64)(a &  A_MASK);
-      db = (t_d64)(a >> A_BITS);
-
-#pragma pipeloop(0)
-      for (i = 0; i < (n+1)/2; i ++) {
-        MUL_U32_S64_2_D(i);
-      }
-
-#pragma pipeloop(0)
-      for (i = 0; i < n; i ++) {
-        ADD_S64_U32_D(i);
-      }
-
-      return uc;
-    }
-  }
-}
-
-/***************************************************************/
-
-t_u32 mul_add_inp(t_u32 *x, t_u32 *y, int n, t_u32 a)
-{
-  return mul_add(x, x, y, n, a);
-}
-
-/***************************************************************/
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv8.s b/security/nss/lib/freebl/mpi/mpv_sparcv8.s
deleted file mode 100644
index 81fdd1b93..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparcv8.s
+++ /dev/null
@@ -1,1641 +0,0 @@
-!/*
-! * The contents of this file are subject to the Mozilla Public
-! * License Version 1.1 (the "License"); you may not use this file
-! * except in compliance with the License. You may obtain a copy of
-! * the License at http://www.mozilla.org/MPL/
-! * 
-! * Software distributed under the License is distributed on an "AS
-! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! * implied. See the License for the specific language governing
-! * rights and limitations under the License.
-! * 
-! * The Original Code is a SPARC/VIS optimized multiply and add function
-! *
-! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! * Portions created by Sun Microsystems Inc. are 
-! * Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-! * 
-! * Contributor(s):
-! * 
-! * Alternatively, the contents of this file may be used under the
-! * terms of the GNU General Public License Version 2 or later (the
-! * "GPL"), in which case the provisions of the GPL are applicable 
-! * instead of those above.   If you wish to allow use of your 
-! * version of this file only under the terms of the GPL and not to
-! * allow others to use your version of this file under the MPL,
-! * indicate your decision by deleting the provisions above and
-! * replace them with the notice and other provisions required by
-! * the GPL.  If you do not delete the provisions above, a recipient
-! * may use your version of this file under either the MPL or the
-! * GPL.
-! *  $Id$
-! */
-
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   3 ( 0  0) */		.file	"mpv_sparc.c"
-/* 000000	  14 ( 0  0) */		.align	8
-!
-! SUBROUTINE .L_const_seg_900000106
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   .L_const_seg_900000106:		/* frequency 1.0 confidence 0.0 */
-/* 000000	  19 ( 0  0) */		.word	1127219200,0
-/* 0x0008	  20 ( 0  0) */		.word	1105199103,-4194304
-/* 0x0010	  21 ( 0  0) */		.align	16
-/* 0x0010	  27 ( 0  0) */		.global	mul_add
-
-!
-! ENTRY mul_add
-!
-
-                                   	.global mul_add
-                                   mul_add:		/* frequency 1.0 confidence 0.0 */
-/* 0x0010	  29 ( 0  1) */		sethi	%hi(0x1800),%g1
-/* 0x0014	  30 ( 0  1) */		sethi	%hi(mask_cnst),%g2
-/* 0x0018	  31 ( 1  2) */		xor	%g1,-984,%g1
-/* 0x001c	  32 ( 1  2) */		add	%g2,%lo(mask_cnst),%g2
-/* 0x0020	  33 ( 2  4) */		save	%sp,%g1,%sp
-
-!
-! ENTRY .L900000154
-!
-
-                                   .L900000154:		/* frequency 1.0 confidence 0.0 */
-/* 0x0024	  35 ( 0  2) */		call	(.+0x8)	! params = 	! Result = 
-/* 0x0028	     ( 1  2) */		sethi	%hi((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
-/* 0x002c	 177 ( 2  3) */		sethi	%hi(.L_const_seg_900000106),%g3
-/* 0x0030	 178 ( 2  3) */		add	%g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
-/* 0x0034	 179 ( 3  4) */		or	%g0,%i4,%o1
-/* 0x0038	 180 ( 3  4) */		st	%o1,[%fp+84]
-/* 0x003c	 181 ( 3  4) */		add	%g5,%o7,%o3
-/* 0x0040	 182 ( 4  5) */		add	%g3,%lo(.L_const_seg_900000106),%g3
-/* 0x0044	 183 ( 4  6) */		ld	[%o3+%g2],%g2
-/* 0x0048	 184 ( 4  5) */		or	%g0,%i3,%o2
-/* 0x004c	 185 ( 5  6) */		sethi	%hi(0x80000),%g4
-/* 0x0050	 186 ( 5  7) */		ld	[%o3+%g3],%o0
-/* 0x0054	 187 ( 5  6) */		or	%g0,%i2,%g5
-/* 0x0058	 188 ( 6  7) */		or	%g0,%o2,%o3
-/* 0x005c	 189 ( 6 10) */		ldd	[%g2],%f0
-/* 0x0060	 190 ( 6  7) */		subcc	%o1,%g4,%g0
-/* 0x0064	 191 ( 6  7) */		bcc,pn	%icc,.L77000048	! tprob=0.50
-/* 0x0068	     ( 7  8) */		subcc	%o2,8,%g0
-/* 0x006c	 193 ( 7  8) */		bne,pn	%icc,.L77000037	! tprob=0.50
-/* 0x0070	     ( 8 12) */		ldd	[%o0],%f8
-/* 0x0074	 195 ( 9 13) */		ldd	[%g5],%f4
-/* 0x0078	 196 (10 14) */		ldd	[%g5+8],%f6
-/* 0x007c	 197 (11 15) */		ldd	[%g5+16],%f10
-/* 0x0080	 198 (11 14) */		fmovs	%f8,%f12
-/* 0x0084	 199 (12 16) */		fxnor	%f0,%f4,%f4
-/* 0x0088	 200 (12 14) */		ld	[%fp+84],%f13
-/* 0x008c	 201 (13 17) */		ldd	[%o0+8],%f14
-/* 0x0090	 202 (13 17) */		fxnor	%f0,%f6,%f6
-/* 0x0094	 203 (14 18) */		ldd	[%g5+24],%f16
-/* 0x0098	 204 (14 18) */		fxnor	%f0,%f10,%f10
-/* 0x009c	 208 (15 17) */		ld	[%i1],%g2
-/* 0x00a0	 209 (15 20) */		fsubd	%f12,%f8,%f8
-/* 0x00a4	 210 (16 21) */		fitod	%f4,%f18
-/* 0x00a8	 211 (16 18) */		ld	[%i1+4],%g3
-/* 0x00ac	 212 (17 22) */		fitod	%f5,%f4
-/* 0x00b0	 213 (17 19) */		ld	[%i1+8],%g4
-/* 0x00b4	 214 (18 23) */		fitod	%f6,%f20
-/* 0x00b8	 215 (18 20) */		ld	[%i1+12],%g5
-/* 0x00bc	 216 (19 21) */		ld	[%i1+16],%o0
-/* 0x00c0	 217 (19 24) */		fitod	%f7,%f6
-/* 0x00c4	 218 (20 22) */		ld	[%i1+20],%o1
-/* 0x00c8	 219 (20 24) */		fxnor	%f0,%f16,%f16
-/* 0x00cc	 220 (21 26) */		fsubd	%f14,%f18,%f12
-/* 0x00d0	 221 (21 23) */		ld	[%i1+24],%o2
-/* 0x00d4	 222 (22 27) */		fsubd	%f14,%f4,%f4
-/* 0x00d8	 223 (22 24) */		ld	[%i1+28],%o3
-/* 0x00dc	 224 (23 28) */		fitod	%f10,%f18
-/* 0x00e0	 225 (24 29) */		fsubd	%f14,%f20,%f20
-/* 0x00e4	 226 (25 30) */		fitod	%f11,%f10
-/* 0x00e8	 227 (26 31) */		fsubd	%f14,%f6,%f6
-/* 0x00ec	 228 (26 31) */		fmuld	%f12,%f8,%f12
-/* 0x00f0	 229 (27 32) */		fitod	%f16,%f22
-/* 0x00f4	 230 (27 32) */		fmuld	%f4,%f8,%f4
-/* 0x00f8	 231 (28 33) */		fsubd	%f14,%f18,%f18
-/* 0x00fc	 232 (29 34) */		fitod	%f17,%f16
-/* 0x0100	 233 (29 34) */		fmuld	%f20,%f8,%f20
-/* 0x0104	 234 (30 35) */		fsubd	%f14,%f10,%f10
-/* 0x0108	 235 (31 36) */		fdtox	%f12,%f12
-/* 0x010c	 236 (31 32) */		std	%f12,[%sp+152]
-/* 0x0110	 237 (31 36) */		fmuld	%f6,%f8,%f6
-/* 0x0114	 238 (32 37) */		fdtox	%f4,%f4
-/* 0x0118	 239 (32 33) */		std	%f4,[%sp+144]
-/* 0x011c	 240 (33 38) */		fsubd	%f14,%f22,%f4
-/* 0x0120	 241 (33 38) */		fmuld	%f18,%f8,%f12
-/* 0x0124	 242 (34 39) */		fdtox	%f20,%f18
-/* 0x0128	 243 (34 35) */		std	%f18,[%sp+136]
-/* 0x012c	 244 (35 37) */		ldx	[%sp+152],%o4
-/* 0x0130	 245 (35 40) */		fsubd	%f14,%f16,%f14
-/* 0x0134	 246 (35 40) */		fmuld	%f10,%f8,%f10
-/* 0x0138	 247 (36 41) */		fdtox	%f6,%f6
-/* 0x013c	 248 (36 37) */		std	%f6,[%sp+128]
-/* 0x0140	 249 (37 39) */		ldx	[%sp+144],%o5
-/* 0x0144	 250 (37 38) */		add	%o4,%g2,%o4
-/* 0x0148	 251 (38 39) */		st	%o4,[%i0]
-/* 0x014c	 252 (38 39) */		srax	%o4,32,%g2
-/* 0x0150	 253 (38 43) */		fdtox	%f12,%f6
-/* 0x0154	 254 (38 43) */		fmuld	%f4,%f8,%f4
-/* 0x0158	 255 (39 40) */		std	%f6,[%sp+120]
-/* 0x015c	 256 (39 40) */		add	%o5,%g3,%g3
-/* 0x0160	 257 (40 42) */		ldx	[%sp+136],%o7
-/* 0x0164	 258 (40 41) */		add	%g3,%g2,%g2
-/* 0x0168	 259 (40 45) */		fmuld	%f14,%f8,%f6
-/* 0x016c	 260 (40 45) */		fdtox	%f10,%f8
-/* 0x0170	 261 (41 42) */		std	%f8,[%sp+112]
-/* 0x0174	 262 (41 42) */		srax	%g2,32,%o5
-/* 0x0178	 263 (42 44) */		ldx	[%sp+128],%g3
-/* 0x017c	 264 (42 43) */		add	%o7,%g4,%g4
-/* 0x0180	 265 (43 44) */		st	%g2,[%i0+4]
-/* 0x0184	 266 (43 44) */		add	%g4,%o5,%g4
-/* 0x0188	 267 (43 48) */		fdtox	%f4,%f4
-/* 0x018c	 268 (44 46) */		ldx	[%sp+120],%o5
-/* 0x0190	 269 (44 45) */		add	%g3,%g5,%g3
-/* 0x0194	 270 (44 45) */		srax	%g4,32,%g5
-/* 0x0198	 271 (45 46) */		std	%f4,[%sp+104]
-/* 0x019c	 272 (45 46) */		add	%g3,%g5,%g3
-/* 0x01a0	 273 (45 50) */		fdtox	%f6,%f4
-/* 0x01a4	 274 (46 47) */		std	%f4,[%sp+96]
-/* 0x01a8	 275 (46 47) */		add	%o5,%o0,%o0
-/* 0x01ac	 276 (46 47) */		srax	%g3,32,%o5
-/* 0x01b0	 277 (47 49) */		ldx	[%sp+112],%g5
-/* 0x01b4	 278 (47 48) */		add	%o0,%o5,%o0
-/* 0x01b8	 279 (48 49) */		st	%g4,[%i0+8]
-/* 0x01bc	 280 (49 51) */		ldx	[%sp+104],%o5
-/* 0x01c0	 281 (49 50) */		add	%g5,%o1,%o1
-/* 0x01c4	 282 (49 50) */		srax	%o0,32,%g5
-/* 0x01c8	 283 (50 51) */		st	%o0,[%i0+16]
-/* 0x01cc	 284 (50 51) */		add	%o1,%g5,%o1
-/* 0x01d0	 285 (51 53) */		ldx	[%sp+96],%g5
-/* 0x01d4	 286 (51 52) */		add	%o5,%o2,%o2
-/* 0x01d8	 287 (51 52) */		srax	%o1,32,%o5
-/* 0x01dc	 288 (52 53) */		st	%o1,[%i0+20]
-/* 0x01e0	 289 (52 53) */		add	%o2,%o5,%o2
-/* 0x01e4	 290 (53 54) */		st	%o2,[%i0+24]
-/* 0x01e8	 291 (53 54) */		srax	%o2,32,%g4
-/* 0x01ec	 292 (53 54) */		add	%g5,%o3,%g2
-/* 0x01f0	 293 (54 55) */		st	%g3,[%i0+12]
-/* 0x01f4	 294 (54 55) */		add	%g2,%g4,%g2
-/* 0x01f8	 295 (55 56) */		st	%g2,[%i0+28]
-/* 0x01fc	 299 (55 56) */		srax	%g2,32,%o7
-/* 0x0200	 300 (56 57) */		or	%g0,%o7,%i0
-/* 0x0204	     (57 64) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x0208	     (59 61) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000037
-!
-
-                                   .L77000037:		/* frequency 1.0 confidence 0.0 */
-/* 0x020c	 307 ( 0  1) */		subcc	%o2,16,%g0
-/* 0x0210	 308 ( 0  1) */		bne,pn	%icc,.L77000076	! tprob=0.50
-/* 0x0214	     ( 1  5) */		ldd	[%o0],%f8
-/* 0x0218	 310 ( 2  6) */		ldd	[%g5],%f4
-/* 0x021c	 311 ( 3  7) */		ldd	[%g5+8],%f6
-/* 0x0220	 317 ( 4  8) */		ldd	[%o0+8],%f14
-/* 0x0224	 318 ( 4  7) */		fmovs	%f8,%f12
-/* 0x0228	 319 ( 5  7) */		ld	[%fp+84],%f13
-/* 0x022c	 320 ( 5  9) */		fxnor	%f0,%f4,%f4
-/* 0x0230	 321 ( 6 10) */		ldd	[%g5+16],%f10
-/* 0x0234	 322 ( 6 10) */		fxnor	%f0,%f6,%f6
-/* 0x0238	 323 ( 7 11) */		ldd	[%g5+24],%f16
-/* 0x023c	 324 ( 8 12) */		ldd	[%g5+32],%f20
-/* 0x0240	 325 ( 8 13) */		fsubd	%f12,%f8,%f8
-/* 0x0244	 331 ( 9 11) */		ld	[%i1+40],%o7
-/* 0x0248	 332 ( 9 14) */		fitod	%f4,%f18
-/* 0x024c	 333 (10 14) */		ldd	[%g5+40],%f22
-/* 0x0250	 334 (10 15) */		fitod	%f5,%f4
-/* 0x0254	 335 (11 12) */		stx	%o7,[%sp+96]
-/* 0x0258	 336 (11 16) */		fitod	%f6,%f24
-/* 0x025c	 337 (12 14) */		ld	[%i1+44],%o7
-/* 0x0260	 338 (12 16) */		fxnor	%f0,%f10,%f10
-/* 0x0264	 339 (13 17) */		ldd	[%g5+48],%f26
-/* 0x0268	 340 (13 18) */		fitod	%f7,%f6
-/* 0x026c	 341 (14 15) */		stx	%o7,[%sp+104]
-/* 0x0270	 342 (14 19) */		fsubd	%f14,%f18,%f18
-/* 0x0274	 343 (15 17) */		ld	[%i1+48],%o7
-/* 0x0278	 344 (15 20) */		fsubd	%f14,%f4,%f4
-/* 0x027c	 345 (16 18) */		ld	[%i1+36],%o5
-/* 0x0280	 346 (16 21) */		fitod	%f10,%f28
-/* 0x0284	 347 (17 18) */		stx	%o7,[%sp+112]
-/* 0x0288	 348 (17 21) */		fxnor	%f0,%f16,%f16
-/* 0x028c	 349 (18 20) */		ld	[%i1],%g2
-/* 0x0290	 350 (18 23) */		fsubd	%f14,%f24,%f24
-/* 0x0294	 351 (19 20) */		stx	%o5,[%sp+120]
-/* 0x0298	 352 (19 24) */		fitod	%f11,%f10
-/* 0x029c	 353 (19 24) */		fmuld	%f18,%f8,%f18
-/* 0x02a0	 354 (20 22) */		ld	[%i1+52],%o5
-/* 0x02a4	 355 (20 25) */		fsubd	%f14,%f6,%f6
-/* 0x02a8	 356 (20 25) */		fmuld	%f4,%f8,%f4
-/* 0x02ac	 357 (21 26) */		fitod	%f16,%f30
-/* 0x02b0	 358 (22 26) */		fxnor	%f0,%f20,%f20
-/* 0x02b4	 359 (22 24) */		ld	[%i1+4],%g3
-/* 0x02b8	 360 (23 27) */		ldd	[%g5+56],%f2
-/* 0x02bc	 361 (23 28) */		fsubd	%f14,%f28,%f28
-/* 0x02c0	 362 (23 28) */		fmuld	%f24,%f8,%f24
-/* 0x02c4	 363 (24 25) */		stx	%o5,[%sp+128]
-/* 0x02c8	 364 (24 29) */		fdtox	%f18,%f18
-/* 0x02cc	 365 (25 26) */		std	%f18,[%sp+272]
-/* 0x02d0	 366 (25 30) */		fitod	%f17,%f16
-/* 0x02d4	 367 (25 30) */		fmuld	%f6,%f8,%f6
-/* 0x02d8	 368 (26 31) */		fsubd	%f14,%f10,%f10
-/* 0x02dc	 369 (27 32) */		fitod	%f20,%f18
-/* 0x02e0	 370 (28 33) */		fdtox	%f4,%f4
-/* 0x02e4	 371 (28 29) */		std	%f4,[%sp+264]
-/* 0x02e8	 372 (28 33) */		fmuld	%f28,%f8,%f28
-/* 0x02ec	 373 (29 31) */		ld	[%i1+8],%g4
-/* 0x02f0	 374 (29 34) */		fsubd	%f14,%f30,%f4
-/* 0x02f4	 375 (30 34) */		fxnor	%f0,%f22,%f22
-/* 0x02f8	 376 (30 32) */		ld	[%i1+12],%g5
-/* 0x02fc	 377 (31 33) */		ld	[%i1+16],%o0
-/* 0x0300	 378 (31 36) */		fitod	%f21,%f20
-/* 0x0304	 379 (31 36) */		fmuld	%f10,%f8,%f10
-/* 0x0308	 380 (32 34) */		ld	[%i1+20],%o1
-/* 0x030c	 381 (32 37) */		fdtox	%f24,%f24
-/* 0x0310	 382 (33 34) */		std	%f24,[%sp+256]
-/* 0x0314	 383 (33 38) */		fsubd	%f14,%f16,%f16
-/* 0x0318	 384 (34 36) */		ldx	[%sp+272],%o7
-/* 0x031c	 385 (34 39) */		fdtox	%f6,%f6
-/* 0x0320	 386 (34 39) */		fmuld	%f4,%f8,%f4
-/* 0x0324	 387 (35 36) */		std	%f6,[%sp+248]
-/* 0x0328	 388 (35 40) */		fitod	%f22,%f24
-/* 0x032c	 389 (36 38) */		ld	[%i1+32],%o4
-/* 0x0330	 390 (36 41) */		fsubd	%f14,%f18,%f6
-/* 0x0334	 391 (36 37) */		add	%o7,%g2,%g2
-/* 0x0338	 392 (37 39) */		ldx	[%sp+264],%o7
-/* 0x033c	 393 (37 41) */		fxnor	%f0,%f26,%f26
-/* 0x0340	 394 (37 38) */		srax	%g2,32,%o5
-/* 0x0344	 395 (38 39) */		st	%g2,[%i0]
-/* 0x0348	 396 (38 43) */		fitod	%f23,%f18
-/* 0x034c	 397 (38 43) */		fmuld	%f16,%f8,%f16
-/* 0x0350	 398 (39 41) */		ldx	[%sp+248],%g2
-/* 0x0354	 399 (39 44) */		fdtox	%f28,%f22
-/* 0x0358	 400 (39 40) */		add	%o7,%g3,%g3
-/* 0x035c	 401 (40 42) */		ldx	[%sp+256],%o7
-/* 0x0360	 402 (40 45) */		fsubd	%f14,%f20,%f20
-/* 0x0364	 403 (40 41) */		add	%g3,%o5,%g3
-/* 0x0368	 404 (41 42) */		std	%f22,[%sp+240]
-/* 0x036c	 405 (41 46) */		fitod	%f26,%f22
-/* 0x0370	 406 (41 42) */		srax	%g3,32,%o5
-/* 0x0374	 407 (41 42) */		add	%g2,%g5,%g2
-/* 0x0378	 408 (42 43) */		st	%g3,[%i0+4]
-/* 0x037c	 409 (42 47) */		fdtox	%f10,%f10
-/* 0x0380	 410 (42 43) */		add	%o7,%g4,%g4
-/* 0x0384	 411 (42 47) */		fmuld	%f6,%f8,%f6
-/* 0x0388	 412 (43 44) */		std	%f10,[%sp+232]
-/* 0x038c	 413 (43 47) */		fxnor	%f0,%f2,%f12
-/* 0x0390	 414 (43 44) */		add	%g4,%o5,%g4
-/* 0x0394	 415 (44 45) */		st	%g4,[%i0+8]
-/* 0x0398	 416 (44 45) */		srax	%g4,32,%o5
-/* 0x039c	 417 (44 49) */		fsubd	%f14,%f24,%f10
-/* 0x03a0	 418 (45 47) */		ldx	[%sp+240],%o7
-/* 0x03a4	 419 (45 50) */		fdtox	%f4,%f4
-/* 0x03a8	 420 (45 46) */		add	%g2,%o5,%g2
-/* 0x03ac	 421 (45 50) */		fmuld	%f20,%f8,%f20
-/* 0x03b0	 422 (46 47) */		std	%f4,[%sp+224]
-/* 0x03b4	 423 (46 47) */		srax	%g2,32,%g5
-/* 0x03b8	 424 (46 51) */		fsubd	%f14,%f18,%f4
-/* 0x03bc	 425 (47 48) */		st	%g2,[%i0+12]
-/* 0x03c0	 426 (47 52) */		fitod	%f27,%f24
-/* 0x03c4	 427 (47 48) */		add	%o7,%o0,%g3
-/* 0x03c8	 428 (48 50) */		ldx	[%sp+232],%o5
-/* 0x03cc	 429 (48 53) */		fdtox	%f16,%f16
-/* 0x03d0	 430 (48 49) */		add	%g3,%g5,%g2
-/* 0x03d4	 431 (49 50) */		std	%f16,[%sp+216]
-/* 0x03d8	 432 (49 50) */		srax	%g2,32,%g4
-/* 0x03dc	 433 (49 54) */		fitod	%f12,%f18
-/* 0x03e0	 434 (49 54) */		fmuld	%f10,%f8,%f10
-/* 0x03e4	 435 (50 51) */		st	%g2,[%i0+16]
-/* 0x03e8	 436 (50 55) */		fsubd	%f14,%f22,%f16
-/* 0x03ec	 437 (50 51) */		add	%o5,%o1,%g2
-/* 0x03f0	 438 (51 53) */		ld	[%i1+24],%o2
-/* 0x03f4	 439 (51 56) */		fitod	%f13,%f12
-/* 0x03f8	 440 (51 52) */		add	%g2,%g4,%g2
-/* 0x03fc	 441 (51 56) */		fmuld	%f4,%f8,%f22
-/* 0x0400	 442 (52 54) */		ldx	[%sp+224],%g3
-/* 0x0404	 443 (52 53) */		srax	%g2,32,%g4
-/* 0x0408	 444 (52 57) */		fdtox	%f6,%f6
-/* 0x040c	 445 (53 54) */		std	%f6,[%sp+208]
-/* 0x0410	 446 (53 58) */		fdtox	%f20,%f6
-/* 0x0414	 447 (54 55) */		stx	%o4,[%sp+136]
-/* 0x0418	 448 (54 59) */		fsubd	%f14,%f24,%f4
-/* 0x041c	 449 (55 56) */		std	%f6,[%sp+200]
-/* 0x0420	 450 (55 60) */		fsubd	%f14,%f18,%f6
-/* 0x0424	 451 (55 60) */		fmuld	%f16,%f8,%f16
-/* 0x0428	 452 (56 57) */		st	%g2,[%i0+20]
-/* 0x042c	 453 (56 57) */		add	%g3,%o2,%g2
-/* 0x0430	 454 (56 61) */		fdtox	%f10,%f10
-/* 0x0434	 455 (57 59) */		ld	[%i1+28],%o3
-/* 0x0438	 456 (57 58) */		add	%g2,%g4,%g2
-/* 0x043c	 457 (58 60) */		ldx	[%sp+216],%g5
-/* 0x0440	 458 (58 59) */		srax	%g2,32,%g4
-/* 0x0444	 459 (59 60) */		std	%f10,[%sp+192]
-/* 0x0448	 460 (59 64) */		fsubd	%f14,%f12,%f10
-/* 0x044c	 461 (59 64) */		fmuld	%f4,%f8,%f4
-/* 0x0450	 462 (60 61) */		st	%g2,[%i0+24]
-/* 0x0454	 463 (60 61) */		add	%g5,%o3,%g2
-/* 0x0458	 464 (60 65) */		fdtox	%f22,%f12
-/* 0x045c	 465 (60 65) */		fmuld	%f6,%f8,%f6
-/* 0x0460	 466 (61 63) */		ldx	[%sp+136],%o0
-/* 0x0464	 467 (61 62) */		add	%g2,%g4,%g2
-/* 0x0468	 468 (62 64) */		ldx	[%sp+208],%g3
-/* 0x046c	 469 (62 63) */		srax	%g2,32,%g4
-/* 0x0470	 470 (63 65) */		ldx	[%sp+120],%o1
-/* 0x0474	 471 (64 66) */		ldx	[%sp+200],%g5
-/* 0x0478	 472 (64 65) */		add	%g3,%o0,%g3
-/* 0x047c	 473 (64 69) */		fdtox	%f4,%f4
-/* 0x0480	 474 (64 69) */		fmuld	%f10,%f8,%f8
-/* 0x0484	 475 (65 66) */		std	%f12,[%sp+184]
-/* 0x0488	 476 (65 66) */		add	%g3,%g4,%g3
-/* 0x048c	 477 (65 70) */		fdtox	%f16,%f12
-/* 0x0490	 478 (66 67) */		std	%f12,[%sp+176]
-/* 0x0494	 479 (66 67) */		srax	%g3,32,%o0
-/* 0x0498	 480 (66 67) */		add	%g5,%o1,%g5
-/* 0x049c	 481 (67 69) */		ldx	[%sp+192],%o2
-/* 0x04a0	 482 (67 68) */		add	%g5,%o0,%g5
-/* 0x04a4	 483 (68 70) */		ldx	[%sp+96],%g4
-/* 0x04a8	 484 (68 69) */		srax	%g5,32,%o1
-/* 0x04ac	 485 (69 71) */		ld	[%i1+56],%o4
-/* 0x04b0	 486 (70 72) */		ldx	[%sp+104],%o0
-/* 0x04b4	 487 (70 71) */		add	%o2,%g4,%g4
-/* 0x04b8	 488 (71 72) */		std	%f4,[%sp+168]
-/* 0x04bc	 489 (71 72) */		add	%g4,%o1,%g4
-/* 0x04c0	 490 (71 76) */		fdtox	%f6,%f4
-/* 0x04c4	 491 (72 74) */		ldx	[%sp+184],%o3
-/* 0x04c8	 492 (72 73) */		srax	%g4,32,%o2
-/* 0x04cc	 493 (73 75) */		ldx	[%sp+112],%o1
-/* 0x04d0	 494 (74 75) */		std	%f4,[%sp+160]
-/* 0x04d4	 495 (74 75) */		add	%o3,%o0,%o0
-/* 0x04d8	 496 (74 79) */		fdtox	%f8,%f4
-/* 0x04dc	 497 (75 77) */		ldx	[%sp+176],%o5
-/* 0x04e0	 498 (75 76) */		add	%o0,%o2,%o0
-/* 0x04e4	 499 (76 77) */		stx	%o4,[%sp+144]
-/* 0x04e8	 500 (77 78) */		st	%g2,[%i0+28]
-/* 0x04ec	 501 (77 78) */		add	%o5,%o1,%g2
-/* 0x04f0	 502 (77 78) */		srax	%o0,32,%o1
-/* 0x04f4	 503 (78 79) */		std	%f4,[%sp+152]
-/* 0x04f8	 504 (78 79) */		add	%g2,%o1,%o1
-/* 0x04fc	 505 (79 81) */		ldx	[%sp+168],%o7
-/* 0x0500	 506 (79 80) */		srax	%o1,32,%o3
-/* 0x0504	 507 (80 82) */		ldx	[%sp+128],%o2
-/* 0x0508	 508 (81 83) */		ld	[%i1+60],%o4
-/* 0x050c	 509 (82 83) */		add	%o7,%o2,%o2
-/* 0x0510	 510 (83 84) */		add	%o2,%o3,%o2
-/* 0x0514	 511 (83 85) */		ldx	[%sp+144],%o5
-/* 0x0518	 512 (84 86) */		ldx	[%sp+160],%g2
-/* 0x051c	 513 (85 87) */		ldx	[%sp+152],%o3
-/* 0x0520	 514 (86 87) */		st	%g3,[%i0+32]
-/* 0x0524	 515 (86 87) */		add	%g2,%o5,%g2
-/* 0x0528	 516 (86 87) */		srax	%o2,32,%o5
-/* 0x052c	 517 (87 88) */		st	%g5,[%i0+36]
-/* 0x0530	 518 (87 88) */		add	%g2,%o5,%g2
-/* 0x0534	 519 (87 88) */		add	%o3,%o4,%g3
-/* 0x0538	 520 (88 89) */		st	%o0,[%i0+44]
-/* 0x053c	 521 (88 89) */		srax	%g2,32,%g5
-/* 0x0540	 522 (89 90) */		st	%o1,[%i0+48]
-/* 0x0544	 523 (89 90) */		add	%g3,%g5,%g3
-/* 0x0548	 524 (90 91) */		st	%o2,[%i0+52]
-/* 0x054c	 528 (90 91) */		srax	%g3,32,%o7
-/* 0x0550	 529 (91 92) */		st	%g4,[%i0+40]
-/* 0x0554	 530 (92 93) */		st	%g2,[%i0+56]
-/* 0x0558	 531 (93 94) */		st	%g3,[%i0+60]
-/* 0x055c	 532 (93 94) */		or	%g0,%o7,%i0
-/* 0x0560	     (94 101) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x0564	     (96 98) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000076
-!
-
-                                   .L77000076:		/* frequency 1.0 confidence 0.0 */
-/* 0x0568	 540 ( 0  4) */		ldd	[%o0],%f6
-/* 0x056c	 546 ( 0  1) */		add	%o2,1,%g2
-/* 0x0570	 547 ( 0  3) */		fmovd	%f0,%f14
-/* 0x0574	 548 ( 0  1) */		or	%g0,0,%o7
-/* 0x0578	 549 ( 1  3) */		ld	[%fp+84],%f9
-/* 0x057c	 550 ( 1  2) */		srl	%g2,31,%g3
-/* 0x0580	 551 ( 1  2) */		add	%fp,-2264,%o5
-/* 0x0584	 552 ( 2  3) */		add	%g2,%g3,%g2
-/* 0x0588	 553 ( 2  6) */		ldd	[%o0+8],%f18
-/* 0x058c	 554 ( 2  3) */		add	%fp,-2256,%o4
-/* 0x0590	 555 ( 3  6) */		fmovs	%f6,%f8
-/* 0x0594	 556 ( 3  4) */		sra	%g2,1,%o1
-/* 0x0598	 557 ( 3  4) */		or	%g0,0,%g2
-/* 0x059c	 558 ( 4  5) */		subcc	%o1,0,%g0
-/* 0x05a0	 559 ( 4  5) */		sub	%o1,1,%o2
-/* 0x05a4	 563 ( 5  6) */		add	%g5,32,%o0
-/* 0x05a8	 564 ( 6 11) */		fsubd	%f8,%f6,%f16
-/* 0x05ac	 565 ( 6  7) */		ble,pt	%icc,.L900000161	! tprob=0.50
-/* 0x05b0	     ( 6  7) */		subcc	%o3,0,%g0
-/* 0x05b4	 567 ( 7  8) */		subcc	%o1,7,%g0
-/* 0x05b8	 568 ( 7  8) */		bl,pn	%icc,.L77000077	! tprob=0.50
-/* 0x05bc	     ( 7  8) */		sub	%o1,2,%o1
-/* 0x05c0	 570 ( 8 12) */		ldd	[%g5],%f2
-/* 0x05c4	 571 ( 9 13) */		ldd	[%g5+8],%f4
-/* 0x05c8	 572 ( 9 10) */		or	%g0,5,%g2
-/* 0x05cc	 573 (10 14) */		ldd	[%g5+16],%f0
-/* 0x05d0	 574 (11 15) */		fxnor	%f14,%f2,%f2
-/* 0x05d4	 575 (11 15) */		ldd	[%g5+24],%f12
-/* 0x05d8	 576 (12 16) */		fxnor	%f14,%f4,%f6
-/* 0x05dc	 577 (12 16) */		ldd	[%g5+32],%f10
-/* 0x05e0	 578 (13 17) */		fxnor	%f14,%f0,%f8
-/* 0x05e4	 579 (15 20) */		fitod	%f3,%f0
-/* 0x05e8	 580 (16 21) */		fitod	%f2,%f4
-/* 0x05ec	 581 (17 22) */		fitod	%f7,%f2
-/* 0x05f0	 582 (18 23) */		fitod	%f6,%f6
-/* 0x05f4	 583 (20 25) */		fsubd	%f18,%f0,%f0
-/* 0x05f8	 584 (21 26) */		fsubd	%f18,%f4,%f4
-
-!
-! ENTRY .L900000149
-!
-
-                                   .L900000149:		/* frequency 1.0 confidence 0.0 */
-/* 0x05fc	 586 ( 0  4) */		fxnor	%f14,%f12,%f22
-/* 0x0600	 587 ( 0  5) */		fmuld	%f4,%f16,%f4
-/* 0x0604	 588 ( 0  1) */		add	%g2,2,%g2
-/* 0x0608	 589 ( 0  1) */		add	%o4,32,%o4
-/* 0x060c	 590 ( 1  6) */		fitod	%f9,%f24
-/* 0x0610	 591 ( 1  6) */		fmuld	%f0,%f16,%f20
-/* 0x0614	 592 ( 1  2) */		add	%o0,8,%o0
-/* 0x0618	 593 ( 1  2) */		subcc	%g2,%o1,%g0
-/* 0x061c	 594 ( 2  6) */		ldd	[%o0],%f12
-/* 0x0620	 595 ( 2  7) */		fsubd	%f18,%f2,%f0
-/* 0x0624	 596 ( 2  3) */		add	%o5,32,%o5
-/* 0x0628	 597 ( 3  8) */		fsubd	%f18,%f6,%f2
-/* 0x062c	 598 ( 5 10) */		fdtox	%f4,%f4
-/* 0x0630	 599 ( 6 11) */		fdtox	%f20,%f6
-/* 0x0634	 600 ( 6  7) */		std	%f4,[%o5-32]
-/* 0x0638	 601 ( 7 12) */		fitod	%f8,%f4
-/* 0x063c	 602 ( 7  8) */		std	%f6,[%o4-32]
-/* 0x0640	 603 ( 8 12) */		fxnor	%f14,%f10,%f8
-/* 0x0644	 604 ( 8 13) */		fmuld	%f2,%f16,%f6
-/* 0x0648	 605 ( 9 14) */		fitod	%f23,%f2
-/* 0x064c	 606 ( 9 14) */		fmuld	%f0,%f16,%f20
-/* 0x0650	 607 ( 9 10) */		add	%o0,8,%o0
-/* 0x0654	 608 (10 14) */		ldd	[%o0],%f10
-/* 0x0658	 609 (10 15) */		fsubd	%f18,%f24,%f0
-/* 0x065c	 610 (12 17) */		fsubd	%f18,%f4,%f4
-/* 0x0660	 611 (13 18) */		fdtox	%f6,%f6
-/* 0x0664	 612 (14 19) */		fdtox	%f20,%f20
-/* 0x0668	 613 (14 15) */		std	%f6,[%o5-16]
-/* 0x066c	 614 (15 20) */		fitod	%f22,%f6
-/* 0x0670	 615 (15 16) */		ble,pt	%icc,.L900000149	! tprob=0.50
-/* 0x0674	     (15 16) */		std	%f20,[%o4-16]
-
-!
-! ENTRY .L900000152
-!
-
-                                   .L900000152:		/* frequency 1.0 confidence 0.0 */
-/* 0x0678	 618 ( 0  4) */		fxnor	%f14,%f12,%f12
-/* 0x067c	 619 ( 0  5) */		fmuld	%f0,%f16,%f22
-/* 0x0680	 620 ( 0  1) */		add	%o5,80,%o5
-/* 0x0684	 621 ( 0  1) */		add	%o4,80,%o4
-/* 0x0688	 622 ( 1  5) */		fxnor	%f14,%f10,%f0
-/* 0x068c	 623 ( 1  6) */		fmuld	%f4,%f16,%f24
-/* 0x0690	 624 ( 1  2) */		subcc	%g2,%o2,%g0
-/* 0x0694	 625 ( 1  2) */		add	%o0,8,%g5
-/* 0x0698	 626 ( 2  7) */		fitod	%f8,%f20
-/* 0x069c	 627 ( 3  8) */		fitod	%f9,%f8
-/* 0x06a0	 628 ( 4  9) */		fsubd	%f18,%f6,%f6
-/* 0x06a4	 629 ( 5 10) */		fitod	%f12,%f26
-/* 0x06a8	 630 ( 6 11) */		fitod	%f13,%f4
-/* 0x06ac	 631 ( 7 12) */		fsubd	%f18,%f2,%f12
-/* 0x06b0	 632 ( 8 13) */		fitod	%f0,%f2
-/* 0x06b4	 633 ( 9 14) */		fitod	%f1,%f0
-/* 0x06b8	 634 (10 15) */		fsubd	%f18,%f20,%f10
-/* 0x06bc	 635 (10 15) */		fmuld	%f6,%f16,%f20
-/* 0x06c0	 636 (11 16) */		fsubd	%f18,%f8,%f8
-/* 0x06c4	 637 (12 17) */		fsubd	%f18,%f26,%f6
-/* 0x06c8	 638 (12 17) */		fmuld	%f12,%f16,%f12
-/* 0x06cc	 639 (13 18) */		fsubd	%f18,%f4,%f4
-/* 0x06d0	 640 (14 19) */		fsubd	%f18,%f2,%f2
-/* 0x06d4	 641 (15 20) */		fsubd	%f18,%f0,%f0
-/* 0x06d8	 642 (15 20) */		fmuld	%f10,%f16,%f10
-/* 0x06dc	 643 (16 21) */		fdtox	%f24,%f24
-/* 0x06e0	 644 (16 17) */		std	%f24,[%o5-80]
-/* 0x06e4	 645 (16 21) */		fmuld	%f8,%f16,%f8
-/* 0x06e8	 646 (17 22) */		fdtox	%f22,%f22
-/* 0x06ec	 647 (17 18) */		std	%f22,[%o4-80]
-/* 0x06f0	 648 (17 22) */		fmuld	%f6,%f16,%f6
-/* 0x06f4	 649 (18 23) */		fdtox	%f20,%f20
-/* 0x06f8	 650 (18 19) */		std	%f20,[%o5-64]
-/* 0x06fc	 651 (18 23) */		fmuld	%f4,%f16,%f4
-/* 0x0700	 652 (19 24) */		fdtox	%f12,%f12
-/* 0x0704	 653 (19 20) */		std	%f12,[%o4-64]
-/* 0x0708	 654 (19 24) */		fmuld	%f2,%f16,%f2
-/* 0x070c	 655 (20 25) */		fdtox	%f10,%f10
-/* 0x0710	 656 (20 21) */		std	%f10,[%o5-48]
-/* 0x0714	 657 (20 25) */		fmuld	%f0,%f16,%f0
-/* 0x0718	 658 (21 26) */		fdtox	%f8,%f8
-/* 0x071c	 659 (21 22) */		std	%f8,[%o4-48]
-/* 0x0720	 660 (22 27) */		fdtox	%f6,%f6
-/* 0x0724	 661 (22 23) */		std	%f6,[%o5-32]
-/* 0x0728	 662 (23 28) */		fdtox	%f4,%f4
-/* 0x072c	 663 (23 24) */		std	%f4,[%o4-32]
-/* 0x0730	 664 (24 29) */		fdtox	%f2,%f2
-/* 0x0734	 665 (24 25) */		std	%f2,[%o5-16]
-/* 0x0738	 666 (25 30) */		fdtox	%f0,%f0
-/* 0x073c	 667 (25 26) */		bg,pn	%icc,.L77000043	! tprob=0.50
-/* 0x0740	     (25 26) */		std	%f0,[%o4-16]
-
-!
-! ENTRY .L77000077
-!
-
-                                   .L77000077:		/* frequency 1.0 confidence 0.0 */
-/* 0x0744	 670 ( 0  4) */		ldd	[%g5],%f0
-
-!
-! ENTRY .L900000160
-!
-
-                                   .L900000160:		/* frequency 1.0 confidence 0.0 */
-/* 0x0748	 672 ( 0  4) */		fxnor	%f14,%f0,%f0
-/* 0x074c	 673 ( 0  1) */		add	%g2,1,%g2
-/* 0x0750	 674 ( 0  1) */		add	%g5,8,%g5
-/* 0x0754	 675 ( 1  2) */		subcc	%g2,%o2,%g0
-/* 0x0758	 676 ( 4  9) */		fitod	%f0,%f2
-/* 0x075c	 677 ( 5 10) */		fitod	%f1,%f0
-/* 0x0760	 678 ( 9 14) */		fsubd	%f18,%f2,%f2
-/* 0x0764	 679 (10 15) */		fsubd	%f18,%f0,%f0
-/* 0x0768	 680 (14 19) */		fmuld	%f2,%f16,%f2
-/* 0x076c	 681 (15 20) */		fmuld	%f0,%f16,%f0
-/* 0x0770	 682 (19 24) */		fdtox	%f2,%f2
-/* 0x0774	 683 (19 20) */		std	%f2,[%o5]
-/* 0x0778	 684 (19 20) */		add	%o5,16,%o5
-/* 0x077c	 685 (20 25) */		fdtox	%f0,%f0
-/* 0x0780	 686 (20 21) */		std	%f0,[%o4]
-/* 0x0784	 687 (20 21) */		add	%o4,16,%o4
-/* 0x0788	 688 (20 21) */		ble,a,pt	%icc,.L900000160	! tprob=0.50
-/* 0x078c	     (23 27) */		ldd	[%g5],%f0
-
-!
-! ENTRY .L77000043
-!
-
-                                   .L77000043:		/* frequency 1.0 confidence 0.0 */
-/* 0x0790	 696 ( 0  1) */		subcc	%o3,0,%g0
-
-!
-! ENTRY .L900000161
-!
-
-                                   .L900000161:		/* frequency 1.0 confidence 0.0 */
-/* 0x0794	 698 ( 0  1) */		ble,a,pt	%icc,.L900000159	! tprob=0.50
-/* 0x0798	     ( 0  1) */		or	%g0,%o7,%i0
-/* 0x079c	 703 ( 0  2) */		ldx	[%fp-2256],%o2
-/* 0x07a0	 704 ( 0  1) */		or	%g0,%i1,%g3
-/* 0x07a4	 705 ( 1  2) */		sub	%o3,1,%o5
-/* 0x07a8	 706 ( 1  2) */		or	%g0,0,%g4
-/* 0x07ac	 707 ( 2  3) */		add	%fp,-2264,%g5
-/* 0x07b0	 708 ( 2  3) */		or	%g0,%i0,%g2
-/* 0x07b4	 709 ( 3  4) */		subcc	%o3,6,%g0
-/* 0x07b8	 710 ( 3  4) */		sub	%o5,2,%o4
-/* 0x07bc	 711 ( 3  4) */		bl,pn	%icc,.L77000078	! tprob=0.50
-/* 0x07c0	     ( 3  5) */		ldx	[%fp-2264],%o0
-/* 0x07c4	 713 ( 4  6) */		ld	[%g3],%o1
-/* 0x07c8	 714 ( 4  5) */		add	%g2,4,%g2
-/* 0x07cc	 715 ( 4  5) */		or	%g0,3,%g4
-/* 0x07d0	 716 ( 5  7) */		ld	[%g3+4],%o3
-/* 0x07d4	 717 ( 5  6) */		add	%g3,8,%g3
-/* 0x07d8	 718 ( 5  6) */		add	%fp,-2240,%g5
-/* 0x07dc	 719 ( 6  7) */		add	%o0,%o1,%o0
-/* 0x07e0	 720 ( 6  8) */		ldx	[%fp-2248],%o1
-/* 0x07e4	 721 ( 7  8) */		st	%o0,[%g2-4]
-/* 0x07e8	 722 ( 7  8) */		srax	%o0,32,%o0
-
-!
-! ENTRY .L900000145
-!
-
-                                   .L900000145:		/* frequency 1.0 confidence 0.0 */
-/* 0x07ec	 724 ( 0  2) */		ld	[%g3],%o7
-/* 0x07f0	 725 ( 0  1) */		add	%o2,%o3,%o2
-/* 0x07f4	 726 ( 0  1) */		sra	%o0,0,%o3
-/* 0x07f8	 727 ( 1  3) */		ldx	[%g5],%o0
-/* 0x07fc	 728 ( 1  2) */		add	%o2,%o3,%o2
-/* 0x0800	 729 ( 1  2) */		add	%g4,3,%g4
-/* 0x0804	 730 ( 2  3) */		st	%o2,[%g2]
-/* 0x0808	 731 ( 2  3) */		srax	%o2,32,%o3
-/* 0x080c	 732 ( 2  3) */		subcc	%g4,%o4,%g0
-/* 0x0810	 733 ( 3  5) */		ld	[%g3+4],%o2
-/* 0x0814	 734 ( 4  5) */		stx	%o2,[%sp+96]
-/* 0x0818	 735 ( 4  5) */		add	%o1,%o7,%o1
-/* 0x081c	 736 ( 5  7) */		ldx	[%g5+8],%o2
-/* 0x0820	 737 ( 5  6) */		add	%o1,%o3,%o1
-/* 0x0824	 738 ( 5  6) */		add	%g2,12,%g2
-/* 0x0828	 739 ( 6  7) */		st	%o1,[%g2-8]
-/* 0x082c	 740 ( 6  7) */		srax	%o1,32,%o7
-/* 0x0830	 741 ( 6  7) */		add	%g3,12,%g3
-/* 0x0834	 742 ( 7  9) */		ld	[%g3-4],%o3
-/* 0x0838	 743 ( 8 10) */		ldx	[%sp+96],%o1
-/* 0x083c	 744 (10 11) */		add	%o0,%o1,%o0
-/* 0x0840	 745 (10 12) */		ldx	[%g5+16],%o1
-/* 0x0844	 746 (11 12) */		add	%o0,%o7,%o0
-/* 0x0848	 747 (11 12) */		add	%g5,24,%g5
-/* 0x084c	 748 (11 12) */		st	%o0,[%g2-4]
-/* 0x0850	 749 (11 12) */		ble,pt	%icc,.L900000145	! tprob=0.50
-/* 0x0854	     (12 13) */		srax	%o0,32,%o0
-
-!
-! ENTRY .L900000148
-!
-
-                                   .L900000148:		/* frequency 1.0 confidence 0.0 */
-/* 0x0858	 752 ( 0  1) */		add	%o2,%o3,%o2
-/* 0x085c	 753 ( 0  1) */		sra	%o0,0,%o3
-/* 0x0860	 754 ( 0  2) */		ld	[%g3],%o0
-/* 0x0864	 755 ( 1  2) */		add	%o2,%o3,%o3
-/* 0x0868	 756 ( 1  2) */		add	%g2,8,%g2
-/* 0x086c	 757 ( 2  3) */		srax	%o3,32,%o2
-/* 0x0870	 758 ( 2  3) */		st	%o3,[%g2-8]
-/* 0x0874	 759 ( 2  3) */		add	%o1,%o0,%o0
-/* 0x0878	 760 ( 3  4) */		add	%o0,%o2,%o0
-/* 0x087c	 761 ( 3  4) */		st	%o0,[%g2-4]
-/* 0x0880	 762 ( 3  4) */		subcc	%g4,%o5,%g0
-/* 0x0884	 763 ( 3  4) */		bg,pn	%icc,.L77000061	! tprob=0.50
-/* 0x0888	     ( 4  5) */		srax	%o0,32,%o7
-/* 0x088c	 765 ( 4  5) */		add	%g3,4,%g3
-
-!
-! ENTRY .L77000078
-!
-
-                                   .L77000078:		/* frequency 1.0 confidence 0.0 */
-/* 0x0890	 767 ( 0  2) */		ld	[%g3],%o2
-
-!
-! ENTRY .L900000158
-!
-
-                                   .L900000158:		/* frequency 1.0 confidence 0.0 */
-/* 0x0894	 769 ( 0  2) */		ldx	[%g5],%o0
-/* 0x0898	 770 ( 0  1) */		sra	%o7,0,%o1
-/* 0x089c	 771 ( 0  1) */		add	%g4,1,%g4
-/* 0x08a0	 772 ( 1  2) */		add	%g3,4,%g3
-/* 0x08a4	 773 ( 1  2) */		add	%g5,8,%g5
-/* 0x08a8	 774 ( 2  3) */		add	%o0,%o2,%o0
-/* 0x08ac	 775 ( 2  3) */		subcc	%g4,%o5,%g0
-/* 0x08b0	 776 ( 3  4) */		add	%o0,%o1,%o0
-/* 0x08b4	 777 ( 3  4) */		st	%o0,[%g2]
-/* 0x08b8	 778 ( 3  4) */		add	%g2,4,%g2
-/* 0x08bc	 779 ( 4  5) */		srax	%o0,32,%o7
-/* 0x08c0	 780 ( 4  5) */		ble,a,pt	%icc,.L900000158	! tprob=0.50
-/* 0x08c4	     ( 4  6) */		ld	[%g3],%o2
-
-!
-! ENTRY .L77000047
-!
-
-                                   .L77000047:		/* frequency 1.0 confidence 0.0 */
-/* 0x08c8	 783 ( 0  1) */		or	%g0,%o7,%i0
-/* 0x08cc	     ( 1  8) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x08d0	     ( 3  5) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000048
-!
-
-                                   .L77000048:		/* frequency 1.0 confidence 0.0 */
-/* 0x08d4	 794 ( 0  1) */		bne,pn	%icc,.L77000050	! tprob=0.50
-/* 0x08d8	     ( 0  1) */		sethi	%hi(0xfff80000),%g2
-/* 0x08dc	 796 ( 0  4) */		ldd	[%g5],%f4
-/* 0x08e0	 804 ( 0  1) */		srl	%o1,19,%g3
-/* 0x08e4	 805 ( 1  2) */		st	%g3,[%sp+240]
-/* 0x08e8	 806 ( 1  2) */		andn	%o1,%g2,%g2
-/* 0x08ec	 807 ( 2  6) */		ldd	[%o0],%f8
-/* 0x08f0	 808 ( 3  4) */		st	%g2,[%sp+244]
-/* 0x08f4	 809 ( 3  7) */		fxnor	%f0,%f4,%f4
-/* 0x08f8	 810 ( 4  8) */		ldd	[%g5+8],%f6
-/* 0x08fc	 814 ( 5  9) */		ldd	[%o0+8],%f18
-/* 0x0900	 815 ( 5  8) */		fmovs	%f8,%f12
-/* 0x0904	 816 ( 6 10) */		ldd	[%g5+16],%f10
-/* 0x0908	 817 ( 6  9) */		fmovs	%f8,%f16
-/* 0x090c	 818 ( 7 11) */		ldd	[%g5+24],%f20
-/* 0x0910	 819 ( 7 12) */		fitod	%f4,%f14
-/* 0x0914	 823 ( 8 10) */		ld	[%i1],%g2
-/* 0x0918	 824 ( 8 13) */		fitod	%f5,%f4
-/* 0x091c	 825 ( 9 11) */		ld	[%sp+240],%f13
-/* 0x0920	 826 ( 9 13) */		fxnor	%f0,%f6,%f6
-/* 0x0924	 827 (10 12) */		ld	[%sp+244],%f17
-/* 0x0928	 828 (10 14) */		fxnor	%f0,%f10,%f10
-/* 0x092c	 829 (11 13) */		ld	[%i1+28],%o3
-/* 0x0930	 830 (11 15) */		fxnor	%f0,%f20,%f20
-/* 0x0934	 831 (12 14) */		ld	[%i1+4],%g3
-/* 0x0938	 832 (12 17) */		fsubd	%f12,%f8,%f12
-/* 0x093c	 833 (13 14) */		stx	%o3,[%sp+96]
-/* 0x0940	 834 (13 18) */		fsubd	%f18,%f14,%f14
-/* 0x0944	 835 (14 16) */		ld	[%i1+8],%g4
-/* 0x0948	 836 (14 19) */		fsubd	%f16,%f8,%f8
-/* 0x094c	 837 (15 17) */		ld	[%i1+12],%g5
-/* 0x0950	 838 (15 20) */		fsubd	%f18,%f4,%f4
-/* 0x0954	 839 (16 18) */		ld	[%i1+16],%o0
-/* 0x0958	 840 (16 21) */		fitod	%f6,%f22
-/* 0x095c	 841 (17 19) */		ld	[%i1+20],%o1
-/* 0x0960	 842 (17 22) */		fitod	%f7,%f6
-/* 0x0964	 843 (18 20) */		ld	[%i1+24],%o2
-/* 0x0968	 844 (18 23) */		fitod	%f10,%f16
-/* 0x096c	 845 (18 23) */		fmuld	%f14,%f12,%f24
-/* 0x0970	 846 (19 24) */		fitod	%f20,%f28
-/* 0x0974	 847 (19 24) */		fmuld	%f14,%f8,%f14
-/* 0x0978	 848 (20 25) */		fitod	%f11,%f10
-/* 0x097c	 849 (20 25) */		fmuld	%f4,%f12,%f26
-/* 0x0980	 850 (21 26) */		fsubd	%f18,%f22,%f22
-/* 0x0984	 851 (21 26) */		fmuld	%f4,%f8,%f4
-/* 0x0988	 852 (22 27) */		fsubd	%f18,%f6,%f6
-/* 0x098c	 853 (23 28) */		fdtox	%f24,%f24
-/* 0x0990	 854 (23 24) */		std	%f24,[%sp+224]
-/* 0x0994	 855 (24 29) */		fdtox	%f14,%f14
-/* 0x0998	 856 (24 25) */		std	%f14,[%sp+232]
-/* 0x099c	 857 (25 30) */		fdtox	%f26,%f14
-/* 0x09a0	 858 (25 26) */		std	%f14,[%sp+208]
-/* 0x09a4	 859 (26 28) */		ldx	[%sp+224],%o4
-/* 0x09a8	 860 (26 31) */		fitod	%f21,%f20
-/* 0x09ac	 861 (26 31) */		fmuld	%f22,%f12,%f30
-/* 0x09b0	 862 (27 29) */		ldx	[%sp+232],%o5
-/* 0x09b4	 863 (27 32) */		fsubd	%f18,%f16,%f16
-/* 0x09b8	 864 (27 32) */		fmuld	%f22,%f8,%f22
-/* 0x09bc	 865 (28 29) */		sllx	%o4,19,%o4
-/* 0x09c0	 866 (28 33) */		fdtox	%f4,%f4
-/* 0x09c4	 867 (28 29) */		std	%f4,[%sp+216]
-/* 0x09c8	 868 (28 33) */		fmuld	%f6,%f12,%f24
-/* 0x09cc	 869 (29 34) */		fsubd	%f18,%f28,%f26
-/* 0x09d0	 870 (29 30) */		add	%o5,%o4,%o4
-/* 0x09d4	 871 (29 34) */		fmuld	%f6,%f8,%f6
-/* 0x09d8	 872 (30 35) */		fsubd	%f18,%f10,%f10
-/* 0x09dc	 873 (30 31) */		add	%o4,%g2,%g2
-/* 0x09e0	 874 (30 31) */		st	%g2,[%i0]
-/* 0x09e4	 875 (31 33) */		ldx	[%sp+208],%o7
-/* 0x09e8	 876 (31 32) */		srlx	%g2,32,%o5
-/* 0x09ec	 877 (31 36) */		fsubd	%f18,%f20,%f18
-/* 0x09f0	 878 (32 37) */		fdtox	%f30,%f28
-/* 0x09f4	 879 (32 33) */		std	%f28,[%sp+192]
-/* 0x09f8	 880 (32 37) */		fmuld	%f16,%f12,%f14
-/* 0x09fc	 881 (33 34) */		sllx	%o7,19,%o4
-/* 0x0a00	 882 (33 35) */		ldx	[%sp+216],%o7
-/* 0x0a04	 883 (33 38) */		fdtox	%f22,%f20
-/* 0x0a08	 884 (33 38) */		fmuld	%f16,%f8,%f16
-/* 0x0a0c	 885 (34 35) */		std	%f20,[%sp+200]
-/* 0x0a10	 886 (34 39) */		fdtox	%f24,%f20
-/* 0x0a14	 887 (34 39) */		fmuld	%f26,%f12,%f22
-/* 0x0a18	 888 (35 36) */		std	%f20,[%sp+176]
-/* 0x0a1c	 889 (35 36) */		add	%o7,%o4,%o4
-/* 0x0a20	 890 (35 40) */		fdtox	%f6,%f6
-/* 0x0a24	 891 (35 40) */		fmuld	%f10,%f12,%f4
-/* 0x0a28	 892 (36 38) */		ldx	[%sp+192],%o3
-/* 0x0a2c	 893 (36 37) */		add	%o4,%g3,%g3
-/* 0x0a30	 894 (36 41) */		fmuld	%f10,%f8,%f10
-/* 0x0a34	 895 (37 38) */		std	%f6,[%sp+184]
-/* 0x0a38	 896 (37 38) */		add	%g3,%o5,%g3
-/* 0x0a3c	 897 (37 42) */		fdtox	%f14,%f6
-/* 0x0a40	 898 (37 42) */		fmuld	%f26,%f8,%f20
-/* 0x0a44	 899 (38 40) */		ldx	[%sp+200],%o4
-/* 0x0a48	 900 (38 39) */		sllx	%o3,19,%o3
-/* 0x0a4c	 901 (38 39) */		srlx	%g3,32,%o5
-/* 0x0a50	 902 (38 43) */		fdtox	%f16,%f14
-/* 0x0a54	 903 (39 40) */		std	%f6,[%sp+160]
-/* 0x0a58	 904 (39 44) */		fmuld	%f18,%f12,%f12
-/* 0x0a5c	 905 (40 42) */		ldx	[%sp+176],%o7
-/* 0x0a60	 906 (40 41) */		add	%o4,%o3,%o3
-/* 0x0a64	 907 (40 45) */		fdtox	%f4,%f16
-/* 0x0a68	 908 (40 45) */		fmuld	%f18,%f8,%f18
-/* 0x0a6c	 909 (41 42) */		std	%f14,[%sp+168]
-/* 0x0a70	 910 (41 42) */		add	%o3,%g4,%g4
-/* 0x0a74	 911 (41 46) */		fdtox	%f10,%f4
-/* 0x0a78	 912 (42 44) */		ldx	[%sp+184],%o3
-/* 0x0a7c	 913 (42 43) */		sllx	%o7,19,%o4
-/* 0x0a80	 914 (42 43) */		add	%g4,%o5,%g4
-/* 0x0a84	 915 (42 47) */		fdtox	%f22,%f14
-/* 0x0a88	 916 (43 44) */		std	%f16,[%sp+144]
-/* 0x0a8c	 917 (43 44) */		srlx	%g4,32,%o5
-/* 0x0a90	 918 (43 48) */		fdtox	%f20,%f6
-/* 0x0a94	 919 (44 46) */		ldx	[%sp+160],%o7
-/* 0x0a98	 920 (44 45) */		add	%o3,%o4,%o3
-/* 0x0a9c	 921 (44 49) */		fdtox	%f12,%f16
-/* 0x0aa0	 922 (45 46) */		std	%f4,[%sp+152]
-/* 0x0aa4	 923 (45 46) */		add	%o3,%g5,%g5
-/* 0x0aa8	 924 (45 50) */		fdtox	%f18,%f8
-/* 0x0aac	 925 (46 48) */		ldx	[%sp+168],%o3
-/* 0x0ab0	 926 (46 47) */		sllx	%o7,19,%o4
-/* 0x0ab4	 927 (46 47) */		add	%g5,%o5,%g5
-/* 0x0ab8	 928 (47 48) */		std	%f14,[%sp+128]
-/* 0x0abc	 929 (47 48) */		srlx	%g5,32,%o5
-/* 0x0ac0	 930 (48 49) */		std	%f6,[%sp+136]
-/* 0x0ac4	 931 (48 49) */		add	%o3,%o4,%o3
-/* 0x0ac8	 932 (49 50) */		std	%f16,[%sp+112]
-/* 0x0acc	 933 (49 50) */		add	%o3,%o0,%o0
-/* 0x0ad0	 934 (50 52) */		ldx	[%sp+144],%o7
-/* 0x0ad4	 935 (50 51) */		add	%o0,%o5,%o0
-/* 0x0ad8	 936 (51 53) */		ldx	[%sp+152],%o3
-/* 0x0adc	 937 (52 53) */		std	%f8,[%sp+120]
-/* 0x0ae0	 938 (52 53) */		sllx	%o7,19,%o4
-/* 0x0ae4	 939 (52 53) */		srlx	%o0,32,%o7
-/* 0x0ae8	 940 (53 54) */		stx	%o0,[%sp+104]
-/* 0x0aec	 941 (53 54) */		add	%o3,%o4,%o3
-/* 0x0af0	 942 (54 56) */		ldx	[%sp+128],%o5
-/* 0x0af4	 943 (54 55) */		add	%o3,%o1,%o1
-/* 0x0af8	 944 (55 57) */		ldx	[%sp+136],%o0
-/* 0x0afc	 945 (55 56) */		add	%o1,%o7,%o1
-/* 0x0b00	 946 (56 57) */		st	%g3,[%i0+4]
-/* 0x0b04	 947 (56 57) */		sllx	%o5,19,%o3
-/* 0x0b08	 948 (57 59) */		ldx	[%sp+112],%o4
-/* 0x0b0c	 949 (57 58) */		add	%o0,%o3,%o3
-/* 0x0b10	 950 (58 60) */		ldx	[%sp+120],%o0
-/* 0x0b14	 951 (58 59) */		add	%o3,%o2,%o2
-/* 0x0b18	 952 (58 59) */		srlx	%o1,32,%o3
-/* 0x0b1c	 953 (59 60) */		st	%o1,[%i0+20]
-/* 0x0b20	 954 (59 60) */		sllx	%o4,19,%g2
-/* 0x0b24	 955 (59 60) */		add	%o2,%o3,%o2
-/* 0x0b28	 956 (60 62) */		ldx	[%sp+96],%o4
-/* 0x0b2c	 957 (60 61) */		srlx	%o2,32,%g3
-/* 0x0b30	 958 (60 61) */		add	%o0,%g2,%g2
-/* 0x0b34	 959 (61 63) */		ldx	[%sp+104],%o0
-/* 0x0b38	 960 (62 63) */		st	%o2,[%i0+24]
-/* 0x0b3c	 961 (62 63) */		add	%g2,%o4,%g2
-/* 0x0b40	 962 (63 64) */		st	%o0,[%i0+16]
-/* 0x0b44	 963 (63 64) */		add	%g2,%g3,%g2
-/* 0x0b48	 964 (64 65) */		st	%g4,[%i0+8]
-/* 0x0b4c	 968 (64 65) */		srlx	%g2,32,%o7
-/* 0x0b50	 969 (65 66) */		st	%g5,[%i0+12]
-/* 0x0b54	 970 (66 67) */		st	%g2,[%i0+28]
-/* 0x0b58	 971 (66 67) */		or	%g0,%o7,%i0
-/* 0x0b5c	     (67 74) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x0b60	     (69 71) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000050
-!
-
-                                   .L77000050:		/* frequency 1.0 confidence 0.0 */
-/* 0x0b64	 978 ( 0  1) */		subcc	%o2,16,%g0
-/* 0x0b68	 979 ( 0  1) */		bne,pn	%icc,.L77000073	! tprob=0.50
-/* 0x0b6c	     ( 0  1) */		sethi	%hi(0xfff80000),%g2
-/* 0x0b70	 981 ( 1  5) */		ldd	[%g5],%f4
-/* 0x0b74	 982 ( 2  6) */		ldd	[%g5+8],%f6
-/* 0x0b78	 989 ( 2  3) */		andn	%o1,%g2,%g2
-/* 0x0b7c	 993 ( 2  3) */		srl	%o1,19,%g3
-/* 0x0b80	 994 ( 3  7) */		ldd	[%g5+16],%f8
-/* 0x0b84	 995 ( 4  8) */		fxnor	%f0,%f4,%f4
-/* 0x0b88	 996 ( 4  5) */		st	%g2,[%sp+356]
-/* 0x0b8c	 997 ( 5  9) */		ldd	[%o0],%f20
-/* 0x0b90	 998 ( 5  9) */		fxnor	%f0,%f6,%f6
-/* 0x0b94	 999 ( 6  7) */		st	%g3,[%sp+352]
-/* 0x0b98	1000 ( 6 10) */		fxnor	%f0,%f8,%f8
-/* 0x0b9c	1005 ( 7 11) */		ldd	[%o0+8],%f30
-/* 0x0ba0	1006 ( 8 13) */		fitod	%f4,%f22
-/* 0x0ba4	1007 ( 8 12) */		ldd	[%g5+24],%f10
-/* 0x0ba8	1008 ( 9 12) */		fmovs	%f20,%f24
-/* 0x0bac	1009 ( 9 13) */		ldd	[%g5+32],%f12
-/* 0x0bb0	1010 (10 15) */		fitod	%f5,%f4
-/* 0x0bb4	1011 (10 14) */		ldd	[%g5+40],%f14
-/* 0x0bb8	1012 (11 14) */		fmovs	%f20,%f26
-/* 0x0bbc	1013 (11 15) */		ldd	[%g5+48],%f16
-/* 0x0bc0	1014 (12 14) */		ld	[%sp+356],%f25
-/* 0x0bc4	1015 (12 17) */		fitod	%f6,%f28
-/* 0x0bc8	1016 (13 15) */		ld	[%sp+352],%f27
-/* 0x0bcc	1017 (13 18) */		fitod	%f8,%f32
-/* 0x0bd0	1018 (14 19) */		fsubd	%f30,%f22,%f22
-/* 0x0bd4	1019 (14 18) */		ldd	[%g5+56],%f18
-/* 0x0bd8	1020 (15 20) */		fsubd	%f24,%f20,%f24
-/* 0x0bdc	1021 (16 21) */		fsubd	%f26,%f20,%f20
-/* 0x0be0	1022 (17 22) */		fsubd	%f30,%f4,%f4
-/* 0x0be4	1023 (18 23) */		fsubd	%f30,%f28,%f26
-/* 0x0be8	1024 (19 24) */		fitod	%f7,%f6
-/* 0x0bec	1025 (20 25) */		fsubd	%f30,%f32,%f28
-/* 0x0bf0	1026 (20 25) */		fmuld	%f22,%f24,%f32
-/* 0x0bf4	1027 (21 26) */		fmuld	%f22,%f20,%f22
-/* 0x0bf8	1028 (21 25) */		fxnor	%f0,%f10,%f10
-/* 0x0bfc	1029 (22 27) */		fmuld	%f4,%f24,%f44
-/* 0x0c00	1030 (22 27) */		fitod	%f9,%f8
-/* 0x0c04	1031 (23 28) */		fmuld	%f4,%f20,%f4
-/* 0x0c08	1032 (23 27) */		fxnor	%f0,%f12,%f12
-/* 0x0c0c	1033 (24 29) */		fsubd	%f30,%f6,%f6
-/* 0x0c10	1034 (24 29) */		fmuld	%f26,%f24,%f46
-/* 0x0c14	1035 (25 30) */		fitod	%f10,%f34
-/* 0x0c18	1036 (26 31) */		fdtox	%f22,%f22
-/* 0x0c1c	1037 (26 27) */		std	%f22,[%sp+336]
-/* 0x0c20	1038 (27 32) */		fmuld	%f26,%f20,%f22
-/* 0x0c24	1039 (27 32) */		fdtox	%f44,%f26
-/* 0x0c28	1040 (27 28) */		std	%f26,[%sp+328]
-/* 0x0c2c	1041 (28 33) */		fdtox	%f4,%f4
-/* 0x0c30	1042 (28 29) */		std	%f4,[%sp+320]
-/* 0x0c34	1043 (29 34) */		fmuld	%f6,%f24,%f26
-/* 0x0c38	1044 (29 34) */		fsubd	%f30,%f8,%f8
-/* 0x0c3c	1045 (30 35) */		fdtox	%f46,%f4
-/* 0x0c40	1046 (30 31) */		std	%f4,[%sp+312]
-/* 0x0c44	1047 (31 36) */		fmuld	%f28,%f24,%f4
-/* 0x0c48	1048 (31 36) */		fdtox	%f32,%f32
-/* 0x0c4c	1049 (31 32) */		std	%f32,[%sp+344]
-/* 0x0c50	1050 (32 37) */		fitod	%f11,%f10
-/* 0x0c54	1051 (32 37) */		fmuld	%f6,%f20,%f32
-/* 0x0c58	1052 (33 38) */		fsubd	%f30,%f34,%f34
-/* 0x0c5c	1053 (34 39) */		fdtox	%f22,%f6
-/* 0x0c60	1054 (34 35) */		std	%f6,[%sp+304]
-/* 0x0c64	1058 (35 40) */		fitod	%f12,%f36
-/* 0x0c68	1059 (35 40) */		fmuld	%f28,%f20,%f6
-/* 0x0c6c	1060 (36 41) */		fdtox	%f26,%f22
-/* 0x0c70	1061 (36 37) */		std	%f22,[%sp+296]
-/* 0x0c74	1062 (37 42) */		fmuld	%f8,%f24,%f22
-/* 0x0c78	1063 (37 42) */		fdtox	%f4,%f4
-/* 0x0c7c	1064 (37 38) */		std	%f4,[%sp+280]
-/* 0x0c80	1065 (38 43) */		fmuld	%f8,%f20,%f8
-/* 0x0c84	1066 (38 43) */		fsubd	%f30,%f10,%f10
-/* 0x0c88	1067 (39 44) */		fmuld	%f34,%f24,%f4
-/* 0x0c8c	1068 (39 44) */		fitod	%f13,%f12
-/* 0x0c90	1069 (40 45) */		fsubd	%f30,%f36,%f36
-/* 0x0c94	1070 (41 46) */		fdtox	%f6,%f6
-/* 0x0c98	1071 (41 42) */		std	%f6,[%sp+272]
-/* 0x0c9c	1072 (42 46) */		fxnor	%f0,%f14,%f14
-/* 0x0ca0	1073 (42 47) */		fmuld	%f34,%f20,%f6
-/* 0x0ca4	1074 (43 48) */		fdtox	%f22,%f22
-/* 0x0ca8	1075 (43 44) */		std	%f22,[%sp+264]
-/* 0x0cac	1076 (44 49) */		fdtox	%f8,%f8
-/* 0x0cb0	1077 (44 45) */		std	%f8,[%sp+256]
-/* 0x0cb4	1078 (44 49) */		fmuld	%f10,%f24,%f22
-/* 0x0cb8	1079 (45 50) */		fdtox	%f4,%f4
-/* 0x0cbc	1080 (45 46) */		std	%f4,[%sp+248]
-/* 0x0cc0	1081 (45 50) */		fmuld	%f10,%f20,%f8
-/* 0x0cc4	1082 (46 51) */		fsubd	%f30,%f12,%f4
-/* 0x0cc8	1083 (46 51) */		fmuld	%f36,%f24,%f10
-/* 0x0ccc	1084 (47 52) */		fitod	%f14,%f38
-/* 0x0cd0	1085 (48 53) */		fdtox	%f6,%f6
-/* 0x0cd4	1086 (48 49) */		std	%f6,[%sp+240]
-/* 0x0cd8	1087 (49 54) */		fdtox	%f22,%f12
-/* 0x0cdc	1088 (49 50) */		std	%f12,[%sp+232]
-/* 0x0ce0	1089 (49 54) */		fmuld	%f36,%f20,%f6
-/* 0x0ce4	1090 (50 55) */		fdtox	%f8,%f8
-/* 0x0ce8	1091 (50 51) */		std	%f8,[%sp+224]
-/* 0x0cec	1092 (51 56) */		fdtox	%f10,%f22
-/* 0x0cf0	1093 (51 52) */		std	%f22,[%sp+216]
-/* 0x0cf4	1094 (51 56) */		fmuld	%f4,%f24,%f8
-/* 0x0cf8	1095 (52 57) */		fitod	%f15,%f14
-/* 0x0cfc	1096 (52 57) */		fmuld	%f4,%f20,%f4
-/* 0x0d00	1097 (53 58) */		fsubd	%f30,%f38,%f22
-/* 0x0d04	1098 (54 58) */		fxnor	%f0,%f16,%f16
-/* 0x0d08	1099 (55 60) */		fdtox	%f6,%f6
-/* 0x0d0c	1100 (55 56) */		std	%f6,[%sp+208]
-/* 0x0d10	1101 (56 61) */		fdtox	%f8,%f6
-/* 0x0d14	1102 (56 57) */		std	%f6,[%sp+200]
-/* 0x0d18	1103 (57 62) */		fsubd	%f30,%f14,%f10
-/* 0x0d1c	1104 (58 63) */		fitod	%f16,%f40
-/* 0x0d20	1105 (58 63) */		fmuld	%f22,%f24,%f6
-/* 0x0d24	1106 (59 64) */		fdtox	%f4,%f4
-/* 0x0d28	1107 (59 60) */		std	%f4,[%sp+192]
-/* 0x0d2c	1108 (60 65) */		fitod	%f17,%f16
-/* 0x0d30	1109 (60 65) */		fmuld	%f22,%f20,%f4
-/* 0x0d34	1110 (61 65) */		fxnor	%f0,%f18,%f18
-/* 0x0d38	1111 (62 67) */		fdtox	%f32,%f32
-/* 0x0d3c	1112 (62 63) */		std	%f32,[%sp+288]
-/* 0x0d40	1113 (62 67) */		fmuld	%f10,%f24,%f8
-/* 0x0d44	1114 (63 68) */		fdtox	%f6,%f6
-/* 0x0d48	1115 (63 64) */		std	%f6,[%sp+184]
-/* 0x0d4c	1116 (63 68) */		fmuld	%f10,%f20,%f22
-/* 0x0d50	1117 (64 69) */		fsubd	%f30,%f40,%f6
-/* 0x0d54	1118 (65 70) */		fdtox	%f4,%f4
-/* 0x0d58	1119 (65 66) */		std	%f4,[%sp+176]
-/* 0x0d5c	1120 (66 71) */		fsubd	%f30,%f16,%f10
-/* 0x0d60	1121 (67 72) */		fdtox	%f8,%f4
-/* 0x0d64	1122 (67 68) */		std	%f4,[%sp+168]
-/* 0x0d68	1123 (68 73) */		fdtox	%f22,%f4
-/* 0x0d6c	1124 (68 69) */		std	%f4,[%sp+160]
-/* 0x0d70	1125 (69 74) */		fitod	%f18,%f42
-/* 0x0d74	1126 (69 74) */		fmuld	%f6,%f24,%f4
-/* 0x0d78	1127 (70 75) */		fmuld	%f6,%f20,%f22
-/* 0x0d7c	1128 (71 76) */		fmuld	%f10,%f24,%f6
-/* 0x0d80	1129 (72 77) */		fmuld	%f10,%f20,%f8
-/* 0x0d84	1130 (74 79) */		fdtox	%f4,%f4
-/* 0x0d88	1131 (74 75) */		std	%f4,[%sp+152]
-/* 0x0d8c	1132 (75 80) */		fsubd	%f30,%f42,%f4
-/* 0x0d90	1133 (76 81) */		fdtox	%f6,%f6
-/* 0x0d94	1134 (76 77) */		std	%f6,[%sp+136]
-/* 0x0d98	1135 (77 82) */		fdtox	%f22,%f22
-/* 0x0d9c	1136 (77 78) */		std	%f22,[%sp+144]
-/* 0x0da0	1137 (78 83) */		fdtox	%f8,%f22
-/* 0x0da4	1138 (78 79) */		std	%f22,[%sp+128]
-/* 0x0da8	1139 (79 84) */		fitod	%f19,%f22
-/* 0x0dac	1140 (80 85) */		fmuld	%f4,%f24,%f6
-/* 0x0db0	1141 (81 86) */		fmuld	%f4,%f20,%f4
-/* 0x0db4	1142 (84 89) */		fsubd	%f30,%f22,%f22
-/* 0x0db8	1143 (85 90) */		fdtox	%f6,%f6
-/* 0x0dbc	1144 (85 86) */		std	%f6,[%sp+120]
-/* 0x0dc0	1145 (86 91) */		fdtox	%f4,%f4
-/* 0x0dc4	1146 (86 87) */		std	%f4,[%sp+112]
-/* 0x0dc8	1150 (87 89) */		ldx	[%sp+336],%g2
-/* 0x0dcc	1151 (88 90) */		ldx	[%sp+344],%g3
-/* 0x0dd0	1152 (89 91) */		ld	[%i1],%g4
-/* 0x0dd4	1153 (89 90) */		sllx	%g2,19,%g2
-/* 0x0dd8	1154 (89 94) */		fmuld	%f22,%f20,%f4
-/* 0x0ddc	1155 (90 92) */		ldx	[%sp+328],%g5
-/* 0x0de0	1156 (90 91) */		add	%g3,%g2,%g2
-/* 0x0de4	1157 (90 95) */		fmuld	%f22,%f24,%f6
-/* 0x0de8	1158 (91 93) */		ldx	[%sp+320],%g3
-/* 0x0dec	1159 (91 92) */		add	%g2,%g4,%g4
-/* 0x0df0	1160 (92 94) */		ldx	[%sp+304],%o0
-/* 0x0df4	1161 (93 94) */		st	%g4,[%i0]
-/* 0x0df8	1162 (93 94) */		sllx	%g3,19,%g2
-/* 0x0dfc	1163 (93 94) */		srlx	%g4,32,%g4
-/* 0x0e00	1164 (94 96) */		ld	[%i1+4],%g3
-/* 0x0e04	1165 (94 95) */		add	%g5,%g2,%g2
-/* 0x0e08	1166 (94 99) */		fdtox	%f4,%f4
-/* 0x0e0c	1167 (95 97) */		ldx	[%sp+312],%g5
-/* 0x0e10	1168 (95 100) */		fdtox	%f6,%f6
-/* 0x0e14	1169 (96 98) */		ldx	[%sp+288],%o1
-/* 0x0e18	1170 (96 97) */		add	%g2,%g3,%g2
-/* 0x0e1c	1171 (96 97) */		sllx	%o0,19,%g3
-/* 0x0e20	1172 (97 99) */		ldx	[%sp+272],%o2
-/* 0x0e24	1173 (97 98) */		add	%g2,%g4,%g2
-/* 0x0e28	1174 (97 98) */		add	%g5,%g3,%g3
-/* 0x0e2c	1175 (98 100) */		ld	[%i1+8],%g4
-/* 0x0e30	1176 (98 99) */		srlx	%g2,32,%o0
-/* 0x0e34	1177 (99 101) */		ldx	[%sp+296],%g5
-/* 0x0e38	1178 (100 101) */		st	%g2,[%i0+4]
-/* 0x0e3c	1179 (100 101) */		sllx	%o2,19,%g2
-/* 0x0e40	1180 (100 101) */		add	%g3,%g4,%g3
-/* 0x0e44	1181 (101 103) */		ldx	[%sp+256],%o2
-/* 0x0e48	1182 (101 102) */		sllx	%o1,19,%g4
-/* 0x0e4c	1183 (101 102) */		add	%g3,%o0,%g3
-/* 0x0e50	1184 (102 104) */		ld	[%i1+12],%o0
-/* 0x0e54	1185 (102 103) */		srlx	%g3,32,%o1
-/* 0x0e58	1186 (102 103) */		add	%g5,%g4,%g4
-/* 0x0e5c	1187 (103 105) */		ldx	[%sp+280],%g5
-/* 0x0e60	1188 (104 105) */		st	%g3,[%i0+8]
-/* 0x0e64	1189 (104 105) */		sllx	%o2,19,%g3
-/* 0x0e68	1190 (104 105) */		add	%g4,%o0,%g4
-/* 0x0e6c	1191 (105 107) */		ld	[%i1+16],%o0
-/* 0x0e70	1192 (105 106) */		add	%g5,%g2,%g2
-/* 0x0e74	1193 (105 106) */		add	%g4,%o1,%g4
-/* 0x0e78	1194 (106 108) */		ldx	[%sp+264],%g5
-/* 0x0e7c	1195 (106 107) */		srlx	%g4,32,%o1
-/* 0x0e80	1196 (107 109) */		ldx	[%sp+240],%o2
-/* 0x0e84	1197 (107 108) */		add	%g2,%o0,%g2
-/* 0x0e88	1198 (108 110) */		ld	[%i1+20],%o0
-/* 0x0e8c	1199 (108 109) */		add	%g5,%g3,%g3
-/* 0x0e90	1200 (108 109) */		add	%g2,%o1,%g2
-/* 0x0e94	1201 (109 111) */		ldx	[%sp+248],%g5
-/* 0x0e98	1202 (109 110) */		srlx	%g2,32,%o1
-/* 0x0e9c	1203 (110 111) */		st	%g4,[%i0+12]
-/* 0x0ea0	1204 (110 111) */		sllx	%o2,19,%g4
-/* 0x0ea4	1205 (110 111) */		add	%g3,%o0,%g3
-/* 0x0ea8	1206 (111 113) */		ld	[%i1+24],%o0
-/* 0x0eac	1207 (111 112) */		add	%g5,%g4,%g4
-/* 0x0eb0	1208 (111 112) */		add	%g3,%o1,%g3
-/* 0x0eb4	1209 (112 114) */		ldx	[%sp+224],%o2
-/* 0x0eb8	1210 (112 113) */		srlx	%g3,32,%o1
-/* 0x0ebc	1211 (113 115) */		ldx	[%sp+232],%g5
-/* 0x0ec0	1212 (113 114) */		add	%g4,%o0,%g4
-/* 0x0ec4	1213 (114 115) */		st	%g2,[%i0+16]
-/* 0x0ec8	1214 (114 115) */		sllx	%o2,19,%g2
-/* 0x0ecc	1215 (114 115) */		add	%g4,%o1,%g4
-/* 0x0ed0	1216 (115 117) */		ld	[%i1+28],%o0
-/* 0x0ed4	1217 (115 116) */		srlx	%g4,32,%o1
-/* 0x0ed8	1218 (115 116) */		add	%g5,%g2,%g2
-/* 0x0edc	1222 (116 118) */		ldx	[%sp+208],%o2
-/* 0x0ee0	1223 (117 119) */		ldx	[%sp+216],%g5
-/* 0x0ee4	1224 (117 118) */		add	%g2,%o0,%g2
-/* 0x0ee8	1225 (118 119) */		st	%g3,[%i0+20]
-/* 0x0eec	1226 (118 119) */		sllx	%o2,19,%g3
-/* 0x0ef0	1227 (118 119) */		add	%g2,%o1,%g2
-/* 0x0ef4	1228 (119 121) */		ld	[%i1+32],%o0
-/* 0x0ef8	1229 (119 120) */		srlx	%g2,32,%o1
-/* 0x0efc	1230 (119 120) */		add	%g5,%g3,%g3
-/* 0x0f00	1231 (120 122) */		ldx	[%sp+192],%o2
-/* 0x0f04	1232 (121 123) */		ldx	[%sp+200],%g5
-/* 0x0f08	1233 (121 122) */		add	%g3,%o0,%g3
-/* 0x0f0c	1234 (122 123) */		st	%g4,[%i0+24]
-/* 0x0f10	1235 (122 123) */		sllx	%o2,19,%g4
-/* 0x0f14	1236 (122 123) */		add	%g3,%o1,%g3
-/* 0x0f18	1237 (123 125) */		ld	[%i1+36],%o0
-/* 0x0f1c	1238 (123 124) */		srlx	%g3,32,%o1
-/* 0x0f20	1239 (123 124) */		add	%g5,%g4,%g4
-/* 0x0f24	1240 (124 126) */		ldx	[%sp+176],%o2
-/* 0x0f28	1241 (125 127) */		ldx	[%sp+184],%g5
-/* 0x0f2c	1242 (125 126) */		add	%g4,%o0,%g4
-/* 0x0f30	1243 (126 127) */		st	%g2,[%i0+28]
-/* 0x0f34	1244 (126 127) */		sllx	%o2,19,%g2
-/* 0x0f38	1245 (126 127) */		add	%g4,%o1,%g4
-/* 0x0f3c	1246 (127 129) */		ld	[%i1+40],%o0
-/* 0x0f40	1247 (127 128) */		srlx	%g4,32,%o1
-/* 0x0f44	1248 (127 128) */		add	%g5,%g2,%g2
-/* 0x0f48	1249 (128 130) */		ldx	[%sp+160],%o2
-/* 0x0f4c	1250 (129 131) */		ldx	[%sp+168],%g5
-/* 0x0f50	1251 (129 130) */		add	%g2,%o0,%g2
-/* 0x0f54	1252 (130 131) */		st	%g3,[%i0+32]
-/* 0x0f58	1253 (130 131) */		sllx	%o2,19,%g3
-/* 0x0f5c	1254 (130 131) */		add	%g2,%o1,%g2
-/* 0x0f60	1255 (131 133) */		ld	[%i1+44],%o0
-/* 0x0f64	1256 (131 132) */		srlx	%g2,32,%o1
-/* 0x0f68	1257 (131 132) */		add	%g5,%g3,%g3
-/* 0x0f6c	1258 (132 134) */		ldx	[%sp+144],%o2
-/* 0x0f70	1259 (133 135) */		ldx	[%sp+152],%g5
-/* 0x0f74	1260 (133 134) */		add	%g3,%o0,%g3
-/* 0x0f78	1261 (134 135) */		st	%g4,[%i0+36]
-/* 0x0f7c	1262 (134 135) */		sllx	%o2,19,%g4
-/* 0x0f80	1263 (134 135) */		add	%g3,%o1,%g3
-/* 0x0f84	1264 (135 137) */		ld	[%i1+48],%o0
-/* 0x0f88	1265 (135 136) */		srlx	%g3,32,%o1
-/* 0x0f8c	1266 (135 136) */		add	%g5,%g4,%g4
-/* 0x0f90	1267 (136 138) */		ldx	[%sp+128],%o2
-/* 0x0f94	1268 (137 139) */		ldx	[%sp+136],%g5
-/* 0x0f98	1269 (137 138) */		add	%g4,%o0,%g4
-/* 0x0f9c	1270 (138 139) */		std	%f4,[%sp+96]
-/* 0x0fa0	1271 (138 139) */		add	%g4,%o1,%g4
-/* 0x0fa4	1272 (139 140) */		st	%g2,[%i0+40]
-/* 0x0fa8	1273 (139 140) */		sllx	%o2,19,%g2
-/* 0x0fac	1274 (139 140) */		srlx	%g4,32,%o1
-/* 0x0fb0	1275 (140 142) */		ld	[%i1+52],%o0
-/* 0x0fb4	1276 (140 141) */		add	%g5,%g2,%g2
-/* 0x0fb8	1277 (141 142) */		std	%f6,[%sp+104]
-/* 0x0fbc	1278 (142 144) */		ldx	[%sp+120],%g5
-/* 0x0fc0	1279 (142 143) */		add	%g2,%o0,%g2
-/* 0x0fc4	1280 (143 144) */		st	%g3,[%i0+44]
-/* 0x0fc8	1281 (143 144) */		add	%g2,%o1,%g2
-/* 0x0fcc	1282 (144 146) */		ldx	[%sp+112],%o2
-/* 0x0fd0	1283 (144 145) */		srlx	%g2,32,%o1
-/* 0x0fd4	1284 (145 147) */		ld	[%i1+56],%o0
-/* 0x0fd8	1285 (146 147) */		st	%g4,[%i0+48]
-/* 0x0fdc	1286 (146 147) */		sllx	%o2,19,%g3
-/* 0x0fe0	1287 (147 149) */		ldx	[%sp+96],%o2
-/* 0x0fe4	1288 (147 148) */		add	%g5,%g3,%g3
-/* 0x0fe8	1289 (148 150) */		ldx	[%sp+104],%g5
-/* 0x0fec	1290 (148 149) */		add	%g3,%o0,%g3
-/* 0x0ff0	1291 (149 151) */		ld	[%i1+60],%o0
-/* 0x0ff4	1292 (149 150) */		sllx	%o2,19,%g4
-/* 0x0ff8	1293 (149 150) */		add	%g3,%o1,%g3
-/* 0x0ffc	1294 (150 151) */		st	%g2,[%i0+52]
-/* 0x1000	1295 (150 151) */		srlx	%g3,32,%o1
-/* 0x1004	1296 (150 151) */		add	%g5,%g4,%g4
-/* 0x1008	1297 (151 152) */		st	%g3,[%i0+56]
-/* 0x100c	1298 (151 152) */		add	%g4,%o0,%g2
-/* 0x1010	1299 (152 153) */		add	%g2,%o1,%g2
-/* 0x1014	1300 (152 153) */		st	%g2,[%i0+60]
-/* 0x1018	1304 (153 154) */		srlx	%g2,32,%o7
-
-!
-! ENTRY .L77000061
-!
-
-                                   .L77000061:		/* frequency 1.0 confidence 0.0 */
-/* 0x119c	1437 ( 0  1) */		or	%g0,%o7,%i0
-
-!
-! ENTRY .L900000159
-!
-
-                                   .L900000159:		/* frequency 1.0 confidence 0.0 */
-/* 0x11a0	     ( 0  7) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x11a4	     ( 2  4) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000073
-!
-
-                                   .L77000073:		/* frequency 1.0 confidence 0.0 */
-
-
-	or	%g0, %i4, %o2
-	or	%g0, %o0, %o1
-	or	%g0, %i3, %o0
-
-!
-! ENTRY .L77000052
-!
-
-                                   .L77000052:		/* frequency 1.0 confidence 0.0 */
-/* 0x1028	1318 ( 0  1) */		andn	%o2,%g2,%g2
-/* 0x102c	1319 ( 0  1) */		st	%g2,[%sp+96]
-/* 0x1030	1325 ( 0  1) */		add	%o0,1,%g3
-/* 0x1034	1326 ( 0  1) */		fmovd	%f0,%f14
-/* 0x1038	1327 ( 1  2) */		srl	%o2,19,%g2
-/* 0x103c	1328 ( 1  2) */		st	%g2,[%sp+92]
-/* 0x1040	1329 ( 1  2) */		or	%g0,0,%o5
-/* 0x1044	1330 ( 2  3) */		srl	%g3,31,%g2
-/* 0x1048	1331 ( 2  5) */		ldd	[%o1],%f6
-/* 0x104c	1335 ( 2  3) */		sethi	%hi(0x1800),%g1
-/* 0x1050	1336 ( 3  4) */		add	%g3,%g2,%g2
-/* 0x1054	1337 ( 3  4) */		xor	%g1,-304,%g1
-/* 0x1058	1338 ( 3  6) */		ldd	[%o1+8],%f20
-/* 0x105c	1339 ( 4  5) */		sra	%g2,1,%o3
-/* 0x1060	1340 ( 4  5) */		fmovs	%f6,%f8
-/* 0x1064	1341 ( 4  5) */		add	%g1,%fp,%g3
-/* 0x1068	1342 ( 5  6) */		fmovs	%f6,%f10
-/* 0x106c	1343 ( 5  7) */		ld	[%sp+96],%f9
-/* 0x1070	1344 ( 5  6) */		subcc	%o3,0,%g0
-/* 0x1074	1345 ( 6  8) */		ld	[%sp+92],%f11
-/* 0x1078	1346 ( 6  7) */		sethi	%hi(0x1800),%g1
-/* 0x107c	1347 ( 6  7) */		or	%g0,%i2,%o1
-/* 0x1080	1348 ( 7 10) */		fsubd	%f8,%f6,%f18
-/* 0x1084	1349 ( 7  8) */		xor	%g1,-296,%g1
-/* 0x1088	1350 ( 7  8) */		or	%g0,0,%g4
-/* 0x108c	1351 ( 8 11) */		fsubd	%f10,%f6,%f16
-/* 0x1090	1352 ( 8  9) */		bleu,pt	%icc,.L990000162	! tprob=0.50
-/* 0x1094	     ( 8  9) */		subcc	%o0,0,%g0
-/* 0x1098	1354 ( 9 10) */		add	%g1,%fp,%g2
-/* 0x109c	1355 ( 9 10) */		sethi	%hi(0x1800),%g1
-/* 0x10a0	1356 (10 11) */		xor	%g1,-288,%g1
-/* 0x10a4	1357 (10 11) */		subcc	%o3,7,%g0
-/* 0x10a8	1358 (11 12) */		add	%g1,%fp,%o7
-/* 0x10ac	1359 (11 12) */		sethi	%hi(0x1800),%g1
-/* 0x10b0	1360 (12 13) */		xor	%g1,-280,%g1
-/* 0x10b4	1361 (13 14) */		add	%g1,%fp,%o4
-/* 0x10b8	1362 (13 14) */		bl,pn	%icc,.L77000054	! tprob=0.50
-/* 0x10bc	     (13 14) */		sub	%o3,2,%o2
-/* 0x10c0	1364 (14 17) */		ldd	[%o1],%f2
-/* 0x10c4	1365 (14 15) */		add	%o1,16,%g5
-/* 0x10c8	1366 (14 15) */		or	%g0,4,%g4
-/* 0x10cc	1367 (15 18) */		ldd	[%o1+8],%f0
-/* 0x10d0	1368 (15 16) */		add	%o1,8,%o1
-/* 0x10d4	1369 (16 18) */		fxnor	%f14,%f2,%f6
-/* 0x10d8	1370 (16 19) */		ldd	[%g5],%f4
-/* 0x10dc	1371 (16 17) */		add	%o1,16,%o1
-/* 0x10e0	1372 (17 19) */		fxnor	%f14,%f0,%f12
-/* 0x10e4	1373 (17 20) */		ldd	[%o1],%f0
-/* 0x10e8	1374 (17 18) */		add	%o1,8,%o1
-/* 0x10ec	1375 (18 21) */		fitod	%f7,%f2
-/* 0x10f0	1376 (19 22) */		fitod	%f6,%f6
-/* 0x10f4	1377 (20 22) */		fxnor	%f14,%f4,%f10
-/* 0x10f8	1378 (21 24) */		fsubd	%f20,%f2,%f2
-/* 0x10fc	1379 (22 24) */		fxnor	%f14,%f0,%f8
-/* 0x1100	1380 (23 26) */		fitod	%f13,%f4
-/* 0x1104	1381 (24 27) */		fsubd	%f20,%f6,%f6
-/* 0x1108	1382 (24 27) */		fmuld	%f2,%f16,%f0
-
-!
-! ENTRY .L990000154
-!
-
-                                   .L990000154:		/* frequency 1.0 confidence 0.0 */
-/* 0x110c	1384 ( 0  3) */		ldd	[%o1],%f24
-/* 0x1110	1385 ( 0  1) */		add	%g4,3,%g4
-/* 0x1114	1386 ( 0  1) */		add	%o4,96,%o4
-/* 0x1118	1387 ( 1  4) */		fitod	%f11,%f22
-/* 0x111c	1388 ( 2  5) */		fsubd	%f20,%f4,%f26
-/* 0x1120	1389 ( 2  3) */		subcc	%g4,%o2,%g0
-/* 0x1124	1390 ( 2  3) */		add	%o7,96,%o7
-/* 0x1128	1391 ( 2  5) */		fmuld	%f6,%f18,%f28
-/* 0x112c	1392 ( 3  6) */		fmuld	%f6,%f16,%f6
-/* 0x1130	1393 ( 3  4) */		add	%g2,96,%g2
-/* 0x1134	1394 ( 3  4) */		add	%g3,96,%g3
-/* 0x1138	1395 ( 4  7) */		fdtox	%f0,%f0
-/* 0x113c	1396 ( 5  8) */		fitod	%f12,%f4
-/* 0x1140	1397 ( 5  8) */		fmuld	%f2,%f18,%f2
-/* 0x1144	1398 ( 6  9) */		fdtox	%f28,%f12
-/* 0x1148	1399 ( 7 10) */		fdtox	%f6,%f6
-/* 0x114c	1400 ( 7  8) */		std	%f12,[%g3-96]
-/* 0x1150	1401 ( 8  9) */		std	%f6,[%g2-96]
-/* 0x1154	1402 ( 8 11) */		fdtox	%f2,%f2
-/* 0x1158	1403 ( 9 12) */		fsubd	%f20,%f4,%f6
-/* 0x115c	1404 ( 9 10) */		std	%f2,[%o7-96]
-/* 0x1160	1405 ( 9 10) */		add	%o1,8,%o1
-/* 0x1164	1406 (10 12) */		fxnor	%f14,%f24,%f12
-/* 0x1168	1407 (10 13) */		fmuld	%f26,%f16,%f4
-/* 0x116c	1408 (10 11) */		std	%f0,[%o4-96]
-/* 0x1170	1409 (11 14) */		ldd	[%o1],%f0
-/* 0x1174	1410 (11 14) */		fitod	%f9,%f2
-/* 0x1178	1411 (12 15) */		fsubd	%f20,%f22,%f28
-/* 0x117c	1412 (12 15) */		fmuld	%f6,%f18,%f24
-/* 0x1180	1413 (13 16) */		fmuld	%f6,%f16,%f22
-/* 0x1184	1414 (13 16) */		fdtox	%f4,%f4
-/* 0x1188	1415 (14 17) */		fitod	%f10,%f6
-/* 0x118c	1416 (14 17) */		fmuld	%f26,%f18,%f10
-/* 0x1190	1417 (15 18) */		fdtox	%f24,%f24
-/* 0x1194	1418 (16 19) */		fdtox	%f22,%f22
-/* 0x1198	1419 (16 17) */		std	%f24,[%g3-64]
-/* 0x119c	1420 (17 18) */		std	%f22,[%g2-64]
-/* 0x11a0	1421 (17 20) */		fdtox	%f10,%f10
-/* 0x11a4	1422 (18 21) */		fsubd	%f20,%f6,%f6
-/* 0x11a8	1423 (18 19) */		std	%f10,[%o7-64]
-/* 0x11ac	1424 (18 19) */		add	%o1,8,%o1
-/* 0x11b0	1425 (19 21) */		fxnor	%f14,%f0,%f10
-/* 0x11b4	1426 (19 22) */		fmuld	%f28,%f16,%f0
-/* 0x11b8	1427 (19 20) */		std	%f4,[%o4-64]
-/* 0x11bc	1428 (20 23) */		ldd	[%o1],%f22
-/* 0x11c0	1429 (20 23) */		fitod	%f13,%f4
-/* 0x11c4	1430 (21 24) */		fsubd	%f20,%f2,%f2
-/* 0x11c8	1431 (21 24) */		fmuld	%f6,%f18,%f26
-/* 0x11cc	1432 (22 25) */		fmuld	%f6,%f16,%f24
-/* 0x11d0	1433 (22 25) */		fdtox	%f0,%f0
-/* 0x11d4	1434 (23 26) */		fitod	%f8,%f6
-/* 0x11d8	1435 (23 26) */		fmuld	%f28,%f18,%f8
-/* 0x11dc	1436 (24 27) */		fdtox	%f26,%f26
-/* 0x11e0	1437 (25 28) */		fdtox	%f24,%f24
-/* 0x11e4	1438 (25 26) */		std	%f26,[%g3-32]
-/* 0x11e8	1439 (26 27) */		std	%f24,[%g2-32]
-/* 0x11ec	1440 (26 29) */		fdtox	%f8,%f8
-/* 0x11f0	1441 (27 30) */		fsubd	%f20,%f6,%f6
-/* 0x11f4	1442 (27 28) */		std	%f8,[%o7-32]
-/* 0x11f8	1443 (27 28) */		add	%o1,8,%o1
-/* 0x11fc	1444 (28 30) */		fxnor	%f14,%f22,%f8
-/* 0x1200	1445 (28 29) */		std	%f0,[%o4-32]
-/* 0x1204	1446 (28 29) */		bcs,pt	%icc,.L990000154	! tprob=0.50
-/* 0x1208	     (28 31) */		fmuld	%f2,%f16,%f0
-
-!
-! ENTRY .L990000157
-!
-
-                                   .L990000157:		/* frequency 1.0 confidence 0.0 */
-/* 0x120c	1449 ( 0  3) */		fitod	%f12,%f28
-/* 0x1210	1450 ( 0  3) */		fmuld	%f6,%f18,%f24
-/* 0x1214	1451 ( 0  1) */		add	%g3,128,%g3
-/* 0x1218	1452 ( 1  4) */		fitod	%f10,%f12
-/* 0x121c	1453 ( 1  4) */		fmuld	%f6,%f16,%f26
-/* 0x1220	1454 ( 1  2) */		add	%g2,128,%g2
-/* 0x1224	1455 ( 2  5) */		fsubd	%f20,%f4,%f4
-/* 0x1228	1456 ( 2  5) */		fmuld	%f2,%f18,%f22
-/* 0x122c	1457 ( 2  3) */		add	%o7,128,%o7
-/* 0x1230	1458 ( 3  6) */		fdtox	%f24,%f6
-/* 0x1234	1459 ( 3  4) */		std	%f6,[%g3-128]
-/* 0x1238	1460 ( 3  4) */		add	%o4,128,%o4
-/* 0x123c	1461 ( 4  7) */		fsubd	%f20,%f28,%f2
-/* 0x1240	1462 ( 4  5) */		subcc	%g4,%o3,%g0
-/* 0x1244	1463 ( 5  8) */		fitod	%f11,%f6
-/* 0x1248	1464 ( 5  8) */		fmuld	%f4,%f18,%f24
-/* 0x124c	1465 ( 6  9) */		fdtox	%f26,%f10
-/* 0x1250	1466 ( 6  7) */		std	%f10,[%g2-128]
-/* 0x1254	1467 ( 7 10) */		fdtox	%f22,%f10
-/* 0x1258	1468 ( 7  8) */		std	%f10,[%o7-128]
-/* 0x125c	1469 ( 7 10) */		fmuld	%f2,%f18,%f26
-/* 0x1260	1470 ( 8 11) */		fsubd	%f20,%f12,%f10
-/* 0x1264	1471 ( 8 11) */		fmuld	%f2,%f16,%f2
-/* 0x1268	1472 ( 9 12) */		fsubd	%f20,%f6,%f22
-/* 0x126c	1473 ( 9 12) */		fmuld	%f4,%f16,%f12
-/* 0x1270	1474 (10 13) */		fdtox	%f0,%f0
-/* 0x1274	1475 (10 11) */		std	%f0,[%o4-128]
-/* 0x1278	1476 (11 14) */		fitod	%f8,%f4
-/* 0x127c	1477 (11 14) */		fmuld	%f10,%f18,%f6
-/* 0x1280	1478 (12 15) */		fdtox	%f26,%f0
-/* 0x1284	1479 (12 13) */		std	%f0,[%g3-96]
-/* 0x1288	1480 (12 15) */		fmuld	%f10,%f16,%f10
-/* 0x128c	1481 (13 16) */		fdtox	%f2,%f2
-/* 0x1290	1482 (13 14) */		std	%f2,[%g2-96]
-/* 0x1294	1483 (14 17) */		fitod	%f9,%f0
-/* 0x1298	1484 (14 17) */		fmuld	%f22,%f18,%f2
-/* 0x129c	1485 (15 18) */		fdtox	%f24,%f8
-/* 0x12a0	1486 (15 16) */		std	%f8,[%o7-96]
-/* 0x12a4	1487 (16 19) */		fsubd	%f20,%f4,%f4
-/* 0x12a8	1488 (16 19) */		fmuld	%f22,%f16,%f8
-/* 0x12ac	1489 (17 20) */		fdtox	%f12,%f12
-/* 0x12b0	1490 (17 18) */		std	%f12,[%o4-96]
-/* 0x12b4	1491 (18 21) */		fsubd	%f20,%f0,%f0
-/* 0x12b8	1492 (19 22) */		fdtox	%f6,%f6
-/* 0x12bc	1493 (19 20) */		std	%f6,[%g3-64]
-/* 0x12c0	1494 (20 23) */		fdtox	%f10,%f10
-/* 0x12c4	1495 (20 21) */		std	%f10,[%g2-64]
-/* 0x12c8	1496 (20 23) */		fmuld	%f4,%f18,%f6
-/* 0x12cc	1497 (21 24) */		fdtox	%f2,%f2
-/* 0x12d0	1498 (21 22) */		std	%f2,[%o7-64]
-/* 0x12d4	1499 (21 24) */		fmuld	%f4,%f16,%f4
-/* 0x12d8	1500 (22 25) */		fmuld	%f0,%f18,%f2
-/* 0x12dc	1501 (22 25) */		fdtox	%f8,%f8
-/* 0x12e0	1502 (22 23) */		std	%f8,[%o4-64]
-/* 0x12e4	1503 (23 26) */		fdtox	%f6,%f6
-/* 0x12e8	1504 (23 24) */		std	%f6,[%g3-32]
-/* 0x12ec	1505 (23 26) */		fmuld	%f0,%f16,%f0
-/* 0x12f0	1506 (24 27) */		fdtox	%f4,%f4
-/* 0x12f4	1507 (24 25) */		std	%f4,[%g2-32]
-/* 0x12f8	1508 (25 28) */		fdtox	%f2,%f2
-/* 0x12fc	1509 (25 26) */		std	%f2,[%o7-32]
-/* 0x1300	1510 (26 29) */		fdtox	%f0,%f0
-/* 0x1304	1511 (26 27) */		bcc,pn	%icc,.L77000056	! tprob=0.50
-/* 0x1308	     (26 27) */		std	%f0,[%o4-32]
-
-!
-! ENTRY .L77000054
-!
-
-                                   .L77000054:		/* frequency 1.0 confidence 0.0 */
-/* 0x130c	1514 ( 0  3) */		ldd	[%o1],%f0
-
-!
-! ENTRY .L990000161
-!
-
-                                   .L990000161:		/* frequency 1.0 confidence 0.0 */
-/* 0x1310	1516 ( 0  2) */		fxnor	%f14,%f0,%f0
-/* 0x1314	1517 ( 0  1) */		add	%g4,1,%g4
-/* 0x1318	1518 ( 0  1) */		add	%o1,8,%o1
-/* 0x131c	1519 ( 1  2) */		subcc	%g4,%o3,%g0
-/* 0x1320	1520 ( 2  5) */		fitod	%f0,%f2
-/* 0x1324	1521 ( 3  6) */		fitod	%f1,%f0
-/* 0x1328	1522 ( 5  8) */		fsubd	%f20,%f2,%f2
-/* 0x132c	1523 ( 6  9) */		fsubd	%f20,%f0,%f0
-/* 0x1330	1524 ( 8 11) */		fmuld	%f2,%f18,%f6
-/* 0x1334	1525 ( 9 12) */		fmuld	%f2,%f16,%f4
-/* 0x1338	1526 (10 13) */		fmuld	%f0,%f18,%f2
-/* 0x133c	1527 (11 14) */		fdtox	%f6,%f6
-/* 0x1340	1528 (11 12) */		std	%f6,[%g3]
-/* 0x1344	1529 (11 14) */		fmuld	%f0,%f16,%f0
-/* 0x1348	1530 (12 15) */		fdtox	%f4,%f4
-/* 0x134c	1531 (12 13) */		std	%f4,[%g2]
-/* 0x1350	1532 (12 13) */		add	%g2,32,%g2
-/* 0x1354	1533 (13 16) */		fdtox	%f2,%f2
-/* 0x1358	1534 (13 14) */		std	%f2,[%o7]
-/* 0x135c	1535 (13 14) */		add	%o7,32,%o7
-/* 0x1360	1536 (14 17) */		fdtox	%f0,%f0
-/* 0x1364	1537 (14 15) */		std	%f0,[%o4]
-/* 0x1368	1538 (14 15) */		add	%o4,32,%o4
-/* 0x136c	1539 (15 16) */		add	%g3,32,%g3
-/* 0x1370	1540 (15 16) */		bcs,a,pt	%icc,.L990000161	! tprob=0.50
-/* 0x1374	     (16 19) */		ldd	[%o1],%f0
-
-!
-! ENTRY .L77000056
-!
-
-                                   .L77000056:		/* frequency 1.0 confidence 0.0 */
-/* 0x1378	1548 ( 0  1) */		subcc	%o0,0,%g0
-
-!
-! ENTRY .L990000162
-!
-
-                                   .L990000162:		/* frequency 1.0 confidence 0.0 */
-/* 0x137c	1550 ( 0  1) */		bleu,pt	%icc,.L77770061	! tprob=0.50
-/* 0x1380	     ( 0  1) */		nop
-/* 0x1384	1555 ( 0  1) */		sethi	%hi(0x1800),%g1
-/* 0x1388	1556 ( 1  2) */		xor	%g1,-304,%g1
-/* 0x138c	1557 ( 1  2) */		or	%g0,%i1,%g4
-/* 0x1390	1558 ( 2  3) */		add	%g1,%fp,%g5
-/* 0x1394	1559 ( 2  3) */		sethi	%hi(0x1800),%g1
-/* 0x1398	1560 ( 3  4) */		xor	%g1,-296,%g1
-/* 0x139c	1561 ( 3  4) */		or	%g0,%o0,%o7
-/* 0x13a0	1562 ( 4  5) */		add	%g1,%fp,%g2
-/* 0x13a4	1563 ( 4  5) */		or	%g0,0,%i2
-/* 0x13a8	1564 ( 5  6) */		or	%g0,%i0,%g3
-/* 0x13ac	1565 ( 5  6) */		subcc	%o0,6,%g0
-/* 0x13b0	1566 ( 5  6) */		bl,pn	%icc,.L77000058	! tprob=0.50
-/* 0x13b4	     ( 6  7) */		sethi	%hi(0x1800),%g1
-/* 0x13b8	1568 ( 6  8) */		ld	[%g4],%o2
-/* 0x13bc	1569 ( 6  7) */		add	%g3,4,%g3
-/* 0x13c0	1570 ( 7  8) */		xor	%g1,-264,%g1
-/* 0x13c4	1571 ( 7  8) */		sub	%o7,3,%o4
-/* 0x13c8	1572 ( 8  9) */		add	%g1,%fp,%g2
-/* 0x13cc	1573 ( 8  9) */		sethi	%hi(0x1800),%g1
-/* 0x13d0	1574 ( 9 10) */		xor	%g1,-272,%g1
-/* 0x13d4	1575 ( 9 10) */		or	%g0,2,%i2
-/* 0x13d8	1576 (10 11) */		add	%g1,%fp,%g5
-/* 0x13dc	1577 (10 11) */		sethi	%hi(0x1800),%g1
-/* 0x13e0	1578 (11 12) */		xor	%g1,-296,%g1
-/* 0x13e4	1579 (12 13) */		add	%g1,%fp,%g1
-/* 0x13e8	1580 (13 15) */		ldx	[%g1],%o1
-/* 0x13ec	1581 (14 16) */		ldx	[%g1-8],%o0
-/* 0x13f0	1582 (15 16) */		sllx	%o1,19,%o1
-/* 0x13f4	1583 (15 17) */		ldx	[%g1+16],%o3
-/* 0x13f8	1584 (16 17) */		add	%o0,%o1,%o0
-/* 0x13fc	1585 (16 18) */		ld	[%g4+4],%o1
-/* 0x1400	1586 (16 17) */		add	%g4,8,%g4
-/* 0x1404	1587 (17 18) */		sllx	%o3,19,%o3
-/* 0x1408	1588 (17 18) */		add	%o0,%o2,%o0
-/* 0x140c	1589 (17 19) */		ldx	[%g1+8],%o2
-/* 0x1410	1590 (18 19) */		st	%o0,[%g3-4]
-/* 0x1414	1591 (18 19) */		srlx	%o0,32,%o0
-
-!
-! ENTRY .L990000142
-!
-
-                                   .L990000142:		/* frequency 1.0 confidence 0.0 */
-/* 0x1418	1593 ( 0  1) */		add	%o2,%o3,%o2
-/* 0x141c	1594 ( 0  1) */		add	%i2,4,%i2
-/* 0x1420	1595 ( 0  2) */		ld	[%g4],%o3
-/* 0x1424	1596 ( 1  2) */		srl	%o0,0,%o5
-/* 0x1428	1597 ( 1  2) */		add	%o2,%o1,%o1
-/* 0x142c	1598 ( 1  3) */		ldx	[%g2],%o0
-/* 0x1430	1599 ( 3  4) */		sllx	%o0,19,%o2
-/* 0x1434	1600 ( 3  5) */		ldx	[%g5],%o0
-/* 0x1438	1601 ( 3  4) */		add	%o1,%o5,%o1
-/* 0x143c	1602 ( 4  5) */		st	%o1,[%g3]
-/* 0x1440	1603 ( 4  5) */		srlx	%o1,32,%o5
-/* 0x1444	1604 ( 4  5) */		subcc	%i2,%o4,%g0
-/* 0x1448	1605 ( 5  7) */		ldx	[%g2+16],%o1
-/* 0x144c	1606 ( 5  6) */		add	%o0,%o2,%o0
-/* 0x1450	1607 ( 5  6) */		add	%g3,16,%g3
-/* 0x1454	1608 ( 6  8) */		ld	[%g4+4],%o2
-/* 0x1458	1609 ( 6  7) */		add	%o0,%o3,%o0
-/* 0x145c	1610 ( 7  8) */		sllx	%o1,19,%o3
-/* 0x1460	1611 ( 7  9) */		ldx	[%g5+16],%o1
-/* 0x1464	1612 ( 7  8) */		add	%o0,%o5,%o0
-/* 0x1468	1613 ( 8  9) */		st	%o0,[%g3-12]
-/* 0x146c	1614 ( 8  9) */		srlx	%o0,32,%o5
-/* 0x1470	1615 ( 8  9) */		add	%g4,16,%g4
-/* 0x1474	1616 ( 9 11) */		ldx	[%g2+32],%o0
-/* 0x1478	1617 ( 9 10) */		add	%o1,%o3,%o1
-/* 0x147c	1618 ( 9 10) */		add	%g2,64,%g2
-/* 0x1480	1619 (10 12) */		ld	[%g4-8],%o3
-/* 0x1484	1620 (10 11) */		add	%o1,%o2,%o2
-/* 0x1488	1621 (11 12) */		sllx	%o0,19,%o1
-/* 0x148c	1622 (11 13) */		ldx	[%g5+32],%o0
-/* 0x1490	1623 (11 12) */		add	%o2,%o5,%o2
-/* 0x1494	1624 (12 13) */		st	%o2,[%g3-8]
-/* 0x1498	1625 (12 13) */		srlx	%o2,32,%o5
-/* 0x149c	1626 (12 13) */		add	%g5,64,%g5
-/* 0x14a0	1627 (13 15) */		ldx	[%g2-16],%o2
-/* 0x14a4	1628 (13 14) */		add	%o0,%o1,%o0
-/* 0x14a8	1629 (14 16) */		ld	[%g4-4],%o1
-/* 0x14ac	1630 (14 15) */		add	%o0,%o3,%o0
-/* 0x14b0	1631 (15 16) */		sllx	%o2,19,%o3
-/* 0x14b4	1632 (15 17) */		ldx	[%g5-16],%o2
-/* 0x14b8	1633 (15 16) */		add	%o0,%o5,%o0
-/* 0x14bc	1634 (16 17) */		st	%o0,[%g3-4]
-/* 0x14c0	1635 (16 17) */		bcs,pt	%icc,.L990000142	! tprob=0.50
-/* 0x14c4	     (16 17) */		srlx	%o0,32,%o0
-
-!
-! ENTRY .L990000145
-!
-
-                                   .L990000145:		/* frequency 1.0 confidence 0.0 */
-/* 0x14c8	1638 ( 0  1) */		add	%o2,%o3,%o3
-/* 0x14cc	1639 ( 0  1) */		add	%g3,4,%g3
-/* 0x14d0	1640 ( 1  2) */		srl	%o0,0,%o2
-/* 0x14d4	1641 ( 1  2) */		add	%o3,%o1,%o0
-/* 0x14d8	1642 ( 2  3) */		add	%o0,%o2,%o0
-/* 0x14dc	1643 ( 2  3) */		st	%o0,[%g3-4]
-/* 0x14e0	1644 ( 2  3) */		subcc	%i2,%o7,%g0
-/* 0x14e4	1645 ( 2  3) */		bcc,pn	%icc,.L77770061	! tprob=0.50
-/* 0x14e8	     ( 3  4) */		srlx	%o0,32,%o5
-
-!
-! ENTRY .L77000058
-!
-
-                                   .L77000058:		/* frequency 1.0 confidence 0.0 */
-/* 0x14ec	1648 ( 0  2) */		ldx	[%g2],%o2
-
-!
-! ENTRY .L990000160
-!
-
-                                   .L990000160:		/* frequency 1.0 confidence 0.0 */
-/* 0x14f0	1650 ( 0  1) */		sllx	%o2,19,%o3
-/* 0x14f4	1651 ( 0  2) */		ldx	[%g5],%o0
-/* 0x14f8	1652 ( 0  1) */		add	%i2,1,%i2
-/* 0x14fc	1653 ( 1  2) */		srl	%o5,0,%o1
-/* 0x1500	1654 ( 1  3) */		ld	[%g4],%o2
-/* 0x1504	1655 ( 1  2) */		add	%g2,16,%g2
-/* 0x1508	1656 ( 2  3) */		add	%o0,%o3,%o0
-/* 0x150c	1657 ( 2  3) */		add	%g5,16,%g5
-/* 0x1510	1658 ( 3  4) */		add	%o0,%o2,%o0
-/* 0x1514	1659 ( 3  4) */		add	%g4,4,%g4
-/* 0x1518	1660 ( 4  5) */		add	%o0,%o1,%o0
-/* 0x151c	1661 ( 4  5) */		st	%o0,[%g3]
-/* 0x1520	1662 ( 4  5) */		subcc	%i2,%o7,%g0
-/* 0x1524	1663 ( 5  6) */		srlx	%o0,32,%o5
-/* 0x1528	1664 ( 5  6) */		add	%g3,4,%g3
-/* 0x152c	1665 ( 5  6) */		bcs,a,pt	%icc,.L990000160	! tprob=0.50
-/* 0x1530	     ( 6  8) */		ldx	[%g2],%o2
-
-!
-! ENTRY .L77770061
-!
-
-                                   .L77770061:		/* frequency 1.0 confidence 0.0 */
-/* 0x1534	     ( 0  2) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x1538	     ( 2  3) */		restore	%g0,%o5,%o0
-
-
-
-
-/* 0x11a8	1441 ( 0  0) */		.type	mul_add,2
-/* 0x11a8	1442 ( 0  0) */		.size	mul_add,(.-mul_add)
-/* 0x11a8	1445 ( 0  0) */		.align	16
-/* 0x11b0	1451 ( 0  0) */		.global	mul_add_inp
-
-!
-! ENTRY mul_add_inp
-!
-
-                                   	.global mul_add_inp
-                                   mul_add_inp:		/* frequency 1.0 confidence 0.0 */
-/* 0x11b0	1453 ( 0  1) */		or	%g0,%o2,%g1
-/* 0x11b4	1454 ( 0  1) */		or	%g0,%o3,%o4
-/* 0x11b8	1455 ( 1  2) */		or	%g0,%o0,%g3
-/* 0x11bc	1456 ( 1  2) */		or	%g0,%o1,%g2
-/* 0x11c0	1466 ( 2  3) */		or	%g0,%g1,%o3
-/* 0x11c4	1467 ( 2  3) */		or	%g0,%g3,%o1
-/* 0x11c8	1468 ( 3  4) */		or	%g0,%g2,%o2
-/* 0x11cc	1469 ( 3  4) */		or	%g0,%o7,%g1
-/* 0x11d0	1470 ( 4  6) */		call	mul_add	! params = 	! Result = 
-/* 0x11d4	     ( 5  6) */		or	%g0,%g1,%o7
-/* 0x11d8	1472 ( 0  0) */		.type	mul_add_inp,2
-/* 0x11d8	1473 ( 0  0) */		.size	mul_add_inp,(.-mul_add_inp)
-
-	.section	".data",#alloc,#write
-/* 0x11d8	   6 ( 0  0) */		.align	8
-
-!
-! ENTRY mask_cnst
-!
-
-                                   mask_cnst:		/* frequency 1.0 confidence 0.0 */
-/* 0x11d8	   8 ( 0  0) */		.word	-2147483648
-/* 0x11dc	   9 ( 0  0) */		.word	-2147483648
-/* 0x11e0	  10 ( 0  0) */		.type	mask_cnst,#object
-/* 0x11e0	  11 ( 0  0) */		.size	mask_cnst,8
-
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv9.s b/security/nss/lib/freebl/mpi/mpv_sparcv9.s
deleted file mode 100644
index 1a7997e4a..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparcv9.s
+++ /dev/null
@@ -1,1673 +0,0 @@
-!/*
-! * The contents of this file are subject to the Mozilla Public
-! * License Version 1.1 (the "License"); you may not use this file
-! * except in compliance with the License. You may obtain a copy of
-! * the License at http://www.mozilla.org/MPL/
-! * 
-! * Software distributed under the License is distributed on an "AS
-! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! * implied. See the License for the specific language governing
-! * rights and limitations under the License.
-! * 
-! * The Original Code is a SPARC/VIS optimized multiply and add function
-! *
-! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! * Portions created by Sun Microsystems Inc. are 
-! * Copyright (C) 1999-2000 Sun Microsystems Inc.  All Rights Reserved.
-! * 
-! * Contributor(s):
-! * 
-! * Alternatively, the contents of this file may be used under the
-! * terms of the GNU General Public License Version 2 or later (the
-! * "GPL"), in which case the provisions of the GPL are applicable 
-! * instead of those above.   If you wish to allow use of your 
-! * version of this file only under the terms of the GPL and not to
-! * allow others to use your version of this file under the MPL,
-! * indicate your decision by deleting the provisions above and
-! * replace them with the notice and other provisions required by
-! * the GPL.  If you do not delete the provisions above, a recipient
-! * may use your version of this file under either the MPL or the
-! * GPL.
-! *  $Id$
-! */
-
-	.section	".text",#alloc,#execinstr
-/* 000000	   0 ( 0  0) */		.register	%g2,#scratch
-/* 000000	     ( 0  0) */		.register	%g3,#scratch
-/* 000000	   3 ( 0  0) */		.file	"mpv_sparc.c"
-/* 000000	  15 ( 0  0) */		.align	8
-!
-! SUBROUTINE .L_const_seg_900000101
-!
-! OFFSET    SOURCE LINE	LABEL	INSTRUCTION	(ISSUE TIME)	(COMPLETION TIME)
-
-                                   .L_const_seg_900000101:		/* frequency 1.0 confidence 0.0 */
-/* 000000	  20 ( 0  0) */		.word	1127219200,0
-/* 0x0008	  21 ( 0  0) */		.word	1105199103,-4194304
-/* 0x0010	  22 ( 0  0) */		.align	8
-/* 0x0010	  28 ( 0  0) */		.global	mul_add
-
-!
-! ENTRY mul_add
-!
-
-                                   	.global mul_add
-                                   mul_add:		/* frequency 1.0 confidence 0.0 */
-/* 0x0010	  30 ( 0  1) */		sethi	%hi(0x1c00),%g1
-/* 0x0014	  31 ( 0  1) */		sethi	%hi(mask_cnst),%g2
-/* 0x0018	  32 ( 1  2) */		xor	%g1,-48,%g1
-/* 0x001c	  33 ( 1  2) */		add	%g2,%lo(mask_cnst),%g2
-/* 0x0020	  34 ( 2  3) */		save	%sp,%g1,%sp
-
-!
-! ENTRY .L900000149
-!
-
-                                   .L900000149:		/* frequency 1.0 confidence 0.0 */
-/* 0x0024	  36 ( 0  2) */		call	(.+0x8)	! params = 	! Result = 
-/* 0x0028	     ( 1  2) */		sethi	%hi((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
-/* 0x002c	 178 ( 2  3) */		sethi	%hi(.L_const_seg_900000101),%g3
-/* 0x0030	 179 ( 2  3) */		add	%g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
-/* 0x0034	 180 ( 3  4) */		add	%g3,%lo(.L_const_seg_900000101),%g3
-/* 0x0038	 181 ( 3  4) */		add	%g5,%o7,%o1
-/* 0x003c	 182 ( 4  5) */		sethi	%hi(0x80000),%g4
-/* 0x0040	 183 ( 4  6) */		ldx	[%o1+%g2],%g2
-/* 0x0044	 184 ( 4  5) */		or	%g0,%i2,%o2
-/* 0x0048	 185 ( 5  6) */		subcc	%i4,%g4,%g0
-/* 0x004c	 186 ( 5  7) */		ldx	[%o1+%g3],%o0
-/* 0x0050	 187 ( 6  7) */		or	%g0,%i0,%o7
-/* 0x0054	 188 ( 6  7) */		or	%g0,%i1,%o5
-/* 0x0058	 189 ( 6  9) */		ldd	[%g2],%f0
-/* 0x005c	 190 ( 6  7) */		bcc,pn	%icc,.L77000048	! tprob=0.50
-/* 0x0060	     ( 7  8) */		subcc	%i3,8,%g0
-/* 0x0064	 192 ( 7  8) */		bne,pn	%icc,.L900000158	! tprob=0.50
-/* 0x0068	     ( 8  9) */		subcc	%i3,16,%g0
-/* 0x006c	 194 ( 9 12) */		ldd	[%o2],%f4
-/* 0x0070	 195 (10 11) */		st	%i4,[%sp+2287]
-/* 0x0074	 196 (11 14) */		ldd	[%o0],%f8
-/* 0x0078	 197 (11 13) */		fxnor	%f0,%f4,%f4
-/* 0x007c	 198 (12 15) */		ldd	[%o2+8],%f10
-/* 0x0080	 199 (13 16) */		fitod	%f4,%f12
-/* 0x0084	 200 (13 16) */		ldd	[%o0+8],%f14
-/* 0x0088	 201 (14 17) */		ld	[%sp+2287],%f7
-/* 0x008c	 202 (14 17) */		fitod	%f5,%f4
-/* 0x0090	 203 (15 17) */		fxnor	%f0,%f10,%f10
-/* 0x0094	 204 (15 18) */		ldd	[%o2+16],%f16
-/* 0x0098	 205 (16 19) */		ldd	[%o2+24],%f18
-/* 0x009c	 206 (17 20) */		fsubd	%f14,%f4,%f4
-/* 0x00a0	 210 (17 20) */		ld	[%i1],%g2
-/* 0x00a4	 211 (18 20) */		fxnor	%f0,%f16,%f16
-/* 0x00a8	 212 (18 21) */		ld	[%i1+4],%g3
-/* 0x00ac	 213 (19 22) */		ld	[%i1+8],%g4
-/* 0x00b0	 214 (20 23) */		fitod	%f16,%f20
-/* 0x00b4	 215 (20 23) */		ld	[%i1+16],%o0
-/* 0x00b8	 216 (21 24) */		ld	[%i1+12],%g5
-/* 0x00bc	 217 (22 25) */		ld	[%i1+20],%o1
-/* 0x00c0	 218 (23 26) */		ld	[%i1+24],%o2
-/* 0x00c4	 219 (24 25) */		fmovs	%f8,%f6
-/* 0x00c8	 220 (24 27) */		ld	[%i1+28],%o3
-/* 0x00cc	 221 (26 29) */		fsubd	%f6,%f8,%f6
-/* 0x00d0	 222 (27 30) */		fsubd	%f14,%f12,%f8
-/* 0x00d4	 223 (28 31) */		fitod	%f10,%f12
-/* 0x00d8	 224 (29 32) */		fmuld	%f4,%f6,%f4
-/* 0x00dc	 225 (29 32) */		fitod	%f11,%f10
-/* 0x00e0	 226 (30 33) */		fmuld	%f8,%f6,%f8
-/* 0x00e4	 227 (31 34) */		fsubd	%f14,%f12,%f12
-/* 0x00e8	 228 (32 35) */		fdtox	%f4,%f4
-/* 0x00ec	 229 (32 33) */		std	%f4,[%sp+2271]
-/* 0x00f0	 230 (33 36) */		fdtox	%f8,%f8
-/* 0x00f4	 231 (33 34) */		std	%f8,[%sp+2279]
-/* 0x00f8	 232 (34 37) */		fmuld	%f12,%f6,%f12
-/* 0x00fc	 233 (34 37) */		fsubd	%f14,%f10,%f10
-/* 0x0100	 234 (35 38) */		fsubd	%f14,%f20,%f4
-/* 0x0104	 235 (36 39) */		fitod	%f17,%f8
-/* 0x0108	 236 (37 39) */		fxnor	%f0,%f18,%f16
-/* 0x010c	 237 (37 39) */		ldx	[%sp+2279],%o4
-/* 0x0110	 238 (37 40) */		fmuld	%f10,%f6,%f10
-/* 0x0114	 239 (38 41) */		fdtox	%f12,%f12
-/* 0x0118	 240 (38 39) */		std	%f12,[%sp+2263]
-/* 0x011c	 241 (38 41) */		fmuld	%f4,%f6,%f4
-/* 0x0120	 242 (39 42) */		fitod	%f16,%f18
-/* 0x0124	 243 (39 40) */		add	%o4,%g2,%g2
-/* 0x0128	 244 (39 40) */		st	%g2,[%i0]
-/* 0x012c	 245 (40 42) */		ldx	[%sp+2271],%o4
-/* 0x0130	 246 (40 43) */		fsubd	%f14,%f8,%f8
-/* 0x0134	 247 (40 41) */		srax	%g2,32,%o5
-/* 0x0138	 248 (41 44) */		fdtox	%f10,%f10
-/* 0x013c	 249 (41 42) */		std	%f10,[%sp+2255]
-/* 0x0140	 250 (42 45) */		fdtox	%f4,%f4
-/* 0x0144	 251 (42 43) */		std	%f4,[%sp+2247]
-/* 0x0148	 252 (42 43) */		add	%o4,%g3,%o4
-/* 0x014c	 253 (43 46) */		fitod	%f17,%f12
-/* 0x0150	 254 (43 45) */		ldx	[%sp+2263],%g2
-/* 0x0154	 255 (43 44) */		add	%o4,%o5,%g3
-/* 0x0158	 256 (43 46) */		fmuld	%f8,%f6,%f8
-/* 0x015c	 257 (44 47) */		fsubd	%f14,%f18,%f10
-/* 0x0160	 258 (44 45) */		st	%g3,[%i0+4]
-/* 0x0164	 259 (44 45) */		srax	%g3,32,%g3
-/* 0x0168	 260 (45 46) */		add	%g2,%g4,%g4
-/* 0x016c	 261 (45 47) */		ldx	[%sp+2255],%g2
-/* 0x0170	 262 (46 49) */		fsubd	%f14,%f12,%f4
-/* 0x0174	 263 (46 47) */		add	%g4,%g3,%g3
-/* 0x0178	 264 (46 48) */		ldx	[%sp+2247],%g4
-/* 0x017c	 265 (47 50) */		fmuld	%f10,%f6,%f10
-/* 0x0180	 266 (47 50) */		fdtox	%f8,%f8
-/* 0x0184	 267 (47 48) */		std	%f8,[%sp+2239]
-/* 0x0188	 268 (48 49) */		add	%g4,%o0,%g4
-/* 0x018c	 269 (48 49) */		add	%g2,%g5,%g2
-/* 0x0190	 270 (48 49) */		st	%g3,[%i0+8]
-/* 0x0194	 271 (49 52) */		fmuld	%f4,%f6,%f4
-/* 0x0198	 272 (49 50) */		srax	%g3,32,%o0
-/* 0x019c	 273 (49 51) */		ldx	[%sp+2239],%g5
-/* 0x01a0	 274 (50 53) */		fdtox	%f10,%f6
-/* 0x01a4	 275 (50 51) */		std	%f6,[%sp+2231]
-/* 0x01a8	 276 (50 51) */		add	%g2,%o0,%g2
-/* 0x01ac	 277 (51 52) */		srax	%g2,32,%g3
-/* 0x01b0	 278 (51 52) */		add	%g5,%o1,%o1
-/* 0x01b4	 279 (51 52) */		st	%g2,[%i0+12]
-/* 0x01b8	 280 (52 55) */		fdtox	%f4,%f4
-/* 0x01bc	 281 (52 53) */		std	%f4,[%sp+2223]
-/* 0x01c0	 282 (52 53) */		add	%g4,%g3,%g3
-/* 0x01c4	 283 (53 54) */		srax	%g3,32,%g4
-/* 0x01c8	 284 (53 54) */		st	%g3,[%i0+16]
-/* 0x01cc	 285 (54 56) */		ldx	[%sp+2231],%o0
-/* 0x01d0	 286 (54 55) */		add	%o1,%g4,%g4
-/* 0x01d4	 287 (55 56) */		srax	%g4,32,%g2
-/* 0x01d8	 288 (55 57) */		ldx	[%sp+2223],%g5
-/* 0x01dc	 289 (56 57) */		add	%o0,%o2,%o2
-/* 0x01e0	 290 (56 57) */		st	%g4,[%i0+20]
-/* 0x01e4	 291 (57 58) */		add	%o2,%g2,%g2
-/* 0x01e8	 292 (57 58) */		add	%g5,%o3,%g5
-/* 0x01ec	 293 (57 58) */		st	%g2,[%i0+24]
-/* 0x01f0	 294 (58 59) */		srax	%g2,32,%g3
-/* 0x01f4	 295 (59 60) */		add	%g5,%g3,%g2
-/* 0x01f8	 296 (59 60) */		st	%g2,[%i0+28]
-/* 0x01fc	 300 (60 61) */		srax	%g2,32,%o3
-/* 0x0200	 301 (61 62) */		srl	%o3,0,%i0
-/* 0x0204	     (62 64) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x0208	     (64 65) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L900000158
-!
-
-                                   .L900000158:		/* frequency 1.0 confidence 0.0 */
-/* 0x020c	 308 ( 0  1) */		bne,a,pn	%icc,.L900000157	! tprob=0.50
-/* 0x0210	     ( 0  1) */		st	%i4,[%sp+2223]
-/* 0x0214	 315 ( 1  4) */		ldd	[%o2],%f4
-/* 0x0218	 316 ( 2  3) */		st	%i4,[%sp+2351]
-/* 0x021c	 317 ( 3  6) */		ldd	[%o0],%f8
-/* 0x0220	 318 ( 3  5) */		fxnor	%f0,%f4,%f4
-/* 0x0224	 319 ( 4  7) */		ldd	[%o2+8],%f10
-/* 0x0228	 320 ( 5  8) */		ldd	[%o0+8],%f14
-/* 0x022c	 321 ( 5  8) */		fitod	%f4,%f12
-/* 0x0230	 322 ( 6  9) */		ld	[%sp+2351],%f7
-/* 0x0234	 323 ( 6  8) */		fxnor	%f0,%f10,%f10
-/* 0x0238	 324 ( 7 10) */		ldd	[%o2+16],%f16
-/* 0x023c	 325 ( 7 10) */		fitod	%f5,%f4
-/* 0x0240	 326 ( 8 11) */		ldd	[%o2+24],%f18
-/* 0x0244	 330 ( 9 12) */		ldd	[%o2+32],%f20
-/* 0x0248	 331 ( 9 11) */		fxnor	%f0,%f16,%f16
-/* 0x024c	 335 (10 13) */		ld	[%i1],%g2
-/* 0x0250	 336 (10 13) */		fsubd	%f14,%f4,%f4
-/* 0x0254	 337 (11 14) */		ldd	[%o2+40],%f22
-/* 0x0258	 338 (11 14) */		fitod	%f16,%f28
-/* 0x025c	 339 (12 15) */		ld	[%i1+4],%g3
-/* 0x0260	 340 (13 16) */		ld	[%i1+8],%g4
-/* 0x0264	 341 (13 15) */		fxnor	%f0,%f22,%f22
-/* 0x0268	 342 (14 17) */		ld	[%i1+12],%g5
-/* 0x026c	 343 (15 18) */		ld	[%i1+16],%o0
-/* 0x0270	 344 (16 19) */		ldd	[%o2+48],%f24
-/* 0x0274	 345 (17 20) */		ld	[%i1+20],%o1
-/* 0x0278	 346 (17 18) */		fmovs	%f8,%f6
-/* 0x027c	 347 (18 21) */		ldd	[%o2+56],%f26
-/* 0x0280	 348 (19 22) */		ld	[%i1+24],%o2
-/* 0x0284	 349 (19 22) */		fsubd	%f6,%f8,%f6
-/* 0x0288	 350 (20 23) */		ld	[%i1+28],%o3
-/* 0x028c	 351 (20 23) */		fsubd	%f14,%f12,%f8
-/* 0x0290	 355 (21 24) */		ld	[%i1+32],%o4
-/* 0x0294	 356 (21 24) */		fitod	%f10,%f12
-/* 0x0298	 357 (22 25) */		ld	[%i1+36],%o7
-/* 0x029c	 358 (22 25) */		fitod	%f11,%f10
-/* 0x02a0	 359 (22 25) */		fmuld	%f4,%f6,%f4
-/* 0x02a4	 360 (23 26) */		ld	[%i1+40],%l1
-/* 0x02a8	 361 (23 26) */		fmuld	%f8,%f6,%f8
-/* 0x02ac	 362 (24 27) */		ld	[%i1+56],%l5
-/* 0x02b0	 363 (24 27) */		fsubd	%f14,%f12,%f12
-/* 0x02b4	 364 (25 28) */		fsubd	%f14,%f10,%f10
-/* 0x02b8	 365 (26 29) */		fdtox	%f8,%f8
-/* 0x02bc	 366 (26 27) */		std	%f8,[%sp+2343]
-/* 0x02c0	 367 (27 30) */		fitod	%f17,%f8
-/* 0x02c4	 368 (27 30) */		fmuld	%f12,%f6,%f12
-/* 0x02c8	 369 (28 31) */		fdtox	%f4,%f4
-/* 0x02cc	 370 (28 29) */		std	%f4,[%sp+2335]
-/* 0x02d0	 371 (28 31) */		fmuld	%f10,%f6,%f10
-/* 0x02d4	 372 (29 31) */		fxnor	%f0,%f18,%f16
-/* 0x02d8	 373 (30 33) */		fdtox	%f12,%f12
-/* 0x02dc	 374 (30 31) */		std	%f12,[%sp+2327]
-/* 0x02e0	 375 (31 33) */		ldx	[%sp+2343],%o5
-/* 0x02e4	 376 (31 34) */		fsubd	%f14,%f8,%f8
-/* 0x02e8	 377 (32 35) */		fsubd	%f14,%f28,%f4
-/* 0x02ec	 378 (33 36) */		fitod	%f17,%f12
-/* 0x02f0	 379 (33 34) */		add	%o5,%g2,%g2
-/* 0x02f4	 380 (33 34) */		st	%g2,[%i0]
-/* 0x02f8	 381 (34 36) */		ldx	[%sp+2335],%o5
-/* 0x02fc	 382 (34 37) */		fitod	%f16,%f18
-/* 0x0300	 383 (34 35) */		srax	%g2,32,%l0
-/* 0x0304	 384 (35 37) */		fxnor	%f0,%f20,%f16
-/* 0x0308	 385 (35 38) */		fmuld	%f8,%f6,%f20
-/* 0x030c	 386 (36 39) */		fdtox	%f10,%f10
-/* 0x0310	 387 (36 37) */		std	%f10,[%sp+2319]
-/* 0x0314	 388 (36 37) */		add	%o5,%g3,%g3
-/* 0x0318	 389 (36 39) */		fmuld	%f4,%f6,%f4
-/* 0x031c	 390 (37 40) */		fitod	%f16,%f8
-/* 0x0320	 391 (37 38) */		add	%g3,%l0,%g3
-/* 0x0324	 392 (37 38) */		st	%g3,[%i0+4]
-/* 0x0328	 393 (38 40) */		ldx	[%sp+2327],%o5
-/* 0x032c	 394 (38 41) */		fsubd	%f14,%f18,%f18
-/* 0x0330	 395 (38 39) */		srax	%g3,32,%l3
-/* 0x0334	 396 (39 41) */		ldx	[%sp+2319],%l2
-/* 0x0338	 397 (39 42) */		fdtox	%f4,%f4
-/* 0x033c	 398 (40 41) */		std	%f4,[%sp+2311]
-/* 0x0340	 399 (40 43) */		fdtox	%f20,%f20
-/* 0x0344	 400 (40 41) */		add	%o5,%g4,%g4
-/* 0x0348	 401 (41 42) */		std	%f20,[%sp+2303]
-/* 0x034c	 402 (41 44) */		fsubd	%f14,%f12,%f4
-/* 0x0350	 403 (41 42) */		add	%g4,%l3,%g4
-/* 0x0354	 404 (41 44) */		fmuld	%f18,%f6,%f18
-/* 0x0358	 405 (42 43) */		st	%g4,[%i0+8]
-/* 0x035c	 406 (42 45) */		fitod	%f17,%f16
-/* 0x0360	 407 (42 43) */		srax	%g4,32,%l4
-/* 0x0364	 408 (43 46) */		ld	[%i1+44],%l0
-/* 0x0368	 409 (43 46) */		fsubd	%f14,%f8,%f20
-/* 0x036c	 410 (43 44) */		add	%l2,%g5,%l2
-/* 0x0370	 411 (44 46) */		ldx	[%sp+2311],%g5
-/* 0x0374	 412 (44 47) */		fitod	%f22,%f8
-/* 0x0378	 413 (44 45) */		add	%l2,%l4,%l2
-/* 0x037c	 414 (44 47) */		fmuld	%f4,%f6,%f4
-/* 0x0380	 415 (45 46) */		st	%l2,[%i0+12]
-/* 0x0384	 416 (45 48) */		fsubd	%f14,%f16,%f10
-/* 0x0388	 417 (46 49) */		ld	[%i1+52],%l3
-/* 0x038c	 418 (46 49) */		fdtox	%f18,%f18
-/* 0x0390	 419 (46 47) */		add	%g5,%o0,%l4
-/* 0x0394	 420 (46 49) */		fmuld	%f20,%f6,%f12
-/* 0x0398	 421 (47 48) */		std	%f18,[%sp+2295]
-/* 0x039c	 422 (47 48) */		srax	%l2,32,%o0
-/* 0x03a0	 423 (47 50) */		fitod	%f23,%f16
-/* 0x03a4	 424 (48 51) */		ld	[%i1+48],%o5
-/* 0x03a8	 425 (48 51) */		fsubd	%f14,%f8,%f8
-/* 0x03ac	 426 (48 49) */		add	%l4,%o0,%l4
-/* 0x03b0	 427 (49 50) */		st	%l4,[%i0+16]
-/* 0x03b4	 428 (49 50) */		srax	%l4,32,%o0
-/* 0x03b8	 429 (49 51) */		fxnor	%f0,%f24,%f18
-/* 0x03bc	 430 (50 52) */		ldx	[%sp+2303],%g5
-/* 0x03c0	 431 (50 53) */		fdtox	%f4,%f4
-/* 0x03c4	 432 (51 52) */		std	%f4,[%sp+2287]
-/* 0x03c8	 433 (51 54) */		fdtox	%f12,%f12
-/* 0x03cc	 434 (51 54) */		fmuld	%f10,%f6,%f4
-/* 0x03d0	 435 (52 53) */		std	%f12,[%sp+2279]
-/* 0x03d4	 436 (52 55) */		fsubd	%f14,%f16,%f12
-/* 0x03d8	 437 (52 53) */		add	%g5,%o1,%g2
-/* 0x03dc	 438 (52 55) */		fmuld	%f8,%f6,%f8
-/* 0x03e0	 439 (53 55) */		ldx	[%sp+2295],%g5
-/* 0x03e4	 440 (53 56) */		fitod	%f18,%f10
-/* 0x03e8	 441 (53 54) */		add	%g2,%o0,%g2
-/* 0x03ec	 442 (54 55) */		st	%g2,[%i0+20]
-/* 0x03f0	 443 (54 57) */		fitod	%f19,%f16
-/* 0x03f4	 444 (54 55) */		srax	%g2,32,%o0
-/* 0x03f8	 445 (55 58) */		fdtox	%f8,%f8
-/* 0x03fc	 446 (55 56) */		std	%f8,[%sp+2263]
-/* 0x0400	 447 (55 56) */		add	%g5,%o2,%g3
-/* 0x0404	 448 (56 58) */		ldx	[%sp+2287],%g5
-/* 0x0408	 449 (56 59) */		fsubd	%f14,%f10,%f10
-/* 0x040c	 450 (56 57) */		add	%g3,%o0,%g3
-/* 0x0410	 451 (57 58) */		st	%g3,[%i0+24]
-/* 0x0414	 452 (57 60) */		fsubd	%f14,%f16,%f8
-/* 0x0418	 453 (57 58) */		srax	%g3,32,%o0
-/* 0x041c	 454 (58 61) */		fdtox	%f4,%f4
-/* 0x0420	 455 (58 59) */		std	%f4,[%sp+2271]
-/* 0x0424	 456 (58 59) */		add	%g5,%o3,%g4
-/* 0x0428	 457 (59 61) */		fxnor	%f0,%f26,%f18
-/* 0x042c	 458 (59 62) */		fmuld	%f12,%f6,%f4
-/* 0x0430	 459 (59 60) */		add	%g4,%o0,%g4
-/* 0x0434	 460 (60 61) */		st	%g4,[%i0+28]
-/* 0x0438	 461 (60 63) */		fmuld	%f10,%f6,%f10
-/* 0x043c	 462 (60 61) */		srax	%g4,32,%o0
-/* 0x0440	 463 (61 63) */		ldx	[%sp+2279],%g5
-/* 0x0444	 464 (61 64) */		fitod	%f18,%f12
-/* 0x0448	 465 (61 64) */		fmuld	%f8,%f6,%f8
-/* 0x044c	 466 (62 65) */		fdtox	%f4,%f4
-/* 0x0450	 467 (62 63) */		std	%f4,[%sp+2255]
-/* 0x0454	 468 (63 64) */		add	%g5,%o4,%l2
-/* 0x0458	 469 (63 65) */		ldx	[%sp+2271],%g5
-/* 0x045c	 470 (63 66) */		fdtox	%f10,%f16
-/* 0x0460	 471 (64 67) */		fsubd	%f14,%f12,%f4
-/* 0x0464	 472 (64 65) */		std	%f16,[%sp+2247]
-/* 0x0468	 473 (64 65) */		add	%l2,%o0,%l2
-/* 0x046c	 474 (65 68) */		fdtox	%f8,%f8
-/* 0x0470	 475 (65 66) */		std	%f8,[%sp+2239]
-/* 0x0474	 476 (65 66) */		add	%g5,%o7,%l4
-/* 0x0478	 477 (66 69) */		fitod	%f19,%f10
-/* 0x047c	 478 (66 68) */		ldx	[%sp+2263],%g5
-/* 0x0480	 479 (66 67) */		srax	%l2,32,%o0
-/* 0x0484	 480 (67 68) */		add	%l4,%o0,%l4
-/* 0x0488	 481 (67 70) */		fmuld	%f4,%f6,%f4
-/* 0x048c	 482 (67 69) */		ldx	[%sp+2255],%o0
-/* 0x0490	 483 (68 69) */		srax	%l4,32,%o1
-/* 0x0494	 484 (68 69) */		add	%g5,%l1,%l1
-/* 0x0498	 485 (68 69) */		st	%l2,[%i0+32]
-/* 0x049c	 486 (69 72) */		fsubd	%f14,%f10,%f8
-/* 0x04a0	 487 (69 71) */		ldx	[%sp+2239],%o3
-/* 0x04a4	 488 (69 70) */		add	%l1,%o1,%o1
-/* 0x04a8	 489 (70 72) */		ldx	[%sp+2247],%g5
-/* 0x04ac	 490 (70 71) */		srax	%o1,32,%o2
-/* 0x04b0	 491 (70 71) */		add	%o0,%l0,%o0
-/* 0x04b4	 492 (71 74) */		fdtox	%f4,%f4
-/* 0x04b8	 493 (71 72) */		std	%f4,[%sp+2231]
-/* 0x04bc	 494 (71 72) */		add	%o0,%o2,%o2
-/* 0x04c0	 495 (72 73) */		add	%o3,%l3,%l3
-/* 0x04c4	 496 (72 75) */		fmuld	%f8,%f6,%f4
-/* 0x04c8	 497 (72 73) */		add	%g5,%o5,%g5
-/* 0x04cc	 498 (73 74) */		srax	%o2,32,%o3
-/* 0x04d0	 499 (73 74) */		st	%l4,[%i0+36]
-/* 0x04d4	 500 (74 75) */		add	%g5,%o3,%g2
-/* 0x04d8	 501 (74 76) */		ldx	[%sp+2231],%o0
-/* 0x04dc	 502 (75 76) */		srax	%g2,32,%g3
-/* 0x04e0	 503 (75 78) */		fdtox	%f4,%f4
-/* 0x04e4	 504 (75 76) */		std	%f4,[%sp+2223]
-/* 0x04e8	 505 (76 77) */		st	%o1,[%i0+40]
-/* 0x04ec	 506 (76 77) */		add	%l3,%g3,%g3
-/* 0x04f0	 507 (76 77) */		add	%o0,%l5,%g5
-/* 0x04f4	 508 (77 78) */		st	%o2,[%i0+44]
-/* 0x04f8	 509 (77 78) */		srax	%g3,32,%g4
-/* 0x04fc	 510 (78 79) */		st	%g2,[%i0+48]
-/* 0x0500	 511 (78 79) */		add	%g5,%g4,%g4
-/* 0x0504	 512 (79 80) */		st	%g3,[%i0+52]
-/* 0x0508	 513 (79 80) */		srax	%g4,32,%g5
-/* 0x050c	 514 (80 83) */		ld	[%i1+60],%g3
-/* 0x0510	 515 (81 83) */		ldx	[%sp+2223],%g2
-/* 0x0514	 516 (82 83) */		st	%g4,[%i0+56]
-/* 0x0518	 517 (83 84) */		add	%g2,%g3,%g2
-/* 0x051c	 518 (84 85) */		add	%g2,%g5,%g2
-/* 0x0520	 519 (84 85) */		st	%g2,[%i0+60]
-/* 0x0524	 523 (85 86) */		srax	%g2,32,%o3
-/* 0x0528	 524 (86 87) */		srl	%o3,0,%i0
-/* 0x052c	     (87 89) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x0530	     (89 90) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L900000157
-!
-
-                                   .L900000157:		/* frequency 1.0 confidence 0.0 */
-/* 0x0534	 532 ( 0  1) */		fmovd	%f0,%f14
-/* 0x0538	 533 ( 0  3) */		ldd	[%o0],%f8
-/* 0x053c	 539 ( 0  1) */		add	%i3,1,%g2
-/* 0x0540	 540 ( 1  4) */		ld	[%sp+2223],%f7
-/* 0x0544	 541 ( 1  2) */		srl	%g2,31,%g3
-/* 0x0548	 545 ( 1  2) */		add	%fp,-217,%g4
-/* 0x054c	 546 ( 2  3) */		add	%g2,%g3,%g2
-/* 0x0550	 547 ( 2  3) */		or	%g0,0,%g5
-/* 0x0554	 548 ( 2  5) */		ldd	[%o0+8],%f18
-/* 0x0558	 549 ( 3  4) */		fmovs	%f8,%f6
-/* 0x055c	 550 ( 3  4) */		sra	%g2,1,%o1
-/* 0x0560	 551 ( 3  4) */		or	%g0,0,%o0
-/* 0x0564	 552 ( 4  5) */		subcc	%o1,0,%g0
-/* 0x0568	 553 ( 5  6) */		or	%g0,%o1,%o3
-/* 0x056c	 554 ( 5  8) */		fsubd	%f6,%f8,%f16
-/* 0x0570	 555 ( 5  6) */		ble,pt	%icc,.L900000156	! tprob=0.50
-/* 0x0574	     ( 6  7) */		subcc	%i3,0,%g0
-/* 0x0578	 557 ( 6  7) */		sub	%o1,1,%g2
-/* 0x057c	 558 ( 7  8) */		or	%g0,0,%i0
-/* 0x0580	 559 ( 7  8) */		or	%g0,1,%g3
-/* 0x0584	 560 ( 8  9) */		subcc	%o3,10,%g0
-/* 0x0588	 561 ( 8  9) */		bl,pn	%icc,.L77000077	! tprob=0.50
-/* 0x058c	     ( 9 10) */		or	%g0,0,%o1
-/* 0x0590	 563 ( 9 12) */		ldd	[%i2+8],%f0
-/* 0x0594	 564 ( 9 10) */		sub	%o3,3,%o3
-/* 0x0598	 565 (10 13) */		ldd	[%i2],%f2
-/* 0x059c	 566 (10 11) */		or	%g0,7,%o0
-/* 0x05a0	 567 (10 11) */		or	%g0,2,%i0
-/* 0x05a4	 568 (11 13) */		fxnor	%f14,%f0,%f8
-/* 0x05a8	 569 (11 14) */		ldd	[%i2+16],%f4
-/* 0x05ac	 570 (11 12) */		or	%g0,16,%o2
-/* 0x05b0	 571 (12 14) */		fxnor	%f14,%f2,%f2
-/* 0x05b4	 572 (12 15) */		ldd	[%i2+24],%f6
-/* 0x05b8	 573 (12 13) */		or	%g0,48,%o4
-/* 0x05bc	 574 (13 16) */		fitod	%f8,%f12
-/* 0x05c0	 575 (13 14) */		or	%g0,24,%o1
-/* 0x05c4	 576 (13 14) */		or	%g0,3,%g3
-/* 0x05c8	 577 (14 17) */		fitod	%f2,%f0
-/* 0x05cc	 578 (15 18) */		fitod	%f3,%f20
-/* 0x05d0	 579 (15 18) */		ldd	[%i2+32],%f2
-/* 0x05d4	 580 (16 19) */		fitod	%f9,%f10
-/* 0x05d8	 581 (16 19) */		ldd	[%i2+40],%f8
-/* 0x05dc	 582 (17 20) */		fsubd	%f18,%f0,%f0
-/* 0x05e0	 583 (18 21) */		fsubd	%f18,%f20,%f22
-/* 0x05e4	 584 (19 22) */		fsubd	%f18,%f12,%f20
-/* 0x05e8	 585 (19 22) */		ldd	[%i2+48],%f12
-/* 0x05ec	 586 (20 23) */		fsubd	%f18,%f10,%f10
-/* 0x05f0	 587 (20 23) */		fmuld	%f0,%f16,%f0
-/* 0x05f4	 588 (21 23) */		fxnor	%f14,%f4,%f4
-/* 0x05f8	 589 (21 24) */		fmuld	%f22,%f16,%f22
-/* 0x05fc	 590 (22 24) */		fxnor	%f14,%f6,%f6
-/* 0x0600	 591 (22 25) */		fmuld	%f20,%f16,%f20
-/* 0x0604	 592 (23 26) */		fdtox	%f0,%f0
-/* 0x0608	 593 (23 24) */		std	%f0,[%fp-217]
-/* 0x060c	 594 (23 26) */		fmuld	%f10,%f16,%f10
-/* 0x0610	 595 (24 27) */		fdtox	%f22,%f22
-/* 0x0614	 596 (24 25) */		std	%f22,[%fp-209]
-/* 0x0618	 597 (25 28) */		fitod	%f5,%f0
-/* 0x061c	 598 (26 29) */		fdtox	%f10,%f10
-/* 0x0620	 599 (27 30) */		fdtox	%f20,%f20
-/* 0x0624	 600 (27 28) */		std	%f20,[%fp-201]
-/* 0x0628	 601 (28 31) */		fitod	%f4,%f4
-/* 0x062c	 602 (28 29) */		std	%f10,[%fp-193]
-/* 0x0630	 603 (29 31) */		fxnor	%f14,%f2,%f10
-/* 0x0634	 604 (30 33) */		fitod	%f7,%f2
-/* 0x0638	 605 (31 34) */		fsubd	%f18,%f0,%f0
-/* 0x063c	 606 (32 35) */		fsubd	%f18,%f4,%f4
-/* 0x0640	 607 (33 35) */		fxnor	%f14,%f8,%f8
-
-!
-! ENTRY .L900000144
-!
-
-                                   .L900000144:		/* frequency 1.0 confidence 0.0 */
-/* 0x0644	 609 ( 0  3) */		fitod	%f11,%f22
-/* 0x0648	 610 ( 0  1) */		add	%o0,3,%o0
-/* 0x064c	 611 ( 0  1) */		add	%g3,6,%g3
-/* 0x0650	 612 ( 0  3) */		fmuld	%f0,%f16,%f0
-/* 0x0654	 613 ( 1  4) */		fmuld	%f4,%f16,%f24
-/* 0x0658	 614 ( 1  2) */		subcc	%o0,%o3,%g0
-/* 0x065c	 615 ( 1  2) */		add	%i0,6,%i0
-/* 0x0660	 616 ( 1  4) */		fsubd	%f18,%f2,%f2
-/* 0x0664	 617 ( 2  5) */		fitod	%f6,%f4
-/* 0x0668	 618 ( 3  6) */		fdtox	%f0,%f0
-/* 0x066c	 619 ( 3  4) */		add	%o4,8,%i1
-/* 0x0670	 620 ( 4  7) */		ldd	[%i2+%i1],%f20
-/* 0x0674	 621 ( 4  7) */		fdtox	%f24,%f6
-/* 0x0678	 622 ( 4  5) */		add	%o2,16,%o4
-/* 0x067c	 623 ( 5  8) */		fsubd	%f18,%f4,%f4
-/* 0x0680	 624 ( 5  6) */		std	%f6,[%o4+%g4]
-/* 0x0684	 625 ( 5  6) */		add	%o1,16,%o2
-/* 0x0688	 626 ( 6  8) */		fxnor	%f14,%f12,%f6
-/* 0x068c	 627 ( 6  7) */		std	%f0,[%o2+%g4]
-/* 0x0690	 628 ( 7 10) */		fitod	%f9,%f0
-/* 0x0694	 629 ( 7 10) */		fmuld	%f2,%f16,%f2
-/* 0x0698	 630 ( 8 11) */		fmuld	%f4,%f16,%f24
-/* 0x069c	 631 ( 8 11) */		fsubd	%f18,%f22,%f12
-/* 0x06a0	 632 ( 9 12) */		fitod	%f10,%f4
-/* 0x06a4	 633 (10 13) */		fdtox	%f2,%f2
-/* 0x06a8	 634 (10 11) */		add	%i1,8,%o1
-/* 0x06ac	 635 (11 14) */		ldd	[%i2+%o1],%f22
-/* 0x06b0	 636 (11 14) */		fdtox	%f24,%f10
-/* 0x06b4	 637 (11 12) */		add	%o4,16,%i4
-/* 0x06b8	 638 (12 15) */		fsubd	%f18,%f4,%f4
-/* 0x06bc	 639 (12 13) */		std	%f10,[%i4+%g4]
-/* 0x06c0	 640 (12 13) */		add	%o2,16,%i1
-/* 0x06c4	 641 (13 15) */		fxnor	%f14,%f20,%f10
-/* 0x06c8	 642 (13 14) */		std	%f2,[%i1+%g4]
-/* 0x06cc	 643 (14 17) */		fitod	%f7,%f2
-/* 0x06d0	 644 (14 17) */		fmuld	%f12,%f16,%f12
-/* 0x06d4	 645 (15 18) */		fmuld	%f4,%f16,%f24
-/* 0x06d8	 646 (15 18) */		fsubd	%f18,%f0,%f0
-/* 0x06dc	 647 (16 19) */		fitod	%f8,%f4
-/* 0x06e0	 648 (17 20) */		fdtox	%f12,%f20
-/* 0x06e4	 649 (17 18) */		add	%o1,8,%o4
-/* 0x06e8	 650 (18 21) */		ldd	[%i2+%o4],%f12
-/* 0x06ec	 651 (18 21) */		fdtox	%f24,%f8
-/* 0x06f0	 652 (18 19) */		add	%i4,16,%o2
-/* 0x06f4	 653 (19 22) */		fsubd	%f18,%f4,%f4
-/* 0x06f8	 654 (19 20) */		std	%f8,[%o2+%g4]
-/* 0x06fc	 655 (19 20) */		add	%i1,16,%o1
-/* 0x0700	 656 (20 22) */		fxnor	%f14,%f22,%f8
-/* 0x0704	 657 (20 21) */		ble,pt	%icc,.L900000144	! tprob=0.50
-/* 0x0708	     (20 21) */		std	%f20,[%o1+%g4]
-
-!
-! ENTRY .L900000147
-!
-
-                                   .L900000147:		/* frequency 1.0 confidence 0.0 */
-/* 0x070c	 660 ( 0  3) */		fitod	%f6,%f6
-/* 0x0710	 661 ( 0  3) */		fmuld	%f4,%f16,%f24
-/* 0x0714	 662 ( 0  1) */		add	%i4,32,%l4
-/* 0x0718	 663 ( 1  4) */		fsubd	%f18,%f2,%f2
-/* 0x071c	 664 ( 1  4) */		fmuld	%f0,%f16,%f22
-/* 0x0720	 665 ( 1  2) */		add	%i1,32,%l3
-/* 0x0724	 666 ( 2  5) */		fitod	%f10,%f28
-/* 0x0728	 667 ( 2  3) */		sra	%o0,0,%o2
-/* 0x072c	 668 ( 2  3) */		add	%i4,48,%l2
-/* 0x0730	 669 ( 3  6) */		fsubd	%f18,%f6,%f4
-/* 0x0734	 670 ( 3  4) */		add	%i1,48,%l1
-/* 0x0738	 671 ( 3  4) */		add	%i4,64,%l0
-/* 0x073c	 672 ( 4  7) */		fitod	%f11,%f26
-/* 0x0740	 673 ( 4  5) */		sllx	%o2,3,%o1
-/* 0x0744	 674 ( 4  5) */		add	%i1,64,%i5
-/* 0x0748	 675 ( 5  8) */		fitod	%f8,%f6
-/* 0x074c	 676 ( 5  6) */		add	%i4,80,%i4
-/* 0x0750	 677 ( 5  6) */		add	%i1,80,%i1
-/* 0x0754	 678 ( 6  8) */		fxnor	%f14,%f12,%f0
-/* 0x0758	 679 ( 6  9) */		fmuld	%f4,%f16,%f20
-/* 0x075c	 680 ( 6  7) */		add	%i4,16,%o4
-/* 0x0760	 681 ( 7 10) */		fitod	%f9,%f4
-/* 0x0764	 682 ( 7 10) */		fmuld	%f2,%f16,%f12
-/* 0x0768	 683 ( 7  8) */		add	%i1,16,%o3
-/* 0x076c	 684 ( 8 11) */		fsubd	%f18,%f28,%f10
-/* 0x0770	 685 ( 8  9) */		subcc	%o0,%g2,%g0
-/* 0x0774	 686 ( 8  9) */		add	%g3,12,%g3
-/* 0x0778	 687 ( 9 12) */		fitod	%f0,%f2
-/* 0x077c	 688 (10 13) */		fsubd	%f18,%f26,%f8
-/* 0x0780	 689 (11 14) */		fitod	%f1,%f0
-/* 0x0784	 690 (11 14) */		fmuld	%f10,%f16,%f10
-/* 0x0788	 691 (12 15) */		fdtox	%f24,%f24
-/* 0x078c	 692 (12 13) */		std	%f24,[%l4+%g4]
-/* 0x0790	 693 (12 13) */		add	%i0,12,%i0
-/* 0x0794	 694 (13 16) */		fsubd	%f18,%f6,%f6
-/* 0x0798	 695 (13 16) */		fmuld	%f8,%f16,%f8
-/* 0x079c	 696 (14 17) */		fdtox	%f22,%f22
-/* 0x07a0	 697 (14 15) */		std	%f22,[%l3+%g4]
-/* 0x07a4	 698 (15 18) */		fsubd	%f18,%f4,%f4
-/* 0x07a8	 699 (16 19) */		fdtox	%f20,%f20
-/* 0x07ac	 700 (16 17) */		std	%f20,[%l2+%g4]
-/* 0x07b0	 701 (16 19) */		fmuld	%f6,%f16,%f6
-/* 0x07b4	 702 (17 20) */		fsubd	%f18,%f2,%f2
-/* 0x07b8	 703 (18 21) */		fsubd	%f18,%f0,%f0
-/* 0x07bc	 704 (18 21) */		fmuld	%f4,%f16,%f4
-/* 0x07c0	 705 (19 22) */		fdtox	%f12,%f12
-/* 0x07c4	 706 (19 20) */		std	%f12,[%l1+%g4]
-/* 0x07c8	 707 (20 23) */		fdtox	%f10,%f10
-/* 0x07cc	 708 (20 21) */		std	%f10,[%l0+%g4]
-/* 0x07d0	 709 (20 23) */		fmuld	%f2,%f16,%f2
-/* 0x07d4	 710 (21 24) */		fdtox	%f8,%f8
-/* 0x07d8	 711 (21 22) */		std	%f8,[%i5+%g4]
-/* 0x07dc	 712 (21 24) */		fmuld	%f0,%f16,%f0
-/* 0x07e0	 713 (22 25) */		fdtox	%f6,%f6
-/* 0x07e4	 714 (22 23) */		std	%f6,[%i4+%g4]
-/* 0x07e8	 715 (23 26) */		fdtox	%f4,%f4
-/* 0x07ec	 716 (23 24) */		std	%f4,[%i1+%g4]
-/* 0x07f0	 717 (24 27) */		fdtox	%f2,%f2
-/* 0x07f4	 718 (24 25) */		std	%f2,[%o4+%g4]
-/* 0x07f8	 719 (25 28) */		fdtox	%f0,%f0
-/* 0x07fc	 720 (25 26) */		bg,pn	%icc,.L77000043	! tprob=0.50
-/* 0x0800	     (25 26) */		std	%f0,[%o3+%g4]
-
-!
-! ENTRY .L77000077
-!
-
-                                   .L77000077:		/* frequency 1.0 confidence 0.0 */
-/* 0x0804	 723 ( 0  3) */		ldd	[%i2+%o1],%f0
-
-!
-! ENTRY .L900000155
-!
-
-                                   .L900000155:		/* frequency 1.0 confidence 0.0 */
-/* 0x0808	 725 ( 0  2) */		fxnor	%f14,%f0,%f0
-/* 0x080c	 726 ( 0  1) */		sra	%i0,0,%o1
-/* 0x0810	 727 ( 0  1) */		add	%o0,1,%o0
-/* 0x0814	 728 ( 1  2) */		sllx	%o1,3,%i4
-/* 0x0818	 729 ( 1  2) */		add	%i0,2,%i0
-/* 0x081c	 730 ( 2  5) */		fitod	%f0,%f2
-/* 0x0820	 731 ( 2  3) */		sra	%g3,0,%o1
-/* 0x0824	 732 ( 2  3) */		add	%g3,2,%g3
-/* 0x0828	 733 ( 3  6) */		fitod	%f1,%f0
-/* 0x082c	 734 ( 3  4) */		sllx	%o1,3,%i1
-/* 0x0830	 735 ( 3  4) */		subcc	%o0,%g2,%g0
-/* 0x0834	 736 ( 4  5) */		sra	%o0,0,%o2
-/* 0x0838	 737 ( 5  8) */		fsubd	%f18,%f2,%f2
-/* 0x083c	 738 ( 5  6) */		sllx	%o2,3,%o1
-/* 0x0840	 739 ( 6  9) */		fsubd	%f18,%f0,%f0
-/* 0x0844	 740 ( 8 11) */		fmuld	%f2,%f16,%f2
-/* 0x0848	 741 ( 9 12) */		fmuld	%f0,%f16,%f0
-/* 0x084c	 742 (11 14) */		fdtox	%f2,%f2
-/* 0x0850	 743 (11 12) */		std	%f2,[%i4+%g4]
-/* 0x0854	 744 (12 15) */		fdtox	%f0,%f0
-/* 0x0858	 745 (12 13) */		std	%f0,[%i1+%g4]
-/* 0x085c	 746 (12 13) */		ble,a,pt	%icc,.L900000155	! tprob=0.50
-/* 0x0860	     (14 17) */		ldd	[%i2+%o1],%f0
-
-!
-! ENTRY .L77000043
-!
-
-                                   .L77000043:		/* frequency 1.0 confidence 0.0 */
-/* 0x0864	 754 ( 0  1) */		subcc	%i3,0,%g0
-
-!
-! ENTRY .L900000156
-!
-
-                                   .L900000156:		/* frequency 1.0 confidence 0.0 */
-/* 0x0868	 756 ( 0  1) */		ble,a,pt	%icc,.L77000061	! tprob=0.50
-/* 0x086c	     ( 0  1) */		or	%g0,%g5,%o3
-/* 0x0870	 761 ( 0  2) */		ldx	[%fp-209],%i1
-/* 0x0874	 762 ( 1  2) */		sub	%i3,1,%g3
-/* 0x0878	 763 ( 1  2) */		or	%g0,0,%i0
-/* 0x087c	 764 ( 2  3) */		subcc	%i3,5,%g0
-/* 0x0880	 765 ( 2  3) */		bl,pn	%icc,.L77000078	! tprob=0.50
-/* 0x0884	     ( 2  4) */		ldx	[%fp-217],%i2
-/* 0x0888	 767 ( 3  6) */		ld	[%o5],%i3
-/* 0x088c	 768 ( 3  4) */		or	%g0,8,%g2
-/* 0x0890	 769 ( 3  4) */		or	%g0,16,%o4
-/* 0x0894	 770 ( 4  5) */		sub	%g3,1,%o3
-/* 0x0898	 771 ( 4  5) */		or	%g0,3,%i0
-/* 0x089c	 772 ( 5  6) */		add	%i2,%i3,%o1
-/* 0x08a0	 773 ( 5  8) */		ld	[%o5+4],%i2
-/* 0x08a4	 774 ( 6  7) */		st	%o1,[%o7]
-/* 0x08a8	 775 ( 6  7) */		srax	%o1,32,%o1
-/* 0x08ac	 776 ( 7  9) */		ldx	[%fp-201],%o2
-/* 0x08b0	 777 ( 7  8) */		add	%i1,%i2,%o0
-/* 0x08b4	 778 ( 7  8) */		or	%g0,%o1,%i1
-/* 0x08b8	 779 ( 8 11) */		ld	[%o5+8],%o1
-/* 0x08bc	 780 ( 8  9) */		add	%o0,%i1,%o0
-/* 0x08c0	 781 ( 9 10) */		st	%o0,[%o7+4]
-/* 0x08c4	 782 ( 9 10) */		srax	%o0,32,%o0
-
-!
-! ENTRY .L900000140
-!
-
-                                   .L900000140:		/* frequency 1.0 confidence 0.0 */
-/* 0x08c8	 784 ( 0  1) */		add	%g2,4,%i1
-/* 0x08cc	 785 ( 0  1) */		add	%o4,8,%o4
-/* 0x08d0	 786 ( 1  3) */		ldx	[%o4+%g4],%i2
-/* 0x08d4	 787 ( 1  2) */		sra	%o0,0,%g5
-/* 0x08d8	 788 ( 1  2) */		add	%o2,%o1,%o1
-/* 0x08dc	 789 ( 2  5) */		ld	[%o5+%i1],%o0
-/* 0x08e0	 790 ( 2  3) */		add	%o1,%g5,%o1
-/* 0x08e4	 791 ( 2  3) */		add	%i0,2,%i0
-/* 0x08e8	 792 ( 3  4) */		st	%o1,[%o7+%g2]
-/* 0x08ec	 793 ( 3  4) */		srax	%o1,32,%g5
-/* 0x08f0	 794 ( 3  4) */		subcc	%i0,%o3,%g0
-/* 0x08f4	 795 ( 4  5) */		add	%g2,8,%g2
-/* 0x08f8	 796 ( 4  5) */		add	%o4,8,%o4
-/* 0x08fc	 797 ( 5  7) */		ldx	[%o4+%g4],%o2
-/* 0x0900	 798 ( 5  6) */		add	%i2,%o0,%o0
-/* 0x0904	 799 ( 6  9) */		ld	[%o5+%g2],%o1
-/* 0x0908	 800 ( 6  7) */		add	%o0,%g5,%o0
-/* 0x090c	 801 ( 7  8) */		st	%o0,[%o7+%i1]
-/* 0x0910	 802 ( 7  8) */		ble,pt	%icc,.L900000140	! tprob=0.50
-/* 0x0914	     ( 7  8) */		srax	%o0,32,%o0
-
-!
-! ENTRY .L900000143
-!
-
-                                   .L900000143:		/* frequency 1.0 confidence 0.0 */
-/* 0x0918	 805 ( 0  1) */		sra	%o0,0,%o3
-/* 0x091c	 806 ( 0  1) */		add	%o2,%o1,%o0
-/* 0x0920	 807 ( 1  2) */		add	%o0,%o3,%o0
-/* 0x0924	 808 ( 1  2) */		st	%o0,[%o7+%g2]
-/* 0x0928	 809 ( 1  2) */		subcc	%i0,%g3,%g0
-/* 0x092c	 810 ( 2  3) */		srax	%o0,32,%g5
-/* 0x0930	 811 ( 2  3) */		bg,a,pn	%icc,.L77000061	! tprob=0.50
-/* 0x0934	     ( 3  4) */		or	%g0,%g5,%o3
-
-!
-! ENTRY .L77000078
-!
-
-                                   .L77000078:		/* frequency 1.0 confidence 0.0 */
-/* 0x0938	 814 ( 0  1) */		sra	%i0,0,%o0
-
-!
-! ENTRY .L900000154
-!
-
-                                   .L900000154:		/* frequency 1.0 confidence 0.0 */
-/* 0x093c	 816 ( 0  1) */		sllx	%o0,2,%g2
-/* 0x0940	 817 ( 0  1) */		add	%i0,1,%i0
-/* 0x0944	 818 ( 1  2) */		sllx	%o0,3,%o4
-/* 0x0948	 819 ( 1  4) */		ld	[%o5+%g2],%o2
-/* 0x094c	 820 ( 1  2) */		subcc	%i0,%g3,%g0
-/* 0x0950	 821 ( 2  4) */		ldx	[%o4+%g4],%o0
-/* 0x0954	 822 ( 2  3) */		sra	%g5,0,%o1
-/* 0x0958	 823 ( 4  5) */		add	%o0,%o2,%o0
-/* 0x095c	 824 ( 5  6) */		add	%o0,%o1,%o0
-/* 0x0960	 825 ( 5  6) */		st	%o0,[%o7+%g2]
-/* 0x0964	 826 ( 6  7) */		srax	%o0,32,%g5
-/* 0x0968	 827 ( 6  7) */		ble,pt	%icc,.L900000154	! tprob=0.50
-/* 0x096c	     ( 7  8) */		sra	%i0,0,%o0
-
-!
-! ENTRY .L77000047
-!
-
-                                   .L77000047:		/* frequency 1.0 confidence 0.0 */
-/* 0x0970	 834 ( 0  1) */		or	%g0,%g5,%o3
-
-!
-! ENTRY .L77000061
-!
-
-                                  .L77000061:		/* frequency 1.0 confidence 0.0 */
-
-/* 0x0974	 835 ( 1  2) */		srl	%o3,0,%i0
-/* 0x0978	     ( 2  4) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x097c	     ( 4  5) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000048
-!
-
-                                   .L77000048:		/* frequency 1.0 confidence 0.0 */
-/* 0x0980	 844 ( 0  1) */		bne,pn	%icc,.L77000050	! tprob=0.50
-/* 0x0984	     ( 0  1) */		sethi	%hi(0xfff80000),%g2
-/* 0x0988	 854 ( 0  3) */		ldd	[%o2],%f4
-/* 0x098c	 855 ( 1  4) */		ldd	[%o0],%f6
-/* 0x0990	 856 ( 1  2) */		srl	%i4,19,%g3
-/* 0x0994	 857 ( 1  2) */		andn	%i4,%g2,%g2
-/* 0x0998	 858 ( 2  3) */		st	%g3,[%sp+2351]
-/* 0x099c	 859 ( 2  4) */		fxnor	%f0,%f4,%f4
-/* 0x09a0	 860 ( 3  4) */		st	%g2,[%sp+2355]
-/* 0x09a4	 861 ( 4  7) */		ldd	[%o2+8],%f12
-/* 0x09a8	 862 ( 4  7) */		fitod	%f4,%f10
-/* 0x09ac	 863 ( 5  8) */		ldd	[%o0+8],%f16
-/* 0x09b0	 864 ( 5  8) */		fitod	%f5,%f4
-/* 0x09b4	 865 ( 6  9) */		ldd	[%o2+16],%f18
-/* 0x09b8	 866 ( 6  8) */		fxnor	%f0,%f12,%f12
-/* 0x09bc	 867 ( 7 10) */		ld	[%sp+2351],%f9
-/* 0x09c0	 868 ( 7 10) */		fsubd	%f16,%f10,%f10
-/* 0x09c4	 869 ( 8 11) */		ld	[%sp+2355],%f15
-/* 0x09c8	 870 ( 8 11) */		fitod	%f12,%f22
-/* 0x09cc	 871 ( 9 12) */		ldd	[%o2+24],%f20
-/* 0x09d0	 872 ( 9 12) */		fitod	%f13,%f12
-/* 0x09d4	 876 (10 13) */		ld	[%i1],%g2
-/* 0x09d8	 877 (10 13) */		fsubd	%f16,%f4,%f4
-/* 0x09dc	 878 (11 14) */		ld	[%i1+4],%g3
-/* 0x09e0	 879 (11 14) */		fsubd	%f16,%f22,%f22
-/* 0x09e4	 880 (12 15) */		ld	[%i1+8],%g4
-/* 0x09e8	 881 (12 14) */		fxnor	%f0,%f18,%f18
-/* 0x09ec	 882 (13 16) */		ld	[%i1+12],%g5
-/* 0x09f0	 883 (13 16) */		fsubd	%f16,%f12,%f12
-/* 0x09f4	 884 (14 17) */		ld	[%i1+16],%o0
-/* 0x09f8	 885 (14 17) */		fitod	%f18,%f26
-/* 0x09fc	 886 (15 18) */		ld	[%i1+20],%o1
-/* 0x0a00	 887 (15 17) */		fxnor	%f0,%f20,%f20
-/* 0x0a04	 888 (16 19) */		ld	[%i1+24],%o2
-/* 0x0a08	 889 (17 20) */		ld	[%i1+28],%o3
-/* 0x0a0c	 890 (19 20) */		fmovs	%f6,%f8
-/* 0x0a10	 891 (20 21) */		fmovs	%f6,%f14
-/* 0x0a14	 892 (22 25) */		fsubd	%f8,%f6,%f8
-/* 0x0a18	 893 (23 26) */		fsubd	%f14,%f6,%f6
-/* 0x0a1c	 894 (25 28) */		fmuld	%f10,%f8,%f14
-/* 0x0a20	 895 (26 29) */		fmuld	%f10,%f6,%f10
-/* 0x0a24	 896 (27 30) */		fmuld	%f4,%f8,%f24
-/* 0x0a28	 897 (28 31) */		fdtox	%f14,%f14
-/* 0x0a2c	 898 (28 29) */		std	%f14,[%sp+2335]
-/* 0x0a30	 899 (28 31) */		fmuld	%f22,%f8,%f28
-/* 0x0a34	 900 (29 32) */		fitod	%f19,%f14
-/* 0x0a38	 901 (29 32) */		fmuld	%f22,%f6,%f18
-/* 0x0a3c	 902 (30 33) */		fdtox	%f10,%f10
-/* 0x0a40	 903 (30 31) */		std	%f10,[%sp+2343]
-/* 0x0a44	 904 (30 33) */		fmuld	%f4,%f6,%f4
-/* 0x0a48	 905 (31 34) */		fmuld	%f12,%f8,%f22
-/* 0x0a4c	 906 (32 35) */		fdtox	%f18,%f18
-/* 0x0a50	 907 (32 33) */		std	%f18,[%sp+2311]
-/* 0x0a54	 908 (32 35) */		fmuld	%f12,%f6,%f10
-/* 0x0a58	 909 (33 35) */		ldx	[%sp+2335],%o4
-/* 0x0a5c	 910 (33 36) */		fdtox	%f24,%f12
-/* 0x0a60	 911 (34 35) */		std	%f12,[%sp+2319]
-/* 0x0a64	 912 (34 37) */		fsubd	%f16,%f26,%f12
-/* 0x0a68	 913 (35 37) */		ldx	[%sp+2343],%o5
-/* 0x0a6c	 914 (35 36) */		sllx	%o4,19,%o4
-/* 0x0a70	 915 (35 38) */		fdtox	%f4,%f4
-/* 0x0a74	 916 (36 37) */		std	%f4,[%sp+2327]
-/* 0x0a78	 917 (36 39) */		fdtox	%f28,%f24
-/* 0x0a7c	 918 (37 38) */		std	%f24,[%sp+2303]
-/* 0x0a80	 919 (37 40) */		fitod	%f20,%f4
-/* 0x0a84	 920 (37 38) */		add	%o5,%o4,%o4
-/* 0x0a88	 921 (37 40) */		fmuld	%f12,%f8,%f24
-/* 0x0a8c	 922 (38 40) */		ldx	[%sp+2319],%o7
-/* 0x0a90	 923 (38 41) */		fsubd	%f16,%f14,%f14
-/* 0x0a94	 924 (38 39) */		add	%o4,%g2,%o4
-/* 0x0a98	 925 (38 41) */		fmuld	%f12,%f6,%f12
-/* 0x0a9c	 926 (39 41) */		ldx	[%sp+2327],%o5
-/* 0x0aa0	 927 (39 42) */		fitod	%f21,%f18
-/* 0x0aa4	 928 (40 41) */		st	%o4,[%i0]
-/* 0x0aa8	 929 (40 41) */		sllx	%o7,19,%o7
-/* 0x0aac	 930 (40 43) */		fdtox	%f22,%f20
-/* 0x0ab0	 931 (41 42) */		std	%f20,[%sp+2287]
-/* 0x0ab4	 932 (41 44) */		fdtox	%f10,%f10
-/* 0x0ab8	 933 (41 42) */		add	%o5,%o7,%o5
-/* 0x0abc	 934 (41 44) */		fmuld	%f14,%f8,%f20
-/* 0x0ac0	 935 (42 43) */		std	%f10,[%sp+2295]
-/* 0x0ac4	 936 (42 43) */		srlx	%o4,32,%o7
-/* 0x0ac8	 937 (42 45) */		fsubd	%f16,%f4,%f4
-/* 0x0acc	 938 (42 45) */		fmuld	%f14,%f6,%f14
-/* 0x0ad0	 939 (43 45) */		ldx	[%sp+2311],%g2
-/* 0x0ad4	 940 (43 46) */		fdtox	%f24,%f10
-/* 0x0ad8	 941 (43 44) */		add	%o5,%g3,%g3
-/* 0x0adc	 942 (44 45) */		std	%f10,[%sp+2271]
-/* 0x0ae0	 943 (44 45) */		add	%g3,%o7,%g3
-/* 0x0ae4	 944 (44 47) */		fdtox	%f12,%f12
-/* 0x0ae8	 945 (45 47) */		ldx	[%sp+2303],%l0
-/* 0x0aec	 946 (45 48) */		fsubd	%f16,%f18,%f10
-/* 0x0af0	 947 (45 48) */		fmuld	%f4,%f8,%f16
-/* 0x0af4	 948 (46 47) */		std	%f12,[%sp+2279]
-/* 0x0af8	 949 (46 49) */		fdtox	%f20,%f12
-/* 0x0afc	 950 (46 49) */		fmuld	%f4,%f6,%f4
-/* 0x0b00	 951 (47 48) */		std	%f12,[%sp+2255]
-/* 0x0b04	 952 (47 48) */		sllx	%l0,19,%l0
-/* 0x0b08	 953 (47 50) */		fdtox	%f14,%f12
-/* 0x0b0c	 954 (48 50) */		ldx	[%sp+2287],%o5
-/* 0x0b10	 955 (48 49) */		add	%g2,%l0,%g2
-/* 0x0b14	 956 (48 51) */		fmuld	%f10,%f8,%f8
-/* 0x0b18	 957 (49 51) */		ldx	[%sp+2295],%l1
-/* 0x0b1c	 958 (49 50) */		srlx	%g3,32,%l0
-/* 0x0b20	 959 (49 50) */		add	%g2,%g4,%g4
-/* 0x0b24	 960 (49 52) */		fmuld	%f10,%f6,%f6
-/* 0x0b28	 961 (50 51) */		std	%f12,[%sp+2263]
-/* 0x0b2c	 962 (50 51) */		sllx	%o5,19,%g2
-/* 0x0b30	 963 (50 51) */		add	%g4,%l0,%g4
-/* 0x0b34	 964 (51 53) */		ldx	[%sp+2279],%l0
-/* 0x0b38	 965 (51 52) */		srlx	%g4,32,%o5
-/* 0x0b3c	 966 (51 52) */		add	%l1,%g2,%g2
-/* 0x0b40	 967 (52 53) */		st	%g3,[%i0+4]
-/* 0x0b44	 968 (52 53) */		add	%g2,%g5,%g2
-/* 0x0b48	 969 (52 55) */		fdtox	%f16,%f10
-/* 0x0b4c	 970 (53 55) */		ldx	[%sp+2271],%o7
-/* 0x0b50	 971 (53 54) */		add	%g2,%o5,%g2
-/* 0x0b54	 972 (53 56) */		fdtox	%f4,%f4
-/* 0x0b58	 973 (54 55) */		std	%f10,[%sp+2239]
-/* 0x0b5c	 974 (55 56) */		sllx	%o7,19,%o7
-/* 0x0b60	 975 (55 56) */		std	%f4,[%sp+2247]
-/* 0x0b64	 976 (55 58) */		fdtox	%f8,%f4
-/* 0x0b68	 977 (56 57) */		add	%l0,%o7,%o7
-/* 0x0b6c	 978 (56 58) */		ldx	[%sp+2263],%o5
-/* 0x0b70	 979 (57 58) */		add	%o7,%o0,%o0
-/* 0x0b74	 980 (57 58) */		std	%f4,[%sp+2223]
-/* 0x0b78	 981 (57 60) */		fdtox	%f6,%f4
-/* 0x0b7c	 982 (58 60) */		ldx	[%sp+2255],%g5
-/* 0x0b80	 983 (58 59) */		srlx	%g2,32,%o7
-/* 0x0b84	 984 (59 60) */		std	%f4,[%sp+2231]
-/* 0x0b88	 985 (59 60) */		add	%o0,%o7,%o0
-/* 0x0b8c	 986 (60 61) */		sllx	%g5,19,%g5
-/* 0x0b90	 987 (60 62) */		ldx	[%sp+2247],%l1
-/* 0x0b94	 988 (61 62) */		add	%o5,%g5,%g5
-/* 0x0b98	 989 (61 62) */		st	%g2,[%i0+12]
-/* 0x0b9c	 990 (62 64) */		ldx	[%sp+2239],%l0
-/* 0x0ba0	 991 (62 63) */		srlx	%o0,32,%o4
-/* 0x0ba4	 992 (62 63) */		add	%g5,%o1,%o1
-/* 0x0ba8	 993 (63 64) */		add	%o1,%o4,%o1
-/* 0x0bac	 994 (63 65) */		ldx	[%sp+2223],%o7
-/* 0x0bb0	 995 (64 65) */		sllx	%l0,19,%g3
-/* 0x0bb4	 996 (64 66) */		ldx	[%sp+2231],%o5
-/* 0x0bb8	 997 (65 66) */		add	%l1,%g3,%o4
-/* 0x0bbc	 998 (65 66) */		st	%o0,[%i0+16]
-/* 0x0bc0	 999 (66 67) */		add	%o4,%o2,%o2
-/* 0x0bc4	1000 (66 67) */		st	%o1,[%i0+20]
-/* 0x0bc8	1001 (67 68) */		srlx	%o1,32,%o4
-/* 0x0bcc	1002 (67 68) */		st	%g4,[%i0+8]
-/* 0x0bd0	1003 (68 69) */		sllx	%o7,19,%g2
-/* 0x0bd4	1004 (68 69) */		add	%o2,%o4,%o4
-/* 0x0bd8	1005 (68 69) */		st	%o4,[%i0+24]
-/* 0x0bdc	1006 (69 70) */		add	%o5,%g2,%g2
-/* 0x0be0	1007 (70 71) */		srlx	%o4,32,%g3
-/* 0x0be4	1008 (70 71) */		add	%g2,%o3,%g2
-/* 0x0be8	1009 (71 72) */		add	%g2,%g3,%g2
-/* 0x0bec	1010 (71 72) */		st	%g2,[%i0+28]
-/* 0x0bf0	1014 (72 73) */		srlx	%g2,32,%o3
-/* 0x0bf4	1015 (73 74) */		srl	%o3,0,%i0
-/* 0x0bf8	     (74 76) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x0bfc	     (76 77) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000050
-!
-
-                                   .L77000050:		/* frequency 1.0 confidence 0.0 */
-/* 0x0c00	1022 ( 0  1) */		subcc	%i3,16,%g0
-/* 0x0c04	1023 ( 0  1) */		bne,pn	%icc,.L77000073	! tprob=0.50
-/* 0x0c08	     ( 0  1) */		sethi	%hi(0xfff80000),%g2
-/* 0x0c0c	1034 ( 1  4) */		ldd	[%o2],%f4
-/* 0x0c10	1035 ( 1  2) */		andn	%i4,%g2,%g2
-/* 0x0c14	1036 ( 2  3) */		st	%g2,[%sp+2483]
-/* 0x0c18	1037 ( 2  3) */		srl	%i4,19,%g2
-/* 0x0c1c	1038 ( 3  4) */		st	%g2,[%sp+2479]
-/* 0x0c20	1039 ( 3  5) */		fxnor	%f0,%f4,%f4
-/* 0x0c24	1040 ( 4  7) */		ldd	[%o0],%f8
-/* 0x0c28	1041 ( 5  8) */		fitod	%f4,%f10
-/* 0x0c2c	1042 ( 5  8) */		ldd	[%o0+8],%f16
-/* 0x0c30	1043 ( 6  9) */		ldd	[%o2+8],%f14
-/* 0x0c34	1044 ( 6  9) */		fitod	%f5,%f4
-/* 0x0c38	1045 ( 7 10) */		ld	[%sp+2483],%f13
-/* 0x0c3c	1046 ( 8 11) */		ld	[%sp+2479],%f7
-/* 0x0c40	1047 ( 8 11) */		fsubd	%f16,%f10,%f10
-/* 0x0c44	1048 ( 9 11) */		fxnor	%f0,%f14,%f14
-/* 0x0c48	1049 (10 13) */		fsubd	%f16,%f4,%f4
-/* 0x0c4c	1050 (14 15) */		fmovs	%f8,%f12
-/* 0x0c50	1051 (15 16) */		fmovs	%f8,%f6
-/* 0x0c54	1052 (17 20) */		fsubd	%f12,%f8,%f12
-/* 0x0c58	1053 (18 21) */		fsubd	%f6,%f8,%f6
-/* 0x0c5c	1054 (19 22) */		fitod	%f14,%f8
-/* 0x0c60	1055 (20 23) */		fmuld	%f10,%f12,%f18
-/* 0x0c64	1056 (20 23) */		fitod	%f15,%f14
-/* 0x0c68	1057 (21 24) */		fmuld	%f10,%f6,%f10
-/* 0x0c6c	1058 (22 25) */		fsubd	%f16,%f8,%f8
-/* 0x0c70	1059 (22 25) */		fmuld	%f4,%f12,%f20
-/* 0x0c74	1060 (23 26) */		fmuld	%f4,%f6,%f4
-/* 0x0c78	1061 (23 26) */		fsubd	%f16,%f14,%f14
-/* 0x0c7c	1062 (24 27) */		fdtox	%f10,%f10
-/* 0x0c80	1063 (24 25) */		std	%f10,[%sp+2463]
-/* 0x0c84	1064 (25 28) */		fmuld	%f8,%f12,%f10
-/* 0x0c88	1065 (25 28) */		fdtox	%f18,%f18
-/* 0x0c8c	1066 (25 26) */		std	%f18,[%sp+2471]
-/* 0x0c90	1067 (26 29) */		fmuld	%f8,%f6,%f8
-/* 0x0c94	1068 (26 29) */		fdtox	%f4,%f4
-/* 0x0c98	1069 (26 27) */		std	%f4,[%sp+2447]
-/* 0x0c9c	1070 (27 30) */		fmuld	%f14,%f12,%f4
-/* 0x0ca0	1071 (27 30) */		fdtox	%f20,%f18
-/* 0x0ca4	1072 (27 28) */		std	%f18,[%sp+2455]
-/* 0x0ca8	1073 (28 31) */		fdtox	%f10,%f10
-/* 0x0cac	1074 (28 29) */		std	%f10,[%sp+2439]
-/* 0x0cb0	1075 (28 31) */		fmuld	%f14,%f6,%f14
-/* 0x0cb4	1076 (29 32) */		fdtox	%f8,%f8
-/* 0x0cb8	1077 (29 30) */		std	%f8,[%sp+2431]
-/* 0x0cbc	1078 (30 33) */		ldd	[%o2+16],%f10
-/* 0x0cc0	1079 (30 33) */		fdtox	%f4,%f4
-/* 0x0cc4	1080 (31 34) */		ldd	[%o2+24],%f8
-/* 0x0cc8	1081 (31 34) */		fdtox	%f14,%f14
-/* 0x0ccc	1082 (32 33) */		std	%f4,[%sp+2423]
-/* 0x0cd0	1083 (32 34) */		fxnor	%f0,%f10,%f10
-/* 0x0cd4	1084 (33 35) */		fxnor	%f0,%f8,%f4
-/* 0x0cd8	1085 (33 34) */		std	%f14,[%sp+2415]
-/* 0x0cdc	1086 (34 37) */		fitod	%f10,%f8
-/* 0x0ce0	1087 (35 38) */		fitod	%f11,%f10
-/* 0x0ce4	1088 (36 39) */		fitod	%f4,%f14
-/* 0x0ce8	1089 (37 40) */		fsubd	%f16,%f8,%f8
-/* 0x0cec	1090 (38 41) */		fsubd	%f16,%f10,%f10
-/* 0x0cf0	1091 (39 42) */		fsubd	%f16,%f14,%f14
-/* 0x0cf4	1092 (40 43) */		fmuld	%f8,%f12,%f18
-/* 0x0cf8	1093 (40 43) */		fitod	%f5,%f4
-/* 0x0cfc	1094 (41 44) */		fmuld	%f8,%f6,%f8
-/* 0x0d00	1095 (42 45) */		fmuld	%f10,%f12,%f20
-/* 0x0d04	1096 (43 46) */		fmuld	%f10,%f6,%f10
-/* 0x0d08	1097 (43 46) */		fsubd	%f16,%f4,%f4
-/* 0x0d0c	1098 (44 47) */		fdtox	%f8,%f8
-/* 0x0d10	1099 (44 45) */		std	%f8,[%sp+2399]
-/* 0x0d14	1100 (45 48) */		fmuld	%f14,%f12,%f8
-/* 0x0d18	1101 (45 48) */		fdtox	%f18,%f18
-/* 0x0d1c	1102 (45 46) */		std	%f18,[%sp+2407]
-/* 0x0d20	1103 (46 49) */		fdtox	%f10,%f10
-/* 0x0d24	1104 (46 47) */		std	%f10,[%sp+2383]
-/* 0x0d28	1105 (46 49) */		fmuld	%f14,%f6,%f14
-/* 0x0d2c	1106 (47 50) */		fmuld	%f4,%f12,%f10
-/* 0x0d30	1107 (47 50) */		fdtox	%f20,%f18
-/* 0x0d34	1108 (47 48) */		std	%f18,[%sp+2391]
-/* 0x0d38	1109 (48 51) */		fdtox	%f8,%f8
-/* 0x0d3c	1110 (48 49) */		std	%f8,[%sp+2375]
-/* 0x0d40	1111 (48 51) */		fmuld	%f4,%f6,%f4
-/* 0x0d44	1112 (49 52) */		fdtox	%f14,%f14
-/* 0x0d48	1113 (49 50) */		std	%f14,[%sp+2367]
-/* 0x0d4c	1117 (50 53) */		ldd	[%o2+32],%f8
-/* 0x0d50	1118 (50 53) */		fdtox	%f10,%f10
-/* 0x0d54	1119 (51 54) */		fdtox	%f4,%f4
-/* 0x0d58	1120 (51 52) */		std	%f4,[%sp+2351]
-/* 0x0d5c	1121 (52 54) */		fxnor	%f0,%f8,%f8
-/* 0x0d60	1122 (52 55) */		ldd	[%o2+40],%f14
-/* 0x0d64	1123 (53 54) */		std	%f10,[%sp+2359]
-/* 0x0d68	1124 (54 57) */		fitod	%f8,%f4
-/* 0x0d6c	1125 (55 57) */		fxnor	%f0,%f14,%f10
-/* 0x0d70	1126 (56 59) */		fitod	%f9,%f8
-/* 0x0d74	1127 (57 60) */		fsubd	%f16,%f4,%f4
-/* 0x0d78	1128 (58 61) */		fitod	%f10,%f14
-/* 0x0d7c	1129 (59 62) */		fsubd	%f16,%f8,%f8
-/* 0x0d80	1130 (60 63) */		fmuld	%f4,%f12,%f18
-/* 0x0d84	1131 (60 63) */		fitod	%f11,%f10
-/* 0x0d88	1132 (61 64) */		fmuld	%f4,%f6,%f4
-/* 0x0d8c	1133 (61 64) */		fsubd	%f16,%f14,%f14
-/* 0x0d90	1134 (62 65) */		fmuld	%f8,%f12,%f20
-/* 0x0d94	1135 (63 66) */		fmuld	%f8,%f6,%f8
-/* 0x0d98	1136 (63 66) */		fsubd	%f16,%f10,%f10
-/* 0x0d9c	1137 (64 67) */		fdtox	%f4,%f4
-/* 0x0da0	1138 (64 65) */		std	%f4,[%sp+2335]
-/* 0x0da4	1139 (65 68) */		fmuld	%f14,%f12,%f4
-/* 0x0da8	1140 (65 68) */		fdtox	%f18,%f18
-/* 0x0dac	1141 (65 66) */		std	%f18,[%sp+2343]
-/* 0x0db0	1142 (66 69) */		fdtox	%f8,%f8
-/* 0x0db4	1143 (66 67) */		std	%f8,[%sp+2319]
-/* 0x0db8	1144 (66 69) */		fmuld	%f14,%f6,%f14
-/* 0x0dbc	1145 (67 70) */		fmuld	%f10,%f12,%f8
-/* 0x0dc0	1146 (67 70) */		fdtox	%f20,%f18
-/* 0x0dc4	1147 (67 68) */		std	%f18,[%sp+2327]
-/* 0x0dc8	1148 (68 71) */		fdtox	%f4,%f4
-/* 0x0dcc	1149 (68 69) */		std	%f4,[%sp+2311]
-/* 0x0dd0	1150 (68 71) */		fmuld	%f10,%f6,%f10
-/* 0x0dd4	1151 (69 72) */		fdtox	%f14,%f14
-/* 0x0dd8	1152 (69 70) */		std	%f14,[%sp+2303]
-/* 0x0ddc	1153 (70 73) */		ldd	[%o2+48],%f4
-/* 0x0de0	1154 (70 73) */		fdtox	%f8,%f8
-/* 0x0de4	1155 (71 74) */		fdtox	%f10,%f10
-/* 0x0de8	1156 (71 72) */		std	%f10,[%sp+2287]
-/* 0x0dec	1157 (72 74) */		fxnor	%f0,%f4,%f4
-/* 0x0df0	1158 (72 75) */		ldd	[%o2+56],%f14
-/* 0x0df4	1159 (73 74) */		std	%f8,[%sp+2295]
-/* 0x0df8	1160 (74 77) */		fitod	%f4,%f10
-/* 0x0dfc	1161 (75 78) */		fitod	%f5,%f4
-/* 0x0e00	1162 (76 78) */		fxnor	%f0,%f14,%f8
-/* 0x0e04	1163 (77 80) */		fsubd	%f16,%f10,%f10
-/* 0x0e08	1164 (78 81) */		fsubd	%f16,%f4,%f4
-/* 0x0e0c	1165 (79 82) */		fitod	%f8,%f14
-/* 0x0e10	1166 (80 83) */		fmuld	%f10,%f12,%f18
-/* 0x0e14	1167 (80 83) */		fitod	%f9,%f8
-/* 0x0e18	1168 (81 84) */		fmuld	%f10,%f6,%f10
-/* 0x0e1c	1169 (82 85) */		fmuld	%f4,%f12,%f20
-/* 0x0e20	1170 (82 85) */		fsubd	%f16,%f14,%f14
-/* 0x0e24	1171 (83 86) */		fdtox	%f18,%f18
-/* 0x0e28	1172 (83 84) */		std	%f18,[%sp+2279]
-/* 0x0e2c	1173 (83 86) */		fmuld	%f4,%f6,%f4
-/* 0x0e30	1174 (84 87) */		fdtox	%f10,%f10
-/* 0x0e34	1175 (84 85) */		std	%f10,[%sp+2271]
-/* 0x0e38	1176 (85 88) */		fdtox	%f20,%f10
-/* 0x0e3c	1177 (85 86) */		std	%f10,[%sp+2263]
-/* 0x0e40	1178 (86 89) */		fdtox	%f4,%f4
-/* 0x0e44	1179 (86 87) */		std	%f4,[%sp+2255]
-/* 0x0e48	1180 (86 89) */		fmuld	%f14,%f12,%f10
-/* 0x0e4c	1181 (87 90) */		fmuld	%f14,%f6,%f4
-/* 0x0e50	1182 (89 92) */		fdtox	%f10,%f10
-/* 0x0e54	1183 (89 90) */		std	%f10,[%sp+2247]
-/* 0x0e58	1184 (90 93) */		fdtox	%f4,%f4
-/* 0x0e5c	1185 (90 91) */		std	%f4,[%sp+2239]
-/* 0x0e60	1189 (91 93) */		ldx	[%sp+2463],%g2
-/* 0x0e64	1190 (91 94) */		fsubd	%f16,%f8,%f4
-/* 0x0e68	1191 (92 94) */		ldx	[%sp+2471],%g3
-/* 0x0e6c	1192 (93 96) */		ld	[%i1],%g4
-/* 0x0e70	1193 (93 94) */		sllx	%g2,19,%g2
-/* 0x0e74	1194 (94 96) */		ldx	[%sp+2455],%g5
-/* 0x0e78	1195 (94 95) */		add	%g3,%g2,%g2
-/* 0x0e7c	1196 (94 97) */		fmuld	%f4,%f6,%f6
-/* 0x0e80	1197 (95 97) */		ldx	[%sp+2447],%g3
-/* 0x0e84	1198 (95 96) */		add	%g2,%g4,%g4
-/* 0x0e88	1199 (95 98) */		fmuld	%f4,%f12,%f4
-/* 0x0e8c	1200 (96 97) */		st	%g4,[%i0]
-/* 0x0e90	1201 (96 97) */		srlx	%g4,32,%g4
-/* 0x0e94	1202 (97 100) */		ld	[%i1+8],%o0
-/* 0x0e98	1203 (97 98) */		sllx	%g3,19,%g2
-/* 0x0e9c	1204 (97 100) */		fdtox	%f6,%f6
-/* 0x0ea0	1205 (98 101) */		ld	[%i1+4],%g3
-/* 0x0ea4	1206 (98 99) */		add	%g5,%g2,%g2
-/* 0x0ea8	1207 (98 101) */		fdtox	%f4,%f4
-/* 0x0eac	1208 (99 101) */		ldx	[%sp+2439],%g5
-/* 0x0eb0	1209 (100 103) */		ld	[%i1+12],%o1
-/* 0x0eb4	1210 (100 101) */		add	%g2,%g3,%g2
-/* 0x0eb8	1211 (101 103) */		ldx	[%sp+2431],%g3
-/* 0x0ebc	1212 (101 102) */		add	%g2,%g4,%g4
-/* 0x0ec0	1213 (102 103) */		st	%g4,[%i0+4]
-/* 0x0ec4	1214 (103 104) */		std	%f6,[%sp+2223]
-/* 0x0ec8	1215 (103 104) */		sllx	%g3,19,%g2
-/* 0x0ecc	1216 (104 106) */		ldx	[%sp+2423],%g3
-/* 0x0ed0	1217 (104 105) */		add	%g5,%g2,%g2
-/* 0x0ed4	1218 (105 107) */		ldx	[%sp+2415],%g5
-/* 0x0ed8	1219 (105 106) */		add	%g2,%o0,%g2
-/* 0x0edc	1220 (106 107) */		std	%f4,[%sp+2231]
-/* 0x0ee0	1221 (106 107) */		srlx	%g4,32,%o0
-/* 0x0ee4	1222 (107 109) */		ldx	[%sp+2407],%g4
-/* 0x0ee8	1223 (107 108) */		sllx	%g5,19,%g5
-/* 0x0eec	1224 (107 108) */		add	%g2,%o0,%g2
-/* 0x0ef0	1225 (108 109) */		st	%g2,[%i0+8]
-/* 0x0ef4	1226 (108 109) */		srlx	%g2,32,%o0
-/* 0x0ef8	1227 (108 109) */		add	%g3,%g5,%g3
-/* 0x0efc	1228 (109 111) */		ldx	[%sp+2399],%g5
-/* 0x0f00	1229 (109 110) */		add	%g3,%o1,%g3
-/* 0x0f04	1230 (110 113) */		ld	[%i1+16],%o1
-/* 0x0f08	1231 (110 111) */		add	%g3,%o0,%g3
-/* 0x0f0c	1232 (111 112) */		st	%g3,[%i0+12]
-/* 0x0f10	1233 (111 112) */		sllx	%g5,19,%g5
-/* 0x0f14	1234 (112 113) */		srlx	%g3,32,%o0
-/* 0x0f18	1235 (112 113) */		add	%g4,%g5,%g2
-/* 0x0f1c	1236 (112 114) */		ldx	[%sp+2383],%g5
-/* 0x0f20	1237 (113 115) */		ldx	[%sp+2391],%g4
-/* 0x0f24	1238 (113 114) */		add	%g2,%o1,%g2
-/* 0x0f28	1239 (114 117) */		ld	[%i1+20],%o1
-/* 0x0f2c	1240 (114 115) */		sllx	%g5,19,%g5
-/* 0x0f30	1241 (114 115) */		add	%g2,%o0,%g2
-/* 0x0f34	1242 (115 116) */		st	%g2,[%i0+16]
-/* 0x0f38	1243 (115 116) */		srlx	%g2,32,%o0
-/* 0x0f3c	1244 (115 116) */		add	%g4,%g5,%g3
-/* 0x0f40	1245 (116 118) */		ldx	[%sp+2367],%g5
-/* 0x0f44	1246 (116 117) */		add	%g3,%o1,%g3
-/* 0x0f48	1247 (117 119) */		ldx	[%sp+2375],%g4
-/* 0x0f4c	1248 (117 118) */		add	%g3,%o0,%g3
-/* 0x0f50	1249 (118 121) */		ld	[%i1+24],%o1
-/* 0x0f54	1250 (118 119) */		sllx	%g5,19,%g5
-/* 0x0f58	1251 (119 120) */		st	%g3,[%i0+20]
-/* 0x0f5c	1252 (119 120) */		add	%g4,%g5,%g2
-/* 0x0f60	1253 (120 122) */		ldx	[%sp+2351],%g5
-/* 0x0f64	1254 (120 121) */		srlx	%g3,32,%o0
-/* 0x0f68	1255 (120 121) */		add	%g2,%o1,%g2
-/* 0x0f6c	1256 (121 123) */		ldx	[%sp+2359],%g4
-/* 0x0f70	1257 (121 122) */		add	%g2,%o0,%g2
-/* 0x0f74	1258 (122 125) */		ld	[%i1+28],%o1
-/* 0x0f78	1259 (122 123) */		sllx	%g5,19,%g5
-/* 0x0f7c	1260 (123 124) */		st	%g2,[%i0+24]
-/* 0x0f80	1261 (123 124) */		add	%g4,%g5,%g3
-/* 0x0f84	1265 (124 126) */		ldx	[%sp+2335],%g5
-/* 0x0f88	1266 (124 125) */		srlx	%g2,32,%o0
-/* 0x0f8c	1267 (124 125) */		add	%g3,%o1,%g3
-/* 0x0f90	1268 (125 127) */		ldx	[%sp+2343],%g4
-/* 0x0f94	1269 (125 126) */		add	%g3,%o0,%g3
-/* 0x0f98	1270 (126 127) */		sllx	%g5,19,%g5
-/* 0x0f9c	1271 (126 129) */		ld	[%i1+32],%o1
-/* 0x0fa0	1272 (127 128) */		add	%g4,%g5,%g2
-/* 0x0fa4	1273 (127 129) */		ldx	[%sp+2319],%g5
-/* 0x0fa8	1274 (128 130) */		ldx	[%sp+2327],%g4
-/* 0x0fac	1275 (128 129) */		srlx	%g3,32,%o0
-/* 0x0fb0	1276 (128 129) */		add	%g2,%o1,%g2
-/* 0x0fb4	1277 (129 130) */		st	%g3,[%i0+28]
-/* 0x0fb8	1278 (129 130) */		sllx	%g5,19,%g5
-/* 0x0fbc	1279 (129 130) */		add	%g2,%o0,%g2
-/* 0x0fc0	1280 (130 133) */		ld	[%i1+36],%o1
-/* 0x0fc4	1281 (130 131) */		add	%g4,%g5,%g3
-/* 0x0fc8	1282 (131 133) */		ldx	[%sp+2303],%g5
-/* 0x0fcc	1283 (131 132) */		srlx	%g2,32,%o0
-/* 0x0fd0	1284 (132 134) */		ldx	[%sp+2311],%g4
-/* 0x0fd4	1285 (132 133) */		add	%g3,%o1,%g3
-/* 0x0fd8	1286 (133 134) */		sllx	%g5,19,%g5
-/* 0x0fdc	1287 (133 134) */		st	%g2,[%i0+32]
-/* 0x0fe0	1288 (133 134) */		add	%g3,%o0,%g3
-/* 0x0fe4	1289 (134 135) */		add	%g4,%g5,%g2
-/* 0x0fe8	1290 (134 136) */		ldx	[%sp+2287],%g5
-/* 0x0fec	1291 (135 137) */		ldx	[%sp+2295],%g4
-/* 0x0ff0	1292 (135 136) */		srlx	%g3,32,%o0
-/* 0x0ff4	1293 (136 139) */		ld	[%i1+40],%o1
-/* 0x0ff8	1294 (136 137) */		sllx	%g5,19,%g5
-/* 0x0ffc	1295 (137 138) */		st	%g3,[%i0+36]
-/* 0x1000	1296 (137 138) */		add	%g4,%g5,%g3
-/* 0x1004	1297 (138 140) */		ldx	[%sp+2271],%g5
-/* 0x1008	1298 (138 139) */		add	%g2,%o1,%g2
-/* 0x100c	1299 (139 141) */		ldx	[%sp+2279],%g4
-/* 0x1010	1300 (139 140) */		add	%g2,%o0,%g2
-/* 0x1014	1301 (140 143) */		ld	[%i1+44],%o1
-/* 0x1018	1302 (140 141) */		sllx	%g5,19,%g5
-/* 0x101c	1303 (141 142) */		st	%g2,[%i0+40]
-/* 0x1020	1304 (141 142) */		srlx	%g2,32,%o0
-/* 0x1024	1305 (141 142) */		add	%g4,%g5,%g2
-/* 0x1028	1306 (142 144) */		ldx	[%sp+2255],%g5
-/* 0x102c	1307 (142 143) */		add	%g3,%o1,%g3
-/* 0x1030	1308 (143 145) */		ldx	[%sp+2263],%g4
-/* 0x1034	1309 (143 144) */		add	%g3,%o0,%g3
-/* 0x1038	1310 (144 147) */		ld	[%i1+48],%o1
-/* 0x103c	1311 (144 145) */		sllx	%g5,19,%g5
-/* 0x1040	1312 (145 146) */		srlx	%g3,32,%o0
-/* 0x1044	1313 (145 146) */		st	%g3,[%i0+44]
-/* 0x1048	1314 (145 146) */		add	%g4,%g5,%g3
-/* 0x104c	1315 (146 148) */		ldx	[%sp+2239],%g5
-/* 0x1050	1316 (146 147) */		add	%g2,%o1,%g2
-/* 0x1054	1317 (147 150) */		ld	[%i1+52],%o1
-/* 0x1058	1318 (147 148) */		add	%g2,%o0,%g2
-/* 0x105c	1319 (148 150) */		ldx	[%sp+2247],%g4
-/* 0x1060	1320 (148 149) */		sllx	%g5,19,%g5
-/* 0x1064	1321 (149 150) */		srlx	%g2,32,%o0
-/* 0x1068	1322 (149 150) */		st	%g2,[%i0+48]
-/* 0x106c	1323 (149 150) */		add	%g3,%o1,%g3
-/* 0x1070	1324 (150 153) */		ld	[%i1+56],%o1
-/* 0x1074	1325 (150 151) */		add	%g4,%g5,%g2
-/* 0x1078	1326 (150 151) */		add	%g3,%o0,%g3
-/* 0x107c	1327 (151 153) */		ldx	[%sp+2223],%g5
-/* 0x1080	1328 (151 152) */		srlx	%g3,32,%o0
-/* 0x1084	1329 (152 154) */		ldx	[%sp+2231],%g4
-/* 0x1088	1330 (152 153) */		add	%g2,%o1,%g2
-/* 0x108c	1331 (153 154) */		sllx	%g5,19,%g5
-/* 0x1090	1332 (153 156) */		ld	[%i1+60],%o1
-/* 0x1094	1333 (153 154) */		add	%g2,%o0,%g2
-/* 0x1098	1334 (154 155) */		st	%g3,[%i0+52]
-/* 0x109c	1335 (154 155) */		add	%g4,%g5,%g3
-/* 0x10a0	1336 (155 156) */		st	%g2,[%i0+56]
-/* 0x10a4	1337 (155 156) */		srlx	%g2,32,%g2
-/* 0x10a8	1338 (155 156) */		add	%g3,%o1,%g3
-/* 0x10ac	1339 (156 157) */		add	%g3,%g2,%g2
-/* 0x10b0	1340 (156 157) */		st	%g2,[%i0+60]
-/* 0x10b4	1344 (157 158) */		srlx	%g2,32,%o3
-/* 0x10b8	1345 (158 159) */		srl	%o3,0,%i0
-/* 0x10bc	     (159 161) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x10c0	     (161 162) */		restore	%g0,%g0,%g0
-
-!
-! ENTRY .L77000073
-!
-
-                                   .L77000073:		/* frequency 1.0 confidence 0.0 */
-
-
-	or	%g0, %i4, %o2
-	or	%g0, %o0, %o1
-	or	%g0, %i3, %o0
-
-!
-! ENTRY .L77000052
-!
-
-                                   .L77000052:		/* frequency 1.0 confidence 0.0 */
-/* 0x1028	1318 ( 0  1) */		andn	%o2,%g2,%g2
-/* 0x102c	1319 ( 0  1) */		st	%g2,[%sp+2227]
-/* 0x1030	1325 ( 0  1) */		add	%o0,1,%g3
-/* 0x1034	1326 ( 0  1) */		fmovd	%f0,%f14
-/* 0x1038	1327 ( 1  2) */		srl	%o2,19,%g2
-/* 0x103c	1328 ( 1  2) */		st	%g2,[%sp+2223]
-/* 0x1040	1329 ( 1  2) */		or	%g0,0,%o5
-/* 0x1044	1330 ( 2  3) */		srl	%g3,31,%g2
-/* 0x1048	1331 ( 2  5) */		ldd	[%o1],%f6
-/* 0x104c	1335 ( 2  3) */		sethi	%hi(0x1000),%g1
-/* 0x1050	1336 ( 3  4) */		add	%g3,%g2,%g2
-/* 0x1054	1337 ( 3  4) */		xor	%g1,-625,%g1
-/* 0x1058	1338 ( 3  6) */		ldd	[%o1+8],%f20
-/* 0x105c	1339 ( 4  5) */		sra	%g2,1,%o3
-/* 0x1060	1340 ( 4  5) */		fmovs	%f6,%f8
-/* 0x1064	1341 ( 4  5) */		add	%g1,%fp,%g3
-/* 0x1068	1342 ( 5  6) */		fmovs	%f6,%f10
-/* 0x106c	1343 ( 5  7) */		ld	[%sp+2227],%f9
-/* 0x1070	1344 ( 5  6) */		subcc	%o3,0,%g0
-/* 0x1074	1345 ( 6  8) */		ld	[%sp+2223],%f11
-/* 0x1078	1346 ( 6  7) */		sethi	%hi(0x1000),%g1
-/* 0x107c	1347 ( 6  7) */		or	%g0,%i2,%o1
-/* 0x1080	1348 ( 7 10) */		fsubd	%f8,%f6,%f18
-/* 0x1084	1349 ( 7  8) */		xor	%g1,-617,%g1
-/* 0x1088	1350 ( 7  8) */		or	%g0,0,%g4
-/* 0x108c	1351 ( 8 11) */		fsubd	%f10,%f6,%f16
-/* 0x1090	1352 ( 8  9) */		bleu,pt	%icc,.L990000162	! tprob=0.50
-/* 0x1094	     ( 8  9) */		subcc	%o0,0,%g0
-/* 0x1098	1354 ( 9 10) */		add	%g1,%fp,%g2
-/* 0x109c	1355 ( 9 10) */		sethi	%hi(0x1000),%g1
-/* 0x10a0	1356 (10 11) */		xor	%g1,-609,%g1
-/* 0x10a4	1357 (10 11) */		subcc	%o3,7,%g0
-/* 0x10a8	1358 (11 12) */		add	%g1,%fp,%o7
-/* 0x10ac	1359 (11 12) */		sethi	%hi(0x1000),%g1
-/* 0x10b0	1360 (12 13) */		xor	%g1,-601,%g1
-/* 0x10b4	1361 (13 14) */		add	%g1,%fp,%o4
-/* 0x10b8	1362 (13 14) */		bl,pn	%icc,.L77000054	! tprob=0.50
-/* 0x10bc	     (13 14) */		sub	%o3,2,%o2
-/* 0x10c0	1364 (14 17) */		ldd	[%o1],%f2
-/* 0x10c4	1365 (14 15) */		add	%o1,16,%g5
-/* 0x10c8	1366 (14 15) */		or	%g0,4,%g4
-/* 0x10cc	1367 (15 18) */		ldd	[%o1+8],%f0
-/* 0x10d0	1368 (15 16) */		add	%o1,8,%o1
-/* 0x10d4	1369 (16 18) */		fxnor	%f14,%f2,%f6
-/* 0x10d8	1370 (16 19) */		ldd	[%g5],%f4
-/* 0x10dc	1371 (16 17) */		add	%o1,16,%o1
-/* 0x10e0	1372 (17 19) */		fxnor	%f14,%f0,%f12
-/* 0x10e4	1373 (17 20) */		ldd	[%o1],%f0
-/* 0x10e8	1374 (17 18) */		add	%o1,8,%o1
-/* 0x10ec	1375 (18 21) */		fitod	%f7,%f2
-/* 0x10f0	1376 (19 22) */		fitod	%f6,%f6
-/* 0x10f4	1377 (20 22) */		fxnor	%f14,%f4,%f10
-/* 0x10f8	1378 (21 24) */		fsubd	%f20,%f2,%f2
-/* 0x10fc	1379 (22 24) */		fxnor	%f14,%f0,%f8
-/* 0x1100	1380 (23 26) */		fitod	%f13,%f4
-/* 0x1104	1381 (24 27) */		fsubd	%f20,%f6,%f6
-/* 0x1108	1382 (24 27) */		fmuld	%f2,%f16,%f0
-
-!
-! ENTRY .L990000154
-!
-
-                                   .L990000154:		/* frequency 1.0 confidence 0.0 */
-/* 0x110c	1384 ( 0  3) */		ldd	[%o1],%f24
-/* 0x1110	1385 ( 0  1) */		add	%g4,3,%g4
-/* 0x1114	1386 ( 0  1) */		add	%o4,96,%o4
-/* 0x1118	1387 ( 1  4) */		fitod	%f11,%f22
-/* 0x111c	1388 ( 2  5) */		fsubd	%f20,%f4,%f26
-/* 0x1120	1389 ( 2  3) */		subcc	%g4,%o2,%g0
-/* 0x1124	1390 ( 2  3) */		add	%o7,96,%o7
-/* 0x1128	1391 ( 2  5) */		fmuld	%f6,%f18,%f28
-/* 0x112c	1392 ( 3  6) */		fmuld	%f6,%f16,%f6
-/* 0x1130	1393 ( 3  4) */		add	%g2,96,%g2
-/* 0x1134	1394 ( 3  4) */		add	%g3,96,%g3
-/* 0x1138	1395 ( 4  7) */		fdtox	%f0,%f0
-/* 0x113c	1396 ( 5  8) */		fitod	%f12,%f4
-/* 0x1140	1397 ( 5  8) */		fmuld	%f2,%f18,%f2
-/* 0x1144	1398 ( 6  9) */		fdtox	%f28,%f12
-/* 0x1148	1399 ( 7 10) */		fdtox	%f6,%f6
-/* 0x114c	1400 ( 7  8) */		std	%f12,[%g3-96]
-/* 0x1150	1401 ( 8  9) */		std	%f6,[%g2-96]
-/* 0x1154	1402 ( 8 11) */		fdtox	%f2,%f2
-/* 0x1158	1403 ( 9 12) */		fsubd	%f20,%f4,%f6
-/* 0x115c	1404 ( 9 10) */		std	%f2,[%o7-96]
-/* 0x1160	1405 ( 9 10) */		add	%o1,8,%o1
-/* 0x1164	1406 (10 12) */		fxnor	%f14,%f24,%f12
-/* 0x1168	1407 (10 13) */		fmuld	%f26,%f16,%f4
-/* 0x116c	1408 (10 11) */		std	%f0,[%o4-96]
-/* 0x1170	1409 (11 14) */		ldd	[%o1],%f0
-/* 0x1174	1410 (11 14) */		fitod	%f9,%f2
-/* 0x1178	1411 (12 15) */		fsubd	%f20,%f22,%f28
-/* 0x117c	1412 (12 15) */		fmuld	%f6,%f18,%f24
-/* 0x1180	1413 (13 16) */		fmuld	%f6,%f16,%f22
-/* 0x1184	1414 (13 16) */		fdtox	%f4,%f4
-/* 0x1188	1415 (14 17) */		fitod	%f10,%f6
-/* 0x118c	1416 (14 17) */		fmuld	%f26,%f18,%f10
-/* 0x1190	1417 (15 18) */		fdtox	%f24,%f24
-/* 0x1194	1418 (16 19) */		fdtox	%f22,%f22
-/* 0x1198	1419 (16 17) */		std	%f24,[%g3-64]
-/* 0x119c	1420 (17 18) */		std	%f22,[%g2-64]
-/* 0x11a0	1421 (17 20) */		fdtox	%f10,%f10
-/* 0x11a4	1422 (18 21) */		fsubd	%f20,%f6,%f6
-/* 0x11a8	1423 (18 19) */		std	%f10,[%o7-64]
-/* 0x11ac	1424 (18 19) */		add	%o1,8,%o1
-/* 0x11b0	1425 (19 21) */		fxnor	%f14,%f0,%f10
-/* 0x11b4	1426 (19 22) */		fmuld	%f28,%f16,%f0
-/* 0x11b8	1427 (19 20) */		std	%f4,[%o4-64]
-/* 0x11bc	1428 (20 23) */		ldd	[%o1],%f22
-/* 0x11c0	1429 (20 23) */		fitod	%f13,%f4
-/* 0x11c4	1430 (21 24) */		fsubd	%f20,%f2,%f2
-/* 0x11c8	1431 (21 24) */		fmuld	%f6,%f18,%f26
-/* 0x11cc	1432 (22 25) */		fmuld	%f6,%f16,%f24
-/* 0x11d0	1433 (22 25) */		fdtox	%f0,%f0
-/* 0x11d4	1434 (23 26) */		fitod	%f8,%f6
-/* 0x11d8	1435 (23 26) */		fmuld	%f28,%f18,%f8
-/* 0x11dc	1436 (24 27) */		fdtox	%f26,%f26
-/* 0x11e0	1437 (25 28) */		fdtox	%f24,%f24
-/* 0x11e4	1438 (25 26) */		std	%f26,[%g3-32]
-/* 0x11e8	1439 (26 27) */		std	%f24,[%g2-32]
-/* 0x11ec	1440 (26 29) */		fdtox	%f8,%f8
-/* 0x11f0	1441 (27 30) */		fsubd	%f20,%f6,%f6
-/* 0x11f4	1442 (27 28) */		std	%f8,[%o7-32]
-/* 0x11f8	1443 (27 28) */		add	%o1,8,%o1
-/* 0x11fc	1444 (28 30) */		fxnor	%f14,%f22,%f8
-/* 0x1200	1445 (28 29) */		std	%f0,[%o4-32]
-/* 0x1204	1446 (28 29) */		bcs,pt	%icc,.L990000154	! tprob=0.50
-/* 0x1208	     (28 31) */		fmuld	%f2,%f16,%f0
-
-!
-! ENTRY .L990000157
-!
-
-                                   .L990000157:		/* frequency 1.0 confidence 0.0 */
-/* 0x120c	1449 ( 0  3) */		fitod	%f12,%f28
-/* 0x1210	1450 ( 0  3) */		fmuld	%f6,%f18,%f24
-/* 0x1214	1451 ( 0  1) */		add	%g3,128,%g3
-/* 0x1218	1452 ( 1  4) */		fitod	%f10,%f12
-/* 0x121c	1453 ( 1  4) */		fmuld	%f6,%f16,%f26
-/* 0x1220	1454 ( 1  2) */		add	%g2,128,%g2
-/* 0x1224	1455 ( 2  5) */		fsubd	%f20,%f4,%f4
-/* 0x1228	1456 ( 2  5) */		fmuld	%f2,%f18,%f22
-/* 0x122c	1457 ( 2  3) */		add	%o7,128,%o7
-/* 0x1230	1458 ( 3  6) */		fdtox	%f24,%f6
-/* 0x1234	1459 ( 3  4) */		std	%f6,[%g3-128]
-/* 0x1238	1460 ( 3  4) */		add	%o4,128,%o4
-/* 0x123c	1461 ( 4  7) */		fsubd	%f20,%f28,%f2
-/* 0x1240	1462 ( 4  5) */		subcc	%g4,%o3,%g0
-/* 0x1244	1463 ( 5  8) */		fitod	%f11,%f6
-/* 0x1248	1464 ( 5  8) */		fmuld	%f4,%f18,%f24
-/* 0x124c	1465 ( 6  9) */		fdtox	%f26,%f10
-/* 0x1250	1466 ( 6  7) */		std	%f10,[%g2-128]
-/* 0x1254	1467 ( 7 10) */		fdtox	%f22,%f10
-/* 0x1258	1468 ( 7  8) */		std	%f10,[%o7-128]
-/* 0x125c	1469 ( 7 10) */		fmuld	%f2,%f18,%f26
-/* 0x1260	1470 ( 8 11) */		fsubd	%f20,%f12,%f10
-/* 0x1264	1471 ( 8 11) */		fmuld	%f2,%f16,%f2
-/* 0x1268	1472 ( 9 12) */		fsubd	%f20,%f6,%f22
-/* 0x126c	1473 ( 9 12) */		fmuld	%f4,%f16,%f12
-/* 0x1270	1474 (10 13) */		fdtox	%f0,%f0
-/* 0x1274	1475 (10 11) */		std	%f0,[%o4-128]
-/* 0x1278	1476 (11 14) */		fitod	%f8,%f4
-/* 0x127c	1477 (11 14) */		fmuld	%f10,%f18,%f6
-/* 0x1280	1478 (12 15) */		fdtox	%f26,%f0
-/* 0x1284	1479 (12 13) */		std	%f0,[%g3-96]
-/* 0x1288	1480 (12 15) */		fmuld	%f10,%f16,%f10
-/* 0x128c	1481 (13 16) */		fdtox	%f2,%f2
-/* 0x1290	1482 (13 14) */		std	%f2,[%g2-96]
-/* 0x1294	1483 (14 17) */		fitod	%f9,%f0
-/* 0x1298	1484 (14 17) */		fmuld	%f22,%f18,%f2
-/* 0x129c	1485 (15 18) */		fdtox	%f24,%f8
-/* 0x12a0	1486 (15 16) */		std	%f8,[%o7-96]
-/* 0x12a4	1487 (16 19) */		fsubd	%f20,%f4,%f4
-/* 0x12a8	1488 (16 19) */		fmuld	%f22,%f16,%f8
-/* 0x12ac	1489 (17 20) */		fdtox	%f12,%f12
-/* 0x12b0	1490 (17 18) */		std	%f12,[%o4-96]
-/* 0x12b4	1491 (18 21) */		fsubd	%f20,%f0,%f0
-/* 0x12b8	1492 (19 22) */		fdtox	%f6,%f6
-/* 0x12bc	1493 (19 20) */		std	%f6,[%g3-64]
-/* 0x12c0	1494 (20 23) */		fdtox	%f10,%f10
-/* 0x12c4	1495 (20 21) */		std	%f10,[%g2-64]
-/* 0x12c8	1496 (20 23) */		fmuld	%f4,%f18,%f6
-/* 0x12cc	1497 (21 24) */		fdtox	%f2,%f2
-/* 0x12d0	1498 (21 22) */		std	%f2,[%o7-64]
-/* 0x12d4	1499 (21 24) */		fmuld	%f4,%f16,%f4
-/* 0x12d8	1500 (22 25) */		fmuld	%f0,%f18,%f2
-/* 0x12dc	1501 (22 25) */		fdtox	%f8,%f8
-/* 0x12e0	1502 (22 23) */		std	%f8,[%o4-64]
-/* 0x12e4	1503 (23 26) */		fdtox	%f6,%f6
-/* 0x12e8	1504 (23 24) */		std	%f6,[%g3-32]
-/* 0x12ec	1505 (23 26) */		fmuld	%f0,%f16,%f0
-/* 0x12f0	1506 (24 27) */		fdtox	%f4,%f4
-/* 0x12f4	1507 (24 25) */		std	%f4,[%g2-32]
-/* 0x12f8	1508 (25 28) */		fdtox	%f2,%f2
-/* 0x12fc	1509 (25 26) */		std	%f2,[%o7-32]
-/* 0x1300	1510 (26 29) */		fdtox	%f0,%f0
-/* 0x1304	1511 (26 27) */		bcc,pn	%icc,.L77000056	! tprob=0.50
-/* 0x1308	     (26 27) */		std	%f0,[%o4-32]
-
-!
-! ENTRY .L77000054
-!
-
-                                   .L77000054:		/* frequency 1.0 confidence 0.0 */
-/* 0x130c	1514 ( 0  3) */		ldd	[%o1],%f0
-
-!
-! ENTRY .L990000161
-!
-
-                                   .L990000161:		/* frequency 1.0 confidence 0.0 */
-/* 0x1310	1516 ( 0  2) */		fxnor	%f14,%f0,%f0
-/* 0x1314	1517 ( 0  1) */		add	%g4,1,%g4
-/* 0x1318	1518 ( 0  1) */		add	%o1,8,%o1
-/* 0x131c	1519 ( 1  2) */		subcc	%g4,%o3,%g0
-/* 0x1320	1520 ( 2  5) */		fitod	%f0,%f2
-/* 0x1324	1521 ( 3  6) */		fitod	%f1,%f0
-/* 0x1328	1522 ( 5  8) */		fsubd	%f20,%f2,%f2
-/* 0x132c	1523 ( 6  9) */		fsubd	%f20,%f0,%f0
-/* 0x1330	1524 ( 8 11) */		fmuld	%f2,%f18,%f6
-/* 0x1334	1525 ( 9 12) */		fmuld	%f2,%f16,%f4
-/* 0x1338	1526 (10 13) */		fmuld	%f0,%f18,%f2
-/* 0x133c	1527 (11 14) */		fdtox	%f6,%f6
-/* 0x1340	1528 (11 12) */		std	%f6,[%g3]
-/* 0x1344	1529 (11 14) */		fmuld	%f0,%f16,%f0
-/* 0x1348	1530 (12 15) */		fdtox	%f4,%f4
-/* 0x134c	1531 (12 13) */		std	%f4,[%g2]
-/* 0x1350	1532 (12 13) */		add	%g2,32,%g2
-/* 0x1354	1533 (13 16) */		fdtox	%f2,%f2
-/* 0x1358	1534 (13 14) */		std	%f2,[%o7]
-/* 0x135c	1535 (13 14) */		add	%o7,32,%o7
-/* 0x1360	1536 (14 17) */		fdtox	%f0,%f0
-/* 0x1364	1537 (14 15) */		std	%f0,[%o4]
-/* 0x1368	1538 (14 15) */		add	%o4,32,%o4
-/* 0x136c	1539 (15 16) */		add	%g3,32,%g3
-/* 0x1370	1540 (15 16) */		bcs,a,pt	%icc,.L990000161	! tprob=0.50
-/* 0x1374	     (16 19) */		ldd	[%o1],%f0
-
-!
-! ENTRY .L77000056
-!
-
-                                   .L77000056:		/* frequency 1.0 confidence 0.0 */
-/* 0x1378	1548 ( 0  1) */		subcc	%o0,0,%g0
-
-!
-! ENTRY .L990000162
-!
-
-                                   .L990000162:		/* frequency 1.0 confidence 0.0 */
-/* 0x137c	1550 ( 0  1) */		bleu,pt	%icc,.L77770061	! tprob=0.50
-/* 0x1380	     ( 0  1) */		nop
-/* 0x1384	1555 ( 0  1) */		sethi	%hi(0x1000),%g1
-/* 0x1388	1556 ( 1  2) */		xor	%g1,-625,%g1
-/* 0x138c	1557 ( 1  2) */		or	%g0,%i1,%g4
-/* 0x1390	1558 ( 2  3) */		add	%g1,%fp,%g5
-/* 0x1394	1559 ( 2  3) */		sethi	%hi(0x1000),%g1
-/* 0x1398	1560 ( 3  4) */		xor	%g1,-617,%g1
-/* 0x139c	1561 ( 3  4) */		or	%g0,%o0,%o7
-/* 0x13a0	1562 ( 4  5) */		add	%g1,%fp,%g2
-/* 0x13a4	1563 ( 4  5) */		or	%g0,0,%i2
-/* 0x13a8	1564 ( 5  6) */		or	%g0,%i0,%g3
-/* 0x13ac	1565 ( 5  6) */		subcc	%o0,6,%g0
-/* 0x13b0	1566 ( 5  6) */		bl,pn	%icc,.L77000058	! tprob=0.50
-/* 0x13b4	     ( 6  7) */		sethi	%hi(0x1000),%g1
-/* 0x13b8	1568 ( 6  8) */		ld	[%g4],%o2
-/* 0x13bc	1569 ( 6  7) */		add	%g3,4,%g3
-/* 0x13c0	1570 ( 7  8) */		xor	%g1,-585,%g1
-/* 0x13c4	1571 ( 7  8) */		sub	%o7,3,%o4
-/* 0x13c8	1572 ( 8  9) */		add	%g1,%fp,%g2
-/* 0x13cc	1573 ( 8  9) */		sethi	%hi(0x1000),%g1
-/* 0x13d0	1574 ( 9 10) */		xor	%g1,-593,%g1
-/* 0x13d4	1575 ( 9 10) */		or	%g0,2,%i2
-/* 0x13d8	1576 (10 11) */		add	%g1,%fp,%g5
-/* 0x13dc	1577 (10 11) */		sethi	%hi(0x1000),%g1
-/* 0x13e0	1578 (11 12) */		xor	%g1,-617,%g1
-/* 0x13e4	1579 (12 13) */		add	%g1,%fp,%g1
-/* 0x13e8	1580 (13 15) */		ldx	[%g1],%o1
-/* 0x13ec	1581 (14 16) */		ldx	[%g1-8],%o0
-/* 0x13f0	1582 (15 16) */		sllx	%o1,19,%o1
-/* 0x13f4	1583 (15 17) */		ldx	[%g1+16],%o3
-/* 0x13f8	1584 (16 17) */		add	%o0,%o1,%o0
-/* 0x13fc	1585 (16 18) */		ld	[%g4+4],%o1
-/* 0x1400	1586 (16 17) */		add	%g4,8,%g4
-/* 0x1404	1587 (17 18) */		sllx	%o3,19,%o3
-/* 0x1408	1588 (17 18) */		add	%o0,%o2,%o0
-/* 0x140c	1589 (17 19) */		ldx	[%g1+8],%o2
-/* 0x1410	1590 (18 19) */		st	%o0,[%g3-4]
-/* 0x1414	1591 (18 19) */		srlx	%o0,32,%o0
-
-!
-! ENTRY .L990000142
-!
-
-                                   .L990000142:		/* frequency 1.0 confidence 0.0 */
-/* 0x1418	1593 ( 0  1) */		add	%o2,%o3,%o2
-/* 0x141c	1594 ( 0  1) */		add	%i2,4,%i2
-/* 0x1420	1595 ( 0  2) */		ld	[%g4],%o3
-/* 0x1424	1596 ( 1  2) */		srl	%o0,0,%o5
-/* 0x1428	1597 ( 1  2) */		add	%o2,%o1,%o1
-/* 0x142c	1598 ( 1  3) */		ldx	[%g2],%o0
-/* 0x1430	1599 ( 3  4) */		sllx	%o0,19,%o2
-/* 0x1434	1600 ( 3  5) */		ldx	[%g5],%o0
-/* 0x1438	1601 ( 3  4) */		add	%o1,%o5,%o1
-/* 0x143c	1602 ( 4  5) */		st	%o1,[%g3]
-/* 0x1440	1603 ( 4  5) */		srlx	%o1,32,%o5
-/* 0x1444	1604 ( 4  5) */		subcc	%i2,%o4,%g0
-/* 0x1448	1605 ( 5  7) */		ldx	[%g2+16],%o1
-/* 0x144c	1606 ( 5  6) */		add	%o0,%o2,%o0
-/* 0x1450	1607 ( 5  6) */		add	%g3,16,%g3
-/* 0x1454	1608 ( 6  8) */		ld	[%g4+4],%o2
-/* 0x1458	1609 ( 6  7) */		add	%o0,%o3,%o0
-/* 0x145c	1610 ( 7  8) */		sllx	%o1,19,%o3
-/* 0x1460	1611 ( 7  9) */		ldx	[%g5+16],%o1
-/* 0x1464	1612 ( 7  8) */		add	%o0,%o5,%o0
-/* 0x1468	1613 ( 8  9) */		st	%o0,[%g3-12]
-/* 0x146c	1614 ( 8  9) */		srlx	%o0,32,%o5
-/* 0x1470	1615 ( 8  9) */		add	%g4,16,%g4
-/* 0x1474	1616 ( 9 11) */		ldx	[%g2+32],%o0
-/* 0x1478	1617 ( 9 10) */		add	%o1,%o3,%o1
-/* 0x147c	1618 ( 9 10) */		add	%g2,64,%g2
-/* 0x1480	1619 (10 12) */		ld	[%g4-8],%o3
-/* 0x1484	1620 (10 11) */		add	%o1,%o2,%o2
-/* 0x1488	1621 (11 12) */		sllx	%o0,19,%o1
-/* 0x148c	1622 (11 13) */		ldx	[%g5+32],%o0
-/* 0x1490	1623 (11 12) */		add	%o2,%o5,%o2
-/* 0x1494	1624 (12 13) */		st	%o2,[%g3-8]
-/* 0x1498	1625 (12 13) */		srlx	%o2,32,%o5
-/* 0x149c	1626 (12 13) */		add	%g5,64,%g5
-/* 0x14a0	1627 (13 15) */		ldx	[%g2-16],%o2
-/* 0x14a4	1628 (13 14) */		add	%o0,%o1,%o0
-/* 0x14a8	1629 (14 16) */		ld	[%g4-4],%o1
-/* 0x14ac	1630 (14 15) */		add	%o0,%o3,%o0
-/* 0x14b0	1631 (15 16) */		sllx	%o2,19,%o3
-/* 0x14b4	1632 (15 17) */		ldx	[%g5-16],%o2
-/* 0x14b8	1633 (15 16) */		add	%o0,%o5,%o0
-/* 0x14bc	1634 (16 17) */		st	%o0,[%g3-4]
-/* 0x14c0	1635 (16 17) */		bcs,pt	%icc,.L990000142	! tprob=0.50
-/* 0x14c4	     (16 17) */		srlx	%o0,32,%o0
-
-!
-! ENTRY .L990000145
-!
-
-                                   .L990000145:		/* frequency 1.0 confidence 0.0 */
-/* 0x14c8	1638 ( 0  1) */		add	%o2,%o3,%o3
-/* 0x14cc	1639 ( 0  1) */		add	%g3,4,%g3
-/* 0x14d0	1640 ( 1  2) */		srl	%o0,0,%o2
-/* 0x14d4	1641 ( 1  2) */		add	%o3,%o1,%o0
-/* 0x14d8	1642 ( 2  3) */		add	%o0,%o2,%o0
-/* 0x14dc	1643 ( 2  3) */		st	%o0,[%g3-4]
-/* 0x14e0	1644 ( 2  3) */		subcc	%i2,%o7,%g0
-/* 0x14e4	1645 ( 2  3) */		bcc,pn	%icc,.L77770061	! tprob=0.50
-/* 0x14e8	     ( 3  4) */		srlx	%o0,32,%o5
-
-!
-! ENTRY .L77000058
-!
-
-                                   .L77000058:		/* frequency 1.0 confidence 0.0 */
-/* 0x14ec	1648 ( 0  2) */		ldx	[%g2],%o2
-
-!
-! ENTRY .L990000160
-!
-
-                                   .L990000160:		/* frequency 1.0 confidence 0.0 */
-/* 0x14f0	1650 ( 0  1) */		sllx	%o2,19,%o3
-/* 0x14f4	1651 ( 0  2) */		ldx	[%g5],%o0
-/* 0x14f8	1652 ( 0  1) */		add	%i2,1,%i2
-/* 0x14fc	1653 ( 1  2) */		srl	%o5,0,%o1
-/* 0x1500	1654 ( 1  3) */		ld	[%g4],%o2
-/* 0x1504	1655 ( 1  2) */		add	%g2,16,%g2
-/* 0x1508	1656 ( 2  3) */		add	%o0,%o3,%o0
-/* 0x150c	1657 ( 2  3) */		add	%g5,16,%g5
-/* 0x1510	1658 ( 3  4) */		add	%o0,%o2,%o0
-/* 0x1514	1659 ( 3  4) */		add	%g4,4,%g4
-/* 0x1518	1660 ( 4  5) */		add	%o0,%o1,%o0
-/* 0x151c	1661 ( 4  5) */		st	%o0,[%g3]
-/* 0x1520	1662 ( 4  5) */		subcc	%i2,%o7,%g0
-/* 0x1524	1663 ( 5  6) */		srlx	%o0,32,%o5
-/* 0x1528	1664 ( 5  6) */		add	%g3,4,%g3
-/* 0x152c	1665 ( 5  6) */		bcs,a,pt	%icc,.L990000160	! tprob=0.50
-/* 0x1530	     ( 6  8) */		ldx	[%g2],%o2
-
-!
-! ENTRY .L77770061
-!
-
-                                   .L77770061:		/* frequency 1.0 confidence 0.0 */
-/* 0x1534	     ( 0  2) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x1538	     ( 2  3) */		restore	%g0,%o5,%o0
-
-
-/* 0x124c	1476 ( 0  0) */		.type	mul_add,2
-/* 0x124c	1477 ( 0  0) */		.size	mul_add,(.-mul_add)
-/* 0x124c	1480 ( 0  0) */		.align	8
-/* 0x1250	1486 ( 0  0) */		.global	mul_add_inp
-
-!
-! ENTRY mul_add_inp
-!
-
-                                   	.global mul_add_inp
-                                   mul_add_inp:		/* frequency 1.0 confidence 0.0 */
-/* 0x1250	1488 ( 0  1) */		save	%sp,-176,%sp
-/* 0x1254	1500 ( 1  2) */		sra	%i2,0,%o3
-/* 0x1258	1501 ( 1  2) */		or	%g0,%i1,%o2
-/* 0x125c	1502 ( 2  3) */		or	%g0,%i0,%o0
-/* 0x1260	1503 ( 2  3) */		or	%g0,%i0,%o1
-/* 0x1264	1504 ( 3  5) */		call	mul_add	! params = 	! Result = 
-/* 0x1268	     ( 4  5) */		srl	%i3,0,%o4
-/* 0x126c	1506 ( 5  6) */		srl	%o0,0,%i0
-/* 0x1270	     ( 6  8) */		ret	! Result =  %o1 %o0 %f0 %f1
-/* 0x1274	     ( 8  9) */		restore	%g0,%g0,%g0
-/* 0x1278	1509 ( 0  0) */		.type	mul_add_inp,2
-/* 0x1278	1510 ( 0  0) */		.size	mul_add_inp,(.-mul_add_inp)
-
-	.section	".data",#alloc,#write
-/* 0x1278	   6 ( 0  0) */		.align	8
-
-!
-! ENTRY mask_cnst
-!
-
-                                   mask_cnst:		/* frequency 1.0 confidence 0.0 */
-/* 0x1278	   8 ( 0  0) */		.xword	-9223372034707292160
-/* 0x1280	   9 ( 0  0) */		.type	mask_cnst,#object
-/* 0x1280	  10 ( 0  0) */		.size	mask_cnst,8
-
diff --git a/security/nss/lib/freebl/mpi/mpvalpha.c b/security/nss/lib/freebl/mpi/mpvalpha.c
deleted file mode 100644
index 5118e73c3..000000000
--- a/security/nss/lib/freebl/mpi/mpvalpha.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Multiple Precision Integer optimization code for 
- * the Compaq Alpha processor.
- *
- * The Initial Developer of the Original Code is
- * Richard C. Swift.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):	Richard C. Swift	(swift@netscape.com)
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "mpi-priv.h"
-#include <c_asm.h>
-
-
-#define MP_MUL_DxD(a, b, Phi, Plo)		\
- { Plo = asm ("mulq %a0, %a1, %v0", a, b);	\
-   Phi = asm ("umulh %a0, %a1, %v0", a, b); }	\
-
-/* This is empty for the loop in s_mpv_mul_d	*/
-#define CARRY_ADD
-
-#define ONE_MUL				\
-    a_i = *a++;				\
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);	\
-    a0b0 += carry;			\
-    if (a0b0 < carry)			\
-      ++a1b1;				\
-    CARRY_ADD				\
-    *c++ = a0b0;			\
-    carry = a1b1;			\
-
-#define FOUR_MUL			\
-	ONE_MUL				\
-	ONE_MUL				\
-	ONE_MUL				\
-	ONE_MUL				\
-
-#define SIXTEEN_MUL			\
-	FOUR_MUL			\
-	FOUR_MUL			\
-	FOUR_MUL			\
-	FOUR_MUL			\
-
-#define THIRTYTWO_MUL			\
-	SIXTEEN_MUL			\
-	SIXTEEN_MUL			\
-
-#define ONETWENTYEIGHT_MUL		\
-	THIRTYTWO_MUL			\
-	THIRTYTWO_MUL			\
-	THIRTYTWO_MUL			\
-	THIRTYTWO_MUL			\
-
-
-#define EXPAND_256(CALL)		\
- mp_digit carry = 0;			\
- mp_digit a_i;				\
- mp_digit a0b0, a1b1;			\
- if (a_len &255) {			\
-	if (a_len &1) {			\
-	  ONE_MUL			\
-	}				\
-	if (a_len &2) {			\
-	  ONE_MUL			\
-	  ONE_MUL			\
-	}				\
-	if (a_len &4) {			\
-	  FOUR_MUL			\
-	}				\
-	if (a_len &8) {			\
-	  FOUR_MUL			\
-	  FOUR_MUL			\
-	}				\
-	if (a_len & 16 ) {		\
-	  SIXTEEN_MUL			\
-	}				\
-	if (a_len & 32 ) {		\
-	  THIRTYTWO_MUL			\
-	}				\
-	if (a_len & 64 ) {		\
-	  THIRTYTWO_MUL			\
-	  THIRTYTWO_MUL			\
-	}				\
-	if (a_len & 128) {		\
-	  ONETWENTYEIGHT_MUL		\
-	}				\
-	a_len = a_len & (-256);		\
-  }					\
-  if (a_len>=256 ) {			\
-	carry = CALL(a, a_len, b, c, carry);	\
-	c += a_len;			\
-  }					\
-
-#define FUNC_NAME(NAME)			\
-mp_digit NAME(const mp_digit *a, 	\
-	mp_size a_len,			\
-	mp_digit b, mp_digit *c, 	\
-	mp_digit carry)			\
-
-#define DECLARE_MUL_256(FNAME)		\
-FUNC_NAME(FNAME)			\
-{					\
-  mp_digit a_i;				\
-  mp_digit a0b0, a1b1;			\
-  while (a_len) {			\
-	ONETWENTYEIGHT_MUL		\
-	ONETWENTYEIGHT_MUL		\
-	a_len-= 256;			\
-  }					\
-  return carry;				\
-}					\
-
-/* Expanding the loop in s_mpv_mul_d appeared to slow down the
-   (admittedly) small number of tests (i.e., timetest) used to
-   measure performance, so this define disables that optimization. */
-#define DO_NOT_EXPAND 1
-
-/* Need forward declaration so it can be instantiated after
-	the routine that uses it; this helps locality somewhat	*/
-#if !defined(DO_NOT_EXPAND)
-FUNC_NAME(s_mpv_mul_d_MUL256);
-#endif
-
-/* c = a * b */
-void s_mpv_mul_d(const mp_digit *a, mp_size a_len, 
-			mp_digit b, mp_digit *c)
-{
-#if defined(DO_NOT_EXPAND)
-  mp_digit carry = 0;
-  while (a_len--) {
-    mp_digit a_i = *a++;
-    mp_digit a0b0, a1b1;
-
-    MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
-    a0b0 += carry;
-    if (a0b0 < carry)
-      ++a1b1;
-    *c++ = a0b0;
-    carry = a1b1;
-  }
-#else
-  EXPAND_256(s_mpv_mul_d_MUL256)
-#endif
-  *c = carry;
-}
-
-#if !defined(DO_NOT_EXPAND)
-DECLARE_MUL_256(s_mpv_mul_d_MUL256)
-#endif
-
-#undef CARRY_ADD
-/* This is redefined for the loop in s_mpv_mul_d_add */
-#define CARRY_ADD			\
-    a0b0 += a_i = *c;			\
-    if (a0b0 < a_i)			\
-      ++a1b1;				\
-
-/* Need forward declaration so it can be instantiated between the
-	two routines that use it; this helps locality somewhat	*/
-FUNC_NAME(s_mpv_mul_d_add_MUL256);
-
-/* c += a * b */
-void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, 
-			mp_digit b, mp_digit *c)
-{
-  EXPAND_256(s_mpv_mul_d_add_MUL256)
-  *c = carry;
-}
-
-/* Instantiate multiply 256 routine here */
-DECLARE_MUL_256(s_mpv_mul_d_add_MUL256)
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, 
-			mp_digit b, mp_digit *c)
-{
-  EXPAND_256(s_mpv_mul_d_add_MUL256)
-  while (carry) {
-    mp_digit c_i = *c;
-    carry += c_i;
-    *c++ = carry;
-    carry = carry < c_i;
-  }
-}
-
diff --git a/security/nss/lib/freebl/mpi/mulsqr.c b/security/nss/lib/freebl/mpi/mulsqr.c
deleted file mode 100644
index db2b5ce8a..000000000
--- a/security/nss/lib/freebl/mpi/mulsqr.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Test whether to include squaring code given the current settings
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_SQUARE 1  /* make sure squaring code is included */
-
-#include "mpi.h"
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
-  int           ntests, prec, ix;
-  unsigned int  seed;
-  clock_t       start, stop;
-  double        multime, sqrtime;
-  mp_int        a, c;
-
-  seed = (unsigned int)time(NULL);
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <ntests> <nbits>\n", argv[0]);
-    return 1;
-  }
-
-  if((ntests = abs(atoi(argv[1]))) == 0) {
-    fprintf(stderr, "%s: must request at least 1 test.\n", argv[0]);
-    return 1;
-  }
-  if((prec = abs(atoi(argv[2]))) < CHAR_BIT) {
-    fprintf(stderr, "%s: must request at least %d bits.\n", argv[0],
-	    CHAR_BIT);
-    return 1;
-  }
-
-  prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-
-  mp_init_size(&a, prec);
-  mp_init_size(&c, 2 * prec);
-
-  /* Test multiplication by self */
-  srand(seed);
-  start = clock();
-  for(ix = 0; ix < ntests; ix++) {
-    mpp_random_size(&a, prec);
-    mp_mul(&a, &a, &c);
-  }
-  stop = clock();
-
-  multime = (double)(stop - start) / CLOCKS_PER_SEC;
-
-  /* Test squaring */
-  srand(seed);
-  start = clock();
-  for(ix = 0; ix < ntests; ix++) {
-    mpp_random_size(&a, prec);
-    mp_sqr(&a, &c);
-  }
-  stop = clock();
-
-  sqrtime = (double)(stop - start) / CLOCKS_PER_SEC;
-
-  printf("Multiply: %.4f\n", multime);
-  printf("Square:   %.4f\n", sqrtime);
-  if(multime < sqrtime) {
-    printf("Speedup:  %.1f%%\n", 100.0 * (1.0 - multime / sqrtime));
-    printf("Prefer:   multiply\n");
-  } else {
-    printf("Speedup:  %.1f%%\n", 100.0 * (1.0 - sqrtime / multime));
-    printf("Prefer:   square\n");
-  }
-
-  mp_clear(&a); mp_clear(&c);
-  return 0;
-
-}
diff --git a/security/nss/lib/freebl/mpi/multest b/security/nss/lib/freebl/mpi/multest
deleted file mode 100755
index 08fec8388..000000000
--- a/security/nss/lib/freebl/mpi/multest
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/bin/sh
-#
-# multest
-#
-# Run multiply and square timing tests, to compute a chart for the
-# current processor and compiler combination.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-## 
-# $Id$
-#
-
-ECHO=/bin/echo
-MAKE=gmake
-
-$ECHO "\n** Running multiply and square timing tests\n"
-
-$ECHO "Bringing 'mulsqr' up to date ... "
-if $MAKE mulsqr ; then
-    :
-else
-    $ECHO "\nMake failed to build mulsqr.\n"
-    exit 1
-fi
-
-if [ ! -x ./mulsqr ] ; then
-    $ECHO "\nCannot find 'mulsqr' program, testing cannot continue.\n"
-    exit 1
-fi
-
-sizes='64 128 192 256 320 384 448 512 640 768 896 1024 1536 2048'
-ntests=500000
-
-$ECHO "Running timing tests, please wait ... "
-
-trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
-
-touch tt$$.tmp
-$ECHO $ntests tests >> tt$$.tmp
-for size in $sizes ; do
-    $ECHO "$size bits ... \c"
-    set -A res `./mulsqr $ntests $size|head -3|tr -d '%'|awk '{print $2}'`
-    $ECHO $size"\t"${res[0]}"\t"${res[1]}"\t"${res[2]} >> tt$$.tmp
-    $ECHO "(done)"
-done
-mv tt$$.tmp mulsqr-results.txt
-rm -f tt$$.tmp
-
-$ECHO "\n** Running Karatsuba-Ofman multiplication tests\n"
-
-$ECHO "Brining 'karatsuba' up to date ... "
-if $MAKE karatsuba ; then
-    :
-else
-    $ECHO "\nMake failed to build karatsuba.\n"
-    exit 1
-fi
-
-if [ ! -x ./karatsuba ] ; then
-    $ECHO "\nCannot find 'karatsuba' program, testing cannot continue.\n"
-    exit 1
-fi
-
-ntests=100000
-
-trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
-
-touch tt$$.tmp
-for size in $sizes ; do
-    $ECHO "$size bits ... "
-    ./karatsuba $ntests $size >> tt$$.tmp
-    tail -2 tt$$.tmp
-done
-mv tt$$.tmp karatsuba-results.txt
-rm -f tt$$.tmp
-
-exit 0
diff --git a/security/nss/lib/freebl/mpi/primes.c b/security/nss/lib/freebl/mpi/primes.c
deleted file mode 100644
index 14f927b6c..000000000
--- a/security/nss/lib/freebl/mpi/primes.c
+++ /dev/null
@@ -1,871 +0,0 @@
-/*
- * These tables of primes wwere generated using the 'sieve' program
- * (sieve.c) and converted to this format with 'ptab.pl'.  
- *
- * The 'small' table is just the first 128 primes.  The 'large' table
- * is a table of all the prime values that will fit into a single
- * mp_digit (given the current size of an mp_digit, which is two bytes).
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#if SMALL_TABLE
-#define MP_PRIME_TAB_SIZE 128
-#else
-#define MP_PRIME_TAB_SIZE 6542
-#endif
-
-const int prime_tab_size = MP_PRIME_TAB_SIZE;
-const mp_digit  prime_tab[] = {
-	0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, 
-	0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, 
-	0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, 
-	0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083, 
-	0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD, 
-	0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF, 
-	0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107, 
-	0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137, 
-	0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167, 
-	0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199, 
-	0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9, 
-	0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7, 
-	0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239, 
-	0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265, 
-	0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293, 
-	0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF, 
-#if ! SMALL_TABLE
-	0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301, 
-	0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B, 
-	0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371, 
-	0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD, 
-	0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5, 
-	0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419, 
-	0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449, 
-	0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B, 
-	0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7, 
-	0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503, 
-	0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529, 
-	0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F, 
-	0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3, 
-	0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7, 
-	0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623, 
-	0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653, 
-	0x0655, 0x065B, 0x0665, 0x0679, 0x067F, 0x0683, 0x0685, 0x069D, 
-	0x06A1, 0x06A3, 0x06AD, 0x06B9, 0x06BB, 0x06C5, 0x06CD, 0x06D3, 
-	0x06D9, 0x06DF, 0x06F1, 0x06F7, 0x06FB, 0x06FD, 0x0709, 0x0713, 
-	0x071F, 0x0727, 0x0737, 0x0745, 0x074B, 0x074F, 0x0751, 0x0755, 
-	0x0757, 0x0761, 0x076D, 0x0773, 0x0779, 0x078B, 0x078D, 0x079D, 
-	0x079F, 0x07B5, 0x07BB, 0x07C3, 0x07C9, 0x07CD, 0x07CF, 0x07D3, 
-	0x07DB, 0x07E1, 0x07EB, 0x07ED, 0x07F7, 0x0805, 0x080F, 0x0815, 
-	0x0821, 0x0823, 0x0827, 0x0829, 0x0833, 0x083F, 0x0841, 0x0851, 
-	0x0853, 0x0859, 0x085D, 0x085F, 0x0869, 0x0871, 0x0883, 0x089B, 
-	0x089F, 0x08A5, 0x08AD, 0x08BD, 0x08BF, 0x08C3, 0x08CB, 0x08DB, 
-	0x08DD, 0x08E1, 0x08E9, 0x08EF, 0x08F5, 0x08F9, 0x0905, 0x0907, 
-	0x091D, 0x0923, 0x0925, 0x092B, 0x092F, 0x0935, 0x0943, 0x0949, 
-	0x094D, 0x094F, 0x0955, 0x0959, 0x095F, 0x096B, 0x0971, 0x0977, 
-	0x0985, 0x0989, 0x098F, 0x099B, 0x09A3, 0x09A9, 0x09AD, 0x09C7, 
-	0x09D9, 0x09E3, 0x09EB, 0x09EF, 0x09F5, 0x09F7, 0x09FD, 0x0A13, 
-	0x0A1F, 0x0A21, 0x0A31, 0x0A39, 0x0A3D, 0x0A49, 0x0A57, 0x0A61, 
-	0x0A63, 0x0A67, 0x0A6F, 0x0A75, 0x0A7B, 0x0A7F, 0x0A81, 0x0A85, 
-	0x0A8B, 0x0A93, 0x0A97, 0x0A99, 0x0A9F, 0x0AA9, 0x0AAB, 0x0AB5, 
-	0x0ABD, 0x0AC1, 0x0ACF, 0x0AD9, 0x0AE5, 0x0AE7, 0x0AED, 0x0AF1, 
-	0x0AF3, 0x0B03, 0x0B11, 0x0B15, 0x0B1B, 0x0B23, 0x0B29, 0x0B2D, 
-	0x0B3F, 0x0B47, 0x0B51, 0x0B57, 0x0B5D, 0x0B65, 0x0B6F, 0x0B7B, 
-	0x0B89, 0x0B8D, 0x0B93, 0x0B99, 0x0B9B, 0x0BB7, 0x0BB9, 0x0BC3, 
-	0x0BCB, 0x0BCF, 0x0BDD, 0x0BE1, 0x0BE9, 0x0BF5, 0x0BFB, 0x0C07, 
-	0x0C0B, 0x0C11, 0x0C25, 0x0C2F, 0x0C31, 0x0C41, 0x0C5B, 0x0C5F, 
-	0x0C61, 0x0C6D, 0x0C73, 0x0C77, 0x0C83, 0x0C89, 0x0C91, 0x0C95, 
-	0x0C9D, 0x0CB3, 0x0CB5, 0x0CB9, 0x0CBB, 0x0CC7, 0x0CE3, 0x0CE5, 
-	0x0CEB, 0x0CF1, 0x0CF7, 0x0CFB, 0x0D01, 0x0D03, 0x0D0F, 0x0D13, 
-	0x0D1F, 0x0D21, 0x0D2B, 0x0D2D, 0x0D3D, 0x0D3F, 0x0D4F, 0x0D55, 
-	0x0D69, 0x0D79, 0x0D81, 0x0D85, 0x0D87, 0x0D8B, 0x0D8D, 0x0DA3, 
-	0x0DAB, 0x0DB7, 0x0DBD, 0x0DC7, 0x0DC9, 0x0DCD, 0x0DD3, 0x0DD5, 
-	0x0DDB, 0x0DE5, 0x0DE7, 0x0DF3, 0x0DFD, 0x0DFF, 0x0E09, 0x0E17, 
-	0x0E1D, 0x0E21, 0x0E27, 0x0E2F, 0x0E35, 0x0E3B, 0x0E4B, 0x0E57, 
-	0x0E59, 0x0E5D, 0x0E6B, 0x0E71, 0x0E75, 0x0E7D, 0x0E87, 0x0E8F, 
-	0x0E95, 0x0E9B, 0x0EB1, 0x0EB7, 0x0EB9, 0x0EC3, 0x0ED1, 0x0ED5, 
-	0x0EDB, 0x0EED, 0x0EEF, 0x0EF9, 0x0F07, 0x0F0B, 0x0F0D, 0x0F17, 
-	0x0F25, 0x0F29, 0x0F31, 0x0F43, 0x0F47, 0x0F4D, 0x0F4F, 0x0F53, 
-	0x0F59, 0x0F5B, 0x0F67, 0x0F6B, 0x0F7F, 0x0F95, 0x0FA1, 0x0FA3, 
-	0x0FA7, 0x0FAD, 0x0FB3, 0x0FB5, 0x0FBB, 0x0FD1, 0x0FD3, 0x0FD9, 
-	0x0FE9, 0x0FEF, 0x0FFB, 0x0FFD, 0x1003, 0x100F, 0x101F, 0x1021, 
-	0x1025, 0x102B, 0x1039, 0x103D, 0x103F, 0x1051, 0x1069, 0x1073, 
-	0x1079, 0x107B, 0x1085, 0x1087, 0x1091, 0x1093, 0x109D, 0x10A3, 
-	0x10A5, 0x10AF, 0x10B1, 0x10BB, 0x10C1, 0x10C9, 0x10E7, 0x10F1, 
-	0x10F3, 0x10FD, 0x1105, 0x110B, 0x1115, 0x1127, 0x112D, 0x1139, 
-	0x1145, 0x1147, 0x1159, 0x115F, 0x1163, 0x1169, 0x116F, 0x1181, 
-	0x1183, 0x118D, 0x119B, 0x11A1, 0x11A5, 0x11A7, 0x11AB, 0x11C3, 
-	0x11C5, 0x11D1, 0x11D7, 0x11E7, 0x11EF, 0x11F5, 0x11FB, 0x120D, 
-	0x121D, 0x121F, 0x1223, 0x1229, 0x122B, 0x1231, 0x1237, 0x1241, 
-	0x1247, 0x1253, 0x125F, 0x1271, 0x1273, 0x1279, 0x127D, 0x128F, 
-	0x1297, 0x12AF, 0x12B3, 0x12B5, 0x12B9, 0x12BF, 0x12C1, 0x12CD, 
-	0x12D1, 0x12DF, 0x12FD, 0x1307, 0x130D, 0x1319, 0x1327, 0x132D, 
-	0x1337, 0x1343, 0x1345, 0x1349, 0x134F, 0x1357, 0x135D, 0x1367, 
-	0x1369, 0x136D, 0x137B, 0x1381, 0x1387, 0x138B, 0x1391, 0x1393, 
-	0x139D, 0x139F, 0x13AF, 0x13BB, 0x13C3, 0x13D5, 0x13D9, 0x13DF, 
-	0x13EB, 0x13ED, 0x13F3, 0x13F9, 0x13FF, 0x141B, 0x1421, 0x142F, 
-	0x1433, 0x143B, 0x1445, 0x144D, 0x1459, 0x146B, 0x146F, 0x1471, 
-	0x1475, 0x148D, 0x1499, 0x149F, 0x14A1, 0x14B1, 0x14B7, 0x14BD, 
-	0x14CB, 0x14D5, 0x14E3, 0x14E7, 0x1505, 0x150B, 0x1511, 0x1517, 
-	0x151F, 0x1525, 0x1529, 0x152B, 0x1537, 0x153D, 0x1541, 0x1543, 
-	0x1549, 0x155F, 0x1565, 0x1567, 0x156B, 0x157D, 0x157F, 0x1583, 
-	0x158F, 0x1591, 0x1597, 0x159B, 0x15B5, 0x15BB, 0x15C1, 0x15C5, 
-	0x15CD, 0x15D7, 0x15F7, 0x1607, 0x1609, 0x160F, 0x1613, 0x1615, 
-	0x1619, 0x161B, 0x1625, 0x1633, 0x1639, 0x163D, 0x1645, 0x164F, 
-	0x1655, 0x1669, 0x166D, 0x166F, 0x1675, 0x1693, 0x1697, 0x169F, 
-	0x16A9, 0x16AF, 0x16B5, 0x16BD, 0x16C3, 0x16CF, 0x16D3, 0x16D9, 
-	0x16DB, 0x16E1, 0x16E5, 0x16EB, 0x16ED, 0x16F7, 0x16F9, 0x1709, 
-	0x170F, 0x1723, 0x1727, 0x1733, 0x1741, 0x175D, 0x1763, 0x1777, 
-	0x177B, 0x178D, 0x1795, 0x179B, 0x179F, 0x17A5, 0x17B3, 0x17B9, 
-	0x17BF, 0x17C9, 0x17CB, 0x17D5, 0x17E1, 0x17E9, 0x17F3, 0x17F5, 
-	0x17FF, 0x1807, 0x1813, 0x181D, 0x1835, 0x1837, 0x183B, 0x1843, 
-	0x1849, 0x184D, 0x1855, 0x1867, 0x1871, 0x1877, 0x187D, 0x187F, 
-	0x1885, 0x188F, 0x189B, 0x189D, 0x18A7, 0x18AD, 0x18B3, 0x18B9, 
-	0x18C1, 0x18C7, 0x18D1, 0x18D7, 0x18D9, 0x18DF, 0x18E5, 0x18EB, 
-	0x18F5, 0x18FD, 0x1915, 0x191B, 0x1931, 0x1933, 0x1945, 0x1949, 
-	0x1951, 0x195B, 0x1979, 0x1981, 0x1993, 0x1997, 0x1999, 0x19A3, 
-	0x19A9, 0x19AB, 0x19B1, 0x19B5, 0x19C7, 0x19CF, 0x19DB, 0x19ED, 
-	0x19FD, 0x1A03, 0x1A05, 0x1A11, 0x1A17, 0x1A21, 0x1A23, 0x1A2D, 
-	0x1A2F, 0x1A35, 0x1A3F, 0x1A4D, 0x1A51, 0x1A69, 0x1A6B, 0x1A7B, 
-	0x1A7D, 0x1A87, 0x1A89, 0x1A93, 0x1AA7, 0x1AAB, 0x1AAD, 0x1AB1, 
-	0x1AB9, 0x1AC9, 0x1ACF, 0x1AD5, 0x1AD7, 0x1AE3, 0x1AF3, 0x1AFB, 
-	0x1AFF, 0x1B05, 0x1B23, 0x1B25, 0x1B2F, 0x1B31, 0x1B37, 0x1B3B, 
-	0x1B41, 0x1B47, 0x1B4F, 0x1B55, 0x1B59, 0x1B65, 0x1B6B, 0x1B73, 
-	0x1B7F, 0x1B83, 0x1B91, 0x1B9D, 0x1BA7, 0x1BBF, 0x1BC5, 0x1BD1, 
-	0x1BD7, 0x1BD9, 0x1BEF, 0x1BF7, 0x1C09, 0x1C13, 0x1C19, 0x1C27, 
-	0x1C2B, 0x1C2D, 0x1C33, 0x1C3D, 0x1C45, 0x1C4B, 0x1C4F, 0x1C55, 
-	0x1C73, 0x1C81, 0x1C8B, 0x1C8D, 0x1C99, 0x1CA3, 0x1CA5, 0x1CB5, 
-	0x1CB7, 0x1CC9, 0x1CE1, 0x1CF3, 0x1CF9, 0x1D09, 0x1D1B, 0x1D21, 
-	0x1D23, 0x1D35, 0x1D39, 0x1D3F, 0x1D41, 0x1D4B, 0x1D53, 0x1D5D, 
-	0x1D63, 0x1D69, 0x1D71, 0x1D75, 0x1D7B, 0x1D7D, 0x1D87, 0x1D89, 
-	0x1D95, 0x1D99, 0x1D9F, 0x1DA5, 0x1DA7, 0x1DB3, 0x1DB7, 0x1DC5, 
-	0x1DD7, 0x1DDB, 0x1DE1, 0x1DF5, 0x1DF9, 0x1E01, 0x1E07, 0x1E0B, 
-	0x1E13, 0x1E17, 0x1E25, 0x1E2B, 0x1E2F, 0x1E3D, 0x1E49, 0x1E4D, 
-	0x1E4F, 0x1E6D, 0x1E71, 0x1E89, 0x1E8F, 0x1E95, 0x1EA1, 0x1EAD, 
-	0x1EBB, 0x1EC1, 0x1EC5, 0x1EC7, 0x1ECB, 0x1EDD, 0x1EE3, 0x1EEF, 
-	0x1EF7, 0x1EFD, 0x1F01, 0x1F0D, 0x1F0F, 0x1F1B, 0x1F39, 0x1F49, 
-	0x1F4B, 0x1F51, 0x1F67, 0x1F75, 0x1F7B, 0x1F85, 0x1F91, 0x1F97, 
-	0x1F99, 0x1F9D, 0x1FA5, 0x1FAF, 0x1FB5, 0x1FBB, 0x1FD3, 0x1FE1, 
-	0x1FE7, 0x1FEB, 0x1FF3, 0x1FFF, 0x2011, 0x201B, 0x201D, 0x2027, 
-	0x2029, 0x202D, 0x2033, 0x2047, 0x204D, 0x2051, 0x205F, 0x2063, 
-	0x2065, 0x2069, 0x2077, 0x207D, 0x2089, 0x20A1, 0x20AB, 0x20B1, 
-	0x20B9, 0x20C3, 0x20C5, 0x20E3, 0x20E7, 0x20ED, 0x20EF, 0x20FB, 
-	0x20FF, 0x210D, 0x2113, 0x2135, 0x2141, 0x2149, 0x214F, 0x2159, 
-	0x215B, 0x215F, 0x2173, 0x217D, 0x2185, 0x2195, 0x2197, 0x21A1, 
-	0x21AF, 0x21B3, 0x21B5, 0x21C1, 0x21C7, 0x21D7, 0x21DD, 0x21E5, 
-	0x21E9, 0x21F1, 0x21F5, 0x21FB, 0x2203, 0x2209, 0x220F, 0x221B, 
-	0x2221, 0x2225, 0x222B, 0x2231, 0x2239, 0x224B, 0x224F, 0x2263, 
-	0x2267, 0x2273, 0x2275, 0x227F, 0x2285, 0x2287, 0x2291, 0x229D, 
-	0x229F, 0x22A3, 0x22B7, 0x22BD, 0x22DB, 0x22E1, 0x22E5, 0x22ED, 
-	0x22F7, 0x2303, 0x2309, 0x230B, 0x2327, 0x2329, 0x232F, 0x2333, 
-	0x2335, 0x2345, 0x2351, 0x2353, 0x2359, 0x2363, 0x236B, 0x2383, 
-	0x238F, 0x2395, 0x23A7, 0x23AD, 0x23B1, 0x23BF, 0x23C5, 0x23C9, 
-	0x23D5, 0x23DD, 0x23E3, 0x23EF, 0x23F3, 0x23F9, 0x2405, 0x240B, 
-	0x2417, 0x2419, 0x2429, 0x243D, 0x2441, 0x2443, 0x244D, 0x245F, 
-	0x2467, 0x246B, 0x2479, 0x247D, 0x247F, 0x2485, 0x249B, 0x24A1, 
-	0x24AF, 0x24B5, 0x24BB, 0x24C5, 0x24CB, 0x24CD, 0x24D7, 0x24D9, 
-	0x24DD, 0x24DF, 0x24F5, 0x24F7, 0x24FB, 0x2501, 0x2507, 0x2513, 
-	0x2519, 0x2527, 0x2531, 0x253D, 0x2543, 0x254B, 0x254F, 0x2573, 
-	0x2581, 0x258D, 0x2593, 0x2597, 0x259D, 0x259F, 0x25AB, 0x25B1, 
-	0x25BD, 0x25CD, 0x25CF, 0x25D9, 0x25E1, 0x25F7, 0x25F9, 0x2605, 
-	0x260B, 0x260F, 0x2615, 0x2627, 0x2629, 0x2635, 0x263B, 0x263F, 
-	0x264B, 0x2653, 0x2659, 0x2665, 0x2669, 0x266F, 0x267B, 0x2681, 
-	0x2683, 0x268F, 0x269B, 0x269F, 0x26AD, 0x26B3, 0x26C3, 0x26C9, 
-	0x26CB, 0x26D5, 0x26DD, 0x26EF, 0x26F5, 0x2717, 0x2719, 0x2735, 
-	0x2737, 0x274D, 0x2753, 0x2755, 0x275F, 0x276B, 0x276D, 0x2773, 
-	0x2777, 0x277F, 0x2795, 0x279B, 0x279D, 0x27A7, 0x27AF, 0x27B3, 
-	0x27B9, 0x27C1, 0x27C5, 0x27D1, 0x27E3, 0x27EF, 0x2803, 0x2807, 
-	0x280D, 0x2813, 0x281B, 0x281F, 0x2821, 0x2831, 0x283D, 0x283F, 
-	0x2849, 0x2851, 0x285B, 0x285D, 0x2861, 0x2867, 0x2875, 0x2881, 
-	0x2897, 0x289F, 0x28BB, 0x28BD, 0x28C1, 0x28D5, 0x28D9, 0x28DB, 
-	0x28DF, 0x28ED, 0x28F7, 0x2903, 0x2905, 0x2911, 0x2921, 0x2923, 
-	0x293F, 0x2947, 0x295D, 0x2965, 0x2969, 0x296F, 0x2975, 0x2983, 
-	0x2987, 0x298F, 0x299B, 0x29A1, 0x29A7, 0x29AB, 0x29BF, 0x29C3, 
-	0x29D5, 0x29D7, 0x29E3, 0x29E9, 0x29ED, 0x29F3, 0x2A01, 0x2A13, 
-	0x2A1D, 0x2A25, 0x2A2F, 0x2A4F, 0x2A55, 0x2A5F, 0x2A65, 0x2A6B, 
-	0x2A6D, 0x2A73, 0x2A83, 0x2A89, 0x2A8B, 0x2A97, 0x2A9D, 0x2AB9, 
-	0x2ABB, 0x2AC5, 0x2ACD, 0x2ADD, 0x2AE3, 0x2AEB, 0x2AF1, 0x2AFB, 
-	0x2B13, 0x2B27, 0x2B31, 0x2B33, 0x2B3D, 0x2B3F, 0x2B4B, 0x2B4F, 
-	0x2B55, 0x2B69, 0x2B6D, 0x2B6F, 0x2B7B, 0x2B8D, 0x2B97, 0x2B99, 
-	0x2BA3, 0x2BA5, 0x2BA9, 0x2BBD, 0x2BCD, 0x2BE7, 0x2BEB, 0x2BF3, 
-	0x2BF9, 0x2BFD, 0x2C09, 0x2C0F, 0x2C17, 0x2C23, 0x2C2F, 0x2C35, 
-	0x2C39, 0x2C41, 0x2C57, 0x2C59, 0x2C69, 0x2C77, 0x2C81, 0x2C87, 
-	0x2C93, 0x2C9F, 0x2CAD, 0x2CB3, 0x2CB7, 0x2CCB, 0x2CCF, 0x2CDB, 
-	0x2CE1, 0x2CE3, 0x2CE9, 0x2CEF, 0x2CFF, 0x2D07, 0x2D1D, 0x2D1F, 
-	0x2D3B, 0x2D43, 0x2D49, 0x2D4D, 0x2D61, 0x2D65, 0x2D71, 0x2D89, 
-	0x2D9D, 0x2DA1, 0x2DA9, 0x2DB3, 0x2DB5, 0x2DC5, 0x2DC7, 0x2DD3, 
-	0x2DDF, 0x2E01, 0x2E03, 0x2E07, 0x2E0D, 0x2E19, 0x2E1F, 0x2E25, 
-	0x2E2D, 0x2E33, 0x2E37, 0x2E39, 0x2E3F, 0x2E57, 0x2E5B, 0x2E6F, 
-	0x2E79, 0x2E7F, 0x2E85, 0x2E93, 0x2E97, 0x2E9D, 0x2EA3, 0x2EA5, 
-	0x2EB1, 0x2EB7, 0x2EC1, 0x2EC3, 0x2ECD, 0x2ED3, 0x2EE7, 0x2EEB, 
-	0x2F05, 0x2F09, 0x2F0B, 0x2F11, 0x2F27, 0x2F29, 0x2F41, 0x2F45, 
-	0x2F4B, 0x2F4D, 0x2F51, 0x2F57, 0x2F6F, 0x2F75, 0x2F7D, 0x2F81, 
-	0x2F83, 0x2FA5, 0x2FAB, 0x2FB3, 0x2FC3, 0x2FCF, 0x2FD1, 0x2FDB, 
-	0x2FDD, 0x2FE7, 0x2FED, 0x2FF5, 0x2FF9, 0x3001, 0x300D, 0x3023, 
-	0x3029, 0x3037, 0x303B, 0x3055, 0x3059, 0x305B, 0x3067, 0x3071, 
-	0x3079, 0x307D, 0x3085, 0x3091, 0x3095, 0x30A3, 0x30A9, 0x30B9, 
-	0x30BF, 0x30C7, 0x30CB, 0x30D1, 0x30D7, 0x30DF, 0x30E5, 0x30EF, 
-	0x30FB, 0x30FD, 0x3103, 0x3109, 0x3119, 0x3121, 0x3127, 0x312D, 
-	0x3139, 0x3143, 0x3145, 0x314B, 0x315D, 0x3161, 0x3167, 0x316D, 
-	0x3173, 0x317F, 0x3191, 0x3199, 0x319F, 0x31A9, 0x31B1, 0x31C3, 
-	0x31C7, 0x31D5, 0x31DB, 0x31ED, 0x31F7, 0x31FF, 0x3209, 0x3215, 
-	0x3217, 0x321D, 0x3229, 0x3235, 0x3259, 0x325D, 0x3263, 0x326B, 
-	0x326F, 0x3275, 0x3277, 0x327B, 0x328D, 0x3299, 0x329F, 0x32A7, 
-	0x32AD, 0x32B3, 0x32B7, 0x32C9, 0x32CB, 0x32CF, 0x32D1, 0x32E9, 
-	0x32ED, 0x32F3, 0x32F9, 0x3307, 0x3325, 0x332B, 0x332F, 0x3335, 
-	0x3341, 0x3347, 0x335B, 0x335F, 0x3367, 0x336B, 0x3373, 0x3379, 
-	0x337F, 0x3383, 0x33A1, 0x33A3, 0x33AD, 0x33B9, 0x33C1, 0x33CB, 
-	0x33D3, 0x33EB, 0x33F1, 0x33FD, 0x3401, 0x340F, 0x3413, 0x3419, 
-	0x341B, 0x3437, 0x3445, 0x3455, 0x3457, 0x3463, 0x3469, 0x346D, 
-	0x3481, 0x348B, 0x3491, 0x3497, 0x349D, 0x34A5, 0x34AF, 0x34BB, 
-	0x34C9, 0x34D3, 0x34E1, 0x34F1, 0x34FF, 0x3509, 0x3517, 0x351D, 
-	0x352D, 0x3533, 0x353B, 0x3541, 0x3551, 0x3565, 0x356F, 0x3571, 
-	0x3577, 0x357B, 0x357D, 0x3581, 0x358D, 0x358F, 0x3599, 0x359B, 
-	0x35A1, 0x35B7, 0x35BD, 0x35BF, 0x35C3, 0x35D5, 0x35DD, 0x35E7, 
-	0x35EF, 0x3605, 0x3607, 0x3611, 0x3623, 0x3631, 0x3635, 0x3637, 
-	0x363B, 0x364D, 0x364F, 0x3653, 0x3659, 0x3661, 0x366B, 0x366D, 
-	0x368B, 0x368F, 0x36AD, 0x36AF, 0x36B9, 0x36BB, 0x36CD, 0x36D1, 
-	0x36E3, 0x36E9, 0x36F7, 0x3701, 0x3703, 0x3707, 0x371B, 0x373F, 
-	0x3745, 0x3749, 0x374F, 0x375D, 0x3761, 0x3775, 0x377F, 0x378D, 
-	0x37A3, 0x37A9, 0x37AB, 0x37C9, 0x37D5, 0x37DF, 0x37F1, 0x37F3, 
-	0x37F7, 0x3805, 0x380B, 0x3821, 0x3833, 0x3835, 0x3841, 0x3847, 
-	0x384B, 0x3853, 0x3857, 0x385F, 0x3865, 0x386F, 0x3871, 0x387D, 
-	0x388F, 0x3899, 0x38A7, 0x38B7, 0x38C5, 0x38C9, 0x38CF, 0x38D5, 
-	0x38D7, 0x38DD, 0x38E1, 0x38E3, 0x38FF, 0x3901, 0x391D, 0x3923, 
-	0x3925, 0x3929, 0x392F, 0x393D, 0x3941, 0x394D, 0x395B, 0x396B, 
-	0x3979, 0x397D, 0x3983, 0x398B, 0x3991, 0x3995, 0x399B, 0x39A1, 
-	0x39A7, 0x39AF, 0x39B3, 0x39BB, 0x39BF, 0x39CD, 0x39DD, 0x39E5, 
-	0x39EB, 0x39EF, 0x39FB, 0x3A03, 0x3A13, 0x3A15, 0x3A1F, 0x3A27, 
-	0x3A2B, 0x3A31, 0x3A4B, 0x3A51, 0x3A5B, 0x3A63, 0x3A67, 0x3A6D, 
-	0x3A79, 0x3A87, 0x3AA5, 0x3AA9, 0x3AB7, 0x3ACD, 0x3AD5, 0x3AE1, 
-	0x3AE5, 0x3AEB, 0x3AF3, 0x3AFD, 0x3B03, 0x3B11, 0x3B1B, 0x3B21, 
-	0x3B23, 0x3B2D, 0x3B39, 0x3B45, 0x3B53, 0x3B59, 0x3B5F, 0x3B71, 
-	0x3B7B, 0x3B81, 0x3B89, 0x3B9B, 0x3B9F, 0x3BA5, 0x3BA7, 0x3BAD, 
-	0x3BB7, 0x3BB9, 0x3BC3, 0x3BCB, 0x3BD1, 0x3BD7, 0x3BE1, 0x3BE3, 
-	0x3BF5, 0x3BFF, 0x3C01, 0x3C0D, 0x3C11, 0x3C17, 0x3C1F, 0x3C29, 
-	0x3C35, 0x3C43, 0x3C4F, 0x3C53, 0x3C5B, 0x3C65, 0x3C6B, 0x3C71, 
-	0x3C85, 0x3C89, 0x3C97, 0x3CA7, 0x3CB5, 0x3CBF, 0x3CC7, 0x3CD1, 
-	0x3CDD, 0x3CDF, 0x3CF1, 0x3CF7, 0x3D03, 0x3D0D, 0x3D19, 0x3D1B, 
-	0x3D1F, 0x3D21, 0x3D2D, 0x3D33, 0x3D37, 0x3D3F, 0x3D43, 0x3D6F, 
-	0x3D73, 0x3D75, 0x3D79, 0x3D7B, 0x3D85, 0x3D91, 0x3D97, 0x3D9D, 
-	0x3DAB, 0x3DAF, 0x3DB5, 0x3DBB, 0x3DC1, 0x3DC9, 0x3DCF, 0x3DF3, 
-	0x3E05, 0x3E09, 0x3E0F, 0x3E11, 0x3E1D, 0x3E23, 0x3E29, 0x3E2F, 
-	0x3E33, 0x3E41, 0x3E57, 0x3E63, 0x3E65, 0x3E77, 0x3E81, 0x3E87, 
-	0x3EA1, 0x3EB9, 0x3EBD, 0x3EBF, 0x3EC3, 0x3EC5, 0x3EC9, 0x3ED7, 
-	0x3EDB, 0x3EE1, 0x3EE7, 0x3EEF, 0x3EFF, 0x3F0B, 0x3F0D, 0x3F37, 
-	0x3F3B, 0x3F3D, 0x3F41, 0x3F59, 0x3F5F, 0x3F65, 0x3F67, 0x3F79, 
-	0x3F7D, 0x3F8B, 0x3F91, 0x3FAD, 0x3FBF, 0x3FCD, 0x3FD3, 0x3FDD, 
-	0x3FE9, 0x3FEB, 0x3FF1, 0x3FFD, 0x401B, 0x4021, 0x4025, 0x402B, 
-	0x4031, 0x403F, 0x4043, 0x4045, 0x405D, 0x4061, 0x4067, 0x406D, 
-	0x4087, 0x4091, 0x40A3, 0x40A9, 0x40B1, 0x40B7, 0x40BD, 0x40DB, 
-	0x40DF, 0x40EB, 0x40F7, 0x40F9, 0x4109, 0x410B, 0x4111, 0x4115, 
-	0x4121, 0x4133, 0x4135, 0x413B, 0x413F, 0x4159, 0x4165, 0x416B, 
-	0x4177, 0x417B, 0x4193, 0x41AB, 0x41B7, 0x41BD, 0x41BF, 0x41CB, 
-	0x41E7, 0x41EF, 0x41F3, 0x41F9, 0x4205, 0x4207, 0x4219, 0x421F, 
-	0x4223, 0x4229, 0x422F, 0x4243, 0x4253, 0x4255, 0x425B, 0x4261, 
-	0x4273, 0x427D, 0x4283, 0x4285, 0x4289, 0x4291, 0x4297, 0x429D, 
-	0x42B5, 0x42C5, 0x42CB, 0x42D3, 0x42DD, 0x42E3, 0x42F1, 0x4307, 
-	0x430F, 0x431F, 0x4325, 0x4327, 0x4333, 0x4337, 0x4339, 0x434F, 
-	0x4357, 0x4369, 0x438B, 0x438D, 0x4393, 0x43A5, 0x43A9, 0x43AF, 
-	0x43B5, 0x43BD, 0x43C7, 0x43CF, 0x43E1, 0x43E7, 0x43EB, 0x43ED, 
-	0x43F1, 0x43F9, 0x4409, 0x440B, 0x4417, 0x4423, 0x4429, 0x443B, 
-	0x443F, 0x4445, 0x444B, 0x4451, 0x4453, 0x4459, 0x4465, 0x446F, 
-	0x4483, 0x448F, 0x44A1, 0x44A5, 0x44AB, 0x44AD, 0x44BD, 0x44BF, 
-	0x44C9, 0x44D7, 0x44DB, 0x44F9, 0x44FB, 0x4505, 0x4511, 0x4513, 
-	0x452B, 0x4531, 0x4541, 0x4549, 0x4553, 0x4555, 0x4561, 0x4577, 
-	0x457D, 0x457F, 0x458F, 0x45A3, 0x45AD, 0x45AF, 0x45BB, 0x45C7, 
-	0x45D9, 0x45E3, 0x45EF, 0x45F5, 0x45F7, 0x4601, 0x4603, 0x4609, 
-	0x4613, 0x4625, 0x4627, 0x4633, 0x4639, 0x463D, 0x4643, 0x4645, 
-	0x465D, 0x4679, 0x467B, 0x467F, 0x4681, 0x468B, 0x468D, 0x469D, 
-	0x46A9, 0x46B1, 0x46C7, 0x46C9, 0x46CF, 0x46D3, 0x46D5, 0x46DF, 
-	0x46E5, 0x46F9, 0x4705, 0x470F, 0x4717, 0x4723, 0x4729, 0x472F, 
-	0x4735, 0x4739, 0x474B, 0x474D, 0x4751, 0x475D, 0x476F, 0x4771, 
-	0x477D, 0x4783, 0x4787, 0x4789, 0x4799, 0x47A5, 0x47B1, 0x47BF, 
-	0x47C3, 0x47CB, 0x47DD, 0x47E1, 0x47ED, 0x47FB, 0x4801, 0x4807, 
-	0x480B, 0x4813, 0x4819, 0x481D, 0x4831, 0x483D, 0x4847, 0x4855, 
-	0x4859, 0x485B, 0x486B, 0x486D, 0x4879, 0x4897, 0x489B, 0x48A1, 
-	0x48B9, 0x48CD, 0x48E5, 0x48EF, 0x48F7, 0x4903, 0x490D, 0x4919, 
-	0x491F, 0x492B, 0x4937, 0x493D, 0x4945, 0x4955, 0x4963, 0x4969, 
-	0x496D, 0x4973, 0x4997, 0x49AB, 0x49B5, 0x49D3, 0x49DF, 0x49E1, 
-	0x49E5, 0x49E7, 0x4A03, 0x4A0F, 0x4A1D, 0x4A23, 0x4A39, 0x4A41, 
-	0x4A45, 0x4A57, 0x4A5D, 0x4A6B, 0x4A7D, 0x4A81, 0x4A87, 0x4A89, 
-	0x4A8F, 0x4AB1, 0x4AC3, 0x4AC5, 0x4AD5, 0x4ADB, 0x4AED, 0x4AEF, 
-	0x4B07, 0x4B0B, 0x4B0D, 0x4B13, 0x4B1F, 0x4B25, 0x4B31, 0x4B3B, 
-	0x4B43, 0x4B49, 0x4B59, 0x4B65, 0x4B6D, 0x4B77, 0x4B85, 0x4BAD, 
-	0x4BB3, 0x4BB5, 0x4BBB, 0x4BBF, 0x4BCB, 0x4BD9, 0x4BDD, 0x4BDF, 
-	0x4BE3, 0x4BE5, 0x4BE9, 0x4BF1, 0x4BF7, 0x4C01, 0x4C07, 0x4C0D, 
-	0x4C0F, 0x4C15, 0x4C1B, 0x4C21, 0x4C2D, 0x4C33, 0x4C4B, 0x4C55, 
-	0x4C57, 0x4C61, 0x4C67, 0x4C73, 0x4C79, 0x4C7F, 0x4C8D, 0x4C93, 
-	0x4C99, 0x4CCD, 0x4CE1, 0x4CE7, 0x4CF1, 0x4CF3, 0x4CFD, 0x4D05, 
-	0x4D0F, 0x4D1B, 0x4D27, 0x4D29, 0x4D2F, 0x4D33, 0x4D41, 0x4D51, 
-	0x4D59, 0x4D65, 0x4D6B, 0x4D81, 0x4D83, 0x4D8D, 0x4D95, 0x4D9B, 
-	0x4DB1, 0x4DB3, 0x4DC9, 0x4DCF, 0x4DD7, 0x4DE1, 0x4DED, 0x4DF9, 
-	0x4DFB, 0x4E05, 0x4E0B, 0x4E17, 0x4E19, 0x4E1D, 0x4E2B, 0x4E35, 
-	0x4E37, 0x4E3D, 0x4E4F, 0x4E53, 0x4E5F, 0x4E67, 0x4E79, 0x4E85, 
-	0x4E8B, 0x4E91, 0x4E95, 0x4E9B, 0x4EA1, 0x4EAF, 0x4EB3, 0x4EB5, 
-	0x4EC1, 0x4ECD, 0x4ED1, 0x4ED7, 0x4EE9, 0x4EFB, 0x4F07, 0x4F09, 
-	0x4F19, 0x4F25, 0x4F2D, 0x4F3F, 0x4F49, 0x4F63, 0x4F67, 0x4F6D, 
-	0x4F75, 0x4F7B, 0x4F81, 0x4F85, 0x4F87, 0x4F91, 0x4FA5, 0x4FA9, 
-	0x4FAF, 0x4FB7, 0x4FBB, 0x4FCF, 0x4FD9, 0x4FDB, 0x4FFD, 0x4FFF, 
-	0x5003, 0x501B, 0x501D, 0x5029, 0x5035, 0x503F, 0x5045, 0x5047, 
-	0x5053, 0x5071, 0x5077, 0x5083, 0x5093, 0x509F, 0x50A1, 0x50B7, 
-	0x50C9, 0x50D5, 0x50E3, 0x50ED, 0x50EF, 0x50FB, 0x5107, 0x510B, 
-	0x510D, 0x5111, 0x5117, 0x5123, 0x5125, 0x5135, 0x5147, 0x5149, 
-	0x5171, 0x5179, 0x5189, 0x518F, 0x5197, 0x51A1, 0x51A3, 0x51A7, 
-	0x51B9, 0x51C1, 0x51CB, 0x51D3, 0x51DF, 0x51E3, 0x51F5, 0x51F7, 
-	0x5209, 0x5213, 0x5215, 0x5219, 0x521B, 0x521F, 0x5227, 0x5243, 
-	0x5245, 0x524B, 0x5261, 0x526D, 0x5273, 0x5281, 0x5293, 0x5297, 
-	0x529D, 0x52A5, 0x52AB, 0x52B1, 0x52BB, 0x52C3, 0x52C7, 0x52C9, 
-	0x52DB, 0x52E5, 0x52EB, 0x52FF, 0x5315, 0x531D, 0x5323, 0x5341, 
-	0x5345, 0x5347, 0x534B, 0x535D, 0x5363, 0x5381, 0x5383, 0x5387, 
-	0x538F, 0x5395, 0x5399, 0x539F, 0x53AB, 0x53B9, 0x53DB, 0x53E9, 
-	0x53EF, 0x53F3, 0x53F5, 0x53FB, 0x53FF, 0x540D, 0x5411, 0x5413, 
-	0x5419, 0x5435, 0x5437, 0x543B, 0x5441, 0x5449, 0x5453, 0x5455, 
-	0x545F, 0x5461, 0x546B, 0x546D, 0x5471, 0x548F, 0x5491, 0x549D, 
-	0x54A9, 0x54B3, 0x54C5, 0x54D1, 0x54DF, 0x54E9, 0x54EB, 0x54F7, 
-	0x54FD, 0x5507, 0x550D, 0x551B, 0x5527, 0x552B, 0x5539, 0x553D, 
-	0x554F, 0x5551, 0x555B, 0x5563, 0x5567, 0x556F, 0x5579, 0x5585, 
-	0x5597, 0x55A9, 0x55B1, 0x55B7, 0x55C9, 0x55D9, 0x55E7, 0x55ED, 
-	0x55F3, 0x55FD, 0x560B, 0x560F, 0x5615, 0x5617, 0x5623, 0x562F, 
-	0x5633, 0x5639, 0x563F, 0x564B, 0x564D, 0x565D, 0x565F, 0x566B, 
-	0x5671, 0x5675, 0x5683, 0x5689, 0x568D, 0x568F, 0x569B, 0x56AD, 
-	0x56B1, 0x56D5, 0x56E7, 0x56F3, 0x56FF, 0x5701, 0x5705, 0x5707, 
-	0x570B, 0x5713, 0x571F, 0x5723, 0x5747, 0x574D, 0x575F, 0x5761, 
-	0x576D, 0x5777, 0x577D, 0x5789, 0x57A1, 0x57A9, 0x57AF, 0x57B5, 
-	0x57C5, 0x57D1, 0x57D3, 0x57E5, 0x57EF, 0x5803, 0x580D, 0x580F, 
-	0x5815, 0x5827, 0x582B, 0x582D, 0x5855, 0x585B, 0x585D, 0x586D, 
-	0x586F, 0x5873, 0x587B, 0x588D, 0x5897, 0x58A3, 0x58A9, 0x58AB, 
-	0x58B5, 0x58BD, 0x58C1, 0x58C7, 0x58D3, 0x58D5, 0x58DF, 0x58F1, 
-	0x58F9, 0x58FF, 0x5903, 0x5917, 0x591B, 0x5921, 0x5945, 0x594B, 
-	0x594D, 0x5957, 0x595D, 0x5975, 0x597B, 0x5989, 0x5999, 0x599F, 
-	0x59B1, 0x59B3, 0x59BD, 0x59D1, 0x59DB, 0x59E3, 0x59E9, 0x59ED, 
-	0x59F3, 0x59F5, 0x59FF, 0x5A01, 0x5A0D, 0x5A11, 0x5A13, 0x5A17, 
-	0x5A1F, 0x5A29, 0x5A2F, 0x5A3B, 0x5A4D, 0x5A5B, 0x5A67, 0x5A77, 
-	0x5A7F, 0x5A85, 0x5A95, 0x5A9D, 0x5AA1, 0x5AA3, 0x5AA9, 0x5ABB, 
-	0x5AD3, 0x5AE5, 0x5AEF, 0x5AFB, 0x5AFD, 0x5B01, 0x5B0F, 0x5B19, 
-	0x5B1F, 0x5B25, 0x5B2B, 0x5B3D, 0x5B49, 0x5B4B, 0x5B67, 0x5B79, 
-	0x5B87, 0x5B97, 0x5BA3, 0x5BB1, 0x5BC9, 0x5BD5, 0x5BEB, 0x5BF1, 
-	0x5BF3, 0x5BFD, 0x5C05, 0x5C09, 0x5C0B, 0x5C0F, 0x5C1D, 0x5C29, 
-	0x5C2F, 0x5C33, 0x5C39, 0x5C47, 0x5C4B, 0x5C4D, 0x5C51, 0x5C6F, 
-	0x5C75, 0x5C77, 0x5C7D, 0x5C87, 0x5C89, 0x5CA7, 0x5CBD, 0x5CBF, 
-	0x5CC3, 0x5CC9, 0x5CD1, 0x5CD7, 0x5CDD, 0x5CED, 0x5CF9, 0x5D05, 
-	0x5D0B, 0x5D13, 0x5D17, 0x5D19, 0x5D31, 0x5D3D, 0x5D41, 0x5D47, 
-	0x5D4F, 0x5D55, 0x5D5B, 0x5D65, 0x5D67, 0x5D6D, 0x5D79, 0x5D95, 
-	0x5DA3, 0x5DA9, 0x5DAD, 0x5DB9, 0x5DC1, 0x5DC7, 0x5DD3, 0x5DD7, 
-	0x5DDD, 0x5DEB, 0x5DF1, 0x5DFD, 0x5E07, 0x5E0D, 0x5E13, 0x5E1B, 
-	0x5E21, 0x5E27, 0x5E2B, 0x5E2D, 0x5E31, 0x5E39, 0x5E45, 0x5E49, 
-	0x5E57, 0x5E69, 0x5E73, 0x5E75, 0x5E85, 0x5E8B, 0x5E9F, 0x5EA5, 
-	0x5EAF, 0x5EB7, 0x5EBB, 0x5ED9, 0x5EFD, 0x5F09, 0x5F11, 0x5F27, 
-	0x5F33, 0x5F35, 0x5F3B, 0x5F47, 0x5F57, 0x5F5D, 0x5F63, 0x5F65, 
-	0x5F77, 0x5F7B, 0x5F95, 0x5F99, 0x5FA1, 0x5FB3, 0x5FBD, 0x5FC5, 
-	0x5FCF, 0x5FD5, 0x5FE3, 0x5FE7, 0x5FFB, 0x6011, 0x6023, 0x602F, 
-	0x6037, 0x6053, 0x605F, 0x6065, 0x606B, 0x6073, 0x6079, 0x6085, 
-	0x609D, 0x60AD, 0x60BB, 0x60BF, 0x60CD, 0x60D9, 0x60DF, 0x60E9, 
-	0x60F5, 0x6109, 0x610F, 0x6113, 0x611B, 0x612D, 0x6139, 0x614B, 
-	0x6155, 0x6157, 0x615B, 0x616F, 0x6179, 0x6187, 0x618B, 0x6191, 
-	0x6193, 0x619D, 0x61B5, 0x61C7, 0x61C9, 0x61CD, 0x61E1, 0x61F1, 
-	0x61FF, 0x6209, 0x6217, 0x621D, 0x6221, 0x6227, 0x623B, 0x6241, 
-	0x624B, 0x6251, 0x6253, 0x625F, 0x6265, 0x6283, 0x628D, 0x6295, 
-	0x629B, 0x629F, 0x62A5, 0x62AD, 0x62D5, 0x62D7, 0x62DB, 0x62DD, 
-	0x62E9, 0x62FB, 0x62FF, 0x6305, 0x630D, 0x6317, 0x631D, 0x632F, 
-	0x6341, 0x6343, 0x634F, 0x635F, 0x6367, 0x636D, 0x6371, 0x6377, 
-	0x637D, 0x637F, 0x63B3, 0x63C1, 0x63C5, 0x63D9, 0x63E9, 0x63EB, 
-	0x63EF, 0x63F5, 0x6401, 0x6403, 0x6409, 0x6415, 0x6421, 0x6427, 
-	0x642B, 0x6439, 0x6443, 0x6449, 0x644F, 0x645D, 0x6467, 0x6475, 
-	0x6485, 0x648D, 0x6493, 0x649F, 0x64A3, 0x64AB, 0x64C1, 0x64C7, 
-	0x64C9, 0x64DB, 0x64F1, 0x64F7, 0x64F9, 0x650B, 0x6511, 0x6521, 
-	0x652F, 0x6539, 0x653F, 0x654B, 0x654D, 0x6553, 0x6557, 0x655F, 
-	0x6571, 0x657D, 0x658D, 0x658F, 0x6593, 0x65A1, 0x65A5, 0x65AD, 
-	0x65B9, 0x65C5, 0x65E3, 0x65F3, 0x65FB, 0x65FF, 0x6601, 0x6607, 
-	0x661D, 0x6629, 0x6631, 0x663B, 0x6641, 0x6647, 0x664D, 0x665B, 
-	0x6661, 0x6673, 0x667D, 0x6689, 0x668B, 0x6695, 0x6697, 0x669B, 
-	0x66B5, 0x66B9, 0x66C5, 0x66CD, 0x66D1, 0x66E3, 0x66EB, 0x66F5, 
-	0x6703, 0x6713, 0x6719, 0x671F, 0x6727, 0x6731, 0x6737, 0x673F, 
-	0x6745, 0x6751, 0x675B, 0x676F, 0x6779, 0x6781, 0x6785, 0x6791, 
-	0x67AB, 0x67BD, 0x67C1, 0x67CD, 0x67DF, 0x67E5, 0x6803, 0x6809, 
-	0x6811, 0x6817, 0x682D, 0x6839, 0x683B, 0x683F, 0x6845, 0x684B, 
-	0x684D, 0x6857, 0x6859, 0x685D, 0x6863, 0x6869, 0x686B, 0x6871, 
-	0x6887, 0x6899, 0x689F, 0x68B1, 0x68BD, 0x68C5, 0x68D1, 0x68D7, 
-	0x68E1, 0x68ED, 0x68EF, 0x68FF, 0x6901, 0x690B, 0x690D, 0x6917, 
-	0x6929, 0x692F, 0x6943, 0x6947, 0x6949, 0x694F, 0x6965, 0x696B, 
-	0x6971, 0x6983, 0x6989, 0x6997, 0x69A3, 0x69B3, 0x69B5, 0x69BB, 
-	0x69C1, 0x69C5, 0x69D3, 0x69DF, 0x69E3, 0x69E5, 0x69F7, 0x6A07, 
-	0x6A2B, 0x6A37, 0x6A3D, 0x6A4B, 0x6A67, 0x6A69, 0x6A75, 0x6A7B, 
-	0x6A87, 0x6A8D, 0x6A91, 0x6A93, 0x6AA3, 0x6AC1, 0x6AC9, 0x6AE1, 
-	0x6AE7, 0x6B05, 0x6B0F, 0x6B11, 0x6B23, 0x6B27, 0x6B2D, 0x6B39, 
-	0x6B41, 0x6B57, 0x6B59, 0x6B5F, 0x6B75, 0x6B87, 0x6B89, 0x6B93, 
-	0x6B95, 0x6B9F, 0x6BBD, 0x6BBF, 0x6BDB, 0x6BE1, 0x6BEF, 0x6BFF, 
-	0x6C05, 0x6C19, 0x6C29, 0x6C2B, 0x6C31, 0x6C35, 0x6C55, 0x6C59, 
-	0x6C5B, 0x6C5F, 0x6C65, 0x6C67, 0x6C73, 0x6C77, 0x6C7D, 0x6C83, 
-	0x6C8F, 0x6C91, 0x6C97, 0x6C9B, 0x6CA1, 0x6CA9, 0x6CAF, 0x6CB3, 
-	0x6CC7, 0x6CCB, 0x6CEB, 0x6CF5, 0x6CFD, 0x6D0D, 0x6D0F, 0x6D25, 
-	0x6D27, 0x6D2B, 0x6D31, 0x6D39, 0x6D3F, 0x6D4F, 0x6D5D, 0x6D61, 
-	0x6D73, 0x6D7B, 0x6D7F, 0x6D93, 0x6D99, 0x6DA5, 0x6DB1, 0x6DB7, 
-	0x6DC1, 0x6DC3, 0x6DCD, 0x6DCF, 0x6DDB, 0x6DF7, 0x6E03, 0x6E15, 
-	0x6E17, 0x6E29, 0x6E33, 0x6E3B, 0x6E45, 0x6E75, 0x6E77, 0x6E7B, 
-	0x6E81, 0x6E89, 0x6E93, 0x6E95, 0x6E9F, 0x6EBD, 0x6EBF, 0x6EE3, 
-	0x6EE9, 0x6EF3, 0x6EF9, 0x6EFB, 0x6F0D, 0x6F11, 0x6F17, 0x6F1F, 
-	0x6F2F, 0x6F3D, 0x6F4D, 0x6F53, 0x6F61, 0x6F65, 0x6F79, 0x6F7D, 
-	0x6F83, 0x6F85, 0x6F8F, 0x6F9B, 0x6F9D, 0x6FA3, 0x6FAF, 0x6FB5, 
-	0x6FBB, 0x6FBF, 0x6FCB, 0x6FCD, 0x6FD3, 0x6FD7, 0x6FE3, 0x6FE9, 
-	0x6FF1, 0x6FF5, 0x6FF7, 0x6FFD, 0x700F, 0x7019, 0x701F, 0x7027, 
-	0x7033, 0x7039, 0x704F, 0x7051, 0x7057, 0x7063, 0x7075, 0x7079, 
-	0x7087, 0x708D, 0x7091, 0x70A5, 0x70AB, 0x70BB, 0x70C3, 0x70C7, 
-	0x70CF, 0x70E5, 0x70ED, 0x70F9, 0x70FF, 0x7105, 0x7115, 0x7121, 
-	0x7133, 0x7151, 0x7159, 0x715D, 0x715F, 0x7163, 0x7169, 0x7183, 
-	0x7187, 0x7195, 0x71AD, 0x71C3, 0x71C9, 0x71CB, 0x71D1, 0x71DB, 
-	0x71E1, 0x71EF, 0x71F5, 0x71FB, 0x7207, 0x7211, 0x7217, 0x7219, 
-	0x7225, 0x722F, 0x723B, 0x7243, 0x7255, 0x7267, 0x7271, 0x7277, 
-	0x727F, 0x728F, 0x7295, 0x729B, 0x72A3, 0x72B3, 0x72C7, 0x72CB, 
-	0x72CD, 0x72D7, 0x72D9, 0x72E3, 0x72EF, 0x72F5, 0x72FD, 0x7303, 
-	0x730D, 0x7321, 0x732B, 0x733D, 0x7357, 0x735B, 0x7361, 0x737F, 
-	0x7381, 0x7385, 0x738D, 0x7393, 0x739F, 0x73AB, 0x73BD, 0x73C1, 
-	0x73C9, 0x73DF, 0x73E5, 0x73E7, 0x73F3, 0x7415, 0x741B, 0x742D, 
-	0x7439, 0x743F, 0x7441, 0x745D, 0x746B, 0x747B, 0x7489, 0x748D, 
-	0x749B, 0x74A7, 0x74AB, 0x74B1, 0x74B7, 0x74B9, 0x74DD, 0x74E1, 
-	0x74E7, 0x74FB, 0x7507, 0x751F, 0x7525, 0x753B, 0x753D, 0x754D, 
-	0x755F, 0x756B, 0x7577, 0x7589, 0x758B, 0x7591, 0x7597, 0x759D, 
-	0x75A1, 0x75A7, 0x75B5, 0x75B9, 0x75BB, 0x75D1, 0x75D9, 0x75E5, 
-	0x75EB, 0x75F5, 0x75FB, 0x7603, 0x760F, 0x7621, 0x762D, 0x7633, 
-	0x763D, 0x763F, 0x7655, 0x7663, 0x7669, 0x766F, 0x7673, 0x7685, 
-	0x768B, 0x769F, 0x76B5, 0x76B7, 0x76C3, 0x76DB, 0x76DF, 0x76F1, 
-	0x7703, 0x7705, 0x771B, 0x771D, 0x7721, 0x772D, 0x7735, 0x7741, 
-	0x774B, 0x7759, 0x775D, 0x775F, 0x7771, 0x7781, 0x77A7, 0x77AD, 
-	0x77B3, 0x77B9, 0x77C5, 0x77CF, 0x77D5, 0x77E1, 0x77E9, 0x77EF, 
-	0x77F3, 0x77F9, 0x7807, 0x7825, 0x782B, 0x7835, 0x783D, 0x7853, 
-	0x7859, 0x7861, 0x786D, 0x7877, 0x7879, 0x7883, 0x7885, 0x788B, 
-	0x7895, 0x7897, 0x78A1, 0x78AD, 0x78BF, 0x78D3, 0x78D9, 0x78DD, 
-	0x78E5, 0x78FB, 0x7901, 0x7907, 0x7925, 0x792B, 0x7939, 0x793F, 
-	0x794B, 0x7957, 0x795D, 0x7967, 0x7969, 0x7973, 0x7991, 0x7993, 
-	0x79A3, 0x79AB, 0x79AF, 0x79B1, 0x79B7, 0x79C9, 0x79CD, 0x79CF, 
-	0x79D5, 0x79D9, 0x79F3, 0x79F7, 0x79FF, 0x7A05, 0x7A0F, 0x7A11, 
-	0x7A15, 0x7A1B, 0x7A23, 0x7A27, 0x7A2D, 0x7A4B, 0x7A57, 0x7A59, 
-	0x7A5F, 0x7A65, 0x7A69, 0x7A7D, 0x7A93, 0x7A9B, 0x7A9F, 0x7AA1, 
-	0x7AA5, 0x7AED, 0x7AF5, 0x7AF9, 0x7B01, 0x7B17, 0x7B19, 0x7B1D, 
-	0x7B2B, 0x7B35, 0x7B37, 0x7B3B, 0x7B4F, 0x7B55, 0x7B5F, 0x7B71, 
-	0x7B77, 0x7B8B, 0x7B9B, 0x7BA1, 0x7BA9, 0x7BAF, 0x7BB3, 0x7BC7, 
-	0x7BD3, 0x7BE9, 0x7BEB, 0x7BEF, 0x7BF1, 0x7BFD, 0x7C07, 0x7C19, 
-	0x7C1B, 0x7C31, 0x7C37, 0x7C49, 0x7C67, 0x7C69, 0x7C73, 0x7C81, 
-	0x7C8B, 0x7C93, 0x7CA3, 0x7CD5, 0x7CDB, 0x7CE5, 0x7CED, 0x7CF7, 
-	0x7D03, 0x7D09, 0x7D1B, 0x7D1D, 0x7D33, 0x7D39, 0x7D3B, 0x7D3F, 
-	0x7D45, 0x7D4D, 0x7D53, 0x7D59, 0x7D63, 0x7D75, 0x7D77, 0x7D8D, 
-	0x7D8F, 0x7D9F, 0x7DAD, 0x7DB7, 0x7DBD, 0x7DBF, 0x7DCB, 0x7DD5, 
-	0x7DE9, 0x7DED, 0x7DFB, 0x7E01, 0x7E05, 0x7E29, 0x7E2B, 0x7E2F, 
-	0x7E35, 0x7E41, 0x7E43, 0x7E47, 0x7E55, 0x7E61, 0x7E67, 0x7E6B, 
-	0x7E71, 0x7E73, 0x7E79, 0x7E7D, 0x7E91, 0x7E9B, 0x7E9D, 0x7EA7, 
-	0x7EAD, 0x7EB9, 0x7EBB, 0x7ED3, 0x7EDF, 0x7EEB, 0x7EF1, 0x7EF7, 
-	0x7EFB, 0x7F13, 0x7F15, 0x7F19, 0x7F31, 0x7F33, 0x7F39, 0x7F3D, 
-	0x7F43, 0x7F4B, 0x7F5B, 0x7F61, 0x7F63, 0x7F6D, 0x7F79, 0x7F87, 
-	0x7F8D, 0x7FAF, 0x7FB5, 0x7FC3, 0x7FC9, 0x7FCD, 0x7FCF, 0x7FED, 
-	0x8003, 0x800B, 0x800F, 0x8015, 0x801D, 0x8021, 0x8023, 0x803F, 
-	0x8041, 0x8047, 0x804B, 0x8065, 0x8077, 0x808D, 0x808F, 0x8095, 
-	0x80A5, 0x80AB, 0x80AD, 0x80BD, 0x80C9, 0x80CB, 0x80D7, 0x80DB, 
-	0x80E1, 0x80E7, 0x80F5, 0x80FF, 0x8105, 0x810D, 0x8119, 0x811D, 
-	0x812F, 0x8131, 0x813B, 0x8143, 0x8153, 0x8159, 0x815F, 0x817D, 
-	0x817F, 0x8189, 0x819B, 0x819D, 0x81A7, 0x81AF, 0x81B3, 0x81BB, 
-	0x81C7, 0x81DF, 0x8207, 0x8209, 0x8215, 0x821F, 0x8225, 0x8231, 
-	0x8233, 0x823F, 0x8243, 0x8245, 0x8249, 0x824F, 0x8261, 0x826F, 
-	0x827B, 0x8281, 0x8285, 0x8293, 0x82B1, 0x82B5, 0x82BD, 0x82C7, 
-	0x82CF, 0x82D5, 0x82DF, 0x82F1, 0x82F9, 0x82FD, 0x830B, 0x831B, 
-	0x8321, 0x8329, 0x832D, 0x8333, 0x8335, 0x833F, 0x8341, 0x834D, 
-	0x8351, 0x8353, 0x8357, 0x835D, 0x8365, 0x8369, 0x836F, 0x838F, 
-	0x83A7, 0x83B1, 0x83B9, 0x83CB, 0x83D5, 0x83D7, 0x83DD, 0x83E7, 
-	0x83E9, 0x83ED, 0x83FF, 0x8405, 0x8411, 0x8413, 0x8423, 0x8425, 
-	0x843B, 0x8441, 0x8447, 0x844F, 0x8461, 0x8465, 0x8477, 0x8483, 
-	0x848B, 0x8491, 0x8495, 0x84A9, 0x84AF, 0x84CD, 0x84E3, 0x84EF, 
-	0x84F1, 0x84F7, 0x8509, 0x850D, 0x854B, 0x854F, 0x8551, 0x855D, 
-	0x8563, 0x856D, 0x856F, 0x857B, 0x8587, 0x85A3, 0x85A5, 0x85A9, 
-	0x85B7, 0x85CD, 0x85D3, 0x85D5, 0x85DB, 0x85E1, 0x85EB, 0x85F9, 
-	0x85FD, 0x85FF, 0x8609, 0x860F, 0x8617, 0x8621, 0x862F, 0x8639, 
-	0x863F, 0x8641, 0x864D, 0x8663, 0x8675, 0x867D, 0x8687, 0x8699, 
-	0x86A5, 0x86A7, 0x86B3, 0x86B7, 0x86C3, 0x86C5, 0x86CF, 0x86D1, 
-	0x86D7, 0x86E9, 0x86EF, 0x86F5, 0x8717, 0x871D, 0x871F, 0x872B, 
-	0x872F, 0x8735, 0x8747, 0x8759, 0x875B, 0x876B, 0x8771, 0x8777, 
-	0x877F, 0x8785, 0x878F, 0x87A1, 0x87A9, 0x87B3, 0x87BB, 0x87C5, 
-	0x87C7, 0x87CB, 0x87DD, 0x87F7, 0x8803, 0x8819, 0x881B, 0x881F, 
-	0x8821, 0x8837, 0x883D, 0x8843, 0x8851, 0x8861, 0x8867, 0x887B, 
-	0x8885, 0x8891, 0x8893, 0x88A5, 0x88CF, 0x88D3, 0x88EB, 0x88ED, 
-	0x88F3, 0x88FD, 0x8909, 0x890B, 0x8911, 0x891B, 0x8923, 0x8927, 
-	0x892D, 0x8939, 0x8945, 0x894D, 0x8951, 0x8957, 0x8963, 0x8981, 
-	0x8995, 0x899B, 0x89B3, 0x89B9, 0x89C3, 0x89CF, 0x89D1, 0x89DB, 
-	0x89EF, 0x89F5, 0x89FB, 0x89FF, 0x8A0B, 0x8A19, 0x8A23, 0x8A35, 
-	0x8A41, 0x8A49, 0x8A4F, 0x8A5B, 0x8A5F, 0x8A6D, 0x8A77, 0x8A79, 
-	0x8A85, 0x8AA3, 0x8AB3, 0x8AB5, 0x8AC1, 0x8AC7, 0x8ACB, 0x8ACD, 
-	0x8AD1, 0x8AD7, 0x8AF1, 0x8AF5, 0x8B07, 0x8B09, 0x8B0D, 0x8B13, 
-	0x8B21, 0x8B57, 0x8B5D, 0x8B91, 0x8B93, 0x8BA3, 0x8BA9, 0x8BAF, 
-	0x8BBB, 0x8BD5, 0x8BD9, 0x8BDB, 0x8BE1, 0x8BF7, 0x8BFD, 0x8BFF, 
-	0x8C0B, 0x8C17, 0x8C1D, 0x8C27, 0x8C39, 0x8C3B, 0x8C47, 0x8C53, 
-	0x8C5D, 0x8C6F, 0x8C7B, 0x8C81, 0x8C89, 0x8C8F, 0x8C99, 0x8C9F, 
-	0x8CA7, 0x8CAB, 0x8CAD, 0x8CB1, 0x8CC5, 0x8CDD, 0x8CE3, 0x8CE9, 
-	0x8CF3, 0x8D01, 0x8D0B, 0x8D0D, 0x8D23, 0x8D29, 0x8D37, 0x8D41, 
-	0x8D5B, 0x8D5F, 0x8D71, 0x8D79, 0x8D85, 0x8D91, 0x8D9B, 0x8DA7, 
-	0x8DAD, 0x8DB5, 0x8DC5, 0x8DCB, 0x8DD3, 0x8DD9, 0x8DDF, 0x8DF5, 
-	0x8DF7, 0x8E01, 0x8E15, 0x8E1F, 0x8E25, 0x8E51, 0x8E63, 0x8E69, 
-	0x8E73, 0x8E75, 0x8E79, 0x8E7F, 0x8E8D, 0x8E91, 0x8EAB, 0x8EAF, 
-	0x8EB1, 0x8EBD, 0x8EC7, 0x8ECF, 0x8ED3, 0x8EDB, 0x8EE7, 0x8EEB, 
-	0x8EF7, 0x8EFF, 0x8F15, 0x8F1D, 0x8F23, 0x8F2D, 0x8F3F, 0x8F45, 
-	0x8F4B, 0x8F53, 0x8F59, 0x8F65, 0x8F69, 0x8F71, 0x8F83, 0x8F8D, 
-	0x8F99, 0x8F9F, 0x8FAB, 0x8FAD, 0x8FB3, 0x8FB7, 0x8FB9, 0x8FC9, 
-	0x8FD5, 0x8FE1, 0x8FEF, 0x8FF9, 0x9007, 0x900D, 0x9017, 0x9023, 
-	0x9025, 0x9031, 0x9037, 0x903B, 0x9041, 0x9043, 0x904F, 0x9053, 
-	0x906D, 0x9073, 0x9085, 0x908B, 0x9095, 0x909B, 0x909D, 0x90AF, 
-	0x90B9, 0x90C1, 0x90C5, 0x90DF, 0x90E9, 0x90FD, 0x9103, 0x9113, 
-	0x9127, 0x9133, 0x913D, 0x9145, 0x914F, 0x9151, 0x9161, 0x9167, 
-	0x917B, 0x9185, 0x9199, 0x919D, 0x91BB, 0x91BD, 0x91C1, 0x91C9, 
-	0x91D9, 0x91DB, 0x91ED, 0x91F1, 0x91F3, 0x91F9, 0x9203, 0x9215, 
-	0x9221, 0x922F, 0x9241, 0x9247, 0x9257, 0x926B, 0x9271, 0x9275, 
-	0x927D, 0x9283, 0x9287, 0x928D, 0x9299, 0x92A1, 0x92AB, 0x92AD, 
-	0x92B9, 0x92BF, 0x92C3, 0x92C5, 0x92CB, 0x92D5, 0x92D7, 0x92E7, 
-	0x92F3, 0x9301, 0x930B, 0x9311, 0x9319, 0x931F, 0x933B, 0x933D, 
-	0x9343, 0x9355, 0x9373, 0x9395, 0x9397, 0x93A7, 0x93B3, 0x93B5, 
-	0x93C7, 0x93D7, 0x93DD, 0x93E5, 0x93EF, 0x93F7, 0x9401, 0x9409, 
-	0x9413, 0x943F, 0x9445, 0x944B, 0x944F, 0x9463, 0x9467, 0x9469, 
-	0x946D, 0x947B, 0x9497, 0x949F, 0x94A5, 0x94B5, 0x94C3, 0x94E1, 
-	0x94E7, 0x9505, 0x9509, 0x9517, 0x9521, 0x9527, 0x952D, 0x9535, 
-	0x9539, 0x954B, 0x9557, 0x955D, 0x955F, 0x9575, 0x9581, 0x9589, 
-	0x958F, 0x959B, 0x959F, 0x95AD, 0x95B1, 0x95B7, 0x95B9, 0x95BD, 
-	0x95CF, 0x95E3, 0x95E9, 0x95F9, 0x961F, 0x962F, 0x9631, 0x9635, 
-	0x963B, 0x963D, 0x9665, 0x968F, 0x969D, 0x96A1, 0x96A7, 0x96A9, 
-	0x96C1, 0x96CB, 0x96D1, 0x96D3, 0x96E5, 0x96EF, 0x96FB, 0x96FD, 
-	0x970D, 0x970F, 0x9715, 0x9725, 0x972B, 0x9733, 0x9737, 0x9739, 
-	0x9743, 0x9749, 0x9751, 0x975B, 0x975D, 0x976F, 0x977F, 0x9787, 
-	0x9793, 0x97A5, 0x97B1, 0x97B7, 0x97C3, 0x97CD, 0x97D3, 0x97D9, 
-	0x97EB, 0x97F7, 0x9805, 0x9809, 0x980B, 0x9815, 0x9829, 0x982F, 
-	0x983B, 0x9841, 0x9851, 0x986B, 0x986F, 0x9881, 0x9883, 0x9887, 
-	0x98A7, 0x98B1, 0x98B9, 0x98BF, 0x98C3, 0x98C9, 0x98CF, 0x98DD, 
-	0x98E3, 0x98F5, 0x98F9, 0x98FB, 0x990D, 0x9917, 0x991F, 0x9929, 
-	0x9931, 0x993B, 0x993D, 0x9941, 0x9947, 0x9949, 0x9953, 0x997D, 
-	0x9985, 0x9991, 0x9995, 0x999B, 0x99AD, 0x99AF, 0x99BF, 0x99C7, 
-	0x99CB, 0x99CD, 0x99D7, 0x99E5, 0x99F1, 0x99FB, 0x9A0F, 0x9A13, 
-	0x9A1B, 0x9A25, 0x9A4B, 0x9A4F, 0x9A55, 0x9A57, 0x9A61, 0x9A75, 
-	0x9A7F, 0x9A8B, 0x9A91, 0x9A9D, 0x9AB7, 0x9AC3, 0x9AC7, 0x9ACF, 
-	0x9AEB, 0x9AF3, 0x9AF7, 0x9AFF, 0x9B17, 0x9B1D, 0x9B27, 0x9B2F, 
-	0x9B35, 0x9B45, 0x9B51, 0x9B59, 0x9B63, 0x9B6F, 0x9B77, 0x9B8D, 
-	0x9B93, 0x9B95, 0x9B9F, 0x9BA1, 0x9BA7, 0x9BB1, 0x9BB7, 0x9BBD, 
-	0x9BC5, 0x9BCB, 0x9BCF, 0x9BDD, 0x9BF9, 0x9C01, 0x9C11, 0x9C23, 
-	0x9C2B, 0x9C2F, 0x9C35, 0x9C49, 0x9C4D, 0x9C5F, 0x9C65, 0x9C67, 
-	0x9C7F, 0x9C97, 0x9C9D, 0x9CA3, 0x9CAF, 0x9CBB, 0x9CBF, 0x9CC1, 
-	0x9CD7, 0x9CD9, 0x9CE3, 0x9CE9, 0x9CF1, 0x9CFD, 0x9D01, 0x9D15, 
-	0x9D27, 0x9D2D, 0x9D31, 0x9D3D, 0x9D55, 0x9D5B, 0x9D61, 0x9D97, 
-	0x9D9F, 0x9DA5, 0x9DA9, 0x9DC3, 0x9DE7, 0x9DEB, 0x9DED, 0x9DF1, 
-	0x9E0B, 0x9E17, 0x9E23, 0x9E27, 0x9E2D, 0x9E33, 0x9E3B, 0x9E47, 
-	0x9E51, 0x9E53, 0x9E5F, 0x9E6F, 0x9E81, 0x9E87, 0x9E8F, 0x9E95, 
-	0x9EA1, 0x9EB3, 0x9EBD, 0x9EBF, 0x9EF5, 0x9EF9, 0x9EFB, 0x9F05, 
-	0x9F23, 0x9F2F, 0x9F37, 0x9F3B, 0x9F43, 0x9F53, 0x9F61, 0x9F6D, 
-	0x9F73, 0x9F77, 0x9F7D, 0x9F89, 0x9F8F, 0x9F91, 0x9F95, 0x9FA3, 
-	0x9FAF, 0x9FB3, 0x9FC1, 0x9FC7, 0x9FDF, 0x9FE5, 0x9FEB, 0x9FF5, 
-	0xA001, 0xA00D, 0xA021, 0xA033, 0xA039, 0xA03F, 0xA04F, 0xA057, 
-	0xA05B, 0xA061, 0xA075, 0xA079, 0xA099, 0xA09D, 0xA0AB, 0xA0B5, 
-	0xA0B7, 0xA0BD, 0xA0C9, 0xA0D9, 0xA0DB, 0xA0DF, 0xA0E5, 0xA0F1, 
-	0xA0F3, 0xA0FD, 0xA105, 0xA10B, 0xA10F, 0xA111, 0xA11B, 0xA129, 
-	0xA12F, 0xA135, 0xA141, 0xA153, 0xA175, 0xA17D, 0xA187, 0xA18D, 
-	0xA1A5, 0xA1AB, 0xA1AD, 0xA1B7, 0xA1C3, 0xA1C5, 0xA1E3, 0xA1ED, 
-	0xA1FB, 0xA207, 0xA213, 0xA223, 0xA229, 0xA22F, 0xA231, 0xA243, 
-	0xA247, 0xA24D, 0xA26B, 0xA279, 0xA27D, 0xA283, 0xA289, 0xA28B, 
-	0xA291, 0xA295, 0xA29B, 0xA2A9, 0xA2AF, 0xA2B3, 0xA2BB, 0xA2C5, 
-	0xA2D1, 0xA2D7, 0xA2F7, 0xA301, 0xA309, 0xA31F, 0xA321, 0xA32B, 
-	0xA331, 0xA349, 0xA351, 0xA355, 0xA373, 0xA379, 0xA37B, 0xA387, 
-	0xA397, 0xA39F, 0xA3A5, 0xA3A9, 0xA3AF, 0xA3B7, 0xA3C7, 0xA3D5, 
-	0xA3DB, 0xA3E1, 0xA3E5, 0xA3E7, 0xA3F1, 0xA3FD, 0xA3FF, 0xA40F, 
-	0xA41D, 0xA421, 0xA423, 0xA427, 0xA43B, 0xA44D, 0xA457, 0xA459, 
-	0xA463, 0xA469, 0xA475, 0xA493, 0xA49B, 0xA4AD, 0xA4B9, 0xA4C3, 
-	0xA4C5, 0xA4CB, 0xA4D1, 0xA4D5, 0xA4E1, 0xA4ED, 0xA4EF, 0xA4F3, 
-	0xA4FF, 0xA511, 0xA529, 0xA52B, 0xA535, 0xA53B, 0xA543, 0xA553, 
-	0xA55B, 0xA561, 0xA56D, 0xA577, 0xA585, 0xA58B, 0xA597, 0xA59D, 
-	0xA5A3, 0xA5A7, 0xA5A9, 0xA5C1, 0xA5C5, 0xA5CB, 0xA5D3, 0xA5D9, 
-	0xA5DD, 0xA5DF, 0xA5E3, 0xA5E9, 0xA5F7, 0xA5FB, 0xA603, 0xA60D, 
-	0xA625, 0xA63D, 0xA649, 0xA64B, 0xA651, 0xA65D, 0xA673, 0xA691, 
-	0xA693, 0xA699, 0xA6AB, 0xA6B5, 0xA6BB, 0xA6C1, 0xA6C9, 0xA6CD, 
-	0xA6CF, 0xA6D5, 0xA6DF, 0xA6E7, 0xA6F1, 0xA6F7, 0xA6FF, 0xA70F, 
-	0xA715, 0xA723, 0xA729, 0xA72D, 0xA745, 0xA74D, 0xA757, 0xA759, 
-	0xA765, 0xA76B, 0xA76F, 0xA793, 0xA795, 0xA7AB, 0xA7B1, 0xA7B9, 
-	0xA7BF, 0xA7C9, 0xA7D1, 0xA7D7, 0xA7E3, 0xA7ED, 0xA7FB, 0xA805, 
-	0xA80B, 0xA81D, 0xA829, 0xA82B, 0xA837, 0xA83B, 0xA855, 0xA85F, 
-	0xA86D, 0xA87D, 0xA88F, 0xA897, 0xA8A9, 0xA8B5, 0xA8C1, 0xA8C7, 
-	0xA8D7, 0xA8E5, 0xA8FD, 0xA907, 0xA913, 0xA91B, 0xA931, 0xA937, 
-	0xA939, 0xA943, 0xA97F, 0xA985, 0xA987, 0xA98B, 0xA993, 0xA9A3, 
-	0xA9B1, 0xA9BB, 0xA9C1, 0xA9D9, 0xA9DF, 0xA9EB, 0xA9FD, 0xAA15, 
-	0xAA17, 0xAA35, 0xAA39, 0xAA3B, 0xAA47, 0xAA4D, 0xAA57, 0xAA59, 
-	0xAA5D, 0xAA6B, 0xAA71, 0xAA81, 0xAA83, 0xAA8D, 0xAA95, 0xAAAB, 
-	0xAABF, 0xAAC5, 0xAAC9, 0xAAE9, 0xAAEF, 0xAB01, 0xAB05, 0xAB07, 
-	0xAB0B, 0xAB0D, 0xAB11, 0xAB19, 0xAB4D, 0xAB5B, 0xAB71, 0xAB73, 
-	0xAB89, 0xAB9D, 0xABA7, 0xABAF, 0xABB9, 0xABBB, 0xABC1, 0xABC5, 
-	0xABD3, 0xABD7, 0xABDD, 0xABF1, 0xABF5, 0xABFB, 0xABFD, 0xAC09, 
-	0xAC15, 0xAC1B, 0xAC27, 0xAC37, 0xAC39, 0xAC45, 0xAC4F, 0xAC57, 
-	0xAC5B, 0xAC61, 0xAC63, 0xAC7F, 0xAC8B, 0xAC93, 0xAC9D, 0xACA9, 
-	0xACAB, 0xACAF, 0xACBD, 0xACD9, 0xACE1, 0xACE7, 0xACEB, 0xACED, 
-	0xACF1, 0xACF7, 0xACF9, 0xAD05, 0xAD3F, 0xAD45, 0xAD53, 0xAD5D, 
-	0xAD5F, 0xAD65, 0xAD81, 0xADA1, 0xADA5, 0xADC3, 0xADCB, 0xADD1, 
-	0xADD5, 0xADDB, 0xADE7, 0xADF3, 0xADF5, 0xADF9, 0xADFF, 0xAE05, 
-	0xAE13, 0xAE23, 0xAE2B, 0xAE49, 0xAE4D, 0xAE4F, 0xAE59, 0xAE61, 
-	0xAE67, 0xAE6B, 0xAE71, 0xAE8B, 0xAE8F, 0xAE9B, 0xAE9D, 0xAEA7, 
-	0xAEB9, 0xAEC5, 0xAED1, 0xAEE3, 0xAEE5, 0xAEE9, 0xAEF5, 0xAEFD, 
-	0xAF09, 0xAF13, 0xAF27, 0xAF2B, 0xAF33, 0xAF43, 0xAF4F, 0xAF57, 
-	0xAF5D, 0xAF6D, 0xAF75, 0xAF7F, 0xAF8B, 0xAF99, 0xAF9F, 0xAFA3, 
-	0xAFAB, 0xAFB7, 0xAFBB, 0xAFCF, 0xAFD5, 0xAFFD, 0xB005, 0xB015, 
-	0xB01B, 0xB03F, 0xB041, 0xB047, 0xB04B, 0xB051, 0xB053, 0xB069, 
-	0xB07B, 0xB07D, 0xB087, 0xB08D, 0xB0B1, 0xB0BF, 0xB0CB, 0xB0CF, 
-	0xB0E1, 0xB0E9, 0xB0ED, 0xB0FB, 0xB105, 0xB107, 0xB111, 0xB119, 
-	0xB11D, 0xB11F, 0xB131, 0xB141, 0xB14D, 0xB15B, 0xB165, 0xB173, 
-	0xB179, 0xB17F, 0xB1A9, 0xB1B3, 0xB1B9, 0xB1BF, 0xB1D3, 0xB1DD, 
-	0xB1E5, 0xB1F1, 0xB1F5, 0xB201, 0xB213, 0xB215, 0xB21F, 0xB22D, 
-	0xB23F, 0xB249, 0xB25B, 0xB263, 0xB269, 0xB26D, 0xB27B, 0xB281, 
-	0xB28B, 0xB2A9, 0xB2B7, 0xB2BD, 0xB2C3, 0xB2C7, 0xB2D3, 0xB2F9, 
-	0xB2FD, 0xB2FF, 0xB303, 0xB309, 0xB311, 0xB31D, 0xB327, 0xB32D, 
-	0xB33F, 0xB345, 0xB377, 0xB37D, 0xB381, 0xB387, 0xB393, 0xB39B, 
-	0xB3A5, 0xB3C5, 0xB3CB, 0xB3E1, 0xB3E3, 0xB3ED, 0xB3F9, 0xB40B, 
-	0xB40D, 0xB413, 0xB417, 0xB435, 0xB43D, 0xB443, 0xB449, 0xB45B, 
-	0xB465, 0xB467, 0xB46B, 0xB477, 0xB48B, 0xB495, 0xB49D, 0xB4B5, 
-	0xB4BF, 0xB4C1, 0xB4C7, 0xB4DD, 0xB4E3, 0xB4E5, 0xB4F7, 0xB501, 
-	0xB50D, 0xB50F, 0xB52D, 0xB53F, 0xB54B, 0xB567, 0xB569, 0xB56F, 
-	0xB573, 0xB579, 0xB587, 0xB58D, 0xB599, 0xB5A3, 0xB5AB, 0xB5AF, 
-	0xB5BB, 0xB5D5, 0xB5DF, 0xB5E7, 0xB5ED, 0xB5FD, 0xB5FF, 0xB609, 
-	0xB61B, 0xB629, 0xB62F, 0xB633, 0xB639, 0xB647, 0xB657, 0xB659, 
-	0xB65F, 0xB663, 0xB66F, 0xB683, 0xB687, 0xB69B, 0xB69F, 0xB6A5, 
-	0xB6B1, 0xB6B3, 0xB6D7, 0xB6DB, 0xB6E1, 0xB6E3, 0xB6ED, 0xB6EF, 
-	0xB705, 0xB70D, 0xB713, 0xB71D, 0xB729, 0xB735, 0xB747, 0xB755, 
-	0xB76D, 0xB791, 0xB795, 0xB7A9, 0xB7C1, 0xB7CB, 0xB7D1, 0xB7D3, 
-	0xB7EF, 0xB7F5, 0xB807, 0xB80F, 0xB813, 0xB819, 0xB821, 0xB827, 
-	0xB82B, 0xB82D, 0xB839, 0xB855, 0xB867, 0xB875, 0xB885, 0xB893, 
-	0xB8A5, 0xB8AF, 0xB8B7, 0xB8BD, 0xB8C1, 0xB8C7, 0xB8CD, 0xB8D5, 
-	0xB8EB, 0xB8F7, 0xB8F9, 0xB903, 0xB915, 0xB91B, 0xB91D, 0xB92F, 
-	0xB939, 0xB93B, 0xB947, 0xB951, 0xB963, 0xB983, 0xB989, 0xB98D, 
-	0xB993, 0xB999, 0xB9A1, 0xB9A7, 0xB9AD, 0xB9B7, 0xB9CB, 0xB9D1, 
-	0xB9DD, 0xB9E7, 0xB9EF, 0xB9F9, 0xBA07, 0xBA0D, 0xBA17, 0xBA25, 
-	0xBA29, 0xBA2B, 0xBA41, 0xBA53, 0xBA55, 0xBA5F, 0xBA61, 0xBA65, 
-	0xBA79, 0xBA7D, 0xBA7F, 0xBAA1, 0xBAA3, 0xBAAF, 0xBAB5, 0xBABF, 
-	0xBAC1, 0xBACB, 0xBADD, 0xBAE3, 0xBAF1, 0xBAFD, 0xBB09, 0xBB1F, 
-	0xBB27, 0xBB2D, 0xBB3D, 0xBB43, 0xBB4B, 0xBB4F, 0xBB5B, 0xBB61, 
-	0xBB69, 0xBB6D, 0xBB91, 0xBB97, 0xBB9D, 0xBBB1, 0xBBC9, 0xBBCF, 
-	0xBBDB, 0xBBED, 0xBBF7, 0xBBF9, 0xBC03, 0xBC1D, 0xBC23, 0xBC33, 
-	0xBC3B, 0xBC41, 0xBC45, 0xBC5D, 0xBC6F, 0xBC77, 0xBC83, 0xBC8F, 
-	0xBC99, 0xBCAB, 0xBCB7, 0xBCB9, 0xBCD1, 0xBCD5, 0xBCE1, 0xBCF3, 
-	0xBCFF, 0xBD0D, 0xBD17, 0xBD19, 0xBD1D, 0xBD35, 0xBD41, 0xBD4F, 
-	0xBD59, 0xBD5F, 0xBD61, 0xBD67, 0xBD6B, 0xBD71, 0xBD8B, 0xBD8F, 
-	0xBD95, 0xBD9B, 0xBD9D, 0xBDB3, 0xBDBB, 0xBDCD, 0xBDD1, 0xBDE3, 
-	0xBDEB, 0xBDEF, 0xBE07, 0xBE09, 0xBE15, 0xBE21, 0xBE25, 0xBE27, 
-	0xBE5B, 0xBE5D, 0xBE6F, 0xBE75, 0xBE79, 0xBE7F, 0xBE8B, 0xBE8D, 
-	0xBE93, 0xBE9F, 0xBEA9, 0xBEB1, 0xBEB5, 0xBEB7, 0xBECF, 0xBED9, 
-	0xBEDB, 0xBEE5, 0xBEE7, 0xBEF3, 0xBEF9, 0xBF0B, 0xBF33, 0xBF39, 
-	0xBF4D, 0xBF5D, 0xBF5F, 0xBF6B, 0xBF71, 0xBF7B, 0xBF87, 0xBF89, 
-	0xBF8D, 0xBF93, 0xBFA1, 0xBFAD, 0xBFB9, 0xBFCF, 0xBFD5, 0xBFDD, 
-	0xBFE1, 0xBFE3, 0xBFF3, 0xC005, 0xC011, 0xC013, 0xC019, 0xC029, 
-	0xC02F, 0xC031, 0xC037, 0xC03B, 0xC047, 0xC065, 0xC06D, 0xC07D, 
-	0xC07F, 0xC091, 0xC09B, 0xC0B3, 0xC0B5, 0xC0BB, 0xC0D3, 0xC0D7, 
-	0xC0D9, 0xC0EF, 0xC0F1, 0xC101, 0xC103, 0xC109, 0xC115, 0xC119, 
-	0xC12B, 0xC133, 0xC137, 0xC145, 0xC149, 0xC15B, 0xC173, 0xC179, 
-	0xC17B, 0xC181, 0xC18B, 0xC18D, 0xC197, 0xC1BD, 0xC1C3, 0xC1CD, 
-	0xC1DB, 0xC1E1, 0xC1E7, 0xC1FF, 0xC203, 0xC205, 0xC211, 0xC221, 
-	0xC22F, 0xC23F, 0xC24B, 0xC24D, 0xC253, 0xC25D, 0xC277, 0xC27B, 
-	0xC27D, 0xC289, 0xC28F, 0xC293, 0xC29F, 0xC2A7, 0xC2B3, 0xC2BD, 
-	0xC2CF, 0xC2D5, 0xC2E3, 0xC2FF, 0xC301, 0xC307, 0xC311, 0xC313, 
-	0xC317, 0xC325, 0xC347, 0xC349, 0xC34F, 0xC365, 0xC367, 0xC371, 
-	0xC37F, 0xC383, 0xC385, 0xC395, 0xC39D, 0xC3A7, 0xC3AD, 0xC3B5, 
-	0xC3BF, 0xC3C7, 0xC3CB, 0xC3D1, 0xC3D3, 0xC3E3, 0xC3E9, 0xC3EF, 
-	0xC401, 0xC41F, 0xC42D, 0xC433, 0xC437, 0xC455, 0xC457, 0xC461, 
-	0xC46F, 0xC473, 0xC487, 0xC491, 0xC499, 0xC49D, 0xC4A5, 0xC4B7, 
-	0xC4BB, 0xC4C9, 0xC4CF, 0xC4D3, 0xC4EB, 0xC4F1, 0xC4F7, 0xC509, 
-	0xC51B, 0xC51D, 0xC541, 0xC547, 0xC551, 0xC55F, 0xC56B, 0xC56F, 
-	0xC575, 0xC577, 0xC595, 0xC59B, 0xC59F, 0xC5A1, 0xC5A7, 0xC5C3, 
-	0xC5D7, 0xC5DB, 0xC5EF, 0xC5FB, 0xC613, 0xC623, 0xC635, 0xC641, 
-	0xC64F, 0xC655, 0xC659, 0xC665, 0xC685, 0xC691, 0xC697, 0xC6A1, 
-	0xC6A9, 0xC6B3, 0xC6B9, 0xC6CB, 0xC6CD, 0xC6DD, 0xC6EB, 0xC6F1, 
-	0xC707, 0xC70D, 0xC719, 0xC71B, 0xC72D, 0xC731, 0xC739, 0xC757, 
-	0xC763, 0xC767, 0xC773, 0xC775, 0xC77F, 0xC7A5, 0xC7BB, 0xC7BD, 
-	0xC7C1, 0xC7CF, 0xC7D5, 0xC7E1, 0xC7F9, 0xC7FD, 0xC7FF, 0xC803, 
-	0xC811, 0xC81D, 0xC827, 0xC829, 0xC839, 0xC83F, 0xC853, 0xC857, 
-	0xC86B, 0xC881, 0xC88D, 0xC88F, 0xC893, 0xC895, 0xC8A1, 0xC8B7, 
-	0xC8CF, 0xC8D5, 0xC8DB, 0xC8DD, 0xC8E3, 0xC8E7, 0xC8ED, 0xC8EF, 
-	0xC8F9, 0xC905, 0xC911, 0xC917, 0xC919, 0xC91F, 0xC92F, 0xC937, 
-	0xC93D, 0xC941, 0xC953, 0xC95F, 0xC96B, 0xC979, 0xC97D, 0xC989, 
-	0xC98F, 0xC997, 0xC99D, 0xC9AF, 0xC9B5, 0xC9BF, 0xC9CB, 0xC9D9, 
-	0xC9DF, 0xC9E3, 0xC9EB, 0xCA01, 0xCA07, 0xCA09, 0xCA25, 0xCA37, 
-	0xCA39, 0xCA4B, 0xCA55, 0xCA5B, 0xCA69, 0xCA73, 0xCA75, 0xCA7F, 
-	0xCA8D, 0xCA93, 0xCA9D, 0xCA9F, 0xCAB5, 0xCABB, 0xCAC3, 0xCAC9, 
-	0xCAD9, 0xCAE5, 0xCAED, 0xCB03, 0xCB05, 0xCB09, 0xCB17, 0xCB29, 
-	0xCB35, 0xCB3B, 0xCB53, 0xCB59, 0xCB63, 0xCB65, 0xCB71, 0xCB87, 
-	0xCB99, 0xCB9F, 0xCBB3, 0xCBB9, 0xCBC3, 0xCBD1, 0xCBD5, 0xCBD7, 
-	0xCBDD, 0xCBE9, 0xCBFF, 0xCC0D, 0xCC19, 0xCC1D, 0xCC23, 0xCC2B, 
-	0xCC41, 0xCC43, 0xCC4D, 0xCC59, 0xCC61, 0xCC89, 0xCC8B, 0xCC91, 
-	0xCC9B, 0xCCA3, 0xCCA7, 0xCCD1, 0xCCE5, 0xCCE9, 0xCD09, 0xCD15, 
-	0xCD1F, 0xCD25, 0xCD31, 0xCD3D, 0xCD3F, 0xCD49, 0xCD51, 0xCD57, 
-	0xCD5B, 0xCD63, 0xCD67, 0xCD81, 0xCD93, 0xCD97, 0xCD9F, 0xCDBB, 
-	0xCDC1, 0xCDD3, 0xCDD9, 0xCDE5, 0xCDE7, 0xCDF1, 0xCDF7, 0xCDFD, 
-	0xCE0B, 0xCE15, 0xCE21, 0xCE2F, 0xCE47, 0xCE4D, 0xCE51, 0xCE65, 
-	0xCE7B, 0xCE7D, 0xCE8F, 0xCE93, 0xCE99, 0xCEA5, 0xCEA7, 0xCEB7, 
-	0xCEC9, 0xCED7, 0xCEDD, 0xCEE3, 0xCEE7, 0xCEED, 0xCEF5, 0xCF07, 
-	0xCF0B, 0xCF19, 0xCF37, 0xCF3B, 0xCF4D, 0xCF55, 0xCF5F, 0xCF61, 
-	0xCF65, 0xCF6D, 0xCF79, 0xCF7D, 0xCF89, 0xCF9B, 0xCF9D, 0xCFA9, 
-	0xCFB3, 0xCFB5, 0xCFC5, 0xCFCD, 0xCFD1, 0xCFEF, 0xCFF1, 0xCFF7, 
-	0xD013, 0xD015, 0xD01F, 0xD021, 0xD033, 0xD03D, 0xD04B, 0xD04F, 
-	0xD069, 0xD06F, 0xD081, 0xD085, 0xD099, 0xD09F, 0xD0A3, 0xD0AB, 
-	0xD0BD, 0xD0C1, 0xD0CD, 0xD0E7, 0xD0FF, 0xD103, 0xD117, 0xD12D, 
-	0xD12F, 0xD141, 0xD157, 0xD159, 0xD15D, 0xD169, 0xD16B, 0xD171, 
-	0xD177, 0xD17D, 0xD181, 0xD187, 0xD195, 0xD199, 0xD1B1, 0xD1BD, 
-	0xD1C3, 0xD1D5, 0xD1D7, 0xD1E3, 0xD1FF, 0xD20D, 0xD211, 0xD217, 
-	0xD21F, 0xD235, 0xD23B, 0xD247, 0xD259, 0xD261, 0xD265, 0xD279, 
-	0xD27F, 0xD283, 0xD289, 0xD28B, 0xD29D, 0xD2A3, 0xD2A7, 0xD2B3, 
-	0xD2BF, 0xD2C7, 0xD2E3, 0xD2E9, 0xD2F1, 0xD2FB, 0xD2FD, 0xD315, 
-	0xD321, 0xD32B, 0xD343, 0xD34B, 0xD355, 0xD369, 0xD375, 0xD37B, 
-	0xD387, 0xD393, 0xD397, 0xD3A5, 0xD3B1, 0xD3C9, 0xD3EB, 0xD3FD, 
-	0xD405, 0xD40F, 0xD415, 0xD427, 0xD42F, 0xD433, 0xD43B, 0xD44B, 
-	0xD459, 0xD45F, 0xD463, 0xD469, 0xD481, 0xD483, 0xD489, 0xD48D, 
-	0xD493, 0xD495, 0xD4A5, 0xD4AB, 0xD4B1, 0xD4C5, 0xD4DD, 0xD4E1, 
-	0xD4E3, 0xD4E7, 0xD4F5, 0xD4F9, 0xD50B, 0xD50D, 0xD513, 0xD51F, 
-	0xD523, 0xD531, 0xD535, 0xD537, 0xD549, 0xD559, 0xD55F, 0xD565, 
-	0xD567, 0xD577, 0xD58B, 0xD591, 0xD597, 0xD5B5, 0xD5B9, 0xD5C1, 
-	0xD5C7, 0xD5DF, 0xD5EF, 0xD5F5, 0xD5FB, 0xD603, 0xD60F, 0xD62D, 
-	0xD631, 0xD643, 0xD655, 0xD65D, 0xD661, 0xD67B, 0xD685, 0xD687, 
-	0xD69D, 0xD6A5, 0xD6AF, 0xD6BD, 0xD6C3, 0xD6C7, 0xD6D9, 0xD6E1, 
-	0xD6ED, 0xD709, 0xD70B, 0xD711, 0xD715, 0xD721, 0xD727, 0xD73F, 
-	0xD745, 0xD74D, 0xD757, 0xD76B, 0xD77B, 0xD783, 0xD7A1, 0xD7A7, 
-	0xD7AD, 0xD7B1, 0xD7B3, 0xD7BD, 0xD7CB, 0xD7D1, 0xD7DB, 0xD7FB, 
-	0xD811, 0xD823, 0xD825, 0xD829, 0xD82B, 0xD82F, 0xD837, 0xD84D, 
-	0xD855, 0xD867, 0xD873, 0xD88F, 0xD891, 0xD8A1, 0xD8AD, 0xD8BF, 
-	0xD8CD, 0xD8D7, 0xD8E9, 0xD8F5, 0xD8FB, 0xD91B, 0xD925, 0xD933, 
-	0xD939, 0xD943, 0xD945, 0xD94F, 0xD951, 0xD957, 0xD96D, 0xD96F, 
-	0xD973, 0xD979, 0xD981, 0xD98B, 0xD991, 0xD99F, 0xD9A5, 0xD9A9, 
-	0xD9B5, 0xD9D3, 0xD9EB, 0xD9F1, 0xD9F7, 0xD9FF, 0xDA05, 0xDA09, 
-	0xDA0B, 0xDA0F, 0xDA15, 0xDA1D, 0xDA23, 0xDA29, 0xDA3F, 0xDA51, 
-	0xDA59, 0xDA5D, 0xDA5F, 0xDA71, 0xDA77, 0xDA7B, 0xDA7D, 0xDA8D, 
-	0xDA9F, 0xDAB3, 0xDABD, 0xDAC3, 0xDAC9, 0xDAE7, 0xDAE9, 0xDAF5, 
-	0xDB11, 0xDB17, 0xDB1D, 0xDB23, 0xDB25, 0xDB31, 0xDB3B, 0xDB43, 
-	0xDB55, 0xDB67, 0xDB6B, 0xDB73, 0xDB85, 0xDB8F, 0xDB91, 0xDBAD, 
-	0xDBAF, 0xDBB9, 0xDBC7, 0xDBCB, 0xDBCD, 0xDBEB, 0xDBF7, 0xDC0D, 
-	0xDC27, 0xDC31, 0xDC39, 0xDC3F, 0xDC49, 0xDC51, 0xDC61, 0xDC6F, 
-	0xDC75, 0xDC7B, 0xDC85, 0xDC93, 0xDC99, 0xDC9D, 0xDC9F, 0xDCA9, 
-	0xDCB5, 0xDCB7, 0xDCBD, 0xDCC7, 0xDCCF, 0xDCD3, 0xDCD5, 0xDCDF, 
-	0xDCF9, 0xDD0F, 0xDD15, 0xDD17, 0xDD23, 0xDD35, 0xDD39, 0xDD53, 
-	0xDD57, 0xDD5F, 0xDD69, 0xDD6F, 0xDD7D, 0xDD87, 0xDD89, 0xDD9B, 
-	0xDDA1, 0xDDAB, 0xDDBF, 0xDDC5, 0xDDCB, 0xDDCF, 0xDDE7, 0xDDE9, 
-	0xDDED, 0xDDF5, 0xDDFB, 0xDE0B, 0xDE19, 0xDE29, 0xDE3B, 0xDE3D, 
-	0xDE41, 0xDE4D, 0xDE4F, 0xDE59, 0xDE5B, 0xDE61, 0xDE6D, 0xDE77, 
-	0xDE7D, 0xDE83, 0xDE97, 0xDE9D, 0xDEA1, 0xDEA7, 0xDECD, 0xDED1, 
-	0xDED7, 0xDEE3, 0xDEF1, 0xDEF5, 0xDF01, 0xDF09, 0xDF13, 0xDF1F, 
-	0xDF2B, 0xDF33, 0xDF37, 0xDF3D, 0xDF4B, 0xDF55, 0xDF5B, 0xDF67, 
-	0xDF69, 0xDF73, 0xDF85, 0xDF87, 0xDF99, 0xDFA3, 0xDFAB, 0xDFB5, 
-	0xDFB7, 0xDFC3, 0xDFC7, 0xDFD5, 0xDFF1, 0xDFF3, 0xE003, 0xE005, 
-	0xE017, 0xE01D, 0xE027, 0xE02D, 0xE035, 0xE045, 0xE053, 0xE071, 
-	0xE07B, 0xE08F, 0xE095, 0xE09F, 0xE0B7, 0xE0B9, 0xE0D5, 0xE0D7, 
-	0xE0E3, 0xE0F3, 0xE0F9, 0xE101, 0xE125, 0xE129, 0xE131, 0xE135, 
-	0xE143, 0xE14F, 0xE159, 0xE161, 0xE16D, 0xE171, 0xE177, 0xE17F, 
-	0xE183, 0xE189, 0xE197, 0xE1AD, 0xE1B5, 0xE1BB, 0xE1BF, 0xE1C1, 
-	0xE1CB, 0xE1D1, 0xE1E5, 0xE1EF, 0xE1F7, 0xE1FD, 0xE203, 0xE219, 
-	0xE22B, 0xE22D, 0xE23D, 0xE243, 0xE257, 0xE25B, 0xE275, 0xE279, 
-	0xE287, 0xE29D, 0xE2AB, 0xE2AF, 0xE2BB, 0xE2C1, 0xE2C9, 0xE2CD, 
-	0xE2D3, 0xE2D9, 0xE2F3, 0xE2FD, 0xE2FF, 0xE311, 0xE323, 0xE327, 
-	0xE329, 0xE339, 0xE33B, 0xE34D, 0xE351, 0xE357, 0xE35F, 0xE363, 
-	0xE369, 0xE375, 0xE377, 0xE37D, 0xE383, 0xE39F, 0xE3C5, 0xE3C9, 
-	0xE3D1, 0xE3E1, 0xE3FB, 0xE3FF, 0xE401, 0xE40B, 0xE417, 0xE419, 
-	0xE423, 0xE42B, 0xE431, 0xE43B, 0xE447, 0xE449, 0xE453, 0xE455, 
-	0xE46D, 0xE471, 0xE48F, 0xE4A9, 0xE4AF, 0xE4B5, 0xE4C7, 0xE4CD, 
-	0xE4D3, 0xE4E9, 0xE4EB, 0xE4F5, 0xE507, 0xE521, 0xE525, 0xE537, 
-	0xE53F, 0xE545, 0xE54B, 0xE557, 0xE567, 0xE56D, 0xE575, 0xE585, 
-	0xE58B, 0xE593, 0xE5A3, 0xE5A5, 0xE5CF, 0xE609, 0xE611, 0xE615, 
-	0xE61B, 0xE61D, 0xE621, 0xE629, 0xE639, 0xE63F, 0xE653, 0xE657, 
-	0xE663, 0xE66F, 0xE675, 0xE681, 0xE683, 0xE68D, 0xE68F, 0xE695, 
-	0xE6AB, 0xE6AD, 0xE6B7, 0xE6BD, 0xE6C5, 0xE6CB, 0xE6D5, 0xE6E3, 
-	0xE6E9, 0xE6EF, 0xE6F3, 0xE705, 0xE70D, 0xE717, 0xE71F, 0xE72F, 
-	0xE73D, 0xE747, 0xE749, 0xE753, 0xE755, 0xE761, 0xE767, 0xE76B, 
-	0xE77F, 0xE789, 0xE791, 0xE7C5, 0xE7CD, 0xE7D7, 0xE7DD, 0xE7DF, 
-	0xE7E9, 0xE7F1, 0xE7FB, 0xE801, 0xE807, 0xE80F, 0xE819, 0xE81B, 
-	0xE831, 0xE833, 0xE837, 0xE83D, 0xE84B, 0xE84F, 0xE851, 0xE869, 
-	0xE875, 0xE879, 0xE893, 0xE8A5, 0xE8A9, 0xE8AF, 0xE8BD, 0xE8DB, 
-	0xE8E1, 0xE8E5, 0xE8EB, 0xE8ED, 0xE903, 0xE90B, 0xE90F, 0xE915, 
-	0xE917, 0xE92D, 0xE933, 0xE93B, 0xE94B, 0xE951, 0xE95F, 0xE963, 
-	0xE969, 0xE97B, 0xE983, 0xE98F, 0xE995, 0xE9A1, 0xE9B9, 0xE9D7, 
-	0xE9E7, 0xE9EF, 0xEA11, 0xEA19, 0xEA2F, 0xEA35, 0xEA43, 0xEA4D, 
-	0xEA5F, 0xEA6D, 0xEA71, 0xEA7D, 0xEA85, 0xEA89, 0xEAAD, 0xEAB3, 
-	0xEAB9, 0xEABB, 0xEAC5, 0xEAC7, 0xEACB, 0xEADF, 0xEAE5, 0xEAEB, 
-	0xEAF5, 0xEB01, 0xEB07, 0xEB09, 0xEB31, 0xEB39, 0xEB3F, 0xEB5B, 
-	0xEB61, 0xEB63, 0xEB6F, 0xEB81, 0xEB85, 0xEB9D, 0xEBAB, 0xEBB1, 
-	0xEBB7, 0xEBC1, 0xEBD5, 0xEBDF, 0xEBED, 0xEBFD, 0xEC0B, 0xEC1B, 
-	0xEC21, 0xEC29, 0xEC4D, 0xEC51, 0xEC5D, 0xEC69, 0xEC6F, 0xEC7B, 
-	0xECAD, 0xECB9, 0xECBF, 0xECC3, 0xECC9, 0xECCF, 0xECD7, 0xECDD, 
-	0xECE7, 0xECE9, 0xECF3, 0xECF5, 0xED07, 0xED11, 0xED1F, 0xED2F, 
-	0xED37, 0xED3D, 0xED41, 0xED55, 0xED59, 0xED5B, 0xED65, 0xED6B, 
-	0xED79, 0xED8B, 0xED95, 0xEDBB, 0xEDC5, 0xEDD7, 0xEDD9, 0xEDE3, 
-	0xEDE5, 0xEDF1, 0xEDF5, 0xEDF7, 0xEDFB, 0xEE09, 0xEE0F, 0xEE19, 
-	0xEE21, 0xEE49, 0xEE4F, 0xEE63, 0xEE67, 0xEE73, 0xEE7B, 0xEE81, 
-	0xEEA3, 0xEEAB, 0xEEC1, 0xEEC9, 0xEED5, 0xEEDF, 0xEEE1, 0xEEF1, 
-	0xEF1B, 0xEF27, 0xEF2F, 0xEF45, 0xEF4D, 0xEF63, 0xEF6B, 0xEF71, 
-	0xEF93, 0xEF95, 0xEF9B, 0xEF9F, 0xEFAD, 0xEFB3, 0xEFC3, 0xEFC5, 
-	0xEFDB, 0xEFE1, 0xEFE9, 0xF001, 0xF017, 0xF01D, 0xF01F, 0xF02B, 
-	0xF02F, 0xF035, 0xF043, 0xF047, 0xF04F, 0xF067, 0xF06B, 0xF071, 
-	0xF077, 0xF079, 0xF08F, 0xF0A3, 0xF0A9, 0xF0AD, 0xF0BB, 0xF0BF, 
-	0xF0C5, 0xF0CB, 0xF0D3, 0xF0D9, 0xF0E3, 0xF0E9, 0xF0F1, 0xF0F7, 
-	0xF107, 0xF115, 0xF11B, 0xF121, 0xF137, 0xF13D, 0xF155, 0xF175, 
-	0xF17B, 0xF18D, 0xF193, 0xF1A5, 0xF1AF, 0xF1B7, 0xF1D5, 0xF1E7, 
-	0xF1ED, 0xF1FD, 0xF209, 0xF20F, 0xF21B, 0xF21D, 0xF223, 0xF227, 
-	0xF233, 0xF23B, 0xF241, 0xF257, 0xF25F, 0xF265, 0xF269, 0xF277, 
-	0xF281, 0xF293, 0xF2A7, 0xF2B1, 0xF2B3, 0xF2B9, 0xF2BD, 0xF2BF, 
-	0xF2DB, 0xF2ED, 0xF2EF, 0xF2F9, 0xF2FF, 0xF305, 0xF30B, 0xF319, 
-	0xF341, 0xF359, 0xF35B, 0xF35F, 0xF367, 0xF373, 0xF377, 0xF38B, 
-	0xF38F, 0xF3AF, 0xF3C1, 0xF3D1, 0xF3D7, 0xF3FB, 0xF403, 0xF409, 
-	0xF40D, 0xF413, 0xF421, 0xF425, 0xF42B, 0xF445, 0xF44B, 0xF455, 
-	0xF463, 0xF475, 0xF47F, 0xF485, 0xF48B, 0xF499, 0xF4A3, 0xF4A9, 
-	0xF4AF, 0xF4BD, 0xF4C3, 0xF4DB, 0xF4DF, 0xF4ED, 0xF503, 0xF50B, 
-	0xF517, 0xF521, 0xF529, 0xF535, 0xF547, 0xF551, 0xF563, 0xF56B, 
-	0xF583, 0xF58D, 0xF595, 0xF599, 0xF5B1, 0xF5B7, 0xF5C9, 0xF5CF, 
-	0xF5D1, 0xF5DB, 0xF5F9, 0xF5FB, 0xF605, 0xF607, 0xF60B, 0xF60D, 
-	0xF635, 0xF637, 0xF653, 0xF65B, 0xF661, 0xF667, 0xF679, 0xF67F, 
-	0xF689, 0xF697, 0xF69B, 0xF6AD, 0xF6CB, 0xF6DD, 0xF6DF, 0xF6EB, 
-	0xF709, 0xF70F, 0xF72D, 0xF731, 0xF743, 0xF74F, 0xF751, 0xF755, 
-	0xF763, 0xF769, 0xF773, 0xF779, 0xF781, 0xF787, 0xF791, 0xF79D, 
-	0xF79F, 0xF7A5, 0xF7B1, 0xF7BB, 0xF7BD, 0xF7CF, 0xF7D3, 0xF7E7, 
-	0xF7EB, 0xF7F1, 0xF7FF, 0xF805, 0xF80B, 0xF821, 0xF827, 0xF82D, 
-	0xF835, 0xF847, 0xF859, 0xF863, 0xF865, 0xF86F, 0xF871, 0xF877, 
-	0xF87B, 0xF881, 0xF88D, 0xF89F, 0xF8A1, 0xF8AB, 0xF8B3, 0xF8B7, 
-	0xF8C9, 0xF8CB, 0xF8D1, 0xF8D7, 0xF8DD, 0xF8E7, 0xF8EF, 0xF8F9, 
-	0xF8FF, 0xF911, 0xF91D, 0xF925, 0xF931, 0xF937, 0xF93B, 0xF941, 
-	0xF94F, 0xF95F, 0xF961, 0xF96D, 0xF971, 0xF977, 0xF99D, 0xF9A3, 
-	0xF9A9, 0xF9B9, 0xF9CD, 0xF9E9, 0xF9FD, 0xFA07, 0xFA0D, 0xFA13, 
-	0xFA21, 0xFA25, 0xFA3F, 0xFA43, 0xFA51, 0xFA5B, 0xFA6D, 0xFA7B, 
-	0xFA97, 0xFA99, 0xFA9D, 0xFAAB, 0xFABB, 0xFABD, 0xFAD9, 0xFADF, 
-	0xFAE7, 0xFAED, 0xFB0F, 0xFB17, 0xFB1B, 0xFB2D, 0xFB2F, 0xFB3F, 
-	0xFB47, 0xFB4D, 0xFB75, 0xFB7D, 0xFB8F, 0xFB93, 0xFBB1, 0xFBB7, 
-	0xFBC3, 0xFBC5, 0xFBE3, 0xFBE9, 0xFBF3, 0xFC01, 0xFC29, 0xFC37, 
-	0xFC41, 0xFC43, 0xFC4F, 0xFC59, 0xFC61, 0xFC65, 0xFC6D, 0xFC73, 
-	0xFC79, 0xFC95, 0xFC97, 0xFC9B, 0xFCA7, 0xFCB5, 0xFCC5, 0xFCCD, 
-	0xFCEB, 0xFCFB, 0xFD0D, 0xFD0F, 0xFD19, 0xFD2B, 0xFD31, 0xFD51, 
-	0xFD55, 0xFD67, 0xFD6D, 0xFD6F, 0xFD7B, 0xFD85, 0xFD97, 0xFD99, 
-	0xFD9F, 0xFDA9, 0xFDB7, 0xFDC9, 0xFDE5, 0xFDEB, 0xFDF3, 0xFE03, 
-	0xFE05, 0xFE09, 0xFE1D, 0xFE27, 0xFE2F, 0xFE41, 0xFE4B, 0xFE4D, 
-	0xFE57, 0xFE5F, 0xFE63, 0xFE69, 0xFE75, 0xFE7B, 0xFE8F, 0xFE93, 
-	0xFE95, 0xFE9B, 0xFE9F, 0xFEB3, 0xFEBD, 0xFED7, 0xFEE9, 0xFEF3, 
-	0xFEF5, 0xFF07, 0xFF0D, 0xFF1D, 0xFF2B, 0xFF2F, 0xFF49, 0xFF4D, 
-	0xFF5B, 0xFF65, 0xFF71, 0xFF7F, 0xFF85, 0xFF8B, 0xFF8F, 0xFF9D, 
-	0xFFA7, 0xFFA9, 0xFFC7, 0xFFD9, 0xFFEF, 0xFFF1, 
-#endif
-};
-
diff --git a/security/nss/lib/freebl/mpi/stats b/security/nss/lib/freebl/mpi/stats
deleted file mode 100755
index dd63ca0db..000000000
--- a/security/nss/lib/freebl/mpi/stats
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/usr/bin/perl
-
-#
-# Treat each line as a sequence of comma and/or space delimited
-# floating point numbers, and compute basic statistics on them.
-# These are written to standard output
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-$min = 1.7976931348623157E+308;
-$max = 2.2250738585072014E-308;
-$sum = $num = 0;
-
-while(<>) {
-    chomp;
-
-    @nums = split(/[\s,]+/, $_);
-    next if($#nums < 0);
-
-    $num += scalar @nums;
-    foreach (@nums) {
-	$min = $_ if($_ < $min);
-	$max = $_ if($_ > $max);
-	$sum += $_;
-    }
-}
-
-if($num) {
-    $avg = $sum / $num;
-} else {
-    $min = $max = 0;
-}
-
-printf "%d\tmin=%.2f, avg=%.2f, max=%.2f, sum=%.2f\n",
-    $num, $min, $avg, $max, $sum;
-
-# end
diff --git a/security/nss/lib/freebl/mpi/test-arrays.txt b/security/nss/lib/freebl/mpi/test-arrays.txt
deleted file mode 100644
index d247154be..000000000
--- a/security/nss/lib/freebl/mpi/test-arrays.txt
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# Test suite table for MPI library
-#
-# Format of entries:
-# suite-name:function-name:description
-#
-# suite-name	The name used to identify this test in mpi-test
-# function-name	The function called to perform this test in mpi-test.c
-# description   A brief description of what the suite tests
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-## 
-# $Id$
-#
-list:test_list:print out a list of the available test suites
-copy:test_copy:test assignment of mp-int structures
-exchange:test_exch:test exchange of mp-int structures
-zero:test_zero:test zeroing of an mp-int
-set:test_set:test setting an mp-int to a small constant
-absolute-value:test_abs:test the absolute value function
-negate:test_neg:test the arithmetic negation function
-add-digit:test_add_d:test digit addition
-add:test_add:test full addition
-subtract-digit:test_sub_d:test digit subtraction
-subtract:test_sub:test full subtraction
-multiply-digit:test_mul_d:test digit multiplication
-multiply:test_mul:test full multiplication
-square:test_sqr:test full squaring function
-divide-digit:test_div_d:test digit division
-divide-2:test_div_2:test division by two
-divide-2d:test_div_2d:test division & remainder by 2^d
-divide:test_div:test full division
-expt-digit:test_expt_d:test digit exponentiation
-expt:test_expt:test full exponentiation
-expt-2:test_2expt:test power-of-two exponentiation
-square-root:test_sqrt:test integer square root function
-modulo-digit:test_mod_d:test digit modular reduction
-modulo:test_mod:test full modular reduction
-mod-add:test_addmod:test modular addition
-mod-subtract:test_submod:test modular subtraction
-mod-multiply:test_mulmod:test modular multiplication
-mod-square:test_sqrmod:test modular squaring function
-mod-expt:test_exptmod:test full modular exponentiation
-mod-expt-digit:test_exptmod_d:test digit modular exponentiation
-mod-inverse:test_invmod:test modular inverse function
-compare-digit:test_cmp_d:test digit comparison function
-compare-zero:test_cmp_z:test zero comparison function
-compare:test_cmp:test general signed comparison
-compare-magnitude:test_cmp_mag:test general magnitude comparison
-parity:test_parity:test parity comparison functions
-gcd:test_gcd:test greatest common divisor functions
-lcm:test_lcm:test least common multiple function
-conversion:test_convert:test general radix conversion facilities
-binary:test_raw:test raw output format
-pprime:test_pprime:test probabilistic primality tester
-fermat:test_fermat:test Fermat pseudoprimality tester
diff --git a/security/nss/lib/freebl/mpi/test-info.c b/security/nss/lib/freebl/mpi/test-info.c
deleted file mode 100644
index f84013e2e..000000000
--- a/security/nss/lib/freebl/mpi/test-info.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- *  test-info.c
- *
- *  Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-/* Table mapping test suite names to index numbers */
-const int   g_count = 42;
-const char *g_names[] = {
-   "list",              /* print out a list of the available test suites */
-   "copy",              /* test assignment of mp-int structures          */
-   "exchange",          /* test exchange of mp-int structures            */
-   "zero",              /* test zeroing of an mp-int                     */
-   "set",               /* test setting an mp-int to a small constant    */
-   "absolute-value",    /* test the absolute value function              */
-   "negate",            /* test the arithmetic negation function         */
-   "add-digit",         /* test digit addition                           */
-   "add",               /* test full addition                            */
-   "subtract-digit",    /* test digit subtraction                        */
-   "subtract",          /* test full subtraction                         */
-   "multiply-digit",    /* test digit multiplication                     */
-   "multiply",          /* test full multiplication                      */
-   "square",            /* test full squaring function                   */
-   "divide-digit",      /* test digit division                           */
-   "divide-2",          /* test division by two                          */
-   "divide-2d",         /* test division & remainder by 2^d              */
-   "divide",            /* test full division                            */
-   "expt-digit",        /* test digit exponentiation                     */
-   "expt",              /* test full exponentiation                      */
-   "expt-2",            /* test power-of-two exponentiation              */
-   "square-root",       /* test integer square root function             */
-   "modulo-digit",      /* test digit modular reduction                  */
-   "modulo",            /* test full modular reduction                   */
-   "mod-add",           /* test modular addition                         */
-   "mod-subtract",      /* test modular subtraction                      */
-   "mod-multiply",      /* test modular multiplication                   */
-   "mod-square",        /* test modular squaring function                */
-   "mod-expt",          /* test full modular exponentiation              */
-   "mod-expt-digit",    /* test digit modular exponentiation             */
-   "mod-inverse",       /* test modular inverse function                 */
-   "compare-digit",     /* test digit comparison function                */
-   "compare-zero",      /* test zero comparison function                 */
-   "compare",           /* test general signed comparison                */
-   "compare-magnitude", /* test general magnitude comparison             */
-   "parity",            /* test parity comparison functions              */
-   "gcd",               /* test greatest common divisor functions        */
-   "lcm",               /* test least common multiple function           */
-   "conversion",        /* test general radix conversion facilities      */
-   "binary",            /* test raw output format                        */
-   "pprime",            /* test probabilistic primality tester           */
-   "fermat"             /* test Fermat pseudoprimality tester            */
-};
-
-/* Test function prototypes */
-int  test_list(void);
-int  test_copy(void);
-int  test_exch(void);
-int  test_zero(void);
-int  test_set(void);
-int  test_abs(void);
-int  test_neg(void);
-int  test_add_d(void);
-int  test_add(void);
-int  test_sub_d(void);
-int  test_sub(void);
-int  test_mul_d(void);
-int  test_mul(void);
-int  test_sqr(void);
-int  test_div_d(void);
-int  test_div_2(void);
-int  test_div_2d(void);
-int  test_div(void);
-int  test_expt_d(void);
-int  test_expt(void);
-int  test_2expt(void);
-int  test_sqrt(void);
-int  test_mod_d(void);
-int  test_mod(void);
-int  test_addmod(void);
-int  test_submod(void);
-int  test_mulmod(void);
-int  test_sqrmod(void);
-int  test_exptmod(void);
-int  test_exptmod_d(void);
-int  test_invmod(void);
-int  test_cmp_d(void);
-int  test_cmp_z(void);
-int  test_cmp(void);
-int  test_cmp_mag(void);
-int  test_parity(void);
-int  test_gcd(void);
-int  test_lcm(void);
-int  test_convert(void);
-int  test_raw(void);
-int  test_pprime(void);
-int  test_fermat(void);
-
-/* Table mapping index numbers to functions */
-int (*g_tests[])(void)  = {
-   test_list,     test_copy,     test_exch,     test_zero,     
-   test_set,      test_abs,      test_neg,      test_add_d,    
-   test_add,      test_sub_d,    test_sub,      test_mul_d,    
-   test_mul,      test_sqr,      test_div_d,    test_div_2,    
-   test_div_2d,   test_div,      test_expt_d,   test_expt,     
-   test_2expt,    test_sqrt,     test_mod_d,    test_mod,      
-   test_addmod,   test_submod,   test_mulmod,   test_sqrmod,   
-   test_exptmod,  test_exptmod_d, test_invmod,   test_cmp_d,    
-   test_cmp_z,    test_cmp,      test_cmp_mag,  test_parity,   
-   test_gcd,      test_lcm,      test_convert,  test_raw,      
-   test_pprime,   test_fermat
-};
-
-/* Table mapping index numbers to descriptions */
-const char *g_descs[] = {
-   "print out a list of the available test suites",
-   "test assignment of mp-int structures",
-   "test exchange of mp-int structures",
-   "test zeroing of an mp-int",
-   "test setting an mp-int to a small constant",
-   "test the absolute value function",
-   "test the arithmetic negation function",
-   "test digit addition",
-   "test full addition",
-   "test digit subtraction",
-   "test full subtraction",
-   "test digit multiplication",
-   "test full multiplication",
-   "test full squaring function",
-   "test digit division",
-   "test division by two",
-   "test division & remainder by 2^d",
-   "test full division",
-   "test digit exponentiation",
-   "test full exponentiation",
-   "test power-of-two exponentiation",
-   "test integer square root function",
-   "test digit modular reduction",
-   "test full modular reduction",
-   "test modular addition",
-   "test modular subtraction",
-   "test modular multiplication",
-   "test modular squaring function",
-   "test full modular exponentiation",
-   "test digit modular exponentiation",
-   "test modular inverse function",
-   "test digit comparison function",
-   "test zero comparison function",
-   "test general signed comparison",
-   "test general magnitude comparison",
-   "test parity comparison functions",
-   "test greatest common divisor functions",
-   "test least common multiple function",
-   "test general radix conversion facilities",
-   "test raw output format",
-   "test probabilistic primality tester",
-   "test Fermat pseudoprimality tester"
-};
-
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE b/security/nss/lib/freebl/mpi/tests/LICENSE
deleted file mode 100644
index c2c5d0190..000000000
--- a/security/nss/lib/freebl/mpi/tests/LICENSE
+++ /dev/null
@@ -1,6 +0,0 @@
-Within this directory, each of the file listed below is licensed under 
-the terms given in the file LICENSE-MPL, also in this directory.
-
-pi1k.txt
-pi2k.txt
-pi5k.txt
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation.  Portions created by Netscape are 
-Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable 
-instead of those above.  If you wish to allow use of your 
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-1.c b/security/nss/lib/freebl/mpi/tests/mptest-1.c
deleted file mode 100644
index 6861e616e..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-1.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 1: Simple input test (drives single-digit multiply and add,
- *         as well as I/O routines)
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#ifdef MAC_CW_SIOUX
-#include <console.h>
-#endif
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  int    ix;
-  mp_int mp;
-
-#ifdef MAC_CW_SIOUX
-  argc = ccommand(&argv);
-#endif
-
-  mp_init(&mp);
-  
-  for(ix = 1; ix < argc; ix++) {
-    mp_read_radix(&mp, argv[ix], 10);
-    mp_print(&mp, stdout);
-    fputc('\n', stdout);
-  }
-
-  mp_clear(&mp);
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-2.c b/security/nss/lib/freebl/mpi/tests/mptest-2.c
deleted file mode 100644
index d350d1d49..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-2.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 2: Basic addition and subtraction test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int a, b, c;
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 2: Basic addition and subtraction\n\n");
-
-  mp_init(&a);
-  mp_init(&b);
-
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&b, argv[2], 10);
-  printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-  
-  mp_init(&c);
-  printf("c = a + b\n");
-
-  mp_add(&a, &b, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-  
-  printf("c = a - b\n");
-  
-  mp_sub(&a, &b, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);  
-
-  mp_clear(&c);
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3.c b/security/nss/lib/freebl/mpi/tests/mptest-3.c
deleted file mode 100644
index ac2dd2c6c..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-3.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 3: Multiplication, division, and exponentiation test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <time.h>
-
-#include "mpi.h"
-
-#define  SQRT 1  /* define nonzero to get square-root test  */
-#define  EXPT 0  /* define nonzero to get exponentiate test */
-
-int main(int argc, char *argv[])
-{
-  int      ix;
-  mp_int   a, b, c, d;
-  mp_digit r;
-  mp_err   res;
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 3: Multiplication and division\n\n");
-  srand(time(NULL));
-
-  mp_init(&a);
-  mp_init(&b);
-
-  mp_read_variable_radix(&a, argv[1], 10);
-  mp_read_variable_radix(&b, argv[2], 10);
-  printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-  
-  mp_init(&c);
-  printf("\nc = a * b\n");
-
-  mp_mul(&a, &b, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nc = b * 32523\n");
-
-  mp_mul_d(&b, 32523, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-  
-  mp_init(&d);
-  printf("\nc = a / b, d = a mod b\n");
-  
-  mp_div(&a, &b, &c, &d);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);  
-  printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);  
-
-  ix = rand() % 256;
-  printf("\nc = a / %d, r = a mod %d\n", ix, ix);
-  mp_div_d(&a, (mp_digit)ix, &c, &r);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);  
-  printf("r = %04X\n", r);
-
-#if EXPT
-  printf("\nc = a ** b\n");
-  mp_expt(&a, &b, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);  
-#endif
-
-  ix = rand() % 256;
-  printf("\nc = 2^%d\n", ix);
-  mp_2expt(&c, ix);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-#if SQRT
-  printf("\nc = sqrt(a)\n");
-  if((res = mp_sqrt(&a, &c)) != MP_OKAY) {
-    printf("mp_sqrt: %s\n", mp_strerror(res));
-  } else {
-    printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-    mp_sqr(&c, &c);
-    printf("c^2 = "); mp_print(&c, stdout); fputc('\n', stdout);
-  }
-#endif
-
-  mp_clear(&d);
-  mp_clear(&c);
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3a.c b/security/nss/lib/freebl/mpi/tests/mptest-3a.c
deleted file mode 100644
index 014bd386c..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-3a.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 3a: Multiplication vs. squaring timing test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
-  int        ix, num, prec = 8;
-  double     d1, d2;
-  clock_t    start, finish;
-  time_t     seed;
-  mp_int     a, c, d;
-
-  seed = time(NULL);
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
-    return 1;
-  }
-
-  if((num = atoi(argv[1])) < 0)
-    num = -num;
-
-  if(!num) {
-    fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
-    return 1;
-  }
-
-  if(argc > 2) {
-    if((prec = atoi(argv[2])) <= 0)
-      prec = 8;
-    else
-      prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-  }
-  
-  printf("Test 3a: Multiplication vs squaring timing test\n"
-	 "Precision:  %d digits (%u bits)\n"
-	 "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
-  mp_init_size(&a, prec);
-
-  mp_init(&c); mp_init(&d);
-
-  printf("Verifying accuracy ... \n");
-  srand((unsigned int)seed);
-  for(ix = 0; ix < num; ix++) {
-    mpp_random_size(&a, prec);
-    mp_mul(&a, &a, &c);
-    mp_sqr(&a, &d);
-
-    if(mp_cmp(&c, &d) != 0) {
-      printf("Error!  Results not accurate:\n");
-      printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-      printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-      printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
-      mp_sub(&c, &d, &d);
-      printf("dif "); mp_print(&d, stdout); fputc('\n', stdout);
-      mp_clear(&c); mp_clear(&d);
-      mp_clear(&a);
-      return 1;
-    }
-  }
-  printf("Accuracy is confirmed for the %d test samples\n", num);
-  mp_clear(&d);
-
-  printf("Testing squaring ... \n");
-  srand((unsigned int)seed);
-  start = clock();
-  for(ix = 0; ix < num; ix++) {
-    mpp_random_size(&a, prec);
-    mp_sqr(&a, &c);
-  }
-  finish = clock();
-
-  d2 = (double)(finish - start) / CLOCKS_PER_SEC;
-
-  printf("Testing multiplication ... \n");
-  srand((unsigned int)seed);
-  start = clock();
-  for(ix = 0; ix < num; ix++) {
-    mpp_random(&a);
-    mp_mul(&a, &a, &c);
-  }
-  finish = clock();
-
-  d1 = (double)(finish - start) / CLOCKS_PER_SEC;
-
-  printf("Multiplication time: %.3f sec (%.3f each)\n", d1, d1 / num);
-  printf("Squaring time:       %.3f sec (%.3f each)\n", d2, d2 / num);
-  printf("Improvement:         %.2f%%\n", (1.0 - (d2 / d1)) * 100.0);
-
-  mp_clear(&c);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4.c b/security/nss/lib/freebl/mpi/tests/mptest-4.c
deleted file mode 100644
index 6a9920cd8..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 4: Modular arithmetic tests
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  int      ix;
-  mp_int   a, b, c, m;
-  mp_digit r;
-
-  if(argc < 4) {
-    fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 4: Modular arithmetic\n\n");
-
-  mp_init(&a);
-  mp_init(&b);
-  mp_init(&m);
-
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&b, argv[2], 10);
-  mp_read_radix(&m, argv[3], 10);
-  printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-  printf("m = "); mp_print(&m, stdout); fputc('\n', stdout);
-  
-  mp_init(&c);
-  printf("\nc = a (mod m)\n");
-
-  mp_mod(&a, &m, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nc = b (mod m)\n");
-
-  mp_mod(&b, &m, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nc = b (mod 1853)\n");
-
-  mp_mod_d(&b, 1853, &r);
-  printf("c = %04X\n", r);
-
-  printf("\nc = (a + b) mod m\n");
-
-  mp_addmod(&a, &b, &m, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nc = (a - b) mod m\n");
-
-  mp_submod(&a, &b, &m, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nc = (a * b) mod m\n");
-
-  mp_mulmod(&a, &b, &m, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nc = (a ** b) mod m\n");
-
-  mp_exptmod(&a, &b, &m, &c);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  printf("\nIn-place modular squaring test:\n");
-  for(ix = 0; ix < 5; ix++) {
-    printf("a = (a * a) mod m   a = ");
-    mp_sqrmod(&a, &m, &a);
-    mp_print(&a, stdout);
-    fputc('\n', stdout);
-  }
-  
-
-  mp_clear(&c);
-  mp_clear(&m);
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4a.c b/security/nss/lib/freebl/mpi/tests/mptest-4a.c
deleted file mode 100644
index 22610b8a5..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4a.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* 
- *  mptest4a - modular exponentiation speed test 
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-typedef struct {
-  unsigned int  sec;
-  unsigned int  usec;
-} instant_t;
-
-instant_t now(void)
-{
-  struct timeval clk;
-  instant_t      res;
-
-  res.sec = res.usec = 0;
-
-  if(gettimeofday(&clk, NULL) != 0)
-    return res;
-
-  res.sec = clk.tv_sec;
-  res.usec = clk.tv_usec;
-
-  return res;
-}
-
-extern mp_err s_mp_pad();
-
-int main(int argc, char *argv[])
-{
-  int        ix, num, prec = 8;
-  unsigned   int d;
-  instant_t  start, finish;
-  time_t     seed;
-  mp_int     a, m, c;
-
-  seed = time(NULL);
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
-    return 1;
-  }
-
-  if((num = atoi(argv[1])) < 0)
-    num = -num;
-
-  if(!num) {
-    fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
-    return 1;
-  }
-
-  if(argc > 2) {
-    if((prec = atoi(argv[2])) <= 0)
-      prec = 8;
-  }
-  
-  printf("Test 3a: Modular exponentiation timing test\n"
-	 "Precision:  %d digits (%d bits)\n"
-	 "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
-  mp_init_size(&a, prec);
-  mp_init_size(&m, prec);
-  mp_init_size(&c, prec);
-  s_mp_pad(&a, prec);
-  s_mp_pad(&m, prec);
-  s_mp_pad(&c, prec);
-
-  printf("Testing modular exponentiation ... \n");
-  srand((unsigned int)seed);
-
-  start = now();
-  for(ix = 0; ix < num; ix++) {
-    mpp_random(&a);
-    mpp_random(&c);
-    mpp_random(&m);
-    mp_exptmod(&a, &c, &m, &c);
-  }
-  finish = now();
-
-  d = (finish.sec - start.sec) * 1000000;
-  d -= start.usec; d += finish.usec;
-
-  printf("Total time elapsed:        %u usec\n", d);
-  printf("Time per exponentiation:   %u usec (%.3f sec)\n", 
-	 (d / num), (double)(d / num) / 1000000);
-
-  mp_clear(&c);
-  mp_clear(&a);
-  mp_clear(&m);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4b.c b/security/nss/lib/freebl/mpi/tests/mptest-4b.c
deleted file mode 100644
index 77a38eb8d..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4b.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * mptest-4b.c
- *
- * Test speed of a large modular exponentiation of a primitive element
- * modulo a prime.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-char *g_prime = 
-  "34BD53C07350E817CCD49721020F1754527959C421C1533244769D4CF060A8B1C3DA"
-  "25094BE723FB1E2369B55FEEBBE0FAC16425161BF82684062B5EC5D7D47D1B23C117"
-  "0FA19745E44A55E148314E582EB813AC9EE5126295E2E380CACC2F6D206B293E5ED9"
-  "23B54EE961A8C69CD625CE4EC38B70C649D7F014432AEF3A1C93";
-char *g_gen = "5";
-
-typedef struct {
-  unsigned int  sec;
-  unsigned int  usec;
-} instant_t;
-
-instant_t now(void)
-{
-  struct timeval clk;
-  instant_t      res;
-
-  res.sec = res.usec = 0;
-
-  if(gettimeofday(&clk, NULL) != 0)
-    return res;
-
-  res.sec = clk.tv_sec;
-  res.usec = clk.tv_usec;
-
-  return res;
-}
-
-extern mp_err s_mp_pad();
-
-int main(int argc, char *argv[])
-{
-  instant_t    start, finish;
-  mp_int       prime, gen, expt, res;
-  unsigned int ix, diff;
-  int          num;
-
-  srand(time(NULL));
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
-    return 1;
-  }
-
-  if((num = atoi(argv[1])) < 0)
-    num = -num;
-
-  if(num == 0)
-    ++num;
-
-  mp_init(&prime); mp_init(&gen); mp_init(&res);
-  mp_read_radix(&prime, g_prime, 16);
-  mp_read_radix(&gen, g_gen, 16);
-
-  mp_init_size(&expt, USED(&prime) - 1);
-  s_mp_pad(&expt, USED(&prime) - 1);
-
-  printf("Testing %d modular exponentations ... \n", num);
-
-  start = now();
-  for(ix = 0; ix < num; ix++) {
-    mpp_random(&expt);
-    mp_exptmod(&gen, &expt, &prime, &res);
-  }
-  finish = now();
-
-  diff = (finish.sec - start.sec) * 1000000;
-  diff += finish.usec; diff -= start.usec;
-
-  printf("%d operations took %u usec (%.3f sec)\n",
-	 num, diff, (double)diff / 1000000.0);
-  printf("That is %.3f sec per operation.\n",
-	 ((double)diff / 1000000.0) / num);
-
-  mp_clear(&expt);
-  mp_clear(&res);
-  mp_clear(&gen);
-  mp_clear(&prime);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5.c b/security/nss/lib/freebl/mpi/tests/mptest-5.c
deleted file mode 100644
index 4b161d1b8..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-5.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 5: Other number theoretic functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int   a, b, c, x, y;
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 5: Number theoretic functions\n\n");
-
-  mp_init(&a);
-  mp_init(&b);
-
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&b, argv[2], 10);
-
-  printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-  
-  mp_init(&c);
-  printf("\nc = (a, b)\n");
-
-  mp_gcd(&a, &b, &c);
-  printf("Euclid: c = "); mp_print(&c, stdout); fputc('\n', stdout);
-/*
-  mp_bgcd(&a, &b, &c);
-  printf("Binary: c = "); mp_print(&c, stdout); fputc('\n', stdout);
-*/
-  mp_init(&x);
-  mp_init(&y);
-  printf("\nc = (a, b) = ax + by\n");
-
-  mp_xgcd(&a, &b, &c, &x, &y);
-  printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-  printf("x = "); mp_print(&x, stdout); fputc('\n', stdout);
-  printf("y = "); mp_print(&y, stdout); fputc('\n', stdout);
-
-  printf("\nc = a^-1 (mod b)\n");
-  if(mp_invmod(&a, &b, &c) == MP_UNDEF) {
-    printf("a has no inverse mod b\n");
-  } else {
-    printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-  }
-
-  mp_clear(&y);
-  mp_clear(&x);
-  mp_clear(&c);
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5a.c b/security/nss/lib/freebl/mpi/tests/mptest-5a.c
deleted file mode 100644
index 82552b766..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-5a.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 5a: Greatest common divisor speed test, binary vs. Euclid
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-typedef struct {
-  unsigned int  sec;
-  unsigned int  usec;
-} instant_t;
-
-instant_t now(void)
-{
-  struct timeval clk;
-  instant_t      res;
-
-  res.sec = res.usec = 0;
-
-  if(gettimeofday(&clk, NULL) != 0)
-    return res;
-
-  res.sec = clk.tv_sec;
-  res.usec = clk.tv_usec;
-
-  return res;
-}
-
-#define PRECISION 16
-
-int main(int argc, char *argv[])
-{
-  int          ix, num, prec = PRECISION;
-  mp_int       a, b, c, d;
-  instant_t    start, finish;
-  time_t       seed;
-  unsigned int d1, d2;
-
-  seed = time(NULL);
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
-    return 1;
-  }
-
-  if((num = atoi(argv[1])) < 0)
-    num = -num;
-
-  printf("Test 5a: Euclid vs. Binary, a GCD speed test\n\n"
-	 "Number of tests: %d\n"
-	 "Precision:       %d digits\n\n", num, prec);
-
-  mp_init_size(&a, prec);
-  mp_init_size(&b, prec);
-  mp_init(&c);
-  mp_init(&d);
-
-  printf("Verifying accuracy ... \n");
-  srand((unsigned int)seed);
-  for(ix = 0; ix < num; ix++) {
-    mpp_random_size(&a, prec);
-    mpp_random_size(&b, prec);
-
-    mp_gcd(&a, &b, &c);
-    mp_bgcd(&a, &b, &d);
-
-    if(mp_cmp(&c, &d) != 0) {
-      printf("Error!  Results not accurate:\n");
-      printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-      printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-      printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-      printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
-
-      mp_clear(&a); mp_clear(&b); mp_clear(&c); mp_clear(&d);
-      return 1;
-    }
-  }
-  mp_clear(&d);
-  printf("Accuracy confirmed for the %d test samples\n", num);
-
-  printf("Testing Euclid ... \n");
-  srand((unsigned int)seed);
-  start = now();
-  for(ix = 0; ix < num; ix++) {
-    mpp_random_size(&a, prec);
-    mpp_random_size(&b, prec);
-    mp_gcd(&a, &b, &c);
-
-  }
-  finish = now();
-
-  d1 = (finish.sec - start.sec) * 1000000;
-  d1 -= start.usec; d1 += finish.usec;
-
-  printf("Testing binary ... \n");
-  srand((unsigned int)seed);
-  start = now();
-  for(ix = 0; ix < num; ix++) {
-    mpp_random_size(&a, prec);
-    mpp_random_size(&b, prec);
-    mp_bgcd(&a, &b, &c);
-  }
-  finish = now();
-
-  d2 = (finish.sec - start.sec) * 1000000;
-  d2 -= start.usec; d2 += finish.usec;
-
-  printf("Euclidean algorithm time: %u usec\n", d1);
-  printf("Binary algorithm time:    %u usec\n", d2);
-  printf("Improvement:              %.2f%%\n",
-         (1.0 - ((double)d2 / (double)d1)) * 100.0);
-
-  mp_clear(&c);
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-6.c b/security/nss/lib/freebl/mpi/tests/mptest-6.c
deleted file mode 100644
index 5e91716de..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-6.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- *  Simple test driver for MPI library
- *
- *  Test 6: Output functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-void print_buf(FILE *ofp, char *buf, int len)
-{
-  int ix, brk = 0;
-
-  for(ix = 0; ix < len; ix++) {
-    fprintf(ofp, "%02X ", buf[ix]);
-
-    brk = (brk + 1) & 0xF;
-    if(!brk) 
-      fputc('\n', ofp);
-  }
-
-  if(brk)
-    fputc('\n', ofp);
-
-}
-
-int main(int argc, char *argv[])
-{
-  int       ix, size;
-  mp_int    a;
-  char     *buf;
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <a>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 6: Output functions\n\n");
-
-  mp_init(&a);
-
-  mp_read_radix(&a, argv[1], 10);
-
-  printf("\nConverting to a string:\n");
-
-  printf("Rx Size Representation\n");
-  for(ix = 2; ix <= MAX_RADIX; ix++) {
-    size = mp_radix_size(&a, ix);
-
-    buf = calloc(size, sizeof(char));
-    mp_toradix(&a, buf, ix);
-    printf("%2d: %3d: %s\n", ix, size, buf);
-    free(buf);
-
-  }
-
-  printf("\nRaw output:\n");
-  size = mp_raw_size(&a);
-  buf = calloc(size, sizeof(char));
-
-  printf("Size:  %d bytes\n", size);
-
-  mp_toraw(&a, buf);
-  print_buf(stdout, buf, size);
-  free(buf);
-  
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-7.c b/security/nss/lib/freebl/mpi/tests/mptest-7.c
deleted file mode 100644
index 4b41a1a4f..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-7.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- *  Simple test driver for MPI library
- *
- *  Test 7: Random and divisibility tests
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_IOFUNC
-#include "mpi.h"
-
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
-  mp_digit  num;
-  mp_int    a, b;
-
-  srand(time(NULL));
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 7: Random & divisibility tests\n\n");
-
-  mp_init(&a);
-  mp_init(&b);
-
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&b, argv[2], 10);
-
-  printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
-  if(mpp_divis(&a, &b) == MP_YES)
-    printf("a is divisible by b\n");
-  else
-    printf("a is not divisible by b\n");
-
-  if(mpp_divis(&b, &a) == MP_YES)
-    printf("b is divisible by a\n");
-  else
-    printf("b is not divisible by a\n");
-
-  printf("\nb = mpp_random()\n");
-  mpp_random(&b);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-  mpp_random(&b);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-  mpp_random(&b);
-  printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
-  printf("\nTesting a for divisibility by first 170 primes\n");
-  num = 170;
-  if(mpp_divis_primes(&a, &num) == MP_YES)
-    printf("It is divisible by at least one of them\n");
-  else
-    printf("It is not divisible by any of them\n");
-
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-8.c b/security/nss/lib/freebl/mpi/tests/mptest-8.c
deleted file mode 100644
index e2ddc2c19..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-8.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- *  Simple test driver for MPI library
- *
- *  Test 8: Probabilistic primality tester
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_IOFUNC
-#include "mpi.h"
-
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
-  int       ix;
-  mp_digit  num;
-  mp_int    a;
-
-  srand(time(NULL));
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <a>\n", argv[0]);
-    return 1;
-  }
-
-  printf("Test 8: Probabilistic primality testing\n\n");
-
-  mp_init(&a);
-
-  mp_read_radix(&a, argv[1], 10);
-
-  printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-
-  printf("\nChecking for divisibility by small primes ... \n");
-  num = 170;
-  if(mpp_divis_primes(&a, &num) == MP_YES) {
-    printf("it is not prime\n");
-    goto CLEANUP;
-  }
-  printf("Passed that test (not divisible by any small primes).\n");
-
-  for(ix = 0; ix < 10; ix++) {
-    printf("\nPerforming Rabin-Miller test, iteration %d\n", ix + 1);
-
-    if(mpp_pprime(&a, 5) == MP_NO) {
-      printf("it is not prime\n");
-      goto CLEANUP;
-    }
-  }
-  printf("All tests passed; a is probably prime\n");
-
-CLEANUP:
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-9.c b/security/nss/lib/freebl/mpi/tests/mptest-9.c
deleted file mode 100644
index 07d6410c7..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-9.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- *    mptest-9.c
- *
- *   Test logical functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mplogic.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int    a, b, c;
-  int       pco;
-  mp_err    res;
-
-  printf("Test 9: Logical functions\n\n");
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a); mp_init(&b); mp_init(&c);
-  mp_read_radix(&a, argv[1], 16);
-  mp_read_radix(&b, argv[2], 16);
-
-  printf("a       = "); mp_print(&a, stdout); fputc('\n', stdout);
-  printf("b       = "); mp_print(&b, stdout); fputc('\n', stdout);
-
-  mpl_not(&a, &c);
-  printf("~a      = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  mpl_and(&a, &b, &c);
-  printf("a & b   = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  mpl_or(&a, &b, &c);
-  printf("a | b   = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  mpl_xor(&a, &b, &c);
-  printf("a ^ b   = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  mpl_rsh(&a, &c, 1);
-  printf("a >>  1 = "); mp_print(&c, stdout); fputc('\n', stdout);
-  mpl_rsh(&a, &c, 5);
-  printf("a >>  5 = "); mp_print(&c, stdout); fputc('\n', stdout);
-  mpl_rsh(&a, &c, 16);
-  printf("a >> 16 = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  mpl_lsh(&a, &c, 1);
-  printf("a <<  1 = "); mp_print(&c, stdout); fputc('\n', stdout);
-  mpl_lsh(&a, &c, 5);
-  printf("a <<  5 = "); mp_print(&c, stdout); fputc('\n', stdout);
-  mpl_lsh(&a, &c, 16);
-  printf("a << 16 = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-  mpl_num_set(&a, &pco);
-  printf("population(a) = %d\n", pco);
-  mpl_num_set(&b, &pco);
-  printf("population(b) = %d\n", pco);
-
-  res = mpl_parity(&a);
-  if(res == MP_EVEN)
-    printf("a has even parity\n");
-  else
-    printf("a has odd parity\n");
-  
-  mp_clear(&c);
-  mp_clear(&b);
-  mp_clear(&a);
-
-  return 0;
-}
-
diff --git a/security/nss/lib/freebl/mpi/tests/pi1k.txt b/security/nss/lib/freebl/mpi/tests/pi1k.txt
deleted file mode 100644
index 5ff6209ff..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi1k.txt
+++ /dev/null
@@ -1 +0,0 @@
-31415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989
diff --git a/security/nss/lib/freebl/mpi/tests/pi2k.txt b/security/nss/lib/freebl/mpi/tests/pi2k.txt
deleted file mode 100644
index 9ce82acd1..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi2k.txt
+++ /dev/null
@@ -1 +0,0 @@
-314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759010
diff --git a/security/nss/lib/freebl/mpi/tests/pi5k.txt b/security/nss/lib/freebl/mpi/tests/pi5k.txt
deleted file mode 100644
index 901fac2ea..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi5k.txt
+++ /dev/null
@@ -1 +0,0 @@
-314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759009946576407895126946839835259570982582262052248940772671947826848260147699090264013639443745530506820349625245174939965143142980919065925093722169646151570985838741059788595977297549893016175392846813826868386894277415599185592524595395943104997252468084598727364469584865383673622262609912460805124388439045124413654976278079771569143599770012961608944169486855584840635342207222582848864815845602850601684273945226746767889525213852254995466672782398645659611635488623057745649803559363456817432411251507606947945109659609402522887971089314566913686722874894056010150330861792868092087476091782493858900971490967598526136554978189312978482168299894872265880485756401427047755513237964145152374623436454285844479526586782105114135473573952311342716610213596953623144295248493718711014576540359027993440374200731057853906219838744780847848968332144571386875194350643021845319104848100537061468067491927819119793995206141966342875444064374512371819217999839101591956181467514269123974894090718649423196156794520809514655022523160388193014209376213785595663893778708303906979207734672218256259966150142150306803844773454920260541466592520149744285073251866600213243408819071048633173464965145390579626856100550810665879699816357473638405257145910289706414011097120628043903975951567715770042033786993600723055876317635942187312514712053292819182618612586732157919841484882916447060957527069572209175671167229109816909152801735067127485832228718352093539657251210835791513698820914442100675103346711031412671113699086585163983150197016515116851714376576183515565088490998985998238734552833163550764791853589322618548963213293308985706420467525907091548141654985946163718027098199430992448895757128289059232332609729971208443357326548938239119325974636673058360414281388303203824903758985243744170291327656180937734440307074692112019130203303801976211011004492932151608424448596376698389522868478312355265821314495768572624334418930396864262434107732269780280731891544110104468232527162010526522721116603966655730925471105578537634668206531098965269186205647693125705863566201855810072936065987648611791045334885034611365768675324944166803962657978771855608455296541266540853061434443185867697514566140680070023787765913440171274947042056223053899456131407112700040785473326993908145466464588079727082668306343285878569830523580893306575740679545716377525420211495576158140025012622859413021647155097925923099079654737612551765675135751782966645477917450112996148903046399471329621073404375189573596145890193897131117904297828564750320319869151402870808599048010941214722131794764777262241425485454033215718530614228813758504306332175182979866223717215916077166925474873898665494945011465406284336639379003976926567214638530673609657120918076383271664162748888007869256029022847210403172118608204190004229661711963779213375751149595015660496318629472654736425230817703675159067350235072835405670403867435136222247715891504953098444893330963408780769325993978054193414473774418426312986080998886874132604721
diff --git a/security/nss/lib/freebl/mpi/timetest b/security/nss/lib/freebl/mpi/timetest
deleted file mode 100755
index d78f3c56a..000000000
--- a/security/nss/lib/freebl/mpi/timetest
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/bin/sh
-
-# 
-# Simple timing test for the MPI library.  Basically, we use prime
-# generation as a timing test, since it exercises most of the pathways
-# of the library fairly heavily.  The 'primegen' tool outputs a line
-# summarizing timing results.  We gather these and process them for
-# statistical information, which is collected into a file.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##	Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-## 
-# $Id$
-#
-
-# Avoid using built-in shell echoes
-ECHO=/bin/echo
-MAKE=gmake
-
-# Use a fixed seed so timings will be more consistent
-# This one is the 11th-18th decimal digits of 'e'
-#export SEED=45904523
-SEED=45904523; export SEED
-
-#------------------------------------------------------------------------
-
-$ECHO "\n** Running timing tests for MPI library\n"
-
-$ECHO "Bringing 'metime' up to date ... "
-if $MAKE metime ; then
-    :
-else 
-    $ECHO "\nMake failed to build metime.\n"
-    exit 1
-fi
-
-if [ ! -x ./metime ] ; then 
-    $ECHO "\nCannot find 'metime' program, testing cannot continue.\n"
-    exit 1
-fi
-
-#------------------------------------------------------------------------
-
-$ECHO "Bringing 'primegen' up to date ... "
-if $MAKE primegen ; then
-    :
-else
-    $ECHO "\nMake failed to build primegen.\n"
-    exit 1
-fi
-
-if [ ! -x ./primegen ] ; then
-    $ECHO "\nCannot find 'primegen' program, testing cannot continue.\n"
-    exit 1
-fi
-
-#------------------------------------------------------------------------
-
-rm -f timing-results.txt
-touch timing-results.txt
-
-sizes="256 512 1024 2048"
-ntests=10
-
-trap 'echo "oop!";rm -f tt*.tmp timing-results.txt;exit 0' INT HUP
-
-$ECHO "\n-- Modular exponentiation\n"
-$ECHO "Modular exponentiation:" >> timing-results.txt
-
-$ECHO "Running $ntests modular exponentiations per test:"
-for size in $sizes ; do
-    $ECHO "- Gathering statistics for $size bits ... "
-    secs=`./metime $ntests $size | tail -1 | awk '{print $2}'`
-    $ECHO "$size: " $secs " seconds per op" >> timing-results.txt
-    tail -1 timing-results.txt
-done
-
-$ECHO "<done>";
-
-sizes="256 512 1024"
-ntests=1
-
-$ECHO "\n-- Prime generation\n"
-$ECHO "Prime generation:" >> timing-results.txt
-
-$ECHO "Generating $ntests prime values per test:"
-for size in $sizes ; do
-    $ECHO "- Gathering statistics for $size bits ... "
-    ./primegen $size $ntests | grep ticks | awk '{print $7}' | tr -d '(' > tt$$.tmp
-    $ECHO "$size:" >> timing-results.txt
-    perl stats tt$$.tmp >> timing-results.txt
-    tail -1 timing-results.txt
-    rm -f tt$$.tmp
-done
-
-$ECHO "<done>"
-
-trap 'rm -f tt*.tmp timing-results.txt' INT HUP
-
-exit 0
-
diff --git a/security/nss/lib/freebl/mpi/types.pl b/security/nss/lib/freebl/mpi/types.pl
deleted file mode 100755
index 5f2a2f4d1..000000000
--- a/security/nss/lib/freebl/mpi/types.pl
+++ /dev/null
@@ -1,158 +0,0 @@
-#!/usr/bin/perl
-
-#
-# types.pl - find recommended type definitions for digits and words
-#
-# This script scans the Makefile for the C compiler and compilation
-# flags currently in use, and using this combination, attempts to
-# compile a simple test program that outputs the sizes of the various
-# unsigned integer types, in bytes.  Armed with these, it finds all
-# the "viable" type combinations for mp_digit and mp_word, where
-# viability is defined by the requirement that mp_word be at least two
-# times the precision of mp_digit.
-#
-# Of these, the one with the largest digit size is chosen, and
-# appropriate typedef statements are written to standard output.
-# 
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-@_=split(/\//,$0);chomp($prog=pop(@_));
-
-# The array of integer types to be considered...
-@TYPES = ( 
-	   "unsigned char", 
-	   "unsigned short", 
-	   "unsigned int", 
-	   "unsigned long"
-);
-
-# Macro names for the maximum unsigned value of each type
-%TMAX = ( 
-	  "unsigned char"   => "UCHAR_MAX",
-	  "unsigned short"  => "USHRT_MAX",
-	  "unsigned int"    => "UINT_MAX",
-	  "unsigned long"   => "ULONG_MAX"
-);
-
-# Read the Makefile to find out which C compiler to use
-open(MFP, "<Makefile") or die "$prog: Makefile: $!\n";
-while(<MFP>) {
-    chomp;
-    if(/^CC=(.*)$/) {
-	$cc = $1;
-	last if $cflags;
-    } elsif(/^CFLAGS=(.*)$/) {
-	$cflags = $1;
-	last if $cc;
-    }
-}
-close(MFP);
-
-# If we couldn't find that, use 'cc' by default
-$cc = "cc" unless $cc;
-
-printf STDERR "Using '%s' as the C compiler.\n", $cc;
-
-print STDERR "Determining type sizes ... \n";
-open(OFP, ">tc$$.c") or die "$prog: tc$$.c: $!\n";
-print OFP "#include <stdio.h>\n\nint main(void)\n{\n";
-foreach $type (@TYPES) {
-    printf OFP "\tprintf(\"%%d\\n\", (int)sizeof(%s));\n", $type;
-}
-print OFP "\n\treturn 0;\n}\n";
-close(OFP);
-
-system("$cc $cflags -o tc$$ tc$$.c");
-
-die "$prog: unable to build test program\n" unless(-x "tc$$");
-
-open(IFP, "./tc$$|") or die "$prog: can't execute test program\n";
-$ix = 0;
-while(<IFP>) {
-    chomp;
-    $size{$TYPES[$ix++]} = $_;
-}
-close(IFP);
-
-unlink("tc$$");
-unlink("tc$$.c");
-
-print STDERR "Selecting viable combinations ... \n";
-while(($type, $size) = each(%size)) {
-    push(@ts, [ $size, $type ]);
-}
-
-# Sort them ascending by size 
-@ts = sort { $a->[0] <=> $b->[0] } @ts;
-
-# Try all possible combinations, finding pairs in which the word size
-# is twice the digit size.  The number of possible pairs is too small
-# to bother doing this more efficiently than by brute force
-for($ix = 0; $ix <= $#ts; $ix++) {
-    $w = $ts[$ix];
-
-    for($jx = 0; $jx <= $#ts; $jx++) {
-	$d = $ts[$jx];
-
-	if($w->[0] == 2 * $d->[0]) {
-	    push(@valid, [ $d, $w ]);
-	}
-    }
-}
-
-# Sort descending by digit size
-@valid = sort { $b->[0]->[0] <=> $a->[0]->[0] } @valid;
-
-# Select the maximum as the recommended combination
-$rec = shift(@valid);
-
-printf("typedef %-18s mp_sign;\n", "char");
-printf("typedef %-18s mp_digit;  /* %d byte type */\n", 
-       $rec->[0]->[1], $rec->[0]->[0]);
-printf("typedef %-18s mp_word;   /* %d byte type */\n", 
-       $rec->[1]->[1], $rec->[1]->[0]);
-printf("typedef %-18s mp_size;\n", "unsigned int");
-printf("typedef %-18s mp_err;\n\n", "int");
-
-printf("#define %-18s (CHAR_BIT*sizeof(mp_digit))\n", "DIGIT_BIT");
-printf("#define %-18s %s\n", "DIGIT_MAX", $TMAX{$rec->[0]->[1]});
-printf("#define %-18s (CHAR_BIT*sizeof(mp_word))\n", "MP_WORD_BIT");
-printf("#define %-18s %s\n\n", "MP_WORD_MAX", $TMAX{$rec->[1]->[1]});
-printf("#define %-18s (DIGIT_MAX+1)\n\n", "RADIX");
-
-printf("#define %-18s \"%%0%dX\"\n", "DIGIT_FMT", (2 * $rec->[0]->[0]));
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE b/security/nss/lib/freebl/mpi/utils/LICENSE
deleted file mode 100644
index 5f96df7ab..000000000
--- a/security/nss/lib/freebl/mpi/utils/LICENSE
+++ /dev/null
@@ -1,4 +0,0 @@
-Within this directory, each of the file listed below is licensed under 
-the terms given in the file LICENSE-MPL, also in this directory.
-
-PRIMES
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation.  Portions created by Netscape are 
-Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable 
-instead of those above.  If you wish to allow use of your 
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/utils/PRIMES b/security/nss/lib/freebl/mpi/utils/PRIMES
deleted file mode 100644
index ed65703ff..000000000
--- a/security/nss/lib/freebl/mpi/utils/PRIMES
+++ /dev/null
@@ -1,41 +0,0 @@
-Probable primes (sorted by number of significant bits)
-
- 128: 81386202757205669562183851789305348631
-
- 128: 180241813863264101444573802809858694397
-
- 128: 245274683055224433281596312431122059021
-
- 128: 187522309397665259809392608791686659539
-
- 256: 83252422946206411852330647237287722547866360773229941071371588246436\
-      513990159
-
- 256: 79132571131322331023736933767063051273085304521895229780914612117520\
-      058517909
-
- 256: 72081815425552909748220041100909735706208853818662000557743644603407\
-      965465527
-
- 256: 87504602391905701494845474079163412737334477797316409702279059573654\
-      274811271
-
- 512: 12233064210800062190450937494718705259777386009095453001870729392786\
-      63450255179083524798507997690270500580265258111668148238355016411719\
-      9168737693316468563
-
- 512: 12003639081420725322369909586347545220275253633035565716386136197501\
-      88208318984400479275215620499883521216480724155582768193682335576385\
-      2069481074929084063
-
-1024: 16467877625718912296741904171202513097057724053648819680815842057593\
-      20371835940722471475475803725455063836431454757000451907612224427007\
-      63984592414360595161051906727075047683803534852982766542661204179549\
-      77327573530800542562611753617736693359790119074768292178493884576587\
-      0230450429880021317876149636714743053
-
-1024: 16602953991090311275234291158294516471009930684624948451178742895360\
-      86073703307475884280944414508444679430090561246728195735962931545473\
-      40743240318558456247740186704660778277799687988031119436541068736925\
-      20563780233711166724859277827382391527748470939542560819625727876091\
-      5372193745283891895989104479029844957
diff --git a/security/nss/lib/freebl/mpi/utils/README b/security/nss/lib/freebl/mpi/utils/README
deleted file mode 100644
index 86887bf81..000000000
--- a/security/nss/lib/freebl/mpi/utils/README
+++ /dev/null
@@ -1,239 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is 
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are 
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above.  If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
-
-Additional MPI utilities
-------------------------
-
-The files 'mpprime.h' and 'mpprime.c' define some useful extensions to
-the MPI library for dealing with prime numbers (in particular, testing
-for divisbility, and the Rabin-Miller probabilistic primality test).
-
-The files 'mplogic.h' and 'mplogic.c' define extensions to the MPI
-library for doing bitwise logical operations and shifting.
-
-This document assumes you have read the help file for the MPI library
-and understand its conventions.
-
-Divisibility (mpprime.h)
-------------
-
-To test a number for divisibility by another number:
-
-mpp_divis(a, b)		- test if b|a
-mpp_divis_d(a, d)	- test if d|a
-
-Each of these functions returns MP_YES if its initial argument is
-divisible by its second, or MP_NO if it is not.  Other errors may be
-returned as appropriate (such as MP_RANGE if you try to test for
-divisibility by zero).
-
-Randomness (mpprime.h)
-----------
-
-To generate random data:
-
-mpp_random(a)		- fill a with random data
-mpp_random_size(a, p)   - fill a with p digits of random data
-
-The mpp_random_size() function increases the precision of a to at
-least p, then fills all those digits randomly.  The mp_random()
-function fills a to its current precision (as determined by the number
-of significant digits, USED(a))
-
-Note that these functions simply use the C library's rand() function
-to fill a with random digits up to its precision.  This should be
-adequate for primality testing, but should not be used for
-cryptographic applications where truly random values are required for
-security.  
-
-You should call srand() in your driver program in order to seed the
-random generator; this function doesn't call it.
-
-Primality Testing (mpprime.h)
------------------
-
-mpp_divis_vector(a, v, s, w)   - is a divisible by any of the s values
-                                 in v, and if so, w = which.
-mpp_divis_primes(a, np)   - is a divisible by any of the first np primes?
-mpp_fermat(a, w)          - is a pseudoprime with respect to witness w?
-mpp_pprime(a, nt)	  - run nt iterations of Rabin-Miller on a.
-
-The mpp_divis_vector() function tests a for divisibility by each
-member of an array of digits.  The array is v, the size of that array
-is s.  Returns MP_YES if a is divisible, and stores the index of the
-offending digit in w.  Returns MP_NO if a is not divisible by any of
-the digits in the array.
-
-A small table of primes is compiled into the library (typically the
-first 128 primes, although you can change this by editing the file
-'primes.c' before you build).  The global variable prime_tab_size
-contains the number of primes in the table, and the values themselves
-are in the array prime_tab[], which is an array of mp_digit.
-
-The mpp_divis_primes() function is basically just a wrapper around
-mpp_divis_vector() that uses prime_tab[] as the test vector.  The np
-parameter is a pointer to an mp_digit -- on input, it should specify
-the number of primes to be tested against.  If a is divisible by any
-of the primes, MP_YES is returned and np is given the prime value that
-divided a (you can use this if you're factoring, for example).
-Otherwise, MP_NO is returned and np is untouched.
-
-The function mpp_fermat() performs Fermat's test, using w as a
-witness.  This test basically relies on the fact that if a is prime,
-and w is relatively prime to a, then:
-
-	w^a = w (mod a)
-
-That is,
-
-	w^(a - 1) = 1 (mod a)
-
-The function returns MP_YES if the test passes, MP_NO if it fails.  If
-w is relatively prime to a, and the test fails, a is definitely
-composite.  If w is relatively prime to a and the test passes, then a
-is either prime, or w is a false witness (the probability of this
-happening depends on the choice of w and of a ... consult a number
-theory textbook for more information about this).  
-
-Note:  If (w, a) != 1, the output of this test is meaningless.
-----
-
-The function mpp_pprime() performs the Rabin-Miller probabilistic
-primality test for nt rounds.  If all the tests pass, MP_YES is
-returned, and a is probably prime.  The probability that an answer of
-MP_YES is incorrect is no greater than 1 in 4^nt, and in fact is
-usually much less than that (this is a pessimistic estimate).  If any
-test fails, MP_NO is returned, and a is definitely composite.
-
-Bruce Schneier recommends at least 5 iterations of this test for most
-cryptographic applications; Knuth suggests that 25 are reasonable.
-Run it as many times as you feel are necessary.
-
-See the programs 'makeprime.c' and 'isprime.c' for reasonable examples
-of how to use these functions for primality testing.
-
-
-Bitwise Logic (mplogic.c)
--------------
-
-The four commonest logical operations are implemented as:
-
-mpl_not(a, b)		- Compute bitwise (one's) complement, b = ~a
-
-mpl_and(a, b, c)	- Compute bitwise AND, c = a & b
-
-mpl_or(a, b, c)		- Compute bitwise OR, c = a | b
-
-mpl_xor(a, b, c)	- Compute bitwise XOR, c = a ^ b
-
-Left and right shifts are available as well.  These take a number to
-shift, a destination, and a shift amount.  The shift amount must be a
-digit value between 0 and DIGIT_BIT inclusive; if it is not, MP_RANGE
-will be returned and the shift will not happen.
-
-mpl_rsh(a, b, d)	- Compute logical right shift, b = a >> d
-
-mpl_lsh(a, b, d)	- Compute logical left shift, b = a << d
-
-Since these are logical shifts, they fill with zeroes (the library
-uses a signed magnitude representation, so there are no sign bits to
-extend anyway).
-
-
-Command-line Utilities
-----------------------
-
-A handful of interesting command-line utilities are provided.  These
-are:
-
-lap.c		- Find the order of a mod m.  Usage is 'lap <a> <m>'.
-                  This uses a dumb algorithm, so don't use it for 
-                  a really big modulus.
-
-invmod.c	- Find the inverse of a mod m, if it exists.  Usage
-		  is 'invmod <a> <m>'
-
-sieve.c		- A simple bitmap-based implementation of the Sieve
-		  of Eratosthenes.  Used to generate the table of 
-		  primes in primes.c.  Usage is 'sieve <nbits>'
-
-prng.c          - Uses the routines in bbs_rand.{h,c} to generate
-                  one or more 32-bit pseudo-random integers.  This
-                  is mainly an example, not intended for use in a
-                  cryptographic application (the system time is 
-                  the only source of entropy used)
-
-dec2hex.c       - Convert decimal to hexadecimal
-
-hex2dec.c       - Convert hexadecimal to decimal
-
-basecvt.c       - General radix conversion tool (supports 2-64)
-
-isprime.c       - Probabilistically test an integer for primality
-                  using the Rabin-Miller pseudoprime test combined
-                  with division by small primes.
-
-primegen.c      - Generate primes at random.
-
-exptmod.c       - Perform modular exponentiation
-
-ptab.pl		- A Perl script to munge the output of the sieve
-		  program into a compilable C structure.
-
-
-Other Files
------------
-
-PRIMES		- Some randomly generated numbers which are prime with
-		  extremely high probability.
-
-README		- You're reading me already.
-
-
-About the Author
-----------------
-
-This software was written by Michael J. Fromberger.  You can contact
-the author as follows:
-
-E-mail:	  <sting@linguist.dartmouth.edu>
-
-Postal:	  8000 Cummings Hall, Thayer School of Engineering
-	  Dartmouth College, Hanover, New Hampshire, USA
-
-PGP key:  http://linguist.dartmouth.edu/~sting/keys/mjf.html
-          9736 188B 5AFA 23D6 D6AA  BE0D 5856 4525 289D 9907
-
-Last updated:  $Id$
diff --git a/security/nss/lib/freebl/mpi/utils/basecvt.c b/security/nss/lib/freebl/mpi/utils/basecvt.c
deleted file mode 100644
index 90ed0f66b..000000000
--- a/security/nss/lib/freebl/mpi/utils/basecvt.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- *  basecvt.c
- *
- *  Convert integer values specified on the command line from one input
- *  base to another.  Accepts input and output bases between 2 and 36
- *  inclusive.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-#define IBASE     10
-#define OBASE     16
-#define USAGE     "Usage: %s ibase obase [value]\n"
-#define MAXBASE   64
-#define MINBASE   2
-
-int main(int argc, char *argv[])
-{
-  int    ix, ibase = IBASE, obase = OBASE;
-  mp_int val;
-
-  ix = 1;
-  if(ix < argc) {
-    ibase = atoi(argv[ix++]);
-    
-    if(ibase < MINBASE || ibase > MAXBASE) {
-      fprintf(stderr, "%s: input radix must be between %d and %d inclusive\n",
-	      argv[0], MINBASE, MAXBASE);
-      return 1;
-    }
-  }
-  if(ix < argc) {
-    obase = atoi(argv[ix++]);
-
-    if(obase < MINBASE || obase > MAXBASE) {
-      fprintf(stderr, "%s: output radix must be between %d and %d inclusive\n",
-	      argv[0], MINBASE, MAXBASE);
-      return 1;
-    }
-  }
-
-  mp_init(&val);
-  while(ix < argc) {
-    char  *out;
-    int    outlen;
-
-    mp_read_radix(&val, argv[ix++], ibase);
-
-    outlen = mp_radix_size(&val, obase);
-    out = calloc(outlen, sizeof(char));
-    mp_toradix(&val, out, obase);
-
-    printf("%s\n", out);
-    free(out);
-  }
-
-  mp_clear(&val);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.c b/security/nss/lib/freebl/mpi/utils/bbs_rand.c
deleted file mode 100644
index c3e8b869b..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbs_rand.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- *  Blum, Blum & Shub PRNG using the MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include "bbs_rand.h"
-
-#define SEED     1
-#define MODULUS  2
-
-/* This modulus is the product of two randomly generated 512-bit
-   prime integers, each of which is congruent to 3 (mod 4).          */
-static char *bbs_modulus = 
-"75A2A6E1D27393B86562B9CE7279A8403CB4258A637DAB5233465373E37837383EDC"
-"332282B8575927BC4172CE8C147B4894050EE9D2BDEED355C121037270CA2570D127"
-"7D2390CD1002263326635CC6B259148DE3A1A03201980A925E395E646A5E9164B0EC"
-"28559EBA58C87447245ADD0651EDA507056A1129E3A3E16E903D64B437";
-
-static int    bbs_init = 0;  /* flag set when library is initialized */
-static mp_int bbs_state;     /* the current state of the generator   */
-
-/* Suggested size of random seed data */
-int           bbs_seed_size = (sizeof(bbs_modulus) / 2);
-
-void         bbs_srand(unsigned char *data, int len)
-{
-  if((bbs_init & SEED) == 0) {
-    mp_init(&bbs_state);
-    bbs_init |= SEED;
-  }
-
-  mp_read_raw(&bbs_state, (char *)data, len);
-
-} /* end bbs_srand() */
-
-unsigned int bbs_rand(void)
-{
-  static mp_int   modulus;
-  unsigned int    result = 0, ix;
-
-  if((bbs_init & MODULUS) == 0) {
-    mp_init(&modulus);
-    mp_read_radix(&modulus, bbs_modulus, 16);
-    bbs_init |= MODULUS;
-  }
-
-  for(ix = 0; ix < sizeof(unsigned int); ix++) {
-    mp_digit   d;
-
-    mp_sqrmod(&bbs_state, &modulus, &bbs_state);
-    d = DIGIT(&bbs_state, 0);
-
-    result = (result << CHAR_BIT) | (d & UCHAR_MAX);
-  }
-
-  return result;
-
-} /* end bbs_rand() */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.h b/security/nss/lib/freebl/mpi/utils/bbs_rand.h
deleted file mode 100644
index de4587421..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbs_rand.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- *  bbs_rand.h
- *
- *  Blum, Blum & Shub PRNG using the MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- *  $Id$
- */
-
-#ifndef _H_BBSRAND_
-#define _H_BBSRAND_
-
-#include <limits.h>
-#include "mpi.h"
-
-#define  BBS_RAND_MAX    UINT_MAX
-
-/* Suggested length of seed data */
-extern int bbs_seed_size;
-
-void         bbs_srand(unsigned char *data, int len);
-unsigned int bbs_rand(void);
-
-#endif /* end _H_BBSRAND_ */
diff --git a/security/nss/lib/freebl/mpi/utils/bbsrand.c b/security/nss/lib/freebl/mpi/utils/bbsrand.c
deleted file mode 100644
index 28600fabe..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbsrand.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- *  bbsrand.c
- *
- *  Test driver for routines in bbs_rand.h
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <limits.h>
-
-#include "bbs_rand.h"
-
-#define NUM_TESTS   100
-
-int main(void)
-{
-  unsigned int   seed, result, ix;
-
-  seed = time(NULL);
-  bbs_srand((unsigned char *)&seed, sizeof(seed));
-
-  for(ix = 0; ix < NUM_TESTS; ix++) {
-    result = bbs_rand();
-    
-    printf("Test %3u: %08X\n", ix + 1, result);
-  }
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/dec2hex.c b/security/nss/lib/freebl/mpi/utils/dec2hex.c
deleted file mode 100644
index 9bdcfa018..000000000
--- a/security/nss/lib/freebl/mpi/utils/dec2hex.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- *  dec2hex.c
- *
- *  Convert decimal integers into hexadecimal
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int  a;
-  char   *buf;
-  int     len;
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <a>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a); mp_read_radix(&a, argv[1], 10);
-  len = mp_radix_size(&a, 16);
-  buf = malloc(len);
-  mp_toradix(&a, buf, 16);
-
-  printf("%s\n", buf);
-
-  free(buf);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/exptmod.c b/security/nss/lib/freebl/mpi/utils/exptmod.c
deleted file mode 100644
index d5e66ac37..000000000
--- a/security/nss/lib/freebl/mpi/utils/exptmod.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- *  exptmod.c
- *
- * Command line tool to perform modular exponentiation on arbitrary
- * precision integers.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$ 
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int  a, b, m;
-  mp_err  res;
-  char   *str;
-  int     len, rval = 0;
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a); mp_init(&b); mp_init(&m);
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&b, argv[2], 10);
-  mp_read_radix(&m, argv[3], 10);
-
-  if((res = mp_exptmod(&a, &b, &m, &a)) != MP_OKAY) {
-    fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
-    rval = 1;
-  } else {
-    len = mp_radix_size(&a, 10);
-    str = calloc(len, sizeof(char));
-    mp_toradix(&a, str, 10);
-
-    printf("%s\n", str);
-
-    free(str);
-  }
-
-  mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
-  return rval;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/fact.c b/security/nss/lib/freebl/mpi/utils/fact.c
deleted file mode 100644
index 02b6711c9..000000000
--- a/security/nss/lib/freebl/mpi/utils/fact.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * fact.c
- *
- * Compute factorial of input integer
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-mp_err mp_fact(mp_int *a, mp_int *b);
-
-int main(int argc, char *argv[])
-{
-  mp_int  a;
-  mp_err  res;
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <number>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a);
-  mp_read_radix(&a, argv[1], 10);
-
-  if((res = mp_fact(&a, &a)) != MP_OKAY) {
-    fprintf(stderr, "%s: error: %s\n", argv[0],
-	    mp_strerror(res));
-    mp_clear(&a);
-    return 1;
-  }
-
-  {
-    char  *buf;
-    int    len;
-
-    len = mp_radix_size(&a, 10);
-    buf = malloc(len);
-    mp_todecimal(&a, buf);
-
-    puts(buf);
-
-    free(buf);
-  }
-
-  mp_clear(&a);
-  return 0;
-}
-
-mp_err mp_fact(mp_int *a, mp_int *b)
-{
-  mp_int    ix, s;
-  mp_err    res = MP_OKAY;
-
-  if(mp_cmp_z(a) < 0)
-    return MP_UNDEF;
-
-  mp_init(&s);
-  mp_add_d(&s, 1, &s);   /* s = 1  */
-  mp_init(&ix);
-  mp_add_d(&ix, 1, &ix); /* ix = 1 */
-
-  for(/*  */; mp_cmp(&ix, a) <= 0; mp_add_d(&ix, 1, &ix)) {
-    if((res = mp_mul(&s, &ix, &s)) != MP_OKAY)
-      break;
-  }
-
-  mp_clear(&ix);
-
-  /* Copy out results if we got them */
-  if(res == MP_OKAY)
-    mp_copy(&s, b);
-
-  mp_clear(&s);
-
-  return res;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/gcd.c b/security/nss/lib/freebl/mpi/utils/gcd.c
deleted file mode 100644
index b36c7f281..000000000
--- a/security/nss/lib/freebl/mpi/utils/gcd.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- *  gcd.c
- *
- *  Greatest common divisor
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-char     *g_prog = NULL;
-
-void print_mp_int(mp_int *mp, FILE *ofp);
-
-int main(int argc, char *argv[]) 
-{
-  mp_int   a, b, x, y;
-  mp_err   res;
-  int      ext = 0;
-
-  g_prog = argv[0];
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <b>\n", g_prog);
-    return 1;
-  }
-
-  mp_init(&a); mp_read_radix(&a, argv[1], 10);
-  mp_init(&b); mp_read_radix(&b, argv[2], 10);
-
-  /* If we were called 'xgcd', compute x, y so that g = ax + by */
-  if(strcmp(g_prog, "xgcd") == 0) {
-    ext = 1;
-    mp_init(&x); mp_init(&y);
-  }
-
-  if(ext) {
-    if((res = mp_xgcd(&a, &b, &a, &x, &y)) != MP_OKAY) {
-      fprintf(stderr, "%s: error: %s\n", g_prog, mp_strerror(res));
-      mp_clear(&a); mp_clear(&b);
-      mp_clear(&x); mp_clear(&y);
-      return 1;
-    }
-  } else {
-    if((res = mp_gcd(&a, &b, &a)) != MP_OKAY) {
-      fprintf(stderr, "%s: error: %s\n", g_prog,
-	      mp_strerror(res));
-      mp_clear(&a); mp_clear(&b);
-      return 1;
-    }
-  }
-
-  print_mp_int(&a, stdout); 
-  if(ext) {
-    fputs("x = ", stdout); print_mp_int(&x, stdout); 
-    fputs("y = ", stdout); print_mp_int(&y, stdout); 
-  }
-
-  mp_clear(&a); mp_clear(&b);
-
-  if(ext) {
-    mp_clear(&x);
-    mp_clear(&y);
-  }
-
-  return 0;
-
-}
-
-void print_mp_int(mp_int *mp, FILE *ofp)
-{
-  char  *buf;
-  int    len;
-
-  len = mp_radix_size(mp, 10);
-  buf = calloc(len, sizeof(char));
-  mp_todecimal(mp, buf);
-  fprintf(ofp, "%s\n", buf);
-  free(buf);
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/hex2dec.c b/security/nss/lib/freebl/mpi/utils/hex2dec.c
deleted file mode 100644
index 97aad55c9..000000000
--- a/security/nss/lib/freebl/mpi/utils/hex2dec.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- *  hex2dec.c
- *
- *  Convert decimal integers into hexadecimal
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int  a;
-  char   *buf;
-  int     len;
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <a>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a); mp_read_radix(&a, argv[1], 16);
-  len = mp_radix_size(&a, 10);
-  buf = malloc(len);
-  mp_toradix(&a, buf, 10);
-
-  printf("%s\n", buf);
-
-  free(buf);
-  mp_clear(&a);
-
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/identest.c b/security/nss/lib/freebl/mpi/utils/identest.c
deleted file mode 100644
index a75d2b352..000000000
--- a/security/nss/lib/freebl/mpi/utils/identest.c
+++ /dev/null
@@ -1,79 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include "mpi.h"
-#include "mpprime.h"
-#include <sys/types.h>
-#include <time.h>
-
-#define MAX_PREC (4096 / MP_DIGIT_BIT)
-
-mp_err identity_test(void)
-{
-  mp_size       preca, precb;
-  mp_err        res;
-  mp_int        a, b;
-  mp_int        t1, t2, t3, t4, t5;
-
-  preca = (rand() % MAX_PREC) + 1;
-  precb = (rand() % MAX_PREC) + 1;
-
-  MP_DIGITS(&a) = 0;
-  MP_DIGITS(&b) = 0;
-  MP_DIGITS(&t1) = 0;
-  MP_DIGITS(&t2) = 0;
-  MP_DIGITS(&t3) = 0;
-  MP_DIGITS(&t4) = 0;
-  MP_DIGITS(&t5) = 0;
-
-  MP_CHECKOK( mp_init(&a)  );
-  MP_CHECKOK( mp_init(&b)  );
-  MP_CHECKOK( mp_init(&t1) );
-  MP_CHECKOK( mp_init(&t2) );
-  MP_CHECKOK( mp_init(&t3) );
-  MP_CHECKOK( mp_init(&t4) );
-  MP_CHECKOK( mp_init(&t5) );
-
-  MP_CHECKOK( mpp_random_size(&a, preca) );
-  MP_CHECKOK( mpp_random_size(&b, precb) );
-
-  if (mp_cmp(&a, &b) < 0)
-    mp_exch(&a, &b);
-
-  MP_CHECKOK( mp_mod(&a, &b, &t1) );       /* t1 = a%b */
-  MP_CHECKOK( mp_div(&a, &b, &t2, NULL) ); /* t2 = a/b */
-  MP_CHECKOK( mp_mul(&b, &t2, &t3) );      /* t3 = (a/b)*b */
-  MP_CHECKOK( mp_add(&t1, &t3, &t4) );     /* t4 = a%b + (a/b)*b */
-  MP_CHECKOK( mp_sub(&t4, &a, &t5) );      /* t5 = a%b + (a/b)*b - a */
-  if (mp_cmp_z(&t5) != 0) {
-    res = MP_UNDEF;
-    goto CLEANUP;
-  }
-
-CLEANUP:
-  mp_clear(&t5);
-  mp_clear(&t4);
-  mp_clear(&t3);
-  mp_clear(&t2);
-  mp_clear(&t1);
-  mp_clear(&b);
-  mp_clear(&a);
-  return res;
-}
-
-int
-main(void)
-{
-  unsigned int  seed = (unsigned int)time(NULL);
-  unsigned long count = 0;
-  mp_err        res;
-
-  srand(seed);
-
-  while (MP_OKAY == (res = identity_test())) {
-     if ((++count % 100) == 0)
-       fputc('.', stderr);
-  }
-
-  fprintf(stderr, "\ntest failed, err %d\n", res);
-  return res;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/invmod.c b/security/nss/lib/freebl/mpi/utils/invmod.c
deleted file mode 100644
index df58bb6d1..000000000
--- a/security/nss/lib/freebl/mpi/utils/invmod.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- *  invmod.c
- *
- *  Compute modular inverses
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
-  mp_int    a, m;
-  mp_err    res;
-  char     *buf;
-  int       len, out = 0;
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a); mp_init(&m);
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&m, argv[2], 10);
-
-  if(mp_cmp(&a, &m) > 0)
-    mp_mod(&a, &m, &a);
-
-  switch((res = mp_invmod(&a, &m, &a))) {
-  case MP_OKAY:
-    len = mp_radix_size(&a, 10);
-    buf = malloc(len);
-
-    mp_toradix(&a, buf, 10);
-    printf("%s\n", buf);
-    free(buf);
-    break;
-
-  case MP_UNDEF:
-    printf("No inverse\n");
-    out = 1;
-    break;
-
-  default:
-    printf("error: %s (%d)\n", mp_strerror(res), res);
-    out = 2;
-    break;
-  }
-
-  mp_clear(&a);
-  mp_clear(&m);
-
-  return out;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/isprime.c b/security/nss/lib/freebl/mpi/utils/isprime.c
deleted file mode 100644
index f9cd9707b..000000000
--- a/security/nss/lib/freebl/mpi/utils/isprime.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- *  isprime.c
- *
- *  Probabilistic primality tester command-line tool
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-#define  RM_TESTS       15   /* how many iterations of Rabin-Miller? */
-#define  MINIMUM        1024 /* don't bother us with a < this        */
-
-int      g_tests = RM_TESTS;
-char    *g_prog = NULL;
-
-int main(int argc, char *argv[])
-{
-  mp_int   a;
-  mp_digit np = prime_tab_size; /* from mpprime.h */
-  int      res = 0;
-
-  g_prog = argv[0];
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <a>, where <a> is a decimal integer\n"
-	    "Use '0x' prefix for a hexadecimal value\n", g_prog);
-    return 1;
-  }
-
-  /* Read number of tests from environment, if present */
-  {
-    char *tmp;
-
-    if((tmp = getenv("RM_TESTS")) != NULL) {
-      if((g_tests = atoi(tmp)) <= 0)
-	g_tests = RM_TESTS;
-    }
-  }
-
-  mp_init(&a);
-  if(argv[1][0] == '0' && argv[1][1] == 'x')
-    mp_read_radix(&a, argv[1] + 2, 16);
-  else
-    mp_read_radix(&a, argv[1], 10);
-
-  if(mp_cmp_d(&a, MINIMUM) <= 0) {
-    fprintf(stderr, "%s: please use a value greater than %d\n", 
-	    g_prog, MINIMUM);
-    mp_clear(&a);
-    return 1;
-  }
-
-  /* Test for divisibility by small primes */
-  if(mpp_divis_primes(&a, &np) != MP_NO) {
-    printf("Not prime (divisible by small prime %d)\n", np);
-    res = 2;
-    goto CLEANUP;
-  }
-
-  /* Test with Fermat's test, using 2 as a witness */
-  if(mpp_fermat(&a, 2) != MP_YES) {
-    printf("Not prime (failed Fermat test)\n");
-    res = 2;
-    goto CLEANUP;
-  }
- 
-  /* Test with Rabin-Miller probabilistic test */
-  if(mpp_pprime(&a, g_tests) == MP_NO) {
-      printf("Not prime (failed pseudoprime test)\n");
-      res = 2;
-      goto CLEANUP;
-  }
-
-  printf("Probably prime, 1 in 4^%d chance of false positive\n", g_tests);
-
-CLEANUP:
-  mp_clear(&a);
-  
-  return res;
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/lap.c b/security/nss/lib/freebl/mpi/utils/lap.c
deleted file mode 100644
index ababed7f3..000000000
--- a/security/nss/lib/freebl/mpi/utils/lap.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- *  lap.c
- *
- *  Find least annihilating power of a mod m
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-
-#include "mpi.h"
-
-void sig_catch(int ign);
-
-int g_quit = 0;
-
-int main(int argc, char *argv[])
-{
-  mp_int   a, m, p, k;
-
-  if(argc < 3) {
-    fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
-    return 1;
-  }
-
-  mp_init(&a);
-  mp_init(&m);
-  mp_init(&p);
-  mp_add_d(&p, 1, &p);
-
-  mp_read_radix(&a, argv[1], 10);
-  mp_read_radix(&m, argv[2], 10);
-
-  mp_init_copy(&k, &a);
-
-  signal(SIGINT, sig_catch);
-#ifndef __OS2__
-  signal(SIGHUP, sig_catch);
-#endif
-  signal(SIGTERM, sig_catch);
-
-  while(mp_cmp(&p, &m) < 0) {
-    if(g_quit) {
-	int  len;
-	char *buf;
-
-	len = mp_radix_size(&p, 10);
-	buf = malloc(len);
-	mp_toradix(&p, buf, 10);
-	
-	fprintf(stderr, "Terminated at: %s\n", buf);
-	free(buf);
-	return 1;
-    }
-    if(mp_cmp_d(&k, 1) == 0) {
-      int    len;
-      char  *buf;
-
-      len = mp_radix_size(&p, 10);
-      buf = malloc(len);
-      mp_toradix(&p, buf, 10);
-
-      printf("%s\n", buf);
-
-      free(buf);
-      break;
-    }
-
-    mp_mulmod(&k, &a, &m, &k);
-    mp_add_d(&p, 1, &p);
-  }
-
-  if(mp_cmp(&p, &m) >= 0) 
-    printf("No annihilating power.\n");
-
-  mp_clear(&p);
-  mp_clear(&m);
-  mp_clear(&a);
-  return 0;
-}
-
-void sig_catch(int ign)
-{
-  g_quit = 1;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/makeprime.c b/security/nss/lib/freebl/mpi/utils/makeprime.c
deleted file mode 100644
index c4deaa9f0..000000000
--- a/security/nss/lib/freebl/mpi/utils/makeprime.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * makeprime.c
- *
- * A simple prime generator function (and test driver).  Prints out the
- * first prime it finds greater than or equal to the starting value.
- *
- * Usage: makeprime <start>
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-
-/* These two must be included for make_prime() to work */
-
-#include "mpi.h"
-#include "mpprime.h"
-
-/*
-  make_prime(p, nr)
-
-  Find the smallest prime integer greater than or equal to p, where
-  primality is verified by 'nr' iterations of the Rabin-Miller
-  probabilistic primality test.  The caller is responsible for
-  generating the initial value of p.
-
-  Returns MP_OKAY if a prime has been generated, otherwise the error
-  code indicates some other problem.  The value of p is clobbered; the
-  caller should keep a copy if the value is needed.  
- */
-mp_err   make_prime(mp_int *p, int nr);
-
-/* The main() is not required -- it's just a test driver */
-int main(int argc, char *argv[])
-{
-  mp_int    start;
-  mp_err    res;
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <start-value>\n", argv[0]);
-    return 1;
-  }
-	    
-  mp_init(&start);
-  if(argv[1][0] == '0' && tolower(argv[1][1]) == 'x') {
-    mp_read_radix(&start, argv[1] + 2, 16);
-  } else {
-    mp_read_radix(&start, argv[1], 10);
-  }
-  mp_abs(&start, &start);
-
-  if((res = make_prime(&start, 5)) != MP_OKAY) {
-    fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
-    mp_clear(&start);
-
-    return 1;
-
-  } else {
-    char  *buf = malloc(mp_radix_size(&start, 10));
-
-    mp_todecimal(&start, buf);
-    printf("%s\n", buf);
-    free(buf);
-    
-    mp_clear(&start);
-
-    return 0;
-  }
-  
-} /* end main() */
-
-/*------------------------------------------------------------------------*/
-
-mp_err   make_prime(mp_int *p, int nr)
-{
-  mp_err  res;
-
-  if(mp_iseven(p)) {
-    mp_add_d(p, 1, p);
-  }
-
-  do {
-    mp_digit   which = prime_tab_size;
-
-    /*  First test for divisibility by a few small primes */
-    if((res = mpp_divis_primes(p, &which)) == MP_YES)
-      continue;
-    else if(res != MP_NO)
-      goto CLEANUP;
-
-    /* If that passes, try one iteration of Fermat's test */
-    if((res = mpp_fermat(p, 2)) == MP_NO)
-      continue;
-    else if(res != MP_YES)
-      goto CLEANUP;
-
-    /* If that passes, run Rabin-Miller as often as requested */
-    if((res = mpp_pprime(p, nr)) == MP_YES)
-      break;
-    else if(res != MP_NO)
-      goto CLEANUP;
-      
-  } while((res = mp_add_d(p, 2, p)) == MP_OKAY);
-
- CLEANUP:
-  return res;
-
-} /* end make_prime() */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/utils/metime.c b/security/nss/lib/freebl/mpi/utils/metime.c
deleted file mode 100644
index 3f39b23a9..000000000
--- a/security/nss/lib/freebl/mpi/utils/metime.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* 
- *  metime.c
- *
- * Modular exponentiation timing test
- *
- * $Id$
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved.
- *
- * Contributor(s):
- *	Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-double clk_to_sec(clock_t start, clock_t stop);
-
-int main(int argc, char *argv[])
-{
-  int          ix, num, prec = 8;
-  unsigned int seed;
-  clock_t      start, stop;
-  double       sec;
-
-  mp_int     a, m, c;
-
-  if(getenv("SEED") != NULL)
-    seed = abs(atoi(getenv("SEED")));
-  else 
-    seed = (unsigned int)time(NULL);
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <num-tests> [<nbits>]\n", argv[0]);
-    return 1;
-  }
-
-  if((num = atoi(argv[1])) < 0)
-    num = -num;
-
-  if(!num) {
-    fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
-    return 1;
-  }
-
-  if(argc > 2) {
-    if((prec = atoi(argv[2])) <= 0)
-      prec = 8;
-    else 
-      prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-
-  }
-  
-  printf("Modular exponentiation timing test\n"
-	 "Precision:  %d digits (%d bits)\n"
-	 "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
-  mp_init_size(&a, prec);
-  mp_init_size(&m, prec);
-  mp_init_size(&c, prec);
-
-  srand(seed);
-
-  start = clock();
-  for(ix = 0; ix < num; ix++) {
-
-    mpp_random_size(&a, prec);
-    mpp_random_size(&c, prec);
-    mpp_random_size(&m, prec);
-    /* set msb and lsb of m */
-    DIGIT(&m,0) |= 1;
-    DIGIT(&m, USED(&m)-1) |= (mp_digit)1 << (DIGIT_BIT - 1);
-    if (mp_cmp(&a, &m) > 0)
-      mp_sub(&a, &m, &a);
-
-    mp_exptmod(&a, &c, &m, &c);
-  }
-  stop = clock();
-
-  sec = clk_to_sec(start, stop);
-
-  printf("Total:      %.3f seconds\n", sec);
-  printf("Individual: %.3f seconds\n", sec / num);
-
-  mp_clear(&c);
-  mp_clear(&a);
-  mp_clear(&m);
-
-  return 0;
-}
-
-double clk_to_sec(clock_t start, clock_t stop)
-{
-  return (double)(stop - start) / CLOCKS_PER_SEC;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/utils/pi.c b/security/nss/lib/freebl/mpi/utils/pi.c
deleted file mode 100644
index 367118586..000000000
--- a/security/nss/lib/freebl/mpi/utils/pi.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/*
- * pi.c
- *
- * Compute pi to an arbitrary number of digits.  Uses Machin's formula,
- * like everyone else on the planet:
- * 
- *    pi = 16 * arctan(1/5) - 4 * arctan(1/239)
- *
- * This is pretty effective for up to a few thousand digits, but it
- * gets pretty slow after that.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$ 
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-
-mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum);
-
-int main(int argc, char *argv[])
-{
-  mp_err       res;
-  mp_digit     ndigits;
-  mp_int       sum1, sum2;
-  clock_t      start, stop;
-  int          out = 0;
-
-  /* Make the user specify precision on the command line */
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <num-digits>\n", argv[0]);
-    return 1;
-  }
-
-  if((ndigits = abs(atoi(argv[1]))) == 0) {
-    fprintf(stderr, "%s: you must request at least 1 digit\n", argv[0]);
-    return 1;
-  }
-
-  start = clock();
-  mp_init(&sum1); mp_init(&sum2);
-
-  /* sum1 = 16 * arctan(1/5)  */
-  if((res = arctan(16, 5, ndigits, &sum1)) != MP_OKAY) {
-    fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
-    out = 1; goto CLEANUP;
-  }
-
-  /* sum2 = 4 * arctan(1/239) */
-  if((res = arctan(4, 239, ndigits, &sum2)) != MP_OKAY) {
-    fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
-    out = 1; goto CLEANUP;
-  }
-
-  /* pi = sum1 - sum2         */
-  if((res = mp_sub(&sum1, &sum2, &sum1)) != MP_OKAY) {
-    fprintf(stderr, "%s: mp_sub: %s\n", argv[0], mp_strerror(res));
-    out = 1; goto CLEANUP;
-  }
-  stop = clock();
-
-  /* Write the output in decimal */
-  {
-    char  *buf = malloc(mp_radix_size(&sum1, 10));
-
-    if(buf == NULL) {
-      fprintf(stderr, "%s: out of memory\n", argv[0]);
-      out = 1; goto CLEANUP;
-    }
-    mp_todecimal(&sum1, buf);
-    printf("%s\n", buf);
-    free(buf);
-  }
-
-  fprintf(stderr, "Computation took %.2f sec.\n", 
-	  (double)(stop - start) / CLOCKS_PER_SEC);
-
- CLEANUP:
-  mp_clear(&sum1);
-  mp_clear(&sum2);
-
-  return out;
-
-}
-
-/* Compute sum := mul * arctan(1/x), to 'prec' digits of precision */
-mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum)
-{
-  mp_int   t, v;
-  mp_digit q = 1, rd;
-  mp_err   res;
-  int      sign = 1;
-
-  prec += 3;  /* push inaccuracies off the end */
-
-  mp_init(&t); mp_set(&t, 10);
-  mp_init(&v); 
-  if((res = mp_expt_d(&t, prec, &t)) != MP_OKAY ||  /* get 10^prec    */
-     (res = mp_mul_d(&t, mul, &t)) != MP_OKAY ||    /* ... times mul  */
-     (res = mp_mul_d(&t, x, &t)) != MP_OKAY)        /* ... times x    */
-    goto CLEANUP;
-
-  /*
-    The extra multiplication by x in the above takes care of what
-    would otherwise have to be a special case for 1 / x^1 during the
-    first loop iteration.  A little sneaky, but effective.
-
-    We compute arctan(1/x) by the formula:
-
-         1     1       1       1
-	 - - ----- + ----- - ----- + ...
-	 x   3 x^3   5 x^5   7 x^7
-
-    We multiply through by 'mul' beforehand, which gives us a couple
-    more iterations and more precision
-   */
-
-  x *= x; /* works as long as x < sqrt(RADIX), which it is here */
-
-  mp_zero(sum);
-
-  do {
-    if((res = mp_div_d(&t, x, &t, &rd)) != MP_OKAY)
-      goto CLEANUP;
-
-    if(sign < 0 && rd != 0)
-      mp_add_d(&t, 1, &t);
-
-    if((res = mp_div_d(&t, q, &v, &rd)) != MP_OKAY)
-      goto CLEANUP;
-
-    if(sign < 0 && rd != 0)
-      mp_add_d(&v, 1, &v);
-
-    if(sign > 0)
-      res = mp_add(sum, &v, sum);
-    else
-      res = mp_sub(sum, &v, sum);
-
-    if(res != MP_OKAY)
-      goto CLEANUP;
-
-    sign *= -1;
-    q += 2;
-
-  } while(mp_cmp_z(&t) != 0);
-
-  /* Chop off inaccurate low-order digits */
-  mp_div_d(sum, 1000, sum, NULL);
-
- CLEANUP:
-  mp_clear(&v);
-  mp_clear(&t);
-
-  return res;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS                                                  */
diff --git a/security/nss/lib/freebl/mpi/utils/primegen.c b/security/nss/lib/freebl/mpi/utils/primegen.c
deleted file mode 100644
index 1f7a593e1..000000000
--- a/security/nss/lib/freebl/mpi/utils/primegen.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- *  primegen.c
- *
- * Generates random integers which are prime with a high degree of
- * probability using the Miller-Rabin probabilistic primality testing
- * algorithm.
- *
- * Usage:
- *    primegen <bits> [<num>]
- *
- *    <bits>   - number of significant bits each prime should have
- *    <num>    - number of primes to generate
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mplogic.h"
-#include "mpprime.h"
-
-#undef MACOS		/* define if running on a Macintosh */
-
-#ifdef MACOS
-#include <console.h>
-#endif
-
-#define NUM_TESTS 5  /* Number of Rabin-Miller iterations to test with */
-
-#ifdef DEBUG
-#define FPUTC(x,y) fputc(x,y)
-#else
-#define FPUTC(x,y) 
-#endif
-
-int main(int argc, char *argv[])
-{
-  unsigned char *raw;
-  char          *out;
-  unsigned long nTries;
-  int		rawlen, bits, outlen, ngen, ix, jx;
-  int           g_strong = 0;
-  mp_int	testval;
-  mp_err	res;
-  clock_t	start, end;
-
-#ifdef MACOS
-  argc = ccommand(&argv);
-#endif
-
-  /* We'll just use the C library's rand() for now, although this
-     won't be good enough for cryptographic purposes */
-  if((out = getenv("SEED")) == NULL) {
-    srand((unsigned int)time(NULL));
-  } else {
-    srand((unsigned int)atoi(out));
-  }
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <bits> [<count> [strong]]\n", argv[0]);
-    return 1;
-  }
-	
-  if((bits = abs(atoi(argv[1]))) < CHAR_BIT) {
-    fprintf(stderr, "%s: please request at least %d bits.\n",
-	    argv[0], CHAR_BIT);
-    return 1;
-  }
-
-  /* If optional third argument is given, use that as the number of
-     primes to generate; otherwise generate one prime only.
-   */
-  if(argc < 3) {
-    ngen = 1;
-  } else {
-    ngen = abs(atoi(argv[2]));
-  }
-
-  /* If fourth argument is given, and is the word "strong", we'll 
-     generate strong (Sophie Germain) primes. 
-   */
-  if(argc > 3 && strcmp(argv[3], "strong") == 0)
-    g_strong = 1;
-
-  /* testval - candidate being tested; nTries - number tried so far */
-  if ((res = mp_init(&testval)) != MP_OKAY) {
-    fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
-    return 1;
-  }
-  
-  if(g_strong) {
-    printf("Requested %d strong prime value(s) of %d bits.\n", 
-	   ngen, bits);
-  } else {
-    printf("Requested %d prime value(s) of %d bits.\n", ngen, bits);
-  }
-
-  rawlen = (bits / CHAR_BIT) + ((bits % CHAR_BIT) ? 1 : 0) + 1;
-
-  if((raw = calloc(rawlen, sizeof(unsigned char))) == NULL) {
-    fprintf(stderr, "%s: out of memory, sorry.\n", argv[0]);
-    return 1;
-  }
-
-  /* This loop is one for each prime we need to generate */
-  for(jx = 0; jx < ngen; jx++) {
-
-    raw[0] = 0;  /* sign is positive */
-
-    /*	Pack the initializer with random bytes	*/
-    for(ix = 1; ix < rawlen; ix++) 
-      raw[ix] = (rand() * rand()) & UCHAR_MAX;
-
-    raw[1] |= 0x80;             /* set high-order bit of test value     */
-    raw[rawlen - 1] |= 1;       /* set low-order bit of test value      */
-
-    /* Make an mp_int out of the initializer */
-    mp_read_raw(&testval, (char *)raw, rawlen);
-
-    /* Initialize candidate counter */
-    nTries = 0;
-
-    start = clock(); /* time generation for this prime */
-    do {
-      res = mpp_make_prime(&testval, bits, g_strong, &nTries);
-      if (res != MP_NO)
-	break;
-      /* This code works whether digits are 16 or 32 bits */
-      res = mp_add_d(&testval, 32 * 1024, &testval);
-      res = mp_add_d(&testval, 32 * 1024, &testval);
-      FPUTC(',', stderr);
-    } while (1);
-    end = clock();
-
-    if (res != MP_YES) {
-      break;
-    }
-    FPUTC('\n', stderr);
-    puts("The following value is probably prime:");
-    outlen = mp_radix_size(&testval, 10);
-    out = calloc(outlen, sizeof(unsigned char));
-    mp_toradix(&testval, (char *)out, 10);
-    printf("10: %s\n", out);
-    mp_toradix(&testval, (char *)out, 16);
-    printf("16: %s\n\n", out);
-    free(out);
-    
-    printf("Number of candidates tried: %lu\n", nTries);
-    printf("This computation took %ld clock ticks (%.2f seconds)\n",
-	   (end - start), ((double)(end - start) / CLOCKS_PER_SEC));
-    
-    FPUTC('\n', stderr);
-  } /* end of loop to generate all requested primes */
-  
-  if(res != MP_OKAY) 
-    fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
-
-  free(raw);
-  mp_clear(&testval);	
-  
-  return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/prng.c b/security/nss/lib/freebl/mpi/utils/prng.c
deleted file mode 100644
index 9b8f7983a..000000000
--- a/security/nss/lib/freebl/mpi/utils/prng.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- *  prng.c
- *
- *  Command-line pseudo-random number generator
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <time.h>
-
-#ifdef __OS2__
-#include <types.h>
-#include <process.h>
-#else
-#include <unistd.h>
-#endif
-
-#include "bbs_rand.h"
-
-int main(int argc, char *argv[])
-{
-  unsigned char *seed;
-  unsigned int   ix, num = 1;
-  pid_t          pid;
-  
-  if(argc > 1) {
-    num = atoi(argv[1]);
-    if(num <= 0) 
-      num = 1;
-  }
-
-  pid = getpid();
-  srand(time(NULL) * (unsigned int)pid);
-
-  /* Not a perfect seed, but not bad */
-  seed = malloc(bbs_seed_size);
-  for(ix = 0; ix < bbs_seed_size; ix++) {
-    seed[ix] = rand() % UCHAR_MAX;
-  }
-
-  bbs_srand(seed, bbs_seed_size);
-  memset(seed, 0, bbs_seed_size);
-  free(seed);
-
-  while(num-- > 0) {
-    ix = bbs_rand();
-
-    printf("%u\n", ix);
-  }
-
-  return 0;
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/ptab.pl b/security/nss/lib/freebl/mpi/utils/ptab.pl
deleted file mode 100755
index f9c56b6c3..000000000
--- a/security/nss/lib/freebl/mpi/utils/ptab.pl
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/linguist/bin/perl
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is 
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are 
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above.  If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL.  If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-## $Id$
-##
-
-while(<>) {
-    chomp;
-    push(@primes, $_);
-}
-
-printf("mp_size   prime_tab_size = %d;\n", ($#primes + 1));
-print "mp_digit  prime_tab[] = {\n";
-
-print "\t";
-$last = pop(@primes);
-foreach $prime (sort {$a<=>$b} @primes) {
-    printf("0x%04X, ", $prime);
-    $brk = ($brk + 1) % 8;
-    print "\n\t" if(!$brk);
-}
-printf("0x%04X", $last);
-print "\n" if($brk);
-print "};\n\n";
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/sieve.c b/security/nss/lib/freebl/mpi/utils/sieve.c
deleted file mode 100644
index 4dd20604c..000000000
--- a/security/nss/lib/freebl/mpi/utils/sieve.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/*
- * sieve.c
- *
- * Finds prime numbers using the Sieve of Eratosthenes
- *
- * This implementation uses a bitmap to represent all odd integers in a
- * given range.  We iterate over this bitmap, crossing off the
- * multiples of each prime we find.  At the end, all the remaining set
- * bits correspond to prime integers.
- *
- * Here, we make two passes -- once we have generated a sieve-ful of
- * primes, we copy them out, reset the sieve using the highest
- * generated prime from the first pass as a base.  Then we cross out
- * all the multiples of all the primes we found the first time through,
- * and re-sieve.  In this way, we get double use of the memory we
- * allocated for the sieve the first time though.  Since we also
- * implicitly ignore multiples of 2, this amounts to 4 times the
- * values.
- *
- * This could (and probably will) be generalized to re-use the sieve a
- * few more times.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are 
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger. 
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above.  If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- *  $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-
-typedef unsigned char  byte;
-
-typedef struct {
-  int   size;
-  byte *bits;
-  long  base;
-  int   next;
-  int   nbits;
-} sieve;
-
-void sieve_init(sieve *sp, long base, int nbits);
-void sieve_grow(sieve *sp, int nbits);
-long sieve_next(sieve *sp);
-void sieve_reset(sieve *sp, long base);
-void sieve_cross(sieve *sp, long val);
-void sieve_clear(sieve *sp);
-
-#define S_ISSET(S, B)  (((S)->bits[(B)/CHAR_BIT]>>((B)%CHAR_BIT))&1)
-#define S_SET(S, B)    ((S)->bits[(B)/CHAR_BIT]|=(1<<((B)%CHAR_BIT)))
-#define S_CLR(S, B)    ((S)->bits[(B)/CHAR_BIT]&=~(1<<((B)%CHAR_BIT)))
-#define S_VAL(S, B)    ((S)->base+(2*(B)))
-#define S_BIT(S, V)    (((V)-((S)->base))/2)
-
-int main(int argc, char *argv[])
-{
-  sieve   s;
-  long    pr, *p;
-  int     c, ix, cur = 0;
-
-  if(argc < 2) {
-    fprintf(stderr, "Usage: %s <width>\n", argv[0]);
-    return 1;
-  }
-
-  c = atoi(argv[1]);
-  if(c < 0) c = -c;
-
-  fprintf(stderr, "%s: sieving to %d positions\n", argv[0], c);
-
-  sieve_init(&s, 3, c);
-
-  c = 0;
-  while((pr = sieve_next(&s)) > 0) {
-    ++c;
-  }
-
-  p = calloc(c, sizeof(long));
-  if(!p) {
-    fprintf(stderr, "%s: out of memory after first half\n", argv[0]);
-    sieve_clear(&s);
-    exit(1);
-  }
-
-  fprintf(stderr, "%s: half done ... \n", argv[0]);
-
-  for(ix = 0; ix < s.nbits; ix++) {
-    if(S_ISSET(&s, ix)) {
-      p[cur] = S_VAL(&s, ix);
-      printf("%ld\n", p[cur]);
-      ++cur;
-    }
-  }
-
-  sieve_reset(&s, p[cur - 1]);
-  fprintf(stderr, "%s: crossing off %d found primes ... \n", argv[0], cur);
-  for(ix = 0; ix < cur; ix++) {
-    sieve_cross(&s, p[ix]);
-    if(!(ix % 1000))
-      fputc('.', stderr);
-  }
-  fputc('\n', stderr);
-
-  free(p);
-
-  fprintf(stderr, "%s: sieving again from %ld ... \n", argv[0], p[cur - 1]);
-  c = 0;
-  while((pr = sieve_next(&s)) > 0) {
-    ++c;
-  }
-  
-  fprintf(stderr, "%s: done!\n", argv[0]);
-  for(ix = 0; ix < s.nbits; ix++) {
-    if(S_ISSET(&s, ix)) {
-      printf("%ld\n", S_VAL(&s, ix));
-    }
-  }
-
-  sieve_clear(&s);
-
-  return 0;
-}
-
-void sieve_init(sieve *sp, long base, int nbits)
-{
-  sp->size = (nbits / CHAR_BIT);
-
-  if(nbits % CHAR_BIT)
-    ++sp->size;
-
-  sp->bits = calloc(sp->size, sizeof(byte));
-  memset(sp->bits, UCHAR_MAX, sp->size);
-  if(!(base & 1))
-    ++base;
-  sp->base = base;
-  
-  sp->next = 0;
-  sp->nbits = sp->size * CHAR_BIT;
-}
-
-void sieve_grow(sieve *sp, int nbits)
-{
-  int  ns = (nbits / CHAR_BIT);
-
-  if(nbits % CHAR_BIT)
-    ++ns;
-
-  if(ns > sp->size) {
-    byte   *tmp;
-    int     ix;
-
-    tmp = calloc(ns, sizeof(byte));
-    if(tmp == NULL) {
-      fprintf(stderr, "Error: out of memory in sieve_grow\n");
-      return;
-    }
-
-    memcpy(tmp, sp->bits, sp->size);
-    for(ix = sp->size; ix < ns; ix++) {
-      tmp[ix] = UCHAR_MAX;
-    }
-
-    free(sp->bits);
-    sp->bits = tmp;
-    sp->size = ns;
-
-    sp->nbits = sp->size * CHAR_BIT;
-  }
-}
-
-long sieve_next(sieve *sp)
-{
-  long out;
-  int  ix = 0;
-  long val;
-
-  if(sp->next > sp->nbits)
-    return -1;
-
-  out = S_VAL(sp, sp->next);
-#ifdef DEBUG
-  fprintf(stderr, "Sieving %ld\n", out);
-#endif
-
-  /* Sieve out all multiples of the current prime */
-  val = out;
-  while(ix < sp->nbits) {
-    val += out;
-    ix = S_BIT(sp, val);
-    if((val & 1) && ix < sp->nbits) { /* && S_ISSET(sp, ix)) { */
-      S_CLR(sp, ix);
-#ifdef DEBUG
-      fprintf(stderr, "Crossing out %ld (bit %d)\n", val, ix);
-#endif
-    }
-  }
-
-  /* Scan ahead to the next prime */
-  ++sp->next;
-  while(sp->next < sp->nbits && !S_ISSET(sp, sp->next))
-    ++sp->next;
-
-  return out;
-}
-
-void sieve_cross(sieve *sp, long val)
-{
-  int  ix = 0;
-  long cur = val;
-
-  while(cur < sp->base)
-    cur += val;
-
-  ix = S_BIT(sp, cur);
-  while(ix < sp->nbits) {
-    if(cur & 1) 
-      S_CLR(sp, ix);
-    cur += val;
-    ix = S_BIT(sp, cur);
-  }
-}
-
-void sieve_reset(sieve *sp, long base)
-{
-  memset(sp->bits, UCHAR_MAX, sp->size);
-  sp->base = base;
-  sp->next = 0;
-}
-
-void sieve_clear(sieve *sp)
-{
-  if(sp->bits) 
-    free(sp->bits);
-
-  sp->bits = NULL;
-}
diff --git a/security/nss/lib/freebl/mpi/vis_32.il b/security/nss/lib/freebl/mpi/vis_32.il
deleted file mode 100644
index 443b6a00e..000000000
--- a/security/nss/lib/freebl/mpi/vis_32.il
+++ /dev/null
@@ -1,1320 +0,0 @@
-! 
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is vis inline macros (32 bit).  (vis_32.il 3.3)
-! 
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1995-2000 Sun Microsystems Inc.  All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!   $Id$
-! 
-! @(#)vis_32.il	3.3	00/03/02 SMI
-
-! The interface to the VIS instructions as declared below (and in the VIS
-! User's Manual) will not change, but the macro implementation might change
-! in the future.
-
-!--------------------------------------------------------------------
-! Pure edge handling instructions
-!
-! int vis_edge8(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8,8
-	edge8	%o0,%o1,%o0
-	.end
-!
-! int vis_edge8l(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8l,8
-	edge8l	%o0,%o1,%o0
-	.end
-!
-! int vis_edge16(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16,8
-	edge16	%o0,%o1,%o0
-	.end
-!
-! int vis_edge16l(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16l,8
-	edge16l	%o0,%o1,%o0
-	.end
-!
-! int vis_edge32(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32,8
-	edge32	%o0,%o1,%o0
-	.end
-!
-! int vis_edge32l(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32l,8
-	edge32l	%o0,%o1,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Edge handling instructions with negative return values if cc set
-!
-! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8cc,8
-	edge8	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %icc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8lcc,8
-	edge8l	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %icc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16cc,8
-	edge16	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %icc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16lcc,8
-	edge16l	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %icc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32cc,8
-	edge32	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %icc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32lcc,8
-	edge32l	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %icc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Alignment instructions
-!
-! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
-!
-	.inline vis_alignaddr,8
-	alignaddr	%o0,%o1,%o0
-	.end
-!
-! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
-!
-	.inline vis_alignaddrl,8
-	alignaddrl	%o0,%o1,%o0
-	.end
-!
-! double vis_faligndata(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_faligndata,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	faligndata	%f4,%f10,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Partitioned comparison instructions
-!
-! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmple16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmple16	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpne16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmpne16	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmple32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmple32	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpne32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmpne32	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpgt16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmpgt16	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpeq16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmpeq16	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpgt32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmpgt32	%f4,%f10,%o0
-	.end
-!
-! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpeq32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fcmpeq32	%f4,%f10,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Partitioned arithmetic
-!
-! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fmul8x16,12
-	st	%o0,[%sp+0x44]
-	ld	[%sp+0x44],%f4
-	st	%o1,[%sp+0x48]
-	st	%o2,[%sp+0x4c]
-	ldd	[%sp+0x48],%f10
-	fmul8x16	%f4,%f10,%f0
-	.end
-!
-! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-!
-	.inline vis_fmul8x16_dummy,16
-	st	%o0,[%sp+0x44]
-	ld	[%sp+0x44],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fmul8x16	%f4,%f10,%f0
-	.end
-!
-! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmul8x16au,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fmul8x16au	%f4,%f10,%f0
-	.end
-!
-! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmul8x16al,8
-	st	%o0,[%sp+0x44]
-	ld	[%sp+0x44],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fmul8x16al	%f4,%f10,%f0
-	.end
-!
-! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fmul8sux16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fmul8sux16	%f4,%f10,%f0
-	.end
-!
-! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fmul8ulx16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fmul8ulx16	%f4,%f10,%f0
-	.end
-!
-! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmuld8sux16,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fmuld8sux16	%f4,%f10,%f0
-	.end
-!
-! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmuld8ulx16,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fmuld8ulx16	%f4,%f10,%f0
-	.end
-!
-! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpadd16,16
-	std	%o0,[%sp+0x40]
-	ldd	[%sp+0x40],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fpadd16	%f4,%f10,%f0
-	.end
-!
-! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpadd16s,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fpadd16s	%f4,%f10,%f0
-	.end
-!
-! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpadd32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fpadd32	%f4,%f10,%f0
-	.end
-!
-! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpadd32s,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fpadd32s	%f4,%f10,%f0
-	.end
-!
-! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpsub16,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fpsub16	%f4,%f10,%f0
-	.end
-!
-! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpsub16s,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fpsub16s	%f4,%f10,%f0
-	.end
-!
-! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpsub32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fpsub32	%f4,%f10,%f0
-	.end
-!
-! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpsub32s,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fpsub32s	%f4,%f10,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Pixel packing
-!
-! float vis_fpack16(double /*frs2*/);
-!
-	.inline vis_fpack16,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fpack16	%f4,%f0
-	.end
-
-!
-! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-!
-	.inline vis_fpack16_pair,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fpack16	%f4,%f0
-	fpack16	%f10,%f1
-	.end
-!
-! void vis_st2_fpack16(double, double, double *)
-!
-	.inline vis_st2_fpack16,20
- 	std	%o0,[%sp+0x48]
- 	ldd	[%sp+0x48],%f4
- 	std	%o2,[%sp+0x48]
- 	ldd	[%sp+0x48],%f10
- 	fpack16	%f4,%f0
- 	fpack16	%f10,%f1
- 	st	%f0,[%o4+0]
- 	st	%f1,[%o4+4]
- 	.end
-!
-! void vis_std_fpack16(double, double, double *)
-!
-	.inline vis_std_fpack16,20
-	std     %o0,[%sp+0x48]
-	ldd     [%sp+0x48],%f4
-	std     %o2,[%sp+0x48]
-	ldd     [%sp+0x48],%f10
-	fpack16 %f4,%f0
-	fpack16 %f10,%f1
-	std     %f0,[%o4]
-	.end
-!
-! void vis_st2_fpackfix(double, double, double *)
-!
-	.inline vis_st2_fpackfix,20
- 	std	%o0,[%sp+0x48]
- 	ldd	[%sp+0x48],%f4
- 	std	%o2,[%sp+0x48]
- 	ldd	[%sp+0x48],%f10
- 	fpackfix %f4,%f0
- 	fpackfix %f10,%f1
- 	st	%f0,[%o4+0]
- 	st	%f1,[%o4+4]
- 	.end
-!
-! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpack16_to_hi,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f0
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fpack16	%f4,%f0
-	.end
-
-! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpack16_to_lo,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f0
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fpack16	%f4,%f3
-	fmovs	%f3,%f1		/* without this, optimizer goes wrong */
-	.end
-
-!
-! double vis_fpack32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpack32,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fpack32	%f4,%f10,%f0
-	.end
-!
-! float vis_fpackfix(double /*frs2*/);
-!
-	.inline vis_fpackfix,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fpackfix	%f4,%f0
-	.end
-!
-! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-!
-	.inline vis_fpackfix_pair,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f6
-	fpackfix	%f4,%f0
-	fpackfix	%f6,%f1
-	.end
-
-!--------------------------------------------------------------------
-! Motion estimation
-!
-! double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
-!
-	.inline vis_pdist,24
-	std	%o4,[%sp+0x48]
-	ldd	[%sp+0x48],%f0
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	pdist	%f4,%f10,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Channel merging
-!
-! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpmerge,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fpmerge	%f4,%f10,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Pixel expansion
-!
-! double vis_fexpand(float /*frs2*/);
-!
-	.inline vis_fexpand,4
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	fexpand	%f4,%f0
-	.end
-
-! double vis_fexpand_hi(double /*frs2*/);
-!
-	.inline vis_fexpand_hi,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fexpand	%f4,%f0
-	.end
-
-! double vis_fexpand_lo(double /*frs2*/);
-!
-	.inline vis_fexpand_lo,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fmovs	%f5, %f2
-	fexpand	%f2,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Bitwise logical operations
-!
-! double vis_fnor(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fnor,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fnor	%f4,%f10,%f0
-	.end
-!
-! float vis_fnors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fnors,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fnors	%f4,%f10,%f0
-	.end
-!
-! double vis_fandnot(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fandnot,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fandnot1	%f4,%f10,%f0
-	.end
-!
-! float vis_fandnots(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fandnots,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fandnot1s	%f4,%f10,%f0
-	.end
-!
-! double vis_fnot(double /*frs1*/);
-!
-	.inline vis_fnot,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fnot1	%f4,%f0
-	.end
-!
-! float vis_fnots(float /*frs1*/);
-!
-	.inline vis_fnots,4
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	fnot1s	%f4,%f0
-	.end
-!
-! double vis_fxor(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fxor,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fxor	%f4,%f10,%f0
-	.end
-!
-! float vis_fxors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fxors,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fxors	%f4,%f10,%f0
-	.end
-!
-! double vis_fnand(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fnand,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fnand	%f4,%f10,%f0
-	.end
-!
-! float vis_fnands(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fnands,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fnands	%f4,%f10,%f0
-	.end
-!
-! double vis_fand(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fand,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fand	%f4,%f10,%f0
-	.end
-!
-! float vis_fands(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fands,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fands	%f4,%f10,%f0
-	.end
-!
-! double vis_fxnor(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fxnor,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fxnor	%f4,%f10,%f0
-	.end
-!
-! float vis_fxnors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fxnors,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fxnors	%f4,%f10,%f0
-	.end
-!
-! double vis_fsrc(double /*frs1*/);
-!
-	.inline vis_fsrc,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	fsrc1	%f4,%f0
-	.end
-!
-! float vis_fsrcs(float /*frs1*/);
-!
-	.inline vis_fsrcs,4
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	fsrc1s	%f4,%f0
-	.end
-!
-! double vis_fornot(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fornot,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	fornot1	%f4,%f10,%f0
-	.end
-!
-! float vis_fornots(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fornots,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fornot1s	%f4,%f10,%f0
-	.end
-!
-! double vis_for(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_for,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	std	%o2,[%sp+0x48]
-	ldd	[%sp+0x48],%f10
-	for	%f4,%f10,%f0
-	.end
-!
-! float vis_fors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fors,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	st	%o1,[%sp+0x48]
-	ld	[%sp+0x48],%f10
-	fors	%f4,%f10,%f0
-	.end
-!
-! double vis_fzero(/* void */)
-!
-	.inline	vis_fzero,0
-	fzero	%f0
-	.end
-!
-! float vis_fzeros(/* void */)
-!
-	.inline	vis_fzeros,0
-	fzeros	%f0
-	.end
-!
-! double vis_fone(/* void */)
-!
-	.inline	vis_fone,0
-	fone	%f0
-	.end
-!
-! float vis_fones(/* void */)
-!
-	.inline	vis_fones,0
-	fones	%f0
-	.end
-
-!--------------------------------------------------------------------
-! Partial store instructions
-!
-! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST8P,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc0	! ASI_PST8_P
-	.end
-!
-! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST8PL,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc8	! ASI_PST8_PL
-	.end
-!
-! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
-!
-	.inline vis_stdfa_ASI_PST8P_int_pair,16
-        ld	[%o0],%f4
-        ld	[%o1],%f5
-	stda	%f4,[%o2]%o3,0xc0	! ASI_PST8_P
-	.end
-!
-! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST8S,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc1	! ASI_PST8_S
-	.end
-!
-! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST16P,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc2	! ASI_PST16_P
-	.end
-!
-! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST16S,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc3	! ASI_PST16_S
-	.end
-!
-! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST32P,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc4	! ASI_PST32_P
-	.end
-!
-! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST32S,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]%o3,0xc5	! ASI_PST32_S
-	.end
-
-!--------------------------------------------------------------------
-! Short store instructions
-!
-! vis_stdfa_ASI_FL8P(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8P,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xd0	! ASI_FL8_P
-	.end
-!
-! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
-!
-	.inline vis_stdfa_ASI_FL8P_index,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2+%o3]0xd0 ! ASI_FL8_P
-	.end
-!
-! vis_stdfa_ASI_FL8S(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8S,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xd1	! ASI_FL8_S
-	.end
-!
-! vis_stdfa_ASI_FL16P(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16P,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xd2	! ASI_FL16_P
-	.end
-!
-! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
-!
-	.inline vis_stdfa_ASI_FL16P_index,16
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2+%o3]0xd2 ! ASI_FL16_P
-	.end
-!
-! vis_stdfa_ASI_FL16S(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16S,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xd3	! ASI_FL16_S
-	.end
-!
-! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8PL,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xd8	! ASI_FL8_PL
-	.end
-!
-! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8SL,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xd9	! ASI_FL8_SL
-	.end
-!
-! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16PL,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xda	! ASI_FL16_PL
-	.end
-!
-! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16SL,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0xdb	! ASI_FL16_SL
-	.end
-
-!--------------------------------------------------------------------
-! Short load instructions
-!
-! double vis_lddfa_ASI_FL8P(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8P,4
-	ldda	[%o0]0xd0,%f4	! ASI_FL8_P
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL8P_index,8
-	ldda	[%o0+%o1]0xd0,%f4
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
-!
-	.inline vis_lddfa_ASI_FL8P_hi,8
-	sra     %o1,16,%o1
-	ldda	[%o0+%o1]0xd0,%f4
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
-!
-	.inline vis_lddfa_ASI_FL8P_lo,8
-	sll     %o1,16,%o1
-	sra     %o1,16,%o1
-	ldda	[%o0+%o1]0xd0,%f4
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8S(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8S,4
-	ldda	[%o0]0xd1,%f4	! ASI_FL8_S
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16P(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16P,4
-	ldda	[%o0]0xd2,%f4	! ASI_FL16_P
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL16P_index,8
-	ldda	[%o0+%o1]0xd2,%f4 ! ASI_FL16_P
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16S(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16S,4
-	ldda	[%o0]0xd3,%f4	! ASI_FL16_S
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8PL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8PL,4
-	ldda	[%o0]0xd8,%f4	! ASI_FL8_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL8PL_index,8
-	ldda	[%o0+%o1]0xd8,%f4	! ASI_FL8_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8SL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8SL,4
-	ldda	[%o0]0xd9,%f4	! ASI_FL8_SL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16PL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16PL,4
-	ldda	[%o0]0xda,%f4	! ASI_FL16_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL16PL_index,8
-	ldda	[%o0+%o1]0xda,%f4	! ASI_FL16_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16SL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16SL,4
-	ldda	[%o0]0xdb,%f4	! ASI_FL16_SL
-	fmovd	%f4,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Graphics status register
-!
-! unsigned int vis_read_gsr(void)
-!
-	.inline vis_read_gsr,0
-	rd	%gsr,%o0
-	.end
-!
-! void vis_write_gsr(unsigned int /* GSR */)
-!
-	.inline vis_write_gsr,4
-	wr	%g0,%o0,%gsr
-	.end
-
-!--------------------------------------------------------------------
-! Voxel texture mapping
-!
-! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
-!
-	.inline	vis_array8,12
-	sllx	%o0,32,%o0
-	srl	%o1,0,%o1	! clear the most significant 32 bits of %o1
-	or	%o0,%o1,%o3	! join %o0 and %o1 into %o3
-	array8	%o3,%o2,%o0
-	.end
-!
-! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
-!
-	.inline	vis_array16,12
-	sllx	%o0,32,%o0
-	srl	%o1,0,%o1	! clear the most significant 32 bits of %o1
-	or	%o0,%o1,%o3	! join %o0 and %o1 into %o3
-	array16	%o3,%o2,%o0
-	.end
-!
-! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
-!
-	.inline	vis_array32,12
-	sllx	%o0,32,%o0
-	srl	%o1,0,%o1	! clear the most significant 32 bits of %o1
-	or	%o0,%o1,%o3	! join %o0 and %o1 into %o3
-	array32	%o3,%o2,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Register aliasing and type casts
-!
-! float vis_read_hi(double /* frs1 */);
-!
-	.inline vis_read_hi,8
-	std	%o0,[%sp+0x48]	! store double frs1
-	ldd	[%sp+0x48],%f0	! %f0:%f1 = double frs1; return %f0;
-	.end
-!
-! float vis_read_lo(double /* frs1 */);
-!
-	.inline vis_read_lo,8
-	std	%o0,[%sp+0x48]	! store double frs1
-	ldd	[%sp+0x48],%f0	! %f0:%f1 = double frs1;
-	fmovs	%f1,%f0		! %f0 = low word (frs1); return %f0;
-	.end
-!
-! double vis_write_hi(double /* frs1 */, float /* frs2 */);
-!
-	.inline vis_write_hi,12
-	std	%o0,[%sp+0x48]	! store double frs1;
-	ldd	[%sp+0x48],%f0	! %f0:%f1 = double frs1;
-	st	%o2,[%sp+0x44]	! store float frs2;
-	ld	[%sp+0x44],%f2	! %f2 = float frs2;
-	fmovs	%f2,%f0		! %f0 = float frs2; return %f0:f1;
-	.end
-!
-! double vis_write_lo(double /* frs1 */, float /* frs2 */);
-!
-	.inline vis_write_lo,12
-	std	%o0,[%sp+0x48]	! store double frs1;
-	ldd	[%sp+0x48],%f0	! %f0:%f1 = double frs1;
-	st	%o2,[%sp+0x44]	! store float frs2;
-	ld	[%sp+0x44],%f2	! %f2 = float frs2;
-	fmovs	%f2,%f1		! %f1 = float frs2; return %f0:f1;
-	.end
-!
-! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
-!
-	.inline vis_freg_pair,8
-	st	%o0,[%sp+0x48]	! store float frs1
-	ld	[%sp+0x48],%f0
-	st	%o1,[%sp+0x48]	! store float frs2
-	ld	[%sp+0x48],%f1
-	.end
-!
-! float vis_to_float(unsigned int /*value*/);
-!
-	.inline vis_to_float,4
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f0
-	.end
-!
-! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-!
-	.inline vis_to_double,8
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f0
-	.end
-!
-! double vis_to_double_dup(unsigned int /*value*/);
-!
-	.inline vis_to_double_dup,4
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f1
-	fmovs	%f1,%f0		! duplicate value
-	.end
-!
-! double vis_ll_to_double(unsigned long long /*value*/);
-!
-	.inline vis_ll_to_double,8
-	std     %o0,[%sp+0x48]
-	ldd     [%sp+0x48],%f0
-	.end
-
-!--------------------------------------------------------------------
-! Address space identifier (ASI) register
-!
-! unsigned int vis_read_asi(void)
-!
-	.inline vis_read_asi,0
-	rd	%asi,%o0
-	.end
-!
-! void vis_write_asi(unsigned int /* ASI */)
-!
-	.inline vis_write_asi,4
-	wr	%g0,%o0,%asi
-	.end
-
-!--------------------------------------------------------------------
-! Load/store from/into alternate space
-!
-! float vis_ldfa_ASI_REG(void *rs1)
-!
-	.inline vis_ldfa_ASI_REG,4
-	lda	[%o0+0]%asi,%f4
-	fmovs	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! float vis_ldfa_ASI_P(void *rs1)
-!
-	.inline vis_ldfa_ASI_P,4
-	lda	[%o0]0x80,%f4	! ASI_P
-	fmovs	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! float vis_ldfa_ASI_PL(void *rs1)
-!
-	.inline vis_ldfa_ASI_PL,4
-	lda	[%o0]0x88,%f4	! ASI_PL
-	fmovs	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_REG(void *rs1)
-!
-	.inline vis_lddfa_ASI_REG,4
-	ldda	[%o0+0]%asi,%f4
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_P(void *rs1)
-!
-	.inline vis_lddfa_ASI_P,4
-	ldda	[%o0]0x80,%f4	! ASI_P
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_PL(void *rs1)
-!
-	.inline vis_lddfa_ASI_PL,4
-	ldda	[%o0]0x88,%f4	! ASI_PL
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! vis_stfa_ASI_REG(float frs, void *rs1)
-!
-	.inline vis_stfa_ASI_REG,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	sta	%f4,[%o1+0]%asi
-	.end
-!
-! vis_stfa_ASI_P(float frs, void *rs1)
-!
-	.inline vis_stfa_ASI_P,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	sta	%f4,[%o1]0x80	! ASI_P
-	.end
-!
-! vis_stfa_ASI_PL(float frs, void *rs1)
-!
-	.inline vis_stfa_ASI_PL,8
-	st	%o0,[%sp+0x48]
-	ld	[%sp+0x48],%f4
-	sta	%f4,[%o1]0x88	! ASI_PL
-	.end
-!
-! vis_stdfa_ASI_REG(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_REG,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2+0]%asi
-	.end
-!
-! vis_stdfa_ASI_P(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_P,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0x80	! ASI_P
-	.end
-!
-! vis_stdfa_ASI_PL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_PL,12
-	std	%o0,[%sp+0x48]
-	ldd	[%sp+0x48],%f4
-	stda	%f4,[%o2]0x88	! ASI_PL
-	.end
-!
-! unsigned short vis_lduha_ASI_REG(void *rs1)
-!
-	.inline vis_lduha_ASI_REG,4
-	lduha	[%o0+0]%asi,%o0
-	.end
-!
-! unsigned short vis_lduha_ASI_P(void *rs1)
-!
-	.inline vis_lduha_ASI_P,4
-	lduha	[%o0]0x80,%o0	! ASI_P
-	.end
-!
-! unsigned short vis_lduha_ASI_PL(void *rs1)
-!
-	.inline vis_lduha_ASI_PL,4
-	lduha	[%o0]0x88,%o0	! ASI_PL
-	.end
-!
-! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
-!
-	.inline vis_lduha_ASI_P_index,8
-	lduha	[%o0+%o1]0x80,%o0	! ASI_P
-	.end
-!
-! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
-!
-	.inline vis_lduha_ASI_PL_index,8
-	lduha	[%o0+%o1]0x88,%o0	! ASI_PL
-	.end
-
-!--------------------------------------------------------------------
-! Prefetch
-!
-! void vis_prefetch_read(void * /*address*/);
-!
-	.inline vis_prefetch_read,4
-	prefetch	[%o0+0],0
-	.end
-!
-! void vis_prefetch_write(void * /*address*/);
-!
-	.inline vis_prefetch_write,4
-	prefetch	[%o0+0],2
-	.end
diff --git a/security/nss/lib/freebl/mpi/vis_64.il b/security/nss/lib/freebl/mpi/vis_64.il
deleted file mode 100644
index 7a57e9b79..000000000
--- a/security/nss/lib/freebl/mpi/vis_64.il
+++ /dev/null
@@ -1,1026 +0,0 @@
-! 
-!  The contents of this file are subject to the Mozilla Public
-!  License Version 1.1 (the "License"); you may not use this file
-!  except in compliance with the License. You may obtain a copy of
-!  the License at http://www.mozilla.org/MPL/
-!  
-!  Software distributed under the License is distributed on an "AS
-!  IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-!  implied. See the License for the specific language governing
-!  rights and limitations under the License.
-!  
-!  The Original Code is vis inline macros (64 bit).  (vis_64.il 3.4)
-! 
-!  The Initial Developer of the Original Code is Sun Microsystems Inc.
-!  Portions created by Sun Microsystems Inc. are 
-!  Copyright (C) 1998-2000 Sun Microsystems Inc. All Rights Reserved.
-!  
-!  Contributor(s):
-!  
-!  Alternatively, the contents of this file may be used under the
-!  terms of the GNU General Public License Version 2 or later (the
-!  "GPL"), in which case the provisions of the GPL are applicable 
-!  instead of those above.	If you wish to allow use of your 
-!  version of this file only under the terms of the GPL and not to
-!  allow others to use your version of this file under the MPL,
-!  indicate your decision by deleting the provisions above and
-!  replace them with the notice and other provisions required by
-!  the GPL.  If you do not delete the provisions above, a recipient
-!  may use your version of this file under either the MPL or the
-!  GPL.
-!   $Id$
-! 
-! @(#)vis_64.il	3.4	00/03/02 SMI
-
-! This file is to be used in place of vis.il in 64-bit builds.
-
-!--------------------------------------------------------------------
-! Pure edge handling instructions
-!
-! int vis_edge8(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8,16
-	edge8	%o0,%o1,%o0
-	.end
-!
-! int vis_edge8l(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8l,16
-	edge8l	%o0,%o1,%o0
-	.end
-!
-! int vis_edge16(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16,16
-	edge16	%o0,%o1,%o0
-	.end
-!
-! int vis_edge16l(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16l,16
-	edge16l	%o0,%o1,%o0
-	.end
-!
-! int vis_edge32(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32,16
-	edge32	%o0,%o1,%o0
-	.end
-!
-! int vis_edge32l(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32l,16
-	edge32l	%o0,%o1,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Edge handling instructions with negative return values if cc set
-!
-! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8cc,16
-	edge8	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %xcc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge8lcc,16
-	edge8l	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %xcc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16cc,16
-	edge16	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %xcc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge16lcc,16
-	edge16l	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %xcc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32cc,16
-	edge32	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %xcc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-!
-! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
-!
-	.inline vis_edge32lcc,16
-	edge32l	%o0,%o1,%o0
-	mov     0,%o1
-	movgu   %xcc,-1024,%o1
-	or      %o1,%o0,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Alignment instructions
-!
-! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
-!
-	.inline vis_alignaddr,12
-	alignaddr	%o0,%o1,%o0
-	.end
-!
-! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
-!
-	.inline vis_alignaddrl,12
-	alignaddrl	%o0,%o1,%o0
-	.end
-!
-! double vis_faligndata(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_faligndata,16
-	faligndata	%f0,%f2,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Partitioned comparison instructions
-!
-! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmple16,16
-	fcmple16	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpne16,16
-	fcmpne16	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmple32,16
-	fcmple32	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpne32,16
-	fcmpne32	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpgt16,16
-	fcmpgt16	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpeq16,16
-	fcmpeq16	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpgt32,16
-	fcmpgt32	%f0,%f2,%o0
-	.end
-!
-! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fcmpeq32,16
-	fcmpeq32	%f0,%f2,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Partitioned arithmetic
-!
-! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fmul8x16,12
-	fmul8x16	%f1,%f2,%f0
-	.end
-!
-! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-!
-	.inline vis_fmul8x16_dummy,16
-	fmul8x16	%f1,%f4,%f0
-	.end
-!
-! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmul8x16au,8
-	fmul8x16au	%f1,%f3,%f0
-	.end
-!
-! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmul8x16al,8
-	fmul8x16al	%f1,%f3,%f0
-	.end
-!
-! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fmul8sux16,16
-	fmul8sux16	%f0,%f2,%f0
-	.end
-!
-! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fmul8ulx16,16
-	fmul8ulx16	%f0,%f2,%f0
-	.end
-!
-! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmuld8sux16,8
-	fmuld8sux16	%f1,%f3,%f0
-	.end
-!
-! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fmuld8ulx16,8
-	fmuld8ulx16	%f1,%f3,%f0
-	.end
-!
-! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpadd16,16
-	fpadd16	%f0,%f2,%f0
-	.end
-!
-! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpadd16s,8
-	fpadd16s	%f1,%f3,%f0
-	.end
-!
-! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpadd32,16
-	fpadd32	%f0,%f2,%f0
-	.end
-!
-! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpadd32s,8
-	fpadd32s	%f1,%f3,%f0
-	.end
-!
-! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpsub16,16
-	fpsub16	%f0,%f2,%f0
-	.end
-!
-! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpsub16s,8
-	fpsub16s	%f1,%f3,%f0
-	.end
-!
-! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpsub32,16
-	fpsub32	%f0,%f2,%f0
-	.end
-!
-! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpsub32s,8
-	fpsub32s	%f1,%f3,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Pixel packing
-!
-! float vis_fpack16(double /*frs2*/);
-!
-	.inline vis_fpack16,8
-	fpack16	%f0,%f0
-	.end
-!
-! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-!
-	.inline vis_fpack16_pair,16
-	fpack16	%f0,%f0
-	fpack16	%f2,%f1
-	.end
-!
-! void vis_st2_fpack16(double, double, double *)
-!
-	.inline vis_st2_fpack16,24
- 	fpack16	%f0,%f0
- 	fpack16	%f2,%f1
- 	st	%f0,[%o2+0]
- 	st	%f1,[%o2+4]
- 	.end
-!
-! void vis_std_fpack16(double, double, double *)
-!
-	.inline vis_std_fpack16,24
-	fpack16	%f0,%f0
-	fpack16	%f2,%f1
-	std	%f0,[%o2]
-	.end
-!
-! void vis_st2_fpackfix(double, double, double *)
-!
-	.inline vis_st2_fpackfix,24
- 	fpackfix %f0,%f0
- 	fpackfix %f2,%f1
- 	st	%f0,[%o2+0]
- 	st	%f1,[%o2+4]
- 	.end
-!
-! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpack16_to_hi,16
-	fpack16	%f2,%f0
-	.end
-
-! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpack16_to_lo,16
-	fpack16	%f2,%f3
-	fmovs	%f3,%f1		/* without this, optimizer goes wrong */
-	.end
-
-!
-! double vis_fpack32(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fpack32,16
-	fpack32	%f0,%f2,%f0
-	.end
-!
-! float vis_fpackfix(double /*frs2*/);
-!
-	.inline vis_fpackfix,8
-	fpackfix	%f0,%f0
-	.end
-!
-! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-!
-	.inline vis_fpackfix_pair,16
-	fpackfix	%f0,%f0
-	fpackfix	%f2,%f1
-	.end
-
-!--------------------------------------------------------------------
-! Motion estimation
-!
-! double vis_pxldist64(double accum /*frd*/, double pxls1 /*frs1*/, 
-!		       double pxls2 /*frs2*/);
-!
-	.inline vis_pxldist64,24
-	pdist	%f2,%f4,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Channel merging
-!
-! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fpmerge,8
-	fpmerge	%f1,%f3,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Pixel expansion
-!
-! double vis_fexpand(float /*frs2*/);
-!
-	.inline vis_fexpand,4
-	fexpand	%f1,%f0
-	.end
-
-! double vis_fexpand_hi(double /*frs2*/);
-!
-	.inline vis_fexpand_hi,8
-	fexpand	%f0,%f0
-	.end
-
-! double vis_fexpand_lo(double /*frs2*/);
-!
-	.inline vis_fexpand_lo,8
-	fexpand	%f1,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Bitwise logical operations
-!
-! double vis_fnor(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fnor,16
-	fnor	%f0,%f2,%f0
-	.end
-!
-! float vis_fnors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fnors,8
-	fnors	%f1,%f3,%f0
-	.end
-!
-! double vis_fandnot(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fandnot,16
-	fandnot1 %f0,%f2,%f0
-	.end
-!
-! float vis_fandnots(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fandnots,8
-	fandnot1s %f1,%f3,%f0
-	.end
-!
-! double vis_fnot(double /*frs1*/);
-!
-	.inline vis_fnot,8
-	fnot1	%f0,%f0
-	.end
-!
-! float vis_fnots(float /*frs1*/);
-!
-	.inline vis_fnots,4
-	fnot1s	%f1,%f0
-	.end
-!
-! double vis_fxor(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fxor,16
-	fxor	%f0,%f2,%f0
-	.end
-!
-! float vis_fxors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fxors,8
-	fxors	%f1,%f3,%f0
-	.end
-!
-! double vis_fnand(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fnand,16
-	fnand	%f0,%f2,%f0
-	.end
-!
-! float vis_fnands(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fnands,8
-	fnands	%f1,%f3,%f0
-	.end
-!
-! double vis_fand(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fand,16
-	fand	%f0,%f2,%f0
-	.end
-!
-! float vis_fands(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fands,8
-	fands	%f1,%f3,%f0
-	.end
-!
-! double vis_fxnor(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fxnor,16
-	fxnor	%f0,%f2,%f0
-	.end
-!
-! float vis_fxnors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fxnors,8
-	fxnors	%f1,%f3,%f0
-	.end
-!
-! double vis_fsrc(double /*frs1*/);
-!
-	.inline vis_fsrc,8
-	fsrc1	%f0,%f0
-	.end
-!
-! float vis_fsrcs(float /*frs1*/);
-!
-	.inline vis_fsrcs,4
-	fsrc1s	%f1,%f0
-	.end
-!
-! double vis_fornot(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_fornot,16
-	fornot1	%f0,%f2,%f0
-	.end
-!
-! float vis_fornots(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fornots,8
-	fornot1s %f1,%f3,%f0
-	.end
-!
-! double vis_for(double /*frs1*/, double /*frs2*/);
-!
-	.inline vis_for,16
-	for	%f0,%f2,%f0
-	.end
-!
-! float vis_fors(float /*frs1*/, float /*frs2*/);
-!
-	.inline vis_fors,8
-	fors	%f1,%f3,%f0
-	.end
-!
-! double vis_fzero(/* void */)
-!
-	.inline	vis_fzero,0
-	fzero	%f0
-	.end
-!
-! float vis_fzeros(/* void */)
-!
-	.inline	vis_fzeros,0
-	fzeros	%f0
-	.end
-!
-! double vis_fone(/* void */)
-!
-	.inline	vis_fone,0
-	fone	%f0
-	.end
-!
-! float vis_fones(/* void */)
-!
-	.inline	vis_fones,0
-	fones	%f0
-	.end
-
-!--------------------------------------------------------------------
-! Partial store instructions
-!
-! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST8P,20
-	stda	%f0,[%o1]%o2,0xc0	! ASI_PST8_P
-	.end
-!
-! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST8PL,20
-	stda	%f0,[%o1]%o2,0xc8	! ASI_PST8_PL
-	.end
-!
-! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
-!
-	.inline vis_stdfa_ASI_PST8P_int_pair,28
-        ld	[%o0],%f4
-        ld	[%o1],%f5
-	stda	%f4,[%o2]%o3,0xc0	! ASI_PST8_P
-	.end
-!
-! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST8S,20
-	stda	%f0,[%o1]%o2,0xc1	! ASI_PST8_S
-	.end
-!
-! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST16P,20
-	stda	%f0,[%o1]%o2,0xc2	! ASI_PST16_P
-	.end
-!
-! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST16S,20
-	stda	%f0,[%o1]%o2,0xc3	! ASI_PST16_S
-	.end
-!
-! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST32P,20
-	stda	%f0,[%o1]%o2,0xc4	! ASI_PST32_P
-	.end
-!
-! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
-!
-	.inline vis_stdfa_ASI_PST32S,20
-	stda	%f0,[%o1]%o2,0xc5	! ASI_PST32_S
-	.end
-
-!--------------------------------------------------------------------
-! Short store instructions
-!
-! vis_stdfa_ASI_FL8P(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8P,16
-	stda	%f0,[%o1]0xd0	! ASI_FL8_P
-	.end
-!
-! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
-!
-	.inline vis_stdfa_ASI_FL8P_index,24
-	stda	%f0,[%o1+%o2]0xd0 ! ASI_FL8_P
-	.end
-!
-! vis_stdfa_ASI_FL8S(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8S,16
-	stda	%f0,[%o1]0xd1	! ASI_FL8_S
-	.end
-!
-! vis_stdfa_ASI_FL16P(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16P,16
-	stda	%f0,[%o1]0xd2	! ASI_FL16_P
-	.end
-!
-! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
-!
-	.inline vis_stdfa_ASI_FL16P_index,24
-	stda	%f0,[%o1+%o2]0xd2 ! ASI_FL16_P
-	.end
-!
-! vis_stdfa_ASI_FL16S(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16S,16
-	stda	%f0,[%o1]0xd3	! ASI_FL16_S
-	.end
-!
-! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8PL,16
-	stda	%f0,[%o1]0xd8	! ASI_FL8_PL
-	.end
-!
-! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL8SL,16
-	stda	%f0,[%o1]0xd9	! ASI_FL8_SL
-	.end
-!
-! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16PL,16
-	stda	%f0,[%o1]0xda	! ASI_FL16_PL
-	.end
-!
-! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_FL16SL,16
-	stda	%f0,[%o1]0xdb	! ASI_FL16_SL
-	.end
-
-!--------------------------------------------------------------------
-! Short load instructions
-!
-! double vis_lddfa_ASI_FL8P(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8P,8
-	ldda	[%o0]0xd0,%f4	! ASI_FL8_P
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL8P_index,16
-	ldda	[%o0+%o1]0xd0,%f4
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
-!
-	.inline vis_lddfa_ASI_FL8P_hi,12
-	sra     %o1,16,%o1
-	ldda	[%o0+%o1]0xd0,%f4
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
-!
-	.inline vis_lddfa_ASI_FL8P_lo,12
-	sll     %o1,16,%o1
-	sra     %o1,16,%o1
-	ldda	[%o0+%o1]0xd0,%f4
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8S(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8S,8
-	ldda	[%o0]0xd1,%f4	! ASI_FL8_S
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16P(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16P,8
-	ldda	[%o0]0xd2,%f4	! ASI_FL16_P
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL16P_index,16
-	ldda	[%o0+%o1]0xd2,%f4 ! ASI_FL16_P
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16S(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16S,8
-	ldda	[%o0]0xd3,%f4	! ASI_FL16_S
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8PL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8PL,8
-	ldda	[%o0]0xd8,%f4	! ASI_FL8_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL8PL_index,16
-	ldda	[%o0+%o1]0xd8,%f4	! ASI_FL8_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL8SL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL8SL,8
-	ldda	[%o0]0xd9,%f4	! ASI_FL8_SL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16PL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16PL,8
-	ldda	[%o0]0xda,%f4	! ASI_FL16_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
-!
-	.inline vis_lddfa_ASI_FL16PL_index,16
-	ldda	[%o0+%o1]0xda,%f4	! ASI_FL16_PL
-	fmovd	%f4,%f0
-	.end
-!
-! double vis_lddfa_ASI_FL16SL(void *rs1)
-!
-	.inline vis_lddfa_ASI_FL16SL,8
-	ldda	[%o0]0xdb,%f4	! ASI_FL16_SL
-	fmovd	%f4,%f0
-	.end
-
-!--------------------------------------------------------------------
-! Graphics status register
-!
-! unsigned int vis_read_gsr(void)
-!
-	.inline vis_read_gsr,0
-	rd	%gsr,%o0
-	.end
-!
-! void vis_write_gsr(unsigned int /* GSR */)
-!
-	.inline vis_write_gsr,4
-	wr	%g0,%o0,%gsr
-	.end
-
-!--------------------------------------------------------------------
-! Voxel texture mapping
-!
-! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
-!
-	.inline	vis_array8,12
-	array8	%o0,%o1,%o0
-	.end
-!
-! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
-!
-	.inline	vis_array16,12
-	array16	%o0,%o1,%o0
-	.end
-!
-! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
-!
-	.inline	vis_array32,12
-	array32	%o0,%o1,%o0
-	.end
-
-!--------------------------------------------------------------------
-! Register aliasing and type casts
-!
-! float vis_read_hi(double /* frs1 */);
-!
-	.inline vis_read_hi,8
-	fmovs	%f0,%f0
-	.end
-!
-! float vis_read_lo(double /* frs1 */);
-!
-	.inline vis_read_lo,8
-	fmovs	%f1,%f0		! %f0 = low word (frs1); return %f0;
-	.end
-!
-! double vis_write_hi(double /* frs1 */, float /* frs2 */);
-!
-	.inline vis_write_hi,12
-	fmovs	%f3,%f0		! %f3 = float frs2; return %f0:f1;
-	.end
-!
-! double vis_write_lo(double /* frs1 */, float /* frs2 */);
-!
-	.inline vis_write_lo,12
-	fmovs	%f3,%f1		! %f3 = float frs2; return %f0:f1;
-	.end
-!
-! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
-!
-	.inline vis_freg_pair,8
-	fmovs	%f1,%f0		! %f1 = float frs1; put in hi;
-	fmovs	%f3,%f1		! %f3 = float frs2; put in lo; return %f0:f1;
-	.end
-!
-! float vis_to_float(unsigned int /*value*/);
-!
-	.inline vis_to_float,4
-	st	%o0,[%sp+2183]
-	ld	[%sp+2183],%f0
-	.end
-!
-! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-!
-	.inline vis_to_double,8
-	st	%o0,[%sp+2183]
-	ld	[%sp+2183],%f0
-	st	%o1,[%sp+2183]
-	ld	[%sp+2183],%f1
-	.end
-!
-! double vis_to_double_dup(unsigned int /*value*/);
-!
-	.inline vis_to_double_dup,4
-	st	%o0,[%sp+2183]
-	ld	[%sp+2183],%f1
-	fmovs	%f1,%f0		! duplicate value
-	.end
-!
-! double vis_ll_to_double(unsigned long long /*value*/);
-!
-	.inline vis_ll_to_double,8
-	stx     %o0,[%sp+2183]
-	ldd     [%sp+2183],%f0
-        .end
-
-!--------------------------------------------------------------------
-! Address space identifier (ASI) register
-!
-! unsigned int vis_read_asi(void)
-!
-	.inline vis_read_asi,0
-	rd	%asi,%o0
-	.end
-!
-! void vis_write_asi(unsigned int /* ASI */)
-!
-	.inline vis_write_asi,4
-	wr	%g0,%o0,%asi
-	.end
-
-!--------------------------------------------------------------------
-! Load/store from/into alternate space
-!
-! float vis_ldfa_ASI_REG(void *rs1)
-!
-	.inline vis_ldfa_ASI_REG,8
-	lda	[%o0+0]%asi,%f4
-	fmovs	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! float vis_ldfa_ASI_P(void *rs1)
-!
-	.inline vis_ldfa_ASI_P,8
-	lda	[%o0]0x80,%f4	! ASI_P
-	fmovs	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! float vis_ldfa_ASI_PL(void *rs1)
-!
-	.inline vis_ldfa_ASI_PL,8
-	lda	[%o0]0x88,%f4	! ASI_PL
-	fmovs	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_REG(void *rs1)
-!
-	.inline vis_lddfa_ASI_REG,8
-	ldda	[%o0+0]%asi,%f4
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_P(void *rs1)
-!
-	.inline vis_lddfa_ASI_P,8
-	ldda	[%o0]0x80,%f4	! ASI_P
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! double vis_lddfa_ASI_PL(void *rs1)
-!
-	.inline vis_lddfa_ASI_PL,8
-	ldda	[%o0]0x88,%f4	! ASI_PL
-	fmovd	%f4,%f0	        ! Compiler can clean this up
-	.end
-!
-! vis_stfa_ASI_REG(float frs, void *rs1)
-!
-	.inline vis_stfa_ASI_REG,12
-	sta	%f1,[%o1+0]%asi
-	.end
-!
-! vis_stfa_ASI_P(float frs, void *rs1)
-!
-	.inline vis_stfa_ASI_P,12
-	sta	%f1,[%o1]0x80	! ASI_P
-	.end
-!
-! vis_stfa_ASI_PL(float frs, void *rs1)
-!
-	.inline vis_stfa_ASI_PL,12
-	sta	%f1,[%o1]0x88	! ASI_PL
-	.end
-!
-! vis_stdfa_ASI_REG(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_REG,16
-	stda	%f0,[%o1+0]%asi
-	.end
-!
-! vis_stdfa_ASI_P(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_P,16
-	stda	%f0,[%o1]0x80	! ASI_P
-	.end
-!
-! vis_stdfa_ASI_PL(double frd, void *rs1)
-!
-	.inline vis_stdfa_ASI_PL,16
-	stda	%f0,[%o1]0x88	! ASI_PL
-	.end
-!
-! unsigned short vis_lduha_ASI_REG(void *rs1)
-!
-	.inline vis_lduha_ASI_REG,8
-	lduha	[%o0+0]%asi,%o0
-	.end
-!
-! unsigned short vis_lduha_ASI_P(void *rs1)
-!
-	.inline vis_lduha_ASI_P,8
-	lduha	[%o0]0x80,%o0	! ASI_P
-	.end
-!
-! unsigned short vis_lduha_ASI_PL(void *rs1)
-!
-	.inline vis_lduha_ASI_PL,8
-	lduha	[%o0]0x88,%o0	! ASI_PL
-	.end
-!
-! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
-!
-	.inline vis_lduha_ASI_P_index,16
-	lduha	[%o0+%o1]0x80,%o0	! ASI_P
-	.end
-!
-! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
-!
-	.inline vis_lduha_ASI_PL_index,16
-	lduha	[%o0+%o1]0x88,%o0	! ASI_PL
-	.end
-
-!--------------------------------------------------------------------
-! Prefetch
-!
-! void vis_prefetch_read(void * /*address*/);
-!
-	.inline vis_prefetch_read,8
-	prefetch	[%o0+0],0
-	.end
-!
-! void vis_prefetch_write(void * /*address*/);
-!
-	.inline vis_prefetch_write,8
-	prefetch	[%o0+0],2
-	.end
diff --git a/security/nss/lib/freebl/mpi/vis_proto.h b/security/nss/lib/freebl/mpi/vis_proto.h
deleted file mode 100644
index 44192ad53..000000000
--- a/security/nss/lib/freebl/mpi/vis_proto.h
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is prototypes for vis.il  (vis_proto.h 1.3)
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are 
- * Copyright (C) 1995, 1997 Sun Microsystems Inc. All Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-
-/*
- * Prototypes for the inline templates in vis.il
- */
-
-#ifndef VIS_PROTO_H
-#define VIS_PROTO_H
-
-#pragma ident	"@(#)vis_proto.h	1.3	97/03/30 SMI"
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-/* Pure edge handling instructions */
-int vis_edge8(void * /*frs1*/, void * /*frs2*/);
-int vis_edge8l(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16l(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32l(void * /*frs1*/, void * /*frs2*/);
-
-/* Edge handling instructions with negative return values if cc set. */
-int vis_edge8cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge8lcc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16lcc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32lcc(void * /*frs1*/, void * /*frs2*/);
-
-/* Alignment instructions. */
-void *vis_alignaddr(void * /*rs1*/, int /*rs2*/);
-void *vis_alignaddrl(void * /*rs1*/, int /*rs2*/);
-double vis_faligndata(double /*frs1*/, double /*frs2*/);
-
-/* Partitioned comparison instructions. */
-int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-
-/* Partitioned multiplication. */
-#if 0
-double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-#endif
-double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-
-/* Partitioned addition & subtraction. */
-double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-
-/* Pixel packing & clamping. */
-float vis_fpack16(double /*frs2*/);
-double vis_fpack32(double /*frs1*/, double /*frs2*/);
-float vis_fpackfix(double /*frs2*/);
-
-/* Combined pack ops. */
-double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-void vis_st2_fpack16(double, double, double *);
-void vis_std_fpack16(double, double, double *);
-void vis_st2_fpackfix(double, double, double *);
-
-double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-
-/* Motion estimation. */
-double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
-
-/* Channel merging. */
-double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-
-/* Pixel expansion. */
-double vis_fexpand(float /*frs2*/);
-double vis_fexpand_hi(double /*frs2*/);
-double vis_fexpand_lo(double /*frs2*/);
-
-/* Bitwise logical operators. */
-double vis_fnor(double /*frs1*/, double /*frs2*/);
-float vis_fnors(float /*frs1*/, float /*frs2*/);
-double vis_fandnot(double /*frs1*/, double /*frs2*/);
-float vis_fandnots(float /*frs1*/, float /*frs2*/);
-double vis_fnot(double /*frs1*/);
-float vis_fnots(float /*frs1*/);
-double vis_fxor(double /*frs1*/, double /*frs2*/);
-float vis_fxors(float /*frs1*/, float /*frs2*/);
-double vis_fnand(double /*frs1*/, double /*frs2*/);
-float vis_fnands(float /*frs1*/, float /*frs2*/);
-double vis_fand(double /*frs1*/, double /*frs2*/);
-float vis_fands(float /*frs1*/, float /*frs2*/);
-double vis_fxnor(double /*frs1*/, double /*frs2*/);
-float vis_fxnors(float /*frs1*/, float /*frs2*/);
-double vis_fsrc(double /*frs1*/);
-float vis_fsrcs(float /*frs1*/);
-double vis_fornot(double /*frs1*/, double /*frs2*/);
-float vis_fornots(float /*frs1*/, float /*frs2*/);
-double vis_for(double /*frs1*/, double /*frs2*/);
-float vis_fors(float /*frs1*/, float /*frs2*/);
-double vis_fzero(void);
-float vis_fzeros(void);
-double vis_fone(void);
-float vis_fones(void);
-
-/* Partial stores. */
-void vis_stdfa_ASI_PST8P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8PL(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8P_int_pair(void * /*rs1*/, void * /*rs2*/,
-                                  void * /*rs3*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST16P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST16S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST32P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST32S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-
-/* Byte & short stores. */
-void vis_stdfa_ASI_FL8P(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
-void vis_stdfa_ASI_FL8S(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16P(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
-void vis_stdfa_ASI_FL16S(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8PL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8SL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16PL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16SL(double /*frd*/, void * /*rs1*/);
-
-/* Byte & short loads. */
-double vis_lddfa_ASI_FL8P(void * /*rs1*/);
-double vis_lddfa_ASI_FL8P_index(void * /*rs1*/, long /*index*/);
-double vis_lddfa_ASI_FL8P_hi(void * /*rs1*/, unsigned int /*index*/);
-double vis_lddfa_ASI_FL8P_lo(void * /*rs1*/, unsigned int /*index*/);
-double vis_lddfa_ASI_FL8S(void * /*rs1*/);
-double vis_lddfa_ASI_FL16P(void * /*rs1*/);
-double vis_lddfa_ASI_FL16P_index(void * /*rs1*/, long /*index*/);
-double vis_lddfa_ASI_FL16S(void * /*rs1*/);
-double vis_lddfa_ASI_FL8PL(void * /*rs1*/);
-double vis_lddfa_ASI_FL8SL(void * /*rs1*/);
-double vis_lddfa_ASI_FL16PL(void * /*rs1*/);
-double vis_lddfa_ASI_FL16SL(void * /*rs1*/);
-
-/* Direct write to GSR, read from GSR */
-void vis_write_gsr(unsigned int /*GSR*/);
-unsigned int vis_read_gsr(void);
-
-/* Voxel texture mapping. */
-#if !defined(_NO_LONGLONG)
-unsigned long vis_array8(unsigned long long /*rs1*/, int /*rs2*/);
-unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/);
-unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/);
-#endif /* !defined(_NO_LONGLONG) */
-
-/* Register aliasing and type casts. */
-float vis_read_hi(double /*frs1*/);
-float vis_read_lo(double /*frs1*/);
-double vis_write_hi(double /*frs1*/, float /*frs2*/);
-double vis_write_lo(double /*frs1*/, float /*frs2*/);
-double vis_freg_pair(float /*frs1*/, float /*frs2*/);
-float vis_to_float(unsigned int /*value*/);
-double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-double vis_to_double_dup(unsigned int /*value*/);
-#if !defined(_NO_LONGLONG)
-double vis_ll_to_double(unsigned long long /*value*/);
-#endif /* !defined(_NO_LONGLONG) */
-
-/* Miscellany (no inlines) */
-void vis_error(char * /*fmt*/, int /*a0*/);
-void vis_sim_init(void);
-
-/* For better performance */
-#define vis_fmul8x16(farg,darg) vis_fmul8x16_dummy((farg),0,(darg))
-
-/* Nicknames for explicit ASI loads and stores. */
-#define vis_st_u8      vis_stdfa_ASI_FL8P
-#define vis_st_u8_i    vis_stdfa_ASI_FL8P_index
-#define vis_st_u8_le   vis_stdfa_ASI_FL8PL
-#define vis_st_u16     vis_stdfa_ASI_FL16P
-#define vis_st_u16_i   vis_stdfa_ASI_FL16P_index
-#define vis_st_u16_le  vis_stdfa_ASI_FL16PL
-
-#define vis_ld_u8      vis_lddfa_ASI_FL8P
-#define vis_ld_u8_i    vis_lddfa_ASI_FL8P_index
-#define vis_ld_u8_le   vis_lddfa_ASI_FL8PL
-#define vis_ld_u16     vis_lddfa_ASI_FL16P
-#define vis_ld_u16_i   vis_lddfa_ASI_FL16P_index
-#define vis_ld_u16_le  vis_lddfa_ASI_FL16PL
-
-#define vis_pst_8      vis_stdfa_ASI_PST8P
-#define vis_pst_16     vis_stdfa_ASI_PST16P
-#define vis_pst_32     vis_stdfa_ASI_PST32P
-
-#define vis_st_u8s     vis_stdfa_ASI_FL8S
-#define vis_st_u8s_le  vis_stdfa_ASI_FL8SL
-#define vis_st_u16s    vis_stdfa_ASI_FL16S
-#define vis_st_u16s_le vis_stdfa_ASI_FL16SL
-
-#define vis_ld_u8s     vis_lddfa_ASI_FL8S
-#define vis_ld_u8s_le  vis_lddfa_ASI_FL8SL
-#define vis_ld_u16s    vis_lddfa_ASI_FL16S
-#define vis_ld_u16s_le vis_lddfa_ASI_FL16SL
-
-#define vis_pst_8s     vis_stdfa_ASI_PST8S
-#define vis_pst_16s    vis_stdfa_ASI_PST16S
-#define vis_pst_32s    vis_stdfa_ASI_PST32S
-
-/* "<" and ">=" may be implemented in terms of ">" and "<=". */
-#define vis_fcmplt16(a,b) vis_fcmpgt16((b),(a))
-#define vis_fcmplt32(a,b) vis_fcmpgt32((b),(a))
-#define vis_fcmpge16(a,b) vis_fcmple16((b),(a))
-#define vis_fcmpge32(a,b) vis_fcmple32((b),(a))
-
-#ifdef __cplusplus
-} // End of extern "C"
-#endif /* __cplusplus */
-
-#endif /* VIS_PROTO_H */
diff --git a/security/nss/lib/freebl/os2_rand.c b/security/nss/lib/freebl/os2_rand.c
deleted file mode 100644
index 7eede8883..000000000
--- a/security/nss/lib/freebl/os2_rand.c
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define INCL_DOS
-#define INCL_DOSERRORS
-#include <os2.h>
-#include <secrng.h>
-#include <stdlib.h>
-#include <time.h>
-#include <stdio.h>
-#include <sys/stat.h>
-
-static BOOL clockTickTime(unsigned long *phigh, unsigned long *plow)
-{
-    APIRET rc = NO_ERROR;
-    QWORD qword = {0,0};
-
-    rc = DosTmrQueryTime(&qword);
-    if (rc != NO_ERROR)
-       return FALSE;
-
-    *phigh = qword.ulHi;
-    *plow  = qword.ulLo;
-
-    return TRUE;
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbuf)
-{
-    unsigned long high = 0;
-    unsigned long low  = 0;
-    clock_t val = 0;
-    int n = 0;
-    int nBytes = 0;
-    time_t sTime;
-
-    if (maxbuf <= 0)
-       return 0;
-
-    clockTickTime(&high, &low);
-
-    /* get the maximally changing bits first */
-    nBytes = sizeof(low) > maxbuf ? maxbuf : sizeof(low);
-    memcpy(buf, &low, nBytes);
-    n += nBytes;
-    maxbuf -= nBytes;
-
-    if (maxbuf <= 0)
-       return n;
-
-    nBytes = sizeof(high) > maxbuf ? maxbuf : sizeof(high);
-    memcpy(((char *)buf) + n, &high, nBytes);
-    n += nBytes;
-    maxbuf -= nBytes;
-
-    if (maxbuf <= 0)
-       return n;
-
-    /* get the number of milliseconds that have elapsed since application started */
-    val = clock();
-
-    nBytes = sizeof(val) > maxbuf ? maxbuf : sizeof(val);
-    memcpy(((char *)buf) + n, &val, nBytes);
-    n += nBytes;
-    maxbuf -= nBytes;
-
-    if (maxbuf <= 0)
-       return n;
-
-    /* get the time in seconds since midnight Jan 1, 1970 */
-    time(&sTime);
-    nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
-    memcpy(((char *)buf) + n, &sTime, nBytes);
-    n += nBytes;
-
-    return n;
-}
-
-static BOOL
-EnumSystemFiles(void (*func)(const char *))
-{
-    APIRET              rc;
-    ULONG               sysInfo = 0;
-    char                bootLetter[2];
-    char                sysDir[_MAX_PATH] = "";
-    char                filename[_MAX_PATH];
-    HDIR                hdir = HDIR_CREATE;
-    ULONG               numFiles = 1;
-    FILEFINDBUF3        fileBuf = {0};
-    ULONG               buflen = sizeof(FILEFINDBUF3);
-
-    if (DosQuerySysInfo(QSV_BOOT_DRIVE, QSV_BOOT_DRIVE, (PVOID)&sysInfo,
-                        sizeof(ULONG)) == NO_ERROR)
-    {
-      bootLetter[0] = sysInfo + 'A' -1;
-      strcpy(sysDir, bootLetter);
-      strcpy(sysDir+1, ":\\OS2\\");
-
-      strcpy( filename, sysDir );
-      strcat( filename, "*.*" );
-    }
-
-    rc =DosFindFirst( filename, &hdir, FILE_NORMAL, &fileBuf, buflen,
-                      &numFiles, FIL_STANDARD );
-    if( rc == NO_ERROR )
-    {
-      do {
-        // pass the full pathname to the callback
-        sprintf( filename, "%s\\%s", sysDir, fileBuf.achName );
-        (*func)(filename);
-
-        numFiles = 1;
-        rc = DosFindNext( hdir, &fileBuf, buflen, &numFiles );
-        if( rc != NO_ERROR && rc != ERROR_NO_MORE_FILES )
-          printf( "DosFindNext errod code = %d\n", rc );
-      } while ( rc == NO_ERROR );
-
-      rc = DosFindClose(hdir);
-      if( rc != NO_ERROR )
-        printf( "DosFindClose error code = %d", rc );
-    }
-    else
-      printf( "DosFindFirst error code = %d", rc );
-
-    return TRUE;
-}
-
-static int    dwNumFiles, dwReadEvery;
-
-static void
-CountFiles(const char *file)
-{
-    dwNumFiles++;
-}
-
-static void
-ReadFiles(const char *file)
-{
-    if ((dwNumFiles % dwReadEvery) == 0)
-        RNG_FileForRNG(file);
-
-    dwNumFiles++;
-}
-
-static void
-ReadSystemFiles()
-{
-    // first count the number of files
-    dwNumFiles = 0;
-    if (!EnumSystemFiles(CountFiles))
-        return;
-
-    RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
-
-    // now read 10 files
-    if (dwNumFiles == 0)
-        return;
-
-    dwReadEvery = dwNumFiles / 10;
-    if (dwReadEvery == 0)
-        dwReadEvery = 1;  // less than 10 files
-
-    dwNumFiles = 0;
-    EnumSystemFiles(ReadFiles);
-}
-
-void RNG_SystemInfoForRNG(void)
-{
-   unsigned long *plong = 0;
-   PTIB ptib;
-   PPIB ppib;
-   APIRET rc = NO_ERROR;
-   DATETIME dt;
-   COUNTRYCODE cc = {0};
-   COUNTRYINFO ci = {0};
-   unsigned long actual = 0;
-   char path[_MAX_PATH]="";
-   char fullpath[_MAX_PATH]="";
-   unsigned long pathlength = sizeof(path);
-   FSALLOCATE fsallocate;
-   FILESTATUS3 fstatus;
-   unsigned long defaultdrive = 0;
-   unsigned long logicaldrives = 0;
-   unsigned long sysInfo[QSV_MAX] = {0};
-   char buffer[20];
-   int nBytes = 0;
-
-   nBytes = RNG_GetNoise(buffer, sizeof(buffer));
-   RNG_RandomUpdate(buffer, nBytes);
-   
-   /* allocate memory and use address and memory */
-   plong = (unsigned long *)malloc(sizeof(*plong));
-   RNG_RandomUpdate(&plong, sizeof(plong));
-   RNG_RandomUpdate(plong, sizeof(*plong));
-   free(plong);
-
-   /* process info */
-   rc = DosGetInfoBlocks(&ptib, &ppib);
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(ptib, sizeof(*ptib));
-      RNG_RandomUpdate(ppib, sizeof(*ppib));
-   }
-
-   /* time */
-   rc = DosGetDateTime(&dt);
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(&dt, sizeof(dt));
-   }
-
-   /* country */
-   rc = DosQueryCtryInfo(sizeof(ci), &cc, &ci, &actual);
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(&cc, sizeof(cc));
-      RNG_RandomUpdate(&ci, sizeof(ci));
-      RNG_RandomUpdate(&actual, sizeof(actual));
-   }
-
-   /* current directory */
-   rc = DosQueryCurrentDir(0, path, &pathlength);
-   strcat(fullpath, "\\");
-   strcat(fullpath, path);
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(fullpath, strlen(fullpath));
-      // path info
-      rc = DosQueryPathInfo(fullpath, FIL_STANDARD, &fstatus, sizeof(fstatus));
-      if (rc == NO_ERROR)
-      {
-         RNG_RandomUpdate(&fstatus, sizeof(fstatus));
-      }
-   }
-
-   /* file system info */
-   rc = DosQueryFSInfo(0, FSIL_ALLOC, &fsallocate, sizeof(fsallocate));
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(&fsallocate, sizeof(fsallocate));
-   }
-
-   /* drive info */
-   rc = DosQueryCurrentDisk(&defaultdrive, &logicaldrives);
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(&defaultdrive, sizeof(defaultdrive));
-      RNG_RandomUpdate(&logicaldrives, sizeof(logicaldrives));
-   }
-
-   /* system info */
-   rc = DosQuerySysInfo(1L, QSV_MAX, (PVOID)&sysInfo, sizeof(ULONG)*QSV_MAX);
-   if (rc == NO_ERROR)
-   {
-      RNG_RandomUpdate(&sysInfo, sizeof(sysInfo));
-   }
-
-   // now let's do some files
-   ReadSystemFiles();
-
-   /* more noise */
-   nBytes = RNG_GetNoise(buffer, sizeof(buffer));
-   RNG_RandomUpdate(buffer, nBytes);
-}
-
-void RNG_FileForRNG(const char *filename)
-{
-    struct stat stat_buf;
-    unsigned char buffer[1024];
-    FILE *file = 0;
-    int nBytes = 0;
-    static int totalFileBytes = 0;
-    
-    if (stat((char *)filename, &stat_buf) < 0)
-       return;
-
-    RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
-    
-    file = fopen((char *)filename, "r");
-    if (file != NULL)
-    {
-       for (;;)
-       {
-           size_t bytes = fread(buffer, 1, sizeof(buffer), file);
-
-           if (bytes == 0)
-              break;
-
-           RNG_RandomUpdate(buffer, bytes);
-           totalFileBytes += bytes;
-           if (totalFileBytes > 250000)
-              break;
-       }
-       fclose(file);
-    }
-
-    nBytes = RNG_GetNoise(buffer, 20); 
-    RNG_RandomUpdate(buffer, nBytes);
-}
diff --git a/security/nss/lib/freebl/pqg.c b/security/nss/lib/freebl/pqg.c
deleted file mode 100644
index dca53e93d..000000000
--- a/security/nss/lib/freebl/pqg.c
+++ /dev/null
@@ -1,667 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PQG parameter generation/verification.  Based on FIPS 186-1.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-#include "secitem.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include "secmpi.h"
-
-#define MAX_ITERATIONS 600  /* Maximum number of iterations of primegen */
-#define PQG_Q_PRIMALITY_TESTS 18 /* from HAC table 4.4 */
-#define PQG_P_PRIMALITY_TESTS 5  /* from HAC table 4.4 */
-
- /* XXX to be replaced by define in blapit.h */
-#define BITS_IN_Q 160
-
-/* For FIPS-compliance testing.
-** The following array holds the seed defined in FIPS 186-1 appendix 5.
-** This seed is used to generate P and Q according to appendix 2; use of
-** this seed will exactly generate the PQG specified in appendix 2.
-*/
-#ifdef FIPS_186_1_A5_TEST
-static const unsigned char fips_186_1_a5_pqseed[] = {
-    0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8,
-    0xb6, 0x21, 0x1b, 0x40, 0x62, 0xba, 0x32, 0x24,
-    0xe0, 0x42, 0x7d, 0xd3
-};
-#endif
-
-/* Get a seed for generating P and Q.  If in testing mode, copy in the
-** seed from FIPS 186-1 appendix 5.  Otherwise, obtain bytes from the
-** global random number generator.
-*/
-static SECStatus
-getPQseed(SECItem *seed)
-{
-    if (seed->data) {
-        PORT_Free(seed->data);
-        seed->data = NULL;
-    }
-    seed->data = (unsigned char*)PORT_ZAlloc(seed->len);
-    if (!seed->data) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-#ifdef FIPS_186_1_A5_TEST
-    memcpy(seed->data, fips_186_1_a5_pqseed, seed->len);
-    return SECSuccess;
-#else
-    return RNG_GenerateGlobalRandomBytes(seed->data, seed->len);
-#endif
-}
-
-/* Generate a candidate h value.  If in testing mode, use the h value
-** specified in FIPS 186-1 appendix 5, h = 2.  Otherwise, obtain bytes
-** from the global random number generator.
-*/
-static SECStatus
-generate_h_candidate(SECItem *hit, mp_int *H)
-{
-    SECStatus rv = SECSuccess;
-    mp_err   err = MP_OKAY;
-#ifdef FIPS_186_1_A5_TEST
-    memset(hit->data, 0, hit->len);
-    hit->data[hit->len-1] = 0x02;
-#else
-    rv = RNG_GenerateGlobalRandomBytes(hit->data, hit->len);
-#endif
-    if (rv)
-	return SECFailure;
-    err = mp_read_unsigned_octets(H, hit->data, hit->len);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* Compute SHA[(SEED + addend) mod 2**g]
-** Result is placed in shaOutBuf.
-** This computation is used in steps 2 and 7 of FIPS 186 Appendix 2.2 .
-*/
-static SECStatus
-addToSeedThenSHA(const SECItem * seed,
-                 unsigned long   addend,
-                 int             g,
-                 unsigned char * shaOutBuf)
-{
-    SECItem str = { 0, 0, 0 };
-    mp_int s, sum, modulus, tmp;
-    mp_err    err = MP_OKAY;
-    SECStatus rv  = SECSuccess;
-    MP_DIGITS(&s)       = 0;
-    MP_DIGITS(&sum)     = 0;
-    MP_DIGITS(&modulus) = 0;
-    MP_DIGITS(&tmp)     = 0;
-    CHECK_MPI_OK( mp_init(&s) );
-    CHECK_MPI_OK( mp_init(&sum) );
-    CHECK_MPI_OK( mp_init(&modulus) );
-    SECITEM_TO_MPINT(*seed, &s); /* s = seed */
-    /* seed += addend */
-    if (addend < MP_DIGIT_MAX) {
-	CHECK_MPI_OK( mp_add_d(&s, (mp_digit)addend, &s) );
-    } else {
-	CHECK_MPI_OK( mp_init(&tmp) );
-	CHECK_MPI_OK( mp_set_ulong(&tmp, addend) );
-	CHECK_MPI_OK( mp_add(&s, &tmp, &s) );
-    }
-    CHECK_MPI_OK( mp_div_2d(&s, (mp_digit)g, NULL, &sum) );/*sum = s mod 2**g */
-    MPINT_TO_SECITEM(&sum, &str, NULL);
-    rv = SHA1_HashBuf(shaOutBuf, str.data, str.len); /* SHA1 hash result */
-cleanup:
-    mp_clear(&s);
-    mp_clear(&sum);
-    mp_clear(&modulus);
-    mp_clear(&tmp);
-    if (str.data)
-	SECITEM_ZfreeItem(&str, PR_FALSE);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	return SECFailure;
-    }
-    return rv;
-}
-
-/*
-**  Perform steps 2 and 3 of FIPS 186, appendix 2.2.
-**  Generate Q from seed.
-*/
-static SECStatus
-makeQfromSeed(
-      unsigned int  g,          /* input.  Length of seed in bits. */
-const SECItem   *   seed,       /* input.  */
-      mp_int    *   Q)          /* output. */
-{
-    unsigned char sha1[SHA1_LENGTH];
-    unsigned char sha2[SHA1_LENGTH];
-    unsigned char U[SHA1_LENGTH];
-    SECStatus rv  = SECSuccess;
-    mp_err    err = MP_OKAY;
-    int i;
-    /* ******************************************************************
-    ** Step 2.
-    ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
-    **/
-    CHECK_SEC_OK( SHA1_HashBuf(sha1, seed->data, seed->len) );
-    CHECK_SEC_OK( addToSeedThenSHA(seed, 1, g, sha2) );
-    for (i=0; i<SHA1_LENGTH; ++i) 
-	U[i] = sha1[i] ^ sha2[i];
-    /* ******************************************************************
-    ** Step 3.
-    ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
-    **  and the least signficant bit to 1.  In terms of boolean operations,
-    **  Q = U OR 2**159 OR 1.  Note that 2**159 < Q < 2**160."
-    */
-    U[0]             |= 0x80;  /* U is MSB first */
-    U[SHA1_LENGTH-1] |= 0x01;
-    err = mp_read_unsigned_octets(Q, U, SHA1_LENGTH);
-cleanup:
-     memset(U, 0, SHA1_LENGTH);
-     memset(sha1, 0, SHA1_LENGTH);
-     memset(sha2, 0, SHA1_LENGTH);
-     if (err) {
-	MP_TO_SEC_ERROR(err);
-	return SECFailure;
-     }
-     return rv;
-}
-
-/*  Perform steps 7, 8 and 9 of FIPS 186, appendix 2.2.
-**  Generate P from Q, seed, L, and offset.
-*/
-static SECStatus
-makePfromQandSeed(
-      unsigned int  L,          /* Length of P in bits.  Per FIPS 186. */
-      unsigned int  offset,     /* Per FIPS 186, appendix 2.2. */
-      unsigned int  g,          /* input.  Length of seed in bits. */
-const SECItem   *   seed,       /* input.  */
-const mp_int    *   Q,          /* input.  */
-      mp_int    *   P)          /* output. */
-{
-    unsigned int  k;            /* Per FIPS 186, appendix 2.2. */
-    unsigned int  n;            /* Per FIPS 186, appendix 2.2. */
-    mp_digit      b;            /* Per FIPS 186, appendix 2.2. */
-    unsigned char V_k[SHA1_LENGTH];
-    mp_int        W, X, c, twoQ, V_n, tmp;
-    mp_err    err = MP_OKAY;
-    SECStatus rv  = SECSuccess;
-    /* Initialize bignums */
-    MP_DIGITS(&W)     = 0;
-    MP_DIGITS(&X)     = 0;
-    MP_DIGITS(&c)     = 0;
-    MP_DIGITS(&twoQ)  = 0;
-    MP_DIGITS(&V_n)   = 0;
-    MP_DIGITS(&tmp)   = 0;
-    CHECK_MPI_OK( mp_init(&W)    );
-    CHECK_MPI_OK( mp_init(&X)    );
-    CHECK_MPI_OK( mp_init(&c)    );
-    CHECK_MPI_OK( mp_init(&twoQ) );
-    CHECK_MPI_OK( mp_init(&tmp)  );
-    CHECK_MPI_OK( mp_init(&V_n)  );
-    /* L - 1 = n*160 + b */
-    n = (L - 1) / BITS_IN_Q;
-    b = (L - 1) % BITS_IN_Q;
-    /* ******************************************************************
-    ** Step 7.
-    **  "for k = 0 ... n let
-    **           V_k = SHA[(SEED + offset + k) mod 2**g]."
-    **
-    ** Step 8.
-    **  "Let W be the integer 
-    **    W = V_0 + (V_1 * 2**160) + ... + (V_n-1 * 2**((n-1)*160)) 
-    **         + ((V_n mod 2**b) * 2**(n*160))
-    */
-    for (k=0; k<n; ++k) { /* Do the first n terms of V_k */
-	/* Do step 7 for iteration k.
-	** V_k = SHA[(seed + offset + k) mod 2**g]
-	*/
-	CHECK_SEC_OK( addToSeedThenSHA(seed, offset + k, g, V_k) );
-	/* Do step 8 for iteration k.
-	** W += V_k * 2**(k*160)
-	*/
-	OCTETS_TO_MPINT(V_k, &tmp, SHA1_LENGTH);      /* get bignum V_k     */
-	CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, k*160) );   /* tmp = V_k << k*160 */
-	CHECK_MPI_OK( mp_add(&W, &tmp, &W) );         /* W += tmp           */
-    }
-    /* Step 8, continued.
-    **   [W += ((V_n mod 2**b) * 2**(n*160))] 
-    */
-    CHECK_SEC_OK( addToSeedThenSHA(seed, offset + n, g, V_k) );
-    OCTETS_TO_MPINT(V_k, &V_n, SHA1_LENGTH);          /* get bignum V_n     */
-    CHECK_MPI_OK( mp_div_2d(&V_n, b, NULL, &tmp) );   /* tmp = V_n mod 2**b */
-    CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, n*160) );       /* tmp = tmp << n*160 */
-    CHECK_MPI_OK( mp_add(&W, &tmp, &W) );             /* W += tmp           */
-    /* Step 8, continued.
-    ** "and let X = W + 2**(L-1).
-    **  Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
-    */
-    CHECK_MPI_OK( mpl_set_bit(&X, (mp_size)(L-1), 1) );    /* X = 2**(L-1) */
-    CHECK_MPI_OK( mp_add(&X, &W, &X) );                    /* X += W       */
-    /*************************************************************
-    ** Step 9.
-    ** "Let c = X mod 2q  and set p = X - (c - 1).
-    **  Note that p is congruent to 1 mod 2q."
-    */
-    CHECK_MPI_OK( mp_mul_2(Q, &twoQ) );                    /* 2q           */
-    CHECK_MPI_OK( mp_mod(&X, &twoQ, &c) );                 /* c = X mod 2q */
-    CHECK_MPI_OK( mp_sub_d(&c, 1, &c) );                   /* c -= 1       */
-    CHECK_MPI_OK( mp_sub(&X, &c, P) );                     /* P = X - c    */
-cleanup:
-    mp_clear(&W);
-    mp_clear(&X);
-    mp_clear(&c);
-    mp_clear(&twoQ);
-    mp_clear(&V_n);
-    mp_clear(&tmp);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	return SECFailure;
-    }
-    return rv;
-}
-
-/*
-** Generate G from h, P, and Q.
-*/
-static SECStatus
-makeGfromH(const mp_int *P,     /* input.  */
-           const mp_int *Q,     /* input.  */
-                 mp_int *H,     /* input and output. */
-                 mp_int *G,     /* output. */
-                 PRBool *passed)
-{
-    mp_int exp, pm1;
-    mp_err err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    *passed = PR_FALSE;
-    MP_DIGITS(&exp) = 0;
-    MP_DIGITS(&pm1) = 0;
-    CHECK_MPI_OK( mp_init(&exp) );
-    CHECK_MPI_OK( mp_init(&pm1) );
-    CHECK_MPI_OK( mp_sub_d(P, 1, &pm1) );        /* P - 1            */
-    if ( mp_cmp(H, &pm1) > 0)                   /* H = H mod (P-1)  */
-	CHECK_MPI_OK( mp_sub(H, &pm1, H) );
-    /* Let b = 2**n (smallest power of 2 greater than P).
-    ** Since P-1 >= b/2, and H < b, quotient(H/(P-1)) = 0 or 1
-    ** so the above operation safely computes H mod (P-1)
-    */
-    /* Check for H = to 0 or 1.  Regen H if so.  (Regen means return error). */
-    if (mp_cmp_d(H, 1) <= 0) {
-	rv = SECFailure;
-	goto cleanup;
-    }
-    /* Compute G, according to the equation  G = (H ** ((P-1)/Q)) mod P */
-    CHECK_MPI_OK( mp_div(&pm1, Q, &exp, NULL) );  /* exp = (P-1)/Q      */
-    CHECK_MPI_OK( mp_exptmod(H, &exp, P, G) );    /* G = H ** exp mod P */
-    /* Check for G == 0 or G == 1, return error if so. */
-    if (mp_cmp_d(G, 1) <= 0) {
-	rv = SECFailure;
-	goto cleanup;
-    }
-    *passed = PR_TRUE;
-cleanup:
-    mp_clear(&exp);
-    mp_clear(&pm1);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
-    unsigned int L;            /* Length of P in bits.  Per FIPS 186. */
-    unsigned int seedBytes;
-
-    if (j > 8 || !pParams || !pVfy) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-        return SECFailure;
-    }
-    L = 512 + (j * 64);         /* bits in P */
-    seedBytes = L/8;
-    return PQG_ParamGenSeedLen(j, seedBytes, pParams, pVfy);
-}
-
-/* This code uses labels and gotos, so that it can follow the numbered
-** steps in the algorithms from FIPS 186 appendix 2.2 very closely,
-** and so that the correctness of this code can be easily verified.
-** So, please forgive the ugly c code.
-**/
-SECStatus
-PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes,
-                    PQGParams **pParams, PQGVerify **pVfy)
-{
-    unsigned int  L;        /* Length of P in bits.  Per FIPS 186. */
-    unsigned int  n;        /* Per FIPS 186, appendix 2.2. */
-    unsigned int  b;        /* Per FIPS 186, appendix 2.2. */
-    unsigned int  g;        /* Per FIPS 186, appendix 2.2. */
-    unsigned int  counter;  /* Per FIPS 186, appendix 2.2. */
-    unsigned int  offset;   /* Per FIPS 186, appendix 2.2. */
-    SECItem      *seed;     /* Per FIPS 186, appendix 2.2. */
-    PRArenaPool  *arena  = NULL;
-    PQGParams    *params = NULL;
-    PQGVerify    *verify = NULL;
-    PRBool passed;
-    SECItem hit = { 0, 0, 0 };
-    mp_int P, Q, G, H, l;
-    mp_err    err = MP_OKAY;
-    SECStatus rv  = SECFailure;
-    int iterations = 0;
-    if (j > 8 || !pParams || !pVfy) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* Initialize an arena for the params. */
-    arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-    if (!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
-    if (!params) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(arena, PR_TRUE);
-	return SECFailure;
-    }
-    params->arena = arena;
-    /* Initialize an arena for the verify. */
-    arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-    if (!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(params->arena, PR_TRUE);
-	return SECFailure;
-    }
-    verify = (PQGVerify *)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
-    if (!verify) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(arena, PR_TRUE);
-	PORT_FreeArena(params->arena, PR_TRUE);
-	return SECFailure;
-    }
-    verify->arena = arena;
-    seed = &verify->seed;
-    arena = NULL;
-    /* Initialize bignums */
-    MP_DIGITS(&P) = 0;
-    MP_DIGITS(&Q) = 0;
-    MP_DIGITS(&G) = 0;
-    MP_DIGITS(&H) = 0;
-    MP_DIGITS(&l) = 0;
-    CHECK_MPI_OK( mp_init(&P) );
-    CHECK_MPI_OK( mp_init(&Q) );
-    CHECK_MPI_OK( mp_init(&G) );
-    CHECK_MPI_OK( mp_init(&H) );
-    CHECK_MPI_OK( mp_init(&l) );
-    /* Compute lengths. */
-    L = 512 + (j * 64);               /* bits in P */
-    n = (L - 1) / BITS_IN_Q;          /* BITS_IN_Q is 160 */  
-    b = (L - 1) % BITS_IN_Q;
-    g = seedBytes * BITS_PER_BYTE;    /* bits in seed, NOT G of PQG. */
-step_1:
-    /* ******************************************************************
-    ** Step 1.
-    ** "Choose an abitrary sequence of at least 160 bits and call it SEED.
-    **  Let g be the length of SEED in bits."
-    */
-    if (++iterations > MAX_ITERATIONS) {        /* give up after a while */
-        PORT_SetError(SEC_ERROR_NEED_RANDOM);
-        goto cleanup;
-    }
-    seed->len = seedBytes;
-    CHECK_SEC_OK( getPQseed(seed) );
-    /* ******************************************************************
-    ** Step 2.
-    ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
-    **
-    ** Step 3.
-    ** "Form Q from U by setting the most signficant bit (the 2**159 bit) 
-    **  and the least signficant bit to 1.  In terms of boolean operations,
-    **  Q = U OR 2**159 OR 1.  Note that 2**159 < Q < 2**160."
-    */
-    CHECK_SEC_OK( makeQfromSeed(g, seed, &Q) );
-    /* ******************************************************************
-    ** Step 4.
-    ** "Use a robust primality testing algorithm to test whether q is prime."
-    **
-    ** Appendix 2.1 states that a Rabin test with at least 50 iterations
-    ** "will give an acceptable probability of error."
-    */
-    /*CHECK_SEC_OK( prm_RabinTest(&Q, &passed) );*/
-    err = mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS);
-    passed = (err == MP_YES) ? SECSuccess : SECFailure;
-    /* ******************************************************************
-    ** Step 5. "If q is not prime, goto step 1."
-    */
-    if (passed != SECSuccess)
-        goto step_1;
-    /* ******************************************************************
-    ** Step 6. "Let counter = 0 and offset = 2."
-    */
-    counter = 0;
-    offset  = 2;
-step_7:
-    /* ******************************************************************
-    ** Step 7.
-    ** "for k = 0 ... n let
-    **          V_k = SHA[(SEED + offset + k) mod 2**g]."
-    **
-    ** Step 8.
-    ** "Let W be the sum of  (V_k * 2**(k*160)) for k = 0 ... n
-    **  and let X = W + 2**(L-1).
-    **  Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
-    **
-    ** Step 9.
-    ** "Let c = X mod 2q  and set p = X - (c - 1).
-    **  Note that p is congruent to 1 mod 2q."
-    */
-    CHECK_SEC_OK( makePfromQandSeed(L, offset, g, seed, &Q, &P) );
-    /*************************************************************
-    ** Step 10.
-    ** "if p < 2**(L-1), then goto step 13."
-    */
-    CHECK_MPI_OK( mpl_set_bit(&l, (mp_size)(L-1), 1) ); /* l = 2**(L-1) */
-    if (mp_cmp(&P, &l) < 0)
-        goto step_13;
-    /************************************************************
-    ** Step 11.
-    ** "Perform a robust primality test on p."
-    */
-    /*CHECK_SEC_OK( prm_RabinTest(&P, &passed) );*/
-    err = mpp_pprime(&P, PQG_P_PRIMALITY_TESTS);
-    passed = (err == MP_YES) ? SECSuccess : SECFailure;
-    /* ******************************************************************
-    ** Step 12. "If p passes the test performed in step 11, go to step 15."
-    */
-    if (passed == SECSuccess)
-        goto step_15;
-step_13:
-    /* ******************************************************************
-    ** Step 13.  "Let counter = counter + 1 and offset = offset + n + 1."
-    */
-    counter++;
-    offset += n + 1;
-    /* ******************************************************************
-    ** Step 14.  "If counter >= 4096 goto step 1, otherwise go to step 7."
-    */
-    if (counter >= 4096)
-        goto step_1;
-    goto step_7;
-step_15:
-    /* ******************************************************************
-    ** Step 15.  
-    ** "Save the value of SEED and the value of counter for use
-    **  in certifying the proper generation of p and q."
-    */
-    /* Generate h. */
-    SECITEM_AllocItem(NULL, &hit, seedBytes); /* h is no longer than p */
-    if (!hit.data) goto cleanup;
-    do {
-	/* loop generate h until 1<h<p-1 and (h**[(p-1)/q])mod p > 1 */
-	CHECK_SEC_OK( generate_h_candidate(&hit, &H) );
-        CHECK_SEC_OK( makeGfromH(&P, &Q, &H, &G, &passed) );
-    } while (passed != PR_TRUE);
-    /* All generation is done.  Now, save the PQG params.  */
-    MPINT_TO_SECITEM(&P, &params->prime,    params->arena);
-    MPINT_TO_SECITEM(&Q, &params->subPrime, params->arena);
-    MPINT_TO_SECITEM(&G, &params->base,     params->arena);
-    MPINT_TO_SECITEM(&H, &verify->h,        verify->arena);
-    verify->counter = counter;
-    *pParams = params;
-    *pVfy = verify;
-cleanup:
-    mp_clear(&P);
-    mp_clear(&Q);
-    mp_clear(&G);
-    mp_clear(&H);
-    mp_clear(&l);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    if (rv) {
-	PORT_FreeArena(params->arena, PR_TRUE);
-	PORT_FreeArena(verify->arena, PR_TRUE);
-    }
-    return rv;
-}
-
-SECStatus   
-PQG_VerifyParams(const PQGParams *params, 
-                 const PQGVerify *vfy, SECStatus *result)
-{
-    SECStatus rv = SECSuccess;
-    int passed;
-    unsigned int g, n, L, offset;
-    mp_int P, Q, G, P_, Q_, G_, r, h;
-    mp_err err = MP_OKAY;
-    int j;
-#define CHECKPARAM(cond)      \
-    if (!(cond)) {            \
-	*result = SECFailure; \
-	goto cleanup;         \
-    }
-    if (!params || !vfy || !result) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    MP_DIGITS(&P) = 0;
-    MP_DIGITS(&Q) = 0;
-    MP_DIGITS(&G) = 0;
-    MP_DIGITS(&P_) = 0;
-    MP_DIGITS(&Q_) = 0;
-    MP_DIGITS(&G_) = 0;
-    MP_DIGITS(&r) = 0;
-    MP_DIGITS(&h) = 0;
-    CHECK_MPI_OK( mp_init(&P) );
-    CHECK_MPI_OK( mp_init(&Q) );
-    CHECK_MPI_OK( mp_init(&G) );
-    CHECK_MPI_OK( mp_init(&P_) );
-    CHECK_MPI_OK( mp_init(&Q_) );
-    CHECK_MPI_OK( mp_init(&G_) );
-    CHECK_MPI_OK( mp_init(&r) );
-    CHECK_MPI_OK( mp_init(&h) );
-    *result = SECSuccess;
-    SECITEM_TO_MPINT(params->prime,    &P);
-    SECITEM_TO_MPINT(params->subPrime, &Q);
-    SECITEM_TO_MPINT(params->base,     &G);
-    /* 1.  Q is 160 bits long. */
-    CHECKPARAM( mpl_significant_bits(&Q) == 160 );
-    /* 2.  P is one of the 9 valid lengths. */
-    L = mpl_significant_bits(&P);
-    j = PQG_PBITS_TO_INDEX(L);
-    CHECKPARAM( j >= 0 && j <= 8 );
-    /* 3.  G < P */
-    CHECKPARAM( mp_cmp(&G, &P) < 0 );
-    /* 4.  P % Q == 1 */
-    CHECK_MPI_OK( mp_mod(&P, &Q, &r) );
-    CHECKPARAM( mp_cmp_d(&r, 1) == 0 );
-    /* 5.  Q is prime */
-    CHECKPARAM( mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS) == MP_YES );
-    /* 6.  P is prime */
-    CHECKPARAM( mpp_pprime(&P, PQG_P_PRIMALITY_TESTS) == MP_YES );
-    /* Steps 7-12 are done only if the optional PQGVerify is supplied. */
-    if (!vfy) goto cleanup;
-    /* 7.  counter < 4096 */
-    CHECKPARAM( vfy->counter < 4096 );
-    /* 8.  g >= 160 and g < 2048   (g is length of seed in bits) */
-    g = vfy->seed.len * 8;
-    CHECKPARAM( g >= 160 && g < 2048 );
-    /* 9.  Q generated from SEED matches Q in PQGParams. */
-    CHECK_SEC_OK( makeQfromSeed(g, &vfy->seed, &Q_) );
-    CHECKPARAM( mp_cmp(&Q, &Q_) == 0 );
-    /* 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams. */
-    n = (L - 1) / BITS_IN_Q;
-    offset = vfy->counter * (n + 1) + 2;
-    CHECK_SEC_OK( makePfromQandSeed(L, offset, g, &vfy->seed, &Q, &P_) );
-    CHECKPARAM( mp_cmp(&P, &P_) == 0 );
-    /* Next two are optional: if h == 0 ignore */
-    if (vfy->h.len == 0) goto cleanup;
-    /* 11. 1 < h < P-1 */
-    SECITEM_TO_MPINT(vfy->h, &h);
-    CHECK_MPI_OK( mpl_set_bit(&P, 0, 0) ); /* P is prime, p-1 == zero 1st bit */
-    CHECKPARAM( mp_cmp_d(&h, 1) > 0 && mp_cmp(&h, &P) );
-    CHECK_MPI_OK( mpl_set_bit(&P, 0, 1) ); /* set it back */
-    /* 12. G generated from h matches G in PQGParams. */
-    CHECK_SEC_OK( makeGfromH(&P, &Q, &h, &G_, &passed) );
-    CHECKPARAM( passed && mp_cmp(&G, &G_) == 0 );
-cleanup:
-    mp_clear(&P);
-    mp_clear(&Q);
-    mp_clear(&G);
-    mp_clear(&P_);
-    mp_clear(&Q_);
-    mp_clear(&G_);
-    mp_clear(&r);
-    mp_clear(&h);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-
diff --git a/security/nss/lib/freebl/prng_fips1861.c b/security/nss/lib/freebl/prng_fips1861.c
deleted file mode 100644
index bf0199926..000000000
--- a/security/nss/lib/freebl/prng_fips1861.c
+++ /dev/null
@@ -1,513 +0,0 @@
-/*
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "nssilock.h"
-#include "secitem.h"
-#include "sha_fast.h"
-#include "secrng.h"	/* for RNG_GetNoise() */
-
-/*
- * The minimum amount of seed data required before the generator will
- * provide data.
- * Note that this is a measure of the number of bytes sent to
- * RNG_RandomUpdate, not the actual amount of entropy present in the
- * generator.  Naturally, it is impossible to know (at this level) just
- * how much entropy is present in the provided seed data.  A bare minimum
- * of entropy would be 20 bytes, so by requiring 1K this code is making
- * the tacit assumption that at least 1 byte of pure entropy is provided
- * with every 8 bytes supplied to RNG_RandomUpdate.  The reality of this
- * assumption is left up to the caller.
- */
-#define MIN_SEED_COUNT 1024
-
-/*
- * Steps taken from FIPS 186-1 Appendix 3.1
- */
-
-/*
- * According to FIPS 186-1, 160 <= b <= 512
- * For our purposes, we will assume b == 160
- */
-#define FIPS_B     160
-#define BSIZE      FIPS_B / BITS_PER_BYTE
-
-/*
- * Add two 160-bit numbers represented as arrays of 20 bytes.
- * The numbers are big-endian, MSB first, so addition is done
- * from the end of the buffer to the beginning.
- */
-#define ADD_160BIT_PLUS_CARRY(dest, add1, add2, cy) \
-    carry = cy; \
-    for (i=BSIZE-1; i>=0; --i) { \
-	carry += add1[i] + add2[i]; \
-	dest[i] = (PRUint8)carry; \
-	carry >>= 8; \
-    }
-
-#define ADD_160BIT_2(dest, add1, add2) \
-	ADD_160BIT_PLUS_CARRY(dest, add1, add2, 0)
-
-
-/*
- * FIPS requires result from Step 3c to be reduced mod q when generating
- * random numbers for DSA.
- * by definition q >= 2^159 + 1, thus xj < 2q
- * thus reducing mod q is simple subtraction when xj > q
- */
-#define dsa_reduce_mod_q(xj, q) \
-    PORT_Assert(q[0] >= 0x80); \
-    if (memcmp(xj,q,BSIZE) > 0) { \
-	carry = 0; \
-	for (i=BSIZE-1; i>=0; --i) { \
-	    carry += (signed int)xj[i] - (signed int)q[i]; \
-	    xj[i] = (PRUint8)carry; \
-	    carry >>= 8; \
-	} \
-    }
-
-/*
- * Specialized SHA1-like function.  This function appends zeroes to a 
- * single input block and runs a single instance of the compression function, 
- * as specified in FIPS 186-1 appendix 3.3.
- */
-void 
-RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx, 
-                           unsigned char *input, unsigned int inputLen,
-                           unsigned char *hashout, unsigned int *pDigestLen, 
-                           unsigned int maxDigestLen);
-
-/*
- * Global RNG context
- */ 
-struct RNGContextStr {
-    PRUint8   XKEY[BSIZE]; /* Seed for next SHA iteration */
-    PRUint8   Xj[BSIZE];   /* Output from previous operation */
-    PZLock   *lock;        /* Lock to serialize access to global rng */
-    PRUint8   avail;       /* # bytes of output available, [0...20] */
-    PRUint32  seedCount;   /* number of seed bytes given to generator */
-    PRBool    isValid;     /* false if RNG reaches an invalid state */
-};
-typedef struct RNGContextStr RNGContext;
-static RNGContext *globalrng = NULL;
-
-/*
- * Free the global RNG context
- */
-static void
-freeRNGContext()
-{
-    PZ_DestroyLock(globalrng->lock);
-    PORT_ZFree(globalrng, sizeof *globalrng);
-    globalrng = NULL;
-}
-
-/*
- * Implementation of the algorithm in FIPS 186-1 appendix 3.1, heretofore
- * called alg3_1().  It is assumed a lock for the global rng context has
- * already been acquired.
- * Calling this function with XSEEDj == NULL is equivalent to saying there
- * is no optional user input, which is further equivalent to saying that
- * the optional user input is 0.
- */
-static SECStatus
-alg_fips186_1_x3_1(RNGContext *rng,
-                   const unsigned char *XSEEDj, unsigned char *q)
-{
-    /* SHA1 context for G(t, XVAL) function */
-    SHA1Context sha1cx;
-    /* input to hash function */
-    PRUint8 XVAL[BSIZE];
-    /* store a copy of the output to compare with the previous output */
-    PRUint8 x_j[BSIZE];
-    /* used by ADD_160BIT macros */
-    int i, carry;
-    unsigned int len;
-    if (!rng->isValid) {
-	/* RNG has alread entered an invalid state. */
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* initialize the SHA1 context */
-    memset(&sha1cx, 0, sizeof(sha1cx));
-    /* 
-     * <Step 2> Initialize t, taken care of in SHA-1 (same initial values) 
-     */
-    SHA1_Begin(&sha1cx);
-    /* 
-     * <Step 3a> XSEEDj is optional user input
-     * 
-     * <Step 3b> XVAL = (XKEY + XSEEDj) mod 2^b
-     *     :always reduced mod 2^b, since storing as 160-bit value
-     */
-    if (XSEEDj) {
-	/* XSEEDj > 0 */
-	ADD_160BIT_2(XVAL, rng->XKEY, XSEEDj);
-    } else {
-	/* XSEEDj == 0 */
-	memcpy(XVAL, rng->XKEY, BSIZE);
-    }
-    /* 
-     * <Step 3c> Xj = G(t, XVAL) mod q
-     *     :In this code, (mod q) is only understood for DSA ops, 
-     *     :not general RNG (what would q be in non-DSA uses?).
-     *     :If a q is specified, use it.
-     *     :FIPS 186-1 specifies a different padding than the SHA1 180-1
-     *     :specification, this function is implemented below.
-     */ 
-    RNG_UpdateAndEnd_FIPS186_1(&sha1cx, XVAL, BSIZE, x_j, &len, BSIZE);
-    if (q != NULL) {
-	dsa_reduce_mod_q(x_j, q);
-    }
-    /*     [FIPS 140-1] verify output does not match previous output */
-    if (memcmp(x_j, rng->Xj, BSIZE) == 0) {
-	/* failed FIPS 140-1 continuous RNG condition.  RNG now invalid. */
-	rng->isValid = PR_FALSE;
-	return SECFailure;
-    }
-    /* Xj is the output */
-    memcpy(rng->Xj, x_j, BSIZE);
-    /* 
-     * <Step 3d> XKEY = (1 + XKEY + Xj) mod 2^b
-     *     :always reduced mod 2^b, since storing as 160-bit value 
-     */
-    ADD_160BIT_PLUS_CARRY(rng->XKEY, rng->XKEY, x_j, 1);
-    /* Always have a full buffer after executing alg3_1() */
-    rng->avail = BSIZE;
-    /* housekeeping */
-    memset(x_j, 0, BSIZE);
-    memset(XVAL, 0, BSIZE);
-    return SECSuccess;
-}
-
-/* Use NSPR to prevent RNG_RNGInit from being called from separate
- * threads, creating a race condition.
- */
-static PRCallOnceType coRNGInit = { 0, 0, 0 };
-static PRStatus rng_init(void)
-{
-    unsigned char bytes[120];
-    unsigned int numBytes;
-    if (globalrng == NULL) {
-	/* create a new global RNG context */
-	globalrng = (RNGContext *)PORT_ZAlloc(sizeof(RNGContext));
-	if (globalrng == NULL) {
-	    PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-	    return PR_FAILURE;
-	}
-	/* create a lock for it */
-	globalrng->lock = PZ_NewLock(nssILockOther);
-	if (globalrng->lock == NULL) {
-	    PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
-	    return PR_FAILURE;
-	}
-	/* the RNG is in a valid state */
-	globalrng->isValid = PR_TRUE;
-	/* Try to get some seed data for the RNG */
-	numBytes = RNG_GetNoise(bytes, sizeof bytes);
-	RNG_RandomUpdate(bytes, numBytes);
-    }
-    return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE;
-}
-
-/*
- * Initialize the global RNG context and give it some seed input taken
- * from the system.  This function is thread-safe and will only allow
- * the global context to be initialized once.  The seed input is likely
- * small, so it is imperative that RNG_RandomUpdate() be called with
- * additional seed data before the generator is used.  A good way to
- * provide the generator with additional entropy is to call
- * RNG_SystemInfoForRNG().  Note that NSS_Init() does exactly that.
- */
-SECStatus 
-RNG_RNGInit(void)
-{
-    /* Allow only one call to initialize the context */
-    PR_CallOnce(&coRNGInit, rng_init);
-    /* Make sure there is a context */
-    return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE;
-}
-
-/*
-** Update the global random number generator with more seeding
-** material
-*/
-SECStatus 
-prng_RandomUpdate(RNGContext *rng, const void *data, size_t bytes, 
-	unsigned char *q)
-{
-    SECStatus rv = SECSuccess;
-    unsigned char inputhash[BSIZE];
-    /* check for a valid global RNG context */
-    PORT_Assert(rng != NULL);
-    if (rng == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* RNG_SystemInfoForRNG() sometimes does this, not really an error */
-    if (bytes == 0)
-	return SECSuccess;
-    /* If received 20 bytes of input, use it, else hash the input before 
-     * locking.
-     */
-    if (bytes == BSIZE)
-	memcpy(inputhash, data, BSIZE);
-    else
-	rv = SHA1_HashBuf(inputhash, data, bytes);
-    if (rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* --- LOCKED --- */
-    PZ_Lock(rng->lock);
-    /*
-     * Random information is initially supplied by a call to
-     * RNG_SystemInfoForRNG().  That function collects entropy from
-     * the system and calls RNG_RandomUpdate() to seed the generator.
-     * FIPS 186-1 3.1 step 1 specifies that a secret value for the
-     * seed-key must be chosen before the generator can begin.  The
-     * size of XKEY is b-bytes, so fill it with the first b-bytes
-     * sent to RNG_RandomUpdate().
-     */
-    if (rng->seedCount == 0) {
-	/* This is the first call to RandomUpdate().  Use a SHA1 hash
-	 * of the input to set the seed, XKEY.
-	 *
-	 * <Step 1> copy seed bytes into context's XKEY
-	 */
-	memcpy(rng->XKEY, inputhash, BSIZE);
-	/* 
-	 * Now continue with algorithm.  Since the input was used to
-	 * initialize XKEY, the "optional user input" at this stage
-	 * will be a pad of zeros, XSEEDj = 0.
-	 */
-	rv = alg_fips186_1_x3_1(rng, NULL, q);
-	/* As per FIPS 140-1 continuous RNG requirement, the first
-	 * iteration of output is discarded.  So here there is really
-	 * no output available.  This forces another execution of alg3_1()
-	 * before any bytes can be extracted from the generator.
-	 */
-	rng->avail = 0;
-    } else {
-	/* Execute the algorithm from FIPS 186-1 appendix 3.1 */
-	rv = alg_fips186_1_x3_1(rng, inputhash, q);
-    }
-    /* If got this far, have added bytes of seed data. */
-    rng->seedCount += bytes;
-    PZ_Unlock(rng->lock);
-    /* --- UNLOCKED --- */
-    /* housekeeping */
-    memset(inputhash, 0, BSIZE);
-    return rv;
-}
-
-/*
-** Update the global random number generator with more seeding
-** material.  Not DSA, so no q.
-*/
-SECStatus 
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
-    return prng_RandomUpdate(globalrng, data, bytes, NULL);
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.
-*/
-SECStatus 
-prng_GenerateGlobalRandomBytes(RNGContext *rng,
-                               void *dest, size_t len, unsigned char *q)
-{
-    PRUint8 num;
-    SECStatus rv = SECSuccess;
-    unsigned char *output = dest;
-    /* check for a valid global RNG context */
-    PORT_Assert(rng != NULL);
-    if (rng == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* --- LOCKED --- */
-    PZ_Lock(rng->lock);
-    /* Check the amount of seed data in the generator.  If not enough,
-     * don't produce any data.
-     */
-    if (rng->seedCount < MIN_SEED_COUNT) {
-	PZ_Unlock(rng->lock);
-	PORT_SetError(SEC_ERROR_NEED_RANDOM);
-	return SECFailure;
-    }
-    /*
-     * If there are enough bytes of random data, send back Xj, 
-     * else call alg3_1() with 0's to generate more random data.
-     */
-    while (len > 0) {
-	if (rng->avail == 0)
-	    /* All available bytes are used, so generate more. */
-	    rv = alg_fips186_1_x3_1(rng, NULL, q);
-	/* number of bytes to obtain on this iteration (max of 20) */
-	num = PR_MIN(rng->avail, len);
-	/* if avail < BSIZE, the first avail bytes have already been used. */
-	memcpy(output, rng->Xj + (BSIZE - rng->avail), num);
-	rng->avail -= num;
-	len -= num;
-	output += num;
-    }
-    PZ_Unlock(rng->lock);
-    /* --- UNLOCKED --- */
-    return rv;
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.  Not DSA, so no q.
-*/
-SECStatus 
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
-    return prng_GenerateGlobalRandomBytes(globalrng, dest, len, NULL);
-}
-
-void
-RNG_RNGShutdown(void)
-{
-    /* check for a valid global RNG context */
-    PORT_Assert(globalrng != NULL);
-    if (globalrng == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return;
-    }
-    /* clear */
-    freeRNGContext();
-    /* zero the callonce struct to allow a new call to RNG_RNGInit() */
-    memset(&coRNGInit, 0, sizeof coRNGInit);
-}
-
-/*
- *  SHA: Generate hash value from context
- *       Specialized function for PRNG
- *       The PRNG specified in FIPS 186-1 3.3 uses a function, G,
- *       which has the same initialization and compression functions
- *       as SHA1 180-1, but uses different padding.  FIPS 186-1 3.3 
- *       specifies that the message be padded with 0's until the size
- *       reaches 512 bits.
- */
-void 
-RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx, 
-                           unsigned char *input, unsigned int inputLen,
-                           unsigned char *hashout, unsigned int *pDigestLen, 
-                           unsigned int maxDigestLen)
-{
-    register PRUint32 A;
-    static const unsigned char bulk_pad0[64] = { 0,0,0,0,0,0,0,0,0,0,
-               0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-               0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0  };
-
-    PORT_Assert(maxDigestLen >= SHA1_LENGTH);
-    PORT_Assert(inputLen <= SHA1_INPUT_LEN);
-
-    /*
-     *  Add the input
-     */
-    SHA1_Update(ctx, input, inputLen);
-    /*
-     *  Pad with zeroes
-     *  This will fill the input block and cause the compression function
-     *  to be called.
-     */
-    SHA1_Update(ctx, bulk_pad0, SHA1_INPUT_LEN - inputLen);
-
-    /*
-     *  Output hash
-     */
-#if defined(IS_LITTLE_ENDIAN)
-    SHA_BYTESWAP(ctx->H[0]);
-    SHA_BYTESWAP(ctx->H[1]);
-    SHA_BYTESWAP(ctx->H[2]);
-    SHA_BYTESWAP(ctx->H[3]);
-    SHA_BYTESWAP(ctx->H[4]);
-#endif
-    memcpy(hashout, ctx->H, SHA1_LENGTH);
-    *pDigestLen = SHA1_LENGTH;
-
-    /*
-     *  Re-initialize the context (also zeroizes contents)
-     */
-    SHA1_Begin(ctx);
-}
-
-/*
- * Specialized RNG for DSA
- *
- * As per FIPS 186-1 appendix 3.1, in step 5 the value Xj should
- * be reduced mod q, a 160-bit prime number.   Since this parameter is
- * only meaningful in the context of DSA, the above RNG functions
- * were implemented without it.  They are re-implemented below for use
- * with DSA.
- *
- */
-
-/*
-** Update the global random number generator with more seeding
-** material.  DSA needs a q parameter.
-*/
-SECStatus 
-DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q)
-{
-    if( q && (*q == 0) ) {
-        ++q;
-    }
-    return prng_RandomUpdate(globalrng, data, bytes, q);
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.  In DSA mode, so there is a q.
-*/
-SECStatus 
-DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q)
-{
-    if( q && (*q == 0) ) {
-        ++q;
-    }
-    return prng_GenerateGlobalRandomBytes(globalrng, dest, len, q);
-}
diff --git a/security/nss/lib/freebl/rijndael.c b/security/nss/lib/freebl/rijndael.c
deleted file mode 100644
index 374a0fad4..000000000
--- a/security/nss/lib/freebl/rijndael.c
+++ /dev/null
@@ -1,1136 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prinit.h"
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-#include "rijndael.h"
-
-/*
- * There are currently five ways to build this code, varying in performance
- * and code size.
- *
- * RIJNDAEL_INCLUDE_TABLES         Include all tables from rijndael32.tab
- * RIJNDAEL_GENERATE_TABLES        Generate tables on first 
- *                                 encryption/decryption, then store them;
- *                                 use the function gfm
- * RIJNDAEL_GENERATE_TABLES_MACRO  Same as above, but use macros to do
- *                                 the generation
- * RIJNDAEL_GENERATE_VALUES        Do not store tables, generate the table
- *                                 values "on-the-fly", using gfm
- * RIJNDAEL_GENERATE_VALUES_MACRO  Same as above, but use macros
- *
- * The default is RIJNDAEL_INCLUDE_TABLES.
- */
-
-/*
- * When building RIJNDAEL_INCLUDE_TABLES, includes S**-1, Rcon, T[0..4], 
- *                                                 T**-1[0..4], IMXC[0..4]
- * When building anything else, includes S, S**-1, Rcon
- */
-#include "rijndael32.tab"
-
-#if defined(RIJNDAEL_INCLUDE_TABLES)
-/*
- * RIJNDAEL_INCLUDE_TABLES
- */
-#define T0(i)    _T0[i]
-#define T1(i)    _T1[i]
-#define T2(i)    _T2[i]
-#define T3(i)    _T3[i]
-#define TInv0(i) _TInv0[i]
-#define TInv1(i) _TInv1[i]
-#define TInv2(i) _TInv2[i]
-#define TInv3(i) _TInv3[i]
-#define IMXC0(b) _IMXC0[b]
-#define IMXC1(b) _IMXC1[b]
-#define IMXC2(b) _IMXC2[b]
-#define IMXC3(b) _IMXC3[b]
-/* The S-box can be recovered from the T-tables */
-#ifdef IS_LITTLE_ENDIAN
-#define SBOX(b)    ((PRUint8)_T3[b])
-#else
-#define SBOX(b)    ((PRUint8)_T1[b])
-#endif
-#define SINV(b) (_SInv[b])
-
-#else /* not RIJNDAEL_INCLUDE_TABLES */
-
-/*
- * Code for generating T-table values.
- */
-
-#ifdef IS_LITTLE_ENDIAN
-#define WORD4(b0, b1, b2, b3) \
-    (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | (b0))
-#else
-#define WORD4(b0, b1, b2, b3) \
-    (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | (b3))
-#endif
-
-/*
- * Define the S and S**-1 tables (both have been stored)
- */
-#define SBOX(b)    (_S[b])
-#define SINV(b) (_SInv[b])
-
-/*
- * The function xtime, used for Galois field multiplication
- */
-#define XTIME(a) \
-    ((a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1))
-
-/* Choose GFM method (macros or function) */
-#if defined(RIJNDAEL_GENERATE_TABLES_MACRO) ||  \
-    defined(RIJNDAEL_GENERATE_VALUES_MACRO)
-
-/*
- * Galois field GF(2**8) multipliers, in macro form
- */
-#define GFM01(a) \
-    (a)                                 /* a * 01 = a, the identity */
-#define GFM02(a) \
-    (XTIME(a) & 0xff)                   /* a * 02 = xtime(a) */
-#define GFM04(a) \
-    (GFM02(GFM02(a)))                   /* a * 04 = xtime**2(a) */
-#define GFM08(a) \
-    (GFM02(GFM04(a)))                   /* a * 08 = xtime**3(a) */
-#define GFM03(a) \
-    (GFM01(a) ^ GFM02(a))               /* a * 03 = a * (01 + 02) */
-#define GFM09(a) \
-    (GFM01(a) ^ GFM08(a))               /* a * 09 = a * (01 + 08) */
-#define GFM0B(a) \
-    (GFM01(a) ^ GFM02(a) ^ GFM08(a))    /* a * 0B = a * (01 + 02 + 08) */
-#define GFM0D(a) \
-    (GFM01(a) ^ GFM04(a) ^ GFM08(a))    /* a * 0D = a * (01 + 04 + 08) */
-#define GFM0E(a) \
-    (GFM02(a) ^ GFM04(a) ^ GFM08(a))    /* a * 0E = a * (02 + 04 + 08) */
-
-#else  /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_VALUES */
-
-/* GF_MULTIPLY
- *
- * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
- */
-PRUint8 gfm(PRUint8 a, PRUint8 b)
-{
-    PRUint8 res = 0;
-    while (b > 0) {
-	res = (b & 0x01) ? res ^ a : res;
-	a = XTIME(a);
-	b >>= 1;
-    }
-    return res;
-}
-
-#define GFM01(a) \
-    (a)                                 /* a * 01 = a, the identity */
-#define GFM02(a) \
-    (XTIME(a) & 0xff)                   /* a * 02 = xtime(a) */
-#define GFM03(a) \
-    (gfm(a, 0x03))                      /* a * 03 */
-#define GFM09(a) \
-    (gfm(a, 0x09))                      /* a * 09 */
-#define GFM0B(a) \
-    (gfm(a, 0x0B))                      /* a * 0B */
-#define GFM0D(a) \
-    (gfm(a, 0x0D))                      /* a * 0D */
-#define GFM0E(a) \
-    (gfm(a, 0x0E))                      /* a * 0E */
-
-#endif /* choosing GFM function */
-
-/*
- * The T-tables
- */
-#define G_T0(i) \
-    ( WORD4( GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)) ) )
-#define G_T1(i) \
-    ( WORD4( GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)) ) )
-#define G_T2(i) \
-    ( WORD4( GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)) ) )
-#define G_T3(i) \
-    ( WORD4( GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)) ) )
-
-/*
- * The inverse T-tables
- */
-#define G_TInv0(i) \
-    ( WORD4( GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)) ) )
-#define G_TInv1(i) \
-    ( WORD4( GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)) ) )
-#define G_TInv2(i) \
-    ( WORD4( GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)) ) )
-#define G_TInv3(i) \
-    ( WORD4( GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)) ) )
-
-/*
- * The inverse mix column tables
- */
-#define G_IMXC0(i) \
-    ( WORD4( GFM0E(i), GFM09(i), GFM0D(i), GFM0B(i) ) )
-#define G_IMXC1(i) \
-    ( WORD4( GFM0B(i), GFM0E(i), GFM09(i), GFM0D(i) ) )
-#define G_IMXC2(i) \
-    ( WORD4( GFM0D(i), GFM0B(i), GFM0E(i), GFM09(i) ) )
-#define G_IMXC3(i) \
-    ( WORD4( GFM09(i), GFM0D(i), GFM0B(i), GFM0E(i) ) )
-
-/* Now choose the T-table indexing method */
-#if defined(RIJNDAEL_GENERATE_VALUES)
-/* generate values for the tables with a function*/
-static PRUint32 gen_TInvXi(PRUint8 tx, PRUint8 i)
-{
-    PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
-    si01 = SINV(i);
-    si02 = XTIME(si01);
-    si04 = XTIME(si02);
-    si08 = XTIME(si04);
-    si03 = si02 ^ si01;
-    si09 = si08 ^ si01;
-    si0B = si08 ^ si03;
-    si0D = si09 ^ si04;
-    si0E = si08 ^ si04 ^ si02;
-    switch (tx) {
-    case 0:
-	return WORD4(si0E, si09, si0D, si0B);
-    case 1:
-	return WORD4(si0B, si0E, si09, si0D);
-    case 2:
-	return WORD4(si0D, si0B, si0E, si09);
-    case 3:
-	return WORD4(si09, si0D, si0B, si0E);
-    }
-    return -1;
-}
-#define T0(i)    G_T0(i)
-#define T1(i)    G_T1(i)
-#define T2(i)    G_T2(i)
-#define T3(i)    G_T3(i)
-#define TInv0(i) gen_TInvXi(0, i)
-#define TInv1(i) gen_TInvXi(1, i)
-#define TInv2(i) gen_TInvXi(2, i)
-#define TInv3(i) gen_TInvXi(3, i)
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#elif defined(RIJNDAEL_GENERATE_VALUES_MACRO)
-/* generate values for the tables with macros */
-#define T0(i)    G_T0(i)
-#define T1(i)    G_T1(i)
-#define T2(i)    G_T2(i)
-#define T3(i)    G_T3(i)
-#define TInv0(i) G_TInv0(i)
-#define TInv1(i) G_TInv1(i)
-#define TInv2(i) G_TInv2(i)
-#define TInv3(i) G_TInv3(i)
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#else  /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_TABLES_MACRO */
-/* Generate T and T**-1 table values and store, then index */
-/* The inverse mix column tables are still generated */
-#define T0(i)    rijndaelTables->T0[i]
-#define T1(i)    rijndaelTables->T1[i]
-#define T2(i)    rijndaelTables->T2[i]
-#define T3(i)    rijndaelTables->T3[i]
-#define TInv0(i) rijndaelTables->TInv0[i]
-#define TInv1(i) rijndaelTables->TInv1[i]
-#define TInv2(i) rijndaelTables->TInv2[i]
-#define TInv3(i) rijndaelTables->TInv3[i]
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#endif /* choose T-table indexing method */
-
-#endif /* not RIJNDAEL_INCLUDE_TABLES */
-
-#if defined(RIJNDAEL_GENERATE_TABLES) ||  \
-    defined(RIJNDAEL_GENERATE_TABLES_MACRO)
-
-/* Code to generate and store the tables */
-
-struct rijndael_tables_str {
-    PRUint32 T0[256];
-    PRUint32 T1[256];
-    PRUint32 T2[256];
-    PRUint32 T3[256];
-    PRUint32 TInv0[256];
-    PRUint32 TInv1[256];
-    PRUint32 TInv2[256];
-    PRUint32 TInv3[256];
-};
-
-static struct rijndael_tables_str *rijndaelTables = NULL;
-static PRCallOnceType coRTInit = { 0, 0, 0 };
-static PRStatus 
-init_rijndael_tables(void)
-{
-    PRUint32 i;
-    PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
-    struct rijndael_tables_str *rts;
-    rts = (struct rijndael_tables_str *)
-                   PORT_Alloc(sizeof(struct rijndael_tables_str));
-    if (!rts) return PR_FAILURE;
-    for (i=0; i<256; i++) {
-	/* The forward values */
-	si01 = SBOX(i);
-	si02 = XTIME(si01);
-	si03 = si02 ^ si01;
-	rts->T0[i] = WORD4(si02, si01, si01, si03);
-	rts->T1[i] = WORD4(si03, si02, si01, si01);
-	rts->T2[i] = WORD4(si01, si03, si02, si01);
-	rts->T3[i] = WORD4(si01, si01, si03, si02);
-	/* The inverse values */
-	si01 = SINV(i);
-	si02 = XTIME(si01);
-	si04 = XTIME(si02);
-	si08 = XTIME(si04);
-	si03 = si02 ^ si01;
-	si09 = si08 ^ si01;
-	si0B = si08 ^ si03;
-	si0D = si09 ^ si04;
-	si0E = si08 ^ si04 ^ si02;
-	rts->TInv0[i] = WORD4(si0E, si09, si0D, si0B);
-	rts->TInv1[i] = WORD4(si0B, si0E, si09, si0D);
-	rts->TInv2[i] = WORD4(si0D, si0B, si0E, si09);
-	rts->TInv3[i] = WORD4(si09, si0D, si0B, si0E);
-    }
-    /* wait until all the values are in to set */
-    rijndaelTables = rts;
-    return PR_SUCCESS;
-}
-
-#endif /* code to generate tables */
-
-/**************************************************************************
- *
- * Stuff related to the Rijndael key schedule
- *
- *************************************************************************/
-
-#define SUBBYTE(w) \
-    ((SBOX((w >> 24) & 0xff) << 24) | \
-     (SBOX((w >> 16) & 0xff) << 16) | \
-     (SBOX((w >>  8) & 0xff) <<  8) | \
-     (SBOX((w      ) & 0xff)         ))
-
-#ifdef IS_LITTLE_ENDIAN
-#define ROTBYTE(b) \
-    ((b >> 8) | (b << 24))
-#else
-#define ROTBYTE(b) \
-    ((b << 8) | (b >> 24))
-#endif
-
-/* rijndael_key_expansion7
- *
- * Generate the expanded key from the key input by the user.
- * XXX
- * Nk == 7 (224 key bits) is a weird case.  Since Nk > 6, an added SubByte
- * transformation is done periodically.  The period is every 4 bytes, and
- * since 7%4 != 0 this happens at different times for each key word (unlike
- * Nk == 8 where it happens twice in every key word, in the same positions).
- * For now, I'm implementing this case "dumbly", w/o any unrolling.
- */
-static SECStatus
-rijndael_key_expansion7(AESContext *cx, unsigned char *key, unsigned int Nk)
-{
-    unsigned int i;
-    PRUint32 *W;
-    PRUint32 *pW;
-    PRUint32 tmp;
-    W = cx->expandedKey;
-    /* 1.  the first Nk words contain the cipher key */
-    memcpy(W, key, Nk * 4);
-    i = Nk;
-    /* 2.  loop until full expanded key is obtained */
-    pW = W + i - 1;
-    for (; i < cx->Nb * (cx->Nr + 1); ++i) {
-	tmp = *pW++;
-	if (i % Nk == 0)
-	    tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
-	else if (i % Nk == 4)
-	    tmp = SUBBYTE(tmp);
-	*pW = W[i - Nk] ^ tmp;
-    }
-    return SECSuccess;
-}
-
-/* rijndael_key_expansion
- *
- * Generate the expanded key from the key input by the user.
- */
-static SECStatus
-rijndael_key_expansion(AESContext *cx, unsigned char *key, unsigned int Nk)
-{
-    unsigned int i;
-    PRUint32 *W;
-    PRUint32 *pW;
-    PRUint32 tmp;
-    unsigned int round_key_words = cx->Nb * (cx->Nr + 1);
-    if (Nk == 7)
-	return rijndael_key_expansion7(cx, key, Nk);
-    W = cx->expandedKey;
-    /* The first Nk words contain the input cipher key */
-    memcpy(W, key, Nk * 4);
-    i = Nk;
-    pW = W + i - 1;
-    /* Loop over all sets of Nk words, except the last */
-    while (i < round_key_words - Nk) {
-	tmp = *pW++;
-	tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
-	*pW = W[i++ - Nk] ^ tmp;
-	tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
-	tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
-	tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
-	if (Nk == 4)
-	    continue;
-	switch (Nk) {
-	case 8: tmp = *pW++; tmp = SUBBYTE(tmp); *pW = W[i++ - Nk] ^ tmp;
-	case 7: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
-	case 6: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
-	case 5: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
-	}
-    }
-    /* Generate the last word */
-    tmp = *pW++;
-    tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
-    *pW = W[i++ - Nk] ^ tmp;
-    /* There may be overflow here, if Nk % (Nb * (Nr + 1)) > 0.  However,
-     * since the above loop generated all but the last Nk key words, there
-     * is no more need for the SubByte transformation.
-     */
-    if (Nk < 8) {
-	for (; i < round_key_words; ++i) {
-	    tmp = *pW++; 
-	    *pW = W[i - Nk] ^ tmp;
-	}
-    } else {
-	/* except in the case when Nk == 8.  Then one more SubByte may have
-	 * to be performed, at i % Nk == 4.
-	 */
-	for (; i < round_key_words; ++i) {
-	    tmp = *pW++;
-	    if (i % Nk == 4)
-		tmp = SUBBYTE(tmp);
-	    *pW = W[i - Nk] ^ tmp;
-	}
-    }
-    return SECSuccess;
-}
-
-/* rijndael_invkey_expansion
- *
- * Generate the expanded key for the inverse cipher from the key input by 
- * the user.
- */
-static SECStatus
-rijndael_invkey_expansion(AESContext *cx, unsigned char *key, unsigned int Nk)
-{
-    unsigned int r;
-    PRUint32 *roundkeyw;
-    PRUint8 *b;
-    int Nb = cx->Nb;
-    /* begins like usual key expansion ... */
-    if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
-	return SECFailure;
-    /* ... but has the additional step of InvMixColumn,
-     * excepting the first and last round keys.
-     */
-    roundkeyw = cx->expandedKey + cx->Nb;
-    for (r=1; r<cx->Nr; ++r) {
-	/* each key word, roundkeyw, represents a column in the key
-	 * matrix.  Each column is multiplied by the InvMixColumn matrix.
-	 *   [ 0E 0B 0D 09 ]   [ b0 ]
-	 *   [ 09 0E 0B 0D ] * [ b1 ]
-	 *   [ 0D 09 0E 0B ]   [ b2 ]
-	 *   [ 0B 0D 09 0E ]   [ b3 ]
-	 */
-	b = (PRUint8 *)roundkeyw;
-	*roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
-	b = (PRUint8 *)roundkeyw;
-	*roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
-	b = (PRUint8 *)roundkeyw;
-	*roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
-	b = (PRUint8 *)roundkeyw;
-	*roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
-	if (Nb <= 4)
-	    continue;
-	switch (Nb) {
-	case 8: b = (PRUint8 *)roundkeyw;
-	        *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ 
-	                       IMXC2(b[2]) ^ IMXC3(b[3]);
-	case 7: b = (PRUint8 *)roundkeyw;
-	        *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ 
-	                       IMXC2(b[2]) ^ IMXC3(b[3]);
-	case 6: b = (PRUint8 *)roundkeyw;
-	        *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ 
-	                       IMXC2(b[2]) ^ IMXC3(b[3]);
-	case 5: b = (PRUint8 *)roundkeyw;
-	        *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ 
-	                       IMXC2(b[2]) ^ IMXC3(b[3]);
-	}
-    }
-    return SECSuccess;
-}
-/**************************************************************************
- *
- * Stuff related to Rijndael encryption/decryption, optimized for
- * a 128-bit blocksize.
- *
- *************************************************************************/
-
-#ifdef IS_LITTLE_ENDIAN
-#define BYTE0WORD(w) ((w) & 0x000000ff)
-#define BYTE1WORD(w) ((w) & 0x0000ff00)
-#define BYTE2WORD(w) ((w) & 0x00ff0000)
-#define BYTE3WORD(w) ((w) & 0xff000000)
-#else
-#define BYTE0WORD(w) ((w) & 0xff000000)
-#define BYTE1WORD(w) ((w) & 0x00ff0000)
-#define BYTE2WORD(w) ((w) & 0x0000ff00)
-#define BYTE3WORD(w) ((w) & 0x000000ff)
-#endif
-
-typedef union {
-    PRUint32 w[4];
-    PRUint8  b[16];
-} rijndael_state;
-
-#define COLUMN_0(state) state.w[0]
-#define COLUMN_1(state) state.w[1]
-#define COLUMN_2(state) state.w[2]
-#define COLUMN_3(state) state.w[3]
-
-#define STATE_BYTE(i) state.b[i]
-
-static SECStatus 
-rijndael_encryptBlock128(AESContext *cx, 
-                         unsigned char *output,
-                         const unsigned char *input)
-{
-    unsigned int r;
-    PRUint32 *roundkeyw;
-    rijndael_state state;
-    PRUint32 C0, C1, C2, C3;
-#if defined(_X86_)
-#define pIn input
-#define pOut output
-#else
-    unsigned char *pIn, *pOut;
-    PRUint32 inBuf[4], outBuf[4];
-
-    if ((ptrdiff_t)input & 0x3) {
-	memcpy(inBuf, input, sizeof inBuf);
-	pIn = (unsigned char *)inBuf;
-    } else {
-	pIn = (unsigned char *)input;
-    }
-    if ((ptrdiff_t)output & 0x3) {
-	pOut = (unsigned char *)outBuf;
-    } else {
-	pOut = (unsigned char *)output;
-    }
-#endif
-    roundkeyw = cx->expandedKey;
-    /* Step 1: Add Round Key 0 to initial state */
-    COLUMN_0(state) = *((PRUint32 *)(pIn     )) ^ *roundkeyw++;
-    COLUMN_1(state) = *((PRUint32 *)(pIn + 4 )) ^ *roundkeyw++;
-    COLUMN_2(state) = *((PRUint32 *)(pIn + 8 )) ^ *roundkeyw++;
-    COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw++;
-    /* Step 2: Loop over rounds [1..NR-1] */
-    for (r=1; r<cx->Nr; ++r) {
-        /* Do ShiftRow, ByteSub, and MixColumn all at once */
-	C0 = T0(STATE_BYTE(0))  ^
-	     T1(STATE_BYTE(5))  ^
-	     T2(STATE_BYTE(10)) ^
-	     T3(STATE_BYTE(15));
-	C1 = T0(STATE_BYTE(4))  ^
-	     T1(STATE_BYTE(9))  ^
-	     T2(STATE_BYTE(14)) ^
-	     T3(STATE_BYTE(3));
-	C2 = T0(STATE_BYTE(8))  ^
-	     T1(STATE_BYTE(13)) ^
-	     T2(STATE_BYTE(2))  ^
-	     T3(STATE_BYTE(7));
-	C3 = T0(STATE_BYTE(12)) ^
-	     T1(STATE_BYTE(1))  ^
-	     T2(STATE_BYTE(6))  ^
-	     T3(STATE_BYTE(11));
-	/* Round key addition */
-	COLUMN_0(state) = C0 ^ *roundkeyw++;
-	COLUMN_1(state) = C1 ^ *roundkeyw++;
-	COLUMN_2(state) = C2 ^ *roundkeyw++;
-	COLUMN_3(state) = C3 ^ *roundkeyw++;
-    }
-    /* Step 3: Do the last round */
-    /* Final round does not employ MixColumn */
-    C0 = ((BYTE0WORD(T2(STATE_BYTE(0))))   |
-          (BYTE1WORD(T3(STATE_BYTE(5))))   |
-          (BYTE2WORD(T0(STATE_BYTE(10))))  |
-          (BYTE3WORD(T1(STATE_BYTE(15)))))  ^
-          *roundkeyw++;
-    C1 = ((BYTE0WORD(T2(STATE_BYTE(4))))   |
-          (BYTE1WORD(T3(STATE_BYTE(9))))   |
-          (BYTE2WORD(T0(STATE_BYTE(14))))  |
-          (BYTE3WORD(T1(STATE_BYTE(3)))))   ^
-          *roundkeyw++;
-    C2 = ((BYTE0WORD(T2(STATE_BYTE(8))))   |
-          (BYTE1WORD(T3(STATE_BYTE(13))))  |
-          (BYTE2WORD(T0(STATE_BYTE(2))))   |
-          (BYTE3WORD(T1(STATE_BYTE(7)))))   ^
-          *roundkeyw++;
-    C3 = ((BYTE0WORD(T2(STATE_BYTE(12))))  |
-          (BYTE1WORD(T3(STATE_BYTE(1))))   |
-          (BYTE2WORD(T0(STATE_BYTE(6))))   |
-          (BYTE3WORD(T1(STATE_BYTE(11)))))  ^
-          *roundkeyw++;
-    *((PRUint32 *) pOut     )  = C0;
-    *((PRUint32 *)(pOut + 4))  = C1;
-    *((PRUint32 *)(pOut + 8))  = C2;
-    *((PRUint32 *)(pOut + 12)) = C3;
-#if defined(_X86_)
-#undef pIn
-#undef pOut
-#else
-    if ((ptrdiff_t)output & 0x3) {
-	memcpy(output, outBuf, sizeof outBuf);
-    }
-#endif
-    return SECSuccess;
-}
-
-static SECStatus 
-rijndael_decryptBlock128(AESContext *cx, 
-                         unsigned char *output,
-                         const unsigned char *input)
-{
-    int r;
-    PRUint32 *roundkeyw;
-    rijndael_state state;
-    PRUint32 C0, C1, C2, C3;
-#if defined(_X86_)
-#define pIn input
-#define pOut output
-#else
-    unsigned char *pIn, *pOut;
-    PRUint32 inBuf[4], outBuf[4];
-
-    if ((ptrdiff_t)input & 0x3) {
-	memcpy(inBuf, input, sizeof inBuf);
-	pIn = (unsigned char *)inBuf;
-    } else {
-	pIn = (unsigned char *)input;
-    }
-    if ((ptrdiff_t)output & 0x3) {
-	pOut = (unsigned char *)outBuf;
-    } else {
-	pOut = (unsigned char *)output;
-    }
-#endif
-    roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
-    /* reverse the final key addition */
-    COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw--;
-    COLUMN_2(state) = *((PRUint32 *)(pIn +  8)) ^ *roundkeyw--;
-    COLUMN_1(state) = *((PRUint32 *)(pIn +  4)) ^ *roundkeyw--;
-    COLUMN_0(state) = *((PRUint32 *)(pIn     )) ^ *roundkeyw--;
-    /* Loop over rounds in reverse [NR..1] */
-    for (r=cx->Nr; r>1; --r) {
-	/* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
-	C0 = TInv0(STATE_BYTE(0))  ^
-	     TInv1(STATE_BYTE(13)) ^
-	     TInv2(STATE_BYTE(10)) ^
-	     TInv3(STATE_BYTE(7));
-	C1 = TInv0(STATE_BYTE(4))  ^
-	     TInv1(STATE_BYTE(1))  ^
-	     TInv2(STATE_BYTE(14)) ^
-	     TInv3(STATE_BYTE(11));
-	C2 = TInv0(STATE_BYTE(8))  ^
-	     TInv1(STATE_BYTE(5))  ^
-	     TInv2(STATE_BYTE(2))  ^
-	     TInv3(STATE_BYTE(15));
-	C3 = TInv0(STATE_BYTE(12)) ^
-	     TInv1(STATE_BYTE(9))  ^
-	     TInv2(STATE_BYTE(6))  ^
-	     TInv3(STATE_BYTE(3));
-	/* Invert the key addition step */
-	COLUMN_3(state) = C3 ^ *roundkeyw--;
-	COLUMN_2(state) = C2 ^ *roundkeyw--;
-	COLUMN_1(state) = C1 ^ *roundkeyw--;
-	COLUMN_0(state) = C0 ^ *roundkeyw--;
-    }
-    /* inverse sub */
-    pOut[ 0] = SINV(STATE_BYTE( 0));
-    pOut[ 1] = SINV(STATE_BYTE(13));
-    pOut[ 2] = SINV(STATE_BYTE(10));
-    pOut[ 3] = SINV(STATE_BYTE( 7));
-    pOut[ 4] = SINV(STATE_BYTE( 4));
-    pOut[ 5] = SINV(STATE_BYTE( 1));
-    pOut[ 6] = SINV(STATE_BYTE(14));
-    pOut[ 7] = SINV(STATE_BYTE(11));
-    pOut[ 8] = SINV(STATE_BYTE( 8));
-    pOut[ 9] = SINV(STATE_BYTE( 5));
-    pOut[10] = SINV(STATE_BYTE( 2));
-    pOut[11] = SINV(STATE_BYTE(15));
-    pOut[12] = SINV(STATE_BYTE(12));
-    pOut[13] = SINV(STATE_BYTE( 9));
-    pOut[14] = SINV(STATE_BYTE( 6));
-    pOut[15] = SINV(STATE_BYTE( 3));
-    /* final key addition */
-    *((PRUint32 *)(pOut + 12)) ^= *roundkeyw--;
-    *((PRUint32 *)(pOut +  8)) ^= *roundkeyw--;
-    *((PRUint32 *)(pOut +  4)) ^= *roundkeyw--;
-    *((PRUint32 *) pOut      ) ^= *roundkeyw--;
-#if defined(_X86_)
-#undef pIn
-#undef pOut
-#else
-    if ((ptrdiff_t)output & 0x3) {
-	memcpy(output, outBuf, sizeof outBuf);
-    }
-#endif
-    return SECSuccess;
-}
-
-/**************************************************************************
- *
- * Stuff related to general Rijndael encryption/decryption, for blocksizes
- * greater than 128 bits.
- *
- * XXX This code is currently untested!  So far, AES specs have only been
- *     released for 128 bit blocksizes.  This will be tested, but for now
- *     only the code above has been tested using known values.
- *
- *************************************************************************/
-
-#define COLUMN(array, j) *((PRUint32 *)(array + j))
-
-SECStatus 
-rijndael_encryptBlock(AESContext *cx, 
-                      unsigned char *output,
-                      const unsigned char *input)
-{
-    return SECFailure;
-#ifdef rijndael_large_blocks_fixed
-    unsigned int j, r, Nb;
-    unsigned int c2=0, c3=0;
-    PRUint32 *roundkeyw;
-    PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
-    Nb = cx->Nb;
-    roundkeyw = cx->expandedKey;
-    /* Step 1: Add Round Key 0 to initial state */
-    for (j=0; j<4*Nb; j+=4) {
-	COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw++;
-    }
-    /* Step 2: Loop over rounds [1..NR-1] */
-    for (r=1; r<cx->Nr; ++r) {
-	for (j=0; j<Nb; ++j) {
-	    COLUMN(output, j) = T0(STATE_BYTE(4*  j          )) ^
-	                        T1(STATE_BYTE(4*((j+ 1)%Nb)+1)) ^
-	                        T2(STATE_BYTE(4*((j+c2)%Nb)+2)) ^
-	                        T3(STATE_BYTE(4*((j+c3)%Nb)+3));
-	}
-	for (j=0; j<4*Nb; j+=4) {
-	    COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw++;
-	}
-    }
-    /* Step 3: Do the last round */
-    /* Final round does not employ MixColumn */
-    for (j=0; j<Nb; ++j) {
-	COLUMN(output, j) = ((BYTE0WORD(T2(STATE_BYTE(4* j         ))))  |
-                             (BYTE1WORD(T3(STATE_BYTE(4*(j+ 1)%Nb)+1)))  |
-                             (BYTE2WORD(T0(STATE_BYTE(4*(j+c2)%Nb)+2)))  |
-                             (BYTE3WORD(T1(STATE_BYTE(4*(j+c3)%Nb)+3)))) ^
-	                     *roundkeyw++;
-    }
-    return SECSuccess;
-#endif
-}
-
-SECStatus 
-rijndael_decryptBlock(AESContext *cx, 
-                      unsigned char *output,
-                      const unsigned char *input)
-{
-    return SECFailure;
-#ifdef rijndael_large_blocks_fixed
-    int j, r, Nb;
-    int c2=0, c3=0;
-    PRUint32 *roundkeyw;
-    PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
-    Nb = cx->Nb;
-    roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
-    /* reverse key addition */
-    for (j=4*Nb; j>=0; j-=4) {
-	COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw--;
-    }
-    /* Loop over rounds in reverse [NR..1] */
-    for (r=cx->Nr; r>1; --r) {
-	/* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
-	for (j=0; j<Nb; ++j) {
-	    COLUMN(output, 4*j) = TInv0(STATE_BYTE(4* j            )) ^
-	                          TInv1(STATE_BYTE(4*(j+Nb- 1)%Nb)+1) ^
-	                          TInv2(STATE_BYTE(4*(j+Nb-c2)%Nb)+2) ^
-	                          TInv3(STATE_BYTE(4*(j+Nb-c3)%Nb)+3);
-	}
-	/* Invert the key addition step */
-	for (j=4*Nb; j>=0; j-=4) {
-	    COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw--;
-	}
-    }
-    /* inverse sub */
-    for (j=0; j<4*Nb; ++j) {
-	output[j] = SINV(clone[j]);
-    }
-    /* final key addition */
-    for (j=4*Nb; j>=0; j-=4) {
-	COLUMN(output, j) ^= *roundkeyw--;
-    }
-    return SECSuccess;
-#endif
-}
-
-/**************************************************************************
- *
- *  Rijndael modes of operation (ECB and CBC)
- *
- *************************************************************************/
-
-static SECStatus 
-rijndael_encryptECB(AESContext *cx, unsigned char *output,
-                    unsigned int *outputLen, unsigned int maxOutputLen,
-                    const unsigned char *input, unsigned int inputLen, 
-                    int blocksize)
-{
-    SECStatus rv;
-    AESBlockFunc *encryptor;
-    encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) 
-				  ? &rijndael_encryptBlock128 
-				  : &rijndael_encryptBlock;
-    while (inputLen > 0) {
-        rv = (*encryptor)(cx, output, input);
-	if (rv != SECSuccess)
-	    return rv;
-	output += blocksize;
-	input += blocksize;
-	inputLen -= blocksize;
-    }
-    return SECSuccess;
-}
-
-static SECStatus 
-rijndael_encryptCBC(AESContext *cx, unsigned char *output,
-                    unsigned int *outputLen, unsigned int maxOutputLen,
-                    const unsigned char *input, unsigned int inputLen, 
-                    int blocksize)
-{
-    int j;
-    SECStatus rv;
-    AESBlockFunc *encryptor;
-    unsigned char *lastblock;
-    unsigned char inblock[RIJNDAEL_MAX_STATE_SIZE * 8];
-
-    if (!inputLen)
-	return SECSuccess;
-    lastblock = cx->iv;
-    encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) 
-				  ? &rijndael_encryptBlock128 
-				  : &rijndael_encryptBlock;
-    while (inputLen > 0) {
-	/* XOR with the last block (IV if first block) */
-	for (j=0; j<blocksize; ++j)
-	    inblock[j] = input[j] ^ lastblock[j];
-	/* encrypt */
-        rv = (*encryptor)(cx, output, inblock);
-	if (rv != SECSuccess)
-	    return rv;
-	/* move to the next block */
-	lastblock = output;
-	output += blocksize;
-	input += blocksize;
-	inputLen -= blocksize;
-    }
-    memcpy(cx->iv, lastblock, blocksize);
-    return SECSuccess;
-}
-
-static SECStatus 
-rijndael_decryptECB(AESContext *cx, unsigned char *output,
-                    unsigned int *outputLen, unsigned int maxOutputLen,
-                    const unsigned char *input, unsigned int inputLen, 
-                    int blocksize)
-{
-    SECStatus rv;
-    AESBlockFunc *decryptor;
-    decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) 
-				  ? &rijndael_decryptBlock128 
-				  : &rijndael_decryptBlock;
-    while (inputLen > 0) {
-        rv = (*decryptor)(cx, output, input);
-	if (rv != SECSuccess)
-	    return rv;
-	output += blocksize;
-	input += blocksize;
-	inputLen -= blocksize;
-    }
-    return SECSuccess;
-}
-
-static SECStatus 
-rijndael_decryptCBC(AESContext *cx, unsigned char *output,
-                    unsigned int *outputLen, unsigned int maxOutputLen,
-                    const unsigned char *input, unsigned int inputLen, 
-                    int blocksize)
-{
-    SECStatus rv;
-    AESBlockFunc *decryptor;
-    const unsigned char *in;
-    unsigned char *out;
-    int j;
-    unsigned char newIV[RIJNDAEL_MAX_BLOCKSIZE];
-
-    if (!inputLen) 
-	return SECSuccess;
-    PORT_Assert(output - input >= 0 || input - output >= (int)inputLen );
-    decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE) 
-                                  ? &rijndael_decryptBlock128 
-				  : &rijndael_decryptBlock;
-    in  = input  + (inputLen - blocksize);
-    memcpy(newIV, in, blocksize);
-    out = output + (inputLen - blocksize);
-    while (inputLen > blocksize) {
-        rv = (*decryptor)(cx, out, in);
-	if (rv != SECSuccess)
-	    return rv;
-	for (j=0; j<blocksize; ++j)
-	    out[j] ^= in[j - blocksize];
-	out -= blocksize;
-	in -= blocksize;
-	inputLen -= blocksize;
-    }
-    if (in == input) {
-        rv = (*decryptor)(cx, out, in);
-	if (rv != SECSuccess)
-	    return rv;
-	for (j=0; j<blocksize; ++j)
-	    out[j] ^= cx->iv[j];
-    }
-    memcpy(cx->iv, newIV, blocksize);
-    return SECSuccess;
-}
-
-/************************************************************************
- *
- * BLAPI Interface functions
- *
- * The following functions implement the encryption routines defined in
- * BLAPI for the AES cipher, Rijndael.
- *
- ***********************************************************************/
-
-/* AES_CreateContext
- *
- * create a new context for Rijndael operations
- */
-AESContext *
-AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt,
-                  unsigned int keysize, unsigned int blocksize)
-{
-    AESContext *cx;
-    unsigned int Nk;
-    /* According to Rijndael AES Proposal, section 12.1, block and key
-     * lengths between 128 and 256 bits are supported, as long as the
-     * length in bytes is divisible by 4.
-     */
-    if (key == NULL || 
-        keysize < RIJNDAEL_MIN_BLOCKSIZE   || 
-	keysize > RIJNDAEL_MAX_BLOCKSIZE   || 
-	keysize % 4 != 0 ||
-        blocksize < RIJNDAEL_MIN_BLOCKSIZE || 
-	blocksize > RIJNDAEL_MAX_BLOCKSIZE || 
-	blocksize % 4 != 0) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    if (mode != NSS_AES && mode != NSS_AES_CBC) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    if (mode == NSS_AES_CBC && iv == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    cx = PORT_ZNew(AESContext);
-    if (!cx) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    	return NULL;
-    }
-    /* Nb = (block size in bits) / 32 */
-    cx->Nb = blocksize / 4;
-    /* Nk = (key size in bits) / 32 */
-    Nk = keysize / 4;
-    /* Obtain number of rounds from "table" */
-    cx->Nr = RIJNDAEL_NUM_ROUNDS(Nk, cx->Nb);
-    /* copy in the iv, if neccessary */
-    if (mode == NSS_AES_CBC) {
-	memcpy(cx->iv, iv, blocksize);
-	cx->worker = (encrypt) ? &rijndael_encryptCBC : &rijndael_decryptCBC;
-    } else {
-	cx->worker = (encrypt) ? &rijndael_encryptECB : &rijndael_decryptECB;
-    }
-    /* Allocate memory for the expanded key */
-    cx->expandedKey = PORT_ZNewArray(PRUint32, cx->Nb * (cx->Nr + 1));
-    if (!cx->expandedKey) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto cleanup;
-    }
-    /* Generate expanded key */
-    if (encrypt) {
-	if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
-	    goto cleanup;
-    } else {
-	if (rijndael_invkey_expansion(cx, key, Nk) != SECSuccess)
-	    goto cleanup;
-    }
-    return cx;
-cleanup:
-    if (cx->expandedKey)
-	PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1));
-    PORT_ZFree(cx, sizeof *cx);
-    return NULL;
-}
-
-/*
- * AES_DestroyContext
- * 
- * Zero an AES cipher context.  If freeit is true, also free the pointer
- * to the context.
- */
-void 
-AES_DestroyContext(AESContext *cx, PRBool freeit)
-{
-    PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1));
-    memset(cx, 0, sizeof *cx);
-    if (freeit)
-	PORT_Free(cx);
-}
-
-/*
- * AES_Encrypt
- *
- * Encrypt an arbitrary-length buffer.  The output buffer must already be
- * allocated to at least inputLen.
- */
-SECStatus 
-AES_Encrypt(AESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-    int blocksize;
-    /* Check args */
-    if (cx == NULL || output == NULL || input == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    blocksize = 4 * cx->Nb;
-    if (inputLen % blocksize != 0) {
-	PORT_SetError(SEC_ERROR_INPUT_LEN);
-	return SECFailure;
-    }
-    if (maxOutputLen < inputLen) {
-	PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-	return SECFailure;
-    }
-    *outputLen = inputLen;
-#if defined(RIJNDAEL_GENERATE_TABLES) ||  \
-    defined(RIJNDAEL_GENERATE_TABLES_MACRO)
-    if (rijndaelTables == NULL) {
-	if (PR_CallOnce(&coRTInit, init_rijndael_tables) 
-	      != PR_SUCCESS) {
-	    return PR_FAILURE;
-	}
-    }
-#endif
-    return (*cx->worker)(cx, output, outputLen, maxOutputLen,	
-                             input, inputLen, blocksize);
-}
-
-/*
- * AES_Decrypt
- *
- * Decrypt and arbitrary-length buffer.  The output buffer must already be
- * allocated to at least inputLen.
- */
-SECStatus 
-AES_Decrypt(AESContext *cx, unsigned char *output,
-            unsigned int *outputLen, unsigned int maxOutputLen,
-            const unsigned char *input, unsigned int inputLen)
-{
-    int blocksize;
-    /* Check args */
-    if (cx == NULL || output == NULL || input == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    blocksize = 4 * cx->Nb;
-    if (inputLen % blocksize != 0) {
-	PORT_SetError(SEC_ERROR_INPUT_LEN);
-	return SECFailure;
-    }
-    if (maxOutputLen < inputLen) {
-	PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-	return SECFailure;
-    }
-    *outputLen = inputLen;
-#if defined(RIJNDAEL_GENERATE_TABLES) ||  \
-    defined(RIJNDAEL_GENERATE_TABLES_MACRO)
-    if (rijndaelTables == NULL) {
-	if (PR_CallOnce(&coRTInit, init_rijndael_tables) 
-	      != PR_SUCCESS) {
-	    return PR_FAILURE;
-	}
-    }
-#endif
-    return (*cx->worker)(cx, output, outputLen, maxOutputLen,	
-                             input, inputLen, blocksize);
-}
-
diff --git a/security/nss/lib/freebl/rijndael.h b/security/nss/lib/freebl/rijndael.h
deleted file mode 100644
index 2a928ae4f..000000000
--- a/security/nss/lib/freebl/rijndael.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _RIJNDAEL_H_
-#define _RIJNDAEL_H_ 1
-
-#define RIJNDAEL_MIN_BLOCKSIZE 16 /* bytes */
-#define RIJNDAEL_MAX_BLOCKSIZE 32 /* bytes */
-
-typedef SECStatus AESFunc(AESContext *cx, unsigned char *output,
-                          unsigned int *outputLen, unsigned int maxOutputLen,
-                          const unsigned char *input, unsigned int inputLen, 
-                          int blocksize);
-
-typedef SECStatus AESBlockFunc(AESContext *cx, 
-                               unsigned char *output,
-                               const unsigned char *input);
-
-/* AESContextStr
- *
- * Values which maintain the state for Rijndael encryption/decryption.
- *
- * iv          - initialization vector for CBC mode
- * Nb          - the number of bytes in a block, specified by user
- * Nr          - the number of rounds, specified by a table
- * expandedKey - the round keys in 4-byte words, the length is Nr * Nb
- * worker      - the encryption/decryption function to use with this context
- */
-struct AESContextStr
-{
-    unsigned int   Nb;
-    unsigned int   Nr;
-    PRUint32      *expandedKey;
-    AESFunc       *worker;
-    unsigned char iv[RIJNDAEL_MAX_BLOCKSIZE];
-};
-
-/* RIJNDAEL_NUM_ROUNDS
- *
- * Number of rounds per execution
- * Nk - number of key bytes
- * Nb - blocksize (in bytes)
- */
-#define RIJNDAEL_NUM_ROUNDS(Nk, Nb) \
-    (PR_MAX(Nk, Nb) + 6)
-
-/* RIJNDAEL_NUM_ROUNDS
- *
- * Maximum number of bytes in the state (spec includes up to 256-bit block
- * size)
- */
-#define RIJNDAEL_MAX_STATE_SIZE 32
-
-#endif /* _RIJNDAEL_H_ */
diff --git a/security/nss/lib/freebl/rijndael32.tab b/security/nss/lib/freebl/rijndael32.tab
deleted file mode 100644
index 6b78e2e8b..000000000
--- a/security/nss/lib/freebl/rijndael32.tab
+++ /dev/null
@@ -1,1215 +0,0 @@
-#ifndef RIJNDAEL_INCLUDE_TABLES
-static const PRUint8 _S[256] = 
-{
- 99, 124, 119, 123, 242, 107, 111, 197,  48,   1, 103,  43, 254, 215, 171, 118,
-202, 130, 201, 125, 250,  89,  71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
-183, 253, 147,  38,  54,  63, 247, 204,  52, 165, 229, 241, 113, 216,  49,  21,
-  4, 199,  35, 195,  24, 150,   5, 154,   7,  18, 128, 226, 235,  39, 178, 117,
-  9, 131,  44,  26,  27, 110,  90, 160,  82,  59, 214, 179,  41, 227,  47, 132,
- 83, 209,   0, 237,  32, 252, 177,  91, 106, 203, 190,  57,  74,  76,  88, 207,
-208, 239, 170, 251,  67,  77,  51, 133,  69, 249,   2, 127,  80,  60, 159, 168,
- 81, 163,  64, 143, 146, 157,  56, 245, 188, 182, 218,  33,  16, 255, 243, 210,
-205,  12,  19, 236,  95, 151,  68,  23, 196, 167, 126,  61, 100,  93,  25, 115,
- 96, 129,  79, 220,  34,  42, 144, 136,  70, 238, 184,  20, 222,  94,  11, 219,
-224,  50,  58,  10,  73,   6,  36,  92, 194, 211, 172,  98, 145, 149, 228, 121,
-231, 200,  55, 109, 141, 213,  78, 169, 108,  86, 244, 234, 101, 122, 174,   8,
-186, 120,  37,  46,  28, 166, 180, 198, 232, 221, 116,  31,  75, 189, 139, 138,
-112,  62, 181, 102,  72,   3, 246,  14,  97,  53,  87, 185, 134, 193,  29, 158,
-225, 248, 152,  17, 105, 217, 142, 148, 155,  30, 135, 233, 206,  85,  40, 223,
-140, 161, 137,  13, 191, 230,  66, 104,  65, 153,  45,  15, 176,  84, 187,  22 
-};
-#endif /* not RIJNDAEL_INCLUDE_TABLES */
-
-static const PRUint8 _SInv[256] = 
-{
- 82,   9, 106, 213,  48,  54, 165,  56, 191,  64, 163, 158, 129, 243, 215, 251,
-124, 227,  57, 130, 155,  47, 255, 135,  52, 142,  67,  68, 196, 222, 233, 203,
- 84, 123, 148,  50, 166, 194,  35,  61, 238,  76, 149,  11,  66, 250, 195,  78,
-  8,  46, 161, 102,  40, 217,  36, 178, 118,  91, 162,  73, 109, 139, 209,  37,
-114, 248, 246, 100, 134, 104, 152,  22, 212, 164,  92, 204,  93, 101, 182, 146,
-108, 112,  72,  80, 253, 237, 185, 218,  94,  21,  70,  87, 167, 141, 157, 132,
-144, 216, 171,   0, 140, 188, 211,  10, 247, 228,  88,   5, 184, 179,  69,   6,
-208,  44,  30, 143, 202,  63,  15,   2, 193, 175, 189,   3,   1,  19, 138, 107,
- 58, 145,  17,  65,  79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
-150, 172, 116,  34, 231, 173,  53, 133, 226, 249,  55, 232,  28, 117, 223, 110,
- 71, 241,  26, 113,  29,  41, 197, 137, 111, 183,  98,  14, 170,  24, 190,  27,
-252,  86,  62,  75, 198, 210, 121,  32, 154, 219, 192, 254, 120, 205,  90, 244,
- 31, 221, 168,  51, 136,   7, 199,  49, 177,  18,  16,  89,  39, 128, 236,  95,
- 96,  81, 127, 169,  25, 181,  74,  13,  45, 229, 122, 159, 147, 201, 156, 239,
-160, 224,  59,  77, 174,  42, 245, 176, 200, 235, 187,  60, 131,  83, 153,  97,
- 23,  43,   4, 126, 186, 119, 214,  38, 225, 105,  20,  99,  85,  33,  12, 125 
-};
-
-#ifdef RIJNDAEL_INCLUDE_TABLES
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T0[256] = 
-{
-0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 0xbd6b6bd6,
-0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56,
-0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, 0x45caca8f, 0x9d82821f,
-0x40c9c989, 0x877d7dfa, 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb,
-0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
-0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
-0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 0x5c343468, 0xf4a5a551,
-0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
-0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637,
-0x0f05050a, 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
-0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 0x9e83831d,
-0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
-0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, 0x7b292952, 0x3ee3e3dd,
-0x712f2f5e, 0x97848413, 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1,
-0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
-0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
-0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 0xc5434386, 0xd74d4d9a,
-0x55333366, 0x94858511, 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe,
-0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d,
-0xc0404080, 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
-0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 0x1affffe5,
-0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
-0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, 0x57c4c493, 0xf2a7a755,
-0x827e7efc, 0x473d3d7a, 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
-0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
-0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
-0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 0x3be0e0db, 0x56323264,
-0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8,
-0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531,
-0x37e4e4d3, 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
-0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 0xfa5656ac,
-0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
-0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, 0x241c1c38, 0xf1a6a657,
-0xc7b4b473, 0x51c6c697, 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
-0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
-0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c,
-0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 0x91868617, 0x58c1c199,
-0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
-0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c,
-0x92878715, 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
-0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 0x31e6e6d7,
-0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
-0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c  
-};
-#else
-static const PRUint32 _T0[256] = 
-{
-0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
-0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
-0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
-0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
-0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
-0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
-0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
-0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
-0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
-0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
-0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
-0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
-0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
-0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
-0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
-0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
-0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
-0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
-0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
-0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
-0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
-0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
-0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
-0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
-0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
-0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
-0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
-0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
-0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
-0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
-0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
-0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
-0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
-0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
-0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
-0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
-0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
-0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
-0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
-0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
-0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
-0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
-0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T1[256] = 
-{
-0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 0x6b6bd6bd,
-0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d,
-0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a, 0xcaca8f45, 0x82821f9d,
-0xc9c98940, 0x7d7dfa87, 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
-0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7,
-0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
-0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, 0x3434685c, 0xa5a551f4,
-0xe5e5d134, 0xf1f1f908, 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
-0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1,
-0x05050a0f, 0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
-0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, 0x83831d9e,
-0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
-0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce, 0x2929527b, 0xe3e3dd3e,
-0x2f2f5e71, 0x84841397, 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c,
-0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46,
-0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
-0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, 0x434386c5, 0x4d4d9ad7,
-0x33336655, 0x85851194, 0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81,
-0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe,
-0x404080c0, 0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
-0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, 0xffffe51a,
-0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f,
-0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39, 0xc4c49357, 0xa7a755f2,
-0x7e7efc82, 0x3d3d7a47, 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
-0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e,
-0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
-0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, 0xe0e0db3b, 0x32326456,
-0x3a3a744e, 0x0a0a141e, 0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4,
-0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4,
-0xe4e4d337, 0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
-0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, 0x5656acfa,
-0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018,
-0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72, 0x1c1c3824, 0xa6a657f1,
-0xb4b473c7, 0xc6c69751, 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
-0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42,
-0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12,
-0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, 0x86861791, 0xc1c19958,
-0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
-0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22,
-0x87871592, 0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
-0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, 0xe6e6d731,
-0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11,
-0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a  
-};
-#else
-static const PRUint32 _T1[256] = 
-{
-0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, 0x0dfff2f2, 0xbdd66b6b,
-0xb1de6f6f, 0x5491c5c5, 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
-0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, 0x458fcaca, 0x9d1f8282,
-0x4089c9c9, 0x87fa7d7d, 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
-0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, 0xbf239c9c, 0xf753a4a4,
-0x96e47272, 0x5b9bc0c0, 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
-0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, 0x5c683434, 0xf451a5a5,
-0x34d1e5e5, 0x08f9f1f1, 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
-0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, 0x28301818, 0xa1379696,
-0x0f0a0505, 0xb52f9a9a, 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
-0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, 0x1b120909, 0x9e1d8383,
-0x74582c2c, 0x2e341a1a, 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
-0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, 0x7b522929, 0x3edde3e3,
-0x715e2f2f, 0x97138484, 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
-0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, 0xbed46a6a, 0x468dcbcb,
-0xd967bebe, 0x4b723939, 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
-0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, 0xc5864343, 0xd79a4d4d,
-0x55663333, 0x94118585, 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
-0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, 0xf3a25151, 0xfe5da3a3,
-0xc0804040, 0x8a058f8f, 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
-0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, 0x30201010, 0x1ae5ffff,
-0x0efdf3f3, 0x6dbfd2d2, 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
-0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, 0x5793c4c4, 0xf255a7a7,
-0x82fc7e7e, 0x477a3d3d, 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
-0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, 0x66442222, 0x7e542a2a,
-0xab3b9090, 0x830b8888, 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
-0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, 0x3bdbe0e0, 0x56643232,
-0x4e743a3a, 0x1e140a0a, 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
-0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, 0xa8399191, 0xa4319595,
-0x37d3e4e4, 0x8bf27979, 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
-0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, 0xb4d86c6c, 0xfaac5656,
-0x07f3f4f4, 0x25cfeaea, 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
-0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, 0x24381c1c, 0xf157a6a6,
-0xc773b4b4, 0x5197c6c6, 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
-0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, 0x90e07070, 0x427c3e3e,
-0xc471b5b5, 0xaacc6666, 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
-0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, 0x91178686, 0x5899c1c1,
-0x273a1d1d, 0xb9279e9e, 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
-0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, 0xb62d9b9b, 0x223c1e1e,
-0x92158787, 0x20c9e9e9, 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
-0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, 0xda65bfbf, 0x31d7e6e6,
-0xc6844242, 0xb8d06868, 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
-0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T2[256] = 
-{
-0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 0x6bd6bd6b,
-0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b,
-0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76, 0xca8f45ca, 0x821f9d82,
-0xc98940c9, 0x7dfa877d, 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
-0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4,
-0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
-0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, 0x34685c34, 0xa551f4a5,
-0xe5d134e5, 0xf1f908f1, 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
-0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196,
-0x050a0f05, 0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
-0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, 0x831d9e83,
-0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
-0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3, 0x29527b29, 0xe3dd3ee3,
-0x2f5e712f, 0x84139784, 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced,
-0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb,
-0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
-0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, 0x4386c543, 0x4d9ad74d,
-0x33665533, 0x85119485, 0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f,
-0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3,
-0x4080c040, 0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
-0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, 0xffe51aff,
-0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec,
-0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917, 0xc49357c4, 0xa755f2a7,
-0x7efc827e, 0x3d7a473d, 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
-0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a,
-0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
-0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, 0xe0db3be0, 0x32645632,
-0x3a744e3a, 0x0a141e0a, 0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c,
-0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495,
-0xe4d337e4, 0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
-0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, 0x56acfa56,
-0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808,
-0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e, 0x1c38241c, 0xa657f1a6,
-0xb473c7b4, 0xc69751c6, 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
-0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e,
-0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e,
-0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, 0x86179186, 0xc19958c1,
-0x1d3a271d, 0x9e27b99e, 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
-0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e,
-0x87159287, 0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
-0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, 0xe6d731e6,
-0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f,
-0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16  
-};
-#else
-static const PRUint32 _T2[256] = 
-{
-0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, 0xf20dfff2, 0x6bbdd66b,
-0x6fb1de6f, 0xc55491c5, 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b,
-0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, 0xca458fca, 0x829d1f82,
-0xc94089c9, 0x7d87fa7d, 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0,
-0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, 0x9cbf239c, 0xa4f753a4,
-0x7296e472, 0xc05b9bc0, 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26,
-0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, 0x345c6834, 0xa5f451a5,
-0xe534d1e5, 0xf108f9f1, 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15,
-0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, 0x18283018, 0x96a13796,
-0x050f0a05, 0x9ab52f9a, 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2,
-0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, 0x091b1209, 0x839e1d83,
-0x2c74582c, 0x1a2e341a, 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0,
-0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, 0x297b5229, 0xe33edde3,
-0x2f715e2f, 0x84971384, 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed,
-0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, 0x6abed46a, 0xcb468dcb,
-0xbed967be, 0x394b7239, 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf,
-0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, 0x43c58643, 0x4dd79a4d,
-0x33556633, 0x85941185, 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f,
-0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, 0x51f3a251, 0xa3fe5da3,
-0x40c08040, 0x8f8a058f, 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5,
-0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, 0x10302010, 0xff1ae5ff,
-0xf30efdf3, 0xd26dbfd2, 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec,
-0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, 0xc45793c4, 0xa7f255a7,
-0x7e82fc7e, 0x3d477a3d, 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673,
-0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, 0x22664422, 0x2a7e542a,
-0x90ab3b90, 0x88830b88, 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814,
-0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, 0xe03bdbe0, 0x32566432,
-0x3a4e743a, 0x0a1e140a, 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c,
-0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, 0x91a83991, 0x95a43195,
-0xe437d3e4, 0x798bf279, 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d,
-0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, 0x6cb4d86c, 0x56faac56,
-0xf407f3f4, 0xea25cfea, 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008,
-0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, 0x1c24381c, 0xa6f157a6,
-0xb4c773b4, 0xc65197c6, 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f,
-0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, 0x7090e070, 0x3e427c3e,
-0xb5c471b5, 0x66aacc66, 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e,
-0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, 0x86911786, 0xc15899c1,
-0x1d273a1d, 0x9eb9279e, 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211,
-0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, 0x9bb62d9b, 0x1e223c1e,
-0x87921587, 0xe920c9e9, 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df,
-0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, 0xbfda65bf, 0xe631d7e6,
-0x42c68442, 0x68b8d068, 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f,
-0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T3[256] = 
-{
-0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 0xd6bd6b6b,
-0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b,
-0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676, 0x8f45caca, 0x1f9d8282,
-0x8940c9c9, 0xfa877d7d, 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
-0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4,
-0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
-0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, 0x685c3434, 0x51f4a5a5,
-0xd134e5e5, 0xf908f1f1, 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
-0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696,
-0x0a0f0505, 0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
-0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, 0x1d9e8383,
-0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
-0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3, 0x527b2929, 0xdd3ee3e3,
-0x5e712f2f, 0x13978484, 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded,
-0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb,
-0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
-0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, 0x86c54343, 0x9ad74d4d,
-0x66553333, 0x11948585, 0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f,
-0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3,
-0x80c04040, 0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
-0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, 0xe51affff,
-0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
-0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717, 0x9357c4c4, 0x55f2a7a7,
-0xfc827e7e, 0x7a473d3d, 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
-0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a,
-0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
-0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, 0xdb3be0e0, 0x64563232,
-0x744e3a3a, 0x141e0a0a, 0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c,
-0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595,
-0xd337e4e4, 0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
-0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, 0xacfa5656,
-0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
-0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e, 0x38241c1c, 0x57f1a6a6,
-0x73c7b4b4, 0x9751c6c6, 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
-0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e,
-0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e,
-0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, 0x17918686, 0x9958c1c1,
-0x3a271d1d, 0x27b99e9e, 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
-0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e,
-0x15928787, 0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
-0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, 0xd731e6e6,
-0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
-0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616  
-};
-#else
-static const PRUint32 _T3[256] = 
-{
-0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, 0xf2f20dff, 0x6b6bbdd6,
-0x6f6fb1de, 0xc5c55491, 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56,
-0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, 0xcaca458f, 0x82829d1f,
-0xc9c94089, 0x7d7d87fa, 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb,
-0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, 0x9c9cbf23, 0xa4a4f753,
-0x727296e4, 0xc0c05b9b, 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c,
-0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, 0x34345c68, 0xa5a5f451,
-0xe5e534d1, 0xf1f108f9, 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a,
-0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, 0x18182830, 0x9696a137,
-0x05050f0a, 0x9a9ab52f, 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf,
-0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, 0x09091b12, 0x83839e1d,
-0x2c2c7458, 0x1a1a2e34, 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b,
-0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, 0x29297b52, 0xe3e33edd,
-0x2f2f715e, 0x84849713, 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1,
-0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, 0x6a6abed4, 0xcbcb468d,
-0xbebed967, 0x39394b72, 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85,
-0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, 0x4343c586, 0x4d4dd79a,
-0x33335566, 0x85859411, 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe,
-0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, 0x5151f3a2, 0xa3a3fe5d,
-0x4040c080, 0x8f8f8a05, 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1,
-0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, 0x10103020, 0xffff1ae5,
-0xf3f30efd, 0xd2d26dbf, 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3,
-0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, 0xc4c45793, 0xa7a7f255,
-0x7e7e82fc, 0x3d3d477a, 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6,
-0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, 0x22226644, 0x2a2a7e54,
-0x9090ab3b, 0x8888830b, 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28,
-0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, 0xe0e03bdb, 0x32325664,
-0x3a3a4e74, 0x0a0a1e14, 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8,
-0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, 0x9191a839, 0x9595a431,
-0xe4e437d3, 0x79798bf2, 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da,
-0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, 0x6c6cb4d8, 0x5656faac,
-0xf4f407f3, 0xeaea25cf, 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810,
-0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, 0x1c1c2438, 0xa6a6f157,
-0xb4b4c773, 0xc6c65197, 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e,
-0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, 0x707090e0, 0x3e3e427c,
-0xb5b5c471, 0x6666aacc, 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c,
-0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, 0x86869117, 0xc1c15899,
-0x1d1d273a, 0x9e9eb927, 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322,
-0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, 0x9b9bb62d, 0x1e1e223c,
-0x87879215, 0xe9e920c9, 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5,
-0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, 0xbfbfda65, 0xe6e631d7,
-0x4242c684, 0x6868b8d0, 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e,
-0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv0[256] = 
-{
-0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f,
-0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
-0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, 0x495ab1de, 0x671bba25,
-0x980eea45, 0xe1c0fe5d, 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
-0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
-0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
-0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 0x184adf63, 0x82311ae5,
-0x60335197, 0x457f5362, 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
-0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72,
-0x578f1fe3, 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
-0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 0x92b479a7,
-0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
-0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, 0x39ec830b, 0xaaef6040,
-0x069f715e, 0x51106ebd, 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
-0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
-0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
-0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 0x83868009, 0x48ed2b32,
-0xac70111e, 0x4e725a6c, 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
-0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793,
-0xd296eeb4, 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
-0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 0xadc78bf2,
-0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
-0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, 0x7629438b, 0xdcc623cb,
-0x68fcedb6, 0x63f1e4b8, 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
-0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
-0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
-0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 0xc74e4987, 0xc1d138d9,
-0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
-0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890,
-0x5ef7392e, 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
-0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 0xf418596e,
-0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef,
-0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, 0xafb2a431, 0x31233f2a,
-0x3094a5c6, 0xc066a235, 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
-0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
-0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
-0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 0x5a1d67b3, 0x52d2db92,
-0x335610e9, 0x1347d66d, 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
-0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255,
-0x79ce1418, 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
-0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 0x0c25e2bc,
-0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
-0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0  
-};
-#else
-static const PRUint32 _TInv0[256] = 
-{
-0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1,
-0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
-0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67,
-0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
-0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3,
-0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
-0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182,
-0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
-0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2,
-0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
-0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0xa779b492,
-0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
-0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa,
-0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
-0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997,
-0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
-0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48,
-0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
-0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f,
-0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
-0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad,
-0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
-0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc,
-0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
-0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3,
-0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
-0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1,
-0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
-0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8,
-0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
-0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4,
-0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
-0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331,
-0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
-0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, 0x764dd68d, 0x43efb04d,
-0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
-0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252,
-0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
-0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f,
-0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
-0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c,
-0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
-0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv1[256] = 
-{
-0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 0x459d1ff1,
-0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525,
-0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f, 0x5ab1de49, 0x1bba2567,
-0x0eea4598, 0xc0fe5de1, 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6,
-0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3,
-0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd,
-0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, 0x4adf6318, 0x311ae582,
-0x33519760, 0x7f536245, 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994,
-0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2,
-0x8f1fe357, 0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5,
-0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, 0xb479a792,
-0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a,
-0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475, 0xec830b39, 0xef6040aa,
-0x9f715e06, 0x106ebd51, 0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46,
-0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697,
-0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db,
-0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, 0x86800983, 0xed2b3248,
-0x70111eac, 0x725a6c4e, 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627,
-0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f,
-0x96eeb4d2, 0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
-0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, 0xc78bf2ad,
-0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd,
-0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34, 0x29438b76, 0xc623cbdc,
-0xfcedb668, 0xf1e4b863, 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420,
-0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3,
-0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722,
-0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, 0x4e4987c7, 0xd138d9c1,
-0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4,
-0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8,
-0xf7392e5e, 0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
-0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, 0x18596ef4,
-0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6,
-0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6, 0xb2a431af, 0x233f2a31,
-0x94a5c630, 0x66a235c0, 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315,
-0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d,
-0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f,
-0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, 0x1d67b35a, 0xd2db9252,
-0x5610e933, 0x47d66d13, 0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89,
-0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f,
-0xce141879, 0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
-0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, 0x25e2bc0c,
-0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490,
-0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042  
-};
-#else
-static const PRUint32 _TInv1[256] = 
-{
-0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, 0xcb3bab6b, 0xf11f9d45,
-0xabacfa58, 0x934be303, 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
-0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, 0x49deb15a, 0x6725ba1b,
-0x9845ea0e, 0xe15dfec0, 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
-0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, 0x2dd4be83, 0xd3587421,
-0x2949e069, 0x448ec9c8, 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
-0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, 0x1863df4a, 0x82e51a31,
-0x60975133, 0x4562537f, 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
-0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, 0x23ab73d3, 0xe2724b02,
-0x57e31f8f, 0x2a6655ab, 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
-0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, 0x2b8acf1c, 0x92a779b4,
-0xf0f307f2, 0xa14e69e2, 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
-0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, 0x390b83ec, 0xaa4060ef,
-0x065e719f, 0x51bd6e10, 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
-0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, 0x241998fb, 0x97d6bde9,
-0xcc894043, 0x7767d99e, 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
-0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, 0x83098086, 0x48322bed,
-0xac1e1170, 0x4e6c5a72, 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
-0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, 0xb10c0a67, 0x0f9357e7,
-0xd2b4ee96, 0x9e1b9b91, 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
-0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, 0x0b0e090d, 0xadf28bc7,
-0xb92db6a8, 0xc8141ea9, 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
-0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, 0x768b4329, 0xdccb23c6,
-0x68b6edfc, 0x63b8e4f1, 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
-0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, 0x4b1d9e2f, 0xf3dcb230,
-0xec0d8652, 0xd077c1e3, 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
-0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, 0xc787494e, 0xc1d938d1,
-0xfe8ccaa2, 0x3698d40b, 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
-0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, 0xc2f68d13, 0xe890d8b8,
-0x5e2e39f7, 0xf582c3af, 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
-0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, 0x09cd2678, 0xf46e5918,
-0x01ec9ab7, 0xa8834f9a, 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
-0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, 0xaf31a4b2, 0x312a3f23,
-0x30c6a594, 0xc035a266, 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
-0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, 0x8d764dd6, 0x4d43efb0,
-0x54ccaa4d, 0xdfe49604, 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
-0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, 0x5ab3671d, 0x5292dbd2,
-0x33e91056, 0x136dd647, 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
-0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, 0x599cd2df, 0x3f55f273,
-0x791814ce, 0xbf73c737, 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
-0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, 0x72161dc3, 0x0cbce225,
-0x8b283c49, 0x41ff0d95, 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
-0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv2[256] = 
-{
-0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 0x9d1ff145,
-0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c,
-0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3, 0xb1de495a, 0xba25671b,
-0xea45980e, 0xfe5de1c0, 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9,
-0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321,
-0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71,
-0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, 0xdf63184a, 0x1ae58231,
-0x51976033, 0x5362457f, 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b,
-0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202,
-0x1fe3578f, 0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
-0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, 0x79a792b4,
-0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe,
-0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb, 0x830b39ec, 0x6040aaef,
-0x715e069f, 0x6ebd5110, 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd,
-0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9,
-0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee,
-0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, 0x80098386, 0x2b3248ed,
-0x111eac70, 0x5a6c4e72, 0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739,
-0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7,
-0xeeb4d296, 0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
-0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, 0x8bf2adc7,
-0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60,
-0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e, 0x438b7629, 0x23cbdcc6,
-0xedb668fc, 0xe4b863f1, 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011,
-0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330,
-0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264,
-0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, 0x4987c74e, 0x38d9c1d1,
-0xca8cfea2, 0xd498360b, 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf,
-0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8,
-0x392e5ef7, 0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
-0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, 0x596ef418,
-0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8,
-0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c, 0xa431afb2, 0x3f2a3123,
-0xa5c63094, 0xa235c066, 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8,
-0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0,
-0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51,
-0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, 0x67b35a1d, 0xdb9252d2,
-0x10e93356, 0xd66d1347, 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c,
-0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73,
-0x141879ce, 0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
-0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, 0xe2bc0c25,
-0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1,
-0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257  
-};
-#else
-static const PRUint32 _TInv2[256] = 
-{
-0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, 0x6bcb3bab, 0x45f11f9d,
-0x58abacfa, 0x03934be3, 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502,
-0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, 0x5a49deb1, 0x1b6725ba,
-0x0e9845ea, 0xc0e15dfe, 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3,
-0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, 0x832dd4be, 0x21d35874,
-0x692949e0, 0xc8448ec9, 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9,
-0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, 0x4a1863df, 0x3182e51a,
-0x33609751, 0x7f456253, 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908,
-0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, 0xd323ab73, 0x02e2724b,
-0x8f57e31f, 0xab2a6655, 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337,
-0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, 0x1c2b8acf, 0xb492a779,
-0xf2f0f307, 0xe2a14e69, 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6,
-0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, 0xec390b83, 0xefaa4060,
-0x9f065e71, 0x1051bd6e, 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6,
-0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, 0xfb241998, 0xe997d6bd,
-0x43cc8940, 0x9e7767d9, 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8,
-0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, 0x86830980, 0xed48322b,
-0x70ac1e11, 0x724e6c5a, 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d,
-0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, 0x67b10c0a, 0xe70f9357,
-0x96d2b4ee, 0x919e1b9b, 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12,
-0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, 0x0d0b0e09, 0xc7adf28b,
-0xa8b92db6, 0xa9c8141e, 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f,
-0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, 0x29768b43, 0xc6dccb23,
-0xfc68b6ed, 0xf163b8e4, 0xdccad731, 0x85104263, 0x22401397, 0x112084c6,
-0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, 0x2f4b1d9e, 0x30f3dcb2,
-0x52ec0d86, 0xe3d077c1, 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9,
-0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, 0x4ec78749, 0xd1c1d938,
-0xa2fe8cca, 0x0b3698d4, 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad,
-0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, 0x13c2f68d, 0xb8e890d8,
-0xf75e2e39, 0xaff582c3, 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25,
-0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, 0x7809cd26, 0x18f46e59,
-0xb701ec9a, 0x9aa8834f, 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15,
-0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, 0xb2af31a4, 0x23312a3f,
-0x9430c6a5, 0x66c035a2, 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7,
-0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, 0xd68d764d, 0xb04d43ef,
-0x4d54ccaa, 0x04dfe496, 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665,
-0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, 0x1d5ab367, 0xd25292db,
-0x5633e910, 0x47136dd6, 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13,
-0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, 0xdf599cd2, 0x733f55f2,
-0xce791814, 0x37bf73c7, 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844,
-0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, 0xc372161d, 0x250cbce2,
-0x498b283c, 0x9541ff0d, 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456,
-0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv3[256] = 
-{
-0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 0x1ff1459d,
-0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02,
-0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362, 0xde495ab1, 0x25671bba,
-0x45980eea, 0x5de1c0fe, 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3,
-0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174,
-0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9,
-0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, 0x63184adf, 0xe582311a,
-0x97603351, 0x62457f53, 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08,
-0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b,
-0xe3578f1f, 0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
-0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, 0xa792b479,
-0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6,
-0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6, 0x0b39ec83, 0x40aaef60,
-0x5e069f71, 0xbd51106e, 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6,
-0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd,
-0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8,
-0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, 0x09838680, 0x3248ed2b,
-0x1eac7011, 0x6c4e725a, 0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d,
-0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757,
-0xb4d296ee, 0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
-0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, 0xf2adc78b,
-0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f,
-0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb, 0x8b762943, 0xcbdcc623,
-0xb668fced, 0xb863f1e4, 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6,
-0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2,
-0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9,
-0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, 0x87c74e49, 0xd9c1d138,
-0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad,
-0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8,
-0x2e5ef739, 0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
-0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, 0x6ef41859,
-0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815,
-0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0, 0x31afb2a4, 0x2a31233f,
-0xc63094a5, 0x35c066a2, 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7,
-0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef,
-0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165,
-0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, 0xb35a1d67, 0x9252d2db,
-0xe9335610, 0x6d1347d6, 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13,
-0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2,
-0x1879ce14, 0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
-0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, 0xbc0c25e2,
-0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156,
-0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8  
-};
-#else
-static const PRUint32 _TInv3[256] = 
-{
-0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f,
-0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5,
-0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725,
-0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b,
-0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358,
-0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27,
-0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5,
-0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9,
-0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272,
-0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3,
-0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7,
-0x07f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4,
-0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40,
-0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d,
-0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6,
-0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79,
-0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, 0x80868309, 0x2bed4832,
-0x1170ac1e, 0x5a724e6c, 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736,
-0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0x0a67b10c, 0x57e70f93,
-0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c,
-0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x090d0b0e, 0x8bc7adf2,
-0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3,
-0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb,
-0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084,
-0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc,
-0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247,
-0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9,
-0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f,
-0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890,
-0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf,
-0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e,
-0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef,
-0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a,
-0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533,
-0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43,
-0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46,
-0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, 0x671d5ab3, 0xdbd25292,
-0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb,
-0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55,
-0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678,
-0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc,
-0x3c498b28, 0x0d9541ff, 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064,
-0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC0[256] = 
-{
-0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, 0x2c342438, 0x27392d36,
-0x3a2e3624, 0x31233f2a, 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362,
-0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, 0xb0d090e0, 0xbbdd99ee,
-0xa6ca82fc, 0xadc78bf2, 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca,
-0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, 0xc48cfca8, 0xcf81f5a6,
-0xd296eeb4, 0xd99be7ba, 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9,
-0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, 0x23d373ab, 0x28de7aa5,
-0x35c961b7, 0x3ec468b9, 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81,
-0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, 0xe75f8f03, 0xec52860d,
-0xf1459d1f, 0xfa489411, 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859,
-0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, 0xf66d76ad, 0xfd607fa3,
-0xe07764b1, 0xeb7a6dbf, 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987,
-0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, 0x82311ae5, 0x893c13eb,
-0x942b08f9, 0x9f2601f7, 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f,
-0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, 0x1ed5ae3d, 0x15d8a733,
-0x08cfbc21, 0x03c2b52f, 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117,
-0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, 0xa1e2694e, 0xaaef6040,
-0xb7f87b52, 0xbcf5725c, 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14,
-0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, 0x3d06dd96, 0x360bd498,
-0x2b1ccf8a, 0x2011c684, 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc,
-0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, 0x495ab1de, 0x4257b8d0,
-0x5f40a3c2, 0x544daacc, 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753,
-0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, 0xafb2a431, 0xa4bfad3f,
-0xb9a8b62d, 0xb2a5bf23, 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b,
-0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, 0x6b3e5899, 0x60335197,
-0x7d244a85, 0x7629438b, 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3,
-0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, 0x8c61d79a, 0x876cde94,
-0x9a7bc586, 0x9176cc88, 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0,
-0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, 0xf83dbbd2, 0xf330b2dc,
-0xee27a9ce, 0xe52aa0c0, 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68,
-0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, 0x64d90f0a, 0x6fd40604,
-0x72c31d16, 0x79ce1418, 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020,
-0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, 0x2d83bed4, 0x268eb7da,
-0x3b99acc8, 0x3094a5c6, 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e,
-0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, 0xb1670a0c, 0xba6a0302,
-0xa77d1810, 0xac70111e, 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526,
-0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, 0xc53b6644, 0xce366f4a,
-0xd3217458, 0xd82c7d56, 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25,
-0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, 0x2264e947, 0x2969e049,
-0x347efb5b, 0x3f73f255, 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d,
-0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, 0xe6e815ef, 0xede51ce1,
-0xf0f207f3, 0xfbff0efd, 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5,
-0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d  
-};
-#else
-static const PRUint32 _IMXC0[256] = 
-{
-0x00000000, 0x0e090d0b, 0x1c121a16, 0x121b171d, 0x3824342c, 0x362d3927,
-0x24362e3a, 0x2a3f2331, 0x70486858, 0x7e416553, 0x6c5a724e, 0x62537f45,
-0x486c5c74, 0x4665517f, 0x547e4662, 0x5a774b69, 0xe090d0b0, 0xee99ddbb,
-0xfc82caa6, 0xf28bc7ad, 0xd8b4e49c, 0xd6bde997, 0xc4a6fe8a, 0xcaaff381,
-0x90d8b8e8, 0x9ed1b5e3, 0x8ccaa2fe, 0x82c3aff5, 0xa8fc8cc4, 0xa6f581cf,
-0xb4ee96d2, 0xbae79bd9, 0xdb3bbb7b, 0xd532b670, 0xc729a16d, 0xc920ac66,
-0xe31f8f57, 0xed16825c, 0xff0d9541, 0xf104984a, 0xab73d323, 0xa57ade28,
-0xb761c935, 0xb968c43e, 0x9357e70f, 0x9d5eea04, 0x8f45fd19, 0x814cf012,
-0x3bab6bcb, 0x35a266c0, 0x27b971dd, 0x29b07cd6, 0x038f5fe7, 0x0d8652ec,
-0x1f9d45f1, 0x119448fa, 0x4be30393, 0x45ea0e98, 0x57f11985, 0x59f8148e,
-0x73c737bf, 0x7dce3ab4, 0x6fd52da9, 0x61dc20a2, 0xad766df6, 0xa37f60fd,
-0xb16477e0, 0xbf6d7aeb, 0x955259da, 0x9b5b54d1, 0x894043cc, 0x87494ec7,
-0xdd3e05ae, 0xd33708a5, 0xc12c1fb8, 0xcf2512b3, 0xe51a3182, 0xeb133c89,
-0xf9082b94, 0xf701269f, 0x4de6bd46, 0x43efb04d, 0x51f4a750, 0x5ffdaa5b,
-0x75c2896a, 0x7bcb8461, 0x69d0937c, 0x67d99e77, 0x3daed51e, 0x33a7d815,
-0x21bccf08, 0x2fb5c203, 0x058ae132, 0x0b83ec39, 0x1998fb24, 0x1791f62f,
-0x764dd68d, 0x7844db86, 0x6a5fcc9b, 0x6456c190, 0x4e69e2a1, 0x4060efaa,
-0x527bf8b7, 0x5c72f5bc, 0x0605bed5, 0x080cb3de, 0x1a17a4c3, 0x141ea9c8,
-0x3e218af9, 0x302887f2, 0x223390ef, 0x2c3a9de4, 0x96dd063d, 0x98d40b36,
-0x8acf1c2b, 0x84c61120, 0xaef93211, 0xa0f03f1a, 0xb2eb2807, 0xbce2250c,
-0xe6956e65, 0xe89c636e, 0xfa877473, 0xf48e7978, 0xdeb15a49, 0xd0b85742,
-0xc2a3405f, 0xccaa4d54, 0x41ecdaf7, 0x4fe5d7fc, 0x5dfec0e1, 0x53f7cdea,
-0x79c8eedb, 0x77c1e3d0, 0x65daf4cd, 0x6bd3f9c6, 0x31a4b2af, 0x3fadbfa4,
-0x2db6a8b9, 0x23bfa5b2, 0x09808683, 0x07898b88, 0x15929c95, 0x1b9b919e,
-0xa17c0a47, 0xaf75074c, 0xbd6e1051, 0xb3671d5a, 0x99583e6b, 0x97513360,
-0x854a247d, 0x8b432976, 0xd134621f, 0xdf3d6f14, 0xcd267809, 0xc32f7502,
-0xe9105633, 0xe7195b38, 0xf5024c25, 0xfb0b412e, 0x9ad7618c, 0x94de6c87,
-0x86c57b9a, 0x88cc7691, 0xa2f355a0, 0xacfa58ab, 0xbee14fb6, 0xb0e842bd,
-0xea9f09d4, 0xe49604df, 0xf68d13c2, 0xf8841ec9, 0xd2bb3df8, 0xdcb230f3,
-0xcea927ee, 0xc0a02ae5, 0x7a47b13c, 0x744ebc37, 0x6655ab2a, 0x685ca621,
-0x42638510, 0x4c6a881b, 0x5e719f06, 0x5078920d, 0x0a0fd964, 0x0406d46f,
-0x161dc372, 0x1814ce79, 0x322bed48, 0x3c22e043, 0x2e39f75e, 0x2030fa55,
-0xec9ab701, 0xe293ba0a, 0xf088ad17, 0xfe81a01c, 0xd4be832d, 0xdab78e26,
-0xc8ac993b, 0xc6a59430, 0x9cd2df59, 0x92dbd252, 0x80c0c54f, 0x8ec9c844,
-0xa4f6eb75, 0xaaffe67e, 0xb8e4f163, 0xb6edfc68, 0x0c0a67b1, 0x02036aba,
-0x10187da7, 0x1e1170ac, 0x342e539d, 0x3a275e96, 0x283c498b, 0x26354480,
-0x7c420fe9, 0x724b02e2, 0x605015ff, 0x6e5918f4, 0x44663bc5, 0x4a6f36ce,
-0x587421d3, 0x567d2cd8, 0x37a10c7a, 0x39a80171, 0x2bb3166c, 0x25ba1b67,
-0x0f853856, 0x018c355d, 0x13972240, 0x1d9e2f4b, 0x47e96422, 0x49e06929,
-0x5bfb7e34, 0x55f2733f, 0x7fcd500e, 0x71c45d05, 0x63df4a18, 0x6dd64713,
-0xd731dcca, 0xd938d1c1, 0xcb23c6dc, 0xc52acbd7, 0xef15e8e6, 0xe11ce5ed,
-0xf307f2f0, 0xfd0efffb, 0xa779b492, 0xa970b999, 0xbb6bae84, 0xb562a38f,
-0x9f5d80be, 0x91548db5, 0x834f9aa8, 0x8d4697a3  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC1[256] = 
-{
-0x00000000, 0x0d090e0b, 0x1a121c16, 0x171b121d, 0x3424382c, 0x392d3627,
-0x2e36243a, 0x233f2a31, 0x68487058, 0x65417e53, 0x725a6c4e, 0x7f536245,
-0x5c6c4874, 0x5165467f, 0x467e5462, 0x4b775a69, 0xd090e0b0, 0xdd99eebb,
-0xca82fca6, 0xc78bf2ad, 0xe4b4d89c, 0xe9bdd697, 0xfea6c48a, 0xf3afca81,
-0xb8d890e8, 0xb5d19ee3, 0xa2ca8cfe, 0xafc382f5, 0x8cfca8c4, 0x81f5a6cf,
-0x96eeb4d2, 0x9be7bad9, 0xbb3bdb7b, 0xb632d570, 0xa129c76d, 0xac20c966,
-0x8f1fe357, 0x8216ed5c, 0x950dff41, 0x9804f14a, 0xd373ab23, 0xde7aa528,
-0xc961b735, 0xc468b93e, 0xe757930f, 0xea5e9d04, 0xfd458f19, 0xf04c8112,
-0x6bab3bcb, 0x66a235c0, 0x71b927dd, 0x7cb029d6, 0x5f8f03e7, 0x52860dec,
-0x459d1ff1, 0x489411fa, 0x03e34b93, 0x0eea4598, 0x19f15785, 0x14f8598e,
-0x37c773bf, 0x3ace7db4, 0x2dd56fa9, 0x20dc61a2, 0x6d76adf6, 0x607fa3fd,
-0x7764b1e0, 0x7a6dbfeb, 0x595295da, 0x545b9bd1, 0x434089cc, 0x4e4987c7,
-0x053eddae, 0x0837d3a5, 0x1f2cc1b8, 0x1225cfb3, 0x311ae582, 0x3c13eb89,
-0x2b08f994, 0x2601f79f, 0xbde64d46, 0xb0ef434d, 0xa7f45150, 0xaafd5f5b,
-0x89c2756a, 0x84cb7b61, 0x93d0697c, 0x9ed96777, 0xd5ae3d1e, 0xd8a73315,
-0xcfbc2108, 0xc2b52f03, 0xe18a0532, 0xec830b39, 0xfb981924, 0xf691172f,
-0xd64d768d, 0xdb447886, 0xcc5f6a9b, 0xc1566490, 0xe2694ea1, 0xef6040aa,
-0xf87b52b7, 0xf5725cbc, 0xbe0506d5, 0xb30c08de, 0xa4171ac3, 0xa91e14c8,
-0x8a213ef9, 0x872830f2, 0x903322ef, 0x9d3a2ce4, 0x06dd963d, 0x0bd49836,
-0x1ccf8a2b, 0x11c68420, 0x32f9ae11, 0x3ff0a01a, 0x28ebb207, 0x25e2bc0c,
-0x6e95e665, 0x639ce86e, 0x7487fa73, 0x798ef478, 0x5ab1de49, 0x57b8d042,
-0x40a3c25f, 0x4daacc54, 0xdaec41f7, 0xd7e54ffc, 0xc0fe5de1, 0xcdf753ea,
-0xeec879db, 0xe3c177d0, 0xf4da65cd, 0xf9d36bc6, 0xb2a431af, 0xbfad3fa4,
-0xa8b62db9, 0xa5bf23b2, 0x86800983, 0x8b890788, 0x9c921595, 0x919b1b9e,
-0x0a7ca147, 0x0775af4c, 0x106ebd51, 0x1d67b35a, 0x3e58996b, 0x33519760,
-0x244a857d, 0x29438b76, 0x6234d11f, 0x6f3ddf14, 0x7826cd09, 0x752fc302,
-0x5610e933, 0x5b19e738, 0x4c02f525, 0x410bfb2e, 0x61d79a8c, 0x6cde9487,
-0x7bc5869a, 0x76cc8891, 0x55f3a2a0, 0x58faacab, 0x4fe1beb6, 0x42e8b0bd,
-0x099fead4, 0x0496e4df, 0x138df6c2, 0x1e84f8c9, 0x3dbbd2f8, 0x30b2dcf3,
-0x27a9ceee, 0x2aa0c0e5, 0xb1477a3c, 0xbc4e7437, 0xab55662a, 0xa65c6821,
-0x85634210, 0x886a4c1b, 0x9f715e06, 0x9278500d, 0xd90f0a64, 0xd406046f,
-0xc31d1672, 0xce141879, 0xed2b3248, 0xe0223c43, 0xf7392e5e, 0xfa302055,
-0xb79aec01, 0xba93e20a, 0xad88f017, 0xa081fe1c, 0x83bed42d, 0x8eb7da26,
-0x99acc83b, 0x94a5c630, 0xdfd29c59, 0xd2db9252, 0xc5c0804f, 0xc8c98e44,
-0xebf6a475, 0xe6ffaa7e, 0xf1e4b863, 0xfcedb668, 0x670a0cb1, 0x6a0302ba,
-0x7d1810a7, 0x70111eac, 0x532e349d, 0x5e273a96, 0x493c288b, 0x44352680,
-0x0f427ce9, 0x024b72e2, 0x155060ff, 0x18596ef4, 0x3b6644c5, 0x366f4ace,
-0x217458d3, 0x2c7d56d8, 0x0ca1377a, 0x01a83971, 0x16b32b6c, 0x1bba2567,
-0x38850f56, 0x358c015d, 0x22971340, 0x2f9e1d4b, 0x64e94722, 0x69e04929,
-0x7efb5b34, 0x73f2553f, 0x50cd7f0e, 0x5dc47105, 0x4adf6318, 0x47d66d13,
-0xdc31d7ca, 0xd138d9c1, 0xc623cbdc, 0xcb2ac5d7, 0xe815efe6, 0xe51ce1ed,
-0xf207f3f0, 0xff0efdfb, 0xb479a792, 0xb970a999, 0xae6bbb84, 0xa362b58f,
-0x805d9fbe, 0x8d5491b5, 0x9a4f83a8, 0x97468da3  
-};
-#else
-static const PRUint32 _IMXC1[256] = 
-{
-0x00000000, 0x0b0e090d, 0x161c121a, 0x1d121b17, 0x2c382434, 0x27362d39,
-0x3a24362e, 0x312a3f23, 0x58704868, 0x537e4165, 0x4e6c5a72, 0x4562537f,
-0x74486c5c, 0x7f466551, 0x62547e46, 0x695a774b, 0xb0e090d0, 0xbbee99dd,
-0xa6fc82ca, 0xadf28bc7, 0x9cd8b4e4, 0x97d6bde9, 0x8ac4a6fe, 0x81caaff3,
-0xe890d8b8, 0xe39ed1b5, 0xfe8ccaa2, 0xf582c3af, 0xc4a8fc8c, 0xcfa6f581,
-0xd2b4ee96, 0xd9bae79b, 0x7bdb3bbb, 0x70d532b6, 0x6dc729a1, 0x66c920ac,
-0x57e31f8f, 0x5ced1682, 0x41ff0d95, 0x4af10498, 0x23ab73d3, 0x28a57ade,
-0x35b761c9, 0x3eb968c4, 0x0f9357e7, 0x049d5eea, 0x198f45fd, 0x12814cf0,
-0xcb3bab6b, 0xc035a266, 0xdd27b971, 0xd629b07c, 0xe7038f5f, 0xec0d8652,
-0xf11f9d45, 0xfa119448, 0x934be303, 0x9845ea0e, 0x8557f119, 0x8e59f814,
-0xbf73c737, 0xb47dce3a, 0xa96fd52d, 0xa261dc20, 0xf6ad766d, 0xfda37f60,
-0xe0b16477, 0xebbf6d7a, 0xda955259, 0xd19b5b54, 0xcc894043, 0xc787494e,
-0xaedd3e05, 0xa5d33708, 0xb8c12c1f, 0xb3cf2512, 0x82e51a31, 0x89eb133c,
-0x94f9082b, 0x9ff70126, 0x464de6bd, 0x4d43efb0, 0x5051f4a7, 0x5b5ffdaa,
-0x6a75c289, 0x617bcb84, 0x7c69d093, 0x7767d99e, 0x1e3daed5, 0x1533a7d8,
-0x0821bccf, 0x032fb5c2, 0x32058ae1, 0x390b83ec, 0x241998fb, 0x2f1791f6,
-0x8d764dd6, 0x867844db, 0x9b6a5fcc, 0x906456c1, 0xa14e69e2, 0xaa4060ef,
-0xb7527bf8, 0xbc5c72f5, 0xd50605be, 0xde080cb3, 0xc31a17a4, 0xc8141ea9,
-0xf93e218a, 0xf2302887, 0xef223390, 0xe42c3a9d, 0x3d96dd06, 0x3698d40b,
-0x2b8acf1c, 0x2084c611, 0x11aef932, 0x1aa0f03f, 0x07b2eb28, 0x0cbce225,
-0x65e6956e, 0x6ee89c63, 0x73fa8774, 0x78f48e79, 0x49deb15a, 0x42d0b857,
-0x5fc2a340, 0x54ccaa4d, 0xf741ecda, 0xfc4fe5d7, 0xe15dfec0, 0xea53f7cd,
-0xdb79c8ee, 0xd077c1e3, 0xcd65daf4, 0xc66bd3f9, 0xaf31a4b2, 0xa43fadbf,
-0xb92db6a8, 0xb223bfa5, 0x83098086, 0x8807898b, 0x9515929c, 0x9e1b9b91,
-0x47a17c0a, 0x4caf7507, 0x51bd6e10, 0x5ab3671d, 0x6b99583e, 0x60975133,
-0x7d854a24, 0x768b4329, 0x1fd13462, 0x14df3d6f, 0x09cd2678, 0x02c32f75,
-0x33e91056, 0x38e7195b, 0x25f5024c, 0x2efb0b41, 0x8c9ad761, 0x8794de6c,
-0x9a86c57b, 0x9188cc76, 0xa0a2f355, 0xabacfa58, 0xb6bee14f, 0xbdb0e842,
-0xd4ea9f09, 0xdfe49604, 0xc2f68d13, 0xc9f8841e, 0xf8d2bb3d, 0xf3dcb230,
-0xeecea927, 0xe5c0a02a, 0x3c7a47b1, 0x37744ebc, 0x2a6655ab, 0x21685ca6,
-0x10426385, 0x1b4c6a88, 0x065e719f, 0x0d507892, 0x640a0fd9, 0x6f0406d4,
-0x72161dc3, 0x791814ce, 0x48322bed, 0x433c22e0, 0x5e2e39f7, 0x552030fa,
-0x01ec9ab7, 0x0ae293ba, 0x17f088ad, 0x1cfe81a0, 0x2dd4be83, 0x26dab78e,
-0x3bc8ac99, 0x30c6a594, 0x599cd2df, 0x5292dbd2, 0x4f80c0c5, 0x448ec9c8,
-0x75a4f6eb, 0x7eaaffe6, 0x63b8e4f1, 0x68b6edfc, 0xb10c0a67, 0xba02036a,
-0xa710187d, 0xac1e1170, 0x9d342e53, 0x963a275e, 0x8b283c49, 0x80263544,
-0xe97c420f, 0xe2724b02, 0xff605015, 0xf46e5918, 0xc544663b, 0xce4a6f36,
-0xd3587421, 0xd8567d2c, 0x7a37a10c, 0x7139a801, 0x6c2bb316, 0x6725ba1b,
-0x560f8538, 0x5d018c35, 0x40139722, 0x4b1d9e2f, 0x2247e964, 0x2949e069,
-0x345bfb7e, 0x3f55f273, 0x0e7fcd50, 0x0571c45d, 0x1863df4a, 0x136dd647,
-0xcad731dc, 0xc1d938d1, 0xdccb23c6, 0xd7c52acb, 0xe6ef15e8, 0xede11ce5,
-0xf0f307f2, 0xfbfd0eff, 0x92a779b4, 0x99a970b9, 0x84bb6bae, 0x8fb562a3,
-0xbe9f5d80, 0xb591548d, 0xa8834f9a, 0xa38d4697  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC2[256] = 
-{
-0x00000000, 0x090e0b0d, 0x121c161a, 0x1b121d17, 0x24382c34, 0x2d362739,
-0x36243a2e, 0x3f2a3123, 0x48705868, 0x417e5365, 0x5a6c4e72, 0x5362457f,
-0x6c48745c, 0x65467f51, 0x7e546246, 0x775a694b, 0x90e0b0d0, 0x99eebbdd,
-0x82fca6ca, 0x8bf2adc7, 0xb4d89ce4, 0xbdd697e9, 0xa6c48afe, 0xafca81f3,
-0xd890e8b8, 0xd19ee3b5, 0xca8cfea2, 0xc382f5af, 0xfca8c48c, 0xf5a6cf81,
-0xeeb4d296, 0xe7bad99b, 0x3bdb7bbb, 0x32d570b6, 0x29c76da1, 0x20c966ac,
-0x1fe3578f, 0x16ed5c82, 0x0dff4195, 0x04f14a98, 0x73ab23d3, 0x7aa528de,
-0x61b735c9, 0x68b93ec4, 0x57930fe7, 0x5e9d04ea, 0x458f19fd, 0x4c8112f0,
-0xab3bcb6b, 0xa235c066, 0xb927dd71, 0xb029d67c, 0x8f03e75f, 0x860dec52,
-0x9d1ff145, 0x9411fa48, 0xe34b9303, 0xea45980e, 0xf1578519, 0xf8598e14,
-0xc773bf37, 0xce7db43a, 0xd56fa92d, 0xdc61a220, 0x76adf66d, 0x7fa3fd60,
-0x64b1e077, 0x6dbfeb7a, 0x5295da59, 0x5b9bd154, 0x4089cc43, 0x4987c74e,
-0x3eddae05, 0x37d3a508, 0x2cc1b81f, 0x25cfb312, 0x1ae58231, 0x13eb893c,
-0x08f9942b, 0x01f79f26, 0xe64d46bd, 0xef434db0, 0xf45150a7, 0xfd5f5baa,
-0xc2756a89, 0xcb7b6184, 0xd0697c93, 0xd967779e, 0xae3d1ed5, 0xa73315d8,
-0xbc2108cf, 0xb52f03c2, 0x8a0532e1, 0x830b39ec, 0x981924fb, 0x91172ff6,
-0x4d768dd6, 0x447886db, 0x5f6a9bcc, 0x566490c1, 0x694ea1e2, 0x6040aaef,
-0x7b52b7f8, 0x725cbcf5, 0x0506d5be, 0x0c08deb3, 0x171ac3a4, 0x1e14c8a9,
-0x213ef98a, 0x2830f287, 0x3322ef90, 0x3a2ce49d, 0xdd963d06, 0xd498360b,
-0xcf8a2b1c, 0xc6842011, 0xf9ae1132, 0xf0a01a3f, 0xebb20728, 0xe2bc0c25,
-0x95e6656e, 0x9ce86e63, 0x87fa7374, 0x8ef47879, 0xb1de495a, 0xb8d04257,
-0xa3c25f40, 0xaacc544d, 0xec41f7da, 0xe54ffcd7, 0xfe5de1c0, 0xf753eacd,
-0xc879dbee, 0xc177d0e3, 0xda65cdf4, 0xd36bc6f9, 0xa431afb2, 0xad3fa4bf,
-0xb62db9a8, 0xbf23b2a5, 0x80098386, 0x8907888b, 0x9215959c, 0x9b1b9e91,
-0x7ca1470a, 0x75af4c07, 0x6ebd5110, 0x67b35a1d, 0x58996b3e, 0x51976033,
-0x4a857d24, 0x438b7629, 0x34d11f62, 0x3ddf146f, 0x26cd0978, 0x2fc30275,
-0x10e93356, 0x19e7385b, 0x02f5254c, 0x0bfb2e41, 0xd79a8c61, 0xde94876c,
-0xc5869a7b, 0xcc889176, 0xf3a2a055, 0xfaacab58, 0xe1beb64f, 0xe8b0bd42,
-0x9fead409, 0x96e4df04, 0x8df6c213, 0x84f8c91e, 0xbbd2f83d, 0xb2dcf330,
-0xa9ceee27, 0xa0c0e52a, 0x477a3cb1, 0x4e7437bc, 0x55662aab, 0x5c6821a6,
-0x63421085, 0x6a4c1b88, 0x715e069f, 0x78500d92, 0x0f0a64d9, 0x06046fd4,
-0x1d1672c3, 0x141879ce, 0x2b3248ed, 0x223c43e0, 0x392e5ef7, 0x302055fa,
-0x9aec01b7, 0x93e20aba, 0x88f017ad, 0x81fe1ca0, 0xbed42d83, 0xb7da268e,
-0xacc83b99, 0xa5c63094, 0xd29c59df, 0xdb9252d2, 0xc0804fc5, 0xc98e44c8,
-0xf6a475eb, 0xffaa7ee6, 0xe4b863f1, 0xedb668fc, 0x0a0cb167, 0x0302ba6a,
-0x1810a77d, 0x111eac70, 0x2e349d53, 0x273a965e, 0x3c288b49, 0x35268044,
-0x427ce90f, 0x4b72e202, 0x5060ff15, 0x596ef418, 0x6644c53b, 0x6f4ace36,
-0x7458d321, 0x7d56d82c, 0xa1377a0c, 0xa8397101, 0xb32b6c16, 0xba25671b,
-0x850f5638, 0x8c015d35, 0x97134022, 0x9e1d4b2f, 0xe9472264, 0xe0492969,
-0xfb5b347e, 0xf2553f73, 0xcd7f0e50, 0xc471055d, 0xdf63184a, 0xd66d1347,
-0x31d7cadc, 0x38d9c1d1, 0x23cbdcc6, 0x2ac5d7cb, 0x15efe6e8, 0x1ce1ede5,
-0x07f3f0f2, 0x0efdfbff, 0x79a792b4, 0x70a999b9, 0x6bbb84ae, 0x62b58fa3,
-0x5d9fbe80, 0x5491b58d, 0x4f83a89a, 0x468da397  
-};
-#else
-static const PRUint32 _IMXC2[256] = 
-{
-0x00000000, 0x0d0b0e09, 0x1a161c12, 0x171d121b, 0x342c3824, 0x3927362d,
-0x2e3a2436, 0x23312a3f, 0x68587048, 0x65537e41, 0x724e6c5a, 0x7f456253,
-0x5c74486c, 0x517f4665, 0x4662547e, 0x4b695a77, 0xd0b0e090, 0xddbbee99,
-0xcaa6fc82, 0xc7adf28b, 0xe49cd8b4, 0xe997d6bd, 0xfe8ac4a6, 0xf381caaf,
-0xb8e890d8, 0xb5e39ed1, 0xa2fe8cca, 0xaff582c3, 0x8cc4a8fc, 0x81cfa6f5,
-0x96d2b4ee, 0x9bd9bae7, 0xbb7bdb3b, 0xb670d532, 0xa16dc729, 0xac66c920,
-0x8f57e31f, 0x825ced16, 0x9541ff0d, 0x984af104, 0xd323ab73, 0xde28a57a,
-0xc935b761, 0xc43eb968, 0xe70f9357, 0xea049d5e, 0xfd198f45, 0xf012814c,
-0x6bcb3bab, 0x66c035a2, 0x71dd27b9, 0x7cd629b0, 0x5fe7038f, 0x52ec0d86,
-0x45f11f9d, 0x48fa1194, 0x03934be3, 0x0e9845ea, 0x198557f1, 0x148e59f8,
-0x37bf73c7, 0x3ab47dce, 0x2da96fd5, 0x20a261dc, 0x6df6ad76, 0x60fda37f,
-0x77e0b164, 0x7aebbf6d, 0x59da9552, 0x54d19b5b, 0x43cc8940, 0x4ec78749,
-0x05aedd3e, 0x08a5d337, 0x1fb8c12c, 0x12b3cf25, 0x3182e51a, 0x3c89eb13,
-0x2b94f908, 0x269ff701, 0xbd464de6, 0xb04d43ef, 0xa75051f4, 0xaa5b5ffd,
-0x896a75c2, 0x84617bcb, 0x937c69d0, 0x9e7767d9, 0xd51e3dae, 0xd81533a7,
-0xcf0821bc, 0xc2032fb5, 0xe132058a, 0xec390b83, 0xfb241998, 0xf62f1791,
-0xd68d764d, 0xdb867844, 0xcc9b6a5f, 0xc1906456, 0xe2a14e69, 0xefaa4060,
-0xf8b7527b, 0xf5bc5c72, 0xbed50605, 0xb3de080c, 0xa4c31a17, 0xa9c8141e,
-0x8af93e21, 0x87f23028, 0x90ef2233, 0x9de42c3a, 0x063d96dd, 0x0b3698d4,
-0x1c2b8acf, 0x112084c6, 0x3211aef9, 0x3f1aa0f0, 0x2807b2eb, 0x250cbce2,
-0x6e65e695, 0x636ee89c, 0x7473fa87, 0x7978f48e, 0x5a49deb1, 0x5742d0b8,
-0x405fc2a3, 0x4d54ccaa, 0xdaf741ec, 0xd7fc4fe5, 0xc0e15dfe, 0xcdea53f7,
-0xeedb79c8, 0xe3d077c1, 0xf4cd65da, 0xf9c66bd3, 0xb2af31a4, 0xbfa43fad,
-0xa8b92db6, 0xa5b223bf, 0x86830980, 0x8b880789, 0x9c951592, 0x919e1b9b,
-0x0a47a17c, 0x074caf75, 0x1051bd6e, 0x1d5ab367, 0x3e6b9958, 0x33609751,
-0x247d854a, 0x29768b43, 0x621fd134, 0x6f14df3d, 0x7809cd26, 0x7502c32f,
-0x5633e910, 0x5b38e719, 0x4c25f502, 0x412efb0b, 0x618c9ad7, 0x6c8794de,
-0x7b9a86c5, 0x769188cc, 0x55a0a2f3, 0x58abacfa, 0x4fb6bee1, 0x42bdb0e8,
-0x09d4ea9f, 0x04dfe496, 0x13c2f68d, 0x1ec9f884, 0x3df8d2bb, 0x30f3dcb2,
-0x27eecea9, 0x2ae5c0a0, 0xb13c7a47, 0xbc37744e, 0xab2a6655, 0xa621685c,
-0x85104263, 0x881b4c6a, 0x9f065e71, 0x920d5078, 0xd9640a0f, 0xd46f0406,
-0xc372161d, 0xce791814, 0xed48322b, 0xe0433c22, 0xf75e2e39, 0xfa552030,
-0xb701ec9a, 0xba0ae293, 0xad17f088, 0xa01cfe81, 0x832dd4be, 0x8e26dab7,
-0x993bc8ac, 0x9430c6a5, 0xdf599cd2, 0xd25292db, 0xc54f80c0, 0xc8448ec9,
-0xeb75a4f6, 0xe67eaaff, 0xf163b8e4, 0xfc68b6ed, 0x67b10c0a, 0x6aba0203,
-0x7da71018, 0x70ac1e11, 0x539d342e, 0x5e963a27, 0x498b283c, 0x44802635,
-0x0fe97c42, 0x02e2724b, 0x15ff6050, 0x18f46e59, 0x3bc54466, 0x36ce4a6f,
-0x21d35874, 0x2cd8567d, 0x0c7a37a1, 0x017139a8, 0x166c2bb3, 0x1b6725ba,
-0x38560f85, 0x355d018c, 0x22401397, 0x2f4b1d9e, 0x642247e9, 0x692949e0,
-0x7e345bfb, 0x733f55f2, 0x500e7fcd, 0x5d0571c4, 0x4a1863df, 0x47136dd6,
-0xdccad731, 0xd1c1d938, 0xc6dccb23, 0xcbd7c52a, 0xe8e6ef15, 0xe5ede11c,
-0xf2f0f307, 0xfffbfd0e, 0xb492a779, 0xb999a970, 0xae84bb6b, 0xa38fb562,
-0x80be9f5d, 0x8db59154, 0x9aa8834f, 0x97a38d46  
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC3[256] = 
-{
-0x00000000, 0x0e0b0d09, 0x1c161a12, 0x121d171b, 0x382c3424, 0x3627392d,
-0x243a2e36, 0x2a31233f, 0x70586848, 0x7e536541, 0x6c4e725a, 0x62457f53,
-0x48745c6c, 0x467f5165, 0x5462467e, 0x5a694b77, 0xe0b0d090, 0xeebbdd99,
-0xfca6ca82, 0xf2adc78b, 0xd89ce4b4, 0xd697e9bd, 0xc48afea6, 0xca81f3af,
-0x90e8b8d8, 0x9ee3b5d1, 0x8cfea2ca, 0x82f5afc3, 0xa8c48cfc, 0xa6cf81f5,
-0xb4d296ee, 0xbad99be7, 0xdb7bbb3b, 0xd570b632, 0xc76da129, 0xc966ac20,
-0xe3578f1f, 0xed5c8216, 0xff41950d, 0xf14a9804, 0xab23d373, 0xa528de7a,
-0xb735c961, 0xb93ec468, 0x930fe757, 0x9d04ea5e, 0x8f19fd45, 0x8112f04c,
-0x3bcb6bab, 0x35c066a2, 0x27dd71b9, 0x29d67cb0, 0x03e75f8f, 0x0dec5286,
-0x1ff1459d, 0x11fa4894, 0x4b9303e3, 0x45980eea, 0x578519f1, 0x598e14f8,
-0x73bf37c7, 0x7db43ace, 0x6fa92dd5, 0x61a220dc, 0xadf66d76, 0xa3fd607f,
-0xb1e07764, 0xbfeb7a6d, 0x95da5952, 0x9bd1545b, 0x89cc4340, 0x87c74e49,
-0xddae053e, 0xd3a50837, 0xc1b81f2c, 0xcfb31225, 0xe582311a, 0xeb893c13,
-0xf9942b08, 0xf79f2601, 0x4d46bde6, 0x434db0ef, 0x5150a7f4, 0x5f5baafd,
-0x756a89c2, 0x7b6184cb, 0x697c93d0, 0x67779ed9, 0x3d1ed5ae, 0x3315d8a7,
-0x2108cfbc, 0x2f03c2b5, 0x0532e18a, 0x0b39ec83, 0x1924fb98, 0x172ff691,
-0x768dd64d, 0x7886db44, 0x6a9bcc5f, 0x6490c156, 0x4ea1e269, 0x40aaef60,
-0x52b7f87b, 0x5cbcf572, 0x06d5be05, 0x08deb30c, 0x1ac3a417, 0x14c8a91e,
-0x3ef98a21, 0x30f28728, 0x22ef9033, 0x2ce49d3a, 0x963d06dd, 0x98360bd4,
-0x8a2b1ccf, 0x842011c6, 0xae1132f9, 0xa01a3ff0, 0xb20728eb, 0xbc0c25e2,
-0xe6656e95, 0xe86e639c, 0xfa737487, 0xf478798e, 0xde495ab1, 0xd04257b8,
-0xc25f40a3, 0xcc544daa, 0x41f7daec, 0x4ffcd7e5, 0x5de1c0fe, 0x53eacdf7,
-0x79dbeec8, 0x77d0e3c1, 0x65cdf4da, 0x6bc6f9d3, 0x31afb2a4, 0x3fa4bfad,
-0x2db9a8b6, 0x23b2a5bf, 0x09838680, 0x07888b89, 0x15959c92, 0x1b9e919b,
-0xa1470a7c, 0xaf4c0775, 0xbd51106e, 0xb35a1d67, 0x996b3e58, 0x97603351,
-0x857d244a, 0x8b762943, 0xd11f6234, 0xdf146f3d, 0xcd097826, 0xc302752f,
-0xe9335610, 0xe7385b19, 0xf5254c02, 0xfb2e410b, 0x9a8c61d7, 0x94876cde,
-0x869a7bc5, 0x889176cc, 0xa2a055f3, 0xacab58fa, 0xbeb64fe1, 0xb0bd42e8,
-0xead4099f, 0xe4df0496, 0xf6c2138d, 0xf8c91e84, 0xd2f83dbb, 0xdcf330b2,
-0xceee27a9, 0xc0e52aa0, 0x7a3cb147, 0x7437bc4e, 0x662aab55, 0x6821a65c,
-0x42108563, 0x4c1b886a, 0x5e069f71, 0x500d9278, 0x0a64d90f, 0x046fd406,
-0x1672c31d, 0x1879ce14, 0x3248ed2b, 0x3c43e022, 0x2e5ef739, 0x2055fa30,
-0xec01b79a, 0xe20aba93, 0xf017ad88, 0xfe1ca081, 0xd42d83be, 0xda268eb7,
-0xc83b99ac, 0xc63094a5, 0x9c59dfd2, 0x9252d2db, 0x804fc5c0, 0x8e44c8c9,
-0xa475ebf6, 0xaa7ee6ff, 0xb863f1e4, 0xb668fced, 0x0cb1670a, 0x02ba6a03,
-0x10a77d18, 0x1eac7011, 0x349d532e, 0x3a965e27, 0x288b493c, 0x26804435,
-0x7ce90f42, 0x72e2024b, 0x60ff1550, 0x6ef41859, 0x44c53b66, 0x4ace366f,
-0x58d32174, 0x56d82c7d, 0x377a0ca1, 0x397101a8, 0x2b6c16b3, 0x25671bba,
-0x0f563885, 0x015d358c, 0x13402297, 0x1d4b2f9e, 0x472264e9, 0x492969e0,
-0x5b347efb, 0x553f73f2, 0x7f0e50cd, 0x71055dc4, 0x63184adf, 0x6d1347d6,
-0xd7cadc31, 0xd9c1d138, 0xcbdcc623, 0xc5d7cb2a, 0xefe6e815, 0xe1ede51c,
-0xf3f0f207, 0xfdfbff0e, 0xa792b479, 0xa999b970, 0xbb84ae6b, 0xb58fa362,
-0x9fbe805d, 0x91b58d54, 0x83a89a4f, 0x8da39746  
-};
-#else
-static const PRUint32 _IMXC3[256] = 
-{
-0x00000000, 0x090d0b0e, 0x121a161c, 0x1b171d12, 0x24342c38, 0x2d392736,
-0x362e3a24, 0x3f23312a, 0x48685870, 0x4165537e, 0x5a724e6c, 0x537f4562,
-0x6c5c7448, 0x65517f46, 0x7e466254, 0x774b695a, 0x90d0b0e0, 0x99ddbbee,
-0x82caa6fc, 0x8bc7adf2, 0xb4e49cd8, 0xbde997d6, 0xa6fe8ac4, 0xaff381ca,
-0xd8b8e890, 0xd1b5e39e, 0xcaa2fe8c, 0xc3aff582, 0xfc8cc4a8, 0xf581cfa6,
-0xee96d2b4, 0xe79bd9ba, 0x3bbb7bdb, 0x32b670d5, 0x29a16dc7, 0x20ac66c9,
-0x1f8f57e3, 0x16825ced, 0x0d9541ff, 0x04984af1, 0x73d323ab, 0x7ade28a5,
-0x61c935b7, 0x68c43eb9, 0x57e70f93, 0x5eea049d, 0x45fd198f, 0x4cf01281,
-0xab6bcb3b, 0xa266c035, 0xb971dd27, 0xb07cd629, 0x8f5fe703, 0x8652ec0d,
-0x9d45f11f, 0x9448fa11, 0xe303934b, 0xea0e9845, 0xf1198557, 0xf8148e59,
-0xc737bf73, 0xce3ab47d, 0xd52da96f, 0xdc20a261, 0x766df6ad, 0x7f60fda3,
-0x6477e0b1, 0x6d7aebbf, 0x5259da95, 0x5b54d19b, 0x4043cc89, 0x494ec787,
-0x3e05aedd, 0x3708a5d3, 0x2c1fb8c1, 0x2512b3cf, 0x1a3182e5, 0x133c89eb,
-0x082b94f9, 0x01269ff7, 0xe6bd464d, 0xefb04d43, 0xf4a75051, 0xfdaa5b5f,
-0xc2896a75, 0xcb84617b, 0xd0937c69, 0xd99e7767, 0xaed51e3d, 0xa7d81533,
-0xbccf0821, 0xb5c2032f, 0x8ae13205, 0x83ec390b, 0x98fb2419, 0x91f62f17,
-0x4dd68d76, 0x44db8678, 0x5fcc9b6a, 0x56c19064, 0x69e2a14e, 0x60efaa40,
-0x7bf8b752, 0x72f5bc5c, 0x05bed506, 0x0cb3de08, 0x17a4c31a, 0x1ea9c814,
-0x218af93e, 0x2887f230, 0x3390ef22, 0x3a9de42c, 0xdd063d96, 0xd40b3698,
-0xcf1c2b8a, 0xc6112084, 0xf93211ae, 0xf03f1aa0, 0xeb2807b2, 0xe2250cbc,
-0x956e65e6, 0x9c636ee8, 0x877473fa, 0x8e7978f4, 0xb15a49de, 0xb85742d0,
-0xa3405fc2, 0xaa4d54cc, 0xecdaf741, 0xe5d7fc4f, 0xfec0e15d, 0xf7cdea53,
-0xc8eedb79, 0xc1e3d077, 0xdaf4cd65, 0xd3f9c66b, 0xa4b2af31, 0xadbfa43f,
-0xb6a8b92d, 0xbfa5b223, 0x80868309, 0x898b8807, 0x929c9515, 0x9b919e1b,
-0x7c0a47a1, 0x75074caf, 0x6e1051bd, 0x671d5ab3, 0x583e6b99, 0x51336097,
-0x4a247d85, 0x4329768b, 0x34621fd1, 0x3d6f14df, 0x267809cd, 0x2f7502c3,
-0x105633e9, 0x195b38e7, 0x024c25f5, 0x0b412efb, 0xd7618c9a, 0xde6c8794,
-0xc57b9a86, 0xcc769188, 0xf355a0a2, 0xfa58abac, 0xe14fb6be, 0xe842bdb0,
-0x9f09d4ea, 0x9604dfe4, 0x8d13c2f6, 0x841ec9f8, 0xbb3df8d2, 0xb230f3dc,
-0xa927eece, 0xa02ae5c0, 0x47b13c7a, 0x4ebc3774, 0x55ab2a66, 0x5ca62168,
-0x63851042, 0x6a881b4c, 0x719f065e, 0x78920d50, 0x0fd9640a, 0x06d46f04,
-0x1dc37216, 0x14ce7918, 0x2bed4832, 0x22e0433c, 0x39f75e2e, 0x30fa5520,
-0x9ab701ec, 0x93ba0ae2, 0x88ad17f0, 0x81a01cfe, 0xbe832dd4, 0xb78e26da,
-0xac993bc8, 0xa59430c6, 0xd2df599c, 0xdbd25292, 0xc0c54f80, 0xc9c8448e,
-0xf6eb75a4, 0xffe67eaa, 0xe4f163b8, 0xedfc68b6, 0x0a67b10c, 0x036aba02,
-0x187da710, 0x1170ac1e, 0x2e539d34, 0x275e963a, 0x3c498b28, 0x35448026,
-0x420fe97c, 0x4b02e272, 0x5015ff60, 0x5918f46e, 0x663bc544, 0x6f36ce4a,
-0x7421d358, 0x7d2cd856, 0xa10c7a37, 0xa8017139, 0xb3166c2b, 0xba1b6725,
-0x8538560f, 0x8c355d01, 0x97224013, 0x9e2f4b1d, 0xe9642247, 0xe0692949,
-0xfb7e345b, 0xf2733f55, 0xcd500e7f, 0xc45d0571, 0xdf4a1863, 0xd647136d,
-0x31dccad7, 0x38d1c1d9, 0x23c6dccb, 0x2acbd7c5, 0x15e8e6ef, 0x1ce5ede1,
-0x07f2f0f3, 0x0efffbfd, 0x79b492a7, 0x70b999a9, 0x6bae84bb, 0x62a38fb5,
-0x5d80be9f, 0x548db591, 0x4f9aa883, 0x4697a38d  
-};
-#endif
-
-#endif /* RIJNDAEL_INCLUDE_TABLES */
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 Rcon[30] = {
-0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020,
-0x00000040, 0x00000080, 0x0000001b, 0x00000036, 0x0000006c, 0x000000d8,
-0x000000ab, 0x0000004d, 0x0000009a, 0x0000002f, 0x0000005e, 0x000000bc,
-0x00000063, 0x000000c6, 0x00000097, 0x00000035, 0x0000006a, 0x000000d4,
-0x000000b3, 0x0000007d, 0x000000fa, 0x000000ef, 0x000000c5, 0x00000091 
-};
-#else
-static const PRUint32 Rcon[30] = {
-0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
-0x40000000, 0x80000000, 0x1b000000, 0x36000000, 0x6c000000, 0xd8000000,
-0xab000000, 0x4d000000, 0x9a000000, 0x2f000000, 0x5e000000, 0xbc000000,
-0x63000000, 0xc6000000, 0x97000000, 0x35000000, 0x6a000000, 0xd4000000,
-0xb3000000, 0x7d000000, 0xfa000000, 0xef000000, 0xc5000000, 0x91000000 
-};
-#endif
-
diff --git a/security/nss/lib/freebl/rijndael_tables.c b/security/nss/lib/freebl/rijndael_tables.c
deleted file mode 100644
index 6f1957468..000000000
--- a/security/nss/lib/freebl/rijndael_tables.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "stdio.h"
-#include "prtypes.h"
-#include "blapi.h"
-
-/*
- * what follows is code thrown together to generate the myriad of tables
- * used by Rijndael, the AES cipher.
- */
-
-
-#define WORD_LE(b0, b1, b2, b3) \
-    (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | b0)
-
-#define WORD_BE(b0, b1, b2, b3) \
-    (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | b3)
-
-static const PRUint8 __S[256] = 
-{
- 99, 124, 119, 123, 242, 107, 111, 197,  48,   1, 103,  43, 254, 215, 171, 118, 
-202, 130, 201, 125, 250,  89,  71, 240, 173, 212, 162, 175, 156, 164, 114, 192, 
-183, 253, 147,  38,  54,  63, 247, 204,  52, 165, 229, 241, 113, 216,  49,  21, 
-  4, 199,  35, 195,  24, 150,   5, 154,   7,  18, 128, 226, 235,  39, 178, 117, 
-  9, 131,  44,  26,  27, 110,  90, 160,  82,  59, 214, 179,  41, 227,  47, 132, 
- 83, 209,   0, 237,  32, 252, 177,  91, 106, 203, 190,  57,  74,  76,  88, 207, 
-208, 239, 170, 251,  67,  77,  51, 133,  69, 249,   2, 127,  80,  60, 159, 168, 
- 81, 163,  64, 143, 146, 157,  56, 245, 188, 182, 218,  33,  16, 255, 243, 210, 
-205,  12,  19, 236,  95, 151,  68,  23, 196, 167, 126,  61, 100,  93,  25, 115, 
- 96, 129,  79, 220,  34,  42, 144, 136,  70, 238, 184,  20, 222,  94,  11, 219, 
-224,  50,  58,  10,  73,   6,  36,  92, 194, 211, 172,  98, 145, 149, 228, 121, 
-231, 200,  55, 109, 141, 213,  78, 169, 108,  86, 244, 234, 101, 122, 174,   8, 
-186, 120,  37,  46,  28, 166, 180, 198, 232, 221, 116,  31,  75, 189, 139, 138, 
-112,  62, 181, 102,  72,   3, 246,  14,  97,  53,  87, 185, 134, 193,  29, 158, 
-225, 248, 152,  17, 105, 217, 142, 148, 155,  30, 135, 233, 206,  85,  40, 223, 
-140, 161, 137,  13, 191, 230,  66, 104,  65, 153,  45,  15, 176,  84, 187,  22, 
-};
-
-static const PRUint8 __SInv[256] = 
-{
- 82,   9, 106, 213,  48,  54, 165,  56, 191,  64, 163, 158, 129, 243, 215, 251, 
-124, 227,  57, 130, 155,  47, 255, 135,  52, 142,  67,  68, 196, 222, 233, 203, 
- 84, 123, 148,  50, 166, 194,  35,  61, 238,  76, 149,  11,  66, 250, 195,  78, 
-  8,  46, 161, 102,  40, 217,  36, 178, 118,  91, 162,  73, 109, 139, 209,  37, 
-114, 248, 246, 100, 134, 104, 152,  22, 212, 164,  92, 204,  93, 101, 182, 146, 
-108, 112,  72,  80, 253, 237, 185, 218,  94,  21,  70,  87, 167, 141, 157, 132, 
-144, 216, 171,   0, 140, 188, 211,  10, 247, 228,  88,   5, 184, 179,  69,   6, 
-208,  44,  30, 143, 202,  63,  15,   2, 193, 175, 189,   3,   1,  19, 138, 107, 
- 58, 145,  17,  65,  79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, 
-150, 172, 116,  34, 231, 173,  53, 133, 226, 249,  55, 232,  28, 117, 223, 110, 
- 71, 241,  26, 113,  29,  41, 197, 137, 111, 183,  98,  14, 170,  24, 190,  27, 
-252,  86,  62,  75, 198, 210, 121,  32, 154, 219, 192, 254, 120, 205,  90, 244, 
- 31, 221, 168,  51, 136,   7, 199,  49, 177,  18,  16,  89,  39, 128, 236,  95, 
- 96,  81, 127, 169,  25, 181,  74,  13,  45, 229, 122, 159, 147, 201, 156, 239, 
-160, 224,  59,  77, 174,  42, 245, 176, 200, 235, 187,  60, 131,  83, 153,  97, 
- 23,  43,   4, 126, 186, 119, 214,  38, 225, 105,  20,  99,  85,  33,  12, 125
-};
-
-/* GF_MULTIPLY
- *
- * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
- */
-PRUint8 gf_multiply(PRUint8 a, PRUint8 b)
-{
-    PRUint8 res = 0;
-    while (b > 0) {
-	res = (b & 0x01) ? res ^ a : res;
-	a = (a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1);
-	b >>= 1;
-    }
-    return res;
-}
-
-void
-make_T_Table(char *table, const PRUint8 Sx[256], FILE *file,
-             unsigned char m0, unsigned char m1, 
-             unsigned char m2, unsigned char m3)
-{
-    PRUint32 Ti;
-    int i;
-    fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
-    fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
-    for (i=0; i<256; i++) {
-	Ti = WORD_LE( gf_multiply(Sx[i], m0),
-	              gf_multiply(Sx[i], m1),
-	              gf_multiply(Sx[i], m2),
-	              gf_multiply(Sx[i], m3) );
-	if (Ti == 0)
-	    fprintf(file, "0x00000000%c%c", (i==255)?' ':',',
-	                                    (i%6==5)?'\n':' ');
-	else
-	    fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',',
-	                                   (i%6==5)?'\n':' ');
-    }
-    fprintf(file, "\n};\n");
-    fprintf(file, "#else\n");
-    fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
-    for (i=0; i<256; i++) {
-	Ti = WORD_BE( gf_multiply(Sx[i], m0),
-	              gf_multiply(Sx[i], m1),
-	              gf_multiply(Sx[i], m2),
-	              gf_multiply(Sx[i], m3) );
-	if (Ti == 0)
-	    fprintf(file, "0x00000000%c%c", (i==255)?' ':',',
-	                                    (i%6==5)?'\n':' ');
-	else
-	    fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',',
-	                                   (i%6==5)?'\n':' ');
-    }
-    fprintf(file, "\n};\n");
-    fprintf(file, "#endif\n\n");
-}
-
-void make_InvMixCol_Table(int num, FILE *file, PRUint8 m0, PRUint8 m1, PRUint8 m2, PRUint8 m3)
-{
-    PRUint16 i;
-    PRUint8 b0, b1, b2, b3;
-    fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
-    fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
-    for (i=0; i<256; i++) {
-	b0 = gf_multiply(i, m0);
-	b1 = gf_multiply(i, m1);
-	b2 = gf_multiply(i, m2);
-	b3 = gf_multiply(i, m3);
-	fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b3, b2, b1, b0, (i==255)?' ':',', (i%6==5)?'\n':' ');
-    }
-    fprintf(file, "\n};\n");
-    fprintf(file, "#else\n");
-    fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
-    for (i=0; i<256; i++) {
-	b0 = gf_multiply(i, m0);
-	b1 = gf_multiply(i, m1);
-	b2 = gf_multiply(i, m2);
-	b3 = gf_multiply(i, m3);
-	fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b0, b1, b2, b3, (i==255)?' ':',', (i%6==5)?'\n':' ');
-    }
-    fprintf(file, "\n};\n");
-    fprintf(file, "#endif\n\n");
-}
-
-int main()
-{
-    int i, j;
-    PRUint8 cur, last;
-    PRUint32 tmp;
-    FILE *optfile;
-    optfile = fopen("rijndael32.tab", "w");
-    /* output S, if there are no T tables */
-    fprintf(optfile, "#ifndef RIJNDAEL_INCLUDE_TABLES\n");
-    fprintf(optfile, "static const PRUint8 _S[256] = \n{\n");
-    for (i=0; i<256; i++) {
-	fprintf(optfile, "%3d%c%c", __S[i],(i==255)?' ':',', 
-	                            (i%16==15)?'\n':' ');
-    }
-    fprintf(optfile, "};\n#endif /* not RIJNDAEL_INCLUDE_TABLES */\n\n");
-    /* output S**-1 */
-    fprintf(optfile, "static const PRUint8 _SInv[256] = \n{\n");
-    for (i=0; i<256; i++) {
-	fprintf(optfile, "%3d%c%c", __SInv[i],(i==255)?' ':',', 
-	                            (i%16==15)?'\n':' ');
-    }
-    fprintf(optfile, "};\n\n");
-    fprintf(optfile, "#ifdef RIJNDAEL_INCLUDE_TABLES\n");
-    /* The 32-bit word tables for optimized implementation */
-    /* T0 = [ S[a] * 02, S[a], S[a], S[a] * 03 ] */
-    make_T_Table("0", __S, optfile, 0x02, 0x01, 0x01, 0x03);
-    /* T1 = [ S[a] * 03, S[a] * 02, S[a], S[a] ] */
-    make_T_Table("1", __S, optfile, 0x03, 0x02, 0x01, 0x01);
-    /* T2 = [ S[a], S[a] * 03, S[a] * 02, S[a] ] */
-    make_T_Table("2", __S, optfile, 0x01, 0x03, 0x02, 0x01);
-    /* T3 = [ S[a], S[a], S[a] * 03, S[a] * 02 ] */
-    make_T_Table("3", __S, optfile, 0x01, 0x01, 0x03, 0x02);
-    /* TInv0 = [ Si[a] * 0E, Si[a] * 09, Si[a] * 0D, Si[a] * 0B ] */
-    make_T_Table("Inv0", __SInv, optfile, 0x0e, 0x09, 0x0d, 0x0b);
-    /* TInv1 = [ Si[a] * 0B, Si[a] * 0E, Si[a] * 09, Si[a] * 0D ] */
-    make_T_Table("Inv1", __SInv, optfile, 0x0b, 0x0e, 0x09, 0x0d);
-    /* TInv2 = [ Si[a] * 0D, Si[a] * 0B, Si[a] * 0E, Si[a] * 09 ] */
-    make_T_Table("Inv2", __SInv, optfile, 0x0d, 0x0b, 0x0e, 0x09);
-    /* TInv3 = [ Si[a] * 09, Si[a] * 0D, Si[a] * 0B, Si[a] * 0E ] */
-    make_T_Table("Inv3", __SInv, optfile, 0x09, 0x0d, 0x0b, 0x0e);
-    /* byte multiply tables for inverse key expansion (mimics InvMixColumn) */
-    make_InvMixCol_Table(0, optfile, 0x0e, 0x09, 0x0d, 0x0b);
-    make_InvMixCol_Table(1, optfile, 0x0b, 0x0E, 0x09, 0x0d);
-    make_InvMixCol_Table(2, optfile, 0x0d, 0x0b, 0x0e, 0x09);
-    make_InvMixCol_Table(3, optfile, 0x09, 0x0d, 0x0b, 0x0e);
-    fprintf(optfile, "#endif /* RIJNDAEL_INCLUDE_TABLES */\n\n");
-    /* round constants for key expansion */
-    fprintf(optfile, "#ifdef IS_LITTLE_ENDIAN\n");
-    fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
-    cur = 0x01;
-    for (i=0; i<30; i++) {
-	fprintf(optfile, "%#.8x%c%c", WORD_LE(cur, 0, 0, 0), 
-	                                (i==29)?' ':',', (i%6==5)?'\n':' ');
-	last = cur;
-	cur = gf_multiply(last, 0x02);
-    }
-    fprintf(optfile, "};\n");
-    fprintf(optfile, "#else\n");
-    fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
-    cur = 0x01;
-    for (i=0; i<30; i++) {
-	fprintf(optfile, "%#.8x%c%c", WORD_BE(cur, 0, 0, 0), 
-	                                (i==29)?' ':',', (i%6==5)?'\n':' ');
-	last = cur;
-	cur = gf_multiply(last, 0x02);
-    }
-    fprintf(optfile, "};\n");
-    fprintf(optfile, "#endif\n\n");
-    fclose(optfile);
-    return 0;
-}
diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c
deleted file mode 100644
index e1d973fdb..000000000
--- a/security/nss/lib/freebl/rsa.c
+++ /dev/null
@@ -1,930 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- */
-
-/*
- * RSA key generation, public key op, private key op.
- *
- * $Id$
- */
-
-#include "secerr.h"
-
-#include "prclist.h"
-#include "nssilock.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include "secmpi.h"
-#include "secitem.h"
-
-/*
-** Number of times to attempt to generate a prime (p or q) from a random
-** seed (the seed changes for each iteration).
-*/
-#define MAX_PRIME_GEN_ATTEMPTS 10
-/*
-** Number of times to attempt to generate a key.  The primes p and q change
-** for each attempt.
-*/
-#define MAX_KEY_GEN_ATTEMPTS 10
-
-/*
-** RSABlindingParamsStr
-**
-** For discussion of Paul Kocher's timing attack against an RSA private key
-** operation, see http://www.cryptography.com/timingattack/paper.html.  The 
-** countermeasure to this attack, known as blinding, is also discussed in 
-** the Handbook of Applied Cryptography, 11.118-11.119.
-*/
-struct RSABlindingParamsStr
-{
-    /* Blinding-specific parameters */
-    PRCList   link;                  /* link to list of structs            */
-    SECItem   modulus;               /* list element "key"                 */
-    mp_int    f, g;                  /* Blinding parameters                */
-    int       counter;               /* number of remaining uses of (f, g) */
-};
-
-/*
-** RSABlindingParamsListStr
-**
-** List of key-specific blinding params.  The arena holds the volatile pool
-** of memory for each entry and the list itself.  The lock is for list
-** operations, in this case insertions and iterations, as well as control
-** of the counter for each set of blinding parameters.
-*/
-struct RSABlindingParamsListStr
-{
-    PZLock  *lock;   /* Lock for the list   */
-    PRCList  head;   /* Pointer to the list */
-};
-
-/*
-** The master blinding params list.
-*/
-static struct RSABlindingParamsListStr blindingParamsList = { 0 };
-
-/* Number of times to reuse (f, g).  Suggested by Paul Kocher */
-#define RSA_BLINDING_PARAMS_MAX_REUSE 50
-
-/* Global, allows optional use of blinding.  On by default. */
-/* Cannot be changed at the moment, due to thread-safety issues. */
-static PRBool nssRSAUseBlinding = PR_TRUE;
-
-static SECStatus
-rsa_keygen_from_primes(mp_int *p, mp_int *q, mp_int *e, RSAPrivateKey *key,
-                       unsigned int keySizeInBits)
-{
-    mp_int n, d, phi;
-    mp_int psub1, qsub1, tmp;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    MP_DIGITS(&n)     = 0;
-    MP_DIGITS(&d)     = 0;
-    MP_DIGITS(&phi)   = 0;
-    MP_DIGITS(&psub1) = 0;
-    MP_DIGITS(&qsub1) = 0;
-    MP_DIGITS(&tmp)   = 0;
-    CHECK_MPI_OK( mp_init(&n)     );
-    CHECK_MPI_OK( mp_init(&d)     );
-    CHECK_MPI_OK( mp_init(&phi)   );
-    CHECK_MPI_OK( mp_init(&psub1) );
-    CHECK_MPI_OK( mp_init(&qsub1) );
-    CHECK_MPI_OK( mp_init(&tmp)   );
-    /* 1.  Compute n = p*q */
-    CHECK_MPI_OK( mp_mul(p, q, &n) );
-    /*     verify that the modulus has the desired number of bits */
-    if ((unsigned)mpl_significant_bits(&n) != keySizeInBits) {
-	PORT_SetError(SEC_ERROR_NEED_RANDOM);
-	rv = SECFailure;
-	goto cleanup;
-    }
-    /* 2.  Compute phi = (p-1)*(q-1) */
-    CHECK_MPI_OK( mp_sub_d(p, 1, &psub1) );
-    CHECK_MPI_OK( mp_sub_d(q, 1, &qsub1) );
-    CHECK_MPI_OK( mp_mul(&psub1, &qsub1, &phi) );
-    /* 3.  Compute d = e**-1 mod(phi) */
-    err = mp_invmod(e, &phi, &d);
-    /*     Verify that phi(n) and e have no common divisors */
-    if (err != MP_OKAY) {
-	if (err == MP_UNDEF) {
-	    PORT_SetError(SEC_ERROR_NEED_RANDOM);
-	    err = MP_OKAY; /* to keep PORT_SetError from being called again */
-	    rv = SECFailure;
-	}
-	goto cleanup;
-    }
-    MPINT_TO_SECITEM(&n, &key->modulus, key->arena);
-    MPINT_TO_SECITEM(&d, &key->privateExponent, key->arena);
-    /* 4.  Compute exponent1 = d mod (p-1) */
-    CHECK_MPI_OK( mp_mod(&d, &psub1, &tmp) );
-    MPINT_TO_SECITEM(&tmp, &key->exponent1, key->arena);
-    /* 5.  Compute exponent2 = d mod (q-1) */
-    CHECK_MPI_OK( mp_mod(&d, &qsub1, &tmp) );
-    MPINT_TO_SECITEM(&tmp, &key->exponent2, key->arena);
-    /* 6.  Compute coefficient = q**-1 mod p */
-    CHECK_MPI_OK( mp_invmod(q, p, &tmp) );
-    MPINT_TO_SECITEM(&tmp, &key->coefficient, key->arena);
-cleanup:
-    mp_clear(&n);
-    mp_clear(&d);
-    mp_clear(&phi);
-    mp_clear(&psub1);
-    mp_clear(&qsub1);
-    mp_clear(&tmp);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-static SECStatus
-generate_prime(mp_int *prime, int primeLen)
-{
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    unsigned long counter = 0;
-    int piter;
-    unsigned char *pb = NULL;
-    pb = PORT_Alloc(primeLen);
-    if (!pb) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto cleanup;
-    }
-    for (piter = 0; piter < MAX_PRIME_GEN_ATTEMPTS; piter++) {
-	CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) );
-	pb[0]          |= 0xC0; /* set two high-order bits */
-	pb[primeLen-1] |= 0x01; /* set low-order bit       */
-	CHECK_MPI_OK( mp_read_unsigned_octets(prime, pb, primeLen) );
-	err = mpp_make_prime(prime, primeLen * 8, PR_FALSE, &counter);
-	if (err != MP_NO)
-	    goto cleanup;
-	/* keep going while err == MP_NO */
-    }
-cleanup:
-    if (pb)
-	PORT_ZFree(pb, primeLen);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/*
-** Generate and return a new RSA public and private key.
-**	Both keys are encoded in a single RSAPrivateKey structure.
-**	"cx" is the random number generator context
-**	"keySizeInBits" is the size of the key to be generated, in bits.
-**	   512, 1024, etc.
-**	"publicExponent" when not NULL is a pointer to some data that
-**	   represents the public exponent to use. The data is a byte
-**	   encoded integer, in "big endian" order.
-*/
-RSAPrivateKey *
-RSA_NewKey(int keySizeInBits, SECItem *publicExponent)
-{
-    unsigned int primeLen;
-    mp_int p, q, e;
-    int kiter;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    int prerr = 0;
-    RSAPrivateKey *key = NULL;
-    PRArenaPool *arena = NULL;
-    /* Require key size to be a multiple of 16 bits. */
-    if (!publicExponent || keySizeInBits % 16 != 0) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    /* 1. Allocate arena & key */
-    arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
-    if (!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-    key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
-    if (!key) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_FreeArena(arena, PR_TRUE);
-	return NULL;
-    }
-    key->arena = arena;
-    /* length of primes p and q (in bytes) */
-    primeLen = keySizeInBits / (2 * BITS_PER_BYTE);
-    MP_DIGITS(&p) = 0;
-    MP_DIGITS(&q) = 0;
-    MP_DIGITS(&e) = 0;
-    CHECK_MPI_OK( mp_init(&p) );
-    CHECK_MPI_OK( mp_init(&q) );
-    CHECK_MPI_OK( mp_init(&e) );
-    /* 2.  Set the version number (PKCS1 v1.5 says it should be zero) */
-    SECITEM_AllocItem(arena, &key->version, 1);
-    key->version.data[0] = 0;
-    /* 3.  Set the public exponent */
-    SECITEM_CopyItem(arena, &key->publicExponent, publicExponent);
-    SECITEM_TO_MPINT(*publicExponent, &e);
-    kiter = 0;
-    do {
-	prerr = 0;
-	PORT_SetError(0);
-	CHECK_SEC_OK( generate_prime(&p, primeLen) );
-	CHECK_SEC_OK( generate_prime(&q, primeLen) );
-	/* Assure q < p */
-	if (mp_cmp(&p, &q) < 0)
-	    mp_exch(&p, &q);
-	/* Attempt to use these primes to generate a key */
-	rv = rsa_keygen_from_primes(&p, &q, &e, key, keySizeInBits);
-	if (rv == SECSuccess)
-	    break; /* generated two good primes */
-	prerr = PORT_GetError();
-	kiter++;
-	/* loop until have primes */
-    } while (prerr == SEC_ERROR_NEED_RANDOM && kiter < MAX_KEY_GEN_ATTEMPTS);
-    if (prerr)
-	goto cleanup;
-    MPINT_TO_SECITEM(&p, &key->prime1, arena);
-    MPINT_TO_SECITEM(&q, &key->prime2, arena);
-cleanup:
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&e);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    if (rv && arena) {
-	PORT_FreeArena(arena, PR_TRUE);
-	key = NULL;
-    }
-    return key;
-}
-
-static unsigned int
-rsa_modulusLen(SECItem *modulus)
-{
-    unsigned char byteZero = modulus->data[0];
-    unsigned int modLen = modulus->len - !byteZero;
-    return modLen;
-}
-
-/*
-** Perform a raw public-key operation 
-**	Length of input and output buffers are equal to key's modulus len.
-*/
-SECStatus 
-RSA_PublicKeyOp(RSAPublicKey  *key, 
-                unsigned char *output, 
-                const unsigned char *input)
-{
-    unsigned int modLen;
-    mp_int n, e, m, c;
-    mp_err err   = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    if (!key || !output || !input) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    MP_DIGITS(&n) = 0;
-    MP_DIGITS(&e) = 0;
-    MP_DIGITS(&m) = 0;
-    MP_DIGITS(&c) = 0;
-    CHECK_MPI_OK( mp_init(&n) );
-    CHECK_MPI_OK( mp_init(&e) );
-    CHECK_MPI_OK( mp_init(&m) );
-    CHECK_MPI_OK( mp_init(&c) );
-    modLen = rsa_modulusLen(&key->modulus);
-    /* 1.  Obtain public key (n, e) */
-    SECITEM_TO_MPINT(key->modulus, &n);
-    SECITEM_TO_MPINT(key->publicExponent, &e);
-    /* 2.  Represent message as integer in range [0..n-1] */
-    CHECK_MPI_OK( mp_read_unsigned_octets(&m, input, modLen) );
-    /* 3.  Compute c = m**e mod n */
-#ifdef USE_MPI_EXPT_D
-    /* XXX see which is faster */
-    if (MP_USED(&e) == 1) {
-	CHECK_MPI_OK( mp_exptmod_d(&m, MP_DIGIT(&e, 0), &n, &c) );
-    } else
-#endif
-    CHECK_MPI_OK( mp_exptmod(&m, &e, &n, &c) );
-    /* 4.  result c is ciphertext */
-    err = mp_to_fixlen_octets(&c, output, modLen);
-    if (err >= 0) err = MP_OKAY;
-cleanup:
-    mp_clear(&n);
-    mp_clear(&e);
-    mp_clear(&m);
-    mp_clear(&c);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/*
-**  RSA Private key operation (no CRT).
-*/
-static SECStatus 
-rsa_PrivateKeyOpNoCRT(RSAPrivateKey *key, mp_int *m, mp_int *c, mp_int *n,
-                      unsigned int modLen)
-{
-    mp_int d;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    MP_DIGITS(&d) = 0;
-    CHECK_MPI_OK( mp_init(&d) );
-    SECITEM_TO_MPINT(key->privateExponent, &d);
-    /* 1. m = c**d mod n */
-    CHECK_MPI_OK( mp_exptmod(c, &d, n, m) );
-cleanup:
-    mp_clear(&d);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/*
-**  RSA Private key operation using CRT.
-*/
-static SECStatus 
-rsa_PrivateKeyOpCRTNoCheck(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
-    mp_int p, q, d_p, d_q, qInv;
-    mp_int m1, m2, h, ctmp;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    MP_DIGITS(&p)    = 0;
-    MP_DIGITS(&q)    = 0;
-    MP_DIGITS(&d_p)  = 0;
-    MP_DIGITS(&d_q)  = 0;
-    MP_DIGITS(&qInv) = 0;
-    MP_DIGITS(&m1)   = 0;
-    MP_DIGITS(&m2)   = 0;
-    MP_DIGITS(&h)    = 0;
-    MP_DIGITS(&ctmp) = 0;
-    CHECK_MPI_OK( mp_init(&p)    );
-    CHECK_MPI_OK( mp_init(&q)    );
-    CHECK_MPI_OK( mp_init(&d_p)  );
-    CHECK_MPI_OK( mp_init(&d_q)  );
-    CHECK_MPI_OK( mp_init(&qInv) );
-    CHECK_MPI_OK( mp_init(&m1)   );
-    CHECK_MPI_OK( mp_init(&m2)   );
-    CHECK_MPI_OK( mp_init(&h)    );
-    CHECK_MPI_OK( mp_init(&ctmp) );
-    /* copy private key parameters into mp integers */
-    SECITEM_TO_MPINT(key->prime1,      &p);    /* p */
-    SECITEM_TO_MPINT(key->prime2,      &q);    /* q */
-    SECITEM_TO_MPINT(key->exponent1,   &d_p);  /* d_p  = d mod (p-1) */
-    SECITEM_TO_MPINT(key->exponent2,   &d_q);  /* d_q  = d mod (q-1) */
-    SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
-    /* 1. m1 = c**d_p mod p */
-    CHECK_MPI_OK( mp_mod(c, &p, &ctmp) );
-    CHECK_MPI_OK( mp_exptmod(&ctmp, &d_p, &p, &m1) );
-    /* 2. m2 = c**d_q mod q */
-    CHECK_MPI_OK( mp_mod(c, &q, &ctmp) );
-    CHECK_MPI_OK( mp_exptmod(&ctmp, &d_q, &q, &m2) );
-    /* 3.  h = (m1 - m2) * qInv mod p */
-    CHECK_MPI_OK( mp_submod(&m1, &m2, &p, &h) );
-    CHECK_MPI_OK( mp_mulmod(&h, &qInv, &p, &h)  );
-    /* 4.  m = m2 + h * q */
-    CHECK_MPI_OK( mp_mul(&h, &q, m) );
-    CHECK_MPI_OK( mp_add(m, &m2, m) );
-cleanup:
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&d_p);
-    mp_clear(&d_q);
-    mp_clear(&qInv);
-    mp_clear(&m1);
-    mp_clear(&m2);
-    mp_clear(&h);
-    mp_clear(&ctmp);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/*
-** An attack against RSA CRT was described by Boneh, DeMillo, and Lipton in:
-** "On the Importance of Eliminating Errors in Cryptographic Computations",
-** http://theory.stanford.edu/~dabo/papers/faults.ps.gz
-**
-** As a defense against the attack, carry out the private key operation, 
-** followed up with a public key operation to invert the result.  
-** Verify that result against the input.
-*/
-static SECStatus 
-rsa_PrivateKeyOpCRTCheckedPubKey(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
-    mp_int n, e, v;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    MP_DIGITS(&n) = 0;
-    MP_DIGITS(&e) = 0;
-    MP_DIGITS(&v) = 0;
-    CHECK_MPI_OK( mp_init(&n) );
-    CHECK_MPI_OK( mp_init(&e) );
-    CHECK_MPI_OK( mp_init(&v) );
-    CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, m, c) );
-    SECITEM_TO_MPINT(key->modulus,        &n);
-    SECITEM_TO_MPINT(key->publicExponent, &e);
-    /* Perform a public key operation v = m ** e mod n */
-    CHECK_MPI_OK( mp_exptmod(m, &e, &n, &v) );
-    if (mp_cmp(&v, c) != 0) {
-	rv = SECFailure;
-    }
-cleanup:
-    mp_clear(&n);
-    mp_clear(&e);
-    mp_clear(&v);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-static PRCallOnceType coBPInit = { 0, 0, 0 };
-static PRStatus 
-init_blinding_params_list(void)
-{
-    blindingParamsList.lock = PZ_NewLock(nssILockOther);
-    if (!blindingParamsList.lock) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return PR_FAILURE;
-    }
-    PR_INIT_CLIST(&blindingParamsList.head);
-    return PR_SUCCESS;
-}
-
-static SECStatus
-generate_blinding_params(struct RSABlindingParamsStr *rsabp, 
-                         RSAPrivateKey *key, mp_int *n, unsigned int modLen)
-{
-    SECStatus rv = SECSuccess;
-    mp_int e, k;
-    mp_err err = MP_OKAY;
-    unsigned char *kb = NULL;
-    MP_DIGITS(&e) = 0;
-    MP_DIGITS(&k) = 0;
-    CHECK_MPI_OK( mp_init(&e) );
-    CHECK_MPI_OK( mp_init(&k) );
-    SECITEM_TO_MPINT(key->publicExponent, &e);
-    /* generate random k < n */
-    kb = PORT_Alloc(modLen);
-    if (!kb) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto cleanup;
-    }
-    CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(kb, modLen) );
-    CHECK_MPI_OK( mp_read_unsigned_octets(&k, kb, modLen) );
-    /* k < n */
-    CHECK_MPI_OK( mp_mod(&k, n, &k) );
-    /* f = k**e mod n */
-    CHECK_MPI_OK( mp_exptmod(&k, &e, n, &rsabp->f) );
-    /* g = k**-1 mod n */
-    CHECK_MPI_OK( mp_invmod(&k, n, &rsabp->g) );
-    /* Initialize the counter for this (f, g) */
-    rsabp->counter = RSA_BLINDING_PARAMS_MAX_REUSE;
-cleanup:
-    if (kb)
-	PORT_ZFree(kb, modLen);
-    mp_clear(&k);
-    mp_clear(&e);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-static SECStatus
-init_blinding_params(struct RSABlindingParamsStr *rsabp, RSAPrivateKey *key,
-                     mp_int *n, unsigned int modLen)
-{
-    SECStatus rv = SECSuccess;
-    mp_err err = MP_OKAY;
-    MP_DIGITS(&rsabp->f) = 0;
-    MP_DIGITS(&rsabp->g) = 0;
-    /* initialize blinding parameters */
-    CHECK_MPI_OK( mp_init(&rsabp->f) );
-    CHECK_MPI_OK( mp_init(&rsabp->g) );
-    /* List elements are keyed using the modulus */
-    SECITEM_CopyItem(NULL, &rsabp->modulus, &key->modulus);
-    CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) );
-    return SECSuccess;
-cleanup:
-    mp_clear(&rsabp->f);
-    mp_clear(&rsabp->g);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-static SECStatus
-get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen,
-                    mp_int *f, mp_int *g)
-{
-    SECStatus rv = SECSuccess;
-    mp_err err = MP_OKAY;
-    int cmp;
-    PRCList *el;
-    struct RSABlindingParamsStr *rsabp = NULL;
-    /* Init the list if neccessary (the init function is only called once!) */
-    if (blindingParamsList.lock == NULL) {
-	if (PR_CallOnce(&coBPInit, init_blinding_params_list) != PR_SUCCESS) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	    return SECFailure;
-	}
-    }
-    /* Acquire the list lock */
-    PZ_Lock(blindingParamsList.lock);
-    /* Walk the list looking for the private key */
-    for (el = PR_NEXT_LINK(&blindingParamsList.head);
-         el != &blindingParamsList.head;
-         el = PR_NEXT_LINK(el)) {
-	rsabp = (struct RSABlindingParamsStr *)el;
-	cmp = SECITEM_CompareItem(&rsabp->modulus, &key->modulus);
-	if (cmp == 0) {
-	    /* Check the usage counter for the parameters */
-	    if (--rsabp->counter <= 0) {
-		/* Regenerate the blinding parameters */
-		CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) );
-	    }
-	    /* Return the parameters */
-	    CHECK_MPI_OK( mp_copy(&rsabp->f, f) );
-	    CHECK_MPI_OK( mp_copy(&rsabp->g, g) );
-	    /* Now that the params are located, release the list lock. */
-	    PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */
-	    return SECSuccess;
-	} else if (cmp > 0) {
-	    /* The key is not in the list.  Break to param creation. */
-	    break;
-	}
-    }
-    /* At this point, the key is not in the list.  el should point to the
-    ** list element that this key should be inserted before.  NOTE: the list
-    ** lock is still held, so there cannot be a race condition here.
-    */
-    rsabp = (struct RSABlindingParamsStr *)
-              PORT_ZAlloc(sizeof(struct RSABlindingParamsStr));
-    if (!rsabp) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto cleanup;
-    }
-    /* Initialize the list pointer for the element */
-    PR_INIT_CLIST(&rsabp->link);
-    /* Initialize the blinding parameters 
-    ** This ties up the list lock while doing some heavy, element-specific
-    ** operations, but we don't want to insert the element until it is valid,
-    ** which requires computing the blinding params.  If this proves costly,
-    ** it could be done after the list lock is released, and then if it fails
-    ** the lock would have to be reobtained and the invalid element removed.
-    */
-    rv = init_blinding_params(rsabp, key, n, modLen);
-    if (rv != SECSuccess) {
-	PORT_ZFree(rsabp, sizeof(struct RSABlindingParamsStr));
-	goto cleanup;
-    }
-    /* Insert the new element into the list
-    ** If inserting in the middle of the list, el points to the link
-    ** to insert before.  Otherwise, the link needs to be appended to
-    ** the end of the list, which is the same as inserting before the
-    ** head (since el would have looped back to the head).
-    */
-    PR_INSERT_BEFORE(&rsabp->link, el);
-    /* Return the parameters */
-    CHECK_MPI_OK( mp_copy(&rsabp->f, f) );
-    CHECK_MPI_OK( mp_copy(&rsabp->g, g) );
-    /* Release the list lock */
-    PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */
-    return SECSuccess;
-cleanup:
-    /* It is possible to reach this after the lock is already released.
-    ** Ignore the error in that case.
-    */
-    PZ_Unlock(blindingParamsList.lock);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return SECFailure;
-}
-
-/*
-** Perform a raw private-key operation 
-**	Length of input and output buffers are equal to key's modulus len.
-*/
-static SECStatus 
-rsa_PrivateKeyOp(RSAPrivateKey *key, 
-                 unsigned char *output, 
-                 const unsigned char *input,
-                 PRBool check)
-{
-    unsigned int modLen;
-    unsigned int offset;
-    SECStatus rv = SECSuccess;
-    mp_err err;
-    mp_int n, c, m;
-    mp_int f, g;
-    if (!key || !output || !input) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    /* check input out of range (needs to be in range [0..n-1]) */
-    modLen = rsa_modulusLen(&key->modulus);
-    offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */
-    if (memcmp(input, key->modulus.data + offset, modLen) >= 0) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    MP_DIGITS(&n) = 0;
-    MP_DIGITS(&c) = 0;
-    MP_DIGITS(&m) = 0;
-    MP_DIGITS(&f) = 0;
-    MP_DIGITS(&g) = 0;
-    CHECK_MPI_OK( mp_init(&n) );
-    CHECK_MPI_OK( mp_init(&c) );
-    CHECK_MPI_OK( mp_init(&m) );
-    CHECK_MPI_OK( mp_init(&f) );
-    CHECK_MPI_OK( mp_init(&g) );
-    SECITEM_TO_MPINT(key->modulus, &n);
-    OCTETS_TO_MPINT(input, &c, modLen);
-    /* If blinding, compute pre-image of ciphertext by multiplying by
-    ** blinding factor
-    */
-    if (nssRSAUseBlinding) {
-	CHECK_SEC_OK( get_blinding_params(key, &n, modLen, &f, &g) );
-	/* c' = c*f mod n */
-	CHECK_MPI_OK( mp_mulmod(&c, &f, &n, &c) );
-    }
-    /* Do the private key operation m = c**d mod n */
-    if ( key->prime1.len      == 0 ||
-         key->prime2.len      == 0 ||
-         key->exponent1.len   == 0 ||
-         key->exponent2.len   == 0 ||
-         key->coefficient.len == 0) {
-	CHECK_SEC_OK( rsa_PrivateKeyOpNoCRT(key, &m, &c, &n, modLen) );
-    } else if (check) {
-	CHECK_SEC_OK( rsa_PrivateKeyOpCRTCheckedPubKey(key, &m, &c) );
-    } else {
-	CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, &m, &c) );
-    }
-    /* If blinding, compute post-image of plaintext by multiplying by
-    ** blinding factor
-    */
-    if (nssRSAUseBlinding) {
-	/* m = m'*g mod n */
-	CHECK_MPI_OK( mp_mulmod(&m, &g, &n, &m) );
-    }
-    err = mp_to_fixlen_octets(&m, output, modLen);
-    if (err >= 0) err = MP_OKAY;
-cleanup:
-    mp_clear(&n);
-    mp_clear(&c);
-    mp_clear(&m);
-    mp_clear(&f);
-    mp_clear(&g);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-SECStatus 
-RSA_PrivateKeyOp(RSAPrivateKey *key, 
-                 unsigned char *output, 
-                 const unsigned char *input)
-{
-    return rsa_PrivateKeyOp(key, output, input, PR_FALSE);
-}
-
-SECStatus 
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key, 
-                              unsigned char *output, 
-                              const unsigned char *input)
-{
-    return rsa_PrivateKeyOp(key, output, input, PR_TRUE);
-}
-
-static SECStatus
-swap_in_key_value(PRArenaPool *arena, mp_int *mpval, SECItem *buffer)
-{
-    int len;
-    mp_err err = MP_OKAY;
-    memset(buffer->data, 0, buffer->len);
-    len = mp_unsigned_octet_size(mpval);
-    if (len <= 0) return SECFailure;
-    if ((unsigned int)len <= buffer->len) {
-	/* The new value is no longer than the old buffer, so use it */
-	err = mp_to_unsigned_octets(mpval, buffer->data, len);
-	if (err >= 0) err = MP_OKAY;
-	buffer->len = len;
-    } else if (arena) {
-	/* The new value is longer, but working within an arena */
-	(void)SECITEM_AllocItem(arena, buffer, len);
-	err = mp_to_unsigned_octets(mpval, buffer->data, len);
-	if (err >= 0) err = MP_OKAY;
-    } else {
-	/* The new value is longer, no arena, can't handle this key */
-	return SECFailure;
-    }
-    return (err == MP_OKAY) ? SECSuccess : SECFailure;
-}
-
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
-    mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;
-    mp_err   err = MP_OKAY;
-    SECStatus rv = SECSuccess;
-    MP_DIGITS(&n)    = 0;
-    MP_DIGITS(&psub1)= 0;
-    MP_DIGITS(&qsub1)= 0;
-    MP_DIGITS(&e)    = 0;
-    MP_DIGITS(&d)    = 0;
-    MP_DIGITS(&d_p)  = 0;
-    MP_DIGITS(&d_q)  = 0;
-    MP_DIGITS(&qInv) = 0;
-    MP_DIGITS(&res)  = 0;
-    CHECK_MPI_OK( mp_init(&n)    );
-    CHECK_MPI_OK( mp_init(&p)    );
-    CHECK_MPI_OK( mp_init(&q)    );
-    CHECK_MPI_OK( mp_init(&psub1));
-    CHECK_MPI_OK( mp_init(&qsub1));
-    CHECK_MPI_OK( mp_init(&e)    );
-    CHECK_MPI_OK( mp_init(&d)    );
-    CHECK_MPI_OK( mp_init(&d_p)  );
-    CHECK_MPI_OK( mp_init(&d_q)  );
-    CHECK_MPI_OK( mp_init(&qInv) );
-    CHECK_MPI_OK( mp_init(&res)  );
-    SECITEM_TO_MPINT(key->modulus,         &n);
-    SECITEM_TO_MPINT(key->prime1,          &p);
-    SECITEM_TO_MPINT(key->prime2,          &q);
-    SECITEM_TO_MPINT(key->publicExponent,  &e);
-    SECITEM_TO_MPINT(key->privateExponent, &d);
-    SECITEM_TO_MPINT(key->exponent1,       &d_p);
-    SECITEM_TO_MPINT(key->exponent2,       &d_q);
-    SECITEM_TO_MPINT(key->coefficient,     &qInv);
-    /* p > q  */
-    if (mp_cmp(&p, &q) <= 0) {
-	/* mind the p's and q's (and d_p's and d_q's) */
-	SECItem tmp;
-	mp_exch(&p, &q);
-	mp_exch(&d_p,&d_q);
-	tmp = key->prime1;
-	key->prime1 = key->prime2;
-	key->prime2 = tmp;
-	tmp = key->exponent1;
-	key->exponent1 = key->exponent2;
-	key->exponent2 = tmp;
-    }
-#define VERIFY_MPI_EQUAL(m1, m2) \
-    if (mp_cmp(m1, m2) != 0) {   \
-	rv = SECFailure;         \
-	goto cleanup;            \
-    }
-#define VERIFY_MPI_EQUAL_1(m)    \
-    if (mp_cmp_d(m, 1) != 0) {   \
-	rv = SECFailure;         \
-	goto cleanup;            \
-    }
-    /*
-     * The following errors cannot be recovered from.
-     */
-    /* n == p * q */
-    CHECK_MPI_OK( mp_mul(&p, &q, &res) );
-    VERIFY_MPI_EQUAL(&res, &n);
-    /* gcd(e, p-1) == 1 */
-    CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) );
-    CHECK_MPI_OK( mp_gcd(&e, &psub1, &res) );
-    VERIFY_MPI_EQUAL_1(&res);
-    /* gcd(e, q-1) == 1 */
-    CHECK_MPI_OK( mp_sub_d(&q, 1, &qsub1) );
-    CHECK_MPI_OK( mp_gcd(&e, &qsub1, &res) );
-    VERIFY_MPI_EQUAL_1(&res);
-    /* d*e == 1 mod p-1 */
-    CHECK_MPI_OK( mp_mulmod(&d, &e, &psub1, &res) );
-    VERIFY_MPI_EQUAL_1(&res);
-    /* d*e == 1 mod q-1 */
-    CHECK_MPI_OK( mp_mulmod(&d, &e, &qsub1, &res) );
-    VERIFY_MPI_EQUAL_1(&res);
-    /*
-     * The following errors can be recovered from.
-     */
-    /* d_p == d mod p-1 */
-    CHECK_MPI_OK( mp_mod(&d, &psub1, &res) );
-    if (mp_cmp(&d_p, &res) != 0) {
-	/* swap in the correct value */
-	CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent1) );
-    }
-    /* d_q == d mod q-1 */
-    CHECK_MPI_OK( mp_mod(&d, &qsub1, &res) );
-    if (mp_cmp(&d_q, &res) != 0) {
-	/* swap in the correct value */
-	CHECK_SEC_OK( swap_in_key_value(key->arena, &res, &key->exponent2) );
-    }
-    /* q * q**-1 == 1 mod p */
-    CHECK_MPI_OK( mp_mulmod(&q, &qInv, &p, &res) );
-    if (mp_cmp_d(&res, 1) != 0) {
-	/* compute the correct value */
-	CHECK_MPI_OK( mp_invmod(&q, &p, &qInv) );
-	CHECK_SEC_OK( swap_in_key_value(key->arena, &qInv, &key->coefficient) );
-    }
-cleanup:
-    mp_clear(&n);
-    mp_clear(&p);
-    mp_clear(&q);
-    mp_clear(&psub1);
-    mp_clear(&qsub1);
-    mp_clear(&e);
-    mp_clear(&d);
-    mp_clear(&d_p);
-    mp_clear(&d_q);
-    mp_clear(&qInv);
-    mp_clear(&res);
-    if (err) {
-	MP_TO_SEC_ERROR(err);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/* cleanup at shutdown */
-void RSA_Cleanup(void)
-{
-    if (!coBPInit.initialized)
-	return;
-
-    while (!PR_CLIST_IS_EMPTY(&blindingParamsList.head))
-    {
-	struct RSABlindingParamsStr * rsabp = (struct RSABlindingParamsStr *)
-	    PR_LIST_HEAD(&blindingParamsList.head);
-	PR_REMOVE_LINK(&rsabp->link);
-	mp_clear(&rsabp->f);
-	mp_clear(&rsabp->g);
-	SECITEM_FreeItem(&rsabp->modulus,PR_FALSE);
-	PORT_Free(rsabp);
-    }
-
-    if (blindingParamsList.lock)
-    {
-	PZ_DestroyLock(blindingParamsList.lock);
-	blindingParamsList.lock = NULL;
-    }
-
-    coBPInit.initialized = 0;
-    coBPInit.inProgress = 0;
-    coBPInit.status = 0;
-}
-
-/*
- * need a central place for this function to free up all the memory that
- * free_bl may have allocated along the way. Currently only RSA does this,
- * so I've put it here for now.
- */
-void BL_Cleanup(void)
-{
-    RSA_Cleanup();
-}
diff --git a/security/nss/lib/freebl/secmpi.h b/security/nss/lib/freebl/secmpi.h
deleted file mode 100644
index cddcbb03d..000000000
--- a/security/nss/lib/freebl/secmpi.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.	Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "mpi.h"
-
-#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup
-
-#define CHECK_MPI_OK(func) if (MP_OKAY > (err = func)) goto cleanup
-
-#define OCTETS_TO_MPINT(oc, mp, len) \
-    CHECK_MPI_OK(mp_read_unsigned_octets((mp), oc, len))
-
-#define SECITEM_TO_MPINT(it, mp) \
-    CHECK_MPI_OK(mp_read_unsigned_octets((mp), (it).data, (it).len))
-
-#define MPINT_TO_SECITEM(mp, it, arena)                         \
-    SECITEM_AllocItem(arena, (it), mp_unsigned_octet_size(mp)); \
-    err = mp_to_unsigned_octets(mp, (it)->data, (it)->len);     \
-    if (err < 0) goto cleanup; else err = MP_OKAY;
-
-#define MP_TO_SEC_ERROR(err)                                          \
-    switch (err) {                                                    \
-    case MP_MEM:    PORT_SetError(SEC_ERROR_NO_MEMORY);       break;  \
-    case MP_RANGE:  PORT_SetError(SEC_ERROR_BAD_DATA);        break;  \
-    case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS);    break;  \
-    default:        PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break;  \
-    }
diff --git a/security/nss/lib/freebl/secrng.h b/security/nss/lib/freebl/secrng.h
deleted file mode 100644
index cddc7b000..000000000
--- a/security/nss/lib/freebl/secrng.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECRNG_H_
-#define _SECRNG_H_
-/*
- * secrng.h - public data structures and prototypes for the secure random
- *	      number generator
- *
- * $Id$
- */
-
-/******************************************/
-/*
-** Random number generation. A cryptographically strong random number
-** generator.
-*/
-
-#include "blapi.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** The following 3 functions are provided by the security library
-** but are differently implemented for the UNIX, Mac and Win
-** versions
-*/
-
-/*
-** Get the "noisiest" information available on the system.
-** The amount of data returned depends on the system implementation.
-** It will not exceed maxbytes, but may be (much) less.
-** Returns number of noise bytes copied into buf, or zero if error.
-*/
-extern size_t RNG_GetNoise(void *buf, size_t maxbytes);
-
-/*
-** RNG_SystemInfoForRNG should be called before any use of SSL. It
-** gathers up the system specific information to help seed the
-** state of the global random number generator.
-*/
-extern void RNG_SystemInfoForRNG(void);
-
-/* 
-** Use the contents (and stat) of a file to help seed the
-** global random number generator.
-*/
-extern void RNG_FileForRNG(const char *filename);
-
-SEC_END_PROTOS
-
-#endif /* _SECUTIL_H_ */
diff --git a/security/nss/lib/freebl/sha.c b/security/nss/lib/freebl/sha.c
deleted file mode 100644
index c8480c72c..000000000
--- a/security/nss/lib/freebl/sha.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is SHA 180-1 Reference Implementation (Compact version)
- * 
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research.  Portions created by Paul Kocher are 
- * Copyright (C) 1995-9 by Cryptography Research, Inc.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- *
- *     Paul Kocher
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sha.h"
-
-static void shaHashBlock(SHA_CTX *ctx);
-
-void shaInit(SHA_CTX *ctx) {
-  int i;
-
-  ctx->lenW = 0;
-  ctx->sizeHi = ctx->sizeLo = 0;
-
-  /* Initialize H with the magic constants (see FIPS180 for constants)
-   */
-  ctx->H[0] = 0x67452301L;
-  ctx->H[1] = 0xefcdab89L;
-  ctx->H[2] = 0x98badcfeL;
-  ctx->H[3] = 0x10325476L;
-  ctx->H[4] = 0xc3d2e1f0L;
-
-  for (i = 0; i < 80; i++)
-    ctx->W[i] = 0;
-}
-
-
-void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len) {
-  int i;
-
-  /* Read the data into W and process blocks as they get full
-   */
-  for (i = 0; i < len; i++) {
-    ctx->W[ctx->lenW / 4] <<= 8;
-    ctx->W[ctx->lenW / 4] |= (unsigned long)dataIn[i];
-    if ((++ctx->lenW) % 64 == 0) {
-      shaHashBlock(ctx);
-      ctx->lenW = 0;
-    }
-    ctx->sizeLo += 8;
-    ctx->sizeHi += (ctx->sizeLo < 8);
-  }
-}
-
-
-void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]) {
-  unsigned char pad0x80 = 0x80;
-  unsigned char pad0x00 = 0x00;
-  unsigned char padlen[8];
-  int i;
-
-  /* Pad with a binary 1 (e.g. 0x80), then zeroes, then length
-   */
-  padlen[0] = (unsigned char)((ctx->sizeHi >> 24) & 255);
-  padlen[1] = (unsigned char)((ctx->sizeHi >> 16) & 255);
-  padlen[2] = (unsigned char)((ctx->sizeHi >> 8) & 255);
-  padlen[3] = (unsigned char)((ctx->sizeHi >> 0) & 255);
-  padlen[4] = (unsigned char)((ctx->sizeLo >> 24) & 255);
-  padlen[5] = (unsigned char)((ctx->sizeLo >> 16) & 255);
-  padlen[6] = (unsigned char)((ctx->sizeLo >> 8) & 255);
-  padlen[7] = (unsigned char)((ctx->sizeLo >> 0) & 255);
-  shaUpdate(ctx, &pad0x80, 1);
-  while (ctx->lenW != 56)
-    shaUpdate(ctx, &pad0x00, 1);
-  shaUpdate(ctx, padlen, 8);
-
-  /* Output hash
-   */
-  for (i = 0; i < 20; i++) {
-    hashout[i] = (unsigned char)(ctx->H[i / 4] >> 24);
-    ctx->H[i / 4] <<= 8;
-  }
-
-  /*
-   *  Re-initialize the context (also zeroizes contents)
-   */
-  shaInit(ctx);
-}
-
-
-void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]) {
-  SHA_CTX ctx;
-
-  shaInit(&ctx);
-  shaUpdate(&ctx, dataIn, len);
-  shaFinal(&ctx, hashout);
-}
-
-
-#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n))))
-
-static void shaHashBlock(SHA_CTX *ctx) {
-  int t;
-  unsigned long A,B,C,D,E,TEMP;
-
-  for (t = 16; t <= 79; t++)
-    ctx->W[t] =
-      SHA_ROTL(ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], 1);
-
-  A = ctx->H[0];
-  B = ctx->H[1];
-  C = ctx->H[2];
-  D = ctx->H[3];
-  E = ctx->H[4];
-
-  for (t = 0; t <= 19; t++) {
-    TEMP = SHA_ROTL(A,5) + (((C^D)&B)^D)     + E + ctx->W[t] + 0x5a827999L;
-    E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
-  }
-  for (t = 20; t <= 39; t++) {
-    TEMP = SHA_ROTL(A,5) + (B^C^D)           + E + ctx->W[t] + 0x6ed9eba1L;
-    E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
-  }
-  for (t = 40; t <= 59; t++) {
-    TEMP = SHA_ROTL(A,5) + ((B&C)|(D&(B|C))) + E + ctx->W[t] + 0x8f1bbcdcL;
-    E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
-  }
-  for (t = 60; t <= 79; t++) {
-    TEMP = SHA_ROTL(A,5) + (B^C^D)           + E + ctx->W[t] + 0xca62c1d6L;
-    E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
-  }
-
-  ctx->H[0] += A;
-  ctx->H[1] += B;
-  ctx->H[2] += C;
-  ctx->H[3] += D;
-  ctx->H[4] += E;
-}
-
diff --git a/security/nss/lib/freebl/sha.h b/security/nss/lib/freebl/sha.h
deleted file mode 100644
index 0522a00b2..000000000
--- a/security/nss/lib/freebl/sha.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is SHA 180-1 Header File
- * 
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research.  Portions created by Paul Kocher are 
- * Copyright (C) 1995-9 by Cryptography Research, Inc.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- *
- *     Paul Kocher
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-typedef struct {
-  unsigned long H[5];
-  unsigned long W[80];
-  int lenW;
-  unsigned long sizeHi,sizeLo;
-} SHA_CTX;
-
-
-void shaInit(SHA_CTX *ctx);
-void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len);
-void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]);
-void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]);
-
diff --git a/security/nss/lib/freebl/sha_fast.c b/security/nss/lib/freebl/sha_fast.c
deleted file mode 100644
index 655f5c3e6..000000000
--- a/security/nss/lib/freebl/sha_fast.c
+++ /dev/null
@@ -1,421 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is SHA 180-1 Reference Implementation (Optimized)
- * 
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research.  Portions created by Paul Kocher are 
- * Copyright (C) 1995-9 by Cryptography Research, Inc.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- *
- *     Paul Kocher
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <memory.h>
-#include "blapi.h"
-#include "sha_fast.h"
-#include "prerror.h"
-
-#ifdef TRACING_SSL
-#include "ssl.h"
-#include "ssltrace.h"
-#endif
-
-static void shaCompress(SHA1Context *ctx);
-
-#define W u.w
-#define B u.b
-
-#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n))))
-#define SHA_F1(X,Y,Z) ((((Y)^(Z))&(X))^(Z))
-#define SHA_F2(X,Y,Z) ((X)^(Y)^(Z))
-#define SHA_F3(X,Y,Z) (((X)&(Y))|((Z)&((X)|(Y))))
-#define SHA_F4(X,Y,Z) ((X)^(Y)^(Z))
-#define SHA_MIX(t)    ctx->W[t] = \
-  (A = ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], SHA_ROTL(A, 1))
-
-
-/*
- *  SHA: Zeroize and initialize context
- */
-void 
-SHA1_Begin(SHA1Context *ctx)
-{
-  memset(ctx, 0, sizeof(SHA1Context));
-
-  /*
-   *  Initialize H with constants from FIPS180-1.
-   */
-  ctx->H[0] = 0x67452301L;
-  ctx->H[1] = 0xefcdab89L;
-  ctx->H[2] = 0x98badcfeL;
-  ctx->H[3] = 0x10325476L;
-  ctx->H[4] = 0xc3d2e1f0L;
-
-}
-
-
-/*
- *  SHA: Add data to context.
- */
-void 
-SHA1_Update(SHA1Context *ctx, const unsigned char *dataIn, unsigned int len) 
-{
-  register unsigned int lenB = ctx->sizeLo & 63;
-  register unsigned int togo;
-
-  if (!len)
-    return;
-
-  /* accumulate the byte count. */
-  ctx->sizeLo += len;
-  ctx->sizeHi += (ctx->sizeLo < len);
-
-  /*
-   *  Read the data into W and process blocks as they get full
-   */
-  if (lenB > 0) {
-    togo = 64 - lenB;
-    if (len < togo)
-      togo = len;
-    memcpy(ctx->B + lenB, dataIn, togo);
-    len    -= togo;
-    dataIn += togo;
-    lenB    = (lenB + togo) & 63;
-    if (!lenB) {
-      shaCompress(ctx);
-    }
-  }
-  while (len >= 64) {
-    memcpy(ctx->B, dataIn, 64);
-    dataIn += 64;
-    len    -= 64;
-    shaCompress(ctx);
-  }
-  if (len) {
-    memcpy(ctx->B, dataIn, len);
-  }
-}
-
-
-/*
- *  SHA: Generate hash value from context
- */
-void 
-SHA1_End(SHA1Context *ctx, unsigned char *hashout,
-         unsigned int *pDigestLen, unsigned int maxDigestLen)
-{
-  register PRUint32 sizeHi, sizeLo, lenB;
-  static const unsigned char bulk_pad[64] = { 0x80,0,0,0,0,0,0,0,0,0,
-          0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-          0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0  };
-#define A lenB
-
-  PORT_Assert (maxDigestLen >= SHA1_LENGTH);
-
-  /*
-   *  Pad with a binary 1 (e.g. 0x80), then zeroes, then length in bits
-   */
-  sizeHi = ctx->sizeHi;
-  sizeLo = ctx->sizeLo;
-  lenB = sizeLo & 63;
-  SHA1_Update(ctx, bulk_pad, (((55+64) - lenB) & 63) + 1);
-  PORT_Assert((ctx->sizeLo & 63) == 56);
-
-  /* Convert size{Hi,Lo} from bytes to bits. */
-  sizeHi = (sizeHi << 3) | (sizeLo >> 29);
-  sizeLo <<= 3;
-
-  ctx->W[14] = SHA_HTONL(sizeHi);
-  ctx->W[15] = SHA_HTONL(sizeLo);
-  shaCompress(ctx);
-
-  /*
-   *  Output hash
-   */
-#if defined(IS_LITTLE_ENDIAN)
-  SHA_BYTESWAP(ctx->H[0]);
-  SHA_BYTESWAP(ctx->H[1]);
-  SHA_BYTESWAP(ctx->H[2]);
-  SHA_BYTESWAP(ctx->H[3]);
-  SHA_BYTESWAP(ctx->H[4]);
-#endif
-  memcpy(hashout, ctx->H, SHA1_LENGTH);
-  *pDigestLen = SHA1_LENGTH;
-
-  /*
-   *  Re-initialize the context (also zeroizes contents)
-   */
-  SHA1_Begin(ctx);
-}
-
-#undef A
-#undef B
-/*
- *  SHA: Compression function, unrolled.
- */
-static void 
-shaCompress(SHA1Context *ctx) 
-{
-  register PRUint32 A, B, C, D, E;
-
-#if defined(IS_LITTLE_ENDIAN)
-  SHA_BYTESWAP(ctx->W[0]);
-  SHA_BYTESWAP(ctx->W[1]);
-  SHA_BYTESWAP(ctx->W[2]);
-  SHA_BYTESWAP(ctx->W[3]);
-  SHA_BYTESWAP(ctx->W[4]);
-  SHA_BYTESWAP(ctx->W[5]);
-  SHA_BYTESWAP(ctx->W[6]);
-  SHA_BYTESWAP(ctx->W[7]);
-  SHA_BYTESWAP(ctx->W[8]);
-  SHA_BYTESWAP(ctx->W[9]);
-  SHA_BYTESWAP(ctx->W[10]);
-  SHA_BYTESWAP(ctx->W[11]);
-  SHA_BYTESWAP(ctx->W[12]);
-  SHA_BYTESWAP(ctx->W[13]);
-  SHA_BYTESWAP(ctx->W[14]);
-  SHA_BYTESWAP(ctx->W[15]);
-#endif
-
-  /*
-   *  This can be moved into the main code block below, but doing
-   *  so can cause some compilers to run out of registers and resort
-   *  to storing intermediates in RAM.
-   */
-
-               SHA_MIX(16); SHA_MIX(17); SHA_MIX(18); SHA_MIX(19);
-  SHA_MIX(20); SHA_MIX(21); SHA_MIX(22); SHA_MIX(23); SHA_MIX(24);
-  SHA_MIX(25); SHA_MIX(26); SHA_MIX(27); SHA_MIX(28); SHA_MIX(29);
-  SHA_MIX(30); SHA_MIX(31); SHA_MIX(32); SHA_MIX(33); SHA_MIX(34);
-  SHA_MIX(35); SHA_MIX(36); SHA_MIX(37); SHA_MIX(38); SHA_MIX(39);
-  SHA_MIX(40); SHA_MIX(41); SHA_MIX(42); SHA_MIX(43); SHA_MIX(44);
-  SHA_MIX(45); SHA_MIX(46); SHA_MIX(47); SHA_MIX(48); SHA_MIX(49);
-  SHA_MIX(50); SHA_MIX(51); SHA_MIX(52); SHA_MIX(53); SHA_MIX(54);
-  SHA_MIX(55); SHA_MIX(56); SHA_MIX(57); SHA_MIX(58); SHA_MIX(59);
-  SHA_MIX(60); SHA_MIX(61); SHA_MIX(62); SHA_MIX(63); SHA_MIX(64);
-  SHA_MIX(65); SHA_MIX(66); SHA_MIX(67); SHA_MIX(68); SHA_MIX(69);
-  SHA_MIX(70); SHA_MIX(71); SHA_MIX(72); SHA_MIX(73); SHA_MIX(74);
-  SHA_MIX(75); SHA_MIX(76); SHA_MIX(77); SHA_MIX(78); SHA_MIX(79);
-
-  A = ctx->H[0];
-  B = ctx->H[1];
-  C = ctx->H[2];
-  D = ctx->H[3];
-  E = ctx->H[4];
-
-  E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 0]+0x5a827999L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 1]+0x5a827999L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 2]+0x5a827999L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 3]+0x5a827999L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 4]+0x5a827999L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 5]+0x5a827999L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 6]+0x5a827999L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 7]+0x5a827999L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 8]+0x5a827999L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 9]+0x5a827999L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[10]+0x5a827999L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[11]+0x5a827999L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[12]+0x5a827999L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[13]+0x5a827999L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[14]+0x5a827999L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[15]+0x5a827999L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[16]+0x5a827999L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[17]+0x5a827999L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[18]+0x5a827999L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[19]+0x5a827999L; C=SHA_ROTL(C,30); 
-
-  E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[20]+0x6ed9eba1L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[21]+0x6ed9eba1L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[22]+0x6ed9eba1L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[23]+0x6ed9eba1L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[24]+0x6ed9eba1L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[25]+0x6ed9eba1L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[26]+0x6ed9eba1L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[27]+0x6ed9eba1L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[28]+0x6ed9eba1L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[29]+0x6ed9eba1L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[30]+0x6ed9eba1L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[31]+0x6ed9eba1L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[32]+0x6ed9eba1L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[33]+0x6ed9eba1L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[34]+0x6ed9eba1L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[35]+0x6ed9eba1L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[36]+0x6ed9eba1L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[37]+0x6ed9eba1L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[38]+0x6ed9eba1L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[39]+0x6ed9eba1L; C=SHA_ROTL(C,30); 
-
-  E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[40]+0x8f1bbcdcL; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[41]+0x8f1bbcdcL; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[42]+0x8f1bbcdcL; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[43]+0x8f1bbcdcL; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[44]+0x8f1bbcdcL; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[45]+0x8f1bbcdcL; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[46]+0x8f1bbcdcL; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[47]+0x8f1bbcdcL; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[48]+0x8f1bbcdcL; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[49]+0x8f1bbcdcL; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[50]+0x8f1bbcdcL; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[51]+0x8f1bbcdcL; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[52]+0x8f1bbcdcL; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[53]+0x8f1bbcdcL; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[54]+0x8f1bbcdcL; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[55]+0x8f1bbcdcL; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[56]+0x8f1bbcdcL; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[57]+0x8f1bbcdcL; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[58]+0x8f1bbcdcL; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[59]+0x8f1bbcdcL; C=SHA_ROTL(C,30); 
-
-  E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[60]+0xca62c1d6L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[61]+0xca62c1d6L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[62]+0xca62c1d6L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[63]+0xca62c1d6L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[64]+0xca62c1d6L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[65]+0xca62c1d6L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[66]+0xca62c1d6L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[67]+0xca62c1d6L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[68]+0xca62c1d6L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[69]+0xca62c1d6L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[70]+0xca62c1d6L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[71]+0xca62c1d6L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[72]+0xca62c1d6L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[73]+0xca62c1d6L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[74]+0xca62c1d6L; C=SHA_ROTL(C,30); 
-  E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[75]+0xca62c1d6L; B=SHA_ROTL(B,30); 
-  D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[76]+0xca62c1d6L; A=SHA_ROTL(A,30); 
-  C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[77]+0xca62c1d6L; E=SHA_ROTL(E,30); 
-  B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[78]+0xca62c1d6L; D=SHA_ROTL(D,30); 
-  A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[79]+0xca62c1d6L; C=SHA_ROTL(C,30); 
-
-  ctx->H[0] += A;
-  ctx->H[1] += B;
-  ctx->H[2] += C;
-  ctx->H[3] += D;
-  ctx->H[4] += E;
-}
-
-/*************************************************************************
-** Code below this line added to make SHA code support BLAPI interface
-*/
-
-SHA1Context *
-SHA1_NewContext(void)
-{
-    SHA1Context *cx;
-
-    cx = PORT_ZNew(SHA1Context);
-    return cx;
-}
-
-void
-SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
-{
-    if (freeit) {
-        PORT_ZFree(cx, sizeof(SHA1Context));
-    }
-}
-
-SECStatus
-SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
-    SHA1Context ctx;
-    unsigned int outLen;
-
-    SHA1_Begin(&ctx);
-    SHA1_Update(&ctx, src, src_length);
-    SHA1_End(&ctx, dest, &outLen, SHA1_LENGTH);
-
-    return SECSuccess;
-}
-
-/* Hash a null-terminated character string. */
-SECStatus
-SHA1_Hash(unsigned char *dest, const char *src)
-{
-    return SHA1_HashBuf(dest, (const unsigned char *)src, PORT_Strlen (src));
-}
-
-/*
- * need to support save/restore state in pkcs11. Stores all the info necessary
- * for a structure into just a stream of bytes.
- */
-unsigned int
-SHA1_FlattenSize(SHA1Context *cx)
-{
-    return sizeof(SHA1Context);
-}
-
-SECStatus
-SHA1_Flatten(SHA1Context *cx,unsigned char *space)
-{
-    PORT_Memcpy(space,cx, sizeof(SHA1Context));
-    return SECSuccess;
-}
-
-SHA1Context *
-SHA1_Resurrect(unsigned char *space,void *arg)
-{
-    SHA1Context *cx = SHA1_NewContext();
-    if (cx == NULL) return NULL;
-
-    PORT_Memcpy(cx,space, sizeof(SHA1Context));
-    return cx;
-}
-
-void
-SHA1_TraceState(SHA1Context *ctx)
-{
-#ifdef TRACING_SSL
-    uint32        W;
-    int           i;
-    int           len;
-    int           fixWord = -1;
-    int           remainder;	/* bytes in last word */
-    unsigned char buf[64 * 4];
-
-    SSL_TRC(99, ("%d: SSL: SHA1 state: %08x %08x %08x %08x %08x", SSL_GETPID(), 
-	         ctx->H[0], ctx->H[1], ctx->H[2], ctx->H[3], ctx->H[4]));
-
-    len = (int)(ctx->sizeLo & 63);
-    remainder = len % 4;
-    if (remainder) 
-    	fixWord = len - remainder;
-    for (i = 0; i < len; i++) {
-	if (0 == (i % 4)) {
-	    W = ctx->W[i / 4];
-	    if (i == fixWord) {
-	        W <<= 8 * (4 - remainder);
-	    }
-	}
-	buf[i] = (unsigned char)(W >> 24);
-	W <<= 8;
-    }
-
-    PRINT_BUF(99, (0, "SHA1_TraceState: buffered input", buf, len));
-
-#else
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-#endif
-}
diff --git a/security/nss/lib/freebl/sha_fast.h b/security/nss/lib/freebl/sha_fast.h
deleted file mode 100644
index d371f9332..000000000
--- a/security/nss/lib/freebl/sha_fast.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is SHA 180-1 Reference Implementation (Optimized)
- * 
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research.  Portions created by Paul Kocher are 
- * Copyright (C) 1995-9 by Cryptography Research, Inc.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- *
- *     Paul Kocher
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SHA_FAST_H_
-#define _SHA_FAST_H_
-
-#define SHA1_INPUT_LEN 64
-
-struct SHA1ContextStr {
-  union {
-    PRUint32 w[80];		/* input buffer, plus 64 words */
-    PRUint8  b[320];
-  } u;
-  PRUint32 H[5];		/* 5 state variables */
-  PRUint32 sizeHi,sizeLo;	/* 64-bit count of hashed bytes. */
-};
-
-#define SHA_MASK      0x00FF00FF
-#if defined(IS_LITTLE_ENDIAN)
-#define SHA_HTONL(x)  (A = (x), A = (A << 16) | (A >> 16), \
-                       ((A & SHA_MASK) << 8) | ((A >> 8) & SHA_MASK))
-#else
-#define SHA_HTONL(x)  (x)
-#endif
-#define SHA_BYTESWAP(x) x = SHA_HTONL(x)
-
-#endif /* _SHA_FAST_H_ */
diff --git a/security/nss/lib/freebl/sparcfix.c b/security/nss/lib/freebl/sparcfix.c
deleted file mode 100644
index 6ebc41cf0..000000000
--- a/security/nss/lib/freebl/sparcfix.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is a program to modify v8+vis objects for linking.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are 
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- * 
- * Contributor(s):
- *	Netscape Communications Corporation
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.	If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *  $Id$
- */
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#if defined(SOLARIS2_6) || defined(SOLARIS2_7) || defined(SOLARIS2_8)
-#define NEW_SYSV_SPARC 1
-#include <gelf.h>
-#endif
-#include <libelf.h>
-#include <sys/elf_SPARC.h>
-
-int
-main(int argc, char *argv[])
-{
-	Elf *     elf;
-	off_t     size;
-	int       fd;
-	int       count;
-#if defined(NEW_SYSV_SPARC)
-	GElf_Ehdr  hdr;
-	GElf_Ehdr *ehdr = &hdr;
-#else
-	Elf32_Ehdr *ehdr;
-#endif
-
-
-	elf_version(EV_CURRENT);
-	fd = open(argv[1], O_RDWR);
-	if (fd < 0)
-	    goto loser;
-	elf = elf_begin(fd, ELF_C_RDWR, (Elf *)0);
-	if (!elf)
-	    goto loser;
-
-#if defined(NEW_SYSV_SPARC)
-	gelf_getehdr(elf, ehdr);
-#else
-        ehdr = elf32_getehdr(elf);
-	if (!ehdr)
-	    goto loser;
-#endif
-
-	if (ehdr->e_machine == EM_SPARC32PLUS) {
-	    ehdr->e_machine = EM_SPARC;
-	    ehdr->e_flags &= ~(EF_SPARC_32PLUS | EF_SPARC_SUN_US1);
-#if defined(NEW_SYSV_SPARC)
-	    count = gelf_update_ehdr(elf, ehdr);
-	    if (count < 0)
-		goto loser;
-#endif
-	    size = elf_update(elf, ELF_C_WRITE);
-	    if (size < 0)
-		goto loser;
-	}
-
-	do {
-	    count = elf_end(elf);
-	} while (count > 0);
-	return count;
-
-loser:
-	return 1;
-}
diff --git a/security/nss/lib/freebl/sysrand.c b/security/nss/lib/freebl/sysrand.c
deleted file mode 100644
index 410ab9cc7..000000000
--- a/security/nss/lib/freebl/sysrand.c
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include "unix_rand.c"
-#endif
-#ifdef XP_WIN
-#include "win_rand.c"
-#endif
-#ifdef XP_MAC
-#include "mac_rand.c"
-#endif
-#ifdef XP_OS2
-#include "os2_rand.c"
-#endif
diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c
deleted file mode 100644
index 4db400655..000000000
--- a/security/nss/lib/freebl/unix_rand.c
+++ /dev/null
@@ -1,989 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-#include <unistd.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <sys/stat.h>
-#include <assert.h>
-#include "secrng.h"
-
-size_t RNG_FileUpdate(const char *fileName, size_t limit);
-
-/*
- * When copying data to the buffer we want the least signicant bytes
- * from the input since those bits are changing the fastest. The address
- * of least significant byte depends upon whether we are running on
- * a big-endian or little-endian machine.
- *
- * Does this mean the least signicant bytes are the most significant
- * to us? :-)
- */
-    
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen)
-{
-    union endianness {
-	int32 i;
-	char c[4];
-    } u;
-
-    if (srclen <= dstlen) {
-	memcpy(dst, src, srclen);
-	return srclen;
-    }
-    u.i = 0x01020304;
-    if (u.c[0] == 0x01) {
-	/* big-endian case */
-	memcpy(dst, (char*)src + (srclen - dstlen), dstlen);
-    } else {
-	/* little-endian case */
-	memcpy(dst, src, dstlen);
-    }
-    return dstlen;
-}
-
-#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) \
-    || defined(NETBSD) || defined(NTO) || defined(DARWIN)
-#include <sys/times.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    int ticks;
-    struct tms buffer;
-
-    ticks=times(&buffer);
-    return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
-}
-
-static void
-GiveSystemInfo(void)
-{
-    long si;
-
-    /* 
-     * Is this really necessary?  Why not use rand48 or something?
-     */
-    si = sysconf(_SC_CHILD_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
-
-    si = sysconf(_SC_STREAM_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
-
-    si = sysconf(_SC_OPEN_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif
-
-#if defined(__sun)
-#if defined(__svr4) || defined(SVR4)
-#include <sys/systeminfo.h>
-#include <sys/times.h>
-#include <wait.h>
-
-int gettimeofday(struct timeval *);
-int gethostname(char *, int);
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static void
-GiveSystemInfo(void)
-{
-    int rv;
-    char buf[2000];
-
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    hrtime_t t;
-    t = gethrtime();
-    if (t) {
-	return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-    }
-    return 0;
-}
-#else /* SunOS (Sun, but not SVR4) */
-
-extern long sysconf(int name);
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
-    long si;
-
-    /* This is not very good */
-    si = sysconf(_SC_CHILD_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif
-#endif /* Sun */
-
-#if defined(__hpux)
-#include <sys/unistd.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-#if defined(__ia64)
-#include <ia64/sys/inline.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    PRUint64 t;
-
-    t = _Asm_mov_from_ar(_AREG44);
-    return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-#else
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    extern int ret_cr16();
-    int cr16val;
-
-    cr16val = ret_cr16();
-    return CopyLowBits(buf, maxbytes, &cr16val, sizeof(cr16val));
-}
-#endif
-
-static void
-GiveSystemInfo(void)
-{
-    long si;
-
-    /* This is not very good */
-    si = sysconf(_AES_OS_VERSION);
-    RNG_RandomUpdate(&si, sizeof(si));
-    si = sysconf(_SC_CPU_VERSION);
-    RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif /* HPUX */
-
-#if defined(OSF1)
-#include <sys/types.h>
-#include <sys/sysinfo.h>
-#include <sys/systeminfo.h>
-#include <c_asm.h>
-
-static void
-GiveSystemInfo(void)
-{
-    char buf[BUFSIZ];
-    int rv;
-    int off = 0;
-
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-
-/*
- * Use the "get the cycle counter" instruction on the alpha.
- * The low 32 bits completely turn over in less than a minute.
- * The high 32 bits are some non-counter gunk that changes sometimes.
- */
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    unsigned long t;
-
-    t = asm("rpcc %v0");
-    return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-
-#endif /* Alpha */
-
-#if defined(_IBMR2)
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
-    /* XXX haven't found any yet! */
-}
-#endif /* IBM R2 */
-
-#if defined(LINUX)
-#include <linux/kernel.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
-    /* XXX sysinfo() does not seem be implemented anywhwere */
-#if 0
-    struct sysinfo si;
-    char hn[2000];
-    if (sysinfo(&si) == 0) {
-	RNG_RandomUpdate(&si, sizeof(si));
-    }
-#endif
-}
-#endif /* LINUX */
-
-#if defined(NCR)
-
-#include <sys/utsname.h>
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
-    int rv;
-    char buf[2000];
-
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-
-#endif /* NCR */
-
-
-#if defined(sgi)
-#include <fcntl.h>
-#undef PRIVATE
-#include <sys/mman.h>
-#include <sys/syssgi.h>
-#include <sys/immu.h>
-#include <sys/systeminfo.h>
-#include <sys/utsname.h>
-#include <wait.h>
-
-static void
-GiveSystemInfo(void)
-{
-    int rv;
-    char buf[4096];
-
-    rv = syssgi(SGI_SYSID, &buf[0]);
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, MAXSYSIDSIZE);
-    }
-#ifdef SGI_RDUBLK
-    rv = syssgi(SGI_RDUBLK, getpid(), &buf[0], sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, sizeof(buf));
-    }
-#endif /* SGI_RDUBLK */
-    rv = syssgi(SGI_INVENT, SGI_INV_READ, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, sizeof(buf));
-    }
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-
-static size_t GetHighResClock(void *buf, size_t maxbuf)
-{
-    unsigned phys_addr, raddr, cycleval;
-    static volatile unsigned *iotimer_addr = NULL;
-    static int tries = 0;
-    static int cntr_size;
-    int mfd;
-    long s0[2];
-    struct timeval tv;
-
-#ifndef SGI_CYCLECNTR_SIZE
-#define SGI_CYCLECNTR_SIZE      165     /* Size user needs to use to read CC */
-#endif
-
-    if (iotimer_addr == NULL) {
-	if (tries++ > 1) {
-	    /* Don't keep trying if it didn't work */
-	    return 0;
-	}
-
-	/*
-	** For SGI machines we can use the cycle counter, if it has one,
-	** to generate some truly random numbers
-	*/
-	phys_addr = syssgi(SGI_QUERY_CYCLECNTR, &cycleval);
-	if (phys_addr) {
-	    int pgsz = getpagesize();
-	    int pgoffmask = pgsz - 1;
-
-	    raddr = phys_addr & ~pgoffmask;
-	    mfd = open("/dev/mmem", O_RDONLY);
-	    if (mfd < 0) {
-		return 0;
-	    }
-	    iotimer_addr = (unsigned *)
-		mmap(0, pgoffmask, PROT_READ, MAP_PRIVATE, mfd, (int)raddr);
-	    if (iotimer_addr == (void*)-1) {
-		close(mfd);
-		iotimer_addr = NULL;
-		return 0;
-	    }
-	    iotimer_addr = (unsigned*)
-		((__psint_t)iotimer_addr | (phys_addr & pgoffmask));
-	    /*
-	     * The file 'mfd' is purposefully not closed.
-	     */
-	    cntr_size = syssgi(SGI_CYCLECNTR_SIZE);
-	    if (cntr_size < 0) {
-		struct utsname utsinfo;
-
-		/* 
-		 * We must be executing on a 6.0 or earlier system, since the
-		 * SGI_CYCLECNTR_SIZE call is not supported.
-		 * 
-		 * The only pre-6.1 platforms with 64-bit counters are
-		 * IP19 and IP21 (Challenge, PowerChallenge, Onyx).
-		 */
-		uname(&utsinfo);
-		if (!strncmp(utsinfo.machine, "IP19", 4) ||
-		    !strncmp(utsinfo.machine, "IP21", 4))
-			cntr_size = 64;
-		else
-			cntr_size = 32;
-	    }
-	    cntr_size /= 8;	/* Convert from bits to bytes */
-	}
-    }
-
-    s0[0] = *iotimer_addr;
-    if (cntr_size > 4)
-	s0[1] = *(iotimer_addr + 1);
-    memcpy(buf, (char *)&s0[0], cntr_size);
-    return CopyLowBits(buf, maxbuf, &s0, cntr_size);
-}
-#endif
-
-#if defined(sony)
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
-    int rv;
-    char buf[2000];
-
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-#endif /* sony */
-
-#if defined(sinix)
-#include <sys/systeminfo.h>
-#include <sys/times.h>
-
-int gettimeofday(struct timeval *, struct timezone *);
-int gethostname(char *, int);
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    int ticks;
-    struct tms buffer;
-
-    ticks=times(&buffer);
-    return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
-}
-
-static void
-GiveSystemInfo(void)
-{
-    int rv;
-    char buf[2000];
-
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-#endif /* sinix */
-
-#if defined(VMS)
-#include <c_asm.h>
-
-static void
-GiveSystemInfo(void)
-{
-    long si;
- 
-    /* 
-     * This is copied from the SCO/UNIXWARE etc section. And like the comment
-     * there says, what's the point? This isn't random, it generates the same
-     * stuff every time its run!
-     */
-    si = sysconf(_SC_CHILD_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
- 
-    si = sysconf(_SC_STREAM_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
- 
-    si = sysconf(_SC_OPEN_MAX);
-    RNG_RandomUpdate(&si, sizeof(si));
-}
- 
-/*
- * Use the "get the cycle counter" instruction on the alpha.
- * The low 32 bits completely turn over in less than a minute.
- * The high 32 bits are some non-counter gunk that changes sometimes.
- */
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    unsigned long t;
- 
-    t = asm("rpcc %v0");
-    return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
- 
-#endif /* VMS */
-
-#ifdef BEOS
-#include <be/kernel/OS.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    bigtime_t bigtime; /* Actually an int64 */
-
-    bigtime = real_time_clock_usecs();
-    return CopyLowBits(buf, maxbytes, &bigtime, sizeof(bigtime));
-}
-
-static void
-GiveSystemInfo(void)
-{
-    system_info *info = NULL;
-    int32 val;                     
-    get_system_info(info);
-    if (info) {
-        val = info->boot_time;
-        RNG_RandomUpdate(&val, sizeof(val));
-        val = info->used_pages;
-        RNG_RandomUpdate(&val, sizeof(val));
-        val = info->used_ports;
-        RNG_RandomUpdate(&val, sizeof(val));
-        val = info->used_threads;
-        RNG_RandomUpdate(&val, sizeof(val));
-        val = info->used_teams;
-        RNG_RandomUpdate(&val, sizeof(val));
-    }
-}
-#endif /* BEOS */
-
-#if defined(nec_ews)
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
-    return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
-    int rv;
-    char buf[2000];
-
-    rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-    rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
-    if (rv > 0) {
-	RNG_RandomUpdate(buf, rv);
-    }
-}
-#endif /* nec_ews */
-
-size_t RNG_GetNoise(void *buf, size_t maxbytes)
-{
-    struct timeval tv;
-    int n = 0;
-    int c;
-
-    n = GetHighResClock(buf, maxbytes);
-    maxbytes -= n;
-
-#if defined(__sun) && (defined(_svr4) || defined(SVR4)) || defined(sony)
-    (void)gettimeofday(&tv);
-#else
-    (void)gettimeofday(&tv, 0);
-#endif
-    c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_usec, sizeof(tv.tv_usec));
-    n += c;
-    maxbytes -= c;
-    c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_sec, sizeof(tv.tv_sec));
-    n += c;
-    return n;
-}
-
-#define SAFE_POPEN_MAXARGS	10	/* must be at least 2 */
-
-/*
- * safe_popen is static to this module and we know what arguments it is
- * called with. Note that this version only supports a single open child
- * process at any time.
- */
-static pid_t safe_popen_pid;
-static struct sigaction oldact;
-
-static FILE *
-safe_popen(char *cmd)
-{
-    int p[2], fd, argc;
-    pid_t pid;
-    char *argv[SAFE_POPEN_MAXARGS + 1];
-    FILE *fp;
-    static char blank[] = " \t";
-    static struct sigaction newact;
-
-    if (pipe(p) < 0)
-	return 0;
-
-    /* Setup signals so that SIGCHLD is ignored as we want to do waitpid */
-    newact.sa_handler = SIG_DFL;
-    newact.sa_flags = 0;
-    sigfillset(&newact.sa_mask);
-    sigaction (SIGCHLD, &newact, &oldact);
-
-    pid = fork();
-    switch (pid) {
-      case -1:
-	close(p[0]);
-	close(p[1]);
-	sigaction (SIGCHLD, &oldact, NULL);
-	return 0;
-
-      case 0:
-	/* dup write-side of pipe to stderr and stdout */
-	if (p[1] != 1) dup2(p[1], 1);
-	if (p[1] != 2) dup2(p[1], 2);
-	close(0);
-	for (fd = getdtablesize(); --fd > 2; close(fd))
-	    ;
-
-	/* clean up environment in the child process */
-	putenv("PATH=/bin:/usr/bin:/sbin:/usr/sbin:/etc:/usr/etc");
-	putenv("SHELL=/bin/sh");
-	putenv("IFS= \t");
-
-	/*
-	 * The caller may have passed us a string that is in text
-	 * space. It may be illegal to modify the string
-	 */
-	cmd = strdup(cmd);
-	/* format argv */
-	argv[0] = strtok(cmd, blank);
-	argc = 1;
-	while ((argv[argc] = strtok(0, blank)) != 0) {
-	    if (++argc == SAFE_POPEN_MAXARGS) {
-		argv[argc] = 0;
-		break;
-	    }
-	}
-
-	/* and away we go */
-	execvp(argv[0], argv);
-	exit(127);
-	break;
-
-      default:
-	close(p[1]);
-	fp = fdopen(p[0], "r");
-	if (fp == 0) {
-	    close(p[0]);
-	    sigaction (SIGCHLD, &oldact, NULL);
-	    return 0;
-	}
-	break;
-    }
-
-    /* non-zero means there's a cmd running */
-    safe_popen_pid = pid;
-    return fp;
-}
-
-static int
-safe_pclose(FILE *fp)
-{
-    pid_t pid;
-    int count, status;
-
-    if ((pid = safe_popen_pid) == 0)
-	return -1;
-    safe_popen_pid = 0;
-
-    /* if the child hasn't exited, kill it -- we're done with its output */
-    count = 0;
-    while (waitpid(pid, &status, WNOHANG) == 0) {
-    	if (kill(pid, SIGKILL) < 0 && errno == ESRCH)
-	    break;
-	if (++count == 1000)
-	    break;
-    }
-
-    /* Reset SIGCHLD signal hander before returning */
-    sigaction(SIGCHLD, &oldact, NULL);
-
-    fclose(fp);
-    return status;
-}
-
-
-#if !defined(VMS)
-
-#ifdef DARWIN
-#include <crt_externs.h>
-#endif
-
-void RNG_SystemInfoForRNG(void)
-{
-    FILE *fp;
-    char buf[BUFSIZ];
-    size_t bytes;
-    const char * const *cp;
-    char *randfile;
-#ifdef DARWIN
-    char **environ = *_NSGetEnviron();
-#else
-    extern char **environ;
-#endif
-#ifdef BEOS
-    static const char * const files[] = {
-	"/boot/var/swap",
-	"/boot/var/log/syslog",
-	"/boot/var/tmp",
-	"/boot/home/config/settings",
-	"/boot/home",
-	0
-    };
-#else
-    static const char * const files[] = {
-	"/etc/passwd",
-	"/etc/utmp",
-	"/tmp",
-	"/var/tmp",
-	"/usr/tmp",
-	0
-    };
-#endif
-
-#ifdef DO_PS
-For now it is considered that it is too expensive to run the ps command
-for the small amount of entropy it provides.
-#if defined(__sun) && (!defined(__svr4) && !defined(SVR4)) || defined(bsdi) || defined(LINUX)
-    static char ps_cmd[] = "ps aux";
-#else
-    static char ps_cmd[] = "ps -el";
-#endif
-#endif /* DO_PS */
-#if defined(BSDI)
-    static char netstat_ni_cmd[] = "netstat -nis";
-#else
-    static char netstat_ni_cmd[] = "netstat -ni";
-#endif
-
-    GiveSystemInfo();
-
-    bytes = RNG_GetNoise(buf, sizeof(buf));
-    RNG_RandomUpdate(buf, bytes);
-
-    /*
-     * Pass the C environment and the addresses of the pointers to the
-     * hash function. This makes the random number function depend on the
-     * execution environment of the user and on the platform the program
-     * is running on.
-     */
-    cp = (const char * const *)environ;
-    while (*cp) {
-	RNG_RandomUpdate(*cp, strlen(*cp));
-	cp++;
-    }
-    RNG_RandomUpdate(environ, (char*)cp - (char*)environ);
-
-    /* Give in system information */
-    if (gethostname(buf, sizeof(buf)) > 0) {
-	RNG_RandomUpdate(buf, strlen(buf));
-    }
-    GiveSystemInfo();
-
-    /* grab some data from system's PRNG before any other files. */
-    bytes = RNG_FileUpdate("/dev/urandom", 1024);
-
-    /* If the user points us to a random file, pass it through the rng */
-    randfile = getenv("NSRANDFILE");
-    if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) {
-	RNG_FileForRNG(randfile);
-    }
-
-    /* pass other files through */
-    for (cp = files; *cp; cp++)
-	RNG_FileForRNG(*cp);
-
-/*
- * Bug 100447: On BSD/OS 4.2 and 4.3, we have problem calling safe_popen
- * in a pthreads environment.  Therefore, we call safe_popen last and on
- * BSD/OS we do not call safe_popen when we succeeded in getting data
- * from /dev/urandom.
- */
-
-#ifdef BSDI
-    if (bytes)
-        return;
-#endif
-
-#ifdef DO_PS
-    fp = safe_popen(ps_cmd);
-    if (fp != NULL) {
-	while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
-	    RNG_RandomUpdate(buf, bytes);
-	safe_pclose(fp);
-    }
-#endif
-    fp = safe_popen(netstat_ni_cmd);
-    if (fp != NULL) {
-	while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
-	    RNG_RandomUpdate(buf, bytes);
-	safe_pclose(fp);
-    }
-
-}
-#else
-void RNG_SystemInfoForRNG(void)
-{
-    FILE *fp;
-    char buf[BUFSIZ];
-    size_t bytes;
-    int extra;
-    char **cp;
-    extern char **environ;
-    char *randfile;
- 
-    GiveSystemInfo();
- 
-    bytes = RNG_GetNoise(buf, sizeof(buf));
-    RNG_RandomUpdate(buf, bytes);
- 
-    /*
-     * Pass the C environment and the addresses of the pointers to the
-     * hash function. This makes the random number function depend on the
-     * execution environment of the user and on the platform the program
-     * is running on.
-     */
-    cp = environ;
-    while (*cp) {
-	RNG_RandomUpdate(*cp, strlen(*cp));
-	cp++;
-    }
-    RNG_RandomUpdate(environ, (char*)cp - (char*)environ);
- 
-    /* Give in system information */
-    if (gethostname(buf, sizeof(buf)) > 0) {
-	RNG_RandomUpdate(buf, strlen(buf));
-    }
-    GiveSystemInfo();
- 
-    /* If the user points us to a random file, pass it through the rng */
-    randfile = getenv("NSRANDFILE");
-    if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) {
-	RNG_FileForRNG(randfile);
-    }
-
-    /*
-    ** We need to generate at least 1024 bytes of seed data. Since we don't
-    ** do the file stuff for VMS, and because the environ list is so short
-    ** on VMS, we need to make sure we generate enough. So do another 1000
-    ** bytes to be sure.
-    */
-    extra = 1000;
-    while (extra > 0) {
-        cp = environ;
-        while (*cp) {
-	    int n = strlen(*cp);
-	    RNG_RandomUpdate(*cp, n);
-	    extra -= n;
-	    cp++;
-        }
-    }
-}
-#endif
-
-#define TOTAL_FILE_LIMIT 1000000	/* one million */
-
-size_t RNG_FileUpdate(const char *fileName, size_t limit)
-{
-    FILE *        file;
-    size_t        bytes;
-    size_t        fileBytes = 0;
-    struct stat   stat_buf;
-    unsigned char buffer[BUFSIZ];
-    static size_t totalFileBytes = 0;
-    
-    if (stat((char *)fileName, &stat_buf) < 0)
-	return fileBytes;
-    RNG_RandomUpdate(&stat_buf, sizeof(stat_buf));
-    
-    file = fopen((char *)fileName, "r");
-    if (file != NULL) {
-	while (limit > fileBytes) {
-	    bytes = PR_MIN(sizeof buffer, limit - fileBytes);
-	    bytes = fread(buffer, 1, bytes, file);
-	    if (bytes == 0) 
-		break;
-	    RNG_RandomUpdate(buffer, bytes);
-	    fileBytes      += bytes;
-	    totalFileBytes += bytes;
-	    /* after TOTAL_FILE_LIMIT has been reached, only read in first
-	    ** buffer of data from each subsequent file.
-	    */
-	    if (totalFileBytes > TOTAL_FILE_LIMIT) 
-		break;
-	}
-	fclose(file);
-    }
-    /*
-     * Pass yet another snapshot of our highest resolution clock into
-     * the hash function.
-     */
-    bytes = RNG_GetNoise(buffer, sizeof(buffer));
-    RNG_RandomUpdate(buffer, bytes);
-    return fileBytes;
-}
-
-void RNG_FileForRNG(const char *fileName)
-{
-    RNG_FileUpdate(fileName, TOTAL_FILE_LIMIT);
-}
diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c
deleted file mode 100644
index bad0365cd..000000000
--- a/security/nss/lib/freebl/win_rand.c
+++ /dev/null
@@ -1,545 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secrng.h"
-#ifdef XP_WIN
-#include <windows.h>
-
-#if defined(_WIN32_WCE)
-#include <stdlib.h>	/* Win CE puts lots of stuff here. */
-#include "prprf.h"	/* for PR_snprintf */
-#else
-#include <time.h>
-#include <io.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-#include <stdio.h>
-
-#ifndef _WIN32
-#define VTD_Device_ID   5
-#define OP_OVERRIDE     _asm _emit 0x66
-#include <dos.h>
-#endif
-
-#include "prio.h"
-
-static PRInt32  filesToRead;
-static DWORD    totalFileBytes;
-static DWORD    maxFileBytes	= 250000;	/* 250 thousand */
-static DWORD    dwNumFiles, dwReadEvery;
-
-static BOOL
-CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow)
-{
-#ifdef _WIN32
-    LARGE_INTEGER   liCount;
-
-    if (!QueryPerformanceCounter(&liCount))
-        return FALSE;
-
-    *lpdwHigh = liCount.u.HighPart;
-    *lpdwLow = liCount.u.LowPart;
-    return TRUE;
-
-#else   /* is WIN16 */
-    BOOL    bRetVal;
-    FARPROC lpAPI;
-    WORD    w1, w2, w3, w4;
-
-    // Get direct access to the VTD and query the current clock tick time
-    _asm {
-        xor   di, di
-        mov   es, di
-        mov   ax, 1684h
-        mov   bx, VTD_Device_ID
-        int   2fh
-        mov   ax, es
-        or    ax, di
-        jz    EnumerateFailed
-
-        ; VTD API is available. First store the API address (the address actually
-        ; contains an instruction that causes a fault, the fault handler then
-        ; makes the ring transition and calls the API in the VxD)
-        mov   word ptr lpAPI, di
-        mov   word ptr lpAPI+2, es
-        mov   ax, 100h      ; API function to VTD_Get_Real_Time
-;       call  dword ptr [lpAPI]
-        call  [lpAPI]
-
-        ; Result is in EDX:EAX which we will get 16-bits at a time
-        mov   w2, dx
-        OP_OVERRIDE
-        shr   dx,10h        ; really "shr edx, 16"
-        mov   w1, dx
-
-        mov   w4, ax
-        OP_OVERRIDE
-        shr   ax,10h        ; really "shr eax, 16"
-        mov   w3, ax
-
-        mov   bRetVal, 1    ; return TRUE
-        jmp   EnumerateExit
-
-      EnumerateFailed:
-        mov   bRetVal, 0    ; return FALSE
-
-      EnumerateExit:
-    }
-
-    *lpdwHigh = MAKELONG(w2, w1);
-    *lpdwLow = MAKELONG(w4, w3);
-
-    return bRetVal;
-#endif  /* is WIN16 */
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbuf)
-{
-    DWORD   dwHigh, dwLow, dwVal;
-    int     n = 0;
-    int     nBytes;
-
-    if (maxbuf <= 0)
-        return 0;
-
-    CurrentClockTickTime(&dwHigh, &dwLow);
-
-    // get the maximally changing bits first
-    nBytes = sizeof(dwLow) > maxbuf ? maxbuf : sizeof(dwLow);
-    memcpy((char *)buf, &dwLow, nBytes);
-    n += nBytes;
-    maxbuf -= nBytes;
-
-    if (maxbuf <= 0)
-        return n;
-
-    nBytes = sizeof(dwHigh) > maxbuf ? maxbuf : sizeof(dwHigh);
-    memcpy(((char *)buf) + n, &dwHigh, nBytes);
-    n += nBytes;
-    maxbuf -= nBytes;
-
-    if (maxbuf <= 0)
-        return n;
-
-    // get the number of milliseconds that have elapsed since Windows started
-    dwVal = GetTickCount();
-
-    nBytes = sizeof(dwVal) > maxbuf ? maxbuf : sizeof(dwVal);
-    memcpy(((char *)buf) + n, &dwVal, nBytes);
-    n += nBytes;
-    maxbuf -= nBytes;
-
-    if (maxbuf <= 0)
-        return n;
-
-#if defined(_WIN32_WCE)
-    {
-    // get the number of milliseconds elapsed since Windows CE was started. 
-    DWORD  tickCount = GetTickCount();
-    nBytes = (sizeof tickCount) > maxbuf ? maxbuf : (sizeof tickCount);
-    memcpy(((char *)buf) + n, &tickCount, nBytes);
-    n += nBytes;
-    }
-#else
-    {
-    time_t  sTime;
-    // get the time in seconds since midnight Jan 1, 1970
-    time(&sTime);
-    nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
-    memcpy(((char *)buf) + n, &sTime, nBytes);
-    n += nBytes;
-    }
-#endif
-
-    return n;
-}
-
-#if defined(_WIN32_WCE)
-static BOOL
-EnumSystemFilesWithNSPR(const char * dirName, 
-			BOOL recursive,
-                        PRInt32 (*func)(const char *))
-{
-    PRDir *      pDir;
-    PRDirEntry * pEntry;
-    BOOL         rv 		= FALSE;
-
-    pDir = PR_OpenDir(dirName);
-    if (!pDir)
-    	return rv;
-    while ((pEntry = PR_ReadDir(pDir, PR_SKIP_BOTH|PR_SKIP_HIDDEN)) != NULL) {
-	PRStatus    status;
-	PRInt32     count;
-	PRInt32     stop;
-	PRFileInfo  fileInfo;
-	char        szFileName[_MAX_PATH];
-
-        count = (PRInt32)PR_snprintf(szFileName, sizeof szFileName, "%s\\%s", 
-	                             dirName, PR_DirName(pEntry));
-	if (count < 1)
-	    continue;
-	status = PR_GetFileInfo(szFileName, &fileInfo);
-	if (status != PR_SUCCESS)
-	    continue;
-	if (fileInfo.type == PR_FILE_FILE) {
-	    stop = (*func)(szFileName);
-	    rv = TRUE;
-	    if (stop)
-	        break;
-	    continue;
-    	}
-	if (recursive && fileInfo.type == PR_FILE_DIRECTORY) {
-	    rv |= EnumSystemFilesWithNSPR(szFileName, recursive, func);
-	}
-    }
-    PR_CloseDir(pDir);
-    return rv;
-}
-#endif
-
-static BOOL
-EnumSystemFiles(PRInt32 (*func)(const char *))
-{
-#if defined(_WIN32_WCE)
-    BOOL rv = FALSE;
-    rv |= EnumSystemFilesWithNSPR("\\Windows\\Temporary Internet Files", TRUE, func);
-    rv |= EnumSystemFilesWithNSPR("\\Temp",    FALSE, func);
-    rv |= EnumSystemFilesWithNSPR("\\Windows", FALSE, func);
-    return rv;
-#else
-    int                 iStatus;
-    char                szSysDir[_MAX_PATH];
-    char                szFileName[_MAX_PATH];
-#ifdef _WIN32
-    struct _finddata_t  fdData;
-    long                lFindHandle;
-#else
-    struct _find_t  fdData;
-#endif
-
-    if (!GetSystemDirectory(szSysDir, sizeof(szSysDir)))
-        return FALSE;
-
-    // tack *.* on the end so we actually look for files. this will
-    // not overflow
-    strcpy(szFileName, szSysDir);
-    strcat(szFileName, "\\*.*");
-
-#ifdef _WIN32
-    lFindHandle = _findfirst(szFileName, &fdData);
-    if (lFindHandle == -1)
-        return FALSE;
-#else
-    if (_dos_findfirst(szFileName, _A_NORMAL | _A_RDONLY | _A_ARCH | _A_SUBDIR, &fdData) != 0)
-        return FALSE;
-#endif
-
-    do {
-        // pass the full pathname to the callback
-        sprintf(szFileName, "%s\\%s", szSysDir, fdData.name);
-        (*func)(szFileName);
-
-#ifdef _WIN32
-        iStatus = _findnext(lFindHandle, &fdData);
-#else
-        iStatus = _dos_findnext(&fdData);
-#endif
-    } while (iStatus == 0);
-
-#ifdef _WIN32
-    _findclose(lFindHandle);
-#endif
-
-    return TRUE;
-#endif
-}
-
-static PRInt32
-CountFiles(const char *file)
-{
-    dwNumFiles++;
-    return 0;
-}
-
-static PRInt32
-ReadFiles(const char *file)
-{
-    if ((dwNumFiles % dwReadEvery) == 0) {
-	++filesToRead;
-    }
-    if (filesToRead) {
-	DWORD    prevFileBytes = totalFileBytes;
-        RNG_FileForRNG(file);
-	if (prevFileBytes < totalFileBytes) {
-	    --filesToRead;
-	}
-    }
-    dwNumFiles++;
-    return (totalFileBytes >= maxFileBytes);
-}
-
-static void
-ReadSystemFiles()
-{
-    // first count the number of files
-    dwNumFiles = 0;
-    if (!EnumSystemFiles(CountFiles))
-        return;
-
-    RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
-
-    // now read 10 files
-    filesToRead = 10;
-    if (dwNumFiles == 0)
-        return;
-
-    dwReadEvery = dwNumFiles / 10;
-    if (dwReadEvery == 0)
-        dwReadEvery = 1;  // less than 10 files
-
-    dwNumFiles = 0;
-    EnumSystemFiles(ReadFiles);
-}
-
-void RNG_SystemInfoForRNG(void)
-{
-    DWORD           dwVal;
-    char            buffer[256];
-    int             nBytes;
-#ifdef _WIN32
-    MEMORYSTATUS    sMem;
-    HANDLE          hVal;
-#if !defined(_WIN32_WCE)
-    DWORD           dwSerialNum;
-    DWORD           dwComponentLen;
-    DWORD           dwSysFlags;
-    char            volName[128];
-    DWORD           dwSectors, dwBytes, dwFreeClusters, dwNumClusters;
-#endif
-#else
-    int             iVal;
-    HTASK           hTask;
-    WORD            wDS, wCS;
-    LPSTR           lpszEnv;
-#endif
-
-    nBytes = RNG_GetNoise(buffer, 20);  // get up to 20 bytes
-    RNG_RandomUpdate(buffer, nBytes);
-
-#ifdef _WIN32
-    sMem.dwLength = sizeof(sMem);
-    GlobalMemoryStatus(&sMem);                // assorted memory stats
-    RNG_RandomUpdate(&sMem, sizeof(sMem));
-#if !defined(_WIN32_WCE)
-    dwVal = GetLogicalDrives();
-    RNG_RandomUpdate(&dwVal, sizeof(dwVal));  // bitfields in bits 0-25
-#endif
-#else
-    dwVal = GetFreeSpace(0);
-    RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
-    _asm    mov wDS, ds;
-    _asm    mov wCS, cs;
-    RNG_RandomUpdate(&wDS, sizeof(wDS));
-    RNG_RandomUpdate(&wCS, sizeof(wCS));
-#endif
-
-#ifdef _WIN32
-#if !defined(_WIN32_WCE)
-    dwVal = sizeof(buffer);
-    if (GetComputerName(buffer, &dwVal))
-        RNG_RandomUpdate(buffer, dwVal);
-#endif
-/* XXX This is code that got yanked because of NSPR20.  We should put it
- * back someday.
- */
-#ifdef notdef
-    {
-    POINT ptVal;
-    GetCursorPos(&ptVal);
-    RNG_RandomUpdate(&ptVal, sizeof(ptVal));
-    }
-
-    dwVal = GetQueueStatus(QS_ALLINPUT);      // high and low significant
-    RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
-    {
-    HWND hWnd;
-    hWnd = GetClipboardOwner();               // 2 or 4 bytes
-    RNG_RandomUpdate((void *)&hWnd, sizeof(hWnd));
-    }
-
-    {
-    UUID sUuid;
-    UuidCreate(&sUuid);                       // this will fail on machines with no ethernet
-    RNG_RandomUpdate(&sUuid, sizeof(sUuid));  // boards. shove the bits in regardless
-    }
-#endif
-
-    hVal = GetCurrentProcess();               // 4 byte handle of current task
-    RNG_RandomUpdate(&hVal, sizeof(hVal));
-
-    dwVal = GetCurrentProcessId();            // process ID (4 bytes)
-    RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
-#if !defined(_WIN32_WCE)
-    volName[0] = '\0';
-    buffer[0] = '\0';
-    GetVolumeInformation(NULL,
-                         volName,
-                         sizeof(volName),
-                         &dwSerialNum,
-                         &dwComponentLen,
-                         &dwSysFlags,
-                         buffer,
-                         sizeof(buffer));
-
-    RNG_RandomUpdate(volName,         strlen(volName));
-    RNG_RandomUpdate(&dwSerialNum,    sizeof(dwSerialNum));
-    RNG_RandomUpdate(&dwComponentLen, sizeof(dwComponentLen));
-    RNG_RandomUpdate(&dwSysFlags,     sizeof(dwSysFlags));
-    RNG_RandomUpdate(buffer,          strlen(buffer));
-
-    if (GetDiskFreeSpace(NULL, &dwSectors, &dwBytes, &dwFreeClusters, &dwNumClusters)) {
-        RNG_RandomUpdate(&dwSectors,      sizeof(dwSectors));
-        RNG_RandomUpdate(&dwBytes,        sizeof(dwBytes));
-        RNG_RandomUpdate(&dwFreeClusters, sizeof(dwFreeClusters));
-        RNG_RandomUpdate(&dwNumClusters,  sizeof(dwNumClusters));
-    }
-#endif
-#else   /* is WIN16 */
-    hTask = GetCurrentTask();
-    RNG_RandomUpdate((void *)&hTask, sizeof(hTask));
-
-    iVal = GetNumTasks();
-    RNG_RandomUpdate(&iVal, sizeof(iVal));      // number of running tasks
-
-    lpszEnv = GetDOSEnvironment();
-    while (*lpszEnv != '\0') {
-        RNG_RandomUpdate(lpszEnv, strlen(lpszEnv));
-
-        lpszEnv += strlen(lpszEnv) + 1;
-    }
-#endif  /* is WIN16 */
-
-    // now let's do some files
-    ReadSystemFiles();
-
-    nBytes = RNG_GetNoise(buffer, 20);  // get up to 20 bytes
-    RNG_RandomUpdate(buffer, nBytes);
-}
-
-#if defined(_WIN32_WCE)
-void RNG_FileForRNG(const char *filename)
-{
-    PRFileDesc *    file;
-    int             nBytes;
-    PRFileInfo      infoBuf;
-    unsigned char   buffer[1024];
-
-    /* windows doesn't initialize all the bytes in the stat buf,
-     * so initialize them all here to avoid UMRs.
-     */
-    memset(&infoBuf, 0, sizeof infoBuf);
-
-    if (PR_GetFileInfo(filename, &infoBuf) < 0)
-        return;
-
-    RNG_RandomUpdate((unsigned char*)&infoBuf, sizeof(infoBuf));
-
-    file = PR_Open(filename, PR_RDONLY, 0);
-    if (file != NULL) {
-        for (;;) {
-            PRInt32 bytes = PR_Read(file, buffer, sizeof buffer);
-
-            if (bytes <= 0)
-                break;
-
-            RNG_RandomUpdate(buffer, bytes);
-            totalFileBytes += bytes;
-            if (totalFileBytes > maxFileBytes)
-                break;
-        }
-
-        PR_Close(file);
-    }
-
-    nBytes = RNG_GetNoise(buffer, 20);  // get up to 20 bytes
-    RNG_RandomUpdate(buffer, nBytes);
-}
-
-#else /* not WinCE */
-
-void RNG_FileForRNG(const char *filename)
-{
-    FILE*           file;
-    int             nBytes;
-    struct stat     stat_buf;
-    unsigned char   buffer[1024];
-
-   /* static DWORD    totalFileBytes = 0; */
-
-    /* windows doesn't initialize all the bytes in the stat buf,
-     * so initialize them all here to avoid UMRs.
-     */
-    memset(&stat_buf, 0, sizeof stat_buf);
-
-    if (stat((char *)filename, &stat_buf) < 0)
-        return;
-
-    RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
-
-    file = fopen((char *)filename, "r");
-    if (file != NULL) {
-        for (;;) {
-            size_t  bytes = fread(buffer, 1, sizeof(buffer), file);
-
-            if (bytes == 0)
-                break;
-
-            RNG_RandomUpdate(buffer, bytes);
-            totalFileBytes += bytes;
-            if (totalFileBytes > maxFileBytes)
-                break;
-        }
-
-        fclose(file);
-    }
-
-    nBytes = RNG_GetNoise(buffer, 20);  // get up to 20 bytes
-    RNG_RandomUpdate(buffer, nBytes);
-}
-
-#endif  /* not WinCE */
-#endif  /* is XP_WIN */
diff --git a/security/nss/lib/jar/Makefile b/security/nss/lib/jar/Makefile
deleted file mode 100644
index 063e5daf7..000000000
--- a/security/nss/lib/jar/Makefile
+++ /dev/null
@@ -1,39 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
diff --git a/security/nss/lib/jar/config.mk b/security/nss/lib/jar/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/jar/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/jar/jar-ds.c b/security/nss/lib/jar/jar-ds.c
deleted file mode 100644
index f5a40cad5..000000000
--- a/security/nss/lib/jar/jar-ds.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "jar.h"
-
-/* These are old DS_* routines renamed to ZZ_* */
-
-ZZList *ZZ_NewList()
-  {
-  ZZList *list;
-
-  list = (ZZList *) PORT_ZAlloc (sizeof (ZZList));
-
-  if (list)
-    ZZ_InitList (list);
-
-  return list;
-  }
-
-ZZLink *ZZ_NewLink (JAR_Item *thing)
-  {
-  ZZLink *link;
-
-  link = (ZZLink *) PORT_ZAlloc (sizeof (ZZLink));
-
-  if (link)
-    link->thing = thing;
- 
-  return link;
-  }
-
-void ZZ_DestroyLink (ZZLink *link)
-  {
-  PORT_Free (link);
-  }
-
-void ZZ_DestroyList (ZZList *list)
-  {
-  PORT_Free (list);
-  }
diff --git a/security/nss/lib/jar/jar-ds.h b/security/nss/lib/jar/jar-ds.h
deleted file mode 100644
index 36716d97c..000000000
--- a/security/nss/lib/jar/jar-ds.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __JAR_DS_h_
-#define __JAR_DS_h_
-
-/* Typedefs */
-typedef struct ZZLinkStr ZZLink;
-typedef struct ZZListStr ZZList;
-
-/*
-** Circular linked list. Each link contains a pointer to the object that
-** is actually in the list.
-*/ 
-struct ZZLinkStr 
-{
-    ZZLink *next;
-    ZZLink *prev;
-    JAR_Item *thing;
-};
-
-struct ZZListStr 
-{
-    ZZLink link;
-};
-
-#define ZZ_InitList(lst)	     \
-{				     \
-    (lst)->link.next = &(lst)->link; \
-    (lst)->link.prev = &(lst)->link; \
-    (lst)->link.thing = 0;	     \
-}
-
-#define ZZ_ListEmpty(lst) \
-    ((lst)->link.next == &(lst)->link)
-
-#define ZZ_ListHead(lst) \
-    ((lst)->link.next)
-
-#define ZZ_ListTail(lst) \
-    ((lst)->link.prev)
-
-#define ZZ_ListIterDone(lst,lnk) \
-    ((lnk) == &(lst)->link)
-
-#define ZZ_AppendLink(lst,lnk)	    \
-{				    \
-    (lnk)->next = &(lst)->link;	    \
-    (lnk)->prev = (lst)->link.prev; \
-    (lst)->link.prev->next = (lnk); \
-    (lst)->link.prev = (lnk);	    \
-}
-
-#define ZZ_InsertLink(lst,lnk)	    \
-{				    \
-    (lnk)->next = (lst)->link.next; \
-    (lnk)->prev = &(lst)->link;	    \
-    (lst)->link.next->prev = (lnk); \
-    (lst)->link.next = (lnk);	    \
-}
-
-#define ZZ_RemoveLink(lnk)	     \
-{				     \
-    (lnk)->next->prev = (lnk)->prev; \
-    (lnk)->prev->next = (lnk)->next; \
-    (lnk)->next = 0;		     \
-    (lnk)->prev = 0;		     \
-}
-
-extern ZZLink *ZZ_NewLink (JAR_Item *thing);
-extern void ZZ_DestroyLink (ZZLink *link);
-extern ZZList *ZZ_NewList (void);
-extern void ZZ_DestroyList (ZZList *list);
-
-
-#endif /* __JAR_DS_h_ */
diff --git a/security/nss/lib/jar/jar.c b/security/nss/lib/jar/jar.c
deleted file mode 100644
index cfd46b195..000000000
--- a/security/nss/lib/jar/jar.c
+++ /dev/null
@@ -1,831 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JAR.C
- *
- *  Jarnature.
- *  Routines common to signing and validating.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-static void jar_destroy_list (ZZList *list);
-
-static int jar_find_first_cert 
-    (JAR_Signer *signer, int type, JAR_Item **it);
-
-/*
- *  J A R _ n e w 
- *
- *  Create a new instantiation of a manifest representation.
- *  Use this as a token to any calls to this API.
- *
- */
-
-JAR *JAR_new (void)
-  {
-  JAR *jar;
-
-  if ((jar = (JAR*)PORT_ZAlloc (sizeof (JAR))) == NULL)
-    goto loser;
-
-  if ((jar->manifest = ZZ_NewList()) == NULL)
-    goto loser;
-
-  if ((jar->hashes = ZZ_NewList()) == NULL)
-    goto loser;
-
-  if ((jar->phy = ZZ_NewList()) == NULL)
-    goto loser;
-
-  if ((jar->metainfo = ZZ_NewList()) == NULL)
-    goto loser;
-
-  if ((jar->signers = ZZ_NewList()) == NULL)
-    goto loser;
-
-  return jar;
-
-loser:
-
-  if (jar)
-    {
-    if (jar->manifest)
-      ZZ_DestroyList (jar->manifest);
-
-    if (jar->hashes)
-      ZZ_DestroyList (jar->hashes);
-
-    if (jar->phy)
-      ZZ_DestroyList (jar->phy);
-
-    if (jar->metainfo)
-      ZZ_DestroyList (jar->metainfo);
-
-    if (jar->signers)
-      ZZ_DestroyList (jar->signers);
-
-    PORT_Free (jar);
-    }
-
-  return NULL;
-  }
-
-/* 
- *  J A R _ d e s t r o y
- *
- *  Godzilla.
- *
- */
-
-void PR_CALLBACK JAR_destroy (JAR *jar)
-  {
-  PORT_Assert( jar != NULL );
-
-  if (jar == NULL)
-    return;
-
-  if (jar->fp) JAR_FCLOSE ((PRFileDesc*)jar->fp);
-
-  if (jar->url)      PORT_Free (jar->url);
-  if (jar->filename) PORT_Free (jar->filename);
-
-  /* Free the linked list elements */
-
-  jar_destroy_list (jar->manifest);
-  ZZ_DestroyList (jar->manifest);
-
-  jar_destroy_list (jar->hashes);
-  ZZ_DestroyList (jar->hashes);
-
-  jar_destroy_list (jar->phy);
-  ZZ_DestroyList (jar->phy);
-
-  jar_destroy_list (jar->metainfo);
-  ZZ_DestroyList (jar->metainfo);
-
-  jar_destroy_list (jar->signers);
-  ZZ_DestroyList (jar->signers);
-
-  PORT_Free (jar);
-  }
-
-static void jar_destroy_list (ZZList *list)
-  {
-  ZZLink *link, *oldlink;
-
-  JAR_Item *it;
-
-  JAR_Physical *phy;
-  JAR_Digest *dig;
-  JAR_Cert *fing;
-  JAR_Metainfo *met;
-  JAR_Signer *signer;
-
-  if (list && !ZZ_ListEmpty (list))
-    {
-    link = ZZ_ListHead (list);
-
-    while (!ZZ_ListIterDone (list, link))
-      {
-      it = link->thing;
-      if (!it) goto next;
-
-      if (it->pathname) PORT_Free (it->pathname);
- 
-      switch (it->type)
-        {
-        case jarTypeMeta:
-
-          met = (JAR_Metainfo *) it->data;
-          if (met)
-            {
-            if (met->header) PORT_Free (met->header);
-            if (met->info) PORT_Free (met->info);
-            PORT_Free (met);
-            }
-          break;
-
-	case jarTypePhy:
-
-          phy = (JAR_Physical *) it->data;
-          if (phy)
-            PORT_Free (phy);
-          break;
-
-        case jarTypeSign:
-
-          fing = (JAR_Cert *) it->data;
-          if (fing)
-            {
-            if (fing->cert)
-              CERT_DestroyCertificate (fing->cert);
-            if (fing->key)
-              PORT_Free (fing->key);
-            PORT_Free (fing);
-            }
-	  break;
-
-        case jarTypeSect:
-        case jarTypeMF:
-        case jarTypeSF:
-
-          dig = (JAR_Digest *) it->data;
-          if (dig)
-            {
-            PORT_Free (dig);
-            }
-          break;
-
-        case jarTypeOwner:
-
-          signer = (JAR_Signer *) it->data;
-
-          if (signer)
-            JAR_destroy_signer (signer);
-
-          break;
-
-        default:
-
-          /* PORT_Assert( 1 != 2 ); */
-          break;
-        }
-
-      PORT_Free (it);
-
-    next:
-
-      oldlink = link;
-      link = link->next;
-
-      ZZ_DestroyLink (oldlink);
-      }
-    }
-  }
-
-/*
- *  J A R _ g e t _ m e t a i n f o
- *
- *  Retrieve meta information from the manifest file.
- *  It doesn't matter whether it's from .MF or .SF, does it?
- *
- */
-
-int JAR_get_metainfo
-    (JAR *jar, char *name, char *header, void **info, unsigned long *length)
-  {
-  JAR_Item *it;
-
-  ZZLink *link;
-  ZZList *list;
-
-  JAR_Metainfo *met;
-
-  PORT_Assert( jar != NULL && header != NULL );
-
-  if (jar == NULL || header == NULL)
-    return JAR_ERR_PNF;
-
-  list = jar->metainfo;
-
-  if (ZZ_ListEmpty (list))
-    return JAR_ERR_PNF;
-
-  for (link = ZZ_ListHead (list); 
-       !ZZ_ListIterDone (list, link); 
-       link = link->next)
-    {
-    it = link->thing;
-    if (it->type == jarTypeMeta)
-      {
-      if ((name && !it->pathname) || (!name && it->pathname))
-        continue;
-
-      if (name && it->pathname && strcmp (it->pathname, name))
-        continue;
-
-      met = (JAR_Metainfo *) it->data;
-
-      if (!PORT_Strcasecmp (met->header, header))
-        {
-        *info = PORT_Strdup (met->info);
-        *length = PORT_Strlen (met->info);
-        return 0;
-        }
-      }
-    }
-
-  return JAR_ERR_PNF;
-  }
-
-/*
- *  J A R _ f i n d
- *
- *  Establish the search pattern for use
- *  by JAR_find_next, to traverse the filenames
- *  or certificates in the JAR structure.
- *
- *  See jar.h for a description on how to use.
- *
- */
-
-JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type)
-  {
-  JAR_Context *ctx;
-
-  PORT_Assert( jar != NULL );
-
-  if (!jar)
-    return NULL;
-
-  ctx = (JAR_Context *) PORT_ZAlloc (sizeof (JAR_Context));
-
-  if (ctx == NULL)
-    return NULL;
-
-  ctx->jar = jar;
-
-  if (pattern)
-    {
-    if ((ctx->pattern = PORT_Strdup (pattern)) == NULL)
-      {
-      PORT_Free (ctx);
-      return NULL;
-      }
-    }
-
-  ctx->finding = type;
-
-  switch (type)
-    {
-    case jarTypeMF:     ctx->next = ZZ_ListHead (jar->hashes);
-                        break;
-
-    case jarTypeSF:
-    case jarTypeSign:   ctx->next = NULL;
-                        ctx->nextsign = ZZ_ListHead (jar->signers);
-                        break;
-
-    case jarTypeSect:   ctx->next = ZZ_ListHead (jar->manifest);
-                        break;
-
-    case jarTypePhy:    ctx->next = ZZ_ListHead (jar->phy);
-                        break;
-
-    case jarTypeOwner:  if (jar->signers)
-                          ctx->next = ZZ_ListHead (jar->signers);
-                        else
-                          ctx->next = NULL;
-                        break;
-
-    case jarTypeMeta:   ctx->next = ZZ_ListHead (jar->metainfo);
-                        break;
-
-    default:            PORT_Assert( 1 != 2);
-                        break;
-    }
-
-  return ctx;
-  }
-
-/*
- *  J A R _ f i n d _ e n d
- *
- *  Destroy the find iterator context.
- *
- */
-
-void JAR_find_end (JAR_Context *ctx)
-  {
-  PORT_Assert( ctx != NULL );
-
-  if (ctx)
-    {
-    if (ctx->pattern) 
-      PORT_Free (ctx->pattern);
-    PORT_Free (ctx);
-    }
-  }
-
-/*
- *  J A R _ f i n d _ n e x t
- *
- *  Return the next item of the given type
- *  from one of the JAR linked lists.
- *
- */
-
-int JAR_find_next (JAR_Context *ctx, JAR_Item **it)
-  {
-  JAR *jar;
-  ZZList *list = NULL;
-
-  int finding;
-
-  JAR_Signer *signer = NULL;
-
-  PORT_Assert( ctx != NULL );
-  PORT_Assert( ctx->jar != NULL );
-
-  jar = ctx->jar;
-
-  /* Internally, convert jarTypeSign to jarTypeSF, and return
-     the actual attached certificate later */
-
-  finding = (ctx->finding == jarTypeSign) ? jarTypeSF : ctx->finding;
-
-  if (ctx->nextsign)
-    {
-      if (ZZ_ListIterDone (jar->signers, ctx->nextsign))
-       {
-       *it = NULL;
-       return -1;
-       }
-    PORT_Assert (ctx->nextsign->thing != NULL);
-    signer = (JAR_Signer*)ctx->nextsign->thing->data;
-    }
-
-
-  /* Find out which linked list to traverse. Then if
-     necessary, advance to the next linked list. */
-
-  while (1)
-    {
-    switch (finding)
-      {
-      case jarTypeSign:    /* not any more */
-                           PORT_Assert( finding != jarTypeSign );
-                           list = signer->certs;
-                           break;
-
-      case jarTypeSect:    list = jar->manifest;
-                           break;
-
-      case jarTypePhy:     list = jar->phy;
-                           break;
-
-      case jarTypeSF:      /* signer, not jar */
-                           PORT_Assert( signer != NULL );
-                           list = signer->sf;
-                           break;
-
-      case jarTypeMF:      list = jar->hashes;
-                           break;
-
-      case jarTypeOwner:   list = jar->signers;
-                           break;
-
-      case jarTypeMeta:    list = jar->metainfo;
-                           break;
-
-      default:             PORT_Assert( 1 != 2 );
-                           break;
-      }
-
-    if (list == NULL)
-      {
-      *it = NULL;
-      return -1;
-      }
-
-    /* When looping over lists of lists, advance
-       to the next signer. This is done when multiple
-       signers are possible. */
-
-    if (ZZ_ListIterDone (list, ctx->next))
-      {
-      if (ctx->nextsign && jar->signers) 
-        {
-        ctx->nextsign = ctx->nextsign->next;
-        if (!ZZ_ListIterDone (jar->signers, ctx->nextsign)) 
-          {
-          PORT_Assert (ctx->nextsign->thing != NULL);
-
-          signer = (JAR_Signer*)ctx->nextsign->thing->data;
-          PORT_Assert( signer != NULL );
-
-          ctx->next = NULL;
-          continue;
-          }
-        }
-      *it = NULL;
-      return -1;
-      }
-
-    /* if the signer changed, still need to fill
-       in the "next" link */
-
-    if (ctx->nextsign && ctx->next == NULL)
-      {
-      switch (finding)
-        {
-        case jarTypeSF:
-
-          ctx->next = ZZ_ListHead (signer->sf);
-          break;
-
-        case jarTypeSign:
-
-          ctx->next = ZZ_ListHead (signer->certs);
-          break;
-        }
-      }
-
-    PORT_Assert( ctx->next != NULL );
-
-
-    while (!ZZ_ListIterDone (list, ctx->next))
-      {
-      *it = ctx->next->thing;
-      ctx->next = ctx->next->next;
-
-      if (!it || !*it || (*it)->type != finding)
-        continue;
-
-      if (ctx->pattern && *ctx->pattern)
-        {
-        if (PORT_Strcmp ((*it)->pathname, ctx->pattern))
-          continue;
-        }
-
-      /* We have a valid match. If this is a jarTypeSign
-         return the certificate instead.. */
-
-      if (ctx->finding == jarTypeSign)
-        {
-        JAR_Item *itt;
-
-        /* just the first one for now */
-        if (jar_find_first_cert (signer, jarTypeSign, &itt) >= 0) 
-           {
-           *it = itt;
-           return 0;
-           }
-
-        continue;      
-        }
-
-      return 0;
-      }
-
-    } /* end while */
-  }
-
-static int jar_find_first_cert 
-    (JAR_Signer *signer, int type, JAR_Item **it)
-  {
-  ZZLink *link;
-  ZZList *list;
-
-  int status = JAR_ERR_PNF;
-
-  list = signer->certs;
-
-  *it = NULL;
-
-  if (ZZ_ListEmpty (list))
-    {
-    /* empty list */
-    return JAR_ERR_PNF;
-    }
-
-  for (link = ZZ_ListHead (list); 
-       !ZZ_ListIterDone (list, link); 
-       link = link->next)
-    {
-    if (link->thing->type == type)
-      {
-      *it = link->thing;
-      status = 0;
-      break;
-      }
-    }
-
-  return status;
-  }
-
-JAR_Signer *JAR_new_signer (void)
-  {
-  JAR_Signer *signer;
-
-  signer = (JAR_Signer *) PORT_ZAlloc (sizeof (JAR_Signer));
-
-  if (signer == NULL)
-    goto loser;
-
-
-  /* certs */
-  signer->certs = ZZ_NewList();
-
-  if (signer->certs == NULL)
-    goto loser;
-
-
-  /* sf */
-  signer->sf = ZZ_NewList();
-
-  if (signer->sf == NULL)
-    goto loser;
-
-
-  return signer;
-
-
-loser:
-
-  if (signer)
-    {
-    if (signer->certs) 
-      ZZ_DestroyList (signer->certs);
-
-    if (signer->sf) 
-      ZZ_DestroyList (signer->sf);
-
-    PORT_Free (signer);
-    }
-
-  return NULL;
-  }
-
-void JAR_destroy_signer (JAR_Signer *signer)
-  {
-  if (signer)
-    {
-    if (signer->owner) PORT_Free (signer->owner);
-    if (signer->digest) PORT_Free (signer->digest);
-
-    jar_destroy_list (signer->sf);
-    ZZ_DestroyList (signer->sf);
-
-    jar_destroy_list (signer->certs);
-    ZZ_DestroyList (signer->certs);
-
-    PORT_Free (signer);
-    }
-  }
-
-JAR_Signer *jar_get_signer (JAR *jar, char *basename)
-  {
-  JAR_Item *it;
-  JAR_Context *ctx;
-
-  JAR_Signer *candidate;
-  JAR_Signer *signer = NULL;
-
-  ctx = JAR_find (jar, NULL, jarTypeOwner);
-
-  if (ctx == NULL)
-    return NULL;
-
-  while (JAR_find_next (ctx, &it) >= 0)
-    {
-    candidate = (JAR_Signer *) it->data;
-    if (*basename == '*' || !PORT_Strcmp (candidate->owner, basename))
-      {
-      signer = candidate;
-      break;
-      }
-    }
-
-  JAR_find_end (ctx);
-
-  return signer;
-  }
-
-/*
- *  J A R _ g e t _ f i l e n a m e
- *
- *  Returns the filename associated with
- *  a JAR structure.
- *
- */
-
-char *JAR_get_filename (JAR *jar)
-  {
-  return jar->filename;
-  }
-
-/*
- *  J A R _ g e t _ u r l
- *
- *  Returns the URL associated with
- *  a JAR structure. Nobody really uses this now.
- *
- */
-
-char *JAR_get_url (JAR *jar)
-  {
-  return jar->url;
-  }
-
-/*
- *  J A R _ s e t _ c a l l b a c k
- *
- *  Register some manner of callback function for this jar. 
- *
- */
-
-int JAR_set_callback (int type, JAR *jar, 
-      int (*fn) (int status, JAR *jar, 
-         const char *metafile, char *pathname, char *errortext))
-  {
-  if (type == JAR_CB_SIGNAL)
-    {
-    jar->signal = fn;
-    return 0;
-    }
-  else
-    return -1;
-  }
-
-/*
- *  Callbacks
- *
- */
-
-/* To return an error string */
-char *(*jar_fn_GetString) (int) = NULL;
-
-/* To return an MWContext for Java */
-void *(*jar_fn_FindSomeContext) (void) = NULL;
-
-/* To fabricate an MWContext for FE_GetPassword */
-void *(*jar_fn_GetInitContext) (void) = NULL;
-
-void
-JAR_init_callbacks
-     ( 
-     char *(*string_cb)(int), 
-     void *(*find_cx)(void), 
-     void *(*init_cx)(void) 
-     )
-  {
-  jar_fn_GetString = string_cb;
-  jar_fn_FindSomeContext = find_cx;
-  jar_fn_GetInitContext = init_cx;
-  }
-
-/*
- *  J A R _ g e t _ e r r o r
- *
- *  This is provided to map internal JAR errors to strings for
- *  the Java console. Also, a DLL may call this function if it does
- *  not have access to the XP_GetString function.
- *
- *  These strings aren't UI, since they are Java console only.
- *
- */
-
-char *JAR_get_error (int status)
-  { 
-  char *errstring = NULL;
-
-  switch (status)
-    {
-    case JAR_ERR_GENERAL:
-      errstring = "General JAR file error";
-      break;
-
-    case JAR_ERR_FNF:
-      errstring = "JAR file not found";
-      break;
-
-    case JAR_ERR_CORRUPT:
-      errstring = "Corrupt JAR file";
-      break;
-
-    case JAR_ERR_MEMORY:
-      errstring = "Out of memory";
-      break;
-
-    case JAR_ERR_DISK:
-      errstring = "Disk error (perhaps out of space)";
-      break;
-
-    case JAR_ERR_ORDER:
-      errstring = "Inconsistent files in META-INF directory";
-      break;
-
-    case JAR_ERR_SIG:
-      errstring = "Invalid digital signature file";
-      break;
-
-    case JAR_ERR_METADATA:
-      errstring = "JAR metadata failed verification";
-      break;
-
-    case JAR_ERR_ENTRY:
-      errstring = "No Manifest entry for this JAR entry";
-      break;
-
-    case JAR_ERR_HASH:
-      errstring = "Invalid Hash of this JAR entry";
-      break;
-
-    case JAR_ERR_PK7:
-      errstring = "Strange PKCS7 or RSA failure";
-      break;
-
-    case JAR_ERR_PNF:
-      errstring = "Path not found inside JAR file";
-      break;
-
-    default:
-      if (jar_fn_GetString)
-        {
-        errstring = jar_fn_GetString (status);
-        }
-      else
-        {
-        /* this is not a normal situation, and would only be
-           called in cases of improper initialization */
-
-        char *err;
-
-        err = (char*)PORT_Alloc (40);
-        if (err)
-          PR_snprintf (err, 39,  "Error %d\n", status);
-        else
-          err = "Error! Bad! Out of memory!";
-
-        return err;
-        }
-      break;
-    }
-
-  return errstring;
-  }
diff --git a/security/nss/lib/jar/jar.h b/security/nss/lib/jar/jar.h
deleted file mode 100644
index d132f2579..000000000
--- a/security/nss/lib/jar/jar.h
+++ /dev/null
@@ -1,478 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __JAR_h_
-#define __JAR_h_
-
-/*
- *  In general, any functions that return pointers
- *  have memory owned by the caller.
- *
- */
-
-/* security includes */
-#include "cert.h"
-#include "hasht.h"
-
-/* nspr 2.0 includes */
-#include "prio.h"
-
-#ifndef ZHUGEP
-#ifdef XP_WIN16
-#define ZHUGEP __huge
-#else
-#define ZHUGEP
-#endif
-#endif
-
-#include <stdio.h>
-
-/* various types */
-
-typedef enum
-  {
-  jarTypeMF = 2,
-  jarTypeSF = 3,
-  jarTypeMeta = 6,
-  jarTypePhy = 7,
-  jarTypeSign = 10,
-  jarTypeSect = 11,
-  jarTypeOwner = 13
-  }
-jarType;
-
-/* void data in ZZList's contain JAR_Item type */
-
-typedef struct JAR_Item_
-  {
-  char *pathname;        /* relative. inside zip file */
-  jarType type;          /* various types */
-  size_t size;           /* size of data below */
-  void *data;            /* totally opaque */
-  }
-JAR_Item;
-
-
-/* hashes */
-
-typedef enum
-  {
-  jarHashNone = 0,
-  jarHashBad = 1,
-  jarHashPresent = 2
-  }
-jarHash;
-
-typedef struct JAR_Digest_
-  {
-  jarHash md5_status;
-  unsigned char md5 [MD5_LENGTH];
-  jarHash sha1_status;
-  unsigned char sha1 [SHA1_LENGTH];
-  }
-JAR_Digest;
-
-
-/* physical archive formats */
-
-typedef enum
-  {
-  jarArchGuess = 0,
-  jarArchNone = 1,
-  jarArchZip = 2,
-  jarArchTar = 3
-  }
-jarArch;
-
-
-#include "jar-ds.h"
-
-/* jar object */
-
-typedef struct JAR_
-  {
-  jarArch format;       /* physical archive format */ 
-  char *url;            /* Where it came from */
-  char *filename;       /* Disk location */
-  FILE *fp;             /* For multiple extractions */    /* JAR_FILE */
-
-  /* various linked lists */
-
-  ZZList *manifest;     /* Digests of MF sections */
-  ZZList *hashes;       /* Digests of actual signed files */
-  ZZList *phy;          /* Physical layout of JAR file */
-  ZZList *metainfo;     /* Global metainfo */
-
-  JAR_Digest *globalmeta;  /* digest of .MF global portion */
-
-  /* Below will change to a linked list to support multiple sigs */
-
-  int pkcs7;            /* Enforced opaqueness */
-  int valid;            /* PKCS7 signature validated */
-
-  ZZList *signers;      /* the above, per signer */
-
-  /* Window context, very necessary for PKCS11 now */
-
-  void *mw;             /* MWContext window context */
-
-  /* Signal callback function */
-
-  int (*signal) (int status, struct JAR_ *jar, 
-     const char *metafile, char *pathname, char *errorstring);
-  }
-JAR;
-
-
-/*
- *  Iterator
- *
- *  Context for iterative operations. Certain operations
- *  require iterating multiple linked lists because of
- *  multiple signers. "nextsign" is used for this purpose.
- *
- */
-
-typedef struct JAR_Context_
-  {
-  JAR *jar;             /* Jar we are searching */
-  char *pattern;        /* Regular expression */
-  jarType finding;      /* Type of item to find */
-  ZZLink *next;         /* Next item in find */
-  ZZLink *nextsign;     /* Next signer, sometimes */
-  }
-JAR_Context;
-
-typedef struct JAR_Signer_
-  {
-  int pkcs7;            /* Enforced opaqueness */
-  int valid;            /* PKCS7 signature validated */
-  char *owner;          /* name of .RSA file */
-  JAR_Digest *digest;   /* of .SF file */
-  ZZList *sf;           /* Linked list of .SF file contents */
-  ZZList *certs;        /* Signing information */
-  }
-JAR_Signer;
-
-
-/* Meta informaton, or "policy", from the manifest file.
-   Right now just one tuple per JAR_Item. */
-
-typedef struct JAR_Metainfo_
-  {
-  char *header;
-  char *info;
-  }
-JAR_Metainfo;
-
-/* This should not be global */
-
-typedef struct JAR_Physical_
-  {
-  unsigned char compression;
-  unsigned long offset;
-  unsigned long length;
-  unsigned long uncompressed_length;
-#if defined(XP_UNIX) || defined(XP_BEOS)
-  uint16 mode;
-#endif
-  }
-JAR_Physical;
-
-typedef struct JAR_Cert_
-  {
-  size_t length;
-  void *key;
-  CERTCertificate *cert;
-  }
-JAR_Cert;
-
-
-/* certificate stuff */
-
-typedef enum
-  {
-  jarCertCompany = 1,
-  jarCertCA = 2,
-  jarCertSerial = 3,
-  jarCertExpires = 4,
-  jarCertNickname = 5,
-  jarCertFinger = 6,
-  jarCertJavaHack = 100
-  }
-jarCert;
-
-/* callback types */
-
-#define JAR_CB_SIGNAL	1
-
-
-/* 
- *  This is the base for the JAR error codes. It will
- *  change when these are incorporated into allxpstr.c,
- *  but right now they won't let me put them there.
- *
- */
-
-#ifndef SEC_ERR_BASE
-#define SEC_ERR_BASE		(-0x2000)
-#endif
- 
-#define JAR_BASE		SEC_ERR_BASE + 300
-
-/* Jar specific error definitions */
-
-#define JAR_ERR_GENERAL         (JAR_BASE + 1)
-#define JAR_ERR_FNF		(JAR_BASE + 2)
-#define JAR_ERR_CORRUPT		(JAR_BASE + 3)
-#define JAR_ERR_MEMORY		(JAR_BASE + 4)
-#define JAR_ERR_DISK		(JAR_BASE + 5)
-#define JAR_ERR_ORDER           (JAR_BASE + 6)
-#define JAR_ERR_SIG		(JAR_BASE + 7)
-#define JAR_ERR_METADATA        (JAR_BASE + 8)
-#define JAR_ERR_ENTRY		(JAR_BASE + 9)
-#define JAR_ERR_HASH		(JAR_BASE + 10)
-#define JAR_ERR_PK7		(JAR_BASE + 11)
-#define JAR_ERR_PNF		(JAR_BASE + 12)
-
-
-/*
- *  Birth and death 
- *
- */
-
-extern JAR *JAR_new (void);
-
-extern void PR_CALLBACK JAR_destroy (JAR *jar);
-
-extern char *JAR_get_error (int status);
-
-extern int JAR_set_callback (int type, JAR *jar, 
-  int (*fn) (int status, JAR *jar, 
-  const char *metafile, char *pathname, char *errortext));
-
-extern void JAR_init_callbacks
-  ( char *(*string_cb)(int), void *(*find_cx)(void), void *(*init_cx)(void) );
-
-/*
- *  JAR_set_context
- *
- *  PKCS11 may require a password to be entered by the user
- *  before any crypto routines may be called. This will require
- *  a window context if used from inside Mozilla.
- *
- *  Call this routine with your context before calling 
- *  verifying or signing. If you have no context, call with NULL
- *  and one will be chosen for you.
- *
- */
-
-int JAR_set_context (JAR *jar, void /*MWContext*/ *mw);
-
-/*
- *  Iterative operations
- *
- *  JAR_find sets up for repeated calls with JAR_find_next.
- *  I never liked findfirst and findnext, this is nicer.
- *
- *  Pattern contains a relative pathname to match inside the
- *  archive. It is currently assumed to be "*".
- *
- *  To use:
- *
- *     JAR_Item *item;
- *     JAR_find (jar, "*.class", jarTypeMF);
- *     while (JAR_find_next (jar, &item) >= 0) 
- *       { do stuff }
- *
- */
-
-
-/* Replacement functions with an external context */
-
-extern JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type);
-
-extern int JAR_find_next (JAR_Context *ctx, JAR_Item **it);
-
-extern void JAR_find_end (JAR_Context *ctx);
-
-
-/*
- *  Function to parse manifest file:
- *
- *  Many signatures may be attached to a single filename located
- *  inside the zip file. We only support one.
- *
- *  Several manifests may be included in the zip file. 
- *
- *  You must pass the MANIFEST.MF file before any .SF files.
- *
- *  Right now this returns a big ole list, privately in the jar structure.
- *  If you need to traverse it, use JAR_find if possible.
- *
- *  The path is needed to determine what type of binary signature is
- *  being passed, though it is technically not needed for manifest files.
- *
- *  When parsing an ASCII file, null terminate the ASCII raw_manifest
- *  prior to sending it, and indicate a length of 0. For binary digital
- *  signatures only, indicate the true length of the signature.
- *  (This is legacy behavior.)
- *
- *  You may free the manifest after parsing it.
- *
- */
-
-extern int JAR_parse_manifest 
-    (JAR *jar, char ZHUGEP *raw_manifest, 
-       long length, const char *path, const char *url);
-
-/*
- *  Verify data (nonstreaming). The signature is actually
- *  checked by JAR_parse_manifest or JAR_pass_archive.
- *
- */
-
-extern JAR_Digest * PR_CALLBACK JAR_calculate_digest 
-    (void ZHUGEP *data, long length);
-
-extern int PR_CALLBACK JAR_verify_digest
-    (JAR *jar, const char *name, JAR_Digest *dig);
-
-extern int JAR_digest_file (char *filename, JAR_Digest *dig);
-
-/*
- *  Get attribute from certificate:
- *
- *  Returns any special signed attribute associated with this cert
- *  or signature (passed in "data"). Attributes jarCert*. Most of the time
- *  this will return a zero terminated string.
- *
- */
-
-extern int PR_CALLBACK JAR_cert_attribute
-    (JAR *jar, jarCert attrib, long keylen, void *key, 
-       void **result, unsigned long *length);
-
-/*
- *  Meta information
- *
- *  Currently, since this call does not support passing of an owner
- *  (certificate, or physical name of the .sf file), it is restricted to
- *  returning information located in the manifest.mf file. 
- *
- *  Meta information is a name/value pair inside the archive file. Here,
- *  the name is passed in *header and value returned in **info.
- *
- *  Pass a NULL as the name to retrieve metainfo from the global section.
- *
- *  Data is returned in **info, of size *length. The return value
- *  will indicate if no data was found.
- *
- */
-
-extern int JAR_get_metainfo
-    (JAR *jar, char *name, char *header, void **info, unsigned long *length);
-
-extern char *JAR_get_filename (JAR *jar);
-
-extern char *JAR_get_url (JAR *jar);
-
-/*
- *  Return an HTML mockup of a certificate or signature.
- *
- *  Returns a zero terminated ascii string
- *  in raw HTML format.
- *
- */
-
-extern char *JAR_cert_html
-    (JAR *jar, int style, long keylen, void *key, int *result);
-
-/* save the certificate with this fingerprint in persistent
-   storage, somewhere, for retrieval in a future session when there 
-   is no corresponding JAR structure. */
-
-extern int PR_CALLBACK JAR_stash_cert
-        (JAR *jar, long keylen, void *key);
-
-/* retrieve a certificate presumably stashed with the above
-   function, but may be any certificate. Type is &CERTCertificate */
-
-void *JAR_fetch_cert (long length, void *key);
-
-/*
- *  New functions to handle archives alone
- *    (call JAR_new beforehand)
- *
- *  JAR_pass_archive acts much like parse_manifest. Certificates
- *  are returned in the JAR structure but as opaque data. When calling 
- *  JAR_verified_extract you still need to decide which of these 
- *  certificates to honor. 
- *
- *  Code to examine a JAR structure is in jarbert.c. You can obtain both 
- *  a list of filenames and certificates from traversing the linked list.
- *
- */
-
-extern int JAR_pass_archive
-    (JAR *jar, jarArch format, char *filename, const char *url);
-
-/*
- * Same thing, but don't check signatures
- */
-extern int JAR_pass_archive_unverified
-    (JAR *jar, jarArch format, char *filename, const char *url);
-
-/*
- *  Extracts a relative pathname from the archive and places it
- *  in the filename specified. 
- * 
- *  Call JAR_set_nailed if you want to keep the file descriptors
- *  open between multiple calls to JAR_verify_extract.
- *
- */
-
-extern int JAR_verified_extract
-    (JAR *jar, char *path, char *outpath);
-
-/*
- *  JAR_extract does no crypto checking. This can be used if you
- *  need to extract a manifest file or signature, etc.
- *
- */
-
-extern int JAR_extract
-    (JAR *jar, char *path, char *outpath);
-
-
-#endif /* __JAR_h_ */ 
diff --git a/security/nss/lib/jar/jarevil.c b/security/nss/lib/jar/jarevil.c
deleted file mode 100644
index cced82b7d..000000000
--- a/security/nss/lib/jar/jarevil.c
+++ /dev/null
@@ -1,573 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JAREVIL
- *
- *  Wrappers to callback in the mozilla thread
- *
- *  Certificate code is unsafe when called outside the
- *  mozilla thread. These functions push an event on the
- *  queue to cause the cert function to run in that thread. 
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-#include "jarevil.h"
-#include "certdb.h"
-
-/* from libevent.h */
-#ifdef MOZILLA_CLIENT_OLD
-typedef void (*ETVoidPtrFunc) (void * data);
-extern void ET_moz_CallFunction (ETVoidPtrFunc fn, void *data);
-
-extern void *mozilla_event_queue;
-#endif
-
-
-/* Special macros facilitate running on Win 16 */
-#if defined(XP_WIN16)
-
-  /* 
-   * Allocate the data passed to the callback functions from the heap...
-   *
-   * This inter-thread structure cannot reside on a thread stack since the 
-   * thread's stack is swapped away with the thread under Win16...
-   */
-
- #define ALLOC_OR_DEFINE(type, pointer_var_name, out_of_memory_return_value) \
-         type * pointer_var_name = PORT_ZAlloc (sizeof(type));               \
-         do {                                                                \
-           if (!pointer_var_name)                                            \
-             return (out_of_memory_return_value);                            \
-         } while (0)   /* and now a semicolon can follow :-) */
-
- #define FREE_IF_ALLOC_IS_USED(pointer_var_name) PORT_Free(pointer_var_name)
-
-#else /* not win 16... so we can alloc via auto variables */
-
- #define ALLOC_OR_DEFINE(type, pointer_var_name, out_of_memory_return_value) \
-         type actual_structure_allocated_in_macro;                           \
-         type * pointer_var_name = &actual_structure_allocated_in_macro;     \
-         PORT_Memset (pointer_var_name, 0, sizeof (*pointer_var_name));      \
-         ((void) 0) /* and now a semicolon can follow  */
-
- #define FREE_IF_ALLOC_IS_USED(pointer_var_name) ((void) 0)
-
-#endif /* not Win 16 */
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_encode
- *
- *  Call SEC_PKCS7Encode inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_encode
-  {
-  int error;
-  SECStatus status;
-  SEC_PKCS7ContentInfo *cinfo;
-  SEC_PKCS7EncoderOutputCallback outputfn;
-  void *outputarg;
-  PK11SymKey *bulkkey;
-  SECKEYGetPasswordKey pwfn;
-  void *pwfnarg;
-  };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_encode_fn (void *data)
-  {
-  SECStatus status;
-  struct EVIL_encode *encode_data = (struct EVIL_encode *)data;
-
-  PORT_SetError (encode_data->error);
-
-  status = SEC_PKCS7Encode (encode_data->cinfo, encode_data->outputfn, 
-                            encode_data->outputarg, encode_data->bulkkey, 
-                            encode_data->pwfn, encode_data->pwfnarg);
-
-  encode_data->status = status;
-  encode_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-SECStatus jar_moz_encode
-      (
-      SEC_PKCS7ContentInfo *cinfo,
-      SEC_PKCS7EncoderOutputCallback  outputfn,
-      void *outputarg,
-      PK11SymKey *bulkkey,
-      SECKEYGetPasswordKey pwfn,
-      void *pwfnarg
-      )
-  {
-  SECStatus ret;
-  ALLOC_OR_DEFINE(struct EVIL_encode, encode_data, SECFailure);
-
-  encode_data->error     = PORT_GetError();
-  encode_data->cinfo     = cinfo;
-  encode_data->outputfn  = outputfn;
-  encode_data->outputarg = outputarg;
-  encode_data->bulkkey   = bulkkey;
-  encode_data->pwfn      = pwfn;
-  encode_data->pwfnarg   = pwfnarg;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_encode_fn, encode_data);
-  else
-    jar_moz_encode_fn (encode_data);
-#else
-  jar_moz_encode_fn (encode_data);
-#endif
-
-  PORT_SetError (encode_data->error);
-  ret = encode_data->status;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(encode_data);
-  return ret;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_verify
- *
- *  Call SEC_PKCS7VerifyDetachedSignature inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_verify
-  {
-  int error;
-  SECStatus status;
-  SEC_PKCS7ContentInfo *cinfo;
-  SECCertUsage certusage;
-  SECItem *detached_digest;
-  HASH_HashType digest_type;
-  PRBool keepcerts;
-  };
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_verify_fn (void *data)
-  {
-	PRBool result;
-  struct EVIL_verify *verify_data = (struct EVIL_verify *)data;
-
-  PORT_SetError (verify_data->error);
-
-  result = SEC_PKCS7VerifyDetachedSignature
-        (verify_data->cinfo, verify_data->certusage, verify_data->detached_digest, 
-         verify_data->digest_type, verify_data->keepcerts);
-	
-
-  verify_data->status = result==PR_TRUE ? SECSuccess : SECFailure;
-  verify_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-SECStatus jar_moz_verify
-      (
-      SEC_PKCS7ContentInfo *cinfo,
-      SECCertUsage certusage,
-      SECItem *detached_digest,
-      HASH_HashType digest_type,
-      PRBool keepcerts
-      )
-  {
-  SECStatus ret;
-  ALLOC_OR_DEFINE(struct EVIL_verify, verify_data, SECFailure);
-
-  verify_data->error           = PORT_GetError();
-  verify_data->cinfo           = cinfo;
-  verify_data->certusage       = certusage;
-  verify_data->detached_digest = detached_digest;
-  verify_data->digest_type     = digest_type;
-  verify_data->keepcerts       = keepcerts;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_verify_fn, verify_data);
-  else
-    jar_moz_verify_fn (verify_data);
-#else
-  jar_moz_verify_fn (verify_data);
-#endif
-
-  PORT_SetError (verify_data->error);
-  ret = verify_data->status;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(verify_data);
-  return ret;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_nickname
- *
- *  Call CERT_FindCertByNickname inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_nickname
-  {
-  int error;
-  CERTCertDBHandle *certdb;
-  char *nickname;
-  CERTCertificate *cert;
-  };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_nickname_fn (void *data)
-  {
-  CERTCertificate *cert;
-  struct EVIL_nickname *nickname_data = (struct EVIL_nickname *)data;
-
-  PORT_SetError (nickname_data->error);
-
-  cert = CERT_FindCertByNickname (nickname_data->certdb, nickname_data->nickname);
-
-  nickname_data->cert  = cert;
-  nickname_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-CERTCertificate *jar_moz_nickname (CERTCertDBHandle *certdb, char *nickname)
-  {
-  CERTCertificate *cert;
-  ALLOC_OR_DEFINE(struct EVIL_nickname, nickname_data, NULL );
-
-  nickname_data->error    = PORT_GetError();
-  nickname_data->certdb   = certdb;
-  nickname_data->nickname = nickname;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_nickname_fn, nickname_data);
-  else
-    jar_moz_nickname_fn (nickname_data);
-#else
-  jar_moz_nickname_fn (nickname_data);
-#endif
-
-  PORT_SetError (nickname_data->error);
-  cert = nickname_data->cert;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(nickname_data);
-  return cert;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_perm
- *
- *  Call CERT_AddTempCertToPerm inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_perm
-  {
-  int error;
-  SECStatus status;
-  CERTCertificate *cert;
-  char *nickname;
-  CERTCertTrust *trust;
-  };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_perm_fn (void *data)
-  {
-  SECStatus status;
-  struct EVIL_perm *perm_data = (struct EVIL_perm *)data;
-
-  PORT_SetError (perm_data->error);
-
-  status = CERT_AddTempCertToPerm (perm_data->cert, perm_data->nickname, perm_data->trust);
-
-  perm_data->status = status;
-  perm_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-SECStatus jar_moz_perm 
-    (CERTCertificate *cert, char *nickname, CERTCertTrust *trust)
-  {
-  SECStatus ret;
-  ALLOC_OR_DEFINE(struct EVIL_perm, perm_data, SECFailure);
-
-  perm_data->error    = PORT_GetError();
-  perm_data->cert     = cert;
-  perm_data->nickname = nickname;
-  perm_data->trust    = trust;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_perm_fn, perm_data);
-  else
-    jar_moz_perm_fn (perm_data);
-#else
-  jar_moz_perm_fn (perm_data);
-#endif
-
-  PORT_SetError (perm_data->error);
-  ret = perm_data->status;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(perm_data);
-  return ret;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_certkey
- *
- *  Call CERT_FindCertByKey inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_certkey
-  {
-  int error;
-  CERTCertificate *cert;
-  CERTCertDBHandle *certdb;
-  CERTIssuerAndSN *seckey;
-  };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_certkey_fn (void *data)
-  {
-  CERTCertificate *cert;
-  struct EVIL_certkey *certkey_data = (struct EVIL_certkey *)data;
-
-  PORT_SetError (certkey_data->error);
-
-  cert=CERT_FindCertByIssuerAndSN(certkey_data->certdb, certkey_data->seckey);
-
-  certkey_data->cert = cert;
-  certkey_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-CERTCertificate *jar_moz_certkey (CERTCertDBHandle *certdb, 
-						CERTIssuerAndSN *seckey)
-  {
-  CERTCertificate *cert;
-  ALLOC_OR_DEFINE(struct EVIL_certkey, certkey_data, NULL);
-
-  certkey_data->error  = PORT_GetError();
-  certkey_data->certdb = certdb;
-  certkey_data->seckey = seckey;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_certkey_fn, certkey_data);
-  else
-    jar_moz_certkey_fn (certkey_data);
-#else
-  jar_moz_certkey_fn (certkey_data);
-#endif
-
-  PORT_SetError (certkey_data->error);
-  cert = certkey_data->cert;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(certkey_data);
-  return cert;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_issuer
- *
- *  Call CERT_FindCertIssuer inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_issuer
-  {
-  int error;
-  CERTCertificate *cert;
-  CERTCertificate *issuer;
-  };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_issuer_fn (void *data)
-  {
-  CERTCertificate *issuer;
-  struct EVIL_issuer *issuer_data = (struct EVIL_issuer *)data;
-
-  PORT_SetError (issuer_data->error);
-
-  issuer = CERT_FindCertIssuer (issuer_data->cert, PR_Now(),
-				certUsageObjectSigner);
-
-  issuer_data->issuer = issuer;
-  issuer_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-CERTCertificate *jar_moz_issuer (CERTCertificate *cert)
-  {
-  CERTCertificate *issuer_cert;
-  ALLOC_OR_DEFINE(struct EVIL_issuer, issuer_data, NULL);
-
-  issuer_data->error = PORT_GetError();
-  issuer_data->cert  = cert;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_issuer_fn, issuer_data);
-  else
-    jar_moz_issuer_fn (issuer_data);
-#else
-  jar_moz_issuer_fn (issuer_data);
-#endif
-
-  PORT_SetError (issuer_data->error);
-  issuer_cert = issuer_data->issuer;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(issuer_data);
-  return issuer_cert;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- *  JAR_MOZ_dup
- *
- *  Call CERT_DupCertificate inside
- *  the mozilla thread
- *
- */
-
-struct EVIL_dup
-  {
-  int error;
-  CERTCertificate *cert;
-  CERTCertificate *return_cert;
-  };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_dup_fn (void *data)
-  {
-  CERTCertificate *return_cert;
-  struct EVIL_dup *dup_data = (struct EVIL_dup *)data;
-
-  PORT_SetError (dup_data->error);
-
-  return_cert = CERT_DupCertificate (dup_data->cert);
-
-  dup_data->return_cert = return_cert;
-  dup_data->error = PORT_GetError();
-  }
-
-
-/* Wrapper for the ET_MOZ call */
- 
-CERTCertificate *jar_moz_dup (CERTCertificate *cert)
-  {
-  CERTCertificate *dup_cert;
-  ALLOC_OR_DEFINE(struct EVIL_dup, dup_data, NULL);
-
-  dup_data->error = PORT_GetError();
-  dup_data->cert  = cert;
-
-  /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
-  if (mozilla_event_queue)
-    ET_moz_CallFunction (jar_moz_dup_fn, dup_data);
-  else
-    jar_moz_dup_fn (dup_data);
-#else
-  jar_moz_dup_fn (dup_data);
-#endif
-
-  PORT_SetError (dup_data->error);
-  dup_cert = dup_data->return_cert;
-
-  /* Free the data passed to the callback function... */
-  FREE_IF_ALLOC_IS_USED(dup_data);
-  return dup_cert;
-  }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
diff --git a/security/nss/lib/jar/jarevil.h b/security/nss/lib/jar/jarevil.h
deleted file mode 100644
index 95b4f6883..000000000
--- a/security/nss/lib/jar/jarevil.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  jarevil.h
- *
- *  dot H file for calls to mozilla thread
- *  from within jarver.c 
- *
- */
-
-#include "certt.h"
-#include "secpkcs7.h"
-
-extern SECStatus jar_moz_encode
-      (
-      SEC_PKCS7ContentInfo *cinfo,
-      SEC_PKCS7EncoderOutputCallback  outputfn,
-      void *outputarg,
-      PK11SymKey *bulkkey,
-      SECKEYGetPasswordKey pwfn,
-      void *pwfnarg
-      );
-
-extern SECStatus jar_moz_verify
-      (
-      SEC_PKCS7ContentInfo *cinfo,
-      SECCertUsage certusage,
-      SECItem *detached_digest,
-      HASH_HashType digest_type,
-      PRBool keepcerts
-      );
-
-extern CERTCertificate *jar_moz_nickname 
-   (CERTCertDBHandle *certdb, char *nickname);
-
-extern SECStatus jar_moz_perm 
-  (CERTCertificate *cert, char *nickname, CERTCertTrust *trust);
- 
-extern CERTCertificate *jar_moz_certkey 
-  (CERTCertDBHandle *certdb, CERTIssuerAndSN *seckey);
-
-extern CERTCertificate *jar_moz_issuer (CERTCertificate *cert);
-
-extern CERTCertificate *jar_moz_dup (CERTCertificate *cert);
-
diff --git a/security/nss/lib/jar/jarfile.c b/security/nss/lib/jar/jarfile.c
deleted file mode 100644
index 19a3eaa02..000000000
--- a/security/nss/lib/jar/jarfile.c
+++ /dev/null
@@ -1,1151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JARFILE
- *
- *  Parsing of a Jar file
- */
-
-#define JAR_SIZE 256
-
-#include "jar.h"
-
-#include "jarint.h"
-#include "jarfile.h"
-
-/* commercial compression */
-#include "jzlib.h"
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include "sys/stat.h"
-#endif
-
-#include "sechash.h"	/* for HASH_GetHashObject() */
-
-/* extracting */
-
-static int jar_guess_jar (char *filename, JAR_FILE fp);
-
-static int jar_inflate_memory 
-   (unsigned int method, long *length, long expected_out_len, char ZHUGEP **data);
-
-static int jar_physical_extraction 
-   (JAR_FILE fp, char *outpath, long offset, long length);
-
-static int jar_physical_inflate
-   (JAR_FILE fp, char *outpath, long offset, 
-         long length, unsigned int method);
-
-static int jar_verify_extract 
-   (JAR *jar, char *path, char *physical_path);
-
-static JAR_Physical *jar_get_physical (JAR *jar, char *pathname);
-
-static int jar_extract_manifests (JAR *jar, jarArch format, JAR_FILE fp);
-
-static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext);
-
-
-/* indexing */
-
-static int jar_gen_index (JAR *jar, jarArch format, JAR_FILE fp);
-
-static int jar_listtar (JAR *jar, JAR_FILE fp);
-
-static int jar_listzip (JAR *jar, JAR_FILE fp);
-
-
-/* conversions */
-
-static int dosdate (char *date, char *s);
-
-static int dostime (char *time, char *s);
-
-static unsigned int xtoint (unsigned char *ii);
-
-static unsigned long xtolong (unsigned char *ll);
-
-static long atoo (char *s);
-
-/*
- *  J A R _ p a s s _ a r c h i v e
- *
- *  For use by naive clients. Slam an entire archive file
- *  into this function. We extract manifests, parse, index
- *  the archive file, and do whatever nastiness.
- *
- */
-
-int JAR_pass_archive
-    (JAR *jar, jarArch format, char *filename, const char *url)
-  {
-  JAR_FILE fp;
-  int status = 0;
-
-  if (filename == NULL)
-    return JAR_ERR_GENERAL;
-
-  if ((fp = JAR_FOPEN (filename, "rb")) != NULL)
-    {
-    if (format == jarArchGuess)
-      format = (jarArch)jar_guess_jar (filename, fp);
-
-    jar->format = format;
-    jar->url = url ? PORT_Strdup (url) : NULL;
-    jar->filename = PORT_Strdup (filename);
-
-    status = jar_gen_index (jar, format, fp);
-
-    if (status == 0)
-      status = jar_extract_manifests (jar, format, fp);
-
-    JAR_FCLOSE (fp);
-
-    if (status < 0)
-      return status;
-
-    /* people were expecting it this way */
-    return jar->valid;
-    }
-  else
-    {
-    /* file not found */
-    return JAR_ERR_FNF;
-    }
-  }
-
-/*
- *  J A R _ p a s s _ a r c h i v e _ u n v e r i f i e d
- *
- * Same as JAR_pass_archive, but doesn't parse signatures.
- *
- */
-int JAR_pass_archive_unverified
-        (JAR *jar, jarArch format, char *filename, const char *url)
-{
-        JAR_FILE fp;
-        int status = 0;
-
-        if (filename == NULL) {
-                return JAR_ERR_GENERAL;
-        }
-
-        if ((fp = JAR_FOPEN (filename, "rb")) != NULL) {
-                if (format == jarArchGuess) {
-                        format = (jarArch)jar_guess_jar (filename, fp);
-                }
-
-                jar->format = format;
-                jar->url = url ? PORT_Strdup (url) : NULL;
-                jar->filename = PORT_Strdup (filename);
-
-                status = jar_gen_index (jar, format, fp);
-
-                if (status == 0) {
-                        status = jar_extract_mf(jar, format, fp, "mf");
-                }
-
-                JAR_FCLOSE (fp);
-
-                if (status < 0) {
-                        return status;
-                }
-
-                /* people were expecting it this way */
-                return jar->valid;
-        } else {
-                /* file not found */
-                return JAR_ERR_FNF;
-        }
-}
-
-/*
- *  J A R _ v e r i f i e d _ e x t r a c t
- *
- *  Optimization: keep a file descriptor open
- *  inside the JAR structure, so we don't have to
- *  open the file 25 times to run java. 
- *
- */
-
-int JAR_verified_extract
-    (JAR *jar, char *path, char *outpath)
-  {
-  int status;
-
-  status = JAR_extract (jar, path, outpath);
-
-  if (status >= 0)
-    return jar_verify_extract (jar, path, outpath);
-  else
-    return status;
-  }
-
-int JAR_extract
-    (JAR *jar, char *path, char *outpath)
-  {
-  int result;
-
-  JAR_Physical *phy;
-
-  if (jar->fp == NULL && jar->filename)
-    {
-    jar->fp = (FILE*)JAR_FOPEN (jar->filename, "rb");
-    }
-
-  if (jar->fp == NULL)
-    {
-    /* file not found */
-    return JAR_ERR_FNF;
-    }
-
-  phy = jar_get_physical (jar, path);
-
-  if (phy)
-    {
-    if (phy->compression != 0 && phy->compression != 8)
-      {
-      /* unsupported compression method */
-      result = JAR_ERR_CORRUPT;
-      }
-
-    if (phy->compression == 0)
-      {
-      result = jar_physical_extraction 
-         ((PRFileDesc*)jar->fp, outpath, phy->offset, phy->length);
-      }
-    else
-      {
-      result = jar_physical_inflate 
-         ((PRFileDesc*)jar->fp, outpath, phy->offset, phy->length, 
-            (unsigned int) phy->compression);
-      }
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-    if (phy->mode)
-      chmod (outpath, 0400 | (mode_t) phy->mode);
-#endif
-    }
-  else
-    {
-    /* pathname not found in archive */
-    result = JAR_ERR_PNF;
-    }
-
-  return result;
-  }
-
-/* 
- *  p h y s i c a l _ e x t r a c t i o n
- *
- *  This needs to be done in chunks of say 32k, instead of
- *  in one bulk calloc. (Necessary under Win16 platform.)
- *  This is done for uncompressed entries only.
- *
- */
-
-#define CHUNK 32768
-
-static int jar_physical_extraction 
-     (JAR_FILE fp, char *outpath, long offset, long length)
-  {
-  JAR_FILE out;
-
-  char *buffer;
-  long at, chunk;
-
-  int status = 0;
-
-  buffer = (char *) PORT_ZAlloc (CHUNK);
-
-  if (buffer == NULL)
-    return JAR_ERR_MEMORY;
-
-  if ((out = JAR_FOPEN (outpath, "wb")) != NULL)
-    {
-    at = 0;
-
-    JAR_FSEEK (fp, offset, (PRSeekWhence)0);
-
-    while (at < length)
-      {
-      chunk = (at + CHUNK <= length) ? CHUNK : length - at;
-
-      if (JAR_FREAD (fp, buffer, chunk) != chunk)
-        {
-        status = JAR_ERR_DISK;
-        break;
-        }
-
-      at += chunk;
-
-      if (JAR_FWRITE (out, buffer, chunk) < chunk)
-        {
-        /* most likely a disk full error */
-        status = JAR_ERR_DISK;
-        break;
-        }
-      }
-    JAR_FCLOSE (out);
-    }
-  else
-    {
-    /* error opening output file */
-    status = JAR_ERR_DISK;
-    }
-
-  PORT_Free (buffer);
-  return status;
-  }
-
-/*
- *  j a r _ p h y s i c a l _ i n f l a t e
- *
- *  Inflate a range of bytes in a file, writing the inflated
- *  result to "outpath". Chunk based.
- *
- */
-
-/* input and output chunks differ, assume 4x compression */
-
-#define ICHUNK 8192
-#define OCHUNK 32768
-
-static int jar_physical_inflate
-     (JAR_FILE fp, char *outpath, long offset, 
-          long length, unsigned int method)
-  {
-  z_stream zs;
-
-  JAR_FILE out;
-
-  long at, chunk;
-  char *inbuf, *outbuf;
-
-  int status = 0;
-
-  unsigned long prev_total, ochunk, tin;
-
-  if ((inbuf = (char *) PORT_ZAlloc (ICHUNK)) == NULL)
-    return JAR_ERR_MEMORY;
-
-  if ((outbuf = (char *) PORT_ZAlloc (OCHUNK)) == NULL)
-    {
-    PORT_Free (inbuf);
-    return JAR_ERR_MEMORY;
-    }
-
-  PORT_Memset (&zs, 0, sizeof (zs));
-  status = inflateInit2 (&zs, -MAX_WBITS);
-
-  if (status != Z_OK)
-    return JAR_ERR_GENERAL;
-
-  if ((out = JAR_FOPEN (outpath, "wb")) != NULL)
-    {
-    at = 0;
-
-    JAR_FSEEK (fp, offset, (PRSeekWhence)0);
-
-    while (at < length)
-      {
-      chunk = (at + ICHUNK <= length) ? ICHUNK : length - at;
-
-      if (JAR_FREAD (fp, inbuf, chunk) != chunk)
-        {
-        /* incomplete read */
-        return JAR_ERR_CORRUPT;
-        }
-
-      at += chunk;
-
-      zs.next_in = (Bytef *) inbuf;
-      zs.avail_in = chunk;
-      zs.avail_out = OCHUNK;
-
-      tin = zs.total_in;
-
-      while ((zs.total_in - tin < chunk) || (zs.avail_out == 0))
-        {
-        prev_total = zs.total_out;
-
-        zs.next_out = (Bytef *) outbuf;
-        zs.avail_out = OCHUNK;
-
-        status = inflate (&zs, Z_NO_FLUSH);
-
-        if (status != Z_OK && status != Z_STREAM_END)
-          {
-          /* error during decompression */
-          return JAR_ERR_CORRUPT;
-          }
-
-	ochunk = zs.total_out - prev_total;
-
-        if (JAR_FWRITE (out, outbuf, ochunk) < ochunk)
-          {
-          /* most likely a disk full error */
-          status = JAR_ERR_DISK;
-          break;
-          }
-
-        if (status == Z_STREAM_END)
-          break;
-        }
-      }
-
-    JAR_FCLOSE (out);
-    status = inflateEnd (&zs);
-    }
-  else
-    {
-    /* error opening output file */
-    status = JAR_ERR_DISK;
-    }
-
-  PORT_Free (inbuf);
-  PORT_Free (outbuf);
-
-  return status;
-  }
-
-/*
- *  j a r _ i n f l a t e _ m e m o r y
- *
- *  Call zlib to inflate the given memory chunk. It is re-XP_ALLOC'd, 
- *  and thus appears to operate inplace to the caller.
- *
- */
-
-static int jar_inflate_memory 
-     (unsigned int method, long *length, long expected_out_len, char ZHUGEP **data)
-  {
-  int status;
-  z_stream zs;
-
-  long insz, outsz;
-
-  char *inbuf, *outbuf;
-
-  inbuf =  *data;
-  insz = *length;
-
-  outsz = expected_out_len;
-  outbuf = (char*)PORT_ZAlloc (outsz);
-
-  if (outbuf == NULL)
-    return JAR_ERR_MEMORY;
-
-  PORT_Memset (&zs, 0, sizeof (zs));
-
-  status = inflateInit2 (&zs, -MAX_WBITS);
-
-  if (status < 0)
-    {
-    /* error initializing zlib stream */
-    return JAR_ERR_GENERAL;
-    }
-
-  zs.next_in = (Bytef *) inbuf;
-  zs.next_out = (Bytef *) outbuf;
-
-  zs.avail_in = insz;
-  zs.avail_out = outsz;
-
-  status = inflate (&zs, Z_FINISH);
-
-  if (status != Z_OK && status != Z_STREAM_END)
-    {
-    /* error during deflation */
-    return JAR_ERR_GENERAL; 
-    }
-
-  status = inflateEnd (&zs);
-
-  if (status != Z_OK)
-    {
-    /* error during deflation */
-    return JAR_ERR_GENERAL;
-    }
-
-  PORT_Free (*data);
-
-  *data = outbuf;
-  *length = zs.total_out;
-
-  return 0;
-  }
-
-/*
- *  v e r i f y _ e x t r a c t
- *
- *  Validate signature on the freshly extracted file.
- *
- */
-
-static int jar_verify_extract (JAR *jar, char *path, char *physical_path)
-  {
-  int status;
-  JAR_Digest dig;
-
-  PORT_Memset (&dig, 0, sizeof (JAR_Digest));
-  status = JAR_digest_file (physical_path, &dig);
-
-  if (!status)
-    status = JAR_verify_digest (jar, path, &dig);
-
-  return status;
-  }
-
-/*
- *  g e t _ p h y s i c a l
- *
- *  Let's get physical.
- *  Obtains the offset and length of this file in the jar file.
- *
- */
-
-static JAR_Physical *jar_get_physical (JAR *jar, char *pathname)
-  {
-  JAR_Item *it;
-
-  JAR_Physical *phy;
-
-  ZZLink *link;
-  ZZList *list;
-
-  list = jar->phy;
-
-  if (ZZ_ListEmpty (list))
-    return NULL;
-
-  for (link = ZZ_ListHead (list);
-       !ZZ_ListIterDone (list, link);
-       link = link->next)
-    {
-    it = link->thing;
-    if (it->type == jarTypePhy 
-          && it->pathname && !PORT_Strcmp (it->pathname, pathname))
-      {
-      phy = (JAR_Physical *) it->data;
-      return phy;
-      }
-    }
-
-  return NULL;
-  }
-
-/*
- *  j a r _ e x t r a c t _ m a n i f e s t s
- *
- *  Extract the manifest files and parse them,
- *  from an open archive file whose contents are known.
- *
- */
-
-static int jar_extract_manifests (JAR *jar, jarArch format, JAR_FILE fp)
-  {
-  int status;
-
-  if (format != jarArchZip && format != jarArchTar)
-    return JAR_ERR_CORRUPT;
-
-  if ((status = jar_extract_mf (jar, format, fp, "mf")) < 0)
-    return status;
-
-  if ((status = jar_extract_mf (jar, format, fp, "sf")) < 0)
-    return status;
-
-  if ((status = jar_extract_mf (jar, format, fp, "rsa")) < 0)
-    return status;
-
-  if ((status = jar_extract_mf (jar, format, fp, "dsa")) < 0)
-    return status;
-
-  return 0;
-  }
-
-/*
- *  j a r _ e x t r a c t _ m f
- *
- *  Extracts manifest files based on an extension, which 
- *  should be .MF, .SF, .RSA, etc. Order of the files is now no 
- *  longer important when zipping jar files.
- *
- */
-
-static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext)
-  {
-  JAR_Item *it;
-
-  JAR_Physical *phy;
-
-  ZZLink *link;
-  ZZList *list;
-
-  char *fn, *e;
-  char ZHUGEP *manifest;
-
-  long length;
-  int status, ret = 0, num;
-
-  list = jar->phy;
-
-  if (ZZ_ListEmpty (list))
-    return JAR_ERR_PNF;
-
-  for (link = ZZ_ListHead (list);
-       !ZZ_ListIterDone (list, link);
-       link = link->next)
-    {
-    it = link->thing;
-    if (it->type == jarTypePhy 
-          && !PORT_Strncmp (it->pathname, "META-INF", 8))
-      {
-      phy = (JAR_Physical *) it->data;
-
-      if (PORT_Strlen (it->pathname) < 8)
-        continue;
-
-      fn = it->pathname + 8;
-      if (*fn == '/' || *fn == '\\') fn++;
-
-      if (*fn == 0)
-        {
-        /* just a directory entry */
-        continue;
-        }
-
-      /* skip to extension */
-      for (e = fn; *e && *e != '.'; e++)
-        /* yip */ ;
-
-      /* and skip dot */
-      if (*e == '.') e++;
-
-      if (PORT_Strcasecmp (ext, e))
-        {
-        /* not the right extension */
-        continue;
-        }
-
-      if (phy->length == 0)
-        {
-        /* manifest files cannot be zero length! */
-        return JAR_ERR_CORRUPT;
-        }
-
-      /* Read in the manifest and parse it */
-      /* FIX? Does this break on win16 for very very large manifest files? */
-
-#ifdef XP_WIN16
-      PORT_Assert( phy->length+1 < 0xFFFF );
-#endif
-
-      manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1);
-      if (manifest)
-        {
-        JAR_FSEEK (fp, phy->offset, (PRSeekWhence)0);
-        num = JAR_FREAD (fp, manifest, phy->length);
-
-        if (num != phy->length)
-          {
-          /* corrupt archive file */
-          return JAR_ERR_CORRUPT;
-          }
-
-        if (phy->compression == 8)
-          {
-          length = phy->length;
-
-          status = jar_inflate_memory ((unsigned int) phy->compression, &length,  phy->uncompressed_length, &manifest);
-
-          if (status < 0)
-            return status;
-          }
-        else if (phy->compression)
-          {
-          /* unsupported compression method */
-          return JAR_ERR_CORRUPT;
-          }
-        else
-          length = phy->length;
-
-        status = JAR_parse_manifest 
-           (jar, manifest, length, it->pathname, "url");
-
-        PORT_Free (manifest);
-
-        if (status < 0 && ret == 0) ret = status;
-        }
-      else
-        return JAR_ERR_MEMORY;
-      }
-    else if (it->type == jarTypePhy)
-      {
-      /* ordinary file */
-      }
-    }
-
-  return ret;
-  }
-
-/*
- *  j a r _ g e n _ i n d e x
- *
- *  Generate an index for the various types of
- *  known archive files. Right now .ZIP and .TAR
- *
- */
-
-static int jar_gen_index (JAR *jar, jarArch format, JAR_FILE fp)
-  {
-  int result = JAR_ERR_CORRUPT;
-  JAR_FSEEK (fp, 0, (PRSeekWhence)0);
-
-  switch (format)
-    {
-    case jarArchZip:
-      result = jar_listzip (jar, fp);
-      break;
-
-    case jarArchTar:
-      result = jar_listtar (jar, fp);
-      break;
-
-    case jarArchGuess:
-    case jarArchNone:
-      return JAR_ERR_GENERAL;
-    }
-
-  JAR_FSEEK (fp, 0, (PRSeekWhence)0);
-  return result;
-  }
-
-
-/*
- *  j a r _ l i s t z i p
- *
- *  List the physical contents of a Phil Katz 
- *  style .ZIP file into the JAR linked list.
- *
- */
-
-static int jar_listzip (JAR *jar, JAR_FILE fp)
-  {
-  int err = 0;
-
-  long pos = 0L;
-  char filename [JAR_SIZE];
-
-  char date [9], time [9];
-  char sig [4];
-
-  unsigned int compression;
-  unsigned int filename_len, extra_len;
-
-  struct ZipLocal *Local;
-  struct ZipCentral *Central;
-  struct ZipEnd *End;
-
-  /* phy things */
-
-  ZZLink  *ent;
-  JAR_Item *it;
-  JAR_Physical *phy;
-
-  Local = (struct ZipLocal *) PORT_ZAlloc (30);
-  Central = (struct ZipCentral *) PORT_ZAlloc (46);
-  End = (struct ZipEnd *) PORT_ZAlloc (22);
-
-  if (!Local || !Central || !End)
-    {
-    /* out of memory */
-    err = JAR_ERR_MEMORY;
-    goto loser;
-    }
-
-  while (1)
-    {
-    JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
-    if (JAR_FREAD (fp, (char *) sig, 4) != 4)
-      {
-      /* zip file ends prematurely */
-      err = JAR_ERR_CORRUPT;
-      goto loser;
-      }
-
-    JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
-    if (xtolong ((unsigned char *)sig) == LSIG)
-      {
-      JAR_FREAD (fp, (char *) Local, 30);
-
-      filename_len = xtoint ((unsigned char *) Local->filename_len);
-      extra_len = xtoint ((unsigned char *) Local->extrafield_len);
-
-      if (filename_len >= JAR_SIZE)
-        {
-        /* corrupt zip file */
-        err = JAR_ERR_CORRUPT;
-        goto loser;
-        }
-
-      if (JAR_FREAD (fp, filename, filename_len) != filename_len)
-        {
-        /* truncated archive file */
-        err = JAR_ERR_CORRUPT;
-        goto loser;
-        }
-
-      filename [filename_len] = 0;
-
-      /* Add this to our jar chain */
-
-      phy = (JAR_Physical *) PORT_ZAlloc (sizeof (JAR_Physical));
-
-      if (phy == NULL)
-        {
-        err = JAR_ERR_MEMORY;
-        goto loser;
-        }
-
-      /* We will index any file that comes our way, but when it comes
-         to actually extraction, compression must be 0 or 8 */
-
-      compression = xtoint ((unsigned char *) Local->method);
-      phy->compression = compression >= 0 && 
-              compression <= 255 ? compression : 222;
-
-      phy->offset = pos + 30 + filename_len + extra_len;
-      phy->length = xtolong ((unsigned char *) Local->size);
-      phy->uncompressed_length = xtolong((unsigned char *) Local->orglen);
-
-      dosdate (date, Local->date);
-      dostime (time, Local->time);
-
-      it = (JAR_Item*)PORT_ZAlloc (sizeof (JAR_Item));
-      if (it == NULL)
-        {
-        err = JAR_ERR_MEMORY;
-        goto loser;
-        }
-
-      it->pathname = PORT_Strdup (filename);
-
-      it->type = jarTypePhy;
-
-      it->data = (unsigned char *) phy;
-      it->size = sizeof (JAR_Physical);
-
-      ent = ZZ_NewLink (it);
-
-      if (ent == NULL)
-        {
-        err = JAR_ERR_MEMORY;
-        goto loser;
-        }
-
-      ZZ_AppendLink (jar->phy, ent);
- 
-      pos = phy->offset + phy->length;
-      }
-    else if (xtolong ( (unsigned char *)sig) == CSIG)
-      {
-      if (JAR_FREAD (fp, (char *) Central, 46) != 46)
-        {
-        /* apparently truncated archive */
-        err = JAR_ERR_CORRUPT;
-        goto loser;
-        }
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-      /* with unix we need to locate any bits from 
-         the protection mask in the external attributes. */
-        {
-        unsigned int attr;
-
-        /* determined empirically */
-        attr = Central->external_attributes [2];
-
-        if (attr)
-          {
-          /* we have to read the filename, again */
-
-          filename_len = xtoint ((unsigned char *) Central->filename_len);
-
-          if (filename_len >= JAR_SIZE)
-            {
-            /* corrupt in central directory */
-            err = JAR_ERR_CORRUPT;
-            goto loser;
-            }
-
-          if (JAR_FREAD (fp, filename, filename_len) != filename_len)
-            {
-            /* truncated in central directory */
-            err = JAR_ERR_CORRUPT;
-            goto loser;
-            }
-
-          filename [filename_len] = 0;
-
-          /* look up this name again */
-          phy = jar_get_physical (jar, filename);
-
-          if (phy)
-            {
-            /* always allow access by self */
-            phy->mode = 0400 | attr;
-            }
-          }
-        }
-#endif
-
-      pos += 46 + xtoint ( (unsigned char *)Central->filename_len)
-                + xtoint ( (unsigned char *)Central->commentfield_len)
-                + xtoint ( (unsigned char *)Central->extrafield_len);
-      }
-    else if (xtolong ( (unsigned char *)sig) == ESIG)
-      {
-      if (JAR_FREAD (fp, (char *) End, 22) != 22)
-        {
-        err = JAR_ERR_CORRUPT;
-        goto loser;
-        }
-      else
-        break;
-      }
-    else
-      {
-      /* garbage in archive */
-      err = JAR_ERR_CORRUPT;
-      goto loser;
-      }
-    }
-
-loser:
-
-  if (Local) PORT_Free (Local);
-  if (Central) PORT_Free (Central);
-  if (End) PORT_Free (End);
-
-  return err;
-  }
-
-/*
- *  j a r _ l i s t t a r
- *
- *  List the physical contents of a Unix 
- *  .tar file into the JAR linked list.
- *
- */
-
-static int jar_listtar (JAR *jar, JAR_FILE fp)
-  {
-  long pos = 0L;
-
-  long sz, mode;
-  time_t when;
-  union TarEntry tarball;
-
-  char *s;
-
-  /* phy things */
-
-  JAR_Physical *phy;
-
-  while (1)
-    {
-    JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
-    if (JAR_FREAD (fp, (char *) &tarball, 512) < 512)
-      break;
-
-    if (!*tarball.val.filename)
-      break;
-
-    when = atoo (tarball.val.time);
-    sz = atoo (tarball.val.size);
-    mode = atoo (tarball.val.mode);
-
-
-    /* Tag the end of filename */
-
-    s = tarball.val.filename;
-    while (*s && *s != ' ') s++;
-    *s = 0;
-
-
-    /* Add to our linked list */
-
-    phy = (JAR_Physical *) PORT_ZAlloc (sizeof (JAR_Physical));
-
-    if (phy == NULL)
-      return JAR_ERR_MEMORY;
-
-    phy->compression = 0;
-    phy->offset = pos + 512;
-    phy->length = sz;
-
-    ADDITEM (jar->phy, jarTypePhy, 
-       tarball.val.filename, phy, sizeof (JAR_Physical));
-
-
-    /* Advance to next file entry */
-
-    sz += 511;
-    sz = (sz / 512) * 512;
-
-    pos += sz + 512;
-    }
-
-  return 0;
-  }
-
-/*
- *  d o s d a t e
- *
- *  Not used right now, but keep it in here because
- *  it will be needed. 
- *
- */
-
-static int dosdate (char *date, char *s)
-  {
-  int num = xtoint ( (unsigned char *)s);
-
-  PR_snprintf (date, 9, "%02d-%02d-%02d",
-     ((num >> 5) & 0x0F), (num & 0x1F), ((num >> 9) + 80));
-
-  return 0;
-  }
-
-/*
- *  d o s t i m e
- *
- *  Not used right now, but keep it in here because
- *  it will be needed. 
- *
- */
-
-static int dostime (char *time, char *s)
-  {
-  int num = xtoint ( (unsigned char *)s);
-
-  PR_snprintf (time, 6, "%02d:%02d",
-     ((num >> 11) & 0x1F), ((num >> 5) & 0x3F));
-
-  return 0;
-  }
-
-/*
- *  x t o i n t
- *
- *  Converts a two byte ugly endianed integer
- *  to our platform's integer.
- *
- */
-
-static unsigned int xtoint (unsigned char *ii)
-  {
-  return (int) (ii [0]) | ((int) ii [1] << 8);
-  }
-
-/*
- *  x t o l o n g
- *
- *  Converts a four byte ugly endianed integer
- *  to our platform's integer.
- *
- */
-
-static unsigned long xtolong (unsigned char *ll)
-  {
-  unsigned long ret;
-
-  ret =  (
-         (((unsigned long) ll [0]) <<  0) |
-         (((unsigned long) ll [1]) <<  8) |
-         (((unsigned long) ll [2]) << 16) |
-         (((unsigned long) ll [3]) << 24)
-         );
-
-  return ret;
-  }
-
-/*
- *  a t o o
- *
- *  Ascii octal to decimal.
- *  Used for integer encoding inside tar files.
- *
- */
-
-static long atoo (char *s)
-  {
-  long num = 0L;
-
-  while (*s == ' ') s++;
-
-  while (*s >= '0' && *s <= '7')
-    {
-    num <<= 3;
-    num += *s++ - '0';
-    }
-
-  return num;
-  }
-
-/*
- *  g u e s s _ j a r
- *
- *  Try to guess what kind of JAR file this is.
- *  Maybe tar, maybe zip. Look in the file for magic
- *  or at its filename.
- *
- */
-
-static int jar_guess_jar (char *filename, JAR_FILE fp)
-  {
-  char *ext;
-
-  ext = filename + PORT_Strlen (filename) - 4;
-
-  if (!PORT_Strcmp (ext, ".tar"))
-    return jarArchTar;
-
-  return jarArchZip;
-  }
diff --git a/security/nss/lib/jar/jarfile.h b/security/nss/lib/jar/jarfile.h
deleted file mode 100644
index d28b090fa..000000000
--- a/security/nss/lib/jar/jarfile.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JARFILE.H
- * 
- *  Certain constants and structures for the archive format.
- *
- */
-
-/* ZIP */
-
-struct ZipLocal
-  {
-  char signature [4];
-  char word [2];
-  char bitflag [2];
-  char method [2];
-  char time [2];
-  char date [2];
-  char crc32 [4];
-  char size [4];
-  char orglen [4];
-  char filename_len [2];
-  char extrafield_len [2];
-  };
-
-struct ZipCentral
-  {
-  char signature [4];
-  char version_made_by [2];
-  char version [2];
-  char bitflag [2];
-  char method [2];
-  char time [2];
-  char date [2];
-  char crc32 [4];
-  char size [4];
-  char orglen [4];
-  char filename_len [2];
-  char extrafield_len [2];
-  char commentfield_len [2];
-  char diskstart_number [2];
-  char internal_attributes [2];
-  char external_attributes [4];
-  char localhdr_offset [4];
-  };
-
-struct ZipEnd
-  {
-  char signature [4];
-  char disk_nr [2];
-  char start_central_dir [2];
-  char total_entries_disk [2];
-  char total_entries_archive [2];
-  char central_dir_size [4];
-  char offset_central_dir [4];
-  char commentfield_len [2];
-  };
-
-#define LSIG 0x04034B50l
-#define CSIG 0x02014B50l
-#define ESIG 0x06054B50l
-
-/* TAR */
-
-union TarEntry
-  {
-  struct header
-    {
-    char filename [100];
-    char mode [8];
-    char uid [8];
-    char gid [8];
-    char size [12];
-    char time [12];
-    char checksum [8];
-    char linkflag;
-    char linkname [100];
-    }
-  val;
-
-  char buffer [512];
-  };
diff --git a/security/nss/lib/jar/jarint.c b/security/nss/lib/jar/jarint.c
deleted file mode 100644
index 4c8da5986..000000000
--- a/security/nss/lib/jar/jarint.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Internal libjar routines.
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-/*-----------------------------------------------------------------------
- * JAR_FOPEN_to_PR_Open
- * Translate JAR_FOPEN arguments to PR_Open arguments
- */
-PRFileDesc*
-JAR_FOPEN_to_PR_Open(const char* name, const char *mode)
-{
-
-	PRIntn	prflags=0, prmode=0;
-
-	/* Get read/write flags */
-	if(strchr(mode, 'r') && !strchr(mode, '+')) {
-		prflags |= PR_RDONLY;
-	} else if( (strchr(mode, 'w') || strchr(mode, 'a')) &&
-			!strchr(mode,'+') ) {
-		prflags |= PR_WRONLY;
-	} else {
-		prflags |= PR_RDWR;
-	}
-
-	/* Create a new file? */
-	if(strchr(mode, 'w') || strchr(mode, 'a')) {
-		prflags |= PR_CREATE_FILE;
-	}
-
-	/* Append? */
-	if(strchr(mode, 'a')) {
-		prflags |= PR_APPEND;
-	}
-
-	/* Truncate? */
-	if(strchr(mode, 'w')) {
-		prflags |= PR_TRUNCATE;
-	}
-
-	/* We can't do umask because it isn't XP.  Choose some default
-	   mode for created files */
-	prmode = 0755;
-
-	return PR_Open(name, prflags, prmode);
-}
diff --git a/security/nss/lib/jar/jarint.h b/security/nss/lib/jar/jarint.h
deleted file mode 100644
index 7baa4f3f1..000000000
--- a/security/nss/lib/jar/jarint.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* JAR internal routines */
-
-#include "nspr.h"
-
-/* definitely required */
-/*#include "certdb.h" */
-#include "key.h"
-#include "base64.h"
-
-extern CERTCertDBHandle *JAR_open_database (void);
-
-extern int JAR_close_database (CERTCertDBHandle *certdb);
-
-extern int jar_close_key_database (void *keydb);
-
-extern void *jar_open_key_database (void);
-
-extern JAR_Signer *JAR_new_signer (void);
-
-extern void JAR_destroy_signer (JAR_Signer *signer);
-
-extern JAR_Signer *jar_get_signer (JAR *jar, char *basename);
-
-extern int jar_append (ZZList *list, int type,
-   char *pathname, void *data, size_t size);
-
-/* Translate fopen mode arg to PR_Open flags and mode */
-PRFileDesc*
-JAR_FOPEN_to_PR_Open(const char *name, const char *mode);
-
-
-#define ADDITEM(list,type,pathname,data,size) \
-  { int err; err = jar_append (list, type, pathname, data, size); \
-    if (err < 0) return err; }
-
-/* Here is some ugliness in the event it is necessary to link
-   with NSPR 1.0 libraries, which do not include an FSEEK. It is 
-   difficult to fudge an FSEEK into 1.0 so we use stdio. */
-
-/* stdio */
-#if 0
-#define JAR_FILE FILE *
-#define JAR_FOPEN(fn,mode) fopen(fn,mode)
-#define JAR_FCLOSE fclose
-#define JAR_FSEEK fseek
-#define JAR_FREAD(fp,buf,siz) fread(buf,1,siz,fp)
-#define JAR_FWRITE(fp,buf,siz) fwrite(buf,1,siz,fp) 
-#endif
-
-#if 0
-/* nspr 1.0 suite */
-#define JAR_FILE PRFileHandle
-#define JAR_FOPEN(fn,mode) PR_OpenFile(fn,0,mode)
-#define JAR_FCLOSE PR_CLOSE
-#define JAR_FSEEK (no-equivalent)
-#define JAR_FREAD PR_READ
-#define JAR_FWRITE PR_WRITE
-#endif
-
-/* nspr 2.0 suite */
-#define JAR_FILE PRFileDesc *
-/* #define JAR_FOPEN(fn,mode) PR_Open(fn,0,0) */
-#define JAR_FOPEN(fn,mode) JAR_FOPEN_to_PR_Open(fn,mode)
-#define JAR_FCLOSE PR_Close
-#define JAR_FSEEK PR_Seek
-#define JAR_FREAD PR_Read
-#define JAR_FWRITE PR_Write
-
-#if 0
-/* nav XP suite, note argument order */
-#define JAR_FILE XP_File
-#define JAR_FOPEN(fn,mode) XP_FileOpen(fn,xpURL,mode)
-#define JAR_FCLOSE XP_FileClose
-#define JAR_FSEEK XP_FileSeek
-#define JAR_FREAD(fp,buf,siz) XP_FileRead(buf,siz,fp)
-#define JAR_FWRITE(fp,buf,siz) XP_FileWrite(buf,siz,fp)
-#endif
-
-int jar_create_pk7
-   (CERTCertDBHandle *certdb, void *keydb,
-       CERTCertificate *cert, char *password, JAR_FILE infp, 
-       JAR_FILE outfp);
-
diff --git a/security/nss/lib/jar/jarjart.c b/security/nss/lib/jar/jarjart.c
deleted file mode 100644
index 039531a2b..000000000
--- a/security/nss/lib/jar/jarjart.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JARJART
- *
- *  JAR functions used by Jartool
- */
-
-/* This allows manifest files above 64k to be
-   processed on non-win16 platforms */
-
-#include "jar.h"
-#include "jarint.h"
-#include "jarjart.h"
-#include "blapi.h"	/* JAR is supposed to be above the line!! */
-#include "pk11func.h"	/* PK11 wrapper funcs are all above the line. */
-#include "certdb.h"
-
-/* from certdb.h */
-#define CERTDB_USER (1<<6)
-
-#if 0
-/* from certdb.h */
-typedef SECStatus (* PermCertCallback)(CERTCertificate *cert, SECItem *k, void *pdata);
-/* from certdb.h */
-SECStatus SEC_TraversePermCerts
-   (CERTCertDBHandle *handle, PermCertCallback certfunc, void *udata);
-#endif
-
-/*
- *  S O B _ l i s t _ c e r t s
- *
- *  Return a list of newline separated certificate nicknames
- *  (this function used by the Jartool)
- * 
- */
-
-static SECStatus jar_list_cert_callback 
-     (CERTCertificate *cert, SECItem *k, void *data)
-  {
-  char *name;
-  char **ugly_list;
-
-  int trusted;
-
-  ugly_list = (char **) data;
-
-  if (cert)
-    {
-    name = cert->nickname;
-
-    trusted = cert->trust->objectSigningFlags & CERTDB_USER;
-
-    /* Add this name or email to list */
-
-    if (name && trusted)
-      {
-      *ugly_list = (char*)PORT_Realloc
-           (*ugly_list, PORT_Strlen (*ugly_list) + PORT_Strlen (name) + 2);
-
-      if (*ugly_list)
-        {
-        if (**ugly_list)
-          PORT_Strcat (*ugly_list, "\n");
-
-        PORT_Strcat (*ugly_list, name);
-        }
-      }
-    }
-
-  return (SECSuccess);
-  }
-
-/*
- *  S O B _ J A R _ l i s t _ c e r t s
- *
- *  Return a linfeed separated ascii list of certificate
- *  nicknames for the Jartool.
- *
- */
-
-char *JAR_JAR_list_certs (void)
-  {
-  SECStatus status = SECFailure;
-  CERTCertDBHandle *certdb;
-
-  char *ugly_list;
-
-  certdb = JAR_open_database();
-
-  /* a little something */
-  ugly_list = (char*)PORT_ZAlloc (16);
-
-  if (ugly_list)
-    {
-    *ugly_list = 0;
-
-    status = SEC_TraversePermCerts 
-            (certdb, jar_list_cert_callback, (void *) &ugly_list);
-    }
-
-  JAR_close_database (certdb);
-
-  return (status != SECSuccess) ? NULL : ugly_list;
-  }
-
-int JAR_JAR_validate_archive (char *filename)
-  {
-  JAR *jar;
-  int status = -1;
-
-  jar = JAR_new();
-
-  if (jar)
-    {
-    status = JAR_pass_archive (jar, jarArchGuess, filename, "");
-
-    if (status == 0)
-      status = jar->valid;
-
-    JAR_destroy (jar);
-    }
-
-  return status;
-  }
-
-char *JAR_JAR_get_error (int status)
-  {
-  return JAR_get_error (status);
-  }
-
-/*
- *  S O B _ J A R _  h a s h
- *
- *  Hash algorithm interface for use by the Jartool. Since we really
- *  don't know the private sizes of the context, and Java does need to
- *  know this number, allocate 512 bytes for it.
- *
- *  In april 1997 hashes in this file were changed to call PKCS11,
- *  as FIPS requires that when a smartcard has failed validation, 
- *  hashes are not to be performed. But because of the difficulty of
- *  preserving pointer context between calls to the JAR_JAR hashing
- *  functions, the hash routines are called directly, though after
- *  checking to see if hashing is allowed.
- *
- */
-
-void *JAR_JAR_new_hash (int alg)
-  {
-  void *context;
-
-  MD5Context *md5;
-  SHA1Context *sha1;
-
-  /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
-  if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
-    return NULL;
-
-  context = PORT_ZAlloc (512);
-
-  if (context)
-    {
-    switch (alg)
-      {
-      case 1:  /* MD5 */
-               md5 = (MD5Context *) context;
-               MD5_Begin (md5);
-               break;
-
-      case 2:  /* SHA1 */
-               sha1 = (SHA1Context *) context;
-               SHA1_Begin (sha1);
-               break;
-      }
-    }
-
-  return context;
-  }
-
-void *JAR_JAR_hash (int alg, void *cookie, int length, void *data)
-  {
-  MD5Context *md5;
-  SHA1Context *sha1;
-
-  /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
-  if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
-    return NULL;
-
-  if (length > 0)
-    {
-    switch (alg)
-      {
-      case 1:  /* MD5 */
-               md5 = (MD5Context *) cookie;
-               MD5_Update (md5, (unsigned char*)data, length);
-               break;
-
-      case 2:  /* SHA1 */
-               sha1 = (SHA1Context *) cookie;
-               SHA1_Update (sha1, (unsigned char*)data, length);
-               break;
-      }
-    }
-
-  return cookie;
-  }
-
-void *JAR_JAR_end_hash (int alg, void *cookie)
-  {
-  int length;
-  unsigned char *data;
-  char *ascii; 
-
-  MD5Context *md5;
-  SHA1Context *sha1;
-
-  unsigned int md5_length;
-  unsigned char md5_digest [MD5_LENGTH];
-
-  unsigned int sha1_length;
-  unsigned char sha1_digest [SHA1_LENGTH];
-
-  /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
-  if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1)) 
-    return NULL;
-
-  switch (alg)
-    {
-    case 1:  /* MD5 */
-
-             md5 = (MD5Context *) cookie;
-
-             MD5_End (md5, md5_digest, &md5_length, MD5_LENGTH);
-             /* MD5_DestroyContext (md5, PR_TRUE); */
-
-             data = md5_digest;
-             length = md5_length;
-
-             break;
-
-    case 2:  /* SHA1 */
-
-             sha1 = (SHA1Context *) cookie;
-
-             SHA1_End (sha1, sha1_digest, &sha1_length, SHA1_LENGTH);
-             /* SHA1_DestroyContext (sha1, PR_TRUE); */
-
-             data = sha1_digest;
-             length = sha1_length;
-
-             break;
-
-    default: return NULL;
-    }
-
-  /* Instead of destroy context, since we created it */
-  /* PORT_Free (cookie); */
-
-  ascii = BTOA_DataToAscii(data, length);
-
-  return ascii ? PORT_Strdup (ascii) : NULL;
-  }
-
-/*
- *  S O B _ J A R _ s i g n _ a r c h i v e
- *
- *  A simple API to sign a JAR archive.
- *
- */
-
-int JAR_JAR_sign_archive 
-      (char *nickname, char *password, char *sf, char *outsig)
-  {
-  char *out_fn;
-
-  int status = JAR_ERR_GENERAL;
-  JAR_FILE sf_fp; 
-  JAR_FILE out_fp;
-
-  CERTCertDBHandle *certdb;
-  void *keydb;
-
-  CERTCertificate *cert;
-
-  /* open cert and key databases */
-
-  certdb = JAR_open_database();
-  if (certdb == NULL)
-    return JAR_ERR_GENERAL;
-
-  keydb = jar_open_key_database();
-  if (keydb == NULL)
-    return JAR_ERR_GENERAL;
-
-  out_fn = PORT_Strdup (sf);
-
-  if (out_fn == NULL || PORT_Strlen (sf) < 5)
-    return JAR_ERR_GENERAL;
-
-  sf_fp = JAR_FOPEN (sf, "rb");
-  out_fp = JAR_FOPEN (outsig, "wb");
-
-  cert = CERT_FindCertByNickname (certdb, nickname);
-
-  if (cert && sf_fp && out_fp)
-    {
-    status = jar_create_pk7 (certdb, keydb, cert, password, sf_fp, out_fp);
-    }
-
-  /* remove password from prying eyes */
-  PORT_Memset (password, 0, PORT_Strlen (password));
-
-  JAR_FCLOSE (sf_fp);
-  JAR_FCLOSE (out_fp);
-
-  JAR_close_database (certdb);
-  jar_close_key_database (keydb);
-
-  return status;
-  }
diff --git a/security/nss/lib/jar/jarjart.h b/security/nss/lib/jar/jarjart.h
deleted file mode 100644
index bb4596e90..000000000
--- a/security/nss/lib/jar/jarjart.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  jarjart.h
- *
- *  Functions for the Jartool, which is written in Java and
- *  requires wrappers located elsewhere in the client.
- *
- *  Do not call these unless you are the Jartool, no matter
- *  how convenient they may appear.
- *
- */
-
-#ifndef _JARJART_H_
-#define _JARJART_H_
-
-/* return a list of certificate nicknames, separated by \n's */
-extern char *JAR_JAR_list_certs (void);
-
-/* validate archive, simple api */
-extern int JAR_JAR_validate_archive (char *filename);
-
-/* begin hash */
-extern void *JAR_JAR_new_hash (int alg);
-
-/* hash a streaming pile */
-extern void *JAR_JAR_hash (int alg, void *cookie, int length, void *data);
-
-/* end hash */
-extern void *JAR_JAR_end_hash (int alg, void *cookie);
-
-/* sign the archive (given an .SF file) with the given cert.
-   The password argument is a relic, PKCS11 now handles that. */
-
-extern int JAR_JAR_sign_archive 
-   (char *nickname, char *password, char *sf, char *outsig);
-
-/* convert status to text */
-extern char *JAR_JAR_get_error (int status);
-
-#endif
diff --git a/security/nss/lib/jar/jarnav.c b/security/nss/lib/jar/jarnav.c
deleted file mode 100644
index 865ded5da..000000000
--- a/security/nss/lib/jar/jarnav.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JARNAV.C
- *
- *  JAR stuff needed for client only.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-/* from proto.h */
-#ifdef MOZILLA_CLIENT_OLD
-extern MWContext *XP_FindSomeContext(void);
-#endif
-
-/* sigh */
-extern MWContext *FE_GetInitContext(void);
-
-/* To return an MWContext for Java */
-static MWContext *(*jar_fn_FindSomeContext) (void) = NULL;
-
-/* To fabricate an MWContext for FE_GetPassword */
-static MWContext *(*jar_fn_GetInitContext) (void) = NULL;
-
-/*
- *  J A R _ i n i t
- *
- *  Initialize the JAR functions.
- * 
- */
-
-void JAR_init (void)
-  {
-#ifdef MOZILLA_CLIENT_OLD
-  JAR_init_callbacks (XP_GetString, XP_FindSomeContext, FE_GetInitContext);
-#else
-  JAR_init_callbacks (XP_GetString, NULL, NULL);
-#endif
-  }
-
-/*
- *  J A R _ s e t _ c o n t e x t
- *
- *  Set the jar window context for use by PKCS11, since
- *  it may be needed to prompt the user for a password.
- *
- */
-
-int JAR_set_context (JAR *jar, MWContext *mw)
-  {
-  if (mw)
-    {
-    jar->mw = mw;
-    }
-  else
-    {
-    /* jar->mw = XP_FindSomeContext(); */
-    jar->mw = NULL;
-
-    /*
-     * We can't find a context because we're in startup state and none
-     * exist yet. go get an FE_InitContext that only works at initialization
-     * time.
-     */
-
-    /* Turn on the mac when we get the FE_ function */
-    if (jar->mw == NULL)
-      {
-      jar->mw = jar_fn_GetInitContext();
-      }
-   }
-
-  return 0;
-  }
diff --git a/security/nss/lib/jar/jarsign.c b/security/nss/lib/jar/jarsign.c
deleted file mode 100644
index 5ff7d55de..000000000
--- a/security/nss/lib/jar/jarsign.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JARSIGN
- *
- *  Routines used in signing archives.
- */
-
-
-#define USE_MOZ_THREAD
-
-#include "jar.h"
-#include "jarint.h"
-
-#ifdef USE_MOZ_THREAD
-#include "jarevil.h"
-#endif
-
-#include "pk11func.h"
-#include "sechash.h"
-
-/* from libevent.h */
-typedef void (*ETVoidPtrFunc) (void * data);
-
-#ifdef MOZILLA_CLIENT_OLD
-
-extern void ET_moz_CallFunction (ETVoidPtrFunc fn, void *data);
-
-/* from proto.h */
-/* extern MWContext *XP_FindSomeContext(void); */
-extern void *XP_FindSomeContext(void);
-
-#endif
-
-/* key database wrapper */
-
-/* static SECKEYKeyDBHandle *jar_open_key_database (void); */
-
-/* CHUNQ is our bite size */
-
-#define CHUNQ 64000
-#define FILECHUNQ 32768
-
-/*
- *  J A R _ c a l c u l a t e _ d i g e s t 
- *
- *  Quick calculation of a digest for
- *  the specified block of memory. Will calculate
- *  for all supported algorithms, now MD5.
- *
- *  This version supports huge pointers for WIN16.
- * 
- */
-
-JAR_Digest * PR_CALLBACK JAR_calculate_digest (void ZHUGEP *data, long length)
-  {
-  long chunq;
-  JAR_Digest *dig;
-
-  unsigned int md5_length, sha1_length;
-
-  PK11Context *md5  = 0;
-  PK11Context *sha1 = 0;
-
-  dig = (JAR_Digest *) PORT_ZAlloc (sizeof (JAR_Digest));
-
-  if (dig == NULL) 
-    {
-    /* out of memory allocating digest */
-    return NULL;
-    }
-
-#if defined(XP_WIN16)
-  PORT_Assert ( !IsBadHugeReadPtr(data, length) );
-#endif
-
-  md5  = PK11_CreateDigestContext (SEC_OID_MD5);
-  sha1 = PK11_CreateDigestContext (SEC_OID_SHA1);
-
-  if (length >= 0) 
-    {
-    PK11_DigestBegin (md5);
-    PK11_DigestBegin (sha1);
-
-    do {
-       chunq = length;
-
-#ifdef XP_WIN16
-       if (length > CHUNQ) chunq = CHUNQ;
-
-       /*
-        *  If the block of data crosses one or more segment 
-        *  boundaries then only pass the chunk of data in the 
-        *  first segment.
-        * 
-        *  This allows the data to be treated as FAR by the
-        *  PK11_DigestOp(...) routine.
-        *
-        */
-
-       if (OFFSETOF(data) + chunq >= 0x10000) 
-         chunq = 0x10000 - OFFSETOF(data);
-#endif
-
-       PK11_DigestOp (md5,  (unsigned char*)data, chunq);
-       PK11_DigestOp (sha1, (unsigned char*)data, chunq);
-
-       length -= chunq;
-       data = ((char ZHUGEP *) data + chunq);
-       } 
-    while (length > 0);
-
-    PK11_DigestFinal (md5,  dig->md5,  &md5_length,  MD5_LENGTH);
-    PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
-    PK11_DestroyContext (md5,  PR_TRUE);
-    PK11_DestroyContext (sha1, PR_TRUE);
-    }
-
-  return dig;
-  }
-
-/*
- *  J A R _ d i g e s t _ f i l e
- *
- *  Calculates the MD5 and SHA1 digests for a file 
- *  present on disk, and returns these in JAR_Digest struct.
- *
- */
-
-int JAR_digest_file (char *filename, JAR_Digest *dig)
-    {
-    JAR_FILE fp;
-
-    int num;
-    unsigned char *buf;
-
-    PK11Context *md5 = 0;
-    PK11Context *sha1 = 0;
-
-    unsigned int md5_length, sha1_length;
-
-    buf = (unsigned char *) PORT_ZAlloc (FILECHUNQ);
-    if (buf == NULL)
-      {
-      /* out of memory */
-      return JAR_ERR_MEMORY;
-      }
- 
-    if ((fp = JAR_FOPEN (filename, "rb")) == 0)
-      {
-      /* perror (filename); FIX XXX XXX XXX XXX XXX XXX */
-      PORT_Free (buf);
-      return JAR_ERR_FNF;
-      }
-
-    md5 = PK11_CreateDigestContext (SEC_OID_MD5);
-    sha1 = PK11_CreateDigestContext (SEC_OID_SHA1);
-
-    if (md5 == NULL || sha1 == NULL) 
-      {
-      /* can't generate digest contexts */
-      PORT_Free (buf);
-      JAR_FCLOSE (fp);
-      return JAR_ERR_GENERAL;
-      }
-
-    PK11_DigestBegin (md5);
-    PK11_DigestBegin (sha1);
-
-    while (1)
-      {
-      if ((num = JAR_FREAD (fp, buf, FILECHUNQ)) == 0)
-        break;
-
-      PK11_DigestOp (md5, buf, num);
-      PK11_DigestOp (sha1, buf, num);
-      }
-
-    PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH);
-    PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
-    PK11_DestroyContext (md5, PR_TRUE);
-    PK11_DestroyContext (sha1, PR_TRUE);
-
-    PORT_Free (buf);
-    JAR_FCLOSE (fp);
-
-    return 0;
-    }
-
-/*
- *  J A R _ o p e n _ k e y _ d a t a b a s e
- *
- */
-
-void* jar_open_key_database (void)
-  {
-    return NULL;
-  }
-
-int jar_close_key_database (void *keydb)
-  {
-  /* We never do close it */
-  return 0;
-  }
-
-
-/*
- *  j a r _ c r e a t e _ p k 7
- *
- */
-
-static void jar_pk7_out (void *arg, const char *buf, unsigned long len)
-  {
-  JAR_FWRITE ((JAR_FILE) arg, buf, len);
-  }
-
-int jar_create_pk7 
-   (CERTCertDBHandle *certdb, void *keydb, 
-       CERTCertificate *cert, char *password, JAR_FILE infp, JAR_FILE outfp)
-  {
-  int nb;
-  unsigned char buffer [4096], digestdata[32];
-  const SECHashObject *hashObj;
-  void *hashcx;
-  unsigned int len;
-
-  int status = 0;
-  char *errstring;
-
-  SECItem digest;
-  SEC_PKCS7ContentInfo *cinfo;
-  SECStatus rv;
-
-  void /*MWContext*/ *mw;
-
-  if (outfp == NULL || infp == NULL || cert == NULL)
-    return JAR_ERR_GENERAL;
-
-  /* we sign with SHA */
-  hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
-  hashcx = (* hashObj->create)();
-  if (hashcx == NULL)
-    return JAR_ERR_GENERAL;
-
-  (* hashObj->begin)(hashcx);
-
-  while (1)
-    {
-    /* nspr2.0 doesn't support feof 
-       if (feof (infp)) break; */
-
-    nb = JAR_FREAD (infp, buffer, sizeof (buffer));
-    if (nb == 0) 
-      {
-#if 0
-      if (ferror(infp)) 
-        {
-        /* PORT_SetError(SEC_ERROR_IO); */ /* FIX */
-	(* hashObj->destroy) (hashcx, PR_TRUE);
-	return JAR_ERR_GENERAL;
-        }
-#endif
-      /* eof */
-      break;
-      }
-    (* hashObj->update) (hashcx, buffer, nb);
-    }
-
-  (* hashObj->end) (hashcx, digestdata, &len, 32);
-  (* hashObj->destroy) (hashcx, PR_TRUE);
-
-  digest.data = digestdata;
-  digest.len = len;
-
-  /* signtool must use any old context it can find since it's
-     calling from inside javaland. */
-
-#ifdef MOZILLA_CLIENT_OLD
-  mw = XP_FindSomeContext();
-#else
-  mw = NULL;
-#endif
-
-  PORT_SetError (0);
-
-  cinfo = SEC_PKCS7CreateSignedData 
-             (cert, certUsageObjectSigner, NULL, 
-                SEC_OID_SHA1, &digest, NULL, (void *) mw);
-
-  if (cinfo == NULL)
-    return JAR_ERR_PK7;
-
-  rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
-  if (rv != SECSuccess) 
-    {
-    status = PORT_GetError();
-    SEC_PKCS7DestroyContentInfo (cinfo);
-    return status;
-    }
-
-  /* Having this here forces signtool to always include
-     signing time. */
-
-  rv = SEC_PKCS7AddSigningTime (cinfo);
-  if (rv != SECSuccess)
-    {
-    /* don't check error */
-    }
-
-  PORT_SetError (0);
-
-#ifdef USE_MOZ_THREAD
-  /* if calling from mozilla */
-  rv = jar_moz_encode
-             (cinfo, jar_pk7_out, outfp, 
-                 NULL,  /* pwfn */ NULL,  /* pwarg */ (void *) mw);
-#else
-  /* if calling from mozilla thread*/
-  rv = SEC_PKCS7Encode 
-             (cinfo, jar_pk7_out, outfp, 
-                 NULL,  /* pwfn */ NULL,  /* pwarg */ (void *) mw):
-#endif
-
-  if (rv != SECSuccess)
-    status = PORT_GetError();
-
-  SEC_PKCS7DestroyContentInfo (cinfo);
-
-  if (rv != SECSuccess)
-    {
-    errstring = JAR_get_error (status);
-    /*XP_TRACE (("Jar signing failed (reason %d = %s)", status, errstring));*/
-    return status < 0 ? status : JAR_ERR_GENERAL;
-    }
-
-  return 0;
-  }
diff --git a/security/nss/lib/jar/jarver.c b/security/nss/lib/jar/jarver.c
deleted file mode 100644
index be974a1dd..000000000
--- a/security/nss/lib/jar/jarver.c
+++ /dev/null
@@ -1,2031 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- *  JARVER
- *
- *  Jarnature Parsing & Verification
- */
-
-#define USE_MOZ_THREAD
-
-#include "jar.h"
-#include "jarint.h"
-
-#ifdef USE_MOZ_THREAD
-#include "jarevil.h"
-#endif
-/*#include "cdbhdl.h" */
-#include "secder.h"
-
-/* to use huge pointers in win16 */
-
-#if !defined(XP_WIN16)
-#define xp_HUGE_MEMCPY PORT_Memcpy
-#define xp_HUGE_STRCPY PORT_Strcpy
-#define xp_HUGE_STRLEN PORT_Strlen
-#define xp_HUGE_STRNCASECMP PORT_Strncasecmp
-#else
-#define xp_HUGE_MEMCPY hmemcpy
-int xp_HUGE_STRNCASECMP (char ZHUGEP *buf, char *key, int len);
-size_t xp_HUGE_STRLEN (char ZHUGEP *s);
-char *xp_HUGE_STRCPY (char *to, char ZHUGEP *from);
-#endif
-
-/* from certdb.h */
-#define CERTDB_USER (1<<6)
-
-#if 0
-/* from certdb.h */
-extern PRBool SEC_CertNicknameConflict
-   (char *nickname, CERTCertDBHandle *handle);
-/* from certdb.h */
-extern SECStatus SEC_AddTempNickname
-   (CERTCertDBHandle *handle, char *nickname, SECItem *certKey);
-/* from certdb.h */
-typedef SECStatus (* PermCertCallback)(CERTCertificate *cert, SECItem *k, void *pdata);
-
-/* from certdb.h */
-SECStatus SEC_TraversePermCerts
-   (CERTCertDBHandle *handle, PermCertCallback certfunc, void *udata);
-#endif
-
-
-
-#define SZ 512
-
-static int jar_validate_pkcs7 
-     (JAR *jar, JAR_Signer *signer, char *data, long length);
-
-static void jar_catch_bytes
-     (void *arg, const char *buf, unsigned long len);
-
-static int jar_gather_signers
-     (JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo);
-
-static char ZHUGEP *jar_eat_line 
-     (int lines, int eating, char ZHUGEP *data, long *len);
-
-static JAR_Digest *jar_digest_section 
-     (char ZHUGEP *manifest, long length);
-
-static JAR_Digest *jar_get_mf_digest (JAR *jar, char *path);
-
-static int jar_parse_digital_signature 
-     (char *raw_manifest, JAR_Signer *signer, long length, JAR *jar);
-
-static int jar_add_cert
-     (JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert);
-
-static CERTCertificate *jar_get_certificate
-            (JAR *jar, long keylen, void *key, int *result);
-
-static char *jar_cert_element (char *name, char *tag, int occ);
-
-static char *jar_choose_nickname (CERTCertificate *cert);
-
-static char *jar_basename (const char *path);
-
-static int jar_signal 
-     (int status, JAR *jar, const char *metafile, char *pathname);
-
-#ifdef DEBUG
-static int jar_insanity_check (char ZHUGEP *data, long length);
-#endif
-
-int jar_parse_mf
-    (JAR *jar, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url);
-
-int jar_parse_sf
-    (JAR *jar, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url);
-
-int jar_parse_sig
-    (JAR *jar, const char *path, char ZHUGEP *raw_manifest, long length);
-
-int jar_parse_any
-    (JAR *jar, int type, JAR_Signer *signer, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url);
-
-static int jar_internal_digest 
-     (JAR *jar, const char *path, char *x_name, JAR_Digest *dig);
-
-/*
- *  J A R _ p a r s e _ m a n i f e s t
- * 
- *  Pass manifest files to this function. They are
- *  decoded and placed into internal representations.
- * 
- *  Accepts both signature and manifest files. Use
- *  the same "jar" for both. 
- *
- */
-
-int JAR_parse_manifest 
-    (JAR *jar, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url)
-  {
-
-#if defined(XP_WIN16)
-    PORT_Assert( !IsBadHugeReadPtr(raw_manifest, length) );
-#endif
-
-  /* fill in the path, if supplied. This is a the location
-     of the jar file on disk, if known */
-
-  if (jar->filename == NULL && path)
-    {
-    jar->filename = PORT_Strdup (path);
-    if (jar->filename == NULL)
-      return JAR_ERR_MEMORY;
-    }
-
-  /* fill in the URL, if supplied. This is the place
-     from which the jar file was retrieved. */
-
-  if (jar->url == NULL && url)
-    {
-    jar->url = PORT_Strdup (url);
-    if (jar->url == NULL)
-      return JAR_ERR_MEMORY;
-    }
-
-  /* Determine what kind of file this is from the META-INF 
-     directory. It could be MF, SF, or a binary RSA/DSA file */
-
-  if (!xp_HUGE_STRNCASECMP (raw_manifest, "Manifest-Version:", 17))
-    {
-    return jar_parse_mf (jar, raw_manifest, length, path, url);
-    }
-  else if (!xp_HUGE_STRNCASECMP (raw_manifest, "Signature-Version:", 18))
-    {
-    return jar_parse_sf (jar, raw_manifest, length, path, url);
-    }
-  else
-    {
-    /* This is probably a binary signature */
-    return jar_parse_sig (jar, path, raw_manifest, length);
-    }
-  }
-
-/*
- *  j a r _ p a r s e _ s i g
- *
- *  Pass some manner of RSA or DSA digital signature
- *  on, after checking to see if it comes at an appropriate state.
- *
- */
- 
-int jar_parse_sig
-    (JAR *jar, const char *path, char ZHUGEP *raw_manifest, long length)
-  {
-  JAR_Signer *signer;
-  int status = JAR_ERR_ORDER;
-
-  if (length <= 128) 
-    {
-    /* signature is way too small */
-    return JAR_ERR_SIG;
-    }
-
-  /* make sure that MF and SF have already been processed */
-
-  if (jar->globalmeta == NULL)
-    return JAR_ERR_ORDER;
-
-#if 0
-  /* XXX Turn this on to disable multiple signers */
-  if (jar->digest == NULL)
-    return JAR_ERR_ORDER;
-#endif
-
-  /* Determine whether or not this RSA file has
-     has an associated SF file */
-
-  if (path)
-    {
-    char *owner;
-    owner = jar_basename (path);
-
-    if (owner == NULL)
-      return JAR_ERR_MEMORY;
-
-    signer = jar_get_signer (jar, owner);
-
-    PORT_Free (owner);
-    }
-  else
-    signer = jar_get_signer (jar, "*");
-
-  if (signer == NULL)
-    return JAR_ERR_ORDER;
-
-
-  /* Do not pass a huge pointer to this function,
-     since the underlying security code is unaware. We will
-     never pass >64k through here. */
-
-  if (length > 64000)
-    {
-    /* this digital signature is way too big */
-    return JAR_ERR_SIG;
-    }
-
-#ifdef XP_WIN16
-  /*
-   * For Win16, copy the portion of the raw_buffer containing the digital 
-   * signature into another buffer...  This insures that the data will
-   * NOT cross a segment boundary.  Therefore, 
-   * jar_parse_digital_signature(...) does NOT need to deal with HUGE 
-   * pointers...
-   */
-
-    {
-    unsigned char *manifest_copy;
-
-    manifest_copy = (unsigned char *) PORT_ZAlloc (length);
-    if (manifest_copy)
-      {
-      xp_HUGE_MEMCPY (manifest_copy, raw_manifest, length);
-
-      status = jar_parse_digital_signature 
-                  (manifest_copy, signer, length, jar);
-
-      PORT_Free (manifest_copy);
-      }
-    else
-      {
-      /* out of memory */
-      return JAR_ERR_MEMORY;
-      }
-    }
-#else
-  /* don't expense unneeded calloc overhead on non-win16 */
-  status = jar_parse_digital_signature 
-                (raw_manifest, signer, length, jar);
-#endif
-
-  return status;
-  }
-
-/*
- *  j a r _ p a r s e _ m f
- *
- *  Parse the META-INF/manifest.mf file, whose
- *  information applies to all signers.
- *
- */
-
-int jar_parse_mf
-    (JAR *jar, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url)
-  {
-  if (jar->globalmeta)
-    {
-    /* refuse a second manifest file, if passed for some reason */
-    return JAR_ERR_ORDER;
-    }
-
-
-  /* remember a digest for the global section */
-
-  jar->globalmeta = jar_digest_section (raw_manifest, length);
-
-  if (jar->globalmeta == NULL)
-    return JAR_ERR_MEMORY;
-
-
-  return jar_parse_any 
-    (jar, jarTypeMF, NULL, raw_manifest, length, path, url);
-  }
-
-/*
- *  j a r _ p a r s e _ s f
- *
- *  Parse META-INF/xxx.sf, a digitally signed file
- *  pointing to a subset of MF sections. 
- *
- */
-
-int jar_parse_sf
-    (JAR *jar, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url)
-  {
-  JAR_Signer *signer = NULL;
-  int status = JAR_ERR_MEMORY;
-
-  if (jar->globalmeta == NULL)
-    {
-    /* It is a requirement that the MF file be passed before the SF file */
-    return JAR_ERR_ORDER;
-    }
-
-  signer = JAR_new_signer();
-
-  if (signer == NULL)
-    goto loser;
-
-  if (path)
-    {
-    signer->owner = jar_basename (path);
-    if (signer->owner == NULL)
-      goto loser;
-    }
-
-
-  /* check for priors. When someone doctors a jar file
-     to contain identical path entries, prevent the second
-     one from affecting JAR functions */
-
-  if (jar_get_signer (jar, signer->owner))
-    {
-    /* someone is trying to spoof us */
-    status = JAR_ERR_ORDER;
-    goto loser;
-    }
-
-
-  /* remember its digest */
-
-  signer->digest = JAR_calculate_digest (raw_manifest, length);
-
-  if (signer->digest == NULL)
-    goto loser;
-
-  /* Add this signer to the jar */
-
-  ADDITEM (jar->signers, jarTypeOwner, 
-     signer->owner, signer, sizeof (JAR_Signer));
-
-
-  return jar_parse_any 
-    (jar, jarTypeSF, signer, raw_manifest, length, path, url);
-
-loser:
-
-  if (signer)
-    JAR_destroy_signer (signer);
-
-  return status;
-  }
-
-/* 
- *  j a r _ p a r s e _ a n y
- *
- *  Parse a MF or SF manifest file. 
- *
- */
- 
-int jar_parse_any
-    (JAR *jar, int type, JAR_Signer *signer, char ZHUGEP *raw_manifest, 
-        long length, const char *path, const char *url)
-  {
-  int status;
-
-  long raw_len;
-
-  JAR_Digest *dig, *mfdig = NULL;
-
-  char line [SZ];
-  char x_name [SZ], x_md5 [SZ], x_sha [SZ];
-
-  char *x_info;
-
-  char *sf_md5 = NULL, *sf_sha1 = NULL;
-
-  *x_name = 0;
-  *x_md5 = 0;
-  *x_sha = 0;
-
-  PORT_Assert( length > 0 );
-  raw_len = length;
-
-#ifdef DEBUG
-  if ((status = jar_insanity_check (raw_manifest, raw_len)) < 0)
-    return status;
-#endif
-
-
-  /* null terminate the first line */
-  raw_manifest = jar_eat_line (0, PR_TRUE, raw_manifest, &raw_len);
-
-
-  /* skip over the preliminary section */
-  /* This is one section at the top of the file with global metainfo */
-
-  while (raw_len)
-    {
-    JAR_Metainfo *met;
-
-    raw_manifest = jar_eat_line (1, PR_TRUE, raw_manifest, &raw_len);
-    if (!*raw_manifest) break;
-
-    met = (JAR_Metainfo*)PORT_ZAlloc (sizeof (JAR_Metainfo));
-    if (met == NULL)
-      return JAR_ERR_MEMORY;
-
-    /* Parse out the header & info */
-
-    if (xp_HUGE_STRLEN (raw_manifest) >= SZ)
-      {
-      /* almost certainly nonsense */
-      continue;
-      }
-
-    xp_HUGE_STRCPY (line, raw_manifest);
-    x_info = line;
-
-    while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
-      x_info++;
-
-    if (*x_info) *x_info++ = 0;
-
-    while (*x_info == ' ' || *x_info == '\t')
-      x_info++;
-
-    /* metainfo (name, value) pair is now (line, x_info) */
-
-    met->header = PORT_Strdup (line);
-    met->info = PORT_Strdup (x_info);
-
-    if (type == jarTypeMF)
-      {
-      ADDITEM (jar->metainfo, jarTypeMeta, 
-         /* pathname */ NULL, met, sizeof (JAR_Metainfo));
-      }
-
-    /* For SF files, this metadata may be the digests
-       of the MF file, still in the "met" structure. */
-
-    if (type == jarTypeSF)
-      {
-      if (!PORT_Strcasecmp (line, "MD5-Digest"))
-        sf_md5 = (char *) met->info;
-
-      if (!PORT_Strcasecmp (line, "SHA1-Digest") || !PORT_Strcasecmp (line, "SHA-Digest"))
-        sf_sha1 = (char *) met->info;
-      }
-    }
-
-  if (type == jarTypeSF && jar->globalmeta)
-    {
-    /* this is a SF file which may contain a digest of the manifest.mf's 
-       global metainfo. */
-
-    int match = 0;
-    JAR_Digest *glob = jar->globalmeta;
-
-    if (sf_md5)
-      {
-      unsigned int md5_length;
-      unsigned char *md5_digest;
-
-      md5_digest = ATOB_AsciiToData (sf_md5, &md5_length);
-      PORT_Assert( md5_length == MD5_LENGTH );
-
-      if (md5_length != MD5_LENGTH)
-        return JAR_ERR_CORRUPT;
-
-      match = PORT_Memcmp (md5_digest, glob->md5, MD5_LENGTH);
-      }
-
-    if (sf_sha1 && match == 0)
-      {
-      unsigned int sha1_length;
-      unsigned char *sha1_digest;
-
-      sha1_digest = ATOB_AsciiToData (sf_sha1, &sha1_length);
-      PORT_Assert( sha1_length == SHA1_LENGTH );
-
-      if (sha1_length != SHA1_LENGTH)
-        return JAR_ERR_CORRUPT;
-
-      match = PORT_Memcmp (sha1_digest, glob->sha1, SHA1_LENGTH);
-      }
-
-    if (match != 0)
-      {
-      /* global digest doesn't match, SF file therefore invalid */
-      jar->valid = JAR_ERR_METADATA;
-      return JAR_ERR_METADATA;
-      }
-    }
-
-  /* done with top section of global data */
-
-
-  while (raw_len)
-    {
-    *x_md5 = 0;
-    *x_sha = 0;
-    *x_name = 0;
-
-
-    /* If this is a manifest file, attempt to get a digest of the following section, 
-       without damaging it. This digest will be saved later. */
-
-    if (type == jarTypeMF)
-      {
-      char ZHUGEP *sec;
-      long sec_len = raw_len;
-
-      if (!*raw_manifest || *raw_manifest == '\n')
-        {     
-        /* skip the blank line */ 
-        sec = jar_eat_line (1, PR_FALSE, raw_manifest, &sec_len);
-        }
-      else
-        sec = raw_manifest;
-
-      if (!xp_HUGE_STRNCASECMP (sec, "Name:", 5))
-        {
-        if (type == jarTypeMF)
-          mfdig = jar_digest_section (sec, sec_len);
-        else
-          mfdig = NULL;
-        }
-      }
-
-
-    while (raw_len)
-      {
-      raw_manifest = jar_eat_line (1, PR_TRUE, raw_manifest, &raw_len);
-      if (!*raw_manifest) break; /* blank line, done with this entry */
-
-      if (xp_HUGE_STRLEN (raw_manifest) >= SZ)
-        {
-        /* almost certainly nonsense */
-        continue;
-        }
-
-
-      /* Parse out the name/value pair */
-
-      xp_HUGE_STRCPY (line, raw_manifest);
-      x_info = line;
-
-      while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
-        x_info++;
-
-      if (*x_info) *x_info++ = 0;
-
-      while (*x_info == ' ' || *x_info == '\t') 
-        x_info++;
-
-
-      if (!PORT_Strcasecmp (line, "Name"))
-        PORT_Strcpy (x_name, x_info);
-
-      else if (!PORT_Strcasecmp (line, "MD5-Digest"))
-        PORT_Strcpy (x_md5, x_info);
-
-      else if (!PORT_Strcasecmp (line, "SHA1-Digest") 
-                  || !PORT_Strcasecmp (line, "SHA-Digest"))
-        {
-        PORT_Strcpy (x_sha, x_info);
-        }
-
-      /* Algorithm list is meta info we don't care about; keeping it out
-         of metadata saves significant space for large jar files */
-
-      else if (!PORT_Strcasecmp (line, "Digest-Algorithms")
-                    || !PORT_Strcasecmp (line, "Hash-Algorithms"))
-        {
-        continue;
-        }
-
-      /* Meta info is only collected for the manifest.mf file,
-         since the JAR_get_metainfo call does not support identity */
-
-      else if (type == jarTypeMF)
-        {
-        JAR_Metainfo *met;
-
-        /* this is meta-data */
-
-        met = (JAR_Metainfo*)PORT_ZAlloc (sizeof (JAR_Metainfo));
-
-        if (met == NULL)
-          return JAR_ERR_MEMORY;
-
-        /* metainfo (name, value) pair is now (line, x_info) */
-
-        if ((met->header = PORT_Strdup (line)) == NULL)
-          return JAR_ERR_MEMORY;
-
-        if ((met->info = PORT_Strdup (x_info)) == NULL)
-          return JAR_ERR_MEMORY;
-
-        ADDITEM (jar->metainfo, jarTypeMeta, 
-           x_name, met, sizeof (JAR_Metainfo));
-        }
-      }
-
-	if(!x_name || !*x_name) {
-		/* Whatever that was, it wasn't an entry, because we didn't get a name.
-		 * We don't really have anything, so don't record this. */
-		continue;
-	}
-
-    dig = (JAR_Digest*)PORT_ZAlloc (sizeof (JAR_Digest));
-    if (dig == NULL)
-      return JAR_ERR_MEMORY;
-
-    if (*x_md5 ) 
-      {
-      unsigned int binary_length;
-      unsigned char *binary_digest;
-
-      binary_digest = ATOB_AsciiToData (x_md5, &binary_length);
-      PORT_Assert( binary_length == MD5_LENGTH );
-
-      if (binary_length != MD5_LENGTH)
-        return JAR_ERR_CORRUPT;
-
-      memcpy (dig->md5, binary_digest, MD5_LENGTH);
-      dig->md5_status = jarHashPresent;
-      }
-
-    if (*x_sha ) 
-      {
-      unsigned int binary_length;
-      unsigned char *binary_digest;
-
-      binary_digest = ATOB_AsciiToData (x_sha, &binary_length);
-      PORT_Assert( binary_length == SHA1_LENGTH );
-
-      if (binary_length != SHA1_LENGTH)
-        return JAR_ERR_CORRUPT;
-
-      memcpy (dig->sha1, binary_digest, SHA1_LENGTH);
-      dig->sha1_status = jarHashPresent;
-      }
-
-    PORT_Assert( type == jarTypeMF || type == jarTypeSF );
-
-
-    if (type == jarTypeMF)
-      {
-      ADDITEM (jar->hashes, jarTypeMF, x_name, dig, sizeof (JAR_Digest));
-      }
-    else if (type == jarTypeSF)
-      {
-      ADDITEM (signer->sf, jarTypeSF, x_name, dig, sizeof (JAR_Digest));
-      }
-    else
-      return JAR_ERR_ORDER;
-
-    /* we're placing these calculated digests of manifest.mf 
-       sections in a list where they can subsequently be forgotten */
-
-    if (type == jarTypeMF && mfdig)
-      {
-      ADDITEM (jar->manifest, jarTypeSect, 
-         x_name, mfdig, sizeof (JAR_Digest));
-
-      mfdig = NULL;
-      }
-
-
-    /* Retrieve our saved SHA1 digest from saved copy and check digests.
-       This is just comparing the digest of the MF section as indicated in
-       the SF file with the one we remembered from parsing the MF file */
-
-    if (type == jarTypeSF)
-      {
-      if ((status = jar_internal_digest (jar, path, x_name, dig)) < 0)
-        return status;
-      }
-    }
-
-  return 0;
-  }
-
-static int jar_internal_digest 
-     (JAR *jar, const char *path, char *x_name, JAR_Digest *dig)
-  {
-  int cv;
-  int status;
-
-  JAR_Digest *savdig;
-
-  savdig = jar_get_mf_digest (jar, x_name);
-
-  if (savdig == NULL)
-    {
-    /* no .mf digest for this pathname */
-    status = jar_signal (JAR_ERR_ENTRY, jar, path, x_name);
-    if (status < 0) 
-      return 0; /* was continue; */
-    else 
-      return status;
-    }
-
-  /* check for md5 consistency */
-  if (dig->md5_status)
-    {
-    cv = PORT_Memcmp (savdig->md5, dig->md5, MD5_LENGTH);
-    /* md5 hash of .mf file is not what expected */
-    if (cv) 
-      {
-      status = jar_signal (JAR_ERR_HASH, jar, path, x_name);
-
-      /* bad hash, man */
-
-      dig->md5_status = jarHashBad;
-      savdig->md5_status = jarHashBad;
-
-      if (status < 0) 
-        return 0; /* was continue; */
-      else 
-        return status;
-      }
-    }
-
-  /* check for sha1 consistency */
-  if (dig->sha1_status)
-    {
-    cv = PORT_Memcmp (savdig->sha1, dig->sha1, SHA1_LENGTH);
-    /* sha1 hash of .mf file is not what expected */
-    if (cv) 
-      {
-      status = jar_signal (JAR_ERR_HASH, jar, path, x_name);
-
-      /* bad hash, man */
-
-      dig->sha1_status = jarHashBad;
-      savdig->sha1_status = jarHashBad;
-
-      if (status < 0)
-        return 0; /* was continue; */
-      else
-        return status;
-      }
-    }
-	return 0;
-  }
-
-#ifdef DEBUG
-/*
- *  j a r _ i n s a n i t y _ c h e c k
- *
- *  Check for illegal characters (or possibly so)
- *  in the manifest files, to detect potential memory
- *  corruption by our neighbors. Debug only, since
- *  not I18N safe.
- * 
- */
-
-static int jar_insanity_check (char ZHUGEP *data, long length)
-  {
-  int c;
-  long off;
-
-  for (off = 0; off < length; off++)
-    {
-    c = data [off];
-
-    if (c == '\n' || c == '\r' || (c >= ' ' && c <= 128))
-      continue;
-
-    return JAR_ERR_CORRUPT;
-    }
-
-  return 0;
-  }
-#endif
-
-/*
- *  j a r _ p a r s e _ d i g i t a l _ s i g n a t u r e
- *
- *  Parse an RSA or DSA (or perhaps other) digital signature.
- *  Right now everything is PKCS7.
- *
- */
-
-static int jar_parse_digital_signature 
-     (char *raw_manifest, JAR_Signer *signer, long length, JAR *jar)
-  {
-#if defined(XP_WIN16)
-  PORT_Assert( LOWORD(raw_manifest) + length < 0xFFFF );
-#endif
-  return jar_validate_pkcs7 (jar, signer, raw_manifest, length);
-  }
-
-/*
- *  j a r _ a d d _ c e r t
- * 
- *  Add information for the given certificate
- *  (or whatever) to the JAR linked list. A pointer
- *  is passed for some relevant reference, say
- *  for example the original certificate.
- *
- */
-
-static int jar_add_cert
-     (JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert)
-  {
-  JAR_Cert *fing;
-  unsigned char *keyData;
-
-  if (cert == NULL)
-    return JAR_ERR_ORDER;
-
-  fing = (JAR_Cert*)PORT_ZAlloc (sizeof (JAR_Cert));
-
-  if (fing == NULL)
-    goto loser;
-
-#ifdef USE_MOZ_THREAD
-  fing->cert = jar_moz_dup (cert);
-#else
-  fing->cert = CERT_DupCertificate (cert);
-#endif
-
-  /* get the certkey */
-
-  fing->length = cert->derIssuer.len + 2 + cert->serialNumber.len;
-
-  keyData = (unsigned char *) PORT_ZAlloc (fing->length);
-  fing->key = keyData;
-
-  if (fing->key == NULL)
-    goto loser;
-  keyData[0] = ((cert->derIssuer.len) >> 8) & 0xff;
-  keyData[1] = ((cert->derIssuer.len) & 0xff);
-  PORT_Memcpy (&keyData[2], cert->derIssuer.data, cert->derIssuer.len);
-  PORT_Memcpy (&keyData[2+cert->derIssuer.len], cert->serialNumber.data,
-						 cert->serialNumber.len);
-
-  ADDITEM (signer->certs, type, 
-    /* pathname */ NULL, fing, sizeof (JAR_Cert));
-
-  return 0;
-
-loser:
-
-  if (fing)
-    {
-    if (fing->cert) 
-      CERT_DestroyCertificate (fing->cert);
-
-    PORT_Free (fing);
-    }
-
-  return JAR_ERR_MEMORY;
-  }
-
-/*
- *  e a t _ l i n e 
- *
- *  Consume an ascii line from the top of a file kept
- *  in memory. This destroys the file in place. This function
- *  handles PC, Mac, and Unix style text files.
- *
- */
-
-static char ZHUGEP *jar_eat_line 
-    (int lines, int eating, char ZHUGEP *data, long *len)
-  {
-  char ZHUGEP *ret;
-
-  ret = data;
-  if (!*len) return ret;
-
-  /* Eat the requisite number of lines, if any; 
-     prior to terminating the current line with a 0. */
-
-  for (/* yip */ ; lines; lines--)
-    {
-    while (*data && *data != '\n')
-      data++;
-
-    /* After the CR, ok to eat one LF */
-
-    if (*data == '\n')
-      data++;
-
-    /* If there are zeros, we put them there */
-
-    while (*data == 0 && data - ret < *len)
-      data++;
-    }
-
-  *len -= data - ret;
-  ret = data;
-
-  if (eating)
-    {
-    /* Terminate this line with a 0 */ 
-
-    while (*data && *data != '\n' && *data != '\r')
-      data++;
-
-    /* In any case we are allowed to eat CR */
-
-    if (*data == '\r')
-      *data++ = 0;
-
-    /* After the CR, ok to eat one LF */
-
-    if (*data == '\n')
-      *data++ = 0;
-    }
-
-  return ret;
-  }
-
-/*
- *  j a r _ d i g e s t _ s e c t i o n
- *
- *  Return the digests of the next section of the manifest file.
- *  Does not damage the manifest file, unlike parse_manifest.
- * 
- */
-
-static JAR_Digest *jar_digest_section 
-    (char ZHUGEP *manifest, long length)
-  {
-  long global_len;
-  char ZHUGEP *global_end;
-
-  global_end = manifest;
-  global_len = length;
-
-  while (global_len)
-    {
-    global_end = jar_eat_line (1, PR_FALSE, global_end, &global_len);
-    if (*global_end == 0 || *global_end == '\n')
-      break;
-    }
-
-  return JAR_calculate_digest (manifest, global_end - manifest);
-  }
-
-/*
- *  J A R _ v e r i f y _ d i g e s t
- *
- *  Verifies that a precalculated digest matches the
- *  expected value in the manifest.
- *
- */
-
-int PR_CALLBACK JAR_verify_digest
-    (JAR *jar, const char *name, JAR_Digest *dig)
-  {
-  JAR_Item *it;
-
-  JAR_Digest *shindig;
-
-  ZZLink *link;
-  ZZList *list;
-
-  int result1, result2;
-
-  list = jar->hashes;
-
-  result1 = result2 = 0;
-
-  if (jar->valid < 0)
-    {
-    /* signature not valid */
-    return JAR_ERR_SIG;
-    }
-
-  if (ZZ_ListEmpty (list))
-    {
-    /* empty list */
-    return JAR_ERR_PNF;
-    }
-
-  for (link = ZZ_ListHead (list); 
-       !ZZ_ListIterDone (list, link); 
-       link = link->next)
-    {
-    it = link->thing;
-    if (it->type == jarTypeMF 
-           && it->pathname && !PORT_Strcmp (it->pathname, name))
-      {
-      shindig = (JAR_Digest *) it->data;
-
-      if (shindig->md5_status)
-        {
-        if (shindig->md5_status == jarHashBad)
-          return JAR_ERR_HASH;
-        else
-          result1 = memcmp (dig->md5, shindig->md5, MD5_LENGTH);
-        }
-
-      if (shindig->sha1_status)
-        {
-        if (shindig->sha1_status == jarHashBad)
-          return JAR_ERR_HASH;
-        else
-          result2 = memcmp (dig->sha1, shindig->sha1, SHA1_LENGTH);
-        }
-
-      return (result1 == 0 && result2 == 0) ? 0 : JAR_ERR_HASH;
-      }
-    }
-
-  return JAR_ERR_PNF;
-  }
-
-/* 
- *  J A R _ c e r t _ a t t r i b u t e
- *
- *  Return the named certificate attribute from the
- *  certificate specified by the given key.
- *
- */
-
-int PR_CALLBACK JAR_cert_attribute
-    (JAR *jar, jarCert attrib, long keylen, void *key, 
-        void **result, unsigned long *length)
-  {
-  int status = 0;
-  char *ret = NULL;
-
-  CERTCertificate *cert;
-
-  CERTCertDBHandle *certdb;
-
-  JAR_Digest *dig;
-  SECItem hexme;
-
-  *length = 0;
-
-  if (attrib == 0 || key == 0)
-    return JAR_ERR_GENERAL;
-
-  if (attrib == jarCertJavaHack)
-    {
-    cert = (CERTCertificate *) NULL;
-    certdb = JAR_open_database();
-
-    if (certdb)
-      {
-#ifdef USE_MOZ_THREAD
-      cert = jar_moz_nickname (certdb, (char*)key);
-#else
-      cert = CERT_FindCertByNickname (certdb, key);
-#endif
-
-      if (cert)
-        {
-        *length = cert->certKey.len;
-
-        *result = (void *) PORT_ZAlloc (*length);
-
-        if (*result)
-          PORT_Memcpy (*result, cert->certKey.data, *length);
-        else
-          return JAR_ERR_MEMORY;
-        }
-      JAR_close_database (certdb);
-      }
-
-    return cert ? 0 : JAR_ERR_GENERAL;
-    }
-
-  if (jar && jar->pkcs7 == 0)
-    return JAR_ERR_GENERAL;
-
-  cert = jar_get_certificate (jar, keylen, key, &status);
-
-  if (cert == NULL || status < 0)
-    return JAR_ERR_GENERAL;
-
-#define SEP " <br> "
-#define SEPLEN (PORT_Strlen(SEP))
-
-  switch (attrib)
-    {
-    case jarCertCompany:
-
-      ret = cert->subjectName;
-
-      /* This is pretty ugly looking but only used
-         here for this one purpose. */
-
-      if (ret)
-        {
-        int retlen = 0;
-
-        char *cer_ou1, *cer_ou2, *cer_ou3;
-	char *cer_cn, *cer_e, *cer_o, *cer_l;
-
-	cer_cn  = CERT_GetCommonName (&cert->subject);
-        cer_e   = CERT_GetCertEmailAddress (&cert->subject);
-        cer_ou3 = jar_cert_element (ret, "OU=", 3);
-        cer_ou2 = jar_cert_element (ret, "OU=", 2);
-        cer_ou1 = jar_cert_element (ret, "OU=", 1);
-        cer_o   = CERT_GetOrgName (&cert->subject);
-        cer_l   = CERT_GetCountryName (&cert->subject);
-
-        if (cer_cn)  retlen += SEPLEN + PORT_Strlen (cer_cn);
-        if (cer_e)   retlen += SEPLEN + PORT_Strlen (cer_e);
-        if (cer_ou1) retlen += SEPLEN + PORT_Strlen (cer_ou1);
-        if (cer_ou2) retlen += SEPLEN + PORT_Strlen (cer_ou2);
-        if (cer_ou3) retlen += SEPLEN + PORT_Strlen (cer_ou3);
-        if (cer_o)   retlen += SEPLEN + PORT_Strlen (cer_o);
-        if (cer_l)   retlen += SEPLEN + PORT_Strlen (cer_l);
-
-        ret = (char *) PORT_ZAlloc (1 + retlen);
-
-        if (cer_cn)  { PORT_Strcpy (ret, cer_cn);  PORT_Strcat (ret, SEP); }
-        if (cer_e)   { PORT_Strcat (ret, cer_e);   PORT_Strcat (ret, SEP); }
-        if (cer_ou1) { PORT_Strcat (ret, cer_ou1); PORT_Strcat (ret, SEP); }
-        if (cer_ou2) { PORT_Strcat (ret, cer_ou2); PORT_Strcat (ret, SEP); }
-        if (cer_ou3) { PORT_Strcat (ret, cer_ou3); PORT_Strcat (ret, SEP); }
-        if (cer_o)   { PORT_Strcat (ret, cer_o);   PORT_Strcat (ret, SEP); }
-        if (cer_l)     PORT_Strcat (ret, cer_l);
-
-	/* return here to avoid unsightly memory leak */
-
-        *result = ret;
-        *length = PORT_Strlen (ret);
-
-        return 0;
-        }
-      break;
-
-    case jarCertCA:
-
-      ret = cert->issuerName;
-
-      if (ret)
-        {
-        int retlen = 0;
-
-        char *cer_ou1, *cer_ou2, *cer_ou3;
-	char *cer_cn, *cer_e, *cer_o, *cer_l;
-
-        /* This is pretty ugly looking but only used
-           here for this one purpose. */
-
-	cer_cn  = CERT_GetCommonName (&cert->issuer);
-        cer_e   = CERT_GetCertEmailAddress (&cert->issuer);
-        cer_ou3 = jar_cert_element (ret, "OU=", 3);
-        cer_ou2 = jar_cert_element (ret, "OU=", 2);
-        cer_ou1 = jar_cert_element (ret, "OU=", 1);
-        cer_o   = CERT_GetOrgName (&cert->issuer);
-        cer_l   = CERT_GetCountryName (&cert->issuer);
-
-        if (cer_cn)  retlen += SEPLEN + PORT_Strlen (cer_cn);
-        if (cer_e)   retlen += SEPLEN + PORT_Strlen (cer_e);
-        if (cer_ou1) retlen += SEPLEN + PORT_Strlen (cer_ou1);
-        if (cer_ou2) retlen += SEPLEN + PORT_Strlen (cer_ou2);
-        if (cer_ou3) retlen += SEPLEN + PORT_Strlen (cer_ou3);
-        if (cer_o)   retlen += SEPLEN + PORT_Strlen (cer_o);
-        if (cer_l)   retlen += SEPLEN + PORT_Strlen (cer_l);
-
-        ret = (char *) PORT_ZAlloc (1 + retlen);
-
-        if (cer_cn)  { PORT_Strcpy (ret, cer_cn);  PORT_Strcat (ret, SEP); }
-        if (cer_e)   { PORT_Strcat (ret, cer_e);   PORT_Strcat (ret, SEP); }
-        if (cer_ou1) { PORT_Strcat (ret, cer_ou1); PORT_Strcat (ret, SEP); }
-        if (cer_ou2) { PORT_Strcat (ret, cer_ou2); PORT_Strcat (ret, SEP); }
-        if (cer_ou3) { PORT_Strcat (ret, cer_ou3); PORT_Strcat (ret, SEP); }
-        if (cer_o)   { PORT_Strcat (ret, cer_o);   PORT_Strcat (ret, SEP); }
-        if (cer_l)     PORT_Strcat (ret, cer_l);
-
-	/* return here to avoid unsightly memory leak */
-
-        *result = ret;
-        *length = PORT_Strlen (ret);
-
-        return 0;
-        }
-
-      break;
-
-    case jarCertSerial:
-
-      ret = CERT_Hexify (&cert->serialNumber, 1);
-      break;
-
-    case jarCertExpires:
-
-      ret = DER_UTCDayToAscii (&cert->validity.notAfter);
-      break;
-
-    case jarCertNickname:
-
-      ret = jar_choose_nickname (cert);
-      break;
-
-    case jarCertFinger:
-
-      dig = JAR_calculate_digest 
-         ((char *) cert->derCert.data, cert->derCert.len);
-
-      if (dig)
-        {
-        hexme.len = sizeof (dig->md5);
-        hexme.data = dig->md5;
-        ret = CERT_Hexify (&hexme, 1);
-        }
-      break;
-
-    default:
-
-      return JAR_ERR_GENERAL;
-    }
-
-  *result = ret ? PORT_Strdup (ret) : NULL;
-  *length = ret ? PORT_Strlen (ret) : 0;
-
-  return 0;
-  }
-
-/* 
- *  j a r  _ c e r t _ e l e m e n t
- *
- *  Retrieve an element from an x400ish ascii
- *  designator, in a hackish sort of way. The right
- *  thing would probably be to sort AVATags.
- *
- */
-
-static char *jar_cert_element (char *name, char *tag, int occ)
-  {
-  if (name && tag)
-    {
-    char *s;
-    int found = 0;
-
-    while (occ--)
-      {
-      if (PORT_Strstr (name, tag))
-        {
-        name = PORT_Strstr (name, tag) + PORT_Strlen (tag);
-        found = 1;
-        }
-      else
-        {
-        name = PORT_Strstr (name, "=");
-        if (name == NULL) return NULL;
-        found = 0;
-        }
-      }
-
-    if (!found) return NULL;
-
-    /* must mangle only the copy */
-    name = PORT_Strdup (name);
-
-    /* advance to next equal */
-    for (s = name; *s && *s != '='; s++)
-      /* yip */ ;
-
-    /* back up to previous comma */
-    while (s > name && *s != ',') s--;
-
-    /* zap the whitespace and return */
-    *s = 0;
-    }
-
-  return name;
-  }
-
-/* 
- *  j a r _ c h o o s e _ n i c k n a m e
- *
- *  Attempt to determine a suitable nickname for
- *  a certificate with a computer-generated "tmpcertxxx" 
- *  nickname. It needs to be something a user can
- *  understand, so try a few things.
- *
- */
-
-static char *jar_choose_nickname (CERTCertificate *cert)
-  {
-  char *cert_cn;
-  char *cert_o;
-  char *cert_cn_o;
-
-  int cn_o_length;
-
-  /* is the existing name ok */
-
-  if (cert->nickname && PORT_Strncmp (cert->nickname, "tmpcert", 7))
-    return PORT_Strdup (cert->nickname);
-
-  /* we have an ugly name here people */
-
-  /* Try the CN */
-  cert_cn = CERT_GetCommonName (&cert->subject);
-
-  if (cert_cn)
-    {
-    /* check for duplicate nickname */
-
-#ifdef USE_MOZ_THREAD
-    if (jar_moz_nickname (CERT_GetDefaultCertDB(), cert_cn) == NULL)
-#else
-    if (CERT_FindCertByNickname (CERT_GetDefaultCertDB(), cert_cn) == NULL)
-#endif
-      return cert_cn;
-
-    /* Try the CN plus O */
-    cert_o = CERT_GetOrgName (&cert->subject);
-
-    cn_o_length = PORT_Strlen (cert_cn) + 3 + PORT_Strlen (cert_o) + 20;
-    cert_cn_o = (char*)PORT_ZAlloc (cn_o_length);
-
-    PR_snprintf (cert_cn_o, cn_o_length, 
-           "%s's %s Certificate", cert_cn, cert_o);
-
-#ifdef USE_MOZ_THREAD
-    if (jar_moz_nickname (CERT_GetDefaultCertDB(), cert_cn_o) == NULL)
-#else
-    if (CERT_FindCertByNickname (CERT_GetDefaultCertDB(), cert_cn_o) == NULL)
-#endif
-      return cert_cn;
-    }
-
-  /* If all that failed, use the ugly nickname */
-  return cert->nickname ? PORT_Strdup (cert->nickname) : NULL;
-  }
-
-/*
- *  J A R _ c e r t _ h t m l 
- *
- *  Return an HTML representation of the certificate
- *  designated by the given fingerprint, in specified style.
- *
- *  JAR is optional, but supply it if you can in order
- *  to optimize.
- *
- */
-
-char *JAR_cert_html
-    (JAR *jar, int style, long keylen, void *key, int *result)
-  {
-  char *html;
-  CERTCertificate *cert;
-
-  *result = -1;
-
-  if (style != 0)
-    return NULL;
-
-  cert = jar_get_certificate (jar, keylen, key, result);
-
-  if (cert == NULL || *result < 0)
-    return NULL;
-
-  *result = 0;
-
-  html = CERT_HTMLCertInfo (cert, /* show images */ PR_TRUE,
-		/*show issuer*/PR_TRUE);
-
-  if (html == NULL)
-    *result = -1;
-
-  return html;
-  }
-
-/*
- *  J A R _ s t a s h _ c e r t
- *
- *  Stash the certificate pointed to by this
- *  fingerprint, in persistent storage somewhere.
- *
- */
-
-extern int PR_CALLBACK JAR_stash_cert
-    (JAR *jar, long keylen, void *key)
-  {
-  int result = 0;
-
-  char *nickname;
-  CERTCertTrust trust;
-
-  CERTCertDBHandle *certdb;
-  CERTCertificate *cert, *newcert;
-
-  cert = jar_get_certificate (jar, keylen, key, &result);
-
-  if (result < 0)
-    return result;
-
-  if (cert == NULL)
-    return JAR_ERR_GENERAL;
-
-  if ((certdb = JAR_open_database()) == NULL)
-    return JAR_ERR_GENERAL;
-
-  /* Attempt to give a name to the newish certificate */
-  nickname = jar_choose_nickname (cert);
-
-#ifdef USE_MOZ_THREAD
-  newcert = jar_moz_nickname (certdb, nickname);
-#else
-  newcert = CERT_FindCertByNickname (certdb, nickname);
-#endif
-
-  if (newcert && newcert->isperm) 
-    {
-    /* already in permanant database */
-    return 0;
-    }
-
-  if (newcert) cert = newcert;
-
-  /* FIX, since FindCert returns a bogus dbhandle
-     set it ourselves */
-
-  cert->dbhandle = certdb;
-
-#if 0
-  nickname = cert->subjectName;
-  if (nickname)
-    {
-    /* Not checking for a conflict here. But this should
-       be a new cert or it would have been found earlier. */
-
-    nickname = jar_cert_element (nickname, "CN=", 1);
-
-    if (SEC_CertNicknameConflict (nickname, cert->dbhandle))
-      {
-      /* conflict */
-      nickname = PORT_Realloc (&nickname, PORT_Strlen (nickname) + 3);
-
-      /* Beyond one copy, there are probably serious problems 
-         so we will stop at two rather than counting.. */
-
-      PORT_Strcat (nickname, " #2");
-      }
-    }
-#endif
-
-  if (nickname != NULL)
-    {
-    PORT_Memset ((void *) &trust, 0, sizeof(trust));
-
-#ifdef USE_MOZ_THREAD
-    if (jar_moz_perm (cert, nickname, &trust) != SECSuccess) 
-#else
-    if (CERT_AddTempCertToPerm (cert, nickname, &trust) != SECSuccess) 
-#endif
-      {
-      /* XXX might want to call PORT_GetError here */
-      result = JAR_ERR_GENERAL;
-      }
-    }
-
-  JAR_close_database (certdb);
-
-  return result;
-  }
-
-/*
- *  J A R _ f e t c h _ c e r t
- *
- *  Given an opaque identifier of a certificate, 
- *  return the full certificate.
- *
- * The new function, which retrieves by key.
- *
- */
-
-void *JAR_fetch_cert (long length, void *key)
-  {
-  CERTIssuerAndSN issuerSN;
-  CERTCertificate *cert = NULL;
-
-  CERTCertDBHandle *certdb;
-
-  certdb = JAR_open_database();
-
-  if (certdb)
-    {
-    unsigned char *keyData = (unsigned char *)key;
-    issuerSN.derIssuer.len = (keyData[0] << 8) + keyData[0];
-    issuerSN.derIssuer.data = &keyData[2];
-    issuerSN.serialNumber.len = length - (2 + issuerSN.derIssuer.len);
-    issuerSN.serialNumber.data = &keyData[2+issuerSN.derIssuer.len];
-
-#ifdef USE_MOZ_THREAD
-    cert = jar_moz_certkey (certdb, &issuerSN);
-#else
-    cert = CERT_FindCertByIssuerAndSN (certdb, &issuerSN);
-#endif
-
-    JAR_close_database (certdb);
-    }
-
-  return (void *) cert;
-  }
-
-/*
- *  j a r _ g e t _ m f _ d i g e s t
- *
- *  Retrieve a corresponding saved digest over a section
- *  of the main manifest file. 
- *
- */
-
-static JAR_Digest *jar_get_mf_digest (JAR *jar, char *pathname)
-  {
-  JAR_Item *it;
-
-  JAR_Digest *dig;
-
-  ZZLink *link;
-  ZZList *list;
-
-  list = jar->manifest;
-
-  if (ZZ_ListEmpty (list))
-    return NULL;
-
-  for (link = ZZ_ListHead (list);
-       !ZZ_ListIterDone (list, link);
-       link = link->next)
-    {
-    it = link->thing;
-    if (it->type == jarTypeSect 
-          && it->pathname && !PORT_Strcmp (it->pathname, pathname))
-      {
-      dig = (JAR_Digest *) it->data;
-      return dig;
-      }
-    }
-
-  return NULL;
-  }
-
-/*
- *  j a r _ b a s e n a m e
- *
- *  Return the basename -- leading components of path stripped off,
- *  extension ripped off -- of a path.
- *
- */
-
-static char *jar_basename (const char *path)
-  {
-  char *pith, *e, *basename, *ext;
-
-  if (path == NULL)
-    return PORT_Strdup ("");
-
-  pith = PORT_Strdup (path);
-
-  basename = pith;
-
-  while (1)
-    {
-    for (e = basename; *e && *e != '/' && *e != '\\'; e++)
-      /* yip */ ;
-    if (*e) 
-      basename = ++e; 
-    else
-      break;
-    }
-
-  if ((ext = PORT_Strrchr (basename, '.')) != NULL)
-    *ext = 0;
-
-  /* We already have the space allocated */
-  PORT_Strcpy (pith, basename);
-
-  return pith;
-  }
-
-/*
- *  + + + + + + + + + + + + + + +
- *
- *  CRYPTO ROUTINES FOR JAR
- *
- *  The following functions are the cryptographic 
- *  interface to PKCS7 for Jarnatures.
- *
- *  + + + + + + + + + + + + + + +
- *
- */
-
-/*
- *  j a r _ c a t c h _ b y t e s
- *
- *  In the event signatures contain enveloped data, it will show up here.
- *  But note that the lib/pkcs7 routines aren't ready for it.
- *
- */
-
-static void jar_catch_bytes
-     (void *arg, const char *buf, unsigned long len)
-  {
-  /* Actually this should never be called, since there is
-     presumably no data in the signature itself. */
-  }
-
-/*
- *  j a r _ v a l i d a t e _ p k c s 7
- *
- *  Validate (and decode, if necessary) a binary pkcs7
- *  signature in DER format.
- *
- */
-
-static int jar_validate_pkcs7 
-     (JAR *jar, JAR_Signer *signer, char *data, long length)
-  {
-  SECItem detdig;
-
-  SEC_PKCS7ContentInfo *cinfo = NULL;
-  SEC_PKCS7DecoderContext *dcx;
-
-  int status = 0;
-  char *errstring = NULL;
-
-  PORT_Assert( jar != NULL && signer != NULL );
-
-  if (jar == NULL || signer == NULL)
-    return JAR_ERR_ORDER;
-
-  signer->valid = JAR_ERR_SIG;
-
-  /* We need a context if we can get one */
-
-#ifdef MOZILLA_CLIENT_OLD
-  if (jar->mw == NULL) {
-    JAR_set_context (jar, NULL);
-  }
-#endif
-
-
-  dcx = SEC_PKCS7DecoderStart
-           (jar_catch_bytes, NULL /*cb_arg*/, NULL /*getpassword*/, jar->mw,
-            NULL, NULL, NULL);
-
-  if (dcx == NULL) 
-    {
-    /* strange pkcs7 failure */
-    return JAR_ERR_PK7;
-    }
-
-  SEC_PKCS7DecoderUpdate (dcx, data, length);
-  cinfo = SEC_PKCS7DecoderFinish (dcx);
-
-  if (cinfo == NULL)
-    {
-    /* strange pkcs7 failure */
-    return JAR_ERR_PK7;
-    }
-
-  if (SEC_PKCS7ContentIsEncrypted (cinfo))
-    {
-    /* content was encrypted, fail */
-    return JAR_ERR_PK7;
-    }
-
-  if (SEC_PKCS7ContentIsSigned (cinfo) == PR_FALSE)
-    {
-    /* content was not signed, fail */
-    return JAR_ERR_PK7;
-    }
-
-  PORT_SetError (0);
-
-  /* use SHA1 only */
-
-  detdig.len = SHA1_LENGTH;
-  detdig.data = signer->digest->sha1;
-
-#ifdef USE_MOZ_THREAD
-  if (jar_moz_verify
-        (cinfo, certUsageObjectSigner, &detdig, HASH_AlgSHA1, PR_FALSE)==
-		SECSuccess)
-#else
-  if (SEC_PKCS7VerifyDetachedSignature 
-        (cinfo, certUsageObjectSigner, &detdig, HASH_AlgSHA1, PR_FALSE)==
-		PR_TRUE)
-#endif
-    {
-    /* signature is valid */
-    signer->valid = 0;
-    jar_gather_signers (jar, signer, cinfo);
-    }
-  else
-    {
-    status = PORT_GetError();
-
-    PORT_Assert( status < 0 );
-    if (status >= 0) status = JAR_ERR_SIG;
-
-    jar->valid = status;
-    signer->valid = status;
-
-    errstring = JAR_get_error (status);
-    /*XP_TRACE(("JAR signature invalid (reason %d = %s)", status, errstring));*/
-    }
-
-  jar->pkcs7 = PR_TRUE;
-  signer->pkcs7 = PR_TRUE;
-
-  SEC_PKCS7DestroyContentInfo (cinfo);
-
-  return status;
-  }
-
-/*
- *  j a r _ g a t h e r _ s i g n e r s
- *
- *  Add the single signer of this signature to the
- *  certificate linked list.
- *
- */
-
-static int jar_gather_signers
-     (JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo)
-  {
-  int result;
-
-  CERTCertificate *cert;
-  CERTCertDBHandle *certdb;
-
-  SEC_PKCS7SignedData *sdp;
-  SEC_PKCS7SignerInfo **pksigners, *pksigner;
-
-  sdp = cinfo->content.signedData;
-
-  if (sdp == NULL)
-    return JAR_ERR_PK7;
-
-  pksigners = sdp->signerInfos;
-
-  /* permit exactly one signer */
-
-  if (pksigners == NULL || pksigners [0] == NULL || pksigners [1] != NULL)
-    return JAR_ERR_PK7;
-
-  pksigner = *pksigners;
-  cert = pksigner->cert;
-
-  if (cert == NULL)
-    return JAR_ERR_PK7;
-
-  certdb = JAR_open_database();
-
-  if (certdb == NULL)
-    return JAR_ERR_GENERAL;
-
-  result = jar_add_cert (jar, signer, jarTypeSign, cert);
-
-  JAR_close_database (certdb);
-
-  return result;
-  }
-
-/*
- *  j a r _ o p e n _ d a t a b a s e
- *
- *  Open the certificate database,
- *  for use by JAR functions.
- *
- */
-
-CERTCertDBHandle *JAR_open_database (void)
-  {
-  CERTCertDBHandle *certdb;
-
-  certdb = CERT_GetDefaultCertDB();
-
-  return certdb;
-  }
-
-/*
- *  j a r _ c l o s e _ d a t a b a s e
- *
- *  Close the certificate database.
- *  For use by JAR functions.
- *
- */
-
-int JAR_close_database (CERTCertDBHandle *certdb)
-  {
-#ifdef notdef
-  CERTCertDBHandle *defaultdb;
-
-  /* This really just retrieves the handle, nothing more */
-  defaultdb = CERT_GetDefaultCertDB();
-
-  /* If there is no default db, it means we opened 
-     the permanent database for some reason */
-
-  if (defaultdb == NULL && certdb != NULL)
-    CERT_ClosePermCertDB (certdb);
-#endif
-
-  return 0;
-  }
-
-/*
- *  j a r _ g e t _ c e r t i f i c a t e
- *
- *  Return the certificate referenced
- *  by a given fingerprint, or NULL if not found.
- *  Error code is returned in result.
- *
- */
-
-static CERTCertificate *jar_get_certificate
-      (JAR *jar, long keylen, void *key, int *result)
-  {
-  int found = 0;
-
-  JAR_Item *it;
-  JAR_Cert *fing = NULL;
-
-  JAR_Context *ctx;
-
-  if (jar == NULL) 
-    {
-    void *cert;
-    cert = JAR_fetch_cert (keylen, key);
-    *result = (cert == NULL) ? JAR_ERR_GENERAL : 0;
-    return (CERTCertificate *) cert;
-    }
-
-  ctx = JAR_find (jar, NULL, jarTypeSign);
-
-  while (JAR_find_next (ctx, &it) >= 0)
-    {
-    fing = (JAR_Cert *) it->data;
-
-    if (keylen != fing->length)
-      continue;
-
-    PORT_Assert( keylen < 0xFFFF );
-    if (!PORT_Memcmp (fing->key, key, keylen))
-      {
-      found = 1;
-      break;
-      }
-    }
-
-  JAR_find_end (ctx);
-
-  if (found == 0)
-    {
-    *result = JAR_ERR_GENERAL;
-    return NULL;
-    }
-
-  PORT_Assert(fing != NULL);
-  *result = 0;
-  return fing->cert;
-  }
-
-/*
- *  j a r _ s i g n a l
- *
- *  Nonfatal errors come here to callback Java.
- *  
- */
-
-static int jar_signal 
-     (int status, JAR *jar, const char *metafile, char *pathname)
-  {
-  char *errstring;
-
-  errstring = JAR_get_error (status);
-
-  if (jar->signal)
-    {
-    (*jar->signal) (status, jar, metafile, pathname, errstring);
-    return 0;
-    }
-
-  return status;
-  }
-
-/*
- *  j a r _ a p p e n d
- *
- *  Tack on an element to one of a JAR's linked
- *  lists, with rudimentary error handling.
- *
- */
-
-int jar_append (ZZList *list, int type, 
-        char *pathname, void *data, size_t size)
-  {
-  JAR_Item *it;
-  ZZLink *entity;
-
-  it = (JAR_Item*)PORT_ZAlloc (sizeof (JAR_Item));
-
-  if (it == NULL)
-    goto loser;
-
-  if (pathname)
-    {
-    it->pathname = PORT_Strdup (pathname);
-    if (it->pathname == NULL)
-      goto loser;
-    }
-
-  it->type = (jarType)type;
-  it->data = (unsigned char *) data;
-  it->size = size;
-
-  entity = ZZ_NewLink (it);
-
-  if (entity)
-    {
-    ZZ_AppendLink (list, entity);
-    return 0;
-    }
-
-loser:
-
-  if (it)
-    {
-    if (it->pathname) PORT_Free (it->pathname);
-    PORT_Free (it);
-    }
-
-  return JAR_ERR_MEMORY;
-  }
-
-/* 
- *  W I N 1 6   s t u f f
- *
- *  These functions possibly belong in xp_mem.c, they operate 
- *  on huge string pointers for win16.
- *
- */
-
-#if defined(XP_WIN16)
-int xp_HUGE_STRNCASECMP (char ZHUGEP *buf, char *key, int len)
-  {
-  while (len--) 
-    {
-    char c1, c2;
-
-    c1 = *buf++;
-    c2 = *key++;
-
-    if (c1 >= 'a' && c1 <= 'z') c1 -= ('a' - 'A');
-    if (c2 >= 'a' && c2 <= 'z') c2 -= ('a' - 'A');
-
-    if (c1 != c2) 
-      return (c1 < c2) ? -1 : 1;
-    }
-  return 0;
-  }
-
-size_t xp_HUGE_STRLEN (char ZHUGEP *s)
-  {
-  size_t len = 0L;
-  while (*s++) len++;
-  return len;
-  }
-
-char *xp_HUGE_STRCPY (char *to, char ZHUGEP *from)
-  {
-  char *ret = to;
-
-  while (*from)
-    *to++ = *from++;
-  *to = 0;
-
-  return ret;
-  }
-#endif
diff --git a/security/nss/lib/jar/jzconf.h b/security/nss/lib/jar/jzconf.h
deleted file mode 100644
index 278aaa5d5..000000000
--- a/security/nss/lib/jar/jzconf.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h 
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#ifndef _ZCONF_H
-#define _ZCONF_H
-
-/*
- * If you *really* need a unique prefix for all types and library functions,
- * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
- */
-#ifdef Z_PREFIX
-#  define deflateInit_	z_deflateInit_
-#  define deflate	z_deflate
-#  define deflateEnd	z_deflateEnd
-#  define inflateInit_ 	z_inflateInit_
-#  define inflate	z_inflate
-#  define inflateEnd	z_inflateEnd
-#  define deflateInit2_	z_deflateInit2_
-#  define deflateSetDictionary z_deflateSetDictionary
-#  define deflateCopy	z_deflateCopy
-#  define deflateReset	z_deflateReset
-#  define deflateParams	z_deflateParams
-#  define inflateInit2_	z_inflateInit2_
-#  define inflateSetDictionary z_inflateSetDictionary
-#  define inflateSync	z_inflateSync
-#  define inflateReset	z_inflateReset
-#  define compress	z_compress
-#  define uncompress	z_uncompress
-#  define adler32	z_adler32
-#  define crc32		z_crc32
-#  define get_crc_table z_get_crc_table
-
-#  define Byte		z_Byte
-#  define uInt		z_uInt
-#  define uLong		z_uLong
-#  define Bytef	        z_Bytef
-#  define charf		z_charf
-#  define intf		z_intf
-#  define uIntf		z_uIntf
-#  define uLongf	z_uLongf
-#  define voidpf	z_voidpf
-#  define voidp		z_voidp
-#endif
-
-#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-#  define WIN32
-#endif
-#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-#  ifndef __32BIT__
-#    define __32BIT__
-#  endif
-#endif
-#if defined(__MSDOS__) && !defined(MSDOS)
-#  define MSDOS
-#endif
-
-/*
- * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
- * than 64k bytes at a time (needed on systems with 16-bit int).
- */
-#if defined(MSDOS) && !defined(__32BIT__)
-#  define MAXSEG_64K
-#endif
-#ifdef MSDOS
-#  define UNALIGNED_OK
-#endif
-
-#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2))  && !defined(STDC)
-#  define STDC
-#endif
-#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
-#  define STDC
-#endif
-
-#ifndef STDC
-#  ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-#    define const
-#  endif
-#endif
-
-/* Some Mac compilers merge all .h files incorrectly: */
-#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-#  define NO_DUMMY_DECL
-#endif
-
-/* Maximum value for memLevel in deflateInit2 */
-#ifndef MAX_MEM_LEVEL
-#  ifdef MAXSEG_64K
-#    define MAX_MEM_LEVEL 8
-#  else
-#    define MAX_MEM_LEVEL 9
-#  endif
-#endif
-
-/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
-#ifndef MAX_WBITS
-#  define MAX_WBITS   15 /* 32K LZ77 window */
-#endif
-
-/* The memory requirements for deflate are (in bytes):
-            1 << (windowBits+2)   +  1 << (memLevel+9)
- that is: 128K for windowBits=15  +  128K for memLevel = 8  (default values)
- plus a few kilobytes for small objects. For example, if you want to reduce
- the default memory requirements from 256K to 128K, compile with
-     make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
- Of course this will generally degrade compression (there's no free lunch).
-
-   The memory requirements for inflate are (in bytes) 1 << windowBits
- that is, 32K for windowBits=15 (default value) plus a few kilobytes
- for small objects.
-*/
-
-                        /* Type declarations */
-
-#ifndef OF /* function prototypes */
-#  ifdef STDC
-#    define OF(args)  args
-#  else
-#    define OF(args)  ()
-#  endif
-#endif
-
-/* The following definitions for FAR are needed only for MSDOS mixed
- * model programming (small or medium model with some far allocations).
- * This was tested only with MSC; for other MSDOS compilers you may have
- * to define NO_MEMCPY in zutil.h.  If you don't need the mixed model,
- * just define FAR to be empty.
- */
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
-   /* MSC small or medium model */
-#  define SMALL_MEDIUM
-#  ifdef _MSC_VER
-#    define FAR __far
-#  else
-#    define FAR far
-#  endif
-#endif
-#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-#  ifndef __32BIT__
-#    define SMALL_MEDIUM
-#    define FAR __far
-#  endif
-#endif
-#ifndef FAR
-#   define FAR
-#endif
-
-typedef unsigned char  Byte;  /* 8 bits */
-typedef unsigned int   uInt;  /* 16 bits or more */
-typedef unsigned long  uLong; /* 32 bits or more */
-
-#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
-   /* Borland C/C++ ignores FAR inside typedef */
-#  define Bytef Byte FAR
-#else
-   typedef Byte  FAR Bytef;
-#endif
-typedef char  FAR charf;
-typedef int   FAR intf;
-typedef uInt  FAR uIntf;
-typedef uLong FAR uLongf;
-
-#ifdef STDC
-   typedef void FAR *voidpf;
-   typedef void     *voidp;
-#else
-   typedef Byte FAR *voidpf;
-   typedef Byte     *voidp;
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#else
-/* Compile with -DZLIB_DLL for Windows DLL support */
-#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
-#  include <windows.h>
-#  define EXPORT  WINAPI
-#else
-#  define EXPORT
-#endif
-
-#define PR_PUBLIC_API(type) type
-
-#endif /* MOZILLA_CLIENT */
-
-#endif /* _ZCONF_H */
diff --git a/security/nss/lib/jar/jzlib.h b/security/nss/lib/jar/jzlib.h
deleted file mode 100644
index dd5b4d8e9..000000000
--- a/security/nss/lib/jar/jzlib.h
+++ /dev/null
@@ -1,896 +0,0 @@
-/* zlib.h -- interface of the 'zlib' general purpose compression library
-  version 1.0.4, Jul 24th, 1996.
-
-  Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
-  This software is provided 'as-is', without any express or implied
-  warranty.  In no event will the authors be held liable for any damages
-  arising from the use of this software.
-
-  Permission is granted to anyone to use this software for any purpose,
-  including commercial applications, and to alter it and redistribute it
-  freely, subject to the following restrictions:
-
-  1. The origin of this software must not be misrepresented; you must not
-     claim that you wrote the original software. If you use this software
-     in a product, an acknowledgment in the product documentation would be
-     appreciated but is not required.
-  2. Altered source versions must be plainly marked as such, and must not be
-     misrepresented as being the original software.
-  3. This notice may not be removed or altered from any source distribution.
-
-  Jean-loup Gailly        Mark Adler
-  gzip@prep.ai.mit.edu    madler@alumni.caltech.edu
-
-
-  The data format used by the zlib library is described by RFCs (Request for
-  Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
-  (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-*/
-/* This file was modified since it was taken from the zlib distribution */
-
-#ifndef _ZLIB_H
-#define _ZLIB_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "jzconf.h"
-#else
-#include "zconf.h"
-#endif
-
-#define ZLIB_VERSION "1.0.4"
-
-/* 
-     The 'zlib' compression library provides in-memory compression and
-  decompression functions, including integrity checks of the uncompressed
-  data.  This version of the library supports only one compression method
-  (deflation) but other algorithms may be added later and will have the same
-  stream interface.
-
-     For compression the application must provide the output buffer and
-  may optionally provide the input buffer for optimization. For decompression,
-  the application must provide the input buffer and may optionally provide
-  the output buffer for optimization.
-
-     Compression can be done in a single step if the buffers are large
-  enough (for example if an input file is mmap'ed), or can be done by
-  repeated calls of the compression function.  In the latter case, the
-  application must provide more input and/or consume the output
-  (providing more output space) before each call.
-
-     The library does not install any signal handler. It is recommended to
-  add at least a handler for SIGSEGV when decompressing; the library checks
-  the consistency of the input data whenever possible but may go nuts
-  for some forms of corrupted input.
-*/
-
-typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-typedef void   (*free_func)  OF((voidpf opaque, voidpf address));
-
-struct internal_state;
-
-typedef struct z_stream_s {
-    Bytef    *next_in;  /* next input byte */
-    uInt     avail_in;  /* number of bytes available at next_in */
-    uLong    total_in;  /* total nb of input bytes read so far */
-
-    Bytef    *next_out; /* next output byte should be put there */
-    uInt     avail_out; /* remaining free space at next_out */
-    uLong    total_out; /* total nb of bytes output so far */
-
-    char     *msg;      /* last error message, NULL if no error */
-    struct internal_state FAR *state; /* not visible by applications */
-
-    alloc_func zalloc;  /* used to allocate the internal state */
-    free_func  zfree;   /* used to free the internal state */
-    voidpf     opaque;  /* private data object passed to zalloc and zfree */
-
-    int     data_type;  /* best guess about the data type: ascii or binary */
-    uLong   adler;      /* adler32 value of the uncompressed data */
-    uLong   reserved;   /* reserved for future use */
-} z_stream;
-
-typedef z_stream FAR *z_streamp;
-
-/*
-   The application must update next_in and avail_in when avail_in has
-   dropped to zero. It must update next_out and avail_out when avail_out
-   has dropped to zero. The application must initialize zalloc, zfree and
-   opaque before calling the init function. All other fields are set by the
-   compression library and must not be updated by the application.
-
-   The opaque value provided by the application will be passed as the first
-   parameter for calls of zalloc and zfree. This can be useful for custom
-   memory management. The compression library attaches no meaning to the
-   opaque value.
-
-   zalloc must return Z_NULL if there is not enough memory for the object.
-   On 16-bit systems, the functions zalloc and zfree must be able to allocate
-   exactly 65536 bytes, but will not be required to allocate more than this
-   if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
-   pointers returned by zalloc for objects of exactly 65536 bytes *must*
-   have their offset normalized to zero. The default allocation function
-   provided by this library ensures this (see zutil.c). To reduce memory
-   requirements and avoid any allocation of 64K objects, at the expense of
-   compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-
-   The fields total_in and total_out can be used for statistics or
-   progress reports. After compression, total_in holds the total size of
-   the uncompressed data and may be saved for use in the decompressor
-   (particularly if the decompressor wants to decompress everything in
-   a single step).
-*/
-
-                        /* constants */
-
-#define Z_NO_FLUSH      0
-#define Z_PARTIAL_FLUSH 1
-#define Z_SYNC_FLUSH    2
-#define Z_FULL_FLUSH    3
-#define Z_FINISH        4
-/* Allowed flush values; see deflate() below for details */
-
-#define Z_OK            0
-#define Z_STREAM_END    1
-#define Z_NEED_DICT     2
-#define Z_ERRNO        (-1)
-#define Z_STREAM_ERROR (-2)
-#define Z_DATA_ERROR   (-3)
-#define Z_MEM_ERROR    (-4)
-#define Z_BUF_ERROR    (-5)
-#define Z_VERSION_ERROR (-6)
-/* Return codes for the compression/decompression functions. Negative
- * values are errors, positive values are used for special but normal events.
- */
-
-#define Z_NO_COMPRESSION         0
-#define Z_BEST_SPEED             1
-#define Z_BEST_COMPRESSION       9
-#define Z_DEFAULT_COMPRESSION  (-1)
-/* compression levels */
-
-#define Z_FILTERED            1
-#define Z_HUFFMAN_ONLY        2
-#define Z_DEFAULT_STRATEGY    0
-/* compression strategy; see deflateInit2() below for details */
-
-#define Z_BINARY   0
-#define Z_ASCII    1
-#define Z_UNKNOWN  2
-/* Possible values of the data_type field */
-
-#define Z_DEFLATED   8
-/* The deflate compression method (the only one supported in this version) */
-
-#define Z_NULL  0  /* for initializing zalloc, zfree, opaque */
-
-#define zlib_version zlibVersion()
-/* for compatibility with versions < 1.0.2 */
-
-                        /* basic functions */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) zlibVersion (void);
-#else
-extern const char * EXPORT zlibVersion OF((void));
-#endif
-/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
-   If the first character differs, the library code actually used is
-   not compatible with the zlib.h header file used by the application.
-   This check is automatically made by deflateInit and inflateInit.
- */
-
-/* 
-extern int EXPORT deflateInit OF((z_streamp strm, int level));
-
-     Initializes the internal stream state for compression. The fields
-   zalloc, zfree and opaque must be initialized before by the caller.
-   If zalloc and zfree are set to Z_NULL, deflateInit updates them to
-   use default allocation functions.
-
-     The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
-   1 gives best speed, 9 gives best compression, 0 gives no compression at
-   all (the input data is simply copied a block at a time).
-   Z_DEFAULT_COMPRESSION requests a default compromise between speed and
-   compression (currently equivalent to level 6).
-
-     deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_STREAM_ERROR if level is not a valid compression level,
-   Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
-   with the version assumed by the caller (ZLIB_VERSION).
-   msg is set to null if there is no error message.  deflateInit does not
-   perform any compression: this will be done by deflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflate (z_streamp strm, int flush);
-#else
-extern int EXPORT deflate OF((z_streamp strm, int flush));
-#endif
-/*
-  Performs one or both of the following actions:
-
-  - Compress more input starting at next_in and update next_in and avail_in
-    accordingly. If not all input can be processed (because there is not
-    enough room in the output buffer), next_in and avail_in are updated and
-    processing will resume at this point for the next call of deflate().
-
-  - Provide more output starting at next_out and update next_out and avail_out
-    accordingly. This action is forced if the parameter flush is non zero.
-    Forcing flush frequently degrades the compression ratio, so this parameter
-    should be set only when necessary (in interactive applications).
-    Some output may be provided even if flush is not set.
-
-  Before the call of deflate(), the application should ensure that at least
-  one of the actions is possible, by providing more input and/or consuming
-  more output, and updating avail_in or avail_out accordingly; avail_out
-  should never be zero before the call. The application can consume the
-  compressed output when it wants, for example when the output buffer is full
-  (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
-  and with zero avail_out, it must be called again after making room in the
-  output buffer because there might be more output pending.
-
-    If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
-  block is terminated and flushed to the output buffer so that the
-  decompressor can get all input data available so far. For method 9, a future
-  variant on method 8, the current block will be flushed but not terminated.
-  Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
-  output is byte aligned (the compressor can clear its internal bit buffer)
-  and the current block is always terminated; this can be useful if the
-  compressor has to be restarted from scratch after an interruption (in which
-  case the internal state of the compressor may be lost).
-    If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
-  special marker is output and the compression dictionary is discarded; this
-  is useful to allow the decompressor to synchronize if one compressed block
-  has been damaged (see inflateSync below).  Flushing degrades compression and
-  so should be used only when necessary.  Using Z_FULL_FLUSH too often can
-  seriously degrade the compression. If deflate returns with avail_out == 0,
-  this function must be called again with the same value of the flush
-  parameter and more output space (updated avail_out), until the flush is
-  complete (deflate returns with non-zero avail_out).
-
-    If the parameter flush is set to Z_FINISH, pending input is processed,
-  pending output is flushed and deflate returns with Z_STREAM_END if there
-  was enough output space; if deflate returns with Z_OK, this function must be
-  called again with Z_FINISH and more output space (updated avail_out) but no
-  more input data, until it returns with Z_STREAM_END or an error. After
-  deflate has returned Z_STREAM_END, the only possible operations on the
-  stream are deflateReset or deflateEnd.
-  
-    Z_FINISH can be used immediately after deflateInit if all the compression
-  is to be done in a single step. In this case, avail_out must be at least
-  0.1% larger than avail_in plus 12 bytes.  If deflate does not return
-  Z_STREAM_END, then it must be called again as described above.
-
-    deflate() may update data_type if it can make a good guess about
-  the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
-  binary. This field is only for information purposes and does not affect
-  the compression algorithm in any manner.
-
-    deflate() returns Z_OK if some progress has been made (more input
-  processed or more output produced), Z_STREAM_END if all input has been
-  consumed and all output has been produced (only when flush is set to
-  Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
-  if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateEnd (z_streamp strm);
-#else
-extern int EXPORT deflateEnd OF((z_streamp strm));
-#endif
-/*
-     All dynamically allocated data structures for this stream are freed.
-   This function discards any unprocessed input and does not flush any
-   pending output.
-
-     deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
-   stream state was inconsistent, Z_DATA_ERROR if the stream was freed
-   prematurely (some input or output was discarded). In the error case,
-   msg may be set but then points to a static string (which must not be
-   deallocated).
-*/
-
-
-/* 
-extern int EXPORT inflateInit OF((z_streamp strm));
-
-     Initializes the internal stream state for decompression. The fields
-   zalloc, zfree and opaque must be initialized before by the caller.  If
-   zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
-   allocation functions.
-
-     inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
-   with the version assumed by the caller.  msg is set to null if there is no
-   error message. inflateInit does not perform any decompression: this will be
-   done by inflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflate (z_streamp strm, int flush);
-#else
-extern int EXPORT inflate OF((z_streamp strm, int flush));
-#endif
-/*
-  Performs one or both of the following actions:
-
-  - Decompress more input starting at next_in and update next_in and avail_in
-    accordingly. If not all input can be processed (because there is not
-    enough room in the output buffer), next_in is updated and processing
-    will resume at this point for the next call of inflate().
-
-  - Provide more output starting at next_out and update next_out and avail_out
-    accordingly.  inflate() provides as much output as possible, until there
-    is no more input data or no more space in the output buffer (see below
-    about the flush parameter).
-
-  Before the call of inflate(), the application should ensure that at least
-  one of the actions is possible, by providing more input and/or consuming
-  more output, and updating the next_* and avail_* values accordingly.
-  The application can consume the uncompressed output when it wants, for
-  example when the output buffer is full (avail_out == 0), or after each
-  call of inflate(). If inflate returns Z_OK and with zero avail_out, it
-  must be called again after making room in the output buffer because there
-  might be more output pending.
-
-    If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
-  output as possible to the output buffer. The flushing behavior of inflate is
-  not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
-  and Z_FINISH, but the current implementation actually flushes as much output
-  as possible anyway.
-
-    inflate() should normally be called until it returns Z_STREAM_END or an
-  error. However if all decompression is to be performed in a single step
-  (a single call of inflate), the parameter flush should be set to
-  Z_FINISH. In this case all pending input is processed and all pending
-  output is flushed; avail_out must be large enough to hold all the
-  uncompressed data. (The size of the uncompressed data may have been saved
-  by the compressor for this purpose.) The next operation on this stream must
-  be inflateEnd to deallocate the decompression state. The use of Z_FINISH
-  is never required, but can be used to inform inflate that a faster routine
-  may be used for the single inflate() call.
-
-    inflate() returns Z_OK if some progress has been made (more input
-  processed or more output produced), Z_STREAM_END if the end of the
-  compressed data has been reached and all uncompressed output has been
-  produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
-  inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
-  Z_STREAM_ERROR if the stream structure was inconsistent (for example if
-  next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
-  Z_BUF_ERROR if no progress is possible or if there was not enough room in
-  the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
-  application may then call inflateSync to look for a good compression block.
-  In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
-  dictionary chosen by the compressor.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateEnd (z_streamp strm);
-#else
-extern int EXPORT inflateEnd OF((z_streamp strm));
-#endif
-/*
-     All dynamically allocated data structures for this stream are freed.
-   This function discards any unprocessed input and does not flush any
-   pending output.
-
-     inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
-   was inconsistent. In the error case, msg may be set but then points to a
-   static string (which must not be deallocated).
-*/
-
-                        /* Advanced functions */
-
-/*
-    The following functions are needed only in some special applications.
-*/
-
-/*   
-extern int EXPORT deflateInit2 OF((z_streamp strm,
-                                   int  level,
-                                   int  method,
-                                   int  windowBits,
-                                   int  memLevel,
-                                   int  strategy));
-
-     This is another version of deflateInit with more compression options. The
-   fields next_in, zalloc, zfree and opaque must be initialized before by
-   the caller.
-
-     The method parameter is the compression method. It must be Z_DEFLATED in
-   this version of the library. (Method 9 will allow a 64K history buffer and
-   partial block flushes.)
-
-     The windowBits parameter is the base two logarithm of the window size
-   (the size of the history buffer).  It should be in the range 8..15 for this
-   version of the library (the value 16 will be allowed for method 9). Larger
-   values of this parameter result in better compression at the expense of
-   memory usage. The default value is 15 if deflateInit is used instead.
-
-     The memLevel parameter specifies how much memory should be allocated
-   for the internal compression state. memLevel=1 uses minimum memory but
-   is slow and reduces compression ratio; memLevel=9 uses maximum memory
-   for optimal speed. The default value is 8. See zconf.h for total memory
-   usage as a function of windowBits and memLevel.
-
-     The strategy parameter is used to tune the compression algorithm. Use the
-   value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
-   filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
-   string match).  Filtered data consists mostly of small values with a
-   somewhat random distribution. In this case, the compression algorithm is
-   tuned to compress them better. The effect of Z_FILTERED is to force more
-   Huffman coding and less string matching; it is somewhat intermediate
-   between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
-   the compression ratio but not the correctness of the compressed output even
-   if it is not set appropriately.
-
-     If next_in is not null, the library will use this buffer to hold also
-   some history information; the buffer must either hold the entire input
-   data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
-   is null, the library will allocate its own history buffer (and leave next_in
-   null). next_out need not be provided here but must be provided by the
-   application for the next call of deflate().
-
-     If the history buffer is provided by the application, next_in must
-   must never be changed by the application since the compressor maintains
-   information inside this buffer from call to call; the application
-   must provide more input only by increasing avail_in. next_in is always
-   reset by the library in this case.
-
-      deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
-   not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
-   an invalid method). msg is set to null if there is no error message.
-   deflateInit2 does not perform any compression: this will be done by
-   deflate(). 
-*/
-                            
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateSetDictionary (z_streamp strm,
-                                           const Bytef *dictionary,
-				           uInt  dictLength);
-#else
-extern int EXPORT deflateSetDictionary OF((z_streamp strm,
-                                           const Bytef *dictionary,
-				           uInt  dictLength));
-#endif
-/*
-     Initializes the compression dictionary (history buffer) from the given
-   byte sequence without producing any compressed output. This function must
-   be called immediately after deflateInit or deflateInit2, before any call
-   of deflate. The compressor and decompressor must use exactly the same
-   dictionary (see inflateSetDictionary).
-     The dictionary should consist of strings (byte sequences) that are likely
-   to be encountered later in the data to be compressed, with the most commonly
-   used strings preferably put towards the end of the dictionary. Using a
-   dictionary is most useful when the data to be compressed is short and
-   can be predicted with good accuracy; the data can then be compressed better
-   than with the default empty dictionary. In this version of the library,
-   only the last 32K bytes of the dictionary are used.
-     Upon return of this function, strm->adler is set to the Adler32 value
-   of the dictionary; the decompressor may later use this value to determine
-   which dictionary has been used by the compressor. (The Adler32 value
-   applies to the whole dictionary even if only a subset of the dictionary is
-   actually used by the compressor.)
-
-     deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
-   parameter is invalid (such as NULL dictionary) or the stream state
-   is inconsistent (for example if deflate has already been called for this
-   stream). deflateSetDictionary does not perform any compression: this will
-   be done by deflate(). 
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateCopy (z_streamp dest, z_streamp source);
-#else
-extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
-#endif
-/*
-     Sets the destination stream as a complete copy of the source stream.  If
-   the source stream is using an application-supplied history buffer, a new
-   buffer is allocated for the destination stream.  The compressed output
-   buffer is always application-supplied. It's the responsibility of the
-   application to provide the correct values of next_out and avail_out for the
-   next call of deflate.
-
-     This function can be useful when several compression strategies will be
-   tried, for example when there are several ways of pre-processing the input
-   data with a filter. The streams that will be discarded should then be freed
-   by calling deflateEnd.  Note that deflateCopy duplicates the internal
-   compression state which can be quite large, so this strategy is slow and
-   can consume lots of memory.
-
-     deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
-   (such as zalloc being NULL). msg is left unchanged in both source and
-   destination.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateReset (z_streamp strm);
-#else
-extern int EXPORT deflateReset OF((z_streamp strm));
-#endif
-/*
-     This function is equivalent to deflateEnd followed by deflateInit,
-   but does not free and reallocate all the internal compression state.
-   The stream will keep the same compression level and any other attributes
-   that may have been set by deflateInit2.
-
-      deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-   stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateParams (z_streamp strm, int level, int strategy);
-#else
-extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
-#endif
-/*
-     Dynamically update the compression level and compression strategy.
-   This can be used to switch between compression and straight copy of
-   the input data, or to switch to a different kind of input data requiring
-   a different strategy. If the compression level is changed, the input
-   available so far is compressed with the old level (and may be flushed);
-   the new level will take effect only at the next call of deflate().
-
-     Before the call of deflateParams, the stream state must be set as for
-   a call of deflate(), since the currently available input may have to
-   be compressed and flushed. In particular, strm->avail_out must be non-zero.
-
-     deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
-   stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
-   if strm->avail_out was zero.
-*/
-
-/*   
-extern int EXPORT inflateInit2 OF((z_streamp strm,
-                                   int  windowBits));
-
-     This is another version of inflateInit with more compression options. The
-   fields next_out, zalloc, zfree and opaque must be initialized before by
-   the caller.
-
-     The windowBits parameter is the base two logarithm of the maximum window
-   size (the size of the history buffer).  It should be in the range 8..15 for
-   this version of the library (the value 16 will be allowed soon). The
-   default value is 15 if inflateInit is used instead. If a compressed stream
-   with a larger window size is given as input, inflate() will return with
-   the error code Z_DATA_ERROR instead of trying to allocate a larger window.
-
-     If next_out is not null, the library will use this buffer for the history
-   buffer; the buffer must either be large enough to hold the entire output
-   data, or have at least 1<<windowBits bytes.  If next_out is null, the
-   library will allocate its own buffer (and leave next_out null). next_in
-   need not be provided here but must be provided by the application for the
-   next call of inflate().
-
-     If the history buffer is provided by the application, next_out must
-   never be changed by the application since the decompressor maintains
-   history information inside this buffer from call to call; the application
-   can only reset next_out to the beginning of the history buffer when
-   avail_out is zero and all output has been consumed.
-
-      inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
-   not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
-   windowBits < 8). msg is set to null if there is no error message.
-   inflateInit2 does not perform any decompression: this will be done by
-   inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSetDictionary (z_streamp strm,
-				           const Bytef *dictionary,
-					   uInt  dictLength);
-#else
-extern int EXPORT inflateSetDictionary OF((z_streamp strm,
-				           const Bytef *dictionary,
-					   uInt  dictLength));
-#endif
-/*
-     Initializes the decompression dictionary (history buffer) from the given
-   uncompressed byte sequence. This function must be called immediately after
-   a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
-   by the compressor can be determined from the Adler32 value returned by this
-   call of inflate. The compressor and decompressor must use exactly the same
-   dictionary (see deflateSetDictionary).
-
-     inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
-   parameter is invalid (such as NULL dictionary) or the stream state is
-   inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
-   expected one (incorrect Adler32 value). inflateSetDictionary does not
-   perform any decompression: this will be done by subsequent calls of
-   inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSync (z_streamp strm);
-#else
-extern int EXPORT inflateSync OF((z_streamp strm));
-#endif
-/* 
-    Skips invalid compressed data until the special marker (see deflate()
-  above) can be found, or until all available input is skipped. No output
-  is provided.
-
-    inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
-  if no more input was provided, Z_DATA_ERROR if no marker has been found,
-  or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
-  case, the application may save the current current value of total_in which
-  indicates where valid compressed data was found. In the error case, the
-  application may repeatedly call inflateSync, providing more input each time,
-  until success or end of the input data.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateReset (z_streamp strm);
-#else
-extern int EXPORT inflateReset OF((z_streamp strm));
-#endif
-/*
-     This function is equivalent to inflateEnd followed by inflateInit,
-   but does not free and reallocate all the internal decompression state.
-   The stream will keep attributes that may have been set by inflateInit2.
-
-      inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
-   stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-
-                        /* utility functions */
-
-/*
-     The following utility functions are implemented on top of the
-   basic stream-oriented functions. To simplify the interface, some
-   default options are assumed (compression level, window size,
-   standard memory allocation functions). The source code of these
-   utility functions can easily be modified if you need special options.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) compress (Bytef *dest,   uLongf *destLen,
-			       const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT compress OF((Bytef *dest,   uLongf *destLen,
-			       const Bytef *source, uLong sourceLen));
-#endif
-/*
-     Compresses the source buffer into the destination buffer.  sourceLen is
-   the byte length of the source buffer. Upon entry, destLen is the total
-   size of the destination buffer, which must be at least 0.1% larger than
-   sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
-   compressed buffer.
-     This function can be used to compress a whole file at once if the
-   input file is mmap'ed.
-     compress returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_BUF_ERROR if there was not enough room in the output
-   buffer.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) uncompress (Bytef *dest,   uLongf *destLen,
-				 const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT uncompress OF((Bytef *dest,   uLongf *destLen,
-				 const Bytef *source, uLong sourceLen));
-#endif
-/*
-     Decompresses the source buffer into the destination buffer.  sourceLen is
-   the byte length of the source buffer. Upon entry, destLen is the total
-   size of the destination buffer, which must be large enough to hold the
-   entire uncompressed data. (The size of the uncompressed data must have
-   been saved previously by the compressor and transmitted to the decompressor
-   by some mechanism outside the scope of this compression library.)
-   Upon exit, destLen is the actual size of the compressed buffer.
-     This function can be used to decompress a whole file at once if the
-   input file is mmap'ed.
-
-     uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
-   enough memory, Z_BUF_ERROR if there was not enough room in the output
-   buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-
-
-typedef voidp gzFile;
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen  (const char *path, const char *mode);
-#else
-extern gzFile EXPORT gzopen  OF((const char *path, const char *mode));
-#endif
-/*
-     Opens a gzip (.gz) file for reading or writing. The mode parameter
-   is as in fopen ("rb" or "wb") but can also include a compression level
-   ("wb9").  gzopen can be used to read a file which is not in gzip format;
-   in this case gzread will directly read from the file without decompression.
-     gzopen returns NULL if the file could not be opened or if there was
-   insufficient memory to allocate the (de)compression state; errno
-   can be checked to distinguish the two cases (if errno is zero, the
-   zlib error is Z_MEM_ERROR).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen  (int fd, const char *mode);
-#else
-extern gzFile EXPORT gzdopen  OF((int fd, const char *mode));
-#endif
-/*
-     gzdopen() associates a gzFile with the file descriptor fd.  File
-   descriptors are obtained from calls like open, dup, creat, pipe or
-   fileno (in the file has been previously opened with fopen).
-   The mode parameter is as in gzopen.
-     The next call of gzclose on the returned gzFile will also close the
-   file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
-   descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
-     gzdopen returns NULL if there was insufficient memory to allocate
-   the (de)compression state.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzread  (gzFile file, voidp buf, unsigned len);
-#else
-extern int EXPORT    gzread  OF((gzFile file, voidp buf, unsigned len));
-#endif
-/*
-     Reads the given number of uncompressed bytes from the compressed file.
-   If the input file was not in gzip format, gzread copies the given number
-   of bytes into the buffer.
-     gzread returns the number of uncompressed bytes actually read (0 for
-   end of file, -1 for error). */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzwrite (gzFile file, const voidp buf, unsigned len);
-#else
-extern int EXPORT    gzwrite OF((gzFile file, const voidp buf, unsigned len));
-#endif
-/*
-     Writes the given number of uncompressed bytes into the compressed file.
-   gzwrite returns the number of uncompressed bytes actually written
-   (0 in case of error).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzflush (gzFile file, int flush);
-#else
-extern int EXPORT    gzflush OF((gzFile file, int flush));
-#endif
-/*
-     Flushes all pending output into the compressed file. The parameter
-   flush is as in the deflate() function. The return value is the zlib
-   error number (see function gzerror below). gzflush returns Z_OK if
-   the flush parameter is Z_FINISH and all output could be flushed.
-     gzflush should be called only when strictly necessary because it can
-   degrade compression.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int)    gzclose (gzFile file);
-#else
-extern int EXPORT    gzclose OF((gzFile file));
-#endif
-/*
-     Flushes all pending output if necessary, closes the compressed file
-   and deallocates all the (de)compression state. The return value is the zlib
-   error number (see function gzerror below).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum);
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum));
-#endif
-/*
-     Returns the error message for the last error which occurred on the
-   given compressed file. errnum is set to zlib error number. If an
-   error occurred in the file system and not in the compression library,
-   errnum is set to Z_ERRNO and the application may consult errno
-   to get the exact error code.
-*/
-
-                        /* checksum functions */
-
-/*
-     These functions are not related to compression but are exported
-   anyway because they might be useful in applications using the
-   compression library.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) adler32 (uLong adler, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-#endif
-
-/*
-     Update a running Adler-32 checksum with the bytes buf[0..len-1] and
-   return the updated checksum. If buf is NULL, this function returns
-   the required initial value for the checksum.
-   An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
-   much faster. Usage example:
-
-     uLong adler = adler32(0L, Z_NULL, 0);
-
-     while (read_buffer(buffer, length) != EOF) {
-       adler = adler32(adler, buffer, length);
-     }
-     if (adler != original_adler) error();
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) crc32   (uLong crc, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT crc32   OF((uLong crc, const Bytef *buf, uInt len));
-#endif
-/*
-     Update a running crc with the bytes buf[0..len-1] and return the updated
-   crc. If buf is NULL, this function returns the required initial value
-   for the crc. Pre- and post-conditioning (one's complement) is performed
-   within this function so it shouldn't be done by the application.
-   Usage example:
-
-     uLong crc = crc32(0L, Z_NULL, 0);
-
-     while (read_buffer(buffer, length) != EOF) {
-       crc = crc32(crc, buffer, length);
-     }
-     if (crc != original_crc) error();
-*/
-
-
-                        /* various hacks, don't look :) */
-
-/* deflateInit and inflateInit are macros to allow checking the zlib version
- * and the compiler's view of z_stream:
- */
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateInit_ (z_streamp strm, int level, const char *version, 
-					int stream_size);
-PR_PUBLIC_API(extern int) inflateInit_ (z_streamp strm, const char *version, 
-					int stream_size);
-PR_PUBLIC_API(extern int) deflateInit2_ (z_streamp strm, int  level, int  method, 
-					 int windowBits, int memLevel, int strategy, 
-					 const char *version, int stream_size);
-PR_PUBLIC_API(extern int) inflateInit2_ (z_streamp strm, int  windowBits, 
-					 const char *version, int stream_size);
-#else
-extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version, 
-				   int stream_size));
-extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version, 
-				   int stream_size));
-extern int EXPORT deflateInit2_ OF((z_streamp strm, int  level, int  method, 
-				    int windowBits, int memLevel, int strategy, 
-				    const char *version, int stream_size));
-extern int EXPORT inflateInit2_ OF((z_streamp strm, int  windowBits, 
-				    const char *version, int stream_size));
-#endif /* MOZILLA_CLIENT */
-
-
-#define deflateInit(strm, level) \
-        deflateInit_((strm), (level),       ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit(strm) \
-        inflateInit_((strm),                ZLIB_VERSION, sizeof(z_stream))
-#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
-        deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
-		      (strategy),           ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit2(strm, windowBits) \
-        inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-
-#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
-    struct internal_state {int dummy;}; /* hack for buggy compilers */
-#endif
-
-uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _ZLIB_H */
diff --git a/security/nss/lib/jar/manifest.mn b/security/nss/lib/jar/manifest.mn
deleted file mode 100644
index 9a47b1558..000000000
--- a/security/nss/lib/jar/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-MODULE = security
-
-LIBRARY_NAME = jar
-
-CORE_DEPTH = ../../..
-
-CSRCS =	\
-	jarver.c \
-	jarsign.c \
-	jar.c \
-	jar-ds.c \
-	jarfile.c \
-	jarevil.c \
-	jarjart.c \
-	jarint.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-EXPORTS	 = jar.h jar-ds.h jarfile.h
-
-DEFINES = -DMOZILLA_CLIENT=1
diff --git a/security/nss/lib/macbuild/NSS/NSS/NSS.mcp b/security/nss/lib/macbuild/NSS/NSS/NSS.mcp
deleted file mode 100644
index 99a1dd3de..000000000
--- a/security/nss/lib/macbuild/NSS/NSS/NSS.mcp
+++ /dev/null
diff --git a/security/nss/lib/macbuild/SecurityLib.mcp b/security/nss/lib/macbuild/SecurityLib.mcp
deleted file mode 100644
index 3efcf8c2d..000000000
--- a/security/nss/lib/macbuild/SecurityLib.mcp
+++ /dev/null
diff --git a/security/nss/lib/manifest.mn b/security/nss/lib/manifest.mn
deleted file mode 100644
index 2738cf722..000000000
--- a/security/nss/lib/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../..
-DEPTH      = ../..
-
-#
-# organized by DLL
-#
-#  softoken and prereqs.
-#  stan (not a separate dll yet)
-#  nss base (traditional)
-#  ssl
-#  smime
-#  ckfw (builtins module)
-#  crmf jar (not dll's)
-#  fortcrypt
-DIRS =  util freebl softoken \
-	base asn1 dev pki pki1 \
-	certdb certhigh pk11wrap cryptohi crypto nss \
-	ssl \
-	pkcs12 pkcs7 smime \
-	crmf jar \
-	ckfw      \
-	fortcrypt \
-	$(NULL)
-
-# NSS 4.0 build - pure stan libraries
-ifdef PURE_STAN_BUILD
-DIRS = base asn1 dev pki pki1
-endif
-
-#
-# these dirs are not built at the moment
-#
-#NOBUILD_DIRS = jar
diff --git a/security/nss/lib/nss/Makefile b/security/nss/lib/nss/Makefile
deleted file mode 100644
index cb58ef545..000000000
--- a/security/nss/lib/nss/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-include config.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/nss/config.mk b/security/nss/lib/nss/config.mk
deleted file mode 100644
index 693b6d31a..000000000
--- a/security/nss/lib/nss/config.mk
+++ /dev/null
@@ -1,106 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-EXTRA_SHARED_LIBS += \
-	$(DIST)/lib/softokn3.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-
-else
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lsoftokn3 \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-
-endif
-
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-SHARED_LIBRARY_LIBS = \
-	$(DIST)/lib/$(LIB_PREFIX)certhi.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)cryptohi.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)pk11wrap.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)certdb.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nsspki.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nssdev.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \
-	$(NULL)
-
-SHARED_LIBRARY_DIRS = \
-	../certhigh \
-	../cryptohi \
-	../pk11wrap \
-	../certdb \
-	../util \
-	../pki \
-	../dev \
-	../base \
-	$(NULL)
-
-
-ifeq ($(OS_TARGET),SunOS)
-# The -R '$ORIGIN' linker option instructs libnss3.so to search for its
-# dependencies (libsoftokn3.so) in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-endif
-
-ifeq (,$(filter-out WINNT WIN95,$(OS_TARGET)))
-# Export 'mktemp' to be backward compatible with NSS 3.2.x and 3.3.x
-# but do not put it in the import library.  See bug 142575.
-DEFINES += -DWIN32_NSS3_DLL_COMPAT
-DLLFLAGS += -EXPORT:mktemp=nss_mktemp,PRIVATE
-endif
diff --git a/security/nss/lib/nss/manifest.mn b/security/nss/lib/nss/manifest.mn
deleted file mode 100644
index 1fbdc045d..000000000
--- a/security/nss/lib/nss/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
-	nssrenam.h \
-	$(NULL)
-
-EXPORTS = \
-	nss.h \
-	$(NULL)
-
-MODULE = security
-
-CSRCS = \
-	nssinit.c \
-	nssver.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-MAPFILE = $(OBJDIR)/nss.def
-
-LIBRARY_NAME = nss
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
deleted file mode 100644
index 4931b6964..000000000
--- a/security/nss/lib/nss/nss.def
+++ /dev/null
@@ -1,688 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation.  Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation.  All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s): 
-;+#	Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above.  If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL.  If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+#   1. For all unix platforms, the string ";-"  means "remove this line"
-;+#   2. For all unix platforms, the string " DATA " will be removed from any 
-;+#	line on which it occurs.
-;+#   3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+#      On AIX, lines containing ";+" will be removed.  
-;+#   4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+#   5. For all unix platforms, after the above processing has taken place,
-;+#    all characters after the first ";" on the line will be removed.  
-;+#    And for AIX, the first ";" will also be removed.
-;+#  This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+#   directives are hidden behind ";", ";+", and ";-"
-;+NSS_3.2 {       # NSS 3.2 release
-;+    global:
-LIBRARY nss3	;-
-EXPORTS		;-
-ATOB_AsciiToData;
-BTOA_ConvertItemToAscii;
-BTOA_DataToAscii;
-CERT_AsciiToName;
-CERT_CertTimesValid;
-CERT_CheckCertValidTimes;
-CERT_CreateCertificateRequest;
-CERT_ChangeCertTrust;
-CERT_DecodeDERCrl;
-CERT_DestroyCertificateRequest;
-CERT_DestroyCertList;
-CERT_DestroyName;
-CERT_EnableOCSPChecking;
-CERT_FormatName;
-CERT_DestroyCertificate;
-CERT_DupCertificate;
-CERT_FreeDistNames;
-CERT_FreeNicknames;
-CERT_GetAVATag;
-CERT_GetCertEmailAddress;
-CERT_GetCertNicknames;
-CERT_GetCertIssuerAndSN;
-CERT_GetCertTrust;
-CERT_GetCertUid;
-CERT_GetCommonName;
-CERT_GetCountryName;
-CERT_GetDBContentVersion;
-CERT_GetDefaultCertDB;
-CERT_GetDomainComponentName;
-CERT_GetLocalityName;
-CERT_GetOrgName;
-CERT_GetOrgUnitName;
-CERT_GetSSLCACerts;
-CERT_GetSlopTime;
-CERT_GetStateName;
-CERT_ImportCAChain;
-CERT_NameToAscii;
-CERT_RFC1485_EscapeAndQuote;
-CERT_SetSlopTime;
-CERT_VerifyCertName;
-CERT_VerifyCertNow;
-DER_UTCDayToAscii;
-DER_UTCTimeToAscii;
-DER_GeneralizedTimeToTime;
-NSS_Init;
-NSS_Initialize;
-NSS_InitReadWrite;
-NSS_NoDB_Init;
-NSS_Shutdown;
-NSS_VersionCheck;
-PK11_Authenticate;
-PK11_ChangePW;
-PK11_CheckUserPassword;
-PK11_CipherOp;
-PK11_CloneContext;
-PK11_ConfigurePKCS11;
-PK11_CreateContextBySymKey;
-PK11_CreateDigestContext;
-PK11_DestroyContext;
-PK11_DestroyTokenObject;
-PK11_DigestBegin;
-PK11_DigestOp;
-PK11_DigestFinal;
-PK11_DoesMechanism;
-PK11_FindCertFromNickname;
-PK11_FindCertFromDERCert;
-PK11_FindCertByIssuerAndSN;
-PK11_FindKeyByAnyCert;
-PK11_FindKeyByDERCert;
-PK11_FindSlotByName;
-PK11_Finalize;
-PK11_FortezzaHasKEA;
-PK11_FreeSlot;
-PK11_FreeSlotList;
-PK11_FreeSymKey;
-PK11_GenerateKeyPair;
-PK11_GenerateRandom;
-PK11_GenerateNewParam;
-PK11_GetAllTokens;
-PK11_GetBlockSize;
-PK11_GetFirstSafe;
-PK11_GetInternalKeySlot;
-PK11_GetInternalSlot;
-PK11_GetSlotName;
-PK11_GetTokenName;
-PK11_HashBuf;
-PK11_IsFIPS;
-PK11_IsFriendly;
-PK11_IsInternal;
-PK11_IsHW;
-PK11_IsPresent;
-PK11_IsReadOnly;
-PK11_KeyGen;
-PK11_ListCerts;
-PK11_NeedLogin;
-PK11_RandomUpdate;
-PK11_SetPasswordFunc;
-PK11_SetSlotPWValues;
-PORT_Alloc;
-PORT_Free;
-PORT_GetError;
-PORT_SetError;
-PORT_SetUCS4_UTF8ConversionFunction;
-PORT_SetUCS2_UTF8ConversionFunction;
-PORT_SetUCS2_ASCIIConversionFunction;
-SECITEM_CopyItem;
-SECITEM_DupItem;
-SECITEM_FreeItem;
-SECITEM_ZfreeItem;
-SECKEY_ConvertToPublicKey;
-SECKEY_CopyPrivateKey;
-SECKEY_CreateSubjectPublicKeyInfo;
-SECKEY_DestroyPrivateKey;
-SECKEY_DestroySubjectPublicKeyInfo;
-SECMOD_IsModulePresent;
-SECOID_FindOIDTagDescription;
-SECOID_GetAlgorithmTag;
-SEC_DeletePermCertificate;
-SEC_DeletePermCRL;
-SEC_DerSignData;
-SEC_DestroyCrl;
-SEC_FindCrlByDERCert;
-SEC_FindCrlByName;
-SEC_LookupCrls;
-SEC_NewCrl;
-;+#
-;+# The following symbols are exported only to make libssl3.so work. 
-;+# These are still private!!!
-;+#
-__CERT_NewTempCertificate;
-__PK11_CreateContextByRawKey;
-__PK11_GetKeyData;
-__nss_InitLock;
-CERT_CertChainFromCert;
-CERT_DestroyCertificateList;
-CERT_DupCertList;
-CERT_ExtractPublicKey;
-CERT_FindCertByName;
-DER_Lengths;
-DSAU_DecodeDerSig;
-DSAU_EncodeDerSig;
-HASH_GetHashObject;
-NSSRWLock_Destroy;
-NSSRWLock_HaveWriteLock;
-NSSRWLock_LockRead;
-NSSRWLock_LockWrite;
-NSSRWLock_New;
-NSSRWLock_UnlockRead;
-NSSRWLock_UnlockWrite;
-NSS_PutEnv;
-PK11_Derive;
-PK11_DeriveWithFlags;
-PK11_DigestKey;
-PK11_FindBestKEAMatch;
-PK11_FindFixedKey;
-PK11_GenerateFortezzaIV;
-PK11_GetBestKeyLength;
-PK11_GetBestSlot;
-PK11_GetBestSlotMultiple;
-PK11_GetBestWrapMechanism;
-PK11_GetCurrentWrapIndex;
-PK11_GetMechanism;
-PK11_GetModuleID;
-PK11_GetPrivateModulusLen;
-PK11_GetSlotFromKey;
-PK11_GetSlotFromPrivateKey;
-PK11_GetSlotID;
-PK11_GetSlotSeries;
-PK11_GetTokenInfo;
-PK11_GetWindow;
-PK11_GetWrapKey;
-PK11_IVFromParam;
-PK11_MakeKEAPubKey;
-PK11_ParamFromIV;
-PK11_PubDecryptRaw;
-PK11_PubDerive;
-PK11_PubEncryptRaw;
-PK11_PubUnwrapSymKey;
-PK11_PubWrapSymKey;
-PK11_ReferenceSymKey;
-PK11_RestoreContext;
-PK11_SaveContext;
-PK11_SetFortezzaHack;
-PK11_SetWrapKey;
-PK11_Sign;
-PK11_SignatureLen;
-PK11_SymKeyFromHandle;
-PK11_TokenExists;
-PK11_UnwrapSymKey;
-PK11_UnwrapSymKeyWithFlags;
-PK11_Verify;
-PK11_VerifyKeyOK;
-PK11_WrapSymKey;
-PORT_ArenaAlloc;
-PORT_ArenaZAlloc;
-PORT_FreeArena;
-PORT_NewArena;
-PORT_Realloc;
-PORT_ZAlloc;
-PORT_ZFree;
-RSA_FormatBlock;
-SECITEM_CompareItem;
-SECKEY_CreateRSAPrivateKey;
-SECKEY_DestroyPublicKey;
-SECKEY_PublicKeyStrength;
-SECKEY_UpdateCertPQG;
-SECMOD_LookupSlot;
-SGN_Begin;
-SGN_DestroyContext;
-SGN_End;
-SGN_NewContext;
-SGN_Update;
-VFY_Begin;
-VFY_CreateContext;
-VFY_DestroyContext;
-VFY_End;
-VFY_Update;
-;+#
-;+# The following symbols are exported only to make libsmime3.so work. 
-;+# These are still private!!!
-;+#
-__CERT_ClosePermCertDB;
-__CERT_DecodeDERCertificate;
-__CERT_TraversePermCertsForNickname;
-__CERT_TraversePermCertsForSubject;
-__PBE_CreateContext;
-__PBE_DestroyContext;
-__PBE_GenerateBits;
-ATOB_ConvertAsciiToItem;
-CERT_AddCertToListTail;
-CERT_CertListFromCert;
-CERT_DestroyCertArray;
-CERT_FindCertByDERCert;
-CERT_FindCertByIssuerAndSN;
-CERT_FindSMimeProfile;
-CERT_ImportCerts;
-CERT_NewCertList;
-CERT_OpenCertDBFilename;
-CERT_SaveSMimeProfile;
-CERT_VerifyCert;
-DER_GetInteger;
-DER_TimeToUTCTime;
-DER_UTCTimeToTime;
-PK11_AlgtagToMechanism;
-PK11_BlockData;
-PK11_CreatePBEAlgorithmID;
-PK11_DestroyObject;
-PK11_ExportEncryptedPrivateKeyInfo;
-PK11_ExportPrivateKeyInfo;
-PK11_FindCertAndKeyByRecipientList;
-PK11_FindCertAndKeyByRecipientListNew;
-PK11_FindCertInSlot;
-PK11_FindPrivateKeyFromCert;
-PK11_FortezzaMapSig;
-PK11_GetKeyLength;
-PK11_GetKeyStrength;
-PK11_ImportCertForKeyToSlot;
-PK11_ImportEncryptedPrivateKeyInfo;
-PK11_ImportPrivateKeyInfo;
-PK11_MapPBEMechanismToCryptoMechanism;
-PK11_PBEKeyGen;
-PK11_ParamFromAlgid;
-PK11_ParamToAlgid;
-PK11_TraverseCertsForNicknameInSlot;
-PK11_TraverseCertsForSubjectInSlot;
-PORT_ArenaGrow;
-PORT_ArenaMark;
-PORT_ArenaRelease;
-PORT_ArenaStrdup;
-PORT_ArenaUnmark;
-PORT_UCS2_ASCIIConversion;
-PORT_UCS2_UTF8Conversion;
-SECITEM_AllocItem;
-SECKEY_CopyEncryptedPrivateKeyInfo;
-SECKEY_CopyPrivateKeyInfo;
-SECKEY_DestroyEncryptedPrivateKeyInfo;
-SECKEY_DestroyPrivateKeyInfo;
-SECOID_CompareAlgorithmID;
-SECOID_CopyAlgorithmID;
-SECOID_DestroyAlgorithmID;
-SECOID_FindOID;
-SECOID_FindOIDByTag;
-SECOID_FindOIDTag;
-SECOID_SetAlgorithmID;
-SEC_ASN1DecodeInteger;
-SEC_ASN1DecodeItem;
-SEC_ASN1DecoderClearFilterProc;
-SEC_ASN1DecoderClearNotifyProc;
-SEC_ASN1DecoderFinish;
-SEC_ASN1DecoderSetFilterProc;
-SEC_ASN1DecoderSetNotifyProc;
-SEC_ASN1DecoderStart;
-SEC_ASN1DecoderUpdate;
-SEC_ASN1Encode;
-SEC_ASN1EncodeInteger;
-SEC_ASN1EncodeItem;
-SEC_ASN1EncoderClearNotifyProc;
-SEC_ASN1EncoderClearStreaming;
-SEC_ASN1EncoderClearTakeFromBuf;
-SEC_ASN1EncoderFinish;
-SEC_ASN1EncoderSetNotifyProc;
-SEC_ASN1EncoderSetStreaming;
-SEC_ASN1EncoderSetTakeFromBuf;
-SEC_ASN1EncoderStart;
-SEC_ASN1EncoderUpdate;
-SEC_ASN1LengthLength;
-SEC_PKCS5GetCryptoAlgorithm;
-SEC_PKCS5GetKeyLength;
-SEC_PKCS5GetPBEAlgorithm;
-SEC_PKCS5IsAlgorithmPBEAlg;
-SEC_SignData;
-SGN_CompareDigestInfo;
-SGN_CopyDigestInfo;
-SGN_CreateDigestInfo;
-SGN_DestroyDigestInfo;
-SGN_Digest;
-VFY_VerifyData;
-VFY_VerifyDigest;
-;+#
-;+# Data objects
-;+#
-;+# Don't export these DATA symbols on Windows because they don't work right.
-;;CERT_CrlTemplate DATA ;
-;;CERT_SignedDataTemplate DATA ;
-;;CERT_CertificateTemplate DATA ;
-;;CERT_CertificateRequestTemplate DATA ;
-;;CERT_IssuerAndSNTemplate DATA ;
-;;CERT_SetOfSignedCrlTemplate DATA ;
-;;SECKEY_DSAPublicKeyTemplate DATA ;
-;;SECKEY_EncryptedPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PointerToEncryptedPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PointerToPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PrivateKeyInfoTemplate DATA ;
-;;SECKEY_RSAPublicKeyTemplate DATA ;
-;;SECOID_AlgorithmIDTemplate DATA ;
-;;SEC_AnyTemplate DATA ;
-;;SEC_BMPStringTemplate DATA ;
-;;SEC_BitStringTemplate DATA ;
-;;SEC_GeneralizedTimeTemplate DATA ;
-;;SEC_IA5StringTemplate DATA ;
-;;SEC_IntegerTemplate DATA ;
-;;SEC_ObjectIDTemplate DATA ;
-;;SEC_OctetStringTemplate DATA ;
-;;SEC_PointerToAnyTemplate DATA ;
-;;SEC_PointerToOctetStringTemplate DATA ;
-;;SEC_SetOfAnyTemplate DATA ;
-;;SEC_UTCTimeTemplate DATA ;
-;;sgn_DigestInfoTemplate DATA ;
-NSS_Get_CERT_CrlTemplate;
-NSS_Get_CERT_SignedDataTemplate;
-NSS_Get_CERT_CertificateTemplate;
-NSS_Get_CERT_CertificateRequestTemplate;
-NSS_Get_CERT_IssuerAndSNTemplate;
-NSS_Get_CERT_SetOfSignedCrlTemplate;
-NSS_Get_SECKEY_DSAPublicKeyTemplate;
-NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PrivateKeyInfoTemplate;
-NSS_Get_SECKEY_RSAPublicKeyTemplate;
-NSS_Get_SECOID_AlgorithmIDTemplate;
-NSS_Get_SEC_AnyTemplate;
-NSS_Get_SEC_BMPStringTemplate;
-NSS_Get_SEC_BitStringTemplate;
-NSS_Get_SEC_GeneralizedTimeTemplate;
-NSS_Get_SEC_IA5StringTemplate;
-NSS_Get_SEC_IntegerTemplate;
-NSS_Get_SEC_ObjectIDTemplate;
-NSS_Get_SEC_OctetStringTemplate;
-NSS_Get_SEC_PointerToAnyTemplate;
-NSS_Get_SEC_PointerToOctetStringTemplate;
-NSS_Get_SEC_SetOfAnyTemplate;
-NSS_Get_SEC_UTCTimeTemplate;
-NSS_Get_sgn_DigestInfoTemplate;
-;+# commands
-CERT_DecodeBasicConstraintValue;
-CERT_DecodeOidSequence;
-CERT_DecodeUserNotice;
-CERT_DecodeCertificatePoliciesExtension;
-CERT_DestroyCertificatePoliciesExtension;
-CERT_FindCertByNicknameOrEmailAddr;
-CERT_FindCertByNickname;
-CERT_GenTime2FormattedAscii;
-CERT_Hexify;
-CERT_CompareName;
-PK11SDR_Encrypt;
-PK11SDR_Decrypt;
-NSSBase64Decoder_Create;
-NSSBase64Decoder_Destroy;
-NSSBase64Decoder_Update;
-NSSBase64Encoder_Create;
-NSSBase64Encoder_Destroy;
-NSSBase64Encoder_Update;
-;+#PK11_DoPassword;
-;+#PK11_FindKeyByKeyID;
-PK11_InitPin;
-PK11_NeedUserInit;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.2.1 {       # NSS 3.2.1 release
-;+    global:
-CERT_AddRDN;
-CERT_CreateRDN;
-CERT_CreateAVA;
-CERT_CreateName;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.3 { 	# NSS 3.3. release
-;+    global:
-CERT_CheckCertUsage;
-CERT_FindCertIssuer;
-PK11_GetModule;
-SECKEY_CreateDHPrivateKey;
-SECKEY_GetPublicKeyType;
-SECMOD_AddNewModule;
-;+#
-;+# The following symbols are exported only to make JSS work.
-;+# These are still private!!!
-;+#
-CERT_DisableOCSPChecking;
-CERT_DisableOCSPDefaultResponder;
-CERT_EnableOCSPDefaultResponder;
-CERT_GetCertTimes;
-CERT_ImportCAChainTrusted;
-CERT_ImportCRL;
-CERT_IsCACert;
-CERT_IsCADERCert;
-CERT_SetOCSPDefaultResponder;
-PBE_CreateContext;
-PBE_DestroyContext;
-PBE_GenerateBits;
-PK11_CheckSSOPassword;
-PK11_CopySymKeyForSigning;
-PK11_DeleteTokenCertAndKey;
-PK11_DEREncodePublicKey;
-PK11_ExtractKeyValue;
-PK11_FindCertsFromNickname;
-PK11_FindKeyByKeyID;
-PK11_GetIVLength;
-PK11_GetKeyData;
-PK11_GetKeyType;
-PK11_GetLowLevelKeyIDForCert;
-PK11_GetLowLevelKeyIDForPrivateKey;
-PK11_GetSlotPWValues;
-PK11_ImportCertForKey;
-PK11_ImportDERCertForKey;
-PK11_ImportDERPrivateKeyInfo;
-PK11_ImportSymKey;
-PK11_IsLoggedIn;
-PK11_KeyForDERCertExists;
-PK11_KeyForCertExists;
-PK11_ListPrivateKeysInSlot;
-PK11_ListCertsInSlot;
-PK11_Logout;
-PK11_NeedPWInit;
-PK11_MakeIDFromPubKey;
-PK11_PQG_DestroyParams;
-PK11_PQG_DestroyVerify;
-PK11_PQG_GetBaseFromParams;
-PK11_PQG_GetCounterFromVerify;
-PK11_PQG_GetHFromVerify;
-PK11_PQG_GetPrimeFromParams;
-PK11_PQG_GetSeedFromVerify;
-PK11_PQG_GetSubPrimeFromParams;
-PK11_PQG_NewParams;
-PK11_PQG_NewVerify;
-PK11_PQG_ParamGen;
-PK11_PQG_ParamGenSeedLen;
-PK11_PQG_VerifyParams;
-PK11_ReferenceSlot;
-PK11_SeedRandom;
-PK11_UnwrapPrivKey;
-PK11_VerifyRecover;
-PK11_WrapPrivKey;
-SEC_CertNicknameConflict;
-SEC_PKCS5GetIV;
-SECMOD_DeleteInternalModule;
-SECMOD_DestroyModule;
-SECMOD_GetDefaultModuleList;
-SECMOD_GetDefaultModuleListLock;
-SECMOD_GetInternalModule;
-SECMOD_GetReadLock;
-SECMOD_ReferenceModule;
-SECMOD_ReleaseReadLock;
-SECKEY_AddPrivateKeyToListTail;
-SECKEY_EncodeDERSubjectPublicKeyInfo;
-SECKEY_ExtractPublicKey;
-SECKEY_DestroyPrivateKeyList;
-SECKEY_GetPrivateKeyType;
-SECKEY_HashPassword;
-SECKEY_ImportDERPublicKey;
-SECKEY_NewPrivateKeyList;
-SECKEY_RemovePrivateKeyListNode;
-VFY_EndWithSignature;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.3.1 { 	# NSS 3.3.1 release
-;+    global:
-;+#
-;+# The following symbols are exported only to make libsmime3.so work. 
-;+# These are still private!!!
-;+#
-PK11_CreatePBEParams;
-PK11_DestroyPBEParams;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.4 { 	# NSS 3.4 release
-;+    global:
-SECMOD_AddNewModuleEx;
-SECMOD_DeleteModule;
-SECMOD_FreeModuleSpecList;
-SECMOD_GetModuleSpecList;
-SECMOD_LoadModule;
-SECMOD_LoadUserModule;
-SECMOD_UnloadUserModule;
-SECMOD_UpdateModule;
-;+# for PKCS #12
-PK11_RawPBEKeyGen;
-;+# for PSM
-__CERT_AddTempCertToPerm;
-CERT_AddOKDomainName;
-CERT_CopyName;
-CERT_CreateSubjectCertList;
-CERT_DecodeAVAValue;
-;+#CERT_DecodeCertFromPackage;
-CERT_DecodeGeneralName;
-CERT_DecodeTrustString;
-CERT_DerNameToAscii;
-CERT_EncodeGeneralName;
-CERT_FilterCertListByCANames;
-CERT_FilterCertListByUsage;
-CERT_FindCertExtension;
-CERT_FindKeyUsageExtension;
-CERT_FindUserCertByUsage;
-CERT_FindUserCertsByUsage;
-CERT_GetCertChainFromCert;
-CERT_GetOCSPAuthorityInfoAccessLocation;
-CERT_KeyFromDERCrl;
-CERT_MakeCANickname;
-CERT_NicknameStringsFromCertList;
-CERT_VerifySignedData;
-DER_Encode;
-HASH_Begin;
-HASH_Create;
-HASH_Destroy;
-HASH_End;
-HASH_ResultLen;
-HASH_Update;
-NSSBase64_DecodeBuffer;   # from Stan
-NSSBase64_EncodeItem;   # from Stan
-PK11_GetKeyGen;
-PK11_GetMinimumPwdLength;
-PK11_GetNextSafe;
-PK11_GetPadMechanism;
-PK11_GetSlotInfo;
-PK11_HasRootCerts;
-PK11_IsDisabled;
-PK11_LoadPrivKey;
-PK11_LogoutAll;
-PK11_MechanismToAlgtag;
-PK11_ResetToken;
-PK11_TraverseSlotCerts;
-SEC_ASN1Decode;
-SECKEY_CopySubjectPublicKeyInfo;
-SECMOD_CreateModule;
-SECMOD_FindModule;
-SECMOD_FindSlot;
-SECMOD_PubCipherFlagstoInternal;
-SECMOD_PubMechFlagstoInternal;
-;;CERT_NameTemplate DATA ;
-;;CERT_SubjectPublicKeyInfoTemplate DATA ;
-;;SEC_BooleanTemplate DATA ;
-;;SEC_NullTemplate DATA ;
-;;SEC_SignedCertificateTemplate DATA ;
-;;SEC_UTF8StringTemplate DATA ;
-NSS_Get_CERT_NameTemplate;
-NSS_Get_CERT_SubjectPublicKeyInfoTemplate;
-NSS_Get_SEC_BooleanTemplate;
-NSS_Get_SEC_NullTemplate;
-NSS_Get_SEC_SignedCertificateTemplate;
-NSS_Get_SEC_UTF8StringTemplate;
-;+# for JSS
-PK11_DeleteTokenPrivateKey;
-PK11_DeleteTokenPublicKey;
-PK11_DeleteTokenSymKey;
-PK11_GetNextSymKey;
-PK11_GetPQGParamsFromPrivateKey;
-PK11_GetPrivateKeyNickname;
-PK11_GetPublicKeyNickname;
-PK11_GetSymKeyNickname;
-PK11_ImportDERPrivateKeyInfoAndReturnKey;
-PK11_ImportPrivateKeyInfoAndReturnKey;
-PK11_ImportPublicKey;
-PK11_ImportSymKeyWithFlags;
-PK11_ListFixedKeysInSlot;
-PK11_ListPrivKeysInSlot;
-PK11_ListPublicKeysInSlot;
-PK11_ProtectedAuthenticationPath;
-PK11_SetPrivateKeyNickname;
-PK11_SetPublicKeyNickname;
-PK11_SetSymKeyNickname;
-SECKEY_DecodeDERSubjectPublicKeyInfo;
-SECKEY_DestroyPublicKeyList;
-;+# for debugging
-nss_DumpCertificateCacheInfo;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.5 { 	# cert creation APIs used by certutil
-;+    global:
-CERT_AddExtension;
-CERT_CopyRDN;
-CERT_CreateCertificate;
-CERT_CreateValidity;
-CERT_DestroyValidity;
-CERT_EncodeAndAddBitStrExtension;
-CERT_EncodeAuthKeyID;
-CERT_EncodeBasicConstraintValue;
-CERT_EncodeCRLDistributionPoints;
-CERT_FinishExtensions;
-CERT_StartCertExtensions;
-DER_AsciiToTime;
-PK11_ImportCert;
-PORT_Strdup;
-SECMOD_CanDeleteInternalModule;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.6 { 	# cert creation APIs used by certutil
-;+    global:
-PK11_GetPBEIV;
-;+    local:
-;+       *;
-;+};
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
deleted file mode 100644
index c457e1a94..000000000
--- a/security/nss/lib/nss/nss.h
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __nss_h_
-#define __nss_h_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * NSS's major version, minor version, patch level, and whether
- * this is a beta release.
- *
- * The format of the version string should be
- *     "<major version>.<minor version>[.<patch level>] [<Beta>]"
- */
-#define NSS_VERSION  "3.6 Beta"
-#define NSS_VMAJOR   3
-#define NSS_VMINOR   6
-#define NSS_VPATCH   0
-#define NSS_BETA     PR_TRUE
-
-
-/*
- * Return a boolean that indicates whether the underlying library
- * will perform as the caller expects.
- *
- * The only argument is a string, which should be the verson
- * identifier of the NSS library. That string will be compared
- * against a string that represents the actual build version of
- * the NSS library.  It also invokes the version checking functions
- * of the dependent libraries such as NSPR.
- */
-extern PRBool NSS_VersionCheck(const char *importedVersion);
-
-/*
- * Open the Cert, Key, and Security Module databases, read only.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- */
-extern SECStatus NSS_Init(const char *configdir);
-
-/*
- * Open the Cert, Key, and Security Module databases, read/write.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- */
-extern SECStatus NSS_InitReadWrite(const char *configdir);
-
-/*
- * Open the Cert, Key, and Security Module databases, read/write.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- *
- * This allows using application defined prefixes for the cert and key db's
- * and an alternate name for the secmod database. NOTE: In future releases,
- * the database prefixes my not necessarily map to database names.
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * 			"https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * 			"https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * flags - change the open options of NSS_Initialize as follows:
- * 	NSS_INIT_READONLY - Open the databases read only.
- * 	NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just 
- * 			initialize the volatile certdb.
- * 	NSS_INIT_NOMODDB  - Don't open the security module DB, just 
- *			initialize the 	PKCS #11 module.
- *      NSS_INIT_FORCEOPEN - Continue to force initializations even if the 
- * 			databases cannot be opened.
- *      NSS_INIT_NOROOTINIT - Don't try to look for the root certs module
- *			automatically.
- *      NSS_INIT_OPTIMIZESPACE - Use smaller tables and caches.
- *
- * Also NOTE: This is not the recommended method for initializing NSS. 
- * The prefered method is NSS_init().
- */
-#define NSS_INIT_READONLY	0x1
-#define NSS_INIT_NOCERTDB	0x2
-#define NSS_INIT_NOMODDB	0x4
-#define NSS_INIT_FORCEOPEN	0x8
-#define NSS_INIT_NOROOTINIT     0x10
-#define NSS_INIT_OPTIMIZESPACE  0x20
-
-extern SECStatus NSS_Initialize(const char *configdir, 
-	const char *certPrefix, const char *keyPrefix, 
-	const char *secmodName, PRUint32 flags);
-
-/*
- * initialize NSS without a creating cert db's, key db's, or secmod db's.
- */
-SECStatus NSS_NoDB_Init(const char *configdir);
-
-/* 
- * Close the Cert, Key databases.
- */
-extern SECStatus NSS_Shutdown(void);
-
-/*
- * set the PKCS #11 strings for the internal token.
- */
-void PK11_ConfigurePKCS11(const char *man, const char *libdes, 
-	const char *tokdes, const char *ptokdes, const char *slotdes, 
-	const char *pslotdes, const char *fslotdes, const char *fpslotdes,
-        int minPwd, int pwRequired);
-
-/*
- * Dump the contents of the certificate cache and the temporary cert store.
- * Use to detect leaked references of certs at shutdown time.
- */
-void nss_DumpCertificateCacheInfo(void);
-
-SEC_END_PROTOS
-
-#endif /* __nss_h_ */
diff --git a/security/nss/lib/nss/nss.rc b/security/nss/lib/nss/nss.rc
deleted file mode 100644
index 7eb93b8bb..000000000
--- a/security/nss/lib/nss/nss.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "nss"
-#define MY_FILEDESCRIPTION "NSS Base Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
-    BLOCK "StringFileInfo"
-    BEGIN
-        BLOCK "040904B0" // Lang=US English, CharSet=Unicode
-        BEGIN
-            VALUE "CompanyName", "Netscape Communications Corporation\0"
-            VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
-            VALUE "FileVersion", NSS_VERSION "\0"
-            VALUE "InternalName", MY_INTERNAL_NAME "\0"
-            VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
-            VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
-            VALUE "ProductName", "Network Security Services\0"
-            VALUE "ProductVersion", NSS_VERSION "\0"
-        END
-    END
-    BLOCK "VarFileInfo"
-    BEGIN
-        VALUE "Translation", 0x409, 1200
-    END
-END
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
deleted file mode 100644
index 9ef35d704..000000000
--- a/security/nss/lib/nss/nssinit.c
+++ /dev/null
@@ -1,604 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include <ctype.h>
-#include "seccomon.h"
-#include "prinit.h"
-#include "prprf.h"
-#include "prmem.h"
-#include "cert.h"
-#include "key.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "secmod.h"
-#include "secoid.h"
-#include "nss.h"
-#include "secrng.h"
-#include "pk11func.h"
-
-#include "pki3hack.h"
-
-/*
- * On Windows nss3.dll needs to export the symbol 'mktemp' to be
- * fully backward compatible with the nss3.dll in NSS 3.2.x and
- * 3.3.x.  This symbol was unintentionally exported and its
- * definition (in DBM) was moved from nss3.dll to softokn3.dll
- * in NSS 3.4.  See bug 142575.
- */
-#ifdef WIN32_NSS3_DLL_COMPAT
-#include <io.h>
-
-/* exported as 'mktemp' */
-char *
-nss_mktemp(char *path)
-{
-    return _mktemp(path);
-}
-#endif
-
-#define NSS_MAX_FLAG_SIZE  sizeof("readOnly")+sizeof("noCertDB")+ \
-	sizeof("noModDB")+sizeof("forceOpen")+sizeof("passwordRequired")+ \
-	sizeof ("optimizeSpace")
-#define NSS_DEFAULT_MOD_NAME "NSS Internal Module"
-#ifdef macintosh
-#define SECMOD_DB "Security Modules"
-#else
-#define SECMOD_DB "secmod.db"
-#endif
-
-static char *
-nss_makeFlags(PRBool readOnly, PRBool noCertDB, 
-				PRBool noModDB, PRBool forceOpen, 
-				PRBool passwordRequired, PRBool optimizeSpace) 
-{
-    char *flags = (char *)PORT_Alloc(NSS_MAX_FLAG_SIZE);
-    PRBool first = PR_TRUE;
-
-    PORT_Memset(flags,0,NSS_MAX_FLAG_SIZE);
-    if (readOnly) {
-        PORT_Strcat(flags,"readOnly");
-        first = PR_FALSE;
-    }
-    if (noCertDB) {
-        if (!first) PORT_Strcat(flags,",");
-        PORT_Strcat(flags,"noCertDB");
-        first = PR_FALSE;
-    }
-    if (noModDB) {
-        if (!first) PORT_Strcat(flags,",");
-        PORT_Strcat(flags,"noModDB");
-        first = PR_FALSE;
-    }
-    if (forceOpen) {
-        if (!first) PORT_Strcat(flags,",");
-        PORT_Strcat(flags,"forceOpen");
-        first = PR_FALSE;
-    }
-    if (passwordRequired) {
-        if (!first) PORT_Strcat(flags,",");
-        PORT_Strcat(flags,"passwordRequired");
-        first = PR_FALSE;
-    }
-    if (optimizeSpace) {
-        if (!first) PORT_Strcat(flags,",");
-        PORT_Strcat(flags,"optimizeSpace");
-        first = PR_FALSE;
-    }
-    return flags;
-}
-
-/*
- * statics to remember the PKCS11_ConfigurePKCS11()
- * info.
- */
-static char * pk11_config_strings = NULL;
-static char * pk11_config_name = NULL;
-static PRBool pk11_password_required = PR_FALSE;
-
-/*
- * this is a legacy configuration function which used to be part of
- * the PKCS #11 internal token.
- */
-void
-PK11_ConfigurePKCS11(const char *man, const char *libdes, const char *tokdes,
-	const char *ptokdes, const char *slotdes, const char *pslotdes, 
-	const char *fslotdes, const char *fpslotdes, int minPwd, int pwRequired)
-{
-   char *strings = NULL;
-   char *newStrings;
-
-   /* make sure the internationalization was done correctly... */
-   strings = PR_smprintf("");
-   if (strings == NULL) return;
-
-    if (man) {
-        newStrings = PR_smprintf("%s manufacturerID='%s'",strings,man);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    if (libdes) {
-        newStrings = PR_smprintf("%s libraryDescription='%s'",strings,libdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-	if (pk11_config_name != NULL) {
-	    PORT_Free(pk11_config_name);
-	}
-	pk11_config_name = PORT_Strdup(libdes);
-    }
-   if (strings == NULL) return;
-
-    if (tokdes) {
-        newStrings = PR_smprintf("%s cryptoTokenDescription='%s'",strings,
-								tokdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    if (ptokdes) {
-        newStrings = PR_smprintf("%s dbTokenDescription='%s'",strings,ptokdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    if (slotdes) {
-        newStrings = PR_smprintf("%s cryptoSlotDescription='%s'",strings,
-								slotdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    if (pslotdes) {
-        newStrings = PR_smprintf("%s dbSlotDescription='%s'",strings,pslotdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    if (fslotdes) {
-        newStrings = PR_smprintf("%s FIPSSlotDescription='%s'",
-							strings,fslotdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    if (fpslotdes) {
-        newStrings = PR_smprintf("%s FIPSTokenDescription='%s'",
-							strings,fpslotdes);
-	PR_smprintf_free(strings);
-	strings = newStrings;
-    }
-   if (strings == NULL) return;
-
-    newStrings = PR_smprintf("%s minPS=%d", strings, minPwd);
-    PR_smprintf_free(strings);
-    strings = newStrings;
-   if (strings == NULL) return;
-
-    if (pk11_config_strings != NULL) {
-	PR_smprintf_free(pk11_config_strings);
-    }
-    pk11_config_strings = strings;
-    pk11_password_required = pwRequired;
-
-    return;
-}
-
-static char *
-nss_addEscape(const char *string, char quote)
-{
-    char *newString = 0;
-    int escapes = 0, size = 0;
-    const char *src;
-    char *dest;
-
-    for (src=string; *src ; src++) {
-	if ((*src == quote) || (*src == '\\')) escapes++;
-	size++;
-    }
-
-    newString = PORT_ZAlloc(escapes+size+1); 
-    if (newString == NULL) {
-	return NULL;
-    }
-
-    for (src=string, dest=newString; *src; src++,dest++) {
-	if ((*src == '\\') || (*src == quote)) {
-	    *dest++ = '\\';
-	}
-	*dest = *src;
-    }
-
-    return newString;
-}
-
-static char *
-nss_doubleEscape(const char *string)
-{
-    char *round1 = NULL;
-    char *retValue = NULL;
-    if (string == NULL) {
-	goto done;
-    }
-    round1 = nss_addEscape(string,'\'');
-    if (round1) {
-	retValue = nss_addEscape(round1,'"');
-	PORT_Free(round1);
-    }
-
-done:
-    if (retValue == NULL) {
-	retValue = PORT_Strdup("");
-    }
-    return retValue;
-}
-
-
-#ifndef XP_MAC
-/*
- * The following code is an attempt to automagically find the external root
- * module. NOTE: This code should be checked out on the MAC! There must be
- * some cross platform support out there to help out with this?
- * Note: Keep the #if-defined chunks in order. HPUX must select before UNIX.
- */
-
-static const char *dllname =
-#if defined(XP_WIN32) || defined(XP_OS2)
-	"nssckbi.dll";
-#elif defined(HPUX)
-	"libnssckbi.sl";
-#elif defined(DARWIN)
-	"libnssckbi.dylib";
-#elif defined(XP_UNIX) || defined(XP_BEOS)
-	"libnssckbi.so";
-#elif defined(XP_MAC)
-	"NSS Builtin Root Certs";
-#else
-	#error "Uh! Oh! I don't know about this platform."
-#endif
-
-/* Should we have platform ifdefs here??? */
-#define FILE_SEP '/'
-
-static void nss_FindExternalRootPaths(const char *dbpath, const char* secmodprefix,
-                              char** retoldpath, char** retnewpath)
-{
-    char *path, *oldpath = NULL, *lastsep;
-    int len, path_len, secmod_len, dll_len;
-
-    path_len = PORT_Strlen(dbpath);
-    secmod_len = PORT_Strlen(secmodprefix);
-    dll_len = PORT_Strlen(dllname);
-    len = path_len + secmod_len + dll_len + 2; /* FILE_SEP + NULL */
-
-    path = PORT_Alloc(len);
-    if (path == NULL) return;
-
-    /* back up to the top of the directory */
-    PORT_Memcpy(path,dbpath,path_len);
-    if (path[path_len-1] != FILE_SEP) {
-        path[path_len++] = FILE_SEP;
-    }
-    PORT_Strcpy(&path[path_len],dllname);
-    if (secmodprefix) {
-        lastsep = PORT_Strrchr(secmodprefix, FILE_SEP);
-        if (lastsep) {
-            int secmoddir_len = lastsep-secmodprefix+1; /* FILE_SEP */
-            oldpath = PORT_Alloc(len);
-            if (oldpath == NULL) {
-                PORT_Free(path);
-                return;
-            }
-            PORT_Memcpy(oldpath,path,path_len);
-            PORT_Memcpy(&oldpath[path_len],secmodprefix,secmoddir_len);
-            PORT_Strcpy(&oldpath[path_len+secmoddir_len],dllname);
-        }
-    }
-    *retoldpath = oldpath;
-    *retnewpath = path;
-    return;
-}
-
-static void nss_FreeExternalRootPaths(char* oldpath, char* path)
-{
-    if (path) {
-        PORT_Free(path);
-    }
-    if (oldpath) {
-        PORT_Free(oldpath);
-    }
-}
-
-static void
-nss_FindExternalRoot(const char *dbpath, const char* secmodprefix)
-{
-	char *path = NULL;
-        char *oldpath = NULL;
-        PRBool hasrootcerts = PR_FALSE;
-
-        /*
-         * 'oldpath' is the external root path in NSS 3.3.x or older.
-         * For backward compatibility we try to load the root certs
-         * module with the old path first.
-         */
-        nss_FindExternalRootPaths(dbpath, secmodprefix, &oldpath, &path);
-        if (oldpath) {
-            (void) SECMOD_AddNewModule("Root Certs",oldpath, 0, 0);
-            hasrootcerts = SECMOD_HasRootCerts();
-        }
-        if (path && !hasrootcerts) {
-	    (void) SECMOD_AddNewModule("Root Certs",path, 0, 0);
-        }
-        nss_FreeExternalRootPaths(oldpath, path);
-	return;
-}
-#endif
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * 			"https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * 			"https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the 
- *			Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the 
- *			PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * 			be opened.
- */
-
-static PRBool nss_IsInitted = PR_FALSE;
-
-static SECStatus
-nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
-		 const char *secmodName, PRBool readOnly, PRBool noCertDB, 
-			PRBool noModDB, PRBool forceOpen, PRBool noRootInit,
-			PRBool optimizeSpace)
-{
-    char *moduleSpec = NULL;
-    char *flags = NULL;
-    SECStatus rv = SECFailure;
-    char *lconfigdir = NULL;
-    char *lcertPrefix = NULL;
-    char *lkeyPrefix = NULL;
-    char *lsecmodName = NULL;
-
-    if (nss_IsInitted) {
-	return SECSuccess;
-    }
-
-    flags = nss_makeFlags(readOnly,noCertDB,noModDB,forceOpen,
-					pk11_password_required, optimizeSpace);
-    if (flags == NULL) return rv;
-
-    /*
-     * configdir is double nested, and Windows uses the same character
-     * for file seps as we use for escapes! (sigh).
-     */
-    lconfigdir = nss_doubleEscape(configdir);
-    if (lconfigdir == NULL) {
-	goto loser;
-    }
-    lcertPrefix = nss_doubleEscape(certPrefix);
-    if (lcertPrefix == NULL) {
-	goto loser;
-    }
-    lkeyPrefix = nss_doubleEscape(keyPrefix);
-    if (lkeyPrefix == NULL) {
-	goto loser;
-    }
-    lsecmodName = nss_doubleEscape(secmodName);
-    if (lsecmodName == NULL) {
-	goto loser;
-    }
-
-    moduleSpec = PR_smprintf("name=\"%s\" parameters=\"configdir='%s' certPrefix='%s' keyPrefix='%s' secmod='%s' flags=%s %s\" NSS=\"flags=internal,moduleDB,moduleDBOnly,critical\"",
-		pk11_config_name ? pk11_config_name : NSS_DEFAULT_MOD_NAME,
-		lconfigdir,lcertPrefix,lkeyPrefix,lsecmodName,flags,
-		pk11_config_strings ? pk11_config_strings : "");
-
-loser:
-    PORT_Free(flags);
-    if (lconfigdir) PORT_Free(lconfigdir);
-    if (lcertPrefix) PORT_Free(lcertPrefix);
-    if (lkeyPrefix) PORT_Free(lkeyPrefix);
-    if (lsecmodName) PORT_Free(lsecmodName);
-
-    if (moduleSpec) {
-	SECMODModule *module = SECMOD_LoadModule(moduleSpec,NULL,PR_TRUE);
-	PR_smprintf_free(moduleSpec);
-	if (module) {
-	    if (module->loaded) rv=SECSuccess;
-	    SECMOD_DestroyModule(module);
-	}
-    }
-
-    if (rv == SECSuccess) {
-	/* can this function fail?? */
-	STAN_LoadDefaultNSS3TrustDomain();
-	CERT_SetDefaultCertDB((CERTCertDBHandle *)
-				STAN_GetDefaultTrustDomain());
-#ifndef XP_MAC
-	/* only servers need this. We currently do not have a mac server */
-	if ((!noModDB) && (!noCertDB) && (!noRootInit)) {
-	    if (!SECMOD_HasRootCerts()) {
-		nss_FindExternalRoot(configdir, secmodName);
-	    }
-	}
-#endif
-	nss_IsInitted = PR_TRUE;
-    }
-    return rv;
-}
-
-
-SECStatus
-NSS_Init(const char *configdir)
-{
-    return nss_Init(configdir, "", "", SECMOD_DB, PR_TRUE, 
-		PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE, PR_TRUE);
-}
-
-SECStatus
-NSS_InitReadWrite(const char *configdir)
-{
-    return nss_Init(configdir, "", "", SECMOD_DB, PR_FALSE, 
-		PR_FALSE, PR_FALSE, PR_FALSE, PR_FALSE, PR_TRUE);
-}
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * 			"https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * 			"https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * flags - change the open options of NSS_Initialize as follows:
- * 	NSS_INIT_READONLY - Open the databases read only.
- * 	NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just 
- * 			initialize the volatile certdb.
- * 	NSS_INIT_NOMODDB  - Don't open the security module DB, just 
- *			initialize the 	PKCS #11 module.
- *      NSS_INIT_FORCEOPEN - Continue to force initializations even if the 
- * 			databases cannot be opened.
- */
-SECStatus
-NSS_Initialize(const char *configdir, const char *certPrefix, 
-	const char *keyPrefix, const char *secmodName, PRUint32 flags)
-{
-    return nss_Init(configdir, certPrefix, keyPrefix, secmodName, 
-	((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
-	((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
-	((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
-	((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN),
-	((flags & NSS_INIT_NOROOTINIT) == NSS_INIT_NOROOTINIT),
-	((flags & NSS_INIT_OPTIMIZESPACE) == NSS_INIT_OPTIMIZESPACE));
-}
-
-/*
- * initialize NSS without a creating cert db's, key db's, or secmod db's.
- */
-SECStatus
-NSS_NoDB_Init(const char * configdir)
-{
-      return nss_Init(configdir?configdir:"","","",SECMOD_DB,
-			PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE);
-}
-
-SECStatus
-NSS_Shutdown(void)
-{
-    SECStatus rv;
-
-    SECOID_Shutdown();
-    STAN_Shutdown();
-    rv = SECMOD_Shutdown();
-    nss_IsInitted = PR_FALSE;
-    return rv;
-}
-
-
-
-extern const char __nss_base_rcsid[];
-extern const char __nss_base_sccsid[];
-
-PRBool
-NSS_VersionCheck(const char *importedVersion)
-{
-    /*
-     * This is the secret handshake algorithm.
-     *
-     * This release has a simple version compatibility
-     * check algorithm.  This release is not backward
-     * compatible with previous major releases.  It is
-     * not compatible with future major, minor, or
-     * patch releases.
-     */
-    int vmajor = 0, vminor = 0, vpatch = 0;
-    const char *ptr = importedVersion;
-    volatile char c; /* force a reference that won't get optimized away */
-
-    c = __nss_base_rcsid[0] + __nss_base_sccsid[0]; 
-
-    while (isdigit(*ptr)) {
-        vmajor = 10 * vmajor + *ptr - '0';
-        ptr++;
-    }
-    if (*ptr == '.') {
-        ptr++;
-        while (isdigit(*ptr)) {
-            vminor = 10 * vminor + *ptr - '0';
-            ptr++;
-        }
-        if (*ptr == '.') {
-            ptr++;
-            while (isdigit(*ptr)) {
-                vpatch = 10 * vpatch + *ptr - '0';
-                ptr++;
-            }
-        }
-    }
-
-    if (vmajor != NSS_VMAJOR) {
-        return PR_FALSE;
-    }
-    if (vmajor == NSS_VMAJOR && vminor > NSS_VMINOR) {
-        return PR_FALSE;
-    }
-    if (vmajor == NSS_VMAJOR && vminor == NSS_VMINOR && vpatch > NSS_VPATCH) {
-        return PR_FALSE;
-    }
-    /* Check dependent libraries */
-    if (PR_VersionCheck(PR_VERSION) == PR_FALSE) {
-        return PR_FALSE;
-    }
-    return PR_TRUE;
-}
-
-
diff --git a/security/nss/lib/nss/nssrenam.h b/security/nss/lib/nss/nssrenam.h
deleted file mode 100644
index 7791173f5..000000000
--- a/security/nss/lib/nss/nssrenam.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __nssrenam_h_
-#define __nssrenam_h_
-
-#define CERT_NewTempCertificate __CERT_NewTempCertificate
-#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey
-#define PK11_GetKeyData __PK11_GetKeyData
-#define nss_InitLock __nss_InitLock
-#define CERT_ClosePermCertDB __CERT_ClosePermCertDB
-#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate
-#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname
-#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject
-#define PBE_CreateContext __PBE_CreateContext
-#define PBE_DestroyContext __PBE_DestroyContext
-#define PBE_GenerateBits __PBE_GenerateBits
-
-#endif /* __nssrenam_h_ */
diff --git a/security/nss/lib/nss/nssver.c b/security/nss/lib/nss/nssver.c
deleted file mode 100644
index 463a77b6b..000000000
--- a/security/nss/lib/nss/nssver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_base_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__ " $";
-const char __nss_base_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/pk11wrap/Makefile b/security/nss/lib/pk11wrap/Makefile
deleted file mode 100644
index a84456e7d..000000000
--- a/security/nss/lib/pk11wrap/Makefile
+++ /dev/null
@@ -1,88 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pk11slot.c in 64-bit mode for unknown reasons.  A workaround is
-# to compile it with optimizations turned on.  (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pk11slot.o: pk11slot.c
-	@$(MAKE_OBJDIR)
-	$(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
diff --git a/security/nss/lib/pk11wrap/config.mk b/security/nss/lib/pk11wrap/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/pk11wrap/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c
deleted file mode 100644
index 3f704436d..000000000
--- a/security/nss/lib/pk11wrap/dev3hack.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#include "pki3hack.h"
-#include "dev3hack.h"
-#include "pkim.h"
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include "pk11func.h"
-#include "secmodti.h"
-
-NSS_IMPLEMENT nssSession *
-nssSession_ImportNSS3Session(NSSArena *arenaOpt,
-                             CK_SESSION_HANDLE session, 
-                             PZLock *lock, PRBool rw)
-{
-    nssSession *rvSession;
-    rvSession = nss_ZNEW(arenaOpt, nssSession);
-    rvSession->handle = session;
-    rvSession->lock = lock;
-    rvSession->isRW = rw;
-    return rvSession;
-}
-
-NSS_IMPLEMENT nssSession *
-nssSlot_CreateSession
-(
-  NSSSlot *slot,
-  NSSArena *arenaOpt,
-  PRBool readWrite
-)
-{
-    nssSession *rvSession;
-    rvSession = nss_ZNEW(arenaOpt, nssSession);
-    if (!rvSession) {
-	return (nssSession *)NULL;
-    }
-    if (readWrite) {
-	rvSession->handle = PK11_GetRWSession(slot->pk11slot);
-	if (rvSession->handle == CK_INVALID_HANDLE) {
-	    nss_ZFreeIf(rvSession);
-	    return NULL;
-	}
-	rvSession->isRW = PR_TRUE;
-	rvSession->slot = slot;
-	return rvSession;
-    } else {
-	return NULL;
-    }
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_Destroy
-(
-  nssSession *s
-)
-{
-    CK_RV ckrv = CKR_OK;
-    if (s) {
-	if (s->isRW) {
-	    PK11_RestoreROSession(s->slot->pk11slot, s->handle);
-	}
-	nss_ZFreeIf(s);
-    }
-    return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-static NSSSlot *
-nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
-{
-    NSSSlot *rvSlot;
-    NSSArena *arena;
-    arena = nssArena_Create();
-    if (!arena) {
-	return NULL;
-    }
-    rvSlot = nss_ZNEW(arena, NSSSlot);
-    if (!rvSlot) {
-	nssArena_Destroy(arena);
-	return NULL;
-    }
-    rvSlot->base.refCount = 1;
-    rvSlot->base.lock = PZ_NewLock(nssILockOther);
-    rvSlot->base.arena = arena;
-    rvSlot->pk11slot = nss3slot;
-    rvSlot->epv = nss3slot->functionList;
-    rvSlot->slotID = nss3slot->slotID;
-    /* Grab the slot name from the PKCS#11 fixed-length buffer */
-    rvSlot->base.name = nssUTF8_Duplicate(nss3slot->slot_name,td->arena);
-    return rvSlot;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
-{
-    NSSToken *rvToken;
-    NSSArena *arena;
-    arena = nssArena_Create();
-    if (!arena) {
-	return NULL;
-    }
-    rvToken = nss_ZNEW(arena, NSSToken);
-    if (!rvToken) {
-	nssArena_Destroy(arena);
-	return NULL;
-    }
-    rvToken->base.refCount = 1;
-    rvToken->base.lock = PZ_NewLock(nssILockOther);
-    rvToken->base.arena = arena;
-    rvToken->pk11slot = nss3slot;
-    rvToken->epv = nss3slot->functionList;
-    rvToken->defaultSession = nssSession_ImportNSS3Session(td->arena,
-                                                       nss3slot->session,
-                                                       nss3slot->sessionLock,
-                                                       nss3slot->defRWSession);
-    /* The above test was used in 3.4, for this cache have it always on */
-    if (!PK11_IsInternal(nss3slot) && PK11_IsHW(nss3slot)) {
-	rvToken->cache = nssTokenObjectCache_Create(rvToken, 
-	                                            PR_TRUE, PR_TRUE, PR_TRUE);
-	if (!rvToken->cache) {
-	    nssArena_Destroy(arena);
-	    return (NSSToken *)NULL;
-	}
-    }
-    rvToken->trustDomain = td;
-    /* Grab the token name from the PKCS#11 fixed-length buffer */
-    rvToken->base.name = nssUTF8_Duplicate(nss3slot->token_name,td->arena);
-    rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot);
-    rvToken->slot->token = rvToken;
-    rvToken->defaultSession->slot = rvToken->slot;
-    return rvToken;
-}
-
-NSS_IMPLEMENT void
-nssToken_UpdateName(NSSToken *token)
-{
-    if (!token) {
-	return;
-    }
-    token->base.name = nssUTF8_Duplicate(token->pk11slot->token_name,token->base.arena);
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsPermanent
-(
-  NSSSlot *slot
-)
-{
-    return slot->pk11slot->isPerm;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsFriendly
-(
-  NSSSlot *slot
-)
-{
-    return PK11_IsFriendly(slot->pk11slot);
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_Refresh(NSSToken *token)
-{
-    PK11SlotInfo *nss3slot;
-
-    if (!token) {
-	return PR_SUCCESS;
-    }
-    nss3slot = token->pk11slot;
-    token->defaultSession = nssSession_ImportNSS3Session(token->slot->base.arena,
-                                                       nss3slot->session,
-                                                       nss3slot->sessionLock,
-                                                       nss3slot->defRWSession);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Refresh
-(
-  NSSSlot *slot
-)
-{
-    PK11SlotInfo *nss3slot = slot->pk11slot;
-    PRBool doit = PR_FALSE;
-    if (slot->token->base.name[0] == 0) {
-	doit = PR_TRUE;
-    }
-    if (PK11_InitToken(nss3slot, PR_FALSE) != SECSuccess) {
-	return PR_FAILURE;
-    }
-    if (doit) {
-	nssTrustDomain_UpdateCachedTokenCerts(slot->token->trustDomain, 
-	                                      slot->token);
-    }
-    return nssToken_Refresh(slot->token);
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_GetTrustOrder
-(
-  NSSToken *tok
-)
-{
-    PK11SlotInfo *slot;
-    SECMODModule *module;
-    slot = tok->pk11slot;
-    module = PK11_GetModule(slot);
-    return module->trustOrder;
-}
-
-NSS_IMPLEMENT PRBool
-nssSlot_IsLoggedIn
-(
-  NSSSlot *slot
-)
-{
-    if (!slot->pk11slot->needLogin) {
-	return PR_TRUE;
-    }
-    return PK11_IsLoggedIn(slot->pk11slot, NULL);
-}
-
-
-NSSTrustDomain *
-nssToken_GetTrustDomain(NSSToken *token)
-{
-    return token->trustDomain;
-}
-
-NSS_EXTERN PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-);
-
-NSS_IMPLEMENT PRStatus
-nssToken_NotifyCertsNotVisible
-(
-  NSSToken *tok
-)
-{
-    return nssTrustDomain_RemoveTokenCertsFromCache(tok->trustDomain, tok);
-}
-
diff --git a/security/nss/lib/pk11wrap/dev3hack.h b/security/nss/lib/pk11wrap/dev3hack.h
deleted file mode 100644
index d2e3ab4e1..000000000
--- a/security/nss/lib/pk11wrap/dev3hack.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVNSS3HACK_H
-#define DEVNSS3HACK_H
-
-#ifdef DEBUG
-static const char DEVNSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "cert.h"
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSToken *
-nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot);
-
-NSS_EXTERN void
-nssToken_UpdateName(NSSToken *);
-
-NSS_EXTERN PRStatus
-nssToken_Refresh(NSSToken *);
-
-NSSTrustDomain *
-nssToken_GetTrustDomain(NSSToken *token);
-
-void PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst);
-
-NSSToken * PK11Slot_GetNSSToken(PK11SlotInfo *sl);
-
-PR_END_EXTERN_C
-
-#endif /* DEVNSS3HACK_H */
diff --git a/security/nss/lib/pk11wrap/manifest.mn b/security/nss/lib/pk11wrap/manifest.mn
deleted file mode 100644
index 9d39d9b75..000000000
--- a/security/nss/lib/pk11wrap/manifest.mn
+++ /dev/null
@@ -1,70 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	secmod.h \
-	secmodt.h \
-	secpkcs5.h \
-	pk11func.h \
-	pk11sdr.h \
-	pk11pqg.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	pk11init.h \
-	dev3hack.h \
-	$(NULL)
-
-MODULE = security
-
-CSRCS = \
-	dev3hack.c \
-	pk11cert.c \
-	pk11err.c  \
-	pk11load.c \
-	pk11pars.c \
-	pk11slot.c \
-	pk11list.c \
-	pk11skey.c \
-	pk11kea.c \
-	pk11util.c \
-	pk11sdr.c \
-	pk11pqg.c \
-	pk11pk12.c \
-	pk11pbe.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = pk11wrap
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
deleted file mode 100644
index ae0629d49..000000000
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ /dev/null
@@ -1,4023 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "secitem.h"
-#include "key.h"
-#include "hasht.h"
-#include "secoid.h"
-#include "pkcs7t.h"
-#include "cmsreclist.h"
-
-#include "certdb.h"
-#include "secerr.h"
-#include "sslerr.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "pki3hack.h"
-#include "dev3hack.h"
-
-#include "devm.h" 
-#include "nsspki.h"
-#include "pki.h"
-#include "pkim.h"
-#include "pkitm.h"
-#include "pkistore.h" /* to remove temp cert */
-
-#define PK11_SEARCH_CHUNKSIZE 10
-
-CK_OBJECT_HANDLE
-pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx);
-
-struct nss3_cert_cbstr {
-    SECStatus(* callback)(CERTCertificate*, void *);
-    nssList *cached;
-    void *arg;
-};
-
-/* Translate from NSSCertificate to CERTCertificate, then pass the latter
- * to a callback.
- */
-static PRStatus convert_cert(NSSCertificate *c, void *arg)
-{
-    CERTCertificate *nss3cert;
-    SECStatus secrv;
-    struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
-    nss3cert = STAN_GetCERTCertificate(c);
-    if (!nss3cert) return PR_FAILURE;
-    secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
-    return (secrv) ? PR_FAILURE : PR_SUCCESS;
-}
-
-void
-PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst) 
-{
-    sl->nssToken = nsst;
-}
-
-NSSToken *
-PK11Slot_GetNSSToken(PK11SlotInfo *sl) 
-{
-    return sl->nssToken;
-}
-
-/*
- * build a cert nickname based on the token name and the label of the 
- * certificate If the label in NULL, build a label based on the ID.
- */
-static int toHex(int x) { return (x < 10) ? (x+'0') : (x+'a'-10); }
-#define MAX_CERT_ID 4
-#define DEFAULT_STRING "Cert ID "
-static char *
-pk11_buildNickname(PK11SlotInfo *slot,CK_ATTRIBUTE *cert_label,
-			CK_ATTRIBUTE *key_label, CK_ATTRIBUTE *cert_id)
-{
-    int prefixLen = PORT_Strlen(slot->token_name);
-    int suffixLen = 0;
-    char *suffix = NULL;
-    char buildNew[sizeof(DEFAULT_STRING)+MAX_CERT_ID*2];
-    char *next,*nickname;
-
-    if (cert_label && (cert_label->ulValueLen)) {
-	suffixLen = cert_label->ulValueLen;
-	suffix = (char*)cert_label->pValue;
-    } else if (key_label && (key_label->ulValueLen)) {
-	suffixLen = key_label->ulValueLen;
-	suffix = (char*)key_label->pValue;
-    } else if (cert_id && cert_id->ulValueLen > 0) {
-	int i,first = cert_id->ulValueLen - MAX_CERT_ID;
-	int offset = sizeof(DEFAULT_STRING);
-	char *idValue = (char *)cert_id->pValue;
-
-	PORT_Memcpy(buildNew,DEFAULT_STRING,sizeof(DEFAULT_STRING)-1);
-	next = buildNew + offset;
-	if (first < 0) first = 0;
-	for (i=first; i < (int) cert_id->ulValueLen; i++) {
-		*next++ = toHex((idValue[i] >> 4) & 0xf);
-		*next++ = toHex(idValue[i] & 0xf);
-	}
-	*next++ = 0;
-	suffix = buildNew;
-	suffixLen = PORT_Strlen(buildNew);
-    } else {
-	PORT_SetError( SEC_ERROR_LIBRARY_FAILURE );
-	return NULL;
-    }
-
-    /* if is internal key slot, add code to skip the prefix!! */
-    next = nickname = (char *)PORT_Alloc(prefixLen+1+suffixLen+1);
-    if (nickname == NULL) return NULL;
-
-    PORT_Memcpy(next,slot->token_name,prefixLen);
-    next += prefixLen;
-    *next++ = ':';
-    PORT_Memcpy(next,suffix,suffixLen);
-    next += suffixLen;
-    *next++ = 0;
-    return nickname;
-}
-
-/*
- * return the object handle that matches the template
- */
-CK_OBJECT_HANDLE
-pk11_FindObjectByTemplate(PK11SlotInfo *slot,CK_ATTRIBUTE *theTemplate,int tsize)
-{
-    CK_OBJECT_HANDLE object;
-    CK_RV crv;
-    CK_ULONG objectCount;
-
-    /*
-     * issue the find
-     */
-    PK11_EnterSlotMonitor(slot);
-    crv=PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, theTemplate, tsize);
-    if (crv != CKR_OK) {
-        PK11_ExitSlotMonitor(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return CK_INVALID_HANDLE;
-    }
-
-    crv=PK11_GETTAB(slot)->C_FindObjects(slot->session,&object,1,&objectCount);
-    PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
-    PK11_ExitSlotMonitor(slot);
-    if ((crv != CKR_OK) || (objectCount < 1)) {
-	/* shouldn't use SSL_ERROR... here */
-	PORT_SetError( crv != CKR_OK ? PK11_MapError(crv) :
-						  SSL_ERROR_NO_CERTIFICATE);
-	return CK_INVALID_HANDLE;
-    }
-
-    /* blow up if the PKCS #11 module returns us and invalid object handle */
-    PORT_Assert(object != CK_INVALID_HANDLE);
-    return object;
-} 
-
-/*
- * return all the object handles that matches the template
- */
-CK_OBJECT_HANDLE *
-pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
-		CK_ATTRIBUTE *findTemplate,int findCount,int *object_count) {
-    CK_OBJECT_HANDLE *objID = NULL;
-    CK_ULONG returned_count = 0;
-    CK_RV crv;
-
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, findTemplate, 
-								findCount);
-    if (crv != CKR_OK) {
-	PK11_ExitSlotMonitor(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	*object_count = -1;
-	return NULL;
-    }
-
-
-    /*
-     * collect all the Matching Objects
-     */
-    do {
-	CK_OBJECT_HANDLE *oldObjID = objID;
-
-	if (objID == NULL) {
-    	    objID = (CK_OBJECT_HANDLE *) PORT_Alloc(sizeof(CK_OBJECT_HANDLE)*
-				(*object_count+ PK11_SEARCH_CHUNKSIZE));
-	} else {
-    	    objID = (CK_OBJECT_HANDLE *) PORT_Realloc(objID,
-		sizeof(CK_OBJECT_HANDLE)*(*object_count+PK11_SEARCH_CHUNKSIZE));
-	}
-
-	if (objID == NULL) {
-	    if (oldObjID) PORT_Free(oldObjID);
-	    break;
-	}
-    	crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
-		&objID[*object_count],PK11_SEARCH_CHUNKSIZE,&returned_count);
-	if (crv != CKR_OK) {
-	    PORT_SetError( PK11_MapError(crv) );
-	    PORT_Free(objID);
-	    objID = NULL;
-	    break;
-    	}
-	*object_count += returned_count;
-    } while (returned_count == PK11_SEARCH_CHUNKSIZE);
-
-    PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
-    PK11_ExitSlotMonitor(slot);
-
-    if (objID && (*object_count == 0)) {
-	PORT_Free(objID);
-	return NULL;
-    }
-    if (objID == NULL) *object_count = -1;
-    return objID;
-}
-/*
- * given a PKCS #11 object, match it's peer based on the KeyID. searchID
- * is typically a privateKey or a certificate while the peer is the opposite
- */
-CK_OBJECT_HANDLE
-PK11_MatchItem(PK11SlotInfo *slot, CK_OBJECT_HANDLE searchID,
-				 		CK_OBJECT_CLASS matchclass)
-{
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_ID, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    CK_ATTRIBUTE *keyclass = &theTemplate[1];
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    /* if you change the array, change the variable below as well */
-    CK_OBJECT_HANDLE peerID;
-    CK_OBJECT_HANDLE parent;
-    PRArenaPool *arena;
-    CK_RV crv;
-
-    /* now we need to create space for the public key */
-    arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) return CK_INVALID_HANDLE;
-
-    crv = PK11_GetAttributes(arena,slot,searchID,theTemplate,tsize);
-    if (crv != CKR_OK) {
-	PORT_FreeArena(arena,PR_FALSE);
-	PORT_SetError( PK11_MapError(crv) );
-	return CK_INVALID_HANDLE;
-    }
-
-    /*
-     * issue the find
-     */
-    parent = *(CK_OBJECT_CLASS *)(keyclass->pValue);
-    *(CK_OBJECT_CLASS *)(keyclass->pValue) = matchclass;
-
-    peerID = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
-    PORT_FreeArena(arena,PR_FALSE);
-
-    return peerID;
-}
-
-PRBool
-PK11_IsUserCert(PK11SlotInfo *slot, CERTCertificate *cert,
-						CK_OBJECT_HANDLE certID)
-{
-    CK_OBJECT_CLASS theClass;
-
-    if (slot == NULL) return PR_FALSE;
-    if (cert == NULL) return PR_FALSE;
-
-    theClass = CKO_PRIVATE_KEY;
-    if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
-	theClass = CKO_PUBLIC_KEY;
-    }
-    if (PK11_MatchItem(slot, certID , theClass) != CK_INVALID_HANDLE) {
-	return PR_TRUE;
-    }
-
-   if (theClass == CKO_PUBLIC_KEY) {
-	SECKEYPublicKey *pubKey= CERT_ExtractPublicKey(cert);
-	CK_ATTRIBUTE theTemplate;
-
-	if (pubKey == NULL) {
-	   return PR_FALSE;
-	}
-
-	PK11_SETATTRS(&theTemplate,0,NULL,0);
-	switch (pubKey->keyType) {
-	case rsaKey:
-	    PK11_SETATTRS(&theTemplate,CKA_MODULUS, pubKey->u.rsa.modulus.data,
-						pubKey->u.rsa.modulus.len);
-	    break;
-	case dsaKey:
-	    PK11_SETATTRS(&theTemplate,CKA_VALUE, pubKey->u.dsa.publicValue.data,
-						pubKey->u.dsa.publicValue.len);
-	case dhKey:
-	    PK11_SETATTRS(&theTemplate,CKA_VALUE, pubKey->u.dh.publicValue.data,
-						pubKey->u.dh.publicValue.len);
-	    break;
-	case keaKey:
-	case fortezzaKey:
-	case nullKey:
-	    /* fall through and return false */
-	    break;
-	}
-
-	if (theTemplate.ulValueLen == 0) {
-	    SECKEY_DestroyPublicKey(pubKey);
-	    return PR_FALSE;
-	}
-	pk11_SignedToUnsigned(&theTemplate);
-	if (pk11_FindObjectByTemplate(slot,&theTemplate,1) != CK_INVALID_HANDLE) {
-	    SECKEY_DestroyPublicKey(pubKey);
-	    return PR_TRUE;
-	}
-	SECKEY_DestroyPublicKey(pubKey);
-    }
-    return PR_FALSE;
-}
-
-/*
- * Check out if a cert has ID of zero. This is a magic ID that tells
- * NSS that this cert may be an automagically trusted cert.
- * The Cert has to be self signed as well. That check is done elsewhere.
- *  
- */
-PRBool
-pk11_isID0(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID)
-{
-    CK_ATTRIBUTE keyID = {CKA_ID, NULL, 0};
-    PRBool isZero = PR_FALSE;
-    int i;
-    CK_RV crv;
-
-
-    crv = PK11_GetAttributes(NULL,slot,certID,&keyID,1);
-    if (crv != CKR_OK) {
-	return isZero;
-    }
-
-    if (keyID.ulValueLen != 0) {
-	char *value = (char *)keyID.pValue;
-	isZero = PR_TRUE; /* ID exists, may be zero */
-	for (i=0; i < (int) keyID.ulValueLen; i++) {
-	    if (value[i] != 0) {
-		isZero = PR_FALSE; /* nope */
-		break;
-	    }
-	}
-    }
-    PORT_Free(keyID.pValue);
-    return isZero;
-
-}
-
-/*
- * Create an NSSCertificate from a slot/certID pair, return it as a
- * CERTCertificate.
- */
-CERTCertificate
-*pk11_fastCert(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID, 
-			CK_ATTRIBUTE *privateLabel, char **nickptr)
-{
-    NSSCertificate *c;
-    nssCryptokiObject *co;
-    nssPKIObject *pkio;
-    NSSToken *token;
-    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-
-    /* Get the cryptoki object from the handle */
-    token = PK11Slot_GetNSSToken(slot);
-    co = nssCryptokiObject_Create(token, token->defaultSession, certID);
-    if (!co) {
-	return NULL;
-    }
-
-    /* Create a PKI object from the cryptoki instance */
-    pkio = nssPKIObject_Create(NULL, co, td, NULL);
-    if (!pkio) {
-	nssCryptokiObject_Destroy(co);
-	return NULL;
-    }
-
-    /* Create a certificate */
-    c = nssCertificate_Create(pkio);
-    if (!c) {
-	nssPKIObject_Destroy(pkio);
-	return NULL;
-    }
-
-    /* Build the old-fashioned nickname */
-    if (nickptr) {
-	CK_ATTRIBUTE label, id;
-	label.type = CKA_LABEL;
-	label.pValue = co->label;
-	label.ulValueLen = PORT_Strlen(co->label);
-	id.type = CKA_ID;
-	id.pValue = c->id.data;
-	id.ulValueLen = c->id.size;
-	*nickptr = pk11_buildNickname(slot, &label, privateLabel, &id);
-    }
-    return STAN_GetCERTCertificate(c);
-}
-
-CK_TRUST
-pk11_GetTrustField(PK11SlotInfo *slot, PRArenaPool *arena, 
-                   CK_OBJECT_HANDLE id, CK_ATTRIBUTE_TYPE type)
-{
-  CK_TRUST rv = 0;
-  SECItem item;
-
-  item.data = NULL;
-  item.len = 0;
-
-  if( SECSuccess == PK11_ReadAttribute(slot, id, type, arena, &item) ) {
-    PORT_Assert(item.len == sizeof(CK_TRUST));
-    PORT_Memcpy(&rv, item.data, sizeof(CK_TRUST));
-    /* Damn, is there an endian problem here? */
-    return rv;
-  }
-
-  return 0;
-}
-
-PRBool
-pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert, CERTCertTrust *trust)
-{
-  PRArenaPool *arena;
-
-  CK_ATTRIBUTE tobjTemplate[] = {
-    { CKA_CLASS, NULL, 0 },
-    { CKA_CERT_SHA1_HASH, NULL, 0 },
-  };
-
-  CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
-  CK_OBJECT_HANDLE tobjID;
-  unsigned char sha1_hash[SHA1_LENGTH];
-
-  CK_TRUST serverAuth, codeSigning, emailProtection, clientAuth;
-
-  PK11_HashBuf(SEC_OID_SHA1, sha1_hash, cert->derCert.data, cert->derCert.len);
-
-  PK11_SETATTRS(&tobjTemplate[0], CKA_CLASS, &tobjc, sizeof(tobjc));
-  PK11_SETATTRS(&tobjTemplate[1], CKA_CERT_SHA1_HASH, sha1_hash, 
-                SHA1_LENGTH);
-
-  tobjID = pk11_FindObjectByTemplate(slot, tobjTemplate, 
-                                     sizeof(tobjTemplate)/sizeof(tobjTemplate[0]));
-  if( CK_INVALID_HANDLE == tobjID ) {
-    return PR_FALSE;
-  }
-
-  arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-  if( NULL == arena ) return PR_FALSE;
-
-  /* Unfortunately, it seems that PK11_GetAttributes doesn't deal
-   * well with nonexistant attributes.  I guess we have to check 
-   * the trust info fields one at a time.
-   */
-
-  /* We could verify CKA_CERT_HASH here */
-
-  /* We could verify CKA_EXPIRES here */
-
-
-  /* "Purpose" trust information */
-  serverAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_SERVER_AUTH);
-  clientAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CLIENT_AUTH);
-  codeSigning = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CODE_SIGNING);
-  emailProtection = pk11_GetTrustField(slot, arena, tobjID, 
-						CKA_TRUST_EMAIL_PROTECTION);
-  /* Here's where the fun logic happens.  We have to map back from the 
-   * key usage, extended key usage, purpose, and possibly other trust values 
-   * into the old trust-flags bits.  */
-
-  /* First implementation: keep it simple for testing.  We can study what other
-   * mappings would be appropriate and add them later.. fgmr 20000724 */
-
-  if ( serverAuth ==  CKT_NETSCAPE_TRUSTED ) {
-    trust->sslFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
-  }
-
-  if ( serverAuth == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
-    trust->sslFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | 
-							CERTDB_NS_TRUSTED_CA;
-  }
-  if ( clientAuth == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
-    trust->sslFlags |=  CERTDB_TRUSTED_CLIENT_CA ;
-  }
-
-  if ( emailProtection == CKT_NETSCAPE_TRUSTED ) {
-    trust->emailFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
-  }
-
-  if ( emailProtection == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
-    trust->emailFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
-  }
-
-  if( codeSigning == CKT_NETSCAPE_TRUSTED ) {
-    trust->objectSigningFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
-  }
-
-  if( codeSigning == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
-    trust->objectSigningFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
-  }
-
-  /* There's certainly a lot more logic that can go here.. */
-
-  PORT_FreeArena(arena, PR_FALSE);
-
-  return PR_TRUE;
-}
-
-/*
- * Build an CERTCertificate structure from a PKCS#11 object ID.... certID
- * Must be a CertObject. This code does not explicitly checks that.
- */
-CERTCertificate *
-PK11_MakeCertFromHandle(PK11SlotInfo *slot,CK_OBJECT_HANDLE certID,
-						CK_ATTRIBUTE *privateLabel)
-{
-    char * nickname = NULL;
-    CERTCertificate *cert = NULL;
-    CERTCertTrust *trust;
-    PRBool isFortezzaRootCA = PR_FALSE;
-    PRBool swapNickname = PR_FALSE;
-
-    cert = pk11_fastCert(slot,certID,privateLabel, &nickname);
-    if (cert == NULL) goto loser;
-	
-    if (nickname) {
-	if (cert->nickname != NULL) {
-		cert->dbnickname = cert->nickname;
-	} 
-	cert->nickname = PORT_ArenaStrdup(cert->arena,nickname);
-	PORT_Free(nickname);
-	nickname = NULL;
-	swapNickname = PR_TRUE;
-    }
-
-    /* remember where this cert came from.... If we have just looked
-     * it up from the database and it already has a slot, don't add a new
-     * one. */
-    if (cert->slot == NULL) {
-	cert->slot = PK11_ReferenceSlot(slot);
-	cert->pkcs11ID = certID;
-	cert->ownSlot = PR_TRUE;
-    }
-
-    trust = (CERTCertTrust*)PORT_ArenaAlloc(cert->arena, sizeof(CERTCertTrust));
-    if (trust == NULL) goto loser;
-    PORT_Memset(trust,0, sizeof(CERTCertTrust));
-    cert->trust = trust;
-
-    
-
-    if(! pk11_HandleTrustObject(slot, cert, trust) ) {
-	unsigned int type;
-
-	/* build some cert trust flags */
-	if (CERT_IsCACert(cert, &type)) {
-	    unsigned int trustflags = CERTDB_VALID_CA;
-	   
-	    /* Allow PKCS #11 modules to give us trusted CA's. We only accept
-	     * valid CA's which are self-signed here. They must have an object
-	     * ID of '0'.  */ 
-	    if (pk11_isID0(slot,certID) && 
-		SECITEM_CompareItem(&cert->derSubject,&cert->derIssuer)
-							   == SECEqual) {
-		trustflags |= CERTDB_TRUSTED_CA;
-		/* is the slot a fortezza card? allow the user or
-		 * admin to turn on objectSigning, but don't turn
-		 * full trust on explicitly */
-		if (PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
-		    trust->objectSigningFlags |= CERTDB_VALID_CA;
-		    isFortezzaRootCA = PR_TRUE;
-		}
-	    }
-	    if ((type & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
-		trust->sslFlags |= trustflags;
-	    }
-	    if ((type & NS_CERT_TYPE_EMAIL_CA) == NS_CERT_TYPE_EMAIL_CA) {
-		trust->emailFlags |= trustflags;
-	    }
-	    if ((type & NS_CERT_TYPE_OBJECT_SIGNING_CA) 
-					== NS_CERT_TYPE_OBJECT_SIGNING_CA) {
-		trust->objectSigningFlags |= trustflags;
-	    }
-	}
-    }
-
-    if (PK11_IsUserCert(slot,cert,certID)) {
-	trust->sslFlags |= CERTDB_USER;
-	trust->emailFlags |= CERTDB_USER;
-	/*    trust->objectSigningFlags |= CERTDB_USER; */
-    }
-
-    return cert;
-
-loser:
-    if (nickname) PORT_Free(nickname);
-    if (cert) CERT_DestroyCertificate(cert);
-    return NULL;
-}
-
-	
-/*
- * Build get a certificate from a private key
- */
-CERTCertificate *
-PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey)
-{
-    PK11SlotInfo *slot = privKey->pkcs11Slot;
-    CK_OBJECT_HANDLE handle = privKey->pkcs11ID;
-    CK_OBJECT_HANDLE certID = 
-		PK11_MatchItem(slot,handle,CKO_CERTIFICATE);
-    CERTCertificate *cert;
-
-    if (certID == CK_INVALID_HANDLE) {
-	PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
-	return NULL;
-    }
-    cert = PK11_MakeCertFromHandle(slot,certID,NULL);
-    return (cert);
-
-}
-
-/*
- * destroy a private key if there are no matching certs.
- * this function also frees the privKey structure.
- */
-SECStatus
-PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey, PRBool force)
-{
-    CERTCertificate *cert=PK11_GetCertFromPrivateKey(privKey);
-
-    /* found a cert matching the private key?. */
-    if (!force  && cert != NULL) {
-	/* yes, don't delete the key */
-        CERT_DestroyCertificate(cert);
-	SECKEY_DestroyPrivateKey(privKey);
-	return SECWouldBlock;
-    }
-    /* now, then it's safe for the key to go away */
-    PK11_DestroyTokenObject(privKey->pkcs11Slot,privKey->pkcs11ID);
-    SECKEY_DestroyPrivateKey(privKey);
-    return SECSuccess;
-}
-
-/*
- * destroy a private key if there are no matching certs.
- * this function also frees the privKey structure.
- */
-SECStatus
-PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey)
-{
-    /* now, then it's safe for the key to go away */
-    if (pubKey->pkcs11Slot == NULL) {
-	return SECFailure;
-    }
-    PK11_DestroyTokenObject(pubKey->pkcs11Slot,pubKey->pkcs11ID);
-    SECKEY_DestroyPublicKey(pubKey);
-    return SECSuccess;
-}
-
-
-/*
- * delete a cert and it's private key (if no other certs are pointing to the
- * private key.
- */
-SECStatus
-PK11_DeleteTokenCertAndKey(CERTCertificate *cert,void *wincx)
-{
-    SECKEYPrivateKey *privKey = PK11_FindKeyByAnyCert(cert,wincx);
-    CK_OBJECT_HANDLE pubKey;
-    PK11SlotInfo *slot = NULL;
-
-    pubKey = pk11_FindPubKeyByAnyCert(cert, &slot, wincx);
-    if (privKey) {
-#ifdef NSS_CLASSIC
-    	PK11_DestroyTokenObject(cert->slot,cert->pkcs11ID);
-#else
-	/* For 3.4, utilize the generic cert delete function */
-	SEC_DeletePermCertificate(cert);
-#endif
-	PK11_DeleteTokenPrivateKey(privKey, PR_FALSE);
-    }
-    if ((pubKey != CK_INVALID_HANDLE) && (slot != NULL)) { 
-    	PK11_DestroyTokenObject(slot,pubKey);
-        PK11_FreeSlot(slot);
-    }
-    return SECSuccess;
-}
-
-/*
- * count the number of objects that match the template.
- */
-int
-PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate, 
-							int templateCount)
-{
-    CK_OBJECT_HANDLE objID[PK11_SEARCH_CHUNKSIZE];
-    int object_count = 0;
-    CK_ULONG returned_count = 0;
-    CK_RV crv;
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session,
-					findTemplate, templateCount);
-    if (crv != CKR_OK) {
-        PK11_ExitSlotMonitor(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return 0;
-    }
-
-    /*
-     * collect all the Matching Objects
-     */
-    do {
-    	crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
-				objID,PK11_SEARCH_CHUNKSIZE,&returned_count);
-	if (crv != CKR_OK) {
-	    PORT_SetError( PK11_MapError(crv) );
-	    break;
-    	}
-	object_count += returned_count;
-    } while (returned_count == PK11_SEARCH_CHUNKSIZE);
-
-    PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
-    PK11_ExitSlotMonitor(slot);
-    return object_count;
-}
-
-/*
- * cert callback structure
- */
-typedef struct pk11DoCertCallbackStr {
-	SECStatus(* callback)(PK11SlotInfo *slot, CERTCertificate*, void *);
-	SECStatus(* noslotcallback)(CERTCertificate*, void *);
-	SECStatus(* itemcallback)(CERTCertificate*, SECItem *, void *);
-	void *callbackArg;
-} pk11DoCertCallback;
-
-/*
- * callback to map object handles to certificate structures.
- */
-static SECStatus
-pk11_DoCerts(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID, void *arg)
-{
-    CERTCertificate *cert;
-    pk11DoCertCallback *certcb = (pk11DoCertCallback *) arg;
-
-    cert = PK11_MakeCertFromHandle(slot, certID, NULL);
-
-    if (cert == NULL) {
-	return SECFailure;
-    }
-
-    if (certcb ) {
-	if (certcb->callback) {
-	    (*certcb->callback)(slot, cert, certcb->callbackArg);
-	}
-	if (certcb->noslotcallback) {
-	    (*certcb->noslotcallback)(cert, certcb->callbackArg);
-	}
-	if (certcb->itemcallback) {
-	    (*certcb->itemcallback)(cert, NULL, certcb->callbackArg);
-	}
-    }
-
-    CERT_DestroyCertificate(cert);
-	    
-    return SECSuccess;
-}
-
-static SECStatus
-pk11_CollectCrls(PK11SlotInfo *slot, CK_OBJECT_HANDLE crlID, void *arg)
-{
-    SECItem derCrl;
-    CERTCrlHeadNode *head = (CERTCrlHeadNode *) arg;
-    CERTCrlNode *new_node = NULL;
-    CK_ATTRIBUTE fetchCrl[3] = {
-	 { CKA_VALUE, NULL, 0},
-	 { CKA_NETSCAPE_KRL, NULL, 0},
-	 { CKA_NETSCAPE_URL, NULL, 0},
-    };
-    const int fetchCrlSize = sizeof(fetchCrl)/sizeof(fetchCrl[2]);
-    SECStatus rv;
-
-    rv = PK11_GetAttributes(head->arena,slot,crlID,fetchCrl,fetchCrlSize);
-    if (rv == SECFailure) {
-	goto loser;
-    }
-    rv = SECFailure;
-
-    new_node = (CERTCrlNode *)PORT_ArenaAlloc(head->arena, sizeof(CERTCrlNode));
-    if (new_node == NULL) {
-        goto loser;
-    }
-
-    new_node->type =  *((CK_BBOOL *)fetchCrl[1].pValue)  ? 
-						SEC_KRL_TYPE : SEC_CRL_TYPE;
-    derCrl.data = (unsigned char *)fetchCrl[0].pValue;
-    derCrl.len = fetchCrl[0].ulValueLen;
-    new_node->crl=CERT_DecodeDERCrl(head->arena,&derCrl,new_node->type);
-
-    if (fetchCrl[2].pValue) {
-        int nnlen = fetchCrl[2].ulValueLen;
-        new_node->crl->url  = (char *)PORT_ArenaAlloc(head->arena, nnlen+1);
-        if ( !new_node->crl->url ) {
-            goto loser;
-        }
-        PORT_Memcpy(new_node->crl->url, fetchCrl[2].pValue, nnlen);
-        new_node->crl->url[nnlen] = 0;
-    } else {
-        new_node->crl->url = NULL;
-    }
-
-
-    new_node->next = NULL;
-    if (head->last) {
-        head->last->next = new_node;
-        head->last = new_node;
-    } else {
-        head->first = head->last = new_node;
-    }
-    rv = SECSuccess;
-
-loser:
-    return(rv);
-}
-
-
-/*
- * key call back structure.
- */
-typedef struct pk11KeyCallbackStr {
-	SECStatus (* callback)(SECKEYPrivateKey *,void *);
-	void *callbackArg;
-	void *wincx;
-} pk11KeyCallback;
-
-/*
- * callback to map Object Handles to Private Keys;
- */
-SECStatus
-pk11_DoKeys(PK11SlotInfo *slot, CK_OBJECT_HANDLE keyHandle, void *arg)
-{
-    SECStatus rv = SECSuccess;
-    SECKEYPrivateKey *privKey;
-    pk11KeyCallback *keycb = (pk11KeyCallback *) arg;
-
-    privKey = PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,keycb->wincx);
-
-    if (privKey == NULL) {
-	return SECFailure;
-    }
-
-    if (keycb && (keycb->callback)) {
-	rv = (*keycb->callback)(privKey,keycb->callbackArg);
-    }
-
-    SECKEY_DestroyPrivateKey(privKey);	    
-    return rv;
-}
-
-/* Traverse slots callback */
-typedef struct pk11TraverseSlotStr {
-    SECStatus (*callback)(PK11SlotInfo *,CK_OBJECT_HANDLE, void *);
-    void *callbackArg;
-    CK_ATTRIBUTE *findTemplate;
-    int templateCount;
-} pk11TraverseSlot;
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_TraverseSlot(PK11SlotInfo *slot, void *arg)
-{
-    int i;
-    CK_OBJECT_HANDLE *objID = NULL;
-    int object_count = 0;
-    pk11TraverseSlot *slotcb = (pk11TraverseSlot*) arg;
-
-    objID = pk11_FindObjectsByTemplate(slot,slotcb->findTemplate,
-		slotcb->templateCount,&object_count);
-
-    /*Actually this isn't a failure... there just were no objs to be found*/
-    if (object_count == 0) {
-	return SECSuccess;
-    }
-
-    if (objID == NULL) {
-	return SECFailure;
-    }
-
-    for (i=0; i < object_count; i++) {
-	(*slotcb->callback)(slot,objID[i],slotcb->callbackArg);
-    }
-    PORT_Free(objID);
-    return SECSuccess;
-}
-
-typedef struct pk11CertCallbackStr {
-	SECStatus(* callback)(CERTCertificate*,SECItem *,void *);
-	void *callbackArg;
-} pk11CertCallback;
-
-/*
- * Extract all the certs on a card from a slot.
- */
-static SECStatus
-pk11_TraverseAllSlots( SECStatus (*callback)(PK11SlotInfo *,void *),
-						void *arg,void *wincx) {
-    PK11SlotList *list;
-    PK11SlotListElement *le;
-    SECStatus rv;
-
-    /* get them all! */
-    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,wincx);
-    if (list == NULL) return SECFailure;
-
-    /* look at each slot and authenticate as necessary */
-    for (le = list->head ; le; le = le->next) {
-	if (!PK11_IsFriendly(le->slot)) {
-             rv = PK11_Authenticate(le->slot, PR_FALSE, wincx);
-             if (rv != SECSuccess) continue;
-	}
-	if (callback) {
-	    (*callback)(le->slot,arg);
-	}
-    }
-
-    PK11_FreeSlotList(list);
-
-    return SECSuccess;
-}
-
-struct fake_der_cb_argstr
-{
-    SECStatus(* callback)(CERTCertificate*, SECItem *, void *);
-    void *arg;
-};
-
-static SECStatus fake_der_cb(CERTCertificate *c, void *a)
-{
-    struct fake_der_cb_argstr *fda = (struct fake_der_cb_argstr *)a;
-    return (*fda->callback)(c, &c->derCert, fda->arg);
-}
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_TraverseSlotCerts(SECStatus(* callback)(CERTCertificate*,SECItem *,void *),
-						void *arg, void *wincx) {
-#ifdef NSS_CLASSIC
-    pk11DoCertCallback caller;
-    pk11TraverseSlot creater;
-    CK_ATTRIBUTE theTemplate;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-
-    PK11_SETATTRS(&theTemplate, CKA_CLASS, &certClass, sizeof(certClass));
-
-    caller.callback = NULL;
-    caller.noslotcallback = NULL;
-    caller.itemcallback = callback;
-    caller.callbackArg = arg;
-    creater.callback = pk11_DoCerts;
-    creater.callbackArg = (void *) & caller;
-    creater.findTemplate = &theTemplate;
-    creater.templateCount = 1;
-
-    return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, wincx);
-#else
-    NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
-    struct fake_der_cb_argstr fda;
-    struct nss3_cert_cbstr pk11cb;
-
-    /* authenticate to the tokens first */
-    (void) pk11_TraverseAllSlots( NULL, NULL, wincx);
-
-    fda.callback = callback;
-    fda.arg = arg;
-    pk11cb.callback = fake_der_cb;
-    pk11cb.arg = &fda;
-    NSSTrustDomain_TraverseCertificates(defaultTD, convert_cert, &pk11cb);
-    return SECSuccess;
-#endif
-}
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx) {
-    pk11TraverseSlot creater;
-    CK_ATTRIBUTE theTemplate[2];
-    CK_ATTRIBUTE *attrs;
-    CK_OBJECT_CLASS certClass = CKO_NETSCAPE_CRL;
-
-    attrs = theTemplate;
-    PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); attrs++;
-    if (type != -1) {
-	CK_BBOOL isKrl = (CK_BBOOL) (type == SEC_KRL_TYPE);
-        PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, &isKrl, sizeof(isKrl)); attrs++;
-    }
-
-    creater.callback = pk11_CollectCrls;
-    creater.callbackArg = (void *) nodes;
-    creater.findTemplate = theTemplate;
-    creater.templateCount = (attrs - theTemplate);
-
-    return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, wincx);
-}
-
-/***********************************************************************
- * PK11_TraversePrivateKeysInSlot
- *
- * Traverses all the private keys on a slot.
- *
- * INPUTS
- *      slot
- *          The PKCS #11 slot whose private keys you want to traverse.
- *      callback
- *          A callback function that will be called for each key.
- *      arg
- *          An argument that will be passed to the callback function.
- */
-SECStatus
-PK11_TraversePrivateKeysInSlot( PK11SlotInfo *slot,
-    SECStatus(* callback)(SECKEYPrivateKey*, void*), void *arg)
-{
-    pk11KeyCallback perKeyCB;
-    pk11TraverseSlot perObjectCB;
-    CK_OBJECT_CLASS privkClass = CKO_PRIVATE_KEY;
-    CK_BBOOL ckTrue = CK_TRUE;
-    CK_ATTRIBUTE theTemplate[2];
-    int templateSize = 2;
-
-    theTemplate[0].type = CKA_CLASS;
-    theTemplate[0].pValue = &privkClass;
-    theTemplate[0].ulValueLen = sizeof(privkClass);
-    theTemplate[1].type = CKA_TOKEN;
-    theTemplate[1].pValue = &ckTrue;
-    theTemplate[1].ulValueLen = sizeof(ckTrue);
-
-    if(slot==NULL) {
-        return SECSuccess;
-    }
-
-    perObjectCB.callback = pk11_DoKeys;
-    perObjectCB.callbackArg = &perKeyCB;
-    perObjectCB.findTemplate = theTemplate;
-    perObjectCB.templateCount = templateSize;
-    perKeyCB.callback = callback;
-    perKeyCB.callbackArg = arg;
-    perKeyCB.wincx = NULL;
-
-    return PK11_TraverseSlot(slot, &perObjectCB);
-}
-
-CK_OBJECT_HANDLE *
-PK11_FindObjectsFromNickname(char *nickname,PK11SlotInfo **slotptr,
-		CK_OBJECT_CLASS objclass, int *returnCount, void *wincx)
-{
-    char *tokenName;
-    char *delimit;
-    PK11SlotInfo *slot;
-    CK_OBJECT_HANDLE *objID;
-    CK_ATTRIBUTE findTemplate[] = {
-	 { CKA_LABEL, NULL, 0},
-	 { CKA_CLASS, NULL, 0},
-    };
-    int findCount = sizeof(findTemplate)/sizeof(findTemplate[0]);
-    SECStatus rv;
-    PK11_SETATTRS(&findTemplate[1], CKA_CLASS, &objclass, sizeof(objclass));
-
-    *slotptr = slot = NULL;
-    *returnCount = 0;
-    /* first find the slot associated with this nickname */
-    if ((delimit = PORT_Strchr(nickname,':')) != NULL) {
-	int len = delimit - nickname;
-	tokenName = (char*)PORT_Alloc(len+1);
-	PORT_Memcpy(tokenName,nickname,len);
-	tokenName[len] = 0;
-
-        slot = *slotptr = PK11_FindSlotByName(tokenName);
-        PORT_Free(tokenName);
-	/* if we couldn't find a slot, assume the nickname is an internal cert
-	 * with no proceding slot name */
-	if (slot == NULL) {
-		slot = *slotptr = PK11_GetInternalKeySlot();
-	} else {
-		nickname = delimit+1;
-	}
-    } else {
-	*slotptr = slot = PK11_GetInternalKeySlot();
-    }
-    if (slot == NULL) {
-        return CK_INVALID_HANDLE;
-    }
-
-    if (!PK11_IsFriendly(slot)) {
-	rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-	if (rv != SECSuccess) {
-	    PK11_FreeSlot(slot);
-	    *slotptr = NULL;
-	    return CK_INVALID_HANDLE;
-	 }
-    }
-
-    findTemplate[0].pValue = nickname;
-    findTemplate[0].ulValueLen = PORT_Strlen(nickname);
-    objID = pk11_FindObjectsByTemplate(slot,findTemplate,findCount,returnCount);
-    if (objID == NULL) {
-	/* PKCS #11 isn't clear on whether or not the NULL is
-	 * stored in the template.... try the find again with the
-	 * full null terminated string. */
-    	findTemplate[0].ulValueLen += 1;
-        objID = pk11_FindObjectsByTemplate(slot,findTemplate,findCount,
-								returnCount);
-	if (objID == NULL) {
-	    /* Well that's the best we can do. It's just not here */
-	    /* what about faked nicknames? */
-	    PK11_FreeSlot(slot);
-	    *slotptr = NULL;
-	    *returnCount = 0;
-	}
-    }
-
-    return objID;
-}
-
-static void
-transfer_token_certs_to_collection(nssList *certList, NSSToken *token, 
-                                   nssPKIObjectCollection *collection)
-{
-    NSSCertificate **certs;
-    PRUint32 i, count;
-    NSSToken **tokens, **tp;
-    count = nssList_Count(certList);
-    if (count == 0) {
-	return;
-    }
-    certs = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
-    if (!certs) {
-	return;
-    }
-    nssList_GetArray(certList, (void **)certs, count);
-    for (i=0; i<count; i++) {
-	tokens = nssPKIObject_GetTokens(&certs[i]->object, NULL);
-	if (tokens) {
-	    for (tp = tokens; *tp; tp++) {
-		if (*tp == token) {
-		    nssPKIObjectCollection_AddObject(collection, 
-		                                     (nssPKIObject *)certs[i]);
-		}
-	    }
-	    nssTokenArray_Destroy(tokens);
-	}
-	/* *must* be a valid CERTCertificate, came from cache */
-	CERT_DestroyCertificate(STAN_GetCERTCertificate(certs[i]));
-    }
-    nss_ZFreeIf(certs);
-}
-
-CERTCertificate *
-PK11_FindCertFromNickname(char *nickname, void *wincx) {
-#ifdef NSS_CLASSIC
-    PK11SlotInfo *slot;
-    int count=0;
-    CK_OBJECT_HANDLE *certID = PK11_FindObjectsFromNickname(nickname,&slot,
-				 		CKO_CERTIFICATE, &count, wincx);
-    CERTCertificate *cert;
-
-    if (certID == CK_INVALID_HANDLE) return NULL;
-    cert = PK11_MakeCertFromHandle(slot,certID[0],NULL);
-    PK11_FreeSlot(slot);
-    PORT_Free(certID);
-    return cert;
-#else
-    PRStatus status;
-    CERTCertificate *rvCert = NULL;
-    NSSCertificate *cert = NULL;
-    NSSCertificate **certs = NULL;
-    NSSUsage usage;
-    NSSToken *token;
-    PK11SlotInfo *slot = NULL;
-    char *nickCopy;
-    char *delimit = NULL;
-    char *tokenName;
-    NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
-    usage.anyUsage = PR_TRUE;
-    nickCopy = PORT_Strdup(nickname);
-    if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) {
-	tokenName = nickCopy;
-	nickname = delimit + 1;
-	*delimit = '\0';
-	/* find token by name */
-	token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
-	if (token) {
-		slot = PK11_ReferenceSlot(token->pk11slot);
-	}
-	*delimit = ':';
-    } else {
-	slot = PK11_GetInternalKeySlot();
-	token = PK11Slot_GetNSSToken(slot);
-    }
-    if (token) {
-	nssList *certList;
-	nssCryptokiObject **instances;
-	nssPKIObjectCollection *collection;
-	nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	if (!PK11_IsPresent(slot)) {
-	    goto loser;
-	}
-	if (!PK11_IsFriendly(slot)) {
-	    if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) {
-		goto loser;
-	    }
-	}
-	collection = nssCertificateCollection_Create(defaultTD, NULL);
-	if (!collection) {
-	    goto loser;
-	}
-	certList = nssList_Create(NULL, PR_FALSE);
-	if (!certList) {
-	    nssPKIObjectCollection_Destroy(collection);
-	    goto loser;
-	}
-	(void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD, 
-	                                                  nickname, 
-	                                                  certList);
-	transfer_token_certs_to_collection(certList, token, collection);
-	instances = nssToken_FindCertificatesByNickname(token,
-	                                                NULL,
-	                                                nickname,
-	                                                tokenOnly,
-	                                                0,
-	                                                &status);
-	nssPKIObjectCollection_AddInstances(collection, instances, 0);
-	nss_ZFreeIf(instances);
-	/* if it wasn't found, repeat the process for email address */
-	if (nssPKIObjectCollection_Count(collection) == 0 &&
-	    PORT_Strchr(nickname, '@') != NULL) 
-	{
-	    (void)nssTrustDomain_GetCertsForEmailAddressFromCache(defaultTD, 
-	                                                          nickname, 
-	                                                          certList);
-	    transfer_token_certs_to_collection(certList, token, collection);
-	    instances = nssToken_FindCertificatesByEmail(token,
-		                                         NULL,
-		                                         nickname,
-		                                         tokenOnly,
-		                                         0,
-		                                         &status);
-	    nssPKIObjectCollection_AddInstances(collection, instances, 0);
-	    nss_ZFreeIf(instances);
-	}
-	certs = nssPKIObjectCollection_GetCertificates(collection, 
-	                                               NULL, 0, NULL);
-	nssPKIObjectCollection_Destroy(collection);
-	if (certs) {
-	    cert = nssCertificateArray_FindBestCertificate(certs, NULL, 
-	                                                   &usage, NULL);
-	    rvCert = STAN_GetCERTCertificate(cert);
-	    nssCertificateArray_Destroy(certs);
-	}
-	nssList_Destroy(certList);
-    }
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if (nickCopy) PORT_Free(nickCopy);
-    return rvCert;
-loser:
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if (nickCopy) PORT_Free(nickCopy);
-    return NULL;
-#endif
-}
-
-CERTCertList *
-PK11_FindCertsFromNickname(char *nickname, void *wincx) {
-#ifdef NSS_CLASSIC
-    PK11SlotInfo *slot;
-    int i,count = 0;
-    CK_OBJECT_HANDLE *certID = PK11_FindObjectsFromNickname(nickname,&slot,
-				 		CKO_CERTIFICATE, &count, wincx);
-    CERTCertList *certList = NULL;
-
-    if (certID == NULL) return NULL;
-
-    certList= CERT_NewCertList();
-
-    for (i=0; i < count; i++) {
-    	CERTCertificate *cert = PK11_MakeCertFromHandle(slot,certID[i],NULL);
-
-	if (cert) CERT_AddCertToListTail(certList,cert);
-    }
-
-    if (CERT_LIST_HEAD(certList) == NULL) {
-	CERT_DestroyCertList(certList);
-	certList = NULL;
-    }
-    PK11_FreeSlot(slot);
-    PORT_Free(certID);
-    return certList;
-#else
-    char *nickCopy;
-    char *delimit = NULL;
-    char *tokenName;
-    int i;
-    CERTCertList *certList = NULL;
-    nssPKIObjectCollection *collection = NULL;
-    NSSCertificate **foundCerts = NULL;
-    NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
-    NSSCertificate *c;
-    NSSToken *token;
-    PK11SlotInfo *slot;
-    nickCopy = PORT_Strdup(nickname);
-    if ((delimit = PORT_Strchr(nickCopy,':')) != NULL) {
-	tokenName = nickCopy;
-	nickname = delimit + 1;
-	*delimit = '\0';
-	/* find token by name */
-	token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
-	if (token) {
-	    slot = PK11_ReferenceSlot(token->pk11slot);
-	} else {
-	    slot = NULL;
-	}
-	*delimit = ':';
-    } else {
-	slot = PK11_GetInternalKeySlot();
-	token = PK11Slot_GetNSSToken(slot);
-    }
-    if (token) {
-	PRStatus status;
-	nssList *nameList;
-	nssCryptokiObject **instances;
-	nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	if (!PK11_IsFriendly(slot)) {
-	    if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) {
-		PK11_FreeSlot(slot);
-    		if (nickCopy) PORT_Free(nickCopy);
-		return NULL;
-	    }
-	}
-	collection = nssCertificateCollection_Create(defaultTD, NULL);
-	if (!collection) {
-	    PK11_FreeSlot(slot);
-	    if (nickCopy) PORT_Free(nickCopy);
-	    return NULL;
-	}
-	nameList = nssList_Create(NULL, PR_FALSE);
-	if (!nameList) {
-	    PK11_FreeSlot(slot);
-	    if (nickCopy) PORT_Free(nickCopy);
-	    return NULL;
-	}
-	(void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
-	                                                  nickname, 
-	                                                  nameList);
-	transfer_token_certs_to_collection(nameList, token, collection);
-	instances = nssToken_FindCertificatesByNickname(token,
-	                                                NULL,
-	                                                nickname,
-	                                                tokenOnly,
-	                                                0,
-	                                                &status);
-	nssPKIObjectCollection_AddInstances(collection, instances, 0);
-	nss_ZFreeIf(instances);
-	nssList_Destroy(nameList);
-	foundCerts = nssPKIObjectCollection_GetCertificates(collection,
-	                                                    NULL, 0, NULL);
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if (nickCopy) PORT_Free(nickCopy);
-    if (foundCerts) {
-	certList = CERT_NewCertList();
-	for (i=0, c = *foundCerts; c; c = foundCerts[++i]) {
-	    CERTCertificate *certCert = STAN_GetCERTCertificate(c);
-	    if (certCert) {
-		CERT_AddCertToListTail(certList, certCert);
-	    }
-	}
-	if (CERT_LIST_HEAD(certList) == NULL) {
-	    CERT_DestroyCertList(certList);
-	    certList = NULL;
-	}
-	nss_ZFreeIf(foundCerts);
-    }
-    return certList;
-#endif
-}
-
-/*
- * extract a key ID for a certificate...
- * NOTE: We call this function from PKCS11.c If we ever use
- * pkcs11 to extract the public key (we currently do not), this will break.
- */
-SECItem *
-PK11_GetPubIndexKeyID(CERTCertificate *cert) {
-    SECKEYPublicKey *pubk;
-    SECItem *newItem = NULL;
-
-    pubk = CERT_ExtractPublicKey(cert);
-    if (pubk == NULL) return NULL;
-
-    switch (pubk->keyType) {
-    case rsaKey:
-	newItem = SECITEM_DupItem(&pubk->u.rsa.modulus);
-	break;
-    case dsaKey:
-        newItem = SECITEM_DupItem(&pubk->u.dsa.publicValue);
-	break;
-    case dhKey:
-        newItem = SECITEM_DupItem(&pubk->u.dh.publicValue);
-    case fortezzaKey:
-    default:
-	newItem = NULL; /* Fortezza Fix later... */
-    }
-    SECKEY_DestroyPublicKey(pubk);
-    /* make hash of it */
-    return newItem;
-}
-
-/*
- * generate a CKA_ID from a certificate.
- */
-SECItem *
-pk11_mkcertKeyID(CERTCertificate *cert) {
-    SECItem *pubKeyData = PK11_GetPubIndexKeyID(cert) ;
-    SECItem *certCKA_ID;
-
-    if (pubKeyData == NULL) return NULL;
-    
-    certCKA_ID = PK11_MakeIDFromPubKey(pubKeyData);
-    SECITEM_FreeItem(pubKeyData,PR_TRUE);
-    return certCKA_ID;
-}
-
-
-/*
- * Generate a CKA_ID from the relevant public key data. The CKA_ID is generated
- * from the pubKeyData by SHA1_Hashing it to produce a smaller CKA_ID (to make
- * smart cards happy.
- */
-SECItem *
-PK11_MakeIDFromPubKey(SECItem *pubKeyData) {
-    PK11Context *context;
-    SECItem *certCKA_ID;
-    SECStatus rv;
-
-    context = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (context == NULL) {
-	return NULL;
-    }
-
-    rv = PK11_DigestBegin(context);
-    if (rv == SECSuccess) {
-    	rv = PK11_DigestOp(context,pubKeyData->data,pubKeyData->len);
-    }
-    if (rv != SECSuccess) {
-	PK11_DestroyContext(context,PR_TRUE);
-	return NULL;
-    }
-
-    certCKA_ID = (SECItem *)PORT_Alloc(sizeof(SECItem));
-    if (certCKA_ID == NULL) {
-	PK11_DestroyContext(context,PR_TRUE);
-	return NULL;
-    }
-
-    certCKA_ID->len = SHA1_LENGTH;
-    certCKA_ID->data = (unsigned char*)PORT_Alloc(certCKA_ID->len);
-    if (certCKA_ID->data == NULL) {
-	PORT_Free(certCKA_ID);
-	PK11_DestroyContext(context,PR_TRUE);
-        return NULL;
-    }
-
-    rv = PK11_DigestFinal(context,certCKA_ID->data,&certCKA_ID->len,
-								SHA1_LENGTH);
-    PK11_DestroyContext(context,PR_TRUE);
-    if (rv != SECSuccess) {
-    	SECITEM_FreeItem(certCKA_ID,PR_TRUE);
-	return NULL;
-    }
-
-    return certCKA_ID;
-}
-
-/*
- * Write the cert into the token.
- */
-SECStatus
-PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert, 
-		CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust) {
-#ifdef NSS_CLASSIC
-    int len = 0;
-    SECItem *keyID = pk11_mkcertKeyID(cert);
-    CK_ATTRIBUTE keyAttrs[] = {
-	{ CKA_LABEL, NULL, 0},
-	{ CKA_SUBJECT, NULL, 0},
-    };
-    CK_OBJECT_CLASS certc = CKO_CERTIFICATE;
-    CK_CERTIFICATE_TYPE certType = CKC_X_509;
-    CK_OBJECT_HANDLE certID;
-    CK_SESSION_HANDLE rwsession;
-    CK_BBOOL cktrue = CK_TRUE;
-    SECStatus rv = SECFailure;
-    CK_ATTRIBUTE certAttrs[] = {
-	{ CKA_ID, NULL, 0 },
-	{ CKA_LABEL, NULL, 0},
-	{ CKA_CLASS,  NULL, 0},
-	{ CKA_TOKEN,  NULL, 0},
-	{ CKA_CERTIFICATE_TYPE, NULL, 0},
-	{ CKA_SUBJECT, NULL, 0},
-	{ CKA_ISSUER, NULL, 0},
-	{ CKA_SERIAL_NUMBER,  NULL, 0},
-	{ CKA_VALUE,  NULL, 0},
-	{ CKA_NETSCAPE_TRUST,  NULL, 0},
-	{ CKA_NETSCAPE_EMAIL,  NULL, 0},
-    };
-    int certCount = sizeof(certAttrs)/sizeof(certAttrs[0]), keyCount = 2;
-    int realCount = 0;
-    CK_ATTRIBUTE *attrs;
-    CK_RV crv;
-    SECCertUsage *certUsage = NULL;
-    SECItem derSerial = { 0 };
-    NSSToken *token;
-
-    if (keyID == NULL) {
-	PORT_SetError(SEC_ERROR_ADDING_CERT);
-	return rv;
-    }
-
-    len = ((nickname) ? PORT_Strlen(nickname) : 0);
-    
-    attrs = certAttrs;
-    PK11_SETATTRS(attrs,CKA_ID, keyID->data, keyID->len); attrs++;
-    if (nickname) {
-	PK11_SETATTRS(attrs,CKA_LABEL, nickname, len ); attrs++;
-    }
-    PK11_SETATTRS(attrs,CKA_CLASS, &certc, sizeof(certc) ); attrs++;
-    PK11_SETATTRS(attrs,CKA_TOKEN, &cktrue, sizeof(cktrue) ); attrs++;
-    PK11_SETATTRS(attrs,CKA_CERTIFICATE_TYPE, &certType,
-						sizeof(certType)); attrs++;
-    PK11_SETATTRS(attrs,CKA_SUBJECT, cert->derSubject.data,
-					 cert->derSubject.len ); attrs++;
-    PK11_SETATTRS(attrs,CKA_ISSUER, cert->derIssuer.data,
-					 cert->derIssuer.len ); attrs++;
-    if (PR_TRUE) {
-	/* CERTCertificate stores serial numbers decoded.  I need the DER
-	* here.  sigh.
-	*/
-	CERT_SerialNumberFromDERCert(&cert->derCert, &derSerial);
-	PK11_SETATTRS(attrs,CKA_SERIAL_NUMBER, derSerial.data, derSerial.len); 
-	attrs++;
-    }
-    PK11_SETATTRS(attrs,CKA_VALUE, cert->derCert.data, 
-						cert->derCert.len); attrs++;
-    if (includeTrust && PK11_IsInternal(slot)) {
-	certUsage = (SECCertUsage*)PORT_Alloc(sizeof(SECCertUsage));
-	if(!certUsage) {
-	    SECITEM_FreeItem(keyID,PR_TRUE);
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return rv;
-	}
-	*certUsage = certUsageUserCertImport;
-	PK11_SETATTRS(attrs,CKA_NETSCAPE_TRUST, certUsage,
-							 sizeof(SECCertUsage));
-	attrs++;
-	if (cert->emailAddr) {
-	    PK11_SETATTRS(attrs,CKA_NETSCAPE_EMAIL, cert->emailAddr,
-						PORT_Strlen(cert->emailAddr);
-	    attrs++;
-	}
-    }
-    realCount = attrs - certAttrs;
-    PORT_Assert(realCount <= certCount);
-
-    attrs = keyAttrs;
-    if(nickname) {
-	PK11_SETATTRS(attrs,CKA_LABEL, nickname, len ); attrs++;
-    }
-    PK11_SETATTRS(attrs,CKA_SUBJECT, cert->derSubject.data,
-					 cert->derSubject.len );
-
-    if(!nickname) {
-	certCount--;
-	keyCount--;
-    }
-
-    rwsession = PK11_GetRWSession(slot);
-    if (key != CK_INVALID_HANDLE) {
-	crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession,key,keyAttrs,
-								keyCount);
-	if (crv != CKR_OK) {
-	    PORT_SetError( PK11_MapError(crv) );
-	    goto done;
-	}
-    }
-
-    crv = PK11_GETTAB(slot)->
-			C_CreateObject(rwsession,certAttrs,realCount,&certID);
-    if (crv == CKR_OK) {
-	rv = SECSuccess;
-    } else {
-	PORT_SetError( PK11_MapError(crv) );
-    }
-
-    if (!cert->nickname && nickname) {
-	cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
-    }
-
-    cert->pkcs11ID = certID;
-    cert->dbhandle = STAN_GetDefaultTrustDomain();
-    if (cert->slot == NULL) {
-	cert->slot = PK11_ReferenceSlot(slot);
-	cert->ownSlot = PR_TRUE;
-	if (cert->nssCertificate) {
-	    nssCryptokiInstance *instance;
-	    NSSCertificate *c = cert->nssCertificate;
-	    instance = nss_ZNEW(c->object.arena, nssCryptokiInstance);
-	    instance->token = slot->nssToken;
-	    instance->handle = cert->pkcs11ID;
-	    instance->isTokenObject = PR_TRUE;
-	    nssPKIObject_AddInstance(&c->object, instance);
-	} else {
-	    cert->nssCertificate = STAN_GetNSSCertificate(cert);
-	}
-    }
-    cert->trust = nssTrust_GetCERTCertTrustForCert(cert->nssCertificate, cert);
-    token = PK11Slot_GetNSSToken(slot);
-
-done:
-    if (derSerial.data) PORT_Free(derSerial.data);
-    SECITEM_FreeItem(keyID,PR_TRUE);
-    PK11_RestoreROSession(slot,rwsession);
-    if(certUsage) {
-	PORT_Free(certUsage);
-    }
-    return rv;
-#else
-    PRStatus status;
-    NSSCertificate *c;
-    nssCryptokiObject *keyobj, *certobj;
-    NSSToken *token = PK11Slot_GetNSSToken(slot);
-    SECItem *keyID = pk11_mkcertKeyID(cert);
-    char *emailAddr = NULL;
-
-    if (keyID == NULL) {
-	goto loser;
-    }
-
-    if (PK11_IsInternal(slot) && cert->emailAddr) {
-	emailAddr = cert->emailAddr;
-    }
-
-    /* need to get the cert as a stan cert */
-    if (cert->nssCertificate) {
-	c = cert->nssCertificate;
-    } else {
-	c = STAN_GetNSSCertificate(cert);
-    }
-
-    if (c->object.cryptoContext) {
-	/* Delete the temp instance */
-	nssCertificateStore_Remove(c->object.cryptoContext->certStore, c);
-	c->object.cryptoContext = NULL;
-	cert->istemp = PR_FALSE;
-	cert->isperm = PR_TRUE;
-    }
-
-    /* set the id for the cert */
-    nssItem_Create(c->object.arena, &c->id, keyID->len, keyID->data);
-    if (!c->id.data) {
-	goto loser;
-    }
-
-    if (key != CK_INVALID_HANDLE) {
-	/* create an object for the key, ... */
-	keyobj = nss_ZNEW(NULL, nssCryptokiObject);
-	if (!keyobj) {
-	    goto loser;
-	}
-	keyobj->token = nssToken_AddRef(token);
-	keyobj->handle = key;
-	keyobj->isTokenObject = PR_TRUE;
-
-	/* ... in order to set matching attributes for the key */
-	status = nssCryptokiPrivateKey_SetCertificate(keyobj, NULL, nickname, 
-	                                              &c->id, &c->subject);
-	nssCryptokiObject_Destroy(keyobj);
-	if (status != PR_SUCCESS) {
-	    goto loser;
-	}
-    }
-
-    /* do the token import */
-    certobj = nssToken_ImportCertificate(token, NULL,
-                                         NSSCertificateType_PKIX,
-                                         &c->id,
-                                         nickname,
-                                         &c->encoding,
-                                         &c->issuer,
-                                         &c->subject,
-                                         &c->serial,
-					 emailAddr,
-                                         PR_TRUE);
-    if (!certobj) {
-	goto loser;
-    }
-    /* add the new instance to the cert, force an update of the
-     * CERTCertificate, and finish
-     */
-    nssPKIObject_AddInstance(&c->object, certobj);
-    nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
-    (void)STAN_ForceCERTCertificateUpdate(c);
-    SECITEM_FreeItem(keyID,PR_TRUE);
-    return SECSuccess;
-loser:
-    SECITEM_FreeItem(keyID,PR_TRUE);
-    PORT_SetError(SEC_ERROR_ADDING_CERT);
-    return SECFailure;
-#endif
-}
-
-/*
- * get a certificate handle, look at the cached handle first..
- */
-CK_OBJECT_HANDLE
-pk11_getcerthandle(PK11SlotInfo *slot, CERTCertificate *cert, 
-					CK_ATTRIBUTE *theTemplate,int tsize)
-{
-    CK_OBJECT_HANDLE certh;
-
-    if (cert->slot == slot) {
-	certh = cert->pkcs11ID;
-	if (certh == CK_INVALID_HANDLE) {
-    	     certh = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
-	     cert->pkcs11ID = certh;
-	}
-    } else {
-    	certh = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
-    }
-    return certh;
-}
-
-/*
- * return the private key From a given Cert
- */
-SECKEYPrivateKey *
-PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot, CERTCertificate *cert,
-								 void *wincx) {
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_VALUE, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_OBJECT_HANDLE certh;
-    CK_OBJECT_HANDLE keyh;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    SECStatus rv;
-
-    PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, 
-						cert->derCert.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
-    /*
-     * issue the find
-     */
-    rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-
-    certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
-    if (certh == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-    keyh = PK11_MatchItem(slot,certh,CKO_PRIVATE_KEY);
-    if (keyh == CK_INVALID_HANDLE) { return NULL; }
-    return PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyh, wincx);
-} 
-
-
-/*
- * return the private key with the given ID
- */
-static CK_OBJECT_HANDLE
-pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot, SECItem *keyID)  {
-    CK_OBJECT_CLASS privKey = CKO_PRIVATE_KEY;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_ID, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 },
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_ATTRIBUTE *attrs = theTemplate;
-
-    PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len ); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &privKey, sizeof(privKey));
-
-    return pk11_FindObjectByTemplate(slot,theTemplate,tsize);
-} 
-
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname. This is for the Key Gen, orphaned key case.
- */
-PK11SlotInfo *
-PK11_KeyForCertExists(CERTCertificate *cert, CK_OBJECT_HANDLE *keyPtr, 
-								void *wincx) {
-    PK11SlotList *list;
-    PK11SlotListElement *le;
-    SECItem *keyID;
-    CK_OBJECT_HANDLE key;
-    PK11SlotInfo *slot = NULL;
-    SECStatus rv;
-
-    keyID = pk11_mkcertKeyID(cert);
-    /* get them all! */
-    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
-    if ((keyID == NULL) || (list == NULL)) {
-	if (keyID) SECITEM_FreeItem(keyID,PR_TRUE);
-	if (list) PK11_FreeSlotList(list);
-    	return NULL;
-    }
-
-    /* Look for the slot that holds the Key */
-    for (le = list->head ; le; le = le->next) {
-	rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
-	if (rv != SECSuccess) continue;
-	
-	key = pk11_FindPrivateKeyFromCertID(le->slot,keyID);
-	if (key != CK_INVALID_HANDLE) {
-	    slot = PK11_ReferenceSlot(le->slot);
-	    if (keyPtr) *keyPtr = key;
-	    break;
-	}
-    }
-
-    SECITEM_FreeItem(keyID,PR_TRUE);
-    PK11_FreeSlotList(list);
-    return slot;
-
-}
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname. This is for the Key Gen, orphaned key case.
- */
-PK11SlotInfo *
-PK11_KeyForDERCertExists(SECItem *derCert, CK_OBJECT_HANDLE *keyPtr, 
-								void *wincx) {
-    CERTCertificate *cert;
-    PK11SlotInfo *slot = NULL;
-
-    /* letting this use go -- the only thing that the cert is used for is
-     * to get the ID attribute.
-     */
-    cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
-    if (cert == NULL) return NULL;
-
-    slot = PK11_KeyForCertExists(cert, keyPtr, wincx);
-    CERT_DestroyCertificate (cert);
-    return slot;
-}
-
-PK11SlotInfo *
-PK11_ImportCertForKey(CERTCertificate *cert, char *nickname,void *wincx) {
-    PK11SlotInfo *slot = NULL;
-    CK_OBJECT_HANDLE key;
-
-    slot = PK11_KeyForCertExists(cert,&key,wincx);
-
-    if (slot) {
-	if (PK11_ImportCert(slot,cert,key,nickname,PR_FALSE) != SECSuccess) {
-	    PK11_FreeSlot(slot);
-	    slot = NULL;
-	}
-    } else {
-	PORT_SetError(SEC_ERROR_ADDING_CERT);
-    }
-
-    return slot;
-}
-
-PK11SlotInfo *
-PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,void *wincx) {
-    CERTCertificate *cert;
-    PK11SlotInfo *slot = NULL;
-
-    cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
-                                   derCert, NULL, PR_FALSE, PR_FALSE);
-    if (cert == NULL) return NULL;
-
-    slot = PK11_ImportCertForKey(cert, nickname, wincx);
-    CERT_DestroyCertificate (cert);
-    return slot;
-}
-
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByTemplate(PK11SlotInfo **slotPtr, 
-		CK_ATTRIBUTE *searchTemplate, int count, void *wincx) {
-    PK11SlotList *list;
-    PK11SlotListElement *le;
-    CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
-    PK11SlotInfo *slot = NULL;
-    SECStatus rv;
-
-    *slotPtr = NULL;
-
-    /* get them all! */
-    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
-    if (list == NULL) {
-	if (list) PK11_FreeSlotList(list);
-    	return CK_INVALID_HANDLE;
-    }
-
-
-    /* Look for the slot that holds the Key */
-    for (le = list->head ; le; le = le->next) {
- 	if (!PK11_IsFriendly(le->slot)) {
-	    rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
-	    if (rv != SECSuccess) continue;
-	}
-
-	certHandle = pk11_FindObjectByTemplate(le->slot,searchTemplate,count);
-	if (certHandle != CK_INVALID_HANDLE) {
-	    slot = PK11_ReferenceSlot(le->slot);
-	    break;
-	}
-    }
-
-    PK11_FreeSlotList(list);
-
-    if (slot == NULL) {
-	return CK_INVALID_HANDLE;
-    }
-    *slotPtr = slot;
-    return certHandle;
-}
-
-
-/*
- * We're looking for a cert which we have the private key for that's on the
- * list of recipients. This searches one slot.
- * this is the new version for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByRecipientNew(PK11SlotInfo *slot, NSSCMSRecipient **recipientlist, int *rlIndex)
-{
-    CK_OBJECT_HANDLE certHandle;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_OBJECT_CLASS peerClass ;
-    CK_ATTRIBUTE searchTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_ISSUER, NULL, 0 },
-	{ CKA_SERIAL_NUMBER, NULL, 0}
-    };
-    int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
-    NSSCMSRecipient *ri = NULL;
-    CK_ATTRIBUTE *attrs;
-    int i;
-
-    peerClass = CKO_PRIVATE_KEY;
-    if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
-	peerClass = CKO_PUBLIC_KEY;
-    }
-
-    for (i=0; (ri = recipientlist[i]) != NULL; i++) {
-	/* XXXXX fixme - not yet implemented! */
-	if (ri->kind == RLSubjKeyID)
-	    continue;
-
-    	attrs = searchTemplate;
-
-	PK11_SETATTRS(attrs, CKA_CLASS, &certClass,sizeof(certClass)); attrs++;
-	PK11_SETATTRS(attrs, CKA_ISSUER, ri->id.issuerAndSN->derIssuer.data, 
-				ri->id.issuerAndSN->derIssuer.len); attrs++;
-	PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER, 
-	  ri->id.issuerAndSN->serialNumber.data,ri->id.issuerAndSN->serialNumber.len);
-
-	certHandle = pk11_FindObjectByTemplate(slot,searchTemplate,count);
-	if (certHandle != CK_INVALID_HANDLE) {
-	    CERTCertificate *cert = pk11_fastCert(slot,certHandle,NULL,NULL);
-	    if (PK11_IsUserCert(slot,cert,certHandle)) {
-		/* we've found a cert handle, now let's see if there is a key
-	         * associated with it... */
-		ri->slot = PK11_ReferenceSlot(slot);
-		*rlIndex = i;
-	
-		CERT_DestroyCertificate(cert);       
-		return certHandle;
-	    }
-	    CERT_DestroyCertificate(cert);       
-	}
-    }
-    *rlIndex = -1;
-    return CK_INVALID_HANDLE;
-}
-
-/*
- * This function is the same as above, but it searches all the slots.
- * this is the new version for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-static CK_OBJECT_HANDLE
-pk11_AllFindCertObjectByRecipientNew(NSSCMSRecipient **recipientlist, void *wincx, int *rlIndex)
-{
-    PK11SlotList *list;
-    PK11SlotListElement *le;
-    CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
-    SECStatus rv;
-
-    /* get them all! */
-    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
-    if (list == NULL) {
-	if (list) PK11_FreeSlotList(list);
-    	return CK_INVALID_HANDLE;
-    }
-
-    /* Look for the slot that holds the Key */
-    for (le = list->head ; le; le = le->next) {
-	if ( !PK11_IsFriendly(le->slot)) {
-	    rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
-	    if (rv != SECSuccess) continue;
-	}
-
-	certHandle = pk11_FindCertObjectByRecipientNew(le->slot, recipientlist, rlIndex);
-	if (certHandle != CK_INVALID_HANDLE)
-	    break;
-    }
-
-    PK11_FreeSlotList(list);
-
-    return (le == NULL) ? CK_INVALID_HANDLE : certHandle;
-}
-
-/*
- * We're looking for a cert which we have the private key for that's on the
- * list of recipients. This searches one slot.
- */
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByRecipient(PK11SlotInfo *slot, 
-	SEC_PKCS7RecipientInfo **recipientArray,SEC_PKCS7RecipientInfo **rip)
-{
-    CK_OBJECT_HANDLE certHandle;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_OBJECT_CLASS peerClass ;
-    CK_ATTRIBUTE searchTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_ISSUER, NULL, 0 },
-	{ CKA_SERIAL_NUMBER, NULL, 0}
-    };
-    int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
-    SEC_PKCS7RecipientInfo *ri = NULL;
-    CK_ATTRIBUTE *attrs;
-    int i;
-
-
-    peerClass = CKO_PRIVATE_KEY;
-    if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
-	peerClass = CKO_PUBLIC_KEY;
-    }
-
-    for (i=0; (ri = recipientArray[i]) != NULL; i++) {
-    	attrs = searchTemplate;
-
-	PK11_SETATTRS(attrs, CKA_CLASS, &certClass,sizeof(certClass)); attrs++;
-	PK11_SETATTRS(attrs, CKA_ISSUER, ri->issuerAndSN->derIssuer.data, 
-				ri->issuerAndSN->derIssuer.len); attrs++;
-	PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER, 
-	  ri->issuerAndSN->serialNumber.data,ri->issuerAndSN->serialNumber.len);
-
-	certHandle = pk11_FindObjectByTemplate(slot,searchTemplate,count);
-	if (certHandle != CK_INVALID_HANDLE) {
-	    CERTCertificate *cert = pk11_fastCert(slot,certHandle,NULL,NULL);
-	    if (PK11_IsUserCert(slot,cert,certHandle)) {
-		/* we've found a cert handle, now let's see if there is a key
-	         * associated with it... */
-		*rip = ri;
-	
-		CERT_DestroyCertificate(cert);       
-		return certHandle;
-	    }
-	    CERT_DestroyCertificate(cert);       
-	}
-    }
-    *rip = NULL;
-    return CK_INVALID_HANDLE;
-}
-
-/*
- * This function is the same as above, but it searches all the slots.
- */
-static CK_OBJECT_HANDLE
-pk11_AllFindCertObjectByRecipient(PK11SlotInfo **slotPtr, 
-	SEC_PKCS7RecipientInfo **recipientArray,SEC_PKCS7RecipientInfo **rip,
-							void *wincx) {
-    PK11SlotList *list;
-    PK11SlotListElement *le;
-    CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
-    PK11SlotInfo *slot = NULL;
-    SECStatus rv;
-
-    *slotPtr = NULL;
-
-    /* get them all! */
-    list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
-    if (list == NULL) {
-	if (list) PK11_FreeSlotList(list);
-    	return CK_INVALID_HANDLE;
-    }
-
-    *rip = NULL;
-
-    /* Look for the slot that holds the Key */
-    for (le = list->head ; le; le = le->next) {
-	if ( !PK11_IsFriendly(le->slot)) {
-	    rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
-	    if (rv != SECSuccess) continue;
-	}
-
-	certHandle = pk11_FindCertObjectByRecipient(le->slot,
-							recipientArray,rip);
-	if (certHandle != CK_INVALID_HANDLE) {
-	    slot = PK11_ReferenceSlot(le->slot);
-	    break;
-	}
-    }
-
-    PK11_FreeSlotList(list);
-
-    if (slot == NULL) {
-	return CK_INVALID_HANDLE;
-    }
-    *slotPtr = slot;
-    return certHandle;
-}
-
-/*
- * We need to invert the search logic for PKCS 7 because if we search for
- * each cert on the list over all the slots, we wind up with lots of spurious
- * password prompts. This way we get only one password prompt per slot, at
- * the max, and most of the time we can find the cert, and only prompt for
- * the key...
- */
-CERTCertificate *
-PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slotPtr, 
-	SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
-				SECKEYPrivateKey**privKey, void *wincx)
-{
-    CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
-    CK_OBJECT_HANDLE keyHandle = CK_INVALID_HANDLE;
-    CERTCertificate *cert = NULL;
-    SECStatus rv;
-
-    *privKey = NULL;
-    certHandle = pk11_AllFindCertObjectByRecipient(slotPtr,array,rip,wincx);
-    if (certHandle == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-
-    rv = PK11_Authenticate(*slotPtr,PR_TRUE,wincx);
-    if (rv != SECSuccess) {
-	PK11_FreeSlot(*slotPtr);
-	*slotPtr = NULL;
-	return NULL;
-    }
-
-    keyHandle = PK11_MatchItem(*slotPtr,certHandle,CKO_PRIVATE_KEY);
-    if (keyHandle == CK_INVALID_HANDLE) { 
-	PK11_FreeSlot(*slotPtr);
-	*slotPtr = NULL;
-	return NULL;
-    }
-
-    *privKey =  PK11_MakePrivKey(*slotPtr, nullKey, PR_TRUE, keyHandle, wincx);
-    if (*privKey == NULL) {
-	PK11_FreeSlot(*slotPtr);
-	*slotPtr = NULL;
-	return NULL;
-    }
-    cert = PK11_MakeCertFromHandle(*slotPtr,certHandle,NULL);
-    if (cert == NULL) {
-	PK11_FreeSlot(*slotPtr);
-	SECKEY_DestroyPrivateKey(*privKey);
-	*slotPtr = NULL;
-	*privKey = NULL;
-	return NULL;
-    }
-    return cert;
-}
-
-/*
- * This is the new version of the above function for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-int
-PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist, void *wincx)
-{
-    CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
-    CK_OBJECT_HANDLE keyHandle = CK_INVALID_HANDLE;
-    NSSCMSRecipient *rl;
-    int rlIndex;
-
-    certHandle = pk11_AllFindCertObjectByRecipientNew(recipientlist, wincx, &rlIndex);
-    if (certHandle == CK_INVALID_HANDLE) {
-	return -1;
-    }
-
-    rl = recipientlist[rlIndex];
-
-    /* at this point, rl->slot is set */
-
-    /* authenticate to the token */
-    if (PK11_Authenticate(rl->slot, PR_TRUE, wincx) != SECSuccess) {
-	PK11_FreeSlot(rl->slot);
-	rl->slot = NULL;
-	return -1;
-    }
-
-    /* try to get a private key handle for the cert we found */
-    keyHandle = PK11_MatchItem(rl->slot, certHandle, CKO_PRIVATE_KEY);
-    if (keyHandle == CK_INVALID_HANDLE) { 
-	PK11_FreeSlot(rl->slot);
-	rl->slot = NULL;
-	return -1;
-    }
-
-    /* make a private key out of the handle */
-    rl->privkey = PK11_MakePrivKey(rl->slot, nullKey, PR_TRUE, keyHandle, wincx);
-    if (rl->privkey == NULL) {
-	PK11_FreeSlot(rl->slot);
-	rl->slot = NULL;
-	return -1;
-    }
-    /* make a cert from the cert handle */
-    rl->cert = PK11_MakeCertFromHandle(rl->slot, certHandle, NULL);
-    if (rl->cert == NULL) {
-	PK11_FreeSlot(rl->slot);
-	SECKEY_DestroyPrivateKey(rl->privkey);
-	rl->slot = NULL;
-	rl->privkey = NULL;
-	return -1;
-    }
-    return rlIndex;
-}
-
-CERTCertificate *
-PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN,
-							 void *wincx)
-{
-#ifdef NSS_CLASSIC
-    CK_OBJECT_HANDLE certHandle;
-    CERTCertificate *cert = NULL;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE searchTemplate[] = {
- 	{ CKA_CLASS, NULL, 0 },
-	{ CKA_ISSUER, NULL, 0 },
-	{ CKA_SERIAL_NUMBER, NULL, 0}
-    };
-    int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
-    CK_ATTRIBUTE *attrs = searchTemplate;
-
-    PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_ISSUER, issuerSN->derIssuer.data, 
-					issuerSN->derIssuer.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER, issuerSN->serialNumber.data, 
-						issuerSN->serialNumber.len);
-
-    certHandle = pk11_FindCertObjectByTemplate
-					(slotPtr,searchTemplate,count,wincx);
-    if (certHandle == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-    cert = PK11_MakeCertFromHandle(*slotPtr,certHandle,NULL);
-    if (cert == NULL) {
-	PK11_FreeSlot(*slotPtr);
-	return NULL;
-    }
-    return cert;
-#else
-    CERTCertificate *rvCert = NULL;
-    NSSCertificate *cert;
-    NSSDER issuer, serial;
-    NSSCryptoContext *cc;
-    SECItem *derSerial;
-
-    if (slotPtr) *slotPtr = NULL;
-
-    /* PKCS#11 needs to use DER-encoded serial numbers.  Create a
-     * CERTIssuerAndSN that actually has the encoded value and pass that
-     * to PKCS#11 (and the crypto context).
-     */
-    derSerial = SEC_ASN1EncodeItem(NULL, NULL,
-                                   &issuerSN->serialNumber,
-                                   SEC_IntegerTemplate);
-    if (!derSerial) {
-	return NULL;
-    }
-
-    NSSITEM_FROM_SECITEM(&issuer, &issuerSN->derIssuer);
-    NSSITEM_FROM_SECITEM(&serial, derSerial);
-
-    cc = STAN_GetDefaultCryptoContext();
-    cert = NSSCryptoContext_FindCertificateByIssuerAndSerialNumber(cc, 
-                                                                &issuer, 
-                                                                &serial);
-    if (cert) {
-	SECITEM_FreeItem(derSerial, PR_TRUE);
-	return STAN_GetCERTCertificate(cert);
-    }
-retry:
-    cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
-                                                  STAN_GetDefaultTrustDomain(),
-                                                  &issuer,
-                                                  &serial);
-    if (cert) {
-	rvCert = STAN_GetCERTCertificate(cert);
-	/* Check to see if the cert's token is still there */
-	if (!PK11_IsPresent(rvCert->slot)) {
-	    CERT_DestroyCertificate(rvCert);
-	    goto retry;
-	}
-	if (slotPtr) *slotPtr = PK11_ReferenceSlot(rvCert->slot);
-    }
-    SECITEM_FreeItem(derSerial, PR_TRUE);
-    return rvCert;
-#endif
-}
-
-CK_OBJECT_HANDLE
-PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
-{
-    CK_OBJECT_HANDLE certHandle;
-    CK_ATTRIBUTE searchTemplate	= { CKA_VALUE, NULL, 0 };
-    
-    PK11_SETATTRS(&searchTemplate, CKA_VALUE, cert->derCert.data,
-		  cert->derCert.len);
-
-    if (cert->slot) {
-	certHandle = pk11_getcerthandle(cert->slot,cert,&searchTemplate,1);
-	if (certHandle != CK_INVALID_HANDLE) {
-	    *pSlot = PK11_ReferenceSlot(cert->slot);
-	    return certHandle;
-	}
-    }
-
-    certHandle = pk11_FindCertObjectByTemplate(pSlot,&searchTemplate,1,wincx);
-    if (certHandle != CK_INVALID_HANDLE) {
-	if (cert->slot == NULL) {
-	    cert->slot = PK11_ReferenceSlot(*pSlot);
-	    cert->pkcs11ID = certHandle;
-	    cert->ownSlot = PR_TRUE;
-	}
-    }
-
-    return(certHandle);
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx)
-{
-    CK_OBJECT_HANDLE certHandle;
-    CK_OBJECT_HANDLE keyHandle;
-    PK11SlotInfo *slot = NULL;
-    SECKEYPrivateKey *privKey;
-    SECStatus rv;
-
-    certHandle = PK11_FindObjectForCert(cert, wincx, &slot);
-    if (certHandle == CK_INVALID_HANDLE) {
-	 return NULL;
-    }
-    rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-    if (rv != SECSuccess) {
-	PK11_FreeSlot(slot);
-	return NULL;
-    }
-    keyHandle = PK11_MatchItem(slot,certHandle,CKO_PRIVATE_KEY);
-    if (keyHandle == CK_INVALID_HANDLE) { 
-	PK11_FreeSlot(slot);
-	return NULL;
-    }
-    privKey =  PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
-    PK11_FreeSlot(slot);
-    return privKey;
-}
-
-CK_OBJECT_HANDLE
-pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx)
-{
-    CK_OBJECT_HANDLE certHandle;
-    CK_OBJECT_HANDLE keyHandle;
-
-    certHandle = PK11_FindObjectForCert(cert, wincx, slot);
-    if (certHandle == CK_INVALID_HANDLE) {
-	 return CK_INVALID_HANDLE;
-    }
-    keyHandle = PK11_MatchItem(*slot,certHandle,CKO_PUBLIC_KEY);
-    if (keyHandle == CK_INVALID_HANDLE) { 
-	PK11_FreeSlot(*slot);
-	return CK_INVALID_HANDLE;
-    }
-    return keyHandle;
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID, void *wincx)
-{
-    CK_OBJECT_HANDLE keyHandle;
-    SECKEYPrivateKey *privKey;
-
-    keyHandle = pk11_FindPrivateKeyFromCertID(slot, keyID);
-    if (keyHandle == CK_INVALID_HANDLE) { 
-	return NULL;
-    }
-    privKey =  PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
-    return privKey;
-}
-
-/*
- * find the number of certs in the slot with the same subject name
- */
-int
-PK11_NumberCertsForCertSubject(CERTCertificate *cert)
-{
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_SUBJECT, NULL, 0 },
-    };
-    CK_ATTRIBUTE *attr = theTemplate;
-   int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
-    PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
-    PK11_SETATTRS(attr,CKA_SUBJECT,cert->derSubject.data,cert->derSubject.len);
-
-    if (cert->slot == NULL) {
-	PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
-							PR_FALSE,PR_TRUE,NULL);
-	PK11SlotListElement *le;
-	int count = 0;
-
-	/* loop through all the fortezza tokens */
-	for (le = list->head; le; le = le->next) {
-	    count += PK11_NumberObjectsFor(le->slot,theTemplate,templateSize);
-	}
-	PK11_FreeSlotList(list);
-	return count;
-    }
-
-    return PK11_NumberObjectsFor(cert->slot,theTemplate,templateSize);
-}
-
-/*
- *  Walk all the certs with the same subject
- */
-SECStatus
-PK11_TraverseCertsForSubject(CERTCertificate *cert,
-        SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-    if(!cert) {
-	return SECFailure;
-    }
-    if (cert->slot == NULL) {
-	PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
-							PR_FALSE,PR_TRUE,NULL);
-	PK11SlotListElement *le;
-
-	/* loop through all the fortezza tokens */
-	for (le = list->head; le; le = le->next) {
-	    PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg);
-	}
-	PK11_FreeSlotList(list);
-	return SECSuccess;
-
-    }
-
-    return PK11_TraverseCertsForSubjectInSlot(cert, cert->slot, callback, arg);
-}
-
-SECStatus
-PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot,
-	SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
-    pk11DoCertCallback caller;
-    pk11TraverseSlot callarg;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_SUBJECT, NULL, 0 },
-    };
-    CK_ATTRIBUTE *attr = theTemplate;
-   int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
-    PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
-    PK11_SETATTRS(attr,CKA_SUBJECT,cert->derSubject.data,cert->derSubject.len);
-
-    if (slot == NULL)  {
-	return SECSuccess;
-    }
-    caller.noslotcallback = callback;
-    caller.callback = NULL;
-    caller.itemcallback = NULL;
-    caller.callbackArg = arg;
-    callarg.callback = pk11_DoCerts;
-    callarg.callbackArg = (void *) & caller;
-    callarg.findTemplate = theTemplate;
-    callarg.templateCount = templateSize;
-    
-    return PK11_TraverseSlot(slot, &callarg);
-#else
-    PRStatus nssrv = PR_SUCCESS;
-    NSSToken *token;
-    NSSDER subject;
-    NSSTrustDomain *td;
-    nssList *subjectList;
-    nssPKIObjectCollection *collection;
-    nssCryptokiObject **instances;
-    NSSCertificate **certs;
-    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-    td = STAN_GetDefaultTrustDomain();
-    NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
-    token = PK11Slot_GetNSSToken(slot);
-    if (!nssToken_IsPresent(token)) {
-	return SECSuccess;
-    }
-    collection = nssCertificateCollection_Create(td, NULL);
-    if (!collection) {
-	return SECFailure;
-    }
-    subjectList = nssList_Create(NULL, PR_FALSE);
-    if (!subjectList) {
-	nssPKIObjectCollection_Destroy(collection);
-	return SECFailure;
-    }
-    (void)nssTrustDomain_GetCertsForSubjectFromCache(td, &subject, 
-                                                     subjectList);
-    transfer_token_certs_to_collection(subjectList, token, collection);
-    instances = nssToken_FindCertificatesBySubject(token, NULL,
-	                                           &subject, 
-	                                           tokenOnly, 0, &nssrv);
-    nssPKIObjectCollection_AddInstances(collection, instances, 0);
-    nss_ZFreeIf(instances);
-    nssList_Destroy(subjectList);
-    certs = nssPKIObjectCollection_GetCertificates(collection,
-                                                   NULL, 0, NULL);
-    nssPKIObjectCollection_Destroy(collection);
-    if (certs) {
-	CERTCertificate *oldie;
-	NSSCertificate **cp;
-	for (cp = certs; *cp; cp++) {
-	    oldie = STAN_GetCERTCertificate(*cp);
-	    if ((*callback)(oldie, arg) != SECSuccess) {
-		nssrv = PR_FAILURE;
-		break;
-	    }
-	}
-	nssCertificateArray_Destroy(certs);
-    }
-    return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-SECStatus
-PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot,
-	SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
-    pk11DoCertCallback caller;
-    pk11TraverseSlot callarg;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_LABEL, NULL, 0 },
-    };
-    CK_ATTRIBUTE *attr = theTemplate;
-    int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
-    if(!nickname) {
-	return SECSuccess;
-    }
-
-    PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
-    PK11_SETATTRS(attr,CKA_LABEL,nickname->data,nickname->len);
-
-    if (slot == NULL) {
-	return SECSuccess;
-    }
-
-    caller.noslotcallback = callback;
-    caller.callback = NULL;
-    caller.itemcallback = NULL;
-    caller.callbackArg = arg;
-    callarg.callback = pk11_DoCerts;
-    callarg.callbackArg = (void *) & caller;
-    callarg.findTemplate = theTemplate;
-    callarg.templateCount = templateSize;
-
-    return PK11_TraverseSlot(slot, &callarg);
-#else
-    struct nss3_cert_cbstr pk11cb;
-    PRStatus nssrv = PR_SUCCESS;
-    NSSToken *token;
-    NSSTrustDomain *td;
-    NSSUTF8 *nick;
-    PRBool created = PR_FALSE;
-    nssCryptokiObject **instances;
-    nssPKIObjectCollection *collection = NULL;
-    NSSCertificate **certs;
-    nssList *nameList = NULL;
-    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-    pk11cb.callback = callback;
-    pk11cb.arg = arg;
-    token = PK11Slot_GetNSSToken(slot);
-    if (!nssToken_IsPresent(token)) {
-	return SECSuccess;
-    }
-    if (nickname->data[nickname->len-1] != '\0') {
-	nick = nssUTF8_Create(NULL, nssStringType_UTF8String, 
-	                      nickname->data, nickname->len);
-	created = PR_TRUE;
-    } else {
-	nick = (NSSUTF8 *)nickname->data;
-    }
-    td = STAN_GetDefaultTrustDomain();
-    collection = nssCertificateCollection_Create(td, NULL);
-    if (!collection) {
-	goto loser;
-    }
-    nameList = nssList_Create(NULL, PR_FALSE);
-    if (!nameList) {
-	goto loser;
-    }
-    (void)nssTrustDomain_GetCertsForNicknameFromCache(td, nick, nameList);
-    transfer_token_certs_to_collection(nameList, token, collection);
-    instances = nssToken_FindCertificatesByNickname(token, NULL,
-	                                            nick,
-	                                            tokenOnly, 0, &nssrv);
-    nssPKIObjectCollection_AddInstances(collection, instances, 0);
-    nss_ZFreeIf(instances);
-    nssList_Destroy(nameList);
-    certs = nssPKIObjectCollection_GetCertificates(collection,
-                                                   NULL, 0, NULL);
-    nssPKIObjectCollection_Destroy(collection);
-    if (certs) {
-	CERTCertificate *oldie;
-	NSSCertificate **cp;
-	for (cp = certs; *cp; cp++) {
-	    oldie = STAN_GetCERTCertificate(*cp);
-	    if ((*callback)(oldie, arg) != SECSuccess) {
-		nssrv = PR_FAILURE;
-		break;
-	    }
-	}
-	nssCertificateArray_Destroy(certs);
-    }
-    if (created) nss_ZFreeIf(nick);
-    return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-loser:
-    if (created) {
-	nss_ZFreeIf(nick);
-    }
-    if (collection) {
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    if (nameList) {
-	nssList_Destroy(nameList);
-    }
-    return SECFailure;
-#endif
-}
-
-SECStatus
-PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
-	SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
-    pk11DoCertCallback caller;
-    pk11TraverseSlot callarg;
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-    };
-    CK_ATTRIBUTE *attr = theTemplate;
-    int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
-    PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
-
-    if (slot == NULL) {
-	return SECSuccess;
-    }
-
-    caller.noslotcallback = callback;
-    caller.callback = NULL;
-    caller.itemcallback = NULL;
-    caller.callbackArg = arg;
-    callarg.callback = pk11_DoCerts;
-    callarg.callbackArg = (void *) & caller;
-    callarg.findTemplate = theTemplate;
-    callarg.templateCount = templateSize;
-    return PK11_TraverseSlot(slot, &callarg);
-#else
-    PRStatus nssrv;
-    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-    NSSToken *tok;
-    nssList *certList = NULL;
-    nssCryptokiObject **instances;
-    nssPKIObjectCollection *collection;
-    NSSCertificate **certs;
-    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-    tok = PK11Slot_GetNSSToken(slot);
-    if (!nssToken_IsPresent(tok)) {
-	return SECSuccess;
-    }
-    collection = nssCertificateCollection_Create(td, NULL);
-    if (!collection) {
-	return SECFailure;
-    }
-    certList = nssList_Create(NULL, PR_FALSE);
-    if (!certList) {
-	nssPKIObjectCollection_Destroy(collection);
-	return SECFailure;
-    }
-    (void *)nssTrustDomain_GetCertsFromCache(td, certList);
-    transfer_token_certs_to_collection(certList, tok, collection);
-    instances = nssToken_FindCertificates(tok, NULL,
-                                          tokenOnly, 0, &nssrv);
-    nssPKIObjectCollection_AddInstances(collection, instances, 0);
-    nss_ZFreeIf(instances);
-    nssList_Destroy(certList);
-    certs = nssPKIObjectCollection_GetCertificates(collection,
-                                                   NULL, 0, NULL);
-    nssPKIObjectCollection_Destroy(collection);
-    if (certs) {
-	CERTCertificate *oldie;
-	NSSCertificate **cp;
-	for (cp = certs; *cp; cp++) {
-	    oldie = STAN_GetCERTCertificate(*cp);
-	    if ((*callback)(oldie, arg) != SECSuccess) {
-		nssrv = PR_FAILURE;
-		break;
-	    }
-	}
-	nssCertificateArray_Destroy(certs);
-    }
-    return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-/*
- * return the certificate associated with a derCert 
- */
-CERTCertificate *
-PK11_FindCertFromDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
-								 void *wincx)
-{
-#ifdef NSS_CLASSIC
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_VALUE, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_OBJECT_HANDLE certh;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    SECStatus rv;
-
-    PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, 
-						cert->derCert.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
-    /*
-     * issue the find
-     */
-    if ( !PK11_IsFriendly(slot)) {
-	rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-	if (rv != SECSuccess) return NULL;
-    }
-
-    certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
-    if (certh == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-    return PK11_MakeCertFromHandle(slot, certh, NULL);
-#else
-    CERTCertificate *rvCert = NULL;
-    NSSCertificate *c;
-    NSSDER derCert;
-    NSSToken *tok;
-    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-    tok = PK11Slot_GetNSSToken(slot);
-    NSSITEM_FROM_SECITEM(&derCert, &cert->derCert);
-    if (!PK11_IsFriendly(slot)) {
-	if (PK11_Authenticate(slot, PR_TRUE, wincx) != SECSuccess) {
-	    PK11_FreeSlot(slot);
-	    return NULL;
-	}
-    }
-    c = NSSTrustDomain_FindCertificateByEncodedCertificate(td, &derCert);
-    if (c) {
-	PRBool isToken = PR_FALSE;
-	NSSToken **tp;
-	NSSToken **tokens = nssPKIObject_GetTokens(&c->object, NULL);
-	if (tokens) {
-	    for (tp = tokens; *tp; tp++) {
-		if (*tp == tok) {
-		    isToken = PR_TRUE;
-		    break;
-		}
-	    }
-	    if (!isToken) {
-		NSSCertificate_Destroy(c);
-		c = NULL;
-	    }
-	    nssTokenArray_Destroy(tokens);
-	}
-    }
-    if (c) {
-	rvCert = STAN_GetCERTCertificate(c);
-    }
-    return rvCert;
-#endif
-} 
-
-/* mcgreer 3.4 -- nobody uses this, ignoring */
-/*
- * return the certificate associated with a derCert 
- */
-CERTCertificate *
-PK11_FindCertFromDERSubjectAndNickname(PK11SlotInfo *slot, 
-					CERTCertificate *cert, 
-					char *nickname, void *wincx)
-{
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_SUBJECT, NULL, 0 },
-	{ CKA_LABEL, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_OBJECT_HANDLE certh;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    SECStatus rv;
-
-    PK11_SETATTRS(attrs, CKA_SUBJECT, cert->derSubject.data, 
-						cert->derSubject.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_LABEL, nickname, PORT_Strlen(nickname));
-    PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
-    /*
-     * issue the find
-     */
-    if ( !PK11_IsFriendly(slot)) {
-	rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-	if (rv != SECSuccess) return NULL;
-    }
-
-    certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
-    if (certh == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-
-    return PK11_MakeCertFromHandle(slot, certh, NULL);
-}
-
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname.
- */
-static CK_OBJECT_HANDLE 
-pk11_findKeyObjectByDERCert(PK11SlotInfo *slot, CERTCertificate *cert, 
-								void *wincx)
-{
-    SECItem *keyID;
-    CK_OBJECT_HANDLE key;
-    SECStatus rv;
-
-    if((slot == NULL) || (cert == NULL)) {
-	return CK_INVALID_HANDLE;
-    }
-
-    keyID = pk11_mkcertKeyID(cert);
-    if(keyID == NULL) {
-	return CK_INVALID_HANDLE;
-    }
-
-    key = CK_INVALID_HANDLE;
-
-    rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-    if (rv != SECSuccess) goto loser;
-
-    key = pk11_FindPrivateKeyFromCertID(slot, keyID);
-
-loser:
-    SECITEM_ZfreeItem(keyID, PR_TRUE);
-    return key;
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByDERCert(PK11SlotInfo *slot, CERTCertificate *cert, 
-								void *wincx)
-{
-    CK_OBJECT_HANDLE keyHandle;
-
-    if((slot == NULL) || (cert == NULL)) {
-	return NULL;
-    }
-
-    keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
-    if (keyHandle == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-
-    return PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,wincx);
-}
-
-SECStatus
-PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert, 
-						char *nickname, 
-						PRBool addCertUsage,void *wincx)
-{
-    CK_OBJECT_HANDLE keyHandle;
-
-    if((slot == NULL) || (cert == NULL) || (nickname == NULL)) {
-	return SECFailure;
-    }
-
-    keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
-    if (keyHandle == CK_INVALID_HANDLE) {
-	return SECFailure;
-    }
-
-    return PK11_ImportCert(slot, cert, keyHandle, nickname, addCertUsage);
-}   
-
-
-/* remove when the real version comes out */
-#define SEC_OID_MISSI_KEA 300  /* until we have v3 stuff merged */
-PRBool
-KEAPQGCompare(CERTCertificate *server,CERTCertificate *cert) {
-
-    if ( SECKEY_KEAParamCompare(server,cert) == SECEqual ) {
-        return PR_TRUE;
-    } else {
-	return PR_FALSE;
-    }
-}
-
-PRBool
-PK11_FortezzaHasKEA(CERTCertificate *cert) {
-   /* look at the subject and see if it is a KEA for MISSI key */
-   SECOidData *oid;
-
-   if ((cert->trust == NULL) ||
-       ((cert->trust->sslFlags & CERTDB_USER) != CERTDB_USER)) {
-       return PR_FALSE;
-   }
-
-   oid = SECOID_FindOID(&cert->subjectPublicKeyInfo.algorithm.algorithm);
-
-
-   return (PRBool)((oid->offset == SEC_OID_MISSI_KEA_DSS_OLD) || 
-		(oid->offset == SEC_OID_MISSI_KEA_DSS) ||
-				(oid->offset == SEC_OID_MISSI_KEA)) ;
-}
-
-/*
- * Find a kea cert on this slot that matches the domain of it's peer
- */
-static CERTCertificate
-*pk11_GetKEAMate(PK11SlotInfo *slot,CERTCertificate *peer)
-{
-    int i;
-    CERTCertificate *returnedCert = NULL;
-
-    for (i=0; i < slot->cert_count; i++) {
-	CERTCertificate *cert = slot->cert_array[i];
-
-	if (PK11_FortezzaHasKEA(cert) && KEAPQGCompare(peer,cert)) {
-		returnedCert = CERT_DupCertificate(cert);
-		break;
-	}
-    }
-    return returnedCert;
-}
-
-/*
- * The following is a FORTEZZA only Certificate request. We call this when we
- * are doing a non-client auth SSL connection. We are only interested in the
- * fortezza slots, and we are only interested in certs that share the same root
- * key as the server.
- */
-CERTCertificate *
-PK11_FindBestKEAMatch(CERTCertificate *server, void *wincx)
-{
-    PK11SlotList *keaList = PK11_GetAllTokens(CKM_KEA_KEY_DERIVE,
-							PR_FALSE,PR_TRUE,wincx);
-    PK11SlotListElement *le;
-    CERTCertificate *returnedCert = NULL;
-    SECStatus rv;
-
-    /* loop through all the fortezza tokens */
-    for (le = keaList->head; le; le = le->next) {
-        rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
-        if (rv != SECSuccess) continue;
-	if (le->slot->session == CK_INVALID_SESSION) {
-	    continue;
-	}
-	returnedCert = pk11_GetKEAMate(le->slot,server);
-	if (returnedCert) break;
-    }
-    PK11_FreeSlotList(keaList);
-
-    return returnedCert;
-}
-
-/*
- * find a matched pair of kea certs to key exchange parameters from one 
- * fortezza card to another as necessary.
- */
-SECStatus
-PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1, PK11SlotInfo *slot2,
-	CERTCertificate **cert1, CERTCertificate **cert2)
-{
-    CERTCertificate *returnedCert = NULL;
-    int i;
-
-    for (i=0; i < slot1->cert_count; i++) {
-	CERTCertificate *cert = slot1->cert_array[i];
-
-	if (PK11_FortezzaHasKEA(cert)) {
-	    returnedCert = pk11_GetKEAMate(slot2,cert);
-	    if (returnedCert != NULL) {
-		*cert2 = returnedCert;
-		*cert1 = CERT_DupCertificate(cert);
-		return SECSuccess;
-	    }
-	}
-    }
-    return SECFailure;
-}
-
-SECOidTag 
-PK11_FortezzaMapSig(SECOidTag algTag)
-{
-    switch (algTag) {
-    case SEC_OID_MISSI_KEA_DSS:
-    case SEC_OID_MISSI_DSS:
-    case SEC_OID_MISSI_DSS_OLD:
-    case SEC_OID_MISSI_KEA_DSS_OLD:
-    case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-	return SEC_OID_ANSIX9_DSA_SIGNATURE;
-    default:
-	break;
-    }
-    return algTag;
-}
-
-/*
- * return the private key From a given Cert
- */
-CK_OBJECT_HANDLE
-PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert, void *wincx)
-{
-    CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_VALUE, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_ATTRIBUTE *attrs = theTemplate;
-    SECStatus rv;
-
-    PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
-						cert->derCert.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
-    /*
-     * issue the find
-     */
-    rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-    if (rv != SECSuccess) {
-	return CK_INVALID_HANDLE;
-    }
-
-    return pk11_getcerthandle(slot,cert,theTemplate,tsize);
-}
-
-SECItem *
-PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx)
-{
-    CK_OBJECT_HANDLE handle;
-    PK11SlotInfo *slot = NULL;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_ID, NULL, 0 },
-    };
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    SECItem *item = NULL;
-    CK_RV crv;
-
-    handle = PK11_FindObjectForCert(cert,wincx,&slot);
-    if (handle == CK_INVALID_HANDLE) {
-	goto loser;
-    }
-
-
-    crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	goto loser;
-    }
-
-    item = PORT_ZNew(SECItem);
-    if (item) {
-        item->data = theTemplate[0].pValue;
-        item->len = theTemplate[0].ulValueLen;
-    }
-
-
-loser:
-    PK11_FreeSlot(slot);
-    return item;
-}
-
-SECItem *
-PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx)
-{
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_ID, NULL, 0 },
-    };
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    SECItem *item = NULL;
-    CK_RV crv;
-
-    crv = PK11_GetAttributes(NULL,key->pkcs11Slot,key->pkcs11ID,
-							theTemplate,tsize);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	goto loser;
-    }
-
-    item = PORT_ZNew(SECItem);
-    if (item) {
-        item->data = theTemplate[0].pValue;
-        item->len = theTemplate[0].ulValueLen;
-    }
-
-
-loser:
-    return item;
-}
-
-struct listCertsStr {
-    PK11CertListType type;
-    CERTCertList *certList;
-};
-
-static PRBool
-isOnList(CERTCertList *certList,CERTCertificate *cert)
-{
-	CERTCertListNode *cln;
-
-	for (cln = CERT_LIST_HEAD(certList); !CERT_LIST_END(cln,certList);
-			cln = CERT_LIST_NEXT(cln)) {
-	    if (cln->cert == cert) {
-		return PR_TRUE;
-	    }
-	}
-	return PR_FALSE;
-}
-static SECStatus
-#ifdef NSS_CLASSIC
-pk11ListCertCallback(CERTCertificate *cert, SECItem *derCert, void *arg)
-#else
-pk11ListCertCallback(CERTCertificate *cert, void *arg)
-#endif
-{
-    struct listCertsStr *listCertP = (struct listCertsStr *)arg;
-    CERTCertificate *newCert = NULL;
-    PK11CertListType type = listCertP->type;
-    CERTCertList *certList = listCertP->certList;
-    CERTCertTrust *trust;
-    PRBool isUnique = PR_FALSE;
-    PRBool isCA = PR_FALSE;
-    char *nickname = NULL;
-    unsigned int certType;
-
-    if ((type == PK11CertListUnique) || (type == PK11CertListRootUnique)) {
-	isUnique = PR_TRUE;
-    }
-    if ((type == PK11CertListCA) || (type == PK11CertListRootUnique)) {
-	isCA = PR_TRUE;
-    }
-    /* at this point the nickname is correct for the cert. save it for later */
-    if (!isUnique && cert->nickname) {
-         nickname = PORT_ArenaStrdup(listCertP->certList->arena,cert->nickname);
-    }
-#ifdef NSS_CLASSIC
-    if (derCert == NULL) {
-	newCert=CERT_DupCertificate(cert);
-    } else {
-	newCert=CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),&cert->derCert);
-    }
-#else
-    newCert=CERT_DupCertificate(cert);
-#endif
-
-    if (newCert == NULL) return SECSuccess;
-
-    trust = newCert->trust;
-
-    /* if we want user certs and we don't have one skip this cert */
-    if ((type == PK11CertListUser) && 
-	  ((trust == NULL) || 
-		( ((trust->sslFlags & CERTDB_USER) == 0)  && 
-			((trust->emailFlags & CERTDB_USER) == 0) )) ) {
-	CERT_DestroyCertificate(newCert);
-	return SECSuccess;
-    }
-
-    /* if we want root certs, skip the user certs */
-    if ((type == PK11CertListRootUnique) && 
-	  ((trust) && (((trust->sslFlags & CERTDB_USER )  || 
-				(trust->emailFlags & CERTDB_USER))) ) ) {
-	CERT_DestroyCertificate(newCert);
-	return SECSuccess;
-    }
-
-
-    /* if we want Unique certs and we already have it on our list, skip it */
-    if ( isUnique && isOnList(certList,newCert) ) {
-	CERT_DestroyCertificate(newCert);
-	return SECSuccess;
-    }
-
-    /* if we want CA certs and it ain't one, skip it */
-    if( isCA  && (!CERT_IsCACert(newCert, &certType)) ) {
-	CERT_DestroyCertificate(newCert);
-	return SECSuccess;
-    }
-
-    /* put slot certs at the end */
-    if (newCert->slot && !PK11_IsInternal(newCert->slot)) {
-    	CERT_AddCertToListTailWithData(certList,newCert,nickname);
-    } else {
-    	CERT_AddCertToListHeadWithData(certList,newCert,nickname);
-    }
-    return SECSuccess;
-}
-
-
-CERTCertList *
-PK11_ListCerts(PK11CertListType type, void *pwarg)
-{
-#ifdef NSS_CLASSIC
-    CERTCertList *certList = NULL;
-    struct listCertsStr listCerts;
-    
-    certList= CERT_NewCertList();
-    listCerts.type = type;
-    listCerts.certList = certList;
-
-    PK11_TraverseSlotCerts(pk11ListCertCallback,&listCerts,pwarg);
-
-    if (CERT_LIST_HEAD(certList) == NULL) {
-	CERT_DestroyCertList(certList);
-	certList = NULL;
-    }
-    return certList;
-#else
-    NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
-    CERTCertList *certList = NULL;
-    struct nss3_cert_cbstr pk11cb;
-    struct listCertsStr listCerts;
-    certList = CERT_NewCertList();
-    listCerts.type = type;
-    listCerts.certList = certList;
-    pk11cb.callback = pk11ListCertCallback;
-    pk11cb.arg = &listCerts;
-
-    /* authenticate to the slots */
-    (void) pk11_TraverseAllSlots( NULL, NULL, pwarg);
-#ifdef notdef
-    if (type == PK11CertListUser) {
-	NSSTrustDomain_TraverseUserCertificates(defaultTD, convert_cert &pk11cb);
-    } else {
-	NSSTrustDomain_TraverseCertificates(defaultTD, convert_cert, &pk11cb);
-    }
-#else
-	NSSTrustDomain_TraverseCertificates(defaultTD, convert_cert, &pk11cb);
-#endif
-    return certList;
-#endif
-}
-
-static SECItem *
-pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle) {
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_ID, NULL, 0 },
-    };
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_RV crv;
-    SECItem *item;
-
-    item = SECITEM_AllocItem(NULL, NULL, 0);
-
-    if (item == NULL) {
-	return NULL;
-    }
-
-    crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize);
-    if (crv != CKR_OK) {
-	SECITEM_FreeItem(item,PR_TRUE);
-	PORT_SetError( PK11_MapError(crv) );
-	return NULL;
-    }
-
-    item->data = theTemplate[0].pValue;
-    item->len =theTemplate[0].ulValueLen;
-
-    return item;
-}
-    
-SECItem *
-PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
-					CERTCertificate *cert, void *wincx)
-{
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_VALUE, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_OBJECT_HANDLE certHandle;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    PK11SlotInfo *slotRef = NULL;
-    SECItem *item;
-    SECStatus rv;
-
-    if (slot) {
-	PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data, 
-						cert->derCert.len); attrs++;
-
-	rv = PK11_Authenticate(slot, PR_TRUE, wincx);
-	if (rv != SECSuccess) {
-	    return NULL;
-	}
-        certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize);
-    } else {
-    	certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef);
-	if (certHandle == CK_INVALID_HANDLE) {
-	   return pk11_mkcertKeyID(cert);
-	}
-	slot = slotRef;
-    }
-
-    if (certHandle == CK_INVALID_HANDLE) {
-	 return NULL;
-    }
-
-    item = pk11_GetLowLevelKeyFromHandle(slot,certHandle);
-    if (slotRef) PK11_FreeSlot(slotRef);
-    return item;
-}
-
-SECItem *
-PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *privKey)
-{
-    return pk11_GetLowLevelKeyFromHandle(privKey->pkcs11Slot,privKey->pkcs11ID);
-}
-
-static SECStatus
-listCertsCallback(CERTCertificate* cert, void*arg)
-{
-    CERTCertList *list = (CERTCertList*)arg;
-    char *nickname = NULL;
-
-    if (cert->nickname) {
-	nickname = PORT_ArenaStrdup(list->arena,cert->nickname);
-    }
-
-    return CERT_AddCertToListTailWithData(list, 
-				CERT_DupCertificate(cert),nickname);
-}
-
-CERTCertList *
-PK11_ListCertsInSlot(PK11SlotInfo *slot)
-{
-    SECStatus status;
-    CERTCertList *certs;
-
-    certs = CERT_NewCertList();
-    if(certs == NULL) return NULL;
-
-    status = PK11_TraverseCertsInSlot(slot, listCertsCallback,
-		(void*)certs);
-
-    if( status != SECSuccess ) {
-	CERT_DestroyCertList(certs);
-	certs = NULL;
-    }
-
-    return certs;
-}
-
-static SECStatus
-privateKeyListCallback(SECKEYPrivateKey *key, void *arg)
-{
-    SECKEYPrivateKeyList *list = (SECKEYPrivateKeyList*)arg;
-    return SECKEY_AddPrivateKeyToListTail(list, SECKEY_CopyPrivateKey(key));
-}
-
-SECKEYPrivateKeyList*
-PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot)
-{
-    SECStatus status;
-    SECKEYPrivateKeyList *keys;
-
-    keys = SECKEY_NewPrivateKeyList();
-    if(keys == NULL) return NULL;
-
-    status = PK11_TraversePrivateKeysInSlot(slot, privateKeyListCallback,
-		(void*)keys);
-
-    if( status != SECSuccess ) {
-	SECKEY_DestroyPrivateKeyList(keys);
-	keys = NULL;
-    }
-
-    return keys;
-}
-
-SECKEYPublicKeyList*
-PK11_ListPublicKeysInSlot(PK11SlotInfo *slot, char *nickname)
-{
-    CK_ATTRIBUTE findTemp[4];
-    CK_ATTRIBUTE *attrs;
-    CK_BBOOL ckTrue = CK_TRUE;
-    CK_OBJECT_CLASS keyclass = CKO_PUBLIC_KEY;
-    int tsize = 0;
-    int objCount = 0;
-    CK_OBJECT_HANDLE *key_ids;
-    SECKEYPublicKeyList *keys;
-    int i,len;
-
-
-    attrs = findTemp;
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
-    if (nickname) {
-	len = PORT_Strlen(nickname)-1;
-	PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
-    }
-    tsize = attrs - findTemp;
-    PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
-    key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
-    if (key_ids == NULL) {
-	return NULL;
-    }
-    keys = SECKEY_NewPublicKeyList();
-    if (keys == NULL) {
-	PORT_Free(key_ids);
-    }
-
-    for (i=0; i < objCount ; i++) {
-	SECKEYPublicKey *pubKey = 
-				PK11_ExtractPublicKey(slot,nullKey,key_ids[i]);
-	if (pubKey) {
-	    SECKEY_AddPublicKeyToListTail(keys, pubKey);
-	}
-   }
-
-   PORT_Free(key_ids);
-   return keys;
-}
-
-SECKEYPrivateKeyList*
-PK11_ListPrivKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
-{
-    CK_ATTRIBUTE findTemp[4];
-    CK_ATTRIBUTE *attrs;
-    CK_BBOOL ckTrue = CK_TRUE;
-    CK_OBJECT_CLASS keyclass = CKO_PRIVATE_KEY;
-    int tsize = 0;
-    int objCount = 0;
-    CK_OBJECT_HANDLE *key_ids;
-    SECKEYPrivateKeyList *keys;
-    int i,len;
-
-
-    attrs = findTemp;
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
-    if (nickname) {
-	len = PORT_Strlen(nickname)-1;
-	PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
-    }
-    tsize = attrs - findTemp;
-    PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
-    key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
-    if (key_ids == NULL) {
-	return NULL;
-    }
-    keys = SECKEY_NewPrivateKeyList();
-    if (keys == NULL) {
-	PORT_Free(key_ids);
-    }
-
-    for (i=0; i < objCount ; i++) {
-	SECKEYPrivateKey *privKey = 
-		PK11_MakePrivKey(slot,nullKey,PR_TRUE,key_ids[i],wincx);
-	SECKEY_AddPrivateKeyToListTail(keys, privKey);
-   }
-
-   PORT_Free(key_ids);
-   return keys;
-}
-
-/*
- * return the certificate associated with a derCert 
- */
-SECItem *
-PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *crlHandle,
-					 SECItem *name, int type, char **url)
-{
-#ifdef NSS_CLASSIC
-    CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_SUBJECT, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_NETSCAPE_KRL, NULL, 0 },
-    };
-    CK_ATTRIBUTE crlData[] = {
-	{ CKA_VALUE, NULL, 0 },
-	{ CKA_NETSCAPE_URL, NULL, 0 },
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_BBOOL ck_true = CK_TRUE;
-    CK_BBOOL ck_false = CK_FALSE;
-    CK_OBJECT_HANDLE crlh = CK_INVALID_HANDLE;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    CK_RV crv;
-    SECItem *derCrl = NULL;
-
-    PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, (type == SEC_CRL_TYPE) ? 
-			&ck_false : &ck_true, sizeof (CK_BBOOL)); attrs++;
-
-    if (*slot) {
-    	crlh = pk11_FindObjectByTemplate(*slot,theTemplate,tsize);
-    } else {
-	PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
-							PR_FALSE,PR_TRUE,NULL);
-	PK11SlotListElement *le;
-
-	/* loop through all the fortezza tokens */
-	for (le = list->head; le; le = le->next) {
-	    crlh = pk11_FindObjectByTemplate(le->slot,theTemplate,tsize);
-	    if (crlh != CK_INVALID_HANDLE) {
-		*slot = PK11_ReferenceSlot(le->slot);
-		break;
-	    }
-	}
-	PK11_FreeSlotList(list);
-    }
-    
-    if (crlh == CK_INVALID_HANDLE) {
-	PORT_SetError(SEC_ERROR_NO_KRL);
-	return NULL;
-    }
-    crv = PK11_GetAttributes(NULL,*slot,crlh,crlData,2);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError (crv));
-	goto loser;
-    }
-
-    derCrl = (SECItem *)PORT_ZAlloc(sizeof(SECItem));    
-    if (derCrl == NULL) {
-	goto loser;
-    }
-
-    derCrl->data = crlData[0].pValue;
-    derCrl->len = crlData[0].ulValueLen;
-
-    if (crlHandle) {
-        *crlHandle = crlh;
-    }
-
-    if ((url) && crlData[1].ulValueLen != 0) {
-	/* make sure it's a null terminated string */
-	*url = PORT_ZAlloc (crlData[1].ulValueLen+1);
-	if (*url) {
-	    PORT_Memcpy(*url,crlData[1].pValue,crlData[1].ulValueLen);
-	}
-    }
-	
-
-loser:
-    if (!derCrl) {
-	if (crlData[0].pValue) PORT_Free(crlData[0].pValue);
-    }
-    if (crlData[1].pValue) PORT_Free(crlData[1].pValue);
-    return derCrl;
-#else
-    NSSCRL **crls, **crlp, *crl;
-    NSSDER subject;
-    SECItem *rvItem;
-    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-    NSSITEM_FROM_SECITEM(&subject, name);
-    if (*slot) {
-	nssCryptokiObject **instances;
-	nssPKIObjectCollection *collection;
-	nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	NSSToken *token = PK11Slot_GetNSSToken(*slot);
-	collection = nssCRLCollection_Create(td, NULL);
-	if (!collection) {
-	    return NULL;
-	}
-	instances = nssToken_FindCRLsBySubject(token, NULL, &subject, 
-	                                       tokenOnly, 0, NULL);
-	nssPKIObjectCollection_AddInstances(collection, instances, 0);
-	nss_ZFreeIf(instances);
-	crls = nssPKIObjectCollection_GetCRLs(collection, NULL, 0, NULL);
-	nssPKIObjectCollection_Destroy(collection);
-    } else {
-	crls = nssTrustDomain_FindCRLsBySubject(td, &subject);
-    }
-    if (!crls) {
-	return NULL;
-    }
-    crl = NULL;
-    for (crlp = crls; *crlp; crlp++) {
-	if ((!(*crlp)->isKRL && type == SEC_CRL_TYPE) ||
-	    ((*crlp)->isKRL && type != SEC_CRL_TYPE)) 
-	{
-	    crl = nssCRL_AddRef(*crlp);
-	    break;
-	}
-    }
-    nssCRLArray_Destroy(crls);
-    if (!crl) {
-	return NULL;
-    }
-    *slot = PK11_ReferenceSlot(crl->object.instances[0]->token->pk11slot);
-    *crlHandle = crl->object.instances[0]->handle;
-    if (crl->url) {
-	*url = PORT_Strdup(crl->url);
-    }
-    rvItem = SECITEM_AllocItem(NULL, NULL, crl->encoding.size);
-    if (!rvItem) {
-	PORT_Free(*url);
-	nssCRL_Destroy(crl);
-	return NULL;
-    }
-    memcpy(rvItem->data, crl->encoding.data, crl->encoding.size);
-    nssCRL_Destroy(crl);
-    return rvItem;
-#endif
-}
-
-CK_OBJECT_HANDLE
-PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl, SECItem *name, 
-							char *url, int type)
-{
-#ifdef NSS_CLASSIC
-    CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_SUBJECT, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_NETSCAPE_KRL, NULL, 0 },
-	{ CKA_NETSCAPE_URL, NULL, 0 },
-	{ CKA_VALUE, NULL, 0 },
-	{ CKA_TOKEN, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize;
-    CK_BBOOL ck_true = CK_TRUE;
-    CK_BBOOL ck_false = CK_FALSE;
-    CK_OBJECT_HANDLE crlh = CK_INVALID_HANDLE;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    CK_SESSION_HANDLE rwsession;
-    CK_RV crv;
-
-    PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, (type == SEC_CRL_TYPE) ? 
-			&ck_false : &ck_true, sizeof (CK_BBOOL)); attrs++;
-    if (url) {
-	PK11_SETATTRS(attrs, CKA_NETSCAPE_URL, url, PORT_Strlen(url)+1); attrs++;
-    }
-    PK11_SETATTRS(attrs, CKA_VALUE,crl->data,crl->len); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ck_true,sizeof(CK_BBOOL)); attrs++;
-
-    tsize = attrs - &theTemplate[0];
-    PORT_Assert(tsize <= sizeof(theTemplate)/sizeof(theTemplate[0]));
-
-    rwsession = PK11_GetRWSession(slot);
-    if (rwsession == CK_INVALID_SESSION) {
-	PORT_SetError(SEC_ERROR_READ_ONLY);
-	return crlh;
-    }
-
-    crv = PK11_GETTAB(slot)->
-                        C_CreateObject(rwsession,theTemplate,tsize,&crlh);
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-    }
-
-    PK11_RestoreROSession(slot,rwsession);
-
-    return crlh;
-#else
-    NSSItem derCRL, derSubject;
-    NSSToken *token = PK11Slot_GetNSSToken(slot);
-    nssCryptokiObject *object;
-    PRBool isKRL = (type == SEC_CRL_TYPE) ? PR_FALSE : PR_TRUE;
-    CK_OBJECT_HANDLE rvH;
-
-    NSSITEM_FROM_SECITEM(&derSubject, name);
-    NSSITEM_FROM_SECITEM(&derCRL, crl);
-
-    object = nssToken_ImportCRL(token, NULL, 
-                                &derSubject, &derCRL, isKRL, url, PR_TRUE);
-
-    if (object) {
-	rvH = object->handle;
-	nssCryptokiObject_Destroy(object);
-    } else {
-	rvH = CK_INVALID_HANDLE;
-    }
-    return rvH;
-#endif
-}
-
-
-/*
- * delete a crl.
- */
-SECStatus
-SEC_DeletePermCRL(CERTSignedCrl *crl)
-{
-#ifdef NSS_CLASSIC
-    PK11SlotInfo *slot = crl->slot;
-    CK_RV crv;
-
-    if (slot == NULL) {
-	/* shouldn't happen */
-	PORT_SetError( SEC_ERROR_CRL_INVALID);
-	return SECFailure;
-    }
-
-    crv = PK11_DestroyTokenObject(slot,crl->pkcs11ID);
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    crl->slot = NULL;
-    PK11_FreeSlot(slot);
-    return SECSuccess;
-#else
-    PRStatus status;
-    NSSToken *token;
-    nssCryptokiObject *object;
-    PK11SlotInfo *slot = crl->slot;
-
-    if (slot == NULL) {
-	/* shouldn't happen */
-	PORT_SetError( SEC_ERROR_CRL_INVALID);
-	return SECFailure;
-    }
-    token = PK11Slot_GetNSSToken(slot);
-
-    object = nss_ZNEW(NULL, nssCryptokiObject);
-    object->token = nssToken_AddRef(token);
-    object->handle = crl->pkcs11ID;
-    object->isTokenObject = PR_TRUE;
-
-    status = nssToken_DeleteStoredObject(object);
-
-    nssCryptokiObject_Destroy(object);
-    return (status == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-/*
- * return the certificate associated with a derCert 
- */
-SECItem *
-PK11_FindSMimeProfile(PK11SlotInfo **slot, char *emailAddr,
-				 SECItem *name, SECItem **profileTime)
-{
-    CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_SUBJECT, NULL, 0 },
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_NETSCAPE_EMAIL, NULL, 0 },
-    };
-    CK_ATTRIBUTE smimeData[] =  {
-	{ CKA_SUBJECT, NULL, 0 },
-	{ CKA_VALUE, NULL, 0 },
-    };
-    /* if you change the array, change the variable below as well */
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    CK_RV crv;
-    SECItem *emailProfile = NULL;
-
-    PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL, emailAddr, strlen(emailAddr)); 
-								    attrs++;
-
-    if (*slot) {
-    	smimeh = pk11_FindObjectByTemplate(*slot,theTemplate,tsize);
-    } else {
-	PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
-							PR_FALSE,PR_TRUE,NULL);
-	PK11SlotListElement *le;
-
-	/* loop through all the fortezza tokens */
-	for (le = list->head; le; le = le->next) {
-	    smimeh = pk11_FindObjectByTemplate(le->slot,theTemplate,tsize);
-	    if (smimeh != CK_INVALID_HANDLE) {
-		*slot = PK11_ReferenceSlot(le->slot);
-		break;
-	    }
-	}
-	PK11_FreeSlotList(list);
-    }
-    
-    if (smimeh == CK_INVALID_HANDLE) {
-	PORT_SetError(SEC_ERROR_NO_KRL);
-	return NULL;
-    }
-
-    if (profileTime) {
-    	PK11_SETATTRS(smimeData, CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0);
-    } 
-    
-    crv = PK11_GetAttributes(NULL,*slot,smimeh,smimeData,2);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError (crv));
-	goto loser;
-    }
-
-    if (!profileTime) {
-	SECItem profileSubject;
-
-	profileSubject.data = smimeData[0].pValue;
-	profileSubject.len = smimeData[0].ulValueLen;
-	if (!SECITEM_ItemsAreEqual(&profileSubject,name)) {
-	    goto loser;
-	}
-    }
-
-    emailProfile = (SECItem *)PORT_ZAlloc(sizeof(SECItem));    
-    if (emailProfile == NULL) {
-	goto loser;
-    }
-
-    emailProfile->data = smimeData[1].pValue;
-    emailProfile->len = smimeData[1].ulValueLen;
-
-    if (profileTime) {
-	*profileTime = (SECItem *)PORT_ZAlloc(sizeof(SECItem));    
-	if (*profileTime) {
-	    (*profileTime)->data = smimeData[0].pValue;
-	    (*profileTime)->len = smimeData[0].ulValueLen;
-	}
-    }
-
-loser:
-    if (emailProfile == NULL) {
-	if (smimeData[1].pValue) {
-	    PORT_Free(smimeData[1].pValue);
-	}
-    }
-    if (profileTime == NULL || *profileTime == NULL) {
-	if (smimeData[0].pValue) {
-	    PORT_Free(smimeData[0].pValue);
-	}
-    }
-    return emailProfile;
-}
-
-
-SECStatus
-PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
-				 SECItem *emailProfile,  SECItem *profileTime)
-{
-    CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
-    CK_BBOOL ck_true = CK_TRUE;
-    CK_ATTRIBUTE theTemplate[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_TOKEN, NULL, 0 },
-	{ CKA_SUBJECT, NULL, 0 },
-	{ CKA_NETSCAPE_EMAIL, NULL, 0 },
-	{ CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0 },
-	{ CKA_VALUE, NULL, 0 }
-    };
-    /* if you change the array, change the variable below as well */
-    int realSize = 0;
-    CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    CK_SESSION_HANDLE rwsession;
-    PK11SlotInfo *free_slot = NULL;
-    CK_RV crv;
-#ifdef DEBUG
-    int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-#endif
-
-    PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ck_true, sizeof(ck_true)); attrs++;
-    PK11_SETATTRS(attrs, CKA_SUBJECT, derSubj->data, derSubj->len); attrs++;
-    PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL, 
-				emailAddr, PORT_Strlen(emailAddr)+1); attrs++;
-    if (profileTime) {
-	PK11_SETATTRS(attrs, CKA_NETSCAPE_SMIME_TIMESTAMP, profileTime->data,
-	                                            profileTime->len); attrs++;
-	PK11_SETATTRS(attrs, CKA_VALUE,emailProfile->data,
-	                                            emailProfile->len); attrs++;
-    }
-    realSize = attrs - theTemplate;
-    PORT_Assert (realSize <= tsize);
-
-    if (slot == NULL) {
-	free_slot = slot = PK11_GetInternalKeySlot();
-	/* we need to free the key slot in the end!!! */
-    }
-
-    rwsession = PK11_GetRWSession(slot);
-    if (rwsession == CK_INVALID_SESSION) {
-	PORT_SetError(SEC_ERROR_READ_ONLY);
-	if (free_slot) {
-	    PK11_FreeSlot(free_slot);
-	}
-	return SECFailure;
-    }
-
-    crv = PK11_GETTAB(slot)->
-                        C_CreateObject(rwsession,theTemplate,realSize,&smimeh);
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-    }
-
-    PK11_RestoreROSession(slot,rwsession);
-
-    if (free_slot) {
-	PK11_FreeSlot(free_slot);
-    }
-    return SECSuccess;
-}
-
-
diff --git a/security/nss/lib/pk11wrap/pk11err.c b/security/nss/lib/pk11wrap/pk11err.c
deleted file mode 100644
index b6846af84..000000000
--- a/security/nss/lib/pk11wrap/pk11err.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* 
- * this file maps PKCS11 Errors into SECErrors
- *  This is an information reducing process, since most errors are reflected
- *  back to the user (the user doesn't care about invalid flags, or active
- *  operations). If any of these errors need more detail in the upper layers
- *  which call PK11 library functions, we can add more SEC_ERROR_XXX functions
- *  and change there mappings here.
- */
-#include "pkcs11t.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-#ifdef PK11_ERROR_USE_ARRAY 
-
-/*
- * build a static array of entries...
- */
-static struct {
-	CK_RV pk11_error;
-	int   sec_error;
-} pk11_error_map = {
-#define MAPERROR(x,y) {x, y},
-
-#else
-
-/* the default is to use a big switch statement */
-int
-PK11_MapError(CK_RV rv) {
-
-	switch (rv) {
-#define MAPERROR(x,y) case x: return y;
-
-#endif
-
-/* the guts mapping */
-	MAPERROR(CKR_OK, 0)
-	MAPERROR(CKR_CANCEL, SEC_ERROR_IO)
-	MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY)
-	MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY)
-	MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */
-	MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_IO)
-	MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY)
-	MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN)
-	MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_OPERATION_NOT_INITIALIZED,SEC_ERROR_LIBRARY_FAILURE )
-	MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD)
-	MAPERROR(CKR_PIN_INVALID, SEC_ERROR_BAD_PASSWORD)
-	MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_BAD_PASSWORD)
-	MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */
-	MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE)
-	MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE)
-	MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA)
-	MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN)
-	MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO)
-	MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY)
-	MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0)
-	MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_LIBRARY_FAILURE) /* XXXX */
-	MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN)
-	MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE)
-	MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
-	MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE)
-
-
-#ifdef PK11_ERROR_USE_ARRAY 
-
-int
-PK11_MapError(CK_RV rv) {
-    int size = sizeof(pk11_error_map)/sizeof(pk11_error_map[0]);
-
-    for (i=0; i < size; i++) {
-	if (pk11_error_map[i].pk11_error == rv) {
-	    return pk11_error_map[i].sec_error;
-	}
-    }
-    return SEC_ERROR_IO;
- }
-
-
-#else
-
-    default:
-	break;
-    }
-    return SEC_ERROR_IO;
-}
-
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
deleted file mode 100644
index 61f1fd705..000000000
--- a/security/nss/lib/pk11wrap/pk11func.h
+++ /dev/null
@@ -1,550 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-#ifndef _PK11FUNC_H_
-#define _PK11FUNC_H_
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "keyt.h"
-#include "certt.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "seccomon.h"
-#include "pkcs7t.h"
-#include "cmsreclist.h"
-
-SEC_BEGIN_PROTOS
-
-/************************************************************
- * Generic Slot Lists Management
- ************************************************************/
-PK11SlotList * PK11_NewSlotList(void);
-void PK11_FreeSlotList(PK11SlotList *list);
-SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot);
-SECStatus PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le);
-PK11SlotListElement * PK11_GetFirstSafe(PK11SlotList *list);
-PK11SlotListElement *PK11_GetNextSafe(PK11SlotList *list, 
-				PK11SlotListElement *le, PRBool restart);
-PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
-							PK11SlotInfo *slot);
-
-/************************************************************
- * Generic Slot Management
- ************************************************************/
-PK11SlotInfo *PK11_ReferenceSlot(PK11SlotInfo *slot);
-PK11SlotInfo *PK11_FindSlotByID(SECMODModuleID modID,CK_SLOT_ID slotID);
-void PK11_FreeSlot(PK11SlotInfo *slot);
-SECStatus PK11_DestroyObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object);
-SECStatus PK11_DestroyTokenObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object);
-CK_OBJECT_HANDLE PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject);
-SECStatus PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
-         CK_ATTRIBUTE_TYPE type, PRArenaPool *arena, SECItem *result);
-CK_ULONG PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
-         CK_ATTRIBUTE_TYPE type);
-PK11SlotInfo *PK11_GetInternalKeySlot(void);
-PK11SlotInfo *PK11_GetInternalSlot(void);
-char * PK11_MakeString(PRArenaPool *arena,char *space,char *staticSring,
-								int stringLen);
-int PK11_MapError(CK_RV error);
-CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot);
-void PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession);
-PRBool PK11_RWSessionHasLock(PK11SlotInfo *slot,
-					 CK_SESSION_HANDLE session_handle);
-PK11SlotInfo *PK11_NewSlotInfo(void);
-SECStatus PK11_Logout(PK11SlotInfo *slot);
-void PK11_LogoutAll(void);
-void PK11_EnterSlotMonitor(PK11SlotInfo *);
-void PK11_ExitSlotMonitor(PK11SlotInfo *);
-void PK11_CleanKeyList(PK11SlotInfo *slot);
-
-
-/************************************************************
- *  Slot Password Management
- ************************************************************/
-void PK11_SetSlotPWValues(PK11SlotInfo *slot,int askpw, int timeout);
-void PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout);
-SECStatus PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw);
-SECStatus PK11_CheckUserPassword(PK11SlotInfo *slot,char *pw);
-SECStatus PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
-PRBool PK11_IsLoggedIn(PK11SlotInfo *slot, void *wincx);
-SECStatus PK11_VerifyPW(PK11SlotInfo *slot,char *pw);
-SECStatus PK11_InitPin(PK11SlotInfo *slot,char *ssopw, char *pk11_userpwd);
-SECStatus PK11_ChangePW(PK11SlotInfo *slot,char *oldpw, char *newpw);
-void PK11_HandlePasswordCheck(PK11SlotInfo *slot,void *wincx);
-void PK11_SetPasswordFunc(PK11PasswordFunc func);
-void PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func);
-void PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func);
-int PK11_GetMinimumPwdLength(PK11SlotInfo *slot);
-SECStatus PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd);
-
-/************************************************************
- * Manage the built-In Slot Lists
- ************************************************************/
-SECStatus PK11_InitSlotLists(void);
-void PK11_DestroySlotLists(void);
-PK11SlotList *PK11_GetSlotList(CK_MECHANISM_TYPE type);
-void PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count);
-void PK11_ClearSlotList(PK11SlotInfo *slot);
-
-
-/******************************************************************
- *           Slot initialization
- ******************************************************************/
-PRBool PK11_VerifyMechanism(PK11SlotInfo *slot,PK11SlotInfo *intern,
-  CK_MECHANISM_TYPE mech, SECItem *data, SECItem *iv);
-PRBool PK11_VerifySlotMechanisms(PK11SlotInfo *slot);
-SECStatus pk11_CheckVerifyTest(PK11SlotInfo *slot);
-SECStatus PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts);
-SECStatus PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
-void PK11_InitSlot(SECMODModule *mod,CK_SLOT_ID slotID,PK11SlotInfo *slot);
-
-
-/******************************************************************
- *           Slot info functions
- ******************************************************************/
-PK11SlotInfo *PK11_FindSlotByName(char *name);
-PK11SlotInfo *PK11_FindSlotBySerial(char *serial);
-PRBool PK11_IsReadOnly(PK11SlotInfo *slot);
-PRBool PK11_IsInternal(PK11SlotInfo *slot);
-char * PK11_GetTokenName(PK11SlotInfo *slot);
-char * PK11_GetSlotName(PK11SlotInfo *slot);
-PRBool PK11_NeedLogin(PK11SlotInfo *slot);
-PRBool PK11_IsFriendly(PK11SlotInfo *slot);
-PRBool PK11_IsHW(PK11SlotInfo *slot);
-PRBool PK11_NeedUserInit(PK11SlotInfo *slot);
-PRBool PK11_ProtectedAuthenticationPath(PK11SlotInfo *slot);
-int PK11_GetSlotSeries(PK11SlotInfo *slot);
-int PK11_GetCurrentWrapIndex(PK11SlotInfo *slot);
-unsigned long PK11_GetDefaultFlags(PK11SlotInfo *slot);
-CK_SLOT_ID PK11_GetSlotID(PK11SlotInfo *slot);
-SECMODModuleID PK11_GetModuleID(PK11SlotInfo *slot);
-SECStatus PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info);
-SECStatus PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info);
-PRBool PK11_IsDisabled(PK11SlotInfo *slot);
-PRBool PK11_HasRootCerts(PK11SlotInfo *slot);
-PK11DisableReasons PK11_GetDisabledReason(PK11SlotInfo *slot);
-/* Prevents the slot from being used, and set disable reason to user-disable */
-/* NOTE: Mechanisms that were ON continue to stay ON */
-/*       Therefore, when the slot is enabled, it will remember */
-/*       what mechanisms needs to be turned on */
-PRBool PK11_UserDisableSlot(PK11SlotInfo *slot);
-/* Allow all mechanisms that are ON before UserDisableSlot() */
-/* was called to be available again */
-PRBool PK11_UserEnableSlot(PK11SlotInfo *slot);
-
-PRBool PK11_NeedPWInit(void);
-PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot);
-PRBool PK11_TokenExists(CK_MECHANISM_TYPE);
-SECStatus PK11_GetModInfo(SECMODModule *mod, CK_INFO *info);
-PRBool PK11_IsFIPS(void);
-SECMODModule *PK11_GetModule(PK11SlotInfo *slot);
-
-/*********************************************************************
- *            Slot mapping utility functions.
- *********************************************************************/
-PRBool PK11_IsPresent(PK11SlotInfo *slot);
-PRBool PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
-PK11SlotList * PK11_GetAllTokens(CK_MECHANISM_TYPE type,PRBool needRW,
-					PRBool loadCerts, void *wincx);
-PK11SlotList * PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
-						PRBool needRW,void *wincx);
-PK11SlotInfo *PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int count,
-							void *wincx);
-PK11SlotInfo *PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx);
-CK_MECHANISM_TYPE PK11_GetBestWrapMechanism(PK11SlotInfo *slot);
-int PK11_GetBestKeyLength(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
-
-/*********************************************************************
- *       Mechanism Mapping functions
- *********************************************************************/
-void PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
-		 	CK_MECHANISM_TYPE keygen, int ivLen, int blocksize);
-CK_MECHANISM_TYPE PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len);
-CK_MECHANISM_TYPE PK11_GetKeyGen(CK_MECHANISM_TYPE type);
-int PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params);
-int PK11_GetIVLength(CK_MECHANISM_TYPE type);
-SECItem *PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv);
-unsigned char *PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len);
-SECItem * PK11_BlockData(SECItem *data,unsigned long size);
-
-/* PKCS #11 to DER mapping functions */
-SECItem *PK11_ParamFromAlgid(SECAlgorithmID *algid);
-SECItem *PK11_GenerateNewParam(CK_MECHANISM_TYPE, PK11SymKey *);
-CK_MECHANISM_TYPE PK11_AlgtagToMechanism(SECOidTag algTag);
-SECOidTag PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type);
-SECOidTag PK11_FortezzaMapSig(SECOidTag algTag);
-SECStatus PK11_ParamToAlgid(SECOidTag algtag, SECItem *param,
-                                   PRArenaPool *arena, SECAlgorithmID *algid);
-SECStatus PK11_SeedRandom(PK11SlotInfo *,unsigned char *data,int len);
-SECStatus PK11_RandomUpdate(void *data, size_t bytes);
-SECStatus PK11_GenerateRandom(unsigned char *data,int len);
-CK_RV PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
-					    CK_MECHANISM_PTR pCryptoMechanism,
-					    SECItem *pbe_pwd, PRBool bad3DES);
-CK_MECHANISM_TYPE PK11_GetPadMechanism(CK_MECHANISM_TYPE);
-
-/**********************************************************************
- *                   Symetric, Public, and Private Keys 
- **********************************************************************/
-PK11SymKey *PK11_CreateSymKey(PK11SlotInfo *slot, 
-					CK_MECHANISM_TYPE type, void *wincx);
-void PK11_FreeSymKey(PK11SymKey *key);
-PK11SymKey *PK11_ReferenceSymKey(PK11SymKey *symKey);
-PK11SymKey *PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
-    PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, void *wincx);
-PK11SymKey *PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot, 
-    CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation, 
-    SECItem *key, CK_FLAGS flags, PRBool isPerm, void *wincx);
-PK11SymKey *PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent,
-    PK11Origin origin, CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID, 
-    PRBool owner, void *wincx);
-PK11SymKey *PK11_GetWrapKey(PK11SlotInfo *slot, int wrap,
-			      CK_MECHANISM_TYPE type,int series, void *wincx);
-void PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey);
-CK_MECHANISM_TYPE PK11_GetMechanism(PK11SymKey *symKey);
-CK_OBJECT_HANDLE PK11_ImportPublicKey(PK11SlotInfo *slot, 
-				SECKEYPublicKey *pubKey, PRBool isToken);
-PK11SymKey *PK11_KeyGen(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
-				SECItem *param,	int keySize,void *wincx);
-PK11SymKey * PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname,
-								void *wincx);
-PK11SymKey *PK11_GetNextSymKey(PK11SymKey *symKey);
-
-/* Key Generation specialized for SDR (fixed DES3 key) */
-PK11SymKey *PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx);
-
-SECStatus PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
-				PK11SymKey *symKey, SECItem *wrappedKey);
-SECStatus PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *params,
-	 PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey);
-PK11SymKey *PK11_Derive(PK11SymKey *baseKey, CK_MECHANISM_TYPE mechanism,
-   			SECItem *param, CK_MECHANISM_TYPE target, 
-		        CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_DeriveWithFlags( PK11SymKey *baseKey, 
-	CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target, 
-	CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags);
-PK11SymKey *PK11_PubDerive( SECKEYPrivateKey *privKey, 
- SECKEYPublicKey *pubKey, PRBool isSender, SECItem *randomA, SECItem *randomB,
- CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
-		 CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx) ;
-PK11SymKey *PK11_UnwrapSymKey(PK11SymKey *key, 
-	CK_MECHANISM_TYPE wraptype, SECItem *param, SECItem *wrapppedKey,  
-	CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey, 
-	CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey, 
-	CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize, 
-	CK_FLAGS flags);
-PK11SymKey *PK11_PubUnwrapSymKey(SECKEYPrivateKey *key, SECItem *wrapppedKey,
-	 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, 
-						SECItem *keyID, void *wincx);
-SECStatus PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey,PRBool force);
-SECStatus PK11_DeleteTokenPublicKey(SECKEYPublicKey *pubKey);
-SECStatus PK11_DeleteTokenSymKey(PK11SymKey *symKey);
-SECStatus PK11_DeleteTokenCertAndKey(CERTCertificate *cert,void *wincx);
-SECKEYPrivateKey * PK11_LoadPrivKey(PK11SlotInfo *slot,
-		SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey, 
-					PRBool token, PRBool sensitive);
-SECKEYPublicKey *PK11_ExtractPublicKey(PK11SlotInfo *slot, KeyType keyType,
-					 CK_OBJECT_HANDLE id);
-char * PK11_GetSymKeyNickname(PK11SymKey *symKey);
-char * PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey);
-char * PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey);
-SECStatus PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname);
-SECStatus PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, 
-							const char *nickname);
-SECStatus PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey, 
-							const char *nickname);
-
-/* size to hold key in bytes */
-unsigned int PK11_GetKeyLength(PK11SymKey *key);
-/* size of actual secret parts of key in bits */
-/* algid is because RC4 strength is determined by the effective bits as well
- * as the key bits */
-unsigned int PK11_GetKeyStrength(PK11SymKey *key,SECAlgorithmID *algid);
-SECStatus PK11_ExtractKeyValue(PK11SymKey *symKey);
-SECItem * PK11_GetKeyData(PK11SymKey *symKey);
-PK11SlotInfo * PK11_GetSlotFromKey(PK11SymKey *symKey);
-void *PK11_GetWindow(PK11SymKey *symKey);
-SECKEYPrivateKey *PK11_GenerateKeyPair(PK11SlotInfo *slot,
-   CK_MECHANISM_TYPE type, void *param, SECKEYPublicKey **pubk,
-		 	    PRBool isPerm, PRBool isSensitive, void *wincx);
-SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
-                        PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx);
-SECKEYPrivateKey * PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot,
-				 	CERTCertificate *cert, void *wincx);
-SECKEYPrivateKey * PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx);
-SECKEYPrivateKey * PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID,
-				       void *wincx);
-CK_OBJECT_HANDLE PK11_FindObjectForCert(CERTCertificate *cert,
-					void *wincx, PK11SlotInfo **pSlot);
-int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key); 
-SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
-   unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen);
-/* The encrypt version of the above function */
-SECStatus PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc,
-                unsigned char *data, unsigned dataLen, void *wincx);
-SECStatus PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot, 
-		SECKEYPrivateKeyInfo *pki, SECItem *nickname,
-		SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
-		unsigned int usage, void *wincx);
-SECStatus PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, 
-		SECKEYPrivateKeyInfo *pki, SECItem *nickname,
-		SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
-		unsigned int usage, SECKEYPrivateKey** privk, void *wincx);
-SECStatus PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot, 
-		SECItem *derPKI, SECItem *nickname,
-		SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
-		unsigned int usage, void *wincx);
-SECStatus PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, 
-		SECItem *derPKI, SECItem *nickname,
-		SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
-		unsigned int usage, SECKEYPrivateKey** privk, void *wincx);
-SECStatus PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot, 
-		SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem, 
-		SECItem *nickname, SECItem *publicValue, PRBool isPerm,
-		PRBool isPrivate, KeyType type, 
-		unsigned int usage, void *wincx);
-SECKEYPrivateKeyInfo *PK11_ExportPrivateKeyInfo(
-		CERTCertificate *cert, void *wincx);
-SECKEYEncryptedPrivateKeyInfo *PK11_ExportEncryptedPrivateKeyInfo(
-		PK11SlotInfo *slot, SECOidTag algTag, SECItem *pwitem,
-		CERTCertificate *cert, int iteration, void *wincx);
-SECKEYPrivateKey *PK11_FindKeyByDERCert(PK11SlotInfo *slot, 
-					CERTCertificate *cert, void *wincx);
-SECKEYPublicKey *PK11_MakeKEAPubKey(unsigned char *data, int length);
-SECStatus PK11_DigestKey(PK11Context *context, PK11SymKey *key);
-PRBool PK11_VerifyKeyOK(PK11SymKey *key);
-SECKEYPrivateKey *PK11_UnwrapPrivKey(PK11SlotInfo *slot, 
-		PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
-		SECItem *param, SECItem *wrappedKey, SECItem *label, 
-		SECItem *publicValue, PRBool token, PRBool sensitive,
-		CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
-		void *wincx);
-SECStatus PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
-			   SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
-			   SECItem *param, SECItem *wrappedKey, void *wincx);
-PK11SymKey * pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
-		 	CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
-SECItem *PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx);
-SECItem * PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx);
-SECItem* PK11_DEREncodePublicKey(SECKEYPublicKey *pubk);
-PK11SymKey* PK11_CopySymKeyForSigning(PK11SymKey *originalKey,
-	CK_MECHANISM_TYPE mech);
-SECKEYPrivateKeyList* PK11_ListPrivKeysInSlot(PK11SlotInfo *slot,
-						 char *nickname, void *wincx);
-SECKEYPublicKeyList* PK11_ListPublicKeysInSlot(PK11SlotInfo *slot,
-							char *nickname);
-SECKEYPQGParams *PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey);
-/* depricated */
-SECKEYPrivateKeyList* PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot);
-
-/**********************************************************************
- *                   Certs
- **********************************************************************/
-SECItem *PK11_MakeIDFromPubKey(SECItem *pubKeyData);
-CERTCertificate *PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey);
-SECStatus PK11_TraverseSlotCerts(
-     SECStatus(* callback)(CERTCertificate*,SECItem *,void *),
-                                                void *arg, void *wincx);
-SECStatus PK11_TraversePrivateKeysInSlot( PK11SlotInfo *slot,
-    SECStatus(* callback)(SECKEYPrivateKey*, void*), void *arg);
-CERTCertificate * PK11_FindCertFromNickname(char *nickname, void *wincx);
-CERTCertList * PK11_FindCertsFromNickname(char *nickname, void *wincx);
-SECKEYPrivateKey * PK11_FindPrivateKeyFromNickname(char *nickname, void *wincx);
-SECStatus PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
-                CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust);
-PK11SlotInfo *PK11_ImportCertForKey(CERTCertificate *cert, char *nickname,
-								void *wincx);
-PK11SlotInfo *PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,
-								void *wincx);
-CK_OBJECT_HANDLE * PK11_FindObjectsFromNickname(char *nickname,
-	PK11SlotInfo **slotptr, CK_OBJECT_CLASS objclass, int *returnCount, 
-								void *wincx);
-PK11SlotInfo *PK11_KeyForCertExists(CERTCertificate *cert,
-					CK_OBJECT_HANDLE *keyPtr, void *wincx);
-PK11SlotInfo *PK11_KeyForDERCertExists(SECItem *derCert,
-					CK_OBJECT_HANDLE *keyPtr, void *wincx);
-CK_OBJECT_HANDLE PK11_MatchItem(PK11SlotInfo *slot,CK_OBJECT_HANDLE peer,
-						CK_OBJECT_CLASS o_class); 
-CERTCertificate * PK11_FindCertByIssuerAndSN(PK11SlotInfo **slot,
-					CERTIssuerAndSN *sn, void *wincx);
-CERTCertificate * PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slot,
-	SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
-				SECKEYPrivateKey**privKey, void *wincx);
-int PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist,
-				void *wincx);
-CK_BBOOL PK11_HasAttributeSet( PK11SlotInfo *slot,
-			       CK_OBJECT_HANDLE id,
-			       CK_ATTRIBUTE_TYPE type );
-CK_RV PK11_GetAttributes(PRArenaPool *arena,PK11SlotInfo *slot,
-			 CK_OBJECT_HANDLE obj,CK_ATTRIBUTE *attr, int count);
-int PK11_NumberCertsForCertSubject(CERTCertificate *cert);
-SECStatus PK11_TraverseCertsForSubject(CERTCertificate *cert, 
-	SECStatus(*callback)(CERTCertificate *, void *), void *arg);
-SECStatus PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert,
-	PK11SlotInfo *slot, SECStatus(*callback)(CERTCertificate *, void *),
-	void *arg);
-CERTCertificate *PK11_FindCertFromDERCert(PK11SlotInfo *slot, 
-					  CERTCertificate *cert, void *wincx);
-CERTCertificate *PK11_FindCertFromDERSubjectAndNickname(
-					PK11SlotInfo *slot, 
-					CERTCertificate *cert, char *nickname,
-					void *wincx);
-SECStatus PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
-					char *nickname, PRBool addUsage,
-					void *wincx);
-CERTCertificate *PK11_FindBestKEAMatch(CERTCertificate *serverCert,void *wincx);
-SECStatus PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1,
-   PK11SlotInfo *slot2, CERTCertificate **cert1, CERTCertificate **cert2);
-PRBool PK11_FortezzaHasKEA(CERTCertificate *cert);
-CK_OBJECT_HANDLE PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert,
-				     void *wincx);
-SECStatus PK11_TraverseCertsForNicknameInSlot(SECItem *nickname,
-	PK11SlotInfo *slot, SECStatus(*callback)(CERTCertificate *, void *),
-	void *arg);
-SECStatus PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
-       SECStatus(* callback)(CERTCertificate*, void *), void *arg);
-CERTCertList * PK11_ListCerts(PK11CertListType type, void *pwarg);
-CERTCertList * PK11_ListCertsInSlot(PK11SlotInfo *slot);
-SECStatus PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx);
-
-
-/**********************************************************************
- *                   Sign/Verify 
- **********************************************************************/
-int PK11_SignatureLen(SECKEYPrivateKey *key);
-PK11SlotInfo * PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key);
-SECStatus PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash);
-SECStatus PK11_VerifyRecover(SECKEYPublicKey *key, SECItem *sig,
-						 SECItem *dsig, void * wincx);
-SECStatus PK11_Verify(SECKEYPublicKey *key, SECItem *sig, 
-						SECItem *hash, void *wincx);
-
-
-
-/**********************************************************************
- *                   Crypto Contexts
- **********************************************************************/
-void PK11_DestroyContext(PK11Context *context, PRBool freeit);
-PK11Context * PK11_CreateContextByRawKey(PK11SlotInfo *slot, 
-    CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation,
-			 	SECItem *key, SECItem *param, void *wincx);
-PK11Context *PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,
-	CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey, SECItem *param);
-PK11Context *PK11_CreateDigestContext(SECOidTag hashAlg);
-PK11Context *PK11_CloneContext(PK11Context *old);
-SECStatus PK11_DigestBegin(PK11Context *cx);
-SECStatus PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in,
-					int32 len);
-SECStatus PK11_DigestOp(PK11Context *context, const unsigned char *in, 
-                        unsigned len);
-SECStatus PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen, 
-				int maxout, unsigned char *in, int inlen);
-SECStatus PK11_Finalize(PK11Context *context);
-SECStatus PK11_DigestFinal(PK11Context *context, unsigned char *data, 
-				unsigned int *outLen, unsigned int length);
-PRBool PK11_HashOK(SECOidTag hashAlg);
-SECStatus PK11_SaveContext(PK11Context *cx,unsigned char *save,
-						int *len, int saveLength);
-SECStatus PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len);
-SECStatus PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len);
-SECStatus PK11_ReadSlotCerts(PK11SlotInfo *slot);
-void PK11_FreeSlotCerts(PK11SlotInfo *slot);
-void PK11_SetFortezzaHack(PK11SymKey *symKey) ;
-
-
-/**********************************************************************
- *                   PBE functions 
- **********************************************************************/
-
-/* This function creates PBE parameters from the given inputs.  The result
- * can be used to create a password integrity key for PKCS#12, by sending
- * the return value to PK11_KeyGen along with the appropriate mechanism.
- */
-SECItem * 
-PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations);
-
-/* free params created above (can be called after keygen is done */
-void PK11_DestroyPBEParams(SECItem *params);
-
-SECAlgorithmID *
-PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt);
-PK11SymKey *
-PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid,  SECItem *pwitem,
-	       PRBool faulty3DES, void *wincx);
-PK11SymKey *
-PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *params,
-		SECItem *pwitem, PRBool faulty3DES, void *wincx);
-SECItem *
-PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem);
-
-/**********************************************************************
- * New fucntions which are already depricated....
- **********************************************************************/
-SECItem *
-PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
-					CERTCertificate *cert, void *pwarg);
-SECItem *
-PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);
-
-SECItem *
-PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *handle,
-					SECItem *derName, int type, char **url);
-
-CK_OBJECT_HANDLE
-PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl, 
-				SECItem *name, char *url, int type);
-
-SECItem *
-PK11_FindSMimeProfile(PK11SlotInfo **slotp, char *emailAddr, SECItem *derSubj,
-					SECItem **profileTime);
-SECStatus
-PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
-			SECItem *emailProfile, SECItem *profileTime);
-
-PRBool SECMOD_HasRootCerts(void);
-
-PRBool PK11_IsPermObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle);
-
-char * PK11_GetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id) ;
-SECStatus PK11_SetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id, 
-						const char *nickname) ;
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11init.h b/security/nss/lib/pk11wrap/pk11init.h
deleted file mode 100644
index b5fa0b4ec..000000000
--- a/security/nss/lib/pk11wrap/pk11init.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included in pk11wrap dir, or in softoken
- */
-#ifndef _PK11_INIT_H_
-#define _PK11_INIT_H_ 1
-
-/* hold slot default flags until we initialize a slot. This structure is only
- * useful between the time we define a module (either by hand or from the
- * database) and the time the module is loaded. Not reference counted  */
-struct PK11PreSlotInfoStr {
-    CK_SLOT_ID slotID;  	/* slot these flags are for */
-    unsigned long defaultFlags; /* bit mask of default implementation this slot
-				 * provides */
-    int askpw;			/* slot specific password bits */
-    long timeout;		/* slot specific timeout value */
-    char hasRootCerts;		/* is this the root cert PKCS #11 module? */
-    char hasRootTrust;		/* is this the root cert PKCS #11 module? */
-};
-
-#define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES]"
-
-#define SECMOD_MAKE_NSS_FLAGS(fips,slot) \
-"Flags=internal,critical"fips" slotparams=("#slot"={"SECMOD_SLOT_FLAGS"})"
-
-#define SECMOD_INT_NAME "NSS Internal PKCS #11 Module"
-#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1)
-#define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module"
-#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips",3)
-
-
-#endif /* _PK11_INIT_H_ 1 */
diff --git a/security/nss/lib/pk11wrap/pk11kea.c b/security/nss/lib/pk11wrap/pk11kea.c
deleted file mode 100644
index d6046bd99..000000000
--- a/security/nss/lib/pk11wrap/pk11kea.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-
-/*
- * find an RSA public key on a card
- */
-static CK_OBJECT_HANDLE
-pk11_FindRSAPubKey(PK11SlotInfo *slot)
-{
-    CK_KEY_TYPE key_type = CKK_RSA;
-    CK_OBJECT_CLASS class_type = CKO_PUBLIC_KEY;
-    CK_ATTRIBUTE theTemplate[2];
-    int template_count = sizeof(theTemplate)/sizeof(theTemplate[0]);
-    CK_ATTRIBUTE *attrs = theTemplate;
-
-    PK11_SETATTRS(attrs,CKA_CLASS,&class_type,sizeof(class_type)); attrs++;
-    PK11_SETATTRS(attrs,CKA_KEY_TYPE,&key_type,sizeof(key_type)); attrs++;
-    template_count = attrs - theTemplate;
-    PR_ASSERT(template_count <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
-
-    return pk11_FindObjectByTemplate(slot,theTemplate,template_count);
-}
-
-PK11SymKey *
-pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
-		 	CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
-{
-    PK11SymKey *newSymKey = NULL;
-    SECStatus rv;
-    /* performance improvement can go here --- use a generated key to as a
-     * per startup wrapping key. If it exists, use it, otherwise do a full
-     * key exchange. */
-
-    /* find a common Key Exchange algorithm */
-    /* RSA */
-    if (PK11_DoesMechanism(symKey->slot, CKM_RSA_PKCS) && 
-				PK11_DoesMechanism(slot,CKM_RSA_PKCS)) {
-	CK_OBJECT_HANDLE pubKeyHandle = CK_INVALID_HANDLE;
-	CK_OBJECT_HANDLE privKeyHandle = CK_INVALID_HANDLE;
-	SECKEYPublicKey *pubKey = NULL;
-	SECKEYPrivateKey *privKey = NULL;
-	SECItem wrapData;
-
-	wrapData.data = NULL;
-
-	/* find RSA Public Key on target */
-	pubKeyHandle = pk11_FindRSAPubKey(slot);
-	if (pubKeyHandle != CK_INVALID_HANDLE) {
-	    privKeyHandle = PK11_MatchItem(slot,pubKeyHandle,CKO_PRIVATE_KEY);
-	}
-
-	/* if no key exists, generate a key pair */
-	if (privKeyHandle == CK_INVALID_HANDLE) {
-	    unsigned int     symKeyLength = PK11_GetKeyLength(symKey);
-	    PK11RSAGenParams rsaParams;
-
-	    if (symKeyLength > 60) /* bytes */ {
-		/* we'd have to generate an RSA key pair > 512 bits long,
-		** and that's too costly.  Don't even try. 
-		*/
-		PORT_SetError( SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY );
-		goto rsa_failed;
-	    }
-	    rsaParams.keySizeInBits = 
-	        (symKeyLength > 28 || symKeyLength == 0) ? 512 : 256;
-	    rsaParams.pe  = 0x10001;
-	    privKey = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN, 
-			    &rsaParams, &pubKey,PR_FALSE,PR_TRUE,symKey->cx);
-	} else {
-	    /* if keys exist, build SECKEY data structures for them */
-	    privKey = PK11_MakePrivKey(slot,nullKey, PR_TRUE, privKeyHandle,
-					symKey->cx);
-	    if (privKey != NULL) {
-    		pubKey = PK11_ExtractPublicKey(slot, rsaKey, pubKeyHandle);
-		if (pubKey && pubKey->pkcs11Slot) {
-		    PK11_FreeSlot(pubKey->pkcs11Slot);
-		    pubKey->pkcs11Slot = NULL;
-		    pubKey->pkcs11ID = CK_INVALID_HANDLE;
-		}
-	    }
-	}
-	if (privKey == NULL) goto rsa_failed;
-	if (pubKey == NULL)  goto rsa_failed;
-
-        wrapData.len  = SECKEY_PublicKeyStrength(pubKey);
-        if (!wrapData.len) goto rsa_failed;
-        wrapData.data = PORT_Alloc(wrapData.len);
-        if (wrapData.data == NULL) goto rsa_failed;
-
-	/* now wrap the keys in and out */
-	rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, pubKey, symKey, &wrapData);
-	if (rv == SECSuccess) {
-	    newSymKey = PK11_PubUnwrapSymKey(privKey,&wrapData,type,operation,
-							symKey->size);
-	}
-rsa_failed:
-	if (wrapData.data != NULL) PORT_Free(wrapData.data);
-	if (privKey != NULL) SECKEY_DestroyPrivateKey(privKey);
-	if (pubKey != NULL) SECKEY_DestroyPublicKey(pubKey);
-
-	return  newSymKey;
-    }
-    /* KEA */
-    if (PK11_DoesMechanism(symKey->slot, CKM_KEA_KEY_DERIVE) && 
-				PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
-	CERTCertificate *certSource = NULL;
-	CERTCertificate *certTarget = NULL;
-	SECKEYPublicKey *pubKeySource = NULL;
-	SECKEYPublicKey *pubKeyTarget = NULL;
-	SECKEYPrivateKey *privKeySource = NULL;
-	SECKEYPrivateKey *privKeyTarget = NULL;
-	PK11SymKey *tekSource = NULL;
-	PK11SymKey *tekTarget = NULL;
-	SECItem Ra,wrap;
-
-	/* can only exchange skipjack keys */
-	if (type != CKM_SKIPJACK_CBC64) {
-    	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    goto kea_failed;
-	}
-
-	/* find a pair of certs we can use */
-	rv = PK11_GetKEAMatchedCerts(symKey->slot,slot,&certSource,&certTarget);
-	if (rv != SECSuccess) goto kea_failed;
-
-	/* get all the key pairs */
-	pubKeyTarget = CERT_ExtractPublicKey(certSource);
-	pubKeySource = CERT_ExtractPublicKey(certTarget);
-	privKeySource = 
-		PK11_FindKeyByDERCert(symKey->slot,certSource,symKey->cx);
-	privKeyTarget = 
-		PK11_FindKeyByDERCert(slot,certTarget,symKey->cx);
-
-	if ((pubKeySource == NULL) || (pubKeyTarget == NULL) ||
-	  (privKeySource == NULL) || (privKeyTarget == NULL)) goto kea_failed;
-
-	/* generate the wrapping TEK's */
-	Ra.data = (unsigned char*)PORT_Alloc(128 /* FORTEZZA RA MAGIC */);
-	Ra.len = 128;
-	if (Ra.data == NULL) goto kea_failed;
-
-	tekSource = PK11_PubDerive(privKeySource,pubKeyTarget,PR_TRUE,&Ra,NULL,
-		CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
-	tekTarget = PK11_PubDerive(privKeyTarget,pubKeySource,PR_FALSE,&Ra,NULL,
-		CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
-	PORT_Free(Ra.data);
-
-	if ((tekSource == NULL) || (tekTarget == NULL)) { goto kea_failed; }
-
-	/* wrap the key out of Source into target */
-	wrap.data = (unsigned char*)PORT_Alloc(12); /* MAGIC SKIPJACK LEN */
-	wrap.len = 12;
-
-	/* paranoia to prevent infinite recursion on bugs */
-	PORT_Assert(tekSource->slot == symKey->slot);
-	if (tekSource->slot != symKey->slot) {
-    	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    goto kea_failed;
-	}
-
-	rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP,NULL,tekSource,symKey,&wrap);
-	if (rv == SECSuccess) {
-	    newSymKey = PK11_UnwrapSymKey(tekTarget, CKM_SKIPJACK_WRAP, NULL,
-			&wrap, type, operation, symKey->size);
-	}
-	PORT_Free(wrap.data);
-kea_failed:
-	if (certSource == NULL) CERT_DestroyCertificate(certSource);
-	if (certTarget == NULL) CERT_DestroyCertificate(certTarget);
-	if (pubKeySource == NULL) SECKEY_DestroyPublicKey(pubKeySource);
-	if (pubKeyTarget == NULL) SECKEY_DestroyPublicKey(pubKeyTarget);
-	if (privKeySource == NULL) SECKEY_DestroyPrivateKey(privKeySource);
-	if (privKeyTarget == NULL) SECKEY_DestroyPrivateKey(privKeyTarget);
-	if (tekSource == NULL) PK11_FreeSymKey(tekSource);
-	if (tekTarget == NULL) PK11_FreeSymKey(tekTarget);
-	return newSymKey;
-    }
-    PORT_SetError( SEC_ERROR_NO_MODULE );
-    return NULL;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11list.c b/security/nss/lib/pk11wrap/pk11list.c
deleted file mode 100644
index 67bef9573..000000000
--- a/security/nss/lib/pk11wrap/pk11list.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Locking and queue management primatives
- *
- */
-
-#include "seccomon.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "prlong.h"
-
-#define ISREADING 1
-#define ISWRITING 2
-#define WANTWRITE 4
-#define ISLOCKED 3
-
-/*
- * create a new lock for a Module List
- */
-SECMODListLock *SECMOD_NewListLock() {
-    SECMODListLock *modLock;
-
-    modLock = (SECMODListLock*)PORT_Alloc(sizeof(SECMODListLock));
-#ifdef PKCS11_USE_THREADS
-    modLock->mutex = NULL;
-    modLock->monitor = PZ_NewMonitor(nssILockList);
-#else
-    modLock->mutex = NULL;
-    modLock->monitor = NULL;
-#endif
-    modLock->state = 0;
-    modLock->count = 0;
-    return modLock;
-}
-
-/*
- * destroy the lock
- */
-void SECMOD_DestroyListLock(SECMODListLock *lock) {
-    PK11_USE_THREADS(PZ_DestroyMonitor(lock->monitor);)
-    PORT_Free(lock);
-}
-
-
-/*
- * Lock the List for Read: NOTE: this assumes the reading isn't so common
- * the writing will be starved.
- */
-void SECMOD_GetReadLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
-    if (modLock == NULL) return;
-    PZ_EnterMonitor(modLock->monitor);
-    while (modLock->state & ISWRITING) {
-	PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */
-    }
-    modLock->state |= ISREADING;
-    modLock->count++;
-    PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-/*
- * Release the Read lock
- */
-void SECMOD_ReleaseReadLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
-    if (modLock == NULL) return;
-    PZ_EnterMonitor(modLock->monitor);
-    modLock->count--;
-    if (modLock->count == 0) {
-	modLock->state &= ~ISREADING;
-	if (modLock->state & WANTWRITE) {
-	    PZ_Notify(modLock->monitor);  /* only one writer at a time */
-	}
-    }
-    PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * lock the list for Write
- */
-void SECMOD_GetWriteLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
-    if (modLock == NULL) return;
-    PZ_EnterMonitor(modLock->monitor);
-    while (modLock->state & ISLOCKED) {
-	modLock->state |= WANTWRITE;
-	PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */
-    }
-    modLock->state = ISWRITING;
-    PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * Release the Write Lock: NOTE, this code is pretty inefficient if you have
- * lots of write collisions.
- */
-void SECMOD_ReleaseWriteLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
-    if (modLock == NULL) return;
-    PZ_EnterMonitor(modLock->monitor);
-    modLock->state = 0;
-    PR_NotifyAll(modLock->monitor); /* enable all the readers */
-    PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * must Hold the Write lock
- */
-void
-SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child) {
-    *parent = child->next;
-    child->next = NULL;
-}
-
-/*
- * if lock is not specified, it must already be held
- */
-void
-SECMOD_AddList(SECMODModuleList *parent, SECMODModuleList *child, 
-							SECMODListLock *lock) {
-    if (lock) { SECMOD_GetWriteLock(lock); }
-
-    child->next = parent->next;
-    parent->next = child;
-
-   if (lock) { SECMOD_ReleaseWriteLock(lock); }
-}
-
-
diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c
deleted file mode 100644
index 1711bd3a3..000000000
--- a/security/nss/lib/pk11wrap/pk11load.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-#include "seccomon.h"
-#include "pkcs11.h"
-#include "secmod.h"
-#include "prlink.h"
-#include "pk11func.h"
-#include "secmodi.h"
-#include "nssilock.h"
-
-extern void FC_GetFunctionList(void);
-extern void NSC_GetFunctionList(void);
-extern void NSC_ModuleDBFunc(void);
-
-
-/* build the PKCS #11 2.01 lock files */
-CK_RV PR_CALLBACK secmodCreateMutext(CK_VOID_PTR_PTR pmutex) {
-    *pmutex = (CK_VOID_PTR) PZ_NewLock(nssILockOther);
-    if ( *pmutex ) return CKR_OK;
-    return CKR_HOST_MEMORY;
-}
-
-CK_RV PR_CALLBACK secmodDestroyMutext(CK_VOID_PTR mutext) {
-    PZ_DestroyLock((PZLock *)mutext);
-    return CKR_OK;
-}
-
-CK_RV PR_CALLBACK secmodLockMutext(CK_VOID_PTR mutext) {
-    PZ_Lock((PZLock *)mutext);
-    return CKR_OK;
-}
-
-CK_RV PR_CALLBACK secmodUnlockMutext(CK_VOID_PTR mutext) {
-    PZ_Unlock((PZLock *)mutext);
-    return CKR_OK;
-}
-
-static SECMODModuleID  nextModuleID = 1;
-static CK_C_INITIALIZE_ARGS secmodLockFunctions = {
-    secmodCreateMutext, secmodDestroyMutext, secmodLockMutext, 
-    secmodUnlockMutext, CKF_LIBRARY_CANT_CREATE_OS_THREADS|
-	CKF_OS_LOCKING_OK
-    ,NULL
-};
-
-/*
- * set the hasRootCerts flags in the module so it can be stored back
- * into the database.
- */
-void
-SECMOD_SetRootCerts(PK11SlotInfo *slot, SECMODModule *mod) {
-    PK11PreSlotInfo *psi = NULL;
-    int i;
-
-    if (slot->hasRootCerts) {
-	for (i=0; i < mod->slotInfoCount; i++) {
-	    if (slot->slotID == mod->slotInfo[i].slotID) {
-		psi = &mod->slotInfo[i];
-		break;
-	    }
-	}
-	if (psi == NULL) {
-	   /* allocate more slots */
-	   PK11PreSlotInfo *psi_list = (PK11PreSlotInfo *)
-		PORT_ArenaAlloc(mod->arena,
-			(mod->slotInfoCount+1)* sizeof(PK11PreSlotInfo));
-	   /* copy the old ones */
-	   if (mod->slotInfoCount > 0) {
-		PORT_Memcpy(psi_list,mod->slotInfo,
-				(mod->slotInfoCount)*sizeof(PK11PreSlotInfo));
-	   }
-	   /* assign psi to the last new slot */
-	   psi = &psi_list[mod->slotInfoCount];
-	   psi->slotID = slot->slotID;
-	   psi->askpw = 0;
-	   psi->timeout = 0;
-	   psi ->defaultFlags = 0;
-
-	   /* increment module count & store new list */
-	   mod->slotInfo = psi_list;
-	   mod->slotInfoCount++;
-	   
-	}
-	psi->hasRootCerts = 1;
-    }
-}
-
-/*
- * load a new module into our address space and initialize it.
- */
-SECStatus
-SECMOD_LoadPKCS11Module(SECMODModule *mod) {
-    PRLibrary *library = NULL;
-    CK_C_GetFunctionList entry = NULL;
-    char * full_name;
-    CK_INFO info;
-    CK_ULONG slotCount = 0;
-
-
-    if (mod->loaded) return SECSuccess;
-
-    /* intenal modules get loaded from their internal list */
-    if (mod->internal) {
-	/* internal, statically get the C_GetFunctionList function */
-	if (mod->isFIPS) {
-	    entry = (CK_C_GetFunctionList) FC_GetFunctionList;
-	} else {
-	    entry = (CK_C_GetFunctionList) NSC_GetFunctionList;
-	}
-	if (mod->isModuleDB) {
-	    mod->moduleDBFunc = (void *) NSC_ModuleDBFunc;
-	}
-	if (mod->moduleDBOnly) {
-	    mod->loaded = PR_TRUE;
-	    return SECSuccess;
-	}
-    } else {
-	/* Not internal, load the DLL and look up C_GetFunctionList */
-	if (mod->dllName == NULL) {
-	    return SECFailure;
-	}
-
-#ifdef notdef
-	/* look up the library name */
-	full_name = PR_GetLibraryName(PR_GetLibraryPath(),mod->dllName);
-	if (full_name == NULL) {
-	    return SECFailure;
-	}
-#else
-	full_name = PORT_Strdup(mod->dllName);
-#endif
-
-	/* load the library. If this succeeds, then we have to remember to
-	 * unload the library if anything goes wrong from here on out...
-	 */
-	library = PR_LoadLibrary(full_name);
-	mod->library = (void *)library;
-	PORT_Free(full_name);
-	if (library == NULL) {
-	    return SECFailure;
-	}
-
-	/*
-	 * now we need to get the entry point to find the function pointers
-	 */
-	if (!mod->moduleDBOnly) {
-	    entry = (CK_C_GetFunctionList)
-			PR_FindSymbol(library, "C_GetFunctionList");
-	}
-	if (mod->isModuleDB) {
-	    mod->moduleDBFunc = (void *)
-			PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
-	}
-	if (mod->moduleDBFunc == NULL) mod->isModuleDB = PR_FALSE;
-	if (entry == NULL) {
-	    if (mod->isModuleDB) {
-		mod->loaded = PR_TRUE;
-		mod->moduleDBOnly = PR_TRUE;
-		return SECSuccess;
-	    }
-	    PR_UnloadLibrary(library);
-	    return SECFailure;
-	}
-    }
-
-    /*
-     * We need to get the function list
-     */
-    if ((*entry)((CK_FUNCTION_LIST_PTR *)&mod->functionList) != CKR_OK) 
-								goto fail;
-
-    mod->isThreadSafe = PR_TRUE;
-    /* Now we initialize the module */
-    if (mod->libraryParams) {
-	secmodLockFunctions.LibraryParameters = (void *) mod->libraryParams;
-    } else {
-	secmodLockFunctions.LibraryParameters = NULL;
-    }
-    if (PK11_GETTAB(mod)->C_Initialize(&secmodLockFunctions) != CKR_OK) {
-	mod->isThreadSafe = PR_FALSE;
-    	if (PK11_GETTAB(mod)->C_Initialize(NULL) != CKR_OK) goto fail;
-    }
-
-    /* check the version number */
-    if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK) goto fail2;
-    if (info.cryptokiVersion.major != 2) goto fail2;
-    /* all 2.0 are a priori *not* thread safe */
-    if (info.cryptokiVersion.minor < 1) mod->isThreadSafe = PR_FALSE;
-
-
-    /* If we don't have a common name, get it from the PKCS 11 module */
-    if ((mod->commonName == NULL) || (mod->commonName[0] == 0)) {
-	mod->commonName = PK11_MakeString(mod->arena,NULL,
-	   (char *)info.libraryDescription, sizeof(info.libraryDescription));
-	if (mod->commonName == NULL) goto fail2;
-    }
-    
-
-    /* initialize the Slots */
-    if (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &slotCount) == CKR_OK) {
-	CK_SLOT_ID *slotIDs;
-	int i;
-	CK_RV rv;
-
-	mod->slots = (PK11SlotInfo **)PORT_ArenaAlloc(mod->arena,
-					sizeof(PK11SlotInfo *) * slotCount);
-	if (mod->slots == NULL) goto fail2;
-
-	slotIDs = (CK_SLOT_ID *) PORT_Alloc(sizeof(CK_SLOT_ID)*slotCount);
-	if (slotIDs == NULL) {
-	    goto fail2;
-	}  
-	rv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount);
-	if (rv != CKR_OK) {
-	    PORT_Free(slotIDs);
-	    goto fail2;
-	}
-
-	/* Initialize each slot */
-	for (i=0; i < (int)slotCount; i++) {
-	    mod->slots[i] = PK11_NewSlotInfo();
-	    PK11_InitSlot(mod,slotIDs[i],mod->slots[i]);
-	    /* look down the slot info table */
-	    PK11_LoadSlotList(mod->slots[i],mod->slotInfo,mod->slotInfoCount);
-	    SECMOD_SetRootCerts(mod->slots[i],mod);
-	}
-	mod->slotCount = slotCount;
-	mod->slotInfoCount = 0;
-	PORT_Free(slotIDs);
-    }
-    
-    mod->loaded = PR_TRUE;
-    mod->moduleID = nextModuleID++;
-    return SECSuccess;
-fail2:
-    PK11_GETTAB(mod)->C_Finalize(NULL);
-fail:
-    mod->functionList = NULL;
-    if (library) PR_UnloadLibrary(library);
-    return SECFailure;
-}
-
-SECStatus
-SECMOD_UnloadModule(SECMODModule *mod) {
-    PRLibrary *library;
-
-    if (!mod->loaded) {
-	return SECFailure;
-    }
-
-    if (!mod->moduleDBOnly) PK11_GETTAB(mod)->C_Finalize(NULL);
-    mod->moduleID = 0;
-    mod->loaded = PR_FALSE;
-    
-    /* do we want the semantics to allow unloading the internal library?
-     * if not, we should change this to SECFailure and move it above the
-     * mod->loaded = PR_FALSE; */
-    if (mod->internal) {
-	return SECSuccess;
-    }
-
-    library = (PRLibrary *)mod->library;
-    /* paranoia */
-    if (library == NULL) {
-	return SECFailure;
-    }
-
-    PR_UnloadLibrary(library);
-    return SECSuccess;
-}
diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c
deleted file mode 100644
index b1602f1c8..000000000
--- a/security/nss/lib/pk11wrap/pk11pars.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pki3hack.h"
-   
-#include "pk11pars.h" 
-
-/* create a new module */
-static  SECMODModule *
-secmod_NewModule(void)
-{
-    SECMODModule *newMod;
-    PRArenaPool *arena;
-
-
-    /* create an arena in which dllName and commonName can be
-     * allocated.
-     */
-    arena = PORT_NewArena(512);
-    if (arena == NULL) {
-	return NULL;
-    }
-
-    newMod = (SECMODModule *)PORT_ArenaAlloc(arena,sizeof (SECMODModule));
-    if (newMod == NULL) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-
-    /*
-     * initialize of the fields of the module
-     */
-    newMod->arena = arena;
-    newMod->internal = PR_FALSE;
-    newMod->loaded = PR_FALSE;
-    newMod->isFIPS = PR_FALSE;
-    newMod->dllName = NULL;
-    newMod->commonName = NULL;
-    newMod->library = NULL;
-    newMod->functionList = NULL;
-    newMod->slotCount = 0;
-    newMod->slots = NULL;
-    newMod->slotInfo = NULL;
-    newMod->slotInfoCount = 0;
-    newMod->refCount = 1;
-    newMod->ssl[0] = 0;
-    newMod->ssl[1] = 0;
-    newMod->libraryParams = NULL;
-    newMod->moduleDBFunc = NULL;
-    newMod->parent = NULL;
-    newMod->isCritical = PR_FALSE;
-    newMod->isModuleDB = PR_FALSE;
-    newMod->moduleDBOnly = PR_FALSE;
-    newMod->trustOrder = 0;
-    newMod->cipherOrder = 0;
-#ifdef PKCS11_USE_THREADS
-    newMod->refLock = (void *)PZ_NewLock(nssILockRefLock);
-    if (newMod->refLock == NULL) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-#else
-    newMod->refLock = NULL;
-#endif
-    return newMod;
-    
-}
-
-/*
- * for 3.4 we continue to use the old SECMODModule structure
- */
-SECMODModule *
-SECMOD_CreateModule(char *library, char *moduleName, char *parameters, char *nss)
-{
-    SECMODModule *mod = secmod_NewModule();
-    char *slotParams,*ciphers;
-    if (mod == NULL) return NULL;
-
-    mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : "");
-    if (library) {
-	mod->dllName = PORT_ArenaStrdup(mod->arena,library);
-    }
-    /* new field */
-    if (parameters) {
-	mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
-    }
-    mod->internal = pk11_argHasFlag("flags","internal",nss);
-    mod->isFIPS = pk11_argHasFlag("flags","FIPS",nss);
-    mod->isCritical = pk11_argHasFlag("flags","critical",nss);
-    slotParams = pk11_argGetParamValue("slotParams",nss);
-    mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams,
-							&mod->slotInfoCount);
-    if (slotParams) PORT_Free(slotParams);
-    /* new field */
-    mod->trustOrder = pk11_argReadLong("trustOrder",nss,
-						PK11_DEFAULT_TRUST_ORDER,NULL);
-    /* new field */
-    mod->cipherOrder = pk11_argReadLong("cipherOrder",nss,
-						PK11_DEFAULT_CIPHER_ORDER,NULL);
-    /* new field */
-    mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nss);
-    mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nss);
-    if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
-
-    ciphers = pk11_argGetParamValue("ciphers",nss);
-    pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers);
-    if (ciphers) PORT_Free(ciphers);
-
-    secmod_PrivateModuleCount++;
-
-    return mod;
-}
-
-static char *
-pk11_mkModuleSpec(SECMODModule * module)
-{
-    char *nss = NULL, *modSpec = NULL, **slotStrings = NULL;
-    int slotCount, i, si;
-
-    /* allocate target slot info strings */
-    slotCount = 0;
-    if (module->slotCount) {
-	for (i=0; i < module->slotCount; i++) {
-	    if (module->slots[i]->defaultFlags !=0) {
-		slotCount++;
-	    }
-	}
-    } else {
-	slotCount = module->slotInfoCount;
-    }
-
-    slotStrings = (char **)PORT_ZAlloc(slotCount*sizeof(char *));
-    if (slotStrings == NULL) {
-	goto loser;
-    }
-
-
-    /* build the slot info strings */
-    if (module->slotCount) {
-	for (i=0, si= 0; i < module->slotCount; i++) {
-	    if (module->slots[i]->defaultFlags) {
-		PORT_Assert(si < slotCount);
-		if (si >= slotCount) break;
-		slotStrings[si] = pk11_mkSlotString(module->slots[i]->slotID,
-			module->slots[i]->defaultFlags,
-			module->slots[i]->timeout,
-			module->slots[i]->askpw,
-			module->slots[i]->hasRootCerts,
-			module->slots[i]->hasRootTrust);
-		si++;
-	    }
-	}
-     } else {
-	for (i=0; i < slotCount; i++) {
-		slotStrings[i] = pk11_mkSlotString(module->slotInfo[i].slotID,
-			module->slotInfo[i].defaultFlags,
-			module->slotInfo[i].timeout,
-			module->slotInfo[i].askpw,
-			module->slotInfo[i].hasRootCerts,
-			module->slotInfo[i].hasRootTrust);
-	}
-    }
-
-    nss = pk11_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS,
-	module->isModuleDB, module->moduleDBOnly, module->isCritical,
-	module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]);
-    modSpec= pk11_mkNewModuleSpec(module->dllName,module->commonName,
-						module->libraryParams,nss);
-    PORT_Free(slotStrings);
-    PR_smprintf_free(nss);
-loser:
-    return (modSpec);
-}
-    
-
-char **
-SECMOD_GetModuleSpecList(SECMODModule *module)
-{
-    SECMODModuleDBFunc func = (SECMODModuleDBFunc) module->moduleDBFunc;
-    if (func) {
-	return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
-		module->libraryParams,NULL);
-    }
-    return NULL;
-}
-
-SECStatus
-SECMOD_AddPermDB(SECMODModule *module)
-{
-    SECMODModuleDBFunc func;
-    char *moduleSpec;
-    char **retString;
-
-    if (module->parent == NULL) return SECFailure;
-
-    func  = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
-    if (func) {
-	moduleSpec = pk11_mkModuleSpec(module);
-	retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD,
-		module->parent->libraryParams,moduleSpec);
-	PORT_Free(moduleSpec);
-	if (retString != NULL) return SECSuccess;
-    }
-    return SECFailure;
-}
-
-SECStatus
-SECMOD_DeletePermDB(SECMODModule *module)
-{
-    SECMODModuleDBFunc func;
-    char *moduleSpec;
-    char **retString;
-
-    if (module->parent == NULL) return SECFailure;
-
-    func  = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
-    if (func) {
-	moduleSpec = pk11_mkModuleSpec(module);
-	retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL,
-		module->parent->libraryParams,moduleSpec);
-	PORT_Free(moduleSpec);
-	if (retString != NULL) return SECSuccess;
-    }
-    return SECFailure;
-}
-
-SECStatus
-SECMOD_FreeModuleSpecList(SECMODModule *module, char **moduleSpecList)
-{
-    SECMODModuleDBFunc func = (SECMODModuleDBFunc) module->moduleDBFunc;
-    char **retString;
-    if (func) {
-	retString = (*func)(SECMOD_MODULE_DB_FUNCTION_RELEASE,
-		module->libraryParams,moduleSpecList);
-	if (retString != NULL) return SECSuccess;
-    }
-    return SECFailure;
-}
-
-/*
- * load a PKCS#11 module but do not add it to the default NSS trust domain
- */
-SECMODModule *
-SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
-{
-    char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL;
-    SECStatus status;
-    SECMODModule *module = NULL;
-    SECStatus rv;
-
-    /* initialize the underlying module structures */
-    SECMOD_Init();
-
-    status = pk11_argParseModuleSpec(modulespec, &library, &moduleName, 
-							&parameters, &nss);
-    if (status != SECSuccess) {
-	goto loser;
-    }
-
-    module = SECMOD_CreateModule(library, moduleName, parameters, nss);
-    if (library) PORT_Free(library);
-    if (moduleName) PORT_Free(moduleName);
-    if (parameters) PORT_Free(parameters);
-    if (nss) PORT_Free(nss);
-
-    /* load it */
-    rv = SECMOD_LoadPKCS11Module(module);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    if (recurse && module->isModuleDB) {
-	char ** moduleSpecList;
-	char **index;
-
-	moduleSpecList = SECMOD_GetModuleSpecList(module);
-
-	for (index = moduleSpecList; index && *index; index++) {
-	    SECMODModule *child;
-	    child = SECMOD_LoadModule(*index,module,PR_TRUE);
-	    if (!child) break;
-	    if (child->isCritical && !child->loaded) {
-		rv = SECFailure;
-		SECMOD_DestroyModule(child);
-		break;
-	    }
-	    SECMOD_DestroyModule(child);
-	}
-
-	SECMOD_FreeModuleSpecList(module,moduleSpecList);
-    }
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    if (parent) {
-    	module->parent = SECMOD_ReferenceModule(parent);
-    }
-
-    /* inherit the reference */
-    if (!module->moduleDBOnly) {
-	SECMOD_AddModuleToList(module);
-    } else {
-	SECMOD_AddModuleToDBOnlyList(module);
-    }
-   
-    /* handle any additional work here */
-    return module;
-
-loser:
-    if (module) {
-	if (module->loaded) {
-	    SECMOD_UnloadModule(module);
-	}
-	SECMOD_AddModuleToUnloadList(module);
-    }
-    return module;
-}
-
-/*
- * load a PKCS#11 module and add it to the default NSS trust domain
- */
-SECMODModule *
-SECMOD_LoadUserModule(char *modulespec,SECMODModule *parent, PRBool recurse)
-{
-    SECStatus rv = SECSuccess;
-    SECMODModule * newmod = SECMOD_LoadModule(modulespec, parent, recurse);
-    if (newmod) {
-        rv = STAN_AddModuleToDefaultTrustDomain(newmod);
-        if (SECSuccess != rv) {
-            SECMOD_DestroyModule(newmod);
-            return NULL;
-        }
-    }
-    return newmod;
-}
-
-/*
- * remove the PKCS#11 module from the default NSS trust domain, call
- * C_Finalize, and destroy the module structure
- */
-SECStatus SECMOD_UnloadUserModule(SECMODModule *mod)
-{
-    SECStatus rv = SECSuccess;
-    int atype = 0;
-    if (!mod) {
-        return SECFailure;
-    }
-    rv = STAN_RemoveModuleFromDefaultTrustDomain(mod);
-    if (SECSuccess != rv) {
-        return SECFailure;
-    }
-    return SECMOD_DeleteModuleEx(NULL, mod, &atype, PR_FALSE);
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pbe.c b/security/nss/lib/pk11wrap/pk11pbe.c
deleted file mode 100644
index 5d828dba3..000000000
--- a/security/nss/lib/pk11wrap/pk11pbe.c
+++ /dev/null
@@ -1,686 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "hasht.h"
-#include "pkcs11t.h"
-#include "sechash.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "secerr.h"
-#include "secmod.h"
-#include "pk11func.h"
-#include "secpkcs5.h"
-
-typedef struct SEC_PKCS5PBEParameterStr SEC_PKCS5PBEParameter;
-struct SEC_PKCS5PBEParameterStr {
-    PRArenaPool *poolp;
-    SECItem     salt;           /* octet string */
-    SECItem     iteration;      /* integer */
-};
-
-
-/* template for PKCS 5 PBE Parameter.  This template has been expanded
- * based upon the additions in PKCS 12.  This should eventually be moved
- * if RSA updates PKCS 5.
- */
-const SEC_ASN1Template SEC_PKCS5PBEParameterTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(SEC_PKCS5PBEParameter) },
-    { SEC_ASN1_OCTET_STRING, 
-	offsetof(SEC_PKCS5PBEParameter, salt) },
-    { SEC_ASN1_INTEGER,
-	offsetof(SEC_PKCS5PBEParameter, iteration) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_V2PKCS12PBEParameterTemplate[] =
-{   
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
-    { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS5PBEParameter, salt) },
-    { SEC_ASN1_INTEGER, offsetof(SEC_PKCS5PBEParameter, iteration) },
-    { 0 }
-};
-
-/* maps crypto algorithm from PBE algorithm.
- */
-SECOidTag 
-SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid)
-{
-
-    SECOidTag algorithm;
-
-    if(algid == NULL)
-	return SEC_OID_UNKNOWN;
-
-    algorithm = SECOID_GetAlgorithmTag(algid);
-    switch(algorithm)
-    {
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
-	    return SEC_OID_DES_EDE3_CBC;
-	case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
-	case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
-	case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
-	    return SEC_OID_DES_CBC;
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	    return SEC_OID_RC2_CBC;
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
-	    return SEC_OID_RC4;
-	default:
-	    break;
-    }
-
-    return SEC_OID_UNKNOWN;
-}
-
-/* check to see if an oid is a pbe algorithm
- */ 
-PRBool 
-SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid)
-{
-    return (PRBool)(SEC_PKCS5GetCryptoAlgorithm(algid) != SEC_OID_UNKNOWN);
-}
-
-/* maps PBE algorithm from crypto algorithm, assumes SHA1 hashing.
- */
-SECOidTag 
-SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen)
-{
-    switch(algTag)
-    {
-	case SEC_OID_DES_EDE3_CBC:
-	    switch(keyLen) {
-		case 168:
-		case 192:
-		    return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
-		case 128:
-		case 92:
-		    return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC;
-		default:
-		    break;
-	    }
-	    break;
-	case SEC_OID_DES_CBC:
-	    return SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
-	case SEC_OID_RC2_CBC:
-	    switch(keyLen) {
-		case 40:
-		    return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
-		case 128:
-		    return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
-		default:
-		    break;
-	    }
-	    break;
-	case SEC_OID_RC4:
-	    switch(keyLen) {
-		case 40:
-		    return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4;
-		case 128:
-		    return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4;
-		default:
-		    break;
-	    }
-	    break;
-	default:
-	    break;
-    }
-
-    return SEC_OID_UNKNOWN;
-}
-
-
-/* get the key length needed for the PBE algorithm
- */
-
-int 
-SEC_PKCS5GetKeyLength(SECAlgorithmID *algid)
-{
-
-    SECOidTag algorithm;
-
-    if(algid == NULL)
-	return SEC_OID_UNKNOWN;
-
-    algorithm = SECOID_GetAlgorithmTag(algid);
-
-    switch(algorithm)
-    {
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
-	    return 24;
-	case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
-	case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
-	case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
-	    return 8;
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	    return 5;
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	    return 16;
-	default:
-	    break;
-    }
-    return -1;
-}
-
-
-/* the V2 algorithms only encode the salt, there is no iteration
- * count so we need a check for V2 algorithm parameters.
- */
-static PRBool
-sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(SECOidTag algorithm)
-{
-    switch(algorithm) 
-    {
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	    return PR_TRUE;
-	default:
-	    break;
-    }
-
-    return PR_FALSE;
-}
-/* destroy a pbe parameter.  it assumes that the parameter was 
- * generated using the appropriate create function and therefor
- * contains an arena pool.
- */
-static void 
-sec_pkcs5_destroy_pbe_param(SEC_PKCS5PBEParameter *pbe_param)
-{
-    if(pbe_param != NULL)
-	PORT_FreeArena(pbe_param->poolp, PR_TRUE);
-}
-
-/* creates a PBE parameter based on the PBE algorithm.  the only required
- * parameters are algorithm and interation.  the return is a PBE parameter
- * which conforms to PKCS 5 parameter unless an extended parameter is needed.
- * this is primarily if keyLen and a variable key length algorithm are
- * specified.
- *   salt -  if null, a salt will be generated from random bytes.
- *   iteration - number of iterations to perform hashing.
- *   keyLen - only used in variable key length algorithms
- *   iv - if null, the IV will be generated based on PKCS 5 when needed.
- *   params - optional, currently unsupported additional parameters.
- * once a parameter is allocated, it should be destroyed calling 
- * sec_pkcs5_destroy_pbe_parameter or SEC_PKCS5DestroyPBEParameter.
- */
-#define DEFAULT_SALT_LENGTH 16
-static SEC_PKCS5PBEParameter *
-sec_pkcs5_create_pbe_parameter(SECOidTag algorithm, 
-			SECItem *salt, 
-			int iteration)
-{
-    PRArenaPool *poolp = NULL;
-    SEC_PKCS5PBEParameter *pbe_param = NULL;
-    SECStatus rv= SECSuccess; 
-    void *dummy = NULL;
-
-    if(iteration < 0) {
-	return NULL;
-    }
-
-    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(poolp == NULL)
-	return NULL;
-
-    pbe_param = (SEC_PKCS5PBEParameter *)PORT_ArenaZAlloc(poolp,
-	sizeof(SEC_PKCS5PBEParameter));
-    if(!pbe_param) {
-	PORT_FreeArena(poolp, PR_TRUE);
-	return NULL;
-    }
-
-    pbe_param->poolp = poolp;
-
-    rv = SECFailure;
-    if (salt && salt->data) {
-    	rv = SECITEM_CopyItem(poolp, &pbe_param->salt, salt);
-    } else {
-	/* sigh, the old interface generated salt on the fly, so we have to
-	 * preserve the semantics */
-	pbe_param->salt.len = DEFAULT_SALT_LENGTH;
-	pbe_param->salt.data = PORT_ArenaZAlloc(poolp,DEFAULT_SALT_LENGTH);
-	if (pbe_param->salt.data) {
-	   rv = PK11_GenerateRandom(pbe_param->salt.data,DEFAULT_SALT_LENGTH);
-	}
-    }
-
-    if(rv != SECSuccess) {
-	PORT_FreeArena(poolp, PR_TRUE);
-	return NULL;
-    }
-
-    /* encode the integer */
-    dummy = SEC_ASN1EncodeInteger(poolp, &pbe_param->iteration, 
-		iteration);
-    rv = (dummy) ? SECSuccess : SECFailure;
-
-    if(rv != SECSuccess) {
-	PORT_FreeArena(poolp, PR_FALSE);
-	return NULL;
-    }
-
-    return pbe_param;
-}
-
-/* creates a algorithm ID containing the PBE algorithm and appropriate
- * parameters.  the required parameter is the algorithm.  if salt is
- * not specified, it is generated randomly.  if IV is specified, it overrides
- * the PKCS 5 generation of the IV.  
- *
- * the returned SECAlgorithmID should be destroyed using 
- * SECOID_DestroyAlgorithmID
- */
-SECAlgorithmID *
-SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm, 
-			   SECItem *salt, 
-			   int iteration)
-{
-    PRArenaPool *poolp = NULL;
-    SECAlgorithmID *algid, *ret_algid;
-    SECItem der_param;
-    SECStatus rv = SECFailure;
-    SEC_PKCS5PBEParameter *pbe_param;
-
-    if(iteration <= 0) {
-	return NULL;
-    }
-
-    der_param.data = NULL;
-    der_param.len = 0;
-
-    /* generate the parameter */
-    pbe_param = sec_pkcs5_create_pbe_parameter(algorithm, salt, iteration);
-    if(!pbe_param) {
-	return NULL;
-    }
-
-    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(!poolp) {
-	sec_pkcs5_destroy_pbe_param(pbe_param);
-	return NULL;
-    }
-
-    /* generate the algorithm id */
-    algid = (SECAlgorithmID *)PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
-    if(algid != NULL) {
-	void *dummy;
-	if(!sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
-	    dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
-					SEC_PKCS5PBEParameterTemplate);
-	} else {
-	    dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
-	    				SEC_V2PKCS12PBEParameterTemplate);
-	}
-	
-	if(dummy) {
-	    rv = SECOID_SetAlgorithmID(poolp, algid, algorithm, &der_param);
-	}
-    }
-
-    ret_algid = NULL;
-    if(algid != NULL) {
-	ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
-	if(ret_algid != NULL) {
-	    rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
-	    if(rv != SECSuccess) {
-		SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
-		ret_algid = NULL;
-	    }
-	}
-    }
-	
-    if(poolp != NULL) {
-	PORT_FreeArena(poolp, PR_TRUE);
-	algid = NULL;
-    }
-
-    sec_pkcs5_destroy_pbe_param(pbe_param);
-
-    return ret_algid;
-}
-
-SECStatus
-pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech)
-{
-    CK_PBE_PARAMS *pbe_params = NULL;
-    SEC_PKCS5PBEParameter p5_param;
-    SECItem *salt = NULL;
-    SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
-    PRArenaPool *arena = NULL;
-    SECStatus rv = SECFailure;
-    int iv_len;
-    
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (arena == NULL) {
-	goto loser;
-    }
-    iv_len = PK11_GetIVLength(PK11_AlgtagToMechanism(algorithm));
-    if (iv_len < 0) {
-	goto loser;
-    }
-
-    if (sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
-        rv = SEC_ASN1DecodeItem(arena, &p5_param,
-			 SEC_V2PKCS12PBEParameterTemplate, &algid->parameters);
-    } else {
-        rv = SEC_ASN1DecodeItem(arena,&p5_param,SEC_PKCS5PBEParameterTemplate, 
-						&algid->parameters);
-    }
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-        
-    salt = &p5_param.salt;
-
-    pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS)+
-						salt->len+iv_len);
-    if (pbe_params == NULL) {
-	goto loser;
-    }
-
-    /* get salt */
-    pbe_params->pSalt = ((CK_CHAR_PTR) pbe_params)+sizeof(CK_PBE_PARAMS);
-    if (iv_len) {
-	pbe_params->pInitVector = ((CK_CHAR_PTR) pbe_params)+
-					sizeof(CK_PBE_PARAMS)+salt->len;
-    }
-    PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
-    pbe_params->ulSaltLen = (CK_ULONG) salt->len;
-
-    /* get iteration count */
-    pbe_params->ulIteration = (CK_ULONG) DER_GetInteger(&p5_param.iteration);
-
-    /* copy into the mechanism sec item */
-    mech->data = (unsigned char *)pbe_params;
-    mech->len = sizeof(*pbe_params);
-    if (arena) {
-	PORT_FreeArena(arena,PR_TRUE);
-    }
-    return SECSuccess;
-
-loser:
-    if (pbe_params) {
-	PORT_Free(pbe_params);
-    }
-    if (arena) {
-	PORT_FreeArena(arena,PR_TRUE);
-    }
-    return SECFailure;
-}
-
-SECStatus
-PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, PRArenaPool *arena, 
-		     SECAlgorithmID *algId)
-{
-    CK_PBE_PARAMS *pbe_param;
-    SECItem pbeSalt;
-    SECAlgorithmID *pbeAlgID = NULL;
-    SECStatus rv;
-
-    if(!param || !algId) {
-	return SECFailure;
-    }
-
-    pbe_param = (CK_PBE_PARAMS *)param->data;
-    pbeSalt.data = (unsigned char *)pbe_param->pSalt;
-    pbeSalt.len = pbe_param->ulSaltLen;
-    pbeAlgID = SEC_PKCS5CreateAlgorithmID(algTag, &pbeSalt, 
-					  (int)pbe_param->ulIteration);
-    if(!pbeAlgID) {
-	return SECFailure;
-    }
-
-    rv = SECOID_CopyAlgorithmID(arena, algId, pbeAlgID);
-    SECOID_DestroyAlgorithmID(pbeAlgID, PR_TRUE);
-    return rv;
-}
-
-PBEBitGenContext *
-PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
-	SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
-	unsigned int iterations)
-{
-    SECItem *context = NULL;
-    SECItem mechItem;
-    CK_PBE_PARAMS pbe_params;
-    CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;
-    PK11SlotInfo *slot;
-    PK11SymKey *symKey = NULL;
-    unsigned char ivData[8];
-    
-
-    /* use the purpose to select the low level keygen algorithm */
-    switch (bitGenPurpose) {
-    case pbeBitGenIntegrityKey:
-	switch (hashAlgorithm) {
-	case SEC_OID_SHA1:
-	    mechanism = CKM_PBA_SHA1_WITH_SHA1_HMAC;
-	    break;
-	case SEC_OID_MD2:
-	    mechanism = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
-	    break;
-	case SEC_OID_MD5:
-	    mechanism = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
-	    break;
-	default:
-	    break;
-	}
-	break;
-    case pbeBitGenCipherIV:
-	if (bitsNeeded > 64) {
-	    break;
-	}
-	if (hashAlgorithm != SEC_OID_SHA1) {
-	    break;
-	}
-	mechanism = CKM_PBE_SHA1_DES3_EDE_CBC;
-    case pbeBitGenCipherKey:
-	if (hashAlgorithm != SEC_OID_SHA1) {
-	    break;
-	}
-	switch (bitsNeeded) {
-	case 40:
-	    mechanism = CKM_PBE_SHA1_RC4_40;
-	    break;
-	case 128:
-	    mechanism = CKM_PBE_SHA1_RC4_128;
-	    break;
-	default:
-	    break;
-	}
-    case pbeBitGenIDNull:
-	break;
-    }
-
-    if (mechanism == CKM_INVALID_MECHANISM) {
-	/* we should set an error, but this is a depricated function, and
-	 * we are keeping bug for bug compatibility;)... */
-	    return NULL;
-    } 
-
-    pbe_params.pInitVector = ivData;
-    pbe_params.pPassword = pwitem->data;
-    pbe_params.ulPasswordLen = pwitem->len;
-    pbe_params.pSalt = salt->data;
-    pbe_params.ulSaltLen = salt->len;
-    pbe_params.ulIteration = iterations;
-    mechItem.data = (unsigned char *) &pbe_params;
-    mechItem.len = sizeof(pbe_params);
-
-
-    slot = PK11_GetInternalSlot();
-    symKey = PK11_RawPBEKeyGen(slot,mechanism,
-					&mechItem, pwitem, PR_FALSE, NULL);
-    PK11_FreeSlot(slot);
-    if (symKey != NULL) {
-	if (bitGenPurpose == pbeBitGenCipherIV) {
-	    /* NOTE: this assumes that bitsNeeded is a multiple of 8! */
-	    SECItem ivItem;
-
-	    ivItem.data = ivData;
-	    ivItem.len = bitsNeeded/8;
-	    context = SECITEM_DupItem(&ivItem);
-	} else {
-	    SECItem *keyData;
-	    PK11_ExtractKeyValue(symKey);
-	    keyData = PK11_GetKeyData(symKey);
-
-	    /* assert bitsNeeded with length? */
-	    if (keyData) {
-	    	context = SECITEM_DupItem(keyData);
-	    }
-	}
-	PK11_FreeSymKey(symKey);
-    }
-
-    return (PBEBitGenContext *)context;
-}
-
-SECItem *
-PBE_GenerateBits(PBEBitGenContext *context)
-{
-    return (SECItem *)context;
-}
-
-void
-PBE_DestroyContext(PBEBitGenContext *context)
-{
-    SECITEM_FreeItem((SECItem *)context,PR_TRUE);
-}
-
-SECItem *
-SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES)
-{
-    SECItem mechItem;
-    SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
-    CK_PBE_PARAMS *pbe_params;
-    CK_MECHANISM_TYPE mechanism;
-    SECItem *iv = NULL;
-    SECStatus rv;
-    int iv_len;
-    PK11SlotInfo *slot;
-    PK11SymKey *symKey;
-
-    rv = pbe_PK11AlgidToParam(algid,&mechItem);
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-
-    mechanism = PK11_AlgtagToMechanism(algorithm);
-    iv_len = PK11_GetIVLength(mechanism);
-    pbe_params = (CK_PBE_PARAMS_PTR)mechItem.data;
-
-    slot = PK11_GetInternalSlot();
-    symKey = PK11_RawPBEKeyGen(slot,mechanism,
-					&mechItem, pwitem, faulty3DES,NULL);
-    PK11_FreeSlot(slot);
-
-    if (symKey) {
-	SECItem tmp;
-
-	tmp.data = pbe_params->pInitVector;
-	tmp.len = iv_len;
-	iv = SECITEM_DupItem(&tmp);
-        PK11_FreeSymKey(symKey);
-    }
-
-    if (mechItem.data) {
-	PORT_ZFree(mechItem.data,mechItem.len);
-    }
-
-    return iv;
-}
-
-/*
- * Subs from nss 3.x that are depricated
- */
-PBEBitGenContext *
-__PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
-	SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
-	unsigned int iterations)
-{
-    PORT_Assert("__PBE_CreateContext is Depricated" == NULL);
-    return NULL;
-}
-
-SECItem *
-__PBE_GenerateBits(PBEBitGenContext *context)
-{
-    PORT_Assert("__PBE_GenerateBits is Depricated" == NULL);
-    return NULL;
-}
-
-void
-__PBE_DestroyContext(PBEBitGenContext *context)
-{
-    PORT_Assert("__PBE_DestroyContext is Depricated" == NULL);
-}
-
-SECStatus
-RSA_FormatBlock(SECItem *result, unsigned modulusLen,
-                int blockType, SECItem *data)
-{
-    PORT_Assert("RSA_FormatBlock is Depricated" == NULL);
-    return SECFailure;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pk12.c b/security/nss/lib/pk11wrap/pk11pk12.c
deleted file mode 100644
index 991edba57..000000000
--- a/security/nss/lib/pk11wrap/pk11pk12.c
+++ /dev/null
@@ -1,550 +0,0 @@
-
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file PKCS #12 fuctions that should really be moved to the
- * PKCS #12 directory, however we can't do that in a point release
- * because that will break binary compatibility, so we keep them here for now.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-
-
-/* These data structures should move to a common .h file shared between the
- * wrappers and the pkcs 12 code. */
-
-/*
-** RSA Raw Private Key structures
-*/
-
-/* member names from PKCS#1, section 7.2 */
-struct SECKEYRSAPrivateKeyStr {
-    PRArenaPool * arena;
-    SECItem version;
-    SECItem modulus;
-    SECItem publicExponent;
-    SECItem privateExponent;
-    SECItem prime1;
-    SECItem prime2;
-    SECItem exponent1;
-    SECItem exponent2;
-    SECItem coefficient;
-};
-typedef struct SECKEYRSAPrivateKeyStr SECKEYRSAPrivateKey;
-
-
-/*
-** DSA Raw Private Key structures
-*/
-
-struct SECKEYDSAPrivateKeyStr {
-    SECKEYPQGParams params;
-    SECItem privateValue;
-};
-typedef struct SECKEYDSAPrivateKeyStr SECKEYDSAPrivateKey;
-
-/*
-** Diffie-Hellman Raw Private Key structures
-** Structure member names suggested by PKCS#3.
-*/
-struct SECKEYDHPrivateKeyStr {
-    PRArenaPool * arena;
-    SECItem prime;
-    SECItem base;
-    SECItem privateValue;
-};
-typedef struct SECKEYDHPrivateKeyStr SECKEYDHPrivateKey;
-
-/*
-** raw private key object
-*/
-struct SECKEYRawPrivateKeyStr {
-    PLArenaPool *arena;
-    KeyType keyType;
-    union {
-        SECKEYRSAPrivateKey rsa;
-        SECKEYDSAPrivateKey dsa;
-        SECKEYDHPrivateKey  dh;
-    } u;
-};
-typedef struct SECKEYRawPrivateKeyStr SECKEYRawPrivateKey;
-
-
-/* ASN1 Templates for new decoder/encoder */
-/*
- * Attribute value for PKCS8 entries (static?)
- */
-const SEC_ASN1Template SECKEY_AttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-        0, NULL, sizeof(SECKEYAttribute) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SECKEYAttribute, attrType) },
-    { SEC_ASN1_SET_OF, offsetof(SECKEYAttribute, attrValue),
-        SEC_AnyTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SECKEY_SetOfAttributeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SECKEY_AttributeTemplate },
-};
-
-const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPrivateKeyInfo) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYPrivateKeyInfo,version) },
-    { SEC_ASN1_INLINE, offsetof(SECKEYPrivateKeyInfo,algorithm),
-        SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPrivateKeyInfo,privateKey) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-        offsetof(SECKEYPrivateKeyInfo,attributes),
-        SECKEY_SetOfAttributeTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SECKEY_PrivateKeyInfoTemplate }
-};
-
-const SEC_ASN1Template SECKEY_RSAPrivateKeyExportTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRawPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.version) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.modulus) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.publicExponent) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.privateExponent) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.prime1) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.prime2) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.exponent1) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.exponent2) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.coefficient) },
-    { 0 }
-};
-
-const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template SECKEY_DHPrivateKeyExportTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.privateValue) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.base) },
-    { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.prime) },
-};
-
-const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-        0, NULL, sizeof(SECKEYEncryptedPrivateKeyInfo) },
-    { SEC_ASN1_INLINE,
-        offsetof(SECKEYEncryptedPrivateKeyInfo,algorithm),
-        SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-        offsetof(SECKEYEncryptedPrivateKeyInfo,encryptedData) },
-    { 0 }
-};
-
-const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[] = {
-        { SEC_ASN1_POINTER, 0, SECKEY_EncryptedPrivateKeyInfoTemplate }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_EncryptedPrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToPrivateKeyInfoTemplate)
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-static void
-prepare_rsa_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
-{
-    key->u.rsa.modulus.type = siUnsignedInteger;
-    key->u.rsa.publicExponent.type = siUnsignedInteger;
-    key->u.rsa.privateExponent.type = siUnsignedInteger;
-    key->u.rsa.prime1.type = siUnsignedInteger;
-    key->u.rsa.prime2.type = siUnsignedInteger;
-    key->u.rsa.exponent1.type = siUnsignedInteger;
-    key->u.rsa.exponent2.type = siUnsignedInteger;
-    key->u.rsa.coefficient.type = siUnsignedInteger;
-}
-
-static void
-prepare_dsa_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
-{
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-    key->u.dsa.params.prime.type = siUnsignedInteger;
-    key->u.dsa.params.subPrime.type = siUnsignedInteger;
-    key->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-static void
-prepare_dh_priv_key_export_for_asn1(SECKEYRawPrivateKey *key)
-{
-    key->u.dh.privateValue.type = siUnsignedInteger;
-    key->u.dh.prime.type = siUnsignedInteger;
-    key->u.dh.base.type = siUnsignedInteger;
-}
-
-
-SECStatus
-PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot, SECItem *derPKI, 
-	SECItem *nickname, SECItem *publicValue, PRBool isPerm, 
-	PRBool isPrivate, unsigned int keyUsage, void *wincx) 
-{
-    return PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, derPKI,
-	nickname, publicValue, isPerm, isPrivate, keyUsage, NULL, wincx);
-}
-
-SECStatus
-PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI, 
-	SECItem *nickname, SECItem *publicValue, PRBool isPerm, 
-	PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey** privk,
-	void *wincx) 
-{
-    SECKEYPrivateKeyInfo *pki = NULL;
-    PRArenaPool *temparena = NULL;
-    SECStatus rv = SECFailure;
-
-    temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo);
-    pki->arena = temparena;
-
-    rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
-		derPKI);
-    if( rv != SECSuccess ) {
-	goto finish;
-    }
-
-    rv = PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
-		publicValue, isPerm, isPrivate, keyUsage, privk, wincx);
-
-finish:
-    if( pki != NULL ) {
-	/* this zeroes the key and frees the arena */
-	SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
-    }
-    return rv;
-}
-        
-SECStatus
-PK11_ImportAndReturnPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk, 
-	SECItem *nickname, SECItem *publicValue, PRBool isPerm, 
-	PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey **privk,
-	void *wincx) 
-{
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
-    CK_KEY_TYPE keyType = CKK_RSA;
-    CK_OBJECT_HANDLE objectID;
-    CK_ATTRIBUTE theTemplate[20];
-    int templateCount = 0;
-    SECStatus rv = SECFailure;
-    PRArenaPool *arena;
-    CK_ATTRIBUTE *attrs;
-    CK_ATTRIBUTE *signedattr = NULL;
-    int signedcount = 0;
-    CK_ATTRIBUTE *ap;
-    SECItem *ck_id = NULL;
-
-    arena = PORT_NewArena(2048);
-    if(!arena) {
-	return SECFailure;
-    }
-
-    attrs = theTemplate;
-
-
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, isPerm ? &cktrue : &ckfalse, 
-						sizeof(CK_BBOOL) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_SENSITIVE, isPrivate ? &cktrue : &ckfalse, 
-						sizeof(CK_BBOOL) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_PRIVATE, isPrivate ? &cktrue : &ckfalse,
-						 sizeof(CK_BBOOL) ); attrs++;
-
-    switch (lpk->keyType) {
-    case rsaKey:
-	    PK11_SETATTRS(attrs, CKA_UNWRAP, (keyUsage & KU_KEY_ENCIPHERMENT) ?
-				&cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
-	    PK11_SETATTRS(attrs, CKA_DECRYPT, (keyUsage & KU_DATA_ENCIPHERMENT) ?
-				&cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
-	    PK11_SETATTRS(attrs, CKA_SIGN, (keyUsage & KU_DIGITAL_SIGNATURE) ? 
-				&cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
-	    PK11_SETATTRS(attrs, CKA_SIGN_RECOVER, 
-				(keyUsage & KU_DIGITAL_SIGNATURE) ? 
-				&cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
-	    ck_id = PK11_MakeIDFromPubKey(&lpk->u.rsa.modulus);
-	    if (ck_id == NULL) {
-		goto loser;
-	    }
-	    PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
-	    if (nickname) {
-		PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len); attrs++; 
-	    } 
-	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_MODULUS, lpk->u.rsa.modulus.data,
-						lpk->u.rsa.modulus.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, 
-	     			lpk->u.rsa.publicExponent.data,
-				lpk->u.rsa.publicExponent.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_PRIVATE_EXPONENT, 
-	     			lpk->u.rsa.privateExponent.data,
-				lpk->u.rsa.privateExponent.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_PRIME_1, 
-	     			lpk->u.rsa.prime1.data,
-				lpk->u.rsa.prime1.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_PRIME_2, 
-	     			lpk->u.rsa.prime2.data,
-				lpk->u.rsa.prime2.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_EXPONENT_1, 
-	     			lpk->u.rsa.exponent1.data,
-				lpk->u.rsa.exponent1.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_EXPONENT_2, 
-	     			lpk->u.rsa.exponent2.data,
-				lpk->u.rsa.exponent2.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_COEFFICIENT, 
-	     			lpk->u.rsa.coefficient.data,
-				lpk->u.rsa.coefficient.len); attrs++;
-	    break;
-    case dsaKey:
-	    /* To make our intenal PKCS #11 module work correctly with 
-	     * our database, we need to pass in the public key value for 
-	     * this dsa key. We have a netscape only CKA_ value to do this.
-	     * Only send it to internal slots */
-	    if( publicValue == NULL ) {
-		goto loser;
-	    }
-	    if (PK11_IsInternal(slot)) {
-	        PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
-				publicValue->data, publicValue->len); attrs++;
-	    }
-	    PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(CK_BBOOL)); attrs++;
-	    PK11_SETATTRS(attrs, CKA_SIGN_RECOVER, &cktrue, sizeof(CK_BBOOL)); attrs++;
-	    if(nickname) {
-		PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
-		attrs++; 
-	    } 
-	    ck_id = PK11_MakeIDFromPubKey(publicValue);
-	    if (ck_id == NULL) {
-		goto loser;
-	    }
-	    PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
-	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_PRIME,    lpk->u.dsa.params.prime.data,
-				lpk->u.dsa.params.prime.len); attrs++;
-	    PK11_SETATTRS(attrs,CKA_SUBPRIME,lpk->u.dsa.params.subPrime.data,
-				lpk->u.dsa.params.subPrime.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_BASE,  lpk->u.dsa.params.base.data,
-					lpk->u.dsa.params.base.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VALUE,    lpk->u.dsa.privateValue.data, 
-					lpk->u.dsa.privateValue.len); attrs++;
-	    break;
-     case dhKey:
-	    /* To make our intenal PKCS #11 module work correctly with 
-	     * our database, we need to pass in the public key value for 
-	     * this dh key. We have a netscape only CKA_ value to do this.
-	     * Only send it to internal slots */
-	    if (PK11_IsInternal(slot)) {
-	        PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
-				publicValue->data, publicValue->len); attrs++;
-	    }
-	    PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL)); attrs++;
-	    if(nickname) {
-		PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
-		attrs++; 
-	    } 
-	    ck_id = PK11_MakeIDFromPubKey(publicValue);
-	    if (ck_id == NULL) {
-		goto loser;
-	    }
-	    PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
-	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_PRIME,    lpk->u.dh.prime.data,
-				lpk->u.dh.prime.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_BASE,  lpk->u.dh.base.data,
-					lpk->u.dh.base.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VALUE,    lpk->u.dh.privateValue.data, 
-					lpk->u.dh.privateValue.len); attrs++;
-	    break;
-	/* what about fortezza??? */
-    default:
-	    PORT_SetError(SEC_ERROR_BAD_KEY);
-	    goto loser;
-    }
-    templateCount = attrs - theTemplate;
-    PORT_Assert(templateCount <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
-    PORT_Assert(signedattr != NULL);
-    signedcount = attrs - signedattr;
-
-    for (ap=signedattr; signedcount; ap++, signedcount--) {
-	pk11_SignedToUnsigned(ap);
-    }
-
-    rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION,
-			theTemplate, templateCount, isPerm, &objectID);
-
-    /* create and return a SECKEYPrivateKey */
-    if( rv == SECSuccess && privk != NULL) {
-	*privk = PK11_MakePrivKey(slot, lpk->keyType, !isPerm, objectID, wincx);
-	if( *privk == NULL ) {
-	    rv = SECFailure;
-	}
-    }
-loser:
-    if (ck_id) {
-	SECITEM_ZfreeItem(ck_id, PR_TRUE);
-    }
-    return rv;
-}
-
-SECStatus
-PK11_ImportPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk, 
-	SECItem *nickname, SECItem *publicValue, PRBool isPerm, 
-	PRBool isPrivate, unsigned int keyUsage, void *wincx) 
-{
-    return PK11_ImportAndReturnPrivateKey(slot, lpk, nickname, publicValue,
-	isPerm, isPrivate, keyUsage, NULL, wincx);
-}
-
-SECStatus
-PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
-	SECKEYPrivateKeyInfo *pki, SECItem *nickname, SECItem *publicValue,
-	PRBool isPerm, PRBool isPrivate, unsigned int keyUsage,
-	SECKEYPrivateKey **privk, void *wincx) 
-{
-    CK_KEY_TYPE keyType = CKK_RSA;
-    SECStatus rv = SECFailure;
-    SECKEYRawPrivateKey *lpk = NULL;
-    const SEC_ASN1Template *keyTemplate, *paramTemplate;
-    void *paramDest = NULL;
-    PRArenaPool *arena;
-
-    arena = PORT_NewArena(2048);
-    if(!arena) {
-	return SECFailure;
-    }
-
-    /* need to change this to use RSA/DSA keys */
-    lpk = (SECKEYRawPrivateKey *)PORT_ArenaZAlloc(arena,
-						  sizeof(SECKEYRawPrivateKey));
-    if(lpk == NULL) {
-	goto loser;
-    }
-    lpk->arena = arena;
-
-    switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
-	case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	    prepare_rsa_priv_key_export_for_asn1(lpk);
-	    keyTemplate = SECKEY_RSAPrivateKeyExportTemplate;
-	    paramTemplate = NULL;
-	    paramDest = NULL;
-	    lpk->keyType = rsaKey;
-	    keyType = CKK_RSA;
-	    break;
-	case SEC_OID_ANSIX9_DSA_SIGNATURE:
-	    prepare_dsa_priv_key_export_for_asn1(lpk);
-	    keyTemplate = SECKEY_DSAPrivateKeyExportTemplate;
-	    paramTemplate = SECKEY_PQGParamsTemplate;
-	    paramDest = &(lpk->u.dsa.params);
-	    lpk->keyType = dsaKey;
-	    keyType = CKK_DSA;
-	    break;
-	case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-	    if(!publicValue) {
-		goto loser;
-	    }
-	    prepare_dh_priv_key_export_for_asn1(lpk);
-	    keyTemplate = SECKEY_DHPrivateKeyExportTemplate;
-	    paramTemplate = NULL;
-	    paramDest = NULL;
-	    lpk->keyType = dhKey;
-	    keyType = CKK_DH;
-	    break;
-
-	default:
-	    keyTemplate   = NULL;
-	    paramTemplate = NULL;
-	    paramDest     = NULL;
-	    break;
-    }
-
-    if(!keyTemplate) {
-	goto loser;
-    }
-
-    /* decode the private key and any algorithm parameters */
-    rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-    if(paramDest && paramTemplate) {
-	rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate, 
-				 &(pki->algorithm.parameters));
-	if(rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-
-    rv = PK11_ImportAndReturnPrivateKey(slot,lpk,nickname,publicValue, isPerm, 
-	isPrivate,  keyUsage, privk, wincx);
-
-
-loser:
-    if (lpk!= NULL) {
-	PORT_FreeArena(arena, PR_TRUE);
-    }
-
-    return rv;
-}
-
-SECStatus
-PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot, SECKEYPrivateKeyInfo *pki, 
-	SECItem *nickname, SECItem *publicValue, PRBool isPerm, 
-	PRBool isPrivate, unsigned int keyUsage, void *wincx) 
-{
-    return PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname,
-	publicValue, isPerm, isPrivate, keyUsage, NULL, wincx);
-
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pqg.c b/security/nss/lib/pk11wrap/pk11pqg.c
deleted file mode 100644
index f58fd60cb..000000000
--- a/security/nss/lib/pk11wrap/pk11pqg.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* Thse functions are stub functions which will get replaced with calls through
- * PKCS #11.
- */
-
-#include "pk11func.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pkcs11t.h"
-#include "pk11pqg.h"
-#include "secerr.h"
-
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j.  Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus
-PK11_PQG_ParamGenSeedLen( unsigned int j, unsigned int seedBytes,
-				 PQGParams **pParams, PQGVerify **pVfy)
-{
-    PK11SlotInfo *slot = NULL;
-    CK_ATTRIBUTE genTemplate[5];
-    CK_ATTRIBUTE *attrs = genTemplate;
-    int count = sizeof(genTemplate)/sizeof(genTemplate[0]);
-    CK_MECHANISM mechanism;
-    CK_OBJECT_HANDLE objectID = CK_INVALID_HANDLE;
-    CK_RV crv;
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_ATTRIBUTE pTemplate[] = {
-	{ CKA_PRIME, NULL, 0 },
-	{ CKA_SUBPRIME, NULL, 0 },
-	{ CKA_BASE, NULL, 0 },
-    };
-    CK_ATTRIBUTE vTemplate[] = {
-	{ CKA_NETSCAPE_PQG_COUNTER, NULL, 0 },
-	{ CKA_NETSCAPE_PQG_SEED, NULL, 0 },
-	{ CKA_NETSCAPE_PQG_H, NULL, 0 },
-    };
-    int pTemplateCount = sizeof(pTemplate)/sizeof(pTemplate[0]);
-    int vTemplateCount = sizeof(vTemplate)/sizeof(vTemplate[0]);
-    PRArenaPool *parena = NULL;
-    PRArenaPool *varena = NULL;
-    PQGParams *params = NULL;
-    PQGVerify *verify = NULL;
-    CK_ULONG primeBits = j;
-    CK_ULONG seedBits = seedBytes*8;
-
-    *pParams = NULL;
-    *pVfy =  NULL;
-
-    PK11_SETATTRS(attrs, CKA_PRIME_BITS,&primeBits,sizeof(primeBits)); attrs++;
-    if (seedBits != 0) {
-    	PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_SEED_BITS, 
-					&seedBits, sizeof(seedBits)); attrs++;
-    }
-    count = attrs - genTemplate;
-    PR_ASSERT(count <= sizeof(genTemplate)/sizeof(CK_ATTRIBUTE));
-
-    slot = PK11_GetInternalSlot();
-    if (slot == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    /* Initialize the Key Gen Mechanism */
-    mechanism.mechanism = CKM_DSA_PARAMETER_GEN;
-    mechanism.pParameter = NULL;
-    mechanism.ulParameterLen = 0;
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GenerateKey(slot->session,
-			 &mechanism, genTemplate, count, &objectID);
-    PK11_ExitSlotMonitor(slot);
-
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	goto loser;
-    }
-
-    parena = PORT_NewArena(60);
-    crv = PK11_GetAttributes(parena, slot, objectID, pTemplate, pTemplateCount);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	goto loser;
-    }
-
-
-    params = (PQGParams *)PORT_ArenaAlloc(parena,sizeof(PQGParams));
-    if (params == NULL) {
-	goto loser;
-    }
-
-    /* fill in Params */
-    params->arena = parena;
-    params->prime.data = pTemplate[0].pValue;
-    params->prime.len = pTemplate[0].ulValueLen;
-    params->subPrime.data = pTemplate[1].pValue;
-    params->subPrime.len = pTemplate[1].ulValueLen;
-    params->base.data = pTemplate[2].pValue;
-    params->base.len = pTemplate[2].ulValueLen;
-
-
-    varena = PORT_NewArena(60);
-    crv = PK11_GetAttributes(varena, slot, objectID, vTemplate, vTemplateCount);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	goto loser;
-    }
-
-
-    verify = (PQGVerify *)PORT_ArenaAlloc(varena,sizeof(PQGVerify));
-    if (verify == NULL) {
-	goto loser;
-    }
-    /* fill in Params */
-    verify->arena = varena;
-    verify->counter = (unsigned int)(*(CK_ULONG*)vTemplate[0].pValue);
-    verify->seed.data = vTemplate[1].pValue;
-    verify->seed.len = vTemplate[1].ulValueLen;
-    verify->h.data = vTemplate[2].pValue;
-    verify->h.len = vTemplate[2].ulValueLen;
-
-    PK11_DestroyObject(slot,objectID);
-    PK11_FreeSlot(slot);
-
-    *pParams = params;
-    *pVfy =  verify;
-
-    return SECSuccess;
-
-loser:
-    if (objectID != CK_INVALID_HANDLE) {
-	PK11_DestroyObject(slot,objectID);
-    }
-    if (parena != NULL) {
-	PORT_FreeArena(parena,PR_FALSE);
-    }
-    if (varena != NULL) {
-	PORT_FreeArena(varena,PR_FALSE);
-    }
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    return SECFailure;
-}
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P. 
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus
-PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
-    return PK11_PQG_ParamGenSeedLen(j, 0, pParams, pVfy);
-}
-
-/*  Test PQGParams for validity as DSS PQG values.
- *  If vfy is non-NULL, test PQGParams to make sure they were generated
- *       using the specified seed, counter, and h values.
- *
- *  Return value indicates whether Verification operation ran succesfully
- *  to completion, but does not indicate if PQGParams are valid or not.
- *  If return value is SECSuccess, then *pResult has these meanings:
- *       SECSuccess: PQGParams are valid.
- *       SECFailure: PQGParams are invalid.
- */
-
-extern SECStatus
-PK11_PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy, 
-							SECStatus *result)
-{
-    CK_ATTRIBUTE keyTempl[] = {
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_KEY_TYPE, NULL, 0 },
-	{ CKA_PRIME, NULL, 0 },
-	{ CKA_SUBPRIME, NULL, 0 },
-	{ CKA_BASE, NULL, 0 },
-	{ CKA_TOKEN, NULL, 0 },
-	{ CKA_NETSCAPE_PQG_COUNTER, NULL, 0 },
-	{ CKA_NETSCAPE_PQG_SEED, NULL, 0 },
-	{ CKA_NETSCAPE_PQG_H, NULL, 0 },
-    };
-    CK_ATTRIBUTE *attrs;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_OBJECT_CLASS class = CKO_KG_PARAMETERS;
-    CK_KEY_TYPE keyType = CKK_DSA;
-    SECStatus rv = SECSuccess;
-    PK11SlotInfo *slot;
-    int keyCount;
-    CK_OBJECT_HANDLE objectID;
-    CK_ULONG counter;
-    CK_RV crv;
-
-    attrs = keyTempl;
-    PK11_SETATTRS(attrs, CKA_CLASS, &class, sizeof(class)); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType)); attrs++;
-    PK11_SETATTRS(attrs, CKA_PRIME, params->prime.data, 
-						params->prime.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_SUBPRIME, params->subPrime.data, 
-						params->subPrime.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_BASE,params->base.data,params->base.len); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ckfalse, sizeof(ckfalse)); attrs++;
-    if (vfy) {
-	counter = vfy->counter;
-	PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_COUNTER, 
-			&counter, sizeof(counter)); attrs++;
-	PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_SEED, 
-			vfy->seed.data, vfy->seed.len); attrs++;
-	PK11_SETATTRS(attrs, CKA_NETSCAPE_PQG_H, 
-			vfy->h.data, vfy->h.len); attrs++;
-    }
-
-    keyCount = attrs - keyTempl;
-    PORT_Assert(keyCount <= sizeof(keyTempl)/sizeof(keyTempl[0]));
-
-
-    slot = PK11_GetInternalSlot();
-    if (slot == NULL) {
-	return SECFailure;
-    }
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_CreateObject(slot->session, keyTempl, keyCount, 
-								&objectID);
-    PK11_ExitSlotMonitor(slot);
-
-    /* throw away the keys, we only wanted the return code */
-    PK11_DestroyObject(slot,objectID);
-    PK11_FreeSlot(slot);
-
-    *result = SECSuccess;
-    if (crv == CKR_ATTRIBUTE_VALUE_INVALID) {
-	*result = SECFailure;
-    } else if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	rv = SECFailure;
-    }
-    return rv;
-
-}
-
-
-
-/**************************************************************************
- *  Free the PQGParams struct and the things it points to.                *
- **************************************************************************/
-extern void 
-PK11_PQG_DestroyParams(PQGParams *params) {
-     PQG_DestroyParams(params);
-     return;
-}
-
-/**************************************************************************
- *  Free the PQGVerify struct and the things it points to.                *
- **************************************************************************/
-extern void
-PK11_PQG_DestroyVerify(PQGVerify *vfy) {
-    PQG_DestroyVerify(vfy);
-    return;
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGParams *
-PK11_PQG_NewParams(const SECItem * prime, const SECItem * subPrime, 
-                                 		const SECItem * base) {
-    return PQG_NewParams(prime, subPrime, base);
-}
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus 
-PK11_PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime) {
-    return PQG_GetPrimeFromParams(params, prime);
-}
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime) {
-    return PQG_GetSubPrimeFromParams(params, subPrime);
-}
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
- **************************************************************************/
-extern SECStatus 
-PK11_PQG_GetBaseFromParams(const PQGParams *params, SECItem *base) {
-    return PQG_GetBaseFromParams(params, base);
-}
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGVerify *
-PK11_PQG_NewVerify(unsigned int counter, const SECItem * seed, 
-							const SECItem * h) {
-    return PQG_NewVerify(counter, seed, h);
-}
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int 
-PK11_PQG_GetCounterFromVerify(const PQGVerify *verify) {
-    return PQG_GetCounterFromVerify(verify);
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
- **************************************************************************/
-extern SECStatus 
-PK11_PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed) {
-    return PQG_GetSeedFromVerify(verify, seed);
-}
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
- **************************************************************************/
-extern SECStatus 
-PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h) {
-    return PQG_GetHFromVerify(verify, h);
-}
diff --git a/security/nss/lib/pk11wrap/pk11pqg.h b/security/nss/lib/pk11wrap/pk11pqg.h
deleted file mode 100644
index 389946ff1..000000000
--- a/security/nss/lib/pk11wrap/pk11pqg.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* Thse functions are stub functions which will get replaced with calls through
- * PKCS #11.
- */
-
-#ifndef _PK11PQG_H_
-#define  _PK11PQG_H_ 1
-
-#include "blapit.h"
-#include "pqgutil.h"
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P. 
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams, 
-							PQGVerify **pVfy);
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j.  Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus PK11_PQG_ParamGenSeedLen( unsigned int j, 
-	unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy);
-
-/*  Test PQGParams for validity as DSS PQG values.
- *  If vfy is non-NULL, test PQGParams to make sure they were generated
- *       using the specified seed, counter, and h values.
- *
- *  Return value indicates whether Verification operation ran succesfully
- *  to completion, but does not indicate if PQGParams are valid or not.
- *  If return value is SECSuccess, then *pResult has these meanings:
- *       SECSuccess: PQGParams are valid.
- *       SECFailure: PQGParams are invalid.
- *
- * Verify the following 12 facts about PQG counter SEED g and h
- * 1.  Q is 160 bits long.
- * 2.  P is one of the 9 valid lengths.
- * 3.  G < P
- * 4.  P % Q == 1
- * 5.  Q is prime
- * 6.  P is prime
- * Steps 7-12 are done only if the optional PQGVerify is supplied.
- * 7.  counter < 4096
- * 8.  g >= 160 and g < 2048   (g is length of seed in bits)
- * 9.  Q generated from SEED matches Q in PQGParams.
- * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
- * 11. 1 < h < P-1
- * 12. G generated from h matches G in PQGParams.
- */
-
-extern SECStatus PK11_PQG_VerifyParams(const PQGParams *params, 
-                                    const PQGVerify *vfy, SECStatus *result);
-extern void PK11_PQG_DestroyParams(PQGParams *params);
-extern void PK11_PQG_DestroyVerify(PQGVerify *vfy);
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGParams * PK11_PQG_NewParams(const SECItem * prime, const 
-				SECItem * subPrime, const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PK11_PQG_GetPrimeFromParams(const PQGParams *params, 
-							SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PK11_PQG_GetSubPrimeFromParams(const PQGParams *params, 
-							SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PK11_PQG_GetBaseFromParams(const PQGParams *params, 
-							SECItem *base);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGVerify * PK11_PQG_NewVerify(unsigned int counter, 
-				const SECItem * seed, const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PK11_PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PK11_PQG_GetSeedFromVerify(const PQGVerify *verify, 
-							SECItem *seed);
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11sdr.c b/security/nss/lib/pk11wrap/pk11sdr.c
deleted file mode 100644
index 630be0245..000000000
--- a/security/nss/lib/pk11wrap/pk11sdr.c
+++ /dev/null
@@ -1,295 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- *   thayes@netscape.com
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-
-#include "seccomon.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "pk11sdr.h"
-
-/*
- * Data structure and template for encoding the result of an SDR operation
- *  This is temporary.  It should include the algorithm ID of the encryption mechanism
- */
-struct SDRResult
-{
-  SECItem keyid;
-  SECAlgorithmID alg;
-  SECItem data;
-};
-typedef struct SDRResult SDRResult;
-
-static SEC_ASN1Template template[] = {
-  { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (SDRResult) },
-  { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, keyid) },
-  { SEC_ASN1_INLINE, offsetof(SDRResult, alg), SECOID_AlgorithmIDTemplate },
-  { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, data) },
-  { 0 }
-};
-
-static unsigned char keyID[] = {
-  0xF8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-};
-
-static SECItem keyIDItem = {
-  0,
-  keyID,
-  sizeof keyID
-};
-
-/* local utility function for padding an incoming data block
- * to the mechanism block size.
- */
-static SECStatus
-padBlock(SECItem *data, int blockSize, SECItem *result)
-{
-  SECStatus rv = SECSuccess;
-  int padLength;
-  unsigned int i;
-
-  result->data = 0;
-  result->len = 0;
-
-  /* This algorithm always adds to the block (to indicate the number
-   * of pad bytes).  So allocate a block large enough.
-   */
-  padLength = blockSize - (data->len % blockSize);
-  result->len = data->len + padLength;
-  result->data = (unsigned char *)PORT_Alloc(result->len);
-
-  /* Copy the data */
-  PORT_Memcpy(result->data, data->data, data->len);
-
-  /* Add the pad values */
-  for(i = data->len; i < result->len; i++)
-    result->data[i] = (unsigned char)padLength;
-
-  return rv;
-}
-
-static SECStatus
-unpadBlock(SECItem *data, int blockSize, SECItem *result)
-{
-  SECStatus rv = SECSuccess;
-  int padLength;
-
-  result->data = 0;
-  result->len = 0;
-
-  /* Remove the padding from the end if the input data */
-  if (data->len == 0 || data->len % blockSize  != 0) { rv = SECFailure; goto loser; }
-
-  padLength = data->data[data->len-1];
-  if (padLength > blockSize) { rv = SECFailure; goto loser; }
-
-  result->len = data->len - padLength;
-  result->data = (unsigned char *)PORT_Alloc(result->len);
-  if (!result->data) { rv = SECFailure; goto loser; }
-
-  PORT_Memcpy(result->data, data->data, result->len);
-
-loser:
-  return rv;
-}
-
-/*
- * PK11SDR_Encrypt
- *  Encrypt a block of data using the symmetric key identified.  The result
- *  is an ASN.1 (DER) encoded block of keyid, params and data.
- */
-SECStatus
-PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx)
-{
-  SECStatus rv = SECSuccess;
-  PK11SlotInfo *slot = 0;
-  PK11SymKey *key = 0;
-  SECItem *params = 0;
-  PK11Context *ctx = 0;
-  CK_MECHANISM_TYPE type;
-  SDRResult sdrResult;
-  SECItem paddedData;
-  SECItem *pKeyID;
-  PLArenaPool *arena = 0;
-
-  /* Initialize */
-  paddedData.len = 0;
-  paddedData.data = 0;
-
-  arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-  if (!arena) { rv = SECFailure; goto loser; }
-
-  /* 1. Locate the requested keyid, or the default key (which has a keyid)
-   * 2. Create an encryption context
-   * 3. Encrypt
-   * 4. Encode the results (using ASN.1)
-   */
-
-  slot = PK11_GetInternalKeySlot();
-  if (!slot) { rv = SECFailure; goto loser; }
-
-  /* Use triple-DES */
-  type = CKM_DES3_CBC;
-
-  /*
-   * Login to the internal token before we look for the key, otherwise we
-   * won't find it.
-   */
-  rv = PK11_Authenticate(slot, PR_TRUE, cx);
-  if (rv != SECSuccess) goto loser;
-
-  /* Find the key to use */
-  pKeyID = keyid;
-  if (pKeyID->len == 0) {
-	  pKeyID = &keyIDItem;  /* Use default value */
-
-	  /* Try to find the key */
-	  key = PK11_FindFixedKey(slot, type, pKeyID, cx);
-	  
-	  /* If the default key doesn't exist yet, try to create it */
-	  if (!key) key = PK11_GenDES3TokenKey(slot, pKeyID, cx);
-  } else {
-	  key = PK11_FindFixedKey(slot, type, pKeyID, cx);
-  }
-
-  if (!key) { rv = SECFailure; goto loser; }
-
-  params = PK11_GenerateNewParam(type, key);
-  if (!params) { rv = SECFailure; goto loser; }
-
-  ctx = PK11_CreateContextBySymKey(type, CKA_ENCRYPT, key, params);
-  if (!ctx) { rv = SECFailure; goto loser; }
-
-  rv = padBlock(data, PK11_GetBlockSize(type, 0), &paddedData);
-  if (rv != SECSuccess) goto loser;
-
-  sdrResult.data.len = paddedData.len;
-  sdrResult.data.data = (unsigned char *)PORT_ArenaAlloc(arena, sdrResult.data.len);
-
-  rv = PK11_CipherOp(ctx, sdrResult.data.data, (int*)&sdrResult.data.len, sdrResult.data.len,
-                     paddedData.data, paddedData.len);
-  if (rv != SECSuccess) goto loser;
-
-  PK11_Finalize(ctx);
-
-  sdrResult.keyid = *pKeyID;
-
-  rv = PK11_ParamToAlgid(SEC_OID_DES_EDE3_CBC, params, arena, &sdrResult.alg);
-  if (rv != SECSuccess) goto loser;
-
-  if (!SEC_ASN1EncodeItem(0, result, &sdrResult, template)) { rv = SECFailure; goto loser; }
-
-loser:
-  SECITEM_ZfreeItem(&paddedData, PR_FALSE);
-  if (arena) PORT_FreeArena(arena, PR_TRUE);
-  if (ctx) PK11_DestroyContext(ctx, PR_TRUE);
-  if (params) SECITEM_ZfreeItem(params, PR_TRUE);
-  if (key) PK11_FreeSymKey(key);
-  if (slot) PK11_FreeSlot(slot);
-
-  return rv;
-}
-
-/*
- * PK11SDR_Decrypt
- *  Decrypt a block of data produced by PK11SDR_Encrypt.  The key used is identified
- *  by the keyid field within the input.
- */
-SECStatus
-PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx)
-{
-  SECStatus rv = SECSuccess;
-  PK11SlotInfo *slot = 0;
-  PK11SymKey *key = 0;
-  PK11Context *ctx = 0;
-  CK_MECHANISM_TYPE type;
-  SDRResult sdrResult;
-  SECItem *params = 0;
-  SECItem paddedResult;
-  PLArenaPool *arena = 0;
-
-  paddedResult.len = 0;
-  paddedResult.data = 0;
-
-  arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-  if (!arena) { rv = SECFailure; goto loser; }
-
-  /* Decode the incoming data */
-  memset(&sdrResult, 0, sizeof sdrResult);
-  rv = SEC_ASN1DecodeItem(arena, &sdrResult, template, data);
-  if (rv != SECSuccess) goto loser;  /* Invalid format */
-
-  /* Find the slot and key for the given keyid */
-  slot = PK11_GetInternalKeySlot();
-  if (!slot) { rv = SECFailure; goto loser; }
-
-  /* Use triple-DES (Should look up the algorithm) */
-  type = CKM_DES3_CBC;
-  key = PK11_FindFixedKey(slot, type, &sdrResult.keyid, cx);
-  if (!key) { rv = SECFailure; goto loser; }
-
-  /* Get the parameter values from the data */
-  params = PK11_ParamFromAlgid(&sdrResult.alg);
-  if (!params) { rv = SECFailure; goto loser; }
-
-  ctx = PK11_CreateContextBySymKey(type, CKA_DECRYPT, key, params);
-  if (!ctx) { rv = SECFailure; goto loser; }
-
-  paddedResult.len = sdrResult.data.len;
-  paddedResult.data = PORT_ArenaAlloc(arena, paddedResult.len);
-
-  rv = PK11_CipherOp(ctx, paddedResult.data, (int*)&paddedResult.len, paddedResult.len,
-                     sdrResult.data.data, sdrResult.data.len);
-  if (rv != SECSuccess) goto loser;
-
-  PK11_Finalize(ctx);
-
-  /* Remove the padding */
-  rv = unpadBlock(&paddedResult, PK11_GetBlockSize(type, 0), result);
-  if (rv) goto loser;
-
-loser:
-  /* SECITEM_ZfreeItem(&paddedResult, PR_FALSE); */
-  if (arena) PORT_FreeArena(arena, PR_TRUE);
-  if (ctx) PK11_DestroyContext(ctx, PR_TRUE);
-  if (key) PK11_FreeSymKey(key);
-  if (params) SECITEM_ZfreeItem(params, PR_TRUE);
-  if (slot) PK11_FreeSlot(slot);
-
-  return rv;
-}
diff --git a/security/nss/lib/pk11wrap/pk11sdr.h b/security/nss/lib/pk11wrap/pk11sdr.h
deleted file mode 100644
index 652098cad..000000000
--- a/security/nss/lib/pk11wrap/pk11sdr.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-
-#ifndef _PK11SDR_H_
-#define _PK11SDR_H_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * PK11SDR_Encrypt - encrypt data using the specified key id or SDR default
- *
- */
-SECStatus
-PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx);
-
-/*
- * PK11SDR_Decrypt - decrypt data previously encrypted with PK11SDR_Encrypt
- */
-SECStatus
-PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c
deleted file mode 100644
index e11a8e947..000000000
--- a/security/nss/lib/pk11wrap/pk11skey.c
+++ /dev/null
@@ -1,4980 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-#include "secpkcs5.h" 
-
-#define PAIRWISE_SECITEM_TYPE			siBuffer
-#define PAIRWISE_DIGEST_LENGTH			SHA1_LENGTH /* 160-bits */
-#define PAIRWISE_MESSAGE_LENGTH			20          /* 160-bits */
-
-/* forward static declarations. */
-static PK11SymKey *pk11_DeriveWithTemplate(PK11SymKey *baseKey, 
-	CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target, 
-	CK_ATTRIBUTE_TYPE operation, int keySize, CK_ATTRIBUTE *userAttr, 
-	unsigned int numAttrs);
-
-
-/*
- * strip leading zero's from key material
- */
-void
-pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib) {
-    char *ptr = (char *)attrib->pValue;
-    unsigned long len = attrib->ulValueLen;
-
-    while (len && (*ptr == 0)) {
-	len--;
-	ptr++;
-    }
-    attrib->pValue = ptr;
-    attrib->ulValueLen = len;
-}
-
-/*
- * get a new session on a slot. If we run out of session, use the slot's
- * 'exclusive' session. In this case owner becomes false.
- */
-static CK_SESSION_HANDLE
-pk11_GetNewSession(PK11SlotInfo *slot,PRBool *owner)
-{
-    CK_SESSION_HANDLE session;
-    *owner =  PR_TRUE;
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    if ( PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION, 
-			slot,pk11_notify,&session) != CKR_OK) {
-	*owner = PR_FALSE;
-	session = slot->session;
-    }
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-
-    return session;
-}
-
-static void
-pk11_CloseSession(PK11SlotInfo *slot,CK_SESSION_HANDLE session,PRBool owner)
-{
-    if (!owner) return;
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    (void) PK11_GETTAB(slot)->C_CloseSession(session);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-}
-
-
-SECStatus
-PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
-				CK_ATTRIBUTE *theTemplate, int count, 
-				PRBool token, CK_OBJECT_HANDLE *objectID)
-{
-	CK_SESSION_HANDLE rwsession;
-	CK_RV crv;
-	SECStatus rv = SECSuccess;
-
-	rwsession = session;
-	if (rwsession == CK_INVALID_SESSION) {
-	    if (token) {
-		rwsession =  PK11_GetRWSession(slot);
-	    } else { 
-		rwsession =  slot->session;
-		PK11_EnterSlotMonitor(slot);
-	    }
-	}
-	crv = PK11_GETTAB(slot)->C_CreateObject(rwsession, theTemplate,
-							count,objectID);
-	if(crv != CKR_OK) {
-	    PORT_SetError( PK11_MapError(crv) );
-	    rv = SECFailure;
-	}
-
-	if (session == CK_INVALID_SESSION) {
-	    if (token) {
-		PK11_RestoreROSession(slot, rwsession);
-	    } else {
-		PK11_ExitSlotMonitor(slot);
-	    }
-        }
-
-	return rv;
-}
-
-static void
-pk11_EnterKeyMonitor(PK11SymKey *symKey) {
-    if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe)) 
-	PK11_EnterSlotMonitor(symKey->slot);
-}
-
-static void
-pk11_ExitKeyMonitor(PK11SymKey *symKey) {
-    if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe)) 
-    	PK11_ExitSlotMonitor(symKey->slot);
-}
-
-
-static PK11SymKey *
-pk11_getKeyFromList(PK11SlotInfo *slot) {
-    PK11SymKey *symKey = NULL;
-
-    PK11_USE_THREADS(PZ_Lock(slot->freeListLock);)
-    if (slot->freeSymKeysHead) {
-    	symKey = slot->freeSymKeysHead;
-	slot->freeSymKeysHead = symKey->next;
-	slot->keyCount--;
-    }
-    PK11_USE_THREADS(PZ_Unlock(slot->freeListLock);)
-    if (symKey) {
-	symKey->next = NULL;
-	if ((symKey->series != slot->series) || (!symKey->sessionOwner))
-    	    symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
-	return symKey;
-    }
-
-    symKey = (PK11SymKey *)PORT_ZAlloc(sizeof(PK11SymKey));
-    if (symKey == NULL) {
-	return NULL;
-    }
-    symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
-    symKey->next = NULL;
-    return symKey;
-}
-
-void
-PK11_CleanKeyList(PK11SlotInfo *slot)
-{
-    PK11SymKey *symKey = NULL;
-
-    while (slot->freeSymKeysHead) {
-    	symKey = slot->freeSymKeysHead;
-	slot->freeSymKeysHead = symKey->next;
-	pk11_CloseSession(slot, symKey->session,symKey->sessionOwner);
-	PORT_Free(symKey);
-    };
-    return;
-}
-
-/*
- * create a symetric key:
- *      Slot is the slot to create the key in.
- *      type is the mechainism type 
- */
-PK11SymKey *
-PK11_CreateSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, void *wincx)
-{
-
-    PK11SymKey *symKey = pk11_getKeyFromList(slot);
-
-
-    if (symKey == NULL) {
-	return NULL;
-    }
-
-    symKey->type = type;
-    symKey->data.data = NULL;
-    symKey->data.len = 0;
-    symKey->owner = PR_TRUE;
-    symKey->objectID = CK_INVALID_HANDLE;
-    symKey->slot = slot;
-    symKey->series = slot->series;
-    symKey->cx = wincx;
-    symKey->size = 0;
-    symKey->refCount = 1;
-    symKey->origin = PK11_OriginNULL;
-    symKey->origin = PK11_OriginNULL;
-    PK11_ReferenceSlot(slot);
-    return symKey;
-}
-
-/*
- * destroy a symetric key
- */
-void
-PK11_FreeSymKey(PK11SymKey *symKey)
-{
-    PK11SlotInfo *slot;
-    PRBool freeit = PR_TRUE;
-
-    if (PR_AtomicDecrement(&symKey->refCount) == 0) {
-	if ((symKey->owner) && symKey->objectID != CK_INVALID_HANDLE) {
-	    pk11_EnterKeyMonitor(symKey);
-	    (void) PK11_GETTAB(symKey->slot)->
-		C_DestroyObject(symKey->session, symKey->objectID);
-	    pk11_ExitKeyMonitor(symKey);
-	}
-	if (symKey->data.data) {
-	    PORT_Memset(symKey->data.data, 0, symKey->data.len);
-	    PORT_Free(symKey->data.data);
-	}
-        slot = symKey->slot;
-        PK11_USE_THREADS(PZ_Lock(slot->freeListLock);)
-	if (slot->keyCount < slot->maxKeyCount) {
-	    symKey->next = slot->freeSymKeysHead;
-	    slot->freeSymKeysHead = symKey;
-	    slot->keyCount++;
-	    symKey->slot = NULL;
-	    freeit = PR_FALSE;
-        }
-	PK11_USE_THREADS(PZ_Unlock(slot->freeListLock);)
-        if (freeit) {
-	    pk11_CloseSession(symKey->slot, symKey->session,
-							symKey->sessionOwner);
-	    PORT_Free(symKey);
-	}
-	PK11_FreeSlot(slot);
-    }
-}
-
-PK11SymKey *
-PK11_ReferenceSymKey(PK11SymKey *symKey)
-{
-    PR_AtomicIncrement(&symKey->refCount);
-    return symKey;
-}
-
-/*
- * turn key handle into an appropriate key object
- */
-PK11SymKey *
-PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent, PK11Origin origin,
-    CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID, PRBool owner, void *wincx)
-{
-    PK11SymKey *symKey;
-
-    if (keyID == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-
-    symKey = PK11_CreateSymKey(slot,type,wincx);
-    if (symKey == NULL) {
-	return NULL;
-    }
-
-    symKey->objectID = keyID;
-    symKey->origin = origin;
-    symKey->owner = owner;
-
-    /* adopt the parent's session */
-    /* This is only used by SSL. What we really want here is a session
-     * structure with a ref count so  the session goes away only after all the
-     * keys do. */
-    if (owner && parent) {
-	pk11_CloseSession(symKey->slot, symKey->session,symKey->sessionOwner);
-	symKey->sessionOwner = parent->sessionOwner;
-	symKey->session = parent->session;
-	parent->sessionOwner = PR_FALSE;
-    }
-
-    return symKey;
-}
-
-/*
- * turn key handle into an appropriate key object
- */
-PK11SymKey *
-PK11_GetWrapKey(PK11SlotInfo *slot, int wrap, CK_MECHANISM_TYPE type,
-						    int series, void *wincx)
-{
-    PK11SymKey *symKey = NULL;
-
-    if (slot->series != series) return NULL;
-    if (slot->refKeys[wrap] == CK_INVALID_HANDLE) return NULL;
-    if (type == CKM_INVALID_MECHANISM) type = slot->wrapMechanism;
-
-    symKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
-		 slot->wrapMechanism, slot->refKeys[wrap], PR_FALSE, wincx);
-    return symKey;
-}
-
-void
-PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey)
-{
-    /* save the handle and mechanism for the wrapping key */
-    /* mark the key and session as not owned by us to they don't get freed
-     * when the key goes way... that lets us reuse the key later */
-    slot->refKeys[wrap] = wrapKey->objectID;
-    wrapKey->owner = PR_FALSE;
-    wrapKey->sessionOwner = PR_FALSE;
-    slot->wrapMechanism = wrapKey->type;
-}
-
-CK_MECHANISM_TYPE
-PK11_GetMechanism(PK11SymKey *symKey)
-{
-    return symKey->type;
-}
-
-/*
- * figure out if a key is still valid or if it is stale.
- */
-PRBool
-PK11_VerifyKeyOK(PK11SymKey *key) {
-    if (!PK11_IsPresent(key->slot)) {
-	return PR_FALSE;
-    }
-    return (PRBool)(key->series == key->slot->series);
-}
-
-#define MAX_TEMPL_ATTRS 16 /* maximum attributes in template */
-
-/* This mask includes all CK_FLAGs with an equivalent CKA_ attribute. */
-#define CKF_KEY_OPERATION_FLAGS 0x000e7b00UL
-
-static unsigned int
-pk11_FlagsToAttributes(CK_FLAGS flags, CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue)
-{
-
-    const static CK_ATTRIBUTE_TYPE attrTypes[12] = {
-	CKA_ENCRYPT,      CKA_DECRYPT, 0 /* DIGEST */,     CKA_SIGN,
-	CKA_SIGN_RECOVER, CKA_VERIFY,  CKA_VERIFY_RECOVER, 0 /* GEN */,
-	0 /* GEN PAIR */, CKA_WRAP,    CKA_UNWRAP,         CKA_DERIVE 
-    };
-
-    const CK_ATTRIBUTE_TYPE *pType	= attrTypes;
-          CK_ATTRIBUTE      *attr	= attrs;
-          CK_FLAGS          test	= CKF_ENCRYPT;
-
-
-    PR_ASSERT(!(flags & ~CKF_KEY_OPERATION_FLAGS));
-    flags &= CKF_KEY_OPERATION_FLAGS;
-
-    for (; flags && test <= CKF_DERIVE; test <<= 1, ++pType) {
-    	if (test & flags) {
-	    flags ^= test;
-	    PK11_SETATTRS(attr, *pType, ckTrue, sizeof *ckTrue); 
-	    ++attr;
-	}
-    }
-    return (attr - attrs);
-}
-
-static PK11SymKey *
-pk11_ImportSymKeyWithTempl(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
-                  PK11Origin origin, CK_ATTRIBUTE *keyTemplate, 
-		  unsigned int templateCount, SECItem *key, void *wincx)
-{
-    PK11SymKey *    symKey;
-    SECStatus	    rv;
-
-    symKey = PK11_CreateSymKey(slot,type,wincx);
-    if (symKey == NULL) {
-	return NULL;
-    }
-
-    symKey->size = key->len;
-
-    PK11_SETATTRS(&keyTemplate[templateCount], CKA_VALUE, key->data, key->len);
-    templateCount++;
-
-    if (SECITEM_CopyItem(NULL,&symKey->data,key) != SECSuccess) {
-	PK11_FreeSymKey(symKey);
-	return NULL;
-    }
-
-    symKey->origin = origin;
-
-    /* import the keys */
-    rv = PK11_CreateNewObject(slot, symKey->session, keyTemplate,
-		 	templateCount, PR_FALSE, &symKey->objectID);
-    if ( rv != SECSuccess) {
-	PK11_FreeSymKey(symKey);
-	return NULL;
-    }
-
-    return symKey;
-}
-
-/*
- * turn key bits into an appropriate key object
- */
-PK11SymKey *
-PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
-     PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,void *wincx)
-{
-    PK11SymKey *    symKey;
-    unsigned int    templateCount = 0;
-    CK_OBJECT_CLASS keyClass 	= CKO_SECRET_KEY;
-    CK_KEY_TYPE     keyType 	= CKK_GENERIC_SECRET;
-    CK_BBOOL        cktrue 	= CK_TRUE; /* sigh */
-    CK_ATTRIBUTE    keyTemplate[5];
-    CK_ATTRIBUTE *  attrs 	= keyTemplate;
-
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
-    PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
-    templateCount = attrs - keyTemplate;
-    PR_ASSERT(templateCount+1 <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
-    keyType = PK11_GetKeyType(type,key->len);
-    symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, keyTemplate, 
-    					templateCount, key, wincx);
-    return symKey;
-}
-
-
-/*
- * turn key bits into an appropriate key object
- */
-PK11SymKey *
-PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
-     PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
-     CK_FLAGS flags, PRBool isPerm, void *wincx)
-{
-    PK11SymKey *    symKey;
-    unsigned int    templateCount = 0;
-    CK_OBJECT_CLASS keyClass 	= CKO_SECRET_KEY;
-    CK_KEY_TYPE     keyType 	= CKK_GENERIC_SECRET;
-    CK_BBOOL        cktrue 	= CK_TRUE; /* sigh */
-    CK_ATTRIBUTE    keyTemplate[MAX_TEMPL_ATTRS];
-    CK_ATTRIBUTE *  attrs 	= keyTemplate;
-
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
-    if (isPerm) {
-	PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(keyType) ); attrs++;
-    }
-    templateCount = attrs - keyTemplate;
-    templateCount += pk11_FlagsToAttributes(flags, attrs, &cktrue);
-    PR_ASSERT(templateCount+1 <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
-    keyType = PK11_GetKeyType(type,key->len);
-    symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, keyTemplate, 
-    					templateCount, key, wincx);
-    if (isPerm) {
-	symKey->owner = PR_FALSE;
-    }
-    return symKey;
-}
-
-/*
- * import a public key into the desired slot
- */
-CK_OBJECT_HANDLE
-PK11_ImportPublicKey(PK11SlotInfo *slot, SECKEYPublicKey *pubKey, 
-								PRBool isToken)
-{
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
-    CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
-    CK_OBJECT_HANDLE objectID;
-    CK_ATTRIBUTE theTemplate[10];
-    CK_ATTRIBUTE *signedattr = NULL;
-    CK_ATTRIBUTE *attrs = theTemplate;
-    int signedcount = 0;
-    int templateCount = 0;
-    SECStatus rv;
-
-    /* if we already have an object in the desired slot, use it */
-    if (!isToken && pubKey->pkcs11Slot == slot) {
-	return pubKey->pkcs11ID;
-    }
-
-    /* free the existing key */
-    if (pubKey->pkcs11Slot != NULL) {
-	PK11SlotInfo *oSlot = pubKey->pkcs11Slot;
-	PK11_EnterSlotMonitor(oSlot);
-	(void) PK11_GETTAB(oSlot)->C_DestroyObject(oSlot->session,
-							pubKey->pkcs11ID);
-	PK11_ExitSlotMonitor(oSlot);
-	PK11_FreeSlot(oSlot);
-	pubKey->pkcs11Slot = NULL;
-    }
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, isToken ? &cktrue : &ckfalse,
-						 sizeof(CK_BBOOL) ); attrs++;
-
-    /* now import the key */
-    {
-        switch (pubKey->keyType) {
-        case rsaKey:
-	    keyType = CKK_RSA;
-	    PK11_SETATTRS(attrs, CKA_WRAP, &cktrue, sizeof(CK_BBOOL) ); attrs++;
-	    PK11_SETATTRS(attrs, CKA_ENCRYPT, &cktrue, 
-						sizeof(CK_BBOOL) ); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL)); attrs++;
- 	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_MODULUS, pubKey->u.rsa.modulus.data,
-					 pubKey->u.rsa.modulus.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, 
-	     	pubKey->u.rsa.publicExponent.data,
-				 pubKey->u.rsa.publicExponent.len); attrs++;
-	    break;
-        case dsaKey:
-	    keyType = CKK_DSA;
-	    PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- 	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_PRIME,    pubKey->u.dsa.params.prime.data,
-				pubKey->u.dsa.params.prime.len); attrs++;
-	    PK11_SETATTRS(attrs,CKA_SUBPRIME,pubKey->u.dsa.params.subPrime.data,
-				pubKey->u.dsa.params.subPrime.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_BASE,  pubKey->u.dsa.params.base.data,
-					pubKey->u.dsa.params.base.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VALUE,    pubKey->u.dsa.publicValue.data, 
-					pubKey->u.dsa.publicValue.len); attrs++;
-	    break;
-	case fortezzaKey:
-	    keyType = CKK_DSA;
-	    PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- 	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_PRIME,pubKey->u.fortezza.params.prime.data,
-				pubKey->u.fortezza.params.prime.len); attrs++;
-	    PK11_SETATTRS(attrs,CKA_SUBPRIME,
-				pubKey->u.fortezza.params.subPrime.data,
-				pubKey->u.fortezza.params.subPrime.len);attrs++;
-	    PK11_SETATTRS(attrs, CKA_BASE,  pubKey->u.fortezza.params.base.data,
-				pubKey->u.fortezza.params.base.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.fortezza.DSSKey.data, 
-				pubKey->u.fortezza.DSSKey.len); attrs++;
-            break;
-        case dhKey:
-	    keyType = CKK_DH;
-	    PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));attrs++;
- 	    signedattr = attrs;
-	    PK11_SETATTRS(attrs, CKA_PRIME,    pubKey->u.dh.prime.data,
-				pubKey->u.dh.prime.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_BASE,  pubKey->u.dh.base.data,
-					pubKey->u.dh.base.len); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VALUE,    pubKey->u.dh.publicValue.data, 
-					pubKey->u.dh.publicValue.len); attrs++;
-	    break;
-	/* what about fortezza??? */
-	default:
-	    PORT_SetError( SEC_ERROR_BAD_KEY );
-	    return CK_INVALID_HANDLE;
-	}
-
-	templateCount = attrs - theTemplate;
-	signedcount = attrs - signedattr;
-	PORT_Assert(templateCount <= (sizeof(theTemplate)/sizeof(CK_ATTRIBUTE)));
-	for (attrs=signedattr; signedcount; attrs++, signedcount--) {
-		pk11_SignedToUnsigned(attrs);
-	} 
-        rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, theTemplate,
-				 	templateCount, isToken, &objectID);
-	if ( rv != SECSuccess) {
-	    return CK_INVALID_HANDLE;
-	}
-    }
-
-    pubKey->pkcs11ID = objectID;
-    pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
-
-    return objectID;
-}
-
-
-/*
- * return the slot associated with a symetric key
- */
-PK11SlotInfo *
-PK11_GetSlotFromKey(PK11SymKey *symKey)
-{
-    return PK11_ReferenceSlot(symKey->slot);
-}
-
-PK11SymKey *
-PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *keyID,
-								void *wincx)
-{
-    CK_ATTRIBUTE findTemp[4];
-    CK_ATTRIBUTE *attrs;
-    CK_BBOOL ckTrue = CK_TRUE;
-    CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
-    int tsize = 0;
-    CK_OBJECT_HANDLE key_id;
-
-    attrs = findTemp;
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
-    if (keyID) {
-        PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len); attrs++;
-    }
-    tsize = attrs - findTemp;
-    PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
-    key_id = pk11_FindObjectByTemplate(slot,findTemp,tsize);
-    if (key_id == CK_INVALID_HANDLE) {
-	return NULL;
-    }
-    return PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive, type, key_id,
-		 				PR_FALSE, wincx);
-}
-
-PK11SymKey *
-PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
-{
-    CK_ATTRIBUTE findTemp[4];
-    CK_ATTRIBUTE *attrs;
-    CK_BBOOL ckTrue = CK_TRUE;
-    CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
-    int tsize = 0;
-    int objCount = 0;
-    CK_OBJECT_HANDLE *key_ids;
-    PK11SymKey *nextKey = NULL;
-    PK11SymKey *topKey = NULL;
-    int i,len;
-
-    attrs = findTemp;
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
-    if (nickname) {
-	len = PORT_Strlen(nickname)-1;
-	PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
-    }
-    tsize = attrs - findTemp;
-    PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
-    key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
-    if (key_ids == NULL) {
-	return NULL;
-    }
-
-    for (i=0; i < objCount ; i++) {
-	nextKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive, 
-			CKM_INVALID_MECHANISM, key_ids[i], PR_FALSE, wincx);
-	if (nextKey) {
-	    nextKey->next = topKey;
-	    topKey = nextKey;
-	}
-   }
-   PORT_Free(key_ids);
-   return topKey;
-}
-
-void *
-PK11_GetWindow(PK11SymKey *key)
-{
-   return key->cx;
-}
-    
-
-/*
- * extract a symetric key value. NOTE: if the key is sensitive, we will
- * not be able to do this operation. This function is used to move
- * keys from one token to another */
-SECStatus
-PK11_ExtractKeyValue(PK11SymKey *symKey)
-{
-
-    if (symKey->data.data != NULL) return SECSuccess;
-
-    if (symKey->slot == NULL) {
-	PORT_SetError( SEC_ERROR_INVALID_KEY );
-	return SECFailure;
-    }
-
-    return PK11_ReadAttribute(symKey->slot,symKey->objectID,CKA_VALUE,NULL,
-				&symKey->data);
-}
-
-SECStatus
-PK11_DeleteTokenSymKey(PK11SymKey *symKey)
-{
-    if (!PK11_IsPermObject(symKey->slot, symKey->objectID)) {
-	return SECFailure;
-    }
-    PK11_DestroyTokenObject(symKey->slot,symKey->objectID);
-    symKey->objectID = CK_INVALID_HANDLE;
-    return SECSuccess;
-}
-
-SECItem *
-__PK11_GetKeyData(PK11SymKey *symKey)
-{
-    return &symKey->data;
-}
-
-SECItem *
-PK11_GetKeyData(PK11SymKey *symKey)
-{
-    return __PK11_GetKeyData(symKey);
-}
-
-/*
- * take an attribute and copy it into a secitem
- */
-static CK_RV
-pk11_Attr2SecItem(PRArenaPool *arena, CK_ATTRIBUTE *attr, SECItem *item) 
-{
-    item->data = NULL;
-
-    (void)SECITEM_AllocItem(arena, item, attr->ulValueLen);
-    if (item->data == NULL) {
-	return CKR_HOST_MEMORY;
-    } 
-    PORT_Memcpy(item->data, attr->pValue, item->len);
-    return CKR_OK;
-}
-
-/*
- * extract a public key from a slot and id
- */
-SECKEYPublicKey *
-PK11_ExtractPublicKey(PK11SlotInfo *slot,KeyType keyType,CK_OBJECT_HANDLE id)
-{
-    CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
-    PRArenaPool *arena;
-    PRArenaPool *tmp_arena;
-    SECKEYPublicKey *pubKey;
-    int templateCount = 0;
-    CK_KEY_TYPE pk11KeyType;
-    CK_RV crv;
-    CK_ATTRIBUTE template[8];
-    CK_ATTRIBUTE *attrs= template;
-    CK_ATTRIBUTE *modulus,*exponent,*base,*prime,*subprime,*value;
-
-    /* if we didn't know the key type, get it */
-    if (keyType== nullKey) {
-
-        pk11KeyType = PK11_ReadULongAttribute(slot,id,CKA_KEY_TYPE);
-	if (pk11KeyType ==  CK_UNAVAILABLE_INFORMATION) {
-	    return NULL;
-	}
-	switch (pk11KeyType) {
-	case CKK_RSA:
-	    keyType = rsaKey;
-	    break;
-	case CKK_DSA:
-	    keyType = dsaKey;
-	    break;
-	case CKK_DH:
-	    keyType = dhKey;
-	    break;
-	default:
-	    PORT_SetError( SEC_ERROR_BAD_KEY );
-	    return NULL;
-	}
-    }
-
-
-    /* now we need to create space for the public key */
-    arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) return NULL;
-    tmp_arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
-    if (tmp_arena == NULL) {
-	PORT_FreeArena (arena, PR_FALSE);
-	return NULL;
-    }
-
-
-    pubKey = (SECKEYPublicKey *) 
-			PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
-    if (pubKey == NULL) {
-	PORT_FreeArena (arena, PR_FALSE);
-	PORT_FreeArena (tmp_arena, PR_FALSE);
-	return NULL;
-    }
-
-    pubKey->arena = arena;
-    pubKey->keyType = keyType;
-    pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
-    pubKey->pkcs11ID = id;
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, 
-						sizeof(keyClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &pk11KeyType, 
-						sizeof(pk11KeyType) ); attrs++;
-    switch (pubKey->keyType) {
-    case rsaKey:
-	modulus = attrs;
-	PK11_SETATTRS(attrs, CKA_MODULUS, NULL, 0); attrs++; 
-	exponent = attrs;
-	PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, NULL, 0); attrs++; 
-
-	templateCount = attrs - template;
-	PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
-	crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
-	if (crv != CKR_OK) break;
-
-	if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_RSA)) {
-	    crv = CKR_OBJECT_HANDLE_INVALID;
-	    break;
-	} 
-	crv = pk11_Attr2SecItem(arena,modulus,&pubKey->u.rsa.modulus);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attr2SecItem(arena,exponent,&pubKey->u.rsa.publicExponent);
-	if (crv != CKR_OK) break;
-	break;
-    case dsaKey:
-	prime = attrs;
-	PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0); attrs++; 
-	subprime = attrs;
-	PK11_SETATTRS(attrs, CKA_SUBPRIME, NULL, 0); attrs++; 
-	base = attrs;
-	PK11_SETATTRS(attrs, CKA_BASE, NULL, 0); attrs++; 
-	value = attrs;
-	PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0); attrs++; 
-	templateCount = attrs - template;
-	PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
-	crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
-	if (crv != CKR_OK) break;
-
-	if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DSA)) {
-	    crv = CKR_OBJECT_HANDLE_INVALID;
-	    break;
-	} 
-	crv = pk11_Attr2SecItem(arena,prime,&pubKey->u.dsa.params.prime);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attr2SecItem(arena,subprime,&pubKey->u.dsa.params.subPrime);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attr2SecItem(arena,base,&pubKey->u.dsa.params.base);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attr2SecItem(arena,value,&pubKey->u.dsa.publicValue);
-	if (crv != CKR_OK) break;
-	break;
-    case dhKey:
-	prime = attrs;
-	PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0); attrs++; 
-	base = attrs;
-	PK11_SETATTRS(attrs, CKA_BASE, NULL, 0); attrs++; 
-	value =attrs;
-	PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0); attrs++; 
-	templateCount = attrs - template;
-	PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
-	crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
-	if (crv != CKR_OK) break;
-
-	if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DH)) {
-	    crv = CKR_OBJECT_HANDLE_INVALID;
-	    break;
-	} 
-	crv = pk11_Attr2SecItem(arena,prime,&pubKey->u.dh.prime);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attr2SecItem(arena,base,&pubKey->u.dh.base);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attr2SecItem(arena,value,&pubKey->u.dh.publicValue);
-	if (crv != CKR_OK) break;
-	break;
-    case fortezzaKey:
-    case nullKey:
-    default:
-	crv = CKR_OBJECT_HANDLE_INVALID;
-	break;
-    }
-
-    PORT_FreeArena(tmp_arena,PR_FALSE);
-
-    if (crv != CKR_OK) {
-	PORT_FreeArena(arena,PR_FALSE);
-	PK11_FreeSlot(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return NULL;
-    }
-
-    return pubKey;
-}
-
-/*
- * Build a Private Key structure from raw PKCS #11 information.
- */
-SECKEYPrivateKey *
-PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, 
-			PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx)
-{
-    PRArenaPool *arena;
-    SECKEYPrivateKey *privKey;
-
-    /* don't know? look it up */
-    if (keyType == nullKey) {
-	CK_KEY_TYPE pk11Type = CKK_RSA;
-
-	pk11Type = PK11_ReadULongAttribute(slot,privID,CKA_KEY_TYPE);
-	isTemp = (PRBool)!PK11_HasAttributeSet(slot,privID,CKA_TOKEN);
-	switch (pk11Type) {
-	case CKK_RSA: keyType = rsaKey; break;
-	case CKK_DSA: keyType = dsaKey; break;
-	case CKK_DH: keyType = dhKey; break;
-	case CKK_KEA: keyType = fortezzaKey; break;
-	default:
-		break;
-	}
-    }
-
-    /* now we need to create space for the private key */
-    arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) return NULL;
-
-    privKey = (SECKEYPrivateKey *) 
-			PORT_ArenaZAlloc(arena, sizeof(SECKEYPrivateKey));
-    if (privKey == NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return NULL;
-    }
-
-    privKey->arena = arena;
-    privKey->keyType = keyType;
-    privKey->pkcs11Slot = PK11_ReferenceSlot(slot);
-    privKey->pkcs11ID = privID;
-    privKey->pkcs11IsTemp = isTemp;
-    privKey->wincx = wincx;
-
-    return privKey;
-}
-
-/* return the keylength if possible.  '0' if not */
-unsigned int
-PK11_GetKeyLength(PK11SymKey *key)
-{
-   if (key->size != 0) return key->size ;
-   if (key->data.data == NULL) {
-	PK11_ExtractKeyValue(key);
-   }
-   /* key is probably secret. Look up it's type and length */
-   /*  this is new PKCS #11 version 2.0 functionality. */
-   if (key->size == 0) {
-	CK_ULONG keyLength;
-
-	keyLength = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_VALUE_LEN);
-	/* doesn't have a length field, check the known PKCS #11 key types,
-	 * which don't have this field */
-	if (keyLength == CK_UNAVAILABLE_INFORMATION) {
-	    CK_KEY_TYPE keyType;
-	    keyType = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_KEY_TYPE);
-	    switch (keyType) {
-	    case CKK_DES: key->size = 8; break;
-	    case CKK_DES2: key->size = 16; break;
-	    case CKK_DES3: key->size = 24; break;
-	    case CKK_SKIPJACK: key->size = 10; break;
-	    case CKK_BATON: key->size = 20; break;
-	    case CKK_JUNIPER: key->size = 20; break;
-	    case CKK_GENERIC_SECRET:
-		if (key->type == CKM_SSL3_PRE_MASTER_KEY_GEN)  {
-		    key->size=48;
-		}
-		break;
-	    default: break;
-	    }
-	} else {
-	    key->size = (unsigned int)keyLength;
-	}
-    }
-	
-   return key->size;
-}
-
-/* return the strength of a key. This is different from length in that
- * 1) it returns the size in bits, and 2) it returns only the secret portions
- * of the key minus any checksums or parity.
- */
-unsigned int
-PK11_GetKeyStrength(PK11SymKey *key, SECAlgorithmID *algid) 
-{
-     int size=0;
-     CK_MECHANISM_TYPE mechanism= CKM_INVALID_MECHANISM; /* RC2 only */
-     SECItem *param = NULL; /* RC2 only */
-     CK_RC2_CBC_PARAMS *rc2_params = NULL; /* RC2 ONLY */
-     unsigned int effectiveBits = 0; /* RC2 ONLY */
-
-     switch (PK11_GetKeyType(key->type,0)) {
-     case CKK_CDMF:
-	return 40;
-     case CKK_DES:
-	return 56;
-     case CKK_DES3:
-     case CKK_DES2:
-	size = PK11_GetKeyLength(key);
-	if (size == 16) {
-	   /* double des */
-	   return 112; /* 16*7 */
-	}
-	return 168;
-    /*
-     * RC2 has is different than other ciphers in that it allows the user
-     * to deprecating keysize while still requiring all the bits for the 
-     * original key. The info
-     * on what the effective key strength is in the parameter for the key.
-     * In S/MIME this parameter is stored in the DER encoded algid. In Our 
-     * other uses of RC2, effectiveBits == keyBits, so this code functions
-     * correctly without an algid.
-     */
-    case CKK_RC2:
-	/* if no algid was provided, fall through to default */
-        if (!algid) {
-	    break; 
-	}
-	/* verify that the algid is for RC2 */
-	mechanism = PK11_AlgtagToMechanism(SECOID_GetAlgorithmTag(algid));
-	if ((mechanism != CKM_RC2_CBC) && (mechanism != CKM_RC2_ECB)) {
-	    break;
-	}
-
-	/* now get effective bits from the algorithm ID. */
-	param = PK11_ParamFromAlgid(algid);
-	/* if we couldn't get memory just use key length */
-	if (param == NULL) {
-	    break;
-	}
-
-	rc2_params = (CK_RC2_CBC_PARAMS *) param->data;
-	/* paranoia... shouldn't happen */
-	PORT_Assert(param->data != NULL);
-	if (param->data == NULL) {
-	    SECITEM_FreeItem(param,PR_TRUE);
-	    break;
-	}
-	effectiveBits = (unsigned int)rc2_params->ulEffectiveBits;
-	SECITEM_FreeItem(param,PR_TRUE);
-	param = NULL; rc2_params=NULL; /* paranoia */
-
-	/* we have effective bits, is and allocated memory is free, now
-	 * we need to return the smaller of effective bits and keysize */
-	size = PK11_GetKeyLength(key);
-	if ((unsigned int)size*8 > effectiveBits) {
-	    return effectiveBits;
-	}
-
-	return size*8; /* the actual key is smaller, the strength can't be
-			* greater than the actual key size */
-	
-    default:
-	break;
-    }
-    return PK11_GetKeyLength(key) * 8;
-}
-
-/* Make a Key type to an appropriate signing/verification mechanism */
-static CK_MECHANISM_TYPE
-pk11_mapSignKeyType(KeyType keyType)
-{
-    switch (keyType) {
-    case rsaKey:
-	return CKM_RSA_PKCS;
-    case fortezzaKey:
-    case dsaKey:
-	return CKM_DSA;
-    case dhKey:
-    default:
-	break;
-    }
-    return CKM_INVALID_MECHANISM;
-}
-
-static CK_MECHANISM_TYPE
-pk11_mapWrapKeyType(KeyType keyType)
-{
-    switch (keyType) {
-    case rsaKey:
-	return CKM_RSA_PKCS;
-    /* Add fortezza?? */
-    default:
-	break;
-    }
-    return CKM_INVALID_MECHANISM;
-}
-
-/*
- * Some non-compliant PKCS #11 vendors do not give us the modulus, so actually
- * set up a signature to get the signaure length.
- */
-static int
-pk11_backupGetSignLength(SECKEYPrivateKey *key)
-{
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    CK_MECHANISM mech = {0, NULL, 0 };
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_ULONG len;
-    CK_RV crv;
-    unsigned char h_data[20]  = { 0 };
-    unsigned char buf[20]; /* obviously to small */
-    CK_ULONG smallLen = sizeof(buf);
-
-    mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PORT_SetError( PK11_MapError(crv) );
-	return -1;
-    }
-    len = 0;
-    crv = PK11_GETTAB(slot)->C_Sign(session,h_data,sizeof(h_data),
-					NULL, &len);
-    /* now call C_Sign with too small a buffer to clear the session state */
-    (void) PK11_GETTAB(slot)->
-			C_Sign(session,h_data,sizeof(h_data),buf,&smallLen);
-	
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return -1;
-    }
-    return len;
-}
-/*
- * get the length of a signature object based on the key
- */
-int
-PK11_SignatureLen(SECKEYPrivateKey *key)
-{
-    int val;
-
-    switch (key->keyType) {
-    case rsaKey:
-	val = PK11_GetPrivateModulusLen(key);
-	if (val == -1) {
-	    return pk11_backupGetSignLength(key);
-	}
-	return (unsigned long) val;
-	
-    case fortezzaKey:
-    case dsaKey:
-	return 40;
-
-    default:
-	break;
-    }
-    PORT_SetError( SEC_ERROR_INVALID_KEY );
-    return 0;
-}
-
-PK11SlotInfo *
-PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key)
-{
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    slot = PK11_ReferenceSlot(slot);
-    return slot;
-}
-
-/*
- * Get the modulus length for raw parsing
- */
-int
-PK11_GetPrivateModulusLen(SECKEYPrivateKey *key)
-{
-    CK_ATTRIBUTE theTemplate = { CKA_MODULUS, NULL, 0 };
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    CK_RV crv;
-    int length;
-
-    switch (key->keyType) {
-    case rsaKey:
-	crv = PK11_GetAttributes(NULL, slot, key->pkcs11ID, &theTemplate, 1);
-	if (crv != CKR_OK) {
-	    PORT_SetError( PK11_MapError(crv) );
-	    return -1;
-	}
-	length = theTemplate.ulValueLen;
-	if ( *(unsigned char *)theTemplate.pValue == 0) {
-	    length--;
-	}
-	if (theTemplate.pValue != NULL)
-	    PORT_Free(theTemplate.pValue);
-	return (int) length;
-	
-    case fortezzaKey:
-    case dsaKey:
-    case dhKey:
-    default:
-	break;
-    }
-    if (theTemplate.pValue != NULL)
-	PORT_Free(theTemplate.pValue);
-    PORT_SetError( SEC_ERROR_INVALID_KEY );
-    return -1;
-}
-
-/*
- * copy a key (or any other object) on a token
- */
-CK_OBJECT_HANDLE
-PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject)
-{
-    CK_OBJECT_HANDLE destObject;
-    CK_RV crv;
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_CopyObject(slot->session,srcObject,NULL,0,
-				&destObject);
-    PK11_ExitSlotMonitor(slot);
-    if (crv == CKR_OK) return destObject;
-    PORT_SetError( PK11_MapError(crv) );
-    return CK_INVALID_HANDLE;
-}
-
-
-PK11SymKey *
-pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
-		 	CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
-
-/*
- * The next two utilities are to deal with the fact that a given operation
- * may be a multi-slot affair. This creates a new key object that is copied
- * into the new slot.
- */
-PK11SymKey *
-pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
-		 	CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
-{
-    SECStatus rv;
-    PK11SymKey *newKey = NULL;
-
-    /* Extract the raw key data if possible */
-    if (symKey->data.data == NULL) {
-	rv = PK11_ExtractKeyValue(symKey);
-	/* KEY is sensitive, we're try key exchanging it. */
-	if (rv != SECSuccess) {
-	    return pk11_KeyExchange(slot, type, operation, symKey);
-	}
-    }
-    newKey = PK11_ImportSymKey(slot, type, symKey->origin, operation, 
-						&symKey->data, symKey->cx);
-    if (newKey == NULL) newKey = pk11_KeyExchange(slot,type,operation,symKey);
-    return newKey;
-}
-
-/*
- * Make sure the slot we are in the correct slot for the operation
- */
-static PK11SymKey *
-pk11_ForceSlot(PK11SymKey *symKey,CK_MECHANISM_TYPE type,
-						CK_ATTRIBUTE_TYPE operation)
-{
-    PK11SlotInfo *slot = symKey->slot;
-    PK11SymKey *newKey = NULL;
-
-    if ((slot== NULL) || !PK11_DoesMechanism(slot,type)) {
-	slot = PK11_GetBestSlot(type,symKey->cx);
-	if (slot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    return NULL;
-	}
-	newKey = pk11_CopyToSlot(slot, type, operation, symKey);
-	PK11_FreeSlot(slot);
-    }
-    return newKey;
-}
-
-/*
- * Use the token to Generate a key. keySize must be 'zero' for fixed key
- * length algorithms. NOTE: this means we can never generate a DES2 key
- * from this interface!
- */
-PK11SymKey *
-PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
-    int keySize, SECItem *keyid, PRBool isToken, void *wincx)
-{
-    PK11SymKey *symKey;
-    CK_ATTRIBUTE genTemplate[5];
-    CK_ATTRIBUTE *attrs = genTemplate;
-    int count = sizeof(genTemplate)/sizeof(genTemplate[0]);
-    CK_SESSION_HANDLE session;
-    CK_MECHANISM mechanism;
-    CK_RV crv;
-    PRBool weird = PR_FALSE;   /* hack for fortezza */
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_ULONG ck_key_size;       /* only used for variable-length keys */
-
-    if ((keySize == -1) && (type == CKM_SKIPJACK_CBC64)) {
-	weird = PR_TRUE;
-	keySize = 0;
-    }
-
-    /* TNH: Isn't this redundant, since "handleKey" will set defaults? */
-    PK11_SETATTRS(attrs, (!weird) 
-	? CKA_ENCRYPT : CKA_DECRYPT, &cktrue, sizeof(CK_BBOOL)); attrs++;
-    
-    if (keySize != 0) {
-        ck_key_size = keySize; /* Convert to PK11 type */
-
-        PK11_SETATTRS(attrs, CKA_VALUE_LEN, &ck_key_size, sizeof(ck_key_size)); 
-							attrs++;
-    }
-
-    /* Include key id value if provided */
-    if (keyid) {
-        PK11_SETATTRS(attrs, CKA_ID, keyid->data, keyid->len); attrs++;
-    }
-
-    if (isToken) {
-        PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue));  attrs++;
-        PK11_SETATTRS(attrs, CKA_PRIVATE, &cktrue, sizeof(cktrue));  attrs++;
-    }
-
-    PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(cktrue));  attrs++;
-
-    count = attrs - genTemplate;
-    PR_ASSERT(count <= sizeof(genTemplate)/sizeof(CK_ATTRIBUTE));
-
-    /* find a slot to generate the key into */
-    /* Only do slot management if this is not a token key */
-    if (!isToken && (slot == NULL || !PK11_DoesMechanism(slot,type))) {
-        PK11SlotInfo *bestSlot;
-
-        bestSlot = PK11_GetBestSlot(type,wincx); /* TNH: references the slot? */
-        if (bestSlot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    return NULL;
-	}
-
-        symKey = PK11_CreateSymKey(bestSlot,type,wincx);
-
-        PK11_FreeSlot(bestSlot);
-    } else {
-	symKey = PK11_CreateSymKey(slot, type, wincx);
-    }
-    if (symKey == NULL) return NULL;
-
-    symKey->size = keySize;
-    symKey->origin = (!weird) ? PK11_OriginGenerated : PK11_OriginFortezzaHack;
-
-    /* Initialize the Key Gen Mechanism */
-    mechanism.mechanism = PK11_GetKeyGen(type);
-    if (mechanism.mechanism == CKM_FAKE_RANDOM) {
-	PORT_SetError( SEC_ERROR_NO_MODULE );
-	return NULL;
-    }
-
-    /* Set the parameters for the key gen if provided */
-    mechanism.pParameter = NULL;
-    mechanism.ulParameterLen = 0;
-    if (param) {
-	mechanism.pParameter = param->data;
-	mechanism.ulParameterLen = param->len;
-    }
-
-    /* Get session and perform locking */
-    if (isToken) {
-	PK11_Authenticate(symKey->slot,PR_TRUE,wincx);
-        session = PK11_GetRWSession(symKey->slot);  /* Should always be original slot */
-    } else {
-        session = symKey->session;
-        pk11_EnterKeyMonitor(symKey);
-    }
-
-    crv = PK11_GETTAB(symKey->slot)->C_GenerateKey(session,
-			 &mechanism, genTemplate, count, &symKey->objectID);
-
-    /* Release lock and session */
-    if (isToken) {
-        PK11_RestoreROSession(symKey->slot, session);
-    } else {
-        pk11_ExitKeyMonitor(symKey);
-    }
-
-    if (crv != CKR_OK) {
-	PK11_FreeSymKey(symKey);
-	PORT_SetError( PK11_MapError(crv) );
-	return NULL;
-    }
-
-    return symKey;
-}
-
-PK11SymKey *
-PK11_KeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
-						int keySize, void *wincx)
-{
-    return PK11_TokenKeyGen(slot, type, param, keySize, 0, PR_FALSE, wincx);
-}
-
-/* --- */
-PK11SymKey *
-PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx)
-{
-  return PK11_TokenKeyGen(slot, CKM_DES3_CBC, 0, 0, keyid, PR_TRUE, cx);
-}
-
-/*
- * PKCS #11 pairwise consistency check utilized to validate key pair.
- */
-static SECStatus
-pk11_PairwiseConsistencyCheck(SECKEYPublicKey *pubKey, 
-	SECKEYPrivateKey *privKey, CK_MECHANISM *mech, void* wincx )
-{
-    /* Variables used for Encrypt/Decrypt functions. */
-    unsigned char *known_message = (unsigned char *)"Known Crypto Message";
-    CK_BBOOL isEncryptable = CK_FALSE;
-    CK_BBOOL canSignVerify = CK_FALSE;
-    CK_BBOOL isDerivable = CK_FALSE;
-    unsigned char plaintext[PAIRWISE_MESSAGE_LENGTH];
-    CK_ULONG bytes_decrypted;
-    PK11SlotInfo *slot;
-    CK_OBJECT_HANDLE id;
-    unsigned char *ciphertext;
-    unsigned char *text_compared;
-    CK_ULONG max_bytes_encrypted;
-    CK_ULONG bytes_encrypted;
-    CK_ULONG bytes_compared;
-    CK_RV crv;
-
-    /* Variables used for Signature/Verification functions. */
-    unsigned char *known_digest = (unsigned char *)"Mozilla Rules World!";
-    SECItem  signature;
-    SECItem  digest;    /* always uses SHA-1 digest */
-    int signature_length;
-    SECStatus rv;
-
-    /**************************************************/
-    /* Pairwise Consistency Check of Encrypt/Decrypt. */
-    /**************************************************/
-
-    isEncryptable = PK11_HasAttributeSet( privKey->pkcs11Slot, 
-					privKey->pkcs11ID, CKA_DECRYPT );
-
-    /* If the encryption attribute is set; attempt to encrypt */
-    /* with the public key and decrypt with the private key.  */
-    if( isEncryptable ) {
-	/* Find a module to encrypt against */
-	slot = PK11_GetBestSlot(pk11_mapWrapKeyType(privKey->keyType),wincx);
-	if (slot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    return SECFailure;
-	}
-
-	id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
-	if (id == CK_INVALID_HANDLE) {
-	    PK11_FreeSlot(slot);
-	    return SECFailure;
-	}
-
-        /* Compute max bytes encrypted from modulus length of private key. */
-	max_bytes_encrypted = PK11_GetPrivateModulusLen( privKey );
-
-
-	/* Prepare for encryption using the public key. */
-        PK11_EnterSlotMonitor(slot);
-	crv = PK11_GETTAB( slot )->C_EncryptInit( slot->session,
-						  mech, id );
-        if( crv != CKR_OK ) {
-	    PK11_ExitSlotMonitor(slot);
-	    PORT_SetError( PK11_MapError( crv ) );
-	    PK11_FreeSlot(slot);
-	    return SECFailure;
-	}
-
-	/* Allocate space for ciphertext. */
-	ciphertext = (unsigned char *) PORT_Alloc( max_bytes_encrypted );
-	if( ciphertext == NULL ) {
-	    PK11_ExitSlotMonitor(slot);
-	    PORT_SetError( SEC_ERROR_NO_MEMORY );
-	    PK11_FreeSlot(slot);
-	    return SECFailure;
-	}
-
-	/* Initialize bytes encrypted to max bytes encrypted. */
-	bytes_encrypted = max_bytes_encrypted;
-
-	/* Encrypt using the public key. */
-	crv = PK11_GETTAB( slot )->C_Encrypt( slot->session,
-					      known_message,
-					      PAIRWISE_MESSAGE_LENGTH,
-					      ciphertext,
-					      &bytes_encrypted );
-	PK11_ExitSlotMonitor(slot);
-	PK11_FreeSlot(slot);
-	if( crv != CKR_OK ) {
-	    PORT_SetError( PK11_MapError( crv ) );
-	    PORT_Free( ciphertext );
-	    return SECFailure;
-	}
-
-	/* Always use the smaller of these two values . . . */
-	bytes_compared = ( bytes_encrypted > PAIRWISE_MESSAGE_LENGTH )
-			 ? PAIRWISE_MESSAGE_LENGTH
-			 : bytes_encrypted;
-
-	/* If there was a failure, the plaintext */
-	/* goes at the end, therefore . . .      */
-	text_compared = ( bytes_encrypted > PAIRWISE_MESSAGE_LENGTH )
-			? (ciphertext + bytes_encrypted -
-			  PAIRWISE_MESSAGE_LENGTH )
-			: ciphertext;
-
-	/* Check to ensure that ciphertext does */
-	/* NOT EQUAL known input message text   */
-	/* per FIPS PUB 140-1 directive.        */
-	if( ( bytes_encrypted != max_bytes_encrypted ) ||
-	    ( PORT_Memcmp( text_compared, known_message,
-			   bytes_compared ) == 0 ) ) {
-	    /* Set error to Invalid PRIVATE Key. */
-	    PORT_SetError( SEC_ERROR_INVALID_KEY );
-	    PORT_Free( ciphertext );
-	    return SECFailure;
-	}
-
-	slot = privKey->pkcs11Slot;
-	/* Prepare for decryption using the private key. */
-        PK11_EnterSlotMonitor(slot);
-	crv = PK11_GETTAB( slot )->C_DecryptInit( slot->session,
-						  mech,
-						  privKey->pkcs11ID );
-	if( crv != CKR_OK ) {
-	    PK11_ExitSlotMonitor(slot);
-	    PORT_SetError( PK11_MapError(crv) );
-	    PORT_Free( ciphertext );
-	    return SECFailure;
-	}
-
-	/* Initialize bytes decrypted to be the */
-	/* expected PAIRWISE_MESSAGE_LENGTH.    */
-	bytes_decrypted = PAIRWISE_MESSAGE_LENGTH;
-
-	/* Decrypt using the private key.   */
-	/* NOTE:  No need to reset the      */
-	/*        value of bytes_encrypted. */
-	crv = PK11_GETTAB( slot )->C_Decrypt( slot->session,
-					      ciphertext,
-					      bytes_encrypted,
-					      plaintext,
-					      &bytes_decrypted );
-	PK11_ExitSlotMonitor(slot);
-
-	/* Finished with ciphertext; free it. */
-	PORT_Free( ciphertext );
-
-	if( crv != CKR_OK ) {
-	   PORT_SetError( PK11_MapError(crv) );
-	   return SECFailure;
-	}
-
-	/* Check to ensure that the output plaintext */
-	/* does EQUAL known input message text.      */
-	if( ( bytes_decrypted != PAIRWISE_MESSAGE_LENGTH ) ||
-	    ( PORT_Memcmp( plaintext, known_message,
-			   PAIRWISE_MESSAGE_LENGTH ) != 0 ) ) {
-	    /* Set error to Bad PUBLIC Key. */
-	    PORT_SetError( SEC_ERROR_BAD_KEY );
-	    return SECFailure;
-	}
-      }
-
-    /**********************************************/
-    /* Pairwise Consistency Check of Sign/Verify. */
-    /**********************************************/
-
-    canSignVerify = PK11_HasAttributeSet ( privKey->pkcs11Slot, 
-					  privKey->pkcs11ID, CKA_SIGN);
-    
-    if (canSignVerify)
-      {
-	/* Initialize signature and digest data. */
-	signature.data = NULL;
-	digest.data = NULL;
-	
-	/* Determine length of signature. */
-	signature_length = PK11_SignatureLen( privKey );
-	if( signature_length == 0 )
-	  goto failure;
-	
-	/* Allocate space for signature data. */
-	signature.data = (unsigned char *) PORT_Alloc( signature_length );
-	if( signature.data == NULL ) {
-	  PORT_SetError( SEC_ERROR_NO_MEMORY );
-	  goto failure;
-	}
-	
-	/* Allocate space for known digest data. */
-	digest.data = (unsigned char *) PORT_Alloc( PAIRWISE_DIGEST_LENGTH );
-	if( digest.data == NULL ) {
-	  PORT_SetError( SEC_ERROR_NO_MEMORY );
-	  goto failure;
-	}
-	
-	/* "Fill" signature type and length. */
-	signature.type = PAIRWISE_SECITEM_TYPE;
-	signature.len  = signature_length;
-	
-	/* "Fill" digest with known SHA-1 digest parameters. */
-	digest.type = PAIRWISE_SECITEM_TYPE;
-	PORT_Memcpy( digest.data, known_digest, PAIRWISE_DIGEST_LENGTH );
-	digest.len = PAIRWISE_DIGEST_LENGTH;
-	
-	/* Sign the known hash using the private key. */
-	rv = PK11_Sign( privKey, &signature, &digest );
-	if( rv != SECSuccess )
-	  goto failure;
-	
-	/* Verify the known hash using the public key. */
-	rv = PK11_Verify( pubKey, &signature, &digest, wincx );
-    if( rv != SECSuccess )
-      goto failure;
-	
-	/* Free signature and digest data. */
-	PORT_Free( signature.data );
-	PORT_Free( digest.data );
-      }
-
-
-
-    /**********************************************/
-    /* Pairwise Consistency Check for Derivation  */
-    /**********************************************/
-
-    isDerivable = PK11_HasAttributeSet ( privKey->pkcs11Slot, 
-					  privKey->pkcs11ID, CKA_DERIVE);
-    
-    if (isDerivable)
-      {   
-	/* 
-	 * We are not doing consistency check for Diffie-Hellman Key - 
-	 * otherwise it would be here
-	 */
-
-      }
-
-    return SECSuccess;
-
-failure:
-    if( signature.data != NULL )
-	PORT_Free( signature.data );
-    if( digest.data != NULL )
-	PORT_Free( digest.data );
-
-    return SECFailure;
-}
-
-
-
-/*
- * take a private key in one pkcs11 module and load it into another:
- *  NOTE: the source private key is a rare animal... it can't be sensitive.
- *  This is used to do a key gen using one pkcs11 module and storing the
- *  result into another.
- */
-SECKEYPrivateKey *
-pk11_loadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey, 
-		SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive) 
-{
-    CK_ATTRIBUTE privTemplate[] = {
-        /* class must be first */
-	{ CKA_CLASS, NULL, 0 },
-	{ CKA_KEY_TYPE, NULL, 0 },
-	/* these three must be next */
-	{ CKA_TOKEN, NULL, 0 },
-	{ CKA_PRIVATE, NULL, 0 },
-	{ CKA_SENSITIVE, NULL, 0 },
-	{ CKA_ID, NULL, 0 },
-#ifdef notdef
-	{ CKA_LABEL, NULL, 0 },
-	{ CKA_SUBJECT, NULL, 0 },
-#endif
-	/* RSA */
-	{ CKA_MODULUS, NULL, 0 },
-	{ CKA_PRIVATE_EXPONENT, NULL, 0 },
-	{ CKA_PUBLIC_EXPONENT, NULL, 0 },
-	{ CKA_PRIME_1, NULL, 0 },
-	{ CKA_PRIME_2, NULL, 0 },
-	{ CKA_EXPONENT_1, NULL, 0 },
-	{ CKA_EXPONENT_2, NULL, 0 },
-	{ CKA_COEFFICIENT, NULL, 0 },
-    };
-    CK_ATTRIBUTE *attrs = NULL, *ap;
-    int templateSize = sizeof(privTemplate)/sizeof(privTemplate[0]);
-    PRArenaPool *arena;
-    CK_OBJECT_HANDLE objectID;
-    int i, count = 0;
-    int extra_count = 0;
-    CK_RV crv;
-    SECStatus rv;
-
-    for (i=0; i < templateSize; i++) {
-	if (privTemplate[i].type == CKA_MODULUS) {
-	    attrs= &privTemplate[i];
-	    count = i;
-	    break;
-	}
-    }
-    PORT_Assert(attrs != NULL);
-    if (attrs == NULL) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return NULL;
-    }
-
-    ap = attrs;
-
-    switch (privKey->keyType) {
-    case rsaKey:
-	count = templateSize;
-	extra_count = templateSize - (attrs - privTemplate);
-	break;
-    case dsaKey:
-	ap->type = CKA_PRIME; ap++; count++; extra_count++;
-	ap->type = CKA_SUBPRIME; ap++; count++; extra_count++;
-	ap->type = CKA_BASE; ap++; count++; extra_count++;
-	ap->type = CKA_VALUE; ap++; count++; extra_count++;
-	break;
-    case dhKey:
-	ap->type = CKA_PRIME; ap++; count++; extra_count++;
-	ap->type = CKA_BASE; ap++; count++; extra_count++;
-	ap->type = CKA_VALUE; ap++; count++; extra_count++;
-	break;
-     default:
-	count = 0;
-	extra_count = 0;
-	break;
-     }
-
-     if (count == 0) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return NULL;
-     }
-
-     arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
-     if (arena == NULL) return NULL;
-     /*
-      * read out the old attributes.
-      */
-     crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID,
-		privTemplate,count);
-     if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	PORT_FreeArena(arena, PR_TRUE);
-	return NULL;
-     }
-
-     /* Reset sensitive, token, and private */
-     *(CK_BBOOL *)(privTemplate[2].pValue) = token ? CK_TRUE : CK_FALSE;
-     *(CK_BBOOL *)(privTemplate[3].pValue) = token ? CK_TRUE : CK_FALSE;
-     *(CK_BBOOL *)(privTemplate[4].pValue) = sensitive ? CK_TRUE : CK_FALSE;
-
-     /* Not everyone can handle zero padded key values, give
-      * them the raw data as unsigned */
-     for (ap=attrs; extra_count; ap++, extra_count--) {
-	pk11_SignedToUnsigned(ap);
-     }
-
-     /* now Store the puppies */
-     rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, privTemplate, 
-						count, token, &objectID);
-     PORT_FreeArena(arena, PR_TRUE);
-     if (rv != SECSuccess) {
-	return NULL;
-     }
-
-     /* try loading the public key as a token object */
-     if (pubKey) {
-	PK11_ImportPublicKey(slot, pubKey, PR_TRUE);
-	if (pubKey->pkcs11Slot) {
-	    PK11_FreeSlot(pubKey->pkcs11Slot);
-	    pubKey->pkcs11Slot = NULL;
-	    pubKey->pkcs11ID = CK_INVALID_HANDLE;
-	}
-     }
-
-     /* build new key structure */
-     return PK11_MakePrivKey(slot, privKey->keyType, (PRBool)!token, 
-						objectID, privKey->wincx);
-}
-
-/*
- * export this for PSM
- */
-SECKEYPrivateKey *
-PK11_LoadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey, 
-		SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive) 
-{
-    return pk11_loadPrivKey(slot,privKey,pubKey,token,sensitive);
-}
-
-
-/*
- * Use the token to Generate a key. keySize must be 'zero' for fixed key
- * length algorithms. NOTE: this means we can never generate a DES2 key
- * from this interface!
- */
-SECKEYPrivateKey *
-PK11_GenerateKeyPair(PK11SlotInfo *slot,CK_MECHANISM_TYPE type, 
-   void *param, SECKEYPublicKey **pubKey, PRBool token, 
-					PRBool sensitive, void *wincx)
-{
-    /* we have to use these native types because when we call PKCS 11 modules
-     * we have to make sure that we are using the correct sizes for all the
-     * parameters. */
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_ULONG modulusBits;
-    CK_BYTE publicExponent[4];
-    CK_ATTRIBUTE privTemplate[] = {
-	{ CKA_SENSITIVE, NULL, 0},
-	{ CKA_TOKEN,  NULL, 0},
-	{ CKA_PRIVATE,  NULL, 0},
-	{ CKA_DERIVE,  NULL, 0},
-	{ CKA_UNWRAP,  NULL, 0},
-	{ CKA_SIGN,  NULL, 0},
-	{ CKA_DECRYPT,  NULL, 0},
-    };
-    CK_ATTRIBUTE rsaPubTemplate[] = {
-	{ CKA_MODULUS_BITS, NULL, 0},
-	{ CKA_PUBLIC_EXPONENT, NULL, 0},
-	{ CKA_TOKEN,  NULL, 0},
-	{ CKA_DERIVE,  NULL, 0},
-	{ CKA_WRAP,  NULL, 0},
-	{ CKA_VERIFY,  NULL, 0},
-	{ CKA_VERIFY_RECOVER,  NULL, 0},
-	{ CKA_ENCRYPT,  NULL, 0},
-    };
-    CK_ATTRIBUTE dsaPubTemplate[] = {
-	{ CKA_PRIME, NULL, 0 },
-	{ CKA_SUBPRIME, NULL, 0 },
-	{ CKA_BASE, NULL, 0 },
-	{ CKA_TOKEN,  NULL, 0},
-	{ CKA_DERIVE,  NULL, 0},
-	{ CKA_WRAP,  NULL, 0},
-	{ CKA_VERIFY,  NULL, 0},
-	{ CKA_VERIFY_RECOVER,  NULL, 0},
-	{ CKA_ENCRYPT,  NULL, 0},
-    };
-    CK_ATTRIBUTE dhPubTemplate[] = {
-      { CKA_PRIME, NULL, 0 }, 
-      { CKA_BASE, NULL, 0 }, 
-      { CKA_TOKEN,  NULL, 0},
-      { CKA_DERIVE,  NULL, 0},
-      { CKA_WRAP,  NULL, 0},
-      { CKA_VERIFY,  NULL, 0},
-      { CKA_VERIFY_RECOVER,  NULL, 0},
-      { CKA_ENCRYPT,  NULL, 0},
-    };
-
-    int dsaPubCount = sizeof(dsaPubTemplate)/sizeof(dsaPubTemplate[0]);
-    /*CK_ULONG key_size = 0;*/
-    CK_ATTRIBUTE *pubTemplate;
-    int privCount = sizeof(privTemplate)/sizeof(privTemplate[0]);
-    int rsaPubCount = sizeof(rsaPubTemplate)/sizeof(rsaPubTemplate[0]);
-    int dhPubCount = sizeof(dhPubTemplate)/sizeof(dhPubTemplate[0]);
-    int pubCount = 0;
-    PK11RSAGenParams *rsaParams;
-    SECKEYPQGParams *dsaParams;
-    SECKEYDHParams * dhParams;
-    CK_MECHANISM mechanism;
-    CK_MECHANISM test_mech;
-    CK_SESSION_HANDLE session_handle;
-    CK_RV crv;
-    CK_OBJECT_HANDLE privID,pubID;
-    SECKEYPrivateKey *privKey;
-    KeyType keyType;
-    PRBool restore;
-    int peCount,i;
-    CK_ATTRIBUTE *attrs;
-    CK_ATTRIBUTE *privattrs;
-    SECItem *pubKeyIndex;
-    CK_ATTRIBUTE setTemplate;
-    SECStatus rv;
-    CK_MECHANISM_INFO mechanism_info;
-    CK_OBJECT_CLASS keyClass;
-    SECItem *cka_id;
-    PRBool haslock = PR_FALSE;
-    PRBool pubIsToken = PR_FALSE;
-
-    PORT_Assert(slot != NULL);
-    if (slot == NULL) {
-	PORT_SetError( SEC_ERROR_NO_MODULE);
-	return NULL;
-    }
-
-    /* if our slot really doesn't do this mechanism, Generate the key
-     * in our internal token and write it out */
-    if (!PK11_DoesMechanism(slot,type)) {
-	PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
-	/* don't loop forever looking for a slot */
-	if (slot == int_slot) {
-	    PK11_FreeSlot(int_slot);
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	    return NULL;
-	}
-
-	/* if there isn't a suitable slot, then we can't do the keygen */
-	if (int_slot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    return NULL;
-	}
-
-	/* generate the temporary key to load */
-	privKey = PK11_GenerateKeyPair(int_slot,type, param, pubKey, PR_FALSE, 
-							PR_FALSE, wincx);
-	PK11_FreeSlot(int_slot);
-
-	/* if successful, load the temp key into the new token */
-	if (privKey != NULL) {
-	    SECKEYPrivateKey *newPrivKey = pk11_loadPrivKey(slot,privKey,
-						*pubKey,token,sensitive);
-	    SECKEY_DestroyPrivateKey(privKey);
-	    if (newPrivKey == NULL) {
-		SECKEY_DestroyPublicKey(*pubKey);
-		*pubKey = NULL;
-	    }
-	    return newPrivKey;
-	}
-	return NULL;
-   }
-
-
-    mechanism.mechanism = type;
-    mechanism.pParameter = NULL;
-    mechanism.ulParameterLen = 0;
-    test_mech.pParameter = NULL;
-    test_mech.ulParameterLen = 0;
-
-    /* set up the private key template */
-    privattrs = privTemplate;
-    PK11_SETATTRS(privattrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse, 
-					sizeof(CK_BBOOL)); privattrs++;
-    PK11_SETATTRS(privattrs, CKA_TOKEN, token ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); privattrs++;
-    PK11_SETATTRS(privattrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); privattrs++;
-
-    /* set up the mechanism specific info */
-    switch (type) {
-    case CKM_RSA_PKCS_KEY_PAIR_GEN:
-	rsaParams = (PK11RSAGenParams *)param;
-	modulusBits = rsaParams->keySizeInBits;
-	peCount = 0;
-
-	/* convert pe to a PKCS #11 string */
-	for (i=0; i < 4; i++) {
-	    if (peCount || (rsaParams->pe & 
-				((unsigned long)0xff000000L >> (i*8)))) {
-		publicExponent[peCount] = 
-				(CK_BYTE)((rsaParams->pe >> (3-i)*8) & 0xff);
-		peCount++;
-	    }
-	}
-	PORT_Assert(peCount != 0);
-	attrs = rsaPubTemplate;
-	PK11_SETATTRS(attrs, CKA_MODULUS_BITS, 
-				&modulusBits, sizeof(modulusBits)); attrs++;
-	PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, 
-				publicExponent, peCount);attrs++;
-	pubTemplate = rsaPubTemplate;
-	pubCount = rsaPubCount;
-	keyType = rsaKey;
-	test_mech.mechanism = CKM_RSA_PKCS;
-	break;
-    case CKM_DSA_KEY_PAIR_GEN:
-	dsaParams = (SECKEYPQGParams *)param;
-	attrs = dsaPubTemplate;
-	PK11_SETATTRS(attrs, CKA_PRIME, dsaParams->prime.data,
-				dsaParams->prime.len); attrs++;
-	PK11_SETATTRS(attrs, CKA_SUBPRIME, dsaParams->subPrime.data,
-					dsaParams->subPrime.len); attrs++;
-	PK11_SETATTRS(attrs, CKA_BASE, dsaParams->base.data,
-						dsaParams->base.len); attrs++;
-	pubTemplate = dsaPubTemplate;
-	pubCount = dsaPubCount;
-	keyType = dsaKey;
-	test_mech.mechanism = CKM_DSA;
-	break;
-    case CKM_DH_PKCS_KEY_PAIR_GEN:
-        dhParams = (SECKEYDHParams *)param;
-        attrs = dhPubTemplate;
-        PK11_SETATTRS(attrs, CKA_PRIME, dhParams->prime.data,
-                      dhParams->prime.len);   attrs++;
-        PK11_SETATTRS(attrs, CKA_BASE, dhParams->base.data,
-                      dhParams->base.len);    attrs++;
-        pubTemplate = dhPubTemplate;
-	pubCount = dhPubCount;
-        keyType = dhKey;
-        test_mech.mechanism = CKM_DH_PKCS_DERIVE;
-	break;
-    default:
-	PORT_SetError( SEC_ERROR_BAD_KEY );
-	return NULL;
-    }
-
-    /* now query the slot to find out how "good" a key we can generate */
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
-				test_mech.mechanism,&mechanism_info);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if ((crv != CKR_OK) || (mechanism_info.flags == 0)) {
-	/* must be old module... guess what it should be... */
-	switch (test_mech.mechanism) {
-	case CKM_RSA_PKCS:
-		mechanism_info.flags = (CKF_SIGN | CKF_DECRYPT | 
-			CKF_WRAP | CKF_VERIFY_RECOVER | CKF_ENCRYPT | CKF_WRAP);;
-		break;
-	case CKM_DSA:
-		mechanism_info.flags = CKF_SIGN | CKF_VERIFY;
-		break;
-	case CKM_DH_PKCS_DERIVE:
-		mechanism_info.flags = CKF_DERIVE;
-		break;
-	default:
-	       break;
-	}
-    }
-    /* set the public key objects */
-    PK11_SETATTRS(attrs, CKA_TOKEN, token ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); attrs++;
-    PK11_SETATTRS(attrs, CKA_DERIVE, 
-		mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); attrs++;
-    PK11_SETATTRS(attrs, CKA_WRAP, 
-		mechanism_info.flags & CKF_WRAP ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); attrs++;
-    PK11_SETATTRS(attrs, CKA_VERIFY, 
-		mechanism_info.flags & CKF_VERIFY ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); attrs++;
-    PK11_SETATTRS(attrs, CKA_VERIFY_RECOVER, 
-		mechanism_info.flags & CKF_VERIFY_RECOVER ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); attrs++;
-    PK11_SETATTRS(attrs, CKA_ENCRYPT, 
-		mechanism_info.flags & CKF_ENCRYPT? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); attrs++;
-    PK11_SETATTRS(privattrs, CKA_DERIVE, 
-		mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); privattrs++;
-    PK11_SETATTRS(privattrs, CKA_UNWRAP, 
-		mechanism_info.flags & CKF_UNWRAP ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); privattrs++;
-    PK11_SETATTRS(privattrs, CKA_SIGN, 
-		mechanism_info.flags & CKF_SIGN ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); privattrs++;
-    PK11_SETATTRS(privattrs, CKA_DECRYPT, 
-		mechanism_info.flags & CKF_DECRYPT ? &cktrue : &ckfalse,
-					 sizeof(CK_BBOOL)); privattrs++;
-
-    if (token) {
-	session_handle = PK11_GetRWSession(slot);
-	haslock = PK11_RWSessionHasLock(slot,session_handle);
-	restore = PR_TRUE;
-    } else {
-        PK11_EnterSlotMonitor(slot); /* gross!! */
-	session_handle = slot->session;
-	restore = PR_FALSE;
-	haslock = PR_TRUE;
-    }
-
-    crv = PK11_GETTAB(slot)->C_GenerateKeyPair(session_handle, &mechanism,
-	pubTemplate,pubCount,privTemplate,privCount,&pubID,&privID);
-
-
-    if (crv != CKR_OK) {
-	if (restore)  {
-	    PK11_RestoreROSession(slot,session_handle);
-	} else PK11_ExitSlotMonitor(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return NULL;
-    }
-    /* This locking code is dangerous and needs to be more thought
-     * out... the real problem is that we're holding the mutex open this long
-     */
-    if (haslock) { PK11_ExitSlotMonitor(slot); }
-
-    /* swap around the ID's for older PKCS #11 modules */
-    keyClass = PK11_ReadULongAttribute(slot,pubID,CKA_CLASS);
-    if (keyClass != CKO_PUBLIC_KEY) {
-	CK_OBJECT_HANDLE tmp = pubID;
-	pubID = privID;
-	privID = tmp;
-    }
-
-    *pubKey = PK11_ExtractPublicKey(slot, keyType, pubID);
-    if (*pubKey == NULL) {
-	if (restore)  {
-	    /* we may have to restore the mutex so it get's exited properly
-	     * in RestoreROSession */
-            if (haslock)  PK11_EnterSlotMonitor(slot); 
-	    PK11_RestoreROSession(slot,session_handle);
-	} 
-	PK11_DestroyObject(slot,pubID);
-	PK11_DestroyObject(slot,privID);
-	return NULL;
-    }
-
-    /* set the ID to the public key so we can find it again */
-    pubKeyIndex =  NULL;
-    switch (type) {
-    case CKM_RSA_PKCS_KEY_PAIR_GEN:
-      pubKeyIndex = &(*pubKey)->u.rsa.modulus;
-      break;
-    case CKM_DSA_KEY_PAIR_GEN:
-      pubKeyIndex = &(*pubKey)->u.dsa.publicValue;
-      break;
-    case CKM_DH_PKCS_KEY_PAIR_GEN:
-      pubKeyIndex = &(*pubKey)->u.dh.publicValue;
-      break;      
-    }
-    PORT_Assert(pubKeyIndex != NULL);
-
-    cka_id = PK11_MakeIDFromPubKey(pubKeyIndex);
-    pubIsToken = (PRBool)PK11_HasAttributeSet(slot,pubID, CKA_TOKEN);
-
-    PK11_SETATTRS(&setTemplate, CKA_ID, cka_id->data, cka_id->len);
-
-    if (haslock) { PK11_EnterSlotMonitor(slot); }
-    crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, privID,
-		&setTemplate, 1);
-   
-    if (crv == CKR_OK && pubIsToken) {
-    	crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, pubID,
-		&setTemplate, 1);
-    }
-
-
-    if (restore) {
-	PK11_RestoreROSession(slot,session_handle);
-    } else {
-	PK11_ExitSlotMonitor(slot);
-    }
-    SECITEM_FreeItem(cka_id,PR_TRUE);
-
-
-    if (crv != CKR_OK) {
-	PK11_DestroyObject(slot,pubID);
-	PK11_DestroyObject(slot,privID);
-	PORT_SetError( PK11_MapError(crv) );
-	*pubKey = NULL;
-	return NULL;
-    }
-
-    privKey = PK11_MakePrivKey(slot,keyType,(PRBool)!token,privID,wincx);
-    if (privKey == NULL) {
-	SECKEY_DestroyPublicKey(*pubKey);
-	PK11_DestroyObject(slot,privID);
-	*pubKey = NULL;
-	return NULL;  /* due to pairwise consistency check */
-    }
-
-    /* Perform PKCS #11 pairwise consistency check. */
-    rv = pk11_PairwiseConsistencyCheck( *pubKey, privKey, &test_mech, wincx );
-    if( rv != SECSuccess ) {
-	SECKEY_DestroyPublicKey( *pubKey );
-	SECKEY_DestroyPrivateKey( privKey );
-	*pubKey = NULL;
-	privKey = NULL;
-	return NULL;
-    }
-
-    return privKey;
-}
-
-/*
- * This function does a straight public key wrap (which only RSA can do).
- * Use PK11_PubGenKey and PK11_WrapSymKey to implement the FORTEZZA and
- * Diffie-Hellman Ciphers. */
-SECStatus
-PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
-				PK11SymKey *symKey, SECItem *wrappedKey)
-{
-    PK11SlotInfo *slot;
-    CK_ULONG len =  wrappedKey->len;
-    PK11SymKey *newKey = NULL;
-    CK_OBJECT_HANDLE id;
-    CK_MECHANISM mechanism;
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_RV crv;
-
-    /* if this slot doesn't support the mechanism, go to a slot that does */
-    newKey = pk11_ForceSlot(symKey,type,CKA_ENCRYPT);
-    if (newKey != NULL) {
-	symKey = newKey;
-    }
-
-    if ((symKey == NULL) || (symKey->slot == NULL)) {
-	PORT_SetError( SEC_ERROR_NO_MODULE );
-	return SECFailure;
-    }
-
-    slot = symKey->slot;
-    mechanism.mechanism = pk11_mapWrapKeyType(pubKey->keyType);
-    mechanism.pParameter = NULL;
-    mechanism.ulParameterLen = 0;
-
-    id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_WrapKey(session,&mechanism,
-		id,symKey->objectID,wrappedKey->data,&len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    if (newKey) {
-	PK11_FreeSymKey(newKey);
-    }
-
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    wrappedKey->len = len;
-    return SECSuccess;
-} 
-
-/*
- * this little function uses the Encrypt function to wrap a key, just in
- * case we have problems with the wrap implementation for a token.
- */
-static SECStatus
-pk11_HandWrap(PK11SymKey *wrappingKey, SECItem *param, CK_MECHANISM_TYPE type,
-			 SECItem *inKey, SECItem *outKey)
-{
-    PK11SlotInfo *slot;
-    CK_ULONG len;
-    SECItem *data;
-    CK_MECHANISM mech;
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_RV crv;
-
-    slot = wrappingKey->slot;
-    /* use NULL IV's for wrapping */
-    mech.mechanism = type;
-    if (param) {
-	mech.pParameter = param->data;
-	mech.ulParameterLen = param->len;
-    } else {
-	mech.pParameter = NULL;
-	mech.ulParameterLen = 0;
-    }
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,
-							wrappingKey->objectID);
-    if (crv != CKR_OK) {
-        if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-        pk11_CloseSession(slot,session,owner);
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-
-    /* keys are almost always aligned, but if we get this far,
-     * we've gone above and beyond anyway... */
-    data = PK11_BlockData(inKey,PK11_GetBlockSize(type,param));
-    if (data == NULL) {
-        if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-        pk11_CloseSession(slot,session,owner);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    len = outKey->len;
-    crv = PK11_GETTAB(slot)->C_Encrypt(session,data->data,data->len,
-							   outKey->data, &len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    SECITEM_FreeItem(data,PR_TRUE);
-    outKey->len = len;
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * This function does a symetric based wrap.
- */
-SECStatus
-PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *param, 
-	PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey)
-{
-    PK11SlotInfo *slot;
-    CK_ULONG len = wrappedKey->len;
-    PK11SymKey *newKey = NULL;
-    SECItem *param_save = NULL;
-    CK_MECHANISM mechanism;
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_RV crv;
-    SECStatus rv;
-
-    /* if this slot doesn't support the mechanism, go to a slot that does */
-    /* Force symKey and wrappingKey into the same slot */
-    if ((wrappingKey->slot == NULL) || (symKey->slot != wrappingKey->slot)) {
-	/* first try copying the wrapping Key to the symKey slot */
-	if (symKey->slot && PK11_DoesMechanism(symKey->slot,type)) {
-	    newKey = pk11_CopyToSlot(symKey->slot,type,CKA_WRAP,wrappingKey);
-	}
-	/* Nope, try it the other way */
-	if (newKey == NULL) {
-	    if (wrappingKey->slot) {
-	        newKey = pk11_CopyToSlot(wrappingKey->slot,
-					symKey->type, CKA_ENCRYPT, symKey);
-	    }
-	    /* just not playing... one last thing, can we get symKey's data?
-	     * If it's possible, we it should already be in the 
-	     * symKey->data.data pointer because pk11_CopyToSlot would have
-	     * tried to put it there. */
-	    if (newKey == NULL) {
-		/* Can't get symKey's data: Game Over */
-		if (symKey->data.data == NULL) {
-		    PORT_SetError( SEC_ERROR_NO_MODULE );
-		    return SECFailure;
-		}
-		if (param == NULL) {
-		    param_save = param = PK11_ParamFromIV(type,NULL);
-		}
-		rv = pk11_HandWrap(wrappingKey, param, type,
-						&symKey->data,wrappedKey);
-		if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
-		return rv;
-	    }
-	    /* we successfully moved the sym Key */
-	    symKey = newKey;
-	} else {
-	    /* we successfully moved the wrapping Key */
-	    wrappingKey = newKey;
-	}
-    }
-
-    /* at this point both keys are in the same token */
-    slot = wrappingKey->slot;
-    mechanism.mechanism = type;
-    /* use NULL IV's for wrapping */
-    if (param == NULL) {
-    	param_save = param = PK11_ParamFromIV(type,NULL);
-    }
-    if (param) {
-	mechanism.pParameter = param->data;
-	mechanism.ulParameterLen = param->len;
-    } else {
-	mechanism.pParameter = NULL;
-	mechanism.ulParameterLen = 0;
-    }
-
-    len = wrappedKey->len;
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_WrapKey(session, &mechanism,
-		 wrappingKey->objectID, symKey->objectID, 
-						wrappedKey->data, &len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    rv = SECSuccess;
-    if (crv != CKR_OK) {
-	/* can't wrap it? try hand wrapping it... */
-	do {
-	    if (symKey->data.data == NULL) {
-		rv = PK11_ExtractKeyValue(symKey);
-		if (rv != SECSuccess) break;
-	    }
-	    rv = pk11_HandWrap(wrappingKey, param, type, &symKey->data,
-								 wrappedKey);
-	} while (PR_FALSE);
-    } else {
-        wrappedKey->len = len;
-    }
-    if (newKey) PK11_FreeSymKey(newKey);
-    if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
-    return rv;
-} 
-
-/*
- * This Generates a new key based on a symetricKey
- */
-PK11SymKey *
-PK11_Derive( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, SECItem *param, 
-             CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
-	     int keySize)
-{
-    return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation, 
-				   keySize, NULL, 0);
-}
-
-
-PK11SymKey *
-PK11_DeriveWithFlags( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, 
-	SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, 
-	int keySize, CK_FLAGS flags)
-{
-    CK_BBOOL        ckTrue	= CK_TRUE; 
-    CK_ATTRIBUTE    keyTemplate[MAX_TEMPL_ATTRS];
-    unsigned int    templateCount;
-
-    templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
-    return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation, 
-				   keySize, keyTemplate, templateCount);
-}
-
-static PRBool
-pk11_FindAttrInTemplate(CK_ATTRIBUTE *    attr, 
-                        unsigned int      numAttrs,
-			CK_ATTRIBUTE_TYPE target)
-{
-    for (; numAttrs > 0; ++attr, --numAttrs) {
-    	if (attr->type == target)
-	    return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-static PK11SymKey *
-pk11_DeriveWithTemplate( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, 
-	SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, 
-	int keySize, CK_ATTRIBUTE *userAttr, unsigned int numAttrs)
-{
-    PK11SlotInfo *  slot	= baseKey->slot;
-    PK11SymKey *    symKey;
-    PK11SymKey *    newBaseKey	= NULL;
-    CK_BBOOL        cktrue	= CK_TRUE; 
-    CK_OBJECT_CLASS keyClass	= CKO_SECRET_KEY;
-    CK_KEY_TYPE     keyType	= CKK_GENERIC_SECRET;
-    CK_ULONG        valueLen	= 0;
-    CK_MECHANISM    mechanism; 
-    CK_RV           crv;
-    CK_ATTRIBUTE    keyTemplate[MAX_TEMPL_ATTRS];
-    CK_ATTRIBUTE *  attrs	= keyTemplate;
-    unsigned int    templateCount;
-
-    if (numAttrs > MAX_TEMPL_ATTRS) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    /* first copy caller attributes in. */
-    for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
-    	*attrs++ = *userAttr++;
-    }
-
-    /* We only add the following attributes to the template if the caller
-    ** didn't already supply them.
-    */
-    if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
-	PK11_SETATTRS(attrs, CKA_CLASS,     &keyClass, sizeof keyClass); 
-	attrs++;
-    }
-    if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
-	keyType = PK11_GetKeyType(target, keySize);
-	PK11_SETATTRS(attrs, CKA_KEY_TYPE,  &keyType,  sizeof keyType ); 
-	attrs++;
-    }
-    if (keySize > 0 &&
-    	  !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
-	valueLen = (CK_ULONG)keySize;
-	PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen); 
-	attrs++;
-    }
-    if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
-	PK11_SETATTRS(attrs, operation, &cktrue, sizeof cktrue); attrs++;
-    }
-
-    templateCount = attrs - keyTemplate;
-    PR_ASSERT(templateCount <= MAX_TEMPL_ATTRS);
-
-    /* move the key to a slot that can do the function */
-    if (!PK11_DoesMechanism(slot,derive)) {
-	/* get a new base key & slot */
-	PK11SlotInfo *newSlot = PK11_GetBestSlot(derive, baseKey->cx);
-
-	if (newSlot == NULL) return NULL;
-
-        newBaseKey = pk11_CopyToSlot (newSlot, derive, CKA_DERIVE, 
-				     baseKey);
-	PK11_FreeSlot(newSlot);
-	if (newBaseKey == NULL) return NULL;	
-	baseKey = newBaseKey;
-	slot = baseKey->slot;
-    }
-
-
-    /* get our key Structure */
-    symKey = PK11_CreateSymKey(slot,target,baseKey->cx);
-    if (symKey == NULL) {
-	return NULL;
-    }
-
-    symKey->size = keySize;
-
-    mechanism.mechanism = derive;
-    if (param) {
-	mechanism.pParameter = param->data;
-	mechanism.ulParameterLen = param->len;
-    } else {
-	mechanism.pParameter = NULL;
-	mechanism.ulParameterLen = 0;
-    }
-    symKey->origin=PK11_OriginDerive;
-
-    pk11_EnterKeyMonitor(symKey);
-    crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
-	     baseKey->objectID, keyTemplate, templateCount, &symKey->objectID);
-    pk11_ExitKeyMonitor(symKey);
-
-    if (newBaseKey) PK11_FreeSymKey(newBaseKey);
-    if (crv != CKR_OK) {
-	PK11_FreeSymKey(symKey);
-	return NULL;
-    }
-    return symKey;
-}
-
-/* build a public KEA key from the public value */
-SECKEYPublicKey *
-PK11_MakeKEAPubKey(unsigned char *keyData,int length)
-{
-    SECKEYPublicKey *pubk;
-    SECItem pkData;
-    SECStatus rv;
-    PRArenaPool *arena;
-
-    pkData.data = keyData;
-    pkData.len = length;
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	return NULL;
-
-    pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
-    if (pubk == NULL) {
-	PORT_FreeArena (arena, PR_FALSE);
-	return NULL;
-    }
-
-    pubk->arena = arena;
-    pubk->pkcs11Slot = 0;
-    pubk->pkcs11ID = CK_INVALID_HANDLE;
-    pubk->keyType = fortezzaKey;
-    rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.KEAKey, &pkData);
-    if (rv != SECSuccess) {
-	PORT_FreeArena (arena, PR_FALSE);
-	return NULL;
-    }
-    return pubk;
-}
-	
-
-/*
- * This Generates a wrapping key based on a privateKey, publicKey, and two
- * random numbers. For Mail usage RandomB should be NULL. In the Sender's
- * case RandomA is generate, outherwize it is passed.
- */
-static unsigned char *rb_email = NULL;
-
-PK11SymKey *
-PK11_PubDerive(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey, 
-   PRBool isSender, SECItem *randomA, SECItem *randomB, 
-    CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
-			CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx)
-{
-    PK11SlotInfo *slot = privKey->pkcs11Slot;
-    CK_MECHANISM mechanism;
-    PK11SymKey *symKey;
-    CK_RV crv;
-
-
-    if (rb_email == NULL) {
-	rb_email = PORT_ZAlloc(128);
-	if (rb_email == NULL) {
-	    return NULL;
-	}
-	rb_email[127] = 1;
-    }
-
-    /* get our key Structure */
-    symKey = PK11_CreateSymKey(slot,target,wincx);
-    if (symKey == NULL) {
-	return NULL;
-    }
-
-    symKey->origin = PK11_OriginDerive;
-
-    switch (privKey->keyType) {
-    case rsaKey:
-    case nullKey:
-	PORT_SetError(SEC_ERROR_BAD_KEY);
-	break;
-    case dsaKey:
-    case keaKey:
-    case fortezzaKey:
-	{
-	    CK_KEA_DERIVE_PARAMS param;
-	    param.isSender = (CK_BBOOL) isSender;
-	    param.ulRandomLen = randomA->len;
-	    param.pRandomA = randomA->data;
-	    param.pRandomB = rb_email;
-	    if (randomB)
-		 param.pRandomB = randomB->data;
-	    if (pubKey->keyType == fortezzaKey) {
-		param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
-		param.pPublicData = pubKey->u.fortezza.KEAKey.data;
-	    } else {
-		/* assert type == keaKey */
-		/* XXX change to match key key types */
-		param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
-		param.pPublicData = pubKey->u.fortezza.KEAKey.data;
-	    }
-
-	    mechanism.mechanism = derive;
-	    mechanism.pParameter = &param;
-	    mechanism.ulParameterLen = sizeof(param);
-
-	    /* get a new symKey structure */
-	    pk11_EnterKeyMonitor(symKey);
-	    crv=PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
-			privKey->pkcs11ID, NULL, 0, &symKey->objectID);
-	    pk11_ExitKeyMonitor(symKey);
-	    if (crv == CKR_OK) return symKey;
-	    PORT_SetError( PK11_MapError(crv) );
-	}
-	break;
-    case dhKey:
-	{
-	    CK_BBOOL cktrue = CK_TRUE;
-	    CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
-	    CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
-	    CK_ULONG key_size = 0;
-	    CK_ATTRIBUTE keyTemplate[4];
-	    int templateCount;
-	    CK_ATTRIBUTE *attrs = keyTemplate;
-
-	    if (pubKey->keyType != dhKey) {
-		PORT_SetError(SEC_ERROR_BAD_KEY);
-		break;
-	    }
-
-	    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
-	    attrs++;
-	    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
-	    attrs++;
-	    PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
-	    PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size)); 
-	    attrs++;
-	    templateCount =  attrs - keyTemplate;
-	    PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
-	    keyType = PK11_GetKeyType(target,keySize);
-	    key_size = keySize;
-	    symKey->size = keySize;
-	    if (key_size == 0) templateCount--;
-
-	    mechanism.mechanism = derive;
-
-	    /* we can undefine these when we define diffie-helman keys */
-	    mechanism.pParameter = pubKey->u.dh.publicValue.data; 
-	    mechanism.ulParameterLen = pubKey->u.dh.publicValue.len;
-		
-	    pk11_EnterKeyMonitor(symKey);
-	    crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
-	     privKey->pkcs11ID, keyTemplate, templateCount, &symKey->objectID);
-	    pk11_ExitKeyMonitor(symKey);
-	    if (crv == CKR_OK) return symKey;
-	    PORT_SetError( PK11_MapError(crv) );
-	}
-	break;
-   }
-
-   PK11_FreeSymKey(symKey);
-   return NULL;
-}
-
-/*
- * this little function uses the Decrypt function to unwrap a key, just in
- * case we are having problem with unwrap. NOTE: The key size may
- * not be preserved properly for some algorithms!
- */
-static PK11SymKey *
-pk11_HandUnwrap(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
-                CK_MECHANISM *mech, SECItem *inKey, CK_MECHANISM_TYPE target, 
-		CK_ATTRIBUTE *keyTemplate, unsigned int templateCount, 
-		int key_size, void * wincx, CK_RV *crvp)
-{
-    CK_ULONG len;
-    SECItem outKey;
-    PK11SymKey *symKey;
-    CK_RV crv;
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-
-    /* remove any VALUE_LEN parameters */
-    if (keyTemplate[templateCount-1].type == CKA_VALUE_LEN) {
-        templateCount--;
-    }
-
-    /* keys are almost always aligned, but if we get this far,
-     * we've gone above and beyond anyway... */
-    outKey.data = (unsigned char*)PORT_Alloc(inKey->len);
-    if (outKey.data == NULL) {
-	PORT_SetError( SEC_ERROR_NO_MEMORY );
-	if (crvp) *crvp = CKR_HOST_MEMORY;
-	return NULL;
-    }
-    len = inKey->len;
-
-    /* use NULL IV's for wrapping */
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_DecryptInit(session,mech,wrappingKey);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PORT_Free(outKey.data);
-	PORT_SetError( PK11_MapError(crv) );
-	if (crvp) *crvp =crv;
-	return NULL;
-    }
-    crv = PK11_GETTAB(slot)->C_Decrypt(session,inKey->data,inKey->len,
-							   outKey.data, &len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    if (crv != CKR_OK) {
-	PORT_Free(outKey.data);
-	PORT_SetError( PK11_MapError(crv) );
-	if (crvp) *crvp =crv;
-	return NULL;
-    }
-
-    outKey.len = (key_size == 0) ? len : key_size;
-
-    if (PK11_DoesMechanism(slot,target)) {
-	symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap, 
-	                                    keyTemplate, templateCount, 
-					    &outKey, wincx);
-    } else {
-	slot = PK11_GetBestSlot(target,wincx);
-	if (slot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    PORT_Free(outKey.data);
-	    if (crvp) *crvp = CKR_DEVICE_ERROR; 
-	    return NULL;
-	}
-	symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap, 
-	                                    keyTemplate, templateCount, 
-					    &outKey, wincx);
-	PK11_FreeSlot(slot);
-    }
-    PORT_Free(outKey.data);
-
-    if (crvp) *crvp = symKey? CKR_OK : CKR_DEVICE_ERROR; 
-    return symKey;
-}
-
-/*
- * The wrap/unwrap function is pretty much the same for private and
- * public keys. It's just getting the Object ID and slot right. This is
- * the combined unwrap function.
- */
-static PK11SymKey *
-pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
-    CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey, 
-    CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize, 
-    void *wincx, CK_ATTRIBUTE *userAttr, unsigned int numAttrs)
-{
-    PK11SymKey *    symKey;
-    SECItem *       param_free	= NULL;
-    CK_BBOOL        cktrue	= CK_TRUE; 
-    CK_OBJECT_CLASS keyClass	= CKO_SECRET_KEY;
-    CK_KEY_TYPE     keyType	= CKK_GENERIC_SECRET;
-    CK_ULONG        valueLen	= 0;
-    CK_MECHANISM    mechanism;
-    CK_RV           crv;
-    CK_MECHANISM_INFO mechanism_info;
-    CK_ATTRIBUTE    keyTemplate[MAX_TEMPL_ATTRS];
-    CK_ATTRIBUTE *  attrs	= keyTemplate;
-    unsigned int    templateCount;
-
-    if (numAttrs > MAX_TEMPL_ATTRS) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    /* first copy caller attributes in. */
-    for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
-    	*attrs++ = *userAttr++;
-    }
-
-    /* We only add the following attributes to the template if the caller
-    ** didn't already supply them.
-    */
-    if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
-	PK11_SETATTRS(attrs, CKA_CLASS,     &keyClass, sizeof keyClass); 
-	attrs++;
-    }
-    if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
-	keyType = PK11_GetKeyType(target, keySize);
-	PK11_SETATTRS(attrs, CKA_KEY_TYPE,  &keyType,  sizeof keyType ); 
-	attrs++;
-    }
-    if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
-	PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
-    }
-
-    /*
-     * must be last in case we need to use this template to import the key
-     */
-    if (keySize > 0 &&
-    	  !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
-	valueLen = (CK_ULONG)keySize;
-	PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen); 
-	attrs++;
-    }
-
-    templateCount = attrs - keyTemplate;
-    PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
-
-    /* find out if we can do wrap directly. Because the RSA case if *very*
-     * common, cache the results for it. */
-    if ((wrapType == CKM_RSA_PKCS) && (slot->hasRSAInfo)) {
-	mechanism_info.flags = slot->RSAInfoFlags;
-    } else {
-	if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-	crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,wrapType,
-				 &mechanism_info);
-    	if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    	if (crv != CKR_OK) {
-	     mechanism_info.flags = 0;
-    	}
-        if (wrapType == CKM_RSA_PKCS) {
-	    slot->RSAInfoFlags = mechanism_info.flags;
-	    slot->hasRSAInfo = PR_TRUE;
-	}
-    }
-
-    /* initialize the mechanism structure */
-    mechanism.mechanism = wrapType;
-    /* use NULL IV's for wrapping */
-    if (param == NULL) param = param_free = PK11_ParamFromIV(wrapType,NULL);
-    if (param) {
-	mechanism.pParameter = param->data;
-	mechanism.ulParameterLen = param->len;
-    } else {
-	mechanism.pParameter = NULL;
-	mechanism.ulParameterLen = 0;
-    }
-
-    if ((mechanism_info.flags & CKF_DECRYPT)  
-				&& !PK11_DoesMechanism(slot,target)) {
-	symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey, 
-	                         target, keyTemplate, templateCount, keySize, 
-				 wincx, &crv);
-	if (symKey) {
-	    if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
-	    return symKey;
-	}
-	/*
-	 * if the RSA OP simply failed, don't try to unwrap again 
-	 * with this module.
-	 */
-	if (crv == CKR_DEVICE_ERROR){
-	   return NULL;
-	}
-	/* fall through, maybe they incorrectly set CKF_DECRYPT */
-    }
-
-    /* get our key Structure */
-    symKey = PK11_CreateSymKey(slot,target,wincx);
-    if (symKey == NULL) {
-	if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
-	return NULL;
-    }
-
-    symKey->size = keySize;
-    symKey->origin = PK11_OriginUnwrap;
-
-    pk11_EnterKeyMonitor(symKey);
-    crv = PK11_GETTAB(slot)->C_UnwrapKey(symKey->session,&mechanism,wrappingKey,
-		wrappedKey->data, wrappedKey->len, keyTemplate, templateCount, 
-							  &symKey->objectID);
-    pk11_ExitKeyMonitor(symKey);
-    if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
-    if ((crv != CKR_OK) && (crv != CKR_DEVICE_ERROR)) {
-	/* try hand Unwrapping */
-	PK11_FreeSymKey(symKey);
-	symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey, 
-	                         target, keyTemplate, templateCount, keySize, 
-				 wincx, NULL);
-   }
-
-   return symKey;
-}
-
-/* use a symetric key to unwrap another symetric key */
-PK11SymKey *
-PK11_UnwrapSymKey( PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
-                   SECItem *param, SECItem *wrappedKey, 
-		   CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, 
-		   int keySize)
-{
-    return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
-		    wrapType, param, wrappedKey, target, operation, keySize, 
-		    wrappingKey->cx, NULL, 0);
-}
-
-/* use a symetric key to unwrap another symetric key */
-PK11SymKey *
-PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
-                   SECItem *param, SECItem *wrappedKey, 
-		   CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, 
-		   int keySize, CK_FLAGS flags)
-{
-    CK_BBOOL        ckTrue	= CK_TRUE; 
-    CK_ATTRIBUTE    keyTemplate[MAX_TEMPL_ATTRS];
-    unsigned int    templateCount;
-
-    templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
-    return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
-		    wrapType, param, wrappedKey, target, operation, keySize, 
-		    wrappingKey->cx, keyTemplate, templateCount);
-}
-
-
-/* unwrap a symetric key with a private key. */
-PK11SymKey *
-PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey,
-	  CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize)
-{
-    CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
-
-    PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx);
-    
-    return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID,
-	wrapType, NULL, wrappedKey, target, operation, keySize, 
-	wrappingKey->wincx, NULL, 0);
-}
-
-/*
- * Recover the Signed data. We need this because our old verify can't
- * figure out which hash algorithm to use until we decryptted this.
- */
-SECStatus
-PK11_VerifyRecover(SECKEYPublicKey *key,
-			 	SECItem *sig, SECItem *dsig, void *wincx)
-{
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    CK_OBJECT_HANDLE id = key->pkcs11ID;
-    CK_MECHANISM mech = {0, NULL, 0 };
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_ULONG len;
-    CK_RV crv;
-
-    mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
-    if (slot == NULL) {
-	slot = PK11_GetBestSlot(mech.mechanism,wincx);
-	if (slot == NULL) {
-	    	PORT_SetError( SEC_ERROR_NO_MODULE );
-		return SECFailure;
-	}
-	id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-    } else {
-	PK11_ReferenceSlot(slot);
-    }
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_VerifyRecoverInit(session,&mech,id);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PORT_SetError( PK11_MapError(crv) );
-	PK11_FreeSlot(slot);
-	return SECFailure;
-    }
-    len = dsig->len;
-    crv = PK11_GETTAB(slot)->C_VerifyRecover(session,sig->data,
-						sig->len, dsig->data, &len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    dsig->len = len;
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	PK11_FreeSlot(slot);
-	return SECFailure;
-    }
-    PK11_FreeSlot(slot);
-    return SECSuccess;
-}
-
-/*
- * verify a signature from its hash.
- */
-SECStatus
-PK11_Verify(SECKEYPublicKey *key, SECItem *sig, SECItem *hash, void *wincx)
-{
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    CK_OBJECT_HANDLE id = key->pkcs11ID;
-    CK_MECHANISM mech = {0, NULL, 0 };
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_RV crv;
-
-    mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
-    if (slot == NULL) {
-	slot = PK11_GetBestSlot(mech.mechanism,wincx);
-       
-	if (slot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    return SECFailure;
-	}
-	id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-            
-    } else {
-	PK11_ReferenceSlot(slot);
-    }
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_VerifyInit(session,&mech,id);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PK11_FreeSlot(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    crv = PK11_GETTAB(slot)->C_Verify(session,hash->data,
-					hash->len, sig->data, sig->len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    PK11_FreeSlot(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * sign a hash. The algorithm is determined by the key.
- */
-SECStatus
-PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash)
-{
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    CK_MECHANISM mech = {0, NULL, 0 };
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_ULONG len;
-    CK_RV crv;
-
-    mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
-    PK11_HandlePasswordCheck(slot, key->wincx);
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    len = sig->len;
-    crv = PK11_GETTAB(slot)->C_Sign(session,hash->data,
-					hash->len, sig->data, &len);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    sig->len = len;
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use
- * RSA keys, or they'll fail. We do the checks up front. If anyone comes
- * up with a meaning for rawdecrypt for any other public key operation,
- * then we need to move this check into some of PK11_PubDecrypt callers,
- * (namely SSL 2.0).
- */
-SECStatus
-PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, 
-	unsigned *outLen, unsigned int maxLen, unsigned char *enc,
-							 unsigned encLen)
-{
-    PK11SlotInfo *slot = key->pkcs11Slot;
-    CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 };
-    CK_ULONG out = maxLen;
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_RV crv;
-
-    if (key->keyType != rsaKey) {
-	PORT_SetError( SEC_ERROR_INVALID_KEY );
-	return SECFailure;
-    }
-
-    /* Why do we do a PK11_handle check here? for simple
-     * decryption? .. because the user may have asked for 'ask always'
-     * and this is a private key operation. In practice, thought, it's mute
-     * since only servers wind up using this function */
-    PK11_HandlePasswordCheck(slot, key->wincx);
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_DecryptInit(session,&mech,key->pkcs11ID);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    crv = PK11_GETTAB(slot)->C_Decrypt(session,enc, encLen,
-								data, &out);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    *outLen = out;
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* The encrypt version of the above function */
-SECStatus
-PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc,
-		unsigned char *data, unsigned dataLen, void *wincx)
-{
-    PK11SlotInfo *slot;
-    CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 };
-    CK_OBJECT_HANDLE id;
-    CK_ULONG out = dataLen;
-    PRBool owner = PR_TRUE;
-    CK_SESSION_HANDLE session;
-    CK_RV crv;
-
-    if (key->keyType != rsaKey) {
-	PORT_SetError( SEC_ERROR_BAD_KEY );
-	return SECFailure;
-    }
-
-    slot = PK11_GetBestSlot(mech.mechanism, wincx);
-    if (slot == NULL) {
-	PORT_SetError( SEC_ERROR_NO_MODULE );
-	return SECFailure;
-    }
-
-    id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-
-    session = pk11_GetNewSession(slot,&owner);
-    if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,id);
-    if (crv != CKR_OK) {
-	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-	pk11_CloseSession(slot,session,owner);
-	PK11_FreeSlot(slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    crv = PK11_GETTAB(slot)->C_Encrypt(session,data,dataLen,enc,&out);
-    if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
-    pk11_CloseSession(slot,session,owner);
-    PK11_FreeSlot(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-	
-/**********************************************************************
- *
- *                   Now Deal with Crypto Contexts
- *
- **********************************************************************/
-
-/*
- * the monitors...
- */
-void
-PK11_EnterContextMonitor(PK11Context *cx) {
-    /* if we own the session and our slot is ThreadSafe, only monitor
-     * the Context */
-    if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
-	/* Should this use monitors instead? */
-	PZ_Lock(cx->sessionLock);
-    } else {
-	PK11_EnterSlotMonitor(cx->slot);
-    }
-}
-
-void
-PK11_ExitContextMonitor(PK11Context *cx) {
-    /* if we own the session and our slot is ThreadSafe, only monitor
-     * the Context */
-    if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
-	/* Should this use monitors instead? */
-	PZ_Unlock(cx->sessionLock);
-    } else {
-	PK11_ExitSlotMonitor(cx->slot);
-    }
-}
-
-/*
- * Free up a Cipher Context
- */
-void
-PK11_DestroyContext(PK11Context *context, PRBool freeit)
-{
-    pk11_CloseSession(context->slot,context->session,context->ownSession);
-    /* initialize the critical fields of the context */
-    if (context->savedData != NULL ) PORT_Free(context->savedData);
-    if (context->key) PK11_FreeSymKey(context->key);
-    if (context->param) SECITEM_FreeItem(context->param, PR_TRUE);
-    if (context->sessionLock) PZ_DestroyLock(context->sessionLock);
-    PK11_FreeSlot(context->slot);
-    if (freeit) PORT_Free(context);
-}
-
-/*
- * save the current context. Allocate Space if necessary.
- */
-static void *
-pk11_saveContextHelper(PK11Context *context, void *space, 
-	unsigned long *savedLength, PRBool staticBuffer, PRBool recurse)
-{
-    CK_ULONG length;
-    CK_RV crv;
-
-    if (staticBuffer) PORT_Assert(space != NULL);
-
-    if (space == NULL) {
-	crv =PK11_GETTAB(context->slot)->C_GetOperationState(context->session,
-				NULL,&length);
-	if (crv != CKR_OK) {
-	    PORT_SetError( PK11_MapError(crv) );
-	    return NULL;
-	}
-	space = PORT_Alloc(length);
-	if (space == NULL) return NULL;
-	*savedLength = length;
-    }
-    crv = PK11_GETTAB(context->slot)->C_GetOperationState(context->session,
-					(CK_BYTE_PTR)space,savedLength);
-    if (!staticBuffer && !recurse && (crv == CKR_BUFFER_TOO_SMALL)) {
-	if (!staticBuffer) PORT_Free(space);
-	return pk11_saveContextHelper(context, NULL, 
-					savedLength, PR_FALSE, PR_TRUE);
-    }
-    if (crv != CKR_OK) {
-	if (!staticBuffer) PORT_Free(space);
-	PORT_SetError( PK11_MapError(crv) );
-	return NULL;
-    }
-    return space;
-}
-
-void *
-pk11_saveContext(PK11Context *context, void *space, unsigned long *savedLength)
-{
-	return pk11_saveContextHelper(context, space, 
-					savedLength, PR_FALSE, PR_FALSE);
-}
-
-/*
- * restore the current context
- */
-SECStatus
-pk11_restoreContext(PK11Context *context,void *space, unsigned long savedLength)
-{
-    CK_RV crv;
-    CK_OBJECT_HANDLE objectID = (context->key) ? context->key->objectID:
-			CK_INVALID_HANDLE;
-
-    PORT_Assert(space != NULL);
-    if (space == NULL) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    crv = PK11_GETTAB(context->slot)->C_SetOperationState(context->session,
-        (CK_BYTE_PTR)space, savedLength, objectID, 0);
-    if (crv != CKR_OK) {
-       PORT_SetError( PK11_MapError(crv));
-       return SECFailure;
-   }
-   return SECSuccess;
-}
-
-SECStatus pk11_Finalize(PK11Context *context);
-
-/*
- * Context initialization. Used by all flavors of CreateContext
- */
-static SECStatus 
-pk11_context_init(PK11Context *context, CK_MECHANISM *mech_info)
-{
-    CK_RV crv;
-    PK11SymKey *symKey = context->key;
-    SECStatus rv = SECSuccess;
-
-    switch (context->operation) {
-    case CKA_ENCRYPT:
-	crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session,
-				mech_info, symKey->objectID);
-	break;
-    case CKA_DECRYPT:
-	if (context->fortezzaHack) {
-	    CK_ULONG count = 0;;
-	    /* generate the IV for fortezza */
-	    crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session,
-				mech_info, symKey->objectID);
-	    if (crv != CKR_OK) break;
-	    PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
-				NULL, &count);
-	}
-	crv=PK11_GETTAB(context->slot)->C_DecryptInit(context->session,
-				mech_info, symKey->objectID);
-	break;
-    case CKA_SIGN:
-	crv=PK11_GETTAB(context->slot)->C_SignInit(context->session,
-				mech_info, symKey->objectID);
-	break;
-    case CKA_VERIFY:
-	crv=PK11_GETTAB(context->slot)->C_SignInit(context->session,
-				mech_info, symKey->objectID);
-	break;
-    case CKA_DIGEST:
-	crv=PK11_GETTAB(context->slot)->C_DigestInit(context->session,
-				mech_info);
-	break;
-    default:
-	crv = CKR_OPERATION_NOT_INITIALIZED;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-        return SECFailure;
-    }
-
-    /*
-     * handle session starvation case.. use our last session to multiplex
-     */
-    if (!context->ownSession) {
-	context->savedData = pk11_saveContext(context,context->savedData,
-				&context->savedLength);
-	if (context->savedData == NULL) rv = SECFailure;
-	/* clear out out session for others to use */
-	pk11_Finalize(context);
-    }
-    return rv;
-}
-
-
-/*
- * Common Helper Function do come up with a new context.
- */
-static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type,
-     PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey,
-							     SECItem *param)
-{
-    CK_MECHANISM mech_info;
-    PK11Context *context;
-    SECStatus rv;
-	
-    PORT_Assert(slot != NULL);
-    if (!slot) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-    context = (PK11Context *) PORT_Alloc(sizeof(PK11Context));
-    if (context == NULL) {
-	return NULL;
-    }
-
-    /* now deal with the fortezza hack... the fortezza hack is an attempt
-     * to get around the issue of the card not allowing you to do a FORTEZZA
-     * LoadIV/Encrypt, which was added because such a combination could be
-     * use to circumvent the key escrow system. Unfortunately SSL needs to
-     * do this kind of operation, so in SSL we do a loadIV (to verify it),
-     * Then GenerateIV, and through away the first 8 bytes on either side
-     * of the connection.*/
-    context->fortezzaHack = PR_FALSE;
-    if (type == CKM_SKIPJACK_CBC64) {
-	if (symKey->origin == PK11_OriginFortezzaHack) {
-	    context->fortezzaHack = PR_TRUE;
-	}
-    }
-
-    /* initialize the critical fields of the context */
-    context->operation = operation;
-    context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL;
-    context->slot = PK11_ReferenceSlot(slot);
-    context->session = pk11_GetNewSession(slot,&context->ownSession);
-    context->cx = symKey ? symKey->cx : NULL;
-    /* get our session */
-    context->savedData = NULL;
-
-    /* save the parameters so that some digesting stuff can do multiple
-     * begins on a single context */
-    context->type = type;
-    context->param = SECITEM_DupItem(param);
-    context->init = PR_FALSE;
-    context->sessionLock = PZ_NewLock(nssILockPK11cxt);
-    if ((context->param == NULL) || (context->sessionLock == NULL)) {
-	PK11_DestroyContext(context,PR_TRUE);
-	return NULL;
-    }
-
-    mech_info.mechanism = type;
-    mech_info.pParameter = param->data;
-    mech_info.ulParameterLen = param->len;
-    PK11_EnterContextMonitor(context);
-    rv = pk11_context_init(context,&mech_info);
-    PK11_ExitContextMonitor(context);
-
-    if (rv != SECSuccess) {
-	PK11_DestroyContext(context,PR_TRUE);
-	return NULL;
-    }
-    context->init = PR_TRUE;
-    return context;
-}
-
-
-/*
- * put together the various PK11_Create_Context calls used by different
- * parts of libsec.
- */
-PK11Context *
-__PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
-     PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, 
-						SECItem *param, void *wincx)
-{
-    PK11SymKey *symKey;
-    PK11Context *context;
-
-    /* first get a slot */
-    if (slot == NULL) {
-	slot = PK11_GetBestSlot(type,wincx);
-	if (slot == NULL) {
-	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    return NULL;
-	}
-    } else {
-	PK11_ReferenceSlot(slot);
-    }
-
-    /* now import the key */
-    symKey = PK11_ImportSymKey(slot, type, origin, operation,  key, wincx);
-    if (symKey == NULL) return NULL;
-
-    context = PK11_CreateContextBySymKey(type, operation, symKey, param);
-
-    PK11_FreeSymKey(symKey);
-    PK11_FreeSlot(slot);
-
-    return context;
-}
-
-PK11Context *
-PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
-     PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, 
-						SECItem *param, void *wincx)
-{
-    return __PK11_CreateContextByRawKey(slot, type, origin, operation,
-                                        key, param, wincx);
-}
-
-
-/*
- * Create a context from a key. We really should make sure we aren't using
- * the same key in multiple session!
- */
-PK11Context *
-PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,CK_ATTRIBUTE_TYPE operation,
-			PK11SymKey *symKey, SECItem *param)
-{
-    PK11SymKey *newKey;
-    PK11Context *context;
-
-    /* if this slot doesn't support the mechanism, go to a slot that does */
-    newKey = pk11_ForceSlot(symKey,type,operation);
-    if (newKey == NULL) {
-	PK11_ReferenceSymKey(symKey);
-    } else {
-	symKey = newKey;
-    }
-
-
-    /* Context Adopts the symKey.... */
-    context = pk11_CreateNewContextInSlot(type, symKey->slot, operation, symKey,
-							     param);
-    PK11_FreeSymKey(symKey);
-    return context;
-}
-
-/*
- * Digest contexts don't need keys, but the do need to find a slot.
- * Macing should use PK11_CreateContextBySymKey.
- */
-PK11Context *
-PK11_CreateDigestContext(SECOidTag hashAlg)
-{
-    /* digesting has to work without authentication to the slot */
-    CK_MECHANISM_TYPE type;
-    PK11SlotInfo *slot;
-    PK11Context *context;
-    SECItem param;
-
-    type = PK11_AlgtagToMechanism(hashAlg);
-    slot = PK11_GetBestSlot(type, NULL);
-    if (slot == NULL) {
-	PORT_SetError( SEC_ERROR_NO_MODULE );
-	return NULL;
-    }
-
-    /* maybe should really be PK11_GenerateNewParam?? */
-    param.data = NULL;
-    param.len = 0;
-
-    context = pk11_CreateNewContextInSlot(type, slot, CKA_DIGEST, NULL, &param);
-    PK11_FreeSlot(slot);
-    return context;
-}
-
-/*
- * create a new context which is the clone of the state of old context.
- */
-PK11Context * PK11_CloneContext(PK11Context *old)
-{
-     PK11Context *newcx;
-     PRBool needFree = PR_FALSE;
-     SECStatus rv = SECSuccess;
-     void *data;
-     unsigned long len;
-
-     newcx = pk11_CreateNewContextInSlot(old->type, old->slot, old->operation,
-						old->key, old->param);
-     if (newcx == NULL) return NULL;
-
-     /* now clone the save state. First we need to find the save state
-      * of the old session. If the old context owns it's session,
-      * the state needs to be saved, otherwise the state is in saveData. */
-     if (old->ownSession) {
-        PK11_EnterContextMonitor(old);
-	data=pk11_saveContext(old,NULL,&len);
-        PK11_ExitContextMonitor(old);
-	needFree = PR_TRUE;
-     } else {
-	data = old->savedData;
-	len = old->savedLength;
-     }
-
-     if (data == NULL) {
-	PK11_DestroyContext(newcx,PR_TRUE);
-	return NULL;
-     }
-
-     /* now copy that state into our new context. Again we have different
-      * work if the new context owns it's own session. If it does, we
-      * restore the state gathered above. If it doesn't, we copy the
-      * saveData pointer... */
-     if (newcx->ownSession) {
-        PK11_EnterContextMonitor(newcx);
-	rv = pk11_restoreContext(newcx,data,len);
-        PK11_ExitContextMonitor(newcx);
-     } else {
-	PORT_Assert(newcx->savedData != NULL);
-	if ((newcx->savedData == NULL) || (newcx->savedLength < len)) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	    rv = SECFailure;
-	} else {
-	    PORT_Memcpy(newcx->savedData,data,len);
-	    newcx->savedLength = len;
-	}
-    }
-
-    if (needFree) PORT_Free(data);
-
-    if (rv != SECSuccess) {
-	PK11_DestroyContext(newcx,PR_TRUE);
-	return NULL;
-    }
-    return newcx;
-}
-
-/*
- * save the current context state into a variable. Required to make FORTEZZA
- * work.
- */
-SECStatus
-PK11_SaveContext(PK11Context *cx,unsigned char *save,int *len, int saveLength)
-{
-    unsigned char * data = NULL;
-    CK_ULONG length = saveLength;
-
-    if (cx->ownSession) {
-        PK11_EnterContextMonitor(cx);
-	data = (unsigned char*)pk11_saveContextHelper(cx,save,&length,
-							PR_FALSE,PR_FALSE);
-        PK11_ExitContextMonitor(cx);
-	if (data) *len = length;
-    } else if ((unsigned) saveLength >= cx->savedLength) {
-	data = (unsigned char*)cx->savedData;
-	if (cx->savedData) {
-	    PORT_Memcpy(save,cx->savedData,cx->savedLength);
-	}
-	*len = cx->savedLength;
-    }
-    return (data != NULL) ? SECSuccess : SECFailure;
-}
-
-/*
- * restore the context state into a new running context. Also required for
- * FORTEZZA .
- */
-SECStatus
-PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len)
-{
-    SECStatus rv = SECSuccess;
-    if (cx->ownSession) {
-        PK11_EnterContextMonitor(cx);
-	pk11_Finalize(cx);
-	rv = pk11_restoreContext(cx,save,len);
-        PK11_ExitContextMonitor(cx);
-    } else {
-	PORT_Assert(cx->savedData != NULL);
-	if ((cx->savedData == NULL) || (cx->savedLength < (unsigned) len)) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	    rv = SECFailure;
-	} else {
-	    PORT_Memcpy(cx->savedData,save,len);
-	    cx->savedLength = len;
-	}
-    }
-    return rv;
-}
-
-/*
- * This is  to get FIPS compliance until we can convert
- * libjar to use PK11_ hashing functions. It returns PR_FALSE
- * if we can't get a PK11 Context.
- */
-PRBool
-PK11_HashOK(SECOidTag algID) {
-    PK11Context *cx;
-
-    cx = PK11_CreateDigestContext(algID);
-    if (cx == NULL) return PR_FALSE;
-    PK11_DestroyContext(cx, PR_TRUE);
-    return PR_TRUE;
-}
-
-
-
-/*
- * start a new digesting or Mac'ing operation on this context
- */
-SECStatus PK11_DigestBegin(PK11Context *cx)
-{
-    CK_MECHANISM mech_info;
-    SECStatus rv;
-
-    if (cx->init == PR_TRUE) {
-	return SECSuccess;
-    }
-
-    /*
-     * make sure the old context is clear first
-     */
-    PK11_EnterContextMonitor(cx);
-    pk11_Finalize(cx);
-
-    mech_info.mechanism = cx->type;
-    mech_info.pParameter = cx->param->data;
-    mech_info.ulParameterLen = cx->param->len;
-    rv = pk11_context_init(cx,&mech_info);
-    PK11_ExitContextMonitor(cx);
-
-    if (rv != SECSuccess) {
-	return SECFailure;
-    }
-    cx->init = PR_TRUE;
-    return SECSuccess;
-}
-
-SECStatus
-PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in, 
-								int32 len) {
-    PK11Context *context;
-    unsigned int max_length;
-    unsigned int out_length;
-    SECStatus rv;
-
-    context = PK11_CreateDigestContext(hashAlg);
-    if (context == NULL) return SECFailure;
-
-    rv = PK11_DigestBegin(context);
-    if (rv != SECSuccess) {
-	PK11_DestroyContext(context, PR_TRUE);
-	return rv;
-    }
-
-    rv = PK11_DigestOp(context, in, len);
-    if (rv != SECSuccess) {
-	PK11_DestroyContext(context, PR_TRUE);
-	return rv;
-    }
-
-    /* we need the output length ... maybe this should be table driven...*/
-    switch (hashAlg) {
-    case  SEC_OID_SHA1: max_length = SHA1_LENGTH; break;
-    case  SEC_OID_MD2: max_length = MD2_LENGTH; break;
-    case  SEC_OID_MD5: max_length = MD5_LENGTH; break;
-    default: max_length = 16; break;
-    }
-
-    rv = PK11_DigestFinal(context,out,&out_length,max_length);
-    PK11_DestroyContext(context, PR_TRUE);
-    return rv;
-}
-
-
-/*
- * execute a bulk encryption operation
- */
-SECStatus
-PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen, 
-				int maxout, unsigned char *in, int inlen)
-{
-    CK_RV crv = CKR_OK;
-    CK_ULONG length = maxout;
-    CK_ULONG offset =0;
-    SECStatus rv = SECSuccess;
-    unsigned char *saveOut = out;
-    unsigned char *allocOut = NULL;
-
-    /* if we ran out of session, we need to restore our previously stored
-     * state.
-     */
-    PK11_EnterContextMonitor(context);
-    if (!context->ownSession) {
-        rv = pk11_restoreContext(context,context->savedData,
-							context->savedLength);
-	if (rv != SECSuccess) {
-	    PK11_ExitContextMonitor(context);
-	    return rv;
-	}
-    }
-
-    /*
-     * The fortezza hack is to send 8 extra bytes on the first encrypted and
-     * loose them on the first decrypt.
-     */
-    if (context->fortezzaHack) {
-	unsigned char random[8];
-	if (context->operation == CKA_ENCRYPT) {
-	    PK11_ExitContextMonitor(context);
-	    rv = PK11_GenerateRandom(random,sizeof(random));
-    	    PK11_EnterContextMonitor(context);
-
-	    /* since we are offseting the output, we can't encrypt back into
-	     * the same buffer... allocate a temporary buffer just for this
-	     * call. */
-	    allocOut = out = (unsigned char*)PORT_Alloc(maxout);
-	    if (out == NULL) {
-		PK11_ExitContextMonitor(context);
-		return SECFailure;
-	    }
-	    crv = PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session,
-		random,sizeof(random),out,&length);
-
-	    out += length;
-	    maxout -= length;
-	    offset = length;
-	} else if (context->operation == CKA_DECRYPT) {
-	    length = sizeof(random);
-	    crv = PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session,
-		in,sizeof(random),random,&length);
-	    inlen -= length;
-	    in += length;
-	    context->fortezzaHack = PR_FALSE;
-	}
-    }
-
-    switch (context->operation) {
-    case CKA_ENCRYPT:
-	length = maxout;
-	crv=PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session,
-						in, inlen, out, &length);
-	length += offset;
-	break;
-    case CKA_DECRYPT:
-	length = maxout;
-	crv=PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session,
-						in, inlen, out, &length);
-	break;
-    default:
-	crv = CKR_OPERATION_NOT_INITIALIZED;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-	*outlen = 0;
-        rv = SECFailure;
-    } else {
-    	*outlen = length;
-    }
-
-    if (context->fortezzaHack) {
-	if (context->operation == CKA_ENCRYPT) {
-	    PORT_Assert(allocOut);
-	    PORT_Memcpy(saveOut, allocOut, length);
-	    PORT_Free(allocOut);
-	}
-	context->fortezzaHack = PR_FALSE;
-    }
-
-    /*
-     * handle session starvation case.. use our last session to multiplex
-     */
-    if (!context->ownSession) {
-	context->savedData = pk11_saveContext(context,context->savedData,
-				&context->savedLength);
-	if (context->savedData == NULL) rv = SECFailure;
-	
-	/* clear out out session for others to use */
-	pk11_Finalize(context);
-    }
-    PK11_ExitContextMonitor(context);
-    return rv;
-}
-
-/*
- * execute a digest/signature operation
- */
-SECStatus
-PK11_DigestOp(PK11Context *context, const unsigned char * in, unsigned inLen) 
-{
-    CK_RV crv = CKR_OK;
-    SECStatus rv = SECSuccess;
-
-    /* if we ran out of session, we need to restore our previously stored
-     * state.
-     */
-    context->init = PR_FALSE;
-    PK11_EnterContextMonitor(context);
-    if (!context->ownSession) {
-        rv = pk11_restoreContext(context,context->savedData,
-							context->savedLength);
-	if (rv != SECSuccess) {
-	    PK11_ExitContextMonitor(context);
-	    return rv;
-	}
-    }
-
-    switch (context->operation) {
-    /* also for MAC'ing */
-    case CKA_SIGN:
-	crv=PK11_GETTAB(context->slot)->C_SignUpdate(context->session,
-						     (unsigned char *)in, 
-						     inLen);
-	break;
-    case CKA_VERIFY:
-	crv=PK11_GETTAB(context->slot)->C_VerifyUpdate(context->session,
-						       (unsigned char *)in, 
-						       inLen);
-	break;
-    case CKA_DIGEST:
-	crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session,
-						       (unsigned char *)in, 
-						       inLen);
-	break;
-    default:
-	crv = CKR_OPERATION_NOT_INITIALIZED;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-        rv = SECFailure;
-    }
-
-    /*
-     * handle session starvation case.. use our last session to multiplex
-     */
-    if (!context->ownSession) {
-	context->savedData = pk11_saveContext(context,context->savedData,
-				&context->savedLength);
-	if (context->savedData == NULL) rv = SECFailure;
-	
-	/* clear out out session for others to use */
-	pk11_Finalize(context);
-    }
-    PK11_ExitContextMonitor(context);
-    return rv;
-}
-
-/*
- * Digest a key if possible./
- */
-SECStatus
-PK11_DigestKey(PK11Context *context, PK11SymKey *key)
-{
-    CK_RV crv = CKR_OK;
-    SECStatus rv = SECSuccess;
-    PK11SymKey *newKey = NULL;
-
-    /* if we ran out of session, we need to restore our previously stored
-     * state.
-     */
-    if (context->slot != key->slot) {
-	newKey = pk11_CopyToSlot(context->slot,CKM_SSL3_SHA1_MAC,CKA_SIGN,key);
-    } else {
-	newKey = PK11_ReferenceSymKey(key);
-    }
-
-    context->init = PR_FALSE;
-    PK11_EnterContextMonitor(context);
-    if (!context->ownSession) {
-        rv = pk11_restoreContext(context,context->savedData,
-							context->savedLength);
-	if (rv != SECSuccess) {
-	    PK11_ExitContextMonitor(context);
-            PK11_FreeSymKey(newKey);
-	    return rv;
-	}
-    }
-
-
-    if (newKey == NULL) {
-	crv = CKR_KEY_TYPE_INCONSISTENT;
-	if (key->data.data) {
-	    crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session,
-					key->data.data,key->data.len);
-	}
-    } else {
-	crv=PK11_GETTAB(context->slot)->C_DigestKey(context->session,
-							newKey->objectID);
-    }
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-        rv = SECFailure;
-    }
-
-    /*
-     * handle session starvation case.. use our last session to multiplex
-     */
-    if (!context->ownSession) {
-	context->savedData = pk11_saveContext(context,context->savedData,
-				&context->savedLength);
-	if (context->savedData == NULL) rv = SECFailure;
-	
-	/* clear out out session for others to use */
-	pk11_Finalize(context);
-    }
-    PK11_ExitContextMonitor(context);
-    if (newKey) PK11_FreeSymKey(newKey);
-    return rv;
-}
-
-/*
- * externally callable version of the lowercase pk11_finalize().
- */
-SECStatus
-PK11_Finalize(PK11Context *context) {
-    SECStatus rv;
-
-    PK11_EnterContextMonitor(context);
-    rv = pk11_Finalize(context);
-    PK11_ExitContextMonitor(context);
-    return rv;
-}
-
-/*
- * clean up a cipher operation, so the session can be used by
- * someone new.
- */
-SECStatus
-pk11_Finalize(PK11Context *context)
-{
-    CK_ULONG count = 0;
-    CK_RV crv;
-
-    if (!context->ownSession) {
-	return SECSuccess;
-    }
-
-    switch (context->operation) {
-    case CKA_ENCRYPT:
-	crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
-				NULL,&count);
-	break;
-    case CKA_DECRYPT:
-	crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session,
-				NULL,&count);
-	break;
-    case CKA_SIGN:
-	crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session,
-				NULL,&count);
-	break;
-    case CKA_VERIFY:
-	crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session,
-				NULL,count);
-	break;
-    case CKA_DIGEST:
-	crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session,
-				NULL,&count);
-	break;
-    default:
-	crv = CKR_OPERATION_NOT_INITIALIZED;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-        return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- *  Return the final digested or signed data...
- *  this routine can either take pre initialized data, or allocate data
- *  either out of an arena or out of the standard heap.
- */
-SECStatus
-PK11_DigestFinal(PK11Context *context,unsigned char *data, 
-			unsigned int *outLen, unsigned int length)
-{
-    CK_ULONG len;
-    CK_RV crv;
-    SECStatus rv;
-
-
-    /* if we ran out of session, we need to restore our previously stored
-     * state.
-     */
-    PK11_EnterContextMonitor(context);
-    if (!context->ownSession) {
-        rv = pk11_restoreContext(context,context->savedData,
-							context->savedLength);
-	if (rv != SECSuccess) {
-	    PK11_ExitContextMonitor(context);
-	    return rv;
-	}
-    }
-
-    len = length;
-    switch (context->operation) {
-    case CKA_SIGN:
-	crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session,
-				data,&len);
-	break;
-    case CKA_VERIFY:
-	crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session,
-				data,len);
-	break;
-    case CKA_DIGEST:
-	crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session,
-				data,&len);
-	break;
-    case CKA_ENCRYPT:
-	crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
-				data, &len);
-	break;
-    case CKA_DECRYPT:
-	crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session,
-				data, &len);
-	break;
-    default:
-	crv = CKR_OPERATION_NOT_INITIALIZED;
-	break;
-    }
-    PK11_ExitContextMonitor(context);
-
-    *outLen = (unsigned int) len;
-    context->init = PR_FALSE; /* allow Begin to start up again */
-
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/****************************************************************************
- *
- * Now Do The PBE Functions Here...
- *
- ****************************************************************************/
-
-static void
-pk11_destroy_ck_pbe_params(CK_PBE_PARAMS *pbe_params)
-{
-    if (pbe_params) {
-	if (pbe_params->pPassword)
-	    PORT_ZFree(pbe_params->pPassword, PR_FALSE);
-	if (pbe_params->pSalt)
-	    PORT_ZFree(pbe_params->pSalt, PR_FALSE);
-	PORT_ZFree(pbe_params, PR_TRUE);
-    }
-}
-
-SECItem * 
-PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations)
-{
-    CK_PBE_PARAMS *pbe_params = NULL;
-    SECItem *paramRV = NULL;
-    pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS));
-    pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwd->len);
-    if (pbe_params->pPassword != NULL) {
-	PORT_Memcpy(pbe_params->pPassword, pwd->data, pwd->len);
-	pbe_params->ulPasswordLen = pwd->len;
-    } else goto loser;
-    pbe_params->pSalt = (CK_CHAR_PTR)PORT_ZAlloc(salt->len);
-    if (pbe_params->pSalt != NULL) {
-	PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
-	pbe_params->ulSaltLen = salt->len;
-    } else goto loser;
-    pbe_params->ulIteration = (CK_ULONG)iterations;
-    paramRV = SECITEM_AllocItem(NULL, NULL, sizeof(CK_PBE_PARAMS));
-    paramRV->data = (unsigned char *)pbe_params;
-    return paramRV;
-loser:
-    pk11_destroy_ck_pbe_params(pbe_params);
-    return NULL;
-}
-
-void
-PK11_DestroyPBEParams(SECItem *params)
-{
-    pk11_destroy_ck_pbe_params((CK_PBE_PARAMS *)params->data);
-}
-
-SECAlgorithmID *
-PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt)
-{
-    SECAlgorithmID *algid = NULL;
-    algid = SEC_PKCS5CreateAlgorithmID(algorithm, salt, iteration);
-    return algid;
-}
-
-PK11SymKey *
-PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *mech,
-			 SECItem *pwitem, PRBool faulty3DES, void *wincx)
-{
-    /* pbe stuff */
-    CK_PBE_PARAMS *pbe_params;
-    PK11SymKey *symKey;
-
-    if(faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
-	type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
-    }
-    if(mech == NULL) {
-	return NULL;
-    }
-
-    pbe_params = (CK_PBE_PARAMS *)mech->data;
-    pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwitem->len);
-    if(pbe_params->pPassword != NULL) {
-	PORT_Memcpy(pbe_params->pPassword, pwitem->data, pwitem->len);
-	pbe_params->ulPasswordLen = pwitem->len;
-    } else {
-	SECITEM_ZfreeItem(mech, PR_TRUE);
-	return NULL;
-    }
-
-    symKey = PK11_KeyGen(slot, type, mech, 0, wincx);
-
-    PORT_ZFree(pbe_params->pPassword, pwitem->len);
-    pbe_params->pPassword = NULL;
-    pbe_params->ulPasswordLen = 0;
-    return symKey;
-}
-
-PK11SymKey *
-PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
-	       					PRBool faulty3DES, void *wincx)
-{
-    /* pbe stuff */
-    CK_MECHANISM_TYPE type;
-    SECItem *mech;
-    PK11SymKey *symKey;
-
-    mech = PK11_ParamFromAlgid(algid);
-    type = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
-    if(faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
-	type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
-    }
-    if(mech == NULL) {
-	return NULL;
-    }
-    symKey = PK11_RawPBEKeyGen(slot, type, mech, pwitem, faulty3DES, wincx);
-
-    SECITEM_ZfreeItem(mech, PR_TRUE);
-    return symKey;
-}
-
-SECItem *
-PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem)
-{
-    /* pbe stuff */
-    CK_MECHANISM_TYPE type;
-    SECItem *mech;
-    PK11SymKey *symKey;
-    PK11SlotInfo *slot = PK11_GetInternalSlot();
-    int iv_len = 0;
-    CK_PBE_PARAMS_PTR pPBEparams;
-    SECItem src;
-    SECItem *iv;
-
-
-    mech = PK11_ParamFromAlgid(algid);
-    type = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
-    if(mech == NULL) {
-	return NULL;
-    }
-    symKey = PK11_RawPBEKeyGen(slot, type, mech, pwitem, PR_FALSE, NULL);
-    PK11_FreeSlot(slot);
-    if (symKey == NULL) {
-	SECITEM_ZfreeItem(mech, PR_TRUE);
-	return NULL;
-    }
-    PK11_FreeSymKey(symKey);
-    pPBEparams = (CK_PBE_PARAMS_PTR)mech->data;
-    iv_len = PK11_GetIVLength(type);
-
-    src.data = (unsigned char *)pPBEparams->pInitVector;
-    src.len = iv_len;
-    iv = SECITEM_DupItem(&src);
-
-    SECITEM_ZfreeItem(mech, PR_TRUE);
-    return iv;
-}
-
-
-SECStatus 
-PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
-			SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
-			SECItem *nickname, SECItem *publicValue, PRBool isPerm,
-			PRBool isPrivate, KeyType keyType, 
-			unsigned int keyUsage, void *wincx)
-{
-    CK_MECHANISM_TYPE mechanism;
-    SECItem *pbe_param, crypto_param;
-    PK11SymKey *key = NULL;
-    SECStatus rv = SECSuccess;
-    CK_MECHANISM cryptoMech, pbeMech;
-    CK_RV crv;
-    SECKEYPrivateKey *privKey = NULL;
-    PRBool faulty3DES = PR_FALSE;
-    int usageCount = 0;
-    CK_KEY_TYPE key_type;
-    CK_ATTRIBUTE_TYPE *usage = NULL;
-    CK_ATTRIBUTE_TYPE rsaUsage[] = {
-		 CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER };
-    CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
-    CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
-
-    if((epki == NULL) || (pwitem == NULL))
-	return SECFailure;
-
-    crypto_param.data = NULL;
-
-    mechanism = PK11_AlgtagToMechanism(SECOID_FindOIDTag(
-					&epki->algorithm.algorithm));
-
-    switch (keyType) {
-    default:
-    case rsaKey:
-	key_type = CKK_RSA;
-	switch  (keyUsage & (KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE)) {
-	case KU_KEY_ENCIPHERMENT:
-	    usage = rsaUsage;
-	    usageCount = 2;
-	    break;
-	case KU_DIGITAL_SIGNATURE:
-	    usage = &rsaUsage[2];
-	    usageCount = 2;
-	    break;
-	case KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE:
-	case 0: /* default to everything */
-	    usage = rsaUsage;
-	    usageCount = 4;
-	    break;
-	}
-        break;
-    case dhKey:
-	key_type = CKK_DH;
-	usage = dhUsage;
-	usageCount = sizeof(dhUsage)/sizeof(dhUsage[0]);
-	break;
-    case dsaKey:
-	key_type = CKK_DSA;
-	usage = dsaUsage;
-	usageCount = sizeof(dsaUsage)/sizeof(dsaUsage[0]);
-	break;
-    }
-
-try_faulty_3des:
-    pbe_param = PK11_ParamFromAlgid(&epki->algorithm);
-
-    key = PK11_RawPBEKeyGen(slot, mechanism, pbe_param, pwitem, 
-							faulty3DES, wincx);
-    if((key == NULL) || (pbe_param == NULL)) {
-	rv = SECFailure;
-	goto done;
-    }
-
-    pbeMech.mechanism = mechanism;
-    pbeMech.pParameter = pbe_param->data;
-    pbeMech.ulParameterLen = pbe_param->len;
-
-    crv = PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, 
-					        pwitem, faulty3DES);
-    if(crv != CKR_OK) {
-	rv = SECFailure;
-	goto done;
-    }
-
-    cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMech.mechanism);
-    crypto_param.data = (unsigned char*)cryptoMech.pParameter;
-    crypto_param.len = cryptoMech.ulParameterLen;
-
-    PORT_Assert(usage != NULL);
-    PORT_Assert(usageCount != 0);
-    privKey = PK11_UnwrapPrivKey(slot, key, cryptoMech.mechanism, 
-				 &crypto_param, &epki->encryptedData, 
-				 nickname, publicValue, isPerm, isPrivate,
-				 key_type, usage, usageCount, wincx);
-    if(privKey) {
-	SECKEY_DestroyPrivateKey(privKey);
-	privKey = NULL;
-	rv = SECSuccess;
-	goto done;
-    }
-
-    /* if we are unable to import the key and the mechanism is 
-     * CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, then it is possible that
-     * the encrypted blob was created with a buggy key generation method
-     * which is described in the PKCS 12 implementation notes.  So we
-     * need to try importing via that method.
-     */ 
-    if((mechanism == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC) && (!faulty3DES)) {
-	/* clean up after ourselves before redoing the key generation. */
-
-	PK11_FreeSymKey(key);
-	key = NULL;
-
-	if(pbe_param) {
-	    SECITEM_ZfreeItem(pbe_param, PR_TRUE);
-	    pbe_param = NULL;
-	}
-
-	if(crypto_param.data) {
-	    SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
-	    crypto_param.data = NULL;
-	    cryptoMech.pParameter = NULL;
-	    crypto_param.len = cryptoMech.ulParameterLen = 0;
-	}
-
-	faulty3DES = PR_TRUE;
-	goto try_faulty_3des;
-    }
-
-    /* key import really did fail */
-    rv = SECFailure;
-
-done:
-    if(pbe_param != NULL) {
-	SECITEM_ZfreeItem(pbe_param, PR_TRUE);
-	pbe_param = NULL;
-    }
-
-    if(crypto_param.data != NULL) {
-	SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
-    }
-
-    if(key != NULL) {
-    	PK11_FreeSymKey(key);
-    }
-
-    return rv;
-}
-
-SECKEYPrivateKeyInfo *
-PK11_ExportPrivateKeyInfo(CERTCertificate *cert, void *wincx)
-{
-    return NULL;
-}
-
-static int
-pk11_private_key_encrypt_buffer_length(SECKEYPrivateKey *key)
-				
-{
-    CK_ATTRIBUTE rsaTemplate = { CKA_MODULUS, NULL, 0 };
-    CK_ATTRIBUTE dsaTemplate = { CKA_PRIME, NULL, 0 };
-    CK_ATTRIBUTE_PTR pTemplate;
-    CK_RV crv;
-    int length;
-
-    if(!key) {
-	return -1;
-    }
-
-    switch (key->keyType) {
-	case rsaKey:
-	    pTemplate = &rsaTemplate;
-	    break;
-	case dsaKey:
-	case dhKey:
-	    pTemplate = &dsaTemplate;
-	    break;
-	case fortezzaKey:
-	default:
-	    pTemplate = NULL;
-    }
-
-    if(!pTemplate) {
-	return -1;
-    }
-
-    crv = PK11_GetAttributes(NULL, key->pkcs11Slot, key->pkcs11ID, 
-								pTemplate, 1);
-    if(crv != CKR_OK) {
-	PORT_SetError( PK11_MapError(crv) );
-	return -1;
-    }
-
-    length = pTemplate->ulValueLen;
-    length *= 10;
-
-    if(pTemplate->pValue != NULL) {
-	PORT_Free(pTemplate->pValue);
-    }
-
-    return length;
-}
-
-SECKEYEncryptedPrivateKeyInfo * 
-PK11_ExportEncryptedPrivateKeyInfo(PK11SlotInfo *slot, SECOidTag algTag,
-   SECItem *pwitem, CERTCertificate *cert, int iteration, void *wincx)
-{
-    SECKEYEncryptedPrivateKeyInfo *epki = NULL;
-    SECKEYPrivateKey *pk = NULL;
-    PRArenaPool *arena = NULL;
-    SECAlgorithmID *algid;
-    CK_MECHANISM_TYPE mechanism;
-    SECItem *pbe_param = NULL, crypto_param;
-    PK11SymKey *key = NULL;
-    SECStatus rv = SECSuccess;
-    CK_MECHANISM pbeMech, cryptoMech;
-    CK_ULONG encBufLenPtr;
-    CK_RV crv;
-    SECItem encryptedKey = {siBuffer,NULL,0};
-    int encryptBufLen;
-
-    if(!pwitem)
-	return NULL;
-
-    crypto_param.data = NULL;
-
-    arena = PORT_NewArena(2048);
-    epki = (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(arena, 
-    		sizeof(SECKEYEncryptedPrivateKeyInfo));
-    if(epki == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    epki->arena = arena;
-    algid = SEC_PKCS5CreateAlgorithmID(algTag, NULL, iteration);
-    if(algid == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    mechanism = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
-    pbe_param = PK11_ParamFromAlgid(algid);
-    pbeMech.mechanism = mechanism;
-    pbeMech.pParameter = pbe_param->data;
-    pbeMech.ulParameterLen = pbe_param->len;
-    key = PK11_RawPBEKeyGen(slot, mechanism, pbe_param, pwitem, 
-							PR_FALSE, wincx);
-
-    if((key == NULL) || (pbe_param == NULL)) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    crv = PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, 
-						pwitem, PR_FALSE);
-    if(crv != CKR_OK) {
-	rv = SECFailure;
-	goto loser;
-    }
-    cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMech.mechanism);
-    crypto_param.data = (unsigned char *)cryptoMech.pParameter;
-    crypto_param.len = cryptoMech.ulParameterLen;
-
-    pk = PK11_FindKeyByAnyCert(cert, wincx);
-    if(pk == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    encryptBufLen = pk11_private_key_encrypt_buffer_length(pk); 
-    if(encryptBufLen == -1) {
-	rv = SECFailure;
-	goto loser;
-    }
-    encryptedKey.len = (unsigned int)encryptBufLen;
-    encBufLenPtr = (CK_ULONG) encryptBufLen;
-    encryptedKey.data = (unsigned char *)PORT_ZAlloc(encryptedKey.len);
-    if(!encryptedKey.data) {
-	rv = SECFailure;
-	goto loser;
-    }
-	
-    /* we are extracting an encrypted privateKey structure.
-     * which needs to be freed along with the buffer into which it is
-     * returned.  eventually, we should retrieve an encrypted key using
-     * pkcs8/pkcs5.
-     */
-    PK11_EnterSlotMonitor(pk->pkcs11Slot);
-    crv = PK11_GETTAB(pk->pkcs11Slot)->C_WrapKey(pk->pkcs11Slot->session, 
-    		&cryptoMech, key->objectID, pk->pkcs11ID, encryptedKey.data, 
-		&encBufLenPtr); 
-    PK11_ExitSlotMonitor(pk->pkcs11Slot);
-    encryptedKey.len = (unsigned int) encBufLenPtr;
-    if(crv != CKR_OK) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    if(!encryptedKey.len) {
-	rv = SECFailure;
-	goto loser;
-    }
-    
-    rv = SECITEM_CopyItem(arena, &epki->encryptedData, &encryptedKey);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    rv = SECOID_CopyAlgorithmID(arena, &epki->algorithm, algid);
-
-loser:
-    if(pbe_param != NULL) {
-	SECITEM_ZfreeItem(pbe_param, PR_TRUE);
-	pbe_param = NULL;
-    }
-
-    if(crypto_param.data != NULL) {
-	SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
-	crypto_param.data = NULL;
-    }
-
-    if(key != NULL) {
-    	PK11_FreeSymKey(key);
-    }
-
-    if (pk != NULL) {
-	SECKEY_DestroyPrivateKey(pk);
-    }
-
-    if(rv == SECFailure) {
-	if(arena != NULL) {
-	    PORT_FreeArena(arena, PR_TRUE);
-	}
-	epki = NULL;
-    }
-
-    return epki;
-}
-
-
-/*
- * This is required to allow FORTEZZA_NULL and FORTEZZA_RC4
- * working. This function simply gets a valid IV for the keys.
- */
-SECStatus
-PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len)
-{
-    CK_MECHANISM mech_info;
-    CK_ULONG count = 0;
-    CK_RV crv;
-    SECStatus rv = SECFailure;
-
-    mech_info.mechanism = CKM_SKIPJACK_CBC64;
-    mech_info.pParameter = iv;
-    mech_info.ulParameterLen = len;
-
-    /* generate the IV for fortezza */
-    PK11_EnterSlotMonitor(symKey->slot);
-    crv=PK11_GETTAB(symKey->slot)->C_EncryptInit(symKey->slot->session,
-				&mech_info, symKey->objectID);
-    if (crv == CKR_OK) {
-	PK11_GETTAB(symKey->slot)->C_EncryptFinal(symKey->slot->session, 
-								NULL, &count);
-	rv = SECSuccess;
-    }
-    PK11_ExitSlotMonitor(symKey->slot);
-    return rv;
-}
-
-SECKEYPrivateKey *
-PK11_UnwrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
-		   CK_MECHANISM_TYPE wrapType, SECItem *param, 
-		   SECItem *wrappedKey, SECItem *label, 
-		   SECItem *idValue, PRBool perm, PRBool sensitive,
-		   CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
-		   void *wincx)
-{
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
-    CK_ATTRIBUTE keyTemplate[15] ;
-    int templateCount = 0;
-    CK_OBJECT_HANDLE privKeyID;
-    CK_MECHANISM mechanism;
-    CK_ATTRIBUTE *attrs = keyTemplate;
-    SECItem *param_free = NULL, *ck_id;
-    CK_RV crv;
-    CK_SESSION_HANDLE rwsession;
-    PK11SymKey *newKey = NULL;
-    int i;
-
-    if(!slot || !wrappedKey || !idValue) {
-	/* SET AN ERROR!!! */
-	return NULL;
-    }
-
-    ck_id = PK11_MakeIDFromPubKey(idValue);
-    if(!ck_id) {
-	return NULL;
-    }
-
-    PK11_SETATTRS(attrs, CKA_TOKEN, perm ? &cktrue : &ckfalse,
-					 sizeof(cktrue)); attrs++;
-    PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass)); attrs++;
-    PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType)); attrs++;
-    PK11_SETATTRS(attrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
-					 sizeof(cktrue)); attrs++;
-    PK11_SETATTRS(attrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse,
-					sizeof(cktrue)); attrs++;
-    PK11_SETATTRS(attrs, CKA_LABEL, label->data, label->len); attrs++;
-    PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len); attrs++;
-    for (i=0; i < usageCount; i++) {
-    	PK11_SETATTRS(attrs, usage[i], &cktrue, sizeof(cktrue)); attrs++;
-    }
-
-    if (PK11_IsInternal(slot)) {
-	PK11_SETATTRS(attrs, CKA_NETSCAPE_DB, idValue->data, 
-		      idValue->len); attrs++;
-    }
-
-    templateCount = attrs - keyTemplate;
-    PR_ASSERT(templateCount <= (sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE)) );
-
-    mechanism.mechanism = wrapType;
-    if(!param) param = param_free= PK11_ParamFromIV(wrapType, NULL);
-    if(param) {
-	mechanism.pParameter = param->data;
-	mechanism.ulParameterLen = param->len;
-    } else {
-	mechanism.pParameter = NULL;
-	mechanism.ulParameterLen = 0;
-    }
-
-    if (wrappingKey->slot != slot) {
-	newKey = pk11_CopyToSlot(slot,wrapType,CKA_WRAP,wrappingKey);
-    } else {
-	newKey = PK11_ReferenceSymKey(wrappingKey);
-    }
-
-    if (newKey) {
-	if (perm) {
-	    rwsession = PK11_GetRWSession(slot);
-	} else {
-	    rwsession = slot->session;
-	}
-	crv = PK11_GETTAB(slot)->C_UnwrapKey(rwsession, &mechanism, 
-					 newKey->objectID,
-					 wrappedKey->data, 
-					 wrappedKey->len, keyTemplate, 
-					 templateCount, &privKeyID);
-
-	if (perm) PK11_RestoreROSession(slot, rwsession);
-	PK11_FreeSymKey(newKey);
-    } else {
-	crv = CKR_FUNCTION_NOT_SUPPORTED;
-    }
-
-    if(ck_id) {
-	SECITEM_FreeItem(ck_id, PR_TRUE);
-	ck_id = NULL;
-    }
-
-    if (crv != CKR_OK) {
-	/* we couldn't unwrap the key, use the internal module to do the
-	 * unwrap, then load the new key into the token */
-	 PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
-	if (int_slot && (slot != int_slot)) {
-	    SECKEYPrivateKey *privKey = PK11_UnwrapPrivKey(int_slot,
-			wrappingKey, wrapType, param, wrappedKey, label,
-			idValue, PR_FALSE, PR_FALSE, 
-			keyType, usage, usageCount, wincx);
-	    if (privKey) {
-		SECKEYPrivateKey *newPrivKey = pk11_loadPrivKey(slot,privKey,
-						NULL,perm,sensitive);
-		SECKEY_DestroyPrivateKey(privKey);
-		PK11_FreeSlot(int_slot);
-		return newPrivKey;
-	    }
-	}
-	if (int_slot) PK11_FreeSlot(int_slot);
-	PORT_SetError( PK11_MapError(crv) );
-	return NULL;
-    }
-    return PK11_MakePrivKey(slot, nullKey, PR_FALSE, privKeyID, wincx);
-}
-
-#define ALLOC_BLOCK  10
-
-/*
- * Now we're going to wrap a SECKEYPrivateKey with a PK11SymKey
- * The strategy is to get both keys to reside in the same slot,
- * one that can perform the desired crypto mechanism and then
- * call C_WrapKey after all the setup has taken place.
- */
-SECStatus
-PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey, 
-		 SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType, 
-		 SECItem *param, SECItem *wrappedKey, void *wincx)
-{
-    PK11SlotInfo     *privSlot   = privKey->pkcs11Slot; /* The slot where
-							 * the private key
-							 * we are going to
-							 * wrap lives.
-							 */
-    PK11SymKey       *newSymKey  = NULL;
-    SECKEYPrivateKey *newPrivKey = NULL;
-    SECItem          *param_free = NULL;
-    CK_ULONG          len        = wrappedKey->len;
-    CK_MECHANISM      mech;
-    CK_RV             crv;
-
-    if (!privSlot || !PK11_DoesMechanism(privSlot, wrapType)) {
-        /* Figure out a slot that does the mechanism and try to import
-	 * the private key onto that slot.
-	 */
-        PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
-	privSlot = int_slot; /* The private key has a new home */
-	newPrivKey = pk11_loadPrivKey(privSlot,privKey,NULL,PR_FALSE,PR_FALSE);
-	/* newPrivKey has allocated its own reference to the slot, so it's
-	 * safe until we destroy newPrivkey.
-	 */
-	PK11_FreeSlot(int_slot);
-	if (newPrivKey == NULL) {
-	    return SECFailure;
-	}
-	privKey = newPrivKey;
-    }
-
-    if (privSlot != wrappingKey->slot) {
-        newSymKey = pk11_CopyToSlot (privSlot, wrapType, CKA_WRAP, 
-				     wrappingKey);
-	wrappingKey = newSymKey;
-    }
-
-    if (wrappingKey == NULL) {
-        if (newPrivKey) {
-		SECKEY_DestroyPrivateKey(newPrivKey);
-	}
-	return SECFailure;
-    }
-    mech.mechanism = wrapType;
-    if (!param) {
-        param = param_free = PK11_ParamFromIV(wrapType, NULL);
-    }
-    if (param) {
-        mech.pParameter     = param->data;
-	mech.ulParameterLen = param->len;
-    } else {
-        mech.pParameter     = NULL;
-	mech.ulParameterLen = 0;
-    }
-
-    PK11_EnterSlotMonitor(privSlot);
-    crv = PK11_GETTAB(privSlot)->C_WrapKey(privSlot->session, &mech, 
-					   wrappingKey->objectID, 
-					   privKey->pkcs11ID,
-					   wrappedKey->data, &len);
-    PK11_ExitSlotMonitor(privSlot);
-
-    if (newSymKey) {
-        PK11_FreeSymKey(newSymKey);
-    }
-    if (newPrivKey) {
-        SECKEY_DestroyPrivateKey(newPrivKey);
-    }
-
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-	return SECFailure;
-    }
-
-    wrappedKey->len = len;
-    return SECSuccess;
-}
-    
-void   
-PK11_SetFortezzaHack(PK11SymKey *symKey) { 
-   symKey->origin = PK11_OriginFortezzaHack;
-}
-
-SECItem*
-PK11_DEREncodePublicKey(SECKEYPublicKey *pubk)
-{
-    CERTSubjectPublicKeyInfo *spki=NULL;
-    SECItem *spkiDER = NULL;
-
-    if( pubk == NULL ) {
-        return NULL;
-    }
-
-    /* get the subjectpublickeyinfo */
-    spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
-    if( spki == NULL ) {
-        goto finish;
-    }
-
-    /* DER-encode the subjectpublickeyinfo */
-    spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL/*dest*/, spki,
-                    CERT_SubjectPublicKeyInfoTemplate);
-
-finish:
-    return spkiDER;
-}
-
-PK11SymKey*
-PK11_CopySymKeyForSigning(PK11SymKey *originalKey, CK_MECHANISM_TYPE mech)
-{
-    return pk11_CopyToSlot(PK11_GetSlotFromKey(originalKey), mech, CKA_SIGN,
-			originalKey);
-}
-
-char *
-PK11_GetSymKeyNickname(PK11SymKey *symKey)
-{
-    return PK11_GetObjectNickname(symKey->slot,symKey->objectID);
-}
-
-char *
-PK11_GetPrivateKeyNickname(SECKEYPrivateKey *privKey)
-{
-    return PK11_GetObjectNickname(privKey->pkcs11Slot,privKey->pkcs11ID);
-}
-
-char *
-PK11_GetPublicKeyNickname(SECKEYPublicKey *pubKey)
-{
-    return PK11_GetObjectNickname(pubKey->pkcs11Slot,pubKey->pkcs11ID);
-}
-
-SECStatus
-PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname)
-{
-    return PK11_SetObjectNickname(symKey->slot,symKey->objectID,nickname);
-}
-
-SECStatus
-PK11_SetPrivateKeyNickname(SECKEYPrivateKey *privKey, const char *nickname)
-{
-    return PK11_SetObjectNickname(privKey->pkcs11Slot,
-					privKey->pkcs11ID,nickname);
-}
-
-SECStatus
-PK11_SetPublicKeyNickname(SECKEYPublicKey *pubKey, const char *nickname)
-{
-    return PK11_SetObjectNickname(pubKey->pkcs11Slot,
-					pubKey->pkcs11ID,nickname);
-}
-
-SECKEYPQGParams *
-PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey)
-{
-    CK_ATTRIBUTE pTemplate[] = {
-	{ CKA_PRIME, NULL, 0 },
-	{ CKA_SUBPRIME, NULL, 0 },
-	{ CKA_BASE, NULL, 0 },
-    };
-    int pTemplateLen = sizeof(pTemplate)/sizeof(pTemplate[0]);
-    PRArenaPool *arena = NULL;
-    SECKEYPQGParams *params;
-    CK_RV crv;
-
-
-    arena = PORT_NewArena(2048);
-    if (arena == NULL) {
-	goto loser;
-    }
-    params=(SECKEYPQGParams *)PORT_ArenaZAlloc(arena,sizeof(SECKEYPQGParams));
-    if (params == NULL) {
-	goto loser;
-    }
-
-    crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID, 
-						pTemplate, pTemplateLen);
-    if (crv != CKR_OK) {
-        PORT_SetError( PK11_MapError(crv) );
-	goto loser;
-    }
-
-    params->arena = arena;
-    params->prime.data = pTemplate[0].pValue;
-    params->prime.len = pTemplate[0].ulValueLen;
-    params->subPrime.data = pTemplate[1].pValue;
-    params->subPrime.len = pTemplate[1].ulValueLen;
-    params->base.data = pTemplate[2].pValue;
-    params->base.len = pTemplate[2].ulValueLen;
-
-    return params;
-
-loser:
-    if (arena != NULL) {
-	PORT_FreeArena(arena,PR_FALSE);
-    }
-    return NULL;
-}
-
-PK11SymKey *
-PK11_GetNextSymKey(PK11SymKey *symKey)
-{
-    return symKey ? symKey->next : NULL;
-}
diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
deleted file mode 100644
index 706509588..000000000
--- a/security/nss/lib/pk11wrap/pk11slot.c
+++ /dev/null
@@ -1,4507 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Deal with PKCS #11 Slots.
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11t.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "key.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "secerr.h"
-/*#include "secpkcs5.h" */
-
-#include "dev.h"
-#include "dev3hack.h"
-#include "pki3hack.h"
-#include "pkim.h"
-
-
-/*************************************************************
- * local static and global data
- *************************************************************/
-
-/*
- * This array helps parsing between names, mechanisms, and flags.
- * to make the config files understand more entries, add them
- * to this table. (NOTE: we need function to export this table and it's size)
- */
-PK11DefaultArrayEntry PK11_DefaultArray[] = {
-	{ "RSA", SECMOD_RSA_FLAG, CKM_RSA_PKCS },
-	{ "DSA", SECMOD_DSA_FLAG, CKM_DSA },
-	{ "DH", SECMOD_DH_FLAG, CKM_DH_PKCS_DERIVE },
-	{ "RC2", SECMOD_RC2_FLAG, CKM_RC2_CBC },
-	{ "RC4", SECMOD_RC4_FLAG, CKM_RC4 },
-	{ "DES", SECMOD_DES_FLAG, CKM_DES_CBC },
-	{ "AES", SECMOD_AES_FLAG, CKM_AES_CBC },
-	{ "RC5", SECMOD_RC5_FLAG, CKM_RC5_CBC },
-	{ "SHA-1", SECMOD_SHA1_FLAG, CKM_SHA_1 },
-	{ "MD5", SECMOD_MD5_FLAG, CKM_MD5 },
-	{ "MD2", SECMOD_MD2_FLAG, CKM_MD2 },
-	{ "SSL", SECMOD_SSL_FLAG, CKM_SSL3_PRE_MASTER_KEY_GEN },
-	{ "TLS", SECMOD_TLS_FLAG, CKM_TLS_MASTER_KEY_DERIVE },
-	{ "SKIPJACK", SECMOD_FORTEZZA_FLAG, CKM_SKIPJACK_CBC64 },
-	{ "Publicly-readable certs", SECMOD_FRIENDLY_FLAG, CKM_INVALID_MECHANISM },
-	{ "Random Num Generator", SECMOD_RANDOM_FLAG, CKM_FAKE_RANDOM },
-};
-int num_pk11_default_mechanisms = sizeof(PK11_DefaultArray) / sizeof(PK11_DefaultArray[0]);
-
-/*
- * These  slotlists are lists of modules which provide default support for
- *  a given algorithm or mechanism.
- */
-static PK11SlotList pk11_aesSlotList,
-    pk11_desSlotList,
-    pk11_rc4SlotList,
-    pk11_rc2SlotList,
-    pk11_rc5SlotList,
-    pk11_sha1SlotList,
-    pk11_md5SlotList,
-    pk11_md2SlotList,
-    pk11_rsaSlotList,
-    pk11_dsaSlotList,
-    pk11_dhSlotList,
-    pk11_ideaSlotList,
-    pk11_sslSlotList,
-    pk11_tlsSlotList,
-    pk11_randomSlotList;
-
-/*
- * Tables used for Extended mechanism mapping (currently not used)
- */
-typedef struct {
-	CK_MECHANISM_TYPE keyGen;
-	CK_KEY_TYPE keyType;
-	CK_MECHANISM_TYPE type;
-	int blockSize;
-	int iv;
-} pk11MechanismData;
-	
-static pk11MechanismData pk11_default = 
-  { CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET, CKM_FAKE_RANDOM, 8, 8 };
-static pk11MechanismData *pk11_MechanismTable = NULL;
-static int pk11_MechTableSize = 0;
-static int pk11_MechEntrySize = 0;
-
-/*
- * list of mechanisms we're willing to wrap secret keys with.
- * This list is ordered by preference.
- */
-CK_MECHANISM_TYPE wrapMechanismList[] = {
-    CKM_DES3_ECB,
-    CKM_CAST5_ECB,
-    CKM_AES_ECB,
-    CKM_CAST5_ECB,
-    CKM_DES_ECB,
-    CKM_KEY_WRAP_LYNKS,
-    CKM_IDEA_ECB,
-    CKM_CAST3_ECB,
-    CKM_CAST_ECB,
-    CKM_RC5_ECB,
-    CKM_RC2_ECB,
-    CKM_CDMF_ECB,
-    CKM_SKIPJACK_WRAP,
-};
-
-int wrapMechanismCount = sizeof(wrapMechanismList)/sizeof(wrapMechanismList[0]);
-
-/*
- * This structure keeps track of status that spans all the Slots.
- * NOTE: This is a global data structure. It semantics expect thread crosstalk
- * be very careful when you see it used. 
- *  It's major purpose in life is to allow the user to log in one PER 
- * Tranaction, even if a transaction spans threads. The problem is the user
- * may have to enter a password one just to be able to look at the 
- * personalities/certificates (s)he can use. Then if Auth every is one, they
- * may have to enter the password again to use the card. See PK11_StartTransac
- * and PK11_EndTransaction.
- */
-static struct PK11GlobalStruct {
-   int transaction;
-   PRBool inTransaction;
-   char *(PR_CALLBACK *getPass)(PK11SlotInfo *,PRBool,void *);
-   PRBool (PR_CALLBACK *verifyPass)(PK11SlotInfo *,void *);
-   PRBool (PR_CALLBACK *isLoggedIn)(PK11SlotInfo *,void *);
-} PK11_Global = { 1, PR_FALSE, NULL, NULL, NULL };
- 
-/************************************************************
- * Generic Slot List and Slot List element manipulations
- ************************************************************/
-
-/*
- * allocate a new list 
- */
-PK11SlotList *
-PK11_NewSlotList(void)
-{
-    PK11SlotList *list;
- 
-    list = (PK11SlotList *)PORT_Alloc(sizeof(PK11SlotList));
-    if (list == NULL) return NULL;
-    list->head = NULL;
-    list->tail = NULL;
-#ifdef PKCS11_USE_THREADS
-    list->lock = PZ_NewLock(nssILockList);
-    if (list->lock == NULL) {
-	PORT_Free(list);
-	return NULL;
-    }
-#else
-    list->lock = NULL;
-#endif
-
-    return list;
-}
-
-/*
- * free a list element when all the references go away.
- */
-static void
-pk11_FreeListElement(PK11SlotList *list, PK11SlotListElement *le)
-{
-    PRBool freeit = PR_FALSE;
-
-    PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
-    if (le->refCount-- == 1) {
-	freeit = PR_TRUE;
-    }
-    PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-    if (freeit) {
-    	PK11_FreeSlot(le->slot);
-	PORT_Free(le);
-    }
-}
-
-/*
- * if we are freeing the list, we must be the only ones with a pointer
- * to the list.
- */
-void
-PK11_FreeSlotList(PK11SlotList *list)
-{
-    PK11SlotListElement *le, *next ;
-    if (list == NULL) return;
-
-    for (le = list->head ; le; le = next) {
-	next = le->next;
-	pk11_FreeListElement(list,le);
-    }
-    PK11_USE_THREADS(PZ_DestroyLock((PZLock *)(list->lock));)
-    PORT_Free(list);
-}
-
-/*
- * add a slot to a list
- */
-SECStatus
-PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
-{
-    PK11SlotListElement *le;
-
-    le = (PK11SlotListElement *) PORT_Alloc(sizeof(PK11SlotListElement));
-    if (le == NULL) return SECFailure;
-
-    le->slot = PK11_ReferenceSlot(slot);
-    le->prev = NULL;
-    le->refCount = 1;
-    PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
-    if (list->head) list->head->prev = le; else list->tail = le;
-    le->next = list->head;
-    list->head = le;
-    PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-
-    return SECSuccess;
-}
-
-/*
- * remove a slot entry from the list
- */
-SECStatus
-PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le)
-{
-    PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
-    if (le->prev) le->prev->next = le->next; else list->head = le->next;
-    if (le->next) le->next->prev = le->prev; else list->tail = le->prev;
-    le->next = le->prev = NULL;
-    PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-    pk11_FreeListElement(list,le);
-    return SECSuccess;
-}
-
-/*
- * Move a list to the end of the target list. NOTE: There is no locking
- * here... This assumes BOTH lists are private copy lists.
- */
-SECStatus
-PK11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
-{
-    if (src->head == NULL) return SECSuccess;
-
-    if (target->tail == NULL) {
-	target->head = src->head;
-    } else {
-	target->tail->next = src->head;
-    }
-    src->head->prev = target->tail;
-    target->tail = src->tail;
-    src->head = src->tail = NULL;
-    return SECSuccess;
-}
-
-/*
- * get an element from the list with a reference. You must own the list.
- */
-PK11SlotListElement *
-PK11_GetFirstRef(PK11SlotList *list)
-{
-    PK11SlotListElement *le;
-
-    le = list->head;
-    if (le != NULL) (le)->refCount++;
-    return le;
-}
-
-/*
- * get the next element from the list with a reference. You must own the list.
- */
-PK11SlotListElement *
-PK11_GetNextRef(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
-{
-    PK11SlotListElement *new_le;
-    new_le = le->next;
-    if (new_le) new_le->refCount++;
-    pk11_FreeListElement(list,le);
-    return new_le;
-}
-
-/*
- * get an element safely from the list. This just makes sure that if
- * this element is not deleted while we deal with it.
- */
-PK11SlotListElement *
-PK11_GetFirstSafe(PK11SlotList *list)
-{
-    PK11SlotListElement *le;
-
-    PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
-    le = list->head;
-    if (le != NULL) (le)->refCount++;
-    PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-    return le;
-}
-
-/*
- * NOTE: if this element gets deleted, we can no longer safely traverse using
- * it's pointers. We can either terminate the loop, or restart from the
- * beginning. This is controlled by the restart option.
- */
-PK11SlotListElement *
-PK11_GetNextSafe(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
-{
-    PK11SlotListElement *new_le;
-    PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
-    new_le = le->next;
-    if (le->next == NULL) {
-	/* if the prev and next fields are NULL then either this element
-	 * has been removed and we need to walk the list again (if restart
-	 * is true) or this was the only element on the list */
-	if ((le->prev == NULL) && restart &&  (list->head != le)) {
-	    new_le = list->head;
-	}
-    }
-    if (new_le) new_le->refCount++;
-    PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-    pk11_FreeListElement(list,le);
-    return new_le;
-}
-
-
-/*
- * Find the element that holds this slot
- */
-PK11SlotListElement *
-PK11_FindSlotElement(PK11SlotList *list,PK11SlotInfo *slot)
-{
-    PK11SlotListElement *le;
-
-    for (le = PK11_GetFirstSafe(list); le;
-			 	le = PK11_GetNextSafe(list,le,PR_TRUE)) {
-	if (le->slot == slot) return le;
-    }
-    return NULL;
-}
-
-/************************************************************
- * Generic Slot Utilities
- ************************************************************/
-/*
- * Create a new slot structure
- */
-PK11SlotInfo *
-PK11_NewSlotInfo(void)
-{
-    PK11SlotInfo *slot;
-
-    slot = (PK11SlotInfo *)PORT_Alloc(sizeof(PK11SlotInfo));
-    if (slot == NULL) return slot;
-
-#ifdef PKCS11_USE_THREADS
-    slot->refLock = PZ_NewLock(nssILockSlot);
-    if (slot->refLock == NULL) {
-	PORT_Free(slot);
-	return slot;
-    }
-    slot->sessionLock = PZ_NewLock(nssILockSession);
-    if (slot->sessionLock == NULL) {
-	PZ_DestroyLock(slot->refLock);
-	PORT_Free(slot);
-	return slot;
-    }
-    slot->freeListLock = PZ_NewLock(nssILockFreelist);
-    if (slot->freeListLock == NULL) {
-	PZ_DestroyLock(slot->sessionLock);
-	PZ_DestroyLock(slot->refLock);
-	PORT_Free(slot);
-	return slot;
-    }
-#else
-    slot->sessionLock = NULL;
-    slot->refLock = NULL;
-    slot->freeListLock = NULL;
-#endif
-    slot->freeSymKeysHead = NULL;
-    slot->keyCount = 0;
-    slot->maxKeyCount = 0;
-    slot->functionList = NULL;
-    slot->needTest = PR_TRUE;
-    slot->isPerm = PR_FALSE;
-    slot->isHW = PR_FALSE;
-    slot->isInternal = PR_FALSE;
-    slot->isThreadSafe = PR_FALSE;
-    slot->disabled = PR_FALSE;
-    slot->series = 0;
-    slot->wrapKey = 0;
-    slot->wrapMechanism = CKM_INVALID_MECHANISM;
-    slot->refKeys[0] = CK_INVALID_HANDLE;
-    slot->reason = PK11_DIS_NONE;
-    slot->readOnly = PR_TRUE;
-    slot->needLogin = PR_FALSE;
-    slot->hasRandom = PR_FALSE;
-    slot->defRWSession = PR_FALSE;
-    slot->protectedAuthPath = PR_FALSE;
-    slot->flags = 0;
-    slot->session = CK_INVALID_SESSION;
-    slot->slotID = 0;
-    slot->defaultFlags = 0;
-    slot->refCount = 1;
-    slot->askpw = 0;
-    slot->timeout = 0;
-    slot->mechanismList = NULL;
-    slot->mechanismCount = 0;
-    slot->cert_array = NULL;
-    slot->cert_count = 0;
-    slot->slot_name[0] = 0;
-    slot->token_name[0] = 0;
-    PORT_Memset(slot->serial,' ',sizeof(slot->serial));
-    slot->module = NULL;
-    slot->authTransact = 0;
-    slot->authTime = LL_ZERO;
-    slot->minPassword = 0;
-    slot->maxPassword = 0;
-    slot->hasRootCerts = PR_FALSE;
-    slot->nssToken = NULL;
-    return slot;
-}
-    
-/* create a new reference to a slot so it doesn't go away */
-PK11SlotInfo *
-PK11_ReferenceSlot(PK11SlotInfo *slot)
-{
-    PK11_USE_THREADS(PZ_Lock(slot->refLock);)
-    slot->refCount++;
-    PK11_USE_THREADS(PZ_Unlock(slot->refLock);)
-    return slot;
-}
-
-/* Destroy all info on a slot we have built up */
-void
-PK11_DestroySlot(PK11SlotInfo *slot)
-{
-   /* first free up all the sessions on this slot */
-   if (slot->functionList) {
-	PK11_GETTAB(slot)->C_CloseAllSessions(slot->slotID);
-   }
-
-   /* free up the cached keys and sessions */
-   PK11_CleanKeyList(slot);
-
-   if (slot->mechanismList) {
-	PORT_Free(slot->mechanismList);
-   }
-
-   /* finally Tell our parent module that we've gone away so it can unload */
-   if (slot->module) {
-	SECMOD_SlotDestroyModule(slot->module,PR_TRUE);
-   }
-#ifdef PKCS11_USE_THREADS
-   if (slot->refLock) {
-	PZ_DestroyLock(slot->refLock);
-	slot->refLock = NULL;
-   }
-   if (slot->sessionLock) {
-	PZ_DestroyLock(slot->sessionLock);
-	slot->sessionLock = NULL;
-   }
-   if (slot->freeListLock) {
-	PZ_DestroyLock(slot->freeListLock);
-	slot->freeListLock = NULL;
-   }
-#endif
-
-   /* ok, well not quit finally... now we free the memory */
-   PORT_Free(slot);
-}
-
-
-/* We're all done with the slot, free it */
-void
-PK11_FreeSlot(PK11SlotInfo *slot)
-{
-    PRBool freeit = PR_FALSE;
-
-    PK11_USE_THREADS(PZ_Lock(slot->refLock);)
-    if (slot->refCount-- == 1) freeit = PR_TRUE;
-    PK11_USE_THREADS(PZ_Unlock(slot->refLock);)
-
-    if (freeit) PK11_DestroySlot(slot);
-}
-
-void
-PK11_EnterSlotMonitor(PK11SlotInfo *slot) {
-    PZ_Lock(slot->sessionLock);
-}
-
-void
-PK11_ExitSlotMonitor(PK11SlotInfo *slot) {
-    PZ_Unlock(slot->sessionLock);
-}
-
-/***********************************************************
- * Functions to find specific slots.
- ***********************************************************/
-PRBool
-SECMOD_HasRootCerts(void)
-{
-   SECMODModuleList *mlp;
-   SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
-   SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
-   int i;
-   PK11SlotInfo *slot = NULL;
-   PRBool found = PR_FALSE;
-
-   /* work through all the slots */
-   SECMOD_GetReadLock(moduleLock);
-   for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-	for (i=0; i < mlp->module->slotCount; i++) {
-	    PK11SlotInfo *tmpSlot = mlp->module->slots[i];
-	    if (PK11_IsPresent(tmpSlot)) {
-		if (tmpSlot->hasRootCerts) {
-		    found = PR_TRUE;
-		    break;
-		}
-	    }
-	}
-	if (found) break;
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-
-    return found;
-}
-
-/***********************************************************
- * Functions to find specific slots.
- ***********************************************************/
-PK11SlotInfo *
-PK11_FindSlotByName(char *name)
-{
-   SECMODModuleList *mlp;
-   SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
-   SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
-   int i;
-   PK11SlotInfo *slot = NULL;
-
-   if ((name == NULL) || (*name == 0)) {
-	return PK11_GetInternalKeySlot();
-   }
-
-   /* work through all the slots */
-   SECMOD_GetReadLock(moduleLock);
-   for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-	for (i=0; i < mlp->module->slotCount; i++) {
-	    PK11SlotInfo *tmpSlot = mlp->module->slots[i];
-	    if (PK11_IsPresent(tmpSlot)) {
-		if (PORT_Strcmp(tmpSlot->token_name,name) == 0) {
-		    slot = PK11_ReferenceSlot(tmpSlot);
-		    break;
-		}
-	    }
-	}
-	if (slot != NULL) break;
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-
-    if (slot == NULL) {
-	PORT_SetError(SEC_ERROR_NO_TOKEN);
-    }
-
-    return slot;
-}
-
-
-PK11SlotInfo *
-PK11_FindSlotBySerial(char *serial)
-{
-   SECMODModuleList *mlp;
-   SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
-   SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
-   int i;
-   PK11SlotInfo *slot = NULL;
-
-   /* work through all the slots */
-   SECMOD_GetReadLock(moduleLock);
-   for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-	for (i=0; i < mlp->module->slotCount; i++) {
-	    PK11SlotInfo *tmpSlot = mlp->module->slots[i];
-	    if (PK11_IsPresent(tmpSlot)) {
-		if (PORT_Memcmp(tmpSlot->serial,serial,
-					sizeof(tmpSlot->serial)) == 0) {
-		    slot = PK11_ReferenceSlot(tmpSlot);
-		    break;
-		}
-	    }
-	}
-	if (slot != NULL) break;
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-
-    if (slot == NULL) {
-	PORT_SetError(SEC_ERROR_NO_TOKEN);
-    }
-
-    return slot;
-}
-
-
-
-
-/***********************************************************
- * Password Utilities
- ***********************************************************/
-/*
- * Check the user's password. Log into the card if it's correct.
- * succeed if the user is already logged in.
- */
-SECStatus
-pk11_CheckPassword(PK11SlotInfo *slot,char *pw)
-{
-    int len = PORT_Strlen(pw);
-    CK_RV crv;
-    SECStatus rv;
-    int64 currtime = PR_Now();
-
-    if (slot->protectedAuthPath) {
-	len = 0;
-	pw = NULL;
-    }
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
-						(unsigned char *)pw,len);
-    PK11_ExitSlotMonitor(slot);
-    switch (crv) {
-    /* if we're already logged in, we're good to go */
-    case CKR_OK:
-	slot->authTransact = PK11_Global.transaction;
-    case CKR_USER_ALREADY_LOGGED_IN:
-	slot->authTime = currtime;
-	rv = SECSuccess;
-	break;
-    case CKR_PIN_INCORRECT:
-	PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-	rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
-	break;
-    default:
-	PORT_SetError(PK11_MapError(crv));
-	rv = SECFailure; /* some failure we can't fix by retrying */
-    }
-    return rv;
-}
-
-/*
- * Check the user's password. Logout before hand to make sure that
- * we are really checking the password.
- */
-SECStatus
-PK11_CheckUserPassword(PK11SlotInfo *slot,char *pw)
-{
-    int len = PORT_Strlen(pw);
-    CK_RV crv;
-    SECStatus rv;
-    int64 currtime = PR_Now();
-
-    if (slot->protectedAuthPath) {
-	len = 0;
-	pw = NULL;
-    }
-
-    /* force a logout */
-    PK11_EnterSlotMonitor(slot);
-    PK11_GETTAB(slot)->C_Logout(slot->session);
-
-    crv = PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
-					(unsigned char *)pw,len);
-    PK11_ExitSlotMonitor(slot);
-    switch (crv) {
-    /* if we're already logged in, we're good to go */
-    case CKR_OK:
-	slot->authTransact = PK11_Global.transaction;
-	slot->authTime = currtime;
-	rv = SECSuccess;
-	break;
-    case CKR_PIN_INCORRECT:
-	PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-	rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
-	break;
-    default:
-	PORT_SetError(PK11_MapError(crv));
-	rv = SECFailure; /* some failure we can't fix by retrying */
-    }
-    return rv;
-}
-
-SECStatus
-PK11_Logout(PK11SlotInfo *slot)
-{
-    CK_RV crv;
-
-    /* force a logout */
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_Logout(slot->session);
-    PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-    return  SECSuccess;
-}
-
-/*
- * transaction stuff is for when we test for the need to do every
- * time auth to see if we already did it for this slot/transaction
- */
-void PK11_StartAuthTransaction(void)
-{
-PK11_Global.transaction++;
-PK11_Global.inTransaction = PR_TRUE;
-}
-
-void PK11_EndAuthTransaction(void)
-{
-PK11_Global.transaction++;
-PK11_Global.inTransaction = PR_FALSE;
-}
-
-/*
- * before we do a private key op, we check to see if we
- * need to reauthenticate.
- */
-void
-PK11_HandlePasswordCheck(PK11SlotInfo *slot,void *wincx)
-{
-    int askpw = slot->askpw;
-    PRBool NeedAuth = PR_FALSE;
-
-    if (!slot->needLogin) return;
-
-    if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
-	PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
-	if (def_slot) {
-	    askpw = def_slot->askpw;
-	    PK11_FreeSlot(def_slot);
-	}
-    }
-
-    /* timeouts are handled by isLoggedIn */
-    if (!PK11_IsLoggedIn(slot,wincx)) {
-	NeedAuth = PR_TRUE;
-    } else if (askpw == -1) {
-	if (!PK11_Global.inTransaction	||
-			 (PK11_Global.transaction != slot->authTransact)) {
-    	    PK11_EnterSlotMonitor(slot);
-	    PK11_GETTAB(slot)->C_Logout(slot->session);
-    	    PK11_ExitSlotMonitor(slot);
-	    NeedAuth = PR_TRUE;
-	}
-    }
-    if (NeedAuth) PK11_DoPassword(slot,PR_TRUE,wincx);
-}
-
-void
-PK11_SlotDBUpdate(PK11SlotInfo *slot)
-{
-    SECMOD_UpdateModule(slot->module);
-}
-
-/*
- * set new askpw and timeout values
- */
-void
-PK11_SetSlotPWValues(PK11SlotInfo *slot,int askpw, int timeout)
-{
-        slot->askpw = askpw;
-        slot->timeout = timeout;
-        slot->defaultFlags |= PK11_OWN_PW_DEFAULTS;
-        PK11_SlotDBUpdate(slot);
-}
-
-/*
- * Get the askpw and timeout values for this slot
- */
-void
-PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout)
-{
-    *askpw = slot->askpw;
-    *timeout = slot->timeout;
-
-    if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
-	PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
-	if (def_slot) {
-	    *askpw = def_slot->askpw;
-	    *timeout = def_slot->timeout;
-	    PK11_FreeSlot(def_slot);
-	}
-    }
-}
-
-/*
- * make sure a slot is authenticated...
- */
-SECStatus
-PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx) {
-    if (slot->needLogin && !PK11_IsLoggedIn(slot,wincx)) {
-	return PK11_DoPassword(slot,loadCerts,wincx);
-    }
-    return SECSuccess;
-}
-
-/*
- * notification stub. If we ever get interested in any events that
- * the pkcs11 functions may pass back to use, we can catch them here...
- * currently pdata is a slotinfo structure.
- */
-CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
-							 CK_VOID_PTR pdata)
-{
-    return CKR_OK;
-}
-
-
-/*
- * grab a new RW session
- * !!! has a side effect of grabbing the Monitor if either the slot's default
- * session is RW or the slot is not thread safe. Monitor is release in function
- * below
- */
-CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot)
-{
-    CK_SESSION_HANDLE rwsession;
-    CK_RV crv;
-
-    if (!slot->isThreadSafe || slot->defRWSession) PK11_EnterSlotMonitor(slot);
-    if (slot->defRWSession) return slot->session;
-
-    crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
-				CKF_RW_SESSION|CKF_SERIAL_SESSION,
-				  	  slot, pk11_notify,&rwsession);
-    if (crv == CKR_SESSION_COUNT) {
-	PK11_GETTAB(slot)->C_CloseSession(slot->session);
-	slot->session = CK_INVALID_SESSION;
-    	crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
-				CKF_RW_SESSION|CKF_SERIAL_SESSION,
-				  	  slot,pk11_notify,&rwsession);
-    }
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	if (slot->session == CK_INVALID_SESSION) {
-    	    PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
-				  	 slot,pk11_notify,&slot->session);
-	}
-	if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-	return CK_INVALID_SESSION;
-    }
-
-    return rwsession;
-}
-
-PRBool
-PK11_RWSessionHasLock(PK11SlotInfo *slot,CK_SESSION_HANDLE session_handle) {
-    return (PRBool)(!slot->isThreadSafe || slot->defRWSession);
-}
-
-/*
- * close the rwsession and restore our readonly session
- * !!! has a side effect of releasing the Monitor if either the slot's default
- * session is RW or the slot is not thread safe.
- */
-void
-PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession)
-{
-    if (slot->defRWSession) {
-	PK11_ExitSlotMonitor(slot);
-	return;
-    }
-    PK11_GETTAB(slot)->C_CloseSession(rwsession);
-    if (slot->session == CK_INVALID_SESSION) {
-    	 PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
-				  	 slot,pk11_notify,&slot->session);
-    }
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-}
-
-/*
- * NOTE: this assumes that we are logged out of the card before hand
- */
-SECStatus
-PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw)
-{
-    CK_SESSION_HANDLE rwsession;
-    CK_RV crv;
-    SECStatus rv = SECFailure;
-    int len = PORT_Strlen(ssopw);
-
-    /* get a rwsession */
-    rwsession = PK11_GetRWSession(slot);
-    if (rwsession == CK_INVALID_SESSION) return rv;
-
-    if (slot->protectedAuthPath) {
-	len = 0;
-	ssopw = NULL;
-    }
-
-    /* check the password */
-    crv = PK11_GETTAB(slot)->C_Login(rwsession,CKU_SO,
-						(unsigned char *)ssopw,len);
-    switch (crv) {
-    /* if we're already logged in, we're good to go */
-    case CKR_OK:
-	rv = SECSuccess;
-	break;
-    case CKR_PIN_INCORRECT:
-	PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-	rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
-	break;
-    default:
-	PORT_SetError(PK11_MapError(crv));
-	rv = SECFailure; /* some failure we can't fix by retrying */
-    }
-    PK11_GETTAB(slot)->C_Logout(rwsession);
-    /* release rwsession */
-    PK11_RestoreROSession(slot,rwsession);
-    return rv;
-}
-
-/*
- * make sure the password conforms to your token's requirements.
- */
-SECStatus
-PK11_VerifyPW(PK11SlotInfo *slot,char *pw)
-{
-    int len = PORT_Strlen(pw);
-
-    if ((slot->minPassword > len) || (slot->maxPassword < len)) {
-	PORT_SetError(SEC_ERROR_BAD_DATA);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * initialize a user PIN Value
- */
-SECStatus
-PK11_InitPin(PK11SlotInfo *slot,char *ssopw, char *userpw)
-{
-    CK_SESSION_HANDLE rwsession = CK_INVALID_SESSION;
-    CK_RV crv;
-    SECStatus rv = SECFailure;
-    int len;
-    int ssolen;
-
-    if (userpw == NULL) userpw = "";
-    if (ssopw == NULL) ssopw = "";
-
-    len = PORT_Strlen(userpw);
-    ssolen = PORT_Strlen(ssopw);
-
-    /* get a rwsession */
-    rwsession = PK11_GetRWSession(slot);
-    if (rwsession == CK_INVALID_SESSION) goto done;
-
-    if (slot->protectedAuthPath) {
-	len = 0;
-	ssolen = 0;
-	ssopw = NULL;
-	userpw = NULL;
-    }
-
-    /* check the password */
-    crv = PK11_GETTAB(slot)->C_Login(rwsession,CKU_SO, 
-					  (unsigned char *)ssopw,ssolen);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	goto done;
-    }
-
-    crv = PK11_GETTAB(slot)->C_InitPIN(rwsession,(unsigned char *)userpw,len);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-    } else {
-    	rv = SECSuccess;
-    }
-
-done:
-    PK11_GETTAB(slot)->C_Logout(rwsession);
-    PK11_RestoreROSession(slot,rwsession);
-    if (rv == SECSuccess) {
-        /* update our view of the world */
-        PK11_InitToken(slot,PR_TRUE);
-	PK11_EnterSlotMonitor(slot);
-    	PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
-						(unsigned char *)userpw,len);
-	PK11_ExitSlotMonitor(slot);
-    }
-    return rv;
-}
-
-/*
- * Change an existing user password
- */
-SECStatus
-PK11_ChangePW(PK11SlotInfo *slot,char *oldpw, char *newpw)
-{
-    CK_RV crv;
-    SECStatus rv = SECFailure;
-    int newLen;
-    int oldLen;
-    CK_SESSION_HANDLE rwsession;
-
-    if (newpw == NULL) newpw = "";
-    if (oldpw == NULL) oldpw = "";
-    newLen = PORT_Strlen(newpw);
-    oldLen = PORT_Strlen(oldpw);
-
-    /* get a rwsession */
-    rwsession = PK11_GetRWSession(slot);
-
-    crv = PK11_GETTAB(slot)->C_SetPIN(rwsession,
-		(unsigned char *)oldpw,oldLen,(unsigned char *)newpw,newLen);
-    if (crv == CKR_OK) {
-	rv = SECSuccess;
-    } else {
-	PORT_SetError(PK11_MapError(crv));
-    }
-
-    PK11_RestoreROSession(slot,rwsession);
-
-    /* update our view of the world */
-    PK11_InitToken(slot,PR_TRUE);
-    return rv;
-}
-
-static char *
-pk11_GetPassword(PK11SlotInfo *slot, PRBool retry, void * wincx)
-{
-    if (PK11_Global.getPass == NULL) return NULL;
-    return (*PK11_Global.getPass)(slot, retry, wincx);
-}
-
-void
-PK11_SetPasswordFunc(PK11PasswordFunc func)
-{
-    PK11_Global.getPass = func;
-}
-
-void
-PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func)
-{
-    PK11_Global.verifyPass = func;
-}
-
-void
-PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func)
-{
-    PK11_Global.isLoggedIn = func;
-}
-
-
-/*
- * authenticate to a slot. This loops until we can't recover, the user
- * gives up, or we succeed. If we're already logged in and this function
- * is called we will still prompt for a password, but we will probably
- * succeed no matter what the password was (depending on the implementation
- * of the PKCS 11 module.
- */
-SECStatus
-PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
-{
-    SECStatus rv = SECFailure;
-    char * password;
-    PRBool attempt = PR_FALSE;
-
-    if (PK11_NeedUserInit(slot)) {
-	PORT_SetError(SEC_ERROR_IO);
-	return SECFailure;
-    }
-
-
-    /*
-     * Central server type applications which control access to multiple
-     * slave applications to single crypto devices need to virtuallize the
-     * login state. This is done by a callback out of PK11_IsLoggedIn and
-     * here. If we are actually logged in, then we got here because the
-     * higher level code told us that the particular client application may
-     * still need to be logged in. If that is the case, we simply tell the
-     * server code that it should now verify the clients password and tell us
-     * the results.
-     */
-    if (PK11_IsLoggedIn(slot,NULL) && 
-    			(PK11_Global.verifyPass != NULL)) {
-	if (!PK11_Global.verifyPass(slot,wincx)) {
-	    PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-	    return SECFailure;
-	}
-	return SECSuccess;
-    }
-
-    /* get the password. This can drop out of the while loop
-     * for the following reasons:
-     * 	(1) the user refused to enter a password. 
-     *			(return error to caller)
-     *	(2) the token user password is disabled [usually due to
-     *	   too many failed authentication attempts].
-     *			(return error to caller)
-     *	(3) the password was successful.
-     */
-    while ((password = pk11_GetPassword(slot, attempt, wincx)) != NULL) {
-	attempt = PR_TRUE;
-	rv = pk11_CheckPassword(slot,password);
-	PORT_Memset(password, 0, PORT_Strlen(password));
-	PORT_Free(password);
-	if (rv != SECWouldBlock) break;
-    }
-    if (rv == SECSuccess) {
-	rv = pk11_CheckVerifyTest(slot);
-	if (!PK11_IsFriendly(slot)) {
-	    nssTrustDomain_UpdateCachedTokenCerts(slot->nssToken->trustDomain,
-	                                      slot->nssToken);
-	}
-    } else if (!attempt) PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-    return rv;
-}
-
-void PK11_LogoutAll(void)
-{
-    SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
-    SECMODModuleList *modList = SECMOD_GetDefaultModuleList();
-    SECMODModuleList *mlp = NULL;
-    int i;
-
-    SECMOD_GetReadLock(lock);
-    /* find the number of entries */
-    for (mlp = modList; mlp != NULL; mlp = mlp->next) {
-	for (i=0; i < mlp->module->slotCount; i++) {
-	    PK11_Logout(mlp->module->slots[i]);
-	}
-    }
-
-    SECMOD_ReleaseReadLock(lock);
-}
-
-int
-PK11_GetMinimumPwdLength(PK11SlotInfo *slot)
-{
-    return ((int)slot->minPassword);
-}
-
-/************************************************************
- * Manage the built-In Slot Lists
- ************************************************************/
-
-/* Init the static built int slot list (should actually integrate
- * with PK11_NewSlotList */
-static void
-pk11_initSlotList(PK11SlotList *list)
-{
-#ifdef PKCS11_USE_THREADS
-    list->lock = PZ_NewLock(nssILockList);
-#else
-    list->lock = NULL;
-#endif
-    list->head = NULL;
-}
-
-static void
-pk11_freeSlotList(PK11SlotList *list)
-{
-    PK11SlotListElement *le, *next ;
-    if (list == NULL) return;
-
-    for (le = list->head ; le; le = next) {
-	next = le->next;
-	pk11_FreeListElement(list,le);
-    }
-#ifdef PK11_USE_THREADS
-    if (list->lock) {
-    	PZ_DestroyLock((PZLock *)(list->lock));
-    }
-#endif
-    list->lock = NULL;
-    list->head = NULL;
-}
-
-/* initialize the system slotlists */
-SECStatus
-PK11_InitSlotLists(void)
-{
-    pk11_initSlotList(&pk11_aesSlotList);
-    pk11_initSlotList(&pk11_desSlotList);
-    pk11_initSlotList(&pk11_rc4SlotList);
-    pk11_initSlotList(&pk11_rc2SlotList);
-    pk11_initSlotList(&pk11_rc5SlotList);
-    pk11_initSlotList(&pk11_md5SlotList);
-    pk11_initSlotList(&pk11_md2SlotList);
-    pk11_initSlotList(&pk11_sha1SlotList);
-    pk11_initSlotList(&pk11_rsaSlotList);
-    pk11_initSlotList(&pk11_dsaSlotList);
-    pk11_initSlotList(&pk11_dhSlotList);
-    pk11_initSlotList(&pk11_ideaSlotList);
-    pk11_initSlotList(&pk11_sslSlotList);
-    pk11_initSlotList(&pk11_tlsSlotList);
-    pk11_initSlotList(&pk11_randomSlotList);
-    return SECSuccess;
-}
-
-void
-PK11_DestroySlotLists(void)
-{
-    pk11_freeSlotList(&pk11_aesSlotList);
-    pk11_freeSlotList(&pk11_desSlotList);
-    pk11_freeSlotList(&pk11_rc4SlotList);
-    pk11_freeSlotList(&pk11_rc2SlotList);
-    pk11_freeSlotList(&pk11_rc5SlotList);
-    pk11_freeSlotList(&pk11_md5SlotList);
-    pk11_freeSlotList(&pk11_md2SlotList);
-    pk11_freeSlotList(&pk11_sha1SlotList);
-    pk11_freeSlotList(&pk11_rsaSlotList);
-    pk11_freeSlotList(&pk11_dsaSlotList);
-    pk11_freeSlotList(&pk11_dhSlotList);
-    pk11_freeSlotList(&pk11_ideaSlotList);
-    pk11_freeSlotList(&pk11_sslSlotList);
-    pk11_freeSlotList(&pk11_tlsSlotList);
-    pk11_freeSlotList(&pk11_randomSlotList);
-    return;
-}
-
-/* return a system slot list based on mechanism */
-PK11SlotList *
-PK11_GetSlotList(CK_MECHANISM_TYPE type)
-{
-/* XXX a workaround for Bugzilla bug #55267 */
-#if defined(HPUX) && defined(__LP64__)
-    if (CKM_INVALID_MECHANISM == type)
-        return NULL;
-#endif
-    switch (type) {
-    case CKM_AES_CBC:
-    case CKM_AES_ECB:
-	return &pk11_aesSlotList;
-    case CKM_DES_CBC:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_DES3_CBC:
-	return &pk11_desSlotList;
-    case CKM_RC4:
-	return &pk11_rc4SlotList;
-    case CKM_RC5_CBC:
-	return &pk11_rc5SlotList;
-    case CKM_SHA_1:
-	return &pk11_sha1SlotList;
-    case CKM_MD5:
-	return &pk11_md5SlotList;
-    case CKM_MD2:
-	return &pk11_md2SlotList;
-    case CKM_RC2_ECB:
-    case CKM_RC2_CBC:
-	return &pk11_rc2SlotList;
-    case CKM_RSA_PKCS:
-    case CKM_RSA_PKCS_KEY_PAIR_GEN:
-    case CKM_RSA_X_509:
-	return &pk11_rsaSlotList;
-    case CKM_DSA:
-	return &pk11_dsaSlotList;
-    case CKM_DH_PKCS_KEY_PAIR_GEN:
-    case CKM_DH_PKCS_DERIVE:
-	return &pk11_dhSlotList;
-    case CKM_SSL3_PRE_MASTER_KEY_GEN:
-    case CKM_SSL3_MASTER_KEY_DERIVE:
-    case CKM_SSL3_SHA1_MAC:
-    case CKM_SSL3_MD5_MAC:
-	return &pk11_sslSlotList;
-    case CKM_TLS_MASTER_KEY_DERIVE:
-    case CKM_TLS_KEY_AND_MAC_DERIVE:
-	return &pk11_tlsSlotList;
-    case CKM_IDEA_CBC:
-    case CKM_IDEA_ECB:
-	return &pk11_ideaSlotList;
-    case CKM_FAKE_RANDOM:
-	return &pk11_randomSlotList;
-    }
-    return NULL;
-}
-
-/*
- * load the static SlotInfo structures used to select a PKCS11 slot.
- * preSlotInfo has a list of all the default flags for the slots on this
- * module.
- */
-void
-PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count)
-{
-    int i;
-
-    for (i=0; i < count; i++) {
-	if (psi[i].slotID == slot->slotID)
-	    break;
-    }
-
-    if (i == count) return;
-
-    slot->defaultFlags = psi[i].defaultFlags;
-    slot->askpw = psi[i].askpw;
-    slot->timeout = psi[i].timeout;
-    slot->hasRootCerts = psi[i].hasRootCerts;
-
-    /* if the slot is already disabled, don't load them into the
-     * default slot lists. We get here so we can save the default
-     * list value. */
-    if (slot->disabled) return;
-
-    /* if the user has disabled us, don't load us in */
-    if (slot->defaultFlags & PK11_DISABLE_FLAG) {
-	slot->disabled = PR_TRUE;
-	slot->reason = PK11_DIS_USER_SELECTED;
-	/* free up sessions and things?? */
-	return;
-    }
-
-    for (i=0; i < sizeof(PK11_DefaultArray)/sizeof(PK11_DefaultArray[0]);
-								i++) {
-	if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
-	    CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
-	    PK11SlotList *slotList = PK11_GetSlotList(mechanism);
-
-	    if (slotList) PK11_AddSlotToList(slotList,slot);
-	}
-    }
-
-    return;
-}
-
-
-/*
- * update a slot to its new attribute according to the slot list
- * returns: SECSuccess if nothing to do or add/delete is successful
- */
-SECStatus
-PK11_UpdateSlotAttribute(PK11SlotInfo *slot, PK11DefaultArrayEntry *entry,
-                        PRBool add)  
-                        /* add: PR_TRUE if want to turn on */
-{
-    SECStatus result = SECSuccess;
-    PK11SlotList *slotList = PK11_GetSlotList(entry->mechanism);
-
-    if (add) { /* trying to turn on a mechanism */
-                 
-        /* turn on the default flag in the slot */
-        slot->defaultFlags |= entry->flag;
-        
-        /* add this slot to the list */
-        if (slotList!=NULL)
-            result = PK11_AddSlotToList(slotList, slot);
-        
-    } else { /* trying to turn off */
-            
-        /* turn OFF the flag in the slot */ 
-        slot->defaultFlags &= ~entry->flag;
-        
-        if (slotList) {
-            /* find the element in the list & delete it */
-            PK11SlotListElement *le = PK11_FindSlotElement(slotList, slot);
-
-            /* remove the slot from the list */
-            if (le)
-                result = PK11_DeleteSlotFromList(slotList, le);
-        }
-    }
-    return result;
-}
-
-/*
- * clear a slot off of all of it's default list
- */
-void
-PK11_ClearSlotList(PK11SlotInfo *slot)
-{
-    int i;
-
-    if (slot->disabled) return;
-    if (slot->defaultFlags == 0) return;
-
-    for (i=0; i < sizeof(PK11_DefaultArray)/sizeof(PK11_DefaultArray[0]);
-								i++) {
-	if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
-	    CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
-	    PK11SlotList *slotList = PK11_GetSlotList(mechanism);
-	    PK11SlotListElement *le = NULL;
-
-	    if (slotList) le = PK11_FindSlotElement(slotList,slot);
-
-	    if (le) {
-		PK11_DeleteSlotFromList(slotList,le);
-		pk11_FreeListElement(slotList,le);
-	    }
-	}
-    }
-}
-
-
-/******************************************************************
- *           Slot initialization
- ******************************************************************/
-/*
- * turn a PKCS11 Static Label into a string
- */
-char *
-PK11_MakeString(PRArenaPool *arena,char *space,
-					char *staticString,int stringLen)
-{
-	int i;
-	char *newString;
-	for(i=(stringLen-1); i >= 0; i--) {
-	  if (staticString[i] != ' ') break;
-	}
-	/* move i to point to the last space */
-	i++;
-	if (arena) {
-	    newString = (char*)PORT_ArenaAlloc(arena,i+1 /* space for NULL */);
-	} else if (space) {
-	    newString = space;
-	} else {
-	    newString = (char*)PORT_Alloc(i+1 /* space for NULL */);
-	}
-	if (newString == NULL) return NULL;
-
-	if (i) PORT_Memcpy(newString,staticString, i);
-	newString[i] = 0;
-
-	return newString;
-}
-
-/*
- * verify that slot implements Mechanism mech properly by checking against
- * our internal implementation
- */
-PRBool
-PK11_VerifyMechanism(PK11SlotInfo *slot,PK11SlotInfo *intern,
-  CK_MECHANISM_TYPE mech, SECItem *data, SECItem *iv)
-{
-    PK11Context *test = NULL, *reference = NULL;
-    PK11SymKey *symKey = NULL, *testKey = NULL;
-    SECItem *param = NULL;
-    unsigned char encTest[8];
-    unsigned char encRef[8];
-    int outLenTest,outLenRef;
-    int key_size = 0;
-    PRBool verify = PR_FALSE;
-    SECStatus rv;
-
-    if ((mech == CKM_RC2_CBC) || (mech == CKM_RC2_ECB) || (mech == CKM_RC4)) {
-	key_size = 16;
-    }
-
-    /* initialize the mechanism parameter */
-    param = PK11_ParamFromIV(mech,iv);
-    if (param == NULL) goto loser;
-
-    /* load the keys and contexts */
-    symKey = PK11_KeyGen(intern,mech,NULL, key_size, NULL);
-    if (symKey == NULL) goto loser;
-
-    reference = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, symKey, param);
-    if (reference == NULL) goto loser;
-
-    testKey = pk11_CopyToSlot(slot, mech, CKA_ENCRYPT, symKey);
-    if (testKey == NULL) goto loser;
-
-    test = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, testKey, param);
-    if (test == NULL) goto loser;
-    SECITEM_FreeItem(param,PR_TRUE); param = NULL;
-
-    /* encrypt the test data */
-    rv = PK11_CipherOp(test,encTest,&outLenTest,sizeof(encTest),
-							data->data,data->len);
-    if (rv != SECSuccess) goto loser;
-    rv = PK11_CipherOp(reference,encRef,&outLenRef,sizeof(encRef),
-							data->data,data->len);
-    if (rv != SECSuccess) goto loser;
-
-    PK11_DestroyContext(reference,PR_TRUE); reference = NULL;
-    PK11_DestroyContext(test,PR_TRUE); test = NULL;
-
-    if (outLenTest != outLenRef) goto loser;
-    if (PORT_Memcmp(encTest, encRef, outLenTest) != 0) goto loser;
-
-    verify = PR_TRUE;
-
-loser:
-    if (test) PK11_DestroyContext(test,PR_TRUE);
-    if (symKey) PK11_FreeSymKey(symKey);
-    if (testKey) PK11_FreeSymKey(testKey);
-    if (reference) PK11_DestroyContext(reference,PR_TRUE);
-    if (param) SECITEM_FreeItem(param,PR_TRUE);
-
-    return verify;
-}
-
-/*
- * this code verifies that the advertised mechanisms are what they
- * seem to be.
- */
-#define MAX_MECH_LIST_SIZE 30	/* we only know of about 30 odd mechanisms */
-PRBool
-PK11_VerifySlotMechanisms(PK11SlotInfo *slot)
-{
-    CK_MECHANISM_TYPE mechListArray[MAX_MECH_LIST_SIZE];
-    CK_MECHANISM_TYPE *mechList = mechListArray;
-    static SECItem data;
-    static SECItem iv;
-    static unsigned char dataV[8];
-    static unsigned char ivV[8];
-    static PRBool generated = PR_FALSE;
-    CK_ULONG count;
-    int i;
-    CK_RV crv;
-
-    PRBool alloced = PR_FALSE;
-    PK11SlotInfo *intern = PK11_GetInternalSlot();
-
-    /* if we couldn't initialize an internal module, 
-     * we can't check external ones */
-    if (intern == NULL) return PR_FALSE;
-
-    /* first get the count of mechanisms */
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PK11_FreeSlot(intern);
-	return PR_FALSE;
-    }
-
-
-    /* don't blow up just because the card supports more mechanisms than
-     * we know about, just alloc space for them */
-    if (count > MAX_MECH_LIST_SIZE) {
-    	mechList = (CK_MECHANISM_TYPE *)
-			    PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
-	alloced = PR_TRUE;
-	if (mechList == NULL) {
-	    PK11_FreeSlot(intern);
-	    return PR_FALSE;
-	}
-    }
-    /* get the list */
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv =PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID, mechList, &count);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	if (alloced) PORT_Free(mechList);
-	PK11_FreeSlot(intern);
-	return PR_FALSE;
-    }
-
-    if (!generated) {
-	data.data = dataV;
-	data.len = sizeof(dataV);
-	iv.data = ivV;
-	iv.len = sizeof(ivV);
-	/* ok, this is a cheat, we know our internal random number generater
-	 * is thread safe */
-	PK11_GETTAB(intern)->C_GenerateRandom(intern->session,
-							data.data, data.len);
-	PK11_GETTAB(intern)->C_GenerateRandom(intern->session,
-							iv.data, iv.len);
-    }
-    for (i=0; i < (int) count; i++) {
-	switch (mechList[i]) {
-	case CKM_DES_CBC:
-	case CKM_DES_ECB:
-	case CKM_RC4:
-	case CKM_RC2_CBC:
-	case CKM_RC2_ECB:
-	    if (!PK11_VerifyMechanism(slot,intern,mechList[i],&data,&iv)){
-		if (alloced) PORT_Free(mechList);
-    		PK11_FreeSlot(intern);
-		return PR_FALSE;
-	    }
-	}
-    }
-    if (alloced) PORT_Free(mechList);
-    PK11_FreeSlot(intern);
-    return PR_TRUE;
-}
-
-/*
- * See if we need to run the verify test, do so if necessary. If we fail,
- * disable the slot.
- */    
-SECStatus
-pk11_CheckVerifyTest(PK11SlotInfo *slot)
-{
-    PK11_EnterSlotMonitor(slot);
-    if (slot->needTest) {
-	slot->needTest = PR_FALSE; 
-    	PK11_ExitSlotMonitor(slot);
-	if (!PK11_VerifySlotMechanisms(slot)) {
-	    (void)PK11_GETTAB(slot)->C_CloseSession(slot->session);
-	    slot->session = CK_INVALID_SESSION;
-	    PK11_ClearSlotList(slot);
-	    slot->disabled = PR_TRUE;
-	    slot->reason = PK11_DIS_TOKEN_VERIFY_FAILED;
-	    slot->needTest = PR_TRUE;
-	    PORT_SetError(SEC_ERROR_IO);
-	    return SECFailure;
-	}
-    } else {
-    	PK11_ExitSlotMonitor(slot);
-    }
-    return SECSuccess;
-}
-
-/*
- * Reads in the slots mechanism list for later use
- */
-SECStatus
-PK11_ReadMechanismList(PK11SlotInfo *slot)
-{
-    CK_ULONG count;
-    CK_RV crv;
-
-    if (slot->mechanismList) {
-	PORT_Free(slot->mechanismList);
-	slot->mechanismList = NULL;
-    }
-    slot->mechanismCount = 0;
-
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
-    if (crv != CKR_OK) {
-	if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-
-    slot->mechanismList = (CK_MECHANISM_TYPE *)
-			    PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
-    if (slot->mechanismList == NULL) {
-	if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-	return SECFailure;
-    }
-    crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,
-						slot->mechanismList, &count);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_Free(slot->mechanismList);
-	slot->mechanismList = NULL;
-	PORT_SetError(PK11_MapError(crv));
-	return SECSuccess;
-    }
-    slot->mechanismCount = count;
-    return SECSuccess;
-}
-
-/*
- * initialize a new token
- * unlike initialize slot, this can be called multiple times in the lifetime
- * of NSS. It reads the information associated with a card or token,
- * that is not going to change unless the card or token changes.
- */
-SECStatus
-PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
-{
-    CK_TOKEN_INFO tokenInfo;
-    CK_RV crv;
-    char *tmp;
-    SECStatus rv;
-
-    /* set the slot flags to the current token values */
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,&tokenInfo);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-
-    /* set the slot flags to the current token values */
-    slot->series++; /* allow other objects to detect that the 
-		      * slot is different */
-    slot->flags = tokenInfo.flags;
-    slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ? 
-							PR_TRUE : PR_FALSE);
-    slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ? 
-							PR_TRUE : PR_FALSE);
-    slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
-    slot->protectedAuthPath =
-    		((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) 
-							? PR_TRUE : PR_FALSE);
-    /* on some platforms Active Card incorrectly sets the 
-     * CKF_PROTECTED_AUTHENTICATION_PATH bit when it doesn't mean to. */
-    if (slot->isActiveCard) {
-	slot->protectedAuthPath = PR_FALSE;
-    }
-    tmp = PK11_MakeString(NULL,slot->token_name,
-			(char *)tokenInfo.label, sizeof(tokenInfo.label));
-    slot->minPassword = tokenInfo.ulMinPinLen;
-    slot->maxPassword = tokenInfo.ulMaxPinLen;
-    PORT_Memcpy(slot->serial,tokenInfo.serialNumber,sizeof(slot->serial));
-
-    nssToken_UpdateName(slot->nssToken);
-
-    slot->defRWSession = (PRBool)((!slot->readOnly) && 
-					(tokenInfo.ulMaxSessionCount == 1));
-    rv = PK11_ReadMechanismList(slot);
-    if (rv != SECSuccess) return rv;
-
-    slot->hasRSAInfo = PR_FALSE;
-    slot->RSAInfoFlags = 0;
-
-    /* initialize the maxKeyCount value */
-    if (tokenInfo.ulMaxSessionCount == 0) {
-	slot->maxKeyCount = 800; /* should be #define or a config param */
-    } else if (tokenInfo.ulMaxSessionCount < 20) {
-	/* don't have enough sessions to keep that many keys around */
-	slot->maxKeyCount = 0;
-    } else {
-	slot->maxKeyCount = tokenInfo.ulMaxSessionCount/2;
-    }
-
-    /* Make sure our session handle is valid */
-    if (slot->session == CK_INVALID_SESSION) {
-	/* we know we don't have a valid session, go get one */
-	CK_SESSION_HANDLE session;
-
-	/* session should be Readonly, serial */
-	if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-	crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
-	      (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
-				  slot,pk11_notify,&session);
-	if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-	if (crv != CKR_OK) {
-	    PORT_SetError(PK11_MapError(crv));
-	    return SECFailure;
-	}
-	slot->session = session;
-    } else {
-	/* The session we have may be defunct (the token associated with it)
-	 * has been removed   */
-	CK_SESSION_INFO sessionInfo;
-
-	if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-	crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
-        if (crv == CKR_DEVICE_ERROR) {
-	    PK11_GETTAB(slot)->C_CloseSession(slot->session);
-	    crv = CKR_SESSION_CLOSED;
-	}
-	if ((crv==CKR_SESSION_CLOSED) || (crv==CKR_SESSION_HANDLE_INVALID)) {
-	    crv =PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
-	      (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
-					slot,pk11_notify,&slot->session);
-	    if (crv != CKR_OK) {
-	        PORT_SetError(PK11_MapError(crv));
-		slot->session = CK_INVALID_SESSION;
-		if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-		return SECFailure;
-	    }
-	}
-	if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    }
-
-    nssToken_Refresh(slot->nssToken);
-
-    if (!(slot->needLogin)) {
-	return pk11_CheckVerifyTest(slot);
-    }
-
-
-    if (!(slot->isInternal) && (slot->hasRandom)) {
-	/* if this slot has a random number generater, use it to add entropy
-	 * to the internal slot. */
-	PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
-	if (int_slot) {
-	    unsigned char random_bytes[32];
-
-	    /* if this slot can issue random numbers, get some entropy from
-	     * that random number generater and give it to our internal token.
-	     */
-	    PK11_EnterSlotMonitor(slot);
-	    crv = PK11_GETTAB(slot)->C_GenerateRandom
-			(slot->session,random_bytes, sizeof(random_bytes));
-	    PK11_ExitSlotMonitor(slot);
-	    if (crv == CKR_OK) {
-	        PK11_EnterSlotMonitor(int_slot);
-		PK11_GETTAB(int_slot)->C_SeedRandom(int_slot->session,
-					random_bytes, sizeof(random_bytes));
-	        PK11_ExitSlotMonitor(int_slot);
-	    }
-
-	    /* Now return the favor and send entropy to the token's random 
-	     * number generater */
-	    PK11_EnterSlotMonitor(int_slot);
-	    crv = PK11_GETTAB(int_slot)->C_GenerateRandom(int_slot->session,
-					random_bytes, sizeof(random_bytes));
-	    PK11_ExitSlotMonitor(int_slot);
-	    if (crv == CKR_OK) {
-	        PK11_EnterSlotMonitor(slot);
-		PK11_GETTAB(slot)->C_SeedRandom(slot->session,
-					random_bytes, sizeof(random_bytes));
-	        PK11_ExitSlotMonitor(slot);
-	    }
-	    PK11_FreeSlot(int_slot);
-	}
-    }
-
-	
-    return SECSuccess;
-}
-
-static PRBool
-pk11_isRootSlot(PK11SlotInfo *slot) 
-{
-    CK_ATTRIBUTE findTemp[1];
-    CK_ATTRIBUTE *attrs;
-    CK_OBJECT_CLASS oclass = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
-    int tsize;
-    CK_OBJECT_HANDLE handle;
-
-    attrs = findTemp;
-    PK11_SETATTRS(attrs, CKA_CLASS, &oclass, sizeof(oclass)); attrs++;
-    tsize = attrs - findTemp;
-    PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
-    handle = pk11_FindObjectByTemplate(slot,findTemp,tsize);
-    if (handle == CK_INVALID_HANDLE) {
-	return PR_FALSE;
-    }
-    return PR_TRUE;
-}
-
-/*
- * Initialize the slot :
- * This initialization code is called on each slot a module supports when
- * it is loaded. It does the bringup initialization. The difference between
- * this and InitToken is Init slot does those one time initialization stuff,
- * usually associated with the reader, while InitToken may get called multiple
- * times as tokens are removed and re-inserted.
- */
-void
-PK11_InitSlot(SECMODModule *mod,CK_SLOT_ID slotID,PK11SlotInfo *slot)
-{
-    SECStatus rv;
-    char *tmp;
-    CK_SLOT_INFO slotInfo;
-
-    slot->functionList = mod->functionList;
-    slot->isInternal = mod->internal;
-    slot->slotID = slotID;
-    slot->isThreadSafe = mod->isThreadSafe;
-    slot->hasRSAInfo = PR_FALSE;
-    
-    if (PK11_GETTAB(slot)->C_GetSlotInfo(slotID,&slotInfo) != CKR_OK) {
-	slot->disabled = PR_TRUE;
-	slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
-	return;
-    }
-
-    /* test to make sure claimed mechanism work */
-    slot->needTest = mod->internal ? PR_FALSE : PR_TRUE;
-    slot->module = mod; /* NOTE: we don't make a reference here because
-			 * modules have references to their slots. This
-			 * works because modules keep implicit references
-			 * from their slots, and won't unload and disappear
-			 * until all their slots have been freed */
-    tmp = PK11_MakeString(NULL,slot->slot_name,
-	 (char *)slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
-    slot->isHW = (PRBool)((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT);
-#define ACTIVE_CARD "ActivCard SA"
-    slot->isActiveCard = (PRBool)(PORT_Strncmp((char *)slotInfo.manufacturerID,
-				ACTIVE_CARD, sizeof(ACTIVE_CARD)-1) == 0);
-    if ((slotInfo.flags & CKF_REMOVABLE_DEVICE) == 0) {
-	slot->isPerm = PR_TRUE;
-	/* permanment slots must have the token present always */
-	if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
-	    slot->disabled = PR_TRUE;
-	    slot->reason = PK11_DIS_TOKEN_NOT_PRESENT;
-	    return; /* nothing else to do */
-	}
-    }
-    /* if the token is present, initialize it */
-    if ((slotInfo.flags & CKF_TOKEN_PRESENT) != 0) {
-	rv = PK11_InitToken(slot,PR_TRUE);
-	/* the only hard failures are on permanent devices, or function
-	 * verify failures... function verify failures are already handled
-	 * by tokenInit */
-	if ((rv != SECSuccess) && (slot->isPerm) && (!slot->disabled)) {
-	    slot->disabled = PR_TRUE;
-	    slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
-	}
-    }
-    if (pk11_isRootSlot(slot)) {
-	if (!slot->hasRootCerts) {
-	    slot->module->trustOrder = 100;
-	}
-	slot->hasRootCerts= PR_TRUE;
-    }
-}
-
-	
-
-/*********************************************************************
- *            Slot mapping utility functions.
- *********************************************************************/
-
-/*
- * determine if the token is present. If the token is present, make sure
- * we have a valid session handle. Also set the value of needLogin 
- * appropriately.
- */
-static PRBool
-pk11_IsPresentCertLoad(PK11SlotInfo *slot, PRBool loadCerts)
-{
-    CK_SLOT_INFO slotInfo;
-    CK_SESSION_INFO sessionInfo;
-    CK_RV crv;
-
-    /* disabled slots are never present */
-    if (slot->disabled) {
-	return PR_FALSE;
-    }
-
-    /* permanent slots are always present */
-    if (slot->isPerm && (slot->session != CK_INVALID_SESSION)) {
-	return PR_TRUE;
-    }
-
-    if (slot->nssToken) {
-	return nssToken_IsPresent(slot->nssToken);
-    }
-
-    /* removable slots have a flag that says they are present */
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    if (PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID,&slotInfo) != CKR_OK) {
-        if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-	return PR_FALSE;
-    }
-    if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
-	/* if the slot is no longer present, close the session */
-	if (slot->session != CK_INVALID_SESSION) {
-	    PK11_GETTAB(slot)->C_CloseSession(slot->session);
-	    slot->session = CK_INVALID_SESSION;
-	    /* force certs to be freed */
-	}
-        if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-	return PR_FALSE;
-    }
-
-    /* use the session Info to determine if the card has been removed and then
-     * re-inserted */
-    if (slot->session != CK_INVALID_SESSION) {
-	crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session, &sessionInfo);
-	if (crv != CKR_OK) {
-	    PK11_GETTAB(slot)->C_CloseSession(slot->session);
-	    slot->session = CK_INVALID_SESSION;
-	}
-    }
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-
-    /* card has not been removed, current token info is correct */
-    if (slot->session != CK_INVALID_SESSION) return PR_TRUE;
-
-    /* initialize the token info state */
-    if (PK11_InitToken(slot,loadCerts) != SECSuccess) {
-	return PR_FALSE;
-    }
-
-    return PR_TRUE;
-}
-
-/*
- * old version of the routine
- */
-PRBool
-PK11_IsPresent(PK11SlotInfo *slot) {
-   return pk11_IsPresentCertLoad(slot,PR_TRUE);
-}
-
-/* is the slot disabled? */
-PRBool
-PK11_IsDisabled(PK11SlotInfo *slot)
-{
-    return slot->disabled;
-}
-
-/* and why? */
-PK11DisableReasons
-PK11_GetDisabledReason(PK11SlotInfo *slot)
-{
-    return slot->reason;
-}
-
-/* returns PR_TRUE if successfully disable the slot */
-/* returns PR_FALSE otherwise */
-PRBool PK11_UserDisableSlot(PK11SlotInfo *slot) {
-
-    slot->defaultFlags |= PK11_DISABLE_FLAG;
-    slot->disabled = PR_TRUE;
-    slot->reason = PK11_DIS_USER_SELECTED;
-    
-    return PR_TRUE;
-}
-
-PRBool PK11_UserEnableSlot(PK11SlotInfo *slot) {
-
-    slot->defaultFlags &= ~PK11_DISABLE_FLAG;
-    slot->disabled = PR_FALSE;
-    slot->reason = PK11_DIS_NONE;
-    return PR_TRUE;
-}
-
-PRBool PK11_HasRootCerts(PK11SlotInfo *slot) {
-    return slot->hasRootCerts;
-}
-
-/* Get the module this slot is attatched to */
-SECMODModule *
-PK11_GetModule(PK11SlotInfo *slot)
-{
-	return slot->module;
-}
-
-/* return the default flags of a slot */
-unsigned long
-PK11_GetDefaultFlags(PK11SlotInfo *slot)
-{
-	return slot->defaultFlags;
-}
-
-/* Does this slot have a protected pin path? */
-PRBool
-PK11_ProtectedAuthenticationPath(PK11SlotInfo *slot)
-{
-	return slot->protectedAuthPath;
-}
-
-/*
- * we can initialize the password if 1) The toke is not inited 
- * (need login == true and see need UserInit) or 2) the token has
- * a NULL password. (slot->needLogin = false & need user Init = false).
- */
-PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot)
-{
-    if (slot->needLogin && PK11_NeedUserInit(slot)) {
-	return PR_TRUE;
-    }
-    if (!slot->needLogin && !PK11_NeedUserInit(slot)) {
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-PRBool PK11_NeedPWInit()
-{
-    PK11SlotInfo *slot = PK11_GetInternalKeySlot();
-    PRBool ret = PK11_NeedPWInitForSlot(slot);
-
-    PK11_FreeSlot(slot);
-    return ret;
-}
-
-/*
- * The following wrapper functions allow us to export an opaque slot
- * function to the rest of libsec and the world... */
-PRBool
-PK11_IsReadOnly(PK11SlotInfo *slot)
-{
-    return slot->readOnly;
-}
-
-PRBool
-PK11_IsHW(PK11SlotInfo *slot)
-{
-    return slot->isHW;
-}
-
-PRBool
-PK11_IsInternal(PK11SlotInfo *slot)
-{
-    return slot->isInternal;
-}
-
-PRBool
-PK11_NeedLogin(PK11SlotInfo *slot)
-{
-    return slot->needLogin;
-}
-
-PRBool
-PK11_IsFriendly(PK11SlotInfo *slot)
-{
-    /* internal slot always has public readable certs */
-    return (PRBool)(slot->isInternal || 
-		    ((slot->defaultFlags & SECMOD_FRIENDLY_FLAG) == 
-		     SECMOD_FRIENDLY_FLAG));
-}
-
-char *
-PK11_GetTokenName(PK11SlotInfo *slot)
-{
-     return slot->token_name;
-}
-
-char *
-PK11_GetSlotName(PK11SlotInfo *slot)
-{
-     return slot->slot_name;
-}
-
-int
-PK11_GetSlotSeries(PK11SlotInfo *slot)
-{
-    return slot->series;
-}
-
-int
-PK11_GetCurrentWrapIndex(PK11SlotInfo *slot)
-{
-    return slot->wrapKey;
-}
-
-CK_SLOT_ID
-PK11_GetSlotID(PK11SlotInfo *slot)
-{
-    return slot->slotID;
-}
-
-SECMODModuleID
-PK11_GetModuleID(PK11SlotInfo *slot)
-{
-    return slot->module->moduleID;
-}
-
-
-/* return the slot info structure */
-SECStatus
-PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info)
-{
-    CK_RV crv;
-
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID,info);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*  return the token info structure */
-SECStatus
-PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info)
-{
-    CK_RV crv;
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,info);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* Find out if we need to initialize the user's pin */
-PRBool
-PK11_NeedUserInit(PK11SlotInfo *slot)
-{
-    PRBool needUserInit = (PRBool) ((slot->flags & CKF_USER_PIN_INITIALIZED) 
-					== 0);
-
-    if (needUserInit) {
-	CK_TOKEN_INFO info;
-	SECStatus rv;
-
-	/* see if token has been initialized off line */
-	rv = PK11_GetTokenInfo(slot, &info);
-	if (rv == SECSuccess) {
-	    slot->flags = info.flags;
-	}
-    }
-    return (PRBool)((slot->flags & CKF_USER_PIN_INITIALIZED) == 0);
-}
-
-/* get the internal key slot. FIPS has only one slot for both key slots and
- * default slots */
-PK11SlotInfo *
-PK11_GetInternalKeySlot(void)
-{
-    SECMODModule *mod = SECMOD_GetInternalModule();
-    PORT_Assert(mod != NULL);
-    if (!mod) {
-	PORT_SetError( SEC_ERROR_NO_MODULE );
-	return NULL;
-    }
-    return PK11_ReferenceSlot(mod->isFIPS ? mod->slots[0] : mod->slots[1]);
-}
-
-/* get the internal default slot */
-PK11SlotInfo *
-PK11_GetInternalSlot(void) 
-{
-    SECMODModule * mod = SECMOD_GetInternalModule();
-    PORT_Assert(mod != NULL);
-    if (!mod) {
-	PORT_SetError( SEC_ERROR_NO_MODULE );
-	return NULL;
-    }
-    return PK11_ReferenceSlot(mod->slots[0]);
-}
-
-/*
- * Determine if the token is logged in. We have to actually query the token,
- * because it's state can change without intervention from us.
- */
-PRBool
-PK11_IsLoggedIn(PK11SlotInfo *slot,void *wincx)
-{
-    CK_SESSION_INFO sessionInfo;
-    int askpw = slot->askpw;
-    int timeout = slot->timeout;
-    CK_RV crv;
-
-    /* If we don't have our own password default values, use the system
-     * ones */
-    if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
-	PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
-	if (def_slot) {
-	    askpw = def_slot->askpw;
-	    timeout = def_slot->timeout;
-	    PK11_FreeSlot(def_slot);
-	}
-    }
-
-    if ((wincx != NULL) && (PK11_Global.isLoggedIn != NULL) &&
-	(*PK11_Global.isLoggedIn)(slot, wincx) == PR_FALSE) { return PR_FALSE; }
-
-
-    /* forget the password if we've been inactive too long */
-    if (askpw == 1) {
-	int64 currtime = PR_Now();
-	int64 result;
-	int64 mult;
-	
-	LL_I2L(result, timeout);
-	LL_I2L(mult, 60*1000*1000);
-	LL_MUL(result,result,mult);
-	LL_ADD(result, result, slot->authTime);
-	if (LL_CMP(result, <, currtime) ) {
-	    PK11_EnterSlotMonitor(slot);
-	    PK11_GETTAB(slot)->C_Logout(slot->session);
-	    PK11_ExitSlotMonitor(slot);
-	} else {
-	    slot->authTime = currtime;
-	}
-    }
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
-    PK11_ExitSlotMonitor(slot);
-    /* if we can't get session info, something is really wrong */
-    if (crv != CKR_OK) {
-	slot->session = CK_INVALID_SESSION;
-	return PR_FALSE;
-    }
-
-    switch (sessionInfo.state) {
-    case CKS_RW_PUBLIC_SESSION:
-    case CKS_RO_PUBLIC_SESSION:
-    default:
-	break; /* fail */
-    case CKS_RW_USER_FUNCTIONS:
-    case CKS_RW_SO_FUNCTIONS:
-    case CKS_RO_USER_FUNCTIONS:
-	return PR_TRUE;
-    }
-    return PR_FALSE; 
-}
-
-
-/*
- * check if a given slot supports the requested mechanism
- */
-PRBool
-PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type)
-{
-    int i;
-
-    /* CKM_FAKE_RANDOM is not a real PKCS mechanism. It's a marker to
-     * tell us we're looking form someone that has implemented get
-     * random bits */
-    if (type == CKM_FAKE_RANDOM) {
-	return slot->hasRandom;
-    }
-
-    for (i=0; i < (int) slot->mechanismCount; i++) {
-	if (slot->mechanismList[i] == type) return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-/*
- * Return true if a token that can do the desired mechanism exists.
- * This allows us to have hardware tokens that can do function XYZ magically
- * allow SSL Ciphers to appear if they are plugged in.
- */
-PRBool
-PK11_TokenExists(CK_MECHANISM_TYPE type)
-{
-    SECMODModuleList *mlp;
-    SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
-    SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
-    PK11SlotInfo *slot;
-    PRBool found = PR_FALSE;
-    int i;
-
-    /* we only need to know if there is a token that does this mechanism.
-     * check the internal module first because it's fast, and supports 
-     * almost everything. */
-    slot = PK11_GetInternalSlot();
-    if (slot) {
-    	found = PK11_DoesMechanism(slot,type);
-	PK11_FreeSlot(slot);
-    }
-    if (found) return PR_TRUE; /* bypass getting module locks */
-
-    SECMOD_GetReadLock(moduleLock);
-    for(mlp = modules; mlp != NULL && (!found); mlp = mlp->next) {
-	for (i=0; i < mlp->module->slotCount; i++) {
-	    slot = mlp->module->slots[i];
-	    if (PK11_IsPresent(slot)) {
-		if (PK11_DoesMechanism(slot,type)) {
-		    found = PR_TRUE;
-		    break;
-		}
-	    }
-	}
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-    return found;
-}
-
-/*
- * get all the currently available tokens in a list.
- * that can perform the given mechanism. If mechanism is CKM_INVALID_MECHANISM,
- * get all the tokens. Make sure tokens that need authentication are put at
- * the end of this list.
- */
-PK11SlotList *
-PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts, 
-                  void *wincx)
-{
-    PK11SlotList *     list         = PK11_NewSlotList();
-    PK11SlotList *     loginList    = PK11_NewSlotList();
-    PK11SlotList *     friendlyList = PK11_NewSlotList();
-    SECMODModuleList * mlp;
-    SECMODModuleList * modules      = SECMOD_GetDefaultModuleList();
-    SECMODListLock *   moduleLock   = SECMOD_GetDefaultModuleListLock();
-    int                i;
-#if defined( XP_WIN32 ) 
-    int                j            = 0;
-    PRInt32            waste[16];
-#endif
-
-    if ((list == NULL)  || (loginList == NULL) || (friendlyList == NULL)) {
-	if (list) PK11_FreeSlotList(list);
-	if (loginList) PK11_FreeSlotList(loginList);
-	if (friendlyList) PK11_FreeSlotList(friendlyList);
-	return NULL;
-    }
-
-    SECMOD_GetReadLock(moduleLock);
-    for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-
-#if defined( XP_WIN32 ) 
-	/* This is works around some horrible cache/page thrashing problems 
-	** on Win32.  Without this, this loop can take up to 6 seconds at 
-	** 100% CPU on a Pentium-Pro 200.  The thing this changes is to 
-	** increase the size of the stack frame and modify it.  
-	** Moving the loop code itself seems to have no effect.
-	** Dunno why this combination makes a difference, but it does.
-	*/
-	waste[ j & 0xf] = j++; 
-#endif
-
-	for (i = 0; i < mlp->module->slotCount; i++) {
-	    PK11SlotInfo *slot = mlp->module->slots[i];
-
-	    if (pk11_IsPresentCertLoad(slot, loadCerts)) {
-		if (needRW &&  slot->readOnly) continue;
-		if ((type == CKM_INVALID_MECHANISM) 
-					|| PK11_DoesMechanism(slot, type)) {
-		    if (slot->needLogin && !PK11_IsLoggedIn(slot, wincx)) {
-			if (PK11_IsFriendly(slot)) {
-			    PK11_AddSlotToList(friendlyList, slot);
-			} else {
-			    PK11_AddSlotToList(loginList, slot);
-			}
-		    } else {
-			PK11_AddSlotToList(list, slot);
-		    }
-		}
-	    }
-	}
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-
-    PK11_MoveListToList(list,friendlyList);
-    PK11_FreeSlotList(friendlyList);
-    PK11_MoveListToList(list,loginList);
-    PK11_FreeSlotList(loginList);
-
-    return list;
-}
-
-/*
- * NOTE: This routine is working from a private List generated by 
- * PK11_GetAllTokens. That is why it does not need to lock.
- */
-PK11SlotList *
-PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,PRBool needRW,void *wincx)
-{
-    PK11SlotList *list = PK11_GetAllTokens(type,needRW,PR_TRUE,wincx);
-    PK11SlotListElement *le, *next ;
-    SECStatus rv;
-
-    if (list == NULL) return list;
-
-    for (le = list->head ; le; le = next) {
-	next = le->next; /* save the pointer here in case we have to 
-			  * free the element later */
-        rv = PK11_Authenticate(le->slot,PR_TRUE,wincx);
-	if (rv != SECSuccess) {
-	    PK11_DeleteSlotFromList(list,le);
-	    continue;
-	}
-    }
-    return list;
-}
-
-
-/*
- * find the best slot which supports the given
- * Mechanism. In normal cases this should grab the first slot on the list
- * with no fuss.
- */
-PK11SlotInfo *
-PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int mech_count, void *wincx)
-{
-    PK11SlotList *list = NULL;
-    PK11SlotListElement *le ;
-    PK11SlotInfo *slot = NULL;
-    PRBool freeit = PR_FALSE;
-    PRBool listNeedLogin = PR_FALSE;
-    int i;
-    SECStatus rv;
-
-    list = PK11_GetSlotList(type[0]);
-
-    if ((list == NULL) || (list->head == NULL)) {
-	/* We need to look up all the tokens for the mechanism */
-	list = PK11_GetAllTokens(type[0],PR_FALSE,PR_TRUE,wincx);
-	freeit = PR_TRUE;
-    }
-
-    /* no one can do it! */
-    if (list == NULL) {
-	PORT_SetError(SEC_ERROR_NO_TOKEN);
-	return NULL;
-    }
-
-    PORT_SetError(0);
-
-
-    listNeedLogin = PR_FALSE;
-    for (i=0; i < mech_count; i++) {
-	if ((type[i] != CKM_FAKE_RANDOM) && (type[i] != CKM_SHA_1) &&
-			(type[i] != CKM_MD5) && (type[i] != CKM_MD2)) {
-	    listNeedLogin = PR_TRUE;
-	    break;
-	}
-    }
-
-    for (le = PK11_GetFirstSafe(list); le;
-			 	le = PK11_GetNextSafe(list,le,PR_TRUE)) {
-	if (PK11_IsPresent(le->slot)) {
-	    PRBool doExit = PR_FALSE;
-	    for (i=0; i < mech_count; i++) {
-	    	if (!PK11_DoesMechanism(le->slot,type[i])) {
-		    doExit = PR_TRUE;
-		    break;
-		}
-	    }
-	    if (doExit) continue;
-	      
-	    if (listNeedLogin && le->slot->needLogin) {
-		rv = PK11_Authenticate(le->slot,PR_TRUE,wincx);
-		if (rv != SECSuccess) continue;
-	    }
-	    slot = le->slot;
-	    PK11_ReferenceSlot(slot);
-	    pk11_FreeListElement(list,le);
-	    if (freeit) { PK11_FreeSlotList(list); }
-	    return slot;
-	}
-    }
-    if (freeit) { PK11_FreeSlotList(list); }
-    if (PORT_GetError() == 0) {
-	PORT_SetError(SEC_ERROR_NO_TOKEN);
-    }
-    return NULL;
-}
-
-/* original get best slot now calls the multiple version with only one type */
-PK11SlotInfo *
-PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx)
-{
-    return PK11_GetBestSlotMultiple(&type, 1, wincx);
-}
-
-/*
- * find the best key wrap mechanism for this slot.
- */
-CK_MECHANISM_TYPE
-PK11_GetBestWrapMechanism(PK11SlotInfo *slot)
-{
-    int i;
-    for (i=0; i < wrapMechanismCount; i++) {
-	if (PK11_DoesMechanism(slot,wrapMechanismList[i])) {
-	    return wrapMechanismList[i];
-	}
-    }
-    return CKM_INVALID_MECHANISM;
-}
-
-int
-PK11_GetBestKeyLength(PK11SlotInfo *slot,CK_MECHANISM_TYPE mechanism)
-{
-    CK_MECHANISM_INFO mechanism_info;
-    CK_RV crv;
-
-    if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
-                               mechanism,&mechanism_info);
-    if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) return 0;
-
-    if (mechanism_info.ulMinKeySize == mechanism_info.ulMaxKeySize) 
-		return 0;
-    return mechanism_info.ulMaxKeySize;
-}
-
-
-/*********************************************************************
- *       Mechanism Mapping functions
- *********************************************************************/
-
-/*
- * lookup an entry in the mechanism table. If none found, return the
- * default structure.
- */
-static pk11MechanismData *
-pk11_lookup(CK_MECHANISM_TYPE type)
-{
-    int i;
-    for (i=0; i < pk11_MechEntrySize; i++) {
-	if (pk11_MechanismTable[i].type == type) {
-	     return (&pk11_MechanismTable[i]);
-	}
-    }
-    return &pk11_default;
-}
-
-/*
- * NOTE: This is not thread safe. Called at init time, and when loading
- * a new Entry. It is reasonably safe as long as it is not re-entered
- * (readers will always see a consistant table)
- *
- * This routine is called to add entries to the mechanism table, once there,
- * they can not be removed.
- */
-void
-PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
-		 	CK_MECHANISM_TYPE keyGen, int ivLen, int blockSize)
-{
-    int tableSize = pk11_MechTableSize;
-    int size = pk11_MechEntrySize;
-    int entry = size++;
-    pk11MechanismData *old = pk11_MechanismTable;
-    pk11MechanismData *newt = pk11_MechanismTable;
-
-	
-    if (size > tableSize) {
-	int oldTableSize = tableSize;
-	tableSize += 10;
-	newt = (pk11MechanismData *)
-				PORT_Alloc(tableSize*sizeof(pk11MechanismData));
-	if (newt == NULL) return;
-
-	if (old) PORT_Memcpy(newt,old,oldTableSize*sizeof(pk11MechanismData));
-    } else old = NULL;
-
-    newt[entry].type = type;
-    newt[entry].keyType = key;
-    newt[entry].keyGen = keyGen;
-    newt[entry].iv = ivLen;
-    newt[entry].blockSize = blockSize;
-
-    pk11_MechanismTable = newt;
-    pk11_MechTableSize = tableSize;
-    pk11_MechEntrySize = size;
-    if (old) PORT_Free(old);
-}
-
-/*
- * Get the key type needed for the given mechanism
- */
-CK_MECHANISM_TYPE
-PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len)
-{
-    switch (type) {
-    case CKM_AES_ECB:
-    case CKM_AES_CBC:
-    case CKM_AES_MAC:
-    case CKM_AES_MAC_GENERAL:
-    case CKM_AES_CBC_PAD:
-    case CKM_AES_KEY_GEN:
-	return CKK_AES;
-    case CKM_DES_ECB:
-    case CKM_DES_CBC:
-    case CKM_DES_MAC:
-    case CKM_DES_MAC_GENERAL:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES_KEY_GEN:
-    case CKM_KEY_WRAP_LYNKS:
-    case CKM_PBE_MD2_DES_CBC:
-    case CKM_PBE_MD5_DES_CBC:
-	return CKK_DES;
-    case CKM_DES3_ECB:
-    case CKM_DES3_CBC:
-    case CKM_DES3_MAC:
-    case CKM_DES3_MAC_GENERAL:
-    case CKM_DES3_CBC_PAD:
-	return (len == 128) ? CKK_DES2 : CKK_DES3;
-    case CKM_DES2_KEY_GEN:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-	return CKK_DES2;
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_DES3_KEY_GEN:
-	return CKK_DES3;
-    case CKM_CDMF_ECB:
-    case CKM_CDMF_CBC:
-    case CKM_CDMF_MAC:
-    case CKM_CDMF_MAC_GENERAL:
-    case CKM_CDMF_CBC_PAD:
-    case CKM_CDMF_KEY_GEN:
-	return CKK_CDMF;
-    case CKM_RC2_ECB:
-    case CKM_RC2_CBC:
-    case CKM_RC2_MAC:
-    case CKM_RC2_MAC_GENERAL:
-    case CKM_RC2_CBC_PAD:
-    case CKM_RC2_KEY_GEN:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-	return CKK_RC2;
-    case CKM_RC4:
-    case CKM_RC4_KEY_GEN:
-	return CKK_RC4;
-    case CKM_RC5_ECB:
-    case CKM_RC5_CBC:
-    case CKM_RC5_MAC:
-    case CKM_RC5_MAC_GENERAL:
-    case CKM_RC5_CBC_PAD:
-    case CKM_RC5_KEY_GEN:
-	return CKK_RC5;
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_SKIPJACK_KEY_GEN:
-    case CKM_SKIPJACK_WRAP:
-    case CKM_SKIPJACK_PRIVATE_WRAP:
-	return CKK_SKIPJACK;
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_BATON_WRAP:
-    case CKM_BATON_KEY_GEN:
-	return CKK_BATON;
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-    case CKM_JUNIPER_WRAP:
-    case CKM_JUNIPER_KEY_GEN:
-	return CKK_JUNIPER;
-    case CKM_IDEA_CBC:
-    case CKM_IDEA_ECB:
-    case CKM_IDEA_MAC:
-    case CKM_IDEA_MAC_GENERAL:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_IDEA_KEY_GEN:
-	return CKK_IDEA;
-    case CKM_CAST_ECB:
-    case CKM_CAST_CBC:
-    case CKM_CAST_MAC:
-    case CKM_CAST_MAC_GENERAL:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST_KEY_GEN:
-    case CKM_PBE_MD5_CAST_CBC:
-	return CKK_CAST;
-    case CKM_CAST3_ECB:
-    case CKM_CAST3_CBC:
-    case CKM_CAST3_MAC:
-    case CKM_CAST3_MAC_GENERAL:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST3_KEY_GEN:
-    case CKM_PBE_MD5_CAST3_CBC:
-	return CKK_CAST3;
-    case CKM_CAST5_ECB:
-    case CKM_CAST5_CBC:
-    case CKM_CAST5_MAC:
-    case CKM_CAST5_MAC_GENERAL:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_CAST5_KEY_GEN:
-    case CKM_PBE_MD5_CAST5_CBC:
-	return CKK_CAST5;
-    case CKM_RSA_PKCS:
-    case CKM_RSA_9796:
-    case CKM_RSA_X_509:
-    case CKM_MD2_RSA_PKCS:
-    case CKM_MD5_RSA_PKCS:
-    case CKM_SHA1_RSA_PKCS:
-    case CKM_KEY_WRAP_SET_OAEP:
-    case CKM_RSA_PKCS_KEY_PAIR_GEN:
-	return CKK_RSA;
-    case CKM_DSA:
-    case CKM_DSA_SHA1:
-    case CKM_DSA_KEY_PAIR_GEN:
-	return CKK_DSA;
-    case CKM_DH_PKCS_DERIVE:
-    case CKM_DH_PKCS_KEY_PAIR_GEN:
-	return CKK_DH;
-    case CKM_KEA_KEY_DERIVE:
-    case CKM_KEA_KEY_PAIR_GEN:
-	return CKK_KEA;
-    case CKM_ECDSA_KEY_PAIR_GEN:
-    case CKM_ECDSA:
-    case CKM_ECDSA_SHA1:
-	return CKK_ECDSA;
-    case CKM_SSL3_PRE_MASTER_KEY_GEN:
-    case CKM_GENERIC_SECRET_KEY_GEN:
-    case CKM_SSL3_MASTER_KEY_DERIVE:
-    case CKM_SSL3_MASTER_KEY_DERIVE_DH:
-    case CKM_SSL3_KEY_AND_MAC_DERIVE:
-    case CKM_SSL3_SHA1_MAC:
-    case CKM_SSL3_MD5_MAC:
-    case CKM_TLS_MASTER_KEY_DERIVE:
-    case CKM_TLS_MASTER_KEY_DERIVE_DH:
-    case CKM_TLS_KEY_AND_MAC_DERIVE:
-    case CKM_SHA_1_HMAC:
-    case CKM_SHA_1_HMAC_GENERAL:
-    case CKM_MD2_HMAC:
-    case CKM_MD2_HMAC_GENERAL:
-    case CKM_MD5_HMAC:
-    case CKM_MD5_HMAC_GENERAL:
-    case CKM_TLS_PRF_GENERAL:
-	return CKK_GENERIC_SECRET;
-    default:
-	return pk11_lookup(type)->keyType;
-    }
-}
-
-/*
- * Get the Key Gen Mechanism needed for the given 
- * crypto mechanism
- */
-CK_MECHANISM_TYPE
-PK11_GetKeyGen(CK_MECHANISM_TYPE type)
-{
-    switch (type) {
-    case CKM_AES_ECB:
-    case CKM_AES_CBC:
-    case CKM_AES_MAC:
-    case CKM_AES_MAC_GENERAL:
-    case CKM_AES_CBC_PAD:
-	return CKM_AES_KEY_GEN;
-    case CKM_DES_ECB:
-    case CKM_DES_CBC:
-    case CKM_DES_MAC:
-    case CKM_DES_MAC_GENERAL:
-    case CKM_KEY_WRAP_LYNKS:
-    case CKM_DES_CBC_PAD:
-	return CKM_DES_KEY_GEN;
-    case CKM_DES3_ECB:
-    case CKM_DES3_CBC:
-    case CKM_DES3_MAC:
-    case CKM_DES3_MAC_GENERAL:
-    case CKM_DES3_CBC_PAD:
-	return CKM_DES3_KEY_GEN;
-    case CKM_CDMF_ECB:
-    case CKM_CDMF_CBC:
-    case CKM_CDMF_MAC:
-    case CKM_CDMF_MAC_GENERAL:
-    case CKM_CDMF_CBC_PAD:
-	return CKM_CDMF_KEY_GEN;
-    case CKM_RC2_ECB:
-    case CKM_RC2_CBC:
-    case CKM_RC2_MAC:
-    case CKM_RC2_MAC_GENERAL:
-    case CKM_RC2_CBC_PAD:
-	return CKM_RC2_KEY_GEN;
-    case CKM_RC4:
-	return CKM_RC4_KEY_GEN;
-    case CKM_RC5_ECB:
-    case CKM_RC5_CBC:
-    case CKM_RC5_MAC:
-    case CKM_RC5_MAC_GENERAL:
-    case CKM_RC5_CBC_PAD:
-	return CKM_RC5_KEY_GEN;
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_SKIPJACK_WRAP:
-	return CKM_SKIPJACK_KEY_GEN;
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_BATON_WRAP:
-	return CKM_BATON_KEY_GEN;
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-    case CKM_JUNIPER_WRAP:
-	return CKM_JUNIPER_KEY_GEN;
-    case CKM_IDEA_CBC:
-    case CKM_IDEA_ECB:
-    case CKM_IDEA_MAC:
-    case CKM_IDEA_MAC_GENERAL:
-    case CKM_IDEA_CBC_PAD:
-	return CKM_IDEA_KEY_GEN;
-    case CKM_CAST_ECB:
-    case CKM_CAST_CBC:
-    case CKM_CAST_MAC:
-    case CKM_CAST_MAC_GENERAL:
-    case CKM_CAST_CBC_PAD:
-	return CKM_CAST_KEY_GEN;
-    case CKM_CAST3_ECB:
-    case CKM_CAST3_CBC:
-    case CKM_CAST3_MAC:
-    case CKM_CAST3_MAC_GENERAL:
-    case CKM_CAST3_CBC_PAD:
-	return CKM_CAST3_KEY_GEN;
-    case CKM_CAST5_ECB:
-    case CKM_CAST5_CBC:
-    case CKM_CAST5_MAC:
-    case CKM_CAST5_MAC_GENERAL:
-    case CKM_CAST5_CBC_PAD:
-	return CKM_CAST5_KEY_GEN;
-    case CKM_RSA_PKCS:
-    case CKM_RSA_9796:
-    case CKM_RSA_X_509:
-    case CKM_MD2_RSA_PKCS:
-    case CKM_MD5_RSA_PKCS:
-    case CKM_SHA1_RSA_PKCS:
-    case CKM_KEY_WRAP_SET_OAEP:
-	return CKM_RSA_PKCS_KEY_PAIR_GEN;
-    case CKM_DSA:
-    case CKM_DSA_SHA1:
-	return CKM_DSA_KEY_PAIR_GEN;
-    case CKM_DH_PKCS_DERIVE:
-	return CKM_DH_PKCS_KEY_PAIR_GEN;
-    case CKM_KEA_KEY_DERIVE:
-	return CKM_KEA_KEY_PAIR_GEN;
-    case CKM_ECDSA:
-	return CKM_ECDSA_KEY_PAIR_GEN;
-    case CKM_SSL3_PRE_MASTER_KEY_GEN:
-    case CKM_SSL3_MASTER_KEY_DERIVE:
-    case CKM_SSL3_KEY_AND_MAC_DERIVE:
-    case CKM_SSL3_SHA1_MAC:
-    case CKM_SSL3_MD5_MAC:
-    case CKM_TLS_MASTER_KEY_DERIVE:
-    case CKM_TLS_KEY_AND_MAC_DERIVE:
-	return CKM_SSL3_PRE_MASTER_KEY_GEN;
-    case CKM_SHA_1_HMAC:
-    case CKM_SHA_1_HMAC_GENERAL:
-    case CKM_MD2_HMAC:
-    case CKM_MD2_HMAC_GENERAL:
-    case CKM_MD5_HMAC:
-    case CKM_MD5_HMAC_GENERAL:
-    case CKM_TLS_PRF_GENERAL:
-	return CKM_GENERIC_SECRET_KEY_GEN;
-    case CKM_PBE_MD2_DES_CBC:
-    case CKM_PBE_MD5_DES_CBC:
-    case CKM_PBA_SHA1_WITH_SHA1_HMAC:
-    case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
-    case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
-    case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
-    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_RC4_40:
-    case CKM_PBE_SHA1_RC4_128:
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-    	return type;
-    default:
-	return pk11_lookup(type)->keyGen;
-    }
-}
-
-/*
- * get the mechanism block size
- */
-int
-PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params)
-{
-    CK_RC5_PARAMS *rc5_params;
-    CK_RC5_CBC_PARAMS *rc5_cbc_params;
-    switch (type) {
-    case CKM_RC5_ECB:
-	if ((params) && (params->data)) {
-	    rc5_params = (CK_RC5_PARAMS *) params->data;
-	    return (rc5_params->ulWordsize)*2;
-	}
-	return 8;
-    case CKM_RC5_CBC:
-    case CKM_RC5_CBC_PAD:
-	if ((params) && (params->data)) {
-	    rc5_cbc_params = (CK_RC5_CBC_PARAMS *) params->data;
-	    return (rc5_cbc_params->ulWordsize)*2;
-	}
-	return 8;
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_RC2_ECB:
-    case CKM_IDEA_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-    case CKM_RC2_CBC:
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_RC2_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_PBE_MD2_DES_CBC:
-    case CKM_PBE_MD5_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-	return 8;
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-	return 4;
-    case CKM_AES_ECB:
-    case CKM_AES_CBC:
-    case CKM_AES_CBC_PAD:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	return 16;
-    case CKM_BATON_ECB96:
-	return 12;
-    case CKM_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-    case CKM_PBE_SHA1_RC4_40:
-    case CKM_PBE_SHA1_RC4_128:
-	return 0;
-    case CKM_RSA_PKCS:
-    case CKM_RSA_9796:
-    case CKM_RSA_X_509:
-	/*actually it's the modulus length of the key!*/
-	return -1;	/* failure */
-    default:
-	return pk11_lookup(type)->blockSize;
-    }
-}
-
-/*
- * get the iv length
- */
-int
-PK11_GetIVLength(CK_MECHANISM_TYPE type)
-{
-    switch (type) {
-    case CKM_AES_ECB:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_RC2_ECB:
-    case CKM_IDEA_ECB:
-    case CKM_SKIPJACK_WRAP:
-    case CKM_BATON_WRAP:
-    case CKM_RC5_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-	return 0;
-    case CKM_RC2_CBC:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_PBE_MD2_DES_CBC:
-    case CKM_PBE_MD5_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-    case CKM_RC5_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_RC2_CBC_PAD:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_RC5_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-	return 8;
-    case CKM_AES_CBC:
-    case CKM_AES_CBC_PAD:
-	return 16;
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	return 24;
-    case CKM_RC4:
-    case CKM_RSA_PKCS:
-    case CKM_RSA_9796:
-    case CKM_RSA_X_509:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-    case CKM_PBE_SHA1_RC4_40:
-    case CKM_PBE_SHA1_RC4_128:
-	return 0;
-    default:
-	return pk11_lookup(type)->iv;
-    }
-}
-
-
-/* These next two utilities are here to help facilitate future
- * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
- * like SSL and S-MIME to automatically add them.
- */
-SECItem *
-PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv)
-{
-    CK_RC2_CBC_PARAMS *rc2_params = NULL;
-    CK_RC2_PARAMS *rc2_ecb_params = NULL;
-    CK_RC5_PARAMS *rc5_params = NULL;
-    CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
-    SECItem *param;
-
-    param = (SECItem *)PORT_Alloc(sizeof(SECItem));
-    if (param == NULL) return NULL;
-    param->data = NULL;
-    param->len = 0;
-    switch (type) {
-    case CKM_AES_ECB:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_RSA_PKCS:
-    case CKM_RSA_X_509:
-    case CKM_RSA_9796:
-    case CKM_IDEA_ECB:
-    case CKM_CDMF_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-    case CKM_RC4:
-	break;
-    case CKM_RC2_ECB:
-	rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
-	if (rc2_ecb_params == NULL) break;
-	/*  Maybe we should pass the key size in too to get this value? */
-	*rc2_ecb_params = 128;
-	param->data = (unsigned char *) rc2_ecb_params;
-	param->len = sizeof(CK_RC2_PARAMS);
-	break;
-    case CKM_RC2_CBC:
-    case CKM_RC2_CBC_PAD:
-	rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
-	if (rc2_params == NULL) break;
-	/* Maybe we should pass the key size in too to get this value? */
-	rc2_params->ulEffectiveBits = 128;
-	if (iv && iv->data)
-	    PORT_Memcpy(rc2_params->iv,iv->data,sizeof(rc2_params->iv));
-	param->data = (unsigned char *) rc2_params;
-	param->len = sizeof(CK_RC2_CBC_PARAMS);
-	break;
-    case CKM_RC5_CBC:
-    case CKM_RC5_CBC_PAD:
-	rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
-		PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0));
-	if (rc5_cbc_params == NULL) break;
-	if (iv && iv->data) {
-	    rc5_cbc_params->pIv = ((CK_BYTE_PTR) rc5_cbc_params) 
-						+ sizeof(CK_RC5_CBC_PARAMS);
-	    PORT_Memcpy(rc5_cbc_params->pIv,iv->data,iv->len);
-	    rc5_cbc_params->ulIvLen = iv->len;
-	    rc5_cbc_params->ulWordsize = iv->len/2;
-	} else {
-	    rc5_cbc_params->ulWordsize = 4;
-	    rc5_cbc_params->pIv = NULL;
-	    rc5_cbc_params->ulIvLen = iv->len;
-	}
-	rc5_cbc_params->ulRounds = 16;
-	param->data = (unsigned char *) rc5_cbc_params;
-	param->len = sizeof(CK_RC5_CBC_PARAMS);
-	break;
-    case CKM_RC5_ECB:
-	rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
-	if (rc5_params == NULL) break;
-	if (iv && iv->data && iv->len) {
-	    rc5_params->ulWordsize = iv->len/2;
-	} else {
-	    rc5_params->ulWordsize = 4;
-	}
-	rc5_params->ulRounds = 16;
-	param->data = (unsigned char *) rc5_params;
-	param->len = sizeof(CK_RC5_PARAMS);
-	break;
-    case CKM_AES_CBC:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_CDMF_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_AES_CBC_PAD:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_CDMF_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	if ((iv == NULL) || (iv->data == NULL)) break;
-	param->data = (unsigned char*)PORT_Alloc(iv->len);
-	if (param->data != NULL) {
-	    PORT_Memcpy(param->data,iv->data,iv->len);
-	    param->len = iv->len;
-	}
-	break;
-     /* unknown mechanism, pass IV in if it's there */
-     default:
-	if (pk11_lookup(type)->iv == 0) {
-	    break;
-	}
-	if ((iv == NULL) || (iv->data == NULL)) {
-	    break;
-	}
-	param->data = (unsigned char*)PORT_Alloc(iv->len);
-	if (param->data != NULL) {
-	    PORT_Memcpy(param->data,iv->data,iv->len);
-	    param->len = iv->len;
-	}
-	break;
-     }
-     return param;
-}
-
-unsigned char *
-PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len)
-{
-    CK_RC2_CBC_PARAMS *rc2_params;
-    CK_RC5_CBC_PARAMS *rc5_cbc_params;
-
-    *len = 0;
-    switch (type) {
-    case CKM_AES_ECB:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_RSA_PKCS:
-    case CKM_RSA_X_509:
-    case CKM_RSA_9796:
-    case CKM_IDEA_ECB:
-    case CKM_CDMF_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-    case CKM_RC4:
-	return NULL;
-    case CKM_RC2_ECB:
-	return NULL;
-    case CKM_RC2_CBC:
-    case CKM_RC2_CBC_PAD:
-	rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
-        *len = sizeof(rc2_params->iv);
-	return &rc2_params->iv[0];
-    case CKM_RC5_CBC:
-    case CKM_RC5_CBC_PAD:
-	rc5_cbc_params = (CK_RC5_CBC_PARAMS *) param->data;
-	*len = rc5_cbc_params->ulIvLen;
-	return rc5_cbc_params->pIv;
-    case CKM_AES_CBC:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_CDMF_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_CDMF_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	break;
-     /* unknown mechanism, pass IV in if it's there */
-     default:
-	break;
-     }
-     if (param->data) {
-	*len = param->len;
-     }
-     return param->data;
-}
-
-typedef struct sec_rc5cbcParameterStr {
-    SECItem version;
-    SECItem rounds;
-    SECItem blockSizeInBits;
-    SECItem iv;
-} sec_rc5cbcParameter;
-
-static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(sec_rc5cbcParameter) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc5cbcParameter,version) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc5cbcParameter,rounds) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc5cbcParameter,blockSizeInBits) },
-    { 0 }
-};
-
-static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(sec_rc5cbcParameter) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc5cbcParameter,version) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc5cbcParameter,rounds) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc5cbcParameter,blockSizeInBits) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(sec_rc5cbcParameter,iv) },
-    { 0 }
-};
-
-typedef struct sec_rc2cbcParameterStr {
-    SECItem rc2ParameterVersion;
-    SECItem iv;
-} sec_rc2cbcParameter;
-
-static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(sec_rc2cbcParameter) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
-    { SEC_ASN1_OCTET_STRING,
-          offsetof(sec_rc2cbcParameter,iv) },
-    { 0 }
-};
-
-static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = {
-    { SEC_ASN1_SEQUENCE,
-          0, NULL, sizeof(sec_rc2cbcParameter) },
-    { SEC_ASN1_INTEGER,
-          offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
-    { 0 }
-};
-
-/* S/MIME picked id values to represent differnt keysizes */
-/* I do have a formula, but it ain't pretty, and it only works because you
- * can always match three points to a parabola:) */
-static unsigned char  rc2_map(SECItem *version)
-{
-    long x;
-
-    x = DER_GetInteger(version);
-    
-    switch (x) {
-        case 58: return 128;
-        case 120: return 64;
-        case 160: return 40;
-    }
-    return 128; 
-}
-
-static unsigned long  rc2_unmap(unsigned long x)
-{
-    switch (x) {
-        case 128: return 58;
-        case 64: return 120;
-        case 40: return 160;
-    }
-    return 58; 
-}
-
-
-
-/* Generate a mechaism param from a type, and iv. */
-SECItem *
-PK11_ParamFromAlgid(SECAlgorithmID *algid)
-{
-    CK_RC2_CBC_PARAMS *rc2_params = NULL;
-    CK_RC2_PARAMS *rc2_ecb_params = NULL;
-    CK_RC5_CBC_PARAMS *rc5_params_cbc;
-    CK_RC5_PARAMS *rc5_params_ecb;
-    SECItem iv;
-    sec_rc2cbcParameter rc2;
-    sec_rc5cbcParameter rc5;
-    SECItem *mech;
-    CK_MECHANISM_TYPE type;
-    SECOidTag algtag;
-    SECStatus rv;
-
-    algtag = SECOID_GetAlgorithmTag(algid);
-    type = PK11_AlgtagToMechanism(algtag);
-
-    mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
-    if (mech == NULL) return NULL;
-
-
-    /* handle the complicated cases */
-    switch (type) {
-    case CKM_RC2_ECB:
-        rv = SEC_ASN1DecodeItem(NULL, &rc2 ,sec_rc2ecb_parameter_template,
-							&(algid->parameters));
-	if (rv != SECSuccess) { 
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
-	if (rc2_ecb_params == NULL) {
-	    PORT_Free(rc2.rc2ParameterVersion.data);
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	*rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
-	PORT_Free(rc2.rc2ParameterVersion.data);
-	mech->data = (unsigned char *) rc2_ecb_params;
-	mech->len = sizeof(CK_RC2_PARAMS);
-	return mech;
-    case CKM_RC2_CBC:
-    case CKM_RC2_CBC_PAD:
-        rv = SEC_ASN1DecodeItem(NULL, &rc2 ,sec_rc2cbc_parameter_template,
-							&(algid->parameters));
-	if (rv != SECSuccess) { 
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
-	if (rc2_params == NULL) {
-	    PORT_Free(rc2.iv.data);
-	    PORT_Free(rc2.rc2ParameterVersion.data);
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc2_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
-	PORT_Free(rc2.rc2ParameterVersion.data);
-	PORT_Memcpy(rc2_params->iv,rc2.iv.data,sizeof(rc2_params->iv));
-	PORT_Free(rc2.iv.data);
-	mech->data = (unsigned char *) rc2_params;
-	mech->len = sizeof(CK_RC2_CBC_PARAMS);
-	return mech;
-    case CKM_RC5_ECB:
-        rv = SEC_ASN1DecodeItem(NULL, &rc5 ,sec_rc5ecb_parameter_template,
-							&(algid->parameters));
-	if (rv != SECSuccess) { 
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc5_params_ecb=(CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
-	PORT_Free(rc5.version.data);
-	if (rc5_params_ecb == NULL) {
-	    PORT_Free(rc5.rounds.data);
-	    PORT_Free(rc5.blockSizeInBits.data);
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc5_params_ecb->ulRounds = DER_GetInteger(&rc5.rounds);
-	rc5_params_ecb->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
-	PORT_Free(rc5.rounds.data);
-	PORT_Free(rc5.blockSizeInBits.data);
-	mech->data = (unsigned char *) rc5_params_ecb;
-	mech->len = sizeof(CK_RC5_PARAMS);
-	return mech;
-    case CKM_RC5_CBC:
-    case CKM_RC5_CBC_PAD:
-        rv = SEC_ASN1DecodeItem(NULL, &rc5 ,sec_rc5cbc_parameter_template,
-							&(algid->parameters));
-	if (rv != SECSuccess) { 
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc5_params_cbc = (CK_RC5_CBC_PARAMS *)
-		PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
-	PORT_Free(rc5.version.data);
-	if (rc2_params == NULL) {
-	    PORT_Free(rc5.iv.data);
-	    PORT_Free(rc5.rounds.data);
-	    PORT_Free(rc5.blockSizeInBits.data);
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	rc5_params_cbc->ulRounds = DER_GetInteger(&rc5.rounds);
-	rc5_params_cbc->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
-	PORT_Free(rc5.rounds.data);
-	PORT_Free(rc5.blockSizeInBits.data);
-        rc5_params_cbc->pIv = ((CK_BYTE_PTR)rc5_params_cbc)
-						+ sizeof(CK_RC5_CBC_PARAMS);
-	PORT_Memcpy(rc5_params_cbc->pIv,rc5.iv.data,rc5.iv.len);
-        rc5_params_cbc->ulIvLen = rc5.iv.len;
-	PORT_Free(rc5.iv.data);
-	mech->data = (unsigned char *) rc5_params_cbc;
-	mech->len = sizeof(CK_RC5_CBC_PARAMS);
-	return mech;
-    case CKM_PBE_MD2_DES_CBC:
-    case CKM_PBE_MD5_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_RC4_40:
-    case CKM_PBE_SHA1_RC4_128:
-	rv = pbe_PK11AlgidToParam(algid,mech);
-	if (rv != SECSuccess) {
-	    PORT_Free(mech);
-	    return NULL;
-	}
-	return mech;
-    default:
-	/* must be a simple case */
-	break;
-    }
-
-    /* simple cases are simpley Octect encoded IV's */
-    rv = SEC_ASN1DecodeItem(NULL, &iv, SEC_OctetStringTemplate, 
-							&(algid->parameters));
-    if (rv !=  SECSuccess) {
-	iv.data = NULL;
-	iv.len = 0;
-    }
-
-    rv = SECSuccess;
-    switch (type) {
-    case CKM_RC4:
-    case CKM_AES_ECB:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_IDEA_ECB:
-    case CKM_CDMF_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-	mech->data = NULL;
-	mech->len = 0;
-	break;
-    default:
-	if (pk11_lookup(type)->iv == 0) {
-	    mech->data = NULL;
-	    mech->len = 0;
-	    break;
-	}
-    case CKM_AES_CBC:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_CDMF_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_AES_CBC_PAD:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_CDMF_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	if (iv.data ==  NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	mech->data = (unsigned char*)PORT_Alloc(iv.len);
-	if (mech->data == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	PORT_Memcpy(mech->data,iv.data,iv.len);
-	mech->len = iv.len;
-	break;
-    }
-    if (iv.data) PORT_Free(iv.data);
-    if (rv !=  SECSuccess) {
-	SECITEM_FreeItem(mech,PR_TRUE);
-	return NULL;
-    }
-    return mech;
-}
-
-SECStatus
-PK11_SeedRandom(PK11SlotInfo *slot, unsigned char *data, int len) {
-    CK_RV crv;
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_SeedRandom(slot->session,data, (CK_ULONG)len);
-    PK11_ExitSlotMonitor(slot);
-    return (crv != CKR_OK) ? SECFailure : SECSuccess;
-}
-
-/* Attempts to update the Best Slot for "FAKE RANDOM" generation.
-** If that's not the internal slot, then it also attempts to update the
-** internal slot.
-** The return value indicates if the INTERNAL slot was updated OK.
-*/
-SECStatus
-PK11_RandomUpdate(void *data, size_t bytes)
-{
-    PK11SlotInfo *slot;
-    PRBool        bestIsInternal;
-    SECStatus     status;
-
-    slot = PK11_GetBestSlot(CKM_FAKE_RANDOM, NULL);
-    if (slot == NULL) {
-	slot = PK11_GetInternalSlot();
-	if (!slot)
-	    return SECFailure;
-    }
-
-    bestIsInternal = PK11_IsInternal(slot);
-    status = PK11_SeedRandom(slot, data, bytes);
-    PK11_FreeSlot(slot);
-
-    if (!bestIsInternal) {
-    	/* do internal slot, too. */
-    	slot = PK11_GetInternalSlot();	/* can't fail */
-	status = PK11_SeedRandom(slot, data, bytes);
-	PK11_FreeSlot(slot);
-    }
-    return status;
-}
-
-
-SECStatus
-PK11_GenerateRandom(unsigned char *data,int len) {
-    PK11SlotInfo *slot;
-    CK_RV crv;
-
-    slot = PK11_GetBestSlot(CKM_FAKE_RANDOM,NULL);
-    if (slot == NULL) return SECFailure;
-
-    if (!slot->isInternal) PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GenerateRandom(slot->session,data, 
-							(CK_ULONG)len);
-    if (!slot->isInternal) PK11_ExitSlotMonitor(slot);
-    PK11_FreeSlot(slot);
-    return (crv != CKR_OK) ? SECFailure : SECSuccess;
-}
-
-/*
- * Generate an IV for the given mechanism 
- */
-static SECStatus
-pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) {
-    int iv_size = PK11_GetIVLength(type);
-    SECStatus rv;
-
-    iv->len = iv_size;
-    if (iv_size == 0) { 
-	iv->data = NULL;
-	return SECSuccess;
-    }
-
-    iv->data = (unsigned char *) PORT_Alloc(iv_size);
-    if (iv->data == NULL) {
-	iv->len = 0;
-	return SECFailure;
-    }
-
-    rv = PK11_GenerateRandom(iv->data,iv->len);
-    if (rv != SECSuccess) {
-	PORT_Free(iv->data);
-	iv->data = NULL; iv->len = 0;
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-
-/*
- * create a new paramter block from the passed in MECHANISM and the
- * key. Use Netscape's S/MIME Rules for the New param block.
- */
-SECItem *
-PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key) { 
-    CK_RC2_CBC_PARAMS *rc2_params;
-    CK_RC2_PARAMS *rc2_ecb_params;
-    SECItem *mech;
-    SECItem iv;
-    SECStatus rv;
-
-
-    mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
-    if (mech == NULL) return NULL;
-
-    rv = SECSuccess;
-    switch (type) {
-    case CKM_RC4:
-    case CKM_AES_ECB:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_IDEA_ECB:
-    case CKM_CDMF_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-	mech->data = NULL;
-	mech->len = 0;
-	break;
-    case CKM_RC2_ECB:
-	rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
-	if (rc2_ecb_params == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	/* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
-	 *   or RC4 key. Of course that wouldn't happen here doing RC2:).*/
-	*rc2_ecb_params = PK11_GetKeyLength(key)*8;
-	mech->data = (unsigned char *) rc2_ecb_params;
-	mech->len = sizeof(CK_RC2_PARAMS);
-	break;
-    case CKM_RC2_CBC:
-    case CKM_RC2_CBC_PAD:
-	rv = pk11_GenIV(type,&iv);
-	if (rv != SECSuccess) {
-	    break;
-	}
-	rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
-	if (rc2_params == NULL) {
-	    PORT_Free(iv.data);
-	    rv = SECFailure;
-	    break;
-	}
-	/* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
-	 *   or RC4 key. Of course that wouldn't happen here doing RC2:).*/
-	rc2_params->ulEffectiveBits = PK11_GetKeyLength(key)*8;
-	if (iv.data)
-	    PORT_Memcpy(rc2_params->iv,iv.data,sizeof(rc2_params->iv));
-	mech->data = (unsigned char *) rc2_params;
-	mech->len = sizeof(CK_RC2_CBC_PARAMS);
-	PORT_Free(iv.data);
-	break;
-    case CKM_RC5_ECB:
-        PORT_Free(mech);
-	return PK11_ParamFromIV(type,NULL);
-    case CKM_RC5_CBC:
-    case CKM_RC5_CBC_PAD:
-	rv = pk11_GenIV(type,&iv);
-	if (rv != SECSuccess) {
-	    break;
-	}
-        PORT_Free(mech);
-	return PK11_ParamFromIV(type,&iv);
-    default:
-	if (pk11_lookup(type)->iv == 0) {
-	    mech->data = NULL;
-	    mech->len = 0;
-	    break;
-	}
-    case CKM_AES_CBC:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_CDMF_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_CDMF_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	rv = pk11_GenIV(type,&iv);
-	if (rv != SECSuccess) {
-	    break;
-	}
-	mech->data = (unsigned char*)PORT_Alloc(iv.len);
-	if (mech->data == NULL) {
-	    PORT_Free(iv.data);
-	    rv = SECFailure;
-	    break;
-	}
-	PORT_Memcpy(mech->data,iv.data,iv.len);
-	mech->len = iv.len;
-        PORT_Free(iv.data);
-	break;
-    }
-    if (rv !=  SECSuccess) {
-	SECITEM_FreeItem(mech,PR_TRUE);
-	return NULL;
-    }
-    return mech;
-
-}
-
-#define RC5_V10 0x10
-
-/* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */
-SECStatus
-PK11_ParamToAlgid(SECOidTag algTag, SECItem *param, 
-				PRArenaPool *arena, SECAlgorithmID *algid) {
-    CK_RC2_CBC_PARAMS *rc2_params;
-    sec_rc2cbcParameter rc2;
-    CK_RC5_CBC_PARAMS *rc5_params;
-    sec_rc5cbcParameter rc5;
-    CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag);
-    SECItem *newParams = NULL;
-    SECStatus rv = SECFailure;
-    unsigned long rc2version;
-
-    rv = SECSuccess;
-    switch (type) {
-    case CKM_RC4:
-    case CKM_AES_ECB:
-    case CKM_DES_ECB:
-    case CKM_DES3_ECB:
-    case CKM_IDEA_ECB:
-    case CKM_CDMF_ECB:
-    case CKM_CAST_ECB:
-    case CKM_CAST3_ECB:
-    case CKM_CAST5_ECB:
-	newParams = NULL;
-	rv = SECSuccess;
-	break;
-    case CKM_RC2_ECB:
-	break;
-    case CKM_RC2_CBC:
-    case CKM_RC2_CBC_PAD:
-	rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
-	rc2version = rc2_unmap(rc2_params->ulEffectiveBits);
-	if (SEC_ASN1EncodeUnsignedInteger (NULL, &(rc2.rc2ParameterVersion),
-					   rc2version) == NULL)
-	    break;
-	rc2.iv.data = rc2_params->iv;
-	rc2.iv.len = sizeof(rc2_params->iv);
-	newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc2,
-                                         sec_rc2cbc_parameter_template);
-        PORT_Free(rc2.rc2ParameterVersion.data);
-	if (newParams == NULL)
-	    break;
-	rv = SECSuccess;
-	break;
-
-    case CKM_RC5_ECB: /* well not really... */
-	break;
-    case CKM_RC5_CBC:
-    case CKM_RC5_CBC_PAD:
-	rc5_params = (CK_RC5_CBC_PARAMS *)param->data;
-	if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.version, RC5_V10) == NULL)
-	    break;
-	if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.blockSizeInBits, 
-					rc5_params->ulWordsize*8) == NULL) {
-            PORT_Free(rc5.version.data);
-	    break;
-	}
-	if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.rounds, 
-					rc5_params->ulWordsize*8) == NULL) {
-            PORT_Free(rc5.blockSizeInBits.data);
-            PORT_Free(rc5.version.data);
-	    break;
-	}
-	rc5.iv.data = rc5_params->pIv;
-	rc5.iv.len = rc5_params->ulIvLen;
-	newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc5,
-                                         sec_rc5cbc_parameter_template);
-        PORT_Free(rc5.version.data);
-        PORT_Free(rc5.blockSizeInBits.data);
-        PORT_Free(rc5.rounds.data);
-	if (newParams == NULL)
-	    break;
-	rv = SECSuccess;
-	break;
-    case CKM_PBE_MD2_DES_CBC:
-    case CKM_PBE_MD5_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_RC4_40:
-    case CKM_PBE_SHA1_RC4_128:
-	return PBE_PK11ParamToAlgid(algTag, param, arena, algid);
-    default:
-	if (pk11_lookup(type)->iv == 0) {
-	    rv = SECSuccess;
-	    newParams = NULL;
-	    break;
-	}
-    case CKM_AES_CBC:
-    case CKM_DES_CBC:
-    case CKM_DES3_CBC:
-    case CKM_IDEA_CBC:
-    case CKM_CDMF_CBC:
-    case CKM_CAST_CBC:
-    case CKM_CAST3_CBC:
-    case CKM_CAST5_CBC:
-    case CKM_DES_CBC_PAD:
-    case CKM_DES3_CBC_PAD:
-    case CKM_IDEA_CBC_PAD:
-    case CKM_CDMF_CBC_PAD:
-    case CKM_CAST_CBC_PAD:
-    case CKM_CAST3_CBC_PAD:
-    case CKM_CAST5_CBC_PAD:
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-    case CKM_BATON_ECB128:
-    case CKM_BATON_ECB96:
-    case CKM_BATON_CBC128:
-    case CKM_BATON_COUNTER:
-    case CKM_BATON_SHUFFLE:
-    case CKM_JUNIPER_ECB128:
-    case CKM_JUNIPER_CBC128:
-    case CKM_JUNIPER_COUNTER:
-    case CKM_JUNIPER_SHUFFLE:
-	newParams = SEC_ASN1EncodeItem(NULL,NULL,param,
-						SEC_OctetStringTemplate);
-	rv = SECSuccess;
-	break;
-    }
-
-    if (rv !=  SECSuccess) {
-	if (newParams) SECITEM_FreeItem(newParams,PR_TRUE);
-	return rv;
-    }
-
-    rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams);
-    SECITEM_FreeItem(newParams,PR_TRUE);
-    return rv;
-}
-
-/* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to
- * map OID's directly into the PKCS #11 mechanism we want to call. We find
- * this mapping in our standard OID table */
-CK_MECHANISM_TYPE
-PK11_AlgtagToMechanism(SECOidTag algTag) {
-    SECOidData *oid = SECOID_FindOIDByTag(algTag);
-
-    if (oid) return (CK_MECHANISM_TYPE) oid->mechanism;
-    return CKM_INVALID_MECHANISM;
-}
-
-/* turn a mechanism into an oid. */
-SECOidTag
-PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) {
-    SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type);
-
-    if (oid) return oid->offset;
-    return SEC_OID_UNKNOWN;
-}
-
-/* Determine appropriate blocking mechanism, used when wrapping private keys
- * which require PKCS padding.  If the mechanism does not map to a padding
- * mechanism, we simply return the mechanism.
- */
-CK_MECHANISM_TYPE
-PK11_GetPadMechanism(CK_MECHANISM_TYPE type) {
-    switch(type) {
-	case CKM_AES_CBC:
-	    return CKM_AES_CBC_PAD;
-	case CKM_DES_CBC:
-	    return CKM_DES_CBC_PAD;
-	case CKM_DES3_CBC:
-	    return CKM_DES3_CBC_PAD;
-	case CKM_RC2_CBC:
-	    return CKM_RC2_CBC_PAD;
-	case CKM_CDMF_CBC:
-	    return CKM_CDMF_CBC_PAD;
-	case CKM_CAST_CBC:
-	    return CKM_CAST_CBC_PAD;
-	case CKM_CAST3_CBC:
-	    return CKM_CAST3_CBC_PAD;
-	case CKM_CAST5_CBC:
-	    return CKM_CAST5_CBC_PAD;
-	case CKM_RC5_CBC:
-	    return CKM_RC5_CBC_PAD; 
-	case CKM_IDEA_CBC:
-	    return CKM_IDEA_CBC_PAD; 
-	default:
-	    break;
-    }
-
-    return type;
-}
-	    
-/*
- * Build a block big enough to hold the data
- */
-SECItem *
-PK11_BlockData(SECItem *data,unsigned long size) {
-    SECItem *newData;
-
-    newData = (SECItem *)PORT_Alloc(sizeof(SECItem));
-    if (newData == NULL) return NULL;
-
-    newData->len = (data->len + (size-1))/size;
-    newData->len *= size;
-
-    newData->data = (unsigned char *) PORT_ZAlloc(newData->len); 
-    if (newData->data == NULL) {
-	PORT_Free(newData);
-	return NULL;
-    }
-    PORT_Memset(newData->data,newData->len-data->len,newData->len); 
-    PORT_Memcpy(newData->data,data->data,data->len);
-    return newData;
-}
-
-
-SECStatus
-PK11_DestroyObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object) {
-    CK_RV crv;
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_DestroyObject(slot->session,object);
-    PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus
-PK11_DestroyTokenObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object) {
-    CK_RV crv;
-    SECStatus rv = SECSuccess;
-    CK_SESSION_HANDLE rwsession;
-
-    
-    rwsession = PK11_GetRWSession(slot);
-
-    crv = PK11_GETTAB(slot)->C_DestroyObject(rwsession,object);
-    if (crv != CKR_OK) {
-	rv = SECFailure;
-	PORT_SetError(PK11_MapError(crv));
-    }
-    PK11_RestoreROSession(slot,rwsession);
-    return rv;
-}
-
-/*
- * Read in a single attribute into a SECItem. Allocate space for it with 
- * PORT_Alloc unless an arena is supplied. In the latter case use the arena
- * to allocate the space.
- */
-SECStatus
-PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
-	 CK_ATTRIBUTE_TYPE type, PRArenaPool *arena, SECItem *result) {
-    CK_ATTRIBUTE attr = { 0, NULL, 0 };
-    CK_RV crv;
-
-    attr.type = type;
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
-    if (crv != CKR_OK) {
-	PK11_ExitSlotMonitor(slot);
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-    if (arena) {
-    	attr.pValue = PORT_ArenaAlloc(arena,attr.ulValueLen);
-    } else {
-    	attr.pValue = PORT_Alloc(attr.ulValueLen);
-    }
-    if (attr.pValue == NULL) return SECFailure;
-    crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
-    PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	if (!arena) PORT_Free(attr.pValue);
-	return SECFailure;
-    }
-
-    result->data = (unsigned char*)attr.pValue;
-    result->len = attr.ulValueLen;
-
-    return SECSuccess;
-}
-
-/*
- * Read in a single attribute into As a Ulong. 
- */
-CK_ULONG
-PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
-	 CK_ATTRIBUTE_TYPE type) {
-    CK_ATTRIBUTE attr;
-    CK_ULONG value = CK_UNAVAILABLE_INFORMATION;
-    CK_RV crv;
-
-    PK11_SETATTRS(&attr,type,&value,sizeof(value));
-
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
-    PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-    }
-    return value;
-}
-
-/*
- * check to see if a bool has been set.
- */
-CK_BBOOL
-PK11_HasAttributeSet( PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
-				                      CK_ATTRIBUTE_TYPE type )
-{
-    CK_BBOOL ckvalue = CK_FALSE;
-    CK_ATTRIBUTE theTemplate;
-    CK_RV crv;
-
-    /* Prepare to retrieve the attribute. */
-    PK11_SETATTRS( &theTemplate, type, &ckvalue, sizeof( CK_BBOOL ) );
-
-    /* Retrieve attribute value. */
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB( slot )->C_GetAttributeValue( slot->session, id,
-                                                    &theTemplate, 1 );
-    PK11_ExitSlotMonitor(slot);
-    if( crv != CKR_OK ) {
-        PORT_SetError( PK11_MapError( crv ) );
-        return CK_FALSE;
-    }
-
-    return ckvalue;
-}
-
-/*
- * returns a full list of attributes. Allocate space for them. If an arena is
- * provided, allocate space out of the arena.
- */
-CK_RV
-PK11_GetAttributes(PRArenaPool *arena,PK11SlotInfo *slot,
-			CK_OBJECT_HANDLE obj,CK_ATTRIBUTE *attr, int count)
-{
-    int i;
-    /* make pedantic happy... note that it's only used arena != NULL */ 
-    void *mark = NULL; 
-    CK_RV crv;
-
-    /*
-     * first get all the lengths of the parameters.
-     */
-    PK11_EnterSlotMonitor(slot);
-    crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,obj,attr,count);
-    if (crv != CKR_OK) {
-	PK11_ExitSlotMonitor(slot);
-	return crv;
-    }
-
-    if (arena) {
-    	mark = PORT_ArenaMark(arena);
-	if (mark == NULL) return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * now allocate space to store the results.
-     */
-    for (i=0; i < count; i++) {
-	if (arena) {
-	    attr[i].pValue = PORT_ArenaAlloc(arena,attr[i].ulValueLen);
-	    if (attr[i].pValue == NULL) {
-		/* arena failures, just release the mark */
-		PORT_ArenaRelease(arena,mark);
-		PK11_ExitSlotMonitor(slot);
-		return CKR_HOST_MEMORY;
-	    }
-	} else {
-	    attr[i].pValue = PORT_Alloc(attr[i].ulValueLen);
-	    if (attr[i].pValue == NULL) {
-		/* Separate malloc failures, loop to release what we have 
-		 * so far */
-		int j;
-		for (j= 0; j < i; j++) { 
-		    PORT_Free(attr[j].pValue);
-		    /* don't give the caller pointers to freed memory */
-		    attr[j].pValue = NULL; 
-		}
-		PK11_ExitSlotMonitor(slot);
-		return CKR_HOST_MEMORY;
-	    }
-	}
-    }
-
-    /*
-     * finally get the results.
-     */
-    crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,obj,attr,count);
-    PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	if (arena) {
-	    PORT_ArenaRelease(arena,mark);
-	} else {
-	    for (i= 0; i < count; i++) {
-		PORT_Free(attr[i].pValue);
-		/* don't give the caller pointers to freed memory */
-		attr[i].pValue = NULL;
-	    }
-	}
-    } else if (arena && mark) {
-	PORT_ArenaUnmark(arena,mark);
-    }
-    return crv;
-}
-
-/*
- * Reset the token to it's initial state. For the internal module, this will
- * Purge your keydb, and reset your cert db certs to USER_INIT.
- */
-SECStatus 
-PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd)
-{
-    unsigned char tokenName[32];
-    int tokenNameLen;
-    CK_RV crv;
-
-    /* reconstruct the token name */
-    tokenNameLen = PORT_Strlen(slot->token_name);
-    if (tokenNameLen > sizeof(tokenName)) {
-	tokenNameLen = sizeof(tokenName);
-    }
-
-    PORT_Memcpy(tokenName,slot->token_name,tokenNameLen);
-    if (tokenNameLen < sizeof(tokenName)) {
-	PORT_Memset(&tokenName[tokenNameLen],' ',
-					 sizeof(tokenName)-tokenNameLen);
-    }
-
-    /* initialize the token */    
-    PK11_EnterSlotMonitor(slot);
-
-    /* first shutdown the token. Existing sessions will get closed here */
-    PK11_GETTAB(slot)->C_CloseAllSessions(slot->slotID);
-    slot->session = CK_INVALID_SESSION;
-
-    /* now re-init the token */ 
-    crv = PK11_GETTAB(slot)->C_InitToken(slot->slotID,
-	(unsigned char *)sso_pwd, sso_pwd ? PORT_Strlen(sso_pwd): 0, tokenName);
-
-    /* finally bring the token back up */
-    PK11_InitToken(slot,PR_TRUE);
-    PK11_ExitSlotMonitor(slot);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static PRBool
-pk11_isAllZero(unsigned char *data,int len) {
-    while (len--) {
-	if (*data++) {
-	    return PR_FALSE;
-	}
-    }
-    return PR_TRUE;
-}
-
-CK_RV
-PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism, 
-				      CK_MECHANISM_PTR pCryptoMechanism,
-				      SECItem *pbe_pwd, PRBool faulty3DES)
-{
-    int iv_len = 0;
-    CK_PBE_PARAMS_PTR pPBEparams;
-    CK_RC2_CBC_PARAMS_PTR rc2_params;
-    CK_ULONG rc2_key_len;
-
-    if((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) {
-	return CKR_HOST_MEMORY;
-    }
-
-    pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter;
-    iv_len = PK11_GetIVLength(pPBEMechanism->mechanism);
-
-    if (iv_len) {
-	if (pk11_isAllZero(pPBEparams->pInitVector,iv_len)) {
-	    SECItem param;
-	    PK11SymKey *symKey;
-	    PK11SlotInfo *intSlot = PK11_GetInternalSlot();
-
-	    if (intSlot == NULL) {
-		return CKR_DEVICE_ERROR;
-	    }
-
-	    param.data = pPBEMechanism->pParameter;
-	    param.len = pPBEMechanism->ulParameterLen;
-
-	    symKey = PK11_RawPBEKeyGen(intSlot,
-		pPBEMechanism->mechanism, &param, pbe_pwd, faulty3DES, NULL);
-	    PK11_FreeSlot(intSlot);
-	    if (symKey== NULL) {
-		return CKR_DEVICE_ERROR; /* sigh */
-	    }
-	    PK11_FreeSymKey(symKey);
-	}
-    }
-
-    switch(pPBEMechanism->mechanism) {
-	case CKM_PBE_MD2_DES_CBC:
-	case CKM_PBE_MD5_DES_CBC:
-	case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-	    pCryptoMechanism->mechanism = CKM_DES_CBC;
-	    goto have_crypto_mechanism;
-	case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-	case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-	case CKM_PBE_SHA1_DES3_EDE_CBC:
-	case CKM_PBE_SHA1_DES2_EDE_CBC:
-	    pCryptoMechanism->mechanism = CKM_DES3_CBC;
-have_crypto_mechanism:
-	    pCryptoMechanism->pParameter = PORT_Alloc(iv_len);
-	    pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len;
-	    if(pCryptoMechanism->pParameter == NULL) {
-		return CKR_HOST_MEMORY;
-	    }
-	    PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter),
-			(unsigned char *)(pPBEparams->pInitVector),
-			iv_len);
-	    break;
-	case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-	case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-	case CKM_PBE_SHA1_RC4_40:
-	case CKM_PBE_SHA1_RC4_128:
-	    pCryptoMechanism->mechanism = CKM_RC4;
-	    pCryptoMechanism->ulParameterLen = 0;
-	    pCryptoMechanism->pParameter = CK_NULL_PTR;
-	    break;
-	case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-	case CKM_PBE_SHA1_RC2_40_CBC:
-	    rc2_key_len = 40;
-	    goto have_key_len;
-	case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-	    rc2_key_len = 128;
-have_key_len:
-	    pCryptoMechanism->mechanism = CKM_RC2_CBC;
-	    pCryptoMechanism->ulParameterLen = (CK_ULONG)
-						sizeof(CK_RC2_CBC_PARAMS);
-	    pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR)
-				PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS));
-	    if(pCryptoMechanism->pParameter == NULL) {
-		return CKR_HOST_MEMORY;
-	    }
-	    rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter;
-	    PORT_Memcpy((unsigned char *)rc2_params->iv,
-	    		(unsigned char *)pPBEparams->pInitVector,
-	    		iv_len);
-	    rc2_params->ulEffectiveBits = rc2_key_len;
-	    break;
-	default:
-	    return CKR_MECHANISM_INVALID;
-    }
-
-    return CKR_OK;
-}
-
-PRBool
-PK11_IsPermObject(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle)
-{
-    return (PRBool) PK11_HasAttributeSet(slot, handle, CKA_TOKEN);
-}
-
-char *
-PK11_GetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id) 
-{
-    char *nickname = NULL;
-    SECItem result;
-    SECStatus rv;
-
-    rv = PK11_ReadAttribute(slot,id,CKA_LABEL,NULL,&result);
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-
-    nickname = PORT_ZAlloc(result.len);
-    if (nickname == NULL) {
-	PORT_Free(result.data);
-	return NULL;
-    }
-    PORT_Memcpy(nickname, result.data, result.len);
-    PORT_Free(result.data);
-    return nickname;
-}
-
-SECStatus
-PK11_SetObjectNickname(PK11SlotInfo *slot, CK_OBJECT_HANDLE id, 
-						const char *nickname) 
-{
-    int len = PORT_Strlen(nickname);
-    CK_ATTRIBUTE setTemplate;
-    CK_RV crv;
-    CK_SESSION_HANDLE rwsession;
-
-    if (len < 0) {
-	return SECFailure;
-    }
-
-    PK11_SETATTRS(&setTemplate, CKA_LABEL, (CK_CHAR *) nickname, len);
-    rwsession = PK11_GetRWSession(slot);
-    crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession, id,
-			&setTemplate, 1);
-    PK11_RestoreROSession(slot, rwsession);
-    if (crv != CKR_OK) {
-	PORT_SetError(PK11_MapError(crv));
-	return SECFailure;
-    }
-    return SECSuccess;
-}
diff --git a/security/nss/lib/pk11wrap/pk11util.c b/security/nss/lib/pk11wrap/pk11util.c
deleted file mode 100644
index 11673d9f6..000000000
--- a/security/nss/lib/pk11wrap/pk11util.c
+++ /dev/null
@@ -1,710 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Initialize the PCKS 11 subsystem
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pk11func.h"
-#include "pki3hack.h"
-#include "secerr.h"
-
-/* these are for displaying error messages */
-
-static  SECMODModuleList *modules = NULL;
-static  SECMODModuleList *modulesDB = NULL;
-static  SECMODModuleList *modulesUnload = NULL;
-static  SECMODModule *internalModule = NULL;
-static  SECMODModule *defaultDBModule = NULL;
-static  SECMODModule *pendingModule = NULL;
-static SECMODListLock *moduleLock = NULL;
-
-int secmod_PrivateModuleCount = 0;
-
-extern PK11DefaultArrayEntry PK11_DefaultArray[];
-extern int num_pk11_default_mechanisms;
-
-
-void
-SECMOD_Init() {
-    /* don't initialize twice */
-    if (moduleLock) return;
-
-    moduleLock = SECMOD_NewListLock();
-    PK11_InitSlotLists();
-}
-
-
-SECStatus
-SECMOD_Shutdown() {
-    /* destroy the lock */
-    if (moduleLock) {
-	SECMOD_DestroyListLock(moduleLock);
-	moduleLock = NULL;
-    }
-    /* free the internal module */
-    if (internalModule) {
-	SECMOD_DestroyModule(internalModule);
-	internalModule = NULL;
-    }
-
-    /* free the default database module */
-    if (defaultDBModule) {
-	SECMOD_DestroyModule(defaultDBModule);
-	defaultDBModule = NULL;
-    }
-	
-    /* destroy the list */
-    if (modules) {
-	SECMOD_DestroyModuleList(modules);
-	modules = NULL;
-    }
-   
-    if (modulesDB) {
-	SECMOD_DestroyModuleList(modulesDB);
-	modulesDB = NULL;
-    }
-
-    if (modulesUnload) {
-	SECMOD_DestroyModuleList(modulesUnload);
-	modulesUnload = NULL;
-    }
-
-    /* make all the slots and the lists go away */
-    PK11_DestroySlotLists();
-
-#ifdef DEBUG
-    if (PR_GetEnv("NSS_STRICT_SHUTDOWN")) {
-	PORT_Assert(secmod_PrivateModuleCount == 0);
-    }
-#endif
-    return (secmod_PrivateModuleCount == 0) ? SECSuccess : SECFailure;
-}
-
-
-/*
- * retrieve the internal module
- */
-SECMODModule *
-SECMOD_GetInternalModule(void) {
-   return internalModule;
-}
-
-
-SECStatus
-secmod_AddModuleToList(SECMODModuleList **moduleList,SECMODModule *newModule) {
-    SECMODModuleList *mlp, *newListElement, *last = NULL;
-
-    newListElement = SECMOD_NewModuleListElement();
-    if (newListElement == NULL) {
-	return SECFailure;
-    }
-
-    newListElement->module = SECMOD_ReferenceModule(newModule);
-
-    SECMOD_GetWriteLock(moduleLock);
-    /* Added it to the end (This is very inefficient, but Adding a module
-     * on the fly should happen maybe 2-3 times through the life this program
-     * on a given computer, and this list should be *SHORT*. */
-    for(mlp = *moduleList; mlp != NULL; mlp = mlp->next) {
-	last = mlp;
-    }
-
-    if (last == NULL) {
-	*moduleList = newListElement;
-    } else {
-	SECMOD_AddList(last,newListElement,NULL);
-    }
-    SECMOD_ReleaseWriteLock(moduleLock);
-    return SECSuccess;
-}
-
-SECStatus
-SECMOD_AddModuleToList(SECMODModule *newModule) {
-    if (newModule->internal && !internalModule) {
-	internalModule = SECMOD_ReferenceModule(newModule);
-    }
-    return secmod_AddModuleToList(&modules,newModule);
-}
-
-SECStatus
-SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule) {
-    if (defaultDBModule == NULL) {
-	defaultDBModule = SECMOD_ReferenceModule(newModule);
-    }
-    return secmod_AddModuleToList(&modulesDB,newModule);
-}
-
-SECStatus
-SECMOD_AddModuleToUnloadList(SECMODModule *newModule) {
-    return secmod_AddModuleToList(&modulesUnload,newModule);
-}
-
-/*
- * get the list of PKCS11 modules that are available.
- */
-SECMODModuleList *SECMOD_GetDefaultModuleList() { return modules; }
-SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; }
-
-
-
-/*
- * find a module by name, and add a reference to it.
- * return that module.
- */
-SECMODModule *SECMOD_FindModule(char *name) {
-    SECMODModuleList *mlp;
-    SECMODModule *module = NULL;
-
-    SECMOD_GetReadLock(moduleLock);
-    for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-	if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
-	    module = mlp->module;
-	    SECMOD_ReferenceModule(module);
-	    break;
-	}
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-
-    return module;
-}
-
-/*
- * find a module by ID, and add a reference to it.
- * return that module.
- */
-SECMODModule *SECMOD_FindModuleByID(SECMODModuleID id) {
-    SECMODModuleList *mlp;
-    SECMODModule *module = NULL;
-
-    SECMOD_GetReadLock(moduleLock);
-    for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-	if (id == mlp->module->moduleID) {
-	    module = mlp->module;
-	    SECMOD_ReferenceModule(module);
-	    break;
-	}
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-
-    return module;
-}
-
-/*
- * lookup the Slot module based on it's module ID and slot ID.
- */
-PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) {
-    int i;
-    SECMODModule *module;
-
-    module = SECMOD_FindModuleByID(moduleID);
-    if (module == NULL) return NULL;
-
-    for (i=0; i < module->slotCount; i++) {
-	PK11SlotInfo *slot = module->slots[i];
-
-	if (slot->slotID == slotID) {
-	    SECMOD_DestroyModule(module);
-	    return PK11_ReferenceSlot(slot);
-	}
-    }
-    SECMOD_DestroyModule(module);
-    return NULL;
-}
-
-
-/*
- * find a module by name or module pointer and delete it off the module list.
- * optionally remove it from secmod.db.
- */
-SECStatus
-SECMOD_DeleteModuleEx(char *name, SECMODModule *mod, int *type, PRBool permdb) {
-    SECMODModuleList *mlp;
-    SECMODModuleList **mlpp;
-    SECStatus rv = SECFailure;
-
-
-    *type = SECMOD_EXTERNAL;
-
-    SECMOD_GetWriteLock(moduleLock);
-    for(mlpp = &modules,mlp = modules; 
-				mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
-	if ((name && (PORT_Strcmp(name,mlp->module->commonName) == 0)) ||
-							mod == mlp->module) {
-	    /* don't delete the internal module */
-	    if (!mlp->module->internal) {
-		SECMOD_RemoveList(mlpp,mlp);
-		/* delete it after we release the lock */
-		rv = STAN_RemoveModuleFromDefaultTrustDomain(mlp->module);
-	    } else if (mlp->module->isFIPS) {
-		*type = SECMOD_FIPS;
-	    } else {
-		*type = SECMOD_INTERNAL;
-	    }
-	    break;
-	}
-    }
-    SECMOD_ReleaseWriteLock(moduleLock);
-
-
-    if (rv == SECSuccess) {
-	if (permdb) {
- 	    SECMOD_DeletePermDB(mlp->module);
-	}
-	SECMOD_DestroyModuleListElement(mlp);
-    }
-    return rv;
-}
-
-/*
- * find a module by name and delete it off the module list
- */
-SECStatus
-SECMOD_DeleteModule(char *name, int *type) {
-    return SECMOD_DeleteModuleEx(name, NULL, type, PR_TRUE);
-}
-
-/*
- * find a module by name and delete it off the module list
- */
-SECStatus
-SECMOD_DeleteInternalModule(char *name) {
-    SECMODModuleList *mlp;
-    SECMODModuleList **mlpp;
-    SECStatus rv = SECFailure;
-
-    if (pendingModule) {
-	PORT_SetError(SEC_ERROR_MODULE_STUCK);
-	return rv;
-    }
-
-    SECMOD_GetWriteLock(moduleLock);
-    for(mlpp = &modules,mlp = modules; 
-				mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
-	if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
-	    /* don't delete the internal module */
-	    if (mlp->module->internal) {
-		SECMOD_RemoveList(mlpp,mlp);
-		rv = STAN_RemoveModuleFromDefaultTrustDomain(mlp->module);
-	    } 
-	    break;
-	}
-    }
-    SECMOD_ReleaseWriteLock(moduleLock);
-
-    if (rv == SECSuccess) {
-	SECMODModule *newModule,*oldModule;
-
-	if (mlp->module->isFIPS) {
-    	    newModule = SECMOD_CreateModule(NULL, SECMOD_INT_NAME,
-				NULL, SECMOD_INT_FLAGS);
-	} else {
-    	    newModule = SECMOD_CreateModule(NULL, SECMOD_FIPS_NAME,
-				NULL, SECMOD_FIPS_FLAGS);
-	}
-	if (newModule == NULL) {
-	    SECMODModuleList *last = NULL,*mlp2;
-	   /* we're in pretty deep trouble if this happens...Security
-	    * not going to work well... try to put the old module back on
-	    * the list */
-	   SECMOD_GetWriteLock(moduleLock);
-	   for(mlp2 = modules; mlp2 != NULL; mlp2 = mlp->next) {
-		last = mlp2;
-	   }
-
-	   if (last == NULL) {
-		modules = mlp;
-	   } else {
-		SECMOD_AddList(last,mlp,NULL);
-	   }
-	   SECMOD_ReleaseWriteLock(moduleLock);
-	   return SECFailure; 
-	}
-	newModule->libraryParams = 
-	     PORT_ArenaStrdup(newModule->arena,mlp->module->libraryParams);
-	pendingModule = oldModule = internalModule;
-	internalModule = NULL;
-	SECMOD_DestroyModule(oldModule);
- 	SECMOD_DeletePermDB(mlp->module);
-	SECMOD_DestroyModuleListElement(mlp);
-	internalModule = newModule; /* adopt the module */
-	SECMOD_AddModule(internalModule);
-    }
-    return rv;
-}
-
-SECStatus
-SECMOD_AddModule(SECMODModule *newModule) {
-    SECStatus rv;
-    SECMODModule *oldModule;
-
-    /* Test if a module w/ the same name already exists */
-    /* and return SECWouldBlock if so. */
-    /* We should probably add a new return value such as */
-    /* SECDublicateModule, but to minimize ripples, I'll */
-    /* give SECWouldBlock a new meaning */
-    if ((oldModule = SECMOD_FindModule(newModule->commonName)) != NULL) {
-	SECMOD_DestroyModule(oldModule);
-        return SECWouldBlock;
-        /* module already exists. */
-    }
-
-    rv = SECMOD_LoadPKCS11Module(newModule);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-
-    if (newModule->parent == NULL) {
-	newModule->parent = SECMOD_ReferenceModule(defaultDBModule);
-    }
-
-    SECMOD_AddPermDB(newModule);
-    SECMOD_AddModuleToList(newModule);
-
-    rv = STAN_AddModuleToDefaultTrustDomain(newModule);
-
-    return rv;
-}
-
-PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name) {
-    int i;
-    char *string;
-
-    for (i=0; i < module->slotCount; i++) {
-	PK11SlotInfo *slot = module->slots[i];
-
-	if (PK11_IsPresent(slot)) {
-	    string = PK11_GetTokenName(slot);
-	} else {
-	    string = PK11_GetSlotName(slot);
-	}
-	if (PORT_Strcmp(name,string) == 0) {
-	    return PK11_ReferenceSlot(slot);
-	}
-    }
-    return NULL;
-}
-
-SECStatus
-PK11_GetModInfo(SECMODModule *mod,CK_INFO *info) {
-    CK_RV crv;
-
-    if (mod->functionList == NULL) return SECFailure;
-    crv = PK11_GETTAB(mod)->C_GetInfo(info);
-    return (crv == CKR_OK) ? SECSuccess : SECFailure;
-}
-
-/* Determine if we have the FIP's module loaded as the default
- * module to trigger other bogus FIPS requirements in PKCS #12 and
- * SSL
- */
-PRBool
-PK11_IsFIPS(void)
-{
-    SECMODModule *mod = SECMOD_GetInternalModule();
-
-    if (mod && mod->internal) {
-	return mod->isFIPS;
-    }
-
-    return PR_FALSE;
-}
-
-/* combines NewModule() & AddModule */
-/* give a string for the module name & the full-path for the dll, */
-/* installs the PKCS11 module & update registry */
-SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
-                              unsigned long defaultMechanismFlags,
-                              unsigned long cipherEnableFlags,
-                              char* modparms,
-                              char* nssparms) {
-    SECMODModule *module;
-    SECStatus result = SECFailure;
-    int s,i;
-    PK11SlotInfo* slot;
-
-    PR_SetErrorText(0, NULL);
-
-    module = SECMOD_CreateModule(dllPath,moduleName, modparms, nssparms);
-
-    if (module == NULL) {
-	return result;
-    }
-
-    if (module->dllName != NULL) {
-        if (module->dllName[0] != 0) {
-            result = SECMOD_AddModule(module);
-            if (result == SECSuccess) {
-                /* turn on SSL cipher enable flags */
-                module->ssl[0] = cipherEnableFlags;
-
-                /* check each slot to turn on appropriate mechanisms */
-                for (s = 0; s < module->slotCount; s++) {
-                    slot = (module->slots)[s];
-                    /* for each possible mechanism */
-                    for (i=0; i < num_pk11_default_mechanisms; i++) {
-                        /* we are told to turn it on by default ? */
-                        if (PK11_DefaultArray[i].flag & defaultMechanismFlags) {                            
-                            /* it ignores if slot attribute update failes */
-                            result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_TRUE);
-                        } else { /* turn this mechanism of the slot off by default */
-                            result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_FALSE);
-                        }
-                    } /* for each mechanism */
-                    /* disable each slot if the defaultFlags say so */
-                    if (defaultMechanismFlags & PK11_DISABLE_FLAG) {
-                        PK11_UserDisableSlot(slot);
-                    }
-                } /* for each slot of this module */
-
-                /* delete and re-add module in order to save changes to the module */
-		result = SECMOD_UpdateModule(module);
-            }
-        }
-    }
-    SECMOD_DestroyModule(module);
-    return result;
-}
-
-SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
-                              unsigned long defaultMechanismFlags,
-                              unsigned long cipherEnableFlags)
-{
-    return SECMOD_AddNewModuleEx(moduleName, dllPath, defaultMechanismFlags,
-                  cipherEnableFlags, 
-                  NULL, NULL); /* don't pass module or nss params */
-}
-
-SECStatus SECMOD_UpdateModule(SECMODModule *module)
-{
-    SECStatus result;
-
-    result = SECMOD_DeletePermDB(module);
-                
-    if (result == SECSuccess) {          
-	result = SECMOD_AddPermDB(module);
-    }
-    return result;
-}
-
-/* Public & Internal(Security Library)  representation of
- * encryption mechanism flags conversion */
-
-/* Currently, the only difference is that internal representation 
- * puts RANDOM_FLAG at bit 31 (Most-significant bit), but
- * public representation puts this bit at bit 28
- */
-unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags) {
-    unsigned long internalFlags = publicFlags;
-
-    if (publicFlags & PUBLIC_MECH_RANDOM_FLAG) {
-        internalFlags &= ~PUBLIC_MECH_RANDOM_FLAG;
-        internalFlags |= SECMOD_RANDOM_FLAG;
-    }
-    return internalFlags;
-}
-
-unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags) {
-    unsigned long publicFlags = internalFlags;
-
-    if (internalFlags & SECMOD_RANDOM_FLAG) {
-        publicFlags &= ~SECMOD_RANDOM_FLAG;
-        publicFlags |= PUBLIC_MECH_RANDOM_FLAG;
-    }
-    return publicFlags;
-}
-
-
-/* Public & Internal(Security Library)  representation of */
-/* cipher flags conversion */
-/* Note: currently they are just stubs */
-unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags) {
-    return publicFlags;
-}
-
-unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags) {
-    return internalFlags;
-}
-
-/* Funtion reports true if module of modType is installed/configured */
-PRBool 
-SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags )
-{
-    PRBool result = PR_FALSE;
-    SECMODModuleList *mods = SECMOD_GetDefaultModuleList();
-    SECMOD_GetReadLock(moduleLock);
-
-
-    for ( ; mods != NULL; mods = mods->next) {
-        if (mods->module->ssl[0] & SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) {
-            result = PR_TRUE;
-        }
-    }
-
-    SECMOD_ReleaseReadLock(moduleLock);
-    return result;
-}
-
-/* create a new ModuleListElement */
-SECMODModuleList *SECMOD_NewModuleListElement(void) {
-    SECMODModuleList *newModList;
-
-    newModList= (SECMODModuleList *) PORT_Alloc(sizeof(SECMODModuleList));
-    if (newModList) {
-	newModList->next = NULL;
-	newModList->module = NULL;
-    }
-    return newModList;
-}
-/*
- * make a new reference to a module so It doesn't go away on us
- */
-SECMODModule *
-SECMOD_ReferenceModule(SECMODModule *module) {
-    PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
-    PORT_Assert(module->refCount > 0);
-
-    module->refCount++;
-    PK11_USE_THREADS(PZ_Unlock((PZLock*)module->refLock);)
-    return module;
-}
-
-
-/* destroy an existing module */
-void
-SECMOD_DestroyModule(SECMODModule *module) {
-    PRBool willfree = PR_FALSE;
-    int slotCount;
-    int i;
-
-    PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
-    if (module->refCount-- == 1) {
-	willfree = PR_TRUE;
-    }
-    PORT_Assert(willfree || (module->refCount > 0));
-    PK11_USE_THREADS(PZ_Unlock((PZLock *)module->refLock);)
-
-    if (!willfree) {
-	return;
-    }
-   
-    if (module->parent != NULL) {
-	SECMODModule *parent = module->parent;
-	/* paranoia, don't loop forever if the modules are looped */
-	module->parent = NULL;
-	SECMOD_DestroyModule(parent);
-    }
-
-    /* slots can't really disappear until our module starts freeing them,
-     * so this check is safe */
-    slotCount = module->slotCount;
-    if (slotCount == 0) {
-	SECMOD_SlotDestroyModule(module,PR_FALSE);
-	return;
-    }
-
-    /* now free all out slots, when they are done, they will cause the
-     * module to disappear altogether */
-    for (i=0 ; i < slotCount; i++) {
-	if (!module->slots[i]->disabled) {
-		PK11_ClearSlotList(module->slots[i]);
-	}
-	PK11_FreeSlot(module->slots[i]);
-    }
-    /* WARNING: once the last slot has been freed is it possible (even likely)
-     * that module is no more... touching it now is a good way to go south */
-}
-
-
-/* we can only get here if we've destroyed the module, or some one has
- * erroneously freed a slot that wasn't referenced. */
-void
-SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot) {
-    PRBool willfree = PR_FALSE;
-    if (fromSlot) {
-        PORT_Assert(module->refCount == 0);
-	PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
-	if (module->slotCount-- == 1) {
-	    willfree = PR_TRUE;
-	}
-	PORT_Assert(willfree || (module->slotCount > 0));
-	PK11_USE_THREADS(PZ_Unlock((PZLock *)module->refLock);)
-        if (!willfree) return;
-    }
-
-    if (module == pendingModule) {
-	pendingModule = NULL;
-    }
-
-    if (module->loaded) {
-	SECMOD_UnloadModule(module);
-    }
-    PK11_USE_THREADS(PZ_DestroyLock((PZLock *)module->refLock);)
-    PORT_FreeArena(module->arena,PR_FALSE);
-    secmod_PrivateModuleCount--;
-}
-
-/* destroy a list element
- * this destroys a single element, and returns the next element
- * on the chain. It makes it easy to implement for loops to delete
- * the chain. It also make deleting a single element easy */
-SECMODModuleList *
-SECMOD_DestroyModuleListElement(SECMODModuleList *element) {
-    SECMODModuleList *next = element->next;
-
-    if (element->module) {
-	SECMOD_DestroyModule(element->module);
-	element->module = NULL;
-    }
-    PORT_Free(element);
-    return next;
-}
-
-
-/*
- * Destroy an entire module list
- */
-void
-SECMOD_DestroyModuleList(SECMODModuleList *list) {
-    SECMODModuleList *lp;
-
-    for ( lp = list; lp != NULL; lp = SECMOD_DestroyModuleListElement(lp)) ;
-}
-
-PRBool
-SECMOD_CanDeleteInternalModule(void)
-{
-    return (PRBool) pendingModule == NULL;
-}
diff --git a/security/nss/lib/pk11wrap/secmod.h b/security/nss/lib/pk11wrap/secmod.h
deleted file mode 100644
index 64461a112..000000000
--- a/security/nss/lib/pk11wrap/secmod.h
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Definition of Security Module Data Structure. There is a separate data
- * structure for each loaded PKCS #11 module.
- */
-#ifndef _SECMOD_H_
-#define _SEDMOD_H_
-#include "seccomon.h"
-#include "secmodt.h"
-
-#define PKCS11_USE_THREADS
-
-/* These mechanisms flags are visible to all other libraries. */
-/* They must be converted to internal SECMOD_*_FLAG */
-/* if used inside the functions of the security library */
-#define PUBLIC_MECH_RSA_FLAG         0x00000001ul
-#define PUBLIC_MECH_DSA_FLAG         0x00000002ul
-#define PUBLIC_MECH_RC2_FLAG         0x00000004ul
-#define PUBLIC_MECH_RC4_FLAG         0x00000008ul
-#define PUBLIC_MECH_DES_FLAG         0x00000010ul
-#define PUBLIC_MECH_DH_FLAG          0x00000020ul
-#define PUBLIC_MECH_FORTEZZA_FLAG    0x00000040ul
-#define PUBLIC_MECH_RC5_FLAG         0x00000080ul
-#define PUBLIC_MECH_SHA1_FLAG        0x00000100ul
-#define PUBLIC_MECH_MD5_FLAG         0x00000200ul
-#define PUBLIC_MECH_MD2_FLAG         0x00000400ul
-#define PUBLIC_MECH_SSL_FLAG         0x00000800ul
-#define PUBLIC_MECH_TLS_FLAG         0x00001000ul
-
-#define PUBLIC_MECH_RANDOM_FLAG      0x08000000ul
-#define PUBLIC_MECH_FRIENDLY_FLAG    0x10000000ul
-#define PUBLIC_OWN_PW_DEFAULTS       0X20000000ul
-#define PUBLIC_DISABLE_FLAG          0x40000000ul
-
-/* warning: reserved means reserved */
-#define PUBLIC_MECH_RESERVED_FLAGS   0x87FFE000ul
-
-/* These cipher flags are visible to all other libraries, */
-/* But they must be converted before used in functions */
-/* withing the security module */
-#define PUBLIC_CIPHER_FORTEZZA_FLAG  0x00000001ul
-
-/* warning: reserved means reserved */
-#define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul
-
-SEC_BEGIN_PROTOS
-
-/*
- * the following functions are going to be depricated in NSS 4.0 in
- * favor of the new stan functions.
- */
-
-/* Initialization */
-extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
-							PRBool recurse);
-
-extern SECMODModule *SECMOD_LoadUserModule(char *moduleSpec,SECMODModule *parent,
-							PRBool recurse);
-
-SECStatus SECMOD_UnloadUserModule(SECMODModule *mod);
-
-SECMODModule * SECMOD_CreateModule(char *lib, char *name, char *param, 
-								char *nss);
-extern SECStatus SECMOD_Shutdown(void);
-
-
-/* Module Management */
-char **SECMOD_GetModuleSpecList(SECMODModule *module);
-SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
-
- 
-/* protoypes */
-extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
-extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
-
-extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
-
-/* lock management */
-extern SECMODListLock *SECMOD_NewListLock(void);
-extern void SECMOD_DestroyListLock(SECMODListLock *);
-extern void SECMOD_GetReadLock(SECMODListLock *);
-extern void SECMOD_ReleaseReadLock(SECMODListLock *);
-extern void SECMOD_GetWriteLock(SECMODListLock *);
-extern void SECMOD_ReleaseWriteLock(SECMODListLock *);
-
-/* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModule(char *name);
-extern SECStatus SECMOD_DeleteModule(char *name, int *type);
-extern SECStatus SECMOD_DeleteInternalModule(char *name);
-extern PRBool SECMOD_CanDeleteInternalModule(void);
-extern SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
-                              unsigned long defaultMechanismFlags,
-                              unsigned long cipherEnableFlags);
-extern SECStatus SECMOD_AddNewModuleEx(char* moduleName, char* dllPath,
-                              unsigned long defaultMechanismFlags,
-                              unsigned long cipherEnableFlags,
-                              char* modparms,
-                              char* nssparms);
-
-/* database/memory management */
-extern SECMODModule *SECMOD_GetInternalModule(void);
-extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
-extern void SECMOD_DestroyModule(SECMODModule *module);
-extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
-							unsigned long slotID);
-extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name);
-
-/* Funtion reports true if at least one of the modules */
-/* of modType has been installed */
-PRBool SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags );
-
-/* Functions used to convert between internal & public representation
- * of Mechanism Flags and Cipher Enable Flags */
-extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags);
-
-extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h
deleted file mode 100644
index 050f7de4f..000000000
--- a/security/nss/lib/pk11wrap/secmodi.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included only by files in pkcs11 dir, or in
- * pkcs11 specific client and server files.
- */
-#ifndef _SECMODI_H_
-#define _SECMODI_H_ 1
-#include "pkcs11.h"
-#include "nssilock.h"
-#include "mcom_db.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "certt.h"
-#include "secmodt.h"
-#include "secmodti.h"
-
-#ifdef PKCS11_USE_THREADS
-#define PK11_USE_THREADS(x) x
-#else
-#define PK11_USE_THREADS(x)
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* proto-types */
-extern SECStatus SECMOD_DeletePermDB(SECMODModule *module);
-extern SECStatus SECMOD_AddPermDB(SECMODModule *module);
-
-extern int secmod_PrivateModuleCount;
-
-extern void SECMOD_Init(void);
-
-/* list managment */
-extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule);
-extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule);
-extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule);
-extern void SECMOD_RemoveList(SECMODModuleList **,SECMODModuleList *);
-extern void SECMOD_AddList(SECMODModuleList *,SECMODModuleList *,SECMODListLock *);
-
-/* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID);
-
-/* database/memory management */
-extern SECMODModuleList *SECMOD_NewModuleListElement(void);
-extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
-extern void SECMOD_DestroyModuleList(SECMODModuleList *);
-extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
-SECStatus SECMOD_DeleteModuleEx(char * name, SECMODModule *mod, int *type, PRBool permdb);
-
-extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
-
-/* Library functions */
-SECStatus SECMOD_LoadPKCS11Module(SECMODModule *);
-SECStatus SECMOD_UnloadModule(SECMODModule *);
-void SECMOD_SetInternalModule(SECMODModule *);
-
-void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot);
-CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
-                                                         CK_VOID_PTR pdata);
-void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib);
-CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot,
-					CK_ATTRIBUTE *inTemplate,int tsize);
-CK_OBJECT_HANDLE *pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
-			CK_ATTRIBUTE *inTemplate,int tsize, int *objCount);
-SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo *slot,
-				 PK11DefaultArrayEntry *entry, PRBool add);
-
-#define PK11_GETTAB(x) ((CK_FUNCTION_LIST_PTR)((x)->functionList))
-#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
-		(x)->pValue=(v); (x)->ulValueLen = (l);
-SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
-                               CK_ATTRIBUTE *theTemplate, int count,
-                                PRBool token, CK_OBJECT_HANDLE *objectID);
-
-SECStatus pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech);
-SECStatus PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, 
-				PRArenaPool *arena, SECAlgorithmID *algId);
-SEC_END_PROTOS
-
-#endif
-
diff --git a/security/nss/lib/pk11wrap/secmodt.h b/security/nss/lib/pk11wrap/secmodt.h
deleted file mode 100644
index b83f57d63..000000000
--- a/security/nss/lib/pk11wrap/secmodt.h
+++ /dev/null
@@ -1,248 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Definition of Security Module Data Structure. There is a separate data
- * structure for each loaded PKCS #11 module.
- */
-#ifndef _SECMODT_H_
-#define _SECMODT_H_ 1
-
-#include "secoid.h"
-#include "secasn1.h"
-
-/* find a better home for these... */
-extern const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
-extern const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PrivateKeyInfoTemplate;
-extern const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
-
-/* PKCS11 needs to be included */
-typedef struct SECMODModuleStr SECMODModule;
-typedef struct SECMODModuleListStr SECMODModuleList;
-typedef struct SECMODListLockStr SECMODListLock; /* defined in secmodi.h */
-typedef struct PK11SlotInfoStr PK11SlotInfo; /* defined in secmodti.h */
-typedef struct PK11PreSlotInfoStr PK11PreSlotInfo; /* defined in secmodti.h */
-typedef struct PK11SymKeyStr PK11SymKey; /* defined in secmodti.h */
-typedef struct PK11ContextStr PK11Context; /* defined in secmodti.h */
-typedef struct PK11SlotListStr PK11SlotList;
-typedef struct PK11SlotListElementStr PK11SlotListElement;
-typedef struct PK11RSAGenParamsStr PK11RSAGenParams;
-typedef unsigned long SECMODModuleID;
-typedef struct PK11DefaultArrayEntryStr PK11DefaultArrayEntry;
-
-struct SECMODModuleStr {
-    PRArenaPool	*arena;
-    PRBool	internal;	/* true of internally linked modules, false
-				 * for the loaded modules */
-    PRBool	loaded;		/* Set to true if module has been loaded */
-    PRBool	isFIPS;		/* Set to true if module is finst internal */
-    char	*dllName;	/* name of the shared library which implements
-				 * this module */
-    char	*commonName;	/* name of the module to display to the user */
-    void	*library;	/* pointer to the library. opaque. used only by
-				 * pk11load.c */
-    void	*functionList; /* The PKCS #11 function table */
-    void	*refLock;	/* only used pk11db.c */
-    int		refCount;	/* Module reference count */
-    PK11SlotInfo **slots;	/* array of slot points attatched to this mod*/
-    int		slotCount;	/* count of slot in above array */
-    PK11PreSlotInfo *slotInfo;	/* special info about slots default settings */
-    int		slotInfoCount;  /* count */
-    SECMODModuleID moduleID;	/* ID so we can find this module again */
-    PRBool	isThreadSafe;
-    unsigned long ssl[2];	/* SSL cipher enable flags */
-    char	*libraryParams;  /* Module specific parameters */
-    void *moduleDBFunc; /* function to return module configuration data*/
-    SECMODModule *parent;	/* module that loaded us */
-    PRBool	isCritical;	/* This module must load successfully */
-    PRBool	isModuleDB;	/* this module has lists of PKCS #11 modules */
-    PRBool	moduleDBOnly;	/* this module only has lists of PKCS #11 modules */
-    int		trustOrder;	/* order for this module's certificate trust rollup */
-    int		cipherOrder;	/* order for cipher operations */
-};
-
-struct SECMODModuleListStr {
-    SECMODModuleList	*next;
-    SECMODModule	*module;
-};
-
-struct PK11SlotListStr {
-    PK11SlotListElement *head;
-    PK11SlotListElement *tail;
-    void *lock;
-};
-
-struct PK11SlotListElementStr {
-    PK11SlotListElement *next;
-    PK11SlotListElement *prev;
-    PK11SlotInfo *slot;
-    int refCount;
-};
-
-struct PK11RSAGenParamsStr {
-    int keySizeInBits;
-    unsigned long pe;
-};
-
-typedef enum {
-     PK11CertListUnique = 0,
-     PK11CertListUser = 1,
-     PK11CertListRootUnique = 2,
-     PK11CertListCA = 3
-} PK11CertListType;
-
-/*
- * Entry into the Array which lists all the legal bits for the default flags
- * in the slot, their definition, and the PKCS #11 mechanism the represent
- * Always Statically allocated. 
- */
-struct PK11DefaultArrayEntryStr {
-    char *name;
-    unsigned long flag;
-    unsigned long mechanism; /* this is a long so we don't include the 
-			      * whole pkcs 11 world to use this header */
-};
-
-
-#define SECMOD_RSA_FLAG 	0x00000001L
-#define SECMOD_DSA_FLAG 	0x00000002L
-#define SECMOD_RC2_FLAG 	0x00000004L
-#define SECMOD_RC4_FLAG 	0x00000008L
-#define SECMOD_DES_FLAG 	0x00000010L
-#define SECMOD_DH_FLAG	 	0x00000020L
-#define SECMOD_FORTEZZA_FLAG	0x00000040L
-#define SECMOD_RC5_FLAG		0x00000080L
-#define SECMOD_SHA1_FLAG	0x00000100L
-#define SECMOD_MD5_FLAG		0x00000200L
-#define SECMOD_MD2_FLAG		0x00000400L
-#define SECMOD_SSL_FLAG		0x00000800L
-#define SECMOD_TLS_FLAG		0x00001000L
-#define SECMOD_AES_FLAG 	0x00002000L
-/* reserved bit for future, do not use */
-#define SECMOD_RESERVED_FLAG    0X08000000L
-#define SECMOD_FRIENDLY_FLAG	0x10000000L
-#define SECMOD_RANDOM_FLAG	0x80000000L
-
-/* need to make SECMOD and PK11 prefixes consistant. */
-#define PK11_OWN_PW_DEFAULTS 0x20000000L
-#define PK11_DISABLE_FLAG    0x40000000L
-
-/* FAKE PKCS #11 defines */
-#define CKM_FAKE_RANDOM       0x80000efeL
-#define CKM_INVALID_MECHANISM 0xffffffffL
-#define CKA_DIGEST            0x81000000L
-
-/* Cryptographic module types */
-#define SECMOD_EXTERNAL	0	/* external module */
-#define SECMOD_INTERNAL 1	/* internal default module */
-#define SECMOD_FIPS	2	/* internal fips module */
-
-/* default module configuration strings */
-#define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES]"
-
-#define SECMOD_MAKE_NSS_FLAGS(fips,slot) \
-"Flags=internal,critical"fips" slotparams=("#slot"={"SECMOD_SLOT_FLAGS"})"
-
-#define SECMOD_INT_NAME "NSS Internal PKCS #11 Module"
-#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1)
-#define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module"
-#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips",3)
-
-
-/*
- * What is the origin of a given Key. Normally this doesn't matter, but
- * the fortezza code needs to know if it needs to invoke the SSL3 fortezza
- * hack.
- */
-typedef enum {
-    PK11_OriginNULL = 0,	/* There is not key, it's a null SymKey */
-    PK11_OriginDerive = 1,	/* Key was derived from some other key */
-    PK11_OriginGenerated = 2,	/* Key was generated (also PBE keys) */
-    PK11_OriginFortezzaHack = 3,/* Key was marked for fortezza hack */
-    PK11_OriginUnwrap = 4	/* Key was unwrapped or decrypted */
-} PK11Origin;
-
-/* PKCS #11 disable reasons */
-typedef enum {
-    PK11_DIS_NONE = 0,
-    PK11_DIS_USER_SELECTED = 1,
-    PK11_DIS_COULD_NOT_INIT_TOKEN = 2,
-    PK11_DIS_TOKEN_VERIFY_FAILED = 3,
-    PK11_DIS_TOKEN_NOT_PRESENT = 4
-} PK11DisableReasons;
-
-/* function pointer type for password callback function.
- * This type is passed in to PK11_SetPasswordFunc() 
- */
-typedef char *(PR_CALLBACK *PK11PasswordFunc)(PK11SlotInfo *slot, PRBool retry, void *arg);
-typedef PRBool (PR_CALLBACK *PK11VerifyPasswordFunc)(PK11SlotInfo *slot, void *arg);
-typedef PRBool (PR_CALLBACK *PK11IsLoggedInFunc)(PK11SlotInfo *slot, void *arg);
-
-/*
- * PKCS #11 key structures
- */
-
-/*
-** Attributes
-*/
-struct SECKEYAttributeStr {
-    SECItem attrType;
-    SECItem **attrValue;
-};
-typedef struct SECKEYAttributeStr SECKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct SECKEYPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECItem version;
-    SECAlgorithmID algorithm;
-    SECItem privateKey;
-    SECKEYAttribute **attributes;
-};
-typedef struct SECKEYPrivateKeyInfoStr SECKEYPrivateKeyInfo;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct SECKEYEncryptedPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECAlgorithmID algorithm;
-    SECItem encryptedData;
-};
-typedef struct SECKEYEncryptedPrivateKeyInfoStr SECKEYEncryptedPrivateKeyInfo;
-
-#endif /*_SECMODT_H_ */
diff --git a/security/nss/lib/pk11wrap/secmodti.h b/security/nss/lib/pk11wrap/secmodti.h
deleted file mode 100644
index 232b58c7a..000000000
--- a/security/nss/lib/pk11wrap/secmodti.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included only by files in pkcs11 dir, or in
- * pkcs11 specific client and server files.
- */
-
-#ifndef  _SECMODTI_H_
-#define  _SECMODTI_H_ 1
-#include "prmon.h"
-#include "prtypes.h"
-#include "nssilckt.h"
-#include "pk11init.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nssdevt.h"
-
-/* internal data structures */
-
-/* structure to allow us to implement the read/write locks for our
- * module lists  */
-struct SECMODListLockStr {
-    PZLock	*mutex;	    /*general mutex to protect this data structure*/
-    PZMonitor	*monitor;   /* monitor to allow us to signal */
-    int		state;	    /* read/write/waiting state */
-    int		count;	    /* how many waiters on this lock */
-};
-
-/* represent a pkcs#11 slot reference counted. */
-struct PK11SlotInfoStr {
-    /* the PKCS11 function list for this slot */
-    void *functionList;
-    SECMODModule *module; /* our parent module */
-    /* Boolean to indicate the current state of this slot */
-    PRBool needTest;	/* Has this slot been tested for Export complience */
-    PRBool isPerm;	/* is this slot a permanment device */
-    PRBool isHW;	/* is this slot a hardware device */
-    PRBool isInternal;  /* is this slot one of our internal PKCS #11 devices */
-    PRBool disabled;	/* is this slot disabled... */
-    PK11DisableReasons reason; 	/* Why this slot is disabled */
-    PRBool readOnly;	/* is the token in this slot read-only */
-    PRBool needLogin;	/* does the token of the type that needs 
-			 * authentication (still true even if token is logged 
-			 * in) */
-    PRBool hasRandom;   /* can this token generated random numbers */
-    PRBool defRWSession; /* is the default session RW (we open our default 
-			  * session rw if the token can only handle one session
-			  * at a time. */
-    PRBool isThreadSafe; /* copied from the module */
-    /* The actual flags (many of which are distilled into the above PRBools) */
-    CK_FLAGS flags;      /* flags from PKCS #11 token Info */
-    /* a default session handle to do quick and dirty functions */
-    CK_SESSION_HANDLE session; 
-    PZLock *sessionLock; /* lock for this session */
-    /* our ID */
-    CK_SLOT_ID slotID;
-    /* persistant flags saved from startup to startup */
-    unsigned long defaultFlags;
-    /* keep track of who is using us so we don't accidently get freed while
-     * still in use */
-    int refCount;
-    PZLock *refLock;
-    PZLock *freeListLock;
-    PK11SymKey *freeSymKeysHead;
-    int keyCount;
-    int maxKeyCount;
-    /* Password control functions for this slot. many of these are only
-     * active if the appropriate flag is on in defaultFlags */
-    int askpw;		/* what our password options are */
-    int timeout;	/* If we're ask_timeout, what is our timeout time is 
-			 * seconds */
-    int authTransact;   /* allow multiple authentications off one password if
-		         * they are all part of the same transaction */
-    int64 authTime;     /* when were we last authenticated */
-    int minPassword;	/* smallest legal password */
-    int maxPassword;	/* largest legal password */
-    uint16 series;	/* break up the slot info into various groups of 
-			 * inserted tokens so that keys and certs can be
-			 * invalidated */
-    uint16 wrapKey;	/* current wrapping key for SSL master secrets */
-    CK_MECHANISM_TYPE wrapMechanism;
-			/* current wrapping mechanism for current wrapKey */
-    CK_OBJECT_HANDLE refKeys[1]; /* array of existing wrapping keys for */
-    CK_MECHANISM_TYPE *mechanismList; /* list of mechanism supported by this
-				       * token */
-    int mechanismCount;
-    /* cache the certificates stored on the token of this slot */
-    CERTCertificate **cert_array;
-    int array_size;
-    int cert_count;
-    char serial[16];
-    /* since these are odd sizes, keep them last. They are odd sizes to 
-     * allow them to become null terminated strings */
-    char slot_name[65];
-    char token_name[33];
-    PRBool hasRootCerts;
-    PRBool hasRootTrust;
-    PRBool hasRSAInfo;
-    CK_FLAGS RSAInfoFlags;
-    PRBool protectedAuthPath;
-    PRBool isActiveCard;
-    /* for Stan */
-    NSSToken *nssToken;
-};
-
-/* Symetric Key structure. Reference Counted */
-struct PK11SymKeyStr {
-    CK_MECHANISM_TYPE type;	/* type of operation this key was created for*/
-    CK_OBJECT_HANDLE  objectID; /* object id of this key in the slot */
-    PK11SlotInfo      *slot;    /* Slot this key is loaded into */
-    void	      *cx;	/* window context in case we need to loggin */
-    PK11SymKey		*next;
-    PRBool	owner;
-    SECItem	data;		/* raw key data if available */
-    CK_SESSION_HANDLE session;
-    PRBool	sessionOwner;
-    PRInt32	refCount;	/* number of references to this key */
-    int		size;		/* key size in bytes */
-    PK11Origin	origin;		/* where this key came from 
-						(see def in secmodt.h) */
-    uint16 series;		/* break up the slot info into various groups of 
-			 * inserted tokens so that keys and certs can be
-			 * invalidated */
-};
-
-
-/*
- * hold a hash, encryption or signing context for multi-part operations.
- * hold enough information so that multiple contexts can be interleaved
- * if necessary. ... Not RefCounted.
- */
-struct PK11ContextStr {
-    CK_ATTRIBUTE_TYPE	operation; /* type of operation this context is doing
-				    * (CKA_ENCRYPT, CKA_SIGN, CKA_HASH, etc. */
-    PK11SymKey  	*key;	   /* symetric key used in this context */
-    PK11SlotInfo	*slot;	   /* slot this context is operationing on */
-    CK_SESSION_HANDLE	session;   /* session this context is using */
-    PZLock		*sessionLock; /* lock before accessing a PKCS #11 
-				       * session */
-    PRBool		ownSession;/* do we own the session? */
-    void 		*cx;	   /* window context in case we need to loggin*/
-    void		*savedData;/* save data when we are multiplexing on a
-				    * single context */
-    unsigned long	savedLength; /* length of the saved context */
-    SECItem		*param;	    /* mechanism parameters used to build this
-								context */
-    PRBool		init;	    /* has this contexted been initialized */
-    CK_MECHANISM_TYPE	type;	    /* what is the PKCS #11 this context is
-				     * representing (usually what algorithm is
-				     * being used (CKM_RSA_PKCS, CKM_DES,
-				     * CKM_SHA, etc.*/
-    PRBool		fortezzaHack; /*Fortezza SSL has some special
-				       * non-standard semantics*/
-};
-
-#endif /* _SECMODTI_H_ */
diff --git a/security/nss/lib/pk11wrap/secpkcs5.h b/security/nss/lib/pk11wrap/secpkcs5.h
deleted file mode 100644
index 1ace06c10..000000000
--- a/security/nss/lib/pk11wrap/secpkcs5.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- */
-#ifndef _SECPKS5_H_
-#define _SECPKCS5_H_
-#include "seccomon.h"
-#include "secmodt.h"
-
-/* used for V2 PKCS 12 Draft Spec */
-typedef enum {
-    pbeBitGenIDNull = 0,
-    pbeBitGenCipherKey = 0x01,
-    pbeBitGenCipherIV = 0x02,
-    pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef struct PBEBitGenContextStr PBEBitGenContext;
-
-SEC_BEGIN_PROTOS
-
-SECAlgorithmID *
-SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm, SECItem *salt, int iteration);
-
-/* Get the initialization vector.  The password is passed in, hashing
- * is performed, and the initialization vector is returned.
- *  algid is a pointer to a PBE algorithm ID
- *  pwitem is the password
- * If an error occurs or the algorithm id is not a PBE algrithm,
- * NULL is returned.  Otherwise, the iv is returned in a secitem.
- */
-SECItem *
-SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES);
-
-SECOidTag SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid);
-PRBool SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid);
-SECOidTag SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen);
-int SEC_PKCS5GetKeyLength(SECAlgorithmID *algid);
-
-SEC_END_PROTOS
-
-#endif /* _SECPKS5_H_ */
diff --git a/security/nss/lib/pkcs12/Makefile b/security/nss/lib/pkcs12/Makefile
deleted file mode 100644
index 5742208b5..000000000
--- a/security/nss/lib/pkcs12/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/pkcs12/config.mk b/security/nss/lib/pkcs12/config.mk
deleted file mode 100644
index 3b647d954..000000000
--- a/security/nss/lib/pkcs12/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/pkcs12/manifest.mn b/security/nss/lib/pkcs12/manifest.mn
deleted file mode 100644
index c8b4981d3..000000000
--- a/security/nss/lib/pkcs12/manifest.mn
+++ /dev/null
@@ -1,58 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-# 
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	pkcs12t.h \
-	pkcs12.h \
-	p12plcy.h \
-	p12.h \
-	p12t.h \
-	$(NULL)
-
-MODULE = security
-
-CSRCS = \
-	p12local.c \
-	p12creat.c \
-	p12dec.c \
-	p12plcy.c \
-	p12tmpl.c \
-	p12e.c \
-	p12d.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = pkcs12
diff --git a/security/nss/lib/pkcs12/p12.h b/security/nss/lib/pkcs12/p12.h
deleted file mode 100644
index 14a8dd385..000000000
--- a/security/nss/lib/pkcs12/p12.h
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _P12_H_
-#define _P12_H_
-
-#include "secoid.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "p12t.h"
-
-typedef int (PR_CALLBACK * PKCS12OpenFunction)(void *arg);
-typedef int (PR_CALLBACK * PKCS12ReadFunction)(void *arg,
-                                               unsigned char *buffer, 
-                                               unsigned int *lenRead,
-                                               unsigned int maxLen);
-typedef int (PR_CALLBACK * PKCS12WriteFunction)(void *arg,
-                                                unsigned char *buffer, 
-                                                unsigned int *bufLen,
-                                                unsigned int *lenWritten);
-typedef int (PR_CALLBACK * PKCS12CloseFunction)(void *arg);
-typedef SECStatus (PR_CALLBACK * PKCS12UnicodeConvertFunction)(
-                                 PRArenaPool *arena,
-                                 SECItem *dest, SECItem *src,
-                                 PRBool toUnicode,
-                                 PRBool swapBytes);
-typedef void (PR_CALLBACK * SEC_PKCS12EncoderOutputCallback)(
-                            void *arg, const char *buf,
-                            unsigned long len);
-typedef void (PR_CALLBACK * SEC_PKCS12DecoderOutputCallback)(
-                            void *arg, const char *buf,
-                            unsigned long len);
-typedef SECItem * (PR_CALLBACK * SEC_PKCS12NicknameCollisionCallback)(
-                                 SECItem *old_nickname,
-                                 PRBool *cancel,
-                                 void *arg);
-
-
-
-
-typedef SECStatus (PR_CALLBACK *digestOpenFn)(void *arg, PRBool readData);
-typedef SECStatus (PR_CALLBACK *digestCloseFn)(void *arg, PRBool removeFile);
-typedef int (PR_CALLBACK *digestIOFn)(void *arg, unsigned char *buf, 
-                                      unsigned long len);
-
-typedef struct SEC_PKCS12ExportContextStr SEC_PKCS12ExportContext;
-typedef struct SEC_PKCS12SafeInfoStr SEC_PKCS12SafeInfo;
-typedef struct SEC_PKCS12DecoderContextStr SEC_PKCS12DecoderContext;
-
-struct sec_PKCS12PasswordModeInfo {
-    SECItem	*password;
-    SECOidTag	algorithm;
-};
-
-struct sec_PKCS12PublicKeyModeInfo {
-    CERTCertificate	*cert;
-    CERTCertDBHandle *certDb;
-    SECOidTag	algorithm;
-    int keySize;
-};
-
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
-				    CERTCertDBHandle *certDb,
-				    CERTCertificate *signer,
-				    CERTCertificate **recipients,
-				    SECOidTag algorithm, int keysize);
-
-extern SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt, 
-				 SECItem *pwitem, SECOidTag privAlg);
-
-extern SEC_PKCS12SafeInfo *
-SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt);
-
-extern SECStatus
-SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
-			       SECItem *pwitem, SECOidTag integAlg);
-extern SECStatus
-SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
-				CERTCertificate *cert, CERTCertDBHandle *certDb,
-				SECOidTag algorithm, int keySize);
-
-extern SEC_PKCS12ExportContext *
-SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,  
-			      PK11SlotInfo *slot, void *wincx);
-
-extern SECStatus
-SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, 
-		  SEC_PKCS12SafeInfo *safe, void *nestedDest,
-		  CERTCertificate *cert, CERTCertDBHandle *certDb,
-		  SECItem *keyId, PRBool includeCertChain);
-
-extern SECStatus
-SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, 
-			SEC_PKCS12SafeInfo *safe, 
-			void *nestedDest, CERTCertificate *cert,
-			PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
-			SECItem *keyId, SECItem *nickName);
-
-extern SECStatus
-SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt, 
-			void *certSafe, void *certNestedDest, 
-			CERTCertificate *cert, CERTCertDBHandle *certDb,
-			void *keySafe, void *keyNestedDest, 
-			PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm);
-
-extern SECStatus
-SEC_PKCS12AddDERCertAndEncryptedKey(SEC_PKCS12ExportContext *p12ctxt, 
-			void *certSafe, void *certNestedDest, SECItem *derCert,
-			void *keySafe, void *keyNestedDest, 
-			SECKEYEncryptedPrivateKeyInfo *epki, char *nickname);
-
-extern void *
-SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
-				   void *baseSafe, void *nestedDest);
-
-extern SECStatus
-SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp, 
-		 SEC_PKCS12EncoderOutputCallback output, void *outputarg);
-
-extern void
-SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12exp);
-
-extern SEC_PKCS12DecoderContext *
-SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
-		       digestOpenFn dOpen, digestCloseFn dClose,
-		       digestIOFn dRead, digestIOFn dWrite, void *dArg);
-
-extern SECStatus
-SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx, unsigned char *data,
-			unsigned long len);
-
-extern void
-SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx);
-
-extern SECStatus
-SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx);
-
-extern SECStatus
-SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
-			      SEC_PKCS12NicknameCollisionCallback nicknameCb);
-
-extern SECStatus
-SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx);
-
-CERTCertList *
-SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx);
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12creat.c b/security/nss/lib/pkcs12/p12creat.c
deleted file mode 100644
index 65678b299..000000000
--- a/security/nss/lib/pkcs12/p12creat.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs12.h"
-#include "secitem.h"
-#include "secport.h"
-#include "secder.h"
-#include "secoid.h"
-#include "p12local.h"
-#include "secerr.h"
-
-
-/* allocate space for a PFX structure and set up initial
- * arena pool.  pfx structure is cleared and a pointer to
- * the new structure is returned.
- */
-SEC_PKCS12PFXItem *
-sec_pkcs12_new_pfx(void)
-{
-    SEC_PKCS12PFXItem   *pfx = NULL;
-    PRArenaPool     *poolp = NULL;
-
-    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);	/* XXX Different size? */
-    if(poolp == NULL)
-	goto loser;
-
-    pfx = (SEC_PKCS12PFXItem *)PORT_ArenaZAlloc(poolp, 
-	sizeof(SEC_PKCS12PFXItem));
-    if(pfx == NULL)
-	goto loser;
-    pfx->poolp = poolp;
-
-    return pfx;
-
-loser:
-    PORT_FreeArena(poolp, PR_TRUE);
-    return NULL;
-}
-
-/* allocate space for a PFX structure and set up initial
- * arena pool.  pfx structure is cleared and a pointer to
- * the new structure is returned.
- */
-SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_new_asafe(PRArenaPool *poolp)
-{
-    SEC_PKCS12AuthenticatedSafe  *asafe = NULL;
-    void *mark;
-
-    mark = PORT_ArenaMark(poolp);
-    asafe = (SEC_PKCS12AuthenticatedSafe *)PORT_ArenaZAlloc(poolp, 
-	sizeof(SEC_PKCS12AuthenticatedSafe));
-    if(asafe == NULL)
-	goto loser;
-    asafe->poolp = poolp;
-    PORT_Memset(&asafe->old_baggage, 0, sizeof(SEC_PKCS7ContentInfo));
-
-    PORT_ArenaUnmark(poolp, mark);
-    return asafe;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-/* create a safe contents structure with a list of
- * length 0 with the first element being NULL 
- */
-SEC_PKCS12SafeContents *
-sec_pkcs12_create_safe_contents(PRArenaPool *poolp)
-{
-    SEC_PKCS12SafeContents *safe;
-    void *mark;
-
-    if(poolp == NULL)
-	return NULL;
-
-    /* allocate structure */
-    mark = PORT_ArenaMark(poolp);
-    safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(poolp, 
-	sizeof(SEC_PKCS12SafeContents));
-    if(safe == NULL)
-    {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_ArenaRelease(poolp, mark);
-	return NULL;
-    }
-
-    /* init list */
-    safe->contents = (SEC_PKCS12SafeBag**)PORT_ArenaZAlloc(poolp, 
-						  sizeof(SEC_PKCS12SafeBag *));
-    if(safe->contents == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_ArenaRelease(poolp, mark);
-	return NULL;
-    }
-    safe->contents[0] = NULL;
-    safe->poolp       = poolp;
-    safe->safe_size   = 0;
-    PORT_ArenaUnmark(poolp, mark);
-    return safe;
-}
-
-/* create a new external bag which is appended onto the list
- * of bags in baggage.  the bag is created in the same arena
- * as baggage
- */
-SEC_PKCS12BaggageItem *
-sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage)
-{
-    void *dummy, *mark;
-    SEC_PKCS12BaggageItem *bag;
-
-    if(luggage == NULL) {
-	return NULL;
-    }
-
-    mark = PORT_ArenaMark(luggage->poolp);
-
-    /* allocate space for null terminated bag list */
-    if(luggage->bags == NULL) {
-	luggage->bags=(SEC_PKCS12BaggageItem**)PORT_ArenaZAlloc(luggage->poolp, 
-					sizeof(SEC_PKCS12BaggageItem *));
-	if(luggage->bags == NULL) {
-	    goto loser;
-	}
-	luggage->luggage_size = 0;
-    }
-
-    /* grow the list */    
-    dummy = PORT_ArenaGrow(luggage->poolp, luggage->bags,
-    			sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 1),
-    			sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 2));
-    if(dummy == NULL) {
-	goto loser;
-    }
-    luggage->bags = (SEC_PKCS12BaggageItem**)dummy;
-
-    luggage->bags[luggage->luggage_size] = 
-    		(SEC_PKCS12BaggageItem *)PORT_ArenaZAlloc(luggage->poolp,
-    							sizeof(SEC_PKCS12BaggageItem));
-    if(luggage->bags[luggage->luggage_size] == NULL) {
-	goto loser;
-    }
-
-    /* create new bag and append it to the end */
-    bag = luggage->bags[luggage->luggage_size];
-    bag->espvks = (SEC_PKCS12ESPVKItem **)PORT_ArenaZAlloc(
-    						luggage->poolp,
-    						sizeof(SEC_PKCS12ESPVKItem *));
-    bag->unencSecrets = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(
-    						luggage->poolp,
-    						sizeof(SEC_PKCS12SafeBag *));
-    if((bag->espvks == NULL) || (bag->unencSecrets == NULL)) {
-	goto loser;
-    }
-
-    bag->poolp = luggage->poolp;
-    luggage->luggage_size++;
-    luggage->bags[luggage->luggage_size] = NULL;
-    bag->espvks[0] = NULL;
-    bag->unencSecrets[0] = NULL;
-    bag->nEspvks = bag->nSecrets = 0;
-
-    PORT_ArenaUnmark(luggage->poolp, mark);
-    return bag;
-
-loser:
-    PORT_ArenaRelease(luggage->poolp, mark);
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    return NULL;
-}
-
-/* creates a baggage witha NULL terminated 0 length list */
-SEC_PKCS12Baggage *
-sec_pkcs12_create_baggage(PRArenaPool *poolp)
-{
-    SEC_PKCS12Baggage *luggage;
-    void *mark;
-
-    if(poolp == NULL)
-	return NULL;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* allocate bag */
-    luggage = (SEC_PKCS12Baggage *)PORT_ArenaZAlloc(poolp, 
-	sizeof(SEC_PKCS12Baggage));
-    if(luggage == NULL)
-    {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_ArenaRelease(poolp, mark);
-	return NULL;
-    }
-
-    /* init list */
-    luggage->bags = (SEC_PKCS12BaggageItem **)PORT_ArenaZAlloc(poolp,
-    					sizeof(SEC_PKCS12BaggageItem *));
-    if(luggage->bags == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_ArenaRelease(poolp, mark);
-	return NULL;
-    }
-
-    luggage->bags[0] = NULL;
-    luggage->luggage_size = 0;
-    luggage->poolp = poolp;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return luggage;
-}
-
-/* free pfx structure and associated items in the arena */
-void 
-SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx)
-{
-    if (pfx != NULL && pfx->poolp != NULL)
-    {
-	PORT_FreeArena(pfx->poolp, PR_TRUE);
-    }
-}
diff --git a/security/nss/lib/pkcs12/p12d.c b/security/nss/lib/pkcs12/p12d.c
deleted file mode 100644
index ca5017cc5..000000000
--- a/security/nss/lib/pkcs12/p12d.c
+++ /dev/null
@@ -1,3263 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "nssrenam.h"
-#include "p12t.h"
-#include "p12.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12plcy.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "secder.h"
-#include "secport.h"
-
-#include "certdb.h"
-
-#include "prcpucfg.h"
-
-typedef struct sec_PKCS12SafeContentsContextStr sec_PKCS12SafeContentsContext;
-
-/* Opaque structure for decoding SafeContents.  These are used
- * for each authenticated safe as well as any nested safe contents.
- */
-struct sec_PKCS12SafeContentsContextStr {
-    /* the parent decoder context */
-    SEC_PKCS12DecoderContext *p12dcx;
-
-    /* memory arena to allocate space from */
-    PRArenaPool *arena;
-
-    /* decoder context and destination for decoding safe contents */
-    SEC_ASN1DecoderContext *safeContentsDcx;
-    sec_PKCS12SafeContents safeContents;
-
-    /* information for decoding safe bags within the safe contents.
-     * these variables are updated for each safe bag decoded.
-     */
-    SEC_ASN1DecoderContext *currentSafeBagDcx;
-    sec_PKCS12SafeBag *currentSafeBag;
-    PRBool skipCurrentSafeBag;
-
-    /* if the safe contents is nested, the parent is pointed to here. */
-    sec_PKCS12SafeContentsContext *nestedCtx;
-};
-
-/* opaque decoder context structure.  information for decoding a pkcs 12
- * PDU are stored here as well as decoding pointers for intermediary 
- * structures which are part of the PKCS 12 PDU.  Upon a successful
- * decode, the safe bags containing certificates and keys encountered.
- */  
-struct SEC_PKCS12DecoderContextStr {
-    PRArenaPool *arena;
-    PK11SlotInfo *slot;
-    void *wincx;
-    PRBool error;
-    int errorValue;
-
-    /* password */
-    SECItem *pwitem;
-
-    /* used for decoding the PFX structure */
-    SEC_ASN1DecoderContext *pfxDcx;
-    sec_PKCS12PFXItem pfx;
-
-    /* safe bags found during decoding */  
-    sec_PKCS12SafeBag **safeBags;
-    unsigned int safeBagCount;
-
-    /* state variables for decoding authenticated safes. */
-    SEC_PKCS7DecoderContext *currentASafeP7Dcx;
-    SEC_PKCS5KeyAndPassword *currentASafeKeyPwd;
-    SEC_ASN1DecoderContext *aSafeDcx;
-    SEC_PKCS7DecoderContext *aSafeP7Dcx;
-    sec_PKCS12AuthenticatedSafe authSafe;
-    SEC_PKCS7ContentInfo *aSafeCinfo;
-    sec_PKCS12SafeContents safeContents;
-
-    /* safe contents info */
-    unsigned int safeContentsCnt;
-    sec_PKCS12SafeContentsContext **safeContentsList;
-
-    /* HMAC info */
-    sec_PKCS12MacData	macData;
-    SEC_ASN1DecoderContext *hmacDcx;
-
-    /* routines for reading back the data to be hmac'd */
-    digestOpenFn dOpen;
-    digestCloseFn dClose;
-    digestIOFn dRead, dWrite;
-    void *dArg;
-
-    /* helper functions */
-    SECKEYGetPasswordKey pwfn;
-    void *pwfnarg;
-    PRBool swapUnicodeBytes;
-
-    /* import information */
-    PRBool bagsVerified;
-
-    /* buffer management for the default callbacks implementation */
-    void        *buffer;      /* storage area */
-    PRInt32     filesize;     /* actual data size */
-    PRInt32     allocated;    /* total buffer size allocated */
-    PRInt32     currentpos;   /* position counter */
-};
-
-
-/* make sure that the PFX version being decoded is a version
- * which we support.
- */
-static PRBool
-sec_pkcs12_proper_version(sec_PKCS12PFXItem *pfx)
-{
-    /* if no version, assume it is not supported */
-    if(pfx->version.len == 0) {
-	return PR_FALSE;
-    }
-
-    if(DER_GetInteger(&pfx->version) > SEC_PKCS12_VERSION) {
-	return PR_FALSE;
-    }
-
-    return PR_TRUE;
-}
-
-/* retrieve the key for decrypting the safe contents */ 
-static PK11SymKey *
-sec_pkcs12_decoder_get_decrypt_key(void *arg, SECAlgorithmID *algid)
-{
-    SEC_PKCS5KeyAndPassword *keyPwd = 
-        (SEC_PKCS5KeyAndPassword *)arg;
-
-    if(!keyPwd) {
-	return NULL;
-    }
-
-    /* if no slot specified, use the internal key slot */
-    if(!keyPwd->slot) {
-	keyPwd->slot = PK11_GetInternalKeySlot();
-    }
-
-    /* retrieve the key */
-    if(!keyPwd->key) {
-	keyPwd->key = PK11_PBEKeyGen(keyPwd->slot, algid, 
-				     keyPwd->pwitem, PR_FALSE, keyPwd->wincx);
-    }
-
-    return (PK11SymKey *)keyPwd;
-}
-
-/* XXX this needs to be modified to handle enveloped data.  most
- * likely, it should mirror the routines for SMIME in that regard.
- */
-static PRBool
-sec_pkcs12_decoder_decryption_allowed(SECAlgorithmID *algid, 
-				      PK11SymKey *bulkkey)
-{
-    PRBool decryptionAllowed = SEC_PKCS12DecryptionAllowed(algid);
-
-    if(!decryptionAllowed) {
-	return PR_FALSE;
-    }
-
-    return PR_TRUE;
-}
-
-/* when we encounter a new safe bag during the decoding, we need
- * to allocate space for the bag to be decoded to and set the 
- * state variables appropriately.  all of the safe bags are allocated
- * in a buffer in the outer SEC_PKCS12DecoderContext, however,
- * a pointer to the safeBag is also used in the sec_PKCS12SafeContentsContext
- * for the current bag.
- */
-static SECStatus
-sec_pkcs12_decoder_init_new_safe_bag(sec_PKCS12SafeContentsContext 
-						*safeContentsCtx)
-{
-    void *mark = NULL;
-    SEC_PKCS12DecoderContext *p12dcx;
-
-    /* make sure that the structures are defined, and there has
-     * not been an error in the decoding 
-     */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx 
-		|| safeContentsCtx->p12dcx->error) {
-	return SECFailure;
-    }
-
-    p12dcx = safeContentsCtx->p12dcx;
-    mark = PORT_ArenaMark(p12dcx->arena);
-
-    /* allocate a new safe bag, if bags already exist, grow the 
-     * list of bags, otherwise allocate a new list.  the list is
-     * NULL terminated.
-     */
-    if(p12dcx->safeBagCount) {
-	p12dcx->safeBags = 
-	    (sec_PKCS12SafeBag**)PORT_ArenaGrow(p12dcx->arena,p12dcx->safeBags,
-			(p12dcx->safeBagCount + 1) * sizeof(sec_PKCS12SafeBag *),
-			(p12dcx->safeBagCount + 2) * sizeof(sec_PKCS12SafeBag *));
-    } else {
-	p12dcx->safeBags = (sec_PKCS12SafeBag**)PORT_ArenaZAlloc(p12dcx->arena,
-					    2 * sizeof(sec_PKCS12SafeBag *));
-    }
-    if(!p12dcx->safeBags) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    /* append the bag to the end of the list and update the reference
-     * in the safeContentsCtx.
-     */
-    p12dcx->safeBags[p12dcx->safeBagCount] = 
-        (sec_PKCS12SafeBag*)PORT_ArenaZAlloc(p12dcx->arena,
-					     sizeof(sec_PKCS12SafeBag));
-    safeContentsCtx->currentSafeBag = p12dcx->safeBags[p12dcx->safeBagCount];
-    p12dcx->safeBags[++p12dcx->safeBagCount] = NULL;
-    if(!safeContentsCtx->currentSafeBag) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    safeContentsCtx->currentSafeBag->slot = safeContentsCtx->p12dcx->slot;
-    safeContentsCtx->currentSafeBag->pwitem = safeContentsCtx->p12dcx->pwitem;
-    safeContentsCtx->currentSafeBag->swapUnicodeBytes = 
-				safeContentsCtx->p12dcx->swapUnicodeBytes;
-    safeContentsCtx->currentSafeBag->arena = safeContentsCtx->p12dcx->arena;
-
-    PORT_ArenaUnmark(p12dcx->arena, mark);
-    return SECSuccess;
-
-loser:
-
-    /* if an error occurred, release the memory and set the error flag
-     * the only possible errors triggered by this function are memory 
-     * related.
-     */
-    if(mark) {
-	PORT_ArenaRelease(p12dcx->arena, mark);
-    }
-
-    p12dcx->error = PR_TRUE;
-    return SECFailure;
-}
-
-/* A wrapper for updating the ASN1 context in which a safeBag is
- * being decoded.  This function is called as a callback from
- * secasn1d when decoding SafeContents structures.
- */
-static void
-sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data, 
-				   unsigned long len, int depth, 
-				   SEC_ASN1EncodingPart data_kind)
-{
-    sec_PKCS12SafeContentsContext *safeContentsCtx = 
-        (sec_PKCS12SafeContentsContext *)arg;
-    SEC_PKCS12DecoderContext *p12dcx;
-    SECStatus rv;
-
-    /* make sure that we are not skipping the current safeBag,
-     * and that there are no errors.  If so, just return rather
-     * than continuing to process.
-     */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx 
-		|| safeContentsCtx->p12dcx->error 
-		|| safeContentsCtx->skipCurrentSafeBag) {
-	return;
-    }
-    p12dcx = safeContentsCtx->p12dcx;
-
-    rv = SEC_ASN1DecoderUpdate(safeContentsCtx->currentSafeBagDcx, data, len);
-    if(rv != SECSuccess) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    return;
-
-loser:
-    /* set the error, and finish the decoder context.  because there 
-     * is not a way of returning an error message, it may be worth
-     * while to do a check higher up and finish any decoding contexts
-     * that are still open.
-     */
-    p12dcx->error = PR_TRUE;
-    SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
-    safeContentsCtx->currentSafeBagDcx = NULL;
-    return;
-}
-
-/* forward declarations of functions that are used when decoding
- * safeContents bags which are nested and when decoding the 
- * authenticatedSafes.
- */
-static SECStatus
-sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext 
-							*safeContentsCtx);
-static SECStatus
-sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
-							*safeContentsCtx);
-static void
-sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data, 
-				   unsigned long len, int depth, 
-				   SEC_ASN1EncodingPart data_kind);
-
-/* notify function for decoding safeBags.  This function is
- * used to filter safeBag types which are not supported,
- * initiate the decoding of nested safe contents, and decode
- * safeBags in general.  this function is set when the decoder
- * context for the safeBag is first created.
- */
-static void
-sec_pkcs12_decoder_safe_bag_notify(void *arg, PRBool before,
-				   void *dest, int real_depth)
-{
-    sec_PKCS12SafeContentsContext *safeContentsCtx = 
-        (sec_PKCS12SafeContentsContext *)arg;
-    SEC_PKCS12DecoderContext *p12dcx;
-    sec_PKCS12SafeBag *bag;
-    PRBool after;
-
-    /* if an error is encountered, return */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx || 
-		safeContentsCtx->p12dcx->error) {
-	return;
-    }
-    p12dcx = safeContentsCtx->p12dcx;
-
-    /* to make things more readable */
-    if(before)
-	after = PR_FALSE;
-    else 
-	after = PR_TRUE;
-
-    /* have we determined the safeBagType yet? */
-    bag = safeContentsCtx->currentSafeBag;
-    if(bag->bagTypeTag == NULL) {
-	if(after && (dest == &(bag->safeBagType))) {
-	    bag->bagTypeTag = SECOID_FindOID(&(bag->safeBagType));
-	    if(bag->bagTypeTag == NULL) {
-		p12dcx->error = PR_TRUE;
-		p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
-	    }
-	}
-	return;
-    }
-
-    /* process the safeBag depending on it's type.  those
-     * which we do not support, are ignored.  we start a decoding
-     * context for a nested safeContents.
-     */
-    switch(bag->bagTypeTag->offset) {
-	case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-	case SEC_OID_PKCS12_V1_CERT_BAG_ID:
-	case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-	    break;
-	case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
-	    /* if we are just starting to decode the safeContents, initialize
-	     * a new safeContentsCtx to process it.
-	     */
-	    if(before && (dest == &(bag->safeBagContent))) {
-		sec_pkcs12_decoder_begin_nested_safe_contents(safeContentsCtx);
-	    } else if(after && (dest == &(bag->safeBagContent))) {
-		/* clean up the nested decoding */
-		sec_pkcs12_decoder_finish_nested_safe_contents(safeContentsCtx);
-	    }
-	    break;
-	case SEC_OID_PKCS12_V1_CRL_BAG_ID:
-	case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
-	default:
-	    /* skip any safe bag types we don't understand or handle */
-	    safeContentsCtx->skipCurrentSafeBag = PR_TRUE;
-	    break;
-    }
-
-    return;
-}
-
-/* notify function for decoding safe contents.  each entry in the
- * safe contents is a safeBag which needs to be allocated and
- * the decoding context initialized at the beginning and then
- * the context needs to be closed and finished at the end.
- *
- * this function is set when the safeContents decode context is
- * initialized.
- */
-static void
-sec_pkcs12_decoder_safe_contents_notify(void *arg, PRBool before,
-					void *dest, int real_depth)
-{
-    sec_PKCS12SafeContentsContext *safeContentsCtx = 
-        (sec_PKCS12SafeContentsContext*)arg;
-    SEC_PKCS12DecoderContext *p12dcx;
-    SECStatus rv;
-
-    /* if there is an error we don't want to continue processing,
-     * just return and keep going.
-     */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx 
-		|| safeContentsCtx->p12dcx->error) {
-	return;
-    }
-    p12dcx = safeContentsCtx->p12dcx;
-
-    /* if we are done with the current safeBag, then we need to
-     * finish the context and set the state variables appropriately.
-     */
-    if(!before) {
-	SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsDcx);
-	SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
-	safeContentsCtx->currentSafeBagDcx = NULL;
-	safeContentsCtx->skipCurrentSafeBag = PR_FALSE;
-    } else {
-	/* we are starting a new safe bag.  we need to allocate space
-	 * for the bag and initialize the decoding context.
-	 */
-	rv = sec_pkcs12_decoder_init_new_safe_bag(safeContentsCtx);
-	if(rv != SECSuccess) {
-	    goto loser;
-	}
-
-	/* set up the decoder context */
-	safeContentsCtx->currentSafeBagDcx = SEC_ASN1DecoderStart(p12dcx->arena,
-						safeContentsCtx->currentSafeBag,
-						sec_PKCS12SafeBagTemplate);
-	if(!safeContentsCtx->currentSafeBagDcx) {
-	    p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	    goto loser;
-	}
-
-	/* set the notify and filter procs so that the safe bag
-	 * data gets sent to the proper location when decoding.
-	 */
-	SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->currentSafeBagDcx, 
-				 sec_pkcs12_decoder_safe_bag_notify, 
-				 safeContentsCtx);
-	SEC_ASN1DecoderSetFilterProc(safeContentsCtx->safeContentsDcx, 
-				 sec_pkcs12_decoder_safe_bag_update, 
-				 safeContentsCtx, PR_TRUE);
-    }
-
-    return;
-
-loser:
-    /* in the event of an error, we want to close the decoding
-     * context and clear the filter and notify procedures.
-     */
-    p12dcx->error = PR_TRUE;
-
-    if(safeContentsCtx->currentSafeBagDcx) {
-	SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
-	safeContentsCtx->currentSafeBagDcx = NULL;
-    }
-
-    SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->safeContentsDcx);
-    SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsDcx);
-
-    return;
-}
-
-/* initialize the safeContents for decoding.  this routine
- * is used for authenticatedSafes as well as nested safeContents.
- */
-static sec_PKCS12SafeContentsContext *
-sec_pkcs12_decoder_safe_contents_init_decode(SEC_PKCS12DecoderContext *p12dcx,
-					     PRBool nestedSafe)
-{
-    sec_PKCS12SafeContentsContext *safeContentsCtx = NULL;
-    const SEC_ASN1Template *theTemplate;
-
-    if(!p12dcx || p12dcx->error) {
-	return NULL;
-    }
-
-    /* allocate a new safeContents list or grow the existing list and
-     * append the new safeContents onto the end.
-     */
-    if(!p12dcx->safeContentsCnt) {
-	p12dcx->safeContentsList = 
-	    (sec_PKCS12SafeContentsContext**)PORT_ArenaZAlloc(p12dcx->arena, 
-	       			 sizeof(sec_PKCS12SafeContentsContext *));
-    } else {
-	p12dcx->safeContentsList = 
-	   (sec_PKCS12SafeContentsContext **) PORT_ArenaGrow(p12dcx->arena,
-			p12dcx->safeContentsList,
-			(p12dcx->safeContentsCnt * 
-				sizeof(sec_PKCS12SafeContentsContext *)),
-			(1 + p12dcx->safeContentsCnt * 
-				sizeof(sec_PKCS12SafeContentsContext *)));
-    }
-    if(!p12dcx->safeContentsList) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    p12dcx->safeContentsList[p12dcx->safeContentsCnt] = 
-        (sec_PKCS12SafeContentsContext*)PORT_ArenaZAlloc(
-					p12dcx->arena,
-					sizeof(sec_PKCS12SafeContentsContext));
-    p12dcx->safeContentsList[p12dcx->safeContentsCnt+1] = NULL;
-    if(!p12dcx->safeContentsList[p12dcx->safeContentsCnt]) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    /* set up the state variables */
-    safeContentsCtx = p12dcx->safeContentsList[p12dcx->safeContentsCnt];
-    p12dcx->safeContentsCnt++;
-    safeContentsCtx->p12dcx = p12dcx;
-    safeContentsCtx->arena = p12dcx->arena;
-
-    /* begin the decoding -- the template is based on whether we are
-     * decoding a nested safeContents or not.
-     */
-    if(nestedSafe == PR_TRUE) {
-	theTemplate = sec_PKCS12NestedSafeContentsDecodeTemplate;
-    } else {
-	theTemplate = sec_PKCS12SafeContentsDecodeTemplate;
-    }
-
-    /* start the decoder context */
-    safeContentsCtx->safeContentsDcx = SEC_ASN1DecoderStart(p12dcx->arena, 
-					&safeContentsCtx->safeContents,
-					theTemplate);
-	
-    if(!safeContentsCtx->safeContentsDcx) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    /* set the safeContents notify procedure to look for
-     * and start the decode of safeBags.
-     */
-    SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->safeContentsDcx, 
-				sec_pkcs12_decoder_safe_contents_notify,
-				safeContentsCtx);
-
-    return safeContentsCtx;
-
-loser:
-    /* in the case of an error, we want to finish the decoder
-     * context and set the error flag.
-     */
-    if(safeContentsCtx && safeContentsCtx->safeContentsDcx) {
-	SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
-	safeContentsCtx->safeContentsDcx = NULL;
-    }
-
-    p12dcx->error = PR_TRUE;
-
-    return NULL;
-}
-
-/* wrapper for updating safeContents.  this is set as the filter of
- * safeBag when there is a nested safeContents.
- */
-static void
-sec_pkcs12_decoder_nested_safe_contents_update(void *arg, const char *buf,
-					  unsigned long len, int depth,
-					  SEC_ASN1EncodingPart data_kind)
-{
-    sec_PKCS12SafeContentsContext *safeContentsCtx = 
-        (sec_PKCS12SafeContentsContext *)arg;
-    SEC_PKCS12DecoderContext *p12dcx;
-    SECStatus rv;
-
-    /* check for an error */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx 
-			|| safeContentsCtx->p12dcx->error) {
-	return;
-    }
-
-    /* no need to update if no data sent in */
-    if(!len || !buf) {
-	return;
-    }
-
-    /* update the decoding context */
-    p12dcx = safeContentsCtx->p12dcx;
-    rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsDcx, buf, len);
-    if(rv != SECSuccess) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    return;
-
-loser:
-    /* handle any errors.  If a decoding context is open, close it. */
-    p12dcx->error = PR_TRUE;
-    if(safeContentsCtx->safeContentsDcx) {
-	SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
-	safeContentsCtx->safeContentsDcx = NULL;
-    }
-}
-
-/* whenever a new safeContentsSafeBag is encountered, we need
- * to init a safeContentsContext.  
- */
-static SECStatus  
-sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext 
-							*safeContentsCtx)
-{
-    /* check for an error */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx || 
-		safeContentsCtx->p12dcx->error) {
-	return SECFailure;
-    }
-
-    safeContentsCtx->nestedCtx = sec_pkcs12_decoder_safe_contents_init_decode(
-						safeContentsCtx->p12dcx,
-						PR_TRUE);
-    if(!safeContentsCtx->nestedCtx) {
-	return SECFailure;
-    }
-
-    /* set up new filter proc */
-    SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->nestedCtx->safeContentsDcx,
-				 sec_pkcs12_decoder_safe_contents_notify,
-				 safeContentsCtx->nestedCtx);
-    SEC_ASN1DecoderSetFilterProc(safeContentsCtx->currentSafeBagDcx,
-				 sec_pkcs12_decoder_nested_safe_contents_update,
-				 safeContentsCtx->nestedCtx, PR_TRUE);
-
-    return SECSuccess;
-}
-
-/* when the safeContents is done decoding, we need to reset the
- * proper filter and notify procs and close the decoding context 
- */
-static SECStatus
-sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
-							*safeContentsCtx)
-{
-    /* check for error */
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx || 
-		safeContentsCtx->p12dcx->error) {
-	return SECFailure;
-    }
-
-    /* clean up */	
-    SEC_ASN1DecoderClearFilterProc(safeContentsCtx->currentSafeBagDcx);
-    SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->nestedCtx->safeContentsDcx);
-    SEC_ASN1DecoderFinish(safeContentsCtx->nestedCtx->safeContentsDcx);
-    safeContentsCtx->nestedCtx->safeContentsDcx = NULL;
-    safeContentsCtx->nestedCtx = NULL;
-
-    return SECSuccess;
-}
-
-/* wrapper for updating safeContents.  This is used when decoding
- * the nested safeContents and any authenticatedSafes.
- */
-static void
-sec_pkcs12_decoder_safe_contents_callback(void *arg, const char *buf,
-					  unsigned long len)
-{
-    SECStatus rv;
-    sec_PKCS12SafeContentsContext *safeContentsCtx = 
-        (sec_PKCS12SafeContentsContext *)arg;
-    SEC_PKCS12DecoderContext *p12dcx;
-
-    /* check for error */  
-    if(!safeContentsCtx || !safeContentsCtx->p12dcx 
-		|| safeContentsCtx->p12dcx->error) {
-	return;
-    }
-    p12dcx = safeContentsCtx->p12dcx;
-
-    /* update the decoder */
-    rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsDcx, buf, len);
-    if(rv != SECSuccess) {
-	/* if we fail while trying to decode a 'safe', it's probably because
-	 * we didn't have the correct password. */
-	PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-	p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
-	goto loser;
-    }
-
-    return;
-
-loser:
-    /* set the error and finish the context */
-    p12dcx->error = PR_TRUE;
-    if(safeContentsCtx->safeContentsDcx) {
-	SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
-	safeContentsCtx->safeContentsDcx = NULL;
-    }
-
-    return;
-}
-
-/* this is a wrapper for the ASN1 decoder to call SEC_PKCS7DecoderUpdate
- */
-static void
-sec_pkcs12_decoder_wrap_p7_update(void *arg, const char *data,
-				  unsigned long len, int depth,
-				  SEC_ASN1EncodingPart data_kind)
-{
-    SEC_PKCS7DecoderContext *p7dcx = (SEC_PKCS7DecoderContext *)arg;
-
-    SEC_PKCS7DecoderUpdate(p7dcx, data, len);
-}
-
-/* notify function for decoding aSafes.  at the beginning,
- * of an authenticatedSafe, we start a decode of a safeContents.
- * at the end, we clean up the safeContents decoder context and
- * reset state variables 
- */
-static void
-sec_pkcs12_decoder_asafes_notify(void *arg, PRBool before, void *dest, 
-			       int real_depth)
-{
-    SEC_PKCS12DecoderContext *p12dcx;
-    sec_PKCS12SafeContentsContext *safeContentsCtx;
-
-    /* make sure no error occurred. */
-    p12dcx = (SEC_PKCS12DecoderContext *)arg;
-    if(!p12dcx || p12dcx->error) {
-	return;
-    }
-
-    if(before) {
-
-	/* init a new safeContentsContext */
-	safeContentsCtx = sec_pkcs12_decoder_safe_contents_init_decode(p12dcx, 
-								PR_FALSE);
-	if(!safeContentsCtx) {
-	    goto loser;
-	}
-
-	/* set up password and encryption key information */
-	p12dcx->currentASafeKeyPwd = 
-	    (SEC_PKCS5KeyAndPassword*)PORT_ArenaZAlloc(p12dcx->arena, 
-					      sizeof(SEC_PKCS5KeyAndPassword));
-	if(!p12dcx->currentASafeKeyPwd) {
-	    p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	    goto loser;
-	}
-	p12dcx->currentASafeKeyPwd->pwitem = p12dcx->pwitem;
-	p12dcx->currentASafeKeyPwd->slot = p12dcx->slot;
-	p12dcx->currentASafeKeyPwd->wincx = p12dcx->wincx;
-
-	/* initiate the PKCS7ContentInfo decode */
-	p12dcx->currentASafeP7Dcx = SEC_PKCS7DecoderStart(
-				sec_pkcs12_decoder_safe_contents_callback,
-				safeContentsCtx, 
-				p12dcx->pwfn, p12dcx->pwfnarg,
-				sec_pkcs12_decoder_get_decrypt_key, 
-				p12dcx->currentASafeKeyPwd, 
-				sec_pkcs12_decoder_decryption_allowed);
-	if(!p12dcx->currentASafeP7Dcx) {
-	    p12dcx->errorValue = PORT_GetError();
-	    goto loser;
-	}
-	SEC_ASN1DecoderSetFilterProc(p12dcx->aSafeDcx, 
-				     sec_pkcs12_decoder_wrap_p7_update,
-				     p12dcx->currentASafeP7Dcx, PR_TRUE);
-    }
-
-    if(!before) {
-	/* if one is being decoded, finish the decode */
-	if(p12dcx->currentASafeP7Dcx != NULL) {
-	    if(!SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx)) {
-		p12dcx->currentASafeP7Dcx = NULL;
-		p12dcx->errorValue = PORT_GetError();
-		goto loser;
-	    }
-	    p12dcx->currentASafeP7Dcx = NULL;
-	}
-	p12dcx->currentASafeP7Dcx = NULL;
-	if(p12dcx->currentASafeKeyPwd->key != NULL) {
-	    p12dcx->currentASafeKeyPwd->key = NULL;
-	}
-    }
-
-
-    return;
-
-loser:
-    /* set the error flag */
-    p12dcx->error = PR_TRUE;
-    return;
-}
-
-/* wrapper for updating asafes decoding context.  this function
- * writes data being decoded to disk, so that a mac can be computed
- * later.  
- */
-static void
-sec_pkcs12_decoder_asafes_callback(void *arg, const char *buf, 
-				  unsigned long len)
-{
-    SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext *)arg;
-    SECStatus rv;
-
-    if(!p12dcx || p12dcx->error) {
-	return;
-    }
-
-    /* update the context */
-    rv = SEC_ASN1DecoderUpdate(p12dcx->aSafeDcx, buf, len);
-    if(rv != SECSuccess) {
-	p12dcx->error = (PRBool)SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-
-    /* if we are writing to a file, write out the new information */
-    if(p12dcx->dWrite) {
-	unsigned long writeLen = (*p12dcx->dWrite)(p12dcx->dArg, 	
-						   (unsigned char *)buf, len);
-	if(writeLen != len) {
-	    p12dcx->errorValue = PORT_GetError();
-	    goto loser;
-	}
-    }
-
-    return;
-
-loser:
-    /* set the error flag */
-    p12dcx->error = PR_TRUE;
-    SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
-    p12dcx->aSafeDcx = NULL;
-
-    return;
-}
-   
-/* start the decode of an authenticatedSafe contentInfo.
- */ 
-static SECStatus
-sec_pkcs12_decode_start_asafes_cinfo(SEC_PKCS12DecoderContext *p12dcx)
-{
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    /* start the decode context */
-    p12dcx->aSafeDcx = SEC_ASN1DecoderStart(p12dcx->arena, 
-    					&p12dcx->authSafe,
-    					sec_PKCS12AuthenticatedSafeTemplate);
-    if(!p12dcx->aSafeDcx) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-   	goto loser;
-    }
-
-    /* set the notify function */
-    SEC_ASN1DecoderSetNotifyProc(p12dcx->aSafeDcx,
-    				 sec_pkcs12_decoder_asafes_notify, p12dcx);
-
-    /* begin the authSafe decoder context */
-    p12dcx->aSafeP7Dcx = SEC_PKCS7DecoderStart(
-    				sec_pkcs12_decoder_asafes_callback, p12dcx,
-    				p12dcx->pwfn, p12dcx->pwfnarg, NULL, NULL, NULL);
-    if(!p12dcx->aSafeP7Dcx) {
-	p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
-	goto loser;
-    }
-  
-    /* open the temp file for writing, if the filter functions were set */ 
-    if(p12dcx->dOpen && (*p12dcx->dOpen)(p12dcx->dArg, PR_FALSE) 
-				!= SECSuccess) {
-	p12dcx->errorValue = PORT_GetError();
-	goto loser;
-    }
-
-    return SECSuccess;
-
-loser:
-    p12dcx->error = PR_TRUE;
-
-    if(p12dcx->aSafeDcx) {
-	SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
-	p12dcx->aSafeDcx = NULL;
-    } 
-
-    if(p12dcx->aSafeP7Dcx) {
-	SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
-	p12dcx->aSafeP7Dcx = NULL;
-    }
-
-    return SECFailure;
-}
-
-/* wrapper for updating the safeContents.  this function is used as
- * a filter for the pfx when decoding the authenticated safes 
- */
-static void 
-sec_pkcs12_decode_asafes_cinfo_update(void *arg, const char *buf,
-				      unsigned long len, int depth,
-				      SEC_ASN1EncodingPart data_kind)
-{
-    SEC_PKCS12DecoderContext *p12dcx;
-    SECStatus rv;
-
-    p12dcx = (SEC_PKCS12DecoderContext*)arg;
-    if(!p12dcx || p12dcx->error) {
-	return;
-    }
-
-    /* update the safeContents decoder */
-    rv = SEC_PKCS7DecoderUpdate(p12dcx->aSafeP7Dcx, buf, len);
-    if(rv != SECSuccess) {
-	p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
-	goto loser;
-    }
-
-    return;
-
-loser:
-
-    /* did we find an error?  if so, close the context and set the 
-     * error flag.
-     */
-    SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
-    p12dcx->aSafeP7Dcx = NULL;
-    p12dcx->error = PR_TRUE;
-}
-
-/* notify procedure used while decoding the pfx.  When we encounter
- * the authSafes, we want to trigger the decoding of authSafes as well
- * as when we encounter the macData, trigger the decoding of it.  we do
- * this because we we are streaming the decoder and not decoding in place.
- * the pfx which is the destination, only has the version decoded into it.
- */
-static void 
-sec_pkcs12_decoder_pfx_notify_proc(void *arg, PRBool before, void *dest,
-				   int real_depth)
-{
-    SECStatus rv;
-    SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext*)arg;
-
-    /* if an error occurrs, clear the notifyProc and the filterProc 
-     * and continue. 
-     */
-    if(p12dcx->error) {
-	SEC_ASN1DecoderClearNotifyProc(p12dcx->pfxDcx);
-	SEC_ASN1DecoderClearFilterProc(p12dcx->pfxDcx);
-	return;
-    }
-
-    if(before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
-
-	/* we want to make sure this is a version we support */
-	if(!sec_pkcs12_proper_version(&p12dcx->pfx)) {
-	    p12dcx->errorValue = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
-	    goto loser;
-	}
-
-	/* start the decode of the aSafes cinfo... */
-	rv = sec_pkcs12_decode_start_asafes_cinfo(p12dcx);
-	if(rv != SECSuccess) {
-	    goto loser;
-	}
-
-	/* set the filter proc to update the authenticated safes. */
-	SEC_ASN1DecoderSetFilterProc(p12dcx->pfxDcx,
-				     sec_pkcs12_decode_asafes_cinfo_update,
-				     p12dcx, PR_TRUE);
-    }
-
-    if(!before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
-
-	/* we are done decoding the authenticatedSafes, so we need to 
-	 * finish the decoderContext and clear the filter proc
-	 * and close the hmac callback, if present
-	 */
-	p12dcx->aSafeCinfo = SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
-	p12dcx->aSafeP7Dcx = NULL;
-	if(!p12dcx->aSafeCinfo) {
-	    p12dcx->errorValue = PORT_GetError();
-	    goto loser;
-	}
-	SEC_ASN1DecoderClearFilterProc(p12dcx->pfxDcx);
-	if(p12dcx->dClose && ((*p12dcx->dClose)(p12dcx->dArg, PR_FALSE) 
-				!= SECSuccess)) {
-	    p12dcx->errorValue = PORT_GetError();
-	    goto loser;
-	}
-
-    }
-
-    return;
-
-loser:
-    p12dcx->error = PR_TRUE;
-}
-
-/*  default implementations of the open/close/read/write functions for
-    SEC_PKCS12DecoderStart 
-*/
-
-#define DEFAULT_TEMP_SIZE 4096
-
-static SECStatus
-p12u_DigestOpen(void *arg, PRBool readData)
-{
-    SEC_PKCS12DecoderContext* p12cxt = arg;
-
-    p12cxt->currentpos = 0;
-
-    if (PR_FALSE == readData) {
-        /* allocate an initial buffer */
-        p12cxt->filesize = 0;
-        p12cxt->allocated = DEFAULT_TEMP_SIZE;
-        p12cxt->buffer = PORT_Alloc(DEFAULT_TEMP_SIZE);
-        PR_ASSERT(p12cxt->buffer);
-    }
-    else
-    {
-        PR_ASSERT(p12cxt->buffer);
-        if (!p12cxt->buffer) {
-            return SECFailure; /* no data to read */
-        }
-    }
-
-    return SECSuccess;
-}
-
-static SECStatus
-p12u_DigestClose(void *arg, PRBool removeFile)
-{
-    SEC_PKCS12DecoderContext* p12cxt = arg;
-
-    PR_ASSERT(p12cxt);
-    if (!p12cxt) {
-        return SECFailure;
-    }
-    p12cxt->currentpos = 0;
-
-    if (PR_TRUE == removeFile) {
-        PR_ASSERT(p12cxt->buffer);
-        if (!p12cxt->buffer) {
-            return SECFailure;
-        }
-        if (p12cxt->buffer) {
-            PORT_Free(p12cxt->buffer);
-            p12cxt->buffer = NULL;
-            p12cxt->allocated = 0;
-            p12cxt->filesize = 0;
-        }
-    }
-
-    return SECSuccess;
-}
-
-static int
-p12u_DigestRead(void *arg, unsigned char *buf, unsigned long len)
-{
-    int toread = len;
-    SEC_PKCS12DecoderContext* p12cxt = arg;
-
-    if(!buf || len == 0) {
-	return -1;
-    }
-
-    if (!p12cxt->buffer || ((p12cxt->filesize-p12cxt->currentpos)<(long)len) ) {
-        /* trying to read past the end of the buffer */
-        toread = p12cxt->filesize-p12cxt->currentpos;
-    }
-    memcpy(buf, (void*)((char*)p12cxt->buffer+p12cxt->currentpos), toread);
-    p12cxt->currentpos += toread;
-    return toread;
-}
-
-static int
-p12u_DigestWrite(void *arg, unsigned char *buf, unsigned long len)
-{
-    SEC_PKCS12DecoderContext* p12cxt = arg;
-
-    if(!buf || len == 0) {
-        return -1;
-    }
-
-    if (p12cxt->currentpos+(long)len > p12cxt->filesize) {
-        p12cxt->filesize = p12cxt->currentpos + len;
-    }
-    else {
-        p12cxt->filesize += len;
-    }
-    if (p12cxt->filesize > p12cxt->allocated) {
-        void* newbuffer;
-        size_t newsize = p12cxt->filesize + DEFAULT_TEMP_SIZE;
-        newbuffer  = PORT_Realloc(p12cxt->buffer, newsize);
-        if (NULL == newbuffer) {
-            return -1; /* can't extend the buffer */
-        }
-        p12cxt->buffer = newbuffer;
-        p12cxt->allocated = newsize;
-    }
-    PR_ASSERT(p12cxt->buffer);
-    memcpy((void*)((char*)p12cxt->buffer+p12cxt->currentpos), buf, len);
-    p12cxt->currentpos += len;
-    return len;
-}
-
-/* SEC_PKCS12DecoderStart
- *	Creates a decoder context for decoding a PKCS 12 PDU objct.
- *	This function sets up the initial decoding context for the
- *	PFX and sets the needed state variables.
- *
- *	pwitem - the password for the hMac and any encoded safes.
- *		 this should be changed to take a callback which retrieves
- *		 the password.  it may be possible for different safes to
- *		 have different passwords.  also, the password is already
- *		 in unicode.  it should probably be converted down below via
- *		 a unicode conversion callback.
- *	slot - the slot to import the dataa into should multiple slots 
- *		 be supported based on key type and cert type?
- *	dOpen, dClose, dRead, dWrite - digest routines for writing data
- *		 to a file so it could be read back and the hmack recomputed
- *		 and verified.  doesn't seem to be away for both encoding
- *		 and decoding to be single pass, thus the need for these
- *		 routines.
- *	dArg - the argument for dOpen, etc.
- *
- *      if NULL == dOpen == dClose == dRead == dWrite == dArg, then default
- *      implementations using a memory buffer are used
- *
- *	This function returns the decoder context, if it was successful.
- *	Otherwise, null is returned.
- */
-SEC_PKCS12DecoderContext *
-SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
-		       digestOpenFn dOpen, digestCloseFn dClose, 
-		       digestIOFn dRead, digestIOFn dWrite, void *dArg)
-{
-    SEC_PKCS12DecoderContext *p12dcx;
-    PRArenaPool *arena;
-
-    arena = PORT_NewArena(2048); /* different size? */
-    if(!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    /* allocate the decoder context and set the state variables */
-    p12dcx = (SEC_PKCS12DecoderContext*)PORT_ArenaZAlloc(arena, sizeof(SEC_PKCS12DecoderContext));
-    if(!p12dcx) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    if (!dOpen && !dClose && !dRead && !dWrite && !dArg) {
-        /* use default implementations */
-        dOpen = p12u_DigestOpen;
-        dClose = p12u_DigestClose;
-        dRead = p12u_DigestRead;
-        dWrite = p12u_DigestWrite;
-        dArg = (void*)p12dcx;
-    }
-
-    p12dcx->arena = arena;
-    p12dcx->pwitem = pwitem;
-    p12dcx->slot = (slot ? PK11_ReferenceSlot(slot) 
-						: PK11_GetInternalKeySlot());
-    p12dcx->wincx = wincx;
-#ifdef IS_LITTLE_ENDIAN
-    p12dcx->swapUnicodeBytes = PR_TRUE;
-#else
-    p12dcx->swapUnicodeBytes = PR_FALSE;
-#endif
-    p12dcx->errorValue = 0;
-    p12dcx->error = PR_FALSE;
-
-    /* start the decoding of the PFX and set the notify proc
-     * for the PFX item.
-     */
-    p12dcx->pfxDcx = SEC_ASN1DecoderStart(p12dcx->arena, &p12dcx->pfx,
-    					  sec_PKCS12PFXItemTemplate);
-    if(!p12dcx->pfxDcx) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY); 
-	PK11_FreeSlot(p12dcx->slot);
-	goto loser;
-    }
-
-    SEC_ASN1DecoderSetNotifyProc(p12dcx->pfxDcx, 
-				 sec_pkcs12_decoder_pfx_notify_proc,
-    				 p12dcx); 
-    
-    /* set up digest functions */
-    p12dcx->dOpen = dOpen;
-    p12dcx->dWrite = dWrite;
-    p12dcx->dClose = dClose;
-    p12dcx->dRead = dRead;
-    p12dcx->dArg = dArg;
-
-    return p12dcx;
-
-loser:
-    PORT_FreeArena(arena, PR_TRUE);
-    return NULL;
-}
-
-/* SEC_PKCS12DecoderUpdate 
- *	Streaming update sending more data to the decoder.  If 
- *	an error occurs, SECFailure is returned.
- *
- *	p12dcx - the decoder context 
- *	data, len - the data buffer and length of data to send to 
- *		the update functions.
- */
-SECStatus
-SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx,
-			unsigned char *data, unsigned long len)
-{
-    SECStatus rv;
-
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    /* update the PFX decoder context */
-    rv = SEC_ASN1DecoderUpdate(p12dcx->pfxDcx, (const char *)data, len);
-    if(rv != SECSuccess) {
-	p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
-	goto loser;
-    }
-
-    return SECSuccess;
-
-loser:
-
-    p12dcx->error = PR_TRUE;
-    return SECFailure;
-}
-
-/* IN_BUF_LEN should be larger than SHA1_LENGTH */
-#define IN_BUF_LEN		80
-
-/* verify the hmac by reading the data from the temporary file
- * using the routines specified when the decodingContext was 
- * created and return SECSuccess if the hmac matches.
- */
-static SECStatus
-sec_pkcs12_decoder_verify_mac(SEC_PKCS12DecoderContext *p12dcx)
-{
-    SECStatus rv = SECFailure;
-    SECStatus lrv;
-    SECItem hmacRes;
-    unsigned char buf[IN_BUF_LEN];
-    unsigned int bufLen;
-    int iteration;
-    PK11Context *pk11cx = NULL;
-    PK11SymKey *symKey = NULL;
-    SECItem *params = NULL;
-    SECItem ignore = {0};
-    SECOidTag algtag;
-    CK_MECHANISM_TYPE integrityMech;
-    
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    /* generate hmac key */
-    if(p12dcx->macData.iter.data) {
-	iteration = (int)DER_GetInteger(&p12dcx->macData.iter);
-    } else {
-	iteration = 1;
-    }
-
-    params = PK11_CreatePBEParams(&p12dcx->macData.macSalt, p12dcx->pwitem,
-                                  iteration);
-
-    algtag = SECOID_GetAlgorithmTag(&p12dcx->macData.safeMac.digestAlgorithm);
-    switch (algtag) {
-    case SEC_OID_SHA1:
-	integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN; break;
-    case SEC_OID_MD5:
-	integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;  break;
-    case SEC_OID_MD2:
-	integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;  break;
-    default:
-	goto loser;
-    }
-
-    symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
-    PK11_DestroyPBEParams(params);
-    params = NULL;
-    if (!symKey) goto loser;
-    /* init hmac */
-    pk11cx = PK11_CreateContextBySymKey(sec_pkcs12_algtag_to_mech(algtag),
-                                        CKA_SIGN, symKey, &ignore);
-    if(!pk11cx) {
-	goto loser;
-    }
-    lrv = PK11_DigestBegin(pk11cx);
-    if (lrv == SECFailure ) {
-	goto loser;
-    }
-
-    /* try to open the data for readback */
-    if(p12dcx->dOpen && ((*p12dcx->dOpen)(p12dcx->dArg, PR_TRUE) 
-			!= SECSuccess)) {
-	goto loser;
-    }
-
-    /* read the data back IN_BUF_LEN bytes at a time and recompute
-     * the hmac.  if fewer bytes are read than are requested, it is
-     * assumed that the end of file has been reached. if bytesRead
-     * is returned as -1, then an error occured reading from the 
-     * file.
-     */
-    while(1) {
-	int bytesRead = (*p12dcx->dRead)(p12dcx->dArg, buf, IN_BUF_LEN);
-	if(bytesRead == -1) {
-	    goto loser;
-	}
-
-	lrv = PK11_DigestOp(pk11cx, buf, bytesRead);
-	if (lrv == SECFailure) {
-	    goto loser;
-	}
-	if(bytesRead < IN_BUF_LEN) {
-	    break;
-	}
-    }
-
-    /* finish the hmac context */
-    lrv = PK11_DigestFinal(pk11cx, buf, &bufLen, IN_BUF_LEN);
-    if (lrv == SECFailure ) {
-	goto loser;
-    }
-
-    hmacRes.data = buf;
-    hmacRes.len = bufLen;
-
-    /* is the hmac computed the same as the hmac which was decoded? */
-    rv = SECSuccess;
-    if(SECITEM_CompareItem(&hmacRes, &p12dcx->macData.safeMac.digest) 
-			!= SECEqual) {
-	PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
-	rv = SECFailure;
-    }
-
-loser:
-    /* close the file and remove it */
-    if(p12dcx->dClose) {
-	(*p12dcx->dClose)(p12dcx->dArg, PR_TRUE);
-    }
-
-    if(pk11cx) {
-	PK11_DestroyContext(pk11cx, PR_TRUE);
-    }
-    if (params) {
-	PK11_DestroyPBEParams(params);
-    }
-    if (symKey) {
-	PK11_FreeSymKey(symKey);
-    }
-
-    return rv;
-}
-
-/* SEC_PKCS12DecoderVerify
- * 	Verify the macData or the signature of the decoded PKCS 12 PDU.
- *	If the signature or the macData do not match, SECFailure is
- *	returned.
- *
- * 	p12dcx - the decoder context 
- */
-SECStatus
-SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx)
-{
-    SECStatus rv = SECSuccess;
-
-    /* make sure that no errors have occured... */
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    /* check the signature or the mac depending on the type of
-     * integrity used.
-     */
-    if(p12dcx->pfx.encodedMacData.len) {
-	rv = SEC_ASN1DecodeItem(p12dcx->arena, &p12dcx->macData,
-				sec_PKCS12MacDataTemplate,
-				&p12dcx->pfx.encodedMacData);
-	if(rv == SECSuccess) {
-	    return sec_pkcs12_decoder_verify_mac(p12dcx);
-	} else {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	}
-    } else {
-	if(SEC_PKCS7VerifySignature(p12dcx->aSafeCinfo, certUsageEmailSigner,
-				    PR_FALSE)) {
-	    return SECSuccess;
-	} else {
-	    PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
-	}
-    }
-
-    return SECFailure;
-}
-
-/* SEC_PKCS12DecoderFinish
- *	Free any open ASN1 or PKCS7 decoder contexts and then
- *	free the arena pool which everything should be allocated
- *	from.  This function should be called upon completion of
- *	decoding and installing of a pfx pdu.  This should be
- *	called even if an error occurs.
- *
- *	p12dcx - the decoder context
- */
-void
-SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx)
-{
-    if(!p12dcx) {
-	return;
-    }
-
-    if(p12dcx->pfxDcx) {
-	SEC_ASN1DecoderFinish(p12dcx->pfxDcx);
-	p12dcx->pfxDcx = NULL;
-    }
-
-    if(p12dcx->aSafeDcx) {
-	SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
-	p12dcx->aSafeDcx = NULL;
-    }
-
-    if(p12dcx->currentASafeP7Dcx) {
-	SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx);
-	p12dcx->currentASafeP7Dcx = NULL;
-    }
-
-    if(p12dcx->aSafeP7Dcx) {
-	SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
-    }
-
-    if(p12dcx->hmacDcx) {
-	SEC_ASN1DecoderFinish(p12dcx->hmacDcx);
-	p12dcx->hmacDcx = NULL;
-    }
-
-    if(p12dcx->slot) {
-	PK11_FreeSlot(p12dcx->slot);
-	p12dcx->slot = NULL;
-    }
-
-    if(p12dcx->arena) {
-	PORT_FreeArena(p12dcx->arena, PR_TRUE);
-    }
-}
-
-static SECStatus
-sec_pkcs12_decoder_set_attribute_value(sec_PKCS12SafeBag *bag,
-			       SECOidTag attributeType,
-			       SECItem *attrValue)
-{
-    int i = 0;
-    SECOidData *oid;
-
-    if(!bag || !attrValue) {
-	return SECFailure;
-    }
-
-    oid = SECOID_FindOIDByTag(attributeType);
-    if(!oid) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    if(!bag->attribs) {
-	bag->attribs = (sec_PKCS12Attribute**)PORT_ArenaZAlloc(bag->arena, 
-					sizeof(sec_PKCS12Attribute *) * 2);
-    } else {
-	while(bag->attribs[i]) i++;
-	bag->attribs = (sec_PKCS12Attribute **)PORT_ArenaGrow(bag->arena, 
-				      bag->attribs, 
-				      (i + 1) * sizeof(sec_PKCS12Attribute *),
-				      (i + 2) * sizeof(sec_PKCS12Attribute *));
-    }
-
-    if(!bag->attribs) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    bag->attribs[i] = (sec_PKCS12Attribute*)PORT_ArenaZAlloc(bag->arena, 
-						  sizeof(sec_PKCS12Attribute));
-    if(!bag->attribs) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    bag->attribs[i]->attrValue = (SECItem**)PORT_ArenaZAlloc(bag->arena, 
-						  sizeof(SECItem *) * 2);
-    if(!bag->attribs[i]->attrValue) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    bag->attribs[i+1] = NULL;
-    bag->attribs[i]->attrValue[0] = attrValue;
-    bag->attribs[i]->attrValue[1] = NULL;
-
-    if(SECITEM_CopyItem(bag->arena, &bag->attribs[i]->attrType, &oid->oid)
-			!= SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-static SECItem *
-sec_pkcs12_get_attribute_value(sec_PKCS12SafeBag *bag,
-			       SECOidTag attributeType)
-{
-    int i = 0;
-
-    if(!bag->attribs) {
-	return NULL;
-    }
-
-    while(bag->attribs[i] != NULL) {
-	if(SECOID_FindOIDTag(&bag->attribs[i]->attrType) 
-			== attributeType) {
-	    return bag->attribs[i]->attrValue[0];
-	}
-	i++;
-    }
-
-    return NULL;
-}
-
-/* For now, this function will merely remove any ":"
- * in the nickname which the PK11 functions may have
- * placed there.  This will keep dual certs from appearing
- * twice under "Your" certificates when imported onto smart
- * cards.  Once with the name "Slot:Cert" and another with
- * the nickname "Slot:Slot:Cert"
- */
-static void
-sec_pkcs12_sanitize_nickname(PK11SlotInfo *slot, SECItem *nick)
-{
-    char *nickname;
-    char *delimit;
-    int delimitlen;
- 
-    nickname = (char*)nick->data; /*Mac breaks without this type cast*/
-    if ((delimit = PORT_Strchr(nickname, ':')) != NULL) {
-        char *slotName;
-	int slotNameLen;
-
-	slotNameLen = delimit-nickname;
-	slotName = PORT_NewArray(char, (slotNameLen+1));
-	PORT_Assert(slotName);
-	if (slotName == NULL) {
-	  /* What else can we do?*/
-	  return;
-	}
-	PORT_Memcpy(slotName, nickname, slotNameLen);
-	slotName[slotNameLen] = '\0';
-	if (PORT_Strcmp(PK11_GetTokenName(slot), slotName) == 0) {
-	  delimitlen = PORT_Strlen(delimit+1);
-	  PORT_Memmove(nickname, delimit+1, delimitlen+1);
-	  nick->len = delimitlen;
-	}
-	PORT_Free(slotName);
-    }
- 
-}
-
-static SECItem *
-sec_pkcs12_get_nickname(sec_PKCS12SafeBag *bag)
-{
-    SECItem *src, *dest;
-
-    if(!bag) {
-	bag->problem = PR_TRUE;
-	bag->error = SEC_ERROR_NO_MEMORY;
-	return NULL;
-    }
-
-    src = sec_pkcs12_get_attribute_value(bag, SEC_OID_PKCS9_FRIENDLY_NAME);
-    if(!src) {
-	return NULL;
-    }
-
-    dest = (SECItem*)PORT_ZAlloc(sizeof(SECItem));
-    if(!dest) { 
-	goto loser;
-    }
-    if(!sec_pkcs12_convert_item_to_unicode(NULL, dest, src, PR_FALSE, 
-				PR_FALSE, PR_FALSE)) {
-	goto loser;
-    }
-
-    sec_pkcs12_sanitize_nickname(bag->slot, dest);
-
-    return dest;
-
-loser:
-    if(dest) {
-	SECITEM_ZfreeItem(dest, PR_TRUE);
-    }
-
-    bag->problem = PR_TRUE;
-    bag->error = PORT_GetError();
-    return NULL;
-}
-
-static SECStatus
-sec_pkcs12_set_nickname(sec_PKCS12SafeBag *bag, SECItem *name)
-{
-    int i = 0;
-    sec_PKCS12Attribute *attr = NULL;
-    SECOidData *oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_FRIENDLY_NAME);
-
-    if(!bag || !bag->arena || !name) {
-	return SECFailure;
-    }
-	
-    if(!bag->attribs) {
-	if(!oid) {
-	    goto loser;
-	}
-
-	bag->attribs = (sec_PKCS12Attribute**)PORT_ArenaZAlloc(bag->arena, 
-					     sizeof(sec_PKCS12Attribute *)*2);
-	if(!bag->attribs) {
-	    goto loser;
-	}
-	bag->attribs[0] = (sec_PKCS12Attribute*)PORT_ArenaZAlloc(bag->arena, 
-						  sizeof(sec_PKCS12Attribute));
-	if(!bag->attribs[0]) {
-	    goto loser;
-	}
-	bag->attribs[1] = NULL;
-
-	attr = bag->attribs[0];
-	if(SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid) 
-			!= SECSuccess) {
-	    goto loser;
-	}
-    } else {
-	while(bag->attribs[i]) {
-	    if(SECOID_FindOIDTag(&bag->attribs[i]->attrType)
-			== SEC_OID_PKCS9_FRIENDLY_NAME) {
-		attr = bag->attribs[i];
-		goto have_attrib;
-		
-	    }
-	    i++;
-	}
-	if(!attr) {
-	    bag->attribs = (sec_PKCS12Attribute **)PORT_ArenaGrow(bag->arena, 
-								  bag->attribs,
-					(i+1) * sizeof(sec_PKCS12Attribute *),
-					(i+2) * sizeof(sec_PKCS12Attribute *));
-	    if(!bag->attribs) {
-		goto loser;
-	    }
-	    bag->attribs[i] = 
-	        (sec_PKCS12Attribute *)PORT_ArenaZAlloc(bag->arena, 
-						  sizeof(sec_PKCS12Attribute));
-	    if(!bag->attribs[i]) {
-		goto loser;
-	    }
-	    bag->attribs[i+1] = NULL;
-	    attr = bag->attribs[i];
-	    if(SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid) 
-				!= SECSuccess) {
-		goto loser;
-	    }
-	}
-    }
-have_attrib:
-    PORT_Assert(attr);
-    if(!attr->attrValue) {
-	attr->attrValue = (SECItem **)PORT_ArenaZAlloc(bag->arena, 
-						       sizeof(SECItem *) * 2);
-	if(!attr->attrValue) {
-	    goto loser;
-	}
-	attr->attrValue[0] = (SECItem*)PORT_ArenaZAlloc(bag->arena, 
-							sizeof(SECItem));
-	if(!attr->attrValue[0]) {
-	    goto loser;
-	}
-	attr->attrValue[1] = NULL;
-    }
-
-    name->len = PORT_Strlen((char *)name->data);
-    if(!sec_pkcs12_convert_item_to_unicode(bag->arena, attr->attrValue[0],
-				name, PR_FALSE, PR_FALSE, PR_TRUE)) {
-	goto loser;
-    }
-
-    return SECSuccess;
-
-loser:
-    bag->problem = PR_TRUE;
-    bag->error = SEC_ERROR_NO_MEMORY;
-    return SECFailure;
-}
-	
-static SECStatus
-sec_pkcs12_get_key_info(sec_PKCS12SafeBag *key) 
-{
-    int i = 0;
-    SECKEYPrivateKeyInfo *pki = NULL;
-
-    if(!key) {
-	return SECFailure;
-    }
-
-    /* if the bag does *not* contain an unencrypted PrivateKeyInfo 
-     * then we cannot convert the attributes.  We are propagating
-     * attributes within the PrivateKeyInfo to the SafeBag level.
-     */
-    if(SECOID_FindOIDTag(&(key->safeBagType)) != 
-			SEC_OID_PKCS12_V1_KEY_BAG_ID) {
-	return SECSuccess;
-    }
-
-    pki = key->safeBagContent.pkcs8KeyBag;
-
-    if(!pki || !pki->attributes) {
-	return SECSuccess;
-    }
-
-    while(pki->attributes[i]) {
-	SECItem *attrValue = NULL;
-
-	if(SECOID_FindOIDTag(&pki->attributes[i]->attrType) == 
-			SEC_OID_PKCS9_LOCAL_KEY_ID) {
-	    attrValue = sec_pkcs12_get_attribute_value(key, 
-						 SEC_OID_PKCS9_LOCAL_KEY_ID);
-	    if(!attrValue) {
-		if(sec_pkcs12_decoder_set_attribute_value(key, 
-					SEC_OID_PKCS9_LOCAL_KEY_ID,
-					pki->attributes[i]->attrValue[0])
-					!= SECSuccess) {
-		    key->problem = PR_TRUE;
-		    key->error = SEC_ERROR_NO_MEMORY;
-		    return SECFailure;
-		}
-	    }
-	}
-
-	if(SECOID_FindOIDTag(&pki->attributes[i]->attrType) == 
-			SEC_OID_PKCS9_FRIENDLY_NAME) {
-	    attrValue = sec_pkcs12_get_attribute_value(key, 
-						SEC_OID_PKCS9_FRIENDLY_NAME);
-	    if(!attrValue) {
-		if(sec_pkcs12_decoder_set_attribute_value(key, 
-					SEC_OID_PKCS9_FRIENDLY_NAME,
-					pki->attributes[i]->attrValue[0])
-					!= SECSuccess) {
-		    key->problem = PR_TRUE;
-		    key->error = SEC_ERROR_NO_MEMORY;
-		    return SECFailure;
-		}
-	    }
-	}
-
-	i++;
-    }
-
-    return SECSuccess;
-}
-
-/* retrieve the nickname for the certificate bag.  first look
- * in the cert bag, otherwise get it from the key.
- */
-static SECItem *
-sec_pkcs12_get_nickname_for_cert(sec_PKCS12SafeBag *cert,
-				 sec_PKCS12SafeBag *key, 
-				 void *wincx)
-{
-    SECItem *nickname;
-
-    if(!cert) {
-	return NULL;
-    }
-
-    nickname = sec_pkcs12_get_nickname(cert);
-    if(nickname) {
-	return nickname;
-    }
-
-    if(key) {
-	nickname = sec_pkcs12_get_nickname(key);
-	
-        if(nickname && sec_pkcs12_set_nickname(cert, nickname)
-			!= SECSuccess) {
-	    cert->error = SEC_ERROR_NO_MEMORY;
-	    cert->problem = PR_TRUE;
-	    if(nickname) { 
-		SECITEM_ZfreeItem(nickname, PR_TRUE);
-	    }
-	    return NULL;
-	}
-    }
-
-    return nickname;
-}
-
-/* set the nickname for the certificate */
-static SECStatus
-sec_pkcs12_set_nickname_for_cert(sec_PKCS12SafeBag *cert, 
-				 sec_PKCS12SafeBag *key, 
-				 SECItem *nickname, 
-				 void *wincx)
-{
-    if(!nickname || !cert) {
-	return SECFailure;
-    }
-
-    if(sec_pkcs12_set_nickname(cert, nickname) != SECSuccess) {
-	cert->error = SEC_ERROR_NO_MEMORY;
-	cert->problem = PR_TRUE;
-	return SECFailure;
-    }
-
-    if(key) {
-	if(sec_pkcs12_set_nickname(key, nickname) != SECSuccess) {
-	    cert->error = SEC_ERROR_NO_MEMORY;
-	    cert->problem = PR_TRUE;
-	    return SECFailure;
-	}
-    }
-
-    return SECSuccess;
-}
-
-/* retrieve the DER cert from the cert bag */
-static SECItem *
-sec_pkcs12_get_der_cert(sec_PKCS12SafeBag *cert) 
-{
-    if(!cert) {
-	return NULL;
-    }
-
-    if(SECOID_FindOIDTag(&cert->safeBagType) != SEC_OID_PKCS12_V1_CERT_BAG_ID) {
-	return NULL;
-    }
-
-    /* only support X509 certs not SDSI */
-    if(SECOID_FindOIDTag(&cert->safeBagContent.certBag->bagID) 
-			!= SEC_OID_PKCS9_X509_CERT) {
-	return NULL;
-    }
-			
-    return SECITEM_DupItem(&(cert->safeBagContent.certBag->value.x509Cert));
-}
-
-struct certNickInfo {
-    PRArenaPool *arena;
-    unsigned int nNicks;
-    SECItem **nickList;
-    unsigned int error;
-};
-
-/* callback for traversing certificates to gather the nicknames 
- * used in a particular traversal.  for instance, when using
- * CERT_TraversePermCertsForSubject, gather the nicknames and
- * store them in the certNickInfo for a particular DN.
- * 
- * this handles the case where multiple nicknames are allowed
- * for the same dn, which is not currently allowed, but may be
- * in the future.
- */ 
-static SECStatus
-gatherNicknames(CERTCertificate *cert, void *arg)
-{
-    struct certNickInfo *nickArg = (struct certNickInfo *)arg;
-    SECItem tempNick;
-    unsigned int i;
-
-    if(!cert || !nickArg || nickArg->error) {
-	return SECFailure;
-    }
-
-    if(!cert->nickname) {
-	return SECSuccess;
-    }
-
-    tempNick.data = (unsigned char *)cert->nickname;
-    tempNick.len = PORT_Strlen(cert->nickname) + 1;
-
-    /* do we already have the nickname in the list? */
-    if(nickArg->nNicks > 0) {
-
-	/* nicknames have been encountered, but there is no list -- bad */
-	if(!nickArg->nickList) {
-	    nickArg->error = SEC_ERROR_NO_MEMORY;
-	    return SECFailure;
-	}
-
-	for(i = 0; i < nickArg->nNicks; i++) {
-	    if(SECITEM_CompareItem(nickArg->nickList[i], &tempNick) 
-				== SECEqual) {
-		return SECSuccess;
-	    }
-	}
-    }
-
-    /* add the nickname to the list */
-    if(nickArg->nNicks == 0) {
-	nickArg->nickList = (SECItem **)PORT_ArenaZAlloc(nickArg->arena, 
-					     2 * sizeof(SECItem *));
-    } else {
-	nickArg->nickList = (SECItem **)PORT_ArenaGrow(nickArg->arena,
-				nickArg->nickList, 
-				(nickArg->nNicks + 1) * sizeof(SECItem *),
-				(nickArg->nNicks + 2) * sizeof(SECItem *));
-    }
-    if(!nickArg->nickList) {
-	nickArg->error = SEC_ERROR_NO_MEMORY;
-	return SECFailure;
-    }
-
-    nickArg->nickList[nickArg->nNicks] = 
-        (SECItem *)PORT_ArenaZAlloc(nickArg->arena, sizeof(SECItem));
-    if(!nickArg->nickList[nickArg->nNicks]) {
-	nickArg->error = SEC_ERROR_NO_MEMORY;
-	return SECFailure;
-    }
-    
-
-    if(SECITEM_CopyItem(nickArg->arena, nickArg->nickList[nickArg->nNicks],
-			&tempNick) != SECSuccess) {
-	nickArg->error = SEC_ERROR_NO_MEMORY;
-	return SECFailure;
-    }
-
-    nickArg->nNicks++;
-
-    return SECSuccess;
-}
-
-/* traverses the certs in the data base or in the token for the
- * DN to see if any certs currently have a nickname set.
- * If so, return it. 
- */
-static SECItem *
-sec_pkcs12_get_existing_nick_for_dn(sec_PKCS12SafeBag *cert, void *wincx)
-{
-    struct certNickInfo *nickArg = NULL;
-    SECItem *derCert, *returnDn = NULL;
-    PRArenaPool *arena = NULL;
-    CERTCertificate *tempCert;
-
-    if(!cert) {
-	return NULL;
-    }
-
-    derCert = sec_pkcs12_get_der_cert(cert);
-    if(!derCert) {
-	return NULL;
-    }
-
-    tempCert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
-    if(!tempCert) {
-	returnDn = NULL;
-	goto loser;
-    }
-
-    arena = PORT_NewArena(1024);
-    if(!arena) {
-	returnDn = NULL;
-	goto loser;
-    }
-    nickArg = (struct certNickInfo *)PORT_ArenaZAlloc(arena, 
-						 sizeof(struct certNickInfo));
-    if(!nickArg) {
-	returnDn = NULL;
-	goto loser;
-    }
-    nickArg->error = 0;
-    nickArg->nNicks = 0;
-    nickArg->nickList = NULL;
-    nickArg->arena = arena;
-
-    /* if the token is local, first traverse the cert database 
-     * then traverse the token.
-     */
-    if(PK11_TraverseCertsForSubjectInSlot(tempCert, cert->slot, gatherNicknames,
-			(void *)nickArg) != SECSuccess) {
-	returnDn = NULL;
-	goto loser;
-    }
-
-    if(nickArg->error) {
-	/* XXX do we want to set the error? */
-	returnDn = NULL;
-	goto loser;
-    }
-		
-    if(nickArg->nNicks == 0) {
-	returnDn = NULL;
-	goto loser;
-    }
-
-    /* set it to the first name, for now.  handle multiple names? */
-    returnDn = SECITEM_DupItem(nickArg->nickList[0]);
-
-loser:
-    if(arena) {
-	PORT_FreeArena(arena, PR_TRUE);
-    }
-
-    if(tempCert) {
-	CERT_DestroyCertificate(tempCert);
-    }
-
-    if(derCert) {
-	SECITEM_FreeItem(derCert, PR_TRUE);
-    }
-
-    return (returnDn);
-}
-
-/* counts certificates found for a given traversal function */
-static SECStatus
-countCertificate(CERTCertificate *cert, void *arg)
-{
-    unsigned int *nCerts = (unsigned int *)arg;
-
-    if(!cert || !arg) {
-	return SECFailure;
-    }
-
-    (*nCerts)++;
-    return SECSuccess;
-}
-
-static PRBool
-sec_pkcs12_certs_for_nickname_exist(SECItem *nickname, PK11SlotInfo *slot)
-{
-    unsigned int nCerts = 0;
-
-    if(!nickname || !slot) {
-	return PR_TRUE;
-    }
-
-    /* we want to check the local database first if we are importing to it */
-    PK11_TraverseCertsForNicknameInSlot(nickname, slot, countCertificate, 
-					(void *)&nCerts);
-    if(nCerts) return PR_TRUE;
-
-    return PR_FALSE;
-}
-
-/* validate cert nickname such that there is a one-to-one relation
- * between nicknames and dn's.  we want to enforce the case that the
- * nickname is non-NULL and that there is only one nickname per DN.
- * 
- * if there is a problem with a nickname or the nickname is not present, 
- * the user will be prompted for it.
- */
-static void
-sec_pkcs12_validate_cert_nickname(sec_PKCS12SafeBag *cert,
-				sec_PKCS12SafeBag *key,
-				SEC_PKCS12NicknameCollisionCallback nicknameCb,
-				void *wincx)
-{
-    SECItem *certNickname, *existingDNNick;
-    PRBool setNickname = PR_FALSE, cancel = PR_FALSE;
-    SECItem *newNickname = NULL;
-
-    if(!cert || !cert->hasKey) {
-	return;
-    }
-
-    if(!nicknameCb) {
-	cert->problem = PR_TRUE;
-	cert->error = SEC_ERROR_NO_MEMORY;
-	return;
-    }
-
-    if(cert->hasKey && !key) {
-	cert->problem = PR_TRUE;
-	cert->error = SEC_ERROR_NO_MEMORY;
-	return;
-    }
-
-    certNickname = sec_pkcs12_get_nickname_for_cert(cert, key, wincx);
-    existingDNNick = sec_pkcs12_get_existing_nick_for_dn(cert, wincx);
-
-    /* nickname is already used w/ this dn, so it is safe to return */
-    if(certNickname && existingDNNick &&
-		SECITEM_CompareItem(certNickname, existingDNNick) == SECEqual) {
-	goto loser;
-    }
-
-    /* nickname not set in pkcs 12 bags, but a nick is already used for
-     * this dn.  set the nicks in the p12 bags and finish.
-     */
-    if(existingDNNick) {
-	if(sec_pkcs12_set_nickname_for_cert(cert, key, existingDNNick, wincx)
-			!= SECSuccess) {
-	    cert->problem = PR_TRUE;
-	    cert->error = SEC_ERROR_NO_MEMORY;
-	}
-	goto loser;
-    }
-
-    /* at this point, we have a certificate for which the DN is not located
-     * on the token.  the nickname specified may or may not be NULL.  if it
-     * is not null, we need to make sure that there are no other certificates
-     * with this nickname in the token for it to be valid.  this imposes a 
-     * one to one relationship between DN and nickname.  
-     *
-     * if the nickname is null, we need the user to enter a nickname for
-     * the certificate.
-     *
-     * once we have a nickname, we make sure that the nickname is unique
-     * for the DN.  if it is not, the user is reprompted to enter a new 
-     * nickname.  
-     *
-     * in order to exit this loop, the nickname entered is either unique
-     * or the user hits cancel and the certificate is not imported.
-     */
-    setNickname = PR_FALSE;
-    while(1) {
-	if(certNickname && certNickname->data) {
-	    /* we will use the nickname so long as no other certs have the
-	     * same nickname.  and the nickname is not NULL.
-	     */		
-	    if(!sec_pkcs12_certs_for_nickname_exist(certNickname, cert->slot)) {
-		if(setNickname) {
-		    if(sec_pkcs12_set_nickname_for_cert(cert, key, certNickname,
-					wincx) != SECSuccess) {
-			cert->problem = PR_TRUE;
-			cert->error = SEC_ERROR_NO_MEMORY;
-		    }
-		}
-		goto loser;
-	    }
-	}
-
-	setNickname = PR_FALSE;
-	newNickname = (*nicknameCb)(certNickname, &cancel, wincx);
-	if(cancel) {
-	    cert->problem = PR_TRUE;
-	    cert->error = SEC_ERROR_USER_CANCELLED;
-	    goto loser;
-	}
-
-	if(!newNickname) {
-	    cert->problem = PR_TRUE;
-	    cert->error = SEC_ERROR_NO_MEMORY;
-	    goto loser;
-	}
-
-	/* at this point we have a new nickname, if we have an existing
-	 * certNickname, we need to free it and assign the new nickname
-	 * to it to avoid a memory leak.  happy?
-	 */
-	if(certNickname) {
-	    SECITEM_ZfreeItem(certNickname, PR_TRUE);
-	    certNickname = NULL;
-	}
-
-	certNickname = newNickname;
-	setNickname = PR_TRUE;
-	/* go back and recheck the new nickname */
-    }
-
-loser:
-    if(certNickname) {
-	SECITEM_ZfreeItem(certNickname, PR_TRUE);
-    }
-
-    if(existingDNNick) {
-	SECITEM_ZfreeItem(existingDNNick, PR_TRUE);
-    }
-}
-
-static void 
-sec_pkcs12_validate_cert(sec_PKCS12SafeBag *cert,
-			 sec_PKCS12SafeBag *key,
-			 SEC_PKCS12NicknameCollisionCallback nicknameCb,
-			 void *wincx)
-{
-    CERTCertificate *leafCert, *testCert;
-
-    if(!cert) {
-	return;
-    }
-    
-    cert->validated = PR_TRUE;
-
-    if(!nicknameCb) {
-	cert->problem = PR_TRUE;
-	cert->error = SEC_ERROR_NO_MEMORY;
-	cert->noInstall = PR_TRUE;
-	return;
-    }
-
-    if(!cert->safeBagContent.certBag) {
-	cert->noInstall = PR_TRUE;
-	cert->problem = PR_TRUE;
-	cert->error = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
-	return;
-    }
-
-    cert->noInstall = PR_FALSE;
-    cert->unused = PR_FALSE;
-    cert->problem = PR_FALSE;
-    cert->error = 0;
-
-    leafCert = CERT_DecodeDERCertificate(
-	 &cert->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
-    if(!leafCert) {
-	cert->noInstall = PR_TRUE;
-	cert->problem = PR_TRUE;
-	cert->error = SEC_ERROR_NO_MEMORY;
-	return;
-    }
-
-    CERT_DestroyCertificate(leafCert);
-
-    sec_pkcs12_validate_cert_nickname(cert, key, nicknameCb, wincx);
-}
-
-static void
-sec_pkcs12_validate_key_by_cert(sec_PKCS12SafeBag *cert, sec_PKCS12SafeBag *key,
-				void *wincx)
-{
-    CERTCertificate *leafCert;
-    SECKEYPrivateKey *privk;
-
-    if(!key) {
-	return;
-    }
-
-    key->validated = PR_TRUE;
-
-    if(!cert) {
-	key->problem = PR_TRUE;
-	key->noInstall = PR_TRUE;
-	key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
-	return;
-    }
-
-    leafCert = CERT_DecodeDERCertificate(
-	&(cert->safeBagContent.certBag->value.x509Cert), PR_FALSE, NULL);
-    if(!leafCert) {
-	key->problem = PR_TRUE;
-	key->noInstall = PR_TRUE;
-	key->error = SEC_ERROR_NO_MEMORY;
-	return;
-    }
-
-    privk = PK11_FindPrivateKeyFromCert(key->slot, leafCert, wincx);
-    if(!privk) {
-	privk = PK11_FindKeyByDERCert(key->slot, leafCert, wincx);
-    }
- 
-    if(privk) {
-	SECKEY_DestroyPrivateKey(privk);
-	key->noInstall = PR_TRUE;
-    } 
-
-    CERT_DestroyCertificate(leafCert);
-}
-
-static SECStatus
-sec_pkcs12_add_cert(sec_PKCS12SafeBag *cert, PRBool keyExists, void *wincx)
-{
-    SECItem *derCert, *nickName;
-    char *nickData = NULL;
-    SECStatus rv;
-
-    if(!cert) {
-	return SECFailure;
-    }
-
-    if(cert->problem || cert->noInstall || cert->installed) {
-	return SECSuccess;
-    }
-
-    derCert = &cert->safeBagContent.certBag->value.x509Cert;
-
-    PORT_Assert(!cert->problem && !cert->noInstall);
-
-    nickName = sec_pkcs12_get_nickname(cert);
-    if(nickName) {
-	nickData = (char *)nickName->data;
-    }
-
-    if(keyExists) {
-	CERTCertificate *newCert;
-
-	newCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
-	                                  derCert, NULL, PR_FALSE, PR_FALSE);
-	if(!newCert) {
-	     if(nickName) SECITEM_ZfreeItem(nickName, PR_TRUE);
-	     cert->error = SEC_ERROR_NO_MEMORY;
-	     cert->problem = PR_TRUE;
-	     return SECFailure;
-	}
-
-	rv = PK11_ImportCertForKeyToSlot(cert->slot, newCert, nickData, 
-					 PR_TRUE, wincx);
-	CERT_DestroyCertificate(newCert);
-    } else {
-	SECItem *certList[2];
-	certList[0] = derCert;
-	certList[1] = NULL;
-	rv = CERT_ImportCerts(CERT_GetDefaultCertDB(), certUsageUserCertImport,
-			      1, certList, NULL, PR_TRUE, PR_FALSE, nickData);
-    }
-
-    cert->installed = PR_TRUE;
-    if(nickName) SECITEM_ZfreeItem(nickName, PR_TRUE);
-    return rv;
-}
-
-static SECStatus
-sec_pkcs12_add_key(sec_PKCS12SafeBag *key, SECItem *publicValue, 
-			KeyType keyType, unsigned int keyUsage, void *wincx)
-{
-    SECStatus rv;
-    SECItem *nickName;
-
-    if(!key) {
-	return SECFailure;
-    }
-
-    if(key->problem || key->noInstall) {
-	return SECSuccess;
-    }
-
-    nickName = sec_pkcs12_get_nickname(key);
-
-    switch(SECOID_FindOIDTag(&key->safeBagType))
-    {
-	case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-	    rv = PK11_ImportPrivateKeyInfo(key->slot, 
-			  key->safeBagContent.pkcs8KeyBag, 
-			  nickName, publicValue, PR_TRUE, PR_TRUE,
-			  keyUsage,  wincx);
-	    break;
-	case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-	    rv = PK11_ImportEncryptedPrivateKeyInfo(key->slot,
-					key->safeBagContent.pkcs8ShroudedKeyBag,
-					key->pwitem, nickName, publicValue, 
-					PR_TRUE, PR_TRUE, keyType, keyUsage,
-					wincx);
-	    break;
-	default:
-	    key->error = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
-	    key->problem = PR_TRUE;
-	    if(nickName) {
-		SECITEM_ZfreeItem(nickName, PR_TRUE);
-	    }
-	    return SECFailure;
-    }
-
-    key->installed = PR_TRUE;
-
-    if(nickName) {
-	SECITEM_ZfreeItem(nickName, PR_TRUE);
-    }
-					
-    if(rv != SECSuccess) {
-	key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
-	key->problem = PR_TRUE;
-    } else {
-	key->installed = PR_TRUE;
-    }
-
-    return rv;
-}
-
-static SECStatus
-sec_pkcs12_add_item_to_bag_list(sec_PKCS12SafeBag ***bagList, 
-				sec_PKCS12SafeBag *bag)
-{
-    int i = 0;
-
-    if(!bagList || !bag) {
-	return SECFailure;
-    }
-
-    if(!(*bagList)) {
-	(*bagList) = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(bag->arena, 
-				      sizeof(sec_PKCS12SafeBag *) * 2);
-    } else {
-	while((*bagList)[i]) i++;
-	(*bagList) = (sec_PKCS12SafeBag **)PORT_ArenaGrow(bag->arena, *bagList,
-				sizeof(sec_PKCS12SafeBag *) * (i + 1),
-				sizeof(sec_PKCS12SafeBag *) * (i + 2));
-    }
-
-    if(!(*bagList)) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    (*bagList)[i] = bag;
-    (*bagList)[i+1] = NULL;
-
-    return SECSuccess;
-}
-
-static sec_PKCS12SafeBag **
-sec_pkcs12_find_certs_for_key(sec_PKCS12SafeBag **safeBags, sec_PKCS12SafeBag *key ) 
-{
-    sec_PKCS12SafeBag **certList = NULL;
-    SECItem *keyId;
-    int i;
-
-    if(!safeBags || !safeBags[0]) {
-	return NULL;
-    }
-
-    keyId = sec_pkcs12_get_attribute_value(key, SEC_OID_PKCS9_LOCAL_KEY_ID);
-    if(!keyId) {
-	return NULL;
-    }
-
-    i = 0;
-    certList = NULL;
-    while(safeBags[i]) {
-	if(SECOID_FindOIDTag(&(safeBags[i]->safeBagType)) 
-				== SEC_OID_PKCS12_V1_CERT_BAG_ID) {
-	    SECItem *certKeyId = sec_pkcs12_get_attribute_value(safeBags[i],
-						SEC_OID_PKCS9_LOCAL_KEY_ID);
-
-	    if(certKeyId && (SECITEM_CompareItem(certKeyId, keyId) 
-				== SECEqual)) {
-		if(sec_pkcs12_add_item_to_bag_list(&certList, safeBags[i])
-				!= SECSuccess) {
-		    return NULL;
-		}
-	    }
-	}
-	i++;
-    }
-
-    return certList;
-}
-
-CERTCertList *
-SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx)
-{
-    CERTCertList *certList = NULL;
-    sec_PKCS12SafeBag **safeBags = p12dcx->safeBags;
-    int i;
-
-    if (!p12dcx || !p12dcx->safeBags || !p12dcx->safeBags[0]) {
-	return NULL;
-    }
-
-    safeBags = p12dcx->safeBags;
-    i = 0;
-    certList = CERT_NewCertList();
-
-    if (certList == NULL) {
-	 return NULL;
-    }
-
-    while(safeBags[i]) {
-	if (SECOID_FindOIDTag(&(safeBags[i]->safeBagType)) 
-				== SEC_OID_PKCS12_V1_CERT_BAG_ID) {
-		SECItem *derCert = sec_pkcs12_get_der_cert(safeBags[i]) ;
-		CERTCertificate *tempCert = NULL;
-
-		if (derCert == NULL) continue;
-    		tempCert=CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
-		                                 derCert, NULL, 
-		                                 PR_FALSE, PR_TRUE);
-
-		if (tempCert) {
-		    CERT_AddCertToListTail(certList,tempCert);
-		}
-		SECITEM_FreeItem(derCert,PR_TRUE);
-	}
-	i++;
-    }
-
-    return certList;
-}
-static sec_PKCS12SafeBag **
-sec_pkcs12_get_key_bags(sec_PKCS12SafeBag **safeBags)
-{
-    int i;
-    sec_PKCS12SafeBag **keyList = NULL;
-    SECOidTag bagType;
-
-    if(!safeBags || !safeBags[0]) {
-	return NULL;
-    }
-
-    i = 0;
-    while(safeBags[i]) {
-	bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
-	switch(bagType) {
-	    case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-	    case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-		if(sec_pkcs12_add_item_to_bag_list(&keyList, safeBags[i])
-				!= SECSuccess) {
-		    return NULL;
-		}
-		break;
-	    default:
-		break;
-	}
-	i++;
-    }
-
-    return keyList;
-}
-
-static SECStatus 
-sec_pkcs12_validate_bags(sec_PKCS12SafeBag **safeBags, 
-			 SEC_PKCS12NicknameCollisionCallback nicknameCb,
-			 void *wincx)
-{
-    sec_PKCS12SafeBag **keyList;
-    int i;
-
-    if(!safeBags || !nicknameCb) {
-	return SECFailure;
-    }
-
-    if(!safeBags[0]) {
-	return SECSuccess;
-    }
-
-    keyList = sec_pkcs12_get_key_bags(safeBags);
-    if(keyList) {
-	i = 0;
-
-	while(keyList[i]) {
-	    sec_PKCS12SafeBag **certList = sec_pkcs12_find_certs_for_key(
-							safeBags, keyList[i]);
-	    if(certList) {
-		int j = 0;
-
-		if(SECOID_FindOIDTag(&(keyList[i]->safeBagType)) == 
-					SEC_OID_PKCS12_V1_KEY_BAG_ID) {
-		    /* if it is an unencrypted private key then make sure
-		     * the attributes are propageted to the appropriate 
-		     * level 
-		     */
-		    if(sec_pkcs12_get_key_info(keyList[i]) != SECSuccess) {
-			keyList[i]->problem = PR_TRUE;
-			keyList[i]->error = SEC_ERROR_NO_MEMORY;
-			return SECFailure;
-		     }
-		}
-	
-		sec_pkcs12_validate_key_by_cert(certList[0], keyList[i], wincx);
-		while(certList[j]) {
-		    certList[j]->hasKey = PR_TRUE;
-		    if(keyList[i]->problem) {
-			certList[j]->problem = PR_TRUE;
-			certList[j]->error = keyList[i]->error;
-		    } else {
-			sec_pkcs12_validate_cert(certList[j], keyList[i],
-						 nicknameCb, wincx);
-			if(certList[j]->problem) {
-			    keyList[i]->problem = certList[j]->problem;
-			    keyList[i]->error = certList[j]->error;
-			}
-		    }
-		    j++;
-		}
-	    }
-
-	    i++;
-	}
-    }
-
-    i = 0;
-    while(safeBags[i]) {
-	if(!safeBags[i]->validated) {
-	    SECOidTag bagType = SECOID_FindOIDTag(&safeBags[i]->safeBagType);
-
-	    switch(bagType) {
-		case SEC_OID_PKCS12_V1_CERT_BAG_ID:
-		    sec_pkcs12_validate_cert(safeBags[i], NULL, nicknameCb, 
-					     wincx);
-		    break;
-		case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-		case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-		    safeBags[i]->noInstall = PR_TRUE;
-		    safeBags[i]->problem = PR_TRUE;	
-		    safeBags[i]->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
-		    break;
-		default:
-		    safeBags[i]->noInstall = PR_TRUE;
-	    }
-	}
-	i++;
-    }
-
-    return SECSuccess;
-}
-
-SECStatus
-SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
-			      SEC_PKCS12NicknameCollisionCallback nicknameCb)
-{
-    SECStatus rv;
-    int i, noInstallCnt, probCnt, bagCnt, errorVal = 0;
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    rv = sec_pkcs12_validate_bags(p12dcx->safeBags, nicknameCb, p12dcx->wincx);
-    if(rv == SECSuccess) {
-	p12dcx->bagsVerified = PR_TRUE;
-    }
-
-    noInstallCnt = probCnt = bagCnt = 0;
-    i = 0;
-    while(p12dcx->safeBags[i]) {
-	bagCnt++;
-	if(p12dcx->safeBags[i]->noInstall) noInstallCnt++;
-	if(p12dcx->safeBags[i]->problem) {
-	    probCnt++;
-	    errorVal = p12dcx->safeBags[i]->error;
-	}
-	i++;
-    }
-
-    if(bagCnt == noInstallCnt) {
-	PORT_SetError(SEC_ERROR_PKCS12_DUPLICATE_DATA);
-	return SECFailure;
-    }
-
-    if(probCnt) {
-	PORT_SetError(errorVal);
-	return SECFailure;
-    }
-
-    return rv;
-}
-
-static SECItem *
-sec_pkcs12_get_public_value_and_type(sec_PKCS12SafeBag *certBag,
-					KeyType *type, unsigned int *usage)
-{
-    SECKEYPublicKey *pubKey = NULL;
-    CERTCertificate *cert = NULL;
-    SECItem *pubValue;
-
-    *type = nullKey;
-    *usage = 0;
-
-    if(!certBag) {
-	return NULL;
-    }
-
-    cert = CERT_DecodeDERCertificate(
-	 &certBag->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
-    if(!cert) {
-	return NULL;
-    }
-
-    *usage = cert->keyUsage;
-    pubKey = CERT_ExtractPublicKey(cert);
-    CERT_DestroyCertificate(cert);
-    if(!pubKey) {
-	return NULL;
-    }
-
-    *type = pubKey->keyType;
-    switch(pubKey->keyType) {
-	case dsaKey:
-	    pubValue = SECITEM_DupItem(&pubKey->u.dsa.publicValue);
-	    break;
-	case dhKey:
-	    pubValue = SECITEM_DupItem(&pubKey->u.dh.publicValue);
-	    break;
-	case rsaKey:
-	    pubValue = SECITEM_DupItem(&pubKey->u.rsa.modulus);
-	    break;
-	default:
-	    pubValue = NULL;
-    }
-
-    SECKEY_DestroyPublicKey(pubKey);
-
-    return pubValue;
-}
-
-static SECStatus 
-sec_pkcs12_install_bags(sec_PKCS12SafeBag **safeBags, 
-			void *wincx)
-{
-    sec_PKCS12SafeBag **keyList, **certList;
-    int i;
-
-    if(!safeBags) {
-	return SECFailure;
-    }
-
-    if(!safeBags[0]) {
-	return SECSuccess;
-    }
-
-    keyList = sec_pkcs12_get_key_bags(safeBags);
-    if(keyList) {
-	i = 0;
-
-	while(keyList[i]) {
-	    SECStatus rv;
-	    SECItem *publicValue = NULL;
-	    KeyType keyType;
-	    unsigned int keyUsage;
-
-	    if(keyList[i]->problem) {
-		goto next_key_bag;
-	    }
-
-	    certList = sec_pkcs12_find_certs_for_key(safeBags,
-						     keyList[i]);
-	    if(certList) {
-		publicValue = sec_pkcs12_get_public_value_and_type(certList[0],
-							&keyType, &keyUsage);
-	    }
-	    rv = sec_pkcs12_add_key(keyList[i], publicValue, keyType, keyUsage,
-									wincx);
-	    if(publicValue) {
-		SECITEM_FreeItem(publicValue, PR_TRUE);
-	    }
-	    if(rv != SECSuccess) {
-		PORT_SetError(keyList[i]->error);
-		return SECFailure;
-	    }
-
-	    if(certList) {
-		int j = 0;
-
-		while(certList[j]) {
-		    SECStatus certRv;
-
-		    if(rv != SECSuccess) {
-			certList[j]->problem = keyList[i]->problem;
-			certList[j]->error = keyList[i]->error;	
-			certList[j]->noInstall = PR_TRUE;
-			goto next_cert_bag;
-		    }
-
-		    certRv = sec_pkcs12_add_cert(certList[j], 
-						 certList[j]->hasKey, wincx);
-		    if(certRv != SECSuccess) {
-			keyList[i]->problem = certList[j]->problem;
-			keyList[i]->error = certList[j]->error;
-			PORT_SetError(certList[j]->error);
-			return SECFailure;
-		    }
-next_cert_bag:
-		    j++;
-		}
-	    }
-
-next_key_bag:
-	    i++;
-	}
-    }
-
-    i = 0;
-    while(safeBags[i]) {
-	if(!safeBags[i]->installed) {
-	    SECStatus rv;
-	    SECOidTag bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
-
-	    switch(bagType) {
-		case SEC_OID_PKCS12_V1_CERT_BAG_ID:
-		    rv = sec_pkcs12_add_cert(safeBags[i], safeBags[i]->hasKey,
-					     wincx);
-		    if(rv != SECSuccess) {
-			PORT_SetError(safeBags[i]->error);
-			return SECFailure;
-		    }
-		    break;
-		case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-		case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-		default:
-		    break;
-	    }
-	}
-	i++;
-    }
-
-    return SECSuccess;
-}
-
-SECStatus
-SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx)
-{
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    if(!p12dcx->bagsVerified) {
-	return SECFailure;
-    }
-
-    return sec_pkcs12_install_bags(p12dcx->safeBags, p12dcx->wincx);
-}
-
-static SECStatus
-sec_pkcs12_decoder_append_bag_to_context(SEC_PKCS12DecoderContext *p12dcx,
-					 sec_PKCS12SafeBag *bag)
-{
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    if(!p12dcx->safeBagCount) {
-	p12dcx->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(p12dcx->arena, 
-					    sizeof(sec_PKCS12SafeBag *) * 2);
-    } else {
-	p12dcx->safeBags = 
-	  (sec_PKCS12SafeBag **)PORT_ArenaGrow(p12dcx->arena, p12dcx->safeBags,
-		     (p12dcx->safeBagCount + 1) * sizeof(sec_PKCS12SafeBag *),
-		     (p12dcx->safeBagCount + 2) * sizeof(sec_PKCS12SafeBag *));
-    }
-
-    if(!p12dcx->safeBags) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    p12dcx->safeBags[p12dcx->safeBagCount] = bag;
-    p12dcx->safeBags[p12dcx->safeBagCount+1] = NULL;
-    p12dcx->safeBagCount++;
-
-    return SECSuccess;
-}
-
-static sec_PKCS12SafeBag *
-sec_pkcs12_decoder_convert_old_key(SEC_PKCS12DecoderContext *p12dcx,
-				   void *key, PRBool isEspvk)
-{
-    sec_PKCS12SafeBag *keyBag;
-    SECOidData *oid;
-    SECOidTag keyTag;
-    SECItem *keyID, *nickName, *newNickName;
-
-    if(!p12dcx || p12dcx->error || !key) {
-	return NULL;
-    }
-
-    newNickName =(SECItem *)PORT_ArenaZAlloc(p12dcx->arena, sizeof(SECItem));
-    keyBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12dcx->arena, 
-						   sizeof(sec_PKCS12SafeBag));
-    if(!keyBag || !newNickName) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    keyBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
-    keyBag->slot = p12dcx->slot;
-    keyBag->arena = p12dcx->arena;
-    keyBag->pwitem = p12dcx->pwitem;
-    keyBag->oldBagType = PR_TRUE;
-
-    keyTag = (isEspvk) ? SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID :
-			 SEC_OID_PKCS12_V1_KEY_BAG_ID;
-    oid = SECOID_FindOIDByTag(keyTag);
-    if(!oid) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    if(SECITEM_CopyItem(p12dcx->arena, &keyBag->safeBagType, &oid->oid) 
-			!= SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    if(isEspvk) {
-	SEC_PKCS12ESPVKItem *espvk = (SEC_PKCS12ESPVKItem *)key;
-	keyBag->safeBagContent.pkcs8ShroudedKeyBag  = 
-					espvk->espvkCipherText.pkcs8KeyShroud;
-	nickName = &(espvk->espvkData.uniNickName); 
-	if(!espvk->espvkData.assocCerts || !espvk->espvkData.assocCerts[0]) {
-	    PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
-	    return NULL;
-	}
-	keyID = &espvk->espvkData.assocCerts[0]->digest;
-    } else {
-	SEC_PKCS12PrivateKey *pk = (SEC_PKCS12PrivateKey *)key;
-	keyBag->safeBagContent.pkcs8KeyBag = &pk->pkcs8data;
-	nickName= &(pk->pvkData.uniNickName);
-	if(!pk->pvkData.assocCerts || !pk->pvkData.assocCerts[0]) {
-	    PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
-	    return NULL;
-	}
-	keyID = &pk->pvkData.assocCerts[0]->digest;
-    }
-
-    if(nickName->len) {
-	if(nickName->len >= 2) {
-	    if(nickName->data[0] && nickName->data[1]) {
-		if(!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName, 
-					nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
-		    PORT_SetError(SEC_ERROR_NO_MEMORY);
-		    return NULL;
-		}
-		nickName = newNickName;
-	    } else if(nickName->data[0] && !nickName->data[1]) {
-		unsigned int j = 0;
-		unsigned char t;
-		for(j = 0; j < nickName->len; j+=2) {
-		    t = nickName->data[j+1];
-		    nickName->data[j+1] = nickName->data[j];
-		    nickName->data[j] = t;
-		}
-	    }
-	} else {
-	    if(!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName, 
-					nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		return NULL;
-	    }
-	    nickName = newNickName;
-	}
-    }
-
-    if(sec_pkcs12_decoder_set_attribute_value(keyBag,
-					      SEC_OID_PKCS9_FRIENDLY_NAME,
-					      nickName) != SECSuccess) {
-	return NULL;
-    }
-	
-    if(sec_pkcs12_decoder_set_attribute_value(keyBag,SEC_OID_PKCS9_LOCAL_KEY_ID,
-					keyID) != SECSuccess) {
-	return NULL;
-    }
-
-    return keyBag;
-}
-
-static sec_PKCS12SafeBag *
-sec_pkcs12_decoder_create_cert(SEC_PKCS12DecoderContext *p12dcx,
-			       SECItem *derCert)
-{
-    sec_PKCS12SafeBag *certBag;
-    SECOidData *oid;
-    SGNDigestInfo *digest;
-    SECItem *keyId;
-    SECStatus rv;
-
-    if(!p12dcx || p12dcx->error || !derCert) {
-	return NULL;
-    }
-
-    keyId = (SECItem *)PORT_ArenaZAlloc(p12dcx->arena, sizeof(SECItem));
-    if(!keyId) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    digest = sec_pkcs12_compute_thumbprint(derCert);
-    if(!digest) {
-	return NULL;
-    }
-
-    rv = SECITEM_CopyItem(p12dcx->arena, keyId, &digest->digest);
-    SGN_DestroyDigestInfo(digest);
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    oid = SECOID_FindOIDByTag(SEC_OID_PKCS12_V1_CERT_BAG_ID);
-    certBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12dcx->arena, 
-						    sizeof(sec_PKCS12SafeBag));
-    if(!certBag || !oid || (SECITEM_CopyItem(p12dcx->arena, 
-			&certBag->safeBagType, &oid->oid) != SECSuccess)) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    certBag->slot = p12dcx->slot;
-    certBag->pwitem = p12dcx->pwitem;
-    certBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
-    certBag->arena = p12dcx->arena;
-
-    oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_X509_CERT);
-    certBag->safeBagContent.certBag = 
-        (sec_PKCS12CertBag *)PORT_ArenaZAlloc(p12dcx->arena, 
-					      sizeof(sec_PKCS12CertBag));
-    if(!certBag->safeBagContent.certBag || !oid ||
-			(SECITEM_CopyItem(p12dcx->arena, 
-				 &certBag->safeBagContent.certBag->bagID,
-				 &oid->oid) != SECSuccess)) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-      
-    if(SECITEM_CopyItem(p12dcx->arena, 
-			 &(certBag->safeBagContent.certBag->value.x509Cert),
-			 derCert) != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    if(sec_pkcs12_decoder_set_attribute_value(certBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
-					keyId) != SECSuccess) {
-	return NULL;
-    }
-
-    return certBag;
-}
-
-static sec_PKCS12SafeBag **
-sec_pkcs12_decoder_convert_old_cert(SEC_PKCS12DecoderContext *p12dcx,
-				    SEC_PKCS12CertAndCRL *oldCert)
-{
-    sec_PKCS12SafeBag **certList;
-    SECItem **derCertList;
-    int i, j;
-
-    if(!p12dcx || p12dcx->error || !oldCert) {
-	return NULL;
-    }
-
-    derCertList = SEC_PKCS7GetCertificateList(&oldCert->value.x509->certOrCRL);
-    if(!derCertList) {
-	return NULL;
-    }
-
-    i = 0;
-    while(derCertList[i]) i++;
-
-    certList = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(p12dcx->arena, 
-				(i + 1) * sizeof(sec_PKCS12SafeBag *));
-    if(!certList) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    for(j = 0; j < i; j++) {
-	certList[j] = sec_pkcs12_decoder_create_cert(p12dcx, derCertList[j]);
-	if(!certList[j]) {
-	    return NULL;
-	}
-    }
-
-    return certList;
-}   
-
-static SECStatus
-sec_pkcs12_decoder_convert_old_key_and_certs(SEC_PKCS12DecoderContext *p12dcx,
-					     void *oldKey, PRBool isEspvk,
-					     SEC_PKCS12SafeContents *safe,
-					     SEC_PKCS12Baggage *baggage)
-{
-    sec_PKCS12SafeBag *key, **certList;
-    SEC_PKCS12CertAndCRL *oldCert;
-    SEC_PKCS12PVKSupportingData *pvkData;
-    int i;
-    SECItem *keyName;
-
-    if(!p12dcx || !oldKey) {
-	return SECFailure;
-    }
-
-    if(isEspvk) {
-	pvkData = &((SEC_PKCS12ESPVKItem *)(oldKey))->espvkData;
-    } else {
-	pvkData = &((SEC_PKCS12PrivateKey *)(oldKey))->pvkData;
-    }
-
-    if(!pvkData->assocCerts || !pvkData->assocCerts[0]) {
-	PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
-	return SECFailure;
-    }
-
-    oldCert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage, 
-				     SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID, NULL,
-				     pvkData->assocCerts[0]);
-    if(!oldCert) {
-	PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
-	return SECFailure;
-    }
-	
-    key = sec_pkcs12_decoder_convert_old_key(p12dcx,oldKey, isEspvk);
-    certList = sec_pkcs12_decoder_convert_old_cert(p12dcx, oldCert);
-    if(!key || !certList) {
-	return SECFailure;
-    }
-
-    if(sec_pkcs12_decoder_append_bag_to_context(p12dcx, key) != SECSuccess) {
-	return SECFailure;
-    }
-
-    keyName = sec_pkcs12_get_nickname(key);
-    if(!keyName) {
-	return SECFailure;
-    }
-
-    i = 0;
-    while(certList[i]) {
-	if(sec_pkcs12_decoder_append_bag_to_context(p12dcx, certList[i]) 
-				!= SECSuccess) {
-	    return SECFailure;
-	}
-	i++;
-    }
-
-    certList = sec_pkcs12_find_certs_for_key(p12dcx->safeBags, key);
-    if(!certList) {
-	return SECFailure;
-    }
-
-    i = 0;
-    while(certList[i] != 0) {
-	if(sec_pkcs12_set_nickname(certList[i], keyName) != SECSuccess) {
-	    return SECFailure;
-	}
-	i++;
-    }
-				
-    return SECSuccess;
-}
-	
-static SECStatus
-sec_pkcs12_decoder_convert_old_safe_to_bags(SEC_PKCS12DecoderContext *p12dcx,
-					    SEC_PKCS12SafeContents *safe,
-					    SEC_PKCS12Baggage *baggage)
-{
-    SECStatus rv;
-
-    if(!p12dcx || p12dcx->error) {
-	return SECFailure;
-    }
-
-    if(safe && safe->contents) {
-	int i = 0;
-	while(safe->contents[i] != NULL) {
-	    if(SECOID_FindOIDTag(&safe->contents[i]->safeBagType) 
-				== SEC_OID_PKCS12_KEY_BAG_ID) {
-		int j = 0;
-		SEC_PKCS12PrivateKeyBag *privBag = 
-					safe->contents[i]->safeContent.keyBag;
-		
-		while(privBag->privateKeys[j] != NULL) {
-		    SEC_PKCS12PrivateKey *pk = privBag->privateKeys[j];
-		    rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx,pk,
-						PR_FALSE, safe, baggage);
-		    if(rv != SECSuccess) {
-			goto loser;
-		    }
-		    j++;
-		}
-	    }
-	    i++;
-	}
-    }
-
-    if(baggage && baggage->bags) {
-	int i = 0;
-	while(baggage->bags[i] != NULL) {
-	    SEC_PKCS12BaggageItem *bag = baggage->bags[i];
-	    int j = 0;
-
-	    if(!bag->espvks) {
-		i++;
-		continue;
-	    }
-
-	    while(bag->espvks[j] != NULL) {
-		SEC_PKCS12ESPVKItem *espvk = bag->espvks[j];
-		rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx, espvk,
-							PR_TRUE, safe, baggage);
-		if(rv != SECSuccess) {
-		    goto loser;
-		}
-		j++;
-	    }
-	    i++;
-	}
-    }
-
-    return SECSuccess;
-
-loser:
-    return SECFailure;
-}
-
-SEC_PKCS12DecoderContext *
-sec_PKCS12ConvertOldSafeToNew(PRArenaPool *arena, PK11SlotInfo *slot, 
-			      PRBool swapUnicode, SECItem *pwitem,
-			      void *wincx, SEC_PKCS12SafeContents *safe,
-			      SEC_PKCS12Baggage *baggage)
-{
-    SEC_PKCS12DecoderContext *p12dcx;
-
-    if(!arena || !slot || !pwitem) {
-	return NULL;
-    }
-
-    if(!safe && !baggage) {
-	return NULL;
-    }
-
-    p12dcx = (SEC_PKCS12DecoderContext *)PORT_ArenaZAlloc(arena, 
-					    sizeof(SEC_PKCS12DecoderContext));
-    if(!p12dcx) {
-	return NULL;
-    }
-
-    p12dcx->arena = arena;
-    p12dcx->slot = PK11_ReferenceSlot(slot);
-    p12dcx->wincx = wincx;
-    p12dcx->error = PR_FALSE;
-    p12dcx->swapUnicodeBytes = swapUnicode; 
-    p12dcx->pwitem = pwitem;
-    
-    if(sec_pkcs12_decoder_convert_old_safe_to_bags(p12dcx, safe, baggage) 
-				!= SECSuccess) {
-	p12dcx->error = PR_TRUE;
-	return NULL;
-    }
-
-    return p12dcx;
-}
diff --git a/security/nss/lib/pkcs12/p12dec.c b/security/nss/lib/pkcs12/p12dec.c
deleted file mode 100644
index abce05885..000000000
--- a/security/nss/lib/pkcs12/p12dec.c
+++ /dev/null
@@ -1,693 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs12.h"
-#include "plarena.h"
-#include "secpkcs7.h"
-#include "p12local.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secport.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secerr.h"
-#include "cert.h"
-#include "certdb.h"
-#include "p12plcy.h"
-#include "p12.h" 
-#include "secpkcs5.h" 
-
-/* PFX extraction and validation routines */
-
-/* decode the DER encoded PFX item.  if unable to decode, check to see if it
- * is an older PFX item.  If that fails, assume the file was not a valid
- * pfx file.
- * the returned pfx structure should be destroyed using SEC_PKCS12DestroyPFX
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_decode_pfx(SECItem *der_pfx)
-{
-    SEC_PKCS12PFXItem *pfx;
-    SECStatus rv;
-
-    if(der_pfx == NULL) {
-	return NULL;
-    }
-
-    /* allocate the space for a new PFX item */
-    pfx = sec_pkcs12_new_pfx();
-    if(pfx == NULL) {
-	return NULL;
-    }
-
-    rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate, 
-    			    der_pfx);
-
-    /* if a failure occurred, check for older version...
-     * we also get rid of the old pfx structure, because we don't
-     * know where it failed and what data in may contain
-     */
-    if(rv != SECSuccess) {
-	SEC_PKCS12DestroyPFX(pfx);
-	pfx = sec_pkcs12_new_pfx();
-	if(pfx == NULL) {
-	    return NULL;
-	}
-	rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate_OLD, 
-				der_pfx);
-	if(rv != SECSuccess) {
-	    PORT_SetError(SEC_ERROR_PKCS12_DECODING_PFX);
-	    PORT_FreeArena(pfx->poolp, PR_TRUE);
-	    return NULL;
-	}
-	pfx->old = PR_TRUE;
-	SGN_CopyDigestInfo(pfx->poolp, &pfx->macData.safeMac, &pfx->old_safeMac);
-	SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, &pfx->old_macSalt);
-    } else {
-	pfx->old = PR_FALSE;
-    }
-
-    /* convert bit string from bits to bytes */
-    pfx->macData.macSalt.len /= 8;
-
-    return pfx;
-}
-
-/* validate the integrity MAC used in the PFX.  The MAC is generated
- * per the PKCS 12 document.  If the MAC is incorrect, it is most likely
- * due to an invalid password.
- * pwitem is the integrity password
- * pfx is the decoded pfx item
- */
-static PRBool 
-sec_pkcs12_check_pfx_mac(SEC_PKCS12PFXItem *pfx,
-			 SECItem *pwitem)
-{
-    SECItem *key = NULL, *mac = NULL, *data = NULL;
-    SECItem *vpwd = NULL;
-    SECOidTag algorithm;
-    PRBool ret = PR_FALSE;
-
-    if(pfx == NULL) {
-	return PR_FALSE;
-    }
-
-    algorithm = SECOID_GetAlgorithmTag(&pfx->macData.safeMac.digestAlgorithm);
-    switch(algorithm) {
-	/* only SHA1 hashing supported as a MACing algorithm */
-	case SEC_OID_SHA1:
-	    if(pfx->old == PR_FALSE) {
-		pfx->swapUnicode = PR_FALSE;
-	    }
-
-recheckUnicodePassword:
-	    vpwd = sec_pkcs12_create_virtual_password(pwitem, 
-	    					&pfx->macData.macSalt, 
-						pfx->swapUnicode);
-	    if(vpwd == NULL) {
-		return PR_FALSE;
-	    }
-
-	    key = sec_pkcs12_generate_key_from_password(algorithm,
-						&pfx->macData.macSalt, 
-						(pfx->old ? pwitem : vpwd));
-	    /* free vpwd only for newer PFX */
-	    if(vpwd) {
-		SECITEM_ZfreeItem(vpwd, PR_TRUE);
-	    }
-	    if(key == NULL) {
-		return PR_FALSE;
-	    }
-
-	    data = SEC_PKCS7GetContent(&pfx->authSafe);
-	    if(data == NULL) {
-		break;
-	    }
-
-	    /* check MAC */
-	    mac = sec_pkcs12_generate_mac(key, data, pfx->old);
-	    ret = PR_TRUE;
-	    if(mac) {
-		SECItem *safeMac = &pfx->macData.safeMac.digest;
-		if(SECITEM_CompareItem(mac, safeMac) != SECEqual) {
-
-		    /* if we encounter an invalid mac, lets invert the
-		     * password in case of unicode changes 
-		     */
-		    if(((!pfx->old) && pfx->swapUnicode) || (pfx->old)){
-			PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
-			ret = PR_FALSE;
-		    } else {
-			SECITEM_ZfreeItem(mac, PR_TRUE);
-			pfx->swapUnicode = PR_TRUE;
-			goto recheckUnicodePassword;
-		    }
-		} 
-		SECITEM_ZfreeItem(mac, PR_TRUE);
-	    } else {
-		ret = PR_FALSE;
-	    }
-	    break;
-	default:
-	    PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM);
-	    ret = PR_FALSE;
-	    break;
-    }
-
-    /* let success fall through */
-    if(key != NULL)
-	SECITEM_ZfreeItem(key, PR_TRUE);
-
-    return ret;
-}
-
-/* check the validity of the pfx structure.  we currently only support
- * password integrity mode, so we check the MAC.
- */
-static PRBool 
-sec_pkcs12_validate_pfx(SEC_PKCS12PFXItem *pfx, 
-			SECItem *pwitem)
-{
-    SECOidTag contentType;
-
-    contentType = SEC_PKCS7ContentType(&pfx->authSafe);
-    switch(contentType)
-    {
-	case SEC_OID_PKCS7_DATA:
-	    return sec_pkcs12_check_pfx_mac(pfx, pwitem);
-	    break;
-	case SEC_OID_PKCS7_SIGNED_DATA:
-	default:
-	    PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
-	    break;
-    }
-
-    return PR_FALSE;
-}
-
-/* decode and return the valid PFX.  if the PFX item is not valid,
- * NULL is returned.
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_get_pfx(SECItem *pfx_data, 
-		   SECItem *pwitem)
-{
-    SEC_PKCS12PFXItem *pfx;
-    PRBool valid_pfx;
-
-    if((pfx_data == NULL) || (pwitem == NULL)) {
-	return NULL;
-    }
-
-    pfx = sec_pkcs12_decode_pfx(pfx_data);
-    if(pfx == NULL) {
-	return NULL;
-    }
-
-    valid_pfx = sec_pkcs12_validate_pfx(pfx, pwitem);
-    if(valid_pfx != PR_TRUE) {
-	SEC_PKCS12DestroyPFX(pfx);
-	pfx = NULL;
-    }
-
-    return pfx;
-}
-
-/* authenticated safe decoding, validation, and access routines
- */
-
-/* convert dogbert beta 3 authenticated safe structure to a post
- * beta three structure, so that we don't have to change more routines.
- */
-static SECStatus
-sec_pkcs12_convert_old_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
-    SEC_PKCS12Baggage *baggage;
-    SEC_PKCS12BaggageItem *bag;
-    SECStatus rv = SECSuccess;
-
-    if(asafe->old_baggage.espvks == NULL) {
-	/* XXX should the ASN1 engine produce a single NULL element list
-	 * rather than setting the pointer to NULL?  
-	 * There is no need to return an error -- assume that the list
-	 * was empty.
-	 */
-	return SECSuccess;
-    }
-
-    baggage = sec_pkcs12_create_baggage(asafe->poolp);
-    if(!baggage) {
-	return SECFailure;
-    }
-    bag = sec_pkcs12_create_external_bag(baggage);
-    if(!bag) {
-	return SECFailure;
-    }
-
-    PORT_Memcpy(&asafe->baggage, baggage, sizeof(SEC_PKCS12Baggage));
-
-    /* if there are shrouded keys, append them to the bag */
-    rv = SECSuccess;
-    if(asafe->old_baggage.espvks[0] != NULL) {
-	int nEspvk = 0;
-	rv = SECSuccess;
-	while((asafe->old_baggage.espvks[nEspvk] != NULL) && 
-		(rv == SECSuccess)) {
-	    rv = sec_pkcs12_append_shrouded_key(bag, 
-	    				asafe->old_baggage.espvks[nEspvk]);
-	    nEspvk++;
-	}
-    }
-
-    return rv;
-}    
-
-/* decodes the authenticated safe item.  a return of NULL indicates
- * an error.  however, the error will have occured either in memory
- * allocation or in decoding the authenticated safe.
- *
- * if an old PFX item has been found, we want to convert the
- * old authenticated safe to the new one.
- */
-static SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_decode_authenticated_safe(SEC_PKCS12PFXItem *pfx) 
-{
-    SECItem *der_asafe = NULL;
-    SEC_PKCS12AuthenticatedSafe *asafe = NULL;
-    SECStatus rv;
-
-    if(pfx == NULL) {
-	return NULL;
-    }
-
-    der_asafe = SEC_PKCS7GetContent(&pfx->authSafe);
-    if(der_asafe == NULL) {
-	/* XXX set error ? */
-	goto loser;
-    }
-
-    asafe = sec_pkcs12_new_asafe(pfx->poolp);
-    if(asafe == NULL) {
-	goto loser;
-    }
-
-    if(pfx->old == PR_FALSE) {
-	rv = SEC_ASN1DecodeItem(pfx->poolp, asafe, 
-			 	SEC_PKCS12AuthenticatedSafeTemplate, 
-			 	der_asafe);
-	asafe->old = PR_FALSE;
-	asafe->swapUnicode = pfx->swapUnicode;
-    } else {
-	/* handle beta exported files */
-	rv = SEC_ASN1DecodeItem(pfx->poolp, asafe, 
-				SEC_PKCS12AuthenticatedSafeTemplate_OLD,
-				der_asafe);
-	asafe->safe = &(asafe->old_safe);
-	rv = sec_pkcs12_convert_old_auth_safe(asafe);
-	asafe->old = PR_TRUE;
-    }
-
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    asafe->poolp = pfx->poolp;
-    
-    return asafe;
-
-loser:
-    return NULL;
-}
-
-/* validates the safe within the authenticated safe item.  
- * in order to be valid:
- *  1.  the privacy salt must be present
- *  2.  the encryption algorithm must be supported (including
- *	export policy)
- * PR_FALSE indicates an error, PR_TRUE indicates a valid safe
- */
-static PRBool 
-sec_pkcs12_validate_encrypted_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
-    PRBool valid = PR_FALSE;
-    SECAlgorithmID *algid;
-
-    if(asafe == NULL) {
-	return PR_FALSE;
-    }
-
-    /* if mode is password privacy, then privacySalt is assumed
-     * to be non-zero.
-     */
-    if(asafe->privacySalt.len != 0) {
-	valid = PR_TRUE;
-	asafe->privacySalt.len /= 8;
-    } else {
-	PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
-	return PR_FALSE;
-    }
-
-    /* until spec changes, content will have between 2 and 8 bytes depending
-     * upon the algorithm used if certs are unencrypted...
-     * also want to support case where content is empty -- which we produce 
-     */ 
-    if(SEC_PKCS7IsContentEmpty(asafe->safe, 8) == PR_TRUE) {
-	asafe->emptySafe = PR_TRUE;
-	return PR_TRUE;
-    }
-
-    asafe->emptySafe = PR_FALSE;
-
-    /* make sure that a pbe algorithm is being used */
-    algid = SEC_PKCS7GetEncryptionAlgorithm(asafe->safe);
-    if(algid != NULL) {
-	if(SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
-	    valid = SEC_PKCS12DecryptionAllowed(algid);
-
-	    if(valid == PR_FALSE) {
-		PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
-	    }
-	} else {
-	    PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
-	    valid = PR_FALSE;
-	}
-    } else {
-	valid = PR_FALSE;
-	PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
-    }
-
-    return valid;
-}
-
-/* validates authenticates safe:
- *  1.  checks that the version is supported
- *  2.  checks that only password privacy mode is used (currently)
- *  3.  further, makes sure safe has appropriate policies per above function
- * PR_FALSE indicates failure.
- */
-static PRBool 
-sec_pkcs12_validate_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
-    PRBool valid = PR_TRUE;
-    SECOidTag safe_type;
-    int version;
-
-    if(asafe == NULL) {
-	return PR_FALSE;
-    }
-
-    /* check version, since it is default it may not be present.
-     * therefore, assume ok
-     */
-    if((asafe->version.len > 0) && (asafe->old == PR_FALSE)) {
-	version = DER_GetInteger(&asafe->version);
-	if(version > SEC_PKCS12_PFX_VERSION) {
-	    PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION);
-	    return PR_FALSE;
-	}
-    }
-
-    /* validate password mode is being used */
-    safe_type = SEC_PKCS7ContentType(asafe->safe);
-    switch(safe_type)
-    {
-	case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    valid = sec_pkcs12_validate_encrypted_safe(asafe);
-	    break;
-	case SEC_OID_PKCS7_ENVELOPED_DATA:
-	default:
-	    PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
-	    valid = PR_FALSE;
-	    break;
-    }
-
-    return valid;
-}
-
-/* retrieves the authenticated safe item from the PFX item
- *  before returning the authenticated safe, the validity of the
- *  authenticated safe is checked and if valid, returned.
- * a return of NULL indicates that an error occured.
- */
-static SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_get_auth_safe(SEC_PKCS12PFXItem *pfx)
-{
-    SEC_PKCS12AuthenticatedSafe *asafe;
-    PRBool valid_safe;
-
-    if(pfx == NULL) {
-	return NULL;
-    }
-
-    asafe = sec_pkcs12_decode_authenticated_safe(pfx);
-    if(asafe == NULL) {
-	return NULL;
-    }
-
-    valid_safe = sec_pkcs12_validate_auth_safe(asafe);
-    if(valid_safe != PR_TRUE) {
-	asafe = NULL;
-    } else if(asafe) {
-	asafe->baggage.poolp = asafe->poolp;
-    }
-
-    return asafe;
-}
-
-/* decrypts the authenticated safe.
- * a return of anything but SECSuccess indicates an error.  the
- * password is not known to be valid until the call to the 
- * function sec_pkcs12_get_safe_contents.  If decoding the safe
- * fails, it is assumed the password was incorrect and the error
- * is set then.  any failure here is assumed to be due to 
- * internal problems in SEC_PKCS7DecryptContents or below.
- */
-static SECStatus
-sec_pkcs12_decrypt_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe, 
-			     SECItem *pwitem,
-			     void *wincx)
-{
-    SECStatus rv = SECFailure;
-    SECItem *vpwd = NULL;
-
-    if((asafe == NULL) || (pwitem == NULL)) {
-	return SECFailure;
-    }
-
-    if(asafe->old == PR_FALSE) {
-	vpwd = sec_pkcs12_create_virtual_password(pwitem, &asafe->privacySalt,
-						 asafe->swapUnicode);
-	if(vpwd == NULL) {
-	    return SECFailure;
-	}
-    }
-
-    rv = SEC_PKCS7DecryptContents(asafe->poolp, asafe->safe, 
-    				  (asafe->old ? pwitem : vpwd), wincx);
-
-    if(asafe->old == PR_FALSE) {
-	SECITEM_ZfreeItem(vpwd, PR_TRUE);
-    }
-
-    return rv;
-}
-
-/* extract the safe from the authenticated safe.
- *  if we are unable to decode the safe, then it is likely that the 
- *  safe has not been decrypted or the password used to decrypt
- *  the safe was invalid.  we assume that the password was invalid and
- *  set an error accordingly.
- * a return of NULL indicates that an error occurred.
- */
-static SEC_PKCS12SafeContents *
-sec_pkcs12_get_safe_contents(SEC_PKCS12AuthenticatedSafe *asafe)
-{
-    SECItem *src = NULL;
-    SEC_PKCS12SafeContents *safe = NULL;
-    SECStatus rv = SECFailure;
-
-    if(asafe == NULL) {
-	return NULL;
-    }
-
-    safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(asafe->poolp, 
-	    					sizeof(SEC_PKCS12SafeContents));
-    if(safe == NULL) {
-	return NULL;
-    }
-    safe->poolp = asafe->poolp;
-    safe->old = asafe->old;
-    safe->swapUnicode = asafe->swapUnicode;
-
-    src = SEC_PKCS7GetContent(asafe->safe);
-    if(src != NULL) {
-	const SEC_ASN1Template *theTemplate;
-	if(asafe->old != PR_TRUE) {
-	    theTemplate = SEC_PKCS12SafeContentsTemplate;
-	} else {
-	    theTemplate = SEC_PKCS12SafeContentsTemplate_OLD;
-	}
-
-	rv = SEC_ASN1DecodeItem(asafe->poolp, safe, theTemplate, src);
-
-	/* if we could not decode the item, password was probably invalid */
-	if(rv != SECSuccess) {
-	    safe = NULL;
-	    PORT_SetError(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT);
-	}
-    } else {
-	PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
-	rv = SECFailure;
-    }
-
-    return safe;
-}
-
-/* import PFX item 
- * der_pfx is the der encoded pfx structure
- * pbef and pbearg are the integrity/encryption password call back
- * ncCall is the nickname collision calllback
- * slot is the destination token
- * wincx window handler
- *
- * on error, error code set and SECFailure returned 
- */
-SECStatus
-SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
-		 SEC_PKCS12NicknameCollisionCallback ncCall,
-		 PK11SlotInfo *slot,
-		 void *wincx)
-{
-    SEC_PKCS12PFXItem *pfx;
-    SEC_PKCS12AuthenticatedSafe *asafe;
-    SEC_PKCS12SafeContents *safe_contents = NULL;
-    SECStatus rv;
-
-    if(!der_pfx || !pwitem || !slot) {
-	return SECFailure;
-    }
-
-    /* decode and validate each section */
-    rv = SECFailure;
-
-    pfx = sec_pkcs12_get_pfx(der_pfx, pwitem);
-    if(pfx != NULL) {
-	asafe = sec_pkcs12_get_auth_safe(pfx);
-	if(asafe != NULL) {
-
-	    /* decrypt safe -- only if not empty */
-	    if(asafe->emptySafe != PR_TRUE) {
-		rv = sec_pkcs12_decrypt_auth_safe(asafe, pwitem, wincx);
-		if(rv == SECSuccess) {
-		    safe_contents = sec_pkcs12_get_safe_contents(asafe);
-		    if(safe_contents == NULL) {
-			rv = SECFailure;
-		    }
-		}
-	    } else {
-		safe_contents = sec_pkcs12_create_safe_contents(asafe->poolp);
-		safe_contents->swapUnicode = pfx->swapUnicode;
-		if(safe_contents == NULL) {
-		    rv = SECFailure;
-		} else {
-		    rv = SECSuccess;
-		}
-	    }
-
-	    /* get safe contents and begin import */
-	    if(rv == SECSuccess) {
-		SEC_PKCS12DecoderContext *p12dcx;
-
-		p12dcx = sec_PKCS12ConvertOldSafeToNew(pfx->poolp, slot,
-					pfx->swapUnicode,
-					pwitem, wincx, safe_contents,
-					&asafe->baggage);
-		if(!p12dcx) {
-		    rv = SECFailure;
-		    goto loser;
-		}
-
-		if(SEC_PKCS12DecoderValidateBags(p12dcx, ncCall) 
-				!= SECSuccess) {
-		    rv = SECFailure;
-		    goto loser;
-		}
-
-		rv = SEC_PKCS12DecoderImportBags(p12dcx);
-	    }
-
-	}
-    }
-
-loser:
-
-    if(pfx) {
-	SEC_PKCS12DestroyPFX(pfx);
-    }
-
-    return rv;
-}
-
-PRBool 
-SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength)
-{
-    int lengthLength;
-
-    PRBool valid = PR_FALSE;
-
-    if(buf == NULL) {
-	return PR_FALSE;
-    }
-
-    /* check for constructed sequence identifier tag */
-    if(*buf == (SEC_ASN1_CONSTRUCTED | SEC_ASN1_SEQUENCE)) {
-	totalLength--;   /* header byte taken care of */
-	buf++;
-
-	lengthLength = (long int)SEC_ASN1LengthLength(totalLength - 1);
-	if(totalLength > 0x7f) {
-	    lengthLength--;
-	    *buf &= 0x7f;  /* remove bit 8 indicator */
-	    if((*buf - (char)lengthLength) == 0) {
-		valid = PR_TRUE;
-	    }
-	} else {
-	    lengthLength--;
-	    if((*buf - (char)lengthLength) == 0) {
-		valid = PR_TRUE;
-	    }
-	}
-    }
-
-    return valid;
-}
diff --git a/security/nss/lib/pkcs12/p12e.c b/security/nss/lib/pkcs12/p12e.c
deleted file mode 100644
index 1b86a49ac..000000000
--- a/security/nss/lib/pkcs12/p12e.c
+++ /dev/null
@@ -1,2294 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "p12t.h"
-#include "p12.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12plcy.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "prcpucfg.h"
-
-/*********************************
- * Structures used in exporting the PKCS 12 blob
- *********************************/
-
-/* A SafeInfo is used for each ContentInfo which makes up the
- * sequence of safes in the AuthenticatedSafe portion of the
- * PFX structure.
- */
-struct SEC_PKCS12SafeInfoStr {
-    PRArenaPool *arena;
-
-    /* information for setting up password encryption */
-    SECItem pwitem;
-    SECOidTag algorithm;
-    PK11SymKey *encryptionKey;
-
-    /* how many items have been stored in this safe,
-     * we will skip any safe which does not contain any
-     * items
-      */
-    unsigned int itemCount;
-
-    /* the content info for the safe */
-    SEC_PKCS7ContentInfo *cinfo;
-
-    sec_PKCS12SafeContents *safe;
-};
-
-/* An opaque structure which contains information needed for exporting
- * certificates and keys through PKCS 12.
- */
-struct SEC_PKCS12ExportContextStr {
-    PRArenaPool *arena;
-    PK11SlotInfo *slot;
-    void *wincx;
-
-    /* integrity information */
-    PRBool integrityEnabled;
-    PRBool	pwdIntegrity;
-    union {
-	struct sec_PKCS12PasswordModeInfo pwdInfo;
-	struct sec_PKCS12PublicKeyModeInfo pubkeyInfo;
-    } integrityInfo; 
-
-    /* helper functions */
-    /* retrieve the password call back */
-    SECKEYGetPasswordKey pwfn;
-    void *pwfnarg;
-
-    /* safe contents bags */
-    SEC_PKCS12SafeInfo **safeInfos;
-    unsigned int safeInfoCount;
-
-    /* the sequence of safes */
-    sec_PKCS12AuthenticatedSafe authSafe;
-
-    /* information needing deletion */
-    CERTCertificate **certList;
-};
-
-/* structures for passing information to encoder callbacks when processing
- * data through the ASN1 engine.
- */
-struct sec_pkcs12_encoder_output {
-    SEC_PKCS12EncoderOutputCallback outputfn;
-    void *outputarg;
-};
-
-struct sec_pkcs12_hmac_and_output_info {
-    void *arg;
-    struct sec_pkcs12_encoder_output output;
-};
-
-/* An encoder context which is used for the actual encoding
- * portion of PKCS 12. 
- */
-typedef struct sec_PKCS12EncoderContextStr {
-    PRArenaPool *arena;
-    SEC_PKCS12ExportContext *p12exp;
-    PK11SymKey *encryptionKey;
-
-    /* encoder information - this is set up based on whether 
-     * password based or public key pased privacy is being used
-     */
-    SEC_ASN1EncoderContext *ecx;
-    union {
-	struct sec_pkcs12_hmac_and_output_info hmacAndOutputInfo;
-	struct sec_pkcs12_encoder_output encOutput;
-    } output;
-
-    /* structures for encoding of PFX and MAC */
-    sec_PKCS12PFXItem pfx;
-    sec_PKCS12MacData mac;
-
-    /* authenticated safe encoding tracking information */
-    SEC_PKCS7ContentInfo *aSafeCinfo;
-    SEC_PKCS7EncoderContext *aSafeP7Ecx;
-    SEC_ASN1EncoderContext *aSafeEcx;
-    unsigned int currentSafe;
-
-    /* hmac context */
-    PK11Context *hmacCx;
-} sec_PKCS12EncoderContext;
-
-
-/*********************************
- * Export setup routines
- *********************************/
-
-/* SEC_PKCS12CreateExportContext 
- *   Creates an export context and sets the unicode and password retrieval
- *   callbacks.  This is the first call which must be made when exporting
- *   a PKCS 12 blob.
- *
- * pwfn, pwfnarg - password retrieval callback and argument.  these are
- * 		   required for password-authentication mode.
- */
-SEC_PKCS12ExportContext *
-SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,  
-			      PK11SlotInfo *slot, void *wincx)
-{
-    PRArenaPool *arena = NULL;
-    SEC_PKCS12ExportContext *p12ctxt = NULL;
-
-    /* allocate the arena and create the context */
-    arena = PORT_NewArena(4096);
-    if(!arena) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    p12ctxt = (SEC_PKCS12ExportContext *)PORT_ArenaZAlloc(arena, 
-					sizeof(SEC_PKCS12ExportContext));
-    if(!p12ctxt) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* password callback for key retrieval */
-    p12ctxt->pwfn = pwfn;
-    p12ctxt->pwfnarg = pwfnarg;
-
-    p12ctxt->integrityEnabled = PR_FALSE;
-    p12ctxt->arena = arena;
-    p12ctxt->wincx = wincx;
-    p12ctxt->slot = (slot) ? PK11_ReferenceSlot(slot) : PK11_GetInternalSlot();
-
-    return p12ctxt;
-
-loser:
-    if(arena) {
-	PORT_FreeArena(arena, PR_TRUE);
-    }
-
-    return NULL;
-}
-
-/* 
- * Adding integrity mode
- */
-
-/* SEC_PKCS12AddPasswordIntegrity 
- *	Add password integrity to the exported data.  If an integrity method
- *	has already been set, then return an error.
- *	
- *	p12ctxt - the export context
- * 	pwitem - the password for integrity mode
- *	integAlg - the integrity algorithm to use for authentication.
- */
-SECStatus
-SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
-			       SECItem *pwitem, SECOidTag integAlg) 
-{			       
-    if(!p12ctxt || p12ctxt->integrityEnabled) {
-	return SECFailure;
-    }
-   
-    /* set up integrity information */
-    p12ctxt->pwdIntegrity = PR_TRUE;
-    p12ctxt->integrityInfo.pwdInfo.password = 
-        (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
-    if(!p12ctxt->integrityInfo.pwdInfo.password) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    if(SECITEM_CopyItem(p12ctxt->arena, 
-			p12ctxt->integrityInfo.pwdInfo.password, pwitem)
-		!= SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    p12ctxt->integrityInfo.pwdInfo.algorithm = integAlg;
-    p12ctxt->integrityEnabled = PR_TRUE;
-
-    return SECSuccess;
-}
-
-/* SEC_PKCS12AddPublicKeyIntegrity
- *	Add public key integrity to the exported data.  If an integrity method
- *	has already been set, then return an error.  The certificate must be
- *	allowed to be used as a signing cert.
- *	
- *	p12ctxt - the export context
- *	cert - signer certificate
- *	certDb - the certificate database
- *	algorithm - signing algorithm
- *	keySize - size of the signing key (?)
- */
-SECStatus
-SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
-				CERTCertificate *cert, CERTCertDBHandle *certDb,
-				SECOidTag algorithm, int keySize)
-{
-    if(!p12ctxt) {
-	return SECFailure;
-    }
-    
-    p12ctxt->integrityInfo.pubkeyInfo.cert = cert;
-    p12ctxt->integrityInfo.pubkeyInfo.certDb = certDb;
-    p12ctxt->integrityInfo.pubkeyInfo.algorithm = algorithm;
-    p12ctxt->integrityInfo.pubkeyInfo.keySize = keySize;
-    p12ctxt->integrityEnabled = PR_TRUE;
-
-    return SECSuccess;
-}
-
-
-/*
- * Adding safes - encrypted (password/public key) or unencrypted
- *	Each of the safe creation routines return an opaque pointer which
- *	are later passed into the routines for exporting certificates and
- *	keys.
- */
-
-/* append the newly created safeInfo to list of safeInfos in the export
- * context.  
- */
-static SECStatus
-sec_pkcs12_append_safe_info(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *info)
-{
-    void *mark = NULL, *dummy1 = NULL, *dummy2 = NULL;
-
-    if(!p12ctxt || !info) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    /* if no safeInfos have been set, create the list, otherwise expand it. */
-    if(!p12ctxt->safeInfoCount) {
-	p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)PORT_ArenaZAlloc(p12ctxt->arena, 
-					      2 * sizeof(SEC_PKCS12SafeInfo *));
-	dummy1 = p12ctxt->safeInfos;
-	p12ctxt->authSafe.encodedSafes = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena, 
-					2 * sizeof(SECItem *));
-	dummy2 = p12ctxt->authSafe.encodedSafes;
-    } else {
-	dummy1 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->safeInfos, 
-			       (p12ctxt->safeInfoCount + 1) * sizeof(SEC_PKCS12SafeInfo *),
-			       (p12ctxt->safeInfoCount + 2) * sizeof(SEC_PKCS12SafeInfo *));
-	p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)dummy1;
-	dummy2 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->authSafe.encodedSafes, 
-			       (p12ctxt->authSafe.safeCount + 1) * sizeof(SECItem *),
-			       (p12ctxt->authSafe.safeCount + 2) * sizeof(SECItem *));
-	p12ctxt->authSafe.encodedSafes = (SECItem**)dummy2;
-    }
-    if(!dummy1 || !dummy2) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* append the new safeInfo and null terminate the list */
-    p12ctxt->safeInfos[p12ctxt->safeInfoCount] = info;
-    p12ctxt->safeInfos[++p12ctxt->safeInfoCount] = NULL;
-    p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount] = 
-        (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
-    if(!p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount]) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    p12ctxt->authSafe.encodedSafes[++p12ctxt->authSafe.safeCount] = NULL;
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    return SECFailure;
-}
-
-/* SEC_PKCS12CreatePasswordPrivSafe
- *	Create a password privacy safe to store exported information in.
- *
- * 	p12ctxt - export context
- *	pwitem - password for encryption
- *	privAlg - pbe algorithm through which encryption is done.
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt, 
-				 SECItem *pwitem, SECOidTag privAlg)
-{
-    SEC_PKCS12SafeInfo *safeInfo = NULL;
-    void *mark = NULL;
-    PK11SlotInfo *slot = NULL;
-    SECAlgorithmID *algId;
-    SECItem uniPwitem = {siBuffer, NULL, 0};
-
-    if(!p12ctxt) {
-	return NULL;
-    }
-
-    /* allocate the safe info */
-    mark = PORT_ArenaMark(p12ctxt->arena);
-    safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena, 
-    						sizeof(SEC_PKCS12SafeInfo));
-    if(!safeInfo) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	return NULL;
-    }
-
-    safeInfo->itemCount = 0;
-
-    /* create the encrypted safe */
-    safeInfo->cinfo = SEC_PKCS7CreateEncryptedData(privAlg, 0, p12ctxt->pwfn, 
-    						   p12ctxt->pwfnarg);
-    if(!safeInfo->cinfo) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    safeInfo->arena = p12ctxt->arena;
-
-    /* convert the password to unicode */ 
-    if(!sec_pkcs12_convert_item_to_unicode(NULL, &uniPwitem, pwitem,
-					       PR_TRUE, PR_TRUE, PR_TRUE)) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    if(SECITEM_CopyItem(p12ctxt->arena, &safeInfo->pwitem, &uniPwitem) != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* generate the encryption key */
-    slot = PK11_ReferenceSlot(p12ctxt->slot);
-    if(!slot) {
-	slot = PK11_GetInternalKeySlot();
-	if(!slot) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-    }
-
-    algId = SEC_PKCS7GetEncryptionAlgorithm(safeInfo->cinfo);
-    safeInfo->encryptionKey = PK11_PBEKeyGen(slot, algId, &uniPwitem, 
-					     PR_FALSE, p12ctxt->wincx);
-    if(!safeInfo->encryptionKey) {
-	goto loser;
-    }
-
-    safeInfo->arena = p12ctxt->arena;
-    safeInfo->safe = NULL;
-    if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
-	goto loser;
-    }
-
-    if(uniPwitem.data) {
-	SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
-    }
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    return safeInfo;
-
-loser:
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if(safeInfo->cinfo) {
-	SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
-    }
-
-    if(uniPwitem.data) {
-	SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
-    }
-
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    return NULL;
-}
-
-/* SEC_PKCS12CreateUnencryptedSafe 
- *	Creates an unencrypted safe within the export context.
- *
- *	p12ctxt - the export context 
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt)
-{
-    SEC_PKCS12SafeInfo *safeInfo = NULL;
-    void *mark = NULL;
-
-    if(!p12ctxt) {
-	return NULL;
-    }
-
-    /* create the safe info */
-    mark = PORT_ArenaMark(p12ctxt->arena);
-    safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena, 
-    					      sizeof(SEC_PKCS12SafeInfo));
-    if(!safeInfo) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    safeInfo->itemCount = 0;
-
-    /* create the safe content */
-    safeInfo->cinfo = SEC_PKCS7CreateData();
-    if(!safeInfo->cinfo) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return safeInfo;
-
-loser:
-    if(safeInfo->cinfo) {
-	SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
-    }
-
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    return NULL;
-}
-
-/* SEC_PKCS12CreatePubKeyEncryptedSafe
- *	Creates a safe which is protected by public key encryption.  
- *
- *	p12ctxt - the export context
- *	certDb - the certificate database
- *	signer - the signer's certificate
- *	recipients - the list of recipient certificates.
- *	algorithm - the encryption algorithm to use
- *	keysize - the algorithms key size (?)
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
-				    CERTCertDBHandle *certDb,
-				    CERTCertificate *signer,
-				    CERTCertificate **recipients,
-				    SECOidTag algorithm, int keysize) 
-{
-    SEC_PKCS12SafeInfo *safeInfo = NULL;
-    void *mark = NULL;
-
-    if(!p12ctxt || !signer || !recipients || !(*recipients)) {
-	return NULL;
-    }
-
-    /* allocate the safeInfo */
-    mark = PORT_ArenaMark(p12ctxt->arena);
-    safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena, 
-    						      sizeof(SEC_PKCS12SafeInfo));
-    if(!safeInfo) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    safeInfo->itemCount = 0;
-    safeInfo->arena = p12ctxt->arena;
-
-    /* create the enveloped content info using certUsageEmailSigner currently.
-     * XXX We need to eventually use something other than certUsageEmailSigner
-     */
-    safeInfo->cinfo = SEC_PKCS7CreateEnvelopedData(signer, certUsageEmailSigner,
-					certDb, algorithm, keysize, 
-					p12ctxt->pwfn, p12ctxt->pwfnarg);
-    if(!safeInfo->cinfo) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* add recipients */
-    if(recipients) {
-	unsigned int i = 0;
-	while(recipients[i] != NULL) {
-	    SECStatus rv = SEC_PKCS7AddRecipient(safeInfo->cinfo, recipients[i],
-					       certUsageEmailRecipient, certDb);
-	    if(rv != SECSuccess) {
-		goto loser;
-	    }
-	    i++;
-	}
-    }
-
-    if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return safeInfo;
-
-loser:
-    if(safeInfo->cinfo) {
-	SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
-	safeInfo->cinfo = NULL;
-    }
-
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    return NULL;
-} 
-
-/*********************************
- * Routines to handle the exporting of the keys and certificates
- *********************************/
-
-/* creates a safe contents which safeBags will be appended to */
-sec_PKCS12SafeContents *
-sec_PKCS12CreateSafeContents(PRArenaPool *arena)
-{
-    sec_PKCS12SafeContents *safeContents;
-
-    if(arena == NULL) {
-	return NULL; 
-    }
-
-    /* create the safe contents */
-    safeContents = (sec_PKCS12SafeContents *)PORT_ArenaZAlloc(arena,
-					    sizeof(sec_PKCS12SafeContents));
-    if(!safeContents) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* set up the internal contents info */
-    safeContents->safeBags = NULL;
-    safeContents->arena = arena;
-    safeContents->bagCount = 0;
-
-    return safeContents;
-
-loser:
-    return NULL;
-}   
-
-/* appends a safe bag to a safeContents using the specified arena. 
- */
-SECStatus
-sec_pkcs12_append_bag_to_safe_contents(PRArenaPool *arena, 
-				       sec_PKCS12SafeContents *safeContents,
-				       sec_PKCS12SafeBag *safeBag)
-{
-    void *mark = NULL, *dummy = NULL;
-
-    if(!arena || !safeBag || !safeContents) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(arena);
-    if(!mark) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    /* allocate space for the list, or reallocate to increase space */
-    if(!safeContents->safeBags) {
-	safeContents->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(arena, 
-						(2 * sizeof(sec_PKCS12SafeBag *)));
-	dummy = safeContents->safeBags;
-	safeContents->bagCount = 0;
-    } else {
-	dummy = PORT_ArenaGrow(arena, safeContents->safeBags, 
-			(safeContents->bagCount + 1) * sizeof(sec_PKCS12SafeBag *),
-			(safeContents->bagCount + 2) * sizeof(sec_PKCS12SafeBag *));
-	safeContents->safeBags = (sec_PKCS12SafeBag **)dummy;
-    }
-
-    if(!dummy) {
-	PORT_ArenaRelease(arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    /* append the bag at the end and null terminate the list */
-    safeContents->safeBags[safeContents->bagCount++] = safeBag;
-    safeContents->safeBags[safeContents->bagCount] = NULL;
-
-    PORT_ArenaUnmark(arena, mark);
-
-    return SECSuccess;
-}
-
-/* appends a safeBag to a specific safeInfo.
- */
-SECStatus
-sec_pkcs12_append_bag(SEC_PKCS12ExportContext *p12ctxt, 
-		      SEC_PKCS12SafeInfo *safeInfo, sec_PKCS12SafeBag *safeBag)
-{
-    sec_PKCS12SafeContents *dest;
-    SECStatus rv = SECFailure;
-
-    if(!p12ctxt || !safeBag || !safeInfo) {
-	return SECFailure;
-    }
-
-    if(!safeInfo->safe) {
-	safeInfo->safe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
-	if(!safeInfo->safe) {
-	    return SECFailure;
-	}
-    }
-
-    dest = safeInfo->safe;
-    rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, dest, safeBag);
-    if(rv == SECSuccess) {
-	safeInfo->itemCount++;
-    }
-    
-    return rv;
-} 
-
-/* Creates a safeBag of the specified type, and if bagData is specified,
- * the contents are set.  The contents could be set later by the calling
- * routine.
- */
-sec_PKCS12SafeBag *
-sec_PKCS12CreateSafeBag(SEC_PKCS12ExportContext *p12ctxt, SECOidTag bagType, 
-			void *bagData)
-{
-    sec_PKCS12SafeBag *safeBag;
-    PRBool setName = PR_TRUE;
-    void *mark = NULL;
-    SECStatus rv = SECSuccess;
-    SECOidData *oidData = NULL;
-
-    if(!p12ctxt) {
-	return NULL;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-    if(!mark) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    safeBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12ctxt->arena, 
-    						    sizeof(sec_PKCS12SafeBag));
-    if(!safeBag) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    /* set the bags content based upon bag type */
-    switch(bagType) {
-	case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-	    safeBag->safeBagContent.pkcs8KeyBag =
-	        (SECKEYPrivateKeyInfo *)bagData;
-	    break;
-	case SEC_OID_PKCS12_V1_CERT_BAG_ID:
-	    safeBag->safeBagContent.certBag = (sec_PKCS12CertBag *)bagData;
-	    break;
-	case SEC_OID_PKCS12_V1_CRL_BAG_ID:
-	    safeBag->safeBagContent.crlBag = (sec_PKCS12CRLBag *)bagData;
-	    break;
-	case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
-	    safeBag->safeBagContent.secretBag = (sec_PKCS12SecretBag *)bagData;
-	    break;
-	case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-	    safeBag->safeBagContent.pkcs8ShroudedKeyBag = 
-	        (SECKEYEncryptedPrivateKeyInfo *)bagData;
-	    break;
-	case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
-	    safeBag->safeBagContent.safeContents = 
-	        (sec_PKCS12SafeContents *)bagData;
-	    setName = PR_FALSE;
-	    break;
-	default:
-	    goto loser;
-    }
-
-    oidData = SECOID_FindOIDByTag(bagType);
-    if(oidData) {
-	rv = SECITEM_CopyItem(p12ctxt->arena, &safeBag->safeBagType, &oidData->oid);
-	if(rv != SECSuccess) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-    } else {
-	goto loser;
-    }
-    
-    safeBag->arena = p12ctxt->arena;
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-
-    return safeBag;
-
-loser:
-    if(mark) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-    }
-
-    return NULL;
-}
-
-/* Creates a new certificate bag and returns a pointer to it.  If an error
- * occurs NULL is returned.
- */
-sec_PKCS12CertBag *
-sec_PKCS12NewCertBag(PRArenaPool *arena, SECOidTag certType)
-{
-    sec_PKCS12CertBag *certBag = NULL;
-    SECOidData *bagType = NULL;
-    SECStatus rv;
-    void *mark = NULL;
-
-    if(!arena) {
-	return NULL;
-    }
-
-    mark = PORT_ArenaMark(arena);
-    certBag = (sec_PKCS12CertBag *)PORT_ArenaZAlloc(arena, 
-    						    sizeof(sec_PKCS12CertBag));
-    if(!certBag) {
-	PORT_ArenaRelease(arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    bagType = SECOID_FindOIDByTag(certType);
-    if(!bagType) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    rv = SECITEM_CopyItem(arena, &certBag->bagID, &bagType->oid);
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-	
-    PORT_ArenaUnmark(arena, mark);
-    return certBag;
-
-loser:
-    PORT_ArenaRelease(arena, mark);
-    return NULL;
-}
-
-/* Creates a new CRL bag and returns a pointer to it.  If an error
- * occurs NULL is returned.
- */
-sec_PKCS12CRLBag *
-sec_PKCS12NewCRLBag(PRArenaPool *arena, SECOidTag crlType)
-{
-    sec_PKCS12CRLBag *crlBag = NULL;
-    SECOidData *bagType = NULL;
-    SECStatus rv;
-    void *mark = NULL;
-
-    if(!arena) {
-	return NULL;
-    }
-
-    mark = PORT_ArenaMark(arena);
-    crlBag = (sec_PKCS12CRLBag *)PORT_ArenaZAlloc(arena, 
-    						  sizeof(sec_PKCS12CRLBag));
-    if(!crlBag) {
-	PORT_ArenaRelease(arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    bagType = SECOID_FindOIDByTag(crlType);
-    if(!bagType) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    rv = SECITEM_CopyItem(arena, &crlBag->bagID, &bagType->oid);
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-	
-    PORT_ArenaUnmark(arena, mark);
-    return crlBag;
-
-loser:
-    PORT_ArenaRelease(arena, mark);
-    return NULL;
-}
-
-/* sec_PKCS12AddAttributeToBag
- * adds an attribute to a safeBag.  currently, the only attributes supported
- * are those which are specified within PKCS 12.  
- *
- *	p12ctxt - the export context 
- *	safeBag - the safeBag to which attributes are appended
- *	attrType - the attribute type
- * 	attrData - the attribute data
- */
-SECStatus
-sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt, 
-			    sec_PKCS12SafeBag *safeBag, SECOidTag attrType,
-			    SECItem *attrData)
-{
-    sec_PKCS12Attribute *attribute;
-    void *mark = NULL, *dummy = NULL;
-    SECOidData *oiddata = NULL;
-    SECItem unicodeName = { siBuffer, NULL, 0};
-    void *src = NULL;
-    unsigned int nItems = 0;
-    SECStatus rv;
-
-    if(!safeBag || !p12ctxt) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(safeBag->arena);
-
-    /* allocate the attribute */
-    attribute = (sec_PKCS12Attribute *)PORT_ArenaZAlloc(safeBag->arena, 
-    						sizeof(sec_PKCS12Attribute));
-    if(!attribute) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* set up the attribute */
-    oiddata = SECOID_FindOIDByTag(attrType);
-    if(!oiddata) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    if(SECITEM_CopyItem(p12ctxt->arena, &attribute->attrType, &oiddata->oid) !=
-    		SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    nItems = 1;
-    switch(attrType) {
-	case SEC_OID_PKCS9_LOCAL_KEY_ID:
-	    {
-		src = attrData;
-		break;
-	    }
-	case SEC_OID_PKCS9_FRIENDLY_NAME:
-	    {
-		if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena, 
-					&unicodeName, attrData, PR_FALSE, 
-					PR_FALSE, PR_TRUE)) {
-		    goto loser;
-		}
-		src = &unicodeName;
-		break;
-	    }
-	default:
-	    goto loser;
-    }
-
-    /* append the attribute to the attribute value list  */
-    attribute->attrValue = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena, 
-    					    ((nItems + 1) * sizeof(SECItem *)));
-    if(!attribute->attrValue) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* XXX this will need to be changed if attributes requiring more than
-     * one element are ever used.
-     */
-    attribute->attrValue[0] = (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena, 
-    							  sizeof(SECItem));
-    if(!attribute->attrValue[0]) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    attribute->attrValue[1] = NULL;
-
-    rv = SECITEM_CopyItem(p12ctxt->arena, attribute->attrValue[0], 
-			  (SECItem*)src);
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* append the attribute to the safeBag attributes */
-    if(safeBag->nAttribs) {
-	dummy = PORT_ArenaGrow(p12ctxt->arena, safeBag->attribs, 
-			((safeBag->nAttribs + 1) * sizeof(sec_PKCS12Attribute *)),
-			((safeBag->nAttribs + 2) * sizeof(sec_PKCS12Attribute *)));
-	safeBag->attribs = (sec_PKCS12Attribute **)dummy;
-    } else {
-	safeBag->attribs = (sec_PKCS12Attribute **)PORT_ArenaZAlloc(p12ctxt->arena, 
-						2 * sizeof(sec_PKCS12Attribute *));
-	dummy = safeBag->attribs;
-    }
-    if(!dummy) {
-	goto loser;
-    }
-
-    safeBag->attribs[safeBag->nAttribs] = attribute;
-    safeBag->attribs[++safeBag->nAttribs] = NULL;
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return SECSuccess;
-
-loser:
-    if(mark) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-    }
-
-    return SECFailure;
-}
-
-/* SEC_PKCS12AddCert
- * 	Adds a certificate to the data being exported.  
- *
- *	p12ctxt - the export context
- *	safe - the safeInfo to which the certificate is placed 
- *	nestedDest - if the cert is to be placed within a nested safeContents then,
- *		     this value is to be specified with the destination
- *	cert - the cert to export
- *	certDb - the certificate database handle
- *	keyId - a unique identifier to associate a certificate/key pair
- *	includeCertChain - PR_TRUE if the certificate chain is to be included.
- */
-SECStatus
-SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe, 
-		  void *nestedDest, CERTCertificate *cert, 
-		  CERTCertDBHandle *certDb, SECItem *keyId,
-		  PRBool includeCertChain)
-{
-    sec_PKCS12CertBag *certBag;
-    sec_PKCS12SafeBag *safeBag;
-    void *mark;
-    SECStatus rv;
-    SECItem nick = {siBuffer, NULL,0};
-
-    if(!p12ctxt || !cert) {
-	return SECFailure;
-    }
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    /* allocate the cert bag */
-    certBag = sec_PKCS12NewCertBag(p12ctxt->arena, 
-    				   SEC_OID_PKCS9_X509_CERT);
-    if(!certBag) {
-	goto loser;
-    }
-
-    if(SECITEM_CopyItem(p12ctxt->arena, &certBag->value.x509Cert, 
-    			&cert->derCert) != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* if the cert chain is to be included, we should only be exporting
-     * the cert from our internal database.
-     */
-    if(includeCertChain) {
-	CERTCertificateList *certList = CERT_CertChainFromCert(cert,
-							       certUsageSSLClient,
-							       PR_TRUE);
-	unsigned int count = 0;
-	if(!certList) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-
-	/* add cert chain */
-	for(count = 0; count < (unsigned int)certList->len; count++) {
-	    if(SECITEM_CompareItem(&certList->certs[count], &cert->derCert)
-	    			!= SECEqual) {
-	    	CERTCertificate *tempCert;
-
-		/* decode the certificate */
-		/* XXX
-		 * This was rather silly.  The chain is constructed above
-		 * by finding all of the CERTCertificate's in the database.
-		 * Then the chain is put into a CERTCertificateList, which only
-		 * contains the DER.  Finally, the DER was decoded, and the
-		 * decoded cert was sent recursively back to this function.
-		 * Beyond being inefficent, this causes data loss (specifically,
-		 * the nickname).  Instead, for 3.4, we'll do a lookup by the
-		 * DER, which should return the cached entry.
-		 */
-		tempCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),
-		                                  &certList->certs[count]);
-	    	if(!tempCert) {
-		    CERT_DestroyCertificateList(certList);
-		    goto loser;
-		}
-
-		/* add the certificate */
-	    	if(SEC_PKCS12AddCert(p12ctxt, safe, nestedDest, tempCert,
-				 certDb, NULL, PR_FALSE) != SECSuccess) {
-		    CERT_DestroyCertificate(tempCert);
-		    CERT_DestroyCertificateList(certList);
-		    goto loser;
-		}
-		CERT_DestroyCertificate(tempCert);
-	    }
-	}
-	CERT_DestroyCertificateList(certList);
-    }
-
-    /* if the certificate has a nickname, we will set the friendly name
-     * to that.
-     */
-    if(cert->nickname) {
-        if (cert->slot && !PK11_IsInternal(cert->slot)) {
-	  /*
-	   * The cert is coming off of an external token, 
-	   * let's strip the token name from the nickname
-	   * and only add what comes after the colon as the
-	   * nickname. -javi
-	   */
-	    char *delimit;
-	    
-	    delimit = PORT_Strchr(cert->nickname,':');
-	    if (delimit == NULL) {
-	        nick.data = (unsigned char *)cert->nickname;
-		nick.len = PORT_Strlen(cert->nickname);
-	    } else {
-	        delimit++;
-	        nick.data = (unsigned char *)PORT_ArenaStrdup(p12ctxt->arena,
-							      delimit);
-		nick.len = PORT_Strlen(delimit);
-	    }
-	} else {
-	    nick.data = (unsigned char *)cert->nickname;
-	    nick.len = PORT_Strlen(cert->nickname);
-	}
-    }
-
-    safeBag = sec_PKCS12CreateSafeBag(p12ctxt, SEC_OID_PKCS12_V1_CERT_BAG_ID, 
-    				      certBag);
-    if(!safeBag) {
-	goto loser;
-    }
-
-    /* add the friendly name and keyId attributes, if necessary */
-    if(nick.data) {
-	if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag, 
-				       SEC_OID_PKCS9_FRIENDLY_NAME, &nick) 
-				       != SECSuccess) {
-	    goto loser;
-	}
-    }
-	   
-    if(keyId) {
-	if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
-				       keyId) != SECSuccess) {
-	    goto loser;
-	}
-    }
-
-    /* append the cert safeBag */
-    if(nestedDest) {
-	rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, 
-					  (sec_PKCS12SafeContents*)nestedDest, 
-					   safeBag);
-    } else {
-	rv = sec_pkcs12_append_bag(p12ctxt, safe, safeBag);
-    }
-
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return SECSuccess;
-
-loser:
-    if(mark) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-    }
-
-    return SECFailure;
-}
-
-/* SEC_PKCS12AddEncryptedKey
- *	Extracts the key associated with a particular certificate and exports
- *	it.
- *
- *	p12ctxt - the export context 
- *	safe - the safeInfo to place the key in
- *	nestedDest - the nested safeContents to place a key
- *	cert - the certificate which the key belongs to
- *	shroudKey - encrypt the private key for export.  This value should 
- *		always be true.  lower level code will not allow the export
- *		of unencrypted private keys.
- *	algorithm - the algorithm with which to encrypt the private key
- *	pwitem - the password to encrypted the private key with
- *	keyId - the keyID attribute
- *	nickName - the nickname attribute
- */
-static SECStatus
-SEC_PKCS12AddEncryptedKey(SEC_PKCS12ExportContext *p12ctxt, 
-		SECKEYEncryptedPrivateKeyInfo *epki, SEC_PKCS12SafeInfo *safe,
-		void *nestedDest, SECItem *keyId, SECItem *nickName)
-{
-    void *mark;
-    void *keyItem;
-    SECOidTag keyType;
-    SECStatus rv = SECFailure;
-    sec_PKCS12SafeBag *returnBag;
-
-    if(!p12ctxt || !safe || !epki) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    keyItem = PORT_ArenaZAlloc(p12ctxt->arena, 
-				sizeof(SECKEYEncryptedPrivateKeyInfo));
-    if(!keyItem) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena, 
-					(SECKEYEncryptedPrivateKeyInfo *)keyItem,
-					epki);
-    keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
-
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-	
-    /* create the safe bag and set any attributes */
-    returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
-    if(!returnBag) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    if(nickName) {
-	if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, 
-				       SEC_OID_PKCS9_FRIENDLY_NAME, nickName) 
-				       != SECSuccess) {
-	    goto loser;
-	}
-    }
-	   
-    if(keyId) {
-	if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
-				       keyId) != SECSuccess) {
-	    goto loser;
-	}
-    }
-
-    if(nestedDest) {
-	rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, 
-					   (sec_PKCS12SafeContents*)nestedDest,
-					   returnBag);
-    } else {
-	rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
-    }
-
-loser:
-
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-    } else {
-	PORT_ArenaUnmark(p12ctxt->arena, mark);
-    }
-
-    return rv;
-}
-
-/* SEC_PKCS12AddKeyForCert
- *	Extracts the key associated with a particular certificate and exports
- *	it.
- *
- *	p12ctxt - the export context 
- *	safe - the safeInfo to place the key in
- *	nestedDest - the nested safeContents to place a key
- *	cert - the certificate which the key belongs to
- *	shroudKey - encrypt the private key for export.  This value should 
- *		always be true.  lower level code will not allow the export
- *		of unencrypted private keys.
- *	algorithm - the algorithm with which to encrypt the private key
- *	pwitem - the password to encrypt the private key with
- *	keyId - the keyID attribute
- *	nickName - the nickname attribute
- */
-SECStatus
-SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe, 
-			void *nestedDest, CERTCertificate *cert,
-			PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
-			SECItem *keyId, SECItem *nickName)
-{
-    void *mark;
-    void *keyItem;
-    SECOidTag keyType;
-    SECStatus rv = SECFailure;
-    SECItem nickname = {siBuffer,NULL,0}, uniPwitem = {siBuffer, NULL, 0};
-    sec_PKCS12SafeBag *returnBag;
-
-    if(!p12ctxt || !cert || !safe) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    /* retrieve the key based upon the type that it is and 
-     * specify the type of safeBag to store the key in
-     */	   
-    if(!shroudKey) {
-
-	/* extract the key unencrypted.  this will most likely go away */
-	SECKEYPrivateKeyInfo *pki = PK11_ExportPrivateKeyInfo(cert, 
-							      p12ctxt->wincx);
-	if(!pki) {
-	    PORT_ArenaRelease(p12ctxt->arena, mark);
-	    PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
-	    return SECFailure;
-	}   
-	keyItem = PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECKEYPrivateKeyInfo));
-	if(!keyItem) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	rv = SECKEY_CopyPrivateKeyInfo(p12ctxt->arena, 
-				       (SECKEYPrivateKeyInfo *)keyItem, pki);
-	keyType = SEC_OID_PKCS12_V1_KEY_BAG_ID;
-	SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
-    } else {
-
-	/* extract the key encrypted */
-	SECKEYEncryptedPrivateKeyInfo *epki = NULL;
-	PK11SlotInfo *slot = NULL;
-
-	if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena, &uniPwitem,
-				 pwitem, PR_TRUE, PR_TRUE, PR_TRUE)) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-
-	/* we want to make sure to take the key out of the key slot */
-	if(PK11_IsInternal(p12ctxt->slot)) {
-	    slot = PK11_GetInternalKeySlot();
-	} else {
-	    slot = PK11_ReferenceSlot(p12ctxt->slot);
-	}
-
-	epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm, 
-						  &uniPwitem, cert, 1, 
-						  p12ctxt->wincx);
-	PK11_FreeSlot(slot);
-	
-	keyItem = PORT_ArenaZAlloc(p12ctxt->arena, 
-				  sizeof(SECKEYEncryptedPrivateKeyInfo));
-	if(!keyItem) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	if(!epki) {
-	    PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
-	    return SECFailure;
-	}   
-	rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena, 
-					(SECKEYEncryptedPrivateKeyInfo *)keyItem,
-					epki);
-	keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
-	SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
-    }
-
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-	
-    /* if no nickname specified, let's see if the certificate has a 
-     * nickname.
-     */					  
-    if(!nickName) {
-	if(cert->nickname) {
-	    nickname.data = (unsigned char *)cert->nickname;
-	    nickname.len = PORT_Strlen(cert->nickname);
-	    nickName = &nickname;
-	}
-    }
-
-    /* create the safe bag and set any attributes */
-    returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
-    if(!returnBag) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    if(nickName) {
-	if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, 
-				       SEC_OID_PKCS9_FRIENDLY_NAME, nickName) 
-				       != SECSuccess) {
-	    goto loser;
-	}
-    }
-	   
-    if(keyId) {
-	if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
-				       keyId) != SECSuccess) {
-	    goto loser;
-	}
-    }
-
-    if(nestedDest) {
-	rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
-					  (sec_PKCS12SafeContents*)nestedDest, 
-					  returnBag);
-    } else {
-	rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
-    }
-
-loser:
-
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-    } else {
-	PORT_ArenaUnmark(p12ctxt->arena, mark);
-    }
-
-    return rv;
-}
-
-/* SEC_PKCS12AddCertAndEncryptedKey
- *	Add a certificate and key pair to be exported.
- *
- *	p12ctxt - the export context 
- * 	certSafe - the safeInfo where the cert is stored
- *	certNestedDest - the nested safeContents to store the cert
- *	keySafe - the safeInfo where the key is stored
- *	keyNestedDest - the nested safeContents to store the key
- *	shroudKey - extract the private key encrypted?
- *	pwitem - the password with which the key is encrypted
- *	algorithm - the algorithm with which the key is encrypted
- */
-SECStatus
-SEC_PKCS12AddDERCertAndEncryptedKey(SEC_PKCS12ExportContext *p12ctxt, 
-		void *certSafe, void *certNestedDest, 
-		SECItem *derCert, void *keySafe, 
-		void *keyNestedDest, SECKEYEncryptedPrivateKeyInfo *epki,
-		char *nickname)
-{		
-    SECStatus rv = SECFailure;
-    SGNDigestInfo *digest = NULL;
-    void *mark = NULL;
-    CERTCertificate *cert;
-    SECItem nick = {siBuffer, NULL,0}, *nickPtr = NULL; 
-
-    if(!p12ctxt || !certSafe || !keySafe || !derCert) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
-                                   derCert, NULL, PR_FALSE, PR_FALSE);
-    if(!cert) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-    cert->nickname = nickname;
-
-    /* generate the thumbprint of the cert to use as a keyId */
-    digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
-    if(!digest) {
-	CERT_DestroyCertificate(cert);
-	return SECFailure;
-    }
-
-    /* add the certificate */
-    rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe, 
-			   certNestedDest, cert, NULL,
-    			   &digest->digest, PR_FALSE);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    if(nickname) {
-	nick.data = (unsigned char *)nickname;
-	nick.len = PORT_Strlen(nickname);
-	nickPtr = &nick;
-    } else {
-	nickPtr = NULL;
-    }
-
-    /* add the key */
-    rv = SEC_PKCS12AddEncryptedKey(p12ctxt, epki, (SEC_PKCS12SafeInfo*)keySafe,
-				   keyNestedDest, &digest->digest, nickPtr );
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    SGN_DestroyDigestInfo(digest);
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return SECSuccess;
-
-loser:
-    SGN_DestroyDigestInfo(digest);
-    CERT_DestroyCertificate(cert);
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    
-    return SECFailure; 
-}
-
-/* SEC_PKCS12AddCertAndKey
- *	Add a certificate and key pair to be exported.
- *
- *	p12ctxt - the export context 
- * 	certSafe - the safeInfo where the cert is stored
- *	certNestedDest - the nested safeContents to store the cert
- *	keySafe - the safeInfo where the key is stored
- *	keyNestedDest - the nested safeContents to store the key
- *	shroudKey - extract the private key encrypted?
- *	pwitem - the password with which the key is encrypted
- *	algorithm - the algorithm with which the key is encrypted
- */
-SECStatus
-SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt, 
-			void *certSafe, void *certNestedDest, 
-			CERTCertificate *cert, CERTCertDBHandle *certDb,
-			void *keySafe, void *keyNestedDest, 
-			PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm)
-{		
-    SECStatus rv = SECFailure;
-    SGNDigestInfo *digest = NULL;
-    void *mark = NULL;
-
-    if(!p12ctxt || !certSafe || !keySafe || !cert) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    /* generate the thumbprint of the cert to use as a keyId */
-    digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
-    if(!digest) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	return SECFailure;
-    }
-
-    /* add the certificate */
-    rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe, 
-			   (SEC_PKCS12SafeInfo*)certNestedDest, cert, certDb,
-    			   &digest->digest, PR_TRUE);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    /* add the key */
-    rv = SEC_PKCS12AddKeyForCert(p12ctxt, (SEC_PKCS12SafeInfo*)keySafe, 
-				 keyNestedDest, cert, 
-    				 shroudKey, algorithm, pwitem, 
-    				 &digest->digest, NULL );
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    SGN_DestroyDigestInfo(digest);
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return SECSuccess;
-
-loser:
-    SGN_DestroyDigestInfo(digest);
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    
-    return SECFailure; 
-}
-
-/* SEC_PKCS12CreateNestedSafeContents
- * 	Allows nesting of safe contents to be implemented.  No limit imposed on 
- *	depth.  
- *
- *	p12ctxt - the export context 
- *	baseSafe - the base safeInfo 
- *	nestedDest - a parent safeContents (?)
- */
-void *
-SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
-				   void *baseSafe, void *nestedDest)
-{
-    sec_PKCS12SafeContents *newSafe;
-    sec_PKCS12SafeBag *safeContentsBag;
-    void *mark;
-    SECStatus rv;
-
-    if(!p12ctxt || !baseSafe) {
-	return NULL;
-    }
-
-    mark = PORT_ArenaMark(p12ctxt->arena);
-
-    newSafe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
-    if(!newSafe) {
-	PORT_ArenaRelease(p12ctxt->arena, mark);
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    /* create the safeContents safeBag */
-    safeContentsBag = sec_PKCS12CreateSafeBag(p12ctxt, 
-					SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
-					newSafe);
-    if(!safeContentsBag) {
-	goto loser;
-    }
-
-    /* append the safeContents to the appropriate area */
-    if(nestedDest) {
-	rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, 
-					   (sec_PKCS12SafeContents*)nestedDest,
-					   safeContentsBag);
-    } else {
-	rv = sec_pkcs12_append_bag(p12ctxt, (SEC_PKCS12SafeInfo*)baseSafe, 
-				   safeContentsBag);
-    }
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(p12ctxt->arena, mark);
-    return newSafe;
-
-loser:
-    PORT_ArenaRelease(p12ctxt->arena, mark);
-    return NULL;
-}
-
-/*********************************
- * Encoding routines
- *********************************/
-
-/* set up the encoder context based on information in the export context
- * and return the newly allocated enocoder context.  A return of NULL 
- * indicates an error occurred. 
- */
-sec_PKCS12EncoderContext *
-sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp)
-{
-    sec_PKCS12EncoderContext *p12enc = NULL;
-    unsigned int i, nonEmptyCnt;
-    SECStatus rv;
-    SECItem ignore = {0};
-    void *mark;
-
-    if(!p12exp || !p12exp->safeInfos) {
-	return NULL;
-    }
-
-    /* check for any empty safes and skip them */
-    i = nonEmptyCnt = 0;
-    while(p12exp->safeInfos[i]) {
-	if(p12exp->safeInfos[i]->itemCount) {
-	    nonEmptyCnt++;
-	}
-	i++;
-    }
-    if(nonEmptyCnt == 0) {
-	return NULL;
-    }
-    p12exp->authSafe.encodedSafes[nonEmptyCnt] = NULL;
-
-    /* allocate the encoder context */
-    mark = PORT_ArenaMark(p12exp->arena);
-    p12enc = (sec_PKCS12EncoderContext*)PORT_ArenaZAlloc(p12exp->arena, 
-    			      sizeof(sec_PKCS12EncoderContext));
-    if(!p12enc) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    p12enc->arena = p12exp->arena;
-    p12enc->p12exp = p12exp;
-
-    /* set up the PFX version and information */
-    PORT_Memset(&p12enc->pfx, 0, sizeof(sec_PKCS12PFXItem));
-    if(!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->pfx.version), 
-    			      SEC_PKCS12_VERSION) ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    	goto loser;
-    }
-
-    /* set up the authenticated safe content info based on the 
-     * type of integrity being used.  this should be changed to
-     * enforce integrity mode, but will not be implemented until
-     * it is confirmed that integrity must be in place
-     */
-    if(p12exp->integrityEnabled && !p12exp->pwdIntegrity) {
-	SECStatus rv;
-
-	/* create public key integrity mode */
-	p12enc->aSafeCinfo = SEC_PKCS7CreateSignedData(
-				p12exp->integrityInfo.pubkeyInfo.cert,
-				certUsageEmailSigner,
-				p12exp->integrityInfo.pubkeyInfo.certDb,
-				p12exp->integrityInfo.pubkeyInfo.algorithm,
-				NULL,
-				p12exp->pwfn,
-				p12exp->pwfnarg);
-	if(!p12enc->aSafeCinfo) {
-	    goto loser;
-	}
-	if(SEC_PKCS7IncludeCertChain(p12enc->aSafeCinfo,NULL) != SECSuccess) {
-	    goto loser;
-	}
-	rv = SEC_PKCS7AddSigningTime(p12enc->aSafeCinfo);
-	PORT_Assert(rv == SECSuccess);
-    } else {
-	p12enc->aSafeCinfo = SEC_PKCS7CreateData();
-
-	/* init password pased integrity mode */
-	if(p12exp->integrityEnabled) {
-	    SECItem  pwd = {siBuffer,NULL, 0};
-	    SECItem *salt = sec_pkcs12_generate_salt();
-	    PK11SymKey *symKey;
-	    SECItem *params;
-	    CK_MECHANISM_TYPE integrityMech;
-
-	    /* zero out macData and set values */
-	    PORT_Memset(&p12enc->mac, 0, sizeof(sec_PKCS12MacData));
-
-	    if(!salt) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    }
-	    if(SECITEM_CopyItem(p12exp->arena, &(p12enc->mac.macSalt), salt) 
-			!= SECSuccess) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    }   
-
-	    /* generate HMAC key */
-	    if(!sec_pkcs12_convert_item_to_unicode(NULL, &pwd, 
-			p12exp->integrityInfo.pwdInfo.password, PR_TRUE, 
-			PR_TRUE, PR_TRUE)) {
-		goto loser;
-	    }
-
-	    params = PK11_CreatePBEParams(salt, &pwd, 1);
-	    SECITEM_ZfreeItem(salt, PR_TRUE);
-	    SECITEM_ZfreeItem(&pwd, PR_FALSE);
-
-	    switch (p12exp->integrityInfo.pwdInfo.algorithm) {
-	    case SEC_OID_SHA1:
-		integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN; break;
-	    case SEC_OID_MD5:
-		integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;  break;
-	    case SEC_OID_MD2:
-		integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;  break;
-	    default:
-		goto loser;
-	    }
-
-	    symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
-	    PK11_DestroyPBEParams(params);
-	    if(!symKey) {
-		goto loser;
-	    }
-
-	    /* initialize hmac */
-	    p12enc->hmacCx = PK11_CreateContextBySymKey(
-	     sec_pkcs12_algtag_to_mech(p12exp->integrityInfo.pwdInfo.algorithm),
-	                                           CKA_SIGN, symKey, &ignore);
-
-	    PK11_FreeSymKey(symKey);
-	    if(!p12enc->hmacCx) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    }
-	    rv = PK11_DigestBegin(p12enc->hmacCx);
-	    if (rv != SECSuccess)
-		goto loser;
-	}
-    }
-
-    if(!p12enc->aSafeCinfo) {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(p12exp->arena, mark);
-
-    return p12enc;
-
-loser:
-    if(p12enc) {
-	if(p12enc->aSafeCinfo) {
-	    SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);
-	}
-	if(p12enc->hmacCx) {
-	    PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);
-	}
-    }
-    if (p12exp->arena != NULL)
-	PORT_ArenaRelease(p12exp->arena, mark);
-
-    return NULL;
-}
-
-/* callback wrapper to allow the ASN1 engine to call the PKCS 12 
- * output routines.
- */
-static void
-sec_pkcs12_encoder_out(void *arg, const char *buf, unsigned long len,
-		       int depth, SEC_ASN1EncodingPart data_kind)
-{
-    struct sec_pkcs12_encoder_output *output;
-
-    output = (struct sec_pkcs12_encoder_output*)arg;
-    (* output->outputfn)(output->outputarg, buf, len);
-}
-
-/* callback wrapper to wrap SEC_PKCS7EncoderUpdate for ASN1 encoder
- */
-static void 
-sec_pkcs12_wrap_pkcs7_encoder_update(void *arg, const char *buf, 
-				     unsigned long len, int depth, 
-				     SEC_ASN1EncodingPart data_kind)
-{
-    SEC_PKCS7EncoderContext *ecx;
-    if(!buf || !len) {
-	return;
-    }
-
-    ecx = (SEC_PKCS7EncoderContext*)arg;
-    SEC_PKCS7EncoderUpdate(ecx, buf, len);
-}
-
-/* callback wrapper to wrap SEC_ASN1EncoderUpdate for PKCS 7 encoding
- */
-static void
-sec_pkcs12_wrap_asn1_update_for_p7_update(void *arg, const char *buf,
-					  unsigned long len)
-{
-    if(!buf && !len) return;
-
-    SEC_ASN1EncoderUpdate((SEC_ASN1EncoderContext*)arg, buf, len);
-}
-
-/* callback wrapper which updates the HMAC and passes on bytes to the 
- * appropriate output function.
- */
-static void
-sec_pkcs12_asafe_update_hmac_and_encode_bits(void *arg, const char *buf,
-				      unsigned long len, int depth,
-				      SEC_ASN1EncodingPart data_kind)
-{
-    sec_PKCS12EncoderContext *p12ecx;
-
-    p12ecx = (sec_PKCS12EncoderContext*)arg;
-    PK11_DigestOp(p12ecx->hmacCx, (unsigned char *)buf, len);
-    sec_pkcs12_wrap_pkcs7_encoder_update(p12ecx->aSafeP7Ecx, buf, len,
-    					 depth, data_kind);
-}
-
-/* this function encodes content infos which are part of the
- * sequence of content infos labeled AuthenticatedSafes 
- */
-static SECStatus 
-sec_pkcs12_encoder_asafe_process(sec_PKCS12EncoderContext *p12ecx)
-{ 
-    SECStatus rv = SECSuccess;
-    SEC_PKCS5KeyAndPassword keyPwd;
-    SEC_PKCS7EncoderContext *p7ecx;
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_ASN1EncoderContext *ecx = NULL;
-
-    void *arg = NULL;
-
-    if(p12ecx->currentSafe < p12ecx->p12exp->authSafe.safeCount) {
-	SEC_PKCS12SafeInfo *safeInfo;
-	SECOidTag cinfoType;
-
-	safeInfo = p12ecx->p12exp->safeInfos[p12ecx->currentSafe];
-
-	/* skip empty safes */
-	if(safeInfo->itemCount == 0) {
-	    return SECSuccess;
-	}
-
-	cinfo = safeInfo->cinfo;
-	cinfoType = SEC_PKCS7ContentType(cinfo);
-
-	/* determine the safe type and set the appropriate argument */
-	switch(cinfoType) {
-	    case SEC_OID_PKCS7_DATA:
-		arg = NULL;
-		break;
-	    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-		keyPwd.pwitem = &safeInfo->pwitem;
-		keyPwd.key = safeInfo->encryptionKey;
-		arg = &keyPwd;
-		break;
-	    case SEC_OID_PKCS7_ENVELOPED_DATA:
-		arg = NULL;
-		break;
-	    default:
-		return SECFailure;
-
-	}
-
-	/* start the PKCS7 encoder */
-	p7ecx = SEC_PKCS7EncoderStart(cinfo, 
-				      sec_pkcs12_wrap_asn1_update_for_p7_update,
-				      p12ecx->aSafeEcx, (PK11SymKey *)arg);
-	if(!p7ecx) {
-	    goto loser;
-	}
-
-	/* encode safe contents */
-	ecx = SEC_ASN1EncoderStart(safeInfo->safe, sec_PKCS12SafeContentsTemplate,
-				   sec_pkcs12_wrap_pkcs7_encoder_update, p7ecx);
-	if(!ecx) {
-	    goto loser;
-	}   
-	rv = SEC_ASN1EncoderUpdate(ecx, NULL, 0);
-	SEC_ASN1EncoderFinish(ecx);
-	ecx = NULL;
-	if(rv != SECSuccess) {
-	    goto loser;
-	}
-
-
-	/* finish up safe content info */
-	rv = SEC_PKCS7EncoderFinish(p7ecx, p12ecx->p12exp->pwfn, 
-				    p12ecx->p12exp->pwfnarg);
-    }
-
-    return SECSuccess;
-
-loser:
-    if(p7ecx) {
-	SEC_PKCS7EncoderFinish(p7ecx, p12ecx->p12exp->pwfn, 
-			       p12ecx->p12exp->pwfnarg);
-    }
-
-    if(ecx) {
-	SEC_ASN1EncoderFinish(ecx);
-    }
-
-    return SECFailure;
-}
-
-/* finish the HMAC and encode the macData so that it can be
- * encoded.
- */
-static SECStatus
-sec_pkcs12_update_mac(sec_PKCS12EncoderContext *p12ecx)
-{
-    SECItem hmac = { siBuffer, NULL, 0 };
-    SECStatus rv;
-    SGNDigestInfo *di = NULL;
-    void *dummy;
-
-    if(!p12ecx) {
-	return SECFailure;
-    }
-
-    /* make sure we are using password integrity mode */
-    if(!p12ecx->p12exp->integrityEnabled) {
-	return SECSuccess;
-    }
-
-    if(!p12ecx->p12exp->pwdIntegrity) {
-	return SECSuccess;
-    }
-
-    /* finish the hmac */
-    hmac.data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
-    if(!hmac.data) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    rv = PK11_DigestFinal(p12ecx->hmacCx, hmac.data, &hmac.len, SHA1_LENGTH);
-
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* create the digest info */
-    di = SGN_CreateDigestInfo(p12ecx->p12exp->integrityInfo.pwdInfo.algorithm,
-    			      hmac.data, hmac.len);
-    if(!di) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = SGN_CopyDigestInfo(p12ecx->arena, &p12ecx->mac.safeMac, di);
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* encode the mac data */
-    dummy = SEC_ASN1EncodeItem(p12ecx->arena, &p12ecx->pfx.encodedMacData, 
-    			    &p12ecx->mac, sec_PKCS12MacDataTemplate);
-    if(!dummy) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	rv = SECFailure;
-    }
-
-loser:
-    if(di) {
-	SGN_DestroyDigestInfo(di);
-    }
-    if(hmac.data) {
-	SECITEM_ZfreeItem(&hmac, PR_FALSE);
-    }
-    PK11_DestroyContext(p12ecx->hmacCx, PR_TRUE);
-    p12ecx->hmacCx = NULL;
-
-    return rv;
-}
-
-/* wraps the ASN1 encoder update for PKCS 7 encoder */
-static void
-sec_pkcs12_wrap_asn1_encoder_update(void *arg, const char *buf, 
-				    unsigned long len)
-{
-    SEC_ASN1EncoderContext *cx;
-
-    cx = (SEC_ASN1EncoderContext*)arg;
-    SEC_ASN1EncoderUpdate(cx, buf, len);
-}
-
-/* pfx notify function for ASN1 encoder.  we want to stop encoding, once we reach
- * the authenticated safe.  at that point, the encoder will be updated via streaming
- * as the authenticated safe is  encoded. 
- */
-static void
-sec_pkcs12_encoder_pfx_notify(void *arg, PRBool before, void *dest, int real_depth)
-{
-    sec_PKCS12EncoderContext *p12ecx;
-
-    if(!before) {
-	return;
-    }
-
-    /* look for authenticated safe */
-    p12ecx = (sec_PKCS12EncoderContext*)arg;
-    if(dest != &p12ecx->pfx.encodedAuthSafe) {
-	return;
-    }
-
-    SEC_ASN1EncoderSetTakeFromBuf(p12ecx->ecx);
-    SEC_ASN1EncoderSetStreaming(p12ecx->ecx);
-    SEC_ASN1EncoderClearNotifyProc(p12ecx->ecx);
-}
-
-/* SEC_PKCS12Encode
- *	Encodes the PFX item and returns it to the output function, via
- *	callback.  the output function must be capable of multiple updates.
- *	
- *	p12exp - the export context 
- *	output - the output function callback, will be called more than once,
- *		 must be able to accept streaming data.
- *	outputarg - argument for the output callback.
- */
-SECStatus
-SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp, 
-		 SEC_PKCS12EncoderOutputCallback output, void *outputarg)
-{
-    sec_PKCS12EncoderContext *p12enc;
-    struct sec_pkcs12_encoder_output outInfo;
-    SECStatus rv;
-
-    if(!p12exp || !output) {
-	return SECFailure;
-    }
-
-    /* get the encoder context */
-    p12enc = sec_pkcs12_encoder_start_context(p12exp);
-    if(!p12enc) {
-	return SECFailure;
-    }
-
-    outInfo.outputfn = output;
-    outInfo.outputarg = outputarg;
-
-    /* set up PFX encoder.  Set it for streaming */
-    p12enc->ecx = SEC_ASN1EncoderStart(&p12enc->pfx, sec_PKCS12PFXItemTemplate,
-				       sec_pkcs12_encoder_out, 
-				       &outInfo);
-    if(!p12enc->ecx) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	rv = SECFailure;
-	goto loser;
-    }
-    SEC_ASN1EncoderSetStreaming(p12enc->ecx);
-    SEC_ASN1EncoderSetNotifyProc(p12enc->ecx, sec_pkcs12_encoder_pfx_notify, p12enc);
-    rv = SEC_ASN1EncoderUpdate(p12enc->ecx, NULL, 0);
-    if(rv != SECSuccess) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    /* set up asafe cinfo - the output of the encoder feeds the PFX encoder */
-    p12enc->aSafeP7Ecx = SEC_PKCS7EncoderStart(p12enc->aSafeCinfo, 
-    					       sec_pkcs12_wrap_asn1_encoder_update,
-    					       p12enc->ecx, NULL);
-    if(!p12enc->aSafeP7Ecx) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    /* encode asafe */
-    if(p12enc->p12exp->integrityEnabled && p12enc->p12exp->pwdIntegrity) {
-	p12enc->aSafeEcx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
-					sec_PKCS12AuthenticatedSafeTemplate, 
-					sec_pkcs12_asafe_update_hmac_and_encode_bits,
-    					p12enc);
-    } else {
-	p12enc->aSafeEcx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
-				sec_PKCS12AuthenticatedSafeTemplate,
-				sec_pkcs12_wrap_pkcs7_encoder_update,
-				p12enc->aSafeP7Ecx);
-    }
-    if(!p12enc->aSafeEcx) {
-	rv = SECFailure;
-	goto loser;
-    }
-    SEC_ASN1EncoderSetStreaming(p12enc->aSafeEcx);
-    SEC_ASN1EncoderSetTakeFromBuf(p12enc->aSafeEcx); 
-	
-    /* encode each of the safes */			 
-    while(p12enc->currentSafe != p12enc->p12exp->safeInfoCount) {
-	sec_pkcs12_encoder_asafe_process(p12enc);
-	p12enc->currentSafe++;
-    }
-    SEC_ASN1EncoderClearTakeFromBuf(p12enc->aSafeEcx);
-    SEC_ASN1EncoderClearStreaming(p12enc->aSafeEcx);
-    SEC_ASN1EncoderUpdate(p12enc->aSafeEcx, NULL, 0);
-    SEC_ASN1EncoderFinish(p12enc->aSafeEcx);
-
-    /* finish the encoding of the authenticated safes */
-    rv = SEC_PKCS7EncoderFinish(p12enc->aSafeP7Ecx, p12exp->pwfn, 
-    				p12exp->pwfnarg);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    SEC_ASN1EncoderClearTakeFromBuf(p12enc->ecx);
-    SEC_ASN1EncoderClearStreaming(p12enc->ecx);
-
-    /* update the mac, if necessary */
-    rv = sec_pkcs12_update_mac(p12enc);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-   
-    /* finish encoding the pfx */ 
-    rv = SEC_ASN1EncoderUpdate(p12enc->ecx, NULL, 0);
-
-    SEC_ASN1EncoderFinish(p12enc->ecx);
-
-loser:
-    return rv;
-}
-
-void
-SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12ecx)
-{
-    int i = 0;
-
-    if(!p12ecx) {
-	return;
-    }
-
-    if(p12ecx->safeInfos) {
-	i = 0;
-	while(p12ecx->safeInfos[i] != NULL) {
-	    if(p12ecx->safeInfos[i]->encryptionKey) {
-		PK11_FreeSymKey(p12ecx->safeInfos[i]->encryptionKey);
-	    }
-	    if(p12ecx->safeInfos[i]->cinfo) {
-		SEC_PKCS7DestroyContentInfo(p12ecx->safeInfos[i]->cinfo);
-	    }
-	    i++;
-	}
-    }
-
-    PK11_FreeSlot(p12ecx->slot);
-
-    PORT_FreeArena(p12ecx->arena, PR_TRUE);
-}
-
-
-/*********************************
- * All-in-one routines for exporting certificates 
- *********************************/
-struct inPlaceEncodeInfo {
-    PRBool error;
-    SECItem outItem;
-};
-
-static void 
-sec_pkcs12_in_place_encoder_output(void *arg, const char *buf, unsigned long len)
-{
-    struct inPlaceEncodeInfo *outInfo = (struct inPlaceEncodeInfo*)arg;
-
-    if(!outInfo || !len || outInfo->error) {
-	return;
-    }
-
-    if(!outInfo->outItem.data) {
-	outInfo->outItem.data = (unsigned char*)PORT_ZAlloc(len);
-	outInfo->outItem.len = 0;
-    } else {
-	if(!PORT_Realloc(&(outInfo->outItem.data), (outInfo->outItem.len + len))) {
-	    SECITEM_ZfreeItem(&(outInfo->outItem), PR_FALSE);
-	    outInfo->outItem.data = NULL;
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    outInfo->error = PR_TRUE;
-	    return;
-	}
-    }
-
-    PORT_Memcpy(&(outInfo->outItem.data[outInfo->outItem.len]), buf, len);
-    outInfo->outItem.len += len;
-
-    return;
-}
-
-/*
- * SEC_PKCS12ExportCertifcateAndKeyUsingPassword
- *	Exports a certificate/key pair using password-based encryption and
- *	authentication.
- *
- * pwfn, pwfnarg - password function and argument for the key database
- * cert - the certificate to export
- * certDb - certificate database
- * pwitem - the password to use
- * shroudKey - encrypt the key externally, 
- * keyShroudAlg - encryption algorithm for key
- * encryptionAlg - the algorithm with which data is encrypted
- * integrityAlg - the algorithm for integrity
- */
-SECItem *
-SEC_PKCS12ExportCertificateAndKeyUsingPassword(
-				SECKEYGetPasswordKey pwfn, void *pwfnarg,
-				CERTCertificate *cert, PK11SlotInfo *slot,
-				CERTCertDBHandle *certDb, SECItem *pwitem,
-				PRBool shroudKey, SECOidTag shroudAlg,
-				PRBool encryptCert, SECOidTag certEncAlg,
-				SECOidTag integrityAlg, void *wincx)
-{
-    struct inPlaceEncodeInfo outInfo;
-    SEC_PKCS12ExportContext *p12ecx = NULL;
-    SEC_PKCS12SafeInfo *keySafe, *certSafe;
-    SECItem *returnItem = NULL;
-
-    if(!cert || !pwitem || !slot) {
-	return NULL;
-    }
-
-    outInfo.error = PR_FALSE;
-    outInfo.outItem.data = NULL;
-    outInfo.outItem.len = 0;
-
-    p12ecx = SEC_PKCS12CreateExportContext(pwfn, pwfnarg, slot, wincx);
-    if(!p12ecx) {
-	return NULL;
-    }
-
-    /* set up cert safe */
-    if(encryptCert) {
-	certSafe = SEC_PKCS12CreatePasswordPrivSafe(p12ecx, pwitem, certEncAlg);
-    } else {
-	certSafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
-    }
-    if(!certSafe) {
-	goto loser;
-    }
-
-    /* set up key safe */
-    if(shroudKey) {
-	keySafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
-    } else {
-	keySafe = certSafe;
-    }
-    if(!keySafe) {
-	goto loser;
-    }
-
-    /* add integrity mode */
-    if(SEC_PKCS12AddPasswordIntegrity(p12ecx, pwitem, integrityAlg) 
-		!= SECSuccess) {
-	goto loser;
-    }
-
-    /* add cert and key pair */
-    if(SEC_PKCS12AddCertAndKey(p12ecx, certSafe, NULL, cert, certDb, 
-			       keySafe, NULL, shroudKey, pwitem, shroudAlg)
-		!= SECSuccess) {
-	goto loser;
-    }
-
-    /* encode the puppy */
-    if(SEC_PKCS12Encode(p12ecx, sec_pkcs12_in_place_encoder_output, &outInfo)
-		!= SECSuccess) {
-	goto loser;
-    }
-    if(outInfo.error) {
-	goto loser;
-    }
-
-    SEC_PKCS12DestroyExportContext(p12ecx);
-	
-    returnItem = SECITEM_DupItem(&outInfo.outItem);
-    SECITEM_ZfreeItem(&outInfo.outItem, PR_FALSE);
-
-    return returnItem;
-
-loser:
-    if(outInfo.outItem.data) {
-	SECITEM_ZfreeItem(&(outInfo.outItem), PR_TRUE);
-    }
-
-    if(p12ecx) {
-	SEC_PKCS12DestroyExportContext(p12ecx);
-    }
-
-    return NULL;
-}
-
-
diff --git a/security/nss/lib/pkcs12/p12exp.c b/security/nss/lib/pkcs12/p12exp.c
deleted file mode 100644
index 242d98288..000000000
--- a/security/nss/lib/pkcs12/p12exp.c
+++ /dev/null
@@ -1,1407 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "pkcs12.h"
-#include "p12local.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "p12plcy.h"
-
-/* release the memory taken up by the list of nicknames */
-static void
-sec_pkcs12_destroy_nickname_list(SECItem **nicknames)
-{
-    int i = 0;
-
-    if(nicknames == NULL) {
-	return;
-    }
-
-    while(nicknames[i] != NULL) {
-	SECITEM_FreeItem(nicknames[i], PR_FALSE);
-	i++;
-    }
-
-    PORT_Free(nicknames);
-}
-   
-/* release the memory taken up by the list of certificates */ 
-static void
-sec_pkcs12_destroy_certificate_list(CERTCertificate **ref_certs)
-{
-    int i = 0;
-
-    if(ref_certs == NULL) {
-	return;
-    }
-
-    while(ref_certs[i] != NULL) {
-	CERT_DestroyCertificate(ref_certs[i]);
-	i++;
-    }
-}
-
-static void
-sec_pkcs12_destroy_cinfos_for_cert_bags(SEC_PKCS12CertAndCRLBag *certBag)
-{
-    int j = 0;
-    j = 0;
-    while(certBag->certAndCRLs[j] != NULL) {
-	SECOidTag certType = SECOID_FindOIDTag(&certBag->certAndCRLs[j]->BagID);
-	if(certType == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
-	    SEC_PKCS12X509CertCRL *x509;
-	    x509 = certBag->certAndCRLs[j]->value.x509;
-	    SEC_PKCS7DestroyContentInfo(&x509->certOrCRL);
-	}
-	j++;
-    }
-}
-
-/* destroy all content infos since they were not allocated in common
- * pool
- */
-static void
-sec_pkcs12_destroy_cert_content_infos(SEC_PKCS12SafeContents *safe,
-				      SEC_PKCS12Baggage *baggage)
-{
-    int i, j;
-
-    if((safe != NULL) && (safe->contents != NULL)) {
-	i = 0;
-	while(safe->contents[i] != NULL) {
-	    SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
-	    if(bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
-		SEC_PKCS12CertAndCRLBag *certBag;
-		certBag = safe->contents[i]->safeContent.certAndCRLBag;
-		sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
-	    }
-	    i++;
-	}
-    }
-
-    if((baggage != NULL) && (baggage->bags != NULL)) {
-	i = 0;
-	while(baggage->bags[i] != NULL) { 
-	    if(baggage->bags[i]->unencSecrets != NULL) {
-		j = 0;
-		while(baggage->bags[i]->unencSecrets[j] != NULL) {
-		    SECOidTag bagType;
-		    bagType = SECOID_FindOIDTag(&baggage->bags[i]->unencSecrets[j]->safeBagType);
-		    if(bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
-			SEC_PKCS12CertAndCRLBag *certBag;
-			certBag = baggage->bags[i]->unencSecrets[j]->safeContent.certAndCRLBag;
-			sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
-		    }
-		    j++;
-		}
-	    }
-	    i++;
-	}
-    }
-}
-
-/* convert the nickname list from a NULL termincated Char list
- * to a NULL terminated SECItem list
- */
-static SECItem **
-sec_pkcs12_convert_nickname_list(char **nicknames)
-{
-    SECItem **nicks;
-    int i, j;
-    PRBool error = PR_FALSE;
-
-    if(nicknames == NULL) {
-	return NULL;
-    }
-
-    i = j = 0;
-    while(nicknames[i] != NULL) {
-	i++;
-    }
-
-    /* allocate the space and copy the data */	
-    nicks = (SECItem **)PORT_ZAlloc(sizeof(SECItem *) * (i + 1));
-    if(nicks != NULL) {
-	for(j = 0; ((j < i) && (error == PR_FALSE)); j++) {
-	    nicks[j] = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-	    if(nicks[j] != NULL) {
-		nicks[j]->data = 
-		    (unsigned char *)PORT_ZAlloc(PORT_Strlen(nicknames[j])+1);
-		if(nicks[j]->data != NULL) {
-		    nicks[j]->len = PORT_Strlen(nicknames[j]);
-		    PORT_Memcpy(nicks[j]->data, nicknames[j], nicks[j]->len);
-		    nicks[j]->data[nicks[j]->len] = 0;
-		} else {
-		    error = PR_TRUE;
-		}
-	    } else {
-	       error = PR_TRUE;
-	    }
-	}
-    }
-
-    if(error == PR_TRUE) {
-        for(i = 0; i < j; i++) { 
-	    SECITEM_FreeItem(nicks[i], PR_TRUE);
-	}
-	PORT_Free(nicks);
-	nicks = NULL;
-    }
-
-    return nicks;
-}
-
-/* package the certificate add_cert into PKCS12 structures,
- * retrieve the certificate chain for the cert and return
- * the packaged contents.
- * poolp -- common memory pool;
- * add_cert -- certificate to package up
- * nickname for the certificate 
- * a return of NULL indicates an error
- */
-static SEC_PKCS12CertAndCRL *
-sec_pkcs12_get_cert(PRArenaPool *poolp,
-		       CERTCertificate *add_cert, 
-		       SECItem *nickname)
-{
-    SEC_PKCS12CertAndCRL *cert;
-    SEC_PKCS7ContentInfo *cinfo;
-    SGNDigestInfo *t_di;
-    void *mark;
-    SECStatus rv;
-
-    if((poolp == NULL) || (add_cert == NULL) || (nickname == NULL)) {
-    	return NULL;
-    }
-    mark = PORT_ArenaMark(poolp);
-
-    cert = sec_pkcs12_new_cert_crl(poolp, SEC_OID_PKCS12_X509_CERT_CRL_BAG);
-    if(cert != NULL) {
-
-	/* copy the nickname */
-	rv = SECITEM_CopyItem(poolp, &cert->nickname, nickname);
-	if(rv != SECSuccess) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    cert = NULL;
-	} else {
-
-	    /* package the certificate and cert chain into a NULL signer
-	     * PKCS 7 SignedData content Info and prepare it for encoding 
-	     * since we cannot use DER_ANY_TEMPLATE
-	     */
-	    cinfo = SEC_PKCS7CreateCertsOnly(add_cert, PR_TRUE, NULL);
-	    rv = SEC_PKCS7PrepareForEncode(cinfo, NULL, NULL, NULL);
-
-	    /* thumbprint the certificate */
-	    if((cinfo != NULL) && (rv == SECSuccess))
-	    {
-		PORT_Memcpy(&cert->value.x509->certOrCRL, cinfo, sizeof(*cinfo));
-		t_di = sec_pkcs12_compute_thumbprint(&add_cert->derCert);
-		if(t_di != NULL)
-		{
-		    /* test */
-		    rv = SGN_CopyDigestInfo(poolp, &cert->value.x509->thumbprint,
-		    			    t_di);
-		    if(rv != SECSuccess) {
-			cert = NULL;
-			PORT_SetError(SEC_ERROR_NO_MEMORY);
-		    }
-		    SGN_DestroyDigestInfo(t_di);
-		}
-		else
-		    cert = NULL;
-	    }
-	}
-    }
-
-    if (cert == NULL) {
-	PORT_ArenaRelease(poolp, mark);
-    } else {
-	PORT_ArenaUnmark(poolp, mark);
-    }
-
-    return cert;
-}
-
-/* package the private key associated with the certificate and 
- * return the appropriate PKCS 12 structure 
- * poolp common memory pool
- * nickname key nickname
- * cert -- cert to look up
- * wincx -- window handle 
- * an error is indicated by a return of NULL
- */
-static SEC_PKCS12PrivateKey *
-sec_pkcs12_get_private_key(PRArenaPool *poolp,
-			   SECItem *nickname,
-			   CERTCertificate *cert,
-			   void *wincx)
-{
-    SECKEYPrivateKeyInfo *pki;
-    SEC_PKCS12PrivateKey *pk;
-    SECStatus rv;
-    void *mark;
-
-    if((poolp == NULL) || (nickname == NULL)) {
-	return NULL;
-    }
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* retrieve key from the data base */
-    pki = PK11_ExportPrivateKeyInfo(nickname, cert, wincx);
-    if(pki == NULL) {
-	PORT_ArenaRelease(poolp, mark);
-	PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
-	return NULL;
-    }
-
-    pk = (SEC_PKCS12PrivateKey *)PORT_ArenaZAlloc(poolp,
-						  sizeof(SEC_PKCS12PrivateKey));
-    if(pk != NULL) {
-	rv = sec_pkcs12_init_pvk_data(poolp, &pk->pvkData);
-
-	if(rv == SECSuccess) {
-	    /* copy the key into poolp memory space */
-	    rv = SECKEY_CopyPrivateKeyInfo(poolp, &pk->pkcs8data, pki);
-	    if(rv == SECSuccess) {
-		rv = SECITEM_CopyItem(poolp, &pk->pvkData.nickname, nickname);
-	    }
-	}
-
-	if(rv != SECSuccess) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    pk = NULL;
-	}
-    } else {
-	PORT_SetError(SEC_ERROR_NO_MEMORY); 
-    }
-
-    /* destroy private key, zeroing out data */
-    SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
-    if (pk == NULL) {
-	PORT_ArenaRelease(poolp, mark);
-    } else {
-	PORT_ArenaUnmark(poolp, mark);
-    }
-
-    return pk;
-}
-
-/* get a shrouded key item associated with a certificate
- * return the appropriate PKCS 12 structure 
- * poolp common memory pool
- * nickname key nickname
- * cert -- cert to look up
- * wincx -- window handle 
- * an error is indicated by a return of NULL
- */
-static SEC_PKCS12ESPVKItem *
-sec_pkcs12_get_shrouded_key(PRArenaPool *poolp,
-			    SECItem *nickname,
-			    CERTCertificate *cert,
-			    SECOidTag algorithm, 
-			    SECItem *pwitem,
-			    PKCS12UnicodeConvertFunction unicodeFn,
-			    void *wincx)
-{
-    SECKEYEncryptedPrivateKeyInfo *epki;
-    SEC_PKCS12ESPVKItem *pk;
-    void *mark;
-    SECStatus rv;
-    PK11SlotInfo *slot = NULL;
-    PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
-    swapUnicodeBytes = PR_TRUE;
-#endif
-
-    if((poolp == NULL) || (nickname == NULL))
-	return NULL;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* use internal key slot */
-    slot = PK11_GetInternalKeySlot();
-
-    /* retrieve encrypted prviate key */
-    epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm, pwitem, 
-    					      nickname, cert, 1, 0, NULL);
-    PK11_FreeSlot(slot);
-    if(epki == NULL) {
-	PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
-	PORT_ArenaRelease(poolp, mark);
-	return NULL;
-    }
-
-    /* create a private key and store the data into the poolp memory space */
-    pk = sec_pkcs12_create_espvk(poolp, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING);
-    if(pk != NULL) {
-	rv = sec_pkcs12_init_pvk_data(poolp, &pk->espvkData);
-	rv = SECITEM_CopyItem(poolp, &pk->espvkData.nickname, nickname);
-	pk->espvkCipherText.pkcs8KeyShroud = 
-	    (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp,
-					sizeof(SECKEYEncryptedPrivateKeyInfo));
-	if((pk->espvkCipherText.pkcs8KeyShroud != NULL)  && (rv == SECSuccess)) {
-	    rv = SECKEY_CopyEncryptedPrivateKeyInfo(poolp, 
-					pk->espvkCipherText.pkcs8KeyShroud, epki);
-	    if(rv == SECSuccess) {
-		rv = (*unicodeFn)(poolp, &pk->espvkData.uniNickName, nickname, 
-				  PR_TRUE, swapUnicodeBytes);
-	    }
-	}
-
-	if(rv != SECSuccess) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    pk = NULL;
-	}
-    }
-
-    SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
-    if(pk == NULL) {
-	PORT_ArenaRelease(poolp, mark);
-    } else {
-	PORT_ArenaUnmark(poolp, mark);
-    }
-	
-    return pk;
-}
-
-/* add a thumbprint to a private key associated certs list 
- * pvk is the area where the list is stored
- * thumb is the thumbprint to copy
- * a return of SECFailure indicates an error 
- */
-static SECStatus 
-sec_pkcs12_add_thumbprint(SEC_PKCS12PVKSupportingData *pvk,
-			  SGNDigestInfo *thumb)
-{
-    SGNDigestInfo **thumb_list = NULL;
-    int nthumbs, size;
-    void *mark, *dummy;
-    SECStatus rv = SECFailure;
-
-    if((pvk == NULL) || (thumb == NULL)) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(pvk->poolp);
-
-    thumb_list = pvk->assocCerts;
-    nthumbs = pvk->nThumbs;
-
-    /* allocate list space needed -- either growing or allocating 
-     * list must be NULL terminated 
-     */
-    size = sizeof(SGNDigestInfo *);
-    dummy = PORT_ArenaGrow(pvk->poolp, thumb_list, (size * (nthumbs + 1)),
-    			   (size * (nthumbs + 2)));
-    thumb_list = dummy;
-    if(dummy != NULL) {
-	thumb_list[nthumbs] = (SGNDigestInfo *)PORT_ArenaZAlloc(pvk->poolp, 
-						sizeof(SGNDigestInfo));
-	if(thumb_list[nthumbs] != NULL) {
-	    SGN_CopyDigestInfo(pvk->poolp, thumb_list[nthumbs], thumb);
-	    nthumbs += 1;
-	    thumb_list[nthumbs] = 0;
-	} else {
-	    dummy = NULL;
-	}
-    }
-
-    if(dummy == NULL) {
-    	PORT_ArenaRelease(pvk->poolp, mark);
-	return SECFailure;
-    } 
-
-    pvk->assocCerts = thumb_list;
-    pvk->nThumbs = nthumbs;
-
-    PORT_ArenaUnmark(pvk->poolp, mark);
-    return SECSuccess;
-}
-
-/* search the list of shrouded keys in the baggage for the desired
- * name.  return a pointer to the item.  a return of NULL indicates
- * that no match was present or that an error occurred.
- */
-static SEC_PKCS12ESPVKItem *
-sec_pkcs12_get_espvk_by_name(SEC_PKCS12Baggage *luggage, 
-			     SECItem *name)
-{
-    PRBool found = PR_FALSE;
-    SEC_PKCS12ESPVKItem *espvk = NULL;
-    int i, j;
-    SECComparison rv = SECEqual;
-    SECItem *t_name;
-    SEC_PKCS12BaggageItem *bag;
-
-    if((luggage == NULL) || (name == NULL)) {
-	return NULL;
-    }
-
-    i = 0;
-    while((found == PR_FALSE) && (i < luggage->luggage_size)) {
-	j = 0;
-	bag = luggage->bags[i];
-	while((found == PR_FALSE) && (j < bag->nEspvks)) {
-	    espvk = bag->espvks[j];
-	    if(espvk->poolp == NULL) {
-		espvk->poolp = luggage->poolp;
-	    }
-	    t_name = SECITEM_DupItem(&espvk->espvkData.nickname);
-	    if(t_name != NULL) {
-		rv = SECITEM_CompareItem(name, t_name);
-		if(rv == SECEqual) {
-		    found = PR_TRUE;
-		}
-		SECITEM_FreeItem(t_name, PR_TRUE);
-	    } else {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		return NULL;
-	    }
-	    j++;
-	}
-	i++;
-    }
-
-    if(found != PR_TRUE) {
-	PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
-	return NULL;
-    }
-
-    return espvk;
-}
-
-/* locates a certificate and copies the thumbprint to the
- * appropriate private key
- */
-static SECStatus 
-sec_pkcs12_propagate_thumbprints(SECItem **nicknames,
-				 CERTCertificate **ref_certs,
-				 SEC_PKCS12SafeContents *safe,
-				 SEC_PKCS12Baggage *baggage)
-{
-    SEC_PKCS12CertAndCRL *cert;
-    SEC_PKCS12PrivateKey *key;
-    SEC_PKCS12ESPVKItem *espvk;
-    int i;
-    PRBool error = PR_FALSE;
-    SECStatus rv = SECFailure;
-
-    if((nicknames == NULL) || (safe == NULL)) {
-	return SECFailure;
-    }
-
-    i = 0;
-    while((nicknames[i] != NULL) && (error == PR_FALSE)) {
-	/* process all certs */
-	cert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
-					SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
-					nicknames[i], NULL);
-	if(cert != NULL) {
-	    /* locate key and copy thumbprint */
-	    key = (SEC_PKCS12PrivateKey *)sec_pkcs12_find_object(safe, baggage,
-	    				SEC_OID_PKCS12_KEY_BAG_ID,
-	    				nicknames[i], NULL);
-	    if(key != NULL) {
-		key->pvkData.poolp = key->poolp;
-		rv = sec_pkcs12_add_thumbprint(&key->pvkData, 
-			&cert->value.x509->thumbprint);
-		if(rv == SECFailure)
-		    error = PR_TRUE;  /* XXX Set error? */
-	    }
-
-	    /* look in the baggage as well...*/
-	    if((baggage != NULL) && (error == PR_FALSE)) {
-		espvk = sec_pkcs12_get_espvk_by_name(baggage, nicknames[i]);
-		if(espvk != NULL) {
-		    espvk->espvkData.poolp = espvk->poolp;
-		    rv = sec_pkcs12_add_thumbprint(&espvk->espvkData,
-			&cert->value.x509->thumbprint);
-		    if(rv == SECFailure)
-			error = PR_TRUE;  /* XXX Set error? */
-		}
-	    }
-	}
-	i++;
-    }
-
-    if(error == PR_TRUE) {
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-/* append a safe bag to the end of the safe contents list */
-SECStatus 
-sec_pkcs12_append_safe_bag(SEC_PKCS12SafeContents *safe,
-			   SEC_PKCS12SafeBag *bag)
-{
-    int size;
-    void *mark = NULL, *dummy = NULL;
-
-    if((bag == NULL) || (safe == NULL))
-	return SECFailure;
-
-    mark = PORT_ArenaMark(safe->poolp);
-
-    size = (safe->safe_size * sizeof(SEC_PKCS12SafeBag *));
-    
-    if(safe->safe_size > 0) {
-	dummy = (SEC_PKCS12SafeBag **)PORT_ArenaGrow(safe->poolp, 
-	    				safe->contents, 
-	    				size, 
-	    				(size + sizeof(SEC_PKCS12SafeBag *)));
-	safe->contents = dummy;
-    } else {
-	safe->contents = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(safe->poolp, 
-	    (2 * sizeof(SEC_PKCS12SafeBag *)));
-	dummy = safe->contents;
-    }
-
-    if(dummy == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    safe->contents[safe->safe_size] = bag;
-    safe->safe_size++;
-    safe->contents[safe->safe_size] = NULL;
-
-    PORT_ArenaUnmark(safe->poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(safe->poolp, mark);
-    return SECFailure;
-}
-
-/* append a certificate onto the end of a cert bag */
-static SECStatus 
-sec_pkcs12_append_cert_to_bag(PRArenaPool *arena,
-			      SEC_PKCS12SafeBag *safebag,
-			      CERTCertificate *cert,
-			      SECItem *nickname)
-{
-    int size;
-    void *dummy = NULL, *mark = NULL;
-    SEC_PKCS12CertAndCRL *p12cert;
-    SEC_PKCS12CertAndCRLBag *bag;
-
-    if((arena == NULL) || (safebag == NULL) || 
-    	(cert == NULL) || (nickname == NULL)) {
-	return SECFailure;
-    }
-
-    bag = safebag->safeContent.certAndCRLBag;
-    if(bag == NULL) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(arena);
-
-    p12cert = sec_pkcs12_get_cert(arena, cert, nickname);
-    if(p12cert == NULL) {
-	PORT_ArenaRelease(bag->poolp, mark);
-	return SECFailure;
-    }
-
-    size = bag->bag_size * sizeof(SEC_PKCS12CertAndCRL *);
-    if(bag->bag_size > 0) {
-	dummy = (SEC_PKCS12CertAndCRL **)PORT_ArenaGrow(bag->poolp,
-	    bag->certAndCRLs, size, size + sizeof(SEC_PKCS12CertAndCRL *));
-	bag->certAndCRLs = dummy;
-    } else {
-	bag->certAndCRLs = (SEC_PKCS12CertAndCRL **)PORT_ArenaZAlloc(bag->poolp,
-	    (2 * sizeof(SEC_PKCS12CertAndCRL *)));
-	dummy = bag->certAndCRLs;
-    }
-
-    if(dummy == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    bag->certAndCRLs[bag->bag_size] = p12cert;
-    bag->bag_size++;
-    bag->certAndCRLs[bag->bag_size] = NULL;
-
-    PORT_ArenaUnmark(bag->poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(bag->poolp, mark);
-    return SECFailure;
-}
-
-/* append a key onto the end of a list of keys in a key bag */
-SECStatus 
-sec_pkcs12_append_key_to_bag(SEC_PKCS12SafeBag *safebag,
-			     SEC_PKCS12PrivateKey *pk)
-{
-    void *mark, *dummy;
-    SEC_PKCS12PrivateKeyBag *bag;
-    int size;
-
-    if((safebag == NULL) || (pk == NULL))
-	return SECFailure;
-
-    bag = safebag->safeContent.keyBag;
-    if(bag == NULL) {
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark(bag->poolp);
-
-    size = (bag->bag_size * sizeof(SEC_PKCS12PrivateKey *));
-
-    if(bag->bag_size > 0) {
-	dummy = (SEC_PKCS12PrivateKey **)PORT_ArenaGrow(bag->poolp,
-					bag->privateKeys, 
-					size, 
-					size + sizeof(SEC_PKCS12PrivateKey *));
-	bag->privateKeys = dummy;
-    } else {
-	bag->privateKeys = (SEC_PKCS12PrivateKey **)PORT_ArenaZAlloc(bag->poolp,
-	    (2 * sizeof(SEC_PKCS12PrivateKey *)));
-	dummy = bag->privateKeys;
-    }
-
-    if(dummy == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    bag->privateKeys[bag->bag_size] = pk;
-    bag->bag_size++;
-    bag->privateKeys[bag->bag_size] = NULL;
-
-    PORT_ArenaUnmark(bag->poolp, mark);
-    return SECSuccess;
-
-loser:
-    /* XXX Free memory? */
-    PORT_ArenaRelease(bag->poolp, mark);
-    return SECFailure;
-}
-
-/* append a safe bag to the baggage area */
-static SECStatus 
-sec_pkcs12_append_unshrouded_bag(SEC_PKCS12BaggageItem *bag,
-				 SEC_PKCS12SafeBag *u_bag)
-{
-    int size;
-    void *mark = NULL, *dummy = NULL;
-
-    if((bag == NULL) || (u_bag == NULL))
-	return SECFailure;
-
-    mark = PORT_ArenaMark(bag->poolp);
-
-    /* dump things into the first bag */
-    size = (bag->nSecrets + 1) * sizeof(SEC_PKCS12SafeBag *);
-    dummy = PORT_ArenaGrow(bag->poolp,
-	    		bag->unencSecrets, size, 
-	    		size + sizeof(SEC_PKCS12SafeBag *));
-    bag->unencSecrets = dummy;
-    if(dummy == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    bag->unencSecrets[bag->nSecrets] = u_bag;
-    bag->nSecrets++;
-    bag->unencSecrets[bag->nSecrets] = NULL;
-
-    PORT_ArenaUnmark(bag->poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(bag->poolp, mark);
-    return SECFailure;
-}
-
-/* gather up all certificates and keys and package them up
- * in the safe, baggage, or both.
- * nicknames is the list of nicknames and corresponding certs in ref_certs
- * ref_certs a null terminated list of certificates
- * rSafe, rBaggage -- return areas for safe and baggage
- * shroud_keys -- store keys externally
- * pwitem -- password for computing integrity mac and encrypting contents
- * wincx -- window handle
- *
- * if a failure occurs, an error is set and SECFailure returned.
- */
-static SECStatus
-sec_pkcs12_package_certs_and_keys(SECItem **nicknames,
-				  CERTCertificate **ref_certs,
-				  PRBool unencryptedCerts,
-				  SEC_PKCS12SafeContents **rSafe,
-				  SEC_PKCS12Baggage **rBaggage,
-				  PRBool shroud_keys, 
-				  SECOidTag shroud_alg,
-				  SECItem *pwitem,
-				  PKCS12UnicodeConvertFunction unicodeFn,
-				  void *wincx)
-{
-    PRArenaPool *permArena;
-    SEC_PKCS12SafeContents *safe = NULL;
-    SEC_PKCS12Baggage *baggage = NULL;
-
-    SECStatus rv = SECFailure;
-    PRBool problem = PR_FALSE;
-
-    SEC_PKCS12ESPVKItem *espvk = NULL;
-    SEC_PKCS12PrivateKey *pk = NULL;
-    CERTCertificate *add_cert = NULL;
-    SEC_PKCS12SafeBag *certbag = NULL, *keybag = NULL;
-    SEC_PKCS12BaggageItem *external_bag = NULL;
-    int ncerts = 0, nkeys = 0;
-    int i;
-
-    if((nicknames == NULL) || (rSafe == NULL) || (rBaggage == NULL)) {
-	return SECFailure;
-    }
-	
-    *rBaggage = baggage;
-    *rSafe = safe;
-
-    permArena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(permArena == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-     }
-
-    /* allocate structures */
-    safe = sec_pkcs12_create_safe_contents(permArena);
-    if(safe == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	rv = SECFailure;
-	goto loser;
-    }
-
-    certbag = sec_pkcs12_create_safe_bag(permArena, 
-					 SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID);
-    if(certbag == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    if(shroud_keys != PR_TRUE) {
-	keybag = sec_pkcs12_create_safe_bag(permArena, 
-					    SEC_OID_PKCS12_KEY_BAG_ID);
-	if(keybag == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-    }
-
-    if((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
-	baggage = sec_pkcs12_create_baggage(permArena);
-    	if(baggage == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	external_bag = sec_pkcs12_create_external_bag(baggage);
-    }
-
-    /* package keys and certs */
-    i = 0;
-    while((nicknames[i] != NULL) && (problem == PR_FALSE)) {
-	if(ref_certs[i] != NULL) {
-	    /* append cert to bag o certs */
-	    rv = sec_pkcs12_append_cert_to_bag(permArena, certbag, 
-	    				       ref_certs[i],
-	    				       nicknames[i]);
-	    if(rv == SECFailure) {
-		problem = PR_FALSE;
-	    } else {
-		ncerts++;
-	    }
-
-	    if(rv == SECSuccess) {
-		/* package up them keys */
-		if(shroud_keys == PR_TRUE) {
-	    	    espvk = sec_pkcs12_get_shrouded_key(permArena, 
-							nicknames[i],
-	    	    					ref_certs[i],
-							shroud_alg, 
-							pwitem, unicodeFn,
-							wincx);
-		    if(espvk != NULL) {
-			rv = sec_pkcs12_append_shrouded_key(external_bag, espvk);
-			SECITEM_CopyItem(permArena, &espvk->derCert,
-					 &ref_certs[i]->derCert);
-		    } else {
-			rv = SECFailure;
-		    }
-		} else {
-		    pk = sec_pkcs12_get_private_key(permArena, nicknames[i], 
-		    				    ref_certs[i], wincx);
-		    if(pk != NULL) {
-			rv = sec_pkcs12_append_key_to_bag(keybag, pk);
-			SECITEM_CopyItem(permArena, &espvk->derCert,
-					 &ref_certs[i]->derCert);
-		    } else {
-			rv = SECFailure;
-		    }
-		}
-	
-		if(rv == SECFailure) {
-		    problem = PR_TRUE;
-		} else {
-		    nkeys++;
-		}
-	    }
-	} else {
-	    /* handle only keys here ? */
-	    problem = PR_TRUE;
-	}
-	i++;
-    }
-
-    /* let success fall through */
-loser:
-    if(problem == PR_FALSE) {
-	/* if we have certs, we want to append the cert bag to the 
-	 * appropriate area 
-	 */
-	if(ncerts > 0) {
-	    if(unencryptedCerts != PR_TRUE) {
-		rv = sec_pkcs12_append_safe_bag(safe, certbag);
-	    } else {
-		rv = sec_pkcs12_append_unshrouded_bag(external_bag, certbag);
-	    }
-	} else {
-	    rv = SECSuccess;
-	}
-
-	/* append key bag, if they are stored in safe contents */
-	if((rv == SECSuccess) && (shroud_keys == PR_FALSE) && (nkeys > 0)) {
-	    rv = sec_pkcs12_append_safe_bag(safe, keybag);
-	}
-    } else {
-	rv = SECFailure;
-    }
-
-    /* if baggage not used, NULLify it */
-    if((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
-	if(((unencryptedCerts == PR_TRUE) && (ncerts == 0)) &&
-	   ((shroud_keys == PR_TRUE) && (nkeys == 0)))
-		baggage = NULL;
-    } else {
-	baggage = NULL;
-    }
-
-    if((problem == PR_TRUE) || (rv == SECFailure)) {
-	PORT_FreeArena(permArena, PR_TRUE);
-	rv = SECFailure;
-	baggage = NULL;
-	safe = NULL;
-    }
-
-    *rBaggage = baggage;
-    *rSafe = safe;
-
-    return rv;
-}
-
-/* DER encode the safe contents and return a SECItem.  if an error
- * occurs, NULL is returned.
- */
-static SECItem *
-sec_pkcs12_encode_safe_contents(SEC_PKCS12SafeContents *safe)
-{
-    SECItem *dsafe = NULL, *tsafe;
-    void *dummy = NULL;
-    PRArenaPool *arena;
-
-    if(safe == NULL) {
-	return NULL;
-    }
-
-/*    rv = sec_pkcs12_prepare_for_der_code_safe(safe, PR_TRUE);
-    if(rv != SECSuccess) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }*/
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(arena == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    tsafe = (SECItem *)PORT_ArenaZAlloc(arena, sizeof(SECItem));
-    if(tsafe != NULL) {
-	dummy = SEC_ASN1EncodeItem(arena, tsafe, safe, 
-	    SEC_PKCS12SafeContentsTemplate);
-	if(dummy != NULL) {
-	    dsafe = SECITEM_DupItem(tsafe);
-	} else {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	}
-    } else {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-
-    PORT_FreeArena(arena, PR_TRUE);
-
-    return dsafe;
-}
-
-/* prepare the authenicated safe for encoding and encode it.  
- *   baggage is copied to the appropriate area, safe is encoded and
- *   encrypted.  the version and transport mode are set on the asafe.
- *   the whole ball of wax is then der encoded and packaged up into
- *   data content info 
- * safe -- container of certs and keys, is encrypted.
- * baggage -- container of certs and keys, keys assumed to be encrypted by 
- *    another method, certs are in the clear
- * algorithm -- algorithm by which to encrypt safe
- * pwitem -- password for encryption
- * wincx - window handle
- *
- * return of NULL is an error condition.
- */
-static SEC_PKCS7ContentInfo *
-sec_pkcs12_get_auth_safe(SEC_PKCS12SafeContents *safe, 
-			 SEC_PKCS12Baggage *baggage,  
-			 SECOidTag algorithm, 
-			 SECItem *pwitem,
-			 PKCS12UnicodeConvertFunction unicodeFn,
-			 void *wincx)
-{
-    SECItem *src = NULL, *dest = NULL, *psalt = NULL;
-    PRArenaPool *poolp;
-    SEC_PKCS12AuthenticatedSafe *asafe;
-    SEC_PKCS7ContentInfo *safe_cinfo = NULL;
-    SEC_PKCS7ContentInfo *asafe_cinfo = NULL;
-    void *dummy;
-    SECStatus rv = SECSuccess;
-    PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
-    swapUnicodeBytes = PR_TRUE;
-#endif
-    
-    if(((safe != NULL) && (pwitem == NULL)) && (baggage == NULL))
-	return NULL;
-
-    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(poolp == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    /* prepare authenticated safe for encode */
-    asafe = sec_pkcs12_new_asafe(poolp);
-    if(asafe != NULL) {
-
-	/* set version */
-	dummy = SEC_ASN1EncodeInteger(asafe->poolp, &asafe->version,
-				      SEC_PKCS12_PFX_VERSION);
-	if(dummy == NULL) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* generate the privacy salt used to create virtual pwd */
-	psalt = sec_pkcs12_generate_salt();
-	if(psalt != NULL) {
-	    rv = SECITEM_CopyItem(asafe->poolp, &asafe->privacySalt,
-				  psalt);
-	    if(rv == SECSuccess) {
-		asafe->privacySalt.len *= 8;
-	    } 
-	    else {
-		SECITEM_ZfreeItem(psalt, PR_TRUE);
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    }
-	} 
-
-	if((psalt == NULL) || (rv == SECFailure)) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* package up safe contents */
-	if(safe != NULL) 
-	{
-	    safe_cinfo = SEC_PKCS7CreateEncryptedData(algorithm, NULL, wincx);
-	    if((safe_cinfo != NULL) && (safe->safe_size > 0)) {
-		/* encode the safe and encrypt the contents of the 
-		 * content info
-		 */
-		src = sec_pkcs12_encode_safe_contents(safe);
-
-		if(src != NULL) {
-		    rv = SEC_PKCS7SetContent(safe_cinfo, (char *)src->data, src->len);
-		    SECITEM_ZfreeItem(src, PR_TRUE);
-		    if(rv == SECSuccess) {
-			SECItem *vpwd;
-			vpwd = sec_pkcs12_create_virtual_password(pwitem, psalt,
-						unicodeFn, swapUnicodeBytes);
-			if(vpwd != NULL) {
-			    rv = SEC_PKCS7EncryptContents(NULL, safe_cinfo,
-							  vpwd, wincx);
-			    SECITEM_ZfreeItem(vpwd, PR_TRUE);
-			} else {
-			    rv = SECFailure;
-			    PORT_SetError(SEC_ERROR_NO_MEMORY);
-			}
-		    } else {
-			PORT_SetError(SEC_ERROR_NO_MEMORY);
-		    }
-		} else {
-		    rv = SECFailure;
-		}
-	    } else if(safe->safe_size > 0) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    } else {
-	    	/* case where there is NULL content in the safe contents */
-		rv = SEC_PKCS7SetContent(safe_cinfo, NULL, 0);
-		if(rv != SECFailure) {
-		    PORT_SetError(SEC_ERROR_NO_MEMORY);
-		}
-	    }
-
-	    if(rv != SECSuccess) {
-		SEC_PKCS7DestroyContentInfo(safe_cinfo);
-		safe_cinfo = NULL;
-		goto loser;
-	    }
-
-	    asafe->safe = safe_cinfo;	
-	    /*
-	    PORT_Memcpy(&asafe->safe, safe_cinfo, sizeof(*safe_cinfo));
-	    */
-	}
-
-	/* copy the baggage to the authenticated safe baggage if present */
-	if(baggage != NULL) {
-	    PORT_Memcpy(&asafe->baggage, baggage, sizeof(*baggage));
-	}
-
-	/* encode authenticated safe and store it in a Data content info */
-	dest = (SECItem *)PORT_ArenaZAlloc(poolp, sizeof(SECItem));
-	if(dest != NULL) {
-	    dummy = SEC_ASN1EncodeItem(poolp, dest, asafe, 
-				SEC_PKCS12AuthenticatedSafeTemplate);
-	    if(dummy != NULL) {
-		asafe_cinfo = SEC_PKCS7CreateData();
-		if(asafe_cinfo != NULL) {
-		    rv = SEC_PKCS7SetContent(asafe_cinfo, 
-					 	(char *)dest->data, 
-						dest->len);
-		    if(rv != SECSuccess) {
-			PORT_SetError(SEC_ERROR_NO_MEMORY);
-			SEC_PKCS7DestroyContentInfo(asafe_cinfo);
-			asafe_cinfo = NULL;
-		    }
-		}
-	    } else {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		rv = SECFailure;
-	    }
-	}
-    }
-
-loser:
-    PORT_FreeArena(poolp, PR_TRUE);
-    if(safe_cinfo != NULL) {
-    	SEC_PKCS7DestroyContentInfo(safe_cinfo);
-    }
-    if(psalt != NULL) {
-	SECITEM_ZfreeItem(psalt, PR_TRUE);
-    }
-
-    if(rv == SECFailure) {
-	return NULL;
-    }
-	
-    return asafe_cinfo;
-}
-
-/* generates the PFX and computes the mac on the authenticated safe 
- * NULL implies an error
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_get_pfx(SEC_PKCS7ContentInfo *cinfo, 
-		   PRBool do_mac, 
-		   SECItem *pwitem, PKCS12UnicodeConvertFunction unicodeFn)
-{
-    SECItem *dest = NULL, *mac = NULL, *salt = NULL, *key = NULL;
-    SEC_PKCS12PFXItem *pfx;
-    SECStatus rv = SECFailure;
-    SGNDigestInfo *di;
-    SECItem *vpwd;
-    PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
-    swapUnicodeBytes = PR_TRUE;
-#endif
-
-    if((cinfo == NULL) || ((do_mac == PR_TRUE) && (pwitem == NULL))) {
-	return NULL;
-    }
-
-    /* allocate new pfx structure */
-    pfx = sec_pkcs12_new_pfx();
-    if(pfx == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    PORT_Memcpy(&pfx->authSafe, cinfo, sizeof(*cinfo));
-    if(do_mac == PR_TRUE) {
-
-    	/* salt for computing mac */
-	salt = sec_pkcs12_generate_salt();
-	if(salt != NULL) {
-	    rv = SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, salt);
-	    pfx->macData.macSalt.len *= 8;
-
-	    vpwd = sec_pkcs12_create_virtual_password(pwitem, salt,
-						unicodeFn, swapUnicodeBytes);
-	    if(vpwd == NULL) {
-		rv = SECFailure;
-		key = NULL;
-	    } else {
-		key = sec_pkcs12_generate_key_from_password(SEC_OID_SHA1,
-							salt, vpwd);
-		SECITEM_ZfreeItem(vpwd, PR_TRUE);
-	    }
-
-	    if((key != NULL) && (rv == SECSuccess)) {
-		dest = SEC_PKCS7GetContent(cinfo);
-		if(dest != NULL) {
-
-		    /* compute mac on data -- for password integrity mode */
-		    mac = sec_pkcs12_generate_mac(key, dest, PR_FALSE);
-		    if(mac != NULL) {
-			di = SGN_CreateDigestInfo(SEC_OID_SHA1, 
-			    			  mac->data, mac->len);
-			if(di != NULL) {
-			    rv = SGN_CopyDigestInfo(pfx->poolp, 
-						    &pfx->macData.safeMac, di);
-			    SGN_DestroyDigestInfo(di);
-			} else {
-			    PORT_SetError(SEC_ERROR_NO_MEMORY);
-			}
-			SECITEM_ZfreeItem(mac, PR_TRUE);
-		    }
-		} else {
-		    rv = SECFailure;
-		}
-	    } else {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		rv = SECFailure;
-	    }
-
-	    if(key != NULL) {
-		SECITEM_ZfreeItem(key, PR_TRUE);
-	    }
-	    SECITEM_ZfreeItem(salt, PR_TRUE);
-	}
-    }
-
-    if(rv == SECFailure) {
-	SEC_PKCS12DestroyPFX(pfx);
-	pfx = NULL;
-    }
-
-    return pfx;
-}
-
-/* der encode the pfx */
-static SECItem *
-sec_pkcs12_encode_pfx(SEC_PKCS12PFXItem *pfx)
-{
-    SECItem *dest;
-    void *dummy;
-
-    if(pfx == NULL) {
-	return NULL;
-    }
-
-    dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(dest == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    dummy = SEC_ASN1EncodeItem(NULL, dest, pfx, SEC_PKCS12PFXItemTemplate);
-    if(dummy == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	SECITEM_ZfreeItem(dest, PR_TRUE);
-	dest = NULL;
-    }
-
-    return dest;
-}
-
-SECItem *
-SEC_PKCS12GetPFX(char **nicknames,
-		 CERTCertificate **ref_certs,
-		 PRBool shroud_keys, 
-		 SEC_PKCS5GetPBEPassword pbef, 
-		 void *pbearg,
-		 PKCS12UnicodeConvertFunction unicodeFn,
-		 void *wincx)
-{
-    SECItem **nicks = NULL;
-    SEC_PKCS12PFXItem *pfx = NULL;
-    SEC_PKCS12Baggage *baggage = NULL;
-    SEC_PKCS12SafeContents *safe = NULL;
-    SEC_PKCS7ContentInfo *cinfo = NULL;
-    SECStatus rv = SECFailure;
-    SECItem *dest = NULL, *pwitem = NULL;
-    PRBool problem = PR_FALSE;
-    PRBool unencryptedCerts;
-    SECOidTag shroud_alg, safe_alg;
-
-    /* how should we encrypt certs ? */
-    unencryptedCerts = !SEC_PKCS12IsEncryptionAllowed();
-    if(!unencryptedCerts) {
-	safe_alg = SEC_PKCS12GetPreferredEncryptionAlgorithm();
-	if(safe_alg == SEC_OID_UNKNOWN) {
-	    safe_alg = SEC_PKCS12GetStrongestAllowedAlgorithm();
-	}
-	if(safe_alg == SEC_OID_UNKNOWN) {
-	    unencryptedCerts = PR_TRUE;
-	    /* for export where no encryption is allowed, we still need
-	     * to encrypt the NULL contents per the spec.  encrypted info
-	     * is known plaintext, so it shouldn't be a problem.
-	     */
-	    safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
-	}
-    } else {
-	/* for export where no encryption is allowed, we still need
-	 * to encrypt the NULL contents per the spec.  encrypted info
-	 * is known plaintext, so it shouldn't be a problem.
-	 */
-	safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
-    }
-
-    /* keys are always stored with triple DES */
-    shroud_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
-
-    /* check for FIPS, if so, do not encrypt certs */
-    if(PK11_IsFIPS() && !unencryptedCerts) {
-	unencryptedCerts = PR_TRUE;
-    }
-
-    if((nicknames == NULL) || (pbef == NULL) || (ref_certs == NULL)) {
-	problem = PR_TRUE;
-	goto loser;
-    }
-
-
-    /* get password */
-    pwitem = (*pbef)(pbearg);
-    if(pwitem == NULL) {
-	problem = PR_TRUE;
-	goto loser;
-    }
-    nicks = sec_pkcs12_convert_nickname_list(nicknames);
-
-    /* get safe and baggage */
-    rv = sec_pkcs12_package_certs_and_keys(nicks, ref_certs, unencryptedCerts,
-    					   &safe, &baggage, shroud_keys,
-    					   shroud_alg, pwitem, unicodeFn, wincx);
-    if(rv == SECFailure) {
-	problem = PR_TRUE;
-    }
-
-    if((safe != NULL) && (problem == PR_FALSE)) {
-	/* copy thumbprints */
-	rv = sec_pkcs12_propagate_thumbprints(nicks, ref_certs, safe, baggage);
-
-	/* package everything up into AuthenticatedSafe */
-	cinfo = sec_pkcs12_get_auth_safe(safe, baggage, 
-					 safe_alg, pwitem, unicodeFn, wincx);
-
-	sec_pkcs12_destroy_cert_content_infos(safe, baggage);
-
-	/* get the pfx and mac it */
-	if(cinfo != NULL) {
-	    pfx = sec_pkcs12_get_pfx(cinfo, PR_TRUE, pwitem, unicodeFn);
-	    if(pfx != NULL) {
-		dest = sec_pkcs12_encode_pfx(pfx);
-		SEC_PKCS12DestroyPFX(pfx);
-	    }
-	    SEC_PKCS7DestroyContentInfo(cinfo);
-	}
-
-	if(safe != NULL) {
-	    PORT_FreeArena(safe->poolp, PR_TRUE);
-	}
-    } else {
-	if(safe != NULL) {
-	    PORT_FreeArena(safe->poolp, PR_TRUE);
-	}
-    }
-
-loser:
-    if(nicks != NULL) {
-	sec_pkcs12_destroy_nickname_list(nicks);
-    }
-
-    if(ref_certs != NULL) {
-	sec_pkcs12_destroy_certificate_list(ref_certs);
-    }
-
-    if(pwitem != NULL) {
-	SECITEM_ZfreeItem(pwitem, PR_TRUE);
-    }
-
-    if(problem == PR_TRUE) {
-	dest = NULL;
-    }
-
-    return dest;
-}
diff --git a/security/nss/lib/pkcs12/p12local.c b/security/nss/lib/pkcs12/p12local.c
deleted file mode 100644
index ec7e4a76a..000000000
--- a/security/nss/lib/pkcs12/p12local.c
+++ /dev/null
@@ -1,1363 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "pkcs12.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "seccomon.h"
-#include "secoid.h"
-#include "sechash.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "p12.h"
-
-#define SALT_LENGTH	16
-
-SEC_ASN1_MKSUB(SECKEY_PrivateKeyInfoTemplate)
-SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
-
-CK_MECHANISM_TYPE
-sec_pkcs12_algtag_to_mech(SECOidTag algtag)
-{
-    switch (algtag) {
-    case SEC_OID_MD2:
-	return CKM_MD2_HMAC;
-    case SEC_OID_MD5:
-	return CKM_MD5_HMAC;
-    case SEC_OID_SHA1:
-	return CKM_SHA_1_HMAC;
-    default:
-	break;
-    }
-    return CKM_INVALID_MECHANISM;
-}
-
-/* helper functions */
-/* returns proper bag type template based upon object type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type_old(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS12SafeBag *safebag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    safebag = (SEC_PKCS12SafeBag*)src_or_dest;
-
-    oiddata = safebag->safeBagTypeTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&safebag->safeBagType);
-	safebag->safeBagTypeTag = oiddata;
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	    break;
-	case SEC_OID_PKCS12_KEY_BAG_ID:
-	    theTemplate = SEC_PointerToPKCS12KeyBagTemplate;
-	    break;
-	case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
-	    theTemplate = SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD;
-	    break;
-        case SEC_OID_PKCS12_SECRET_BAG_ID:
-	    theTemplate = SEC_PointerToPKCS12SecretBagTemplate;
-	    break;
-    }
-    return theTemplate;
-}
-
-const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS12SafeBag *safebag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    safebag = (SEC_PKCS12SafeBag*)src_or_dest;
-
-    oiddata = safebag->safeBagTypeTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&safebag->safeBagType);
-	safebag->safeBagTypeTag = oiddata;
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	case SEC_OID_PKCS12_KEY_BAG_ID:
-	    theTemplate = SEC_PKCS12PrivateKeyBagTemplate;
-	    break;
-	case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
-	    theTemplate = SEC_PKCS12CertAndCRLBagTemplate;
-	    break;
-        case SEC_OID_PKCS12_SECRET_BAG_ID:
-	    theTemplate = SEC_PKCS12SecretBagTemplate;
-	    break;
-    }
-    return theTemplate;
-}
-
-/* returns proper cert crl template based upon type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type_old(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS12CertAndCRL *certbag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    certbag = (SEC_PKCS12CertAndCRL*)src_or_dest;
-    oiddata = certbag->BagTypeTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&certbag->BagID);
-	certbag->BagTypeTag = oiddata;
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	    break;
-	case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
-	    theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate_OLD;
-	    break;
-	case SEC_OID_PKCS12_SDSI_CERT_BAG:
-	    theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
-	    break;
-    }
-    return theTemplate;
-}
-
-const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS12CertAndCRL *certbag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    certbag = (SEC_PKCS12CertAndCRL*)src_or_dest;
-    oiddata = certbag->BagTypeTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&certbag->BagID);
-	certbag->BagTypeTag = oiddata;
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	    break;
-	case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
-	    theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate;
-	    break;
-	case SEC_OID_PKCS12_SDSI_CERT_BAG:
-	    theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
-	    break;
-    }
-    return theTemplate;
-}
-
-/* returns appropriate shroud template based on object type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS12ESPVKItem *espvk;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    espvk = (SEC_PKCS12ESPVKItem*)src_or_dest;
-    oiddata = espvk->espvkTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&espvk->espvkOID);
- 	espvk->espvkTag = oiddata;
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	    break;
-	case SEC_OID_PKCS12_PKCS8_KEY_SHROUDING:
-	   theTemplate = 
-		SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
-	    break;
-    }
-    return theTemplate;
-}
-
-/* generate SALT  placing it into the character array passed in.
- * it is assumed that salt_dest is an array of appropriate size
- * XXX We might want to generate our own random context
- */
-SECItem *
-sec_pkcs12_generate_salt(void)
-{
-    SECItem *salt;
-
-    salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(salt == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-    salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) * 
-					      SALT_LENGTH);
-    salt->len = SALT_LENGTH;
-    if(salt->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	SECITEM_ZfreeItem(salt, PR_TRUE);
-	return NULL;
-    }
-
-    PK11_GenerateRandom(salt->data, salt->len);
-
-    return salt;
-}
-
-/* generate KEYS -- as per PKCS12 section 7.  
- * only used for MAC
- */
-SECItem *
-sec_pkcs12_generate_key_from_password(SECOidTag algorithm, 
-				      SECItem *salt, 
-				      SECItem *password) 
-{
-    unsigned char *pre_hash=NULL;
-    unsigned char *hash_dest=NULL;
-    SECStatus res;
-    PRArenaPool *poolp;
-    SECItem *key = NULL;
-    int key_len = 0;
-
-    if((salt == NULL) || (password == NULL)) {
-	return NULL;
-    }
-
-    poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(poolp == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    pre_hash = (unsigned char *)PORT_ArenaZAlloc(poolp, sizeof(char) * 
-						 (salt->len+password->len));
-    if(pre_hash == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    hash_dest = (unsigned char *)PORT_ArenaZAlloc(poolp, 
-					sizeof(unsigned char) * SHA1_LENGTH);
-    if(hash_dest == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    PORT_Memcpy(pre_hash, salt->data, salt->len);
-    /* handle password of 0 length case */
-    if(password->len > 0) {
-	PORT_Memcpy(&(pre_hash[salt->len]), password->data, password->len);
-    }
-
-    res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, pre_hash, 
-                       (salt->len+password->len));
-    if(res == SECFailure) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    switch(algorithm) {
-	case SEC_OID_SHA1:
-	    if(key_len == 0)
-		key_len = 16;
-	    key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-	    if(key == NULL) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    }
-	    key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) 
-						     * key_len);
-	    if(key->data == NULL) {
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		goto loser;
-	    }
-	    key->len = key_len;
-	    PORT_Memcpy(key->data, &hash_dest[SHA1_LENGTH-key->len], key->len);
-	    break;
-	default:
-	    goto loser;
-	    break;
-    }
-
-    PORT_FreeArena(poolp, PR_TRUE);
-    return key;
-
-loser:
-    PORT_FreeArena(poolp, PR_TRUE);
-    if(key != NULL) {
-	SECITEM_ZfreeItem(key, PR_TRUE);
-    }
-    return NULL;
-}
-
-/* MAC is generated per PKCS 12 section 6.  It is expected that key, msg
- * and mac_dest are pre allocated, non-NULL arrays.  msg_len is passed in
- * because it is not known how long the message actually is.  String
- * manipulation routines will not necessarily work because msg may have
- * imbedded NULLs
- */
-static SECItem *
-sec_pkcs12_generate_old_mac(SECItem *key, 
-			    SECItem *msg)
-{
-    SECStatus res;
-    PRArenaPool *temparena = NULL;
-    unsigned char *hash_dest=NULL, *hash_src1=NULL, *hash_src2 = NULL;
-    int i;
-    SECItem *mac = NULL;
-
-    if((key == NULL) || (msg == NULL))
-        goto loser;
-
-    /* allocate return item */
-    mac = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(mac == NULL)
-    	return NULL;
-    mac->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char)
-    	* SHA1_LENGTH);
-    mac->len = SHA1_LENGTH;
-    if(mac->data == NULL)
-	goto loser;
-
-    /* allocate temporary items */
-    temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(temparena == NULL)
-	goto loser;
-
-    hash_src1 = (unsigned char *)PORT_ArenaZAlloc(temparena,
-    	sizeof(unsigned char) * (16+msg->len));
-    if(hash_src1 == NULL)
-        goto loser;
-
-    hash_src2 = (unsigned char *)PORT_ArenaZAlloc(temparena,
-   	sizeof(unsigned char) * (SHA1_LENGTH+16));
-    if(hash_src2 == NULL)
-        goto loser;
-
-    hash_dest = (unsigned char *)PORT_ArenaZAlloc(temparena, 
-   	sizeof(unsigned char) * SHA1_LENGTH);
-    if(hash_dest == NULL)
-        goto loser;
-
-    /* perform mac'ing as per PKCS 12 */
-
-    /* first round of hashing */
-    for(i = 0; i < 16; i++)
-	hash_src1[i] = key->data[i] ^ 0x36;
-    PORT_Memcpy(&(hash_src1[16]), msg->data, msg->len);
-    res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, hash_src1, (16+msg->len));
-    if(res == SECFailure)
-	goto loser;
-
-    /* second round of hashing */
-    for(i = 0; i < 16; i++)
-	hash_src2[i] = key->data[i] ^ 0x5c;
-    PORT_Memcpy(&(hash_src2[16]), hash_dest, SHA1_LENGTH);
-    res = PK11_HashBuf(SEC_OID_SHA1, mac->data, hash_src2, SHA1_LENGTH+16);
-    if(res == SECFailure)
-	goto loser;
-
-    PORT_FreeArena(temparena, PR_TRUE);
-    return mac;
-
-loser:
-    if(temparena != NULL)
-	PORT_FreeArena(temparena, PR_TRUE);
-    if(mac != NULL)
-	SECITEM_ZfreeItem(mac, PR_TRUE);
-    return NULL;
-}
-
-/* MAC is generated per PKCS 12 section 6.  It is expected that key, msg
- * and mac_dest are pre allocated, non-NULL arrays.  msg_len is passed in
- * because it is not known how long the message actually is.  String
- * manipulation routines will not necessarily work because msg may have
- * imbedded NULLs
- */
-SECItem *
-sec_pkcs12_generate_mac(SECItem *key, 
-			SECItem *msg,
-			PRBool old_method)
-{
-    SECStatus res = SECFailure;
-    SECItem *mac = NULL;
-    PK11Context *pk11cx = NULL;    
-    SECItem ignore = {0};
-
-    if((key == NULL) || (msg == NULL)) {
-	return NULL;
-    }
-
-    if(old_method == PR_TRUE) {
-	return sec_pkcs12_generate_old_mac(key, msg);
-    }
-
-    /* allocate return item */
-    mac = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
-    if (mac == NULL) {
-	return NULL;
-    }
-
-    pk11cx = PK11_CreateContextByRawKey(NULL, CKM_SHA_1_HMAC, PK11_OriginDerive,
-                                        CKA_SIGN, key, &ignore, NULL);
-    if (pk11cx == NULL) {
-	goto loser;
-    }
-
-    res = PK11_DigestBegin(pk11cx);
-    if (res == SECFailure) {
-	goto loser;
-    }
-
-    res = PK11_DigestOp(pk11cx, msg->data, msg->len);
-    if (res == SECFailure) {
-	goto loser;
-    }
-
-    res = PK11_DigestFinal(pk11cx, mac->data, &mac->len, SHA1_LENGTH);
-    if (res == SECFailure) {
-	goto loser;
-    }
-
-    PK11_DestroyContext(pk11cx, PR_TRUE);
-    pk11cx = NULL;
-
-loser:
-
-    if(res != SECSuccess) {
-	SECITEM_ZfreeItem(mac, PR_TRUE);
-	mac = NULL;
-	if (pk11cx) {
-	    PK11_DestroyContext(pk11cx, PR_TRUE);
-	}
-    }
-
-    return mac;
-}
-
-/* compute the thumbprint of the DER cert and create a digest info
- * to store it in and return the digest info.
- * a return of NULL indicates an error.
- */
-SGNDigestInfo *
-sec_pkcs12_compute_thumbprint(SECItem *der_cert)
-{
-    SGNDigestInfo *thumb = NULL;
-    SECItem digest;
-    PRArenaPool *temparena = NULL;
-    SECStatus rv = SECFailure;
-
-    if(der_cert == NULL)
-	return NULL;
-
-    temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(temparena == NULL) {
-	return NULL;
-    }
-
-    digest.data = (unsigned char *)PORT_ArenaZAlloc(temparena,
-						    sizeof(unsigned char) * 
-						    SHA1_LENGTH);
-    /* digest data and create digest info */
-    if(digest.data != NULL) {
-	digest.len = SHA1_LENGTH;
-	rv = PK11_HashBuf(SEC_OID_SHA1, digest.data, der_cert->data, 
-	                  der_cert->len);
-	if(rv == SECSuccess) {
-	    thumb = SGN_CreateDigestInfo(SEC_OID_SHA1, 
-					 digest.data, 
-					 digest.len);
-	} else {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	}
-    } else {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-
-    PORT_FreeArena(temparena, PR_TRUE);
-
-    return thumb;
-}
-
-/* create a virtual password per PKCS 12, the password is converted
- * to unicode, the salt is prepended to it, and then the whole thing
- * is returned */
-SECItem *
-sec_pkcs12_create_virtual_password(SECItem *password, SECItem *salt,
-				   PRBool swap)
-{
-    SECItem uniPwd = {siBuffer, NULL,0}, *retPwd = NULL;
-
-    if((password == NULL) || (salt == NULL)) {
-	return NULL;
-    }
-
-    if(password->len == 0) {
-	uniPwd.data = (unsigned char*)PORT_ZAlloc(2);
-	uniPwd.len = 2;
-	if(!uniPwd.data) {
-	    return NULL;
-	}
-    } else {
-	uniPwd.data = (unsigned char*)PORT_ZAlloc(password->len * 3);
-	uniPwd.len = password->len * 3;
-	if(!PORT_UCS2_ASCIIConversion(PR_TRUE, password->data, password->len,
-				uniPwd.data, uniPwd.len, &uniPwd.len, swap)) {
-	    SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
-	    return NULL;
-	}
-    }
-
-    retPwd = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(retPwd == NULL) {
-	goto loser;
-    }
-
-    /* allocate space and copy proper data */
-    retPwd->len = uniPwd.len + salt->len;
-    retPwd->data = (unsigned char *)PORT_Alloc(retPwd->len);
-    if(retPwd->data == NULL) {
-	PORT_Free(retPwd);
-	goto loser;
-    }
-
-    PORT_Memcpy(retPwd->data, salt->data, salt->len);
-    PORT_Memcpy((retPwd->data + salt->len), uniPwd.data, uniPwd.len);
-
-    SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
-
-    return retPwd;
-
-loser:
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
-    return NULL;
-}
-
-/* appends a shrouded key to a key bag.  this is used for exporting
- * to store externally wrapped keys.  it is used when importing to convert
- * old items to new
- */
-SECStatus 
-sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
-				SEC_PKCS12ESPVKItem *espvk)
-{
-    int size;
-    void *mark = NULL, *dummy = NULL;
-
-    if((bag == NULL) || (espvk == NULL))
-	return SECFailure;
-
-    mark = PORT_ArenaMark(bag->poolp);
-
-    /* grow the list */
-    size = (bag->nEspvks + 1) * sizeof(SEC_PKCS12ESPVKItem *);
-    dummy = (SEC_PKCS12ESPVKItem **)PORT_ArenaGrow(bag->poolp,
-	    				bag->espvks, size, 
-	    				size + sizeof(SEC_PKCS12ESPVKItem *));
-    bag->espvks = (SEC_PKCS12ESPVKItem**)dummy;
-    if(dummy == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    bag->espvks[bag->nEspvks] = espvk;
-    bag->nEspvks++;
-    bag->espvks[bag->nEspvks] = NULL;
-
-    PORT_ArenaUnmark(bag->poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(bag->poolp, mark);
-    return SECFailure;
-}
-
-/* search a certificate list for a nickname, a thumbprint, or both
- * within a certificate bag.  if the certificate could not be
- * found or an error occurs, NULL is returned;
- */
-static SEC_PKCS12CertAndCRL *
-sec_pkcs12_find_cert_in_certbag(SEC_PKCS12CertAndCRLBag *certbag,
-				SECItem *nickname, SGNDigestInfo *thumbprint)
-{
-    PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
-    int i, j;
-
-    if((certbag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
-	return NULL;
-    }
-
-    if(thumbprint && nickname) {
-	search_both = PR_TRUE;
-    }
-
-    if(nickname) {
-	search_nickname = PR_TRUE;
-    }
-
-search_again:  
-    i = 0;
-    while(certbag->certAndCRLs[i] != NULL) {
-	SEC_PKCS12CertAndCRL *cert = certbag->certAndCRLs[i];
-
-	if(SECOID_FindOIDTag(&cert->BagID) == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
-
-	    /* check nicknames */
-	    if(search_nickname) {
-		if(SECITEM_CompareItem(nickname, &cert->nickname) == SECEqual) {
-		    return cert;
-		}
-	    } else {
-	    /* check thumbprints */
-		SECItem **derCertList;
-
-		/* get pointer to certificate list, does not need to
-		 * be freed since it is within the arena which will
-		 * be freed later.
-		 */
-		derCertList = SEC_PKCS7GetCertificateList(&cert->value.x509->certOrCRL);
-		j = 0;
-		if(derCertList != NULL) {
-		    while(derCertList[j] != NULL) {
-			SECComparison eq;
-			SGNDigestInfo *di;
-			di = sec_pkcs12_compute_thumbprint(derCertList[j]);
-			if(di) {
-			    eq = SGN_CompareDigestInfo(thumbprint, di);
-			    SGN_DestroyDigestInfo(di);
-			    if(eq == SECEqual) {
-				/* copy the derCert for later reference */
-				cert->value.x509->derLeafCert = derCertList[j];
-				return cert;
-			    }
-			} else {
-			    /* an error occurred */
-			    return NULL;
-			}
-			j++;
-		    }
-		}
-	    }
-	}
-
-	i++;
-    }
-
-    if(search_both) {
-	search_both = PR_FALSE;
-	search_nickname = PR_FALSE;
-	goto search_again;
-    }
-
-    return NULL;
-}
-
-/* search a key list for a nickname, a thumbprint, or both
- * within a key bag.  if the key could not be
- * found or an error occurs, NULL is returned;
- */
-static SEC_PKCS12PrivateKey *
-sec_pkcs12_find_key_in_keybag(SEC_PKCS12PrivateKeyBag *keybag,
-			      SECItem *nickname, SGNDigestInfo *thumbprint)
-{
-    PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
-    int i, j;
-
-    if((keybag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
-	return NULL;
-    }
-
-    if(keybag->privateKeys == NULL) {
-	return NULL;
-    }
-
-    if(thumbprint && nickname) {
-	search_both = PR_TRUE;
-    }
-
-    if(nickname) {
-	search_nickname = PR_TRUE;
-    }
-
-search_again:  
-    i = 0;
-    while(keybag->privateKeys[i] != NULL) {
-	SEC_PKCS12PrivateKey *key = keybag->privateKeys[i];
-
-	/* check nicknames */
-	if(search_nickname) {
-	    if(SECITEM_CompareItem(nickname, &key->pvkData.nickname) == SECEqual) {
-		return key;
-	    }
-	} else {
-	    /* check digests */
-	    SGNDigestInfo **assocCerts = key->pvkData.assocCerts;
-	    if((assocCerts == NULL) || (assocCerts[0] == NULL)) {
-		return NULL;
-	    }
-
-	    j = 0;
-	    while(assocCerts[j] != NULL) {
-		SECComparison eq;
-		eq = SGN_CompareDigestInfo(thumbprint, assocCerts[j]);
-		if(eq == SECEqual) {
-		    return key;
-		}
-		j++;
-	    }
-	}
-	i++;
-    }
-
-    if(search_both) {
-	search_both = PR_FALSE;
-	search_nickname = PR_FALSE;
-	goto search_again;
-    }
-
-    return NULL;
-}
-
-/* seach the safe first then try the baggage bag 
- *  safe and bag contain certs and keys to search
- *  objType is the object type to look for
- *  bagType is the type of bag that was found by sec_pkcs12_find_object
- *  index is the entity in safe->safeContents or bag->unencSecrets which
- *    is being searched
- *  nickname and thumbprint are the search criteria
- * 
- * a return of null indicates no match
- */
-static void *
-sec_pkcs12_try_find(SEC_PKCS12SafeContents *safe,
-		  SEC_PKCS12BaggageItem *bag,
-		  SECOidTag objType, SECOidTag bagType, int index,
-		  SECItem *nickname, SGNDigestInfo *thumbprint)
-{
-    PRBool searchSafe;
-    int i = index;
-
-    if((safe == NULL) && (bag == NULL)) {
-	return NULL;
-    }
-
-    searchSafe = (safe == NULL ? PR_FALSE : PR_TRUE);
-    switch(objType) {
-	case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
-	    if(objType == bagType) {
-		SEC_PKCS12CertAndCRLBag *certBag;
-
-		if(searchSafe) {
-		    certBag = safe->contents[i]->safeContent.certAndCRLBag;
-		} else {
-		    certBag = bag->unencSecrets[i]->safeContent.certAndCRLBag;
-		}
-		return sec_pkcs12_find_cert_in_certbag(certBag, nickname, 
-							thumbprint);
-	    }
-	    break;
-	case SEC_OID_PKCS12_KEY_BAG_ID:
-	    if(objType == bagType) {
-		SEC_PKCS12PrivateKeyBag *keyBag;
-
-		if(searchSafe) {
-		    keyBag = safe->contents[i]->safeContent.keyBag;
-		} else {
-		    keyBag = bag->unencSecrets[i]->safeContent.keyBag;
-		}
-		return sec_pkcs12_find_key_in_keybag(keyBag, nickname, 
-							 thumbprint);
-	    }
-	    break;
-	default:
-	    break;
-    }
-
-    return NULL;
-}
-
-/* searches both the baggage and the safe areas looking for
- * object of specified type matching either the nickname or the 
- * thumbprint specified.
- *
- * safe and baggage store certs and keys
- * objType is the OID for the bag type to be searched:
- *   SEC_OID_PKCS12_KEY_BAG_ID, or 
- *   SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
- * nickname and thumbprint are the search criteria
- * 
- * if no match found, NULL returned and error set
- */
-void *
-sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
-			SEC_PKCS12Baggage *baggage,
-			SECOidTag objType,
-			SECItem *nickname,
-			SGNDigestInfo *thumbprint)
-{
-    int i, j;
-    void *retItem;
-   
-    if(((safe == NULL) && (thumbprint == NULL)) ||
-       ((nickname == NULL) && (thumbprint == NULL))) {
-	return NULL;
-    }    
-
-    i = 0;
-    if((safe != NULL) && (safe->contents != NULL)) {
-	while(safe->contents[i] != NULL) {
-	    SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
-	    retItem = sec_pkcs12_try_find(safe, NULL, objType, bagType, i,
-	    				  nickname, thumbprint);
-	    if(retItem != NULL) {
-		return retItem;
-	    }
-	    i++;
-	}
-    }
-
-    if((baggage != NULL) && (baggage->bags != NULL)) {
-	i = 0;
-	while(baggage->bags[i] != NULL) {
-	    SEC_PKCS12BaggageItem *xbag = baggage->bags[i];
-	    j = 0;
-	    if(xbag->unencSecrets != NULL) {
-		while(xbag->unencSecrets[j] != NULL) {
-		    SECOidTag bagType;
-		    bagType = SECOID_FindOIDTag(&xbag->unencSecrets[j]->safeBagType);
-		    retItem = sec_pkcs12_try_find(NULL, xbag, objType, bagType,
-		    				  j, nickname, thumbprint);
-		    if(retItem != NULL) {
-			return retItem;
-		    }
-		    j++;
-		}
-	    }
-	    i++;
-	}
-    }
-
-    PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
-    return NULL;
-}
-
-/* this function converts a password to unicode and encures that the 
- * required double 0 byte be placed at the end of the string
- */
-PRBool
-sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest,
-				   SECItem *src, PRBool zeroTerm,
-				   PRBool asciiConvert, PRBool toUnicode)
-{
-    PRBool success = PR_FALSE;
-    if(!src || !dest) {
-	return PR_FALSE;
-    }
-
-    dest->len = src->len * 3 + 2;
-    if(arena) {
-	dest->data = (unsigned char*)PORT_ArenaZAlloc(arena, dest->len);
-    } else {
-	dest->data = (unsigned char*)PORT_ZAlloc(dest->len);
-    }
-
-    if(!dest->data) {
-	dest->len = 0;
-	return PR_FALSE;
-    }
-
-    if(!asciiConvert) {
-	success = PORT_UCS2_UTF8Conversion(toUnicode, src->data, src->len, dest->data,
-					   dest->len, &dest->len);
-    } else {
-#ifndef IS_LITTLE_ENDIAN
-	PRBool swapUnicode = PR_FALSE;
-#else
-	PRBool swapUnicode = PR_TRUE;
-#endif
-	success = PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len, dest->data,
-					    dest->len, &dest->len, swapUnicode);
-    }
-
-    if(!success) {
-	if(!arena) {
-	    PORT_Free(dest->data);
-	    dest->data = NULL;
-	    dest->len = 0;
-	}
-	return PR_FALSE;
-    }
-
-    if((dest->data[dest->len-1] || dest->data[dest->len-2]) && zeroTerm) {
-	if(dest->len + 2 > 3 * src->len) {
-	    if(arena) {
-		dest->data = (unsigned char*)PORT_ArenaGrow(arena, 
-						     dest->data, dest->len,
-						     dest->len + 2);
-	    } else {
-		dest->data = (unsigned char*)PORT_Realloc(dest->data, 
-							  dest->len + 2);
-	    }
-
-	    if(!dest->data) {
-		return PR_FALSE;
-	    }
-	}
-	dest->len += 2;
-	dest->data[dest->len-1] = dest->data[dest->len-2] = 0;
-    }
-
-    return PR_TRUE;
-}
-
-/* pkcs 12 templates */
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_shroud_chooser =
-    sec_pkcs12_choose_shroud_type;
-
-const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
-    { SEC_ASN1_ANY, offsetof(SEC_PKCS12SafeBag, derSafeContent) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
-    { SEC_ASN1_ANY, offsetof(SEC_PKCS12CertAndCRL, derValue) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[] =
-{
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
-	SEC_PKCS12CodedCertBagTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[] = 
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
-    { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
-	SEC_PKCS12PVKSupportingDataTemplate_OLD },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-	SEC_ASN1_DYNAMIC | 0, offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
-	&sec_pkcs12_shroud_chooser },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[] = 
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
-    { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
-	SEC_PKCS12PVKSupportingDataTemplate },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-	SEC_ASN1_DYNAMIC | 0, offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
-	&sec_pkcs12_shroud_chooser },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKAdditionalDataTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKAdditionalData) },
-    { SEC_ASN1_OBJECT_ID, 
-	offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalType) },
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalContent) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
-    { SEC_ASN1_SET_OF | SEC_ASN1_XTRN , 
-        offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
-	SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, 
-	offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
-    { SEC_ASN1_PRINTABLE_STRING, 
-	offsetof(SEC_PKCS12PVKSupportingData, nickname) },
-    { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
-	offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
-    { SEC_ASN1_SET_OF | SEC_ASN1_XTRN , 
-        offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
-	SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, 
-	offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
-    { SEC_ASN1_BMP_STRING, 
-	offsetof(SEC_PKCS12PVKSupportingData, uniNickName) },
-    { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
-	offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageItemTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12BaggageItem) },
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, espvks),
-	SEC_PKCS12ESPVKItemTemplate },
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
-	SEC_PKCS12SafeBagTemplate },
-    /*{ SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
-	SEC_PKCS12CodedSafeBagTemplate }, */
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageTemplate[] =
-{
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage, bags),
-	SEC_PKCS12BaggageItemTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[] =
-{
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage_OLD, espvks),
-	SEC_PKCS12ESPVKItemTemplate_OLD },
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser =
-	sec_pkcs12_choose_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser_old =
-	sec_pkcs12_choose_bag_type_old;
-
-const SEC_ASN1Template SEC_PKCS12SafeBagTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
-	SEC_ASN1_CONTEXT_SPECIFIC | 0,
-        offsetof(SEC_PKCS12SafeBag, safeContent),
-	&sec_pkcs12_bag_chooser_old },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
-        offsetof(SEC_PKCS12SafeBag, safeContent),
-	&sec_pkcs12_bag_chooser },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BMP_STRING,
-	offsetof(SEC_PKCS12SafeBag, uniSafeBagName) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[] =
-{
-    { SEC_ASN1_SET_OF,
-	offsetof(SEC_PKCS12SafeContents, contents),
-	SEC_PKCS12SafeBagTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[] =
-{
-    { SEC_ASN1_SET_OF,
-	offsetof(SEC_PKCS12SafeContents, contents),
-	SEC_PKCS12SafeBagTemplate }  /* here */
-};
-
-const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKey) },
-    { SEC_ASN1_INLINE, offsetof(SEC_PKCS12PrivateKey, pvkData),
-	SEC_PKCS12PVKSupportingDataTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN, 
-        offsetof(SEC_PKCS12PrivateKey, pkcs8data),
-	SEC_ASN1_SUB(SECKEY_PrivateKeyInfoTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKeyBag) },
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12PrivateKeyBag, privateKeys),
-	SEC_PKCS12PrivateKeyTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
-    { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
-	sec_PKCS7ContentInfoTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN , 
-        offsetof(SEC_PKCS12X509CertCRL, thumbprint),
-	SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
-    { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
-	sec_PKCS7ContentInfoTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
-    { SEC_ASN1_IA5_STRING, offsetof(SEC_PKCS12SDSICert, value) },
-    { 0 }
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser_old =
-	sec_pkcs12_choose_cert_crl_type_old;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser =
-	sec_pkcs12_choose_cert_crl_type;
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT |
-	SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | 0,
-	offsetof(SEC_PKCS12CertAndCRL, value),
-	&sec_pkcs12_cert_crl_chooser_old },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
-    { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
-	SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-	offsetof(SEC_PKCS12CertAndCRL, value),
-	&sec_pkcs12_cert_crl_chooser },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[] =
-{
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
-	SEC_PKCS12CertAndCRLTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRLBag) },
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
-	SEC_PKCS12CertAndCRLTemplate_OLD },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SecretAdditional) },
-    { SEC_ASN1_OBJECT_ID,
-	offsetof(SEC_PKCS12SecretAdditional, secretAdditionalType) },
-    { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT,
-	offsetof(SEC_PKCS12SecretAdditional, secretAdditionalContent) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
-    { SEC_ASN1_BMP_STRING, offsetof(SEC_PKCS12Secret, uniSecretName) },
-    { SEC_ASN1_ANY, offsetof(SEC_PKCS12Secret, value) },
-    { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL,
-	offsetof(SEC_PKCS12Secret, secretAdditional),
-	SEC_PKCS12SecretAdditionalTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[] = 
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
-    { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(SEC_PKCS12SecretItem, secret), SEC_PKCS12SecretTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	offsetof(SEC_PKCS12SecretItem, subFolder), SEC_PKCS12SafeBagTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[] =
-{
-    { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12SecretBag, secrets),
-	SEC_PKCS12SecretItemTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12MacDataTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(SEC_PKCS12MacData, safeMac),
-	SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
-    { SEC_ASN1_BIT_STRING, offsetof(SEC_PKCS12MacData, macSalt) },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
-    { SEC_ASN1_OPTIONAL |
-	SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-	offsetof(SEC_PKCS12PFXItem, macData), SEC_PKCS12MacDataTemplate },
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-	offsetof(SEC_PKCS12PFXItem, authSafe), 
-	sec_PKCS7ContentInfoTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
-    { SEC_ASN1_OPTIONAL |
-	SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, 
-	offsetof(SEC_PKCS12PFXItem, old_safeMac), 
-	SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
-	offsetof(SEC_PKCS12PFXItem, old_macSalt) },
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1, 
-	offsetof(SEC_PKCS12PFXItem, authSafe), 
-	sec_PKCS7ContentInfoTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, 
-	offsetof(SEC_PKCS12AuthenticatedSafe, version) }, 
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_OBJECT_ID,
-	offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
-    { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL,
-	offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_SET_OF, 
-	offsetof(SEC_PKCS12AuthenticatedSafe, baggage.bags), 
-	SEC_PKCS12BaggageItemTemplate },
-    { SEC_ASN1_POINTER,
-	offsetof(SEC_PKCS12AuthenticatedSafe, safe),
-	sec_PKCS7ContentInfoTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, 
-	offsetof(SEC_PKCS12AuthenticatedSafe, version) }, 
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
-	offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
-    { SEC_ASN1_BIT_STRING,
-	offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-    	SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-	offsetof(SEC_PKCS12AuthenticatedSafe, old_baggage), 
-	SEC_PKCS12BaggageTemplate_OLD },
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	offsetof(SEC_PKCS12AuthenticatedSafe, old_safe),
-	sec_PKCS7ContentInfoTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12PrivateKeyBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12SecretBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[] =
-{
-    { SEC_ASN1_POINTER, 0, SEC_PKCS12SDSICertTemplate }
-};
-
-
diff --git a/security/nss/lib/pkcs12/p12local.h b/security/nss/lib/pkcs12/p12local.h
deleted file mode 100644
index e0333e2c3..000000000
--- a/security/nss/lib/pkcs12/p12local.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _P12LOCAL_H_
-#define _P12LOCAL_H_
-
-#include "plarena.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-#include "secpkcs7.h"
-#include "pkcs12.h"
-#include "p12.h"
-
-/* helper functions */
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding);
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding);
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding);
-extern SECItem *sec_pkcs12_generate_salt(void);
-extern SECItem *sec_pkcs12_generate_key_from_password(SECOidTag algorithm, 
-	SECItem *salt, SECItem *password);
-extern SECItem *sec_pkcs12_generate_mac(SECItem *key, SECItem *msg, 
-					PRBool old_method);
-extern SGNDigestInfo *sec_pkcs12_compute_thumbprint(SECItem *der_cert);
-extern SECItem *sec_pkcs12_create_virtual_password(SECItem *password, 
-			SECItem *salt, PRBool swapUnicodeBytes);
-extern SECStatus sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
-						 SEC_PKCS12ESPVKItem *espvk);
-extern void *sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
-				SEC_PKCS12Baggage *baggage, SECOidTag objType,
-				SECItem *nickname, SGNDigestInfo *thumbprint);
-extern PRBool sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest,
-						 SECItem *src, PRBool zeroTerm,
-						 PRBool asciiConvert, PRBool toUnicode);
-extern CK_MECHANISM_TYPE sec_pkcs12_algtag_to_mech(SECOidTag algtag);
-
-/* create functions */
-extern SEC_PKCS12PFXItem *sec_pkcs12_new_pfx(void);
-extern SEC_PKCS12SafeContents *sec_pkcs12_create_safe_contents(
-	PRArenaPool *poolp);
-extern SEC_PKCS12Baggage *sec_pkcs12_create_baggage(PRArenaPool *poolp);
-extern SEC_PKCS12BaggageItem *sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage);
-extern void SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx);
-extern SEC_PKCS12AuthenticatedSafe *sec_pkcs12_new_asafe(PRArenaPool *poolp);
-
-/* conversion from old to new */
-extern SEC_PKCS12DecoderContext *
-sec_PKCS12ConvertOldSafeToNew(PRArenaPool *arena, PK11SlotInfo *slot,
-			      PRBool swapUnicode, SECItem *pwitem,
-			      void *wincx, SEC_PKCS12SafeContents *safe,
-			      SEC_PKCS12Baggage *baggage);
-	
-#endif
diff --git a/security/nss/lib/pkcs12/p12plcy.c b/security/nss/lib/pkcs12/p12plcy.c
deleted file mode 100644
index a62be5fe7..000000000
--- a/security/nss/lib/pkcs12/p12plcy.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "p12plcy.h"
-#include "secoid.h"
-#include "secport.h"
-#include "secpkcs5.h" 
-
-#define PKCS12_NULL  0x0000
-
-typedef struct pkcs12SuiteMapStr {
-    SECOidTag		algTag;
-    unsigned int	keyLengthBits;	/* in bits */
-    unsigned long	suite;
-    PRBool 		allowed;
-    PRBool		preferred;
-} pkcs12SuiteMap;
-
-static pkcs12SuiteMap pkcs12SuiteMaps[] = {
-    { SEC_OID_RC4,		40,	PKCS12_RC4_40,		PR_FALSE,	PR_FALSE},
-    { SEC_OID_RC4,	       128,	PKCS12_RC4_128,		PR_FALSE,	PR_FALSE},
-    { SEC_OID_RC2_CBC,		40,	PKCS12_RC2_CBC_40,	PR_FALSE,	PR_TRUE},
-    { SEC_OID_RC2_CBC,	       128,	PKCS12_RC2_CBC_128,	PR_FALSE,	PR_FALSE},
-    { SEC_OID_DES_CBC,		64,	PKCS12_DES_56,		PR_FALSE,	PR_FALSE},
-    { SEC_OID_DES_EDE3_CBC,    192,	PKCS12_DES_EDE3_168,	PR_FALSE,	PR_FALSE},
-    { SEC_OID_UNKNOWN,		 0,	PKCS12_NULL,		PR_FALSE,	PR_FALSE},
-    { SEC_OID_UNKNOWN,		 0,	0L,			PR_FALSE,	PR_FALSE}
-};
-
-/* determine if algid is an algorithm which is allowed */
-PRBool 
-SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid)
-{
-    unsigned int keyLengthBits;
-    SECOidTag algId;
-    int i;
-   
-    algId = SEC_PKCS5GetCryptoAlgorithm(algid);
-    if(algId == SEC_OID_UNKNOWN) {
-	return PR_FALSE;
-    }
-    
-    keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8);
-
-    i = 0;
-    while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
-	if((pkcs12SuiteMaps[i].algTag == algId) && 
-	   (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) {
-
-	    return pkcs12SuiteMaps[i].allowed;
-	}
-	i++;
-    }
-
-    return PR_FALSE;
-}
-
-/* is any encryption allowed? */
-PRBool
-SEC_PKCS12IsEncryptionAllowed(void)
-{
-    int i;
-
-    i = 0;
-    while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
-	if(pkcs12SuiteMaps[i].allowed == PR_TRUE) {
-	    return PR_TRUE;
-	} 
-	i++;
-    }
-
-    return PR_FALSE;
-}
-
-/* get the preferred algorithm.
- */
-SECOidTag
-SEC_PKCS12GetPreferredEncryptionAlgorithm(void)
-{
-    int i;
-
-    i = 0;
-    while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
-	if((pkcs12SuiteMaps[i].preferred == PR_TRUE) && 
-	   (pkcs12SuiteMaps[i].allowed == PR_TRUE)) {
-	    return SEC_PKCS5GetPBEAlgorithm(pkcs12SuiteMaps[i].algTag,
-	    				    pkcs12SuiteMaps[i].keyLengthBits);
-	}
-	i++;
-    }
-
-    return SEC_OID_UNKNOWN;
-}
-
-/* return the strongest algorithm allowed */
-SECOidTag
-SEC_PKCS12GetStrongestAllowedAlgorithm(void)
-{
-    int i, keyLengthBits = 0;
-    SECOidTag algorithm = SEC_OID_UNKNOWN;
-
-    i = 0;
-    while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
-	if((pkcs12SuiteMaps[i].allowed == PR_TRUE) && 
-	   (pkcs12SuiteMaps[i].keyLengthBits > (unsigned int)keyLengthBits) &&
-	   (pkcs12SuiteMaps[i].algTag != SEC_OID_RC4)) {
-	    algorithm = pkcs12SuiteMaps[i].algTag;
-	    keyLengthBits = pkcs12SuiteMaps[i].keyLengthBits;
-	}
-	i++;
-    }
-
-    if(algorithm == SEC_OID_UNKNOWN) {
-	return SEC_OID_UNKNOWN;
-    }
-
-    return SEC_PKCS5GetPBEAlgorithm(algorithm, keyLengthBits);
-}
-
-SECStatus
-SEC_PKCS12EnableCipher(long which, int on) 
-{
-    int i;
-
-    i = 0;
-    while(pkcs12SuiteMaps[i].suite != 0L) {
-	if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
-	    if(on) {
-		pkcs12SuiteMaps[i].allowed = PR_TRUE;
-	    } else {
-		pkcs12SuiteMaps[i].allowed = PR_FALSE;
-	    }
-	    return SECSuccess;
-	}
-	i++;
-    }
-
-    return SECFailure;
-}
-
-SECStatus
-SEC_PKCS12SetPreferredCipher(long which, int on)
-{
-    int i;
-    PRBool turnedOff = PR_FALSE;
-    PRBool turnedOn = PR_FALSE;
-
-    i = 0;
-    while(pkcs12SuiteMaps[i].suite != 0L) {
-	if(pkcs12SuiteMaps[i].preferred == PR_TRUE) {
-	    pkcs12SuiteMaps[i].preferred = PR_FALSE;
-	    turnedOff = PR_TRUE;
-	}
-	if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
-	    pkcs12SuiteMaps[i].preferred = PR_TRUE;
-	    turnedOn = PR_TRUE;
-	}
-	i++;
-    }
-
-    if((turnedOn) && (turnedOff)) {
-	return SECSuccess;
-    }
-
-    return SECFailure;
-}
-
diff --git a/security/nss/lib/pkcs12/p12plcy.h b/security/nss/lib/pkcs12/p12plcy.h
deleted file mode 100644
index 4e99608cb..000000000
--- a/security/nss/lib/pkcs12/p12plcy.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _P12PLCY_H_
-#define _P12PLCY_H_
-
-#include "secoid.h"
-#include "ciferfam.h"
-
-SEC_BEGIN_PROTOS
-
-/* for the algid specified, can we decrypt it ? */
-extern PRBool SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid);
-
-/* is encryption allowed? */
-extern PRBool SEC_PKCS12IsEncryptionAllowed(void);
-
-/* get the preferred encryption algorithm */
-extern SECOidTag SEC_PKCS12GetPreferredEncryptionAlgorithm(void);
-
-/* get the stronget crypto allowed (based on order in the table */
-extern SECOidTag SEC_PKCS12GetStrongestAllowedAlgorithm(void);
-
-/* enable a cipher for encryption/decryption */
-extern SECStatus SEC_PKCS12EnableCipher(long which, int on);
-
-/* return the preferred cipher for encryption */
-extern SECStatus SEC_PKCS12SetPreferredCipher(long which, int on);
-
-SEC_END_PROTOS
-#endif
diff --git a/security/nss/lib/pkcs12/p12t.h b/security/nss/lib/pkcs12/p12t.h
deleted file mode 100644
index 74e803c60..000000000
--- a/security/nss/lib/pkcs12/p12t.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _P12T_H_
-#define _P12T_H_
-
-#include "secoid.h"
-#include "key.h"
-#include "pkcs11.h"
-#include "secpkcs7.h"
-#include "secdig.h"	/* for SGNDigestInfo */
-
-#define SEC_PKCS12_VERSION	3
-
-/* structure declarations */
-typedef struct sec_PKCS12PFXItemStr sec_PKCS12PFXItem;
-typedef struct sec_PKCS12MacDataStr sec_PKCS12MacData;
-typedef struct sec_PKCS12AuthenticatedSafeStr sec_PKCS12AuthenticatedSafe;
-typedef struct sec_PKCS12SafeContentsStr sec_PKCS12SafeContents;
-typedef struct sec_PKCS12SafeBagStr sec_PKCS12SafeBag;
-typedef struct sec_PKCS12PKCS8ShroudedKeyBagStr sec_PKCS12PKCS8ShroudedKeyBag;
-typedef struct sec_PKCS12CertBagStr sec_PKCS12CertBag;
-typedef struct sec_PKCS12CRLBagStr sec_PKCS12CRLBag;
-typedef struct sec_PKCS12SecretBag sec_PKCS12SecretBag;
-typedef struct sec_PKCS12AttributeStr sec_PKCS12Attribute;
-
-struct sec_PKCS12CertBagStr {
-    /* what type of cert is stored? */
-    SECItem bagID;
-
-    /* certificate information */
-    union {
-	SECItem x509Cert;
-	SECItem SDSICert;
-    } value;
-};
-
-struct sec_PKCS12CRLBagStr {
-    /* what type of cert is stored? */
-    SECItem bagID;
-
-    /* certificate information */
-    union {
-	SECItem x509CRL;
-    } value;
-};
-
-struct sec_PKCS12SecretBag {
-    /* what type of secret? */
-    SECItem secretType;
-
-    /* secret information.  ssshhhh be vewy vewy quiet. */
-    SECItem secretContent;
-};
-
-struct sec_PKCS12AttributeStr {
-    SECItem attrType;
-    SECItem **attrValue;
-};
-
-struct sec_PKCS12SafeBagStr {
-
-    /* What type of bag are we using? */
-    SECItem safeBagType;
-
-    /* Dependent upon the type of bag being used. */
-    union {
-	SECKEYPrivateKeyInfo *pkcs8KeyBag;
-	SECKEYEncryptedPrivateKeyInfo *pkcs8ShroudedKeyBag;
-	sec_PKCS12CertBag *certBag;
-	sec_PKCS12CRLBag *crlBag;
-	sec_PKCS12SecretBag *secretBag;
-	sec_PKCS12SafeContents *safeContents;
-    } safeBagContent;
-
-    sec_PKCS12Attribute **attribs;
-
-    /* used locally */
-    SECOidData *bagTypeTag;
-    PRArenaPool *arena;
-    unsigned int nAttribs;
-
-    /* used for validation/importing */
-    PRBool problem, noInstall, validated, hasKey, unused, installed;
-    int error;
-
-    PRBool swapUnicodeBytes;
-    PK11SlotInfo *slot;
-    SECItem *pwitem;
-    PRBool oldBagType;
-};
-    
-struct sec_PKCS12SafeContentsStr {
-    sec_PKCS12SafeBag **safeBags;
-    SECItem **encodedSafeBags;
-    
-    /* used locally */
-    PRArenaPool *arena;
-    unsigned int bagCount;
-};
-
-struct sec_PKCS12MacDataStr {
-    SGNDigestInfo safeMac;
-    SECItem macSalt;
-    SECItem iter;
-};
-
-struct sec_PKCS12PFXItemStr {
-
-    SECItem version;
-
-    /* Content type will either be Data (password integrity mode)
-     * or signedData (public-key integrity mode)
-     */
-    SEC_PKCS7ContentInfo *authSafe;
-    SECItem encodedAuthSafe;
-
-    /* Only present in password integrity mode */
-    sec_PKCS12MacData macData;
-    SECItem encodedMacData;
-};
-
-struct sec_PKCS12AuthenticatedSafeStr {
-    /* Content type will either be encryptedData (password privacy mode)
-     * or envelopedData (public-key privacy mode)
-     */
-    SEC_PKCS7ContentInfo **safes;
-    SECItem **encodedSafes;
-
-    /* used locally */
-    unsigned int safeCount;
-    SECItem dummySafe;
-};
-
-extern const SEC_ASN1Template sec_PKCS12PFXItemTemplate[];
-extern const SEC_ASN1Template sec_PKCS12MacDataTemplate[];
-extern const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12CertBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12CRLBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[];
-extern const SEC_ASN1Template sec_PKCS12AttributeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeBagTemplate[];
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12tmpl.c b/security/nss/lib/pkcs12/p12tmpl.c
deleted file mode 100644
index e58816386..000000000
--- a/security/nss/lib/pkcs12/p12tmpl.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "p12t.h"
-
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    sec_PKCS12SafeBag *safeBag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    safeBag = (sec_PKCS12SafeBag*)src_or_dest;
-
-    oiddata = SECOID_FindOID(&safeBag->safeBagType);
-    if(oiddata == NULL) {
-	return SEC_ASN1_GET(SEC_AnyTemplate);
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	case SEC_OID_PKCS12_V1_KEY_BAG_ID:
-	    theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate);
-	    break;
-	case SEC_OID_PKCS12_V1_CERT_BAG_ID:
-	    theTemplate = sec_PKCS12PointerToCertBagTemplate;
-	    break;
-	case SEC_OID_PKCS12_V1_CRL_BAG_ID:
-	    theTemplate = sec_PKCS12PointerToCRLBagTemplate;
-	    break;
-        case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
-	    theTemplate = sec_PKCS12PointerToSecretBagTemplate;
-	    break;
-	case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
-	    theTemplate = 
-	        SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
-	    break;
-	case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
-	    if(encoding) {
-		theTemplate = sec_PKCS12PointerToSafeContentsTemplate;
-	    } else {
-		theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	    }
-	    break;
-    }
-    return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_crl_bag_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    sec_PKCS12CRLBag *crlbag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    crlbag = (sec_PKCS12CRLBag*)src_or_dest;
-
-    oiddata = SECOID_FindOID(&crlbag->bagID);
-    if(oiddata == NULL) {
-	return SEC_ASN1_GET(SEC_AnyTemplate);
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	case SEC_OID_PKCS9_X509_CRL:
-	    theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
-	    break;
-    }
-    return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_cert_bag_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    sec_PKCS12CertBag *certbag;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    certbag = (sec_PKCS12CertBag*)src_or_dest;
-
-    oiddata = SECOID_FindOID(&certbag->bagID);
-    if(oiddata == NULL) {
-	return SEC_ASN1_GET(SEC_AnyTemplate);
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	case SEC_OID_PKCS9_X509_CERT:
-	    theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
-	    break;
-	case SEC_OID_PKCS9_SDSI_CERT:
-	    theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
-	    break;
-    }
-    return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_attr_type(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    sec_PKCS12Attribute *attr;
-    SECOidData *oiddata;
-
-    if (src_or_dest == NULL) {
-	return NULL;
-    }
-
-    attr = (sec_PKCS12Attribute*)src_or_dest;
-
-    oiddata = SECOID_FindOID(&attr->attrType);
-    if(oiddata == NULL) {
-	return SEC_ASN1_GET(SEC_AnyTemplate);
-    }
-
-    switch (oiddata->offset) {
-	default:
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	case SEC_OID_PKCS9_FRIENDLY_NAME:
-	    theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
-	    break;
-	case SEC_OID_PKCS9_LOCAL_KEY_ID:
-	    theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
-	    break;
-	case SEC_OID_PKCS12_KEY_USAGE:
-	    theTemplate = SEC_ASN1_GET(SEC_BitStringTemplate);
-	    break;
-    }
-
-    return theTemplate;
-}
-
-
-const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[] = {
-    { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, sec_PKCS7ContentInfoTemplate }
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_crl_bag_chooser =
-    sec_pkcs12_choose_crl_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_bag_chooser =
-    sec_pkcs12_choose_cert_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_safe_bag_chooser =
-    sec_pkcs12_choose_safe_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_attr_chooser =
-    sec_pkcs12_choose_attr_type;
-
-const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[] = {
-    { SEC_ASN1_POINTER, 0, sec_PKCS12CertBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[] = {
-    { SEC_ASN1_POINTER, 0, sec_PKCS12CRLBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[] = {
-    { SEC_ASN1_POINTER, 0, sec_PKCS12SecretBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[] = {
-    { SEC_ASN1_POINTER, 0, sec_PKCS12SafeContentsTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PFXItemTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL, 
-	sizeof(sec_PKCS12PFXItem) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, 
-	offsetof(sec_PKCS12PFXItem, version) },
-    { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM, 
-	offsetof(sec_PKCS12PFXItem, encodedAuthSafe) },
-    { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
-	offsetof(sec_PKCS12PFXItem, encodedMacData) },
-    { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12MacDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12MacData) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(sec_PKCS12MacData, safeMac),
-	SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
-    { SEC_ASN1_OCTET_STRING, offsetof(sec_PKCS12MacData, macSalt) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, offsetof(sec_PKCS12MacData, iter) },
-    { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , 
-	offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes), 
-	SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeBagTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL, 
-	sizeof(sec_PKCS12SafeBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SafeBag, safeBagType) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
-	SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0, 
-	offsetof(sec_PKCS12SafeBag, safeBagContent), 
-	&sec_pkcs12_safe_bag_chooser },
-    { SEC_ASN1_SET_OF | SEC_ASN1_OPTIONAL, offsetof(sec_PKCS12SafeBag, attribs),
-	sec_PKCS12AttributeTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM, 
-	offsetof(sec_PKCS12SafeContents, safeBags),
-	sec_PKCS12SafeBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12SequenceOfAnyTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , 0,
-	SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = {
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
-	offsetof(sec_PKCS12SafeContents, encodedSafeBags),
-	sec_PKCS12SequenceOfAnyTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , 
-	offsetof(sec_PKCS12SafeContents, encodedSafeBags),
-	SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12CRLBagTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CRLBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CRLBag, bagID) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER, 
-	offsetof(sec_PKCS12CRLBag, value), &sec_pkcs12_crl_bag_chooser },
-    { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12CertBagTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CertBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CertBag, bagID) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
-	SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(sec_PKCS12CertBag, value), &sec_pkcs12_cert_bag_chooser },
-    { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12SecretBagTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12SecretBag) },
-    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SecretBag, secretType) },
-    { SEC_ASN1_ANY, offsetof(sec_PKCS12SecretBag, secretContent) },
-    { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12AttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12Attribute) },
-    { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12Attribute, attrType) },
-    { SEC_ASN1_SET_OF | SEC_ASN1_DYNAMIC, 
-	offsetof(sec_PKCS12Attribute, attrValue),
-	&sec_pkcs12_attr_chooser },
-    { 0 }
-};
diff --git a/security/nss/lib/pkcs12/pkcs12.h b/security/nss/lib/pkcs12/pkcs12.h
deleted file mode 100644
index 8aab159b6..000000000
--- a/security/nss/lib/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _PKCS12_H_
-#define _PKCS12_H_
-
-#include "pkcs12t.h"
-#include "p12.h"
-
-SEC_BEGIN_PROTOS
-
-typedef SECItem * (* SEC_PKCS12GetPassword)(void *arg);
-
-/* Decode functions */
-/* Import a PFX item.  
- *	der_pfx is the der-encoded pfx item to import.
- *	pbef, and pbefarg are used to retrieve passwords for the HMAC,
- *	    and any passwords needed for passing to PKCS5 encryption 
- *	    routines.
- *	algorithm is the algorithm by which private keys are stored in
- *	    the key database.  this could be a specific algorithm or could
- *	    be based on a global setting.
- *	slot is the slot to where the certificates will be placed.  if NULL,
- *	    the internal key slot is used.
- * If the process is successful, a SECSuccess is returned, otherwise
- * a failure occurred.
- */ 
-SECStatus
-SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
-		 SEC_PKCS12NicknameCollisionCallback ncCall,
-		 PK11SlotInfo *slot, void *wincx);
-
-/* check the first two bytes of a file to make sure that it matches
- * the desired header for a PKCS 12 file
- */
-PRBool SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pkcs12/pkcs12t.h b/security/nss/lib/pkcs12/pkcs12t.h
deleted file mode 100644
index 53c36c3f7..000000000
--- a/security/nss/lib/pkcs12/pkcs12t.h
+++ /dev/null
@@ -1,386 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PKCS12T_H_
-#define _PKCS12T_H_
-
-#include "seccomon.h"
-#include "secoid.h"
-#include "cert.h"
-#include "key.h"
-#include "plarena.h"
-#include "secpkcs7.h"
-#include "secdig.h"	/* for SGNDigestInfo */
-
-/* PKCS12 Structures */
-typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;
-typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;
-typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;
-typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;
-typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;
-typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;
-typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;
-typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;
-typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;
-typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;
-typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;
-typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;
-typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;
-typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;
-typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;
-typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;
-typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;
-typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;
-typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;
-typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;
-typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;
-
-typedef SECItem *(* SEC_PKCS12PasswordFunc)(SECItem *args);
-
-/* PKCS12 types */
-
-/* stores shrouded keys */
-struct SEC_PKCS12BaggageStr
-{
-    PRArenaPool     *poolp;
-    SEC_PKCS12BaggageItem **bags;
-
-    int luggage_size;		/* used locally */
-};
-
-/* additional data to be associated with keys.	currently there
- * is nothing defined to be stored here.  allows future expansion.
- */
-struct SEC_PKCS12PVKAdditionalDataStr
-{
-    PRArenaPool	*poolp;
-    SECOidData	*pvkAdditionalTypeTag;	/* used locally */
-    SECItem     pvkAdditionalType;
-    SECItem     pvkAdditionalContent;
-};
-
-/* cert and other supporting data for private keys.  used
- * for both shrouded and non-shrouded keys.
- */
-struct SEC_PKCS12PVKSupportingDataStr
-{
-    PRArenaPool		*poolp;
-    SGNDigestInfo 	**assocCerts;
-    SECItem		regenerable;
-    SECItem         	nickname;
-    SEC_PKCS12PVKAdditionalData     pvkAdditional;
-    SECItem		pvkAdditionalDER;
-
-    SECItem		uniNickName;
-    /* used locally */
-    int			nThumbs;
-};
-
-/* shrouded key structure.  supports only pkcs8 shrouding
- * currently.
- */
-struct SEC_PKCS12ESPVKItemStr
-{
-    PRArenaPool *poolp;		/* used locally */
-    SECOidData	*espvkTag;	/* used locally */
-    SECItem	espvkOID;
-    SEC_PKCS12PVKSupportingData espvkData;
-    union
-    {
-	SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;
-    } espvkCipherText;
-
-    PRBool duplicate;	/* used locally */
-    PRBool problem_cert; 	/* used locally */
-    PRBool single_cert;		/* used locally */
-    int nCerts;			/* used locally */
-    SECItem derCert;		/* used locally */
-};
-
-/* generic bag store for the safe.  safeBagType identifies
- * the type of bag stored.
- */
-struct SEC_PKCS12SafeBagStr
-{
-    PRArenaPool *poolp;
-    SECOidData	*safeBagTypeTag;	/* used locally */
-    SECItem     safeBagType;
-    union
-    {
-	SEC_PKCS12PrivateKeyBag	*keyBag;
-	SEC_PKCS12CertAndCRLBag *certAndCRLBag;
-	SEC_PKCS12SecretBag     *secretBag;
-    } safeContent;
-
-    SECItem	derSafeContent;
-    SECItem 	safeBagName;
-
-    SECItem	uniSafeBagName;
-};
-
-/* stores private keys and certificates in a list.  each safebag
- * has an ID identifying the type of content stored.
- */
-struct SEC_PKCS12SafeContentsStr
-{
-    PRArenaPool     	*poolp;
-    SEC_PKCS12SafeBag	**contents;
-
-    /* used for tracking purposes */
-    int safe_size;
-    PRBool old;
-    PRBool swapUnicode;
-    PRBool possibleSwapUnicode;
-};
-
-/* private key structure which holds encrypted private key and
- * supporting data including nickname and certificate thumbprint.
- */
-struct SEC_PKCS12PrivateKeyStr
-{
-    PRArenaPool *poolp;
-    SEC_PKCS12PVKSupportingData pvkData;
-    SECKEYPrivateKeyInfo	pkcs8data;   /* borrowed from PKCS 8 */
-
-    PRBool duplicate;	/* used locally */
-    PRBool problem_cert;/* used locally */
-    PRBool single_cert;	/* used locally */
-    int nCerts;		/* used locally */
-    SECItem derCert;	/* used locally */
-};
-
-/* private key bag, holds a (null terminated) list of private key
- * structures.
- */
-struct SEC_PKCS12PrivateKeyBagStr
-{
-    PRArenaPool     *poolp;
-    SEC_PKCS12PrivateKey 	**privateKeys;
-
-    int bag_size;	/* used locally */
-};
-
-/* container to hold certificates.  currently supports x509
- * and sdsi certificates
- */
-struct SEC_PKCS12CertAndCRLStr
-{
-    PRArenaPool     *poolp;
-    SECOidData	    *BagTypeTag;    /* used locally */
-    SECItem         BagID;
-    union
-    {
-    	SEC_PKCS12X509CertCRL	*x509;
-    	SEC_PKCS12SDSICert	*sdsi;
-    } value;
-
-    SECItem derValue;
-    SECItem nickname;		/* used locally */
-    PRBool duplicate;		/* used locally */
-};
-
-/* x509 certificate structure.	typically holds the der encoding
- * of the x509 certificate.  thumbprint contains a digest of the
- * certificate
- */
-struct SEC_PKCS12X509CertCRLStr
-{
-    PRArenaPool     		*poolp;
-    SEC_PKCS7ContentInfo	certOrCRL;
-    SGNDigestInfo		thumbprint;
-
-    SECItem *derLeafCert;	/* used locally */
-};
-
-/* sdsi certificate structure.	typically holds the der encoding
- * of the sdsi certificate.  thumbprint contains a digest of the
- * certificate
- */
-struct SEC_PKCS12SDSICertStr
-{
-    PRArenaPool     *poolp;
-    SECItem         value;
-    SGNDigestInfo   thumbprint;
-};
-
-/* contains a null terminated list of certs and crls */
-struct SEC_PKCS12CertAndCRLBagStr
-{
-    PRArenaPool     		*poolp;
-    SEC_PKCS12CertAndCRL	**certAndCRLs;
-
-    int bag_size;	/* used locally */
-};
-
-/* additional secret information.  currently no information
- * stored in this structure.
- */
-struct SEC_PKCS12SecretAdditionalStr
-{
-    PRArenaPool     *poolp;
-    SECOidData	    *secretTypeTag;         /* used locally */
-    SECItem         secretAdditionalType;
-    SECItem         secretAdditionalContent;
-};
-
-/* secrets container.  this will be used to contain currently
- * unspecified secrets.  (it's a secret)
- */
-struct SEC_PKCS12SecretStr
-{
-    PRArenaPool     *poolp;
-    SECItem	secretName;
-    SECItem	value;
-    SEC_PKCS12SecretAdditional	secretAdditional;
-
-    SECItem	uniSecretName;
-};
-
-struct SEC_PKCS12SecretItemStr
-{
-    PRArenaPool     *poolp;
-    SEC_PKCS12Secret	secret;
-    SEC_PKCS12SafeBag	subFolder;
-};    
-
-/* a bag of secrets.  holds a null terminated list of secrets.
- */
-struct SEC_PKCS12SecretBagStr
-{
-    PRArenaPool     	*poolp;
-    SEC_PKCS12SecretItem	**secrets;
-
-    int bag_size;	/* used locally */
-};
-
-struct SEC_PKCS12MacDataStr
-{
-    SGNDigestInfo	safeMac;
-    SECItem		macSalt;
-};
-
-/* outer transfer unit */
-struct SEC_PKCS12PFXItemStr
-{
-    PRArenaPool		*poolp;
-    SEC_PKCS12MacData	macData;
-    SEC_PKCS7ContentInfo	authSafe; 
-
-    /* for compatibility with beta */
-    PRBool		old;
-    SGNDigestInfo 	old_safeMac;
-    SECItem		old_macSalt;
-
-    /* compatibility between platforms for unicode swapping */
-    PRBool		swapUnicode;
-};
-
-struct SEC_PKCS12BaggageItemStr {
-    PRArenaPool	    *poolp;
-    SEC_PKCS12ESPVKItem	**espvks;
-    SEC_PKCS12SafeBag	**unencSecrets;
-
-    int nEspvks;
-    int nSecrets; 
-};
-    
-/* stores shrouded keys */
-struct SEC_PKCS12Baggage_OLDStr
-{
-    PRArenaPool     *poolp;
-    SEC_PKCS12ESPVKItem **espvks;
-
-    int luggage_size;		/* used locally */
-};
-
-/* authenticated safe, stores certs, keys, and shrouded keys */
-struct SEC_PKCS12AuthenticatedSafeStr
-{
-    PRArenaPool     *poolp;
-    SECItem         version;
-    SECOidData	    *transportTypeTag;	/* local not part of encoding*/
-    SECItem         transportMode;
-    SECItem         privacySalt;
-    SEC_PKCS12Baggage	  baggage;
-    SEC_PKCS7ContentInfo  *safe;
-
-    /* used for beta compatibility */
-    PRBool old;
-    PRBool emptySafe;
-    SEC_PKCS12Baggage_OLD old_baggage;
-    SEC_PKCS7ContentInfo old_safe;
-    PRBool swapUnicode;
-};
-#define SEC_PKCS12_PFX_VERSION		1		/* what we create */
-
-
-
-/* PKCS 12 Templates */
-extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];
-extern const SEC_ASN1Template SGN_DigestInfoTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];
-#endif
diff --git a/security/nss/lib/pkcs7/Makefile b/security/nss/lib/pkcs7/Makefile
deleted file mode 100644
index cb85677bc..000000000
--- a/security/nss/lib/pkcs7/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c
deleted file mode 100644
index 672e3b132..000000000
--- a/security/nss/lib/pkcs7/certread.c
+++ /dev/null
@@ -1,540 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "base64.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-
-SECStatus
-SEC_ReadPKCS7Certs(SECItem *pkcs7Item, CERTImportCertificateFunc f, void *arg)
-{
-    SEC_PKCS7ContentInfo *contentInfo = NULL;
-    SECStatus rv;
-    SECItem **certs;
-    int count;
-
-    contentInfo = SEC_PKCS7DecodeItem(pkcs7Item, NULL, NULL, NULL, NULL, NULL, 
-				      NULL, NULL);
-    if ( contentInfo == NULL ) {
-	goto loser;
-    }
-
-    if ( SEC_PKCS7ContentType (contentInfo) != SEC_OID_PKCS7_SIGNED_DATA ) {
-	goto loser;
-    }
-
-    certs = contentInfo->content.signedData->rawCerts;
-    if ( certs ) {
-	count = 0;
-	
-	while ( *certs ) {
-	    count++;
-	    certs++;
-	}
-	rv = (* f)(arg, contentInfo->content.signedData->rawCerts, count);
-    }
-    
-    rv = SECSuccess;
-    
-    goto done;
-loser:
-    rv = SECFailure;
-    
-done:
-    if ( contentInfo ) {
-	SEC_PKCS7DestroyContentInfo(contentInfo);
-    }
-
-    return(rv);
-}
-
-const SEC_ASN1Template SEC_CertSequenceTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-SECStatus
-SEC_ReadCertSequence(SECItem *certsItem, CERTImportCertificateFunc f, void *arg)
-{
-    SECStatus rv;
-    SECItem **certs;
-    int count;
-    SECItem **rawCerts = NULL;
-    PRArenaPool *arena;
-    SEC_PKCS7ContentInfo *contentInfo = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	return SECFailure;
-    }
-
-    contentInfo = SEC_PKCS7DecodeItem(certsItem, NULL, NULL, NULL, NULL, NULL, 
-				      NULL, NULL);
-    if ( contentInfo == NULL ) {
-	goto loser;
-    }
-
-    if ( SEC_PKCS7ContentType (contentInfo) != SEC_OID_NS_TYPE_CERT_SEQUENCE ) {
-	goto loser;
-    }
-
-
-    rv = SEC_ASN1DecodeItem(arena, &rawCerts, SEC_CertSequenceTemplate,
-		    contentInfo->content.data);
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    certs = rawCerts;
-    if ( certs ) {
-	count = 0;
-	
-	while ( *certs ) {
-	    count++;
-	    certs++;
-	}
-	rv = (* f)(arg, rawCerts, count);
-    }
-    
-    rv = SECSuccess;
-    
-    goto done;
-loser:
-    rv = SECFailure;
-    
-done:
-    if ( contentInfo ) {
-	SEC_PKCS7DestroyContentInfo(contentInfo);
-    }
-
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(rv);
-}
-
-CERTCertificate *
-CERT_ConvertAndDecodeCertificate(char *certstr)
-{
-    CERTCertificate *cert;
-    SECStatus rv;
-    SECItem der;
-
-    rv = ATOB_ConvertAsciiToItem(&der, certstr);
-    if (rv != SECSuccess)
-	return NULL;
-
-    cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-                                   &der, NULL, PR_FALSE, PR_TRUE);
-
-    PORT_Free(der.data);
-    return cert;
-}
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-#define CERTIFICATE_TYPE_STRING "certificate"
-#define CERTIFICATE_TYPE_LEN (sizeof(CERTIFICATE_TYPE_STRING)-1)
-
-CERTPackageType
-CERT_CertPackageType(SECItem *package, SECItem *certitem)
-{
-    unsigned char *cp;
-    int seqLen, seqLenLen;
-    SECItem oiditem;
-    SECOidData *oiddata;
-    CERTPackageType type = certPackageNone;
-    
-    cp = package->data;
-
-    /* is a DER encoded certificate of some type? */
-    if ( ( *cp  & 0x1f ) == SEC_ASN1_SEQUENCE ) {
-	cp++;
-	
-	if ( *cp & 0x80) {
-	    /* Multibyte length */
-	    seqLenLen = cp[0] & 0x7f;
-	    
-	    switch (seqLenLen) {
-	      case 4:
-		seqLen = ((unsigned long)cp[1]<<24) |
-		    ((unsigned long)cp[2]<<16) | (cp[3]<<8) | cp[4];
-		break;
-	      case 3:
-		seqLen = ((unsigned long)cp[1]<<16) | (cp[2]<<8) | cp[3];
-		break;
-	      case 2:
-		seqLen = (cp[1]<<8) | cp[2];
-		break;
-	      case 1:
-		seqLen = cp[1];
-		break;
-	      default:
-		/* indefinite length */
-		seqLen = 0;
-	    }
-	    cp += ( seqLenLen + 1 );
-
-	} else {
-	    seqLenLen = 0;
-	    seqLen = *cp;
-	    cp++;
-	}
-
-	/* check entire length if definite length */
-	if ( seqLen || seqLenLen ) {
-	    if ( package->len != ( seqLen + seqLenLen + 2 ) ) {
-		/* not a DER package */
-		return(type);
-	    }
-	}
-	
-	/* check the type string */
-	/* netscape wrapped DER cert */
-	if ( ( cp[0] == SEC_ASN1_OCTET_STRING ) &&
-	    ( cp[1] == CERTIFICATE_TYPE_LEN ) &&
-	    ( PORT_Strcmp((char *)&cp[2], CERTIFICATE_TYPE_STRING) ) ) {
-	    
-	    cp += ( CERTIFICATE_TYPE_LEN + 2 );
-
-	    /* it had better be a certificate by now!! */
-	    if ( certitem ) {
-		certitem->data = cp;
-		certitem->len = package->len -
-		    ( cp - (unsigned char *)package->data );
-	    }
-	    type = certPackageNSCertWrap;
-	    
-	} else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
-	    /* XXX - assume DER encoding of OID len!! */
-	    oiditem.len = cp[1];
-	    oiditem.data = (unsigned char *)&cp[2];
-	    oiddata = SECOID_FindOID(&oiditem);
-	    if ( oiddata == NULL ) {
-		/* failure */
-		return(type);
-	    }
-
-	    if ( certitem ) {
-		certitem->data = package->data;
-		certitem->len = package->len;
-	    }
-	    
-	    switch ( oiddata->offset ) {
-	      case SEC_OID_PKCS7_SIGNED_DATA:
-		type = certPackagePKCS7;
-		break;
-	      case SEC_OID_NS_TYPE_CERT_SEQUENCE:
-		type = certPackageNSCertSeq;
-		break;
-	      default:
-		break;
-	    }
-	    
-	} else {
-	    /* it had better be a certificate by now!! */
-	    if ( certitem ) {
-		certitem->data = package->data;
-		certitem->len = package->len;
-	    }
-	    
-	    type = certPackageCert;
-	}
-    }
-
-    return(type);
-}
-
-/*
- * read an old style ascii or binary certificate chain
- */
-SECStatus
-CERT_DecodeCertPackage(char *certbuf,
-		       int certlen,
-		       CERTImportCertificateFunc f,
-		       void *arg)
-{
-    unsigned char *cp;
-    int seqLen, seqLenLen;
-    int cl;
-    unsigned char *bincert = NULL, *certbegin = NULL, *certend = NULL;
-    unsigned int binLen;
-    char *ascCert = NULL;
-    int asciilen;
-    CERTCertificate *cert;
-    SECItem certitem, oiditem;
-    SECStatus rv;
-    SECOidData *oiddata;
-    SECItem *pcertitem = &certitem;
-    
-    if ( certbuf == NULL ) {
-	return(SECFailure);
-    }
-    
-    cert = 0;
-    cp = (unsigned char *)certbuf;
-
-    /* is a DER encoded certificate of some type? */
-    if ( ( *cp  & 0x1f ) == SEC_ASN1_SEQUENCE ) {
-	cp++;
-	
-	if ( *cp & 0x80) {
-	    /* Multibyte length */
-	    seqLenLen = cp[0] & 0x7f;
-	    
-	    switch (seqLenLen) {
-	      case 4:
-		seqLen = ((unsigned long)cp[1]<<24) |
-		    ((unsigned long)cp[2]<<16) | (cp[3]<<8) | cp[4];
-		break;
-	      case 3:
-		seqLen = ((unsigned long)cp[1]<<16) | (cp[2]<<8) | cp[3];
-		break;
-	      case 2:
-		seqLen = (cp[1]<<8) | cp[2];
-		break;
-	      case 1:
-		seqLen = cp[1];
-		break;
-	      default:
-		/* indefinite length */
-		seqLen = 0;
-	    }
-	    cp += ( seqLenLen + 1 );
-
-	} else {
-	    seqLenLen = 0;
-	    seqLen = *cp;
-	    cp++;
-	}
-
-	/* check entire length if definite length */
-	if ( seqLen || seqLenLen ) {
-	    if ( certlen != ( seqLen + seqLenLen + 2 ) ) {
-		goto notder;
-	    }
-	}
-	
-	/* check the type string */
-	/* netscape wrapped DER cert */
-	if ( ( cp[0] == SEC_ASN1_OCTET_STRING ) &&
-	    ( cp[1] == CERTIFICATE_TYPE_LEN ) &&
-	    ( PORT_Strcmp((char *)&cp[2], CERTIFICATE_TYPE_STRING) ) ) {
-	    
-	    cp += ( CERTIFICATE_TYPE_LEN + 2 );
-
-	    /* it had better be a certificate by now!! */
-	    certitem.data = cp;
-	    certitem.len = certlen - ( cp - (unsigned char *)certbuf );
-	    
-	    rv = (* f)(arg, &pcertitem, 1);
-	    
-	    return(rv);
-	} else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
-	    /* XXX - assume DER encoding of OID len!! */
-	    oiditem.len = cp[1];
-	    oiditem.data = (unsigned char *)&cp[2];
-	    oiddata = SECOID_FindOID(&oiditem);
-	    if ( oiddata == NULL ) {
-		return(SECFailure);
-	    }
-
-	    certitem.data = (unsigned char*)certbuf;
-	    certitem.len = certlen;
-	    
-	    switch ( oiddata->offset ) {
-	      case SEC_OID_PKCS7_SIGNED_DATA:
-		return(SEC_ReadPKCS7Certs(&certitem, f, arg));
-		break;
-	      case SEC_OID_NS_TYPE_CERT_SEQUENCE:
-		return(SEC_ReadCertSequence(&certitem, f, arg));
-		break;
-	      default:
-		break;
-	    }
-	    
-	} else {
-	    /* it had better be a certificate by now!! */
-	    certitem.data = (unsigned char*)certbuf;
-	    certitem.len = certlen;
-	    
-	    rv = (* f)(arg, &pcertitem, 1);
-	    return(rv);
-	}
-    }
-
-    /* now look for a netscape base64 ascii encoded cert */
-notder:
-    cp = (unsigned char *)certbuf;
-    cl = certlen;
-    certbegin = 0;
-    certend = 0;
-
-    /* find the beginning marker */
-    while ( cl > sizeof(NS_CERT_HEADER) ) {
-	if ( !PORT_Strncasecmp((char *)cp, NS_CERT_HEADER,
-			     sizeof(NS_CERT_HEADER)-1) ) {
-	    cp = cp + sizeof(NS_CERT_HEADER);
-	    certbegin = cp;
-	    break;
-	}
-	
-	/* skip to next eol */
-	do {
-	    cp++;
-	    cl--;
-	} while ( ( *cp != '\n') && cl );
-
-	/* skip all blank lines */
-	while ( ( *cp == '\n') && cl ) {
-	    cp++;
-	    cl--;
-	}
-    }
-
-    if ( certbegin ) {
-
-	/* find the ending marker */
-	while ( cl > sizeof(NS_CERT_TRAILER) ) {
-	    if ( !PORT_Strncasecmp((char *)cp, NS_CERT_TRAILER,
-				 sizeof(NS_CERT_TRAILER)-1) ) {
-		certend = (unsigned char *)cp;
-		break;
-	    }
-
-	    /* skip to next eol */
-	    do {
-		cp++;
-		cl--;
-	    } while ( ( *cp != '\n') && cl );
-
-	    /* skip all blank lines */
-	    while ( ( *cp == '\n') && cl ) {
-		cp++;
-		cl--;
-	    }
-	}
-    }
-
-    if ( certbegin && certend ) {
-
-	/* Convert the ASCII data into a nul-terminated string */
-	asciilen = certend - certbegin;
-	ascCert = (char *)PORT_Alloc(asciilen+1);
-	if (!ascCert) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	PORT_Memcpy(ascCert, certbegin, asciilen);
-	ascCert[asciilen] = '\0';
-	
-	/* convert to binary */
-	bincert = ATOB_AsciiToData(ascCert, &binLen);
-	if (!bincert) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* now recurse to decode the binary */
-	rv = CERT_DecodeCertPackage((char *)bincert, binLen, f, arg);
-	
-    } else {
-	rv = SECFailure;
-    }
-
-loser:
-
-    if ( bincert ) {
-	PORT_Free(bincert);
-    }
-
-    if ( ascCert ) {
-	PORT_Free(ascCert);
-    }
-
-    return(rv);
-}
-
-typedef struct {
-    PRArenaPool *arena;
-    SECItem cert;
-} collect_args;
-
-static SECStatus
-collect_certs(void *arg, SECItem **certs, int numcerts)
-{
-    SECStatus rv;
-    collect_args *collectArgs;
-    
-    collectArgs = (collect_args *)arg;
-    
-    rv = SECITEM_CopyItem(collectArgs->arena, &collectArgs->cert, *certs);
-
-    return(rv);
-}
-
-
-/*
- * read an old style ascii or binary certificate
- */
-CERTCertificate *
-CERT_DecodeCertFromPackage(char *certbuf, int certlen)
-{
-    collect_args collectArgs;
-    SECStatus rv;
-    CERTCertificate *cert = NULL;
-    
-    collectArgs.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    rv = CERT_DecodeCertPackage(certbuf, certlen, collect_certs,
-				(void *)&collectArgs);
-    if ( rv == SECSuccess ) {
-	cert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
-	                               &collectArgs.cert, NULL, 
-	                               PR_FALSE, PR_TRUE);
-    }
-    
-    PORT_FreeArena(collectArgs.arena, PR_FALSE);
-    
-    return(cert);
-}
diff --git a/security/nss/lib/pkcs7/config.mk b/security/nss/lib/pkcs7/config.mk
deleted file mode 100644
index ec34728f9..000000000
--- a/security/nss/lib/pkcs7/config.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
diff --git a/security/nss/lib/pkcs7/manifest.mn b/security/nss/lib/pkcs7/manifest.mn
deleted file mode 100644
index 64cc3e05f..000000000
--- a/security/nss/lib/pkcs7/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	secmime.h \
-	secpkcs7.h \
-	pkcs7t.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	p7local.h \
-	$(NULL)
-
-MODULE = security
-
-CSRCS = \
-	certread.c \
-	p7common.c \
-	p7create.c \
-	p7decode.c \
-	p7encode.c \
-	p7local.c  \
-	secmime.c  \
-	$(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = pkcs7
diff --git a/security/nss/lib/pkcs7/p7common.c b/security/nss/lib/pkcs7/p7common.c
deleted file mode 100644
index 329b078ed..000000000
--- a/security/nss/lib/pkcs7/p7common.c
+++ /dev/null
@@ -1,747 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 implementation -- the exported parts that are used whether
- * creating or decoding.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-
-/*
- * Find out (saving pointer to lookup result for future reference)
- * and return the inner content type.
- */
-SECOidTag
-SEC_PKCS7ContentType (SEC_PKCS7ContentInfo *cinfo)
-{
-    if (cinfo->contentTypeTag == NULL)
-	cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
-    if (cinfo->contentTypeTag == NULL)
-	return SEC_OID_UNKNOWN;
-
-    return cinfo->contentTypeTag->offset;
-}
-
-
-/*
- * Destroy a PKCS7 contentInfo and all of its sub-pieces.
- */
-void
-SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *cinfo)
-{
-    SECOidTag kind;
-    CERTCertificate **certs;
-    CERTCertificateList **certlists;
-    SEC_PKCS7SignerInfo **signerinfos;
-    SEC_PKCS7RecipientInfo **recipientinfos;
-
-    PORT_Assert (cinfo->refCount > 0);
-    if (cinfo->refCount <= 0)
-	return;
-
-    cinfo->refCount--;
-    if (cinfo->refCount > 0)
-	return;
-
-    certs = NULL;
-    certlists = NULL;
-    recipientinfos = NULL;
-    signerinfos = NULL;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7EnvelopedData *edp;
-
-	    edp = cinfo->content.envelopedData;
-	    if (edp != NULL) {
-		recipientinfos = edp->recipientInfos;
-	    }
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    if (sdp != NULL) {
-		certs = sdp->certs;
-		certlists = sdp->certLists;
-		signerinfos = sdp->signerInfos;
-	    }
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    if (saedp != NULL) {
-		certs = saedp->certs;
-		certlists = saedp->certLists;
-		recipientinfos = saedp->recipientInfos;
-		signerinfos = saedp->signerInfos;
-		if (saedp->sigKey != NULL)
-		    PK11_FreeSymKey (saedp->sigKey);
-	    }
-	}
-	break;
-      default:
-	/* XXX Anything else that needs to be "manually" freed/destroyed? */
-	break;
-    }
-
-    if (certs != NULL) {
-	CERTCertificate *cert;
-
-	while ((cert = *certs++) != NULL) {
-	    CERT_DestroyCertificate (cert);
-	}
-    }
-
-    if (certlists != NULL) {
-	CERTCertificateList *certlist;
-
-	while ((certlist = *certlists++) != NULL) {
-	    CERT_DestroyCertificateList (certlist);
-	}
-    }
-
-    if (recipientinfos != NULL) {
-	SEC_PKCS7RecipientInfo *ri;
-
-	while ((ri = *recipientinfos++) != NULL) {
-	    if (ri->cert != NULL)
-		CERT_DestroyCertificate (ri->cert);
-	}
-    }
-
-    if (signerinfos != NULL) {
-	SEC_PKCS7SignerInfo *si;
-
-	while ((si = *signerinfos++) != NULL) {
-	    if (si->cert != NULL)
-		CERT_DestroyCertificate (si->cert);
-	    if (si->certList != NULL)
-		CERT_DestroyCertificateList (si->certList);
-	}
-    }
-
-    if (cinfo->poolp != NULL) {
-	PORT_FreeArena (cinfo->poolp, PR_FALSE);	/* XXX clear it? */
-    }
-}
-
-
-/*
- * Return a copy of the given contentInfo.  The copy may be virtual
- * or may be real -- either way, the result needs to be passed to
- * SEC_PKCS7DestroyContentInfo later (as does the original).
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *cinfo)
-{
-    if (cinfo == NULL)
-	return NULL;
-
-    PORT_Assert (cinfo->refCount > 0);
-
-    if (cinfo->created) {
-	/*
-	 * Want to do a real copy of these; otherwise subsequent
-	 * changes made to either copy are likely to be a surprise.
-	 * XXX I suspect that this will not actually be called for yet,
-	 * which is why the assert, so to notice if it is...
-	 */
-	PORT_Assert (0);
-	/*
-	 * XXX Create a new pool here, and copy everything from
-	 * within.  For cert stuff, need to call the appropriate
-	 * copy functions, etc.
-	 */
-    }
-
-    cinfo->refCount++;
-    return cinfo;
-}
-
-
-/*
- * Return a pointer to the actual content.  In the case of those types
- * which are encrypted, this returns the *plain* content.
- * XXX Needs revisiting if/when we handle nested encrypted types.
- */
-SECItem *
-SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo)
-{
-    SECOidTag kind;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_DATA:
-	return cinfo->content.data;
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	{
-	    SEC_PKCS7DigestedData *digd;
-
-	    digd = cinfo->content.digestedData;
-	    if (digd == NULL)
-		break;
-	    return SEC_PKCS7GetContent (&(digd->contentInfo));
-	}
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	{
-	    SEC_PKCS7EncryptedData *encd;
-
-	    encd = cinfo->content.encryptedData;
-	    if (encd == NULL)
-		break;
-	    return &(encd->encContentInfo.plainContent);
-	}
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7EnvelopedData *envd;
-
-	    envd = cinfo->content.envelopedData;
-	    if (envd == NULL)
-		break;
-	    return &(envd->encContentInfo.plainContent);
-	}
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sigd;
-
-	    sigd = cinfo->content.signedData;
-	    if (sigd == NULL)
-		break;
-	    return SEC_PKCS7GetContent (&(sigd->contentInfo));
-	}
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saed;
-
-	    saed = cinfo->content.signedAndEnvelopedData;
-	    if (saed == NULL)
-		break;
-	    return &(saed->encContentInfo.plainContent);
-	}
-      default:
-	PORT_Assert(0);
-	break;
-    }
-
-    return NULL;
-}
-
-
-/*
- * XXX Fix the placement and formatting of the
- * following routines (i.e. make them consistent with the rest of
- * the pkcs7 code -- I think some/many belong in other files and
- * they all need a formatting/style rehaul)
- */
-
-/* retrieve the algorithm identifier for encrypted data.  
- * the identifier returned is a copy of the algorithm identifier
- * in the content info and needs to be freed after being used.
- *
- *   cinfo is the content info for which to retrieve the
- *     encryption algorithm.
- *
- * if the content info is not encrypted data or an error 
- * occurs NULL is returned.
- */
-SECAlgorithmID *
-SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo)
-{
-  SECAlgorithmID *alg = 0;
-  switch (SEC_PKCS7ContentType(cinfo))
-    {
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-      alg = &cinfo->content.encryptedData->encContentInfo.contentEncAlg;
-      break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-      alg = &cinfo->content.envelopedData->encContentInfo.contentEncAlg;
-      break;
-    case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-      alg = &cinfo->content.signedAndEnvelopedData
-	->encContentInfo.contentEncAlg;
-      break;
-    default:
-      alg = 0;
-      break;
-    }
-
-    return alg;
-}
-
-/* set the content of the content info.  For data content infos,
- * the data is set.  For encrytped content infos, the plainContent
- * is set, and is expected to be encrypted later.
- *  
- * cinfo is the content info where the data will be set
- *
- * buf is a buffer of the data to set
- *
- * len is the length of the data being set.
- *
- * in the event of an error, SECFailure is returned.  SECSuccess 
- * indicates the content was successfully set.
- */
-SECStatus 
-SEC_PKCS7SetContent(SEC_PKCS7ContentInfo *cinfo,
-		    const char *buf, 
-		    unsigned long len)
-{
-    SECOidTag cinfo_type;
-    SECStatus rv;
-    SECItem content;
-    SECOidData *contentTypeTag = NULL;
-
-    content.data = (unsigned char *)buf;
-    content.len = len;
-
-    cinfo_type = SEC_PKCS7ContentType(cinfo);
-
-    /* set inner content */
-    switch(cinfo_type)
-    {
-	case SEC_OID_PKCS7_SIGNED_DATA:
-	    if(content.len > 0) {
-		/* we "leak" the old content here, but as it's all in the pool */
-		/* it does not really matter */
-
-		/* create content item if necessary */
-		if (cinfo->content.signedData->contentInfo.content.data == NULL)
-		    cinfo->content.signedData->contentInfo.content.data = SECITEM_AllocItem(cinfo->poolp, NULL, 0);
-		rv = SECITEM_CopyItem(cinfo->poolp, 
-			cinfo->content.signedData->contentInfo.content.data,
-			&content);
-	    } else {
-		cinfo->content.signedData->contentInfo.content.data->data = NULL;
-		cinfo->content.signedData->contentInfo.content.data->len = 0;
-		rv = SECSuccess;
-	    }
-	    if(rv == SECFailure)
-		goto loser;
-	    
-	    break;
-	case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    /* XXX this forces the inner content type to be "data" */
-	    /* do we really want to override without asking or reason? */
-	    contentTypeTag = SECOID_FindOIDByTag(SEC_OID_PKCS7_DATA);
-	    if(contentTypeTag == NULL)
-		goto loser;
-	    rv = SECITEM_CopyItem(cinfo->poolp, 
-		&(cinfo->content.encryptedData->encContentInfo.contentType),
-		&(contentTypeTag->oid));
-	    if(rv == SECFailure)
-		goto loser;
-	    if(content.len > 0) {
-		rv = SECITEM_CopyItem(cinfo->poolp, 
-			&(cinfo->content.encryptedData->encContentInfo.plainContent),
-			&content);
-	    } else {
-		cinfo->content.encryptedData->encContentInfo.plainContent.data = NULL;
-		cinfo->content.encryptedData->encContentInfo.encContent.data = NULL;
-		cinfo->content.encryptedData->encContentInfo.plainContent.len = 0;
-		cinfo->content.encryptedData->encContentInfo.encContent.len = 0;
-		rv = SECSuccess;
-	    }
-	    if(rv == SECFailure)
-		goto loser;
-	    break;
-	case SEC_OID_PKCS7_DATA:
-	    cinfo->content.data = (SECItem *)PORT_ArenaZAlloc(cinfo->poolp,
-		sizeof(SECItem));
-	    if(cinfo->content.data == NULL)
-		goto loser;
-	    if(content.len > 0) {
-		rv = SECITEM_CopyItem(cinfo->poolp,
-			cinfo->content.data, &content);
-	    } else {
-	    	/* handle case with NULL content */
-		rv = SECSuccess;
-	    }
-	    if(rv == SECFailure)
-		goto loser;
-	    break;
-	default:
-	    goto loser;
-    }
-
-    return SECSuccess;
-
-loser:
-	
-    return SECFailure;
-}
-
-/* the content of an encrypted data content info is encrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "plainContent" field of the content info.
- *
- * cinfo is the content info to encrypt
- *
- * key is the key with which to perform the encryption.  if the
- *     algorithm is a password based encryption algorithm, the
- *     key is actually a password which will be processed per
- *     PKCS #5.
- * 
- * in the event of an error, SECFailure is returned.  SECSuccess
- * indicates a success.
- */
-SECStatus 
-SEC_PKCS7EncryptContents(PRArenaPool *poolp,
-			 SEC_PKCS7ContentInfo *cinfo,
-			 SECItem *key,
-			 void *wincx)
-{
-    SECAlgorithmID *algid 	= NULL;
-    SECItem *       result 	= NULL;
-    SECItem *       src;
-    SECItem *       dest;
-    SECItem *       blocked_data = NULL;
-    void *          mark;
-    void *          cx;
-    PK11SymKey *    eKey 	= NULL;
-    PK11SlotInfo *  slot 	= NULL;
-
-    CK_MECHANISM    pbeMech;
-    CK_MECHANISM    cryptoMech;
-    int             bs;
-    SECOidTag       algtag;
-    SECStatus       rv 		= SECFailure;
-    SECItem         c_param;
-
-    if((cinfo == NULL) || (key == NULL))
-	return SECFailure;
-
-    if(SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
-	return SECFailure;
-
-    algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);	
-    if(algid == NULL)
-	return SECFailure;
-
-    if(poolp == NULL)
-	poolp = cinfo->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-    
-    src = &cinfo->content.encryptedData->encContentInfo.plainContent;
-    dest = &cinfo->content.encryptedData->encContentInfo.encContent;
-    algtag = SECOID_GetAlgorithmTag(algid);
-    c_param.data = NULL;
-    dest->data = (unsigned char*)PORT_ArenaZAlloc(poolp, (src->len + 64));
-    dest->len = (src->len + 64);
-    if(dest->data == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    slot = PK11_GetInternalKeySlot();
-    if(slot == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
-    result = PK11_ParamFromAlgid(algid);
-    if (result == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    pbeMech.pParameter = result->data;
-    pbeMech.ulParameterLen = result->len;
-
-    eKey = PK11_RawPBEKeyGen(slot, pbeMech.mechanism, result, key, PR_FALSE,
-								 wincx);
-    if(eKey == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, key, 
-			PR_FALSE) != CKR_OK) {
-	rv = SECFailure;
-	goto loser;
-    }
-    c_param.data = (unsigned char *)cryptoMech.pParameter;
-    c_param.len = cryptoMech.ulParameterLen;
-
-    /* block according to PKCS 8 */
-    bs = PK11_GetBlockSize(cryptoMech.mechanism, &c_param);
-    rv = SECSuccess;
-    if(bs) {
-	char pad_char;
-	pad_char = (char)(bs - (src->len % bs));
-	if(src->len % bs) {
-	    rv = SECSuccess;
-	    blocked_data = PK11_BlockData(src, bs);
-	    if(blocked_data) {
-		PORT_Memset((blocked_data->data + blocked_data->len - (int)pad_char), 
-			    pad_char, (int)pad_char);
-	    } else {
-		rv = SECFailure;
-		goto loser;
-	    }
-	} else {
-	    blocked_data = SECITEM_DupItem(src);
-	    if(blocked_data) {
-		blocked_data->data = (unsigned char*)PORT_Realloc(
-						  blocked_data->data,
-						  blocked_data->len + bs);
-		if(blocked_data->data) {
-		    blocked_data->len += bs;
-		    PORT_Memset((blocked_data->data + src->len), (char)bs, bs);
-		} else {
-		    rv = SECFailure;
-		    goto loser;
-		}
-	    } else {
-		rv = SECFailure;
-		goto loser;
-	    }
-	 }
-    } else {
-	blocked_data = SECITEM_DupItem(src);
-	if(!blocked_data) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-    }
-
-    cx = PK11_CreateContextBySymKey(cryptoMech.mechanism, CKA_ENCRYPT,
-		    		    eKey, &c_param);
-    if(cx == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = PK11_CipherOp((PK11Context*)cx, dest->data, (int *)(&dest->len), 
-		       (int)(src->len + 64), blocked_data->data, 
-		       (int)blocked_data->len);
-    PK11_DestroyContext((PK11Context*)cx, PR_TRUE);
-
-loser:
-    /* let success fall through */
-    if(blocked_data != NULL)
-	SECITEM_ZfreeItem(blocked_data, PR_TRUE);
-
-    if(result != NULL)
-	SECITEM_ZfreeItem(result, PR_TRUE);
-
-    if(rv == SECFailure)
-	PORT_ArenaRelease(poolp, mark);
-    else 
-	PORT_ArenaUnmark(poolp, mark);
-
-    if(eKey != NULL)
-	PK11_FreeSymKey(eKey);
-
-    if(slot != NULL)
-	PK11_FreeSlot(slot);
-
-    if(c_param.data != NULL) 
-	SECITEM_ZfreeItem(&c_param, PR_FALSE);
-	
-    return rv;
-}
-
-/* the content of an encrypted data content info is decrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "encContent" field of the content info.
- *
- * cinfo is the content info to decrypt
- *
- * key is the key with which to perform the decryption.  if the
- *     algorithm is a password based encryption algorithm, the
- *     key is actually a password which will be processed per
- *     PKCS #5.
- * 
- * in the event of an error, SECFailure is returned.  SECSuccess
- * indicates a success.
- */
-SECStatus 
-SEC_PKCS7DecryptContents(PRArenaPool *poolp,
-			 SEC_PKCS7ContentInfo *cinfo,
-			 SECItem *key,
-			 void *wincx)
-{
-    SECAlgorithmID *algid = NULL;
-    SECOidTag algtag;
-    SECStatus rv = SECFailure;
-    SECItem *result = NULL, *dest, *src;
-    void *mark;
-
-    PK11SymKey *eKey = NULL;
-    PK11SlotInfo *slot = NULL;
-    CK_MECHANISM pbeMech, cryptoMech;
-    void *cx;
-    SECItem c_param;
-    int bs;
-
-    if((cinfo == NULL) || (key == NULL))
-	return SECFailure;
-
-    if(SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
-	return SECFailure;
-
-    algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);	
-    if(algid == NULL)
-	return SECFailure;
-
-    if(poolp == NULL)
-	poolp = cinfo->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-    
-    src = &cinfo->content.encryptedData->encContentInfo.encContent;
-    dest = &cinfo->content.encryptedData->encContentInfo.plainContent;
-    algtag = SECOID_GetAlgorithmTag(algid);
-    c_param.data = NULL;
-    dest->data = (unsigned char*)PORT_ArenaZAlloc(poolp, (src->len + 64));
-    dest->len = (src->len + 64);
-    if(dest->data == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    slot = PK11_GetInternalKeySlot();
-    if(slot == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
-    result = PK11_ParamFromAlgid(algid);
-    if (result == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    pbeMech.pParameter = result->data;
-    pbeMech.ulParameterLen = result->len;
-    eKey = PK11_RawPBEKeyGen(slot,pbeMech.mechanism,result,key,PR_FALSE,wincx);
-    if(eKey == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, key,
-			PR_FALSE) != CKR_OK) {
-	rv = SECFailure;
-	goto loser;
-    }
-    c_param.data = (unsigned char *)cryptoMech.pParameter;
-    c_param.len = cryptoMech.ulParameterLen;
-
-    cx = PK11_CreateContextBySymKey(cryptoMech.mechanism, CKA_DECRYPT,
-		    		    eKey, &c_param);
-    if(cx == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = PK11_CipherOp((PK11Context*)cx, dest->data, (int *)(&dest->len), 
-		       (int)(src->len + 64), src->data, (int)src->len);
-    PK11_DestroyContext((PK11Context *)cx, PR_TRUE);
-
-    bs = PK11_GetBlockSize(cryptoMech.mechanism, &c_param);
-    if(bs) {
-	/* check for proper badding in block algorithms.  this assumes
-	 * RC2 cbc or a DES cbc variant.  and the padding is thus defined
-	 */
-	if(((int)dest->data[dest->len-1] <= bs) && 
-	   ((int)dest->data[dest->len-1] > 0)) {
-	    dest->len -= (int)dest->data[dest->len-1];
-	} else {
-	    rv = SECFailure;
-	    /* set an error ? */
-	}
-    } 
-
-loser:
-    /* let success fall through */
-    if(result != NULL)
-	SECITEM_ZfreeItem(result, PR_TRUE);
-
-    if(rv == SECFailure)
-	PORT_ArenaRelease(poolp, mark);
-    else
-	PORT_ArenaUnmark(poolp, mark);
-
-    if(eKey != NULL)
-	PK11_FreeSymKey(eKey);
-
-    if(slot != NULL)
-	PK11_FreeSlot(slot);
-
-    if(c_param.data != NULL) 
-	SECITEM_ZfreeItem(&c_param, PR_FALSE);
-	
-    return rv;
-}
-
-SECItem **
-SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo)
-{
-    switch(SEC_PKCS7ContentType(cinfo))
-    {
-	case SEC_OID_PKCS7_SIGNED_DATA:
-	    return cinfo->content.signedData->rawCerts;
-	    break;
-	default:
-	    return NULL;
-	    break;
-    }
-}
-
-
-int
-SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo)
-{
-  if (cinfo->contentTypeTag->offset == SEC_OID_PKCS7_ENVELOPED_DATA)
-    return cinfo->content.envelopedData->encContentInfo.keysize;
-  else
-    return 0;
-}
-
diff --git a/security/nss/lib/pkcs7/p7create.c b/security/nss/lib/pkcs7/p7create.c
deleted file mode 100644
index 47bdee60c..000000000
--- a/security/nss/lib/pkcs7/p7create.c
+++ /dev/null
@@ -1,1320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 creation.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secder.h"
-
-static SECStatus
-sec_pkcs7_init_content_info (SEC_PKCS7ContentInfo *cinfo, PRArenaPool *poolp,
-			     SECOidTag kind, PRBool detached)
-{
-    void *thing;
-    int version;
-    SECItem *versionp;
-    SECStatus rv;
-
-    PORT_Assert (cinfo != NULL && poolp != NULL);
-    if (cinfo == NULL || poolp == NULL)
-	return SECFailure;
-
-    cinfo->contentTypeTag = SECOID_FindOIDByTag (kind);
-    PORT_Assert (cinfo->contentTypeTag
-		 && cinfo->contentTypeTag->offset == kind);
-
-    rv = SECITEM_CopyItem (poolp, &(cinfo->contentType),
-			   &(cinfo->contentTypeTag->oid));
-    if (rv != SECSuccess)
-	return rv;
-
-    if (detached)
-	return SECSuccess;
-
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-	thing = PORT_ArenaZAlloc (poolp, sizeof(SECItem));
-	cinfo->content.data = (SECItem*)thing;
-	versionp = NULL;
-	version = -1;
-	break;
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7DigestedData));
-	cinfo->content.digestedData = (SEC_PKCS7DigestedData*)thing;
-	versionp = &(cinfo->content.digestedData->version);
-	version = SEC_PKCS7_DIGESTED_DATA_VERSION;
-	break;
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7EncryptedData));
-	cinfo->content.encryptedData = (SEC_PKCS7EncryptedData*)thing;
-	versionp = &(cinfo->content.encryptedData->version);
-	version = SEC_PKCS7_ENCRYPTED_DATA_VERSION;
-	break;
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7EnvelopedData));
-	cinfo->content.envelopedData = 
-	  (SEC_PKCS7EnvelopedData*)thing;
-	versionp = &(cinfo->content.envelopedData->version);
-	version = SEC_PKCS7_ENVELOPED_DATA_VERSION;
-	break;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7SignedData));
-	cinfo->content.signedData = 
-	  (SEC_PKCS7SignedData*)thing;
-	versionp = &(cinfo->content.signedData->version);
-	version = SEC_PKCS7_SIGNED_DATA_VERSION;
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	thing = PORT_ArenaZAlloc(poolp,sizeof(SEC_PKCS7SignedAndEnvelopedData));
-	cinfo->content.signedAndEnvelopedData = 
-	  (SEC_PKCS7SignedAndEnvelopedData*)thing;
-	versionp = &(cinfo->content.signedAndEnvelopedData->version);
-	version = SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION;
-	break;
-    }
-
-    if (thing == NULL)
-	return SECFailure;
-
-    if (versionp != NULL) {
-	SECItem *dummy;
-
-	PORT_Assert (version >= 0);
-	dummy = SEC_ASN1EncodeInteger (poolp, versionp, version);
-	if (dummy == NULL)
-	    return SECFailure;
-	PORT_Assert (dummy == versionp);
-    }
-
-    return SECSuccess;
-}
-
-
-static SEC_PKCS7ContentInfo *
-sec_pkcs7_create_content_info (SECOidTag kind, PRBool detached,
-			       SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    PRArenaPool *poolp;
-    SECStatus rv;
-
-    poolp = PORT_NewArena (1024);	/* XXX what is right value? */
-    if (poolp == NULL)
-	return NULL;
-
-    cinfo = (SEC_PKCS7ContentInfo*)PORT_ArenaZAlloc (poolp, sizeof(*cinfo));
-    if (cinfo == NULL) {
-	PORT_FreeArena (poolp, PR_FALSE);
-	return NULL;
-    }
-
-    cinfo->poolp = poolp;
-    cinfo->pwfn = pwfn;
-    cinfo->pwfn_arg = pwfn_arg;
-    cinfo->created = PR_TRUE;
-    cinfo->refCount = 1;
-
-    rv = sec_pkcs7_init_content_info (cinfo, poolp, kind, detached);
-    if (rv != SECSuccess) {
-	PORT_FreeArena (poolp, PR_FALSE);
-	return NULL;
-    }
-
-    return cinfo;
-}
-
-
-/*
- * Add a signer to a PKCS7 thing, verifying the signature cert first.
- * Any error returns SECFailure.
- *
- * XXX Right now this only adds the *first* signer.  It fails if you try
- * to add a second one -- this needs to be fixed.
- */
-static SECStatus
-sec_pkcs7_add_signer (SEC_PKCS7ContentInfo *cinfo,
-		      CERTCertificate *     cert,
-		      SECCertUsage          certusage,
-		      CERTCertDBHandle *    certdb,
-		      SECOidTag             digestalgtag,
-		      SECItem *             digestdata)
-{
-    SEC_PKCS7SignerInfo *signerinfo, **signerinfos, ***signerinfosp;
-    SECAlgorithmID      *digestalg,  **digestalgs,  ***digestalgsp;
-    SECItem             *digest,     **digests,     ***digestsp;
-    SECItem *            dummy;
-    void *               mark;
-    SECStatus            rv;
-    SECOidTag            kind;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    digestalgsp = &(sdp->digestAlgorithms);
-	    digestsp = &(sdp->digests);
-	    signerinfosp = &(sdp->signerInfos);
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    digestalgsp = &(saedp->digestAlgorithms);
-	    digestsp = &(saedp->digests);
-	    signerinfosp = &(saedp->signerInfos);
-	}
-	break;
-      default:
-	return SECFailure;		/* XXX set an error? */
-    }
-
-    /*
-     * XXX I think that CERT_VerifyCert should do this if *it* is passed
-     * a NULL database.
-     */
-    if (certdb == NULL) {
-	certdb = CERT_GetDefaultCertDB();
-	if (certdb == NULL)
-	    return SECFailure;		/* XXX set an error? */
-    }
-
-    if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage, PR_Now(),
-			 cinfo->pwfn_arg, NULL) != SECSuccess)
-	{
-	/* XXX Did CERT_VerifyCert set an error? */
-	return SECFailure;
-    }
-
-    /*
-     * XXX This is the check that we do not already have a signer.
-     * This is not what we really want -- we want to allow this
-     * and *add* the new signer.
-     */
-    PORT_Assert (*signerinfosp == NULL
-		 && *digestalgsp == NULL && *digestsp == NULL);
-    if (*signerinfosp != NULL || *digestalgsp != NULL || *digestsp != NULL)
-	return SECFailure;
-
-    mark = PORT_ArenaMark (cinfo->poolp);
-
-    signerinfo = (SEC_PKCS7SignerInfo*)PORT_ArenaZAlloc (cinfo->poolp, 
-						  sizeof(SEC_PKCS7SignerInfo));
-    if (signerinfo == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    dummy = SEC_ASN1EncodeInteger (cinfo->poolp, &signerinfo->version,
-				   SEC_PKCS7_SIGNER_INFO_VERSION);
-    if (dummy == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-    PORT_Assert (dummy == &signerinfo->version);
-
-    signerinfo->cert = CERT_DupCertificate (cert);
-    if (signerinfo->cert == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    signerinfo->issuerAndSN = CERT_GetCertIssuerAndSN (cinfo->poolp, cert);
-    if (signerinfo->issuerAndSN == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    rv = SECOID_SetAlgorithmID (cinfo->poolp, &signerinfo->digestAlg,
-				digestalgtag, NULL);
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    /*
-     * Okay, now signerinfo is all set.  We just need to put it and its
-     * companions (another copy of the digest algorithm, and the digest
-     * itself if given) into the main structure.
-     *
-     * XXX If we are handling more than one signer, the following code
-     * needs to look through the digest algorithms already specified
-     * and see if the same one is there already.  If it is, it does not
-     * need to be added again.  Also, if it is there *and* the digest
-     * is not null, then the digest given should match the digest already
-     * specified -- if not, that is an error.  Finally, the new signerinfo
-     * should be *added* to the set already found.
-     */
-
-    signerinfos = (SEC_PKCS7SignerInfo**)PORT_ArenaAlloc (cinfo->poolp,
-				   2 * sizeof(SEC_PKCS7SignerInfo *));
-    if (signerinfos == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-    signerinfos[0] = signerinfo;
-    signerinfos[1] = NULL;
-
-    digestalg = PORT_ArenaZAlloc (cinfo->poolp, sizeof(SECAlgorithmID));
-    digestalgs = PORT_ArenaAlloc (cinfo->poolp, 2 * sizeof(SECAlgorithmID *));
-    if (digestalg == NULL || digestalgs == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-    rv = SECOID_SetAlgorithmID (cinfo->poolp, digestalg, digestalgtag, NULL);
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-    digestalgs[0] = digestalg;
-    digestalgs[1] = NULL;
-
-    if (digestdata != NULL) {
-	digest = (SECItem*)PORT_ArenaAlloc (cinfo->poolp, sizeof(SECItem));
-	digests = (SECItem**)PORT_ArenaAlloc (cinfo->poolp, 
-					      2 * sizeof(SECItem *));
-	if (digest == NULL || digests == NULL) {
-	    PORT_ArenaRelease (cinfo->poolp, mark);
-	    return SECFailure;
-	}
-	rv = SECITEM_CopyItem (cinfo->poolp, digest, digestdata);
-	if (rv != SECSuccess) {
-	    PORT_ArenaRelease (cinfo->poolp, mark);
-	    return SECFailure;
-	}
-	digests[0] = digest;
-	digests[1] = NULL;
-    } else {
-	digests = NULL;
-    }
-
-    *signerinfosp = signerinfos;
-    *digestalgsp = digestalgs;
-    *digestsp = digests;
-
-    PORT_ArenaUnmark(cinfo->poolp, mark);
-    return SECSuccess;
-}
-
-
-/*
- * Helper function for creating an empty signedData.
- */
-static SEC_PKCS7ContentInfo *
-sec_pkcs7_create_signed_data (SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7SignedData *sigd;
-    SECStatus rv;
-
-    cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_SIGNED_DATA, PR_FALSE,
-					   pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    sigd = cinfo->content.signedData;
-    PORT_Assert (sigd != NULL);
-
-    /*
-     * XXX Might we want to allow content types other than data?
-     * If so, via what interface?
-     */
-    rv = sec_pkcs7_init_content_info (&(sigd->contentInfo), cinfo->poolp,
-				      SEC_OID_PKCS7_DATA, PR_TRUE);
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    return cinfo;
-}
-
-
-/*
- * Start a PKCS7 signing context.
- *
- * "cert" is the cert that will be used to sign the data.  It will be
- * checked for validity.
- *
- * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "signing" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- * 
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- *
- * "digest" is the actual digest of the data.  It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * The return value can be passed to functions which add things to
- * it like attributes, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateSignedData (CERTCertificate *cert,
-			   SECCertUsage certusage,
-			   CERTCertDBHandle *certdb,
-			   SECOidTag digestalg,
-			   SECItem *digest,
- 			   SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SECStatus rv;
-
-    cinfo = sec_pkcs7_create_signed_data (pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    rv = sec_pkcs7_add_signer (cinfo, cert, certusage, certdb,
-			       digestalg, digest);
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    return cinfo;
-}
-
-
-static SEC_PKCS7Attribute *
-sec_pkcs7_create_attribute (PRArenaPool *poolp, SECOidTag oidtag,
-			    SECItem *value, PRBool encoded)
-{
-    SEC_PKCS7Attribute *attr;
-    SECItem **values;
-    void *mark;
-
-    PORT_Assert (poolp != NULL);
-    mark = PORT_ArenaMark (poolp);
-
-    attr = (SEC_PKCS7Attribute*)PORT_ArenaAlloc (poolp, 
-						 sizeof(SEC_PKCS7Attribute));
-    if (attr == NULL)
-	goto loser;
-
-    attr->typeTag = SECOID_FindOIDByTag (oidtag);
-    if (attr->typeTag == NULL)
-	goto loser;
-
-    if (SECITEM_CopyItem (poolp, &(attr->type),
-			  &(attr->typeTag->oid)) != SECSuccess)
-	goto loser;
-
-    values = (SECItem**)PORT_ArenaAlloc (poolp, 2 * sizeof(SECItem *));
-    if (values == NULL)
-	goto loser;
-
-    if (value != NULL) {
-	SECItem *copy;
-
-	copy = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
-	if (copy == NULL)
-	    goto loser;
-
-	if (SECITEM_CopyItem (poolp, copy, value) != SECSuccess)
-	    goto loser;
-
-	value = copy;
-    }
-
-    values[0] = value;
-    values[1] = NULL;
-    attr->values = values;
-    attr->encoded = encoded;
-
-    PORT_ArenaUnmark (poolp, mark);
-    return attr;
-
-loser:
-    PORT_Assert (mark != NULL);
-    PORT_ArenaRelease (poolp, mark);
-    return NULL;
-}
-
-
-static SECStatus
-sec_pkcs7_add_attribute (SEC_PKCS7ContentInfo *cinfo,
-			 SEC_PKCS7Attribute ***attrsp,
-			 SEC_PKCS7Attribute *attr)
-{
-    SEC_PKCS7Attribute **attrs;
-    SECItem *ct_value;
-    void *mark;
-
-    PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
-    if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
-	return SECFailure;
-
-    attrs = *attrsp;
-    if (attrs != NULL) {
-	int count;
-
-	/*
-	 * We already have some attributes, and just need to add this
-	 * new one.
-	 */
-
-	/*
-	 * We should already have the *required* attributes, which were
-	 * created/added at the same time the first attribute was added.
-	 */
-	PORT_Assert (sec_PKCS7FindAttribute (attrs,
-					     SEC_OID_PKCS9_CONTENT_TYPE,
-					     PR_FALSE) != NULL);
-	PORT_Assert (sec_PKCS7FindAttribute (attrs,
-					     SEC_OID_PKCS9_MESSAGE_DIGEST,
-					     PR_FALSE) != NULL);
-
-	for (count = 0; attrs[count] != NULL; count++)
-	    ;
-	attrs = (SEC_PKCS7Attribute**)PORT_ArenaGrow (cinfo->poolp, attrs,
-				(count + 1) * sizeof(SEC_PKCS7Attribute *),
-				(count + 2) * sizeof(SEC_PKCS7Attribute *));
-	if (attrs == NULL)
-	    return SECFailure;
-
-	attrs[count] = attr;
-	attrs[count+1] = NULL;
-	*attrsp = attrs;
-
-	return SECSuccess;
-    }
-
-    /*
-     * This is the first time an attribute is going in.
-     * We need to create and add the required attributes, and then
-     * we will also add in the one our caller gave us.
-     */
-
-    /*
-     * There are 2 required attributes, plus the one our caller wants
-     * to add, plus we always end with a NULL one.  Thus, four slots.
-     */
-    attrs = (SEC_PKCS7Attribute**)PORT_ArenaAlloc (cinfo->poolp, 
-					   4 * sizeof(SEC_PKCS7Attribute *));
-    if (attrs == NULL)
-	return SECFailure;
-
-    mark = PORT_ArenaMark (cinfo->poolp);
-
-    /*
-     * First required attribute is the content type of the data
-     * being signed.
-     */
-    ct_value = &(cinfo->content.signedData->contentInfo.contentType);
-    attrs[0] = sec_pkcs7_create_attribute (cinfo->poolp,
-					   SEC_OID_PKCS9_CONTENT_TYPE,
-					   ct_value, PR_FALSE);
-    /*
-     * Second required attribute is the message digest of the data
-     * being signed; we leave the value NULL for now (just create
-     * the place for it to go), and the encoder will fill it in later.
-     */
-    attrs[1] = sec_pkcs7_create_attribute (cinfo->poolp,
-					   SEC_OID_PKCS9_MESSAGE_DIGEST,
-					   NULL, PR_FALSE);
-    if (attrs[0] == NULL || attrs[1] == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure; 
-    }
-
-    attrs[2] = attr;
-    attrs[3] = NULL;
-    *attrsp = attrs;
-
-    PORT_ArenaUnmark (cinfo->poolp, mark);
-    return SECSuccess;
-}
-
-
-/*
- * Add the signing time to the authenticated (i.e. signed) attributes
- * of "cinfo".  This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will either do
- * nothing or replace an old signing time with a newer one.
- *
- * XXX This will probably just shove the current time into "cinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding.  Is this (expected to be small) delay okay?
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-SECStatus
-SEC_PKCS7AddSigningTime (SEC_PKCS7ContentInfo *cinfo)
-{
-    SEC_PKCS7SignerInfo **signerinfos;
-    SEC_PKCS7Attribute *attr;
-    SECItem stime;
-    SECStatus rv;
-    int si;
-
-    PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
-    if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
-	return SECFailure;
-
-    signerinfos = cinfo->content.signedData->signerInfos;
-
-    /* There has to be a signer, or it makes no sense. */
-    if (signerinfos == NULL || signerinfos[0] == NULL)
-	return SECFailure;
-
-    rv = DER_TimeToUTCTime (&stime, PR_Now());
-    if (rv != SECSuccess)
-	return rv;
-
-    attr = sec_pkcs7_create_attribute (cinfo->poolp,
-				       SEC_OID_PKCS9_SIGNING_TIME,
-				       &stime, PR_FALSE);
-    SECITEM_FreeItem (&stime, PR_FALSE);
-
-    if (attr == NULL)
-	return SECFailure;
-
-    rv = SECSuccess;
-    for (si = 0; signerinfos[si] != NULL; si++) {
-	SEC_PKCS7Attribute *oattr;
-
-	oattr = sec_PKCS7FindAttribute (signerinfos[si]->authAttr,
-					SEC_OID_PKCS9_SIGNING_TIME, PR_FALSE);
-	PORT_Assert (oattr == NULL);
-	if (oattr != NULL)
-	    continue;	/* XXX or would it be better to replace it? */
-
-	rv = sec_pkcs7_add_attribute (cinfo, &(signerinfos[si]->authAttr),
-				      attr);
-	if (rv != SECSuccess)
-	    break;	/* could try to continue, but may as well give up now */
-    }
-
-    return rv;
-}
-
-
-/*
- * Add the specified attribute to the authenticated (i.e. signed) attributes
- * of "cinfo" -- "oidtag" describes the attribute and "value" is the
- * value to be associated with it.  NOTE! "value" must already be encoded;
- * no interpretation of "oidtag" is done.  Also, it is assumed that this
- * signedData has only one signer -- if we ever need to add attributes
- * when there is more than one signature, we need a way to specify *which*
- * signature should get the attribute.
- *
- * XXX Technically, a signed attribute can have multiple values; if/when
- * we ever need to support an attribute which takes multiple values, we
- * either need to change this interface or create an AddSignedAttributeValue
- * which can be called subsequently, and would then append a value.
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-SECStatus
-SEC_PKCS7AddSignedAttribute (SEC_PKCS7ContentInfo *cinfo,
-			     SECOidTag oidtag,
-			     SECItem *value)
-{
-    SEC_PKCS7SignerInfo **signerinfos;
-    SEC_PKCS7Attribute *attr;
-
-    PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
-    if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
-	return SECFailure;
-
-    signerinfos = cinfo->content.signedData->signerInfos;
-
-    /*
-     * No signature or more than one means no deal.
-     */
-    if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
-	return SECFailure;
-
-    attr = sec_pkcs7_create_attribute (cinfo->poolp, oidtag, value, PR_TRUE);
-    if (attr == NULL)
-	return SECFailure;
-
-    return sec_pkcs7_add_attribute (cinfo, &(signerinfos[0]->authAttr), attr);
-}
- 
-
-/*
- * Mark that the signer certificates and their issuing chain should
- * be included in the encoded data.  This is expected to be used
- * in outgoing signed messages for email (S/MIME).
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7IncludeCertChain (SEC_PKCS7ContentInfo *cinfo,
-			   CERTCertDBHandle *certdb)
-{
-    SECOidTag kind;
-    SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	signerinfos = cinfo->content.signedData->signerInfos;
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
-	break;
-      default:
-	return SECFailure;		/* XXX set an error? */
-    }
-
-    if (signerinfos == NULL)		/* no signer, no certs? */
-	return SECFailure;		/* XXX set an error? */
-
-    if (certdb == NULL) {
-	certdb = CERT_GetDefaultCertDB();
-	if (certdb == NULL) {
-	    PORT_SetError (SEC_ERROR_BAD_DATABASE);
-	    return SECFailure;
-	}
-    }
-
-    /* XXX Should it be an error if we find no signerinfo or no certs? */
-    while ((signerinfo = *signerinfos++) != NULL) {
-	if (signerinfo->cert != NULL)
-	    /* get the cert chain.  don't send the root to avoid contamination
-	     * of old clients with a new root that they don't trust
-	     */
-	    signerinfo->certList = CERT_CertChainFromCert (signerinfo->cert,
-							   certUsageEmailSigner,
-							   PR_FALSE);
-    }
-
-    return SECSuccess;
-}
-
-
-/*
- * Helper function to add a certificate chain for inclusion in the
- * bag of certificates in a signedData.
- */
-static SECStatus
-sec_pkcs7_add_cert_chain (SEC_PKCS7ContentInfo *cinfo,
-			  CERTCertificate *cert,
-			  CERTCertDBHandle *certdb)
-{
-    SECOidTag kind;
-    CERTCertificateList *certlist, **certlists, ***certlistsp;
-    int count;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    certlistsp = &(sdp->certLists);
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    certlistsp = &(saedp->certLists);
-	}
-	break;
-      default:
-	return SECFailure;		/* XXX set an error? */
-    }
-
-    if (certdb == NULL) {
-	certdb = CERT_GetDefaultCertDB();
-	if (certdb == NULL) {
-	    PORT_SetError (SEC_ERROR_BAD_DATABASE);
-	    return SECFailure;
-	}
-    }
-
-    certlist = CERT_CertChainFromCert (cert, certUsageEmailSigner, PR_FALSE);
-    if (certlist == NULL)
-	return SECFailure;
-
-    certlists = *certlistsp;
-    if (certlists == NULL) {
-	count = 0;
-	certlists = (CERTCertificateList**)PORT_ArenaAlloc (cinfo->poolp,
-				     2 * sizeof(CERTCertificateList *));
-    } else {
-	for (count = 0; certlists[count] != NULL; count++)
-	    ;
-	PORT_Assert (count);	/* should be at least one already */
-	certlists = (CERTCertificateList**)PORT_ArenaGrow (cinfo->poolp, 
-				 certlists,
-				(count + 1) * sizeof(CERTCertificateList *),
-				(count + 2) * sizeof(CERTCertificateList *));
-    }
-
-    if (certlists == NULL) {
-	CERT_DestroyCertificateList (certlist);
-	return SECFailure;
-    }
-
-    certlists[count] = certlist;
-    certlists[count + 1] = NULL;
-
-    *certlistsp = certlists;
-
-    return SECSuccess;
-}
-
-
-/*
- * Helper function to add a certificate for inclusion in the bag of
- * certificates in a signedData.
- */
-static SECStatus
-sec_pkcs7_add_certificate (SEC_PKCS7ContentInfo *cinfo,
-			   CERTCertificate *cert)
-{
-    SECOidTag kind;
-    CERTCertificate **certs, ***certsp;
-    int count;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    certsp = &(sdp->certs);
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    certsp = &(saedp->certs);
-	}
-	break;
-      default:
-	return SECFailure;		/* XXX set an error? */
-    }
-
-    cert = CERT_DupCertificate (cert);
-    if (cert == NULL)
-	return SECFailure;
-
-    certs = *certsp;
-    if (certs == NULL) {
-	count = 0;
-	certs = (CERTCertificate**)PORT_ArenaAlloc (cinfo->poolp, 
-					      2 * sizeof(CERTCertificate *));
-    } else {
-	for (count = 0; certs[count] != NULL; count++)
-	    ;
-	PORT_Assert (count);	/* should be at least one already */
-	certs = (CERTCertificate**)PORT_ArenaGrow (cinfo->poolp, certs,
-				(count + 1) * sizeof(CERTCertificate *),
-				(count + 2) * sizeof(CERTCertificate *));
-    }
-
-    if (certs == NULL) {
-	CERT_DestroyCertificate (cert);
-	return SECFailure;
-    }
-
-    certs[count] = cert;
-    certs[count + 1] = NULL;
-
-    *certsp = certs;
-
-    return SECSuccess;
-}
-
-
-/*
- * Create a PKCS7 certs-only container.
- *
- * "cert" is the (first) cert that will be included.
- *
- * "include_chain" specifies whether the entire chain for "cert" should
- * be included.
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL in when "include_chain" is false, or when meaning
- * use the default database.
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateCertsOnly (CERTCertificate *cert,
-			  PRBool include_chain,
-			  CERTCertDBHandle *certdb)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SECStatus rv;
-
-    cinfo = sec_pkcs7_create_signed_data (NULL, NULL);
-    if (cinfo == NULL)
-	return NULL;
-
-    if (include_chain)
-	rv = sec_pkcs7_add_cert_chain (cinfo, cert, certdb);
-    else
-	rv = sec_pkcs7_add_certificate (cinfo, cert);
-
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    return cinfo;
-}
-
-
-/*
- * Add "cert" and its entire chain to the set of certs included in "cinfo".
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7AddCertChain (SEC_PKCS7ContentInfo *cinfo,
-		       CERTCertificate *cert,
-		       CERTCertDBHandle *certdb)
-{
-    SECOidTag kind;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    if (kind != SEC_OID_PKCS7_SIGNED_DATA
-	&& kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
-	return SECFailure;		/* XXX set an error? */
-
-    return sec_pkcs7_add_cert_chain (cinfo, cert, certdb);
-}
-
-
-/*
- * Add "cert" to the set of certs included in "cinfo".
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7AddCertificate (SEC_PKCS7ContentInfo *cinfo, CERTCertificate *cert)
-{
-    SECOidTag kind;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    if (kind != SEC_OID_PKCS7_SIGNED_DATA
-	&& kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
-	return SECFailure;		/* XXX set an error? */
-
-    return sec_pkcs7_add_certificate (cinfo, cert);
-}
-
-
-static SECStatus
-sec_pkcs7_init_encrypted_content_info (SEC_PKCS7EncryptedContentInfo *enccinfo,
-				       PRArenaPool *poolp,
-				       SECOidTag kind, PRBool detached,
-				       SECOidTag encalg, int keysize)
-{
-    SECStatus rv;
-
-    PORT_Assert (enccinfo != NULL && poolp != NULL);
-    if (enccinfo == NULL || poolp == NULL)
-	return SECFailure;
-
-    /*
-     * XXX Some day we may want to allow for other kinds.  That needs
-     * more work and modifications to the creation interface, etc.
-     * For now, allow but notice callers who pass in other kinds.
-     * They are responsible for creating the inner type and encoding,
-     * if it is other than DATA.
-     */
-    PORT_Assert (kind == SEC_OID_PKCS7_DATA);
-
-    enccinfo->contentTypeTag = SECOID_FindOIDByTag (kind);
-    PORT_Assert (enccinfo->contentTypeTag
-	       && enccinfo->contentTypeTag->offset == kind);
-
-    rv = SECITEM_CopyItem (poolp, &(enccinfo->contentType),
-			   &(enccinfo->contentTypeTag->oid));
-    if (rv != SECSuccess)
-	return rv;
-
-    /* Save keysize and algorithm for later. */
-    enccinfo->keysize = keysize;
-    enccinfo->encalg = encalg;
-
-    return SECSuccess;
-}
-
-
-/*
- * Add a recipient to a PKCS7 thing, verifying their cert first.
- * Any error returns SECFailure.
- */
-static SECStatus
-sec_pkcs7_add_recipient (SEC_PKCS7ContentInfo *cinfo,
-			 CERTCertificate *cert,
-			 SECCertUsage certusage,
-			 CERTCertDBHandle *certdb)
-{
-    SECOidTag kind;
-    SEC_PKCS7RecipientInfo *recipientinfo, **recipientinfos, ***recipientinfosp;
-    SECItem *dummy;
-    void *mark;
-    int count;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7EnvelopedData *edp;
-
-	    edp = cinfo->content.envelopedData;
-	    recipientinfosp = &(edp->recipientInfos);
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    recipientinfosp = &(saedp->recipientInfos);
-	}
-	break;
-      default:
-	return SECFailure;		/* XXX set an error? */
-    }
-
-    /*
-     * XXX I think that CERT_VerifyCert should do this if *it* is passed
-     * a NULL database.
-     */
-    if (certdb == NULL) {
-	certdb = CERT_GetDefaultCertDB();
-	if (certdb == NULL)
-	    return SECFailure;		/* XXX set an error? */
-    }
-
-    if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage, PR_Now(),
-			 cinfo->pwfn_arg, NULL) != SECSuccess)
-	{
-	/* XXX Did CERT_VerifyCert set an error? */
-	return SECFailure;
-    }
-
-    mark = PORT_ArenaMark (cinfo->poolp);
-
-    recipientinfo = (SEC_PKCS7RecipientInfo*)PORT_ArenaZAlloc (cinfo->poolp,
-				      sizeof(SEC_PKCS7RecipientInfo));
-    if (recipientinfo == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    dummy = SEC_ASN1EncodeInteger (cinfo->poolp, &recipientinfo->version,
-				   SEC_PKCS7_RECIPIENT_INFO_VERSION);
-    if (dummy == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-    PORT_Assert (dummy == &recipientinfo->version);
-
-    recipientinfo->cert = CERT_DupCertificate (cert);
-    if (recipientinfo->cert == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    recipientinfo->issuerAndSN = CERT_GetCertIssuerAndSN (cinfo->poolp, cert);
-    if (recipientinfo->issuerAndSN == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    /*
-     * Okay, now recipientinfo is all set.  We just need to put it into
-     * the main structure.
-     *
-     * If this is the first recipient, allocate a new recipientinfos array;
-     * otherwise, reallocate the array, making room for the new entry.
-     */
-    recipientinfos = *recipientinfosp;
-    if (recipientinfos == NULL) {
-	count = 0;
-	recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaAlloc (
-					  cinfo->poolp,
-					  2 * sizeof(SEC_PKCS7RecipientInfo *));
-    } else {
-	for (count = 0; recipientinfos[count] != NULL; count++)
-	    ;
-	PORT_Assert (count);	/* should be at least one already */
-	recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaGrow (
-				 cinfo->poolp, recipientinfos,
-				(count + 1) * sizeof(SEC_PKCS7RecipientInfo *),
-				(count + 2) * sizeof(SEC_PKCS7RecipientInfo *));
-    }
-
-    if (recipientinfos == NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-	return SECFailure;
-    }
-
-    recipientinfos[count] = recipientinfo;
-    recipientinfos[count + 1] = NULL;
-
-    *recipientinfosp = recipientinfos;
-
-    PORT_ArenaUnmark (cinfo->poolp, mark);
-    return SECSuccess;
-}
-
-
-/*
- * Start a PKCS7 enveloping context.
- *
- * "cert" is the cert for the recipient.  It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
- *
- * "keysize" specifies the bulk encryption key size, in bits.
- *
- * The return value can be passed to functions which add things to
- * it like more recipients, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEnvelopedData (CERTCertificate *cert,
-			      SECCertUsage certusage,
-			      CERTCertDBHandle *certdb,
-			      SECOidTag encalg,
-			      int keysize,
- 			      SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7EnvelopedData *envd;
-    SECStatus rv;
-
-    cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_ENVELOPED_DATA,
-					   PR_FALSE, pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    rv = sec_pkcs7_add_recipient (cinfo, cert, certusage, certdb);
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    envd = cinfo->content.envelopedData;
-    PORT_Assert (envd != NULL);
-
-    /*
-     * XXX Might we want to allow content types other than data?
-     * If so, via what interface?
-     */
-    rv = sec_pkcs7_init_encrypted_content_info (&(envd->encContentInfo),
-						cinfo->poolp,
-						SEC_OID_PKCS7_DATA, PR_FALSE,
-						encalg, keysize);
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    /* XXX Anything more to do here? */
-
-    return cinfo;
-}
-
-
-/*
- * Add another recipient to an encrypted message.
- *
- * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- *
- * "cert" is the cert for the recipient.  It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- */
-SECStatus
-SEC_PKCS7AddRecipient (SEC_PKCS7ContentInfo *cinfo,
-		       CERTCertificate *cert,
-		       SECCertUsage certusage,
-		       CERTCertDBHandle *certdb)
-{
-    return sec_pkcs7_add_recipient (cinfo, cert, certusage, certdb);
-}
-
-
-/*
- * Create an empty PKCS7 data content info.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateData (void)
-{
-    return sec_pkcs7_create_content_info (SEC_OID_PKCS7_DATA, PR_FALSE,
-					  NULL, NULL);
-}
-
-
-/*
- * Create an empty PKCS7 encrypted content info.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * 
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEncryptedData (SECOidTag algorithm, int keysize,
-			      SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SECAlgorithmID *algid;
-    SEC_PKCS7EncryptedData *enc_data;
-    SECStatus rv;
-
-    cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_ENCRYPTED_DATA, 
-					   PR_FALSE, pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    enc_data = cinfo->content.encryptedData;
-    algid = &(enc_data->encContentInfo.contentEncAlg);
-
-    switch (algorithm) {
-      case SEC_OID_RC2_CBC:
-      case SEC_OID_DES_EDE3_CBC:
-      case SEC_OID_DES_CBC:
-	rv = SECOID_SetAlgorithmID (cinfo->poolp, algid, algorithm, NULL);
-	break;
-      default:
-	{
-	    /*
-	     * Assume password-based-encryption.  At least, try that.
-	     */
-	    SECAlgorithmID *pbe_algid;
-	    pbe_algid = PK11_CreatePBEAlgorithmID (algorithm, 1, NULL);
-	    if (pbe_algid == NULL) {
-		rv = SECFailure;
-	    } else {
-		rv = SECOID_CopyAlgorithmID (cinfo->poolp, algid, pbe_algid);
-		SECOID_DestroyAlgorithmID (pbe_algid, PR_TRUE);
-	    }
-	}
-	break;
-    }
-
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    rv = sec_pkcs7_init_encrypted_content_info (&(enc_data->encContentInfo),
-						cinfo->poolp,
-						SEC_OID_PKCS7_DATA, PR_FALSE,
-						algorithm, keysize);
-    if (rv != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    return cinfo;
-}
-
diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c
deleted file mode 100644
index a3a41bb79..000000000
--- a/security/nss/lib/pkcs7/p7decode.c
+++ /dev/null
@@ -1,2085 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 decoding, verification.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "p7local.h"
-
-#include "cert.h"
-				/* XXX do not want to have to include */
-#include "certdb.h"		/* certdb.h -- the trust stuff needed by */
-     				/* the add certificate code needs to get */
-                           	/* rewritten/abstracted and then this */
-      				/* include should be removed! */
-/*#include "cdbhdl.h" */
-#include "cryptohi.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "sechash.h"	/* for HASH_GetHashObject() */
-#include "secder.h"
-#include "secpkcs5.h"
-
-struct sec_pkcs7_decoder_worker {
-    int depth;
-    int digcnt;
-    void **digcxs;
-    const SECHashObject **digobjs;
-    sec_PKCS7CipherObject *decryptobj;
-    PRBool saw_contents;
-};
-
-struct SEC_PKCS7DecoderContextStr {
-    SEC_ASN1DecoderContext *dcx;
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7DecoderContentCallback cb;
-    void *cb_arg;
-    SECKEYGetPasswordKey pwfn;
-    void *pwfn_arg;
-    struct sec_pkcs7_decoder_worker worker;
-    PRArenaPool *tmp_poolp;
-    int error;
-    SEC_PKCS7GetDecryptKeyCallback dkcb;
-    void *dkcb_arg;
-    SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb;
-};
-
-/*
- * Handle one worker, decrypting and digesting the data as necessary.
- *
- * XXX If/when we support nested contents, this probably needs to be
- * revised somewhat to get passed the content-info (which unfortunately
- * can be two different types depending on whether it is encrypted or not)
- * corresponding to the given worker.
- */
-static void
-sec_pkcs7_decoder_work_data (SEC_PKCS7DecoderContext *p7dcx,
-			     struct sec_pkcs7_decoder_worker *worker,
-			     const unsigned char *data, unsigned long len,
-			     PRBool final)
-{
-    unsigned char *buf = NULL;
-    SECStatus rv;
-    int i;
-
-    /*
-     * We should really have data to process, or we should be trying
-     * to finish/flush the last block.  (This is an overly paranoid
-     * check since all callers are in this file and simple inspection
-     * proves they do it right.  But it could find a bug in future
-     * modifications/development, that is why it is here.)
-     */
-    PORT_Assert ((data != NULL && len) || final);
-
-    /*
-     * Decrypt this chunk.
-     *
-     * XXX If we get an error, we do not want to do the digest or callback,
-     * but we want to keep decoding.  Or maybe we want to stop decoding
-     * altogether if there is a callback, because obviously we are not
-     * sending the data back and they want to know that.
-     */
-    if (worker->decryptobj != NULL) {
-	/* XXX the following lengths should all be longs? */
-	unsigned int inlen;	/* length of data being decrypted */
-	unsigned int outlen;	/* length of decrypted data */
-	unsigned int buflen;	/* length available for decrypted data */
-	SECItem *plain;
-
-	inlen = len;
-	buflen = sec_PKCS7DecryptLength (worker->decryptobj, inlen, final);
-	if (buflen == 0) {
-	    if (inlen == 0)	/* no input and no output */
-		return;
-	    /*
-	     * No output is expected, but the input data may be buffered
-	     * so we still have to call Decrypt.
-	     */
-	    rv = sec_PKCS7Decrypt (worker->decryptobj, NULL, NULL, 0,
-				   data, inlen, final);
-	    if (rv != SECSuccess) {
-		p7dcx->error = PORT_GetError();
-		return;		/* XXX indicate error? */
-	    }
-	    return;
-	}
-
-	if (p7dcx->cb != NULL) {
-	    buf = (unsigned char *) PORT_Alloc (buflen);
-	    plain = NULL;
-	} else {
-	    unsigned long oldlen;
-
-	    /*
-	     * XXX This assumes one level of content only.
-	     * See comment above about nested content types.
-	     * XXX Also, it should work for signedAndEnvelopedData, too!
-	     */
-	    plain = &(p7dcx->cinfo->
-			content.envelopedData->encContentInfo.plainContent);
-
-	    oldlen = plain->len;
-	    if (oldlen == 0) {
-		buf = (unsigned char*)PORT_ArenaAlloc (p7dcx->cinfo->poolp, 
-						       buflen);
-	    } else {
-		buf = (unsigned char*)PORT_ArenaGrow (p7dcx->cinfo->poolp, 
-				      plain->data,
-				      oldlen, oldlen + buflen);
-		if (buf != NULL)
-		    buf += oldlen;
-	    }
-	    plain->data = buf;
-	}
-	if (buf == NULL) {
-	    p7dcx->error = SEC_ERROR_NO_MEMORY;
-	    return;		/* XXX indicate error? */
-	}
-	rv = sec_PKCS7Decrypt (worker->decryptobj, buf, &outlen, buflen,
-			       data, inlen, final);
-	if (rv != SECSuccess) {
-	    p7dcx->error = PORT_GetError();
-	    return;		/* XXX indicate error? */
-	}
-	if (plain != NULL) {
-	    PORT_Assert (final || outlen == buflen);
-	    plain->len += outlen;
-	}
-	data = buf;
-	len = outlen;
-    }
-
-    /*
-     * Update the running digests.
-     */
-    if (len) {
-	for (i = 0; i < worker->digcnt; i++) {
-	    (* worker->digobjs[i]->update) (worker->digcxs[i], data, len);
-	}
-    }
-
-    /*
-     * Pass back the contents bytes, and free the temporary buffer.
-     */
-    if (p7dcx->cb != NULL) {
-	if (len)
-	    (* p7dcx->cb) (p7dcx->cb_arg, (const char *)data, len);
-	if (worker->decryptobj != NULL) {
-	    PORT_Assert (buf != NULL);
-	    PORT_Free (buf);
-	}
-    }
-}
-
-static void
-sec_pkcs7_decoder_filter (void *arg, const char *data, unsigned long len,
-			  int depth, SEC_ASN1EncodingPart data_kind)
-{
-    SEC_PKCS7DecoderContext *p7dcx;
-    struct sec_pkcs7_decoder_worker *worker;
-
-    /*
-     * Since we do not handle any nested contents, the only bytes we
-     * are really interested in are the actual contents bytes (not
-     * the identifier, length, or end-of-contents bytes).  If we were
-     * handling nested types we would probably need to do something
-     * smarter based on depth and data_kind.
-     */
-    if (data_kind != SEC_ASN1_Contents)
-	return;
-
-    /*
-     * The ASN.1 decoder should not even call us with a length of 0.
-     * Just being paranoid.
-     */
-    PORT_Assert (len);
-    if (len == 0)
-	return;
-
-    p7dcx = (SEC_PKCS7DecoderContext*)arg;
-
-    /*
-     * Handling nested contents would mean that there is a chain
-     * of workers -- one per each level of content.  The following
-     * would start with the first worker and loop over them.
-     */
-    worker = &(p7dcx->worker);
-
-    worker->saw_contents = PR_TRUE;
-
-    sec_pkcs7_decoder_work_data (p7dcx, worker,
-				 (const unsigned char *) data, len, PR_FALSE);
-}
-
-
-/*
- * Create digest contexts for each algorithm in "digestalgs".
- * No algorithms is not an error, we just do not do anything.
- * An error (like trouble allocating memory), marks the error
- * in "p7dcx" and returns SECFailure, which means that our caller
- * should just give up altogether.
- */
-static SECStatus
-sec_pkcs7_decoder_start_digests (SEC_PKCS7DecoderContext *p7dcx, int depth,
-				 SECAlgorithmID **digestalgs)
-{
-    SECAlgorithmID *algid;
-    SECOidData *oiddata;
-    const SECHashObject *digobj;
-    void *digcx;
-    int i, digcnt;
-
-    if (digestalgs == NULL)
-	return SECSuccess;
-
-    /*
-     * Count the algorithms.
-     */
-    digcnt = 0;
-    while (digestalgs[digcnt] != NULL)
-	digcnt++;
-
-    /*
-     * No algorithms means no work to do.
-     * This is not expected, so cause an assert.
-     * But if it does happen, just act as if there were
-     * no algorithms specified.
-     */
-    PORT_Assert (digcnt != 0);
-    if (digcnt == 0)
-	return SECSuccess;
-
-    p7dcx->worker.digcxs = (void**)PORT_ArenaAlloc (p7dcx->tmp_poolp,
-					    digcnt * sizeof (void *));
-    p7dcx->worker.digobjs = (const SECHashObject**)PORT_ArenaAlloc (p7dcx->tmp_poolp,
-					     digcnt * sizeof (SECHashObject *));
-    if (p7dcx->worker.digcxs == NULL || p7dcx->worker.digobjs == NULL) {
-	p7dcx->error = SEC_ERROR_NO_MEMORY;
-	return SECFailure;
-    }
-
-    p7dcx->worker.depth = depth;
-    p7dcx->worker.digcnt = 0;
-
-    /*
-     * Create a digest context for each algorithm.
-     */
-    for (i = 0; i < digcnt; i++) {
-	algid = digestalgs[i];
-	oiddata = SECOID_FindOID(&(algid->algorithm));
-	if (oiddata == NULL) {
-	    digobj = NULL;
-	} else {
-	    switch (oiddata->offset) {
-	      case SEC_OID_MD2:
-		digobj = HASH_GetHashObject(HASH_AlgMD2);
-		break;
-	      case SEC_OID_MD5:
-		digobj = HASH_GetHashObject(HASH_AlgMD5);
-		break;
-	      case SEC_OID_SHA1:
-		digobj = HASH_GetHashObject(HASH_AlgSHA1);
-		break;
-	      default:
-		digobj = NULL;
-		break;
-	    }
-	}
-
-	/*
-	 * Skip any algorithm we do not even recognize; obviously,
-	 * this could be a problem, but if it is critical then the
-	 * result will just be that the signature does not verify.
-	 * We do not necessarily want to error out here, because
-	 * the particular algorithm may not actually be important,
-	 * but we cannot know that until later.
-	 */
-	if (digobj == NULL) {
-	    p7dcx->worker.digcnt--;
-	    continue;
-	}
-
-	digcx = (* digobj->create)();
-	if (digcx != NULL) {
-	    (* digobj->begin) (digcx);
-	    p7dcx->worker.digobjs[p7dcx->worker.digcnt] = digobj;
-	    p7dcx->worker.digcxs[p7dcx->worker.digcnt] = digcx;
-	    p7dcx->worker.digcnt++;
-	}
-    }
-
-    if (p7dcx->worker.digcnt != 0)
-	SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
-				      sec_pkcs7_decoder_filter,
-				      p7dcx,
-				      (PRBool)(p7dcx->cb != NULL));
-    return SECSuccess;
-}
-
-
-/*
- * Close out all of the digest contexts, storing the results in "digestsp".
- */
-static SECStatus
-sec_pkcs7_decoder_finish_digests (SEC_PKCS7DecoderContext *p7dcx,
-				  PRArenaPool *poolp,
-				  SECItem ***digestsp)
-{
-    struct sec_pkcs7_decoder_worker *worker;
-    const SECHashObject *digobj;
-    void *digcx;
-    SECItem **digests, *digest;
-    int i;
-    void *mark;
-
-    /*
-     * XXX Handling nested contents would mean that there is a chain
-     * of workers -- one per each level of content.  The following
-     * would want to find the last worker in the chain.
-     */
-    worker = &(p7dcx->worker);
-
-    /*
-     * If no digests, then we have nothing to do.
-     */
-    if (worker->digcnt == 0)
-	return SECSuccess;
-
-    /*
-     * No matter what happens after this, we want to stop filtering.
-     * XXX If we handle nested contents, we only want to stop filtering
-     * if we are finishing off the *last* worker.
-     */
-    SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-
-    /*
-     * If we ended up with no contents, just destroy each
-     * digest context -- they are meaningless and potentially
-     * confusing, because their presence would imply some content
-     * was digested.
-     */
-    if (! worker->saw_contents) {
-	for (i = 0; i < worker->digcnt; i++) {
-	    digcx = worker->digcxs[i];
-	    digobj = worker->digobjs[i];
-	    (* digobj->destroy) (digcx, PR_TRUE);
-	}
-	return SECSuccess;
-    }
-
-    mark = PORT_ArenaMark (poolp);
-
-    /*
-     * Close out each digest context, saving digest away.
-     */
-    digests = 
-      (SECItem**)PORT_ArenaAlloc (poolp,(worker->digcnt+1)*sizeof(SECItem *));
-    digest = (SECItem*)PORT_ArenaAlloc (poolp, worker->digcnt*sizeof(SECItem));
-    if (digests == NULL || digest == NULL) {
-	p7dcx->error = PORT_GetError();
-	PORT_ArenaRelease (poolp, mark);
-	return SECFailure;
-    }
-
-    for (i = 0; i < worker->digcnt; i++, digest++) {
-	digcx = worker->digcxs[i];
-	digobj = worker->digobjs[i];
-
-	digest->data = (unsigned char*)PORT_ArenaAlloc (poolp, digobj->length);
-	if (digest->data == NULL) {
-	    p7dcx->error = PORT_GetError();
-	    PORT_ArenaRelease (poolp, mark);
-	    return SECFailure;
-	}
-
-	digest->len = digobj->length;
-	(* digobj->end) (digcx, digest->data, &(digest->len), digest->len);
-	(* digobj->destroy) (digcx, PR_TRUE);
-
-	digests[i] = digest;
-    }
-    digests[i] = NULL;
-    *digestsp = digests;
-
-    PORT_ArenaUnmark (poolp, mark);
-    return SECSuccess;
-}
-
-/*
- * XXX Need comment explaining following helper function (which is used
- * by sec_pkcs7_decoder_start_decrypt).
- */
-extern const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[];
-
-static PK11SymKey *
-sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx,
-				     SEC_PKCS7RecipientInfo **recipientinfos,
-				     SEC_PKCS7EncryptedContentInfo *enccinfo)
-{
-    SEC_PKCS7RecipientInfo *ri;
-    CERTCertificate *cert = NULL;
-    SECKEYPrivateKey *privkey = NULL;
-    PK11SymKey *bulkkey;
-    SECOidTag keyalgtag, bulkalgtag, encalgtag;
-    PK11SlotInfo *slot;
-    int bulkLength = 0;
-
-    if (recipientinfos == NULL || recipientinfos[0] == NULL) {
-	p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
-	goto no_key_found;
-    }
-
-    cert = PK11_FindCertAndKeyByRecipientList(&slot,recipientinfos,&ri,
-						&privkey, p7dcx->pwfn_arg);
-    if (cert == NULL) {
-	p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
-	goto no_key_found;
-    }
-
-    ri->cert = cert;		/* so we can find it later */
-    PORT_Assert(privkey != NULL);
-
-    keyalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-    encalgtag = SECOID_GetAlgorithmTag (&(ri->keyEncAlg));
-    if ((encalgtag != SEC_OID_NETSCAPE_SMIME_KEA) && (keyalgtag != encalgtag)) {
-	p7dcx->error = SEC_ERROR_PKCS7_KEYALG_MISMATCH;
-	goto no_key_found;
-    }
-    bulkalgtag = SECOID_GetAlgorithmTag (&(enccinfo->contentEncAlg));
-
-    switch (encalgtag) {
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	bulkkey = PK11_PubUnwrapSymKey (privkey, &ri->encKey,
-					PK11_AlgtagToMechanism (bulkalgtag),
-					CKA_DECRYPT, 0);
-	if (bulkkey == NULL) {
-	    p7dcx->error = PORT_GetError();
-	    PORT_SetError(0);
-	    goto no_key_found;
-	}
-	break;
-	/* ### mwelch -- KEA */ 
-        case SEC_OID_NETSCAPE_SMIME_KEA:
-	  {
-	      SECStatus err;
-	      CK_MECHANISM_TYPE bulkType;
-	      PK11SymKey *tek;
-	      SECKEYPublicKey *senderPubKey;
-	      SEC_PKCS7SMIMEKEAParameters   keaParams;
-
-	      (void) memset(&keaParams, 0, sizeof(keaParams));
-
-	      /* Decode the KEA algorithm parameters. */
-	      err = SEC_ASN1DecodeItem(NULL,
-				       &keaParams,
-				       SEC_SMIMEKEAParamTemplateAllParams,
-				       &(ri->keyEncAlg.parameters));
-	      if (err != SECSuccess)
-	      {
-		  p7dcx->error = err;
-		  PORT_SetError(0);
-		  goto no_key_found;
-	      }
-	  
-
-	      /* We just got key data, no key structure. So, we
-		 create one. */
-	     senderPubKey = 
-		  PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
-				     keaParams.originatorKEAKey.len);
-	     if (senderPubKey == NULL)
-	     {
-		    p7dcx->error = PORT_GetError();
-		    PORT_SetError(0);
-		    goto no_key_found;
-	     }
-	      
-	     /* Generate the TEK (token exchange key) which we use
-	         to unwrap the bulk encryption key. */
-	     tek = PK11_PubDerive(privkey, senderPubKey, 
-				   PR_FALSE,
-				   &keaParams.originatorRA,
-				   NULL,
-				   CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
-				   CKA_WRAP, 0, p7dcx->pwfn_arg);
-	     SECKEY_DestroyPublicKey(senderPubKey);
-	      
-	     if (tek == NULL)
-	     {
-		  p7dcx->error = PORT_GetError();
-		  PORT_SetError(0);
-		  goto no_key_found;
-	     }
-	      
-	      /* Now that we have the TEK, unwrap the bulk key
-	         with which to decrypt the message. We have to
-		 do one of two different things depending on 
-		 whether Skipjack was used for bulk encryption 
-		 of the message. */
-	      bulkType = PK11_AlgtagToMechanism (bulkalgtag);
-	      switch(bulkType)
-	      {
-	      case CKM_SKIPJACK_CBC64:
-	      case CKM_SKIPJACK_ECB64:
-	      case CKM_SKIPJACK_OFB64:
-	      case CKM_SKIPJACK_CFB64:
-	      case CKM_SKIPJACK_CFB32:
-	      case CKM_SKIPJACK_CFB16:
-	      case CKM_SKIPJACK_CFB8:
-		  /* Skipjack is being used as the bulk encryption algorithm.*/
-		  /* Unwrap the bulk key. */
-		  bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP,
-					      NULL, &ri->encKey, 
-					      CKM_SKIPJACK_CBC64, 
-					      CKA_DECRYPT, 0);
-		  break;
-	      default:
-		  /* Skipjack was not used for bulk encryption of this
-		     message. Use Skipjack CBC64, with the nonSkipjackIV
-		     part of the KEA key parameters, to decrypt 
-		     the bulk key. If we got a parameter indicating that the
-		     bulk key size is different than the encrypted key size,
-		     pass in the real key size. */
-		  
-		  /* Check for specified bulk key length (unspecified implies
-		     that the bulk key length is the same as encrypted length) */
-		  if (keaParams.bulkKeySize.len > 0)
-		  {
-		      p7dcx->error = SEC_ASN1DecodeItem(NULL, &bulkLength,
-					SEC_ASN1_GET(SEC_IntegerTemplate),
-					&keaParams.bulkKeySize);
-		  }
-		  
-		  if (p7dcx->error != SECSuccess)
-		      goto no_key_found;
-		  
-		  bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64,
-					      &keaParams.nonSkipjackIV, 
-					      &ri->encKey,
-					      bulkType,
-					      CKA_DECRYPT, bulkLength);
-	      }
-	      
-	      
-	      if (bulkkey == NULL)
-	      {
-		  p7dcx->error = PORT_GetError();
-		  PORT_SetError(0);
-		  goto no_key_found;
-	      }
-	      break;
-	  }
-      default:
-	p7dcx->error = SEC_ERROR_UNSUPPORTED_KEYALG;
-	goto no_key_found;
-    }
-
-    return bulkkey;
-
-no_key_found:
-    if (privkey != NULL)
-	SECKEY_DestroyPrivateKey (privkey);
-
-    return NULL;
-}
- 
-/*
- * XXX The following comment is old -- the function used to only handle
- * EnvelopedData or SignedAndEnvelopedData but now handles EncryptedData
- * as well (and it had all of the code of the helper function above
- * built into it), though the comment was left as is.  Fix it...
- *
- * We are just about to decode the content of an EnvelopedData.
- * Set up a decryption context so we can decrypt as we go.
- * Presumably we are one of the recipients listed in "recipientinfos".
- * (XXX And if we are not, or if we have trouble, what should we do?
- *  It would be nice to let the decoding still work.  Maybe it should
- *  be an error if there is a content callback, but not an error otherwise?)
- * The encryption key and related information can be found in "enccinfo".
- */
-static SECStatus
-sec_pkcs7_decoder_start_decrypt (SEC_PKCS7DecoderContext *p7dcx, int depth,
-				 SEC_PKCS7RecipientInfo **recipientinfos,
-				 SEC_PKCS7EncryptedContentInfo *enccinfo,
-				 PK11SymKey **copy_key_for_signature)
-{
-    PK11SymKey *bulkkey = NULL;
-    sec_PKCS7CipherObject *decryptobj;
-
-    /*
-     * If a callback is supplied to retrieve the encryption key, 
-     * for instance, for Encrypted Content infos, then retrieve
-     * the bulkkey from the callback.  Otherwise, assume that
-     * we are processing Enveloped or SignedAndEnveloped data
-     * content infos.
-     *
-     * XXX Put an assert here?
-     */
-    if (SEC_PKCS7ContentType(p7dcx->cinfo) == SEC_OID_PKCS7_ENCRYPTED_DATA) {
-	if (p7dcx->dkcb != NULL) {
-	    bulkkey = (*p7dcx->dkcb)(p7dcx->dkcb_arg, 
-				     &(enccinfo->contentEncAlg));
-	}
-	enccinfo->keysize = 0;
-    } else {
-	bulkkey = sec_pkcs7_decoder_get_recipient_key (p7dcx, recipientinfos, 
-						       enccinfo);
-	if (bulkkey == NULL) goto no_decryption;
-	enccinfo->keysize = PK11_GetKeyStrength(bulkkey, 
-						&(enccinfo->contentEncAlg));
-
-    }
-
-    /*
-     * XXX I think following should set error in p7dcx and clear set error
-     * (as used to be done here, or as is done in get_receipient_key above.
-     */
-    if(bulkkey == NULL) {
-	goto no_decryption;
-    }
-    
-    /* 
-     * We want to make sure decryption is allowed.  This is done via
-     * a callback specified in SEC_PKCS7DecoderStart().
-     */
-    if (p7dcx->decrypt_allowed_cb) {
-	if ((*p7dcx->decrypt_allowed_cb) (&(enccinfo->contentEncAlg), 
-					  bulkkey) == PR_FALSE) {
-	    p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
-	    goto no_decryption;
-	}
-    } else {
-	    p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
-	    goto no_decryption;
-    }
-
-    /*
-     * When decrypting a signedAndEnvelopedData, the signature also has
-     * to be decrypted with the bulk encryption key; to avoid having to
-     * get it all over again later (and do another potentially expensive
-     * RSA operation), copy it for later signature verification to use.
-     */
-    if (copy_key_for_signature != NULL)
-	*copy_key_for_signature = PK11_ReferenceSymKey (bulkkey);
-
-    /*
-     * Now we have the bulk encryption key (in bulkkey) and the
-     * the algorithm (in enccinfo->contentEncAlg).  Using those,
-     * create a decryption context.
-     */
-    decryptobj = sec_PKCS7CreateDecryptObject (bulkkey,
-					       &(enccinfo->contentEncAlg));
-
-    /* 
-     * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
-     * structure.  Therefore, we need to set the bulkkey to the actual key 
-     * prior to freeing it.
-     */
-    if ( SEC_PKCS5IsAlgorithmPBEAlg(&(enccinfo->contentEncAlg)) && bulkkey ) {
-	SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
-	bulkkey = keyPwd->key;
-    }
-
-    /*
-     * We are done with (this) bulkkey now.
-     */
-    PK11_FreeSymKey (bulkkey);
-
-    if (decryptobj == NULL) {
-	p7dcx->error = PORT_GetError();
-	PORT_SetError(0);
-	goto no_decryption;
-    }
-
-    SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
-				  sec_pkcs7_decoder_filter,
-				  p7dcx,
-				  (PRBool)(p7dcx->cb != NULL));
-
-    p7dcx->worker.depth = depth;
-    p7dcx->worker.decryptobj = decryptobj;
-
-    return SECSuccess;
-
-no_decryption:
-    /*
-     * For some reason (error set already, if appropriate), we cannot
-     * decrypt the content.  I am not sure what exactly is the right
-     * thing to do here; in some cases we want to just stop, and in
-     * others we want to let the decoding finish even though we cannot
-     * decrypt the content.  My current thinking is that if the caller
-     * set up a content callback, then they are really interested in
-     * getting (decrypted) content, and if they cannot they will want
-     * to know about it.  However, if no callback was specified, then
-     * maybe it is not important that the decryption failed.
-     */
-    if (p7dcx->cb != NULL)
-	return SECFailure;
-    else
-	return SECSuccess;	/* Let the decoding continue. */
-}
-
-
-static SECStatus
-sec_pkcs7_decoder_finish_decrypt (SEC_PKCS7DecoderContext *p7dcx,
-				  PRArenaPool *poolp,
-				  SEC_PKCS7EncryptedContentInfo *enccinfo)
-{
-    struct sec_pkcs7_decoder_worker *worker;
-
-    /*
-     * XXX Handling nested contents would mean that there is a chain
-     * of workers -- one per each level of content.  The following
-     * would want to find the last worker in the chain.
-     */
-    worker = &(p7dcx->worker);
-
-    /*
-     * If no decryption context, then we have nothing to do.
-     */
-    if (worker->decryptobj == NULL)
-	return SECSuccess;
-
-    /*
-     * No matter what happens after this, we want to stop filtering.
-     * XXX If we handle nested contents, we only want to stop filtering
-     * if we are finishing off the *last* worker.
-     */
-    SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-
-    /*
-     * Handle the last block.
-     */
-    sec_pkcs7_decoder_work_data (p7dcx, worker, NULL, 0, PR_TRUE);
-
-    /*
-     * All done, destroy it.
-     */
-    sec_PKCS7DestroyDecryptObject (worker->decryptobj);
-
-    return SECSuccess;
-}
-
-
-static void
-sec_pkcs7_decoder_notify (void *arg, PRBool before, void *dest, int depth)
-{
-    SEC_PKCS7DecoderContext *p7dcx;
-    SEC_PKCS7ContentInfo *cinfo;
-    SEC_PKCS7SignedData *sigd;
-    SEC_PKCS7EnvelopedData *envd;
-    SEC_PKCS7SignedAndEnvelopedData *saed;
-    SEC_PKCS7EncryptedData *encd;
-    SEC_PKCS7DigestedData *digd;
-    PRBool after;
-    SECStatus rv;
-
-    /*
-     * Just to make the code easier to read, create an "after" variable
-     * that is equivalent to "not before".
-     * (This used to be just the statement "after = !before", but that
-     * causes a warning on the mac; to avoid that, we do it the long way.)
-     */
-    if (before)
-	after = PR_FALSE;
-    else
-	after = PR_TRUE;
-
-    p7dcx = (SEC_PKCS7DecoderContext*)arg;
-    cinfo = p7dcx->cinfo;
-
-    if (cinfo->contentTypeTag == NULL) {
-	if (after && dest == &(cinfo->contentType))
-	    cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-	return;
-    }
-
-    switch (cinfo->contentTypeTag->offset) {
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	sigd = cinfo->content.signedData;
-	if (sigd == NULL)
-	    break;
-
-	if (sigd->contentInfo.contentTypeTag == NULL) {
-	    if (after && dest == &(sigd->contentInfo.contentType))
-		sigd->contentInfo.contentTypeTag =
-			SECOID_FindOID(&(sigd->contentInfo.contentType));
-	    break;
-	}
-
-	/*
-	 * We only set up a filtering digest if the content is
-	 * plain DATA; anything else needs more work because a
-	 * second pass is required to produce a DER encoding from
-	 * an input that can be BER encoded.  (This is a requirement
-	 * of PKCS7 that is unfortunate, but there you have it.)
-	 *
-	 * XXX Also, since we stop here if this is not DATA, the
-	 * inner content is not getting processed at all.  Someday
-	 * we may want to fix that.
-	 */
-	if (sigd->contentInfo.contentTypeTag->offset != SEC_OID_PKCS7_DATA) {
-	    /* XXX Set an error in p7dcx->error */
-	    SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	    break;
-	}
-
-	/*
-	 * Just before the content, we want to set up a digest context
-	 * for each digest algorithm listed, and start a filter which
-	 * will run all of the contents bytes through that digest.
-	 */
-	if (before && dest == &(sigd->contentInfo.content)) {
-	    rv = sec_pkcs7_decoder_start_digests (p7dcx, depth,
-						  sigd->digestAlgorithms);
-	    if (rv != SECSuccess)
-		SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
-	    break;
-	}
-
-	/*
-	 * XXX To handle nested types, here is where we would want
-	 * to check for inner boundaries that need handling.
-	 */
-
-	/*
-	 * Are we done?
-	 */
-	if (after && dest == &(sigd->contentInfo.content)) {
-	    /*
-	     * Close out the digest contexts.  We ignore any error
-	     * because we are stopping anyway; the error status left
-	     * behind in p7dcx will be seen by outer functions.
-	     */
-	    (void) sec_pkcs7_decoder_finish_digests (p7dcx, cinfo->poolp,
-						     &(sigd->digests));
-
-	    /*
-	     * XXX To handle nested contents, we would need to remove
-	     * the worker from the chain (and free it).
-	     */
-
-	    /*
-	     * Stop notify.
-	     */
-	    SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	}
-	break;
-
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	envd = cinfo->content.envelopedData;
-	if (envd == NULL)
-	    break;
-
-	if (envd->encContentInfo.contentTypeTag == NULL) {
-	    if (after && dest == &(envd->encContentInfo.contentType))
-		envd->encContentInfo.contentTypeTag =
-			SECOID_FindOID(&(envd->encContentInfo.contentType));
-	    break;
-	}
-
-	/*
-	 * Just before the content, we want to set up a decryption
-	 * context, and start a filter which will run all of the
-	 * contents bytes through it to determine the plain content.
-	 */
-	if (before && dest == &(envd->encContentInfo.encContent)) {
-	    rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth,
-						  envd->recipientInfos,
-						  &(envd->encContentInfo),
-						  NULL);
-	    if (rv != SECSuccess)
-		SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
-	    break;
-	}
-
-	/*
-	 * Are we done?
-	 */
-	if (after && dest == &(envd->encContentInfo.encContent)) {
-	    /*
-	     * Close out the decryption context.  We ignore any error
-	     * because we are stopping anyway; the error status left
-	     * behind in p7dcx will be seen by outer functions.
-	     */
-	    (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
-						     &(envd->encContentInfo));
-
-	    /*
-	     * XXX To handle nested contents, we would need to remove
-	     * the worker from the chain (and free it).
-	     */
-
-	    /*
-	     * Stop notify.
-	     */
-	    SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	}
-	break;
-
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	saed = cinfo->content.signedAndEnvelopedData;
-	if (saed == NULL)
-	    break;
-
-	if (saed->encContentInfo.contentTypeTag == NULL) {
-	    if (after && dest == &(saed->encContentInfo.contentType))
-		saed->encContentInfo.contentTypeTag =
-			SECOID_FindOID(&(saed->encContentInfo.contentType));
-	    break;
-	}
-
-	/*
-	 * Just before the content, we want to set up a decryption
-	 * context *and* digest contexts, and start a filter which
-	 * will run all of the contents bytes through both.
-	 */
-	if (before && dest == &(saed->encContentInfo.encContent)) {
-	    rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth,
-						  saed->recipientInfos,
-						  &(saed->encContentInfo),
-						  &(saed->sigKey));
-	    if (rv == SECSuccess)
-		rv = sec_pkcs7_decoder_start_digests (p7dcx, depth,
-						      saed->digestAlgorithms);
-	    if (rv != SECSuccess)
-		SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
-	    break;
-	}
-
-	/*
-	 * Are we done?
-	 */
-	if (after && dest == &(saed->encContentInfo.encContent)) {
-	    /*
-	     * Close out the decryption and digests contexts.
-	     * We ignore any errors because we are stopping anyway;
-	     * the error status left behind in p7dcx will be seen by
-	     * outer functions.
-	     *
-	     * Note that the decrypt stuff must be called first;
-	     * it may have a last buffer to do which in turn has
-	     * to be added to the digest.
-	     */
-	    (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
-						     &(saed->encContentInfo));
-	    (void) sec_pkcs7_decoder_finish_digests (p7dcx, cinfo->poolp,
-						     &(saed->digests));
-
-	    /*
-	     * XXX To handle nested contents, we would need to remove
-	     * the worker from the chain (and free it).
-	     */
-
-	    /*
-	     * Stop notify.
-	     */
-	    SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	}
-	break;
-
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	digd = cinfo->content.digestedData;
-	
-	/* 
-	 * XXX Want to do the digest or not?  Maybe future enhancement...
-	 */
-	if (before && dest == &(digd->contentInfo.content.data)) {
-	    SEC_ASN1DecoderSetFilterProc (p7dcx->dcx, sec_pkcs7_decoder_filter,
-					  p7dcx,
-					  (PRBool)(p7dcx->cb != NULL));
-	    break;
-	}
-
-	/*
-	 * Are we done?
-	 */
-	if (after && dest == &(digd->contentInfo.content.data)) {
-	    SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-	}
-	break;
-
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	encd = cinfo->content.encryptedData;
-
-	/*
-	 * XXX If the decryption key callback is set, we want to start
-	 * the decryption.  If the callback is not set, we will treat the
-	 * content as plain data, since we do not have the key.
-	 *
-	 * Is this the proper thing to do?
-	 */
-	if (before && dest == &(encd->encContentInfo.encContent)) {
-	    /*
-	     * Start the encryption process if the decryption key callback
-	     * is present.  Otherwise, treat the content like plain data.
-	     */
-	    rv = SECSuccess;
-	    if (p7dcx->dkcb != NULL) {
-		rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth, NULL,
-						      &(encd->encContentInfo),
-						      NULL);
-	    }
-
-	    if (rv != SECSuccess)
-		SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-		
-	    break;
-	}
-
-	/*
-	 * Are we done?
-	 */
-	if (after && dest == &(encd->encContentInfo.encContent)) {
-	    /*
-	     * Close out the decryption context.  We ignore any error
-	     * because we are stopping anyway; the error status left
-	     * behind in p7dcx will be seen by outer functions.
-	     */
-	    (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
-						     &(encd->encContentInfo));
-
-	    /*
-	     * Stop notify.
-	     */
-	    SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	}
-	break;
-
-      case SEC_OID_PKCS7_DATA:
-	/*
-	 * If a output callback has been specified, we want to set the filter
-	 * to call the callback.  This is taken care of in 
-	 * sec_pkcs7_decoder_start_decrypt() or 
-	 * sec_pkcs7_decoder_start_digests() for the other content types.
-	 */ 
-	
-	if (before && dest == &(cinfo->content.data)) {
-
-	    /* 
-	     * Set the filter proc up.
-	     */
-	    SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
-					  sec_pkcs7_decoder_filter,
-					  p7dcx,
-					  (PRBool)(p7dcx->cb != NULL));
-	    break;
-	}
-
-	if (after && dest == &(cinfo->content.data)) {
-	    /*
-	     * Time to clean up after ourself, stop the Notify and Filter
-	     * procedures.
-	     */
-	    SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	    SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-	}
-	break;
-
-      default:
-	SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-	break;
-    }
-}
-
-
-SEC_PKCS7DecoderContext *
-SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
-		      SECKEYGetPasswordKey pwfn, void *pwfn_arg,
-		      SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb, 
-		      void *decrypt_key_cb_arg,
-		      SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
-{
-    SEC_PKCS7DecoderContext *p7dcx;
-    SEC_ASN1DecoderContext *dcx;
-    SEC_PKCS7ContentInfo *cinfo;
-    PRArenaPool *poolp;
-
-    poolp = PORT_NewArena (1024);		/* XXX what is right value? */
-    if (poolp == NULL)
-	return NULL;
-
-    cinfo = (SEC_PKCS7ContentInfo*)PORT_ArenaZAlloc (poolp, sizeof(*cinfo));
-    if (cinfo == NULL) {
-	PORT_FreeArena (poolp, PR_FALSE);
-	return NULL;
-    }
-
-    cinfo->poolp = poolp;
-    cinfo->pwfn = pwfn;
-    cinfo->pwfn_arg = pwfn_arg;
-    cinfo->created = PR_FALSE;
-    cinfo->refCount = 1;
-
-    p7dcx = 
-      (SEC_PKCS7DecoderContext*)PORT_ZAlloc (sizeof(SEC_PKCS7DecoderContext));
-    if (p7dcx == NULL) {
-	PORT_FreeArena (poolp, PR_FALSE);
-	return NULL;
-    }
-
-    p7dcx->tmp_poolp = PORT_NewArena (1024);	/* XXX what is right value? */
-    if (p7dcx->tmp_poolp == NULL) {
-	PORT_Free (p7dcx);
-	PORT_FreeArena (poolp, PR_FALSE);
-	return NULL;
-    }
-
-    dcx = SEC_ASN1DecoderStart (poolp, cinfo, sec_PKCS7ContentInfoTemplate);
-    if (dcx == NULL) {
-	PORT_FreeArena (p7dcx->tmp_poolp, PR_FALSE);
-	PORT_Free (p7dcx);
-	PORT_FreeArena (poolp, PR_FALSE);
-	return NULL;
-    }
-
-    SEC_ASN1DecoderSetNotifyProc (dcx, sec_pkcs7_decoder_notify, p7dcx);
-
-    p7dcx->dcx = dcx;
-    p7dcx->cinfo = cinfo;
-    p7dcx->cb = cb;
-    p7dcx->cb_arg = cb_arg;
-    p7dcx->pwfn = pwfn;
-    p7dcx->pwfn_arg = pwfn_arg;
-    p7dcx->dkcb = decrypt_key_cb;
-    p7dcx->dkcb_arg = decrypt_key_cb_arg;
-    p7dcx->decrypt_allowed_cb = decrypt_allowed_cb;
-
-    return p7dcx;
-}
-
-
-/*
- * Do the next chunk of PKCS7 decoding.  If there is a problem, set
- * an error and return a failure status.  Note that in the case of
- * an error, this routine is still prepared to be called again and
- * again in case that is the easiest route for our caller to take.
- * We simply detect it and do not do anything except keep setting
- * that error in case our caller has not noticed it yet...
- */
-SECStatus
-SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
-		       const char *buf, unsigned long len)
-{
-    if (p7dcx->cinfo != NULL && p7dcx->dcx != NULL) { 
-	PORT_Assert (p7dcx->error == 0);
-	if (p7dcx->error == 0) {
-	    if (SEC_ASN1DecoderUpdate (p7dcx->dcx, buf, len) != SECSuccess) {
-		p7dcx->error = PORT_GetError();
-		PORT_Assert (p7dcx->error);
-		if (p7dcx->error == 0)
-		    p7dcx->error = -1;
-	    }
-	}
-    }
-
-    if (p7dcx->error) {
-	if (p7dcx->dcx != NULL) {
-	    (void) SEC_ASN1DecoderFinish (p7dcx->dcx);
-	    p7dcx->dcx = NULL;
-	}
-	if (p7dcx->cinfo != NULL) {
-	    SEC_PKCS7DestroyContentInfo (p7dcx->cinfo);
-	    p7dcx->cinfo = NULL;
-	}
-	PORT_SetError (p7dcx->error);
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-
-SEC_PKCS7ContentInfo *
-SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-
-    cinfo = p7dcx->cinfo;
-    if (p7dcx->dcx != NULL) {
-	if (SEC_ASN1DecoderFinish (p7dcx->dcx) != SECSuccess) {
-	    SEC_PKCS7DestroyContentInfo (cinfo);
-	    cinfo = NULL;
-	}
-    }
-    PORT_FreeArena (p7dcx->tmp_poolp, PR_FALSE);
-    PORT_Free (p7dcx);
-    return cinfo;
-}
-
-
-SEC_PKCS7ContentInfo *
-SEC_PKCS7DecodeItem(SECItem *p7item,
-		    SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
-		    SECKEYGetPasswordKey pwfn, void *pwfn_arg,
-		    SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb, 
-		    void *decrypt_key_cb_arg,
-		    SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
-{
-    SEC_PKCS7DecoderContext *p7dcx;
-
-    p7dcx = SEC_PKCS7DecoderStart(cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb,
-				  decrypt_key_cb_arg, decrypt_allowed_cb);
-    (void) SEC_PKCS7DecoderUpdate(p7dcx, (char *) p7item->data, p7item->len);
-    return SEC_PKCS7DecoderFinish(p7dcx);
-}
-
-
-/*
- * If the thing contains any certs or crls return true; false otherwise.
- */
-PRBool
-SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo)
-{
-    SECOidTag kind;
-    SECItem **certs;
-    CERTSignedCrl **crls;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	return PR_FALSE;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	certs = cinfo->content.signedData->rawCerts;
-	crls = cinfo->content.signedData->crls;
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	certs = cinfo->content.signedAndEnvelopedData->rawCerts;
-	crls = cinfo->content.signedAndEnvelopedData->crls;
-	break;
-    }
-
-    /*
-     * I know this could be collapsed, but I was in a mood to be explicit.
-     */
-    if (certs != NULL && certs[0] != NULL)
-	return PR_TRUE;
-    else if (crls != NULL && crls[0] != NULL)
-	return PR_TRUE;
-    else
-	return PR_FALSE;
-}
-
-/* return the content length...could use GetContent, however we
- * need the encrypted content length 
- */
-PRBool
-SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen)
-{
-    SECItem *item = NULL;
-
-    if(cinfo == NULL) {
-	return PR_TRUE;
-    }
-
-    switch(SEC_PKCS7ContentType(cinfo)) 
-    {
-	case SEC_OID_PKCS7_DATA:
-	    item = cinfo->content.data;
-	    break;
-	case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    item = &cinfo->content.encryptedData->encContentInfo.encContent;
-	    break;
-	default:
-	    /* add other types */
-	    return PR_FALSE;
-    }
-
-    if(!item) {
-	return PR_TRUE;
-    } else if(item->len <= minLen) {
-	return PR_TRUE;
-    }
-
-    return PR_FALSE;
-}
-
-
-PRBool
-SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo)
-{
-    SECOidTag kind;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	return PR_FALSE;
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	return PR_TRUE;
-    }
-}
-
-
-/*
- * If the PKCS7 content has a signature (not just *could* have a signature)
- * return true; false otherwise.  This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-PRBool
-SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo)
-{
-    SECOidTag kind;
-    SEC_PKCS7SignerInfo **signerinfos;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	return PR_FALSE;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	signerinfos = cinfo->content.signedData->signerInfos;
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
-	break;
-    }
-
-    /*
-     * I know this could be collapsed; but I kind of think it will get
-     * more complicated before I am finished, so...
-     */
-    if (signerinfos != NULL && signerinfos[0] != NULL)
-	return PR_TRUE;
-    else
-	return PR_FALSE;
-}
-
-
-/*
- * SEC_PKCS7ContentVerifySignature
- *	Look at a PKCS7 contentInfo and check if the signature is good.
- *	The digest was either calculated earlier (and is stored in the
- *	contentInfo itself) or is passed in via "detached_digest".
- *
- *	The verification checks that the signing cert is valid and trusted
- *	for the purpose specified by "certusage".
- *
- *	In addition, if "keepcerts" is true, add any new certificates found
- *	into our local database.
- *
- * XXX Each place which returns PR_FALSE should be sure to have a good
- * error set for inspection by the caller.  Alternatively, we could create
- * an enumeration of success and each type of failure and return that
- * instead of a boolean.  For now, the default in a bad situation is to
- * set the error to SEC_ERROR_PKCS7_BAD_SIGNATURE.  But this should be
- * reviewed; better (more specific) errors should be possible (to distinguish
- * a signature failure from a badly-formed pkcs7 signedData, for example).
- * Some of the errors should probably just be SEC_ERROR_BAD_SIGNATURE,
- * but that has a less helpful error string associated with it right now;
- * if/when that changes, review and change these as needed.
- *
- * XXX This is broken wrt signedAndEnvelopedData.  In that case, the
- * message digest is doubly encrypted -- first encrypted with the signer
- * private key but then again encrypted with the bulk encryption key used
- * to encrypt the content.  So before we can pass the digest to VerifyDigest,
- * we need to decrypt it with the bulk encryption key.  Also, in this case,
- * there should be NO authenticatedAttributes (signerinfo->authAttr should
- * be NULL).
- */
-static PRBool
-sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
-			   SECCertUsage certusage,
-			   SECItem *detached_digest,
-			   HASH_HashType digest_type,
-			   PRBool keepcerts)
-{
-    SECAlgorithmID **digestalgs, *bulkid;
-    SECItem *digest;
-    SECItem **digests;
-    SECItem **rawcerts;
-    CERTSignedCrl **crls;
-    SEC_PKCS7SignerInfo **signerinfos, *signerinfo;
-    CERTCertificate *cert, **certs;
-    PRBool goodsig;
-    CERTCertDBHandle *certdb, *defaultdb; 
-    SECOidData *algiddata;
-    int i, certcount;
-    SECKEYPublicKey *publickey;
-    SECItem *content_type;
-    PK11SymKey *sigkey;
-    SECItem *utc_stime;
-    int64 stime;
-    SECStatus rv;
-
-    /*
-     * Everything needed in order to "goto done" safely.
-     */
-    goodsig = PR_FALSE;
-    certcount = 0;
-    cert = NULL;
-    certs = NULL;
-    certdb = NULL;
-    defaultdb = CERT_GetDefaultCertDB();
-    publickey = NULL;
-
-    if (! SEC_PKCS7ContentIsSigned(cinfo)) {
-	PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	goto done;
-    }
-
-    PORT_Assert (cinfo->contentTypeTag != NULL);
-
-    switch (cinfo->contentTypeTag->offset) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	/* Could only get here if SEC_PKCS7ContentIsSigned is broken. */
-	PORT_Assert (0);
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    digestalgs = sdp->digestAlgorithms;
-	    digests = sdp->digests;
-	    rawcerts = sdp->rawCerts;
-	    crls = sdp->crls;
-	    signerinfos = sdp->signerInfos;
-	    content_type = &(sdp->contentInfo.contentType);
-	    sigkey = NULL;
-	    bulkid = NULL;
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    digestalgs = saedp->digestAlgorithms;
-	    digests = saedp->digests;
-	    rawcerts = saedp->rawCerts;
-	    crls = saedp->crls;
-	    signerinfos = saedp->signerInfos;
-	    content_type = &(saedp->encContentInfo.contentType);
-	    sigkey = saedp->sigKey;
-	    bulkid = &(saedp->encContentInfo.contentEncAlg);
-	}
-	break;
-    }
-
-    if ((signerinfos == NULL) || (signerinfos[0] == NULL)) {
-	PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	goto done;
-    }
-
-    /*
-     * XXX Need to handle multiple signatures; checking them is easy,
-     * but what should be the semantics here (like, return value)?
-     */
-    if (signerinfos[1] != NULL) {
-	PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	goto done;
-    }
-
-    signerinfo = signerinfos[0];
-
-    /*
-     * XXX I would like to just pass the issuerAndSN, along with the rawcerts
-     * and crls, to some function that did all of this certificate stuff
-     * (open/close the database if necessary, verifying the certs, etc.)
-     * and gave me back a cert pointer if all was good.
-     */
-    certdb = defaultdb;
-    if (certdb == NULL) {
-	goto done;
-    }
-
-    certcount = 0;
-    if (rawcerts != NULL) {
-	for (; rawcerts[certcount] != NULL; certcount++) {
-	    /* just counting */
-	}
-    }
-
-    /*
-     * Note that the result of this is that each cert in "certs"
-     * needs to be destroyed.
-     */
-    rv = CERT_ImportCerts(certdb, certusage, certcount, rawcerts, &certs,
-			  keepcerts, PR_FALSE, NULL);
-    if ( rv != SECSuccess ) {
-	goto done;
-    }
-
-    /*
-     * This cert will also need to be freed, but since we save it
-     * in signerinfo for later, we do not want to destroy it when
-     * we leave this function -- we let the clean-up of the entire
-     * cinfo structure later do the destroy of this cert.
-     */
-    cert = CERT_FindCertByIssuerAndSN(certdb, signerinfo->issuerAndSN);
-    if (cert == NULL) {
-	goto done;
-    }
-
-    signerinfo->cert = cert;
-
-    /*
-     * Get and convert the signing time; if available, it will be used
-     * both on the cert verification and for importing the sender
-     * email profile.
-     */
-    utc_stime = SEC_PKCS7GetSigningTime (cinfo);
-    if (utc_stime != NULL) {
-	if (DER_UTCTimeToTime (&stime, utc_stime) != SECSuccess)
-	    utc_stime = NULL;	/* conversion failed, so pretend none */
-    }
-
-    /*
-     * XXX  This uses the signing time, if available.  Additionally, we
-     * might want to, if there is no signing time, get the message time
-     * from the mail header itself, and use that.  That would require
-     * a change to our interface though, and for S/MIME callers to pass
-     * in a time (and for non-S/MIME callers to pass in nothing, or
-     * maybe make them pass in the current time, always?).
-     */
-    if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage,
-			 utc_stime != NULL ? stime : PR_Now(),
-			 cinfo->pwfn_arg, NULL) != SECSuccess)
-	{
-	/*
-	 * XXX Give the user an option to check the signature anyway?
-	 * If we want to do this, need to give a way to leave and display
-	 * some dialog and get the answer and come back through (or do
-	 * the rest of what we do below elsewhere, maybe by putting it
-	 * in a function that we call below and could call from a dialog
-	 * finish handler).
-	 */
-	goto savecert;
-    }
-
-    publickey = CERT_ExtractPublicKey (cert);
-    if (publickey == NULL)
-	goto done;
-
-    /*
-     * XXX No!  If digests is empty, see if we can create it now by
-     * digesting the contents.  This is necessary if we want to allow
-     * somebody to do a simple decode (without filtering, etc.) and
-     * then later call us here to do the verification.
-     * OR, we can just specify that the interface to this routine
-     * *requires* that the digest(s) be done before calling and either
-     * stashed in the struct itself or passed in explicitly (as would
-     * be done for detached contents).
-     */
-    if ((digests == NULL || digests[0] == NULL)
-	&& (detached_digest == NULL || detached_digest->data == NULL))
-	goto done;
-
-    /*
-     * Find and confirm digest algorithm.
-     */
-    algiddata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-
-    if (detached_digest != NULL) {
-	switch (digest_type) {
-	  default:
-	  case HASH_AlgNULL:
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	  case HASH_AlgMD2:
-	    PORT_Assert (detached_digest->len == MD2_LENGTH);
-	    if (algiddata->offset != SEC_OID_MD2) {
-		PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-		goto done;
-	    }
-	    break;
-	  case HASH_AlgMD5:
-	    PORT_Assert (detached_digest->len == MD5_LENGTH);
-	    if (algiddata->offset != SEC_OID_MD5) {
-		PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-		goto done;
-	    }
-	    break;
-	  case HASH_AlgSHA1:
-	    PORT_Assert (detached_digest->len == SHA1_LENGTH);
-	    if (algiddata->offset != SEC_OID_SHA1) {
-		PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-		goto done;
-	    }
-	    break;
-	}
-	digest = detached_digest;
-    } else {
-	PORT_Assert (digestalgs != NULL && digestalgs[0] != NULL);
-	if (digestalgs == NULL || digestalgs[0] == NULL) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	/*
-	 * pick digest matching signerinfo->digestAlg from digests
-	 */
-	if (algiddata == NULL) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-	for (i = 0; digestalgs[i] != NULL; i++) {
-	    if (SECOID_FindOID (&(digestalgs[i]->algorithm)) == algiddata)
-		break;
-	}
-	if (digestalgs[i] == NULL) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	digest = digests[i];
-    }
-
-    /*
-     * XXX This may not be the right set of algorithms to check.
-     * I'd prefer to trust that just calling VFY_Verify{Data,Digest}
-     * would do the right thing (and set an error if it could not);
-     * then additional algorithms could be handled by that code
-     * and we would Just Work.  So this check should just be removed,
-     * but not until the VFY code is better at setting errors.
-     */
-    algiddata = SECOID_FindOID (&(signerinfo->digestEncAlg.algorithm));
-    if (algiddata == NULL ||
-	((algiddata->offset != SEC_OID_PKCS1_RSA_ENCRYPTION) &&
-	 (algiddata->offset != SEC_OID_ANSIX9_DSA_SIGNATURE))) {
-	PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	goto done;
-    }
-
-    if (signerinfo->authAttr != NULL) {
-	SEC_PKCS7Attribute *attr;
-	SECItem *value;
-	SECItem encoded_attrs;
-
-	/*
-	 * We have a sigkey only for signedAndEnvelopedData, which is
-	 * not supposed to have any authenticated attributes.
-	 */
-	if (sigkey != NULL) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	/*
-	 * PKCS #7 says that if there are any authenticated attributes,
-	 * then there must be one for content type which matches the
-	 * content type of the content being signed, and there must
-	 * be one for message digest which matches our message digest.
-	 * So check these things first.
-	 * XXX Might be nice to have a compare-attribute-value function
-	 * which could collapse the following nicely.
-	 */
-	attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
-				       SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE);
-	value = sec_PKCS7AttributeValue (attr);
-	if (value == NULL || value->len != content_type->len) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-	if (PORT_Memcmp (value->data, content_type->data, value->len) != 0) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
-				       SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE);
-	value = sec_PKCS7AttributeValue (attr);
-	if (value == NULL || value->len != digest->len) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-	if (PORT_Memcmp (value->data, digest->data, value->len) != 0) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	/*
-	 * Okay, we met the constraints of the basic attributes.
-	 * Now check the signature, which is based on a digest of
-	 * the DER-encoded authenticated attributes.  So, first we
-	 * encode and then we digest/verify.
-	 */
-	encoded_attrs.data = NULL;
-	encoded_attrs.len = 0;
-	if (sec_PKCS7EncodeAttributes (NULL, &encoded_attrs,
-				       &(signerinfo->authAttr)) == NULL)
-	    goto done;
-
-	if (encoded_attrs.data == NULL || encoded_attrs.len == 0) {
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	goodsig = (PRBool)(VFY_VerifyData (encoded_attrs.data, 
-				   encoded_attrs.len,
-				   publickey, &(signerinfo->encDigest),
-				   SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
-				   cinfo->pwfn_arg) == SECSuccess);
-	PORT_Free (encoded_attrs.data);
-    } else {
-	SECItem *sig;
-	SECItem holder;
-	SECStatus rv;
-
-	/*
-	 * No authenticated attributes.
-	 * The signature is based on the plain message digest.
-	 */
-
-	sig = &(signerinfo->encDigest);
-	if (sig->len == 0) {		/* bad signature */
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-	    goto done;
-	}
-
-	if (sigkey != NULL) {
-	    sec_PKCS7CipherObject *decryptobj;
-	    unsigned int buflen;
-
-	    /*
-	     * For signedAndEnvelopedData, we first must decrypt the encrypted
-	     * digest with the bulk encryption key.  The result is the normal
-	     * encrypted digest (aka the signature).
-	     */
-	    decryptobj = sec_PKCS7CreateDecryptObject (sigkey, bulkid);
-	    if (decryptobj == NULL)
-		goto done;
-
-	    buflen = sec_PKCS7DecryptLength (decryptobj, sig->len, PR_TRUE);
-	    PORT_Assert (buflen);
-	    if (buflen == 0) {		/* something is wrong */
-		sec_PKCS7DestroyDecryptObject (decryptobj);
-		goto done;
-	    }
-
-	    holder.data = (unsigned char*)PORT_Alloc (buflen);
-	    if (holder.data == NULL) {
-		sec_PKCS7DestroyDecryptObject (decryptobj);
-		goto done;
-	    }
-
-	    rv = sec_PKCS7Decrypt (decryptobj, holder.data, &holder.len, buflen,
-				   sig->data, sig->len, PR_TRUE);
-	    if (rv != SECSuccess) {
-		sec_PKCS7DestroyDecryptObject (decryptobj);
-		goto done;
-	    }
-
-	    sig = &holder;
-	}
-
-	goodsig = (PRBool)(VFY_VerifyDigest (digest, publickey, sig,
-				     SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
-				     cinfo->pwfn_arg)
-		   == SECSuccess);
-
-	if (sigkey != NULL) {
-	    PORT_Assert (sig == &holder);
-	    PORT_ZFree (holder.data, holder.len);
-	}
-    }
-
-    if (! goodsig) {
-	/*
-	 * XXX Change the generic error into our specific one, because
-	 * in that case we get a better explanation out of the Security
-	 * Advisor.  This is really a bug in our error strings (the
-	 * "generic" error has a lousy/wrong message associated with it
-	 * which assumes the signature verification was done for the
-	 * purposes of checking the issuer signature on a certificate)
-	 * but this is at least an easy workaround and/or in the
-	 * Security Advisor, which specifically checks for the error
-	 * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
-	 * in that case but does not similarly check for
-	 * SEC_ERROR_BAD_SIGNATURE.  It probably should, but then would
-	 * probably say the wrong thing in the case that it *was* the
-	 * certificate signature check that failed during the cert
-	 * verification done above.  Our error handling is really a mess.
-	 */
-	if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
-	    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-    }
-
-savecert:
-    /*
-     * Only save the smime profile if we are checking an email message and
-     * the cert has an email address in it.
-     */
-    if ( ( cert->emailAddr != NULL ) &&
-	( ( certusage == certUsageEmailSigner ) ||
-	 ( certusage == certUsageEmailRecipient ) ) ) {
-	SECItem *profile = NULL;
-	int save_error;
-
-	/*
-	 * Remember the current error set because we do not care about
-	 * anything set by the functions we are about to call.
-	 */
-	save_error = PORT_GetError();
-
-	if (goodsig && (signerinfo->authAttr != NULL)) {
-	    /*
-	     * If the signature is good, then we can save the S/MIME profile,
-	     * if we have one.
-	     */
-	    SEC_PKCS7Attribute *attr;
-
-	    attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
-					   SEC_OID_PKCS9_SMIME_CAPABILITIES,
-					   PR_TRUE);
-	    profile = sec_PKCS7AttributeValue (attr);
-	}
-
-	rv = CERT_SaveSMimeProfile (cert, profile, utc_stime);
-
-	/*
-	 * Restore the saved error in case the calls above set a new
-	 * one that we do not actually care about.
-	 */
-	PORT_SetError (save_error);
-
-	/*
-	 * XXX Failure is not indicated anywhere -- the signature
-	 * verification itself is unaffected by whether or not the
-	 * profile was successfully saved.
-	 */
-    }
-	
-
-done:
-
-    /*
-     * See comment above about why we do not want to destroy cert
-     * itself here.
-     */
-
-    if (certs != NULL)
-	CERT_DestroyCertArray (certs, certcount);
-
-    if (publickey != NULL)
-	SECKEY_DestroyPublicKey (publickey);
-
-    return goodsig;
-}
-
-/*
- * SEC_PKCS7VerifySignature
- *	Look at a PKCS7 contentInfo and check if the signature is good.
- *	The verification checks that the signing cert is valid and trusted
- *	for the purpose specified by "certusage".
- *
- *	In addition, if "keepcerts" is true, add any new certificates found
- *	into our local database.
- */
-PRBool
-SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
-			 SECCertUsage certusage,
-			 PRBool keepcerts)
-{
-    return sec_pkcs7_verify_signature (cinfo, certusage,
-				       NULL, HASH_AlgNULL, keepcerts);
-}
-
-/*
- * SEC_PKCS7VerifyDetachedSignature
- *	Look at a PKCS7 contentInfo and check if the signature matches
- *	a passed-in digest (calculated, supposedly, from detached contents).
- *	The verification checks that the signing cert is valid and trusted
- *	for the purpose specified by "certusage".
- *
- *	In addition, if "keepcerts" is true, add any new certificates found
- *	into our local database.
- */
-PRBool
-SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
-				 SECCertUsage certusage,
-				 SECItem *detached_digest,
-				 HASH_HashType digest_type,
-				 PRBool keepcerts)
-{
-    return sec_pkcs7_verify_signature (cinfo, certusage,
-				       detached_digest, digest_type,
-				       keepcerts);
-}
-
-
-/*
- * Return the asked-for portion of the name of the signer of a PKCS7
- * signed object.
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A NULL return value is an error.
- */
-
-#define sec_common_name 1
-#define sec_email_address 2
-
-static char *
-sec_pkcs7_get_signer_cert_info(SEC_PKCS7ContentInfo *cinfo, int selector)
-{
-    SECOidTag kind;
-    SEC_PKCS7SignerInfo **signerinfos;
-    CERTCertificate *signercert;
-    char *container;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	PORT_Assert (0);
-	return NULL;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    signerinfos = sdp->signerInfos;
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    signerinfos = saedp->signerInfos;
-	}
-	break;
-    }
-
-    if (signerinfos == NULL || signerinfos[0] == NULL)
-	return NULL;
-
-    signercert = signerinfos[0]->cert;
-
-    /*
-     * No cert there; see if we can find one by calling verify ourselves.
-     */
-    if (signercert == NULL) {
-	/*
-	 * The cert usage does not matter in this case, because we do not
-	 * actually care about the verification itself, but we have to pick
-	 * some valid usage to pass in.
-	 */
-	(void) sec_pkcs7_verify_signature (cinfo, certUsageEmailSigner,
-					   NULL, HASH_AlgNULL, PR_FALSE);
-	signercert = signerinfos[0]->cert;
-	if (signercert == NULL)
-	    return NULL;
-    }
-
-    switch (selector) {
-      case sec_common_name:
-	container = CERT_GetCommonName (&signercert->subject);
-	break;
-      case sec_email_address:
-	if(signercert->emailAddr) {
-	    container = PORT_Strdup(signercert->emailAddr);
-	} else {
-	    container = NULL;
-	}
-	break;
-      default:
-	PORT_Assert (0);
-	container = NULL;
-	break;
-    }
-
-    return container;
-}
-
-char *
-SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo)
-{
-    return sec_pkcs7_get_signer_cert_info(cinfo, sec_common_name);
-}
-
-char *
-SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo)
-{
-    return sec_pkcs7_get_signer_cert_info(cinfo, sec_email_address);
-}
-
-
-/*
- * Return the signing time, in UTCTime format, of a PKCS7 contentInfo.
- */
-SECItem *
-SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo)
-{
-    SEC_PKCS7SignerInfo **signerinfos;
-    SEC_PKCS7Attribute *attr;
-
-    if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
-	return NULL;
-
-    signerinfos = cinfo->content.signedData->signerInfos;
-
-    /*
-     * No signature, or more than one, means no deal.
-     */
-    if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
-	return NULL;
-
-    attr = sec_PKCS7FindAttribute (signerinfos[0]->authAttr,
-				   SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
-    return sec_PKCS7AttributeValue (attr);
-}
diff --git a/security/nss/lib/pkcs7/p7encode.c b/security/nss/lib/pkcs7/p7encode.c
deleted file mode 100644
index 879a1b286..000000000
--- a/security/nss/lib/pkcs7/p7encode.c
+++ /dev/null
@@ -1,1333 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 encoding.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "sechash.h"	/* for HASH_GetHashObject() */
-
-struct sec_pkcs7_encoder_output {
-    SEC_PKCS7EncoderOutputCallback outputfn;
-    void *outputarg;
-};
-
-struct SEC_PKCS7EncoderContextStr {
-    SEC_ASN1EncoderContext *ecx;
-    SEC_PKCS7ContentInfo *cinfo;
-    struct sec_pkcs7_encoder_output output;
-    sec_PKCS7CipherObject *encryptobj;
-    const SECHashObject *digestobj;
-    void *digestcx;
-};
-
-
-/*
- * The little output function that the ASN.1 encoder calls to hand
- * us bytes which we in turn hand back to our caller (via the callback
- * they gave us).
- */
-static void
-sec_pkcs7_encoder_out(void *arg, const char *buf, unsigned long len,
-		      int depth, SEC_ASN1EncodingPart data_kind)
-{
-    struct sec_pkcs7_encoder_output *output;
-
-    output = (struct sec_pkcs7_encoder_output*)arg;
-    output->outputfn (output->outputarg, buf, len);
-}
-
-static sec_PKCS7CipherObject *
-sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
-						 PK11SymKey *orig_bulkkey)
-{
-    SECOidTag kind;
-    sec_PKCS7CipherObject *encryptobj;
-    SEC_PKCS7RecipientInfo **recipientinfos, *ri;
-    SEC_PKCS7EncryptedContentInfo *enccinfo;
-    SEC_PKCS7SMIMEKEAParameters   keaParams;
-    SECKEYPublicKey *publickey = NULL;
-    SECKEYPrivateKey *ourPrivKey = NULL;
-    PK11SymKey  *bulkkey;
-    void *mark, *wincx;
-    int i;
-    PRArenaPool *arena = NULL;
-
-    /* Get the context in case we need it below. */
-    wincx = cinfo->pwfn_arg;
-
-    /* Clear keaParams, since cleanup code checks the lengths */
-    (void) memset(&keaParams, 0, sizeof(keaParams));
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	recipientinfos = NULL;
-	enccinfo = NULL;
-	break;
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	{
-	    SEC_PKCS7EncryptedData *encdp;
-
-	    /* To do EncryptedData we *must* be given a bulk key. */
-	    PORT_Assert (orig_bulkkey != NULL);
-	    if (orig_bulkkey == NULL) {
-		/* XXX error? */
-		return NULL;
-	    }
-
-	    encdp = cinfo->content.encryptedData;
-	    recipientinfos = NULL;
-	    enccinfo = &(encdp->encContentInfo);
-	}
-	break;
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7EnvelopedData *envdp;
-
-	    envdp = cinfo->content.envelopedData;
-	    recipientinfos = envdp->recipientInfos;
-	    enccinfo = &(envdp->encContentInfo);
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    recipientinfos = saedp->recipientInfos;
-	    enccinfo = &(saedp->encContentInfo);
-	}
-	break;
-    }
-
-    if (enccinfo == NULL)
-	return NULL;
-
-    bulkkey = orig_bulkkey;
-    if (bulkkey == NULL) {
-	CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(enccinfo->encalg);
-	PK11SlotInfo *slot;
-
-
-	slot = PK11_GetBestSlot(type,cinfo->pwfn_arg);
-	if (slot == NULL) {
-	    return NULL;
-	}
-	bulkkey = PK11_KeyGen(slot,type,NULL, enccinfo->keysize/8,
-			      cinfo->pwfn_arg);
-	PK11_FreeSlot(slot);
-	if (bulkkey == NULL) {
-	    return NULL;
-	}
-    }
-
-    encryptobj = NULL;
-    mark = PORT_ArenaMark (cinfo->poolp);
-
-    /*
-     * Encrypt the bulk key with the public key of each recipient.
-     */
-    for (i = 0; recipientinfos && (ri = recipientinfos[i]) != NULL; i++) {
-	CERTCertificate *cert;
-	SECOidTag certalgtag, encalgtag;
-	SECStatus rv;
-	int data_len;
-	SECItem *params = NULL;
-
-	cert = ri->cert;
-	PORT_Assert (cert != NULL);
-	if (cert == NULL)
-	    continue;
-
-	/*
-	 * XXX Want an interface that takes a cert and some data and
-	 * fills in an algorithmID and encrypts the data with the public
-	 * key from the cert.  Or, give me two interfaces -- one which
-	 * gets the algorithm tag from a cert (I should not have to go
-	 * down into the subjectPublicKeyInfo myself) and another which
-	 * takes a public key and algorithm tag and data and encrypts
-	 * the data.  Or something like that.  The point is that all
-	 * of the following hardwired RSA and KEA stuff should be done
-	 * elsewhere.
-	 */
-
-	certalgtag=SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
-	switch (certalgtag) {
-	case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	    encalgtag = certalgtag;
-	    publickey = CERT_ExtractPublicKey (cert);
-	    if (publickey == NULL) goto loser;
-		
-	    data_len = SECKEY_PublicKeyStrength(publickey);
-	    ri->encKey.data = 
-	        (unsigned char*)PORT_ArenaAlloc(cinfo->poolp ,data_len);
-	    ri->encKey.len = data_len;
-	    if (ri->encKey.data == NULL) goto loser;
-
-	    rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(certalgtag),publickey,
-				bulkkey,&ri->encKey);
-
-	    SECKEY_DestroyPublicKey(publickey);
-	    publickey = NULL;
-	    if (rv != SECSuccess) goto loser;
-	    params = NULL; /* paranoia */
-	    break;
-	/* ### mwelch -- KEA */ 
-      case SEC_OID_MISSI_KEA_DSS_OLD:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_KEA:
-	    {
-#define SMIME_FORTEZZA_RA_LENGTH 128
-#define SMIME_FORTEZZA_IV_LENGTH 24
-#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
-		SECStatus err;
-		PK11SymKey *tek;
-		CERTCertificate *ourCert;
-		SECKEYPublicKey *ourPubKey;
-		SECKEATemplateSelector whichKEA = SECKEAInvalid;
-
-		/* We really want to show our KEA tag as the
-		   key exchange algorithm tag. */
-		encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
-
-		/* Get the public key of the recipient. */
-		publickey = CERT_ExtractPublicKey(cert);
-		if (publickey == NULL) goto loser;
-
-		/* Find our own cert, and extract its keys. */
-		ourCert = PK11_FindBestKEAMatch(cert,wincx);
-		if (ourCert == NULL) goto loser;
-
-		arena = PORT_NewArena(1024);
-		if (arena == NULL) goto loser;
-
-		ourPubKey = CERT_ExtractPublicKey(ourCert);
-		if (ourPubKey == NULL)
-		{
-		    CERT_DestroyCertificate(ourCert);
-		    goto loser;
-		}
-
-		/* While we're here, copy the public key into the outgoing
-		 * KEA parameters. */
-		SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey),
-				 &(ourPubKey->u.fortezza.KEAKey));
-		SECKEY_DestroyPublicKey(ourPubKey);
-		ourPubKey = NULL;
-
-		/* Extract our private key in order to derive the 
-		 * KEA key. */
-		ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
-		CERT_DestroyCertificate(ourCert); /* we're done with this */
-		if (!ourPrivKey) goto loser;
-
-		/* Prepare raItem with 128 bytes (filled with zeros). */
-		keaParams.originatorRA.data = 
-		  (unsigned char*)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
-		keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
-
-
-		/* Generate the TEK (token exchange key) which we use
-		 * to wrap the bulk encryption key. (raItem) will be
-		 * filled with a random seed which we need to send to
-		 * the recipient. */
-		tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
-				     &keaParams.originatorRA, NULL,
-				     CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
-				     CKA_WRAP, 0, wincx);
-
-		    SECKEY_DestroyPublicKey(publickey);
-		    SECKEY_DestroyPrivateKey(ourPrivKey);
-		    publickey = NULL;
-		    ourPrivKey = NULL;
-		
-		if (!tek)
-		    goto loser;
-
-		ri->encKey.data = (unsigned char*)PORT_ArenaAlloc(cinfo->poolp,
-						  SMIME_FORTEZZA_MAX_KEY_SIZE);
-		ri->encKey.len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
-		if (ri->encKey.data == NULL)
-		{
-		    PK11_FreeSymKey(tek);
-		    goto loser;
-		}
-
-		/* Wrap the bulk key. What we do with the resulting data
-		   depends on whether we're using Skipjack to wrap the key. */
-		switch(PK11_AlgtagToMechanism(enccinfo->encalg))
-		{
-		case CKM_SKIPJACK_CBC64:
-		case CKM_SKIPJACK_ECB64:
-		case CKM_SKIPJACK_OFB64:
-		case CKM_SKIPJACK_CFB64:
-		case CKM_SKIPJACK_CFB32:
-		case CKM_SKIPJACK_CFB16:
-		case CKM_SKIPJACK_CFB8:
-		    /* do SKIPJACK, we use the wrap mechanism */
-		    err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, 
-				      tek, bulkkey, &ri->encKey);
-		    whichKEA = SECKEAUsesSkipjack;
-		    break;
-		default:
-		    /* Not SKIPJACK, we encrypt the raw key data */
-		    keaParams.nonSkipjackIV .data = 
-		      (unsigned char*)PORT_ArenaAlloc(arena,
-						     SMIME_FORTEZZA_IV_LENGTH);
-		    keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
-		    err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64,
-					  &keaParams.nonSkipjackIV, 
-				          tek, bulkkey, &ri->encKey);
-		    if (err != SECSuccess)
-			goto loser;
-
-		    if (ri->encKey.len != PK11_GetKeyLength(bulkkey))
-		    {
-			/* The size of the encrypted key is not the same as
-			   that of the original bulk key, presumably due to
-			   padding. Encode and store the real size of the
-			   bulk key. */
-			if (SEC_ASN1EncodeInteger(arena, 
-						  &keaParams.bulkKeySize,
-						  PK11_GetKeyLength(bulkkey))
-			    == NULL)
-			    err = (SECStatus)PORT_GetError();
-			else
-			    /* use full template for encoding */
-			    whichKEA = SECKEAUsesNonSkipjackWithPaddedEncKey;
-		    }
-		    else
-			/* enc key length == bulk key length */
-			whichKEA = SECKEAUsesNonSkipjack; 
-		    break;
-		}
-
-		PK11_FreeSymKey(tek);
-		if (err != SECSuccess)
-		    goto loser;
-
-		PORT_Assert( whichKEA != SECKEAInvalid);
-
-		/* Encode the KEA parameters into the recipient info. */
-		params = SEC_ASN1EncodeItem(arena,NULL, &keaParams, 
-				      sec_pkcs7_get_kea_template(whichKEA));
-		if (params == NULL) goto loser;
-		break;
-	    }
-	default:
-	    PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
-	    goto loser;
-	}
-
-	rv = SECOID_SetAlgorithmID(cinfo->poolp, &ri->keyEncAlg, encalgtag, 
-			params);
-	if (rv != SECSuccess)
-	    goto loser;
-	if (arena) PORT_FreeArena(arena,PR_FALSE);
-	arena = NULL;
-    }
-
-    encryptobj = sec_PKCS7CreateEncryptObject (cinfo->poolp, bulkkey,
-					       enccinfo->encalg,
-					       &(enccinfo->contentEncAlg));
-    if (encryptobj != NULL) {
-	PORT_ArenaUnmark (cinfo->poolp, mark);
-	mark = NULL;		/* good one; do not want to release */
-    }
-    /* fallthru */
-
-loser:
-    if (arena) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    if (publickey) {
-        SECKEY_DestroyPublicKey(publickey);
-    }
-    if (ourPrivKey) {
-        SECKEY_DestroyPrivateKey(ourPrivKey);
-    }
-    if (mark != NULL) {
-	PORT_ArenaRelease (cinfo->poolp, mark);
-    }
-    if (orig_bulkkey == NULL) {
-	if (bulkkey) PK11_FreeSymKey(bulkkey);
-    }
-
-    return encryptobj;
-}
-
-
-static void
-sec_pkcs7_encoder_notify (void *arg, PRBool before, void *dest, int depth)
-{
-    SEC_PKCS7EncoderContext *p7ecx;
-    SEC_PKCS7ContentInfo *cinfo;
-    SECOidTag kind;
-    PRBool before_content;
-
-    /*
-     * We want to notice just before the content field.  After fields are
-     * not interesting to us.
-     */
-    if (!before)
-	return;
-
-    p7ecx = (SEC_PKCS7EncoderContext*)arg;
-    cinfo = p7ecx->cinfo;
-
-    before_content = PR_FALSE;
-
-    /*
-     * Watch for the content field, at which point we want to instruct
-     * the ASN.1 encoder to start taking bytes from the buffer.
-     *
-     * XXX The following assumes the inner content type is data;
-     * if/when we want to handle fully nested types, this will have
-     * to recurse until reaching the innermost data content.
-     */
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-	if (dest == &(cinfo->content.data))
-	    before_content = PR_TRUE;
-	break;
-
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	{
-	    SEC_PKCS7DigestedData *digd;
-
-	    digd = cinfo->content.digestedData;
-	    if (digd == NULL)
-		break;
-
-	    if (dest == &(digd->contentInfo.content))
-		before_content = PR_TRUE;
-	}
-	break;
-
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	{
-	    SEC_PKCS7EncryptedData *encd;
-
-	    encd = cinfo->content.encryptedData;
-	    if (encd == NULL)
-		break;
-
-	    if (dest == &(encd->encContentInfo.encContent))
-		before_content = PR_TRUE;
-	}
-	break;
-
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7EnvelopedData *envd;
-
-	    envd = cinfo->content.envelopedData;
-	    if (envd == NULL)
-		break;
-
-	    if (dest == &(envd->encContentInfo.encContent))
-		before_content = PR_TRUE;
-	}
-	break;
-
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sigd;
-
-	    sigd = cinfo->content.signedData;
-	    if (sigd == NULL)
-		break;
-
-	    if (dest == &(sigd->contentInfo.content))
-		before_content = PR_TRUE;
-	}
-	break;
-
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saed;
-
-	    saed = cinfo->content.signedAndEnvelopedData;
-	    if (saed == NULL)
-		break;
-
-	    if (dest == &(saed->encContentInfo.encContent))
-		before_content = PR_TRUE;
-	}
-	break;
-    }
-
-    if (before_content) {
-	/*
-	 * This will cause the next SEC_ASN1EncoderUpdate to take the
-	 * contents bytes from the passed-in buffer.
-	 */
-	SEC_ASN1EncoderSetTakeFromBuf (p7ecx->ecx);
-	/*
-	 * And that is all we needed this notify function for.
-	 */
-	SEC_ASN1EncoderClearNotifyProc (p7ecx->ecx);
-    }
-}
-
-
-static SEC_PKCS7EncoderContext *
-sec_pkcs7_encoder_start_contexts (SEC_PKCS7ContentInfo *cinfo,
-				  PK11SymKey *bulkkey)
-{
-    SEC_PKCS7EncoderContext *p7ecx;
-    SECOidTag kind;
-    PRBool encrypt;
-    SECItem **digests;
-    SECAlgorithmID *digestalg, **digestalgs;
-
-    p7ecx = 
-      (SEC_PKCS7EncoderContext*)PORT_ZAlloc (sizeof(SEC_PKCS7EncoderContext));
-    if (p7ecx == NULL)
-	return NULL;
-
-    digests = NULL;
-    digestalg = NULL;
-    digestalgs = NULL;
-    encrypt = PR_FALSE;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-	break;
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	digestalg = &(cinfo->content.digestedData->digestAlg);
-	break;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	digests = cinfo->content.signedData->digests;
-	digestalgs = cinfo->content.signedData->digestAlgorithms;
-	break;
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	encrypt = PR_TRUE;
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	digests = cinfo->content.signedAndEnvelopedData->digests;
-	digestalgs = cinfo->content.signedAndEnvelopedData->digestAlgorithms;
-	encrypt = PR_TRUE;
-	break;
-    }
-
-    if (encrypt) {
-	p7ecx->encryptobj = sec_pkcs7_encoder_start_encrypt (cinfo, bulkkey);
-	if (p7ecx->encryptobj == NULL) {
-	    PORT_Free (p7ecx);
-	    return NULL;
-	}
-    }
-
-    if (digestalgs != NULL) {
-	if (digests != NULL) {
-	    /* digests already created (probably for detached data) */
-	    digestalg = NULL;
-	} else {
-	    /*
-	     * XXX Some day we should handle multiple digests; for now,
-	     * assume only one will be done.
-	     */
-	    PORT_Assert (digestalgs[0] != NULL && digestalgs[1] == NULL);
-	    digestalg = digestalgs[0];
-	}
-    }
-
-    if (digestalg != NULL) {
-	SECOidData *oiddata;
-
-	oiddata = SECOID_FindOID (&(digestalg->algorithm));
-	if (oiddata != NULL) {
-	    switch (oiddata->offset) {
-	      case SEC_OID_MD2:
-		p7ecx->digestobj = HASH_GetHashObject(HASH_AlgMD2);
-		break;
-	      case SEC_OID_MD5:
-		p7ecx->digestobj = HASH_GetHashObject(HASH_AlgMD5);
-		break;
-	      case SEC_OID_SHA1:
-		p7ecx->digestobj = HASH_GetHashObject(HASH_AlgSHA1);
-		break;
-	      default:
-		/* XXX right error? */
-		PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
-		break;
-	    }
-	}
-	if (p7ecx->digestobj != NULL) {
-	    p7ecx->digestcx = (* p7ecx->digestobj->create) ();
-	    if (p7ecx->digestcx == NULL)
-		p7ecx->digestobj = NULL;
-	    else
-		(* p7ecx->digestobj->begin) (p7ecx->digestcx);
-	}
-	if (p7ecx->digestobj == NULL) {
-	    if (p7ecx->encryptobj != NULL)
-		sec_PKCS7DestroyEncryptObject (p7ecx->encryptobj);
-	    PORT_Free (p7ecx);
-	    return NULL;
-	}
-    }
-
-    p7ecx->cinfo = cinfo;
-    return p7ecx;
-}
-
-
-SEC_PKCS7EncoderContext *
-SEC_PKCS7EncoderStart (SEC_PKCS7ContentInfo *cinfo,
-		       SEC_PKCS7EncoderOutputCallback outputfn,
-		       void *outputarg,
-		       PK11SymKey *bulkkey)
-{
-    SEC_PKCS7EncoderContext *p7ecx;
-    SECStatus rv;
-
-    p7ecx = sec_pkcs7_encoder_start_contexts (cinfo, bulkkey);
-    if (p7ecx == NULL)
-	return NULL;
-
-    p7ecx->output.outputfn = outputfn;
-    p7ecx->output.outputarg = outputarg;
-
-    /*
-     * Initialize the BER encoder.
-     */
-    p7ecx->ecx = SEC_ASN1EncoderStart (cinfo, sec_PKCS7ContentInfoTemplate,
-				       sec_pkcs7_encoder_out, &(p7ecx->output));
-    if (p7ecx->ecx == NULL) {
-	PORT_Free (p7ecx);
-	return NULL;
-    }
-
-    /*
-     * Indicate that we are streaming.  We will be streaming until we
-     * get past the contents bytes.
-     */
-    SEC_ASN1EncoderSetStreaming (p7ecx->ecx);
-
-    /*
-     * The notify function will watch for the contents field.
-     */
-    SEC_ASN1EncoderSetNotifyProc (p7ecx->ecx, sec_pkcs7_encoder_notify, p7ecx);
-
-    /*
-     * This will encode everything up to the content bytes.  (The notify
-     * function will then cause the encoding to stop there.)  Then our
-     * caller can start passing contents bytes to our Update, which we
-     * will pass along.
-     */
-    rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, NULL, 0);
-    if (rv != SECSuccess) {
-	PORT_Free (p7ecx);
-	return NULL;
-    }
-
-    return p7ecx;
-}
-
-
-/*
- * XXX If/when we support nested contents, this needs to be revised.
- */
-static SECStatus
-sec_pkcs7_encoder_work_data (SEC_PKCS7EncoderContext *p7ecx, SECItem *dest,
-			     const unsigned char *data, unsigned long len,
-			     PRBool final)
-{
-    unsigned char *buf = NULL;
-    SECStatus rv;
-
-
-    rv = SECSuccess;		/* may as well be optimistic */
-
-    /*
-     * We should really have data to process, or we should be trying
-     * to finish/flush the last block.  (This is an overly paranoid
-     * check since all callers are in this file and simple inspection
-     * proves they do it right.  But it could find a bug in future
-     * modifications/development, that is why it is here.)
-     */
-    PORT_Assert ((data != NULL && len) || final);
-
-    /*
-     * Update the running digest.
-     * XXX This needs modification if/when we handle multiple digests.
-     */
-    if (len && p7ecx->digestobj != NULL) {
-	(* p7ecx->digestobj->update) (p7ecx->digestcx, data, len);
-    }
-
-    /*
-     * Encrypt this chunk.
-     */
-    if (p7ecx->encryptobj != NULL) {
-	/* XXX the following lengths should all be longs? */
-	unsigned int inlen;	/* length of data being encrypted */
-	unsigned int outlen;	/* length of encrypted data */
-	unsigned int buflen;	/* length available for encrypted data */
-
-	inlen = len;
-	buflen = sec_PKCS7EncryptLength (p7ecx->encryptobj, inlen, final);
-	if (buflen == 0) {
-	    /*
-	     * No output is expected, but the input data may be buffered
-	     * so we still have to call Encrypt.
-	     */
-	    rv = sec_PKCS7Encrypt (p7ecx->encryptobj, NULL, NULL, 0,
-				   data, inlen, final);
-	    if (final) {
-		len = 0;
-		goto done;
-	    }
-	    return rv;
-	}
-
-	if (dest != NULL)
-	    buf = (unsigned char*)PORT_ArenaAlloc(p7ecx->cinfo->poolp, buflen);
-	else
-	    buf = (unsigned char*)PORT_Alloc (buflen);
-
-	if (buf == NULL) {
-	    rv = SECFailure;
-	} else {
-	    rv = sec_PKCS7Encrypt (p7ecx->encryptobj, buf, &outlen, buflen,
-				   data, inlen, final);
-	    data = buf;
-	    len = outlen;
-	}
-	if (rv != SECSuccess) {
-	    if (final)
-		goto done;
-	    return rv;
-	}
-    }
-
-    if (p7ecx->ecx != NULL) {
-	/*
-	 * Encode the contents bytes.
-	 */
-	if(len) {
-	    rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, (const char *)data, len);
-	}
-    }
-
-done:
-    if (p7ecx->encryptobj != NULL) {
-	if (final)
-	    sec_PKCS7DestroyEncryptObject (p7ecx->encryptobj);
-	if (dest != NULL) {
-	    dest->data = buf;
-	    dest->len = len;
-	} else if (buf != NULL) {
-	    PORT_Free (buf);
-	}
-    }
-
-    if (final && p7ecx->digestobj != NULL) {
-	SECItem *digest, **digests, ***digestsp;
-	unsigned char *digdata;
-	SECOidTag kind;
-
-	kind = SEC_PKCS7ContentType (p7ecx->cinfo);
-	switch (kind) {
-	  default:
-	    PORT_Assert (0);
-	    return SECFailure;
-	  case SEC_OID_PKCS7_DIGESTED_DATA:
-	    digest = &(p7ecx->cinfo->content.digestedData->digest);
-	    digestsp = NULL;
-	    break;
-	  case SEC_OID_PKCS7_SIGNED_DATA:
-	    digest = NULL;
-	    digestsp = &(p7ecx->cinfo->content.signedData->digests);
-	    break;
-	  case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	    digest = NULL;
-	    digestsp = &(p7ecx->cinfo->content.signedAndEnvelopedData->digests);
-	    break;
-	}
-
-	digdata = (unsigned char*)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
-				   p7ecx->digestobj->length);
-	if (digdata == NULL)
-	    return SECFailure;
-
-	if (digestsp != NULL) {
-	    PORT_Assert (digest == NULL);
-
-	    digest = (SECItem*)PORT_ArenaAlloc (p7ecx->cinfo->poolp, 
-						sizeof(SECItem));
-	    digests = (SECItem**)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
-				       2 * sizeof(SECItem *));
-	    if (digests == NULL || digest == NULL)
-		return SECFailure;
-
-	    digests[0] = digest;
-	    digests[1] = NULL;
-
-	    *digestsp = digests;
-	}
-
-	PORT_Assert (digest != NULL);
-
-	digest->data = digdata;
-	digest->len = p7ecx->digestobj->length;
-
-	(* p7ecx->digestobj->end) (p7ecx->digestcx, digest->data,
-				   &(digest->len), digest->len);
-	(* p7ecx->digestobj->destroy) (p7ecx->digestcx, PR_TRUE);
-    }
-
-    return rv;
-}
-
-
-SECStatus
-SEC_PKCS7EncoderUpdate (SEC_PKCS7EncoderContext *p7ecx,
-			const char *data, unsigned long len)
-{
-    /* XXX Error handling needs help.  Return what?  Do "Finish" on failure? */
-    return sec_pkcs7_encoder_work_data (p7ecx, NULL,
-					(const unsigned char *)data, len,
-					PR_FALSE);
-}
-
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-static SECOidTag
-sec_pkcs7_pick_sign_alg (SECOidTag hashalg, SECOidTag encalg)
-{
-    switch (encalg) {
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	switch (hashalg) {
-	  case SEC_OID_MD2:
-	    return SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
-	  case SEC_OID_MD5:
-	    return SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-	  case SEC_OID_SHA1:
-	    return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-	  default:
-	    return SEC_OID_UNKNOWN;
-	}
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_DSS:
-	switch (hashalg) {
-	  case SEC_OID_SHA1:
-	    return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-	  default:
-	    return SEC_OID_UNKNOWN;
-	}
-      default:
-	break;
-    }
-
-    return encalg;		/* maybe it is already the right algid */
-}
-
-
-static SECStatus
-sec_pkcs7_encoder_sig_and_certs (SEC_PKCS7ContentInfo *cinfo,
-				 SECKEYGetPasswordKey pwfn, void *pwfnarg)
-{
-    SECOidTag kind;
-    CERTCertificate **certs;
-    CERTCertificateList **certlists;
-    SECAlgorithmID **digestalgs;
-    SECItem **digests;
-    SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
-    SECItem **rawcerts, ***rawcertsp;
-    PRArenaPool *poolp;
-    int certcount;
-    int ci, cli, rci, si;
-
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-      case SEC_OID_PKCS7_DATA:
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	certs = NULL;
-	certlists = NULL;
-	digestalgs = NULL;
-	digests = NULL;
-	signerinfos = NULL;
-	rawcertsp = NULL;
-	break;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	{
-	    SEC_PKCS7SignedData *sdp;
-
-	    sdp = cinfo->content.signedData;
-	    certs = sdp->certs;
-	    certlists = sdp->certLists;
-	    digestalgs = sdp->digestAlgorithms;
-	    digests = sdp->digests;
-	    signerinfos = sdp->signerInfos;
-	    rawcertsp = &(sdp->rawCerts);
-	}
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	{
-	    SEC_PKCS7SignedAndEnvelopedData *saedp;
-
-	    saedp = cinfo->content.signedAndEnvelopedData;
-	    certs = saedp->certs;
-	    certlists = saedp->certLists;
-	    digestalgs = saedp->digestAlgorithms;
-	    digests = saedp->digests;
-	    signerinfos = saedp->signerInfos;
-	    rawcertsp = &(saedp->rawCerts);
-	}
-	break;
-    }
-
-    if (certs == NULL && certlists == NULL && signerinfos == NULL)
-	return SECSuccess;		/* nothing for us to do! */
-
-    poolp = cinfo->poolp;
-    certcount = 0;
-
-    if (signerinfos != NULL) {
-	SECOidTag digestalgtag;
-	int di;
-	SECStatus rv;
-	CERTCertificate *cert;
-	SECKEYPrivateKey *privkey;
-	SECItem signature;
-	SECOidTag signalgtag;
-
-	PORT_Assert (digestalgs != NULL && digests != NULL);
-
-	/*
-	 * If one fails, we bail right then.  If we want to continue and
-	 * try to do subsequent signatures, this loop, and the departures
-	 * from it, will need to be reworked.
-	 */
-	for (si = 0; signerinfos[si] != NULL; si++) {
-
-	    signerinfo = signerinfos[si];
-
-	    /* find right digest */
-	    digestalgtag = SECOID_GetAlgorithmTag (&(signerinfo->digestAlg));
-	    for (di = 0; digestalgs[di] != NULL; di++) {
-		/* XXX Should I be comparing more than the tag? */
-		if (digestalgtag == SECOID_GetAlgorithmTag (digestalgs[di]))
-		    break;
-	    }
-	    if (digestalgs[di] == NULL) {
-		/* XXX oops; do what? set an error? */
-		return SECFailure;
-	    }
-	    PORT_Assert (digests[di] != NULL);
-
-	    cert = signerinfo->cert;
-	    privkey = PK11_FindKeyByAnyCert (cert, pwfnarg);
-	    if (privkey == NULL)
-		return SECFailure;
-
-	    /*
-	     * XXX I think there should be a cert-level interface for this,
-	     * so that I do not have to know about subjectPublicKeyInfo...
-	     */
-	    signalgtag = SECOID_GetAlgorithmTag (&(cert->subjectPublicKeyInfo.algorithm));
-
-	    /* Fortezza MISSI have weird signature formats.  Map them
-	     * to standard DSA formats */
-	    signalgtag = PK11_FortezzaMapSig(signalgtag);
-
-	    if (signerinfo->authAttr != NULL) {
-		SEC_PKCS7Attribute *attr;
-		SECItem encoded_attrs;
-		SECItem *dummy;
-
-		/*
-		 * First, find and fill in the message digest attribute.
-		 */
-		attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
-					       SEC_OID_PKCS9_MESSAGE_DIGEST,
-					       PR_TRUE);
-		PORT_Assert (attr != NULL);
-		if (attr == NULL) {
-		    SECKEY_DestroyPrivateKey (privkey);
-		    return SECFailure;
-		}
-
-		/*
-		 * XXX The second half of the following assertion prevents
-		 * the encoder from being called twice on the same content.
-		 * Either just remove the second half the assertion, or
-		 * change the code to check if the value already there is
-		 * the same as digests[di], whichever seems more right.
-		 */
-		PORT_Assert (attr->values != NULL && attr->values[0] == NULL);
-		attr->values[0] = digests[di];
-
-		/*
-		 * Before encoding, reorder the attributes so that when they
-		 * are encoded, they will be conforming DER, which is required
-		 * to have a specific order and that is what must be used for
-		 * the hash/signature.  We do this here, rather than building
-		 * it into EncodeAttributes, because we do not want to do
-		 * such reordering on incoming messages (which also uses
-		 * EncodeAttributes) or our old signatures (and other "broken"
-		 * implementations) will not verify.  So, we want to guarantee
-		 * that we send out good DER encodings of attributes, but not
-		 * to expect to receive them.
-		 */
-		rv = sec_PKCS7ReorderAttributes (signerinfo->authAttr);
-		if (rv != SECSuccess) {
-		    SECKEY_DestroyPrivateKey (privkey);
-		    return SECFailure;
-		}
-
-		encoded_attrs.data = NULL;
-		encoded_attrs.len = 0;
-		dummy = sec_PKCS7EncodeAttributes (NULL, &encoded_attrs,
-						   &(signerinfo->authAttr));
-		if (dummy == NULL) {
-		    SECKEY_DestroyPrivateKey (privkey);
-		    return SECFailure;
-		}
-
-		rv = SEC_SignData (&signature,
-				   encoded_attrs.data, encoded_attrs.len,
-				   privkey,
-				   sec_pkcs7_pick_sign_alg (digestalgtag,
-							    signalgtag));
-		SECITEM_FreeItem (&encoded_attrs, PR_FALSE);
-	    } else {
-		rv = SGN_Digest (privkey, digestalgtag, &signature,
-				 digests[di]);
-	    }
-
-	    SECKEY_DestroyPrivateKey (privkey);
-
-	    if (rv != SECSuccess)
-		return rv;
-
-	    rv = SECITEM_CopyItem (poolp, &(signerinfo->encDigest), &signature);
-	    if (rv != SECSuccess)
-		return rv;
-
-	    SECITEM_FreeItem (&signature, PR_FALSE);
-
-	    rv = SECOID_SetAlgorithmID (poolp, &(signerinfo->digestEncAlg),
-					signalgtag, NULL);
-	    if (rv != SECSuccess)
-		return SECFailure;
-
-	    /*
-	     * Count the cert chain for this signer.
-	     */
-	    if (signerinfo->certList != NULL)
-		certcount += signerinfo->certList->len;
-	}
-    }
-
-    if (certs != NULL) {
-	for (ci = 0; certs[ci] != NULL; ci++)
-	    certcount++;
-    }
-
-    if (certlists != NULL) {
-	for (cli = 0; certlists[cli] != NULL; cli++)
-	    certcount += certlists[cli]->len;
-    }
-
-    if (certcount == 0)
-	return SECSuccess;		/* signing done; no certs */
-
-    /*
-     * Combine all of the certs and cert chains into rawcerts.
-     * Note: certcount is an upper bound; we may not need that many slots
-     * but we will allocate anyway to avoid having to do another pass.
-     * (The temporary space saving is not worth it.)
-     */
-    rawcerts = (SECItem**)PORT_ArenaAlloc (poolp, 
-					(certcount + 1) * sizeof(SECItem *));
-    if (rawcerts == NULL)
-	return SECFailure;
-
-    /*
-     * XXX Want to check for duplicates and not add *any* cert that is
-     * already in the set.  This will be more important when we start
-     * dealing with larger sets of certs, dual-key certs (signing and
-     * encryption), etc.  For the time being we can slide by...
-     */
-    rci = 0;
-    if (signerinfos != NULL) {
-	for (si = 0; signerinfos[si] != NULL; si++) {
-	    signerinfo = signerinfos[si];
-	    for (ci = 0; ci < signerinfo->certList->len; ci++)
-		rawcerts[rci++] = &(signerinfo->certList->certs[ci]);
-	}
-
-    }
-
-    if (certs != NULL) {
-	for (ci = 0; certs[ci] != NULL; ci++)
-	    rawcerts[rci++] = &(certs[ci]->derCert);
-    }
-
-    if (certlists != NULL) {
-	for (cli = 0; certlists[cli] != NULL; cli++) {
-	    for (ci = 0; ci < certlists[cli]->len; ci++)
-		rawcerts[rci++] = &(certlists[cli]->certs[ci]);
-	}
-    }
-
-    rawcerts[rci] = NULL;
-    *rawcertsp = rawcerts;
-
-    return SECSuccess;
-}
-
-
-SECStatus
-SEC_PKCS7EncoderFinish (SEC_PKCS7EncoderContext *p7ecx,
-			SECKEYGetPasswordKey pwfn, void *pwfnarg)
-{
-    SECStatus rv;
-
-    /*
-     * Flush out any remaining data.
-     */
-    rv = sec_pkcs7_encoder_work_data (p7ecx, NULL, NULL, 0, PR_TRUE);
-
-    /*
-     * Turn off streaming stuff.
-     */
-    SEC_ASN1EncoderClearTakeFromBuf (p7ecx->ecx);
-    SEC_ASN1EncoderClearStreaming (p7ecx->ecx);
-
-    if (rv != SECSuccess)
-	goto loser;
-
-    rv = sec_pkcs7_encoder_sig_and_certs (p7ecx->cinfo, pwfn, pwfnarg);
-    if (rv != SECSuccess)
-	goto loser;
-
-    rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, NULL, 0);
-
-loser:
-    SEC_ASN1EncoderFinish (p7ecx->ecx);
-    PORT_Free (p7ecx);
-    return rv;
-}
-
-
-/*
- * After this routine is called, the entire PKCS7 contentInfo is ready
- * to be encoded.  This is used internally, but can also be called from
- * elsewhere for those who want to be able to just have pointers to
- * the ASN1 template for pkcs7 contentInfo built into their own encodings.
- */
-SECStatus
-SEC_PKCS7PrepareForEncode (SEC_PKCS7ContentInfo *cinfo,
-			   PK11SymKey *bulkkey,
-			   SECKEYGetPasswordKey pwfn,
-			   void *pwfnarg)
-{
-    SEC_PKCS7EncoderContext *p7ecx;
-    SECItem *content, *enc_content;
-    SECStatus rv;
-
-    p7ecx = sec_pkcs7_encoder_start_contexts (cinfo, bulkkey);
-    if (p7ecx == NULL)
-	return SECFailure;
-
-    content = SEC_PKCS7GetContent (cinfo);
-
-    if (p7ecx->encryptobj != NULL) {
-	SECOidTag kind;
-	SEC_PKCS7EncryptedContentInfo *enccinfo;
-
-	kind = SEC_PKCS7ContentType (p7ecx->cinfo);
-	switch (kind) {
-	  default:
-	    PORT_Assert (0);
-	    rv = SECFailure;
-	    goto loser;
-	  case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    enccinfo = &(p7ecx->cinfo->content.encryptedData->encContentInfo);
-	    break;
-	  case SEC_OID_PKCS7_ENVELOPED_DATA:
-	    enccinfo = &(p7ecx->cinfo->content.envelopedData->encContentInfo);
-	    break;
-	  case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	    enccinfo = &(p7ecx->cinfo->content.signedAndEnvelopedData->encContentInfo);
-	    break;
-	}
-	enc_content = &(enccinfo->encContent);
-    } else {
-	enc_content = NULL;
-    }
-
-    if (content != NULL && content->data != NULL && content->len) {
-	rv = sec_pkcs7_encoder_work_data (p7ecx, enc_content,
-					  content->data, content->len, PR_TRUE);
-	if (rv != SECSuccess)
-	    goto loser;
-    }
-
-    rv = sec_pkcs7_encoder_sig_and_certs (cinfo, pwfn, pwfnarg);
-
-loser:
-    PORT_Free (p7ecx);
-    return rv;
-}
-
-
-/*
- * Encode a PKCS7 object, in one shot.  All necessary components
- * of the object must already be specified.  Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use.   This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer.  This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-SECStatus
-SEC_PKCS7Encode (SEC_PKCS7ContentInfo *cinfo,
-		 SEC_PKCS7EncoderOutputCallback outputfn,
-		 void *outputarg,
-		 PK11SymKey *bulkkey,
-		 SECKEYGetPasswordKey pwfn,
-		 void *pwfnarg)
-{
-    SECStatus rv;
-
-    rv = SEC_PKCS7PrepareForEncode (cinfo, bulkkey, pwfn, pwfnarg);
-    if (rv == SECSuccess) {
-	struct sec_pkcs7_encoder_output outputcx;
-
-	outputcx.outputfn = outputfn;
-	outputcx.outputarg = outputarg;
-
-	rv = SEC_ASN1Encode (cinfo, sec_PKCS7ContentInfoTemplate,
-			     sec_pkcs7_encoder_out, &outputcx);
-    }
-
-    return rv;
-}
-
-
-/*
- * Encode a PKCS7 object, in one shot.  All necessary components
- * of the object must already be specified.  Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).  The output, rather than
- * being passed to an output function as is done above, is all put
- * into a SECItem.
- *
- * "pool" specifies a pool from which to allocate the result.
- * It can be NULL, in which case memory is allocated generically.
- *
- * "dest" specifies a SECItem in which to put the result data.
- * It can be NULL, in which case the entire item is allocated, too.
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "bulkkey" specifies the bulk encryption key to use.   This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer.  This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-SECItem *
-SEC_PKCS7EncodeItem (PRArenaPool *pool,
-		     SECItem *dest,
-		     SEC_PKCS7ContentInfo *cinfo,
-		     PK11SymKey *bulkkey,
-		     SECKEYGetPasswordKey pwfn,
-		     void *pwfnarg)
-{
-    SECStatus rv;
-
-    rv = SEC_PKCS7PrepareForEncode (cinfo, bulkkey, pwfn, pwfnarg);
-    if (rv != SECSuccess)
-	return NULL;
-
-    return SEC_ASN1EncodeItem (pool, dest, cinfo, sec_PKCS7ContentInfoTemplate);
-}
-
diff --git a/security/nss/lib/pkcs7/p7local.c b/security/nss/lib/pkcs7/p7local.c
deleted file mode 100644
index 68376cec0..000000000
--- a/security/nss/lib/pkcs7/p7local.c
+++ /dev/null
@@ -1,1442 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for PKCS7 implementation, none of which are exported.
- * This file should only contain things that are needed by both the
- * encoding/creation side *and* the decoding/decryption side.  Anything
- * else should be static routines in the appropriate file.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cryptohi.h" 
-#include "secasn1.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secpkcs5.h"
-#include "secerr.h"
-
-/*
- * -------------------------------------------------------------------
- * Cipher stuff.
- */
-
-typedef SECStatus (*sec_pkcs7_cipher_function) (void *,
-						unsigned char *,
-						unsigned *,
-						unsigned int,
-						const unsigned char *,
-						unsigned int);
-typedef SECStatus (*sec_pkcs7_cipher_destroy) (void *, PRBool);
-
-#define BLOCK_SIZE 4096
-
-struct sec_pkcs7_cipher_object {
-    void *cx;
-    sec_pkcs7_cipher_function doit;
-    sec_pkcs7_cipher_destroy destroy;
-    PRBool encrypt;
-    int block_size;
-    int pad_size;
-    int pending_count;
-    unsigned char pending_buf[BLOCK_SIZE];
-};
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
-
-/*
- * Create a cipher object to do decryption,  based on the given bulk
- * encryption key and algorithm identifier (which may include an iv).
- *
- * XXX This interface, or one similar, would be really nice available
- * in general...  I tried to keep the pkcs7-specific stuff (mostly
- * having to do with padding) out of here.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function below (for starting up encryption) into one routine, and just
- * have two simple cover functions which call it. 
- */
-sec_PKCS7CipherObject *
-sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid)
-{
-    sec_PKCS7CipherObject *result;
-    SECOidTag algtag;
-    void *ciphercx;
-    CK_MECHANISM_TYPE mechanism;
-    SECItem *param;
-    PK11SlotInfo *slot;
-
-    result = (struct sec_pkcs7_cipher_object*)
-      PORT_ZAlloc (sizeof(struct sec_pkcs7_cipher_object));
-    if (result == NULL)
-	return NULL;
-
-    ciphercx = NULL;
-    algtag = SECOID_GetAlgorithmTag (algid);
-
-    if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
-	CK_MECHANISM pbeMech, cryptoMech;
-	SECItem *pbeParams, *pwitem;
-	SEC_PKCS5KeyAndPassword *keyPwd;
-
-	keyPwd = (SEC_PKCS5KeyAndPassword *)key;
-	key = keyPwd->key;
-	pwitem = keyPwd->pwitem;
-
-	pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
-	pbeParams = PK11_ParamFromAlgid(algid);
-	if (!pbeParams) {
-	    PORT_Free(result);
-	    return NULL;
-	}
-
-	pbeMech.pParameter = pbeParams->data;
-	pbeMech.ulParameterLen = pbeParams->len;
-	if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, pwitem,
-						  PR_FALSE) != CKR_OK) { 
-	    PORT_Free(result);
-	    SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-	    return NULL;
-	}
-	SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
-	param = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-	if(!param) {
-	     PORT_Free(result);
-	     return NULL;
-	}
-	param->data = (unsigned char *)cryptoMech.pParameter;
-	param->len = cryptoMech.ulParameterLen;
-	mechanism = cryptoMech.mechanism;
-    } else {
-	mechanism = PK11_AlgtagToMechanism(algtag);
-	param = PK11_ParamFromAlgid(algid);
-	if (param == NULL) {
-	    PORT_Free(result);
-	    return NULL;
-	}
-    }
-
-    result->pad_size = PK11_GetBlockSize(mechanism,param);
-    slot = PK11_GetSlotFromKey(key);
-    result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
-    PK11_FreeSlot(slot);
-    ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_DECRYPT, key, param);
-    SECITEM_FreeItem(param,PR_TRUE);
-    if (ciphercx == NULL) {
-	PORT_Free (result);
-	return NULL;
-    }
-
-    result->cx = ciphercx;
-    result->doit =  (sec_pkcs7_cipher_function) PK11_CipherOp;
-    result->destroy = (sec_pkcs7_cipher_destroy) PK11_DestroyContext;
-    result->encrypt = PR_FALSE;
-    result->pending_count = 0;
-
-    return result;
-}
-
-/*
- * Create a cipher object to do encryption, based on the given bulk
- * encryption key and algorithm tag.  Fill in the algorithm identifier
- * (which may include an iv) appropriately.
- *
- * XXX This interface, or one similar, would be really nice available
- * in general...  I tried to keep the pkcs7-specific stuff (mostly
- * having to do with padding) out of here.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function above (for starting up decryption) into one routine, and just
- * have two simple cover functions which call it. 
- */
-sec_PKCS7CipherObject *
-sec_PKCS7CreateEncryptObject (PRArenaPool *poolp, PK11SymKey *key,
-			      SECOidTag algtag, SECAlgorithmID *algid)
-{
-    sec_PKCS7CipherObject *result;
-    void *ciphercx;
-    SECItem *param;
-    SECStatus rv;
-    CK_MECHANISM_TYPE mechanism;
-    PRBool needToEncodeAlgid = PR_FALSE;
-    PK11SlotInfo *slot;
-
-    result = (struct sec_pkcs7_cipher_object*)
-	      PORT_ZAlloc (sizeof(struct sec_pkcs7_cipher_object));
-    if (result == NULL)
-	return NULL;
-
-    ciphercx = NULL;
-    if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
-	CK_MECHANISM pbeMech, cryptoMech;
-	SECItem *pbeParams;
-	SEC_PKCS5KeyAndPassword *keyPwd;
-
-	PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
-	PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
-	pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
-	pbeParams = PK11_ParamFromAlgid(algid);
-	if(!pbeParams) {
-	    PORT_Free(result);
-	    return NULL;
-	}
-	keyPwd = (SEC_PKCS5KeyAndPassword *)key;
-	key = keyPwd->key;
-
-	pbeMech.pParameter = pbeParams->data;
-	pbeMech.ulParameterLen = pbeParams->len;
-	if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, 
-					 keyPwd->pwitem, PR_FALSE) != CKR_OK) {
-	    PORT_Free(result);
-	    SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-	    return NULL;
-	}
-	SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
-	param = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-	if(!param) {
-	     PORT_Free(result);
-	     return NULL;
-	}
-	param->data = (unsigned char *)cryptoMech.pParameter;
-	param->len = cryptoMech.ulParameterLen;
-	mechanism = cryptoMech.mechanism;
-    } else {
-	mechanism = PK11_AlgtagToMechanism(algtag);
-	param = PK11_GenerateNewParam(mechanism,key);
-	if (param == NULL) {
-	    PORT_Free(result);
-	    return NULL;
-	}
-	needToEncodeAlgid = PR_TRUE;
-    }
-
-    result->pad_size = PK11_GetBlockSize(mechanism,param);
-    slot = PK11_GetSlotFromKey(key);
-    result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
-    PK11_FreeSlot(slot);
-    ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT, 
-    					  key, param);
-    if (ciphercx == NULL) {
-	PORT_Free (result);
-        SECITEM_FreeItem(param,PR_TRUE);
-	return NULL;
-    }
-
-    /*
-     * These are placed after the CreateContextBySymKey() because some
-     * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
-     * Don't move it from here.
-     */
-    if (needToEncodeAlgid) {
-	rv = PK11_ParamToAlgid(algtag,param,poolp,algid);
-	if(rv != SECSuccess) {
-	    return NULL;
-	}
-    }
-    SECITEM_FreeItem(param,PR_TRUE);
-
-    result->cx = ciphercx;
-    result->doit = (sec_pkcs7_cipher_function) PK11_CipherOp;
-    result->destroy = (sec_pkcs7_cipher_destroy) PK11_DestroyContext;
-    result->encrypt = PR_TRUE;
-    result->pending_count = 0;
-
-    return result;
-}
-
-
-/*
- * Destroy the cipher object.
- */
-static void
-sec_pkcs7_destroy_cipher (sec_PKCS7CipherObject *obj)
-{
-    (* obj->destroy) (obj->cx, PR_TRUE);
-    PORT_Free (obj);
-}
-
-void
-sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj)
-{
-    PORT_Assert (obj != NULL);
-    if (obj == NULL)
-	return;
-    PORT_Assert (! obj->encrypt);
-    sec_pkcs7_destroy_cipher (obj);
-}
-
-void
-sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj)
-{
-    PORT_Assert (obj != NULL);
-    if (obj == NULL)
-	return;
-    PORT_Assert (obj->encrypt);
-    sec_pkcs7_destroy_cipher (obj);
-}
-
-
-/*
- * XXX I think all of the following lengths should be longs instead
- * of ints, but our current crypto interface uses ints, so I did too.
- */
-
-
-/*
- * What will be the output length of the next call to decrypt?
- * Result can be used to perform memory allocations.  Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- *
- * Note that this can return zero, which does not mean that the decrypt
- * operation can be skipped!  (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.)  However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent decrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj, unsigned int input_len,
-			PRBool final)
-{
-    int blocks, block_size;
-
-    PORT_Assert (! obj->encrypt);
-
-    block_size = obj->block_size;
-
-    /*
-     * If this is not a block cipher, then we always have the same
-     * number of output bytes as we had input bytes.
-     */
-    if (block_size == 0)
-	return input_len;
-
-    /*
-     * On the final call, we will always use up all of the pending
-     * bytes plus all of the input bytes, *but*, there will be padding
-     * at the end and we cannot predict how many bytes of padding we
-     * will end up removing.  The amount given here is actually known
-     * to be at least 1 byte too long (because we know we will have
-     * at least 1 byte of padding), but seemed clearer/better to me.
-     */
-    if (final)
-	return obj->pending_count + input_len;
-
-    /*
-     * Okay, this amount is exactly what we will output on the
-     * next cipher operation.  We will always hang onto the last
-     * 1 - block_size bytes for non-final operations.  That is,
-     * we will do as many complete blocks as we can *except* the
-     * last block (complete or partial).  (This is because until
-     * we know we are at the end, we cannot know when to interpret
-     * and removing the padding byte(s), which are guaranteed to
-     * be there.)
-     */
-    blocks = (obj->pending_count + input_len - 1) / block_size;
-    return blocks * block_size;
-}
-
-/*
- * What will be the output length of the next call to encrypt?
- * Result can be used to perform memory allocations.
- *
- * Note that this can return zero, which does not mean that the encrypt
- * operation can be skipped!  (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.)  However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent encrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj, unsigned int input_len,
-			PRBool final)
-{
-    int blocks, block_size;
-    int pad_size;
-
-    PORT_Assert (obj->encrypt);
-
-    block_size = obj->block_size;
-    pad_size = obj->pad_size;
-
-    /*
-     * If this is not a block cipher, then we always have the same
-     * number of output bytes as we had input bytes.
-     */
-    if (block_size == 0)
-	return input_len;
-
-    /*
-     * On the final call, we only send out what we need for
-     * remaining bytes plus the padding.  (There is always padding,
-     * so even if we have an exact number of blocks as input, we
-     * will add another full block that is just padding.)
-     */
-    if (final) {
-	if (pad_size == 0) {
-    	    return obj->pending_count + input_len;
-	} else {
-    	    blocks = (obj->pending_count + input_len) / pad_size;
-	    blocks++;
-	    return blocks*pad_size;
-	}
-    }
-
-    /*
-     * Now, count the number of complete blocks of data we have.
-     */
-    blocks = (obj->pending_count + input_len) / block_size;
-
-
-    return blocks * block_size;
-}
-
-
-/*
- * Decrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateDecryptObject.
- * When "final" is true, this is the last of the data to be decrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the decryption function will only
- * operate on whole blocks.  But our caller is operating stream-wise,
- * and can pass in any number of bytes.  So we need to keep track
- * of block boundaries.  We save excess bytes between calls in "obj".
- * We also need to determine which bytes are padding, and remove
- * them from the output.  We can only do this step when we know we
- * have the final block of data.  PKCS #7 specifies that the padding
- * used for a block cipher is a string of bytes, each of whose value is
- * the same as the length of the padding, and that all data is padded.
- * (Even data that starts out with an exact multiple of blocks gets
- * added to it another block, all of which is padding.)
- */ 
-SECStatus
-sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj, unsigned char *output,
-		  unsigned int *output_len_p, unsigned int max_output_len,
-		  const unsigned char *input, unsigned int input_len,
-		  PRBool final)
-{
-    int blocks, bsize, pcount, padsize;
-    unsigned int max_needed, ifraglen, ofraglen, output_len;
-    unsigned char *pbuf;
-    SECStatus rv;
-
-    PORT_Assert (! obj->encrypt);
-
-    /*
-     * Check that we have enough room for the output.  Our caller should
-     * already handle this; failure is really an internal error (i.e. bug).
-     */
-    max_needed = sec_PKCS7DecryptLength (obj, input_len, final);
-    PORT_Assert (max_output_len >= max_needed);
-    if (max_output_len < max_needed) {
-	/* PORT_SetError (XXX); */
-	return SECFailure;
-    }
-
-    /*
-     * hardware encryption does not like small decryption sizes here, so we
-     * allow both blocking and padding.
-     */
-    bsize = obj->block_size;
-    padsize = obj->pad_size;
-
-    /*
-     * When no blocking or padding work to do, we can simply call the
-     * cipher function and we are done.
-     */
-    if (bsize == 0) {
-	return (* obj->doit) (obj->cx, output, output_len_p, max_output_len,
-			      input, input_len);
-    }
-
-    pcount = obj->pending_count;
-    pbuf = obj->pending_buf;
-
-    output_len = 0;
-
-    if (pcount) {
-	/*
-	 * Try to fill in an entire block, starting with the bytes
-	 * we already have saved away.
-	 */
-	while (input_len && pcount < bsize) {
-	    pbuf[pcount++] = *input++;
-	    input_len--;
-	}
-	/*
-	 * If we have at most a whole block and this is not our last call,
-	 * then we are done for now.  (We do not try to decrypt a lone
-	 * single block because we cannot interpret the padding bytes
-	 * until we know we are handling the very last block of all input.)
-	 */
-	if (input_len == 0 && !final) {
-	    obj->pending_count = pcount;
-	    if (output_len_p)
-		*output_len_p = 0;
-	    return SECSuccess;
-	}
-	/*
-	 * Given the logic above, we expect to have a full block by now.
-	 * If we do not, there is something wrong, either with our own
-	 * logic or with (length of) the data given to us.
-	 */
-	PORT_Assert ((padsize == 0) || (pcount % padsize) == 0);
-	if ((padsize != 0) && (pcount % padsize) != 0) {
-	    PORT_Assert (final);	
-	    PORT_SetError (SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-	/*
-	 * Decrypt the block.
-	 */
-	rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
-			    pbuf, pcount);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/*
-	 * For now anyway, all of our ciphers have the same number of
-	 * bytes of output as they do input.  If this ever becomes untrue,
-	 * then sec_PKCS7DecryptLength needs to be made smarter!
-	 */
-	PORT_Assert (ofraglen == pcount);
-
-	/*
-	 * Account for the bytes now in output.
-	 */
-	max_output_len -= ofraglen;
-	output_len += ofraglen;
-	output += ofraglen;
-    }
-
-    /*
-     * If this is our last call, we expect to have an exact number of
-     * blocks left to be decrypted; we will decrypt them all.
-     * 
-     * If not our last call, we always save between 1 and bsize bytes
-     * until next time.  (We must do this because we cannot be sure
-     * that none of the decrypted bytes are padding bytes until we
-     * have at least another whole block of data.  You cannot tell by
-     * looking -- the data could be anything -- you can only tell by
-     * context, knowing you are looking at the last block.)  We could
-     * decrypt a whole block now but it is easier if we just treat it
-     * the same way we treat partial block bytes.
-     */
-    if (final) {
-	if (padsize) {
-	    blocks = input_len / padsize;
-	    ifraglen = blocks * padsize;
-	} else ifraglen = input_len;
-	PORT_Assert (ifraglen == input_len);
-
-	if (ifraglen != input_len) {
-	    PORT_SetError (SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-    } else {
-	blocks = (input_len - 1) / bsize;
-	ifraglen = blocks * bsize;
-	PORT_Assert (ifraglen < input_len);
-
-	pcount = input_len - ifraglen;
-	PORT_Memcpy (pbuf, input + ifraglen, pcount);
-	obj->pending_count = pcount;
-    }
-
-    if (ifraglen) {
-	rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
-			    input, ifraglen);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/*
-	 * For now anyway, all of our ciphers have the same number of
-	 * bytes of output as they do input.  If this ever becomes untrue,
-	 * then sec_PKCS7DecryptLength needs to be made smarter!
-	 */
-	PORT_Assert (ifraglen == ofraglen);
-	if (ifraglen != ofraglen) {
-	    PORT_SetError (SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-
-	output_len += ofraglen;
-    } else {
-	ofraglen = 0;
-    }
-
-    /*
-     * If we just did our very last block, "remove" the padding by
-     * adjusting the output length.
-     */
-    if (final && (padsize != 0)) {
-	unsigned int padlen = *(output + ofraglen - 1);
-	PORT_Assert (padlen > 0 && padlen <= padsize);
-	if (padlen == 0 || padlen > padsize) {
-	    PORT_SetError (SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-	output_len -= padlen;
-    }
-
-    PORT_Assert (output_len_p != NULL || output_len == 0);
-    if (output_len_p != NULL)
-	*output_len_p = output_len;
-
-    return SECSuccess;
-}
-
-/*
- * Encrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateEncryptObject.
- * When "final" is true, this is the last of the data to be encrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the encryption function will only
- * operate on whole blocks.  But our caller is operating stream-wise,
- * and can pass in any number of bytes.  So we need to keep track
- * of block boundaries.  We save excess bytes between calls in "obj".
- * We also need to add padding bytes at the end.  PKCS #7 specifies
- * that the padding used for a block cipher is a string of bytes,
- * each of whose value is the same as the length of the padding,
- * and that all data is padded.  (Even data that starts out with
- * an exact multiple of blocks gets added to it another block,
- * all of which is padding.)
- *
- * XXX I would kind of like to combine this with the function above
- * which does decryption, since they have a lot in common.  But the
- * tricky parts about padding and filling blocks would be much
- * harder to read that way, so I left them separate.  At least for
- * now until it is clear that they are right.
- */ 
-SECStatus
-sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj, unsigned char *output,
-		  unsigned int *output_len_p, unsigned int max_output_len,
-		  const unsigned char *input, unsigned int input_len,
-		  PRBool final)
-{
-    int blocks, bsize, padlen, pcount, padsize;
-    unsigned int max_needed, ifraglen, ofraglen, output_len;
-    unsigned char *pbuf;
-    SECStatus rv;
-
-    PORT_Assert (obj->encrypt);
-
-    /*
-     * Check that we have enough room for the output.  Our caller should
-     * already handle this; failure is really an internal error (i.e. bug).
-     */
-    max_needed = sec_PKCS7EncryptLength (obj, input_len, final);
-    PORT_Assert (max_output_len >= max_needed);
-    if (max_output_len < max_needed) {
-	/* PORT_SetError (XXX); */
-	return SECFailure;
-    }
-
-    bsize = obj->block_size;
-    padsize = obj->pad_size;
-
-    /*
-     * When no blocking and padding work to do, we can simply call the
-     * cipher function and we are done.
-     */
-    if (bsize == 0) {
-	return (* obj->doit) (obj->cx, output, output_len_p, max_output_len,
-			      input, input_len);
-    }
-
-    pcount = obj->pending_count;
-    pbuf = obj->pending_buf;
-
-    output_len = 0;
-
-    if (pcount) {
-	/*
-	 * Try to fill in an entire block, starting with the bytes
-	 * we already have saved away.
-	 */
-	while (input_len && pcount < bsize) {
-	    pbuf[pcount++] = *input++;
-	    input_len--;
-	}
-	/*
-	 * If we do not have a full block and we know we will be
-	 * called again, then we are done for now.
-	 */
-	if (pcount < bsize && !final) {
-	    obj->pending_count = pcount;
-	    if (output_len_p != NULL)
-		*output_len_p = 0;
-	    return SECSuccess;
-	}
-	/*
-	 * If we have a whole block available, encrypt it.
-	 */
-	if ((padsize == 0) || (pcount % padsize) == 0) {
-	    rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
-				pbuf, pcount);
-	    if (rv != SECSuccess)
-		return rv;
-
-	    /*
-	     * For now anyway, all of our ciphers have the same number of
-	     * bytes of output as they do input.  If this ever becomes untrue,
-	     * then sec_PKCS7EncryptLength needs to be made smarter!
-	     */
-	    PORT_Assert (ofraglen == pcount);
-
-	    /*
-	     * Account for the bytes now in output.
-	     */
-	    max_output_len -= ofraglen;
-	    output_len += ofraglen;
-	    output += ofraglen;
-
-	    pcount = 0;
-	}
-    }
-
-    if (input_len) {
-	PORT_Assert (pcount == 0);
-
-	blocks = input_len / bsize;
-	ifraglen = blocks * bsize;
-
-	if (ifraglen) {
-	    rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
-				input, ifraglen);
-	    if (rv != SECSuccess)
-		return rv;
-
-	    /*
-	     * For now anyway, all of our ciphers have the same number of
-	     * bytes of output as they do input.  If this ever becomes untrue,
-	     * then sec_PKCS7EncryptLength needs to be made smarter!
-	     */
-	    PORT_Assert (ifraglen == ofraglen);
-
-	    max_output_len -= ofraglen;
-	    output_len += ofraglen;
-	    output += ofraglen;
-	}
-
-	pcount = input_len - ifraglen;
-	PORT_Assert (pcount < bsize);
-	if (pcount)
-	    PORT_Memcpy (pbuf, input + ifraglen, pcount);
-    }
-
-    if (final) {
-	padlen = padsize - (pcount % padsize);
-	PORT_Memset (pbuf + pcount, padlen, padlen);
-	rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
-			    pbuf, pcount+padlen);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/*
-	 * For now anyway, all of our ciphers have the same number of
-	 * bytes of output as they do input.  If this ever becomes untrue,
-	 * then sec_PKCS7EncryptLength needs to be made smarter!
-	 */
-	PORT_Assert (ofraglen == (pcount+padlen));
-	output_len += ofraglen;
-    } else {
-	obj->pending_count = pcount;
-    }
-
-    PORT_Assert (output_len_p != NULL || output_len == 0);
-    if (output_len_p != NULL)
-	*output_len_p = output_len;
-
-    return SECSuccess;
-}
-
-/*
- * End of cipher stuff.
- * -------------------------------------------------------------------
- */
-
-
-/*
- * -------------------------------------------------------------------
- * XXX The following Attribute stuff really belongs elsewhere.
- * The Attribute type is *not* part of pkcs7 but rather X.501.
- * But for now, since PKCS7 is the only customer of attributes,
- * we define them here.  Once there is a use outside of PKCS7,
- * then change the attribute types and functions from internal
- * to external naming convention, and move them elsewhere!
- */
-
-/*
- * Look through a set of attributes and find one that matches the
- * specified object ID.  If "only" is true, then make sure that
- * there is not more than one attribute of the same type.  Otherwise,
- * just return the first one found. (XXX Does anybody really want
- * that first-found behavior?  It was like that when I found it...)
- */
-SEC_PKCS7Attribute *
-sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs, SECOidTag oidtag,
-			PRBool only)
-{
-    SECOidData *oid;
-    SEC_PKCS7Attribute *attr1, *attr2;
-
-    if (attrs == NULL)
-	return NULL;
-
-    oid = SECOID_FindOIDByTag(oidtag);
-    if (oid == NULL)
-	return NULL;
-
-    while ((attr1 = *attrs++) != NULL) {
-	if (attr1->type.len == oid->oid.len && PORT_Memcmp (attr1->type.data,
-							    oid->oid.data,
-							    oid->oid.len) == 0)
-	    break;
-    }
-
-    if (attr1 == NULL)
-	return NULL;
-
-    if (!only)
-	return attr1;
-
-    while ((attr2 = *attrs++) != NULL) {
-	if (attr2->type.len == oid->oid.len && PORT_Memcmp (attr2->type.data,
-							    oid->oid.data,
-							    oid->oid.len) == 0)
-	    break;
-    }
-
-    if (attr2 != NULL)
-	return NULL;
-
-    return attr1;
-}
-
-
-/*
- * Return the single attribute value, doing some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-SECItem *
-sec_PKCS7AttributeValue(SEC_PKCS7Attribute *attr)
-{
-    SECItem *value;
-
-    if (attr == NULL)
-	return NULL;
-
-    value = attr->values[0];
-
-    if (value == NULL || value->data == NULL || value->len == 0)
-	return NULL;
-
-    if (attr->values[1] != NULL)
-	return NULL;
-
-    return value;
-}
-
-static const SEC_ASN1Template *
-sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS7Attribute *attribute;
-    SECOidData *oiddata;
-    PRBool encoded;
-
-    PORT_Assert (src_or_dest != NULL);
-    if (src_or_dest == NULL)
-	return NULL;
-
-    attribute = (SEC_PKCS7Attribute*)src_or_dest;
-
-    if (encoding && attribute->encoded)
-	return SEC_ASN1_GET(SEC_AnyTemplate);
-
-    oiddata = attribute->typeTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&attribute->type);
-	attribute->typeTag = oiddata;
-    }
-
-    if (oiddata == NULL) {
-	encoded = PR_TRUE;
-	theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-    } else {
-	switch (oiddata->offset) {
-	  default:
-	    encoded = PR_TRUE;
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	  case SEC_OID_PKCS9_EMAIL_ADDRESS:
-	  case SEC_OID_RFC1274_MAIL:
-	  case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
-	    break;
-	  case SEC_OID_PKCS9_CONTENT_TYPE:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
-	    break;
-	  case SEC_OID_PKCS9_MESSAGE_DIGEST:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
-	    break;
-	  case SEC_OID_PKCS9_SIGNING_TIME:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate);
-	    break;
-	  /* XXX Want other types here, too */
-	}
-    }
-
-    if (encoding) {
-	/*
-	 * If we are encoding and we think we have an already-encoded value,
-	 * then the code which initialized this attribute should have set
-	 * the "encoded" property to true (and we would have returned early,
-	 * up above).  No devastating error, but that code should be fixed.
-	 * (It could indicate that the resulting encoded bytes are wrong.)
-	 */
-	PORT_Assert (!encoded);
-    } else {
-	/*
-	 * We are decoding; record whether the resulting value is
-	 * still encoded or not.
-	 */
-	attribute->encoded = encoded;
-    }
-    return theTemplate;
-}
-
-static const SEC_ASN1TemplateChooserPtr sec_attr_chooser
-	= sec_attr_choose_attr_value_template;
-
-static const SEC_ASN1Template sec_pkcs7_attribute_template[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SEC_PKCS7Attribute) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(SEC_PKCS7Attribute,type) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
-	  offsetof(SEC_PKCS7Attribute,values),
-	  &sec_attr_chooser },
-    { 0 }
-};
-
-static const SEC_ASN1Template sec_pkcs7_set_of_attribute_template[] = {
-    { SEC_ASN1_SET_OF, 0, sec_pkcs7_attribute_template },
-};
-
-/*
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in p7encode.c.  (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-SECItem *
-sec_PKCS7EncodeAttributes (PRArenaPool *poolp, SECItem *dest, void *src)
-{
-    return SEC_ASN1EncodeItem (poolp, dest, src,
-			       sec_pkcs7_set_of_attribute_template);
-}
-
-/*
- * Make sure that the order of the attributes guarantees valid DER
- * (which must be in lexigraphically ascending order for a SET OF);
- * if reordering is necessary it will be done in place (in attrs).
- */
-SECStatus
-sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs)
-{
-    PRArenaPool *poolp;
-    int num_attrs, i, j, pass, besti;
-    SECItem **enc_attrs;
-    SEC_PKCS7Attribute **new_attrs;
-
-    /*
-     * I think we should not be called with NULL.  But if we are,
-     * call it a success anyway, because the order *is* okay.
-     */
-    PORT_Assert (attrs != NULL);
-    if (attrs == NULL)
-	return SECSuccess;
-
-    /*
-     * Count how many attributes we are dealing with here.
-     */
-    num_attrs = 0;
-    while (attrs[num_attrs] != NULL)
-	num_attrs++;
-
-    /*
-     * Again, I think we should have some attributes here.
-     * But if we do not, or if there is only one, then call it
-     * a success because it also already has a fine order.
-     */
-    PORT_Assert (num_attrs);
-    if (num_attrs == 0 || num_attrs == 1)
-	return SECSuccess;
-
-    /*
-     * Allocate an arena for us to work with, so it is easy to
-     * clean up all of the memory (fairly small pieces, really).
-     */
-    poolp = PORT_NewArena (1024);	/* XXX what is right value? */
-    if (poolp == NULL)
-	return SECFailure;		/* no memory; nothing we can do... */
-
-    /*
-     * Allocate arrays to hold the individual encodings which we will use
-     * for comparisons and the reordered attributes as they are sorted.
-     */
-    enc_attrs=(SECItem**)PORT_ArenaZAlloc(poolp, num_attrs*sizeof(SECItem *));
-    new_attrs = (SEC_PKCS7Attribute**)PORT_ArenaZAlloc (poolp,
-				  num_attrs * sizeof(SEC_PKCS7Attribute *));
-    if (enc_attrs == NULL || new_attrs == NULL) {
-	PORT_FreeArena (poolp, PR_FALSE);
-	return SECFailure;
-    }
-
-    /*
-     * DER encode each individual attribute.
-     */
-    for (i = 0; i < num_attrs; i++) {
-	enc_attrs[i] = SEC_ASN1EncodeItem (poolp, NULL, attrs[i],
-					   sec_pkcs7_attribute_template);
-	if (enc_attrs[i] == NULL) {
-	    PORT_FreeArena (poolp, PR_FALSE);
-	    return SECFailure;
-	}
-    }
-
-    /*
-     * Now compare and sort them; this is not the most efficient sorting
-     * method, but it is just fine for the problem at hand, because the
-     * number of attributes is (always) going to be small.
-     */
-    for (pass = 0; pass < num_attrs; pass++) {
-	/*
-	 * Find the first not-yet-accepted attribute.  (Once one is
-	 * sorted into the other array, it is cleared from enc_attrs.)
-	 */
-	for (i = 0; i < num_attrs; i++) {
-	    if (enc_attrs[i] != NULL)
-		break;
-	}
-	PORT_Assert (i < num_attrs);
-	besti = i;
-
-	/*
-	 * Find the lowest (lexigraphically) encoding.  One that is
-	 * shorter than all the rest is known to be "less" because each
-	 * attribute is of the same type (a SEQUENCE) and so thus the
-	 * first octet of each is the same, and the second octet is
-	 * the length (or the length of the length with the high bit
-	 * set, followed by the length, which also works out to always
-	 * order the shorter first).  Two (or more) that have the
-	 * same length need to be compared byte by byte until a mismatch
-	 * is found.
-	 */
-	for (i = besti + 1; i < num_attrs; i++) {
-	    if (enc_attrs[i] == NULL)	/* slot already handled */
-		continue;
-
-	    if (enc_attrs[i]->len != enc_attrs[besti]->len) {
-		if (enc_attrs[i]->len < enc_attrs[besti]->len)
-		    besti = i;
-		continue;
-	    }
-
-	    for (j = 0; j < enc_attrs[i]->len; j++) {
-		if (enc_attrs[i]->data[j] < enc_attrs[besti]->data[j]) {
-		    besti = i;
-		    break;
-		}
-	    }
-
-	    /*
-	     * For this not to be true, we would have to have encountered	
-	     * two *identical* attributes, which I think we should not see.
-	     * So assert if it happens, but even if it does, let it go
-	     * through; the ordering of the two does not matter.
-	     */
-	    PORT_Assert (j < enc_attrs[i]->len);
-	}
-
-	/*
-	 * Now we have found the next-lowest one; copy it over and
-	 * remove it from enc_attrs.
-	 */
-	new_attrs[pass] = attrs[besti];
-	enc_attrs[besti] = NULL;
-    }
-
-    /*
-     * Now new_attrs has the attributes in the order we want;
-     * copy them back into the attrs array we started with.
-     */
-    for (i = 0; i < num_attrs; i++)
-	attrs[i] = new_attrs[i];
-
-    PORT_FreeArena (poolp, PR_FALSE);
-    return SECSuccess;
-}
-
-/*
- * End of attribute stuff.
- * -------------------------------------------------------------------
- */
-
-
-/*
- * Templates and stuff.  Keep these at the end of the file.
- */
-
-/* forward declaration */
-static const SEC_ASN1Template *
-sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding);
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs7_chooser
-	= sec_pkcs7_choose_content_template;
-
-const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7ContentInfo) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(SEC_PKCS7ContentInfo,contentType) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
-     | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(SEC_PKCS7ContentInfo,content),
-	  &sec_pkcs7_chooser },
-    { 0 }
-};
-
-/* XXX These names should change from external to internal convention. */
-
-static const SEC_ASN1Template SEC_PKCS7SignerInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SEC_PKCS7SignerInfo) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7SignerInfo,version) },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7SignerInfo,issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7SignerInfo,digestAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(SEC_PKCS7SignerInfo,authAttr),
-	  sec_pkcs7_set_of_attribute_template },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7SignerInfo,digestEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(SEC_PKCS7SignerInfo,encDigest) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(SEC_PKCS7SignerInfo,unAuthAttr),
-	  sec_pkcs7_set_of_attribute_template },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7SignedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7SignedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7SignedData,version) },
-    { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7SignedData,digestAlgorithms),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_INLINE,
-	  offsetof(SEC_PKCS7SignedData,contentInfo),
-	  sec_PKCS7ContentInfoTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC  |
-      SEC_ASN1_XTRN | 0,
-	  offsetof(SEC_PKCS7SignedData,rawCerts),
-	  SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC  |
-      SEC_ASN1_XTRN | 1,
-	  offsetof(SEC_PKCS7SignedData,crls),
-	  SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
-    { SEC_ASN1_SET_OF,
-	  offsetof(SEC_PKCS7SignedData,signerInfos),
-	  SEC_PKCS7SignerInfoTemplate },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7SignedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7RecipientInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SEC_PKCS7RecipientInfo) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7RecipientInfo,version) },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7RecipientInfo,issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7RecipientInfo,keyEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(SEC_PKCS7RecipientInfo,encKey) },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EncryptedContentInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7EncryptedContentInfo) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(SEC_PKCS7EncryptedContentInfo,contentType) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7EncryptedContentInfo,contentEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 0,
-	  offsetof(SEC_PKCS7EncryptedContentInfo,encContent),
-	  SEC_ASN1_SUB(SEC_OctetStringTemplate) },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EnvelopedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7EnvelopedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7EnvelopedData,version) },
-    { SEC_ASN1_SET_OF,
-	  offsetof(SEC_PKCS7EnvelopedData,recipientInfos),
-	  SEC_PKCS7RecipientInfoTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(SEC_PKCS7EnvelopedData,encContentInfo),
-	  SEC_PKCS7EncryptedContentInfoTemplate },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7EnvelopedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_PKCS7EnvelopedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7SignedAndEnvelopedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7SignedAndEnvelopedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,version) },
-    { SEC_ASN1_SET_OF,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,recipientInfos),
-	  SEC_PKCS7RecipientInfoTemplate },
-    { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,digestAlgorithms),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_INLINE,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,encContentInfo),
-	  SEC_PKCS7EncryptedContentInfoTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 0,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,rawCerts),
-	  SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 1,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,crls),
-	  SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
-    { SEC_ASN1_SET_OF,
-	  offsetof(SEC_PKCS7SignedAndEnvelopedData,signerInfos),
-	  SEC_PKCS7SignerInfoTemplate },
-    { 0 }
-};
-
-static const SEC_ASN1Template
-SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedAndEnvelopedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7DigestedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7DigestedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7DigestedData,version) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(SEC_PKCS7DigestedData,digestAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_INLINE,
-	  offsetof(SEC_PKCS7DigestedData,contentInfo),
-	  sec_PKCS7ContentInfoTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(SEC_PKCS7DigestedData,digest) },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7DigestedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_PKCS7DigestedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EncryptedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(SEC_PKCS7EncryptedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(SEC_PKCS7EncryptedData,version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(SEC_PKCS7EncryptedData,encContentInfo),
-	  SEC_PKCS7EncryptedContentInfoTemplate },
-    { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7EncryptedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_PKCS7EncryptedDataTemplate }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateSkipjack[] = {
-	{ SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
-	{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
-	{ SEC_ASN1_OCTET_STRING,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
-	{ 0 }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateNoSkipjack[] = {
-	{ SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
-	{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
-	{ SEC_ASN1_OCTET_STRING,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
-	{ SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
-	{ 0 }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[] = {
-	{ SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
-	{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
-	{ SEC_ASN1_OCTET_STRING,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
-	{ SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
-	{ SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
-	  offsetof(SEC_PKCS7SMIMEKEAParameters,bulkKeySize) },
-	{ 0 }
-};
-
-const SEC_ASN1Template*
-sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate)
-{
-	const SEC_ASN1Template *returnVal = NULL;
-
-	switch(whichTemplate)
-	{
-	case SECKEAUsesNonSkipjack:
-		returnVal = SEC_SMIMEKEAParamTemplateNoSkipjack;
-		break;
-	case SECKEAUsesSkipjack:
-		returnVal = SEC_SMIMEKEAParamTemplateSkipjack;
-		break;
-	case SECKEAUsesNonSkipjackWithPaddedEncKey:
-	default:
-		returnVal = SEC_SMIMEKEAParamTemplateAllParams;
-		break;
-	}
-	return returnVal;
-}
-	
-static const SEC_ASN1Template *
-sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    SEC_PKCS7ContentInfo *cinfo;
-    SECOidTag kind;
-
-    PORT_Assert (src_or_dest != NULL);
-    if (src_or_dest == NULL)
-	return NULL;
-
-    cinfo = (SEC_PKCS7ContentInfo*)src_or_dest;
-    kind = SEC_PKCS7ContentType (cinfo);
-    switch (kind) {
-      default:
-	theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	break;
-      case SEC_OID_PKCS7_DATA:
-	theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
-	break;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	theTemplate = SEC_PointerToPKCS7SignedDataTemplate;
-	break;
-      case SEC_OID_PKCS7_ENVELOPED_DATA:
-	theTemplate = SEC_PointerToPKCS7EnvelopedDataTemplate;
-	break;
-      case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
-	theTemplate = SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate;
-	break;
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	theTemplate = SEC_PointerToPKCS7DigestedDataTemplate;
-	break;
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	theTemplate = SEC_PointerToPKCS7EncryptedDataTemplate;
-	break;
-    }
-    return theTemplate;
-}
-
-/*
- * End of templates.  Do not add stuff after this; put new code
- * up above the start of the template definitions.
- */
diff --git a/security/nss/lib/pkcs7/p7local.h b/security/nss/lib/pkcs7/p7local.h
deleted file mode 100644
index 80640c930..000000000
--- a/security/nss/lib/pkcs7/p7local.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for PKCS7 implementation, none of which are exported.
- * This file should only contain things that are needed by both the
- * encoding/creation side *and* the decoding/decryption side.  Anything
- * else should just be static routines in the appropriate file.
- *
- * Do not export this file!  If something in here is really needed outside
- * of pkcs7 code, first try to add a PKCS7 interface which will do it for
- * you.  If that has a problem, then just move out what you need, changing
- * its name as appropriate!
- *
- * $Id$
- */
-
-#ifndef _P7LOCAL_H_
-#define _P7LOCAL_H_
-
-#include "secpkcs7.h"
-#include "secasn1t.h"
-
-extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
-
-/* opaque objects */
-typedef struct sec_pkcs7_cipher_object sec_PKCS7CipherObject;
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Look through a set of attributes and find one that matches the
- * specified object ID.  If "only" is true, then make sure that
- * there is not more than one attribute of the same type.  Otherwise,
- * just return the first one found. (XXX Does anybody really want
- * that first-found behavior?  It was like that when I found it...)
- */
-extern SEC_PKCS7Attribute *sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs,
-						   SECOidTag oidtag,
-						   PRBool only);
-/*
- * Return the single attribute value, doing some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-extern SECItem *sec_PKCS7AttributeValue (SEC_PKCS7Attribute *attr);
-
-/*
- * Encode a set of attributes (found in "src").
- */
-extern SECItem *sec_PKCS7EncodeAttributes (PRArenaPool *poolp,
-					   SECItem *dest, void *src);
-
-/*
- * Make sure that the order of the attributes guarantees valid DER
- * (which must be in lexigraphically ascending order for a SET OF);
- * if reordering is necessary it will be done in place (in attrs).
- */
-extern SECStatus sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs);
-
-
-/*
- * Create a context for decrypting, based on the given key and algorithm.
- */
-extern sec_PKCS7CipherObject *
-sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid);
-
-/*
- * Create a context for encrypting, based on the given key and algorithm,
- * and fill in the algorithm id.
- */
-extern sec_PKCS7CipherObject *
-sec_PKCS7CreateEncryptObject (PRArenaPool *poolp, PK11SymKey *key,
-			      SECOidTag algtag, SECAlgorithmID *algid);
-
-/*
- * Destroy the given decryption or encryption object.
- */
-extern void sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj);
-extern void sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj);
-
-/*
- * What will be the output length of the next call to encrypt/decrypt?
- * Result can be used to perform memory allocations.  Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and the cipher block size).
- *
- * Note that this can return zero, which does not mean that the cipher
- * operation can be skipped!  (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.)  However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent cipher operation, as no output bytes
- * will be stored.
- */
-extern unsigned int sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj,
-					    unsigned int input_len,
-					    PRBool final);
-extern unsigned int sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj,
-					    unsigned int input_len,
-					    PRBool final);
-
-/*
- * Decrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateDecryptObject.
- * When "final" is true, this is the last of the data to be decrypted.
- */ 
-extern SECStatus sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj,
-				   unsigned char *output,
-				   unsigned int *output_len_p,
-				   unsigned int max_output_len,
-				   const unsigned char *input,
-				   unsigned int input_len,
-				   PRBool final);
-
-/*
- * Encrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateEncryptObject.
- * When "final" is true, this is the last of the data to be encrypted.
- */ 
-extern SECStatus sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj,
-				   unsigned char *output,
-				   unsigned int *output_len_p,
-				   unsigned int max_output_len,
-				   const unsigned char *input,
-				   unsigned int input_len,
-				   PRBool final);
-
-/* return the correct kea template based on the template selector. skipjack
- * does not have the extra IV.
- */
-const SEC_ASN1Template * 
-sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _P7LOCAL_H_ */
diff --git a/security/nss/lib/pkcs7/pkcs7t.h b/security/nss/lib/pkcs7/pkcs7t.h
deleted file mode 100644
index d36c5e41a..000000000
--- a/security/nss/lib/pkcs7/pkcs7t.h
+++ /dev/null
@@ -1,296 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header for pkcs7 types.
- *
- * $Id$
- */
-
-#ifndef _PKCS7T_H_
-#define _PKCS7T_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "certt.h"
-#include "secmodt.h"
-
-/* Opaque objects */
-typedef struct SEC_PKCS7DecoderContextStr SEC_PKCS7DecoderContext;
-typedef struct SEC_PKCS7EncoderContextStr SEC_PKCS7EncoderContext;
-
-/* legacy defines that haven't been active for years */
-typedef void *(*SECKEYGetPasswordKey)(void *arg, void *handle);
-
-
-/* Non-opaque objects.  NOTE, though: I want them to be treated as
- * opaque as much as possible.  If I could hide them completely,
- * I would.  (I tried, but ran into trouble that was taking me too
- * much time to get out of.)  I still intend to try to do so.
- * In fact, the only type that "outsiders" should even *name* is
- * SEC_PKCS7ContentInfo, and they should not reference its fields.
- */
-/* rjr: PKCS #11 cert handling (pk11cert.c) does use SEC_PKCS7RecipientInfo's.
- * This is because when we search the recipient list for the cert and key we
- * want, we need to invert the order of the loops we used to have. The old
- * loops were:
- *
- *  For each recipient {
- *       find_cert = PK11_Find_AllCert(recipient->issuerSN);
- *       [which unrolls to... ]
- *       For each slot {
- *            Log into slot;
- *            search slot for cert;
- *      }
- *  }
- *
- *  the new loop searchs all the recipients at once on a slot. this allows
- *  PKCS #11 to order slots in such a way that logout slots don't get checked
- *  if we can find the cert on a logged in slot. This eliminates lots of
- *  spurious password prompts when smart cards are installed... so why this
- *  comment? If you make SEC_PKCS7RecipientInfo completely opaque, you need
- *  to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
- *  and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
- *  function.
- */
-typedef struct SEC_PKCS7ContentInfoStr SEC_PKCS7ContentInfo;
-typedef struct SEC_PKCS7SignedDataStr SEC_PKCS7SignedData;
-typedef struct SEC_PKCS7EncryptedContentInfoStr SEC_PKCS7EncryptedContentInfo;
-typedef struct SEC_PKCS7EnvelopedDataStr SEC_PKCS7EnvelopedData;
-typedef struct SEC_PKCS7SignedAndEnvelopedDataStr
-		SEC_PKCS7SignedAndEnvelopedData;
-typedef struct SEC_PKCS7SignerInfoStr SEC_PKCS7SignerInfo;
-typedef struct SEC_PKCS7RecipientInfoStr SEC_PKCS7RecipientInfo;
-typedef struct SEC_PKCS7DigestedDataStr SEC_PKCS7DigestedData;
-typedef struct SEC_PKCS7EncryptedDataStr SEC_PKCS7EncryptedData;
-typedef struct SEC_PKCS7SMIMEKEAParametersStr SEC_PKCS7SMIMEKEAParameters;
-/*
- * The following is not actually a PKCS7 type, but for now it is only
- * used by PKCS7, so we have adopted it.  If someone else *ever* needs
- * it, its name should be changed and it should be moved out of here.
- * Do not dare to use it without doing so!
- */
-typedef struct SEC_PKCS7AttributeStr SEC_PKCS7Attribute;
-
-struct SEC_PKCS7ContentInfoStr {
-    PRArenaPool *poolp;			/* local; not part of encoding */
-    PRBool created;			/* local; not part of encoding */
-    int refCount;			/* local; not part of encoding */
-    SECOidData *contentTypeTag;		/* local; not part of encoding */
-    SECKEYGetPasswordKey pwfn;		/* local; not part of encoding */
-    void *pwfn_arg;			/* local; not part of encoding */
-    SECItem contentType;
-    union {
-	SECItem				*data;
-	SEC_PKCS7DigestedData		*digestedData;
-	SEC_PKCS7EncryptedData		*encryptedData;
-	SEC_PKCS7EnvelopedData		*envelopedData;
-	SEC_PKCS7SignedData		*signedData;
-	SEC_PKCS7SignedAndEnvelopedData	*signedAndEnvelopedData;
-    } content;
-};
-
-struct SEC_PKCS7SignedDataStr {
-    SECItem version;
-    SECAlgorithmID **digestAlgorithms;
-    SEC_PKCS7ContentInfo contentInfo;
-    SECItem **rawCerts;
-    CERTSignedCrl **crls;
-    SEC_PKCS7SignerInfo **signerInfos;
-    SECItem **digests;			/* local; not part of encoding */
-    CERTCertificate **certs;		/* local; not part of encoding */
-    CERTCertificateList **certLists;	/* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNED_DATA_VERSION		1	/* what we *create* */
-
-struct SEC_PKCS7EncryptedContentInfoStr {
-    SECOidData *contentTypeTag;		/* local; not part of encoding */
-    SECItem contentType;
-    SECAlgorithmID contentEncAlg;
-    SECItem encContent;
-    SECItem plainContent;		/* local; not part of encoding */
-					/* bytes not encrypted, but encoded */
-    int keysize;			/* local; not part of encoding */
-					/* size of bulk encryption key
-					 * (only used by creation code) */
-    SECOidTag encalg;			/* local; not part of encoding */
-					/* oid tag of encryption algorithm
-					 * (only used by creation code) */
-};
-
-struct SEC_PKCS7EnvelopedDataStr {
-    SECItem version;
-    SEC_PKCS7RecipientInfo **recipientInfos;
-    SEC_PKCS7EncryptedContentInfo encContentInfo;
-};
-#define SEC_PKCS7_ENVELOPED_DATA_VERSION	0	/* what we *create* */
-
-struct SEC_PKCS7SignedAndEnvelopedDataStr {
-    SECItem version;
-    SEC_PKCS7RecipientInfo **recipientInfos;
-    SECAlgorithmID **digestAlgorithms;
-    SEC_PKCS7EncryptedContentInfo encContentInfo;
-    SECItem **rawCerts;
-    CERTSignedCrl **crls;
-    SEC_PKCS7SignerInfo **signerInfos;
-    SECItem **digests;			/* local; not part of encoding */
-    CERTCertificate **certs;		/* local; not part of encoding */
-    CERTCertificateList **certLists;	/* local; not part of encoding */
-    PK11SymKey *sigKey;			/* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION 1	/* what we *create* */
-
-struct SEC_PKCS7SignerInfoStr {
-    SECItem version;
-    CERTIssuerAndSN *issuerAndSN;
-    SECAlgorithmID digestAlg;
-    SEC_PKCS7Attribute **authAttr;
-    SECAlgorithmID digestEncAlg;
-    SECItem encDigest;
-    SEC_PKCS7Attribute **unAuthAttr;
-    CERTCertificate *cert;		/* local; not part of encoding */
-    CERTCertificateList *certList;	/* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNER_INFO_VERSION		1	/* what we *create* */
-
-struct SEC_PKCS7RecipientInfoStr {
-    SECItem version;
-    CERTIssuerAndSN *issuerAndSN;
-    SECAlgorithmID keyEncAlg;
-    SECItem encKey;
-    CERTCertificate *cert;		/* local; not part of encoding */
-};
-#define SEC_PKCS7_RECIPIENT_INFO_VERSION	0	/* what we *create* */
-
-struct SEC_PKCS7DigestedDataStr {
-    SECItem version;
-    SECAlgorithmID digestAlg;
-    SEC_PKCS7ContentInfo contentInfo;
-    SECItem digest;
-};
-#define SEC_PKCS7_DIGESTED_DATA_VERSION		0	/* what we *create* */
-
-struct SEC_PKCS7EncryptedDataStr {
-    SECItem version;
-    SEC_PKCS7EncryptedContentInfo encContentInfo;
-};
-#define SEC_PKCS7_ENCRYPTED_DATA_VERSION	0	/* what we *create* */
-
-/*
- * See comment above about this type not really belonging to PKCS7.
- */
-struct SEC_PKCS7AttributeStr {
-    /* The following fields make up an encoded Attribute: */
-    SECItem type;
-    SECItem **values;	/* data may or may not be encoded */
-    /* The following fields are not part of an encoded Attribute: */
-    SECOidData *typeTag;
-    PRBool encoded;	/* when true, values are encoded */
-};
-
-/* An enumerated type used to select templates based on the encryption
-   scenario and data specifics. */
-typedef enum
-{
-	SECKEAInvalid = -1,
-	SECKEAUsesSkipjack = 0,
-	SECKEAUsesNonSkipjack = 1,
-	SECKEAUsesNonSkipjackWithPaddedEncKey = 2
-} SECKEATemplateSelector;
-
-/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
-                but I cannot think of a more appropriate place at this time. */
-struct SEC_PKCS7SMIMEKEAParametersStr {
-	SECItem originatorKEAKey;	/* sender KEA key (encrypted?) */
-	SECItem originatorRA;		/* random number generated by sender */
-	SECItem nonSkipjackIV;		/* init'n vector for SkipjackCBC64
-					   decryption of KEA key if Skipjack
-					   is not the bulk algorithm used on
-					   the message */
-	SECItem bulkKeySize;		/* if Skipjack is not the bulk
-					   algorithm used on the message,
-					   and the size of the bulk encryption
-					   key is not the same as that of
-					   originatorKEAKey (due to padding
-					   perhaps), this field will contain
-					   the real size of the bulk encryption
-					   key. */
-};
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
- * If specified, this is where the content bytes (only) will be "sent"
- * as they are recovered during the decoding.
- *
- * XXX Should just combine this with SEC_PKCS7EncoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (* SEC_PKCS7DecoderContentCallback)(void *arg,
-						 const char *buf,
-						 unsigned long len);
-
-/*
- * Type of function passed to SEC_PKCS7Encode or SEC_PKCS7EncoderStart.
- * This is where the encoded bytes will be "sent".
- *
- * XXX Should just combine this with SEC_PKCS7DecoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (* SEC_PKCS7EncoderOutputCallback)(void *arg,
-						const char *buf,
-						unsigned long len);
-
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart
- * to retrieve the decryption key.  This function is inteded to be
- * used for EncryptedData content info's which do not have a key available
- * in a certificate, etc.
- */
-typedef PK11SymKey * (* SEC_PKCS7GetDecryptKeyCallback)(void *arg, 
-							SECAlgorithmID *algid);
-
-/* 
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
- * This function in intended to be used to verify that decrypting a
- * particular crypto algorithm is allowed.  Content types which do not
- * require decryption will not need the callback.  If the callback
- * is not specified for content types which require decryption, the
- * decryption will be disallowed.
- */
-typedef PRBool (* SEC_PKCS7DecryptionAllowedCallback)(SECAlgorithmID *algid,  
-						      PK11SymKey *bulkkey);
-
-#endif /* _PKCS7T_H_ */
diff --git a/security/nss/lib/pkcs7/secmime.c b/security/nss/lib/pkcs7/secmime.c
deleted file mode 100644
index 017896bd7..000000000
--- a/security/nss/lib/pkcs7/secmime.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Stuff specific to S/MIME policy and interoperability.
- * Depends on PKCS7, but there should be no dependency the other way around.
- *
- * $Id$
- */
-
-#include "secmime.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "ciferfam.h"	/* for CIPHER_FAMILY symbols */
-#include "secasn1.h"
-#include "secitem.h"
-#include "cert.h"
-#include "key.h"
-#include "secerr.h"
-
-typedef struct smime_cipher_map_struct {
-    unsigned long cipher;
-    SECOidTag algtag;
-    SECItem *parms;
-} smime_cipher_map;
-
-/*
- * These are macros because I think some subsequent parameters,
- * like those for RC5, will want to use them, too, separately.
- */
-#define SMIME_DER_INTVAL_16	SEC_ASN1_INTEGER, 0x01, 0x10
-#define SMIME_DER_INTVAL_40	SEC_ASN1_INTEGER, 0x01, 0x28
-#define SMIME_DER_INTVAL_64	SEC_ASN1_INTEGER, 0x01, 0x40
-#define SMIME_DER_INTVAL_128	SEC_ASN1_INTEGER, 0x02, 0x00, 0x80
-
-#ifdef SMIME_DOES_RC5	/* will be needed; quiet unused warning for now */
-static unsigned char smime_int16[] = { SMIME_DER_INTVAL_16 };
-#endif
-static unsigned char smime_int40[] = { SMIME_DER_INTVAL_40 };
-static unsigned char smime_int64[] = { SMIME_DER_INTVAL_64 };
-static unsigned char smime_int128[] = { SMIME_DER_INTVAL_128 };
-
-static SECItem smime_rc2p40 = { siBuffer, smime_int40, sizeof(smime_int40) };
-static SECItem smime_rc2p64 = { siBuffer, smime_int64, sizeof(smime_int64) };
-static SECItem smime_rc2p128 = { siBuffer, smime_int128, sizeof(smime_int128) };
-
-static smime_cipher_map smime_cipher_maps[] = {
-    { SMIME_RC2_CBC_40,		SEC_OID_RC2_CBC,	&smime_rc2p40 },
-    { SMIME_RC2_CBC_64,		SEC_OID_RC2_CBC,	&smime_rc2p64 },
-    { SMIME_RC2_CBC_128,	SEC_OID_RC2_CBC,	&smime_rc2p128 },
-#ifdef SMIME_DOES_RC5
-    { SMIME_RC5PAD_64_16_40,	SEC_OID_RC5_CBC_PAD,	&smime_rc5p40 },
-    { SMIME_RC5PAD_64_16_64,	SEC_OID_RC5_CBC_PAD,	&smime_rc5p64 },
-    { SMIME_RC5PAD_64_16_128,	SEC_OID_RC5_CBC_PAD,	&smime_rc5p128 },
-#endif
-    { SMIME_DES_CBC_56,		SEC_OID_DES_CBC,	NULL },
-    { SMIME_DES_EDE3_168,	SEC_OID_DES_EDE3_CBC,	NULL },
-    { SMIME_FORTEZZA,		SEC_OID_FORTEZZA_SKIPJACK, NULL}
-};
-
-/*
- * Note, the following value really just needs to be an upper bound
- * on the ciphers.
- */
-static const int smime_symmetric_count = sizeof(smime_cipher_maps)
-					 / sizeof(smime_cipher_map);
-
-static unsigned long *smime_prefs, *smime_newprefs;
-static int smime_current_pref_index = 0;
-static PRBool smime_prefs_complete = PR_FALSE;
-static PRBool smime_prefs_changed = PR_TRUE;
-
-static unsigned long smime_policy_bits = 0;
-
-
-static int
-smime_mapi_by_cipher (unsigned long cipher)
-{
-    int i;
-
-    for (i = 0; i < smime_symmetric_count; i++) {
-	if (smime_cipher_maps[i].cipher == cipher)
-	    break;
-    }
-
-    if (i == smime_symmetric_count)
-	return -1;
-
-    return i;
-}
-
-
-/*
- * this function locally records the user's preference
- */
-SECStatus 
-SECMIME_EnableCipher(long which, int on)
-{
-    unsigned long mask;
-
-    if (smime_newprefs == NULL || smime_prefs_complete) {
-	/*
-	 * This is either the very first time, or we are starting over.
-	 */
-	smime_newprefs = (unsigned long*)PORT_ZAlloc (smime_symmetric_count
-				      * sizeof(*smime_newprefs));
-	if (smime_newprefs == NULL)
-	    return SECFailure;
-	smime_current_pref_index = 0;
-	smime_prefs_complete = PR_FALSE;
-    }
-
-    mask = which & CIPHER_FAMILYID_MASK;
-    if (mask == CIPHER_FAMILYID_MASK) {
-    	/*
-	 * This call signifies that all preferences have been set.
-	 * Move "newprefs" over, after checking first whether or
-	 * not the new ones are different from the old ones.
-	 */
-	if (smime_prefs != NULL) {
-	    if (PORT_Memcmp (smime_prefs, smime_newprefs,
-			     smime_symmetric_count * sizeof(*smime_prefs)) == 0)
-		smime_prefs_changed = PR_FALSE;
-	    else
-		smime_prefs_changed = PR_TRUE;
-	    PORT_Free (smime_prefs);
-	}
-
-	smime_prefs = smime_newprefs;
-	smime_prefs_complete = PR_TRUE;
-	return SECSuccess;
-    }
-
-    PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
-    if (mask != CIPHER_FAMILYID_SMIME) {
-	/* XXX set an error! */
-    	return SECFailure;
-    }
-
-    if (on) {
-	PORT_Assert (smime_current_pref_index < smime_symmetric_count);
-	if (smime_current_pref_index >= smime_symmetric_count) {
-	    /* XXX set an error! */
-	    return SECFailure;
-	}
-
-	smime_newprefs[smime_current_pref_index++] = which;
-    }
-
-    return SECSuccess;
-}
-
-
-/*
- * this function locally records the export policy
- */
-SECStatus 
-SECMIME_SetPolicy(long which, int on)
-{
-    unsigned long mask;
-
-    PORT_Assert ((which & CIPHER_FAMILYID_MASK) == CIPHER_FAMILYID_SMIME);
-    if ((which & CIPHER_FAMILYID_MASK) != CIPHER_FAMILYID_SMIME) {
-	/* XXX set an error! */
-    	return SECFailure;
-    }
-
-    which &= ~CIPHER_FAMILYID_MASK;
-
-    PORT_Assert (which < 32);	/* bits in the long */
-    if (which >= 32) {
-	/* XXX set an error! */
-    	return SECFailure;
-    }
-
-    mask = 1UL << which;
-
-    if (on) {
-    	smime_policy_bits |= mask;
-    } else {
-    	smime_policy_bits &= ~mask;
-    }
-
-    return SECSuccess;
-}
-
-
-/*
- * Based on the given algorithm (including its parameters, in some cases!)
- * and the given key (may or may not be inspected, depending on the
- * algorithm), find the appropriate policy algorithm specification
- * and return it.  If no match can be made, -1 is returned.
- */
-static long
-smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key)
-{
-    SECOidTag algtag;
-
-    algtag = SECOID_GetAlgorithmTag (algid);
-    switch (algtag) {
-      case SEC_OID_RC2_CBC:
-	{
-	    unsigned int keylen_bits;
-
-	    keylen_bits = PK11_GetKeyStrength (key, algid);
-	    switch (keylen_bits) {
-	      case 40:
-		return SMIME_RC2_CBC_40;
-	      case 64:
-		return SMIME_RC2_CBC_64;
-	      case 128:
-		return SMIME_RC2_CBC_128;
-	      default:
-		break;
-	    }
-	}
-	break;
-      case SEC_OID_DES_CBC:
-	return SMIME_DES_CBC_56;
-      case SEC_OID_DES_EDE3_CBC:
-	return SMIME_DES_EDE3_168;
-      case SEC_OID_FORTEZZA_SKIPJACK:
-	return SMIME_FORTEZZA;
-#ifdef SMIME_DOES_RC5
-      case SEC_OID_RC5_CBC_PAD:
-	PORT_Assert (0);	/* XXX need to pull out parameters and match */
-	break;
-#endif
-      default:
-	break;
-    }
-
-    return -1;
-}
-
-
-static PRBool
-smime_cipher_allowed (unsigned long which)
-{
-    unsigned long mask;
-
-    which &= ~CIPHER_FAMILYID_MASK;
-    PORT_Assert (which < 32);	/* bits per long (min) */
-    if (which >= 32)
-	return PR_FALSE;
-
-    mask = 1UL << which;
-    if ((mask & smime_policy_bits) == 0)
-	return PR_FALSE;
-
-    return PR_TRUE;
-}
-
-
-PRBool
-SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
-    long which;
-
-    which = smime_policy_algorithm (algid, key);
-    if (which < 0)
-	return PR_FALSE;
-
-    return smime_cipher_allowed ((unsigned long)which);
-}
-
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy.  Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments.  The return value is a simple boolean:
- *   PR_TRUE means encryption (or decryption) is *possible*
- *	(but may still fail due to other reasons, like because we cannot
- *	find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- *   PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-PRBool
-SECMIME_EncryptionPossible (void)
-{
-    if (smime_policy_bits != 0)
-	return PR_TRUE;
-
-    return PR_FALSE;
-}
-
-
-/*
- * XXX Would like the "parameters" field to be a SECItem *, but the
- * encoder is having trouble with optional pointers to an ANY.  Maybe
- * once that is fixed, can change this back...
- */
-typedef struct smime_capability_struct {
-    unsigned long cipher;	/* local; not part of encoding */
-    SECOidTag capIDTag;		/* local; not part of encoding */
-    SECItem capabilityID;
-    SECItem parameters;
-} smime_capability;
-
-static const SEC_ASN1Template smime_capability_template[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(smime_capability) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(smime_capability,capabilityID), },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	  offsetof(smime_capability,parameters), },
-    { 0, }
-};
-
-static const SEC_ASN1Template smime_capabilities_template[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, smime_capability_template }
-};
-
-
-
-static void
-smime_fill_capability (smime_capability *cap)
-{
-    unsigned long cipher;
-    SECOidTag algtag;
-    int i;
-
-    algtag = SECOID_FindOIDTag (&(cap->capabilityID));
-
-    for (i = 0; i < smime_symmetric_count; i++) {
-	if (smime_cipher_maps[i].algtag != algtag)
-	    continue;
-	/*
-	 * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
-	 * 2 NULLs as equal and NULL and non-NULL as not equal), we could
-	 * use that here instead of all of the following comparison code.
-	 */
-	if (cap->parameters.data != NULL) {
-	    if (smime_cipher_maps[i].parms == NULL)
-		continue;
-	    if (cap->parameters.len != smime_cipher_maps[i].parms->len)
-		continue;
-	    if (PORT_Memcmp (cap->parameters.data,
-			     smime_cipher_maps[i].parms->data,
-			     cap->parameters.len) == 0)
-		break;
-	} else if (smime_cipher_maps[i].parms == NULL) {
-	    break;
-	}
-    }
-
-    if (i == smime_symmetric_count)
-	cipher = 0;
-    else
-	cipher = smime_cipher_maps[i].cipher;
-
-    cap->cipher = cipher;
-    cap->capIDTag = algtag;
-}
-
-
-static long
-smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts)
-{
-    PRArenaPool *poolp;
-    long chosen_cipher;
-    int *cipher_abilities;
-    int *cipher_votes;
-    int strong_mapi;
-    int rcount, mapi, max, i;
-	PRBool isFortezza = PK11_FortezzaHasKEA(scert);
-
-    if (smime_policy_bits == 0) {
-	PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
-	return -1;
-    }
-
-    chosen_cipher = SMIME_RC2_CBC_40;		/* the default, LCD */
-
-    poolp = PORT_NewArena (1024);		/* XXX what is right value? */
-    if (poolp == NULL)
-	goto done;
-
-    cipher_abilities = (int*)PORT_ArenaZAlloc (poolp,
-					 smime_symmetric_count * sizeof(int));
-    if (cipher_abilities == NULL)
-	goto done;
-
-    cipher_votes = (int*)PORT_ArenaZAlloc (poolp,
-				     smime_symmetric_count * sizeof(int));
-    if (cipher_votes == NULL)
-	goto done;
-
-    /*
-     * XXX Should have a #define somewhere which specifies default
-     * strong cipher.  (Or better, a way to configure, which would
-     * take Fortezza into account as well.)
-     */
-
-    /* If the user has the Fortezza preference turned on, make
-     *  that the strong cipher. Otherwise, use triple-DES. */
-    strong_mapi = -1;
-    if (isFortezza) {
-	for(i=0;i < smime_current_pref_index && strong_mapi < 0;i++)
-	{
-	    if (smime_prefs[i] == SMIME_FORTEZZA)
-		strong_mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
-	}
-    }
-
-    if (strong_mapi == -1)
-	strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
-
-    PORT_Assert (strong_mapi >= 0);
-
-    for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
-	SECItem *profile;
-	smime_capability **caps;
-	int capi, pref;
-	SECStatus dstat;
-
-	pref = smime_symmetric_count;
-	profile = CERT_FindSMimeProfile (rcerts[rcount]);
-	if (profile != NULL && profile->data != NULL && profile->len > 0) {
-	    caps = NULL;
-	    dstat = SEC_ASN1DecodeItem (poolp, &caps,
-					smime_capabilities_template,
-					profile);
-	    if (dstat == SECSuccess && caps != NULL) {
-		for (capi = 0; caps[capi] != NULL; capi++) {
-		    smime_fill_capability (caps[capi]);
-		    mapi = smime_mapi_by_cipher (caps[capi]->cipher);
-		    if (mapi >= 0) {
-			cipher_abilities[mapi]++;
-			cipher_votes[mapi] += pref;
-			--pref;
-		    }
-		}
-	    }
-	} else {
-	    SECKEYPublicKey *key;
-	    unsigned int pklen_bits;
-
-	    /*
-	     * XXX This is probably only good for RSA keys.  What I would
-	     * really like is a function to just say;  Is the public key in
-	     * this cert an export-length key?  Then I would not have to
-	     * know things like the value 512, or the kind of key, or what
-	     * a subjectPublicKeyInfo is, etc.
-	     */
-	    key = CERT_ExtractPublicKey (rcerts[rcount]);
-	    if (key != NULL) {
-		pklen_bits = SECKEY_PublicKeyStrength (key) * 8;
-		SECKEY_DestroyPublicKey (key);
-
-		if (pklen_bits > 512) {
-		    cipher_abilities[strong_mapi]++;
-		    cipher_votes[strong_mapi] += pref;
-		}
-	    }
-	}
-	if (profile != NULL)
-	    SECITEM_FreeItem (profile, PR_TRUE);
-    }
-
-    max = 0;
-    for (mapi = 0; mapi < smime_symmetric_count; mapi++) {
-	if (cipher_abilities[mapi] != rcount)
-	    continue;
-	if (! smime_cipher_allowed (smime_cipher_maps[mapi].cipher))
-	    continue;
-	if (!isFortezza  && (smime_cipher_maps[mapi].cipher == SMIME_FORTEZZA))
-		continue;
-	if (cipher_votes[mapi] > max) {
-	    chosen_cipher = smime_cipher_maps[mapi].cipher;
-	    max = cipher_votes[mapi];
-	} /* XXX else if a tie, let scert break it? */
-    }
-
-done:
-    if (poolp != NULL)
-	PORT_FreeArena (poolp, PR_FALSE);
-
-    return chosen_cipher;
-}
-
-
-/*
- * XXX This is a hack for now to satisfy our current interface.
- * Eventually, with more parameters needing to be specified, just
- * looking up the keysize is not going to be sufficient.
- */
-static int
-smime_keysize_by_cipher (unsigned long which)
-{
-    int keysize;
-
-    switch (which) {
-      case SMIME_RC2_CBC_40:
-	keysize = 40;
-	break;
-      case SMIME_RC2_CBC_64:
-	keysize = 64;
-	break;
-      case SMIME_RC2_CBC_128:
-	keysize = 128;
-	break;
-#ifdef SMIME_DOES_RC5
-      case SMIME_RC5PAD_64_16_40:
-      case SMIME_RC5PAD_64_16_64:
-      case SMIME_RC5PAD_64_16_128:
-	/* XXX See comment above; keysize is not enough... */
-	PORT_Assert (0);
-	PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
-	keysize = -1;
-	break;
-#endif
-      case SMIME_DES_CBC_56:
-      case SMIME_DES_EDE3_168:
-      case SMIME_FORTEZZA:
-	/*
-	 * These are special; since the key size is fixed, we actually
-	 * want to *avoid* specifying a key size.
-	 */
-	keysize = 0;
-	break;
-      default:
-	keysize = -1;
-	break;
-    }
-
-    return keysize;
-}
-
-
-/*
- * Start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender.  It will be checked for validity.
- * "rcerts" are the certs for the recipients.  They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SECMIME_CreateEncrypted(CERTCertificate *scert,
-			CERTCertificate **rcerts,
-			CERTCertDBHandle *certdb,
-			SECKEYGetPasswordKey pwfn,
-			void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    long cipher;
-    SECOidTag encalg;
-    int keysize;
-    int mapi, rci;
-
-    cipher = smime_choose_cipher (scert, rcerts);
-    if (cipher < 0)
-	return NULL;
-
-    mapi = smime_mapi_by_cipher (cipher);
-    if (mapi < 0)
-	return NULL;
-
-    /*
-     * XXX This is stretching it -- CreateEnvelopedData should probably
-     * take a cipher itself of some sort, because we cannot know what the
-     * future will bring in terms of parameters for each type of algorithm.
-     * For example, just an algorithm and keysize is *not* sufficient to
-     * fully specify the usage of RC5 (which also needs to know rounds and
-     * block size).  Work this out into a better API!
-     */
-    encalg = smime_cipher_maps[mapi].algtag;
-    keysize = smime_keysize_by_cipher (cipher);
-    if (keysize < 0)
-	return NULL;
-
-    cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
-					  certdb, encalg, keysize,
-					  pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    for (rci = 0; rcerts[rci] != NULL; rci++) {
-	if (rcerts[rci] == scert)
-	    continue;
-	if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
-				   NULL) != SECSuccess) {
-	    SEC_PKCS7DestroyContentInfo (cinfo);
-	    return NULL;
-	}
-    }
-
-    return cinfo;
-}
-
-
-static smime_capability **smime_capabilities;
-static SECItem *smime_encoded_caps;
-static PRBool lastUsedFortezza;
-
-
-static SECStatus
-smime_init_caps (PRBool isFortezza)
-{
-    smime_capability *cap;
-    smime_cipher_map *map;
-    SECOidData *oiddata;
-    SECStatus rv;
-    int i, capIndex;
-
-    if (smime_encoded_caps != NULL 
-	&& (! smime_prefs_changed) 
-	&& lastUsedFortezza == isFortezza)
-	return SECSuccess;
-
-    if (smime_encoded_caps != NULL) {
-	SECITEM_FreeItem (smime_encoded_caps, PR_TRUE);
-	smime_encoded_caps = NULL;
-    }
-
-    if (smime_capabilities == NULL) {
-	smime_capabilities = (smime_capability**)PORT_ZAlloc (
-					  (smime_symmetric_count + 1)
-					  * sizeof(smime_capability *));
-	if (smime_capabilities == NULL)
-	    return SECFailure;
-    }
-
-    rv = SECFailure;
-
-    /* 
-       The process of creating the encoded PKCS7 cipher capability list
-       involves two basic steps: 
-
-       (a) Convert our internal representation of cipher preferences 
-           (smime_prefs) into an array containing cipher OIDs and 
-	   parameter data (smime_capabilities). This step is
-	   performed here.
-
-       (b) Encode, using ASN.1, the cipher information in 
-           smime_capabilities, leaving the encoded result in 
-	   smime_encoded_caps.
-
-       (In the process of performing (a), Lisa put in some optimizations
-       which allow us to avoid needlessly re-populating elements in 
-       smime_capabilities as we walk through smime_prefs.)
-
-       We want to use separate loop variables for smime_prefs and
-       smime_capabilities because in the case where the Skipjack cipher 
-       is turned on in the prefs, but where we don't want to include 
-       Skipjack in the encoded capabilities (presumably due to using a 
-       non-fortezza cert when sending a message), we want to avoid creating
-       an empty element in smime_capabilities. This would otherwise cause 
-       the encoding step to produce an empty set, since Skipjack happens 
-       to be the first cipher in smime_prefs, if it is turned on.
-    */
-    for (i = 0, capIndex = 0; i < smime_current_pref_index; i++, capIndex++) {
-	int mapi;
-
-	/* Get the next cipher preference in smime_prefs. */
-	mapi = smime_mapi_by_cipher (smime_prefs[i]);
-	if (mapi < 0)
-	    break;
-
-	/* Find the corresponding entry in the cipher map. */
-	PORT_Assert (mapi < smime_symmetric_count);
-	map = &(smime_cipher_maps[mapi]);
-
-	/* If we're using a non-Fortezza cert, only advertise non-Fortezza
-	   capabilities. (We advertise all capabilities if we have a 
-	   Fortezza cert.) */
-	if ((!isFortezza) && (map->cipher == SMIME_FORTEZZA))
-	{
-	    capIndex--; /* we want to visit the same caps index entry next time */
-	    continue;
-	}
-
-	/*
-	 * Convert the next preference found in smime_prefs into an
-	 * smime_capability.
-	 */
-
-	cap = smime_capabilities[capIndex];
-	if (cap == NULL) {
-	    cap = (smime_capability*)PORT_ZAlloc (sizeof(smime_capability));
-	    if (cap == NULL)
-		break;
-	    smime_capabilities[capIndex] = cap;
-	} else if (cap->cipher == smime_prefs[i]) {
-	    continue;		/* no change to this one */
-	}
-
-	cap->capIDTag = map->algtag;
-	oiddata = SECOID_FindOIDByTag (map->algtag);
-	if (oiddata == NULL)
-	    break;
-
-	if (cap->capabilityID.data != NULL) {
-	    SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
-	    cap->capabilityID.data = NULL;
-	    cap->capabilityID.len = 0;
-	}
-
-	rv = SECITEM_CopyItem (NULL, &(cap->capabilityID), &(oiddata->oid));
-	if (rv != SECSuccess)
-	    break;
-
-	if (map->parms == NULL) {
-	    cap->parameters.data = NULL;
-	    cap->parameters.len = 0;
-	} else {
-	    cap->parameters.data = map->parms->data;
-	    cap->parameters.len = map->parms->len;
-	}
-
-	cap->cipher = smime_prefs[i];
-    }
-
-    if (i != smime_current_pref_index)
-	return rv;
-
-    while (capIndex < smime_symmetric_count) {
-	cap = smime_capabilities[capIndex];
-	if (cap != NULL) {
-	    SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
-	    PORT_Free (cap);
-	}
-	smime_capabilities[capIndex] = NULL;
-	capIndex++;
-    }
-    smime_capabilities[capIndex] = NULL;
-
-    smime_encoded_caps = SEC_ASN1EncodeItem (NULL, NULL, &smime_capabilities,
-					     smime_capabilities_template);
-    if (smime_encoded_caps == NULL)
-	return SECFailure;
-
-    lastUsedFortezza = isFortezza;
-
-    return SECSuccess;
-}
-
-
-static SECStatus
-smime_add_profile (CERTCertificate *cert, SEC_PKCS7ContentInfo *cinfo)
-{
-    PRBool isFortezza = PR_FALSE;
-
-    PORT_Assert (smime_prefs_complete);
-    if (! smime_prefs_complete)
-	return SECFailure;
-
-    /* See if the sender's cert specifies Fortezza key exchange. */
-    if (cert != NULL)
-	isFortezza = PK11_FortezzaHasKEA(cert);
-
-    /* For that matter, if capabilities haven't been initialized yet,
-       do so now. */
-    if (isFortezza != lastUsedFortezza || smime_encoded_caps == NULL || smime_prefs_changed) {
-	SECStatus rv;
-
-	rv = smime_init_caps(isFortezza);
-	if (rv != SECSuccess)
-	    return rv;
-
-	PORT_Assert (smime_encoded_caps != NULL);
-    }
-
-    return SEC_PKCS7AddSignedAttribute (cinfo, SEC_OID_PKCS9_SMIME_CAPABILITIES,
-					smime_encoded_caps);
-}
-
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data.  It will be
- * checked for validity.
- *
- * "ecert" is the signer's encryption cert.  If it is different from
- * scert, then it will be included in the signed message so that the
- * recipient can save it for future encryptions.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- * 
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data.  It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-
-SEC_PKCS7ContentInfo *
-SECMIME_CreateSigned (CERTCertificate *scert,
-		      CERTCertificate *ecert,
-		      CERTCertDBHandle *certdb,
-		      SECOidTag digestalg,
-		      SECItem *digest,
-		      SECKEYGetPasswordKey pwfn,
-		      void *pwfn_arg)
-{
-    SEC_PKCS7ContentInfo *cinfo;
-    SECStatus rv;
-
-    /* See note in header comment above about digestalg. */
-    PORT_Assert (digestalg == SEC_OID_SHA1);
-
-    cinfo = SEC_PKCS7CreateSignedData (scert, certUsageEmailSigner,
-				       certdb, digestalg, digest,
-				       pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    if (SEC_PKCS7IncludeCertChain (cinfo, NULL) != SECSuccess) {
-	SEC_PKCS7DestroyContentInfo (cinfo);
-	return NULL;
-    }
-
-    /* if the encryption cert and the signing cert differ, then include
-     * the encryption cert too.
-     */
-    /* it is ok to compare the pointers since we ref count, and the same
-     * cert will always have the same pointer
-     */
-    if ( ( ecert != NULL ) && ( ecert != scert ) ) {
-	rv = SEC_PKCS7AddCertificate(cinfo, ecert);
-	if ( rv != SECSuccess ) {
-	    SEC_PKCS7DestroyContentInfo (cinfo);
-	    return NULL;
-	}
-    }
-    /*
-     * Add the signing time.  But if it fails for some reason,
-     * may as well not give up altogether -- just assert.
-     */
-    rv = SEC_PKCS7AddSigningTime (cinfo);
-    PORT_Assert (rv == SECSuccess);
-
-    /*
-     * Add the email profile.  Again, if it fails for some reason,
-     * may as well not give up altogether -- just assert.
-     */
-    rv = smime_add_profile (ecert, cinfo);
-    PORT_Assert (rv == SECSuccess);
-
-    return cinfo;
-}
diff --git a/security/nss/lib/pkcs7/secmime.h b/security/nss/lib/pkcs7/secmime.h
deleted file mode 100644
index 6950e416f..000000000
--- a/security/nss/lib/pkcs7/secmime.h
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header file for routines specific to S/MIME.  Keep things that are pure
- * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
- *
- * $Id$
- */
-
-#ifndef _SECMIME_H_
-#define _SECMIME_H_ 1
-
-#include "secpkcs7.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Initialize the local recording of the user S/MIME cipher preferences.
- * This function is called once for each cipher, the order being
- * important (first call records greatest preference, and so on).
- * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
- * If the function is called again after that, it is assumed that
- * the preferences are being reset, and the old preferences are
- * discarded.
- *
- * XXX This is for a particular user, and right now the storage is
- * XXX local, static.  The preference should be stored elsewhere to allow
- * XXX for multiple uses of one library?  How does SSL handle this;
- * XXX it has something similar?
- *
- *  - The "which" values are defined in ciferfam.h (the SMIME_* values,
- *    for example SMIME_DES_CBC_56).
- *  - If "on" is non-zero then the named cipher is enabled, otherwise
- *    it is disabled.  (It is not necessary to call the function for
- *    ciphers that are disabled, however, as that is the default.)
- *
- * If the cipher preference is successfully recorded, SECSuccess
- * is returned.  Otherwise SECFailure is returned.  The only errors
- * are due to failure allocating memory or bad parameters/calls:
- *	SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- *	SEC_ERROR_XXX (function is being called more times than there
- *		are known/expected ciphers)
- */
-extern SECStatus SECMIME_EnableCipher(long which, int on);
-
-/*
- * Initialize the local recording of the S/MIME policy.
- * This function is called to enable/disable a particular cipher.
- * (S/MIME encryption or decryption using a particular cipher is only
- * allowed if that cipher is currently enabled.)  At startup, all S/MIME
- * ciphers are disabled.  From that point, this function can be called
- * to enable a cipher -- it is not necessary to call this to disable
- * a cipher unless that cipher was previously, explicitly enabled via
- * this function.
- *
- * XXX This is for a the current module, I think, so local, static storage
- * XXX is okay.  Is that correct, or could multiple uses of the same
- * XXX library expect to operate under different policies?
- *
- *  - The "which" values are defined in ciferfam.h (the SMIME_* values,
- *    for example SMIME_DES_CBC_56).
- *  - If "on" is non-zero then the named cipher is enabled, otherwise
- *    it is disabled.
- *
- * If the cipher is successfully enabled/disabled, SECSuccess is
- * returned.  Otherwise SECFailure is returned.  The only errors
- * are due to bad parameters:
- *	SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- *	SEC_ERROR_XXX ("which" exceeds expected maximum cipher; this is
- *		really an internal error)
- */
-extern SECStatus SECMIME_SetPolicy(long which, int on);
-
-/*
- * Does the current policy allow S/MIME decryption of this particular
- * algorithm and keysize?
- */
-extern PRBool SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy.  Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments.  The return value is a simple boolean:
- *   PR_TRUE means encryption (or decryption) is *possible*
- *	(but may still fail due to other reasons, like because we cannot
- *	find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- *   PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-extern PRBool SECMIME_EncryptionPossible(void);
-
-/*
- * Start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender.  It will be checked for validity.
- * "rcerts" are the certs for the recipients.  They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SECMIME_CreateEncrypted(CERTCertificate *scert,
-						     CERTCertificate **rcerts,
-						     CERTCertDBHandle *certdb,
-						     SECKEYGetPasswordKey pwfn,
-						     void *pwfn_arg);
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data.  It will be
- * checked for validity.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- * 
- * "digestalg" names the digest algorithm.  (It should be SEC_OID_SHA1;
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data.  It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SECMIME_CreateSigned(CERTCertificate *scert,
-						  CERTCertificate *ecert,
-						  CERTCertDBHandle *certdb,
-						  SECOidTag digestalg,
-						  SECItem *digest,
-						  SECKEYGetPasswordKey pwfn,
-						  void *pwfn_arg);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/pkcs7/secpkcs7.h b/security/nss/lib/pkcs7/secpkcs7.h
deleted file mode 100644
index 8c210225b..000000000
--- a/security/nss/lib/pkcs7/secpkcs7.h
+++ /dev/null
@@ -1,616 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interface to the PKCS7 implementation.
- *
- * $Id$
- */
-
-#ifndef _SECPKCS7_H_
-#define _SECPKCS7_H_
-
-#include "seccomon.h"
-
-#include "secoidt.h"
-#include "certt.h"
-#include "keyt.h"
-#include "hasht.h"
-#include "pkcs7t.h"
-
-extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/************************************************************************
- *	Miscellaneous
- ************************************************************************/
-
-/*
- * Returns the content type of the given contentInfo.
- */
-extern SECOidTag SEC_PKCS7ContentType (SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Destroy a PKCS7 contentInfo and all of its sub-pieces.
- */
-extern void SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
-
-/*
- * Copy a PKCS7 contentInfo.  A Destroy is needed on *each* copy.
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
-
-/*
- * Return a pointer to the actual content.  In the case of those types
- * which are encrypted, this returns the *plain* content.
- */
-extern SECItem *SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo);
-
-/************************************************************************
- *	PKCS7 Decoding, Verification, etc..
- ************************************************************************/
-
-extern SEC_PKCS7DecoderContext *
-SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback callback,
-		      void *callback_arg,
-		      SECKEYGetPasswordKey pwfn, void *pwfn_arg,
-		      SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb, 
-		      void *decrypt_key_cb_arg,
-		      SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
-
-extern SECStatus
-SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
-		       const char *buf, unsigned long len);
-
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx);
-
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7DecodeItem(SECItem *p7item,
-		    SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
-		    SECKEYGetPasswordKey pwfn, void *pwfn_arg,
-		    SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb, 
-		    void *decrypt_key_cb_arg,
-		    SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
-
-extern PRBool SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo);
-
-/* checks to see if the contents of the content info is
- * empty.  it so, PR_TRUE is returned.  PR_FALSE, otherwise.
- *
- * minLen is used to specify a minimum size.  if content size <= minLen,
- * content is assumed empty.
- */
-extern PRBool 
-SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen); 
-
-extern PRBool SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * If the PKCS7 content has a signature (not just *could* have a signature)
- * return true; false otherwise.  This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-extern PRBool SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * SEC_PKCS7VerifySignature
- *	Look at a PKCS7 contentInfo and check if the signature is good.
- *	The verification checks that the signing cert is valid and trusted
- *	for the purpose specified by "certusage".
- *
- *	In addition, if "keepcerts" is true, add any new certificates found
- *	into our local database.
- */
-extern PRBool SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
-				       SECCertUsage certusage,
-				       PRBool keepcerts);
-
-/*
- * SEC_PKCS7VerifyDetachedSignature
- *	Look at a PKCS7 contentInfo and check if the signature matches
- *	a passed-in digest (calculated, supposedly, from detached contents).
- *	The verification checks that the signing cert is valid and trusted
- *	for the purpose specified by "certusage".
- *
- *	In addition, if "keepcerts" is true, add any new certificates found
- *	into our local database.
- */
-extern PRBool SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
-					       SECCertUsage certusage,
-					       SECItem *detached_digest,
-					       HASH_HashType digest_type,
-					       PRBool keepcerts);
-
-/*
- * SEC_PKCS7GetSignerCommonName, SEC_PKCS7GetSignerEmailAddress
- *      The passed-in contentInfo is espected to be Signed, and these
- *      functions return the specified portion of the full signer name.
- *
- *      Returns a pointer to allocated memory, which must be freed.
- *      A NULL return value is an error.
- */
-extern char *SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo);
-extern char *SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Return the the signing time, in UTCTime format, of a PKCS7 contentInfo.
- */
-extern SECItem *SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo);
-
-
-/************************************************************************
- *	PKCS7 Creation and Encoding.
- ************************************************************************/
-
-/*
- * Start a PKCS7 signing context.
- *
- * "cert" is the cert that will be used to sign the data.  It will be
- * checked for validity.
- *
- * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "signing" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- * 
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- *
- * "digest" is the actual digest of the data.  It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * The return value can be passed to functions which add things to
- * it like attributes, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateSignedData (CERTCertificate *cert,
-			   SECCertUsage certusage,
-			   CERTCertDBHandle *certdb,
-			   SECOidTag digestalg,
-			   SECItem *digest,
-		           SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * Create a PKCS7 certs-only container.
- *
- * "cert" is the (first) cert that will be included.
- *
- * "include_chain" specifies whether the entire chain for "cert" should
- * be included.
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL in when "include_chain" is false, or when meaning
- * use the default database.
- *
- * More certs and chains can be added via AddCertficate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateCertsOnly (CERTCertificate *cert,
-			  PRBool include_chain,
-			  CERTCertDBHandle *certdb);
-
-/*
- * Start a PKCS7 enveloping context.
- *
- * "cert" is the cert for the recipient.  It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
- *
- * "keysize" specifies the bulk encryption key size, in bits.
- *
- * The return value can be passed to functions which add things to
- * it like more recipients, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEnvelopedData (CERTCertificate *cert,
-			      SECCertUsage certusage,
-			      CERTCertDBHandle *certdb,
-			      SECOidTag encalg,
-			      int keysize,
-		              SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * XXX There will be a similar routine for creating signedAndEnvelopedData.
- * But its parameters will be different and I have no plans to implement
- * it any time soon because we have no current need for it.
- */
-
-/*
- * Create an empty PKCS7 data content info.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SEC_PKCS7CreateData (void);
-
-/*
- * Create an empty PKCS7 encrypted content info.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * 
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEncryptedData (SECOidTag algorithm, int keysize,
-			      SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * All of the following things return SECStatus to signal success or failure.
- * Failure should have a more specific error status available via
- * PORT_GetError()/XP_GetError().
- */
-
-/*
- * Add the specified attribute to the authenticated (i.e. signed) attributes
- * of "cinfo" -- "oidtag" describes the attribute and "value" is the
- * value to be associated with it.  NOTE! "value" must already be encoded;
- * no interpretation of "oidtag" is done.  Also, it is assumed that this
- * signedData has only one signer -- if we ever need to add attributes
- * when there is more than one signature, we need a way to specify *which*
- * signature should get the attribute.
- *
- * XXX Technically, a signed attribute can have multiple values; if/when
- * we ever need to support an attribute which takes multiple values, we
- * either need to change this interface or create an AddSignedAttributeValue
- * which can be called subsequently, and would then append a value.
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-extern SECStatus SEC_PKCS7AddSignedAttribute (SEC_PKCS7ContentInfo *cinfo,
-					      SECOidTag oidtag,
-					      SECItem *value);
-
-/*
- * Add "cert" and its entire chain to the set of certs included in "cinfo".
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddCertChain (SEC_PKCS7ContentInfo *cinfo,
-					CERTCertificate *cert,
-					CERTCertDBHandle *certdb);
-
-/*
- * Add "cert" to the set of certs included in "cinfo".
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddCertificate (SEC_PKCS7ContentInfo *cinfo,
-					  CERTCertificate *cert);
-
-/*
- * Add another recipient to an encrypted message.
- *
- * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- *
- * "cert" is the cert for the recipient.  It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- */
-extern SECStatus SEC_PKCS7AddRecipient (SEC_PKCS7ContentInfo *cinfo,
-					CERTCertificate *cert,
-					SECCertUsage certusage,
-					CERTCertDBHandle *certdb);
-
-/*
- * Add the signing time to the authenticated (i.e. signed) attributes
- * of "cinfo".  This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will either do
- * nothing or replace an old signing time with a newer one.
- *
- * XXX This will probably just shove the current time into "cinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding.  Is this (expected to be small) delay okay?
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-extern SECStatus SEC_PKCS7AddSigningTime (SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Add the signer's symmetric capabilities to the authenticated
- * (i.e. signed) attributes of "cinfo".  This is expected to be
- * included in outgoing signed messages for email (S/MIME).
- *
- * This can only be added once; a second call will return SECFailure.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddSymmetricCapabilities(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Mark that the signer's certificate and its issuing chain should
- * be included in the encoded data.  This is expected to be used
- * in outgoing signed messages for email (S/MIME).
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7IncludeCertChain (SEC_PKCS7ContentInfo *cinfo,
-					    CERTCertDBHandle *certdb);
-
-
-/*
- * Set the content; it will be included and also hashed and/or encrypted
- * as appropriate.  This is for in-memory content (expected to be "small")
- * that will be included in the PKCS7 object.  All others should stream the
- * content through when encoding (see SEC_PKCS7Encoder{Start,Update,Finish}).
- *
- * "buf" points to data of length "len"; it will be copied.
- */
-extern SECStatus SEC_PKCS7SetContent (SEC_PKCS7ContentInfo *cinfo,
-				      const char *buf, unsigned long len);
-
-/*
- * Encode a PKCS7 object, in one shot.  All necessary components
- * of the object must already be specified.  Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use.   This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer.  This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECStatus SEC_PKCS7Encode (SEC_PKCS7ContentInfo *cinfo,
-				  SEC_PKCS7EncoderOutputCallback outputfn,
-				  void *outputarg,
-				  PK11SymKey *bulkkey,
-				  SECKEYGetPasswordKey pwfn,
-				  void *pwfnarg);
-
-/*
- * Encode a PKCS7 object, in one shot.  All necessary components
- * of the object must already be specified.  Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).  The output, rather than
- * being passed to an output function as is done above, is all put
- * into a SECItem.
- *
- * "pool" specifies a pool from which to allocate the result.
- * It can be NULL, in which case memory is allocated generically.
- *
- * "dest" specifies a SECItem in which to put the result data.
- * It can be NULL, in which case the entire item is allocated, too.
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "bulkkey" specifies the bulk encryption key to use.   This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer.  This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECItem *SEC_PKCS7EncodeItem (PRArenaPool *pool,
-				     SECItem *dest,
-				     SEC_PKCS7ContentInfo *cinfo,
-				     PK11SymKey *bulkkey,
-				     SECKEYGetPasswordKey pwfn,
-				     void *pwfnarg);
-
-/*
- * For those who want to simply point to the pkcs7 contentInfo ASN.1
- * template, and *not* call the encoding functions directly, the
- * following function can be used -- after it is called, the entire
- * PKCS7 contentInfo is ready to be encoded.
- */
-extern SECStatus SEC_PKCS7PrepareForEncode (SEC_PKCS7ContentInfo *cinfo,
-					    PK11SymKey *bulkkey,
-					    SECKEYGetPasswordKey pwfn,
-					    void *pwfnarg);
-
-/*
- * Start the process of encoding a PKCS7 object.  The first part of
- * the encoded object will be passed to the output function right away;
- * after that it is expected that SEC_PKCS7EncoderUpdate will be called,
- * streaming in the actual content that is getting included as well as
- * signed or encrypted (or both).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use.   This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * Returns an object to be passed to EncoderUpdate and EncoderFinish.
- */
-extern SEC_PKCS7EncoderContext *
-SEC_PKCS7EncoderStart (SEC_PKCS7ContentInfo *cinfo,
-		       SEC_PKCS7EncoderOutputCallback outputfn,
-		       void *outputarg,
-		       PK11SymKey *bulkkey);
-
-/*
- * Encode more contents, hashing and/or encrypting along the way.
- */
-extern SECStatus SEC_PKCS7EncoderUpdate (SEC_PKCS7EncoderContext *p7ecx,
-					 const char *buf,
-					 unsigned long len);
-
-/*
- * No more contents; finish the signature creation, if appropriate,
- * and then the encoding.
- *
- * "pwfn" is a callback for getting the password which protects the
- * signer's private key.  This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECStatus SEC_PKCS7EncoderFinish (SEC_PKCS7EncoderContext *p7ecx,
-					 SECKEYGetPasswordKey pwfn,
-					 void *pwfnarg);
-
-/* retrieve the algorithm ID used to encrypt the content info
- * for encrypted and enveloped data.  The SECAlgorithmID pointer
- * returned needs to be freed as it is a copy of the algorithm
- * id in the content info.
- */ 
-extern SECAlgorithmID *
-SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo); 
-
-/* the content of an encrypted data content info is encrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "plainContent" field of the content info.
- *
- * cinfo is the content info to encrypt
- *
- * key is the key with which to perform the encryption.  if the
- *     algorithm is a password based encryption algorithm, the
- *     key is actually a password which will be processed per
- *     PKCS #5.
- * 
- * in the event of an error, SECFailure is returned.  SECSuccess
- * indicates a success.
- */
-extern SECStatus 
-SEC_PKCS7EncryptContents(PRArenaPool *poolp,
-			 SEC_PKCS7ContentInfo *cinfo, 
-			 SECItem *key,
-			 void *wincx); 
-	
-/* the content of an encrypted data content info is decrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "encContent" field of the content info.
- *
- * cinfo is the content info to decrypt
- *
- * key is the key with which to perform the decryption.  if the
- *     algorithm is a password based encryption algorithm, the
- *     key is actually a password which will be processed per
- *     PKCS #5.
- * 
- * in the event of an error, SECFailure is returned.  SECSuccess
- * indicates a success.
- */
-extern SECStatus 
-SEC_PKCS7DecryptContents(PRArenaPool *poolp,
-			 SEC_PKCS7ContentInfo *cinfo, 
-			 SECItem *key,
-			 void *wincx); 
-
-/* retrieve the certificate list from the content info.  the list
- * is a pointer to the list in the content info.  this should not
- * be deleted or freed in any way short of calling 
- * SEC_PKCS7DestroyContentInfo
- */
-extern SECItem **
-SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo);
-
-/* Returns the key length (in bits) of the algorithm used to encrypt
-   this object.  Returns 0 if it's not encrypted, or the key length is
-   irrelevant. */
-extern int 
-SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo);
- 
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECPKCS7_H_ */
diff --git a/security/nss/lib/pki/Makefile b/security/nss/lib/pki/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/pki/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/pki/asymmkey.c b/security/nss/lib/pki/asymmkey.c
deleted file mode 100644
index 1ad65f051..000000000
--- a/security/nss/lib/pki/asymmkey.c
+++ /dev/null
@@ -1,465 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSPrivateKey_Destroy
-(
-  NSSPrivateKey *vk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPrivateKey_DeleteStoredObject
-(
-  NSSPrivateKey *vk,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSPrivateKey_GetSignatureLength
-(
-  NSSPrivateKey *vk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return -1;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSPrivateKey_GetPrivateModulusLength
-(
-  NSSPrivateKey *vk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return -1;
-}
-
-NSS_IMPLEMENT PRBool
-NSSPrivateKey_IsStillPresent
-(
-  NSSPrivateKey *vk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FALSE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Encode
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *ap,
-  NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSPrivateKey_GetTrustDomain
-(
-  NSSPrivateKey *vk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSPrivateKey_GetToken
-(
-  NSSPrivateKey *vk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSPrivateKey_GetSlot
-(
-  NSSPrivateKey *vk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSPrivateKey_GetModule
-(
-  NSSPrivateKey *vk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Decrypt
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *encryptedData,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Sign
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_SignRecover
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey
-(
-  NSSPrivateKey *vk,
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt, /* zero for best allowed */
-  NSSOperations operations,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSPrivateKey_FindPublicKey
-(
-  NSSPrivateKey *vk
-  /* { don't need the callback here, right? } */
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSPrivateKey_CreateCryptoContext
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSPrivateKey_FindCertificates
-(
-  NSSPrivateKey *vk,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSPrivateKey_FindBestCertificate
-(
-  NSSPrivateKey *vk,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_Destroy
-(
-  NSSPublicKey *bk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_DeleteStoredObject
-(
-  NSSPublicKey *bk,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_Encode
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *ap,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSPublicKey_GetTrustDomain
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSPublicKey_GetToken
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSPublicKey_GetSlot
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSPublicKey_GetModule
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_Encrypt
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_Verify
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_VerifyRecover
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_WrapSymmetricKey
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSPublicKey_CreateCryptoContext
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSPublicKey_FindCertificates
-(
-  NSSPublicKey *bk,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSPublicKey_FindBestCertificate
-(
-  NSSPublicKey *bk,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSPublicKey_FindPrivateKey
-(
-  NSSPublicKey *bk,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
diff --git a/security/nss/lib/pki/certdecode.c b/security/nss/lib/pki/certdecode.c
deleted file mode 100644
index cac766496..000000000
--- a/security/nss/lib/pki/certdecode.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifdef NSS_3_4_CODE
-/* This is defined in nss3hack.c */
-NSS_EXTERN nssDecodedCert *
-nssDecodedPKIXCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSDER *encoding
-);
-
-NSS_IMPLEMENT PRStatus
-nssDecodedPKIXCertificate_Destroy
-(
-  nssDecodedCert *dc
-);
-#else /* NSS_4_0_CODE */
-/* This is where 4.0 PKIX code will handle the decoding */
-static nssDecodedCert *
-nssDecodedPKIXCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSDER *encoding
-)
-{
-    return (nssDecodedCert *)NULL;
-}
-
-static PRStatus
-nssDecodedPKIXCertificate_Destroy
-(
-  nssDecodedCert *dc
-)
-{
-    return PR_FAILURE;
-}
-#endif /* not NSS_3_4_CODE */
-
-NSS_IMPLEMENT nssDecodedCert *
-nssDecodedCert_Create
-(
-  NSSArena *arenaOpt,
-  NSSDER *encoding,
-  NSSCertificateType type
-)
-{
-    nssDecodedCert *rvDC = NULL;
-    switch(type) {
-    case NSSCertificateType_PKIX:
-	rvDC = nssDecodedPKIXCertificate_Create(arenaOpt, encoding);
-	break;
-    default:
-#if 0
-	nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-#endif
-	return (nssDecodedCert *)NULL;
-    }
-    return rvDC;
-}
-
-NSS_IMPLEMENT PRStatus
-nssDecodedCert_Destroy
-(
-  nssDecodedCert *dc
-)
-{
-    if (!dc) {
-	return PR_FAILURE;
-    }
-    switch(dc->type) {
-    case NSSCertificateType_PKIX:
-	return nssDecodedPKIXCertificate_Destroy(dc);
-    default:
-#if 0
-	nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-#endif
-	break;
-    }
-    return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c
deleted file mode 100644
index 913fe559d..000000000
--- a/security/nss/lib/pki/certificate.c
+++ /dev/null
@@ -1,1115 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifdef NSS_3_4_CODE
-#include "pki3hack.h"
-#endif
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-/* Creates a certificate from a base object */
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_Create
-(
-  nssPKIObject *object
-)
-{
-    PRStatus status;
-    NSSCertificate *rvCert;
-    /* mark? */
-    NSSArena *arena = object->arena;
-    PR_ASSERT(object->instances != NULL && object->numInstances > 0);
-    rvCert = nss_ZNEW(arena, NSSCertificate);
-    if (!rvCert) {
-	return (NSSCertificate *)NULL;
-    }
-    rvCert->object = *object;
-    /* XXX should choose instance based on some criteria */
-    status = nssCryptokiCertificate_GetAttributes(object->instances[0],
-                                                  NULL,  /* XXX sessionOpt */
-                                                  arena,
-                                                  &rvCert->type,
-                                                  &rvCert->id,
-                                                  &rvCert->encoding,
-                                                  &rvCert->issuer,
-                                                  &rvCert->serial,
-                                                  &rvCert->subject,
-                                                  &rvCert->email);
-    if (status != PR_SUCCESS) {
-	return (NSSCertificate *)NULL;
-    }
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_AddRef
-(
-  NSSCertificate *c
-)
-{
-    if (c) {
-	nssPKIObject_AddRef(&c->object);
-    }
-    return c;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCertificate_Destroy
-(
-  NSSCertificate *c
-)
-{
-    PRBool destroyed;
-    if (c) {
-	nssDecodedCert *dc = c->decoding;
-	destroyed = nssPKIObject_Destroy(&c->object);
-	if (destroyed) {
-	    if (dc) {
-		nssDecodedCert_Destroy(dc);
-	    }
-	}
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Destroy
-(
-  NSSCertificate *c
-)
-{
-    return nssCertificate_Destroy(c);
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetEncoding
-(
-  NSSCertificate *c
-)
-{
-    if (c->encoding.size > 0 && c->encoding.data) {
-	return &c->encoding;
-    } else {
-	return (NSSDER *)NULL;
-    }
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetIssuer
-(
-  NSSCertificate *c
-)
-{
-    if (c->issuer.size > 0 && c->issuer.data) {
-	return &c->issuer;
-    } else {
-	return (NSSDER *)NULL;
-    }
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetSerialNumber
-(
-  NSSCertificate *c
-)
-{
-    if (c->serial.size > 0 && c->serial.data) {
-	return &c->serial;
-    } else {
-	return (NSSDER *)NULL;
-    }
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCertificate_GetSubject
-(
-  NSSCertificate *c
-)
-{
-    if (c->subject.size > 0 && c->subject.data) {
-	return &c->subject;
-    } else {
-	return (NSSDER *)NULL;
-    }
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssCertificate_GetNickname
-(
-  NSSCertificate *c,
-  NSSToken *tokenOpt
-)
-{
-    return nssPKIObject_GetNicknameForToken(&c->object, tokenOpt);
-}
-
-NSS_IMPLEMENT NSSASCII7 *
-nssCertificate_GetEmailAddress
-(
-  NSSCertificate *c
-)
-{
-    return c->email;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_DeleteStoredObject
-(
-  NSSCertificate *c,
-  NSSCallback *uhh
-)
-{
-    return nssPKIObject_DeleteStoredObject(&c->object, uhh, PR_TRUE);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Validate
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt /* NULL for none */
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT void ** /* void *[] */
-NSSCertificate_ValidateCompletely
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt, /* NULL for none */
-  void **rvOpt, /* NULL for allocate */
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt /* NULL for heap */
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
-(
-  NSSCertificate *c,
-  NSSTime **notBeforeOutOpt,
-  NSSTime **notAfterOutOpt,
-  void *allowedUsages,
-  void *disallowedUsages,
-  void *allowedPolicies,
-  void *disallowedPolicies,
-  /* more args.. work on this fgmr */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSDER *
-NSSCertificate_Encode
-(
-  NSSCertificate *c,
-  NSSDER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    /* Item, DER, BER are all typedefs now... */
-    return nssItem_Duplicate((NSSItem *)&c->encoding, arenaOpt, rvOpt);
-}
-
-NSS_IMPLEMENT nssDecodedCert *
-nssCertificate_GetDecoding
-(
-  NSSCertificate *c
-)
-{
-    if (!c->decoding) {
-	c->decoding = nssDecodedCert_Create(NULL, &c->encoding, c->type);
-    }
-    return c->decoding;
-}
-
-static NSSCertificate *
-filter_subject_certs_for_id
-(
-  NSSCertificate **subjectCerts, 
-  NSSItem *id
-)
-{
-    NSSCertificate **si;
-    NSSCertificate *rvCert = NULL;
-    nssDecodedCert *dcp;
-    /* walk the subject certs */
-    for (si = subjectCerts; *si; si++) {
-	dcp = nssCertificate_GetDecoding(*si);
-	if (dcp->matchIdentifier(dcp, id)) {
-	    /* this cert has the correct identifier */
-	    rvCert = nssCertificate_AddRef(*si);
-	    break;
-	}
-    }
-    return rvCert;
-}
-
-static NSSCertificate *
-find_cert_issuer
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    NSSArena *arena;
-    NSSCertificate **certs = NULL;
-    NSSCertificate **ccIssuers = NULL;
-    NSSCertificate **tdIssuers = NULL;
-    NSSCertificate *issuer = NULL;
-    NSSTrustDomain *td;
-    NSSCryptoContext *cc;
-    cc = c->object.cryptoContext; /* NSSCertificate_GetCryptoContext(c); */
-    td = NSSCertificate_GetTrustDomain(c);
-#ifdef NSS_3_4_CODE
-    if (!td) {
-	td = STAN_GetDefaultTrustDomain();
-    }
-#endif
-    arena = nssArena_Create();
-    if (!arena) {
-	return (NSSCertificate *)NULL;
-    }
-    if (cc) {
-	ccIssuers = nssCryptoContext_FindCertificatesBySubject(cc,
-	                                                       &c->issuer,
-	                                                       NULL,
-	                                                       0,
-	                                                       arena);
-    }
-    tdIssuers = nssTrustDomain_FindCertificatesBySubject(td,
-                                                         &c->issuer,
-                                                         NULL,
-                                                         0,
-                                                         arena);
-    certs = nssCertificateArray_Join(ccIssuers, tdIssuers);
-    if (certs) {
-	nssDecodedCert *dc = NULL;
-	NSSItem *issuerID = NULL;
-	dc = nssCertificate_GetDecoding(c);
-	if (dc) {
-	    issuerID = dc->getIssuerIdentifier(dc);
-	}
-	if (issuerID) {
-	    issuer = filter_subject_certs_for_id(certs, issuerID);
-	    nssItem_Destroy(issuerID);
-	} else {
-	    issuer = nssCertificateArray_FindBestCertificate(certs,
-	                                                     timeOpt,
-	                                                     usage,
-	                                                     policiesOpt);
-	}
-	nssCertificateArray_Destroy(certs);
-    }
-    nssArena_Destroy(arena);
-    return issuer;
-}
-
-/* XXX review based on CERT_FindCertIssuer
- * this function is not using the authCertIssuer field as a fallback
- * if authority key id does not exist
- */
-NSS_IMPLEMENT NSSCertificate **
-nssCertificate_BuildChain
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit,
-  NSSArena *arenaOpt,
-  PRStatus *statusOpt
-)
-{
-    PRStatus status;
-    NSSCertificate **rvChain;
-#ifdef NSS_3_4_CODE
-    NSSCertificate *cp;
-#endif
-    NSSTrustDomain *td;
-    nssPKIObjectCollection *collection;
-    td = NSSCertificate_GetTrustDomain(c);
-#ifdef NSS_3_4_CODE
-    if (!td) {
-	td = STAN_GetDefaultTrustDomain();
-    }
-#endif
-    if (statusOpt) *statusOpt = PR_SUCCESS;
-    collection = nssCertificateCollection_Create(td, NULL);
-    if (!collection) {
-	if (statusOpt) *statusOpt = PR_FAILURE;
-	return (NSSCertificate **)NULL;
-    }
-    nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
-    if (rvLimit == 1) {
-	goto finish;
-    }
-    while (!nssItem_Equal(&c->subject, &c->issuer, &status)) {
-#ifdef NSS_3_4_CODE
-	cp = c;
-#endif
-	c = find_cert_issuer(c, timeOpt, usage, policiesOpt);
-#ifdef NSS_3_4_CODE
-	if (!c) {
-	    PRBool tmpca = usage->nss3lookingForCA;
-	    usage->nss3lookingForCA = PR_TRUE;
-	    c = find_cert_issuer(cp, timeOpt, usage, policiesOpt);
-	    if (!c && !usage->anyUsage) {
-		usage->anyUsage = PR_TRUE;
-		c = find_cert_issuer(cp, timeOpt, usage, policiesOpt);
-		usage->anyUsage = PR_FALSE;
-	    }
-	    usage->nss3lookingForCA = tmpca;
-	}
-#endif /* NSS_3_4_CODE */
-	if (c) {
-	    nssPKIObjectCollection_AddObject(collection, (nssPKIObject *)c);
-	    nssCertificate_Destroy(c); /* collection has it */
-	    if (rvLimit > 0 &&
-	        nssPKIObjectCollection_Count(collection) == rvLimit) 
-	    {
-		break;
-	    }
-	} else {
-	    nss_SetError(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND);
-	    if (statusOpt) *statusOpt = PR_FAILURE;
-	    break;
-	}
-    }
-finish:
-    rvChain = nssPKIObjectCollection_GetCertificates(collection, 
-                                                     rvOpt, 
-                                                     rvLimit, 
-                                                     arenaOpt);
-    nssPKIObjectCollection_Destroy(collection);
-    return rvChain;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCertificate_BuildChain
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt,
-  PRStatus *statusOpt
-)
-{
-    return nssCertificate_BuildChain(c, timeOpt, usage, policiesOpt,
-                                     rvOpt, rvLimit, arenaOpt, statusOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-nssCertificate_GetCryptoContext
-(
-  NSSCertificate *c
-)
-{
-    return c->object.cryptoContext;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-nssCertificate_GetTrustDomain
-(
-  NSSCertificate *c
-)
-{
-    return c->object.trustDomain;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSCertificate_GetTrustDomain
-(
-  NSSCertificate *c
-)
-{
-    return nssCertificate_GetTrustDomain(c);
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSCertificate_GetToken
-(
-  NSSCertificate *c,
-  PRStatus *statusOpt
-)
-{
-    return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSCertificate_GetSlot
-(
-  NSSCertificate *c,
-  PRStatus *statusOpt
-)
-{
-    return (NSSSlot *)NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSCertificate_GetModule
-(
-  NSSCertificate *c,
-  PRStatus *statusOpt
-)
-{
-    return (NSSModule *)NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_Encrypt
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Verify
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_VerifyRecover
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_WrapSymmetricKey
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSCertificate_CreateCryptoContext
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh  
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSCertificate_GetPublicKey
-(
-  NSSCertificate *c
-)
-{
-#if 0
-    CK_ATTRIBUTE pubktemplate[] = {
-	{ CKA_CLASS,   NULL, 0 },
-	{ CKA_ID,      NULL, 0 },
-	{ CKA_SUBJECT, NULL, 0 }
-    };
-    PRStatus nssrv;
-    CK_ULONG count = sizeof(pubktemplate) / sizeof(pubktemplate[0]);
-    NSS_CK_SET_ATTRIBUTE_ITEM(pubktemplate, 0, &g_ck_class_pubkey);
-    if (c->id.size > 0) {
-	/* CKA_ID */
-	NSS_CK_ITEM_TO_ATTRIBUTE(&c->id, &pubktemplate[1]);
-    } else {
-	/* failure, yes? */
-	return (NSSPublicKey *)NULL;
-    }
-    if (c->subject.size > 0) {
-	/* CKA_SUBJECT */
-	NSS_CK_ITEM_TO_ATTRIBUTE(&c->subject, &pubktemplate[2]);
-    } else {
-	/* failure, yes? */
-	return (NSSPublicKey *)NULL;
-    }
-    /* Try the cert's token first */
-    if (c->token) {
-	nssrv = nssToken_FindObjectByTemplate(c->token, pubktemplate, count);
-    }
-#endif
-    /* Try all other key tokens */
-    return (NSSPublicKey *)NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSCertificate_FindPrivateKey
-(
-  NSSCertificate *c,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRBool
-NSSCertificate_IsPrivateKeyAvailable
-(
-  NSSCertificate *c,
-  NSSCallback *uhh,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FALSE;
-}
-
-NSS_IMPLEMENT PRBool
-NSSUserCertificate_IsStillPresent
-(
-  NSSUserCertificate *uc,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FALSE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Decrypt
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Sign
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_SignRecover
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey
-(
-  NSSUserCertificate *uc, /* provides private key */
-  NSSCertificate *c, /* provides public key */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt, /* zero for best allowed */
-  NSSOperations operations,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT void 
-nssBestCertificate_SetArgs
-(
-  nssBestCertificateCB *best,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policies
-)
-{
-    if (timeOpt) {
-	best->time = timeOpt;
-    } else {
-	NSSTime_Now(&best->sTime);
-	best->time = &best->sTime;
-    }
-    best->usage = usage;
-    best->policies = policies;
-    best->cert = NULL;
-}
-
-NSS_IMPLEMENT PRStatus 
-nssBestCertificate_Callback
-(
-  NSSCertificate *c, 
-  void *arg
-)
-{
-    nssBestCertificateCB *best = (nssBestCertificateCB *)arg;
-    nssDecodedCert *dc, *bestdc;
-    dc = nssCertificate_GetDecoding(c);
-    if (!best->cert) {
-	/* usage */
-	if (best->usage->anyUsage) {
-	    best->cert = nssCertificate_AddRef(c);
-	} else {
-#ifdef NSS_3_4_CODE
-	    /* For this to work in NSS 3.4, we have to go out and fill in
-	     * all of the CERTCertificate fields.  Why?  Because the
-	     * matchUsage function calls CERT_IsCACert, which needs to know
-	     * what the trust values are for the cert.
-	     * Ignore the returned pointer, the refcount is in c anyway.
-	     */
-	    if (STAN_GetCERTCertificate(c) == NULL) {
-		return PR_FAILURE;
-	    }
-#endif
-	    if (dc->matchUsage(dc, best->usage)) {
-		best->cert = nssCertificate_AddRef(c);
-	    }
-	}
-	return PR_SUCCESS;
-    }
-    bestdc = nssCertificate_GetDecoding(best->cert);
-    /* time */
-    if (bestdc->isValidAtTime(bestdc, best->time)) {
-	/* The current best cert is valid at time */
-	if (!dc->isValidAtTime(dc, best->time)) {
-	    /* If the new cert isn't valid at time, it's not better */
-	    return PR_SUCCESS;
-	}
-    } else {
-	/* The current best cert is not valid at time */
-	if (dc->isValidAtTime(dc, best->time)) {
-	    /* If the new cert is valid at time, it's better */
-	    NSSCertificate_Destroy(best->cert);
-	    best->cert = nssCertificate_AddRef(c);
-	    return PR_SUCCESS;
-	}
-    }
-    /* either they are both valid at time, or neither valid; take the newer */
-    /* XXX later -- defer to policies */
-    if (!bestdc->isNewerThan(bestdc, dc)) {
-	NSSCertificate_Destroy(best->cert);
-	best->cert = nssCertificate_AddRef(c);
-    }
-    /* policies */
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssSMIMEProfile_Create
-(
-  NSSCertificate *cert,
-  NSSItem *profileTime,
-  NSSItem *profileData
-)
-{
-    NSSArena *arena;
-    nssSMIMEProfile *rvProfile;
-    nssPKIObject *object;
-    NSSTrustDomain *td = nssCertificate_GetTrustDomain(cert);
-    NSSCryptoContext *cc = nssCertificate_GetCryptoContext(cert);
-    arena = nssArena_Create();
-    if (!arena) {
-	return NULL;
-    }
-    object = nssPKIObject_Create(arena, NULL, td, cc);
-    if (!object) {
-	goto loser;
-    }
-    rvProfile = nss_ZNEW(arena, nssSMIMEProfile);
-    if (!rvProfile) {
-	goto loser;
-    }
-    rvProfile->object = *object;
-    rvProfile->certificate = cert;
-    rvProfile->email = nssUTF8_Duplicate(cert->email, arena);
-    rvProfile->subject = nssItem_Duplicate(&cert->subject, arena, NULL);
-    if (profileTime) {
-	rvProfile->profileTime = nssItem_Duplicate(profileTime, arena, NULL);
-    }
-    if (profileData) {
-	rvProfile->profileData = nssItem_Duplicate(profileData, arena, NULL);
-    }
-    return rvProfile;
-loser:
-    nssPKIObject_Destroy(object);
-    return (nssSMIMEProfile *)NULL;
-}
-
-/* execute a callback function on all members of a cert list */
-NSS_EXTERN PRStatus
-nssCertificateList_DoCallback
-(
-  nssList *certList, 
-  PRStatus (* callback)(NSSCertificate *c, void *arg),
-  void *arg
-)
-{
-    nssListIterator *certs;
-    NSSCertificate *cert;
-    PRStatus nssrv;
-    certs = nssList_CreateIterator(certList);
-    for (cert  = (NSSCertificate *)nssListIterator_Start(certs);
-         cert != (NSSCertificate *)NULL;
-         cert  = (NSSCertificate *)nssListIterator_Next(certs))
-    {
-	nssrv = (*callback)(cert, arg);
-    }
-    nssListIterator_Finish(certs);
-    nssListIterator_Destroy(certs);
-    return PR_SUCCESS;
-}
-
-static PRStatus add_ref_callback(NSSCertificate *c, void *a)
-{
-    nssCertificate_AddRef(c);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssCertificateList_AddReferences
-(
-  nssList *certList
-)
-{
-    (void)nssCertificateList_DoCallback(certList, add_ref_callback, NULL);
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssTrust_Create
-(
-  nssPKIObject *object
-)
-{
-    PRStatus status;
-    PRUint32 i;
-    PRUint32 lastTrustOrder, myTrustOrder;
-    NSSTrust *rvt;
-    nssCryptokiObject *instance;
-    nssTrustLevel serverAuth, clientAuth, codeSigning, emailProtection;
-    lastTrustOrder = 1<<16; /* just make it big */
-    PR_ASSERT(object->instances != NULL && object->numInstances > 0);
-    rvt = nss_ZNEW(object->arena, NSSTrust);
-    if (!rvt) {
-	return (NSSTrust *)NULL;
-    }
-    rvt->object = *object;
-    /* trust has to peek into the base object members */
-    PZ_Lock(object->lock);
-    for (i=0; i<object->numInstances; i++) {
-	instance = object->instances[i];
-	myTrustOrder = nssToken_GetTrustOrder(instance->token);
-	status = nssCryptokiTrust_GetAttributes(instance, NULL,
-	                                        &serverAuth,
-	                                        &clientAuth,
-	                                        &codeSigning,
-	                                        &emailProtection);
-	if (status != PR_SUCCESS) {
-	    PZ_Unlock(object->lock);
-	    return (NSSTrust *)NULL;
-	}
-	if (rvt->serverAuth == nssTrustLevel_Unknown ||
-	    myTrustOrder < lastTrustOrder) 
-	{
-	    rvt->serverAuth = serverAuth;
-	}
-	if (rvt->clientAuth == nssTrustLevel_Unknown ||
-	    myTrustOrder < lastTrustOrder) 
-	{
-	    rvt->clientAuth = clientAuth;
-	}
-	if (rvt->emailProtection == nssTrustLevel_Unknown ||
-	    myTrustOrder < lastTrustOrder) 
-	{
-	    rvt->emailProtection = emailProtection;
-	}
-	if (rvt->codeSigning == nssTrustLevel_Unknown ||
-	    myTrustOrder < lastTrustOrder) 
-	{
-	    rvt->codeSigning = codeSigning;
-	}
-	lastTrustOrder = myTrustOrder;
-    }
-    PZ_Unlock(object->lock);
-    return rvt;
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssTrust_AddRef
-(
-  NSSTrust *trust
-)
-{
-    if (trust) {
-	nssPKIObject_AddRef(&trust->object);
-    }
-    return trust;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrust_Destroy
-(
-  NSSTrust *trust
-)
-{
-    if (trust) {
-	(void)nssPKIObject_Destroy(&trust->object);
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssSMIMEProfile_AddRef
-(
-  nssSMIMEProfile *profile
-)
-{
-    if (profile) {
-	nssPKIObject_AddRef(&profile->object);
-    }
-    return profile;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSMIMEProfile_Destroy
-(
-  nssSMIMEProfile *profile
-)
-{
-    if (profile) {
-	(void)nssPKIObject_Destroy(&profile->object);
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSCRL *
-nssCRL_Create
-(
-  nssPKIObject *object
-)
-{
-    PRStatus status;
-    NSSCRL *rvCRL;
-    NSSArena *arena = object->arena;
-    PR_ASSERT(object->instances != NULL && object->numInstances > 0);
-    rvCRL = nss_ZNEW(arena, NSSCRL);
-    if (!rvCRL) {
-	return (NSSCRL *)NULL;
-    }
-    rvCRL->object = *object;
-    /* XXX should choose instance based on some criteria */
-    status = nssCryptokiCRL_GetAttributes(object->instances[0],
-                                          NULL,  /* XXX sessionOpt */
-                                          arena,
-                                          &rvCRL->encoding,
-                                          &rvCRL->url,
-                                          &rvCRL->isKRL);
-    if (status != PR_SUCCESS) {
-	return (NSSCRL *)NULL;
-    }
-    return rvCRL;
-}
-
-NSS_IMPLEMENT NSSCRL *
-nssCRL_AddRef
-(
-  NSSCRL *crl
-)
-{
-    if (crl) {
-	nssPKIObject_AddRef(&crl->object);
-    }
-    return crl;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCRL_Destroy
-(
-  NSSCRL *crl
-)
-{
-    if (crl) {
-	(void)nssPKIObject_Destroy(&crl->object);
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCRL_DeleteStoredObject
-(
-  NSSCRL *crl,
-  NSSCallback *uhh
-)
-{
-    return nssPKIObject_DeleteStoredObject(&crl->object, uhh, PR_TRUE);
-}
-
-NSS_IMPLEMENT NSSDER *
-nssCRL_GetEncoding
-(
-  NSSCRL *crl
-)
-{
-    if (crl->encoding.data != NULL && crl->encoding.size > 0) {
-	return &crl->encoding;
-    } else {
-	return (NSSDER *)NULL;
-    }
-}
-
diff --git a/security/nss/lib/pki/config.mk b/security/nss/lib/pki/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/pki/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/pki/cryptocontext.c b/security/nss/lib/pki/cryptocontext.c
deleted file mode 100644
index 21d524072..000000000
--- a/security/nss/lib/pki/cryptocontext.c
+++ /dev/null
@@ -1,1066 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKISTORE_H
-#include "pkistore.h"
-#endif /* PKISTORE_H */
-
-#include "pki1t.h"
-
-#ifdef PURE_STAN_BUILD
-struct NSSCryptoContextStr
-{
-    PRInt32 refCount;
-    NSSArena *arena;
-    NSSTrustDomain *td;
-    NSSToken *token;
-    nssSession *session;
-    nssCertificateStore *certStore;
-};
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT NSSCryptoContext *
-nssCryptoContext_Create
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-)
-{
-    NSSArena *arena;
-    NSSCryptoContext *rvCC;
-    arena = NSSArena_Create();
-    if (!arena) {
-	return NULL;
-    }
-    rvCC = nss_ZNEW(arena, NSSCryptoContext);
-    if (!rvCC) {
-	return NULL;
-    }
-    rvCC->td = td;
-    rvCC->arena = arena;
-    return rvCC;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_Destroy
-(
-  NSSCryptoContext *cc
-)
-{
-    if (cc->certStore) {
-	nssCertificateStore_Destroy(cc->certStore);
-    }
-    nssArena_Destroy(cc->arena);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_SetDefaultCallback
-(
-  NSSCryptoContext *td,
-  NSSCallback *newCallback,
-  NSSCallback **oldCallbackOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCallback *
-NSSCryptoContext_GetDefaultCallback
-(
-  NSSCryptoContext *td,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSCryptoContext_GetTrustDomain
-(
-  NSSCryptoContext *td
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ImportCertificate
-(
-  NSSCryptoContext *cc,
-  NSSCertificate *c
-)
-{
-    PRStatus nssrv;
-    if (!cc->certStore) {
-	cc->certStore = nssCertificateStore_Create(cc->arena);
-	if (!cc->certStore) {
-	    return PR_FAILURE;
-	}
-    }
-    nssrv = nssCertificateStore_Add(cc->certStore, c);
-    if (nssrv == PR_SUCCESS) {
-	c->object.cryptoContext = cc;
-    }
-    return nssrv;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_ImportPKIXCertificate
-(
-  NSSCryptoContext *cc,
-  struct NSSPKIXCertificateStr *pc
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_ImportEncodedCertificate
-(
-  NSSCryptoContext *cc,
-  NSSBER *ber
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ImportEncodedPKIXCertificateChain
-(
-  NSSCryptoContext *cc,
-  NSSBER *ber
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptoContext_ImportTrust
-(
-  NSSCryptoContext *cc,
-  NSSTrust *trust
-)
-{
-    PRStatus nssrv;
-    if (!cc->certStore) {
-	cc->certStore = nssCertificateStore_Create(cc->arena);
-	if (!cc->certStore) {
-	    return PR_FAILURE;
-	}
-    }
-    nssrv = nssCertificateStore_AddTrust(cc->certStore, trust);
-#if 0
-    if (nssrv == PR_SUCCESS) {
-	trust->object.cryptoContext = cc;
-    }
-#endif
-    return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCryptoContext_ImportSMIMEProfile
-(
-  NSSCryptoContext *cc,
-  nssSMIMEProfile *profile
-)
-{
-    PRStatus nssrv;
-    if (!cc->certStore) {
-	cc->certStore = nssCertificateStore_Create(cc->arena);
-	if (!cc->certStore) {
-	    return PR_FAILURE;
-	}
-    }
-    nssrv = nssCertificateStore_AddSMIMEProfile(cc->certStore, profile);
-#if 0
-    if (nssrv == PR_SUCCESS) {
-	profile->object.cryptoContext = cc;
-    }
-#endif
-    return nssrv;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNickname
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *name,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt /* NULL for none */
-)
-{
-    NSSCertificate **certs;
-    NSSCertificate *rvCert = NULL;
-    if (!cc->certStore) {
-	return NULL;
-    }
-    certs = nssCertificateStore_FindCertificatesByNickname(cc->certStore,
-                                                           name,
-                                                           NULL, 0, NULL);
-    if (certs) {
-	rvCert = nssCertificateArray_FindBestCertificate(certs,
-	                                                 timeOpt,
-	                                                 usage,
-	                                                 policiesOpt);
-	nssCertificateArray_Destroy(certs);
-    }
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByNickname
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *name,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    NSSCertificate **rvCerts;
-    if (!cc->certStore) {
-	return NULL;
-    }
-    rvCerts = nssCertificateStore_FindCertificatesByNickname(cc->certStore,
-                                                             name,
-                                                             rvOpt,
-                                                             maximumOpt,
-                                                             arenaOpt);
-    return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
-(
-  NSSCryptoContext *cc,
-  NSSDER *issuer,
-  NSSDER *serialNumber
-)
-{
-    if (!cc->certStore) {
-	return NULL;
-    }
-    return nssCertificateStore_FindCertificateByIssuerAndSerialNumber(
-                                                               cc->certStore,
-                                                               issuer,
-                                                               serialNumber);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateBySubject
-(
-  NSSCryptoContext *cc,
-  NSSDER *subject,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    NSSCertificate **certs;
-    NSSCertificate *rvCert = NULL;
-    if (!cc->certStore) {
-	return NULL;
-    }
-    certs = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
-                                                          subject,
-                                                          NULL, 0, NULL);
-    if (certs) {
-	rvCert = nssCertificateArray_FindBestCertificate(certs,
-	                                                 timeOpt,
-	                                                 usage,
-	                                                 policiesOpt);
-	nssCertificateArray_Destroy(certs);
-    }
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssCryptoContext_FindCertificatesBySubject
-(
-  NSSCryptoContext *cc,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    NSSCertificate **rvCerts;
-    if (!cc->certStore) {
-	return NULL;
-    }
-    rvCerts = nssCertificateStore_FindCertificatesBySubject(cc->certStore,
-                                                            subject,
-                                                            rvOpt,
-                                                            maximumOpt,
-                                                            arenaOpt);
-    return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesBySubject
-(
-  NSSCryptoContext *cc,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    return nssCryptoContext_FindCertificatesBySubject(cc, subject,
-                                                      rvOpt, maximumOpt,
-                                                      arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNameComponents
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *nameComponents,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByNameComponents
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *nameComponents,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByEncodedCertificate
-(
-  NSSCryptoContext *cc,
-  NSSBER *encodedCertificate
-)
-{
-    if (!cc->certStore) {
-	return NULL;
-    }
-    return nssCertificateStore_FindCertificateByEncodedCertificate(
-                                                           cc->certStore,
-                                                           encodedCertificate);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByEmail
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *email,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    NSSCertificate **certs;
-    NSSCertificate *rvCert = NULL;
-    if (!cc->certStore) {
-	return NULL;
-    }
-    certs = nssCertificateStore_FindCertificatesByEmail(cc->certStore,
-                                                        email,
-                                                        NULL, 0, NULL);
-    if (certs) {
-	rvCert = nssCertificateArray_FindBestCertificate(certs,
-	                                                 timeOpt,
-	                                                 usage,
-	                                                 policiesOpt);
-	nssCertificateArray_Destroy(certs);
-    }
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByEmail
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *email,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    NSSCertificate **rvCerts;
-    if (!cc->certStore) {
-	return NULL;
-    }
-    rvCerts = nssCertificateStore_FindCertificatesByEmail(cc->certStore,
-                                                          email,
-                                                          rvOpt,
-                                                          maximumOpt,
-                                                          arenaOpt);
-    return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByOCSPHash
-(
-  NSSCryptoContext *cc,
-  NSSItem *hash
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificate
-(
-  NSSCryptoContext *cc,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindUserCertificates
-(
-  NSSCryptoContext *cc,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindUserCertificatesForSSLClientAuth
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForEmailSigning
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *signerOpt,
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindUserCertificatesForEmailSigning
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *signerOpt, /* fgmr or a more general name? */
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssCryptoContext_FindTrustForCertificate
-(
-  NSSCryptoContext *cc,
-  NSSCertificate *cert
-)
-{
-    if (!cc->certStore) {
-	return NULL;
-    }
-    return nssCertificateStore_FindTrustForCertificate(cc->certStore, cert);
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssCryptoContext_FindSMIMEProfileForCertificate
-(
-  NSSCryptoContext *cc,
-  NSSCertificate *cert
-)
-{
-    if (!cc->certStore) {
-	return NULL;
-    }
-    return nssCertificateStore_FindSMIMEProfileForCertificate(cc->certStore, 
-                                                              cert);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_GenerateKeyPair
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *ap,
-  NSSPrivateKey **pvkOpt,
-  NSSPublicKey **pbkOpt,
-  PRBool privateKeyIsSensitive,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *ap,
-  PRUint32 keysize,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKeyFromPassword
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *ap,
-  NSSUTF8 *passwordOpt, /* if null, prompt */
-  NSSToken *destinationOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
-(
-  NSSCryptoContext *cc,
-  NSSOID *algorithm,
-  NSSItem *keyID,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-struct token_session_str {
-    NSSToken *token;
-    nssSession *session;
-};
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Decrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *encryptedData,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginDecrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueDecrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishDecrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Sign
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginSign
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueSign
-(
-  NSSCryptoContext *cc,
-  NSSItem *data
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishSign
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_SignRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginSignRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueSignRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishSignRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_DeriveSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt, /* zero for best allowed */
-  NSSOperations operations,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Encrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginEncrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueEncrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishEncrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_Verify
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginVerify
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueVerify
-(
-  NSSCryptoContext *cc,
-  NSSItem *data
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_FinishVerify
-(
-  NSSCryptoContext *cc
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_VerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginVerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueVerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishVerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_WrapSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Digest
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    return nssToken_Digest(cc->token, cc->session, apOpt, 
-                           data, rvOpt, arenaOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginDigest
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-)
-{
-    return nssToken_BeginDigest(cc->token, cc->session, apOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueDigest
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *item
-)
-{
-	/*
-    NSSAlgorithmAndParameters *ap;
-    ap = (apOpt) ? apOpt : cc->ap;
-    */
-	/* why apOpt?  can't change it at this point... */
-    return nssToken_ContinueDigest(cc->token, cc->session, item);
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishDigest
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    return nssToken_FinishDigest(cc->token, cc->session, rvOpt, arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSCryptoContext_Clone
-(
-  NSSCryptoContext *cc
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
diff --git a/security/nss/lib/pki/doc/standiag.png b/security/nss/lib/pki/doc/standiag.png
deleted file mode 100644
index fe1aca389..000000000
--- a/security/nss/lib/pki/doc/standiag.png
+++ /dev/null
diff --git a/security/nss/lib/pki/doc/standoc.html b/security/nss/lib/pki/doc/standoc.html
deleted file mode 100644
index 43eb3a3cf..000000000
--- a/security/nss/lib/pki/doc/standoc.html
+++ /dev/null
@@ -1,471 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-         <!-- 
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-                                                                        
-                              
-  <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
-  <title>Stan Design - Work In Progress</title>
-</head>
-  <body>
- <br>
-               This is a working document for progress on Stan design/development.<br>
- <br>
-        Current <a href="#build">build</a>
-       and <a href="#test">test</a>
-        instructions.<br>
- <br>
-                      The current set of Stan libraries.<br>
- <a href="#asn1">asn1</a>
- <br>
- <a href="#base">base</a>
- <br>
- <a href="#ckfw">ckfw</a>
- <br>
- <a href="#dev">dev</a>
- <br>
- <a href="#pki">pki</a>
- <br>
- <a href="#pki1">pki1</a>
- <br>
- <a href="#pkix">pkix</a>
- <br>
- <br>
-                     "Public" types below (those available to consumers of
- NSS)   begin    with   "NSS".  &nbsp;"Protected" types (those only available
- within   NSS)   begin   with  "nss".<br>
- <br>
-        Open issues appears as numbered indents.<br>
- <br>
- <br>
- 
-<hr width="100%" size="2" align="Left"><br>
- 
-<h3><a name="asn1"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/asn1/">
-           ASN.1</a>
- </h3>
-                          ASN.1 encoder/decoder wrapping around the current 
- ASN.1    implementation.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASN1EncodingType">  NSSASN1EncodingType</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Item">nssASN1Item</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Template">nssASN1Template</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1ChooseTemplateFunction">
-                     nssASN1ChooseTemplateFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Encoder">nssASN1Encoder</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Decoder">nssASN1Decoder</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncodingPart">  nssASN1EncodingPart</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1NotifyFunction">
-       nssASN1NotifyFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncoderWriteFunction">
-                     nssASN1EncoderWriteFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1DecoderFilterFunction">
-                     nssASN1DecoderFilterFunction</a>
- <br>
- <br>
- 
-<hr width="100%" size="2" align="Left"> 
-<h3><a name="base"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/base/">
-       Base</a>
- </h3>
-                          Set of base utilities for Stan implementation.
-&nbsp;These       are   all   fairly straightforward, except for nssPointerTracker.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSError">NSSError</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSArena">NSSArena</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSItem">NSSItem</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBER">NSSBER</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSDER">NSSDER</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBitString">NSSBitString</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUTF8">NSSUTF8</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASCII7">NSSASCII7</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssArenaMark">nssArenaMark</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssPointerTracker">nssPointerTracker</a>
- <br>
-          This is intended for debug builds only.<br>
- 
-<ol>
-   <li>Ignored for now.<br>
-   </li>
- 
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssStringType">nssStringType</a>
- <br>
- <br>
-          Suggested additions:<br>
- 
-<ol>
-   <li>nssList - A list that optionally uses a lock. &nbsp;This list  would 
-   manage the currently loaded modules in a trust domain, etc.</li>
-   
-  <ul>
-     <li>SECMODListLock kept track of the number of waiting threads.  &nbsp;Will 
-  this be needed in the trust domain?</li>
-   
-  </ul>
- 
-</ol>
- <br>
- 
-<hr width="100%" size="2" align="Left"> 
-<h3><a name="ckfw"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/">
-  CKFW</a>
- </h3>
-                     The cryptoki framework, used for building cryptoki tokens. 
-   &nbsp;This      needs  to be described in a separate document showing how
-   to set up a  token    using  CKFW. &nbsp;This code only relates to tokens,
-   so it is not  relevant    here.<br>
- <br>
- <br>
- 
-<hr width="100%" size="2" align="Left"> 
-<h3><a name="dev"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/dev/"> 
- Device</a>
- </h3>
-                          Defines cryptoki devices used in NSS. &nbsp;This
- is  not   part  of the exposed API. &nbsp;It is a low-level API allowing
-NSS to manage   cryptoki  devices.<br>
- <br>
-         The relationship is like this:<br>
- <br>
-         libpki --&gt; libdev --&gt; cryptoki<br>
- <br>
-         As an example,<br>
- <br>
-         NSSTrustDomain_FindCertificate --&gt; NSSToken_FindCertificate --&gt;
-   C_FindObjects<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSModule">NSSModule</a>
- <br>
-                     Replaces the SECMOD API. &nbsp;The module manages a
-PRLibrary       that   holds  a cryptoki implementation via a number of slots.
-&nbsp;The      API should   provide  the ability  to Load and Unload a module,
-Login  and    Logout to the   module (through its slots), and to locate a
-particular   slot/token.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSlot">NSSSlot</a>
- <br>
-                     This and NSSToken combine to replace the PK11 API parts
-  that   relate    to  slot  and token management. &nbsp;The slot API should
-  provide   the ability   to Login/Logout   to a slot, check the login status,
-  determine    basic configuration    information   about the slot, and modify
-  the password    settings.<br>
- 
-<ol>
-   <li>Should slots also maintain a default session? &nbsp;This session would 
- be used for slot management calls (sections 9.5 and9.6 of PKCS#11). &nbsp;Or 
- is the token session sufficient (this would not work if C_GetTokenInfo and 
- C_InitToken need to be wrapped in a threadsafe session).<br>
-   </li>
- 
-</ol>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSToken">NSSToken</a>
- <br>
-                     Fills in the gaps left by NSSSlot. &nbsp;Much of the 
-cryptoki     API   is  directed   towards slots.  &nbsp;However,   some  functionality
-   clearly belongs with a token type. &nbsp;For  example,   a certificate
- lives  on a token, not a slot, so one would expect  a function   NSSToken_FindCertificate.
-    &nbsp;Thus functions that deal with  importing/exporting   an object
-and    performing  actual cryptographic operations  belong here.<br>
- 
-<ol>
-   <li>The   distinction  between a slot and a token is not clear. &nbsp;Most 
-   functions take  a slotID   as an argument,  even though it is obvious that
-     the event   is intended to occur on a token. &nbsp;That leaves various
-   possibilities:</li>
-   
-  <ol>
-     <li>Implement the API entirely as NSSToken. &nbsp;If the token  is not 
-  present, some calls will simply fail.</li>
-     <li>Divide the API between NSSToken and NSSSlot, as described  above. 
-&nbsp;NSSSlot  would handle cryptoki calls specified as "slot management",
-  while NSSToken  handles actual token operations.</li>
-     <li>Others?</li>
-   
-  </ol>
-   <li>Session management. &nbsp;Tokens needs a threadsafe session handle 
- to perform operations. &nbsp;CryptoContexts are meant to provide such sessions, 
- but other objects will need access to token functions as well (examples: 
-the TrustDomain_Find functions, _Login, _Logout, and others that do not exist 
- such as NSSToken_ChangePassword). &nbsp;For those functions, the token could 
- maintain a default session. &nbsp;Thus all NSSToken API functions would take
- sessionOpt as an argument. &nbsp;If the caller is going to provide a session,
- it sends an NSSSession there, otherwise it sends NULL and the default session
- is utilized.<br>
-   </li>
- 
-</ol>
-      Proposed:<br>
-    NSSSession<br>
-    Wraps a Cryptoki session. &nbsp;Created from a slot. &nbsp;Used to manage
-  sessions for crypto contexts. &nbsp;Has a lock field, which locks the session
-  if the slot is not threadsafe.<br>
- <br>
- 
-<hr width="100%" size="2" align="Left"><br>
- 
-<h3><a name="pki"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/"> 
-   PKI</a>
- </h3>
-                          The NSS PKI library.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">NSS</a>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">Certificate</a>
- <br>
- 
-<ol>
-   <li>The API leaves open the possibility of NSSCertificate meaning  various 
- certificate types, not just X.509. &nbsp;The way to keep open this  possibility 
- is to keep only generally useful information in the NSSCertificate  type. 
-&nbsp;Examples would be the certificate encoding, label, trust (obtained
- from cryptoki calls), an email address, etc. &nbsp;Some type of generic
-reference  should be kept to the decoded certificate, which would then be
-accessed by  a type-specific API (e.g., NSSX509_GetSubjectName).</li>
- 
-</ol>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUserCertificate">NSSUserCertificate</a>
- <br>
- 
-<ol>
-   <li>Should this be a typedef of NSSCertificate?&nbsp; This implies  that 
- any function that requires an   NSSUserCertificate   would fail when  called 
- with a certificate lacking a private key. </li>
- 
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPrivateKey">NSSPrivateKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPublicKey">NSSPublicKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSymmetricKey">NSSSymmetricKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTrustDomain">NSSTrustDomain</a>
- <br>
-                    A trust domain is "the field in which certificates may
- be  validated."       &nbsp;It  is a collection of modules capable of performing 
-  cryptographic      operations  and storing certs and keys. &nbsp;This collection 
-  is managed     by NSS in a manner opaque to the consumer. &nbsp;The slots 
-  will have various      orderings determining which has preference for a 
-given  operation. &nbsp;For      example, the trust domain may order the storage
- of user certificates one    way, and the storage of email certificates in
- another way [is that a good    example?].<br>
- <br>
- 
-<ol>
-   <li>           How will ordering work? &nbsp;We already have the  suggestion 
-      that  there be two kinds of ordering: storage and search.  &nbsp;How 
-will     they be  constructed/managed? &nbsp;Do we want to expose  access 
-to a token     that overrides  this ordering (i.e., the download of  updated 
-root certs   may  need to override  storage order)</li>
-   <li>How are certs cached? &nbsp;Nelson wonders what it means   to   Stan 
-    when a cert does not live on a token yet. &nbsp;Bob, Terry, and    I discussed
-    this. &nbsp;My conclusion is that there should be a type,  separate 
-from   NSSCertificate,  that holds the decoded cert parts (e.g.,   NSSX509Certificate,
-    or to avoid confusion, NSSX509DecodedParts). &nbsp;NSSCertificate   would
-  keep  a handle to this type, so that it only needs to decode the  cert
-once.   &nbsp;The  NSSTrustDomain would keep a hash table of cached certs, 
-some of  which may  not live on a token yet (i.e., they are only NSSX509DecodedParts). 
-     &nbsp;This  cache could be accessed in the same way the temp db was, 
-and    when the cert  is ready to be moved onto a token a call to NSSTrustDomain_ImportCertificate 
-       is made. &nbsp;Note    that this is essentially the same as CERT_TempCertToPerm.</li>
-   
-  <ul>
-     <li>The hashtable in lib/base (copied from ckfw/hash.c) uses the identity 
-hash. &nbsp;Therefore, in a hash of certificates, the key is the certificate 
-pointer itself. &nbsp;One possibility is to store the decoded cert (NSSX509DecodedParts 
-above) as the value in the {key, value} pair. &nbsp;When a cert is decoded, 
-the cert pointer and decoding pointer are added to the hash. &nbsp;Subsequent 
-lookups have access to one or both of these pointers. &nbsp;This keeps NSSCertificate 
-separate from its decoding, while providing a way to locate it.</li>
-   
-  </ul>
-   <li>The API is designed to keep token details hidden from the user.  &nbsp;However, 
- it has already been realized that PSM and CMS may need special  access to 
-tokens. &nbsp;Is this part of the TrustDomain API, or should PSM  and CMS 
-be allowed to use "friend" headers from the Token API?</li>
-   <li>Do we want to allow traversal via NSSTrustDomain_TraverseXXXX?<br>
-   </li>
- 
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCryptoContext"><br>
-                   NSSCryptoContext</a>
- <br>
-    Analgous to a Cryptoki session. &nbsp;Manages session objects only.<br>
-  <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTime">NSSTime</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUsage">NSSUsage</a>
- <br>
- 
-<ol>
-   <li>       See Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#187">
-               comments</a>
-              .</li>
- 
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPolicies">NSSPolicies</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSAlgorithmAndParameters">
-                      NSSAlgorithmAndParameters</a>
- <br>
- 
-<ol>
-   <li>       Again, Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#215">
-               comments</a>
-              . &nbsp;The old NSS code had various types related to  algorithms 
-    running around in it. &nbsp;We had SECOidTag, SECAlgorithmID,   SECItem's
-     for parameters, CK_MECHANISM for cryptoki, etc. &nbsp;This type   should
-    be  able to encapsulate all of those.</li>
- 
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCallback">NSSCallback</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOperations">NSSOperations</a>
- <br>
- <br>
- <br>
- 
-<hr width="100%" size="2"><br>
- <br>
- A diagram to suggest a possible TrustDomain architecture.<br>
- <br>
- <img src="./standiag.png" alt="Trust Domain Diagram" width="748" height="367">
- <br>
- 
-<hr width="100%" size="2" align="Left"><br>
- 
-<h3><a name="pki1"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki1/">
-    PKI1</a>
- </h3>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOID">NSSOID</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSATAV">NSSATAV</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDN">NSSRDN</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDNSeq">NSSRDNSeq</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSName">NSSName</a>
- <br>
-            NSSNameChoice<br>
-            NSSGeneralName<br>
-            NSSGeneralNameChoice<br>
-            NSSOtherName<br>
-            NSSRFC822Name<br>
-            NSSDNSName<br>
-            NSSX400Address<br>
-            NSSEdiParityAddress<br>
-            NSSURI<br>
-            NSSIPAddress<br>
-            NSSRegisteredID<br>
-            NSSGeneralNameSeq<br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssAttributeTypeAliasTable">
-            nssAttributeTypeAliasTable</a>
- <br>
- <br>
- <br>
- 
-<hr width="100%" size="2" align="Left"><br>
- 
-<h3><a name="pkix"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pkix/">
-       PKIX&nbsp;</a>
- </h3>
-           There is a plethora of PKIX related types here.<br>
- <br>
- 
-<hr width="100%" size="2" align="Left"><br>
- 
-<h3><a name="build"></a>
-        Building Stan</h3>
- <br>
-       From nss/lib, run "make BUILD_STAN=1"<br>
- <br>
- 
-<hr width="100%" size="2" align="Left"><br>
- 
-<h3><a name="test"></a>
-       Testing Stan</h3>
-       A&nbsp;new command line tool, pkiutil, has been created to use only
- the   Stan API. &nbsp;It depends on a new library, cmdlib, meant to replace
- the   old secutil library. &nbsp;The old library had code used by products
- that   needed to be integrated into the main library codebase somehow. &nbsp;The
-   goal of the new cmdlib is to have functionality needed strictly for NSS
- tools.<br>
- <br>
-       How to build:<br>
- 
-<ol>
-   <li>cd nss/cmd/cmdlib; make</li>
-   <li>cd ../pkiutil; make</li>
- 
-</ol>
-       pkiutil will give detailed help with either "pkiutil -?" or "pkiutil 
- --help".<br>
- <br>
-      So far, the only available test is to list certs on the builtins token. 
-  &nbsp;Copy "libnssckbi.so" (or whatever it is) to cmd/pkiutil. &nbsp;Then 
-  run "pkiutil -L" or "pkiutil --list". &nbsp;The list of certificate nicknames 
-  should be displayed.<br>
- <br>
- <br>
- 
-</body>
-</html>
diff --git a/security/nss/lib/pki/manifest.mn b/security/nss/lib/pki/manifest.mn
deleted file mode 100644
index c4bf70b24..000000000
--- a/security/nss/lib/pki/manifest.mn
+++ /dev/null
@@ -1,71 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
-	pki.h      \
-	pkit.h     \
-	nsspkit.h  \
-	nsspki.h   \
-	$(NULL)
-
-EXPORTS =	   \
-	$(NULL)
-
-MODULE = security
-
-CSRCS =		        \
-	asymmkey.c      \
-	certificate.c   \
-	cryptocontext.c \
-	symmkey.c       \
-	trustdomain.c   \
-	tdcache.c       \
-	certdecode.c    \
-	pkistore.c      \
-	pkibase.c       \
-	$(NULL)
-
-ifndef PURE_STAN_BUILD
-CSRCS += pki3hack.c
-PRIVATE_EXPORTS += pkistore.h pki3hack.h pkitm.h pkim.h
-#DEFINES = -DNSS_3_4_CODE -DDEBUG_CACHE
-DEFINES = -DNSS_3_4_CODE
-endif
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nsspki
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/pki/nsspki.h b/security/nss/lib/pki/nsspki.h
deleted file mode 100644
index f8bb731e2..000000000
--- a/security/nss/lib/pki/nsspki.h
+++ /dev/null
@@ -1,3190 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI_H
-#define NSSPKI_H
-
-#ifdef DEBUG
-static const char NSSPKI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki.h
- *
- * This file prototypes the methods of the top-level PKI objects.
- */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSPKI1_H
-#include "nsspki1.h"
-#endif /* NSSPKI1_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A note about interfaces
- *
- * Although these APIs are specified in C, a language which does
- * not have fancy support for abstract interfaces, this library
- * was designed from an object-oriented perspective.  It may be
- * useful to consider the standard interfaces which went into
- * the writing of these APIs.
- *
- * Basic operations on all objects:
- *  Destroy -- free a pointer to an object
- *  DeleteStoredObject -- delete an object permanently
- *
- * Public Key cryptographic operations:
- *  Encrypt
- *  Verify
- *  VerifyRecover
- *  Wrap
- *  Derive
- *
- * Private Key cryptographic operations:
- *  IsStillPresent
- *  Decrypt
- *  Sign
- *  SignRecover
- *  Unwrap
- *  Derive
- *
- * Symmetric Key cryptographic operations:
- *  IsStillPresent
- *  Encrypt
- *  Decrypt
- *  Sign
- *  SignRecover
- *  Verify
- *  VerifyRecover
- *  Wrap
- *  Unwrap
- *  Derive
- *
- */
-
-/*
- * NSSCertificate
- *
- * These things can do crypto ops like public keys, except that the trust, 
- * usage, and other constraints are checked.  These objects are "high-level,"
- * so trust, usages, etc. are in the form we throw around (client auth,
- * email signing, etc.).  Remember that theoretically another implementation
- * (think PGP) could be beneath this object.
- */
-
-/*
- * NSSCertificate_Destroy
- *
- * Free a pointer to a certificate object.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Destroy
-(
-  NSSCertificate *c
-);
-
-/*
- * NSSCertificate_DeleteStoredObject
- *
- * Permanently remove this certificate from storage.  If this is the
- * only (remaining) certificate corresponding to a private key, 
- * public key, and/or other object; then that object (those objects)
- * are deleted too.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_DeleteStoredObject
-(
-  NSSCertificate *c,
-  NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_Validate
- *
- * Verify that this certificate is trusted, for the specified usage(s), 
- * at the specified time, {word word} the specified policies.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Validate
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSCertificate_ValidateCompletely
- *
- * Verify that this certificate is trusted.  The difference between
- * this and the previous call is that NSSCertificate_Validate merely
- * returns success or failure with an appropriate error stack.
- * However, there may be (and often are) multiple problems with a
- * certificate.  This routine returns an array of errors, specifying
- * every problem.
- */
-
-/* 
- * Return value must be an array of objects, each of which has
- * an NSSError, and any corresponding certificate (in the chain)
- * and/or policy.
- */
-
-NSS_EXTERN void ** /* void *[] */
-NSSCertificate_ValidateCompletely
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt, /* NULL for none */
-  void **rvOpt, /* NULL for allocate */
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt /* NULL for heap */
-);
-
-/*
- * NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
- *
- * Returns PR_SUCCESS if the certificate is valid for at least something.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
-(
-  NSSCertificate *c,
-  NSSTime **notBeforeOutOpt,
-  NSSTime **notAfterOutOpt,
-  void *allowedUsages,
-  void *disallowedUsages,
-  void *allowedPolicies,
-  void *disallowedPolicies,
-  /* more args.. work on this fgmr */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_Encode
- *
- */
-
-NSS_EXTERN NSSDER *
-NSSCertificate_Encode
-(
-  NSSCertificate *c,
-  NSSDER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_BuildChain
- *
- * This routine returns NSSCertificate *'s for each certificate
- * in the "chain" starting from the specified one up to and
- * including the root.  The zeroth element in the array is the
- * specified ("leaf") certificate.
- *
- * If statusOpt is supplied, and is returned as PR_FAILURE, possible
- * error values are:
- *
- * NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND - the chain is incomplete
- *
- */
-
-extern const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND;
-
-NSS_EXTERN NSSCertificate **
-NSSCertificate_BuildChain
-(
-  NSSCertificate *c,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetTrustDomain
- *
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSCertificate_GetTrustDomain
-(
-  NSSCertificate *c
-);
-
-/*
- * NSSCertificate_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSCertificate_GetToken
-(
-  NSSCertificate *c,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSCertificate_GetSlot
-(
-  NSSCertificate *c,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSCertificate_GetModule
-(
-  NSSCertificate *c,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_Encrypt
- *
- * Encrypt a single chunk of data with the public key corresponding to
- * this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_Encrypt
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Verify
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_VerifyRecover
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_WrapSymmetricKey
- *
- * This method tries very hard to to succeed, even in situations 
- * involving sensitive keys and multiple modules.
- * { relyea: want to add verbiage? }
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_WrapSymmetricKey
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_CreateCryptoContext
- *
- * Create a crypto context, in this certificate's trust domain, with this
- * as the distinguished certificate.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSCertificate_CreateCryptoContext
-(
-  NSSCertificate *c,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh  
-);
-
-/*
- * NSSCertificate_GetPublicKey
- *
- * Returns the public key corresponding to this certificate.
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSCertificate_GetPublicKey
-(
-  NSSCertificate *c
-);
-
-/*
- * NSSCertificate_FindPrivateKey
- *
- * Finds and returns the private key corresponding to this certificate,
- * if it is available.
- *
- * { Should this hang off of NSSUserCertificate? }
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSCertificate_FindPrivateKey
-(
-  NSSCertificate *c,
-  NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_IsPrivateKeyAvailable
- *
- * Returns success if the private key corresponding to this certificate
- * is available to be used.
- *
- * { Should *this* hang off of NSSUserCertificate?? }
- */
-
-NSS_EXTERN PRBool
-NSSCertificate_IsPrivateKeyAvailable
-(
-  NSSCertificate *c,
-  NSSCallback *uhh,
-  PRStatus *statusOpt
-);
-
-/*
- * If we make NSSUserCertificate not a typedef of NSSCertificate, 
- * then we'll need implementations of the following:
- *
- *  NSSUserCertificate_Destroy
- *  NSSUserCertificate_DeleteStoredObject
- *  NSSUserCertificate_Validate
- *  NSSUserCertificate_ValidateCompletely
- *  NSSUserCertificate_ValidateAndDiscoverUsagesAndPolicies
- *  NSSUserCertificate_Encode
- *  NSSUserCertificate_BuildChain
- *  NSSUserCertificate_GetTrustDomain
- *  NSSUserCertificate_GetToken
- *  NSSUserCertificate_GetSlot
- *  NSSUserCertificate_GetModule
- *  NSSUserCertificate_GetCryptoContext
- *  NSSUserCertificate_GetPublicKey
- */
-
-/*
- * NSSUserCertificate_IsStillPresent
- *
- * Verify that if this certificate lives on a token, that the token
- * is still present and the certificate still exists.  This is a
- * lightweight call which should be used whenever it should be
- * verified that the user hasn't perhaps popped out his or her
- * token and strolled away.
- */
-
-NSS_EXTERN PRBool
-NSSUserCertificate_IsStillPresent
-(
-  NSSUserCertificate *uc,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSUserCertificate_Decrypt
- *
- * Decrypt a single chunk of data with the private key corresponding
- * to this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_Decrypt
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_Sign
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_SignRecover
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey
-(
-  NSSUserCertificate *uc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey
-(
-  NSSUserCertificate *uc, /* provides private key */
-  NSSCertificate *c, /* provides public key */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt, /* zero for best allowed */
-  NSSOperations operations,
-  NSSCallback *uhh
-);
-
-/* filter-certs function(s) */
-
-/**
- ** fgmr -- trust objects
- **/
-
-/*
- * NSSPrivateKey
- *
- */
-
-/*
- * NSSPrivateKey_Destroy
- *
- * Free a pointer to a private key object.
- */
-
-NSS_EXTERN PRStatus
-NSSPrivateKey_Destroy
-(
-  NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_DeleteStoredObject
- *
- * Permanently remove this object, and any related objects (such as the
- * certificates corresponding to this key).
- */
-
-NSS_EXTERN PRStatus
-NSSPrivateKey_DeleteStoredObject
-(
-  NSSPrivateKey *vk,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_GetSignatureLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSPrivateKey_GetSignatureLength
-(
-  NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetPrivateModulusLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSPrivateKey_GetPrivateModulusLength
-(
-  NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_IsStillPresent
- *
- */
-
-NSS_EXTERN PRBool
-NSSPrivateKey_IsStillPresent
-(
-  NSSPrivateKey *vk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPrivateKey_Encode
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Encode
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *ap,
-  NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSPrivateKey_GetTrustDomain
-(
-  NSSPrivateKey *vk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPrivateKey_GetToken
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSPrivateKey_GetToken
-(
-  NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetSlot
- *
- */
-
-NSS_EXTERN NSSSlot *
-NSSPrivateKey_GetSlot
-(
-  NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetModule
- *
- */
-
-NSS_EXTERN NSSModule *
-NSSPrivateKey_GetModule
-(
-  NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Decrypt
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *encryptedData,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Sign
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_SignRecover
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey
-(
-  NSSPrivateKey *vk,
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt, /* zero for best allowed */
-  NSSOperations operations,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_FindPublicKey
- *
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSPrivateKey_FindPublicKey
-(
-  NSSPrivateKey *vk
-  /* { don't need the callback here, right? } */
-);
-
-/*
- * NSSPrivateKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain,
- * with this as the distinguished private key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSPrivateKey_CreateCryptoContext
-(
-  NSSPrivateKey *vk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_FindCertificates
- *
- * Note that there may be more than one certificate for this
- * private key.  { FilterCertificates function to further
- * reduce the list. }
- */
-
-NSS_EXTERN NSSCertificate **
-NSSPrivateKey_FindCertificates
-(
-  NSSPrivateKey *vk,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_FindBestCertificate
- *
- * The parameters for this function will depend on what the users
- * need.  This is just a starting point.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSPrivateKey_FindBestCertificate
-(
-  NSSPrivateKey *vk,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSPublicKey
- *
- * Once you generate, find, or derive one of these, you can use it
- * to perform (simple) cryptographic operations.  Though there may
- * be certificates associated with these public keys, they are not
- * verified.
- */
-
-/*
- * NSSPublicKey_Destroy
- *
- * Free a pointer to a public key object.
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_Destroy
-(
-  NSSPublicKey *bk
-);
-
-/*
- * NSSPublicKey_DeleteStoredObject
- *
- * Permanently remove this object, and any related objects (such as the
- * corresponding private keys and certificates).
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_DeleteStoredObject
-(
-  NSSPublicKey *bk,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_Encode
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_Encode
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *ap,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSPublicKey_GetTrustDomain
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSPublicKey_GetToken
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSPublicKey_GetSlot
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSPublicKey_GetModule
-(
-  NSSPublicKey *bk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_Encrypt
- *
- * Encrypt a single chunk of data with the public key corresponding to
- * this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_Encrypt
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_Verify
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_VerifyRecover
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_WrapSymmetricKey
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain, with this
- * as the distinguished public key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSPublicKey_CreateCryptoContext
-(
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_FindCertificates
- *
- * Note that there may be more than one certificate for this
- * public key.  The current implementation may not find every
- * last certificate available for this public key: that would
- * involve trolling e.g. huge ldap databases, which will be
- * grossly inefficient and not generally useful.
- * { FilterCertificates function to further reduce the list }
- */
-
-NSS_EXTERN NSSCertificate **
-NSSPublicKey_FindCertificates
-(
-  NSSPublicKey *bk,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_FindBestCertificate
- *
- * The parameters for this function will depend on what the users
- * need.  This is just a starting point.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSPublicKey_FindBestCertificate
-(
-  NSSPublicKey *bk,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSPublicKey_FindPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSPublicKey_FindPrivateKey
-(
-  NSSPublicKey *bk,
-  NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey
- *
- */
-
-/*
- * NSSSymmetricKey_Destroy
- *
- * Free a pointer to a symmetric key object.
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_Destroy
-(
-  NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_DeleteStoredObject
- *
- * Permanently remove this object.
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_DeleteStoredObject
-(
-  NSSSymmetricKey *mk,
-  NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_GetKeyLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyLength
-(
-  NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_GetKeyStrength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyStrength
-(
-  NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_IsStillPresent
- *
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_IsStillPresent
-(
-  NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSSymmetricKey_GetToken
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSSymmetricKey_GetSlot
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSSymmetricKey_GetModule
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_Encrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Encrypt
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Decrypt
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *encryptedData,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Sign
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_SignRecover
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_Verify
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_VerifyRecover
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapSymmetricKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_WrapPrivateKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapPrivateKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPrivateKey *keyToWrap,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSOID *target,
-  PRUint32 keySizeOpt,
-  NSSOperations operations,
-  NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_UnwrapPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSUTF8 *labelOpt,
-  NSSItem *keyIDOpt,
-  PRBool persistant,
-  PRBool sensitive,
-  NSSToken *destinationOpt,
-  NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey
-(
-  NSSSymmetricKey *originalKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt,
-  NSSOperations operations,
-  NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain,
- * with this as the distinguished symmetric key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhh
-);
-
-/*
- * NSSTrustDomain
- *
- */
-
-/*
- * NSSTrustDomain_Create
- *
- * This creates a trust domain, optionally with an initial cryptoki
- * module.  If the module name is not null, the module is loaded if
- * needed (using the uriOpt argument), and initialized with the
- * opaqueOpt argument.  If mumble mumble priority settings, then
- * module-specification objects in the module can cause the loading
- * and initialization of further modules.
- *
- * The uriOpt is defined to take a URI.  At present, we only
- * support file: URLs pointing to platform-native shared libraries.
- * However, by specifying this as a URI, this keeps open the 
- * possibility of supporting other, possibly remote, resources.
- *
- * The "reserved" arguments is held for when we figure out the
- * module priority stuff.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSTrustDomain_Create
-(
-  NSSUTF8 *moduleOpt,
-  NSSUTF8 *uriOpt,
-  NSSUTF8 *opaqueOpt,
-  void *reserved
-);
-
-/*
- * NSSTrustDomain_Destroy
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Destroy
-(
-  NSSTrustDomain *td
-);
-
-/*
- * NSSTrustDomain_SetDefaultCallback
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_SetDefaultCallback
-(
-  NSSTrustDomain *td,
-  NSSCallback *newCallback,
-  NSSCallback **oldCallbackOpt
-);
-
-/*
- * NSSTrustDomain_GetDefaultCallback
- *
- */
-
-NSS_EXTERN NSSCallback *
-NSSTrustDomain_GetDefaultCallback
-(
-  NSSTrustDomain *td,
-  PRStatus *statusOpt
-);
-
-/*
- * Default policies?
- * Default usage?
- * Default time, for completeness?
- */
-
-/*
- * NSSTrustDomain_LoadModule
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_LoadModule
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *moduleOpt,
-  NSSUTF8 *uriOpt,
-  NSSUTF8 *opaqueOpt,
-  void *reserved
-);
-
-/*
- * NSSTrustDomain_AddModule
- * NSSTrustDomain_AddSlot
- * NSSTrustDomain_UnloadModule
- * Managing modules, slots, tokens; priorities;
- * Traversing all of the above
- * this needs more work
- */
-
-/*
- * NSSTrustDomain_DisableToken
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_DisableToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token,
-  NSSError why
-);
-
-/*
- * NSSTrustDomain_EnableToken
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_EnableToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-);
-
-/*
- * NSSTrustDomain_IsTokenEnabled
- *
- * If disabled, "why" is always on the error stack.
- * The optional argument is just for convenience.
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_IsTokenEnabled
-(
-  NSSTrustDomain *td,
-  NSSToken *token,
-  NSSError *whyOpt
-);
-
-/*
- * NSSTrustDomain_FindSlotByName
- *
- */
-
-NSS_EXTERN NSSSlot *
-NSSTrustDomain_FindSlotByName
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *slotName
-);
-
-/*
- * NSSTrustDomain_FindTokenByName
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenByName
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *tokenName
-);
-
-/*
- * NSSTrustDomain_FindTokenBySlotName
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenBySlotName
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *slotName
-);
-
-/*
- * NSSTrustDomain_FindBestTokenForAlgorithm
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenForAlgorithm
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithm
-);
-
-/*
- * NSSTrustDomain_FindBestTokenForAlgorithms
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindBestTokenForAlgorithms
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithms[], /* may be null-terminated */
-  PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
-);
-
-/*
- * NSSTrustDomain_Login
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Login
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_Logout
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Logout
-(
-  NSSTrustDomain *td
-);
-
-/* Importing things */
-
-/*
- * NSSTrustDomain_ImportCertificate
- *
- * The implementation will pull some data out of the certificate
- * (e.g. e-mail address) for use in pkcs#11 object attributes.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportCertificate
-(
-  NSSTrustDomain *td,
-  NSSCertificate *c
-);
-
-/*
- * NSSTrustDomain_ImportPKIXCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate
-(
-  NSSTrustDomain *td,
-  /* declared as a struct until these "data types" are defined */
-  struct NSSPKIXCertificateStr *pc
-);
-
-/*
- * NSSTrustDomain_ImportEncodedCertificate
- *
- * Imports any type of certificate we support.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate
-(
-  NSSTrustDomain *td,
-  NSSBER *ber
-);
-
-/*
- * NSSTrustDomain_ImportEncodedCertificateChain
- *
- * If you just want the leaf, pass in a maximum of one.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain
-(
-  NSSTrustDomain *td,
-  NSSBER *ber,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_ImportEncodedPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSTrustDomain_ImportEncodedPrivateKey
-(
-  NSSTrustDomain *td,
-  NSSBER *ber,
-  NSSItem *passwordOpt, /* NULL will cause a callback */
-  NSSCallback *uhhOpt,
-  NSSToken *destination
-);
-
-/*
- * NSSTrustDomain_ImportEncodedPublicKey
- *
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSTrustDomain_ImportEncodedPublicKey
-(
-  NSSTrustDomain *td,
-  NSSBER *ber
-);
-
-/* Other importations: S/MIME capabilities */
-
-/*
- * NSSTrustDomain_FindBestCertificateByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *name,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *name,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
-(
-  NSSTrustDomain *td,
-  NSSDER *issuer,
-  NSSDER *serialNumber
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByIssuerAndSerialNumber
- *
- * Theoretically, this should never happen.  However, some companies
- * we know have issued duplicate certificates with the same issuer
- * and serial number.  Do we just ignore them?  I'm thinking yes.
- */
-
-/*
- * NSSTrustDomain_FindBestCertificateBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER /*NSSUTF8*/ *subject,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER /*NSSUTF8*/ *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestCertificateByNameComponents
- *
- * This call does try several tricks, including a pseudo pkcs#11 
- * attribute for the ldap module to try as a query.  Eventually
- * this call falls back to a traversal if that's what's required.
- * It will search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nameComponents,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByNameComponents
- *
- * This call, too, tries several tricks.  It will stop on the first
- * attempt that generates results, so it won't e.g. traverse the
- * entire ldap database.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nameComponents,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate
-(
-  NSSTrustDomain *td,
-  NSSBER *encodedCertificate
-);
-
-/*
- * NSSTrustDomain_FindBestCertificateByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEmail
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *email,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *email,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByOCSPHash
- *
- * There can be only one.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash
-(
-  NSSTrustDomain *td,
-  NSSItem *hash
-);
-
-/*
- * NSSTrustDomain_TraverseCertificates
- *
- * This function descends from one in older versions of NSS which
- * traverses the certs in the permanent database.  That function
- * was used to implement selection routines, but was directly
- * available too.  Trust domains are going to contain a lot more
- * certs now (e.g., an ldap server), so we'd really like to
- * discourage traversal.  Thus for now, this is commented out.
- * If it's needed, let's look at the situation more closely to
- * find out what the actual requirements are.
- */
- 
-/* For now, adding this function.  This may only be for debugging
- * purposes.
- * Perhaps some equivalent function, on a specified token, will be
- * needed in a "friend" header file?
- */
-NSS_EXTERN PRStatus *
-NSSTrustDomain_TraverseCertificates
-(
-  NSSTrustDomain *td,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate
-(
-  NSSTrustDomain *td,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificates
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificates
-(
-  NSSTrustDomain *td,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificatesForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificateForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *signerOpt,
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificatesForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *signerOpt,
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-);
-
-/*
- * Here is where we'd add more Find[Best]UserCertificate[s]For<usage>
- * routines.
- */
-
-/* Private Keys */
-
-/*
- * NSSTrustDomain_GenerateKeyPair
- *
- * Creates persistant objects.  If you want session objects, use
- * NSSCryptoContext_GenerateKeyPair.  The destination token is where
- * the keys are stored.  If that token can do the required math, then
- * that's where the keys are generated too.  Otherwise, the keys are
- * generated elsewhere and moved to that token.
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_GenerateKeyPair
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap,
-  NSSPrivateKey **pvkOpt,
-  NSSPublicKey **pbkOpt,
-  PRBool privateKeyIsSensitive,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_TraversePrivateKeys
- *
- * 
- * NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraversePrivateKeys
- * (
- *   NSSTrustDomain *td,
- *   PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
- *   void *arg
- * );
- */
-
-/* Symmetric Keys */
-
-/*
- * NSSTrustDomain_GenerateSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap,
-  PRUint32 keysize,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_GenerateSymmetricKeyFromPassword
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap,
-  NSSUTF8 *passwordOpt, /* if null, prompt */
-  NSSToken *destinationOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
- *
- * Is this still needed?
- * 
- * NSS_EXTERN NSSSymmetricKey *
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
- * (
- *   NSSTrustDomain *td,
- *   NSSOID *algorithm,
- *   NSSCallback *uhhOpt
- * );
- */
-
-/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithm,
-  NSSItem *keyID,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_TraverseSymmetricKeys
- *
- * 
- * NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraverseSymmetricKeys
- * (
- *   NSSTrustDomain *td,
- *   PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
- *   void *arg
- * );
- */
-
-/*
- * NSSTrustDomain_CreateCryptoContext
- *
- * If a callback object is specified, it becomes the for the crypto
- * context; otherwise, this trust domain's default (if any) is
- * inherited.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContext
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_CreateCryptoContextForAlgorithm
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithm
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithm
-);
-
-/*
- * NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap
-);
-
-/* find/traverse other objects, e.g. s/mime profiles */
-
-/*
- * NSSCryptoContext
- *
- * A crypto context is sort of a short-term snapshot of a trust domain,
- * used for the life of "one crypto operation."  You can also think of
- * it as a "temporary database."
- * 
- * Just about all of the things you can do with a trust domain -- importing
- * or creating certs, keys, etc. -- can be done with a crypto context.
- * The difference is that the objects will be temporary ("session") objects.
- * 
- * Also, if the context was created for a key, cert, and/or algorithm; or
- * if such objects have been "associated" with the context, then the context
- * can do everything the keys can, like crypto operations.
- * 
- * And finally, because it keeps the state of the crypto operations, it
- * can do streaming crypto ops.
- */
-
-/*
- * NSSTrustDomain_Destroy
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_Destroy
-(
-  NSSCryptoContext *cc
-);
-
-/* establishing a default callback */
-
-/*
- * NSSCryptoContext_SetDefaultCallback
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_SetDefaultCallback
-(
-  NSSCryptoContext *cc,
-  NSSCallback *newCallback,
-  NSSCallback **oldCallbackOpt
-);
-
-/*
- * NSSCryptoContext_GetDefaultCallback
- *
- */
-
-NSS_EXTERN NSSCallback *
-NSSCryptoContext_GetDefaultCallback
-(
-  NSSCryptoContext *cc,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSCryptoContext_GetTrustDomain
- *
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSCryptoContext_GetTrustDomain
-(
-  NSSCryptoContext *cc
-);
-
-/* AddModule, etc: should we allow "temporary" changes here? */
-/* DisableToken, etc: ditto */
-/* Ordering of tokens? */
-/* Finding slots+token etc. */
-/* login+logout */
-
-/* Importing things */
-
-/*
- * NSSCryptoContext_ImportCertificate
- *
- * If there's not a "distinguished certificate" for this context, this
- * sets the specified one to be it.
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ImportCertificate
-(
-  NSSCryptoContext *cc,
-  NSSCertificate *c
-);
-
-/*
- * NSSCryptoContext_ImportPKIXCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_ImportPKIXCertificate
-(
-  NSSCryptoContext *cc,
-  struct NSSPKIXCertificateStr *pc
-);
-
-/*
- * NSSCryptoContext_ImportEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_ImportEncodedCertificate
-(
-  NSSCryptoContext *cc,
-  NSSBER *ber
-);
-
-/*
- * NSSCryptoContext_ImportEncodedPKIXCertificateChain
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ImportEncodedPKIXCertificateChain
-(
-  NSSCryptoContext *cc,
-  NSSBER *ber
-);
-
-/* Other importations: S/MIME capabilities
- */
-
-/*
- * NSSCryptoContext_FindBestCertificateByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNickname
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *name,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByNickname
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *name,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
-(
-  NSSCryptoContext *cc,
-  NSSDER *issuer,
-  NSSDER *serialNumber
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateBySubject
-(
-  NSSCryptoContext *cc,
-  NSSDER /*NSSUTF8*/ *subject,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesBySubject
-(
-  NSSCryptoContext *cc,
-  NSSDER /*NSSUTF8*/ *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateByNameComponents
- *
- * This call does try several tricks, including a pseudo pkcs#11 
- * attribute for the ldap module to try as a query.  Eventually
- * this call falls back to a traversal if that's what's required.
- * It will search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNameComponents
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *nameComponents,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByNameComponents
- *
- * This call, too, tries several tricks.  It will stop on the first
- * attempt that generates results, so it won't e.g. traverse the
- * entire ldap database.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByNameComponents
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *nameComponents,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByEncodedCertificate
-(
-  NSSCryptoContext *cc,
-  NSSBER *encodedCertificate
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByEmail
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *email,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByEmail
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *email,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByOCSPHash
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByOCSPHash
-(
-  NSSCryptoContext *cc,
-  NSSItem *hash
-);
-
-/*
- * NSSCryptoContext_TraverseCertificates
- *
- * 
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraverseCertificates
- * (
- *   NSSCryptoContext *cc,
- *   PRStatus (*callback)(NSSCertificate *c, void *arg),
- *   void *arg
- * );
- */
-
-/*
- * NSSCryptoContext_FindBestUserCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificate
-(
-  NSSCryptoContext *cc,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificates
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindUserCertificates
-(
-  NSSCryptoContext *cc,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificatesForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindUserCertificatesForSSLClientAuth
-(
-  NSSCryptoContext *cc,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestUserCertificateForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForEmailSigning
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *signerOpt,
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificatesForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindUserCertificatesForEmailSigning
-(
-  NSSCryptoContext *cc,
-  NSSASCII7 *signerOpt, /* fgmr or a more general name? */
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-);
-
-/* Private Keys */
-
-/*
- * NSSCryptoContext_GenerateKeyPair
- *
- * Creates session objects.  If you want persistant objects, use
- * NSSTrustDomain_GenerateKeyPair.  The destination token is where
- * the keys are stored.  If that token can do the required math, then
- * that's where the keys are generated too.  Otherwise, the keys are
- * generated elsewhere and moved to that token.
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_GenerateKeyPair
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *ap,
-  NSSPrivateKey **pvkOpt,
-  NSSPublicKey **pbkOpt,
-  PRBool privateKeyIsSensitive,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_TraversePrivateKeys
- *
- * 
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraversePrivateKeys
- * (
- *   NSSCryptoContext *cc,
- *   PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
- *   void *arg
- * );
- */
-
-/* Symmetric Keys */
-
-/*
- * NSSCryptoContext_GenerateSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *ap,
-  PRUint32 keysize,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_GenerateSymmetricKeyFromPassword
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKeyFromPassword
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *ap,
-  NSSUTF8 *passwordOpt, /* if null, prompt */
-  NSSToken *destinationOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_FindSymmetricKeyByAlgorithm
- *
- * 
- * NSS_EXTERN NSSSymmetricKey *
- * NSSCryptoContext_FindSymmetricKeyByType
- * (
- *   NSSCryptoContext *cc,
- *   NSSOID *type,
- *   NSSCallback *uhhOpt
- * );
- */
-
-/*
- * NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
-(
-  NSSCryptoContext *cc,
-  NSSOID *algorithm,
-  NSSItem *keyID,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_TraverseSymmetricKeys
- *
- * 
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraverseSymmetricKeys
- * (
- *   NSSCryptoContext *cc,
- *   PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
- *   void *arg
- * );
- */
-
-/* Crypto ops on distinguished keys */
-
-/*
- * NSSCryptoContext_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Decrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *encryptedData,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginDecrypt
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginDecrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueDecrypt
- *
- */
-
-/*
- * NSSItem semantics:
- *
- *   If rvOpt is NULL, a new NSSItem and buffer are allocated.
- *   If rvOpt is not null, but the buffer pointer is null,
- *     then rvOpt is returned but a new buffer is allocated.
- *     In this case, if the length value is not zero, then
- *     no more than that much space will be allocated.
- *   If rvOpt is not null and the buffer pointer is not null,
- *     then that buffer is re-used.  No more than the buffer
- *     length value will be used; if it's not enough, an
- *     error is returned.  If less is used, the number is
- *     adjusted downwards.
- *
- *  Note that although this is short of some ideal "Item"
- *  definition, we can usually tell how big these buffers
- *  have to be.
- *
- *  Feedback is requested; and earlier is better than later.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueDecrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishDecrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishDecrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Sign
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginSign
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginSign
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueSign
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueSign
-(
-  NSSCryptoContext *cc,
-  NSSItem *data
-);
-
-/*
- * NSSCryptoContext_FinishSign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishSign
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_SignRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginSignRecover
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginSignRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueSignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueSignRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishSignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishSignRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_DeriveSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSPublicKey *bk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt, /* zero for best allowed */
-  NSSOperations operations,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_Encrypt
- *
- * Encrypt a single chunk of data with the distinguished public key
- * of this crypto context.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Encrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginEncrypt
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginEncrypt
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueEncrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueEncrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishEncrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishEncrypt
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_Verify
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_BeginVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginVerify
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueVerify
-(
-  NSSCryptoContext *cc,
-  NSSItem *data
-);
-
-/*
- * NSSCryptoContext_FinishVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_FinishVerify
-(
-  NSSCryptoContext *cc
-);
-
-/*
- * NSSCryptoContext_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_VerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginVerifyRecover
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginVerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueVerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueVerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *data,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishVerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishVerifyRecover
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_WrapSymmetricKey
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Digest
- *
- * Digest a single chunk of data with the distinguished digest key
- * of this crypto context.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Digest
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhhOpt,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginDigest
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginDigest
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueDigest
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueDigest
-(
-  NSSCryptoContext *cc,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *item
-);
-
-/*
- * NSSCryptoContext_FinishDigest
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishDigest
-(
-  NSSCryptoContext *cc,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * tbd: Combination ops
- */
-
-/*
- * NSSCryptoContext_Clone
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSCryptoContext_Clone
-(
-  NSSCryptoContext *cc
-);
-
-/*
- * NSSCryptoContext_Save
- * NSSCryptoContext_Restore
- *
- * We need to be able to save and restore the state of contexts.
- * Perhaps a mark-and-release mechanism would be better?
- */
-
-/*
- * ..._SignTBSCertificate
- *
- * This requires feedback from the cert server team.
- */
-
-/*
- * PRBool NSSCertificate_GetIsTrustedFor{xxx}(NSSCertificate *c);
- * PRStatus NSSCertificate_SetIsTrustedFor{xxx}(NSSCertificate *c, PRBool trusted);
- *
- * These will be helper functions which get the trust object for a cert,
- * and then call the corresponding function(s) on it.
- *
- * PKIX trust objects will have methods to manipulate the low-level trust
- * bits (which are based on key usage and extended key usage), and also the
- * conceptual high-level usages (e.g. ssl client auth, email encryption, etc.)
- *
- * Other types of trust objects (if any) might have different low-level
- * representations, but hopefully high-level concepts would map.
- *
- * Only these high-level general routines would be promoted to the
- * general certificate level here.  Hence the {xxx} above would be things
- * like "EmailSigning."
- *
- *
- * NSSPKIXTrust *NSSCertificate_GetPKIXTrustObject(NSSCertificate *c);
- * PRStatus NSSCertificate_SetPKIXTrustObject(NSSCertificate *c, NSPKIXTrust *t);
- *
- * I want to hold off on any general trust object until we've investigated
- * other models more thoroughly.
- */
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKI_H */
diff --git a/security/nss/lib/pki/nsspkit.h b/security/nss/lib/pki/nsspkit.h
deleted file mode 100644
index 6083ac0f8..000000000
--- a/security/nss/lib/pki/nsspkit.h
+++ /dev/null
@@ -1,271 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIT_H
-#define NSSPKIT_H
-
-#ifdef DEBUG
-static const char NSSPKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkit.h
- *
- * This file defines the types of the top-level PKI objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSCertificate
- *
- * This is the public representation of a Certificate.  The certificate
- * may be one found on a smartcard or other token, one decoded from data
- * received as part of a protocol, one constructed from constituent
- * parts, etc.  Usually it is associated with ("in") a trust domain; as
- * it can be verified only within a trust domain.  The underlying type
- * of certificate may be of any supported standard, e.g. PKIX, PGP, etc.
- *
- * People speak of "verifying (with) the server's, or correspondant's, 
- * certificate"; for simple operations we support that simplification
- * by implementing public-key crypto operations as methods on this type.
- */
-
-struct NSSCertificateStr;
-typedef struct NSSCertificateStr NSSCertificate;
-
-/*
- * NSSUserCertificate
- *
- * A ``User'' certificate is one for which the private key is available.
- * People speak of "using my certificate to sign my email" and "using
- * my certificate to authenticate to (or login to) the server"; for
- * simple operations, we support that simplification by implementing
- * private-key crypto operations as methods on this type.
- *
- * The current design only weakly distinguishes between certificates
- * and user certificates: as far as the compiler goes they're 
- * interchangable; debug libraries only have one common pointer-tracker;
- * etc.  However, attempts to do private-key operations on a certificate
- * for which the private key is not available will fail.
- *
- * Open design question: should these types be more firmly separated?
- */
-
-typedef NSSCertificate NSSUserCertificate;
-
-/*
- * NSSPrivateKey
- *
- * This is the public representation of a Private Key.  In general,
- * the actual value of the key is not available, but operations may
- * be performed with it.
- */
-
-struct NSSPrivateKeyStr;
-typedef struct NSSPrivateKeyStr NSSPrivateKey;
-
-/*
- * NSSPublicKey
- *
- */
-
-struct NSSPublicKeyStr;
-typedef struct NSSPublicKeyStr NSSPublicKey;
-
-/*
- * NSSSymmetricKey
- *
- */
-
-struct NSSSymmetricKeyStr;
-typedef struct NSSSymmetricKeyStr NSSSymmetricKey;
-
-/*
- * NSSTrustDomain
- *
- * A Trust Domain is the field in which certificates may be validated.
- * A trust domain will generally have one or more cryptographic modules
- * open; these modules perform the cryptographic operations, and 
- * provide the basic "root" trust information from which the trust in
- * a specific certificate or key depends.
- *
- * A client program, or a simple server, would typically have one
- * trust domain.  A server supporting multiple "virtual servers" might
- * have a separate trust domain for each virtual server.  The separate
- * trust domains might share some modules (e.g., a hardware crypto
- * accelerator) but not others (e.g., the tokens storing the different
- * servers' private keys, or the databases with each server's trusted
- * root certificates).
- *
- * This object descends from the "permananet database" in the old code.
- */
-
-struct NSSTrustDomainStr;
-typedef struct NSSTrustDomainStr NSSTrustDomain;
-
-/*
- * NSSCryptoContext
- *
- * A Crypto Context is a short-term, "helper" object which is used
- * for the lifetime of one ongoing "crypto operation."  Such an
- * operation may be the creation of a signed message, the use of an
- * TLS socket connection, etc.  Each crypto context is "in" a
- * specific trust domain, and it may have associated with it a
- * distinguished certificate, public key, private key, and/or
- * symmetric key.  It can also temporarily hold and use temporary
- * data (e.g. intermediate certificates) which is not stored
- * permanently in the trust domain.
- *
- * In OO terms, this interface inherits interfaces from the trust
- * domain, the certificates, and the keys.  It also provides
- * streaming crypto operations.
- *
- * This object descends from the "temporary database" concept in the
- * old code, but it has changed a lot as a result of what we've 
- * learned.
- */
-
-typedef struct NSSCryptoContextStr NSSCryptoContext;
-
-/*
- * fgmr others
- */
-
-/* 
- * NSSTime
- *
- * Unfortunately, we need an "exceptional" value to indicate
- * an error upon return, or "no value" on input.  Note that zero
- * is a perfectly valid value for both time_t and PRTime.
- *
- * If we were to create a "range" object, with two times for
- * Not Before and Not After, we would have an obvious place for
- * the somewhat arbitrary logic involved in comparing them.
- *
- * Failing that, let's have an NSSTime_CompareRanges function.
- */
-
-struct NSSTimeStr;
-typedef struct NSSTimeStr NSSTime;
-
-struct NSSTrustStr;
-typedef struct NSSTrustStr NSSTrust;
-
-/*
- * NSSUsage
- *
- * This is trickier than originally planned; I'll write up a
- * doc on it.
- *
- * We'd still like nsspki.h to have a list of common usages,
- * e.g.:
- *
- *  extern const NSSUsage *NSSUsage_ClientAuth;
- *  extern const NSSUsage *NSSUsage_ServerAuth;
- *  extern const NSSUsage *NSSUsage_SignEmail;
- *  extern const NSSUsage *NSSUsage_EncryptEmail;
- *  etc.
- */
-
-struct NSSUsageStr;
-typedef struct NSSUsageStr NSSUsage;
-
-/*
- * NSSPolicies
- *
- * Placeholder, for now.
- */
-
-struct NSSPoliciesStr;
-typedef struct NSSPoliciesStr NSSPolicies;
-
-/*
- * NSSAlgorithmAndParameters
- *
- * Algorithm is an OID
- * Parameters depend on the algorithm
- */
-
-struct NSSAlgorithmAndParametersStr;
-typedef struct NSSAlgorithmAndParametersStr NSSAlgorithmAndParameters;
-
-/*
- * NSSCallback
- *
- * At minimum, a "challenge" method and a closure argument.
- * Usually the challenge will just be prompting for a password.
- * How OO do we want to make it?
- */
-
-typedef struct NSSCallbackStr NSSCallback;
-
-struct NSSCallbackStr {
-    /* Prompt for a password to initialize a slot.  */
-    PRStatus (* getInitPW)(NSSUTF8 *slotName, void *arg, 
-                           NSSUTF8 **ssoPW, NSSUTF8 **userPW); 
-    /* Prompt for oldPW and newPW in order to change the 
-     * password on a slot.  
-     */
-    PRStatus (* getNewPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
-                          NSSUTF8 **oldPW, NSSUTF8 **newPW); 
-    /* Prompt for slot password.  */
-    PRStatus (* getPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
-                       NSSUTF8 **password); 
-    void *arg;
-};
-
-/* set errors - user cancelled, ... */
-
-typedef PRUint32 NSSOperations;
-/* 1) Do we want these to be preprocessor definitions or constants? */
-/* 2) What is the correct and complete list? */
-
-#define NSSOperations_ENCRYPT           0x0001
-#define NSSOperations_DECRYPT           0x0002
-#define NSSOperations_WRAP              0x0004
-#define NSSOperations_UNWRAP            0x0008
-#define NSSOperations_SIGN              0x0010
-#define NSSOperations_SIGN_RECOVER      0x0020
-#define NSSOperations_VERIFY            0x0040
-#define NSSOperations_VERIFY_RECOVER    0x0080
-
-struct NSSPKIXCertificateStr;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIT_H */
diff --git a/security/nss/lib/pki/pki.h b/security/nss/lib/pki/pki.h
deleted file mode 100644
index d9af582b0..000000000
--- a/security/nss/lib/pki/pki.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI_H
-#define PKI_H
-
-#ifdef DEBUG
-static const char PKI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSCallback *
-nssTrustDomain_GetDefaultCallback
-(
-  NSSTrustDomain *td,
-  PRStatus *statusOpt
-);
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSTrust *
-nssTrustDomain_FindTrustForCertificate
-(
-  NSSTrustDomain *td,
-  NSSCertificate *c
-);
-
-NSS_EXTERN NSSCertificate *
-nssCertificate_AddRef
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN PRStatus
-nssCertificate_Destroy
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetEncoding
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetIssuer
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetSerialNumber
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN NSSDER *
-nssCertificate_GetSubject
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN NSSUTF8 *
-nssCertificate_GetNickname
-(
-  NSSCertificate *c,
-  NSSToken *tokenOpt
-);
-
-NSS_EXTERN NSSASCII7 *
-nssCertificate_GetEmailAddress
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN PRBool
-nssCertificate_IssuerAndSerialEqual
-(
-  NSSCertificate *c1,
-  NSSCertificate *c2
-);
-
-NSS_EXTERN NSSPrivateKey *
-nssPrivateKey_AddRef
-(
-  NSSPrivateKey *vk
-);
-
-NSS_EXTERN PRStatus
-nssPrivateKey_Destroy
-(
-  NSSPrivateKey *vk
-);
-
-NSS_EXTERN NSSItem *
-nssPrivateKey_GetID
-(
-  NSSPrivateKey *vk
-);
-
-NSS_EXTERN NSSUTF8 *
-nssPrivateKey_GetNickname
-(
-  NSSPrivateKey *vk,
-  NSSToken *tokenOpt
-);
-
-NSS_EXTERN PRStatus
-nssPublicKey_Destroy
-(
-  NSSPublicKey *bk
-);
-
-NSS_EXTERN NSSItem *
-nssPublicKey_GetID
-(
-  NSSPublicKey *vk
-);
-
-NSS_EXTERN NSSCertificate **
-nssCryptoContext_FindCertificatesBySubject
-(
-  NSSCryptoContext *cc,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/* putting here for now, needs more thought */
-NSS_EXTERN PRStatus
-nssCryptoContext_ImportTrust
-(
-  NSSCryptoContext *cc,
-  NSSTrust *trust
-);
-
-NSS_EXTERN NSSTrust *
-nssCryptoContext_FindTrustForCertificate
-(
-  NSSCryptoContext *cc,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN PRStatus
-nssCryptoContext_ImportSMIMEProfile
-(
-  NSSCryptoContext *cc,
-  nssSMIMEProfile *profile
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssCryptoContext_FindSMIMEProfileForCertificate
-(
-  NSSCryptoContext *cc,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN NSSTrust *
-nssTrust_AddRef
-(
-  NSSTrust *trust
-);
-
-NSS_EXTERN PRStatus
-nssTrust_Destroy
-(
-  NSSTrust *trust
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssSMIMEProfile_AddRef
-(
-  nssSMIMEProfile *profile
-);
-
-NSS_EXTERN PRStatus
-nssSMIMEProfile_Destroy
-(
-  nssSMIMEProfile *profile
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssSMIMEProfile_Create
-(
-  NSSCertificate *cert,
-  NSSItem *profileTime,
-  NSSItem *profileData
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKI_H */
diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c
deleted file mode 100644
index 4f7638ccc..000000000
--- a/security/nss/lib/pki/pki3hack.c
+++ /dev/null
@@ -1,972 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * Hacks to integrate NSS 3.4 and NSS 4.0 certificates.
- */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVNSS3HACK_H
-#include "dev3hack.h"
-#endif /* DEVNSS3HACK_H */
-
-#ifndef PKINSS3HACK_H
-#include "pki3hack.h"
-#endif /* PKINSS3HACK_H */
-
-#include "secitem.h"
-#include "certdb.h"
-#include "certt.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "pkistore.h"
-#include "secmod.h"
-
-NSSTrustDomain *g_default_trust_domain = NULL;
-
-NSSCryptoContext *g_default_crypto_context = NULL;
-
-NSSTrustDomain *
-STAN_GetDefaultTrustDomain()
-{
-    return g_default_trust_domain;
-}
-
-NSSCryptoContext *
-STAN_GetDefaultCryptoContext()
-{
-    return g_default_crypto_context;
-}
-
-NSS_IMPLEMENT PRStatus
-STAN_LoadDefaultNSS3TrustDomain
-(
-  void
-)
-{
-    NSSTrustDomain *td;
-    NSSToken *token;
-    SECMODModuleList *mlp;
-    SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
-    int i;
-
-    td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
-    if (!td) {
-	return PR_FAILURE;
-    }
-    td->tokenList = nssList_Create(td->arena, PR_TRUE);
-    SECMOD_GetReadLock(moduleLock);
-    for (mlp = SECMOD_GetDefaultModuleList(); mlp != NULL; mlp=mlp->next) {
-	for (i=0; i < mlp->module->slotCount; i++) {
-	    token = nssToken_CreateFromPK11SlotInfo(td, mlp->module->slots[i]);
-	    PK11Slot_SetNSSToken(mlp->module->slots[i], token);
-	    nssList_Add(td->tokenList, token);
-	}
-    }
-    SECMOD_ReleaseReadLock(moduleLock);
-    td->tokens = nssList_CreateIterator(td->tokenList);
-    g_default_trust_domain = td;
-    g_default_crypto_context = NSSTrustDomain_CreateCryptoContext(td, NULL);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT SECStatus
-STAN_AddModuleToDefaultTrustDomain
-(
-  SECMODModule *module
-)
-{
-    NSSToken *token;
-    NSSTrustDomain *td;
-    int i;
-    td = STAN_GetDefaultTrustDomain();
-    for (i=0; i<module->slotCount; i++) {
-	token = nssToken_CreateFromPK11SlotInfo(td, module->slots[i]);
-	PK11Slot_SetNSSToken(module->slots[i], token);
-	nssList_Add(td->tokenList, token);
-    }
-    nssListIterator_Destroy(td->tokens);
-    td->tokens = nssList_CreateIterator(td->tokenList);
-    return SECSuccess;
-}
-
-NSS_IMPLEMENT SECStatus
-STAN_RemoveModuleFromDefaultTrustDomain
-(
-  SECMODModule *module
-)
-{
-    NSSToken *token;
-    NSSTrustDomain *td;
-    int i;
-    td = STAN_GetDefaultTrustDomain();
-    for (i=0; i<module->slotCount; i++) {
-	token = PK11Slot_GetNSSToken(module->slots[i]);
-	if (token) {
-	    nssToken_NotifyCertsNotVisible(token);
-	    nssList_Remove(td->tokenList, token);
-	    PK11Slot_SetNSSToken(module->slots[i], NULL);
-	    nssToken_Destroy(token);
- 	}
-    }
-    nssListIterator_Destroy(td->tokens);
-    td->tokens = nssList_CreateIterator(td->tokenList);
-    return SECSuccess;
-}
-
-NSS_IMPLEMENT void
-STAN_Shutdown()
-{
-    if (g_default_trust_domain) {
-	NSSTrustDomain_Destroy(g_default_trust_domain);
-    }
-    if (g_default_crypto_context) {
-	NSSCryptoContext_Destroy(g_default_crypto_context);
-    }
-}
-
-/* this function should not be a hack; it will be needed in 4.0 (rename) */
-NSS_IMPLEMENT NSSItem *
-STAN_GetCertIdentifierFromDER(NSSArena *arenaOpt, NSSDER *der)
-{
-    NSSItem *rvKey;
-    SECItem secDER;
-    SECItem secKey = { 0 };
-    SECStatus secrv;
-    PRArenaPool *arena;
-
-    SECITEM_FROM_NSSITEM(&secDER, der);
-
-    /* nss3 call uses nss3 arena's */
-    arena = PORT_NewArena(256);
-    if (!arena) {
-	return NULL;
-    }
-    secrv = CERT_KeyFromDERCert(arena, &secDER, &secKey);
-    if (secrv != SECSuccess) {
-	return NULL;
-    }
-    rvKey = nssItem_Create(arenaOpt, NULL, secKey.len, (void *)secKey.data);
-    PORT_FreeArena(arena,PR_FALSE);
-    return rvKey;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena, 
-                                     NSSDER *issuer, NSSDER *serial)
-{
-    SECStatus secrv;
-    SECItem derCert;
-    SECItem derIssuer = { 0 };
-    SECItem derSerial = { 0 };
-    SECITEM_FROM_NSSITEM(&derCert, der);
-    secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
-    if (secrv != SECSuccess) {
-	return PR_FAILURE;
-    }
-    (void)nssItem_Create(arena, serial, derSerial.len, derSerial.data);
-    secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
-    if (secrv != SECSuccess) {
-	PORT_Free(derSerial.data);
-	return PR_FAILURE;
-    }
-    (void)nssItem_Create(arena, issuer, derIssuer.len, derIssuer.data);
-    PORT_Free(derSerial.data);
-    PORT_Free(derIssuer.data);
-    return PR_SUCCESS;
-}
-
-static NSSItem *
-nss3certificate_getIdentifier(nssDecodedCert *dc)
-{
-    NSSItem *rvID;
-    CERTCertificate *c = (CERTCertificate *)dc->data;
-    rvID = nssItem_Create(NULL, NULL, c->certKey.len, c->certKey.data);
-    return rvID;
-}
-
-static NSSItem *
-nss3certificate_getIssuerIdentifier(nssDecodedCert *dc)
-{
-    CERTCertificate *c = (CERTCertificate *)dc->data;
-    CERTAuthKeyID *cAuthKeyID;
-    PRArenaPool *tmpArena = NULL;
-    NSSItem *rvID = NULL;
-    tmpArena = PORT_NewArena(512);
-    cAuthKeyID = CERT_FindAuthKeyIDExten(tmpArena, c);
-    if (cAuthKeyID == NULL) {
-	goto done;
-    }
-    if (cAuthKeyID->keyID.data) {
-	rvID = nssItem_Create(NULL, NULL, cAuthKeyID->keyID.len, 
-						cAuthKeyID->keyID.data);
-    } else if (cAuthKeyID->authCertIssuer) {
-	SECItem *caName = NULL;
-	CERTIssuerAndSN issuerSN;
-	CERTCertificate *issuer = NULL;
-
-	caName = (SECItem *)CERT_GetGeneralNameByType(
-	                                        cAuthKeyID->authCertIssuer,
-						certDirectoryName, PR_TRUE);
-	if (caName == NULL) {
-	    goto done;
-	}
-	issuerSN.derIssuer.data = caName->data;
-	issuerSN.derIssuer.len = caName->len;
-	issuerSN.serialNumber.data = cAuthKeyID->authCertSerialNumber.data;
-	issuerSN.serialNumber.len = cAuthKeyID->authCertSerialNumber.len;
-	issuer = PK11_FindCertByIssuerAndSN(NULL, &issuerSN, NULL);
-	if (issuer) {
-	    rvID = nssItem_Create(NULL, NULL, issuer->subjectKeyID.len, 
-	    			issuer->subjectKeyID.data);
-	    CERT_DestroyCertificate(issuer);
-	}
-    }
-done:
-    if (tmpArena) PORT_FreeArena(tmpArena, PR_FALSE);
-    return rvID;
-}
-
-static PRBool
-nss3certificate_matchIdentifier(nssDecodedCert *dc, NSSItem *id)
-{
-    CERTCertificate *c = (CERTCertificate *)dc->data;
-    SECItem *subjectKeyID, authKeyID;
-    subjectKeyID = &c->subjectKeyID;
-    SECITEM_FROM_NSSITEM(&authKeyID, id);
-    if (SECITEM_CompareItem(subjectKeyID, &authKeyID) == SECEqual) {
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-static NSSUsage *
-nss3certificate_getUsage(nssDecodedCert *dc)
-{
-    /* CERTCertificate *c = (CERTCertificate *)dc->data; */
-    return NULL;
-}
-
-static PRBool 
-nss3certificate_isValidAtTime(nssDecodedCert *dc, NSSTime *time)
-{
-    SECCertTimeValidity validity;
-    CERTCertificate *c = (CERTCertificate *)dc->data;
-    validity = CERT_CheckCertValidTimes(c, NSSTime_GetPRTime(time), PR_TRUE);
-    if (validity == secCertTimeValid) {
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-static PRBool 
-nss3certificate_isNewerThan(nssDecodedCert *dc, nssDecodedCert *cmpdc)
-{
-    /* I know this isn't right, but this is glue code anyway */
-    if (cmpdc->type == dc->type) {
-	CERTCertificate *certa = (CERTCertificate *)dc->data;
-	CERTCertificate *certb = (CERTCertificate *)cmpdc->data;
-	return CERT_IsNewer(certa, certb);
-    }
-    return PR_FALSE;
-}
-
-/* CERT_FilterCertListByUsage */
-static PRBool
-nss3certificate_matchUsage(nssDecodedCert *dc, NSSUsage *usage)
-{
-    SECStatus secrv;
-    unsigned int requiredKeyUsage;
-    unsigned int requiredCertType;
-    unsigned int certType;
-    PRBool match;
-    CERTCertificate *cc = (CERTCertificate *)dc->data;
-    SECCertUsage secUsage = usage->nss3usage;
-    PRBool ca = usage->nss3lookingForCA;
-    secrv = CERT_KeyUsageAndTypeForCertUsage(secUsage, ca,
-                                             &requiredKeyUsage,
-                                             &requiredCertType);
-    if (secrv != SECSuccess) {
-	return PR_FALSE;
-    }
-    match = PR_TRUE;
-    secrv = CERT_CheckKeyUsage(cc, requiredKeyUsage);
-    if (secrv != SECSuccess) {
-	match = PR_FALSE;
-    }
-    if (ca) {
-	(void)CERT_IsCACert(cc, &certType);
-    } else {
-	certType = cc->nsCertType;
-    }
-    if (!(certType & requiredCertType)) {
-	match = PR_FALSE;
-    }
-    return match;
-}
-
-static NSSASCII7 *
-nss3certificate_getEmailAddress(nssDecodedCert *dc)
-{
-    CERTCertificate *cc = (CERTCertificate *)dc->data;
-    return cc ? (NSSASCII7 *)cc->emailAddr : NULL;
-}
-
-static PRStatus
-nss3certificate_getDERSerialNumber(nssDecodedCert *dc, 
-                                   NSSDER *serial, NSSArena *arena)
-{
-    CERTCertificate *cc = (CERTCertificate *)dc->data;
-    SECItem derSerial = { 0 };
-    SECStatus secrv;
-    secrv = CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
-    if (secrv == SECSuccess) {
-	(void)nssItem_Create(arena, serial, derSerial.len, derSerial.data);
-	PORT_Free(derSerial.data);
-	return PR_SUCCESS;
-    }
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT nssDecodedCert *
-nssDecodedPKIXCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSDER *encoding
-)
-{
-    nssDecodedCert *rvDC;
-    SECItem secDER;
-    rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
-    rvDC->type = NSSCertificateType_PKIX;
-    SECITEM_FROM_NSSITEM(&secDER, encoding);
-    rvDC->data = (void *)CERT_DecodeDERCertificate(&secDER, PR_TRUE, NULL);
-    rvDC->getIdentifier = nss3certificate_getIdentifier;
-    rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
-    rvDC->matchIdentifier = nss3certificate_matchIdentifier;
-    rvDC->getUsage = nss3certificate_getUsage;
-    rvDC->isValidAtTime = nss3certificate_isValidAtTime;
-    rvDC->isNewerThan = nss3certificate_isNewerThan;
-    rvDC->matchUsage = nss3certificate_matchUsage;
-    rvDC->getEmailAddress = nss3certificate_getEmailAddress;
-    rvDC->getDERSerialNumber = nss3certificate_getDERSerialNumber;
-    return rvDC;
-}
-
-static nssDecodedCert *
-create_decoded_pkix_cert_from_nss3cert
-(
-  NSSArena *arenaOpt,
-  CERTCertificate *cc
-)
-{
-    nssDecodedCert *rvDC;
-    rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
-    rvDC->type = NSSCertificateType_PKIX;
-    rvDC->data = (void *)cc;
-    rvDC->getIdentifier = nss3certificate_getIdentifier;
-    rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
-    rvDC->matchIdentifier = nss3certificate_matchIdentifier;
-    rvDC->getUsage = nss3certificate_getUsage;
-    rvDC->isValidAtTime = nss3certificate_isValidAtTime;
-    rvDC->isNewerThan = nss3certificate_isNewerThan;
-    rvDC->matchUsage = nss3certificate_matchUsage;
-    rvDC->getEmailAddress = nss3certificate_getEmailAddress;
-    return rvDC;
-}
-
-NSS_IMPLEMENT PRStatus
-nssDecodedPKIXCertificate_Destroy
-(
-  nssDecodedCert *dc
-)
-{
-    CERTCertificate *cert = (CERTCertificate *)dc->data;
-    PRBool freeSlot = cert->ownSlot;
-    PK11SlotInfo *slot = cert->slot;
-    PRArenaPool *arena  = cert->arena;
-    /* zero cert before freeing. Any stale references to this cert
-     * after this point will probably cause an exception.  */
-    PORT_Memset(cert, 0, sizeof *cert);
-    /* free the arena that contains the cert. */
-    PORT_FreeArena(arena, PR_FALSE);
-    nss_ZFreeIf(dc);
-    if (slot && freeSlot) {
-	PK11_FreeSlot(slot);
-    }
-    return PR_SUCCESS;
-}
-
-/* From pk11cert.c */
-extern PRBool
-PK11_IsUserCert(PK11SlotInfo *, CERTCertificate *, CK_OBJECT_HANDLE);
-
-/* see pk11cert.c:pk11_HandleTrustObject */
-static unsigned int
-get_nss3trust_from_nss4trust(CK_TRUST t)
-{
-    unsigned int rt = 0;
-    if (t == nssTrustLevel_Trusted) {
-	rt |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
-    }
-    if (t == nssTrustLevel_TrustedDelegator) {
-	rt |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA /*| CERTDB_NS_TRUSTED_CA*/;
-    }
-    if (t == nssTrustLevel_Valid) {
-	rt |= CERTDB_VALID_PEER;
-    }
-    if (t == nssTrustLevel_ValidDelegator) {
-	rt |= CERTDB_VALID_CA;
-    }
-    return rt;
-}
-
-static CERTCertTrust *
-cert_trust_from_stan_trust(NSSTrust *t, PRArenaPool *arena)
-{
-    CERTCertTrust *rvTrust;
-    unsigned int client;
-    if (!t) {
-	return NULL;
-    }
-    rvTrust = PORT_ArenaAlloc(arena, sizeof(CERTCertTrust));
-    if (!rvTrust) return NULL;
-    rvTrust->sslFlags = get_nss3trust_from_nss4trust(t->serverAuth);
-    client = get_nss3trust_from_nss4trust(t->clientAuth);
-    if (client & (CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA)) {
-	client &= ~(CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA);
-	rvTrust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
-    }
-    rvTrust->sslFlags |= client;
-    rvTrust->emailFlags = get_nss3trust_from_nss4trust(t->emailProtection);
-    rvTrust->objectSigningFlags = get_nss3trust_from_nss4trust(t->codeSigning);
-    return rvTrust;
-}
-
-/* check all cert instances for private key */
-static PRBool is_user_cert(NSSCertificate *c, CERTCertificate *cc)
-{
-    PRBool isUser = PR_FALSE;
-    nssCryptokiObject **ip;
-    nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
-    if (!instances) {
-	return PR_FALSE;
-    }
-    for (ip = instances; *ip; ip++) {
-	nssCryptokiObject *instance = *ip;
-	if (PK11_IsUserCert(instance->token->pk11slot, cc, instance->handle)) {
-	    isUser = PR_TRUE;
-	}
-    }
-    nssCryptokiObjectArray_Destroy(instances);
-    return isUser;
-}
-
-CERTCertTrust * 
-nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, CERTCertificate *cc)
-{
-    CERTCertTrust *rvTrust = NULL;
-    NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
-    NSSTrust *t;
-    t = nssTrustDomain_FindTrustForCertificate(td, c);
-    if (t) {
-	rvTrust = cert_trust_from_stan_trust(t, cc->arena);
-	if (!rvTrust) {
-	    nssTrust_Destroy(t);
-	    return NULL;
-	}
-	nssTrust_Destroy(t);
-    } else {
-	rvTrust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
-	if (!rvTrust) {
-	    return NULL;
-	}
-	memset(rvTrust, 0, sizeof(*rvTrust));
-    }
-    if (is_user_cert(c, cc)) {
-	if (!rvTrust) {
-	}
-	rvTrust->sslFlags |= CERTDB_USER;
-	rvTrust->emailFlags |= CERTDB_USER;
-	rvTrust->objectSigningFlags |= CERTDB_USER;
-    }
-    return rvTrust;
-}
-
-static nssCryptokiInstance *
-get_cert_instance(NSSCertificate *c)
-{
-    nssCryptokiObject *instance, **ci;
-    nssCryptokiObject **instances = nssPKIObject_GetInstances(&c->object);
-    if (!instances) {
-	return NULL;
-    }
-    instance = NULL;
-    for (ci = instances; *ci; ci++) {
-	if (!instance) {
-	    instance = nssCryptokiObject_Clone(*ci);
-	} else {
-	    /* This only really works for two instances...  But 3.4 can't
-	     * handle more anyway.  The logic is, if there are multiple
-	     * instances, prefer the one that is not internal (e.g., on
-	     * a hardware device.
-	     */
-	    if (PK11_IsInternal(instance->token->pk11slot)) {
-		nssCryptokiObject_Destroy(instance);
-		instance = nssCryptokiObject_Clone(*ci);
-	    }
-	}
-    }
-    nssCryptokiObjectArray_Destroy(instances);
-    return instance;
-}
-
-static void
-fill_CERTCertificateFields(NSSCertificate *c, CERTCertificate *cc, PRBool forced)
-{
-    NSSTrust *nssTrust;
-    NSSCryptoContext *context = c->object.cryptoContext;
-    nssCryptokiInstance *instance = get_cert_instance(c);
-    NSSUTF8 *stanNick = NULL;
-    if (instance) {
-	stanNick = instance->label;
-    } else if (context) {
-	stanNick = c->object.tempName;
-    }
-    /* fill other fields needed by NSS3 functions using CERTCertificate */
-    if ((!cc->nickname && stanNick) || forced) {
-	PRStatus nssrv;
-	int nicklen, tokenlen, len;
-	NSSUTF8 *tokenName = NULL;
-	char *nick;
-	if (instance && !PK11_IsInternal(instance->token->pk11slot)) {
-	    tokenName = nssToken_GetName(instance->token);
-	    tokenlen = nssUTF8_Size(tokenName, &nssrv);
-	} else {
-	    /* don't use token name for internal slot; 3.3 didn't */
-	    tokenlen = 0;
-	}
-	if (stanNick) {
-	    nicklen = nssUTF8_Size(stanNick, &nssrv);
-	    len = tokenlen + nicklen;
-	    cc->nickname = PORT_ArenaAlloc(cc->arena, len);
-	    nick = cc->nickname;
-	    if (tokenName) {
-		memcpy(nick, tokenName, tokenlen-1);
-		nick += tokenlen-1;
-		*nick++ = ':';
-	    }
-	    memcpy(nick, stanNick, nicklen-1);
-	    cc->nickname[len-1] = '\0';
-	} else {
-	    cc->nickname = NULL;
-	}
-    }
-    if (context) {
-	/* trust */
-	nssTrust = nssCryptoContext_FindTrustForCertificate(context, c);
-	if (nssTrust) {
-	    cc->trust = cert_trust_from_stan_trust(nssTrust, cc->arena);
-	    nssTrust_Destroy(nssTrust);
-	}
-    } else if (instance) {
-	/* slot */
-	if (cc->slot != instance->token->pk11slot) {
-	    if (cc->slot) {
-		PK11_FreeSlot(cc->slot);
-	    }
-	    cc->slot = PK11_ReferenceSlot(instance->token->pk11slot);
-	}
-	cc->ownSlot = PR_TRUE;
-	/* pkcs11ID */
-	cc->pkcs11ID = instance->handle;
-	/* trust */
-	cc->trust = nssTrust_GetCERTCertTrustForCert(c, cc);
-	nssCryptokiObject_Destroy(instance);
-    } 
-    /* database handle is now the trust domain */
-    cc->dbhandle = c->object.trustDomain;
-    /* subjectList ? */
-    /* istemp and isperm are supported in NSS 3.4 */
-    cc->istemp = PR_FALSE; /* CERT_NewTemp will override this */
-    cc->isperm = PR_TRUE;  /* by default */
-    /* pointer back */
-    cc->nssCertificate = c;
-}
-
-static CERTCertificate *
-stan_GetCERTCertificate(NSSCertificate *c, PRBool forceUpdate)
-{
-    nssDecodedCert *dc;
-    CERTCertificate *cc;
-    if (!c->decoding) {
-	dc = nssDecodedPKIXCertificate_Create(NULL, &c->encoding);
-	if (!dc) return NULL;
-	c->decoding = dc;
-    } else {
-	dc = c->decoding;
-    }
-    cc = (CERTCertificate *)dc->data;
-    if (cc) {
-	if (!cc->nssCertificate || forceUpdate) {
-	    fill_CERTCertificateFields(c, cc, forceUpdate);
-	} else if (!cc->trust && !c->object.cryptoContext) {
-	    /* if it's a perm cert, it might have been stored before the
-	     * trust, so look for the trust again.  But a temp cert can be
-	     * ignored.
-	     */
-	    cc->trust = nssTrust_GetCERTCertTrustForCert(c, cc);
-	}
-    }
-    return cc;
-}
-
-NSS_IMPLEMENT CERTCertificate *
-STAN_ForceCERTCertificateUpdate(NSSCertificate *c)
-{
-    return stan_GetCERTCertificate(c, PR_TRUE);
-}
-
-NSS_IMPLEMENT CERTCertificate *
-STAN_GetCERTCertificate(NSSCertificate *c)
-{
-    return stan_GetCERTCertificate(c, PR_FALSE);
-}
-
-static nssTrustLevel
-get_stan_trust(unsigned int t, PRBool isClientAuth) 
-{
-    if (isClientAuth) {
-	if (t & CERTDB_TRUSTED_CLIENT_CA) {
-	    return nssTrustLevel_TrustedDelegator;
-	}
-    } else {
-	if (t & CERTDB_TRUSTED_CA || t & CERTDB_NS_TRUSTED_CA) {
-	    return nssTrustLevel_TrustedDelegator;
-	}
-    }
-    if (t & CERTDB_TRUSTED) {
-	return nssTrustLevel_Trusted;
-    }
-    if (t & CERTDB_VALID_CA) {
-	return nssTrustLevel_ValidDelegator;
-    }
-    if (t & CERTDB_VALID_PEER) {
-	return nssTrustLevel_Valid;
-    }
-    return nssTrustLevel_NotTrusted;
-}
-
-NSS_EXTERN NSSCertificate *
-STAN_GetNSSCertificate(CERTCertificate *cc)
-{
-    NSSCertificate *c;
-    nssCryptokiInstance *instance;
-    nssPKIObject *pkiob;
-    NSSArena *arena;
-    c = cc->nssCertificate;
-    if (c) {
-    	return c;
-    }
-    /* i don't think this should happen.  but if it can, need to create
-     * NSSCertificate from CERTCertificate values here.  */
-    /* Yup, it can happen. */
-    arena = NSSArena_Create();
-    if (!arena) {
-	return NULL;
-    }
-    c = nss_ZNEW(arena, NSSCertificate);
-    if (!c) {
-	nssArena_Destroy(arena);
-	return NULL;
-    }
-    NSSITEM_FROM_SECITEM(&c->encoding, &cc->derCert);
-    c->type = NSSCertificateType_PKIX;
-    pkiob = nssPKIObject_Create(arena, NULL, cc->dbhandle, NULL);
-    if (!pkiob) {
-	nssArena_Destroy(arena);
-	return NULL;
-    }
-    c->object = *pkiob;
-    nssItem_Create(arena,
-                   &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
-    nssItem_Create(arena,
-                   &c->subject, cc->derSubject.len, cc->derSubject.data);
-    if (PR_TRUE) {
-	/* CERTCertificate stores serial numbers decoded.  I need the DER
-	* here.  sigh.
-	*/
-	SECItem derSerial;
-	CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
-	nssItem_Create(arena, &c->serial, derSerial.len, derSerial.data);
-	PORT_Free(derSerial.data);
-    }
-    if (cc->emailAddr) {
-        c->email = nssUTF8_Create(arena,
-                                  nssStringType_PrintableString,
-                                  (NSSUTF8 *)cc->emailAddr,
-                                  PORT_Strlen(cc->emailAddr));
-    }
-    if (cc->slot) {
-	instance = nss_ZNEW(arena, nssCryptokiInstance);
-	instance->token = nssToken_AddRef(PK11Slot_GetNSSToken(cc->slot));
-	instance->handle = cc->pkcs11ID;
-	instance->isTokenObject = PR_TRUE;
-	if (cc->nickname) {
-	    instance->label = nssUTF8_Create(arena,
-	                                     nssStringType_UTF8String,
-	                                     (NSSUTF8 *)cc->nickname,
-	                                     PORT_Strlen(cc->nickname));
-	}
-	nssPKIObject_AddInstance(&c->object, instance);
-    }
-    c->decoding = create_decoded_pkix_cert_from_nss3cert(NULL, cc);
-    cc->nssCertificate = c;
-    return c;
-}
-
-NSS_EXTERN PRStatus
-STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust)
-{
-    PRStatus nssrv;
-    NSSCertificate *c = STAN_GetNSSCertificate(cc);
-    NSSToken *tok;
-    NSSTrustDomain *td;
-    NSSTrust *nssTrust;
-    NSSArena *arena;
-    CERTCertTrust *oldTrust;
-    nssListIterator *tokens;
-    PRBool moving_object;
-    nssCryptokiObject *newInstance;
-    nssPKIObject *pkiob;
-    oldTrust = nssTrust_GetCERTCertTrustForCert(c, cc);
-    if (oldTrust) {
-	if (memcmp(oldTrust, trust, sizeof (CERTCertTrust)) == 0) {
-	    /* ... and the new trust is no different, done) */
-	    return PR_SUCCESS;
-	} else {
-	    /* take over memory already allocated in cc's arena */
-	    cc->trust = oldTrust;
-	}
-    } else {
-	cc->trust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
-    }
-    memcpy(cc->trust, trust, sizeof(CERTCertTrust));
-    /* Set the NSSCerticate's trust */
-    arena = nssArena_Create();
-    if (!arena) return PR_FAILURE;
-    nssTrust = nss_ZNEW(arena, NSSTrust);
-    pkiob = nssPKIObject_Create(arena, NULL, cc->dbhandle, NULL);
-    if (!pkiob) {
-	nssArena_Destroy(arena);
-	return PR_FAILURE;
-    }
-    nssTrust->object = *pkiob;
-    nssTrust->certificate = c;
-    nssTrust->serverAuth = get_stan_trust(trust->sslFlags, PR_FALSE);
-    nssTrust->clientAuth = get_stan_trust(trust->sslFlags, PR_TRUE);
-    nssTrust->emailProtection = get_stan_trust(trust->emailFlags, PR_FALSE);
-    nssTrust->codeSigning = get_stan_trust(trust->objectSigningFlags, PR_FALSE);
-    if (c->object.cryptoContext != NULL) {
-	/* The cert is in a context, set the trust there */
-	NSSCryptoContext *cc = c->object.cryptoContext;
-	nssrv = nssCryptoContext_ImportTrust(cc, nssTrust);
-	if (nssrv != PR_SUCCESS) {
-	    nssTrust_Destroy(nssTrust);
-	    return nssrv;
-	}
-	if (c->object.numInstances == 0) {
-	    /* The context is the only instance, finished */
-	    return nssrv;
-	}
-    }
-    td = STAN_GetDefaultTrustDomain();
-    if (PK11_IsReadOnly(cc->slot)) {
-	tokens = nssList_CreateIterator(td->tokenList);
-	if (!tokens) return PR_FAILURE;
-	for (tok  = (NSSToken *)nssListIterator_Start(tokens);
-	     tok != (NSSToken *)NULL;
-	     tok  = (NSSToken *)nssListIterator_Next(tokens))
-	{
-	    if (!PK11_IsReadOnly(tok->pk11slot)) break;
-	}
-	nssListIterator_Finish(tokens);
-	nssListIterator_Destroy(tokens);
-	moving_object = PR_TRUE;
-    } else {
-	/* by default, store trust on same token as cert if writeable */
-	tok = PK11Slot_GetNSSToken(cc->slot);
-	moving_object = PR_FALSE;
-    }
-    if (tok) {
-	if (moving_object) {
-	    /* this is kind of hacky.  the softoken needs the cert
-	     * object in order to store trust.  forcing it to be perm
-	     */
-	    NSSUTF8 *nickname = nssCertificate_GetNickname(c, NULL);
-	    NSSASCII7 *email = NULL;
-
-	    if (PK11_IsInternal(tok->pk11slot)) {
-		email = c->email;
-	    }
-	    newInstance = nssToken_ImportCertificate(tok, NULL,
-	                                             NSSCertificateType_PKIX,
-	                                             &c->id,
-	                                             nickname,
-	                                             &c->encoding,
-	                                             &c->issuer,
-	                                             &c->subject,
-	                                             &c->serial,
-						     email,
-	                                             PR_TRUE);
-	    if (!newInstance) {
-		return PR_FAILURE;
-	    }
-	    nssPKIObject_AddInstance(&c->object, newInstance);
-	}
-	newInstance = nssToken_ImportTrust(tok, NULL, &c->encoding,
-	                                   &c->issuer, &c->serial,
-	                                   nssTrust->serverAuth,
-	                                   nssTrust->clientAuth,
-	                                   nssTrust->codeSigning,
-	                                   nssTrust->emailProtection, PR_TRUE);
-	if (newInstance) {
-	    nssCryptokiObject_Destroy(newInstance);
-	    nssrv = PR_SUCCESS;
-	} else {
-	    nssrv = PR_FAILURE;
-	}
-    } else {
-	nssrv = PR_FAILURE;
-    }
-    (void)nssTrust_Destroy(nssTrust);
-    return nssrv;
-}
-
-/* CERT_TraversePermCertsForSubject */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificatesBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    NSSArena *tmpArena;
-    NSSCertificate **subjectCerts;
-    NSSCertificate *c;
-    PRIntn i;
-    tmpArena = NSSArena_Create();
-    subjectCerts = NSSTrustDomain_FindCertificatesBySubject(td, subject, NULL,
-                                                            0, tmpArena);
-    if (subjectCerts) {
-	for (i=0, c = subjectCerts[i]; c; i++) {
-	    nssrv = callback(c, arg);
-	    if (nssrv != PR_SUCCESS) break;
-	}
-    }
-    nssArena_Destroy(tmpArena);
-    return nssrv;
-}
-
-/* CERT_TraversePermCertsForNickname */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificatesByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nickname,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    NSSArena *tmpArena;
-    NSSCertificate **nickCerts;
-    NSSCertificate *c;
-    PRIntn i;
-    tmpArena = NSSArena_Create();
-    nickCerts = NSSTrustDomain_FindCertificatesByNickname(td, nickname, NULL,
-                                                          0, tmpArena);
-    if (nickCerts) {
-	for (i=0, c = nickCerts[i]; c; i++) {
-	    nssrv = callback(c, arg);
-	    if (nssrv != PR_SUCCESS) break;
-	}
-    }
-    nssArena_Destroy(tmpArena);
-    return nssrv;
-}
-
-static void cert_dump_iter(const void *k, void *v, void *a)
-{
-    NSSCertificate *c = (NSSCertificate *)k;
-    CERTCertificate *cert = STAN_GetCERTCertificate(c);
-    printf("[%2d] \"%s\"\n", c->object.refCount, cert->subjectName);
-}
-
-void
-nss_DumpCertificateCacheInfo()
-{
-    NSSTrustDomain *td;
-    NSSCryptoContext *cc;
-    td = STAN_GetDefaultTrustDomain();
-    cc = STAN_GetDefaultCryptoContext();
-    printf("\n\nCertificates in the cache:\n");
-    nssTrustDomain_DumpCacheInfo(td, cert_dump_iter, NULL);
-    printf("\n\nCertificates in the temporary store:\n");
-    if (cc->certStore) {
-	nssCertificateStore_DumpStoreInfo(cc->certStore, cert_dump_iter, NULL);
-    }
-}
-
diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h
deleted file mode 100644
index 529c81e2b..000000000
--- a/security/nss/lib/pki/pki3hack.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKINSS3HACK_H
-#define PKINSS3HACK_H
-
-#ifdef DEBUG
-static const char PKINSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#include "base.h"
-
-#include "cert.h"
-
-PR_BEGIN_EXTERN_C
-
-#define NSSITEM_FROM_SECITEM(nssit, secit)  \
-    (nssit)->data = (void *)(secit)->data;  \
-    (nssit)->size = (PRUint32)(secit)->len;
-
-#define SECITEM_FROM_NSSITEM(secit, nssit)          \
-    (secit)->data = (unsigned char *)(nssit)->data; \
-    (secit)->len  = (unsigned int)(nssit)->size;
-
-NSS_EXTERN NSSTrustDomain *
-STAN_GetDefaultTrustDomain();
-
-NSS_EXTERN NSSCryptoContext *
-STAN_GetDefaultCryptoContext();
-
-NSS_EXTERN PRStatus
-STAN_LoadDefaultNSS3TrustDomain
-(
-  void
-);
-
-NSS_EXTERN void
-STAN_Shutdown();
-
-NSS_EXTERN SECStatus
-STAN_AddModuleToDefaultTrustDomain
-(
-  SECMODModule *module
-);
-
-NSS_EXTERN SECStatus
-STAN_RemoveModuleFromDefaultTrustDomain
-(
-  SECMODModule *module
-);
-
-NSS_EXTERN CERTCertificate *
-STAN_ForceCERTCertificateUpdate(NSSCertificate *c);
-
-NSS_EXTERN CERTCertificate *
-STAN_GetCERTCertificate(NSSCertificate *c);
-
-NSS_EXTERN NSSCertificate *
-STAN_GetNSSCertificate(CERTCertificate *c);
-
-NSS_EXTERN CERTCertTrust * 
-nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, CERTCertificate *cc);
-
-NSS_EXTERN PRStatus
-STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust);
-
-NSS_EXTERN PRStatus
-nssPKIX509_GetIssuerAndSerialFromDER(NSSDER *der, NSSArena *arena, 
-                                     NSSDER *issuer, NSSDER *serial);
-
-/* exposing this */
-NSS_EXTERN NSSCertificate *
-NSSCertificate_Create
-(
-  NSSArena *arenaOpt
-);
-
-/* This function is being put here because it is a hack for 
- * PK11_FindCertFromNickname.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_FindBestCertificateByNicknameForToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token,
-  NSSUTF8 *name,
-  NSSTime *timeOpt, /* NULL for "now" */
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/* This function is being put here because it is a hack for 
- * PK11_FindCertsFromNickname.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByNicknameForToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token,
-  NSSUTF8 *name,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-);
-
-/* CERT_TraversePermCertsForSubject */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificatesBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-);
-
-/* CERT_TraversePermCertsForNickname */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificatesByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nickname,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-);
-
-/* SEC_TraversePermCerts */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificates
-(
-  NSSTrustDomain *td,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-);
-
-/* CERT_AddTempCertToPerm */
-NSS_EXTERN PRStatus
-nssTrustDomain_AddTempCertToPerm
-(
-  NSSCertificate *c
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKINSS3HACK_H */
diff --git a/security/nss/lib/pki/pkibase.c b/security/nss/lib/pki/pkibase.c
deleted file mode 100644
index 626dc6c90..000000000
--- a/security/nss/lib/pki/pkibase.c
+++ /dev/null
@@ -1,1452 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifdef NSS_3_4_CODE
-#include "pki3hack.h"
-#endif
-
-NSS_IMPLEMENT nssPKIObject *
-nssPKIObject_Create
-(
-  NSSArena *arenaOpt,
-  nssCryptokiObject *instanceOpt,
-  NSSTrustDomain *td,
-  NSSCryptoContext *cc
-)
-{
-    NSSArena *arena;
-    nssArenaMark *mark = NULL;
-    nssPKIObject *object;
-    if (arenaOpt) {
-	arena = arenaOpt;
-	mark = nssArena_Mark(arena);
-    } else {
-	arena = nssArena_Create();
-	if (!arena) {
-	    return (nssPKIObject *)NULL;
-	}
-    }
-    object = nss_ZNEW(arena, nssPKIObject);
-    if (!object) {
-	goto loser;
-    }
-    object->arena = arena;
-    object->trustDomain = td; /* XXX */
-    object->cryptoContext = cc;
-    object->lock = PZ_NewLock(nssILockOther);
-    if (!object->lock) {
-	goto loser;
-    }
-    if (instanceOpt) {
-	if (nssPKIObject_AddInstance(object, instanceOpt) != PR_SUCCESS) {
-	    goto loser;
-	}
-    }
-    PR_AtomicIncrement(&object->refCount);
-    if (mark) {
-	nssArena_Unmark(arena, mark);
-    }
-    return object;
-loser:
-    if (mark) {
-	nssArena_Release(arena, mark);
-    } else {
-	nssArena_Destroy(arena);
-    }
-    return (nssPKIObject *)NULL;
-}
-
-NSS_IMPLEMENT PRBool
-nssPKIObject_Destroy
-(
-  nssPKIObject *object
-)
-{
-    PRUint32 i;
-    PR_ASSERT(object->refCount > 0);
-    PR_AtomicDecrement(&object->refCount);
-    if (object->refCount == 0) {
-	for (i=0; i<object->numInstances; i++) {
-	    nssCryptokiObject_Destroy(object->instances[i]);
-	}
-	PZ_DestroyLock(object->lock);
-	nssArena_Destroy(object->arena);
-	return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-NSS_IMPLEMENT nssPKIObject *
-nssPKIObject_AddRef
-(
-  nssPKIObject *object
-)
-{
-    PR_AtomicIncrement(&object->refCount);
-    return object;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObject_AddInstance
-(
-  nssPKIObject *object,
-  nssCryptokiObject *instance
-)
-{
-    PZ_Lock(object->lock);
-    if (object->numInstances == 0) {
-	object->instances = nss_ZNEWARRAY(object->arena,
-	                                  nssCryptokiObject *,
-	                                  object->numInstances + 1);
-    } else {
-	PRUint32 i;
-	for (i=0; i<object->numInstances; i++) {
-	    if (nssCryptokiObject_Equal(object->instances[i], instance)) {
-		PZ_Unlock(object->lock);
-		if (instance->label) {
-		    if (!object->instances[i]->label ||
-		        !nssUTF8_Equal(instance->label,
-		                       object->instances[i]->label, NULL))
-		    {
-			/* Either the old instance did not have a label,
-			 * or the label has changed.
-			 */
-			nss_ZFreeIf(object->instances[i]->label);
-			object->instances[i]->label = instance->label;
-			instance->label = NULL;
-		    }
-		} else if (object->instances[i]->label) {
-		    /* The old label was removed */
-		    nss_ZFreeIf(object->instances[i]->label);
-		    object->instances[i]->label = NULL;
-		}
-		nssCryptokiObject_Destroy(instance);
-		return PR_SUCCESS;
-	    }
-	}
-	object->instances = nss_ZREALLOCARRAY(object->instances,
-	                                      nssCryptokiObject *,
-	                                      object->numInstances + 1);
-    }
-    if (!object->instances) {
-	PZ_Unlock(object->lock);
-	return PR_FAILURE;
-    }
-    object->instances[object->numInstances++] = instance;
-    PZ_Unlock(object->lock);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRBool
-nssPKIObject_HasInstance
-(
-  nssPKIObject *object,
-  nssCryptokiObject *instance
-)
-{
-    PRUint32 i;
-    PRBool hasIt = PR_FALSE;;
-    PZ_Lock(object->lock);
-    for (i=0; i<object->numInstances; i++) {
-	if (nssCryptokiObject_Equal(object->instances[i], instance)) {
-	    hasIt = PR_TRUE;
-	    break;
-	}
-    }
-    PZ_Unlock(object->lock);
-    return hasIt;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObject_RemoveInstanceForToken
-(
-  nssPKIObject *object,
-  NSSToken *token
-)
-{
-    PRUint32 i;
-    nssCryptokiObject *instanceToRemove = NULL;
-    PZ_Lock(object->lock);
-    if (object->numInstances == 0) {
-	PZ_Unlock(object->lock);
-	return PR_SUCCESS;
-    }
-    for (i=0; i<object->numInstances; i++) {
-	if (object->instances[i]->token == token) {
-	    instanceToRemove = object->instances[i];
-	    object->instances[i] = object->instances[object->numInstances-1];
-	    object->instances[object->numInstances-1] = NULL;
-	    break;
-	}
-    }
-    if (--object->numInstances > 0) {
-	object->instances = nss_ZREALLOCARRAY(object->instances,
-	                                      nssCryptokiObject *,
-	                                      object->numInstances);
-	if (!object->instances) {
-	    PZ_Unlock(object->lock);
-	    return PR_FAILURE;
-	}
-    } else {
-	nss_ZFreeIf(object->instances);
-    }
-    nssCryptokiObject_Destroy(instanceToRemove);
-    PZ_Unlock(object->lock);
-    return PR_SUCCESS;
-}
-
-/* this needs more thought on what will happen when there are multiple
- * instances
- */
-NSS_IMPLEMENT PRStatus
-nssPKIObject_DeleteStoredObject
-(
-  nssPKIObject *object,
-  NSSCallback *uhh,
-  PRBool isFriendly
-)
-{
-    PRUint32 i, numNotDestroyed;
-    PRStatus status = PR_SUCCESS;
-    NSSTrustDomain *td = object->trustDomain;
-    NSSCallback *pwcb = uhh ?  /* is this optional? */
-                        uhh : 
-                        nssTrustDomain_GetDefaultCallback(td, NULL);
-    numNotDestroyed = 0;
-    PZ_Lock(object->lock);
-    for (i=0; i<object->numInstances; i++) {
-	nssCryptokiObject *instance = object->instances[i];
-#ifndef NSS_3_4_CODE
-	NSSSlot *slot = nssToken_GetSlot(instance->token);
-	/* If both the operation and the slot are friendly, login is
-	 * not required.  If either or both are not friendly, it is
-	 * required.
-	 */
-	if (!(isFriendly && nssSlot_IsFriendly(slot))) {
-	    status = nssSlot_Login(slot, pwcb);
-	    nssSlot_Destroy(slot);
-	    if (status == PR_SUCCESS) {
-		/* XXX this should be fixed to understand read-only tokens,
-		 * for now, to handle the builtins, just make the attempt.
-		 */
-		status = nssToken_DeleteStoredObject(instance);
-	    }
-	}
-#else
-	status = nssToken_DeleteStoredObject(instance);
-#endif
-	object->instances[i] = NULL;
-	if (status == PR_SUCCESS) {
-	    nssCryptokiObject_Destroy(instance);
-	} else {
-	    object->instances[numNotDestroyed++] = instance;
-	}
-    }
-    if (numNotDestroyed == 0) {
-	nss_ZFreeIf(object->instances);
-	object->numInstances = 0;
-    } else {
-	object->numInstances = numNotDestroyed;
-    }
-    PZ_Unlock(object->lock);
-    return status;
-}
-
-NSS_IMPLEMENT NSSToken **
-nssPKIObject_GetTokens
-(
-  nssPKIObject *object,
-  PRStatus *statusOpt
-)
-{
-    NSSToken **tokens = NULL;
-    PZ_Lock(object->lock);
-    if (object->numInstances > 0) {
-	tokens = nss_ZNEWARRAY(NULL, NSSToken *, object->numInstances + 1);
-	if (tokens) {
-	    PRUint32 i;
-	    for (i=0; i<object->numInstances; i++) {
-		tokens[i] = nssToken_AddRef(object->instances[i]->token);
-	    }
-	}
-    }
-    PZ_Unlock(object->lock);
-    if (statusOpt) *statusOpt = PR_SUCCESS; /* until more logic here */
-    return tokens;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIObject_GetNicknameForToken
-(
-  nssPKIObject *object,
-  NSSToken *tokenOpt
-)
-{
-    PRUint32 i;
-    NSSUTF8 *nickname = NULL;
-    PZ_Lock(object->lock);
-    for (i=0; i<object->numInstances; i++) {
-	if ((!tokenOpt && object->instances[i]->label) ||
-	    (object->instances[i]->token == tokenOpt)) 
-	{
-            /* XXX should be copy? safe as long as caller has reference */
-	    nickname = object->instances[i]->label; 
-	    break;
-	}
-    }
-    PZ_Unlock(object->lock);
-    return nickname;
-}
-
-#ifdef NSS_3_4_CODE
-NSS_IMPLEMENT nssCryptokiObject **
-nssPKIObject_GetInstances
-(
-  nssPKIObject *object
-)
-{
-    nssCryptokiObject **instances = NULL;
-    PRUint32 i;
-    if (object->numInstances == 0) {
-	return (nssCryptokiObject **)NULL;
-    }
-    PZ_Lock(object->lock);
-    instances = nss_ZNEWARRAY(NULL, nssCryptokiObject *, 
-                              object->numInstances + 1);
-    if (instances) {
-	for (i=0; i<object->numInstances; i++) {
-	    instances[i] = nssCryptokiObject_Clone(object->instances[i]);
-	}
-    }
-    PZ_Unlock(object->lock);
-    return instances;
-}
-#endif
-
-NSS_IMPLEMENT void
-nssCertificateArray_Destroy
-(
-  NSSCertificate **certs
-)
-{
-    if (certs) {
-	NSSCertificate **certp;
-	for (certp = certs; *certp; certp++) {
-#ifdef NSS_3_4_CODE
-	    if ((*certp)->decoding) {
-		CERTCertificate *cc = STAN_GetCERTCertificate(*certp);
-		if (cc) {
-		    CERT_DestroyCertificate(cc);
-		}
-		continue;
-	    }
-#endif
-	    nssCertificate_Destroy(*certp);
-	}
-	nss_ZFreeIf(certs);
-    }
-}
-
-NSS_IMPLEMENT void
-NSSCertificateArray_Destroy
-(
-  NSSCertificate **certs
-)
-{
-    nssCertificateArray_Destroy(certs);
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateArray_Join
-(
-  NSSCertificate **certs1,
-  NSSCertificate **certs2
-)
-{
-    if (certs1 && certs2) {
-	NSSCertificate **certs, **cp;
-	PRUint32 count = 0;
-	PRUint32 count1 = 0;
-	cp = certs1;
-	while (*cp++) count1++;
-	count = count1;
-	cp = certs2;
-	while (*cp++) count++;
-	certs = nss_ZREALLOCARRAY(certs1, NSSCertificate *, count + 1);
-	if (!certs) {
-	    nss_ZFreeIf(certs1);
-	    nss_ZFreeIf(certs2);
-	    return (NSSCertificate **)NULL;
-	}
-	for (cp = certs2; *cp; cp++, count1++) {
-	    certs[count1] = *cp;
-	}
-	nss_ZFreeIf(certs2);
-	return certs;
-    } else if (certs1) {
-	return certs1;
-    } else {
-	return certs2;
-    }
-}
-
-NSS_IMPLEMENT NSSCertificate * 
-nssCertificateArray_FindBestCertificate
-(
-  NSSCertificate **certs, 
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    NSSCertificate *bestCert = NULL;
-    NSSTime *time, sTime;
-    if (timeOpt) {
-	time = timeOpt;
-    } else {
-	NSSTime_Now(&sTime);
-	time = &sTime;
-    }
-    if (!certs) {
-	return (NSSCertificate *)NULL;
-    }
-    for (; *certs; certs++) {
-	nssDecodedCert *dc, *bestdc;
-	NSSCertificate *c = *certs;
-	dc = nssCertificate_GetDecoding(c);
-	if (!bestCert) {
-	    /* take the first cert with matching usage */
-#ifdef NSS_3_4_CODE
-	    if (usage->anyUsage) {
-#else
-	    if (!usage || usage->anyUsage) {
-#endif
-		bestCert = nssCertificate_AddRef(c);
-	    } else {
-		if (dc->matchUsage(dc, usage)) {
-		    bestCert = nssCertificate_AddRef(c);
-		}
-	    }
-	    continue;
-	} else {
-	    /* already have a cert for this usage, if this cert doesn't have
-	     * the correct usage, continue
-	     * if ths cert does match usage, defer to time/policies
-	     */
-#ifdef NSS_3_4_CODE
-	    if (!usage->anyUsage && !dc->matchUsage(dc, usage)) {
-#else
-	    if (PR_TRUE) {
-#endif
-		continue;
-	    }
-	}
-	bestdc = nssCertificate_GetDecoding(bestCert);
-	/* time */
-	if (bestdc->isValidAtTime(bestdc, time)) {
-	    /* The current best cert is valid at time */
-	    if (!dc->isValidAtTime(dc, time)) {
-		/* If the new cert isn't valid at time, it's not better */
-		continue;
-	    }
-	} else {
-	    /* The current best cert is not valid at time */
-	    if (dc->isValidAtTime(dc, time)) {
-		/* If the new cert is valid at time, it's better */
-		nssCertificate_Destroy(bestCert);
-		bestCert = nssCertificate_AddRef(c);
-	    }
-	}
-	/* either they are both valid at time, or neither valid; 
-	 * take the newer one
-	 */
-	if (!bestdc->isNewerThan(bestdc, dc)) {
-	    nssCertificate_Destroy(bestCert);
-	    bestCert = nssCertificate_AddRef(c);
-	}
-	/* policies */
-	/* XXX later -- defer to policies */
-    }
-    return bestCert;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCertificateArray_Traverse
-(
-  NSSCertificate **certs,
-  PRStatus (* callback)(NSSCertificate *c, void *arg),
-  void *arg
-)
-{
-    PRStatus status = PR_SUCCESS;
-    if (certs) {
-	NSSCertificate **certp;
-	for (certp = certs; *certp; certp++) {
-	    status = (*callback)(*certp, arg);
-	    if (status != PR_SUCCESS) {
-		break;
-	    }
-	}
-    }
-    return status;
-}
-
-
-NSS_IMPLEMENT void
-nssCRLArray_Destroy
-(
-  NSSCRL **crls
-)
-{
-    if (crls) {
-	NSSCRL **crlp;
-	for (crlp = crls; *crlp; crlp++) {
-	    nssCRL_Destroy(*crlp);
-	}
-	nss_ZFreeIf(crls);
-    }
-}
-
-/*
- * Object collections
- */
-
-typedef enum
-{
-  pkiObjectType_Certificate = 0,
-  pkiObjectType_CRL = 1,
-  pkiObjectType_PrivateKey = 2,
-  pkiObjectType_PublicKey = 3
-} pkiObjectType;
-
-/* Each object is defined by a set of items that uniquely identify it.
- * Here are the uid sets:
- *
- * NSSCertificate ==>  { issuer, serial }
- * NSSPrivateKey
- *         (RSA) ==> { modulus, public exponent }
- *
- */
-#define MAX_ITEMS_FOR_UID 2
-
-/* pkiObjectCollectionNode
- *
- * A node in the collection is the set of unique identifiers for a single
- * object, along with either the actual object or a proto-object.
- */
-typedef struct
-{
-  PRCList link;
-  PRBool haveObject;
-  nssPKIObject *object;
-  NSSItem uid[MAX_ITEMS_FOR_UID];
-} 
-pkiObjectCollectionNode;
-
-/* nssPKIObjectCollection
- *
- * The collection is the set of all objects, plus the interfaces needed
- * to manage the objects.
- *
- */
-struct nssPKIObjectCollectionStr
-{
-  NSSArena *arena;
-  NSSTrustDomain *td;
-  NSSCryptoContext *cc;
-  PRCList head; /* list of pkiObjectCollectionNode's */
-  PRUint32 size;
-  pkiObjectType objectType;
-  void           (*      destroyObject)(nssPKIObject *o);
-  PRStatus       (*   getUIDFromObject)(nssPKIObject *o, NSSItem *uid);
-  PRStatus       (* getUIDFromInstance)(nssCryptokiObject *co, NSSItem *uid, 
-                                        NSSArena *arena);
-  nssPKIObject * (*       createObject)(nssPKIObject *o);
-};
-
-static nssPKIObjectCollection *
-nssPKIObjectCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSCryptoContext *ccOpt
-)
-{
-    NSSArena *arena;
-    nssPKIObjectCollection *rvCollection = NULL;
-    arena = nssArena_Create();
-    if (!arena) {
-	return (nssPKIObjectCollection *)NULL;
-    }
-    rvCollection = nss_ZNEW(arena, nssPKIObjectCollection);
-    if (!rvCollection) {
-	goto loser;
-    }
-    PR_INIT_CLIST(&rvCollection->head);
-    rvCollection->arena = arena;
-    rvCollection->td = td; /* XXX */
-    rvCollection->cc = ccOpt;
-    return rvCollection;
-loser:
-    nssArena_Destroy(arena);
-    return (nssPKIObjectCollection *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssPKIObjectCollection_Destroy
-(
-  nssPKIObjectCollection *collection
-)
-{
-    if (collection) {
-	PRCList *link;
-	pkiObjectCollectionNode *node;
-	/* first destroy any objects in the collection */
-	link = PR_NEXT_LINK(&collection->head);
-	while (link != &collection->head) {
-	    node = (pkiObjectCollectionNode *)link;
-	    if (node->haveObject) {
-		(*collection->destroyObject)(node->object);
-	    } else {
-		nssPKIObject_Destroy(node->object);
-	    }
-	    link = PR_NEXT_LINK(link);
-	}
-	/* then destroy it */
-	nssArena_Destroy(collection->arena);
-    }
-}
-
-NSS_IMPLEMENT PRUint32
-nssPKIObjectCollection_Count
-(
-  nssPKIObjectCollection *collection
-)
-{
-    return collection->size;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_AddObject
-(
-  nssPKIObjectCollection *collection,
-  nssPKIObject *object
-)
-{
-    pkiObjectCollectionNode *node;
-    node = nss_ZNEW(collection->arena, pkiObjectCollectionNode);
-    if (!node) {
-	return PR_FAILURE;
-    }
-    node->haveObject = PR_TRUE;
-    node->object = nssPKIObject_AddRef(object);
-    (*collection->getUIDFromObject)(object, node->uid);
-    PR_INIT_CLIST(&node->link);
-    PR_INSERT_BEFORE(&node->link, &collection->head);
-    collection->size++;
-    return PR_SUCCESS;
-}
-
-static pkiObjectCollectionNode *
-find_instance_in_collection
-(
-  nssPKIObjectCollection *collection,
-  nssCryptokiObject *instance
-)
-{
-    PRCList *link;
-    pkiObjectCollectionNode *node;
-    link = PR_NEXT_LINK(&collection->head);
-    while (link != &collection->head) {
-	node = (pkiObjectCollectionNode *)link;
-	if (nssPKIObject_HasInstance(node->object, instance)) {
-	    return node;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    return (pkiObjectCollectionNode *)NULL;
-}
-
-static pkiObjectCollectionNode *
-find_object_in_collection
-(
-  nssPKIObjectCollection *collection,
-  NSSItem *uid
-)
-{
-    PRUint32 i;
-    PRStatus status;
-    PRCList *link;
-    pkiObjectCollectionNode *node;
-    link = PR_NEXT_LINK(&collection->head);
-    while (link != &collection->head) {
-	node = (pkiObjectCollectionNode *)link;
-	for (i=0; i<MAX_ITEMS_FOR_UID; i++) {
-	    if (!nssItem_Equal(&node->uid[i], &uid[i], &status)) {
-		break;
-	    }
-	}
-	if (i == MAX_ITEMS_FOR_UID) {
-	    return node;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    return (pkiObjectCollectionNode *)NULL;
-}
-
-static pkiObjectCollectionNode *
-add_object_instance
-(
-  nssPKIObjectCollection *collection,
-  nssCryptokiObject *instance
-)
-{
-    PRUint32 i;
-    PRStatus status;
-    pkiObjectCollectionNode *node;
-    nssArenaMark *mark = NULL;
-    NSSItem uid[MAX_ITEMS_FOR_UID];
-    nsslibc_memset(uid, 0, sizeof uid);
-    /* The list is traversed twice, first (here) looking to match the
-     * { token, handle } tuple, and if that is not found, below a search
-     * for unique identifier is done.  Here, a match means this exact object
-     * instance is already in the collection, and we have nothing to do.
-     */
-    node = find_instance_in_collection(collection, instance);
-    if (node) {
-	/* The collection is assumed to take over the instance.  Since we
-	 * are not using it, it must be destroyed.
-	 */
-	nssCryptokiObject_Destroy(instance);
-	return node;
-    }
-    mark = nssArena_Mark(collection->arena);
-    if (!mark) {
-	goto loser;
-    }
-    status = (*collection->getUIDFromInstance)(instance, uid, 
-                                               collection->arena);
-    if (status != PR_SUCCESS) {
-	goto loser;
-    }
-    /* Search for unique identifier.  A match here means the object exists 
-     * in the collection, but does not have this instance, so the instance 
-     * needs to be added.
-     */
-    node = find_object_in_collection(collection, uid);
-    if (node) {
-	/* This is a object with multiple instances */
-	status = nssPKIObject_AddInstance(node->object, instance);
-    } else {
-	/* This is a completely new object.  Create a node for it. */
-	node = nss_ZNEW(collection->arena, pkiObjectCollectionNode);
-	if (!node) {
-	    goto loser;
-	}
-	node->object = nssPKIObject_Create(NULL, instance, 
-	                                   collection->td, collection->cc);
-	if (!node->object) {
-	    goto loser;
-	}
-	for (i=0; i<MAX_ITEMS_FOR_UID; i++) {
-	    node->uid[i] = uid[i];
-	}
-	node->haveObject = PR_FALSE;
-	PR_INIT_CLIST(&node->link);
-	PR_INSERT_BEFORE(&node->link, &collection->head);
-	collection->size++;
-	status = PR_SUCCESS;
-    }
-    nssArena_Unmark(collection->arena, mark);
-    return node;
-loser:
-    if (mark) {
-	nssArena_Release(collection->arena, mark);
-    }
-    nssCryptokiObject_Destroy(instance);
-    return (pkiObjectCollectionNode *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_AddInstances
-(
-  nssPKIObjectCollection *collection,
-  nssCryptokiObject **instances,
-  PRUint32 numInstances
-)
-{
-    PRStatus status = PR_SUCCESS;
-    PRUint32 i = 0;
-    pkiObjectCollectionNode *node;
-    if (instances) {
-	for (; *instances; instances++, i++) {
-	    if (numInstances > 0 && i == numInstances) {
-		break;
-	    }
-	    node = add_object_instance(collection, *instances);
-	    if (node == NULL) {
-		goto loser;
-	    }
-	}
-    }
-    return status;
-loser:
-    /* free the remaining instances */
-    for (; *instances; instances++, i++) {
-	if (numInstances > 0 && i == numInstances) {
-	    break;
-	}
-	nssCryptokiObject_Destroy(*instances);
-    }
-    return PR_FAILURE;
-}
-
-static PRStatus
-nssPKIObjectCollection_GetObjects
-(
-  nssPKIObjectCollection *collection,
-  nssPKIObject **rvObjects,
-  PRUint32 rvSize
-)
-{
-    PRUint32 i = 0;
-    PRCList *link = PR_NEXT_LINK(&collection->head);
-    pkiObjectCollectionNode *node;
-    while (link != &collection->head) {
-	node = (pkiObjectCollectionNode *)link;
-	if (!node->haveObject) {
-	    /* Convert the proto-object to an object */
-	    node->object = (*collection->createObject)(node->object);
-	    if (!node->object) {
-		return PR_FAILURE;
-	    }
-	    node->haveObject = PR_TRUE;
-	}
-	rvObjects[i++] = nssPKIObject_AddRef(node->object);
-	link = PR_NEXT_LINK(link);
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_Traverse
-(
-  nssPKIObjectCollection *collection,
-  nssPKIObjectCallback *callback
-)
-{
-    PRStatus status;
-    PRCList *link = PR_NEXT_LINK(&collection->head);
-    pkiObjectCollectionNode *node;
-    while (link != &collection->head) {
-	node = (pkiObjectCollectionNode *)link;
-	if (!node->haveObject) {
-	    node->object = (*collection->createObject)(node->object);
-	    if (!node->object) {
-		return PR_FAILURE;
-	    }
-	    node->haveObject = PR_TRUE;
-	}
-	switch (collection->objectType) {
-	case pkiObjectType_Certificate: 
-	    status = (*callback->func.cert)((NSSCertificate *)node->object, 
-	                                    callback->arg);
-	    break;
-	case pkiObjectType_CRL: 
-	    status = (*callback->func.crl)((NSSCRL *)node->object, 
-	                                   callback->arg);
-	    break;
-	case pkiObjectType_PrivateKey: 
-	    status = (*callback->func.pvkey)((NSSPrivateKey *)node->object, 
-	                                     callback->arg);
-	    break;
-	case pkiObjectType_PublicKey: 
-	    status = (*callback->func.pbkey)((NSSPublicKey *)node->object, 
-	                                     callback->arg);
-	    break;
-	}
-	link = PR_NEXT_LINK(link);
-    }
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssPKIObjectCollection_AddInstanceAsObject
-(
-  nssPKIObjectCollection *collection,
-  nssCryptokiObject *instance
-)
-{
-    pkiObjectCollectionNode *node;
-    node = add_object_instance(collection, instance);
-    if (node == NULL) {
-	return PR_FAILURE;
-    }
-    if (!node->haveObject) {
-	node->object = (*collection->createObject)(node->object);
-	if (!node->object) {
-	    return PR_FAILURE;
-	}
-	node->haveObject = PR_TRUE;
-    }
-#ifdef NSS_3_4_CODE
-    else {
-	/* The instance was added to a pre-existing node.  This
-	 * function is *only* being used for certificates, and having
-	 * multiple instances of certs in 3.X requires updating the
-	 * CERTCertificate.
-	 */
-	STAN_ForceCERTCertificateUpdate((NSSCertificate *)node->object);
-    }
-#endif
-    return PR_SUCCESS;
-}
-
-/*
- * Certificate collections
- */
-
-static void
-cert_destroyObject(nssPKIObject *o)
-{
-    NSSCertificate *c = (NSSCertificate *)o;
-#ifdef NSS_3_4_CODE
-    if (c->decoding) {
-	CERTCertificate *cc = STAN_GetCERTCertificate(c);
-	if (cc) {
-	    CERT_DestroyCertificate(cc);
-	    return;
-	} /* else destroy it as NSSCertificate below */
-    }
-#endif
-    nssCertificate_Destroy(c);
-}
-
-static PRStatus
-cert_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
-    NSSCertificate *c = (NSSCertificate *)o;
-#ifdef NSS_3_4_CODE
-    /* The builtins are still returning decoded serial numbers.  Until
-     * this compatibility issue is resolved, use the full DER of the
-     * cert to uniquely identify it.
-     */
-    NSSDER *derCert;
-    derCert = nssCertificate_GetEncoding(c);
-    uid[0] = *derCert;
-    uid[1].data = NULL; uid[1].size = 0;
-#else
-    NSSDER *issuer, *serial;
-    issuer = nssCertificate_GetIssuer(c);
-    serial = nssCertificate_GetSerialNumber(c);
-    uid[0] = *issuer;
-    uid[1] = *serial;
-#endif /* NSS_3_4_CODE */
-    return PR_SUCCESS;
-}
-
-static PRStatus
-cert_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid, 
-                        NSSArena *arena)
-{
-#ifdef NSS_3_4_CODE
-    /* The builtins are still returning decoded serial numbers.  Until
-     * this compatibility issue is resolved, use the full DER of the
-     * cert to uniquely identify it.
-     */
-    uid[1].data = NULL; uid[1].size = 0;
-    return nssCryptokiCertificate_GetAttributes(instance,
-                                                NULL,  /* XXX sessionOpt */
-                                                arena, /* arena    */
-                                                NULL,  /* type     */
-                                                NULL,  /* id       */
-                                                &uid[0], /* encoding */
-                                                NULL,  /* issuer   */
-                                                NULL,  /* serial   */
-                                                NULL,  /* subject  */
-                                                NULL); /* email    */
-#else
-    return nssCryptokiCertificate_GetAttributes(instance,
-                                                NULL,  /* XXX sessionOpt */
-                                                arena, /* arena    */
-                                                NULL,  /* type     */
-                                                NULL,  /* id       */
-                                                NULL,  /* encoding */
-                                                &uid[0], /* issuer */
-                                                &uid[1], /* serial */
-                                                NULL,  /* subject  */
-                                                NULL); /* email    */
-#endif /* NSS_3_4_CODE */
-}
-
-static nssPKIObject *
-cert_createObject(nssPKIObject *o)
-{
-    NSSCertificate *cert;
-    cert = nssCertificate_Create(o);
-#ifdef NSS_3_4_CODE
-    if (STAN_GetCERTCertificate(cert) == NULL) {
-	nssCertificate_Destroy(cert);
-	return (nssPKIObject *)NULL;
-    }
-    /* In 3.4, have to maintain uniqueness of cert pointers by caching all
-     * certs.  Cache the cert here, before returning.  If it is already
-     * cached, take the cached entry.
-     */
-    {
-	NSSTrustDomain *td = o->trustDomain;
-	nssTrustDomain_AddCertsToCache(td, &cert, 1);
-    }
-#endif
-    return (nssPKIObject *)cert;
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssCertificateCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSCertificate **certsOpt
-)
-{
-    PRStatus status;
-    nssPKIObjectCollection *collection;
-    collection = nssPKIObjectCollection_Create(td, NULL);
-    collection->objectType = pkiObjectType_Certificate;
-    collection->destroyObject = cert_destroyObject;
-    collection->getUIDFromObject = cert_getUIDFromObject;
-    collection->getUIDFromInstance = cert_getUIDFromInstance;
-    collection->createObject = cert_createObject;
-    if (certsOpt) {
-	for (; *certsOpt; certsOpt++) {
-	    nssPKIObject *object = (nssPKIObject *)(*certsOpt);
-	    status = nssPKIObjectCollection_AddObject(collection, object);
-	}
-    }
-    return collection;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssPKIObjectCollection_GetCertificates
-(
-  nssPKIObjectCollection *collection,
-  NSSCertificate **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    PRStatus status;
-    PRUint32 rvSize;
-    PRBool allocated = PR_FALSE;
-    if (collection->size == 0) {
-	return (NSSCertificate **)NULL;
-    }
-    if (maximumOpt == 0) {
-	rvSize = collection->size;
-    } else {
-	rvSize = PR_MIN(collection->size, maximumOpt);
-    }
-    if (!rvOpt) {
-	rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, rvSize + 1);
-	if (!rvOpt) {
-	    return (NSSCertificate **)NULL;
-	}
-	allocated = PR_TRUE;
-    }
-    status = nssPKIObjectCollection_GetObjects(collection, 
-                                               (nssPKIObject **)rvOpt, 
-                                               rvSize);
-    if (status != PR_SUCCESS) {
-	if (allocated) {
-	    nss_ZFreeIf(rvOpt);
-	}
-	return (NSSCertificate **)NULL;
-    }
-    return rvOpt;
-}
-
-/*
- * CRL/KRL collections
- */
-
-static void
-crl_destroyObject(nssPKIObject *o)
-{
-    NSSCRL *crl = (NSSCRL *)o;
-    nssCRL_Destroy(crl);
-}
-
-static PRStatus
-crl_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
-    NSSCRL *crl = (NSSCRL *)o;
-    NSSDER *encoding;
-    encoding = nssCRL_GetEncoding(crl);
-    uid[0] = *encoding;
-    uid[1].data = NULL; uid[1].size = 0;
-    return PR_SUCCESS;
-}
-
-static PRStatus
-crl_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid, 
-                       NSSArena *arena)
-{
-    return nssCryptokiCRL_GetAttributes(instance,
-                                        NULL,    /* XXX sessionOpt */
-                                        arena,   /* arena    */
-                                        &uid[0], /* encoding */
-                                        NULL,    /* url      */
-                                        NULL);   /* isKRL    */
-}
-
-static nssPKIObject *
-crl_createObject(nssPKIObject *o)
-{
-    return (nssPKIObject *)nssCRL_Create(o);
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssCRLCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSCRL **crlsOpt
-)
-{
-    PRStatus status;
-    nssPKIObjectCollection *collection;
-    collection = nssPKIObjectCollection_Create(td, NULL);
-    collection->objectType = pkiObjectType_CRL;
-    collection->destroyObject = crl_destroyObject;
-    collection->getUIDFromObject = crl_getUIDFromObject;
-    collection->getUIDFromInstance = crl_getUIDFromInstance;
-    collection->createObject = crl_createObject;
-    if (crlsOpt) {
-	for (; *crlsOpt; crlsOpt++) {
-	    nssPKIObject *object = (nssPKIObject *)(*crlsOpt);
-	    status = nssPKIObjectCollection_AddObject(collection, object);
-	}
-    }
-    return collection;
-}
-
-NSS_IMPLEMENT NSSCRL **
-nssPKIObjectCollection_GetCRLs
-(
-  nssPKIObjectCollection *collection,
-  NSSCRL **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    PRStatus status;
-    PRUint32 rvSize;
-    PRBool allocated = PR_FALSE;
-    if (collection->size == 0) {
-	return (NSSCRL **)NULL;
-    }
-    if (maximumOpt == 0) {
-	rvSize = collection->size;
-    } else {
-	rvSize = PR_MIN(collection->size, maximumOpt);
-    }
-    if (!rvOpt) {
-	rvOpt = nss_ZNEWARRAY(arenaOpt, NSSCRL *, rvSize + 1);
-	if (!rvOpt) {
-	    return (NSSCRL **)NULL;
-	}
-	allocated = PR_TRUE;
-    }
-    status = nssPKIObjectCollection_GetObjects(collection, 
-                                               (nssPKIObject **)rvOpt, 
-                                               rvSize);
-    if (status != PR_SUCCESS) {
-	if (allocated) {
-	    nss_ZFreeIf(rvOpt);
-	}
-	return (NSSCRL **)NULL;
-    }
-    return rvOpt;
-}
-
-#ifdef PURE_STAN_BUILD
-/*
- * PrivateKey collections
- */
-
-static void
-privkey_destroyObject(nssPKIObject *o)
-{
-    NSSPrivateKey *pvk = (NSSPrivateKey *)o;
-    nssPrivateKey_Destroy(pvk);
-}
-
-static PRStatus
-privkey_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
-    NSSPrivateKey *pvk = (NSSPrivateKey *)o;
-    NSSItem *id;
-    id = nssPrivateKey_GetID(pvk);
-    uid[0] = *id;
-    return PR_SUCCESS;
-}
-
-static PRStatus
-privkey_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid, 
-                           NSSArena *arena)
-{
-    return nssCryptokiPrivateKey_GetAttributes(instance,
-                                               NULL,  /* XXX sessionOpt */
-                                               arena,
-                                               NULL, /* type */
-                                               &uid[0]);
-}
-
-static nssPKIObject *
-privkey_createObject(nssPKIObject *o)
-{
-    NSSPrivateKey *pvk;
-    pvk = nssPrivateKey_Create(o);
-    return (nssPKIObject *)pvk;
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssPrivateKeyCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSPrivateKey **pvkOpt
-)
-{
-    PRStatus status;
-    nssPKIObjectCollection *collection;
-    collection = nssPKIObjectCollection_Create(td, NULL);
-    collection->objectType = pkiObjectType_PrivateKey;
-    collection->destroyObject = privkey_destroyObject;
-    collection->getUIDFromObject = privkey_getUIDFromObject;
-    collection->getUIDFromInstance = privkey_getUIDFromInstance;
-    collection->createObject = privkey_createObject;
-    if (pvkOpt) {
-	for (; *pvkOpt; pvkOpt++) {
-	    nssPKIObject *o = (nssPKIObject *)(*pvkOpt);
-	    status = nssPKIObjectCollection_AddObject(collection, o);
-	}
-    }
-    return collection;
-}
-
-NSS_IMPLEMENT NSSPrivateKey **
-nssPKIObjectCollection_GetPrivateKeys
-(
-  nssPKIObjectCollection *collection,
-  NSSPrivateKey **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    PRStatus status;
-    PRUint32 rvSize;
-    PRBool allocated = PR_FALSE;
-    if (collection->size == 0) {
-	return (NSSPrivateKey **)NULL;
-    }
-    if (maximumOpt == 0) {
-	rvSize = collection->size;
-    } else {
-	rvSize = PR_MIN(collection->size, maximumOpt);
-    }
-    if (!rvOpt) {
-	rvOpt = nss_ZNEWARRAY(arenaOpt, NSSPrivateKey *, rvSize + 1);
-	if (!rvOpt) {
-	    return (NSSPrivateKey **)NULL;
-	}
-	allocated = PR_TRUE;
-    }
-    status = nssPKIObjectCollection_GetObjects(collection, 
-                                               (nssPKIObject **)rvOpt, 
-                                               rvSize);
-    if (status != PR_SUCCESS) {
-	if (allocated) {
-	    nss_ZFreeIf(rvOpt);
-	}
-	return (NSSPrivateKey **)NULL;
-    }
-    return rvOpt;
-}
-
-/*
- * PublicKey collections
- */
-
-static void
-pubkey_destroyObject(nssPKIObject *o)
-{
-    NSSPublicKey *pubk = (NSSPublicKey *)o;
-    nssPublicKey_Destroy(pubk);
-}
-
-static PRStatus
-pubkey_getUIDFromObject(nssPKIObject *o, NSSItem *uid)
-{
-    NSSPublicKey *pubk = (NSSPublicKey *)o;
-    NSSItem *id;
-    id = nssPublicKey_GetID(pubk);
-    uid[0] = *id;
-    return PR_SUCCESS;
-}
-
-static PRStatus
-pubkey_getUIDFromInstance(nssCryptokiObject *instance, NSSItem *uid, 
-                          NSSArena *arena)
-{
-    return nssCryptokiPublicKey_GetAttributes(instance,
-                                              NULL,  /* XXX sessionOpt */
-                                              arena,
-                                              NULL, /* type */
-                                              &uid[0]);
-}
-
-static nssPKIObject *
-pubkey_createObject(nssPKIObject *o)
-{
-    NSSPublicKey *pubk;
-    pubk = nssPublicKey_Create(o);
-    return (nssPKIObject *)pubk;
-}
-
-NSS_IMPLEMENT nssPKIObjectCollection *
-nssPublicKeyCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSPublicKey **pubkOpt
-)
-{
-    PRStatus status;
-    nssPKIObjectCollection *collection;
-    collection = nssPKIObjectCollection_Create(td, NULL);
-    collection->objectType = pkiObjectType_PublicKey;
-    collection->destroyObject = pubkey_destroyObject;
-    collection->getUIDFromObject = pubkey_getUIDFromObject;
-    collection->getUIDFromInstance = pubkey_getUIDFromInstance;
-    collection->createObject = pubkey_createObject;
-    if (pubkOpt) {
-	for (; *pubkOpt; pubkOpt++) {
-	    nssPKIObject *o = (nssPKIObject *)(*pubkOpt);
-	    status = nssPKIObjectCollection_AddObject(collection, o);
-	}
-    }
-    return collection;
-}
-
-NSS_IMPLEMENT NSSPublicKey **
-nssPKIObjectCollection_GetPublicKeys
-(
-  nssPKIObjectCollection *collection,
-  NSSPublicKey **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    PRStatus status;
-    PRUint32 rvSize;
-    PRBool allocated = PR_FALSE;
-    if (collection->size == 0) {
-	return (NSSPublicKey **)NULL;
-    }
-    if (maximumOpt == 0) {
-	rvSize = collection->size;
-    } else {
-	rvSize = PR_MIN(collection->size, maximumOpt);
-    }
-    if (!rvOpt) {
-	rvOpt = nss_ZNEWARRAY(arenaOpt, NSSPublicKey *, rvSize + 1);
-	if (!rvOpt) {
-	    return (NSSPublicKey **)NULL;
-	}
-	allocated = PR_TRUE;
-    }
-    status = nssPKIObjectCollection_GetObjects(collection, 
-                                               (nssPKIObject **)rvOpt, 
-                                               rvSize);
-    if (status != PR_SUCCESS) {
-	if (allocated) {
-	    nss_ZFreeIf(rvOpt);
-	}
-	return (NSSPublicKey **)NULL;
-    }
-    return rvOpt;
-}
-#endif /* PURE_STAN_BUILD */
-
-/* how bad would it be to have a static now sitting around, updated whenever
- * this was called?  would avoid repeated allocs...
- */
-NSS_IMPLEMENT NSSTime *
-NSSTime_Now
-(
-  NSSTime *timeOpt
-)
-{
-    return NSSTime_SetPRTime(timeOpt, PR_Now());
-}
-
-NSS_IMPLEMENT NSSTime *
-NSSTime_SetPRTime
-(
-  NSSTime *timeOpt,
-  PRTime prTime
-)
-{
-    NSSTime *rvTime;
-    rvTime = (timeOpt) ? timeOpt : nss_ZNEW(NULL, NSSTime);
-    rvTime->prTime = prTime;
-    return rvTime;
-}
-
-NSS_IMPLEMENT PRTime
-NSSTime_GetPRTime
-(
-  NSSTime *time
-)
-{
-  return time->prTime;
-}
-
diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h
deleted file mode 100644
index 170a4d938..000000000
--- a/security/nss/lib/pki/pkim.h
+++ /dev/null
@@ -1,713 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIM_H
-#define PKIM_H
-
-#ifdef DEBUG
-static const char PKIM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef PKITM_H
-#include "pkitm.h"
-#endif /* PKITM_H */
-
-PR_BEGIN_EXTERN_C
-
-/* nssPKIObject
- *
- * This is the base object class, common to all PKI objects defined in
- * in this module.  Each object can be safely 'casted' to an nssPKIObject,
- * then passed to these methods.
- *
- * nssPKIObject_Create
- * nssPKIObject_Destroy
- * nssPKIObject_AddRef
- * nssPKIObject_AddInstance
- * nssPKIObject_HasInstance
- * nssPKIObject_GetTokens
- * nssPKIObject_GetNicknameForToken
- * nssPKIObject_RemoveInstanceForToken
- * nssPKIObject_DeleteStoredObject
- */
-
-/* nssPKIObject_Create
- *
- * A generic PKI object.  It must live in a trust domain.  It may be
- * initialized with a token instance, or alternatively in a crypto context.
- */
-NSS_EXTERN nssPKIObject *
-nssPKIObject_Create
-(
-  NSSArena *arenaOpt,
-  nssCryptokiObject *instanceOpt,
-  NSSTrustDomain *td,
-  NSSCryptoContext *ccOpt
-);
-
-/* nssPKIObject_AddRef
- */
-NSS_EXTERN nssPKIObject *
-nssPKIObject_AddRef
-(
-  nssPKIObject *object
-);
-
-/* nssPKIObject_Destroy
- *
- * Returns true if object was destroyed.  This notifies the subclass that
- * all references are gone and it should delete any members it owns.
- */
-NSS_EXTERN PRBool
-nssPKIObject_Destroy
-(
-  nssPKIObject *object
-);
-
-/* nssPKIObject_AddInstance
- *
- * Add a token instance to the object, if it does not have it already.
- */
-NSS_EXTERN PRStatus
-nssPKIObject_AddInstance
-(
-  nssPKIObject *object,
-  nssCryptokiObject *instance
-);
-
-/* nssPKIObject_HasInstance
- *
- * Query the object for a token instance.
- */
-NSS_EXTERN PRBool
-nssPKIObject_HasInstance
-(
-  nssPKIObject *object,
-  nssCryptokiObject *instance
-);
-
-/* nssPKIObject_GetTokens
- *
- * Get all tokens which have an instance of the object.
- */
-NSS_EXTERN NSSToken **
-nssPKIObject_GetTokens
-(
-  nssPKIObject *object,
-  PRStatus *statusOpt
-);
-
-/* nssPKIObject_GetNicknameForToken
- *
- * tokenOpt == NULL means take the first available, otherwise return the
- * nickname for the specified token.
- */
-NSS_EXTERN NSSUTF8 *
-nssPKIObject_GetNicknameForToken
-(
-  nssPKIObject *object,
-  NSSToken *tokenOpt
-);
-
-/* nssPKIObject_RemoveInstanceForToken
- *
- * Remove the instance of the object on the specified token.
- */
-NSS_EXTERN PRStatus
-nssPKIObject_RemoveInstanceForToken
-(
-  nssPKIObject *object,
-  NSSToken *token
-);
-
-/* nssPKIObject_DeleteStoredObject
- *
- * Delete all token instances of the object, as well as any crypto context
- * instances (TODO).  If any of the instances are read-only, or if the
- * removal fails, the object will keep those instances.  'isFriendly' refers
- * to the object -- can this object be removed from a friendly token without
- * login?  For example, certificates are friendly, private keys are not.
- * Note that if the token is not friendly, authentication will be required
- * regardless of the value of 'isFriendly'.
- */
-NSS_EXTERN PRStatus
-nssPKIObject_DeleteStoredObject
-(
-  nssPKIObject *object,
-  NSSCallback *uhh,
-  PRBool isFriendly
-);
-
-#ifdef NSS_3_4_CODE
-NSS_EXTERN nssCryptokiObject **
-nssPKIObject_GetInstances
-(
-  nssPKIObject *object
-);
-#endif
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByID
-(
-  NSSTrustDomain *td,
-  NSSItem *id,
-  NSSCertificate **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCRL **
-nssTrustDomain_FindCRLsBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject
-);
-
-/* module-private nsspki methods */
-
-NSS_EXTERN NSSCryptoContext *
-nssCryptoContext_Create
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-);
-
-/* XXX for the collection */
-NSS_EXTERN NSSCertificate *
-nssCertificate_Create
-(
-  nssPKIObject *object
-);
-
-NSS_EXTERN PRStatus
-nssCertificate_SetCertTrust
-(
-  NSSCertificate *c,
-  NSSTrust *trust
-);
-
-NSS_EXTERN nssDecodedCert *
-nssCertificate_GetDecoding
-(
-  NSSCertificate *c
-);
-
-NSS_EXTERN nssDecodedCert *
-nssDecodedCert_Create
-(
-  NSSArena *arenaOpt,
-  NSSDER *encoding,
-  NSSCertificateType type
-);
-
-NSS_EXTERN PRStatus
-nssDecodedCert_Destroy
-(
-  nssDecodedCert *dc
-);
-
-NSS_EXTERN NSSTrust *
-nssTrust_Create
-(
-  nssPKIObject *object
-);
-
-NSS_EXTERN NSSCRL *
-nssCRL_Create
-(
-  nssPKIObject *object
-);
-
-NSS_EXTERN NSSCRL *
-nssCRL_AddRef
-(
-  NSSCRL *crl
-);
-
-NSS_EXTERN PRStatus
-nssCRL_Destroy
-(
-  NSSCRL *crl
-);
-
-NSS_EXTERN PRStatus
-nssCRL_DeleteStoredObject
-(
-  NSSCRL *crl,
-  NSSCallback *uhh
-);
-
-NSS_EXTERN NSSPrivateKey *
-nssPrivateKey_Create
-(
-  nssPKIObject *o
-);
-
-NSS_EXTERN NSSDER *
-nssCRL_GetEncoding
-(
-  NSSCRL *crl
-);
-
-NSS_EXTERN NSSPublicKey *
-nssPublicKey_Create
-(
-  nssPKIObject *object
-);
-
-/* nssCertificateArray
- *
- * These are being thrown around a lot, might as well group together some
- * functionality.
- *
- * nssCertificateArray_Destroy
- * nssCertificateArray_Join
- * nssCertificateArray_FindBestCertificate
- * nssCertificateArray_Traverse
- */
-
-/* nssCertificateArray_Destroy
- *
- * Will destroy the array and the certs within it.  If the array was created
- * in an arena, will *not* (of course) destroy the arena.  However, is safe
- * to call this method on an arena-allocated array.
- */
-NSS_EXTERN void
-nssCertificateArray_Destroy
-(
-  NSSCertificate **certs
-);
-
-/* nssCertificateArray_Join
- *
- * Join two arrays into one.  The two arrays, certs1 and certs2, should
- * be considered invalid after a call to this function (they may be destroyed
- * as part of the join).  certs1 and/or certs2 may be NULL.  Safe to
- * call with arrays allocated in an arena, the result will also be in the
- * arena.
- */
-NSS_EXTERN NSSCertificate **
-nssCertificateArray_Join
-(
-  NSSCertificate **certs1,
-  NSSCertificate **certs2
-);
-
-/* nssCertificateArray_FindBestCertificate
- *
- * Use the usual { time, usage, policies } to find the best cert in the
- * array.
- */
-NSS_EXTERN NSSCertificate * 
-nssCertificateArray_FindBestCertificate
-(
-  NSSCertificate **certs, 
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-);
-
-/* nssCertificateArray_Traverse
- *
- * Do the callback for each cert, terminate the traversal if the callback
- * fails.
- */
-NSS_EXTERN PRStatus
-nssCertificateArray_Traverse
-(
-  NSSCertificate **certs,
-  PRStatus (* callback)(NSSCertificate *c, void *arg),
-  void *arg
-);
-
-NSS_EXTERN void
-nssCRLArray_Destroy
-(
-  NSSCRL **crls
-);
-
-/* nssPKIObjectCollection
- *
- * This is a handy way to group objects together and perform operations
- * on them.  It can also handle "proto-objects"-- references to
- * objects instances on tokens, where the actual object hasn't 
- * been formed yet.
- *
- * nssCertificateCollection_Create
- * nssPrivateKeyCollection_Create
- * nssPublicKeyCollection_Create
- *
- * If this was a language that provided for inheritance, each type would
- * inherit all of the following methods.  Instead, there is only one
- * type (nssPKIObjectCollection), shared among all.  This may cause
- * confusion; an alternative would be to define all of the methods
- * for each subtype (nssCertificateCollection_Destroy, ...), but that doesn't
- * seem worth the code bloat..  It is left up to the caller to remember 
- * what type of collection he/she is dealing with.
- *
- * nssPKIObjectCollection_Destroy
- * nssPKIObjectCollection_Count
- * nssPKIObjectCollection_AddObject
- * nssPKIObjectCollection_AddInstances
- * nssPKIObjectCollection_Traverse
- *
- * Back to type-specific methods.
- *
- * nssPKIObjectCollection_GetCertificates
- * nssPKIObjectCollection_GetCRLs
- * nssPKIObjectCollection_GetPrivateKeys
- * nssPKIObjectCollection_GetPublicKeys
- */
-
-/* nssCertificateCollection_Create
- *
- * Create a collection of certificates in the specified trust domain.
- * Optionally provide a starting set of certs.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssCertificateCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSCertificate **certsOpt
-);
-
-/* nssCRLCollection_Create
- *
- * Create a collection of CRLs/KRLs in the specified trust domain.
- * Optionally provide a starting set of CRLs.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssCRLCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSCRL **crlsOpt
-);
-
-/* nssPrivateKeyCollection_Create
- *
- * Create a collection of private keys in the specified trust domain.
- * Optionally provide a starting set of keys.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssPrivateKeyCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSPrivateKey **pvkOpt
-);
-
-/* nssPublicKeyCollection_Create
- *
- * Create a collection of public keys in the specified trust domain.
- * Optionally provide a starting set of keys.
- */
-NSS_EXTERN nssPKIObjectCollection *
-nssPublicKeyCollection_Create
-(
-  NSSTrustDomain *td,
-  NSSPublicKey **pvkOpt
-);
-
-/* nssPKIObjectCollection_Destroy
- */
-NSS_EXTERN void
-nssPKIObjectCollection_Destroy
-(
-  nssPKIObjectCollection *collection
-);
-
-/* nssPKIObjectCollection_Count
- */
-NSS_EXTERN PRUint32
-nssPKIObjectCollection_Count
-(
-  nssPKIObjectCollection *collection
-);
-
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_AddObject
-(
-  nssPKIObjectCollection *collection,
-  nssPKIObject *object
-);
-
-/* nssPKIObjectCollection_AddInstances
- *
- * Add a set of object instances to the collection.  The instances
- * will be sorted into any existing certs/proto-certs that may be in
- * the collection.  The instances will be absorbed by the collection,
- * the array should not be used after this call (except to free it).
- *
- * Failure means the collection is in an invalid state.
- *
- * numInstances = 0 means the array is NULL-terminated
- */
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_AddInstances
-(
-  nssPKIObjectCollection *collection,
-  nssCryptokiObject **instances,
-  PRUint32 numInstances
-);
-
-/* nssPKIObjectCollection_Traverse
- */
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_Traverse
-(
-  nssPKIObjectCollection *collection,
-  nssPKIObjectCallback *callback
-);
-
-/* This function is being added for NSS 3.5.  It corresponds to the function
- * nssToken_TraverseCertificates.  The idea is to use the collection during
- * a traversal, creating certs each time a new instance is added for which
- * a cert does not already exist.
- */
-NSS_EXTERN PRStatus
-nssPKIObjectCollection_AddInstanceAsObject
-(
-  nssPKIObjectCollection *collection,
-  nssCryptokiObject *instance
-);
-
-/* nssPKIObjectCollection_GetCertificates
- *
- * Get all of the certificates in the collection. 
- */
-NSS_EXTERN NSSCertificate **
-nssPKIObjectCollection_GetCertificates
-(
-  nssPKIObjectCollection *collection,
-  NSSCertificate **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCRL **
-nssPKIObjectCollection_GetCRLs
-(
-  nssPKIObjectCollection *collection,
-  NSSCRL **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSPrivateKey **
-nssPKIObjectCollection_GetPrivateKeys
-(
-  nssPKIObjectCollection *collection,
-  NSSPrivateKey **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSPublicKey **
-nssPKIObjectCollection_GetPublicKeys
-(
-  nssPKIObjectCollection *collection,
-  NSSPublicKey **rvOpt,
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSTime *
-NSSTime_Now
-(
-  NSSTime *timeOpt
-);
-
-NSS_EXTERN NSSTime *
-NSSTime_SetPRTime
-(
-  NSSTime *timeOpt,
-  PRTime prTime
-);
-
-NSS_EXTERN PRTime
-NSSTime_GetPRTime
-(
-  NSSTime *time
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateCertificate
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-);
-
-/* 3.4 Certificate cache routines */
-
-NSS_EXTERN PRStatus
-nssTrustDomain_InitializeCache
-(
-  NSSTrustDomain *td,
-  PRUint32 cacheSize
-);
-
-NSS_EXTERN PRStatus
-nssTrustDomain_AddCertsToCache
-(
-  NSSTrustDomain *td,
-  NSSCertificate **certs,
-  PRUint32 numCerts
-);
-
-NSS_EXTERN void
-nssTrustDomain_RemoveCertFromCache
-(
-  NSSTrustDomain *td,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssTrustDomain_FlushCache
-(
-  NSSTrustDomain *td,
-  PRFloat64 threshold
-);
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_DestroyCache
-(
-  NSSTrustDomain *td
-);
-
-/* 
- * Remove all certs for the given token from the cache.  This is
- * needed if the token is removed.
- */
-NSS_EXTERN PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-);
-
-NSS_EXTERN PRStatus
-nssTrustDomain_UpdateCachedTokenCerts
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-);
-
-/*
- * Find all cached certs with this nickname (label).
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForNicknameFromCache
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nickname,
-  nssList *certListOpt
-);
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForEmailAddressFromCache
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *email,
-  nssList *certListOpt
-);
-
-/*
- * Find all cached certs with this subject.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForSubjectFromCache
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  nssList *certListOpt
-);
-
-/*
- * Look for a specific cert in the cache.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_GetCertForIssuerAndSNFromCache
-(
-  NSSTrustDomain *td,
-  NSSDER *issuer,
-  NSSDER *serialNum
-);
-
-/*
- * Look for a specific cert in the cache.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_GetCertByDERFromCache
-(
-  NSSTrustDomain *td,
-  NSSDER *der
-);
-
-/* Get all certs from the cache */
-/* XXX this is being included to make some old-style calls word, not to
- *     say we should keep it
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsFromCache
-(
-  NSSTrustDomain *td,
-  nssList *certListOpt
-);
-
-NSS_EXTERN void
-nssTrustDomain_DumpCacheInfo
-(
-  NSSTrustDomain *td,
-  void (* cert_dump_iter)(const void *, void *, void *),
-  void *arg
-);
-
-NSS_EXTERN void
-nssCertificateList_AddReferences
-(
-  nssList *certList
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKIM_H */
diff --git a/security/nss/lib/pki/pkistore.c b/security/nss/lib/pki/pkistore.c
deleted file mode 100644
index a045b0a68..000000000
--- a/security/nss/lib/pki/pkistore.c
+++ /dev/null
@@ -1,751 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKISTORE_H
-#include "pkistore.h"
-#endif /* PKISTORE_H */
-
-#ifdef NSS_3_4_CODE
-#include "cert.h"
-#endif
-
-/* 
- * Certificate Store
- *
- * This differs from the cache in that it is a true storage facility.  Items
- * stay in until they are explicitly removed.  It is only used by crypto
- * contexts at this time, but may be more generally useful...
- *
- */
-
-struct nssCertificateStoreStr 
-{
-    PRBool i_alloced_arena;
-    NSSArena *arena;
-    PZLock *lock;
-    nssHash *subject;
-    nssHash *issuer_and_serial;
-};
-
-typedef struct certificate_hash_entry_str certificate_hash_entry;
-
-struct certificate_hash_entry_str
-{
-    NSSCertificate *cert;
-    NSSTrust *trust;
-    nssSMIMEProfile *profile;
-};
-
-/* XXX This a common function that should be moved out, possibly an
- *     nssSubjectCertificateList should be created?
- */
-/* sort the subject list from newest to oldest */
-static PRIntn subject_list_sort(void *v1, void *v2)
-{
-    NSSCertificate *c1 = (NSSCertificate *)v1;
-    NSSCertificate *c2 = (NSSCertificate *)v2;
-    nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
-    nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
-    if (dc1->isNewerThan(dc1, dc2)) {
-	return -1;
-    } else {
-	return 1;
-    }
-}
-
-NSS_IMPLEMENT nssCertificateStore *
-nssCertificateStore_Create
-(
-  NSSArena *arenaOpt
-)
-{
-    NSSArena *arena;
-    nssCertificateStore *store;
-    PRBool i_alloced_arena;
-    if (arenaOpt) {
-	arena = arenaOpt;
-	i_alloced_arena = PR_FALSE;
-    } else {
-	arena = nssArena_Create();
-	if (!arena) {
-	    return NULL;
-	}
-	i_alloced_arena = PR_TRUE;
-    }
-    store = nss_ZNEW(arena, nssCertificateStore);
-    if (!store) {
-	goto loser;
-    }
-    store->lock = PZ_NewLock(nssILockOther);
-    if (!store->lock) {
-	goto loser;
-    }
-    /* Create the issuer/serial --> {cert, trust, S/MIME profile } hash */
-    store->issuer_and_serial = nssHash_CreateCertificate(arena, 0);
-    if (!store->issuer_and_serial) {
-	goto loser;
-    }
-    /* Create the subject DER --> subject list hash */
-    store->subject = nssHash_CreateItem(arena, 0);
-    if (!store->subject) {
-	goto loser;
-    }
-    store->arena = arena;
-    store->i_alloced_arena = i_alloced_arena;
-    return store;
-loser:
-    if (store) {
-	if (store->lock) {
-	    PZ_DestroyLock(store->lock);
-	}
-	if (store->issuer_and_serial) {
-	    nssHash_Destroy(store->issuer_and_serial);
-	}
-	if (store->subject) {
-	    nssHash_Destroy(store->subject);
-	}
-    }
-    if (i_alloced_arena) {
-	nssArena_Destroy(arena);
-    }
-    return NULL;
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_Destroy
-(
-  nssCertificateStore *store
-)
-{
-    PZ_DestroyLock(store->lock);
-    nssHash_Destroy(store->issuer_and_serial);
-    nssHash_Destroy(store->subject);
-    if (store->i_alloced_arena) {
-	nssArena_Destroy(store->arena);
-    } else {
-	nss_ZFreeIf(store);
-    }
-}
-
-static PRStatus
-add_certificate_entry
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    PRStatus nssrv;
-    certificate_hash_entry *entry;
-    entry = nss_ZNEW(cert->object.arena, certificate_hash_entry);
-    if (!entry) {
-	return PR_FAILURE;
-    }
-    entry->cert = cert;
-    nssrv = nssHash_Add(store->issuer_and_serial, cert, entry);
-    if (nssrv != PR_SUCCESS) {
-	nss_ZFreeIf(entry);
-    }
-    return nssrv;
-}
-
-static PRStatus
-add_subject_entry
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    PRStatus nssrv;
-    nssList *subjectList;
-    subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
-    if (subjectList) {
-	/* The subject is already in, add this cert to the list */
-	nssrv = nssList_AddUnique(subjectList, cert);
-    } else {
-	/* Create a new subject list for the subject */
-	subjectList = nssList_Create(NULL, PR_FALSE);
-	if (!subjectList) {
-	    return PR_FAILURE;
-	}
-	nssList_SetSortFunction(subjectList, subject_list_sort);
-	/* Add the cert entry to this list of subjects */
-	nssrv = nssList_Add(subjectList, cert);
-	if (nssrv != PR_SUCCESS) {
-	    return nssrv;
-	}
-	/* Add the subject list to the cache */
-	nssrv = nssHash_Add(store->subject, &cert->subject, subjectList);
-    }
-    return nssrv;
-}
-
-/* declared below */
-static void
-remove_certificate_entry
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-);
-
-NSS_IMPLEMENT PRStatus
-nssCertificateStore_Add
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    PRStatus nssrv;
-    PZ_Lock(store->lock);
-    if (nssHash_Exists(store->issuer_and_serial, cert)) {
-	PZ_Unlock(store->lock);
-	return PR_SUCCESS;
-    }
-    nssrv = add_certificate_entry(store, cert);
-    if (nssrv == PR_SUCCESS) {
-	nssrv = add_subject_entry(store, cert);
-	if (nssrv == PR_SUCCESS) {
-	    nssCertificate_AddRef(cert); /* obtain a reference for the store */
-	} else {
-	    remove_certificate_entry(store, cert);
-	}
-    }
-    PZ_Unlock(store->lock);
-    return nssrv;
-}
-
-static void
-remove_certificate_entry
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    certificate_hash_entry *entry;
-    entry = (certificate_hash_entry *)
-                             nssHash_Lookup(store->issuer_and_serial, cert);
-    if (entry) {
-	nssHash_Remove(store->issuer_and_serial, cert);
-	if (entry->trust) {
-	    nssTrust_Destroy(entry->trust);
-	}
-	if (entry->profile) {
-	    nssSMIMEProfile_Destroy(entry->profile);
-	}
-	nss_ZFreeIf(entry);
-    }
-}
-
-static void
-remove_subject_entry
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    nssList *subjectList;
-    /* Get the subject list for the cert's subject */
-    subjectList = (nssList *)nssHash_Lookup(store->subject, &cert->subject);
-    if (subjectList) {
-	/* Remove the cert from the subject hash */
-	nssList_Remove(subjectList, cert);
-	nssHash_Remove(store->subject, &cert->subject);
-	if (nssList_Count(subjectList) == 0) {
-	    nssList_Destroy(subjectList);
-	} else {
-	    /* The cert being released may have keyed the subject entry.
-	     * Since there are still subject certs around, get another and
-	     * rekey the entry just in case.
-	     */
-	    NSSCertificate *subjectCert;
-	    (void)nssList_GetArray(subjectList, (void **)&subjectCert, 1);
-	    nssHash_Add(store->subject, &subjectCert->subject, subjectList);
-	}
-    }
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_Remove
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    certificate_hash_entry *entry;
-    PZ_Lock(store->lock);
-#ifdef NSS_3_4_CODE
-    if (cert->object.refCount > 2) {
-	/* This continues the hack described in CERT_DestroyCertificate.
-	 * Because NSS 3.4 maintains a single, global, crypto context,
-	 * certs must be explicitly removed from it when there are no
-	 * more references to them.  This is done by destroying the cert
-	 * when there are two references left, the one being destroyed,
-	 * and the one here (read: temp db).
-	 * However, there is a race condition with timing the removal
-	 * of the cert from the temp store and deleting the last
-	 * reference.  In CERT_DestroyCertificate, the refCount is checked,
-	 * and if it is two, a call is made here to remove the temp cert.
-	 * But by the time it gets here (and within the safety of the
-	 * store's lock), another thread could have grabbed a reference
-	 * to it.  Removing it now will wreak havoc.
-	 * Therefore, it is necessary to check the refCount again, 
-	 * after obtaining the store's lock, to make sure the cert is
-	 * actually ready to be deleted.  This check is safe, because
-	 * within the store's lock a cert that has only two references
-	 * *must* have one in the store, and the one being deleted.
-	 * See bug 125263.
-	 */
-	PZ_Unlock(store->lock);
-	return;
-    }
-#endif
-    entry = (certificate_hash_entry *)
-                              nssHash_Lookup(store->issuer_and_serial, cert);
-    if (entry && entry->cert == cert) {
-	remove_certificate_entry(store, cert);
-	remove_subject_entry(store, cert);
-	NSSCertificate_Destroy(cert); /* release the store's reference */
-    }
-    PZ_Unlock(store->lock);
-}
-
-static NSSCertificate **
-get_array_from_list
-(
-  nssList *certList,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    PRUint32 count;
-    NSSCertificate **rvArray = NULL;
-    count = nssList_Count(certList);
-    if (count == 0) {
-	return NULL;
-    }
-    if (maximumOpt > 0) {
-	count = PR_MIN(maximumOpt, count);
-    }
-    if (rvOpt) {
-	nssList_GetArray(certList, (void **)rvOpt, count);
-    } else {
-	rvArray = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1);
-	if (rvArray) {
-	    nssList_GetArray(certList, (void **)rvArray, count);
-	}
-    }
-    return rvArray;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesBySubject
-(
-  nssCertificateStore *store,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    nssList *subjectList;
-    PZ_Lock(store->lock);
-    subjectList = (nssList *)nssHash_Lookup(store->subject, subject);
-    if (subjectList) {
-	nssCertificateList_AddReferences(subjectList);
-	rvArray = get_array_from_list(subjectList, 
-	                              rvOpt, maximumOpt, arenaOpt);
-    }
-    PZ_Unlock(store->lock);
-    return rvArray;
-}
-
-/* Because only subject indexing is implemented, all other lookups require
- * full traversal (unfortunately, PLHashTable doesn't allow you to exit
- * early from the enumeration).  The assumptions are that 1) lookups by 
- * fields other than subject will be rare, and 2) the hash will not have
- * a large number of entries.  These assumptions will be tested.
- *
- * XXX
- * For NSS 3.4, it is worth consideration to do all forms of indexing,
- * because the only crypto context is global and persistent.
- */
-
-struct nickname_template_str
-{
-    NSSUTF8 *nickname;
-    nssList *subjectList;
-};
-
-static void match_nickname(const void *k, void *v, void *a)
-{
-    PRStatus nssrv;
-    NSSCertificate *c;
-    NSSUTF8 *nickname;
-    nssList *subjectList = (nssList *)v;
-    struct nickname_template_str *nt = (struct nickname_template_str *)a;
-    nssrv = nssList_GetArray(subjectList, (void **)&c, 1);
-    nickname = nssCertificate_GetNickname(c, NULL);
-    if (nssrv == PR_SUCCESS && nickname &&
-         nssUTF8_Equal(nickname, nt->nickname, &nssrv)) 
-    {
-	nt->subjectList = subjectList;
-    }
-}
-
-/*
- * Find all cached certs with this label.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesByNickname
-(
-  nssCertificateStore *store,
-  NSSUTF8 *nickname,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    struct nickname_template_str nt;
-    nt.nickname = nickname;
-    nt.subjectList = NULL;
-    PZ_Lock(store->lock);
-    nssHash_Iterate(store->subject, match_nickname, &nt);
-    if (nt.subjectList) {
-	nssCertificateList_AddReferences(nt.subjectList);
-	rvArray = get_array_from_list(nt.subjectList, 
-	                              rvOpt, maximumOpt, arenaOpt);
-    }
-    PZ_Unlock(store->lock);
-    return rvArray;
-}
-
-struct email_template_str
-{
-    NSSASCII7 *email;
-    nssList *emailList;
-};
-
-static void match_email(const void *k, void *v, void *a)
-{
-    PRStatus nssrv;
-    NSSCertificate *c;
-    nssList *subjectList = (nssList *)v;
-    struct email_template_str *et = (struct email_template_str *)a;
-    nssrv = nssList_GetArray(subjectList, (void **)&c, 1);
-    if (nssrv == PR_SUCCESS && 
-         nssUTF8_Equal(c->email, et->email, &nssrv)) 
-    {
-	nssListIterator *iter = nssList_CreateIterator(subjectList);
-	if (iter) {
-	    for (c  = (NSSCertificate *)nssListIterator_Start(iter);
-	         c != (NSSCertificate *)NULL;
-	         c  = (NSSCertificate *)nssListIterator_Next(iter))
-	    {
-		nssList_Add(et->emailList, c);
-	    }
-	    nssListIterator_Finish(iter);
-	    nssListIterator_Destroy(iter);
-	}
-    }
-}
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssCertificateStore_FindCertificatesByEmail
-(
-  nssCertificateStore *store,
-  NSSASCII7 *email,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    struct email_template_str et;
-    et.email = email;
-    et.emailList = nssList_Create(NULL, PR_FALSE);
-    if (!et.emailList) {
-	return NULL;
-    }
-    PZ_Lock(store->lock);
-    nssHash_Iterate(store->subject, match_email, &et);
-    if (et.emailList) {
-	/* get references before leaving the store's lock protection */
-	nssCertificateList_AddReferences(et.emailList);
-    }
-    PZ_Unlock(store->lock);
-    if (et.emailList) {
-	rvArray = get_array_from_list(et.emailList, 
-	                              rvOpt, maximumOpt, arenaOpt);
-	nssList_Destroy(et.emailList);
-    }
-    return rvArray;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateStore_FindCertificateByIssuerAndSerialNumber
-(
-  nssCertificateStore *store,
-  NSSDER *issuer,
-  NSSDER *serial
-)
-{
-    certificate_hash_entry *entry;
-    NSSCertificate index;
-    NSSCertificate *rvCert = NULL;
-    index.issuer = *issuer;
-    index.serial = *serial;
-    PZ_Lock(store->lock);
-    entry = (certificate_hash_entry *)
-                           nssHash_Lookup(store->issuer_and_serial, &index);
-    if (entry) {
-	rvCert = nssCertificate_AddRef(entry->cert);
-    }
-    PZ_Unlock(store->lock);
-    return rvCert;
-}
-
-#ifdef NSS_3_4_CODE
-static PRStatus
-issuer_and_serial_from_encoding
-(
-  NSSBER *encoding, 
-  NSSDER *issuer, 
-  NSSDER *serial
-)
-{
-    SECItem derCert, derIssuer, derSerial;
-    SECStatus secrv;
-    derCert.data = (unsigned char *)encoding->data;
-    derCert.len = encoding->size;
-    secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
-    if (secrv != SECSuccess) {
-	return PR_FAILURE;
-    }
-    secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
-    if (secrv != SECSuccess) {
-	PORT_Free(derIssuer.data);
-	return PR_FAILURE;
-    }
-    issuer->data = derIssuer.data;
-    issuer->size = derIssuer.len;
-    serial->data = derSerial.data;
-    serial->size = derSerial.len;
-    return PR_SUCCESS;
-}
-#endif
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificateStore_FindCertificateByEncodedCertificate
-(
-  nssCertificateStore *store,
-  NSSDER *encoding
-)
-{
-    PRStatus nssrv = PR_FAILURE;
-    NSSDER issuer, serial;
-    NSSCertificate *rvCert = NULL;
-#ifdef NSS_3_4_CODE
-    nssrv = issuer_and_serial_from_encoding(encoding, &issuer, &serial);
-#endif
-    if (nssrv != PR_SUCCESS) {
-	return NULL;
-    }
-    rvCert = nssCertificateStore_FindCertificateByIssuerAndSerialNumber(store, 
-                                                                     &issuer, 
-                                                                     &serial);
-#ifdef NSS_3_4_CODE
-    PORT_Free(issuer.data);
-    PORT_Free(serial.data);
-#endif
-    return rvCert;
-}
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddTrust
-(
-  nssCertificateStore *store,
-  NSSTrust *trust
-)
-{
-    NSSCertificate *cert;
-    certificate_hash_entry *entry;
-    cert = trust->certificate;
-    PZ_Lock(store->lock);
-    entry = (certificate_hash_entry *)
-                              nssHash_Lookup(store->issuer_and_serial, cert);
-    if (entry) {
-	entry->trust = nssTrust_AddRef(trust);
-    }
-    PZ_Unlock(store->lock);
-    return (entry) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssCertificateStore_FindTrustForCertificate
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    certificate_hash_entry *entry;
-    NSSTrust *rvTrust = NULL;
-    PZ_Lock(store->lock);
-    entry = (certificate_hash_entry *)
-                              nssHash_Lookup(store->issuer_and_serial, cert);
-    if (entry && entry->trust) {
-	rvTrust = nssTrust_AddRef(entry->trust);
-    }
-    PZ_Unlock(store->lock);
-    return rvTrust;
-}
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddSMIMEProfile
-(
-  nssCertificateStore *store,
-  nssSMIMEProfile *profile
-)
-{
-    NSSCertificate *cert;
-    certificate_hash_entry *entry;
-    cert = profile->certificate;
-    PZ_Lock(store->lock);
-    entry = (certificate_hash_entry *)
-                              nssHash_Lookup(store->issuer_and_serial, cert);
-    if (entry) {
-	entry->profile = nssSMIMEProfile_AddRef(profile);
-    }
-    PZ_Unlock(store->lock);
-    return (entry) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT nssSMIMEProfile *
-nssCertificateStore_FindSMIMEProfileForCertificate
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-)
-{
-    certificate_hash_entry *entry;
-    nssSMIMEProfile *rvProfile = NULL;
-    PZ_Lock(store->lock);
-    entry = (certificate_hash_entry *)
-                              nssHash_Lookup(store->issuer_and_serial, cert);
-    if (entry && entry->profile) {
-	rvProfile = nssSMIMEProfile_AddRef(entry->profile);
-    }
-    PZ_Unlock(store->lock);
-    return rvProfile;
-}
-
-/* XXX this is also used by cache and should be somewhere else */
-
-static PLHashNumber
-nss_certificate_hash
-(
-  const void *key
-)
-{
-    int i;
-    PLHashNumber h;
-    NSSCertificate *c = (NSSCertificate *)key;
-    h = 0;
-    for (i=0; i<c->issuer.size; i++)
-	h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)c->issuer.data)[i];
-    for (i=0; i<c->serial.size; i++)
-	h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)c->serial.data)[i];
-    return h;
-}
-
-static int
-nss_compare_certs(const void *v1, const void *v2)
-{
-    PRStatus ignore;
-    NSSCertificate *c1 = (NSSCertificate *)v1;
-    NSSCertificate *c2 = (NSSCertificate *)v2;
-    return (int)(nssItem_Equal(&c1->issuer, &c2->issuer, &ignore) &&
-                 nssItem_Equal(&c1->serial, &c2->serial, &ignore));
-}
-
-NSS_IMPLEMENT nssHash *
-nssHash_CreateCertificate
-(
-  NSSArena *arenaOpt,
-  PRUint32 numBuckets
-)
-{
-    return nssHash_Create(arenaOpt, 
-                          numBuckets, 
-                          nss_certificate_hash, 
-                          nss_compare_certs, 
-                          PL_CompareValues);
-}
-
-NSS_IMPLEMENT void
-nssCertificateStore_DumpStoreInfo
-(
-  nssCertificateStore *store,
-  void (* cert_dump_iter)(const void *, void *, void *),
-  void *arg
-)
-{
-    PZ_Lock(store->lock);
-    nssHash_Iterate(store->issuer_and_serial, cert_dump_iter, arg);
-    PZ_Unlock(store->lock);
-}
-
diff --git a/security/nss/lib/pki/pkistore.h b/security/nss/lib/pki/pkistore.h
deleted file mode 100644
index a13186118..000000000
--- a/security/nss/lib/pki/pkistore.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKISTORE_H
-#define PKISTORE_H
-
-#ifdef DEBUG
-static const char PKISTORE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/* 
- * PKI Stores
- *
- * This is a set of routines for managing local stores of PKI objects.
- * Currently, the only application is in crypto contexts, where the
- * certificate store is used.  In the future, methods should be added
- * here for storing local references to keys.
- */
-
-/* 
- * nssCertificateStore
- *
- * Manages local store of certificate, trust, and S/MIME profile objects.
- * Within a crypto context, mappings of cert to trust and cert to S/MIME
- * profile are always 1-1.  Therefore, it is reasonable to store all objects
- * in a single collection, indexed by the certificate.
- */
-
-NSS_EXTERN nssCertificateStore *
-nssCertificateStore_Create
-(
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN void
-nssCertificateStore_Destroy
-(
-  nssCertificateStore *store
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_Add
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssCertificateStore_Remove
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesBySubject
-(
-  nssCertificateStore *store,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesByNickname
-(
-  nssCertificateStore *store,
-  NSSUTF8 *nickname,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCertificate **
-nssCertificateStore_FindCertificatesByEmail
-(
-  nssCertificateStore *store,
-  NSSASCII7 *email,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSCertificate *
-nssCertificateStore_FindCertificateByIssuerAndSerialNumber
-(
-  nssCertificateStore *store,
-  NSSDER *issuer,
-  NSSDER *serial
-);
-
-NSS_EXTERN NSSCertificate *
-nssCertificateStore_FindCertificateByEncodedCertificate
-(
-  nssCertificateStore *store,
-  NSSDER *encoding
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddTrust
-(
-  nssCertificateStore *store,
-  NSSTrust *trust
-);
-
-NSS_EXTERN NSSTrust *
-nssCertificateStore_FindTrustForCertificate
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN PRStatus
-nssCertificateStore_AddSMIMEProfile
-(
-  nssCertificateStore *store,
-  nssSMIMEProfile *profile
-);
-
-NSS_EXTERN nssSMIMEProfile *
-nssCertificateStore_FindSMIMEProfileForCertificate
-(
-  nssCertificateStore *store,
-  NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssCertificateStore_DumpStoreInfo
-(
-  nssCertificateStore *store,
-  void (* cert_dump_iter)(const void *, void *, void *),
-  void *arg
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKISTORE_H */
diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h
deleted file mode 100644
index f8bd067b9..000000000
--- a/security/nss/lib/pki/pkit.h
+++ /dev/null
@@ -1,210 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIT_H
-#define PKIT_H
-
-#ifdef DEBUG
-static const char PKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkit.h
- *
- * This file contains definitions for the types of the top-level PKI objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifdef NSS_3_4_CODE
-#include "certt.h"
-#include "pkcs11t.h"
-#endif /* NSS_3_4_CODE */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A note on ephemeral certs
- *
- * The key objects defined here can only be created on tokens, and can only
- * exist on tokens.  Therefore, any instance of a key object must have
- * a corresponding cryptoki instance.  OTOH, certificates created in 
- * crypto contexts need not be stored as session objects on the token.
- * There are good performance reasons for not doing so.  The certificate
- * and trust objects have been defined with a cryptoContext field to
- * allow for ephemeral certs, which may have a single instance in a crypto
- * context along with any number (including zero) of cryptoki instances.
- * Since contexts may not share objects, there can be only one context
- * for each object.
- */
-
-/* nssPKIObject
- *
- * This is the base object class, common to all PKI objects defined in
- * nsspkit.h
- */
-struct nssPKIObjectStr 
-{
-    /* The arena for all object memory */
-    NSSArena *arena;
-    /* Atomically incremented/decremented reference counting */
-    PRInt32 refCount;
-    /* lock protects the array of nssCryptokiInstance's of the object */
-    PZLock *lock;
-    /* XXX with LRU cache, this cannot be guaranteed up-to-date.  It cannot
-     * be compared against the update level of the trust domain, since it is
-     * also affected by import/export.  Where is this array needed?
-     */
-    nssCryptokiObject **instances;
-    PRUint32 numInstances;
-    /* The object must live in a trust domain */
-    NSSTrustDomain *trustDomain;
-    /* The object may live in a crypto context */
-    NSSCryptoContext *cryptoContext;
-    /* XXX added so temp certs can have nickname, think more ... */
-    NSSUTF8 *tempName;
-};
-
-typedef struct nssDecodedCertStr nssDecodedCert;
-
-typedef struct nssCertificateStoreStr nssCertificateStore;
-
-/* How wide is the scope of this? */
-typedef struct nssSMIMEProfileStr nssSMIMEProfile;
-
-typedef struct nssPKIObjectStr nssPKIObject;
-
-struct NSSTrustStr 
-{
-    nssPKIObject object;
-    NSSCertificate *certificate;
-    nssTrustLevel serverAuth;
-    nssTrustLevel clientAuth;
-    nssTrustLevel emailProtection;
-    nssTrustLevel codeSigning;
-};
-
-struct nssSMIMEProfileStr
-{
-    nssPKIObject object;
-    NSSCertificate *certificate;
-    NSSASCII7 *email;
-    NSSDER *subject;
-    NSSItem *profileTime;
-    NSSItem *profileData;
-};
-
-struct NSSCertificateStr
-{
-    nssPKIObject object;
-    NSSCertificateType type;
-    NSSItem id;
-    NSSBER encoding;
-    NSSDER issuer;
-    NSSDER subject;
-    NSSDER serial;
-    NSSASCII7 *email;
-    nssDecodedCert *decoding;
-};
-
-struct NSSPrivateKeyStr;
-
-struct NSSPublicKeyStr;
-
-struct NSSSymmetricKeyStr;
-
-typedef struct nssTDCertificateCacheStr nssTDCertificateCache;
-
-struct NSSTrustDomainStr {
-    PRInt32 refCount;
-    NSSArena *arena;
-    NSSCallback *defaultCallback;
-    nssList *tokenList;
-    nssListIterator *tokens;
-    nssTDCertificateCache *cache;
-#ifdef NSS_3_4_CODE
-    void *spkDigestInfo;
-    CERTStatusConfig *statusConfig;
-#endif
-};
-
-struct NSSCryptoContextStr
-{
-    PRInt32 refCount;
-    NSSArena *arena;
-    NSSTrustDomain *td;
-    NSSToken *token;
-    nssSession *session;
-    nssCertificateStore *certStore;
-};
-
-struct NSSTimeStr {
-    PRTime prTime;
-};
-
-struct NSSCRLStr {
-  nssPKIObject object;
-  NSSDER encoding;
-  NSSUTF8 *url;
-  PRBool isKRL;
-};
-
-typedef struct NSSCRLStr NSSCRL;
-
-struct NSSPoliciesStr;
-
-struct NSSAlgorithmAndParametersStr;
-
-struct NSSPKIXCertificateStr;
-
-PR_END_EXTERN_C
-
-#endif /* PKIT_H */
diff --git a/security/nss/lib/pki/pkitm.h b/security/nss/lib/pki/pkitm.h
deleted file mode 100644
index d163923e6..000000000
--- a/security/nss/lib/pki/pkitm.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKITM_H
-#define PKITM_H
-
-#ifdef DEBUG
-static const char PKITM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkitm.h
- *
- * This file contains PKI-module specific types.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssDecodedCert
- *
- * This is an interface to allow the PKI module access to certificate
- * information that can only be found by decoding.  The interface is
- * generic, allowing each certificate type its own way of providing
- * the information
- */
-struct nssDecodedCertStr {
-    NSSCertificateType type;
-    void *data;
-    /* returns the unique identifier for the cert */
-    NSSItem *  (*getIdentifier)(nssDecodedCert *dc);
-    /* returns the unique identifier for this cert's issuer */
-    NSSItem *  (*getIssuerIdentifier)(nssDecodedCert *dc);
-    /* is id the identifier for this cert? */
-    PRBool     (*matchIdentifier)(nssDecodedCert *dc, NSSItem *id);
-    /* returns the cert usage */
-    NSSUsage * (*getUsage)(nssDecodedCert *dc);
-    /* is time within the validity period of the cert? */
-    PRBool     (*isValidAtTime)(nssDecodedCert *dc, NSSTime *time);
-    /* is the validity period of this cert newer than cmpdc? */
-    PRBool     (*isNewerThan)(nssDecodedCert *dc, nssDecodedCert *cmpdc);
-    /* does the usage for this cert match the requested usage? */
-    PRBool     (*matchUsage)(nssDecodedCert *dc, NSSUsage *usage);
-    /* extract the email address */
-    NSSASCII7 *(*getEmailAddress)(nssDecodedCert *dc);
-    /* extract the DER-encoded serial number */
-    PRStatus   (*getDERSerialNumber)(nssDecodedCert *dc,
-                                     NSSDER *derSerial, NSSArena *arena);
-};
-
-struct NSSUsageStr {
-    PRBool anyUsage;
-#ifdef NSS_3_4_CODE
-    SECCertUsage nss3usage;
-    PRBool nss3lookingForCA;
-#endif
-};
-
-typedef struct nssBestCertificateCBStr nssBestCertificateCB;
-
-struct nssBestCertificateCBStr {
-    NSSCertificate *cert;
-    NSSTime *time;
-    NSSTime sTime; /* to avoid allocating when unnecessary */
-    NSSUsage *usage;
-    NSSPolicies *policies;
-};
-
-typedef struct nssPKIObjectCollectionStr nssPKIObjectCollection;
-
-typedef struct
-{
-  union {
-    PRStatus (*  cert)(NSSCertificate *c, void *arg);
-    PRStatus (*   crl)(NSSCRL       *crl, void *arg);
-    PRStatus (* pvkey)(NSSPrivateKey *vk, void *arg);
-    PRStatus (* pbkey)(NSSPublicKey *bk, void *arg);
-  } func;
-  void *arg;
-} nssPKIObjectCallback;
-
-PR_END_EXTERN_C
-
-#endif /* PKITM_H */
diff --git a/security/nss/lib/pki/symmkey.c b/security/nss/lib/pki/symmkey.c
deleted file mode 100644
index 773bdc246..000000000
--- a/security/nss/lib/pki/symmkey.c
+++ /dev/null
@@ -1,318 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Destroy
-(
-  NSSSymmetricKey *mk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_DeleteStoredObject
-(
-  NSSSymmetricKey *mk,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyLength
-(
-  NSSSymmetricKey *mk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return -1;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyStrength
-(
-  NSSSymmetricKey *mk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return -1;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_IsStillPresent
-(
-  NSSSymmetricKey *mk
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSSymmetricKey_GetToken
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSSymmetricKey_GetSlot
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSSymmetricKey_GetModule
-(
-  NSSSymmetricKey *mk,
-  PRStatus *statusOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Encrypt
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Decrypt
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *encryptedData,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Sign
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_SignRecover
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Verify
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *data,
-  NSSItem *signature,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_VerifyRecover
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *signature,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapSymmetricKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSSymmetricKey *keyToWrap,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapPrivateKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPrivateKey *keyToWrap,
-  NSSCallback *uhh,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSOID *target,
-  PRUint32 keySizeOpt,
-  NSSOperations operations,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey
-(
-  NSSSymmetricKey *wrappingKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSItem *wrappedKey,
-  NSSUTF8 *labelOpt,
-  NSSItem *keyIDOpt,
-  PRBool persistant,
-  PRBool sensitive,
-  NSSToken *destinationOpt,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey
-(
-  NSSSymmetricKey *originalKey,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSOID *target,
-  PRUint32 keySizeOpt,
-  NSSOperations operations,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext
-(
-  NSSSymmetricKey *mk,
-  NSSAlgorithmAndParameters *apOpt,
-  NSSCallback *uhh
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
diff --git a/security/nss/lib/pki/tdcache.c b/security/nss/lib/pki/tdcache.c
deleted file mode 100644
index 0adc08e06..000000000
--- a/security/nss/lib/pki/tdcache.c
+++ /dev/null
@@ -1,1174 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef NSS_3_4_CODE
-#include "cert.h"
-#include "dev.h"
-#include "pki3hack.h"
-#endif
-
-#ifdef DEBUG_CACHE
-static PRLogModuleInfo *s_log = NULL;
-#endif
-
-#ifdef DEBUG_CACHE
-static void log_item_dump(const char *msg, NSSItem *it)
-{
-    char buf[33];
-    int i, j;
-    for (i=0; i<10 && i<it->size; i++) {
-	sprintf(&buf[2*i], "%02X", ((PRUint8 *)it->data)[i]);
-    }
-    if (it->size>10) {
-	sprintf(&buf[2*i], "..");
-	i += 1;
-	for (j=it->size-1; i<=16 && j>10; i++, j--) {
-	    sprintf(&buf[2*i], "%02X", ((PRUint8 *)it->data)[j]);
-	}
-    }
-    PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg, buf));
-}
-#endif
-
-#ifdef DEBUG_CACHE
-static void log_cert_ref(const char *msg, NSSCertificate *c)
-{
-    PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg,
-                           (c->nickname) ? c->nickname : c->email));
-    log_item_dump("\tserial", &c->serial);
-    log_item_dump("\tsubject", &c->subject);
-}
-#endif
-
-/* Certificate cache routines */
-
-/* XXX
- * Locking is not handled well at all.  A single, global lock with sub-locks
- * in the collection types.  Cleanup needed.
- */
-
-/* should it live in its own arena? */
-struct nssTDCertificateCacheStr 
-{
-    PZLock *lock;
-    NSSArena *arena;
-    nssHash *issuerAndSN;
-    nssHash *subject;
-    nssHash *nickname;
-    nssHash *email;
-};
-
-struct cache_entry_str 
-{
-    union {
-	NSSCertificate *cert;
-	nssList *list;
-	void *value;
-    } entry;
-    PRUint32 hits;
-    PRTime lastHit;
-    NSSArena *arena;
-    NSSUTF8 *nickname;
-};
-
-typedef struct cache_entry_str cache_entry;
-
-static cache_entry *
-new_cache_entry(NSSArena *arena, void *value, PRBool ownArena)
-{
-    cache_entry *ce = nss_ZNEW(arena, cache_entry);
-    if (ce) {
-	ce->entry.value = value;
-	ce->hits = 1;
-	ce->lastHit = PR_Now();
-	if (ownArena) {
-	    ce->arena = arena;
-	}
-	ce->nickname = NULL;
-    }
-    return ce;
-}
-
-/* sort the subject list from newest to oldest */
-static PRIntn subject_list_sort(void *v1, void *v2)
-{
-    NSSCertificate *c1 = (NSSCertificate *)v1;
-    NSSCertificate *c2 = (NSSCertificate *)v2;
-    nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
-    nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
-    if (dc1->isNewerThan(dc1, dc2)) {
-	return -1;
-    } else {
-	return 1;
-    }
-}
-
-/* this should not be exposed in a header, but is here to keep the above
- * types/functions static
- */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_InitializeCache
-(
-  NSSTrustDomain *td,
-  PRUint32 cacheSize
-)
-{
-    NSSArena *arena;
-    nssTDCertificateCache *cache = td->cache;
-#ifdef DEBUG_CACHE
-    s_log = PR_NewLogModule("nss_cache");
-    PR_ASSERT(s_log);
-#endif
-    PR_ASSERT(!cache);
-    arena = nssArena_Create();
-    if (!arena) {
-	return PR_FAILURE;
-    }
-    cache = nss_ZNEW(arena, nssTDCertificateCache);
-    if (!cache) {
-	nssArena_Destroy(arena);
-	return PR_FAILURE;
-    }
-    cache->lock = PZ_NewLock(nssILockCache);
-    if (!cache->lock) {
-	nssArena_Destroy(arena);
-	return PR_FAILURE;
-    }
-    /* Create the issuer and serial DER --> certificate hash */
-    cache->issuerAndSN = nssHash_CreateCertificate(arena, cacheSize);
-    if (!cache->issuerAndSN) {
-	goto loser;
-    }
-    /* Create the subject DER --> subject list hash */
-    cache->subject = nssHash_CreateItem(arena, cacheSize);
-    if (!cache->subject) {
-	goto loser;
-    }
-    /* Create the nickname --> subject list hash */
-    cache->nickname = nssHash_CreateString(arena, cacheSize);
-    if (!cache->nickname) {
-	goto loser;
-    }
-    /* Create the email --> list of subject lists hash */
-    cache->email = nssHash_CreateString(arena, cacheSize);
-    if (!cache->email) {
-	goto loser;
-    }
-    cache->arena = arena;
-    td->cache = cache;
-#ifdef DEBUG_CACHE
-    PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialized."));
-#endif
-    return PR_SUCCESS;
-loser:
-    PZ_DestroyLock(cache->lock);
-    nssArena_Destroy(arena);
-    td->cache = NULL;
-#ifdef DEBUG_CACHE
-    PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialization failed."));
-#endif
-    return PR_FAILURE;
-}
-
-/* The entries of the hashtable are currently dependent on the certificate(s)
- * that produced them.  That is, the entries will be freed when the cert is
- * released from the cache.  If there are certs in the cache at any time,
- * including shutdown, the hash table entries will hold memory.  In order for
- * clean shutdown, it is necessary for there to be no certs in the cache.
- */
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_DestroyCache
-(
-  NSSTrustDomain *td
-)
-{
-    if (!td->cache) {
-	return PR_FAILURE;
-    }
-    PZ_DestroyLock(td->cache->lock);
-    nssHash_Destroy(td->cache->issuerAndSN);
-    nssHash_Destroy(td->cache->subject);
-    nssHash_Destroy(td->cache->nickname);
-    nssHash_Destroy(td->cache->email);
-    nssArena_Destroy(td->cache->arena);
-    td->cache = NULL;
-#ifdef DEBUG_CACHE
-    PR_LOG(s_log, PR_LOG_DEBUG, ("Cache destroyed."));
-#endif
-    return PR_SUCCESS;
-}
-
-static PRStatus
-remove_issuer_and_serial_entry
-(
-  nssTDCertificateCache *cache,
-  NSSCertificate *cert
-)
-{
-    /* Remove the cert from the issuer/serial hash */
-    nssHash_Remove(cache->issuerAndSN, cert);
-#ifdef DEBUG_CACHE
-    log_cert_ref("removed issuer/sn", cert);
-#endif
-    return PR_SUCCESS;
-}
-
-static PRStatus
-remove_subject_entry
-(
-  nssTDCertificateCache *cache,
-  NSSCertificate *cert,
-  nssList **subjectList,
-  NSSUTF8 **nickname,
-  NSSArena **arena
-)
-{
-    PRStatus nssrv;
-    cache_entry *ce;
-    *subjectList = NULL;
-    *arena = NULL;
-    /* Get the subject list for the cert's subject */
-    ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
-    if (ce) {
-	/* Remove the cert from the subject hash */
-	nssList_Remove(ce->entry.list, cert);
-	*subjectList = ce->entry.list;
-	*nickname = ce->nickname;
-	*arena = ce->arena;
-	nssrv = PR_SUCCESS;
-#ifdef DEBUG_CACHE
-	log_cert_ref("removed cert", cert);
-	log_item_dump("from subject list", &cert->subject);
-#endif
-    } else {
-	nssrv = PR_FAILURE;
-    }
-    return nssrv;
-}
-
-static PRStatus
-remove_nickname_entry
-(
-  nssTDCertificateCache *cache,
-  NSSUTF8 *nickname,
-  nssList *subjectList
-)
-{
-    PRStatus nssrv;
-    if (nickname) {
-	nssHash_Remove(cache->nickname, nickname);
-	nssrv = PR_SUCCESS;
-#ifdef DEBUG_CACHE
-	PR_LOG(s_log, PR_LOG_DEBUG, ("removed nickname %s", nickname));
-#endif
-    } else {
-	nssrv = PR_FAILURE;
-    }
-    return nssrv;
-}
-
-static PRStatus
-remove_email_entry
-(
-  nssTDCertificateCache *cache,
-  NSSCertificate *cert,
-  nssList *subjectList
-)
-{
-    PRStatus nssrv = PR_FAILURE;
-    cache_entry *ce;
-    /* Find the subject list in the email hash */
-    if (cert->email) {
-	ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
-	if (ce) {
-	    nssList *subjects = ce->entry.list;
-	    /* Remove the subject list from the email hash */
-	    nssList_Remove(subjects, subjectList);
-#ifdef DEBUG_CACHE
-	    log_item_dump("removed subject list", &cert->subject);
-	    PR_LOG(s_log, PR_LOG_DEBUG, ("for email %s", cert->email));
-#endif
-	    if (nssList_Count(subjects) == 0) {
-		/* No more subject lists for email, delete list and
-		* remove hash entry
-		*/
-		(void)nssList_Destroy(subjects);
-		nssHash_Remove(cache->email, cert->email);
-		/* there are no entries left for this address, free space
-		 * used for email entries
-		 */
-		nssArena_Destroy(ce->arena);
-#ifdef DEBUG_CACHE
-		PR_LOG(s_log, PR_LOG_DEBUG, ("removed email %s", cert->email));
-#endif
-	    }
-	    nssrv = PR_SUCCESS;
-	}
-    }
-    return nssrv;
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_RemoveCertFromCache
-(
-  NSSTrustDomain *td,
-  NSSCertificate *cert
-)
-{
-    nssList *subjectList;
-    PRStatus nssrv;
-    cache_entry *ce;
-    NSSArena *arena;
-    NSSUTF8 *nickname;
-
-#ifdef DEBUG_CACHE
-    log_cert_ref("attempt to remove cert", cert);
-#endif
-    PZ_Lock(td->cache->lock);
-    ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert);
-    if (!ce || ce->entry.cert != cert) {
-	/* If it's not in the cache, or a different cert is (this is really
-	 * for safety reasons, though it shouldn't happen), do nothing 
-	 */
-	PZ_Unlock(td->cache->lock);
-#ifdef DEBUG_CACHE
-	PR_LOG(s_log, PR_LOG_DEBUG, ("but it wasn't in the cache"));
-#endif
-	return;
-    }
-    nssrv = remove_issuer_and_serial_entry(td->cache, cert);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    nssrv = remove_subject_entry(td->cache, cert, &subjectList, 
-							&nickname, &arena);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    if (nssList_Count(subjectList) == 0) {
-	PRStatus nssrv2;
-	nssrv = remove_nickname_entry(td->cache, nickname, subjectList);
-	nssrv2 = remove_email_entry(td->cache, cert, subjectList);
-#ifndef NSS_3_4_CODE
-	/* XXX Again, 3.4 allows for certs w/o either nickname or email */
-	if (nssrv != PR_SUCCESS && nssrv2 != PR_SUCCESS) {
-	    goto loser;
-	}
-#endif
-	(void)nssList_Destroy(subjectList);
-	nssHash_Remove(td->cache->subject, &cert->subject);
-	/* there are no entries left for this subject, free the space used
-	 * for both the nickname and subject entries
-	 */
-	if (arena) {
-	    nssArena_Destroy(arena);
-	}
-    }
-    PZ_Unlock(td->cache->lock);
-    NSSCertificate_Destroy(cert); /* release the reference */
-    return;
-loser:
-    /* if here, then the cache is inconsistent.  For now, flush it. */
-    PZ_Unlock(td->cache->lock);
-#ifdef DEBUG_CACHE
-    PR_LOG(s_log, PR_LOG_DEBUG, ("remove cert failed, flushing"));
-#endif
-    nssTrustDomain_FlushCache(td, -1.0);
-    NSSCertificate_Destroy(cert); /* release the reference */
-}
-
-/* This is used to remove all certs below a certain threshold, where
- * the value is determined by how many times the cert has been requested
- * and when the last request was.
- */
-NSS_IMPLEMENT void
-nssTrustDomain_FlushCache
-(
-  NSSTrustDomain *td,
-  PRFloat64 threshold
-)
-{
-}
-
-struct token_cert_dtor {
-    NSSToken *token;
-    nssTDCertificateCache *cache;
-    NSSCertificate **certs;
-    PRUint32 numCerts, arrSize;
-};
-
-static void 
-remove_token_certs(const void *k, void *v, void *a)
-{
-    NSSCertificate *c = (NSSCertificate *)k;
-    nssPKIObject *object = &c->object;
-    struct token_cert_dtor *dtor = a;
-    PRUint32 i;
-    PZ_Lock(object->lock);
-    for (i=0; i<object->numInstances; i++) {
-	if (object->instances[i]->token == dtor->token) {
-	    nssCryptokiObject_Destroy(object->instances[i]);
-	    object->instances[i] = object->instances[object->numInstances-1];
-	    object->instances[object->numInstances-1] = NULL;
-	    object->numInstances--;
-	    dtor->certs[dtor->numCerts++] = nssCertificate_AddRef(c);
-	    if (dtor->numCerts == dtor->arrSize) {
-		dtor->arrSize *= 2;
-		dtor->certs = nss_ZREALLOCARRAY(dtor->certs, 
-		                                NSSCertificate *,
-		                                dtor->arrSize);
-	    }
-	    break;
-	}
-    }
-    PZ_Unlock(object->lock);
-    return;
-}
-
-/* 
- * Remove all certs for the given token from the cache.  This is
- * needed if the token is removed. 
- */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-)
-{
-    NSSCertificate **certs;
-    PRUint32 i, arrSize = 10;
-    struct token_cert_dtor dtor;
-    certs = nss_ZNEWARRAY(NULL, NSSCertificate *, arrSize);
-    if (!certs) {
-	return PR_FAILURE;
-    }
-    dtor.cache = td->cache;
-    dtor.token = token;
-    dtor.certs = certs;
-    dtor.numCerts = 0;
-    dtor.arrSize = arrSize;
-    PZ_Lock(td->cache->lock);
-    nssHash_Iterate(td->cache->issuerAndSN, remove_token_certs, (void *)&dtor);
-    PZ_Unlock(td->cache->lock);
-    for (i=0; i<dtor.numCerts; i++) {
-	if (dtor.certs[i]->object.numInstances == 0) {
-	    nssTrustDomain_RemoveCertFromCache(td, dtor.certs[i]);
-	} else {
-	    STAN_ForceCERTCertificateUpdate(dtor.certs[i]);
-	}
-	nssCertificate_Destroy(dtor.certs[i]);
-    }
-    nss_ZFreeIf(dtor.certs);
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_UpdateCachedTokenCerts
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-)
-{
-    NSSCertificate **cp, **cached = NULL;
-    nssList *certList;
-    PRUint32 count;
-    certList = nssList_Create(NULL, PR_FALSE);
-    if (!certList) return PR_FAILURE;
-    (void *)nssTrustDomain_GetCertsFromCache(td, certList);
-    count = nssList_Count(certList);
-    if (count > 0) {
-	cached = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
-	if (!cached) {
-	    return PR_FAILURE;
-	}
-	nssList_GetArray(certList, (void **)cached, count);
-	nssList_Destroy(certList);
-	for (cp = cached; *cp; cp++) {
-	    nssCryptokiObject *instance;
-	    NSSCertificate *c = *cp;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    instance = nssToken_FindCertificateByIssuerAndSerialNumber(
-	                                                       token,
-                                                               NULL,
-                                                               &c->issuer,
-                                                               &c->serial,
-                                                               tokenOnly,
-                                                               NULL);
-	    if (instance) {
-		nssPKIObject_AddInstance(&c->object, instance);
-		STAN_ForceCERTCertificateUpdate(c);
-	    }
-	}
-	nssCertificateArray_Destroy(cached);
-    }
-    return PR_SUCCESS;
-}
-
-static PRStatus
-add_issuer_and_serial_entry
-(
-  NSSArena *arena,
-  nssTDCertificateCache *cache, 
-  NSSCertificate *cert
-)
-{
-    cache_entry *ce;
-    ce = new_cache_entry(arena, (void *)cert, PR_FALSE);
-#ifdef DEBUG_CACHE
-    log_cert_ref("added to issuer/sn", cert);
-#endif
-    return nssHash_Add(cache->issuerAndSN, cert, (void *)ce);
-}
-
-static PRStatus
-add_subject_entry
-(
-  NSSArena *arena,
-  nssTDCertificateCache *cache, 
-  NSSCertificate *cert,
-  NSSUTF8 *nickname,
-  nssList **subjectList
-)
-{
-    PRStatus nssrv;
-    nssList *list;
-    cache_entry *ce;
-    *subjectList = NULL;  /* this is only set if a new one is created */
-    ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
-    if (ce) {
-	ce->hits++;
-	ce->lastHit = PR_Now();
-	/* The subject is already in, add this cert to the list */
-	nssrv = nssList_AddUnique(ce->entry.list, cert);
-#ifdef DEBUG_CACHE
-	log_cert_ref("added to existing subject list", cert);
-#endif
-    } else {
-	NSSDER *subject;
-	/* Create a new subject list for the subject */
-	list = nssList_Create(arena, PR_FALSE);
-	if (!list) {
-	    return PR_FAILURE;
-	}
-	ce = new_cache_entry(arena, (void *)list, PR_TRUE);
-	if (!ce) {
-	    return PR_FAILURE;
-	}
-	if (nickname) {
-	    ce->nickname = nssUTF8_Duplicate(nickname, arena);
-	}
-	nssList_SetSortFunction(list, subject_list_sort);
-	/* Add the cert entry to this list of subjects */
-	nssrv = nssList_AddUnique(list, cert);
-	if (nssrv != PR_SUCCESS) {
-	    return nssrv;
-	}
-	/* Add the subject list to the cache */
-	subject = nssItem_Duplicate(&cert->subject, arena, NULL);
-	if (!subject) {
-	    return PR_FAILURE;
-	}
-	nssrv = nssHash_Add(cache->subject, subject, ce);
-	if (nssrv != PR_SUCCESS) {
-	    return nssrv;
-	}
-	*subjectList = list;
-#ifdef DEBUG_CACHE
-	log_cert_ref("created subject list", cert);
-#endif
-    }
-    return nssrv;
-}
-
-static PRStatus
-add_nickname_entry
-(
-  NSSArena *arena,
-  nssTDCertificateCache *cache, 
-  NSSUTF8 *certNickname,
-  nssList *subjectList
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    cache_entry *ce;
-    ce = (cache_entry *)nssHash_Lookup(cache->nickname, certNickname);
-    if (ce) {
-	/* This is a collision.  A nickname entry already exists for this
-	 * subject, but a subject entry didn't.  This would imply there are
-	 * two subjects using the same nickname, which is not allowed.
-	 */
-	return PR_FAILURE;
-    } else {
-	NSSUTF8 *nickname;
-	ce = new_cache_entry(arena, subjectList, PR_FALSE);
-	if (!ce) {
-	    return PR_FAILURE;
-	}
-	nickname = nssUTF8_Duplicate(certNickname, arena);
-	if (!nickname) {
-	    return PR_FAILURE;
-	}
-	nssrv = nssHash_Add(cache->nickname, nickname, ce);
-#ifdef DEBUG_CACHE
-	log_cert_ref("created nickname for", cert);
-#endif
-    }
-    return nssrv;
-}
-
-static PRStatus
-add_email_entry
-(
-  nssTDCertificateCache *cache, 
-  NSSCertificate *cert,
-  nssList *subjectList
-)
-{
-    PRStatus nssrv = PR_SUCCESS;
-    nssList *subjects;
-    cache_entry *ce;
-    ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
-    if (ce) {
-	/* Already have an entry for this email address, but not subject */
-	subjects = ce->entry.list;
-	nssrv = nssList_AddUnique(subjects, subjectList);
-	ce->hits++;
-	ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
-	log_cert_ref("added subject to email for", cert);
-#endif
-    } else {
-	NSSASCII7 *email;
-	NSSArena *arena;
-	arena = nssArena_Create();
-	if (!arena) {
-	    return PR_FAILURE;
-	}
-	/* Create a new list of subject lists, add this subject */
-	subjects = nssList_Create(arena, PR_TRUE);
-	if (!subjects) {
-	    nssArena_Destroy(arena);
-	    return PR_FAILURE;
-	}
-	/* Add the new subject to the list */
-	nssrv = nssList_AddUnique(subjects, subjectList);
-	if (nssrv != PR_SUCCESS) {
-	    nssArena_Destroy(arena);
-	    return nssrv;
-	}
-	/* Add the new entry to the cache */
-	ce = new_cache_entry(arena, (void *)subjects, PR_TRUE);
-	if (!ce) {
-	    nssArena_Destroy(arena);
-	    return PR_FAILURE;
-	}
-	email = nssUTF8_Duplicate(cert->email, arena);
-	if (!email) {
-	    nssArena_Destroy(arena);
-	    return PR_FAILURE;
-	}
-	nssrv = nssHash_Add(cache->email, email, ce);
-	if (nssrv != PR_SUCCESS) {
-	    nssArena_Destroy(arena);
-	    return nssrv;
-	}
-#ifdef DEBUG_CACHE
-	log_cert_ref("created email for", cert);
-#endif
-    }
-    return nssrv;
-}
-
-extern const NSSError NSS_ERROR_CERTIFICATE_IN_CACHE;
-
-static NSSCertificate *
-add_cert_to_cache
-(
-  NSSTrustDomain *td, 
-  NSSCertificate *cert
-)
-{
-    NSSArena *arena = NULL;
-    nssList *subjectList = NULL;
-    PRStatus nssrv;
-    PRUint32 added = 0;
-    cache_entry *ce;
-    NSSCertificate *rvCert = NULL;
-    NSSUTF8 *certNickname = nssCertificate_GetNickname(cert, NULL);
-
-    PZ_Lock(td->cache->lock);
-    /* If it exists in the issuer/serial hash, it's already in all */
-    ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, cert);
-    if (ce) {
-	ce->hits++;
-	ce->lastHit = PR_Now();
-	rvCert = nssCertificate_AddRef(ce->entry.cert);
-#ifdef DEBUG_CACHE
-	log_cert_ref("attempted to add cert already in cache", cert);
-#endif
-	PZ_Unlock(td->cache->lock);
-	/* collision - somebody else already added the cert
-	 * to the cache before this thread got around to it.
-	 */
-	nssCertificate_Destroy(cert);
-	return rvCert;
-    }
-    /* create a new cache entry for this cert within the cert's arena*/
-    nssrv = add_issuer_and_serial_entry(cert->object.arena, td->cache, cert);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    added++;
-    /* create an arena for the nickname and subject entries */
-    arena = nssArena_Create();
-    if (!arena) {
-	goto loser;
-    }
-    /* create a new subject list for this cert, or add to existing */
-    nssrv = add_subject_entry(arena, td->cache, cert, 
-						certNickname, &subjectList);
-    if (nssrv != PR_SUCCESS) {
-	goto loser;
-    }
-    added++;
-    /* If a new subject entry was created, also need nickname and/or email */
-    if (subjectList != NULL) {
-	PRBool handle = PR_FALSE;
-	if (certNickname) {
-	    nssrv = add_nickname_entry(arena, td->cache, 
-						certNickname, subjectList);
-	    if (nssrv != PR_SUCCESS) {
-		goto loser;
-	    }
-	    handle = PR_TRUE;
-	    added++;
-	}
-	if (cert->email) {
-	    nssrv = add_email_entry(td->cache, cert, subjectList);
-	    if (nssrv != PR_SUCCESS) {
-		goto loser;
-	    }
-	    handle = PR_TRUE;
-	    added += 2;
-	}
-#ifdef nodef
-	/* I think either a nickname or email address must be associated
-	 * with the cert.  However, certs are passed to NewTemp without
-	 * either.  This worked in the old code, so it must work now.
-	 */
-	if (!handle) {
-	    /* Require either nickname or email handle */
-	    nssrv = PR_FAILURE;
-	    goto loser;
-	}
-#endif
-    }
-    rvCert = nssCertificate_AddRef(cert);
-    PZ_Unlock(td->cache->lock);
-    return rvCert;
-loser:
-    /* Remove any handles that have been created */
-    subjectList = NULL;
-    if (added >= 1) {
-	(void)remove_issuer_and_serial_entry(td->cache, cert);
-    }
-    if (added >= 2) {
-	(void)remove_subject_entry(td->cache, cert, &subjectList, 
-						&certNickname, &arena);
-    }
-    if (added == 3 || added == 5) {
-	(void)remove_nickname_entry(td->cache, certNickname, subjectList);
-    }
-    if (added >= 4) {
-	(void)remove_email_entry(td->cache, cert, subjectList);
-    }
-    if (subjectList) {
-	nssHash_Remove(td->cache->subject, &cert->subject);
-	nssList_Destroy(subjectList);
-    }
-    if (arena) {
-	nssArena_Destroy(arena);
-    }
-    PZ_Unlock(td->cache->lock);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_AddCertsToCache
-(
-  NSSTrustDomain *td,
-  NSSCertificate **certs,
-  PRUint32 numCerts
-)
-{
-    PRUint32 i;
-    NSSCertificate *c;
-    for (i=0; i<numCerts && certs[i]; i++) {
-	c = add_cert_to_cache(td, certs[i]);
-	if (c == NULL) {
-	    return PR_FAILURE;
-	} else {
-	    certs[i] = c;
-	}
-    }
-    return PR_SUCCESS;
-}
-
-static NSSCertificate **
-collect_subject_certs
-(
-  nssList *subjectList,
-  nssList *rvCertListOpt
-)
-{
-    NSSCertificate *c;
-    NSSCertificate **rvArray = NULL;
-    PRUint32 count;
-    nssCertificateList_AddReferences(subjectList);
-    if (rvCertListOpt) {
-	nssListIterator *iter = nssList_CreateIterator(subjectList);
-	for (c  = (NSSCertificate *)nssListIterator_Start(iter);
-	     c != (NSSCertificate *)NULL;
-	     c  = (NSSCertificate *)nssListIterator_Next(iter)) {
-	    nssList_Add(rvCertListOpt, c);
-	}
-	nssListIterator_Finish(iter);
-	nssListIterator_Destroy(iter);
-    } else {
-	count = nssList_Count(subjectList);
-	rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
-	if (!rvArray) {
-	    return (NSSCertificate **)NULL;
-	}
-	nssList_GetArray(subjectList, (void **)rvArray, count);
-    }
-    return rvArray;
-}
-
-/*
- * Find all cached certs with this subject.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForSubjectFromCache
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  nssList *certListOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    cache_entry *ce;
-#ifdef DEBUG_CACHE
-    log_item_dump("looking for cert by subject", subject);
-#endif
-    PZ_Lock(td->cache->lock);
-    ce = (cache_entry *)nssHash_Lookup(td->cache->subject, subject);
-    if (ce) {
-	ce->hits++;
-	ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
-	PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
-	rvArray = collect_subject_certs(ce->entry.list, certListOpt);
-    }
-    PZ_Unlock(td->cache->lock);
-    return rvArray;
-}
-
-/*
- * Find all cached certs with this label.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForNicknameFromCache
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nickname,
-  nssList *certListOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    cache_entry *ce;
-#ifdef DEBUG_CACHE
-    PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by nick %s", nickname));
-#endif
-    PZ_Lock(td->cache->lock);
-    ce = (cache_entry *)nssHash_Lookup(td->cache->nickname, nickname);
-    if (ce) {
-	ce->hits++;
-	ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
-	PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
-	rvArray = collect_subject_certs(ce->entry.list, certListOpt);
-    }
-    PZ_Unlock(td->cache->lock);
-    return rvArray;
-}
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForEmailAddressFromCache
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *email,
-  nssList *certListOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    cache_entry *ce;
-    nssList *collectList = NULL;
-    nssListIterator *iter = NULL;
-    nssList *subjectList;
-#ifdef DEBUG_CACHE
-    PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by email %s", email));
-#endif
-    PZ_Lock(td->cache->lock);
-    ce = (cache_entry *)nssHash_Lookup(td->cache->email, email);
-    if (ce) {
-	ce->hits++;
-	ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
-	PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
-	/* loop over subject lists and get refs for certs */
-	if (certListOpt) {
-	    collectList = certListOpt;
-	} else {
-	    collectList = nssList_Create(NULL, PR_FALSE);
-	    if (!collectList) {
-		PZ_Unlock(td->cache->lock);
-		return NULL;
-	    }
-	}
-	iter = nssList_CreateIterator(ce->entry.list);
-	if (!iter) {
-	    PZ_Unlock(td->cache->lock);
-	    if (!certListOpt) {
-		nssList_Destroy(collectList);
-	    }
-	    return NULL;
-	}
-	for (subjectList  = (nssList *)nssListIterator_Start(iter);
-	     subjectList != (nssList *)NULL;
-	     subjectList  = (nssList *)nssListIterator_Next(iter)) {
-	    (void)collect_subject_certs(subjectList, collectList);
-	}
-	nssListIterator_Finish(iter);
-	nssListIterator_Destroy(iter);
-    }
-    PZ_Unlock(td->cache->lock);
-    if (!certListOpt && collectList) {
-	PRUint32 count = nssList_Count(collectList);
-	rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
-	if (rvArray) {
-	    nssList_GetArray(collectList, (void **)rvArray, count);
-	}
-	nssList_Destroy(collectList);
-    }
-    return rvArray;
-}
-
-/*
- * Look for a specific cert in the cache
- */
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_GetCertForIssuerAndSNFromCache
-(
-  NSSTrustDomain *td,
-  NSSDER *issuer,
-  NSSDER *serial
-)
-{
-    NSSCertificate certkey;
-    NSSCertificate *rvCert = NULL;
-    cache_entry *ce;
-    certkey.issuer.data = issuer->data;
-    certkey.issuer.size = issuer->size;
-    certkey.serial.data = serial->data;
-    certkey.serial.size = serial->size;
-#ifdef DEBUG_CACHE
-    log_item_dump("looking for cert by issuer/sn, issuer", issuer);
-    log_item_dump("                               serial", serial);
-#endif
-    PZ_Lock(td->cache->lock);
-    ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, &certkey);
-    if (ce) {
-	ce->hits++;
-	ce->lastHit = PR_Now();
-	rvCert = nssCertificate_AddRef(ce->entry.cert);
-#ifdef DEBUG_CACHE
-	PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
-    }
-    PZ_Unlock(td->cache->lock);
-    return rvCert;
-}
-
-#ifdef NSS_3_4_CODE
-static PRStatus
-issuer_and_serial_from_encoding
-(
-  NSSBER *encoding, 
-  NSSDER *issuer, 
-  NSSDER *serial
-)
-{
-    SECItem derCert, derIssuer, derSerial;
-    SECStatus secrv;
-    derCert.data = (unsigned char *)encoding->data;
-    derCert.len = encoding->size;
-    secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
-    if (secrv != SECSuccess) {
-	return PR_FAILURE;
-    }
-    secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
-    if (secrv != SECSuccess) {
-	return PR_FAILURE;
-    }
-    issuer->data = derIssuer.data;
-    issuer->size = derIssuer.len;
-    serial->data = derSerial.data;
-    serial->size = derSerial.len;
-    return PR_SUCCESS;
-}
-#endif
-
-/*
- * Look for a specific cert in the cache
- */
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_GetCertByDERFromCache
-(
-  NSSTrustDomain *td,
-  NSSDER *der
-)
-{
-    PRStatus nssrv = PR_FAILURE;
-    NSSDER issuer, serial;
-    NSSCertificate *rvCert;
-#ifdef NSS_3_4_CODE
-    nssrv = issuer_and_serial_from_encoding(der, &issuer, &serial);
-#endif
-    if (nssrv != PR_SUCCESS) {
-	return NULL;
-    }
-#ifdef DEBUG_CACHE
-    log_item_dump("looking for cert by DER", der);
-#endif
-    rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td, 
-                                                           &issuer, &serial);
-#ifdef NSS_3_4_CODE
-    PORT_Free(issuer.data);
-    PORT_Free(serial.data);
-#endif
-    return rvCert;
-}
-
-static void cert_iter(const void *k, void *v, void *a)
-{
-    nssList *certList = (nssList *)a;
-    NSSCertificate *c = (NSSCertificate *)k;
-    nssList_Add(certList, nssCertificate_AddRef(c));
-}
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsFromCache
-(
-  NSSTrustDomain *td,
-  nssList *certListOpt
-)
-{
-    NSSCertificate **rvArray = NULL;
-    nssList *certList;
-    if (certListOpt) {
-	certList = certListOpt;
-    } else {
-	certList = nssList_Create(NULL, PR_FALSE);
-    }
-    PZ_Lock(td->cache->lock);
-    nssHash_Iterate(td->cache->issuerAndSN, cert_iter, (void *)certList);
-    PZ_Unlock(td->cache->lock);
-    if (!certListOpt) {
-	PRUint32 count = nssList_Count(certList);
-	rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
-	nssList_GetArray(certList, (void **)rvArray, count);
-	/* array takes the references */
-	nssList_Destroy(certList);
-    }
-    return rvArray;
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_DumpCacheInfo
-(
-  NSSTrustDomain *td,
-  void (* cert_dump_iter)(const void *, void *, void *),
-  void *arg
-)
-{
-    PZ_Lock(td->cache->lock);
-    nssHash_Iterate(td->cache->issuerAndSN, cert_dump_iter, arg);
-    PZ_Unlock(td->cache->lock);
-}
diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c
deleted file mode 100644
index c5e3dc337..000000000
--- a/security/nss/lib/pki/trustdomain.c
+++ /dev/null
@@ -1,1440 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-#ifdef NSS_3_4_CODE
-#include "cert.h"
-#include "pki3hack.h"
-#endif
-
-#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
-
-#ifdef PURE_STAN_BUILD
-struct NSSTrustDomainStr {
-    PRInt32 refCount;
-    NSSArena *arena;
-    NSSCallback *defaultCallback;
-    struct {
-	nssSlotList *forCerts;
-	nssSlotList *forCiphers;
-	nssSlotList *forTrust;
-    } slots;
-    nssCertificateCache *cache;
-};
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-typedef PRUint32 nssUpdateLevel;
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSTrustDomain_Create
-(
-  NSSUTF8 *moduleOpt,
-  NSSUTF8 *uriOpt,
-  NSSUTF8 *opaqueOpt,
-  void *reserved
-)
-{
-    NSSArena *arena;
-    NSSTrustDomain *rvTD;
-    arena = NSSArena_Create();
-    if(!arena) {
-	return (NSSTrustDomain *)NULL;
-    }
-    rvTD = nss_ZNEW(arena, NSSTrustDomain);
-    if (!rvTD) {
-	goto loser;
-    }
-    nssTrustDomain_InitializeCache(rvTD, NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE);
-    rvTD->arena = arena;
-    rvTD->refCount = 1;
-#ifdef NSS_3_4_CODE
-    rvTD->statusConfig = NULL;
-#endif
-    return rvTD;
-loser:
-    nssArena_Destroy(arena);
-    return (NSSTrustDomain *)NULL;
-}
-
-static void
-token_destructor(void *t)
-{
-    NSSToken *tok = (NSSToken *)t;
-    /* in 3.4, also destroy the slot (managed separately) */
-    (void)nssSlot_Destroy(tok->slot);
-    nssToken_Destroy(tok);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Destroy
-(
-  NSSTrustDomain *td
-)
-{
-    if (--td->refCount == 0) {
-	/* Destroy each token in the list of tokens */
-	if (td->tokens) {
-	    nssListIterator_Destroy(td->tokens);
-	    nssList_Clear(td->tokenList, token_destructor);
-	    nssList_Destroy(td->tokenList);
-	}
-	nssTrustDomain_DestroyCache(td);
-	/* Destroy the trust domain */
-	nssArena_Destroy(td->arena);
-    }
-    return PR_SUCCESS;
-}
-
-/* XXX uses tokens until slot list is in place */
-static NSSSlot **
-nssTrustDomain_GetActiveSlots
-(
-  NSSTrustDomain *td,
-  nssUpdateLevel *updateLevel
-)
-{
-    PRUint32 count;
-    NSSSlot **slots = NULL;
-    NSSToken **tp, **tokens;
-    *updateLevel = 1;
-    count = nssList_Count(td->tokenList);
-    tokens = nss_ZNEWARRAY(NULL, NSSToken *, count + 1);
-    if (!tokens) {
-	return NULL;
-    }
-    slots = nss_ZNEWARRAY(NULL, NSSSlot *, count + 1);
-    if (!slots) {
-	nss_ZFreeIf(tokens);
-	return NULL;
-    }
-    nssList_GetArray(td->tokenList, (void **)tokens, count);
-    count = 0;
-    for (tp = tokens; *tp; tp++) {
-	slots[count++] = nssToken_GetSlot(*tp);
-    }
-    nss_ZFreeIf(tokens);
-    return slots;
-}
-
-/* XXX */
-static nssSession *
-nssTrustDomain_GetSessionForToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-)
-{
-    return nssToken_GetDefaultSession(token);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_SetDefaultCallback
-(
-  NSSTrustDomain *td,
-  NSSCallback *newCallback,
-  NSSCallback **oldCallbackOpt
-)
-{
-    if (oldCallbackOpt) {
-	*oldCallbackOpt = td->defaultCallback;
-    }
-    td->defaultCallback = newCallback;
-    return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSCallback *
-nssTrustDomain_GetDefaultCallback
-(
-  NSSTrustDomain *td,
-  PRStatus *statusOpt
-)
-{
-    if (statusOpt) {
-	*statusOpt = PR_SUCCESS;
-    }
-    return td->defaultCallback;
-}
-
-NSS_IMPLEMENT NSSCallback *
-NSSTrustDomain_GetDefaultCallback
-(
-  NSSTrustDomain *td,
-  PRStatus *statusOpt
-)
-{
-    return nssTrustDomain_GetDefaultCallback(td, statusOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_LoadModule
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *moduleOpt,
-  NSSUTF8 *uriOpt,
-  NSSUTF8 *opaqueOpt,
-  void *reserved
-)
-{
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_DisableToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token,
-  NSSError why
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_EnableToken
-(
-  NSSTrustDomain *td,
-  NSSToken *token
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_IsTokenEnabled
-(
-  NSSTrustDomain *td,
-  NSSToken *token,
-  NSSError *whyOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSTrustDomain_FindSlotByName
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *slotName
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenByName
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *tokenName
-)
-{
-    PRStatus nssrv;
-    NSSUTF8 *myName;
-    NSSToken *tok = NULL;
-    for (tok  = (NSSToken *)nssListIterator_Start(td->tokens);
-         tok != (NSSToken *)NULL;
-         tok  = (NSSToken *)nssListIterator_Next(td->tokens))
-    {
-	if (nssToken_IsPresent(tok)) {
-	    myName = nssToken_GetName(tok);
-	    if (nssUTF8_Equal(tokenName, myName, &nssrv)) break;
-	}
-    }
-    nssListIterator_Finish(td->tokens);
-    return tok;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenBySlotName
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *slotName
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenForAlgorithm
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithm
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindBestTokenForAlgorithms
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithms[], /* may be null-terminated */
-  PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Login
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Logout
-(
-  NSSTrustDomain *td
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportCertificate
-(
-  NSSTrustDomain *td,
-  NSSCertificate *c
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate
-(
-  NSSTrustDomain *td,
-  /* declared as a struct until these "data types" are defined */
-  struct NSSPKIXCertificateStr *pc
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate
-(
-  NSSTrustDomain *td,
-  NSSBER *ber
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain
-(
-  NSSTrustDomain *td,
-  NSSBER *ber,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSTrustDomain_ImportEncodedPrivateKey
-(
-  NSSTrustDomain *td,
-  NSSBER *ber,
-  NSSItem *passwordOpt, /* NULL will cause a callback */
-  NSSCallback *uhhOpt,
-  NSSToken *destination
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSTrustDomain_ImportEncodedPublicKey
-(
-  NSSTrustDomain *td,
-  NSSBER *ber
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-static NSSCertificate **
-get_certs_from_list(nssList *list)
-{
-    PRUint32 count = nssList_Count(list);
-    NSSCertificate **certs = NULL;
-    if (count > 0) {
-	certs = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
-	if (certs) {
-	    nssList_GetArray(list, (void **)certs, count);
-	}
-    }
-    return certs;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *name,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    PRStatus status;
-    PRUint32 numRemaining;
-    NSSToken *token = NULL;
-    NSSSlot **slots = NULL;
-    NSSSlot **slotp;
-    NSSCertificate **rvCerts = NULL;
-    nssPKIObjectCollection *collection = NULL;
-    nssUpdateLevel updateLevel;
-    nssList *nameList;
-    /* First, grab from the cache */
-    nameList = nssList_Create(NULL, PR_FALSE);
-    if (!nameList) {
-	return NULL;
-    }
-    (void)nssTrustDomain_GetCertsForNicknameFromCache(td, name, nameList);
-    rvCerts = get_certs_from_list(nameList);
-    /* initialize the collection of token certificates with the set of
-     * cached certs (if any).
-     */
-    collection = nssCertificateCollection_Create(td, rvCerts);
-    nssCertificateArray_Destroy(rvCerts);
-    nssList_Destroy(nameList);
-    if (!collection) {
-	return (NSSCertificate **)NULL;
-    }
-    /* obtain the current set of active slots in the trust domain */
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	goto loser;
-    }
-    /* iterate over the slots */
-    numRemaining = maximumOpt;
-    for (slotp = slots; *slotp; slotp++) {
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    nssSession *session;
-	    nssCryptokiObject **instances;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    session = nssTrustDomain_GetSessionForToken(td, token);
-	    if (!session) {
-		nssToken_Destroy(token);
-		goto loser;
-	    }
-	    instances = nssToken_FindCertificatesByNickname(token,
-	                                                    session,
-	                                                    name,
-	                                                    tokenOnly,
-	                                                    numRemaining,
-	                                                    &status);
-	    nssToken_Destroy(token);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	    if (instances) {
-		status = nssPKIObjectCollection_AddInstances(collection, 
-		                                             instances, 0);
-		nss_ZFreeIf(instances);
-		if (status != PR_SUCCESS) {
-		    goto loser;
-		}
-		if (maximumOpt > 0) {
-	            PRUint32 count;
-	            count = nssPKIObjectCollection_Count(collection);
-		    numRemaining = maximumOpt - count;
-		    if (numRemaining == 0) break;
-		}
-	    }
-	}
-    }
-    /* Grab the certs collected in the search. */
-    rvCerts = nssPKIObjectCollection_GetCertificates(collection,
-                                                     rvOpt, maximumOpt,
-                                                     arenaOpt);
-    /* clean up */
-    nssPKIObjectCollection_Destroy(collection);
-    nssSlotArray_Destroy(slots);
-    return rvCerts;
-loser:
-    if (slots) {
-	nssSlotArray_Destroy(slots);
-    }
-    if (collection) {
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    return (NSSCertificate **)NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *name,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    return nssTrustDomain_FindCertificatesByNickname(td,
-                                                     name,
-                                                     rvOpt,
-                                                     maximumOpt,
-                                                     arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindBestCertificateByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *name,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    NSSCertificate **nicknameCerts;
-    NSSCertificate *rvCert = NULL;
-    nicknameCerts = nssTrustDomain_FindCertificatesByNickname(td, name,
-                                                              NULL,
-                                                              0,
-                                                              NULL);
-    if (nicknameCerts) {
-	rvCert = nssCertificateArray_FindBestCertificate(nicknameCerts,
-                                                         timeOpt,
-                                                         usage,
-                                                         policiesOpt);
-	nssCertificateArray_Destroy(nicknameCerts);
-    }
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *name,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    return nssTrustDomain_FindBestCertificateByNickname(td,
-                                                        name,
-                                                        timeOpt,
-                                                        usage,
-                                                        policiesOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_FindCertificatesBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    PRStatus status;
-    PRUint32 numRemaining;
-    NSSToken *token = NULL;
-    NSSSlot **slots = NULL;
-    NSSSlot **slotp;
-    NSSCertificate **rvCerts = NULL;
-    nssPKIObjectCollection *collection = NULL;
-    nssUpdateLevel updateLevel;
-    nssList *subjectList;
-    /* look in cache */
-    subjectList = nssList_Create(NULL, PR_FALSE);
-    if (!subjectList) {
-	return NULL;
-    }
-    (void)nssTrustDomain_GetCertsForSubjectFromCache(td, subject, subjectList);
-    rvCerts = get_certs_from_list(subjectList);
-    collection = nssCertificateCollection_Create(td, rvCerts);
-    nssCertificateArray_Destroy(rvCerts);
-    nssList_Destroy(subjectList);
-    if (!collection) {
-	return (NSSCertificate **)NULL;
-    }
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	goto loser;
-    }
-    numRemaining = maximumOpt;
-    for (slotp = slots; *slotp; slotp++) {
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    nssSession *session;
-	    nssCryptokiObject **instances;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    session = nssTrustDomain_GetSessionForToken(td, token);
-	    if (!session) {
-		nssToken_Destroy(token);
-		goto loser;
-	    }
-	    instances = nssToken_FindCertificatesBySubject(token,
-	                                                   session,
-	                                                   subject,
-	                                                   tokenOnly,
-	                                                   numRemaining,
-	                                                   &status);
-	    nssToken_Destroy(token);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	    if (instances) {
-		status = nssPKIObjectCollection_AddInstances(collection, 
-		                                             instances, 0);
-		nss_ZFreeIf(instances);
-		if (status != PR_SUCCESS) {
-		    goto loser;
-		}
-		if (maximumOpt > 0) {
-		    PRUint32 count;
-		    count = nssPKIObjectCollection_Count(collection);
-		    numRemaining = maximumOpt - count;
-		    if (numRemaining == 0) break;
-		}
-	    }
-	}
-    }
-    rvCerts = nssPKIObjectCollection_GetCertificates(collection,
-                                                     rvOpt, maximumOpt,
-                                                     arenaOpt);
-    nssPKIObjectCollection_Destroy(collection);
-    nssSlotArray_Destroy(slots);
-    return rvCerts;
-loser:
-    if (slots) {
-	nssSlotArray_Destroy(slots);
-    }
-    if (collection) {
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    return (NSSCertificate **)NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt,
-  NSSArena *arenaOpt
-)
-{
-    return nssTrustDomain_FindCertificatesBySubject(td, 
-                                                    subject,
-                                                    rvOpt,
-                                                    maximumOpt,
-                                                    arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindBestCertificateBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    NSSCertificate **subjectCerts;
-    NSSCertificate *rvCert = NULL;
-    subjectCerts = nssTrustDomain_FindCertificatesBySubject(td, subject,
-                                                            NULL,
-                                                            0,
-                                                            NULL);
-    if (subjectCerts) {
-	rvCert = nssCertificateArray_FindBestCertificate(subjectCerts,
-                                                         timeOpt,
-                                                         usage,
-                                                         policiesOpt);
-	nssCertificateArray_Destroy(subjectCerts);
-    }
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    return nssTrustDomain_FindBestCertificateBySubject(td,
-                                                       subject,
-                                                       timeOpt,
-                                                       usage,
-                                                       policiesOpt);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nameComponents,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *nameComponents,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindCertificateByIssuerAndSerialNumber
-(
-  NSSTrustDomain *td,
-  NSSDER *issuer,
-  NSSDER *serial
-)
-{
-    PRStatus status;
-    NSSToken *token = NULL;
-    NSSSlot **slots = NULL;
-    NSSSlot **slotp;
-    NSSCertificate *rvCert = NULL;
-    nssPKIObjectCollection *collection = NULL;
-    nssUpdateLevel updateLevel;
-    /* see if this search is already cached */
-    rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
-                                                           issuer, 
-                                                           serial);
-    if (rvCert) {
-	return rvCert;
-    }
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	goto loser;
-    }
-    for (slotp = slots; *slotp; slotp++) {
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    nssSession *session;
-	    nssCryptokiObject *instance;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    session = nssTrustDomain_GetSessionForToken(td, token);
-	    if (!session) {
-		nssToken_Destroy(token);
-		goto loser;
-	    }
-	    instance = nssToken_FindCertificateByIssuerAndSerialNumber(
-	                                                            token,
-	                                                            session,
-	                                                            issuer,
-	                                                            serial,
-	                                                            tokenOnly,
-	                                                            &status);
-	    nssToken_Destroy(token);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	    if (instance) {
-		if (!collection) {
-		    collection = nssCertificateCollection_Create(td, NULL);
-		    if (!collection) {
-			goto loser;
-		    }
-		}
-		nssPKIObjectCollection_AddInstances(collection, 
-		                                    &instance, 1);
-	    }
-	}
-    }
-    if (collection) {
-	(void)nssPKIObjectCollection_GetCertificates(collection, 
-	                                             &rvCert, 1, NULL);
-	nssPKIObjectCollection_Destroy(collection);
-	if (!rvCert) {
-	    goto loser;
-	}
-    }
-    nssSlotArray_Destroy(slots);
-    return rvCert;
-loser:
-    if (collection) {
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    if (slots) {
-	nssSlotArray_Destroy(slots);
-    }
-    return (NSSCertificate *)NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
-(
-  NSSTrustDomain *td,
-  NSSDER *issuer,
-  NSSDER *serial
-)
-{
-    return nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
-                                                                 issuer,
-                                                                 serial);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_FindCertificateByEncodedCertificate
-(
-  NSSTrustDomain *td,
-  NSSBER *ber
-)
-{
-    PRStatus status;
-    NSSCertificate *rvCert = NULL;
-    NSSDER issuer = { 0 };
-    NSSDER serial = { 0 };
-    NSSArena *arena = nssArena_Create();
-    if (!arena) {
-	return (NSSCertificate *)NULL;
-    }
-    /* XXX this is not generic...  will any cert crack into issuer/serial? */
-    status = nssPKIX509_GetIssuerAndSerialFromDER(ber, arena, &issuer, &serial);
-    if (status != PR_SUCCESS) {
-	goto finish;
-    }
-    rvCert = nssTrustDomain_FindCertificateByIssuerAndSerialNumber(td,
-                                                                   &issuer,
-                                                                   &serial);
-finish:
-    nssArena_Destroy(arena);
-    return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate
-(
-  NSSTrustDomain *td,
-  NSSBER *ber
-)
-{
-    return nssTrustDomain_FindCertificateByEncodedCertificate(td, ber);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByEmail
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *email,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    return 0;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *email,
-  NSSCertificate *rvOpt[],
-  PRUint32 maximumOpt, /* 0 for no max */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash
-(
-  NSSTrustDomain *td,
-  NSSItem *hash
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate
-(
-  NSSTrustDomain *td,
-  NSSTime *timeOpt,
-  NSSUsage *usage,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificates
-(
-  NSSTrustDomain *td,
-  NSSTime *timeOpt,
-  NSSUsage *usageOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth
-(
-  NSSTrustDomain *td,
-  NSSUTF8 *sslHostOpt,
-  NSSDER *rootCAsOpt[], /* null pointer for none */
-  PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *signerOpt,
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning
-(
-  NSSTrustDomain *td,
-  NSSASCII7 *signerOpt,
-  NSSASCII7 *recipientOpt,
-  /* anything more here? */
-  NSSAlgorithmAndParameters *apOpt,
-  NSSPolicies *policiesOpt,
-  NSSCertificate **rvOpt,
-  PRUint32 rvLimit, /* zero for no limit */
-  NSSArena *arenaOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-static PRStatus
-collector(nssCryptokiObject *instance, void *arg)
-{
-    nssPKIObjectCollection *collection = (nssPKIObjectCollection *)arg;
-    return nssPKIObjectCollection_AddInstanceAsObject(collection, instance);
-}
-
-NSS_IMPLEMENT PRStatus *
-NSSTrustDomain_TraverseCertificates
-(
-  NSSTrustDomain *td,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-)
-{
-    PRStatus status;
-    NSSToken *token = NULL;
-    NSSSlot **slots = NULL;
-    NSSSlot **slotp;
-    nssPKIObjectCollection *collection = NULL;
-    nssPKIObjectCallback pkiCallback;
-    nssUpdateLevel updateLevel;
-    NSSCertificate **cached = NULL;
-    nssList *certList;
-
-    certList = nssList_Create(NULL, PR_FALSE);
-    if (!certList) return NULL;
-    (void *)nssTrustDomain_GetCertsFromCache(td, certList);
-    cached = get_certs_from_list(certList);
-    collection = nssCertificateCollection_Create(td, cached);
-    nssCertificateArray_Destroy(cached);
-    nssList_Destroy(certList);
-    if (!collection) {
-	return (PRStatus *)NULL;
-    }
-    /* obtain the current set of active slots in the trust domain */
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	goto loser;
-    }
-    /* iterate over the slots */
-    for (slotp = slots; *slotp; slotp++) {
-	/* get the token for the slot, if present */
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    nssSession *session;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    /* get a session for the token */
-	    session = nssTrustDomain_GetSessionForToken(td, token);
-	    if (!session) {
-		nssToken_Destroy(token);
-		goto loser;
-	    }
-	    /* perform the traversal */
-	    status = nssToken_TraverseCertificates(token,
-	                                           session,
-	                                           tokenOnly,
-	                                           collector,
-	                                           collection);
-	    nssToken_Destroy(token);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	}
-    }
-
-    /* Traverse the collection */
-    pkiCallback.func.cert = callback;
-    pkiCallback.arg = arg;
-    status = nssPKIObjectCollection_Traverse(collection, &pkiCallback);
-    /* clean up */
-    nssPKIObjectCollection_Destroy(collection);
-    nssSlotArray_Destroy(slots);
-    return NULL;
-loser:
-    if (slots) {
-	nssSlotArray_Destroy(slots);
-    }
-    if (collection) {
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    return NULL;
-}
-
-#ifdef notdef
-/*
- * search for Public and Private keys first
- */
-NSS_IMPLEMENT PRStatus *
-NSSTrustDomain_TraverseUserCertificates
-(
-  NSSTrustDomain *td,
-  PRStatus (*callback)(NSSCertificate *c, void *arg),
-  void *arg
-)
-{
-    PRStatus status;
-    NSSToken *token = NULL;
-    NSSSlot **slots = NULL;
-    NSSSlot **slotp;
-    nssPKIObjectCollection *collection = NULL;
-    nssPKIObjectCallback pkiCallback;
-    nssUpdateLevel updateLevel;
-    NSSCertificate **cached = NULL;
-    nssList *certList;
-    certList = nssList_Create(NULL, PR_FALSE);
-    if (!certList) return NULL;
-    (void *)nssTrustDomain_GetCertsFromCache(td, certList);
-    cached = get_certs_from_list(certList);
-    collection = nssCertificateCollection_Create(td, cached);
-    nssCertificateArray_Destroy(cached);
-    nssList_Destroy(certList);
-    if (!collection) {
-	return (PRStatus *)NULL;
-    }
-    /* obtain the current set of active slots in the trust domain */
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	goto loser;
-    }
-    /* iterate over the slots */
-    for (slotp = slots; *slotp; slotp++) {
-	/* get the token for the slot, if present */
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    nssSession *session;
-	    nssCryptokiObject **instances;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    /* get a session for the token */
-	    session = nssTrustDomain_GetSessionForToken(td, token);
-	    if (!session) {
-		nssToken_Destroy(token);
-		goto loser;
-	    }
-	    /* perform the traversal */
-	    if (!isLoggedIn(tok)) {
-	    	instances = nssToken_FindPublicKeys(token,
-	                                          session,
-	                                          tokenOnly,
-	                                          0, &status);
-	    } else {
-	    	instances = nssToken_FindPrivateKeys(token,
-	                                          session,
-	                                          tokenOnly,
-	                                          0, &status);
-	    }
-	    nssToken_Destroy(token);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	    /* add the found certificates to the collection */
-	    status = nssPKIObjectCollection_AddInstances(collection, 
-	                                                 instances, 0);
-	    nss_ZFreeIf(instances);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	}
-    }
-    status = nssPKIObjectCollection_MatchCerts(collection);
-    if (status != PR_SUCCESS) {
-	goto loser;
-    }
-    /* Traverse the collection */
-    pkiCallback.func.cert = callback;
-    pkiCallback.arg = arg;
-    status = nssPKIObjectCollection_Traverse(collection, &pkiCallback);
-    /* clean up */
-    nssPKIObjectCollection_Destroy(collection);
-    nssSlotArray_Destroy(slots);
-    return NULL;
-loser:
-    if (slots) {
-	nssSlotArray_Destroy(slots);
-    }
-    if (collection) {
-	nssPKIObjectCollection_Destroy(collection);
-    }
-    return NULL;
-}
-#endif
-
-NSS_IMPLEMENT NSSTrust *
-nssTrustDomain_FindTrustForCertificate
-(
-  NSSTrustDomain *td,
-  NSSCertificate *c
-)
-{
-    PRStatus status;
-    NSSSlot **slots;
-    NSSSlot **slotp;
-    NSSToken *token;
-    nssCryptokiObject *to = NULL;
-    nssPKIObject *pkio = NULL;
-    NSSTrust *rvt = NULL;
-    nssUpdateLevel updateLevel;
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	return (NSSTrust *)NULL;
-    }
-    for (slotp = slots; *slotp; slotp++) {
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    to = nssToken_FindTrustForCertificate(token, NULL, 
-	                                          &c->encoding,
-	                                          &c->issuer,
-	                                          &c->serial,
-	                                      nssTokenSearchType_TokenOnly);
-	    if (to) {
-		if (!pkio) {
-		    pkio = nssPKIObject_Create(NULL, to, td, NULL);
-		    if (!pkio) {
-			goto loser;
-		    }
-		} else {
-		    status = nssPKIObject_AddInstance(pkio, to);
-		    if (status != PR_SUCCESS) {
-			goto loser;
-		    }
-		}
-	    }
-	    nssToken_Destroy(token);
-	}
-    }
-    if (pkio) {
-	rvt = nssTrust_Create(pkio);
-	if (!rvt) {
-	    goto loser;
-	}
-    }
-    nssSlotArray_Destroy(slots);
-    return rvt;
-loser:
-    nssSlotArray_Destroy(slots);
-    if (to) {
-	nssCryptokiObject_Destroy(to);
-    }
-    if (pkio) {
-	nssPKIObject_Destroy(pkio);
-    }
-    return (NSSTrust *)NULL;
-}
-
-NSS_IMPLEMENT NSSCRL **
-nssTrustDomain_FindCRLsBySubject
-(
-  NSSTrustDomain *td,
-  NSSDER *subject
-)
-{
-    PRStatus status;
-    NSSSlot **slots;
-    NSSSlot **slotp;
-    NSSToken *token;
-    nssUpdateLevel updateLevel;
-    nssPKIObjectCollection *collection;
-    NSSCRL **rvCRLs = NULL;
-    collection = nssCRLCollection_Create(td, NULL);
-    if (!collection) {
-	return (NSSCRL **)NULL;
-    }
-    slots = nssTrustDomain_GetActiveSlots(td, &updateLevel);
-    if (!slots) {
-	goto loser;
-    }
-    for (slotp = slots; *slotp; slotp++) {
-	token = nssSlot_GetToken(*slotp);
-	if (token) {
-	    nssSession *session;
-	    nssCryptokiObject **instances;
-	    nssTokenSearchType tokenOnly = nssTokenSearchType_TokenOnly;
-	    /* get a session for the token */
-	    session = nssTrustDomain_GetSessionForToken(td, token);
-	    if (!session) {
-		nssToken_Destroy(token);
-		goto loser;
-	    }
-	    /* perform the traversal */
-	    instances = nssToken_FindCRLsBySubject(token, session, subject,
-	                                           tokenOnly, 0, &status);
-	    nssToken_Destroy(token);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	    /* add the found CRL's to the collection */
-	    status = nssPKIObjectCollection_AddInstances(collection, 
-	                                                 instances, 0);
-	    nss_ZFreeIf(instances);
-	    if (status != PR_SUCCESS) {
-		goto loser;
-	    }
-	}
-    }
-    rvCRLs = nssPKIObjectCollection_GetCRLs(collection, NULL, 0, NULL);
-    nssPKIObjectCollection_Destroy(collection);
-    nssSlotArray_Destroy(slots);
-    return rvCRLs;
-loser:
-    nssPKIObjectCollection_Destroy(collection);
-    nssSlotArray_Destroy(slots);
-    return (NSSCRL **)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_GenerateKeyPair
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap,
-  NSSPrivateKey **pvkOpt,
-  NSSPublicKey **pbkOpt,
-  PRBool privateKeyIsSensitive,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap,
-  PRUint32 keysize,
-  NSSToken *destination,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap,
-  NSSUTF8 *passwordOpt, /* if null, prompt */
-  NSSToken *destinationOpt,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithm,
-  NSSItem *keyID,
-  NSSCallback *uhhOpt
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-nssTrustDomain_CreateCryptoContext
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-)
-{
-    return nssCryptoContext_Create(td, uhhOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContext
-(
-  NSSTrustDomain *td,
-  NSSCallback *uhhOpt
-)
-{
-    return nssTrustDomain_CreateCryptoContext(td, uhhOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithm
-(
-  NSSTrustDomain *td,
-  NSSOID *algorithm
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
-(
-  NSSTrustDomain *td,
-  NSSAlgorithmAndParameters *ap
-)
-{
-    nss_SetError(NSS_ERROR_NOT_FOUND);
-    return NULL;
-}
-
diff --git a/security/nss/lib/pki1/.cvsignore b/security/nss/lib/pki1/.cvsignore
deleted file mode 100644
index 12bfbfc7c..000000000
--- a/security/nss/lib/pki1/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-oiddata.c
-oiddata.h
-
diff --git a/security/nss/lib/pki1/Makefile b/security/nss/lib/pki1/Makefile
deleted file mode 100644
index 9dad761c1..000000000
--- a/security/nss/lib/pki1/Makefile
+++ /dev/null
@@ -1,46 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# Generate oiddata.h and oiddata.c.
-oidgen: oidgen.perl oids.txt
-	rm -f oiddata.c oiddata.h
-	perl oidgen.perl oiddata.c oiddata.h oids.txt
-
-export::  private_export 
-
diff --git a/security/nss/lib/pki1/atav.c b/security/nss/lib/pki1/atav.c
deleted file mode 100644
index cdf311a37..000000000
--- a/security/nss/lib/pki1/atav.c
+++ /dev/null
@@ -1,1821 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * atav.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * AttributeTypeAndValue.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * AttributeTypeAndValue
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- *  AttributeTypeAndValue           ::=     SEQUENCE {
- *          type            ATTRIBUTE.&id ({SupportedAttributes}),
- *          value   ATTRIBUTE.&Type ({SupportedAttributes}{@type})}
- *  
- *  -- ATTRIBUTE information object class specification
- *  --  Note: This has been greatly simplified for PKIX !!
- *  
- *  ATTRIBUTE               ::=     CLASS {
- *          &Type,
- *          &id                     OBJECT IDENTIFIER UNIQUE }
- *  WITH SYNTAX {
- *          WITH SYNTAX &Type ID &id }
- *  
- * What this means is that the "type" of the value is determined by
- * the value of the oid.  If we hide the structure, our accessors
- * can (at least in debug builds) assert value semantics beyond what
- * the compiler can provide.  Since these things are only used in
- * RelativeDistinguishedNames, and since RDNs always contain a SET
- * of these things, we don't lose anything by hiding the structure
- * (and its size).
- */
-
-struct NSSATAVStr {
-  NSSBER ber;
-  const NSSOID *oid;
-  NSSUTF8 *value;
-  nssStringType stringForm;
-};
-
-/*
- * NSSATAV
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSATAV_CreateFromBER   -- constructor
- *  NSSATAV_CreateFromUTF8  -- constructor
- *  NSSATAV_Create          -- constructor
- *
- *  NSSATAV_Destroy
- *  NSSATAV_GetDEREncoding
- *  NSSATAV_GetUTF8Encoding
- *  NSSATAV_GetType
- *  NSSATAV_GetValue
- *  NSSATAV_Compare
- *  NSSATAV_Duplicate
- *
- * The non-public "methods" regarding this "object" are:
- *
- *  nssATAV_CreateFromBER   -- constructor
- *  nssATAV_CreateFromUTF8  -- constructor
- *  nssATAV_Create          -- constructor
- *
- *  nssATAV_Destroy
- *  nssATAV_GetDEREncoding
- *  nssATAV_GetUTF8Encoding
- *  nssATAV_GetType
- *  nssATAV_GetValue
- *  nssATAV_Compare
- *  nssATAV_Duplicate
- *
- * In debug builds, the following non-public call is also available:
- *
- *  nssATAV_verifyPointer
- */
-
-/*
- * NSSATAV_CreateFromBER
- * 
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV.  If the optional arena argument is non-null, the memory used 
- * will be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error, 
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berATAV
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-
-  /* 
-   * NSSBERs can be created by the user, 
-   * so no pointer-tracking can be checked.
-   */
-
-  if( (NSSBER *)NULL == berATAV ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSATAV *)NULL;
-  }
-
-  if( (void *)NULL == berATAV->data ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSATAV *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssATAV_CreateFromBER(arenaOpt, berATAV);
-}
-
-/*
- * NSSATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US."  If the optional arena argument is 
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringATAV
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-
-  /*
-   * NSSUTF8s can be created by the user,
-   * so no pointer-tracking can be checked.
-   */
-
-  if( (NSSUTF8 *)NULL == stringATAV ) {
-    nss_SetError(NSS_ERROR_INVALID_UTF8);
-    return (NSSATAV *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssATAV_CreateFromUTF8(arenaOpt, stringATAV);
-}
-
-/*
- * NSSATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero, 
- * the data is assumed to be terminated by first zero byte; this allows 
- * UTF8 strings to be easily specified.  This routine may return NULL 
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_Create
-(
-  NSSArena *arenaOpt,
-  const NSSOID *oid,
-  const void *data,
-  PRUint32 length
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSATAV *)NULL;
-  }
-
-  if( (const void *)NULL == data ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSATAV *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssATAV_Create(arenaOpt, oid, data, length);
-}
-
-/*
- * NSSATAV_Destroy
- *
- * This routine will destroy an ATAV object.  It should eventually be
- * called on all ATAVs created without an arena.  While it is not 
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-NSSATAV_Destroy
-(
-  NSSATAV *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssATAV_Destroy(atav);
-}
-
-/*
- * NSSATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSATAV
- */
-
-NSS_IMPLEMENT NSSDER *
-NSSATAV_GetDEREncoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSDER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssATAV_GetDEREncoding(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").  
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return null upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the "equals" encoding of the 
- *      ATAV
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSATAV_GetUTF8Encoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssATAV_GetUTF8Encoding(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV.  This routine may return NSS_OID_UNKNOWN 
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An element of enum NSSOIDenum upon success
- */
-
-NSS_IMPLEMENT const NSSOID *
-NSSATAV_GetType
-(
-  NSSATAV *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSOID *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssATAV_GetType(atav);
-}
-
-/*
- * NSSATAV_GetValue
- *
- * This routine returns a string containing the attribute value
- * in the specified ATAV.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSATAV_GetValue
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssATAV_GetValue(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_Compare
- *
- * This routine compares two ATAVs for equality.  For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute 
- * values must have equal length and contents.  The result of the 
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool.  This routine may 
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_IMPLEMENT PRStatus
-NSSATAV_Compare
-(
-  NSSATAV *atav1,
-  NSSATAV *atav2,
-  PRBool *equalp
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav1) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav2) ) {
-    return PR_FAILURE;
-  }
-
-  if( (PRBool *)NULL == equalp ) {
-    nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssATAV_Compare(atav1, atav2, equalp);
-}
-
-/*
- * NSSATAV_Duplicate
- *
- * This routine duplicates the specified ATAV.  If the optional arena 
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL on error
- *  A pointer to a new ATAV
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_Duplicate
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSATAV *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssATAV_Duplicate(atav, arenaOpt);
-}
-
-/*
- * The pointer-tracking code
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker atav_pointer_tracker;
-
-static PRStatus
-atav_add_pointer
-(
-  const NSSATAV *atav
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&atav_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&atav_pointer_tracker, atav);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-static PRStatus
-atav_remove_pointer
-(
-  const NSSATAV *atav
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&atav_pointer_tracker, atav);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-
-/*
- * nssATAV_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSATAV object,
- * this routine will return PR_SUCCESS.  Otherwise, it will put an
- * error on the error stack and return PR_FAILRUE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_verifyPointer
-(
-  NSSATAV *atav
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&atav_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&atav_pointer_tracker, atav);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_ATAV);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-typedef struct {
-  NSSBER oid;
-  NSSBER value;
-} atav_holder;
-
-static const nssASN1Template nss_atav_template[] = {
-  { nssASN1_SEQUENCE, 0, NULL, sizeof(atav_holder) },
-  { nssASN1_OBJECT_ID, nsslibc_offsetof(atav_holder, oid), NULL, 0 },
-  { nssASN1_ANY, nsslibc_offsetof(atav_holder, value), NULL, 0 },
-  { 0, 0, NULL, 0 }
-};
-
-/*
- * There are several common attributes, with well-known type aliases
- * and value semantics.  This table lists the ones we recognize.
- */
-
-struct nss_attribute_data_str {
-  const NSSOID **oid;
-  nssStringType stringType;
-  PRUint32 minStringLength;
-  PRUint32 maxStringLength; /* zero for no limit */
-};
-
-static const struct nss_attribute_data_str nss_attribute_data[] = {
-  { &NSS_OID_X520_NAME,                     
-    nssStringType_DirectoryString, 1, 32768 },
-  { &NSS_OID_X520_COMMON_NAME,              
-    nssStringType_DirectoryString, 1,    64 },
-  { &NSS_OID_X520_SURNAME,                  
-    nssStringType_DirectoryString, 1,    40 },
-  { &NSS_OID_X520_GIVEN_NAME,               
-    nssStringType_DirectoryString, 1,    16 },
-  { &NSS_OID_X520_INITIALS,                 
-    nssStringType_DirectoryString, 1,     5 },
-  { &NSS_OID_X520_GENERATION_QUALIFIER,     
-    nssStringType_DirectoryString, 1,     3 },
-  { &NSS_OID_X520_DN_QUALIFIER,             
-    nssStringType_PrintableString, 1,     0 },
-  { &NSS_OID_X520_COUNTRY_NAME,             
-    nssStringType_PrintableString, 2,     2 },
-  { &NSS_OID_X520_LOCALITY_NAME,            
-    nssStringType_DirectoryString, 1,   128 },
-  { &NSS_OID_X520_STATE_OR_PROVINCE_NAME,   
-    nssStringType_DirectoryString, 1,   128 },
-  { &NSS_OID_X520_ORGANIZATION_NAME,        
-    nssStringType_DirectoryString, 1,    64 },
-  { &NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME, 
-    nssStringType_DirectoryString, 1,
-    /*
-     * Note, draft #11 defines both "32" and "64" for this maximum,
-     * in two separate places.  Until it's settled, "conservative
-     * in what you send."  We're always liberal in what we accept.
-     */
-                                         32 },
-  { &NSS_OID_X520_TITLE,                    
-    nssStringType_DirectoryString, 1,    64 },
-  { &NSS_OID_RFC1274_EMAIL,                 
-    nssStringType_PHGString,       1,   128 }
-};
-
-PRUint32 nss_attribute_data_quantity = 
-  (sizeof(nss_attribute_data)/sizeof(nss_attribute_data[0]));
-
-static nssStringType
-nss_attr_underlying_string_form
-(
-  nssStringType type,
-  void *data
-)
-{
-  if( nssStringType_DirectoryString == type ) {
-    PRUint8 tag = *(PRUint8 *)data;
-    switch( tag & nssASN1_TAGNUM_MASK ) {
-    case 20:
-      /*
-       * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
-       * below) but is T61 a suitable value for "Latin-1"?
-       */
-      return nssStringType_TeletexString;
-    case 19:
-      return nssStringType_PrintableString;
-    case 28:
-      return nssStringType_UniversalString;
-    case 30:
-      return nssStringType_BMPString;
-    case 12:
-      return nssStringType_UTF8String;
-    default:
-      return nssStringType_Unknown;
-    }
-  }
-
-  return type;
-}
-    
-
-/*
- * This routine decodes the attribute value, in a type-specific way.
- *
- */
-
-static NSSUTF8 *
-nss_attr_to_utf8
-(
-  NSSArena *arenaOpt,
-  const NSSOID *oid,
-  NSSItem *item,
-  nssStringType *stringForm
-)
-{
-  NSSUTF8 *rv = (NSSUTF8 *)NULL;
-  PRUint32 i;
-  const struct nss_attribute_data_str *which = 
-    (struct nss_attribute_data_str *)NULL;
-  PRUint32 len = 0;
-
-  for( i = 0; i < nss_attribute_data_quantity; i++ ) {
-    if( *(nss_attribute_data[ i ].oid) == oid ) {
-      which = &nss_attribute_data[i];
-      break;
-    }
-  }
-
-  if( (struct nss_attribute_data_str *)NULL == which ) {
-    /* Unknown OID.  Encode it as hex. */
-    PRUint8 *c;
-    PRUint8 *d = (PRUint8 *)item->data;
-    PRUint32 amt = item->size;
-
-    if( item->size >= 0x7FFFFFFF ) {
-      nss_SetError(NSS_ERROR_INVALID_STRING);
-      return (NSSUTF8 *)NULL;
-    }
-
-    len = 1 + (item->size * 2) + 1; /* '#' + hex + '\0' */
-    rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len);
-    if( (NSSUTF8 *)NULL == rv ) {
-      return (NSSUTF8 *)NULL;
-    }
-
-    c = (PRUint8 *)rv;
-    *c++ = '#'; /* XXX fgmr check this */
-    while( amt > 0 ) {
-      static char hex[16] = "0123456789ABCDEF";
-      *c++ = hex[ ((*d) & 0xf0) >> 4 ];
-      *c++ = hex[ ((*d) & 0x0f)      ];
-    }
-
-    /* *c = '\0'; nss_ZAlloc, remember */
-
-    *stringForm = nssStringType_Unknown; /* force exact comparison */
-  } else {
-    PRStatus status;
-    rv = nssUTF8_CreateFromBER(arenaOpt, which->stringType, 
-                               (NSSBER *)item);
-
-    if( (NSSUTF8 *)NULL == rv ) {
-      return (NSSUTF8 *)NULL;
-    }
-
-    len = nssUTF8_Length(rv, &status);
-    if( PR_SUCCESS != status || len == 0 ) {
-      nss_ZFreeIf(rv);
-      return (NSSUTF8 *)NULL;
-    }
-
-    *stringForm = nss_attr_underlying_string_form(which->stringType,
-                                                  item->data);
-  }
-
-  return rv;
-}
-
-/*
- * nssATAV_CreateFromBER
- * 
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV.  If the optional arena argument is non-null, the memory used 
- * will be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error, 
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  const NSSBER *berATAV
-)
-{
-  atav_holder holder;
-  PRStatus status;
-  NSSATAV *rv;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-
-  /* 
-   * NSSBERs can be created by the user, 
-   * so no pointer-tracking can be checked.
-   */
-
-  if( (NSSBER *)NULL == berATAV ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSATAV *)NULL;
-  }
-
-  if( (void *)NULL == berATAV->data ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSATAV *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  status = nssASN1_DecodeBER(arenaOpt, &holder, 
-                             nss_atav_template, berATAV);
-  if( PR_SUCCESS != status ) {
-    return (NSSATAV *)NULL;
-  }
-
-  rv = nss_ZNEW(arenaOpt, NSSATAV);
-  if( (NSSATAV *)NULL == rv ) {
-    nss_ZFreeIf(holder.oid.data);
-    nss_ZFreeIf(holder.value.data);
-    return (NSSATAV *)NULL;
-  }
-
-  rv->oid = nssOID_CreateFromBER(&holder.oid);
-  if( (NSSOID *)NULL == rv->oid ) {
-    nss_ZFreeIf(rv);
-    nss_ZFreeIf(holder.oid.data);
-    nss_ZFreeIf(holder.value.data);
-    return (NSSATAV *)NULL;
-  }
-
-  nss_ZFreeIf(holder.oid.data);
-
-  rv->ber.data = nss_ZAlloc(arenaOpt, berATAV->size);
-  if( (void *)NULL == rv->ber.data ) {
-    nss_ZFreeIf(rv);
-    nss_ZFreeIf(holder.value.data);
-    return (NSSATAV *)NULL;
-  }
-
-  rv->ber.size = berATAV->size;
-  (void)nsslibc_memcpy(rv->ber.data, berATAV->data, berATAV->size);
-
-  rv->value = nss_attr_to_utf8(arenaOpt, rv->oid, &holder.value,
-                               &rv->stringForm);
-  if( (NSSUTF8 *)NULL == rv->value ) {
-    nss_ZFreeIf(rv->ber.data);
-    nss_ZFreeIf(rv);
-    nss_ZFreeIf(holder.value.data);
-    return (NSSATAV *)NULL;
-  }
-
-  nss_ZFreeIf(holder.value.data);
-
-#ifdef DEBUG
-  if( PR_SUCCESS != atav_add_pointer(rv) ) {
-    nss_ZFreeIf(rv->ber.data);
-    nss_ZFreeIf(rv->value);
-    nss_ZFreeIf(rv);
-    return (NSSATAV *)NULL;
-  }
-#endif /* DEBUG */
-
-  return rv;
-}
-
-static PRBool
-nss_atav_utf8_string_is_hex
-(
-  const NSSUTF8 *s
-)
-{
-  /* All hex digits are ASCII, so this works */
-  PRUint8 *p = (PRUint8 *)s;
-
-  for( ; (PRUint8)0 != *p; p++ ) {
-    if( (('0' <= *p) && (*p <= '9')) ||
-        (('A' <= *p) && (*p <= 'F')) ||
-        (('a' <= *p) && (*p <= 'f')) ) {
-      continue;
-    } else {
-      return PR_FALSE;
-    }
-  }
-
-  return PR_TRUE;
-}
-
-static NSSUTF8
-nss_atav_fromhex
-(
-  NSSUTF8 *d
-)
-{
-  NSSUTF8 rv;
-
-  if( d[0] <= '9' ) {
-    rv = (d[0] - '0') * 16;
-  } else if( d[0] >= 'a' ) {
-    rv = (d[0] - 'a' + 10) * 16;
-  } else {
-    rv = (d[0] - 'A' + 10);
-  }
-
-  if( d[1] <= '9' ) {
-    rv += (d[1] - '0');
-  } else if( d[1] >= 'a' ) {
-    rv += (d[1] - 'a' + 10);
-  } else {
-    rv += (d[1] - 'A' + 10);
-  }
-
-  return rv;
-}
-
-/*
- * nssATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US."  If the optional arena argument is 
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have set an error 
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  const NSSUTF8 *stringATAV
-)
-{
-  char *c;
-  NSSUTF8 *type;
-  NSSUTF8 *value;
-  PRUint32 i;
-  const NSSOID *oid = (NSSOID *)NULL;
-  NSSATAV *rv;
-  NSSItem xitem;
-
-  xitem.data = (void *)NULL;
-
-  for( c = (char *)stringATAV; '\0' != *c; c++ ) {
-    if( '=' == *c ) {
-#ifdef PEDANTIC
-      /*
-       * Theoretically, one could have an '=' in an 
-       * attribute string alias.  We don't, yet, though.
-       */
-      if( (char *)stringATAV == c ) {
-        nss_SetError(NSS_ERROR_INVALID_STRING);
-        return (NSSATAV *)NULL;
-      } else {
-        if( '\\' == c[-1] ) {
-          continue;
-        }
-      }
-#endif /* PEDANTIC */
-      break;
-    }
-  }
-
-  if( '\0' == *c ) {
-    nss_SetError(NSS_ERROR_INVALID_UTF8);
-    return (NSSATAV *)NULL;
-  } else {
-    c++;
-    value = (NSSUTF8 *)c;
-  }
-
-  i = ((NSSUTF8 *)c - stringATAV);
-  type = (NSSUTF8 *)nss_ZAlloc((NSSArena *)NULL, i);
-  if( (NSSUTF8 *)NULL == type ) {
-    return (NSSATAV *)NULL;
-  }
-
-  (void)nsslibc_memcpy(type, stringATAV, i-1);
-
-  c = (char *)stringATAV;
-  if( (('0' <= *c) && (*c <= '9')) || ('#' == *c) ) {
-    oid = nssOID_CreateFromUTF8(type);
-    if( (NSSOID *)NULL == oid ) {
-      nss_ZFreeIf(type);
-      return (NSSATAV *)NULL;
-    }
-  } else {
-    for( i = 0; i < nss_attribute_type_alias_count; i++ ) {
-      PRStatus status;
-      const nssAttributeTypeAliasTable *e = &nss_attribute_type_aliases[i];
-      PRBool match = nssUTF8_CaseIgnoreMatch(type, e->alias, &status);
-      if( PR_SUCCESS != status ) {
-        nss_ZFreeIf(type);
-        return (NSSATAV *)NULL;
-      }
-      if( PR_TRUE == match ) {
-        oid = *(e->oid);
-        break;
-      }
-    }
-
-    if( (NSSOID *)NULL == oid ) {
-      nss_ZFreeIf(type);
-      nss_SetError(NSS_ERROR_UNKNOWN_ATTRIBUTE);
-      return (NSSATAV *)NULL;
-    }
-  }
-
-  nss_ZFreeIf(type);
-  type = (NSSUTF8 *)NULL;
-
-  rv = nss_ZNEW(arenaOpt, NSSATAV);
-  if( (NSSATAV *)NULL == rv ) {
-    return (NSSATAV *)NULL;
-  }
-
-  rv->oid = oid;
-
-  if( '#' == *value ) { /* XXX fgmr.. was it '#'?  or backslash? */
-    PRUint32 size;
-    PRUint32 len;
-    NSSUTF8 *c;
-    NSSUTF8 *d;
-    PRStatus status;
-    /* It's in hex */
-
-    value++;
-    if( PR_TRUE != nss_atav_utf8_string_is_hex(value) ) {
-      (void)nss_ZFreeIf(rv);
-      nss_SetError(NSS_ERROR_INVALID_STRING);
-      return (NSSATAV *)NULL;
-    }
-
-    size = nssUTF8_Size(value, &status);
-    if( PR_SUCCESS != status ) {
-      /* 
-       * Only returns an error on bad pointer (nope) or string
-       * too long.  The defined limits for known attributes are
-       * small enough to fit in PRUint32, and when undefined we
-       * get to apply our own practical limits.  Ergo, I say the 
-       * string is invalid.
-       */
-      (void)nss_ZFreeIf(rv);
-      nss_SetError(NSS_ERROR_INVALID_STRING);
-      return (NSSATAV *)NULL;
-    }
-
-    if( ((size-1) & 1) ) {
-      /* odd length */
-      (void)nss_ZFreeIf(rv);
-      nss_SetError(NSS_ERROR_INVALID_STRING);
-      return (NSSATAV *)NULL;
-    }
-
-    len = (size-1)/2;
-
-    rv->value = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len+1);
-    if( (NSSUTF8 *)NULL == rv->value ) {
-      (void)nss_ZFreeIf(rv);
-      return (NSSATAV *)NULL;
-    }
-
-    xitem.size = len;
-    xitem.data = (void *)rv->value;
-
-    for( c = rv->value, d = value; len--; c++, d += 2 ) {
-      *c = nss_atav_fromhex(d);
-    }
-
-    *c = 0;
-  } else {
-    PRStatus status;
-    PRUint32 i, len;
-    PRUint8 *s;
-
-    /*
-     * XXX fgmr-- okay, this is a little wasteful, and should
-     * probably be abstracted out a bit.  Later.
-     */
-
-    rv->value = nssUTF8_Duplicate(value, arenaOpt);
-    if( (NSSUTF8 *)NULL == rv->value ) {
-      (void)nss_ZFreeIf(rv);
-      return (NSSATAV *)NULL;
-    }
-
-    len = nssUTF8_Size(rv->value, &status);
-    if( PR_SUCCESS != status ) {
-      (void)nss_ZFreeIf(rv->value);
-      (void)nss_ZFreeIf(rv);
-      return (NSSATAV *)NULL;
-    }
-
-    s = (PRUint8 *)rv->value;
-    for( i = 0; i < len; i++ ) {
-      if( '\\' == s[i] ) {
-        (void)nsslibc_memcpy(&s[i], &s[i+1], len-i-1);
-      }
-    }
-  }
-
-  /* Now just BER-encode the baby and we're through.. */
-  {
-    const struct nss_attribute_data_str *which = 
-      (struct nss_attribute_data_str *)NULL;
-    PRUint32 i;
-    NSSArena *a;
-    NSSDER *oidder;
-    NSSItem *vitem;
-    atav_holder ah;
-    NSSDER *status;
-
-    for( i = 0; i < nss_attribute_data_quantity; i++ ) {
-      if( *(nss_attribute_data[ i ].oid) == rv->oid ) {
-        which = &nss_attribute_data[i];
-        break;
-      }
-    }
-
-    a = NSSArena_Create();
-    if( (NSSArena *)NULL == a ) {
-      (void)nss_ZFreeIf(rv->value);
-      (void)nss_ZFreeIf(rv);
-      return (NSSATAV *)NULL;
-    }
-
-    oidder = nssOID_GetDEREncoding(rv->oid, (NSSDER *)NULL, a);
-    if( (NSSDER *)NULL == oidder ) {
-      (void)NSSArena_Destroy(a);
-      (void)nss_ZFreeIf(rv->value);
-      (void)nss_ZFreeIf(rv);
-      return (NSSATAV *)NULL;
-    }
-
-    if( (struct nss_attribute_data_str *)NULL == which ) {
-      /*
-       * We'll just have to take the user data as an octet stream.
-       */
-      if( (void *)NULL == xitem.data ) {
-        /*
-         * This means that an ATTR entry has been added to oids.txt,
-         * but no corresponding entry has been added to the array
-         * ns_attribute_data[] above.
-         */
-        nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-        (void)NSSArena_Destroy(a);
-        (void)nss_ZFreeIf(rv->value);
-        (void)nss_ZFreeIf(rv);
-        return (NSSATAV *)NULL;
-      }
-
-      vitem = nssASN1_EncodeItem(a, (NSSDER *)NULL, &xitem, 
-                                 nssASN1Template_OctetString, NSSASN1DER);
-      if( (NSSItem *)NULL == vitem ) {
-        (void)NSSArena_Destroy(a);
-        (void)nss_ZFreeIf(rv->value);
-        (void)nss_ZFreeIf(rv);
-        return (NSSATAV *)NULL;
-      }
-
-      rv->stringForm = nssStringType_Unknown;
-    } else {
-      PRUint32 length = 0;
-      PRStatus stat;
-      
-      length = nssUTF8_Length(rv->value, &stat);
-      if( PR_SUCCESS != stat ) {
-        (void)NSSArena_Destroy(a);
-        (void)nss_ZFreeIf(rv->value);
-        (void)nss_ZFreeIf(rv);
-        return (NSSATAV *)NULL;
-      }
-
-      if( ((0 != which->minStringLength) && 
-           (length < which->minStringLength)) ||
-          ((0 != which->maxStringLength) &&
-           (length > which->maxStringLength)) ) {
-        nss_SetError(NSS_ERROR_INVALID_STRING);
-        (void)NSSArena_Destroy(a);
-        (void)nss_ZFreeIf(rv->value);
-        (void)nss_ZFreeIf(rv);
-        return (NSSATAV *)NULL;
-      }
-
-      vitem = nssUTF8_GetDEREncoding(a, which->stringType, rv->value);
-      if( (NSSItem *)NULL == vitem ) {
-        (void)NSSArena_Destroy(a);
-        (void)nss_ZFreeIf(rv->value);
-        (void)nss_ZFreeIf(rv);
-        return (NSSATAV *)NULL;
-      }
-
-      if( nssStringType_DirectoryString == which->stringType ) {
-        rv->stringForm = nssStringType_UTF8String;
-      } else {
-        rv->stringForm = which->stringType;
-      }
-    }
-
-    ah.oid = *oidder;
-    ah.value = *vitem;
-
-    status = nssASN1_EncodeItem(arenaOpt, &rv->ber, &ah, 
-                                nss_atav_template, NSSASN1DER);
-
-    if( (NSSDER *)NULL == status ) {
-      (void)NSSArena_Destroy(a);
-      (void)nss_ZFreeIf(rv->value);
-      (void)nss_ZFreeIf(rv);
-      return (NSSATAV *)NULL;
-    }
-
-    (void)NSSArena_Destroy(a);
-  }
-
-  return rv;
-}
-
-/*
- * nssATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero, 
- * the data is assumed to be terminated by first zero byte; this allows 
- * UTF8 strings to be easily specified.  This routine may return NULL 
- * upon error, in which case it will have set an error on the error 
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_Create
-(
-  NSSArena *arenaOpt,
-  const NSSOID *oid,
-  const void *data,
-  PRUint32 length
-)
-{
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSATAV *)NULL;
-  }
-
-  if( (const void *)NULL == data ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return (NSSATAV *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  /* XXX fgmr-- oops, forgot this one */
-  return (NSSATAV *)NULL;
-}
-
-/*
- * nssATAV_Destroy
- *
- * This routine will destroy an ATAV object.  It should eventually be
- * called on all ATAVs created without an arena.  While it is not 
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_Destroy
-(
-  NSSATAV *atav
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  (void)nss_ZFreeIf(atav->ber.data);
-  (void)nss_ZFreeIf(atav->value);
-
-#ifdef DEBUG
-  if( PR_SUCCESS != atav_remove_pointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nssATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSATAV
- */
-
-NSS_IMPLEMENT NSSDER *
-nssATAV_GetDEREncoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  NSSDER *rv;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSDER *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  rv = nss_ZNEW(arenaOpt, NSSDER);
-  if( (NSSDER *)NULL == rv ) {
-    return (NSSDER *)NULL;
-  }
-
-  rv->data = nss_ZAlloc(arenaOpt, atav->ber.size);
-  if( (void *)NULL == rv->data ) {
-    (void)nss_ZFreeIf(rv);
-    return (NSSDER *)NULL;
-  }
-
-  rv->size = atav->ber.size;
-  if( NULL == nsslibc_memcpy(rv->data, atav->ber.data, rv->size) ) {
-    (void)nss_ZFreeIf(rv->data);
-    (void)nss_ZFreeIf(rv);
-    return (NSSDER *)NULL;
-  }
-
-  return rv;
-}
-
-/*
- * nssATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").  
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return null upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the "equals" encoding of the 
- *      ATAV
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssATAV_GetUTF8Encoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  NSSUTF8 *rv;
-  PRUint32 i;
-  const NSSUTF8 *alias = (NSSUTF8 *)NULL;
-  NSSUTF8 *oid;
-  NSSUTF8 *value;
-  PRUint32 oidlen;
-  PRUint32 valuelen;
-  PRUint32 totallen;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  for( i = 0; i < nss_attribute_type_alias_count; i++ ) {
-    if( *(nss_attribute_type_aliases[i].oid) == atav->oid ) {
-      alias = nss_attribute_type_aliases[i].alias;
-      break;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == alias ) {
-    oid = nssOID_GetUTF8Encoding(atav->oid, (NSSArena *)NULL);
-    if( (NSSUTF8 *)NULL == oid ) {
-      return (NSSUTF8 *)NULL;
-    }
-
-    oidlen = nssUTF8_Size(oid, &status);
-    if( PR_SUCCESS != status ) {
-      (void)nss_ZFreeIf(oid);
-      return (NSSUTF8 *)NULL;
-    }
-  } else {
-    oidlen = nssUTF8_Size(alias, &status);
-    if( PR_SUCCESS != status ) {
-      return (NSSUTF8 *)NULL;
-    }
-    oid = (NSSUTF8 *)NULL;
-  }
-
-  value = nssATAV_GetValue(atav, (NSSArena *)NULL);
-  if( (NSSUTF8 *)NULL == value ) {
-    (void)nss_ZFreeIf(oid);
-    return (NSSUTF8 *)NULL;
-  }
-
-  valuelen = nssUTF8_Size(value, &status);
-  if( PR_SUCCESS != status ) {
-    (void)nss_ZFreeIf(value);
-    (void)nss_ZFreeIf(oid);
-    return (NSSUTF8 *)NULL;
-  }
-
-  totallen = oidlen + valuelen - 1 + 1;
-  rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, totallen);
-  if( (NSSUTF8 *)NULL == rv ) {
-    (void)nss_ZFreeIf(value);
-    (void)nss_ZFreeIf(oid);
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSUTF8 *)NULL == alias ) {
-    if( (void *)NULL == nsslibc_memcpy(rv, oid, oidlen-1) ) {
-      (void)nss_ZFreeIf(rv);
-      (void)nss_ZFreeIf(value);
-      (void)nss_ZFreeIf(oid);
-      return (NSSUTF8 *)NULL;
-    }
-  } else {
-    if( (void *)NULL == nsslibc_memcpy(rv, alias, oidlen-1) ) {
-      (void)nss_ZFreeIf(rv);
-      (void)nss_ZFreeIf(value);
-      return (NSSUTF8 *)NULL;
-    }
-  }
-
-  rv[ oidlen-1 ] = '=';
-
-  if( (void *)NULL == nsslibc_memcpy(&rv[oidlen], value, valuelen) ) {
-    (void)nss_ZFreeIf(rv);
-    (void)nss_ZFreeIf(value);
-    (void)nss_ZFreeIf(oid);
-    return (NSSUTF8 *)NULL;
-  }
-
-  return rv;
-}
-
-/*
- * nssATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV.  This routine may return NSS_OID_UNKNOWN 
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  A valid NSSOID pointer upon success
- */
-
-NSS_IMPLEMENT const NSSOID *
-nssATAV_GetType
-(
-  NSSATAV *atav
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSOID *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return atav->oid;
-}
-
-/*
- * nssATAV_GetValue
- *
- * This routine returns a NSSUTF8 string containing the attribute value
- * in the specified ATAV.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have set an error upon the
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssATAV_GetValue
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return nssUTF8_Duplicate(atav->value, arenaOpt);
-}
-
-/*
- * nssATAV_Compare
- *
- * This routine compares two ATAVs for equality.  For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute 
- * values must have equal length and contents.  The result of the 
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool.  This routine may 
- * return PR_FAILURE upon error, in which case it will have set an 
- * error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_Compare
-(
-  NSSATAV *atav1,
-  NSSATAV *atav2,
-  PRBool *equalp
-)
-{
-  nssStringType comparison;
-  PRUint32 len1;
-  PRUint32 len2;
-  PRStatus status;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav1) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav2) ) {
-    return PR_FAILURE;
-  }
-
-  if( (PRBool *)NULL == equalp ) {
-    nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  if( atav1->oid != atav2->oid ) {
-    *equalp = PR_FALSE;
-    return PR_SUCCESS;
-  }
-
-  if( atav1->stringForm != atav2->stringForm ) {
-    if( (nssStringType_PrintableString == atav1->stringForm) ||
-        (nssStringType_PrintableString == atav2->stringForm) ) {
-      comparison = nssStringType_PrintableString;
-    } else if( (nssStringType_PHGString == atav1->stringForm) ||
-               (nssStringType_PHGString == atav2->stringForm) ) {
-      comparison = nssStringType_PHGString;
-    } else {
-      comparison = atav1->stringForm;
-    }
-  } else {
-    comparison = atav1->stringForm;
-  }
-
-  switch( comparison ) {
-  case nssStringType_DirectoryString:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  case nssStringType_TeletexString:
-    break;
-  case nssStringType_PrintableString:
-    *equalp = nssUTF8_PrintableMatch(atav1->value, atav2->value, &status);
-    return status;
-    /* Case-insensitive, with whitespace reduction */
-    break;
-  case nssStringType_UniversalString:
-    break;
-  case nssStringType_BMPString:
-    break;
-  case nssStringType_GeneralString:
-    /* what to do here? */
-    break;
-  case nssStringType_UTF8String:
-    break;
-  case nssStringType_PHGString:
-    /* Case-insensitive (XXX fgmr, actually see draft-11 pg. 21) */
-    *equalp = nssUTF8_CaseIgnoreMatch(atav1->value, atav2->value, &status);
-    return status;
-  case nssStringType_Unknown:
-    break;
-  }
-  
-  len1 = nssUTF8_Size(atav1->value, &status);
-  if( PR_SUCCESS != status ) {
-    return PR_FAILURE;
-  }
-
-  len2 = nssUTF8_Size(atav2->value, &status);
-  if( PR_SUCCESS != status ) {
-    return PR_FAILURE;
-  }
-
-  if( len1 != len2 ) {
-    *equalp = PR_FALSE;
-    return PR_SUCCESS;
-  }
-
-  *equalp = nsslibc_memequal(atav1->value, atav2->value, len1, &status);
-  return status;
-}
-
-
-/*
- * nssATAV_Duplicate
- *
- * This routine duplicates the specified ATAV.  If the optional arena 
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL on error
- *  A pointer to a new ATAV
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_Duplicate
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-)
-{
-  NSSATAV *rv;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
-    return (NSSATAV *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSATAV *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  rv = nss_ZNEW(arenaOpt, NSSATAV);
-  if( (NSSATAV *)NULL == rv ) {
-    return (NSSATAV *)NULL;
-  }
-
-  rv->oid = atav->oid;
-  rv->stringForm = atav->stringForm;
-  rv->value = nssUTF8_Duplicate(atav->value, arenaOpt);
-  if( (NSSUTF8 *)NULL == rv->value ) {
-    (void)nss_ZFreeIf(rv);
-    return (NSSATAV *)NULL;
-  }
-
-  rv->ber.data = nss_ZAlloc(arenaOpt, atav->ber.size);
-  if( (void *)NULL == rv->ber.data ) {
-    (void)nss_ZFreeIf(rv->value);
-    (void)nss_ZFreeIf(rv);
-    return (NSSATAV *)NULL;
-  }
-
-  rv->ber.size = atav->ber.size;
-  if( NULL == nsslibc_memcpy(rv->ber.data, atav->ber.data, 
-                                   atav->ber.size) ) {
-    (void)nss_ZFreeIf(rv->ber.data);
-    (void)nss_ZFreeIf(rv->value);
-    (void)nss_ZFreeIf(rv);
-    return (NSSATAV *)NULL;
-  }
-
-  return rv;
-}
diff --git a/security/nss/lib/pki1/config.mk b/security/nss/lib/pki1/config.mk
deleted file mode 100644
index 4d255c57b..000000000
--- a/security/nss/lib/pki1/config.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
diff --git a/security/nss/lib/pki1/genname.c b/security/nss/lib/pki1/genname.c
deleted file mode 100644
index e7b12806a..000000000
--- a/security/nss/lib/pki1/genname.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * genname.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * GeneralName.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * GeneralName
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- *  GeneralName ::= CHOICE {
- *          otherName                   [0] INSTANCE OF OTHER-NAME,
- *          rfc822Name                  [1] IA5String,
- *          dNSName                     [2] IA5String,
- *          x400Address                 [3] ORAddress,
- *          directoryName               [4] Name,
- *          ediPartyName                [5] EDIPartyName,
- *          uniformResourceIdentifier   [6] IA5String,
- *          iPAddress                   [7] OCTET STRING,
- *          registeredID                [8] OBJECT IDENTIFIER }
- *  
- *  OTHER-NAME ::= TYPE-IDENTIFIER
- *  
- *  EDIPartyName ::= SEQUENCE {
- *          nameAssigner        [0] DirectoryString {ub-name} OPTIONAL,
- *          partyName           [1] DirectoryString {ub-name} }
- *
- */
-
-struct nssGeneralNameStr {
-  NSSGeneralNameChoice choice;
-  union {
-    /* OTHER-NAME otherName */
-    NSSUTF8 *rfc822Name;
-    NSSUTF8 *dNSName;
-    /* ORAddress x400Address */
-    NSSName *directoryName;
-    /* EDIPartyName ediPartyName */
-    NSSUTF8 *uniformResourceIdentifier;
-    NSSItem *iPAddress;
-    NSSOID *registeredID;
-  } u;
-};
diff --git a/security/nss/lib/pki1/gnseq.c b/security/nss/lib/pki1/gnseq.c
deleted file mode 100644
index e56ec93b9..000000000
--- a/security/nss/lib/pki1/gnseq.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * gnseq.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * GeneralNames (note the ending 's').
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * GeneralNames (or, as we call it, GeneralNameSeq)
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- *  GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * A GeneralNames is simply an (ordered) sequence of General Names.
- * The seqSize variable is  "helper" kept for simplicity.
- */
-
-struct nssGeneralNameSeqStr {
-  PRUint32 seqSize;
-  NSSGeneralName **generalNames;
-};
diff --git a/security/nss/lib/pki1/manifest.mn b/security/nss/lib/pki1/manifest.mn
deleted file mode 100644
index b4d8c476a..000000000
--- a/security/nss/lib/pki1/manifest.mn
+++ /dev/null
@@ -1,64 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-# In 4.0, move nss*.h back to EXPORTS
-PRIVATE_EXPORTS = \
-	oiddata.h \
-	pki1.h	  \
-	pki1t.h	  \
-	nsspki1.h  \
-	nsspki1t.h \
-	$(NULL)
-
-EXPORTS =	   \
-	$(NULL)
-
-MODULE = security
-
-CSRCS =		  \
-	atav.c	  \
-	genname.c \
-	gnseq.c	  \
-	name.c	  \
-	oid.c	  \
-	oiddata.c \
-	rdn.c	  \
-	rdnseq.c  \
-	$(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = pki1
diff --git a/security/nss/lib/pki1/name.c b/security/nss/lib/pki1/name.c
deleted file mode 100644
index 558e1142f..000000000
--- a/security/nss/lib/pki1/name.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * name.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * Name.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * Name
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- *  -- naming data types --
- *  
- *  Name            ::=     CHOICE { -- only one possibility for now --
- *                                          rdnSequence  RDNSequence }
- *
- * A name is basically a union of the possible names.  At the moment,
- * there is only one type of name: an RDNSequence.
- */
-
-struct nssNameStr {
-  PRUint32 tagPlaceHolder;
-  union {
-    NSSRDNSeq *rdnSequence;
-  } n;
-};
-
diff --git a/security/nss/lib/pki1/nsspki1.h b/security/nss/lib/pki1/nsspki1.h
deleted file mode 100644
index 3498ab520..000000000
--- a/security/nss/lib/pki1/nsspki1.h
+++ /dev/null
@@ -1,2869 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI1_H
-#define NSSPKI1_H
-
-#ifdef DEBUG
-static const char NSSPKI1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki1.h
- *
- * This file contains the prototypes of the public NSS routines 
- * dealing with the PKIX part-1 definitions.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-#ifndef OIDDATA_H
-#include "oiddata.h"
-#endif /* OIDDATA_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSOID
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSOID_CreateFromBER   -- constructor
- *  NSSOID_CreateFromUTF8  -- constructor
- *  (there is no explicit destructor)
- * 
- *  NSSOID_GetDEREncoding
- *  NSSOID_GetUTF8Encoding
- */
-
-extern const NSSOID *NSS_OID_UNKNOWN;
-
-/*
- * NSSOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID.  It may return NSS_OID_UNKNOWN upon error, in which case it 
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromBER
-(
-  NSSBER *berOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string 
- * representation of an OID in dotted-number format.  The string may 
- * optionally begin with an octothorpe.  It may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromUTF8
-(
-  NSSUTF8 *stringOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_STRING;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return return null upon error, in 
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-NSSOID_GetDEREncoding
-(
-  const NSSOID *oid,
-  NSSDER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number 
- * encoding of the specified NSSOID.  If the optional arena argument 
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return null upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the dotted-digit encoding of 
- *      this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSOID_GetUTF8Encoding
-(
-  const NSSOID *oid,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSATAV_CreateFromBER   -- constructor
- *  NSSATAV_CreateFromUTF8  -- constructor
- *  NSSATAV_Create          -- constructor
- *
- *  NSSATAV_Destroy
- *  NSSATAV_GetDEREncoding
- *  NSSATAV_GetUTF8Encoding
- *  NSSATAV_GetType
- *  NSSATAV_GetValue
- *  NSSATAV_Compare
- *  NSSATAV_Duplicate
- */
-
-/*
- * NSSATAV_CreateFromBER
- * 
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV.  If the optional arena argument is non-null, the memory used 
- * will be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error, 
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *derATAV
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US."  If the optional arena argument is 
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringATAV
-);
-
-extern const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE;
-extern const NSSError NSS_ERROR_INVALID_STRING;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero, 
- * the data is assumed to be terminated by first zero byte; this allows 
- * UTF8 strings to be easily specified.  This routine may return NULL 
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_Create
-(
-  NSSArena *arenaOpt,
-  const NSSOID *oid,
-  const void *data,
-  PRUint32 length
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Destroy
- *
- * This routine will destroy an ATAV object.  It should eventually be
- * called on all ATAVs created without an arena.  While it is not 
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSATAV_Destroy
-(
-  NSSATAV *atav
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-
-/*
- * NSSATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSATAV
- */
-
-NSS_EXTERN NSSDER *
-NSSATAV_GetDEREncoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").  
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return null upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the "equals" encoding of the 
- *      ATAV
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSATAV_GetUTF8Encoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV.  This routine may return NSS_OID_UNKNOWN 
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An element of enum NSSOIDenum upon success
- */
-
-NSS_EXTERN const NSSOID *
-NSSATAV_GetType
-(
-  NSSATAV *atav
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-
-/*
- * NSSATAV_GetValue
- *
- * This routine returns an NSSItem containing the attribute value
- * in the specified ATAV.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSATAV_GetValue
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Compare
- *
- * This routine compares two ATAVs for equality.  For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute 
- * values must have equal length and contents.  The result of the 
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool.  This routine may 
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSATAV_Compare
-(
-  NSSATAV *atav1,
-  NSSATAV *atav2,
-  PRBool *equalp
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
-
-/*
- * NSSATAV_Duplicate
- *
- * This routine duplicates the specified ATAV.  If the optional arena 
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL on error
- *  A pointer to a new ATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_Duplicate
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSRDN
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSRDN_CreateFromBER   -- constructor
- *  NSSRDN_CreateFromUTF8  -- constructor
- *  NSSRDN_Create          -- constructor
- *  NSSRDN_CreateSimple    -- constructor
- *
- *  NSSRDN_Destroy
- *  NSSRDN_GetDEREncoding
- *  NSSRDN_GetUTF8Encoding
- *  NSSRDN_AddATAV
- *  NSSRDN_GetATAVCount
- *  NSSRDN_GetATAV
- *  NSSRDN_GetSimpleATAV
- *  NSSRDN_Compare
- *  NSSRDN_Duplicate
- */
-
-/*
- * NSSRDN_CreateFromBER
- *
- * This routine creates an NSSRDN by decoding a BER- or DER-encoded 
- * RDN.  If the optional arena argument is non-null, the memory used 
- * will be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error, 
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berRDN
-);
-
-/*
- * NSSRDN_CreateFromUTF8
- *
- * This routine creates an NSSRDN by decoding an UTF8 string 
- * consisting of either a single ATAV in the "equals" format, e.g., 
- * "uid=smith," or one or more such ATAVs in parentheses, e.g., 
- * "(sn=Smith,ou=Sales)."  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringRDN
-);
-
-/*
- * NSSRDN_Create
- *
- * This routine creates an NSSRDN from one or more NSSATAVs.  The
- * final argument to this routine must be NULL.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_Create
-(
-  NSSArena *arenaOpt,
-  NSSATAV *atav1,
-  ...
-);
-
-/*
- * NSSRDN_CreateSimple
- *
- * This routine creates a simple NSSRDN from a single NSSATAV.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateSimple
-(
-  NSSArena *arenaOpt,
-  NSSATAV *atav
-);
-
-/*
- * NSSRDN_Destroy
- *
- * This routine will destroy an RDN object.  It should eventually be
- * called on all RDNs created without an arena.  While it is not 
- * necessary to call it on RDNs created within an arena, it is not an
- * error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will 
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *
- * Return value:
- *  PR_FAILURE upon failure
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_Destroy
-(
-  NSSRDN *rdn
-);
-
-/*
- * NSSRDN_GetDEREncoding
- *
- * This routine will DER-encode an RDN object.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSRDN
- */
-
-NSS_EXTERN NSSDER *
-NSSRDN_GetDEREncoding
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the RDN.  A simple (one-ATAV) RDN will be simply
- * the string representation of that ATAV; a non-simple RDN will be in
- * parenthesised form.  If the optional arena argument is non-null, 
- * the memory used will be obtained from that arena; otherwise, the 
- * memory will be obtained from the heap.  This routine may return 
- * null upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSRDN_GetUTF8Encoding
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_AddATAV
- *
- * This routine adds an ATAV to the set of ATAVs in the specified RDN.
- * Remember that RDNs consist of an unordered set of ATAVs.  If the
- * RDN was created with a non-null arena argument, that same arena
- * will be used for any additional required memory.  If the RDN was 
- * created with a NULL arena argument, any additional memory will
- * be obtained from the heap.  This routine returns a PRStatus value;
- * it will return PR_SUCCESS upon success, and upon failure it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_AddATAV
-(
-  NSSRDN *rdn,
-  NSSATAV *atav
-);
-
-/*
- * NSSRDN_GetATAVCount
- *
- * This routine returns the cardinality of the set of ATAVs within
- * the specified RDN.  This routine may return 0 upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *
- * Return value:
- *  0 upon error
- *  A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSRDN_GetATAVCount
-(
-  NSSRDN *rdn
-);
-
-/*
- * NSSRDN_GetATAV
- *
- * This routine returns a pointer to an ATAV that is a member of
- * the set of ATAVs within the specified RDN.  While the set of
- * ATAVs within an RDN is unordered, this routine will return
- * distinct values for distinct values of 'i' as long as the RDN
- * is not changed in any way.  The RDN may be changed by calling
- * NSSRDN_AddATAV.  The value of the variable 'i' is on the range
- * [0,c) where c is the cardinality returned from NSSRDN_GetATAVCount.
- * The caller owns the ATAV the pointer to which is returned.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSRDN_GetATAV
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt,
-  PRUint32 i
-);
-
-/*
- * NSSRDN_GetSimpleATAV
- *
- * Most RDNs are actually very simple, with a single ATAV.  This 
- * routine will return the single ATAV from such an RDN.  The caller
- * owns the ATAV the pointer to which is returned.  If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, including the case where
- * the set of ATAVs in the RDN is nonsingular.  Upon error, this
- * routine will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_RDN_NOT_SIMPLE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSRDN_GetSimpleATAV
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_Compare
- *
- * This routine compares two RDNs for equality.  For two RDNs to be
- * equal, they must have the same number of ATAVs, and every ATAV in
- * one must be equal to an ATAV in the other.  (Note that the sets
- * of ATAVs are unordered.)  The result of the comparison will be
- * stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool.  This routine may return PR_FAILURE
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_Compare
-(
-  NSSRDN *rdn1,
-  NSSRDN *rdn2,
-  PRBool *equalp
-);
-
-/*
- * NSSRDN_Duplicate
- *
- * This routine duplicates the specified RDN.  If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL on error
- *  A pointer to a new RDN
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_Duplicate
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSRDNSeq_CreateFromBER   -- constructor
- *  NSSRDNSeq_CreateFromUTF8  -- constructor
- *  NSSRDNSeq_Create          -- constructor
- *
- *  NSSRDNSeq_Destroy
- *  NSSRDNSeq_GetDEREncoding
- *  NSSRDNSeq_GetUTF8Encoding
- *  NSSRDNSeq_AppendRDN
- *  NSSRDNSeq_GetRDNCount
- *  NSSRDNSeq_GetRDN
- *  NSSRDNSeq_Compare
- *  NSSRDNSeq_Duplicate
- */
-
-/*
- * NSSRDNSeq_CreateFromBER
- *
- * This routine creates an NSSRDNSeq by decoding a BER- or DER-encoded 
- * sequence of RDNs.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return 
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berRDNSeq
-);
-
-/*
- * NSSRDNSeq_CreateFromUTF8
- *
- * This routine creates an NSSRDNSeq by decoding a UTF8 string
- * consisting of a comma-separated sequence of RDNs, such as
- * "(sn=Smith,ou=Sales),o=Acme,c=US."  If the optional arena argument
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringRDNSeq
-);
-
-/*
- * NSSRDNSeq_Create
- *
- * This routine creates an NSSRDNSeq from one or more NSSRDNs.  The
- * final argument to this routine must be NULL.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_RDN
- *
- * Return value:
- *  NULL upon error
- *  A pointero to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_Create
-(
-  NSSArena *arenaOpt,
-  NSSRDN *rdn1,
-  ...
-);
-
-/*
- * NSSRDNSeq_Destroy
- *
- * This routine will destroy an RDNSeq object.  It should eventually 
- * be called on all RDNSeqs created without an arena.  While it is not
- * necessary to call it on RDNSeqs created within an arena, it is not
- * an error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_Destroy
-(
-  NSSRDNSeq *rdnseq
-);
-
-/*
- * NSSRDNSeq_GetDEREncoding
- *
- * This routine will DER-encode an RDNSeq object.  If the optional 
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSRDNSeq
- */
-
-NSS_EXTERN NSSDER *
-NSSRDNSeq_GetDEREncoding
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the RDNSeq as a comma-separated sequence of RDNs.  
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return null upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSRDNSeq_GetUTF8Encoding
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq_AppendRDN
- *
- * This routine appends an RDN to the end of the existing RDN 
- * sequence.  If the RDNSeq was created with a non-null arena 
- * argument, that same arena will be used for any additional required
- * memory.  If the RDNSeq was created with a NULL arena argument, any
- * additional memory will be obtained from the heap.  This routine
- * returns a PRStatus value; it will return PR_SUCCESS upon success,
- * and upon failure it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_AppendRDN
-(
-  NSSRDNSeq *rdnseq,
-  NSSRDN *rdn
-);
-
-/*
- * NSSRDNSeq_GetRDNCount
- *
- * This routine returns the cardinality of the sequence of RDNs within
- * the specified RDNSeq.  This routine may return 0 upon error, in 
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- *  0 upon error
- *  A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSRDNSeq_GetRDNCount
-(
-  NSSRDNSeq *rdnseq
-);
-
-/*
- * NSSRDNSeq_GetRDN
- *
- * This routine returns a pointer to the i'th RDN in the sequence of
- * RDNs that make up the specified RDNSeq.  The sequence begins with
- * the top-level (e.g., "c=US") RDN.  The value of the variable 'i'
- * is on the range [0,c) where c is the cardinality returned from
- * NSSRDNSeq_GetRDNCount.  The caller owns the RDN the pointer to which
- * is returned.  If the optional arena argument is non-null, the memory
- * used will be obtained from that areana; otherwise, the memory will 
- * be obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have created an error stack.  Note that the 
- * usual string representation of RDN Sequences is from last to first.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRDN
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDNSeq_GetRDN
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt,
-  PRUint32 i
-);
-
-/*
- * NSSRDNSeq_Compare
- *
- * This routine compares two RDNSeqs for equality.  For two RDNSeqs to 
- * be equal, they must have the same number of RDNs, and each RDN in
- * one sequence must be equal to the corresponding RDN in the other
- * sequence.  The result of the comparison will be stored at the
- * location pointed to by the "equalp" variable, which must point to a
- * valid PRBool.  This routine may return PR_FAILURE upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_Compare
-(
-  NSSRDNSeq *rdnseq1,
-  NSSRDNSeq *rdnseq2,
-  PRBool *equalp
-);
-
-/*
- * NSSRDNSeq_Duplicate
- *
- * This routine duplicates the specified RDNSeq.  If the optional arena
- * argument is non-null, the memory required will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This 
- * routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new RDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_Duplicate
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSName_CreateFromBER   -- constructor
- * NSSName_CreateFromUTF8  -- constructor
- * NSSName_Create          -- constructor
- *
- * NSSName_Destroy
- * NSSName_GetDEREncoding
- * NSSName_GetUTF8Encoding
- * NSSName_GetChoice
- * NSSName_GetRDNSequence
- * NSSName_GetSpecifiedChoice
- * NSSName_Compare
- * NSSName_Duplicate
- *
- * NSSName_GetUID
- * NSSName_GetEmail
- * NSSName_GetCommonName
- * NSSName_GetOrganization
- * NSSName_GetOrganizationalUnits
- * NSSName_GetStateOrProvince
- * NSSName_GetLocality
- * NSSName_GetCountry
- * NSSName_GetAttribute
- */
-
-/*
- * NSSName_CreateFromBER
- *
- * This routine creates an NSSName by decoding a BER- or DER-encoded 
- * (directory) Name.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may
- * return NULL upon error, in which case it will have created an error
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berName
-);
-
-/*
- * NSSName_CreateFromUTF8
- *
- * This routine creates an NSSName by decoding a UTF8 string 
- * consisting of the string representation of one of the choices of 
- * (directory) names.  Currently the only choice is an RDNSeq.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  The routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringName
-);
-
-/*
- * NSSName_Create
- *
- * This routine creates an NSSName with the specified choice of
- * underlying name types.  The value of the choice variable must be
- * one of the values of the NSSNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- *   Choice                     Type
- *   ========================   ===========
- *   NSSNameChoiceRdnSequence   NSSRDNSeq *
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_Create
-(
-  NSSArena *arenaOpt,
-  NSSNameChoice choice,
-  void *arg
-);
-
-/*
- * NSSName_Destroy
- *
- * This routine will destroy a Name object.  It should eventually be
- * called on all Names created without an arena.  While it is not
- * necessary to call it on Names created within an arena, it is not
- * an error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSName_Destroy
-(
-  NSSName *name
-);
-
-/*
- * NSSName_GetDEREncoding
- *
- * This routine will DER-encode a name object.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSName
- */
-
-NSS_EXTERN NSSDER *
-NSSName_GetDEREncoding
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the Name in the format specified by the 
- * underlying name choice.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the 
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSName_GetUTF8Encoding
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetChoice
- *
- * This routine returns the type of the choice underlying the specified
- * name.  The return value will be a member of the NSSNameChoice 
- * enumeration.  This routine may return NSSNameChoiceInvalid upon 
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *
- * Return value:
- *  NSSNameChoiceInvalid upon error
- *  An other member of the NSSNameChoice enumeration upon success
- */
-
-NSS_EXTERN NSSNameChoice
-NSSName_GetChoice
-(
-  NSSName *name
-);
-
-/*
- * NSSName_GetRDNSequence
- *
- * If the choice underlying the specified NSSName is that of an 
- * RDNSequence, this routine will return a pointer to that RDN
- * sequence.  Otherwise, this routine will place an error on the
- * error stack, and return NULL.  If the optional arena argument is
- * non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap.  The
- * caller owns the returned pointer.  This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSName_GetRDNSequence
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSName matches the specified
- * choice, a caller-owned pointer to that underlying object will be
- * returned.  Otherwise, an error will be placed on the error stack and
- * NULL will be returned.  If the optional arena argument is non-null, 
- * the memory required will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  The caller owns the returned
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-NSSName_GetSpecifiedChoice
-(
-  NSSName *name,
-  NSSNameChoice choice,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_Compare
- *
- * This routine compares two Names for equality.  For two Names to be
- * equal, they must have the same choice of underlying types, and the
- * underlying values must be equal.  The result of the comparison will
- * be stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSName_Compare
-(
-  NSSName *name1,
-  NSSName *name2,
-  PRBool *equalp
-);
-
-/*
- * NSSName_Duplicate
- *
- * This routine duplicates the specified nssname.  If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new NSSName
- */
-
-NSS_EXTERN NSSName *
-NSSName_Duplicate
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished 
- * Names containing a UID attribute, the UID will be the value of 
- * that attribute.  Note that no UID attribute is defined in either 
- * PKIX or PKCS#9; rather, this seems to derive from RFC 1274, which 
- * defines the type as a caseIgnoreString.  We'll return a Directory 
- * String.  If the optional arena argument is non-null, the memory 
- * used will be obtained from that arena; otherwise, the memory will 
- * be obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_UID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetUID
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified name, if the choices and content of the name permit.  
- * If the Name consists of a Sequence of Relative Distinguished 
- * Names containing either a PKIX email address or a PKCS#9 email
- * address, the result will be the value of that attribute.  If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_EMAIL
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5 String */
-NSSName_GetEmail
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified name, if the choices and content of the name permit.  
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a PKIX Common Name, the result will be that name.  If 
- * the optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetCommonName
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified name, if the choices and content of the name permit.  
- * If Name consists of a Sequence of Relative Distinguished names 
- * containing a PKIX Organization, the result will be the value of 
- * that attribute.  If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  This routine may return NULL upon 
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_ORGANIZATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetOrganization
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational 
- * unit names from the specified name, if the choices and content of 
- * the name permit.  If the Name consists of a Sequence of Relative 
- * Distinguished Names containing one or more organisational units,
- * the result will be the values of those attributes.  If the optional 
- * arena argument is non-null, the memory used will be obtained from 
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-NSSName_GetOrganizationalUnits
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from 
- * the specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a state or province, the result will be the value of 
- * that attribute.  If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  This routine may return NULL upon 
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_STATE_OR_PROVINCE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetStateOrProvince
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetLocality
- *
- * This routine will attempt to derive a locality name from the 
- * specified name, if the choices and content of the name permit.  If
- * the Name consists of a Sequence of Relative Distinguished names
- * containing a Locality, the result will be the value of that 
- * attribute.  If the optional arena argument is non-null, the memory 
- * used will be obtained from that arena; otherwise, the memory will 
- * be obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_LOCALITY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetLocality
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetCountry
- *
- * This routine will attempt to derive a country name from the 
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished 
- * Names containing a Country, the result will be the value of
- * that attribute..  If the optional arena argument is non-null, 
- * the memory used will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may 
- * return NULL upon error, in which case it will have created an 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_COUNTRY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-NSSName_GetCountry
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetAttribute
- *
- * If the specified name consists of a Sequence of Relative 
- * Distinguished Names containing an attribute with the specified 
- * type, and the actual value of that attribute may be expressed 
- * with a Directory String, then the value of that attribute will 
- * be returned as a Directory String.  If the optional arena argument 
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine 
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_ATTRIBUTE
- *  NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetAttribute
-(
-  NSSName *name,
-  NSSOID *attribute,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSGeneralName_CreateFromBER   -- constructor
- * NSSGeneralName_CreateFromUTF8  -- constructor
- * NSSGeneralName_Create          -- constructor
- *
- * NSSGeneralName_Destroy
- * NSSGeneralName_GetDEREncoding
- * NSSGeneralName_GetUTF8Encoding
- * NSSGeneralName_GetChoice
- * NSSGeneralName_GetOtherName
- * NSSGeneralName_GetRfc822Name
- * NSSGeneralName_GetDNSName
- * NSSGeneralName_GetX400Address
- * NSSGeneralName_GetDirectoryName
- * NSSGeneralName_GetEdiPartyName
- * NSSGeneralName_GetUniformResourceIdentifier
- * NSSGeneralName_GetIPAddress
- * NSSGeneralName_GetRegisteredID
- * NSSGeneralName_GetSpecifiedChoice
- * NSSGeneralName_Compare
- * NSSGeneralName_Duplicate
- *
- * NSSGeneralName_GetUID
- * NSSGeneralName_GetEmail
- * NSSGeneralName_GetCommonName
- * NSSGeneralName_GetOrganization
- * NSSGeneralName_GetOrganizationalUnits
- * NSSGeneralName_GetStateOrProvince
- * NSSGeneralName_GetLocality
- * NSSGeneralName_GetCountry
- * NSSGeneralName_GetAttribute
- */
-
-/*
- * NSSGeneralName_CreateFromBER
- *
- * This routine creates an NSSGeneralName by decoding a BER- or DER-
- * encoded general name.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the 
- * memory will be obtained from the heap.  This routine may return 
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berGeneralName
-);
-
-/*
- * NSSGeneralName_CreateFromUTF8
- *
- * This routine creates an NSSGeneralName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * general names.  If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.  The routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringGeneralName
-);
-
-/*
- * NSSGeneralName_Create
- *
- * This routine creates an NSSGeneralName with the specified choice of
- * underlying name types.  The value of the choice variable must be one
- * of the values of the NSSGeneralNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- *   Choice                                         Type
- *   ============================================   =========
- *   NSSGeneralNameChoiceOtherName
- *   NSSGeneralNameChoiceRfc822Name
- *   NSSGeneralNameChoiceDNSName
- *   NSSGeneralNameChoiceX400Address
- *   NSSGeneralNameChoiceDirectoryName              NSSName *
- *   NSSGeneralNameChoiceEdiPartyName
- *   NSSGeneralNameChoiceUniformResourceIdentifier
- *   NSSGeneralNameChoiceIPAddress
- *   NSSGeneralNameChoiceRegisteredID
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one fo the following values:
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_Create
-(
-  NSSGeneralNameChoice choice,
-  void *arg
-);
-
-/*
- * NSSGeneralName_Destroy
- * 
- * This routine will destroy a General Name object.  It should 
- * eventually be called on all General Names created without an arena.
- * While it is not necessary to call it on General Names created within
- * an arena, it is not an error to do so.  This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If 
- * usuccessful, it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- *  PR_FAILURE upon failure
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralName_Destroy
-(
-  NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralName_GetDEREncoding
- *
- * This routine will DER-encode a name object.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSGeneralName
- */
-
-NSS_EXTERN NSSDER *
-NSSGeneralName_GetDEREncoding
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the General Name in the format specified by the
- * underlying name choice.  If the optional arena argument is 
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSGeneralName_GetUTF8Encoding
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetChoice
- *
- * This routine returns the type of choice underlying the specified 
- * general name.  The return value will be a member of the 
- * NSSGeneralNameChoice enumeration.  This routine may return 
- * NSSGeneralNameChoiceInvalid upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- *  NSSGeneralNameChoiceInvalid upon error
- *  An other member of the NSSGeneralNameChoice enumeration 
- */
-
-NSS_EXTERN NSSGeneralNameChoice
-NSSGeneralName_GetChoice
-(
-  NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralName_GetOtherName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * Other Name, this routine will return a pointer to that Other name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSOtherName
- */
-
-NSS_EXTERN NSSOtherName *
-NSSGeneralName_GetOtherName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetRfc822Name
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * RFC 822 Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRFC822Name
- */
-
-NSS_EXTERN NSSRFC822Name *
-NSSGeneralName_GetRfc822Name
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetDNSName
- *
- * If the choice underlying the specified NSSGeneralName is that of a 
- * DNS Name, this routine will return a pointer to that DNS name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSDNSName
- */
-
-NSS_EXTERN NSSDNSName *
-NSSGeneralName_GetDNSName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetX400Address
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * X.400 Address, this routine will return a pointer to that Address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSX400Address
- */
-
-NSS_EXTERN NSSX400Address *
-NSSGeneralName_GetX400Address
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetDirectoryName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * (directory) Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSName
- */
-
-NSS_EXTERN NSSName *
-NSSGeneralName_GetName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetEdiPartyName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * EDI Party Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSEdiPartyName
- */
-
-NSS_EXTERN NSSEdiPartyName *
-NSSGeneralName_GetEdiPartyName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUniformResourceIdentifier
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * URI, this routine will return a pointer to that URI.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSURI
- */
-
-NSS_EXTERN NSSURI *
-NSSGeneralName_GetUniformResourceIdentifier
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetIPAddress
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * IP Address , this routine will return a pointer to that address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSIPAddress
- */
-
-NSS_EXTERN NSSIPAddress *
-NSSGeneralName_GetIPAddress
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetRegisteredID
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * Registered ID, this routine will return a pointer to that ID.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRegisteredID
- */
-
-NSS_EXTERN NSSRegisteredID *
-NSSGeneralName_GetRegisteredID
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSGeneralName matches the
- * specified choice, a caller-owned pointer to that underlying object
- * will be returned.  Otherwise, an error will be placed on the error
- * stack and NULL will be returned.  If the optional arena argument
- * is non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap.  The caller
- * owns the returned pointer.  This routine may return NULL upon 
- * error, in which caes it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-NSSGeneralName_GetSpecifiedChoice
-(
-  NSSGeneralName *generalName,
-  NSSGeneralNameChoice choice,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_Compare
- * 
- * This routine compares two General Names for equality.  For two 
- * General Names to be equal, they must have the same choice of
- * underlying types, and the underlying values must be equal.  The
- * result of the comparison will be stored at the location pointed
- * to by the "equalp" variable, which must point to a valid PRBool.
- * This routine may return PR_FAILURE upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following value:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralName_Compare
-(
-  NSSGeneralName *generalName1,
-  NSSGeneralName *generalName2,
-  PRBool *equalp
-);
-
-/*
- * NSSGeneralName_Duplicate
- *
- * This routine duplicates the specified General Name.  If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap.  This routine may return NULL upon error, in which case it 
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new NSSGeneralName
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_Duplicate
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished Names containing a UID
- * attribute, the UID will be the value of that attribute.  Note
- * that no UID attribute is defined in either PKIX or PKCS#9; 
- * rather, this seems to derive from RFC 1274, which defines the
- * type as a caseIgnoreString.  We'll return a Directory String.
- * If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_UID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetUID
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing either
- * a PKIX email address or a PKCS#9 email address, the result will
- * be the value of that attribute.  If the General Name is an RFC 822
- * Name, the result will be the string form of that name.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_EMAIL
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5String */
-NSSGeneralName_GetEmail
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a PKIX
- * Common Name, the result will be that name.  If the optional arena 
- * argument is non-null, the memory used will be obtained from that 
- * arena; otherwise, the memory will be obtained from the heap.  This 
- * routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetCommonName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing an
- * Organization, the result will be the value of that attribute.  
- * If the optional arena argument is non-null, the memory used will 
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_ORGANIZATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetOrganization
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational 
- * unit names from the specified general name, if the choices and 
- * content of the name permit.  If the General Name is a (directory) 
- * Name consisting of a Sequence of Relative Distinguished names 
- * containing one or more organisational units, the result will 
- * consist of those units.  If the optional arena  argument is non-
- * null, the memory used will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may return 
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-NSSGeneralName_GetOrganizationalUnits
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from 
- * the specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a state or 
- * province, the result will be the value of that attribute.  If the 
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_STATE_OR_PROVINCE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetStateOrProvince
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetLocality
- *
- * This routine will attempt to derive a locality name from 
- * the specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a Locality, 
- * the result will be the value of that attribute.  If the optional 
- * arena argument is non-null, the memory used will be obtained from 
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_LOCALITY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetLocality
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetCountry
- *
- * This routine will attempt to derive a country name from the 
- * specified general name, if the choices and content of the name 
- * permit.  If the General Name is a (directory) Name consisting of a
- * Sequence of Relative Distinguished names containing a Country, the 
- * result will be the value of that attribute.  If the optional 
- * arena argument is non-null, the memory used will be obtained from 
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_COUNTRY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-NSSGeneralName_GetCountry
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetAttribute
- *
- * If the specified general name is a (directory) name consisting
- * of a Sequence of Relative Distinguished Names containing an 
- * attribute with the specified type, and the actual value of that
- * attribute may be expressed with a Directory String, then the
- * value of that attribute will be returned as a Directory String.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_ATTRIBUTE
- *  NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetAttribute
-(
-  NSSGeneralName *generalName,
-  NSSOID *attribute,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSGeneralNameSeq_CreateFromBER   -- constructor
- *  NSSGeneralNameSeq_Create          -- constructor
- *
- *  NSSGeneralNameSeq_Destroy
- *  NSSGeneralNameSeq_GetDEREncoding
- *  NSSGeneralNameSeq_AppendGeneralName
- *  NSSGeneralNameSeq_GetGeneralNameCount
- *  NSSGeneralNameSeq_GetGeneralName
- *  NSSGeneralNameSeq_Compare
- *  NSSGeneralnameSeq_Duplicate
- */
-
-/*
- * NSSGeneralNameSeq_CreateFromBER
- *
- * This routine creates a general name sequence by decoding a BER-
- * or DER-encoded GeneralNames.  If the optional arena argument is
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berGeneralNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_Create
- *
- * This routine creates an NSSGeneralNameSeq from one or more General
- * Names.  The final argument to this routine must be NULL.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_Create
-(
-  NSSArena *arenaOpt,
-  NSSGeneralName *generalName1,
-  ...
-);
-
-/*
- * NSSGeneralNameSeq_Destroy
- *
- * This routine will destroy an NSSGeneralNameSeq object.  It should
- * eventually be called on all NSSGeneralNameSeqs created without an
- * arena.  While it is not necessary to call it on NSSGeneralNameSeq's
- * created within an arena, it is not an error to do so.  This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_Destroy
-(
-  NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_GetDEREncoding
- *
- * This routine will DER-encode an NSSGeneralNameSeq object.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSGeneralNameSeq
- */
-
-NSS_EXTERN NSSDER *
-NSSGeneralNameSeq_GetDEREncoding
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq_AppendGeneralName
- *
- * This routine appends a General Name to the end of the existing
- * General Name Sequence.  If the sequence was created with a non-null
- * arena argument, that same arena will be used for any additional
- * required memory.  If the sequence was created with a NULL arena
- * argument, any additional memory will be obtained from the heap.
- * This routine returns a PRStatus value; it will return PR_SUCCESS
- * upon success, and upon failure it will create an error stack and 
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure.
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_AppendGeneralName
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralNameSeq_GetGeneralNameCount
- *
- * This routine returns the cardinality of the specified General name
- * Sequence.  This routine may return 0 upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value;
- *  0 upon error
- *  A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSGeneralNameSeq_GetGeneralNameCount
-(
-  NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_GetGeneralName
- *
- * This routine returns a pointer to the i'th General Name in the 
- * specified General Name Sequence.  The value of the variable 'i' is
- * on the range [0,c) where c is the cardinality returned from 
- * NSSGeneralNameSeq_GetGeneralNameCount.  The caller owns the General
- * Name the pointer to which is returned.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have 
- * created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to a General Name.
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralNameSeq_GetGeneralName
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSArena *arenaOpt,
-  PRUint32 i
-);
-
-/*
- * NSSGeneralNameSeq_Compare
- *
- * This routine compares two General Name Sequences for equality.  For
- * two General Name Sequences to be equal, they must have the same
- * cardinality, and each General Name in one sequence must be equal to
- * the corresponding General Name in the other.  The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool.  This routine may 
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_Compare
-(
-  NSSGeneralNameSeq *generalNameSeq1,
-  NSSGeneralNameSeq *generalNameSeq2,
-  PRBool *equalp
-);
-
-/*
- * NSSGeneralNameSeq_Duplicate
- *
- * This routine duplicates the specified sequence of general names.  If
- * the optional arena argument is non-null, the memory required will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new General Name Sequence.
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_Duplicate
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSPT1M_H */
diff --git a/security/nss/lib/pki1/nsspki1t.h b/security/nss/lib/pki1/nsspki1t.h
deleted file mode 100644
index 8765a3ad3..000000000
--- a/security/nss/lib/pki1/nsspki1t.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI1T_H
-#define NSSPKI1T_H
-
-#ifdef DEBUG
-static const char NSSPKI1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki1t.h
- *
- * This file contains the public type definitions for the PKIX part-1
- * objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * OBJECT IDENTIFIER
- *
- * This is the basic OID that crops up everywhere.
- */
-
-struct NSSOIDStr;
-typedef struct NSSOIDStr NSSOID;
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID), 
- * and the type-specific value.  RelativeDistinguishedNamess consist
- * of a set of these.  These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- */
-
-struct NSSATAVStr;
-typedef struct NSSATAVStr NSSATAV;
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue 
- * objects.  RDNs are used to distinguish a set of objects underneath 
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN.  However, sometimes a set of ATAVs is
- * needed.  For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- */
-
-struct NSSRDNStr;
-typedef struct NSSRDNStr NSSRDN;
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- */
-
-struct NSSRDNSeqStr;
-typedef struct NSSRDNSeqStr NSSRDNSeq;
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- */
-
-struct NSSNameStr;
-typedef struct NSSNameStr NSSName;
-
-/*
- * NameChoice
- *
- * This enumeration is used to specify choice within a name.
- */
-
-enum NSSNameChoiceEnum {
-  NSSNameChoiceInvalid = -1,
-  NSSNameChoiceRdnSequence
-};
-typedef enum NSSNameChoiceEnum NSSNameChoice;
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- */
-
-struct NSSGeneralNameStr;
-typedef struct NSSGeneralNameStr NSSGeneralName;
-
-/*
- * GeneralNameChoice
- *
- * This enumerates the possible general name types.
- */
-
-enum NSSGeneralNameChoiceEnum {
-  NSSGeneralNameChoiceInvalid = -1,
-  NSSGeneralNameChoiceOtherName = 0,
-  NSSGeneralNameChoiceRfc822Name = 1,
-  NSSGeneralNameChoiceDNSName = 2,
-  NSSGeneralNameChoiceX400Address = 3,
-  NSSGeneralNameChoiceDirectoryName = 4,
-  NSSGeneralNameChoiceEdiPartyName = 5,
-  NSSGeneralNameChoiceUniformResourceIdentifier = 6,
-  NSSGeneralNameChoiceIPAddress = 7,
-  NSSGeneralNameChoiceRegisteredID = 8
-};
-typedef enum NSSGeneralNameChoiceEnum NSSGeneralNameChoice;
-
-/*
- * The "other" types of general names.
- */
-
-struct NSSOtherNameStr;
-typedef struct NSSOtherNameStr NSSOtherName;
-
-struct NSSRFC822NameStr;
-typedef struct NSSRFC822NameStr NSSRFC822Name;
-
-struct NSSDNSNameStr;
-typedef struct NSSDNSNameStr NSSDNSName;
-
-struct NSSX400AddressStr;
-typedef struct NSSX400AddressStr NSSX400Address;
-
-struct NSSEdiPartyNameStr;
-typedef struct NSSEdiPartyNameStr NSSEdiPartyName;
-
-struct NSSURIStr;
-typedef struct NSSURIStr NSSURI;
-
-struct NSSIPAddressStr;
-typedef struct NSSIPAddressStr NSSIPAddress;
-
-struct NSSRegisteredIDStr;
-typedef struct NSSRegisteredIDStr NSSRegisteredID;
-
-/*
- * GeneralNameSeq
- *
- * This structure contains a sequence of GeneralName objects.
- * Note that the PKIX documents refer to this as "GeneralNames,"
- * which differs from "GeneralName" by only one letter.  To
- * try to reduce confusion, we expand the name slightly to
- * "GeneralNameSeq."
- */
-
-struct NSSGeneralNameSeqStr;
-typedef struct NSSGeneralNameSeqStr NSSGeneralNameSeq;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKI1T_H */
diff --git a/security/nss/lib/pki1/oid.c b/security/nss/lib/pki1/oid.c
deleted file mode 100644
index 9bddf33ee..000000000
--- a/security/nss/lib/pki1/oid.c
+++ /dev/null
@@ -1,1615 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * oid.c
- *
- * This file contains the implementation of the basic OID routines.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-#include "plhash.h"
-#include "plstr.h"
-
-/*
- * NSSOID
- *
- * The public "methods" regarding this "object" are:
- *
- *  NSSOID_CreateFromBER   -- constructor
- *  NSSOID_CreateFromUTF8  -- constructor
- *  (there is no explicit destructor)
- * 
- *  NSSOID_GetDEREncoding
- *  NSSOID_GetUTF8Encoding
-
- * The non-public "methods" regarding this "object" are:
- *
- *  nssOID_CreateFromBER   -- constructor
- *  nssOID_CreateFromUTF8  -- constructor
- *  (there is no explicit destructor)
- * 
- *  nssOID_GetDEREncoding
- *  nssOID_GetUTF8Encoding
- *
- * In debug builds, the following non-public calls are also available:
- *
- *  nssOID_verifyPointer
- *  nssOID_getExplanation
- *  nssOID_getTaggedUTF8
- */
-
-const NSSOID *NSS_OID_UNKNOWN = (NSSOID *)NULL;
-
-/*
- * First, the public "wrappers"
- */
-
-/*
- * NSSOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID.  It may return NULL upon error, in which case it 
- * will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromBER
-(
-  NSSBER *berOid
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  /* 
-   * NSSBERs can be created by the user, 
-   * so no pointer-tracking can be checked.
-   */
-
-  if( (NSSBER *)NULL == berOid ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSOID *)NULL;
-  }
-
-  if( (void *)NULL == berOid->data ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSOID *)NULL;
-  }
-#endif /* DEBUG */
-  
-  return nssOID_CreateFromBER(berOid);
-}
-
-/*
- * NSSOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string 
- * representation of an OID in dotted-number format.  The string may 
- * optionally begin with an octothorpe.  It may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromUTF8
-(
-  NSSUTF8 *stringOid
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  /*
-   * NSSUTF8s can be created by the user,
-   * so no pointer-tracking can be checked.
-   */
-
-  if( (NSSUTF8 *)NULL == stringOid ) {
-    nss_SetError(NSS_ERROR_INVALID_UTF8);
-    return (NSSOID *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssOID_CreateFromUTF8(stringOid);
-}
-
-/*
- * NSSOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return return null upon error, in 
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-NSSOID_GetDEREncoding
-(
-  const NSSOID *oid,
-  NSSDER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSDER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssOID_GetDEREncoding(oid, rvOpt, arenaOpt);
-}
-
-/*
- * NSSOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number 
- * encoding of the specified NSSOID.  If the optional arena argument 
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return null upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the dotted-digit encoding of 
- *      this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSOID_GetUTF8Encoding
-(
-  const NSSOID *oid,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssOID_GetUTF8Encoding(oid, arenaOpt);
-}
-
-/*
- * Next, some internal bookkeeping; including the OID "tag" table 
- * and the debug-version pointer tracker.
- */
-
-/*
- * For implementation reasons (so NSSOIDs can be compared with ==),
- * we hash all NSSOIDs.  This is the hash table.
- */
-
-static PLHashTable *oid_hash_table;
-
-/*
- * And this is its lock.
- */
-
-static PZLock *oid_hash_lock;
-
-/*
- * This is the hash function.  We simply XOR the encoded form with
- * itself in sizeof(PLHashNumber)-byte chunks.  Improving this
- * routine is left as an excercise for the more mathematically
- * inclined student.
- */
-
-static PLHashNumber PR_CALLBACK
-oid_hash
-(
-  const void *key
-)
-{
-  const NSSItem *item = (const NSSItem *)key;
-  PLHashNumber rv = 0;
-
-  PRUint8 *data = (PRUint8 *)item->data;
-  PRUint32 i;
-  PRUint8 *rvc = (PRUint8 *)&rv;
-
-  for( i = 0; i < item->size; i++ ) {
-    rvc[ i % sizeof(rv) ] ^= *data;
-    data++;
-  }
-
-  return rv;
-}
-
-/*
- * This is the key-compare function.  It simply does a lexical
- * comparison on the encoded OID form.  This does not result in
- * quite the same ordering as the "sequence of numbers" order,
- * but heck it's only used internally by the hash table anyway.
- */
-
-static PRIntn PR_CALLBACK
-oid_hash_compare
-(
-  const void *k1,
-  const void *k2
-)
-{
-  PRIntn rv;
-
-  const NSSItem *i1 = (const NSSItem *)k1;
-  const NSSItem *i2 = (const NSSItem *)k2;
-
-  PRUint32 size = (i1->size < i2->size) ? i1->size : i2->size;
-
-  rv = (PRIntn)nsslibc_memequal(i1->data, i2->data, size, (PRStatus *)NULL);
-  if( 0 == rv ) {
-    rv = i1->size - i2->size;
-  }
-
-  return !rv;
-}
-
-/*
- * The pointer-tracking code
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker oid_pointer_tracker;
-
-static PRStatus
-oid_add_pointer
-(
-  const NSSOID *oid
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&oid_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&oid_pointer_tracker, oid);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-#if defined(CAN_DELETE_OIDS)
-/*
- * We actually don't define NSSOID deletion, since we keep OIDs
- * in a hash table for easy comparison.  Were we to, this is
- * what the pointer-removal function would look like.
- */
-
-static PRStatus
-oid_remove_pointer
-(
-  const NSSOID *oid
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&oid_pointer_tracker, oid);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-#endif /* CAN_DELETE_OIDS */
-
-#endif /* DEBUG */
-
-/*
- * All dynamically-added OIDs get their memory from one statically-
- * declared arena here, merely so that any cleanup code will have
- * an easier time of it.
- */
-
-static NSSArena *oid_arena;
-
-/*
- * This is the call-once function which initializes the hashtable.
- * It creates it, then prepopulates it with all of the builtin OIDs.
- * It also creates the aforementioned NSSArena.
- */
-
-static PRStatus PR_CALLBACK
-oid_once_func
-(
-  void
-)
-{
-  PRUint32 i;
-  
-  /* Initialize the arena */
-  oid_arena = nssArena_Create();
-  if( (NSSArena *)NULL == oid_arena ) {
-    goto loser;
-  }
-
-  /* Create the hash table lock */
-  oid_hash_lock = PZ_NewLock(nssILockOID);
-  if( (PZLock *)NULL == oid_hash_lock ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    goto loser;
-  }
-
-  /* Create the hash table */
-  oid_hash_table = PL_NewHashTable(0, oid_hash, oid_hash_compare,
-                                   PL_CompareValues, 
-                                   (PLHashAllocOps *)0,
-                                   (void *)0);
-  if( (PLHashTable *)NULL == oid_hash_table ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    goto loser;
-  }
-
-  /* And populate it with all the builtins */
-  for( i = 0; i < nss_builtin_oid_count; i++ ) {
-    NSSOID *oid = (NSSOID *)&nss_builtin_oids[i];
-    PLHashEntry *e = PL_HashTableAdd(oid_hash_table, &oid->data, oid);
-    if( (PLHashEntry *)NULL == e ) {
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      goto loser;
-    }
-
-#ifdef DEBUG
-    if( PR_SUCCESS != oid_add_pointer(oid) ) {
-      goto loser;
-    }
-#endif /* DEBUG */
-  }
-
-  return PR_SUCCESS;
-
- loser:
-  if( (PLHashTable *)NULL != oid_hash_table ) {
-    PL_HashTableDestroy(oid_hash_table);
-    oid_hash_table = (PLHashTable *)NULL;
-  }
-
-  if( (PZLock *)NULL != oid_hash_lock ) {
-    PZ_DestroyLock(oid_hash_lock);
-    oid_hash_lock = (PZLock *)NULL;
-  }
-
-  if( (NSSArena *)NULL != oid_arena ) {
-    (void)nssArena_Destroy(oid_arena);
-    oid_arena = (NSSArena *)NULL;
-  }
-
-  return PR_FAILURE;
-}
-
-/*
- * This is NSPR's once-block.
- */
-
-static PRCallOnceType oid_call_once;
-
-/*
- * And this is our multiply-callable internal init routine, which
- * will call-once our call-once function.
- */
-
-static PRStatus
-oid_init
-(
-  void
-)
-{
-  return PR_CallOnce(&oid_call_once, oid_once_func);
-}
-
-#ifdef DEBUG
-
-/*
- * nssOID_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSOID object, 
- * this routine will return PR_SUCCESS.  Otherwise, it will put an 
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssOID_verifyPointer
-(
-  const NSSOID *oid
-)
-{
-  PRStatus rv;
-
-  rv = oid_init();
-  if( PR_SUCCESS != rv ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_initialize(&oid_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&oid_pointer_tracker, oid);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_NSSOID);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * oid_sanity_check_ber
- *
- * This routine merely applies some sanity-checking to the BER-encoded
- * OID.
- */
-
-static PRStatus
-oid_sanity_check_ber
-(
-  NSSBER *berOid
-)
-{
-  PRUint32 i;
-  PRUint8 *data = (PRUint8 *)berOid->data;
-
-  /*
-   * The size must be longer than zero bytes.
-   */
-
-  if( berOid->size <= 0 ) {
-    return PR_FAILURE;
-  }
-
-  /*
-   * In general, we can't preclude any number from showing up
-   * someday.  We could probably guess that top-level numbers
-   * won't get very big (beyond the current ccitt(0), iso(1),
-   * or joint-ccitt-iso(2)).  However, keep in mind that the
-   * encoding rules wrap the first two numbers together, as
-   *
-   *     (first * 40) + second
-   *
-   * Also, it is noted in the specs that this implies that the
-   * second number won't go above forty.
-   *
-   * 128 encodes 3.8, which seems pretty safe for now.  Let's
-   * check that the first byte is less than that.
-   *
-   * XXX This is a "soft check" -- we may want to exclude it.
-   */
-
-  if( data[0] >= 0x80 ) {
-    return PR_FAILURE;
-  }
-
-  /*
-   * In a normalised format, leading 0x80s will never show up.
-   * This means that no 0x80 will be preceeded by the final
-   * byte of a sequence, which would naturaly be less than 0x80.
-   * Our internal encoding for the single-digit OIDs uses 0x80,
-   * but the only places we use them (loading the builtin table,
-   * and adding a UTF8-encoded OID) bypass this check.
-   */
-
-  for( i = 1; i < berOid->size; i++ ) {
-    if( (0x80 == data[i]) && (data[i-1] < 0x80) ) {
-      return PR_FAILURE;
-    }
-  }
-
-  /*
-   * The high bit of each octet indicates that following octets
-   * are included in the current number.  Thus the last byte can't
-   * have the high bit set.
-   */
-
-  if( data[ berOid->size-1 ] >= 0x80 ) {
-    return PR_FAILURE;
-  }
-
-  /*
-   * Other than that, any byte sequence is legit.
-   */
-  return PR_SUCCESS;
-}
-
-/*
- * nssOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID.  It may return NULL upon error, in which case it 
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromBER
-(
-  NSSBER *berOid
-)
-{
-  NSSOID *rv;
-  PLHashEntry *e;
-  
-  if( PR_SUCCESS != oid_init() ) {
-    return (NSSOID *)NULL;
-  }
-
-  if( PR_SUCCESS != oid_sanity_check_ber(berOid) ) {
-    nss_SetError(NSS_ERROR_INVALID_BER);
-    return (NSSOID *)NULL;
-  }
-
-  /*
-   * Does it exist?
-   */
-  PZ_Lock(oid_hash_lock);
-  rv = (NSSOID *)PL_HashTableLookup(oid_hash_table, berOid);
-  (void)PZ_Unlock(oid_hash_lock);
-  if( (NSSOID *)NULL != rv ) {
-    /* Found it! */
-    return rv;
-  }
-
-  /*
-   * Doesn't exist-- create it.
-   */
-  rv = nss_ZNEW(oid_arena, NSSOID);
-  if( (NSSOID *)NULL == rv ) {
-    return (NSSOID *)NULL;
-  }
-
-  rv->data.data = nss_ZAlloc(oid_arena, berOid->size);
-  if( (void *)NULL == rv->data.data ) {
-    return (NSSOID *)NULL;
-  }
-
-  rv->data.size = berOid->size;
-  nsslibc_memcpy(rv->data.data, berOid->data, berOid->size);
-
-#ifdef DEBUG
-  rv->tag = "<runtime>";
-  rv->expl = "(OID registered at runtime)";
-#endif /* DEBUG */
-
-  PZ_Lock(oid_hash_lock);
-  e = PL_HashTableAdd(oid_hash_table, &rv->data, rv);
-  (void)PZ_Unlock(oid_hash_lock);
-  if( (PLHashEntry *)NULL == e ) {
-    nss_ZFreeIf(rv->data.data);
-    nss_ZFreeIf(rv);
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (NSSOID *)NULL;
-  }
-
-#ifdef DEBUG
-  {
-    PRStatus st;
-    st = oid_add_pointer(rv);
-    if( PR_SUCCESS != st ) {
-      PZ_Lock(oid_hash_lock);
-      (void)PL_HashTableRemove(oid_hash_table, &rv->data);
-      (void)PZ_Unlock(oid_hash_lock);
-      (void)nss_ZFreeIf(rv->data.data);
-      (void)nss_ZFreeIf(rv);
-      return (NSSOID *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return rv;
-}
-
-/*
- * oid_sanity_check_utf8
- *
- * This routine merely applies some sanity-checking to the 
- * UTF8-encoded OID.
- */
-
-static PRStatus
-oid_sanity_check_utf8
-(
-  NSSUTF8 *s
-)
-{
-  /*
-   * It may begin with an octothorpe, which we skip.
-   */
-
-  if( '#' == *s ) {
-    s++;
-  }
-
-  /*
-   * It begins with a number
-   */
-
-  if( (*s < '0') || (*s > '9') ) {
-    return PR_FAILURE;
-  }
-
-  /*
-   * First number is only one digit long
-   *
-   * XXX This is a "soft check" -- we may want to exclude it
-   */
-
-  if( (s[1] != '.') && (s[1] != '\0') ) {
-    return PR_FAILURE;
-  }
-
-  /*
-   * Every character is either a digit or a period
-   */
-
-  for( ; '\0' != *s; s++ ) {
-    if( ('.' != *s) && ((*s < '0') || (*s > '9')) ) {
-      return PR_FAILURE;
-    }
-
-    /* No two consecutive periods */
-    if( ('.' == *s) && ('.' == s[1]) ) {
-      return PR_FAILURE;
-    }
-  }
-
-  /*
-   * The last character isn't a period
-   */
-
-  if( '.' == *--s ) {
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-static PRUint32
-oid_encode_number
-(
-  PRUint32 n,
-  PRUint8 *dp,
-  PRUint32 nb
-)
-{
-  PRUint32 a[5];
-  PRUint32 i;
-  PRUint32 rv;
-
-  a[0] = (n >> 28) & 0x7f;
-  a[1] = (n >> 21) & 0x7f;
-  a[2] = (n >> 14) & 0x7f;
-  a[3] = (n >>  7) & 0x7f;
-  a[4] =  n        & 0x7f;
-
-  for( i = 0; i < 5; i++ ) {
-    if( 0 != a[i] ) {
-      break;
-    }
-  }
-
-  if( 5 == i ) {
-    i--;
-  }
-
-  rv = 5-i;
-  if( rv > nb ) {
-    return rv;
-  }
-
-  for( ; i < 4; i++ ) {
-    *dp = 0x80 | a[i];
-    dp++;
-  }
-
-  *dp = a[4];
-
-  return rv;
-}
-
-/*
- * oid_encode_huge
- *
- * This routine will convert a huge decimal number into the DER 
- * encoding for oid numbers.  It is not limited to numbers that will
- * fit into some wordsize, like oid_encode_number.  But it's not
- * necessarily very fast, either.  This is here in case some joker
- * throws us an ASCII oid like 1.2.3.99999999999999999999999999.
- */
-
-static PRUint32
-oid_encode_huge
-(
-  NSSUTF8 *s,
-  NSSUTF8 *e,
-  PRUint8 *dp,
-  PRUint32 nb
-)
-{
-  PRUint32 slen = (e-s);
-  PRUint32 blen = (slen+1)/2;
-  PRUint8 *st = (PRUint8 *)NULL;
-  PRUint8 *bd = (PRUint8 *)NULL;
-  PRUint32 i;
-  PRUint32 bitno;
-  PRUint8 *last;
-  PRUint8 *first;
-  PRUint32 byteno;
-  PRUint8 mask;
-
-  /* We'll be munging the data, so duplicate it */
-  st = (PRUint8 *)nss_ZAlloc((NSSArena *)NULL, slen);
-  if( (PRUint8 *)NULL == st ) {
-    return 0;
-  }
-
-  /* Don't know ahead of time exactly how long we'll need */
-  bd = (PRUint8 *)nss_ZAlloc((NSSArena *)NULL, blen);
-  if( (PRUint8 *)NULL == bd ) {
-    (void)nss_ZFreeIf(st);
-    return 0;
-  }
-
-  /* Copy the original, and convert ASCII to numbers */
-  for( i = 0; i < slen; i++ ) {
-    st[i] = (PRUint8)(s[i] - '0');
-  }
-
-  last = &st[slen-1];
-  first = &st[0];
-
-  /*
-   * The way we create the binary version is by looking at it 
-   * bit by bit.  Start with the least significant bit.  If the
-   * number is odd, set that bit.  Halve the number (with integer
-   * division), and go to the next least significant bit.  Keep 
-   * going until the number goes to zero.
-   */
-  for( bitno = 0; ; bitno++ ) {
-    PRUint8 *d;
-
-    byteno = bitno/7;
-    mask = (PRUint8)(1 << (bitno%7));
-
-    /* Skip leading zeroes */
-    for( ; first < last; first ++ ) {
-      if( 0 != *first ) {
-        break;
-      }
-    }
-
-    /* Down to one number and it's a zero?  Done. */
-    if( (first == last) && (0 == *last) ) {
-      break;
-    }
-
-    /* Last digit is odd?  Set the bit */
-    if( *last & 1 ) {
-      bd[ byteno ] |= mask;
-    }
-
-
-    /* 
-     * Divide the number in half.  This is just a matter
-     * of going from the least significant digit upwards,
-     * halving each one.  If any digit is odd (other than
-     * the last, which has already been handled), add five
-     * to the digit to its right.
-     */
-    *last /= 2;
-
-    for( d = &last[-1]; d >= first; d-- ) {
-      if( *d & 1 ) {
-        d[1] += 5;
-      }
-
-      *d /= 2;
-    }
-  }
-
-  /* Is there room to write the encoded data? */
-  if( (byteno+1) > nb ) {
-    return (byteno+1);
-  }
-
-  /* Trim any leading zero that crept in there */
-  for( ; byteno > 0; byteno-- ) {
-    if( 0 != bd[ byteno ] ) {
-      break;
-    }
-  }
-
-  /* Copy all but the last, marking the "continue" bit */
-  for( i = 0; i < byteno; i++ ) {
-    dp[i] = bd[ byteno-i ] | 0x80;
-  }
-  /* And the last with the "continue" bit clear */
-  dp[byteno] = bd[0];
-
-  (void)nss_ZFreeIf(bd);
-  (void)nss_ZFreeIf(st);
-  return (byteno+1);
-}
-
-/*
- * oid_encode_string
- *
- * This routine converts a dotted-number OID into a DER-encoded
- * one.  It assumes we've already sanity-checked the string.
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static NSSOID *
-oid_encode_string
-(
-  NSSUTF8 *s
-)
-{
-  PRUint32 nn = 0; /* number of numbers */
-  PRUint32 nb = 0; /* number of bytes (estimated) */
-  NSSUTF8 *t;
-  PRUint32 nd = 0; /* number of digits */
-  NSSOID *rv;
-  PRUint8 *dp;
-  PRUint32 a, b;
-  PRUint32 inc;
-
-  /* Dump any octothorpe */
-  if( '#' == *s ) {
-    s++;
-  }
-
-  /* Count up the bytes needed */
-  for( t = s; '\0' != *t; t++ ) {
-    if( '.' == *t ) {
-      nb += (nd+1)/2; /* errs on the big side */
-      nd = 0;
-      nn++;
-    } else {
-      nd++;
-    }
-  }
-  nb += (nd+1)/2;
-  nn++;
-
-  if( 1 == nn ) {
-    /*
-     * We have our own "denormalised" encoding for these,
-     * which is only used internally.
-     */
-    nb++;
-  }
-
-  /* 
-   * Allocate.  Note that we don't use the oid_arena here.. this is
-   * because there really isn't a "free()" for stuff allocated out of
-   * arenas (at least with the current implementation), so this would
-   * keep using up memory each time a UTF8-encoded OID were added.
-   * If need be (if this is the first time this oid has been seen),
-   * we'll copy it.
-   */
-  rv = nss_ZNEW((NSSArena *)NULL, NSSOID);
-  if( (NSSOID *)NULL == rv ) {
-    return (NSSOID *)NULL;
-  }
-
-  rv->data.data = nss_ZAlloc((NSSArena *)NULL, nb);
-  if( (void *)NULL == rv->data.data ) {
-    (void)nss_ZFreeIf(rv);
-    return (NSSOID *)NULL;
-  }
-
-  dp = (PRUint8 *)rv->data.data;
-
-  a = atoi(s);
-
-  if( 1 == nn ) {
-    dp[0] = '\x80';
-    inc = oid_encode_number(a, &dp[1], nb-1);
-    if( inc >= nb ) {
-      goto loser;
-    }
-  } else {
-    for( t = s; '.' != *t; t++ ) {
-      ;
-    }
-
-    t++;
-    b = atoi(t);
-    inc = oid_encode_number(a*40+b, dp, nb);
-    if( inc > nb ) {
-      goto loser;
-    }
-    dp += inc;
-    nb -= inc;
-    nn -= 2;
-
-    while( nn-- > 0 ) {
-      NSSUTF8 *u;
-
-      for( ; '.' != *t; t++ ) {
-        ;
-      }
-
-      t++;
-
-      for( u = t; ('\0' != *u) && ('.' != *u); u++ ) {
-        ;
-      }
-
-      if( (u-t > 9) ) {
-        /* In the billions.  Rats. */
-        inc = oid_encode_huge(t, u, dp, nb);
-      } else {
-        b = atoi(t);
-        inc = oid_encode_number(b, dp, nb);
-      }
-
-      if( inc > nb ) {
-        goto loser;
-      }
-      dp += inc;
-      nb -= inc;
-    }
-  }
-
-  return rv;
-
- loser:
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  return (NSSOID *)NULL;
-}
-
-/*
- * nssOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string 
- * representation of an OID in dotted-number format.  The string may 
- * optionally begin with an octothorpe.  It may return NULL
- * upon error, in which case it will have set an error on the error 
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromUTF8
-(
-  NSSUTF8 *stringOid
-)
-{
-  NSSOID *rv = (NSSOID *)NULL;
-  NSSOID *candidate = (NSSOID *)NULL;
-  PLHashEntry *e;
-
-  if( PR_SUCCESS != oid_init() ) {
-    return (NSSOID *)NULL;
-  }
-
-  if( PR_SUCCESS != oid_sanity_check_utf8(stringOid) ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSOID *)NULL;
-  }
-
-  candidate = oid_encode_string(stringOid);
-  if( (NSSOID *)NULL == candidate ) {
-    /* Internal error only */
-    return rv;
-  }
-
-  /*
-   * Does it exist?
-   */
-  PZ_Lock(oid_hash_lock);
-  rv = (NSSOID *)PL_HashTableLookup(oid_hash_table, &candidate->data);
-  (void)PZ_Unlock(oid_hash_lock);
-  if( (NSSOID *)NULL != rv ) {
-    /* Already exists.  Delete my copy and return the original. */
-    (void)nss_ZFreeIf(candidate->data.data);
-    (void)nss_ZFreeIf(candidate);
-    return rv;
-  }
-
-  /* 
-   * Nope.  Add it.  Remember to allocate it out of the oid arena.
-   */
-
-  rv = nss_ZNEW(oid_arena, NSSOID);
-  if( (NSSOID *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->data.data = nss_ZAlloc(oid_arena, candidate->data.size);
-  if( (void *)NULL == rv->data.data ) {
-    goto loser;
-  }
-
-  rv->data.size = candidate->data.size;
-  nsslibc_memcpy(rv->data.data, candidate->data.data, rv->data.size);
-
-  (void)nss_ZFreeIf(candidate->data.data);
-  (void)nss_ZFreeIf(candidate);
-
-#ifdef DEBUG
-  rv->tag = "<runtime>";
-  rv->expl = "(OID registered at runtime)";
-#endif /* DEBUG */
-
-  PZ_Lock(oid_hash_lock);
-  e = PL_HashTableAdd(oid_hash_table, &rv->data, rv);
-  (void)PZ_Unlock(oid_hash_lock);
-  if( (PLHashEntry *)NULL == e ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    goto loser;
-  }
-
-#ifdef DEBUG
-  {
-    PRStatus st;
-    st = oid_add_pointer(rv);
-    if( PR_SUCCESS != st ) {
-      PZ_Lock(oid_hash_lock);
-      (void)PL_HashTableRemove(oid_hash_table, &rv->data);
-      (void)PZ_Unlock(oid_hash_lock);
-      goto loser;
-    }
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (NSSOID *)NULL != candidate ) {
-    (void)nss_ZFreeIf(candidate->data.data);
-  }
-  (void)nss_ZFreeIf(candidate);
-
-  if( (NSSOID *)NULL != rv ) {
-    (void)nss_ZFreeIf(rv->data.data);
-  }
-  (void)nss_ZFreeIf(rv);
-
-  return (NSSOID *)NULL;
-}
-
-/*
- * nssOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return return null upon error, in 
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-nssOID_GetDEREncoding
-(
-  const NSSOID *oid,
-  NSSDER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  const NSSItem *it;
-  NSSDER *rv;
-
-  if( PR_SUCCESS != oid_init() ) {
-    return (NSSDER *)NULL;
-  }
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSDER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  it = &oid->data;
-
-  if( (NSSDER *)NULL == rvOpt ) {
-    rv = nss_ZNEW(arenaOpt, NSSDER);
-    if( (NSSDER *)NULL == rv ) {
-      return (NSSDER *)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  rv->data = nss_ZAlloc(arenaOpt, it->size);
-  if( (void *)NULL == rv->data ) {
-    if( rv != rvOpt ) {
-      (void)nss_ZFreeIf(rv);
-    }
-    return (NSSDER *)NULL;
-  }
-
-  rv->size = it->size;
-  nsslibc_memcpy(rv->data, it->data, it->size);
-
-  return rv;
-}
-
-/*
- * nssOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number 
- * encoding of the specified NSSOID.  If the optional arena argument 
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return null upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the dotted-digit encoding of 
- *      this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-nssOID_GetUTF8Encoding
-(
-  const NSSOID *oid,
-  NSSArena *arenaOpt
-)
-{
-  NSSUTF8 *rv;
-  PRUint8 *end;
-  PRUint8 *d;
-  PRUint8 *e;
-  char *a;
-  char *b;
-  PRUint32 len;
-
-  if( PR_SUCCESS != oid_init() ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  a = (char *)NULL;
-
-  /* d will point to the next sequence of bytes to decode */
-  d = (PRUint8 *)oid->data.data;
-  /* end points to one past the legitimate data */
-  end = &d[ oid->data.size ];
-
-#ifdef NSSDEBUG
-  /*
-   * Guarantee that the for(e=d;e<end;e++) loop below will
-   * terminate.  Our BER sanity-checking code above will prevent
-   * such a BER from being registered, so the only other way one
-   * might show up is if our dotted-decimal encoder above screws
-   * up or our generated list is wrong.  So I'll wrap it with
-   * #ifdef NSSDEBUG and #endif.
-   */
-  if( end[-1] & 0x80 ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * Check for our pseudo-encoded single-digit OIDs
-   */
-  if( (*d == 0x80) && (2 == oid->data.size) ) {
-    /* Funky encoding.  The second byte is the number */
-    a = PR_smprintf("%lu", (PRUint32)d[1]);
-    if( (char *)NULL == a ) {
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      return (NSSUTF8 *)NULL;
-    }
-    goto done;
-  }
-
-  for( ; d < end; d = &e[1] ) {
-    
-    for( e = d; e < end; e++ ) {
-      if( 0 == (*e & 0x80) ) {
-        break;
-      }
-    }
-    
-    if( ((e-d) > 4) || (((e-d) == 4) && (*d & 0x70)) ) {
-      /* More than a 32-bit number */
-    } else {
-      PRUint32 n = 0;
-      
-      switch( e-d ) {
-      case 4:
-        n |= ((PRUint32)(e[-4] & 0x0f)) << 28;
-      case 3:
-        n |= ((PRUint32)(e[-3] & 0x7f)) << 21;
-      case 2:
-        n |= ((PRUint32)(e[-2] & 0x7f)) << 14;
-      case 1:
-        n |= ((PRUint32)(e[-1] & 0x7f)) <<  7;
-      case 0:
-        n |= ((PRUint32)(e[-0] & 0x7f))      ;
-      }
-      
-      if( (char *)NULL == a ) {
-        /* This is the first number.. decompose it */
-        PRUint32 one = (n/40), two = (n%40);
-        
-        a = PR_smprintf("%lu.%lu", one, two);
-        if( (char *)NULL == a ) {
-          nss_SetError(NSS_ERROR_NO_MEMORY);
-          return (NSSUTF8 *)NULL;
-        }
-      } else {
-        b = PR_smprintf("%s.%lu", a, n);
-        if( (char *)NULL == b ) {
-          PR_smprintf_free(a);
-          nss_SetError(NSS_ERROR_NO_MEMORY);
-          return (NSSUTF8 *)NULL;
-        }
-        
-        PR_smprintf_free(a);
-        a = b;
-      }
-    }
-  }
-
- done:
-  /*
-   * Even if arenaOpt is NULL, we have to copy the data so that
-   * it'll be freed with the right version of free: ours, not
-   * PR_smprintf_free's.
-   */
-  len = PL_strlen(a);
-  rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len);
-  if( (NSSUTF8 *)NULL == rv ) {
-    PR_smprintf_free(a);
-    return (NSSUTF8 *)NULL;
-  }
-
-  nsslibc_memcpy(rv, a, len);
-  PR_smprintf_free(a);
-
-  return rv;
-}
-
-/*
- * nssOID_getExplanation
- *
- * This method is only present in debug builds.
- *
- * This routine will return a static pointer to a UTF8-encoded string
- * describing (in English) the specified OID.  The memory pointed to
- * by the return value is not owned by the caller, and should not be
- * freed or modified.  Note that explanations are only provided for
- * the OIDs built into the NSS library; there is no way to specify an
- * explanation for dynamically created OIDs.  This routine is intended
- * only for use in debugging tools such as "derdump."  This routine
- * may return null upon error, in which case it will have placed an
- * error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- *  NULL upon error
- *  A static pointer to a readonly, non-caller-owned UTF8-encoded
- *    string explaining the specified OID.
- */
-
-#ifdef DEBUG
-NSS_EXTERN const NSSUTF8 *
-nssOID_getExplanation
-(
-  NSSOID *oid
-)
-{
-  if( PR_SUCCESS != oid_init() ) {
-    return (const NSSUTF8 *)NULL;
-  }
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSUTF8 *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return oid->expl;
-}
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getTaggedUTF8
- *
- * This method is only present in debug builds.
- *
- * This routine will return a pointer to a caller-owned UTF8-encoded
- * string containing a tagged encoding of the specified OID.  Note
- * that OID (component) tags are only provided for the OIDs built 
- * into the NSS library; there is no way to specify tags for 
- * dynamically created OIDs.  This routine is intended for use in
- * debugging tools such as "derdump."   If the optional arena argument
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine 
- * may return return null upon error, in which case it will have set 
- * an error on the error stack.
- *
- * The error may be one of the following values
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the tagged encoding of
- *      this NSSOID
- */
-
-#ifdef DEBUG
-NSS_EXTERN NSSUTF8 *
-nssOID_getTaggedUTF8
-(
-  NSSOID *oid,
-  NSSArena *arenaOpt
-)
-{
-  NSSUTF8 *rv;
-  char *raw;
-  char *c;
-  char *a = (char *)NULL;
-  char *b;
-  PRBool done = PR_FALSE;
-  PRUint32 len;
-
-  if( PR_SUCCESS != oid_init() ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  a = PR_smprintf("{");
-  if( (char *)NULL == a ) {
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (NSSUTF8 *)NULL;
-  }
-
-  /*
-   * What I'm doing here is getting the text version of the OID,
-   * e.g. 1.2.12.92, then looking up each set of leading numbers
-   * as oids.. e.g. "1," then "1.2," then "1.2.12," etc.  Each of
-   * those will have the leaf tag, and I just build up the string.
-   * I never said this was the most efficient way of doing it,
-   * but hey it's a debug-build thing, and I'm getting really tired
-   * of writing this stupid low-level PKI code.
-   */
-
-  /* I know it's all ASCII, so I can use char */
-  raw = (char *)nssOID_GetUTF8Encoding(oid, (NSSArena *)NULL);
-  if( (char *)NULL == raw ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  for( c = raw; !done; c++ ) {
-    NSSOID *lead;
-    char *lastdot;
-
-    for( ; '.' != *c; c++ ) {
-      if( '\0' == *c ) {
-        done = PR_TRUE;
-        break;
-      }
-    }
-
-    *c = '\0';
-    lead = nssOID_CreateFromUTF8((NSSUTF8 *)raw);
-    if( (NSSOID *)NULL == lead ) {
-      PR_smprintf_free(a);
-      nss_ZFreeIf(raw);
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      return (NSSUTF8 *)NULL;
-    }
-
-    lastdot = PL_strrchr(raw, '.');
-    if( (char *)NULL == lastdot ) {
-      lastdot = raw;
-    }
-
-    b = PR_smprintf("%s %s(%s) ", a, lead->tag, &lastdot[1]);
-    if( (char *)NULL == b ) {
-      PR_smprintf_free(a);
-      nss_ZFreeIf(raw);
-      /* drop the OID reference on the floor */
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-      return (NSSUTF8 *)NULL;
-    }
-
-    PR_smprintf_free(a);
-    a = b;
-
-    if( !done ) {
-      *c = '.';
-    }
-  }
-
-  nss_ZFreeIf(raw);
-
-  b = PR_smprintf("%s }", a);
-  if( (char *)NULL == b ) {
-    PR_smprintf_free(a);
-    nss_SetError(NSS_ERROR_NO_MEMORY);
-    return (NSSUTF8 *)NULL;
-  }
-
-  len = PL_strlen(b);
-  
-  rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len+1);
-  if( (NSSUTF8 *)NULL == rv ) {
-    PR_smprintf_free(b);
-    return (NSSUTF8 *)NULL;
-  }
-
-  nsslibc_memcpy(rv, b, len);
-  PR_smprintf_free(b);
-
-  return rv;
-}
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
diff --git a/security/nss/lib/pki1/oiddata.c b/security/nss/lib/pki1/oiddata.c
deleted file mode 100644
index 1945421d1..000000000
--- a/security/nss/lib/pki1/oiddata.c
+++ /dev/null
@@ -1,2933 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-const NSSOID nss_builtin_oids[] = {
-  {
-#ifdef DEBUG
-    "ccitt",
-    "ITU-T",
-#endif /* DEBUG */
-    { "\x80\x00", 2 }
-  },
-  {
-#ifdef DEBUG
-    "recommendation",
-    "ITU-T Recommendation",
-#endif /* DEBUG */
-    { "\x00", 1 }
-  },
-  {
-#ifdef DEBUG
-    "question",
-    "ITU-T Question",
-#endif /* DEBUG */
-    { "\x01", 1 }
-  },
-  {
-#ifdef DEBUG
-    "administration",
-    "ITU-T Administration",
-#endif /* DEBUG */
-    { "\x02", 1 }
-  },
-  {
-#ifdef DEBUG
-    "network-operator",
-    "ITU-T Network Operator",
-#endif /* DEBUG */
-    { "\x03", 1 }
-  },
-  {
-#ifdef DEBUG
-    "identified-organization",
-    "ITU-T Identified Organization",
-#endif /* DEBUG */
-    { "\x04", 1 }
-  },
-  {
-#ifdef DEBUG
-    "data",
-    "RFC Data",
-#endif /* DEBUG */
-    { "\x09", 1 }
-  },
-  {
-#ifdef DEBUG
-    "pss",
-    "PSS British Telecom X.25 Network",
-#endif /* DEBUG */
-    { "\x09\x92\x26", 3 }
-  },
-  {
-#ifdef DEBUG
-    "ucl",
-    "RFC 1274 UCL Data networks",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c", 7 }
-  },
-  {
-#ifdef DEBUG
-    "pilot",
-    "RFC 1274 pilot",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64", 8 }
-  },
-  {
-#ifdef DEBUG
-    "attributeType",
-    "RFC 1274 Attribute Type",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "uid",
-    "RFC 1274 User Id",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "mail",
-    "RFC 1274 E-mail Addres",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x03", 10 }
-  },
-  {
-#ifdef DEBUG
-    "dc",
-    "RFC 2247 Domain Component",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x01\x19", 10 }
-  },
-  {
-#ifdef DEBUG
-    "attributeSyntax",
-    "RFC 1274 Attribute Syntax",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "iA5StringSyntax",
-    "RFC 1274 IA5 String Attribute Syntax",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x03\x04", 10 }
-  },
-  {
-#ifdef DEBUG
-    "caseIgnoreIA5StringSyntax",
-    "RFC 1274 Case-Ignore IA5 String Attribute Syntax",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x03\x05", 10 }
-  },
-  {
-#ifdef DEBUG
-    "objectClass",
-    "RFC 1274 Object Class",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "groups",
-    "RFC 1274 Groups",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x89\x93\xf2\x2c\x64\x0a", 9 }
-  },
-  {
-#ifdef DEBUG
-    "ucl",
-    "RFC 1327 ucl",
-#endif /* DEBUG */
-    { "\x09\x92\x26\x86\xe8\xc4\xb5\xbe\x7f", 9 }
-  },
-  {
-#ifdef DEBUG
-    "iso",
-    "ISO",
-#endif /* DEBUG */
-    { "\x80\x01", 2 }
-  },
-  {
-#ifdef DEBUG
-    "standard",
-    "ISO Standard",
-#endif /* DEBUG */
-    { "\x28", 1 }
-  },
-  {
-#ifdef DEBUG
-    "registration-authority",
-    "ISO Registration Authority",
-#endif /* DEBUG */
-    { "\x29", 1 }
-  },
-  {
-#ifdef DEBUG
-    "member-body",
-    "ISO Member Body",
-#endif /* DEBUG */
-    { "\x2a", 1 }
-  },
-  {
-#ifdef DEBUG
-    "australia",
-    "Australia (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x24", 2 }
-  },
-  {
-#ifdef DEBUG
-    "taiwan",
-    "Taiwan (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x81\x1e", 3 }
-  },
-  {
-#ifdef DEBUG
-    "ireland",
-    "Ireland (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x82\x74", 3 }
-  },
-  {
-#ifdef DEBUG
-    "norway",
-    "Norway (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x84\x42", 3 }
-  },
-  {
-#ifdef DEBUG
-    "sweden",
-    "Sweden (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x85\x70", 3 }
-  },
-  {
-#ifdef DEBUG
-    "great-britain",
-    "Great Britain (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x86\x3a", 3 }
-  },
-  {
-#ifdef DEBUG
-    "us",
-    "United States (ISO)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48", 3 }
-  },
-  {
-#ifdef DEBUG
-    "organization",
-    "US (ISO) organization",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x01", 4 }
-  },
-  {
-#ifdef DEBUG
-    "ansi-z30-50",
-    "ANSI Z39.50",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x13", 5 }
-  },
-  {
-#ifdef DEBUG
-    "dicom",
-    "DICOM",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x18", 5 }
-  },
-  {
-#ifdef DEBUG
-    "ieee-1224",
-    "IEEE 1224",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x21", 5 }
-  },
-  {
-#ifdef DEBUG
-    "ieee-802-10",
-    "IEEE 802.10",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x26", 5 }
-  },
-  {
-#ifdef DEBUG
-    "ieee-802-11",
-    "IEEE 802.11",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x34", 5 }
-  },
-  {
-#ifdef DEBUG
-    "x9-57",
-    "ANSI X9.57",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38", 5 }
-  },
-  {
-#ifdef DEBUG
-    "holdInstruction",
-    "ANSI X9.57 Hold Instruction",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x02", 6 }
-  },
-  {
-#ifdef DEBUG
-    "id-holdinstruction-none",
-    "ANSI X9.57 Hold Instruction: None",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x02\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-holdinstruction-callissuer",
-    "ANSI X9.57 Hold Instruction: Call Issuer",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x02\x02", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-holdinstruction-reject",
-    "ANSI X9.57 Hold Instruction: Reject",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x02\x03", 7 }
-  },
-  {
-#ifdef DEBUG
-    "x9algorithm",
-    "ANSI X9.57 Algorithm",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x04", 6 }
-  },
-  {
-#ifdef DEBUG
-    "id-dsa",
-    "ANSI X9.57 DSA Signature",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x04\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-dsa-with-sha1",
-    "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x38\x04\x03", 7 }
-  },
-  {
-#ifdef DEBUG
-    "x942",
-    "ANSI X9.42",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x3e", 5 }
-  },
-  {
-#ifdef DEBUG
-    "algorithm",
-    "ANSI X9.42 Algorithm",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x3e\x02", 6 }
-  },
-  {
-#ifdef DEBUG
-    "dhpublicnumber",
-    "Diffie-Hellman Public Key Algorithm",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\xce\x3e\x02\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "entrust",
-    "Entrust Technologies",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf6\x7d", 6 }
-  },
-  {
-#ifdef DEBUG
-    "rsadsi",
-    "RSA Data Security Inc.",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d", 6 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs",
-    "PKCS",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-1",
-    "PKCS #1",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "rsaEncryption",
-    "PKCS #1 RSA Encryption",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "md2WithRSAEncryption",
-    "PKCS #1 MD2 With RSA Encryption",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "md4WithRSAEncryption",
-    "PKCS #1 MD4 With RSA Encryption",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "md5WithRSAEncryption",
-    "PKCS #1 MD5 With RSA Encryption",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "sha1WithRSAEncryption",
-    "PKCS #1 SHA-1 With RSA Encryption",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-5",
-    "PKCS #5",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x05", 8 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithMD2AndDES-CBC",
-    "PKCS #5 Password Based Encryption With MD2 and DES-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithMD5AndDES-CBC",
-    "PKCS #5 Password Based Encryption With MD5 and DES-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSha1AndDES-CBC",
-    "PKCS #5 Password Based Encryption With SHA-1 and DES-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0a", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-7",
-    "PKCS #7",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07", 8 }
-  },
-  {
-#ifdef DEBUG
-    "data",
-    "PKCS #7 Data",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "signedData",
-    "PKCS #7 Signed Data",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "envelopedData",
-    "PKCS #7 Enveloped Data",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "signedAndEnvelopedData",
-    "PKCS #7 Signed and Enveloped Data",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "digestedData",
-    "PKCS #7 Digested Data",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "encryptedData",
-    "PKCS #7 Encrypted Data",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x07\x06", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-9",
-    "PKCS #9",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09", 8 }
-  },
-  {
-#ifdef DEBUG
-    "emailAddress",
-    "PKCS #9 Email Address",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "unstructuredName",
-    "PKCS #9 Unstructured Name",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "contentType",
-    "PKCS #9 Content Type",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "messageDigest",
-    "PKCS #9 Message Digest",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "signingTime",
-    "PKCS #9 Signing Time",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "counterSignature",
-    "PKCS #9 Counter Signature",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x06", 9 }
-  },
-  {
-#ifdef DEBUG
-    "challengePassword",
-    "PKCS #9 Challenge Password",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x07", 9 }
-  },
-  {
-#ifdef DEBUG
-    "unstructuredAddress",
-    "PKCS #9 Unstructured Address",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x08", 9 }
-  },
-  {
-#ifdef DEBUG
-    "extendedCertificateAttributes",
-    "PKCS #9 Extended Certificate Attributes",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x09", 9 }
-  },
-  {
-#ifdef DEBUG
-    "sMIMECapabilities",
-    "PKCS #9 S/MIME Capabilities",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x0f", 9 }
-  },
-  {
-#ifdef DEBUG
-    "friendlyName",
-    "PKCS #9 Friendly Name",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x14", 9 }
-  },
-  {
-#ifdef DEBUG
-    "localKeyID",
-    "PKCS #9 Local Key ID",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x15", 9 }
-  },
-  {
-#ifdef DEBUG
-    "certTypes",
-    "PKCS #9 Certificate Types",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x16", 9 }
-  },
-  {
-#ifdef DEBUG
-    "x509Certificate",
-    "PKCS #9 Certificate Type = X.509",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x16\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "sdsiCertificate",
-    "PKCS #9 Certificate Type = SDSI",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x16\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "crlTypes",
-    "PKCS #9 Certificate Revocation List Types",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x17", 9 }
-  },
-  {
-#ifdef DEBUG
-    "x509Crl",
-    "PKCS #9 CRL Type = X.509",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x09\x17\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12",
-    "PKCS #12",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c", 8 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12PbeIds",
-    "PKCS #12 Password Based Encryption IDs",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSHA1And128BitRC4",
-    "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSHA1And40BitRC4",
-    "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSHA1And3-KeyTripleDES-CBC",
-    "PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x03", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSHA1And2-KeyTripleDES-CBC",
-    "PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x04", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSHA1And128BitRC2-CBC",
-    "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x05", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSHA1And40BitRC2-CBC",
-    "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x01\x06", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12EspvkIds",
-    "PKCS #12 ESPVK IDs",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs8-key-shrouding",
-    "PKCS #12 Key Shrouding",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x02\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "draft1Pkcs-12Bag-ids",
-    "Draft 1.0 PKCS #12 Bag IDs",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "keyBag",
-    "Draft 1.0 PKCS #12 Key Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "certAndCRLBagId",
-    "Draft 1.0 PKCS #12 Cert and CRL Bag ID",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "secretBagId",
-    "Draft 1.0 PKCS #12 Secret Bag ID",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x03", 10 }
-  },
-  {
-#ifdef DEBUG
-    "safeContentsId",
-    "Draft 1.0 PKCS #12 Safe Contents Bag ID",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x04", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-8ShroudedKeyBagId",
-    "Draft 1.0 PKCS #12 PKCS #8-shrouded Key Bag ID",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x03\x05", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12CertBagIds",
-    "PKCS #12 Certificate Bag IDs",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "x509CertCRLBagId",
-    "PKCS #12 X.509 Certificate and CRL Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x04\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "SDSICertBagID",
-    "PKCS #12 SDSI Certificate Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x04\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12Oids",
-    "PKCS #12 OIDs (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12PbeIds",
-    "PKCS #12 OIDs PBE IDs (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSha1And128BitRC4",
-    "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC4 (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x01", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSha1And40BitRC4",
-    "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC4 (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x02", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSha1AndTripleDES-CBC",
-    "PKCS #12 OIDs PBE with SHA-1 and Triple DES-CBC (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x03", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSha1And128BitRC2-CBC",
-    "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC2-CBC (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x04", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pbeWithSha1And40BitRC2-CBC",
-    "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC2-CBC (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x01\x05", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12EnvelopingIds",
-    "PKCS #12 OIDs Enveloping IDs (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "rsaEncryptionWith128BitRC4",
-    "PKCS #12 OIDs Enveloping RSA Encryption with 128-bit RC4",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02\x01", 11 }
-  },
-  {
-#ifdef DEBUG
-    "rsaEncryptionWith40BitRC4",
-    "PKCS #12 OIDs Enveloping RSA Encryption with 40-bit RC4",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02\x02", 11 }
-  },
-  {
-#ifdef DEBUG
-    "rsaEncryptionWithTripleDES",
-    "PKCS #12 OIDs Enveloping RSA Encryption with Triple DES",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x02\x03", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12SignatureIds",
-    "PKCS #12 OIDs Signature IDs (XXX)",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x03", 10 }
-  },
-  {
-#ifdef DEBUG
-    "rsaSignatureWithSHA1Digest",
-    "PKCS #12 OIDs RSA Signature with SHA-1 Digest",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x05\x03\x01", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12Version1",
-    "PKCS #12 Version 1",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a", 9 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-12BagIds",
-    "PKCS #12 Bag IDs",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "keyBag",
-    "PKCS #12 Key Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x01", 11 }
-  },
-  {
-#ifdef DEBUG
-    "pkcs-8ShroudedKeyBag",
-    "PKCS #12 PKCS #8-shrouded Key Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x02", 11 }
-  },
-  {
-#ifdef DEBUG
-    "certBag",
-    "PKCS #12 Certificate Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x03", 11 }
-  },
-  {
-#ifdef DEBUG
-    "crlBag",
-    "PKCS #12 CRL Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x04", 11 }
-  },
-  {
-#ifdef DEBUG
-    "secretBag",
-    "PKCS #12 Secret Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x05", 11 }
-  },
-  {
-#ifdef DEBUG
-    "safeContentsBag",
-    "PKCS #12 Safe Contents Bag",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x01\x0c\x0a\x01\x06", 11 }
-  },
-  {
-#ifdef DEBUG
-    "digest",
-    "RSA digest algorithm",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x02", 7 }
-  },
-  {
-#ifdef DEBUG
-    "md2",
-    "MD2",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x02\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "md4",
-    "MD4",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x02\x04", 8 }
-  },
-  {
-#ifdef DEBUG
-    "md5",
-    "MD5",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x02\x05", 8 }
-  },
-  {
-#ifdef DEBUG
-    "cipher",
-    "RSA cipher algorithm",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x03", 7 }
-  },
-  {
-#ifdef DEBUG
-    "rc2cbc",
-    "RC2-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x03\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "rc4",
-    "RC4",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x03\x04", 8 }
-  },
-  {
-#ifdef DEBUG
-    "desede3cbc",
-    "DES-EDE3-CBC",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x03\x07", 8 }
-  },
-  {
-#ifdef DEBUG
-    "rc5cbcpad",
-    "RC5-CBCPad",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x0d\x03\x09", 8 }
-  },
-  {
-#ifdef DEBUG
-    "microsoft",
-    "Microsoft",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x14", 6 }
-  },
-  {
-#ifdef DEBUG
-    "columbia-university",
-    "Columbia University",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x18", 6 }
-  },
-  {
-#ifdef DEBUG
-    "unisys",
-    "Unisys",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x24", 6 }
-  },
-  {
-#ifdef DEBUG
-    "xapia",
-    "XAPIA",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf7\x7a", 6 }
-  },
-  {
-#ifdef DEBUG
-    "wordperfect",
-    "WordPerfect",
-#endif /* DEBUG */
-    { "\x2a\x86\x48\x86\xf8\x23", 6 }
-  },
-  {
-#ifdef DEBUG
-    "identified-organization",
-    "ISO identified organizations",
-#endif /* DEBUG */
-    { "\x2b", 1 }
-  },
-  {
-#ifdef DEBUG
-    "us-dod",
-    "United States Department of Defense",
-#endif /* DEBUG */
-    { "\x2b\x06", 2 }
-  },
-  {
-#ifdef DEBUG
-    "internet",
-    "The Internet",
-#endif /* DEBUG */
-    { "\x2b\x06\x01", 3 }
-  },
-  {
-#ifdef DEBUG
-    "directory",
-    "Internet: Directory",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x01", 4 }
-  },
-  {
-#ifdef DEBUG
-    "management",
-    "Internet: Management",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x02", 4 }
-  },
-  {
-#ifdef DEBUG
-    "experimental",
-    "Internet: Experimental",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x03", 4 }
-  },
-  {
-#ifdef DEBUG
-    "private",
-    "Internet: Private",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x04", 4 }
-  },
-  {
-#ifdef DEBUG
-    "security",
-    "Internet: Security",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05", 4 }
-  },
-  {
-#ifdef DEBUG
-    "",
-    "",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05", 5 }
-  },
-  {
-#ifdef DEBUG
-    "id-pkix",
-    "Public Key Infrastructure",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07", 6 }
-  },
-  {
-#ifdef DEBUG
-    "PKIX1Explicit88",
-    "RFC 2459 Explicitly Tagged Module, 1988 Syntax",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x00\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "PKIXImplicit88",
-    "RFC 2459 Implicitly Tagged Module, 1988 Syntax",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x00\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "PKIXExplicit93",
-    "RFC 2459 Explicitly Tagged Module, 1993 Syntax",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x00\x03", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-pe",
-    "PKIX Private Certificate Extensions",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-pe-authorityInfoAccess",
-    "Certificate Authority Information Access",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x01\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-qt",
-    "PKIX Policy Qualifier Types",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x02", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-qt-cps",
-    "PKIX CPS Pointer Qualifier",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x02\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-qt-unotice",
-    "PKIX User Notice Qualifier",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x02\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp",
-    "PKIX Key Purpose",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-serverAuth",
-    "TLS Web Server Authentication Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-clientAuth",
-    "TLS Web Client Authentication Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-codeSigning",
-    "Code Signing Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x03", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-emailProtection",
-    "E-Mail Protection Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x04", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-ipsecEndSystem",
-    "IPSEC End System Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x05", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-ipsecTunnel",
-    "IPSEC Tunnel Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x06", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-ipsecUser",
-    "IPSEC User Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x07", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-kp-timeStamping",
-    "Time Stamping Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x08", 8 }
-  },
-  {
-#ifdef DEBUG
-    "ocsp-responder",
-    "OCSP Responder Certificate",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x03\x09", 8 }
-  },
-  {
-#ifdef DEBUG
-    "pkix-id-pkix",
-    "",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07", 7 }
-  },
-  {
-#ifdef DEBUG
-    "pkix-id-pkip",
-    "",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05", 8 }
-  },
-  {
-#ifdef DEBUG
-    "pkix-id-regctrl",
-    "CRMF Registration Control",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "regtoken",
-    "CRMF Registration Control, Registration Token",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "authenticator",
-    "CRMF Registration Control, Registration Authenticator",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkipubinfo",
-    "CRMF Registration Control, PKI Publication Info",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x03", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pki-arch-options",
-    "CRMF Registration Control, PKI Archive Options",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x04", 10 }
-  },
-  {
-#ifdef DEBUG
-    "old-cert-id",
-    "CRMF Registration Control, Old Certificate ID",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x05", 10 }
-  },
-  {
-#ifdef DEBUG
-    "protocol-encryption-key",
-    "CRMF Registration Control, Protocol Encryption Key",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x01\x06", 10 }
-  },
-  {
-#ifdef DEBUG
-    "pkix-id-reginfo",
-    "CRMF Registration Info",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "utf8-pairs",
-    "CRMF Registration Info, UTF8 Pairs",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x02\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "cert-request",
-    "CRMF Registration Info, Certificate Request",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x07\x05\x02\x02", 10 }
-  },
-  {
-#ifdef DEBUG
-    "id-ad",
-    "PKIX Access Descriptors",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-ad-ocsp",
-    "PKIX Online Certificate Status Protocol",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "basic-response",
-    "OCSP Basic Response",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "nonce-extension",
-    "OCSP Nonce Extension",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "response",
-    "OCSP Response Types Extension",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "crl",
-    "OCSP CRL Reference Extension",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "no-check",
-    "OCSP No Check Extension",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "archive-cutoff",
-    "OCSP Archive Cutoff Extension",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x06", 9 }
-  },
-  {
-#ifdef DEBUG
-    "service-locator",
-    "OCSP Service Locator Extension",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x01\x07", 9 }
-  },
-  {
-#ifdef DEBUG
-    "id-ad-caIssuers",
-    "Certificate Authority Issuers",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x05\x05\x07\x30\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "snmpv2",
-    "Internet: SNMPv2",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x06", 4 }
-  },
-  {
-#ifdef DEBUG
-    "mail",
-    "Internet: mail",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x07", 4 }
-  },
-  {
-#ifdef DEBUG
-    "mime-mhs",
-    "Internet: mail MIME mhs",
-#endif /* DEBUG */
-    { "\x2b\x06\x01\x07\x01", 5 }
-  },
-  {
-#ifdef DEBUG
-    "ecma",
-    "European Computers Manufacturing Association",
-#endif /* DEBUG */
-    { "\x2b\x0c", 2 }
-  },
-  {
-#ifdef DEBUG
-    "oiw",
-    "Open Systems Implementors Workshop",
-#endif /* DEBUG */
-    { "\x2b\x0e", 2 }
-  },
-  {
-#ifdef DEBUG
-    "secsig",
-    "Open Systems Implementors Workshop Security Special Interest Group",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03", 3 }
-  },
-  {
-#ifdef DEBUG
-    "oIWSECSIGAlgorithmObjectIdentifiers",
-    "OIW SECSIG Algorithm OIDs",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x01", 4 }
-  },
-  {
-#ifdef DEBUG
-    "algorithm",
-    "OIW SECSIG Algorithm",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02", 4 }
-  },
-  {
-#ifdef DEBUG
-    "desecb",
-    "DES-ECB",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x06", 5 }
-  },
-  {
-#ifdef DEBUG
-    "descbc",
-    "DES-CBC",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x07", 5 }
-  },
-  {
-#ifdef DEBUG
-    "desofb",
-    "DES-OFB",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x08", 5 }
-  },
-  {
-#ifdef DEBUG
-    "descfb",
-    "DES-CFB",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x09", 5 }
-  },
-  {
-#ifdef DEBUG
-    "desmac",
-    "DES-MAC",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x0a", 5 }
-  },
-  {
-#ifdef DEBUG
-    "isoSHAWithRSASignature",
-    "ISO SHA with RSA Signature",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x0f", 5 }
-  },
-  {
-#ifdef DEBUG
-    "desede",
-    "DES-EDE",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x11", 5 }
-  },
-  {
-#ifdef DEBUG
-    "sha1",
-    "SHA-1",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x1a", 5 }
-  },
-  {
-#ifdef DEBUG
-    "bogusDSASignatureWithSHA1Digest",
-    "Forgezza DSA Signature with SHA-1 Digest",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x02\x1b", 5 }
-  },
-  {
-#ifdef DEBUG
-    "authentication-mechanism",
-    "OIW SECSIG Authentication Mechanisms",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x03", 4 }
-  },
-  {
-#ifdef DEBUG
-    "security-attribute",
-    "OIW SECSIG Security Attributes",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x04", 4 }
-  },
-  {
-#ifdef DEBUG
-    "document-definition",
-    "OIW SECSIG Document Definitions used in security",
-#endif /* DEBUG */
-    { "\x2b\x0e\x03\x05", 4 }
-  },
-  {
-#ifdef DEBUG
-    "directory-services-sig",
-    "OIW directory services sig",
-#endif /* DEBUG */
-    { "\x2b\x0e\x07", 3 }
-  },
-  {
-#ifdef DEBUG
-    "ewos",
-    "European Workshop on Open Systems",
-#endif /* DEBUG */
-    { "\x2b\x10", 2 }
-  },
-  {
-#ifdef DEBUG
-    "osf",
-    "Open Software Foundation",
-#endif /* DEBUG */
-    { "\x2b\x16", 2 }
-  },
-  {
-#ifdef DEBUG
-    "nordunet",
-    "Nordunet",
-#endif /* DEBUG */
-    { "\x2b\x17", 2 }
-  },
-  {
-#ifdef DEBUG
-    "nato-id-org",
-    "NATO identified organisation",
-#endif /* DEBUG */
-    { "\x2b\x1a", 2 }
-  },
-  {
-#ifdef DEBUG
-    "teletrust",
-    "Teletrust",
-#endif /* DEBUG */
-    { "\x2b\x24", 2 }
-  },
-  {
-#ifdef DEBUG
-    "smpte",
-    "Society of Motion Picture and Television Engineers",
-#endif /* DEBUG */
-    { "\x2b\x34", 2 }
-  },
-  {
-#ifdef DEBUG
-    "sita",
-    "Societe Internationale de Telecommunications Aeronautiques",
-#endif /* DEBUG */
-    { "\x2b\x45", 2 }
-  },
-  {
-#ifdef DEBUG
-    "iana",
-    "Internet Assigned Numbers Authority",
-#endif /* DEBUG */
-    { "\x2b\x5a", 2 }
-  },
-  {
-#ifdef DEBUG
-    "thawte",
-    "Thawte",
-#endif /* DEBUG */
-    { "\x2b\x65", 2 }
-  },
-  {
-#ifdef DEBUG
-    "joint-iso-ccitt",
-    "Joint ISO/ITU-T assignment",
-#endif /* DEBUG */
-    { "\x80\x02", 2 }
-  },
-  {
-#ifdef DEBUG
-    "presentation",
-    "Joint ISO/ITU-T Presentation",
-#endif /* DEBUG */
-    { "\x50", 1 }
-  },
-  {
-#ifdef DEBUG
-    "asn-1",
-    "Abstract Syntax Notation One",
-#endif /* DEBUG */
-    { "\x51", 1 }
-  },
-  {
-#ifdef DEBUG
-    "acse",
-    "Association Control",
-#endif /* DEBUG */
-    { "\x52", 1 }
-  },
-  {
-#ifdef DEBUG
-    "rtse",
-    "Reliable Transfer",
-#endif /* DEBUG */
-    { "\x53", 1 }
-  },
-  {
-#ifdef DEBUG
-    "rose",
-    "Remote Operations",
-#endif /* DEBUG */
-    { "\x54", 1 }
-  },
-  {
-#ifdef DEBUG
-    "x500",
-    "Directory",
-#endif /* DEBUG */
-    { "\x55", 1 }
-  },
-  {
-#ifdef DEBUG
-    "modules",
-    "X.500 modules",
-#endif /* DEBUG */
-    { "\x55\x01", 2 }
-  },
-  {
-#ifdef DEBUG
-    "service-environment",
-    "X.500 service environment",
-#endif /* DEBUG */
-    { "\x55\x02", 2 }
-  },
-  {
-#ifdef DEBUG
-    "application-context",
-    "X.500 application context",
-#endif /* DEBUG */
-    { "\x55\x03", 2 }
-  },
-  {
-#ifdef DEBUG
-    "id-at",
-    "X.520 attribute types",
-#endif /* DEBUG */
-    { "\x55\x04", 2 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-commonName",
-    "X.520 Common Name",
-#endif /* DEBUG */
-    { "\x55\x04\x03", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-surname",
-    "X.520 Surname",
-#endif /* DEBUG */
-    { "\x55\x04\x04", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-countryName",
-    "X.520 Country Name",
-#endif /* DEBUG */
-    { "\x55\x04\x06", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-localityName",
-    "X.520 Locality Name",
-#endif /* DEBUG */
-    { "\x55\x04\x07", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-stateOrProvinceName",
-    "X.520 State or Province Name",
-#endif /* DEBUG */
-    { "\x55\x04\x08", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-organizationName",
-    "X.520 Organization Name",
-#endif /* DEBUG */
-    { "\x55\x04\x0a", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-organizationalUnitName",
-    "X.520 Organizational Unit Name",
-#endif /* DEBUG */
-    { "\x55\x04\x0b", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-title",
-    "X.520 Title",
-#endif /* DEBUG */
-    { "\x55\x04\x0c", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-name",
-    "X.520 Name",
-#endif /* DEBUG */
-    { "\x55\x04\x29", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-givenName",
-    "X.520 Given Name",
-#endif /* DEBUG */
-    { "\x55\x04\x2a", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-initials",
-    "X.520 Initials",
-#endif /* DEBUG */
-    { "\x55\x04\x2b", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-generationQualifier",
-    "X.520 Generation Qualifier",
-#endif /* DEBUG */
-    { "\x55\x04\x2c", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-at-dnQualifier",
-    "X.520 DN Qualifier",
-#endif /* DEBUG */
-    { "\x55\x04\x2e", 3 }
-  },
-  {
-#ifdef DEBUG
-    "attribute-syntax",
-    "X.500 attribute syntaxes",
-#endif /* DEBUG */
-    { "\x55\x05", 2 }
-  },
-  {
-#ifdef DEBUG
-    "object-classes",
-    "X.500 standard object classes",
-#endif /* DEBUG */
-    { "\x55\x06", 2 }
-  },
-  {
-#ifdef DEBUG
-    "attribute-set",
-    "X.500 attribute sets",
-#endif /* DEBUG */
-    { "\x55\x07", 2 }
-  },
-  {
-#ifdef DEBUG
-    "algorithms",
-    "X.500-defined algorithms",
-#endif /* DEBUG */
-    { "\x55\x08", 2 }
-  },
-  {
-#ifdef DEBUG
-    "encryption",
-    "X.500-defined encryption algorithms",
-#endif /* DEBUG */
-    { "\x55\x08\x01", 3 }
-  },
-  {
-#ifdef DEBUG
-    "rsa",
-    "RSA Encryption Algorithm",
-#endif /* DEBUG */
-    { "\x55\x08\x01\x01", 4 }
-  },
-  {
-#ifdef DEBUG
-    "abstract-syntax",
-    "X.500 abstract syntaxes",
-#endif /* DEBUG */
-    { "\x55\x09", 2 }
-  },
-  {
-#ifdef DEBUG
-    "operational-attribute",
-    "DSA Operational Attributes",
-#endif /* DEBUG */
-    { "\x55\x0c", 2 }
-  },
-  {
-#ifdef DEBUG
-    "matching-rule",
-    "Matching Rule",
-#endif /* DEBUG */
-    { "\x55\x0d", 2 }
-  },
-  {
-#ifdef DEBUG
-    "knowledge-matching-rule",
-    "X.500 knowledge Matching Rules",
-#endif /* DEBUG */
-    { "\x55\x0e", 2 }
-  },
-  {
-#ifdef DEBUG
-    "name-form",
-    "X.500 name forms",
-#endif /* DEBUG */
-    { "\x55\x0f", 2 }
-  },
-  {
-#ifdef DEBUG
-    "group",
-    "X.500 groups",
-#endif /* DEBUG */
-    { "\x55\x10", 2 }
-  },
-  {
-#ifdef DEBUG
-    "subentry",
-    "X.500 subentry",
-#endif /* DEBUG */
-    { "\x55\x11", 2 }
-  },
-  {
-#ifdef DEBUG
-    "operational-attribute-type",
-    "X.500 operational attribute type",
-#endif /* DEBUG */
-    { "\x55\x12", 2 }
-  },
-  {
-#ifdef DEBUG
-    "operational-binding",
-    "X.500 operational binding",
-#endif /* DEBUG */
-    { "\x55\x13", 2 }
-  },
-  {
-#ifdef DEBUG
-    "schema-object-class",
-    "X.500 schema Object class",
-#endif /* DEBUG */
-    { "\x55\x14", 2 }
-  },
-  {
-#ifdef DEBUG
-    "schema-operational-attribute",
-    "X.500 schema operational attributes",
-#endif /* DEBUG */
-    { "\x55\x15", 2 }
-  },
-  {
-#ifdef DEBUG
-    "administrative-role",
-    "X.500 administrative roles",
-#endif /* DEBUG */
-    { "\x55\x17", 2 }
-  },
-  {
-#ifdef DEBUG
-    "access-control-attribute",
-    "X.500 access control attribute",
-#endif /* DEBUG */
-    { "\x55\x18", 2 }
-  },
-  {
-#ifdef DEBUG
-    "ros",
-    "X.500 ros object",
-#endif /* DEBUG */
-    { "\x55\x19", 2 }
-  },
-  {
-#ifdef DEBUG
-    "contract",
-    "X.500 contract",
-#endif /* DEBUG */
-    { "\x55\x1a", 2 }
-  },
-  {
-#ifdef DEBUG
-    "package",
-    "X.500 package",
-#endif /* DEBUG */
-    { "\x55\x1b", 2 }
-  },
-  {
-#ifdef DEBUG
-    "access-control-schema",
-    "X.500 access control schema",
-#endif /* DEBUG */
-    { "\x55\x1c", 2 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce",
-    "X.500 Certificate Extension",
-#endif /* DEBUG */
-    { "\x55\x1d", 2 }
-  },
-  {
-#ifdef DEBUG
-    "subject-directory-attributes",
-    "Certificate Subject Directory Attributes",
-#endif /* DEBUG */
-    { "\x55\x1d\x05", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-subjectDirectoryAttributes",
-    "Certificate Subject Directory Attributes",
-#endif /* DEBUG */
-    { "\x55\x1d\x09", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-subjectKeyIdentifier",
-    "Certificate Subject Key ID",
-#endif /* DEBUG */
-    { "\x55\x1d\x0e", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-keyUsage",
-    "Certificate Key Usage",
-#endif /* DEBUG */
-    { "\x55\x1d\x0f", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-privateKeyUsagePeriod",
-    "Certificate Private Key Usage Period",
-#endif /* DEBUG */
-    { "\x55\x1d\x10", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-subjectAltName",
-    "Certificate Subject Alternate Name",
-#endif /* DEBUG */
-    { "\x55\x1d\x11", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-issuerAltName",
-    "Certificate Issuer Alternate Name",
-#endif /* DEBUG */
-    { "\x55\x1d\x12", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-basicConstraints",
-    "Certificate Basic Constraints",
-#endif /* DEBUG */
-    { "\x55\x1d\x13", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-cRLNumber",
-    "CRL Number",
-#endif /* DEBUG */
-    { "\x55\x1d\x14", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-cRLReasons",
-    "CRL Reason Code",
-#endif /* DEBUG */
-    { "\x55\x1d\x15", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-holdInstructionCode",
-    "Hold Instruction Code",
-#endif /* DEBUG */
-    { "\x55\x1d\x17", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-invalidityDate",
-    "Invalid Date",
-#endif /* DEBUG */
-    { "\x55\x1d\x18", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-deltaCRLIndicator",
-    "Delta CRL Indicator",
-#endif /* DEBUG */
-    { "\x55\x1d\x1b", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-issuingDistributionPoint",
-    "Issuing Distribution Point",
-#endif /* DEBUG */
-    { "\x55\x1d\x1c", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-certificateIssuer",
-    "Certificate Issuer",
-#endif /* DEBUG */
-    { "\x55\x1d\x1d", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-nameConstraints",
-    "Certificate Name Constraints",
-#endif /* DEBUG */
-    { "\x55\x1d\x1e", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-cRLDistributionPoints",
-    "CRL Distribution Points",
-#endif /* DEBUG */
-    { "\x55\x1d\x1f", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-certificatePolicies",
-    "Certificate Policies",
-#endif /* DEBUG */
-    { "\x55\x1d\x20", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-policyMappings",
-    "Certificate Policy Mappings",
-#endif /* DEBUG */
-    { "\x55\x1d\x21", 3 }
-  },
-  {
-#ifdef DEBUG
-    "policy-constraints",
-    "Certificate Policy Constraints (old)",
-#endif /* DEBUG */
-    { "\x55\x1d\x22", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-authorityKeyIdentifier",
-    "Certificate Authority Key Identifier",
-#endif /* DEBUG */
-    { "\x55\x1d\x23", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-policyConstraints",
-    "Certificate Policy Constraints",
-#endif /* DEBUG */
-    { "\x55\x1d\x24", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-ce-extKeyUsage",
-    "Extended Key Usage",
-#endif /* DEBUG */
-    { "\x55\x1d\x25", 3 }
-  },
-  {
-#ifdef DEBUG
-    "id-mgt",
-    "X.500 Management Object",
-#endif /* DEBUG */
-    { "\x55\x1e", 2 }
-  },
-  {
-#ifdef DEBUG
-    "x400",
-    "X.400 MHS",
-#endif /* DEBUG */
-    { "\x56", 1 }
-  },
-  {
-#ifdef DEBUG
-    "ccr",
-    "Committment, Concurrency and Recovery",
-#endif /* DEBUG */
-    { "\x57", 1 }
-  },
-  {
-#ifdef DEBUG
-    "oda",
-    "Office Document Architecture",
-#endif /* DEBUG */
-    { "\x58", 1 }
-  },
-  {
-#ifdef DEBUG
-    "osi-management",
-    "OSI management",
-#endif /* DEBUG */
-    { "\x59", 1 }
-  },
-  {
-#ifdef DEBUG
-    "tp",
-    "Transaction Processing",
-#endif /* DEBUG */
-    { "\x5a", 1 }
-  },
-  {
-#ifdef DEBUG
-    "dor",
-    "Distinguished Object Reference",
-#endif /* DEBUG */
-    { "\x5b", 1 }
-  },
-  {
-#ifdef DEBUG
-    "rdt",
-    "Referenced Data Transfer",
-#endif /* DEBUG */
-    { "\x5c", 1 }
-  },
-  {
-#ifdef DEBUG
-    "nlm",
-    "Network Layer Management",
-#endif /* DEBUG */
-    { "\x5d", 1 }
-  },
-  {
-#ifdef DEBUG
-    "tlm",
-    "Transport Layer Management",
-#endif /* DEBUG */
-    { "\x5e", 1 }
-  },
-  {
-#ifdef DEBUG
-    "llm",
-    "Link Layer Management",
-#endif /* DEBUG */
-    { "\x5f", 1 }
-  },
-  {
-#ifdef DEBUG
-    "country",
-    "Country Assignments",
-#endif /* DEBUG */
-    { "\x60", 1 }
-  },
-  {
-#ifdef DEBUG
-    "canada",
-    "Canada",
-#endif /* DEBUG */
-    { "\x60\x7c", 2 }
-  },
-  {
-#ifdef DEBUG
-    "taiwan",
-    "Taiwan",
-#endif /* DEBUG */
-    { "\x60\x81\x1e", 3 }
-  },
-  {
-#ifdef DEBUG
-    "norway",
-    "Norway",
-#endif /* DEBUG */
-    { "\x60\x84\x42", 3 }
-  },
-  {
-#ifdef DEBUG
-    "switzerland",
-    "Switzerland",
-#endif /* DEBUG */
-    { "\x60\x85\x74", 3 }
-  },
-  {
-#ifdef DEBUG
-    "us",
-    "United States",
-#endif /* DEBUG */
-    { "\x60\x86\x48", 3 }
-  },
-  {
-#ifdef DEBUG
-    "us-company",
-    "United States Company",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01", 4 }
-  },
-  {
-#ifdef DEBUG
-    "us-government",
-    "United States Government (1.101)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65", 5 }
-  },
-  {
-#ifdef DEBUG
-    "us-dod",
-    "United States Department of Defense",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02", 6 }
-  },
-  {
-#ifdef DEBUG
-    "id-infosec",
-    "US DOD Infosec",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "id-modules",
-    "US DOD Infosec modules",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x00", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-algorithms",
-    "US DOD Infosec algorithms (MISSI)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "old-dss",
-    "MISSI DSS Algorithm (Old)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "skipjack-cbc-64",
-    "Skipjack CBC64",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "kea",
-    "MISSI KEA Algorithm",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x0a", 9 }
-  },
-  {
-#ifdef DEBUG
-    "old-kea-dss",
-    "MISSI KEA and DSS Algorithm (Old)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x0c", 9 }
-  },
-  {
-#ifdef DEBUG
-    "dss",
-    "MISSI DSS Algorithm",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x13", 9 }
-  },
-  {
-#ifdef DEBUG
-    "kea-dss",
-    "MISSI KEA and DSS Algorithm",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x14", 9 }
-  },
-  {
-#ifdef DEBUG
-    "alt-kea",
-    "MISSI Alternate KEA Algorithm",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x01\x16", 9 }
-  },
-  {
-#ifdef DEBUG
-    "id-formats",
-    "US DOD Infosec formats",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-policy",
-    "US DOD Infosec policy",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x03", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-object-classes",
-    "US DOD Infosec object classes",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x04", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-attributes",
-    "US DOD Infosec attributes",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x05", 8 }
-  },
-  {
-#ifdef DEBUG
-    "id-attribute-syntax",
-    "US DOD Infosec attribute syntax",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x65\x02\x01\x06", 8 }
-  },
-  {
-#ifdef DEBUG
-    "netscape",
-    "Netscape Communications Corp.",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42", 7 }
-  },
-  {
-#ifdef DEBUG
-    "cert-ext",
-    "Netscape Cert Extensions",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "cert-type",
-    "Certificate Type",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "base-url",
-    "Certificate Extension Base URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "revocation-url",
-    "Certificate Revocation URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "ca-revocation-url",
-    "Certificate Authority Revocation URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "ca-crl-download-url",
-    "Certificate Authority CRL Download URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "ca-cert-url",
-    "Certificate Authority Certificate Download URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x06", 9 }
-  },
-  {
-#ifdef DEBUG
-    "renewal-url",
-    "Certificate Renewal URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x07", 9 }
-  },
-  {
-#ifdef DEBUG
-    "ca-policy-url",
-    "Certificate Authority Policy URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x08", 9 }
-  },
-  {
-#ifdef DEBUG
-    "homepage-url",
-    "Certificate Homepage URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x09", 9 }
-  },
-  {
-#ifdef DEBUG
-    "entity-logo",
-    "Certificate Entity Logo",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0a", 9 }
-  },
-  {
-#ifdef DEBUG
-    "user-picture",
-    "Certificate User Picture",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0b", 9 }
-  },
-  {
-#ifdef DEBUG
-    "ssl-server-name",
-    "Certificate SSL Server Name",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0c", 9 }
-  },
-  {
-#ifdef DEBUG
-    "comment",
-    "Certificate Comment",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0d", 9 }
-  },
-  {
-#ifdef DEBUG
-    "thayes",
-    "",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x01\x0e", 9 }
-  },
-  {
-#ifdef DEBUG
-    "data-type",
-    "Netscape Data Types",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x02", 8 }
-  },
-  {
-#ifdef DEBUG
-    "gif",
-    "image/gif",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x02\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "jpeg",
-    "image/jpeg",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x02\x02", 9 }
-  },
-  {
-#ifdef DEBUG
-    "url",
-    "URL",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x02\x03", 9 }
-  },
-  {
-#ifdef DEBUG
-    "html",
-    "text/html",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x02\x04", 9 }
-  },
-  {
-#ifdef DEBUG
-    "cert-sequence",
-    "Certificate Sequence",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x02\x05", 9 }
-  },
-  {
-#ifdef DEBUG
-    "directory",
-    "Netscape Directory",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x03", 8 }
-  },
-  {
-#ifdef DEBUG
-    "policy",
-    "Netscape Policy Type OIDs",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x04", 8 }
-  },
-  {
-#ifdef DEBUG
-    "export-approved",
-    "Strong Crypto Export Approved",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x04\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "cert-server",
-    "Netscape Certificate Server",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x05", 8 }
-  },
-  {
-#ifdef DEBUG
-    "",
-    "",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x05\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "recovery-request",
-    "Netscape Cert Server Recovery Request",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x05\x01\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "algs",
-    "Netscape algorithm OIDs",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x06", 8 }
-  },
-  {
-#ifdef DEBUG
-    "smime-kea",
-    "Netscape S/MIME KEA",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x06\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "name-components",
-    "Netscape Name Components",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x07", 8 }
-  },
-  {
-#ifdef DEBUG
-    "nickname",
-    "Netscape Nickname",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x42\x07\x01", 9 }
-  },
-  {
-#ifdef DEBUG
-    "verisign",
-    "Verisign",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x45", 7 }
-  },
-  {
-#ifdef DEBUG
-    "",
-    "",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x45\x01", 8 }
-  },
-  {
-#ifdef DEBUG
-    "",
-    "",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x45\x01\x07", 9 }
-  },
-  {
-#ifdef DEBUG
-    "",
-    "",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x45\x01\x07\x01", 10 }
-  },
-  {
-#ifdef DEBUG
-    "verisign-user-notices",
-    "Verisign User Notices",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x01\x86\xf8\x45\x01\x07\x01\x01", 11 }
-  },
-  {
-#ifdef DEBUG
-    "us-government",
-    "US Government (101)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x65", 4 }
-  },
-  {
-#ifdef DEBUG
-    "us-government2",
-    "US Government (102)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\x66", 4 }
-  },
-  {
-#ifdef DEBUG
-    "old-netscape",
-    "Netscape Communications Corp. (Old)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a", 5 }
-  },
-  {
-#ifdef DEBUG
-    "ns-cert-ext",
-    "Netscape Cert Extensions (Old NS)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a\x01", 6 }
-  },
-  {
-#ifdef DEBUG
-    "netscape-ok",
-    "Netscape says this cert is ok (Old NS)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a\x01\x01", 7 }
-  },
-  {
-#ifdef DEBUG
-    "issuer-logo",
-    "Certificate Issuer Logo (Old NS)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a\x01\x02", 7 }
-  },
-  {
-#ifdef DEBUG
-    "subject-logo",
-    "Certificate Subject Logo (Old NS)",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a\x01\x03", 7 }
-  },
-  {
-#ifdef DEBUG
-    "ns-file-type",
-    "Netscape File Type",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a\x02", 6 }
-  },
-  {
-#ifdef DEBUG
-    "ns-image-type",
-    "Netscape Image Type",
-#endif /* DEBUG */
-    { "\x60\x86\x48\xd8\x6a\x03", 6 }
-  },
-  {
-#ifdef DEBUG
-    "registration-procedures",
-    "Registration procedures",
-#endif /* DEBUG */
-    { "\x61", 1 }
-  },
-  {
-#ifdef DEBUG
-    "physical-layer-management",
-    "Physical layer Management",
-#endif /* DEBUG */
-    { "\x62", 1 }
-  },
-  {
-#ifdef DEBUG
-    "mheg",
-    "MHEG",
-#endif /* DEBUG */
-    { "\x63", 1 }
-  },
-  {
-#ifdef DEBUG
-    "guls",
-    "Generic Upper Layer Security",
-#endif /* DEBUG */
-    { "\x64", 1 }
-  },
-  {
-#ifdef DEBUG
-    "tls",
-    "Transport Layer Security Protocol",
-#endif /* DEBUG */
-    { "\x65", 1 }
-  },
-  {
-#ifdef DEBUG
-    "nls",
-    "Network Layer Security Protocol",
-#endif /* DEBUG */
-    { "\x66", 1 }
-  },
-  {
-#ifdef DEBUG
-    "organization",
-    "International organizations",
-#endif /* DEBUG */
-    { "\x67", 1 }
-  }
-};
-
-const PRUint32 nss_builtin_oid_count = 379;
-
-const NSSOID *NSS_OID_RFC1274_UID = (NSSOID *)&nss_builtin_oids[11];
-const NSSOID *NSS_OID_RFC1274_EMAIL = (NSSOID *)&nss_builtin_oids[12];
-const NSSOID *NSS_OID_RFC2247_DC = (NSSOID *)&nss_builtin_oids[13];
-const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE = (NSSOID *)&nss_builtin_oids[43];
-const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = (NSSOID *)&nss_builtin_oids[44];
-const NSSOID *NSS_OID_X942_DIFFIE_HELMAN_KEY = (NSSOID *)&nss_builtin_oids[47];
-const NSSOID *NSS_OID_PKCS1_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[52];
-const NSSOID *NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[53];
-const NSSOID *NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[54];
-const NSSOID *NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[55];
-const NSSOID *NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[56];
-const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = (NSSOID *)&nss_builtin_oids[58];
-const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = (NSSOID *)&nss_builtin_oids[59];
-const NSSOID *NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = (NSSOID *)&nss_builtin_oids[60];
-const NSSOID *NSS_OID_PKCS7 = (NSSOID *)&nss_builtin_oids[61];
-const NSSOID *NSS_OID_PKCS7_DATA = (NSSOID *)&nss_builtin_oids[62];
-const NSSOID *NSS_OID_PKCS7_SIGNED_DATA = (NSSOID *)&nss_builtin_oids[63];
-const NSSOID *NSS_OID_PKCS7_ENVELOPED_DATA = (NSSOID *)&nss_builtin_oids[64];
-const NSSOID *NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA = (NSSOID *)&nss_builtin_oids[65];
-const NSSOID *NSS_OID_PKCS7_DIGESTED_DATA = (NSSOID *)&nss_builtin_oids[66];
-const NSSOID *NSS_OID_PKCS7_ENCRYPTED_DATA = (NSSOID *)&nss_builtin_oids[67];
-const NSSOID *NSS_OID_PKCS9_EMAIL_ADDRESS = (NSSOID *)&nss_builtin_oids[69];
-const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_NAME = (NSSOID *)&nss_builtin_oids[70];
-const NSSOID *NSS_OID_PKCS9_CONTENT_TYPE = (NSSOID *)&nss_builtin_oids[71];
-const NSSOID *NSS_OID_PKCS9_MESSAGE_DIGEST = (NSSOID *)&nss_builtin_oids[72];
-const NSSOID *NSS_OID_PKCS9_SIGNING_TIME = (NSSOID *)&nss_builtin_oids[73];
-const NSSOID *NSS_OID_PKCS9_COUNTER_SIGNATURE = (NSSOID *)&nss_builtin_oids[74];
-const NSSOID *NSS_OID_PKCS9_CHALLENGE_PASSWORD = (NSSOID *)&nss_builtin_oids[75];
-const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS = (NSSOID *)&nss_builtin_oids[76];
-const NSSOID *NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = (NSSOID *)&nss_builtin_oids[77];
-const NSSOID *NSS_OID_PKCS9_SMIME_CAPABILITIES = (NSSOID *)&nss_builtin_oids[78];
-const NSSOID *NSS_OID_PKCS9_FRIENDLY_NAME = (NSSOID *)&nss_builtin_oids[79];
-const NSSOID *NSS_OID_PKCS9_LOCAL_KEY_ID = (NSSOID *)&nss_builtin_oids[80];
-const NSSOID *NSS_OID_PKCS9_X509_CERT = (NSSOID *)&nss_builtin_oids[82];
-const NSSOID *NSS_OID_PKCS9_SDSI_CERT = (NSSOID *)&nss_builtin_oids[83];
-const NSSOID *NSS_OID_PKCS9_X509_CRL = (NSSOID *)&nss_builtin_oids[85];
-const NSSOID *NSS_OID_PKCS12 = (NSSOID *)&nss_builtin_oids[86];
-const NSSOID *NSS_OID_PKCS12_PBE_IDS = (NSSOID *)&nss_builtin_oids[87];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = (NSSOID *)&nss_builtin_oids[88];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = (NSSOID *)&nss_builtin_oids[89];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC = (NSSOID *)&nss_builtin_oids[90];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC = (NSSOID *)&nss_builtin_oids[91];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = (NSSOID *)&nss_builtin_oids[92];
-const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = (NSSOID *)&nss_builtin_oids[93];
-const NSSOID *NSS_OID_PKCS12_KEY_BAG = (NSSOID *)&nss_builtin_oids[120];
-const NSSOID *NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG = (NSSOID *)&nss_builtin_oids[121];
-const NSSOID *NSS_OID_PKCS12_CERT_BAG = (NSSOID *)&nss_builtin_oids[122];
-const NSSOID *NSS_OID_PKCS12_CRL_BAG = (NSSOID *)&nss_builtin_oids[123];
-const NSSOID *NSS_OID_PKCS12_SECRET_BAG = (NSSOID *)&nss_builtin_oids[124];
-const NSSOID *NSS_OID_PKCS12_SAFE_CONTENTS_BAG = (NSSOID *)&nss_builtin_oids[125];
-const NSSOID *NSS_OID_MD2 = (NSSOID *)&nss_builtin_oids[127];
-const NSSOID *NSS_OID_MD4 = (NSSOID *)&nss_builtin_oids[128];
-const NSSOID *NSS_OID_MD5 = (NSSOID *)&nss_builtin_oids[129];
-const NSSOID *NSS_OID_RC2_CBC = (NSSOID *)&nss_builtin_oids[131];
-const NSSOID *NSS_OID_RC4 = (NSSOID *)&nss_builtin_oids[132];
-const NSSOID *NSS_OID_DES_EDE3_CBC = (NSSOID *)&nss_builtin_oids[133];
-const NSSOID *NSS_OID_RC5_CBC_PAD = (NSSOID *)&nss_builtin_oids[134];
-const NSSOID *NSS_OID_X509_AUTH_INFO_ACCESS = (NSSOID *)&nss_builtin_oids[154];
-const NSSOID *NSS_OID_PKIX_CPS_POINTER_QUALIFIER = (NSSOID *)&nss_builtin_oids[156];
-const NSSOID *NSS_OID_PKIX_USER_NOTICE_QUALIFIER = (NSSOID *)&nss_builtin_oids[157];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_SERVER_AUTH = (NSSOID *)&nss_builtin_oids[159];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH = (NSSOID *)&nss_builtin_oids[160];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_CODE_SIGN = (NSSOID *)&nss_builtin_oids[161];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION = (NSSOID *)&nss_builtin_oids[162];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM = (NSSOID *)&nss_builtin_oids[163];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL = (NSSOID *)&nss_builtin_oids[164];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_USER = (NSSOID *)&nss_builtin_oids[165];
-const NSSOID *NSS_OID_EXT_KEY_USAGE_TIME_STAMP = (NSSOID *)&nss_builtin_oids[166];
-const NSSOID *NSS_OID_OCSP_RESPONDER = (NSSOID *)&nss_builtin_oids[167];
-const NSSOID *NSS_OID_PKIX_REGCTRL_REGTOKEN = (NSSOID *)&nss_builtin_oids[171];
-const NSSOID *NSS_OID_PKIX_REGCTRL_AUTHENTICATOR = (NSSOID *)&nss_builtin_oids[172];
-const NSSOID *NSS_OID_PKIX_REGCTRL_PKIPUBINFO = (NSSOID *)&nss_builtin_oids[173];
-const NSSOID *NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = (NSSOID *)&nss_builtin_oids[174];
-const NSSOID *NSS_OID_PKIX_REGCTRL_OLD_CERT_ID = (NSSOID *)&nss_builtin_oids[175];
-const NSSOID *NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = (NSSOID *)&nss_builtin_oids[176];
-const NSSOID *NSS_OID_PKIX_REGINFO_UTF8_PAIRS = (NSSOID *)&nss_builtin_oids[178];
-const NSSOID *NSS_OID_PKIX_REGINFO_CERT_REQUEST = (NSSOID *)&nss_builtin_oids[179];
-const NSSOID *NSS_OID_OID_PKIX_OCSP = (NSSOID *)&nss_builtin_oids[181];
-const NSSOID *NSS_OID_PKIX_OCSP_BASIC_RESPONSE = (NSSOID *)&nss_builtin_oids[182];
-const NSSOID *NSS_OID_PKIX_OCSP_NONCE = (NSSOID *)&nss_builtin_oids[183];
-const NSSOID *NSS_OID_PKIX_OCSP_RESPONSE = (NSSOID *)&nss_builtin_oids[184];
-const NSSOID *NSS_OID_PKIX_OCSP_CRL = (NSSOID *)&nss_builtin_oids[185];
-const NSSOID *NSS_OID_X509_OCSP_NO_CHECK = (NSSOID *)&nss_builtin_oids[186];
-const NSSOID *NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF = (NSSOID *)&nss_builtin_oids[187];
-const NSSOID *NSS_OID_PKIX_OCSP_SERVICE_LOCATOR = (NSSOID *)&nss_builtin_oids[188];
-const NSSOID *NSS_OID_DES_ECB = (NSSOID *)&nss_builtin_oids[198];
-const NSSOID *NSS_OID_DES_CBC = (NSSOID *)&nss_builtin_oids[199];
-const NSSOID *NSS_OID_DES_OFB = (NSSOID *)&nss_builtin_oids[200];
-const NSSOID *NSS_OID_DES_CFB = (NSSOID *)&nss_builtin_oids[201];
-const NSSOID *NSS_OID_DES_MAC = (NSSOID *)&nss_builtin_oids[202];
-const NSSOID *NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE = (NSSOID *)&nss_builtin_oids[203];
-const NSSOID *NSS_OID_DES_EDE = (NSSOID *)&nss_builtin_oids[204];
-const NSSOID *NSS_OID_SHA1 = (NSSOID *)&nss_builtin_oids[205];
-const NSSOID *NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = (NSSOID *)&nss_builtin_oids[206];
-const NSSOID *NSS_OID_X520_COMMON_NAME = (NSSOID *)&nss_builtin_oids[231];
-const NSSOID *NSS_OID_X520_SURNAME = (NSSOID *)&nss_builtin_oids[232];
-const NSSOID *NSS_OID_X520_COUNTRY_NAME = (NSSOID *)&nss_builtin_oids[233];
-const NSSOID *NSS_OID_X520_LOCALITY_NAME = (NSSOID *)&nss_builtin_oids[234];
-const NSSOID *NSS_OID_X520_STATE_OR_PROVINCE_NAME = (NSSOID *)&nss_builtin_oids[235];
-const NSSOID *NSS_OID_X520_ORGANIZATION_NAME = (NSSOID *)&nss_builtin_oids[236];
-const NSSOID *NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME = (NSSOID *)&nss_builtin_oids[237];
-const NSSOID *NSS_OID_X520_TITLE = (NSSOID *)&nss_builtin_oids[238];
-const NSSOID *NSS_OID_X520_NAME = (NSSOID *)&nss_builtin_oids[239];
-const NSSOID *NSS_OID_X520_GIVEN_NAME = (NSSOID *)&nss_builtin_oids[240];
-const NSSOID *NSS_OID_X520_INITIALS = (NSSOID *)&nss_builtin_oids[241];
-const NSSOID *NSS_OID_X520_GENERATION_QUALIFIER = (NSSOID *)&nss_builtin_oids[242];
-const NSSOID *NSS_OID_X520_DN_QUALIFIER = (NSSOID *)&nss_builtin_oids[243];
-const NSSOID *NSS_OID_X500_RSA_ENCRYPTION = (NSSOID *)&nss_builtin_oids[249];
-const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTR = (NSSOID *)&nss_builtin_oids[268];
-const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES = (NSSOID *)&nss_builtin_oids[269];
-const NSSOID *NSS_OID_X509_SUBJECT_KEY_ID = (NSSOID *)&nss_builtin_oids[270];
-const NSSOID *NSS_OID_X509_KEY_USAGE = (NSSOID *)&nss_builtin_oids[271];
-const NSSOID *NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD = (NSSOID *)&nss_builtin_oids[272];
-const NSSOID *NSS_OID_X509_SUBJECT_ALT_NAME = (NSSOID *)&nss_builtin_oids[273];
-const NSSOID *NSS_OID_X509_ISSUER_ALT_NAME = (NSSOID *)&nss_builtin_oids[274];
-const NSSOID *NSS_OID_X509_BASIC_CONSTRAINTS = (NSSOID *)&nss_builtin_oids[275];
-const NSSOID *NSS_OID_X509_CRL_NUMBER = (NSSOID *)&nss_builtin_oids[276];
-const NSSOID *NSS_OID_X509_REASON_CODE = (NSSOID *)&nss_builtin_oids[277];
-const NSSOID *NSS_OID_X509_HOLD_INSTRUCTION_CODE = (NSSOID *)&nss_builtin_oids[278];
-const NSSOID *NSS_OID_X509_INVALID_DATE = (NSSOID *)&nss_builtin_oids[279];
-const NSSOID *NSS_OID_X509_DELTA_CRL_INDICATOR = (NSSOID *)&nss_builtin_oids[280];
-const NSSOID *NSS_OID_X509_ISSUING_DISTRIBUTION_POINT = (NSSOID *)&nss_builtin_oids[281];
-const NSSOID *NSS_OID_X509_CERTIFICATE_ISSUER = (NSSOID *)&nss_builtin_oids[282];
-const NSSOID *NSS_OID_X509_NAME_CONSTRAINTS = (NSSOID *)&nss_builtin_oids[283];
-const NSSOID *NSS_OID_X509_CRL_DIST_POINTS = (NSSOID *)&nss_builtin_oids[284];
-const NSSOID *NSS_OID_X509_CERTIFICATE_POLICIES = (NSSOID *)&nss_builtin_oids[285];
-const NSSOID *NSS_OID_X509_POLICY_MAPPINGS = (NSSOID *)&nss_builtin_oids[286];
-const NSSOID *NSS_OID_X509_AUTH_KEY_ID = (NSSOID *)&nss_builtin_oids[288];
-const NSSOID *NSS_OID_X509_POLICY_CONSTRAINTS = (NSSOID *)&nss_builtin_oids[289];
-const NSSOID *NSS_OID_X509_EXT_KEY_USAGE = (NSSOID *)&nss_builtin_oids[290];
-const NSSOID *NSS_OID_MISSI_DSS_OLD = (NSSOID *)&nss_builtin_oids[314];
-const NSSOID *NSS_OID_FORTEZZA_SKIPJACK = (NSSOID *)&nss_builtin_oids[315];
-const NSSOID *NSS_OID_MISSI_KEA = (NSSOID *)&nss_builtin_oids[316];
-const NSSOID *NSS_OID_MISSI_KEA_DSS_OLD = (NSSOID *)&nss_builtin_oids[317];
-const NSSOID *NSS_OID_MISSI_DSS = (NSSOID *)&nss_builtin_oids[318];
-const NSSOID *NSS_OID_MISSI_KEA_DSS = (NSSOID *)&nss_builtin_oids[319];
-const NSSOID *NSS_OID_MISSI_ALT_KEY = (NSSOID *)&nss_builtin_oids[320];
-const NSSOID *NSS_OID_NS_CERT_EXT_CERT_TYPE = (NSSOID *)&nss_builtin_oids[328];
-const NSSOID *NSS_OID_NS_CERT_EXT_BASE_URL = (NSSOID *)&nss_builtin_oids[329];
-const NSSOID *NSS_OID_NS_CERT_EXT_REVOCATION_URL = (NSSOID *)&nss_builtin_oids[330];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL = (NSSOID *)&nss_builtin_oids[331];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_CRL_URL = (NSSOID *)&nss_builtin_oids[332];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_CERT_URL = (NSSOID *)&nss_builtin_oids[333];
-const NSSOID *NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL = (NSSOID *)&nss_builtin_oids[334];
-const NSSOID *NSS_OID_NS_CERT_EXT_CA_POLICY_URL = (NSSOID *)&nss_builtin_oids[335];
-const NSSOID *NSS_OID_NS_CERT_EXT_HOMEPAGE_URL = (NSSOID *)&nss_builtin_oids[336];
-const NSSOID *NSS_OID_NS_CERT_EXT_ENTITY_LOGO = (NSSOID *)&nss_builtin_oids[337];
-const NSSOID *NSS_OID_NS_CERT_EXT_USER_PICTURE = (NSSOID *)&nss_builtin_oids[338];
-const NSSOID *NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME = (NSSOID *)&nss_builtin_oids[339];
-const NSSOID *NSS_OID_NS_CERT_EXT_COMMENT = (NSSOID *)&nss_builtin_oids[340];
-const NSSOID *NSS_OID_NS_CERT_EXT_THAYES = (NSSOID *)&nss_builtin_oids[341];
-const NSSOID *NSS_OID_NS_TYPE_GIF = (NSSOID *)&nss_builtin_oids[343];
-const NSSOID *NSS_OID_NS_TYPE_JPEG = (NSSOID *)&nss_builtin_oids[344];
-const NSSOID *NSS_OID_NS_TYPE_URL = (NSSOID *)&nss_builtin_oids[345];
-const NSSOID *NSS_OID_NS_TYPE_HTML = (NSSOID *)&nss_builtin_oids[346];
-const NSSOID *NSS_OID_NS_TYPE_CERT_SEQUENCE = (NSSOID *)&nss_builtin_oids[347];
-const NSSOID *NSS_OID_NS_KEY_USAGE_GOVT_APPROVED = (NSSOID *)&nss_builtin_oids[350];
-const NSSOID *NSS_OID_NETSCAPE_RECOVERY_REQUEST = (NSSOID *)&nss_builtin_oids[353];
-const NSSOID *NSS_OID_NETSCAPE_SMIME_KEA = (NSSOID *)&nss_builtin_oids[355];
-const NSSOID *NSS_OID_NETSCAPE_NICKNAME = (NSSOID *)&nss_builtin_oids[357];
-const NSSOID *NSS_OID_VERISIGN_USER_NOTICES = (NSSOID *)&nss_builtin_oids[362];
-const NSSOID *NSS_OID_NS_CERT_EXT_NETSCAPE_OK = (NSSOID *)&nss_builtin_oids[367];
-const NSSOID *NSS_OID_NS_CERT_EXT_ISSUER_LOGO = (NSSOID *)&nss_builtin_oids[368];
-const NSSOID *NSS_OID_NS_CERT_EXT_SUBJECT_LOGO = (NSSOID *)&nss_builtin_oids[369];
-
-const nssAttributeTypeAliasTable nss_attribute_type_aliases[] = {
-  {
-    "uid",
-    &NSS_OID_RFC1274_UID
-  },
-  {
-    "mail",
-    &NSS_OID_RFC1274_EMAIL
-  },
-  {
-    "dc",
-    &NSS_OID_RFC2247_DC
-  },
-  {
-    "cn",
-    &NSS_OID_X520_COMMON_NAME
-  },
-  {
-    "sn",
-    &NSS_OID_X520_SURNAME
-  },
-  {
-    "c",
-    &NSS_OID_X520_COUNTRY_NAME
-  },
-  {
-    "l",
-    &NSS_OID_X520_LOCALITY_NAME
-  },
-  {
-    "s",
-    &NSS_OID_X520_STATE_OR_PROVINCE_NAME
-  },
-  {
-    "o",
-    &NSS_OID_X520_ORGANIZATION_NAME
-  },
-  {
-    "ou",
-    &NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME
-  },
-  {
-    "title",
-    &NSS_OID_X520_TITLE
-  },
-  {
-    "name",
-    &NSS_OID_X520_NAME
-  },
-  {
-    "givenName",
-    &NSS_OID_X520_GIVEN_NAME
-  },
-  {
-    "initials",
-    &NSS_OID_X520_INITIALS
-  },
-  {
-    "generationQualifier",
-    &NSS_OID_X520_GENERATION_QUALIFIER
-  },
-  {
-    "dnQualifier",
-    &NSS_OID_X520_DN_QUALIFIER
-  }
-};
-
-const PRUint32 nss_attribute_type_alias_count = 16;
-
diff --git a/security/nss/lib/pki1/oiddata.h b/security/nss/lib/pki1/oiddata.h
deleted file mode 100644
index d51c37517..000000000
--- a/security/nss/lib/pki1/oiddata.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef OIDDATA_H
-#define OIDDATA_H
-
-#ifdef DEBUG
-static const char OIDDATA_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-extern const NSSOID nss_builtin_oids[];
-extern const PRUint32 nss_builtin_oid_count;
-
-/*extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];*/
-/*extern const PRUint32 nss_attribute_type_alias_count;*/
-
-extern const NSSOID *NSS_OID_RFC1274_UID;
-extern const NSSOID *NSS_OID_RFC1274_EMAIL;
-extern const NSSOID *NSS_OID_RFC2247_DC;
-extern const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE;
-extern const NSSOID *NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-extern const NSSOID *NSS_OID_X942_DIFFIE_HELMAN_KEY;
-extern const NSSOID *NSS_OID_PKCS1_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS7;
-extern const NSSOID *NSS_OID_PKCS7_DATA;
-extern const NSSOID *NSS_OID_PKCS7_SIGNED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_ENVELOPED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_DIGESTED_DATA;
-extern const NSSOID *NSS_OID_PKCS7_ENCRYPTED_DATA;
-extern const NSSOID *NSS_OID_PKCS9_EMAIL_ADDRESS;
-extern const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_NAME;
-extern const NSSOID *NSS_OID_PKCS9_CONTENT_TYPE;
-extern const NSSOID *NSS_OID_PKCS9_MESSAGE_DIGEST;
-extern const NSSOID *NSS_OID_PKCS9_SIGNING_TIME;
-extern const NSSOID *NSS_OID_PKCS9_COUNTER_SIGNATURE;
-extern const NSSOID *NSS_OID_PKCS9_CHALLENGE_PASSWORD;
-extern const NSSOID *NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS;
-extern const NSSOID *NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES;
-extern const NSSOID *NSS_OID_PKCS9_SMIME_CAPABILITIES;
-extern const NSSOID *NSS_OID_PKCS9_FRIENDLY_NAME;
-extern const NSSOID *NSS_OID_PKCS9_LOCAL_KEY_ID;
-extern const NSSOID *NSS_OID_PKCS9_X509_CERT;
-extern const NSSOID *NSS_OID_PKCS9_SDSI_CERT;
-extern const NSSOID *NSS_OID_PKCS9_X509_CRL;
-extern const NSSOID *NSS_OID_PKCS12;
-extern const NSSOID *NSS_OID_PKCS12_PBE_IDS;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
-extern const NSSOID *NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
-extern const NSSOID *NSS_OID_PKCS12_KEY_BAG;
-extern const NSSOID *NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG;
-extern const NSSOID *NSS_OID_PKCS12_CERT_BAG;
-extern const NSSOID *NSS_OID_PKCS12_CRL_BAG;
-extern const NSSOID *NSS_OID_PKCS12_SECRET_BAG;
-extern const NSSOID *NSS_OID_PKCS12_SAFE_CONTENTS_BAG;
-extern const NSSOID *NSS_OID_MD2;
-extern const NSSOID *NSS_OID_MD4;
-extern const NSSOID *NSS_OID_MD5;
-extern const NSSOID *NSS_OID_RC2_CBC;
-extern const NSSOID *NSS_OID_RC4;
-extern const NSSOID *NSS_OID_DES_EDE3_CBC;
-extern const NSSOID *NSS_OID_RC5_CBC_PAD;
-extern const NSSOID *NSS_OID_X509_AUTH_INFO_ACCESS;
-extern const NSSOID *NSS_OID_PKIX_CPS_POINTER_QUALIFIER;
-extern const NSSOID *NSS_OID_PKIX_USER_NOTICE_QUALIFIER;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_SERVER_AUTH;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_CODE_SIGN;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_IPSEC_USER;
-extern const NSSOID *NSS_OID_EXT_KEY_USAGE_TIME_STAMP;
-extern const NSSOID *NSS_OID_OCSP_RESPONDER;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_REGTOKEN;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_AUTHENTICATOR;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_PKIPUBINFO;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_OLD_CERT_ID;
-extern const NSSOID *NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY;
-extern const NSSOID *NSS_OID_PKIX_REGINFO_UTF8_PAIRS;
-extern const NSSOID *NSS_OID_PKIX_REGINFO_CERT_REQUEST;
-extern const NSSOID *NSS_OID_OID_PKIX_OCSP;
-extern const NSSOID *NSS_OID_PKIX_OCSP_BASIC_RESPONSE;
-extern const NSSOID *NSS_OID_PKIX_OCSP_NONCE;
-extern const NSSOID *NSS_OID_PKIX_OCSP_RESPONSE;
-extern const NSSOID *NSS_OID_PKIX_OCSP_CRL;
-extern const NSSOID *NSS_OID_X509_OCSP_NO_CHECK;
-extern const NSSOID *NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF;
-extern const NSSOID *NSS_OID_PKIX_OCSP_SERVICE_LOCATOR;
-extern const NSSOID *NSS_OID_DES_ECB;
-extern const NSSOID *NSS_OID_DES_CBC;
-extern const NSSOID *NSS_OID_DES_OFB;
-extern const NSSOID *NSS_OID_DES_CFB;
-extern const NSSOID *NSS_OID_DES_MAC;
-extern const NSSOID *NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE;
-extern const NSSOID *NSS_OID_DES_EDE;
-extern const NSSOID *NSS_OID_SHA1;
-extern const NSSOID *NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-extern const NSSOID *NSS_OID_X520_COMMON_NAME;
-extern const NSSOID *NSS_OID_X520_SURNAME;
-extern const NSSOID *NSS_OID_X520_COUNTRY_NAME;
-extern const NSSOID *NSS_OID_X520_LOCALITY_NAME;
-extern const NSSOID *NSS_OID_X520_STATE_OR_PROVINCE_NAME;
-extern const NSSOID *NSS_OID_X520_ORGANIZATION_NAME;
-extern const NSSOID *NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME;
-extern const NSSOID *NSS_OID_X520_TITLE;
-extern const NSSOID *NSS_OID_X520_NAME;
-extern const NSSOID *NSS_OID_X520_GIVEN_NAME;
-extern const NSSOID *NSS_OID_X520_INITIALS;
-extern const NSSOID *NSS_OID_X520_GENERATION_QUALIFIER;
-extern const NSSOID *NSS_OID_X520_DN_QUALIFIER;
-extern const NSSOID *NSS_OID_X500_RSA_ENCRYPTION;
-extern const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTR;
-extern const NSSOID *NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES;
-extern const NSSOID *NSS_OID_X509_SUBJECT_KEY_ID;
-extern const NSSOID *NSS_OID_X509_KEY_USAGE;
-extern const NSSOID *NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD;
-extern const NSSOID *NSS_OID_X509_SUBJECT_ALT_NAME;
-extern const NSSOID *NSS_OID_X509_ISSUER_ALT_NAME;
-extern const NSSOID *NSS_OID_X509_BASIC_CONSTRAINTS;
-extern const NSSOID *NSS_OID_X509_CRL_NUMBER;
-extern const NSSOID *NSS_OID_X509_REASON_CODE;
-extern const NSSOID *NSS_OID_X509_HOLD_INSTRUCTION_CODE;
-extern const NSSOID *NSS_OID_X509_INVALID_DATE;
-extern const NSSOID *NSS_OID_X509_DELTA_CRL_INDICATOR;
-extern const NSSOID *NSS_OID_X509_ISSUING_DISTRIBUTION_POINT;
-extern const NSSOID *NSS_OID_X509_CERTIFICATE_ISSUER;
-extern const NSSOID *NSS_OID_X509_NAME_CONSTRAINTS;
-extern const NSSOID *NSS_OID_X509_CRL_DIST_POINTS;
-extern const NSSOID *NSS_OID_X509_CERTIFICATE_POLICIES;
-extern const NSSOID *NSS_OID_X509_POLICY_MAPPINGS;
-extern const NSSOID *NSS_OID_X509_AUTH_KEY_ID;
-extern const NSSOID *NSS_OID_X509_POLICY_CONSTRAINTS;
-extern const NSSOID *NSS_OID_X509_EXT_KEY_USAGE;
-extern const NSSOID *NSS_OID_MISSI_DSS_OLD;
-extern const NSSOID *NSS_OID_FORTEZZA_SKIPJACK;
-extern const NSSOID *NSS_OID_MISSI_KEA;
-extern const NSSOID *NSS_OID_MISSI_KEA_DSS_OLD;
-extern const NSSOID *NSS_OID_MISSI_DSS;
-extern const NSSOID *NSS_OID_MISSI_KEA_DSS;
-extern const NSSOID *NSS_OID_MISSI_ALT_KEY;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CERT_TYPE;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_BASE_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_REVOCATION_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_CRL_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_CERT_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_CA_POLICY_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_HOMEPAGE_URL;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_ENTITY_LOGO;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_USER_PICTURE;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_COMMENT;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_THAYES;
-extern const NSSOID *NSS_OID_NS_TYPE_GIF;
-extern const NSSOID *NSS_OID_NS_TYPE_JPEG;
-extern const NSSOID *NSS_OID_NS_TYPE_URL;
-extern const NSSOID *NSS_OID_NS_TYPE_HTML;
-extern const NSSOID *NSS_OID_NS_TYPE_CERT_SEQUENCE;
-extern const NSSOID *NSS_OID_NS_KEY_USAGE_GOVT_APPROVED;
-extern const NSSOID *NSS_OID_NETSCAPE_RECOVERY_REQUEST;
-extern const NSSOID *NSS_OID_NETSCAPE_SMIME_KEA;
-extern const NSSOID *NSS_OID_NETSCAPE_NICKNAME;
-extern const NSSOID *NSS_OID_VERISIGN_USER_NOTICES;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_NETSCAPE_OK;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_ISSUER_LOGO;
-extern const NSSOID *NSS_OID_NS_CERT_EXT_SUBJECT_LOGO;
-
-#endif /* OIDDATA_H */
diff --git a/security/nss/lib/pki1/oidgen.perl b/security/nss/lib/pki1/oidgen.perl
deleted file mode 100755
index 2d644481e..000000000
--- a/security/nss/lib/pki1/oidgen.perl
+++ /dev/null
@@ -1,313 +0,0 @@
-#!perl
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-$cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-$cfile = shift;
-$hfile = shift;
-$count = -1;
-while(<>) {
-  s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
-  next if (/^\s*$/);
-
-  /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
-  $name = $1;
-  $value = $2;
-  # This is certainly not the best way to dequote the data.
-  $value =~ s/"//g;
-
-  if( $name =~ "OID" ) {
-    $count++;
-    $x[$count]{$name} = $value;
-    $enc = encodeoid($value);
-    $x[$count]{" encoding"} = escapeoid($enc);
-    $x[$count]{" encoding length"} = length($enc);
-  } else {
-    if( $count < 0 ) {
-      $g{$name} = $value;
-    } else {
-      $x[$count]{$name} = $value;
-    }
-  }
-}
-
-# dodump();
-
-doprint($cfile,$hfile);
-
-sub dodump {
-for( $i = 0; $i <= $count; $i++ ) {
-  print "number $i:\n";
-  %y = %{$x[$i]};
-  while(($n,$v) = each(%y)) {
-    print "\t$n ==> $v\n";
-  }
-}
-}
-
-sub doprint {
-open(CFILE, "> $cfile") || die "Can't open $cfile: $!"; 
-open(HFILE, "> $hfile") || die "Can't open $hfile: $!";
-
-print CFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-const NSSOID nss_builtin_oids[] = {
-EOD
-    ;
-
-for( $i = 0; $i <= $count; $i++ ) {
-  %y = %{$x[$i]};
-  print CFILE "  {\n";
-  print CFILE "#ifdef DEBUG\n";
-  print CFILE "    \"$y{TAG}\",\n";
-  print CFILE "    \"$y{EXPL}\",\n";
-  print CFILE "#endif /* DEBUG */\n";
-  print CFILE "    { \"", $y{" encoding"};
-  print CFILE "\", ", $y{" encoding length"}, " }\n";
-
-  if( $i == $count ) {
-    print CFILE "  }\n";
-  } else {
-    print CFILE "  },\n";
-  }
-}
-
-print CFILE "};\n\n";
-
-print CFILE "const PRUint32 nss_builtin_oid_count = ", ($count+1), ";\n\n";
-
-for( $i = 0; $i <= $count; $i++ ) {
-  %y = %{$x[$i]};
-  if( defined($y{NAME}) ) {
-    print CFILE "const NSSOID *$y{NAME} = (NSSOID *)&nss_builtin_oids[$i];\n";
-  }
-}
-
-print CFILE "\n";
-
-$attrcount = -1;
-for( $i = 0; $i <= $count; $i++ ) {
-  %y = %{$x[$i]};
-  if( defined($y{ATTR}) ) {
-    if( defined($y{NAME}) ) {
-      $attrcount++;
-      $attr[$attrcount]{ATTR} = $y{ATTR};
-      $attr[$attrcount]{NAME} = $y{NAME};
-    } else {
-      warn "Attribute $y{ATTR} has no name, and will be omitted!";
-    }
-  }
-}
-
-print CFILE "const nssAttributeTypeAliasTable nss_attribute_type_aliases[] = {\n";
-
-for( $i = 0; $i <= $attrcount; $i++ ) {
-  %y = %{$attr[$i]};
-  print CFILE "  {\n";
-  print CFILE "    \"$y{ATTR}\",\n";
-  print CFILE "    &$y{NAME}\n";
-
-  if( $i == $attrcount ) {
-    print CFILE "  }\n";
-  } else {
-    print CFILE "  },\n";
-  }
-}
-
-print CFILE "};\n\n";
-
-print CFILE "const PRUint32 nss_attribute_type_alias_count = ", ($attrcount+1), ";\n\n";
-
-print HFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef OIDDATA_H
-#define OIDDATA_H
-
-#ifdef DEBUG
-static const char OIDDATA_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-extern const NSSOID nss_builtin_oids[];
-extern const PRUint32 nss_builtin_oid_count;
-
-/*extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];*/
-/*extern const PRUint32 nss_attribute_type_alias_count;*/
-
-EOD
-    ;
-
-for( $i = 0; $i <= $count; $i++ ) {
-  %y = %{$x[$i]};
-  if( defined($y{NAME}) ) {
-    print HFILE "extern const NSSOID *$y{NAME};\n";
-  }
-}
-
-print HFILE <<EOD
-
-#endif /* OIDDATA_H */
-EOD
-    ;
-
-close CFILE;
-close HFILE;
-}
-
-sub encodenum {
-    my $v = $_[0];
-    my @d;
-    my $i;
-    my $rv = "";
-
-    while( $v > 128 ) {
-        push @d, ($v % 128);
-        $v /= 128;
-    };
-    push @d, ($v%128);
-
-    for( $i = @d-1; $i > 0; $i-- ) {
-        $rv = $rv . chr(128 + $d[$i]);
-    }
-
-    $rv = $rv . chr($d[0]);
-
-    return $rv;
-}
-
-sub encodeoid {
-    my @o = split(/\./, $_[0]);
-    my $rv = "";
-    my $i;
-
-    if( @o < 2 ) {
-        # NSS's special "illegal" encoding
-        return chr(128) . encodenum($o[0]);
-    }
-
-    $rv = encodenum($o[0] * 40 + $o[1]);
-    shift @o; shift @o;
-
-    foreach $i (@o) {
-        $rv = $rv . encodenum($i);
-    }
-
-    return $rv;
-}
-
-sub escapeoid {
-  my @v = unpack("C*", $_[0]);
-  my $a;
-  my $rv = "";
-
-  foreach $a (@v) {
-    $rv = $rv . sprintf("\\x%02x", $a);
-  }
-
-  return $rv;
-}
diff --git a/security/nss/lib/pki1/oids.txt b/security/nss/lib/pki1/oids.txt
deleted file mode 100644
index df7b3ab28..000000000
--- a/security/nss/lib/pki1/oids.txt
+++ /dev/null
@@ -1,2115 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-# Fields
-#  OID  -- the OID data itself, in dotted-number format
-#  TAG  -- the unofficial but common name.  e.g., when written like
-#          { joint-iso-ccitt(2) country(16) US(840) company(1) netscape(113730) }
-#          those words ("joint-iso-ccitt," "country," etc.) are the tags.
-#  EXPL -- a textual explanation, that should stand by itself
-#  NAME -- the name we use in our code.  If no NAME is given, it won't be included
-#
-# Additionally, some sets of OIDs map to some other spaces.. 
-# additional fields capture that data:
-#
-#  CKM  -- the corresponding Cryptoki Mechanism, if any
-#  CKK  -- the corresponding Cryptoki Key type, if any
-#  ATTR -- the UTF-8 attribute type encoding, if applicable
-#          it should be in the standard presentation style (e.g., lowercase),
-#          already-escaped a la RFC 2253 if necessary (which would only
-#          be necessary if some idiot defined an attribute with, say,
-#          an equals sign in it)
-#  CERT_EXTENSION -- SUPPORTED or UNSUPPORTED certificate extension, if applicable
-
-# Top of the OID tree -- see http://www.alvestrand.no/objectid/top.html
-# 
-OID 0
-TAG ccitt               # ITU-T used to be called CCITT
-EXPL "ITU-T"
-
-# See X.208 Annex C for an explanation of the OIDs below ccitt/itu-t
-
-OID 0.0
-TAG recommendation
-EXPL "ITU-T Recommendation"
-
-OID 0.1
-TAG question
-EXPL "ITU-T Question"
-
-OID 0.2
-TAG administration
-EXPL "ITU-T Administration"
-
-OID 0.3
-TAG network-operator
-EXPL "ITU-T Network Operator"
-
-OID 0.4
-TAG identified-organization
-EXPL "ITU-T Identified Organization"
-
-OID 0.9           # used in some RFCs (unofficial!)
-TAG data
-EXPL "RFC Data"
-
-OID 0.9.2342
-TAG pss
-EXPL "PSS British Telecom X.25 Network"
-
-OID 0.9.2342.19200300
-TAG ucl
-EXPL "RFC 1274 UCL Data networks"
-
-OID 0.9.2342.19200300.100
-TAG pilot
-EXPL "RFC 1274 pilot"
-
-OID 0.9.2342.19200300.100.1
-TAG attributeType
-EXPL "RFC 1274 Attribute Type"
-
-OID 0.9.2342.19200300.100.1.1
-TAG uid
-EXPL "RFC 1274 User Id"
-NAME NSS_OID_RFC1274_UID
-ATTR "uid"
-
-OID 0.9.2342.19200300.100.1.3
-TAG mail
-EXPL "RFC 1274 E-mail Addres"
-NAME NSS_OID_RFC1274_EMAIL
-ATTR "mail" # XXX fgmr
-
-OID 0.9.2342.19200300.100.1.25
-TAG dc
-EXPL "RFC 2247 Domain Component"
-NAME NSS_OID_RFC2247_DC
-ATTR "dc"
-
-OID 0.9.2342.19200300.100.3
-TAG attributeSyntax
-EXPL "RFC 1274 Attribute Syntax"
-
-OID 0.9.2342.19200300.100.3.4
-TAG iA5StringSyntax
-EXPL "RFC 1274 IA5 String Attribute Syntax"
-
-OID 0.9.2342.19200300.100.3.5
-TAG caseIgnoreIA5StringSyntax
-EXPL "RFC 1274 Case-Ignore IA5 String Attribute Syntax"
-
-OID 0.9.2342.19200300.100.4
-TAG objectClass
-EXPL "RFC 1274 Object Class"
-
-OID 0.9.2342.19200300.100.10
-TAG groups
-EXPL "RFC 1274 Groups"
-
-OID 0.9.2342.234219200300 
-TAG ucl
-EXPL "RFC 1327 ucl"
-
-OID 1
-TAG iso
-EXPL "ISO"
-
-# See X.208 Annex B for an explanation of the OIDs below iso
-
-OID 1.0
-TAG standard
-EXPL "ISO Standard"
-
-OID 1.1
-TAG registration-authority
-EXPL "ISO Registration Authority"
-
-OID 1.2
-TAG member-body
-EXPL "ISO Member Body"
-
-OID 1.2.36
-TAG australia
-EXPL "Australia (ISO)"
-
-OID 1.2.158
-TAG taiwan
-EXPL "Taiwan (ISO)"
-
-OID 1.2.372 
-TAG ireland
-EXPL "Ireland (ISO)"
-
-OID 1.2.578 
-TAG norway
-EXPL "Norway (ISO)"
-
-OID 1.2.752 
-TAG sweden
-EXPL "Sweden (ISO)"
-
-OID 1.2.826 
-TAG great-britain
-EXPL "Great Britain (ISO)"
-
-OID 1.2.840
-TAG us
-EXPL "United States (ISO)"
-
-OID 1.2.840.1 
-TAG organization
-EXPL "US (ISO) organization"
-
-OID 1.2.840.10003
-TAG ansi-z30-50
-EXPL "ANSI Z39.50"
-
-OID 1.2.840.10008
-TAG dicom
-EXPL "DICOM"
-
-OID 1.2.840.10017
-TAG ieee-1224
-EXPL "IEEE 1224"
-
-OID 1.2.840.10022
-TAG ieee-802-10
-EXPL "IEEE 802.10"
-
-OID 1.2.840.10036
-TAG ieee-802-11
-EXPL "IEEE 802.11"
-
-OID 1.2.840.10040
-TAG x9-57
-EXPL "ANSI X9.57"
-
-# RFC 2459:
-#
-# holdInstruction OBJECT IDENTIFIER ::=
-#           {iso(1) member-body(2) us(840) x9cm(10040) 2}
-#
-# Note that the appendices of RFC 2459 define the (wrong) value
-# of 2.2.840.10040.2 for this oid.
-OID 1.2.840.10040.2
-TAG holdInstruction
-EXPL "ANSI X9.57 Hold Instruction"
-
-# RFC 2459:
-#
-# id-holdinstruction-none OBJECT IDENTIFIER  ::=
-#                 {holdInstruction 1} -- deprecated
-OID 1.2.840.10040.2.1
-TAG id-holdinstruction-none
-EXPL "ANSI X9.57 Hold Instruction: None"
-
-# RFC 2459:
-#
-# id-holdinstruction-callissuer OBJECT IDENTIFIER ::=
-#                 {holdInstruction 2}
-OID 1.2.840.10040.2.2
-TAG id-holdinstruction-callissuer
-EXPL "ANSI X9.57 Hold Instruction: Call Issuer"
-
-# RFC 2459:
-#
-# id-holdinstruction-reject OBJECT IDENTIFIER ::=
-#                 {holdInstruction 3}
-OID 1.2.840.10040.2.3
-TAG id-holdinstruction-reject
-EXPL "ANSI X9.57 Hold Instruction: Reject"
-
-OID 1.2.840.10040.4
-TAG x9algorithm
-EXPL "ANSI X9.57 Algorithm"
-
-# RFC 2459:
-#
-# id-dsa OBJECT IDENTIFIER ::= {
-#      iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
-OID 1.2.840.10040.4.1
-TAG id-dsa
-EXPL "ANSI X9.57 DSA Signature"
-NAME NSS_OID_ANSIX9_DSA_SIGNATURE
-CKM CKM_DSA
-CKK CKK_DSA
-
-# RFC 2459:
-#
-# id-dsa-with-sha1 OBJECT IDENTIFIER ::=  {
-#      iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
-OID 1.2.840.10040.4.3
-TAG id-dsa-with-sha1
-EXPL "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest"
-NAME NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST
-CKM CKM_DSA_SHA1
-
-OID 1.2.840.10046
-TAG x942
-EXPL "ANSI X9.42"
-
-OID 1.2.840.10046.2
-TAG algorithm
-EXPL "ANSI X9.42 Algorithm"
-
-# RFC 2459:
-#
-# dhpublicnumber OBJECT IDENTIFIER ::= {
-#      iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
-OID 1.2.840.10046.2.1
-TAG dhpublicnumber
-EXPL "Diffie-Hellman Public Key Algorithm"
-NAME NSS_OID_X942_DIFFIE_HELMAN_KEY
-CKM CKM_DH_PKCS_DERIVE
-CKK CKK_DH
-
-OID 1.2.840.113533
-TAG entrust
-EXPL "Entrust Technologies"
-
-OID 1.2.840.113549 
-TAG rsadsi
-EXPL "RSA Data Security Inc."
-
-OID 1.2.840.113549.1 
-# http://www.rsa.com/rsalabs/pubs/PKCS/
-TAG pkcs
-EXPL "PKCS"
-
-# RFC 2459:
-#
-# pkcs-1 OBJECT IDENTIFIER ::= {
-#      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
-OID 1.2.840.113549.1.1
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-1.asc
-TAG pkcs-1
-EXPL "PKCS #1"
-
-# RFC 2459:
-#
-# rsaEncryption OBJECT IDENTIFIER ::=  { pkcs-1 1 }
-OID 1.2.840.113549.1.1.1
-TAG rsaEncryption
-EXPL "PKCS #1 RSA Encryption"
-NAME NSS_OID_PKCS1_RSA_ENCRYPTION
-CKM CKM_RSA_PKCS
-CKK CKK_RSA
-
-# RFC 2459:
-#
-# md2WithRSAEncryption OBJECT IDENTIFIER  ::=  { pkcs-1 2 }
-OID 1.2.840.113549.1.1.2 
-TAG md2WithRSAEncryption
-EXPL "PKCS #1 MD2 With RSA Encryption"      
-NAME NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION
-CKM CKM_MD2_RSA_PKCS
-
-OID 1.2.840.113549.1.1.3 
-TAG md4WithRSAEncryption
-EXPL "PKCS #1 MD4 With RSA Encryption"      
-NAME NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION
-# No CKM!
-
-# RFC 2459:
-#
-# md5WithRSAEncryption OBJECT IDENTIFIER  ::=  { pkcs-1 4 }
-OID 1.2.840.113549.1.1.4 
-TAG md5WithRSAEncryption
-EXPL "PKCS #1 MD5 With RSA Encryption"      
-NAME NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION
-CKM CKM_MD5_RSA_PKCS
-
-# RFC 2459:
-#
-# sha1WithRSAEncryption OBJECT IDENTIFIER  ::=  { pkcs-1 5 }
-OID 1.2.840.113549.1.1.5 
-TAG sha1WithRSAEncryption
-EXPL "PKCS #1 SHA-1 With RSA Encryption"    
-NAME NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION
-CKM CKM_SHA1_RSA_PKCS
-
-OID 1.2.840.113549.1.5 
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-5.asc
-TAG pkcs-5
-EXPL "PKCS #5"
-
-OID 1.2.840.113549.1.5.1 
-TAG pbeWithMD2AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With MD2 and DES-CBC"     
-NAME NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC
-CKM CKM_PBE_MD2_DES_CBC
-
-OID 1.2.840.113549.1.5.3 
-TAG pbeWithMD5AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With MD5 and DES-CBC"     
-NAME NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC
-CKM CKM_PBE_MD5_DES_CBC
-
-OID 1.2.840.113549.1.5.10 
-TAG pbeWithSha1AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With SHA-1 and DES-CBC"   
-NAME NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_DES_CBC
-
-OID 1.2.840.113549.1.7 
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-7.asc
-TAG pkcs-7
-EXPL "PKCS #7"
-NAME NSS_OID_PKCS7
-
-OID 1.2.840.113549.1.7.1
-TAG data
-EXPL "PKCS #7 Data"
-NAME NSS_OID_PKCS7_DATA
-
-OID 1.2.840.113549.1.7.2 
-TAG signedData
-EXPL "PKCS #7 Signed Data"
-NAME NSS_OID_PKCS7_SIGNED_DATA
-
-OID 1.2.840.113549.1.7.3 
-TAG envelopedData
-EXPL "PKCS #7 Enveloped Data"
-NAME NSS_OID_PKCS7_ENVELOPED_DATA
-
-OID 1.2.840.113549.1.7.4 
-TAG signedAndEnvelopedData
-EXPL "PKCS #7 Signed and Enveloped Data"
-NAME NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA
-
-OID 1.2.840.113549.1.7.5 
-TAG digestedData
-EXPL "PKCS #7 Digested Data"
-NAME NSS_OID_PKCS7_DIGESTED_DATA
-
-OID 1.2.840.113549.1.7.6 
-TAG encryptedData
-EXPL "PKCS #7 Encrypted Data"
-NAME NSS_OID_PKCS7_ENCRYPTED_DATA
-
-# RFC 2459:
-#
-# pkcs-9 OBJECT IDENTIFIER ::=
-#        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
-OID 1.2.840.113549.1.9 
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-9.asc
-TAG pkcs-9
-EXPL "PKCS #9"
-
-# RFC 2459:
-#
-# emailAddress AttributeType      ::= { pkcs-9 1 }
-OID 1.2.840.113549.1.9.1
-TAG emailAddress
-EXPL "PKCS #9 Email Address"
-NAME NSS_OID_PKCS9_EMAIL_ADDRESS
-
-OID 1.2.840.113549.1.9.2 
-TAG unstructuredName
-EXPL "PKCS #9 Unstructured Name"
-NAME NSS_OID_PKCS9_UNSTRUCTURED_NAME
-
-OID 1.2.840.113549.1.9.3 
-TAG contentType
-EXPL "PKCS #9 Content Type"
-NAME NSS_OID_PKCS9_CONTENT_TYPE
-
-OID 1.2.840.113549.1.9.4 
-TAG messageDigest
-EXPL "PKCS #9 Message Digest"
-NAME NSS_OID_PKCS9_MESSAGE_DIGEST
-
-OID 1.2.840.113549.1.9.5 
-TAG signingTime
-EXPL "PKCS #9 Signing Time"
-NAME NSS_OID_PKCS9_SIGNING_TIME
-
-OID 1.2.840.113549.1.9.6 
-TAG counterSignature
-EXPL "PKCS #9 Counter Signature"
-NAME NSS_OID_PKCS9_COUNTER_SIGNATURE
-
-OID 1.2.840.113549.1.9.7 
-TAG challengePassword
-EXPL "PKCS #9 Challenge Password"
-NAME NSS_OID_PKCS9_CHALLENGE_PASSWORD
-
-OID 1.2.840.113549.1.9.8 
-TAG unstructuredAddress
-EXPL "PKCS #9 Unstructured Address"
-NAME NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS
-
-OID 1.2.840.113549.1.9.9 
-TAG extendedCertificateAttributes
-EXPL "PKCS #9 Extended Certificate Attributes"
-NAME NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES
-
-OID 1.2.840.113549.1.9.15 
-TAG sMIMECapabilities
-EXPL "PKCS #9 S/MIME Capabilities"
-NAME NSS_OID_PKCS9_SMIME_CAPABILITIES
-
-OID 1.2.840.113549.1.9.20
-TAG friendlyName
-EXPL "PKCS #9 Friendly Name"
-NAME NSS_OID_PKCS9_FRIENDLY_NAME
-
-OID 1.2.840.113549.1.9.21
-TAG localKeyID
-EXPL "PKCS #9 Local Key ID"
-NAME NSS_OID_PKCS9_LOCAL_KEY_ID
-
-OID 1.2.840.113549.1.9.22 
-TAG certTypes
-EXPL "PKCS #9 Certificate Types"
-
-OID 1.2.840.113549.1.9.22.1
-TAG x509Certificate
-EXPL "PKCS #9 Certificate Type = X.509"
-NAME NSS_OID_PKCS9_X509_CERT
-
-OID 1.2.840.113549.1.9.22.2
-TAG sdsiCertificate
-EXPL "PKCS #9 Certificate Type = SDSI"
-NAME NSS_OID_PKCS9_SDSI_CERT
-
-OID 1.2.840.113549.1.9.23 
-TAG crlTypes
-EXPL "PKCS #9 Certificate Revocation List Types"
-
-OID 1.2.840.113549.1.9.23.1
-TAG x509Crl
-EXPL "PKCS #9 CRL Type = X.509"
-NAME NSS_OID_PKCS9_X509_CRL
-
-OID 1.2.840.113549.1.12
-# http://www.rsa.com/rsalabs/pubs/PKCS/html/pkcs-12.html
-# NOTE -- PKCS #12                          multiple contradictory
-#         documents exist.  Somebody go figure out the canonical
-#         OID list, keeping in mind backwards-compatability..
-TAG pkcs-12
-EXPL "PKCS #12"
-NAME NSS_OID_PKCS12
-
-OID 1.2.840.113549.1.12.1 
-TAG pkcs-12PbeIds
-EXPL "PKCS #12 Password Based Encryption IDs"
-NAME NSS_OID_PKCS12_PBE_IDS
-# We called it SEC_OID_PKCS12_MODE_IDS
-
-OID 1.2.840.113549.1.12.1.1
-TAG pbeWithSHA1And128BitRC4
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.1.2
-TAG pbeWithSHA1And40BitRC4
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.1.3
-TAG pbeWithSHA1And3-KeyTripleDES-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.1.4
-TAG pbeWithSHA1And2-KeyTripleDES-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC
-CKM CKM_PBE_SHA1_DES2_EDE_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.1.5
-TAG pbeWithSHA1And128BitRC2-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.1.6
-TAG pbeWithSHA1And40BitRC2-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.2 
-TAG pkcs-12EspvkIds
-EXPL "PKCS #12 ESPVK IDs"
-# We called it SEC_OID_PKCS12_ESPVK_IDS
-
-OID 1.2.840.113549.1.12.2.1
-TAG pkcs8-key-shrouding
-EXPL "PKCS #12 Key Shrouding"
-# We called it SEC_OID_PKCS12_PKCS8_KEY_SHROUDING
-
-OID 1.2.840.113549.1.12.3 
-TAG draft1Pkcs-12Bag-ids
-EXPL "Draft 1.0 PKCS #12 Bag IDs"
-# We called it SEC_OID_PKCS12_BAG_IDS
-
-OID 1.2.840.113549.1.12.3.1
-TAG keyBag
-EXPL "Draft 1.0 PKCS #12 Key Bag"
-# We called it SEC_OID_PKCS12_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.3.2
-TAG certAndCRLBagId
-EXPL "Draft 1.0 PKCS #12 Cert and CRL Bag ID"
-# We called it SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
-
-OID 1.2.840.113549.1.12.3.3
-TAG secretBagId
-EXPL "Draft 1.0 PKCS #12 Secret Bag ID"
-# We called it SEC_OID_PKCS12_SECRET_BAG_ID
-
-OID 1.2.840.113549.1.12.3.4
-TAG safeContentsId
-EXPL "Draft 1.0 PKCS #12 Safe Contents Bag ID"
-# We called it SEC_OID_PKCS12_SAFE_CONTENTS_ID
-
-OID 1.2.840.113549.1.12.3.5
-TAG pkcs-8ShroudedKeyBagId
-EXPL "Draft 1.0 PKCS #12 PKCS #8-shrouded Key Bag ID"
-# We called it SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.4 
-TAG pkcs-12CertBagIds
-EXPL "PKCS #12 Certificate Bag IDs"
-# We called it SEC_OID_PKCS12_CERT_BAG_IDS
-
-OID 1.2.840.113549.1.12.4.1
-TAG x509CertCRLBagId
-EXPL "PKCS #12 X.509 Certificate and CRL Bag"
-# We called it SEC_OID_PKCS12_X509_CERT_CRL_BAG
-
-OID 1.2.840.113549.1.12.4.2
-TAG SDSICertBagID
-EXPL "PKCS #12 SDSI Certificate Bag"
-# We called it SEC_OID_PKCS12_SDSI_CERT_BAG
-
-OID 1.2.840.113549.1.12.5 
-TAG pkcs-12Oids
-EXPL "PKCS #12 OIDs (XXX)"
-# We called it SEC_OID_PKCS12_OIDS
-
-OID 1.2.840.113549.1.12.5.1 
-TAG pkcs-12PbeIds
-EXPL "PKCS #12 OIDs PBE IDs (XXX)"
-# We called it SEC_OID_PKCS12_PBE_IDS
-
-OID 1.2.840.113549.1.12.5.1.1
-TAG pbeWithSha1And128BitRC4
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC4 (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.1.2
-TAG pbeWithSha1And40BitRC4
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC4 (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.1.3
-TAG pbeWithSha1AndTripleDES-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and Triple DES-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.5.1.4
-TAG pbeWithSha1And128BitRC2-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC2-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.5.1.5
-TAG pbeWithSha1And40BitRC2-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC2-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.5.2 
-TAG pkcs-12EnvelopingIds
-EXPL "PKCS #12 OIDs Enveloping IDs (XXX)"
-# We called it SEC_OID_PKCS12_ENVELOPING_IDS
-
-OID 1.2.840.113549.1.12.5.2.1
-TAG rsaEncryptionWith128BitRC4
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 128-bit RC4"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.2.2
-TAG rsaEncryptionWith40BitRC4
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 40-bit RC4"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.2.3
-TAG rsaEncryptionWithTripleDES
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with Triple DES"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES
-
-OID 1.2.840.113549.1.12.5.3 
-TAG pkcs-12SignatureIds
-EXPL "PKCS #12 OIDs Signature IDs (XXX)"
-# We called it SEC_OID_PKCS12_SIGNATURE_IDS
-
-OID 1.2.840.113549.1.12.5.3.1
-TAG rsaSignatureWithSHA1Digest
-EXPL "PKCS #12 OIDs RSA Signature with SHA-1 Digest"
-# We called it SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST
-
-OID 1.2.840.113549.1.12.10 
-TAG pkcs-12Version1
-EXPL "PKCS #12 Version 1"
-
-OID 1.2.840.113549.1.12.10.1
-TAG pkcs-12BagIds
-EXPL "PKCS #12 Bag IDs"
-
-OID 1.2.840.113549.1.12.10.1.1
-TAG keyBag
-EXPL "PKCS #12 Key Bag"
-NAME NSS_OID_PKCS12_KEY_BAG
-# We called it SEC_OID_PKCS12_V1_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.2
-TAG pkcs-8ShroudedKeyBag
-EXPL "PKCS #12 PKCS #8-shrouded Key Bag"
-NAME NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG
-# We called it SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.3
-TAG certBag
-EXPL "PKCS #12 Certificate Bag"
-NAME NSS_OID_PKCS12_CERT_BAG
-# We called it SEC_OID_PKCS12_V1_CERT_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.4
-TAG crlBag
-EXPL "PKCS #12 CRL Bag"
-NAME NSS_OID_PKCS12_CRL_BAG
-# We called it SEC_OID_PKCS12_V1_CRL_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.5
-TAG secretBag
-EXPL "PKCS #12 Secret Bag"
-NAME NSS_OID_PKCS12_SECRET_BAG
-# We called it SEC_OID_PKCS12_V1_SECRET_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.6
-TAG safeContentsBag
-EXPL "PKCS #12 Safe Contents Bag"
-NAME NSS_OID_PKCS12_SAFE_CONTENTS_BAG
-# We called it SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID
-
-OID 1.2.840.113549.2
-TAG digest
-EXPL "RSA digest algorithm"
-
-OID 1.2.840.113549.2.2 
-TAG md2
-EXPL "MD2"
-NAME NSS_OID_MD2
-CKM CKM_MD2
-
-OID 1.2.840.113549.2.4 
-TAG md4
-EXPL "MD4"
-NAME NSS_OID_MD4
-# No CKM
-
-OID 1.2.840.113549.2.5
-TAG md5
-EXPL "MD5"
-NAME NSS_OID_MD5
-CKM CKM_MD5
-
-OID 1.2.840.113549.3 
-TAG cipher
-EXPL "RSA cipher algorithm"
-
-OID 1.2.840.113549.3.2 
-TAG rc2cbc
-EXPL "RC2-CBC"
-NAME NSS_OID_RC2_CBC
-CKM_RC2_CBC
-
-OID 1.2.840.113549.3.4 
-TAG rc4
-EXPL "RC4"
-NAME NSS_OID_RC4
-CKM CKM_RC4
-
-OID 1.2.840.113549.3.7 
-TAG desede3cbc
-EXPL "DES-EDE3-CBC"
-NAME NSS_OID_DES_EDE3_CBC
-CKM CKM_DES3_CBC
-
-OID 1.2.840.113549.3.9 
-TAG rc5cbcpad
-EXPL "RC5-CBCPad"
-NAME NSS_OID_RC5_CBC_PAD
-CKM CKM_RC5_CBC
-
-OID 1.2.840.113556
-TAG microsoft
-EXPL "Microsoft"
-
-OID 1.2.840.113560
-TAG columbia-university
-EXPL "Columbia University"
-
-OID 1.2.840.113572
-TAG unisys
-EXPL "Unisys"
-
-OID 1.2.840.113658
-TAG xapia
-EXPL "XAPIA"
-
-OID 1.2.840.113699
-TAG wordperfect
-EXPL "WordPerfect"
-
-OID 1.3
-TAG identified-organization
-EXPL "ISO identified organizations"
-
-OID 1.3.6
-TAG us-dod
-EXPL "United States Department of Defense"
-
-OID 1.3.6.1 
-TAG internet  # See RFC 1065
-EXPL "The Internet"
-
-OID 1.3.6.1.1
-TAG directory
-EXPL "Internet: Directory"
-
-OID 1.3.6.1.2
-TAG management
-EXPL "Internet: Management"
-
-OID 1.3.6.1.3
-TAG experimental
-EXPL "Internet: Experimental"
-
-OID 1.3.6.1.4
-TAG private
-EXPL "Internet: Private"
-
-OID 1.3.6.1.5
-TAG security
-EXPL "Internet: Security"
-
-OID 1.3.6.1.5.5
-
-# RFC 2459:
-#
-# id-pkix  OBJECT IDENTIFIER  ::=
-#          { iso(1) identified-organization(3) dod(6) internet(1)
-#                     security(5) mechanisms(5) pkix(7) }
-OID 1.3.6.1.5.5.7 
-TAG id-pkix
-EXPL "Public Key Infrastructure"
-
-# RFC 2459:
-#
-# PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) internet(1)
-#   security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-88(1)}
-OID 1.3.6.1.5.5.7.0.1
-TAG PKIX1Explicit88
-EXPL "RFC 2459 Explicitly Tagged Module, 1988 Syntax"
-
-# RFC 2459:
-#
-# PKIX1Implicit88 {iso(1) identified-organization(3) dod(6) internet(1)
-#   security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)}
-OID 1.3.6.1.5.5.7.0.2
-TAG PKIXImplicit88
-EXPL "RFC 2459 Implicitly Tagged Module, 1988 Syntax"
-
-# RFC 2459:
-#
-# PKIX1Explicit93 {iso(1) identified-organization(3) dod(6) internet(1)
-#    security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-93(3)}
-OID 1.3.6.1.5.5.7.0.3
-TAG PKIXExplicit93
-EXPL "RFC 2459 Explicitly Tagged Module, 1993 Syntax"
-
-# RFC 2459:
-#
-# id-pe OBJECT IDENTIFIER  ::=  { id-pkix 1 }
-#         -- arc for private certificate extensions
-OID 1.3.6.1.5.5.7.1 
-TAG id-pe
-EXPL "PKIX Private Certificate Extensions"
-
-# RFC 2459:
-#
-# id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
-OID 1.3.6.1.5.5.7.1.1
-TAG id-pe-authorityInfoAccess
-EXPL "Certificate Authority Information Access"
-NAME NSS_OID_X509_AUTH_INFO_ACCESS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
-#         -- arc for policy qualifier types
-OID 1.3.6.1.5.5.7.2 
-TAG id-qt
-EXPL "PKIX Policy Qualifier Types"
-
-# RFC 2459:
-#
-# id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
-#         -- OID for CPS qualifier
-OID 1.3.6.1.5.5.7.2.1
-TAG id-qt-cps
-EXPL "PKIX CPS Pointer Qualifier"
-NAME NSS_OID_PKIX_CPS_POINTER_QUALIFIER
-
-# RFC 2459:
-#
-# id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
-#         -- OID for user notice qualifier
-OID 1.3.6.1.5.5.7.2.2
-TAG id-qt-unotice
-EXPL "PKIX User Notice Qualifier"
-NAME NSS_OID_PKIX_USER_NOTICE_QUALIFIER
-
-# RFC 2459:
-#
-# id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
-#         -- arc for extended key purpose OIDS
-OID 1.3.6.1.5.5.7.3 
-TAG id-kp
-EXPL "PKIX Key Purpose"
-
-# RFC 2459:
-#
-# id-kp-serverAuth      OBJECT IDENTIFIER ::= { id-kp 1 }
-OID 1.3.6.1.5.5.7.3.1
-TAG id-kp-serverAuth
-EXPL "TLS Web Server Authentication Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_SERVER_AUTH
-
-# RFC 2459:
-#
-# id-kp-clientAuth      OBJECT IDENTIFIER ::= { id-kp 2 }
-OID 1.3.6.1.5.5.7.3.2
-TAG id-kp-clientAuth
-EXPL "TLS Web Client Authentication Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH
-
-# RFC 2459:
-#
-# id-kp-codeSigning     OBJECT IDENTIFIER ::= { id-kp 3 }
-OID 1.3.6.1.5.5.7.3.3
-TAG id-kp-codeSigning
-EXPL "Code Signing Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_CODE_SIGN
-
-# RFC 2459:
-#
-# id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
-OID 1.3.6.1.5.5.7.3.4
-TAG id-kp-emailProtection
-EXPL "E-Mail Protection Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION
-
-# RFC 2459:
-#
-# id-kp-ipsecEndSystem  OBJECT IDENTIFIER ::= { id-kp 5 }
-OID 1.3.6.1.5.5.7.3.5
-TAG id-kp-ipsecEndSystem
-EXPL "IPSEC End System Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM
-
-# RFC 2459:
-#
-# id-kp-ipsecTunnel     OBJECT IDENTIFIER ::= { id-kp 6 }
-OID 1.3.6.1.5.5.7.3.6
-TAG id-kp-ipsecTunnel
-EXPL "IPSEC Tunnel Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL
-
-# RFC 2459:
-#
-# id-kp-ipsecUser       OBJECT IDENTIFIER ::= { id-kp 7 }
-OID 1.3.6.1.5.5.7.3.7
-TAG id-kp-ipsecUser
-EXPL "IPSEC User Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_USER
-
-# RFC 2459:
-#
-# id-kp-timeStamping    OBJECT IDENTIFIER ::= { id-kp 8 }
-OID 1.3.6.1.5.5.7.3.8
-TAG id-kp-timeStamping
-EXPL "Time Stamping Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_TIME_STAMP
-
-OID 1.3.6.1.5.5.7.3.9
-TAG ocsp-responder
-EXPL "OCSP Responder Certificate"
-NAME NSS_OID_OCSP_RESPONDER
-
-OID 1.3.6.1.5.5.7.7 
-TAG pkix-id-pkix
-
-OID 1.3.6.1.5.5.7.7.5 
-TAG pkix-id-pkip
-
-OID 1.3.6.1.5.5.7.7.5.1 
-TAG pkix-id-regctrl
-EXPL "CRMF Registration Control"
-
-OID 1.3.6.1.5.5.7.7.5.1.1
-TAG regtoken
-EXPL "CRMF Registration Control, Registration Token"
-NAME NSS_OID_PKIX_REGCTRL_REGTOKEN
-
-OID 1.3.6.1.5.5.7.7.5.1.2
-TAG authenticator
-EXPL "CRMF Registration Control, Registration Authenticator"
-NAME NSS_OID_PKIX_REGCTRL_AUTHENTICATOR
-
-OID 1.3.6.1.5.5.7.7.5.1.3
-TAG pkipubinfo
-EXPL "CRMF Registration Control, PKI Publication Info"
-NAME NSS_OID_PKIX_REGCTRL_PKIPUBINFO
-
-OID 1.3.6.1.5.5.7.7.5.1.4
-TAG pki-arch-options
-EXPL "CRMF Registration Control, PKI Archive Options"
-NAME NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS
-
-OID 1.3.6.1.5.5.7.7.5.1.5
-TAG old-cert-id
-EXPL "CRMF Registration Control, Old Certificate ID"
-NAME NSS_OID_PKIX_REGCTRL_OLD_CERT_ID
-
-OID 1.3.6.1.5.5.7.7.5.1.6
-TAG protocol-encryption-key
-EXPL "CRMF Registration Control, Protocol Encryption Key"
-NAME NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY
-
-OID 1.3.6.1.5.5.7.7.5.2 
-TAG pkix-id-reginfo
-EXPL "CRMF Registration Info"
-
-OID 1.3.6.1.5.5.7.7.5.2.1
-TAG utf8-pairs
-EXPL "CRMF Registration Info, UTF8 Pairs"
-NAME NSS_OID_PKIX_REGINFO_UTF8_PAIRS
-
-OID 1.3.6.1.5.5.7.7.5.2.2
-TAG cert-request
-EXPL "CRMF Registration Info, Certificate Request"
-NAME NSS_OID_PKIX_REGINFO_CERT_REQUEST
-
-# RFC 2549:
-#
-# id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
-#         -- arc for access descriptors
-OID 1.3.6.1.5.5.7.48 
-TAG id-ad
-EXPL "PKIX Access Descriptors"
-
-# RFC 2549:
-#
-# id-ad-ocsp      OBJECT IDENTIFIER ::= { id-ad 1 }
-OID 1.3.6.1.5.5.7.48.1
-TAG id-ad-ocsp
-EXPL "PKIX Online Certificate Status Protocol"
-NAME NSS_OID_OID_PKIX_OCSP
-
-OID 1.3.6.1.5.5.7.48.1.1
-TAG basic-response
-EXPL "OCSP Basic Response"
-NAME NSS_OID_PKIX_OCSP_BASIC_RESPONSE
-
-OID 1.3.6.1.5.5.7.48.1.2
-TAG nonce-extension
-EXPL "OCSP Nonce Extension"
-NAME NSS_OID_PKIX_OCSP_NONCE
-
-OID 1.3.6.1.5.5.7.48.1.3
-TAG response
-EXPL "OCSP Response Types Extension"
-NAME NSS_OID_PKIX_OCSP_RESPONSE
-
-OID 1.3.6.1.5.5.7.48.1.4
-TAG crl
-EXPL "OCSP CRL Reference Extension"
-NAME NSS_OID_PKIX_OCSP_CRL
-
-OID 1.3.6.1.5.5.7.48.1.5
-TAG no-check
-EXPL "OCSP No Check Extension"
-NAME NSS_OID_X509_OCSP_NO_CHECK  # X509_... ?
-
-OID 1.3.6.1.5.5.7.48.1.6
-TAG archive-cutoff
-EXPL "OCSP Archive Cutoff Extension"
-NAME NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF
-
-OID 1.3.6.1.5.5.7.48.1.7
-TAG service-locator
-EXPL "OCSP Service Locator Extension"
-NAME NSS_OID_PKIX_OCSP_SERVICE_LOCATOR
-
-# RFC 2549:
-#
-# id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
-OID 1.3.6.1.5.5.7.48.2
-TAG id-ad-caIssuers
-EXPL "Certificate Authority Issuers"
-
-OID 1.3.6.1.6
-TAG snmpv2
-EXPL "Internet: SNMPv2"
-
-OID 1.3.6.1.7
-TAG mail
-EXPL "Internet: mail"
-
-OID 1.3.6.1.7.1
-TAG mime-mhs
-EXPL "Internet: mail MIME mhs"
-
-OID 1.3.12 
-TAG ecma
-EXPL "European Computers Manufacturing Association"
-
-OID 1.3.14
-TAG oiw
-EXPL "Open Systems Implementors Workshop"
-
-OID 1.3.14.3 secsig
-TAG secsig
-EXPL "Open Systems Implementors Workshop Security Special Interest Group"
-
-OID 1.3.14.3.1
-TAG oIWSECSIGAlgorithmObjectIdentifiers
-EXPL "OIW SECSIG Algorithm OIDs"
-
-OID 1.3.14.3.2 
-TAG algorithm
-EXPL "OIW SECSIG Algorithm"
-
-OID 1.3.14.3.2.6 
-TAG desecb
-EXPL "DES-ECB"
-NAME NSS_OID_DES_ECB
-CKM CKM_DES_ECB
-
-OID 1.3.14.3.2.7
-TAG descbc
-EXPL "DES-CBC"
-NAME NSS_OID_DES_CBC
-CKM CKM_DES_CBC
-
-OID 1.3.14.3.2.8
-TAG desofb
-EXPL "DES-OFB"
-NAME NSS_OID_DES_OFB
-# No CKM..
-
-OID 1.3.14.3.2.9 
-TAG descfb
-EXPL "DES-CFB"
-NAME NSS_OID_DES_CFB
-# No CKM..
-
-OID 1.3.14.3.2.10
-TAG desmac
-EXPL "DES-MAC"
-NAME NSS_OID_DES_MAC
-CKM CKM_DES_MAC
-
-OID 1.3.14.3.2.15 
-TAG isoSHAWithRSASignature
-EXPL "ISO SHA with RSA Signature"
-NAME NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE
-# No CKM..
-
-OID 1.3.14.3.2.17 
-TAG desede
-EXPL "DES-EDE"
-NAME NSS_OID_DES_EDE
-# No CKM..
-
-OID 1.3.14.3.2.26 
-TAG sha1
-EXPL "SHA-1"
-NAME NSS_OID_SHA1
-CKM CKM_SHA_1
-
-OID 1.3.14.3.2.27
-TAG bogusDSASignatureWithSHA1Digest
-EXPL "Forgezza DSA Signature with SHA-1 Digest"
-NAME NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST
-CKM CKM_DSA_SHA1
-
-OID 1.3.14.3.3
-TAG authentication-mechanism
-EXPL "OIW SECSIG Authentication Mechanisms"
-
-OID 1.3.14.3.4
-TAG security-attribute
-EXPL "OIW SECSIG Security Attributes"
-
-OID 1.3.14.3.5
-TAG document-definition
-EXPL "OIW SECSIG Document Definitions used in security"
-
-OID 1.3.14.7
-TAG directory-services-sig
-EXPL "OIW directory services sig"
-
-OID 1.3.16
-TAG ewos
-EXPL "European Workshop on Open Systems"
-
-OID 1.3.22
-TAG osf
-EXPL "Open Software Foundation"
-
-OID 1.3.23
-TAG nordunet
-EXPL "Nordunet"
-
-OID 1.3.26
-TAG nato-id-org
-EXPL "NATO identified organisation"
-
-OID 1.3.36
-TAG teletrust
-EXPL "Teletrust"
-
-OID 1.3.52
-TAG smpte
-EXPL "Society of Motion Picture and Television Engineers"
-
-OID 1.3.69
-TAG sita
-EXPL "Societe Internationale de Telecommunications Aeronautiques"
-
-OID 1.3.90
-TAG iana
-EXPL "Internet Assigned Numbers Authority"
-
-OID 1.3.101 
-TAG thawte
-EXPL "Thawte"
-
-OID 2 
-TAG joint-iso-ccitt
-EXPL "Joint ISO/ITU-T assignment"
-
-OID 2.0
-TAG presentation
-EXPL "Joint ISO/ITU-T Presentation"
-
-OID 2.1
-TAG asn-1
-EXPL "Abstract Syntax Notation One"
-
-OID 2.2
-TAG acse
-EXPL "Association Control"
-
-OID 2.3
-TAG rtse
-EXPL "Reliable Transfer"
-
-OID 2.4
-TAG rose
-EXPL "Remote Operations"
-
-OID 2.5
-TAG x500
-EXPL "Directory"
-
-OID 2.5.1
-TAG modules
-EXPL "X.500 modules"
-
-OID 2.5.2
-TAG service-environment
-EXPL "X.500 service environment"
-
-OID 2.5.3
-TAG application-context
-EXPL "X.500 application context"
-
-# RFC 2459:
-#
-# id-at           OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4}
-OID 2.5.4
-TAG id-at
-EXPL "X.520 attribute types"
-
-# RFC 2459:
-#
-# id-at-commonName        AttributeType   ::=     {id-at 3}
-OID 2.5.4.3
-TAG id-at-commonName
-EXPL "X.520 Common Name"
-NAME NSS_OID_X520_COMMON_NAME
-ATTR "cn"
-
-# RFC 2459:
-#
-# id-at-surname           AttributeType   ::=     {id-at 4}
-OID 2.5.4.4
-TAG id-at-surname
-EXPL "X.520 Surname"
-NAME NSS_OID_X520_SURNAME
-ATTR "sn"
-
-# RFC 2459:
-#
-# id-at-countryName       AttributeType   ::=     {id-at 6}
-OID 2.5.4.6
-TAG id-at-countryName
-EXPL "X.520 Country Name"
-NAME NSS_OID_X520_COUNTRY_NAME
-ATTR "c"
-
-# RFC 2459:
-#
-# id-at-localityName      AttributeType   ::=     {id-at 7}
-OID 2.5.4.7
-TAG id-at-localityName
-EXPL "X.520 Locality Name"
-NAME NSS_OID_X520_LOCALITY_NAME
-ATTR "l"
-
-# RFC 2459:
-#
-# id-at-stateOrProvinceName       AttributeType   ::=     {id-at 8}
-OID 2.5.4.8
-TAG id-at-stateOrProvinceName
-EXPL "X.520 State or Province Name"
-NAME NSS_OID_X520_STATE_OR_PROVINCE_NAME
-ATTR "s"
-
-# RFC 2459:
-#
-# id-at-organizationName          AttributeType   ::=     {id-at 10}
-OID 2.5.4.10
-TAG id-at-organizationName
-EXPL "X.520 Organization Name"
-NAME NSS_OID_X520_ORGANIZATION_NAME
-ATTR "o"
-
-# RFC 2459:
-#
-# id-at-organizationalUnitName    AttributeType   ::=     {id-at 11}
-OID 2.5.4.11
-TAG id-at-organizationalUnitName
-EXPL "X.520 Organizational Unit Name"
-NAME NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME
-ATTR "ou"
-
-# RFC 2459:
-#
-# id-at-title     AttributeType   ::=     {id-at 12}
-OID 2.5.4.12
-TAG id-at-title
-EXPL "X.520 Title"
-NAME NSS_OID_X520_TITLE
-ATTR "title"
-
-# RFC 2459:
-#
-# id-at-name              AttributeType   ::=     {id-at 41}
-OID 2.5.4.41
-TAG id-at-name
-EXPL "X.520 Name"
-NAME NSS_OID_X520_NAME
-ATTR "name"
-
-# RFC 2459:
-#
-# id-at-givenName         AttributeType   ::=     {id-at 42}
-OID 2.5.4.42
-TAG id-at-givenName
-EXPL "X.520 Given Name"
-NAME NSS_OID_X520_GIVEN_NAME
-ATTR "givenName"
-
-# RFC 2459:
-#
-# id-at-initials          AttributeType   ::=     {id-at 43}
-OID 2.5.4.43
-TAG id-at-initials
-EXPL "X.520 Initials"
-NAME NSS_OID_X520_INITIALS
-ATTR "initials"
-
-# RFC 2459:
-#
-# id-at-generationQualifier       AttributeType   ::=     {id-at 44}
-OID 2.5.4.44
-TAG id-at-generationQualifier
-EXPL "X.520 Generation Qualifier"
-NAME NSS_OID_X520_GENERATION_QUALIFIER
-ATTR "generationQualifier"
-
-# RFC 2459:
-#
-# id-at-dnQualifier       AttributeType   ::=     {id-at 46}
-OID 2.5.4.46
-TAG id-at-dnQualifier
-EXPL "X.520 DN Qualifier"
-NAME NSS_OID_X520_DN_QUALIFIER
-ATTR "dnQualifier"
-
-OID 2.5.5
-TAG attribute-syntax
-EXPL "X.500 attribute syntaxes"
-
-OID 2.5.6
-TAG object-classes
-EXPL "X.500 standard object classes"
-
-OID 2.5.7
-TAG attribute-set
-EXPL "X.500 attribute sets"
-
-OID 2.5.8
-TAG algorithms
-EXPL "X.500-defined algorithms"
-
-OID 2.5.8.1 
-TAG encryption
-EXPL "X.500-defined encryption algorithms"
-
-OID 2.5.8.1.1 
-TAG rsa
-EXPL "RSA Encryption Algorithm"
-NAME NSS_OID_X500_RSA_ENCRYPTION
-CKM CKM_RSA_X_509
-
-OID 2.5.9
-TAG abstract-syntax
-EXPL "X.500 abstract syntaxes"
-
-OID 2.5.12
-TAG operational-attribute
-EXPL "DSA Operational Attributes"
-
-OID 2.5.13
-TAG matching-rule
-EXPL "Matching Rule"
-
-OID 2.5.14
-TAG knowledge-matching-rule
-EXPL "X.500 knowledge Matching Rules"
-
-OID 2.5.15
-TAG name-form
-EXPL "X.500 name forms"
-
-OID 2.5.16
-TAG group
-EXPL "X.500 groups"
-
-OID 2.5.17
-TAG subentry
-EXPL "X.500 subentry"
-
-OID 2.5.18
-TAG operational-attribute-type
-EXPL "X.500 operational attribute type"
-
-OID 2.5.19
-TAG operational-binding
-EXPL "X.500 operational binding"
-
-OID 2.5.20
-TAG schema-object-class
-EXPL "X.500 schema Object class"
-
-OID 2.5.21
-TAG schema-operational-attribute
-EXPL "X.500 schema operational attributes"
-
-OID 2.5.23
-TAG administrative-role
-EXPL "X.500 administrative roles"
-
-OID 2.5.24
-TAG access-control-attribute
-EXPL "X.500 access control attribute"
-
-OID 2.5.25
-TAG ros
-EXPL "X.500 ros object"
-
-OID 2.5.26
-TAG contract
-EXPL "X.500 contract"
-
-OID 2.5.27
-TAG package
-EXPL "X.500 package"
-
-OID 2.5.28
-TAG access-control-schema
-EXPL "X.500 access control schema"
-
-# RFC 2459:
-#
-# id-ce OBJECT IDENTIFIER  ::=  {joint-iso-ccitt(2) ds(5) 29}
-OID 2.5.29
-TAG id-ce
-EXPL "X.500 Certificate Extension"
-
-OID 2.5.29.5
-TAG subject-directory-attributes
-EXPL "Certificate Subject Directory Attributes"
-NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTR
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::=  { id-ce 9 }
-OID 2.5.29.9
-TAG id-ce-subjectDirectoryAttributes
-EXPL "Certificate Subject Directory Attributes"
-NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 14 }
-OID 2.5.29.14
-TAG id-ce-subjectKeyIdentifier
-EXPL "Certificate Subject Key ID"
-NAME NSS_OID_X509_SUBJECT_KEY_ID
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
-OID 2.5.29.15
-TAG id-ce-keyUsage
-EXPL "Certificate Key Usage"
-NAME NSS_OID_X509_KEY_USAGE
-CERT_EXTENSION SUPPORTED
-# We called it PKCS12_KEY_USAGE
-
-# RFC 2459:
-#
-# id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::=  { id-ce 16 }
-OID 2.5.29.16
-TAG id-ce-privateKeyUsagePeriod
-EXPL "Certificate Private Key Usage Period"
-NAME NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectAltName OBJECT IDENTIFIER ::=  { id-ce 17 }
-OID 2.5.29.17
-TAG id-ce-subjectAltName
-EXPL "Certificate Subject Alternate Name"
-NAME NSS_OID_X509_SUBJECT_ALT_NAME
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-issuerAltName OBJECT IDENTIFIER ::=  { id-ce 18 }
-OID 2.5.29.18
-TAG id-ce-issuerAltName
-EXPL "Certificate Issuer Alternate Name"
-NAME NSS_OID_X509_ISSUER_ALT_NAME
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-basicConstraints OBJECT IDENTIFIER ::=  { id-ce 19 }
-OID 2.5.29.19
-TAG id-ce-basicConstraints
-EXPL "Certificate Basic Constraints"
-NAME NSS_OID_X509_BASIC_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
-OID 2.5.29.20
-TAG id-ce-cRLNumber
-EXPL "CRL Number"
-NAME NSS_OID_X509_CRL_NUMBER
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
-OID 2.5.29.21
-TAG id-ce-cRLReasons
-EXPL "CRL Reason Code"
-NAME NSS_OID_X509_REASON_CODE
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 }
-OID 2.5.29.23
-TAG id-ce-holdInstructionCode
-EXPL "Hold Instruction Code"
-NAME NSS_OID_X509_HOLD_INSTRUCTION_CODE
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24 }
-OID 2.5.29.24
-TAG id-ce-invalidityDate
-EXPL "Invalid Date"
-NAME NSS_OID_X509_INVALID_DATE
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 }
-OID 2.5.29.27
-TAG id-ce-deltaCRLIndicator
-EXPL "Delta CRL Indicator"
-NAME NSS_OID_X509_DELTA_CRL_INDICATOR
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 }
-OID 2.5.29.28
-TAG id-ce-issuingDistributionPoint
-EXPL "Issuing Distribution Point"
-NAME NSS_OID_X509_ISSUING_DISTRIBUTION_POINT
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 }
-OID 2.5.29.29
-TAG id-ce-certificateIssuer
-EXPL "Certificate Issuer"
-NAME NSS_OID_X509_CERTIFICATE_ISSUER
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-nameConstraints OBJECT IDENTIFIER ::=  { id-ce 30 }
-OID 2.5.29.30
-TAG id-ce-nameConstraints
-EXPL "Certificate Name Constraints"
-NAME NSS_OID_X509_NAME_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLDistributionPoints     OBJECT IDENTIFIER  ::=  {id-ce 31}
-OID 2.5.29.31
-TAG id-ce-cRLDistributionPoints
-EXPL "CRL Distribution Points"
-NAME NSS_OID_X509_CRL_DIST_POINTS
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-certificatePolicies OBJECT IDENTIFIER ::=  { id-ce 32 }
-OID 2.5.29.32
-TAG id-ce-certificatePolicies
-EXPL "Certificate Policies"
-NAME NSS_OID_X509_CERTIFICATE_POLICIES
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-policyMappings OBJECT IDENTIFIER ::=  { id-ce 33 }
-OID 2.5.29.33
-TAG id-ce-policyMappings
-EXPL "Certificate Policy Mappings"
-NAME NSS_OID_X509_POLICY_MAPPINGS
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.5.29.34
-TAG policy-constraints
-EXPL "Certificate Policy Constraints (old)"
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
-OID 2.5.29.35
-TAG id-ce-authorityKeyIdentifier
-EXPL "Certificate Authority Key Identifier"
-NAME NSS_OID_X509_AUTH_KEY_ID
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-policyConstraints OBJECT IDENTIFIER ::=  { id-ce 36 }
-OID 2.5.29.36
-TAG id-ce-policyConstraints
-EXPL "Certificate Policy Constraints"
-NAME NSS_OID_X509_POLICY_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
-OID 2.5.29.37
-TAG id-ce-extKeyUsage
-EXPL "Extended Key Usage"
-NAME NSS_OID_X509_EXT_KEY_USAGE
-CERT_EXTENSION SUPPORTED
-
-OID 2.5.30
-TAG id-mgt
-EXPL "X.500 Management Object"
-
-OID 2.6
-TAG x400
-EXPL "X.400 MHS"
-
-OID 2.7
-TAG ccr
-EXPL "Committment, Concurrency and Recovery"
-
-OID 2.8
-TAG oda
-EXPL "Office Document Architecture"
-
-OID 2.9
-TAG osi-management
-EXPL "OSI management"
-
-OID 2.10
-TAG tp
-EXPL "Transaction Processing"
-
-OID 2.11
-TAG dor
-EXPL "Distinguished Object Reference"
-
-OID 2.12
-TAG rdt
-EXPL "Referenced Data Transfer"
-
-OID 2.13
-TAG nlm
-EXPL "Network Layer Management"
-
-OID 2.14
-TAG tlm
-EXPL "Transport Layer Management"
-
-OID 2.15
-TAG llm
-EXPL "Link Layer Management"
-
-OID 2.16
-TAG country
-EXPL "Country Assignments"
-
-OID 2.16.124 
-TAG canada
-EXPL "Canada"
-
-OID 2.16.158
-TAG taiwan
-EXPL "Taiwan"
-
-OID 2.16.578 
-TAG norway
-EXPL "Norway"
-
-OID 2.16.756 
-TAG switzerland
-EXPL "Switzerland"
-
-OID 2.16.840 
-TAG us
-EXPL "United States"
-
-OID 2.16.840.1 
-TAG us-company
-EXPL "United States Company"
-
-OID 2.16.840.1.101 
-TAG us-government
-EXPL "United States Government (1.101)"
-
-OID 2.16.840.1.101.2 
-TAG us-dod
-EXPL "United States Department of Defense"
-
-OID 2.16.840.1.101.2.1 
-TAG id-infosec
-EXPL "US DOD Infosec"
-
-OID 2.16.840.1.101.2.1.0 
-TAG id-modules
-EXPL "US DOD Infosec modules"
-
-OID 2.16.840.1.101.2.1.1 
-TAG id-algorithms
-EXPL "US DOD Infosec algorithms (MISSI)"
-
-OID 2.16.840.1.101.2.1.1.2  
-TAG old-dss
-EXPL "MISSI DSS Algorithm (Old)"
-NAME NSS_OID_MISSI_DSS_OLD
-
-# This is labeled as "### mwelch temporary"
-# Is it official?? XXX fgmr
-OID 2.16.840.1.101.2.1.1.4
-TAG skipjack-cbc-64
-EXPL "Skipjack CBC64"
-NAME NSS_OID_FORTEZZA_SKIPJACK
-CKM CKM_SKIPJACK_CBC64
-
-OID 2.16.840.1.101.2.1.1.10
-TAG kea
-EXPL "MISSI KEA Algorithm"
-NAME NSS_OID_MISSI_KEA
-
-OID 2.16.840.1.101.2.1.1.12
-TAG old-kea-dss
-EXPL "MISSI KEA and DSS Algorithm (Old)"
-NAME NSS_OID_MISSI_KEA_DSS_OLD
-
-OID 2.16.840.1.101.2.1.1.19
-TAG dss
-EXPL "MISSI DSS Algorithm"
-NAME NSS_OID_MISSI_DSS
-
-OID 2.16.840.1.101.2.1.1.20
-TAG kea-dss
-EXPL "MISSI KEA and DSS Algorithm"
-NAME NSS_OID_MISSI_KEA_DSS
-
-OID 2.16.840.1.101.2.1.1.22
-TAG alt-kea
-EXPL "MISSI Alternate KEA Algorithm"
-NAME NSS_OID_MISSI_ALT_KEY
-
-OID 2.16.840.1.101.2.1.2 
-TAG id-formats
-EXPL "US DOD Infosec formats"
-
-OID 2.16.840.1.101.2.1.3 
-TAG id-policy
-EXPL "US DOD Infosec policy"
-
-OID 2.16.840.1.101.2.1.4 
-TAG id-object-classes
-EXPL "US DOD Infosec object classes"
-
-OID 2.16.840.1.101.2.1.5 
-TAG id-attributes
-EXPL "US DOD Infosec attributes"
-
-OID 2.16.840.1.101.2.1.6 
-TAG id-attribute-syntax
-EXPL "US DOD Infosec attribute syntax"
-
-OID 2.16.840.1.113730 
-# The Netscape OID space
-TAG netscape
-EXPL "Netscape Communications Corp."
-
-OID 2.16.840.1.113730.1
-TAG cert-ext
-EXPL "Netscape Cert Extensions"
-
-OID 2.16.840.1.113730.1.1
-TAG cert-type
-EXPL "Certificate Type"
-NAME NSS_OID_NS_CERT_EXT_CERT_TYPE
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.2
-TAG base-url
-EXPL "Certificate Extension Base URL"
-NAME NSS_OID_NS_CERT_EXT_BASE_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.3
-TAG revocation-url
-EXPL "Certificate Revocation URL"
-NAME NSS_OID_NS_CERT_EXT_REVOCATION_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.4
-TAG ca-revocation-url
-EXPL "Certificate Authority Revocation URL"
-NAME NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.5
-TAG ca-crl-download-url
-EXPL "Certificate Authority CRL Download URL"
-NAME NSS_OID_NS_CERT_EXT_CA_CRL_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.6
-TAG ca-cert-url
-EXPL "Certificate Authority Certificate Download URL"
-NAME NSS_OID_NS_CERT_EXT_CA_CERT_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.7
-TAG renewal-url
-EXPL "Certificate Renewal URL"
-NAME NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.8
-TAG ca-policy-url
-EXPL "Certificate Authority Policy URL"
-NAME NSS_OID_NS_CERT_EXT_CA_POLICY_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.9
-TAG homepage-url
-EXPL "Certificate Homepage URL"
-NAME NSS_OID_NS_CERT_EXT_HOMEPAGE_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.10
-TAG entity-logo
-EXPL "Certificate Entity Logo"
-NAME NSS_OID_NS_CERT_EXT_ENTITY_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.11
-TAG user-picture
-EXPL "Certificate User Picture"
-NAME NSS_OID_NS_CERT_EXT_USER_PICTURE
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.12
-TAG ssl-server-name
-EXPL "Certificate SSL Server Name"
-NAME NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.13
-TAG comment
-EXPL "Certificate Comment"
-NAME NSS_OID_NS_CERT_EXT_COMMENT
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.14
-TAG thayes
-EXPL ""
-NAME NSS_OID_NS_CERT_EXT_THAYES
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.2
-TAG data-type
-EXPL "Netscape Data Types"
-
-OID 2.16.840.1.113730.2.1 
-TAG gif
-EXPL "image/gif"
-NAME NSS_OID_NS_TYPE_GIF
-
-OID 2.16.840.1.113730.2.2 
-TAG jpeg
-EXPL "image/jpeg"
-NAME NSS_OID_NS_TYPE_JPEG
-
-OID 2.16.840.1.113730.2.3 
-TAG url
-EXPL "URL"
-NAME NSS_OID_NS_TYPE_URL
-
-OID 2.16.840.1.113730.2.4 
-TAG html
-EXPL "text/html"
-NAME NSS_OID_NS_TYPE_HTML
-
-OID 2.16.840.1.113730.2.5 
-TAG cert-sequence
-EXPL "Certificate Sequence"
-NAME NSS_OID_NS_TYPE_CERT_SEQUENCE
-
-OID 2.16.840.1.113730.3
-# The Netscape Directory OID space
-TAG directory
-EXPL "Netscape Directory"
-
-OID 2.16.840.1.113730.4
-TAG policy
-EXPL "Netscape Policy Type OIDs"
-
-OID 2.16.840.1.113730.4.1
-TAG export-approved
-EXPL "Strong Crypto Export Approved"
-NAME NSS_OID_NS_KEY_USAGE_GOVT_APPROVED
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.5
-TAG cert-server
-EXPL "Netscape Certificate Server"
-
-OID 2.16.840.1.113730.5.1
-
-OID 2.16.840.1.113730.5.1.1
-TAG recovery-request
-EXPL "Netscape Cert Server Recovery Request"
-NAME NSS_OID_NETSCAPE_RECOVERY_REQUEST
-
-OID 2.16.840.1.113730.6
-TAG algs
-EXPL "Netscape algorithm OIDs"
-
-OID 2.16.840.1.113730.6.1
-TAG smime-kea
-EXPL "Netscape S/MIME KEA"
-NAME NSS_OID_NETSCAPE_SMIME_KEA
-
-OID 2.16.840.1.113730.7
-TAG name-components
-EXPL "Netscape Name Components"
-
-OID 2.16.840.1.113730.7.1
-TAG nickname
-EXPL "Netscape Nickname"
-NAME NSS_OID_NETSCAPE_NICKNAME
-
-OID 2.16.840.1.113733 
-TAG verisign
-EXPL "Verisign"
-
-OID 2.16.840.1.113733.1
-
-OID 2.16.840.1.113733.1.7
-
-OID 2.16.840.1.113733.1.7.1
-
-OID 2.16.840.1.113733.1.7.1.1
-TAG verisign-user-notices
-EXPL "Verisign User Notices"
-NAME NSS_OID_VERISIGN_USER_NOTICES
-
-OID 2.16.840.101 
-TAG us-government
-EXPL "US Government (101)"
-
-OID 2.16.840.102 
-TAG us-government2
-EXPL "US Government (102)"
- 
-OID 2.16.840.11370 
-TAG old-netscape
-EXPL "Netscape Communications Corp. (Old)"
-
-OID 2.16.840.11370.1 
-TAG ns-cert-ext
-EXPL "Netscape Cert Extensions (Old NS)"
-
-OID 2.16.840.11370.1.1 
-TAG netscape-ok
-EXPL "Netscape says this cert is ok (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_NETSCAPE_OK
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.1.2
-TAG issuer-logo
-EXPL "Certificate Issuer Logo (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_ISSUER_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.1.3
-TAG subject-logo
-EXPL "Certificate Subject Logo (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_SUBJECT_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.2 
-TAG ns-file-type
-EXPL "Netscape File Type"
-
-OID 2.16.840.11370.3 
-TAG ns-image-type
-EXPL "Netscape Image Type"
-
-OID 2.17
-TAG registration-procedures
-EXPL "Registration procedures"
-
-OID 2.18
-TAG physical-layer-management
-EXPL "Physical layer Management"
-
-OID 2.19
-TAG mheg
-EXPL "MHEG"
-
-OID 2.20
-TAG guls
-EXPL "Generic Upper Layer Security"
-
-OID 2.21
-TAG tls
-EXPL "Transport Layer Security Protocol"
-
-OID 2.22
-TAG nls
-EXPL "Network Layer Security Protocol"
-
-OID 2.23
-TAG organization
-EXPL "International organizations"
diff --git a/security/nss/lib/pki1/pki1.h b/security/nss/lib/pki1/pki1.h
deleted file mode 100644
index 15d29685d..000000000
--- a/security/nss/lib/pki1/pki1.h
+++ /dev/null
@@ -1,3032 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI1_H
-#define PKI1_H
-
-#ifdef DEBUG
-static const char PKI1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pki1.h
- *
- * This file contains the prototypes to the non-public NSS routines
- * relating to the PKIX part-1 objects.
- */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-#ifndef NSSPKI1_H
-#include "nsspki1.h"
-#endif /* NSSPKI1_H */
-
-PR_BEGIN_EXTERN_C
-
-/* fgmr 19990505 moved these here from oiddata.h */
-extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];
-extern const PRUint32 nss_attribute_type_alias_count;
-
-/*
- * NSSOID
- *
- * The non-public "methods" regarding this "object" are:
- *
- *  nssOID_CreateFromBER   -- constructor
- *  nssOID_CreateFromUTF8  -- constructor
- *  (there is no explicit destructor)
- * 
- *  nssOID_GetDEREncoding
- *  nssOID_GetUTF8Encoding
- *
- * In debug builds, the following non-public calls are also available:
- *
- *  nssOID_verifyPointer
- *  nssOID_getExplanation
- *  nssOID_getTaggedUTF8
- */
-
-/*
- * nssOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID.  It may return NSS_OID_UNKNOWN upon error, in which case it 
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromBER
-(
-  NSSBER *berOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string 
- * representation of an OID in dotted-number format.  The string may 
- * optionally begin with an octothorpe.  It may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error 
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromUTF8
-(
-  NSSUTF8 *stringOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_UTF8;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return return null upon error, in 
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-nssOID_GetDEREncoding
-(
-  const NSSOID *oid,
-  NSSDER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number 
- * encoding of the specified NSSOID.  If the optional arena argument 
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return null upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the dotted-digit encoding of 
- *      this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-nssOID_GetUTF8Encoding
-(
-  const NSSOID *oid,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssOID_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid poitner to an NSSOID object, 
- * this routine will return PR_SUCCESS.  Otherwise, it will put an 
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssOID_verifyPointer
-(
-  const NSSOID *oid
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getExplanation
- *
- * This method is only present in debug builds.
- *
- * This routine will return a static pointer to a UTF8-encoded string
- * describing (in English) the specified OID.  The memory pointed to
- * by the return value is not owned by the caller, and should not be
- * freed or modified.  Note that explanations are only provided for
- * the OIDs built into the NSS library; there is no way to specify an
- * explanation for dynamically created OIDs.  This routine is intended
- * only for use in debugging tools such as "derdump."  This routine
- * may return null upon error, in which case it will have placed an
- * error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- *  NULL upon error
- *  A static pointer to a readonly, non-caller-owned UTF8-encoded
- *    string explaining the specified OID.
- */
-
-#ifdef DEBUG
-NSS_EXTERN const NSSUTF8 *
-nssOID_getExplanation
-(
-  NSSOID *oid
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getTaggedUTF8
- *
- * This method is only present in debug builds.
- *
- * This routine will return a pointer to a caller-owned UTF8-encoded
- * string containing a tagged encoding of the specified OID.  Note
- * that OID (component) tags are only provided for the OIDs built 
- * into the NSS library; there is no way to specify tags for 
- * dynamically created OIDs.  This routine is intended for use in
- * debugging tools such as "derdump."   If the optional arena argument
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine 
- * may return return null upon error, in which case it will have set 
- * an error on the error stack.
- *
- * The error may be one of the following values
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the tagged encoding of
- *      this NSSOID
- */
-
-#ifdef DEBUG
-NSS_EXTERN NSSUTF8 *
-nssOID_getTaggedUTF8
-(
-  NSSOID *oid,
-  NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
-
-/*
- * NSSATAV
- *
- * The non-public "methods" regarding this "object" are:
- *
- *  nssATAV_CreateFromBER   -- constructor
- *  nssATAV_CreateFromUTF8  -- constructor
- *  nssATAV_Create          -- constructor
- *
- *  nssATAV_Destroy
- *  nssATAV_GetDEREncoding
- *  nssATAV_GetUTF8Encoding
- *  nssATAV_GetType
- *  nssATAV_GetValue
- *  nssATAV_Compare
- *  nssATAV_Duplicate
- *
- * In debug builds, the following non-public call is also available:
- *
- *  nssATAV_verifyPointer
- */
-
-/*
- * nssATAV_CreateFromBER
- * 
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV.  If the optional arena argument is non-null, the memory used 
- * will be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error, 
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  const NSSBER *berATAV
-);
-
-/*
- * nssATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US."  If the optional arena argument is 
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have set an error 
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  const NSSUTF8 *stringATAV
-);
-
-/*
- * nssATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero, 
- * the data is assumed to be terminated by first zero byte; this allows 
- * UTF8 strings to be easily specified.  This routine may return NULL 
- * upon error, in which case it will have set an error on the error 
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_NSSOID
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_Create
-(
-  NSSArena *arenaOpt,
-  const NSSOID *oid,
-  const void *data,
-  PRUint32 length
-);
-
-/*
- * nssATAV_Destroy
- *
- * This routine will destroy an ATAV object.  It should eventually be
- * called on all ATAVs created without an arena.  While it is not 
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssATAV_Destroy
-(
-  NSSATAV *atav
-);
-
-/*
- * nssATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSATAV
- */
-
-NSS_EXTERN NSSDER *
-nssATAV_GetDEREncoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").  
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return null upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string containing the "equals" encoding of the 
- *      ATAV
- */
-
-NSS_EXTERN NSSUTF8 *
-nssATAV_GetUTF8Encoding
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV.  This routine may return NSS_OID_UNKNOWN 
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NSS_OID_UNKNOWN upon error
- *  An element of enum NSSOIDenum upon success
- */
-
-NSS_EXTERN const NSSOID *
-nssATAV_GetType
-(
-  NSSATAV *atav
-);
-
-/*
- * nssATAV_GetValue
- *
- * This routine returns a string containing the attribute value
- * in the specified ATAV.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have set an error upon the
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_EXTERN NSSUTF8 *
-nssATAV_GetValue
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_Compare
- *
- * This routine compares two ATAVs for equality.  For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute 
- * values must have equal length and contents.  The result of the 
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool.  This routine may 
- * return PR_FAILURE upon error, in which case it will have set an 
- * error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssATAV_Compare
-(
-  NSSATAV *atav1,
-  NSSATAV *atav2,
-  PRBool *equalp
-);
-
-/*
- * nssATAV_Duplicate
- *
- * This routine duplicates the specified ATAV.  If the optional arena 
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL on error
- *  A pointer to a new ATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_Duplicate
-(
-  NSSATAV *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSATAV object,
- * this routine will return PR_SUCCESS.  Otherwise, it will put an
- * error on the error stack and return PR_FAILRUE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NSSATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssATAV_verifyPointer
-(
-  NSSATAV *atav
-);
-#endif /* DEBUG */
-
-/*
- * NSSRDN
- *
- * The non-public "methods" regarding this "object" are:
- *
- *  nssRDN_CreateFromBER   -- constructor
- *  nssRDN_CreateFromUTF8  -- constructor
- *  nssRDN_Create          -- constructor
- *  nssRDN_CreateSimple    -- constructor
- *
- *  nssRDN_Destroy
- *  nssRDN_GetDEREncoding
- *  nssRDN_GetUTF8Encoding
- *  nssRDN_AddATAV
- *  nssRDN_GetATAVCount
- *  nssRDN_GetATAV
- *  nssRDN_GetSimpleATAV
- *  nssRDN_Compare
- *  nssRDN_Duplicate
- */
-
-/*
- * nssRDN_CreateFromBER
- *
- * This routine creates an NSSRDN by decoding a BER- or DER-encoded 
- * RDN.  If the optional arena argument is non-null, the memory used 
- * will be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error, 
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berRDN
-);
-
-/*
- * nssRDN_CreateFromUTF8
- *
- * This routine creates an NSSRDN by decoding an UTF8 string 
- * consisting of either a single ATAV in the "equals" format, e.g., 
- * "uid=smith," or one or more such ATAVs in parentheses, e.g., 
- * "(sn=Smith,ou=Sales)."  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringRDN
-);
-
-/*
- * nssRDN_Create
- *
- * This routine creates an NSSRDN from one or more NSSATAVs.  The
- * final argument to this routine must be NULL.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_Create
-(
-  NSSArena *arenaOpt,
-  NSSATAV *atav1,
-  ...
-);
-
-/*
- * nssRDN_CreateSimple
- *
- * This routine creates a simple NSSRDN from a single NSSATAV.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateSimple
-(
-  NSSArena *arenaOpt,
-  NSSATAV *atav
-);
-
-/*
- * nssRDN_Destroy
- *
- * This routine will destroy an RDN object.  It should eventually be
- * called on all RDNs created without an arena.  While it is not 
- * necessary to call it on RDNs created within an arena, it is not an
- * error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will 
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *
- * Return value:
- *  PR_FAILURE upon failure
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssRDN_Destroy
-(
-  NSSRDN *rdn
-);
-
-/*
- * nssRDN_GetDEREncoding
- *
- * This routine will DER-encode an RDN object.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSRDN
- */
-
-NSS_EXTERN NSSDER *
-nssRDN_GetDEREncoding
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the RDN.  A simple (one-ATAV) RDN will be simply
- * the string representation of that ATAV; a non-simple RDN will be in
- * parenthesised form.  If the optional arena argument is non-null, 
- * the memory used will be obtained from that arena; otherwise, the 
- * memory will be obtained from the heap.  This routine may return 
- * null upon error, in which case it will have set an error on the 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssRDN_GetUTF8Encoding
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_AddATAV
- *
- * This routine adds an ATAV to the set of ATAVs in the specified RDN.
- * Remember that RDNs consist of an unordered set of ATAVs.  If the
- * RDN was created with a non-null arena argument, that same arena
- * will be used for any additional required memory.  If the RDN was 
- * created with a NULL arena argument, any additional memory will
- * be obtained from the heap.  This routine returns a PRStatus value;
- * it will return PR_SUCCESS upon success, and upon failure it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_INVALID_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssRDN_AddATAV
-(
-  NSSRDN *rdn,
-  NSSATAV *atav
-);
-
-/*
- * nssRDN_GetATAVCount
- *
- * This routine returns the cardinality of the set of ATAVs within
- * the specified RDN.  This routine may return 0 upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *
- * Return value:
- *  0 upon error
- *  A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssRDN_GetATAVCount
-(
-  NSSRDN *rdn
-);
-
-/*
- * nssRDN_GetATAV
- *
- * This routine returns a pointer to an ATAV that is a member of
- * the set of ATAVs within the specified RDN.  While the set of
- * ATAVs within an RDN is unordered, this routine will return
- * distinct values for distinct values of 'i' as long as the RDN
- * is not changed in any way.  The RDN may be changed by calling
- * NSSRDN_AddATAV.  The value of the variable 'i' is on the range
- * [0,c) where c is the cardinality returned from NSSRDN_GetATAVCount.
- * The caller owns the ATAV the pointer to which is returned.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have set an error upon the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssRDN_GetATAV
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt,
-  PRUint32 i
-);
-
-/*
- * nssRDN_GetSimpleATAV
- *
- * Most RDNs are actually very simple, with a single ATAV.  This 
- * routine will return the single ATAV from such an RDN.  The caller
- * owns the ATAV the pointer to which is returned.  If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, including the case where
- * the set of ATAVs in the RDN is nonsingular.  Upon error, this
- * routine will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_RDN_NOT_SIMPLE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssRDN_GetSimpleATAV
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_Compare
- *
- * This routine compares two RDNs for equality.  For two RDNs to be
- * equal, they must have the same number of ATAVs, and every ATAV in
- * one must be equal to an ATAV in the other.  (Note that the sets
- * of ATAVs are unordered.)  The result of the comparison will be
- * stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool.  This routine may return PR_FAILURE
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssRDN_Compare
-(
-  NSSRDN *rdn1,
-  NSSRDN *rdn2,
-  PRBool *equalp
-);
-
-/*
- * nssRDN_Duplicate
- *
- * This routine duplicates the specified RDN.  If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL on error
- *  A pointer to a new RDN
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_Duplicate
-(
-  NSSRDN *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq
- *
- * The non-public "methods" regarding this "object" are:
- *
- *  nssRDNSeq_CreateFromBER   -- constructor
- *  nssRDNSeq_CreateFromUTF8  -- constructor
- *  nssRDNSeq_Create          -- constructor
- *
- *  nssRDNSeq_Destroy
- *  nssRDNSeq_GetDEREncoding
- *  nssRDNSeq_GetUTF8Encoding
- *  nssRDNSeq_AppendRDN
- *  nssRDNSeq_GetRDNCount
- *  nssRDNSeq_GetRDN
- *  nssRDNSeq_Compare
- *  nssRDNSeq_Duplicate
- *
- *  nssRDNSeq_EvaluateUTF8 -- not an object method
- */
-
-/*
- * nssRDNSeq_CreateFromBER
- *
- * This routine creates an NSSRDNSeq by decoding a BER- or DER-encoded 
- * sequence of RDNs.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  This routine may return 
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berRDNSeq
-);
-
-/*
- * nssRDNSeq_CreateFromUTF8
- *
- * This routine creates an NSSRDNSeq by decoding a UTF8 string
- * consisting of a comma-separated sequence of RDNs, such as
- * "(sn=Smith,ou=Sales),o=Acme,c=US."  If the optional arena argument
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringRDNSeq
-);
-
-/*
- * nssRDNSeq_Create
- *
- * This routine creates an NSSRDNSeq from one or more NSSRDNs.  The
- * final argument to this routine must be NULL.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_RDN
- *
- * Return value:
- *  NULL upon error
- *  A pointero to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_Create
-(
-  NSSArena *arenaOpt,
-  NSSRDN *rdn1,
-  ...
-);
-
-/*
- * nssRDNSeq_Destroy
- *
- * This routine will destroy an RDNSeq object.  It should eventually 
- * be called on all RDNSeqs created without an arena.  While it is not
- * necessary to call it on RDNSeqs created within an arena, it is not
- * an error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_Destroy
-(
-  NSSRDNSeq *rdnseq
-);
-
-/*
- * nssRDNSeq_GetDEREncoding
- *
- * This routine will DER-encode an RDNSeq object.  If the optional 
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return null upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSRDNSeq
- */
-
-NSS_EXTERN NSSDER *
-nssRDNSeq_GetDEREncoding
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the RDNSeq as a comma-separated sequence of RDNs.  
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return null upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssRDNSeq_GetUTF8Encoding
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_AppendRDN
- *
- * This routine appends an RDN to the end of the existing RDN 
- * sequence.  If the RDNSeq was created with a non-null arena 
- * argument, that same arena will be used for any additional required
- * memory.  If the RDNSeq was created with a NULL arena argument, any
- * additional memory will be obtained from the heap.  This routine
- * returns a PRStatus value; it will return PR_SUCCESS upon success,
- * and upon failure it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_INVALID_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_AppendRDN
-(
-  NSSRDNSeq *rdnseq,
-  NSSRDN *rdn
-);
-
-/*
- * nssRDNSeq_GetRDNCount
- *
- * This routine returns the cardinality of the sequence of RDNs within
- * the specified RDNSeq.  This routine may return 0 upon error, in 
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- *  0 upon error
- *  A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssRDNSeq_GetRDNCount
-(
-  NSSRDNSeq *rdnseq
-);
-
-/*
- * nssRDNSeq_GetRDN
- *
- * This routine returns a pointer to the i'th RDN in the sequence of
- * RDNs that make up the specified RDNSeq.  The sequence begins with
- * the top-level (e.g., "c=US") RDN.  The value of the variable 'i'
- * is on the range [0,c) where c is the cardinality returned from
- * NSSRDNSeq_GetRDNCount.  The caller owns the RDN the pointer to which
- * is returned.  If the optional arena argument is non-null, the memory
- * used will be obtained from that areana; otherwise, the memory will 
- * be obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have set an error upon the error stack.  Note
- * that the usual UTF8 representation of RDN Sequences is from last
- * to first.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRDN
- */
-
-NSS_EXTERN NSSRDN *
-nssRDNSeq_GetRDN
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt,
-  PRUint32 i
-);
-
-/*
- * nssRDNSeq_Compare
- *
- * This routine compares two RDNSeqs for equality.  For two RDNSeqs to 
- * be equal, they must have the same number of RDNs, and each RDN in
- * one sequence must be equal to the corresponding RDN in the other
- * sequence.  The result of the comparison will be stored at the
- * location pointed to by the "equalp" variable, which must point to a
- * valid PRBool.  This routine may return PR_FAILURE upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_Compare
-(
-  NSSRDNSeq *rdnseq1,
-  NSSRDNSeq *rdnseq2,
-  PRBool *equalp
-);
-
-/*
- * nssRDNSeq_Duplicate
- *
- * This routine duplicates the specified RDNSeq.  If the optional arena
- * argument is non-null, the memory required will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This 
- * routine may return NULL upon error, in which case it will have 
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_RDNSEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new RDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_Duplicate
-(
-  NSSRDNSeq *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_EvaluateUTF8
- *
- * This routine evaluates a UTF8 string, and returns PR_TRUE if the 
- * string contains the string representation of an RDNSeq.  This 
- * routine is used by the (directory) Name routines 
- * nssName_CreateFromUTF8 and nssName_EvaluateUTF8 to determine which
- * choice of directory name the string may encode.  This routine may 
- * return PR_FALSE upon error, but it subsumes that condition under the
- * general "string does not evaluate as an RDNSeq" state, and does not
- * set an error on the error stack.
- *
- * Return value:
- *  PR_TRUE if the string represents an RDNSeq
- *  PR_FALSE if otherwise
- */
-
-NSS_EXTERN PRBool
-nssRDNSeq_EvaluateUTF8
-(
-  NSSUTF8 *str
-);
-
-/*
- * NSSName
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssName_CreateFromBER   -- constructor
- * nssName_CreateFromUTF8  -- constructor
- * nssName_Create          -- constructor
- *
- * nssName_Destroy
- * nssName_GetDEREncoding
- * nssName_GetUTF8Encoding
- * nssName_GetChoice
- * nssName_GetRDNSequence
- * nssName_GetSpecifiedChoice
- * nssName_Compare
- * nssName_Duplicate
- *
- * nssName_GetUID
- * nssName_GetEmail
- * nssName_GetCommonName
- * nssName_GetOrganization
- * nssName_GetOrganizationalUnits
- * nssName_GetStateOrProvince
- * nssName_GetLocality
- * nssName_GetCountry
- * nssName_GetAttribute
- *
- * nssName_EvaluateUTF8 -- not an object method
- */
-
-/*
- * nssName_CreateFromBER
- *
- * This routine creates an NSSName by decoding a BER- or DER-encoded 
- * (directory) Name.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may
- * return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berName
-);
-
-/*
- * nssName_CreateFromUTF8
- *
- * This routine creates an NSSName by decoding a UTF8 string 
- * consisting of the string representation of one of the choices of 
- * (directory) names.  Currently the only choice is an RDNSeq.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  The routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringName
-);
-
-/*
- * nssName_Create
- *
- * This routine creates an NSSName with the specified choice of
- * underlying name types.  The value of the choice variable must be
- * one of the values of the NSSNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- *   Choice                     Type
- *   ========================   ===========
- *   NSSNameChoiceRdnSequence   NSSRDNSeq *
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_Create
-(
-  NSSArena *arenaOpt,
-  NSSNameChoice choice,
-  void *arg
-);
-
-/*
- * nssName_Destroy
- *
- * This routine will destroy a Name object.  It should eventually be
- * called on all Names created without an arena.  While it is not
- * necessary to call it on Names created within an arena, it is not
- * an error to do so.  This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS.  If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssName_Destroy
-(
-  NSSName *name
-);
-
-/*
- * nssName_GetDEREncoding
- *
- * This routine will DER-encode a name object.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSName
- */
-
-NSS_EXTERN NSSDER *
-nssName_GetDEREncoding
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the Name in the format specified by the 
- * underlying name choice.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the 
- * memory will be obtained from the heap.  This routine may return
- * NULL upon error, in which case it will have set an error on the 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssName_GetUTF8Encoding
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetChoice
- *
- * This routine returns the type of the choice underlying the specified
- * name.  The return value will be a member of the NSSNameChoice 
- * enumeration.  This routine may return NSSNameChoiceInvalid upon 
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *
- * Return value:
- *  NSSNameChoiceInvalid upon error
- *  An other member of the NSSNameChoice enumeration upon success
- */
-
-NSS_EXTERN NSSNameChoice
-nssName_GetChoice
-(
-  NSSName *name
-);
-
-/*
- * nssName_GetRDNSequence
- *
- * If the choice underlying the specified NSSName is that of an 
- * RDNSequence, this routine will return a pointer to that RDN
- * sequence.  Otherwise, this routine will place an error on the
- * error stack, and return NULL.  If the optional arena argument is
- * non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap.  The
- * caller owns the returned pointer.  This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssName_GetRDNSequence
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSName matches the specified
- * choice, a caller-owned pointer to that underlying object will be
- * returned.  Otherwise, an error will be placed on the error stack and
- * NULL will be returned.  If the optional arena argument is non-null, 
- * the memory required will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap.  The caller owns the returned
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-nssName_GetSpecifiedChoice
-(
-  NSSName *name,
-  NSSNameChoice choice,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_Compare
- *
- * This routine compares two Names for equality.  For two Names to be
- * equal, they must have the same choice of underlying types, and the
- * underlying values must be equal.  The result of the comparison will
- * be stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE on error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssName_Compare
-(
-  NSSName *name1,
-  NSSName *name2,
-  PRBool *equalp
-);
-
-/*
- * nssName_Duplicate
- *
- * This routine duplicates the specified nssname.  If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap.  This routine may return NULL upon error, in which case it
- * will have placed an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new NSSName
- */
-
-NSS_EXTERN NSSName *
-nssName_Duplicate
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished 
- * Names containing a UID attribute, the UID will be the value of 
- * that attribute.  Note that no UID attribute is defined in either 
- * PKIX or PKCS#9; rather, this seems to derive from RFC 1274, which 
- * defines the type as a caseIgnoreString.  We'll return a Directory 
- * String.  If the optional arena argument is non-null, the memory 
- * used will be obtained from that arena; otherwise, the memory will 
- * be obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_UID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetUID
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified name, if the choices and content of the name permit.  
- * If the Name consists of a Sequence of Relative Distinguished 
- * Names containing either a PKIX email address or a PKCS#9 email
- * address, the result will be the value of that attribute.  If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_EMAIL
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5 String */
-nssName_GetEmail
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified name, if the choices and content of the name permit.  
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a PKIX Common Name, the result will be that name.  If 
- * the optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetCommonName
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified name, if the choices and content of the name permit.  
- * If Name consists of a Sequence of Relative Distinguished names 
- * containing a PKIX Organization, the result will be the value of 
- * that attribute.  If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  This routine may return NULL upon 
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_ORGANIZATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetOrganization
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational 
- * unit names from the specified name, if the choices and content of 
- * the name permit.  If the Name consists of a Sequence of Relative 
- * Distinguished Names containing one or more organisational units,
- * the result will be the values of those attributes.  If the optional 
- * arena argument is non-null, the memory used will be obtained from 
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-nssName_GetOrganizationalUnits
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from 
- * the specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a state or province, the result will be the value of 
- * that attribute.  If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  This routine may return NULL upon 
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_STATE_OR_PROVINCE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetStateOrProvince
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetLocality
- *
- * This routine will attempt to derive a locality name from the 
- * specified name, if the choices and content of the name permit.  If
- * the Name consists of a Sequence of Relative Distinguished names
- * containing a Locality, the result will be the value of that 
- * attribute.  If the optional arena argument is non-null, the memory 
- * used will be obtained from that arena; otherwise, the memory will 
- * be obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_LOCALITY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetLocality
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetCountry
- *
- * This routine will attempt to derive a country name from the 
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished 
- * Names containing a Country, the result will be the value of
- * that attribute..  If the optional arena argument is non-null, 
- * the memory used will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may 
- * return NULL upon error, in which case it will have set an error 
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_COUNTRY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-nssName_GetCountry
-(
-  NSSName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetAttribute
- *
- * If the specified name consists of a Sequence of Relative 
- * Distinguished Names containing an attribute with the specified 
- * type, and the actual value of that attribute may be expressed 
- * with a Directory String, then the value of that attribute will 
- * be returned as a Directory String.  If the optional arena argument 
- * is non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine 
- * may return NULL upon error, in which case it will have set an error 
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_NAME
- *  NSS_ERROR_NO_ATTRIBUTE
- *  NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetAttribute
-(
-  NSSName *name,
-  NSSOID *attribute,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssName_EvaluateUTF8
- *
- * This routine evaluates a UTF8 string, and returns PR_TRUE if the 
- * string contains the string representation of an NSSName.  This 
- * routine is used by the GeneralName routine 
- * nssGeneralName_CreateFromUTF8 to determine which choice of
- * general name the string may encode.  This routine may return 
- * PR_FALSE upon error, but it subsumes that condition under the 
- * general "string does not evaluate as a Name" state, and does not
- * set an error on the error stack.
- * 
- * Return value:
- *  PR_TRUE if the string represents a Name
- *  PR_FALSE otherwise
- */
-
-NSS_EXTERN PRBool
-nssName_EvaluateUTF8
-(
-  NSSUTF8 *str
-);
-
-/*
- * NSSGeneralName
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssGeneralName_CreateFromBER   -- constructor
- * nssGeneralName_CreateFromUTF8  -- constructor
- * nssGeneralName_Create          -- constructor
- *
- * nssGeneralName_Destroy
- * nssGeneralName_GetDEREncoding
- * nssGeneralName_GetUTF8Encoding
- * nssGeneralName_GetChoice
- * nssGeneralName_GetOtherName
- * nssGeneralName_GetRfc822Name
- * nssGeneralName_GetDNSName
- * nssGeneralName_GetX400Address
- * nssGeneralName_GetDirectoryName
- * nssGeneralName_GetEdiPartyName
- * nssGeneralName_GetUniformResourceIdentifier
- * nssGeneralName_GetIPAddress
- * nssGeneralName_GetRegisteredID
- * nssGeneralName_GetSpecifiedChoice
- * nssGeneralName_Compare
- * nssGeneralName_Duplicate
- *
- * nssGeneralName_GetUID
- * nssGeneralName_GetEmail
- * nssGeneralName_GetCommonName
- * nssGeneralName_GetOrganization
- * nssGeneralName_GetOrganizationalUnits
- * nssGeneralName_GetStateOrProvince
- * nssGeneralName_GetLocality
- * nssGeneralName_GetCountry
- * nssGeneralName_GetAttribute
- */
-
-/*
- * nssGeneralName_CreateFromBER
- *
- * This routine creates an NSSGeneralName by decoding a BER- or DER-
- * encoded general name.  If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the 
- * memory will be obtained from the heap.  This routine may return 
- * NULL upon error, in which case it will have set an error on the 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berGeneralName
-);
-
-/*
- * nssGeneralName_CreateFromUTF8
- *
- * This routine creates an NSSGeneralName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * general names.  If the optional arena argument is non-null, the 
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.  The routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *stringGeneralName
-);
-
-/*
- * nssGeneralName_Create
- *
- * This routine creates an NSSGeneralName with the specified choice of
- * underlying name types.  The value of the choice variable must be one
- * of the values of the NSSGeneralNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- *   Choice                                         Type
- *   ============================================   =========
- *   NSSGeneralNameChoiceOtherName
- *   NSSGeneralNameChoiceRfc822Name
- *   NSSGeneralNameChoiceDNSName
- *   NSSGeneralNameChoiceX400Address
- *   NSSGeneralNameChoiceDirectoryName              NSSName *
- *   NSSGeneralNameChoiceEdiPartyName
- *   NSSGeneralNameChoiceUniformResourceIdentifier
- *   NSSGeneralNameChoiceIPAddress
- *   NSSGeneralNameChoiceRegisteredID
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be 
- * obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one fo the following values:
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_Create
-(
-  NSSGeneralNameChoice choice,
-  void *arg
-);
-
-/*
- * nssGeneralName_Destroy
- * 
- * This routine will destroy a General Name object.  It should 
- * eventually be called on all General Names created without an arena.
- * While it is not necessary to call it on General Names created within
- * an arena, it is not an error to do so.  This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If 
- * usuccessful, it will set an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- *  PR_FAILURE upon failure
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssGeneralName_Destroy
-(
-  NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralName_GetDEREncoding
- *
- * This routine will DER-encode a name object.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSGeneralName
- */
-
-NSS_EXTERN NSSDER *
-nssGeneralName_GetDEREncoding
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string 
- * representation of the General Name in the format specified by the
- * underlying name choice.  If the optional arena argument is 
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssGeneralName_GetUTF8Encoding
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetChoice
- *
- * This routine returns the type of choice underlying the specified 
- * general name.  The return value will be a member of the 
- * NSSGeneralNameChoice enumeration.  This routine may return 
- * NSSGeneralNameChoiceInvalid upon error, in which case it will have 
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- *  NSSGeneralNameChoiceInvalid upon error
- *  An other member of the NSSGeneralNameChoice enumeration 
- */
-
-NSS_EXTERN NSSGeneralNameChoice
-nssGeneralName_GetChoice
-(
-  NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralName_GetOtherName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * Other Name, this routine will return a pointer to that Other name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSOtherName
- */
-
-NSS_EXTERN NSSOtherName *
-nssGeneralName_GetOtherName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetRfc822Name
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * RFC 822 Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRFC822Name
- */
-
-NSS_EXTERN NSSRFC822Name *
-nssGeneralName_GetRfc822Name
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetDNSName
- *
- * If the choice underlying the specified NSSGeneralName is that of a 
- * DNS Name, this routine will return a pointer to that DNS name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSDNSName
- */
-
-NSS_EXTERN NSSDNSName *
-nssGeneralName_GetDNSName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetX400Address
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * X.400 Address, this routine will return a pointer to that Address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSX400Address
- */
-
-NSS_EXTERN NSSX400Address *
-nssGeneralName_GetX400Address
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetDirectoryName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * (directory) Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSName
- */
-
-NSS_EXTERN NSSName *
-nssGeneralName_GetName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetEdiPartyName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * EDI Party Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSEdiPartyName
- */
-
-NSS_EXTERN NSSEdiPartyName *
-nssGeneralName_GetEdiPartyName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUniformResourceIdentifier
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * URI, this routine will return a pointer to that URI.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSURI
- */
-
-NSS_EXTERN NSSURI *
-nssGeneralName_GetUniformResourceIdentifier
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetIPAddress
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * IP Address , this routine will return a pointer to that address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSIPAddress
- */
-
-NSS_EXTERN NSSIPAddress *
-nssGeneralName_GetIPAddress
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetRegisteredID
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * Registered ID, this routine will return a pointer to that ID.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL.  If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory 
- * will be obtained from the heap.  The caller owns the returned 
- * pointer.  This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to an NSSRegisteredID
- */
-
-NSS_EXTERN NSSRegisteredID *
-nssGeneralName_GetRegisteredID
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSGeneralName matches the
- * specified choice, a caller-owned pointer to that underlying object
- * will be returned.  Otherwise, an error will be placed on the error
- * stack and NULL will be returned.  If the optional arena argument
- * is non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap.  The caller
- * owns the returned pointer.  This routine may return NULL upon 
- * error, in which caes it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-nssGeneralName_GetSpecifiedChoice
-(
-  NSSGeneralName *generalName,
-  NSSGeneralNameChoice choice,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_Compare
- * 
- * This routine compares two General Names for equality.  For two 
- * General Names to be equal, they must have the same choice of
- * underlying types, and the underlying values must be equal.  The
- * result of the comparison will be stored at the location pointed
- * to by the "equalp" variable, which must point to a valid PRBool.
- * This routine may return PR_FAILURE upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following value:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssGeneralName_Compare
-(
-  NSSGeneralName *generalName1,
-  NSSGeneralName *generalName2,
-  PRBool *equalp
-);
-
-/*
- * nssGeneralName_Duplicate
- *
- * This routine duplicates the specified General Name.  If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap.  This routine may return NULL upon error, in which case it 
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new NSSGeneralName
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_Duplicate
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished Names containing a UID
- * attribute, the UID will be the value of that attribute.  Note
- * that no UID attribute is defined in either PKIX or PKCS#9; 
- * rather, this seems to derive from RFC 1274, which defines the
- * type as a caseIgnoreString.  We'll return a Directory String.
- * If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap.  This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_UID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetUID
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing either
- * a PKIX email address or a PKCS#9 email address, the result will
- * be the value of that attribute.  If the General Name is an RFC 822
- * Name, the result will be the string form of that name.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_EMAIL
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5String */
-nssGeneralName_GetEmail
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a PKIX
- * Common Name, the result will be that name.  If the optional arena 
- * argument is non-null, the memory used will be obtained from that 
- * arena; otherwise, the memory will be obtained from the heap.  This 
- * routine may return NULL upon error, in which case it will have set 
- * an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetCommonName
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing an
- * Organization, the result will be the value of that attribute.  
- * If the optional arena argument is non-null, the memory used will 
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_ORGANIZATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetOrganization
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational 
- * unit names from the specified general name, if the choices and 
- * content of the name permit.  If the General Name is a (directory) 
- * Name consisting of a Sequence of Relative Distinguished names 
- * containing one or more organisational units, the result will 
- * consist of those units.  If the optional arena  argument is non-
- * null, the memory used will be obtained from that arena; otherwise, 
- * the memory will be obtained from the heap.  This routine may return 
- * NULL upon error, in which case it will have set an error on the 
- * error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-nssGeneralName_GetOrganizationalUnits
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from 
- * the specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a state or 
- * province, the result will be the value of that attribute.  If the 
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_STATE_OR_PROVINCE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetStateOrProvince
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetLocality
- *
- * This routine will attempt to derive a locality name from 
- * the specified general name, if the choices and content of the name
- * permit.  If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a Locality, 
- * the result will be the value of that attribute.  If the optional 
- * arena argument is non-null, the memory used will be obtained from 
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_LOCALITY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetLocality
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetCountry
- *
- * This routine will attempt to derive a country name from the 
- * specified general name, if the choices and content of the name 
- * permit.  If the General Name is a (directory) Name consisting of a
- * Sequence of Relative Distinguished names containing a Country, the 
- * result will be the value of that attribute.  If the optional 
- * arena argument is non-null, the memory used will be obtained from 
- * that arena; otherwise, the memory will be obtained from the heap.  
- * This routine may return NULL upon error, in which case it will have 
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_COUNTRY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-nssGeneralName_GetCountry
-(
-  NSSGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetAttribute
- *
- * If the specified general name is a (directory) name consisting
- * of a Sequence of Relative Distinguished Names containing an 
- * attribute with the specified type, and the actual value of that
- * attribute may be expressed with a Directory String, then the
- * value of that attribute will be returned as a Directory String.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_ATTRIBUTE
- *  NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetAttribute
-(
-  NSSGeneralName *generalName,
-  NSSOID *attribute,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq
- *
- * The public "methods" regarding this "object" are:
- *
- *  nssGeneralNameSeq_CreateFromBER   -- constructor
- *  nssGeneralNameSeq_Create          -- constructor
- *
- *  nssGeneralNameSeq_Destroy
- *  nssGeneralNameSeq_GetDEREncoding
- *  nssGeneralNameSeq_AppendGeneralName
- *  nssGeneralNameSeq_GetGeneralNameCount
- *  nssGeneralNameSeq_GetGeneralName
- *  nssGeneralNameSeq_Compare
- *  nssGeneralnameSeq_Duplicate
- */
-
-/*
- * nssGeneralNameSeq_CreateFromBER
- *
- * This routine creates a general name sequence by decoding a BER-
- * or DER-encoded GeneralNames.  If the optional arena argument is
- * non-null, the memory used will be obtained from that arena; 
- * otherwise, the memory will be obtained from the heap.  This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *berGeneralNameSeq
-);
-
-/*
- * nssGeneralNameSeq_Create
- *
- * This routine creates an NSSGeneralNameSeq from one or more General
- * Names.  The final argument to this routine must be NULL.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- *  NULL upon error
- *  A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_Create
-(
-  NSSArena *arenaOpt,
-  NSSGeneralName *generalName1,
-  ...
-);
-
-/*
- * nssGeneralNameSeq_Destroy
- *
- * This routine will destroy an NSSGeneralNameSeq object.  It should
- * eventually be called on all NSSGeneralNameSeqs created without an
- * arena.  While it is not necessary to call it on NSSGeneralNameSeq's
- * created within an arena, it is not an error to do so.  This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_Destroy
-(
-  NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * nssGeneralNameSeq_GetDEREncoding
- *
- * This routine will DER-encode an NSSGeneralNameSeq object.  If the
- * optional arena argument is non-null, the memory used will be 
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap.  This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  The DER encoding of this NSSGeneralNameSeq
- */
-
-NSS_EXTERN NSSDER *
-nssGeneralNameSeq_GetDEREncoding
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralNameSeq_AppendGeneralName
- *
- * This routine appends a General Name to the end of the existing
- * General Name Sequence.  If the sequence was created with a non-null
- * arena argument, that same arena will be used for any additional
- * required memory.  If the sequence was created with a NULL arena
- * argument, any additional memory will be obtained from the heap.
- * This routine returns a PRStatus value; it will return PR_SUCCESS
- * upon success, and upon failure it will set an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_INVALID_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure.
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_AppendGeneralName
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralNameSeq_GetGeneralNameCount
- *
- * This routine returns the cardinality of the specified General name
- * Sequence.  This routine may return 0 upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value;
- *  0 upon error
- *  A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssGeneralNameSeq_GetGeneralNameCount
-(
-  NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * nssGeneralNameSeq_GetGeneralName
- *
- * This routine returns a pointer to the i'th General Name in the 
- * specified General Name Sequence.  The value of the variable 'i' is
- * on the range [0,c) where c is the cardinality returned from 
- * NSSGeneralNameSeq_GetGeneralNameCount.  The caller owns the General
- * Name the pointer to which is returned.  If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap.  This
- * routine may return NULL upon error, in which case it will have set
- * an error upon the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A caller-owned pointer to a General Name.
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralNameSeq_GetGeneralName
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSArena *arenaOpt,
-  PRUint32 i
-);
-
-/*
- * nssGeneralNameSeq_Compare
- *
- * This routine compares two General Name Sequences for equality.  For
- * two General Name Sequences to be equal, they must have the same
- * cardinality, and each General Name in one sequence must be equal to
- * the corresponding General Name in the other.  The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool.  This routine may 
- * return PR_FAILURE upon error, in which case it will have set an 
- * error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  PR_FAILURE upon error
- *  PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_Compare
-(
-  NSSGeneralNameSeq *generalNameSeq1,
-  NSSGeneralNameSeq *generalNameSeq2,
-  PRBool *equalp
-);
-
-/*
- * nssGeneralNameSeq_Duplicate
- *
- * This routine duplicates the specified sequence of general names.  If
- * the optional arena argument is non-null, the memory required will be
- * obtained from that arena; otherwise, the memory will be obtained 
- * from the heap.  This routine may return NULL upon error, in which 
- * case it will have placed an error on the error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  NULL upon error
- *  A pointer to a new General Name Sequence.
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_Duplicate
-(
-  NSSGeneralNameSeq *generalNameSeq,
-  NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKI1_H */
diff --git a/security/nss/lib/pki1/pki1t.h b/security/nss/lib/pki1/pki1t.h
deleted file mode 100644
index de6e5c835..000000000
--- a/security/nss/lib/pki1/pki1t.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI1T_H
-#define PKI1T_H
-
-#ifdef DEBUG
-static const char PKI1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pki1t.h
- *
- * This file contains definitions for the types used in the PKIX part-1
- * code, but not available publicly.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSOID
- *
- * This structure is used to hold our internal table of built-in OID
- * data.  The fields are as follows:
- *
- *  NSSItem     data -- this is the actual DER-encoded multinumber oid
- *  const char *expl -- this explains the derivation, and is checked
- *                      in a unit test.  While the field always exists,
- *                      it is only populated or used in debug builds.
- *
- */
-
-struct NSSOIDStr {
-#ifdef DEBUG
-  const NSSUTF8 *tag;
-  const NSSUTF8 *expl;
-#endif /* DEBUG */
-  NSSItem data;
-};
-
-/*
- * nssAttributeTypeAliasTable
- *
- * Attribute types are passed around as oids (at least in the X.500
- * and PKI worlds, as opposed to ldap).  However, when written as 
- * strings they usually have well-known aliases, e.g., "ou" or "c."
- *
- * This type defines a table, populated in the generated oiddata.c
- * file, of the aliases we recognize.
- *
- * The fields are as follows:
- *
- *  NSSUTF8 *alias -- a well-known string alias for an oid
- *  NSSOID  *oid   -- the oid to which the alias corresponds
- *
- */
-
-struct nssAttributeTypeAliasTableStr {
-  const NSSUTF8 *alias;
-  const NSSOID **oid;
-};
-typedef struct nssAttributeTypeAliasTableStr nssAttributeTypeAliasTable;
-
-PR_END_EXTERN_C
-
-#endif /* PKI1T_H */
diff --git a/security/nss/lib/pki1/rdn.c b/security/nss/lib/pki1/rdn.c
deleted file mode 100644
index f778de22c..000000000
--- a/security/nss/lib/pki1/rdn.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * rdn.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * RelativeDistinguishedName.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * RelativeDistinguishedName
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- *  RelativeDistinguishedName       ::=
- *                  SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * An RDN is merely an (unordered) set of ATAV's.  The setSize (that's
- * a noun, not a verb) variable is a "helper" variable kept for
- * convenience.
- */
-
-struct nssRDNStr {
-  PRUint32 setSize;
-  NSSATAV **atavs;
-};
diff --git a/security/nss/lib/pki1/rdnseq.c b/security/nss/lib/pki1/rdnseq.c
deleted file mode 100644
index bbd4dfe4b..000000000
--- a/security/nss/lib/pki1/rdnseq.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * rdnseq.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * RDNSequence.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * RDNSequence
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- *  RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * An RDNSequence is simply an (ordered) sequence of RDN's.  The 
- * seqSize variable is a "helper" kept for simplicity.
- */
-
-struct nssRDNSeqStr {
-  PRUint32 seqSize;
-  NSSRDN **rdns;
-};
diff --git a/security/nss/lib/pkix/doc/name_rules.html b/security/nss/lib/pkix/doc/name_rules.html
deleted file mode 100644
index 70f9dd72e..000000000
--- a/security/nss/lib/pkix/doc/name_rules.html
+++ /dev/null
@@ -1,178 +0,0 @@
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<!--
-   - The contents of this file are subject to the Mozilla Public
-   - License Version 1.1 (the "License"); you may not use this file
-   - except in compliance with the License. You may obtain a copy of
-   - the License at http://www.mozilla.org/MPL/
-   - 
-   - Software distributed under the License is distributed on an "AS
-   - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-   - implied. See the License for the specific language governing
-   - rights and limitations under the License.
-   - 
-   - The Original Code is the Netscape security libraries.
-   - 
-   - The Initial Developer of the Original Code is Netscape
-   - Communications Corporation.  Portions created by Netscape are 
-   - Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-   - Rights Reserved.
-   - 
-   - Contributor(s):
-   - 
-   - Alternatively, the contents of this file may be used under the
-   - terms of the GNU General Public License Version 2 or later (the
-   - "GPL"), in which case the provisions of the GPL are applicable 
-   - instead of those above.  If you wish to allow use of your 
-   - version of this file only under the terms of the GPL and not to
-   - allow others to use your version of this file under the MPL,
-   - indicate your decision by deleting the provisions above and
-   - replace them with the notice and other provisions required by
-   - the GPL.  If you do not delete the provisions above, a recipient
-   - may use your version of this file under either the MPL or the
-   - GPL.
-  -->
-<html>
-<head>
-   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-   <meta name="GENERATOR" content="Mozilla/4.6 [en] (X11; U; IRIX 6.3 IP32) [Netscape]">
-</head>
-<body>
-
-<h1>
-Notes on libpkix name rules</h1>
-&nbsp;
-<h2>
-Types</h2>
-Every type mentioned in RFC 2459 is reflected in libpkix.&nbsp; The type
-names, defined in <tt>nsspkix.h</tt>, are exactly the names used in the
-RFC with the added prefix of ``<tt>NSSPKIX</tt>.''&nbsp; The <tt>PKIX</tt>
-part of the name is to distinguish between these specifically defined types
-and more general reflections that are used in higher-level trust domains,
-crypto contexts, etc.&nbsp; For example, <tt>NSSPKIXCertificate</tt> is
-a type with specific properties defined in RFC 2459, while <tt>NSSCertificate</tt>
-is a general type, not necessarily based on an X.509 certificate, that
-has additional associated information.
-<p>Additionally, libpkix defines some "helper"&nbsp;types, usually when
-a type definition in the RFC&nbsp;was unusually complex.&nbsp; These types
-are prefixed with <tt>NSSPKIX</tt> as above, but the next letter is lowercase.&nbsp;
-Examples of these types include <tt>NSSPKIXrevokedCertificates</tt> and
-<tt>NSSPKIXpolicyMapping</tt>.
-<br>&nbsp;
-<h2>
-Simple types</h2>
-Many types used in or defined by RFC 2459 have more-or-less equivalent
-``natural'' types.&nbsp; These include <tt>BOOLEAN</tt>, <tt>INTEGER</tt>,
-the string types, and the date types.
-<p><tt>BOOLEAN</tt> values are always automatically converted to and from
-<tt>PRBool</tt> types.
-<p><tt>INTEGER</tt> types are used in two ways: as a ``small integer,''
-typically a quantity, and as an identification value (e.g., the serial
-number of a certificate).&nbsp; In the former situation, the RFC usually
-states that the values may be limited by the application to some value.&nbsp;
-We reflect these integers as <tt>PRInt32</tt> values, which is limited
-to about two billion.&nbsp; (The reason an unsigned integer wasn't used
-is that we use -1 as an error value; while admittedly reserving one half
-of the number space merely to indicate an error is perhaps wasteful, reducing
-the count limit from four billion to two isn't that unreasonable.)&nbsp;
-``Large integer'' uses are reflected as <tt>NSSItem</tt>s.
-<p>String types -- even complicated <tt>CHOICE</tt>s of strings -- are
-always converted to and from <tt>NSSUTF8</tt> strings.&nbsp; Most of the
-string types can handle any UTF-8 string; the few that don't will check
-the <tt>NSSUTF8</tt> string for invalid characters and return an error
-if any are found.
-<p>Date types are always converted to and from <tt>PRTime</tt> values.
-<font color="#FF0000">***FGMR*** or whatever.</font><font color="#000000">&nbsp;
-The RFC-defined types may contain values that may not be represented as
-<tt>PRTime</tt>s; when conversion of such a value is attempted, the error
-<tt>NSS_ERROR_VALUE_OUT_OF_RANGE</tt> will be returned.&nbsp; However,
-types that contain time values have comparator methods defined, so that
-valid comparisons may be made, even if the time is out of the range of
-<tt>PRTime</tt>.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Function names</font></h2>
-<font color="#000000">All function names are created by catenating the
-type name, an underscore, and the name of a method defined on that type.&nbsp;
-In some situations, this does create rather long function names; however,
-since these are usually assocated with the more obscure types, we felt
-that sticking to a common naming system was preferable to inventing new
-names.&nbsp; (The Principle of Least Surprise.)</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Universal methods</font></h2>
-<font color="#000000">Every type has a few standard methods:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_CreateFromBER</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Create</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Destroy</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_GetDEREncoding</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Equal</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Duplicate</font></tt></li>
-</ul>
-<font color="#000000">For types for which a BER encoding can be created
-which is not the DER&nbsp;encoding, there is a method <tt>&lt;typename>_GetBEREncoding</tt>.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Accessors</font></h2>
-<font color="#000000">Simple accessor method names are constructed with
-``<tt>Get</tt>'' and ``<tt>Set</tt>'' followed by the field name:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;fieldname></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;fieldname></font></tt></li>
-</ul>
-<font color="#000000">Optional fields also have ``<tt>Has</tt>'' and ``<tt>Remove</tt>''
-methods, constructed in the same way.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Sequences</font></h2>
-<font color="#000000">Sequences have the following accessors:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name>Count</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name>s</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;name>s</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Append&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Insert&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Remove&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Find&lt;name></font></tt></li>
-</ul>
-<font color="#000000">Sets (unordered sequences) replace the <tt>Append</tt>
-and <tt>Insert</tt> methods with <tt>Add</tt>.&nbsp; The plural Get and
-Set methods operate on arrays of the subtype.</font>
-<br><font color="#000000"></font>&nbsp;
-<br><font color="#000000"></font>&nbsp;
-<br><font color="#000000"></font>&nbsp;
-</body>
-</html>
diff --git a/security/nss/lib/pkix/include/nsspkix.h b/security/nss/lib/pkix/include/nsspkix.h
deleted file mode 100644
index 6e55be3a9..000000000
--- a/security/nss/lib/pkix/include/nsspkix.h
+++ /dev/null
@@ -1,24377 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIX_H
-#define NSSPKIX_H
-
-#ifdef DEBUG
-static const char NSSPKIX_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkix.h
- *
- * This file contains the prototypes for the public methods defined
- * for the PKIX part-1 objects.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Attribute       ::=     SEQUENCE {
- *          type            AttributeType,
- *          values  SET OF AttributeValue
- *                  -- at least one value is required -- }
- *
- * The public calls for the type:
- * 
- *  NSSPKIXAttribute_Decode
- *  NSSPKIXAttribute_Create
- *  NSSPKIXAttribute_CreateFromArray
- *  NSSPKIXAttribute_Destroy
- *  NSSPKIXAttribute_Encode
- *  NSSPKIXAttribute_GetType
- *  NSSPKIXAttribute_SetType
- *  NSSPKIXAttribute_GetValueCount
- *  NSSPKIXAttribute_GetValues
- *  NSSPKIXAttribute_SetValues
- *  NSSPKIXAttribute_GetValue
- *  NSSPKIXAttribute_SetValue
- *  NSSPKIXAttribute_AddValue
- *  NSSPKIXAttribute_RemoveValue
- *  NSSPKIXAttribute_FindValue
- *  NSSPKIXAttribute_Equal
- *  NSSPKIXAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459.  This
- * routine may return NULL upon error, in which case it will
- * have created an error stack.  If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value1,
-  ...
-);
-
-/*
- * NSSPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  PRUint32 count,
-  NSSPKIXAttributeValue values[]
-);
-
-/*
- * NSSPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute.  It should be called on
- * all such objects created without an arena.  It does not need to be
- * called for objects created with an arena, but it may be.  This
- * routine returns a PRStatus value.  Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_Destroy
-(
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_Encode
- *
- * This routine returns the BER encoding of the specified 
- * NSSPKIXAttribute.  {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA) 
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAttribute_Encode
-(
-  NSSPKIXAttribute *attribute,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-NSSPKIXAttribute_GetType
-(
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value.  Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetType
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeType *attributeType
-);
-
-/*
- * NSSPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute.  This routine returns a PRInt32.
- * Upon error, this routine returns -1.  This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAttribute_GetValueCount
-(
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute.  If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned.  If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSItem's upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified 
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue values[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute.  Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed.  {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_AddValue
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue *value
-); 
-
-/*
- * NSSPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute.  An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_RemoveValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data.  If an exact match is found,
- * then that value's index is returned.  If an exact match is not 
- * found, -1 is returned.  If there is more than one exact match, one
- * index will be returned.  {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAttribute_FindValue
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue *attributeValue
-);
-
-/*
- * NSSPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAttribute_Equal
-(
-  NSSPKIXAttribute *one,
-  NSSPKIXAttribute *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute.  {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Duplicate
-(
-  NSSPKIXAttribute *attribute,
-  NSSArena *arenaOpt
-);
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID), 
- * and the type-specific value.  RelativeDistinguishedNames consist
- * of a set of these.  These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- *  AttributeTypeAndValue           ::=     SEQUENCE {
- *          type    AttributeType,
- *          value   AttributeValue }
- * 
- * The public calls for the type:
- *
- *  NSSPKIXAttributeTypeAndValue_Decode
- *  NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *  NSSPKIXAttributeTypeAndValue_Create
- *  NSSPKIXAttributeTypeAndValue_Destroy
- *  NSSPKIXAttributeTypeAndValue_Encode
- *  NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *  NSSPKIXAttributeTypeAndValue_GetType
- *  NSSPKIXAttributeTypeAndValue_SetType
- *  NSSPKIXAttributeTypeAndValue_GetValue
- *  NSSPKIXAttributeTypeAndValue_SetValue
- *  NSSPKIXAttributeTypeAndValue_Equal
- *  NSSPKIXAttributeTypeAndValue_Duplicate
- */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Create
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Destroy
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_Destroy
-(
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Encode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAttributeTypeAndValue_Encode
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-NSSPKIXAttributeTypeAndValue_GetType
-(
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_SetType
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeType *attributeType
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttributeTypeAndValue_GetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_SetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Equal
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAttributeTypeAndValue_Equal
-(
-  NSSPKIXAttributeTypeAndValue *atav1,
-  NSSPKIXAttributeTypeAndValue *atav2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Duplicate
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520name        ::= CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-name)),
- *        printableString       PrintableString (SIZE (1..ub-name)),
- *        universalString       UniversalString (SIZE (1..ub-name)),
- *        utf8String            UTF8String (SIZE (1..ub-name)),
- *        bmpString             BMPString (SIZE(1..ub-name))   }
- *
- *  ub-name INTEGER ::=     32768
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520Name_Decode
- *  NSSPKIXX520Name_CreateFromUTF8
- *  NSSPKIXX520Name_Create (?)
- *  NSSPKIXX520Name_Destroy
- *  NSSPKIXX520Name_Encode
- *  NSSPKIXX520Name_GetUTF8Encoding
- *  NSSPKIXX520Name_Equal
- *  NSSPKIXX520Name_Duplicate
- *
- * The public data for this type:
- *
- *  NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- */
-
-/*
- * NSSPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520Name_Create
- *
- * XXX fgmr: currently nssStringType is a private type.  Thus,
- * this public method should not exist.  I'm leaving this here
- * to remind us later what we want to decide.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING_TYPE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-/* 
- * NSS_EXTERN NSSPKIXX520Name *
- * NSSPKIXX520Name_Create
- * (
- *   NSSArena *arenaOpt,
- *   nssStringType type,
- *   NSSItem *data
- * );
- */
-
-/*
- * NSSPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Name_Destroy
-(
-  NSSPKIXX520Name *name
-);
-
-/*
- * NSSPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Name_Encode
-(
-  NSSPKIXX520Name *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXX520Name_GetUTF8Encoding
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXX520Name_Equal
-(
-  NSSPKIXX520Name *name1,
-  NSSPKIXX520Name *name2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXX520Name_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_Duplicate
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- *  ub-name INTEGER ::=     32768
- */
-
-extern const PRUint32 NSSPKIXX520Name_MAXIMUM_LENGTH;
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520CommonName  ::=      CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-common-name)),
- *        printableString       PrintableString (SIZE (1..ub-common-name)),
- *        universalString       UniversalString (SIZE (1..ub-common-name)),
- *        utf8String            UTF8String (SIZE (1..ub-common-name)),
- *        bmpString             BMPString (SIZE(1..ub-common-name))   }
- * 
- *  ub-common-name  INTEGER ::=     64
- * 
- * The public calls for this type:
- *
- *  NSSPKIXX520CommonName_Decode
- *  NSSPKIXX520CommonName_CreateFromUTF8
- *  NSSPKIXX520CommonName_Create (?)
- *  NSSPKIXX520CommonName_Destroy
- *  NSSPKIXX520CommonName_Encode
- *  NSSPKIXX520CommonName_GetUTF8Encoding
- *  NSSPKIXX520CommonName_Equal
- *  NSSPKIXX520CommonName_Duplicate
- *
- * The public data for this type:
- *
- *  NSSPKIXX520CommonName_MAXIMUM_LENGTH
- *
- */
-
-/*
- * NSSPKIXX520CommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520CommonName_Create
- *
- * XXX fgmr: currently nssStringType is a private type.  Thus,
- * this public method should not exist.  I'm leaving this here
- * to remind us later what we want to decide.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING_TYPE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-/* 
- * NSS_EXTERN NSSPKIXX520CommonName *
- * NSSPKIXX520CommonName_Create
- * (
- *   NSSArena *arenaOpt,
- *   nssStringType type,
- *   NSSItem *data
- * );
- */
-
-/*
- * NSSPKIXX520CommonName_Destroy
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_COMMON_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520CommonName_Destroy
-(
-  NSSPKIXX520CommonName *name
-);
-
-/*
- * NSSPKIXX520CommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520CommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520CommonName_Encode
-(
-  NSSPKIXX520CommonName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXX520CommonName_GetUTF8Encoding
-(
-  NSSPKIXX520CommonName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_Equal
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_COMMON_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXX520CommonName_Equal
-(
-  NSSPKIXX520CommonName *name1,
-  NSSPKIXX520CommonName *name2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXX520CommonName_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_Duplicate
-(
-  NSSPKIXX520CommonName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- *  ub-common-name  INTEGER ::=     64
- */
-
-extern const PRUint32 NSSPKIXX520CommonName_MAXIMUM_LENGTH;
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520LocalityName ::= CHOICE {
- *        teletexString       TeletexString (SIZE (1..ub-locality-name)),
- *        printableString     PrintableString (SIZE (1..ub-locality-name)),
- *        universalString     UniversalString (SIZE (1..ub-locality-name)),
- *        utf8String          UTF8String (SIZE (1..ub-locality-name)),
- *        bmpString           BMPString (SIZE(1..ub-locality-name))   }
- * 
- * The public calls for this type:
- *
- *  NSSPKIXX520LocalityName_Decode
- *  NSSPKIXX520LocalityName_CreateFromUTF8
- *  NSSPKIXX520LocalityName_Encode
- *
- */
-
-/*
- * NSSPKIXX520LocalityName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520LocalityName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-NSSPKIXX520LocalityName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520LocalityName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520LocalityName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-NSSPKIXX520LocalityName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520LocalityName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520LocalityName_Encode
-(
-  NSSPKIXX520LocalityName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520StateOrProvinceName         ::= CHOICE {
- *        teletexString       TeletexString (SIZE (1..ub-state-name)),
- *        printableString     PrintableString (SIZE (1..ub-state-name)),
- *        universalString     UniversalString (SIZE (1..ub-state-name)),
- *        utf8String          UTF8String (SIZE (1..ub-state-name)),
- *        bmpString           BMPString (SIZE(1..ub-state-name))   }
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520StateOrProvinceName_Decode
- *  NSSPKIXX520StateOrProvinceName_CreateFromUTF8
- *  NSSPKIXX520StateOrProvinceName_Encode
- *
- */
-
-/*
- * NSSPKIXX520StateOrProvinceName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-NSSPKIXX520StateOrProvinceName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520StateOrProvinceName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-NSSPKIXX520StateOrProvinceName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520StateOrProvinceName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520StateOrProvinceName_Encode
-(
-  NSSPKIXX520StateOrProvinceName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520OrganizationName ::= CHOICE {
- *    teletexString     TeletexString (SIZE (1..ub-organization-name)),
- *    printableString   PrintableString (SIZE (1..ub-organization-name)),
- *    universalString   UniversalString (SIZE (1..ub-organization-name)),
- *    utf8String        UTF8String (SIZE (1..ub-organization-name)),
- *    bmpString         BMPString (SIZE(1..ub-organization-name))   }
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520OrganizationName_Decode
- *  NSSPKIXX520OrganizationName_CreateFromUTF8
- *  NSSPKIXX520OrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXX520OrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-NSSPKIXX520OrganizationName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520OrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-NSSPKIXX520OrganizationName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520OrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520OrganizationName_Encode
-(
-  NSSPKIXX520OrganizationName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520OrganizationalUnitName ::= CHOICE {
- *   teletexString    TeletexString (SIZE (1..ub-organizational-unit-name)),
- *   printableString        PrintableString
- *                        (SIZE (1..ub-organizational-unit-name)),
- *   universalString        UniversalString
- *                        (SIZE (1..ub-organizational-unit-name)),
- *   utf8String       UTF8String (SIZE (1..ub-organizational-unit-name)),
- *   bmpString        BMPString (SIZE(1..ub-organizational-unit-name))   }
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520OrganizationalUnitName_Decode
- *  NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
- *  NSSPKIXX520OrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXX520OrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-NSSPKIXX520OrganizationalUnitName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520OrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520OrganizationalUnitName_Encode
-(
-  NSSPKIXX520OrganizationalUnitName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520Title ::=   CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-title)),
- *        printableString       PrintableString (SIZE (1..ub-title)),
- *        universalString       UniversalString (SIZE (1..ub-title)),
- *        utf8String            UTF8String (SIZE (1..ub-title)),
- *        bmpString             BMPString (SIZE(1..ub-title))   }
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520Title_Decode
- *  NSSPKIXX520Title_CreateFromUTF8
- *  NSSPKIXX520Title_Encode
- *
- */
-
-/*
- * NSSPKIXX520Title_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Title upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-NSSPKIXX520Title_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520Title_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Title upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-NSSPKIXX520Title_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520Title_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Title_Encode
-(
-  NSSPKIXX520Title *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520dnQualifier ::=     PrintableString
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520dnQualifier_Decode
- *  NSSPKIXX520dnQualifier_CreateFromUTF8
- *  NSSPKIXX520dnQualifier_Encode
- *
- */
-
-/*
- * NSSPKIXX520dnQualifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520dnQualifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-NSSPKIXX520dnQualifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520dnQualifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520dnQualifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-NSSPKIXX520dnQualifier_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520dnQualifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520dnQualifier_Encode
-(
-  NSSPKIXX520dnQualifier *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520countryName ::=     PrintableString (SIZE (2)) -- IS 3166 codes
- *
- * The public calls for this type:
- *
- *  NSSPKIXX520countryName_Decode
- *  NSSPKIXX520countryName_CreateFromUTF8
- *  NSSPKIXX520countryName_Encode
- *
- */
-
-/*
- * NSSPKIXX520countryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520countryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-NSSPKIXX520countryName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX520countryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520countryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-NSSPKIXX520countryName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520countryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520countryName_Encode
-(
-  NSSPKIXX520countryName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXPkcs9email_Decode
- *  NSSPKIXPkcs9email_CreateFromUTF8
- *  NSSPKIXPkcs9email_Encode
- *
- */
-
-/*
- * NSSPKIXPkcs9email_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPkcs9email upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-NSSPKIXPkcs9email_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPkcs9email_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPkcs9email upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-NSSPKIXPkcs9email_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPkcs9email_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPkcs9email_Encode
-(
-  NSSPKIXPkcs9email *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- *  Name            ::=   CHOICE { -- only one possibility for now --
- *                                   rdnSequence  RDNSequence }
- *
- * The public calls for this type:
- *
- *  NSSPKIXName_Decode
- *  NSSPKIXName_CreateFromUTF8
- *  NSSPKIXName_Create
- *  NSSPKIXName_CreateFromRDNSequence
- *  NSSPKIXName_Destroy
- *  NSSPKIXName_Encode
- *  NSSPKIXName_GetUTF8Encoding
- *  NSSPKIXName_GetChoice
- *  NSSPKIXName_GetRDNSequence
- *  NSSPKIXName_GetSpecifiedChoice {fgmr remove this}
- *  NSSPKIXName_SetRDNSequence
- *  NSSPKIXName_SetSpecifiedChoice
- *  NSSPKIXName_Equal
- *  NSSPKIXName_Duplicate
- *
- *  (here is where I had specific attribute value gettors in pki1)
- *
- */
-
-/*
- * NSSPKIXName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * NSSPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXNameChoice choice,
-  void *arg
-);
-
-/*
- * NSSPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_CreateFromRDNSequence
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRDNSequence *rdnSequence
-);
-
-/*
- * NSSPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXName_Destroy
-(
-  NSSPKIXName *name
-);
-
-/*
- * NSSPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXName_Encode
-(
-  NSSPKIXName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXName_GetUTF8Encoding
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  A valid element of the NSSPKIXNameChoice enumeration upon success
- *  The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_EXTERN NSSPKIXNameChoice
-NSSPKIXName_GetChoice
-(
-  NSSPKIXName *name
-);
-
-/*
- * NSSPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A pointer to a valid NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXName_GetRDNSequence
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A valid pointer ...
- *  NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXName_GetSpecifiedChoice
-(
-  NSSPKIXName *name,
-  NSSPKIXNameChoice choice,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXName_Equal
-(
-  NSSPKIXName *name1,
-  NSSPKIXName *name2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Duplicate
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- *  RDNSequence     ::=   SEQUENCE OF RelativeDistinguishedName
- *
- * The public calls for this type:
- *
- *  NSSPKIXRDNSequence_Decode
- *  NSSPKIXRDNSequence_CreateFromUTF8
- *  NSSPKIXRDNSequence_Create
- *  NSSPKIXRDNSequence_CreateFromArray
- *  NSSPKIXRDNSequence_Destroy
- *  NSSPKIXRDNSequence_Encode
- *  NSSPKIXRDNSequence_GetUTF8Encoding
- *  NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *  NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *  NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *  NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *  NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *  NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *  NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *  NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *  NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *  NSSPKIXRDNSequence_Equal
- *  NSSPKIXRDNSequence_Duplicate
- *
- */
-
-/*
- * NSSPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * NSSPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRelativeDistinguishedName *rdn1,
-  ...
-);
-
-/*
- * NSSPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXRelativeDistinguishedName *rdns[]
-);
-
-/*
- * NSSPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_Destroy
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * NSSPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXRDNSequence_Encode
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXRDNSequence_GetUTF8Encoding
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence.  {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXRelativeDistinguishedName 
- *      pointers upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName **
-NSSPKIXRDNSequence_GetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdns[],
-  PRInt32 countOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRDNSequence_GetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_AppendRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_InsertRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRDNSequence_FindRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRDNSequence_Equal
-(
-  NSSPKIXRDNSequence *one,
-  NSSPKIXRDNSequence *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Duplicate
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistinguishedName       ::=   RDNSequence
- *
- * This is just a public typedef; no new methods are required. {fgmr-- right?}
- */
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue 
- * objects.  RDNs are used to distinguish a set of objects underneath 
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN.  However, sometimes a set of ATAVs is
- * needed.  For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- *  RelativeDistinguishedName  ::=
- *                      SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * The public calls for this type:
- *
- *  NSSPKIXRelativeDistinguishedName_Decode
- *  NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *  NSSPKIXRelativeDistinguishedName_Create
- *  NSSPKIXRelativeDistinguishedName_CreateFromArray
- *  NSSPKIXRelativeDistinguishedName_Destroy
- *  NSSPKIXRelativeDistinguishedName_Encode
- *  NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *  NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_Equal
- *  NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * fgmr: Logical additional functions include
- *
- *  NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValueByType
- *    returns PRInt32
- *  NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValuesByType
- *    returns array of PRInt32
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueForType
- *    returns NSSPKIXAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValuesForType
- *    returns array of NSSPKIXAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_GetAttributeValueForType
- *    returns NSSPKIXAttributeValue
- *  NSSPKIXRelativeDistinguishedName_GetAttributeValuesForType
- *    returns array of NSSPKIXAttributeValue
- *
- * NOTE: the "return array" versions are only meaningful if an RDN may
- * contain multiple ATAVs with the same type.  Verify in the RFC if
- * this is possible or not.  If not, nuke those three functions.
- *
- */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeTypeAndValue *atav1,
-  ...
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXAttributeTypeAndValue *atavs[]
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_Destroy
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXRelativeDistinguishedName_Encode
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXAttributeTypeAndValue 
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue **
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atavs[],
-  PRInt32 countOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRelativeDistinguishedName_Equal
-(
-  NSSPKIXRelativeDistinguishedName *one,
-  NSSPKIXRelativeDistinguishedName *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Duplicate
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DirectoryString ::= CHOICE {
- *        teletexString             TeletexString (SIZE (1..MAX)),
- *        printableString           PrintableString (SIZE (1..MAX)),
- *        universalString           UniversalString (SIZE (1..MAX)),
- *        utf8String              UTF8String (SIZE (1..MAX)),
- *        bmpString               BMPString (SIZE(1..MAX))   }
- *
- * The public calls for this type:
- *
- *  NSSPKIXDirectoryString_Decode
- *  NSSPKIXDirectoryString_CreateFromUTF8
- *  NSSPKIXDirectoryString_Encode
- *
- */
-
-/*
- * NSSPKIXDirectoryString_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDirectoryString upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-NSSPKIXDirectoryString_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXDirectoryString_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDirectoryString upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-NSSPKIXDirectoryString_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXDirectoryString_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_DIRECTORY_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDirectoryString_Encode
-(
-  NSSPKIXDirectoryString *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Certificate  ::=  SEQUENCE  {
- *       tbsCertificate       TBSCertificate,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- * The public calls for this type:
- *
- *  NSSPKIXCertificate_Decode
- *  NSSPKIXCertificate_Create
- *  NSSPKIXCertificate_Destroy
- *  NSSPKIXCertificate_Encode
- *  NSSPKIXCertificate_GetTBSCertificate
- *  NSSPKIXCertificate_SetTBSCertificate
- *  NSSPKIXCertificate_GetAlgorithmIdentifier
- *  NSSPKIXCertificate_SetAlgorithmIdentifier
- *  NSSPKIXCertificate_GetSignature
- *  NSSPKIXCertificate_SetSignature
- *  NSSPKIXCertificate_Equal
- *  NSSPKIXCertificate_Duplicate
- *
- *  { inherit TBSCertificate gettors? }
- *
- */
-
-/*
- * NSSPKIXCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificate_Create
- *
- * -- fgmr comments --
- * { at this level we'll have to just accept a specified signature }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_ALGID
- *  NSS_ERROR_INVALID_PKIX_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXAlgorithmIdentifier *algID,
-  NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_Destroy
-(
-  NSSPKIXCertificate *cert
-);
-
-/*
- * NSSPKIXCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificate_Encode
-(
-  NSSPKIXCertificate *cert,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_GetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXCertificate_GetTBSCertificate
-(
-  NSSPKIXCertificate *cert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetTBSCertificate
-(
-  NSSPKIXCertificate *cert,
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXCertificate_GetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXCertificate_GetAlgorithmIdentifier
-(
-  NSSPKIXCertificate *cert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetAlgorithmIdentifier
-(
-  NSSPKIXCertificate *cert,
-  NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * NSSPKIXCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXCertificate_GetSignature
-(
-  NSSPKIXCertificate *cert,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetSignature
-(
-  NSSPKIXCertificate *cert,
-  NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificate_Equal
-(
-  NSSPKIXCertificate *one,
-  NSSPKIXCertificate *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Duplicate
-(
-  NSSPKIXCertificate *cert,
-  NSSArena *arenaOpt
-);
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertificate  ::=  SEQUENCE  {
- *       version         [0]  Version DEFAULT v1,
- *       serialNumber         CertificateSerialNumber,
- *       signature            AlgorithmIdentifier,
- *       issuer               Name,
- *       validity             Validity,
- *       subject              Name,
- *       subjectPublicKeyInfo SubjectPublicKeyInfo,
- *       issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       extensions      [3]  Extensions OPTIONAL
- *                            -- If present, version shall be v3 --  }
- *
- * The public calls for this type:
- *
- *  NSSPKIXTBSCertificate_Decode
- *  NSSPKIXTBSCertificate_Create
- *  NSSPKIXTBSCertificate_Destroy
- *  NSSPKIXTBSCertificate_Encode
- *  NSSPKIXTBSCertificate_GetVersion
- *  NSSPKIXTBSCertificate_SetVersion
- *  NSSPKIXTBSCertificate_GetSerialNumber
- *  NSSPKIXTBSCertificate_SetSerialNumber
- *  NSSPKIXTBSCertificate_GetSignature
- *  NSSPKIXTBSCertificate_SetSignature
- *    { inherit algid gettors? }
- *  NSSPKIXTBSCertificate_GetIssuer
- *  NSSPKIXTBSCertificate_SetIssuer
- *    { inherit "helper" issuer gettors? }
- *  NSSPKIXTBSCertificate_GetValidity
- *  NSSPKIXTBSCertificate_SetValidity
- *    { inherit validity accessors }
- *  NSSPKIXTBSCertificate_GetSubject
- *  NSSPKIXTBSCertificate_SetSubject
- *  NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *  NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *  NSSPKIXTBSCertificate_HasIssuerUniqueID
- *  NSSPKIXTBSCertificate_GetIssuerUniqueID
- *  NSSPKIXTBSCertificate_SetIssuerUniqueID
- *  NSSPKIXTBSCertificate_RemoveIssuerUniqueID
- *  NSSPKIXTBSCertificate_HasSubjectUniqueID
- *  NSSPKIXTBSCertificate_GetSubjectUniqueID
- *  NSSPKIXTBSCertificate_SetSubjectUniqueID
- *  NSSPKIXTBSCertificate_RemoveSubjectUniqueID
- *  NSSPKIXTBSCertificate_HasExtensions
- *  NSSPKIXTBSCertificate_GetExtensions
- *  NSSPKIXTBSCertificate_SetExtensions
- *  NSSPKIXTBSCertificate_RemoveExtensions
- *    { extension accessors }
- *  NSSPKIXTBSCertificate_Equal
- *  NSSPKIXTBSCertificate_Duplicate
- */
-
-/*
- * NSSPKIXTBSCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTBSCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ISSUER_NAME
- *  NSS_ERROR_INVALID_VALIDITY
- *  NSS_ERROR_INVALID_SUBJECT_NAME
- *  NSS_ERROR_INVALID_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ISSUER_UNIQUE_IDENTIFIER
- *  NSS_ERROR_INVALID_SUBJECT_UNIQUE_IDENTIFIER
- *  NSS_ERROR_INVALID_EXTENSION
- *
- * Return value:
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXVersion version,
-  NSSPKIXCertificateSerialNumber *serialNumber,
-  NSSPKIXAlgorithmIdentifier *signature,
-  NSSPKIXName *issuer,
-  NSSPKIXValidity *validity,
-  NSSPKIXName *subject,
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSPKIXUniqueIdentifier *issuerUniqueID,
-  NSSPKIXUniqueIdentifier *subjectUniqueID,
-  NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_Destroy
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTBSCertificate_Encode
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid element of the NSSPKIXVersion enumeration upon success
- *  NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-NSSPKIXTBSCertificate_GetVersion
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetVersion
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXVersion version
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXTBSCertificate_GetSerialNumber
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXCertificateSerialNumber *snOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSerialNumber
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXCertificateSerialNumber *sn
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXTBSCertificate_GetSignature
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSignature
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXAlgorithmIdentifier *algID
-);
-
-/*
- *   { fgmr inherit algid gettors? }
- */
-
-/*
- * NSSPKIXTBSCertificate_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertificate_GetIssuer
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetIssuer
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXName *issuer
-);
-
-/*
- *   { inherit "helper" issuer gettors? }
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *
- * Return value:
- */
-
-/*
- * NSSPKIXTBSCertificate_GetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXTBSCertificate_GetValidity
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetValidity
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXValidity *validity
-);
-
-/*
- *   { fgmr inherit validity accessors }
- */
-
-/*
- * NSSPKIXTBSCertificate_GetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertificate_GetSubject
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubject
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXName *subject
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * NSSPKIXTBSCertificate_HasIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- *  A valid pointer to an NSSPKIXUniqueIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-NSSPKIXTBSCertificate_GetIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uidOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_HasSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- *  A valid pointer to an NSSPKIXUniqueIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-NSSPKIXTBSCertificate_GetSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uidOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_HasExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensions upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXTBSCertificate_GetExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- *   { extension accessors }
- */
-
-/*
- * NSSPKIXTBSCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_Equal
-(
-  NSSPKIXTBSCertificate *one,
-  NSSPKIXTBSCertificate *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Duplicate
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateSerialNumber  ::=  INTEGER
- *
- * This is just a typedef'd NSSBER; no methods are required.
- * {fgmr -- the asn.1 stuff should have routines to convert
- * integers to natural types when possible and vv.  we can
- * refer to them here..}
- */
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Validity ::= SEQUENCE {
- *       notBefore      Time,
- *       notAfter       Time }
- *
- * The public calls for the type:
- *
- *  NSSPKIXValidity_Decode
- *  NSSPKIXValidity_Create
- *  NSSPKIXValidity_Encode
- *  NSSPKIXValidity_Destroy
- *  NSSPKIXValidity_GetNotBefore
- *  NSSPKIXValidity_SetNotBefore
- *  NSSPKIXValidity_GetNotAfter
- *  NSSPKIXValidity_SetNotAfter
- *  NSSPKIXValidity_Equal
- *  NSSPKIXValidity_Compare
- *  NSSPKIXValidity_Duplicate
- *
- */
-
-/*
- * NSSPKIXValidity_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXValidity_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTime notBefore,
-  NSSPKIXTime notAfter
-);
-
-/*
- * NSSPKIXValidity_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_Destroy
-(
-  NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXValidity_Encode
-(
-  NSSPKIXValidity *validity,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXValidity_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXValidity_GetNotBefore
-(
-  NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_SetNotBefore
- *
- * -- fgmr comments --
- * {do we require that it be before the "notAfter" value?}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_SetNotBefore
-(
-  NSSPKIXValidity *validity,
-  NSSPKIXTime notBefore
-);
-
-/*
- * NSSPKIXValidity_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXValidity_GetNotAfter
-(
-  NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_SetNotAfter
-(
-  NSSPKIXValidity *validity,
-  NSSPKIXTime notAfter
-);
-
-/*
- * NSSPKIXValidity_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXValidity_Equal
-(
-  NSSPKIXValidity *one,
-  NSSPKIXValidity *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXValidity_Compare
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *   1 if the second is "greater" or later than the first
- *   0 if they are equal
- *  -1 if the first is "greater" or later than the first
- *  -2 upon failure
- */
-
-NSS_EXTERN PRIntn
-NSSPKIXValidity_Compare
-(
-  NSSPKIXValidity *one,
-  NSSPKIXValidity *two
-);
-
-/*
- * NSSPKIXValidity_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Duplicate
-(
-  NSSPKIXValidity *validity,
-  NSSArena *arenaOpt
-);
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Time ::= CHOICE {
- *       utcTime        UTCTime,
- *       generalTime    GeneralizedTime }
- *
- * The public calls for the type:
- *
- *  NSSPKIXTime_Decode
- *  NSSPKIXTime_CreateFromPRTime
- *  NSSPKIXTime_CreateFromUTF8
- *  NSSPKIXTime_Destroy
- *  NSSPKIXTime_Encode
- *  NSSPKIXTime_GetPRTime
- *  NSSPKIXTime_GetUTF8Encoding
- *  NSSPKIXTime_Equal
- *  NSSPKIXTime_Duplicate
- *  NSSPKIXTime_Compare
- *  
- */
-
-/*
- * NSSPKIXTime_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTime upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromPRTime
-(
-  NSSArena *arenaOpt,
-  PRTime prTime
-);
-
-/*
- * NSSPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTime_Destroy
- *
- */
-
-NSS_EXTERN PR_STATUS
-NSSPKIXTime_Destroy
-(
-  NSSPKIXTime *time
-);
-
-/*
- * NSSPKIXTime_Encode
- *
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTime_Encode
-(
-  NSSPKIXTime *time,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_EXTERN PRTime
-NSSPKIXTime_GetPRTime
-(
-  NSSPKIXTime *time,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKXITime_GetUTF8Encoding
-(
-  NSSPKIXTime *time,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_Equal
- *
- */
-
-NSS_EXTERN PRBool
-NSSPKXITime_Equal
-(
-  NSSPKXITime *time1,
-  NSSPKXITime *time2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTime_Duplicate
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKXITime_Duplicate
-(
-  NSSPKIXTime *time,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- *  Returns 0 on error
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTime_Compare
-(
-  NSSPKIXTime *time1,
-  NSSPKIXTime *tiem2,
-  PRStatus *statusOpt
-);
-
-/*
- * UniqueIdentifier
- *
- * -- fgmr comments --
- * Should we distinguish bitstrings from "regular" items/BERs?
- * It could be another typedef, but with a separate type to help
- * remind users about the factor of 8.  OR we could make it a
- * hard type, and require the use of some (trivial) converters.
- *
- * From RFC 2459:
- *
- *  UniqueIdentifier  ::=  BIT STRING
- *
- */
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *       algorithm            AlgorithmIdentifier,
- *       subjectPublicKey     BIT STRING  }
- *
- * The public calls for the type:
- *
- *  NSSPKIXSubjectPublicKeyInfo_Decode
- *  NSSPKIXSubjectPublicKeyInfo_Create
- *  NSSPKIXSubjectPublicKeyInfo_Encode
- *  NSSPKIXSubjectPublicKeyInfo_Destroy
- *  NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
- *  NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
- *  NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *  NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *  NSSPKIXSubjectPublicKeyInfo_Equal
- *  NSSPKIXSubjectPublicKeyInfo_Duplicate
- *
- */
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *subjectPublicKey
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_Destroy
-(
-  NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXSubjectPublicKeyInfo_Encode
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSItem *spkOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSItem *spk
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXSubjectPublicKeyInfo_Equal
-(
-  NSSPKIXSubjectPublicKeyInfo *one,
-  NSSPKIXSubjectPublicKeyInfo *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Duplicate
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSArena *arenaOpt
-);
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-/* { FGMR } */
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extension  ::=  SEQUENCE  {
- *       extnID      OBJECT IDENTIFIER,
- *       critical    BOOLEAN DEFAULT FALSE,
- *       extnValue   OCTET STRING  }
- *
- */
-
-/* { FGMR } */
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateList  ::=  SEQUENCE  {
- *       tbsCertList          TBSCertList,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- * The public calls for the type:
- *
- *  NSSPKIXCertificateList_Decode
- *  NSSPKIXCertificateList_Create
- *  NSSPKIXCertificateList_Encode
- *  NSSPKIXCertificateList_Destroy
- *  NSSPKIXCertificateList_GetTBSCertList
- *  NSSPKIXCertificateList_SetTBSCertList
- *  NSSPKIXCertificateList_GetSignatureAlgorithm
- *  NSSPKIXCertificateList_SetSignatureAlgorithm
- *  NSSPKIXCertificateList_GetSignature
- *  NSSPKIXCertificateList_SetSignature
- *  NSSPKIXCertificateList_Equal
- *  NSSPKIXCertificateList_Duplicate
- *
- */
-
-/*
- * NSSPKIXCertificateList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificateList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTBSCertList *tbsCertList,
-  NSSPKIXAlgorithmIdentifier *sigAlg,
-  NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificateList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_Destroy
-(
-  NSSPKIXCertificateList *certList
-);
-
-/*
- * NSSPKIXCertificateList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificateList_Encode
-(
-  NSSPKIXCertificateList *certList,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_GetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXCertificateList_GetTBSCertList
-(
-  NSSPKIXCertificateList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetTBSCertList
-(
-  NSSPKIXCertificateList *certList,
-  NSSPKIXTBSCertList *tbsCertList
-);
-
-/*
- * NSSPKIXCertificateList_GetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXCertificateList_GetSignatureAlgorithm
-(
-  NSSPKIXCertificateList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetSignatureAlgorithm
-(
-  NSSPKIXCertificateList *certList,
-  NSSPKIXAlgorithmIdentifier *sigAlg
-);
-
-/*
- * NSSPKIXCertificateList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXCertificateList_GetSignature
-(
-  NSSPKIXCertificateList *certList,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetSignature
-(
-  NSSPKIXCertificateList *certList,
-  NSSItem *sig
-);
-
-/*
- * NSSPKIXCertificateList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificateList_Equal
-(
-  NSSPKIXCertificateList *one,
-  NSSPKIXCertificateList *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificateList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Duplicate
-(
-  NSSPKIXCertificateList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertList  ::=  SEQUENCE  {
- *       version                 Version OPTIONAL,
- *                                    -- if present, shall be v2
- *       signature               AlgorithmIdentifier,
- *       issuer                  Name,
- *       thisUpdate              Time,
- *       nextUpdate              Time OPTIONAL,
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *       crlExtensions           [0] Extensions OPTIONAL
- *                                           -- if present, shall be v2 -- }
- *
- * The public calls for the type:
- *
- *  NSSPKIXTBSCertList_Decode
- *  NSSPKIXTBSCertList_Create
- *  NSSPKIXTBSCertList_Destroy
- *  NSSPKIXTBSCertList_Encode
- *  NSSPKIXTBSCertList_GetVersion
- *  NSSPKIXTBSCertList_SetVersion
- *  NSSPKIXTBSCertList_GetSignature
- *  NSSPKIXTBSCertList_SetSignature
- *  NSSPKIXTBSCertList_GetIssuer
- *  NSSPKIXTBSCertList_SetIssuer
- *  NSSPKIXTBSCertList_GetThisUpdate
- *  NSSPKIXTBSCertList_SetThisUpdate
- *  NSSPKIXTBSCertList_HasNextUpdate
- *  NSSPKIXTBSCertList_GetNextUpdate
- *  NSSPKIXTBSCertList_SetNextUpdate
- *  NSSPKIXTBSCertList_RemoveNextUpdate
- *  NSSPKIXTBSCertList_GetRevokedCertificates
- *  NSSPKIXTBSCertList_SetRevokedCertificates
- *  NSSPKIXTBSCertList_HasCrlExtensions
- *  NSSPKIXTBSCertList_GetCrlExtensions
- *  NSSPKIXTBSCertList_SetCrlExtensions
- *  NSSPKIXTBSCertList_RemoveCrlExtensions
- *  NSSPKIXTBSCertList_Equal
- *  NSSPKIXTBSCertList_Duplicate
- *
- */
-
-/*
- * NSSPKIXTBSCertList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTBSCertList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_PKIX_TIME
- *  (something for the times being out of order?)
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXVersion version,
-  NSSPKIXAlgorithmIdentifier *signature,
-  NSSPKIXName *issuer,
-  NSSPKIXTime thisUpdate,
-  NSSPKIXTime nextUpdateOpt,
-  NSSPKIXrevokedCertificates *revokedCerts,
-  NSSPKIXExtensions *crlExtensionsOpt
-);
-
-/*
- * NSSPKIXTBSCertList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_Destroy
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTBSCertList_Encode
-(
-  NSSPKIXTBSCertList *certList,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid element of the NSSPKIXVersion enumeration upon success
- *  NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-NSSPKIXTBSCertList_GetVersion
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetVersion
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXVersion version
-);
-
-/*
- * NSSPKIXTBSCertList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXTBSCertList_GetSignature
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetSignature
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * NSSPKIXTBSCertList_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertList_GetIssuer
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetIssuer
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXName *issuer
-);
-
-/*
- * NSSPKIXTBSCertList_GetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXTBSCertList_GetThisUpdate
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetThisUpdate
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXTime thisUpdate
-);
-
-/*
- * NSSPKIXTBSCertList_HasNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_HasNextUpdate
-(
-  NSSPKIXTBSCertList *certList,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXTBSCertList_GetNextUpdate
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetNextUpdate
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXTime nextUpdate
-);
-
-/*
- * NSSPKIXTBSCertList_RemoveNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_HAS_NO_NEXT_UPDATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_RemoveNextUpdate
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon succes
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXTBSCertList_GetRevokedCertificates
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetRevokedCertificates
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXrevokedCertificates *revoked
-);
-
-/*
- * NSSPKIXTBSCertList_HasCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_HasCrlExtensions
-(
-  NSSPKIXTBSCertList *certList,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensions upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXTBSCertList_GetCrlExtensions
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetCrlExtensions
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertList_RemoveCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_HAS_NO_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_RemoveCrlExtensions
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_Equal
-(
-  NSSPKIXTBSCertList *one,
-  NSSPKIXTBSCertList *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Duplicate
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- * The public calls for the type:
- *
- *  NSSPKIXrevokedCertificates_Decode
- *  NSSPKIXrevokedCertificates_Create
- *  NSSPKIXrevokedCertificates_Encode
- *  NSSPKIXrevokedCertificates_Destroy
- *  NSSPKIXrevokedCertificates_GetRevokedCertificateCount
- *  NSSPKIXrevokedCertificates_GetRevokedCertificates
- *  NSSPKIXrevokedCertificates_SetRevokedCertificates
- *  NSSPKIXrevokedCertificates_GetRevokedCertificate
- *  NSSPKIXrevokedCertificates_SetRevokedCertificate
- *  NSSPKIXrevokedCertificates_InsertRevokedCertificate
- *  NSSPKIXrevokedCertificates_AppendRevokedCertificate
- *  NSSPKIXrevokedCertificates_RemoveRevokedCertificate
- *  NSSPKIXrevokedCertificates_Equal
- *  NSSPKIXrevokedCertificates_Duplicate
- *
- */
-
-/*
- * NSSPKIXrevokedCertificates_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXrevokedCertificates_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXrevokedCertificate *rc1,
-  ...
-);
-
-/*
- * NSSPKIXrevokedCertificates_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_Destroy
-(
-  NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * NSSPKIXrevokedCertificates_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXrevokedCertificates_Encode
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificateCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXrevokedCertificates_GetRevokedCertificateCount
-(
-  NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXrevokedCertificate pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate **
-NSSPKIXrevokedCertificates_GetRevokedCertificates
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSPKIXrevokedCertificate *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_SetRevokedCertificates
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSPKIXrevokedCertificate *rc[],
-  PRInt32 countOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificates_GetRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_SetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_SetRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_InsertRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_InsertRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_AppendRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_AppendRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_RemoveRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_RemoveRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXrevokedCertificates_FindRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXrevokedCertificates_FindRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificates_Equal
-(
-  NSSPKIXrevokedCertificates *one,
-  NSSPKIXrevokedCertificates *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Duplicate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSArena *arenaOpt
-);
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *                                           SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- * The public calls for this type:
- *
- *  NSSPKIXrevokedCertificate_Decode
- *  NSSPKIXrevokedCertificate_Create
- *  NSSPKIXrevokedCertificate_Encode
- *  NSSPKIXrevokedCertificate_Destroy
- *  NSSPKIXrevokedCertificate_GetUserCertificate
- *  NSSPKIXrevokedCertificate_SetUserCertificate
- *  NSSPKIXrevokedCertificate_GetRevocationDate
- *  NSSPKIXrevokedCertificate_SetRevocationDate
- *  NSSPKIXrevokedCertificate_HasCrlEntryExtensions
- *  NSSPKIXrevokedCertificate_GetCrlEntryExtensions
- *  NSSPKIXrevokedCertificate_SetCrlEntryExtensions
- *  NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *  NSSPKIXrevokedCertificate_Equal
- *  NSSPKIXrevokedCertificate_Duplicate
- *
- */
-
-
-/*
- * NSSPKIXrevokedCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXrevokedCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *  NSS_ERROR_INVALID_PKIX_TIME
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCertificateSerialNumber *userCertificate,
-  NSSPKIXTime *revocationDate,
-  NSSPKIXExtensions *crlEntryExtensionsOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_Destroy
-(
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXrevokedCertificate_Encode
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXrevokedCertificate_GetUserCertificate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);  
-
-/*
- * NSSPKIXrevokedCertificate_SetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetUserCertificate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSPKIXCertificateSerialNumber *csn
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTime upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXrevokedCertificate_GetRevocationDate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);  
-
-/*
- * NSSPKIXrevokedCertificate_SetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetRevocationDate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSPKIXTime *revocationDate
-);
-
-/*
- * NSSPKIXrevokedCertificate_HasCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificate_HasCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensions upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXrevokedCertificate_GetCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);  
-
-/*
- * NSSPKIXrevokedCertificate_SetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSPKIXExtensions *crlEntryExtensions
-);
-
-/*
- * NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificate_Equal
-(
-  NSSPKIXrevokedCertificate *one,
-  NSSPKIXrevokedCertificate *two,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Duplicate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- *  AlgorithmIdentifier  ::=  SEQUENCE  {
- *       algorithm               OBJECT IDENTIFIER,
- *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
- *                                  -- contains a value of the type
- *                                  -- registered for use with the
- *                                  -- algorithm object identifier value
- *
- * The public calls for this type:
- *
- *  NSSPKIXAlgorithmIdentifier_Decode
- *  NSSPKIXAlgorithmIdentifier_Create
- *  NSSPKIXAlgorithmIdentifier_Encode
- *  NSSPKIXAlgorithmIdentifier_Destroy
- *  NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *  NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *  NSSPKIXAlgorithmIdentifier_GetParameters
- *  NSSPKIXAlgorithmIdentifier_SetParameters
- *  NSSPKIXAlgorithmIdentifier_Compare
- *  NSSPKIXAlgorithmIdentifier_Duplicate
- *    { algorithm-specific parameter types and accessors ? }
- *
- */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *algorithm,
-  NSSItem *parameters
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_Destroy
-(
-  NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAlgorithmIdentifier_Encode
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSOID pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAlgorithmIdentifier_GetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_SetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSOID *algorithm
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXAlgorithmIdentifier_GetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_SetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *parameters
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAlgorithmIdentifier_Equal
-(
-  NSSPKIXAlgorithmIdentifier *algid1,
-  NSSPKIXAlgorithmIdentifier *algid2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Duplicate
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { algorithm-specific parameter types and accessors ? }
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ORAddress ::= SEQUENCE {
- *     built-in-standard-attributes BuiltInStandardAttributes,
- *     built-in-domain-defined-attributes
- *                          BuiltInDomainDefinedAttributes OPTIONAL,
- *     -- see also teletex-domain-defined-attributes
- *     extension-attributes ExtensionAttributes OPTIONAL }
- *  --      The OR-address is semantically absent from the OR-name if the
- *  --      built-in-standard-attribute sequence is empty and the
- *  --      built-in-domain-defined-attributes and extension-attributes are
- *  --      both omitted.
- *
- * The public calls for this type:
- *
- *  NSSPKIXORAddress_Decode
- *  NSSPKIXORAddress_Create
- *  NSSPKIXORAddress_Destroy
- *  NSSPKIXORAddress_Encode
- *  NSSPKIXORAddress_GetBuiltInStandardAttributes
- *  NSSPKIXORAddress_SetBuiltInStandardAttributes
- *  NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *  NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *  NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *  NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *  NSSPKIXORAddress_HasExtensionsAttributes
- *  NSSPKIXORAddress_GetExtensionsAttributes
- *  NSSPKIXORAddress_SetExtensionsAttributes
- *  NSSPKIXORAddress_RemoveExtensionsAttributes
- *  NSSPKIXORAddress_Equal
- *  NSSPKIXORAddress_Duplicate
- *
- */
-
-/*
- * NSSPKIXORAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXORAddres upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXORAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS_ATTRIBUTES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXORAddres upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXBuiltInDomainDefinedAttributes *biddaOpt,
-  NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * NSSPKIXORAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_Destroy
-(
-  NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXORAddress_Encode
-(
-  NSSPKIXORAddress *ora,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_GetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXORAddress_GetBuiltInStandardAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetBuiltInStandardAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_HasExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_HasExtensionsAttributes
-(
-  NSSPKIXORAddress *ora,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_GetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXORAddress_GetExtensionsAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetExtensionsAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * NSSPKIXORAddress_RemoveExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_RemoveExtensionsAttributes
-(
-  NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_Equal
-(
-  NSSPKIXORAddress *ora1,
-  NSSPKIXORAddress *ora2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXORAddres upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Duplicate
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInStandardAttributes ::= SEQUENCE {
- *     country-name CountryName OPTIONAL,
- *     administration-domain-name AdministrationDomainName OPTIONAL,
- *     network-address      [0] NetworkAddress OPTIONAL,
- *     -- see also extended-network-address
- *     terminal-identifier  [1] TerminalIdentifier OPTIONAL,
- *     private-domain-name  [2] PrivateDomainName OPTIONAL,
- *     organization-name    [3] OrganizationName OPTIONAL,
- *     -- see also teletex-organization-name
- *     numeric-user-identifier      [4] NumericUserIdentifier OPTIONAL,
- *     personal-name        [5] PersonalName OPTIONAL,
- *     -- see also teletex-personal-name
- *     organizational-unit-names    [6] OrganizationalUnitNames OPTIONAL
- *     -- see also teletex-organizational-unit-names -- }
- *
- * The public calls for this type:
- *
- *  NSSPKIXBuiltInStandardAttributes_Decode
- *  NSSPKIXBuiltInStandardAttributes_Create
- *  NSSPKIXBuiltInStandardAttributes_Destroy
- *  NSSPKIXBuiltInStandardAttributes_Encode
- *  NSSPKIXBuiltInStandardAttributes_HasCountryName
- *  NSSPKIXBuiltInStandardAttributes_GetCountryName
- *  NSSPKIXBuiltInStandardAttributes_SetCountryName
- *  NSSPKIXBuiltInStandardAttributes_RemoveCountryName
- *  NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *  NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *  NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *  NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *  NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
- *  NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
- *  NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
- *  NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *  NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *  NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *  NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *  NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *  NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *  NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *  NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *  NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *  NSSPKIXBuiltInStandardAttributes_HasOrganizationName
- *  NSSPKIXBuiltInStandardAttributes_GetOrganizationName
- *  NSSPKIXBuiltInStandardAttributes_SetOrganizationName
- *  NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *  NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *  NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *  NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *  NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *  NSSPKIXBuiltInStandardAttributes_HasPersonalName
- *  NSSPKIXBuiltInStandardAttributes_GetPersonalName
- *  NSSPKIXBuiltInStandardAttributes_SetPersonalName
- *  NSSPKIXBuiltInStandardAttributes_RemovePersonalName
- *  NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *  NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *  NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *  NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *  NSSPKIXBuiltInStandardAttributes_Equal
- *  NSSPKIXBuiltInStandardAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *  NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *  NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *  NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCountryName *countryNameOpt,
-  NSSPKIXAdministrationDomainName *administrationDomainNameOpt,
-  NSSPKIXNetworkAddress *networkAddressOpt,
-  NSSPKIXTerminalIdentifier *terminalIdentifierOpt,
-  NSSPKIXPrivateDomainName *privateDomainNameOpt,
-  NSSPKIXOrganizationName *organizationNameOpt,
-  NSSPKIXNumericUserIdentifier *numericUserIdentifierOpt,
-  NSSPKIXPersonalName *personalNameOpt,
-  NSSPKIXOrganizationalUnitNames *organizationalUnitNamesOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_Destroy
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInStandardAttributes_Encode
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXBuiltInStandardAttributes_GetCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXCountryName *countryName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_COUNTRY_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAdministrationDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXAdministrationDomainName *administrationDomainName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXNetworkAddress *networkAddress
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_NETWORK_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTerminalIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXTerminalIdentifier *terminalIdentifier
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_TERMINAL_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXPrivateDomainName *privateDomainName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXBuiltInStandardAttributes_GetOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXOrganizationName *organizationName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_ORGANIZATION_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXNumericUserIdentifier *numericUserIdentifier
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasPersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXBuiltInStandardAttributes_GetPersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetPersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemovePersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemovePersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXOrganizationalUnitNames *organizationalUnitNames
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_Equal
-(
-  NSSPKIXBuiltInStandardAttributes *bisa1,
-  NSSPKIXBuiltInStandardAttributes *bisa2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Duplicate
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CountryName ::= [APPLICATION 1] CHOICE {
- *     x121-dcc-code NumericString
- *                  (SIZE (ub-country-name-numeric-length)),
- *     iso-3166-alpha2-code PrintableString
- *                  (SIZE (ub-country-name-alpha-length)) }
- *
- * The public calls for this type:
- *
- *  NSSPKIXCountryName_Decode
- *  NSSPKIXCountryName_CreateFromUTF8
- *  NSSPKIXCountryName_Encode
- *
- */
-
-/*
- * NSSPKIXCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXCountryName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXCountryName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCountryName_Encode
-(
-  NSSPKIXCountryName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- *     numeric NumericString (SIZE (0..ub-domain-name-length)),
- *     printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- * The public calls for this type:
- *
- *  NSSPKIXAdministrationDomainName_Decode
- *  NSSPKIXAdministrationDomainName_CreateFromUTF8
- *  NSSPKIXAdministrationDomainName_Encode
- *
- */
-
-/*
- * NSSPKIXAdministrationDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAdministrationDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXAdministrationDomainName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAdministrationDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAdministrationDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXAdministrationDomainName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXAdministrationDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAdministrationDomainName_Encode
-(
-  NSSPKIXAdministrationDomainName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXX121Address_Decode
- *  NSSPKIXX121Address_CreateFromUTF8
- *  NSSPKIXX121Address_Encode
- *
- */
-
-/*
- * NSSPKIXX121Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX121Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-NSSPKIXX121Address_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXX121Address_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX121Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-NSSPKIXX121Address_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX121Address_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_X121_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX121Address_Encode
-(
-  NSSPKIXX121Address *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NetworkAddress ::= X121Address  -- see also extended-network-address
- *
- * The public calls for this type:
- *
- *  NSSPKIXNetworkAddress_Decode
- *  NSSPKIXNetworkAddress_CreateFromUTF8
- *  NSSPKIXNetworkAddress_Encode
- *
- */
-
-/*
- * NSSPKIXNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXNetworkAddress_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXNetworkAddress_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXNetworkAddress_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXNetworkAddress_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNetworkAddress_Encode
-(
-  NSSPKIXNetworkAddress *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXTerminalIdentifier_Decode
- *  NSSPKIXTerminalIdentifier_CreateFromUTF8
- *  NSSPKIXTerminalIdentifier_Encode
- *
- */
-
-/*
- * NSSPKIXTerminalIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTerminalIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXTerminalIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTerminalIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTerminalIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXTerminalIdentifier_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTerminalIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTerminalIdentifier_Encode
-(
-  NSSPKIXTerminalIdentifier *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments -- 
- *
- *  PrivateDomainName ::= CHOICE {
- *     numeric NumericString (SIZE (1..ub-domain-name-length)),
- *     printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- * The public calls for this type:
- *
- *  NSSPKIXPrivateDomainName_Decode
- *  NSSPKIXPrivateDomainName_CreateFromUTF8
- *  NSSPKIXPrivateDomainName_Encode
- *
- */
-
-/*
- * NSSPKIXPrivateDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXPrivateDomainName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPrivateDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXPrivateDomainName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPrivateDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPrivateDomainName_Encode
-(
-  NSSPKIXPrivateDomainName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- *  OrganizationName ::= PrintableString
- *                              (SIZE (1..ub-organization-name-length))
- * 
- * The public calls for this type:
- *
- *  NSSPKIXOrganizationName_Decode
- *  NSSPKIXOrganizationName_CreateFromUTF8
- *  NSSPKIXOrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXOrganizationName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXOrganizationName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationName_Encode
-(
-  NSSPKIXOrganizationName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NumericUserIdentifier ::= NumericString
- *                              (SIZE (1..ub-numeric-user-id-length))
- * 
- * The public calls for this type:
- *
- *  NSSPKIXNumericUserIdentifier_Decode
- *  NSSPKIXNumericUserIdentifier_CreateFromUTF8
- *  NSSPKIXNumericUserIdentifier_Encode
- *
- */
-
-/*
- * NSSPKIXNumericUserIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXNumericUserIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXNumericUserIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXNumericUserIdentifier_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXNumericUserIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNumericUserIdentifier_Encode
-(
-  NSSPKIXNumericUserIdentifier *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PersonalName ::= SET {
- *     surname [0] PrintableString (SIZE (1..ub-surname-length)),
- *     given-name [1] PrintableString
- *                          (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] PrintableString
- *                  (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXPersonalName_Decode
- *  NSSPKIXPersonalName_Create
- *  NSSPKIXPersonalName_Destroy
- *  NSSPKIXPersonalName_Encode
- *  NSSPKIXPersonalName_GetSurname
- *  NSSPKIXPersonalName_SetSurname
- *  NSSPKIXPersonalName_HasGivenName
- *  NSSPKIXPersonalName_GetGivenName
- *  NSSPKIXPersonalName_SetGivenName
- *  NSSPKIXPersonalName_RemoveGivenName
- *  NSSPKIXPersonalName_HasInitials
- *  NSSPKIXPersonalName_GetInitials
- *  NSSPKIXPersonalName_SetInitials
- *  NSSPKIXPersonalName_RemoveInitials
- *  NSSPKIXPersonalName_HasGenerationQualifier
- *  NSSPKIXPersonalName_GetGenerationQualifier
- *  NSSPKIXPersonalName_SetGenerationQualifier
- *  NSSPKIXPersonalName_RemoveGenerationQualifier
- *  NSSPKIXPersonalName_Equal
- *  NSSPKIXPersonalName_Duplicate
- *
- */
-
-/*
- * NSSPKIXPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *surname,
-  NSSUTF8 *givenNameOpt,
-  NSSUTF8 *initialsOpt,
-  NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * NSSPKIXPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_Destroy
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPersonalName_Encode
-(
-  NSSPKIXPersonalName *personalName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetSurname
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetSurname
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *surname
-);
-
-/*
- * NSSPKIXPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasGivenName
-(
-  NSSPKIXPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetGivenName
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetGivenName
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *givenName
-);
-
-/*
- * NSSPKIXPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveGivenName
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasInitials
-(
-  NSSPKIXPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetInitials
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetInitials
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *initials
-);
-
-/*
- * NSSPKIXPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveInitials
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *generationQualifier
-);
-
-/*
- * NSSPKIXPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_Equal
-(
-  NSSPKIXPersonalName *personalName1,
-  NSSPKIXPersonalName *personalName2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Duplicate
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- *                                          OF OrganizationalUnitName
- * 
- * The public calls for the type:
- *
- *  NSSPKIXOrganizationalUnitNames_Decode
- *  NSSPKIXOrganizationalUnitNames_Create
- *  NSSPKIXOrganizationalUnitNames_Destroy
- *  NSSPKIXOrganizationalUnitNames_Encode
- *  NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *  NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *  NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *  NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *  NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *  NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *  NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *  NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *  NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *  NSSPKIXOrganizationalUnitNames_Equal
- *  NSSPKIXOrganizationalUnitNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXOrganizationalUnitName *ou1,
-  ...
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_Destroy
-(
-  NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationalUnitNames_Encode
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
-(
-  NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXOrganizationalUnitName
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName **
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *ou[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRIntn
-NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXOrganizationalUnitNames_Equal
-(
-  NSSPKIXOrganizationalUnitNames *ous1,
-  NSSPKIXOrganizationalUnitNames *ous2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Duplicate
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSArena *arenaOpt
-);
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitName ::= PrintableString (SIZE
- *                          (1..ub-organizational-unit-name-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXOrganizationalUnitName_Decode
- *  NSSPKIXOrganizationalUnitName_CreateFromUTF8
- *  NSSPKIXOrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationalUnitName_Encode
-(
-  NSSPKIXOrganizationalUnitName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- *                                  (1..ub-domain-defined-attributes) OF
- *                                  BuiltInDomainDefinedAttribute
- *
- * The public calls for this type:
- *
- *  NSSPKIXBuiltInDomainDefinedAttributes_Decode
- *  NSSPKIXBuiltInDomainDefinedAttributes_Create
- *  NSSPKIXBuiltInDomainDefinedAttributes_Destroy
- *  NSSPKIXBuiltInDomainDefinedAttributes_Encode
- *  NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *  NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *  NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *  NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *  NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *  NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *  NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *  NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *  NSSPKIXBuiltInDomainDefinedAttributes_Equal
- *  NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
-  ...
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_Destroy
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInDomainDefinedAttributes_Encode
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXBuiltInDomainDefinedAttribute
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute **
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribut *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribut *bidda[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInDomainDefinedAttributes_Equal
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas1,
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttribute ::= SEQUENCE {
- *     type PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-type-length)),
- *     value PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-value-length))}
- *
- * The public calls for this type:
- *
- *  NSSPKIXBuiltInDomainDefinedAttribute_Decode
- *  NSSPKIXBuiltInDomainDefinedAttribute_Create
- *  NSSPKIXBuiltInDomainDefinedAttribute_Destroy
- *  NSSPKIXBuiltInDomainDefinedAttribute_Encode
- *  NSSPKIXBuiltInDomainDefinedAttribute_GetType
- *  NSSPKIXBuiltInDomainDefinedAttribute_SetType
- *  NSSPKIXBuiltInDomainDefinedAttribute_GetValue
- *  NSSPKIXBuiltInDomainDefinedAttribute_SetValue
- *  NSSPKIXBuiltInDomainDefinedAttribute_Equal
- *  NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *type,
-  NSSUTF8 *value
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_Destroy
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInDomainDefinedAttribute_Encode
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXBuiltInDomainDefinedAttribute_GetType
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_SetType
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSUTF8 *type
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXBuiltInDomainDefinedAttribute_GetValue
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_SetValue
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSUTF8 *value
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInDomainDefinedAttribute_Equal
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSArena *arenaOpt
-);
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- *                          ExtensionAttribute
- *
- * The public calls for this type:
- *
- *  NSSPKIXExtensionAttributes_Decode
- *  NSSPKIXExtensionAttributes_Create
- *  NSSPKIXExtensionAttributes_Destroy
- *  NSSPKIXExtensionAttributes_Encode
- *  NSSPKIXExtensionAttributes_GetExtensionAttributeCount
- *  NSSPKIXExtensionAttributes_GetExtensionAttributes
- *  NSSPKIXExtensionAttributes_SetExtensionAttributes
- *  NSSPKIXExtensionAttributes_GetExtensionAttribute
- *  NSSPKIXExtensionAttributes_SetExtensionAttribute
- *  NSSPKIXExtensionAttributes_InsertExtensionAttribute
- *  NSSPKIXExtensionAttributes_AppendExtensionAttribute
- *  NSSPKIXExtensionAttributes_RemoveExtensionAttribute
- *  NSSPKIXExtensionAttributes_FindExtensionAttribute
- *  NSSPKIXExtensionAttributes_Equal
- *  NSSPKIXExtensionAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtensionAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXExtensionAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXExtensionAttribute ea1,
-  ...
-);
-
-/*
- * NSSPKIXExtensionAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_Destroy
-(
-  NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * NSSPKIXExtensionAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtensionAttributes_Encode
-(
-  NSSPKIXExtensionAttributes *eas
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtensionAttributes_GetExtensionAttributeCount
-(
-  NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXExtensionAttribute pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute **
-NSSPKIXExtensionAttributes_GetExtensionAttributes
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_SetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_INVALID_POINTER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_SetExtensionAttributes
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *ea[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttributes_GetExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_SetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_SetExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_InsertExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_InsertExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_AppendExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_AppendExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_RemoveExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_RemoveExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-);
-
-/*
- * NSSPKIXExtensionAttributes_FindExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  A nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtensionAttributes_FindExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtensionAttributes_Equal
-(
-  NSSPKIXExtensionAttributes *eas1,
-  NSSPKIXExtensionAttributes *eas2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Duplicate
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSArena *arenaOpt
-);
-
-/*
- * fgmr
- * There should be accessors to search the ExtensionAttributes and
- * return the value for a specific value, etc.
- */
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttribute ::=  SEQUENCE {
- *     extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- *     extension-attribute-value [1]
- *                          ANY DEFINED BY extension-attribute-type }
- *
- * The public calls for this type:
- *
- *  NSSPKIXExtensionAttribute_Decode
- *  NSSPKIXExtensionAttribute_Create
- *  NSSPKIXExtensionAttribute_Destroy
- *  NSSPKIXExtensionAttribute_Encode
- *  NSSPKIXExtensionAttribute_GetExtensionsAttributeType
- *  NSSPKIXExtensionAttribute_SetExtensionsAttributeType
- *  NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
- *  NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
- *  NSSPKIXExtensionAttribute_Equal
- *  NSSPKIXExtensionAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtensionAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXExtensionAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE_TYPE
- *  NSS_ERROR_INVALID_POINTER
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXExtensionAttributeType type,
-  NSSItem *value
-);
-
-/*
- * NSSPKIXExtensionAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_Destroy
-(
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtensionAttribute_Encode
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeType
- *
- * -- fgmr comments --
- * {One of these objects created from BER generated by a program
- * adhering to a later version of the PKIX standards might have
- * a value not mentioned in the enumeration definition.  This isn't
- * a bug.}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  A member of the NSSPKIXExtensionAttributeType enumeration
- *      upon success
- *  NSSPKIXExtensionAttributeType_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributeType
-NSSPKIXExtensionAttribute_GetExtensionsAttributeType
-(
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_SetExtensionsAttributeType
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSPKIXExtensionAttributeType type
-);
-
-/*
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSItem *value
-);
-
-/*
- * NSSPKIXExtensionAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtensionAttribute_Equal
-(
-  NSSPKIXExtensionAttribute *ea1,
-  NSSPKIXExtensionAttribute *ea2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Duplicate
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSArena *arenaOpt
-);
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXCommonName_Decode
- *  NSSPKIXCommonName_CreateFromUTF8
- *  NSSPKIXCommonName_Encode
- *
- */
-
-/*
- * NSSPKIXCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-NSSPKIXCommonName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-NSSPKIXCommonName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCommonName_Encode
-(
-  NSSPKIXCommonName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXTeletexCommonName_Decode
- *  NSSPKIXTeletexCommonName_CreateFromUTF8
- *  NSSPKIXTeletexCommonName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-NSSPKIXTeletexCommonName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-NSSPKIXTeletexCommonName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexCommonName_Encode
-(
-  NSSPKIXTeletexCommonName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationName ::=
- *                  TeletexString (SIZE (1..ub-organization-name-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXTeletexOrganizationName_Decode
- *  NSSPKIXTeletexOrganizationName_CreateFromUTF8
- *  NSSPKIXTeletexOrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-NSSPKIXTeletexOrganizationName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-NSSPKIXTeletexOrganizationName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATION_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationName_Encode
-(
-  NSSPKIXTeletexOrganizationName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexPersonalName ::= SET {
- *     surname [0] TeletexString (SIZE (1..ub-surname-length)),
- *     given-name [1] TeletexString
- *                  (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] TeletexString (SIZE
- *                  (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXTeletexPersonalName_Decode
- *  NSSPKIXTeletexPersonalName_Create
- *  NSSPKIXTeletexPersonalName_Destroy
- *  NSSPKIXTeletexPersonalName_Encode
- *  NSSPKIXTeletexPersonalName_GetSurname
- *  NSSPKIXTeletexPersonalName_SetSurname
- *  NSSPKIXTeletexPersonalName_HasGivenName
- *  NSSPKIXTeletexPersonalName_GetGivenName
- *  NSSPKIXTeletexPersonalName_SetGivenName
- *  NSSPKIXTeletexPersonalName_RemoveGivenName
- *  NSSPKIXTeletexPersonalName_HasInitials
- *  NSSPKIXTeletexPersonalName_GetInitials
- *  NSSPKIXTeletexPersonalName_SetInitials
- *  NSSPKIXTeletexPersonalName_RemoveInitials
- *  NSSPKIXTeletexPersonalName_HasGenerationQualifier
- *  NSSPKIXTeletexPersonalName_GetGenerationQualifier
- *  NSSPKIXTeletexPersonalName_SetGenerationQualifier
- *  NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
- *  NSSPKIXTeletexPersonalName_Equal
- *  NSSPKIXTeletexPersonalName_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *surname,
-  NSSUTF8 *givenNameOpt,
-  NSSUTF8 *initialsOpt,
-  NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_Destroy
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexPersonalName_Encode
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetSurname
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetSurname
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *surname
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *givenName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasInitials
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetInitials
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetInitials
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *initials
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveInitials
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *generationQualifier
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_Equal
-(
-  NSSPKIXTeletexPersonalName *personalName1,
-  NSSPKIXTeletexPersonalName *personalName2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Duplicate
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- *          (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- * The public calls for the type:
- *
- *  NSSPKIXTeletexOrganizationalUnitNames_Decode
- *  NSSPKIXTeletexOrganizationalUnitNames_Create
- *  NSSPKIXTeletexOrganizationalUnitNames_Destroy
- *  NSSPKIXTeletexOrganizationalUnitNames_Encode
- *  NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *  NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *  NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *  NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *  NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *  NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *  NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *  NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *  NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *  NSSPKIXTeletexOrganizationalUnitNames_Equal
- *  NSSPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTeletexOrganizationalUnitName *ou1,
-  ...
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_Destroy
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationalUnitNames_Encode
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXTeletexOrganizationalUnitName
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName **
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *ou[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexOrganizationalUnitNames_Equal
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous1,
-  NSSPKIXTeletexOrganizationalUnitNames *ous2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Duplicate
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitName ::= TeletexString
- *                          (SIZE (1..ub-organizational-unit-name-length))
- *  
- * The public calls for this type:
- *
- *  NSSPKIXTeletexOrganizationalUnitName_Decode
- *  NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *  NSSPKIXTeletexOrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationalUnitName_Encode
-(
-  NSSPKIXTeletexOrganizationalUnitName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- * The public calls for this type:
- *
- *  NSSPKIXPDSName_Decode
- *  NSSPKIXPDSName_CreateFromUTF8
- *  NSSPKIXPDSName_Encode
- *
- */
-
-/*
- * NSSPKIXPDSName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-NSSPKIXPDSName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPDSName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-NSSPKIXPDSName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPDSName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPDSName_Encode
-(
-  NSSPKIXPDSName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryCountryName ::= CHOICE {
- *     x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- *     iso-3166-alpha2-code PrintableString
- *                          (SIZE (ub-country-name-alpha-length)) }
- *
- * The public calls for this type:
- *
- *  NSSPKIXPhysicalDeliveryCountryName_Decode
- *  NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *  NSSPKIXPhysicalDeliveryCountryName_Encode
- *
- */
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-NSSPKIXPhysicalDeliveryCountryName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PHYSICAL_DELIVERY_COUNTRY_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPhysicalDeliveryCountryName_Encode
-(
-  NSSPKIXPhysicalDeliveryCountryName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PostalCode ::= CHOICE {
- *     numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- *     printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- * The public calls for this type:
- *
- *  NSSPKIXPostalCode_Decode
- *  NSSPKIXPostalCode_CreateFromUTF8
- *  NSSPKIXPostalCode_Encode
- *
- */
-
-/*
- * NSSPKIXPostalCode_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPostalCode upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-NSSPKIXPostalCode_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPostalCode_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPostalCode upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-NSSPKIXPostalCode_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPostalCode_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POSTAL_CODE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPostalCode_Encode
-(
-  NSSPKIXPostalCode *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSParameter ::= SET {
- *     printable-string PrintableString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXPDSParameter_Decode
- *  NSSPKIXPDSParameter_CreateFromUTF8
- *  NSSPKIXPDSParameter_Create
- *  NSSPKIXPDSParameter_Delete
- *  NSSPKIXPDSParameter_Encode
- *  NSSPKIXPDSParameter_GetUTF8Encoding
- *  NSSPKIXPDSParameter_HasPrintableString
- *  NSSPKIXPDSParameter_GetPrintableString
- *  NSSPKIXPDSParameter_SetPrintableString
- *  NSSPKIXPDSParameter_RemovePrintableString
- *  NSSPKIXPDSParameter_HasTeletexString
- *  NSSPKIXPDSParameter_GetTeletexString
- *  NSSPKIXPDSParameter_SetTeletexString
- *  NSSPKIXPDSParameter_RemoveTeletexString
- *  NSSPKIXPDSParameter_Equal
- *  NSSPKIXPDSParameter_Duplicate
- */
-
-/*
- * NSSPKIXPDSParameter_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPDSParameter_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPDSParameter_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *printableStringOpt,
-  NSSUTF8 *teletexStringOpt
-);
-
-/*
- * NSSPKIXPDSParameter_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_Destroy
-(
-  NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPDSParameter_Encode
-(
-  NSSPKIXPDSParameter *p,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetUTF8Encoding
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_HasPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_HasPrintableString
-(
-  NSSPKIXPDSParameter *p,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetPrintableString
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_SetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_SetPrintableString
-(
-  NSSPKIXPDSParameter *p,
-  NSSUTF8 *printableString
-);
-
-/*
- * NSSPKIXPDSParameter_RemovePrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_RemovePrintableString
-(
-  NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_HasTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_HasTeletexString
-(
-  NSSPKIXPDSParameter *p,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetTeletexString
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_SetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_SetTeletexString
-(
-  NSSPKIXPDSParameter *p,
-  NSSUTF8 *teletexString
-);
-
-/*
- * NSSPKIXPDSParameter_RemoveTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_RemoveTeletexString
-(
-  NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_Equal
-(
-  NSSPKIXPDSParameter *p1,
-  NSSPKIXPDSParameter *p2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Duplicate
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * fgmr: what about these PDS types?
- *
- * PhysicalDeliveryOfficeName
- *
- * PhysicalDeliveryOfficeNumber
- *
- * ExtensionORAddressComponents
- *
- * PhysicalDeliveryPersonalName
- *
- * PhysicalDeliveryOrganizationName
- *
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * StreetAddress
- *
- * PostOfficeBoxAddress
- *
- * PosteRestanteAddress
- *
- * UniquePostalName
- *
- * LocalPostalAttributes
- *
- */
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UnformattedPostalAddress ::= SET {
- *     printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- *             PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *           (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- * The public calls for the type:
- *
- *
- */
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtendedNetworkAddress ::= CHOICE {
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *     psap-address [0] PresentationAddress }
- *
- * The public calls for the type:
- *
- *  NSSPKIXExtendedNetworkAddress_Decode
- *  NSSPKIXExtendedNetworkAddress_Create
- *  NSSPKIXExtendedNetworkAddress_Destroy
- *  NSSPKIXExtendedNetworkAddress_Encode
- *  NSSPKIXExtendedNetworkAddress_GetChoice
- *  NSSPKIXExtendedNetworkAddress_Get
- *  NSSPKIXExtendedNetworkAddress_GetE1634Address
- *  NSSPKIXExtendedNetworkAddress_GetPsapAddress
- *  NSSPKIXExtendedNetworkAddress_Set
- *  NSSPKIXExtendedNetworkAddress_SetE163Address
- *  NSSPKIXExtendedNetworkAddress_SetPsapAddress
- *  NSSPKIXExtendedNetworkAddress_Equal
- *  NSSPKIXExtendedNetworkAddress_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtendedNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXExtendedNetworkAddressChoice choice,
-  void *address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_CreateFromE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_CreateFromE1634Address
-(
-  NSSArena *arenaOpt,
-  NSSPKIXe1634Address *e1634address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_CreateFromPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_CreateFromPresentationAddress
-(
-  NSSArena *arenaOpt,
-  NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_Destroy
-(
-  NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtendedNetworkAddress_Encode
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * 
- * Return value:
- *  A valid element of the NSSPKIXExtendedNetworkAddressChoice upon
- *      success
- *  The value NSSPKIXExtendedNetworkAddress_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddressChoice
-NSSPKIXExtendedNetworkAddress_GetChoice
-(
-  NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- * 
- * Return value:
- *  A pointer...
- *  NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXExtendedNetworkAddress_GetSpecifiedChoice
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXExtendedNetworkAddressChoice which,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1643Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1643Address *
-NSSPKIXExtendedNetworkAddress_GetE1634Address
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPresentationAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPresentationAddress *
-NSSPKIXExtendedNetworkAddress_GetPresentationAddress
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetSpecifiedChoice
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXExtendedNetworkAddressChoice which,
-  void *address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetE163Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetE163Address
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXe1634Address *e1634address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetPresentationAddress
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtendedNetworkAddress_Equal
-(
-  NSSPKIXExtendedNetworkAddress *ena1,
-  NSSPKIXExtendedNetworkAddress *ena2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Duplicate
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSArena *arenaOpt
-);
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- * 
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * 
- * The public calls for the type:
- *
- *  NSSPKIXe1634Address_Decode
- *  NSSPKIXe1634Address_Create
- *  NSSPKIXe1634Address_Destroy
- *  NSSPKIXe1634Address_Encode
- *  NSSPKIXe1634Address_GetNumber
- *  NSSPKIXe1634Address_SetNumber
- *  NSSPKIXe1634Address_HasSubAddress
- *  NSSPKIXe1634Address_GetSubAddress
- *  NSSPKIXe1634Address_SetSubAddress
- *  NSSPKIXe1634Address_RemoveSubAddress
- *  NSSPKIXe1634Address_Equal
- *  NSSPKIXe1634Address_Duplicate
- *
- */
-
-/*
- * NSSPKIXe1634Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1634Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXe1634Address_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1634Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *number,
-  NSSUTF8 *subAddressOpt
-);
-
-/*
- * NSSPKIXe1634Address_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_Destroy
-(
-  NSSPKIXe1634Address *e
-);
-
-/*
- * NSSPKIXe1634Address_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXe1634Address_Encode
-(
-  NSSPKIXe1634Address *e,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_GetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXe1634Address_GetNumber
-(
-  NSSPKIXe1634Address *e,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_SetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_SetNumber
-(
-  NSSPKIXe1634Address *e,
-  NSSUTF8 *number
-);
-
-/*
- * NSSPKIXe1634Address_HasSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXe1634Address_HasSubAddress
-(
-  NSSPKIXe1634Address *e,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXe1634Address_GetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXe1634Address_GetSubAddress
-(
-  NSSPKIXe1634Address *e,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_SetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_SetSubAddress
-(
-  NSSPKIXe1634Address *e,
-  NSSUTF8 *subAddress
-);
-
-/*
- * NSSPKIXe1634Address_RemoveSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_RemoveSubAddress
-(
-  NSSPKIXe1634Address *e
-);
-
-/*
- * NSSPKIXe1634Address_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXe1634Address_Equal
-(
-  NSSPKIXe1634Address *e1,
-  NSSPKIXe1634Address *e2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXe1634Address_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1634Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Duplicate
-(
-  NSSPKIXe1634Address *e,
-  NSSArena *arenaOpt
-);
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PresentationAddress ::= SEQUENCE {
- *          pSelector       [0] EXPLICIT OCTET STRING OPTIONAL,
- *          sSelector       [1] EXPLICIT OCTET STRING OPTIONAL,
- *          tSelector       [2] EXPLICIT OCTET STRING OPTIONAL,
- *          nAddresses      [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- * The public calls for the type:
- *
- *  NSSPKIXPresentationAddress_Decode
- *  NSSPKIXPresentationAddress_Create
- *  NSSPKIXPresentationAddress_Destroy
- *  NSSPKIXPresentationAddress_Encode
- *  NSSPKIXPresentationAddress_HasPSelector
- *  NSSPKIXPresentationAddress_GetPSelector
- *  NSSPKIXPresentationAddress_SetPSelector
- *  NSSPKIXPresentationAddress_RemovePSelector
- *  NSSPKIXPresentationAddress_HasSSelector
- *  NSSPKIXPresentationAddress_GetSSelector
- *  NSSPKIXPresentationAddress_SetSSelector
- *  NSSPKIXPresentationAddress_RemoveSSelector
- *  NSSPKIXPresentationAddress_HasTSelector
- *  NSSPKIXPresentationAddress_GetTSelector
- *  NSSPKIXPresentationAddress_SetTSelector
- *  NSSPKIXPresentationAddress_RemoveTSelector
- *  NSSPKIXPresentationAddress_HasNAddresses
- *  NSSPKIXPresentationAddress_GetNAddresses
- *  NSSPKIXPresentationAddress_SetNAddresses
- *  NSSPKIXPresentationAddress_RemoveNAddresses
- *{NAddresses must be more complex than that}
- *  NSSPKIXPresentationAddress_Compare
- *  NSSPKIXPresentationAddress_Duplicate
- *
- */
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- *     (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- * 
- * The public calls for the type:
- *
- *  NSSPKIXTeletexDomainDefinedAttributes_Decode
- *  NSSPKIXTeletexDomainDefinedAttributes_Create
- *  NSSPKIXTeletexDomainDefinedAttributes_Destroy
- *  NSSPKIXTeletexDomainDefinedAttributes_Encode
- *  NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *  NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *  NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *  NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *  NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *  NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *  NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *  NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *  NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *  NSSPKIXTeletexDomainDefinedAttributes_Equal
- *  NSSPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda1,
-  ...
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_Destroy
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexDomainDefinedAttributes_Encode
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXTeletexDomainDefinedAttribute
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute **
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  The nonnegative integer upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexDomainDefinedAttributes_Equal
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas1,
-  NSSPKIXTeletexDomainDefinedAttributes *tddas2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Duplicate
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttribute ::= SEQUENCE {
- *          type TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-type-length)),
- *          value TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-value-length)) }
- * 
- * The public calls for the type:
- *
- *  NSSPKIXTeletexDomainDefinedAttribute_Decode
- *  NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *  NSSPKIXTeletexDomainDefinedAttribute_Create
- *  NSSPKIXTeletexDomainDefinedAttribute_Destroy
- *  NSSPKIXTeletexDomainDefinedAttribute_Encode
- *  NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *  NSSPKIXTeletexDomainDefinedAttribute_GetType
- *  NSSPKIXTeletexDomainDefinedAttribute_SetType
- *  NSSPKIXTeletexDomainDefinedAttribute_GetValue
- *  NSSPKIXTeletexDomainDefinedAttribute_GetValue
- *  NSSPKIXTeletexDomainDefinedAttribute_Equal
- *  NSSPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *type,
-  NSSUTF8 *value
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_Destroy
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexDomainDefinedAttribute_Encode
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetType
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_SetType
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSUTF8 *type
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetValue
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_SetValue
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSUTF8 *value
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexDomainDefinedAttribute_Equal
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda1,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Duplicate
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityKeyIdentifier ::= SEQUENCE {
- *        keyIdentifier             [0] KeyIdentifier            OPTIONAL,
- *        authorityCertIssuer       [1] GeneralNames             OPTIONAL,
- *        authorityCertSerialNumber [2] CertificateSerialNumber  OPTIONAL }
- *      -- authorityCertIssuer and authorityCertSerialNumber shall both
- *      -- be present or both be absent
- *
- * The public calls for the type:
- *
- *  NSSPKIXAuthorityKeyIdentifier_Decode
- *  NSSPKIXAuthorityKeyIdentifier_Create
- *  NSSPKIXAuthorityKeyIdentifier_Destroy
- *  NSSPKIXAuthorityKeyIdentifier_Encode
- *  NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *  NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *  NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *  NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *  NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *  NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *  NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *  NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *  NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *  NSSPKIXAuthorityKeyIdentifier_Equal
- *  NSSPKIXAuthorityKeyIdentifier_Duplicate
- *
- */
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXKeyIdentifier *keyIdentifierOpt,
-  NSSPKIXGeneralNames *authorityCertIssuerOpt,
-  NSSPKIXCertificateSerialNumber *authorityCertSerialNumberOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_Destroy
-(
-  NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAuthorityKeyIdentifier_Encode
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXKeyIdentifier *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXKeyIdentifier *keyIdentifier
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if it has them
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXCertificateSerialNumber *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXGeneralNames *issuer,
-  NSSPKIXCertificateSerialNumber *serialNumber
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_Equal
-(
-  NSSPKIXAuthorityKeyIdentifier *aki1,
-  NSSPKIXAuthorityKeyIdentifier *aki2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Duplicate
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSArena *arenaOpt
-);
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  KeyUsage ::= BIT STRING {
- *       digitalSignature        (0),
- *       nonRepudiation          (1),
- *       keyEncipherment         (2),
- *       dataEncipherment        (3),
- *       keyAgreement            (4),
- *       keyCertSign             (5),
- *       cRLSign                 (6),
- *       encipherOnly            (7),
- *       decipherOnly            (8) }
- *
- * The public calls for the type:
- *
- *  NSSPKIXKeyUsage_Decode
- *  NSSPKIXKeyUsage_CreateFromUTF8
- *  NSSPKIXKeyUsage_CreateFromValue
- *  NSSPKIXKeyUsage_Destroy
- *  NSSPKIXKeyUsage_Encode
- *  NSSPKIXKeyUsage_GetUTF8Encoding
- *  NSSPKIXKeyUsage_GetValue
- *  NSSPKIXKeyUsage_SetValue
- *    { bitwise accessors? }
- *  NSSPKIXKeyUsage_Equal
- *  NSSPKIXKeyUsage_Duplicate
- *
- */
-
-/*
- * NSSPKIXKeyUsage_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXKeyUsage_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXKeyUsage_CreateFromValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_CreateFromValue
-(
-  NSSArena *arenaOpt,
-  NSSPKIXKeyUsageValue value
-);
-
-/*
- * NSSPKIXKeyUsage_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXKeyUsage_Destroy
-(
-  NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * NSSPKIXKeyUsage_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXKeyUsage_Encode
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXKeyUsage_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXKeyUsage_GetUTF8Encoding
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXKeyUsage_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  A set of NSSKeyUsageValue values OR-d together upon success
- *  NSSKeyUsage_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSKeyUsageValue
-NSSPKIXKeyUsage_GetValue
-(
-  NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * NSSPKIXKeyUsage_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXKeyUsage_SetValue
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSPKIXKeyUsageValue value
-);
-
-/*
- * NSSPKIXKeyUsage_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXKeyUsage_Equal
-(
-  NSSPKIXKeyUsage *keyUsage1,
-  NSSPKIXKeyUsage *keyUsage2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXKeyUsage_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_Duplicate
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSArena *arenaOpt
-);
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PrivateKeyUsagePeriod ::= SEQUENCE {
- *       notBefore       [0]     GeneralizedTime OPTIONAL,
- *       notAfter        [1]     GeneralizedTime OPTIONAL }
- *       -- either notBefore or notAfter shall be present
- *
- * The public calls for the type:
- *
- *  NSSPKIXPrivateKeyUsagePeriod_Decode
- *  NSSPKIXPrivateKeyUsagePeriod_Create
- *  NSSPKIXPrivateKeyUsagePeriod_Destroy
- *  NSSPKIXPrivateKeyUsagePeriod_Encode
- *  NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
- *  NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
- *  NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
- *  NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *  NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
- *  NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
- *  NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
- *  NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *  NSSPKIXPrivateKeyUsagePeriod_Equal
- *  NSSPKIXPrivateKeyUsagePeriod_Duplicate
- *
- */
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_TIME
- *  NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Create
-(
-  NSSArena *arenaOpt,
-  NSSTime *notBeforeOpt,
-  NSSTime *notAfterOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_Destroy
-(
-  NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPrivateKeyUsagePeriod_Encode
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- *  NSSTime {fgmr!}
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_TIME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSTime *notBefore
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- *  NSSTime {fgmr!}
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_TIME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSTime *notAfter
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_Equal
-(
-  NSSPKIXPrivateKeyUsagePeriod *period1,
-  NSSPKIXPrivateKeyUsagePeriod *period2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Duplicate
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSArena *arenaOpt
-);
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * The public calls for the type:
- *
- *  NSSPKIXCertificatePolicies_Decode
- *  NSSPKIXCertificatePolicies_Create
- *  NSSPKIXCertificatePolicies_Destroy
- *  NSSPKIXCertificatePolicies_Encode
- *  NSSPKIXCertificatePolicies_GetPolicyInformationCount
- *  NSSPKIXCertificatePolicies_GetPolicyInformations
- *  NSSPKIXCertificatePolicies_SetPolicyInformations
- *  NSSPKIXCertificatePolicies_GetPolicyInformation
- *  NSSPKIXCertificatePolicies_SetPolicyInformation
- *  NSSPKIXCertificatePolicies_InsertPolicyInformation
- *  NSSPKIXCertificatePolicies_AppendPolicyInformation
- *  NSSPKIXCertificatePolicies_RemovePolicyInformation
- *  NSSPKIXCertificatePolicies_FindPolicyInformation
- *  NSSPKIXCertificatePolicies_Equal
- *  NSSPKIXCertificatePolicies_Duplicate
- *
- */
-
-/*
- * NSSPKIXCertificatePolicies_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificatePolicies upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificatePolicies_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificatePolicies upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXPolicyInformation *pi1,
-  ...
-);
-
-/*
- * NSSPKIXCertificatePolicies_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_Destroy
-(
-  NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * NSSPKIXCertificatePolicies_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificatePolicies_Encode
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformationCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCertificatePolicies_GetPolicyInformationCount
-(
-  NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformations
- *
- * We regret the function name.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXPolicyInformation pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation **
-NSSPKIXCertificatePolicies_GetPolicyInformations
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_SetPolicyInformations
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_SetPolicyInformations
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *pi[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXCertificatePolicies_GetPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_SetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_SetPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_InsertPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_InsertPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_AppendPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_AppendPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_RemovePolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_RemovePolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXCertificatePolicies_FindPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  The nonnegative integer upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCertificatePolicies_FindPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificatePolicies_Equal
-(
-  NSSPKIXCertificatePolicies *cp1,
-  NSSPKIXCertificatePolicies *cp2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificatePolicies upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Duplicate
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSArena *arenaOpt
-);
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyInformation ::= SEQUENCE {
- *       policyIdentifier   CertPolicyId,
- *       policyQualifiers   SEQUENCE SIZE (1..MAX) OF
- *               PolicyQualifierInfo OPTIONAL }
- *
- * The public calls for the type:
- *
- *  NSSPKIXPolicyInformation_Decode
- *  NSSPKIXPolicyInformation_Create
- *  NSSPKIXPolicyInformation_Destroy
- *  NSSPKIXPolicyInformation_Encode
- *  NSSPKIXPolicyInformation_GetPolicyIdentifier
- *  NSSPKIXPolicyInformation_SetPolicyIdentifier
- *  NSSPKIXPolicyInformation_GetPolicyQualifierCount
- *  NSSPKIXPolicyInformation_GetPolicyQualifiers
- *  NSSPKIXPolicyInformation_SetPolicyQualifiers
- *  NSSPKIXPolicyInformation_GetPolicyQualifier
- *  NSSPKIXPolicyInformation_SetPolicyQualifier
- *  NSSPKIXPolicyInformation_InsertPolicyQualifier
- *  NSSPKIXPolicyInformation_AppendPolicyQualifier
- *  NSSPKIXPolicyInformation_RemovePolicyQualifier
- *  NSSPKIXPolicyInformation_Equal
- *  NSSPKIXPolicyInformation_Duplicate
- *    { and accessors by specific policy qualifier ID }
- *
- */
-
-/*
- * NSSPKIXPolicyInformation_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyInformation_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCertPolicyId *id,
-  NSSPKIXPolicyQualifierInfo *pqi1,
-  ...
-);
-
-/*
- * NSSPKIXPolicyInformation_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_Destroy
-(
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyInformation_Encode
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid OID upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyInformation_GetPolicyIdentifier
-(
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyIdentifier
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSPKIXCertPolicyIdentifier *cpi
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifierCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyInformation_GetPolicyQualifierCount
-(
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXPolicyQualifierInfo pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo **
-NSSPKIXPolicyInformation_GetPolicyQualifiers
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSPKIXPolicyQualifierInfo *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyQualifiers
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSPKIXPolicyQualifierInfo *pqi[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyInformation_GetPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_InsertPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_InsertPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_AppendPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_AppendPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_RemovePolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_RemovePolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXPolicyInformation_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyInformation_Equal
-(
-  NSSPKIXPolicyInformation *pi1,
-  NSSPKIXPolicyInformation *pi2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Duplicate
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and accessors by specific policy qualifier ID }
- *
- */
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyQualifierInfo ::= SEQUENCE {
- *         policyQualifierId  PolicyQualifierId,
- *         qualifier        ANY DEFINED BY policyQualifierId }
- *
- * The public calls for the type:
- *
- *  NSSPKIXPolicyQualifierInfo_Decode
- *  NSSPKIXPolicyQualifierInfo_Create
- *  NSSPKIXPolicyQualifierInfo_Destroy
- *  NSSPKIXPolicyQualifierInfo_Encode
- *  NSSPKIXPolicyQualifierInfo_GetPolicyQualifierID
- *  NSSPKIXPolicyQualifierInfo_SetPolicyQualifierID
- *  NSSPKIXPolicyQualifierInfo_GetQualifier
- *  NSSPKIXPolicyQualifierInfo_SetQualifier
- *  NSSPKIXPolicyQualifierInfo_Equal
- *  NSSPKIXPolicyQualifierInfo_Duplicate
- *    { and accessors by specific qualifier id/type }
- *
- */
-
-/*
- * NSSPKIXPolicyQualifierInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXPolicyQualifierId *policyQualifierId,
-  NSSItem *qualifier
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_Destroy
-(
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyQualifierInfo_Encode
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_GetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierId (an NSSOID) upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierId *
-NSSPKIXPolicyQualifierInfo_GetPolicyQualifierId
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_SetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_SetPolicyQualifierId
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSPKIXPolicyQualifierId *pqid
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_GetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXPolicyQualifierInfo_GetQualifier
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_SetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_SetQualifier
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSItem *qualifier
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyQualifierInfo_Equal
-(
-  NSSPKIXPolicyQualifierInfo *pqi1,
-  NSSPKIXPolicyQualifierInfo *pqi2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Duplicate
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and accessors by specific qualifier id/type }
- *
- */
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CPSuri ::= IA5String
- *
- * The public calls for this type:
- *
- *  NSSPKIXCPSuri_Decode
- *  NSSPKIXCPSuri_CreateFromUTF8
- *  NSSPKIXCPSuri_Encode
- *
- */
-
-/*
- * NSSPKIXCPSuri_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCPSuri upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-NSSPKIXCPSuri_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCPSuri_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCPSuri upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-NSSPKIXCPSuri_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCPSuri_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CPS_URI
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCPSuri_Encode
-(
-  NSSPKIXCPSuri *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UserNotice ::= SEQUENCE {
- *       noticeRef        NoticeReference OPTIONAL,
- *       explicitText     DisplayText OPTIONAL}
- *
- * The public calls for this type:
- *
- *  NSSPKIXUserNotice_Decode
- *  NSSPKIXUserNotice_Create
- *  NSSPKIXUserNotice_Destroy
- *  NSSPKIXUserNotice_Encode
- *  NSSPKIXUserNotice_HasNoticeRef
- *  NSSPKIXUserNotice_GetNoticeRef
- *  NSSPKIXUserNotice_SetNoticeRef
- *  NSSPKIXUserNotice_RemoveNoticeRef
- *  NSSPKIXUserNotice_HasExplicitText
- *  NSSPKIXUserNotice_GetExplicitText
- *  NSSPKIXUserNotice_SetExplicitText
- *  NSSPKIXUserNotice_RemoveExplicitText
- *  NSSPKIXUserNotice_Equal
- *  NSSPKIXUserNotice_Duplicate
- *
- */
-
-
-/*
- * NSSPKIXUserNotice_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXUserNotice upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXUserNotice_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXUserNotice upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXNoticeReference *noticeRef,
-  NSSPKIXDisplayText *explicitText
-);
-
-/*
- * NSSPKIXUserNotice_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_Destroy
-(
-  NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXUserNotice_Encode
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_HasNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_HasNoticeRef
-(
-  NSSPKIXUserNotice *userNotice,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_GetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NOTICE_REF
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXUserNotice_GetNoticeRef
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_SetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_SetNoticeRef
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSPKIXNoticeReference *noticeRef
-);
-
-/*
- * NSSPKIXUserNotice_RemoveNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_HAS_NO_NOTICE_REF
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_RemoveNoticeRef
-(
-  NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_HasExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_TRUE if it has some
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_HasExplicitText
-(
-  NSSPKIXUserNotice *userNotice,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_GetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXUserNotice_GetExplicitText
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_SetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_SetExplicitText
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSPKIXDisplayText *explicitText
-);
-
-/*
- * NSSPKIXUserNotice_RemoveExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_RemoveExplicitText
-(
-  NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_Equal
-(
-  NSSPKIXUserNotice *userNotice1,
-  NSSPKIXUserNotice *userNotice2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXUserNotice upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Duplicate
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSArena *arenaOpt
-);
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NoticeReference ::= SEQUENCE {
- *       organization     DisplayText,
- *       noticeNumbers    SEQUENCE OF INTEGER }
- *
- * The public calls for this type:
- *
- *  NSSPKIXNoticeReference_Decode
- *  NSSPKIXNoticeReference_Create
- *  NSSPKIXNoticeReference_Destroy
- *  NSSPKIXNoticeReference_Encode
- *  NSSPKIXNoticeReference_GetOrganization
- *  NSSPKIXNoticeReference_SetOrganization
- *  NSSPKIXNoticeReference_GetNoticeNumberCount
- *  NSSPKIXNoticeReference_GetNoticeNumbers
- *  NSSPKIXNoticeReference_SetNoticeNumbers
- *  NSSPKIXNoticeReference_GetNoticeNumber
- *  NSSPKIXNoticeReference_SetNoticeNumber
- *  NSSPKIXNoticeReference_InsertNoticeNumber
- *  NSSPKIXNoticeReference_AppendNoticeNumber
- *  NSSPKIXNoticeReference_RemoveNoticeNumber
- *    { maybe number-exists-p gettor? }
- *  NSSPKIXNoticeReference_Equal
- *  NSSPKIXNoticeReference_Duplicate
- *
- */
-
-/*
- * NSSPKIXNoticeReference_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXNoticeReference_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDisplayText *organization,
-  PRUint32 noticeCount,
-  PRInt32 noticeNumber1,
-  ...
-);
-
-/*
- * { fgmr -- or should the call that takes PRInt32 be _CreateFromValues,
- *  and the _Create call take NSSBER integers? }
- */
-
-/*
- * NSSPKIXNoticeReference_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_Destroy
-(
-  NSSPKIXNoticeReference *nr
-);
-
-/*
- * NSSPKIXNoticeReference_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNoticeReference_Encode
-(
-  NSSPKIXNoticeReference *nr,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_GetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXNoticeReference_GetOrganization
-(
-  NSSPKIXNoticeReference *nr,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_SetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetOrganization
-(
-  NSSPKIXNoticeReference *nr,
-  NSSPKIXDisplayText *organization
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumberCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXNoticeReference_GetNoticeNumberCount
-(
-  NSSPKIXNoticeReference *nr
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of PRInt32 values upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN PRInt32 *
-NSSPKIXNoticeReference_GetNoticeNumbers
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_SetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetNoticeNumbers
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 noticeNumbers[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumber
- *
- * -- fgmr comments --
- * Because there is no natural "invalid" notice number value, we must
- * pass the number by reference, and return an explicit status value.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_POINTER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_GetNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i,
-  PRInt32 *noticeNumberP
-);
-  
-/*
- * NSSPKIXNoticeReference_SetNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i,
-  PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_InsertNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_InsertNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i,
-  PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_AppendNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_AppendNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_RemoveNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_RemoveNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i
-);
-
-/*
- *   { maybe number-exists-p gettor? }
- */
-
-/*
- * NSSPKIXNoticeReference_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNoticeReference_Equal
-(
-  NSSPKIXNoticeReference *nr1,
-  NSSPKIXNoticeReference *nr2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNoticeReference_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Duplicate
-(
-  NSSPKIXNoticeReference *nr,
-  NSSArena *arenaOpt
-);
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DisplayText ::= CHOICE {
- *       visibleString    VisibleString  (SIZE (1..200)),
- *       bmpString        BMPString      (SIZE (1..200)),
- *       utf8String       UTF8String     (SIZE (1..200)) }
- * 
- * The public calls for this type:
- *
- *  NSSPKIXDisplayText_Decode
- *  NSSPKIXDisplayText_CreateFromUTF8
- *  NSSPKIXDisplayText_Encode
- *
- */
-
-/*
- * NSSPKIXDisplayText_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXDisplayText_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXDisplayText_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXDisplayText_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXDisplayText_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDisplayText_Encode
-(
-  NSSPKIXDisplayText *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- * The public calls for this type:
- *
- *  NSSPKIXPolicyMappings_Decode
- *  NSSPKIXPolicyMappings_Create
- *  NSSPKIXPolicyMappings_Destroy
- *  NSSPKIXPolicyMappings_Encode
- *  NSSPKIXPolicyMappings_GetPolicyMappingCount
- *  NSSPKIXPolicyMappings_GetPolicyMappings
- *  NSSPKIXPolicyMappings_SetPolicyMappings
- *  NSSPKIXPolicyMappings_GetPolicyMapping
- *  NSSPKIXPolicyMappings_SetPolicyMapping
- *  NSSPKIXPolicyMappings_InsertPolicyMapping
- *  NSSPKIXPolicyMappings_AppendPolicyMapping
- *  NSSPKIXPolicyMappings_RemovePolicyMapping
- *  NSSPKIXPolicyMappings_FindPolicyMapping
- *  NSSPKIXPolicyMappings_Equal
- *  NSSPKIXPolicyMappings_Duplicate
- *  NSSPKIXPolicyMappings_IssuerDomainPolicyExists
- *  NSSPKIXPolicyMappings_SubjectDomainPolicyExists
- *  NSSPKIXPolicyMappings_FindIssuerDomainPolicy
- *  NSSPKIXPolicyMappings_FindSubjectDomainPolicy
- *  NSSPKIXPolicyMappings_MapIssuerToSubject
- *  NSSPKIXPolicyMappings_MapSubjectToIssuer
- *    { find's and map's: what if there's more than one? }
- *
- */
-
-/*
- * NSSPKIXPolicyMappings_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyMappings upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyMappings_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyMappings upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Decode
-(
-  NSSArena *arenaOpt,
-  NSSPKIXpolicyMapping *policyMapping1,
-  ...
-);
-
-/*
- * NSSPKIXPolicyMappings_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_Destroy
-(
-  NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * NSSPKIXPolicyMappings_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyMappings_Encode
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMappingCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_GetPolicyMappingCount
-(
-  NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXpolicyMapping pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping **
-NSSPKIXPolicyMappings_GetPolicyMappings
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_SetPolicyMappings
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *policyMapping[]
-  PRInt32 count
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXPolicyMappings_GetPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_SetPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i,
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_InsertPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_InsertPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i,
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_AppendPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_AppendPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_RemovePolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_RemovePolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i
-);
-
-/*
- * NSSPKIXPolicyMappings_FindPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_Equal
-(
-  NSSPKIXPolicyMappings *policyMappings1,
-  NSSPKIXpolicyMappings *policyMappings2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyMappings upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Duplicate
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_IssuerDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * 
- * Return value:
- *  PR_TRUE if the specified domain policy OID exists
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_IssuerDomainPolicyExists
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SubjectDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * 
- * Return value:
- *  PR_TRUE if the specified domain policy OID exists
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_SubjectDomainPolicyExists
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *subjectDomainPolicy,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_FindIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindIssuerDomainPolicy
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_FindSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindSubjectDomainPolicy
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_MapIssuerToSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyMappings_MapIssuerToSubject
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_MapSubjectToIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyMappings_MapSubjectToIssuer
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- *                                               SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- * The public calls for this type:
- *
- *  NSSPKIXpolicyMapping_Decode
- *  NSSPKIXpolicyMapping_Create
- *  NSSPKIXpolicyMapping_Destroy
- *  NSSPKIXpolicyMapping_Encode
- *  NSSPKIXpolicyMapping_GetIssuerDomainPolicy
- *  NSSPKIXpolicyMapping_SetIssuerDomainPolicy
- *  NSSPKIXpolicyMapping_GetSubjectDomainPolicy
- *  NSSPKIXpolicyMapping_SetSubjectDomainPolicy
- *  NSSPKIXpolicyMapping_Equal
- *  NSSPKIXpolicyMapping_Duplicate
- *
- */
-
-/*
- * NSSPKIXpolicyMapping_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXpolicyMapping_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCertPolicyId *issuerDomainPolicy,
-  NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_Destroy
-(
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXpolicyMapping_Encode
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXpolicyMapping_GetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId OID upon success
- *  NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXpolicyMapping_GetIssuerDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_SetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_SetIssuerDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_GetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId OID upon success
- *  NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXpolicyMapping_GetSubjectDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_SetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_SetSubjectDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXpolicyMapping_Equal
-(
-  NSSPKIXpolicyMapping *policyMapping1,
-  NSSPKIXpolicyMapping *policyMapping2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXpolicyMapping_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Duplicate
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSArena *arenaOpt
-);
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- *  GeneralName ::= CHOICE {
- *       otherName                       [0]     AnotherName,
- *       rfc822Name                      [1]     IA5String,
- *       dNSName                         [2]     IA5String,
- *       x400Address                     [3]     ORAddress,
- *       directoryName                   [4]     Name,
- *       ediPartyName                    [5]     EDIPartyName,
- *       uniformResourceIdentifier       [6]     IA5String,
- *       iPAddress                       [7]     OCTET STRING,
- *       registeredID                    [8]     OBJECT IDENTIFIER }
- *
- * The public calls for this type:
- *
- *  NSSPKIXGeneralName_Decode
- *  NSSPKIXGeneralName_CreateFromUTF8
- *  NSSPKIXGeneralName_Create
- *  NSSPKIXGeneralName_CreateFromOtherName
- *  NSSPKIXGeneralName_CreateFromRfc822Name
- *  NSSPKIXGeneralName_CreateFromDNSName
- *  NSSPKIXGeneralName_CreateFromX400Address
- *  NSSPKIXGeneralName_CreateFromDirectoryName
- *  NSSPKIXGeneralName_CreateFromEDIPartyName
- *  NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
- *  NSSPKIXGeneralName_CreateFromIPAddress
- *  NSSPKIXGeneralName_CreateFromRegisteredID
- *  NSSPKIXGeneralName_Destroy
- *  NSSPKIXGeneralName_Encode
- *  NSSPKIXGeneralName_GetUTF8Encoding
- *  NSSPKIXGeneralName_GetChoice
- *  NSSPKIXGeneralName_GetOtherName
- *  NSSPKIXGeneralName_GetRfc822Name
- *  NSSPKIXGeneralName_GetDNSName
- *  NSSPKIXGeneralName_GetX400Address
- *  NSSPKIXGeneralName_GetDirectoryName
- *  NSSPKIXGeneralName_GetEDIPartyName
- *  NSSPKIXGeneralName_GetUniformResourceIdentifier
- *  NSSPKIXGeneralName_GetIPAddress
- *  NSSPKIXGeneralName_GetRegisteredID
- *  NSSPKIXGeneralName_GetSpecifiedChoice
- *  NSSPKIXGeneralName_Equal
- *  NSSPKIXGeneralName_Duplicate
- *  (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-/*
- * NSSPKIXGeneralName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXGeneralName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INVALID_OID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralNameChoice choice,
-  void *content
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromOtherName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAnotherName *otherName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromRfc822Name
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *rfc822Name
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromDNSName
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *dNSName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromX400Address
-(
-  NSSArena *arenaOpt,
-  NSSPKIXORAddress *x400Address
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromDirectoryName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXName *directoryName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromEDIPartyName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXEDIPartyName *ediPartyname
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *uniformResourceIdentifier
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromIPAddress
-(
-  NSSArena *arenaOpt,
-  NSSItem *iPAddress
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromRegisteredID
-(
-  NSSArena *arenaOpt,
-  NSSOID *registeredID
-);
-
-/*
- * NSSPKIXGeneralName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralName_Destroy
-(
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralName_Encode
-(
-  NSSPKIXGeneralName *generalName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetUTF8Encoding
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  A valid NSSPKIXGeneralNameChoice value upon success
- *  NSSPKIXGeneralNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNameChoice
-NSSPKIXGeneralName_GetChoice
-(
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_GetOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXGeneralName_GetOtherName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetRfc822Name
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetDNSName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXORAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXGeneralName_GetX400Address
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXGeneralName_GetDirectoryName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXGeneralName_GetEDIPartyName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetUniformResourceIdentifier
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXGeneralName_GetIPAddress
-(
-  NSSPKIXGeneralName *generalName,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSOID upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXGeneralName_GetRegisteredID
-(
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXGeneralName_GetSpecifiedChoice
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralName_Equal
-(
-  NSSPKIXGeneralName *generalName1,
-  NSSPKIXGeneralName *generalName2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Duplicate
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- *  GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * The public calls for this type:
- *
- *  NSSPKIXGeneralNames_Decode
- *  NSSPKIXGeneralNames_Create
- *  NSSPKIXGeneralNames_Destroy
- *  NSSPKIXGeneralNames_Encode
- *  NSSPKIXGeneralNames_GetGeneralNameCount
- *  NSSPKIXGeneralNames_GetGeneralNames
- *  NSSPKIXGeneralNames_SetGeneralNames
- *  NSSPKIXGeneralNames_GetGeneralName
- *  NSSPKIXGeneralNames_SetGeneralName
- *  NSSPKIXGeneralNames_InsertGeneralName
- *  NSSPKIXGeneralNames_AppendGeneralName
- *  NSSPKIXGeneralNames_RemoveGeneralName
- *  NSSPKIXGeneralNames_FindGeneralName
- *  NSSPKIXGeneralNames_Equal
- *  NSSPKIXGeneralNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXGeneralNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralName *generalName1,
-  ...
-);
-
-/*
- * NSSPKIXGeneralNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_Destroy
-(
-  NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * NSSPKIXGeneralNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralNames_Encode
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralNames_GetGeneralNameCount
-(
-  NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXGeneralName pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName **
-NSSPKIXGeneralNames_GetGeneralNames
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_SetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_SetGeneralNames
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *generalName[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralNames_GetGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_SetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_SetGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_InsertGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_InsertGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_AppendGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_AppendGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_RemoveGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_RemoveGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXGeneralNames_FindGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralNames_FindGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralNames_Equal
-(
-  NSSPKIXGeneralNames *generalNames1,
-  NSSPKIXGeneralNames *generalNames2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Duplicate
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSArena *arenaOpt
-);
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AnotherName ::= SEQUENCE {
- *       type-id    OBJECT IDENTIFIER,
- *       value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * The public calls for this type:
- *
- *  NSSPKIXAnotherName_Decode
- *  NSSPKIXAnotherName_Create
- *  NSSPKIXAnotherName_Destroy
- *  NSSPKIXAnotherName_Encode
- *  NSSPKIXAnotherName_GetTypeId
- *  NSSPKIXAnotherName_SetTypeId
- *  NSSPKIXAnotherName_GetValue
- *  NSSPKIXAnotherName_SetValue
- *  NSSPKIXAnotherName_Equal
- *  NSSPKIXAnotherName_Duplicate
- *
- */
-
-/*
- * NSSPKIXAnotherName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAnotherName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *typeId,
-  NSSItem *value
-);
-
-/*
- * NSSPKIXAnotherName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_Destroy
-(
-  NSSPKIXAnotherName *anotherName
-);
-
-/*
- * NSSPKIXAnotherName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAnotherName_Encode
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAnotherName_GetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSOID upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAnotherName_GetTypeId
-(
-  NSSPKIXAnotherName *anotherName
-);
-
-/*
- * NSSPKIXAnotherName_SetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_SetTypeId
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSOID *typeId
-);
-
-/*
- * NSSPKIXAnotherName_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXAnotherName_GetValue
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAnotherName_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ITEM
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_SetValue
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSItem *value
-);
-
-/*
- * NSSPKIXAnotherName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAnotherName_Equal
-(
-  NSSPKIXAnotherName *anotherName1,
-  NSSPKIXAnotherName *anotherName2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAnotherName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Duplicate
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSArena *arenaOpt
-);
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- *  EDIPartyName ::= SEQUENCE {
- *       nameAssigner            [0]     DirectoryString OPTIONAL,
- *       partyName               [1]     DirectoryString }
- *
- * The public calls for this type:
- *
- *  NSSPKIXEDIPartyName_Decode
- *  NSSPKIXEDIPartyName_Create
- *  NSSPKIXEDIPartyName_Destroy
- *  NSSPKIXEDIPartyName_Encode
- *  NSSPKIXEDIPartyName_HasNameAssigner
- *  NSSPKIXEDIPartyName_GetNameAssigner
- *  NSSPKIXEDIPartyName_SetNameAssigner
- *  NSSPKIXEDIPartyName_RemoveNameAssigner
- *  NSSPKIXEDIPartyName_GetPartyName
- *  NSSPKIXEDIPartyName_SetPartyName
- *  NSSPKIXEDIPartyName_Equal
- *  NSSPKIXEDIPartyName_Duplicate
- *
- */
-
-/*
- * NSSPKIXEDIPartyName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXEDIPartyName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *nameAssignerOpt,
-  NSSUTF8 *partyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_Destroy
-(
-  NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXEDIPartyName_Encode
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_HasNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXEDIPartyName_HasNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_GetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NAME_ASSIGNER
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXEDIPartyName_GetNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_SetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_SetNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSUTF8 *nameAssigner
-);
-
-/*
- * NSSPKIXEDIPartyName_RemoveNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_HAS_NO_NAME_ASSIGNER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_RemoveNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_GetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXEDIPartyName_GetPartyName
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_SetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_SetPartyName
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSUTF8 *partyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXEDIPartyName_Equal
-(
-  NSSPKIXEDIPartyName *ediPartyName1,
-  NSSPKIXEDIPartyName *ediPartyName2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Duplicate
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSArena *arenaOpt
-);
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- * The public calls for this type:
- *
- *  NSSPKIXSubjectDirectoryAttributes_Decode
- *  NSSPKIXSubjectDirectoryAttributes_Create
- *  NSSPKIXSubjectDirectoryAttributes_Destroy
- *  NSSPKIXSubjectDirectoryAttributes_Encode
- *  NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
- *  NSSPKIXSubjectDirectoryAttributes_GetAttributes
- *  NSSPKIXSubjectDirectoryAttributes_SetAttributes
- *  NSSPKIXSubjectDirectoryAttributes_GetAttribute
- *  NSSPKIXSubjectDirectoryAttributes_SetAttribute
- *  NSSPKIXSubjectDirectoryAttributes_InsertAttribute
- *  NSSPKIXSubjectDirectoryAttributes_AppendAttribute
- *  NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
- *  NSSPKIXSubjectDirectoryAttributes_FindAttribute
- *  NSSPKIXSubjectDirectoryAttributes_Equal
- *  NSSPKIXSubjectDirectoryAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon 
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon 
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttribute *attribute1,
-  ...
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_Destroy
-(
-  NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXSubjectDirectoryAttributes_Encode
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
-(
-  NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXAttribute pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttribute **
-NSSPKIXSubjectDirectoryAttributes_GetAttributes
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSPKIXAttribute *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_SetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_SetAttributes
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSAttribute *attributes[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon error
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXSubjectDirectoryAttributes_GetAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_SetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_SetAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_InsertAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_InsertAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_AppendAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_AppendAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_FindAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ATTRIBUTE
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXSubjectDirectoryAttributes_FindAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXSubjectDirectoryAttributes_Equal
-(
-  NSSPKIXSubjectDirectoryAttributes *sda1,
-  NSSPKIXSubjectDirectoryAttributes *sda2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon 
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Duplicate
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSArena *arenaOpt
-);
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BasicConstraints ::= SEQUENCE {
- *       cA                      BOOLEAN DEFAULT FALSE,
- *       pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXBasicConstraints_Decode
- *  NSSPKIXBasicConstraints_Create
- *  NSSPKIXBasicConstraints_Destroy
- *  NSSPKIXBasicConstraints_Encode
- *  NSSPKIXBasicConstraints_GetCA
- *  NSSPKIXBasicConstraints_SetCA 
- *  NSSPKIXBasicConstraints_HasPathLenConstraint
- *  NSSPKIXBasicConstraints_GetPathLenConstraint
- *  NSSPKIXBasicConstraints_SetPathLenConstraint
- *  NSSPKIXBasicConstraints_RemovePathLenConstraint
- *  NSSPKIXBasicConstraints_Equal
- *  NSSPKIXBasicConstraints_Duplicate
- *  NSSPKIXBasicConstraints_CompareToPathLenConstraint
- *
- */
-
-/*
- * NSSPKIXBasicConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBasicConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXBasicConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBasicConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Create
-(
-  NSSArena *arenaOpt,
-  PRBool ca,
-  PRInt32 pathLenConstraint
-);
-
-/*
- * NSSPKIXBasicConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_Destroy
-(
-  NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBasicConstraints_Encode
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_GetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the CA bit is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_GetCA
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_SetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_SetCA
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRBool ca
-);
-
-/*
- * NSSPKIXBasicConstraints_HasPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_HasPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_GetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBasicConstraints_GetPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_SetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_SetPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRInt32 pathLenConstraint
-);
-
-/*
- * NSSPKIXBasicConstraints_RemovePathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_RemovePathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_Equal
-(
-  NSSPKIXBasicConstraints *basicConstraints1,
-  NSSPKIXBasicConstraints *basicConstraints2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBasicConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Duplicate
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * 
- * Return value:
- *  1 if the specified value is greater than the pathLenConstraint
- *  0 if the specified value equals the pathLenConstraint
- *  -1 if the specified value is less than the pathLenConstraint
- *  -2 upon error
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBasicConstraints_CompareToPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRInt32 value
-);
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NameConstraints ::= SEQUENCE {
- *       permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
- *       excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXNameConstraints_Decode
- *  NSSPKIXNameConstraints_Create
- *  NSSPKIXNameConstraints_Destroy
- *  NSSPKIXNameConstraints_Encode
- *  NSSPKIXNameConstraints_HasPermittedSubtrees
- *  NSSPKIXNameConstraints_GetPermittedSubtrees
- *  NSSPKIXNameConstraints_SetPermittedSubtrees
- *  NSSPKIXNameConstraints_RemovePermittedSubtrees
- *  NSSPKIXNameConstraints_HasExcludedSubtrees
- *  NSSPKIXNameConstraints_GetExcludedSubtrees
- *  NSSPKIXNameConstraints_SetExcludedSubtrees
- *  NSSPKIXNameConstraints_RemoveExcludedSubtrees
- *  NSSPKIXNameConstraints_Equal
- *  NSSPKIXNameConstraints_Duplicate
- *    { and the comparator functions }
- *
- */
-
-/*
- * NSSPKIXNameConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNameConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXNameConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNameConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralSubtrees *permittedSubtrees,
-  NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_Destroy
-(
-  NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNameConstraints_Encode
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_HasPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_HasPermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_GetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXNameConstraints_GetPermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_SetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_SetPermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSPKIXGeneralSubtrees *permittedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_RemovePermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_RemovePermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_HasExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_HasExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_GetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXNameConstraints_GetExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_SetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_SetExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_RemoveExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_RemoveExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_Equal
-(
-  NSSPKIXNameConstraints *nameConstraints1,
-  NSSPKIXNameConstraints *nameConstraints2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNameConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Duplicate
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and the comparator functions }
- *
- */
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- * The public calls for this type:
- *
- *  NSSPKIXGeneralSubtrees_Decode
- *  NSSPKIXGeneralSubtrees_Create
- *  NSSPKIXGeneralSubtrees_Destroy
- *  NSSPKIXGeneralSubtrees_Encode
- *  NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *  NSSPKIXGeneralSubtrees_GetGeneralSubtrees
- *  NSSPKIXGeneralSubtrees_SetGeneralSubtrees
- *  NSSPKIXGeneralSubtrees_GetGeneralSubtree
- *  NSSPKIXGeneralSubtrees_SetGeneralSubtree
- *  NSSPKIXGeneralSubtrees_InsertGeneralSubtree
- *  NSSPKIXGeneralSubtrees_AppendGeneralSubtree
- *  NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
- *  NSSPKIXGeneralSubtrees_FindGeneralSubtree
- *  NSSPKIXGeneralSubtrees_Equal
- *  NSSPKIXGeneralSubtrees_Duplicate
- *    { and finders and comparators }
- *
- */
-
-/*
- * NSSPKIXGeneralSubtrees_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralSubtree *generalSubtree1,
-  ...
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_Destroy
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralSubtrees_Encode
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXGeneralSubtree pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree **
-NSSPKIXGeneralSubtrees_GetGeneralSubtrees
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_SetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_SetGeneralSubtrees
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *generalSubtree[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtrees_GetGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_SetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_SetGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_InsertGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_InsertGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_AppendGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_AppendGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXGeneralSubtrees_FindGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralSubtrees_FindGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtrees_Equal
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees1,
-  NSSPKIXGeneralSubtrees *generalSubtrees2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Duplicate
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and finders and comparators }
- *
- */
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtree ::= SEQUENCE {
- *       base                    GeneralName,
- *       minimum         [0]     BaseDistance DEFAULT 0,
- *       maximum         [1]     BaseDistance OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXGeneralSubtree_Decode
- *  NSSPKIXGeneralSubtree_Create
- *  NSSPKIXGeneralSubtree_Destroy
- *  NSSPKIXGeneralSubtree_Encode
- *  NSSPKIXGeneralSubtree_GetBase
- *  NSSPKIXGeneralSubtree_SetBase
- *  NSSPKIXGeneralSubtree_GetMinimum
- *  NSSPKIXGeneralSubtree_SetMinimum
- *  NSSPKIXGeneralSubtree_HasMaximum
- *  NSSPKIXGeneralSubtree_GetMaximum
- *  NSSPKIXGeneralSubtree_SetMaximum
- *  NSSPKIXGeneralSubtree_RemoveMaximum
- *  NSSPKIXGeneralSubtree_Equal
- *  NSSPKIXGeneralSubtree_Duplicate
- *  NSSPKIXGeneralSubtree_DistanceInRange
- *    {other tests and comparators}
- *
- */
-
-/*
- * NSSPKIXGeneralSubtree_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralSubtree_Create
- *
- * -- fgmr comments --
- * The optional maximum value may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXBaseDistance minimum,
-  NSSPKIXBaseDistance maximumOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_Destroy
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralSubtree_Encode
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralSubtree_GetBase
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetBase
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXGeneralName *base
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-NSSPKIXGeneralSubtree_GetMinimum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetMinimum
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXBaseDistance *minimum
-);
-
-/*
- * NSSPKIXGeneralSubtree_HasMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_HasMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-NSSPKIXGeneralSubtree_GetMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXBaseDistance *maximum
-);
-
-/*
- * NSSPKIXGeneralSubtree_RemoveMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_RemoveMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_Equal
-(
-  NSSPKIXGeneralSubtree *generalSubtree1,
-  NSSPKIXGeneralSubtree *generalSubtree2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Duplicate
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_DistanceInRange
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_TRUE if the specified value is within the minimum and maximum
- *      base distances
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_DistanceInRange
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXBaseDistance value,
-  PRStatus *statusOpt
-);
-
-/*
- *   {other tests and comparators}
- *
- */
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyConstraints ::= SEQUENCE {
- *       requireExplicitPolicy           [0] SkipCerts OPTIONAL,
- *       inhibitPolicyMapping            [1] SkipCerts OPTIONAL }
- * 
- * The public calls for this type:
- *
- *  NSSPKIXPolicyConstraints_Decode
- *  NSSPKIXPolicyConstraints_Create
- *  NSSPKIXPolicyConstraints_Destroy
- *  NSSPKIXPolicyConstraints_Encode
- *  NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
- *  NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
- *  NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
- *  NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *  NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
- *  NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
- *  NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
- *  NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *  NSSPKIXPolicyConstraints_Equal
- *  NSSPKIXPolicyConstraints_Duplicate
- *
- */
-
-/*
- * NSSPKIXPolicyConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyConstraints_Create
- *
- * -- fgmr comments --
- * The optional values may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXSkipCerts requireExplicitPolicy,
-  NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * NSSPKIXPolicyConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_Destroy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyConstraints_Encode
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSPKIXSkipCerts requireExplicitPolicy
-);
-
-/*
- * NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_Equal
-(
-  NSSPKIXPolicyConstraints *policyConstraints1,
-  NSSPKIXPolicyConstraints *policyConstraints2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Duplicate
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- * The public calls for this type:
- *
- *  NSSPKIXCRLDistPointsSyntax_Decode
- *  NSSPKIXCRLDistPointsSyntax_Create
- *  NSSPKIXCRLDistPointsSyntax_Destroy
- *  NSSPKIXCRLDistPointsSyntax_Encode
- *  NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *  NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
- *  NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
- *  NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
- *  NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
- *  NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *  NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *  NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *  NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
- *  NSSPKIXCRLDistPointsSyntax_Equal
- *  NSSPKIXCRLDistPointsSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPoint *distributionPoint1,
-  ...
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_Destroy
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCRLDistPointsSyntax_Encode
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXDistributionPoint pointers 
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoints **
-NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSDistributionPoint *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSDistributionPoint *distributionPoint[]
-  PRInt32 count
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  PRInt32 i,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  PRInt32 i,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCRLDistPointsSyntax_Equal
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax1,
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Duplicate
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSArena *arenaOpt
-);
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0]     DistributionPointName OPTIONAL,
- *       reasons                 [1]     ReasonFlags OPTIONAL,
- *       cRLIssuer               [2]     GeneralNames OPTIONAL }
- *
- * The public calls for this type:
- *
- *  NSSPKIXDistributionPoint_Decode
- *  NSSPKIXDistributionPoint_Create
- *  NSSPKIXDistributionPoint_Destroy
- *  NSSPKIXDistributionPoint_Encode
- *  NSSPKIXDistributionPoint_HasDistributionPoint
- *  NSSPKIXDistributionPoint_GetDistributionPoint
- *  NSSPKIXDistributionPoint_SetDistributionPoint
- *  NSSPKIXDistributionPoint_RemoveDistributionPoint
- *  NSSPKIXDistributionPoint_HasReasons
- *  NSSPKIXDistributionPoint_GetReasons
- *  NSSPKIXDistributionPoint_SetReasons
- *  NSSPKIXDistributionPoint_RemoveReasons
- *  NSSPKIXDistributionPoint_HasCRLIssuer
- *  NSSPKIXDistributionPoint_GetCRLIssuer
- *  NSSPKIXDistributionPoint_SetCRLIssuer
- *  NSSPKIXDistributionPoint_RemoveCRLIssuer
- *  NSSPKIXDistributionPoint_Equal
- *  NSSPKIXDistributionPoint_Duplicate
- *
- */
-
-/*
- * NSSPKIXDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPointName *distributionPoint,
-  NSSPKIXReasonFlags reasons,
-  NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_Destroy
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDistributionPoint_Encode
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPoint_GetDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSPKIXDistributionPointName *name
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_HasReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetReasons
- *
- * It is unlikely that the reason flags are all zero; so zero is
- * returned in error situations.
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_REASONS
- * 
- * Return value:
- *  A valid nonzero NSSPKIXReasonFlags value upon success
- *  A valid zero NSSPKIXReasonFlags if the value is indeed zero
- *  Zero upon error
- */
-
-NSS_EXTERN NSSPKIXReasonFlags
-NSSPKIXDistributionPoint_GetReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSPKIXReasonFlags reasons
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_REASONS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_HasCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_CRL_ISSUER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXDistributionPoint_GetCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_CRL_ISSUER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_Equal
-(
-  NSSPKIXDistributionPoint *distributionPoint1,
-  NSSPKIXDistributionPoint *distributionPoint2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Duplicate
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSArena *arenaOpt
-);
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPointName ::= CHOICE {
- *       fullName                [0]     GeneralNames,
- *       nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- *
- * The public calls for this type:
- *
- *  NSSPKIXDistributionPointName_Decode
- *  NSSPKIXDistributionPointName_Create
- *  NSSPKIXDistributionPointName_CreateFromFullName
- *  NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *  NSSPKIXDistributionPointName_Destroy
- *  NSSPKIXDistributionPointName_Encode
- *  NSSPKIXDistributionPointName_GetChoice
- *  NSSPKIXDistributionPointName_GetFullName
- *  NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *  NSSPKIXDistributionPointName_Equal
- *  NSSPKIXDistributionPointName_Duplicate
- *
- */
-
-/*
- * NSSPKIXDistributionPointName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXDistributionPointName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME_CHOICE
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPointNameChoice which,
-  void *name
-);
-
-/*
- * NSSPKIXDistributionPointName_CreateFromFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_CreateFromFullName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralNames *fullName
-);
-
-/*
- * NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPointName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPointName_Destroy
-(
-  NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXDistributionPointName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDistributionPointName_Encode
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * 
- * Return value:
- *  A valid NSSPKIXDistributionPointNameChoice value upon success
- *  NSSPKIXDistributionPointNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointNameChoice
-NSSPKIXDistributionPointName_GetChoice
-(
-  NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXDistributionPointName_GetFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralnames *
-NSSPKIXDistributionPointName_GetFullName
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPointName_Equal
-(
-  NSSPKIXDistributionPointName *dpn1,
-  NSSPKIXDistributionPointName *dpn2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Duplicate
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSArena *arenaOpt
-);
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ReasonFlags ::= BIT STRING {
- *       unused                  (0),
- *       keyCompromise           (1),
- *       cACompromise            (2),
- *       affiliationChanged      (3),
- *       superseded              (4),
- *       cessationOfOperation    (5),
- *       certificateHold         (6) }
- *
- * The public calls for this type:
- *
- *  NSSPKIXReasonFlags_Decode
- *  NSSPKIXReasonFlags_Create
- *  NSSPKIXReasonFlags_CreateFromMask
- *  NSSPKIXReasonFlags_Destroy
- *  NSSPKIXReasonFlags_Encode
- *  NSSPKIXReasonFlags_GetMask
- *  NSSPKIXReasonFlags_SetMask
- *  NSSPKIXReasonFlags_Equal
- *  NSSPKIXReasonFlags_Duplicate
- *    { bitwise accessors? }
- *
- */
-
-/*
- * NSSPKIXReasonFlags_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXReasonFlags_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Create
-(
-  NSSArena *arenaOpt,
-  PRBool keyCompromise,
-  PRBool cACompromise,
-  PRBool affiliationChanged,
-  PRBool superseded,
-  PRBool cessationOfOperation,
-  PRBool certificateHold
-);
-
-/*
- * NSSPKIXReasonFlags_CreateFromMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_CreateFromMask
-(
-  NSSArena *arenaOpt,
-  NSSPKIXReasonFlagsMask why
-);
-
-/*
- * NSSPKIXReasonFlags_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXReasonFlags_Destroy
-(
-  NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * NSSPKIXReasonFlags_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXReasonFlags_Encode
-(
-  NSSPKIXReasonFlags *reasonFlags,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXReasonFlags_GetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  A valid mask of NSSPKIXReasonFlagsMask values upon success
- *  NSSPKIXReasonFlagsMask_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlagsMask
-NSSPKIXReasonFlags_GetMask
-(
-  NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * NSSPKIXReasonFlags_SetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXReasonFlags_SetMask
-(
-  NSSPKIXReasonFlags *reasonFlags,
-  NSSPKIXReasonFlagsMask mask
-);
-
-/*
- * NSSPKIXReasonFlags_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXReasonFlags_Equal
-(
-  NSSPKIXReasonFlags *reasonFlags1,
-  NSSPKIXReasonFlags *reasonFlags2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXReasonFlags_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Duplicate
-(
-  NSSPKIXReasonFlags *reasonFlags,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { bitwise accessors? }
- *
- */
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * The public calls for this type:
- *
- *  NSSPKIXExtKeyUsageSyntax_Decode
- *  NSSPKIXExtKeyUsageSyntax_Create
- *  NSSPKIXExtKeyUsageSyntax_Destroy
- *  NSSPKIXExtKeyUsageSyntax_Encode
- *  NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *  NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *  NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *  NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *  NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *  NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *  NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *  NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *  NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *  NSSPKIXExtKeyUsageSyntax_Equal
- *  NSSPKIXExtKeyUsageSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXKeyPurposeId *kpid1,
-  ...
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_Destroy
-(
-  NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtKeyUsageSyntax_Encode
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
-(
-  NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXKeyPurposeId pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId **
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *ids[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXKeyPurposeId upon success
- *  NULL upon error
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId *
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified key purpose id upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtKeyUsageSyntax_Equal
-(
-  NSSPKIXExtKeyUsageSyntax *eku1,
-  NSSPKIXExtKeyUsageSyntax *eku2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Duplicate
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSArena *arenaOpt
-);
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityInfoAccessSyntax  ::=
- *          SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- * The public calls for this type:
- *
- *  NSSPKIXAuthorityInfoAccessSyntax_Decode
- *  NSSPKIXAuthorityInfoAccessSyntax_Create
- *  NSSPKIXAuthorityInfoAccessSyntax_Destroy
- *  NSSPKIXAuthorityInfoAccessSyntax_Encode
- *  NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *  NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *  NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *  NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *  NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *  NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *  NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *  NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *  NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *  NSSPKIXAuthorityInfoAccessSyntax_Equal
- *  NSSPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAccessDescription *ad1,
-  ...
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_Destroy
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAuthorityInfoAccessSyntax_Encode
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXAccessDescription pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription **
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *ad[],
-  PRInt32 count
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityInfoAccessSyntax_Equal
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias1,
-  NSSPKIXAuthorityInfoAccessSyntax *aias2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Duplicate
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSArena *arenaOpt
-);
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AccessDescription  ::=  SEQUENCE {
- *          accessMethod          OBJECT IDENTIFIER,
- *          accessLocation        GeneralName  }
- *
- * The public calls for this type:
- *
- *  NSSPKIXAccessDescription_Decode
- *  NSSPKIXAccessDescription_Create
- *  NSSPKIXAccessDescription_Destroy
- *  NSSPKIXAccessDescription_Encode
- *  NSSPKIXAccessDescription_GetAccessMethod
- *  NSSPKIXAccessDescription_SetAccessMethod
- *  NSSPKIXAccessDescription_GetAccessLocation
- *  NSSPKIXAccessDescription_SetAccessLocation
- *  NSSPKIXAccessDescription_Equal
- *  NSSPKIXAccessDescription_Duplicate
- *
- */
-
-/*
- * NSSPKIXAccessDescription_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXAccessDescription_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *accessMethod,
-  NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * NSSPKIXAccessDescription_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_Destroy
-(
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAccessDescription_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAccessDescription_Encode
-(
-  NSSPKIXAccessDescription *ad,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAccessDescription_GetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSOID pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAccessDescription_GetAccessMethod
-(
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAccessDescription_SetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_SetAccessMethod
-(
-  NSSPKIXAccessDescription *ad,
-  NSSOID *accessMethod
-);
-
-/*
- * NSSPKIXAccessDescription_GetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXAccessDescription_GetAccessLocation
-(
-  NSSPKIXAccessDescription *ad,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAccessDescription_SetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_SetAccessLocation
-(
-  NSSPKIXAccessDescription *ad,
-  NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * NSSPKIXAccessDescription_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAccessDescription_Equal
-(
-  NSSPKIXAccessDescription *ad1,
-  NSSPKIXAccessDescription *ad2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAccessDescription_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Duplicate
-(
-  NSSPKIXAccessDescription *ad,
-  NSSArena *arenaOpt
-);
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  IssuingDistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0] DistributionPointName OPTIONAL,
- *       onlyContainsUserCerts   [1] BOOLEAN DEFAULT FALSE,
- *       onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
- *       onlySomeReasons         [3] ReasonFlags OPTIONAL,
- *       indirectCRL             [4] BOOLEAN DEFAULT FALSE }
- *
- * The public calls for this type:
- *
- *  NSSPKIXIssuingDistributionPoint_Decode
- *  NSSPKIXIssuingDistributionPoint_Create
- *  NSSPKIXIssuingDistributionPoint_Destroy
- *  NSSPKIXIssuingDistributionPoint_Encode
- *  NSSPKIXIssuingDistributionPoint_HasDistributionPoint
- *  NSSPKIXIssuingDistributionPoint_GetDistributionPoint
- *  NSSPKIXIssuingDistributionPoint_SetDistributionPoint
- *  NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *  NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *  NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *  NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *  NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *  NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *  NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *  NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *  NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *  NSSPKIXIssuingDistributionPoint_GetIndirectCRL
- *  NSSPKIXIssuingDistributionPoint_SetIndirectCRL
- *  NSSPKIXIssuingDistributionPoint_Equal
- *  NSSPKIXIssuingDistributionPoint_Duplicate
- *
- */
-
-/*
- * NSSPKIXIssuingDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPointName *distributionPointOpt,
-  PRBool onlyContainsUserCerts,
-  PRBool onlyContainsCACerts,
-  NSSPKIXReasonFlags *onlySomeReasons
-  PRBool indirectCRL
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_Destroy
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXIssuingDistributionPoint_Encode
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_HasDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXIssuingDistributionPoint_GetDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the onlyContainsUserCerts value is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRBool onlyContainsUserCerts
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the onlyContainsCACerts value is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRBool onlyContainsCACerts
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSPKIXReasonFlags *onlySomeReasons
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the indirectCRL value is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetIndirectCRL
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetIndirectCRL
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRBool indirectCRL
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_Equal
-(
-  NSSPKIXIssuingDistributionPoint *idp1,
-  NSSPKIXIssuingDistributionPoint *idp2,
-  PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Duplicate
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIX_H */
diff --git a/security/nss/lib/pkix/include/nsspkixt.h b/security/nss/lib/pkix/include/nsspkixt.h
deleted file mode 100644
index ea35269ff..000000000
--- a/security/nss/lib/pkix/include/nsspkixt.h
+++ /dev/null
@@ -1,2281 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIXT_H
-#define NSSPKIXT_H
-
-#ifdef DEBUG
-static const char NSSPKIXT_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkixt.h
- *
- * This file contains the public type definitions for the PKIX part-1
- * objects.  The contents are strongly based on the types defined in
- * RFC 2459 {fgmr: and others, e.g., s/mime?}.  The type names have
- * been prefixed with "NSSPKIX."
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A Note About Strings
- *
- * RFC 2459 refers to several types of strings, including UniversalString,
- * BMPString, UTF8String, TeletexString, PrintableString, IA5String, and
- * more.  As with the rest of the NSS libraries, all strings are converted
- * to UTF8 form as soon as possible, and dealt with in that form from
- * then on.
- *
- */
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Attribute       ::=     SEQUENCE {
- *          type            AttributeType,
- *          values  SET OF AttributeValue
- *                  -- at least one value is required -- }
- *
- */
-
-struct NSSPKIXAttributeStr;
-typedef struct NSSPKIXAttributeStr NSSPKIXAttribute;
-
-/*
- * AttributeType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AttributeType           ::=   OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXAttributeType;
-
-/*
- * AttributeValue
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AttributeValue          ::=   ANY
- *
- */
-
-typedef NSSItem NSSPKIXAttributeValue;
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID), 
- * and the type-specific value.  RelativeDistinguishedNamess consist
- * of a set of these.  These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- *  AttributeTypeAndValue           ::=     SEQUENCE {
- *          type    AttributeType,
- *          value   AttributeValue }
- * 
- */
-
-struct NSSPKIXAttributeTypeAndValueStr;
-typedef struct NSSPKIXAttributeTypeAndValueStr NSSPKIXAttributeTypeAndValue;
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520name        ::= CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-name)),
- *        printableString       PrintableString (SIZE (1..ub-name)),
- *        universalString       UniversalString (SIZE (1..ub-name)),
- *        utf8String            UTF8String (SIZE (1..ub-name)),
- *        bmpString             BMPString (SIZE(1..ub-name))   }
- *
- */
-
-struct NSSPKIXX520NameStr;
-typedef struct NSSPKIXX520NameStr NSSPKIXX520Name;
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520CommonName  ::=      CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-common-name)),
- *        printableString       PrintableString (SIZE (1..ub-common-name)),
- *        universalString       UniversalString (SIZE (1..ub-common-name)),
- *        utf8String            UTF8String (SIZE (1..ub-common-name)),
- *        bmpString             BMPString (SIZE(1..ub-common-name))   }
- * 
- */
-
-struct NSSPKIXX520CommonNameStr;
-typedef struct NSSPKIXX520CommonNameStr NSSPKIXX520CommonName;
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520LocalityName ::= CHOICE {
- *        teletexString       TeletexString (SIZE (1..ub-locality-name)),
- *        printableString     PrintableString (SIZE (1..ub-locality-name)),
- *        universalString     UniversalString (SIZE (1..ub-locality-name)),
- *        utf8String          UTF8String (SIZE (1..ub-locality-name)),
- *        bmpString           BMPString (SIZE(1..ub-locality-name))   }
- * 
- */
-
-struct NSSPKIXX520LocalityNameStr;
-typedef struct NSSPKIXX520LocalityNameStr NSSPKIXX520LocalityName;
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520StateOrProvinceName         ::= CHOICE {
- *        teletexString       TeletexString (SIZE (1..ub-state-name)),
- *        printableString     PrintableString (SIZE (1..ub-state-name)),
- *        universalString     UniversalString (SIZE (1..ub-state-name)),
- *        utf8String          UTF8String (SIZE (1..ub-state-name)),
- *        bmpString           BMPString (SIZE(1..ub-state-name))   }
- *
- */
-
-struct NSSPKIXX520StateOrProvinceNameStr;
-typedef struct NSSPKIXX520StateOrProvinceNameStr NSSPKIXX520StateOrProvinceName;
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520OrganizationName ::= CHOICE {
- *    teletexString     TeletexString (SIZE (1..ub-organization-name)),
- *    printableString   PrintableString (SIZE (1..ub-organization-name)),
- *    universalString   UniversalString (SIZE (1..ub-organization-name)),
- *    utf8String        UTF8String (SIZE (1..ub-organization-name)),
- *    bmpString         BMPString (SIZE(1..ub-organization-name))   }
- *
- */
-
-struct NSSPKIXX520OrganizationNameStr;
-typedef struct NSSPKIXX520OrganizationNameStr NSSPKIXX520OrganizationName;
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520OrganizationalUnitName ::= CHOICE {
- *   teletexString    TeletexString (SIZE (1..ub-organizational-unit-name)),
- *   printableString        PrintableString
- *                        (SIZE (1..ub-organizational-unit-name)),
- *   universalString        UniversalString
- *                        (SIZE (1..ub-organizational-unit-name)),
- *   utf8String       UTF8String (SIZE (1..ub-organizational-unit-name)),
- *   bmpString        BMPString (SIZE(1..ub-organizational-unit-name))   }
- *
- */
-
-struct NSSPKIXX520OrganizationalUnitNameStr;
-typedef struct NSSPKIXX520OrganizationalUnitNameStr NSSPKIXX520OrganizationalUnitName;
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520Title ::=   CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-title)),
- *        printableString       PrintableString (SIZE (1..ub-title)),
- *        universalString       UniversalString (SIZE (1..ub-title)),
- *        utf8String            UTF8String (SIZE (1..ub-title)),
- *        bmpString             BMPString (SIZE(1..ub-title))   }
- *
- */
-
-struct NSSPKIXX520TitleStr;
-typedef struct NSSPKIXX520TitleStr NSSPKIXX520Title;
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520dnQualifier ::=     PrintableString
- *
- */
-
-struct NSSPKIXX520dnQualifierStr;
-typedef struct NSSPKIXX520dnQualifierStr NSSPKIXX520dnQualifier;
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520countryName ::=     PrintableString (SIZE (2)) -- IS 3166 codes
- *
- */
-
-struct NSSPKIXX520countryNameStr;
-typedef struct NSSPKIXX520countryNameStr NSSPKIXX520countryName;
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- */
-
-struct NSSPKIXPkcs9emailStr;
-typedef struct NSSPKIXPkcs9emailStr NSSPKIXPkcs9email;
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- *  Name            ::=   CHOICE { -- only one possibility for now --
- *                                   rdnSequence  RDNSequence }
- *
- */
-
-struct NSSPKIXNameStr;
-typedef struct NSSPKIXNameStr NSSPKIXName;
-
-/*
- * NameChoice
- *
- * This enumeration is used to specify choice within a name.
- */
-
-enum NSSPKIXNameChoiceEnum {
-  NSSPKIXNameChoice_NSSinvalid = -1,
-  NSSPKIXNameChoice_rdnSequence
-};
-typedef enum NSSPKIXNameChoiceEnum NSSPKIXNameChoice;
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- *  RDNSequence     ::=   SEQUENCE OF RelativeDistinguishedName
- *
- */
-
-struct NSSPKIXRDNSequenceStr;
-typedef struct NSSPKIXRDNSequenceStr NSSPKIXRDNSequence;
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistinguishedName       ::=   RDNSequence
- *
- */
-
-typedef NSSPKIXRDNSequence NSSPKIXDistinguishedName;
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue 
- * objects.  RDNs are used to distinguish a set of objects underneath 
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN.  However, sometimes a set of ATAVs is
- * needed.  For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- *  RelativeDistinguishedName  ::=
- *                      SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- */
-
-struct NSSPKIXRelativeDistinguishedNameStr;
-typedef struct NSSPKIXRelativeDistinguishedNameStr NSSPKIXRelativeDistinguishedName;
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DirectoryString ::= CHOICE {
- *        teletexString             TeletexString (SIZE (1..MAX)),
- *        printableString           PrintableString (SIZE (1..MAX)),
- *        universalString           UniversalString (SIZE (1..MAX)),
- *        utf8String              UTF8String (SIZE (1..MAX)),
- *        bmpString               BMPString (SIZE(1..MAX))   }
- *
- */
-
-struct NSSPKIXDirectoryStringStr;
-typedef struct NSSPKIXDirectoryStringStr NSSPKIXDirectoryString;
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Certificate  ::=  SEQUENCE  {
- *       tbsCertificate       TBSCertificate,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- */
-
-struct NSSPKIXCertificateStr;
-typedef struct NSSPKIXCertificateStr NSSPKIXCertificate;
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertificate  ::=  SEQUENCE  {
- *       version         [0]  Version DEFAULT v1,
- *       serialNumber         CertificateSerialNumber,
- *       signature            AlgorithmIdentifier,
- *       issuer               Name,
- *       validity             Validity,
- *       subject              Name,
- *       subjectPublicKeyInfo SubjectPublicKeyInfo,
- *       issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       extensions      [3]  Extensions OPTIONAL
- *                            -- If present, version shall be v3 --  }
- *
- */
-
-struct NSSPKIXTBSCertificateStr;
-typedef struct NSSPKIXTBSCertificateStr NSSPKIXTBSCertificate;
-
-/*
- * Version
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
- *
- */
-
-enum NSSPKIXVersionEnum {
-  NSSPKIXVersion_NSSinvalid = -1,
-  NSSPKIXVersion_v1 = 0,
-  NSSPKIXVersion_v2 = 1,
-  NSSPKIXVersion_v3 = 2
-};
-typedef enum NSSPKIXVersionEnum NSSPKIXVersion;
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateSerialNumber  ::=  INTEGER
- *
- */
-
-typedef NSSBER NSSPKIXCertificateSerialNumber;
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Validity ::= SEQUENCE {
- *       notBefore      Time,
- *       notAfter       Time }
- *
- */
-
-struct NSSPKIXValidityStr;
-typedef struct NSSPKIXValidityStr NSSPKIXValidity;
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Time ::= CHOICE {
- *       utcTime        UTCTime,
- *       generalTime    GeneralizedTime }
- *
- */
-
-struct NSSPKIXTimeStr;
-typedef struct NSSPKIXTimeStr NSSPKIXTime;
-
-/*
- * UniqueIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UniqueIdentifier  ::=  BIT STRING
- *
- */
-
-typedef NSSBitString NSSPKIXUniqueIdentifier;
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *       algorithm            AlgorithmIdentifier,
- *       subjectPublicKey     BIT STRING  }
- *
- */
-
-struct NSSPKIXSubjectPublicKeyInfoStr;
-typedef NSSPKIXSubjectPublicKeyInfoStr NSSPKIXSubjectPublicKeyInfo;
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-struct NSSPKIXExtensionsStr;
-typedef struct NSSPKIXExtensionsStr NSSPKIXExtensions;
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extension  ::=  SEQUENCE  {
- *       extnID      OBJECT IDENTIFIER,
- *       critical    BOOLEAN DEFAULT FALSE,
- *       extnValue   OCTET STRING  }
- *
- */
-
-struct NSSPKIXExtensionStr;
-typedef struct NSSPKIXExtensionStr NSSPKIXExtension;
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateList  ::=  SEQUENCE  {
- *       tbsCertList          TBSCertList,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- */
-
-struct NSSPKIXCertificateListStr;
-typedef struct NSSPKIXCertificateListStr NSSPKIXCertificateList;
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertList  ::=  SEQUENCE  {
- *       version                 Version OPTIONAL,
- *                                    -- if present, shall be v2
- *       signature               AlgorithmIdentifier,
- *       issuer                  Name,
- *       thisUpdate              Time,
- *       nextUpdate              Time OPTIONAL,
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *       crlExtensions           [0] Extensions OPTIONAL
- *                                           -- if present, shall be v2 -- }
- *
- */
-
-struct NSSPKIXTBSCertListStr;
-typedef struct NSSPKIXTBSCertListStr NSSPKIXTBSCertList;
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificatesStr;
-typedef struct NSSPKIXrevokedCertificatesStr NSSPKIXrevokedCertificates;
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *                                           SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificateStr;
-typedef struct NSSPKIXrevokedCertificateStr NSSPKIXrevokedCertificate;
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- *  AlgorithmIdentifier  ::=  SEQUENCE  {
- *       algorithm               OBJECT IDENTIFIER,
- *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
- *                                  -- contains a value of the type
- *                                  -- registered for use with the
- *                                  -- algorithm object identifier value
- *
- *
- */
-
-struct NSSPKIXAlgorithmIdentifierStr;
-typedef NSSPKIXAlgorithmIdentifierStr NSSPKIXAlgorithmIdentifier;
-
-/*
- * -- types related to NSSPKIXAlgorithmIdentifiers:
- *
- *  Dss-Sig-Value  ::=  SEQUENCE  {
- *       r       INTEGER,
- *       s       INTEGER  }
- *  
- *  DomainParameters ::= SEQUENCE {
- *       p       INTEGER, -- odd prime, p=jq +1
- *       g       INTEGER, -- generator, g
- *       q       INTEGER, -- factor of p-1
- *       j       INTEGER OPTIONAL, -- subgroup factor, j>= 2
- *       validationParms  ValidationParms OPTIONAL }
- *  
- *  ValidationParms ::= SEQUENCE {
- *       seed             BIT STRING,
- *       pgenCounter      INTEGER }
- *  
- *  Dss-Parms  ::=  SEQUENCE  {
- *       p             INTEGER,
- *       q             INTEGER,
- *       g             INTEGER  }
- *
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ORAddress ::= SEQUENCE {
- *     built-in-standard-attributes BuiltInStandardAttributes,
- *     built-in-domain-defined-attributes
- *                          BuiltInDomainDefinedAttributes OPTIONAL,
- *     -- see also teletex-domain-defined-attributes
- *     extension-attributes ExtensionAttributes OPTIONAL }
- *  --      The OR-address is semantically absent from the OR-name if the
- *  --      built-in-standard-attribute sequence is empty and the
- *  --      built-in-domain-defined-attributes and extension-attributes are
- *  --      both omitted.
- *
- */
-
-struct NSSPKIXORAddressStr;
-typedef struct NSSPKIXORAddressStr NSSPKIXORAddress;
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInStandardAttributes ::= SEQUENCE {
- *     country-name CountryName OPTIONAL,
- *     administration-domain-name AdministrationDomainName OPTIONAL,
- *     network-address      [0] NetworkAddress OPTIONAL,
- *     -- see also extended-network-address
- *     terminal-identifier  [1] TerminalIdentifier OPTIONAL,
- *     private-domain-name  [2] PrivateDomainName OPTIONAL,
- *     organization-name    [3] OrganizationName OPTIONAL,
- *     -- see also teletex-organization-name
- *     numeric-user-identifier      [4] NumericUserIdentifier OPTIONAL,
- *     personal-name        [5] PersonalName OPTIONAL,
- *     -- see also teletex-personal-name
- *     organizational-unit-names    [6] OrganizationalUnitNames OPTIONAL
- *     -- see also teletex-organizational-unit-names -- }
- *
- */
-
-struct NSSPKIXBuiltInStandardAttributesStr;
-typedef struct NSSPKIXBuiltInStandardAttributesStr NSSPKIXBuiltInStandardAttributes;
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CountryName ::= [APPLICATION 1] CHOICE {
- *     x121-dcc-code NumericString
- *                  (SIZE (ub-country-name-numeric-length)),
- *     iso-3166-alpha2-code PrintableString
- *                  (SIZE (ub-country-name-alpha-length)) }
- *
- */
-
-struct NSSPKIXCountryNameStr;
-typedef struct NSSPKIXCountryNameStr NSSPKIXCountryName;
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- *     numeric NumericString (SIZE (0..ub-domain-name-length)),
- *     printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- */
-
-struct NSSPKIXAdministrationDomainNameStr;
-typedef struct NSSPKIXAdministrationDomainNameStr NSSPKIXAdministrationDomainName;
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- */
-
-struct NSSPKIXX121AddressStr;
-typedef struct NSSPKIXX121AddressStr NSSPKIXX121Address;
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NetworkAddress ::= X121Address  -- see also extended-network-address
- *
- */
-
-struct NSSPKIXNetworkAddressStr;
-typedef struct NSSPKIXNetworkAddressStr NSSPKIXNetworkAddress;
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- */
-
-struct NSSPKIXTerminalIdentifierStr;
-typedef struct NSSPKIXTerminalIdentifierStr NSSPKIXTerminalIdentifier;
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments -- 
- *
- *  PrivateDomainName ::= CHOICE {
- *     numeric NumericString (SIZE (1..ub-domain-name-length)),
- *     printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- */
-
-struct NSSPKIXPrivateDomainNameStr;
-typedef struct NSSPKIXPrivateDomainNameStr NSSPKIXPrivateDomainName;
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- *  OrganizationName ::= PrintableString
- *                              (SIZE (1..ub-organization-name-length))
- * 
- */
-
-struct NSSPKIXOrganizationNameStr;
-typedef struct NSSPKIXOrganizationNameStr NSSPKIXOrganizationName;
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NumericUserIdentifier ::= NumericString
- *                              (SIZE (1..ub-numeric-user-id-length))
- * 
- */
-
-struct NSSPKIXNumericUserIdentifierStr;
-typedef struct NSSPKIXNumericUserIdentifierStr NSSPKIXNumericUserIdentifier;
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PersonalName ::= SET {
- *     surname [0] PrintableString (SIZE (1..ub-surname-length)),
- *     given-name [1] PrintableString
- *                          (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] PrintableString
- *                  (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPersonalNameStr;
-typedef NSSPKIXPersonalNameStr NSSPKIXPersonalName;
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- *                                          OF OrganizationalUnitName
- * 
- */
-
-struct NSSPKIXOrganizationalUnitNamesStr;
-typedef NSSPKIXOrganizationalUnitNamesStr NSSPKIXOrganizationalUnitNames;
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitName ::= PrintableString (SIZE
- *                          (1..ub-organizational-unit-name-length))
- *
- */
-
-struct NSSPKIXOrganizationalUnitNameStr;
-typedef struct NSSPKIXOrganizationalUnitNameStr NSSPKIXOrganizationalUnitName;
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- *                                  (1..ub-domain-defined-attributes) OF
- *                                  BuiltInDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributesStr;
-typedef struct NSSPKIXBuiltInDomainDefinedAttributesStr NSSPKIXBuiltInDomainDefinedAttributes;
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttribute ::= SEQUENCE {
- *     type PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-type-length)),
- *     value PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-value-length))}
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributeStr;
-typedef struct NSSPKIXBuiltInDomainDefinedAttributeStr NSSPKIXBuiltInDomainDefinedAttribute;
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- *                          ExtensionAttribute
- *
- */
-
-struct NSSPKIXExtensionAttributesStr;
-typedef struct NSSPKIXExtensionAttributesStr NSSPKIXExtensionAttributes;
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttribute ::=  SEQUENCE {
- *     extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- *     extension-attribute-value [1]
- *                          ANY DEFINED BY extension-attribute-type }
- *
- */
-
-struct NSSPKIXExtensionAttributeStr;
-typedef struct NSSPKIXExtensionAttributeStr NSSPKIXExtensionAttribute;
-
-/*
- * ExtensionAttributeType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  common-name INTEGER ::= 1
- *  teletex-common-name INTEGER ::= 2
- *  teletex-organization-name INTEGER ::= 3
- *  teletex-personal-name INTEGER ::= 4
- *  teletex-organizational-unit-names INTEGER ::= 5
- *  teletex-domain-defined-attributes INTEGER ::= 6
- *  pds-name INTEGER ::= 7
- *  physical-delivery-country-name INTEGER ::= 8
- *  postal-code INTEGER ::= 9
- *  physical-delivery-office-name INTEGER ::= 10
- *  physical-delivery-office-number INTEGER ::= 11
- *  extension-OR-address-components INTEGER ::= 12
- *  physical-delivery-personal-name INTEGER ::= 13
- *  physical-delivery-organization-name INTEGER ::= 14
- *  extension-physical-delivery-address-components INTEGER ::= 15
- *  unformatted-postal-address INTEGER ::= 16
- *  street-address INTEGER ::= 17
- *  post-office-box-address INTEGER ::= 18
- *  poste-restante-address INTEGER ::= 19
- *  unique-postal-name INTEGER ::= 20
- *  local-postal-attributes INTEGER ::= 21
- *  extended-network-address INTEGER ::= 22
- *  terminal-type  INTEGER ::= 23
- *
- */
-
-enum NSSPKIXExtensionAttributeTypeEnum {
-  NSSPKIXExtensionAttributeType_NSSinvalid = -1,
-  NSSPKIXExtensionAttributeType_CommonName = 1,
-  NSSPKIXExtensionAttributeType_TeletexCommonName = 2,
-  NSSPKIXExtensionAttributeType_TeletexOrganizationName = 3,
-  NSSPKIXExtensionAttributeType_TeletexPersonalName = 4,
-  NSSPKIXExtensionAttributeType_TeletexOrganizationalUnitNames = 5,
-  NSSPKIXExtensionAttributeType_TeletexDomainDefinedAttributes = 6,
-  NSSPKIXExtensionAttributeType_PdsName = 7,
-  NSSPKIXExtensionAttributeType_PhysicalDeliveryCountryName = 8,
-  NSSPKIXExtensionAttributeType_PostalCode = 9,
-  NSSPKIXExtensionAttributeType_PhysicalDeliveryOfficeName = 10,
-  NSSPKIXExtensionAttributeType_PhysicalDeliveryOfficeNumber = 11,
-  NSSPKIXExtensionAttributeType_ExtensionOrAddressComponents = 12,
-  NSSPKIXExtensionAttributeType_PhysicalDeliveryPersonalName = 13,
-  NSSPKIXExtensionAttributeType_PhysicalDeliveryOrganizationName = 14,
-  NSSPKIXExtensionAttributeType_ExtensionPhysicalDeliveryAddressComponents = 15,
-  NSSPKIXExtensionAttributeType_UnformattedPostalAddress = 16,
-  NSSPKIXExtensionAttributeType_StreetAddress = 17,
-  NSSPKIXExtensionAttributeType_PostOfficeBoxAddress = 18,
-  NSSPKIXExtensionAttributeType_PosteRestanteAddress = 19,
-  NSSPKIXExtensionAttributeType_UniquePostalName = 20,
-  NSSPKIXExtensionAttributeType_LocalPostalAttributes = 21,
-  NSSPKIXExtensionAttributeType_ExtendedNetworkAddress = 22,
-  NSSPKIXExtensionAttributeType_TerminalType = 23
-};
-typedef enum NSSPKIXExtensionAttributeTypeEnum NSSPKIXExtensionAttributeType;
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- */
-
-struct NSSPKIXCommonNameStr;
-typedef struct NSSPKIXCommonNameStr NSSPKIXCommonName;
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- */
-
-struct NSSPKIXTeletexCommonNameStr;
-typedef struct NSSPKIXTeletexCommonNameStr NSSPKIXTeletexCommonName;
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationName ::=
- *                  TeletexString (SIZE (1..ub-organization-name-length))
- *
- */
-
-struct NSSPKIXTeletexOrganizationNameStr;
-typedef struct NSSPKIXTeletexOrganizationNameStr NSSPKIXTeletexOrganizationName;
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexPersonalName ::= SET {
- *     surname [0] TeletexString (SIZE (1..ub-surname-length)),
- *     given-name [1] TeletexString
- *                  (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] TeletexString (SIZE
- *                  (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXTeletexPersonalNameStr;
-typedef struct NSSPKIXTeletexPersonalNameStr NSSPKIXTeletexPersonalName;
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- *          (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNamesStr;
-typedef struct NSSPKIXTeletexOrganizationalUnitNamesStr NSSPKIXTeletexOrganizationalUnitNames;
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitName ::= TeletexString
- *                          (SIZE (1..ub-organizational-unit-name-length))
- *  
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNameStr;
-typedef struct NSSPKIXTeletexOrganizationalUnitNameStr NSSPKIXTeletexOrganizationalUnitName;
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- */
-
-struct NSSPKIXPDSNameStr;
-typedef struct NSSPKIXPDSNameStr NSSPKIXPDSName;
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryCountryName ::= CHOICE {
- *     x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- *     iso-3166-alpha2-code PrintableString
- *                          (SIZE (ub-country-name-alpha-length)) }
- *
- */
-
-struct NSSPKIXPhysicalDeliveryCountryNameStr;
-typedef struct NSSPKIXPhysicalDeliveryCountryNameStr NSSPKIXPhysicalDeliveryCountryName;
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PostalCode ::= CHOICE {
- *     numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- *     printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- */
-
-struct NSSPKIXPostalCodeStr;
-typedef struct NSSPKIXPostalCodeStr NSSPKIXPostalCode;
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSParameter ::= SET {
- *     printable-string PrintableString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPDSParameterStr;
-typedef struct NSSPKIXPDSParameterStr NSSPKIXPDSParameter;
-
-/*
- * PhysicalDeliveryOfficeName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryOfficeName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOfficeName;
-
-/*
- * PhysicalDeliveryOfficeNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryOfficeNumber ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOfficeNumber;
-
-/*
- * ExtensionORAddressComponents
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionORAddressComponents ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXExtensionORAddressComponents;
-
-/*
- * PhysicalDeliveryPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryPersonalName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryPersonalName;
-
-/*
- * PhysicalDeliveryOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryOrganizationName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOrganizationName;
-
-/*
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXExtensionPhysicalDeliveryAddressComponents;
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UnformattedPostalAddress ::= SET {
- *     printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- *             PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *           (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXUnformattedPostalAddressStr;
-typedef struct NSSPKIXUnformattedPostalAddressStr NSSPKIXUnformattedPostalAddress;
-
-/*
- * StreetAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  StreetAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXStreetAddress;
-
-/*
- * PostOfficeBoxAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PostOfficeBoxAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPostOfficeBoxAddress;
-
-/*
- * PosteRestanteAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PosteRestanteAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPosteRestanteAddress;
-
-/*
- * UniquePostalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UniquePostalName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXUniquePostalName;
-
-/*
- * LocalPostalAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  LocalPostalAttributes ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXLocalPostalAttributes;
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtendedNetworkAddress ::= CHOICE {
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *     psap-address [0] PresentationAddress }
- *
- */
-
-struct NSSPKIXExtendedNetworkAddressStr;
-typedef struct NSSPKIXExtendedNetworkAddressStr NSSPKIXExtendedNetworkAddress;
-
-/*
- * NSSPKIXExtendedNetworkAddressChoice
- *
- * Helper enumeration for ExtendedNetworkAddress
- * -- fgmr comments --
- *
- */
-
-enum NSSPKIXExtendedNetworkAddressEnum {
-  NSSPKIXExtendedNetworkAddress_NSSinvalid = -1,
-  NSSPKIXExtendedNetworkAddress_e1634Address,
-  NSSPKIXExtendedNetworkAddress_psapAddress
-};
-typedef enum NSSPKIXExtendedNetworkAddressEnum NSSPKIXExtendedNetworkAddressChoice;
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- * 
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * 
- */
-
-struct NSSe1634addressStr;
-typedef struct NSSe1634addressStr NSSe1634address;
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PresentationAddress ::= SEQUENCE {
- *          pSelector       [0] EXPLICIT OCTET STRING OPTIONAL,
- *          sSelector       [1] EXPLICIT OCTET STRING OPTIONAL,
- *          tSelector       [2] EXPLICIT OCTET STRING OPTIONAL,
- *          nAddresses      [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- */
-
-struct NSSPKIXPresentationAddressStr;
-typedef struct NSSPKIXPresentationAddressStr NSSPKIXPresentationAddress;
-
-/*
- * TerminalType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TerminalType ::= INTEGER {
- *     telex (3),
- *     teletex (4),
- *     g3-facsimile (5),
- *     g4-facsimile (6),
- *     ia5-terminal (7),
- *     videotex (8) } (0..ub-integer-options)
- *
- */
-
-enum NSSPKIXTerminalTypeEnum {
-  NSSPKIXTerminalType_NSSinvalid = -1,
-  NSSPKIXTerminalType_telex = 3,
-  NSSPKIXTerminalType_teletex = 4,
-  NSSPKIXTerminalType_g3Facsimile = 5,
-  NSSPKIXTerminalType_g4Facsimile = 6,
-  NSSPKIXTerminalType_iA5Terminal = 7,
-  NSSPKIXTerminalType_videotex = 8
-};
-typedef enum NSSPKIXTerminalTypeEnum NSSPKIXTerminalType;
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- *     (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- * 
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributesStr;
-typedef struct NSSPKIXTeletexDomainDefinedAttributesStr NSSPKIXTeletexDomainDefinedAttributes;
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttribute ::= SEQUENCE {
- *          type TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-type-length)),
- *          value TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-value-length)) }
- * 
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributeStr;
-typedef struct NSSPKIXTeletexDomainDefinedAttributeStr NSSPKIXTeletexDomainDefinedAttribute;
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityKeyIdentifier ::= SEQUENCE {
- *        keyIdentifier             [0] KeyIdentifier            OPTIONAL,
- *        authorityCertIssuer       [1] GeneralNames             OPTIONAL,
- *        authorityCertSerialNumber [2] CertificateSerialNumber  OPTIONAL }
- *      -- authorityCertIssuer and authorityCertSerialNumber shall both
- *      -- be present or both be absent
- *
- */
-
-struct NSSPKIXAuthorityKeyIdentifierStr;
-typedef struct NSSPKIXAuthorityKeyIdentifierStr NSSPKIXAuthorityKeyIdentifier;
-
-/*
- * KeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  KeyIdentifier ::= OCTET STRING
- *
- */
-
-typedef NSSItem NSSPKIXKeyIdentifier;
-
-/*
- * SubjectKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectKeyIdentifier ::= KeyIdentifier
- *
- */
-
-typedef NSSPKIXKeyIdentifier NSSPKIXSubjectKeyIdentifier;
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  KeyUsage ::= BIT STRING {
- *       digitalSignature        (0),
- *       nonRepudiation          (1),
- *       keyEncipherment         (2),
- *       dataEncipherment        (3),
- *       keyAgreement            (4),
- *       keyCertSign             (5),
- *       cRLSign                 (6),
- *       encipherOnly            (7),
- *       decipherOnly            (8) }
- *
- */
-
-struct NSSPKIXKeyUsageStr;
-typedef struct NSSPKIXKeyUsageStr NSSPKIXKeyUsage;
-
-/*
- * KeyUsageValue
- *
- * -- helper for testing many key usages at once
- *
- */
-
-enum NSSPKIXKeyUsageValueEnum {
-  NSSPKIXKeyUsage_NSSinvalid = 0,
-  NSSPKIXKeyUsage_DigitalSignature = 0x001,
-  NSSPKIXKeyUsage_NonRepudiation   = 0x002,
-  NSSPKIXKeyUsage_KeyEncipherment  = 0x004,
-  NSSPKIXKeyUsage_DataEncipherment = 0x008,
-  NSSPKIXKeyUsage_KeyAgreement     = 0x010,
-  NSSPKIXKeyUsage_KeyCertSign      = 0x020,
-  NSSPKIXKeyUsage_CRLSign          = 0x040,
-  NSSPKIXKeyUsage_EncipherOnly     = 0x080,
-  NSSPKIXKeyUsage_DecipherOnly     = 0x100
-};
-typedef enum NSSPKIXKeyUsageValueEnum NSSPKIXKeyUsageValue;
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PrivateKeyUsagePeriod ::= SEQUENCE {
- *       notBefore       [0]     GeneralizedTime OPTIONAL,
- *       notAfter        [1]     GeneralizedTime OPTIONAL }
- *       -- either notBefore or notAfter shall be present
- *
- */
-
-struct NSSPKIXPrivateKeyUsagePeriodStr;
-typedef struct NSSPKIXPrivateKeyUsagePeriodStr NSSPKIXPrivateKeyUsagePeriod;
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- */
-
-struct NSSPKIXCertificatePoliciesStr;
-typedef struct NSSPKIXCertificatePoliciesStr NSSPKIXCertificatePolicies;
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyInformation ::= SEQUENCE {
- *       policyIdentifier   CertPolicyId,
- *       policyQualifiers   SEQUENCE SIZE (1..MAX) OF
- *               PolicyQualifierInfo OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyInformationStr;
-typedef struct NSSPKIXPolicyInformationStr NSSPKIXPolicyInformation;
-
-/*
- * CertPolicyId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertPolicyId ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXCertPolicyId;
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyQualifierInfo ::= SEQUENCE {
- *         policyQualifierId  PolicyQualifierId,
- *         qualifier        ANY DEFINED BY policyQualifierId }
- *
- */
-
-struct NSSPKIXPolicyQualifierInfoStr;
-typedef NSSPKIXPolicyQualifierInfoStr NSSPKIXPolicyQualifierInfo;
-
-/*
- * PolicyQualifierId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyQualifierId ::=
- *      OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
- *
- */
-
-typedef NSSOID NSSPKIXPolicyQualifierId;
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CPSuri ::= IA5String
- *
- */
-
-struct NSSPKIXCPSuriStr;
-typedef struct NSSPKIXCPSuriStr NSSPKIXCPSuri;
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UserNotice ::= SEQUENCE {
- *       noticeRef        NoticeReference OPTIONAL,
- *       explicitText     DisplayText OPTIONAL}
- *
- */
-
-struct NSSPKIXUserNoticeStr;
-typedef struct NSSPKIXUserNoticeStr NSSPKIXUserNotice;
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NoticeReference ::= SEQUENCE {
- *       organization     DisplayText,
- *       noticeNumbers    SEQUENCE OF INTEGER }
- *
- */
-
-struct NSSPKIXNoticeReferenceStr;
-typedef struct NSSPKIXNoticeReferenceStr NSSPKIXNoticeReference;
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DisplayText ::= CHOICE {
- *       visibleString    VisibleString  (SIZE (1..200)),
- *       bmpString        BMPString      (SIZE (1..200)),
- *       utf8String       UTF8String     (SIZE (1..200)) }
- * 
- */
-
-struct NSSPKIXDisplayTextStr;
-typedef struct NSSPKIXDisplayTextStr NSSPKIXDisplayText;
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- */
-
-struct NSSPKIXPolicyMappingsStr;
-typedef struct NSSPKIXPolicyMappingsStr NSSPKIXPolicyMappings;
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- *                                               SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- */
-
-struct NSSPKIXpolicyMappingStr;
-typedef struct NSSPKIXpolicyMappingStr NSSPKIXpolicyMapping;
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- *  GeneralName ::= CHOICE {
- *       otherName                       [0]     AnotherName,
- *       rfc822Name                      [1]     IA5String,
- *       dNSName                         [2]     IA5String,
- *       x400Address                     [3]     ORAddress,
- *       directoryName                   [4]     Name,
- *       ediPartyName                    [5]     EDIPartyName,
- *       uniformResourceIdentifier       [6]     IA5String,
- *       iPAddress                       [7]     OCTET STRING,
- *       registeredID                    [8]     OBJECT IDENTIFIER }
- *
- */
-
-struct NSSPKIXGeneralNameStr;
-typedef struct NSSPKIXGeneralNameStr NSSPKIXGeneralName;
-
-/*
- * GeneralNameChoice
- *
- * This enumerates the possible general name types.
- */
-
-enum NSSPKIXGeneralNameChoiceEnum {
-  NSSPKIXGeneralNameChoice_NSSinvalid = -1,
-  NSSPKIXGeneralNameChoice_otherName = 0,
-  NSSPKIXGeneralNameChoice_rfc822Name = 1,
-  NSSPKIXGeneralNameChoice_dNSName = 2,
-  NSSPKIXGeneralNameChoice_x400Address = 3,
-  NSSPKIXGeneralNameChoice_directoryName = 4,
-  NSSPKIXGeneralNameChoice_ediPartyName = 5,
-  NSSPKIXGeneralNameChoice_uniformResourceIdentifier = 6,
-  NSSPKIXGeneralNameChoice_iPAddress = 7,
-  NSSPKIXGeneralNameChoice_registeredID = 8
-};
-typedef enum NSSPKIXGeneralNameChoiceEnum NSSPKIXGeneralNameChoice;
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- *  GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- */
-
-struct NSSPKIXGeneralNamesStr;
-typedef struct NSSPKIXGeneralNamesStr NSSPKIXGeneralNames;
-
-/*
- * SubjectAltName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectAltName ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXSubjectAltName;
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AnotherName ::= SEQUENCE {
- *       type-id    OBJECT IDENTIFIER,
- *       value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */
-
-struct NSSPKIXAnotherNameStr;
-typedef struct NSSPKIXAnotherNameStr NSSPKIXAnotherName;
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- *  EDIPartyName ::= SEQUENCE {
- *       nameAssigner            [0]     DirectoryString OPTIONAL,
- *       partyName               [1]     DirectoryString }
- *
- */
-
-struct NSSPKIXEDIPartyNameStr;
-typedef struct NSSPKIXEDIPartyNameStr NSSPKIXEDIPartyName;
-
-/*
- * IssuerAltName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  IssuerAltName ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXIssuerAltName;
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- */
-
-struct NSSPKIXSubjectDirectoryAttributesStr;
-typedef struct NSSPKIXSubjectDirectoryAttributesStr NSSPKIXSubjectDirectoryAttributes;
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BasicConstraints ::= SEQUENCE {
- *       cA                      BOOLEAN DEFAULT FALSE,
- *       pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
- *
- */
-
-struct NSSPKIXBasicConstraintsStr;
-typedef struct NSSPKIXBasicConstraintsStr NSSPKIXBasicConstraints;
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NameConstraints ::= SEQUENCE {
- *       permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
- *       excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
- *
- */
-
-struct NSSPKIXNameConstraintsStr;
-typedef struct NSSPKIXNameConstraintsStr NSSPKIXNameConstraints;
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- */
-
-struct NSSPKIXGeneralSubtreesStr;
-typedef struct NSSPKIXGeneralSubtreesStr NSSPKIXGeneralSubtrees;
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtree ::= SEQUENCE {
- *       base                    GeneralName,
- *       minimum         [0]     BaseDistance DEFAULT 0,
- *       maximum         [1]     BaseDistance OPTIONAL }
- *
- */
-
-struct NSSPKIXGeneralSubtreeStr;
-typedef struct NSSPKIXGeneralSubtreeStr NSSPKIXGeneralSubtree;
-
-/*
- * BaseDistance
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BaseDistance ::= INTEGER (0..MAX)
- *
- */
-
-typedef PRInt32 NSSPKIXBaseDistance;
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyConstraints ::= SEQUENCE {
- *       requireExplicitPolicy           [0] SkipCerts OPTIONAL,
- *       inhibitPolicyMapping            [1] SkipCerts OPTIONAL }
- * 
- */
-
-struct NSSPKIXPolicyConstraintsStr;
-typedef NSSPKIXPolicyConstraintsStr NSSPKIXPolicyConstraints;
-
-/*
- * SkipCerts
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SkipCerts ::= INTEGER (0..MAX)
- *
- */
-
-typedef NSSItem NSSPKIXSkipCerts;
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- */
-
-struct NSSPKIXCRLDistPointsSyntaxStr;
-typedef struct NSSPKIXCRLDistPointsSyntaxStr NSSPKIXCRLDistPointsSyntax;
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0]     DistributionPointName OPTIONAL,
- *       reasons                 [1]     ReasonFlags OPTIONAL,
- *       cRLIssuer               [2]     GeneralNames OPTIONAL }
- *
- */
-
-struct NSSPKIXDistributionPointStr;
-typedef struct NSSPKIXDistributionPointStr NSSPKIXDistributionPoint;
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPointName ::= CHOICE {
- *       fullName                [0]     GeneralNames,
- *       nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- *
- */
-
-struct NSSPKIXDistributionPointNameStr;
-typedef struct NSSPKIXDistributionPointNameStr NSSPKIXDistributionPointName;
-
-/*
- * DistributionPointNameChoice
- *
- * -- fgmr comments --
- *
- */
-
-enum NSSPKIXDistributionPointNameChoiceEnum {
-  NSSDistributionPointNameChoice_NSSinvalid = -1,
-  NSSDistributionPointNameChoice_FullName = 0,
-  NSSDistributionPointNameChoice_NameRelativeToCRLIssuer = 1
-};
-typedef enum NSSPKIXDistributionPointNameChoiceEnum NSSPKIXDistributionPointNameChoice;
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ReasonFlags ::= BIT STRING {
- *       unused                  (0),
- *       keyCompromise           (1),
- *       cACompromise            (2),
- *       affiliationChanged      (3),
- *       superseded              (4),
- *       cessationOfOperation    (5),
- *       certificateHold         (6) }
- *
- */
-
-struct NSSPKIXReasonFlagsStr;
-typedef struct NSSPKIXReasonFlagsStr NSSPKIXReasonFlags;
-
-/*
- * ReasonFlagsMask
- *
- * -- fgmr comments --
- *
- */
-
-typedef PRInt32 NSSPKIXReasonFlagsMask;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_NSSinvalid          =  -1;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_KeyCompromise       =  0x02;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CACompromise        =  0x04;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_AffiliationChanged  =  0x08;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_Superseded          =  0x10;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CessationOfOperation=  0x20;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CertificateHold     =  0x40;
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- */
-
-struct NSSPKIXExtKeyUsageSyntaxStr;
-typedef struct NSSPKIXExtKeyUsageSyntaxStr NSSPKIXExtKeyUsageSyntax;
-
-/*
- * KeyPurposeId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  KeyPurposeId ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXKeyPurposeId;
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityInfoAccessSyntax  ::=
- *          SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- */
-
-struct NSSPKIXAuthorityInfoAccessSyntaxStr;
-typedef struct NSSPKIXAuthorityInfoAccessSyntaxStr NSSPKIXAuthorityInfoAccessSyntax;
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AccessDescription  ::=  SEQUENCE {
- *          accessMethod          OBJECT IDENTIFIER,
- *          accessLocation        GeneralName  }
- *
- */
-
-struct NSSPKIXAccessDescriptionStr;
-typedef struct NSSPKIXAccessDescriptionStr NSSPKIXAccessDescription;
-
-/*
- * CRLNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CRLNumber ::= INTEGER (0..MAX)
- *
- */
-
-typedef NSSItem NSSPKIXCRLNumber;
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  IssuingDistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0] DistributionPointName OPTIONAL,
- *       onlyContainsUserCerts   [1] BOOLEAN DEFAULT FALSE,
- *       onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
- *       onlySomeReasons         [3] ReasonFlags OPTIONAL,
- *       indirectCRL             [4] BOOLEAN DEFAULT FALSE }
- *
- */
-
-struct NSSPKIXIssuingDistributionPointStr;
-typedef struct NSSPKIXIssuingDistributionPointStr NSSPKIXIssuingDistributionPoint;
-
-/*
- * BaseCRLNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BaseCRLNumber ::= CRLNumber
- *
- */
-
-typedef NSSPKIXCRLNumber NSSPKIXBaseCRLNumber;
-
-/*
- * CRLReason
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CRLReason ::= ENUMERATED {
- *       unspecified             (0),
- *       keyCompromise           (1),
- *       cACompromise            (2),
- *       affiliationChanged      (3),
- *       superseded              (4),
- *       cessationOfOperation    (5),
- *       certificateHold         (6),
- *       removeFromCRL           (8) }
- * 
- */
-
-enum NSSPKIXCRLReasonEnum {
-  NSSPKIXCRLReasonEnum_NSSinvalid = -1,
-  NSSPKIXCRLReasonEnum_unspecified = 0,
-  NSSPKIXCRLReasonEnum_keyCompromise = 1,
-  NSSPKIXCRLReasonEnum_cACompromise = 2,
-  NSSPKIXCRLReasonEnum_affiliationChanged = 3,
-  NSSPKIXCRLReasonEnum_superseded = 4,
-  NSSPKIXCRLReasonEnum_cessationOfOperation = 5,
-  NSSPKIXCRLReasonEnum_certificateHold = 6,
-  NSSPKIXCRLReasonEnum_removeFromCRL = 8
-};
-typedef enum NSSPKIXCRLReasonEnum NSSPKIXCRLReason;
-
-/*
- * CertificateIssuer
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateIssuer ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXCertificateIssuer;
-
-/*
- * HoldInstructionCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  HoldInstructionCode ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXHoldInstructionCode;
-
-/*
- * InvalidityDate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  InvalidityDate ::=  GeneralizedTime
- *
- */
-
-typedef PRTime NSSPKIXInvalidityDate;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIXT_H */
diff --git a/security/nss/lib/pkix/include/pkix.h b/security/nss/lib/pkix/include/pkix.h
deleted file mode 100644
index 8ebe95595..000000000
--- a/security/nss/lib/pkix/include/pkix.h
+++ /dev/null
@@ -1,26086 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIX_H
-#define PKIX_H
-
-#ifdef DEBUG
-static const char PKIX_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkix.h
- *
- * This file contains the prototypes for the private methods defined
- * for the PKIX part-1 objects.
- */
-
-#ifndef NSSPKIX_H
-#include "nsspkix.h"
-#endif /* NSSPKIX_H */
-
-#ifndef PKIXT_H
-#include "pkixt.h"
-#endif /* PKIXT_H */
-
-#ifndef ASN1T_H
-#include "asn1t.h"
-#endif /* ASN1T_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Attribute       ::=     SEQUENCE {
- *          type            AttributeType,
- *          values  SET OF AttributeValue
- *                  -- at least one value is required -- }
- *
- * The private calls for the type:
- * 
- *  nssPKIXAttribute_Decode
- *  nssPKIXAttribute_Create
- *  nssPKIXAttribute_CreateFromArray
- *  nssPKIXAttribute_Destroy
- *  nssPKIXAttribute_Encode
- *  nssPKIXAttribute_GetType
- *  nssPKIXAttribute_SetType
- *  nssPKIXAttribute_GetValueCount
- *  nssPKIXAttribute_GetValues
- *  nssPKIXAttribute_SetValues
- *  nssPKIXAttribute_GetValue
- *  nssPKIXAttribute_SetValue
- *  nssPKIXAttribute_AddValue
- *  nssPKIXAttribute_RemoveValue
- *  nssPKIXAttribute_FindValue
- *  nssPKIXAttribute_Equal
- *  nssPKIXAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- *  nssPKIXAttribute_verifyPointer
- */
-
-/*
- * nssPKIXAttribute_template
- *
- *
- */
-
-extern const nssASN1Template nssPKIXAttribute_template[];
-
-/*
- * nssPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459.  This
- * routine may return NULL upon error, in which case it will
- * have created an error stack.  If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value1,
-  ...
-);
-
-/*
- * nssPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  PRUint32 count,
-  NSSPKIXAttributeValue values[]
-);
-
-/*
- * nssPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute.  It should be called on
- * all such objects created without an arena.  It does not need to be
- * called for objects created with an arena, but it may be.  This
- * routine returns a PRStatus value.  Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_Destroy
-(
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_Encode
- *
- * This routine returns the BER encoding of the specified 
- * NSSPKIXAttribute.  {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA) 
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttribute_Encode
-(
-  NSSPKIXAttribute *attribute,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-nssPKIXAttribute_GetType
-(
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value.  Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetType
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeType *attributeType
-);
-
-/*
- * nssPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute.  This routine returns a PRInt32.
- * Upon error, this routine returns -1.  This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAttribute_GetValueCount
-(
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute.  If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned.  If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSItem's upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified 
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue values[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute.  Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed.  {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_AddValue
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue *value
-); 
-
-/*
- * nssPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute.  An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_RemoveValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i
-);
-
-/*
- * nssPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data.  If an exact match is found,
- * then that value's index is returned.  If an exact match is not 
- * found, -1 is returned.  If there is more than one exact match, one
- * index will be returned.  {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAttribute_FindValue
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue *attributeValue
-);
-
-/*
- * nssPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAttribute_Equal
-(
-  NSSPKIXAttribute *one,
-  NSSPKIXAttribute *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute.  {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Duplicate
-(
-  NSSPKIXAttribute *attribute,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttribute
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_verifyPointer
-(
-  NSSPKIXAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID), 
- * and the type-specific value.  RelativeDistinguishedNames consist
- * of a set of these.  These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- *  AttributeTypeAndValue           ::=     SEQUENCE {
- *          type    AttributeType,
- *          value   AttributeValue }
- * 
- * The private calls for the type:
- *
- *  nssPKIXAttributeTypeAndValue_Decode
- *  nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *  nssPKIXAttributeTypeAndValue_Create
- *  nssPKIXAttributeTypeAndValue_Destroy
- *  nssPKIXAttributeTypeAndValue_Encode
- *  nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *  nssPKIXAttributeTypeAndValue_GetType
- *  nssPKIXAttributeTypeAndValue_SetType
- *  nssPKIXAttributeTypeAndValue_GetValue
- *  nssPKIXAttributeTypeAndValue_SetValue
- *  nssPKIXAttributeTypeAndValue_Equal
- *  nssPKIXAttributeTypeAndValue_Duplicate
- *
- * In debug builds, the following call is available:
- *
- *  nssPKIXAttributeTypeAndValue_verifyPointer
- */
-
-/*
- * nssPKIXAttributeTypeAndValue_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Create
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Destroy
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_Destroy
-(
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Encode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttributeTypeAndValue_Encode
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-nssPKIXAttributeTypeAndValue_GetType
-(
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_SetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetType
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeType *attributeType
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttributeTypeAndValue_GetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_SetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Equal
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAttributeTypeAndValue_Equal
-(
-  NSSPKIXAttributeTypeAndValue *atav1,
-  NSSPKIXAttributeTypeAndValue *atav2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Duplicate
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAttributeTypeAndValue_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttributeTypeAndValue
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE_TYPE_AND_VALUE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_verifyPointer
-(
-  NSSPKIXAttributeTypeAndValue *p
-);
-#endif /* DEBUG */
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520name        ::= CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-name)),
- *        printableString       PrintableString (SIZE (1..ub-name)),
- *        universalString       UniversalString (SIZE (1..ub-name)),
- *        utf8String            UTF8String (SIZE (1..ub-name)),
- *        bmpString             BMPString (SIZE(1..ub-name))   }
- *
- *
- *  ub-name INTEGER ::=     32768
- *
- * The private calls for this type:
- *
- *  nssPKIXX520Name_Decode
- *  nssPKIXX520Name_CreateFromUTF8
- *  nssPKIXX520Name_Create
- *  nssPKIXX520Name_Destroy
- *  nssPKIXX520Name_Encode
- *  nssPKIXX520Name_GetUTF8Encoding
- *  nssPKIXX520Name_Equal
- *  nssPKIXX520Name_Duplicate
- *
- * In debug builds, the following call is available:
- *
- *  nssPKIXX520Name_verifyPointer
- */
-
-/*
- * nssPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520Name_Create
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING_TYPE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Create
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  NSSItem *data
-);
-
-/*
- * nssPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Name_Destroy
-(
-  NSSPKIXX520Name *name
-);
-
-/*
- * nssPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Name_Encode
-(
-  NSSPKIXX520Name *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXX520Name_GetUTF8Encoding
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXX520Name_Equal
-(
-  NSSPKIXX520Name *name1,
-  NSSPKIXX520Name *name2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXX520Name_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Duplicate
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-
-/*
- * nssPKIXX520Name_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520Name
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXX520Name_verifyPointer
-(
-  NSSPKIXX520Name *p
-);
-
-#endif /* DEBUG */
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520CommonName  ::=      CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-common-name)),
- *        printableString       PrintableString (SIZE (1..ub-common-name)),
- *        universalString       UniversalString (SIZE (1..ub-common-name)),
- *        utf8String            UTF8String (SIZE (1..ub-common-name)),
- *        bmpString             BMPString (SIZE(1..ub-common-name))   }
- * 
- * 
- *  ub-common-name  INTEGER ::=     64
- *
- * The private calls for this type:
- *
- *
- *  nssPKIXX520CommonName_Decode
- *  nssPKIXX520CommonName_CreateFromUTF8
- *  nssPKIXX520CommonName_Create
- *  nssPKIXX520CommonName_Destroy
- *  nssPKIXX520CommonName_Encode
- *  nssPKIXX520CommonName_GetUTF8Encoding
- *  nssPKIXX520CommonName_Equal
- *  nssPKIXX520CommonName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- *  nssPKIXX520CommonName_verifyPointer
- */
-
-/*
- * nssPKIXX520CommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520CommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520CommonName_Create
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING_TYPE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Create
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  NSSItem *data
-);
-
-/*
- * nssPKIXX520CommonName_Destroy
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520CommonName_Destroy
-(
-  NSSPKIXX520CommonName *name
-);
-
-/*
- * nssPKIXX520CommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520CommonName_Encode
-(
-  NSSPKIXX520CommonName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520CommonName_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXX520CommonName_GetUTF8Encoding
-(
-  NSSPKIXX520CommonName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520CommonName_Equal
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXX520CommonName_Equal
-(
-  NSSPKIXX520CommonName *name1,
-  NSSPKIXX520CommonName *name2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXX520CommonName_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520CommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Duplicate
-(
-  NSSPKIXX520CommonName *name,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-
-/*
- * nssPKIXX520CommonName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520CommonName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXX520CommonName_verifyPointer
-(
-  NSSPKIXX520CommonName *p
-);
-
-#endif /* DEBUG */
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520LocalityName ::= CHOICE {
- *        teletexString       TeletexString (SIZE (1..ub-locality-name)),
- *        printableString     PrintableString (SIZE (1..ub-locality-name)),
- *        universalString     UniversalString (SIZE (1..ub-locality-name)),
- *        utf8String          UTF8String (SIZE (1..ub-locality-name)),
- *        bmpString           BMPString (SIZE(1..ub-locality-name))   }
- * 
- * The private calls for this type:
- *
- *  nssPKIXX520LocalityName_Decode
- *  nssPKIXX520LocalityName_CreateFromUTF8
- *  nssPKIXX520LocalityName_Encode
- *
- */
-
-/*
- * nssPKIXX520LocalityName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520LocalityName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-nssPKIXX520LocalityName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520LocalityName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520LocalityName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-nssPKIXX520LocalityName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520LocalityName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520LocalityName_Encode
-(
-  NSSPKIXX520LocalityName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520StateOrProvinceName         ::= CHOICE {
- *        teletexString       TeletexString (SIZE (1..ub-state-name)),
- *        printableString     PrintableString (SIZE (1..ub-state-name)),
- *        universalString     UniversalString (SIZE (1..ub-state-name)),
- *        utf8String          UTF8String (SIZE (1..ub-state-name)),
- *        bmpString           BMPString (SIZE(1..ub-state-name))   }
- *
- * The private calls for this type:
- *
- *  nssPKIXX520StateOrProvinceName_Decode
- *  nssPKIXX520StateOrProvinceName_CreateFromUTF8
- *  nssPKIXX520StateOrProvinceName_Encode
- *
- */
-
-/*
- * nssPKIXX520StateOrProvinceName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-nssPKIXX520StateOrProvinceName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520StateOrProvinceName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-nssPKIXX520StateOrProvinceName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520StateOrProvinceName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520StateOrProvinceName_Encode
-(
-  NSSPKIXX520StateOrProvinceName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520OrganizationName ::= CHOICE {
- *    teletexString     TeletexString (SIZE (1..ub-organization-name)),
- *    printableString   PrintableString (SIZE (1..ub-organization-name)),
- *    universalString   UniversalString (SIZE (1..ub-organization-name)),
- *    utf8String        UTF8String (SIZE (1..ub-organization-name)),
- *    bmpString         BMPString (SIZE(1..ub-organization-name))   }
- *
- * The private calls for this type:
- *
- *  nssPKIXX520OrganizationName_Decode
- *  nssPKIXX520OrganizationName_CreateFromUTF8
- *  nssPKIXX520OrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXX520OrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-nssPKIXX520OrganizationName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520OrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-nssPKIXX520OrganizationName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520OrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520OrganizationName_Encode
-(
-  NSSPKIXX520OrganizationName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520OrganizationalUnitName ::= CHOICE {
- *   teletexString    TeletexString (SIZE (1..ub-organizational-unit-name)),
- *   printableString        PrintableString
- *                        (SIZE (1..ub-organizational-unit-name)),
- *   universalString        UniversalString
- *                        (SIZE (1..ub-organizational-unit-name)),
- *   utf8String       UTF8String (SIZE (1..ub-organizational-unit-name)),
- *   bmpString        BMPString (SIZE(1..ub-organizational-unit-name))   }
- *
- * The private calls for this type:
- *
- *  nssPKIXX520OrganizationalUnitName_Decode
- *  nssPKIXX520OrganizationalUnitName_CreateFromUTF8
- *  nssPKIXX520OrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXX520OrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-nssPKIXX520OrganizationalUnitName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520OrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-nssPKIXX520OrganizationalUnitName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520OrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520OrganizationalUnitName_Encode
-(
-  NSSPKIXX520OrganizationalUnitName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520Title ::=   CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-title)),
- *        printableString       PrintableString (SIZE (1..ub-title)),
- *        universalString       UniversalString (SIZE (1..ub-title)),
- *        utf8String            UTF8String (SIZE (1..ub-title)),
- *        bmpString             BMPString (SIZE(1..ub-title))   }
- *
- * The private calls for this type:
- *
- *  nssPKIXX520Title_Decode
- *  nssPKIXX520Title_CreateFromUTF8
- *  nssPKIXX520Title_Encode
- *
- */
-
-/*
- * nssPKIXX520Title_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Title upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-nssPKIXX520Title_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520Title_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Title upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-nssPKIXX520Title_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520Title_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Title_Encode
-(
-  NSSPKIXX520Title *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520dnQualifier ::=     PrintableString
- *
- * The private calls for this type:
- *
- *  nssPKIXX520dnQualifier_Decode
- *  nssPKIXX520dnQualifier_CreateFromUTF8
- *  nssPKIXX520dnQualifier_Encode
- *
- */
-
-/*
- * nssPKIXX520dnQualifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520dnQualifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-nssPKIXX520dnQualifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520dnQualifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520dnQualifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-nssPKIXX520dnQualifier_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520dnQualifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520dnQualifier_Encode
-(
-  NSSPKIXX520dnQualifier *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X520countryName ::=     PrintableString (SIZE (2)) -- IS 3166 codes
- *
- * The private calls for this type:
- *
- *  nssPKIXX520countryName_Decode
- *  nssPKIXX520countryName_CreateFromUTF8
- *  nssPKIXX520countryName_Encode
- *
- */
-
-/*
- * nssPKIXX520countryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520countryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-nssPKIXX520countryName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX520countryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520countryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-nssPKIXX520countryName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520countryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520countryName_Encode
-(
-  NSSPKIXX520countryName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXPkcs9email_Decode
- *  nssPKIXPkcs9email_CreateFromUTF8
- *  nssPKIXPkcs9email_Encode
- *
- */
-
-/*
- * nssPKIXPkcs9email_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPkcs9email upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-nssPKIXPkcs9email_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPkcs9email_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPkcs9email upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-nssPKIXPkcs9email_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPkcs9email_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPkcs9email_Encode
-(
-  NSSPKIXPkcs9email *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- *  Name            ::=   CHOICE { -- only one possibility for now --
- *                                   rdnSequence  RDNSequence }
- *
- * The private calls for this type:
- *
- *  nssPKIXName_Decode
- *  nssPKIXName_CreateFromUTF8
- *  nssPKIXName_Create
- *  nssPKIXName_CreateFromRDNSequence
- *  nssPKIXName_Destroy
- *  nssPKIXName_Encode
- *  nssPKIXName_GetUTF8Encoding
- *  nssPKIXName_GetChoice
- *  nssPKIXName_GetRDNSequence
- *  nssPKIXName_GetSpecifiedChoice {fgmr remove this}
-{fgmr} _SetRDNSequence
-{fgmr} _SetSpecifiedChoice
- *  nssPKIXName_Equal
- *  nssPKIXName_Duplicate
- *
- *  (here is where I had specific attribute value gettors in pki1)
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXName_verifyPointer
- *
- */
-
-/*
- * nssPKIXName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * nssPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXNameChoice choice,
-  void *arg
-);
-
-/*
- * nssPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_CreateFromRDNSequence
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRDNSequence *rdnSequence
-);
-
-/*
- * nssPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXName_Destroy
-(
-  NSSPKIXName *name
-);
-
-/*
- * nssPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXName_Encode
-(
-  NSSPKIXName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXName_GetUTF8Encoding
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  A valid element of the NSSPKIXNameChoice enumeration upon success
- *  The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_EXTERN NSSPKIXNameChoice
-nssPKIXName_GetChoice
-(
-  NSSPKIXName *name
-);
-
-/*
- * nssPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A pointer to a valid NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXName_GetRDNSequence
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A valid pointer ...
- *  NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXName_GetSpecifiedChoice
-(
-  NSSPKIXName *name,
-  NSSPKIXNameChoice choice,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXName_Equal
-(
-  NSSPKIXName *name1,
-  NSSPKIXName *name2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Duplicate
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXName_verifyPointer
-(
-  NSSPKIXName *p
-);
-#endif /* DEBUG */
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- *  RDNSequence     ::=   SEQUENCE OF RelativeDistinguishedName
- *
- * The private calls for this type:
- *
- *  nssPKIXRDNSequence_Decode
- *  nssPKIXRDNSequence_CreateFromUTF8
- *  nssPKIXRDNSequence_Create
- *  nssPKIXRDNSequence_CreateFromArray
- *  nssPKIXRDNSequence_Destroy
- *  nssPKIXRDNSequence_Encode
- *  nssPKIXRDNSequence_GetUTF8Encoding
- *  nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *  nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *  nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *  nssPKIXRDNSequence_GetRelativeDistinguishedName
- *  nssPKIXRDNSequence_SetRelativeDistinguishedName
- *  nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *  nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *  nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *  nssPKIXRDNSequence_FindRelativeDistinguishedName
- *  nssPKIXRDNSequence_Equal
- *  nssPKIXRDNSequence_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXRDNSequence_verifyPointer
- *
- */
-
-/*
- * nssPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * nssPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXRelativeDistinguishedName *rdn1
-);
-
-/*
- * nssPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRelativeDistinguishedName *rdn1,
-  ...
-);
-
-/*
- * nssPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_Destroy
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * nssPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXRDNSequence_Encode
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXRDNSequence_GetUTF8Encoding
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence.  {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXRelativeDistinguishedName 
- *      pointers upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName **
-nssPKIXRDNSequence_GetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdns[],
-  PRInt32 countOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRDNSequence_GetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_AppendRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_InsertRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i
-);
-
-/*
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRDNSequence_FindRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXRDNSequence_Equal
-(
-  NSSPKIXRDNSequence *one,
-  NSSPKIXRDNSequence *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Duplicate
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXRDNSequence_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRDNSequence
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_verifyPointer
-(
-  NSSPKIXRDNSequence *p
-);
-#endif /* DEBUG */
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistinguishedName       ::=   RDNSequence
- *
- * This is just a public typedef; no new methods are required. {fgmr-- right?}
- */
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue 
- * objects.  RDNs are used to distinguish a set of objects underneath 
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN.  However, sometimes a set of ATAVs is
- * needed.  For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- *  RelativeDistinguishedName  ::=
- *                      SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * The private calls for this type:
- *
- *  nssPKIXRelativeDistinguishedName_Decode
- *  nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *  nssPKIXRelativeDistinguishedName_Create
- *  nssPKIXRelativeDistinguishedName_CreateFromArray
- *  nssPKIXRelativeDistinguishedName_Destroy
- *  nssPKIXRelativeDistinguishedName_Encode
- *  nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *  nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *  nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *  nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *  nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *  nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *  nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *  nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *  nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *  nssPKIXRelativeDistinguishedName_Equal
- *  nssPKIXRelativeDistinguishedName_Duplicate
- * 
- * fgmr: Logical additional functions include
- *
- *  NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValueByType
- *    returns PRInt32
- *  NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValuesByType
- *    returns array of PRInt32
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueForType
- *    returns NSSPKIXAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValuesForType
- *    returns array of NSSPKIXAttributeTypeAndValue
- *  NSSPKIXRelativeDistinguishedName_GetAttributeValueForType
- *    returns NSSPKIXAttributeValue
- *  NSSPKIXRelativeDistinguishedName_GetAttributeValuesForType
- *    returns array of NSSPKIXAttributeValue
- *
- * NOTE: the "return array" versions are only meaningful if an RDN may
- * contain multiple ATAVs with the same type.  Verify in the RFC if
- * this is possible or not.  If not, nuke those three functions.
- *
- * In debug builds, the following call is available:
- *
- *  nssPKIXRelativeDistinguishedName_verifyPointer
- *
- */
-
-/*
- * nssPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeTypeAndValue *atav1,
-  ...
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXAttributeTypeAndValue *atavs
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_Destroy
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXRelativeDistinguishedName_Encode
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXAttributeTypeAndValue 
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue **
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atavs[],
-  PRInt32 countOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXRelativeDistinguishedName_Equal
-(
-  NSSPKIXRelativeDistinguishedName *one,
-  NSSPKIXRelativeDistinguishedName *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Duplicate
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRelativeDistinguishedName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_verifyPointer
-(
-  NSSPKIXRelativeDistinguishedName *p
-);
-#endif /* DEBUG */
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DirectoryString ::= CHOICE {
- *        teletexString             TeletexString (SIZE (1..MAX)),
- *        printableString           PrintableString (SIZE (1..MAX)),
- *        universalString           UniversalString (SIZE (1..MAX)),
- *        utf8String              UTF8String (SIZE (1..MAX)),
- *        bmpString               BMPString (SIZE(1..MAX))   }
- *
- * The private calls for this type:
- *
- *  nssPKIXDirectoryString_Decode
- *  nssPKIXDirectoryString_CreateFromUTF8
- *  nssPKIXDirectoryString_Encode
- *
- */
-
-/*
- * nssPKIXDirectoryString_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDirectoryString upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-nssPKIXDirectoryString_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXDirectoryString_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDirectoryString upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-nssPKIXDirectoryString_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXDirectoryString_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_DIRECTORY_STRING
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDirectoryString_Encode
-(
-  NSSPKIXDirectoryString *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Certificate  ::=  SEQUENCE  {
- *       tbsCertificate       TBSCertificate,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- * The private calls for this type:
- *
- *  nssPKIXCertificate_Decode
- *  nssPKIXCertificate_Create
- *  nssPKIXCertificate_Destroy
- *  nssPKIXCertificate_Encode
- *  nssPKIXCertificate_GetTBSCertificate
- *  nssPKIXCertificate_SetTBSCertificate
- *  nssPKIXCertificate_GetAlgorithmIdentifier
- *  nssPKIXCertificate_SetAlgorithmIdentifier
- *  nssPKIXCertificate_GetSignature
- *  nssPKIXCertificate_SetSignature
- *  nssPKIXCertificate_Equal
- *  nssPKIXCertificate_Duplicate
- *
- *  { inherit TBSCertificate gettors? }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXCertificate_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCertificate_Create
- *
- * -- fgmr comments --
- * { at this level we'll have to just accept a specified signature }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_ALGID
- *  NSS_ERROR_INVALID_PKIX_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXAlgorithmIdentifier *algID,
-  NSSItem *signature
-);
-
-/*
- * nssPKIXCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_Destroy
-(
-  NSSPKIXCertificate *cert
-);
-
-/*
- * nssPKIXCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificate_Encode
-(
-  NSSPKIXCertificate *cert,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_GetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXCertificate_GetTBSCertificate
-(
-  NSSPKIXCertificate *cert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetTBSCertificate
-(
-  NSSPKIXCertificate *cert,
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXCertificate_GetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXCertificate_GetAlgorithmIdentifier
-(
-  NSSPKIXCertificate *cert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetAlgorithmIdentifier
-(
-  NSSPKIXCertificate *cert,
-  NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * nssPKIXCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXCertificate_GetSignature
-(
-  NSSPKIXCertificate *cert,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetSignature
-(
-  NSSPKIXCertificate *cert,
-  NSSItem *signature
-);
-
-/*
- * nssPKIXCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificate_Equal
-(
-  NSSPKIXCertificate *one,
-  NSSPKIXCertificate *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Duplicate
-(
-  NSSPKIXCertificate *cert,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificate
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_verifyPointer
-(
-  NSSPKIXCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertificate  ::=  SEQUENCE  {
- *       version         [0]  Version DEFAULT v1,
- *       serialNumber         CertificateSerialNumber,
- *       signature            AlgorithmIdentifier,
- *       issuer               Name,
- *       validity             Validity,
- *       subject              Name,
- *       subjectPublicKeyInfo SubjectPublicKeyInfo,
- *       issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       extensions      [3]  Extensions OPTIONAL
- *                            -- If present, version shall be v3 --  }
- *
- * The private calls for this type:
- *
- *  nssPKIXTBSCertificate_Decode
- *  nssPKIXTBSCertificate_Create
- *  nssPKIXTBSCertificate_Destroy
- *  nssPKIXTBSCertificate_Encode
- *  nssPKIXTBSCertificate_GetVersion
- *  nssPKIXTBSCertificate_SetVersion
- *  nssPKIXTBSCertificate_GetSerialNumber
- *  nssPKIXTBSCertificate_SetSerialNumber
- *  nssPKIXTBSCertificate_GetSignature
- *  nssPKIXTBSCertificate_SetSignature
- *    { inherit algid gettors? }
- *  nssPKIXTBSCertificate_GetIssuer
- *  nssPKIXTBSCertificate_SetIssuer
- *    { inherit "helper" issuer gettors? }
- *  nssPKIXTBSCertificate_GetValidity
- *  nssPKIXTBSCertificate_SetValidity
- *    { inherit validity accessors }
- *  nssPKIXTBSCertificate_GetSubject
- *  nssPKIXTBSCertificate_SetSubject
- *  nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *  nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *  nssPKIXTBSCertificate_HasIssuerUniqueID
- *  nssPKIXTBSCertificate_GetIssuerUniqueID
- *  nssPKIXTBSCertificate_SetIssuerUniqueID
- *  nssPKIXTBSCertificate_RemoveIssuerUniqueID
- *  nssPKIXTBSCertificate_HasSubjectUniqueID
- *  nssPKIXTBSCertificate_GetSubjectUniqueID
- *  nssPKIXTBSCertificate_SetSubjectUniqueID
- *  nssPKIXTBSCertificate_RemoveSubjectUniqueID
- *  nssPKIXTBSCertificate_HasExtensions
- *  nssPKIXTBSCertificate_GetExtensions
- *  nssPKIXTBSCertificate_SetExtensions
- *  nssPKIXTBSCertificate_RemoveExtensions
- *    { extension accessors }
- *  nssPKIXTBSCertificate_Equal
- *  nssPKIXTBSCertificate_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXTBSCertificate_verifyPointer
- */
-
-/*
- * nssPKIXTBSCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTBSCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ISSUER_NAME
- *  NSS_ERROR_INVALID_VALIDITY
- *  NSS_ERROR_INVALID_SUBJECT_NAME
- *  NSS_ERROR_INVALID_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ISSUER_UNIQUE_IDENTIFIER
- *  NSS_ERROR_INVALID_SUBJECT_UNIQUE_IDENTIFIER
- *  NSS_ERROR_INVALID_EXTENSION
- *
- * Return value:
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXVersion version,
-  NSSPKIXCertificateSerialNumber *serialNumber,
-  NSSPKIXAlgorithmIdentifier *signature,
-  NSSPKIXName *issuer,
-  NSSPKIXValidity *validity,
-  NSSPKIXName *subject,
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSPKIXUniqueIdentifier *issuerUniqueID,
-  NSSPKIXUniqueIdentifier *subjectUniqueID,
-  NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_Destroy
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTBSCertificate_Encode
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid element of the NSSPKIXVersion enumeration upon success
- *  NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-nssPKIXTBSCertificate_GetVersion
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetVersion
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXVersion version
-);
-
-/*
- * nssPKIXTBSCertificate_GetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXTBSCertificate_GetSerialNumber
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXCertificateSerialNumber *snOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSerialNumber
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXCertificateSerialNumber *sn
-);
-
-/*
- * nssPKIXTBSCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXTBSCertificate_GetSignature
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSignature
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXAlgorithmIdentifier *algID
-);
-
-/*
- *   { fgmr inherit algid gettors? }
- */
-
-/*
- * nssPKIXTBSCertificate_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertificate_GetIssuer
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetIssuer
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXName *issuer
-);
-
-/*
- *   { inherit "helper" issuer gettors? }
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *
- * Return value:
- */
-
-/*
- * nssPKIXTBSCertificate_GetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXTBSCertificate_GetValidity
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetValidity
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXValidity *validity
-);
-
-/*
- *   { fgmr inherit validity accessors }
- */
-
-/*
- * nssPKIXTBSCertificate_GetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertificate_GetSubject
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubject
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXName *subject
-);
-
-/*
- * nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * nssPKIXTBSCertificate_HasIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- *  A valid pointer to an NSSPKIXUniqueIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-nssPKIXTBSCertificate_GetIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uidOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveIssuerUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_HasSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- *  A valid pointer to an NSSPKIXUniqueIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-nssPKIXTBSCertificate_GetSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uidOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveSubjectUniqueID
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_HasExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensions upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXTBSCertificate_GetExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveExtensions
-(
-  NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- *   { extension accessors }
- */
-
-/*
- * nssPKIXTBSCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_Equal
-(
-  NSSPKIXTBSCertificate *one,
-  NSSPKIXTBSCertificate *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Duplicate
-(
-  NSSPKIXTBSCertificate *tbsCert,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTBSCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTBSCertificate
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_verifyPointer
-(
-  NSSPKIXTBSCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateSerialNumber  ::=  INTEGER
- *
- * This is just a typedef'd NSSBER; no methods are required.
- * {fgmr -- the asn.1 stuff should have routines to convert
- * integers to natural types when possible and vv.  we can
- * refer to them here..}
- */
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Validity ::= SEQUENCE {
- *       notBefore      Time,
- *       notAfter       Time }
- *
- * The private calls for the type:
- *
- *  nssPKIXValidity_Decode
- *  nssPKIXValidity_Create
- *  nssPKIXValidity_Encode
- *  nssPKIXValidity_Destroy
- *  nssPKIXValidity_GetNotBefore
- *  nssPKIXValidity_SetNotBefore
- *  nssPKIXValidity_GetNotAfter
- *  nssPKIXValidity_SetNotAfter
- *  nssPKIXValidity_Equal
- *  nssPKIXValidity_Compare
- *  nssPKIXValidity_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXValidity_verifyPointer
- *
- */
-
-/*
- * nssPKIXValidity_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXValidity_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTime notBefore,
-  NSSPKIXTime notAfter
-);
-
-/*
- * nssPKIXValidity_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_Destroy
-(
-  NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXValidity_Encode
-(
-  NSSPKIXValidity *validity,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXValidity_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXValidity_GetNotBefore
-(
-  NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_SetNotBefore
- *
- * -- fgmr comments --
- * {do we require that it be before the "notAfter" value?}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_SetNotBefore
-(
-  NSSPKIXValidity *validity,
-  NSSPKIXTime notBefore
-);
-
-/*
- * nssPKIXValidity_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXValidity_GetNotAfter
-(
-  NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_SetNotAfter
-(
-  NSSPKIXValidity *validity,
-  NSSPKIXTime notAfter
-);
-
-/*
- * nssPKIXValidity_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXValidity_Equal
-(
-  NSSPKIXValidity *one,
-  NSSPKIXValidity *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXValidity_Compare
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *   1 if the second is "greater" or later than the first
- *   0 if they are equal
- *  -1 if the first is "greater" or later than the first
- *  -2 upon failure
- */
-
-NSS_EXTERN PRIntn
-nssPKIXValidity_Compare
-(
-  NSSPKIXValidity *one,
-  NSSPKIXValidity *two
-);
-
-/*
- * nssPKIXValidity_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXValidity upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Duplicate
-(
-  NSSPKIXValidity *validity,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXValidity_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXValidity
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_verifyPointer
-(
-  NSSPKIXValidity *p
-);
-#endif /* DEBUG */
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Time ::= CHOICE {
- *       utcTime        UTCTime,
- *       generalTime    GeneralizedTime }
- *
- * The private calls for the type:
- *
- *  nssPKIXTime_Decode
- *  nssPKIXTime_CreateFromPRTime
- *  nssPKIXTime_CreateFromUTF8
- *  nssPKIXTime_Destroy
- *  nssPKIXTime_Encode
- *  nssPKIXTime_GetPRTime
- *  nssPKIXTime_GetUTF8Encoding
- *  nssPKIXTime_Equal
- *  nssPKIXTime_Duplicate
- *  nssPKIXTime_Compare
- *
- * In debug builds, the following call is available:
- *
- *  nssPKIXTime_verifyPointer
- *
- */
-
-/*
- * nssPKIXTime_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTime upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_CreateFromPRTime
-(
-  NSSArena *arenaOpt,
-  PRTime prTime
-);
-
-/*
- * nssPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTime_Destroy
- *
- */
-
-NSS_EXTERN PR_STATUS
-nssPKIXTime_Destroy
-(
-  NSSPKIXTime *time
-);
-
-/*
- * nssPKIXTime_Encode
- *
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTime_Encode
-(
-  NSSPKIXTime *time,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_EXTERN PRTime
-nssPKIXTime_GetPRTime
-(
-  NSSPKIXTime *time,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKXITime_GetUTF8Encoding
-(
-  NSSPKIXTime *time,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_Equal
- *
- */
-
-NSS_EXTERN PRBool
-nssPKXITime_Equal
-(
-  NSSPKXITime *time1,
-  NSSPKXITime *time2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTime_Duplicate
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKXITime_Duplicate
-(
-  NSSPKIXTime *time,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- *  Returns 0 on error
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTime_Compare
-(
-  NSSPKIXTime *time1,
-  NSSPKIXTime *tiem2,
-  PRStatus *statusOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTime_verifyPointer
- *
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTime_verifyPointer
-(
-  NSSPKIXTime *time
-);
-#endif /* DEBUG */
-
-/*
- * UniqueIdentifier
- *
- * From RFC 2459:
- *
- *  UniqueIdentifier  ::=  BIT STRING
- *
- */
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *       algorithm            AlgorithmIdentifier,
- *       subjectPublicKey     BIT STRING  }
- *
- * The private calls for the type:
- *
- *  nssPKIXSubjectPublicKeyInfo_Decode
- *  nssPKIXSubjectPublicKeyInfo_Create
- *  nssPKIXSubjectPublicKeyInfo_Encode
- *  nssPKIXSubjectPublicKeyInfo_Destroy
- *  nssPKIXSubjectPublicKeyInfo_GetAlgorithm
- *  nssPKIXSubjectPublicKeyInfo_SetAlgorithm
- *  nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *  nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *  nssPKIXSubjectPublicKeyInfo_Equal
- *  nssPKIXSubjectPublicKeyInfo_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXSubjectPublicKeyInfo_verifyPointer
- *
- */
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *subjectPublicKey
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_Destroy
-(
-  NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXSubjectPublicKeyInfo_Encode
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXSubjectPublicKeyInfo_GetAlgorithm
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_SetAlgorithm
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSItem *spkOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSItem *spk
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXSubjectPublicKeyInfo_Equal
-(
-  NSSPKIXSubjectPublicKeyInfo *one,
-  NSSPKIXSubjectPublicKeyInfo *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Duplicate
-(
-  NSSPKIXSubjectPublicKeyInfo *spki,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXSubjectPublicKeyInfo_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXSubjectPublicKeyInfo
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_verifyPointer
-(
-  NSSPKIXSubjectPublicKeyInfo *p
-);
-#endif /* DEBUG */
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-/* { FGMR } */
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extension  ::=  SEQUENCE  {
- *       extnID      OBJECT IDENTIFIER,
- *       critical    BOOLEAN DEFAULT FALSE,
- *       extnValue   OCTET STRING  }
- *
- */
-
-/* { FGMR } */
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateList  ::=  SEQUENCE  {
- *       tbsCertList          TBSCertList,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- * The private calls for the type:
- *
- *  nssPKIXCertificateList_Decode
- *  nssPKIXCertificateList_Create
- *  nssPKIXCertificateList_Encode
- *  nssPKIXCertificateList_Destroy
- *  nssPKIXCertificateList_GetTBSCertList
- *  nssPKIXCertificateList_SetTBSCertList
- *  nssPKIXCertificateList_GetSignatureAlgorithm
- *  nssPKIXCertificateList_SetSignatureAlgorithm
- *  nssPKIXCertificateList_GetSignature
- *  nssPKIXCertificateList_SetSignature
- *  nssPKIXCertificateList_Equal
- *  nssPKIXCertificateList_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXCertificateList_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificateList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCertificateList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTBSCertList *tbsCertList,
-  NSSPKIXAlgorithmIdentifier *sigAlg,
-  NSSItem *signature
-);
-
-/*
- * nssPKIXCertificateList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_Destroy
-(
-  NSSPKIXCertificateList *certList
-);
-
-/*
- * nssPKIXCertificateList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificateList_Encode
-(
-  NSSPKIXCertificateList *certList,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_GetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXCertificateList_GetTBSCertList
-(
-  NSSPKIXCertificateList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetTBSCertList
-(
-  NSSPKIXCertificateList *certList,
-  NSSPKIXTBSCertList *tbsCertList
-);
-
-/*
- * nssPKIXCertificateList_GetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXCertificateList_GetSignatureAlgorithm
-(
-  NSSPKIXCertificateList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetSignatureAlgorithm
-(
-  NSSPKIXCertificateList *certList,
-  NSSPKIXAlgorithmIdentifier *sigAlg
-);
-
-/*
- * nssPKIXCertificateList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXCertificateList_GetSignature
-(
-  NSSPKIXCertificateList *certList,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetSignature
-(
-  NSSPKIXCertificateList *certList,
-  NSSItem *sig
-);
-
-/*
- * nssPKIXCertificateList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificateList_Equal
-(
-  NSSPKIXCertificateList *one,
-  NSSPKIXCertificateList *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificateList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Duplicate
-(
-  NSSPKIXCertificateList *certList,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificateList_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificateList
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_verifyPointer
-(
-  NSSPKIXCertificateList *p
-);
-#endif /* DEBUG */
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertList  ::=  SEQUENCE  {
- *       version                 Version OPTIONAL,
- *                                    -- if present, shall be v2
- *       signature               AlgorithmIdentifier,
- *       issuer                  Name,
- *       thisUpdate              Time,
- *       nextUpdate              Time OPTIONAL,
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *       crlExtensions           [0] Extensions OPTIONAL
- *                                           -- if present, shall be v2 -- }
- *
- * The private calls for the type:
- *
- *  nssPKIXTBSCertList_Decode
- *  nssPKIXTBSCertList_Create
- *  nssPKIXTBSCertList_Destroy
- *  nssPKIXTBSCertList_Encode
- *  nssPKIXTBSCertList_GetVersion
- *  nssPKIXTBSCertList_SetVersion
- *  nssPKIXTBSCertList_GetSignature
- *  nssPKIXTBSCertList_SetSignature
- *  nssPKIXTBSCertList_GetIssuer
- *  nssPKIXTBSCertList_SetIssuer
- *  nssPKIXTBSCertList_GetThisUpdate
- *  nssPKIXTBSCertList_SetThisUpdate
- *  nssPKIXTBSCertList_HasNextUpdate
- *  nssPKIXTBSCertList_GetNextUpdate
- *  nssPKIXTBSCertList_SetNextUpdate
- *  nssPKIXTBSCertList_RemoveNextUpdate
- *  nssPKIXTBSCertList_GetRevokedCertificates
- *  nssPKIXTBSCertList_SetRevokedCertificates
- *  nssPKIXTBSCertList_HasCrlExtensions
- *  nssPKIXTBSCertList_GetCrlExtensions
- *  nssPKIXTBSCertList_SetCrlExtensions
- *  nssPKIXTBSCertList_RemoveCrlExtensions
- *  nssPKIXTBSCertList_Equal
- *  nssPKIXTBSCertList_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXTBSCertList_verifyPointer
- *
- */
-
-/*
- * nssPKIXTBSCertList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTBSCertList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_PKIX_TIME
- *  (something for the times being out of order?)
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXVersion version,
-  NSSPKIXAlgorithmIdentifier *signature,
-  NSSPKIXName *issuer,
-  NSSPKIXTime thisUpdate,
-  NSSPKIXTime nextUpdateOpt,
-  NSSPKIXrevokedCertificates *revokedCerts,
-  NSSPKIXExtensions *crlExtensionsOpt
-);
-
-/*
- * nssPKIXTBSCertList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_Destroy
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTBSCertList_Encode
-(
-  NSSPKIXTBSCertList *certList,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid element of the NSSPKIXVersion enumeration upon success
- *  NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-nssPKIXTBSCertList_GetVersion
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetVersion
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXVersion version
-);
-
-/*
- * nssPKIXTBSCertList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXTBSCertList_GetSignature
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetSignature
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * nssPKIXTBSCertList_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertList_GetIssuer
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetIssuer
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXName *issuer
-);
-
-/*
- * nssPKIXTBSCertList_GetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXTBSCertList_GetThisUpdate
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetThisUpdate
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXTime thisUpdate
-);
-
-/*
- * nssPKIXTBSCertList_HasNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_HasNextUpdate
-(
-  NSSPKIXTBSCertList *certList,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid NSSPKIXTime upon success
- *  {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXTBSCertList_GetNextUpdate
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetNextUpdate
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXTime nextUpdate
-);
-
-/*
- * nssPKIXTBSCertList_RemoveNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_HAS_NO_NEXT_UPDATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_RemoveNextUpdate
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon succes
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXTBSCertList_GetRevokedCertificates
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetRevokedCertificates
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXrevokedCertificates *revoked
-);
-
-/*
- * nssPKIXTBSCertList_HasCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_HasCrlExtensions
-(
-  NSSPKIXTBSCertList *certList,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensions upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXTBSCertList_GetCrlExtensions
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetCrlExtensions
-(
-  NSSPKIXTBSCertList *certList,
-  NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertList_RemoveCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_HAS_NO_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_RemoveCrlExtensions
-(
-  NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_Equal
-(
-  NSSPKIXTBSCertList *one,
-  NSSPKIXTBSCertList *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTBSCertList upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Duplicate
-(
-  NSSPKIXTBSCertList *certList,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTBSCertList_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTBSCertList
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_verifyPointer
-(
-  NSSPKIXTBSCertList *p
-);
-#endif /* DEBUG */
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- * The private calls for the type:
- *
- *  nssPKIXrevokedCertificates_Decode
- *  nssPKIXrevokedCertificates_Create
- *  nssPKIXrevokedCertificates_Encode
- *  nssPKIXrevokedCertificates_Destroy
- *  nssPKIXrevokedCertificates_GetRevokedCertificateCount
- *  nssPKIXrevokedCertificates_GetRevokedCertificates
- *  nssPKIXrevokedCertificates_SetRevokedCertificates
- *  nssPKIXrevokedCertificates_GetRevokedCertificate
- *  nssPKIXrevokedCertificates_SetRevokedCertificate
- *  nssPKIXrevokedCertificates_InsertRevokedCertificate
- *  nssPKIXrevokedCertificates_AppendRevokedCertificate
- *  nssPKIXrevokedCertificates_RemoveRevokedCertificate
- *  nssPKIXrevokedCertificates_Equal
- *  nssPKIXrevokedCertificates_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXrevokedCertificates_verifyPointer
- *
- */
-
-/*
- * nssPKIXrevokedCertificates_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXrevokedCertificates_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXrevokedCertificate *rc1,
-  ...
-);
-
-/*
- * nssPKIXrevokedCertificates_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_Destroy
-(
-  NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * nssPKIXrevokedCertificates_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXrevokedCertificates_Encode
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificateCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXrevokedCertificates_GetRevokedCertificateCount
-(
-  NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXrevokedCertificate pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate **
-nssPKIXrevokedCertificates_GetRevokedCertificates
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSPKIXrevokedCertificate *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_SetRevokedCertificates
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSPKIXrevokedCertificate *rc[],
-  PRInt32 countOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificates_GetRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_SetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_SetRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_InsertRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_InsertRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_AppendRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_AppendRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_RemoveRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_RemoveRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  PRInt32 i
-);
-
-/*
- * nssPKIXrevokedCertificates_FindRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXrevokedCertificates_FindRevokedCertificate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificates_Equal
-(
-  NSSPKIXrevokedCertificates *one,
-  NSSPKIXrevokedCertificates *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificates upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Duplicate
-(
-  NSSPKIXrevokedCertificates *rcs,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXrevokedCertificates_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXrevokedCertificates
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_verifyPointer
-(
-  NSSPKIXrevokedCertificates *p
-);
-#endif /* DEBUG */
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *                                           SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- * The private calls for this type:
- *
- *  nssPKIXrevokedCertificate_Decode
- *  nssPKIXrevokedCertificate_Create
- *  nssPKIXrevokedCertificate_Encode
- *  nssPKIXrevokedCertificate_Destroy
- *  nssPKIXrevokedCertificate_GetUserCertificate
- *  nssPKIXrevokedCertificate_SetUserCertificate
- *  nssPKIXrevokedCertificate_GetRevocationDate
- *  nssPKIXrevokedCertificate_SetRevocationDate
- *  nssPKIXrevokedCertificate_HasCrlEntryExtensions
- *  nssPKIXrevokedCertificate_GetCrlEntryExtensions
- *  nssPKIXrevokedCertificate_SetCrlEntryExtensions
- *  nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *  nssPKIXrevokedCertificate_Equal
- *  nssPKIXrevokedCertificate_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXrevokedCertificate_verifyPointer
- *
- */
-
-
-/*
- * nssPKIXrevokedCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXrevokedCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *  NSS_ERROR_INVALID_PKIX_TIME
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCertificateSerialNumber *userCertificate,
-  NSSPKIXTime *revocationDate,
-  NSSPKIXExtensions *crlEntryExtensionsOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_Destroy
-(
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXrevokedCertificate_Encode
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_GetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXrevokedCertificate_GetUserCertificate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);  
-
-/*
- * nssPKIXrevokedCertificate_SetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetUserCertificate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSPKIXCertificateSerialNumber *csn
-);
-
-/*
- * nssPKIXrevokedCertificate_GetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTime upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXrevokedCertificate_GetRevocationDate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);  
-
-/*
- * nssPKIXrevokedCertificate_SetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetRevocationDate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSPKIXTime *revocationDate
-);
-
-/*
- * nssPKIXrevokedCertificate_HasCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificate_HasCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_GetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensions upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXrevokedCertificate_GetCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);  
-
-/*
- * nssPKIXrevokedCertificate_SetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSPKIXExtensions *crlEntryExtensions
-);
-
-/*
- * nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *  NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
-(
-  NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificate_Equal
-(
-  NSSPKIXrevokedCertificate *one,
-  NSSPKIXrevokedCertificate *two,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXrevokedCertificate upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Duplicate
-(
-  NSSPKIXrevokedCertificate *rc,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXrevokedCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXrevokedCertificate
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_verifyPointer
-(
-  NSSPKIXrevokedCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- *  AlgorithmIdentifier  ::=  SEQUENCE  {
- *       algorithm               OBJECT IDENTIFIER,
- *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
- *                                  -- contains a value of the type
- *                                  -- registered for use with the
- *                                  -- algorithm object identifier value
- *
- * The private calls for this type:
- *
- *  nssPKIXAlgorithmIdentifier_Decode
- *  nssPKIXAlgorithmIdentifier_Create
- *  nssPKIXAlgorithmIdentifier_Encode
- *  nssPKIXAlgorithmIdentifier_Destroy
- *  nssPKIXAlgorithmIdentifier_GetAlgorithm
- *  nssPKIXAlgorithmIdentifier_SetAlgorithm
- *  nssPKIXAlgorithmIdentifier_GetParameters
- *  nssPKIXAlgorithmIdentifier_SetParameters
- *  nssPKIXAlgorithmIdentifier_Compare
- *  nssPKIXAlgorithmIdentifier_Duplicate
- *    { algorithm-specific parameter types and accessors ? }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXAlgorithmIdentifier_verifyPointer
- *
- */
-
-/*
- * nssPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *algorithm,
-  NSSItem *parameters
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_Destroy
-(
-  NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAlgorithmIdentifier_Encode
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSOID pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAlgorithmIdentifier_GetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_SetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSOID *algorithm
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXAlgorithmIdentifier_GetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_SetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *parameters
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAlgorithmIdentifier_Equal
-(
-  NSSPKIXAlgorithmIdentifier *algid1,
-  NSSPKIXAlgorithmIdentifier *algid2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Duplicate
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { algorithm-specific parameter types and accessors ? }
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAlgorithmIdentifier
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_verifyPointer
-(
-  NSSPKIXAlgorithmIdentifier *p
-);
-#endif /* DEBUG */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ORAddress ::= SEQUENCE {
- *     built-in-standard-attributes BuiltInStandardAttributes,
- *     built-in-domain-defined-attributes
- *                          BuiltInDomainDefinedAttributes OPTIONAL,
- *     -- see also teletex-domain-defined-attributes
- *     extension-attributes ExtensionAttributes OPTIONAL }
- *  --      The OR-address is semantically absent from the OR-name if the
- *  --      built-in-standard-attribute sequence is empty and the
- *  --      built-in-domain-defined-attributes and extension-attributes are
- *  --      both omitted.
- *
- * The private calls for this type:
- *
- *  nssPKIXORAddress_Decode
- *  nssPKIXORAddress_Create
- *  nssPKIXORAddress_Destroy
- *  nssPKIXORAddress_Encode
- *  nssPKIXORAddress_GetBuiltInStandardAttributes
- *  nssPKIXORAddress_SetBuiltInStandardAttributes
- *  nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *  nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *  nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *  nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *  nssPKIXORAddress_HasExtensionsAttributes
- *  nssPKIXORAddress_GetExtensionsAttributes
- *  nssPKIXORAddress_SetExtensionsAttributes
- *  nssPKIXORAddress_RemoveExtensionsAttributes
- *  nssPKIXORAddress_Equal
- *  nssPKIXORAddress_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXORAddress_verifyPointer
- *
- */
-
-/*
- * nssPKIXORAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXORAddres upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXORAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSIONS_ATTRIBUTES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXORAddres upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXBuiltInDomainDefinedAttributes *biddaOpt,
-  NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * nssPKIXORAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_Destroy
-(
-  NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXORAddress_Encode
-(
-  NSSPKIXORAddress *ora,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_GetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXORAddress_GetBuiltInStandardAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetBuiltInStandardAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
-(
-  NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_HasExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_HasExtensionsAttributes
-(
-  NSSPKIXORAddress *ora,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_GetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXORAddress_GetExtensionsAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetExtensionsAttributes
-(
-  NSSPKIXORAddress *ora,
-  NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * nssPKIXORAddress_RemoveExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_RemoveExtensionsAttributes
-(
-  NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_Equal
-(
-  NSSPKIXORAddress *ora1,
-  NSSPKIXORAddress *ora2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXORAddres upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Duplicate
-(
-  NSSPKIXORAddress *ora,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXORAddress_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXORAddress
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_verifyPointer
-(
-  NSSPKIXORAddress *p
-);
-#endif /* DEBUG */
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInStandardAttributes ::= SEQUENCE {
- *     country-name CountryName OPTIONAL,
- *     administration-domain-name AdministrationDomainName OPTIONAL,
- *     network-address      [0] NetworkAddress OPTIONAL,
- *     -- see also extended-network-address
- *     terminal-identifier  [1] TerminalIdentifier OPTIONAL,
- *     private-domain-name  [2] PrivateDomainName OPTIONAL,
- *     organization-name    [3] OrganizationName OPTIONAL,
- *     -- see also teletex-organization-name
- *     numeric-user-identifier      [4] NumericUserIdentifier OPTIONAL,
- *     personal-name        [5] PersonalName OPTIONAL,
- *     -- see also teletex-personal-name
- *     organizational-unit-names    [6] OrganizationalUnitNames OPTIONAL
- *     -- see also teletex-organizational-unit-names -- }
- *
- * The private calls for this type:
- *
- *  nssPKIXBuiltInStandardAttributes_Decode
- *  nssPKIXBuiltInStandardAttributes_Create
- *  nssPKIXBuiltInStandardAttributes_Destroy
- *  nssPKIXBuiltInStandardAttributes_Encode
- *  nssPKIXBuiltInStandardAttributes_HasCountryName
- *  nssPKIXBuiltInStandardAttributes_GetCountryName
- *  nssPKIXBuiltInStandardAttributes_SetCountryName
- *  nssPKIXBuiltInStandardAttributes_RemoveCountryName
- *  nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *  nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *  nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *  nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *  nssPKIXBuiltInStandardAttributes_HasNetworkAddress
- *  nssPKIXBuiltInStandardAttributes_GetNetworkAddress
- *  nssPKIXBuiltInStandardAttributes_SetNetworkAddress
- *  nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *  nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *  nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *  nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *  nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *  nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *  nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *  nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *  nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *  nssPKIXBuiltInStandardAttributes_HasOrganizationName
- *  nssPKIXBuiltInStandardAttributes_GetOrganizationName
- *  nssPKIXBuiltInStandardAttributes_SetOrganizationName
- *  nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *  nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *  nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *  nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *  nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *  nssPKIXBuiltInStandardAttributes_HasPersonalName
- *  nssPKIXBuiltInStandardAttributes_GetPersonalName
- *  nssPKIXBuiltInStandardAttributes_SetPersonalName
- *  nssPKIXBuiltInStandardAttributes_RemovePersonalName
- *  nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *  nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *  nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *  nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *  nssPKIXBuiltInStandardAttributes_Equal
- *  nssPKIXBuiltInStandardAttributes_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXBuiltInStandardAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInStandardAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *  NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *  NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *  NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCountryName *countryNameOpt,
-  NSSPKIXAdministrationDomainName *administrationDomainNameOpt,
-  NSSPKIXNetworkAddress *networkAddressOpt,
-  NSSPKIXTerminalIdentifier *terminalIdentifierOpt,
-  NSSPKIXPrivateDomainName *privateDomainNameOpt,
-  NSSPKIXOrganizationName *organizationNameOpt,
-  NSSPKIXNumericUserIdentifier *numericUserIdentifierOpt,
-  NSSPKIXPersonalName *personalNameOpt,
-  NSSPKIXOrganizationalUnitNames *organizationalUnitNamesOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_Destroy
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInStandardAttributes_Encode
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXBuiltInStandardAttributes_GetCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXCountryName *countryName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_COUNTRY_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveCountryName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAdministrationDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXAdministrationDomainName *administrationDomainName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXBuiltInStandardAttributes_GetNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXNetworkAddress *networkAddress
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_NETWORK_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTerminalIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXTerminalIdentifier *terminalIdentifier
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_TERMINAL_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXPrivateDomainName *privateDomainName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXBuiltInStandardAttributes_GetOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXOrganizationName *organizationName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_ORGANIZATION_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXNumericUserIdentifier *numericUserIdentifier
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasPersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXBuiltInStandardAttributes_GetPersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetPersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemovePersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemovePersonalName
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSPKIXOrganizationalUnitNames *organizationalUnitNames
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
-(
-  NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_Equal
-(
-  NSSPKIXBuiltInStandardAttributes *bisa1,
-  NSSPKIXBuiltInStandardAttributes *bisa2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Duplicate
-(
-  NSSPKIXBuiltInStandardAttributes *bisa,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInStandardAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInStandardAttributes
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_verifyPointer
-(
-  NSSPKIXBuiltInStandardAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CountryName ::= [APPLICATION 1] CHOICE {
- *     x121-dcc-code NumericString
- *                  (SIZE (ub-country-name-numeric-length)),
- *     iso-3166-alpha2-code PrintableString
- *                  (SIZE (ub-country-name-alpha-length)) }
- *
- * The private calls for this type:
- *
- *  nssPKIXCountryName_Decode
- *  nssPKIXCountryName_CreateFromUTF8
- *  nssPKIXCountryName_Encode
- *
- */
-
-/*
- * nssPKIXCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXCountryName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXCountryName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCountryName_Encode
-(
-  NSSPKIXCountryName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- *     numeric NumericString (SIZE (0..ub-domain-name-length)),
- *     printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- * The private calls for this type:
- *
- *  nssPKIXAdministrationDomainName_Decode
- *  nssPKIXAdministrationDomainName_CreateFromUTF8
- *  nssPKIXAdministrationDomainName_Encode
- *
- */
-
-/*
- * nssPKIXAdministrationDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAdministrationDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXAdministrationDomainName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAdministrationDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAdministrationDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXAdministrationDomainName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXAdministrationDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAdministrationDomainName_Encode
-(
-  NSSPKIXAdministrationDomainName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXX121Address_Decode
- *  nssPKIXX121Address_CreateFromUTF8
- *  nssPKIXX121Address_Encode
- *
- */
-
-/*
- * nssPKIXX121Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX121Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-nssPKIXX121Address_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXX121Address_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX121Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-nssPKIXX121Address_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX121Address_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_X121_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX121Address_Encode
-(
-  NSSPKIXX121Address *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NetworkAddress ::= X121Address  -- see also extended-network-address
- *
- * The private calls for this type:
- *
- *  nssPKIXNetworkAddress_Decode
- *  nssPKIXNetworkAddress_CreateFromUTF8
- *  nssPKIXNetworkAddress_Encode
- *
- */
-
-/*
- * nssPKIXNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXNetworkAddress_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXNetworkAddress_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXNetworkAddress_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXNetworkAddress_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNetworkAddress_Encode
-(
-  NSSPKIXNetworkAddress *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXTerminalIdentifier_Decode
- *  nssPKIXTerminalIdentifier_CreateFromUTF8
- *  nssPKIXTerminalIdentifier_Encode
- *
- */
-
-/*
- * nssPKIXTerminalIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTerminalIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXTerminalIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTerminalIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTerminalIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXTerminalIdentifier_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTerminalIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTerminalIdentifier_Encode
-(
-  NSSPKIXTerminalIdentifier *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments -- 
- *
- *  PrivateDomainName ::= CHOICE {
- *     numeric NumericString (SIZE (1..ub-domain-name-length)),
- *     printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- * The private calls for this type:
- *
- *  nssPKIXPrivateDomainName_Decode
- *  nssPKIXPrivateDomainName_CreateFromUTF8
- *  nssPKIXPrivateDomainName_Encode
- *
- */
-
-/*
- * nssPKIXPrivateDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXPrivateDomainName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPrivateDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateDomainName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXPrivateDomainName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPrivateDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPrivateDomainName_Encode
-(
-  NSSPKIXPrivateDomainName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- *  OrganizationName ::= PrintableString
- *                              (SIZE (1..ub-organization-name-length))
- * 
- * The private calls for this type:
- *
- *  nssPKIXOrganizationName_Decode
- *  nssPKIXOrganizationName_CreateFromUTF8
- *  nssPKIXOrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXOrganizationName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXOrganizationName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationName_Encode
-(
-  NSSPKIXOrganizationName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NumericUserIdentifier ::= NumericString
- *                              (SIZE (1..ub-numeric-user-id-length))
- * 
- * The private calls for this type:
- *
- *  nssPKIXNumericUserIdentifier_Decode
- *  nssPKIXNumericUserIdentifier_CreateFromUTF8
- *  nssPKIXNumericUserIdentifier_Encode
- *
- */
-
-/*
- * nssPKIXNumericUserIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXNumericUserIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXNumericUserIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_UTF8
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXNumericUserIdentifier_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXNumericUserIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNumericUserIdentifier_Encode
-(
-  NSSPKIXNumericUserIdentifier *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PersonalName ::= SET {
- *     surname [0] PrintableString (SIZE (1..ub-surname-length)),
- *     given-name [1] PrintableString
- *                          (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] PrintableString
- *                  (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXPersonalName_Decode
- *  nssPKIXPersonalName_Create
- *  nssPKIXPersonalName_Destroy
- *  nssPKIXPersonalName_Encode
- *  nssPKIXPersonalName_GetSurname
- *  nssPKIXPersonalName_SetSurname
- *  nssPKIXPersonalName_HasGivenName
- *  nssPKIXPersonalName_GetGivenName
- *  nssPKIXPersonalName_SetGivenName
- *  nssPKIXPersonalName_RemoveGivenName
- *  nssPKIXPersonalName_HasInitials
- *  nssPKIXPersonalName_GetInitials
- *  nssPKIXPersonalName_SetInitials
- *  nssPKIXPersonalName_RemoveInitials
- *  nssPKIXPersonalName_HasGenerationQualifier
- *  nssPKIXPersonalName_GetGenerationQualifier
- *  nssPKIXPersonalName_SetGenerationQualifier
- *  nssPKIXPersonalName_RemoveGenerationQualifier
- *  nssPKIXPersonalName_Equal
- *  nssPKIXPersonalName_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPersonalName_verifyPointer
- *
- */
-
-/*
- * nssPKIXPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *surname,
-  NSSUTF8 *givenNameOpt,
-  NSSUTF8 *initialsOpt,
-  NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * nssPKIXPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_Destroy
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPersonalName_Encode
-(
-  NSSPKIXPersonalName *personalName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetSurname
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetSurname
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *surname
-);
-
-/*
- * nssPKIXPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasGivenName
-(
-  NSSPKIXPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetGivenName
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetGivenName
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *givenName
-);
-
-/*
- * nssPKIXPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveGivenName
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasInitials
-(
-  NSSPKIXPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetInitials
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetInitials
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *initials
-);
-
-/*
- * nssPKIXPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveInitials
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName,
-  NSSUTF8 *generationQualifier
-);
-
-/*
- * nssPKIXPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveGenerationQualifier
-(
-  NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_Equal
-(
-  NSSPKIXPersonalName *personalName1,
-  NSSPKIXPersonalName *personalName2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Duplicate
-(
-  NSSPKIXPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPersonalName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPersonalName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_verifyPointer
-(
-  NSSPKIXPersonalName *p
-);
-#endif /* DEBUG */
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- *                                          OF OrganizationalUnitName
- * 
- * The private calls for the type:
- *
- *  nssPKIXOrganizationalUnitNames_Decode
- *  nssPKIXOrganizationalUnitNames_Create
- *  nssPKIXOrganizationalUnitNames_Destroy
- *  nssPKIXOrganizationalUnitNames_Encode
- *  nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *  nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *  nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *  nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *  nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *  nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *  nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *  nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *  nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *  nssPKIXOrganizationalUnitNames_Equal
- *  nssPKIXOrganizationalUnitNames_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXOrganizationalUnitNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXOrganizationalUnitName *ou1,
-  ...
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_Destroy
-(
-  NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationalUnitNames_Encode
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
-(
-  NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXOrganizationalUnitName
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName **
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *ou[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  PRInt32 i
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRIntn
-nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXOrganizationalUnitNames_Equal
-(
-  NSSPKIXOrganizationalUnitNames *ous1,
-  NSSPKIXOrganizationalUnitNames *ous2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Duplicate
-(
-  NSSPKIXOrganizationalUnitNames *ous,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXOrganizationalUnitNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXOrganizationalUnitNames
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_verifyPointer
-(
-  NSSPKIXOrganizationalUnitNames *p
-);
-#endif /* DEBUG */
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitName ::= PrintableString (SIZE
- *                          (1..ub-organizational-unit-name-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXOrganizationalUnitName_Decode
- *  nssPKIXOrganizationalUnitName_CreateFromUTF8
- *  nssPKIXOrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationalUnitName_Encode
-(
-  NSSPKIXOrganizationalUnitName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- *                                  (1..ub-domain-defined-attributes) OF
- *                                  BuiltInDomainDefinedAttribute
- *
- * The private calls for this type:
- *
- *  nssPKIXBuiltInDomainDefinedAttributes_Decode
- *  nssPKIXBuiltInDomainDefinedAttributes_Create
- *  nssPKIXBuiltInDomainDefinedAttributes_Destroy
- *  nssPKIXBuiltInDomainDefinedAttributes_Encode
- *  nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *  nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *  nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *  nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *  nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *  nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *  nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *  nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *  nssPKIXBuiltInDomainDefinedAttributes_Equal
- *  nssPKIXBuiltInDomainDefinedAttributes_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
-  ...
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_Destroy
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInDomainDefinedAttributes_Encode
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXBuiltInDomainDefinedAttribute
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute **
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribut *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribut *bidda[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  PRInt32 i
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInDomainDefinedAttributes_Equal
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas1,
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Duplicate
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *biddas,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
-(
-  NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttribute ::= SEQUENCE {
- *     type PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-type-length)),
- *     value PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-value-length))}
- *
- * The private calls for this type:
- *
- *  nssPKIXBuiltInDomainDefinedAttribute_Decode
- *  nssPKIXBuiltInDomainDefinedAttribute_Create
- *  nssPKIXBuiltInDomainDefinedAttribute_Destroy
- *  nssPKIXBuiltInDomainDefinedAttribute_Encode
- *  nssPKIXBuiltInDomainDefinedAttribute_GetType
- *  nssPKIXBuiltInDomainDefinedAttribute_SetType
- *  nssPKIXBuiltInDomainDefinedAttribute_GetValue
- *  nssPKIXBuiltInDomainDefinedAttribute_SetValue
- *  nssPKIXBuiltInDomainDefinedAttribute_Equal
- *  nssPKIXBuiltInDomainDefinedAttribute_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *type,
-  NSSUTF8 *value
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_Destroy
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInDomainDefinedAttribute_Encode
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXBuiltInDomainDefinedAttribute_GetType
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_SetType
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSUTF8 *type
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXBuiltInDomainDefinedAttribute_GetValue
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_SetValue
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSUTF8 *value
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInDomainDefinedAttribute_Equal
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Duplicate
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *bidda,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
-(
-  NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- *                          ExtensionAttribute
- *
- * The private calls for this type:
- *
- *  nssPKIXExtensionAttributes_Decode
- *  nssPKIXExtensionAttributes_Create
- *  nssPKIXExtensionAttributes_Destroy
- *  nssPKIXExtensionAttributes_Encode
- *  nssPKIXExtensionAttributes_GetExtensionAttributeCount
- *  nssPKIXExtensionAttributes_GetExtensionAttributes
- *  nssPKIXExtensionAttributes_SetExtensionAttributes
- *  nssPKIXExtensionAttributes_GetExtensionAttribute
- *  nssPKIXExtensionAttributes_SetExtensionAttribute
- *  nssPKIXExtensionAttributes_InsertExtensionAttribute
- *  nssPKIXExtensionAttributes_AppendExtensionAttribute
- *  nssPKIXExtensionAttributes_RemoveExtensionAttribute
- *  nssPKIXExtensionAttributes_FindExtensionAttribute
- *  nssPKIXExtensionAttributes_Equal
- *  nssPKIXExtensionAttributes_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXExtensionAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtensionAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXExtensionAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXExtensionAttribute ea1,
-  ...
-);
-
-/*
- * nssPKIXExtensionAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_Destroy
-(
-  NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * nssPKIXExtensionAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtensionAttributes_Encode
-(
-  NSSPKIXExtensionAttributes *eas
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtensionAttributes_GetExtensionAttributeCount
-(
-  NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXExtensionAttribute pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute **
-nssPKIXExtensionAttributes_GetExtensionAttributes
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_SetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_INVALID_POINTER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_SetExtensionAttributes
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *ea[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttributes_GetExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_SetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_SetExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_InsertExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_InsertExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_AppendExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_AppendExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_RemoveExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_RemoveExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  PRInt32 i,
-);
-
-/*
- * nssPKIXExtensionAttributes_FindExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  A nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtensionAttributes_FindExtensionAttribute
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtensionAttributes_Equal
-(
-  NSSPKIXExtensionAttributes *eas1,
-  NSSPKIXExtensionAttributes *eas2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttributes upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Duplicate
-(
-  NSSPKIXExtensionAttributes *eas,
-  NSSArena *arenaOpt
-);
-
-/*
- * fgmr
- * There should be accessors to search the ExtensionAttributes and
- * return the value for a specific value, etc.
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXExtensionAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtensionAttributes
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_verifyPointer
-(
-  NSSPKIXExtensionAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttribute ::=  SEQUENCE {
- *     extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- *     extension-attribute-value [1]
- *                          ANY DEFINED BY extension-attribute-type }
- *
- * The private calls for this type:
- *
- *  nssPKIXExtensionAttribute_Decode
- *  nssPKIXExtensionAttribute_Create
- *  nssPKIXExtensionAttribute_Destroy
- *  nssPKIXExtensionAttribute_Encode
- *  nssPKIXExtensionAttribute_GetExtensionsAttributeType
- *  nssPKIXExtensionAttribute_SetExtensionsAttributeType
- *  nssPKIXExtensionAttribute_GetExtensionsAttributeValue
- *  nssPKIXExtensionAttribute_SetExtensionsAttributeValue
- *  nssPKIXExtensionAttribute_Equal
- *  nssPKIXExtensionAttribute_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXExtensionAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtensionAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXExtensionAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE_TYPE
- *  NSS_ERROR_INVALID_POINTER
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXExtensionAttributeType type,
-  NSSItem *value
-);
-
-/*
- * nssPKIXExtensionAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_Destroy
-(
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtensionAttribute_Encode
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_GetExtensionsAttributeType
- *
- * -- fgmr comments --
- * {One of these objects created from BER generated by a program
- * adhering to a later version of the PKIX standards might have
- * a value not mentioned in the enumeration definition.  This isn't
- * a bug.}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  A member of the NSSPKIXExtensionAttributeType enumeration
- *      upon success
- *  NSSPKIXExtensionAttributeType_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributeType
-nssPKIXExtensionAttribute_GetExtensionsAttributeType
-(
-  NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttribute_SetExtensionsAttributeType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_SetExtensionsAttributeType
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSPKIXExtensionAttributeType type
-);
-
-/*
- * nssPKIXExtensionAttribute_GetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXExtensionAttribute_GetExtensionsAttributeValue
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_SetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_SetExtensionsAttributeValue
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSItem *value
-);
-
-/*
- * nssPKIXExtensionAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtensionAttribute_Equal
-(
-  NSSPKIXExtensionAttribute *ea1,
-  NSSPKIXExtensionAttribute *ea2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtensionAttribute upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Duplicate
-(
-  NSSPKIXExtensionAttribute *ea,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtensionAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtensionAttribute
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_verifyPointer
-(
-  NSSPKIXExtensionAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXCommonName_Decode
- *  nssPKIXCommonName_CreateFromUTF8
- *  nssPKIXCommonName_Encode
- *
- */
-
-/*
- * nssPKIXCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-nssPKIXCommonName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-nssPKIXCommonName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCommonName_Encode
-(
-  NSSPKIXCommonName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXTeletexCommonName_Decode
- *  nssPKIXTeletexCommonName_CreateFromUTF8
- *  nssPKIXTeletexCommonName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-nssPKIXTeletexCommonName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexCommonName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-nssPKIXTeletexCommonName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_COMMON_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexCommonName_Encode
-(
-  NSSPKIXTeletexCommonName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationName ::=
- *                  TeletexString (SIZE (1..ub-organization-name-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXTeletexOrganizationName_Decode
- *  nssPKIXTeletexOrganizationName_CreateFromUTF8
- *  nssPKIXTeletexOrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-nssPKIXTeletexOrganizationName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-nssPKIXTeletexOrganizationName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATION_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationName_Encode
-(
-  NSSPKIXTeletexOrganizationName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexPersonalName ::= SET {
- *     surname [0] TeletexString (SIZE (1..ub-surname-length)),
- *     given-name [1] TeletexString
- *                  (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] TeletexString (SIZE
- *                  (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXTeletexPersonalName_Decode
- *  nssPKIXTeletexPersonalName_Create
- *  nssPKIXTeletexPersonalName_Destroy
- *  nssPKIXTeletexPersonalName_Encode
- *  nssPKIXTeletexPersonalName_GetSurname
- *  nssPKIXTeletexPersonalName_SetSurname
- *  nssPKIXTeletexPersonalName_HasGivenName
- *  nssPKIXTeletexPersonalName_GetGivenName
- *  nssPKIXTeletexPersonalName_SetGivenName
- *  nssPKIXTeletexPersonalName_RemoveGivenName
- *  nssPKIXTeletexPersonalName_HasInitials
- *  nssPKIXTeletexPersonalName_GetInitials
- *  nssPKIXTeletexPersonalName_SetInitials
- *  nssPKIXTeletexPersonalName_RemoveInitials
- *  nssPKIXTeletexPersonalName_HasGenerationQualifier
- *  nssPKIXTeletexPersonalName_GetGenerationQualifier
- *  nssPKIXTeletexPersonalName_SetGenerationQualifier
- *  nssPKIXTeletexPersonalName_RemoveGenerationQualifier
- *  nssPKIXTeletexPersonalName_Equal
- *  nssPKIXTeletexPersonalName_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXTeletexPersonalName_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *surname,
-  NSSUTF8 *givenNameOpt,
-  NSSUTF8 *initialsOpt,
-  NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_Destroy
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexPersonalName_Encode
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetSurname
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetSurname
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *surname
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *givenName
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveGivenName
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasInitials
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetInitials
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetInitials
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *initials
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveInitials
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSUTF8 *generationQualifier
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveGenerationQualifier
-(
-  NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_Equal
-(
-  NSSPKIXTeletexPersonalName *personalName1,
-  NSSPKIXTeletexPersonalName *personalName2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexPersonalName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Duplicate
-(
-  NSSPKIXTeletexPersonalName *personalName,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexPersonalName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexPersonalName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_verifyPointer
-(
-  NSSPKIXTeletexPersonalName *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- *          (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- * The private calls for the type:
- *
- *  nssPKIXTeletexOrganizationalUnitNames_Decode
- *  nssPKIXTeletexOrganizationalUnitNames_Create
- *  nssPKIXTeletexOrganizationalUnitNames_Destroy
- *  nssPKIXTeletexOrganizationalUnitNames_Encode
- *  nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *  nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *  nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *  nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *  nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *  nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *  nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *  nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *  nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *  nssPKIXTeletexOrganizationalUnitNames_Equal
- *  nssPKIXTeletexOrganizationalUnitNames_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXTeletexOrganizationalUnitNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTeletexOrganizationalUnitName *ou1,
-  ...
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_Destroy
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationalUnitNames_Encode
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXTeletexOrganizationalUnitName
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName **
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *ou[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  PRInt32 i
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  The index of the specified revoked certificate upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexOrganizationalUnitNames_Equal
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous1,
-  NSSPKIXTeletexOrganizationalUnitNames *ous2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Duplicate
-(
-  NSSPKIXTeletexOrganizationalUnitNames *ous,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexOrganizationalUnitNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexOrganizationalUnitNames
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_verifyPointer
-(
-  NSSPKIXTeletexOrganizationalUnitNames *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitName ::= TeletexString
- *                          (SIZE (1..ub-organizational-unit-name-length))
- *  
- * The private calls for this type:
- *
- *  nssPKIXTeletexOrganizationalUnitName_Decode
- *  nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *  nssPKIXTeletexOrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationalUnitName_Encode
-(
-  NSSPKIXTeletexOrganizationalUnitName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- * The private calls for this type:
- *
- *  nssPKIXPDSName_Decode
- *  nssPKIXPDSName_CreateFromUTF8
- *  nssPKIXPDSName_Encode
- *
- */
-
-/*
- * nssPKIXPDSName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-nssPKIXPDSName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPDSName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-nssPKIXPDSName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPDSName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPDSName_Encode
-(
-  NSSPKIXPDSName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PhysicalDeliveryCountryName ::= CHOICE {
- *     x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- *     iso-3166-alpha2-code PrintableString
- *                          (SIZE (ub-country-name-alpha-length)) }
- *
- * The private calls for this type:
- *
- *  nssPKIXPhysicalDeliveryCountryName_Decode
- *  nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *  nssPKIXPhysicalDeliveryCountryName_Encode
- *
- */
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-nssPKIXPhysicalDeliveryCountryName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PHYSICAL_DELIVERY_COUNTRY_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPhysicalDeliveryCountryName_Encode
-(
-  NSSPKIXPhysicalDeliveryCountryName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PostalCode ::= CHOICE {
- *     numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- *     printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- * The private calls for this type:
- *
- *  nssPKIXPostalCode_Decode
- *  nssPKIXPostalCode_CreateFromUTF8
- *  nssPKIXPostalCode_Encode
- *
- */
-
-/*
- * nssPKIXPostalCode_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPostalCode upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-nssPKIXPostalCode_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPostalCode_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPostalCode upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-nssPKIXPostalCode_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPostalCode_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POSTAL_CODE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPostalCode_Encode
-(
-  NSSPKIXPostalCode *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSParameter ::= SET {
- *     printable-string PrintableString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXPDSParameter_Decode
- *  nssPKIXPDSParameter_CreateFromUTF8
- *  nssPKIXPDSParameter_Create
- *  nssPKIXPDSParameter_Delete
- *  nssPKIXPDSParameter_Encode
- *  nssPKIXPDSParameter_GetUTF8Encoding
- *  nssPKIXPDSParameter_HasPrintableString
- *  nssPKIXPDSParameter_GetPrintableString
- *  nssPKIXPDSParameter_SetPrintableString
- *  nssPKIXPDSParameter_RemovePrintableString
- *  nssPKIXPDSParameter_HasTeletexString
- *  nssPKIXPDSParameter_GetTeletexString
- *  nssPKIXPDSParameter_SetTeletexString
- *  nssPKIXPDSParameter_RemoveTeletexString
- *  nssPKIXPDSParameter_Equal
- *  nssPKIXPDSParameter_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPDSParameter_verifyPointer
- */
-
-/*
- * nssPKIXPDSParameter_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPDSParameter_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPDSParameter_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *printableStringOpt,
-  NSSUTF8 *teletexStringOpt
-);
-
-/*
- * nssPKIXPDSParameter_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_Destroy
-(
-  NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPDSParameter_Encode
-(
-  NSSPKIXPDSParameter *p,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetUTF8Encoding
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_HasPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_HasPrintableString
-(
-  NSSPKIXPDSParameter *p,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetPrintableString
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_SetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_SetPrintableString
-(
-  NSSPKIXPDSParameter *p,
-  NSSUTF8 *printableString
-);
-
-/*
- * nssPKIXPDSParameter_RemovePrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_RemovePrintableString
-(
-  NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_HasTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_HasTeletexString
-(
-  NSSPKIXPDSParameter *p,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetTeletexString
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_SetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_SetTeletexString
-(
-  NSSPKIXPDSParameter *p,
-  NSSUTF8 *teletexString
-);
-
-/*
- * nssPKIXPDSParameter_RemoveTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_RemoveTeletexString
-(
-  NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_Equal
-(
-  NSSPKIXPDSParameter *p1,
-  NSSPKIXPDSParameter *p2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPDSParameter upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Duplicate
-(
-  NSSPKIXPDSParameter *p,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPDSParameter_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPDSParameter
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_verifyPointer
-(
-  NSSPKIXPDSParameter *p
-);
-#endif /* DEBUG */
-
-/*
- * fgmr: what about these PDS types?
- *
- * PhysicalDeliveryOfficeName
- *
- * PhysicalDeliveryOfficeNumber
- *
- * ExtensionORAddressComponents
- *
- * PhysicalDeliveryPersonalName
- *
- * PhysicalDeliveryOrganizationName
- *
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * StreetAddress
- *
- * PostOfficeBoxAddress
- *
- * PosteRestanteAddress
- *
- * UniquePostalName
- *
- * LocalPostalAttributes
- *
- */
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UnformattedPostalAddress ::= SET {
- *     printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- *             PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *           (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- * The private calls for the type:
- *
- *
- */
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtendedNetworkAddress ::= CHOICE {
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *     psap-address [0] PresentationAddress }
- *
- * The private calls for the type:
- *
- *  nssPKIXExtendedNetworkAddress_Decode
- *  nssPKIXExtendedNetworkAddress_Create
- *  nssPKIXExtendedNetworkAddress_Encode
- *  nssPKIXExtendedNetworkAddress_Destroy
- *  nssPKIXExtendedNetworkAddress_GetChoice
- *  nssPKIXExtendedNetworkAddress_Get
- *  nssPKIXExtendedNetworkAddress_GetE1634Address
- *  nssPKIXExtendedNetworkAddress_GetPsapAddress
- *  nssPKIXExtendedNetworkAddress_Set
- *  nssPKIXExtendedNetworkAddress_SetE163Address
- *  nssPKIXExtendedNetworkAddress_SetPsapAddress
- *  nssPKIXExtendedNetworkAddress_Equal
- *  nssPKIXExtendedNetworkAddress_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXExtendedNetworkAddress_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtendedNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXExtendedNetworkAddressChoice choice,
-  void *address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_CreateFromE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_CreateFromE1634Address
-(
-  NSSArena *arenaOpt,
-  NSSPKIXe1634Address *e1634address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_CreateFromPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_CreateFromPresentationAddress
-(
-  NSSArena *arenaOpt,
-  NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_Destroy
-(
-  NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtendedNetworkAddress_Encode
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * 
- * Return value:
- *  A valid element of the NSSPKIXExtendedNetworkAddressChoice upon
- *      success
- *  The value nssPKIXExtendedNetworkAddress_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddressChoice
-nssPKIXExtendedNetworkAddress_GetChoice
-(
-  NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- * 
- * Return value:
- *  A pointer...
- *  NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXExtendedNetworkAddress_GetSpecifiedChoice
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXExtendedNetworkAddressChoice which,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1643Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1643Address *
-nssPKIXExtendedNetworkAddress_GetE1634Address
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPresentationAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPresentationAddress *
-nssPKIXExtendedNetworkAddress_GetPresentationAddress
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetSpecifiedChoice
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXExtendedNetworkAddressChoice which,
-  void *address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetE163Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetE163Address
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXe1634Address *e1634address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetPresentationAddress
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtendedNetworkAddress_Equal
-(
-  NSSPKIXExtendedNetworkAddress *ena1,
-  NSSPKIXExtendedNetworkAddress *ena2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Duplicate
-(
-  NSSPKIXExtendedNetworkAddress *ena,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtendedNetworkAddress_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtendedNetworkAddress
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_verifyPointer
-(
-  NSSPKIXExtendedNetworkAddress *p
-);
-#endif /* DEBUG */
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- * 
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * 
- * The private calls for the type:
- *
- *  nssPKIXe1634Address_Decode
- *  nssPKIXe1634Address_Create
- *  nssPKIXe1634Address_Destroy
- *  nssPKIXe1634Address_Encode
- *  nssPKIXe1634Address_GetNumber
- *  nssPKIXe1634Address_SetNumber
- *  nssPKIXe1634Address_HasSubAddress
- *  nssPKIXe1634Address_GetSubAddress
- *  nssPKIXe1634Address_SetSubAddress
- *  nssPKIXe1634Address_RemoveSubAddress
- *  nssPKIXe1634Address_Equal
- *  nssPKIXe1634Address_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXe1634Address_verifyPointer
- *
- */
-
-/*
- * nssPKIXe1634Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1634Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXe1634Address_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1634Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *number,
-  NSSUTF8 *subAddressOpt
-);
-
-/*
- * nssPKIXe1634Address_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_Destroy
-(
-  NSSPKIXe1634Address *e
-);
-
-/*
- * nssPKIXe1634Address_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXe1634Address_Encode
-(
-  NSSPKIXe1634Address *e,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_GetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXe1634Address_GetNumber
-(
-  NSSPKIXe1634Address *e,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_SetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_SetNumber
-(
-  NSSPKIXe1634Address *e,
-  NSSUTF8 *number
-);
-
-/*
- * nssPKIXe1634Address_HasSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXe1634Address_HasSubAddress
-(
-  NSSPKIXe1634Address *e,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXe1634Address_GetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXe1634Address_GetSubAddress
-(
-  NSSPKIXe1634Address *e,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_SetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_SetSubAddress
-(
-  NSSPKIXe1634Address *e,
-  NSSUTF8 *subAddress
-);
-
-/*
- * nssPKIXe1634Address_RemoveSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_RemoveSubAddress
-(
-  NSSPKIXe1634Address *e
-);
-
-/*
- * nssPKIXe1634Address_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXe1634Address_Equal
-(
-  NSSPKIXe1634Address *e1,
-  NSSPKIXe1634Address *e2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXe1634Address_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXe1634Address upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Duplicate
-(
-  NSSPKIXe1634Address *e,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXe1634Address_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXe1634Address
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_verifyPointer
-(
-  NSSPKIXe1634Address *p
-);
-#endif /* DEBUG */
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PresentationAddress ::= SEQUENCE {
- *          pSelector       [0] EXPLICIT OCTET STRING OPTIONAL,
- *          sSelector       [1] EXPLICIT OCTET STRING OPTIONAL,
- *          tSelector       [2] EXPLICIT OCTET STRING OPTIONAL,
- *          nAddresses      [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- * The private calls for the type:
- *
- *  nssPKIXPresentationAddress_Decode
- *  nssPKIXPresentationAddress_Create
- *  nssPKIXPresentationAddress_Destroy
- *  nssPKIXPresentationAddress_Encode
- *  nssPKIXPresentationAddress_HasPSelector
- *  nssPKIXPresentationAddress_GetPSelector
- *  nssPKIXPresentationAddress_SetPSelector
- *  nssPKIXPresentationAddress_RemovePSelector
- *  nssPKIXPresentationAddress_HasSSelector
- *  nssPKIXPresentationAddress_GetSSelector
- *  nssPKIXPresentationAddress_SetSSelector
- *  nssPKIXPresentationAddress_RemoveSSelector
- *  nssPKIXPresentationAddress_HasTSelector
- *  nssPKIXPresentationAddress_GetTSelector
- *  nssPKIXPresentationAddress_SetTSelector
- *  nssPKIXPresentationAddress_RemoveTSelector
- *  nssPKIXPresentationAddress_HasNAddresses
- *  nssPKIXPresentationAddress_GetNAddresses
- *  nssPKIXPresentationAddress_SetNAddresses
- *  nssPKIXPresentationAddress_RemoveNAddresses
- *{NAddresses must be more complex than that}
- *  nssPKIXPresentationAddress_Compare
- *  nssPKIXPresentationAddress_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  _verifyPointer
- *
- */
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- *     (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- * 
- * The private calls for the type:
- *
- *  nssPKIXTeletexDomainDefinedAttributes_Decode
- *  nssPKIXTeletexDomainDefinedAttributes_Create
- *  nssPKIXTeletexDomainDefinedAttributes_Destroy
- *  nssPKIXTeletexDomainDefinedAttributes_Encode
- *  nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *  nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *  nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *  nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *  nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *  nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *  nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *  nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *  nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *  nssPKIXTeletexDomainDefinedAttributes_Equal
- *  nssPKIXTeletexDomainDefinedAttributes_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXTeletexDomainDefinedAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda1,
-  ...
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_Destroy
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexDomainDefinedAttributes_Encode
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXTeletexDomainDefinedAttribute
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute **
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  PRInt32 i
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * 
- * Return value:
- *  The nonnegative integer upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexDomainDefinedAttributes_Equal
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas1,
-  NSSPKIXTeletexDomainDefinedAttributes *tddas2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Duplicate
-(
-  NSSPKIXTeletexDomainDefinedAttributes *tddas,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexDomainDefinedAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_verifyPointer
-(
-  NSSPKIXTeletexDomainDefinedAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttribute ::= SEQUENCE {
- *          type TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-type-length)),
- *          value TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-value-length)) }
- * 
- * The private calls for the type:
- *
- *  nssPKIXTeletexDomainDefinedAttribute_Decode
- *  nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *  nssPKIXTeletexDomainDefinedAttribute_Create
- *  nssPKIXTeletexDomainDefinedAttribute_Destroy
- *  nssPKIXTeletexDomainDefinedAttribute_Encode
- *  nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *  nssPKIXTeletexDomainDefinedAttribute_GetType
- *  nssPKIXTeletexDomainDefinedAttribute_SetType
- *  nssPKIXTeletexDomainDefinedAttribute_GetValue
- *  nssPKIXTeletexDomainDefinedAttribute_GetValue
- *  nssPKIXTeletexDomainDefinedAttribute_Equal
- *  nssPKIXTeletexDomainDefinedAttribute_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXTeletexDomainDefinedAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *type,
-  NSSUTF8 *value
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_Destroy
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexDomainDefinedAttribute_Encode
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetType
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_SetType
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSUTF8 *type
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetValue
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_SetValue
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSUTF8 *value
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexDomainDefinedAttribute_Equal
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda1,
-  NSSPKIXTeletexDomainDefinedAttribute *tdda2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Duplicate
-(
-  NSSPKIXTeletexDomainDefinedAttribute *tdda,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexDomainDefinedAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_verifyPointer
-(
-  NSSPKIXTeletexDomainDefinedAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityKeyIdentifier ::= SEQUENCE {
- *        keyIdentifier             [0] KeyIdentifier            OPTIONAL,
- *        authorityCertIssuer       [1] GeneralNames             OPTIONAL,
- *        authorityCertSerialNumber [2] CertificateSerialNumber  OPTIONAL }
- *      -- authorityCertIssuer and authorityCertSerialNumber shall both
- *      -- be present or both be absent
- *
- * The private calls for the type:
- *
- *  nssPKIXAuthorityKeyIdentifier_Decode
- *  nssPKIXAuthorityKeyIdentifier_Create
- *  nssPKIXAuthorityKeyIdentifier_Destroy
- *  nssPKIXAuthorityKeyIdentifier_Encode
- *  nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *  nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *  nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *  nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *  nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *  nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *  nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *  nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *  nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *  nssPKIXAuthorityKeyIdentifier_Equal
- *  nssPKIXAuthorityKeyIdentifier_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXAuthorityKeyIdentifier_verifyPointer
- *
- */
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXKeyIdentifier *keyIdentifierOpt,
-  NSSPKIXGeneralNames *authorityCertIssuerOpt,
-  NSSPKIXCertificateSerialNumber *authorityCertSerialNumberOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_Destroy
-(
-  NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAuthorityKeyIdentifier_Encode
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXKeyIdentifier *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXKeyIdentifier *keyIdentifier
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
-(
-  NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if it has them
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXCertificateSerialNumber *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSPKIXGeneralNames *issuer,
-  NSSPKIXCertificateSerialNumber *serialNumber
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_Equal
-(
-  NSSPKIXAuthorityKeyIdentifier *aki1,
-  NSSPKIXAuthorityKeyIdentifier *aki2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Duplicate
-(
-  NSSPKIXAuthorityKeyIdentifier *aki,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAuthorityKeyIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAuthorityKeyIdentifier
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_verifyPointer
-(
-  NSSPKIXAuthorityKeyIdentifier *p
-);
-#endif /* DEBUG */
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  KeyUsage ::= BIT STRING {
- *       digitalSignature        (0),
- *       nonRepudiation          (1),
- *       keyEncipherment         (2),
- *       dataEncipherment        (3),
- *       keyAgreement            (4),
- *       keyCertSign             (5),
- *       cRLSign                 (6),
- *       encipherOnly            (7),
- *       decipherOnly            (8) }
- *
- * The private calls for the type:
- *
- *  nssPKIXKeyUsage_Decode
- *  nssPKIXKeyUsage_CreateFromUTF8
- *  nssPKIXKeyUsage_CreateFromValue
- *  nssPKIXKeyUsage_Destroy
- *  nssPKIXKeyUsage_Encode
- *  nssPKIXKeyUsage_GetUTF8Encoding
- *  nssPKIXKeyUsage_GetValue
- *  nssPKIXKeyUsage_SetValue
- *    { bitwise accessors? }
- *  nssPKIXKeyUsage_Equal
- *  nssPKIXKeyUsage_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXKeyUsage_verifyPointer
- *
- */
-
-/*
- * nssPKIXKeyUsage_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXKeyUsage_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXKeyUsage_CreateFromValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_CreateFromValue
-(
-  NSSArena *arenaOpt,
-  NSSPKIXKeyUsageValue value
-);
-
-/*
- * nssPKIXKeyUsage_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_Destroy
-(
-  NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * nssPKIXKeyUsage_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXKeyUsage_Encode
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXKeyUsage_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXKeyUsage_GetUTF8Encoding
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXKeyUsage_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  A set of NSSKeyUsageValue values OR-d together upon success
- *  NSSKeyUsage_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSKeyUsageValue
-nssPKIXKeyUsage_GetValue
-(
-  NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * nssPKIXKeyUsage_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_SetValue
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSPKIXKeyUsageValue value
-);
-
-/*
- * nssPKIXKeyUsage_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXKeyUsage_Equal
-(
-  NSSPKIXKeyUsage *keyUsage1,
-  NSSPKIXKeyUsage *keyUsage2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXKeyUsage_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXKeyUsage upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_Duplicate
-(
-  NSSPKIXKeyUsage *keyUsage,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXKeyUsage_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXKeyUsage
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_verifyPointer
-(
-  NSSPKIXKeyUsage *p
-);
-#endif /* DEBUG */
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PrivateKeyUsagePeriod ::= SEQUENCE {
- *       notBefore       [0]     GeneralizedTime OPTIONAL,
- *       notAfter        [1]     GeneralizedTime OPTIONAL }
- *       -- either notBefore or notAfter shall be present
- *
- * The private calls for the type:
- *
- *  nssPKIXPrivateKeyUsagePeriod_Decode
- *  nssPKIXPrivateKeyUsagePeriod_Create
- *  nssPKIXPrivateKeyUsagePeriod_Destroy
- *  nssPKIXPrivateKeyUsagePeriod_Encode
- *  nssPKIXPrivateKeyUsagePeriod_HasNotBefore
- *  nssPKIXPrivateKeyUsagePeriod_GetNotBefore
- *  nssPKIXPrivateKeyUsagePeriod_SetNotBefore
- *  nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *  nssPKIXPrivateKeyUsagePeriod_HasNotAfter
- *  nssPKIXPrivateKeyUsagePeriod_GetNotAfter
- *  nssPKIXPrivateKeyUsagePeriod_SetNotAfter
- *  nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *  nssPKIXPrivateKeyUsagePeriod_Equal
- *  nssPKIXPrivateKeyUsagePeriod_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPrivateKeyUsagePeriod_verifyPointer
- *
- */
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_TIME
- *  NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Create
-(
-  NSSArena *arenaOpt,
-  NSSTime *notBeforeOpt,
-  NSSTime *notAfterOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_Destroy
-(
-  NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPrivateKeyUsagePeriod_Encode
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_HasNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_HasNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- *  NSSTime {fgmr!}
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-nssPKIXPrivateKeyUsagePeriod_GetNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_SetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_TIME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_SetNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSTime *notBefore
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
-(
-  NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_HasNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_HasNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- *  NSSTime {fgmr!}
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-nssPKIXPrivateKeyUsagePeriod_GetNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_INVALID_TIME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_SetNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSTime *notAfter
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
-(
-  NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_Equal
-(
-  NSSPKIXPrivateKeyUsagePeriod *period1,
-  NSSPKIXPrivateKeyUsagePeriod *period2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Duplicate
-(
-  NSSPKIXPrivateKeyUsagePeriod *period,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPrivateKeyUsagePeriod_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPrivateKeyUsagePeriod
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_verifyPointer
-(
-  NSSPKIXPrivateKeyUsagePeriod *p
-);
-#endif /* DEBUG */
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * The private calls for the type:
- *
- *  nssPKIXCertificatePolicies_Decode
- *  nssPKIXCertificatePolicies_Create
- *  nssPKIXCertificatePolicies_Destroy
- *  nssPKIXCertificatePolicies_Encode
- *  nssPKIXCertificatePolicies_GetPolicyInformationCount
- *  nssPKIXCertificatePolicies_GetPolicyInformations
- *  nssPKIXCertificatePolicies_SetPolicyInformations
- *  nssPKIXCertificatePolicies_GetPolicyInformation
- *  nssPKIXCertificatePolicies_SetPolicyInformation
- *  nssPKIXCertificatePolicies_InsertPolicyInformation
- *  nssPKIXCertificatePolicies_AppendPolicyInformation
- *  nssPKIXCertificatePolicies_RemovePolicyInformation
- *  nssPKIXCertificatePolicies_FindPolicyInformation
- *  nssPKIXCertificatePolicies_Equal
- *  nssPKIXCertificatePolicies_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXCertificatePolicies_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificatePolicies_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificatePolicies upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCertificatePolicies_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificatePolicies upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXPolicyInformation *pi1,
-  ...
-);
-
-/*
- * nssPKIXCertificatePolicies_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_Destroy
-(
-  NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * nssPKIXCertificatePolicies_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificatePolicies_Encode
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformationCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCertificatePolicies_GetPolicyInformationCount
-(
-  NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformations
- *
- * We regret the function name.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXPolicyInformation pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation **
-nssPKIXCertificatePolicies_GetPolicyInformations
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_SetPolicyInformations
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_SetPolicyInformations
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *pi[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXCertificatePolicies_GetPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_SetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_SetPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_InsertPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_InsertPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_AppendPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_AppendPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_RemovePolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_RemovePolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  PRInt32 i
-);
-
-/*
- * nssPKIXCertificatePolicies_FindPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  The nonnegative integer upon success
- *  -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCertificatePolicies_FindPolicyInformation
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificatePolicies_Equal
-(
-  NSSPKIXCertificatePolicies *cp1,
-  NSSPKIXCertificatePolicies *cp2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXCertificatePolicies upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Duplicate
-(
-  NSSPKIXCertificatePolicies *cp,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificatePolicies_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificatePolicies
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_verifyPointer
-(
-  NSSPKIXCertificatePolicies *p
-);
-#endif /* DEBUG */
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyInformation ::= SEQUENCE {
- *       policyIdentifier   CertPolicyId,
- *       policyQualifiers   SEQUENCE SIZE (1..MAX) OF
- *               PolicyQualifierInfo OPTIONAL }
- *
- * The private calls for the type:
- *
- *  nssPKIXPolicyInformation_Decode
- *  nssPKIXPolicyInformation_Create
- *  nssPKIXPolicyInformation_Destroy
- *  nssPKIXPolicyInformation_Encode
- *  nssPKIXPolicyInformation_GetPolicyIdentifier
- *  nssPKIXPolicyInformation_SetPolicyIdentifier
- *  nssPKIXPolicyInformation_GetPolicyQualifierCount
- *  nssPKIXPolicyInformation_GetPolicyQualifiers
- *  nssPKIXPolicyInformation_SetPolicyQualifiers
- *  nssPKIXPolicyInformation_GetPolicyQualifier
- *  nssPKIXPolicyInformation_SetPolicyQualifier
- *  nssPKIXPolicyInformation_InsertPolicyQualifier
- *  nssPKIXPolicyInformation_AppendPolicyQualifier
- *  nssPKIXPolicyInformation_RemovePolicyQualifier
- *  nssPKIXPolicyInformation_Equal
- *  nssPKIXPolicyInformation_Duplicate
- *    { and accessors by specific policy qualifier ID }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPolicyInformation_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyInformation_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyInformation_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCertPolicyId *id,
-  NSSPKIXPolicyQualifierInfo *pqi1,
-  ...
-);
-
-/*
- * nssPKIXPolicyInformation_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_Destroy
-(
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyInformation_Encode
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid OID upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyInformation_GetPolicyIdentifier
-(
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyIdentifier
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSPKIXCertPolicyIdentifier *cpi
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifierCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyInformation_GetPolicyQualifierCount
-(
-  NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXPolicyQualifierInfo pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo **
-nssPKIXPolicyInformation_GetPolicyQualifiers
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSPKIXPolicyQualifierInfo *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyQualifiers
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSPKIXPolicyQualifierInfo *pqi[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyInformation_GetPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_InsertPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_InsertPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_AppendPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_AppendPolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i,
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_RemovePolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_RemovePolicyQualifier
-(
-  NSSPKIXPolicyInformation *pi,
-  PRInt32 i
-);
-
-/*
- * nssPKIXPolicyInformation_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyInformation_Equal
-(
-  NSSPKIXPolicyInformation *pi1,
-  NSSPKIXPolicyInformation *pi2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyInformation_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyInformation upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Duplicate
-(
-  NSSPKIXPolicyInformation *pi,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and accessors by specific policy qualifier ID }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyInformation_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyInformation
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_verifyPointer
-(
-  NSSPKIXPolicyInformation *p
-);
-#endif /* DEBUG */
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyQualifierInfo ::= SEQUENCE {
- *         policyQualifierId  PolicyQualifierId,
- *         qualifier        ANY DEFINED BY policyQualifierId }
- *
- * The private calls for the type:
- *
- *  nssPKIXPolicyQualifierInfo_Decode
- *  nssPKIXPolicyQualifierInfo_Create
- *  nssPKIXPolicyQualifierInfo_Destroy
- *  nssPKIXPolicyQualifierInfo_Encode
- *  nssPKIXPolicyQualifierInfo_GetPolicyQualifierID
- *  nssPKIXPolicyQualifierInfo_SetPolicyQualifierID
- *  nssPKIXPolicyQualifierInfo_GetQualifier
- *  nssPKIXPolicyQualifierInfo_SetQualifier
- *  nssPKIXPolicyQualifierInfo_Equal
- *  nssPKIXPolicyQualifierInfo_Duplicate
- *    { and accessors by specific qualifier id/type }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPolicyQualifierInfo_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyQualifierInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXPolicyQualifierId *policyQualifierId,
-  NSSItem *qualifier
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_Destroy
-(
-  NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyQualifierInfo_Encode
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_GetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierId (an NSSOID) upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierId *
-nssPKIXPolicyQualifierInfo_GetPolicyQualifierId
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_SetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_SetPolicyQualifierId
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSPKIXPolicyQualifierId *pqid
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_GetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXPolicyQualifierInfo_GetQualifier
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_SetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_SetQualifier
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSItem *qualifier
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyQualifierInfo_Equal
-(
-  NSSPKIXPolicyQualifierInfo *pqi1,
-  NSSPKIXPolicyQualifierInfo *pqi2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Duplicate
-(
-  NSSPKIXPolicyQualifierInfo *pqi,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and accessors by specific qualifier id/type }
- *
- */
-#ifdef DEBUG
-/*
- * nssPKIXPolicyQualifierInfo_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyQualifierInfo
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_verifyPointer
-(
-  NSSPKIXPolicyQualifierInfo *p
-);
-#endif /* DEBUG */
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CPSuri ::= IA5String
- *
- * The private calls for this type:
- *
- *  nssPKIXCPSuri_Decode
- *  nssPKIXCPSuri_CreateFromUTF8
- *  nssPKIXCPSuri_Encode
- *
- */
-
-/*
- * nssPKIXCPSuri_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCPSuri upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-nssPKIXCPSuri_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCPSuri_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCPSuri upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-nssPKIXCPSuri_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCPSuri_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CPS_URI
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCPSuri_Encode
-(
-  NSSPKIXCPSuri *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UserNotice ::= SEQUENCE {
- *       noticeRef        NoticeReference OPTIONAL,
- *       explicitText     DisplayText OPTIONAL}
- *
- * The private calls for this type:
- *
- *  nssPKIXUserNotice_Decode
- *  nssPKIXUserNotice_Create
- *  nssPKIXUserNotice_Destroy
- *  nssPKIXUserNotice_Encode
- *  nssPKIXUserNotice_HasNoticeRef
- *  nssPKIXUserNotice_GetNoticeRef
- *  nssPKIXUserNotice_SetNoticeRef
- *  nssPKIXUserNotice_RemoveNoticeRef
- *  nssPKIXUserNotice_HasExplicitText
- *  nssPKIXUserNotice_GetExplicitText
- *  nssPKIXUserNotice_SetExplicitText
- *  nssPKIXUserNotice_RemoveExplicitText
- *  nssPKIXUserNotice_Equal
- *  nssPKIXUserNotice_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXUserNotice_verifyPointer
- *
- */
-
-
-/*
- * nssPKIXUserNotice_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXUserNotice upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXUserNotice_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXUserNotice upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXNoticeReference *noticeRef,
-  NSSPKIXDisplayText *explicitText
-);
-
-/*
- * nssPKIXUserNotice_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_Destroy
-(
-  NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXUserNotice_Encode
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_HasNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_HasNoticeRef
-(
-  NSSPKIXUserNotice *userNotice,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_GetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NOTICE_REF
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXUserNotice_GetNoticeRef
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_SetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_SetNoticeRef
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSPKIXNoticeReference *noticeRef
-);
-
-/*
- * nssPKIXUserNotice_RemoveNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_HAS_NO_NOTICE_REF
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_RemoveNoticeRef
-(
-  NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_HasExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_TRUE if it has some
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_HasExplicitText
-(
-  NSSPKIXUserNotice *userNotice,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_GetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXUserNotice_GetExplicitText
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_SetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_SetExplicitText
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSPKIXDisplayText *explicitText
-);
-
-/*
- * nssPKIXUserNotice_RemoveExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_RemoveExplicitText
-(
-  NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_Equal
-(
-  NSSPKIXUserNotice *userNotice1,
-  NSSPKIXUserNotice *userNotice2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXUserNotice upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Duplicate
-(
-  NSSPKIXUserNotice *userNotice,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXUserNotice_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXUserNotice
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_verifyPointer
-(
-  NSSPKIXUserNotice *p
-);
-#endif /* DEBUG */
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NoticeReference ::= SEQUENCE {
- *       organization     DisplayText,
- *       noticeNumbers    SEQUENCE OF INTEGER }
- *
- * The private calls for this type:
- *
- *  nssPKIXNoticeReference_Decode
- *  nssPKIXNoticeReference_Create
- *  nssPKIXNoticeReference_Destroy
- *  nssPKIXNoticeReference_Encode
- *  nssPKIXNoticeReference_GetOrganization
- *  nssPKIXNoticeReference_SetOrganization
- *  nssPKIXNoticeReference_GetNoticeNumberCount
- *  nssPKIXNoticeReference_GetNoticeNumbers
- *  nssPKIXNoticeReference_SetNoticeNumbers
- *  nssPKIXNoticeReference_GetNoticeNumber
- *  nssPKIXNoticeReference_SetNoticeNumber
- *  nssPKIXNoticeReference_InsertNoticeNumber
- *  nssPKIXNoticeReference_AppendNoticeNumber
- *  nssPKIXNoticeReference_RemoveNoticeNumber
- *    { maybe number-exists-p gettor? }
- *  nssPKIXNoticeReference_Equal
- *  nssPKIXNoticeReference_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXNoticeReference_verifyPointer
- *
- */
-
-/*
- * nssPKIXNoticeReference_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXNoticeReference_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDisplayText *organization,
-  PRUint32 noticeCount,
-  PRInt32 noticeNumber1,
-  ...
-);
-
-/*
- * { fgmr -- or should the call that takes PRInt32 be _CreateFromValues,
- *  and the _Create call take NSSBER integers? }
- */
-
-/*
- * nssPKIXNoticeReference_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_Destroy
-(
-  NSSPKIXNoticeReference *nr
-);
-
-/*
- * nssPKIXNoticeReference_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNoticeReference_Encode
-(
-  NSSPKIXNoticeReference *nr,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_GetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXNoticeReference_GetOrganization
-(
-  NSSPKIXNoticeReference *nr,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_SetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetOrganization
-(
-  NSSPKIXNoticeReference *nr,
-  NSSPKIXDisplayText *organization
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumberCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXNoticeReference_GetNoticeNumberCount
-(
-  NSSPKIXNoticeReference *nr
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of PRInt32 values upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN PRInt32 *
-nssPKIXNoticeReference_GetNoticeNumbers
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_SetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetNoticeNumbers
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 noticeNumbers[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumber
- *
- * -- fgmr comments --
- * Because there is no natural "invalid" notice number value, we must
- * pass the number by reference, and return an explicit status value.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_POINTER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_GetNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i,
-  PRInt32 *noticeNumberP
-);
-  
-/*
- * nssPKIXNoticeReference_SetNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i,
-  PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_InsertNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_InsertNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i,
-  PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_AppendNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_AppendNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_RemoveNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_RemoveNoticeNumber
-(
-  NSSPKIXNoticeReference *nr,
-  PRInt32 i
-);
-
-/*
- *   { maybe number-exists-p gettor? }
- */
-
-/*
- * nssPKIXNoticeReference_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXNoticeReference_Equal
-(
-  NSSPKIXNoticeReference *nr1,
-  NSSPKIXNoticeReference *nr2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNoticeReference_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNoticeReference upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Duplicate
-(
-  NSSPKIXNoticeReference *nr,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXNoticeReference_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXNoticeReference
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_verifyPointer
-(
-  NSSPKIXNoticeReference *p
-);
-#endif /* DEBUG */
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DisplayText ::= CHOICE {
- *       visibleString    VisibleString  (SIZE (1..200)),
- *       bmpString        BMPString      (SIZE (1..200)),
- *       utf8String       UTF8String     (SIZE (1..200)) }
- * 
- * The private calls for this type:
- *
- *  nssPKIXDisplayText_Decode
- *  nssPKIXDisplayText_CreateFromUTF8
- *  nssPKIXDisplayText_Encode
- *
- */
-
-/*
- * nssPKIXDisplayText_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXDisplayText_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXDisplayText_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDisplayText upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXDisplayText_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXDisplayText_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDisplayText_Encode
-(
-  NSSPKIXDisplayText *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- * The private calls for this type:
- *
- *  nssPKIXPolicyMappings_Decode
- *  nssPKIXPolicyMappings_Create
- *  nssPKIXPolicyMappings_Destroy
- *  nssPKIXPolicyMappings_Encode
- *  nssPKIXPolicyMappings_GetPolicyMappingCount
- *  nssPKIXPolicyMappings_GetPolicyMappings
- *  nssPKIXPolicyMappings_SetPolicyMappings
- *  nssPKIXPolicyMappings_GetPolicyMapping
- *  nssPKIXPolicyMappings_SetPolicyMapping
- *  nssPKIXPolicyMappings_InsertPolicyMapping
- *  nssPKIXPolicyMappings_AppendPolicyMapping
- *  nssPKIXPolicyMappings_RemovePolicyMapping
- *  nssPKIXPolicyMappings_FindPolicyMapping
- *  nssPKIXPolicyMappings_Equal
- *  nssPKIXPolicyMappings_Duplicate
- *  nssPKIXPolicyMappings_IssuerDomainPolicyExists
- *  nssPKIXPolicyMappings_SubjectDomainPolicyExists
- *  nssPKIXPolicyMappings_FindIssuerDomainPolicy
- *  nssPKIXPolicyMappings_FindSubjectDomainPolicy
- *  nssPKIXPolicyMappings_MapIssuerToSubject
- *  nssPKIXPolicyMappings_MapSubjectToIssuer
- *    { find's and map's: what if there's more than one? }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPolicyMappings_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyMappings_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyMappings upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyMappings_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyMappings upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Decode
-(
-  NSSArena *arenaOpt,
-  NSSPKIXpolicyMapping *policyMapping1,
-  ...
-);
-
-/*
- * nssPKIXPolicyMappings_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_Destroy
-(
-  NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * nssPKIXPolicyMappings_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyMappings_Encode
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMappingCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_GetPolicyMappingCount
-(
-  NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXpolicyMapping pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping **
-nssPKIXPolicyMappings_GetPolicyMappings
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_SetPolicyMappings
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *policyMapping[]
-  PRInt32 count
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXPolicyMappings_GetPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_SetPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i,
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_InsertPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_InsertPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i,
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_AppendPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_AppendPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_RemovePolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_RemovePolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  PRInt32 i
-);
-
-/*
- * nssPKIXPolicyMappings_FindPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindPolicyMapping
-(
-  NSSPKIXPolicyMappings *policyMappings
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_Equal
-(
-  NSSPKIXPolicyMappings *policyMappings1,
-  NSSPKIXpolicyMappings *policyMappings2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyMappings upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Duplicate
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyMappings_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyMappings
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_verifyPointer
-(
-  NSSPKIXPolicyMappings *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXPolicyMappings_IssuerDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * 
- * Return value:
- *  PR_TRUE if the specified domain policy OID exists
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_IssuerDomainPolicyExists
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SubjectDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * 
- * Return value:
- *  PR_TRUE if the specified domain policy OID exists
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_SubjectDomainPolicyExists
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *subjectDomainPolicy,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_FindIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindIssuerDomainPolicy
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_FindSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindSubjectDomainPolicy
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_MapIssuerToSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyMappings_MapIssuerToSubject
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_MapSubjectToIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NOT_FOUND
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyMappings_MapSubjectToIssuer
-(
-  NSSPKIXPolicyMappings *policyMappings,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- *                                               SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- * The private calls for this type:
- *
- *  nssPKIXpolicyMapping_Decode
- *  nssPKIXpolicyMapping_Create
- *  nssPKIXpolicyMapping_Destroy
- *  nssPKIXpolicyMapping_Encode
- *  nssPKIXpolicyMapping_GetIssuerDomainPolicy
- *  nssPKIXpolicyMapping_SetIssuerDomainPolicy
- *  nssPKIXpolicyMapping_GetSubjectDomainPolicy
- *  nssPKIXpolicyMapping_SetSubjectDomainPolicy
- *  nssPKIXpolicyMapping_Equal
- *  nssPKIXpolicyMapping_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXpolicyMapping_verifyPointer
- *
- */
-
-/*
- * nssPKIXpolicyMapping_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXpolicyMapping_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXCertPolicyId *issuerDomainPolicy,
-  NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_Destroy
-(
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXpolicyMapping_Encode
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXpolicyMapping_GetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId OID upon success
- *  NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXpolicyMapping_GetIssuerDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_SetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_SetIssuerDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_GetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCertPolicyId OID upon success
- *  NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXpolicyMapping_GetSubjectDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_SetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_SetSubjectDomainPolicy
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXpolicyMapping_Equal
-(
-  NSSPKIXpolicyMapping *policyMapping1,
-  NSSPKIXpolicyMapping *policyMapping2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXpolicyMapping_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXpolicyMapping upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Duplicate
-(
-  NSSPKIXpolicyMapping *policyMapping,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXpolicyMapping_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXpolicyMapping
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_verifyPointer
-(
-  NSSPKIXpolicyMapping *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- *  GeneralName ::= CHOICE {
- *       otherName                       [0]     AnotherName,
- *       rfc822Name                      [1]     IA5String,
- *       dNSName                         [2]     IA5String,
- *       x400Address                     [3]     ORAddress,
- *       directoryName                   [4]     Name,
- *       ediPartyName                    [5]     EDIPartyName,
- *       uniformResourceIdentifier       [6]     IA5String,
- *       iPAddress                       [7]     OCTET STRING,
- *       registeredID                    [8]     OBJECT IDENTIFIER }
- *
- * The private calls for this type:
- *
- *  nssPKIXGeneralName_Decode
- *  nssPKIXGeneralName_CreateFromUTF8
- *  nssPKIXGeneralName_Create
- *  nssPKIXGeneralName_CreateFromOtherName
- *  nssPKIXGeneralName_CreateFromRfc822Name
- *  nssPKIXGeneralName_CreateFromDNSName
- *  nssPKIXGeneralName_CreateFromX400Address
- *  nssPKIXGeneralName_CreateFromDirectoryName
- *  nssPKIXGeneralName_CreateFromEDIPartyName
- *  nssPKIXGeneralName_CreateFromUniformResourceIdentifier
- *  nssPKIXGeneralName_CreateFromIPAddress
- *  nssPKIXGeneralName_CreateFromRegisteredID
- *  nssPKIXGeneralName_Destroy
- *  nssPKIXGeneralName_Encode
- *  nssPKIXGeneralName_GetUTF8Encoding
- *  nssPKIXGeneralName_GetChoice
- *  nssPKIXGeneralName_GetOtherName
- *  nssPKIXGeneralName_GetRfc822Name
- *  nssPKIXGeneralName_GetDNSName
- *  nssPKIXGeneralName_GetX400Address
- *  nssPKIXGeneralName_GetDirectoryName
- *  nssPKIXGeneralName_GetEDIPartyName
- *  nssPKIXGeneralName_GetUniformResourceIdentifier
- *  nssPKIXGeneralName_GetIPAddress
- *  nssPKIXGeneralName_GetRegisteredID
- *  nssPKIXGeneralName_GetSpecifiedChoice
- *  nssPKIXGeneralName_Equal
- *  nssPKIXGeneralName_Duplicate
- *  (in pki1 I had specific attribute value gettors here too)
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXGeneralName_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXGeneralName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INVALID_OID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralNameChoice choice,
-  void *content
-);
-
-/*
- * nssPKIXGeneralName_CreateFromOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromOtherName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAnotherName *otherName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromRfc822Name
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *rfc822Name
-);
-
-/*
- * nssPKIXGeneralName_CreateFromDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromDNSName
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *dNSName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromX400Address
-(
-  NSSArena *arenaOpt,
-  NSSPKIXORAddress *x400Address
-);
-
-/*
- * nssPKIXGeneralName_CreateFromDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromDirectoryName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXName *directoryName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromEDIPartyName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXEDIPartyName *ediPartyname
-);
-
-/*
- * nssPKIXGeneralName_CreateFromUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_IA5_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromUniformResourceIdentifier
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *uniformResourceIdentifier
-);
-
-/*
- * nssPKIXGeneralName_CreateFromIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromIPAddress
-(
-  NSSArena *arenaOpt,
-  NSSItem *iPAddress
-);
-
-/*
- * nssPKIXGeneralName_CreateFromRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromRegisteredID
-(
-  NSSArena *arenaOpt,
-  NSSOID *registeredID
-);
-
-/*
- * nssPKIXGeneralName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralName_Destroy
-(
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralName_Encode
-(
-  NSSPKIXGeneralName *generalName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetUTF8Encoding
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  A valid NSSPKIXGeneralNameChoice value upon success
- *  NSSPKIXGeneralNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNameChoice
-nssPKIXGeneralName_GetChoice
-(
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_GetOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXGeneralName_GetOtherName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetRfc822Name
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetDNSName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXORAddress upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXGeneralName_GetX400Address
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXGeneralName_GetDirectoryName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXGeneralName_GetEDIPartyName
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetUniformResourceIdentifier
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXGeneralName_GetIPAddress
-(
-  NSSPKIXGeneralName *generalName,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSOID upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXGeneralName_GetRegisteredID
-(
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXGeneralName_GetSpecifiedChoice
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralName_Equal
-(
-  NSSPKIXGeneralName *generalName1,
-  NSSPKIXGeneralName *generalName2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Duplicate
-(
-  NSSPKIXGeneralName *generalName,
-  NSSArena *arenaOpt
-);
-
-/*
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralName_verifyPointer
-(
-  NSSPKIXGeneralName *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- *  GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * The private calls for this type:
- *
- *  nssPKIXGeneralNames_Decode
- *  nssPKIXGeneralNames_Create
- *  nssPKIXGeneralNames_Destroy
- *  nssPKIXGeneralNames_Encode
- *  nssPKIXGeneralNames_GetGeneralNameCount
- *  nssPKIXGeneralNames_GetGeneralNames
- *  nssPKIXGeneralNames_SetGeneralNames
- *  nssPKIXGeneralNames_GetGeneralName
- *  nssPKIXGeneralNames_SetGeneralName
- *  nssPKIXGeneralNames_InsertGeneralName
- *  nssPKIXGeneralNames_AppendGeneralName
- *  nssPKIXGeneralNames_RemoveGeneralName
- *  nssPKIXGeneralNames_FindGeneralName
- *  nssPKIXGeneralNames_Equal
- *  nssPKIXGeneralNames_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXGeneralNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralName *generalName1,
-  ...
-);
-
-/*
- * nssPKIXGeneralNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_Destroy
-(
-  NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * nssPKIXGeneralNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralNames_Encode
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralNames_GetGeneralNameCount
-(
-  NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXGeneralName pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName **
-nssPKIXGeneralNames_GetGeneralNames
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_SetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_SetGeneralNames
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *generalName[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralNames_GetGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_SetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_SetGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_InsertGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_InsertGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_AppendGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_AppendGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_RemoveGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_RemoveGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  PRInt32 i
-);
-
-/*
- * nssPKIXGeneralNames_FindGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralNames_FindGeneralName
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralNames_Equal
-(
-  NSSPKIXGeneralNames *generalNames1,
-  NSSPKIXGeneralNames *generalNames2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Duplicate
-(
-  NSSPKIXGeneralNames *generalNames,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralNames
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_verifyPointer
-(
-  NSSPKIXGeneralNames *p
-);
-#endif /* DEBUG */
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AnotherName ::= SEQUENCE {
- *       type-id    OBJECT IDENTIFIER,
- *       value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * The private calls for this type:
- *
- *  nssPKIXAnotherName_Decode
- *  nssPKIXAnotherName_Create
- *  nssPKIXAnotherName_Destroy
- *  nssPKIXAnotherName_Encode
- *  nssPKIXAnotherName_GetTypeId
- *  nssPKIXAnotherName_SetTypeId
- *  nssPKIXAnotherName_GetValue
- *  nssPKIXAnotherName_SetValue
- *  nssPKIXAnotherName_Equal
- *  nssPKIXAnotherName_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXAnotherName_verifyPointer
- *
- */
-
-/*
- * nssPKIXAnotherName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAnotherName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *typeId,
-  NSSItem *value
-);
-
-/*
- * nssPKIXAnotherName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_Destroy
-(
-  NSSPKIXAnotherName *anotherName
-);
-
-/*
- * nssPKIXAnotherName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAnotherName_Encode
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAnotherName_GetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSOID upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAnotherName_GetTypeId
-(
-  NSSPKIXAnotherName *anotherName
-);
-
-/*
- * nssPKIXAnotherName_SetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_SetTypeId
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSOID *typeId
-);
-
-/*
- * nssPKIXAnotherName_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXAnotherName_GetValue
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAnotherName_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ITEM
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_SetValue
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSItem *value
-);
-
-/*
- * nssPKIXAnotherName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAnotherName_Equal
-(
-  NSSPKIXAnotherName *anotherName1,
-  NSSPKIXAnotherName *anotherName2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAnotherName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAnotherName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Duplicate
-(
-  NSSPKIXAnotherName *anotherName,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAnotherName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAnotherName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_verifyPointer
-(
-  NSSPKIXAnotherName *p
-);
-#endif /* DEBUG */
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- *  EDIPartyName ::= SEQUENCE {
- *       nameAssigner            [0]     DirectoryString OPTIONAL,
- *       partyName               [1]     DirectoryString }
- *
- * The private calls for this type:
- *
- *  nssPKIXEDIPartyName_Decode
- *  nssPKIXEDIPartyName_Create
- *  nssPKIXEDIPartyName_Destroy
- *  nssPKIXEDIPartyName_Encode
- *  nssPKIXEDIPartyName_HasNameAssigner
- *  nssPKIXEDIPartyName_GetNameAssigner
- *  nssPKIXEDIPartyName_SetNameAssigner
- *  nssPKIXEDIPartyName_RemoveNameAssigner
- *  nssPKIXEDIPartyName_GetPartyName
- *  nssPKIXEDIPartyName_SetPartyName
- *  nssPKIXEDIPartyName_Equal
- *  nssPKIXEDIPartyName_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXEDIPartyName_verifyPointer
- *
- */
-
-/*
- * nssPKIXEDIPartyName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXEDIPartyName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Create
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *nameAssignerOpt,
-  NSSUTF8 *partyName
-);
-
-/*
- * nssPKIXEDIPartyName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_Destroy
-(
-  NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXEDIPartyName_Encode
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_HasNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXEDIPartyName_HasNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_GetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_HAS_NO_NAME_ASSIGNER
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXEDIPartyName_GetNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_SetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_SetNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSUTF8 *nameAssigner
-);
-
-/*
- * nssPKIXEDIPartyName_RemoveNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_HAS_NO_NAME_ASSIGNER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_RemoveNameAssigner
-(
-  NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_GetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSUTF8 string upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXEDIPartyName_GetPartyName
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_SetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_STRING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_SetPartyName
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSUTF8 *partyName
-);
-
-/*
- * nssPKIXEDIPartyName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXEDIPartyName_Equal
-(
-  NSSPKIXEDIPartyName *ediPartyName1,
-  NSSPKIXEDIPartyName *ediPartyName2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXEDIPartyName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXEDIPartyName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Duplicate
-(
-  NSSPKIXEDIPartyName *ediPartyName,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXEDIPartyName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXEDIPartyName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_verifyPointer
-(
-  NSSPKIXEDIPartyName *p
-);
-#endif /* DEBUG */
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- * The private calls for this type:
- *
- *  nssPKIXSubjectDirectoryAttributes_Decode
- *  nssPKIXSubjectDirectoryAttributes_Create
- *  nssPKIXSubjectDirectoryAttributes_Destroy
- *  nssPKIXSubjectDirectoryAttributes_Encode
- *  nssPKIXSubjectDirectoryAttributes_GetAttributeCount
- *  nssPKIXSubjectDirectoryAttributes_GetAttributes
- *  nssPKIXSubjectDirectoryAttributes_SetAttributes
- *  nssPKIXSubjectDirectoryAttributes_GetAttribute
- *  nssPKIXSubjectDirectoryAttributes_SetAttribute
- *  nssPKIXSubjectDirectoryAttributes_InsertAttribute
- *  nssPKIXSubjectDirectoryAttributes_AppendAttribute
- *  nssPKIXSubjectDirectoryAttributes_RemoveAttribute
- *  nssPKIXSubjectDirectoryAttributes_FindAttribute
- *  nssPKIXSubjectDirectoryAttributes_Equal
- *  nssPKIXSubjectDirectoryAttributes_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXSubjectDirectoryAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon 
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon 
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttribute *attribute1,
-  ...
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_Destroy
-(
-  NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXSubjectDirectoryAttributes_Encode
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXSubjectDirectoryAttributes_GetAttributeCount
-(
-  NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXAttribute pointers upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttribute **
-nssPKIXSubjectDirectoryAttributes_GetAttributes
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSPKIXAttribute *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_SetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_SetAttributes
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSAttribute *attributes[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon error
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXSubjectDirectoryAttributes_GetAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_SetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_SetAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_InsertAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_InsertAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_AppendAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_AppendAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_RemoveAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_RemoveAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  PRInt32 i
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_FindAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ATTRIBUTE
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXSubjectDirectoryAttributes_FindAttribute
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXSubjectDirectoryAttributes_Equal
-(
-  NSSPKIXSubjectDirectoryAttributes *sda1,
-  NSSPKIXSubjectDirectoryAttributes *sda2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon 
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Duplicate
-(
-  NSSPKIXSubjectDirectoryAttributes *sda,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXSubjectDirectoryAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXSubjectDirectoryAttributes
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_verifyPointer
-(
-  NSSPKIXSubjectDirectoryAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BasicConstraints ::= SEQUENCE {
- *       cA                      BOOLEAN DEFAULT FALSE,
- *       pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXBasicConstraints_Decode
- *  nssPKIXBasicConstraints_Create
- *  nssPKIXBasicConstraints_Destroy
- *  nssPKIXBasicConstraints_Encode
- *  nssPKIXBasicConstraints_GetCA
- *  nssPKIXBasicConstraints_SetCA 
- *  nssPKIXBasicConstraints_HasPathLenConstraint
- *  nssPKIXBasicConstraints_GetPathLenConstraint
- *  nssPKIXBasicConstraints_SetPathLenConstraint
- *  nssPKIXBasicConstraints_RemovePathLenConstraint
- *  nssPKIXBasicConstraints_Equal
- *  nssPKIXBasicConstraints_Duplicate
- *  nssPKIXBasicConstraints_CompareToPathLenConstraint
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXBasicConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXBasicConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBasicConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXBasicConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBasicConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Create
-(
-  NSSArena *arenaOpt,
-  PRBool ca,
-  PRInt32 pathLenConstraint
-);
-
-/*
- * nssPKIXBasicConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_Destroy
-(
-  NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBasicConstraints_Encode
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBasicConstraints_GetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the CA bit is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_GetCA
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_SetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_SetCA
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRBool ca
-);
-
-/*
- * nssPKIXBasicConstraints_HasPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_HasPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_GetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBasicConstraints_GetPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_SetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_SetPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRInt32 pathLenConstraint
-);
-
-/*
- * nssPKIXBasicConstraints_RemovePathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_RemovePathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_Equal
-(
-  NSSPKIXBasicConstraints *basicConstraints1,
-  NSSPKIXBasicConstraints *basicConstraints2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXBasicConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Duplicate
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBasicConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBasicConstraints
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_verifyPointer
-(
-  NSSPKIXBasicConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * 
- * Return value:
- *  1 if the specified value is greater than the pathLenConstraint
- *  0 if the specified value equals the pathLenConstraint
- *  -1 if the specified value is less than the pathLenConstraint
- *  -2 upon error
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBasicConstraints_CompareToPathLenConstraint
-(
-  NSSPKIXBasicConstraints *basicConstraints,
-  PRInt32 value
-);
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NameConstraints ::= SEQUENCE {
- *       permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
- *       excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXNameConstraints_Decode
- *  nssPKIXNameConstraints_Create
- *  nssPKIXNameConstraints_Destroy
- *  nssPKIXNameConstraints_Encode
- *  nssPKIXNameConstraints_HasPermittedSubtrees
- *  nssPKIXNameConstraints_GetPermittedSubtrees
- *  nssPKIXNameConstraints_SetPermittedSubtrees
- *  nssPKIXNameConstraints_RemovePermittedSubtrees
- *  nssPKIXNameConstraints_HasExcludedSubtrees
- *  nssPKIXNameConstraints_GetExcludedSubtrees
- *  nssPKIXNameConstraints_SetExcludedSubtrees
- *  nssPKIXNameConstraints_RemoveExcludedSubtrees
- *  nssPKIXNameConstraints_Equal
- *  nssPKIXNameConstraints_Duplicate
- *    { and the comparator functions }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXNameConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXNameConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNameConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXNameConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNameConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralSubtrees *permittedSubtrees,
-  NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_Destroy
-(
-  NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNameConstraints_Encode
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_HasPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_HasPermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_GetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXNameConstraints_GetPermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_SetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_SetPermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSPKIXGeneralSubtrees *permittedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_RemovePermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_RemovePermittedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_HasExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_HasExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_GetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXNameConstraints_GetExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_SetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_SetExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_RemoveExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_RemoveExcludedSubtrees
-(
-  NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_Equal
-(
-  NSSPKIXNameConstraints *nameConstraints1,
-  NSSPKIXNameConstraints *nameConstraints2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXNameConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Duplicate
-(
-  NSSPKIXNameConstraints *nameConstraints,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and the comparator functions }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXNameConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXNameConstraints
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_verifyPointer
-(
-  NSSPKIXNameConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- * The private calls for this type:
- *
- *  nssPKIXGeneralSubtrees_Decode
- *  nssPKIXGeneralSubtrees_Create
- *  nssPKIXGeneralSubtrees_Destroy
- *  nssPKIXGeneralSubtrees_Encode
- *  nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *  nssPKIXGeneralSubtrees_GetGeneralSubtrees
- *  nssPKIXGeneralSubtrees_SetGeneralSubtrees
- *  nssPKIXGeneralSubtrees_GetGeneralSubtree
- *  nssPKIXGeneralSubtrees_SetGeneralSubtree
- *  nssPKIXGeneralSubtrees_InsertGeneralSubtree
- *  nssPKIXGeneralSubtrees_AppendGeneralSubtree
- *  nssPKIXGeneralSubtrees_RemoveGeneralSubtree
- *  nssPKIXGeneralSubtrees_FindGeneralSubtree
- *  nssPKIXGeneralSubtrees_Equal
- *  nssPKIXGeneralSubtrees_Duplicate
- *    { and finders and comparators }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXGeneralSubtrees_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralSubtrees_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralSubtrees_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralSubtree *generalSubtree1,
-  ...
-);
-
-/*
- * nssPKIXGeneralSubtrees_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_Destroy
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * nssPKIXGeneralSubtrees_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralSubtrees_Encode
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXGeneralSubtree pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree **
-nssPKIXGeneralSubtrees_GetGeneralSubtrees
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_SetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_SetGeneralSubtrees
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *generalSubtree[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtrees_GetGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_SetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_SetGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_InsertGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_InsertGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_AppendGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_AppendGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_RemoveGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_RemoveGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  PRInt32 i
-);
-
-/*
- * nssPKIXGeneralSubtrees_FindGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralSubtrees_FindGeneralSubtree
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtrees_Equal
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees1,
-  NSSPKIXGeneralSubtrees *generalSubtrees2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtrees upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Duplicate
-(
-  NSSPKIXGeneralSubtrees *generalSubtrees,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { and finders and comparators }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralSubtrees_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralSubtrees
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_verifyPointer
-(
-  NSSPKIXGeneralSubtrees *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtree ::= SEQUENCE {
- *       base                    GeneralName,
- *       minimum         [0]     BaseDistance DEFAULT 0,
- *       maximum         [1]     BaseDistance OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXGeneralSubtree_Decode
- *  nssPKIXGeneralSubtree_Create
- *  nssPKIXGeneralSubtree_Destroy
- *  nssPKIXGeneralSubtree_Encode
- *  nssPKIXGeneralSubtree_GetBase
- *  nssPKIXGeneralSubtree_SetBase
- *  nssPKIXGeneralSubtree_GetMinimum
- *  nssPKIXGeneralSubtree_SetMinimum
- *  nssPKIXGeneralSubtree_HasMaximum
- *  nssPKIXGeneralSubtree_GetMaximum
- *  nssPKIXGeneralSubtree_SetMaximum
- *  nssPKIXGeneralSubtree_RemoveMaximum
- *  nssPKIXGeneralSubtree_Equal
- *  nssPKIXGeneralSubtree_Duplicate
- *  nssPKIXGeneralSubtree_DistanceInRange
- *    {other tests and comparators}
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXGeneralSubtree_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralSubtree_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralSubtree_Create
- *
- * -- fgmr comments --
- * The optional maximum value may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXBaseDistance minimum,
-  NSSPKIXBaseDistance maximumOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_Destroy
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralSubtree_Encode
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_GetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralSubtree_GetBase
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_SetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetBase
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXGeneralName *base
-);
-
-/*
- * nssPKIXGeneralSubtree_GetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-nssPKIXGeneralSubtree_GetMinimum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_SetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetMinimum
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXBaseDistance *minimum
-);
-
-/*
- * nssPKIXGeneralSubtree_HasMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_HasMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_GetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-nssPKIXGeneralSubtree_GetMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_SetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXBaseDistance *maximum
-);
-
-/*
- * nssPKIXGeneralSubtree_RemoveMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_RemoveMaximum
-(
-  NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_Equal
-(
-  NSSPKIXGeneralSubtree *generalSubtree1,
-  NSSPKIXGeneralSubtree *generalSubtree2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralSubtree upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Duplicate
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralSubtree_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralSubtree
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_verifyPointer
-(
-  NSSPKIXGeneralSubtree *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXGeneralSubtree_DistanceInRange
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_TRUE if the specified value is within the minimum and maximum
- *      base distances
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_DistanceInRange
-(
-  NSSPKIXGeneralSubtree *generalSubtree,
-  NSSPKIXBaseDistance value,
-  PRStatus *statusOpt
-);
-
-/*
- *   {other tests and comparators}
- *
- */
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyConstraints ::= SEQUENCE {
- *       requireExplicitPolicy           [0] SkipCerts OPTIONAL,
- *       inhibitPolicyMapping            [1] SkipCerts OPTIONAL }
- * 
- * The private calls for this type:
- *
- *  nssPKIXPolicyConstraints_Decode
- *  nssPKIXPolicyConstraints_Create
- *  nssPKIXPolicyConstraints_Destroy
- *  nssPKIXPolicyConstraints_Encode
- *  nssPKIXPolicyConstraints_HasRequireExplicitPolicy
- *  nssPKIXPolicyConstraints_GetRequireExplicitPolicy
- *  nssPKIXPolicyConstraints_SetRequireExplicitPolicy
- *  nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *  nssPKIXPolicyConstraints_HasInhibitPolicyMapping
- *  nssPKIXPolicyConstraints_GetInhibitPolicyMapping
- *  nssPKIXPolicyConstraints_SetInhibitPolicyMapping
- *  nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *  nssPKIXPolicyConstraints_Equal
- *  nssPKIXPolicyConstraints_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXPolicyConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyConstraints_Create
- *
- * -- fgmr comments --
- * The optional values may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXSkipCerts requireExplicitPolicy,
-  NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * nssPKIXPolicyConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_Destroy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyConstraints_Encode
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyConstraints_HasRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_HasRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_GetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyConstraints_GetRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_SetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_SetRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSPKIXSkipCerts requireExplicitPolicy
-);
-
-/*
- * nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_HasInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_HasInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_GetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyConstraints_GetInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_SetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_INVALID_VALUE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_SetInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
-(
-  NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_Equal
-(
-  NSSPKIXPolicyConstraints *policyConstraints1,
-  NSSPKIXPolicyConstraints *policyConstraints2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXPolicyConstraints upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Duplicate
-(
-  NSSPKIXPolicyConstraints *policyConstraints,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyConstraints
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_verifyPointer
-(
-  NSSPKIXPolicyConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- * The private calls for this type:
- *
- *  nssPKIXCRLDistPointsSyntax_Decode
- *  nssPKIXCRLDistPointsSyntax_Create
- *  nssPKIXCRLDistPointsSyntax_Destroy
- *  nssPKIXCRLDistPointsSyntax_Encode
- *  nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *  nssPKIXCRLDistPointsSyntax_GetDistributionPoints
- *  nssPKIXCRLDistPointsSyntax_SetDistributionPoints
- *  nssPKIXCRLDistPointsSyntax_GetDistributionPoint
- *  nssPKIXCRLDistPointsSyntax_SetDistributionPoint
- *  nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *  nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *  nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *  nssPKIXCRLDistPointsSyntax_FindDistributionPoint
- *  nssPKIXCRLDistPointsSyntax_Equal
- *  nssPKIXCRLDistPointsSyntax_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXCRLDistPointsSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXCRLDistPointsSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPoint *distributionPoint1,
-  ...
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_Destroy
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCRLDistPointsSyntax_Encode
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXDistributionPoint pointers 
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoints **
-nssPKIXCRLDistPointsSyntax_GetDistributionPoints
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSDistributionPoint *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_SetDistributionPoints
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSDistributionPoint *distributionPoint[]
-  PRInt32 count
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXCRLDistPointsSyntax_GetDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_SetDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  PRInt32 i,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  PRInt32 i,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  PRInt32 i
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_FindDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCRLDistPointsSyntax_FindDistributionPoint
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCRLDistPointsSyntax_Equal
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax1,
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Duplicate
-(
-  NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCRLDistPointsSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCRLDistPointsSyntax
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_verifyPointer
-(
-  NSSPKIXCRLDistPointsSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0]     DistributionPointName OPTIONAL,
- *       reasons                 [1]     ReasonFlags OPTIONAL,
- *       cRLIssuer               [2]     GeneralNames OPTIONAL }
- *
- * The private calls for this type:
- *
- *  nssPKIXDistributionPoint_Decode
- *  nssPKIXDistributionPoint_Create
- *  nssPKIXDistributionPoint_Destroy
- *  nssPKIXDistributionPoint_Encode
- *  nssPKIXDistributionPoint_HasDistributionPoint
- *  nssPKIXDistributionPoint_GetDistributionPoint
- *  nssPKIXDistributionPoint_SetDistributionPoint
- *  nssPKIXDistributionPoint_RemoveDistributionPoint
- *  nssPKIXDistributionPoint_HasReasons
- *  nssPKIXDistributionPoint_GetReasons
- *  nssPKIXDistributionPoint_SetReasons
- *  nssPKIXDistributionPoint_RemoveReasons
- *  nssPKIXDistributionPoint_HasCRLIssuer
- *  nssPKIXDistributionPoint_GetCRLIssuer
- *  nssPKIXDistributionPoint_SetCRLIssuer
- *  nssPKIXDistributionPoint_RemoveCRLIssuer
- *  nssPKIXDistributionPoint_Equal
- *  nssPKIXDistributionPoint_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXDistributionPoint_verifyPointer
- *
- */
-
-/*
- * nssPKIXDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPointName *distributionPoint,
-  NSSPKIXReasonFlags reasons,
-  NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * nssPKIXDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_Destroy
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDistributionPoint_Encode
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPoint_GetDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSPKIXDistributionPointName *name
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveDistributionPoint
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_HasReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetReasons
- *
- * It is unlikely that the reason flags are all zero; so zero is
- * returned in error situations.
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_REASONS
- * 
- * Return value:
- *  A valid nonzero NSSPKIXReasonFlags value upon success
- *  A valid zero NSSPKIXReasonFlags if the value is indeed zero
- *  Zero upon error
- */
-
-NSS_EXTERN NSSPKIXReasonFlags
-nssPKIXDistributionPoint_GetReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSPKIXReasonFlags reasons
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_REASONS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveReasons
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_HasCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_CRL_ISSUER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXDistributionPoint_GetCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_CRL_ISSUER
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveCRLIssuer
-(
-  NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_Equal
-(
-  NSSPKIXDistributionPoint *distributionPoint1,
-  NSSPKIXDistributionPoint *distributionPoint2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Duplicate
-(
-  NSSPKIXDistributionPoint *distributionPoint,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXDistributionPoint_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXDistributionPoint
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_verifyPointer
-(
-  NSSPKIXDistributionPoint *p
-);
-#endif /* DEBUG */
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPointName ::= CHOICE {
- *       fullName                [0]     GeneralNames,
- *       nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- *
- * The private calls for this type:
- *
- *  nssPKIXDistributionPointName_Decode
- *  nssPKIXDistributionPointName_Create
- *  nssPKIXDistributionPointName_CreateFromFullName
- *  nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *  nssPKIXDistributionPointName_Destroy
- *  nssPKIXDistributionPointName_Encode
- *  nssPKIXDistributionPointName_GetChoice
- *  nssPKIXDistributionPointName_GetFullName
- *  nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *  nssPKIXDistributionPointName_Equal
- *  nssPKIXDistributionPointName_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXDistributionPointName_verifyPointer
- *
- */
-
-/*
- * nssPKIXDistributionPointName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXDistributionPointName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME_CHOICE
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *  NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPointNameChoice which,
-  void *name
-);
-
-/*
- * nssPKIXDistributionPointName_CreateFromFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_CreateFromFullName
-(
-  NSSArena *arenaOpt,
-  NSSPKIXGeneralNames *fullName
-);
-
-/*
- * nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer
-);
-
-/*
- * nssPKIXDistributionPointName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPointName_Destroy
-(
-  NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXDistributionPointName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDistributionPointName_Encode
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * 
- * Return value:
- *  A valid NSSPKIXDistributionPointNameChoice value upon success
- *  NSSPKIXDistributionPointNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointNameChoice
-nssPKIXDistributionPointName_GetChoice
-(
-  NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXDistributionPointName_GetFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralNames upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralnames *
-nssPKIXDistributionPointName_GetFullName
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_WRONG_CHOICE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPointName_Equal
-(
-  NSSPKIXDistributionPointName *dpn1,
-  NSSPKIXDistributionPointName *dpn2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPointName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Duplicate
-(
-  NSSPKIXDistributionPointName *dpn,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXDistributionPointName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXDistributionPointName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPointName_verifyPointer
-(
-  NSSPKIXDistributionPointName *p
-);
-#endif /* DEBUG */
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ReasonFlags ::= BIT STRING {
- *       unused                  (0),
- *       keyCompromise           (1),
- *       cACompromise            (2),
- *       affiliationChanged      (3),
- *       superseded              (4),
- *       cessationOfOperation    (5),
- *       certificateHold         (6) }
- *
- * The private calls for this type:
- *
- *  nssPKIXReasonFlags_Decode
- *  nssPKIXReasonFlags_Create
- *  nssPKIXReasonFlags_CreateFromMask
- *  nssPKIXReasonFlags_Destroy
- *  nssPKIXReasonFlags_Encode
- *  nssPKIXReasonFlags_GetMask
- *  nssPKIXReasonFlags_SetMask
- *  nssPKIXReasonFlags_Equal
- *  nssPKIXReasonFlags_Duplicate
- *    { bitwise accessors? }
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXReasonFlags_verifyPointer
- *
- */
-
-/*
- * nssPKIXReasonFlags_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXReasonFlags_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Create
-(
-  NSSArena *arenaOpt,
-  PRBool keyCompromise,
-  PRBool cACompromise,
-  PRBool affiliationChanged,
-  PRBool superseded,
-  PRBool cessationOfOperation,
-  PRBool certificateHold
-);
-
-/*
- * nssPKIXReasonFlags_CreateFromMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_CreateFromMask
-(
-  NSSArena *arenaOpt,
-  NSSPKIXReasonFlagsMask why
-);
-
-/*
- * nssPKIXReasonFlags_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_Destroy
-(
-  NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * nssPKIXReasonFlags_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXReasonFlags_Encode
-(
-  NSSPKIXReasonFlags *reasonFlags,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXReasonFlags_GetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  A valid mask of NSSPKIXReasonFlagsMask values upon success
- *  NSSPKIXReasonFlagsMask_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlagsMask
-nssPKIXReasonFlags_GetMask
-(
-  NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * nssPKIXReasonFlags_SetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_SetMask
-(
-  NSSPKIXReasonFlags *reasonFlags,
-  NSSPKIXReasonFlagsMask mask
-);
-
-/*
- * nssPKIXReasonFlags_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXReasonFlags_Equal
-(
-  NSSPKIXReasonFlags *reasonFlags1,
-  NSSPKIXReasonFlags *reasonFlags2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXReasonFlags_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Duplicate
-(
-  NSSPKIXReasonFlags *reasonFlags,
-  NSSArena *arenaOpt
-);
-
-/*
- *   { bitwise accessors? }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXReasonFlags_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXReasonFlags
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_verifyPointer
-(
-  NSSPKIXReasonFlags *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * The private calls for this type:
- *
- *  nssPKIXExtKeyUsageSyntax_Decode
- *  nssPKIXExtKeyUsageSyntax_Create
- *  nssPKIXExtKeyUsageSyntax_Destroy
- *  nssPKIXExtKeyUsageSyntax_Encode
- *  nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *  nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *  nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *  nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *  nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *  nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *  nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *  nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *  nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *  nssPKIXExtKeyUsageSyntax_Equal
- *  nssPKIXExtKeyUsageSyntax_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXExtKeyUsageSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtKeyUsageSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXKeyPurposeId *kpid1,
-  ...
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_Destroy
-(
-  NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtKeyUsageSyntax_Encode
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
-(
-  NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXKeyPurposeId pointers upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId **
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *ids[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXKeyPurposeId upon success
- *  NULL upon error
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId *
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  PRInt32 i
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified key purpose id upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtKeyUsageSyntax_Equal
-(
-  NSSPKIXExtKeyUsageSyntax *eku1,
-  NSSPKIXExtKeyUsageSyntax *eku2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Duplicate
-(
-  NSSPKIXExtKeyUsageSyntax *eku,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtKeyUsageSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtKeyUsageSyntax
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_verifyPointer
-(
-  NSSPKIXExtKeyUsageSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityInfoAccessSyntax  ::=
- *          SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- * The private calls for this type:
- *
- *  nssPKIXAuthorityInfoAccessSyntax_Decode
- *  nssPKIXAuthorityInfoAccessSyntax_Create
- *  nssPKIXAuthorityInfoAccessSyntax_Destroy
- *  nssPKIXAuthorityInfoAccessSyntax_Encode
- *  nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *  nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *  nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *  nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *  nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *  nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *  nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *  nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *  nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *  nssPKIXAuthorityInfoAccessSyntax_Equal
- *  nssPKIXAuthorityInfoAccessSyntax_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXAuthorityInfoAccessSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAccessDescription *ad1,
-  ...
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_Destroy
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAuthorityInfoAccessSyntax_Encode
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- * 
- * Return value:
- *  A valid pointer to an array of NSSPKIXAccessDescription pointers
- *      upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription **
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *ad[],
-  PRInt32 count
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  PRInt32 i
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- * 
- * Return value:
- *  The index of the specified policy mapping upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityInfoAccessSyntax_Equal
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias1,
-  NSSPKIXAuthorityInfoAccessSyntax *aias2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- *      success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Duplicate
-(
-  NSSPKIXAuthorityInfoAccessSyntax *aias,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAuthorityInfoAccessSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAuthorityInfoAccessSyntax
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_verifyPointer
-(
-  NSSPKIXAuthorityInfoAccessSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AccessDescription  ::=  SEQUENCE {
- *          accessMethod          OBJECT IDENTIFIER,
- *          accessLocation        GeneralName  }
- *
- * The private calls for this type:
- *
- *  nssPKIXAccessDescription_Decode
- *  nssPKIXAccessDescription_Create
- *  nssPKIXAccessDescription_Destroy
- *  nssPKIXAccessDescription_Encode
- *  nssPKIXAccessDescription_GetAccessMethod
- *  nssPKIXAccessDescription_SetAccessMethod
- *  nssPKIXAccessDescription_GetAccessLocation
- *  nssPKIXAccessDescription_SetAccessLocation
- *  nssPKIXAccessDescription_Equal
- *  nssPKIXAccessDescription_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXAccessDescription_verifyPointer
- *
- */
-
-/*
- * nssPKIXAccessDescription_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXAccessDescription_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *accessMethod,
-  NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * nssPKIXAccessDescription_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_Destroy
-(
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAccessDescription_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAccessDescription_Encode
-(
-  NSSPKIXAccessDescription *ad,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAccessDescription_GetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSOID pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAccessDescription_GetAccessMethod
-(
-  NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAccessDescription_SetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_SetAccessMethod
-(
-  NSSPKIXAccessDescription *ad,
-  NSSOID *accessMethod
-);
-
-/*
- * nssPKIXAccessDescription_GetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXGeneralName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXAccessDescription_GetAccessLocation
-(
-  NSSPKIXAccessDescription *ad,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAccessDescription_SetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_SetAccessLocation
-(
-  NSSPKIXAccessDescription *ad,
-  NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * nssPKIXAccessDescription_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAccessDescription_Equal
-(
-  NSSPKIXAccessDescription *ad1,
-  NSSPKIXAccessDescription *ad2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAccessDescription_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXAccessDescription upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Duplicate
-(
-  NSSPKIXAccessDescription *ad,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAccessDescription_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAccessDescription
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_verifyPointer
-(
-  NSSPKIXAccessDescription *p
-);
-#endif /* DEBUG */
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  IssuingDistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0] DistributionPointName OPTIONAL,
- *       onlyContainsUserCerts   [1] BOOLEAN DEFAULT FALSE,
- *       onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
- *       onlySomeReasons         [3] ReasonFlags OPTIONAL,
- *       indirectCRL             [4] BOOLEAN DEFAULT FALSE }
- *
- * The private calls for this type:
- *
- *  nssPKIXIssuingDistributionPoint_Decode
- *  nssPKIXIssuingDistributionPoint_Create
- *  nssPKIXIssuingDistributionPoint_Destroy
- *  nssPKIXIssuingDistributionPoint_Encode
- *  nssPKIXIssuingDistributionPoint_HasDistributionPoint
- *  nssPKIXIssuingDistributionPoint_GetDistributionPoint
- *  nssPKIXIssuingDistributionPoint_SetDistributionPoint
- *  nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *  nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *  nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *  nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *  nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *  nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *  nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *  nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *  nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *  nssPKIXIssuingDistributionPoint_GetIndirectCRL
- *  nssPKIXIssuingDistributionPoint_SetIndirectCRL
- *  nssPKIXIssuingDistributionPoint_Equal
- *  nssPKIXIssuingDistributionPoint_Duplicate
- * 
- * In debug builds, the following call is available:
- *
- *  nssPKIXIssuingDistributionPoint_verifyPointer
- *
- */
-
-/*
- * nssPKIXIssuingDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXDistributionPointName *distributionPointOpt,
-  PRBool onlyContainsUserCerts,
-  PRBool onlyContainsCACerts,
-  NSSPKIXReasonFlags *onlySomeReasons
-  PRBool indirectCRL
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_Destroy
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXIssuingDistributionPoint_Encode
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_HasDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXDistributionPointName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXIssuingDistributionPoint_GetDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the onlyContainsUserCerts value is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRBool onlyContainsUserCerts
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the onlyContainsCACerts value is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRBool onlyContainsCACerts
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if it has one
- *  PR_FALSE if it doesn't
- *  PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXReasonFlags upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *  NSS_ERROR_NO_MEMORY
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSPKIXReasonFlags *onlySomeReasons
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
-(
-  NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the indirectCRL value is true
- *  PR_FALSE if it isn't
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetIndirectCRL
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetIndirectCRL
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  PRBool indirectCRL
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * 
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_Equal
-(
-  NSSPKIXIssuingDistributionPoint *idp1,
-  NSSPKIXIssuingDistributionPoint *idp2,
-  PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Duplicate
-(
-  NSSPKIXIssuingDistributionPoint *idp,
-  NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXIssuingDistributionPoint_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXIssuingDistributionPoint
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_verifyPointer
-(
-  NSSPKIXIssuingDistributionPoint *p
-);
-#endif /* DEBUG */
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIX_H */
diff --git a/security/nss/lib/pkix/include/pkixm.h b/security/nss/lib/pkix/include/pkixm.h
deleted file mode 100644
index c273848b5..000000000
--- a/security/nss/lib/pkix/include/pkixm.h
+++ /dev/null
@@ -1,969 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXM_H
-#define PKIXM_H
-
-#ifdef DEBUG
-static const char PKIXM_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixm.h
- *
- * This file contains the private type definitions for the 
- * PKIX part-1 objects.  Mostly, this file contains the actual 
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef PKIXTM_H
-#include "pkixtm.h"
-#endif /* PKIXTM_H */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nss_pkix_Attribute_v_create
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nss_pkix_Attribute_v_create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  PRUint32 count,
-  va_list ap
-);
-
-#ifdef DEBUG
-
-/*
- * nss_pkix_Attribute_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttribute pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_Attribute_add_pointer
-(
-  const NSSPKIXAttribute *p
-);
-
-/*
- * nss_pkix_Attribute_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAttribute
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_Attribute_remove_pointer
-(
-  const NSSPKIXAttribute *p
-);
-
-#endif /* DEBUG */
-
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_AttributeTypeAndValue_add_pointer
-(
-  const NSSPKIXAttributeTypeAndValue *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AttributeTypeAndValue_remove_pointer
-(
-  const NSSPKIXAttributeTypeAndValue *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_X520Name_DoUTF8
- *
- */
-
-NSS_EXTERN PR_STATUS
-nss_pkix_X520Name_DoUTF8
-(
-  NSSPKIXX520Name *name
-);
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_X520Name_add_pointer
-(
-  const NSSPKIXX520Name *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_X520Name_remove_pointer
-(
-  const NSSPKIXX520Name *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_X520CommonName_DoUTF8
- *
- */
-
-NSS_EXTERN PR_STATUS
-nss_pkix_X520CommonName_DoUTF8
-(
-  NSSPKIXX520CommonName *name
-);
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_X520CommonName_add_pointer
-(
-  const NSSPKIXX520CommonName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_X520CommonName_remove_pointer
-(
-  const NSSPKIXX520CommonName *p
-);
-
-
-NSS_EXTERN PRStatus
-nss_pkix_Name_add_pointer
-(
-  const NSSPKIXName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Name_remove_pointer
-(
-  const NSSPKIXName *p
-);
-
-/*
- * nss_pkix_RDNSequence_v_create
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nss_pkix_RDNSequence_v_create
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  va_list ap
-);
-
-/*
- * nss_pkix_RDNSequence_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_Clear
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-#ifdef DEBUG
-
-#ifdef NSSDEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_register
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_deregister
-(
-  NSSPKIXRDNSequence *rdnseq
-);
-
-#endif /* NSSDEBUG */
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_add_pointer
-(
-  const NSSPKIXRDNSequence *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_remove_pointer
-(
-  const NSSPKIXRDNSequence *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_RelativeDistinguishedName_v_create
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nss_pkix_RelativeDistinguishedName_V_Create
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  va_list ap
-);
-
-/*
- * nss_pkix_RelativeDistinguishedName_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_Clear
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-#ifdef DEBUG
-
-#ifdef NSSDEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_register
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_deregister
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-);
-
-#endif /* NSSDEBUG */
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_add_pointer
-(
-  const NSSPKIXRelativeDistinguishedName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_remove_pointer
-(
-  const NSSPKIXRelativeDistinguishedName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Certificate_add_pointer
-(
-  const NSSPKIXCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Certificate_remove_pointer
-(
-  const NSSPKIXCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertificate_add_pointer
-(
-  const NSSPKIXTBSCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertificate_remove_pointer
-(
-  const NSSPKIXTBSCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Validity_add_pointer
-(
-  const NSSPKIXValidity *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Validity_remove_pointer
-(
-  const NSSPKIXValidity *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectPublicKeyInfo_add_pointer
-(
-  const NSSPKIXSubjectPublicKeyInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectPublicKeyInfo_remove_pointer
-(
-  const NSSPKIXSubjectPublicKeyInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificateList_add_pointer
-(
-  const NSSPKIXCertificateList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificateList_remove_pointer
-(
-  const NSSPKIXCertificateList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertList_add_pointer
-(
-  const NSSPKIXTBSCertList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertList_remove_pointer
-(
-  const NSSPKIXTBSCertList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificates_add_pointer
-(
-  const NSSPKIXrevokedCertificates *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificates_remove_pointer
-(
-  const NSSPKIXrevokedCertificates *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificate_add_pointer
-(
-  const NSSPKIXrevokedCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificate_remove_pointer
-(
-  const NSSPKIXrevokedCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AlgorithmIdentifier_add_pointer
-(
-  const NSSPKIXAlgorithmIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AlgorithmIdentifier_remove_pointer
-(
-  const NSSPKIXAlgorithmIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ORAddress_add_pointer
-(
-  const NSSPKIXORAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ORAddress_remove_pointer
-(
-  const NSSPKIXORAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInStandardAttributes_add_pointer
-(
-  const NSSPKIXBuiltInStandardAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInStandardAttributes_remove_pointer
-(
-  const NSSPKIXBuiltInStandardAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PersonalName_add_pointer
-(
-  const NSSPKIXPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PersonalName_remove_pointer
-(
-  const NSSPKIXPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_OrganizationalUnitNames_add_pointer
-(
-  const NSSPKIXOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_OrganizationalUnitNames_remove_pointer
-(
-  const NSSPKIXOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttributes_add_pointer
-(
-  const NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttributes_remove_pointer
-(
-  const NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttribute_add_pointer
-(
-  const NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttribute_remove_pointer
-(
-  const NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttributes_add_pointer
-(
-  const NSSPKIXExtensionAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttributes_remove_pointer
-(
-  const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttribute_add_pointer
-(
-  const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttribute_remove_pointer
-(
-  const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexPersonalName_add_pointer
-(
-  const NSSPKIXTeletexPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexPersonalName_remove_pointer
-(
-  const NSSPKIXTeletexPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexOrganizationalUnitNames_add_pointer
-(
-  const NSSPKIXTeletexOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexOrganizationalUnitNames_remove_pointer
-(
-  const NSSPKIXTeletexOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PDSParameter_add_pointer
-(
-  const NSSPKIXPDSParameter *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PDSParameter_remove_pointer
-(
-  const NSSPKIXPDSParameter *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtendedNetworkAddress_add_pointer
-(
-  const NSSPKIXExtendedNetworkAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtendedNetworkAddress_remove_pointer
-(
-  const NSSPKIXExtendedNetworkAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_e1634Address_add_pointer
-(
-  const NSSPKIXe1634Address *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_e1634Address_remove_pointer
-(
-  const NSSPKIXe1634Address *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttributes_add_pointer
-(
-  const NSSPKIXTeletexDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttributes_remove_pointer
-(
-  const NSSPKIXTeletexDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttribute_add_pointer
-(
-  const NSSPKIXTeletexDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttribute_remove_pointer
-(
-  const NSSPKIXTeletexDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityKeyIdentifier_add_pointer
-(
-  const NSSPKIXAuthorityKeyIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityKeyIdentifier_remove_pointer
-(
-  const NSSPKIXAuthorityKeyIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_KeyUsage_add_pointer
-(
-  const NSSPKIXKeyUsage *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_KeyUsage_remove_pointer
-(
-  const NSSPKIXKeyUsage *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PrivateKeyUsagePeriod_add_pointer
-(
-  const NSSPKIXPrivateKeyUsagePeriod *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PrivateKeyUsagePeriod_remove_pointer
-(
-  const NSSPKIXPrivateKeyUsagePeriod *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificatePolicies_add_pointer
-(
-  const NSSPKIXCertificatePolicies *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificatePolicies_remove_pointer
-(
-  const NSSPKIXCertificatePolicies *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyInformation_add_pointer
-(
-  const NSSPKIXPolicyInformation *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyInformation_remove_pointer
-(
-  const NSSPKIXPolicyInformation *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyQualifierInfo_add_pointer
-(
-  const NSSPKIXPolicyQualifierInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyQualifierInfo_remove_pointer
-(
-  const NSSPKIXPolicyQualifierInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_UserNotice_add_pointer
-(
-  const NSSPKIXUserNotice *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_UserNotice_remove_pointer
-(
-  const NSSPKIXUserNotice *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NoticeReference_add_pointer
-(
-  const NSSPKIXNoticeReference *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NoticeReference_remove_pointer
-(
-  const NSSPKIXNoticeReference *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyMappings_add_pointer
-(
-  const NSSPKIXPolicyMappings *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyMappings_remove_pointer
-(
-  const NSSPKIXPolicyMappings *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_policyMapping_add_pointer
-(
-  const NSSPKIXpolicyMapping *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_policyMapping_remove_pointer
-(
-  const NSSPKIXpolicyMapping *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralName_add_pointer
-(
-  const NSSPKIXGeneralName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralName_remove_pointer
-(
-  const NSSPKIXGeneralName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralNames_add_pointer
-(
-  const NSSPKIXGeneralNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralNames_remove_pointer
-(
-  const NSSPKIXGeneralNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AnotherName_add_pointer
-(
-  const NSSPKIXAnotherName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AnotherName_remove_pointer
-(
-  const NSSPKIXAnotherName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_EDIPartyName_add_pointer
-(
-  const NSSPKIXEDIPartyName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_EDIPartyName_remove_pointer
-(
-  const NSSPKIXEDIPartyName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectDirectoryAttributes_add_pointer
-(
-  const NSSPKIXSubjectDirectoryAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectDirectoryAttributes_remove_pointer
-(
-  const NSSPKIXSubjectDirectoryAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BasicConstraints_add_pointer
-(
-  const NSSPKIXBasicConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BasicConstraints_remove_pointer
-(
-  const NSSPKIXBasicConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NameConstraints_add_pointer
-(
-  const NSSPKIXNameConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NameConstraints_remove_pointer
-(
-  const NSSPKIXNameConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtrees_add_pointer
-(
-  const NSSPKIXGeneralSubtrees *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtrees_remove_pointer
-(
-  const NSSPKIXGeneralSubtrees *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtree_add_pointer
-(
-  const NSSPKIXGeneralSubtree *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtree_remove_pointer
-(
-  const NSSPKIXGeneralSubtree *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyConstraints_add_pointer
-(
-  const NSSPKIXPolicyConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyConstraints_remove_pointer
-(
-  const NSSPKIXPolicyConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CRLDistPointsSyntax_add_pointer
-(
-  const NSSPKIXCRLDistPointsSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CRLDistPointsSyntax_remove_pointer
-(
-  const NSSPKIXCRLDistPointsSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPoint_add_pointer
-(
-  const NSSPKIXDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPoint_remove_pointer
-(
-  const NSSPKIXDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPointName_add_pointer
-(
-  const NSSPKIXDistributionPointName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPointName_remove_pointer
-(
-  const NSSPKIXDistributionPointName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ReasonFlags_add_pointer
-(
-  const NSSPKIXReasonFlags *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ReasonFlags_remove_pointer
-(
-  const NSSPKIXReasonFlags *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtKeyUsageSyntax_add_pointer
-(
-  const NSSPKIXExtKeyUsageSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtKeyUsageSyntax_remove_pointer
-(
-  const NSSPKIXExtKeyUsageSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityInfoAccessSyntax_add_pointer
-(
-  const NSSPKIXAuthorityInfoAccessSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityInfoAccessSyntax_remove_pointer
-(
-  const NSSPKIXAuthorityInfoAccessSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AccessDescription_add_pointer
-(
-  const NSSPKIXAccessDescription *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AccessDescription_remove_pointer
-(
-  const NSSPKIXAccessDescription *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_IssuingDistributionPoint_add_pointer
-(
-  const NSSPKIXIssuingDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_IssuingDistributionPoint_remove_pointer
-(
-  const NSSPKIXIssuingDistributionPoint *p
-);
-
-#endif /* DEBUG */
-
-PR_END_EXTERN_C
-
-#endif /* PKIXM_H */
diff --git a/security/nss/lib/pkix/include/pkixt.h b/security/nss/lib/pkix/include/pkixt.h
deleted file mode 100644
index b620cfb8c..000000000
--- a/security/nss/lib/pkix/include/pkixt.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXT_H
-#define PKIXT_H
-
-#ifdef DEBUG
-static const char PKIXT_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixt.h
- *
- * This file contains the private type definitions for the 
- * PKIX part-1 objects.  Mostly, this file contains the actual 
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-PR_END_EXTERN_C
-
-#endif /* PKIXT_H */
diff --git a/security/nss/lib/pkix/include/pkixtm.h b/security/nss/lib/pkix/include/pkixtm.h
deleted file mode 100644
index 1a9e57af0..000000000
--- a/security/nss/lib/pkix/include/pkixtm.h
+++ /dev/null
@@ -1,1581 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXTM_H
-#define PKIXTM_H
-
-#ifdef DEBUG
-static const char PKIXTM_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixtm.h
- *
- * This file contains the module-private type definitions for the 
- * PKIX part-1 objects.  Mostly, this file contains the actual 
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Attribute       ::=     SEQUENCE {
- *          type            AttributeType,
- *          values  SET OF AttributeValue
- *                  -- at least one value is required -- }
- *
- */
-
-struct NSSPKIXAttributeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSBER *ber;
-  NSSDER *der;
-  nssASN1Item asn1type;
-  nssASN1Item **asn1values;
-  NSSPKIXAttributeType *type;
-  PRUint32 valuesCount;
-};
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID), 
- * and the type-specific value.  RelativeDistinguishedNamess consist
- * of a set of these.  These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- *  AttributeTypeAndValue           ::=     SEQUENCE {
- *          type    AttributeType,
- *          value   AttributeValue }
- * 
- */
-
-struct NSSPKIXAttributeTypeAndValueStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  nssASN1Item asn1type;
-  nssASN1Item asn1value;
-  NSSPKIXAttributeType *type;
-  NSSUTF8 *utf8;
-};
-
-/*
- * X520Name
- *
- * From RFC 2459:
- *
- *  X520name        ::= CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-name)),
- *        printableString       PrintableString (SIZE (1..ub-name)),
- *        universalString       UniversalString (SIZE (1..ub-name)),
- *        utf8String            UTF8String (SIZE (1..ub-name)),
- *        bmpString             BMPString (SIZE(1..ub-name))   }
- *
- *
- *  ub-name INTEGER ::=     32768
- *
- */
-
-struct NSSPKIXX520NameStr {
-  nssASN1Item string;
-  NSSUTF8 *utf8;
-  NSSDER *der;
-  PRBool wasPrintable;
-  PRBool inArena;
-};
-
-/*
- * From RFC 2459:
- *
- *  X520CommonName  ::=      CHOICE {
- *        teletexString         TeletexString (SIZE (1..ub-common-name)),
- *        printableString       PrintableString (SIZE (1..ub-common-name)),
- *        universalString       UniversalString (SIZE (1..ub-common-name)),
- *        utf8String            UTF8String (SIZE (1..ub-common-name)),
- *        bmpString             BMPString (SIZE(1..ub-common-name))   }
- * 
- *  ub-common-name  INTEGER ::=     64
- *
- */
-
-struct NSSPKIXX520CommonNameStr {
-};
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- *  Name            ::=   CHOICE { -- only one possibility for now --
- *                                   rdnSequence  RDNSequence }
- *
- */
-
-struct NSSPKIXNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *ber;
-  NSSDER *der;
-  NSSUTF8 *utf;
-  NSSPKIXNameChoice choice;
-  union {
-    NSSPKIXRDNSequence *rdnSequence;
-  } u;
-};
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- *  RDNSequence     ::=   SEQUENCE OF RelativeDistinguishedName
- *
- */
-
-struct NSSPKIXRDNSequenceStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSBER *ber;
-  NSSDER *der;
-  NSSUTF8 *utf8;
-  PRUint32 count;
-  NSSPKIXRelativeDistinguishedName **rdns;
-};
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue 
- * objects.  RDNs are used to distinguish a set of objects underneath 
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN.  However, sometimes a set of ATAVs is
- * needed.  For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- *  RelativeDistinguishedName  ::=
- *                      SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- */
-
-struct NSSPKIXRelativeDistinguishedNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSBER *ber;
-  NSSUTF8 *utf8;
-  PRUint32 count;
-  NSSPKIXAttributeTypeAndValue **atavs;
-};
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Certificate  ::=  SEQUENCE  {
- *       tbsCertificate       TBSCertificate,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- */
-
-struct NSSPKIXCertificateStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXTBSCertificate *tbsCertificate;
-  NSSPKIXAlgorithmIdentifier *signatureAlgorithm;
-  NSSItem *signature;
-};
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertificate  ::=  SEQUENCE  {
- *       version         [0]  Version DEFAULT v1,
- *       serialNumber         CertificateSerialNumber,
- *       signature            AlgorithmIdentifier,
- *       issuer               Name,
- *       validity             Validity,
- *       subject              Name,
- *       subjectPublicKeyInfo SubjectPublicKeyInfo,
- *       issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
- *                            -- If present, version shall be v2 or v3
- *       extensions      [3]  Extensions OPTIONAL
- *                            -- If present, version shall be v3 --  }
- *
- */
-
-struct NSSPKIXTBSCertificateStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXVersion version;
-  NSSPKIXCertificateSerialNumber serialNumber;
-  NSSPKIXAlgorithmIdentifier *signature;
-  NSSPKIXName *issuer;
-  NSSPKIXValidity *validity;
-  NSSPKIXName *subject;
-  NSSPKIXSubjectPublicKeyInfo *subjectPublicKeyInfo;
-  NSSPKIXUniqueIdentifier *issuerUniqueID;
-  NSSPKIXUniqueIdentifier *subjectUniqueID;
-  NSSPKIXExtensions *extensions;
-};
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Validity ::= SEQUENCE {
- *       notBefore      Time,
- *       notAfter       Time }
- *
- */
-
-struct NSSPKIXValidityStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Time ::= CHOICE {
- *       utcTime        UTCTime,
- *       generalTime    GeneralizedTime }
- *
- */
-
-struct NSSPKIXTimeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSBER *ber;
-  nssASN1Item asn1item;
-  PRTime prTime;
-  PRBool prTimeValid;
-};
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
- *       algorithm            AlgorithmIdentifier,
- *       subjectPublicKey     BIT STRING  }
- *
- */
-
-struct NSSPKIXSubjectPublicKeyInfoStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXAlgorithmIdentifier *algorithm;
-  NSSItem *subjectPublicKey;
-};
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-struct NSSPKIXExtensionsStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  Extension  ::=  SEQUENCE  {
- *       extnID      OBJECT IDENTIFIER,
- *       critical    BOOLEAN DEFAULT FALSE,
- *       extnValue   OCTET STRING  }
- *
- */
-
-struct NSSPKIXExtensionStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSOID *extnID;
-  PRBool critical;
-  NSSItem *extnValue;
-};
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificateList  ::=  SEQUENCE  {
- *       tbsCertList          TBSCertList,
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING  }
- *
- */
-
-struct NSSPKIXCertificateListStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXTBSCertList *tbsCertList;
-  NSSPKIXAlgorithmIdentifier *signatureAlgorithm;
-  NSSItem *signature;
-};
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TBSCertList  ::=  SEQUENCE  {
- *       version                 Version OPTIONAL,
- *                                    -- if present, shall be v2
- *       signature               AlgorithmIdentifier,
- *       issuer                  Name,
- *       thisUpdate              Time,
- *       nextUpdate              Time OPTIONAL,
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *       crlExtensions           [0] Extensions OPTIONAL
- *                                           -- if present, shall be v2 -- }
- *
- */
-
-struct NSSPKIXTBSCertListStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXVersion version;
-  NSSPKIXAlgorithmIdentifier *signature;
-  NSSPKIXName *issuer;
-  -time- thisUpdate;
-  -time- nextUpdate;
-  NSSPKIXrevokedCertificates *revokedCertificates;
-  NSSPKIXExtensions *crlExtensions;  
-};
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificatesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- *                                           SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                           -- if present, shall be v2
- *                                 }  OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificateStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXCertificateSerialNumber *userCertificate;
-  -time- revocationDate;
-  NSSPKIXExtensions *crlEntryExtensions;
-};
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- *  AlgorithmIdentifier  ::=  SEQUENCE  {
- *       algorithm               OBJECT IDENTIFIER,
- *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
- *                                  -- contains a value of the type
- *                                  -- registered for use with the
- *                                  -- algorithm object identifier value
- *
- *
- */
-
-struct NSSPKIXAlgorithmIdentifierStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSBER *ber;
-  NSSOID *algorithm;
-  NSSItem *parameters;
-};
-
-/*
- * -- types related to NSSPKIXAlgorithmIdentifiers:
- *
- *  Dss-Sig-Value  ::=  SEQUENCE  {
- *       r       INTEGER,
- *       s       INTEGER  }
- *  
- *  DomainParameters ::= SEQUENCE {
- *       p       INTEGER, -- odd prime, p=jq +1
- *       g       INTEGER, -- generator, g
- *       q       INTEGER, -- factor of p-1
- *       j       INTEGER OPTIONAL, -- subgroup factor, j>= 2
- *       validationParms  ValidationParms OPTIONAL }
- *  
- *  ValidationParms ::= SEQUENCE {
- *       seed             BIT STRING,
- *       pgenCounter      INTEGER }
- *  
- *  Dss-Parms  ::=  SEQUENCE  {
- *       p             INTEGER,
- *       q             INTEGER,
- *       g             INTEGER  }
- *
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ORAddress ::= SEQUENCE {
- *     built-in-standard-attributes BuiltInStandardAttributes,
- *     built-in-domain-defined-attributes
- *                          BuiltInDomainDefinedAttributes OPTIONAL,
- *     -- see also teletex-domain-defined-attributes
- *     extension-attributes ExtensionAttributes OPTIONAL }
- *  --      The OR-address is semantically absent from the OR-name if the
- *  --      built-in-standard-attribute sequence is empty and the
- *  --      built-in-domain-defined-attributes and extension-attributes are
- *  --      both omitted.
- *
- */
-
-struct NSSPKIXORAddressStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXBuiltInStandardAttributes *builtInStandardAttributes;
-  NSSPKIXBuiltInDomainDefinedAttributes *builtInDomainDefinedAttributes;
-  NSSPKIXExtensionsAttributes *extensionAttributes;
-};
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInStandardAttributes ::= SEQUENCE {
- *     country-name CountryName OPTIONAL,
- *     administration-domain-name AdministrationDomainName OPTIONAL,
- *     network-address      [0] NetworkAddress OPTIONAL,
- *     -- see also extended-network-address
- *     terminal-identifier  [1] TerminalIdentifier OPTIONAL,
- *     private-domain-name  [2] PrivateDomainName OPTIONAL,
- *     organization-name    [3] OrganizationName OPTIONAL,
- *     -- see also teletex-organization-name
- *     numeric-user-identifier      [4] NumericUserIdentifier OPTIONAL,
- *     personal-name        [5] PersonalName OPTIONAL,
- *     -- see also teletex-personal-name
- *     organizational-unit-names    [6] OrganizationalUnitNames OPTIONAL
- *     -- see also teletex-organizational-unit-names -- }
- *
- */
-
-struct NSSPKIXBuiltInStandardAttributesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXCountryName *countryName;
-  NSSPKIXAdministrationDomainName *administrationDomainName;
-  NSSPKIXNetworkAddress *networkAddress;
-  NSSPKIXTerminalIdentifier *terminalIdentifier;
-  NSSPKIXPrivateDomainName *privateDomainName;
-  NSSPKIXOrganizationName *organizationName;
-  NSSPKIXNumericUserIdentifier *numericUserIdentifier;
-  NSSPKIXPersonalName *personalName;
-  NSSPKIXOrganizationalUnitNames *organizationalUnitNames;
-};
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PersonalName ::= SET {
- *     surname [0] PrintableString (SIZE (1..ub-surname-length)),
- *     given-name [1] PrintableString
- *                          (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] PrintableString
- *                  (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPersonalNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSUTF8 *surname;
-  NSSUTF8 *givenName;
-  NSSUTF8 *initials;
-  NSSUTF8 *generationQualifier;
-};
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- *                                          OF OrganizationalUnitName
- * 
- */
-
-struct NSSPKIXOrganizationalUnitNamesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- *                                  (1..ub-domain-defined-attributes) OF
- *                                  BuiltInDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BuiltInDomainDefinedAttribute ::= SEQUENCE {
- *     type PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-type-length)),
- *     value PrintableString (SIZE
- *                          (1..ub-domain-defined-attribute-value-length))}
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSUTF8 *type;
-  NSSUTF8 *value;
-};
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- *                          ExtensionAttribute
- *
- */
-
-struct NSSPKIXExtensionAttributesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtensionAttribute ::=  SEQUENCE {
- *     extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- *     extension-attribute-value [1]
- *                          ANY DEFINED BY extension-attribute-type }
- *
- */
-
-struct NSSPKIXExtensionAttributeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXExtensionsAttributeType extensionAttributeType;
-  NSSItem *extensionAttributeValue;
-};
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexPersonalName ::= SET {
- *     surname [0] TeletexString (SIZE (1..ub-surname-length)),
- *     given-name [1] TeletexString
- *                  (SIZE (1..ub-given-name-length)) OPTIONAL,
- *     initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- *     generation-qualifier [3] TeletexString (SIZE
- *                  (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXTeletexPersonalNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSUTF8 *surname;
-  NSSUTF8 *givenName;
-  NSSUTF8 *initials;
-  NSSUTF8 *generationQualifier;
-};
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- *          (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNamesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PDSParameter ::= SET {
- *     printable-string PrintableString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *                  (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPDSParameterStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSUTF8 *printableString;
-  NSSTUF8 *teletexString;
-};
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UnformattedPostalAddress ::= SET {
- *     printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- *             PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- *     teletex-string TeletexString
- *           (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXUnformattedPostalAddressStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-  NSSUTF8 *teletexString;
-};
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtendedNetworkAddress ::= CHOICE {
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *     psap-address [0] PresentationAddress }
- *
- */
-
-struct NSSPKIXExtendedNetworkAddressStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXExtendedNetworkAddressChoice choice;
-  union {
-    NSSe1634address *e1634Address;
-    NSSPKIXPresentationAddress *psapAddress;
-  } u;
-};
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- * 
- *     e163-4-address SEQUENCE {
- *          number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- *          sub-address [1] NumericString
- *                  (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * 
- */
-
-struct NSSe1634addressStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSUTF8 *number;
-  NSSUTF8 *subAddress;
-};
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PresentationAddress ::= SEQUENCE {
- *          pSelector       [0] EXPLICIT OCTET STRING OPTIONAL,
- *          sSelector       [1] EXPLICIT OCTET STRING OPTIONAL,
- *          tSelector       [2] EXPLICIT OCTET STRING OPTIONAL,
- *          nAddresses      [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- */
-
-struct NSSPKIXPresentationAddressStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSItem *pSelector;
-  NSSItem *sSelector;
-  NSSItem *tSelector;
-  NSSItem *nAddresses[]; --fgmr--
-};
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- *     (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- * 
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  TeletexDomainDefinedAttribute ::= SEQUENCE {
- *          type TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-type-length)),
- *          value TeletexString
- *                 (SIZE (1..ub-domain-defined-attribute-value-length)) }
- * 
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSUTF8 *type;
-  NSSUTF8 *value;
-};
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityKeyIdentifier ::= SEQUENCE {
- *        keyIdentifier             [0] KeyIdentifier            OPTIONAL,
- *        authorityCertIssuer       [1] GeneralNames             OPTIONAL,
- *        authorityCertSerialNumber [2] CertificateSerialNumber  OPTIONAL }
- *      -- authorityCertIssuer and authorityCertSerialNumber shall both
- *      -- be present or both be absent
- *
- */
-
-struct NSSPKIXAuthorityKeyIdentifierStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXKeyIdentifier *keyIdentifier;
-  NSSPKIXGeneralNames *authorityCertIssuer;
-  NSSPKIXCertificateSerialNumber *authorityCertSerialNumber;
-};
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  KeyUsage ::= BIT STRING {
- *       digitalSignature        (0),
- *       nonRepudiation          (1),
- *       keyEncipherment         (2),
- *       dataEncipherment        (3),
- *       keyAgreement            (4),
- *       keyCertSign             (5),
- *       cRLSign                 (6),
- *       encipherOnly            (7),
- *       decipherOnly            (8) }
- *
- */
-
-struct NSSPKIXKeyUsageStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXKeyUsageValue keyUsage;
-};
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PrivateKeyUsagePeriod ::= SEQUENCE {
- *       notBefore       [0]     GeneralizedTime OPTIONAL,
- *       notAfter        [1]     GeneralizedTime OPTIONAL }
- *       -- either notBefore or notAfter shall be present
- *
- */
-
-struct NSSPKIXPrivateKeyUsagePeriodStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  --time--
-  --time--
-};
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- */
-
-struct NSSPKIXCertificatePoliciesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyInformation ::= SEQUENCE {
- *       policyIdentifier   CertPolicyId,
- *       policyQualifiers   SEQUENCE SIZE (1..MAX) OF
- *               PolicyQualifierInfo OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyInformationStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXCertPolicyId *policyIdentifier;
-  NSSPKIXPolicyQualifierInfo *policyQualifiers[];
-  --fgmr--
-};
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyQualifierInfo ::= SEQUENCE {
- *         policyQualifierId  PolicyQualifierId,
- *         qualifier        ANY DEFINED BY policyQualifierId }
- *
- */
-
-struct NSSPKIXPolicyQualifierInfoStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXPolicyQualifierId *policyQualifierId;
-  NSSItem *qualifier;
-};
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  UserNotice ::= SEQUENCE {
- *       noticeRef        NoticeReference OPTIONAL,
- *       explicitText     DisplayText OPTIONAL}
- *
- */
-
-struct NSSPKIXUserNoticeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXNoticeReference *noticeRef;
-  NSSPKIXDisplayText *explicitText;
-};
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NoticeReference ::= SEQUENCE {
- *       organization     DisplayText,
- *       noticeNumbers    SEQUENCE OF INTEGER }
- *
- */
-
-struct NSSPKIXNoticeReferenceStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXDisplayText *organization;
-  NSSItem *noticeNumbers[]; --fgmr--
-  ...
-};
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- */
-
-struct NSSPKIXPolicyMappingsStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXpolicyMapping *policyMappings[]; --fgmr--
-  ...
-};
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- *                                               SEQUENCE {
- *       issuerDomainPolicy      CertPolicyId,
- *       subjectDomainPolicy     CertPolicyId }
- *
- */
-
-struct NSSPKIXpolicyMappingStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXCertPolicyId *issuerDomainPolicy;
-  NSSPKIXCertPolicyId *subjectDomainPolicy;
-};
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- *  GeneralName ::= CHOICE {
- *       otherName                       [0]     AnotherName,
- *       rfc822Name                      [1]     IA5String,
- *       dNSName                         [2]     IA5String,
- *       x400Address                     [3]     ORAddress,
- *       directoryName                   [4]     Name,
- *       ediPartyName                    [5]     EDIPartyName,
- *       uniformResourceIdentifier       [6]     IA5String,
- *       iPAddress                       [7]     OCTET STRING,
- *       registeredID                    [8]     OBJECT IDENTIFIER }
- *
- */
-
-struct NSSPKIXGeneralNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXGeneralNameChoice choice;
-  union {
-    NSSPKIXAnotherName *otherName;
-    NSSUTF8 *rfc822Name;
-    NSSUTF8 *dNSName;
-    NSSPKIXORAddress *x400Address;
-    NSSPKIXName *directoryName;
-    NSSEDIPartyName *ediPartyName;
-    NSSUTF8 *uniformResourceIdentifier;
-    NSSItem *iPAddress;
-    NSSOID *registeredID;
-  } u;
-};
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- *  GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- */
-
-struct NSSPKIXGeneralNamesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AnotherName ::= SEQUENCE {
- *       type-id    OBJECT IDENTIFIER,
- *       value      [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */
-
-struct NSSPKIXAnotherNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSOID *typeId;
-  NSSItem *value;
-};
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- *  EDIPartyName ::= SEQUENCE {
- *       nameAssigner            [0]     DirectoryString OPTIONAL,
- *       partyName               [1]     DirectoryString }
- *
- */
-
-struct NSSPKIXEDIPartyNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXDirectoryString *nameAssigner;
-  NSSPKIXDirectoryString *partyname;
-};
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- */
-
-struct NSSPKIXSubjectDirectoryAttributesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  BasicConstraints ::= SEQUENCE {
- *       cA                      BOOLEAN DEFAULT FALSE,
- *       pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
- *
- */
-
-struct NSSPKIXBasicConstraintsStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  PRBool cA;
-  PRInt32 pathLenConstraint; --fgmr--
-};
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  NameConstraints ::= SEQUENCE {
- *       permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
- *       excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
- *
- */
-
-struct NSSPKIXNameConstraintsStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXGeneralSubtrees *permittedSubtrees;
-  NSSPKIXGeneralSubtrees *excludedSubtrees;
-};
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- */
-
-struct NSSPKIXGeneralSubtreesStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  GeneralSubtree ::= SEQUENCE {
- *       base                    GeneralName,
- *       minimum         [0]     BaseDistance DEFAULT 0,
- *       maximum         [1]     BaseDistance OPTIONAL }
- *
- */
-
-struct NSSPKIXGeneralSubtreeStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXGeneralName;
-  NSSPKIXBaseDistance minimum;
-  NSSPKIXBaseDistance maximum;
-};
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  PolicyConstraints ::= SEQUENCE {
- *       requireExplicitPolicy           [0] SkipCerts OPTIONAL,
- *       inhibitPolicyMapping            [1] SkipCerts OPTIONAL }
- * 
- */
-
-struct NSSPKIXPolicyConstraintsStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXSkipCerts *requireExplicitPolicy;
-  NSSPKIXSkipCerts *inhibitPolicyMapping;
-};
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- */
-
-struct NSSPKIXCRLDistPointsSyntaxStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0]     DistributionPointName OPTIONAL,
- *       reasons                 [1]     ReasonFlags OPTIONAL,
- *       cRLIssuer               [2]     GeneralNames OPTIONAL }
- *
- */
-
-struct NSSPKIXDistributionPointStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXDistributionPointName *distributionPoint;
-  NSSPKIXReasonFlags *reasons;
-  NSSPKIXGeneralNames *cRLIssuer;
-};
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  DistributionPointName ::= CHOICE {
- *       fullName                [0]     GeneralNames,
- *       nameRelativeToCRLIssuer [1]     RelativeDistinguishedName }
- *
- */
-
-struct NSSPKIXDistributionPointNameStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXDistributionPointNameChoice choice;
-  union {
-    NSSPKIXGeneralNames *fullName;
-    NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer;
-  } u;
-};
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ReasonFlags ::= BIT STRING {
- *       unused                  (0),
- *       keyCompromise           (1),
- *       cACompromise            (2),
- *       affiliationChanged      (3),
- *       superseded              (4),
- *       cessationOfOperation    (5),
- *       certificateHold         (6) }
- *
- */
-
-struct NSSPKIXReasonFlagsStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXReasonFlagsMask reasonFlags;
-};
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- */
-
-struct NSSPKIXExtKeyUsageSyntaxStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AuthorityInfoAccessSyntax  ::=
- *          SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- */
-
-struct NSSPKIXAuthorityInfoAccessSyntaxStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  ...
-};
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  AccessDescription  ::=  SEQUENCE {
- *          accessMethod          OBJECT IDENTIFIER,
- *          accessLocation        GeneralName  }
- *
- */
-
-struct NSSPKIXAccessDescriptionStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSOID *accessMethod;
-  NSSPKIXGeneralName *accessLocation;
-};
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *  IssuingDistributionPoint ::= SEQUENCE {
- *       distributionPoint       [0] DistributionPointName OPTIONAL,
- *       onlyContainsUserCerts   [1] BOOLEAN DEFAULT FALSE,
- *       onlyContainsCACerts     [2] BOOLEAN DEFAULT FALSE,
- *       onlySomeReasons         [3] ReasonFlags OPTIONAL,
- *       indirectCRL             [4] BOOLEAN DEFAULT FALSE }
- *
- */
-
-struct NSSPKIXIssuingDistributionPointStr {
-  NSSArena *arena;
-  PRBool i_allocated_arena;
-  NSSDER *der;
-  NSSPKIXDistributionPointName *distributionPoint;
-  PRBool onlyContainsUserCerts;
-  PRBool onlyContainsCACerts;
-  NSSPKIXReasonFlags onlySomeReasons;
-  PRBool indirectCRL;
-};
-
-PR_END_EXTERN_C
-
-#endif /* PKIXTM_H */
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c
deleted file mode 100644
index cf95b4e26..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *algorithm,
-  NSSItem *parameters
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAlgorithmIdentifier *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_Create(arenaOpt, algorithm, parameters);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c
deleted file mode 100644
index 1e4e47b03..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAlgorithmIdentifier *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c
deleted file mode 100644
index f2a901151..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_Destroy
-(
-  NSSPKIXAlgorithmIdentifier *algid
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_Destroy(algid);
-}
-
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c
deleted file mode 100644
index 186ab49bc..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Duplicate
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAlgorithmIdentifier *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_Duplicate(algid, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c
deleted file mode 100644
index d390b3595..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAlgorithmIdentifier_Encode
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_Encode(algid, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c
deleted file mode 100644
index 65c52a2ba..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAlgorithmIdentifier_Equal
-(
-  NSSPKIXAlgorithmIdentifier *algid1,
-  NSSPKIXAlgorithmIdentifier *algid2,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_Equal(algid1, algid2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c
deleted file mode 100644
index be7493a66..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSOID pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSOID *
-NSSPKIXAlgorithmIdentifier_GetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSOID *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_GetAlgorithm(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c
deleted file mode 100644
index e94622e23..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-NSSPKIXAlgorithmIdentifier_GetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSItem *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSItem *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_GetParameters(algid, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c
deleted file mode 100644
index 0797fbd49..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_AlgorithmIdentifier_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_Clear
-(
-  NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSBER *)NULL != algid->ber ) {
-    nss_ZFreeIf(algid->ber->data);
-    nss_ZFreeIf(algid->ber);
-  }
-
-  if( (NSSDER *)NULL != algid->der ) {
-    nss_ZFreeIf(algid->der->data);
-    nss_ZFreeIf(algid->der);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c
deleted file mode 100644
index c527a6a56..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Create
-(
-  NSSArena *arenaOpt,
-  NSSOID *algorithm,
-  NSSItem *parameters
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAlgorithmIdentifier *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
-  if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->algorithm = algorithm;
-  rv->parameters = nssItem_Duplicate(parameters, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->parameters ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c
deleted file mode 100644
index 9713d34db..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAlgorithmIdentifier *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
-  if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, nssPKIXAlgorithmIdentifier_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c
deleted file mode 100644
index 7ef4d1fe1..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_Destroy
-(
-  NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_AlgorithmIdentifier_remove_pointer(algid);
-#endif /* DEBUG */
-
-  if( PR_TRUE == algid->i_allocated_arena ) {
-    return nssArena_Destroy(algid->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c
deleted file mode 100644
index ae3cf72b2..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Duplicate
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSArena *arenaOpt
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSPKIXAlgorithmIdentifier *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAlgorithmIdentifier *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
-  if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  rv->ber = nssItem_Duplicate(algid->ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  rv->der = nssItem_Duplicate(algid->der, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->der ) {
-    goto loser;
-  }
-
-  rv->algorithm = algid->algorithm;
-
-  rv->parameters = nssItem_Duplicate(algid->parameters, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->parameters ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c
deleted file mode 100644
index c9939350a..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXAlgorithmIdentifier_Encode
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    if( (NSSBER *)NULL != algid->ber ) {
-      it = algid->ber;
-      goto done;
-    }
-    /*FALLTHROUGH*/
-  case NSSASN1DER:
-    if( (NSSDER *)NULL != algid->der ) {
-      it = algid->der;
-      goto done;
-    }
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
-    return (NSSBER *)NULL;
-  }
-
-  it = nssASN1_EncodeItem(algid->arena, (NSSItem *)NULL, algid,
-                          nssPKIXAlgorithmIdentifier_template, encoding);
-  if( (NSSBER *)NULL == it ) {
-    return (NSSBER *)NULL;
-  }
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    algid->ber = it;
-    break;
-  case NSSASN1DER:
-    algid->der = it;
-    break;
-  default:
-    PR_ASSERT(0);
-    break;
-  }
-
- done:
-  return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c
deleted file mode 100644
index 423dfdb74..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAlgorithmIdentifier_Equal
-(
-  NSSPKIXAlgorithmIdentifier *algid1,
-  NSSPKIXAlgorithmIdentifier *algid2,
-  PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( algid1->algorithm != algid2->algorithm ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_SUCCESS;
-    }
-    return PR_FALSE;
-  }
-
-  return nssItem_Equal(algid1->parameters, algid2->parameters, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c
deleted file mode 100644
index 4c7c37b6e..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSOID pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSOID *
-nssPKIXAlgorithmIdentifier_GetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSOID *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  return algid->algorithm;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c
deleted file mode 100644
index 5d6f1decb..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSItem upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssPKIXAlgorithmIdentifier_GetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return (NSSItem *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSItem *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  return nssItem_Duplicate(algid->parameters, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c
deleted file mode 100644
index ccf9f23e2..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_SetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSOID *algorithm
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  algid->algorithm = algorithm;
-  return nss_pkix_AlgorithmIdentifier_Clear(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c
deleted file mode 100644
index d5a7e8424..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_SetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *parameters
-)
-{
-  NSSItem *prev;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  prev = algid->parameters;
-
-  algid->parameters = nssItem_Duplicate(parameters, algid->arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == algid->parameters ) {
-    algid->parameters = prev;
-    return PR_FAILURE;
-  }
-
-  (void)nssItem_Destroy(prev);
-  return nss_pkix_AlgorithmIdentifier_Clear(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c
deleted file mode 100644
index d829643e0..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_SetAlgorithm
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSOID *algorithm
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_SetAlgorithm(algid, algorithm);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c
deleted file mode 100644
index d751fb689..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_SetParameters
-(
-  NSSPKIXAlgorithmIdentifier *algid,
-  NSSItem *parameters
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAlgorithmIdentifier_SetParameters(algid, parameters);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c
deleted file mode 100644
index c9a9f8072..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_algid_pointer_tracker;
-
-/*
- * nss_pkix_AlgorithmIdentifier_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAlgorithmIdentifier pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_add_pointer
-(
-  const NSSPKIXAlgorithmIdentifier *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_algid_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_algid_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  rv = nssArena_registerDestructor(p->arena,
-         nss_pkix_AlgorithmIdentifier_remove_pointer, p);
-  if( PR_SUCCESS != rv ) {
-    (void)nss_pkix_AlgorithmIdentifier_remove_pointer(p);
-    return rv;
-  }
-
-  return rv;
-}
-
-/*
- * nss_pkix_AlgorithmIdentifier_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAlgorithmIdentifier
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_remove_pointer
-(
-  const NSSPKIXAlgorithmIdentifier *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&pkix_algid_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  /*
-   * nssArena_deregisterDestructor(p->arena,
-   *   nss_pkix_AlgorithmIdentifier_remove_pointer, p);
-   */
-
-  return rv;
-}
-
-/*
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAlgorithmIdentifier
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_verifyPointer
-(
-  NSSPKIXAlgorithmIdentifier *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_algid_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_algid_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Attribute/AddValue.c b/security/nss/lib/pkix/src/Attribute/AddValue.c
deleted file mode 100644
index aad082c50..000000000
--- a/security/nss/lib/pkix/src/Attribute/AddValue.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_AddValue
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue *value
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_AddValue(attribute, value);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/Create.c b/security/nss/lib/pkix/src/Attribute/Create.c
deleted file mode 100644
index 9fe406b2d..000000000
--- a/security/nss/lib/pkix/src/Attribute/Create.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INSUFFICIENT_VALUES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value1,
-  ...
-)
-{
-  va_list ap;
-  NSSPKIXAttribute *rv;
-  PRUint32 count;
-
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  if( (NSSPKIXAttributeValue *)NULL == value1 ) {
-    nss_SetError(NSS_ERROR_INSUFFICIENT_VALUES);
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  {
-    va_start(ap, typeOid);
-
-    while( 1 ) {
-      NSSPKIXAttributeValue *v;
-      v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
-      if( (NSSPKIXAttributeValue *)NULL == v ) {
-        break;
-      }
-    
-      if( PR_SUCCESS != nssItem_verifyPointer(v) ) {
-        va_end(ap);
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-
-    va_end(ap);
-  }
-#endif /* DEBUG */
-
-  va_start(ap, typeOid);
-
-  for( count = 0; ; count++ ) {
-    NSSPKIXAttributeValue *v;
-    v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
-    if( (NSSPKIXAttributeValue *)NULL == v ) {
-      break;
-    }
-
-#ifdef PEDANTIC
-    if( count == 0xFFFFFFFF ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      va_end(ap);
-      return (NSSPKIXAttribute *)NULL;
-    }
-#endif /* PEDANTIC */
-  }
-
-  va_end(ap);
-
-  va_start(ap, typeOid);
-  rv = nss_pkix_Attribute_V_Create(arenaOpt, typeOid, count, ap);
-  va_end(ap);
-
-  return rv;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/CreateFromArray.c b/security/nss/lib/pkix/src/Attribute/CreateFromArray.c
deleted file mode 100644
index 2928c3bcc..000000000
--- a/security/nss/lib/pkix/src/Attribute/CreateFromArray.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  PRUint32 count,
-  NSSPKIXAttributeValue values[]
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  {
-    PRUint32 i;
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssItem_verifyPointer(&values[i]) ) {
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_CreateFromArray(arenaOpt, typeOid, count, values);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Decode.c b/security/nss/lib/pkix/src/Attribute/Decode.c
deleted file mode 100644
index a16f195cd..000000000
--- a/security/nss/lib/pkix/src/Attribute/Decode.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459.  This
- * routine may return NULL upon error, in which case it will
- * have created an error stack.  If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Destroy.c b/security/nss/lib/pkix/src/Attribute/Destroy.c
deleted file mode 100644
index bd9454fca..000000000
--- a/security/nss/lib/pkix/src/Attribute/Destroy.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute.  It should be called on
- * all such objects created without an arena.  It does not need to be
- * called for objects created with an arena, but it may be.  This
- * routine returns a PRStatus value.  Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_Destroy
-(
-  NSSPKIXAttribute *attribute
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_Destroy(attribute);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Duplicate.c b/security/nss/lib/pkix/src/Attribute/Duplicate.c
deleted file mode 100644
index 146a49610..000000000
--- a/security/nss/lib/pkix/src/Attribute/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute.  {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Duplicate
-(
-  NSSPKIXAttribute *attribute,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_Duplicate(attribute, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Encode.c b/security/nss/lib/pkix/src/Attribute/Encode.c
deleted file mode 100644
index 179bd3d68..000000000
--- a/security/nss/lib/pkix/src/Attribute/Encode.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Encode
- *
- * This routine returns an ASN.1 encoding of the specified 
- * NSSPKIXAttribute.  {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA) 
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAttribute_Encode
-(
-  NSSPKIXAttribute *attribute,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_Encode(attribute, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Equal.c b/security/nss/lib/pkix/src/Attribute/Equal.c
deleted file mode 100644
index d91782aea..000000000
--- a/security/nss/lib/pkix/src/Attribute/Equal.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAttribute_Equal
-(
-  NSSPKIXAttribute *one,
-  NSSPKIXAttribute *two,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(one) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(two) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_Equal(one, two);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/FindValue.c b/security/nss/lib/pkix/src/Attribute/FindValue.c
deleted file mode 100644
index ba725051f..000000000
--- a/security/nss/lib/pkix/src/Attribute/FindValue.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data.  If an exact match is found,
- * then that value's index is returned.  If an exact match is not 
- * found, -1 is returned.  If there is more than one exact match, one
- * index will be returned.  {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXAttribute_FindValue
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue *value
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_FindValue(attribute, value);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetType.c b/security/nss/lib/pkix/src/Attribute/GetType.c
deleted file mode 100644
index 0bae2b988..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetType.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-NSSPKIXAttribute_GetType
-(
-  NSSPKIXAttribute *attribute
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSPKIXAttributeType *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_GetType(attribute);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetValue.c b/security/nss/lib/pkix/src/Attribute/GetValue.c
deleted file mode 100644
index afce8d135..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValue.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute.  Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed.  {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeValue *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_GetValue(attribute, i, itemOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetValueCount.c b/security/nss/lib/pkix/src/Attribute/GetValueCount.c
deleted file mode 100644
index 0cdc36b60..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValueCount.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute.  This routine returns a PRInt32.
- * Upon error, this routine returns -1.  This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXAttribute_GetValueCount
-(
-  NSSPKIXAttribute *attribute
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return -1;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_GetValueCount(attribute);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/GetValues.c b/security/nss/lib/pkix/src/Attribute/GetValues.c
deleted file mode 100644
index 986af03d1..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValues.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute.  If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned.  If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSItem's upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXAttributeValue *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_GetValues(attribute, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MClear.c b/security/nss/lib/pkix/src/Attribute/MClear.c
deleted file mode 100644
index 6fb77ba7d..000000000
--- a/security/nss/lib/pkix/src/Attribute/MClear.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_Attribute_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_Clear
-(
-  NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSBER *)NULL != a->ber ) {
-    nss_ZFreeIf(a->ber->data);
-    nss_ZFreeIf(a->ber);
-  }
-
-  if( (NSSDER *)NULL != a->der ) {
-    nss_ZFreeIf(a->der->data);
-    nss_ZFreeIf(a->der);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MCount.c b/security/nss/lib/pkix/src/Attribute/MCount.c
deleted file mode 100644
index abb0831cb..000000000
--- a/security/nss/lib/pkix/src/Attribute/MCount.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_Attribute_Count
- *
- * This module-private routine sets the valuesCount part of the
- * NSSPKIXAttribute argument.  It does no checking, and is intended
- * only for use inside the NSSPKIXAttribute implementation itself.
- * There is no error return.  There is no return value.
- */
-
-NSS_IMPLEMENT void
-nss_pkix_Attribute_Count
-(
-  NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
-  if( (nssASN1Item *)NULL == a->asn1values ) {
-    nss_SetError(NSS_ERROR_ASSERTION_FAILED);
-    return;
-  }
-
-  if( 0 == a->valuesCount ) {
-    PRUint32 i;
-    for( i = 0; i < 0xFFFFFFFF; i++ ) {
-      if( (nssASN1Item *)NULL == a->asn1values[i] ) {
-        break;
-      }
-    }
-
-#ifdef PEDANTIC
-    if( 0xFFFFFFFF == i ) {
-      return;
-    }
-#endif /* PEDANTIC */
-
-    a->valuesCount = i;
-  }
-
-  return;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MVCreate.c b/security/nss/lib/pkix/src/Attribute/MVCreate.c
deleted file mode 100644
index 1a54026d4..000000000
--- a/security/nss/lib/pkix/src/Attribute/MVCreate.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_Attribute_V_Create
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INTERNAL_ERROR;
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nss_pkix_Attribute_V_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  PRUint32 count,
-  va_list ap
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttribute);
-  if( (NSSPKIXAttribute *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  rv->type = typeOid;
-  {
-    NSSItem typeder;
-    NSSItem *x = nssOID_GetDEREncoding(rv->type, &typeder, arena);
-    if( (NSSItem *)NULL == x ) {
-      goto loser;
-    }
-
-    rv->asn1type.size = typeder.size;
-    rv->asn1type.data = typeder.data;
-  }
-
-  rv->valuesCount = count;
-
-  rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, count);
-  if( (nssASN1Item **)NULL == rv->asn1values ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSItem tmp;
-    NSSPKIXAttributeValue *v = (NSSPKIXAttributeValue *)
-      va_arg(ap, NSSPKIXAttributeValue *);
-
-    rv->asn1values[i] = nss_ZNEW(arena, nssASN1Item);
-    if( (nssASN1Item *)NULL == rv->asn1values[i] ) {
-      goto loser;
-    }
-
-    if( (NSSItem *)NULL == nssItem_Duplicate(v, arena, &tmp) ) {
-      goto loser;
-    }
-
-    rv->asn1values[i].size = tmp.size;
-    rv->asn1values[i].data = tmp.data;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != 
-      nssArena_registerDestructor(arena,
-                                  nss_pkix_Attribute_remove_pointer, 
-                                  rv) ) {
-    (void)nss_pkix_Attribute_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PAddValue.c b/security/nss/lib/pkix/src/Attribute/PAddValue.c
deleted file mode 100644
index 732845490..000000000
--- a/security/nss/lib/pkix/src/Attribute/PAddValue.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_AddValue
-(
-  NSSPKIXAttribute *a,
-  NSSPKIXAttributeValue *value
-)
-{
-  PRUint32 newcount;
-  nssASN1Item **new_asn1_items = (nssASN1Item **)NULL;
-  NSSItem tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
-  if( (nssASN1Item **)NULL == a->asn1values ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  }
-
-  if( 0 == a->valuesCount ) {
-    PRUint32 i;
-
-    for( i = 0; i < 0xFFFFFFFF; i++ ) {
-      if( (nssASN1Item *)NULL == a->asn1values[i] ) {
-        break;
-      }
-    }
-
-#ifdef PEDANTIC
-    if( 0xFFFFFFFF == i ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-      /* Internal error is that we don't handle them this big */
-      return PR_FAILURE;
-    }
-#endif /* PEDANTIC */
-
-    a->valuesCount = i;
-  }
-
-  newcount = a->valuesCount + 1;
-  /* Check newcount for a rollover. */
-
-  /* Remember that our asn1values array is NULL-terminated */
-  new_asn1_items = (nssASN1Item **)nss_ZRealloc(a->asn1values,
-                     ((newcount+1) * sizeof(nssASN1Item *)));
-  if( (nssASN1Item **)NULL == new_asn1_items ) {
-    goto loser;
-  }
-
-  new_asn1_items[ a->valuesCount ] = nss_ZNEW(a->arena, nssASN1Item);
-  if( (nssASN1Item *)NULL == new_asn1_items[ a->valuesCount ] ) {
-    goto loser;
-  }
-
-  if( (NSSItem *)NULL == nssItem_Duplicate(value, a->arena, &tmp) ) {
-    goto loser;
-  }
-
-  new_asn1_items[ a->valuesCount ]->size = tmp.size;
-  new_asn1_items[ a->valuesCount ]->data = tmp.data;
-
-  a->valuesCount++;
-  a->asn1values = new_asn1_items;
-
-  return nss_pkix_Attribute_Clear(a);
-
- loser:
-  if( (nssASN1Item **)NULL != new_asn1_items ) {
-    nss_ZFreeIf(new_asn1_items[ newcount-1 ]);
-    /* We could realloc back down, but we actually know it's a no-op */
-    a->asn1values = new_asn1_items;
-  }
-
-  return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PCreate.c b/security/nss/lib/pkix/src/Attribute/PCreate.c
deleted file mode 100644
index 40dc5c07c..000000000
--- a/security/nss/lib/pkix/src/Attribute/PCreate.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_INSUFFICIENT_VALUES
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value1,
-  ...
-)
-{
-  va_list ap;
-  NSSPKIXAttribute *rv;
-  PRUint32 count;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  if( (NSSPKIXAttributeValue *)NULL == value1 ) {
-    nss_SetError(NSS_ERROR_INSUFFICIENT_VALUES);
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  {
-    va_start(ap, typeOid);
-
-    while( 1 ) {
-      NSSPKIXAttributeValue *v;
-      v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
-      if( (NSSPKIXAttributeValue *)NULL == v ) {
-        break;
-      }
-    
-      if( PR_SUCCESS != nssItem_verifyPointer(v) ) {
-        va_end(ap);
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-
-    va_end(ap);
-  }
-#endif /* NSSDEBUG */
-
-  va_start(ap, typeOid);
-
-  for( count = 0; ; count++ ) {
-    NSSPKIXAttributeValue *v;
-    v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
-    if( (NSSPKIXAttributeValue *)NULL == v ) {
-      break;
-    }
-
-#ifdef PEDANTIC
-    if( count == 0xFFFFFFFF ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      va_end(ap);
-      return (NSSPKIXAttribute *)NULL;
-    }
-#endif /* PEDANTIC */
-  }
-
-  va_end(ap);
-
-  va_start(ap, typeOid);
-  rv = nss_pkix_Attribute_V_Create(arenaOpt, typeOid, count, ap);
-  va_end(ap);
-
-  return rv;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c b/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c
deleted file mode 100644
index c2d301d12..000000000
--- a/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.  If the optional arena argument is non-NULL,
- * that arena will be used for the required memory.  There must be at
- * least one attribute value specified.  The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  PRUint32 count,
-  NSSPKIXAttributeValue values[]
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    if( PR_SUCCESS != nssItem_verifyPointer(&values[i]) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttribute);
-  if( (NSSPKIXAttribute *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  rv->type = typeOid;
-  {
-    NSSItem typeder;
-    NSSItem *x = nssOID_GetDEREncoding(rv->type, &typeder, arena);
-    if( (NSSItem *)NULL == x ) {
-      goto loser;
-    }
-
-    rv->asn1type.size = typeder.size;
-    rv->asn1type.data = typeder.data;
-  }
-
-  rv->valuesCount = count;
-
-  rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, count);
-  if( (nssASN1Item **)NULL == rv->asn1values ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSItem tmp;
-    NSSPKIXAttributeValue *v = &values[i];
-
-    rv->asn1values[i] = nss_ZNEW(arena, nssASN1Item);
-    if( (nssASN1Item *)NULL == rv->asn1values[i] ) {
-      goto loser;
-    }
-
-    if( (NSSItem *)NULL == nssItem_Duplicate(v, arena, &tmp) ) {
-      goto loser;
-    }
-
-    rv->asn1values[i].size = tmp.size;
-    rv->asn1values[i].data = tmp.data;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != 
-      nssArena_registerDestructor(arena, 
-                                  nss_pkix_Attribute_remove_pointer, 
-                                  rv) ) {
-    (void)nss_pkix_Attribute_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDecode.c b/security/nss/lib/pkix/src/Attribute/PDecode.c
deleted file mode 100644
index 49a059404..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDecode.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459.  This
- * routine may return NULL upon error, in which case it will
- * have created an error stack.  If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttribute);
-  if( (NSSPKIXAttribute *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, nssPKIXAttribute_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_Attribute_remove_pointer, rv) ) {
-    (void)nss_pkix_Attribute_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDestroy.c b/security/nss/lib/pkix/src/Attribute/PDestroy.c
deleted file mode 100644
index 5f2b5a135..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDestroy.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute.  It should be called on
- * all such objects created without an arena.  It does not need to be
- * called for objects created with an arena, but it may be.  This
- * routine returns a PRStatus value.  Upon error, it place an error on 
- * the error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_Destroy
-(
-  NSSPKIXAttribute *attribute
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_Attribute_remove_pointer(attribute);
-  (void)nssArena_RemoveDestructor(arena, nss_pkix_Attribute_remove_pointer, 
-                                  attribute);
-#endif /* DEBUG */
-
-  if( PR_TRUE == attribute->i_allocated_arena ) {
-    return nssArena_Destroy(attribute->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDuplicate.c b/security/nss/lib/pkix/src/Attribute/PDuplicate.c
deleted file mode 100644
index 765510e59..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDuplicate.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute.  {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttribute upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_Duplicate
-(
-  NSSPKIXAttribute *attribute,
-  NSSArena *arenaOpt
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return PR_FAILURE;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttribute);
-  if( (NSSPKIXAttribute *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  if( (NSSBER *)NULL != attribute->ber ) {
-    rv->ber = nssItem_Duplicate(arena, attribute->ber, (NSSItem *)NULL);
-    if( (NSSBER *)NULL == rv->ber ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSDER *)NULL != attribute->der ) {
-    rv->der = nssItem_Duplicate(arena, attribute->der, (NSSItem *)NULL);
-    if( (NSSDER *)NULL == rv->der ) {
-      goto loser;
-    }
-  }
-
-  if( (void *)NULL != attribute->asn1type.data ) {
-    rv->asn1type.size = attribute->asn1type.size;
-    rv->asn1type.data = nss_ZAlloc(arena, attribute->asn1type.size);
-    if( (void *)NULL == rv->asn1type.data ) {
-      goto loser;
-    }
-    (void)nsslibc_memcpy(rv->asn1type.data, attribute->asn1type.data, 
-                         rv->asn1type.size);
-  }
-    
-  if( (nssASN1Item **)NULL != attribute->asn1values ) {
-    rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, attribute->valuesCount);
-    if( (nssASN1Item **)NULL == rv->asn1values ) {
-      goto loser;
-    }
-
-    for( i = 0; i < attribute->valuesCount; i++ ) {
-      nssASN1Item *src;
-      nssASN1Item *dst;
-
-      src = attribute->asn1values[i];
-      dst = nss_ZNEW(arena, nssASN1Item);
-      if( (nssASN1Item *)NULL == dst ) {
-        goto loser;
-      }
-
-      rv->asn1values[i] = dst;
-
-      dst->size = src->size;
-      dst->data = nss_ZAlloc(arena, dst->size);
-      if( (void *)NULL == dst->data ) {
-        goto loser;
-      }
-      (void)nsslibc_memcpy(dst->data, src->data, src->size);
-    }
-  }
-
-  rv->type = attribute->type; /* NULL or otherwise */
-  rv->valuescount = attribute->valuesCount;
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != 
-      nssArena_registerDestructor(arena,
-                                  nss_pkix_Attribute_remove_pointer, 
-                                  rv) ) {
-    (void)nss_pkix_Attribute_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PEncode.c b/security/nss/lib/pkix/src/Attribute/PEncode.c
deleted file mode 100644
index 7fc647ed2..000000000
--- a/security/nss/lib/pkix/src/Attribute/PEncode.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_Encode
- *
- * This routine returns an ASN.1 encoding of the specified 
- * NSSPKIXAttribute.  {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA) 
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_DATA
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXAttribute_Encode
-(
-  NSSPKIXAttribute *a,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  NSSBER *it;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    if( (NSSBER *)NULL != a->ber ) {
-      it = a->ber;
-      goto done;
-    }
-    /*FALLTHROUGH*/
-  case NSSASN1DER:
-    if( (NSSDER *)NULL != a->der ) {
-      it = a->der;
-      goto done;
-    }
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
-    return (NSSBER *)NULL;
-  }
-
-  it = nssASN1_EncodeItem(a->arena, (NSSItem *)NULL, a, 
-                          nssPKIXAttribute_template, encoding);
-  if( (NSSBER *)NULL == it ) {
-    return (NSSBER *)NULL;
-  }
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    a->ber = it;
-    break;
-  case NSSASN1DER:
-    a->der = it;
-    break;
-  default:
-    PR_ASSERT(0);
-    break;
-  }
-
- done:
-  return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PEqual.c b/security/nss/lib/pkix/src/Attribute/PEqual.c
deleted file mode 100644
index 247bfd575..000000000
--- a/security/nss/lib/pkix/src/Attribute/PEqual.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAttribute_Equal
-(
-  NSSPKIXAttribute *one,
-  NSSPKIXAttribute *two,
-  PRStatus *statusOpt
-)
-{
-  PRStatus dummyStatus = PR_SUCCESS; /* quiet warnings */
-  PRStatus *status;
-  PRUint32 i;
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    status = statusOpt;
-    *status = PR_SUCCESS;
-  } else {
-    status = &dummyStatus;
-  }
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(one) ) {
-    *status = PR_FAILURE;
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(two) ) {
-    *status = PR_FAILURE;
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
-    return nssItem_Equal(one->der, two->der, statusOpt);
-  }
-
-  if( (NSSPKIXAttributeType *)NULL == one->type ) {
-    NSSItem berOid;
-    berOid.size = one->asn1type.size;
-    berOid.data = one->asn1type.data;
-    one->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&berOid);
-  }
-
-  if( (NSSPKIXAttributeType *)NULL == two->type ) {
-    NSSItem berOid;
-    berOid.size = two->asn1type.size;
-    berOid.data = two->asn1type.data;
-    two->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&berOid);
-  }
-
-  if( one->type != two->type ) {
-    return PR_FALSE;
-  }
-
-  if( 0 == one->valuesCount ) {
-    nss_pkix_Attribute_Count(one);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == one->valuesCount ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    *statusOpt = PR_FAILURE;
-    return PR_FALSE;
-  }
-#endif /* PEDANTIC */
-
-  if( 0 == two->valuesCount ) {
-    nss_pkix_Attribute_Count(two);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == two->valuesCount ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    *statusOpt = PR_FAILURE;
-    return PR_FALSE;
-  }
-#endif /* PEDANTIC */
-
-  if( one->valuesCount != two->valuesCount ) {
-    return PR_FALSE;
-  }
-
-  *status = nss_pkix_Attribute_Distinguish(one);
-  if( PR_FAILURE == *status ) {
-    return PR_FALSE;
-  }
-
-  *status = nss_pkix_Attribute_Distinguish(two);
-  if( PR_FAILURE == *status ) {
-    return PR_FALSE;
-  }
-
-  for( i == 0; i < one->valuesCount; i++ ) {
-    NSSItem onetmp, twotmp;
-
-    onetmp.size = one->asn1values[i]->size;
-    onetmp.data = one->asn1values[i]->data;
-    twotmp.size = two->asn1values[i]->size;
-    twotmp.data = two->asn1values[i]->data;
-
-    if( PR_FALSE == nssItem_Equal(&one, &two, statusOpt) ) {
-      return PR_FALSE;
-    }
-  }
-
-  return PR_TRUE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PFindValue.c b/security/nss/lib/pkix/src/Attribute/PFindValue.c
deleted file mode 100644
index 0f1095f0c..000000000
--- a/security/nss/lib/pkix/src/Attribute/PFindValue.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data.  If an exact match is found,
- * then that value's index is returned.  If an exact match is not 
- * found, -1 is returned.  If there is more than one exact match, one
- * index will be returned.  {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXAttribute_FindValue
-(
-  NSSPKIXAttribute *a,
-  NSSPKIXAttributeValue *attributeValue
-)
-{
-  PRUint32 i;
-  nssASN1Item **a;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
-  if( (nssASN1Item **)NULL == a->asn1values ) {
-    nss_SetError(NSS_ERROR_ASSERTION_FAILED);
-    return -1;
-  }
-
-  for( i = 0, a = &a->asn1values[0]; *a; a++, (i > 0x7fffffff) || i++ ) {
-    NSSItem tmp;
-
-    tmp.size = (*a)->size;
-    tmp.data = (*a)->data;
-
-    if( PR_TRUE == nssItem_Equal(attributeValue, &tmp, (PRStatus *)NULL) ) {
-      if( i > 0x7fffffff ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return -1;
-      }
-      return (PRInt32)i;
-    }
-  }
-
-  nss_SetError(NSS_ERROR_NOT_FOUND);
-  return -1;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetType.c b/security/nss/lib/pkix/src/Attribute/PGetType.c
deleted file mode 100644
index 4b61431b8..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetType.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-nssPKIXAttribute_GetType
-(
-  NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return (NSSPKIXAttributeType *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSPKIXAttributeType *)NULL == a->type ) {
-    NSSItem ber;
-
-    ber.size = a->asn1type.size;
-    ber.data = a->asn1type.data;
-
-    a->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&ber);
-  }
-
-  return a->type;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValue.c b/security/nss/lib/pkix/src/Attribute/PGetValue.c
deleted file mode 100644
index bbf12ca67..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValue.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute.  Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed.  {usual comments about
- * itemOpt and arenaOpt} [0,valueCount)
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-)
-{
-  NSSItem tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeValue *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == attribute->valuesCount ) {
-    nss_pkix_Attribute_Count(attribute);
-  }
-
-  if( (i < 0) || (i >= attribute->valuesCount) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  tmp.size = attribute->asn1values[i]->size;
-  tmp.data = attribute->asn1values[i]->data;
-
-  return nssItem_Duplicate(&tmp, arenaOpt, itemOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValueCount.c b/security/nss/lib/pkix/src/Attribute/PGetValueCount.c
deleted file mode 100644
index ada1d403d..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValueCount.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute.  This routine returns a PRInt32.
- * Upon error, this routine returns -1.  This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXAttribute_GetValueCount
-(
-  NSSPKIXAttribute *attribute
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return -1;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == attribute->valuesCount ) {
-    nss_pkix_Attribute_Count(attribute);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == attribute->valuesCount ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return -1;
-  }
-#endif /* PEDANTIC */
-
-  if( attribute->valuesCount > 0x7fffffff ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return -1;
-  }
-
-  return (PRInt32)(attribute->valuesCount);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValues.c b/security/nss/lib/pkix/src/Attribute/PGetValues.c
deleted file mode 100644
index ccc11dbe0..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValues.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute.  If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned.  If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSItem's upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-)
-{
-  NSSPKIXAttributeValue *rv = (NSSPKIXAttributeValue *)NULL;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXAttributeValue *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == attribute->valuesCount ) {
-    nss_pkix_Attribute_Count(attribute);
-  }
-  
-#ifdef PEDANTIC
-  if( 0 == attribute->valuesCount ) {
-    if( 0 == limit ) {
-      nss_SetError(NSS_ERROR_NO_MEMORY);
-    } else {
-      nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
-    }
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (limit < attribute->valuesCount) &&
-      !((0 == limit) && ((NSSPKIXAttributeValue *)NULL == rvOpt)) ) {
-    nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  limit = attribute->valuesCount;
-  if( (NSSPKIXAttributeValue *)NULL == rvOpt ) {
-    rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXAttributeValue, limit);
-    if( (NSSPKIXAttributeValue *)NULL == rv ) {
-      return (NSSPKIXAttributeValue *)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  for( i = 0; i < limit; i++ ) {
-    NSSAttributeValue tmp;
-    nssASN1Item *p = attribute->asn1values[i];
-    NSSAttributeValue *r = &rv[i];
-
-    tmp.size = p->size;
-    tmp.data = p->data;
-
-    if( (NSSItem *)NULL == nssItem_Duplicate(&tmp, arenaOpt, r) ) {
-      goto loser;
-    }
-  }
-
-  return rv;
-
- loser:
-  for( i = 0; i < limit; i++ ) {
-    NSSAttributeValue *r = &rv[i];
-    nss_ZFreeIf(r->data);
-  }
-
-  if( rv != rvOpt ) {
-    nss_ZFreeIf(rv);
-  }
-
-  return (NSSAttributeValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PRemoveValue.c b/security/nss/lib/pkix/src/Attribute/PRemoveValue.c
deleted file mode 100644
index 6da2ebc07..000000000
--- a/security/nss/lib/pkix/src/Attribute/PRemoveValue.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute.  An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-PR_IMPLEMENET(PRStatus)
-nssPKIXAttribute_RemoveValue
-(
-  NSSPKIXAttribute *a,
-  PRInt32 i
-)
-{
-  nssASN1Item **ip;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == a->valuesCount ) {
-    nss_pkix_Attribute_Count(a);
-  }
-
-  if( i < 0 ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return PR_FAILURE;
-  }
-
-  if( 1 == a->valuesCount ) {
-    nss_SetError(NSS_ERROR_AT_MINIMUM);
-    return PR_FAILURE;
-  }
-
-#ifdef PEDANTIC
-  if( 0 == a->valuesCount ) {
-    /* Too big.. but we can still remove one */
-    nss_ZFreeIf(a->asn1values[i].data);
-    for( ip = &a->asn1values[i]; *ip; ip++ ) {
-      ip[0] = ip[1];
-    }
-  } else
-#endif /* PEDANTIC */
-
-  {
-    nssASN1Item *si;
-    PRUint32 end;
-
-    if( i >= a->valueCount ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      return PR_FAILURE;
-    }
-
-    end = a->valuesCount - 1;
-
-    si = a->asn1values[i];
-    a->asn1values[i] = a->asn1values[ end ];
-    a->asn1values[ end ] = (nssASN1Item *)NULL;
-
-    nss_ZFreeIf(si->data);
-    nss_ZFreeIf(si);
-
-    /* We could realloc down, but we know it's a no-op */
-    a->valuesCount = end;
-  }
-
-  return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetType.c b/security/nss/lib/pkix/src/Attribute/PSetType.c
deleted file mode 100644
index 8f430aab3..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetType.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value.  Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetType
-(
-  NSSPKIXAttribute *a,
-  NSSPKIXAttributeType *attributeType
-)
-{
-  NSSDER tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  a->type = attributeType;
-
-  nss_ZFreeIf(a->asn1type.data);
-  if( (NSSDER *)NULL == nssOID_GetDEREncoding(a->type, &tmp, a->arena) ) {
-    return PR_FAILURE;
-  }
-
-  a->asn1type.size = tmp.size;
-  a->asn1type.data = tmp.data;
-
-  return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetValue.c b/security/nss/lib/pkix/src/Attribute/PSetValue.c
deleted file mode 100644
index 4fd490a6a..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetValue.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetValue
-(
-  NSSPKIXAttribute *a,
-  PRInt32 i,
-  NSSPKIXAttributeValue *value
-)
-{
-  NSSItem tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( i < 0 ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return PR_FAILURE;
-  }
-
-  if( 0 == a->valuesCount ) {
-    nss_pkix_Attribute_Count(a);
-  }
-
-  if( (0 != a->valuesCount) && (i > a->valuesCount) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return PR_FAILURE;
-  }
-
-  if( (NSSItem *)NULL == nssItem_Duplicate(value, a->arena, &tmp) ) {
-    return PR_FAILURE;
-  }
-
-  nss_ZFreeIf(a->asn1values[i]->data);
-  a->asn1values[i]->size = tmp.size;
-  a->asn1values[i]->data = tmp.data;
-
-  return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetValues.c b/security/nss/lib/pkix/src/Attribute/PSetValues.c
deleted file mode 100644
index 64df8eb55..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetValues.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified 
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetValues
-(
-  NSSPKIXAttribute *a,
-  NSSPKIXAttributeValue values[],
-  PRInt32 count
-)
-{
-  nssASN1Item **ip;
-  nssASN1Item *newarray;
-  PRUint32 i;
-  nssArenaMark *mark;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSPKIXAttributeValue *)NULL == values ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  if( count < 1 ) {
-    nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
-  if( (nssASN1Item **)NULL == a->asn1values ) {
-    nss_SetError(NSS_ERROR_ASSERTION_FAILED);
-    return PR_FAILURE;
-  }
-
-  mark = nssArena_Mark(a->arena);
-  if( (nssArenaMark *)NULL == mark ) {
-    return PR_FAILURE;
-  }
-
-  newarray = nss_ZNEWARRAY(a->arena, nssASN1Item *, count);
-  if( (nssASN1Item *)NULL == newarray ) {
-    return PR_FAILURE;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSItem tmp;
-
-    newarray[i] = nss_ZNEW(a->arena, nssASN1Item);
-    if( (nssASN1Item *)NULL == newarray[i] ) {
-      goto loser;
-    }
-
-    if( (NSSItem *)NULL == nssItem_Duplicate(&values[i], a->arena, &tmp) ) {
-      goto loser;
-    }
-
-    newarray[i]->size = tmp.size;
-    newarray[i]->data = tmp.data;
-  }
-
-  for( ip = &a->asn1values[0]; *ip; ip++ ) {
-    nss_ZFreeIf((*ip)->data);
-    nss_ZFreeIf(*ip);
-  }
-
-  nss_ZFreeIf(a->asn1values);
-  
-  a->asn1values = newarray;
-  a->valuesCount = count;
-
-  (void)nss_pkix_Attribute_Clear(a);
-  return nssArena_Unmark(a->arena, mark);
-
- loser:
-  (void)nssArena_Release(a->arena, mark);
-  return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/RemoveValue.c b/security/nss/lib/pkix/src/Attribute/RemoveValue.c
deleted file mode 100644
index e869fd96a..000000000
--- a/security/nss/lib/pkix/src/Attribute/RemoveValue.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute.  An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_RemoveValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_RemoveValue(attribute, i);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/SetType.c b/security/nss/lib/pkix/src/Attribute/SetType.c
deleted file mode 100644
index 4975c8f8a..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetType.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value.  Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetType
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeType *attributeType
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_SetType(attribute, attributeType);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/SetValue.c b/security/nss/lib/pkix/src/Attribute/SetValue.c
deleted file mode 100644
index 43f74ad26..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetValue.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetValue
-(
-  NSSPKIXAttribute *attribute,
-  PRInt32 i,
-  NSSPKIXAttributeValue *value
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttribute_SetValue(attribute, i, value);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/SetValues.c b/security/nss/lib/pkix/src/Attribute/SetValues.c
deleted file mode 100644
index 7c3645cf7..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetValues.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified 
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetValues
-(
-  NSSPKIXAttribute *attribute,
-  NSSPKIXAttributeValue values[],
-  PRInt32 count
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSPKIXAttributeValue *)NULL == values ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  if( count < 1 ) {
-    nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKXIAttribute_SetValues(attribute, values, count);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/template.c b/security/nss/lib/pkix/src/Attribute/template.c
deleted file mode 100644
index 850b6a9b0..000000000
--- a/security/nss/lib/pkix/src/Attribute/template.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_template
- *
- *
- */
-
-const nssASN1Template nssPKIXAttribute_template[] = {
-  { nssASN1_SEQUENCE, 0, NULL, sizeof(NSSPKIXAttribute) },
-  { nssASN1_OBJECT_ID, offsetof(NSSPKIXAttribute, asn1type) },
-  { nssASN1_SET_OF, offsetof(NSSPKIXAttribute, asn1values), 
-    nssASN1Template_Any },
-  { 0 }
-};
diff --git a/security/nss/lib/pkix/src/Attribute/verifyPointer.c b/security/nss/lib/pkix/src/Attribute/verifyPointer.c
deleted file mode 100644
index c0ae3ed84..000000000
--- a/security/nss/lib/pkix/src/Attribute/verifyPointer.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_attribute_pointer_tracker;
-
-/*
- * nss_pkix_Attribute_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttribute pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_add_pointer
-(
-  const NSSPKIXAttribute *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_attribute_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_attribute_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_Attribute_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAttribute
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_remove_pointer
-(
-  const NSSPKIXAttribute *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&pkix_attribute_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-
-/*
- * nssPKIXAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttribute
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_verifyPointer
-(
-  NSSPKIXAttribute *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_attribute_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_attribute_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c
deleted file mode 100644
index 84e721f80..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Create
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue(arenaOpt, typeOid, value);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c
deleted file mode 100644
index 72e0a3114..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c
deleted file mode 100644
index 33b657303..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c
deleted file mode 100644
index b3c28a03f..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Destroy
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_Destroy
-(
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_Destroy(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c
deleted file mode 100644
index 09d1f27c3..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Duplicate
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_Duplicate(atav, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c
deleted file mode 100644
index 1b67be84d..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Encode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAttributeTypeAndValue_Encode
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_Encode(atav, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c
deleted file mode 100644
index 0cbf06eca..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Equal
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAttributeTypeAndValue_Equal
-(
-  NSSPKIXAttributeTypeAndValue *atav1,
-  NSSPKIXAttributeTypeAndValue *atav2,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav1) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav2) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_Equal(atav1, atav2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c
deleted file mode 100644
index 68e2f48f6..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-NSSPKIXAttributeTypeAndValue_GetType
-(
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return (NSSPKIXAttributeType *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_GetType(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c
deleted file mode 100644
index 611e4bcb9..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_GetUTF8Encoding(atav, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c
deleted file mode 100644
index 5516c63ea..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttributeTypeAndValue_GetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *itemOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return (NSSPKIXAttributeValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeValue *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_GetValue(atav, itemOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c
deleted file mode 100644
index eeae7db86..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_AttributeTypeAndValue_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_Clear
-(
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSBER *)NULL != atav->ber ) {
-    nss_ZFreeIf(atav->ber->data);
-    nss_ZFreeIf(atav->ber);
-  }
-
-  if( (NSSDER *)NULL != atav->der ) {
-    nss_ZFreeIf(atav->der->data);
-    nss_ZFreeIf(atav->der);
-  }
-
-  nss_ZFreeIf(atav->utf8);
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c
deleted file mode 100644
index 2dc6d8ac5..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Create
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeType *typeOid,
-  NSSPKIXAttributeValue *value
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-#endif /* DEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
-  if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->type = typeOid;
-
-  {
-    NSSItem tmp;
-    if( (NSSItem *)NULL == nssOID_GetDEREncoding(typeOid, arena, &tmp) ) {
-      goto loser;
-    }
-
-    rv->asn1type.size = tmp.size;
-    rv->asn1type.data = tmp.data;
-  }
-
-  {
-    NSSItem tmp;
-    if( (NSSItem *)NULL == nssItem_Duplicate(value, arena, &tmp) ) {
-      goto loser;
-    }
-
-    rv->asn1value.size = tmp.size;
-    rv->asn1value.data = tmp.data;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c
deleted file mode 100644
index a2fa289ea..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
-  if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->utf8 = nssUTF8_Duplicate(string, arena);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-  
-  /* Fill this in later from ../pki1/atav.c implementation */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  goto loser;
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c
deleted file mode 100644
index 9e017526c..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
-  if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  /* For this object, BER is DER */
-  rv->der = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, 
-                             nssPKIXAttributeTypeAndValue_template,
-                             ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c
deleted file mode 100644
index 47242f545..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Destroy
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_Destroy
-(
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_AttributeTypeAndValue_remove_pointer(atav);
-  (void)nssArena_RemoveDestructor(arena, 
-    nss_pkix_AttributeTypeAndValue_remove_pointer, atav);
-#endif /* DEBUG */
-
-  if( PR_TRUE == atav->i_allocated_arena ) {
-    return nssArena_Destroy(atav->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c
deleted file mode 100644
index 53fc85171..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Duplicate
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
-  if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  if( (NSSDER *)NULL != atav->der ) {
-    rv->der = nssItem_Duplicate(atav->der, arena, (NSSItem *)NULL);
-    if( (NSSDER *)NULL == rv->der ) {
-      goto loser; /* actually, this isn't fatal */
-    }
-  }
-
-  {
-    NSSItem src, dst;
-    src.size = atav->asn1type.size;
-    src.data = atav->asn1type.data;
-    if( (NSSItem *)NULL == nssItem_Duplicate(&src, arena, &dst) ) {
-      goto loser;
-    }
-    rv->asn1type.size = dst.size;
-    rv->asn1type.data = dst.data;
-  }
-
-  {
-    NSSItem src, dst;
-    src.size = atav->asn1value.size;
-    src.data = atav->asn1value.data;
-    if( (NSSItem *)NULL == nssItem_Duplicate(&src, arena, &dst) ) {
-      goto loser;
-    }
-    rv->asn1value.size = dst.size;
-    rv->asn1value.data = dst.data;
-  }
-
-  rv->type = atav->type;
-
-  if( (NSSUTF8 *)NULL != atav->utf8 ) {
-    rv->utf8 = nssUTF8_Duplicate(atav->utf8, arena);
-    if( (NSSUTF8 *)NULL == rv->utf8 ) {
-      goto loser; /* actually, this isn't fatal */
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c
deleted file mode 100644
index 64a77e590..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Encode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttributeTypeAndValue_Encode
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-  case NSSASN1DER:
-    break;
-  case NSSASN1CER:
-  case NSSASN1LWER:
-  case NSSASN1PER:
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
-    return (NSSBER *)NULL;
-  }
-
-  /* For this item its DER is BER */
-
-  if( (NSSDER *)NULL == atav->der ) {
-    atav->der = nssASN1_EncodeDER(atav->arena, (NSSItem *)NULL, a,
-                  nssPKIXAtributeTypeAndValue_template, NSSASN1DER);
-    if( (NSSDER *)NULL == atav->der ) {
-      return (NSSBER *)NULL;
-    }
-  }
-
-  return nssItem_Duplicate(a->der, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c
deleted file mode 100644
index 67dc970f1..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Equal
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAttributeTypeAndValue_Equal
-(
-  NSSPKIXAttributeTypeAndValue *atav1,
-  NSSPKIXAttributeTypeAndValue *atav2,
-  PRStatus *statusOpt
-)
-{
-  NSSItem one, two;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav1) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav2) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  one.size = atav1->asn1type.size;
-  one.data = atav1->asn1type.data;
-  two.size = atav2->asn1type.size;
-  two.data = atav2->asn1type.data;
-
-  if( PR_FALSE == nssItem_Equal(&one, &two, statusOpt) ) {
-    return PR_FALSE;
-  }
-
-  one.size = atav1->asn1value.size;
-  one.data = atav1->asn1value.data;
-  two.size = atav2->asn1value.size;
-  two.data = atav2->asn1value.data;
-
-  return nssItem_Equal(&one, &two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c
deleted file mode 100644
index 20411e8ee..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSPKIXAttributeType pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-nssPKIXAttributeTypeAndValue_GetType
-(
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSPKIXAttributeType *)NULL == atav->type ) {
-    NSSItem ber;
-
-    ber.size = atav->asn1type.size;
-    ber.data = atav->asn1type.data;
-
-    atav->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&ber);
-  }
-
-  return atav->type;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c
deleted file mode 100644
index 41145b3cf..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == atav->utf8 ) {
-    /* xxx fgmr fill this in from the ../pki1/atav.c implementation */
-  }
-
-  return nssUTF8_Duplicate(atav->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c
deleted file mode 100644
index 33f9e5b2b..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSAttributeValue upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttributeTypeAndValue_GetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  NSSItem tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  tmp.size = atav->asn1value.size;
-  tmp.data = atav->asn1value.data;
-
-  return nssItem_Duplicate(&tmp, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c
deleted file mode 100644
index 4e25b88cc..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_SetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetType
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeType *attributeType
-)
-{
-  NSSDER tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  atav->type = attributeType;
-
-  nss_ZFreeIf(atav->asn1type.data);
-  if( (NSSDER *)NULL == nssOID_GetDEREncoding(atav->type, &tmp, atav->arena) ) {
-    return PR_FAILURE;
-  }
-
-  atav->asn1type.size = tmp.size;
-  atav->asn1type.data = tmp.data;
-
-  return nss_pkix_AttributeTypeAndValue_Clear(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c
deleted file mode 100644
index 82de4db00..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_SetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_SetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *value
-)
-{
-  NSSItem tmp;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSItem *)NULL == nssItem_Duplicate(value, atav->arena, &tmp) ) {
-    return PR_FAILURE;
-  }
-
-  nss_ZFreeIf(atav->asn1value.data);
-  atav->asn1value.size = tmp.size;
-  atav->asn1value.data = tmp.data;
-
-  return nss_pkix_AttributeTypeAndValue_Clear(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c
deleted file mode 100644
index 672b7b738..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetType
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_OID
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_SetType
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeType *attributeType
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_SetType(atav, attributeType);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c
deleted file mode 100644
index fafc54d6c..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetValue
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_SetValue
-(
-  NSSPKIXAttributeTypeAndValue *atav,
-  NSSPKIXAttributeValue *value
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXAttributeTypeAndValue_SetValue(atav, value);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c
deleted file mode 100644
index 548a4fac9..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_template
- *
- */
-
-const nssASN1Template nssPKIXAttributeTypeAndValue_template[] = {
-  { nssASN1_SEQUENCE, 0, NULL, sizeof(NSSPKIXAttributeTypeAndValue) },
-  { nssASN1_OBJECT_ID, offsetof(NSSPKIXAttributeTypeAndValue, asn1type) },
-  { nssASN1_ANY, offsetof(NSSPKIXAttributeTypeAndValue, asn1value) },
-  { 0 }
-};
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c
deleted file mode 100644
index 340e19c1b..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_atav_pointer_tracker;
-
-/*
- * nss_pkix_AttributeTypeAndValue_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttributeTypeAndValue 
- * pointer to the internal pointer-tracker.  This routine should only 
- * be used by the NSSPKIX module.  This routine returns a PRStatus 
- * value; upon error it will place an error on the error stack and 
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_add_pointer
-(
-  const NSSPKIXAttributeTypeAndValue *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_atav_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_atav_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  rv = nssArena_registerDestructor(arena,
-         nss_pkix_AttributeTypeAndValue_remove_pointer, p);
-  if( PR_SUCCESS != rv ) {
-    (void)nss_pkix_AttributeTypeAndValue_remove_pointer(p);
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_AttributeTypeAndValue_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid 
- * NSSPKIXAttributeTypeAndValue pointer from the internal 
- * pointer-tracker.  This routine should only be used by the 
- * NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and 
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_remove_pointer
-(
-  const NSSPKIXAttributeTypeAndValue *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&pkix_atav_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  /*
-   * nssArena_deregisterDestructor(p->arena, 
-   *   nss_pkix_AttributeTypeAndValue_remove_pointer, p);
-   */
-
-  return rv;
-}
-
-/*
- * nssPKIXAttributeTypeAndValue_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an 
- * NSSPKIXAttributeTypeAndValue object, this routine will return 
- * PR_SUCCESS.  Otherwise, it will put an error on the error stack 
- * and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_verifyPointer
-(
-  NSSPKIXAttributeTypeAndValue *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_atav_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_atav_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Name/Create.c b/security/nss/lib/pkix/src/Name/Create.c
deleted file mode 100644
index dc9059f0b..000000000
--- a/security/nss/lib/pkix/src/Name/Create.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXNameChoice choice,
-  void *arg
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  switch( choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    {
-      NSSPKIXRDNSequence *r = (NSSPKIXRDNSequence *)arg;
-      if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(r) ) {
-        return (NSSPKIXName *)NULL;
-      }
-    }
-
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INVALID_CHOICE);
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_Create(arenaOpt, choice, arg);
-}
diff --git a/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c b/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c
deleted file mode 100644
index da07742cc..000000000
--- a/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromRDNSequence
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRDNSequence *rdnSequence
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnSequence) ) {
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_CreateFromRDNSequence(arenaOpt, rdnSequence);
-}
diff --git a/security/nss/lib/pkix/src/Name/CreateFromUTF8.c b/security/nss/lib/pkix/src/Name/CreateFromUTF8.c
deleted file mode 100644
index f2111ea75..000000000
--- a/security/nss/lib/pkix/src/Name/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/Name/Decode.c b/security/nss/lib/pkix/src/Name/Decode.c
deleted file mode 100644
index b30fac01e..000000000
--- a/security/nss/lib/pkix/src/Name/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromBER
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_CreateFromBER(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Name/Destroy.c b/security/nss/lib/pkix/src/Name/Destroy.c
deleted file mode 100644
index c8c2bc9f2..000000000
--- a/security/nss/lib/pkix/src/Name/Destroy.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXName_Destroy
-(
-  NSSPKIXName *name
-)
-{
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_Destroy(name);
-}
diff --git a/security/nss/lib/pkix/src/Name/Duplicate.c b/security/nss/lib/pkix/src/Name/Duplicate.c
deleted file mode 100644
index 6c8831729..000000000
--- a/security/nss/lib/pkix/src/Name/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_Duplicate
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (NSSDER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSDER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_Duplicate(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/Encode.c b/security/nss/lib/pkix/src/Name/Encode.c
deleted file mode 100644
index 344a53724..000000000
--- a/security/nss/lib/pkix/src/Name/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXName_Encode
-(
-  NSSPKIXName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_Encode(name, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/Equal.c b/security/nss/lib/pkix/src/Name/Equal.c
deleted file mode 100644
index 9a74eef94..000000000
--- a/security/nss/lib/pkix/src/Name/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXName_Equal
-(
-  NSSPKIXName *name1,
-  NSSPKIXName *name2,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name1) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name2) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIX_Equal(name1, name2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetChoice.c b/security/nss/lib/pkix/src/Name/GetChoice.c
deleted file mode 100644
index 8a36ada00..000000000
--- a/security/nss/lib/pkix/src/Name/GetChoice.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  A valid element of the NSSPKIXNameChoice enumeration upon success
- *  The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_IMPLEMENT NSSPKIXNameChoice
-NSSPKIXName_GetChoice
-(
-  NSSPKIXName *name
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return NSSPKIXNameChoice_NSSinvalid;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_GetChoice(name);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetRDNSequence.c b/security/nss/lib/pkix/src/Name/GetRDNSequence.c
deleted file mode 100644
index 94562ae3c..000000000
--- a/security/nss/lib/pkix/src/Name/GetRDNSequence.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A pointer to a valid NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXName_GetRDNSequence
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_GetRDNSequence(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c b/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c
deleted file mode 100644
index 3de2d5b84..000000000
--- a/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A valid pointer ...
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT void *
-NSSPKIXName_GetSpecifiedChoice
-(
-  NSSPKIXName *name,
-  NSSPKIXNameChoice choice,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name) ) {
-    return (void *)NULL;
-  }
-
-  switch( choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INVALID_CHOICE);
-    return (void *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (void *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_GetSpecifiedChoice(name, choice, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c b/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c
deleted file mode 100644
index c86dd94b2..000000000
--- a/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXName_GetUTF8Encoding
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXName_GetUTF8Encoding(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/MClear.c b/security/nss/lib/pkix/src/Name/MClear.c
deleted file mode 100644
index e8d6b1961..000000000
--- a/security/nss/lib/pkix/src/Name/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_Name_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_Clear
-(
-  NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSBER *)NULL != name->ber ) {
-    nss_ZFreeIf(name->ber->data);
-    nss_ZFreeIf(name->ber);
-  }
-
-  if( (NSSDER *)NULL != name->der ) {
-    nss_ZFreeIf(name->der->data);
-    nss_ZFreeIf(name->der);
-  }
-
-  nss_ZFreeIf(name->utf8);
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/Mregister.c b/security/nss/lib/pkix/src/Name/Mregister.c
deleted file mode 100644
index 09ddb9d99..000000000
--- a/security/nss/lib/pkix/src/Name/Mregister.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifdef NSSDEBUG
-/*
- * nss_pkix_Name_register
- *
- * Registers whatever sub-component exists within this Name.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_register
-(
-  NSSPKIXName *name
-)
-{
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return PR_FAILURE;
-  }
-
-  switch( name->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    /* add pointer */
-    /* (sub-)register pointer */
-    /* add destructor to arena */
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreate.c b/security/nss/lib/pkix/src/Name/PCreate.c
deleted file mode 100644
index e93737599..000000000
--- a/security/nss/lib/pkix/src/Name/PCreate.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_CHOICE
- *  NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXNameChoice choice,
-  void *arg
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXName *rv = (NSSPKIXName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  switch( choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    if( (PR_SUCCESS != nssPKIXRDNSequence_verifyPointer((NSSPKIXRDNSequence *)arg) ) ) {
-      nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-      return (NSSPKIXName *)NULL;
-    }
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INVALID_CHOICE);
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  switch( choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INVALID_CHOICE);
-    goto loser;
-  }
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXName);
-  if( (NSSPKIXName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->utf8 = nssUTF8_Duplicate(string, arena);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-  
-  rv->choice = choice;
-  switch( choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate((NSSPKIXRDNSequence *)arg, arena);
-    if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
-      goto loser;
-    }
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INVALID_CHOICE);
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_Name_remove_pointer, rv) ) {
-    (void)nss_pkix_Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c b/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c
deleted file mode 100644
index 169e409a3..000000000
--- a/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromRDNSequence
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRDNSequence *rdnSequence
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXName *rv = (NSSPKIXName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( (PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnSequence) ) ) {
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXName);
-  if( (NSSPKIXName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->utf8 = nssUTF8_Duplicate(string, arena);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-  
-  rv->choice = NSSPKIXNameChoice_rdnSequence;
-  rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate(rdnSequence, arena);
-  if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_Name_remove_pointer, rv) ) {
-    (void)nss_pkix_Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c b/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c
deleted file mode 100644
index 0939a19e3..000000000
--- a/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXName *rv = (NSSPKIXName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXName);
-  if( (NSSPKIXName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->utf8 = nssUTF8_Duplicate(string, arena);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-  
-  /* Insert intelligence here -- fgmr */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  goto loser;
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_Name_remove_pointer, rv) ) {
-    (void)nss_pkix_Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDecode.c b/security/nss/lib/pkix/src/Name/PDecode.c
deleted file mode 100644
index d3f20d473..000000000
--- a/security/nss/lib/pkix/src/Name/PDecode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromBER
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromBER
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXName *rv = (NSSPKIXName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXName *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXName);
-  if( (NSSPKIXName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, nssPKIXName_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDestroy.c b/security/nss/lib/pkix/src/Name/PDestroy.c
deleted file mode 100644
index f1fd41721..000000000
--- a/security/nss/lib/pkix/src/Name/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXName_Destroy
-(
-  NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_Name_remove_pointer(name);
-#endif /* DEBUG */
-
-  if( PR_TRUE == name->i_allocated_arena ) {
-    return nssArena_Destroy(name->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDuplicate.c b/security/nss/lib/pkix/src/Name/PDuplicate.c
deleted file mode 100644
index c5788a0f1..000000000
--- a/security/nss/lib/pkix/src/Name/PDuplicate.c
+++ /dev/null
@@ -1,172 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_Duplicate
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXName *rv = (NSSPKIXName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXName *)NULL;
-    }
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXName);
-  if( (NSSPKIXName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  if( (NSSBER *)NULL != name->ber ) {
-    rv->ber = nssItem_Duplicate(name->ber, arena, (NSSItem *)NULL);
-    if( (NSSBER *)NULL == rv->ber ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSDER *)NULL != name->der ) {
-    rv->der = nssItem_Duplicate(name->der, arena, (NSSItem *)NULL);
-    if( (NSSDER *)NULL == rv->der ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL != name->utf8 ) {
-    rv->utf8 = nssUTF8_duplicate(name->utf8, arena);
-    if( (NSSUTF8 *)NULL == rv->utf8 ) {
-      goto loser;
-    }
-  }
-  
-  rv->choice = name->choice;
-  switch( name->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arena);
-    if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
-      goto loser;
-    }
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_Name_remove_pointer, rv) ) {
-    (void)nss_pkix_Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PEncode.c b/security/nss/lib/pkix/src/Name/PEncode.c
deleted file mode 100644
index 469b528fb..000000000
--- a/security/nss/lib/pkix/src/Name/PEncode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXName_Encode
-(
-  NSSPKIXName *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  NSSBER *it;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    if( (NSSBER *)NULL != name->ber ) {
-      it = name->ber;
-      goto done;
-    }
-    /*FALLTHROUGH*/
-  case NSSASN1DER:
-    if( (NSSDER *)NULL != name->der ) {
-      it = name->der;
-      goto done;
-    }
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
-    return (NSSBER *)NULL;
-  }
-
-  it = nssASN1_EncodeItem(name->arena, (NSSItem *)NULL, name,
-                          nssPKIXName_template, encoding);
-  if( (NSSBER *)NULL == it ) {
-    return (NSSBER *)NULL;
-  }
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    name->ber = it;
-    break;
-  case NSSASN1DER:
-    name->der = it;
-    break;
-  default:
-    PR_ASSERT(0);
-    break;
-  }
-
- done:
-  return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/PEqual.c b/security/nss/lib/pkix/src/Name/PEqual.c
deleted file mode 100644
index 5ad91dd2a..000000000
--- a/security/nss/lib/pkix/src/Name/PEqual.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXName_Equal
-(
-  NSSPKIXName *one,
-  NSSPKIXName *two,
-  PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(one) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(two) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
-    return nssItem_Equal(one->der, two->der, statusOpt);
-  }
-
-  if( one->choice != two->choice ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_SUCCESS;
-    }
-    return PR_FALSE;
-  }
-
-  switch( one->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    return nssPKIXRDNSequence_Equal(one->u.rdnSequence, two->u.rdnSequence, statusOpt);
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    break;
-  }
-
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_FAILURE;
-  }
-  return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetChoice.c b/security/nss/lib/pkix/src/Name/PGetChoice.c
deleted file mode 100644
index f34a93908..000000000
--- a/security/nss/lib/pkix/src/Name/PGetChoice.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- *  A valid element of the NSSPKIXNameChoice enumeration upon success
- *  The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_IMPLEMENT NSSPKIXNameChoice
-nssPKIXName_GetChoice
-(
-  NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return NSSPKIXNameChoice_NSSinvalid;
-  }
-#endif /* NSSDEBUG */
-
-  return name->choice;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetRDNSequence.c b/security/nss/lib/pkix/src/Name/PGetRDNSequence.c
deleted file mode 100644
index 0899e550d..000000000
--- a/security/nss/lib/pkix/src/Name/PGetRDNSequence.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A pointer to a valid NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXName_GetRDNSequence
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( name->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    return nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arenaOpt);
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    break;
-  }
-
-  nss_SetError(NSS_ERROR_WRONG_CHOICE);
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c b/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c
deleted file mode 100644
index a24c8ea86..000000000
--- a/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- *  A valid pointer ...
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT void *
-nssPKIXName_GetSpecifiedChoice
-(
-  NSSPKIXName *name,
-  NSSPKIXNameChoice choice,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (void *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (void *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( choice != name->choice ) {
-    nss_SetError(NSS_ERROR_WRONG_CHOICE);
-    return (void *)NULL;
-  }
-
-  switch( name->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    return (void *)nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arenaOpt);
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    break;
-  }
-
-  nss_SetError(NSS_ERROR_WRONG_CHOICE);
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c
deleted file mode 100644
index 164229277..000000000
--- a/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_NAME
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXName_GetUTF8Encoding
-(
-  NSSPKIXName *name,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == name->utf8 ) {
-    /* xxx fgmr fill this in from pki1 implementation */
-  }
-
-  return nssUTF8_Duplicate(name->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/template.c b/security/nss/lib/pkix/src/Name/template.c
deleted file mode 100644
index 72ac85466..000000000
--- a/security/nss/lib/pkix/src/Name/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXName_template
- *
- */
-
-const nssASN1Template nssPKIXName_template[] = {
-  { nssASN1_CHOICE, offsetof(NSSPKIXName, choice), 0, sizeof(NSSPKIXName) },
-  { nssASN1_POINTER, offsetof(NSSPKIXName, u.rdnSequence), 
-    nssPKIXRDNSequence_template, NSSPKIXNameChoice_rdnSequence },
-  { 0 }
-};
diff --git a/security/nss/lib/pkix/src/Name/verifyPointer.c b/security/nss/lib/pkix/src/Name/verifyPointer.c
deleted file mode 100644
index 6c27e5910..000000000
--- a/security/nss/lib/pkix/src/Name/verifyPointer.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_name_pointer_tracker;
-
-/*
- * nss_pkix_Name_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXName pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_add_pointer
-(
-  const NSSPKIXName *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_name_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_name_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  rv = nssArena_registerDestructor(p->arena,
-         nss_pkix_Name_remove_pointer, p);
-  if( PR_SUCCESS != rv ) {
-    (void)nss_pkix_Name_remove_pointer(p);
-    return rv;
-  }
-
-#ifdef NSSDEBUG
-  switch( p->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    rv = nss_pkix_RDNSequence_register(p->u.rdnSequence);
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    rv = PR_FAILURE;
-    break;
-  }
-
-  if( PR_SUCCESS != rv ) {
-    (void)nss_pkix_Name_remove_pointer(p);
-  }
-#endif /* NSSDEBUG */
-
-  return rv;
-}
-
-/*
- * nss_pkix_Name_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXName
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_remove_pointer
-(
-  const NSSPKIXName *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&pkix_name_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-#ifdef NSSDEBUG
-  switch( p->choice ) {
-  case NSSPKIXNameChoice_rdnSequence:
-    (void)nss_pkix_RDNSequence_register(p->u.rdnSequence);
-    break;
-  case NSSPKIXNameChoice_NSSinvalid:
-  default:
-    break;
-  }
-#endif /* NSSDEBUG */
-
-  /*
-   * nssArena_deregisterDestructor(p->arena,
-   *   nss_pkix_Name_remove_pointer, p);
-   */
-
-  return rv;
-}
-
-/*
- * nssPKIXName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXName_verifyPointer
-(
-  NSSPKIXName *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_name_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_name_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c
deleted file mode 100644
index 4e0d0d018..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_AppendRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_AppendRelativeDistinguishedName(rdnseq, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Create.c b/security/nss/lib/pkix/src/RDNSequence/Create.c
deleted file mode 100644
index 52b8a851c..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Create.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRelativeDistinguishedName *rdn1,
-  ...
-)
-{
-  va_list ap;
-  NSSPKIXRDNSequence *rv;
-  PRUint32 count;
-
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-
-  /* Is there a nonzero minimum number of RDNs required? */
-
-  {
-    va_start(ap, arenaOpt);
-
-    while( 1 ) {
-      NSSPKIXRelativeDistinguishedName *rdn;
-      rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-      if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
-        break;
-      }
-
-      if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-        va_end(ap);
-        return (NSSPKIXRDNSequence *)NULL;
-      }
-    }
-
-    va_end(ap);
-  }
-#endif /* DEBUG */
-
-  va_start(ap, arenaOpt);
-
-  for( count = 0; ; count++ ) {
-    NSSPKIXRelativeDistinguishedName *rdn;
-    rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
-      break;
-    }
-
-#ifdef PEDANTIC
-    if( count == 0xFFFFFFFF ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      va_end(ap);
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-#endif /* PEDANTIC */
-  }
-
-  va_end(ap);
-
-  va_start(ap, arenaOpt);
-  rv = nss_pkix_RDNSequence_V_Create(arenaOpt, count, ap);
-  va_end(ap);
-
-  return rv;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c b/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c
deleted file mode 100644
index b6412187c..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXRelativeDistinguishedName *rdns[]
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  {
-    PRUint32 i;
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(&rdns[i]) ) {
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_CreateFromArray(arenaOpt, count, rnds);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c b/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c
deleted file mode 100644
index dcdbc54a2..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Decode.c b/security/nss/lib/pkix/src/RDNSequence/Decode.c
deleted file mode 100644
index ebbad116a..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Destroy.c b/security/nss/lib/pkix/src/RDNSequence/Destroy.c
deleted file mode 100644
index 5962364e5..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_Destroy
-(
-  NSSPKIXRDNSequence *rdnseq
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_Destroy(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Duplicate.c b/security/nss/lib/pkix/src/RDNSequence/Duplicate.c
deleted file mode 100644
index 2bf53ba59..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Duplicate
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_Duplicate(rdnseq, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Encode.c b/security/nss/lib/pkix/src/RDNSequence/Encode.c
deleted file mode 100644
index 84ab4db67..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXRDNSequence_Encode
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_Encode(rdnseq, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Equal.c b/security/nss/lib/pkix/src/RDNSequence/Equal.c
deleted file mode 100644
index fe0fa0f07..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXRDNSequence_Equal
-(
-  NSSPKIXRDNSequence *one,
-  NSSPKIXRDNSequence *two,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(one) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(two) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_Equal(one, two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c
deleted file mode 100644
index cb04286d3..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRDNSequence_FindRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_FindRelativeDistinguishedName(rdnseq, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c
deleted file mode 100644
index 9b152f4da..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRDNSequence_GetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_GetRelativeDistinguishedName(rdnseq, i, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c
deleted file mode 100644
index 05b5e89b4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
-  NSSPKIXRDNSequence *rdnseq
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return -1;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_GetRelativeDistinguishedNameCount(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c
deleted file mode 100644
index 06d419bed..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence.  {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXRelativeDistinguishedName 
- *      pointers upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName **
-NSSPKIXRDNSequence_GetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRelativeDistinguishedName **)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXRelativeDistinguishedName **)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_GetRelativeDistinguishedNames(rdnseq, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c b/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c
deleted file mode 100644
index 4519a5ba4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXRDNSequence_GetUTF8Encoding
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_GetUTF8Encoding(rdnseq, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c
deleted file mode 100644
index 433c2a315..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_InsertRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_InsertRelativeDistinguishedName(rdnseq, i, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MClear.c b/security/nss/lib/pkix/src/RDNSequence/MClear.c
deleted file mode 100644
index 7df7eb099..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RDNSequence_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_Clear
-(
-  NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSBER *)NULL != rdnseq->ber ) {
-    nss_ZFreeIf(rdnseq->ber->data);
-    nss_ZFreeIf(rdnseq->ber);
-  }
-
-  if( (NSSDER *)NULL != rdnseq->der ) {
-    nss_ZFreeIf(rdnseq->der->data);
-    nss_ZFreeIf(rdnseq->der);
-  }
-
-  nss_ZFreeIf(rdnseq->utf8);
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MCount.c b/security/nss/lib/pkix/src/RDNSequence/MCount.c
deleted file mode 100644
index 649721c9f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MCount.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RDNSequence_Count
- */
-
-NSS_IMPLEMENT void
-nss_pkix_RDNSequence_Count
-(
-  NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((NSSPKIXRelativeDistinguishedName **)NULL != rdnseq->rdns);
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rdnseq->rdns ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  }
-
-  if( 0 == rdnseq->count ) {
-    PRUint32 i;
-    for( i = 0; i < 0xFFFFFFFF; i++ ) {
-      if( (NSSPKIXRelativeDistinguishedName *)NULL == rdnseq->rdns[i] ) {
-        break;
-      }
-    }
-
-#ifdef PEDANTIC
-    if( 0xFFFFFFFF == i ) {
-      return;
-    }
-#endif /* PEDANTIC */
-
-    rdnseq->count = i;
-  }
-
-  return;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MVCreate.c b/security/nss/lib/pkix/src/RDNSequence/MVCreate.c
deleted file mode 100644
index caeb1995f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MVCreate.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RDNSequence_v_create
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nss_pkix_RDNSequence_v_create
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  va_list ap
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
-  if( (NSSPKIXRDNSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->count = count;
-
-  rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, count);
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSPKIXRelativeDistinguishedName *v = (NSSPKIXRelativeDistinguishedName *)
-      va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-
-#ifdef NSSDEBUG
-    /* 
-     * It's okay to test this down here, since 
-     * supposedly these have already been checked.
-     */
-    if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(v) ) {
-      goto loser;
-    }
-#endif /* NSSDEBUG */
-
-    rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
-      goto loser;
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c
deleted file mode 100644
index 9d1ea4875..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_AppendRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  NSSPKIXRelativeDistinguishedName **na;
-  NSSPKIXRelativeDistinguishedName *dup;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  na = (NSSPKIXRelativeDistinguishedName **)
-    nss_ZRealloc(rdnseq->rdns, ((rdnseq->count+2) * 
-      sizeof(NSSPKIXRelativeDistinguishedName *)));
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  rdnseq->rdns = na;
-
-  dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  na[ rdnseq->count++ ] = dup;
-
-  return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreate.c b/security/nss/lib/pkix/src/RDNSequence/PCreate.c
deleted file mode 100644
index 0fdc6848f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreate.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXRelativeDistinguishedName *rdn1,
-  ...
-)
-{
-  va_list ap;
-  NSSPKIXRDNSequence *rv;
-  PRUint32 count;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-
-  /* Is there a nonzero minimum number of RDNs required? */
-
-  {
-    va_start(ap, arenaOpt);
-
-    while( 1 ) {
-      NSSPKIXRelativeDistinguishedName *rdn;
-      rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-      if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
-        break;
-      }
-
-      if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-        va_end(ap);
-        return (NSSPKIXRDNSequence *)NULL;
-      }
-    }
-
-    va_end(ap);
-  }
-#endif /* NSSDEBUG */
-
-  va_start(ap, arenaOpt);
-
-  for( count = 0; ; count++ ) {
-    NSSPKIXRelativeDistinguishedName *rdn;
-    rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
-      break;
-    }
-
-#ifdef PEDANTIC
-    if( count == 0xFFFFFFFF ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      va_end(ap);
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-#endif /* PEDANTIC */
-  }
-
-  va_end(ap);
-
-  va_start(ap, arenaOpt);
-  rv = nss_pkix_RDNSequence_V_Create(arenaOpt, count, ap);
-  va_end(ap);
-
-  return rv;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c b/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c
deleted file mode 100644
index 0e244cb73..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXRelativeDistinguishedName *rdns[]
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  {
-    PRUint32 i;
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(&rdns[i]) ) {
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
-  if( (NSSPKIXRDNSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->count = count;
-
-  rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, (count+1));
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSPKIXRelativeDistinguishedName *v = rdns[i];
-
-    rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
-      goto loser;
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c b/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c
deleted file mode 100644
index 196332665..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
-  if( (NSSPKIXRDNSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->utf8 = nssUTF8_Duplicate(string, arena);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-  
-  /* Insert intelligence here -- fgmr */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  goto loser;
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDecode.c b/security/nss/lib/pkix/src/RDNSequence/PDecode.c
deleted file mode 100644
index 557f5bc32..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDecode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRDNSequence *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXRDNSequence *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
-  if( (NSSPKIXRDNSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, nssPKIXRDNSequence_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDestroy.c b/security/nss/lib/pkix/src/RDNSequence/PDestroy.c
deleted file mode 100644
index 17cc846cf..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_Destroy
-(
-  NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_RDNSequence_remove_pointer(rdnseq);
-#endif /* DEBUG */
-
-  if( PR_TRUE == rdnseq->i_allocated_arena ) {
-    return nssArena_Destroy(rdnseq->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c b/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c
deleted file mode 100644
index a57828692..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRDNSequence upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Duplicate
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
-  if( (NSSPKIXRDNSequence *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  if( (NSSBER *)NULL != rdnseq->ber ) {
-    rv->ber = nssItem_Duplicate(rdnseq->ber, arena, (NSSItem *)NULL);
-    if( (NSSBER *)NULL == rv->ber ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSDER *)NULL != rdnseq->der ) {
-    rv->der = nssItem_Duplicate(rdnseq->der, arena, (NSSItem *)NULL);
-    if( (NSSDER *)NULL == rv->der ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL != rdnseq->utf8 ) {
-    rv->utf8 = nssUTF8_duplicate(rdnseq->utf8, arena);
-    if( (NSSUTF8 *)NULL == rv->utf8 ) {
-      goto loser;
-    }
-  }
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  rv->count = rdnseq->count;
-
-  rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, (rv->count+1));
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSPKIXRelativeDistinguishedName *v = rdnseq->rdns[i];
-
-    rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
-      goto loser;
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PEncode.c b/security/nss/lib/pkix/src/RDNSequence/PEncode.c
deleted file mode 100644
index 5700fa099..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PEncode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXRDNSequence_Encode
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  NSSBER *it;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    if( (NSSBER *)NULL != rdnseq->ber ) {
-      it = rdnseq->ber;
-      goto done;
-    }
-    /*FALLTHROUGH*/
-  case NSSASN1DER:
-    if( (NSSDER *)NULL != rdnseq->der ) {
-      it = rdnseq->der;
-      goto done;
-    }
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
-    return (NSSBER *)NULL;
-  }
-
-  it = nssASN1_EncodeItem(rdnseq->arena, (NSSItem *)NULL, rdnseq,
-                          nssPKIXRDNSequence_template, encoding);
-  if( (NSSBER *)NULL == it ) {
-    return (NSSBER *)NULL;
-  }
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    rdnseq->ber = it;
-    break;
-  case NSSASN1DER:
-    rdnseq->der = it;
-    break;
-  default:
-    PR_ASSERT(0);
-    break;
-  }
-
- done:
-  return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PEqual.c b/security/nss/lib/pkix/src/RDNSequence/PEqual.c
deleted file mode 100644
index a1dd5af53..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PEqual.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXRDNSequence_Equal
-(
-  NSSPKIXRDNSequence *one,
-  NSSPKIXRDNSequence *two,
-  PRStatus *statusOpt
-)
-{
-  NSSPKIXRelativeDistinguishedName **a;
-  NSSPKIXRelativeDistinguishedName **b;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(one) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(two) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* NSSDEBUG */
-
-  if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
-    return nssItem_Equal(one->der, two->der, statusOpt);
-  }
-
-  /*
-   * Since this is a sequence, the order is significant.
-   * So we just walk down both lists, comparing.
-   */
-
-  for( a = one->rdns, b = two->rdns; *a && *b; a++, b++ ) {
-    if( PR_FALSE == nssPKIXRelativeDistinguishedName_Equal(*a, *b, statusOpt) ) {
-      return PR_FALSE;
-    }
-  }
-
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_SUCCESS;
-  }
-
-  if( *a || *b ) {
-    return PR_FALSE;
-  }
-
-  return PR_TRUE;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c
deleted file mode 100644
index 8064b9636..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRDNSequence_FindRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  PRUint32 i;
-  NSSPKIXRelativeDistinguishedName **a;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  for( i = 0, a = rdnseq->rdns; *a; a++, (i > 0x7fffffff) || i++ ) {
-    if( PR_TRUE == nssPKIXRelativeDistinguishedName_Equal(*a, rdn) ) {
-      if( i > 0x7fffffff ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return -1;
-      }
-      return (PRInt32)i;
-    }
-  }
-
-  nss_SetError(NSS_ERROR_NOT_FOUND);
-  return -1;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c
deleted file mode 100644
index 7ea20d259..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRDNSequence_GetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (i < 0) || (i >= rdnseq->count) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  return nssPKIXRelativeDistinguishedName_Duplicate(rdnseq->rdns[i], arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c
deleted file mode 100644
index a01077db1..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
-  NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return -1;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return -1;
-  }
-#endif /* PEDANTIC */
-
-  if( rdnseq->count > 0x7fffffff ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return -1;
-  }
-
-  return (PRInt32)(rdnseq->count);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c
deleted file mode 100644
index 115480dfd..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence.  {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXRelativeDistinguishedName 
- *      pointers upon success
- *  NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName **
-nssPKIXRDNSequence_GetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-)
-{
-  NSSPKIXRelativeDistinguishedName **rv = (NSSPKIXRelativeDistinguishedName **)NULL;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSPKIXRelativeDistinguishedName **)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXRelativeDistinguishedName **)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName **)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (limit < rdnseq->count) &&
-      !((0 == limit) && ((NSSPKIXRelativeDistinguishedName **)NULL == rvOpt)) ) {
-    nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
-    return (NSSPKIXRelativeDistinguishedName **)NULL;
-  }
-
-  limit = rdnseq->count;
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rvOpt ) {
-    rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXRelativeDistinguishedName *, limit);
-    if( (NSSPKIXRelativeDistinguishedName **)NULL == rv ) {
-      return (NSSPKIXRelativeDistinguishedName **)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  for( i = 0; i < limit; i++ ) {
-    rv[i] = nssPKIXRelativedistinguishedName_Duplicate(rdnseq->rdns[i], arenaOpt);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == rv[i] ) {
-      goto loser;
-    }
-  }
-
-  return rv;
-
- loser:
-  for( i = 0; i < limit; i++ ) {
-    NSSPKIXRelativeDistinguishedName *x = rv[i];
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == x ) {
-      break;
-    }
-    (void)nssPKIXRelativeDistinguishedName_Destroy(x);
-  }
-
-  if( rv != rvOpt ) {
-    nss_ZFreeIf(rv);
-  }
-
-  return (NSSPKIXRelativeDistinguishedName **)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c
deleted file mode 100644
index 2250bf960..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXRDNSequence_GetUTF8Encoding
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == rdnseq->utf8 ) {
-    /* xxx fgmr fill this in from pki1 implementation */
-  }
-
-  return nssUTF8_Duplicate(rdnseq->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c
deleted file mode 100644
index 213866694..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_InsertRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  NSSPKIXRelativeDistinguishedName **na;
-  NSSPKIXRelativeDistinguishedName *dup;
-  PRInt32 c;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (i < 0) || (i >= rdnseq->count) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  na = (NSSPKIXRelativeDistinguishedName **)
-    nss_ZRealloc(rdnseq->rdns, ((rdnseq->count+2) * 
-      sizeof(NSSPKIXRelativeDistinguishedName *)));
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  rdnseq->rdns = na;
-
-  dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  for( c = rdnseq->count; c > i; c-- ) {
-    na[ c ] = na[ c-1 ];
-  }
-
-  na[ i ] = dup;
-  rdnseq->count++;
-
-  return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c
deleted file mode 100644
index 447620c77..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i
-)
-{
-  NSSPKIXRelativeDistinguishedName **na;
-  PRInt32 c;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (i < 0) || (i >= rdnseq->count) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]);
-
-  rdnseq->rdns[i] = rdnseq->rdns[ rdnseq->count ];
-  rdnseq->rdns[ rdnseq->count ] = (NSSPKIXRelativeDistinguishedName *)NULL;
-  rdnseq->count--;
-
-  na = (NSSPKIXRelativeDistinguishedName **)
-    nss_ZRealloc(rdnseq->rdns, ((rdnseq->count) * 
-      sizeof(NSSPKIXRelativeDistinguishedName *)));
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  rdnseq->rdns = na;
-
-  return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c
deleted file mode 100644
index 5c8123266..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  NSSPKIXRelativeDistinguishedName *dup;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdnseq->count ) {
-    nss_pkix_RDNSequence_Count(rdnseq);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdnseq->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (i < 0) || (i >= rdnseq->count) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]);
-  rdnseq->rdns[i] = dup;
-
-  return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c
deleted file mode 100644
index b0320a4b7..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdns[],
-  PRInt32 countOpt
-)
-{
-  NSSPKIXRelativeDistinguishedName **ip;
-  NSSPKIXRelativeDistinguishedName **newarray;
-  PRUint32 i;
-  nssArenaMark *mark;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rdns ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  {
-    PRUint32 i, count;
-
-    if( 0 == countOpt ) {
-      for( i = 0; i < 0x80000000; i++ ) {
-        if( (NSSPKIXRelativeDistinguishedName *)NULL == rdns[i] ) {
-          break;
-        }
-      }
-
-#ifdef PEDANTIC
-      if( 0x80000000 == i ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-#endif /* PEDANTIC */
-
-      count = (PRUint32)i;
-    } else {
-      if( countOpt < 0 ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-
-      count = (PRUint32)countOpt;
-    }
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdns[i]) ) {
-        return PR_FAILURE;
-      }
-    }
-  }
-#endif /* NSSDEBUG */
-
-  mark = nssArena_Mark(rdnseq->mark);
-  if( (nssArenaMark *)NULL == mark ) {
-    return PR_FAILURE;
-  }
-
-  newarray = nss_ZNEWARRAY(rdnseq->arena, NSSPKIXRelativeDistinguishedName *, countOpt);
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == newarray ) {
-    goto loser;
-  }
-
-  for( i = 0; i < countOpt; i++ ) {
-    newarray[i] = nssPKIXRelativeDistinguishedName_Duplicate(rdns[i], rdnseq->arena);
-    if( (NSSPKIXRelativeDistinguishedName *)NULL == newarray[i] ) {
-      goto loser;
-    }
-  }
-
-  for( i = 0; i < rdnseq->count; i++ ) {
-    if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]) ) {
-      goto loser;
-    }
-  }
-
-  nss_ZFreeIf(rdnseq->rdns);
-
-  rdnseq->count = countOpt;
-  rdnseq->rdns = newarray;
-
-  (void)nss_pkix_RDNSequence_Clear(rdnseq);
-
-  return nssArena_Unmark(rdnseq->arena, mark);
-
- loser:
-  (void)nssArena_Release(a->arena, mark);
-  return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c
deleted file mode 100644
index 141ab7f37..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_RemoveRelativeDistinguishedName(rdnseq, i);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c
deleted file mode 100644
index 7484eb55d..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedName
-(
-  NSSPKIXRDNSequence *rdnseq,
-  PRInt32 i,
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_SetRelativeDistinguishedName(rdnseq, i, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c
deleted file mode 100644
index 40e7c8247..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedNames
-(
-  NSSPKIXRDNSequence *rdnseq,
-  NSSPKIXRelativeDistinguishedName *rdns[],
-  PRInt32 countOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSPKIXRelativeDistinguishedName **)NULL == rdns ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  {
-    PRUint32 i, count;
-
-    if( 0 == countOpt ) {
-      for( i = 0; i < 0x80000000; i++ ) {
-        if( (NSSPKIXRelativeDistinguishedName *)NULL == rdns[i] ) {
-          break;
-        }
-      }
-
-#ifdef PEDANTIC
-      if( 0x80000000 == i ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-#endif /* PEDANTIC */
-
-      count = (PRUint32)i;
-    } else {
-      if( countOpt < 0 ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-
-      count = (PRUint32)countOpt;
-    }
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdns[i]) ) {
-        return PR_FAILURE;
-      }
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRDNSequence_SetRelativeDistinguishedNames(rdnseq, rdns, countOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/template.c b/security/nss/lib/pkix/src/RDNSequence/template.c
deleted file mode 100644
index ff5bbc0ba..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/template.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRDNSequence_template
- *
- */
-
-const nssASN1Template nssPKIXRDNSequence_template[] = {
-  { nssASN1_SEQUENCE_OF, offsetof(NSSPKIXRDNSequence, rdns),
-    nssPKIXRelativeDistinguishedName_template },
-  { 0 }
-};
diff --git a/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c b/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c
deleted file mode 100644
index 47a53a5c4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_rdnseq_pointer_tracker;
-
-/*
- * nss_pkix_RDNSequence_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXRDNSequence pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_add_pointer
-(
-  const NSSPKIXRDNSequence *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_rdnseq_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_rdnseq_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  rv = nssArena_registerDestructor(arena,
-         nss_pkix_RDNSequence_remove_pointer, p);
-  if( PR_SUCCESS != rv ) {
-    (void)nss_pkix_RDNSequence_remove_pointer(p);
-    return rv;
-  }
-
-#ifdef NSSDEBUG
-  {
-    NSSPKIXRelativeDistinguishedName *r;
-
-    for( r = p->rdns; *r; r++ ) {
-      if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(*r) ) {
-        (void)nss_pkix_RDNSequence_remove_pointer(p);
-        return PR_FAILURE;
-      }
-    }
-  }
-#endif /* NSSDEBUG */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_RDNSequence_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXRDNSequence
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_remove_pointer
-(
-  const NSSPKIXRDNSequence *p
-)
-{
-  PRStatus rv;
-
-#ifdef NSSDEBUG
-  {
-    NSSPKIXRelativeDistinguishedName *r;
-
-    for( r = p->rdns; *r; r++ ) {
-      (void)nss_pkix_RelativeDistinguishedName_remove_pointer(*r);
-    }
-  }
-#endif /* NSSDEBUG */
-
-  rv = nssPointerTracker_remove(&pkix_rdnseq_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  /*
-   * nssArena_deregisterDestructor(p->arena,
-   *   nss_pkix_RDNSequence_remove_pointer, p);
-   */
-
-  return rv;
-}
-
-/*
- * nssPKIXRDNSequence_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRDNSequence
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_verifyPointer
-(
-  NSSPKIXRDNSequence *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_rdnseq_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_rdnseq_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c
deleted file mode 100644
index efb142396..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue(rdn, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c
deleted file mode 100644
index 52e139c69..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeTypeAndValue *atav1,
-  ...
-)
-{
-  va_list ap;
-  NSSPKIXRelativeDistinguishedName *rv;
-  PRUint32 count;
-
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  /* Is there a nonzero minimum number of ATAVs required? */
-
-  {
-    va_start(ap, arenaOpt);
-
-    while( 1 ) {
-      NSSPKIXAttributeTypeAndValue *atav;
-      atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-      if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
-        break;
-      }
-
-      if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-        va_end(ap);
-        return (NSSPKIXRelativeDistinguishedName *)NULL;
-      }
-    }
-
-    va_end(ap);
-  }
-#endif /* DEBUG */
-
-  va_start(ap, arenaOpt);
-
-  for( count = 0; ; count++ ) {
-    NSSPKIXAttributeTypeAndValue *atav;
-    atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
-      break;
-    }
-
-#ifdef PEDANTIC
-    if( count == 0xFFFFFFFF ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      va_end(ap);
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-#endif /* PEDANTIC */
-  }
-
-  va_end(ap);
-
-  va_start(ap, arenaOpt);
-  rv = nss_pkix_RelativeDistinguishedName_V_Create(arenaOpt, count, ap);
-  va_end(ap);
-
-  return rv;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c
deleted file mode 100644
index 0c01be4da..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXAttributeTypeAndValue *atavs[]
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  {
-    PRUint32 i;
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssAttributeTypeAndValue_verifyPointer(&atavs[i]) ) {
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_CreateFromArray(arenaOpt, count, atavs);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c
deleted file mode 100644
index 990b7acd2..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c
deleted file mode 100644
index b8d0b243a..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c
deleted file mode 100644
index ca8b1e85f..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_Destroy
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_Destroy(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c
deleted file mode 100644
index 416b405e8..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Duplicate
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_Duplicate(rdn, arenaOpt);
-}
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c
deleted file mode 100644
index ea6b82a55..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXRelativeDistinguishedName_Encode
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_Encode(rdn, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c
deleted file mode 100644
index 3e4a3fc3e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRelativeDistinguishedName_Equal
-(
-  NSSPKIXRelativeDistinguishedName *one,
-  NSSPKIXRelativeDistinguishedName *two,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(one) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(two) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_Equal(one, two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c
deleted file mode 100644
index 65032b1c1..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue(rdn, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c
deleted file mode 100644
index 1a58bd132..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue(rdn, i, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c
deleted file mode 100644
index 1209e726c..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return -1;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount(rdn);
-}
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c
deleted file mode 100644
index 7efc30173..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXAttributeTypeAndValue 
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue **
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSPKIXAttributeTypeAndValue **)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXAttributeTypeAndValue **)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues(rdn, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c
deleted file mode 100644
index 9c428ae40..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_GetUTF8Encoding(rdn, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c
deleted file mode 100644
index 2b1a93820..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_Clear
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSBER *)NULL != rdn->ber ) {
-    nss_ZFreeIf(rdn->ber->data);
-    nss_ZFreeIf(rdn->ber);
-  }
-
-  if( (NSSDER *)NULL != rdn->der ) {
-    nss_ZFreeIf(rdn->der->data);
-    nss_ZFreeIf(rdn->der);
-  }
-
-  nss_ZFreeIf(rdn->utf8);
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c
deleted file mode 100644
index 23d976160..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_Count
- */
-
-NSS_IMPLEMENT void
-nss_pkix_RelativeDistinguishedName_Count
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  }
-
-  if( 0 == rdn->count ) {
-    PRUint32 i;
-    for( i = 0; i < 0xFFFFFFFF; i++ ) {
-      if( (NSSPKIXAttributeTypeAndValue *)NULL == rdn->atavs[i] ) {
-        break;
-      }
-    }
-
-#ifdef PEDANTIC
-    if( 0xFFFFFFFF == i ) {
-      return;
-    }
-#endif /* PEDANTIC */
-
-    rdn->count = i;
-  }
-
-  return;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c
deleted file mode 100644
index c40a4b6e7..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_v_create
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_OID
- *  NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nss_pkix_RelativeDistinguishedName_V_Create
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  va_list ap
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->count = count;
-
-  rv->atav = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, count);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rv->atav ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSPKIXAttributeTypeAndValue *v = (NSSPKIXAttributeTypeAndValue *)
-      va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-
-#ifdef NSSDEBUG
-    /* 
-     * It's okay to test this down here, since 
-     * supposedly these have already been checked.
-     */
-    if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(v) ) {
-      goto loser;
-    }
-#endif /* NSSDEBUG */
-
-    rv->atav[i] = nssPKIXAttributeTypeAndValue_Duplicate(v, arena);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atav[i] ) {
-      goto loser;
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_RelativeDistinguishedName_remove_pointer, rv) ) {
-    (void)nss_pkix_RelativeDistinguishedName_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c
deleted file mode 100644
index 68541d17e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  PRUint32 newcount;
-  NSSPKIXAttributeTypeAndValue **newarray;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  }
-
-  if( 0 == rdn->count ) {
-    nss_pkix_RelativeDistinguishedName_Count(rdn);
-  }
-
-  newcount = rdn->count+1;
-  /* Check newcount for a rollover. */
-
-  /* Remember that our atavs array is NULL-terminated */
-  newarray = (NSSPKIXAttributeTypeAndValue **)nss_ZRealloc(rdn->atavs,
-               ((newcount+1) * sizeof(NSSPKIXAttributeTypeAndValue *)));
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == newarray ) {
-    return PR_FAILURE;
-  }
-
-  rdn->atavs = newarray;
-
-  rdn->atavs[ rdn->count ] = nssPKIXAttributeTypeAndValue_Duplicate(atav, rdn->arena);
-  if( (NSSPKIXAttributeTypeAndValue *)NULL == rdn->atavs[ rdn->count ] ) {
-    return PR_FAILURE; /* array is "too big" but whatever */
-  }
-
-  rdn->count = newcount;
-
-  return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c
deleted file mode 100644
index a3a1f7315..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Create
-(
-  NSSArena *arenaOpt,
-  NSSPKIXAttributeTypeAndValue *atav1,
-  ...
-)
-{
-  va_list ap;
-  NSSPKIXRelativeDistinguishedName *rv;
-  PRUint32 count;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  /* Is there a nonzero minimum number of ATAVs required? */
-
-  {
-    va_start(ap, arenaOpt);
-
-    while( 1 ) {
-      NSSPKIXAttributeTypeAndValue *atav;
-      atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-      if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
-        break;
-      }
-
-      if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-        va_end(ap);
-        return (NSSPKIXRelativeDistinguishedName *)NULL;
-      }
-    }
-
-    va_end(ap);
-  }
-#endif /* NSSDEBUG */
-
-  va_start(ap, arenaOpt);
-
-  for( count = 0; ; count++ ) {
-    NSSPKIXAttributeTypeAndValue *atav;
-    atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
-      break;
-    }
-
-#ifdef PEDANTIC
-    if( count == 0xFFFFFFFF ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      va_end(ap);
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-#endif /* PEDANTIC */
-  }
-
-  va_end(ap);
-
-  va_start(ap, arenaOpt);
-  rv = nss_pkix_RelativeDistinguishedName_V_Create(arenaOpt, count, ap);
-  va_end(ap);
-
-  return rv;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c
deleted file mode 100644
index fa7e27eed..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromArray
-(
-  NSSArena *arenaOpt,
-  PRUint32 count,
-  NSSPKIXAttributeTypeAndValue *atavs
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  {
-    PRUint32 i;
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssAttributeTypeAndValue_verifyPointer(&atavs[i]) ) {
-        return (NSSPKIXAttribute *)NULL;
-      }
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->count = count;
-
-  rv->atav = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, count);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rv->atav ) {
-    goto loser;
-  }
-
-  for( i = 0; i < count; i++ ) {
-    NSSPKIXAttributeTypeAndValue *v = atavs[i];
-
-    rv->atav[i] = nssPKIXAttributeTypeAndValue_Duplicate(v, arena);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atav[i] ) {
-      goto loser;
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c
deleted file mode 100644
index 2f2f995be..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *string
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == string ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->utf8 = nssUTF8_Duplicate(string, arena);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-  
-  /* Insert intelligence here -- fgmr */
-  nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  goto loser;
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c
deleted file mode 100644
index ad1766280..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, nssPKIXRelativeDistinguishedName_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c
deleted file mode 100644
index 94b8fcf00..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_Destroy
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_RelativeDistinguishedName_remove_pointer(rdn);
-#endif /* DEBUG */
-
-  if( PR_TRUE == rdn->i_allocated_arena ) {
-    return nssArena_Destroy(rdn->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c
deleted file mode 100644
index 0277b7b01..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Duplicate
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
-  PRStatus status;
-  PRUint32 i;
-  NSSPKIXAttributeTypeAndValue **from, **to;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSPKIXRelativeDistinguishedName *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXRelativeDistinguishedName *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
-  if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  if( (NSSDER *)NULL != rdn->der ) {
-    rv->der = nssItem_Duplicate(rdn->der, arena, (NSSItem *)NULL);
-    if( (NSSDER *)NULL == rv->der ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSBER *)NULL != rdn->ber ) {
-    rv->ber = nssItem_Duplicate(rdn->ber, arena, (NSSItem *)NULL);
-    if( (NSSBER *)NULL == rv->ber ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL != rdn->utf8 ) {
-    rv->utf8 = nssUTF8_Duplicate(rdn->utf8, arena);
-    if( (NSSUTF8 *)NULL == rv->utf8 ) {
-      goto loser;
-    }
-  }
-
-  rv->count = rdn->count;
-
-  {
-    if( 0 == rdn->count ) {
-      nss_pkix_RelativeDistinguishedName_Count(rdn);
-      if( 0 == rdn->count ) {
-        nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-        goto loser;
-      }
-
-      rv->count = rdn->count; /* might as well save it */
-    }
-
-    rv->atavs = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, rdn->count + 1);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atavs ) {
-      goto loser;
-    }
-  }
-
-  for( from = &rdn->atavs[0], to = &rv->atavs[0]; *from; from++, to++ ) {
-    *to = nssPKIXAttributeTypeAndValue_Duplicate(*from, arena);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == *to ) {
-      goto loser;
-    }
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c
deleted file mode 100644
index d2af9470b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXRelativeDistinguishedName_Encode
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  NSSBER *it;
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    if( (NSSBER *)NULL != rdn->ber ) {
-      it = rdn->ber;
-      goto done;
-    }
-    /*FALLTHROUGH*/
-  case NSSASN1DER:
-    if( (NSSDER *)NULL != rdn->der ) {
-      it = rdn->der;
-      goto done;
-    }
-    break;
-  default:
-    nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
-    return (NSSBER *)NULL;
-  }
-
-  it = nssASN1_EncodeItem(rdn->arena, (NSSItem *)NULL, rdn,
-                          nssPKIXRelativeDistinguishedName_template,
-                          encoding);
-  if( (NSSBER *)NULL == it ) {
-    return (NSSBER *)NULL;
-  }
-
-  switch( encoding ) {
-  case NSSASN1BER:
-    rdn->ber = it;
-    break;
-  case NSSASN1DER:
-    rdn->der = it;
-    break;
-  default:
-    PR_ASSERT(0);
-    break;
-  }
-
- done:
-  return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c
deleted file mode 100644
index 2ac566a8b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXRelativeDistinguishedName_Equal
-(
-  NSSPKIXRelativeDistinguishedName *one,
-  NSSPKIXRelativeDistinguishedName *two,
-  PRStatus *statusOpt
-)
-{
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(one) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(two) ) {
-    goto loser;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSDER *)NULL == one->der ) {
-    one->der = nssASN1_EncodeItem(one->arena, (NSSItem *)NULL, one,
-                                  nssPKIXRelativeDistinguishedName_template,
-                                  NSSASN1DER);
-    if( (NSSDER *)NULL == one->der ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSDER *)NULL == two->der ) {
-    two->der = nssASN1_EncodeItem(two->arena, (NSSItem *)NULL, two,
-                                  nssPKIXRelativeDistinguishedName_template,
-                                  NSSASN1DER);
-    if( (NSSDER *)NULL == two->der ) {
-      goto loser;
-    }
-  }
-
-  return nssItem_Equal(one->der, two->der, statusOpt);
-
- loser:
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_FAILURE;
-  }
-
-  return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c
deleted file mode 100644
index ee7c55e10..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NOT_FOUND
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  The index of the specified attribute value upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  PRUint32 i;
-  NSSPKIXAttributeTypeAndValue **a;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return -1;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return -1;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return -1;
-  }
-
-  for( i = 0, a = rdn->atavs; *a; a++, (i > 0x7fffffff) || i++ ) {
-    if( PR_TRUE == nssPKIXAttributeTypeAndValue_Equal(*a, atav) ) {
-      if( i > 0x7fffffff ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return -1;
-      }
-      return (PRInt32)i;
-    }
-  }
-
-  nss_SetError(NSS_ERROR_NOT_FOUND);
-  return -1;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c
deleted file mode 100644
index 22c3abac6..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttributeTypeAndValue *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdn->count ) {
-    nss_pkix_RelativeDistinguishedName_Count(rdn);
-  }
-
-  if( (i < 0) || (i >= rdn->count) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXAttributeTypeAndValue *)NULL;
-  }
-
-  return nssPKIXAttributeTypeAndValue_Duplicate(rdn->atavs[i], arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c
deleted file mode 100644
index df8e1b48e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- *  Nonnegative integer upon success
- *  -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
-  NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return -1;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdn->count ) {
-    nss_pkix_RelativeDistinguishedName_Count(rdn);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdn->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return -1;
-  }
-#endif /* PEDANTIC */
-
-  if( rdn->count > 0x7fffffff ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return -1;
-  }
-
-  return (PRInt32)(rdn->count);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c
deleted file mode 100644
index 7675d5ad3..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- *  A valid pointer to an array of NSSPKIXAttributeTypeAndValue 
- *      pointers upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue **
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *rvOpt[],
-  PRInt32 limit,
-  NSSArena *arenaOpt
-)
-{
-  NSSPKIXAttributeTypeAndValue **rv = (NSSPKIXAttributeTypeAndValue **)NULL;
-  PRUint32 i;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSPKIXAttributeTypeAndValue **)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
-      return (NSSPKIXAttributeTypeAndValue **)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdn->count ) {
-    nss_pkix_RelativeDistinguishedName_Count(rdn);
-  }
-
-#ifdef PEDANTIC
-  if( 0 == rdn->count ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return (NSSPKIXAttributeTypeAndValue **)NULL;
-  }
-#endif /* PEDANTIC */
-
-  if( (limit < rdn->count) &&
-      !((0 == limit) && ((NSSPKIXAttributeTypeAndValue **)NULL == rvOpt)) ) {
-    nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
-    return (NSSPKIXAttributeTypeAndValue **)NULL;
-  }
-
-  limit = rdn->count;
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rvOpt ) {
-    rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXAttributeTypeAndValue *, limit);
-    if( (NSSPKIXAttributeTypeAndValue **)NULL == rv ) {
-      return (NSSPKIXAttributeTypeAndValue **)NULL;
-    }
-  } else {
-    rv = rvOpt;
-  }
-
-  for( i = 0; i < limit; i++ ) {
-    rv[i] = nssPKIXAttributeTypeAndValue_Duplicate(rdn->atav[i], arenaOpt);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == rv[i] ) {
-      goto loser;
-    }
-  }
-
-  return rv;
-
- loser:
-  for( i = 0; i < limit; i++ ) {
-    NSSPKIXAttributeTypeAndValue *x = rv[i];
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == x ) {
-      break;
-    }
-    (void)nssPKIXAttributeTypeAndValue_Destroy(x);
-  }
-
-  if( rv != rvOpt ) {
-    nss_ZFreeIf(rv);
-  }
-
-  return (NSSPKIXAttributeTypeAndValue **)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c
deleted file mode 100644
index 01abf228c..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ARENA
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSUTF8 pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == rdn->utf8 ) {
-    /* xxx fgmr fill this in from pki1 implementation */
-  }
-
-  return nssUTF8_Duplicate(rdn->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c
deleted file mode 100644
index 84b5cc819..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i
-)
-{
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == rdn->count ) {
-    nss_pkix_RelativeDistinguishedName_Count(rdn);
-  }
-
-  if( i < 0 ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return PR_FAILURE;
-  }
-
-  /* Is there a technical minimum? */
-  /*
-   *  if( 1 == rdn->count ) {
-   *    nss_SetError(NSS_ERROR_AT_MINIMUM);
-   *    return PR_FAILURE;
-   *  }
-   */
-
-#ifdef PEDANTIC
-  if( 0 == rdn->count ) {
-    NSSPKIXAttributeTypeAndValue **ip;
-    /* Too big.. but we can still remove one */
-    nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]);
-    for( ip = &rdn->atavs[i]; *ip; ip++ ) {
-      ip[0] = ip[1];
-    }
-  } else
-#endif /* PEDANTIC */
-
-  {
-    NSSPKIXAttributeTypeAndValue *si;
-    PRUint32 end;
-
-    if( i >= rdn->count ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      return PR_FAILURE;
-    }
-
-    end = rdn->count - 1;
-    
-    si = rdn->atavs[i];
-    rdn->atavs[i] = rdn->atavs[end];
-    rdn->atavs[end] = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-    nssPKIXAttributeTypeAndValue_Destroy(si);
-
-    /* We could realloc down, but we know it's a no-op */
-    rdn->count = end;
-  }
-
-  return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c
deleted file mode 100644
index 01439e2e7..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  NSSPKIXAttributeTypeAndValue *dup;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    return PR_FAILURE;
-  }
-
-  if( 0 == rdn->count ) {
-    nss_pkix_RelativeDistinguishedName_Count(rdn);
-  }
-
-  if( (i < 0) || (i >= rdn->count) ) {
-    nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-    return PR_FAILURE;
-  }
-
-  dup = nssPKIXAttributeTypeAndValue_Duplicate(atav, rdn->arena);
-  if( (NSSPKIXAttributeTypeAndValue *)NULL == dup ) {
-    return PR_FAILURE;
-  }
-
-  nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]);
-  rdn->atavs[i] = dup;
-
-  return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c
deleted file mode 100644
index 839839ea2..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atavs[],
-  PRInt32 countOpt
-)
-{
-  NSSPKIXAttributeTypeAndValue **ip;
-  NSSPKIXAttributeTypeAndValue **newarray;
-  PRUint32 i;
-  nssArenaMark *mark;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSPKIXAttributeTypeAndValues **)NULL == atavs ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  {
-    PRUint32 i, count;
-
-    if( 0 == countOpt ) {
-      for( i = 0; i < 0x80000000; i++ ) {
-        if( (NSSPKIXAttributeTypeAndValue *)NULL == atav[i] ) {
-          break;
-        }
-      }
-
-#ifdef PEDANTIC
-      if( 0x80000000 == i ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-#endif /* PEDANTIC */
-
-      count = (PRUint32)i;
-    } else {
-      if( countOpt < 0 ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-
-      count = (PRUint32)countOpt;
-    }
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav[i]) ) {
-        return PR_FAILURE;
-      }
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( 0 == countOpt ) {
-    for( i = 0; i < 0xffffffff; i++ ) {
-      if( (NSSPKIXAttributeTypeAndValue *)NULL == atavs[i] ) {
-        break;
-      }
-    }
-
-#ifdef PEDANTIC
-    if( 0xffffffff == 0 ) {
-      nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-      reutrn PR_FAILURE;
-    }
-#endif /* PEDANTIC */
-
-    countOpt = i;
-  }
-
-  mark = nssArena_Mark(rdn->mark);
-  if( (nssArenaMark *)NULL == mark ) {
-    return PR_FAILURE;
-  }
-
-  newarray = nss_ZNEWARRAY(rdn->arena, NSSPKIXAttributeTypeAndValue *, countOpt);
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == newarray ) {
-    goto loser;
-  }
-
-  for( i = 0; i < countOpt; i++ ) {
-    newarray[i] = nssPKIXAttributeTypeAndValue_Duplicate(atavs[i], rdn->arena);
-    if( (NSSPKIXAttributeTypeAndValue *)NULL == newarray[i] ) {
-      goto loser;
-    }
-  }
-
-  for( i = 0; i < rdn->count; i++ ) {
-    if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]) ) {
-      goto loser;
-    }
-  }
-
-  nss_ZFreeIf(rdn->atavs);
-
-  rdn->count = countOpt;
-  rdn->atavs = newarray;
-
-  (void)nss_pkix_RelativeDistinguishedName_Clear(rdn);
-
-  return nssArena_Unmark(rdn->arena, mark);
-
- loser:
-  (void)nssArena_Release(a->arena, mark);
-  return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c
deleted file mode 100644
index b9f1deb66..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue(rdn, i);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c
deleted file mode 100644
index fa2224a6b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_VALUE_OUT_OF_RANGE
- *  NSS_ERROR_INVALID_PKIX_ATAV
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  PRInt32 i,
-  NSSPKIXAttributeTypeAndValue *atav
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue(rdn, i, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c
deleted file mode 100644
index c6a8f0434..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_RDN
- *  NSS_ERROR_INVALID_POINTER
- *  NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
-  NSSPKIXRelativeDistinguishedName *rdn,
-  NSSPKIXAttributeTypeAndValue *atavs[],
-  PRInt32 countOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
-    return PR_FAILURE;
-  }
-
-  if( (NSSPKIXAttributeTypeAndValue **)NULL == atavs ) {
-    nss_SetError(NSS_ERROR_INVALID_POINTER);
-    return PR_FAILURE;
-  }
-
-  {
-    PRUint32 i, count;
-
-    if( 0 == countOpt ) {
-      for( i = 0; i < 0x80000000; i++ ) {
-        if( (NSSPKIXAttributeTypeAndValue *)NULL == atavs[i] ) {
-          break;
-        }
-      }
-
-#ifdef PEDANTIC
-      if( 0x80000000 == i ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-#endif /* PEDANTIC */
-
-      count = (PRUint32)i;
-    } else {
-      if( countOpt < 0 ) {
-        nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
-        return PR_FAILURE;
-      }
-
-      count = (PRUint32)countOpt;
-    }
-
-    for( i = 0; i < count; i++ ) {
-      if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atavs[i]) ) {
-        return PR_FAILURE;
-      }
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues(rdn, atavs, countOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c
deleted file mode 100644
index fff01836a..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_template
- *
- */
-
-const nssASN1Template nssPKIXRelativeDistinguishedName_template[] = {
-  { nssASN1_SET_OF, offsetof(NSSPKIXRelativeDistinguishedName, atavs),
-    nssPKIXAttributeTypeAndValue_template, 
-    sizeof(NSSPKIXRelativeDistinguishedName) }
-};
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c
deleted file mode 100644
index d7274abae..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_rdn_pointer_tracker;
-
-/*
- * nss_pkix_RelativeDistinguishedName_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXRelativeDistinguishedName pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_add_pointer
-(
-  const NSSPKIXRelativeDistinguishedName *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_rdn_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_rdn_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  rv = nssArena_registerDestructor(p->arena,
-         nss_pkix_RelativeDistinguishedName_remove_pointer, p);
-  if( PR_SUCCESS != rv ) {
-    (void)nss_pkix_RelativeDistinguishedName_remove_pointer(p);
-    return rv;
-  }
-
-#ifdef NSSDEBUG
-  {
-    NSSPKIXAttributeTypeAndValue *a;
-
-    for( a = p->atavs; *a; a++ ) {
-      if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(*a) ) {
-        nss_pkix_RelativeDistinguishedName_remove_pointer(p);
-        return PR_FAILURE;
-      }
-    }
-  }
-#endif /* NSSDEBUG */
-
-  return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_RelativeDistinguishedName_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXRelativeDistinguishedName
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_remove_pointer
-(
-  const NSSPKIXRelativeDistinguishedName *p
-)
-{
-  PRStatus rv;
-
-#ifdef NSSDEBUG
-  {
-    NSSPKIXAttributeTypeAndValue *a;
-
-    for( a = p->atavs; *a; a++ ) {
-      (void)nss_pkix_AttributeTypeAndValue_remove_pointer(*a);
-    }
-  }
-#endif /* NSSDEBUG */
-
-  rv = nssPointerTracker_remove(&pkix_rdn_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  /*
-   * nssArena_deregisterDestructor(p->arena, 
-   *   nss_pkix_RelativeDistinguishedName_remove_pointer, p);
-   */
-
-  return rv;
-}
-
-/*
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRelativeDistinguishedName
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_verifyPointer
-(
-  NSSPKIXRelativeDistinguishedName *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_rdn_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_rdn_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Time/Compare.c b/security/nss/lib/pkix/src/Time/Compare.c
deleted file mode 100644
index 6a125d6c6..000000000
--- a/security/nss/lib/pkix/src/Time/Compare.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- *  Returns 0 on error
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXTime_Compare
-(
-  NSSPKIXTime *time1,
-  NSSPKIXTime *tiem2,
-  PRStatus *statusOpt
-)
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time1) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return 0;
-  }
-
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time2) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return 0;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_Compare(time1, time2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/CreateFromPRTime.c b/security/nss/lib/pkix/src/Time/CreateFromPRTime.c
deleted file mode 100644
index 909adb14e..000000000
--- a/security/nss/lib/pkix/src/Time/CreateFromPRTime.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKIXTime_CreateFromPRTime
-(
-  NSSArena *arenaOpt,
-  PRTime prTime
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_CreateFromPRTime(arenaOpt, prTime);
-}
diff --git a/security/nss/lib/pkix/src/Time/CreateFromUTF8.c b/security/nss/lib/pkix/src/Time/CreateFromUTF8.c
deleted file mode 100644
index 469741ac6..000000000
--- a/security/nss/lib/pkix/src/Time/CreateFromUTF8.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == utf8 ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXTime *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_CreateFromUTF8(arenaOpt, utf8);
-}
diff --git a/security/nss/lib/pkix/src/Time/Decode.c b/security/nss/lib/pkix/src/Time/Decode.c
deleted file mode 100644
index 948dc0b93..000000000
--- a/security/nss/lib/pkix/src/Time/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTime upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKIXTime_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXTime *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Time/Destroy.c b/security/nss/lib/pkix/src/Time/Destroy.c
deleted file mode 100644
index d694850ef..000000000
--- a/security/nss/lib/pkix/src/Time/Destroy.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Destroy
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-NSSPKIXTime_Destroy
-(
-  NSSPKIXTime *time
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return PR_FAILURE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_Destroy(time);
-}
diff --git a/security/nss/lib/pkix/src/Time/Duplicate.c b/security/nss/lib/pkix/src/Time/Duplicate.c
deleted file mode 100644
index dee6f61e9..000000000
--- a/security/nss/lib/pkix/src/Time/Duplicate.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Duplicate
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKXITime_Duplicate
-(
-  NSSPKIXTime *time,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return (NSSPKXITime *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_Duplicate(time, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/Encode.c b/security/nss/lib/pkix/src/Time/Encode.c
deleted file mode 100644
index 9063e4f3a..000000000
--- a/security/nss/lib/pkix/src/Time/Encode.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Encode
- *
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXTime_Encode
-(
-  NSSPKIXTime *time,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_Encode(time, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/Equal.c b/security/nss/lib/pkix/src/Time/Equal.c
deleted file mode 100644
index 4ed05acd5..000000000
--- a/security/nss/lib/pkix/src/Time/Equal.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Equal
- *
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKXITime_Equal
-(
-  NSSPKXITime *time1,
-  NSSPKXITime *time2,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time1) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time2) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_Equal(time1, time2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/GetPRTime.c b/security/nss/lib/pkix/src/Time/GetPRTime.c
deleted file mode 100644
index 5871a482d..000000000
--- a/security/nss/lib/pkix/src/Time/GetPRTime.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_IMPLEMENT PRTime
-NSSPKIXTime_GetPRTime
-(
-  NSSPKIXTime *time,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return (PRTime)0;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_GetPRTime(time, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c b/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c
deleted file mode 100644
index 7fc383b81..000000000
--- a/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKXITime_GetUTF8Encoding
-(
-  NSSPKIXTime *time,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXTime_GetUTF8Encoding(time, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c b/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c
deleted file mode 100644
index 13805e65d..000000000
--- a/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_CreateFromPRTime
-(
-  NSSArena *arenaOpt,
-  PRTime prTime
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXTime);
-  if( (NSSPKIXTime *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  rv->prTime = prTime;
-  rv->prTimeValid = PR_TRUE;
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c b/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c
deleted file mode 100644
index 1a15639ed..000000000
--- a/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == utf8 ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXTime *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXTime);
-  if( (NSSPKIXTime *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-
-  /* fgmr base on nspr's pl implementation? */
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PDecode.c b/security/nss/lib/pkix/src/Time/PDecode.c
deleted file mode 100644
index 385665468..000000000
--- a/security/nss/lib/pkix/src/Time/PDecode.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Decode
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- *  A valid pointer to an NSSPKIXTime upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSArena *arena;
-  PRBool arena_allocated = PR_FALSE;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXTime *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXTime *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    arena = nssArena_Create();
-    if( (NSSArena *)NULL == arena ) {
-      goto loser;
-    }
-    arena_allocated = PR_TRUE;
-  } else {
-    arena = arenaOpt;
-    mark = nssArena_Mark(arena);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arena, NSSPKIXTime);
-  if( (NSSPKIXTime *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->arena = arena;
-  rv->i_allocated_arena = arena_allocated;
-  rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
-  if( (NSSItem *)NULL == rv->ber ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arena, rv, nssPKIXTime_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arena, mark);
-  }
-
-  if( PR_TRUE == arena_allocated ) {
-    (void)nssArena_Destroy(arena);
-  }
-
-  return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PDestroy.c b/security/nss/lib/pkix/src/Time/PDestroy.c
deleted file mode 100644
index 973974b51..000000000
--- a/security/nss/lib/pkix/src/Time/PDestroy.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Destroy
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-nssPKIXTime_Destroy
-(
-  NSSPKIXTime *time
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
-  (void)nss_pkix_Time_remove_pointer(time);
-#endif /* DEBUG */
-
-  if( PR_TRUE == time->i_allocated_arena ) {
-    return nssArena_Destroy(time->arena);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Time/PEncode.c b/security/nss/lib/pkix/src/Time/PEncode.c
deleted file mode 100644
index 8904fac50..000000000
--- a/security/nss/lib/pkix/src/Time/PEncode.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Encode
- *
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXTime_Encode
-(
-  NSSPKIXTime *time,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
diff --git a/security/nss/lib/pkix/src/Time/template.c b/security/nss/lib/pkix/src/Time/template.c
deleted file mode 100644
index 38c4f3c78..000000000
--- a/security/nss/lib/pkix/src/Time/template.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXTime_template
- *
- */
-
-const nssASN1Template nssPKIXTime_template[] = {
-  { nssASN1_INLINE, offsetof(NSSPKIXTime, asn1item), 
-    nssASN1Template_Any, sizeof(NSSPKIXTime) }
-};
diff --git a/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c b/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c
deleted file mode 100644
index 84df20054..000000000
--- a/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-)
-{
-  PRStatus status = PR_SUCCESS;
-  PRUint32 length;
-  nss_ClearErrorStack();
-  
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXX520Name *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == utf8 ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXX520Name *)NULL;
-  }
-#endif /* DEBUG */
-
-  length = nssUTF8_Length(utf8, &status); 
-  if( PR_SUCCESS != status ) {
-    if( NSS_ERROR_VALUE_TOO_LARGE == NSS_GetError() ) {
-      nss_SetError(NSS_ERROR_STRING_TOO_LONG);
-    }
-    return (NSSPKIXX520Name *)NULL;
-  }
-
-  if( (length < 1 ) || (length > NSSPKIXX520Name_MAXIMUM_LENGTH) ) {
-    nss_SetError(NSS_ERROR_STRING_TOO_LONG);
-  }
-
-  return nssPKIXX520Name_CreateFromUTF8(arenaOpt, utf8);
-}
-
-/*
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- *  ub-name INTEGER ::=     32768
- */
-
-const PRUint32 NSSPKIXX520Name_MAXIMUM_LENGTH = 32768;
diff --git a/security/nss/lib/pkix/src/X520Name/Decode.c b/security/nss/lib/pkix/src/X520Name/Decode.c
deleted file mode 100644
index ac59d5598..000000000
--- a/security/nss/lib/pkix/src/X520Name/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXX520Name_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Destroy.c b/security/nss/lib/pkix/src/X520Name/Destroy.c
deleted file mode 100644
index 49037d3b4..000000000
--- a/security/nss/lib/pkix/src/X520Name/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT NSSDER *
-NSSPKIXX520Name_Destroy
-(
-  NSSPKIXX520Name *name
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSDER *)NULL;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXX520Name_Destroy(name);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Duplicate.c b/security/nss/lib/pkix/src/X520Name/Duplicate.c
deleted file mode 100644
index bcb4b5a2b..000000000
--- a/security/nss/lib/pkix/src/X520Name/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_Duplicate
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXX520Name_Duplicate(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Encode.c b/security/nss/lib/pkix/src/X520Name/Encode.c
deleted file mode 100644
index 83cfd5442..000000000
--- a/security/nss/lib/pkix/src/X520Name/Encode.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXX520Name_Encode
-(
-  NSSPKIXX520Name *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXX520Name_Encode(name, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Equal.c b/security/nss/lib/pkix/src/X520Name/Equal.c
deleted file mode 100644
index 75842e8f5..000000000
--- a/security/nss/lib/pkix/src/X520Name/Equal.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXX520Name_Equal
-(
-  NSSPKIXX520Name *name1,
-  NSSPKIXX520Name *name2,
-  PRStatus *statusOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name1) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name2) ) {
-    if( (PRStatus *)NULL != statusOpt ) {
-      *statusOpt = PR_FAILURE;
-    }
-    return PR_FALSE;
-  }
-#endif /* DEBUG */
-
-  return nssPKIXX520Name_Equal(name1, name2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c b/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c
deleted file mode 100644
index 2e42124eb..000000000
--- a/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSDER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXX520Name_GetUTF8Encoding
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-)
-{
-  nss_ClearErrorStack();
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* DEBUG */
-
-  return nssPKIXX520Name_GetUTF8Encoding(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/MDoUTF8.c b/security/nss/lib/pkix/src/X520Name/MDoUTF8.c
deleted file mode 100644
index 69cbf691e..000000000
--- a/security/nss/lib/pkix/src/X520Name/MDoUTF8.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_X520Name_DoUTF8
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-nss_pkix_X520Name_DoUTF8
-(
-  NSSPKIXX520Name *name
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == name->utf8 ) {
-    PRUint8 tag = (*(PRUint8 *)name->string.data) & nssASN1_TAG_MASK;
-    nssStringType type;
-    void *data = (void *)&((PRUint8 *)name->string.data)[1];
-    PRUint32 size = name->string.size-1;
-
-    switch( tag ) {
-    case nssASN1_TELETEX_STRING:
-      type = nssStringType_TeletexString;
-      break;
-    case nssASN1_PRINTABLE_STRING:
-      type = nssStringType_PrintableString;
-      break;
-    case nssASN1_UNIVERSAL_STRING:
-      type = nssStringType_UniversalString;
-      break;
-    case nssASN1_BMP_STRING:
-      type = nssStringType_BMPString;
-      break;
-    case nssASN1_UTF8_STRING:
-      type = nssStringType_UTF8String;
-      break;
-    default:
-      nss_SetError(NSS_ERROR_INVALID_BER);
-      return PR_FAILURE;
-    }
-
-    name->utf8 = nssUTF8_Create(arenaOpt, type, data, size);
-    if( (NSSUTF8 *)NULL == name->utf8 ) {
-      return PR_FAILURE;
-    }
-
-    if( nssASN1_PRINTABLE_STRING == tag ) {
-      name->wasPrintable = PR_TRUE;
-    }
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PCreate.c b/security/nss/lib/pkix/src/X520Name/PCreate.c
deleted file mode 100644
index c507a8f75..000000000
--- a/security/nss/lib/pkix/src/X520Name/PCreate.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Create
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_STRING_TYPE
- *  NSS_ERROR_INVALID_ITEM
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Create
-(
-  NSSArena *arenaOpt,
-  nssStringType type,
-  NSSItem *data
-)
-{
-  NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXX520Name *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(data) ) {
-    return (NSSPKIXX520Name *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  switch( type ) {
-  case nssStringType_TeletexString:
-  case nssStringType_PrintableString:
-  case nssStringType_UniversalString:
-  case nssStringType_UTF8String:
-  case nssStringType_BMPString:
-    break;
-  default:
-    nss_SetError(NSS_ERROR_INVALID_STRING_TYPE);
-    goto loser;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    mark = nssArena_Mark(arenaOpt);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
-  if( (NSSPKIXX520Name *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->utf8 = nssUTF8_Create(arenaOpt, type, data->data, data->size);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-
-  if( nssStringType_PrintableString == type ) {
-    rv->wasPrintable = PR_TRUE;
-  }
-
-  rv->der = nssUTF8_GetDEREncoding(arenaOpt, type, rv->utf8);
-  if( (NSSDER *)NULL == rv->der ) {
-    goto loser;
-  }
-
-  rv->string.size = rv->der->size;
-  rv->string.data = nss_ZAlloc(arenaOpt, rv->string.size);
-  if( (void *)NULL == rv->string.data ) {
-    goto loser;
-  }
-
-  (void)nsslibc_memcpy(rv->string.data, rv->der->data, rv->string.size);
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    rv->inArena = PR_TRUE;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_X520Name_remove_pointer, rv) ) {
-    (void)nss_pkix_X520Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arenaOpt, mark);
-  }
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    if( (NSSPKIXX520Name *)NULL != rv ) {
-      if( (NSSDER *)NULL != rv->der ) {
-        nss_ZFreeIf(rv->der->data);
-        nss_ZFreeIf(rv->der);
-      }
-
-      nss_ZFreeIf(rv->string.data);
-      nss_ZFreeIf(rv->utf8);
-      nss_ZFreeIf(rv);
-    }
-  }
-
-  return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c b/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c
deleted file mode 100644
index 0459f8c51..000000000
--- a/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_CreateFromUTF8
-(
-  NSSArena *arenaOpt,
-  NSSUTF8 *utf8
-)
-{
-  NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXX520Name *)NULL;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == utf8 ) {
-    nss_SetError(NSS_ERROR_INVALID_STRING);
-    return (NSSPKIXX520Name *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    mark = nssArena_Mark(arenaOpt);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
-  if( (NSSPKIXX520Name *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->utf8 = nssUTF8_Duplicate(utf8, arenaOpt);
-  if( (NSSUTF8 *)NULL == rv->utf8 ) {
-    goto loser;
-  }
-
-  /*
-   * RFC 2459 states (s. 4.1.2.4) that certificates issued after
-   * 2003-12-31 MUST encode strings as UTF8Strings, and until
-   * then they may be encoded as PrintableStrings, BMPStrings,
-   * or UTF8Strings (when the character sets allow).  However, it
-   * specifically notes that even before 2003-12-31, strings may
-   * be encoded as UTF8Strings.  So unless something important
-   * breaks, I'll do UTF8Strings.
-   */
-
-  rv->der = nssUTF8_GetDEREncoding(arenaOpt, nssStringType_UTF8String, 
-                                   utf8);
-  if( (NSSDER *)NULL == rv->der ) {
-    goto loser;
-  }
-
-  rv->string.size = rv->der->size;
-  rv->string.data = nss_ZAlloc(arenaOpt, rv->string.size);
-  if( (void *)NULL == rv->string.data ) {
-    goto loser;
-  }
-
-  (void)nsslibc_memcpy(rv->string.data, rv->der->size, rv->string.size);
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    rv->inArena = PR_TRUE;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_X520Name_remove_pointer, rv) ) {
-    (void)nss_pkix_X520Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arenaOpt, mark);
-  }
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    if( (NSSPKIXX520Name *)NULL != rv ) {
-      if( (NSSDER *)NULL != rv->der ) {
-        nss_ZFreeIf(rv->der->data);
-        nss_ZFreeIf(rv->der);
-      }
-
-      nss_ZFreeIf(rv->string.data);
-      nss_ZFreeIf(rv->utf8);
-      nss_ZFreeIf(rv);
-    }
-  }
-
-  return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDecode.c b/security/nss/lib/pkix/src/X520Name/PDecode.c
deleted file mode 100644
index 8228c8db4..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDecode.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_BER
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Decode
-(
-  NSSArena *arenaOpt,
-  NSSBER *ber
-)
-{
-  NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-  PRStatus status;
-
-#ifdef NSSDEBUG
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-
-  if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    mark = nssArena_Mark(arenaOpt);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
-  if( (NSSPKIXX520Name *)NULL == rv ) {
-    goto loser;
-  }
-
-  status = nssASN1_DecodeBER(arenaOpt, rv, nssPKIXX520_template, ber);
-  if( PR_SUCCESS != status ) {
-    goto loser;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    rv->inArena = PR_TRUE;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_X520Name_remove_pointer, rv) ) {
-    (void)nss_pkix_X520Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arenaOpt, mark);
-  }
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    if( (NSSPKIXX520Name *)NULL != rv ) {
-      nss_ZFreeIf(rv->string.data);
-      nss_ZFreeIf(rv->utf8);
-      nss_ZFreeIf(rv);
-    }
-  }
-
-  return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDestroy.c b/security/nss/lib/pkix/src/X520Name/PDestroy.c
deleted file mode 100644
index 9a9bdaaa2..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDestroy.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSDER *
-nssPKIXX520Name_Destroy
-(
-  NSSPKIXX520Name *name
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return PR_FAILURE;
-  }
-#endif /* NSSDEBUG */
-
-  if( PR_TRUE != name->inArena ) {
-    /*
-     * Note that inArena is merely a hint.  If this object was
-     * created passively, this flag will be NULL no matter if
-     * it was in an arena or not.  However, you may safely
-     * (try to) free memory in an NSSArena, so this isn't a
-     * problem.
-     */
-
-    if( (NSSDER *)NULL != name->der ) {
-      nss_ZFreeIf(name->der->data);
-      nss_ZFreeIf(name->der);
-    }
-
-    nss_ZFreeIf(name->utf8);
-    nss_ZFreeIf(name->string.data);
-    nss_ZFreeIf(name);
-  }
-
-  return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDuplicate.c b/security/nss/lib/pkix/src/X520Name/PDuplicate.c
deleted file mode 100644
index a2b6d7e53..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDuplicate.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Duplicate
- *
- * 
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INVALID_ARENA
- * 
- * Return value:
- *  A valid pointer to an NSSPKIXX520Name upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Duplicate
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-)
-{
-  NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
-  nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSPKIXAttribute *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSPKIXAttribute *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    mark = nssArena_Mark(arenaOpt);
-    if( (nssArenaMark *)NULL == mark ) {
-      goto loser;
-    }
-  }
-
-  rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
-  if( (NSSPKIXX520Name *)NULL == rv ) {
-    goto loser;
-  }
-
-  rv->string.size = name->string.size;
-  rv->string.data = nss_ZAlloc(arenaOpt, name->string.size);
-  if( (void *)NULL == rv->string.data ) {
-    goto loser;
-  }
-
-  (void)nsslibc_memcpy(rv->string.data, name->string.data, name->string.size);
-
-  if( (NSSUTF8 *)NULL != name->utf8 ) {
-    rv->utf8 = nssUTF8_Duplicate(name->utf8, arenaOpt);
-    if( (NSSUTF8 *)NULL == rv->utf8 ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSDER *)NULL != name->der ) {
-    rv->der = nssItem_Duplicate(name->der, arenaOpt, (NSSItem *)NULL);
-    if( (NSSDER *)NULL == rv->der ) {
-      goto loser;
-    }
-  }
-
-  rv->wasPrintable = name->wasPrintable;
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    rv->inArena = PR_TRUE;
-  }
-
-  if( (nssArenaMark *)NULL != mark ) {
-    if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
-      goto loser;
-    }
-  }
-
-#ifdef DEBUG
-  if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssArena_registerDestructor(arena, 
-        nss_pkix_X520Name_remove_pointer, rv) ) {
-    (void)nss_pkix_X520Name_remove_pointer(rv);
-    goto loser;
-  }
-#endif /* DEBUG */
-
-  return rv;
-
- loser:
-  if( (nssArenaMark *)NULL != mark ) {
-    (void)nssArena_Release(arenaOpt, mark);
-  }
-
-  if( (NSSArena *)NULL == arenaOpt ) {
-    if( (NSSPKIXX520Name *)NULL != rv ) {
-      if( (NSSDER *)NULL != rv->der ) {
-        nss_ZFreeIf(rv->der->data);
-        nss_ZFreeIf(rv->der);
-      }
-
-      nss_ZFreeIf(rv->string.data);
-      nss_ZFreeIf(rv->utf8);
-      nss_ZFreeIf(rv);
-    }
-  }
-
-  return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PEncode.c b/security/nss/lib/pkix/src/X520Name/PEncode.c
deleted file mode 100644
index d9f001bae..000000000
--- a/security/nss/lib/pkix/src/X520Name/PEncode.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSBER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXX520Name_Encode
-(
-  NSSPKIXX520Name *name,
-  NSSASN1EncodingType encoding,
-  NSSBER *rvOpt,
-  NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSBER *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSBER *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSDER *)NULL == name->der ) {
-    /* XXX fgmr */
-    if( (NSSUTF8 *)NULL == name->utf8 ) {
-      if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name) ) {
-        return (NSSBER *)NULL;
-      }
-    }
-
-    rv->der = nssUTF8_GetDEREncoding(arenaOpt, type, rv->utf8);
-    if( (NSSDER *)NULL == rv->der ) {
-      return (NSSBER *)NULL;
-    }
-  }
-
-  return nssItem_Duplicate(name->der, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PEqual.c b/security/nss/lib/pkix/src/X520Name/PEqual.c
deleted file mode 100644
index 9ebe75005..000000000
--- a/security/nss/lib/pkix/src/X520Name/PEqual.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- *  PR_TRUE if the two objects have equal values
- *  PR_FALSE otherwise
- *  PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXX520Name_Equal
-(
-  NSSPKIXX520Name *name1,
-  NSSPKIXX520Name *name2,
-  PRStatus *statusOpt
-)
-{
-  PRBool rv;
-
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name1) ) {
-    goto loser;
-  }
-
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name2) ) {
-    goto loser;
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == name1->utf8 ) {
-    if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name1) ) {
-      goto loser;
-    }
-  }
-
-  if( (NSSUTF8 *)NULL == name2->utf8 ) {
-    if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name2) ) {
-      goto loser;
-    }
-  }
-
-  if( (PR_TRUE == name1->wasPrintable) && (PR_TRUE == name2->wasPrintable) ) {
-    return nssUTF8_PrintableMatch(name1->utf8, name2->utf8, statusOpt);
-  }
-
-  return nssUTF8_Equal(name1->utf8, name2->utf8, statusOpt);
-
- loser:
-  if( (PRStatus *)NULL != statusOpt ) {
-    *statusOpt = PR_FAILURE;
-  }
-
-  return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c
deleted file mode 100644
index b023b1fea..000000000
--- a/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_X520_NAME
- *  NSS_ERROR_NO_MEMORY
- *
- * Return value:
- *  A valid NSSDER pointer upon success
- *  NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXX520Name_GetUTF8Encoding
-(
-  NSSPKIXX520Name *name,
-  NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
-  if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
-    return (NSSUTF8 *)NULL;
-  }
-
-  if( (NSSArena *)NULL != arenaOpt ) {
-    if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-#endif /* NSSDEBUG */
-
-  if( (NSSUTF8 *)NULL == name->utf8 ) {
-    if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name) ) {
-      return (NSSUTF8 *)NULL;
-    }
-  }
-  
-  return nssUTF8_Duplicate(rv->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/template.c b/security/nss/lib/pkix/src/X520Name/template.c
deleted file mode 100644
index 63f18e724..000000000
--- a/security/nss/lib/pkix/src/X520Name/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXX520Name_template
- *
- *
- */
-
-const nssASN1Template nssPKIXX520Name_template[] = {
-  { nssASN1_ANY, offsetof(NSSPKIXX520Name, string), NULL, 
-    sizeof(NSSPKIXX520Name) },
-  { 0 }
-};
diff --git a/security/nss/lib/pkix/src/X520Name/verifyPointer.c b/security/nss/lib/pkix/src/X520Name/verifyPointer.c
deleted file mode 100644
index 9e447797d..000000000
--- a/security/nss/lib/pkix/src/X520Name/verifyPointer.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_x520_name_pointer_tracker;
-
-/*
- * nss_pkix_X520Name_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXX520Name pointer to
- * the internal pointer-tracker.  This routine should only be used 
- * by the NSSPKIX module.  This routine returns a PRStatus value; 
- * upon error it will place an error on the error stack and return 
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_NO_MEMORY
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_X520Name_add_pointer
-(
-  const NSSPKIXX520Name *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_x520_name_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    return rv;
-  }
-
-  rv = nssPointerTracker_add(&pkix_x520_name_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    NSSError e = NSS_GetError();
-    if( NSS_ERROR_NO_MEMORY != e ) {
-      nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-    }
-
-    return rv;
-  }
-
-  return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_X520Name_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXX520Name
- * pointer from the internal pointer-tracker.  This routine should 
- * only be used by the NSSPKIX module.  This routine returns a 
- * PRStatus value; upon error it will place an error on the error 
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- *  PR_SUCCESS upon success
- *  PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_X520Name_remove_pointer
-(
-  const NSSPKIXX520Name *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_remove(&pkix_x520_name_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INTERNAL_ERROR);
-  }
-
-  return rv;
-}
-
-/*
- * nssPKIXX520Name_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520Name
- * object, this routine will return PR_SUCCESS.  Otherwise, it will 
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- *  NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- *  PR_SUCCESS if the pointer is valid
- *  PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXX520Name_verifyPointer
-(
-  NSSPKIXX520Name *p
-)
-{
-  PRStatus rv;
-
-  rv = nssPointerTracker_initialize(&pkix_x520_name_pointer_tracker);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_X520_NAME);
-    return PR_FAILURE;
-  }
-
-  rv = nssPointerTracker_verify(&pkix_x520_name_pointer_tracker, p);
-  if( PR_SUCCESS != rv ) {
-    nss_SetError(NSS_ERROR_INVALID_PKIX_X520_NAME);
-    return PR_FAILURE;
-  }
-
-  return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
diff --git a/security/nss/lib/smime/Makefile b/security/nss/lib/smime/Makefile
deleted file mode 100644
index cb85677bc..000000000
--- a/security/nss/lib/smime/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/smime/cms.h b/security/nss/lib/smime/cms.h
deleted file mode 100644
index f2f50a654..000000000
--- a/security/nss/lib/smime/cms.h
+++ /dev/null
@@ -1,1082 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interfaces of the CMS implementation.
- *
- * $Id$
- */
-
-#ifndef _CMS_H_
-#define _CMS_H_
-
-#include "seccomon.h"
-
-#include "secoidt.h"
-#include "certt.h"
-#include "keyt.h"
-#include "hasht.h"
-#include "cmst.h"
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/************************************************************************
- * cmsdecode.c - CMS decoding
- ************************************************************************/
-
-/*
- * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
- *
- * "poolp" - pointer to arena for message, or NULL if new pool should be created
- * "cb", "cb_arg" - callback function and argument for delivery of inner content
- *                  inner content will be stored in the message if cb is NULL.
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- */
-extern NSSCMSDecoderContext *
-NSS_CMSDecoder_Start(PRArenaPool *poolp,
-		      NSSCMSContentCallback cb, void *cb_arg,
-		      PK11PasswordFunc pwfn, void *pwfn_arg,
-		      NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
-
-/*
- * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
- */
-extern SECStatus
-NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len);
-
-/*
- * NSS_CMSDecoder_Cancel - cancel a decoding process
- */
-extern void
-NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx);
-
-/*
- * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
- */
-extern NSSCMSMessage *
-NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx);
-
-/*
- * NSS_CMSMessage_CreateFromDER - decode a CMS message from DER encoded data
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
-		    NSSCMSContentCallback cb, void *cb_arg,
-		    PK11PasswordFunc pwfn, void *pwfn_arg,
-		    NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
-
-/************************************************************************
- * cmsencode.c - CMS encoding
- ************************************************************************/
-
-/*
- * NSS_CMSEncoder_Start - set up encoding of a CMS message
- *
- * "cmsg" - message to encode
- * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
- *                           will not be called if NULL.
- * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
- * "destpoolp" - pool to allocate DER-encoded output in
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-extern NSSCMSEncoderContext *
-NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
-			NSSCMSContentCallback outputfn, void *outputarg,
-			SECItem *dest, PLArenaPool *destpoolp,
-			PK11PasswordFunc pwfn, void *pwfn_arg,
-			NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
-			SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
-
-/*
- * NSS_CMSEncoder_Update - take content data delivery from the user
- *
- * "p7ecx" - encoder context
- * "data" - content data
- * "len" - length of content data
- */
-extern SECStatus
-NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
-
-/*
- * NSS_CMSEncoder_Finish - signal the end of data
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-extern SECStatus
-NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx);
-
-/************************************************************************
- * cmsmessage.c - CMS message object
- ************************************************************************/
-
-/*
- * NSS_CMSMessage_Create - create a CMS message object
- *
- * "poolp" - arena to allocate memory from, or NULL if new arena should be created
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_Create(PLArenaPool *poolp);
-
-/*
- * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
- *
- * "cmsg" - message object
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- *
- * used internally.
- */
-extern void
-NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
-			PK11PasswordFunc pwfn, void *pwfn_arg,
-			NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
-			SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
-
-/*
- * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
- */
-extern void
-NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_Copy - return a copy of the given message. 
- *
- * The copy may be virtual or may be real -- either way, the result needs
- * to be passed to NSS_CMSMessage_Destroy later (as does the original).
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_Copy(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
- */
-extern PLArenaPool *
-NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg);
-
-/*
- * Return a pointer to the actual content. 
- * In the case of those types which are encrypted, this returns the *plain* content.
- * In case of nested contentInfos, this descends and retrieves the innermost content.
- */
-extern SECItem *
-NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
- *
- * CMS data content objects do not count.
- */
-extern int
-NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_ContentLevel - find content level #n
- *
- * CMS data content objects do not count.
- */
-extern NSSCMSContentInfo *
-NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n);
-
-/*
- * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
- */
-extern PRBool
-NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
- */
-extern PRBool
-NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
- *
- * If the CMS message has a SignedData with a signature (not just a SignedData)
- * return true; false otherwise.  This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-extern PRBool
-NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsContentEmpty - see if content is empty
- *
- * returns PR_TRUE is innermost content length is < minLen
- * XXX need the encrypted content length (why?)
- */
-extern PRBool
-NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen);
-
-/************************************************************************
- * cmscinfo.c - CMS contentInfo methods
- ************************************************************************/
-
-/*
- * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
- */
-extern void
-NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
- */
-extern NSSCMSContentInfo *
-NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_SetContent - set cinfo's content type & content to CMS object
- */
-extern SECStatus
-NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr);
-
-/*
- * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetType
- *   set cinfo's content type & content to CMS object
- */
-extern SECStatus
-NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSContentInfo_GetContent - get pointer to inner content
- *
- * needs to be casted...
- */
-extern void *
-NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo);
-
-/* 
- * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
- *
- * this is typically only called by NSS_CMSMessage_GetContent()
- */
-extern SECItem *
-NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
- * for future reference) and return the inner content type.
- */
-extern SECOidTag
-NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo);
-
-extern SECItem *
-NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
- * for future reference) and return the content encryption algorithm tag.
- */
-extern SECOidTag
-NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
- */
-extern SECAlgorithmID *
-NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
-				    SECOidTag bulkalgtag, SECItem *parameters, int keysize);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
-				    SECAlgorithmID *algid, int keysize);
-
-extern void
-NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey);
-
-extern PK11SymKey *
-NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo);
-
-extern int
-NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo);
-
-/************************************************************************
- * cmsutil.c - CMS misc utility functions
- ************************************************************************/
-
-/*
- * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
- *
- * make sure that the order of the objects guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in objs).
- */
-extern SECStatus
-NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2);
-
-/*
- * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
- *  sort arrays of SECItems containing DER
- */
-extern int
-NSS_CMSUtil_DERCompare(void *a, void *b);
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of 
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algid - algorithmid of algorithm to pick
- *
- * Returns:
- *  An integer containing the index of the algorithm in the array or -1 if 
- *  algorithm was not found.
- */
-extern int
-NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid);
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of 
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algiddata - id of algorithm to pick
- *
- * Returns:
- *  An integer containing the index of the algorithm in the array or -1 if 
- *  algorithm was not found.
- */
-extern int
-NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray, SECOidTag algtag);
-
-extern const SECHashObject *
-NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid);
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-extern SECOidTag
-NSS_CMSUtil_MakeSignatureAlgorithm(SECOidTag hashalg, SECOidTag encalg);
-
-extern const SEC_ASN1Template *
-NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type);
-
-extern size_t
-NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type);
-
-extern NSSCMSContentInfo *
-NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type);
-
-extern const char *
-NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs);
-
-/************************************************************************
- * cmssigdata.c - CMS signedData methods
- ************************************************************************/
-
-extern NSSCMSSignedData *
-NSS_CMSSignedData_Create(NSSCMSMessage *cmsg);
-
-extern void
-NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
- *     before start of encoding.
- *
- * In detail:
- *  - find out about the right value to put into sigd->version
- *  - come up with a list of digestAlgorithms (which should be the union of the algorithms
- *         in the signerinfos).
- *         If we happen to have a pre-set list of algorithms (and digest values!), we
- *         check if we have all the signerinfos' algorithms. If not, this is an error.
- */
-extern SECStatus
-NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
- *     after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- *  - create the signatures in all the SignerInfos
- *
- * Please note that nothing is done to the Certificates and CRLs in the message - this
- * is entirely the responsibility of our callers.
- */
-extern SECStatus
-NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
- *     after all the encapsulated data was passed through the decoder.
- */
-extern SECStatus
-NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
- *     after all decoding is finished.
- */
-extern SECStatus
-NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd);
-
-/* 
- * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
- */
-extern NSSCMSSignerInfo **
-NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd);
-
-extern int
-NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd);
-
-extern NSSCMSSignerInfo *
-NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i);
-
-/* 
- * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
- */
-extern SECAlgorithmID **
-NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd);
-
-/* 
- * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
- */
-extern SECItem **
-NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
-				SECCertUsage certusage, PRBool keepcerts);
-
-/*
- * NSS_CMSSignedData_HasDigests - see if we have digests in place
- */
-extern PRBool
-NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_VerifySignerInfo - check a signature.
- *
- * The digests were either calculated during decoding (and are stored in the
- * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
- *
- * The verification checks if the signing cert is valid and has a trusted chain
- * for the purpose specified by "certusage".
- */
-extern SECStatus
-NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i, CERTCertDBHandle *certdb,
-				    SECCertUsage certusage);
-
-/*
- * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
-*/
-extern SECStatus
-NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd, 
-                                  CERTCertDBHandle *certdb, 
-                                  SECCertUsage usage);
-
-extern SECStatus
-NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist);
-
-/*
- * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs 
- */
-extern SECStatus
-NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert);
-
-extern SECStatus
-NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert);
-
-extern PRBool
-NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
-				NSSCMSSignerInfo *signerinfo);
-
-extern SECItem *
-NSS_CMSSignedData_GetDigestByAlgTag(NSSCMSSignedData *sigd, SECOidTag algtag);
-
-extern SECStatus
-NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
-				SECAlgorithmID **digestalgs,
-				SECItem **digests);
-
-extern SECStatus
-NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
-				SECOidTag digestalgtag,
-				SECItem *digestdata);
-
-extern SECStatus
-NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
-				NSSCMSSignedData *sigd,
-				SECOidTag digestalgtag,
-				SECItem *digest);
-
-extern SECItem *
-NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag);
-
-/*
- * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
- *
- * cert          - base certificates that will be included
- * include_chain - if true, include the complete cert chain for cert
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- */
-extern NSSCMSSignedData *
-NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain);
-
-/************************************************************************
- * cmssiginfo.c - signerinfo methods
- ************************************************************************/
-
-extern NSSCMSSignerInfo *
-NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag);
-
-/*
- * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
- */
-extern void
-NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si);
-
-/*
- * NSS_CMSSignerInfo_Sign - sign something
- *
- */
-extern SECStatus
-NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
-
-extern SECStatus
-NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
-			    SECCertUsage certusage);
-
-/*
- * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
- *
- * Just verifies the signature. The assumption is that verification of the certificate
- * is done already.
- */
-extern SECStatus
-NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
-
-extern NSSCMSVerificationStatus
-NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo);
-
-extern SECOidData *
-NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo);
-
-extern SECOidTag
-NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo);
-
-extern int
-NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo);
-
-extern CERTCertificateList *
-NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
- *				      in UTCTime format, of a CMS signerInfo.
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to XXXX (what?)
- * A return value of NULL is an error.
- */
-extern SECStatus
-NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime);
-
-/*
- * Return the signing cert of a CMS signerInfo.
- *
- * the certs in the enclosing SignedData must have been imported already
- */
-extern CERTCertificate *
-NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb);
-
-/*
- * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-extern char *
-NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo);
-
-/*
- * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-extern char *
-NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo);
-
-/*
- * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo". 
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
- * unauthenticated attributes of "signerinfo". 
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
-
-/* 
- * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
- * authenticated (i.e. signed) attributes of "signerinfo". 
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will do nothing.
- *
- * XXX This will probably just shove the current time into "signerinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding.  Is this (expected to be small) delay okay?
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t);
-
-/*
- * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME).
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb);
-
-/* 
- * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
-				    SECOidTag digestalg, CERTCertificate signingcert);
-
-/*
- * XXXX the following needs to be done in the S/MIME layer code
- * after signature of a signerinfo is verified
- */
-extern SECStatus
-NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
- */
-extern SECStatus
-NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage);
-
-/************************************************************************
- * cmsenvdata.c - CMS envelopedData methods
- ************************************************************************/
-
-/*
- * NSS_CMSEnvelopedData_Create - create an enveloped data message
- */
-extern NSSCMSEnvelopedData *
-NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
-
-/*
- * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
- */
-extern void
-NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp);
-
-/*
- * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
- *
- * rip must be created on the same pool as edp - this is not enforced, though.
- */
-extern SECStatus
-NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip);
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
- *
- * at this point, we need
- * - recipientinfos set up with recipient's certificates
- * - a content encryption algorithm (if none, 3DES will be used)
- *
- * this function will generate a random content encryption key (aka bulk key),
- * initialize the recipientinfos with certificate identification and wrap the bulk key
- * using the proper algorithm for every certificiate.
- * it will finally set the bulk algorithm and key so that the encode step can find it.
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo, 
- * derive bulk key & set up our contentinfo
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd);
-
-
-/************************************************************************
- * cmsrecinfo.c - CMS recipientInfo methods
- ************************************************************************/
-
-/*
- * NSS_CMSRecipientInfo_Create - create a recipientinfo
- *
- * we currently do not create KeyAgreement recipientinfos with multiple recipientEncryptedKeys
- * the certificate is supposed to have been verified by the caller
- */
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert);
-
-extern void
-NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri);
-
-extern int
-NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri);
-
-extern SECItem *
-NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex);
-
-
-extern SECOidTag
-NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri);
-
-extern SECStatus
-NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, SECOidTag bulkalgtag);
-
-extern PK11SymKey *
-NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
-		CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag);
-
-/************************************************************************
- * cmsencdata.c - CMS encryptedData methods
- ************************************************************************/
-/*
- * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * "keysize" is the key size.
- * 
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern NSSCMSEncryptedData *
-NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
-
-/*
- * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
- */
-extern void
-NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
- *     before encoding begins.
- *
- * In particular:
- *  - set the correct version value.
- *  - get the encryption key
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd);
-
-/************************************************************************
- * cmsdigdata.c - CMS encryptedData methods
- ************************************************************************/
-/*
- * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
- *
- * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
- * digestAlg is passed as parameter
- * contentInfo must be filled by the user
- * digest will be calculated while encoding
- */
-extern NSSCMSDigestedData *
-NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg);
-
-/*
- * NSS_CMSDigestedData_Destroy - destroy a digestedData object
- */
-extern void
-NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
- *     before encoding begins.
- *
- * In particular:
- *  - set the right version number. The contentInfo's content type must be set up already.
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
- *     before the encapsulated data is passed through the encoder.
- *
- * In detail:
- *  - set up the digests if necessary
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
- *     after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- *  - finish the digests
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
- *     before the encapsulated data is passed through the encoder.
- *
- * In detail:
- *  - set up the digests if necessary
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
- *     after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- *  - finish the digests
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
- *
- * In detail:
- *  - check the digests for equality
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd);
-
-/************************************************************************
- * cmsdigest.c - digestion routines
- ************************************************************************/
-
-/*
- * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
- *  digest algorithms in "digestalgs" in parallel.
- */
-extern NSSCMSDigestContext *
-NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs);
-
-/*
- * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
- *  only one algorithm.
- */
-extern NSSCMSDigestContext *
-NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg);
-
-/*
- * NSS_CMSDigestContext_Update - feed more data into the digest machine
- */
-extern void
-NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len);
-
-/*
- * NSS_CMSDigestContext_Cancel - cancel digesting operation
- */
-extern void
-NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx);
-
-/*
- * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
- *  into an array of SECItems (allocated on poolp)
- */
-extern SECStatus
-NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
-			    SECItem ***digestsp);
-
-/*
- * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
- *  but for one digest.
- */
-extern SECStatus
-NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
-			    SECItem *digest);
-
-/************************************************************************
- * 
- ************************************************************************/
-
-/* shortcuts for basic use */
-
-/*
- * NSS_CMSDEREncode - DER Encode a CMS message, with input being
- *                    the plaintext message and derOut being the output,
- *                    stored in arena's pool.
- */
-extern SECStatus
-NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut, 
-                 PLArenaPool *arena);
-
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _CMS_H_ */
diff --git a/security/nss/lib/smime/cmsarray.c b/security/nss/lib/smime/cmsarray.c
deleted file mode 100644
index 68d7e1963..000000000
--- a/security/nss/lib/smime/cmsarray.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS array functions.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secerr.h"
-
-/*
- * ARRAY FUNCTIONS
- *
- * In NSS, arrays are rather primitive arrays of pointers.
- * Makes it easy to walk the array, but hard to count elements
- * and manage the storage.
- *
- * This is a feeble attempt to encapsulate the functionality
- * and get rid of hundreds of lines of similar code
- */
-
-/*
- * NSS_CMSArray_Alloc - allocate an array in an arena
- *
- * This allocates space for the array of pointers
- */
-void **
-NSS_CMSArray_Alloc(PRArenaPool *poolp, int n)
-{
-    return (void **)PORT_ArenaZAlloc(poolp, n * sizeof(void *));
-}
-
-/*
- * NSS_CMSArray_Add - add an element to the end of an array
- *
- * The array of pointers is either created (if array was empty before) or grown.
- */
-SECStatus
-NSS_CMSArray_Add(PRArenaPool *poolp, void ***array, void *obj)
-{
-    void **p;
-    int n;
-    void **dest;
-
-    PORT_Assert(array != NULL);
-    if (array == NULL)
-	return SECFailure;
-
-    if (*array == NULL) {
-	dest = (void **)PORT_ArenaAlloc(poolp, 2 * sizeof(void *));
-	n = 0;
-    } else {
-	n = 0; p = *array;
-	while (*p++)
-	    n++;
-	dest = (void **)PORT_ArenaGrow (poolp, 
-			      *array,
-			      (n + 1) * sizeof(void *),
-			      (n + 2) * sizeof(void *));
-    }
-    dest[n] = obj;
-    dest[n+1] = NULL;
-    *array = dest;
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSArray_IsEmpty - check if array is empty
- */
-PRBool
-NSS_CMSArray_IsEmpty(void **array)
-{
-    return (array == NULL || array[0] == NULL);
-}
-
-/*
- * NSS_CMSArray_Count - count number of elements in array
- */
-int
-NSS_CMSArray_Count(void **array)
-{
-    int n = 0;
-
-    if (array == NULL)
-	return 0;
-
-    while (*array++ != NULL)
-	n++;
-
-    return n;
-}
-
-/*
- * NSS_CMSArray_Sort - sort an array in place
- *
- * If "secondary" or "tertiary are not NULL, it must be arrays with the same
- *  number of elements as "primary". The same reordering will get applied to it.
- *
- * "compare" is a function that returns 
- *  < 0 when the first element is less than the second
- *  = 0 when the first element is equal to the second
- *  > 0 when the first element is greater than the second
- * to acheive ascending ordering.
- */
-void
-NSS_CMSArray_Sort(void **primary, int (*compare)(void *,void *), void **secondary, void **tertiary)
-{
-    int n, i, limit, lastxchg;
-    void *tmp;
-
-    n = NSS_CMSArray_Count(primary);
-
-    PORT_Assert(secondary == NULL || NSS_CMSArray_Count(secondary) == n);
-    PORT_Assert(tertiary == NULL || NSS_CMSArray_Count(tertiary) == n);
-    
-    if (n <= 1)	/* ordering is fine */
-	return;
-    
-    /* yes, ladies and gentlemen, it's BUBBLE SORT TIME! */
-    limit = n - 1;
-    while (1) {
-	lastxchg = 0;
-	for (i = 0; i < limit; i++) {
-	    if ((*compare)(primary[i], primary[i+1]) > 0) {
-		/* exchange the neighbours */
-		tmp = primary[i+1];
-		primary[i+1] = primary[i];
-		primary[i] = tmp;
-		if (secondary) {		/* secondary array? */
-		    tmp = secondary[i+1];	/* exchange there as well */
-		    secondary[i+1] = secondary[i];
-		    secondary[i] = tmp;
-		}
-		if (tertiary) {			/* tertiary array? */
-		    tmp = tertiary[i+1];	/* exchange there as well */
-		    tertiary[i+1] = tertiary[i];
-		    tertiary[i] = tmp;
-		}
-		lastxchg = i+1;	/* index of the last element bubbled up */
-	    }
-	}
-	if (lastxchg == 0)	/* no exchanges, so array is sorted */
-	    break;		/* we're done */
-	limit = lastxchg;	/* array is sorted up to [limit] */
-    }
-}
-
-#if 0
-
-/* array iterator stuff... not used */
-
-typedef void **NSSCMSArrayIterator;
-
-/* iterator */
-NSSCMSArrayIterator
-NSS_CMSArray_First(void **array)
-{
-    if (array == NULL || array[0] == NULL)
-	return NULL;
-    return (NSSCMSArrayIterator)&(array[0]);
-}
-
-void *
-NSS_CMSArray_Obj(NSSCMSArrayIterator iter)
-{
-    void **p = (void **)iter;
-
-    return *iter;	/* which is NULL if we are at the end of the array */
-}
-
-NSSCMSArrayIterator
-NSS_CMSArray_Next(NSSCMSArrayIterator iter)
-{
-    void **p = (void **)iter;
-
-    return (NSSCMSArrayIterator)(p + 1);
-}
-
-#endif
diff --git a/security/nss/lib/smime/cmsasn1.c b/security/nss/lib/smime/cmsasn1.c
deleted file mode 100644
index be44c7524..000000000
--- a/security/nss/lib/smime/cmsasn1.c
+++ /dev/null
@@ -1,575 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS ASN.1 templates
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_BitStringTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
-
-/* -----------------------------------------------------------------------------
- * MESSAGE
- * (uses NSSCMSContentInfo)
- */
-
-/* forward declaration */
-static const SEC_ASN1Template *
-nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
-
-static const SEC_ASN1TemplateChooserPtr nss_cms_chooser
-	= nss_cms_choose_content_template;
-
-const SEC_ASN1Template NSSCMSMessageTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSMessage) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(NSSCMSMessage,contentInfo.contentType) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
-     | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(NSSCMSMessage,contentInfo.content),
-	  &nss_cms_chooser },
-    { 0 }
-};
-
-static const SEC_ASN1Template NSS_PointerToCMSMessageTemplate[] = {
-    { SEC_ASN1_POINTER, 0, NSSCMSMessageTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * ENCAPSULATED & ENCRYPTED CONTENTINFO
- * (both use a NSSCMSContentInfo)
- */
-static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSContentInfo) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(NSSCMSContentInfo,contentType) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
-	SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-	  offsetof(NSSCMSContentInfo,rawContent),
-	  SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
-    { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSContentInfo) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(NSSCMSContentInfo,contentType) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSContentInfo,contentEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM | 
-      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-	  offsetof(NSSCMSContentInfo,rawContent),
-	  SEC_ASN1_SUB(SEC_OctetStringTemplate) },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * SIGNED DATA
- */
-
-const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
-
-const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSSignedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSSignedData,version) },
-    { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSSignedData,digestAlgorithms),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSSignedData,contentInfo),
-	  NSSCMSEncapsulatedContentInfoTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 0,
-	  offsetof(NSSCMSSignedData,rawCerts),
-	  SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 1,
-	  offsetof(NSSCMSSignedData,crls),
-	  SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
-    { SEC_ASN1_SET_OF,
-	  offsetof(NSSCMSSignedData,signerInfos),
-	  NSSCMSSignerInfoTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * signeridentifier
- */
-
-static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
-    { SEC_ASN1_CHOICE,
-	  offsetof(NSSCMSSignerIdentifier,identifierType), NULL,
-	  sizeof(NSSCMSSignerIdentifier) },
-    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-	  offsetof(NSSCMSSignerIdentifier,id.subjectKeyID),
-	  SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
-	  NSSCMSRecipientID_SubjectKeyID },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSSignerIdentifier,id.issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
-	  NSSCMSRecipientID_IssuerSN },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * signerinfo
- */
-
-const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSSignerInfo) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSSignerInfo,version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSSignerInfo,signerIdentifier),
-	  NSSCMSSignerIdentifierTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSSignerInfo,digestAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(NSSCMSSignerInfo,authAttr),
-	  nss_cms_set_of_attribute_template },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSSignerInfo,digestEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSSignerInfo,encDigest) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(NSSCMSSignerInfo,unAuthAttr),
-	  nss_cms_set_of_attribute_template },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * ENVELOPED DATA
- */
-
-static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSOriginatorInfo) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 0,
-	  offsetof(NSSCMSOriginatorInfo,rawCerts),
-	  SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 1,
-	  offsetof(NSSCMSOriginatorInfo,crls),
-	  SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
-    { 0 }
-};
-
-const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
-
-const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSEnvelopedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSEnvelopedData,version) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(NSSCMSEnvelopedData,originatorInfo),
-	  NSSCMSOriginatorInfoTemplate },
-    { SEC_ASN1_SET_OF,
-	  offsetof(NSSCMSEnvelopedData,recipientInfos),
-	  NSSCMSRecipientInfoTemplate },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSEnvelopedData,contentInfo),
-	  NSSCMSEncryptedContentInfoTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(NSSCMSEnvelopedData,unprotectedAttr),
-	  nss_cms_set_of_attribute_template },
-    { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
-};
-
-/* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
-
-/* -----------------------------------------------------------------------------
- * key transport recipient info
- */
-
-static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
-    { SEC_ASN1_CHOICE,
-	  offsetof(NSSCMSRecipientIdentifier,identifierType), NULL,
-	  sizeof(NSSCMSRecipientIdentifier) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 0,
-	  offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID),
-	  SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
-	  NSSCMSRecipientID_SubjectKeyID },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
-	  NSSCMSRecipientID_IssuerSN },
-    { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSKeyTransRecipientInfo,version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier),
-	  NSSCMSRecipientIdentifierTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSKeyTransRecipientInfo,encKey) },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * key agreement recipient info
- */
-
-static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSOriginatorPublicKey,publicKey),
-	  SEC_ASN1_SUB(SEC_BitStringTemplate) },
-    { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
-    { SEC_ASN1_CHOICE,
-	  offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL,
-	  sizeof(NSSCMSOriginatorIdentifierOrKey) },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
-	  NSSCMSOriginatorIDOrKey_IssuerSN },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
-      SEC_ASN1_XTRN | 1,
-	  offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID),
-	  SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
-	  NSSCMSOriginatorIDOrKey_SubjectKeyID },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	  offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey),
-	  NSSCMSOriginatorPublicKeyTemplate,
-	  NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
-    { 0 }
-};
-
-const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSRecipientKeyIdentifier,subjectKeyIdentifier) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSRecipientKeyIdentifier,date) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSRecipientKeyIdentifier,other) },
-    { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
-    { SEC_ASN1_CHOICE,
-	  offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL,
-	  sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
-    { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
-	  NSSCMSKeyAgreeRecipientID_IssuerSN },
-    { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
-	  NSSCMSRecipientKeyIdentifierTemplate,
-	  NSSCMSKeyAgreeRecipientID_RKeyID },
-    { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier),
-	  NSSCMSKeyAgreeRecipientIdentifierTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSRecipientEncryptedKey,encKey),
-	  SEC_ASN1_SUB(SEC_BitStringTemplate) },
-    { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSKeyAgreeRecipientInfo,version) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	  offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey),
-	  NSSCMSOriginatorIdentifierOrKeyTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
-      SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
-	  offsetof(NSSCMSKeyAgreeRecipientInfo,ukm),
-	  SEC_ASN1_SUB(SEC_OctetStringTemplate) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_SEQUENCE_OF,
-	  offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys),
-	  NSSCMSRecipientEncryptedKeyTemplate },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * KEK recipient info
- */
-
-static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSKEKIdentifier) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSKEKIdentifier,keyIdentifier) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSKEKIdentifier,date) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSKEKIdentifier,other) },
-    { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSKEKRecipientInfo,version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSKEKRecipientInfo,kekIdentifier),
-	  NSSCMSKEKIdentifierTemplate },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSKEKRecipientInfo,keyEncAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSKEKRecipientInfo,encKey) },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * recipient info
- */
-const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
-    { SEC_ASN1_CHOICE,
-	  offsetof(NSSCMSRecipientInfo,recipientInfoType), NULL,
-	  sizeof(NSSCMSRecipientInfo) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(NSSCMSRecipientInfo,ri.keyAgreeRecipientInfo),
-	  NSSCMSKeyAgreeRecipientInfoTemplate,
-	  NSSCMSRecipientInfoID_KeyAgree },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
-	  offsetof(NSSCMSRecipientInfo,ri.kekRecipientInfo),
-	  NSSCMSKEKRecipientInfoTemplate,
-	  NSSCMSRecipientInfoID_KEK },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSRecipientInfo,ri.keyTransRecipientInfo),
-	  NSSCMSKeyTransRecipientInfoTemplate,
-	  NSSCMSRecipientInfoID_KeyTrans },
-    { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- *
- */
-
-const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSDigestedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSDigestedData,version) },
-    { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
-	  offsetof(NSSCMSDigestedData,digestAlg),
-	  SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSDigestedData,contentInfo),
-	  NSSCMSEncapsulatedContentInfoTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSDigestedData,digest) },
-    { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
-};
-
-const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
-	  0, NULL, sizeof(NSSCMSEncryptedData) },
-    { SEC_ASN1_INTEGER,
-	  offsetof(NSSCMSEncryptedData,version) },
-    { SEC_ASN1_INLINE,
-	  offsetof(NSSCMSEncryptedData,contentInfo),
-	  NSSCMSEncryptedContentInfoTemplate },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(NSSCMSEncryptedData,unprotectedAttr),
-	  nss_cms_set_of_attribute_template },
-    { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
-    { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * FORTEZZA KEA
- */
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
-	{ SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
-	{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
-	  offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
-	{ SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
-	{ 0 }
-};
-
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
-	{ SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
-	{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
-	  offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
-	{ SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
-	{ SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
-	  offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
-	{ 0 }
-};
-
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
-	{ SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
-	{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
-	  offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
-	{ SEC_ASN1_OCTET_STRING,
-	  offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
-	{ SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
-	  offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
-	{ SEC_ASN1_OCTET_STRING  | SEC_ASN1_OPTIONAL ,
-	  offsetof(NSSCMSSMIMEKEAParameters,bulkKeySize) },
-	{ 0 }
-};
-
-const SEC_ASN1Template *
-nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate)
-{
-	const SEC_ASN1Template *returnVal = NULL;
-
-	switch(whichTemplate)
-	{
-	case NSSCMSKEAUsesNonSkipjack:
-		returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
-		break;
-	case NSSCMSKEAUsesSkipjack:
-		returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
-		break;
-	case NSSCMSKEAUsesNonSkipjackWithPaddedEncKey:
-	default:
-		returnVal = NSS_SMIMEKEAParamTemplateAllParams;
-		break;
-	}
-	return returnVal;
-}
-
-/* -----------------------------------------------------------------------------
- *
- */
-static const SEC_ASN1Template *
-nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    NSSCMSContentInfo *cinfo;
-
-    PORT_Assert (src_or_dest != NULL);
-    if (src_or_dest == NULL)
-	return NULL;
-
-    cinfo = (NSSCMSContentInfo *)src_or_dest;
-    switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
-    default:
-	theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
-	break;
-    case SEC_OID_PKCS7_DATA:
-	theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
-	break;
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	theTemplate = NSS_PointerToCMSSignedDataTemplate;
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	theTemplate = NSS_PointerToCMSDigestedDataTemplate;
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
-	break;
-    }
-    return theTemplate;
-}
diff --git a/security/nss/lib/smime/cmsattr.c b/security/nss/lib/smime/cmsattr.c
deleted file mode 100644
index 4217e6c78..000000000
--- a/security/nss/lib/smime/cmsattr.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS attributes.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-/*
- * -------------------------------------------------------------------
- * XXX The following Attribute stuff really belongs elsewhere.
- * The Attribute type is *not* part of CMS but rather X.501.
- * But for now, since CMS is the only customer of attributes,
- * we define them here.  Once there is a use outside of CMS,
- * then change the attribute types and functions from internal
- * to external naming convention, and move them elsewhere!
- */
-
-
-/*
- * NSS_CMSAttribute_Create - create an attribute
- *
- * if value is NULL, the attribute won't have a value. It can be added later
- * with NSS_CMSAttribute_AddValue.
- */
-NSSCMSAttribute *
-NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded)
-{
-    NSSCMSAttribute *attr;
-    SECItem *copiedvalue;
-    void *mark;
-
-    PORT_Assert (poolp != NULL);
-
-    mark = PORT_ArenaMark (poolp);
-
-    attr = (NSSCMSAttribute *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSAttribute));
-    if (attr == NULL)
-	goto loser;
-
-    attr->typeTag = SECOID_FindOIDByTag(oidtag);
-    if (attr->typeTag == NULL)
-	goto loser;
-
-    if (SECITEM_CopyItem(poolp, &(attr->type), &(attr->typeTag->oid)) != SECSuccess)
-	goto loser;
-
-    if (value != NULL) {
-	if ((copiedvalue = SECITEM_AllocItem(poolp, NULL, value->len)) == NULL)
-	    goto loser;
-
-	if (SECITEM_CopyItem(poolp, copiedvalue, value) != SECSuccess)
-	    goto loser;
-
-	NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)copiedvalue);
-    }
-
-    attr->encoded = encoded;
-
-    PORT_ArenaUnmark (poolp, mark);
-
-    return attr;
-
-loser:
-    PORT_Assert (mark != NULL);
-    PORT_ArenaRelease (poolp, mark);
-    return NULL;
-}
-
-/*
- * NSS_CMSAttribute_AddValue - add another value to an attribute
- */
-SECStatus
-NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value)
-{
-    SECItem copiedvalue;
-    void *mark;
-
-    PORT_Assert (poolp != NULL);
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* XXX we need an object memory model #$%#$%! */
-    if (SECITEM_CopyItem(poolp, &copiedvalue, value) != SECSuccess)
-	goto loser;
-
-    if (NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)&copiedvalue) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_Assert (mark != NULL);
-    PORT_ArenaRelease (poolp, mark);
-    return SECFailure;
-}
-
-/*
- * NSS_CMSAttribute_GetType - return the OID tag
- */
-SECOidTag
-NSS_CMSAttribute_GetType(NSSCMSAttribute *attr)
-{
-    SECOidData *typetag;
-
-    typetag = SECOID_FindOID(&(attr->type));
-    if (typetag == NULL)
-	return SEC_OID_UNKNOWN;
-
-    return typetag->offset;
-}
-
-/*
- * NSS_CMSAttribute_GetValue - return the first attribute value
- *
- * We do some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-SECItem *
-NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr)
-{
-    SECItem *value;
-
-    if (attr == NULL)
-	return NULL;
-
-    value = attr->values[0];
-
-    if (value == NULL || value->data == NULL || value->len == 0)
-	return NULL;
-
-    if (attr->values[1] != NULL)
-	return NULL;
-
-    return value;
-}
-
-/*
- * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
- */
-PRBool
-NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av)
-{
-    SECItem *value;
-    
-    if (attr == NULL)
-	return PR_FALSE;
-
-    value = NSS_CMSAttribute_GetValue(attr);
-
-    return (value != NULL && value->len == av->len &&
-	PORT_Memcmp (value->data, av->data, value->len) == 0);
-}
-
-/*
- * templates and functions for separate ASN.1 encoding of attributes
- *
- * used in NSS_CMSAttributeArray_Reorder
- */
-
-/*
- * helper function for dynamic template determination of the attribute value
- */
-static const SEC_ASN1Template *
-cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
-{
-    const SEC_ASN1Template *theTemplate;
-    NSSCMSAttribute *attribute;
-    SECOidData *oiddata;
-    PRBool encoded;
-
-    PORT_Assert (src_or_dest != NULL);
-    if (src_or_dest == NULL)
-	return NULL;
-
-    attribute = (NSSCMSAttribute *)src_or_dest;
-
-    if (encoding && attribute->encoded)
-	/* we're encoding, and the attribute value is already encoded. */
-	return SEC_ASN1_GET(SEC_AnyTemplate);
-
-    /* get attribute's typeTag */
-    oiddata = attribute->typeTag;
-    if (oiddata == NULL) {
-	oiddata = SECOID_FindOID(&attribute->type);
-	attribute->typeTag = oiddata;
-    }
-
-    if (oiddata == NULL) {
-	/* still no OID tag? OID is unknown then. en/decode value as ANY. */
-	encoded = PR_TRUE;
-	theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-    } else {
-	switch (oiddata->offset) {
-	case SEC_OID_PKCS9_SMIME_CAPABILITIES:
-	case SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE:
-	    /* these guys need to stay DER-encoded */
-	default:
-	    /* same goes for OIDs that are not handled here */
-	    encoded = PR_TRUE;
-	    theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
-	    break;
-	    /* otherwise choose proper template */
-	case SEC_OID_PKCS9_EMAIL_ADDRESS:
-	case SEC_OID_RFC1274_MAIL:
-	case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
-	    break;
-	case SEC_OID_PKCS9_CONTENT_TYPE:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
-	    break;
-	case SEC_OID_PKCS9_MESSAGE_DIGEST:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
-	    break;
-	case SEC_OID_PKCS9_SIGNING_TIME:
-	    encoded = PR_FALSE;
-	    theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate);
-	    break;
-	  /* XXX Want other types here, too */
-	}
-    }
-
-    if (encoding) {
-	/*
-	 * If we are encoding and we think we have an already-encoded value,
-	 * then the code which initialized this attribute should have set
-	 * the "encoded" property to true (and we would have returned early,
-	 * up above).  No devastating error, but that code should be fixed.
-	 * (It could indicate that the resulting encoded bytes are wrong.)
-	 */
-	PORT_Assert (!encoded);
-    } else {
-	/*
-	 * We are decoding; record whether the resulting value is
-	 * still encoded or not.
-	 */
-	attribute->encoded = encoded;
-    }
-    return theTemplate;
-}
-
-static const SEC_ASN1TemplateChooserPtr cms_attr_chooser
-	= cms_attr_choose_attr_value_template;
-
-const SEC_ASN1Template nss_cms_attribute_template[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSCMSAttribute) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(NSSCMSAttribute,type) },
-    { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
-	  offsetof(NSSCMSAttribute,values),
-	  &cms_attr_chooser },
-    { 0 }
-};
-
-const SEC_ASN1Template nss_cms_set_of_attribute_template[] = {
-    { SEC_ASN1_SET_OF, 0, nss_cms_attribute_template },
-};
-
-/* =============================================================================
- * Attribute Array methods
- */
-
-/*
- * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
- *
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in cmsencode.c.  (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-SECItem *
-NSS_CMSAttributeArray_Encode(PRArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest)
-{
-    return SEC_ASN1EncodeItem (poolp, dest, (void *)attrs, nss_cms_set_of_attribute_template);
-}
-
-/*
- * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
- *
- * make sure that the order of the attributes guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in attrs).
- */
-SECStatus
-NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs)
-{
-    return NSS_CMSArray_SortByDER((void **)attrs, nss_cms_attribute_template, NULL);
-}
-
-/*
- * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
- * find one that matches the specified object ID.
- *
- * If "only" is true, then make sure that there is not more than one attribute
- * of the same type.  Otherwise, just return the first one found. (XXX Does
- * anybody really want that first-found behavior?  It was like that when I found it...)
- */
-NSSCMSAttribute *
-NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only)
-{
-    SECOidData *oid;
-    NSSCMSAttribute *attr1, *attr2;
-
-    if (attrs == NULL)
-	return NULL;
-
-    oid = SECOID_FindOIDByTag(oidtag);
-    if (oid == NULL)
-	return NULL;
-
-    while ((attr1 = *attrs++) != NULL) {
-	if (attr1->type.len == oid->oid.len && PORT_Memcmp (attr1->type.data,
-							    oid->oid.data,
-							    oid->oid.len) == 0)
-	    break;
-    }
-
-    if (attr1 == NULL)
-	return NULL;
-
-    if (!only)
-	return attr1;
-
-    while ((attr2 = *attrs++) != NULL) {
-	if (attr2->type.len == oid->oid.len && PORT_Memcmp (attr2->type.data,
-							    oid->oid.data,
-							    oid->oid.len) == 0)
-	    break;
-    }
-
-    if (attr2 != NULL)
-	return NULL;
-
-    return attr1;
-}
-
-/*
- * NSS_CMSAttributeArray_AddAttr - add an attribute to an
- * array of attributes. 
- */
-SECStatus
-NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr)
-{
-    NSSCMSAttribute *oattr;
-    void *mark;
-    SECOidTag type;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* find oidtag of attr */
-    type = NSS_CMSAttribute_GetType(attr);
-
-    /* see if we have one already */
-    oattr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
-    PORT_Assert (oattr == NULL);
-    if (oattr != NULL)
-	goto loser;	/* XXX or would it be better to replace it? */
-
-    /* no, shove it in */
-    if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-/*
- * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
- */
-SECStatus
-NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECOidTag type, SECItem *value, PRBool encoded)
-{
-    NSSCMSAttribute *attr;
-    void *mark;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* see if we have one already */
-    attr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
-    if (attr == NULL) {
-	/* not found? create one! */
-	attr = NSS_CMSAttribute_Create(poolp, type, value, encoded);
-	if (attr == NULL)
-	    goto loser;
-	/* and add it to the list */
-	if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
-	    goto loser;
-    } else {
-	/* found, shove it in */
-	/* XXX we need a decent memory model @#$#$!#!!! */
-	attr->values[0] = value;
-	attr->encoded = encoded;
-    }
-
-    PORT_ArenaUnmark (poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease (poolp, mark);
-    return SECFailure;
-}
-
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c
deleted file mode 100644
index 85756a536..000000000
--- a/security/nss/lib/smime/cmscinfo.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS contentInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSContentInfo_Create - create a content info
- *
- * version is set in the _Finalize procedures for each content type
- */
-
-/*
- * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
- */
-void
-NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo)
-{
-    SECOidTag kind;
-
-    kind = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-    switch (kind) {
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	NSS_CMSEnvelopedData_Destroy(cinfo->content.envelopedData);
-	break;
-      case SEC_OID_PKCS7_SIGNED_DATA:
-	NSS_CMSSignedData_Destroy(cinfo->content.signedData);
-	break;
-      case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	NSS_CMSEncryptedData_Destroy(cinfo->content.encryptedData);
-	break;
-      case SEC_OID_PKCS7_DIGESTED_DATA:
-	NSS_CMSDigestedData_Destroy(cinfo->content.digestedData);
-	break;
-      default:
-	/* XXX Anything else that needs to be "manually" freed/destroyed? */
-	break;
-    }
-    if (cinfo->bulkkey)
-	PK11_FreeSymKey(cinfo->bulkkey);
-
-    if (cinfo->ciphcx) {
-	NSS_CMSCipherContext_Destroy(cinfo->ciphcx);
-	cinfo->ciphcx = NULL;
-    }
-    
-    /* we live in a pool, so no need to worry about storage */
-}
-
-/*
- * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
- */
-NSSCMSContentInfo *
-NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo)
-{
-    switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
-    case SEC_OID_PKCS7_DATA:
-	return NULL;
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	return &(cinfo->content.signedData->contentInfo);
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	return &(cinfo->content.envelopedData->contentInfo);
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	return &(cinfo->content.digestedData->contentInfo);
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	return &(cinfo->content.encryptedData->contentInfo);
-    default:
-	return NULL;
-    }
-}
-
-/*
- * NSS_CMSContentInfo_SetContent - set content type & content
- */
-SECStatus
-NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr)
-{
-    SECStatus rv;
-
-    cinfo->contentTypeTag = SECOID_FindOIDByTag(type);
-    if (cinfo->contentTypeTag == NULL)
-	return SECFailure;
-    
-    /* do not copy the oid, just create a reference */
-    rv = SECITEM_CopyItem (cmsg->poolp, &(cinfo->contentType), &(cinfo->contentTypeTag->oid));
-    if (rv != SECSuccess)
-	return SECFailure;
-
-    cinfo->content.pointer = ptr;
-
-    if (type != SEC_OID_PKCS7_DATA) {
-	/* as we always have some inner data,
-	 * we need to set it to something, just to fool the encoder enough to work on it
-	 * and get us into nss_cms_encoder_notify at that point */
-	cinfo->rawContent = SECITEM_AllocItem(cmsg->poolp, NULL, 1);
-	if (cinfo->rawContent == NULL) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return SECFailure;
-	}
-    }
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetContent
- */
-
-/*
- * data == NULL -> pass in data via NSS_CMSEncoder_Update
- * data != NULL -> take this data
- */
-SECStatus
-NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached)
-{
-    if (NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DATA, (void *)data) != SECSuccess)
-	return SECFailure;
-    cinfo->rawContent = (detached) ? 
-			    NULL : (data) ? 
-				data : SECITEM_AllocItem(cmsg->poolp, NULL, 1);
-    return SECSuccess;
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd)
-{
-    return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_SIGNED_DATA, (void *)sigd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd)
-{
-    return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENVELOPED_DATA, (void *)envd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd)
-{
-    return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DIGESTED_DATA, (void *)digd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd)
-{
-    return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENCRYPTED_DATA, (void *)encd);
-}
-
-/*
- * NSS_CMSContentInfo_GetContent - get pointer to inner content
- *
- * needs to be casted...
- */
-void *
-NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo)
-{
-    switch (cinfo->contentTypeTag->offset) {
-    case SEC_OID_PKCS7_DATA:
-    case SEC_OID_PKCS7_SIGNED_DATA:
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	return cinfo->content.pointer;
-    default:
-	return NULL;
-    }
-}
-
-/* 
- * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
- *
- * this is typically only called by NSS_CMSMessage_GetContent()
- */
-SECItem *
-NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo)
-{
-    NSSCMSContentInfo *ccinfo;
-
-    switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
-    case SEC_OID_PKCS7_DATA:
-	return cinfo->content.data;	/* end of recursion - every message has to have a data cinfo */
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	if ((ccinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) == NULL)
-	    break;
-	return NSS_CMSContentInfo_GetContent(ccinfo);
-    default:
-	PORT_Assert(0);
-	break;
-    }
-    return NULL;
-}
-
-/*
- * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
- * for future reference) and return the inner content type.
- */
-SECOidTag
-NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo)
-{
-    if (cinfo->contentTypeTag == NULL)
-	cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
-    if (cinfo->contentTypeTag == NULL)
-	return SEC_OID_UNKNOWN;
-
-    return cinfo->contentTypeTag->offset;
-}
-
-SECItem *
-NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo)
-{
-    if (cinfo->contentTypeTag == NULL)
-	cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
-    if (cinfo->contentTypeTag == NULL)
-	return NULL;
-
-    return &(cinfo->contentTypeTag->oid);
-}
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
- * for future reference) and return the content encryption algorithm tag.
- */
-SECOidTag
-NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo)
-{
-    if (cinfo->contentEncAlgTag == SEC_OID_UNKNOWN)
-	cinfo->contentEncAlgTag = SECOID_GetAlgorithmTag(&(cinfo->contentEncAlg));
-
-    return cinfo->contentEncAlgTag;
-}
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
- */
-SECAlgorithmID *
-NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo)
-{
-    return &(cinfo->contentEncAlg);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
-				    SECOidTag bulkalgtag, SECItem *parameters, int keysize)
-{
-    SECStatus rv;
-
-    rv = SECOID_SetAlgorithmID(poolp, &(cinfo->contentEncAlg), bulkalgtag, parameters);
-    if (rv != SECSuccess)
-	return SECFailure;
-    cinfo->keysize = keysize;
-    return SECSuccess;
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
-				    SECAlgorithmID *algid, int keysize)
-{
-    SECStatus rv;
-
-    rv = SECOID_CopyAlgorithmID(poolp, &(cinfo->contentEncAlg), algid);
-    if (rv != SECSuccess)
-	return SECFailure;
-    if (keysize >= 0)
-	cinfo->keysize = keysize;
-    return SECSuccess;
-}
-
-void
-NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey)
-{
-    cinfo->bulkkey = PK11_ReferenceSymKey(bulkkey);
-    cinfo->keysize = PK11_GetKeyStrength(cinfo->bulkkey, &(cinfo->contentEncAlg));
-}
-
-PK11SymKey *
-NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo)
-{
-    if (cinfo->bulkkey == NULL)
-	return NULL;
-
-    return PK11_ReferenceSymKey(cinfo->bulkkey);
-}
-
-int
-NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo)
-{
-    return cinfo->keysize;
-}
diff --git a/security/nss/lib/smime/cmscipher.c b/security/nss/lib/smime/cmscipher.c
deleted file mode 100644
index 27e5668aa..000000000
--- a/security/nss/lib/smime/cmscipher.c
+++ /dev/null
@@ -1,792 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Encryption/decryption routines for CMS implementation, none of which are exported.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-/*
- * -------------------------------------------------------------------
- * Cipher stuff.
- */
-
-typedef SECStatus (*nss_cms_cipher_function) (void *, unsigned char *, unsigned int *,
-					unsigned int, const unsigned char *, unsigned int);
-typedef SECStatus (*nss_cms_cipher_destroy) (void *, PRBool);
-
-#define BLOCK_SIZE 4096
-
-struct NSSCMSCipherContextStr {
-    void *		cx;			/* PK11 cipher context */
-    nss_cms_cipher_function doit;
-    nss_cms_cipher_destroy destroy;
-    PRBool		encrypt;		/* encrypt / decrypt switch */
-    int			block_size;		/* block & pad sizes for cipher */
-    int			pad_size;
-    int			pending_count;		/* pending data (not yet en/decrypted */
-    unsigned char	pending_buf[BLOCK_SIZE];/* because of blocking */
-};
-
-/*
- * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
- * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function below (for starting up encryption) into one routine, and just
- * have two simple cover functions which call it. 
- */
-NSSCMSCipherContext *
-NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid)
-{
-    NSSCMSCipherContext *cc;
-    void *ciphercx;
-    CK_MECHANISM_TYPE mechanism;
-    SECItem *param;
-    PK11SlotInfo *slot;
-    SECOidTag algtag;
-
-    algtag = SECOID_GetAlgorithmTag(algid);
-
-    /* set param and mechanism */
-    if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
-	CK_MECHANISM pbeMech, cryptoMech;
-	SECItem *pbeParams;
-	SEC_PKCS5KeyAndPassword *keyPwd;
-
-	PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
-	PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
-	/* HACK ALERT!
-	 * in this case, key is not actually a PK11SymKey *, but a SEC_PKCS5KeyAndPassword *
-	 */
-	keyPwd = (SEC_PKCS5KeyAndPassword *)key;
-	key = keyPwd->key;
-
-	/* find correct PK11 mechanism and parameters to initialize pbeMech */
-	pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
-	pbeParams = PK11_ParamFromAlgid(algid);
-	if (!pbeParams)
-	    return NULL;
-	pbeMech.pParameter = pbeParams->data;
-	pbeMech.ulParameterLen = pbeParams->len;
-
-	/* now map pbeMech to cryptoMech */
-	if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, keyPwd->pwitem,
-						  PR_FALSE) != CKR_OK) { 
-	    SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-	    return NULL;
-	}
-	SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
-	/* and use it to initialize param & mechanism */
-	if ((param = (SECItem *)PORT_ZAlloc(sizeof(SECItem))) == NULL)
-	     return NULL;
-
-	param->data = (unsigned char *)cryptoMech.pParameter;
-	param->len = cryptoMech.ulParameterLen;
-	mechanism = cryptoMech.mechanism;
-    } else {
-	mechanism = PK11_AlgtagToMechanism(algtag);
-	if ((param = PK11_ParamFromAlgid(algid)) == NULL)
-	    return NULL;
-    }
-
-    cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
-    if (cc == NULL) {
-	SECITEM_FreeItem(param,PR_TRUE);
-	return NULL;
-    }
-
-    /* figure out pad and block sizes */
-    cc->pad_size = PK11_GetBlockSize(mechanism, param);
-    slot = PK11_GetSlotFromKey(key);
-    cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
-    PK11_FreeSlot(slot);
-
-    /* create PK11 cipher context */
-    ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_DECRYPT, key, param);
-    SECITEM_FreeItem(param, PR_TRUE);
-    if (ciphercx == NULL) {
-	PORT_Free (cc);
-	return NULL;
-    }
-
-    cc->cx = ciphercx;
-    cc->doit =  (nss_cms_cipher_function) PK11_CipherOp;
-    cc->destroy = (nss_cms_cipher_destroy) PK11_DestroyContext;
-    cc->encrypt = PR_FALSE;
-    cc->pending_count = 0;
-
-    return cc;
-}
-
-/*
- * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
- * based on the given bulk encryption key and algorithm tag.  Fill in the algorithm
- * identifier (which may include an iv) appropriately.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function above (for starting up decryption) into one routine, and just
- * have two simple cover functions which call it. 
- */
-NSSCMSCipherContext *
-NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid)
-{
-    NSSCMSCipherContext *cc;
-    void *ciphercx;
-    SECItem *param;
-    SECStatus rv;
-    CK_MECHANISM_TYPE mechanism;
-    PK11SlotInfo *slot;
-    PRBool needToEncodeAlgid = PR_FALSE;
-    SECOidTag algtag = SECOID_GetAlgorithmTag(algid);
-
-    /* set param and mechanism */
-    if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
-	CK_MECHANISM pbeMech, cryptoMech;
-	SECItem *pbeParams;
-	SEC_PKCS5KeyAndPassword *keyPwd;
-
-	PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
-	PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
-	/* HACK ALERT!
-	 * in this case, key is not actually a PK11SymKey *, but a SEC_PKCS5KeyAndPassword *
-	 */
-	keyPwd = (SEC_PKCS5KeyAndPassword *)key;
-	key = keyPwd->key;
-
-	/* find correct PK11 mechanism and parameters to initialize pbeMech */
-	pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
-	pbeParams = PK11_ParamFromAlgid(algid);
-	if (!pbeParams)
-	    return NULL;
-	pbeMech.pParameter = pbeParams->data;
-	pbeMech.ulParameterLen = pbeParams->len;
-
-	/* now map pbeMech to cryptoMech */
-	if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, keyPwd->pwitem,
-						  PR_FALSE) != CKR_OK) { 
-	    SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-	    return NULL;
-	}
-	SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
-	/* and use it to initialize param & mechanism */
-	if ((param = (SECItem *)PORT_ZAlloc(sizeof(SECItem))) == NULL)
-	    return NULL;
-
-	param->data = (unsigned char *)cryptoMech.pParameter;
-	param->len = cryptoMech.ulParameterLen;
-	mechanism = cryptoMech.mechanism;
-    } else {
-	mechanism = PK11_AlgtagToMechanism(algtag);
-	if ((param = PK11_GenerateNewParam(mechanism, key)) == NULL)
-	    return NULL;
-	needToEncodeAlgid = PR_TRUE;
-    }
-
-    cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
-    if (cc == NULL)
-	return NULL;
-
-    /* now find pad and block sizes for our mechanism */
-    cc->pad_size = PK11_GetBlockSize(mechanism,param);
-    slot = PK11_GetSlotFromKey(key);
-    cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
-    PK11_FreeSlot(slot);
-
-    /* and here we go, creating a PK11 cipher context */
-    ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT, key, param);
-    if (ciphercx == NULL) {
-	PORT_Free(cc);
-	cc = NULL;
-	goto loser;
-    }
-
-    /*
-     * These are placed after the CreateContextBySymKey() because some
-     * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
-     * Don't move it from here.
-     * XXX is that right? the purpose of this is to get the correct algid
-     *     containing the IVs etc. for encoding. this means we need to set this up
-     *     BEFORE encoding the algid in the contentInfo, right?
-     */
-    if (needToEncodeAlgid) {
-	rv = PK11_ParamToAlgid(algtag, param, poolp, algid);
-	if(rv != SECSuccess) {
-	    PORT_Free(cc);
-	    cc = NULL;
-	    goto loser;
-	}
-    }
-
-    cc->cx = ciphercx;
-    cc->doit = (nss_cms_cipher_function)PK11_CipherOp;
-    cc->destroy = (nss_cms_cipher_destroy)PK11_DestroyContext;
-    cc->encrypt = PR_TRUE;
-    cc->pending_count = 0;
-
-loser:
-    SECITEM_FreeItem(param, PR_TRUE);
-
-    return cc;
-}
-
-void
-NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc)
-{
-    PORT_Assert(cc != NULL);
-    if (cc == NULL)
-	return;
-    (*cc->destroy)(cc->cx, PR_TRUE);
-    PORT_Free(cc);
-}
-
-/*
- * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.  Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- *
- * Note that this can return zero, which does not mean that the decrypt
- * operation can be skipped!  (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.)  However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent decrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
-{
-    int blocks, block_size;
-
-    PORT_Assert (! cc->encrypt);
-
-    block_size = cc->block_size;
-
-    /*
-     * If this is not a block cipher, then we always have the same
-     * number of output bytes as we had input bytes.
-     */
-    if (block_size == 0)
-	return input_len;
-
-    /*
-     * On the final call, we will always use up all of the pending
-     * bytes plus all of the input bytes, *but*, there will be padding
-     * at the end and we cannot predict how many bytes of padding we
-     * will end up removing.  The amount given here is actually known
-     * to be at least 1 byte too long (because we know we will have
-     * at least 1 byte of padding), but seemed clearer/better to me.
-     */
-    if (final)
-	return cc->pending_count + input_len;
-
-    /*
-     * Okay, this amount is exactly what we will output on the
-     * next cipher operation.  We will always hang onto the last
-     * 1 - block_size bytes for non-final operations.  That is,
-     * we will do as many complete blocks as we can *except* the
-     * last block (complete or partial).  (This is because until
-     * we know we are at the end, we cannot know when to interpret
-     * and removing the padding byte(s), which are guaranteed to
-     * be there.)
-     */
-    blocks = (cc->pending_count + input_len - 1) / block_size;
-    return blocks * block_size;
-}
-
-/*
- * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.
- *
- * Note that this can return zero, which does not mean that the encrypt
- * operation can be skipped!  (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.)  However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent encrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
-{
-    int blocks, block_size;
-    int pad_size;
-
-    PORT_Assert (cc->encrypt);
-
-    block_size = cc->block_size;
-    pad_size = cc->pad_size;
-
-    /*
-     * If this is not a block cipher, then we always have the same
-     * number of output bytes as we had input bytes.
-     */
-    if (block_size == 0)
-	return input_len;
-
-    /*
-     * On the final call, we only send out what we need for
-     * remaining bytes plus the padding.  (There is always padding,
-     * so even if we have an exact number of blocks as input, we
-     * will add another full block that is just padding.)
-     */
-    if (final) {
-	if (pad_size == 0) {
-    	    return cc->pending_count + input_len;
-	} else {
-    	    blocks = (cc->pending_count + input_len) / pad_size;
-	    blocks++;
-	    return blocks*pad_size;
-	}
-    }
-
-    /*
-     * Now, count the number of complete blocks of data we have.
-     */
-    blocks = (cc->pending_count + input_len) / block_size;
-
-
-    return blocks * block_size;
-}
-
-
-/*
- * NSS_CMSCipherContext_Decrypt - do the decryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Decrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
- * When "final" is true, this is the last of the data to be decrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the decryption function will only
- * operate on whole blocks.  But our caller is operating stream-wise,
- * and can pass in any number of bytes.  So we need to keep track
- * of block boundaries.  We save excess bytes between calls in "cc".
- * We also need to determine which bytes are padding, and remove
- * them from the output.  We can only do this step when we know we
- * have the final block of data.  PKCS #7 specifies that the padding
- * used for a block cipher is a string of bytes, each of whose value is
- * the same as the length of the padding, and that all data is padded.
- * (Even data that starts out with an exact multiple of blocks gets
- * added to it another block, all of which is padding.)
- */ 
-SECStatus
-NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
-		  unsigned int *output_len_p, unsigned int max_output_len,
-		  const unsigned char *input, unsigned int input_len,
-		  PRBool final)
-{
-    int blocks, bsize, pcount, padsize;
-    unsigned int max_needed, ifraglen, ofraglen, output_len;
-    unsigned char *pbuf;
-    SECStatus rv;
-
-    PORT_Assert (! cc->encrypt);
-
-    /*
-     * Check that we have enough room for the output.  Our caller should
-     * already handle this; failure is really an internal error (i.e. bug).
-     */
-    max_needed = NSS_CMSCipherContext_DecryptLength(cc, input_len, final);
-    PORT_Assert (max_output_len >= max_needed);
-    if (max_output_len < max_needed) {
-	/* PORT_SetError (XXX); */
-	return SECFailure;
-    }
-
-    /*
-     * hardware encryption does not like small decryption sizes here, so we
-     * allow both blocking and padding.
-     */
-    bsize = cc->block_size;
-    padsize = cc->pad_size;
-
-    /*
-     * When no blocking or padding work to do, we can simply call the
-     * cipher function and we are done.
-     */
-    if (bsize == 0) {
-	return (* cc->doit) (cc->cx, output, output_len_p, max_output_len,
-			      input, input_len);
-    }
-
-    pcount = cc->pending_count;
-    pbuf = cc->pending_buf;
-
-    output_len = 0;
-
-    if (pcount) {
-	/*
-	 * Try to fill in an entire block, starting with the bytes
-	 * we already have saved away.
-	 */
-	while (input_len && pcount < bsize) {
-	    pbuf[pcount++] = *input++;
-	    input_len--;
-	}
-	/*
-	 * If we have at most a whole block and this is not our last call,
-	 * then we are done for now.  (We do not try to decrypt a lone
-	 * single block because we cannot interpret the padding bytes
-	 * until we know we are handling the very last block of all input.)
-	 */
-	if (input_len == 0 && !final) {
-	    cc->pending_count = pcount;
-	    if (output_len_p)
-		*output_len_p = 0;
-	    return SECSuccess;
-	}
-	/*
-	 * Given the logic above, we expect to have a full block by now.
-	 * If we do not, there is something wrong, either with our own
-	 * logic or with (length of) the data given to us.
-	 */
-	PORT_Assert ((padsize == 0) || (pcount % padsize) == 0);
-	if ((padsize != 0) && (pcount % padsize) != 0) {
-	    PORT_Assert (final);	
-	    PORT_SetError (SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-	/*
-	 * Decrypt the block.
-	 */
-	rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
-			    pbuf, pcount);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/*
-	 * For now anyway, all of our ciphers have the same number of
-	 * bytes of output as they do input.  If this ever becomes untrue,
-	 * then NSS_CMSCipherContext_DecryptLength needs to be made smarter!
-	 */
-	PORT_Assert(ofraglen == pcount);
-
-	/*
-	 * Account for the bytes now in output.
-	 */
-	max_output_len -= ofraglen;
-	output_len += ofraglen;
-	output += ofraglen;
-    }
-
-    /*
-     * If this is our last call, we expect to have an exact number of
-     * blocks left to be decrypted; we will decrypt them all.
-     * 
-     * If not our last call, we always save between 1 and bsize bytes
-     * until next time.  (We must do this because we cannot be sure
-     * that none of the decrypted bytes are padding bytes until we
-     * have at least another whole block of data.  You cannot tell by
-     * looking -- the data could be anything -- you can only tell by
-     * context, knowing you are looking at the last block.)  We could
-     * decrypt a whole block now but it is easier if we just treat it
-     * the same way we treat partial block bytes.
-     */
-    if (final) {
-	if (padsize) {
-	    blocks = input_len / padsize;
-	    ifraglen = blocks * padsize;
-	} else ifraglen = input_len;
-	PORT_Assert (ifraglen == input_len);
-
-	if (ifraglen != input_len) {
-	    PORT_SetError(SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-    } else {
-	blocks = (input_len - 1) / bsize;
-	ifraglen = blocks * bsize;
-	PORT_Assert (ifraglen < input_len);
-
-	pcount = input_len - ifraglen;
-	PORT_Memcpy (pbuf, input + ifraglen, pcount);
-	cc->pending_count = pcount;
-    }
-
-    if (ifraglen) {
-	rv = (* cc->doit)(cc->cx, output, &ofraglen, max_output_len,
-			    input, ifraglen);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/*
-	 * For now anyway, all of our ciphers have the same number of
-	 * bytes of output as they do input.  If this ever becomes untrue,
-	 * then sec_PKCS7DecryptLength needs to be made smarter!
-	 */
-	PORT_Assert (ifraglen == ofraglen);
-	if (ifraglen != ofraglen) {
-	    PORT_SetError(SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-
-	output_len += ofraglen;
-    } else {
-	ofraglen = 0;
-    }
-
-    /*
-     * If we just did our very last block, "remove" the padding by
-     * adjusting the output length.
-     */
-    if (final && (padsize != 0)) {
-	unsigned int padlen = *(output + ofraglen - 1);
-	PORT_Assert (padlen > 0 && padlen <= padsize);
-	if (padlen == 0 || padlen > padsize) {
-	    PORT_SetError(SEC_ERROR_BAD_DATA);
-	    return SECFailure;
-	}
-	output_len -= padlen;
-    }
-
-    PORT_Assert (output_len_p != NULL || output_len == 0);
-    if (output_len_p != NULL)
-	*output_len_p = output_len;
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSCipherContext_Encrypt - do the encryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Encrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
- * When "final" is true, this is the last of the data to be encrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the encryption function will only
- * operate on whole blocks.  But our caller is operating stream-wise,
- * and can pass in any number of bytes.  So we need to keep track
- * of block boundaries.  We save excess bytes between calls in "cc".
- * We also need to add padding bytes at the end.  PKCS #7 specifies
- * that the padding used for a block cipher is a string of bytes,
- * each of whose value is the same as the length of the padding,
- * and that all data is padded.  (Even data that starts out with
- * an exact multiple of blocks gets added to it another block,
- * all of which is padding.)
- *
- * XXX I would kind of like to combine this with the function above
- * which does decryption, since they have a lot in common.  But the
- * tricky parts about padding and filling blocks would be much
- * harder to read that way, so I left them separate.  At least for
- * now until it is clear that they are right.
- */ 
-SECStatus
-NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
-		  unsigned int *output_len_p, unsigned int max_output_len,
-		  const unsigned char *input, unsigned int input_len,
-		  PRBool final)
-{
-    int blocks, bsize, padlen, pcount, padsize;
-    unsigned int max_needed, ifraglen, ofraglen, output_len;
-    unsigned char *pbuf;
-    SECStatus rv;
-
-    PORT_Assert (cc->encrypt);
-
-    /*
-     * Check that we have enough room for the output.  Our caller should
-     * already handle this; failure is really an internal error (i.e. bug).
-     */
-    max_needed = NSS_CMSCipherContext_EncryptLength (cc, input_len, final);
-    PORT_Assert (max_output_len >= max_needed);
-    if (max_output_len < max_needed) {
-	/* PORT_SetError (XXX); */
-	return SECFailure;
-    }
-
-    bsize = cc->block_size;
-    padsize = cc->pad_size;
-
-    /*
-     * When no blocking and padding work to do, we can simply call the
-     * cipher function and we are done.
-     */
-    if (bsize == 0) {
-	return (*cc->doit)(cc->cx, output, output_len_p, max_output_len,
-			      input, input_len);
-    }
-
-    pcount = cc->pending_count;
-    pbuf = cc->pending_buf;
-
-    output_len = 0;
-
-    if (pcount) {
-	/*
-	 * Try to fill in an entire block, starting with the bytes
-	 * we already have saved away.
-	 */
-	while (input_len && pcount < bsize) {
-	    pbuf[pcount++] = *input++;
-	    input_len--;
-	}
-	/*
-	 * If we do not have a full block and we know we will be
-	 * called again, then we are done for now.
-	 */
-	if (pcount < bsize && !final) {
-	    cc->pending_count = pcount;
-	    if (output_len_p != NULL)
-		*output_len_p = 0;
-	    return SECSuccess;
-	}
-	/*
-	 * If we have a whole block available, encrypt it.
-	 */
-	if ((padsize == 0) || (pcount % padsize) == 0) {
-	    rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
-				pbuf, pcount);
-	    if (rv != SECSuccess)
-		return rv;
-
-	    /*
-	     * For now anyway, all of our ciphers have the same number of
-	     * bytes of output as they do input.  If this ever becomes untrue,
-	     * then sec_PKCS7EncryptLength needs to be made smarter!
-	     */
-	    PORT_Assert (ofraglen == pcount);
-
-	    /*
-	     * Account for the bytes now in output.
-	     */
-	    max_output_len -= ofraglen;
-	    output_len += ofraglen;
-	    output += ofraglen;
-
-	    pcount = 0;
-	}
-    }
-
-    if (input_len) {
-	PORT_Assert (pcount == 0);
-
-	blocks = input_len / bsize;
-	ifraglen = blocks * bsize;
-
-	if (ifraglen) {
-	    rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
-				input, ifraglen);
-	    if (rv != SECSuccess)
-		return rv;
-
-	    /*
-	     * For now anyway, all of our ciphers have the same number of
-	     * bytes of output as they do input.  If this ever becomes untrue,
-	     * then sec_PKCS7EncryptLength needs to be made smarter!
-	     */
-	    PORT_Assert (ifraglen == ofraglen);
-
-	    max_output_len -= ofraglen;
-	    output_len += ofraglen;
-	    output += ofraglen;
-	}
-
-	pcount = input_len - ifraglen;
-	PORT_Assert (pcount < bsize);
-	if (pcount)
-	    PORT_Memcpy (pbuf, input + ifraglen, pcount);
-    }
-
-    if (final) {
-	padlen = padsize - (pcount % padsize);
-	PORT_Memset (pbuf + pcount, padlen, padlen);
-	rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
-			    pbuf, pcount+padlen);
-	if (rv != SECSuccess)
-	    return rv;
-
-	/*
-	 * For now anyway, all of our ciphers have the same number of
-	 * bytes of output as they do input.  If this ever becomes untrue,
-	 * then sec_PKCS7EncryptLength needs to be made smarter!
-	 */
-	PORT_Assert (ofraglen == (pcount+padlen));
-	output_len += ofraglen;
-    } else {
-	cc->pending_count = pcount;
-    }
-
-    PORT_Assert (output_len_p != NULL || output_len == 0);
-    if (output_len_p != NULL)
-	*output_len_p = output_len;
-
-    return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c
deleted file mode 100644
index 906fbaa25..000000000
--- a/security/nss/lib/smime/cmsdecode.c
+++ /dev/null
@@ -1,692 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS decoding.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "secerr.h"
-
-struct NSSCMSDecoderContextStr {
-    SEC_ASN1DecoderContext *		dcx;		/* ASN.1 decoder context */
-    NSSCMSMessage *			cmsg;		/* backpointer to the root message */
-    SECOidTag				type;		/* type of message */
-    NSSCMSContent			content;	/* pointer to message */
-    NSSCMSDecoderContext *		childp7dcx;	/* inner CMS decoder context */
-    PRBool				saw_contents;
-    int					error;
-    NSSCMSContentCallback		cb;
-    void *				cb_arg;
-};
-
-static void nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len,
-                          int depth, SEC_ASN1EncodingPart data_kind);
-static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx);
-static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx);
-static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx);
-static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, 
-			     const unsigned char *data, unsigned long len, PRBool final);
-
-extern const SEC_ASN1Template NSSCMSMessageTemplate[];
-
-/* 
- * nss_cms_decoder_notify -
- *  this is the driver of the decoding process. It gets called by the ASN.1
- *  decoder before and after an object is decoded.
- *  at various points in the decoding process, we intercept to set up and do
- *  further processing.
- */
-static void
-nss_cms_decoder_notify(void *arg, PRBool before, void *dest, int depth)
-{
-    NSSCMSDecoderContext *p7dcx;
-    NSSCMSContentInfo *rootcinfo, *cinfo;
-    PRBool after = !before;
-
-    p7dcx = (NSSCMSDecoderContext *)arg;
-    rootcinfo = &(p7dcx->cmsg->contentInfo);
-
-    /* XXX error handling: need to set p7dcx->error */
-
-#ifdef CMSDEBUG 
-    fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth);
-#endif
-
-    /* so what are we working on right now? */
-    switch (p7dcx->type) {
-    case SEC_OID_UNKNOWN:
-	/*
-	 * right now, we are still decoding the OUTER (root) cinfo
-	 * As soon as we know the inner content type, set up the info,
-	 * but NO inner decoder or filter. The root decoder handles the first
-	 * level children by itself - only for encapsulated contents (which
-	 * are encoded as DER inside of an OCTET STRING) we need to set up a
-	 * child decoder...
-	 */
-	if (after && dest == &(rootcinfo->contentType)) {
-	    p7dcx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
-	    p7dcx->content = rootcinfo->content;	/* is this ready already ? need to alloc? */
-	    /* XXX yes we need to alloc -- continue here */
-	}
-	break;
-    case SEC_OID_PKCS7_DATA:
-	/* this can only happen if the outermost cinfo has DATA in it */
-	/* otherwise, we handle this type implicitely in the inner decoders */
-
-	if (before && dest == &(rootcinfo->content)) {
-	    /* fake it to cause the filter to put the data in the right place... */
-	    /* we want the ASN.1 decoder to deliver the decoded bytes to us from now on */
-	    SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
-					  nss_cms_decoder_update_filter,
-					  p7dcx,
-					  (PRBool)(p7dcx->cb != NULL));
-	    break;
-	}
-
-	if (after && dest == &(rootcinfo->content.data)) {
-	    /* remove the filter */
-	    SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
-	}
-	break;
-
-    case SEC_OID_PKCS7_SIGNED_DATA:
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-
-	if (before && dest == &(rootcinfo->content))
-	    break;					/* we're not there yet */
-
-	if (p7dcx->content.pointer == NULL)
-	    p7dcx->content = rootcinfo->content;
-
-	/* get this data type's inner contentInfo */
-	cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-
-	if (before && dest == &(cinfo->contentType)) {
-	    /* at this point, set up the &%$&$ back pointer */
-	    /* we cannot do it later, because the content itself is optional! */
-	    /* please give me C++ */
-	    switch (p7dcx->type) {
-	    case SEC_OID_PKCS7_SIGNED_DATA:
-		p7dcx->content.signedData->cmsg = p7dcx->cmsg;
-		break;
-	    case SEC_OID_PKCS7_DIGESTED_DATA:
-		p7dcx->content.digestedData->cmsg = p7dcx->cmsg;
-		break;
-	    case SEC_OID_PKCS7_ENVELOPED_DATA:
-		p7dcx->content.envelopedData->cmsg = p7dcx->cmsg;
-		break;
-	    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-		p7dcx->content.encryptedData->cmsg = p7dcx->cmsg;
-		break;
-	    default:
-		PORT_Assert(0);
-		break;
-	    }
-	}
-
-	if (before && dest == &(cinfo->rawContent)) {
-	    /* we want the ASN.1 decoder to deliver the decoded bytes to us from now on */
-	    SEC_ASN1DecoderSetFilterProc(p7dcx->dcx, nss_cms_decoder_update_filter,
-					  p7dcx, (PRBool)(p7dcx->cb != NULL));
-
-
-	    /* we're right in front of the data */
-	    if (nss_cms_before_data(p7dcx) != SECSuccess) {
-		SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);	/* stop all processing */
-		p7dcx->error = PORT_GetError();
-	    }
-	}
-	if (after && dest == &(cinfo->rawContent)) {
-	    /* we're right after of the data */
-	    if (nss_cms_after_data(p7dcx) != SECSuccess)
-		p7dcx->error = PORT_GetError();
-
-	    /* we don't need to see the contents anymore */
-	    SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
-	}
-	break;
-
-#if 0 /* NIH */
-    case SEC_OID_PKCS7_AUTHENTICATED_DATA:
-#endif
-    default:
-	/* unsupported or unknown message type - fail (more or less) gracefully */
-	p7dcx->error = SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE;
-	break;
-    }
-}
-
-/*
- * nss_cms_before_data - set up the current encoder to receive data
- */
-static SECStatus
-nss_cms_before_data(NSSCMSDecoderContext *p7dcx)
-{
-    SECStatus rv;
-    SECOidTag childtype;
-    PLArenaPool *poolp;
-    NSSCMSDecoderContext *childp7dcx;
-    NSSCMSContentInfo *cinfo;
-    const SEC_ASN1Template *template;
-    void *mark = NULL;
-    size_t size;
-    
-    poolp = p7dcx->cmsg->poolp;
-
-    /* call _Decode_BeforeData handlers */
-    switch (p7dcx->type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	/* we're decoding a signedData, so set up the digests */
-	rv = NSS_CMSSignedData_Decode_BeforeData(p7dcx->content.signedData);
-	if (rv != SECSuccess)
-	    return SECFailure;
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	/* we're encoding a digestedData, so set up the digest */
-	rv = NSS_CMSDigestedData_Decode_BeforeData(p7dcx->content.digestedData);
-	if (rv != SECSuccess)
-	    return SECFailure;
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	rv = NSS_CMSEnvelopedData_Decode_BeforeData(p7dcx->content.envelopedData);
-	if (rv != SECSuccess)
-	    return SECFailure;
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	rv = NSS_CMSEncryptedData_Decode_BeforeData(p7dcx->content.encryptedData);
-	if (rv != SECSuccess)
-	    return SECFailure;
-	break;
-    default:
-	return SECFailure;
-    }
-
-    /* ok, now we have a pointer to cinfo */
-    /* find out what kind of data is encapsulated */
-    
-    cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-    childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
-    if (childtype == SEC_OID_PKCS7_DATA) {
-	cinfo->content.data = SECITEM_AllocItem(poolp, NULL, 0);
-	if (cinfo->content.data == NULL)
-	    /* set memory error */
-	    return SECFailure;
-
-	p7dcx->childp7dcx = NULL;
-	return SECSuccess;
-    }
-
-    /* set up inner decoder */
-
-    if ((template = NSS_CMSUtil_GetTemplateByTypeTag(childtype)) == NULL)
-	return SECFailure;
-
-    childp7dcx = (NSSCMSDecoderContext *)PORT_ZAlloc(sizeof(NSSCMSDecoderContext));
-    if (childp7dcx == NULL)
-	return SECFailure;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* allocate space for the stuff we're creating */
-    size = NSS_CMSUtil_GetSizeByTypeTag(childtype);
-    childp7dcx->content.pointer = (void *)PORT_ArenaZAlloc(poolp, size);
-    if (childp7dcx->content.pointer == NULL)
-	goto loser;
-
-    /* start the child decoder */
-    childp7dcx->dcx = SEC_ASN1DecoderStart(poolp, childp7dcx->content.pointer, template);
-    if (childp7dcx->dcx == NULL)
-	goto loser;
-
-    /* the new decoder needs to notify, too */
-    SEC_ASN1DecoderSetNotifyProc(childp7dcx->dcx, nss_cms_decoder_notify, childp7dcx);
-
-    /* tell the parent decoder that it needs to feed us the content data */
-    p7dcx->childp7dcx = childp7dcx;
-
-    childp7dcx->type = childtype;	/* our type */
-
-    childp7dcx->cmsg = p7dcx->cmsg;	/* backpointer to root message */
-
-    /* should the child decoder encounter real data, it needs to give it to the caller */
-    childp7dcx->cb = p7dcx->cb;
-    childp7dcx->cb_arg = p7dcx->cb_arg;
-
-    /* now set up the parent to hand decoded data to the next level decoder */
-    p7dcx->cb = (NSSCMSContentCallback)NSS_CMSDecoder_Update;
-    p7dcx->cb_arg = childp7dcx;
-
-    PORT_ArenaUnmark(poolp, mark);
-
-    return SECSuccess;
-
-loser:
-    if (mark)
-	PORT_ArenaRelease(poolp, mark);
-    if (childp7dcx)
-	PORT_Free(childp7dcx);
-    p7dcx->childp7dcx = NULL;
-    return SECFailure;
-}
-
-static SECStatus
-nss_cms_after_data(NSSCMSDecoderContext *p7dcx)
-{
-    PLArenaPool *poolp;
-    NSSCMSDecoderContext *childp7dcx;
-    SECStatus rv = SECFailure;
-
-    poolp = p7dcx->cmsg->poolp;
-
-    /* Handle last block. This is necessary to flush out the last bytes
-     * of a possibly incomplete block */
-    nss_cms_decoder_work_data(p7dcx, NULL, 0, PR_TRUE);
-
-    /* finish any "inner" decoders - there's no more data coming... */
-    if (p7dcx->childp7dcx != NULL) {
-	childp7dcx = p7dcx->childp7dcx;
-	if (childp7dcx->dcx != NULL) {
-	    if (SEC_ASN1DecoderFinish(childp7dcx->dcx) != SECSuccess) {
-		/* do what? free content? */
-		rv = SECFailure;
-	    } else {
-		rv = nss_cms_after_end(childp7dcx);
-	    }
-	    if (rv != SECSuccess)
-		goto done;
-	}
-	PORT_Free(p7dcx->childp7dcx);
-	p7dcx->childp7dcx = NULL;
-    }
-
-    switch (p7dcx->type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	/* this will finish the digests and verify */
-	rv = NSS_CMSSignedData_Decode_AfterData(p7dcx->content.signedData);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	rv = NSS_CMSEnvelopedData_Decode_AfterData(p7dcx->content.envelopedData);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	rv = NSS_CMSDigestedData_Decode_AfterData(p7dcx->content.digestedData);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	rv = NSS_CMSEncryptedData_Decode_AfterData(p7dcx->content.encryptedData);
-	break;
-    case SEC_OID_PKCS7_DATA:
-	/* do nothing */
-	break;
-    default:
-	rv = SECFailure;
-	break;
-    }
-done:
-    return rv;
-}
-
-static SECStatus
-nss_cms_after_end(NSSCMSDecoderContext *p7dcx)
-{
-    SECStatus rv;
-    PLArenaPool *poolp;
-
-    poolp = p7dcx->cmsg->poolp;
-
-    switch (p7dcx->type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	rv = NSS_CMSSignedData_Decode_AfterEnd(p7dcx->content.signedData);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	rv = NSS_CMSEnvelopedData_Decode_AfterEnd(p7dcx->content.envelopedData);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	rv = NSS_CMSDigestedData_Decode_AfterEnd(p7dcx->content.digestedData);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	rv = NSS_CMSEncryptedData_Decode_AfterEnd(p7dcx->content.encryptedData);
-	break;
-    case SEC_OID_PKCS7_DATA:
-	rv = SECSuccess;
-	break;
-    default:
-	rv = SECFailure;	/* we should not have got that far... */
-	break;
-    }
-    return rv;
-}
-
-/*
- * nss_cms_decoder_work_data - handle decoded data bytes.
- *
- * This function either decrypts the data if needed, and/or calculates digests
- * on it, then either stores it or passes it on to the next level decoder.
- */
-static void
-nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx, 
-			     const unsigned char *data, unsigned long len,
-			     PRBool final)
-{
-    NSSCMSContentInfo *cinfo;
-    unsigned char *buf = NULL;
-    unsigned char *dest;
-    unsigned int offset;
-    SECStatus rv;
-    SECItem *storage;
-
-    /*
-     * We should really have data to process, or we should be trying
-     * to finish/flush the last block.  (This is an overly paranoid
-     * check since all callers are in this file and simple inspection
-     * proves they do it right.  But it could find a bug in future
-     * modifications/development, that is why it is here.)
-     */
-    PORT_Assert ((data != NULL && len) || final);
-
-    cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-
-    if (cinfo->ciphcx != NULL) {
-	/*
-	 * we are decrypting.
-	 * 
-	 * XXX If we get an error, we do not want to do the digest or callback,
-	 * but we want to keep decoding.  Or maybe we want to stop decoding
-	 * altogether if there is a callback, because obviously we are not
-	 * sending the data back and they want to know that.
-	 */
-
-	unsigned int outlen = 0;	/* length of decrypted data */
-	unsigned int buflen;		/* length available for decrypted data */
-
-	/* find out about the length of decrypted data */
-	buflen = NSS_CMSCipherContext_DecryptLength(cinfo->ciphcx, len, final);
-
-	/*
-	 * it might happen that we did not provide enough data for a full
-	 * block (decryption unit), and that there is no output available
-	 */
-
-	/* no output available, AND no input? */
-	if (buflen == 0 && len == 0)
-	    goto loser;	/* bail out */
-
-	/*
-	 * have inner decoder: pass the data on (means inner content type is NOT data)
-	 * no inner decoder: we have DATA in here: either call callback or store
-	 */
-	if (buflen != 0) {
-	    /* there will be some output - need to make room for it */
-	    /* allocate buffer from the heap */
-	    buf = (unsigned char *)PORT_Alloc(buflen);
-	    if (buf == NULL) {
-		p7dcx->error = SEC_ERROR_NO_MEMORY;
-		goto loser;
-	    }
-	}
-
-	/*
-	 * decrypt incoming data
-	 * buf can still be NULL here (and buflen == 0) here if we don't expect
-	 * any output (see above), but we still need to call NSS_CMSCipherContext_Decrypt to
-	 * keep track of incoming data
-	 */
-	rv = NSS_CMSCipherContext_Decrypt(cinfo->ciphcx, buf, &outlen, buflen,
-			       data, len, final);
-	if (rv != SECSuccess) {
-	    p7dcx->error = PORT_GetError();
-	    goto loser;
-	}
-
-	PORT_Assert (final || outlen == buflen);
-	
-	/* swap decrypted data in */
-	data = buf;
-	len = outlen;
-    }
-
-    if (len == 0)
-	goto done;		/* nothing more to do */
-
-    /*
-     * Update the running digests with plaintext bytes (if we need to).
-     */
-    if (cinfo->digcx)
-	NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
-
-    /* at this point, we have the plain decoded & decrypted data */
-    /* which is either more encoded DER which we need to hand to the child decoder */
-    /*              or data we need to hand back to our caller */
-
-    /* pass the content back to our caller or */
-    /* feed our freshly decrypted and decoded data into child decoder */
-    if (p7dcx->cb != NULL) {
-	(*p7dcx->cb)(p7dcx->cb_arg, (const char *)data, len);
-    }
-#if 1
-    else
-#endif
-    if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) == SEC_OID_PKCS7_DATA) {
-	/* store it in "inner" data item as well */
-	/* find the DATA item in the encapsulated cinfo and store it there */
-	storage = cinfo->content.data;
-
-	offset = storage->len;
-	if (storage->len == 0) {
-	    dest = (unsigned char *)PORT_ArenaAlloc(p7dcx->cmsg->poolp, len);
-	} else {
-	    dest = (unsigned char *)PORT_ArenaGrow(p7dcx->cmsg->poolp, 
-				  storage->data,
-				  storage->len,
-				  storage->len + len);
-	}
-	if (dest == NULL) {
-	    p7dcx->error = SEC_ERROR_NO_MEMORY;
-	    goto loser;
-	}
-
-	storage->data = dest;
-	storage->len += len;
-
-	/* copy it in */
-	PORT_Memcpy(storage->data + offset, data, len);
-    }
-
-done:
-loser:
-    if (buf)
-	PORT_Free (buf);
-}
-
-/*
- * nss_cms_decoder_update_filter - process ASN.1 data
- *
- * once we have set up a filter in nss_cms_decoder_notify(),
- * all data processed by the ASN.1 decoder is also passed through here.
- * we pass the content bytes (as opposed to length and tag bytes) on to
- * nss_cms_decoder_work_data().
- */
-static void
-nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len,
-			  int depth, SEC_ASN1EncodingPart data_kind)
-{
-    NSSCMSDecoderContext *p7dcx;
-
-    PORT_Assert (len);	/* paranoia */
-    if (len == 0)
-	return;
-
-    p7dcx = (NSSCMSDecoderContext*)arg;
-
-    p7dcx->saw_contents = PR_TRUE;
-
-    /* pass on the content bytes only */
-    if (data_kind == SEC_ASN1_Contents)
-	nss_cms_decoder_work_data(p7dcx, (const unsigned char *) data, len, PR_FALSE);
-}
-
-/*
- * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
- *
- * "poolp" - pointer to arena for message, or NULL if new pool should be created
- * "cb", "cb_arg" - callback function and argument for delivery of inner content
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- */
-NSSCMSDecoderContext *
-NSS_CMSDecoder_Start(PRArenaPool *poolp,
-		      NSSCMSContentCallback cb, void *cb_arg,
-		      PK11PasswordFunc pwfn, void *pwfn_arg,
-		      NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg)
-{
-    NSSCMSDecoderContext *p7dcx;
-    NSSCMSMessage *cmsg;
-
-    cmsg = NSS_CMSMessage_Create(poolp);
-    if (cmsg == NULL)
-	return NULL;
-
-    NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
-					NULL, NULL);
-
-    p7dcx = (NSSCMSDecoderContext*)PORT_ZAlloc(sizeof(NSSCMSDecoderContext));
-    if (p7dcx == NULL) {
-	NSS_CMSMessage_Destroy(cmsg);
-	return NULL;
-    }
-
-    p7dcx->dcx = SEC_ASN1DecoderStart(cmsg->poolp, cmsg, NSSCMSMessageTemplate);
-    if (p7dcx->dcx == NULL) {
-	PORT_Free (p7dcx);
-	NSS_CMSMessage_Destroy(cmsg);
-	return NULL;
-    }
-
-    SEC_ASN1DecoderSetNotifyProc (p7dcx->dcx, nss_cms_decoder_notify, p7dcx);
-
-    p7dcx->cmsg = cmsg;
-    p7dcx->type = SEC_OID_UNKNOWN;
-
-    p7dcx->cb = cb;
-    p7dcx->cb_arg = cb_arg;
-
-    return p7dcx;
-}
-
-/*
- * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
- */
-SECStatus
-NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len)
-{
-    if (p7dcx->dcx != NULL && p7dcx->error == 0) {	/* if error is set already, don't bother */
-	if (SEC_ASN1DecoderUpdate (p7dcx->dcx, buf, len) != SECSuccess) {
-	    p7dcx->error = PORT_GetError();
-	    PORT_Assert (p7dcx->error);
-	    if (p7dcx->error == 0)
-		p7dcx->error = -1;
-	}
-    }
-
-    if (p7dcx->error == 0)
-	return SECSuccess;
-
-    /* there has been a problem, let's finish the decoder */
-    if (p7dcx->dcx != NULL) {
-	(void) SEC_ASN1DecoderFinish (p7dcx->dcx);
-	p7dcx->dcx = NULL;
-    }
-    PORT_SetError (p7dcx->error);
-
-    return SECFailure;
-}
-
-/*
- * NSS_CMSDecoder_Cancel - stop decoding in case of error
- */
-void
-NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx)
-{
-    /* XXXX what about inner decoders? running digests? decryption? */
-    /* XXXX there's a leak here! */
-    NSS_CMSMessage_Destroy(p7dcx->cmsg);
-    (void)SEC_ASN1DecoderFinish(p7dcx->dcx);
-    PORT_Free(p7dcx);
-}
-
-/*
- * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
- */
-NSSCMSMessage *
-NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx)
-{
-    NSSCMSMessage *cmsg;
-
-    cmsg = p7dcx->cmsg;
-
-    if (p7dcx->dcx == NULL || SEC_ASN1DecoderFinish(p7dcx->dcx) != SECSuccess ||
-	nss_cms_after_end(p7dcx) != SECSuccess)
-    {
-	NSS_CMSMessage_Destroy(cmsg);	/* needs to get rid of pool if it's ours */
-	cmsg = NULL;
-    }
-
-    PORT_Free(p7dcx);
-    return cmsg;
-}
-
-NSSCMSMessage *
-NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
-		    NSSCMSContentCallback cb, void *cb_arg,
-		    PK11PasswordFunc pwfn, void *pwfn_arg,
-		    NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg)
-{
-    NSSCMSDecoderContext *p7dcx;
-
-    /* first arg(poolp) == NULL => create our own pool */
-    p7dcx = NSS_CMSDecoder_Start(NULL, cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg);
-    (void) NSS_CMSDecoder_Update(p7dcx, (char *)DERmessage->data, DERmessage->len);
-    return NSS_CMSDecoder_Finish(p7dcx);
-}
-
diff --git a/security/nss/lib/smime/cmsdigdata.c b/security/nss/lib/smime/cmsdigdata.c
deleted file mode 100644
index 9d57a5266..000000000
--- a/security/nss/lib/smime/cmsdigdata.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS digestedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secitem.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
- *
- * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
- * digestAlg is passed as parameter
- * contentInfo must be filled by the user
- * digest will be calculated while encoding
- */
-NSSCMSDigestedData *
-NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg)
-{
-    void *mark;
-    NSSCMSDigestedData *digd;
-    PLArenaPool *poolp;
-
-    poolp = cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    digd = (NSSCMSDigestedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSDigestedData));
-    if (digd == NULL)
-	goto loser;
-
-    digd->cmsg = cmsg;
-
-    if (SECOID_CopyAlgorithmID (poolp, &(digd->digestAlg), digestalg) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return digd;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-/*
- * NSS_CMSDigestedData_Destroy - destroy a digestedData object
- */
-void
-NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd)
-{
-    /* everything's in a pool, so don't worry about the storage */
-    NSS_CMSContentInfo_Destroy(&(digd->contentInfo));
-    return;
-}
-
-/*
- * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd)
-{
-    return &(digd->contentInfo);
-}
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
- *     before encoding begins.
- *
- * In particular:
- *  - set the right version number. The contentInfo's content type must be set up already.
- */
-SECStatus
-NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd)
-{
-    unsigned long version;
-    SECItem *dummy;
-
-    version = NSS_CMS_DIGESTED_DATA_VERSION_DATA;
-    if (NSS_CMSContentInfo_GetContentTypeTag(&(digd->contentInfo)) != SEC_OID_PKCS7_DATA)
-	version = NSS_CMS_DIGESTED_DATA_VERSION_ENCAP;
-
-    dummy = SEC_ASN1EncodeInteger(digd->cmsg->poolp, &(digd->version), version);
-    return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
- *     before the encapsulated data is passed through the encoder.
- *
- * In detail:
- *  - set up the digests if necessary
- */
-SECStatus
-NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd)
-{
-    /* set up the digests */
-    if (digd->digestAlg.algorithm.len != 0 && digd->digest.len == 0) {
-	/* if digest is already there, do nothing */
-	digd->contentInfo.digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
-	if (digd->contentInfo.digcx == NULL)
-	    return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
- *     after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- *  - finish the digests
- */
-SECStatus
-NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd)
-{
-    /* did we have digest calculation going on? */
-    if (digd->contentInfo.digcx) {
-	if (NSS_CMSDigestContext_FinishSingle(digd->contentInfo.digcx,
-				    digd->cmsg->poolp, &(digd->digest)) != SECSuccess)
-	    return SECFailure;		/* error has been set by NSS_CMSDigestContext_FinishSingle */
-	digd->contentInfo.digcx = NULL;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
- *     before the encapsulated data is passed through the encoder.
- *
- * In detail:
- *  - set up the digests if necessary
- */
-SECStatus
-NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd)
-{
-    /* is there a digest algorithm yet? */
-    if (digd->digestAlg.algorithm.len == 0)
-	return SECFailure;
-
-    digd->contentInfo.digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
-    if (digd->contentInfo.digcx == NULL)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
- *     after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- *  - finish the digests
- */
-SECStatus
-NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd)
-{
-    /* did we have digest calculation going on? */
-    if (digd->contentInfo.digcx) {
-	if (NSS_CMSDigestContext_FinishSingle(digd->contentInfo.digcx,
-				    digd->cmsg->poolp, &(digd->cdigest)) != SECSuccess)
-	    return SECFailure;		/* error has been set by NSS_CMSDigestContext_FinishSingle */
-	digd->contentInfo.digcx = NULL;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
- *
- * In detail:
- *  - check the digests for equality
- */
-SECStatus
-NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd)
-{
-    /* did we have digest calculation going on? */
-    if (digd->cdigest.len != 0) {
-	/* XXX comparision btw digest & cdigest */
-	/* XXX set status */
-	/* TODO!!!! */
-    }
-
-    return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsdigest.c b/security/nss/lib/smime/cmsdigest.c
deleted file mode 100644
index 6c7bd918b..000000000
--- a/security/nss/lib/smime/cmsdigest.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS digesting.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-struct NSSCMSDigestContextStr {
-    PRBool		saw_contents;
-    int			digcnt;
-    void **		digcxs;
-const SECHashObject **	digobjs;
-};
-
-/*
- * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
- *  digest algorithms in "digestalgs" in parallel.
- */
-NSSCMSDigestContext *
-NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs)
-{
-    NSSCMSDigestContext *cmsdigcx;
-    const SECHashObject *digobj;
-    void *digcx;
-    int digcnt;
-    int i;
-
-    digcnt = (digestalgs == NULL) ? 0 : NSS_CMSArray_Count((void **)digestalgs);
-
-    cmsdigcx = (NSSCMSDigestContext *)PORT_Alloc(sizeof(NSSCMSDigestContext));
-    if (cmsdigcx == NULL)
-	return NULL;
-
-    if (digcnt > 0) {
-	cmsdigcx->digcxs = (void **)PORT_Alloc(digcnt * sizeof (void *));
-	cmsdigcx->digobjs = (const SECHashObject **)PORT_Alloc(digcnt * sizeof(SECHashObject *));
-	if (cmsdigcx->digcxs == NULL || cmsdigcx->digobjs == NULL)
-	    goto loser;
-    }
-
-    cmsdigcx->digcnt = 0;
-
-    /*
-     * Create a digest object context for each algorithm.
-     */
-    for (i = 0; i < digcnt; i++) {
-	digobj = NSS_CMSUtil_GetHashObjByAlgID(digestalgs[i]);
-	/*
-	 * Skip any algorithm we do not even recognize; obviously,
-	 * this could be a problem, but if it is critical then the
-	 * result will just be that the signature does not verify.
-	 * We do not necessarily want to error out here, because
-	 * the particular algorithm may not actually be important,
-	 * but we cannot know that until later.
-	 */
-	if (digobj == NULL)
-	    continue;
-
-	digcx = (*digobj->create)();
-	if (digcx != NULL) {
-	    (*digobj->begin) (digcx);
-	    cmsdigcx->digobjs[cmsdigcx->digcnt] = digobj;
-	    cmsdigcx->digcxs[cmsdigcx->digcnt] = digcx;
-	    cmsdigcx->digcnt++;
-	}
-    }
-
-    cmsdigcx->saw_contents = PR_FALSE;
-
-    return cmsdigcx;
-
-loser:
-    if (cmsdigcx) {
-	if (cmsdigcx->digobjs)
-	    PORT_Free(cmsdigcx->digobjs);
-	if (cmsdigcx->digcxs)
-	    PORT_Free(cmsdigcx->digcxs);
-    }
-    return NULL;
-}
-
-/*
- * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
- *  only one algorithm.
- */
-NSSCMSDigestContext *
-NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg)
-{
-    SECAlgorithmID *digestalgs[] = { NULL, NULL };		/* fake array */
-
-    digestalgs[0] = digestalg;
-    return NSS_CMSDigestContext_StartMultiple(digestalgs);
-}
-
-/*
- * NSS_CMSDigestContext_Update - feed more data into the digest machine
- */
-void
-NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len)
-{
-    int i;
-
-    cmsdigcx->saw_contents = PR_TRUE;
-
-    for (i = 0; i < cmsdigcx->digcnt; i++)
-	(*cmsdigcx->digobjs[i]->update)(cmsdigcx->digcxs[i], data, len);
-}
-
-/*
- * NSS_CMSDigestContext_Cancel - cancel digesting operation
- */
-void
-NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx)
-{
-    int i;
-
-    for (i = 0; i < cmsdigcx->digcnt; i++)
-	(*cmsdigcx->digobjs[i]->destroy)(cmsdigcx->digcxs[i], PR_TRUE);
-}
-
-/*
- * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
- *  into an array of SECItems (allocated on poolp)
- */
-SECStatus
-NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
-			    SECItem ***digestsp)
-{
-    const SECHashObject *digobj;
-    void *digcx;
-    SECItem **digests, *digest;
-    int i;
-    void *mark;
-    SECStatus rv = SECFailure;
-
-    /* no contents? do not update digests */
-    if (digestsp == NULL || !cmsdigcx->saw_contents) {
-	for (i = 0; i < cmsdigcx->digcnt; i++)
-	    (*cmsdigcx->digobjs[i]->destroy)(cmsdigcx->digcxs[i], PR_TRUE);
-	rv = SECSuccess;
-	goto cleanup;
-    }
-
-    mark = PORT_ArenaMark (poolp);
-
-    /* allocate digest array & SECItems on arena */
-    digests = (SECItem **)PORT_ArenaAlloc(poolp, (cmsdigcx->digcnt+1) * sizeof(SECItem *));
-    digest = (SECItem *)PORT_ArenaZAlloc(poolp, cmsdigcx->digcnt * sizeof(SECItem));
-    if (digests == NULL || digest == NULL) {
-	goto loser;
-    }
-
-    for (i = 0; i < cmsdigcx->digcnt; i++, digest++) {
-	digcx = cmsdigcx->digcxs[i];
-	digobj = cmsdigcx->digobjs[i];
-
-	digest->data = (unsigned char*)PORT_ArenaAlloc(poolp, digobj->length);
-	if (digest->data == NULL)
-	    goto loser;
-	digest->len = digobj->length;
-	(* digobj->end)(digcx, digest->data, &(digest->len), digest->len);
-	digests[i] = digest;
-	(* digobj->destroy)(digcx, PR_TRUE);
-    }
-    digests[i] = NULL;
-    *digestsp = digests;
-
-    rv = SECSuccess;
-
-loser:
-    if (rv == SECSuccess)
-	PORT_ArenaUnmark(poolp, mark);
-    else
-	PORT_ArenaRelease(poolp, mark);
-
-cleanup:
-    if (cmsdigcx->digcnt > 0) {
-	PORT_Free(cmsdigcx->digcxs);
-	PORT_Free(cmsdigcx->digobjs);
-    }
-    PORT_Free(cmsdigcx);
-
-    return rv;
-}
-
-/*
- * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
- *  but for one digest.
- */
-SECStatus
-NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
-			    SECItem *digest)
-{
-    SECStatus rv = SECFailure;
-    SECItem **dp;
-    PLArenaPool *arena = NULL;
-
-    if ((arena = PORT_NewArena(1024)) == NULL)
-	goto loser;
-
-    /* get the digests into arena, then copy the first digest into poolp */
-    if (NSS_CMSDigestContext_FinishMultiple(cmsdigcx, arena, &dp) != SECSuccess)
-	goto loser;
-
-    /* now copy it into poolp */
-    if (SECITEM_CopyItem(poolp, digest, dp[0]) != SECSuccess)
-	goto loser;
-
-    rv = SECSuccess;
-
-loser:
-    if (arena)
-	PORT_FreeArena(arena, PR_FALSE);
-
-    return rv;
-}
diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c
deleted file mode 100644
index fdfa0a2b9..000000000
--- a/security/nss/lib/smime/cmsencdata.c
+++ /dev/null
@@ -1,286 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS encryptedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-/*
- * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * "keysize" is the key size.
- * 
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-NSSCMSEncryptedData *
-NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
-{
-    void *mark;
-    NSSCMSEncryptedData *encd;
-    PLArenaPool *poolp;
-    SECAlgorithmID *pbe_algid;
-    SECStatus rv;
-
-    poolp = cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    encd = (NSSCMSEncryptedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEncryptedData));
-    if (encd == NULL)
-	goto loser;
-
-    encd->cmsg = cmsg;
-
-    /* version is set in NSS_CMSEncryptedData_Encode_BeforeStart() */
-
-    switch (algorithm) {
-    /* XXX hmmm... hardcoded algorithms? */
-    case SEC_OID_RC2_CBC:
-    case SEC_OID_DES_EDE3_CBC:
-    case SEC_OID_DES_CBC:
-	rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(encd->contentInfo), algorithm, NULL, keysize);
-	break;
-    default:
-	/* Assume password-based-encryption.  At least, try that. */
-	pbe_algid = PK11_CreatePBEAlgorithmID(algorithm, 1, NULL);
-	if (pbe_algid == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	rv = NSS_CMSContentInfo_SetContentEncAlgID(poolp, &(encd->contentInfo), pbe_algid, keysize);
-	SECOID_DestroyAlgorithmID (pbe_algid, PR_TRUE);
-	break;
-    }
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return encd;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-/*
- * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
- */
-void
-NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd)
-{
-    /* everything's in a pool, so don't worry about the storage */
-    NSS_CMSContentInfo_Destroy(&(encd->contentInfo));
-    return;
-}
-
-/*
- * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd)
-{
-    return &(encd->contentInfo);
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
- *     before encoding begins.
- *
- * In particular:
- *  - set the correct version value.
- *  - get the encryption key
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd)
-{
-    int version;
-    PK11SymKey *bulkkey = NULL;
-    SECItem *dummy;
-    NSSCMSContentInfo *cinfo = &(encd->contentInfo);
-
-    if (NSS_CMSArray_IsEmpty((void **)encd->unprotectedAttr))
-	version = NSS_CMS_ENCRYPTED_DATA_VERSION;
-    else
-	version = NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR;
-    
-    dummy = SEC_ASN1EncodeInteger (encd->cmsg->poolp, &(encd->version), version);
-    if (dummy == NULL)
-	return SECFailure;
-
-    /* now get content encryption key (bulk key) by using our cmsg callback */
-    if (encd->cmsg->decrypt_key_cb)
-	bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg, 
-		    NSS_CMSContentInfo_GetContentEncAlg(cinfo));
-    if (bulkkey == NULL)
-	return SECFailure;
-
-    /* store the bulk key in the contentInfo so that the encoder can find it */
-    NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd)
-{
-    NSSCMSContentInfo *cinfo;
-    PK11SymKey *bulkkey;
-    SECAlgorithmID *algid;
-
-    cinfo = &(encd->contentInfo);
-
-    /* find bulkkey and algorithm - must have been set by NSS_CMSEncryptedData_Encode_BeforeStart */
-    bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
-    if (bulkkey == NULL)
-	return SECFailure;
-    algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-    if (algid == NULL)
-	return SECFailure;
-
-    /* this may modify algid (with IVs generated in a token).
-     * it is therefore essential that algid is a pointer to the "real" contentEncAlg,
-     * not just to a copy */
-    cinfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(encd->cmsg->poolp, bulkkey, algid);
-    PK11_FreeSymKey(bulkkey);
-    if (cinfo->ciphcx == NULL)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd)
-{
-    if (encd->contentInfo.ciphcx) {
-	NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
-	encd->contentInfo.ciphcx = NULL;
-    }
-
-    /* nothing to do after data */
-    return SECSuccess;
-}
-
-
-/*
- * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd)
-{
-    PK11SymKey *bulkkey = NULL;
-    NSSCMSContentInfo *cinfo;
-    SECAlgorithmID *bulkalg;
-    SECStatus rv = SECFailure;
-
-    cinfo = &(encd->contentInfo);
-
-    bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-
-    if (encd->cmsg->decrypt_key_cb == NULL)	/* no callback? no key../ */
-	goto loser;
-
-    bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg, bulkalg);
-    if (bulkkey == NULL)
-	/* no success finding a bulk key */
-	goto loser;
-
-    NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
-    cinfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
-    if (cinfo->ciphcx == NULL)
-	goto loser;		/* error has been set by NSS_CMSCipherContext_StartDecrypt */
-
-    /* 
-     * HACK ALERT!!
-     * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
-     * structure.  Therefore, we need to set the bulkkey to the actual key 
-     * prior to freeing it.
-     */
-    if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
-	SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
-	bulkkey = keyPwd->key;
-    }
-
-    /* we are done with (this) bulkkey now. */
-    PK11_FreeSymKey(bulkkey);
-
-    rv = SECSuccess;
-
-loser:
-    return rv;
-}
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd)
-{
-    if (encd->contentInfo.ciphcx) {
-	NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
-	encd->contentInfo.ciphcx = NULL;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd)
-{
-    /* apply final touches */
-    return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsencode.c b/security/nss/lib/smime/cmsencode.c
deleted file mode 100644
index 978f02a55..000000000
--- a/security/nss/lib/smime/cmsencode.c
+++ /dev/null
@@ -1,743 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS encoding.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secrng.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-struct nss_cms_encoder_output {
-    NSSCMSContentCallback outputfn;
-    void *outputarg;
-    PLArenaPool *destpoolp;
-    SECItem *dest;
-};
-
-struct NSSCMSEncoderContextStr {
-    SEC_ASN1EncoderContext *	ecx;		/* ASN.1 encoder context */
-    PRBool			ecxupdated;	/* true if data was handed in */
-    NSSCMSMessage *		cmsg;		/* pointer to the root message */
-    SECOidTag			type;		/* type tag of the current content */
-    NSSCMSContent		content;	/* pointer to current content */
-    struct nss_cms_encoder_output output;	/* output function */
-    int				error;		/* error code */
-    NSSCMSEncoderContext *	childp7ecx;	/* link to child encoder context */
-};
-
-static SECStatus nss_cms_before_data(NSSCMSEncoderContext *p7ecx);
-static SECStatus nss_cms_after_data(NSSCMSEncoderContext *p7ecx);
-static SECStatus nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
-static SECStatus nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
-			     const unsigned char *data, unsigned long len,
-			     PRBool final, PRBool innermost);
-
-extern const SEC_ASN1Template NSSCMSMessageTemplate[];
-
-/*
- * The little output function that the ASN.1 encoder calls to hand
- * us bytes which we in turn hand back to our caller (via the callback
- * they gave us).
- */
-static void
-nss_cms_encoder_out(void *arg, const char *buf, unsigned long len,
-		      int depth, SEC_ASN1EncodingPart data_kind)
-{
-    struct nss_cms_encoder_output *output = (struct nss_cms_encoder_output *)arg;
-    unsigned char *dest;
-    unsigned long offset;
-
-#ifdef CMSDEBUG
-    int i;
-
-    fprintf(stderr, "kind = %d, depth = %d, len = %d\n", data_kind, depth, len);
-    for (i=0; i < len; i++) {
-	fprintf(stderr, " %02x%s", (unsigned int)buf[i] & 0xff, ((i % 16) == 15) ? "\n" : "");
-    }
-    if ((i % 16) != 0)
-	fprintf(stderr, "\n");
-#endif
-
-    if (output->outputfn != NULL)
-	/* call output callback with DER data */
-	output->outputfn(output->outputarg, buf, len);
-
-    if (output->dest != NULL) {
-	/* store DER data in SECItem */
-	offset = output->dest->len;
-	if (offset == 0) {
-	    dest = (unsigned char *)PORT_ArenaAlloc(output->destpoolp, len);
-	} else {
-	    dest = (unsigned char *)PORT_ArenaGrow(output->destpoolp, 
-				  output->dest->data,
-				  output->dest->len,
-				  output->dest->len + len);
-	}
-	if (dest == NULL)
-	    /* oops */
-	    return;
-
-	output->dest->data = dest;
-	output->dest->len += len;
-
-	/* copy it in */
-	PORT_Memcpy(output->dest->data + offset, buf, len);
-    }
-}
-
-/*
- * nss_cms_encoder_notify - ASN.1 encoder callback
- *
- * this function is called by the ASN.1 encoder before and after the encoding of
- * every object. here, it is used to keep track of data structures, set up
- * encryption and/or digesting and possibly set up child encoders.
- */
-static void
-nss_cms_encoder_notify(void *arg, PRBool before, void *dest, int depth)
-{
-    NSSCMSEncoderContext *p7ecx;
-    NSSCMSContentInfo *rootcinfo, *cinfo;
-    PRBool after = !before;
-    PLArenaPool *poolp;
-    SECOidTag childtype;
-    SECItem *item;
-
-    p7ecx = (NSSCMSEncoderContext *)arg;
-    PORT_Assert(p7ecx != NULL);
-
-    rootcinfo = &(p7ecx->cmsg->contentInfo);
-    poolp = p7ecx->cmsg->poolp;
-
-#ifdef CMSDEBUG
-    fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth);
-#endif
-
-    /*
-     * Watch for the content field, at which point we want to instruct
-     * the ASN.1 encoder to start taking bytes from the buffer.
-     */
-    switch (p7ecx->type) {
-    default:
-    case SEC_OID_UNKNOWN:
-	/* we're still in the root message */
-	if (after && dest == &(rootcinfo->contentType)) {
-	    /* got the content type OID now - so find out the type tag */
-	    p7ecx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
-	    /* set up a pointer to our current content */
-	    p7ecx->content = rootcinfo->content;
-	}
-	break;
-
-    case SEC_OID_PKCS7_DATA:
-	if (before && dest == &(rootcinfo->rawContent)) {
-	    /* just set up encoder to grab from user - no encryption or digesting */
-	    if ((item = rootcinfo->content.data) != NULL)
-		(void)nss_cms_encoder_work_data(p7ecx, NULL, item->data, item->len, PR_TRUE, PR_TRUE);
-	    else
-		SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
-	    SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx);	/* no need to get notified anymore */
-	}
-	break;
-
-    case SEC_OID_PKCS7_SIGNED_DATA:
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-
-	/* when we know what the content is, we encode happily until we reach the inner content */
-	cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-	childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
-	if (after && dest == &(cinfo->contentType)) {
-	    /* we're right before encoding the data (if we have some or not) */
-	    /* (for encrypted data, we're right before the contentEncAlg which may change */
-	    /*  in nss_cms_before_data because of IV calculation when setting up encryption) */
-	    if (nss_cms_before_data(p7ecx) != SECSuccess)
-		p7ecx->error = PORT_GetError();
-	}
-	if (before && dest == &(cinfo->rawContent)) {
-	    if (childtype == SEC_OID_PKCS7_DATA && (item = cinfo->content.data) != NULL)
-		/* we have data - feed it in */
-		(void)nss_cms_encoder_work_data(p7ecx, NULL, item->data, item->len, PR_TRUE, PR_TRUE);
-	    else
-		/* else try to get it from user */
-		SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
-	}
-	if (after && dest == &(cinfo->rawContent)) {
-	    if (nss_cms_after_data(p7ecx) != SECSuccess)
-		p7ecx->error = PORT_GetError();
-	    SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx);	/* no need to get notified anymore */
-	}
-	break;
-    }
-}
-
-/*
- * nss_cms_before_data - setup the current encoder to receive data
- */
-static SECStatus
-nss_cms_before_data(NSSCMSEncoderContext *p7ecx)
-{
-    SECStatus rv;
-    SECOidTag childtype;
-    NSSCMSContentInfo *cinfo;
-    PLArenaPool *poolp;
-    NSSCMSEncoderContext *childp7ecx;
-    const SEC_ASN1Template *template;
-
-    poolp = p7ecx->cmsg->poolp;
-
-    /* call _Encode_BeforeData handlers */
-    switch (p7ecx->type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	/* we're encoding a signedData, so set up the digests */
-	rv = NSS_CMSSignedData_Encode_BeforeData(p7ecx->content.signedData);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	/* we're encoding a digestedData, so set up the digest */
-	rv = NSS_CMSDigestedData_Encode_BeforeData(p7ecx->content.digestedData);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	rv = NSS_CMSEnvelopedData_Encode_BeforeData(p7ecx->content.envelopedData);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	rv = NSS_CMSEncryptedData_Encode_BeforeData(p7ecx->content.encryptedData);
-	break;
-    default:
-	rv = SECFailure;
-    }
-    if (rv != SECSuccess)
-	return SECFailure;
-
-    /* ok, now we have a pointer to cinfo */
-    /* find out what kind of data is encapsulated */
-    
-    cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-    childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
-    switch (childtype) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-#if 0
-    case SEC_OID_PKCS7_DATA:		/* XXX here also??? maybe yes! */
-#endif
-	/* in these cases, we need to set up a child encoder! */
-	/* create new encoder context */
-	childp7ecx = PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
-	if (childp7ecx == NULL)
-	    return SECFailure;
-
-	/* the CHILD encoder needs to hand its encoded data to the CURRENT encoder
-	 * (which will encrypt and/or digest it)
-	 * this needs to route back into our update function
-	 * which finds the lowest encoding context & encrypts and computes digests */
-	childp7ecx->type = childtype;
-	childp7ecx->content = cinfo->content;
-	/* use the non-recursive update function here, of course */
-	childp7ecx->output.outputfn = (NSSCMSContentCallback)nss_cms_encoder_update;
-	childp7ecx->output.outputarg = p7ecx;
-	childp7ecx->output.destpoolp = NULL;
-	childp7ecx->output.dest = NULL;
-	childp7ecx->cmsg = p7ecx->cmsg;
-
-	template = NSS_CMSUtil_GetTemplateByTypeTag(childtype);
-	if (template == NULL)
-	    goto loser;		/* cannot happen */
-
-	/* now initialize the data for encoding the first third */
-	switch (childp7ecx->type) {
-	case SEC_OID_PKCS7_SIGNED_DATA:
-	    rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
-	    break;
-	case SEC_OID_PKCS7_ENVELOPED_DATA:
-	    rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
-	    break;
-	case SEC_OID_PKCS7_DIGESTED_DATA:
-	    rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
-	    break;
-	case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
-	    break;
-	case SEC_OID_PKCS7_DATA:
-	    rv = SECSuccess;
-	    break;
-	default:
-	    PORT_Assert(0);
-	    break;
-	}
-	if (rv != SECSuccess)
-	    goto loser;
-
-	/*
-	 * Initialize the BER encoder.
-	 */
-	childp7ecx->ecx = SEC_ASN1EncoderStart(cinfo->content.pointer, template,
-					   nss_cms_encoder_out, &(childp7ecx->output));
-	if (childp7ecx->ecx == NULL)
-	    goto loser;
-
-	childp7ecx->ecxupdated = PR_FALSE;
-
-	/*
-	 * Indicate that we are streaming.  We will be streaming until we
-	 * get past the contents bytes.
-	 */
-	SEC_ASN1EncoderSetStreaming(childp7ecx->ecx);
-
-	/*
-	 * The notify function will watch for the contents field.
-	 */
-	SEC_ASN1EncoderSetNotifyProc(childp7ecx->ecx, nss_cms_encoder_notify, childp7ecx);
-
-	/* please note that we are NOT calling SEC_ASN1EncoderUpdate here to kick off the */
-	/* encoding process - we'll do that from the update function instead */
-	/* otherwise we'd be encoding data from a call of the notify function of the */
-	/* parent encoder (which would not work) */
-
-	/* this will kick off the encoding process & encode everything up to the content bytes,
-	 * at which point the notify function sets streaming mode (and possibly creates
-	 * another child encoder). */
-	if (SEC_ASN1EncoderUpdate(childp7ecx->ecx, NULL, 0) != SECSuccess)
-	    goto loser;
-
-	p7ecx->childp7ecx = childp7ecx;
-	break;
-
-    case SEC_OID_PKCS7_DATA:
-	p7ecx->childp7ecx = NULL;
-	break;
-    default:
-	/* we do not know this type */
-	p7ecx->error = SEC_ERROR_BAD_DER;
-	break;
-    }
-
-    return SECSuccess;
-
-loser:
-    if (childp7ecx) {
-	if (childp7ecx->ecx)
-	    SEC_ASN1EncoderFinish(childp7ecx->ecx);
-	PORT_Free(childp7ecx);
-    }
-    return SECFailure;
-}
-
-static SECStatus
-nss_cms_after_data(NSSCMSEncoderContext *p7ecx)
-{
-    SECStatus rv = SECFailure;
-
-    switch (p7ecx->type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	/* this will finish the digests and sign */
-	rv = NSS_CMSSignedData_Encode_AfterData(p7ecx->content.signedData);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	rv = NSS_CMSEnvelopedData_Encode_AfterData(p7ecx->content.envelopedData);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	rv = NSS_CMSDigestedData_Encode_AfterData(p7ecx->content.digestedData);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	rv = NSS_CMSEncryptedData_Encode_AfterData(p7ecx->content.encryptedData);
-	break;
-    case SEC_OID_PKCS7_DATA:
-	/* do nothing */
-	break;
-    default:
-	rv = SECFailure;
-	break;
-    }
-    return rv;
-}
-
-/*
- * nss_cms_encoder_work_data - process incoming data
- *
- * (from the user or the next encoding layer)
- * Here, we need to digest and/or encrypt, then pass it on
- */
-static SECStatus
-nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
-			     const unsigned char *data, unsigned long len,
-			     PRBool final, PRBool innermost)
-{
-    unsigned char *buf = NULL;
-    SECStatus rv;
-    NSSCMSContentInfo *cinfo;
-
-    rv = SECSuccess;		/* may as well be optimistic */
-
-    /*
-     * We should really have data to process, or we should be trying
-     * to finish/flush the last block.  (This is an overly paranoid
-     * check since all callers are in this file and simple inspection
-     * proves they do it right.  But it could find a bug in future
-     * modifications/development, that is why it is here.)
-     */
-    PORT_Assert ((data != NULL && len) || final);
-
-    /* we got data (either from the caller, or from a lower level encoder) */
-    cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-
-    /* Update the running digest. */
-    if (len && cinfo->digcx != NULL)
-	NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
-
-    /* Encrypt this chunk. */
-    if (cinfo->ciphcx != NULL) {
-	unsigned int inlen;	/* length of data being encrypted */
-	unsigned int outlen;	/* length of encrypted data */
-	unsigned int buflen;	/* length available for encrypted data */
-
-	inlen = len;
-	buflen = NSS_CMSCipherContext_EncryptLength(cinfo->ciphcx, inlen, final);
-	if (buflen == 0) {
-	    /*
-	     * No output is expected, but the input data may be buffered
-	     * so we still have to call Encrypt.
-	     */
-	    rv = NSS_CMSCipherContext_Encrypt(cinfo->ciphcx, NULL, NULL, 0,
-				   data, inlen, final);
-	    if (final) {
-		len = 0;
-		goto done;
-	    }
-	    return rv;
-	}
-
-	if (dest != NULL)
-	    buf = (unsigned char*)PORT_ArenaAlloc(p7ecx->cmsg->poolp, buflen);
-	else
-	    buf = (unsigned char*)PORT_Alloc(buflen);
-
-	if (buf == NULL) {
-	    rv = SECFailure;
-	} else {
-	    rv = NSS_CMSCipherContext_Encrypt(cinfo->ciphcx, buf, &outlen, buflen,
-				   data, inlen, final);
-	    data = buf;
-	    len = outlen;
-	}
-	if (rv != SECSuccess)
-	    /* encryption or malloc failed? */
-	    return rv;
-    }
-
-
-    /*
-     * at this point (data,len) has everything we'd like to give to the CURRENT encoder
-     * (which will encode it, then hand it back to the user or the parent encoder)
-     * We don't encode the data if we're innermost and we're told not to include the data
-     */
-    if (p7ecx->ecx != NULL && len && (!innermost || cinfo->rawContent != NULL))
-	rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, (const char *)data, len);
-
-done:
-
-    if (cinfo->ciphcx != NULL) {
-	if (dest != NULL) {
-	    dest->data = buf;
-	    dest->len = len;
-	} else if (buf != NULL) {
-	    PORT_Free (buf);
-	}
-    }
-    return rv;
-}
-
-/*
- * nss_cms_encoder_update - deliver encoded data to the next higher level
- *
- * no recursion here because we REALLY want to end up at the next higher encoder!
- */
-static SECStatus
-nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
-{
-    /* XXX Error handling needs help.  Return what?  Do "Finish" on failure? */
-    return nss_cms_encoder_work_data (p7ecx, NULL, (const unsigned char *)data, len, PR_FALSE, PR_FALSE);
-}
-
-/*
- * NSS_CMSEncoder_Start - set up encoding of a CMS message
- *
- * "cmsg" - message to encode
- * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
- *                           will not be called if NULL.
- * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
- * "destpoolp" - pool to allocate DER-encoded output in
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-NSSCMSEncoderContext *
-NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
-			NSSCMSContentCallback outputfn, void *outputarg,
-			SECItem *dest, PLArenaPool *destpoolp,
-			PK11PasswordFunc pwfn, void *pwfn_arg,
-			NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
-			SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
-{
-    NSSCMSEncoderContext *p7ecx;
-    SECStatus rv;
-    NSSCMSContentInfo *cinfo;
-
-    NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
-					detached_digestalgs, detached_digests);
-
-    p7ecx = (NSSCMSEncoderContext *)PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
-    if (p7ecx == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    p7ecx->cmsg = cmsg;
-    p7ecx->output.outputfn = outputfn;
-    p7ecx->output.outputarg = outputarg;
-    p7ecx->output.dest = dest;
-    p7ecx->output.destpoolp = destpoolp;
-    p7ecx->type = SEC_OID_UNKNOWN;
-
-    cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-
-    switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
-	break;
-    default:
-	rv = SECFailure;
-	break;
-    }
-    if (rv != SECSuccess)
-	return NULL;
-
-    /* Initialize the BER encoder.
-     * Note that this will not encode anything until the first call to SEC_ASN1EncoderUpdate */
-    p7ecx->ecx = SEC_ASN1EncoderStart(cmsg, NSSCMSMessageTemplate,
-				       nss_cms_encoder_out, &(p7ecx->output));
-    if (p7ecx->ecx == NULL) {
-	PORT_Free (p7ecx);
-	return NULL;
-    }
-    p7ecx->ecxupdated = PR_FALSE;
-
-    /*
-     * Indicate that we are streaming.  We will be streaming until we
-     * get past the contents bytes.
-     */
-    SEC_ASN1EncoderSetStreaming(p7ecx->ecx);
-
-    /*
-     * The notify function will watch for the contents field.
-     */
-    SEC_ASN1EncoderSetNotifyProc(p7ecx->ecx, nss_cms_encoder_notify, p7ecx);
-
-    /* this will kick off the encoding process & encode everything up to the content bytes,
-     * at which point the notify function sets streaming mode (and possibly creates
-     * a child encoder). */
-    if (SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0) != SECSuccess) {
-	PORT_Free (p7ecx);
-	return NULL;
-    }
-
-    return p7ecx;
-}
-
-/*
- * NSS_CMSEncoder_Update - take content data delivery from the user
- *
- * "p7ecx" - encoder context
- * "data" - content data
- * "len" - length of content data
- *
- * need to find the lowest level (and call SEC_ASN1EncoderUpdate on the way down),
- * then hand the data to the work_data fn
- */
-SECStatus
-NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
-{
-    SECStatus rv;
-    NSSCMSContentInfo *cinfo;
-    SECOidTag childtype;
-
-    if (p7ecx->error)
-	return SECFailure;
-
-    /* hand data to the innermost decoder */
-    if (p7ecx->childp7ecx) {
-	/* recursion here */
-	rv = NSS_CMSEncoder_Update(p7ecx->childp7ecx, data, len);
-    } else {
-	/* we are at innermost decoder */
-	/* find out about our inner content type - must be data */
-	cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-	childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-	if (childtype != SEC_OID_PKCS7_DATA)
-	    return SECFailure;
-	/* and we must not have preset data */
-	if (cinfo->content.data != NULL)
-	    return SECFailure;
-
-	/*  hand it the data so it can encode it (let DER trickle up the chain) */
-	rv = nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data, len, PR_FALSE, PR_TRUE);
-    }
-    return rv;
-}
-
-/*
- * NSS_CMSEncoder_Cancel - stop all encoding
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-SECStatus
-NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx)
-{
-    SECStatus rv = SECFailure;
-
-    /* XXX do this right! */
-
-    /*
-     * Finish any inner decoders before us so that all the encoded data is flushed
-     * This basically finishes all the decoders from the innermost to the outermost.
-     * Finishing an inner decoder may result in data being updated to the outer decoder
-     * while we are already in NSS_CMSEncoder_Finish, but that's allright.
-     */
-    if (p7ecx->childp7ecx) {
-	rv = NSS_CMSEncoder_Cancel(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
-	/* remember rv for now */
-    }
-
-    /*
-     * On the way back up, there will be no more data (if we had an
-     * inner encoder, it is done now!)
-     * Flush out any remaining data and/or finish digests.
-     */
-    rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
-    if (rv != SECSuccess)
-	goto loser;
-
-    p7ecx->childp7ecx = NULL;
-
-    /* kick the encoder back into working mode again.
-     * We turn off streaming stuff (which will cause the encoder to continue
-     * encoding happily, now that we have all the data (like digests) ready for it).
-     */
-    SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
-    SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
-
-    /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
-    rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
-
-loser:
-    SEC_ASN1EncoderFinish(p7ecx->ecx);
-    PORT_Free (p7ecx);
-    return rv;
-}
-
-/*
- * NSS_CMSEncoder_Finish - signal the end of data
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-SECStatus
-NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx)
-{
-    SECStatus rv = SECFailure;
-    NSSCMSContentInfo *cinfo;
-    SECOidTag childtype;
-
-    /*
-     * Finish any inner decoders before us so that all the encoded data is flushed
-     * This basically finishes all the decoders from the innermost to the outermost.
-     * Finishing an inner decoder may result in data being updated to the outer decoder
-     * while we are already in NSS_CMSEncoder_Finish, but that's allright.
-     */
-    if (p7ecx->childp7ecx) {
-	rv = NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
-	if (rv != SECSuccess)
-	    goto loser;
-    }
-
-    /*
-     * On the way back up, there will be no more data (if we had an
-     * inner encoder, it is done now!)
-     * Flush out any remaining data and/or finish digests.
-     */
-    rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
-    if (rv != SECSuccess)
-	goto loser;
-
-    p7ecx->childp7ecx = NULL;
-
-    /* find out about our inner content type - must be data */
-    cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-    childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-    if (childtype == SEC_OID_PKCS7_DATA && cinfo->content.data == NULL) {
-	SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
-	/* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
-	rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
-    }
-
-    SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
-
-    if (p7ecx->error)
-	rv = SECFailure;
-
-loser:
-    SEC_ASN1EncoderFinish(p7ecx->ecx);
-    PORT_Free (p7ecx);
-    return rv;
-}
diff --git a/security/nss/lib/smime/cmsenvdata.c b/security/nss/lib/smime/cmsenvdata.c
deleted file mode 100644
index 111ada533..000000000
--- a/security/nss/lib/smime/cmsenvdata.c
+++ /dev/null
@@ -1,424 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS envelopedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-/*
- * NSS_CMSEnvelopedData_Create - create an enveloped data message
- */
-NSSCMSEnvelopedData *
-NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
-{
-    void *mark;
-    NSSCMSEnvelopedData *envd;
-    PLArenaPool *poolp;
-    SECStatus rv;
-
-    poolp = cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    envd = (NSSCMSEnvelopedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEnvelopedData));
-    if (envd == NULL)
-	goto loser;
-
-    envd->cmsg = cmsg;
-
-    /* version is set in NSS_CMSEnvelopedData_Encode_BeforeStart() */
-
-    rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(envd->contentInfo), algorithm, NULL, keysize);
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return envd;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-/*
- * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
- */
-void
-NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp)
-{
-    NSSCMSRecipientInfo **recipientinfos;
-    NSSCMSRecipientInfo *ri;
-
-    if (edp == NULL)
-	return;
-
-    recipientinfos = edp->recipientInfos;
-    if (recipientinfos == NULL)
-	return;
-
-    while ((ri = *recipientinfos++) != NULL)
-	NSS_CMSRecipientInfo_Destroy(ri);
-
-   NSS_CMSContentInfo_Destroy(&(edp->contentInfo));
-
-}
-
-/*
- * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
- */
-NSSCMSContentInfo *
-NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd)
-{
-    return &(envd->contentInfo);
-}
-
-/*
- * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
- *
- * rip must be created on the same pool as edp - this is not enforced, though.
- */
-SECStatus
-NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip)
-{
-    void *mark;
-    SECStatus rv;
-
-    /* XXX compare pools, if not same, copy rip into edp's pool */
-
-    PR_ASSERT(edp != NULL);
-    PR_ASSERT(rip != NULL);
-
-    mark = PORT_ArenaMark(edp->cmsg->poolp);
-
-    rv = NSS_CMSArray_Add(edp->cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease(edp->cmsg->poolp, mark);
-	return SECFailure;
-    }
-
-    PORT_ArenaUnmark (edp->cmsg->poolp, mark);
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
- *
- * at this point, we need
- * - recipientinfos set up with recipient's certificates
- * - a content encryption algorithm (if none, 3DES will be used)
- *
- * this function will generate a random content encryption key (aka bulk key),
- * initialize the recipientinfos with certificate identification and wrap the bulk key
- * using the proper algorithm for every certificiate.
- * it will finally set the bulk algorithm and key so that the encode step can find it.
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd)
-{
-    int version;
-    NSSCMSRecipientInfo **recipientinfos;
-    NSSCMSContentInfo *cinfo;
-    PK11SymKey *bulkkey = NULL;
-    SECOidTag bulkalgtag;
-    CK_MECHANISM_TYPE type;
-    PK11SlotInfo *slot;
-    SECStatus rv;
-    SECItem *dummy;
-    PLArenaPool *poolp;
-    extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
-    void *mark = NULL;
-    int i;
-
-    poolp = envd->cmsg->poolp;
-    cinfo = &(envd->contentInfo);
-
-    recipientinfos = envd->recipientInfos;
-    if (recipientinfos == NULL) {
-	PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
-	PORT_SetErrorString("Cannot find recipientinfos to encode.");
-#endif
-	goto loser;
-    }
-
-    version = NSS_CMS_ENVELOPED_DATA_VERSION_REG;
-    if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
-	version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
-    } else {
-	for (i = 0; recipientinfos[i] != NULL; i++) {
-	    if (NSS_CMSRecipientInfo_GetVersion(recipientinfos[i]) != 0) {
-		version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
-		break;
-	    }
-	}
-    }
-    dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
-    if (dummy == NULL)
-	goto loser;
-
-    /* now we need to have a proper content encryption algorithm
-     * on the SMIME level, we would figure one out by looking at SMIME capabilities
-     * we cannot do that on our level, so if none is set already, we'll just go
-     * with one of the mandatory algorithms (3DES) */
-    if ((bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
-	rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, cinfo, SEC_OID_DES_EDE3_CBC, NULL, 168);
-	if (rv != SECSuccess)
-	    goto loser;
-	bulkalgtag = SEC_OID_DES_EDE3_CBC;
-    } 
-
-    /* generate a random bulk key suitable for content encryption alg */
-    type = PK11_AlgtagToMechanism(bulkalgtag);
-    slot = PK11_GetBestSlot(type, envd->cmsg->pwfn_arg);
-    if (slot == NULL)
-	goto loser;	/* error has been set by PK11_GetBestSlot */
-
-    /* this is expensive... */
-    bulkkey = PK11_KeyGen(slot, type, NULL, NSS_CMSContentInfo_GetBulkKeySize(cinfo) / 8, envd->cmsg->pwfn_arg);
-    PK11_FreeSlot(slot);
-    if (bulkkey == NULL)
-	goto loser;	/* error has been set by PK11_KeyGen */
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* Encrypt the bulk key with the public key of each recipient.  */
-    for (i = 0; recipientinfos[i] != NULL; i++) {
-	rv = NSS_CMSRecipientInfo_WrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
-	if (rv != SECSuccess)
-	    goto loser;	/* error has been set by NSS_CMSRecipientInfo_EncryptBulkKey */
-	    		/* could be: alg not supported etc. */
-    }
-
-    /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
-    rv = NSS_CMSArray_SortByDER((void **)envd->recipientInfos, NSSCMSRecipientInfoTemplate, NULL);
-    if (rv != SECSuccess)
-	goto loser;	/* error has been set by NSS_CMSArray_SortByDER */
-
-    /* store the bulk key in the contentInfo so that the encoder can find it */
-    NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
-    PORT_ArenaUnmark(poolp, mark);
-
-    PK11_FreeSymKey(bulkkey);
-
-    return SECSuccess;
-
-loser:
-    if (mark != NULL)
-	PORT_ArenaRelease (poolp, mark);
-    if (bulkkey)
-	PK11_FreeSymKey(bulkkey);
-
-    return SECFailure;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
- *
- * it is essential that this is called before the contentEncAlg is encoded, because
- * setting up the encryption may generate IVs and thus change it!
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd)
-{
-    NSSCMSContentInfo *cinfo;
-    PK11SymKey *bulkkey;
-    SECAlgorithmID *algid;
-
-    cinfo = &(envd->contentInfo);
-
-    /* find bulkkey and algorithm - must have been set by NSS_CMSEnvelopedData_Encode_BeforeStart */
-    bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
-    if (bulkkey == NULL)
-	return SECFailure;
-    algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-    if (algid == NULL)
-	return SECFailure;
-
-    /* this may modify algid (with IVs generated in a token).
-     * it is essential that algid is a pointer to the contentEncAlg data, not a
-     * pointer to a copy! */
-    cinfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(envd->cmsg->poolp, bulkkey, algid);
-    PK11_FreeSymKey(bulkkey);
-    if (cinfo->ciphcx == NULL)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd)
-{
-    if (envd->contentInfo.ciphcx) {
-	NSS_CMSCipherContext_Destroy(envd->contentInfo.ciphcx);
-	envd->contentInfo.ciphcx = NULL;
-    }
-
-    /* nothing else to do after data */
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo, 
- * derive bulk key & set up our contentinfo
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd)
-{
-    NSSCMSRecipientInfo *ri;
-    PK11SymKey *bulkkey = NULL;
-    SECOidTag bulkalgtag;
-    SECAlgorithmID *bulkalg;
-    SECStatus rv = SECFailure;
-    NSSCMSContentInfo *cinfo;
-    NSSCMSRecipient **recipient_list = NULL;
-    NSSCMSRecipient *recipient;
-    int rlIndex;
-
-    if (NSS_CMSArray_Count((void **)envd->recipientInfos) == 0) {
-	PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
-	PORT_SetErrorString("No recipient data in envelope.");
-#endif
-	goto loser;
-    }
-
-    /* look if one of OUR cert's issuerSN is on the list of recipients, and if so,  */
-    /* get the cert and private key for it right away */
-    recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
-    if (recipient_list == NULL)
-	goto loser;
-
-    /* what about multiple recipientInfos that match?
-     * especially if, for some reason, we could not produce a bulk key with the first match?!
-     * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
-     * maybe later... */
-    rlIndex = PK11_FindCertAndKeyByRecipientListNew(recipient_list, envd->cmsg->pwfn_arg);
-
-    /* if that fails, then we're not an intended recipient and cannot decrypt */
-    if (rlIndex < 0) {
-	PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
-#if 0
-	PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
-#endif
-	goto loser;
-    }
-
-    recipient = recipient_list[rlIndex];
-    if (!recipient->cert || !recipient->privkey) {
-	/* XXX should set an error code ?!? */
-	goto loser;
-    }
-    /* get a pointer to "our" recipientinfo */
-    ri = envd->recipientInfos[recipient->riIndex];
-
-    cinfo = &(envd->contentInfo);
-    bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
-    bulkkey = NSS_CMSRecipientInfo_UnwrapBulkKey(ri,recipient->subIndex,
-						    recipient->cert,
-						    recipient->privkey,
-						    bulkalgtag);
-    if (bulkkey == NULL) {
-	/* no success finding a bulk key */
-	goto loser;
-    }
-
-    NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
-    bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-
-    cinfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
-    if (cinfo->ciphcx == NULL)
-	goto loser;		/* error has been set by NSS_CMSCipherContext_StartDecrypt */
-
-    /* 
-     * HACK ALERT!!
-     * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
-     * structure.  Therefore, we need to set the bulkkey to the actual key 
-     * prior to freeing it.
-     */
-    if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
-	SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
-	bulkkey = keyPwd->key;
-    }
-
-    rv = SECSuccess;
-
-loser:
-    if (bulkkey)
-	PK11_FreeSymKey(bulkkey);
-    if (recipient_list != NULL)
-	nss_cms_recipient_list_destroy(recipient_list);
-    return rv;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd)
-{
-    if (envd->contentInfo.ciphcx) {
-	NSS_CMSCipherContext_Destroy(envd->contentInfo.ciphcx);
-	envd->contentInfo.ciphcx = NULL;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd)
-{
-    /* apply final touches */
-    return SECSuccess;
-}
-
diff --git a/security/nss/lib/smime/cmslocal.h b/security/nss/lib/smime/cmslocal.h
deleted file mode 100644
index e7f15c4e1..000000000
--- a/security/nss/lib/smime/cmslocal.h
+++ /dev/null
@@ -1,330 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for CMS implementation, none of which are exported.
- *
- * Do not export this file!  If something in here is really needed outside
- * of smime code, first try to add a CMS interface which will do it for
- * you.  If that has a problem, then just move out what you need, changing
- * its name as appropriate!
- *
- * $Id$
- */
-
-#ifndef _CMSLOCAL_H_
-#define _CMSLOCAL_H_
-
-#include "cms.h"
-#include "cmsreclist.h"
-#include "secasn1t.h"
-
-extern const SEC_ASN1Template NSSCMSContentInfoTemplate[];
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/***********************************************************************
- * cmscipher.c - en/decryption routines
- ***********************************************************************/
-
-/*
- * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
- * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
- */
-extern NSSCMSCipherContext *
-NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid);
-
-/*
- * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
- * based on the given bulk encryption key and algorithm tag.  Fill in the algorithm
- * identifier (which may include an iv) appropriately.
- */
-extern NSSCMSCipherContext *
-NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid);
-
-extern void
-NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc);
-
-/*
- * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.  Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- */
-extern unsigned int
-NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
-
-/*
- * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.
- */
-extern unsigned int
-NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
-
-/*
- * NSS_CMSCipherContext_Decrypt - do the decryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Decrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
- * When "final" is true, this is the last of the data to be decrypted.
- */ 
-extern SECStatus
-NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
-		  unsigned int *output_len_p, unsigned int max_output_len,
-		  const unsigned char *input, unsigned int input_len,
-		  PRBool final);
-
-/*
- * NSS_CMSCipherContext_Encrypt - do the encryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Encrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
- * When "final" is true, this is the last of the data to be encrypted.
- */ 
-extern SECStatus
-NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
-		  unsigned int *output_len_p, unsigned int max_output_len,
-		  const unsigned char *input, unsigned int input_len,
-		  PRBool final);
-
-/************************************************************************
- * cmspubkey.c - public key operations
- ************************************************************************/
-
-/*
- * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
- *
- * this function takes a symmetric key and encrypts it using an RSA public key
- * according to PKCS#1 and RFC2633 (S/MIME)
- */
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
-			SECItem *encKey);
-
-/*
- * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
- *
- * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
- * key handle. Please note that the actual unwrapped key data may not be allowed to leave
- * a hardware token...
- */
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
-			SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg);
-
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey,
-			SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
-			SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
-			SECItem *originatorPubKey);
-
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey,
-			SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
-
-/************************************************************************
- * cmsreclist.c - recipient list stuff
- ************************************************************************/
-extern NSSCMSRecipient **nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos);
-extern void nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list);
-extern NSSCMSRecipientEncryptedKey *NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp);
-
-/************************************************************************
- * cmsarray.c - misc array functions
- ************************************************************************/
-/*
- * NSS_CMSArray_Alloc - allocate an array in an arena
- */
-extern void **
-NSS_CMSArray_Alloc(PRArenaPool *poolp, int n);
-
-/*
- * NSS_CMSArray_Add - add an element to the end of an array
- */
-extern SECStatus
-NSS_CMSArray_Add(PRArenaPool *poolp, void ***array, void *obj);
-
-/*
- * NSS_CMSArray_IsEmpty - check if array is empty
- */
-extern PRBool
-NSS_CMSArray_IsEmpty(void **array);
-
-/*
- * NSS_CMSArray_Count - count number of elements in array
- */
-extern int
-NSS_CMSArray_Count(void **array);
-
-/*
- * NSS_CMSArray_Sort - sort an array ascending, in place
- *
- * If "secondary" is not NULL, the same reordering gets applied to it.
- * If "tertiary" is not NULL, the same reordering gets applied to it.
- * "compare" is a function that returns 
- *  < 0 when the first element is less than the second
- *  = 0 when the first element is equal to the second
- *  > 0 when the first element is greater than the second
- */
-extern void
-NSS_CMSArray_Sort(void **primary, int (*compare)(void *,void *), void **secondary, void **tertiary);
-
-/************************************************************************
- * cmsattr.c - misc attribute functions
- ************************************************************************/
-/*
- * NSS_CMSAttribute_Create - create an attribute
- *
- * if value is NULL, the attribute won't have a value. It can be added later
- * with NSS_CMSAttribute_AddValue.
- */
-extern NSSCMSAttribute *
-NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded);
-
-/*
- * NSS_CMSAttribute_AddValue - add another value to an attribute
- */
-extern SECStatus
-NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value);
-
-/*
- * NSS_CMSAttribute_GetType - return the OID tag
- */
-extern SECOidTag
-NSS_CMSAttribute_GetType(NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttribute_GetValue - return the first attribute value
- *
- * We do some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-extern SECItem *
-NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
- */
-extern PRBool
-NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av);
-
-/*
- * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
- *
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in cmsencode.c.  (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-extern SECItem *
-NSS_CMSAttributeArray_Encode(PRArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest);
-
-/*
- * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
- *
- * make sure that the order of the attributes guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in attrs).
- */
-extern SECStatus
-NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs);
-
-/*
- * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
- * find one that matches the specified object ID.
- *
- * If "only" is true, then make sure that there is not more than one attribute
- * of the same type.  Otherwise, just return the first one found. (XXX Does
- * anybody really want that first-found behavior?  It was like that when I found it...)
- */
-extern NSSCMSAttribute *
-NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only);
-
-/*
- * NSS_CMSAttributeArray_AddAttr - add an attribute to an
- * array of attributes. 
- */
-extern SECStatus
-NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
- */
-extern SECStatus
-NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECOidTag type, SECItem *value, PRBool encoded);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _CMSLOCAL_H_ */
diff --git a/security/nss/lib/smime/cmsmessage.c b/security/nss/lib/smime/cmsmessage.c
deleted file mode 100644
index 21a730e6f..000000000
--- a/security/nss/lib/smime/cmsmessage.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS message methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSMessage_Create - create a CMS message object
- *
- * "poolp" - arena to allocate memory from, or NULL if new arena should be created
- */
-NSSCMSMessage *
-NSS_CMSMessage_Create(PLArenaPool *poolp)
-{
-    void *mark = NULL;
-    NSSCMSMessage *cmsg;
-    PRBool poolp_is_ours = PR_FALSE;
-
-    if (poolp == NULL) {
-	poolp = PORT_NewArena (1024);           /* XXX what is right value? */
-	if (poolp == NULL)
-	    return NULL;
-	poolp_is_ours = PR_TRUE;
-    } 
-
-    if (!poolp_is_ours)
-	mark = PORT_ArenaMark(poolp);
-
-    cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSMessage));
-    if (cmsg == NULL) {
-	if (!poolp_is_ours) {
-	    if (mark) {
-		PORT_ArenaRelease(poolp, mark);
-	    }
-	} else
-	    PORT_FreeArena(poolp, PR_FALSE);
-	return NULL;
-    }
-
-    cmsg->poolp = poolp;
-    cmsg->poolp_is_ours = poolp_is_ours;
-    cmsg->refCount = 1;
-
-    if (mark)
-	PORT_ArenaUnmark(poolp, mark);
-
-    return cmsg;
-}
-
-/*
- * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
- *
- * "cmsg" - message object
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-void
-NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
-			PK11PasswordFunc pwfn, void *pwfn_arg,
-			NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
-			SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
-{
-    if (pwfn)
-	PK11_SetPasswordFunc(pwfn);
-    cmsg->pwfn_arg = pwfn_arg;
-    cmsg->decrypt_key_cb = decrypt_key_cb;
-    cmsg->decrypt_key_cb_arg = decrypt_key_cb_arg;
-    cmsg->detached_digestalgs = detached_digestalgs;
-    cmsg->detached_digests = detached_digests;
-}
-
-/*
- * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
- */
-void
-NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg)
-{
-    PORT_Assert (cmsg->refCount > 0);
-    if (cmsg->refCount <= 0)	/* oops */
-	return;
-
-    cmsg->refCount--;		/* thread safety? */
-    if (cmsg->refCount > 0)
-	return;
-
-    NSS_CMSContentInfo_Destroy(&(cmsg->contentInfo));
-
-    /* if poolp is not NULL, cmsg is the owner of its arena */
-    if (cmsg->poolp_is_ours)
-	PORT_FreeArena (cmsg->poolp, PR_FALSE);	/* XXX clear it? */
-}
-
-/*
- * NSS_CMSMessage_Copy - return a copy of the given message. 
- *
- * The copy may be virtual or may be real -- either way, the result needs
- * to be passed to NSS_CMSMessage_Destroy later (as does the original).
- */
-NSSCMSMessage *
-NSS_CMSMessage_Copy(NSSCMSMessage *cmsg)
-{
-    if (cmsg == NULL)
-	return NULL;
-
-    PORT_Assert (cmsg->refCount > 0);
-
-    cmsg->refCount++; /* XXX chrisk thread safety? */
-    return cmsg;
-}
-
-/*
- * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
- */
-PLArenaPool *
-NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg)
-{
-    return cmsg->poolp;
-}
-
-/*
- * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg)
-{
-    return &(cmsg->contentInfo);
-}
-
-/*
- * Return a pointer to the actual content. 
- * In the case of those types which are encrypted, this returns the *plain* content.
- * In case of nested contentInfos, this descends and retrieves the innermost content.
- */
-SECItem *
-NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg)
-{
-    /* this is a shortcut */
-    return NSS_CMSContentInfo_GetInnerContent(NSS_CMSMessage_GetContentInfo(cmsg));
-}
-
-/*
- * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
- *
- * CMS data content objects do not count.
- */
-int
-NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg)
-{
-    int count = 0;
-    NSSCMSContentInfo *cinfo;
-
-    /* walk down the chain of contentinfos */
-    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
-	count++;
-    }
-    return count;
-}
-
-/*
- * NSS_CMSMessage_ContentLevel - find content level #n
- *
- * CMS data content objects do not count.
- */
-NSSCMSContentInfo *
-NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n)
-{
-    int count = 0;
-    NSSCMSContentInfo *cinfo;
-
-    /* walk down the chain of contentinfos */
-    for (cinfo = &(cmsg->contentInfo); cinfo != NULL && count < n; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
-	count++;
-    }
-
-    return cinfo;
-}
-
-/*
- * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
- */
-PRBool
-NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg)
-{
-    NSSCMSContentInfo *cinfo;
-
-    /* descend into CMS message */
-    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
-	if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
-	    continue;	/* next level */
-	
-	if (NSS_CMSSignedData_ContainsCertsOrCrls(cinfo->content.signedData))
-	    return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
- */
-PRBool
-NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg)
-{
-    NSSCMSContentInfo *cinfo;
-
-    /* walk down the chain of contentinfos */
-    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo))
-    {
-	switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
-	case SEC_OID_PKCS7_ENVELOPED_DATA:
-	case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	    return PR_TRUE;
-	default:
-	    break;
-	}
-    }
-    return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
- *
- * If the CMS message has a SignedData with a signature (not just a SignedData)
- * return true; false otherwise.  This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-PRBool
-NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg)
-{
-    NSSCMSContentInfo *cinfo;
-
-    /* walk down the chain of contentinfos */
-    for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo))
-    {
-	switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
-	case SEC_OID_PKCS7_SIGNED_DATA:
-	    if (!NSS_CMSArray_IsEmpty((void **)cinfo->content.signedData->signerInfos))
-		return PR_TRUE;
-	    break;
-	default:
-	    break;
-	}
-    }
-    return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsContentEmpty - see if content is empty
- *
- * returns PR_TRUE is innermost content length is < minLen
- * XXX need the encrypted content length (why?)
- */
-PRBool
-NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen)
-{
-    SECItem *item = NULL;
-
-    if (cmsg == NULL)
-	return PR_TRUE;
-
-    item = NSS_CMSContentInfo_GetContent(NSS_CMSMessage_GetContentInfo(cmsg));
-
-    if (!item) {
-	return PR_TRUE;
-    } else if(item->len <= minLen) {
-	return PR_TRUE;
-    }
-
-    return PR_FALSE;
-}
diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c
deleted file mode 100644
index 3e06da556..000000000
--- a/security/nss/lib/smime/cmspubkey.c
+++ /dev/null
@@ -1,542 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS public key crypto
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/* ====== RSA ======================================================================= */
-
-/*
- * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
- *
- * this function takes a symmetric key and encrypts it using an RSA public key
- * according to PKCS#1 and RFC2633 (S/MIME)
- */
-SECStatus
-NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *bulkkey,
-			SECItem *encKey)
-{
-    SECOidTag certalgtag;	/* the certificate's encryption algorithm */
-    SECOidTag encalgtag;	/* the algorithm used for key exchange/agreement */
-    SECStatus rv;
-    SECKEYPublicKey *publickey;
-    int data_len;
-    void *mark = NULL;
-
-    /* sanity check */
-    certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-    PORT_Assert(certalgtag == SEC_OID_PKCS1_RSA_ENCRYPTION);
-
-    encalgtag = SEC_OID_PKCS1_RSA_ENCRYPTION;
-    publickey = CERT_ExtractPublicKey(cert);
-    if (publickey == NULL)
-	goto loser;
-	
-    mark = PORT_ArenaMark(poolp);
-    if (!mark)
-	goto loser;
-
-    /* allocate memory for the encrypted key */
-    data_len = SECKEY_PublicKeyStrength(publickey);	/* block size (assumed to be > keylen) */
-    encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, data_len);
-    encKey->len = data_len;
-    if (encKey->data == NULL)
-	goto loser;
-
-    /* encrypt the key now */
-    rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(SEC_OID_PKCS1_RSA_ENCRYPTION),
-				publickey, bulkkey, encKey);
-
-    SECKEY_DestroyPublicKey(publickey);
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
-loser:
-    if (mark) {
-	PORT_ArenaRelease(poolp, mark);
-    }
-    return SECFailure;
-}
-
-/*
- * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
- *
- * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
- * key handle. Please note that the actual unwrapped key data may not be allowed to leave
- * a hardware token...
- */
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag)
-{
-    /* that's easy */
-    return PK11_PubUnwrapSymKey(privkey, encKey, PK11_AlgtagToMechanism(bulkalgtag), CKA_DECRYPT, 0);
-}
-
-/* ====== MISSI (Fortezza) ========================================================== */
-
-extern const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[];
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *bulkkey,
-			SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg)
-{
-    SECOidTag certalgtag;	/* the certificate's encryption algorithm */
-    SECOidTag encalgtag;	/* the algorithm used for key exchange/agreement */
-    SECStatus rv = SECFailure;
-    SECItem *params = NULL;
-    SECStatus err;
-    PK11SymKey *tek;
-    CERTCertificate *ourCert;
-    SECKEYPublicKey *ourPubKey, *publickey = NULL;
-    SECKEYPrivateKey *ourPrivKey = NULL;
-    NSSCMSKEATemplateSelector whichKEA = NSSCMSKEAInvalid;
-    NSSCMSSMIMEKEAParameters keaParams;
-    PLArenaPool *arena = NULL;
-    extern const SEC_ASN1Template *nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate);
-
-    /* Clear keaParams, since cleanup code checks the lengths */
-    (void) memset(&keaParams, 0, sizeof(keaParams));
-
-    certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-    PORT_Assert(certalgtag == SEC_OID_MISSI_KEA_DSS_OLD ||
-		certalgtag == SEC_OID_MISSI_KEA_DSS ||
-		certalgtag == SEC_OID_MISSI_KEA);
-
-#define SMIME_FORTEZZA_RA_LENGTH 128
-#define SMIME_FORTEZZA_IV_LENGTH 24
-#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
-
-    /* We really want to show our KEA tag as the key exchange algorithm tag. */
-    encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
-
-    /* Get the public key of the recipient. */
-    publickey = CERT_ExtractPublicKey(cert);
-    if (publickey == NULL) goto loser;
-
-    /* Find our own cert, and extract its keys. */
-    ourCert = PK11_FindBestKEAMatch(cert, pwfn_arg);
-    if (ourCert == NULL) goto loser;
-
-    arena = PORT_NewArena(1024);
-    if (arena == NULL)
-	goto loser;
-
-    ourPubKey = CERT_ExtractPublicKey(ourCert);
-    if (ourPubKey == NULL) {
-	CERT_DestroyCertificate(ourCert);
-	goto loser;
-    }
-
-    /* While we're here, copy the public key into the outgoing
-     * KEA parameters. */
-    SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey), &(ourPubKey->u.fortezza.KEAKey));
-    SECKEY_DestroyPublicKey(ourPubKey);
-    ourPubKey = NULL;
-
-    /* Extract our private key in order to derive the KEA key. */
-    ourPrivKey = PK11_FindKeyByAnyCert(ourCert, pwfn_arg);
-    CERT_DestroyCertificate(ourCert); /* we're done with this */
-    if (!ourPrivKey)
-	goto loser;
-
-    /* Prepare raItem with 128 bytes (filled with zeros). */
-    keaParams.originatorRA.data = (unsigned char *)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
-    keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
-
-    /* Generate the TEK (token exchange key) which we use
-     * to wrap the bulk encryption key. (keaparams.originatorRA) will be
-     * filled with a random seed which we need to send to
-     * the recipient. (user keying material in RFC2630/DSA speak) */
-    tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
-			 &keaParams.originatorRA, NULL,
-			 CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
-			 CKA_WRAP, 0,  pwfn_arg);
-
-    SECKEY_DestroyPublicKey(publickey);
-    SECKEY_DestroyPrivateKey(ourPrivKey);
-    publickey = NULL;
-    ourPrivKey = NULL;
-    
-    if (!tek)
-	goto loser;
-
-    /* allocate space for the wrapped key data */
-    encKey->data = (unsigned char *)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
-    encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
-    if (encKey->data == NULL) {
-	PK11_FreeSymKey(tek);
-	goto loser;
-    }
-
-    /* Wrap the bulk key. What we do with the resulting data
-       depends on whether we're using Skipjack to wrap the key. */
-    switch (PK11_AlgtagToMechanism(symalgtag)) {
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-	/* SKIPJACK, we use the wrap mechanism because we can do it on the hardware */
-	err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, bulkkey, encKey);
-	whichKEA = NSSCMSKEAUsesSkipjack;
-	break;
-    default:
-	/* Not SKIPJACK, we encrypt the raw key data */
-	keaParams.nonSkipjackIV.data = 
-	  (unsigned char *)PORT_ArenaAlloc(arena, SMIME_FORTEZZA_IV_LENGTH);
-	keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
-	err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV, tek, bulkkey, encKey);
-	if (err != SECSuccess)
-	    goto loser;
-
-	if (encKey->len != PK11_GetKeyLength(bulkkey)) {
-	    /* The size of the encrypted key is not the same as
-	       that of the original bulk key, presumably due to
-	       padding. Encode and store the real size of the
-	       bulk key. */
-	    if (SEC_ASN1EncodeInteger(arena, &keaParams.bulkKeySize, PK11_GetKeyLength(bulkkey)) == NULL)
-		err = (SECStatus)PORT_GetError();
-	    else
-		/* use full template for encoding */
-		whichKEA = NSSCMSKEAUsesNonSkipjackWithPaddedEncKey;
-	}
-	else
-	    /* enc key length == bulk key length */
-	    whichKEA = NSSCMSKEAUsesNonSkipjack; 
-	break;
-    }
-
-    PK11_FreeSymKey(tek);
-
-    if (err != SECSuccess)
-	goto loser;
-
-    PORT_Assert(whichKEA != NSSCMSKEAInvalid);
-
-    /* Encode the KEA parameters into the recipient info. */
-    params = SEC_ASN1EncodeItem(poolp, NULL, &keaParams, nss_cms_get_kea_template(whichKEA));
-    if (params == NULL)
-	goto loser;
-
-    /* pass back the algorithm params */
-    *pparams = params;
-
-    rv = SECSuccess;
-
-loser:
-    if (arena)
-	PORT_FreeArena(arena, PR_FALSE);
-    if (publickey)
-        SECKEY_DestroyPublicKey(publickey);
-    if (ourPrivKey)
-        SECKEY_DestroyPrivateKey(ourPrivKey);
-    return rv;
-}
-
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
-{
-    /* fortezza: do a key exchange */
-    SECStatus err;
-    CK_MECHANISM_TYPE bulkType;
-    PK11SymKey *tek;
-    SECKEYPublicKey *originatorPubKey;
-    NSSCMSSMIMEKEAParameters keaParams;
-    PK11SymKey *bulkkey;
-    int bulkLength;
-
-    (void) memset(&keaParams, 0, sizeof(keaParams));
-
-    /* NOTE: this uses the SMIME v2 recipientinfo for compatibility.
-       All additional KEA parameters are DER-encoded in the encryption algorithm parameters */
-
-    /* Decode the KEA algorithm parameters. */
-    err = SEC_ASN1DecodeItem(NULL, &keaParams, NSS_SMIMEKEAParamTemplateAllParams,
-			     &(keyEncAlg->parameters));
-    if (err != SECSuccess)
-	goto loser;
-
-    /* get originator's public key */
-   originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
-			   keaParams.originatorKEAKey.len);
-   if (originatorPubKey == NULL)
-	  goto loser;
-    
-   /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
-      The Derive function generates a shared secret and combines it with the originatorRA
-      data to come up with an unique session key */
-   tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
-			 &keaParams.originatorRA, NULL,
-			 CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
-			 CKA_WRAP, 0, pwfn_arg);
-   SECKEY_DestroyPublicKey(originatorPubKey);	/* not needed anymore */
-   if (tek == NULL)
-	goto loser;
-    
-    /* Now that we have the TEK, unwrap the bulk key
-       with which to decrypt the message. We have to
-       do one of two different things depending on 
-       whether Skipjack was used for *bulk* encryption 
-       of the message. */
-    bulkType = PK11_AlgtagToMechanism(bulkalgtag);
-    switch (bulkType) {
-    case CKM_SKIPJACK_CBC64:
-    case CKM_SKIPJACK_ECB64:
-    case CKM_SKIPJACK_OFB64:
-    case CKM_SKIPJACK_CFB64:
-    case CKM_SKIPJACK_CFB32:
-    case CKM_SKIPJACK_CFB16:
-    case CKM_SKIPJACK_CFB8:
-	/* Skipjack is being used as the bulk encryption algorithm.*/
-	/* Unwrap the bulk key. */
-	bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
-				    encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-	break;
-    default:
-	/* Skipjack was not used for bulk encryption of this
-	   message. Use Skipjack CBC64, with the nonSkipjackIV
-	   part of the KEA key parameters, to decrypt 
-	   the bulk key. If the optional parameter bulkKeySize is present,
-	   bulk key size is different than the encrypted key size */
-	if (keaParams.bulkKeySize.len > 0) {
-	    err = SEC_ASN1DecodeItem(NULL, &bulkLength,
-				     SEC_ASN1_GET(SEC_IntegerTemplate),
-				     &keaParams.bulkKeySize);
-	    if (err != SECSuccess)
-		goto loser;
-	}
-	
-	bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV, 
-				    encKey, bulkType, CKA_DECRYPT, bulkLength);
-	break;
-    }
-    return bulkkey;
-loser:
-    return NULL;
-}
-
-/* ====== ESDH (Ephemeral-Static Diffie-Hellman) ==================================== */
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
-			SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
-			SECItem *pubKey)
-{
-#if 0 /* not yet done */
-    SECOidTag certalgtag;	/* the certificate's encryption algorithm */
-    SECOidTag encalgtag;	/* the algorithm used for key exchange/agreement */
-    SECStatus rv;
-    SECItem *params = NULL;
-    int data_len;
-    SECStatus err;
-    PK11SymKey *tek;
-    CERTCertificate *ourCert;
-    SECKEYPublicKey *ourPubKey;
-    NSSCMSKEATemplateSelector whichKEA = NSSCMSKEAInvalid;
-
-    certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-    PORT_Assert(certalgtag == SEC_OID_X942_DIFFIE_HELMAN_KEY);
-
-    /* We really want to show our KEA tag as the key exchange algorithm tag. */
-    encalgtag = SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN;
-
-    /* Get the public key of the recipient. */
-    publickey = CERT_ExtractPublicKey(cert);
-    if (publickey == NULL) goto loser;
-
-    /* XXXX generate a DH key pair on a PKCS11 module (XXX which parameters?) */
-    /* XXXX */ourCert = PK11_FindBestKEAMatch(cert, wincx);
-    if (ourCert == NULL) goto loser;
-
-    arena = PORT_NewArena(1024);
-    if (arena == NULL) goto loser;
-
-    /* While we're here, extract the key pair's public key data and copy it into */
-    /* the outgoing parameters. */
-    /* XXXX */ourPubKey = CERT_ExtractPublicKey(ourCert);
-    if (ourPubKey == NULL)
-    {
-	goto loser;
-    }
-    SECITEM_CopyItem(arena, pubKey, /* XXX */&(ourPubKey->u.fortezza.KEAKey));
-    SECKEY_DestroyPublicKey(ourPubKey); /* we only need the private key from now on */
-    ourPubKey = NULL;
-
-    /* Extract our private key in order to derive the KEA key. */
-    ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
-    CERT_DestroyCertificate(ourCert); /* we're done with this */
-    if (!ourPrivKey) goto loser;
-
-    /* If ukm desired, prepare it - allocate enough space (filled with zeros). */
-    if (ukm) {
-	ukm->data = (unsigned char*)PORT_ArenaZAlloc(arena,/* XXXX */);
-	ukm->len = /* XXXX */;
-    }
-
-    /* Generate the KEK (key exchange key) according to RFC2631 which we use
-     * to wrap the bulk encryption key. */
-    kek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
-			 ukm, NULL,
-			 /* XXXX */CKM_KEA_KEY_DERIVE, /* XXXX */CKM_SKIPJACK_WRAP,
-			 CKA_WRAP, 0, wincx);
-
-    SECKEY_DestroyPublicKey(publickey);
-    SECKEY_DestroyPrivateKey(ourPrivKey);
-    publickey = NULL;
-    ourPrivKey = NULL;
-    
-    if (!kek)
-	goto loser;
-
-    /* allocate space for the encrypted CEK (bulk key) */
-    encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
-    encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
-    if (encKey->data == NULL)
-    {
-	PK11_FreeSymKey(kek);
-	goto loser;
-    }
-
-
-    /* Wrap the bulk key using CMSRC2WRAP or CMS3DESWRAP, depending on the */
-    /* bulk encryption algorithm */
-    switch (/* XXXX */PK11_AlgtagToMechanism(enccinfo->encalg))
-    {
-    case /* XXXX */CKM_SKIPJACK_CFB8:
-	err = PK11_WrapSymKey(/* XXXX */CKM_CMS3DES_WRAP, NULL, kek, bulkkey, encKey);
-	whichKEA = NSSCMSKEAUsesSkipjack;
-	break;
-    case /* XXXX */CKM_SKIPJACK_CFB8:
-	err = PK11_WrapSymKey(/* XXXX */CKM_CMSRC2_WRAP, NULL, kek, bulkkey, encKey);
-	whichKEA = NSSCMSKEAUsesSkipjack;
-	break;
-    default:
-	/* XXXX what do we do here? Neither RC2 nor 3DES... */
-        err = SECFailure;
-        /* set error */
-	break;
-    }
-
-    PK11_FreeSymKey(kek);	/* we do not need the KEK anymore */
-    if (err != SECSuccess)
-	goto loser;
-
-    PORT_Assert(whichKEA != NSSCMSKEAInvalid);
-
-    /* see RFC2630 12.3.1.1 "keyEncryptionAlgorithm must be ..." */
-    /* params is the DER encoded key wrap algorithm (with parameters!) (XXX) */
-    params = SEC_ASN1EncodeItem(arena, NULL, &keaParams, sec_pkcs7_get_kea_template(whichKEA));
-    if (params == NULL)
-	goto loser;
-
-    /* now set keyEncAlg */
-    rv = SECOID_SetAlgorithmID(poolp, keyEncAlg, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN, params);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /* XXXXXXX this is not right yet */
-loser:
-    if (arena) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    if (publickey) {
-        SECKEY_DestroyPublicKey(publickey);
-    }
-    if (ourPrivKey) {
-        SECKEY_DestroyPrivateKey(ourPrivKey);
-    }
-#endif
-    return SECFailure;
-}
-
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
-{
-#if 0 /* not yet done */
-    SECStatus err;
-    CK_MECHANISM_TYPE bulkType;
-    PK11SymKey *tek;
-    SECKEYPublicKey *originatorPubKey;
-    NSSCMSSMIMEKEAParameters keaParams;
-
-   /* XXXX get originator's public key */
-   originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
-			   keaParams.originatorKEAKey.len);
-   if (originatorPubKey == NULL)
-      goto loser;
-    
-   /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
-      The Derive function generates a shared secret and combines it with the originatorRA
-      data to come up with an unique session key */
-   tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
-			 &keaParams.originatorRA, NULL,
-			 CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
-			 CKA_WRAP, 0, pwfn_arg);
-   SECKEY_DestroyPublicKey(originatorPubKey);	/* not needed anymore */
-   if (tek == NULL)
-	goto loser;
-    
-    /* Now that we have the TEK, unwrap the bulk key
-       with which to decrypt the message. */
-    /* Skipjack is being used as the bulk encryption algorithm.*/
-    /* Unwrap the bulk key. */
-    bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
-				encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-
-    return bulkkey;
-
-loser:
-#endif
-    return NULL;
-}
-
diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c
deleted file mode 100644
index dfe05a07a..000000000
--- a/security/nss/lib/smime/cmsrecinfo.c
+++ /dev/null
@@ -1,428 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS recipientInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSRecipientInfo_Create - create a recipientinfo
- *
- * we currently do not create KeyAgreement recipientinfos with multiple recipientEncryptedKeys
- * the certificate is supposed to have been verified by the caller
- */
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert)
-{
-    NSSCMSRecipientInfo *ri;
-    void *mark;
-    SECOidTag certalgtag;
-    SECStatus rv = SECSuccess;
-    NSSCMSRecipientEncryptedKey *rek;
-    NSSCMSOriginatorIdentifierOrKey *oiok;
-    unsigned long version;
-    SECItem *dummy;
-    PLArenaPool *poolp;
-
-    poolp = cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    ri = (NSSCMSRecipientInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientInfo));
-    if (ri == NULL)
-	goto loser;
-
-    ri->cmsg = cmsg;
-    ri->cert = CERT_DupCertificate(cert);
-    if (ri->cert == NULL)
-	goto loser;
-
-    certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
-    switch (certalgtag) {
-    case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
-	/* hardcoded issuerSN choice for now */
-	ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType = NSSCMSRecipientID_IssuerSN;
-	ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
-	if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	break;
-    case SEC_OID_MISSI_KEA_DSS_OLD:
-    case SEC_OID_MISSI_KEA_DSS:
-    case SEC_OID_MISSI_KEA:
-	/* backward compatibility - this is not really a keytrans operation */
-	ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
-	/* hardcoded issuerSN choice for now */
-	ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType = NSSCMSRecipientID_IssuerSN;
-	ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
-	if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	break;
-    case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
-	/* a key agreement op */
-	ri->recipientInfoType = NSSCMSRecipientInfoID_KeyAgree;
-
-	if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-	/* we do not support the case where multiple recipients 
-	 * share the same KeyAgreeRecipientInfo and have multiple RecipientEncryptedKeys
-	 * in this case, we would need to walk all the recipientInfos, take the
-	 * ones that do KeyAgreement algorithms and join them, algorithm by algorithm
-	 * Then, we'd generate ONE ukm and OriginatorIdentifierOrKey */
-
-	/* only epheremal-static Diffie-Hellman is supported for now
-	 * this is the only form of key agreement that provides potential anonymity
-	 * of the sender, plus we do not have to include certs in the message */
-
-	/* force single recipientEncryptedKey for now */
-	if ((rek = NSS_CMSRecipientEncryptedKey_Create(poolp)) == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-
-	/* hardcoded IssuerSN choice for now */
-	rek->recipientIdentifier.identifierType = NSSCMSKeyAgreeRecipientID_IssuerSN;
-	if ((rek->recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-
-	oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
-
-	/* see RFC2630 12.3.1.1 */
-	oiok->identifierType = NSSCMSOriginatorIDOrKey_OriginatorPublicKey;
-
-	rv = NSS_CMSArray_Add(poolp, (void ***)&ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys,
-				    (void *)rek);
-
-	break;
-    default:
-	/* other algorithms not supported yet */
-	/* NOTE that we do not support any KEK algorithm */
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	rv = SECFailure;
-	break;
-    }
-
-    if (rv == SECFailure)
-	goto loser;
-
-    /* set version */
-    switch (ri->recipientInfoType) {
-    case NSSCMSRecipientInfoID_KeyTrans:
-	if (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType == NSSCMSRecipientID_IssuerSN)
-	    version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN;
-	else
-	    version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY;
-	dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyTransRecipientInfo.version), version);
-	if (dummy == NULL)
-	    goto loser;
-	break;
-    case NSSCMSRecipientInfoID_KeyAgree:
-	dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyAgreeRecipientInfo.version),
-						NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION);
-	if (dummy == NULL)
-	    goto loser;
-	break;
-    case NSSCMSRecipientInfoID_KEK:
-	/* NOTE: this cannot happen as long as we do not support any KEK algorithm */
-	dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.kekRecipientInfo.version),
-						NSS_CMS_KEK_RECIPIENT_INFO_VERSION);
-	if (dummy == NULL)
-	    goto loser;
-	break;
-    
-    }
-
-    PORT_ArenaUnmark (poolp, mark);
-    return ri;
-
-loser:
-    PORT_ArenaRelease (poolp, mark);
-    return NULL;
-}
-
-void
-NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri)
-{
-    /* version was allocated on the pool, so no need to destroy it */
-    /* issuerAndSN was allocated on the pool, so no need to destroy it */
-    if (ri->cert != NULL)
-	CERT_DestroyCertificate(ri->cert);
-    /* recipientInfo structure itself was allocated on the pool, so no need to destroy it */
-    /* we're done. */
-}
-
-int
-NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri)
-{
-    unsigned long version;
-    SECItem *versionitem = NULL;
-
-    switch (ri->recipientInfoType) {
-    case NSSCMSRecipientInfoID_KeyTrans:
-	/* ignore subIndex */
-	versionitem = &(ri->ri.keyTransRecipientInfo.version);
-	break;
-    case NSSCMSRecipientInfoID_KEK:
-	/* ignore subIndex */
-	versionitem = &(ri->ri.kekRecipientInfo.version);
-	break;
-    case NSSCMSRecipientInfoID_KeyAgree:
-	versionitem = &(ri->ri.keyAgreeRecipientInfo.version);
-	break;
-    }
-
-    PORT_Assert(versionitem);
-    if (versionitem == NULL) 
-	return 0;
-
-    /* always take apart the SECItem */
-    if (SEC_ASN1DecodeInteger(versionitem, &version) != SECSuccess)
-	return 0;
-    else
-	return (int)version;
-}
-
-SECItem *
-NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex)
-{
-    SECItem *enckey = NULL;
-
-    switch (ri->recipientInfoType) {
-    case NSSCMSRecipientInfoID_KeyTrans:
-	/* ignore subIndex */
-	enckey = &(ri->ri.keyTransRecipientInfo.encKey);
-	break;
-    case NSSCMSRecipientInfoID_KEK:
-	/* ignore subIndex */
-	enckey = &(ri->ri.kekRecipientInfo.encKey);
-	break;
-    case NSSCMSRecipientInfoID_KeyAgree:
-	enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
-	break;
-    }
-    return enckey;
-}
-
-
-SECOidTag
-NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri)
-{
-    SECOidTag encalgtag = SEC_OID_SHA1; /* set to not a valid encryption alg */
-
-    switch (ri->recipientInfoType) {
-    case NSSCMSRecipientInfoID_KeyTrans:
-	encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
-	break;
-    case NSSCMSRecipientInfoID_KeyAgree:
-	encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
-	break;
-    case NSSCMSRecipientInfoID_KEK:
-	encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
-	break;
-    }
-    return encalgtag;
-}
-
-SECStatus
-NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, SECOidTag bulkalgtag)
-{
-    CERTCertificate *cert;
-    SECOidTag certalgtag;
-    SECStatus rv = SECSuccess;
-    SECItem *params = NULL;
-    NSSCMSRecipientEncryptedKey *rek;
-    NSSCMSOriginatorIdentifierOrKey *oiok;
-    PLArenaPool *poolp;
-
-    poolp = ri->cmsg->poolp;
-    cert = ri->cert;
-    PORT_Assert (cert != NULL);
-    if (cert == NULL)
-	return SECFailure;
-
-    /* XXX set ri->recipientInfoType to the proper value here */
-    /* or should we look if it's been set already ? */
-
-    certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-    switch (certalgtag) {
-    case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	/* wrap the symkey */
-	if (NSS_CMSUtil_EncryptSymKey_RSA(poolp, cert, bulkkey, &ri->ri.keyTransRecipientInfo.encKey) != SECSuccess) {
-	    rv = SECFailure;
-	    break;
-	}
-
-	rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, NULL);
-	break;
-    case SEC_OID_MISSI_KEA_DSS_OLD:
-    case SEC_OID_MISSI_KEA_DSS:
-    case SEC_OID_MISSI_KEA:
-	rv = NSS_CMSUtil_EncryptSymKey_MISSI(poolp, cert, bulkkey,
-					bulkalgtag,
-					&ri->ri.keyTransRecipientInfo.encKey,
-					&params, ri->cmsg->pwfn_arg);
-	if (rv != SECSuccess)
-	    break;
-
-	/* here, we DO need to pass the params to the wrap function because, with
-	 * RSA, there is no funny stuff going on with generation of IV vectors or so */
-	rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, params);
-	break;
-    case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
-	rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[0];
-	if (rek == NULL) {
-	    rv = SECFailure;
-	    break;
-	}
-
-	oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
-	PORT_Assert(oiok->identifierType == NSSCMSOriginatorIDOrKey_OriginatorPublicKey);
-
-	/* see RFC2630 12.3.1.1 */
-	if (SECOID_SetAlgorithmID(poolp, &oiok->id.originatorPublicKey.algorithmIdentifier,
-				    SEC_OID_X942_DIFFIE_HELMAN_KEY, NULL) != SECSuccess) {
-	    rv = SECFailure;
-	    break;
-	}
-
-	/* this will generate a key pair, compute the shared secret, */
-	/* derive a key and ukm for the keyEncAlg out of it, encrypt the bulk key with */
-	/* the keyEncAlg, set encKey, keyEncAlg, publicKey etc. */
-	rv = NSS_CMSUtil_EncryptSymKey_ESDH(poolp, cert, bulkkey,
-					&rek->encKey,
-					&ri->ri.keyAgreeRecipientInfo.ukm,
-					&ri->ri.keyAgreeRecipientInfo.keyEncAlg,
-					&oiok->id.originatorPublicKey.publicKey);
-
-	break;
-    default:
-	/* other algorithms not supported yet */
-	/* NOTE that we do not support any KEK algorithm */
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	rv = SECFailure;
-	break;
-    }
-    return rv;
-}
-
-PK11SymKey *
-NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex, 
-	CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag)
-{
-    PK11SymKey *bulkkey = NULL;
-    SECAlgorithmID *encalg;
-    SECOidTag encalgtag;
-    SECItem *enckey;
-    int error;
-
-    ri->cert = CERT_DupCertificate(cert);
-        	/* mark the recipientInfo so we can find it later */
-
-    switch (ri->recipientInfoType) {
-    case NSSCMSRecipientInfoID_KeyTrans:
-	encalg = &(ri->ri.keyTransRecipientInfo.keyEncAlg);
-	encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
-	enckey = &(ri->ri.keyTransRecipientInfo.encKey); /* ignore subIndex */
-	switch (encalgtag) {
-	case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	    /* RSA encryption algorithm: */
-	    /* get the symmetric (bulk) key by unwrapping it using our private key */
-	    bulkkey = NSS_CMSUtil_DecryptSymKey_RSA(privkey, enckey, bulkalgtag);
-	    break;
-	case SEC_OID_NETSCAPE_SMIME_KEA:
-	    /* FORTEZZA key exchange algorithm */
-	    /* the supplemental data is in the parameters of encalg */
-	    bulkkey = NSS_CMSUtil_DecryptSymKey_MISSI(privkey, enckey, encalg, bulkalgtag, ri->cmsg->pwfn_arg);
-	    break;
-	default:
-	    error = SEC_ERROR_UNSUPPORTED_KEYALG;
-	    goto loser;
-	}
-	break;
-    case NSSCMSRecipientInfoID_KeyAgree:
-	encalg = &(ri->ri.keyAgreeRecipientInfo.keyEncAlg);
-	encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
-	enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
-	switch (encalgtag) {
-	case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-	    /* Diffie-Helman key exchange */
-	    /* XXX not yet implemented */
-	    /* XXX problem: SEC_OID_X942_DIFFIE_HELMAN_KEY points to a PKCS3 mechanism! */
-	    /* we support ephemeral-static DH only, so if the recipientinfo */
-	    /* has originator stuff in it, we punt (or do we? shouldn't be that hard...) */
-	    /* first, we derive the KEK (a symkey!) using a Derive operation, then we get the */
-	    /* content encryption key using a Unwrap op */
-	    /* the derive operation has to generate the key using the algorithm in RFC2631 */
-	    error = SEC_ERROR_UNSUPPORTED_KEYALG;
-	    break;
-	default:
-	    error = SEC_ERROR_UNSUPPORTED_KEYALG;
-	    goto loser;
-	}
-	break;
-    case NSSCMSRecipientInfoID_KEK:
-	encalg = &(ri->ri.kekRecipientInfo.keyEncAlg);
-	encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
-	enckey = &(ri->ri.kekRecipientInfo.encKey);
-	/* not supported yet */
-	error = SEC_ERROR_UNSUPPORTED_KEYALG;
-	goto loser;
-	break;
-    }
-    /* XXXX continue here */
-    return bulkkey;
-
-loser:
-    return NULL;
-}
diff --git a/security/nss/lib/smime/cmsreclist.c b/security/nss/lib/smime/cmsreclist.c
deleted file mode 100644
index b6fc62ee4..000000000
--- a/security/nss/lib/smime/cmsreclist.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS recipient list functions
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-static int
-nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos, NSSCMSRecipient **recipient_list)
-{
-    int count = 0;
-    int rlindex = 0;
-    int i, j;
-    NSSCMSRecipient *rle;
-    NSSCMSRecipientInfo *ri;
-    NSSCMSRecipientEncryptedKey *rek;
-
-    for (i = 0; recipientinfos[i] != NULL; i++) {
-	ri = recipientinfos[i];
-	switch (ri->recipientInfoType) {
-	case NSSCMSRecipientInfoID_KeyTrans:
-	    if (recipient_list) {
-		/* alloc one & fill it out */
-		rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
-		if (rle == NULL)
-		    return -1;
-		
-		rle->riIndex = i;
-		rle->subIndex = -1;
-		switch (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType) {
-		case NSSCMSRecipientID_IssuerSN:
-		    rle->kind = RLIssuerSN;
-		    rle->id.issuerAndSN = ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN;
-		    break;
-		case NSSCMSRecipientID_SubjectKeyID:
-		    rle->kind = RLSubjKeyID;
-		    rle->id.subjectKeyID = ri->ri.keyTransRecipientInfo.recipientIdentifier.id.subjectKeyID;
-		    break;
-		}
-		recipient_list[rlindex++] = rle;
-	    } else {
-		count++;
-	    }
-	    break;
-	case NSSCMSRecipientInfoID_KeyAgree:
-	    if (ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys == NULL)
-		break;
-	    for (j=0; ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j] != NULL; j++) {
-		if (recipient_list) {
-		    rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j];
-		    /* alloc one & fill it out */
-		    rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
-		    if (rle == NULL)
-			return -1;
-		    
-		    rle->riIndex = i;
-		    rle->subIndex = j;
-		    switch (rek->recipientIdentifier.identifierType) {
-		    case NSSCMSKeyAgreeRecipientID_IssuerSN:
-			rle->kind = RLIssuerSN;
-			rle->id.issuerAndSN = rek->recipientIdentifier.id.issuerAndSN;
-			break;
-		    case NSSCMSKeyAgreeRecipientID_RKeyID:
-			rle->kind = RLSubjKeyID;
-			rle->id.subjectKeyID = rek->recipientIdentifier.id.recipientKeyIdentifier.subjectKeyIdentifier;
-			break;
-		    }
-		    recipient_list[rlindex++] = rle;
-		} else {
-		    count++;
-		}
-	    }
-	    break;
-	case NSSCMSRecipientInfoID_KEK:
-	    /* KEK is not implemented */
-	    break;
-	}
-    }
-    /* if we have a recipient list, we return on success (-1, above, on failure) */
-    /* otherwise, we return the count. */
-    if (recipient_list) {
-	recipient_list[rlindex] = NULL;
-	return 0;
-    } else {
-	return count;
-    }
-}
-
-NSSCMSRecipient **
-nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos)
-{
-    int count, rv;
-    NSSCMSRecipient **recipient_list;
-
-    /* count the number of recipient identifiers */
-    count = nss_cms_recipients_traverse(recipientinfos, NULL);
-    if (count <= 0) {
-	/* no recipients? */
-	PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
-	PORT_SetErrorString("Cannot find recipient data in envelope.");
-#endif
-	return NULL;
-    }
-
-    /* allocate an array of pointers */
-    recipient_list = (NSSCMSRecipient **)
-		    PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *));
-    if (recipient_list == NULL)
-	return NULL;
-
-    /* now fill in the recipient_list */
-    rv = nss_cms_recipients_traverse(recipientinfos, recipient_list);
-    if (rv < 0) {
-	nss_cms_recipient_list_destroy(recipient_list);
-	return NULL;
-    }
-    return recipient_list;
-}
-
-void
-nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list)
-{
-    int i;
-    NSSCMSRecipient *recipient;
-
-    for (i=0; recipient_list[i] != NULL; i++) {
-	recipient = recipient_list[i];
-	if (recipient->cert)
-	    CERT_DestroyCertificate(recipient->cert);
-	if (recipient->privkey)
-	    SECKEY_DestroyPrivateKey(recipient->privkey);
-	if (recipient->slot)
-	    PK11_FreeSlot(recipient->slot);
-	PORT_Free(recipient);
-    }
-    PORT_Free(recipient_list);
-}
-
-NSSCMSRecipientEncryptedKey *
-NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp)
-{
-    return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientEncryptedKey));
-}
diff --git a/security/nss/lib/smime/cmsreclist.h b/security/nss/lib/smime/cmsreclist.h
deleted file mode 100644
index 19b13e115..000000000
--- a/security/nss/lib/smime/cmsreclist.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * $Id$
- */
-
-#ifndef _CMSRECLIST_H
-#define _CMSRECLIST_H
-
-struct NSSCMSRecipientStr {
-    int				riIndex;	/* this recipient's index in recipientInfo array */
-    int				subIndex;	/* index into recipientEncryptedKeys */
-						/* (only in NSSCMSKeyAgreeRecipientInfoStr) */
-    enum {RLIssuerSN=0, RLSubjKeyID=1} kind;	/* for conversion recipientinfos -> recipientlist */
-    union {
-	CERTIssuerAndSN *	issuerAndSN;
-	SECItem *		subjectKeyID;
-    } id;
-
-    /* result data (filled out for each recipient that's us) */
-    CERTCertificate *		cert;
-    SECKEYPrivateKey *		privkey;
-    PK11SlotInfo *		slot;
-};
-
-typedef struct NSSCMSRecipientStr NSSCMSRecipient;
-
-#endif /* _CMSRECLIST_H */
diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c
deleted file mode 100644
index 03a37cda1..000000000
--- a/security/nss/lib/smime/cmssigdata.c
+++ /dev/null
@@ -1,903 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS signedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-/*#include "cdbhdl.h"*/
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-NSSCMSSignedData *
-NSS_CMSSignedData_Create(NSSCMSMessage *cmsg)
-{
-    void *mark;
-    NSSCMSSignedData *sigd;
-    PLArenaPool *poolp;
-
-    poolp = cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    sigd = (NSSCMSSignedData *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSSignedData));
-    if (sigd == NULL)
-	goto loser;
-
-    sigd->cmsg = cmsg;
-
-    /* signerInfos, certs, certlists, crls are all empty */
-    /* version is set in NSS_CMSSignedData_Finalize() */
-
-    PORT_ArenaUnmark(poolp, mark);
-    return sigd;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-void
-NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd)
-{
-    CERTCertificate **certs, *cert;
-    CERTCertificateList **certlists, *certlist;
-    NSSCMSSignerInfo **signerinfos, *si;
-
-    if (sigd == NULL)
-	return;
-
-    certs = sigd->certs;
-    certlists = sigd->certLists;
-    signerinfos = sigd->signerInfos;
-
-    if (certs != NULL) {
-	while ((cert = *certs++) != NULL)
-	    CERT_DestroyCertificate (cert);
-    }
-
-    if (certlists != NULL) {
-	while ((certlist = *certlists++) != NULL)
-	    CERT_DestroyCertificateList (certlist);
-    }
-
-    if (signerinfos != NULL) {
-	while ((si = *signerinfos++) != NULL)
-	    NSS_CMSSignerInfo_Destroy(si);
-    }
-
-    /* everything's in a pool, so don't worry about the storage */
-   NSS_CMSContentInfo_Destroy(&(sigd->contentInfo));
-
-}
-
-/*
- * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
- *     before start of encoding.
- *
- * In detail:
- *  - find out about the right value to put into sigd->version
- *  - come up with a list of digestAlgorithms (which should be the union of the algorithms
- *         in the signerinfos).
- *         If we happen to have a pre-set list of algorithms (and digest values!), we
- *         check if we have all the signerinfos' algorithms. If not, this is an error.
- */
-SECStatus
-NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd)
-{
-    NSSCMSSignerInfo *signerinfo;
-    SECOidTag digestalgtag;
-    SECItem *dummy;
-    int version;
-    SECStatus rv;
-    PRBool haveDigests = PR_FALSE;
-    int n, i;
-    PLArenaPool *poolp;
-
-    poolp = sigd->cmsg->poolp;
-
-    /* we assume that we have precomputed digests if there is a list of algorithms, and */
-    /* a chunk of data for each of those algorithms */
-    if (sigd->digestAlgorithms != NULL && sigd->digests != NULL) {
-	for (i=0; sigd->digestAlgorithms[i] != NULL; i++) {
-	    if (sigd->digests[i] == NULL)
-		break;
-	}
-	if (sigd->digestAlgorithms[i] == NULL)	/* reached the end of the array? */
-	    haveDigests = PR_TRUE;		/* yes: we must have all the digests */
-    }
-	    
-    version = NSS_CMS_SIGNED_DATA_VERSION_BASIC;
-
-    /* RFC2630 5.1 "version is the syntax version number..." */
-    if (NSS_CMSContentInfo_GetContentTypeTag(&(sigd->contentInfo)) != SEC_OID_PKCS7_DATA)
-	version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
-
-    /* prepare all the SignerInfos (there may be none) */
-    for (i=0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
-	signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
-
-	/* RFC2630 5.1 "version is the syntax version number..." */
-	if (NSS_CMSSignerInfo_GetVersion(signerinfo) != NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN)
-	    version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
-	
-	/* collect digestAlgorithms from SignerInfos */
-	/* (we need to know which algorithms we have when the content comes in) */
-	/* do not overwrite any existing digestAlgorithms (and digest) */
-	digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
-	n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-	if (n < 0 && haveDigests) {
-	    /* oops, there is a digestalg we do not have a digest for */
-	    /* but we were supposed to have all the digests already... */
-	    goto loser;
-	} else if (n < 0) {
-	    /* add the digestAlgorithm & a NULL digest */
-	    rv = NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, NULL);
-	    if (rv != SECSuccess)
-		goto loser;
-	} else {
-	    /* found it, nothing to do */
-	}
-    }
-
-    dummy = SEC_ASN1EncodeInteger(poolp, &(sigd->version), (long)version);
-    if (dummy == NULL)
-	return SECFailure;
-
-    /* this is a SET OF, so we need to sort them guys */
-    rv = NSS_CMSArray_SortByDER((void **)sigd->digestAlgorithms, 
-                                SEC_ASN1_GET(SECOID_AlgorithmIDTemplate),
-				(void **)sigd->digests);
-    if (rv != SECSuccess)
-	return SECFailure;
-    
-    return SECSuccess;
-
-loser:
-    return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd)
-{
-    /* set up the digests */
-    if (sigd->digestAlgorithms != NULL) {
-	sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
-	if (sigd->contentInfo.digcx == NULL)
-	    return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
- *     after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- *  - create the signatures in all the SignerInfos
- *
- * Please note that nothing is done to the Certificates and CRLs in the message - this
- * is entirely the responsibility of our callers.
- */
-SECStatus
-NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd)
-{
-    NSSCMSSignerInfo **signerinfos, *signerinfo;
-    NSSCMSContentInfo *cinfo;
-    SECOidTag digestalgtag;
-    SECStatus ret = SECFailure;
-    SECStatus rv;
-    SECItem *contentType;
-    int certcount;
-    int i, ci, cli, n, rci, si;
-    PLArenaPool *poolp;
-    CERTCertificateList *certlist;
-    extern const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
-
-    poolp = sigd->cmsg->poolp;
-    cinfo = &(sigd->contentInfo);
-
-    /* did we have digest calculation going on? */
-    if (cinfo->digcx) {
-	rv = NSS_CMSDigestContext_FinishMultiple(cinfo->digcx, poolp, &(sigd->digests));
-	if (rv != SECSuccess)
-	    goto loser;		/* error has been set by NSS_CMSDigestContext_FinishMultiple */
-	cinfo->digcx = NULL;
-    }
-
-    signerinfos = sigd->signerInfos;
-    certcount = 0;
-
-    /* prepare all the SignerInfos (there may be none) */
-    for (i=0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
-	signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
-
-	/* find correct digest for this signerinfo */
-	digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
-	n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-	if (n < 0 || sigd->digests == NULL || sigd->digests[n] == NULL) {
-	    /* oops - digest not found */
-	    PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
-	    goto loser;
-	}
-
-	/* XXX if our content is anything else but data, we need to force the
-	 * presence of signed attributes (RFC2630 5.3 "signedAttributes is a
-	 * collection...") */
-
-	/* pass contentType here as we want a contentType attribute */
-	if ((contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo)) == NULL)
-	    goto loser;
-
-	/* sign the thing */
-	rv = NSS_CMSSignerInfo_Sign(signerinfo, sigd->digests[n], contentType);
-	if (rv != SECSuccess)
-	    goto loser;
-
-	/* while we're at it, count number of certs in certLists */
-	certlist = NSS_CMSSignerInfo_GetCertList(signerinfo);
-	if (certlist)
-	    certcount += certlist->len;
-    }
-
-    /* this is a SET OF, so we need to sort them guys */
-    rv = NSS_CMSArray_SortByDER((void **)signerinfos, NSSCMSSignerInfoTemplate, NULL);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * now prepare certs & crls
-     */
-
-    /* count the rest of the certs */
-    if (sigd->certs != NULL) {
-	for (ci = 0; sigd->certs[ci] != NULL; ci++)
-	    certcount++;
-    }
-
-    if (sigd->certLists != NULL) {
-	for (cli = 0; sigd->certLists[cli] != NULL; cli++)
-	    certcount += sigd->certLists[cli]->len;
-    }
-
-    if (certcount == 0) {
-	sigd->rawCerts = NULL;
-    } else {
-	/*
-	 * Combine all of the certs and cert chains into rawcerts.
-	 * Note: certcount is an upper bound; we may not need that many slots
-	 * but we will allocate anyway to avoid having to do another pass.
-	 * (The temporary space saving is not worth it.)
-	 *
-	 * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
-	 *  SetOfDERcertficates implementation
-	 */
-	sigd->rawCerts = (SECItem **)PORT_ArenaAlloc(poolp, (certcount + 1) * sizeof(SECItem *));
-	if (sigd->rawCerts == NULL)
-	    return SECFailure;
-
-	/*
-	 * XXX Want to check for duplicates and not add *any* cert that is
-	 * already in the set.  This will be more important when we start
-	 * dealing with larger sets of certs, dual-key certs (signing and
-	 * encryption), etc.  For the time being we can slide by...
-	 *
-	 * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
-	 *  SetOfDERcertficates implementation
-	 */
-	rci = 0;
-	if (signerinfos != NULL) {
-	    for (si = 0; signerinfos[si] != NULL; si++) {
-		signerinfo = signerinfos[si];
-		for (ci = 0; ci < signerinfo->certList->len; ci++)
-		    sigd->rawCerts[rci++] = &(signerinfo->certList->certs[ci]);
-	    }
-	}
-
-	if (sigd->certs != NULL) {
-	    for (ci = 0; sigd->certs[ci] != NULL; ci++)
-		sigd->rawCerts[rci++] = &(sigd->certs[ci]->derCert);
-	}
-
-	if (sigd->certLists != NULL) {
-	    for (cli = 0; sigd->certLists[cli] != NULL; cli++) {
-		for (ci = 0; ci < sigd->certLists[cli]->len; ci++)
-		    sigd->rawCerts[rci++] = &(sigd->certLists[cli]->certs[ci]);
-	    }
-	}
-
-	sigd->rawCerts[rci] = NULL;
-
-	/* this is a SET OF, so we need to sort them guys - we have the DER already, though */
-	NSS_CMSArray_Sort((void **)sigd->rawCerts, NSS_CMSUtil_DERCompare, NULL, NULL);
-    }
-
-    ret = SECSuccess;
-
-loser:
-    return ret;
-}
-
-SECStatus
-NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
-{
-    /* set up the digests */
-    if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
-	/* if digests are already there, do nothing */
-	sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
-	if (sigd->contentInfo.digcx == NULL)
-	    return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
- *     after all the encapsulated data was passed through the decoder.
- */
-SECStatus
-NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd)
-{
-    /* did we have digest calculation going on? */
-    if (sigd->contentInfo.digcx) {
-	if (NSS_CMSDigestContext_FinishMultiple(sigd->contentInfo.digcx, sigd->cmsg->poolp, &(sigd->digests)) != SECSuccess)
-	    return SECFailure;	/* error has been set by NSS_CMSDigestContext_FinishMultiple */
-	sigd->contentInfo.digcx = NULL;
-    }
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
- *     after all decoding is finished.
- */
-SECStatus
-NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd)
-{
-    NSSCMSSignerInfo **signerinfos;
-    int i;
-
-    /* set cmsg for all the signerinfos */
-    signerinfos = sigd->signerInfos;
-
-    /* set cmsg for all the signerinfos */
-    if (signerinfos) {
-	for (i = 0; signerinfos[i] != NULL; i++)
-	    signerinfos[i]->cmsg = sigd->cmsg;
-    }
-
-    return SECSuccess;
-}
-
-/* 
- * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
- */
-NSSCMSSignerInfo **
-NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd)
-{
-    return sigd->signerInfos;
-}
-
-int
-NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd)
-{
-    return NSS_CMSArray_Count((void **)sigd->signerInfos);
-}
-
-NSSCMSSignerInfo *
-NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
-{
-    return sigd->signerInfos[i];
-}
-
-/* 
- * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
- */
-SECAlgorithmID **
-NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd)
-{
-    return sigd->digestAlgorithms;
-}
-
-/*
- * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
- */
-NSSCMSContentInfo *
-NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd)
-{
-    return &(sigd->contentInfo);
-}
-
-/* 
- * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
- */
-SECItem **
-NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd)
-{
-    return sigd->rawCerts;
-}
-
-SECStatus
-NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
-				SECCertUsage certusage, PRBool keepcerts)
-{
-    int certcount;
-    SECStatus rv;
-    int i;
-
-    certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
-
-    rv = CERT_ImportCerts(certdb, certusage, certcount, sigd->rawCerts, NULL,
-			  keepcerts, PR_FALSE, NULL);
-
-    /* XXX CRL handling */
-
-    if (sigd->signerInfos != NULL) {
-	/* fill in all signerinfo's certs */
-	for (i = 0; sigd->signerInfos[i] != NULL; i++)
-	    (void)NSS_CMSSignerInfo_GetSigningCertificate(sigd->signerInfos[i], certdb);
-    }
-
-    return rv;
-}
-
-/*
- * XXX the digests need to be passed in BETWEEN the decoding and the verification in case
- *     of external signatures!
- */
-
-/*
- * NSS_CMSSignedData_VerifySignerInfo - check the signatures.
- *
- * The digests were either calculated during decoding (and are stored in the
- * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
- *
- * The verification checks if the signing cert is valid and has a trusted chain
- * for the purpose specified by "certusage".
- */
-SECStatus
-NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i, 
-			    CERTCertDBHandle *certdb, SECCertUsage certusage)
-{
-    NSSCMSSignerInfo *signerinfo;
-    NSSCMSContentInfo *cinfo;
-    SECOidData *algiddata;
-    SECItem *contentType, *digest;
-
-    cinfo = &(sigd->contentInfo);
-
-    signerinfo = sigd->signerInfos[i];
-
-    /* verify certificate */
-    if (NSS_CMSSignerInfo_VerifyCertificate(signerinfo, certdb, certusage) != SECSuccess)
-	return SECFailure;		/* error is set by NSS_CMSSignerInfo_VerifyCertificate */
-
-    /* find digest and contentType for signerinfo */
-    algiddata = NSS_CMSSignerInfo_GetDigestAlg(signerinfo);
-    digest = NSS_CMSSignedData_GetDigestByAlgTag(sigd, algiddata->offset);
-    contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo);
-
-    /* now verify signature */
-    return NSS_CMSSignerInfo_Verify(signerinfo, digest, contentType);
-}
-
-/*
- * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
- */
-SECStatus
-NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd, 
-                                  CERTCertDBHandle *certdb, 
-                                  SECCertUsage usage)
-{
-    CERTCertificate *cert;
-    SECStatus rv = SECSuccess;
-    int i;
-    int count;
-
-    if (!sigd || !certdb || !sigd->rawCerts) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    count = NSS_CMSArray_Count((void**)sigd->rawCerts);
-    for (i=0; i < count; i++) {
-	if (sigd->certs && sigd->certs[i]) {
-	    cert = CERT_DupCertificate(sigd->certs[i]);
-	} else {
-	    cert = CERT_FindCertByDERCert(certdb, sigd->rawCerts[i]);
-	    if (!cert) {
-		rv = SECFailure;
-		break;
-	    }
-	}
-	rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, PR_Now(), 
-                              NULL, NULL);
-	CERT_DestroyCertificate(cert);
-    }
-
-    return rv;
-}
-
-/*
- * NSS_CMSSignedData_HasDigests - see if we have digests in place
- */
-PRBool
-NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd)
-{
-    return (sigd->digests != NULL);
-}
-
-SECStatus
-NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist)
-{
-    SECStatus rv;
-
-    PORT_Assert(certlist != NULL);
-
-    if (certlist == NULL)
-	return SECFailure;
-
-    /* XXX memory?? a certlist has an arena of its own and is not refcounted!?!? */
-    rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certLists), (void *)certlist);
-
-    return rv;
-}
-
-/*
- * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs 
- */
-SECStatus
-NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert)
-{
-    CERTCertificateList *certlist;
-    SECCertUsage usage;
-    SECStatus rv;
-
-    usage = certUsageEmailSigner;
-
-    /* do not include root */
-    certlist = CERT_CertChainFromCert(cert, usage, PR_FALSE);
-    if (certlist == NULL)
-	return SECFailure;
-
-    rv = NSS_CMSSignedData_AddCertList(sigd, certlist);
-
-    return rv;
-}
-
-SECStatus
-NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
-{
-    CERTCertificate *c;
-    SECStatus rv;
-
-    PORT_Assert(cert != NULL);
-
-    if (cert == NULL)
-	return SECFailure;
-
-    c = CERT_DupCertificate(cert);
-    rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certs), (void *)c);
-    return rv;
-}
-
-PRBool
-NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd)
-{
-    if (sigd->rawCerts != NULL && sigd->rawCerts[0] != NULL)
-	return PR_TRUE;
-    else if (sigd->crls != NULL && sigd->crls[0] != NULL)
-	return PR_TRUE;
-    else
-	return PR_FALSE;
-}
-
-SECStatus
-NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
-				NSSCMSSignerInfo *signerinfo)
-{
-    void *mark;
-    SECStatus rv;
-    SECOidTag digestalgtag;
-    PLArenaPool *poolp;
-
-    poolp = sigd->cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* add signerinfo */
-    rv = NSS_CMSArray_Add(poolp, (void ***)&(sigd->signerInfos), (void *)signerinfo);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * add empty digest
-     * Empty because we don't have it yet. Either it gets created during encoding
-     * (if the data is present) or has to be set externally.
-     * XXX maybe pass it in optionally?
-     */
-    digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
-    rv = NSS_CMSSignedData_SetDigestValue(sigd, digestalgtag, NULL);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * The last thing to get consistency would be adding the digest.
-     */
-
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease (poolp, mark);
-    return SECFailure;
-}
-
-SECItem *
-NSS_CMSSignedData_GetDigestByAlgTag(NSSCMSSignedData *sigd, SECOidTag algtag)
-{
-    int idx;
-
-    idx = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, algtag);
-    return sigd->digests[idx];
-}
-
-/*
- * NSS_CMSSignedData_SetDigests - set a signedData's digests member
- *
- * "digestalgs" - array of digest algorithm IDs
- * "digests"    - array of digests corresponding to the digest algorithms
- */
-SECStatus
-NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
-				SECAlgorithmID **digestalgs,
-				SECItem **digests)
-{
-    int cnt, i, idx;
-
-    if (sigd->digestAlgorithms == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    /* we assume that the digests array is just not there yet */
-    PORT_Assert(sigd->digests == NULL);
-    if (sigd->digests != NULL) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-
-    /* now allocate one (same size as digestAlgorithms) */
-    cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
-    sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
-    if (sigd->digests == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
-	/* try to find the sigd's i'th digest algorithm in the array we passed in */
-	idx = NSS_CMSAlgArray_GetIndexByAlgID(digestalgs, sigd->digestAlgorithms[i]);
-	if (idx < 0) {
-	    PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
-	    return SECFailure;
-	}
-
-	/* found it - now set it */
-	if ((sigd->digests[i] = SECITEM_AllocItem(sigd->cmsg->poolp, NULL, 0)) == NULL ||
-	    SECITEM_CopyItem(sigd->cmsg->poolp, sigd->digests[i], digests[idx]) != SECSuccess)
-	{
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus
-NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
-				SECOidTag digestalgtag,
-				SECItem *digestdata)
-{
-    SECItem *digest = NULL;
-    PLArenaPool *poolp;
-    void *mark;
-    int n, cnt;
-
-    poolp = sigd->cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-   
-    if (digestdata) {
-        digest = (SECItem *) PORT_ArenaZAlloc(poolp,sizeof(SECItem));
-
-	/* copy digestdata item to arena (in case we have it and are not only making room) */
-	if (SECITEM_CopyItem(poolp, digest, digestdata) != SECSuccess)
-	    goto loser;
-    }
-
-    /* now allocate one (same size as digestAlgorithms) */
-    if (sigd->digests == NULL) {
-        cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
-        sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
-        if (sigd->digests == NULL) {
-	        PORT_SetError(SEC_ERROR_NO_MEMORY);
-	        return SECFailure;
-        }
-    }
-
-    n = -1;
-    if (sigd->digestAlgorithms != NULL)
-	n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-
-    /* if not found, add a digest */
-    if (n < 0) {
-	if (NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, digest) != SECSuccess)
-	    goto loser;
-    } else {
-	/* replace NULL pointer with digest item (and leak previous value) */
-	sigd->digests[n] = digest;
-    }
-
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
-				NSSCMSSignedData *sigd,
-				SECOidTag digestalgtag,
-				SECItem *digest)
-{
-    SECAlgorithmID *digestalg;
-    void *mark;
-
-    mark = PORT_ArenaMark(poolp);
-
-    digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
-    if (digestalg == NULL)
-	goto loser;
-
-    if (SECOID_SetAlgorithmID (poolp, digestalg, digestalgtag, NULL) != SECSuccess) /* no params */
-	goto loser;
-
-    if (NSS_CMSArray_Add(poolp, (void ***)&(sigd->digestAlgorithms), (void *)digestalg) != SECSuccess ||
-	/* even if digest is NULL, add dummy to have same-size array */
-	NSS_CMSArray_Add(poolp, (void ***)&(sigd->digests), (void *)digest) != SECSuccess)
-    {
-	goto loser;
-    }
-
-    PORT_ArenaUnmark(poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return SECFailure;
-}
-
-SECItem *
-NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag)
-{
-    int n;
-
-    if (sigd->digestAlgorithms == NULL)
-	return NULL;
-
-    n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-
-    return (n < 0) ? NULL : sigd->digests[n];
-}
-
-/* =============================================================================
- * Misc. utility functions
- */
-
-/*
- * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
- *
- * cert          - base certificates that will be included
- * include_chain - if true, include the complete cert chain for cert
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- *
- * XXXX CRLs
- */
-NSSCMSSignedData *
-NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain)
-{
-    NSSCMSSignedData *sigd;
-    void *mark;
-    PLArenaPool *poolp;
-    SECStatus rv;
-
-    poolp = cmsg->poolp;
-    mark = PORT_ArenaMark(poolp);
-
-    sigd = NSS_CMSSignedData_Create(cmsg);
-    if (sigd == NULL)
-	goto loser;
-
-    /* no signerinfos, thus no digestAlgorithms */
-
-    /* but certs */
-    if (include_chain) {
-	rv = NSS_CMSSignedData_AddCertChain(sigd, cert);
-    } else {
-	rv = NSS_CMSSignedData_AddCertificate(sigd, cert);
-    }
-    if (rv != SECSuccess)
-	goto loser;
-
-    /* RFC2630 5.2 sez:
-     * In the degenerate case where there are no signers, the
-     * EncapsulatedContentInfo value being "signed" is irrelevant.  In this
-     * case, the content type within the EncapsulatedContentInfo value being
-     * "signed" should be id-data (as defined in section 4), and the content
-     * field of the EncapsulatedContentInfo value should be omitted.
-     */
-    rv = NSS_CMSContentInfo_SetContent_Data(cmsg, &(sigd->contentInfo), NULL, PR_TRUE);
-    if (rv != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return sigd;
-
-loser:
-    if (sigd)
-	NSS_CMSSignedData_Destroy(sigd);
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-/* TODO:
- * NSS_CMSSignerInfo_GetReceiptRequest()
- * NSS_CMSSignedData_HasReceiptRequest()
- * easy way to iterate over signers
- */
-
diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c
deleted file mode 100644
index 4dbdcb7bf..000000000
--- a/security/nss/lib/smime/cmssiginfo.c
+++ /dev/null
@@ -1,885 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS signerInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secder.h"
-#include "cryptohi.h"
-
-#include "smime.h"
-
-/* =============================================================================
- * SIGNERINFO
- */
-
-NSSCMSSignerInfo *
-NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag)
-{
-    void *mark;
-    NSSCMSSignerInfo *signerinfo;
-    int version;
-    PLArenaPool *poolp;
-
-    poolp = cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    signerinfo = (NSSCMSSignerInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSSignerInfo));
-    if (signerinfo == NULL) {
-	PORT_ArenaRelease(poolp, mark);
-	return NULL;
-    }
-
-    if ((signerinfo->cert = CERT_DupCertificate(cert)) == NULL)
-	goto loser;
-
-    signerinfo->cmsg = cmsg;
-
-    signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_IssuerSN;	/* hardcoded for now */
-    if ((signerinfo->signerIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL)
-	goto loser;
-
-    /* set version right now */
-    version = NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN;
-    /* RFC2630 5.3 "version is the syntax version number. If the .... " */
-    if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID)
-	version = NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY;
-    (void)SEC_ASN1EncodeInteger(poolp, &(signerinfo->version), (long)version);
-
-    if (SECOID_SetAlgorithmID(poolp, &signerinfo->digestAlg, digestalgtag, NULL) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark(poolp, mark);
-    return signerinfo;
-
-loser:
-    PORT_ArenaRelease(poolp, mark);
-    return NULL;
-}
-
-/*
- * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
- */
-void
-NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si)
-{
-    if (si->cert != NULL)
-	CERT_DestroyCertificate(si->cert);
-
-    if (si->certList != NULL) 
-	CERT_DestroyCertificateList(si->certList);
-
-    /* XXX storage ??? */
-}
-
-/*
- * NSS_CMSSignerInfo_Sign - sign something
- *
- */
-SECStatus
-NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
-{
-    CERTCertificate *cert;
-    SECKEYPrivateKey *privkey = NULL;
-    SECOidTag digestalgtag;
-    SECOidTag signalgtag;
-    SECItem signature = { 0 };
-    SECStatus rv;
-    PLArenaPool *poolp, *tmppoolp; 
-
-    PORT_Assert (digest != NULL);
-
-    poolp = signerinfo->cmsg->poolp;
-
-    cert = signerinfo->cert;
-
-    if ((privkey = PK11_FindKeyByAnyCert(cert, signerinfo->cmsg->pwfn_arg)) == NULL)
-	goto loser;
-
-    digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
-    /*
-     * XXX I think there should be a cert-level interface for this,
-     * so that I do not have to know about subjectPublicKeyInfo...
-     */
-    signalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
-    /* Fortezza MISSI have weird signature formats.  Map them to standard DSA formats */
-    signalgtag = PK11_FortezzaMapSig(signalgtag);
-
-    if (signerinfo->authAttr != NULL) {
-	SECItem encoded_attrs;
-
-	/* find and fill in the message digest attribute. */
-	rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE);
-	if (rv != SECSuccess)
-	    goto loser;
-
-	if (contentType != NULL) {
-	    /* if the caller wants us to, find and fill in the content type attribute. */
-	    rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), SEC_OID_PKCS9_CONTENT_TYPE, contentType, PR_FALSE);
-	    if (rv != SECSuccess)
-		goto loser;
-	}
-
-	if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-
-	/*
-	 * Before encoding, reorder the attributes so that when they
-	 * are encoded, they will be conforming DER, which is required
-	 * to have a specific order and that is what must be used for
-	 * the hash/signature.  We do this here, rather than building
-	 * it into EncodeAttributes, because we do not want to do
-	 * such reordering on incoming messages (which also uses
-	 * EncodeAttributes) or our old signatures (and other "broken"
-	 * implementations) will not verify.  So, we want to guarantee
-	 * that we send out good DER encodings of attributes, but not
-	 * to expect to receive them.
-	 */
-	if (NSS_CMSAttributeArray_Reorder(signerinfo->authAttr) != SECSuccess)
-	    goto loser;
-
-	encoded_attrs.data = NULL;
-	encoded_attrs.len = 0;
-	if (NSS_CMSAttributeArray_Encode(tmppoolp, &(signerinfo->authAttr), &encoded_attrs) == NULL)
-	    goto loser;
-
-	rv = SEC_SignData(&signature, encoded_attrs.data, encoded_attrs.len, privkey,
-			   NSS_CMSUtil_MakeSignatureAlgorithm(digestalgtag, signalgtag));
-	PORT_FreeArena(tmppoolp, PR_FALSE);	/* awkward memory management :-( */
-    } else {
-	rv = SGN_Digest(privkey, digestalgtag, &signature, digest);
-    }
-
-    SECKEY_DestroyPrivateKey(privkey);
-    privkey = NULL;
-
-    if (rv != SECSuccess)
-	goto loser;
-
-    if (SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature) != SECSuccess)
-	goto loser;
-
-    SECITEM_FreeItem(&signature, PR_FALSE);
-
-    if (SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg), signalgtag, NULL) != SECSuccess)
-	goto loser;
-
-    return SECSuccess;
-
-loser:
-    if (signature.len != 0)
-	SECITEM_FreeItem (&signature, PR_FALSE);
-    if (privkey)
-	SECKEY_DestroyPrivateKey(privkey);
-    return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
-			    SECCertUsage certusage)
-{
-    CERTCertificate *cert;
-    int64 stime;
-
-    if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb)) == NULL) {
-	signerinfo->verificationStatus = NSSCMSVS_SigningCertNotFound;
-	return SECFailure;
-    }
-
-    /*
-     * Get and convert the signing time; if available, it will be used
-     * both on the cert verification and for importing the sender
-     * email profile.
-     */
-    if (NSS_CMSSignerInfo_GetSigningTime (signerinfo, &stime) != SECSuccess)
-	stime = PR_Now();	/* not found or conversion failed, so check against now */
-    
-    /*
-     * XXX  This uses the signing time, if available.  Additionally, we
-     * might want to, if there is no signing time, get the message time
-     * from the mail header itself, and use that.  That would require
-     * a change to our interface though, and for S/MIME callers to pass
-     * in a time (and for non-S/MIME callers to pass in nothing, or
-     * maybe make them pass in the current time, always?).
-     */
-    if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime, signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
-	signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted;
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/*
- * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
- *
- * Just verifies the signature. The assumption is that verification of the certificate
- * is done already.
- */
-SECStatus
-NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
-{
-    SECKEYPublicKey *publickey = NULL;
-    NSSCMSAttribute *attr;
-    SECItem encoded_attrs;
-    CERTCertificate *cert;
-    NSSCMSVerificationStatus vs = NSSCMSVS_Unverified;
-    PLArenaPool *poolp;
-
-    if (signerinfo == NULL)
-	return SECFailure;
-
-    /* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL and */
-    /* cert has not been verified */
-    if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL)) == NULL) {
-	vs = NSSCMSVS_SigningCertNotFound;
-	goto loser;
-    }
-
-    if ((publickey = CERT_ExtractPublicKey(cert)) == NULL) {
-	vs = NSSCMSVS_ProcessingError;
-	goto loser;
-    }
-
-    /*
-     * XXX This may not be the right set of algorithms to check.
-     * I'd prefer to trust that just calling VFY_Verify{Data,Digest}
-     * would do the right thing (and set an error if it could not);
-     * then additional algorithms could be handled by that code
-     * and we would Just Work.  So this check should just be removed,
-     * but not until the VFY code is better at setting errors.
-     */
-    switch (SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg))) {
-    case SEC_OID_PKCS1_RSA_ENCRYPTION:
-    case SEC_OID_ANSIX9_DSA_SIGNATURE:
-    case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-	/* ok */
-	break;
-    case SEC_OID_UNKNOWN:
-	vs = NSSCMSVS_SignatureAlgorithmUnknown;
-	goto loser;
-    default:
-	vs = NSSCMSVS_SignatureAlgorithmUnsupported;
-	goto loser;
-    }
-
-    if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
-	if (contentType) {
-	    /*
-	     * Check content type
-	     *
-	     * RFC2630 sez that if there are any authenticated attributes,
-	     * then there must be one for content type which matches the
-	     * content type of the content being signed, and there must
-	     * be one for message digest which matches our message digest.
-	     * So check these things first.
-	     */
-	    if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
-					SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE)) == NULL)
-	    {
-		vs = NSSCMSVS_MalformedSignature;
-		goto loser;
-	    }
-		
-	    if (NSS_CMSAttribute_CompareValue(attr, contentType) == PR_FALSE) {
-		vs = NSSCMSVS_MalformedSignature;
-		goto loser;
-	    }
-	}
-
-	/*
-	 * Check digest
-	 */
-	if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE)) == NULL)
-	{
-	    vs = NSSCMSVS_MalformedSignature;
-	    goto loser;
-	}
-	if (NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) {
-	    vs = NSSCMSVS_DigestMismatch;
-	    goto loser;
-	}
-
-	if ((poolp = PORT_NewArena (1024)) == NULL) {
-	    vs = NSSCMSVS_ProcessingError;
-	    goto loser;
-	}
-
-	/*
-	 * Check signature
-	 *
-	 * The signature is based on a digest of the DER-encoded authenticated
-	 * attributes.  So, first we encode and then we digest/verify.
-	 * we trust the decoder to have the attributes in the right (sorted) order
-	 */
-	encoded_attrs.data = NULL;
-	encoded_attrs.len = 0;
-
-	if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr), &encoded_attrs) == NULL ||
-		encoded_attrs.data == NULL || encoded_attrs.len == 0)
-	{
-	    vs = NSSCMSVS_ProcessingError;
-	    goto loser;
-	}
-
-	vs = (VFY_VerifyData (encoded_attrs.data, encoded_attrs.len,
-			publickey, &(signerinfo->encDigest),
-			SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
-			signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
-
-	PORT_FreeArena(poolp, PR_FALSE);	/* awkward memory management :-( */
-
-    } else {
-	SECItem *sig;
-
-	/* No authenticated attributes. The signature is based on the plain message digest. */
-	sig = &(signerinfo->encDigest);
-	if (sig->len == 0)
-	    goto loser;
-
-	vs = (VFY_VerifyDigest(digest, publickey, sig,
-			SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
-			signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
-    }
-
-    if (vs == NSSCMSVS_BadSignature) {
-	/*
-	 * XXX Change the generic error into our specific one, because
-	 * in that case we get a better explanation out of the Security
-	 * Advisor.  This is really a bug in our error strings (the
-	 * "generic" error has a lousy/wrong message associated with it
-	 * which assumes the signature verification was done for the
-	 * purposes of checking the issuer signature on a certificate)
-	 * but this is at least an easy workaround and/or in the
-	 * Security Advisor, which specifically checks for the error
-	 * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
-	 * in that case but does not similarly check for
-	 * SEC_ERROR_BAD_SIGNATURE.  It probably should, but then would
-	 * probably say the wrong thing in the case that it *was* the
-	 * certificate signature check that failed during the cert
-	 * verification done above.  Our error handling is really a mess.
-	 */
-	if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
-	    PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
-    }
-
-    if (publickey != NULL)
-	SECKEY_DestroyPublicKey (publickey);
-
-    signerinfo->verificationStatus = vs;
-
-    return (vs == NSSCMSVS_GoodSignature) ? SECSuccess : SECFailure;
-
-loser:
-    if (publickey != NULL)
-	SECKEY_DestroyPublicKey (publickey);
-
-    signerinfo->verificationStatus = vs;
-
-    PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
-    return SECFailure;
-}
-
-NSSCMSVerificationStatus
-NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo)
-{
-    return signerinfo->verificationStatus;
-}
-
-SECOidData *
-NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo)
-{
-    return SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-}
-
-SECOidTag
-NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo)
-{
-    SECOidData *algdata;
-
-    algdata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-    if (algdata != NULL)
-	return algdata->offset;
-    else
-	return SEC_OID_UNKNOWN;
-}
-
-CERTCertificateList *
-NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo)
-{
-    return signerinfo->certList;
-}
-
-int
-NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo)
-{
-    unsigned long version;
-
-    /* always take apart the SECItem */
-    if (SEC_ASN1DecodeInteger(&(signerinfo->version), &version) != SECSuccess)
-	return 0;
-    else
-	return (int)version;
-}
-
-/*
- * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
- *				      in UTCTime format, of a CMS signerInfo.
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to XXXX (what?)
- * A return value of NULL is an error.
- */
-SECStatus
-NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime)
-{
-    NSSCMSAttribute *attr;
-    SECItem *value;
-
-    if (sinfo == NULL)
-	return SECFailure;
-
-    if (sinfo->signingTime != 0) {
-	*stime = sinfo->signingTime;	/* cached copy */
-	return SECSuccess;
-    }
-
-    attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr, SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
-    /* XXXX multi-valued attributes NIH */
-    if (attr == NULL || (value = NSS_CMSAttribute_GetValue(attr)) == NULL)
-	return SECFailure;
-    if (DER_UTCTimeToTime(stime, value) != SECSuccess)
-	return SECFailure;
-    sinfo->signingTime = *stime;	/* make cached copy */
-    return SECSuccess;
-}
-
-/*
- * Return the signing cert of a CMS signerInfo.
- *
- * the certs in the enclosing SignedData must have been imported already
- */
-CERTCertificate *
-NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb)
-{
-    CERTCertificate *cert;
-
-    if (signerinfo->cert != NULL)
-	return signerinfo->cert;
-
-    /* no certdb, and cert hasn't been set yet? */
-    if (certdb == NULL)
-	return NULL;
-
-    /*
-     * This cert will also need to be freed, but since we save it
-     * in signerinfo for later, we do not want to destroy it when
-     * we leave this function -- we let the clean-up of the entire
-     * cinfo structure later do the destroy of this cert.
-     */
-    switch (signerinfo->signerIdentifier.identifierType) {
-    case NSSCMSSignerID_IssuerSN:
-	cert = CERT_FindCertByIssuerAndSN(certdb, signerinfo->signerIdentifier.id.issuerAndSN);
-	break;
-    case NSSCMSSignerID_SubjectKeyID:
-#if 0 /* not yet implemented */
-	cert = CERT_FindCertBySubjectKeyID(certdb, signerinfo->signerIdentifier.id.subjectKeyID);
-#else
-	cert = NULL;
-#endif
-	break;
-    default:
-	cert = NULL;
-	break;
-    }
-
-    /* cert can be NULL at that point */
-    signerinfo->cert = cert;	/* earmark it */
-
-    return cert;
-}
-
-/*
- * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-char *
-NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo)
-{
-    CERTCertificate *signercert;
-
-    /* will fail if cert is not verified */
-    if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
-	return NULL;
-
-    return (CERT_GetCommonName(&signercert->subject));
-}
-
-/*
- * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-char *
-NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo)
-{
-    CERTCertificate *signercert;
-
-    if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
-	return NULL;
-
-    if (signercert->emailAddr == NULL)
-	return NULL;
-
-    return (PORT_Strdup(signercert->emailAddr));
-}
-
-/*
- * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo". 
- */
-SECStatus
-NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
-{
-    return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->authAttr), attr);
-}
-
-/*
- * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
- * unauthenticated attributes of "signerinfo". 
- */
-SECStatus
-NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
-{
-    return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->unAuthAttr), attr);
-}
-
-/* 
- * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
- * authenticated (i.e. signed) attributes of "signerinfo". 
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will do nothing.
- *
- * XXX This will probably just shove the current time into "signerinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding.  Is this (expected to be small) delay okay?
- */
-SECStatus
-NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t)
-{
-    NSSCMSAttribute *attr;
-    SECItem stime;
-    void *mark;
-    PLArenaPool *poolp;
-
-    poolp = signerinfo->cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    /* create new signing time attribute */
-    if (DER_TimeToUTCTime(&stime, t) != SECSuccess)
-	goto loser;
-
-    if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SIGNING_TIME, &stime, PR_FALSE)) == NULL) {
-	SECITEM_FreeItem (&stime, PR_FALSE);
-	goto loser;
-    }
-
-    SECITEM_FreeItem (&stime, PR_FALSE);
-
-    if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark (poolp, mark);
-
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease (poolp, mark);
-    return SECFailure;
-}
-
-/* 
- * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo". 
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo)
-{
-    NSSCMSAttribute *attr;
-    SECItem *smimecaps = NULL;
-    void *mark;
-    PLArenaPool *poolp;
-
-    poolp = signerinfo->cmsg->poolp;
-
-    mark = PORT_ArenaMark(poolp);
-
-    smimecaps = SECITEM_AllocItem(poolp, NULL, 0);
-    if (smimecaps == NULL)
-	goto loser;
-
-    /* create new signing time attribute */
-    if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps,
-			    PK11_FortezzaHasKEA(signerinfo->cert)) != SECSuccess)
-	goto loser;
-
-    if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SMIME_CAPABILITIES, smimecaps, PR_TRUE)) == NULL)
-	goto loser;
-
-    if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark (poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease (poolp, mark);
-    return SECFailure;
-}
-
-/* 
- * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo". 
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb)
-{
-    NSSCMSAttribute *attr;
-    SECItem *smimeekp = NULL;
-    void *mark;
-    PLArenaPool *poolp;
-
-    /* verify this cert for encryption */
-    if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
-	return SECFailure;
-    }
-
-    poolp = signerinfo->cmsg->poolp;
-    mark = PORT_ArenaMark(poolp);
-
-    smimeekp = SECITEM_AllocItem(poolp, NULL, 0);
-    if (smimeekp == NULL)
-	goto loser;
-
-    /* create new signing time attribute */
-    if (NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess)
-	goto loser;
-
-    if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL)
-	goto loser;
-
-    if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
-	goto loser;
-
-    PORT_ArenaUnmark (poolp, mark);
-    return SECSuccess;
-
-loser:
-    PORT_ArenaRelease (poolp, mark);
-    return SECFailure;
-}
-
-/* 
- * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
- *
- * 1. digest the DER-encoded signature value of the original signerinfo
- * 2. create new signerinfo with correct version, sid, digestAlg
- * 3. add message-digest authAttr, but NO content-type
- * 4. sign the authAttrs
- * 5. DER-encode the new signerInfo
- * 6. add the whole thing to original signerInfo's unAuthAttrs
- *    as a SEC_OID_PKCS9_COUNTER_SIGNATURE attribute
- *
- * XXXX give back the new signerinfo?
- */
-SECStatus
-NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
-				    SECOidTag digestalg, CERTCertificate signingcert)
-{
-    /* XXXX TBD XXXX */
-    return SECFailure;
-}
-
-/*
- * XXXX the following needs to be done in the S/MIME layer code
- * after signature of a signerinfo is verified
- */
-SECStatus
-NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo)
-{
-    CERTCertificate *cert = NULL;
-    SECItem *profile = NULL;
-    NSSCMSAttribute *attr;
-    SECItem *utc_stime = NULL;
-    SECItem *ekp;
-    CERTCertDBHandle *certdb;
-    int save_error;
-    SECStatus rv;
-
-    certdb = CERT_GetDefaultCertDB();
-
-    /* sanity check - see if verification status is ok (unverified does not count...) */
-    if (signerinfo->verificationStatus != NSSCMSVS_GoodSignature)
-	return SECFailure;
-
-    /* find preferred encryption cert */
-    if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr) &&
-	(attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
-			       SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, PR_TRUE)) != NULL)
-    { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */
-	ekp = NSS_CMSAttribute_GetValue(attr);
-	if (ekp == NULL)
-	    return SECFailure;
-
-	/* we assume that all certs coming with the message have been imported to the */
-	/* temporary database */
-	cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp);
-	if (cert == NULL)
-	    return SECFailure;
-    }
-
-    if (cert == NULL) {
-	/* no preferred cert found?
-	 * find the cert the signerinfo is signed with instead */
-	cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb);
-	if (cert == NULL || cert->emailAddr == NULL)
-	    return SECFailure;
-    }
-
-    /* verify this cert for encryption (has been verified for signing so far) */    /* don't verify this cert for encryption. It may just be a signing cert.
-     * that's OK, we can still save the S/MIME profile. The encryption cert
-     * should have already been saved */
-#ifdef notdef
-    if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
-	return SECFailure;
-    }
-#endif
-
-    /* XXX store encryption cert permanently? */
-
-    /*
-     * Remember the current error set because we do not care about
-     * anything set by the functions we are about to call.
-     */
-    save_error = PORT_GetError();
-
-    if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
-	attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
-				       SEC_OID_PKCS9_SMIME_CAPABILITIES,
-				       PR_TRUE);
-	profile = NSS_CMSAttribute_GetValue(attr);
-	attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
-				       SEC_OID_PKCS9_SIGNING_TIME,
-				       PR_TRUE);
-	utc_stime = NSS_CMSAttribute_GetValue(attr);
-    }
-
-    rv = CERT_SaveSMimeProfile (cert, profile, utc_stime);
-
-    /*
-     * Restore the saved error in case the calls above set a new
-     * one that we do not actually care about.
-     */
-    PORT_SetError (save_error);
-
-    return rv;
-}
-
-/*
- * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
- */
-SECStatus
-NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage)
-{
-    if (signerinfo->cert == NULL)
-	return SECFailure;
-
-    /* don't leak if we get called twice */
-    if (signerinfo->certList != NULL) {
-	CERT_DestroyCertificateList(signerinfo->certList);
-	signerinfo->certList = NULL;
-    }
-
-    switch (cm) {
-    case NSSCMSCM_None:
-	signerinfo->certList = NULL;
-	break;
-    case NSSCMSCM_CertOnly:
-	signerinfo->certList = CERT_CertListFromCert(signerinfo->cert);
-	break;
-    case NSSCMSCM_CertChain:
-	signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_FALSE);
-	break;
-    case NSSCMSCM_CertChainWithRoot:
-	signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_TRUE);
-	break;
-    }
-
-    if (cm != NSSCMSCM_None && signerinfo->certList == NULL)
-	return SECFailure;
-    
-    return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmst.h b/security/nss/lib/smime/cmst.h
deleted file mode 100644
index f963109c9..000000000
--- a/security/nss/lib/smime/cmst.h
+++ /dev/null
@@ -1,490 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header for CMS types.
- *
- * $Id$
- */
-
-#ifndef _CMST_H_
-#define _CMST_H_
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "certt.h"
-#include "secmodt.h"
-#include "secmodt.h"
-
-#include "plarena.h"
-
-/* Non-opaque objects.  NOTE, though: I want them to be treated as
- * opaque as much as possible.  If I could hide them completely,
- * I would.  (I tried, but ran into trouble that was taking me too
- * much time to get out of.)  I still intend to try to do so.
- * In fact, the only type that "outsiders" should even *name* is
- * NSSCMSMessage, and they should not reference its fields.
- */
-/* rjr: PKCS #11 cert handling (pk11cert.c) does use NSSCMSRecipientInfo's.
- * This is because when we search the recipient list for the cert and key we
- * want, we need to invert the order of the loops we used to have. The old
- * loops were:
- *
- *  For each recipient {
- *       find_cert = PK11_Find_AllCert(recipient->issuerSN);
- *       [which unrolls to... ]
- *       For each slot {
- *            Log into slot;
- *            search slot for cert;
- *      }
- *  }
- *
- *  the new loop searchs all the recipients at once on a slot. this allows
- *  PKCS #11 to order slots in such a way that logout slots don't get checked
- *  if we can find the cert on a logged in slot. This eliminates lots of
- *  spurious password prompts when smart cards are installed... so why this
- *  comment? If you make NSSCMSRecipientInfo completely opaque, you need
- *  to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
- *  and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
- *  function.
- */
-
-typedef struct NSSCMSMessageStr NSSCMSMessage;
-
-typedef union NSSCMSContentUnion NSSCMSContent;
-typedef struct NSSCMSContentInfoStr NSSCMSContentInfo;
-
-typedef struct NSSCMSSignedDataStr NSSCMSSignedData;
-typedef struct NSSCMSSignerInfoStr NSSCMSSignerInfo;
-typedef struct NSSCMSSignerIdentifierStr NSSCMSSignerIdentifier;
-
-typedef struct NSSCMSEnvelopedDataStr NSSCMSEnvelopedData;
-typedef struct NSSCMSOriginatorInfoStr NSSCMSOriginatorInfo;
-typedef struct NSSCMSRecipientInfoStr NSSCMSRecipientInfo;
-
-typedef struct NSSCMSDigestedDataStr NSSCMSDigestedData;
-typedef struct NSSCMSEncryptedDataStr NSSCMSEncryptedData;
-
-typedef struct NSSCMSSMIMEKEAParametersStr NSSCMSSMIMEKEAParameters;
-
-typedef struct NSSCMSAttributeStr NSSCMSAttribute;
-
-typedef struct NSSCMSDecoderContextStr NSSCMSDecoderContext;
-typedef struct NSSCMSEncoderContextStr NSSCMSEncoderContext;
-
-typedef struct NSSCMSCipherContextStr NSSCMSCipherContext;
-typedef struct NSSCMSDigestContextStr NSSCMSDigestContext;
-
-/*
- * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart.
- * If specified, this is where the content bytes (only) will be "sent"
- * as they are recovered during the decoding.
- * And:
- * Type of function passed to NSSCMSEncode or NSSCMSEncoderStart.
- * This is where the DER-encoded bytes will be "sent".
- *
- * XXX Should just combine this with NSSCMSEncoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (*NSSCMSContentCallback)(void *arg, const char *buf, unsigned long len);
-
-/*
- * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart
- * to retrieve the decryption key.  This function is intended to be
- * used for EncryptedData content info's which do not have a key available
- * in a certificate, etc.
- */
-typedef PK11SymKey *(*NSSCMSGetDecryptKeyCallback)(void *arg, SECAlgorithmID *algid);
-
-
-/* =============================================================================
- * ENCAPSULATED CONTENTINFO & CONTENTINFO
- */
-
-union NSSCMSContentUnion {
-    /* either unstructured */
-    SECItem *			data;
-    /* or structured data */
-    NSSCMSDigestedData *	digestedData;
-    NSSCMSEncryptedData	*	encryptedData;
-    NSSCMSEnvelopedData	*	envelopedData;
-    NSSCMSSignedData *		signedData;
-    /* or anonymous pointer to something */
-    void *			pointer;
-};
-
-struct NSSCMSContentInfoStr {
-    SECItem			contentType;
-    NSSCMSContent		content;
-    /* --------- local; not part of encoding --------- */
-    SECOidData *		contentTypeTag;	
-
-    /* additional info for encryptedData and envelopedData */
-    /* we waste this space for signedData and digestedData. sue me. */
-
-    SECAlgorithmID		contentEncAlg;
-    SECItem *			rawContent;		/* encrypted DER, optional */
-							/* XXXX bytes not encrypted, but encoded? */
-    /* --------- local; not part of encoding --------- */
-    PK11SymKey *		bulkkey;		/* bulk encryption key */
-    int				keysize;		/* size of bulk encryption key
-							 * (only used by creation code) */
-    SECOidTag			contentEncAlgTag;	/* oid tag of encryption algorithm
-							 * (only used by creation code) */
-    NSSCMSCipherContext		*ciphcx;		/* context for en/decryption going on */
-    NSSCMSDigestContext		*digcx;			/* context for digesting going on */
-};
-
-/* =============================================================================
- * MESSAGE
- */
-
-struct NSSCMSMessageStr {
-    NSSCMSContentInfo	contentInfo;		/* "outer" cinfo */
-    /* --------- local; not part of encoding --------- */
-    PLArenaPool *	poolp;
-    PRBool		poolp_is_ours;
-    int			refCount;
-    /* properties of the "inner" data */
-    SECAlgorithmID **	detached_digestalgs;
-    SECItem **		detached_digests;
-    void *		pwfn_arg;
-    NSSCMSGetDecryptKeyCallback decrypt_key_cb;
-    void *		decrypt_key_cb_arg;
-};
-
-/* =============================================================================
- * SIGNEDDATA
- */
-
-struct NSSCMSSignedDataStr {
-    SECItem			version;
-    SECAlgorithmID **		digestAlgorithms;
-    NSSCMSContentInfo		contentInfo;
-    SECItem **			rawCerts;
-    CERTSignedCrl **		crls;
-    NSSCMSSignerInfo **		signerInfos;
-    /* --------- local; not part of encoding --------- */
-    NSSCMSMessage *		cmsg;			/* back pointer to message */
-    SECItem **			digests;
-    CERTCertificate **		certs;
-    CERTCertificateList **	certLists;
-};
-#define NSS_CMS_SIGNED_DATA_VERSION_BASIC	1	/* what we *create* */
-#define NSS_CMS_SIGNED_DATA_VERSION_EXT		3	/* what we *create* */
-
-typedef enum {
-    NSSCMSVS_Unverified = 0,
-    NSSCMSVS_GoodSignature = 1,
-    NSSCMSVS_BadSignature = 2,
-    NSSCMSVS_DigestMismatch = 3,
-    NSSCMSVS_SigningCertNotFound = 4,
-    NSSCMSVS_SigningCertNotTrusted = 5,
-    NSSCMSVS_SignatureAlgorithmUnknown = 6,
-    NSSCMSVS_SignatureAlgorithmUnsupported = 7,
-    NSSCMSVS_MalformedSignature = 8,
-    NSSCMSVS_ProcessingError = 9
-} NSSCMSVerificationStatus;
-
-typedef enum {
-    NSSCMSSignerID_IssuerSN = 0,
-    NSSCMSSignerID_SubjectKeyID = 1
-} NSSCMSSignerIDSelector;
-
-struct NSSCMSSignerIdentifierStr {
-    NSSCMSSignerIDSelector identifierType;
-    union {
-	CERTIssuerAndSN *issuerAndSN;
-	SECItem *subjectKeyID;
-    } id;
-};
-
-struct NSSCMSSignerInfoStr {
-    SECItem			version;
-    NSSCMSSignerIdentifier	signerIdentifier;
-    SECAlgorithmID		digestAlg;
-    NSSCMSAttribute **		authAttr;
-    SECAlgorithmID		digestEncAlg;
-    SECItem			encDigest;
-    NSSCMSAttribute **		unAuthAttr;
-    /* --------- local; not part of encoding --------- */
-    NSSCMSMessage *		cmsg;			/* back pointer to message */
-    CERTCertificate *		cert;
-    CERTCertificateList *	certList;
-    PRTime			signingTime;
-    NSSCMSVerificationStatus	verificationStatus;
-};
-#define NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN	1	/* what we *create* */
-#define NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY	3	/* what we *create* */
-
-typedef enum {
-    NSSCMSCM_None = 0,
-    NSSCMSCM_CertOnly = 1,
-    NSSCMSCM_CertChain = 2,
-    NSSCMSCM_CertChainWithRoot = 3
-} NSSCMSCertChainMode;
-
-/* =============================================================================
- * ENVELOPED DATA
- */
-struct NSSCMSEnvelopedDataStr {
-    SECItem			version;
-    NSSCMSOriginatorInfo *	originatorInfo;		/* optional */
-    NSSCMSRecipientInfo **	recipientInfos;
-    NSSCMSContentInfo		contentInfo;
-    NSSCMSAttribute **		unprotectedAttr;
-    /* --------- local; not part of encoding --------- */
-    NSSCMSMessage *		cmsg;			/* back pointer to message */
-};
-#define NSS_CMS_ENVELOPED_DATA_VERSION_REG	0	/* what we *create* */
-#define NSS_CMS_ENVELOPED_DATA_VERSION_ADV	2	/* what we *create* */
-
-struct NSSCMSOriginatorInfoStr {
-    SECItem **			rawCerts;
-    CERTSignedCrl **		crls;
-    /* --------- local; not part of encoding --------- */
-    CERTCertificate **		certs;
-};
-
-/* -----------------------------------------------------------------------------
- * key transport recipient info
- */
-typedef enum {
-    NSSCMSRecipientID_IssuerSN = 0,
-    NSSCMSRecipientID_SubjectKeyID = 1
-} NSSCMSRecipientIDSelector;
-
-struct NSSCMSRecipientIdentifierStr {
-    NSSCMSRecipientIDSelector	identifierType;
-    union {
-	CERTIssuerAndSN		*issuerAndSN;
-	SECItem 		*subjectKeyID;
-    } id;
-};
-typedef struct NSSCMSRecipientIdentifierStr NSSCMSRecipientIdentifier;
-
-struct NSSCMSKeyTransRecipientInfoStr {
-    SECItem			version;
-    NSSCMSRecipientIdentifier	recipientIdentifier;
-    SECAlgorithmID		keyEncAlg;
-    SECItem			encKey;
-};
-typedef struct NSSCMSKeyTransRecipientInfoStr NSSCMSKeyTransRecipientInfo;
-
-#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN	0	/* what we *create* */
-#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY		2	/* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * key agreement recipient info
- */
-struct NSSCMSOriginatorPublicKeyStr {
-    SECAlgorithmID			algorithmIdentifier;
-    SECItem				publicKey;			/* bit string! */
-};
-typedef struct NSSCMSOriginatorPublicKeyStr NSSCMSOriginatorPublicKey;
-
-typedef enum {
-    NSSCMSOriginatorIDOrKey_IssuerSN = 0,
-    NSSCMSOriginatorIDOrKey_SubjectKeyID = 1,
-    NSSCMSOriginatorIDOrKey_OriginatorPublicKey = 2
-} NSSCMSOriginatorIDOrKeySelector;
-
-struct NSSCMSOriginatorIdentifierOrKeyStr {
-    NSSCMSOriginatorIDOrKeySelector identifierType;
-    union {
-	CERTIssuerAndSN			*issuerAndSN;		/* static-static */
-	SECItem				*subjectKeyID;		/* static-static */
-	NSSCMSOriginatorPublicKey	originatorPublicKey;	/* ephemeral-static */
-    } id;
-};
-typedef struct NSSCMSOriginatorIdentifierOrKeyStr NSSCMSOriginatorIdentifierOrKey;
-
-struct NSSCMSRecipientKeyIdentifierStr {
-    SECItem *				subjectKeyIdentifier;
-    SECItem *				date;			/* optional */
-    SECItem *				other;			/* optional */
-};
-typedef struct NSSCMSRecipientKeyIdentifierStr NSSCMSRecipientKeyIdentifier;
-
-typedef enum {
-    NSSCMSKeyAgreeRecipientID_IssuerSN = 0,
-    NSSCMSKeyAgreeRecipientID_RKeyID = 1
-} NSSCMSKeyAgreeRecipientIDSelector;
-
-struct NSSCMSKeyAgreeRecipientIdentifierStr {
-    NSSCMSKeyAgreeRecipientIDSelector	identifierType;
-    union {
-	CERTIssuerAndSN			*issuerAndSN;
-	NSSCMSRecipientKeyIdentifier	recipientKeyIdentifier;
-    } id;
-};
-typedef struct NSSCMSKeyAgreeRecipientIdentifierStr NSSCMSKeyAgreeRecipientIdentifier;
-
-struct NSSCMSRecipientEncryptedKeyStr {
-    NSSCMSKeyAgreeRecipientIdentifier	recipientIdentifier;
-    SECItem				encKey;
-};
-typedef struct NSSCMSRecipientEncryptedKeyStr NSSCMSRecipientEncryptedKey;
-
-struct NSSCMSKeyAgreeRecipientInfoStr {
-    SECItem				version;
-    NSSCMSOriginatorIdentifierOrKey	originatorIdentifierOrKey;
-    SECItem *				ukm;				/* optional */
-    SECAlgorithmID			keyEncAlg;
-    NSSCMSRecipientEncryptedKey **	recipientEncryptedKeys;
-};
-typedef struct NSSCMSKeyAgreeRecipientInfoStr NSSCMSKeyAgreeRecipientInfo;
-
-#define NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION	3	/* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * KEK recipient info
- */
-struct NSSCMSKEKIdentifierStr {
-    SECItem			keyIdentifier;
-    SECItem *			date;			/* optional */
-    SECItem *			other;			/* optional */
-};
-typedef struct NSSCMSKEKIdentifierStr NSSCMSKEKIdentifier;
-
-struct NSSCMSKEKRecipientInfoStr {
-    SECItem			version;
-    NSSCMSKEKIdentifier		kekIdentifier;
-    SECAlgorithmID		keyEncAlg;
-    SECItem			encKey;
-};
-typedef struct NSSCMSKEKRecipientInfoStr NSSCMSKEKRecipientInfo;
-
-#define NSS_CMS_KEK_RECIPIENT_INFO_VERSION	4	/* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * recipient info
- */
-
-typedef enum {
-    NSSCMSRecipientInfoID_KeyTrans = 0,
-    NSSCMSRecipientInfoID_KeyAgree = 1,
-    NSSCMSRecipientInfoID_KEK = 2
-} NSSCMSRecipientInfoIDSelector;
-
-struct NSSCMSRecipientInfoStr {
-    NSSCMSRecipientInfoIDSelector recipientInfoType;
-    union {
-	NSSCMSKeyTransRecipientInfo keyTransRecipientInfo;
-	NSSCMSKeyAgreeRecipientInfo keyAgreeRecipientInfo;
-	NSSCMSKEKRecipientInfo kekRecipientInfo;
-    } ri;
-    /* --------- local; not part of encoding --------- */
-    NSSCMSMessage *		cmsg;			/* back pointer to message */
-    CERTCertificate *		cert;			/* recipient's certificate */
-};
-
-/* =============================================================================
- * DIGESTED DATA
- */
-struct NSSCMSDigestedDataStr {
-    SECItem			version;
-    SECAlgorithmID		digestAlg;
-    NSSCMSContentInfo		contentInfo;
-    SECItem			digest;
-    /* --------- local; not part of encoding --------- */
-    NSSCMSMessage *		cmsg;		/* back pointer */
-    SECItem			cdigest;	/* calculated digest */
-};
-#define NSS_CMS_DIGESTED_DATA_VERSION_DATA	0	/* what we *create* */
-#define NSS_CMS_DIGESTED_DATA_VERSION_ENCAP	2	/* what we *create* */
-
-/* =============================================================================
- * ENCRYPTED DATA
- */
-struct NSSCMSEncryptedDataStr {
-    SECItem			version;
-    NSSCMSContentInfo		contentInfo;
-    NSSCMSAttribute **		unprotectedAttr;	/* optional */
-    /* --------- local; not part of encoding --------- */
-    NSSCMSMessage *		cmsg;		/* back pointer */
-};
-#define NSS_CMS_ENCRYPTED_DATA_VERSION		0	/* what we *create* */
-#define NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR	2	/* what we *create* */
-
-/* =============================================================================
- * FORTEZZA KEA
- */
-
-/* An enumerated type used to select templates based on the encryption
-   scenario and data specifics. */
-typedef enum {
-    NSSCMSKEAInvalid = -1,
-    NSSCMSKEAUsesSkipjack = 0,
-    NSSCMSKEAUsesNonSkipjack = 1,
-    NSSCMSKEAUsesNonSkipjackWithPaddedEncKey = 2
-} NSSCMSKEATemplateSelector;
-
-/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
-                but I cannot think of a more appropriate place at this time. */
-struct NSSCMSSMIMEKEAParametersStr {
-    SECItem originatorKEAKey;	/* sender KEA key (encrypted?) */
-    SECItem originatorRA;	/* random number generated by sender */
-    SECItem nonSkipjackIV;	/* init'n vector for SkipjackCBC64
-			           decryption of KEA key if Skipjack
-				   is not the bulk algorithm used on
-				   the message */
-    SECItem bulkKeySize;	/* if Skipjack is not the bulk
-			           algorithm used on the message,
-				   and the size of the bulk encryption
-				   key is not the same as that of
-				   originatorKEAKey (due to padding
-				   perhaps), this field will contain
-				   the real size of the bulk encryption
-				   key. */
-};
-
-/*
- * *****************************************************************************
- * *****************************************************************************
- * *****************************************************************************
- */
-
-/*
- * See comment above about this type not really belonging to CMS.
- */
-struct NSSCMSAttributeStr {
-    /* The following fields make up an encoded Attribute: */
-    SECItem			type;
-    SECItem **			values;	/* data may or may not be encoded */
-    /* The following fields are not part of an encoded Attribute: */
-    SECOidData *		typeTag;
-    PRBool			encoded;	/* when true, values are encoded */
-};
-
-#endif /* _CMST_H_ */
diff --git a/security/nss/lib/smime/cmsutil.c b/security/nss/lib/smime/cmsutil.c
deleted file mode 100644
index f7899d881..000000000
--- a/security/nss/lib/smime/cmsutil.c
+++ /dev/null
@@ -1,393 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS miscellaneous utility functions.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "sechash.h"
-
-/*
- * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
- *
- * make sure that the order of the objects guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in objs).
- */
-SECStatus
-NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2)
-{
-    PRArenaPool *poolp;
-    int num_objs;
-    SECItem **enc_objs;
-    SECStatus rv = SECFailure;
-    int i;
-
-    if (objs == NULL)					/* already sorted */
-	return SECSuccess;
-
-    num_objs = NSS_CMSArray_Count((void **)objs);
-    if (num_objs == 0 || num_objs == 1)		/* already sorted. */
-	return SECSuccess;
-
-    poolp = PORT_NewArena (1024);	/* arena for temporaries */
-    if (poolp == NULL)
-	return SECFailure;		/* no memory; nothing we can do... */
-
-    /*
-     * Allocate arrays to hold the individual encodings which we will use
-     * for comparisons and the reordered attributes as they are sorted.
-     */
-    enc_objs = (SECItem **)PORT_ArenaZAlloc(poolp, (num_objs + 1) * sizeof(SECItem *));
-    if (enc_objs == NULL)
-	goto loser;
-
-    /* DER encode each individual object. */
-    for (i = 0; i < num_objs; i++) {
-	enc_objs[i] = SEC_ASN1EncodeItem(poolp, NULL, objs[i], objtemplate);
-	if (enc_objs[i] == NULL)
-	    goto loser;
-    }
-    enc_objs[num_objs] = NULL;
-
-    /* now compare and sort objs by the order of enc_objs */
-    NSS_CMSArray_Sort((void **)enc_objs, NSS_CMSUtil_DERCompare, objs, objs2);
-
-    rv = SECSuccess;
-
-loser:
-    PORT_FreeArena (poolp, PR_FALSE);
-    return rv;
-}
-
-/*
- * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
- *  sort arrays of SECItems containing DER
- */
-int
-NSS_CMSUtil_DERCompare(void *a, void *b)
-{
-    SECItem *der1 = (SECItem *)a;
-    SECItem *der2 = (SECItem *)b;
-    int j;
-
-    /*
-     * Find the lowest (lexigraphically) encoding.  One that is
-     * shorter than all the rest is known to be "less" because each
-     * attribute is of the same type (a SEQUENCE) and so thus the
-     * first octet of each is the same, and the second octet is
-     * the length (or the length of the length with the high bit
-     * set, followed by the length, which also works out to always
-     * order the shorter first).  Two (or more) that have the
-     * same length need to be compared byte by byte until a mismatch
-     * is found.
-     */
-    if (der1->len != der2->len)
-	return (der1->len < der2->len) ? -1 : 1;
-
-    for (j = 0; j < der1->len; j++) {
-	if (der1->data[j] == der2->data[j])
-	    continue;
-	return (der1->data[j] < der2->data[j]) ? -1 : 1;
-    }
-    return 0;
-}
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of 
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algid - algorithmid of algorithm to pick
- *
- * Returns:
- *  An integer containing the index of the algorithm in the array or -1 if 
- *  algorithm was not found.
- */
-int
-NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid)
-{
-    int i;
-
-    if (algorithmArray == NULL || algorithmArray[0] == NULL)
-	return -1;
-
-    for (i = 0; algorithmArray[i] != NULL; i++) {
-	if (SECOID_CompareAlgorithmID(algorithmArray[i], algid) == SECEqual)
-	    break;	/* bingo */
-    }
-
-    if (algorithmArray[i] == NULL)
-	return -1;	/* not found */
-
-    return i;
-}
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgTag - find a specific algorithm in an array of 
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algtag - algorithm tag of algorithm to pick
- *
- * Returns:
- *  An integer containing the index of the algorithm in the array or -1 if 
- *  algorithm was not found.
- */
-int
-NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray, SECOidTag algtag)
-{
-    SECOidData *algid;
-    int i;
-
-    if (algorithmArray == NULL || algorithmArray[0] == NULL)
-	return -1;
-
-    for (i = 0; algorithmArray[i] != NULL; i++) {
-	algid = SECOID_FindOID(&(algorithmArray[i]->algorithm));
-	if (algid->offset == algtag)
-	    break;	/* bingo */
-    }
-
-    if (algorithmArray[i] == NULL)
-	return -1;	/* not found */
-
-    return i;
-}
-
-const SECHashObject *
-NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid)
-{
-    SECOidData *oiddata;
-    const SECHashObject *digobj;
-
-    /* here are the algorithms we know */
-    oiddata = SECOID_FindOID(&(algid->algorithm));
-    if (oiddata == NULL) {
-	digobj = NULL;
-    } else {
-	switch (oiddata->offset) {
-	case SEC_OID_MD2:
-	    digobj = HASH_GetHashObject(HASH_AlgMD2);
-	    break;
-	case SEC_OID_MD5:
-	    digobj = HASH_GetHashObject(HASH_AlgMD5);
-	    break;
-	case SEC_OID_SHA1:
-	    digobj = HASH_GetHashObject(HASH_AlgSHA1);
-	    break;
-	default:
-	    digobj = NULL;
-	    break;
-	}
-    }
-    return digobj;
-}
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-SECOidTag
-NSS_CMSUtil_MakeSignatureAlgorithm(SECOidTag hashalg, SECOidTag encalg)
-{
-    switch (encalg) {
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	switch (hashalg) {
-	  case SEC_OID_MD2:
-	    return SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
-	  case SEC_OID_MD5:
-	    return SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
-	  case SEC_OID_SHA1:
-	    return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-	  default:
-	    return SEC_OID_UNKNOWN;
-	}
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-      case SEC_OID_MISSI_KEA_DSS:
-      case SEC_OID_MISSI_DSS:
-	switch (hashalg) {
-	  case SEC_OID_SHA1:
-	    return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
-	  default:
-	    return SEC_OID_UNKNOWN;
-	}
-      default:
-	break;
-    }
-
-    return encalg;		/* maybe it is already the right algid */
-}
-
-const SEC_ASN1Template *
-NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type)
-{
-    const SEC_ASN1Template *template;
-    extern const SEC_ASN1Template NSSCMSSignedDataTemplate[];
-    extern const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[];
-    extern const SEC_ASN1Template NSSCMSEncryptedDataTemplate[];
-    extern const SEC_ASN1Template NSSCMSDigestedDataTemplate[];
-
-    switch (type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	template = NSSCMSSignedDataTemplate;
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	template = NSSCMSEnvelopedDataTemplate;
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	template = NSSCMSEncryptedDataTemplate;
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	template = NSSCMSDigestedDataTemplate;
-	break;
-    default:
-    case SEC_OID_PKCS7_DATA:
-	template = NULL;
-	break;
-    }
-    return template;
-}
-
-size_t
-NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type)
-{
-    size_t size;
-
-    switch (type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	size = sizeof(NSSCMSSignedData);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	size = sizeof(NSSCMSEnvelopedData);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	size = sizeof(NSSCMSEncryptedData);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	size = sizeof(NSSCMSDigestedData);
-	break;
-    default:
-    case SEC_OID_PKCS7_DATA:
-	size = 0;
-	break;
-    }
-    return size;
-}
-
-NSSCMSContentInfo *
-NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type)
-{
-    NSSCMSContent c;
-    NSSCMSContentInfo *cinfo;
-
-    PORT_Assert(msg != NULL);
-
-    c.pointer = msg;
-    switch (type) {
-    case SEC_OID_PKCS7_SIGNED_DATA:
-	cinfo = &(c.signedData->contentInfo);
-	break;
-    case SEC_OID_PKCS7_ENVELOPED_DATA:
-	cinfo = &(c.envelopedData->contentInfo);
-	break;
-    case SEC_OID_PKCS7_ENCRYPTED_DATA:
-	cinfo = &(c.encryptedData->contentInfo);
-	break;
-    case SEC_OID_PKCS7_DIGESTED_DATA:
-	cinfo = &(c.digestedData->contentInfo);
-	break;
-    default:
-	cinfo = NULL;
-    }
-    return cinfo;
-}
-
-const char *
-NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs)
-{
-    switch (vs) {
-    case NSSCMSVS_Unverified:			return "Unverified";
-    case NSSCMSVS_GoodSignature:		return "GoodSignature";
-    case NSSCMSVS_BadSignature:			return "BadSignature";
-    case NSSCMSVS_DigestMismatch:		return "DigestMismatch";
-    case NSSCMSVS_SigningCertNotFound:		return "SigningCertNotFound";
-    case NSSCMSVS_SigningCertNotTrusted:	return "SigningCertNotTrusted";
-    case NSSCMSVS_SignatureAlgorithmUnknown:	return "SignatureAlgorithmUnknown";
-    case NSSCMSVS_SignatureAlgorithmUnsupported: return "SignatureAlgorithmUnsupported";
-    case NSSCMSVS_MalformedSignature:		return "MalformedSignature";
-    case NSSCMSVS_ProcessingError:		return "ProcessingError";
-    default:					return "Unknown";
-    }
-}
-
-SECStatus
-NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut, 
-                 PLArenaPool *arena)
-{
-    NSSCMSEncoderContext *ecx;
-    SECStatus rv = SECSuccess;
-    if (!cmsg || !derOut || !arena) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    ecx = NSS_CMSEncoder_Start(cmsg, 0, 0, derOut, arena, 0, 0, 0, 0, 0, 0);
-    if (!ecx) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return SECFailure;
-    }
-    if (input) {
-	rv = NSS_CMSEncoder_Update(ecx, (const char*)input->data, input->len);
-	if (rv) {
-	    PORT_SetError(SEC_ERROR_BAD_DATA);
-	}
-    }
-    rv |= NSS_CMSEncoder_Finish(ecx);
-    if (rv) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-    }
-    return rv;
-}
diff --git a/security/nss/lib/smime/config.mk b/security/nss/lib/smime/config.mk
deleted file mode 100644
index 95a180b71..000000000
--- a/security/nss/lib/smime/config.mk
+++ /dev/null
@@ -1,79 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-RELEASE_LIBS = $(TARGETS)
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/smime.res
-RESNAME = smime.rc
-
-EXTRA_SHARED_LIBS += \
-	$(DIST)/lib/nss3.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-
-else
-
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lnss3 \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-
-ifeq ($(OS_ARCH), Darwin)
-EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib
-endif
-
-endif
-
-
-SHARED_LIBRARY_LIBS = \
-	$(DIST)/lib/$(LIB_PREFIX)pkcs12.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)pkcs7.$(LIB_SUFFIX) \
-	$(NULL)
-
-SHARED_LIBRARY_DIRS = \
-	../pkcs12 \
-	../pkcs7 \
-	$(NULL)
-
-
diff --git a/security/nss/lib/smime/manifest.mn b/security/nss/lib/smime/manifest.mn
deleted file mode 100644
index 328a55e25..000000000
--- a/security/nss/lib/smime/manifest.mn
+++ /dev/null
@@ -1,77 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	cms.h \
-	cmst.h \
-	smime.h \
-	cmsreclist.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	cmslocal.h \
-	$(NULL)
-
-MODULE = security
-MAPFILE = $(OBJDIR)/smime.def
-
-CSRCS = \
-	cmsarray.c \
-	cmsasn1.c \
-	cmsattr.c \
-	cmscinfo.c \
-	cmscipher.c \
-	cmsdecode.c \
-	cmsdigdata.c \
-	cmsdigest.c \
-	cmsencdata.c \
-	cmsencode.c \
-	cmsenvdata.c \
-	cmsmessage.c \
-	cmspubkey.c \
-	cmsrecinfo.c \
-	cmsreclist.c \
-	cmssigdata.c \
-	cmssiginfo.c \
-	cmsutil.c \
-	smimemessage.c \
-	smimeutil.c \
-	smimever.c \
-	$(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = smime
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/smime/smime.def b/security/nss/lib/smime/smime.def
deleted file mode 100644
index ef383b559..000000000
--- a/security/nss/lib/smime/smime.def
+++ /dev/null
@@ -1,211 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation.  Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation.  All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above.  If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL.  If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+#   1. For all unix platforms, the string ";-"  means "remove this line"
-;+#   2. For all unix platforms, the string " DATA " will be removed from any 
-;+#	line on which it occurs.
-;+#   3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+#      On AIX, lines containing ";+" will be removed.  
-;+#   4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+#   5. For all unix platforms, after the above processing has taken place,
-;+#    all characters after the first ";" on the line will be removed.  
-;+#    And for AIX, the first ";" will also be removed.
-;+#  This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+#   directives are hidden behind ";", ";+", and ";-"
-;+
-;+NSS_3.2 {               # NSS 3.2 release
-;+    global:
-LIBRARY smime3 ;-
-EXPORTS	;-
-NSS_CMSContentInfo_GetBulkKey;
-NSS_CMSContentInfo_GetBulkKeySize;
-NSS_CMSContentInfo_GetContent;
-NSS_CMSContentInfo_GetContentEncAlgTag;
-NSS_CMSContentInfo_GetContentTypeTag;
-NSS_CMSContentInfo_SetBulkKey;
-NSS_CMSContentInfo_SetContent;
-NSS_CMSContentInfo_SetContentEncAlg;
-NSS_CMSContentInfo_SetContent_Data;
-NSS_CMSContentInfo_SetContent_DigestedData;
-NSS_CMSContentInfo_SetContent_EncryptedData;
-NSS_CMSContentInfo_SetContent_EnvelopedData;
-NSS_CMSContentInfo_SetContent_SignedData;
-NSS_CMSDEREncode;
-NSS_CMSDecoder_Cancel;
-NSS_CMSDecoder_Finish;
-NSS_CMSDecoder_Start;
-NSS_CMSDecoder_Update;
-NSS_CMSDigestContext_Cancel;
-NSS_CMSDigestContext_FinishMultiple;
-NSS_CMSDigestContext_FinishSingle;
-NSS_CMSDigestContext_StartMultiple;
-NSS_CMSDigestContext_StartSingle;
-NSS_CMSDigestContext_Update;
-NSS_CMSDigestedData_Create;
-NSS_CMSDigestedData_Destroy;
-NSS_CMSDigestedData_GetContentInfo;
-NSS_CMSEncoder_Cancel;
-NSS_CMSEncoder_Finish;
-NSS_CMSEncoder_Start;
-NSS_CMSEncoder_Update;
-NSS_CMSEncryptedData_Create;
-NSS_CMSEncryptedData_Destroy;
-NSS_CMSEncryptedData_GetContentInfo;
-NSS_CMSEnvelopedData_AddRecipient;
-NSS_CMSEnvelopedData_Create;
-NSS_CMSEnvelopedData_Destroy;
-NSS_CMSEnvelopedData_GetContentInfo;
-NSS_CMSMessage_ContentLevel;
-NSS_CMSMessage_ContentLevelCount;
-NSS_CMSMessage_Copy;
-NSS_CMSMessage_Create;
-NSS_CMSMessage_CreateFromDER;
-NSS_CMSMessage_Destroy;
-NSS_CMSMessage_GetContent;
-NSS_CMSMessage_GetContentInfo;
-NSS_CMSRecipientInfo_Create;
-NSS_CMSRecipientInfo_Destroy;
-NSS_CMSSignedData_AddCertChain;
-NSS_CMSSignedData_AddCertList;
-NSS_CMSSignedData_AddCertificate;
-NSS_CMSSignedData_AddDigest;
-NSS_CMSSignedData_AddSignerInfo;
-NSS_CMSSignedData_Create;
-NSS_CMSSignedData_CreateCertsOnly;
-NSS_CMSSignedData_Destroy;
-NSS_CMSSignedData_GetContentInfo;
-NSS_CMSSignedData_GetDigestAlgs;
-NSS_CMSSignedData_GetSignerInfo;
-NSS_CMSSignedData_HasDigests;
-NSS_CMSSignedData_ImportCerts;
-NSS_CMSSignedData_SetDigests;
-NSS_CMSSignedData_SignerInfoCount;
-NSS_CMSSignedData_VerifyCertsOnly;
-NSS_CMSSignedData_VerifySignerInfo;
-NSS_CMSSignerInfo_AddSMIMECaps;
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs;
-NSS_CMSSignerInfo_AddSigningTime;
-NSS_CMSSignerInfo_Create;
-NSS_CMSSignerInfo_Destroy;
-NSS_CMSSignerInfo_GetCertList;
-NSS_CMSSignerInfo_GetSignerCommonName;
-NSS_CMSSignerInfo_GetSignerEmailAddress;
-NSS_CMSSignerInfo_GetSigningCertificate;
-NSS_CMSSignerInfo_GetSigningTime;
-NSS_CMSSignerInfo_GetVerificationStatus;
-NSS_CMSSignerInfo_GetVersion;
-NSS_CMSSignerInfo_IncludeCerts;
-NSS_CMSUtil_VerificationStatusToString;
-NSS_SMIMEUtil_FindBulkAlgForRecipients;
-CERT_DecodeCertPackage;
-SEC_PKCS7AddRecipient;
-SEC_PKCS7AddSigningTime;
-SEC_PKCS7ContentType;
-SEC_PKCS7CreateData;
-SEC_PKCS7CreateEncryptedData;
-SEC_PKCS7CreateEnvelopedData;
-SEC_PKCS7CreateSignedData;
-SEC_PKCS7DecodeItem;
-SEC_PKCS7DecoderFinish;
-SEC_PKCS7DecoderStart;
-SEC_PKCS7DecoderUpdate;
-SEC_PKCS7DecryptContents;
-SEC_PKCS7DestroyContentInfo;
-SEC_PKCS7EncoderFinish;
-SEC_PKCS7EncoderStart;
-SEC_PKCS7EncoderUpdate;
-SEC_PKCS7GetCertificateList;
-SEC_PKCS7GetContent;
-SEC_PKCS7GetEncryptionAlgorithm;
-SEC_PKCS7IncludeCertChain;
-SEC_PKCS7IsContentEmpty;
-SEC_PKCS7VerifySignature;
-SEC_PKCS12AddCertAndKey;
-SEC_PKCS12AddPasswordIntegrity;
-SEC_PKCS12CreateExportContext;
-SEC_PKCS12CreatePasswordPrivSafe;
-SEC_PKCS12CreateUnencryptedSafe;
-SEC_PKCS12EnableCipher;
-SEC_PKCS12Encode;
-SEC_PKCS12DecoderImportBags;
-SEC_PKCS12DecoderFinish;
-SEC_PKCS12DecoderStart;
-SEC_PKCS12DecoderUpdate;
-SEC_PKCS12DecoderValidateBags;
-SEC_PKCS12DecoderVerify;
-SEC_PKCS12DestroyExportContext;
-SEC_PKCS12IsEncryptionAllowed;
-SEC_PKCS12SetPreferredCipher;
-;+    local:
-;+        *;
-;+};
-;+NSS_3.2.1 {               # NSS 3.2.1 release
-;+    global:
-NSSSMIME_VersionCheck;
-;+    local:
-;+        *;
-;+};
-;+NSS_3.3 {     # NSS 3.3 release
-;+    global:
-SEC_PKCS7AddCertificate;
-SEC_PKCS7CreateCertsOnly;
-SEC_PKCS7Encode;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.4 {     # NSS 3.4 release
-;+    global:
-CERT_DecodeCertFromPackage;
-NSS_CMSMessage_IsSigned;
-NSS_CMSSignedData_SetDigestValue;
-NSS_SMIMESignerInfo_SaveSMIMEProfile;
-SEC_PKCS12DecoderGetCerts;
-SEC_PKCS7ContainsCertsOrCrls;
-SEC_PKCS7ContentIsEncrypted;
-SEC_PKCS7ContentIsSigned;
-SEC_PKCS7CopyContentInfo;
-SEC_PKCS7GetSignerCommonName;
-SEC_PKCS7GetSignerEmailAddress;
-SEC_PKCS7GetSigningTime;
-SEC_PKCS7SetContent;
-SEC_PKCS7VerifyDetachedSignature;
-SECMIME_DecryptionAllowed;
-;+    local:
-;+       *;
-;+};
-;+NSS_3.4.1 {     # NSS 3.4.1 release
-;+    global:
-NSS_CMSMessage_IsEncrypted;
-;+    local:
-;+       *;
-;+};
diff --git a/security/nss/lib/smime/smime.h b/security/nss/lib/smime/smime.h
deleted file mode 100644
index 1832634f7..000000000
--- a/security/nss/lib/smime/smime.h
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header file for routines specific to S/MIME.  Keep things that are pure
- * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
- *
- * $Id$
- */
-
-#ifndef _SECMIME_H_
-#define _SECMIME_H_ 1
-
-#include "cms.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Initialize the local recording of the user S/MIME cipher preferences.
- * This function is called once for each cipher, the order being
- * important (first call records greatest preference, and so on).
- * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
- * If the function is called again after that, it is assumed that
- * the preferences are being reset, and the old preferences are
- * discarded.
- *
- * XXX This is for a particular user, and right now the storage is
- * XXX local, static.  The preference should be stored elsewhere to allow
- * XXX for multiple uses of one library?  How does SSL handle this;
- * XXX it has something similar?
- *
- *  - The "which" values are defined in ciferfam.h (the SMIME_* values,
- *    for example SMIME_DES_CBC_56).
- *  - If "on" is non-zero then the named cipher is enabled, otherwise
- *    it is disabled.  (It is not necessary to call the function for
- *    ciphers that are disabled, however, as that is the default.)
- *
- * If the cipher preference is successfully recorded, SECSuccess
- * is returned.  Otherwise SECFailure is returned.  The only errors
- * are due to failure allocating memory or bad parameters/calls:
- *	SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- *	SEC_ERROR_XXX (function is being called more times than there
- *		are known/expected ciphers)
- */
-extern SECStatus NSS_SMIMEUtil_EnableCipher(long which, int on);
-
-/*
- * Initialize the local recording of the S/MIME policy.
- * This function is called to allow/disallow a particular cipher.
- *
- * XXX This is for a the current module, I think, so local, static storage
- * XXX is okay.  Is that correct, or could multiple uses of the same
- * XXX library expect to operate under different policies?
- *
- *  - The "which" values are defined in ciferfam.h (the SMIME_* values,
- *    for example SMIME_DES_CBC_56).
- *  - If "on" is non-zero then the named cipher is enabled, otherwise
- *    it is disabled.
- */
-extern SECStatus NSS_SMIMEUtils_AllowCipher(long which, int on);
-
-/*
- * Does the current policy allow S/MIME decryption of this particular
- * algorithm and keysize?
- */
-extern PRBool NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy.  Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments.  The return value is a simple boolean:
- *   PR_TRUE means encryption (or decryption) is *possible*
- *	(but may still fail due to other reasons, like because we cannot
- *	find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- *   PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-extern PRBool NSS_SMIMEUtil_EncryptionPossible(void);
-
-/*
- * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities attr value
- *
- * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
- * S/MIME capabilities attribute value.
- */
-extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers);
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
- */
-extern SECStatus NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert);
-
-/*
- * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference - find cert marked by EncryptionKeyPreference
- *          attribute
- */
-extern CERTCertificate *NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp);
-
-/*
- * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
- */
-extern SECStatus
-NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/smime/smime.rc b/security/nss/lib/smime/smime.rc
deleted file mode 100644
index f75da062d..000000000
--- a/security/nss/lib/smime/smime.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "smime"
-#define MY_FILEDESCRIPTION "NSS S/MIME Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
-    BLOCK "StringFileInfo"
-    BEGIN
-        BLOCK "040904B0" // Lang=US English, CharSet=Unicode
-        BEGIN
-            VALUE "CompanyName", "Netscape Communications Corporation\0"
-            VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
-            VALUE "FileVersion", NSS_VERSION "\0"
-            VALUE "InternalName", MY_INTERNAL_NAME "\0"
-            VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
-            VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
-            VALUE "ProductName", "Network Security Services\0"
-            VALUE "ProductVersion", NSS_VERSION "\0"
-        END
-    END
-    BLOCK "VarFileInfo"
-    BEGIN
-        VALUE "Translation", 0x409, 1200
-    END
-END
diff --git a/security/nss/lib/smime/smimemessage.c b/security/nss/lib/smime/smimemessage.c
deleted file mode 100644
index 81c1f9d4d..000000000
--- a/security/nss/lib/smime/smimemessage.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * SMIME message methods
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-#include "smime.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-#if 0
-/*
- * NSS_SMIMEMessage_CreateEncrypted - start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender.  It will be checked for validity.
- * "rcerts" are the certs for the recipients.  They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-NSSCMSMessage *
-NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert,
-			CERTCertificate **rcerts,
-			CERTCertDBHandle *certdb,
-			PK11PasswordFunc pwfn,
-			void *pwfn_arg)
-{
-    NSSCMSMessage *cmsg;
-    long cipher;
-    SECOidTag encalg;
-    int keysize;
-    int mapi, rci;
-
-    cipher = smime_choose_cipher (scert, rcerts);
-    if (cipher < 0)
-	return NULL;
-
-    mapi = smime_mapi_by_cipher (cipher);
-    if (mapi < 0)
-	return NULL;
-
-    /*
-     * XXX This is stretching it -- CreateEnvelopedData should probably
-     * take a cipher itself of some sort, because we cannot know what the
-     * future will bring in terms of parameters for each type of algorithm.
-     * For example, just an algorithm and keysize is *not* sufficient to
-     * fully specify the usage of RC5 (which also needs to know rounds and
-     * block size).  Work this out into a better API!
-     */
-    encalg = smime_cipher_map[mapi].algtag;
-    keysize = smime_keysize_by_cipher (cipher);
-    if (keysize < 0)
-	return NULL;
-
-    cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
-					  certdb, encalg, keysize,
-					  pwfn, pwfn_arg);
-    if (cinfo == NULL)
-	return NULL;
-
-    for (rci = 0; rcerts[rci] != NULL; rci++) {
-	if (rcerts[rci] == scert)
-	    continue;
-	if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
-				   NULL) != SECSuccess) {
-	    SEC_PKCS7DestroyContentInfo (cinfo);
-	    return NULL;
-	}
-    }
-
-    return cinfo;
-}
-
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data.  It will be
- * checked for validity.
- *
- * "ecert" is the signer's encryption cert.  If it is different from
- * scert, then it will be included in the signed message so that the
- * recipient can save it for future encryptions.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- * 
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data.  It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-
-NSSCMSMessage *
-NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert,
-		      CERTCertificate *ecert,
-		      CERTCertDBHandle *certdb,
-		      SECOidTag digestalgtag,
-		      SECItem *digest,
-		      PK11PasswordFunc pwfn,
-		      void *pwfn_arg)
-{
-    NSSCMSMessage *cmsg;
-    NSSCMSSignedData *sigd;
-    NSSCMSSignerInfo *signerinfo;
-
-    /* See note in header comment above about digestalg. */
-    PORT_Assert (digestalgtag == SEC_OID_SHA1);
-
-    cmsg = NSS_CMSMessage_Create(NULL);
-    if (cmsg == NULL)
-	return NULL;
-
-    sigd = NSS_CMSSignedData_Create(cmsg);
-    if (sigd == NULL)
-	goto loser;
-
-    /* create just one signerinfo */
-    signerinfo = NSS_CMSSignerInfo_Create(cmsg, scert, digestalgtag);
-    if (signerinfo == NULL)
-	goto loser;
-
-    /* Add the signing time to the signerinfo.  */
-    if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) != SECSuccess)
-	goto loser;
-    
-    /* and add the SMIME profile */
-    if (NSS_SMIMESignerInfo_AddSMIMEProfile(signerinfo, scert) != SECSuccess)
-	goto loser;
-
-    /* now add the signerinfo to the signeddata */
-    if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess)
-	goto loser;
-
-    /* include the signing cert and its entire chain */
-    /* note that there are no checks for duplicate certs in place, as all the */
-    /* essential data structures (like set of certificate) are not there */
-    if (NSS_CMSSignedData_AddCertChain(sigd, scert) != SECSuccess)
-	goto loser;
-
-    /* If the encryption cert and the signing cert differ, then include
-     * the encryption cert too. */
-    if ( ( ecert != NULL ) && ( ecert != scert ) ) {
-	if (NSS_CMSSignedData_AddCertificate(sigd, ecert) != SECSuccess)
-	    goto loser;
-    }
-
-    return cmsg;
-loser:
-    if (cmsg)
-	NSS_CMSMessage_Destroy(cmsg);
-    return NULL;
-}
-#endif
diff --git a/security/nss/lib/smime/smimesym.c b/security/nss/lib/smime/smimesym.c
deleted file mode 100644
index e7bb771e5..000000000
--- a/security/nss/lib/smime/smimesym.c
+++ /dev/null
@@ -1,8 +0,0 @@
-extern void SEC_PKCS7DecodeItem();
-extern void SEC_PKCS7DestroyContentInfo();
-
-smime_CMDExports() {
-	SEC_PKCS7DecodeItem();
-	SEC_PKCS7DestroyContentInfo();
-}
-
diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c
deleted file mode 100644
index 08e166434..000000000
--- a/security/nss/lib/smime/smimeutil.c
+++ /dev/null
@@ -1,741 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Stuff specific to S/MIME policy and interoperability.
- *
- * $Id$
- */
-
-#include "secmime.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "ciferfam.h"	/* for CIPHER_FAMILY symbols */
-#include "secasn1.h"
-#include "secitem.h"
-#include "cert.h"
-#include "key.h"
-#include "secerr.h"
-#include "cms.h"
-#include "nss.h"
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-
-/* various integer's ASN.1 encoding */
-static unsigned char asn1_int40[] = { SEC_ASN1_INTEGER, 0x01, 0x28 };
-static unsigned char asn1_int64[] = { SEC_ASN1_INTEGER, 0x01, 0x40 };
-static unsigned char asn1_int128[] = { SEC_ASN1_INTEGER, 0x02, 0x00, 0x80 };
-
-/* RC2 algorithm parameters (used in smime_cipher_map) */
-static SECItem param_int40 = { siBuffer, asn1_int40, sizeof(asn1_int40) };
-static SECItem param_int64 = { siBuffer, asn1_int64, sizeof(asn1_int64) };
-static SECItem param_int128 = { siBuffer, asn1_int128, sizeof(asn1_int128) };
-
-/*
- * XXX Would like the "parameters" field to be a SECItem *, but the
- * encoder is having trouble with optional pointers to an ANY.  Maybe
- * once that is fixed, can change this back...
- */
-typedef struct {
-    SECItem capabilityID;
-    SECItem parameters;
-    long cipher;		/* optimization */
-} NSSSMIMECapability;
-
-static const SEC_ASN1Template NSSSMIMECapabilityTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSSMIMECapability) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(NSSSMIMECapability,capabilityID), },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	  offsetof(NSSSMIMECapability,parameters), },
-    { 0, }
-};
-
-static const SEC_ASN1Template NSSSMIMECapabilitiesTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, NSSSMIMECapabilityTemplate }
-};
-
-/*
- * NSSSMIMEEncryptionKeyPreference - if we find one of these, it needs to prompt us
- *  to store this and only this certificate permanently for the sender email address.
- */
-typedef enum {
-    NSSSMIMEEncryptionKeyPref_IssuerSN,
-    NSSSMIMEEncryptionKeyPref_RKeyID,
-    NSSSMIMEEncryptionKeyPref_SubjectKeyID
-} NSSSMIMEEncryptionKeyPrefSelector;
-
-typedef struct {
-    NSSSMIMEEncryptionKeyPrefSelector selector;
-    union {
-	CERTIssuerAndSN			*issuerAndSN;
-	NSSCMSRecipientKeyIdentifier	*recipientKeyID;
-	SECItem				*subjectKeyID;
-    } id;
-} NSSSMIMEEncryptionKeyPreference;
-
-extern const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[];
-
-static const SEC_ASN1Template smime_encryptionkeypref_template[] = {
-    { SEC_ASN1_CHOICE,
-	  offsetof(NSSSMIMEEncryptionKeyPreference,selector), NULL,
-	  sizeof(NSSSMIMEEncryptionKeyPreference) },
-    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
-	  offsetof(NSSSMIMEEncryptionKeyPreference,id.issuerAndSN),
-	  SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
-	  NSSSMIMEEncryptionKeyPref_IssuerSN },
-    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 1,
-	  offsetof(NSSSMIMEEncryptionKeyPreference,id.recipientKeyID),
-	  NSSCMSRecipientKeyIdentifierTemplate,
-	  NSSSMIMEEncryptionKeyPref_IssuerSN },
-    { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
-	  offsetof(NSSSMIMEEncryptionKeyPreference,id.subjectKeyID),
-	  SEC_ASN1_SUB(SEC_OctetStringTemplate),
-	  NSSSMIMEEncryptionKeyPref_SubjectKeyID },
-    { 0, }
-};
-
-/* smime_cipher_map - map of SMIME symmetric "ciphers" to algtag & parameters */
-typedef struct {
-    unsigned long cipher;
-    SECOidTag algtag;
-    SECItem *parms;
-    PRBool enabled;	/* in the user's preferences */
-    PRBool allowed;	/* per export policy */
-} smime_cipher_map_entry;
-
-/* global: list of supported SMIME symmetric ciphers, ordered roughly by increasing strength */
-static smime_cipher_map_entry smime_cipher_map[] = {
-/*    cipher			algtag			parms		enabled  allowed */
-/*    ---------------------------------------------------------------------------------- */
-    { SMIME_RC2_CBC_40,		SEC_OID_RC2_CBC,	&param_int40,	PR_TRUE, PR_TRUE },
-    { SMIME_DES_CBC_56,		SEC_OID_DES_CBC,	NULL,		PR_TRUE, PR_TRUE },
-    { SMIME_RC2_CBC_64,		SEC_OID_RC2_CBC,	&param_int64,	PR_TRUE, PR_TRUE },
-    { SMIME_RC2_CBC_128,	SEC_OID_RC2_CBC,	&param_int128,	PR_TRUE, PR_TRUE },
-    { SMIME_DES_EDE3_168,	SEC_OID_DES_EDE3_CBC,	NULL,		PR_TRUE, PR_TRUE },
-    { SMIME_FORTEZZA,		SEC_OID_FORTEZZA_SKIPJACK, NULL,	PR_TRUE, PR_TRUE }
-};
-static const int smime_cipher_map_count = sizeof(smime_cipher_map) / sizeof(smime_cipher_map_entry);
-
-/*
- * smime_mapi_by_cipher - find index into smime_cipher_map by cipher
- */
-static int
-smime_mapi_by_cipher(unsigned long cipher)
-{
-    int i;
-
-    for (i = 0; i < smime_cipher_map_count; i++) {
-	if (smime_cipher_map[i].cipher == cipher)
-	    return i;	/* bingo */
-    }
-    return -1;		/* should not happen if we're consistent, right? */
-}
-
-/*
- * NSS_SMIME_EnableCipher - this function locally records the user's preference
- */
-SECStatus 
-NSS_SMIMEUtil_EnableCipher(unsigned long which, PRBool on)
-{
-    unsigned long mask;
-    int mapi;
-
-    mask = which & CIPHER_FAMILYID_MASK;
-
-    PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
-    if (mask != CIPHER_FAMILYID_SMIME)
-	/* XXX set an error! */
-    	return SECFailure;
-
-    mapi = smime_mapi_by_cipher(which);
-    if (mapi < 0)
-	/* XXX set an error */
-	return SECFailure;
-
-    /* do we try to turn on a forbidden cipher? */
-    if (!smime_cipher_map[mapi].allowed && on) {
-	PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
-	return SECFailure;
-    }
-
-    if (smime_cipher_map[mapi].enabled != on)
-	smime_cipher_map[mapi].enabled = on;
-
-    return SECSuccess;
-}
-
-
-/*
- * this function locally records the export policy
- */
-SECStatus 
-NSS_SMIMEUtil_AllowCipher(unsigned long which, PRBool on)
-{
-    unsigned long mask;
-    int mapi;
-
-    mask = which & CIPHER_FAMILYID_MASK;
-
-    PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
-    if (mask != CIPHER_FAMILYID_SMIME)
-	/* XXX set an error! */
-    	return SECFailure;
-
-    mapi = smime_mapi_by_cipher(which);
-    if (mapi < 0)
-	/* XXX set an error */
-	return SECFailure;
-
-    if (smime_cipher_map[mapi].allowed != on)
-	smime_cipher_map[mapi].allowed = on;
-
-    return SECSuccess;
-}
-
-/*
- * Based on the given algorithm (including its parameters, in some cases!)
- * and the given key (may or may not be inspected, depending on the
- * algorithm), find the appropriate policy algorithm specification
- * and return it.  If no match can be made, -1 is returned.
- */
-static SECStatus
-nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, unsigned long *cipher)
-{
-    SECOidTag algtag;
-    unsigned int keylen_bits;
-    SECStatus rv = SECSuccess;
-    unsigned long c;
-
-    algtag = SECOID_GetAlgorithmTag(algid);
-    switch (algtag) {
-    case SEC_OID_RC2_CBC:
-	keylen_bits = PK11_GetKeyStrength(key, algid);
-	switch (keylen_bits) {
-	case 40:
-	    c = SMIME_RC2_CBC_40;
-	case 64:
-	    c = SMIME_RC2_CBC_64;
-	case 128:
-	    c = SMIME_RC2_CBC_128;
-	default:
-	    rv = SECFailure;
-	    break;
-	}
-	break;
-    case SEC_OID_DES_CBC:
-	c = SMIME_DES_CBC_56;
-    case SEC_OID_DES_EDE3_CBC:
-	c = SMIME_DES_EDE3_168;
-    case SEC_OID_FORTEZZA_SKIPJACK:
-	c = SMIME_FORTEZZA;
-    default:
-	rv = SECFailure;
-    }
-    if (rv == SECSuccess)
-	*cipher = c;
-    return rv;
-}
-
-static PRBool
-nss_smime_cipher_allowed(unsigned long which)
-{
-    int mapi;
-
-    mapi = smime_mapi_by_cipher(which);
-    if (mapi < 0)
-	return PR_FALSE;
-    return smime_cipher_map[mapi].allowed;
-}
-
-PRBool
-NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
-    unsigned long which;
-
-    if (nss_smime_get_cipher_for_alg_and_key(algid, key, &which) != SECSuccess)
-	return PR_FALSE;
-
-    return nss_smime_cipher_allowed(which);
-}
-
-
-/*
- * NSS_SMIME_EncryptionPossible - check if any encryption is allowed
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy.  Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments.  The return value is a simple boolean:
- *   PR_TRUE means encryption (or decryption) is *possible*
- *	(but may still fail due to other reasons, like because we cannot
- *	find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- *   PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-PRBool
-NSS_SMIMEUtil_EncryptionPossible(void)
-{
-    int i;
-
-    for (i = 0; i < smime_cipher_map_count; i++) {
-	if (smime_cipher_map[i].allowed)
-	    return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-
-static int
-nss_SMIME_FindCipherForSMIMECap(NSSSMIMECapability *cap)
-{
-    int i;
-    SECOidTag capIDTag;
-
-    /* we need the OIDTag here */
-    capIDTag = SECOID_FindOIDTag(&(cap->capabilityID));
-
-    /* go over all the SMIME ciphers we know and see if we find a match */
-    for (i = 0; i < smime_cipher_map_count; i++) {
-	if (smime_cipher_map[i].algtag != capIDTag)
-	    continue;
-	/*
-	 * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
-	 * 2 NULLs as equal and NULL and non-NULL as not equal), we could
-	 * use that here instead of all of the following comparison code.
-	 */
-	if (cap->parameters.data == NULL && smime_cipher_map[i].parms == NULL)
-	    break;	/* both empty: bingo */
-
-	if (cap->parameters.data != NULL && smime_cipher_map[i].parms != NULL &&
-	    cap->parameters.len == smime_cipher_map[i].parms->len &&
-	    PORT_Memcmp (cap->parameters.data, smime_cipher_map[i].parms->data,
-			     cap->parameters.len) == 0)
-	{
-	    break;	/* both not empty, same length & equal content: bingo */
-	}
-    }
-
-    if (i == smime_cipher_map_count)
-	return 0;				/* no match found */
-    else
-	return smime_cipher_map[i].cipher;	/* match found, point to cipher */
-}
-
-/*
- * smime_choose_cipher - choose a cipher that works for all the recipients
- *
- * "scert"  - sender's certificate
- * "rcerts" - recipient's certificates
- */
-static long
-smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
-{
-    PRArenaPool *poolp;
-    long cipher;
-    long chosen_cipher;
-    int *cipher_abilities;
-    int *cipher_votes;
-    int weak_mapi;
-    int strong_mapi;
-    int rcount, mapi, max, i;
-    PRBool scert_is_fortezza = (scert == NULL) ? PR_FALSE : PK11_FortezzaHasKEA(scert);
-
-    chosen_cipher = SMIME_RC2_CBC_40;		/* the default, LCD */
-    weak_mapi = smime_mapi_by_cipher(chosen_cipher);
-
-    poolp = PORT_NewArena (1024);		/* XXX what is right value? */
-    if (poolp == NULL)
-	goto done;
-
-    cipher_abilities = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
-    cipher_votes     = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
-    if (cipher_votes == NULL || cipher_abilities == NULL)
-	goto done;
-
-    /* If the user has the Fortezza preference turned on, make
-     *  that the strong cipher. Otherwise, use triple-DES. */
-    strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
-    if (scert_is_fortezza) {
-	mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
-	if (mapi >= 0 && smime_cipher_map[mapi].enabled)
-	    strong_mapi = mapi;
-    }
-
-    /* walk all the recipient's certs */
-    for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
-	SECItem *profile;
-	NSSSMIMECapability **caps;
-	int pref;
-
-	/* the first cipher that matches in the user's SMIME profile gets
-	 * "smime_cipher_map_count" votes; the next one gets "smime_cipher_map_count" - 1
-	 * and so on. If every cipher matches, the last one gets 1 (one) vote */
-	pref = smime_cipher_map_count;
-
-	/* find recipient's SMIME profile */
-	profile = CERT_FindSMimeProfile(rcerts[rcount]);
-
-	if (profile != NULL && profile->data != NULL && profile->len > 0) {
-	    /* we have a profile (still DER-encoded) */
-	    caps = NULL;
-	    /* decode it */
-	    if (SEC_ASN1DecodeItem(poolp, &caps, NSSSMIMECapabilitiesTemplate, profile) == SECSuccess &&
-		    caps != NULL)
-	    {
-		/* walk the SMIME capabilities for this recipient */
-		for (i = 0; caps[i] != NULL; i++) {
-		    cipher = nss_SMIME_FindCipherForSMIMECap(caps[i]);
-		    mapi = smime_mapi_by_cipher(cipher);
-		    if (mapi >= 0) {
-			/* found the cipher */
-			cipher_abilities[mapi]++;
-			cipher_votes[mapi] += pref;
-			--pref;
-		    }
-		}
-	    }
-	} else {
-	    /* no profile found - so we can only assume that the user can do
-	     * the mandatory algorithms which is RC2-40 (weak crypto) and 3DES (strong crypto) */
-	    SECKEYPublicKey *key;
-	    unsigned int pklen_bits;
-
-	    /*
-	     * if recipient's public key length is > 512, vote for a strong cipher
-	     * please not that the side effect of this is that if only one recipient
-	     * has an export-level public key, the strong cipher is disabled.
-	     *
-	     * XXX This is probably only good for RSA keys.  What I would
-	     * really like is a function to just say;  Is the public key in
-	     * this cert an export-length key?  Then I would not have to
-	     * know things like the value 512, or the kind of key, or what
-	     * a subjectPublicKeyInfo is, etc.
-	     */
-	    key = CERT_ExtractPublicKey(rcerts[rcount]);
-	    pklen_bits = 0;
-	    if (key != NULL) {
-		pklen_bits = SECKEY_PublicKeyStrength (key) * 8;
-		SECKEY_DestroyPublicKey (key);
-	    }
-
-	    if (pklen_bits > 512) {
-		/* cast votes for the strong algorithm */
-		cipher_abilities[strong_mapi]++;
-		cipher_votes[strong_mapi] += pref;
-		pref--;
-	    } 
-
-	    /* always cast (possibly less) votes for the weak algorithm */
-	    cipher_abilities[weak_mapi]++;
-	    cipher_votes[weak_mapi] += pref;
-	}
-	if (profile != NULL)
-	    SECITEM_FreeItem(profile, PR_TRUE);
-    }
-
-    /* find cipher that is agreeable by all recipients and that has the most votes */
-    max = 0;
-    for (mapi = 0; mapi < smime_cipher_map_count; mapi++) {
-	/* if not all of the recipients can do this, forget it */
-	if (cipher_abilities[mapi] != rcount)
-	    continue;
-	/* if cipher is not enabled or not allowed by policy, forget it */
-	if (!smime_cipher_map[mapi].enabled || !smime_cipher_map[mapi].allowed)
-	    continue;
-	/* if we're not doing fortezza, but the cipher is fortezza, forget it */
-	if (!scert_is_fortezza  && (smime_cipher_map[mapi].cipher == SMIME_FORTEZZA))
-	    continue;
-	/* now see if this one has more votes than the last best one */
-	if (cipher_votes[mapi] >= max) {
-	    /* if equal number of votes, prefer the ones further down in the list */
-	    /* with the expectation that these are higher rated ciphers */
-	    chosen_cipher = smime_cipher_map[mapi].cipher;
-	    max = cipher_votes[mapi];
-	}
-    }
-    /* if no common cipher was found, chosen_cipher stays at the default */
-
-done:
-    if (poolp != NULL)
-	PORT_FreeArena (poolp, PR_FALSE);
-
-    return chosen_cipher;
-}
-
-/*
- * XXX This is a hack for now to satisfy our current interface.
- * Eventually, with more parameters needing to be specified, just
- * looking up the keysize is not going to be sufficient.
- */
-static int
-smime_keysize_by_cipher (unsigned long which)
-{
-    int keysize;
-
-    switch (which) {
-      case SMIME_RC2_CBC_40:
-	keysize = 40;
-	break;
-      case SMIME_RC2_CBC_64:
-	keysize = 64;
-	break;
-      case SMIME_RC2_CBC_128:
-	keysize = 128;
-	break;
-      case SMIME_DES_CBC_56:
-      case SMIME_DES_EDE3_168:
-      case SMIME_FORTEZZA:
-	/*
-	 * These are special; since the key size is fixed, we actually
-	 * want to *avoid* specifying a key size.
-	 */
-	keysize = 0;
-	break;
-      default:
-	keysize = -1;
-	break;
-    }
-
-    return keysize;
-}
-
-/*
- * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
- *
- * it would be great for UI purposes if there would be a way to find out which recipients
- * prevented a strong cipher from being used...
- */
-SECStatus
-NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize)
-{
-    unsigned long cipher;
-    int mapi;
-
-    cipher = smime_choose_cipher(NULL, rcerts);
-    mapi = smime_mapi_by_cipher(cipher);
-
-    *bulkalgtag = smime_cipher_map[mapi].algtag;
-    *keysize = smime_keysize_by_cipher(smime_cipher_map[mapi].cipher);
-
-    return SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities for this instance of NSS
- *
- * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
- * S/MIME capabilities attribute value.
- *
- * XXX Please note that, in contradiction to RFC2633 2.5.2, the capabilities only include
- * symmetric ciphers, NO signature algorithms or key encipherment algorithms.
- *
- * "poolp" - arena pool to create the S/MIME capabilities data on
- * "dest" - SECItem to put the data in
- * "includeFortezzaCiphers" - PR_TRUE if fortezza ciphers should be included
- */
-SECStatus
-NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers)
-{
-    NSSSMIMECapability *cap;
-    NSSSMIMECapability **smime_capabilities;
-    smime_cipher_map_entry *map;
-    SECOidData *oiddata;
-    SECItem *dummy;
-    int i, capIndex;
-
-    /* if we have an old NSSSMIMECapability array, we'll reuse it (has the right size) */
-    /* smime_cipher_map_count + 1 is an upper bound - we might end up with less */
-    smime_capabilities = (NSSSMIMECapability **)PORT_ZAlloc((smime_cipher_map_count + 1)
-				      * sizeof(NSSSMIMECapability *));
-    if (smime_capabilities == NULL)
-	return SECFailure;
-
-    capIndex = 0;
-
-    /* Add all the symmetric ciphers
-     * We walk the cipher list backwards, as it is ordered by increasing strength,
-     * we prefer the stronger cipher over a weaker one, and we have to list the
-     * preferred algorithm first */
-    for (i = smime_cipher_map_count - 1; i >= 0; i--) {
-	/* Find the corresponding entry in the cipher map. */
-	map = &(smime_cipher_map[i]);
-	if (!map->enabled)
-	    continue;
-
-	/* If we're using a non-Fortezza cert, only advertise non-Fortezza
-	   capabilities. (We advertise all capabilities if we have a 
-	   Fortezza cert.) */
-	if ((!includeFortezzaCiphers) && (map->cipher == SMIME_FORTEZZA))
-	    continue;
-
-	/* get next SMIME capability */
-	cap = (NSSSMIMECapability *)PORT_ZAlloc(sizeof(NSSSMIMECapability));
-	if (cap == NULL)
-	    break;
-	smime_capabilities[capIndex++] = cap;
-
-	oiddata = SECOID_FindOIDByTag(map->algtag);
-	if (oiddata == NULL)
-	    break;
-
-	cap->capabilityID.data = oiddata->oid.data;
-	cap->capabilityID.len = oiddata->oid.len;
-	cap->parameters.data = map->parms ? map->parms->data : NULL;
-	cap->parameters.len = map->parms ? map->parms->len : 0;
-	cap->cipher = smime_cipher_map[i].cipher;
-    }
-
-    /* XXX add signature algorithms */
-    /* XXX add key encipherment algorithms */
-
-    smime_capabilities[capIndex] = NULL;	/* last one - now encode */
-    dummy = SEC_ASN1EncodeItem(poolp, dest, &smime_capabilities, NSSSMIMECapabilitiesTemplate);
-
-    /* now that we have the proper encoded SMIMECapabilities (or not),
-     * free the work data */
-    for (i = 0; smime_capabilities[i] != NULL; i++)
-	PORT_Free(smime_capabilities[i]);
-    PORT_Free(smime_capabilities);
-
-    return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
- *
- * "poolp" - arena pool to create the attr value on
- * "dest" - SECItem to put the data in
- * "cert" - certificate that should be marked as preferred encryption key
- *          cert is expected to have been verified for EmailRecipient usage.
- */
-SECStatus
-NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert)
-{
-    NSSSMIMEEncryptionKeyPreference ekp;
-    SECItem *dummy = NULL;
-    PLArenaPool *tmppoolp = NULL;
-
-    if (cert == NULL)
-	goto loser;
-
-    tmppoolp = PORT_NewArena(1024);
-    if (tmppoolp == NULL)
-	goto loser;
-
-    /* XXX hardcoded IssuerSN choice for now */
-    ekp.selector = NSSSMIMEEncryptionKeyPref_IssuerSN;
-    ekp.id.issuerAndSN = CERT_GetCertIssuerAndSN(tmppoolp, cert);
-    if (ekp.id.issuerAndSN == NULL)
-	goto loser;
-
-    dummy = SEC_ASN1EncodeItem(poolp, dest, &ekp, smime_encryptionkeypref_template);
-
-loser:
-    if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
-    return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference -
- *				find cert marked by EncryptionKeyPreference attribute
- *
- * "certdb" - handle for the cert database to look in
- * "DERekp" - DER-encoded value of S/MIME Encryption Key Preference attribute
- *
- * if certificate is supposed to be found among the message's included certificates,
- * they are assumed to have been imported already.
- */
-CERTCertificate *
-NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp)
-{
-    PLArenaPool *tmppoolp = NULL;
-    CERTCertificate *cert = NULL;
-    NSSSMIMEEncryptionKeyPreference ekp;
-
-    tmppoolp = PORT_NewArena(1024);
-    if (tmppoolp == NULL)
-	return NULL;
-
-    /* decode DERekp */
-    if (SEC_ASN1DecodeItem(tmppoolp, &ekp, smime_encryptionkeypref_template, DERekp) != SECSuccess)
-	goto loser;
-
-    /* find cert */
-    switch (ekp.selector) {
-    case NSSSMIMEEncryptionKeyPref_IssuerSN:
-	cert = CERT_FindCertByIssuerAndSN(certdb, ekp.id.issuerAndSN);
-	break;
-    case NSSSMIMEEncryptionKeyPref_RKeyID:
-    case NSSSMIMEEncryptionKeyPref_SubjectKeyID:
-	/* XXX not supported yet - we need to be able to look up certs by SubjectKeyID */
-	break;
-    default:
-	PORT_Assert(0);
-    }
-loser:
-    if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
-    return cert;
-}
-
-extern const char __nss_smime_rcsid[];
-extern const char __nss_smime_sccsid[];
-
-PRBool
-NSSSMIME_VersionCheck(const char *importedVersion)
-{
-    /*
-     * This is the secret handshake algorithm.
-     *
-     * This release has a simple version compatibility
-     * check algorithm.  This release is not backward
-     * compatible with previous major releases.  It is
-     * not compatible with future major, minor, or
-     * patch releases.
-     */
-    volatile char c; /* force a reference that won't get optimized away */
-
-    c = __nss_smime_rcsid[0] + __nss_smime_sccsid[0]; 
-
-    return NSS_VersionCheck(importedVersion);
-}
-
diff --git a/security/nss/lib/smime/smimever.c b/security/nss/lib/smime/smimever.c
deleted file mode 100644
index d10e7a6a3..000000000
--- a/security/nss/lib/smime/smimever.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_smime_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__ " $";
-const char __nss_smime_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/softoken/Makefile b/security/nss/lib/softoken/Makefile
deleted file mode 100644
index fa3b20648..000000000
--- a/security/nss/lib/softoken/Makefile
+++ /dev/null
@@ -1,91 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pkcs11c.c in 64-bit mode for unknown reasons.  A workaround is
-# to compile it with optimizations turned on.  (Bugzilla bug #63815)
-ifeq ($(OS_TARGET)$(OS_RELEASE),AIX4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pkcs11.o: pkcs11.c
-	@$(MAKE_OBJDIR)
-	$(CC) -o $@ -c -O2 $(CFLAGS) $<
-$(OBJDIR)/pkcs11c.o: pkcs11c.c
-	@$(MAKE_OBJDIR)
-	$(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
diff --git a/security/nss/lib/softoken/alghmac.c b/security/nss/lib/softoken/alghmac.c
deleted file mode 100644
index 60abd73d0..000000000
--- a/security/nss/lib/softoken/alghmac.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sechash.h"
-#include "secport.h"
-#include "alghmac.h"
-/*#include "secoid.h"*/
-
-#define HMAC_PAD_SIZE 64
-
-struct HMACContextStr {
-    void *hash;
-    const SECHashObject *hashobj;
-    unsigned char ipad[HMAC_PAD_SIZE];
-    unsigned char opad[HMAC_PAD_SIZE];
-};
-
-void
-HMAC_Destroy(HMACContext *cx)
-{
-    if (cx == NULL)
-	return;
-
-    if (cx->hash != NULL)
-	cx->hashobj->destroy(cx->hash, PR_TRUE);
-    PORT_ZFree(cx, sizeof(HMACContext));
-}
-
-HMACContext *
-HMAC_Create(const SECHashObject *hash_obj, const unsigned char *secret, 
-            unsigned int   secret_len)
-{
-    HMACContext *cx;
-    int i;
-    unsigned char hashed_secret[SHA1_LENGTH];
-
-    cx = (HMACContext*)PORT_ZAlloc(sizeof(HMACContext));
-    if (cx == NULL)
-	return NULL;
-    cx->hashobj = hash_obj;
-
-    cx->hash = cx->hashobj->create();
-    if (cx->hash == NULL)
-	goto loser;
-
-    if (secret_len > HMAC_PAD_SIZE) {
-	cx->hashobj->begin( cx->hash);
-	cx->hashobj->update(cx->hash, secret, secret_len);
-	cx->hashobj->end(   cx->hash, hashed_secret, &secret_len, 
-	                 sizeof hashed_secret);
-	if (secret_len != cx->hashobj->length)
-	    goto loser;
-	secret = (const unsigned char *)&hashed_secret[0];
-    }
-
-    PORT_Memset(cx->ipad, 0x36, sizeof cx->ipad);
-    PORT_Memset(cx->opad, 0x5c, sizeof cx->opad);
-
-    /* fold secret into padding */
-    for (i = 0; i < secret_len; i++) {
-	cx->ipad[i] ^= secret[i];
-	cx->opad[i] ^= secret[i];
-    }
-    PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
-    return cx;
-
-loser:
-    PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
-    HMAC_Destroy(cx);
-    return NULL;
-}
-
-void
-HMAC_Begin(HMACContext *cx)
-{
-    /* start inner hash */
-    cx->hashobj->begin(cx->hash);
-    cx->hashobj->update(cx->hash, cx->ipad, sizeof(cx->ipad));
-}
-
-void
-HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len)
-{
-    cx->hashobj->update(cx->hash, data, data_len);
-}
-
-SECStatus
-HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
-	    unsigned int max_result_len)
-{
-    if (max_result_len < cx->hashobj->length)
-	return SECFailure;
-
-    cx->hashobj->end(cx->hash, result, result_len, max_result_len);
-    if (*result_len != cx->hashobj->length)
-	return SECFailure;
-
-    cx->hashobj->begin(cx->hash);
-    cx->hashobj->update(cx->hash, cx->opad, sizeof(cx->opad));
-    cx->hashobj->update(cx->hash, result, *result_len);
-    cx->hashobj->end(cx->hash, result, result_len, max_result_len);
-    return SECSuccess;
-}
-
-HMACContext *
-HMAC_Clone(HMACContext *cx)
-{
-    HMACContext *newcx;
-
-    newcx = (HMACContext*)PORT_ZAlloc(sizeof(HMACContext));
-    if (newcx == NULL)
-	goto loser;
-
-    newcx->hashobj = cx->hashobj;
-    newcx->hash = cx->hashobj->clone(cx->hash);
-    if (newcx->hash == NULL)
-	goto loser;
-    PORT_Memcpy(newcx->ipad, cx->ipad, sizeof(cx->ipad));
-    PORT_Memcpy(newcx->opad, cx->opad, sizeof(cx->opad));
-    return newcx;
-
-loser:
-    HMAC_Destroy(newcx);
-    return NULL;
-}
diff --git a/security/nss/lib/softoken/alghmac.h b/security/nss/lib/softoken/alghmac.h
deleted file mode 100644
index 3cb1a74dc..000000000
--- a/security/nss/lib/softoken/alghmac.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _ALGHMAC_H_
-#define _ALGHMAC_H_
-
-typedef struct HMACContextStr HMACContext;
-
-SEC_BEGIN_PROTOS
-
-/* destroy HMAC context */
-extern void
-HMAC_Destroy(HMACContext *cx);
-
-/* create HMAC context
- *  hash_alg	the algorithm with which the HMAC is performed.  This 
- *		should be, SEC_OID_MD5, SEC_OID_SHA1, or SEC_OID_MD2.
- *  secret	the secret with which the HMAC is performed.
- *  secret_len	the length of the secret, limited to at most 64 bytes.
- *
- * NULL is returned if an error occurs or the secret is > 64 bytes.
- */
-extern HMACContext *
-HMAC_Create(const SECHashObject *hashObj, const unsigned char *secret, 
-	    unsigned int secret_len);
-
-/* reset HMAC for a fresh round */
-extern void
-HMAC_Begin(HMACContext *cx);
-
-/* update HMAC 
- *  cx		HMAC Context
- *  data	the data to perform HMAC on
- *  data_len	the length of the data to process
- */
-extern void 
-HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len);
-
-/* Finish HMAC -- place the results within result
- *  cx		HMAC context
- *  result	buffer for resulting hmac'd data
- *  result_len	where the resultant hmac length is stored
- *  max_result_len  maximum possible length that can be stored in result
- */
-extern SECStatus
-HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
-	    unsigned int max_result_len);
-
-/* clone a copy of the HMAC state.  this is usefult when you would
- * need to keep a running hmac but also need to extract portions 
- * partway through the process.
- */
-extern HMACContext *
-HMAC_Clone(HMACContext *cx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/softoken/cdbhdl.h b/security/nss/lib/softoken/cdbhdl.h
deleted file mode 100644
index ba2f9fa7c..000000000
--- a/security/nss/lib/softoken/cdbhdl.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * cdbhdl.h - certificate database handle
- *   private to the certdb module
- *
- * $Id$
- */
-#ifndef _CDBHDL_H_
-#define _CDBHDL_H_
-
-#include "nspr.h"
-#include "mcom_db.h"
-#include "pcertt.h"
-
-/*
- * Handle structure for open certificate databases
- */
-struct NSSLOWCERTCertDBHandleStr {
-    DB *permCertDB;
-    PZMonitor *dbMon;
-};
-
-#ifdef DBM_USING_NSPR
-#define NO_RDONLY	PR_RDONLY
-#define NO_RDWR		PR_RDWR
-#define NO_CREATE	(PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
-#else
-#define NO_RDONLY	O_RDONLY
-#define NO_RDWR		O_RDWR
-#define NO_CREATE	(O_RDWR | O_CREAT | O_TRUNC)
-#endif
-
-typedef DB * (*rdbfunc)(const char *appName, const char *prefix, 
-				const char *type, int flags);
-
-DB * rdbopen(const char *appName, const char *prefix, 
-				const char *type, int flags);
-
-SECStatus db_Copy(DB *dest,DB *src);
-int db_BeginTransaction(DB *db);
-int db_FinishTransaction(DB *db, PRBool abort);
-#endif
diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk
deleted file mode 100644
index 0d72934be..000000000
--- a/security/nss/lib/softoken/config.mk
+++ /dev/null
@@ -1,101 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-ifdef MOZILLA_CLIENT
-DEFINES += -DMOZ_CLIENT
-endif
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)freebl.$(LIB_SUFFIX)
-CRYPTODIR=../freebl
-ifdef MOZILLA_SECURITY_BUILD
-	CRYPTOLIB=$(DIST)/lib/$(LIB_PREFIX)crypto.$(LIB_SUFFIX)
-	CRYPTODIR=../crypto
-endif
-
-EXTRA_LIBS += \
-	$(CRYPTOLIB) \
-	$(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \
-	$(DIST)/lib/$(LIB_PREFIX)dbm.$(LIB_SUFFIX) \
-	$(NULL)
-
-# can't do this in manifest.mn because OS_TARGET isn't defined there.
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-ifdef MOZILLA_BSAFE_BUILD
-	EXTRA_LIBS+=$(DIST)/lib/bsafe$(BSAFEVER).lib
-endif
-
-EXTRA_SHARED_LIBS += \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-
-else
-
-ifdef MOZILLA_BSAFE_BUILD
-	EXTRA_LIBS+=$(DIST)/lib/$(LIB_PREFIX)bsafe.$(LIB_SUFFIX)
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-endif
-
-ifeq ($(OS_TARGET),SunOS)
-ifndef USE_64
-ifeq ($(CPU_ARCH),sparc)
-# The -R '$ORIGIN' linker option instructs libsoftokn3.so to search for its
-# dependencies (libfreebl_*.so) in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-endif
-endif
-endif
-
-ifeq ($(OS_TARGET),WINCE)
-DEFINES += -DDBM_USING_NSPR
-endif
diff --git a/security/nss/lib/softoken/dbinit.c b/security/nss/lib/softoken/dbinit.c
deleted file mode 100644
index fab8b70ba..000000000
--- a/security/nss/lib/softoken/dbinit.c
+++ /dev/null
@@ -1,344 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include <ctype.h>
-#include "seccomon.h"
-#include "prinit.h"
-#include "prprf.h"
-#include "prmem.h"
-#include "pcertt.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secrng.h"
-#include "cdbhdl.h"
-#include "pkcs11i.h"
-
-static char *
-pk11_certdb_name_cb(void *arg, int dbVersion)
-{
-    const char *configdir = (const char *)arg;
-    const char *dbver;
-
-    switch (dbVersion) {
-      case 7:
-	dbver = "7";
-	break;
-      case 6:
-	dbver = "6";
-	break;
-      case 5:
-	dbver = "5";
-	break;
-      case 4:
-      default:
-	dbver = "";
-	break;
-    }
-
-    return PR_smprintf(CERT_DB_FMT, configdir, dbver);
-}
-    
-static char *
-pk11_keydb_name_cb(void *arg, int dbVersion)
-{
-    const char *configdir = (const char *)arg;
-    const char *dbver;
-    
-    switch (dbVersion) {
-      case 4:
-	dbver = "4";
-	break;
-      case 3:
-	dbver = "3";
-	break;
-      case 1:
-	dbver = "1";
-	break;
-      case 2:
-      default:
-	dbver = "";
-	break;
-    }
-
-    return PR_smprintf(KEY_DB_FMT, configdir, dbver);
-}
-
-/* for now... we need to define vendor specific codes here.
- */
-#define CKR_CERTDB_FAILED	CKR_DEVICE_ERROR
-#define CKR_KEYDB_FAILED	CKR_DEVICE_ERROR
-
-const char *
-pk11_EvaluateConfigDir(const char *configdir,char **appName)
-{
-    if (PORT_Strncmp(configdir, MULTIACCESS, sizeof(MULTIACCESS)-1) == 0) {
-	char *cdir;
-
-	*appName = PORT_Strdup(configdir+sizeof(MULTIACCESS)-1);
-	if (*appName == NULL) {
-	    return configdir;
-	}
-	cdir = *appName;
-	while (*cdir && *cdir != ':') {
-	    cdir++;
-	}
-	if (*cdir == ':') {
-	   *cdir = 0;
-	   cdir++;
-	}
-	configdir = cdir;
-    }
-    return configdir;
-}
-
-static CK_RV
-pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
-    					    NSSLOWCERTCertDBHandle **certdbPtr)
-{
-    NSSLOWCERTCertDBHandle *certdb = NULL;
-    CK_RV        crv = CKR_CERTDB_FAILED;
-    SECStatus    rv;
-    char * name = NULL;
-    char * appName = NULL;
-
-    if (prefix == NULL) {
-	prefix = "";
-    }
-
-    configdir = pk11_EvaluateConfigDir(configdir, &appName);
-
-    name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
-    if (name == NULL) goto loser;
-
-    certdb = (NSSLOWCERTCertDBHandle*)PORT_ZAlloc(sizeof(NSSLOWCERTCertDBHandle));
-    if (certdb == NULL) 
-    	goto loser;
-
-/* fix when we get the DB in */
-    rv = nsslowcert_OpenCertDB(certdb, readOnly, appName, prefix,
-				pk11_certdb_name_cb, (void *)name, PR_FALSE);
-    if (rv == SECSuccess) {
-	crv = CKR_OK;
-	*certdbPtr = certdb;
-	certdb = NULL;
-    }
-loser: 
-    if (certdb) PR_Free(certdb);
-    if (name) PORT_Free(name);
-    if (appName) PORT_Free(appName);
-    return crv;
-}
-
-static CK_RV
-pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
-    						NSSLOWKEYDBHandle **keydbPtr)
-{
-    NSSLOWKEYDBHandle *keydb;
-    char * name = NULL;
-    char * appName = NULL;
-
-    if (prefix == NULL) {
-	prefix = "";
-    }
-    configdir = pk11_EvaluateConfigDir(configdir, &appName);
-
-    name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);	
-    if (name == NULL) 
-	return SECFailure;
-    keydb = nsslowkey_OpenKeyDB(readOnly, appName, prefix, 
-					pk11_keydb_name_cb, (void *)name);
-    PORT_Free(name);
-    if (appName) PORT_Free(appName);
-    if (keydb == NULL)
-	return CKR_KEYDB_FAILED;
-    *keydbPtr = keydb;
-
-    return CKR_OK;
-}
-
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * 			"https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * 			"https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the 
- *			Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the 
- *			PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * 			be opened.
- */
-CK_RV
-pk11_DBInit(const char *configdir, const char *certPrefix, 
-	    const char *keyPrefix, PRBool readOnly, 
-	    PRBool noCertDB, PRBool noKeyDB, PRBool forceOpen,
-	    NSSLOWCERTCertDBHandle **certdbPtr, NSSLOWKEYDBHandle **keydbPtr)
-{
-    CK_RV crv = CKR_OK;
-
-
-    if (!noCertDB) {
-	crv = pk11_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr);
-	if (crv != CKR_OK) {
-	    if (!forceOpen) goto loser;
-	    crv = CKR_OK;
-	}
-    }
-    if (!noKeyDB) {
-
-	crv = pk11_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr);
-	if (crv != CKR_OK) {
-	    if (!forceOpen) goto loser;
-	    crv = CKR_OK;
-	}
-    }
-
-
-loser:
-    return crv;
-}
-
-
-void
-pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle, 
-		NSSLOWKEYDBHandle *keyHandle)
-{
-    if (certHandle) {
-    	nsslowcert_ClosePermCertDB(certHandle);
-	PORT_Free(certHandle);
-	certHandle= NULL;
-    }
-
-    if (keyHandle) {
-    	nsslowkey_CloseKeyDB(keyHandle);
-	keyHandle= NULL;
-    }
-}
-
-static rdbfunc pk11_rdbfunc;
-static void *pk11_tnx;
-
-/* NOTE: SHLIB_SUFFIX is defined on the command line */
-#define RDBLIB "rdb."SHLIB_SUFFIX
-
-DB * rdbopen(const char *appName, const char *prefix, 
-				const char *type, int flags)
-{
-    PRLibrary *lib;
-    DB *db;
-
-    if (pk11_rdbfunc) {
-	db = (*pk11_rdbfunc)(appName,prefix,type,flags);
-	return db;
-    }
-
-    /*
-     * try to open the library.
-     */
-    lib = PR_LoadLibrary(RDBLIB);
-
-    if (!lib) {
-	return NULL;
-    }
-
-    /* get the entry point */
-    pk11_rdbfunc = (rdbfunc) PR_FindSymbol(lib,"rdbopen");
-    if (pk11_rdbfunc) {
-	db = (*pk11_rdbfunc)(appName,prefix,type,flags);
-	return db;
-    }
-
-    /* couldn't find the entry point, unload the library and fail */
-    PR_UnloadLibrary(lib);
-    return NULL;
-}
-
-struct RDBStr {
-    DB	db;
-    int (*xactstart)(DB *db);
-    int (*xactdone)(DB *db, PRBool abort);
-};
-
-#define DB_RDB ((DBTYPE) 0xff)
-
-int
-db_BeginTransaction(DB *db)
-{
-    struct RDBStr *rdb = (struct RDBStr *)db;
-    if (db->type != DB_RDB) {
-	return 0;
-    }
-
-    return rdb->xactstart(db);
-}
-
-int
-db_FinishTransaction(DB *db, PRBool abort)
-{
-    struct RDBStr *rdb = (struct RDBStr *)db;
-    if (db->type != DB_RDB) {
-	return 0;
-    }
-
-    return rdb->xactdone(db, abort);
-}
-
-
-
-SECStatus
-db_Copy(DB *dest,DB *src)
-{
-    int ret;
-    DBT key,data;
-    ret = (*src->seq)(src, &key, &data, R_FIRST);
-    if (ret)  {
-	return SECSuccess;
-    }
-
-    do {
-	(void)(*dest->put)(dest,&key,&data, R_NOOVERWRITE);
-    } while ( (*src->seq)(src, &key, &data, R_NEXT) == 0);
-    (void)(*dest->sync)(dest,0);
-
-    return SECSuccess;
-}
diff --git a/security/nss/lib/softoken/fipstest.c b/security/nss/lib/softoken/fipstest.c
deleted file mode 100644
index 15e490090..000000000
--- a/security/nss/lib/softoken/fipstest.c
+++ /dev/null
@@ -1,1093 +0,0 @@
-/*
- * PKCS #11 FIPS Power-Up Self Test.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "softoken.h"   /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB,  */
-                        /*              DES-CBC, DES3-ECB, DES3-CBC, RSA */
-                        /*              and DSA.                         */
-#include "seccomon.h"   /* Required for RSA and DSA. */
-#include "lowkeyi.h"     /* Required for RSA and DSA. */
-#include "pkcs11.h"     /* Required for PKCS #11. */
-#include "secerr.h"
-
-/* FIPS preprocessor directives for RC2-ECB and RC2-CBC.        */
-#define FIPS_RC2_KEY_LENGTH                      5  /*  40-bits */
-#define FIPS_RC2_ENCRYPT_LENGTH                  8  /*  64-bits */
-#define FIPS_RC2_DECRYPT_LENGTH                  8  /*  64-bits */
-
-
-/* FIPS preprocessor directives for RC4.                        */
-#define FIPS_RC4_KEY_LENGTH                      5  /*  40-bits */
-#define FIPS_RC4_ENCRYPT_LENGTH                  8  /*  64-bits */
-#define FIPS_RC4_DECRYPT_LENGTH                  8  /*  64-bits */
-
-
-/* FIPS preprocessor directives for DES-ECB and DES-CBC.        */
-#define FIPS_DES_ENCRYPT_LENGTH                  8  /*  64-bits */
-#define FIPS_DES_DECRYPT_LENGTH                  8  /*  64-bits */
-
-
-/* FIPS preprocessor directives for DES3-CBC and DES3-ECB.      */
-#define FIPS_DES3_ENCRYPT_LENGTH                 8  /*  64-bits */
-#define FIPS_DES3_DECRYPT_LENGTH                 8  /*  64-bits */
-
-
-/* FIPS preprocessor directives for MD2.                        */
-#define FIPS_MD2_HASH_MESSAGE_LENGTH            64  /* 512-bits */
-
-
-/* FIPS preprocessor directives for MD5.                        */
-#define FIPS_MD5_HASH_MESSAGE_LENGTH            64  /* 512-bits */
-
-
-/* FIPS preprocessor directives for SHA-1.                      */
-#define FIPS_SHA1_HASH_MESSAGE_LENGTH           64  /* 512-bits */
-
-
-/* FIPS preprocessor directives for RSA.                        */
-#define FIPS_RSA_TYPE                           siBuffer
-#define FIPS_RSA_PUBLIC_EXPONENT_LENGTH          1  /*   8-bits */
-#define FIPS_RSA_PRIVATE_VERSION_LENGTH          1  /*   8-bits */
-#define FIPS_RSA_MESSAGE_LENGTH                 16  /* 128-bits */
-#define FIPS_RSA_COEFFICIENT_LENGTH             32  /* 256-bits */
-#define FIPS_RSA_PRIME0_LENGTH                  33  /* 264-bits */
-#define FIPS_RSA_PRIME1_LENGTH                  33  /* 264-bits */
-#define FIPS_RSA_EXPONENT0_LENGTH               33  /* 264-bits */
-#define FIPS_RSA_EXPONENT1_LENGTH               33  /* 264-bits */
-#define FIPS_RSA_PRIVATE_EXPONENT_LENGTH        64  /* 512-bits */
-#define FIPS_RSA_ENCRYPT_LENGTH                 64  /* 512-bits */
-#define FIPS_RSA_DECRYPT_LENGTH                 64  /* 512-bits */
-#define FIPS_RSA_CRYPTO_LENGTH                  64  /* 512-bits */
-#define FIPS_RSA_SIGNATURE_LENGTH               64  /* 512-bits */
-#define FIPS_RSA_MODULUS_LENGTH                 65  /* 520-bits */
-
-
-/* FIPS preprocessor directives for DSA.                        */
-#define FIPS_DSA_TYPE                           siBuffer
-#define FIPS_DSA_DIGEST_LENGTH                  20  /* 160-bits */
-#define FIPS_DSA_SUBPRIME_LENGTH                20  /* 160-bits */
-#define FIPS_DSA_SIGNATURE_LENGTH               40  /* 320-bits */
-#define FIPS_DSA_PRIME_LENGTH                   64  /* 512-bits */
-#define FIPS_DSA_BASE_LENGTH                    64  /* 512-bits */
-
-static CK_RV
-pk11_fips_RC2_PowerUpSelfTest( void )
-{
-    /* RC2 Known Key (40-bits). */
-    static PRUint8 rc2_known_key[] = { "RSARC" };
-
-    /* RC2-CBC Known Initialization Vector (64-bits). */
-    static PRUint8 rc2_cbc_known_initialization_vector[] = {"Security"};
-
-    /* RC2 Known Plaintext (64-bits). */
-    static PRUint8 rc2_ecb_known_plaintext[] = {"Netscape"};
-    static PRUint8 rc2_cbc_known_plaintext[] = {"Netscape"};
-
-    /* RC2 Known Ciphertext (64-bits). */
-    static PRUint8 rc2_ecb_known_ciphertext[] = {
-				  0x1a,0x71,0x33,0x54,0x8d,0x5c,0xd2,0x30};
-    static PRUint8 rc2_cbc_known_ciphertext[] = {
-				  0xff,0x41,0xdb,0x94,0x8a,0x4c,0x33,0xb3};
-
-    /* RC2 variables. */
-    PRUint8        rc2_computed_ciphertext[FIPS_RC2_ENCRYPT_LENGTH];
-    PRUint8        rc2_computed_plaintext[FIPS_RC2_DECRYPT_LENGTH];
-    RC2Context *   rc2_context;
-    unsigned int   rc2_bytes_encrypted;
-    unsigned int   rc2_bytes_decrypted;
-    SECStatus      rc2_status;
-
-
-    /******************************************************/
-    /* RC2-ECB Single-Round Known Answer Encryption Test: */
-    /******************************************************/
-
-    rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
-                                     NULL, NSS_RC2,
-                                     FIPS_RC2_KEY_LENGTH );
-
-    if( rc2_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    rc2_status = RC2_Encrypt( rc2_context, rc2_computed_ciphertext,
-                              &rc2_bytes_encrypted, FIPS_RC2_ENCRYPT_LENGTH,
-                              rc2_ecb_known_plaintext,
-                              FIPS_RC2_DECRYPT_LENGTH );
-
-    RC2_DestroyContext( rc2_context, PR_TRUE );
-
-    if( ( rc2_status != SECSuccess ) ||
-        ( rc2_bytes_encrypted != FIPS_RC2_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( rc2_computed_ciphertext, rc2_ecb_known_ciphertext,
-                       FIPS_RC2_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /******************************************************/
-    /* RC2-ECB Single-Round Known Answer Decryption Test: */
-    /******************************************************/
-
-    rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
-                                     NULL, NSS_RC2,
-                                     FIPS_RC2_KEY_LENGTH );
-
-    if( rc2_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    rc2_status = RC2_Decrypt( rc2_context, rc2_computed_plaintext,
-                              &rc2_bytes_decrypted, FIPS_RC2_DECRYPT_LENGTH,
-                              rc2_ecb_known_ciphertext,
-                              FIPS_RC2_ENCRYPT_LENGTH );
-
-    RC2_DestroyContext( rc2_context, PR_TRUE );
-
-    if( ( rc2_status != SECSuccess ) ||
-        ( rc2_bytes_decrypted != FIPS_RC2_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( rc2_computed_plaintext, rc2_ecb_known_plaintext,
-                       FIPS_RC2_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /******************************************************/
-    /* RC2-CBC Single-Round Known Answer Encryption Test: */
-    /******************************************************/
-
-    rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
-                                     rc2_cbc_known_initialization_vector,
-                                     NSS_RC2_CBC, FIPS_RC2_KEY_LENGTH );
-
-    if( rc2_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    rc2_status = RC2_Encrypt( rc2_context, rc2_computed_ciphertext,
-                              &rc2_bytes_encrypted, FIPS_RC2_ENCRYPT_LENGTH,
-                              rc2_cbc_known_plaintext,
-                              FIPS_RC2_DECRYPT_LENGTH );
-
-    RC2_DestroyContext( rc2_context, PR_TRUE );
-
-    if( ( rc2_status != SECSuccess ) ||
-        ( rc2_bytes_encrypted != FIPS_RC2_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( rc2_computed_ciphertext, rc2_cbc_known_ciphertext,
-                       FIPS_RC2_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /******************************************************/
-    /* RC2-CBC Single-Round Known Answer Decryption Test: */
-    /******************************************************/
-
-    rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
-                                     rc2_cbc_known_initialization_vector,
-                                     NSS_RC2_CBC, FIPS_RC2_KEY_LENGTH );
-
-    if( rc2_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    rc2_status = RC2_Decrypt( rc2_context, rc2_computed_plaintext,
-                              &rc2_bytes_decrypted, FIPS_RC2_DECRYPT_LENGTH,
-                              rc2_cbc_known_ciphertext,
-                              FIPS_RC2_ENCRYPT_LENGTH );
-
-    RC2_DestroyContext( rc2_context, PR_TRUE );
-
-    if( ( rc2_status != SECSuccess ) ||
-        ( rc2_bytes_decrypted != FIPS_RC2_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( rc2_computed_plaintext, rc2_ecb_known_plaintext,
-                       FIPS_RC2_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_RC4_PowerUpSelfTest( void )
-{
-    /* RC4 Known Key (40-bits). */
-    static PRUint8 rc4_known_key[] = { "RSARC" };
-
-    /* RC4 Known Plaintext (64-bits). */
-    static PRUint8 rc4_known_plaintext[] = { "Netscape" };
-
-    /* RC4 Known Ciphertext (64-bits). */
-    static PRUint8 rc4_known_ciphertext[] = {
-				0x29,0x33,0xc7,0x9a,0x9d,0x6c,0x09,0xdd};
-
-    /* RC4 variables. */
-    PRUint8        rc4_computed_ciphertext[FIPS_RC4_ENCRYPT_LENGTH];
-    PRUint8        rc4_computed_plaintext[FIPS_RC4_DECRYPT_LENGTH];
-    RC4Context *   rc4_context;
-    unsigned int   rc4_bytes_encrypted;
-    unsigned int   rc4_bytes_decrypted;
-    SECStatus      rc4_status;
-
-
-    /**************************************************/
-    /* RC4 Single-Round Known Answer Encryption Test: */
-    /**************************************************/
-
-    rc4_context = RC4_CreateContext( rc4_known_key, FIPS_RC4_KEY_LENGTH );
-
-    if( rc4_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    rc4_status = RC4_Encrypt( rc4_context, rc4_computed_ciphertext,
-                              &rc4_bytes_encrypted, FIPS_RC4_ENCRYPT_LENGTH,
-                              rc4_known_plaintext, FIPS_RC4_DECRYPT_LENGTH );
-
-    RC4_DestroyContext( rc4_context, PR_TRUE );
-
-    if( ( rc4_status != SECSuccess ) ||
-        ( rc4_bytes_encrypted != FIPS_RC4_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( rc4_computed_ciphertext, rc4_known_ciphertext,
-                       FIPS_RC4_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /**************************************************/
-    /* RC4 Single-Round Known Answer Decryption Test: */
-    /**************************************************/
-
-    rc4_context = RC4_CreateContext( rc4_known_key, FIPS_RC4_KEY_LENGTH );
-
-    if( rc4_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    rc4_status = RC4_Decrypt( rc4_context, rc4_computed_plaintext,
-                              &rc4_bytes_decrypted, FIPS_RC4_DECRYPT_LENGTH,
-                              rc4_known_ciphertext, FIPS_RC4_ENCRYPT_LENGTH );
-
-    RC4_DestroyContext( rc4_context, PR_TRUE );
-
-    if( ( rc4_status != SECSuccess ) ||
-        ( rc4_bytes_decrypted != FIPS_RC4_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( rc4_computed_plaintext, rc4_known_plaintext,
-                       FIPS_RC4_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_DES_PowerUpSelfTest( void )
-{
-    /* DES Known Key (56-bits). */
-    static PRUint8 des_known_key[] = { "ANSI DES" };
-
-    /* DES-CBC Known Initialization Vector (64-bits). */
-    static PRUint8 des_cbc_known_initialization_vector[] = { "Security" };
-
-    /* DES Known Plaintext (64-bits). */
-    static PRUint8 des_ecb_known_plaintext[] = { "Netscape" };
-    static PRUint8 des_cbc_known_plaintext[] = { "Netscape" };
-
-    /* DES Known Ciphertext (64-bits). */
-    static PRUint8 des_ecb_known_ciphertext[] = {
-			       0x26,0x14,0xe9,0xc3,0x28,0x80,0x50,0xb0};
-    static PRUint8 des_cbc_known_ciphertext[]  = {
-			       0x5e,0x95,0x94,0x5d,0x76,0xa2,0xd3,0x7d};
-
-    /* DES variables. */
-    PRUint8        des_computed_ciphertext[FIPS_DES_ENCRYPT_LENGTH];
-    PRUint8        des_computed_plaintext[FIPS_DES_DECRYPT_LENGTH];
-    DESContext *   des_context;
-    unsigned int   des_bytes_encrypted;
-    unsigned int   des_bytes_decrypted;
-    SECStatus      des_status;
-
-
-    /******************************************************/
-    /* DES-ECB Single-Round Known Answer Encryption Test: */
-    /******************************************************/
-
-    des_context = DES_CreateContext( des_known_key, NULL, NSS_DES, PR_TRUE );
-
-    if( des_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des_status = DES_Encrypt( des_context, des_computed_ciphertext,
-                              &des_bytes_encrypted, FIPS_DES_ENCRYPT_LENGTH,
-                              des_ecb_known_plaintext,
-                              FIPS_DES_DECRYPT_LENGTH );
-
-    DES_DestroyContext( des_context, PR_TRUE );
-
-    if( ( des_status != SECSuccess ) ||
-        ( des_bytes_encrypted != FIPS_DES_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des_computed_ciphertext, des_ecb_known_ciphertext,
-                       FIPS_DES_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /******************************************************/
-    /* DES-ECB Single-Round Known Answer Decryption Test: */
-    /******************************************************/
-
-    des_context = DES_CreateContext( des_known_key, NULL, NSS_DES, PR_FALSE );
-
-    if( des_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des_status = DES_Decrypt( des_context, des_computed_plaintext,
-                              &des_bytes_decrypted, FIPS_DES_DECRYPT_LENGTH,
-                              des_ecb_known_ciphertext,
-                              FIPS_DES_ENCRYPT_LENGTH );
-
-    DES_DestroyContext( des_context, PR_TRUE );
-
-    if( ( des_status != SECSuccess ) ||
-        ( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des_computed_plaintext, des_ecb_known_plaintext,
-                       FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /******************************************************/
-    /* DES-CBC Single-Round Known Answer Encryption Test. */
-    /******************************************************/
-
-    des_context = DES_CreateContext( des_known_key,
-                                     des_cbc_known_initialization_vector,
-                                     NSS_DES_CBC, PR_TRUE );
-
-    if( des_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des_status = DES_Encrypt( des_context, des_computed_ciphertext,
-                              &des_bytes_encrypted, FIPS_DES_ENCRYPT_LENGTH,
-                              des_cbc_known_plaintext,
-                              FIPS_DES_DECRYPT_LENGTH );
-
-    DES_DestroyContext( des_context, PR_TRUE );
-
-    if( ( des_status != SECSuccess ) ||
-        ( des_bytes_encrypted != FIPS_DES_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des_computed_ciphertext, des_cbc_known_ciphertext,
-                       FIPS_DES_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /******************************************************/
-    /* DES-CBC Single-Round Known Answer Decryption Test. */
-    /******************************************************/
-
-    des_context = DES_CreateContext( des_known_key,
-                                     des_cbc_known_initialization_vector,
-                                     NSS_DES_CBC, PR_FALSE );
-
-    if( des_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des_status = DES_Decrypt( des_context, des_computed_plaintext,
-                              &des_bytes_decrypted, FIPS_DES_DECRYPT_LENGTH,
-                              des_cbc_known_ciphertext,
-                              FIPS_DES_ENCRYPT_LENGTH );
-
-    DES_DestroyContext( des_context, PR_TRUE );
-
-    if( ( des_status != SECSuccess ) ||
-        ( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des_computed_plaintext, des_cbc_known_plaintext,
-                       FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_DES3_PowerUpSelfTest( void )
-{
-    /* DES3 Known Key (56-bits). */
-    static PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
-
-    /* DES3-CBC Known Initialization Vector (64-bits). */
-    static PRUint8 des3_cbc_known_initialization_vector[] = { "Security" };
-
-    /* DES3 Known Plaintext (64-bits). */
-    static PRUint8 des3_ecb_known_plaintext[] = { "Netscape" };
-    static PRUint8 des3_cbc_known_plaintext[] = { "Netscape" };
-
-    /* DES3 Known Ciphertext (64-bits). */
-    static PRUint8 des3_ecb_known_ciphertext[] = {
-			   0x55,0x8e,0xad,0x3c,0xee,0x49,0x69,0xbe};
-    static PRUint8 des3_cbc_known_ciphertext[] = {
-			   0x43,0xdc,0x6a,0xc1,0xaf,0xa6,0x32,0xf5};
-
-    /* DES3 variables. */
-    PRUint8        des3_computed_ciphertext[FIPS_DES3_ENCRYPT_LENGTH];
-    PRUint8        des3_computed_plaintext[FIPS_DES3_DECRYPT_LENGTH];
-    DESContext *   des3_context;
-    unsigned int   des3_bytes_encrypted;
-    unsigned int   des3_bytes_decrypted;
-    SECStatus      des3_status;
-
-
-    /*******************************************************/
-    /* DES3-ECB Single-Round Known Answer Encryption Test. */
-    /*******************************************************/
-
-    des3_context = DES_CreateContext( des3_known_key, NULL,
-                                     NSS_DES_EDE3, PR_TRUE );
-
-    if( des3_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des3_status = DES_Encrypt( des3_context, des3_computed_ciphertext,
-                               &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
-                               des3_ecb_known_plaintext,
-                               FIPS_DES3_DECRYPT_LENGTH );
-
-    DES_DestroyContext( des3_context, PR_TRUE );
-
-    if( ( des3_status != SECSuccess ) ||
-        ( des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des3_computed_ciphertext, des3_ecb_known_ciphertext,
-                       FIPS_DES3_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /*******************************************************/
-    /* DES3-ECB Single-Round Known Answer Decryption Test. */
-    /*******************************************************/
-
-    des3_context = DES_CreateContext( des3_known_key, NULL,
-                                     NSS_DES_EDE3, PR_FALSE );
-
-    if( des3_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des3_status = DES_Decrypt( des3_context, des3_computed_plaintext,
-                               &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
-                               des3_ecb_known_ciphertext,
-                               FIPS_DES3_ENCRYPT_LENGTH );
-
-    DES_DestroyContext( des3_context, PR_TRUE );
-
-    if( ( des3_status != SECSuccess ) ||
-        ( des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des3_computed_plaintext, des3_ecb_known_plaintext,
-                       FIPS_DES3_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /*******************************************************/
-    /* DES3-CBC Single-Round Known Answer Encryption Test. */
-    /*******************************************************/
-
-    des3_context = DES_CreateContext( des3_known_key,
-                                      des3_cbc_known_initialization_vector,
-                                      NSS_DES_EDE3_CBC, PR_TRUE );
-
-    if( des3_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des3_status = DES_Encrypt( des3_context, des3_computed_ciphertext,
-                               &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
-                               des3_cbc_known_plaintext,
-                               FIPS_DES3_DECRYPT_LENGTH );
-
-    DES_DestroyContext( des3_context, PR_TRUE );
-
-    if( ( des3_status != SECSuccess ) ||
-        ( des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des3_computed_ciphertext, des3_cbc_known_ciphertext,
-                       FIPS_DES3_ENCRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-
-    /*******************************************************/
-    /* DES3-CBC Single-Round Known Answer Decryption Test. */
-    /*******************************************************/
-
-    des3_context = DES_CreateContext( des3_known_key,
-                                      des3_cbc_known_initialization_vector,
-                                      NSS_DES_EDE3_CBC, PR_FALSE );
-
-    if( des3_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    des3_status = DES_Decrypt( des3_context, des3_computed_plaintext,
-                               &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
-                               des3_cbc_known_ciphertext,
-                               FIPS_DES3_ENCRYPT_LENGTH );
-
-    DES_DestroyContext( des3_context, PR_TRUE );
-
-    if( ( des3_status != SECSuccess ) ||
-        ( des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH ) ||
-        ( PORT_Memcmp( des3_computed_plaintext, des3_cbc_known_plaintext,
-                       FIPS_DES3_DECRYPT_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_MD2_PowerUpSelfTest( void )
-{
-    /* MD2 Known Hash Message (512-bits). */
-    static PRUint8 md2_known_hash_message[] = {
-	"The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
-    /* MD2 Known Digest Message (128-bits). */
-    static PRUint8 md2_known_digest[]  = {
-				   0x41,0x5a,0x12,0xb2,0x3f,0x28,0x97,0x17,
-				   0x0c,0x71,0x4e,0xcc,0x40,0xc8,0x1d,0x1b};
-
-    /* MD2 variables. */
-    MD2Context * md2_context;
-    unsigned int md2_bytes_hashed;
-    PRUint8      md2_computed_digest[MD2_LENGTH];
-
-
-    /***********************************************/
-    /* MD2 Single-Round Known Answer Hashing Test. */
-    /***********************************************/
-
-    md2_context = MD2_NewContext();
-
-    if( md2_context == NULL )
-        return( CKR_HOST_MEMORY );
-
-    MD2_Begin( md2_context );
-
-    MD2_Update( md2_context, md2_known_hash_message,
-                FIPS_MD2_HASH_MESSAGE_LENGTH );
-
-    MD2_End( md2_context, md2_computed_digest, &md2_bytes_hashed, MD2_LENGTH );
-
-    MD2_DestroyContext( md2_context , PR_TRUE );
-
-    if( ( md2_bytes_hashed != MD2_LENGTH ) ||
-        ( PORT_Memcmp( md2_computed_digest, md2_known_digest,
-                       MD2_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_MD5_PowerUpSelfTest( void )
-{
-    /* MD5 Known Hash Message (512-bits). */
-    static PRUint8 md5_known_hash_message[] = {
-	"The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
-    /* MD5 Known Digest Message (128-bits). */
-    static PRUint8 md5_known_digest[]  = {
-				   0x25,0xc8,0xc0,0x10,0xc5,0x6e,0x68,0x28,
-				   0x28,0xa4,0xa5,0xd2,0x98,0x9a,0xea,0x2d};
-
-    /* MD5 variables. */
-    PRUint8        md5_computed_digest[MD5_LENGTH];
-    SECStatus      md5_status;
-
-
-    /***********************************************/
-    /* MD5 Single-Round Known Answer Hashing Test. */
-    /***********************************************/
-
-    md5_status = MD5_HashBuf( md5_computed_digest, md5_known_hash_message,
-                              FIPS_MD5_HASH_MESSAGE_LENGTH );
-
-    if( ( md5_status != SECSuccess ) ||
-        ( PORT_Memcmp( md5_computed_digest, md5_known_digest,
-                       MD5_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_SHA1_PowerUpSelfTest( void )
-{
-    /* SHA-1 Known Hash Message (512-bits). */
-    static PRUint8 sha1_known_hash_message[] = {
-	 "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
-    /* SHA-1 Known Digest Message (160-bits). */
-    static PRUint8 sha1_known_digest[] = {
-			       0x0a,0x6d,0x07,0xba,0x1e,0xbd,0x8a,0x1b,
-			       0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0,
-			       0xe0,0x68,0x47,0x7a};
-
-    /* SHA-1 variables. */
-    PRUint8        sha1_computed_digest[SHA1_LENGTH];
-    SECStatus      sha1_status;
-
-
-    /*************************************************/
-    /* SHA-1 Single-Round Known Answer Hashing Test. */
-    /*************************************************/
-
-    sha1_status = SHA1_HashBuf( sha1_computed_digest, sha1_known_hash_message,
-                                FIPS_SHA1_HASH_MESSAGE_LENGTH );
-
-    if( ( sha1_status != SECSuccess ) ||
-        ( PORT_Memcmp( sha1_computed_digest, sha1_known_digest,
-                       SHA1_LENGTH ) != 0 ) )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_RSA_PowerUpSelfTest( void )
-{
-    /* RSA Known Modulus used in both Public/Private Key Values (520-bits). */
-    static PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
-                                 0x00,0xa1,0xe9,0x5e,0x66,0x88,0xe2,0xf2,
-                                 0x2b,0xe7,0x70,0x36,0x33,0xbc,0xeb,0x55,
-                                 0x55,0xf1,0x60,0x18,0x3c,0xfb,0xd2,0x79,
-                                 0xf6,0xc4,0xb8,0x09,0xe3,0x12,0xf6,0x63,
-                                 0x6d,0xc7,0x8e,0x19,0xc0,0x0e,0x10,0x78,
-                                 0xc1,0xfe,0x2a,0x41,0x74,0x2d,0xf7,0xc4,
-                                 0x69,0xa7,0x3c,0xbc,0x8a,0xc8,0x31,0x2b,
-                                 0x4f,0x60,0xf0,0xf1,0xec,0x5a,0x29,0xec,
-                                 0x6b};
-
-    /* RSA Known Public Key Values (8-bits). */
-    static PRUint8 rsa_public_exponent[] = { 0x03 };
-
-    /* RSA Known Private Key Values (version                 is   8-bits), */
-    /*                              (private exponent        is 512-bits), */
-    /*                              (private prime0          is 264-bits), */
-    /*                              (private prime1          is 264-bits), */
-    /*                              (private prime exponent0 is 264-bits), */
-    /*                              (private prime exponent1 is 264-bits), */
-    /*                          and (private coefficient     is 256-bits). */
-    static PRUint8 rsa_version[] = { 0x00 };
-    static PRUint8 rsa_private_exponent[FIPS_RSA_PRIVATE_EXPONENT_LENGTH] = {
-				  0x6b,0xf0,0xe9,0x99,0xb0,0x97,0x4c,0x1d,
-				  0x44,0xf5,0x79,0x77,0xd3,0x47,0x8e,0x39,
-				  0x4b,0x95,0x65,0x7d,0xfd,0x36,0xfb,0xf9,
-				  0xd8,0x7a,0xb1,0x42,0x0c,0xa4,0x42,0x48,
-				  0x20,0x1c,0x6b,0x7d,0x5d,0xa3,0x58,0xd6,
-				  0x95,0xd6,0x41,0xe3,0xd6,0x73,0xad,0xdb,
-				  0x3b,0x89,0x00,0x8a,0xcd,0x1d,0xb9,0x06,
-				  0xac,0xac,0x0e,0x02,0x72,0x1c,0xf8,0xab };
-    static PRUint8 rsa_prime0[FIPS_RSA_PRIME0_LENGTH]   = {
-				      0x00,0xd2,0x2c,0x9d,0xef,0x7c,0x8f,0x58,
-				      0x93,0x19,0xa1,0x77,0x0e,0x38,0x3e,0x85,
-				      0xb4,0xaf,0xcc,0x99,0xa5,0x43,0xbf,0x97,
-				      0xdc,0x46,0xb8,0x3f,0x6e,0x85,0x18,0x00,
-				      0x81};
-    static PRUint8 rsa_prime1[FIPS_RSA_PRIME1_LENGTH]   = {
-				      0x00,0xc5,0x36,0xda,0x94,0x85,0x0c,0x1a,
-				      0xed,0x03,0xc7,0x67,0x90,0x34,0x0b,0xb9,
-				      0xec,0x1e,0x22,0xa2,0x15,0x50,0xc4,0xfd,
-				      0xe9,0x17,0x36,0x9d,0x7a,0x29,0xe6,0x76,
-				      0xeb};
-    static PRUint8 rsa_exponent0[FIPS_RSA_EXPONENT0_LENGTH] = {
-					 0x00,0x8c,0x1d,0xbe,0x9f,0xa8,
-					 0x5f,0x90,0x62,0x11,0x16,0x4f,
-					 0x5e,0xd0,0x29,0xae,0x78,0x75,
-					 0x33,0x11,0x18,0xd7,0xd5,0x0f,
-					 0xe8,0x2f,0x25,0x7f,0x9f,0x03,
-					 0x65,0x55,0xab};
-    static PRUint8 rsa_exponent1[FIPS_RSA_EXPONENT1_LENGTH] = {
-					 0x00,0x83,0x79,0xe7,0x0d,0xae,
-					 0x08,0x11,0xf3,0x57,0xda,0x45,
-					 0x0a,0xcd,0x5d,0x26,0x9d,0x69,
-					 0x6c,0x6c,0x0e,0x35,0xd8,0xa9,
-					 0x46,0x0f,0x79,0xbe,0x51,0x71,
-					 0x44,0x4f,0x47};
-    static PRUint8 rsa_coefficient[FIPS_RSA_COEFFICIENT_LENGTH] = {
-					 0x54,0x8d,0xb8,0xdc,0x8b,0xde,0xbb,
-					 0x08,0xc9,0x67,0xb7,0xa9,0x5f,0xa5,
-					 0xc4,0x5e,0x67,0xaa,0xfe,0x1a,0x08,
-					 0xeb,0x48,0x43,0xcb,0xb0,0xb9,0x38,
-					 0x3a,0x31,0x39,0xde};
-
-
-    /* RSA Known Plaintext (512-bits). */
-    static PRUint8 rsa_known_plaintext[] = {
-                                         "Known plaintext utilized for RSA"
-                                         " Encryption and Decryption test." };
-
-    /* RSA Known Ciphertext (512-bits). */
-    static PRUint8 rsa_known_ciphertext[] = {
-				      0x12,0x80,0x3a,0x53,0xee,0x93,0x81,0xa5,
-				      0xf7,0x40,0xc5,0xb1,0xef,0xd9,0x27,0xaf,
-				      0xef,0x4b,0x87,0x44,0x00,0xd0,0xda,0xcf,
-				      0x10,0x57,0x4c,0xd5,0xc3,0xed,0x84,0xdc,
-				      0x74,0x03,0x19,0x69,0x2c,0xd6,0x54,0x3e,
-				      0xd2,0xe3,0x90,0xb6,0x67,0x91,0x2f,0x1f,
-				      0x54,0x13,0x99,0x00,0x0b,0xfd,0x52,0x7f,
-				      0xd8,0xc6,0xdb,0x8a,0xfe,0x06,0xf3,0xb1};
-
-    /* RSA Known Message (128-bits). */
-    static PRUint8 rsa_known_message[]  = { "Netscape Forever" };
-
-    /* RSA Known Signed Hash (512-bits). */
-    static PRUint8 rsa_known_signature[] = {
-				     0x27,0x23,0xa6,0x71,0x57,0xc8,0x70,0x5f,
-				     0x70,0x0e,0x06,0x7b,0x96,0x6a,0xaa,0x41,
-				     0x6e,0xab,0x67,0x4b,0x5f,0x76,0xc4,0x53,
-				     0x23,0xd7,0x57,0x7a,0x3a,0xbc,0x4c,0x27,
-				     0x65,0xca,0xde,0x9f,0xd3,0x1d,0xa4,0x5a,
-				     0xf9,0x8f,0xb2,0x05,0xa3,0x86,0xf9,0x66,
-				     0x55,0x4c,0x68,0x50,0x66,0xa4,0xe9,0x17,
-				     0x45,0x11,0xb8,0x1a,0xfc,0xbc,0x79,0x3b};
-
-
-    static RSAPublicKey    bl_public_key = { NULL, 
-      { FIPS_RSA_TYPE, rsa_modulus,         FIPS_RSA_MODULUS_LENGTH },
-      { FIPS_RSA_TYPE, rsa_public_exponent, FIPS_RSA_PUBLIC_EXPONENT_LENGTH }
-    };
-    static RSAPrivateKey   bl_private_key = { NULL,
-      { FIPS_RSA_TYPE, rsa_version,          FIPS_RSA_PRIVATE_VERSION_LENGTH },
-      { FIPS_RSA_TYPE, rsa_modulus,          FIPS_RSA_MODULUS_LENGTH },
-      { FIPS_RSA_TYPE, rsa_public_exponent,  FIPS_RSA_PUBLIC_EXPONENT_LENGTH },
-      { FIPS_RSA_TYPE, rsa_private_exponent, FIPS_RSA_PRIVATE_EXPONENT_LENGTH },
-      { FIPS_RSA_TYPE, rsa_prime0,           FIPS_RSA_PRIME0_LENGTH },
-      { FIPS_RSA_TYPE, rsa_prime1,           FIPS_RSA_PRIME1_LENGTH },
-      { FIPS_RSA_TYPE, rsa_exponent0,        FIPS_RSA_EXPONENT0_LENGTH },
-      { FIPS_RSA_TYPE, rsa_exponent1,        FIPS_RSA_EXPONENT1_LENGTH },
-      { FIPS_RSA_TYPE, rsa_coefficient,      FIPS_RSA_COEFFICIENT_LENGTH }
-    };
-
-    /* RSA variables. */
-#ifdef CREATE_TEMP_ARENAS
-    PLArenaPool *         rsa_public_arena;
-    PLArenaPool *         rsa_private_arena;
-#endif
-    NSSLOWKEYPublicKey *  rsa_public_key;
-    NSSLOWKEYPrivateKey * rsa_private_key;
-    unsigned int          rsa_bytes_signed;
-    SECStatus             rsa_status;
-
-    NSSLOWKEYPublicKey    low_public_key   = { NULL, NSSLOWKEYRSAKey, };
-    NSSLOWKEYPrivateKey   low_private_key  = { NULL, NSSLOWKEYRSAKey, };
-    PRUint8               rsa_computed_ciphertext[FIPS_RSA_ENCRYPT_LENGTH];
-    PRUint8               rsa_computed_plaintext[FIPS_RSA_DECRYPT_LENGTH];
-    PRUint8               rsa_computed_signature[FIPS_RSA_SIGNATURE_LENGTH];
-
-    /****************************************/
-    /* Compose RSA Public/Private Key Pair. */
-    /****************************************/
-
-    low_public_key.u.rsa  = bl_public_key;
-    low_private_key.u.rsa = bl_private_key;
-
-    rsa_public_key  = &low_public_key;
-    rsa_private_key = &low_private_key;
-
-#ifdef CREATE_TEMP_ARENAS
-    /* Create some space for the RSA public key. */
-    rsa_public_arena = PORT_NewArena( NSS_SOFTOKEN_DEFAULT_CHUNKSIZE );
-
-    if( rsa_public_arena == NULL ) {
-        PORT_SetError( SEC_ERROR_NO_MEMORY );
-        return( CKR_HOST_MEMORY );
-    }
-
-    /* Create some space for the RSA private key. */
-    rsa_private_arena = PORT_NewArena( NSS_SOFTOKEN_DEFAULT_CHUNKSIZE );
-
-    if( rsa_private_arena == NULL ) {
-        PORT_FreeArena( rsa_public_arena, PR_TRUE );
-        PORT_SetError( SEC_ERROR_NO_MEMORY );
-        return( CKR_HOST_MEMORY );
-    }
-
-    rsa_public_key->arena = rsa_public_arena;
-    rsa_private_key->arena = rsa_private_arena;
-#endif
-
-    /**************************************************/
-    /* RSA Single-Round Known Answer Encryption Test. */
-    /**************************************************/
-
-    /* Perform RSA Public Key Encryption. */
-    rsa_status = RSA_PublicKeyOp(&rsa_public_key->u.rsa, 
-                                 rsa_computed_ciphertext, rsa_known_plaintext);
-
-    if( ( rsa_status != SECSuccess ) ||
-        ( PORT_Memcmp( rsa_computed_ciphertext, rsa_known_ciphertext,
-                       FIPS_RSA_ENCRYPT_LENGTH ) != 0 ) )
-        goto rsa_loser;
-
-    /**************************************************/
-    /* RSA Single-Round Known Answer Decryption Test. */
-    /**************************************************/
-
-    /* Perform RSA Private Key Decryption. */
-    rsa_status = RSA_PrivateKeyOp(&rsa_private_key->u.rsa, 
-                                  rsa_computed_plaintext, rsa_known_ciphertext);
-
-    if( ( rsa_status != SECSuccess ) ||
-        ( PORT_Memcmp( rsa_computed_plaintext, rsa_known_plaintext,
-                       FIPS_RSA_DECRYPT_LENGTH ) != 0 ) )
-        goto rsa_loser;
-
-
-    /*************************************************/
-    /* RSA Single-Round Known Answer Signature Test. */
-    /*************************************************/
-
-    /* Perform RSA signature with the RSA private key. */
-    rsa_status = RSA_Sign( rsa_private_key, rsa_computed_signature,
-                           &rsa_bytes_signed,
-                           FIPS_RSA_SIGNATURE_LENGTH, rsa_known_message,
-                           FIPS_RSA_MESSAGE_LENGTH );
-
-    if( ( rsa_status != SECSuccess ) ||
-        ( rsa_bytes_signed != FIPS_RSA_SIGNATURE_LENGTH ) ||
-        ( PORT_Memcmp( rsa_computed_signature, rsa_known_signature,
-                       FIPS_RSA_SIGNATURE_LENGTH ) != 0 ) )
-        goto rsa_loser;
-
-
-    /****************************************************/
-    /* RSA Single-Round Known Answer Verification Test. */
-    /****************************************************/
-
-    /* Perform RSA verification with the RSA public key. */
-    rsa_status = RSA_CheckSign( rsa_public_key,
-                                rsa_computed_signature,
-                                FIPS_RSA_SIGNATURE_LENGTH,
-                                rsa_known_message,
-                                FIPS_RSA_MESSAGE_LENGTH );
-
-    if( rsa_status != SECSuccess )
-        goto rsa_loser;
-
-    /* Dispose of all RSA key material. */
-    nsslowkey_DestroyPublicKey( rsa_public_key );
-    nsslowkey_DestroyPrivateKey( rsa_private_key );
-
-    return( CKR_OK );
-
-
-rsa_loser:
-
-    nsslowkey_DestroyPublicKey( rsa_public_key );
-    nsslowkey_DestroyPrivateKey( rsa_private_key );
-
-    return( CKR_DEVICE_ERROR );
-}
-
-
-static CK_RV
-pk11_fips_DSA_PowerUpSelfTest( void )
-{
-    /* DSA Known P (512-bits), Q (160-bits), and G (512-bits) Values. */
-    static PRUint8 dsa_P[] = {
-                           0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
-                           0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
-                           0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
-                           0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
-                           0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
-                           0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
-                           0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
-                           0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91};
-    static PRUint8 dsa_Q[] = {
-                           0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
-                           0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
-                           0xda,0xce,0x91,0x5f};
-    static PRUint8 dsa_G[] = {
-                           0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
-                           0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
-                           0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
-                           0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
-                           0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
-                           0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
-                           0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
-                           0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02};
-
-    /* DSA Known Random Values (known random key block       is 160-bits)  */
-    /*                     and (known random signature block is 160-bits). */
-    static PRUint8 dsa_known_random_key_block[] = {
-                                                      "Mozilla Rules World!"};
-    static PRUint8 dsa_known_random_signature_block[] = {
-                                                      "Random DSA Signature"};
-
-    /* DSA Known Digest (160-bits) */
-    static PRUint8 dsa_known_digest[] = { "DSA Signature Digest" };
-
-    /* DSA Known Signature (320-bits). */
-    static PRUint8 dsa_known_signature[] = {
-			     0x39,0x0d,0x84,0xb1,0xf7,0x52,0x89,0xba,
-			     0xec,0x1e,0xa8,0xe2,0x00,0x8e,0x37,0x8f,
-			     0xc2,0xf5,0xf8,0x70,0x11,0xa8,0xc7,0x02,
-			     0x0e,0x75,0xcf,0x6b,0x54,0x4a,0x52,0xe8,
-			     0xd8,0x6d,0x4a,0xe8,0xee,0x56,0x8e,0x59};
-
-    /* DSA variables. */
-    DSAPrivateKey *        dsa_private_key;
-    SECStatus              dsa_status;
-    SECItem                dsa_signature_item;
-    SECItem                dsa_digest_item;
-    DSAPublicKey           dsa_public_key;
-    PRUint8                dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
-    static PQGParams       dsa_pqg = { NULL,
-			    { FIPS_DSA_TYPE, dsa_P, FIPS_DSA_PRIME_LENGTH },
-			    { FIPS_DSA_TYPE, dsa_Q, FIPS_DSA_SUBPRIME_LENGTH },
-			    { FIPS_DSA_TYPE, dsa_G, FIPS_DSA_BASE_LENGTH }};
-
-    /*******************************************/
-    /* Generate a DSA public/private key pair. */
-    /*******************************************/
-
-    /* Generate a DSA public/private key pair. */
-
-    dsa_status = DSA_NewKeyFromSeed(&dsa_pqg, dsa_known_random_key_block,
-                                    &dsa_private_key);
-
-    if( dsa_status != SECSuccess )
-	return( CKR_HOST_MEMORY );
-
-    /* construct public key from private key. */
-    dsa_public_key.params      = dsa_private_key->params;
-    dsa_public_key.publicValue = dsa_private_key->publicValue;
-
-    /*************************************************/
-    /* DSA Single-Round Known Answer Signature Test. */
-    /*************************************************/
-
-    dsa_signature_item.data = dsa_computed_signature;
-    dsa_signature_item.len  = sizeof dsa_computed_signature;
-
-    dsa_digest_item.data    = dsa_known_digest;
-    dsa_digest_item.len     = SHA1_LENGTH;
-
-    /* Perform DSA signature process. */
-    dsa_status = DSA_SignDigestWithSeed( dsa_private_key, 
-                                         &dsa_signature_item,
-					 &dsa_digest_item,
-					 dsa_known_random_signature_block );
-
-    if( ( dsa_status != SECSuccess ) ||
-        ( dsa_signature_item.len != FIPS_DSA_SIGNATURE_LENGTH ) ||
-        ( PORT_Memcmp( dsa_computed_signature, dsa_known_signature,
-                       FIPS_DSA_SIGNATURE_LENGTH ) != 0 ) ) {
-        dsa_status = SECFailure;
-    } else {
-
-    /****************************************************/
-    /* DSA Single-Round Known Answer Verification Test. */
-    /****************************************************/
-
-    /* Perform DSA verification process. */
-    dsa_status = DSA_VerifyDigest( &dsa_public_key, 
-                                   &dsa_signature_item,
-				   &dsa_digest_item);
-    }
-
-    PORT_FreeArena(dsa_private_key->params.arena, PR_TRUE);
-    /* Don't free public key, it uses same arena as private key */
-
-    /* Verify DSA signature. */
-    if( dsa_status != SECSuccess )
-        return( CKR_DEVICE_ERROR );
-
-    return( CKR_OK );
-
-
-}
-
-
-CK_RV
-pk11_fipsPowerUpSelfTest( void )
-{
-    CK_RV rv;
-
-    /* RC2 Power-Up SelfTest(s). */
-    rv = pk11_fips_RC2_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* RC4 Power-Up SelfTest(s). */
-    rv = pk11_fips_RC4_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* DES Power-Up SelfTest(s). */
-    rv = pk11_fips_DES_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* DES3 Power-Up SelfTest(s). */
-    rv = pk11_fips_DES3_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* MD2 Power-Up SelfTest(s). */
-    rv = pk11_fips_MD2_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* MD5 Power-Up SelfTest(s). */
-    rv = pk11_fips_MD5_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* SHA-1 Power-Up SelfTest(s). */
-    rv = pk11_fips_SHA1_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* RSA Power-Up SelfTest(s). */
-    rv = pk11_fips_RSA_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* DSA Power-Up SelfTest(s). */
-    rv = pk11_fips_DSA_PowerUpSelfTest();
-
-    if( rv != CKR_OK )
-        return rv;
-
-    /* Passed Power-Up SelfTest(s). */
-    return( CKR_OK );
-}
-
diff --git a/security/nss/lib/softoken/fipstokn.c b/security/nss/lib/softoken/fipstokn.c
deleted file mode 100644
index c33670451..000000000
--- a/security/nss/lib/softoken/fipstokn.c
+++ /dev/null
@@ -1,993 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *   This implementation has two slots:
- *	slot 1 is our generic crypto support. It does not require login
- *   (unless you've enabled FIPS). It supports Public Key ops, and all they
- *   bulk ciphers and hashes. It can also support Private Key ops for imported
- *   Private keys. It does not have any token storage.
- *	slot 2 is our private key support. It requires a login before use. It
- *   can store Private Keys and Certs as token objects. Currently only private
- *   keys and their associated Certificates are saved on the token.
- *
- *   In this implementation, session objects are only visible to the session
- *   that created or generated them.
- */
-#include "seccomon.h"
-#include "softoken.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-
-
-/*
- * ******************** Password Utilities *******************************
- */
-static PRBool isLoggedIn = PR_FALSE;
-static PRBool fatalError = PR_FALSE;
-
-/* Fips required checks before any useful crypto graphic services */
-static CK_RV pk11_fipsCheck(void) {
-    if (isLoggedIn != PR_TRUE) 
-	return CKR_USER_NOT_LOGGED_IN;
-    if (fatalError) 
-	return CKR_DEVICE_ERROR;
-    return CKR_OK;
-}
-
-
-#define PK11_FIPSCHECK() \
-    CK_RV rv; \
-    if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
-
-#define PK11_FIPSFATALCHECK() \
-    if (fatalError) return CKR_DEVICE_ERROR;
-
-
-/* grab an attribute out of a raw template */
-void *
-fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate, 
-				CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
-{
-    int i;
-
-    for (i=0; i < (int) ulCount; i++) {
-	if (pTemplate[i].type == type) {
-	    return pTemplate[i].pValue;
-	}
-    }
-    return NULL;
-}
-
-
-#define __PASTE(x,y)	x##y
-
-/* ------------- forward declare all the NSC_ functions ------------- */
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS,name)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-/* ------------- forward declare all the FIPS functions ------------- */
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F,name)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-/* ------------- build the CK_CRYPTO_TABLE ------------------------- */
-static CK_FUNCTION_LIST pk11_fipsTable = {
-    { 1, 10 },
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) __PASTE(F,name),
-
-
-#include "pkcs11f.h"
-
-};
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-static CK_RV
-fips_login_if_key_object(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
-{
-    CK_RV rv;
-    CK_OBJECT_CLASS objClass;
-    CK_ATTRIBUTE class; 
-    class.type = CKA_CLASS;
-    class.pValue = &objClass;
-    class.ulValueLen = sizeof(objClass);
-    rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
-    if (rv == CKR_OK) {
-	if ((objClass == CKO_PRIVATE_KEY) || (objClass == CKO_SECRET_KEY)) {
-	    rv = pk11_fipsCheck();
-	}
-    }
-    return rv;
-}
-
-
-/**********************************************************************
- *
- *     Start of PKCS 11 functions 
- *
- **********************************************************************/
-/* return the function list */
-CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
-    *pFunctionList = &pk11_fipsTable;
-    return CKR_OK;
-}
-
-/* sigh global so pkcs11 can read it */
-PRBool nsf_init = PR_FALSE;
-
-/* FC_Initialize initializes the PKCS #11 library. */
-CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
-    CK_RV crv;
-
-    if (nsf_init) {
-	return CKR_CRYPTOKI_ALREADY_INITIALIZED;
-    }
-
-    crv = nsc_CommonInitialize(pReserved, PR_TRUE);
-
-    /* not an 'else' rv can be set by either PK11_LowInit or PK11_SlotInit*/
-    if (crv != CKR_OK) {
-	fatalError = PR_TRUE;
-	return crv;
-    }
-
-    fatalError = PR_FALSE; /* any error has been reset */
-
-    crv = pk11_fipsPowerUpSelfTest();
-    if (crv != CKR_OK) {
-        nsc_CommonFinalize(NULL, PR_TRUE);
-	fatalError = PR_TRUE;
-	return crv;
-    }
-    nsf_init = PR_TRUE;
-
-    return CKR_OK;
-}
-
-/*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
-CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
-   CK_RV crv;
-   if (!nsf_init) {
-      return CKR_OK;
-   }
-   crv = nsc_CommonFinalize (pReserved, PR_TRUE);
-   nsf_init = (PRBool) !(crv == CKR_OK);
-   return crv;
-}
-
-
-/* FC_GetInfo returns general information about PKCS #11. */
-CK_RV  FC_GetInfo(CK_INFO_PTR pInfo) {
-    return NSC_GetInfo(pInfo);
-}
-
-/* FC_GetSlotList obtains a list of slots in the system. */
-CK_RV FC_GetSlotList(CK_BBOOL tokenPresent,
-	 		CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
-    return nsc_CommonGetSlotList(tokenPresent,pSlotList,pulCount,
-							 NSC_FIPS_MODULE);
-}
-	
-/* FC_GetSlotInfo obtains information about a particular slot in the system. */
-CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
-
-    CK_RV crv;
-
-    crv = NSC_GetSlotInfo(slotID,pInfo);
-    if (crv != CKR_OK) {
-	return crv;
-    }
-
-    return CKR_OK;
-}
-
-
-/*FC_GetTokenInfo obtains information about a particular token in the system.*/
- CK_RV FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo) {
-    CK_RV crv;
-
-    crv = NSC_GetTokenInfo(slotID,pInfo);
-    pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED;
-    return crv;
-
-}
-
-
-
-/*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
- CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
-	CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
-    PK11_FIPSFATALCHECK();
-    if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
-    /* FIPS Slot supports all functions */
-    return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
-}
-
-
-/* FC_GetMechanismInfo obtains information about a particular mechanism 
- * possibly supported by a token. */
- CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
-    					CK_MECHANISM_INFO_PTR pInfo) {
-    PK11_FIPSFATALCHECK();
-    if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
-    /* FIPS Slot supports all functions */
-    return NSC_GetMechanismInfo(slotID,type,pInfo);
-}
-
-
-/* FC_InitToken initializes a token. */
- CK_RV FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
- 				CK_ULONG usPinLen,CK_CHAR_PTR pLabel) {
-    return CKR_HOST_MEMORY; /*is this the right function for not implemented*/
-}
-
-
-/* FC_InitPIN initializes the normal user's PIN. */
- CK_RV FC_InitPIN(CK_SESSION_HANDLE hSession,
-    					CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
-    return NSC_InitPIN(hSession,pPin,ulPinLen);
-}
-
-
-/* FC_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
- CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
-    CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
-    CK_RV rv;
-    if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
-    return NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
-}
-
-/* FC_OpenSession opens a session between an application and a token. */
- CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
-   CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
-    PK11_FIPSFATALCHECK();
-    return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
-}
-
-
-/* FC_CloseSession closes a session between an application and a token. */
- CK_RV FC_CloseSession(CK_SESSION_HANDLE hSession) {
-    return NSC_CloseSession(hSession);
-}
-
-
-/* FC_CloseAllSessions closes all sessions with a token. */
- CK_RV FC_CloseAllSessions (CK_SLOT_ID slotID) {
-    return NSC_CloseAllSessions (slotID);
-}
-
-
-/* FC_GetSessionInfo obtains information about the session. */
- CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
-						CK_SESSION_INFO_PTR pInfo) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-
-    rv = NSC_GetSessionInfo(hSession,pInfo);
-    if (rv == CKR_OK) {
-	if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
-		pInfo->state = CKS_RO_USER_FUNCTIONS;
-	}
-	if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
-		pInfo->state = CKS_RW_USER_FUNCTIONS;
-	}
-    }
-    return rv;
-}
-
-/* FC_Login logs a user into a token. */
- CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
-				    CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-    rv = NSC_Login(hSession,userType,pPin,usPinLen);
-    if (rv == CKR_OK)
-	isLoggedIn = PR_TRUE;
-    else if (rv == CKR_USER_ALREADY_LOGGED_IN)
-    {
-	isLoggedIn = PR_TRUE;
-
-	/* Provide FIPS PUB 140-1 power-up self-tests on demand. */
-	rv = pk11_fipsPowerUpSelfTest();
-	if (rv == CKR_OK)
-		return CKR_USER_ALREADY_LOGGED_IN;
-	else
-		fatalError = PR_TRUE;
-    }
-    return rv;
-}
-
-/* FC_Logout logs a user out from a token. */
- CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
-    PK11_FIPSCHECK();
- 
-    rv = NSC_Logout(hSession);
-    isLoggedIn = PR_FALSE;
-    return rv;
-}
-
-
-/* FC_CreateObject creates a new object. */
- CK_RV FC_CreateObject(CK_SESSION_HANDLE hSession,
-		CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 
-					CK_OBJECT_HANDLE_PTR phObject) {
-    CK_OBJECT_CLASS * classptr;
-    PK11_FIPSCHECK();
-    classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
-    if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
-    /* FIPS can't create keys from raw key material */
-    if ((*classptr == CKO_SECRET_KEY) || (*classptr == CKO_PRIVATE_KEY)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-    return NSC_CreateObject(hSession,pTemplate,ulCount,phObject);
-}
-
-
-
-
-
-/* FC_CopyObject copies an object, creating a new object for the copy. */
- CK_RV FC_CopyObject(CK_SESSION_HANDLE hSession,
-       CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
-					CK_OBJECT_HANDLE_PTR phNewObject) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-    rv = fips_login_if_key_object(hSession, hObject);
-    if (rv != CKR_OK) {
-	return rv;
-    }
-    return NSC_CopyObject(hSession,hObject,pTemplate,usCount,phNewObject);
-}
-
-
-/* FC_DestroyObject destroys an object. */
- CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
-		 				CK_OBJECT_HANDLE hObject) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-    rv = fips_login_if_key_object(hSession, hObject);
-    if (rv != CKR_OK) {
-	return rv;
-    }
-    return NSC_DestroyObject(hSession,hObject);
-}
-
-
-/* FC_GetObjectSize gets the size of an object in bytes. */
- CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
-    			CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pusSize) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-    rv = fips_login_if_key_object(hSession, hObject);
-    if (rv != CKR_OK) {
-	return rv;
-    }
-    return NSC_GetObjectSize(hSession, hObject, pusSize);
-}
-
-
-/* FC_GetAttributeValue obtains the value of one or more object attributes. */
- CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-    rv = fips_login_if_key_object(hSession, hObject);
-    if (rv != CKR_OK) {
-	return rv;
-    }
-    return NSC_GetAttributeValue(hSession,hObject,pTemplate,usCount);
-}
-
-
-/* FC_SetAttributeValue modifies the value of one or more object attributes */
- CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
-    CK_RV rv;
-    PK11_FIPSFATALCHECK();
-    rv = fips_login_if_key_object(hSession, hObject);
-    if (rv != CKR_OK) {
-	return rv;
-    }
-    return NSC_SetAttributeValue(hSession,hObject,pTemplate,usCount);
-}
-
-
-
-/* FC_FindObjectsInit initializes a search for token and session objects 
- * that match a template. */
- CK_RV FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
-    			CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
-    /* let publically readable object be found */
-    int i;
-    CK_RV rv;
-    PRBool needLogin = PR_FALSE;
-
-    PK11_FIPSFATALCHECK();
-
-    for (i=0; i < usCount; i++) {
-	CK_OBJECT_CLASS class;
-	if (pTemplate[i].type != CKA_CLASS) {
-	    continue;
-	}
-	if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
-	    continue;
-	}
-	if (pTemplate[i].pValue == NULL) {
-	    continue;
-	}
-	class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
-	if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
-	    needLogin = PR_TRUE;
-	    break;
-	}
-    }
-    if (needLogin) {
-	if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
-    }
-    return NSC_FindObjectsInit(hSession,pTemplate,usCount);
-}
-
-
-/* FC_FindObjects continues a search for token and session objects 
- * that match a template, obtaining additional object handles. */
- CK_RV FC_FindObjects(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
-    					CK_ULONG_PTR pusObjectCount) {
-    /* let publically readable object be found */
-    PK11_FIPSFATALCHECK();
-    return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
-    							pusObjectCount);
-}
-
-
-/*
- ************** Crypto Functions:     Encrypt ************************
- */
-
-/* FC_EncryptInit initializes an encryption operation. */
- CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
-		 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_EncryptInit(hSession,pMechanism,hKey);
-}
-
-/* FC_Encrypt encrypts single-part data. */
- CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-    		CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
-					 CK_ULONG_PTR pusEncryptedDataLen) {
-    PK11_FIPSCHECK();
-    return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
-							pusEncryptedDataLen);
-}
-
-
-/* FC_EncryptUpdate continues a multiple-part encryption operation. */
- CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,	
-					CK_ULONG_PTR pusEncryptedPartLen) {
-    PK11_FIPSCHECK();
-    return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
-						pusEncryptedPartLen);
-}
-
-
-/* FC_EncryptFinal finishes a multiple-part encryption operation. */
- CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
-
-    PK11_FIPSCHECK();
-    return NSC_EncryptFinal(hSession,pLastEncryptedPart,
-						pusLastEncryptedPartLen);
-}
-
-/*
- ************** Crypto Functions:     Decrypt ************************
- */
-
-
-/* FC_DecryptInit initializes a decryption operation. */
- CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
-			 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_DecryptInit(hSession,pMechanism,hKey);
-}
-
-/* FC_Decrypt decrypts encrypted data in a single part. */
- CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
-    						CK_ULONG_PTR pusDataLen) {
-    PK11_FIPSCHECK();
-    return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
-    								pusDataLen);
-}
-
-
-/* FC_DecryptUpdate continues a multiple-part decryption operation. */
- CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
-    				CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
-    PK11_FIPSCHECK();
-    return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
-    							pPart,pusPartLen);
-}
-
-
-/* FC_DecryptFinal finishes a multiple-part decryption operation. */
- CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
-    PK11_FIPSCHECK();
-    return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
-}
-
-
-/*
- ************** Crypto Functions:     Digest (HASH)  ************************
- */
-
-/* FC_DigestInit initializes a message-digesting operation. */
- CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
-    					CK_MECHANISM_PTR pMechanism) {
-    PK11_FIPSFATALCHECK();
-    return NSC_DigestInit(hSession, pMechanism);
-}
-
-
-/* FC_Digest digests data in a single part. */
- CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
-    						CK_ULONG_PTR pusDigestLen) {
-    PK11_FIPSFATALCHECK();
-    return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
-}
-
-
-/* FC_DigestUpdate continues a multiple-part message-digesting operation. */
- CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
-					    CK_ULONG usPartLen) {
-    PK11_FIPSFATALCHECK();
-    return NSC_DigestUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_DigestFinal finishes a multiple-part message-digesting operation. */
- CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
-    						CK_ULONG_PTR pusDigestLen) {
-    PK11_FIPSFATALCHECK();
-    return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
-}
-
-
-/*
- ************** Crypto Functions:     Sign  ************************
- */
-
-/* FC_SignInit initializes a signature (private key encryption) operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
-		 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_SignInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
-    					CK_ULONG_PTR pusSignatureLen) {
-    PK11_FIPSCHECK();
-    return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
-}
-
-
-/* FC_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
-    							CK_ULONG usPartLen) {
-    PK11_FIPSCHECK();
-    return NSC_SignUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_SignFinal finishes a multiple-part signature operation, 
- * returning the signature. */
- CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
-					    CK_ULONG_PTR pusSignatureLen) {
-    PK11_FIPSCHECK();
-    return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
-}
-
-/*
- ************** Crypto Functions:     Sign Recover  ************************
- */
-/* FC_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
- CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
-			 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_SignRecoverInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
- CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-  CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
-    PK11_FIPSCHECK();
-    return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
-}
-
-/*
- ************** Crypto Functions:     verify  ************************
- */
-
-/* FC_VerifyInit initializes a verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
- CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
-			   CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_VerifyInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_Verify verifies a signature in a single-part operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-    CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
-    /* make sure we're legal */
-    PK11_FIPSCHECK();
-    return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
-}
-
-
-/* FC_VerifyUpdate continues a multiple-part verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
-						CK_ULONG usPartLen) {
-    PK11_FIPSCHECK();
-    return NSC_VerifyUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_VerifyFinal finishes a multiple-part verification operation, 
- * checking the signature. */
- CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
-			CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
-    PK11_FIPSCHECK();
-    return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
-}
-
-/*
- ************** Crypto Functions:     Verify  Recover ************************
- */
-
-/* FC_VerifyRecoverInit initializes a signature verification operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
- CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_VerifyRecover verifies a signature in a single-part operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
- CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
-		 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
-    				CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
-    PK11_FIPSCHECK();
-    return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
-								pusDataLen);
-}
-
-/*
- **************************** Key Functions:  ************************
- */
-
-/* FC_GenerateKey generates a secret key, creating a new key object. */
- CK_RV FC_GenerateKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
-    						CK_OBJECT_HANDLE_PTR phKey) {
-    CK_BBOOL *boolptr;
-
-    PK11_FIPSCHECK();
-
-    /* all secret keys must be sensitive, if the upper level code tries to say
-     * otherwise, reject it. */
-    boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
-    if (boolptr != NULL) {
-	if (!(*boolptr)) {
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-    }
-
-    return NSC_GenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey);
-}
-
-
-/* FC_GenerateKeyPair generates a public-key/private-key pair, 
- * creating new key objects. */
- CK_RV FC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-    CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-    CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
-					CK_OBJECT_HANDLE_PTR phPrivateKey) {
-    CK_BBOOL *boolptr;
-
-    PK11_FIPSCHECK();
-
-    /* all private keys must be sensitive, if the upper level code tries to say
-     * otherwise, reject it. */
-    boolptr = (CK_BBOOL *) fc_getAttribute(pPrivateKeyTemplate, 
-				usPrivateKeyAttributeCount, CKA_SENSITIVE);
-    if (boolptr != NULL) {
-	if (!(*boolptr)) {
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-    }
-    return NSC_GenerateKeyPair (hSession,pMechanism,pPublicKeyTemplate,
-    		usPublicKeyAttributeCount,pPrivateKeyTemplate,
-		usPrivateKeyAttributeCount,phPublicKey,phPrivateKey);
-}
-
-
-/* FC_WrapKey wraps (i.e., encrypts) a key. */
- CK_RV FC_WrapKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
-    CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
-					 CK_ULONG_PTR pusWrappedKeyLen) {
-    PK11_FIPSCHECK();
-    return NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
-							pusWrappedKeyLen);
-}
-
-
-/* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
- CK_RV FC_UnwrapKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
-    CK_BYTE_PTR pWrappedKey, CK_ULONG usWrappedKeyLen,
-    CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usAttributeCount,
-						 CK_OBJECT_HANDLE_PTR phKey) {
-    CK_BBOOL *boolptr;
-
-    PK11_FIPSCHECK();
-
-    /* all secret keys must be sensitive, if the upper level code tries to say
-     * otherwise, reject it. */
-    boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, 
-					usAttributeCount, CKA_SENSITIVE);
-    if (boolptr != NULL) {
-	if (!(*boolptr)) {
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-    }
-    return NSC_UnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
-			usWrappedKeyLen,pTemplate,usAttributeCount,phKey);
-}
-
-
-/* FC_DeriveKey derives a key from a base key, creating a new key object. */
- CK_RV FC_DeriveKey( CK_SESSION_HANDLE hSession,
-	 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
-	 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usAttributeCount, 
-						CK_OBJECT_HANDLE_PTR phKey) {
-    CK_BBOOL *boolptr;
-
-    PK11_FIPSCHECK();
-
-    /* all secret keys must be sensitive, if the upper level code tries to say
-     * otherwise, reject it. */
-    boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, 
-					usAttributeCount, CKA_SENSITIVE);
-    if (boolptr != NULL) {
-	if (!(*boolptr)) {
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-    }
-    return NSC_DeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
-			usAttributeCount, phKey);
-}
-
-/*
- **************************** Radom Functions:  ************************
- */
-
-/* FC_SeedRandom mixes additional seed material into the token's random number 
- * generator. */
- CK_RV FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
-    CK_ULONG usSeedLen) {
-    CK_RV crv;
-
-    PK11_FIPSFATALCHECK();
-    crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
-    if (crv != CKR_OK) {
-	fatalError = PR_TRUE;
-    }
-    return crv;
-}
-
-
-/* FC_GenerateRandom generates random data. */
- CK_RV FC_GenerateRandom(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR	pRandomData, CK_ULONG usRandomLen) {
-    CK_RV crv;
-
-    PK11_FIPSFATALCHECK();
-    crv = NSC_GenerateRandom(hSession,pRandomData,usRandomLen);
-    if (crv != CKR_OK) {
-	fatalError = PR_TRUE;
-    }
-    return crv;
-}
-
-
-/* FC_GetFunctionStatus obtains an updated status of a function running 
- * in parallel with an application. */
- CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
-    PK11_FIPSCHECK();
-    return NSC_GetFunctionStatus(hSession);
-}
-
-
-/* FC_CancelFunction cancels a function running in parallel */
- CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
-    PK11_FIPSCHECK();
-    return NSC_CancelFunction(hSession);
-}
-
-/*
- ****************************  Version 1.1 Functions:  ************************
- */
-
-/* FC_GetOperationState saves the state of the cryptographic 
- *operation in a session. */
-CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession, 
-	CK_BYTE_PTR  pOperationState, CK_ULONG_PTR pulOperationStateLen) {
-    PK11_FIPSFATALCHECK();
-    return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
-}
-
-
-/* FC_SetOperationState restores the state of the cryptographic operation 
- * in a session. */
-CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession, 
-	CK_BYTE_PTR  pOperationState, CK_ULONG  ulOperationStateLen,
-        CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
-    PK11_FIPSFATALCHECK();
-    return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
-        				hEncryptionKey,hAuthenticationKey);
-}
-
-/* FC_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
-    /* let publically readable object be found */
-    PK11_FIPSFATALCHECK();
-    return NSC_FindObjectsFinal(hSession);
-}
-
-
-/* Dual-function cryptographic operations */
-
-/* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption 
- * operation. */
-CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR  pPart,
-    CK_ULONG  ulPartLen, CK_BYTE_PTR  pEncryptedPart,
-					 CK_ULONG_PTR pulEncryptedPartLen) {
-    PK11_FIPSCHECK();
-    return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
-					 pulEncryptedPartLen);
-}
-
-
-/* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting 
- * operation. */
-CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
-     CK_BYTE_PTR  pEncryptedPart, CK_ULONG  ulEncryptedPartLen,
-    				CK_BYTE_PTR  pPart, CK_ULONG_PTR pulPartLen) {
-
-    PK11_FIPSCHECK();
-    return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
-    				pPart,pulPartLen);
-}
-
-/* FC_SignEncryptUpdate continues a multiple-part signing and encryption 
- * operation. */
-CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR  pPart,
-	 CK_ULONG  ulPartLen, CK_BYTE_PTR  pEncryptedPart,
-					 CK_ULONG_PTR pulEncryptedPartLen) {
-
-    PK11_FIPSCHECK();
-    return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
-					 pulEncryptedPartLen);
-}
-
-/* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify 
- * operation. */
-CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 
-	CK_BYTE_PTR  pEncryptedData, CK_ULONG  ulEncryptedDataLen, 
-				CK_BYTE_PTR  pData, CK_ULONG_PTR pulDataLen) {
-
-    PK11_FIPSCHECK();
-    return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen, 
-				pData,pulDataLen);
-}
-
-
-/* FC_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
-    PK11_FIPSCHECK();
-    return NSC_DigestKey(hSession,hKey);
-}
-
-
-CK_RV FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
-							 CK_VOID_PTR pReserved)
-{
-    return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
-}
diff --git a/security/nss/lib/softoken/keydb.c b/security/nss/lib/softoken/keydb.c
deleted file mode 100644
index f7ad1fe38..000000000
--- a/security/nss/lib/softoken/keydb.c
+++ /dev/null
@@ -1,2425 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Private Key Database code
- *
- * $Id$
- */
-
-#include "lowkeyi.h"
-#include "seccomon.h"
-#include "sechash.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "blapi.h"
-#include "secitem.h"
-#include "pcert.h"
-#include "mcom_db.h"
-#include "lowpbe.h"
-#include "secerr.h"
-#include "cdbhdl.h"
-
-#include "keydbi.h"
-
-/*
- * Record keys for keydb
- */
-#define SALT_STRING "global-salt"
-#define VERSION_STRING "Version"
-#define KEYDB_PW_CHECK_STRING	"password-check"
-#define KEYDB_PW_CHECK_LEN	14
-#define KEYDB_FAKE_PW_CHECK_STRING	"fake-password-check"
-#define KEYDB_FAKE_PW_CHECK_LEN	19
-
-/* Size of the global salt for key database */
-#define SALT_LENGTH     16
-
-const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(NSSLOWKEYAttribute) },
-    { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) },
-    { SEC_ASN1_SET_OF, offsetof(NSSLOWKEYAttribute, attrValue), 
-	SEC_AnyTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate },
-};
-/* ASN1 Templates for new decoder/encoder */
-const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
-    { SEC_ASN1_INTEGER,
-	offsetof(NSSLOWKEYPrivateKeyInfo,version) },
-    { SEC_ASN1_INLINE,
-	offsetof(NSSLOWKEYPrivateKeyInfo,algorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(NSSLOWKEYPrivateKeyInfo,privateKey) },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
-	offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
-	nsslowkey_SetOfAttributeTemplate },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PointerToPrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_POINTER, 0, nsslowkey_PrivateKeyInfoTemplate }
-};
-
-const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	0, NULL, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo) },
-    { SEC_ASN1_INLINE,
-	offsetof(NSSLOWKEYEncryptedPrivateKeyInfo,algorithm),
-	SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	offsetof(NSSLOWKEYEncryptedPrivateKeyInfo,encryptedData) },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PointerToEncryptedPrivateKeyInfoTemplate[] = {
-	{ SEC_ASN1_POINTER, 0, nsslowkey_EncryptedPrivateKeyInfoTemplate }
-};
-
-
-/* ====== Default key databse encryption algorithm ====== */
-
-static SECOidTag defaultKeyDBAlg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
-
-/*
- * Default algorithm for encrypting data in the key database
- */
-SECOidTag
-nsslowkey_GetDefaultKeyDBAlg(void)
-{
-    return(defaultKeyDBAlg);
-}
-
-void
-nsslowkey_SetDefaultKeyDBAlg(SECOidTag alg)
-{
-    defaultKeyDBAlg = alg;
-
-    return;
-}
-
-static void
-sec_destroy_dbkey(NSSLOWKEYDBKey *dbkey)
-{
-    if ( dbkey && dbkey->arena ) {
-	PORT_FreeArena(dbkey->arena, PR_FALSE);
-    }
-}
-
-static void
-free_dbt(DBT *dbt)
-{
-    if ( dbt ) {
-	PORT_Free(dbt->data);
-	PORT_Free(dbt);
-    }
-    
-    return;
-}
-
-/*
- * format of key database entries for version 3 of database:
- *	byte offset	field
- *	-----------	-----
- *	0		version
- *	1		salt-len
- *	2		nn-len
- *	3..		salt-data
- *	...		nickname
- *	...		encrypted-key-data
- */
-static DBT *
-encode_dbkey(NSSLOWKEYDBKey *dbkey,unsigned char version)
-{
-    DBT *bufitem = NULL;
-    unsigned char *buf;
-    int nnlen;
-    char *nn;
-    
-    bufitem = (DBT *)PORT_ZAlloc(sizeof(DBT));
-    if ( bufitem == NULL ) {
-	goto loser;
-    }
-    
-    if ( dbkey->nickname ) {
-	nn = dbkey->nickname;
-	nnlen = PORT_Strlen(nn) + 1;
-    } else {
-	nn = "";
-	nnlen = 1;
-    }
-    
-    /* compute the length of the record */
-    /* 1 + 1 + 1 == version number header + salt length + nn len */
-    bufitem->size = dbkey->salt.len + nnlen + dbkey->derPK.len + 1 + 1 + 1;
-    
-    bufitem->data = (void *)PORT_ZAlloc(bufitem->size);
-    if ( bufitem->data == NULL ) {
-	goto loser;
-    }
-
-    buf = (unsigned char *)bufitem->data;
-    
-    /* set version number */
-    buf[0] = version;
-
-    /* set length of salt */
-    PORT_Assert(dbkey->salt.len < 256);
-    buf[1] = dbkey->salt.len;
-
-    /* set length of nickname */
-    PORT_Assert(nnlen < 256);
-    buf[2] = nnlen;
-
-    /* copy salt */
-    PORT_Memcpy(&buf[3], dbkey->salt.data, dbkey->salt.len);
-
-    /* copy nickname */
-    PORT_Memcpy(&buf[3 + dbkey->salt.len], nn, nnlen);
-
-    /* copy encrypted key */
-    PORT_Memcpy(&buf[3 + dbkey->salt.len + nnlen], dbkey->derPK.data,
-	      dbkey->derPK.len);
-    
-    return(bufitem);
-    
-loser:
-    if ( bufitem ) {
-	free_dbt(bufitem);
-    }
-    
-    return(NULL);
-}
-
-static NSSLOWKEYDBKey *
-decode_dbkey(DBT *bufitem, int expectedVersion)
-{
-    NSSLOWKEYDBKey *dbkey;
-    PLArenaPool *arena = NULL;
-    unsigned char *buf;
-    int version;
-    int keyoff;
-    int nnlen;
-    int saltoff;
-    
-    buf = (unsigned char *)bufitem->data;
-
-    version = buf[0];
-    
-    if ( version != expectedVersion ) {
-	goto loser;
-    }
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
-    if ( dbkey == NULL ) {
-	goto loser;
-    }
-
-    dbkey->arena = arena;
-    dbkey->salt.data = NULL;
-    dbkey->derPK.data = NULL;
-    
-    dbkey->salt.len = buf[1];
-    dbkey->salt.data = (unsigned char *)PORT_ArenaZAlloc(arena, dbkey->salt.len);
-    if ( dbkey->salt.data == NULL ) {
-	goto loser;
-    }
-
-    saltoff = 2;
-    keyoff = 2 + dbkey->salt.len;
-    
-    if ( expectedVersion >= 3 ) {
-	nnlen = buf[2];
-	if ( nnlen ) {
-	    dbkey->nickname = (char *)PORT_ArenaZAlloc(arena, nnlen + 1);
-	    if ( dbkey->nickname ) {
-		PORT_Memcpy(dbkey->nickname, &buf[keyoff+1], nnlen);
-	    }
-	}
-	keyoff += ( nnlen + 1 );
-	saltoff = 3;
-    }
-
-    PORT_Memcpy(dbkey->salt.data, &buf[saltoff], dbkey->salt.len);
-    
-    dbkey->derPK.len = bufitem->size - keyoff;
-    dbkey->derPK.data = (unsigned char *)PORT_ArenaZAlloc(arena,dbkey->derPK.len);
-    if ( dbkey->derPK.data == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(dbkey->derPK.data, &buf[keyoff], dbkey->derPK.len);
-    
-    return(dbkey);
-    
-loser:
-
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-static NSSLOWKEYDBKey *
-get_dbkey(NSSLOWKEYDBHandle *handle, DBT *index)
-{
-    NSSLOWKEYDBKey *dbkey;
-    DBT entry;
-    int ret;
-    
-    /* get it from the database */
-    ret = (* handle->db->get)(handle->db, index, &entry, 0);
-    if ( ret ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return NULL;
-    }
-
-    /* set up dbkey struct */
-
-    dbkey = decode_dbkey(&entry, handle->version);
-
-    return(dbkey);
-}
-
-static SECStatus
-put_dbkey(NSSLOWKEYDBHandle *handle, DBT *index, NSSLOWKEYDBKey *dbkey, PRBool update)
-{
-    DBT *keydata = NULL;
-    int status;
-    
-    keydata = encode_dbkey(dbkey, handle->version);
-    if ( keydata == NULL ) {
-	goto loser;
-    }
-    
-    /* put it in the database */
-    if ( update ) {
-	status = (* handle->db->put)(handle->db, index, keydata, 0);
-    } else {
-	status = (* handle->db->put)(handle->db, index, keydata,
-				     R_NOOVERWRITE);
-    }
-    
-    if ( status ) {
-	goto loser;
-    }
-
-    /* sync the database */
-    status = (* handle->db->sync)(handle->db, 0);
-    if ( status ) {
-	goto loser;
-    }
-
-    free_dbt(keydata);
-    return(SECSuccess);
-
-loser:
-    if ( keydata ) {
-	free_dbt(keydata);
-    }
-    
-    return(SECFailure);
-}
-
-SECStatus
-nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle, 
-		 SECStatus (* keyfunc)(DBT *k, DBT *d, void *pdata),
-		 void *udata )
-{
-    DBT data;
-    DBT key;
-    SECStatus status;
-    int ret;
-
-    if (handle == NULL) {
-	return(SECFailure);
-    }
-
-    ret = (* handle->db->seq)(handle->db, &key, &data, R_FIRST);
-    if ( ret ) {
-	return(SECFailure);
-    }
-    
-    do {
-	/* skip version record */
-	if ( data.size > 1 ) {
-	    if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
-		if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
-		    continue;
-		}
-	    }
-
-	    /* skip password check */
-	    if ( key.size == KEYDB_PW_CHECK_LEN ) {
-		if ( PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
-				 KEYDB_PW_CHECK_LEN) == 0 ) {
-		    continue;
-		}
-	    }
-	    
-	    status = (* keyfunc)(&key, &data, udata);
-	    if (status != SECSuccess) {
-		return(status);
-	    }
-	}
-    } while ( (* handle->db->seq)(handle->db, &key, &data, R_NEXT) == 0 );
-
-    return(SECSuccess);
-}
-
-typedef struct keyNode {
-    struct keyNode *next;
-    DBT key;
-} keyNode;
-
-typedef struct {
-    PLArenaPool *arena;
-    keyNode *head;
-} keyList;
-
-static SECStatus
-sec_add_key_to_list(DBT *key, DBT *data, void *arg)
-{
-    keyList *keylist;
-    keyNode *node;
-    void *keydata;
-    
-    keylist = (keyList *)arg;
-
-    /* allocate the node struct */
-    node = (keyNode*)PORT_ArenaZAlloc(keylist->arena, sizeof(keyNode));
-    if ( node == NULL ) {
-	return(SECFailure);
-    }
-    
-    /* allocate room for key data */
-    keydata = PORT_ArenaZAlloc(keylist->arena, key->size);
-    if ( keydata == NULL ) {
-	return(SECFailure);
-    }
-
-    /* link node into list */
-    node->next = keylist->head;
-    keylist->head = node;
-
-    /* copy key into node */
-    PORT_Memcpy(keydata, key->data, key->size);
-    node->key.size = key->size;
-    node->key.data = keydata;
-    
-    return(SECSuccess);
-}
-
-static SECItem *
-decodeKeyDBGlobalSalt(DBT *saltData)
-{
-    SECItem *saltitem;
-    
-    saltitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if ( saltitem == NULL ) {
-	return(NULL);
-    }
-    
-    saltitem->data = (unsigned char *)PORT_ZAlloc(saltData->size);
-    if ( saltitem->data == NULL ) {
-	PORT_Free(saltitem);
-	return(NULL);
-    }
-    
-    saltitem->len = saltData->size;
-    PORT_Memcpy(saltitem->data, saltData->data, saltitem->len);
-    
-    return(saltitem);
-}
-
-static SECItem *
-GetKeyDBGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
-    DBT saltKey;
-    DBT saltData;
-    int ret;
-    
-    saltKey.data = SALT_STRING;
-    saltKey.size = sizeof(SALT_STRING) - 1;
-
-    ret = (* handle->db->get)(handle->db, &saltKey, &saltData, 0);
-    if ( ret ) {
-	return(NULL);
-    }
-
-    return(decodeKeyDBGlobalSalt(&saltData));
-}
-
-static SECStatus
-makeGlobalVersion(NSSLOWKEYDBHandle *handle)
-{
-    unsigned char version;
-    DBT versionData;
-    DBT versionKey;
-    int status;
-    
-    version = NSSLOWKEY_DB_FILE_VERSION;
-    versionData.data = &version;
-    versionData.size = 1;
-    versionKey.data = VERSION_STRING;
-    versionKey.size = sizeof(VERSION_STRING)-1;
-		
-    /* put version string into the database now */
-    status = (* handle->db->put)(handle->db, &versionKey, &versionData, 0);
-    if ( status ) {
-	return(SECFailure);
-    }
-    handle->version = version;
-
-    return(SECSuccess);
-}
-
-
-static SECStatus
-makeGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
-    DBT saltKey;
-    DBT saltData;
-    unsigned char saltbuf[16];
-    int status;
-    
-    saltKey.data = SALT_STRING;
-    saltKey.size = sizeof(SALT_STRING) - 1;
-
-    saltData.data = (void *)saltbuf;
-    saltData.size = sizeof(saltbuf);
-    RNG_GenerateGlobalRandomBytes(saltbuf, sizeof(saltbuf));
-
-    /* put global salt into the database now */
-    status = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
-    if ( status ) {
-	return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-static char *
-keyDBFilenameCallback(void *arg, int dbVersion)
-{
-    return(PORT_Strdup((char *)arg));
-}
-
-static SECStatus
-ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
-		       SECItem *oldpwitem, SECItem *newpwitem,
-		       SECOidTag new_algorithm);
-/*
- * Second pass of updating the key db.  This time we have a password.
- */
-static SECStatus
-nsslowkey_UpdateKeyDBPass2(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
-    SECStatus rv;
-    
-    rv = ChangeKeyDBPasswordAlg(handle, pwitem, pwitem,
-			     nsslowkey_GetDefaultKeyDBAlg());
-    
-    return(rv);
-}
-
-static SECStatus
-encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
-		   SECItem *encCheck);
-
-static unsigned char
-nsslowkey_version(DB *db)
-{
-    DBT versionKey;
-    DBT versionData;
-    int ret;
-    versionKey.data = VERSION_STRING;
-    versionKey.size = sizeof(VERSION_STRING)-1;
-
-    /* lookup version string in database */
-    ret = (* db->get)( db, &versionKey, &versionData, 0 );
-
-    /* error accessing the database */
-    if ( ret < 0 ) {
-	return 255;
-    }
-
-    if ( ret >= 1 ) {
-	return 0;
-    }
-    return *( (unsigned char *)versionData.data);
-}
-
-static PRBool
-seckey_HasAServerKey(DB *db)
-{
-    DBT key;
-    DBT data;
-    int ret;
-    PRBool found = PR_FALSE;
-
-    ret = (* db->seq)(db, &key, &data, R_FIRST);
-    if ( ret ) {
-	return PR_FALSE;
-    }
-    
-    do {
-	/* skip version record */
-	if ( data.size > 1 ) {
-	    /* skip salt */
-	    if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
-		if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
-		    continue;
-		}
-	    }
-	    /* skip pw check entry */
-	    if ( key.size == KEYDB_PW_CHECK_LEN ) {
-		if ( PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING, 
-						KEYDB_PW_CHECK_LEN) == 0 ) {
-		    continue;
-		}
-	    }
-
-	    /* keys stored by nickname will have 0 as the last byte of the
-	     * db key.  Other keys must be stored by modulus.  We will not
-	     * update those because they are left over from a keygen that
-	     * never resulted in a cert.
-	     */
-	    if ( ((unsigned char *)key.data)[key.size-1] != 0 ) {
-		continue;
-	    }
-
-	    if (PORT_Strcmp(key.data,"Server-Key") == 0) {
-		found = PR_TRUE;
-	        break;
-	    }
-	    
-	}
-    } while ( (* db->seq)(db, &key, &data, R_NEXT) == 0 );
-
-    return found;
-}
-/*
- * currently updates key database from v2 to v3
- */
-static SECStatus
-nsslowkey_UpdateKeyDBPass1(NSSLOWKEYDBHandle *handle)
-{
-    SECStatus rv;
-    DBT checkKey;
-    DBT checkData;
-    DBT saltKey;
-    DBT saltData;
-    DBT key;
-    DBT data;
-    unsigned char version;
-    SECItem *rc4key = NULL;
-    NSSLOWKEYDBKey *dbkey = NULL;
-    SECItem *oldSalt = NULL;
-    int ret;
-    SECItem checkitem;
-
-    if ( handle->updatedb == NULL ) {
-	return(SECSuccess);
-    }
-
-    /*
-     * check the version record
-     */
-    version = nsslowkey_version(handle->updatedb);
-    if (version != 2) {
-	goto done;
-    }
-
-    saltKey.data = SALT_STRING;
-    saltKey.size = sizeof(SALT_STRING) - 1;
-
-    ret = (* handle->updatedb->get)(handle->updatedb, &saltKey, &saltData, 0);
-    if ( ret ) {
-	/* no salt in old db, so it is corrupted */
-	goto done;
-    }
-
-    oldSalt = decodeKeyDBGlobalSalt(&saltData);
-    if ( oldSalt == NULL ) {
-	/* bad salt in old db, so it is corrupted */
-	goto done;
-    }
-
-    /*
-     * look for a pw check entry
-     */
-    checkKey.data = KEYDB_PW_CHECK_STRING;
-    checkKey.size = KEYDB_PW_CHECK_LEN;
-    
-    ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
-				   &checkData, 0 );
-    if (ret) {
-	/*
-	 * if we have a key, but no KEYDB_PW_CHECK_STRING, then this must
-	 * be an old server database, and it does have a password associated
-	 * with it. Put a fake entry in so we can identify this db when we do
-	 * get the password for it.
-	 */
-	if (seckey_HasAServerKey(handle->updatedb)) {
-	    DBT fcheckKey;
-	    DBT fcheckData;
-
-	    /*
-	     * include a fake string
-	     */
-	    fcheckKey.data = KEYDB_FAKE_PW_CHECK_STRING;
-	    fcheckKey.size = KEYDB_FAKE_PW_CHECK_LEN;
-	    fcheckData.data = "1";
-	    fcheckData.size = 1;
-	    /* put global salt into the new database now */
-	    ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
-	    if ( ret ) {
-		goto done;
-	    }
-	    ret = (* handle->db->put)( handle->db, &fcheckKey, &fcheckData, 0);
-	    if ( ret ) {
-		goto done;
-	    }
-	} else {
-	    goto done;
-	}
-    } else {
-	/* put global salt into the new database now */
-	ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
-	if ( ret ) {
-	    goto done;
-	}
-
-	dbkey = decode_dbkey(&checkData, 2);
-	if ( dbkey == NULL ) {
-	    goto done;
-	}
-	checkitem = dbkey->derPK;
-	dbkey->derPK.data = NULL;
-    
-	/* format the new pw check entry */
-	rv = encodePWCheckEntry(NULL, &dbkey->derPK, SEC_OID_RC4, &checkitem);
-	if ( rv != SECSuccess ) {
-	    goto done;
-	}
-
-	rv = put_dbkey(handle, &checkKey, dbkey, PR_TRUE);
-	if ( rv != SECSuccess ) {
-	    goto done;
-	}
-
-	/* free the dbkey */
-	sec_destroy_dbkey(dbkey);
-	dbkey = NULL;
-    }
-    
-    
-    /* now traverse the database */
-    ret = (* handle->updatedb->seq)(handle->updatedb, &key, &data, R_FIRST);
-    if ( ret ) {
-	goto done;
-    }
-    
-    do {
-	/* skip version record */
-	if ( data.size > 1 ) {
-	    /* skip salt */
-	    if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
-		if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
-		    continue;
-		}
-	    }
-	    /* skip pw check entry */
-	    if ( key.size == checkKey.size ) {
-		if ( PORT_Memcmp(key.data, checkKey.data, key.size) == 0 ) {
-		    continue;
-		}
-	    }
-
-	    /* keys stored by nickname will have 0 as the last byte of the
-	     * db key.  Other keys must be stored by modulus.  We will not
-	     * update those because they are left over from a keygen that
-	     * never resulted in a cert.
-	     */
-	    if ( ((unsigned char *)key.data)[key.size-1] != 0 ) {
-		continue;
-	    }
-	    
-	    dbkey = decode_dbkey(&data, 2);
-	    if ( dbkey == NULL ) {
-		continue;
-	    }
-
-	    /* This puts the key into the new database with the same
-	     * index (nickname) that it had before.  The second pass
-	     * of the update will have the password.  It will decrypt
-	     * and re-encrypt the entries using a new algorithm.
-	     */
-	    dbkey->nickname = (char *)key.data;
-	    rv = put_dbkey(handle, &key, dbkey, PR_FALSE);
-	    dbkey->nickname = NULL;
-
-	    sec_destroy_dbkey(dbkey);
-	}
-    } while ( (* handle->updatedb->seq)(handle->updatedb, &key, &data,
-					R_NEXT) == 0 );
-
-    dbkey = NULL;
-
-done:
-    /* sync the database */
-    ret = (* handle->db->sync)(handle->db, 0);
-
-    (* handle->updatedb->close)(handle->updatedb);
-    handle->updatedb = NULL;
-    
-    if ( rc4key ) {
-	SECITEM_FreeItem(rc4key, PR_TRUE);
-    }
-    
-    if ( oldSalt ) {
-	SECITEM_FreeItem(oldSalt, PR_TRUE);
-    }
-    
-    if ( dbkey ) {
-	sec_destroy_dbkey(dbkey);
-    }
-
-    return(SECSuccess);
-}
-
-NSSLOWKEYDBHandle *
-nsslowkey_OpenKeyDB(PRBool readOnly, const char *appName, const char *prefix,
-				NSSLOWKEYDBNameFunc namecb, void *cbarg)
-{
-    NSSLOWKEYDBHandle *handle;
-    int ret;
-    SECStatus rv;
-    int openflags;
-    char *dbname = NULL;
-    PRBool updated = PR_FALSE;
-    
-    handle = (NSSLOWKEYDBHandle *)PORT_ZAlloc (sizeof(NSSLOWKEYDBHandle));
-    if (handle == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    openflags = readOnly ? NO_RDONLY : NO_RDWR;
-
-    dbname = (*namecb)(cbarg, NSSLOWKEY_DB_FILE_VERSION);
-    if ( dbname == NULL ) {
-	goto loser;
-    }
-
-    handle->dbname = PORT_Strdup(dbname);
-    handle->readOnly = readOnly;
-   
-    if (appName) {
-	handle->db = rdbopen( appName, prefix, "key", openflags);
-    } else {
-	handle->db = dbopen( dbname, openflags, 0600, DB_HASH, 0 );
-    }
-
-    /* check for correct version number */
-    if (handle->db != NULL) {
-	handle->version = nsslowkey_version(handle->db);
-	if (handle->version == 255) {
-	    goto loser;
-	}
-	if (handle->version != NSSLOWKEY_DB_FILE_VERSION ) {
-	    /* bogus version number record, reset the database */
-	    (* handle->db->close)( handle->db );
-	    handle->db = NULL;
-
-	    goto newdb;
-	}
-
-    }
-
-newdb:
-
-    /* if first open fails, try to create a new DB */
-    if ( handle->db == NULL ) {
-	if ( readOnly ) {
-	    goto loser;
-	}
-
-	if (appName) {
-	    handle->db = rdbopen( appName, prefix, "key", NO_CREATE);
-	    handle->updatedb = dbopen( dbname, NO_RDONLY, 0600, DB_HASH, 0 );
-	    if (handle->updatedb) {
-		handle->version = nsslowkey_version(handle->updatedb);
-		if (handle->version != NSSLOWKEY_DB_FILE_VERSION) {
-		    (*handle->updatedb->close)(handle->updatedb);
-		    handle->updatedb = NULL;
-		} else {
-		    db_Copy(handle->db, handle->updatedb);
-		    (*handle->updatedb->close)(handle->updatedb);
-		    handle->updatedb = NULL;
-		    goto done;
-		}
-	    }
-	} else {
-	    handle->db = dbopen( dbname, NO_CREATE, 0600, DB_HASH, 0 );
-	}
-
-        PORT_Free( dbname );
-        dbname = NULL;
-
-	/* if create fails then we lose */
-	if ( handle->db == NULL ) {
-	    goto loser;
-	}
-
-	rv = makeGlobalVersion(handle);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-	/*
-	 * try to update from v2 db
-	 */
-	dbname = (*namecb)(cbarg, 2);
-	if ( dbname != NULL ) {
-	    handle->updatedb = dbopen( dbname, NO_RDONLY, 0600, DB_HASH, 0 );
-            PORT_Free( dbname );
-            dbname = NULL;
-
-	    if ( handle->updatedb ) {
-		/*
-		 * Try to update the db using a null password.  If the db
-		 * doesn't have a password, then this will work.  If it does
-		 * have a password, then this will fail and we will do the
-		 * update later
-		 */
-		rv = nsslowkey_UpdateKeyDBPass1(handle);
-		if ( rv == SECSuccess ) {
-		    updated = PR_TRUE;
-		}
-	    }
-	    
-	}
-
-	/* we are using the old salt if we updated from an old db */
-	if ( ! updated ) {
-	    rv = makeGlobalSalt(handle);
-	    if ( rv != SECSuccess ) {
-		goto loser;
-	    }
-	}
-	
-	/* sync the database */
-	ret = (* handle->db->sync)(handle->db, 0);
-	if ( ret ) {
-	    goto loser;
-	}
-    }
-
-done:
-
-    handle->global_salt = GetKeyDBGlobalSalt(handle);
-    if ( dbname )
-        PORT_Free( dbname );
-    return handle;
-
-loser:
-
-    if ( dbname )
-        PORT_Free( dbname );
-    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-
-    if ( handle->db ) {
-	(* handle->db->close)(handle->db);
-    }
-    if ( handle->updatedb ) {
-	(* handle->updatedb->close)(handle->updatedb);
-    }
-    PORT_Free(handle);
-    return NULL;
-}
-
-/*
- * Close the database
- */
-void
-nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle)
-{
-    if (handle != NULL) {
-	if (handle->db != NULL) {
-	    (* handle->db->close)(handle->db);
-	}
-	if (handle->dbname) PORT_Free(handle->dbname);
-	if (handle->global_salt) {
-	    SECITEM_FreeItem(handle->global_salt,PR_TRUE);
-	}
-	    
-	PORT_Free(handle);
-    }
-}
-
-/* Get the key database version */
-int
-nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle)
-{
-    PORT_Assert(handle != NULL);
-
-    return handle->version;
-}
-
-/*
- * Delete a private key that was stored in the database
- */
-SECStatus
-nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, SECItem *pubkey)
-{
-    DBT namekey;
-    int ret;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return(SECFailure);
-    }
-
-    /* set up db key and data */
-    namekey.data = pubkey->data;
-    namekey.size = pubkey->len;
-
-    /* delete it from the database */
-    ret = (* handle->db->del)(handle->db, &namekey, 0);
-    if ( ret ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return(SECFailure);
-    }
-
-    /* sync the database */
-    ret = (* handle->db->sync)(handle->db, 0);
-    if ( ret ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-/*
- * Store a key in the database, indexed by its public key modulus.(value!)
- */
-SECStatus
-nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle, 
-			   NSSLOWKEYPrivateKey *privkey,
-			   SECItem *pubKeyData,
-			   char *nickname,
-			   SECItem *arg)
-{
-    return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData, 
-	     nickname, arg, nsslowkey_GetDefaultKeyDBAlg(),PR_FALSE);
-}
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle, 
-			   NSSLOWKEYPrivateKey *privkey,
-			   SECItem *pubKeyData,
-			   char *nickname,
-			   SECItem *arg)
-{
-    return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData, 
-	     nickname, arg, nsslowkey_GetDefaultKeyDBAlg(),PR_TRUE);
-}
-
-/* see if the public key for this cert is in the database filed
- * by modulus
- */
-PRBool
-nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle, NSSLOWCERTCertificate *cert)
-{
-    NSSLOWKEYPublicKey *pubkey = NULL;
-    DBT namekey;
-    DBT dummy;
-    int status;
-    
-    /* get cert's public key */
-    pubkey = nsslowcert_ExtractPublicKey(cert);
-    if ( pubkey == NULL ) {
-	return PR_FALSE;
-    }
-
-    /* TNH - make key from NSSLOWKEYPublicKey */
-    switch (pubkey->keyType) {
-      case NSSLOWKEYRSAKey:
-	namekey.data = pubkey->u.rsa.modulus.data;
-	namekey.size = pubkey->u.rsa.modulus.len;
-	break;
-      case NSSLOWKEYDSAKey:
-	namekey.data = pubkey->u.dsa.publicValue.data;
-	namekey.size = pubkey->u.dsa.publicValue.len;
-	break;
-      case NSSLOWKEYDHKey:
-	namekey.data = pubkey->u.dh.publicValue.data;
-	namekey.size = pubkey->u.dh.publicValue.len;
-	break;
-      default:
-	/* XXX We don't do Fortezza or DH yet. */
-	return PR_FALSE;
-    }
-
-    if (handle->version != 3) {
-	unsigned char buf[SHA1_LENGTH];
-	SHA1_HashBuf(buf,namekey.data,namekey.size);
-	/* NOTE: don't use pubkey after this! it's now thrashed */
-	PORT_Memcpy(namekey.data,buf,sizeof(buf));
-	namekey.size = sizeof(buf);
-    }
-
-    status = (* handle->db->get)(handle->db, &namekey, &dummy, 0);
-    nsslowkey_DestroyPublicKey(pubkey);
-    if ( status ) {
-	return PR_FALSE;
-    }
-    
-    return PR_TRUE;
-}
-
-/*
- * check to see if the user has a password
- */
-SECStatus
-nsslowkey_HasKeyDBPassword(NSSLOWKEYDBHandle *handle)
-{
-    DBT checkkey, checkdata;
-    int ret;
-
-    if (handle == NULL) {
-	return(SECFailure);
-    }
-
-    checkkey.data = KEYDB_PW_CHECK_STRING;
-    checkkey.size = KEYDB_PW_CHECK_LEN;
-    
-    ret = (* handle->db->get)(handle->db, &checkkey, &checkdata, 0 );
-    if ( ret ) {
-	/* see if this was an updated DB first */
-	checkkey.data = KEYDB_FAKE_PW_CHECK_STRING;
-	checkkey.size = KEYDB_FAKE_PW_CHECK_LEN;
-	ret = (* handle->db->get)(handle->db, &checkkey, &checkdata, 0 );
-    	if ( ret ) {
-	    return(SECFailure);
-	}
-    }
-
-    return(SECSuccess);
-}
-
-/*
- * Set up the password checker in the key database.
- * This is done by encrypting a known plaintext with the user's key.
- */
-SECStatus
-nsslowkey_SetKeyDBPassword(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
-    return nsslowkey_SetKeyDBPasswordAlg(handle, pwitem,
-				      nsslowkey_GetDefaultKeyDBAlg());
-}
-
-static SECStatus
-HashPassword(unsigned char *hashresult, char *pw, SECItem *salt)
-{
-    SHA1Context *cx;
-    unsigned int outlen;
-    cx = SHA1_NewContext();
-    if ( cx == NULL ) {
-	return(SECFailure);
-    }
-    
-    SHA1_Begin(cx);
-    if ( ( salt != NULL ) && ( salt->data != NULL ) ) {
-	SHA1_Update(cx, salt->data, salt->len);
-    }
-    
-    SHA1_Update(cx, (unsigned char *)pw, PORT_Strlen(pw));
-    SHA1_End(cx, hashresult, &outlen, SHA1_LENGTH);
-    
-    SHA1_DestroyContext(cx, PR_TRUE);
-    
-    return(SECSuccess);
-}
-
-SECItem *
-nsslowkey_HashPassword(char *pw, SECItem *salt)
-{
-    SECItem *pwitem;
-    SECStatus rv;
-    
-    pwitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if ( pwitem == NULL ) {
-	return(NULL);
-    }
-    pwitem->len = SHA1_LENGTH;
-    pwitem->data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
-    if ( pwitem->data == NULL ) {
-	PORT_Free(pwitem);
-	return(NULL);
-    }
-    if ( pw ) {
-	rv = HashPassword(pwitem->data, pw, salt);
-	if ( rv != SECSuccess ) {
-	    SECITEM_ZfreeItem(pwitem, PR_TRUE);
-	    return(NULL);
-	}
-    }
-    
-    return(pwitem);
-}
-
-/* Derive the actual password value for the database from a pw string */
-SECItem *
-nsslowkey_DeriveKeyDBPassword(NSSLOWKEYDBHandle *keydb, char *pw)
-{
-    PORT_Assert(keydb != NULL);
-    PORT_Assert(pw != NULL);
-    if (keydb == NULL || pw == NULL) return(NULL);
-
-    return nsslowkey_HashPassword(pw, keydb->global_salt);
-}
-
-#if 0
-/* Appears obsolete - TNH */
-/* get the algorithm with which a private key
- * is encrypted.
- */
-SECOidTag 
-seckey_get_private_key_algorithm(NSSLOWKEYDBHandle *keydb, DBT *index)   
-{
-    NSSLOWKEYDBKey *dbkey = NULL;
-    SECOidTag algorithm = SEC_OID_UNKNOWN;
-    NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
-    PLArenaPool *poolp = NULL;
-    SECStatus rv;
-
-    poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(poolp == NULL)
-	return (SECOidTag)SECFailure;  /* TNH - this is bad */
-
-    dbkey = get_dbkey(keydb, index);
-    if(dbkey == NULL)
-	return (SECOidTag)SECFailure;
-
-    epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp, 
-	sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
-    if(epki == NULL)
-	goto loser;
-    rv = SEC_ASN1DecodeItem(poolp, epki, 
-	nsslowkey_EncryptedPrivateKeyInfoTemplate, &dbkey->derPK);
-    if(rv == SECFailure)
-	goto loser;
-
-    algorithm = SECOID_GetAlgorithmTag(&epki->algorithm);
-
-    /* let success fall through */
-loser:
-    if(poolp != NULL)
-	PORT_FreeArena(poolp, PR_TRUE);\
-    if(dbkey != NULL)
-	sec_destroy_dbkey(dbkey);
-
-    return algorithm;
-}
-#endif
-	
-/*
- * Derive an RC4 key from a password key and a salt.  This
- * was the method to used to encrypt keys in the version 2?
- * database
- */
-SECItem *
-seckey_create_rc4_key(SECItem *pwitem, SECItem *salt)
-{
-    MD5Context *md5 = NULL;
-    unsigned int part;
-    SECStatus rv = SECFailure;
-    SECItem *key = NULL;
-
-    key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(key != NULL)
-    {
-	key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
-		MD5_LENGTH);
-	key->len = MD5_LENGTH;
-	if(key->data != NULL)
-	{
-	    md5 = MD5_NewContext();
-	    if ( md5 != NULL ) 
-	    {
-		MD5_Begin(md5);
-		MD5_Update(md5, salt->data, salt->len);
-		MD5_Update(md5, pwitem->data, pwitem->len);
-		MD5_End(md5, key->data, &part, MD5_LENGTH);
-		MD5_DestroyContext(md5, PR_TRUE);
-		rv = SECSuccess;
-	    }
-	}
-	
-	if(rv != SECSuccess)
-	{
-	    SECITEM_FreeItem(key, PR_TRUE);
-	    key = NULL;
-	}
-    }
-
-    return key;
-}
-
-SECItem *
-seckey_create_rc4_salt(void)
-{
-    SECItem *salt = NULL;
-    SECStatus rv = SECFailure;
-
-    salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(salt == NULL)
-	return NULL;
-
-    salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
-	SALT_LENGTH);
-    if(salt->data != NULL)
-    {
-	salt->len = SALT_LENGTH;
-	RNG_GenerateGlobalRandomBytes(salt->data, salt->len);
-	rv = SECSuccess;
-    }
-	
-    if(rv == SECFailure)
-    {
-	SECITEM_FreeItem(salt, PR_TRUE);
-	salt = NULL;
-    }
-
-    return salt;
-}
-
-SECItem *
-seckey_rc4_decode(SECItem *key, SECItem *src)
-{
-    SECItem *dest = NULL;
-    RC4Context *ctxt = NULL;
-    SECStatus rv = SECFailure;
-
-    if((key == NULL) || (src == NULL))
-	return NULL;
-
-    dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(dest == NULL)
-	return NULL;
-
-    dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
-	(src->len + 64));  /* TNH - padding? */
-    if(dest->data != NULL)
-    {
-	ctxt = RC4_CreateContext(key->data, key->len);
-	if(ctxt != NULL)
-	{
-	    rv = RC4_Decrypt(ctxt, dest->data, &dest->len,
-		    src->len + 64, src->data, src->len);
-	    RC4_DestroyContext(ctxt, PR_TRUE);
-	}
-    }
-
-    if(rv == SECFailure)
-	if(dest != NULL)
-	{
-	    SECITEM_FreeItem(dest, PR_TRUE);
-	    dest = NULL;
-	}
-
-    return dest;
-}
-
-/* TNH - keydb is unused */
-/* TNH - the pwitem should be the derived key for RC4 */
-NSSLOWKEYEncryptedPrivateKeyInfo *
-seckey_encrypt_private_key(
-	NSSLOWKEYPrivateKey *pk, SECItem *pwitem, NSSLOWKEYDBHandle *keydb,
-	SECOidTag algorithm, SECItem **salt)
-{
-    NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
-    NSSLOWKEYPrivateKeyInfo *pki = NULL;
-    SECStatus rv = SECFailure;
-    PLArenaPool *temparena = NULL, *permarena = NULL;
-    SECItem *der_item = NULL;
-    NSSPKCS5PBEParameter *param = NULL;
-    SECItem *dummy = NULL, *dest = NULL;
-    SECAlgorithmID *algid;
-
-    *salt = NULL;
-    permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(permarena == NULL)
-	return NULL;
-
-    temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(temparena == NULL)
-	goto loser;
-
-    /* allocate structures */
-    epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(permarena,
-	sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
-    pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena, 
-	sizeof(NSSLOWKEYPrivateKeyInfo));
-    der_item = (SECItem *)PORT_ArenaZAlloc(temparena, sizeof(SECItem));
-    if((epki == NULL) || (pki == NULL) || (der_item == NULL))
-	goto loser;
-
-    epki->arena = permarena;
-
-    /* setup private key info */
-    dummy = SEC_ASN1EncodeInteger(temparena, &(pki->version), 
-	NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
-    if(dummy == NULL)
-	goto loser;
-
-    /* Encode the key, and set the algorithm (with params) */
-    switch (pk->keyType) {
-      case NSSLOWKEYRSAKey:
-        prepare_low_rsa_priv_key_for_asn1(pk);
-	dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk, 
-				   nsslowkey_RSAPrivateKeyTemplate);
-	if (dummy == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	
-	rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm), 
-				   SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
-	if (rv == SECFailure) {
-	    goto loser;
-	}
-	
-	break;
-      case NSSLOWKEYDSAKey:
-        prepare_low_dsa_priv_key_for_asn1(pk);
-	dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
-				   nsslowkey_DSAPrivateKeyTemplate);
-	if (dummy == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	
-        prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
-	dummy = SEC_ASN1EncodeItem(temparena, NULL, &pk->u.dsa.params,
-				   nsslowkey_PQGParamsTemplate);
-	if (dummy == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-	
-	rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
-				   SEC_OID_ANSIX9_DSA_SIGNATURE, dummy);
-	if (rv == SECFailure) {
-	    goto loser;
-	}
-	
-	break;
-      case NSSLOWKEYDHKey:
-        prepare_low_dh_priv_key_for_asn1(pk);
-	dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
-				   nsslowkey_DHPrivateKeyTemplate);
-	if (dummy == NULL) {
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
-				   SEC_OID_X942_DIFFIE_HELMAN_KEY, dummy);
-	if (rv == SECFailure) {
-	    goto loser;
-	}
-	break;
-      default:
-	/* We don't support DH or Fortezza private keys yet */
-	PORT_Assert(PR_FALSE);
-	break;
-    }
-
-    /* setup encrypted private key info */
-    dummy = SEC_ASN1EncodeItem(temparena, der_item, pki, 
-	nsslowkey_PrivateKeyInfoTemplate);
-    if(dummy == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = SECFailure; /* assume failure */
-    *salt = seckey_create_rc4_salt();
-    if (*salt == NULL) {
-	goto loser;
-    }
-
-    param = nsspkcs5_NewParam(algorithm,*salt,1);
-    if (param == NULL) {
-	goto loser;
-    }
-
-    dest = nsspkcs5_CipherData(param, pwitem, der_item, PR_TRUE, NULL);
-    if (dest == NULL) {
-	goto loser;
-    }
-
-    rv = SECITEM_CopyItem(permarena, &epki->encryptedData, dest);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    algid = nsspkcs5_CreateAlgorithmID(permarena, algorithm, param);
-    if (algid == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = SECOID_CopyAlgorithmID(permarena, &epki->algorithm, algid);
-    SECOID_DestroyAlgorithmID(algid, PR_TRUE);
-
-loser:
-    if(dest != NULL)
-	SECITEM_FreeItem(dest, PR_TRUE);
-
-    if(param != NULL)
-       nsspkcs5_DestroyPBEParameter(param);
-
-    /* let success fall through */
-
-    if(rv == SECFailure)
-    {
-	PORT_FreeArena(permarena, PR_TRUE);
-	epki = NULL;
-	if(*salt != NULL)
-	    SECITEM_FreeItem(*salt, PR_TRUE);
-    }
-
-    if(temparena != NULL)
-	PORT_FreeArena(temparena, PR_TRUE);
-
-    return epki;
-}
-
-static SECStatus 
-seckey_put_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, SECItem *pwitem,
-		       NSSLOWKEYPrivateKey *pk, char *nickname, PRBool update,
-		       SECOidTag algorithm)
-{
-    NSSLOWKEYDBKey *dbkey = NULL;
-    NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
-    PLArenaPool *temparena = NULL, *permarena = NULL;
-    SECItem *dummy = NULL;
-    SECItem *salt = NULL;
-    SECStatus rv = SECFailure;
-
-    if((keydb == NULL) || (index == NULL) || (pwitem == NULL) ||
-	(pk == NULL))
-	return SECFailure;
-	
-    permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(permarena == NULL)
-	return SECFailure;
-
-    dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(permarena, sizeof(NSSLOWKEYDBKey));
-    if(dbkey == NULL)
-	goto loser;
-    dbkey->arena = permarena;
-    dbkey->nickname = nickname;
-
-    /* TNH - for RC4, the salt should be created here */
-	
-    epki = seckey_encrypt_private_key(pk, pwitem, keydb, algorithm, &salt);
-    if(epki == NULL)
-	goto loser;
-    temparena = epki->arena;
-
-    if(salt != NULL)
-    {
-	rv = SECITEM_CopyItem(permarena, &(dbkey->salt), salt);
-	SECITEM_ZfreeItem(salt, PR_TRUE);
-    }
-
-    dummy = SEC_ASN1EncodeItem(permarena, &(dbkey->derPK), epki, 
-	nsslowkey_EncryptedPrivateKeyInfoTemplate);
-    if(dummy == NULL)
-	rv = SECFailure;
-    else
-	rv = put_dbkey(keydb, index, dbkey, update);
-
-    /* let success fall through */
-loser:
-    if(rv != SECSuccess)
-	if(permarena != NULL)
-	    PORT_FreeArena(permarena, PR_TRUE);
-    if(temparena != NULL)
-	PORT_FreeArena(temparena, PR_TRUE);
-
-    return rv;
-}
-
-/*
- * Store a key in the database, indexed by its public key modulus.
- * Note that the nickname is optional.  It was only used by keyutil.
- */
-SECStatus
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle, 
-			      NSSLOWKEYPrivateKey *privkey,
-			      SECItem *pubKeyData,
-			      char *nickname,
-			      SECItem *pwitem,
-			      SECOidTag algorithm,
-                              PRBool update)
-{
-    DBT namekey;
-    SECStatus rv;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return(SECFailure);
-    }
-
-    /* set up db key and data */
-    namekey.data = pubKeyData->data;
-    namekey.size = pubKeyData->len;
-
-    /* encrypt the private key */
-    rv = seckey_put_private_key(handle, &namekey, pwitem, privkey, nickname,
-				update, algorithm);
-    
-    return(rv);
-}
-
-NSSLOWKEYPrivateKey *
-seckey_decrypt_private_key(NSSLOWKEYEncryptedPrivateKeyInfo *epki,
-			   SECItem *pwitem)
-{
-    NSSLOWKEYPrivateKey *pk = NULL;
-    NSSLOWKEYPrivateKeyInfo *pki = NULL;
-    SECStatus rv = SECFailure;
-    SECOidTag algorithm;
-    PLArenaPool *temparena = NULL, *permarena = NULL;
-    SECItem *salt = NULL, *dest = NULL, *key = NULL;
-    NSSPKCS5PBEParameter *param;
-
-    if((epki == NULL) || (pwitem == NULL))
-	goto loser;
-
-    temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if((temparena == NULL) || (permarena == NULL))
-	goto loser;
-
-    /* allocate temporary items */
-    pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena, 
-	sizeof(NSSLOWKEYPrivateKeyInfo));
-
-    /* allocate permanent arena items */
-    pk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(permarena,
-	sizeof(NSSLOWKEYPrivateKey));
-
-    if((pk == NULL) || (pki == NULL))
-	goto loser;
-
-    pk->arena = permarena;
-	
-    algorithm = SECOID_GetAlgorithmTag(&(epki->algorithm));
-    switch(algorithm)
-    {
-	case SEC_OID_RC4:
-	    salt = SECITEM_DupItem(&epki->algorithm.parameters);
-	    if(salt != NULL)
-	    {
-		key = seckey_create_rc4_key(pwitem, salt);
-		if(key != NULL)
-		{
-		    dest = seckey_rc4_decode(key, &epki->encryptedData);
-		}
-	    }	
-	    if(salt != NULL)
-		SECITEM_ZfreeItem(salt, PR_TRUE);
-	    if(key != NULL)
-		SECITEM_ZfreeItem(key, PR_TRUE);
-	    break;
-	default:
-	    /* we depend on the fact that if this key was encoded with
-	     * DES, that the pw was also encoded with DES, so we don't have
-	     * to do the update here, the password code will handle it. */
-	    param = nsspkcs5_AlgidToParam(&epki->algorithm);
-	    if (param == NULL) {
-		break;
-	    }
-	    dest = nsspkcs5_CipherData(param, pwitem, &epki->encryptedData, 
-							PR_FALSE, NULL);
-	    nsspkcs5_DestroyPBEParameter(param);
-	    break;
-    }
-
-    if(dest != NULL)
-    {
-	rv = SEC_ASN1DecodeItem(temparena, pki, 
-	    nsslowkey_PrivateKeyInfoTemplate, dest);
-	if(rv == SECSuccess)
-	{
-	    switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
-	      case SEC_OID_X500_RSA_ENCRYPTION:
-	      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-		pk->keyType = NSSLOWKEYRSAKey;
-		prepare_low_rsa_priv_key_for_asn1(pk);
-		rv = SEC_ASN1DecodeItem(permarena, pk,
-					nsslowkey_RSAPrivateKeyTemplate,
-					&pki->privateKey);
-		break;
-	      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-		pk->keyType = NSSLOWKEYDSAKey;
-		prepare_low_dsa_priv_key_for_asn1(pk);
-		rv = SEC_ASN1DecodeItem(permarena, pk,
-					nsslowkey_DSAPrivateKeyTemplate,
-					&pki->privateKey);
-		if (rv != SECSuccess)
-		    goto loser;
-		prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
-		rv = SEC_ASN1DecodeItem(permarena, &pk->u.dsa.params,
-					nsslowkey_PQGParamsTemplate,
-					&pki->algorithm.parameters);
-		break;
-	      case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-		pk->keyType = NSSLOWKEYDHKey;
-		prepare_low_dh_priv_key_for_asn1(pk);
-		rv = SEC_ASN1DecodeItem(permarena, pk,
-					nsslowkey_DHPrivateKeyTemplate,
-					&pki->privateKey);
-		break;
-	      default:
-		rv = SECFailure;
-		break;
-	    }
-	}
-	else if(PORT_GetError() == SEC_ERROR_BAD_DER)
-	{
-	    PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-	    goto loser;
-	}
-    }
-
-    /* let success fall through */
-loser:
-    if(temparena != NULL)
-	PORT_FreeArena(temparena, PR_TRUE);
-    if(dest != NULL)
-	SECITEM_ZfreeItem(dest, PR_TRUE);
-
-    if(rv != SECSuccess)
-    {
-	if(permarena != NULL)
-	    PORT_FreeArena(permarena, PR_TRUE);
-	pk = NULL;
-    }
-
-    return pk;
-}
-
-static NSSLOWKEYPrivateKey *
-seckey_decode_encrypted_private_key(NSSLOWKEYDBKey *dbkey, SECItem *pwitem)
-{
-    NSSLOWKEYPrivateKey *pk = NULL;
-    NSSLOWKEYEncryptedPrivateKeyInfo *epki;
-    PLArenaPool *temparena = NULL;
-    SECStatus rv;
-    SECOidTag algorithm;
-
-    if( ( dbkey == NULL ) || ( pwitem == NULL ) ) {
-	return NULL;
-    }
-
-    temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(temparena == NULL) {
-	return NULL;
-    }
-
-    epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)
-	PORT_ArenaZAlloc(temparena, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
-
-    if(epki == NULL) {
-	goto loser;
-    }
-
-    rv = SEC_ASN1DecodeItem(temparena, epki,
-			    nsslowkey_EncryptedPrivateKeyInfoTemplate,
-			    &(dbkey->derPK)); 
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-
-    algorithm = SECOID_GetAlgorithmTag(&(epki->algorithm));
-    switch(algorithm)
-    {
-      case SEC_OID_RC4:
-	/* TNH - this code should derive the actual RC4 key from salt and
-           pwitem */
-	rv = SECITEM_CopyItem(temparena, &(epki->algorithm.parameters),
-			      &(dbkey->salt));
-	break;
-      default:
-	break;
-    }
-
-    pk = seckey_decrypt_private_key(epki, pwitem);
-
-    /* let success fall through */
-loser:
-
-    PORT_FreeArena(temparena, PR_TRUE);
-    return pk;
-}
-
-NSSLOWKEYPrivateKey *
-seckey_get_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, char **nickname,
-		       SECItem *pwitem)
-{
-    NSSLOWKEYDBKey *dbkey = NULL;
-    NSSLOWKEYPrivateKey *pk = NULL;
-
-    if( ( keydb == NULL ) || ( index == NULL ) || ( pwitem == NULL ) ) {
-	return NULL;
-    }
-
-    dbkey = get_dbkey(keydb, index);
-    if(dbkey == NULL) {
-	goto loser;
-    }
-    
-    if ( nickname ) {
-	if ( dbkey->nickname && ( dbkey->nickname[0] != 0 ) ) {
-	    *nickname = PORT_Strdup(dbkey->nickname);
-	} else {
-	    *nickname = NULL;
-	}
-    }
-    
-    pk = seckey_decode_encrypted_private_key(dbkey, pwitem);
-    
-    /* let success fall through */
-loser:
-
-    if ( dbkey != NULL ) {
-	sec_destroy_dbkey(dbkey);
-    }
-
-    return pk;
-}
-
-/*
- * used by pkcs11 to import keys into it's object format... In the future
- * we really need a better way to tie in...
- */
-NSSLOWKEYPrivateKey *
-nsslowkey_DecryptKey(DBT *key, SECItem *pwitem,
-					 NSSLOWKEYDBHandle *handle) {
-    return seckey_get_private_key(handle,key,NULL,pwitem);
-}
-
-/*
- * Find a key in the database, indexed by its public key modulus
- * This is used to find keys that have been stored before their
- * certificate arrives.  Once the certificate arrives the key
- * is looked up by the public modulus in the certificate, and the
- * re-stored by its nickname.
- */
-NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
-			  				 SECItem *pwitem)
-{
-    DBT namekey;
-    NSSLOWKEYPrivateKey *pk = NULL;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return NULL;
-    }
-
-    /* set up db key */
-    namekey.data = modulus->data;
-    namekey.size = modulus->len;
-
-    pk = seckey_get_private_key(handle, &namekey, NULL, pwitem);
-    
-    /* no need to free dbkey, since its on the stack, and the data it
-     * points to is owned by the database
-     */
-    return(pk);
-}
-
-char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle, 
-					SECItem *modulus, SECItem *pwitem)
-{
-    DBT namekey;
-    NSSLOWKEYPrivateKey *pk = NULL;
-    char *nickname = NULL;
-
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return NULL;
-    }
-
-    /* set up db key */
-    namekey.data = modulus->data;
-    namekey.size = modulus->len;
-
-    pk = seckey_get_private_key(handle, &namekey, &nickname, pwitem);
-    if (pk) {
-	nsslowkey_DestroyPrivateKey(pk);
-    }
-    
-    /* no need to free dbkey, since its on the stack, and the data it
-     * points to is owned by the database
-     */
-    return(nickname);
-}
-/* ===== ENCODING ROUTINES ===== */
-
-static SECStatus
-encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
-		   SECItem *encCheck)
-{
-    SECOidData *oidData;
-    SECStatus rv;
-    
-    oidData = SECOID_FindOIDByTag(alg);
-    if ( oidData == NULL ) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    entry->len = 1 + oidData->oid.len + encCheck->len;
-    if ( arena ) {
-	entry->data = (unsigned char *)PORT_ArenaAlloc(arena, entry->len);
-    } else {
-	entry->data = (unsigned char *)PORT_Alloc(entry->len);
-    }
-    
-    if ( entry->data == NULL ) {
-	goto loser;
-    }
-	
-    /* first length of oid */
-    entry->data[0] = (unsigned char)oidData->oid.len;
-    /* next oid itself */
-    PORT_Memcpy(&entry->data[1], oidData->oid.data, oidData->oid.len);
-    /* finally the encrypted check string */
-    PORT_Memcpy(&entry->data[1+oidData->oid.len], encCheck->data,
-		encCheck->len);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * Set up the password checker in the key database.
- * This is done by encrypting a known plaintext with the user's key.
- */
-SECStatus
-nsslowkey_SetKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle, 
-			   SECItem *pwitem, SECOidTag algorithm)
-{
-    DBT checkkey;
-    NSSPKCS5PBEParameter *param = NULL;
-    SECStatus rv = SECFailure;
-    NSSLOWKEYDBKey *dbkey = NULL;
-    PLArenaPool *arena;
-    SECItem *salt = NULL;
-    SECItem *dest = NULL, test_key;
-    
-    if (handle == NULL) {
-	return(SECFailure);
-    }
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	rv = SECFailure;
-	goto loser;
-    }
-    
-    dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
-    if ( dbkey == NULL ) {
-	rv = SECFailure;
-	goto loser;
-    }
-    
-    dbkey->arena = arena;
-
-    /* encrypt key */
-    checkkey.data = test_key.data = (unsigned char *)KEYDB_PW_CHECK_STRING;
-    checkkey.size = test_key.len = KEYDB_PW_CHECK_LEN;
-
-    salt = seckey_create_rc4_salt();
-    if(salt == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    param = nsspkcs5_NewParam(algorithm, salt, 1);
-    if (param == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    dest = nsspkcs5_CipherData(param, pwitem, &test_key, PR_TRUE, NULL);
-    if (dest == NULL)
-    {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = SECITEM_CopyItem(arena, &dbkey->salt, salt);
-    if (rv == SECFailure) {
-	goto loser;
-    }
-   
-    rv = encodePWCheckEntry(arena, &dbkey->derPK, algorithm, dest);
-	
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-	
-    rv = put_dbkey(handle, &checkkey, dbkey, PR_TRUE);
-    
-    /* let success fall through */
-loser: 
-    if ( arena != NULL ) {
-	PORT_FreeArena(arena, PR_TRUE);
-    }
-    
-    if ( dest != NULL ) {
-	SECITEM_ZfreeItem(dest, PR_TRUE);
-    }
-    
-    if ( salt != NULL ) {
-	SECITEM_ZfreeItem(salt, PR_TRUE);
-    }
-
-    if (param != NULL) {
-	nsspkcs5_DestroyPBEParameter(param);
-    }
-	
-    return(rv);
-}
-
-static SECStatus
-seckey_CheckKeyDB1Password(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
-    SECStatus rv = SECFailure;
-    keyList keylist;
-    keyNode *node = NULL;
-    NSSLOWKEYPrivateKey *privkey = NULL;
-
-
-    /*
-     * first find a key
-     */
-
-    /* traverse the database, collecting the keys of all records */
-    keylist.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( keylist.arena == NULL ) 
-    {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return(SECFailure);
-    }
-    keylist.head = NULL;
-    
-    /* TNH - TraverseKeys should not be public, since it exposes
-       the underlying DBT data type. */
-    rv = nsslowkey_TraverseKeys(handle, sec_add_key_to_list, (void *)&keylist);
-    if ( rv != SECSuccess ) 
-	goto done;
-
-    /* just get the first key from the list */
-    node = keylist.head;
-
-    /* no private keys, accept any password */
-    if (node == NULL) {
-	rv = SECSuccess;
-	goto done;
-    }
-    privkey = seckey_get_private_key(handle, &node->key, NULL, pwitem);
-    if (privkey == NULL) {
-	 rv = SECFailure;
-	 goto done;
-    }
-
-    /* if we can decrypt the private key, then we had the correct password */
-    rv = SECSuccess;
-    nsslowkey_DestroyPrivateKey(privkey);
-
-done:
-
-    /* free the arena */
-    if ( keylist.arena ) {
-	PORT_FreeArena(keylist.arena, PR_FALSE);
-    }
-    
-    return(rv);
-}
-
-/*
- * check to see if the user has typed the right password
- */
-SECStatus
-nsslowkey_CheckKeyDBPassword(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
-    DBT checkkey;
-    DBT checkdata;
-    NSSPKCS5PBEParameter *param = NULL;
-    SECStatus rv = SECFailure;
-    NSSLOWKEYDBKey *dbkey = NULL;
-    SECItem *key = NULL;
-    SECItem *dest = NULL;
-    SECOidTag algorithm;
-    SECItem oid;
-    SECItem encstring;
-    PRBool update = PR_FALSE;
-    int ret;
-    
-    if (handle == NULL) {
-	goto loser;
-    }
-
-    checkkey.data = KEYDB_PW_CHECK_STRING;
-    checkkey.size = KEYDB_PW_CHECK_LEN;
-    
-    dbkey = get_dbkey(handle, &checkkey);
-    
-    if ( dbkey == NULL ) {
-	checkkey.data = KEYDB_FAKE_PW_CHECK_STRING;
-	checkkey.size = KEYDB_FAKE_PW_CHECK_LEN;
-	ret = (* handle->db->get)(handle->db, &checkkey,
-				   &checkdata, 0 );
-	if (ret) {
-	    goto loser;
-	}
-	/* if we have the fake PW_CHECK, then try to decode the key
-	 * rather than the pwcheck item.
-	 */
-	rv = seckey_CheckKeyDB1Password(handle,pwitem);
-	if (rv == SECSuccess) {
-	    /* OK we have enough to complete our conversion */
-	    nsslowkey_UpdateKeyDBPass2(handle,pwitem);
-	}
-	return rv;
-    }
-
-    /* build the oid item */
-    oid.len = dbkey->derPK.data[0];
-    oid.data = &dbkey->derPK.data[1];
-    
-    /* make sure entry is the correct length
-     * since we are probably using a block cipher, the block will be
-     * padded, so we may get a bit more than the exact size we need.
-     */
-    if ( dbkey->derPK.len < (KEYDB_PW_CHECK_LEN + 1 + oid.len ) ) {
-	goto loser;
-    }
-
-    /* find the algorithm tag */
-    algorithm = SECOID_FindOIDTag(&oid);
-
-    /* make a secitem of the encrypted check string */
-    encstring.len = dbkey->derPK.len - ( oid.len + 1 );
-    encstring.data = &dbkey->derPK.data[oid.len+1];
-    
-    switch(algorithm)
-    {
-	case SEC_OID_RC4:
-	    key = seckey_create_rc4_key(pwitem, &dbkey->salt);
-	    if(key != NULL) {
-		dest = seckey_rc4_decode(key, &encstring);
-		SECITEM_FreeItem(key, PR_TRUE);
-	    }
-	    break;
-	default:
-	    param = nsspkcs5_NewParam(algorithm, &dbkey->salt, 1);
-	    if (param != NULL) {
-                /* Decrypt - this function implements a workaround for
-                 * a previous coding error.  It will decrypt values using
-                 * DES rather than 3DES, if the initial try at 3DES
-                 * decryption fails.  In this case, the update flag is
-                 * set to TRUE.  This indication is used later to force
-                 * an update of the database to "real" 3DES encryption.
-                 */
-		dest = nsspkcs5_CipherData(param, pwitem, 
-					   &encstring, PR_FALSE, &update);
-		nsspkcs5_DestroyPBEParameter(param);
-	    }	
-	    break;
-    }
-
-    if(dest == NULL) {
-	goto loser;
-    }
-
-    if ((dest->len == KEYDB_PW_CHECK_LEN) &&
-	(PORT_Memcmp(dest->data, 
-		     KEYDB_PW_CHECK_STRING, KEYDB_PW_CHECK_LEN) == 0)) {
-	rv = SECSuccess;
-	/* we succeeded */
-	if ( algorithm == SEC_OID_RC4 ) {
-	    /* partially updated database */
-	    nsslowkey_UpdateKeyDBPass2(handle, pwitem);
-	}
-        /* Force an update of the password to remove the incorrect DES
-         * encryption (see the note above)
-         */
-	if (update && 
-	     (algorithm == SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC)) {
-	    /* data base was encoded with DES not triple des, fix it */
-	    nsslowkey_UpdateKeyDBPass2(handle,pwitem);
-	}
-    }
-			
-loser:
-    sec_destroy_dbkey(dbkey);
-    if(dest != NULL) {
-    	SECITEM_ZfreeItem(dest, PR_TRUE);
-    }
-
-    return(rv);
-}
-
-/*
- *  Change the database password and/or algorithm.  This internal
- *  routine does not check the old password.  That must be done by 
- *  the caller.
- */
-static SECStatus
-ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
-		       SECItem *oldpwitem, SECItem *newpwitem,
-		       SECOidTag new_algorithm)
-{
-    SECStatus rv;
-    keyList keylist;
-    keyNode *node = NULL;
-    NSSLOWKEYPrivateKey *privkey = NULL;
-    char *nickname;
-    DBT newkey;
-    int ret;
-
-    /* traverse the database, collecting the keys of all records */
-    keylist.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( keylist.arena == NULL ) 
-    {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return(SECFailure);
-    }
-    keylist.head = NULL;
-
-    rv = db_BeginTransaction(handle->db);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    
-    /* TNH - TraverseKeys should not be public, since it exposes
-       the underlying DBT data type. */
-    rv = nsslowkey_TraverseKeys(handle, sec_add_key_to_list, (void *)&keylist);
-    if ( rv != SECSuccess ) 
-	goto loser;
-
-    /* walk the list, re-encrypting each entry */
-    node = keylist.head;
-    while ( node != NULL ) 
-    {
-	privkey = seckey_get_private_key(handle, &node->key, &nickname,
-					 oldpwitem);
-	
-	if (privkey == NULL) {
-	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* delete the old record */
-	ret = (* handle->db->del)(handle->db, &node->key, 0);
-	if ( ret ) {
-	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-	
-	/* get the public key, which we use as the database index */
-
-	switch (privkey->keyType) {
-	  case NSSLOWKEYRSAKey:
-	    newkey.data = privkey->u.rsa.modulus.data;
-	    newkey.size = privkey->u.rsa.modulus.len;
-	    break;
-	  case NSSLOWKEYDSAKey:
-	    newkey.data = privkey->u.dsa.publicValue.data;
-	    newkey.size = privkey->u.dsa.publicValue.len;
-	    break;
-	  case NSSLOWKEYDHKey:
-	    newkey.data = privkey->u.dh.publicValue.data;
-	    newkey.size = privkey->u.dh.publicValue.len;
-	    break;
-	  default:
-	    /* should we continue here and loose the key? */
-	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	rv = seckey_put_private_key(handle, &newkey, newpwitem, privkey,
-				    nickname, PR_TRUE, new_algorithm);
-	
-	if ( rv != SECSuccess ) 
-	{
-	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	/* next node */
-	node = node->next;
-    }
-
-    rv = nsslowkey_SetKeyDBPasswordAlg(handle, newpwitem, new_algorithm);
-
-loser:
-
-    db_FinishTransaction(handle->db,rv != SECSuccess);
-
-    /* free the arena */
-    if ( keylist.arena ) {
-	PORT_FreeArena(keylist.arena, PR_FALSE);
-    }
-    
-    return(rv);
-}
-
-/*
- * Re-encrypt the entire key database with a new password.
- * NOTE: The really  should create a new database rather than doing it
- * in place in the original
- */
-SECStatus
-nsslowkey_ChangeKeyDBPassword(NSSLOWKEYDBHandle *handle,
-			      SECItem *oldpwitem, SECItem *newpwitem)
-{
-    SECStatus rv;
-    
-    if (handle == NULL) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	rv = SECFailure;
-	goto loser;
-    }
-
-    rv = nsslowkey_CheckKeyDBPassword(handle, oldpwitem);
-    if ( rv != SECSuccess ) {
-	return(SECFailure);  /* return rv? */
-    }
-
-    rv = ChangeKeyDBPasswordAlg(handle, oldpwitem, newpwitem, 
-				nsslowkey_GetDefaultKeyDBAlg());
-
-loser:
-    return(rv);
-}
-    
-
-#define MAX_DB_SIZE 0xffff 
-/*
- * Clear out all the keys in the existing database
- */
-SECStatus
-nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle)
-{
-    SECStatus rv;
-    int ret;
-    int errors = 0;
-
-    if ( handle->db == NULL ) {
-	return(SECSuccess);
-    }
-
-    if (handle->readOnly) {
-	/* set an error code */
-	return SECFailure;
-     }
-
-    PORT_Assert(handle->dbname != NULL);
-    if (handle->dbname == NULL) {
-	return SECFailure;
-    }
-
-    (* handle->db->close)(handle->db);
-    handle->db = dbopen( handle->dbname, NO_CREATE, 0600, DB_HASH, 0 );
-    if (handle->db == NULL) {
-	/* set an error code */
-	return SECFailure;
-    }
-    
-    rv = makeGlobalVersion(handle);
-    if ( rv != SECSuccess ) {
-	errors++;
-	goto done;
-    }
-
-    rv = makeGlobalSalt(handle);
-    if ( rv != SECSuccess ) {
-	errors++;
-	goto done;
-    }
-
-    if (handle->global_salt) {
-	SECITEM_FreeItem(handle->global_salt,PR_TRUE);
-    }
-    handle->global_salt = GetKeyDBGlobalSalt(handle);
-
-done:
-    /* sync the database */
-    ret = (* handle->db->sync)(handle->db, 0);
-
-    return (errors == 0 ? SECSuccess : SECFailure);
-}
diff --git a/security/nss/lib/softoken/keydbi.h b/security/nss/lib/softoken/keydbi.h
deleted file mode 100644
index 5e8c70fe6..000000000
--- a/security/nss/lib/softoken/keydbi.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * private.h - Private data structures for the software token library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _KEYDBI_H_
-#define _KEYDBI_H_
-
-#include "nspr.h"
-#include "seccomon.h"
-#include "mcom_db.h"
-
-/*
- * Handle structure for open key databases
- */
-struct NSSLOWKEYDBHandleStr {
-    DB *db;
-    DB *updatedb;		/* used when updating an old version */
-    SECItem *global_salt;	/* password hashing salt for this db */
-    int version;		/* version of the database */
-    char *dbname;		/* name of the openned DB */
-    PRBool readOnly;		/* is the DB read only */
-};
-
-/*
-** Typedef for callback for traversing key database.
-**      "key" is the key used to index the data in the database (nickname)
-**      "data" is the key data
-**      "pdata" is the user's data 
-*/
-typedef SECStatus (* NSSLOWKEYTraverseKeysFunc)(DBT *key, DBT *data, void *pdata);
-
-
-SEC_BEGIN_PROTOS
-
-/*
-** Traverse the entire key database, and pass the nicknames and keys to a 
-** user supplied function.
-**      "f" is the user function to call for each key
-**      "udata" is the user's data, which is passed through to "f"
-*/
-extern SECStatus nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle, 
-				NSSLOWKEYTraverseKeysFunc f,
-				void *udata);
-
-SEC_END_PROTOS
-
-#endif /* _KEYDBI_H_ */
diff --git a/security/nss/lib/softoken/lowcert.c b/security/nss/lib/softoken/lowcert.c
deleted file mode 100644
index 961f6a6f6..000000000
--- a/security/nss/lib/softoken/lowcert.c
+++ /dev/null
@@ -1,495 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate handling code
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secder.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "prtime.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secasn1.h"
-#include "secoid.h"
-
-/* should have been in a 'util' header */
-extern const SEC_ASN1Template CERT_ValidityTemplate[];
-
-static const SEC_ASN1Template nsslowcert_CertKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(NSSLOWCERTCertKey) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | 
-	  SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, SEC_SkipTemplate },	/* version */ 
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertKey,serialNumber) },
-    { SEC_ASN1_SKIP },		/* signature algorithm */
-    { SEC_ASN1_ANY, offsetof(NSSLOWCERTCertKey,derIssuer) },
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-
-const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSubjectPublicKeyInfo) },
-    { SEC_ASN1_INLINE, offsetof(NSSLOWCERTSubjectPublicKeyInfo,algorithm),
-          SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_BIT_STRING,
-          offsetof(NSSLOWCERTSubjectPublicKeyInfo,subjectPublicKey), },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowcert_CertificateTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-      0, NULL, sizeof(NSSLOWCERTCertificate) },
-    { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
-          SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, SEC_SkipTemplate }, /* version */
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertificate,serialNumber) },
-    { SEC_ASN1_SKIP }, /* Signature algorithm */
-    { SEC_ASN1_ANY, offsetof(NSSLOWCERTCertificate,derIssuer) },
-    { SEC_ASN1_INLINE,
-          offsetof(NSSLOWCERTCertificate,validity),
-          CERT_ValidityTemplate },
-    { SEC_ASN1_ANY, offsetof(NSSLOWCERTCertificate,derSubject) },
-    { SEC_ASN1_INLINE,
-          offsetof(NSSLOWCERTCertificate,subjectPublicKeyInfo),
-          nsslowcert_SubjectPublicKeyInfoTemplate },
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-const SEC_ASN1Template nsslowcert_SignedCertificateTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTCertificate) },
-    { SEC_ASN1_INLINE, 0, nsslowcert_CertificateTemplate },
-    { SEC_ASN1_SKIP_REST },
-    { 0 }
-};
-const SEC_ASN1Template nsslowcert_SignedDataTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSignedData) },
-    { SEC_ASN1_ANY, offsetof(NSSLOWCERTSignedData,data), },
-    { SEC_ASN1_SKIP_REST },
-    { 0, }
-};
-const SEC_ASN1Template nsslowcert_RSAPublicKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.modulus), },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.publicExponent), },
-    { 0, }
-};
-const SEC_ASN1Template nsslowcert_DSAPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dsa.publicValue), },
-    { 0, }
-};
-const SEC_ASN1Template nsslowcert_DHPublicKeyTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dh.publicValue), },
-    { 0, }
-};
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-static void
-prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
-    pubk->u.rsa.modulus.type = siUnsignedInteger;
-    pubk->u.rsa.publicExponent.type = siUnsignedInteger;
-}
-
-static void
-prepare_low_dsa_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
-    pubk->u.dsa.publicValue.type = siUnsignedInteger;
-    pubk->u.dsa.params.prime.type = siUnsignedInteger;
-    pubk->u.dsa.params.subPrime.type = siUnsignedInteger;
-    pubk->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-static void
-prepare_low_dh_pub_key_for_asn1(NSSLOWKEYPublicKey *pubk)
-{
-    pubk->u.dh.prime.type = siUnsignedInteger;
-    pubk->u.dh.base.type = siUnsignedInteger;
-    pubk->u.dh.publicValue.type = siUnsignedInteger;
-}
-
-/*
- * Allow use of default cert database, so that apps(such as mozilla) don't
- * have to pass the handle all over the place.
- */
-static NSSLOWCERTCertDBHandle *default_pcert_db_handle = 0;
-
-void
-nsslowcert_SetDefaultCertDB(NSSLOWCERTCertDBHandle *handle)
-{
-    default_pcert_db_handle = handle;
-    
-    return;
-}
-
-NSSLOWCERTCertDBHandle *
-nsslowcert_GetDefaultCertDB(void)
-{
-    return(default_pcert_db_handle);
-}
-
-
-SECStatus
-nsslowcert_GetCertTimes(NSSLOWCERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
-    int rv;
-    
-    /* convert DER not-before time */
-    rv = DER_UTCTimeToTime(notBefore, &c->validity.notBefore);
-    if (rv) {
-	return(SECFailure);
-    }
-    
-    /* convert DER not-after time */
-    rv = DER_UTCTimeToTime(notAfter, &c->validity.notAfter);
-    if (rv) {
-	return(SECFailure);
-    }
-
-    return(SECSuccess);
-}
-
-/*
- * is certa newer than certb?  If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb)
-{
-    PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
-    SECStatus rv;
-    PRBool newerbefore, newerafter;
-    
-    rv = nsslowcert_GetCertTimes(certa, &notBeforeA, &notAfterA);
-    if ( rv != SECSuccess ) {
-	return(PR_FALSE);
-    }
-    
-    rv = nsslowcert_GetCertTimes(certb, &notBeforeB, &notAfterB);
-    if ( rv != SECSuccess ) {
-	return(PR_TRUE);
-    }
-
-    newerbefore = PR_FALSE;
-    if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
-	newerbefore = PR_TRUE;
-    }
-
-    newerafter = PR_FALSE;
-    if ( LL_CMP(notAfterA, >, notAfterB) ) {
-	newerafter = PR_TRUE;
-    }
-    
-    if ( newerbefore && newerafter ) {
-	return(PR_TRUE);
-    }
-    
-    if ( ( !newerbefore ) && ( !newerafter ) ) {
-	return(PR_FALSE);
-    }
-
-    /* get current UTC time */
-    now = PR_Now();
-
-    if ( newerbefore ) {
-	/* cert A was issued after cert B, but expires sooner */
-	/* if A is expired, then pick B */
-	if ( LL_CMP(notAfterA, <, now ) ) {
-	    return(PR_FALSE);
-	}
-	return(PR_TRUE);
-    } else {
-	/* cert B was issued after cert A, but expires sooner */
-	/* if B is expired, then pick A */
-	if ( LL_CMP(notAfterB, <, now ) ) {
-	    return(PR_TRUE);
-	}
-	return(PR_FALSE);
-    }
-}
-
-#define SOFT_DEFAULT_CHUNKSIZE 2048
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
-			 char *nickname)
-{
-    NSSLOWCERTCertificate *cert;
-    PRArenaPool *arena;
-    void *data;
-    int rv;
-    int len;
-    
-    /* make a new arena */
-    arena = PORT_NewArena(SOFT_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	return 0;
-    }
-
-    /* allocate the certificate structure */
-    cert = (NSSLOWCERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWCERTCertificate));
-    
-    if ( !cert ) {
-	goto loser;
-    }
-    
-    cert->arena = arena;
-    
-    if ( copyDER ) {
-	/* copy the DER data for the cert into this arena */
-	data = (void *)PORT_ArenaAlloc(arena, derSignedCert->len);
-	if ( !data ) {
-	    goto loser;
-	}
-	cert->derCert.data = (unsigned char *)data;
-	cert->derCert.len = derSignedCert->len;
-	PORT_Memcpy(data, derSignedCert->data, derSignedCert->len);
-    } else {
-	/* point to passed in DER data */
-	cert->derCert = *derSignedCert;
-    }
-
-    /* decode the certificate info */
-    rv = SEC_ASN1DecodeItem(arena, cert, nsslowcert_SignedCertificateTemplate,
-                    &cert->derCert);
-
-    /* cert->subjectKeyID;	 x509v3 subject key identifier */
-    cert->dbEntry = NULL;
-    cert ->trust = NULL;
-
-    /* generate and save the database key for the cert */
-    rv = nsslowcert_KeyFromDERCert(arena, &cert->derCert, &cert->certKey);
-    if ( rv ) {
-	goto loser;
-    }
-
-    /* set the nickname */
-    if ( nickname == NULL ) {
-	cert->nickname = NULL;
-    } else {
-	/* copy and install the nickname */
-	len = PORT_Strlen(nickname) + 1;
-	cert->nickname = (char*)PORT_ArenaAlloc(arena, len);
-	if ( cert->nickname == NULL ) {
-	    goto loser;
-	}
-
-	PORT_Memcpy(cert->nickname, nickname, len);
-    }
-
-#ifdef FIXME
-    /* initialize the subjectKeyID */
-    rv = cert_GetKeyID(cert);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* set the email address */
-    cert->emailAddr = CERT_GetCertificateEmailAddress(cert);
-    
-#endif
-    
-    cert->referenceCount = 1;
-    
-    return(cert);
-    
-loser:
-
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(0);
-}
-
-char *
-nsslowcert_FixupEmailAddr(char *emailAddr)
-{
-    char *retaddr;
-    char *str;
-
-    if ( emailAddr == NULL ) {
-	return(NULL);
-    }
-    
-    /* copy the string */
-    str = retaddr = PORT_Strdup(emailAddr);
-    if ( str == NULL ) {
-	return(NULL);
-    }
-    
-    /* make it lower case */
-    while ( *str ) {
-	*str = tolower( *str );
-	str++;
-    }
-    
-    return(retaddr);
-}
-
-static SECStatus
-nsslowcert_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn,
-			SECItem *key)
-{
-
-    key->len = sn->len + issuer->len;
-
-    key->data = (unsigned char*)PORT_ArenaAlloc(arena, key->len);
-    if ( !key->data ) {
-	goto loser;
-    }
-
-    /* copy the serialNumber */
-    PORT_Memcpy(key->data, sn->data, sn->len);
-
-    /* copy the issuer */
-    PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
-    int rv;
-    NSSLOWCERTSignedData sd;
-    NSSLOWCERTCertKey certkey;
-
-    PORT_Memset(&sd, 0, sizeof(NSSLOWCERTSignedData));    
-    PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));    
-
-    rv = SEC_ASN1DecodeItem(arena, &sd, nsslowcert_SignedDataTemplate, derCert);
-    
-    if ( rv ) {
-	goto loser;
-    }
-    
-    PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));
-    rv = SEC_ASN1DecodeItem(arena, &certkey, 
-					nsslowcert_CertKeyTemplate, &sd.data);
-
-    if ( rv ) {
-	goto loser;
-    }
-
-    return(nsslowcert_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
-				   &certkey.serialNumber, key));
-loser:
-    return(SECFailure);
-}
-
-NSSLOWKEYPublicKey *
-nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert)
-{
-    NSSLOWCERTSubjectPublicKeyInfo *spki = &cert->subjectPublicKeyInfo;
-    NSSLOWKEYPublicKey *pubk;
-    SECItem os;
-    SECStatus rv;
-    PRArenaPool *arena;
-    SECOidTag tag;
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-        return NULL;
-
-    pubk = (NSSLOWKEYPublicKey *) 
-		PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey));
-    if (pubk == NULL) {
-        PORT_FreeArena (arena, PR_FALSE);
-        return NULL;
-    }
-
-    pubk->arena = arena;
-
-    /* Convert bit string length from bits to bytes */
-    os = spki->subjectPublicKey;
-    DER_ConvertBitString (&os);
-
-    tag = SECOID_GetAlgorithmTag(&spki->algorithm);
-    switch ( tag ) {
-      case SEC_OID_X500_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-        pubk->keyType = NSSLOWKEYRSAKey;
-        prepare_low_rsa_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(arena, pubk, 
-				nsslowcert_RSAPublicKeyTemplate, &os);
-        if (rv == SECSuccess)
-            return pubk;
-        break;
-      case SEC_OID_ANSIX9_DSA_SIGNATURE:
-        pubk->keyType = NSSLOWKEYDSAKey;
-        prepare_low_dsa_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(arena, pubk,
-				 nsslowcert_DSAPublicKeyTemplate, &os);
-        if (rv == SECSuccess) return pubk;
-        break;
-      case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-        pubk->keyType = NSSLOWKEYDHKey;
-        prepare_low_dh_pub_key_for_asn1(pubk);
-        rv = SEC_ASN1DecodeItem(arena, pubk,
-				 nsslowcert_DHPublicKeyTemplate, &os);
-        if (rv == SECSuccess) return pubk;
-        break;
-      default:
-        rv = SECFailure;
-        break;
-    }
-
-    nsslowkey_DestroyPublicKey (pubk);
-    return NULL;
-}
-
diff --git a/security/nss/lib/softoken/lowkey.c b/security/nss/lib/softoken/lowkey.c
deleted file mode 100644
index 1e3c6144b..000000000
--- a/security/nss/lib/softoken/lowkey.c
+++ /dev/null
@@ -1,378 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "lowkeyi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "pcert.h"
-#include "secerr.h"
-
-
-const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,prime) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,subPrime) },
-    { SEC_ASN1_INTEGER, offsetof(PQGParams,base) },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.version) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.modulus) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.publicExponent) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.privateExponent) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime1) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime2) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent1) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent2) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.coefficient) },
-    { 0 }                                                                     
-};                                                                            
-
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.publicValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-    { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = {
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) },
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) },
-    { 0, }
-};
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-
-void
-prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.rsa.modulus.type = siUnsignedInteger;
-    key->u.rsa.publicExponent.type = siUnsignedInteger;
-    key->u.rsa.privateExponent.type = siUnsignedInteger;
-    key->u.rsa.prime1.type = siUnsignedInteger;
-    key->u.rsa.prime2.type = siUnsignedInteger;
-    key->u.rsa.exponent1.type = siUnsignedInteger;
-    key->u.rsa.exponent2.type = siUnsignedInteger;
-    key->u.rsa.coefficient.type = siUnsignedInteger;
-}
-
-void
-prepare_low_pqg_params_for_asn1(PQGParams *params)
-{
-    params->prime.type = siUnsignedInteger;
-    params->subPrime.type = siUnsignedInteger;
-    params->base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dsa.publicValue.type = siUnsignedInteger;
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-    key->u.dsa.params.prime.type = siUnsignedInteger;
-    key->u.dsa.params.subPrime.type = siUnsignedInteger;
-    key->u.dsa.params.base.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dsa.privateValue.type = siUnsignedInteger;
-}
-
-void
-prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
-{
-    key->u.dh.prime.type = siUnsignedInteger;
-    key->u.dh.base.type = siUnsignedInteger;
-    key->u.dh.publicValue.type = siUnsignedInteger;
-    key->u.dh.privateValue.type = siUnsignedInteger;
-}
-
-void
-nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
-{
-    if (privk && privk->arena) {
-	PORT_FreeArena(privk->arena, PR_TRUE);
-    }
-}
-
-void
-nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
-{
-    if (pubk && pubk->arena) {
-	PORT_FreeArena(pubk->arena, PR_FALSE);
-    }
-}
-unsigned
-nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
-{
-    unsigned char b0;
-
-    /* interpret modulus length as key strength... in
-     * fortezza that's the public key length */
-
-    switch (pubk->keyType) {
-    case NSSLOWKEYRSAKey:
-    	b0 = pubk->u.rsa.modulus.data[0];
-    	return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
-    default:
-	break;
-    }
-    return 0;
-}
-
-unsigned
-nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk)
-{
-
-    unsigned char b0;
-
-    switch (privk->keyType) {
-    case NSSLOWKEYRSAKey:
-	b0 = privk->u.rsa.modulus.data[0];
-	return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1;
-    default:
-	break;
-    }
-    return 0;
-}
-
-NSSLOWKEYPublicKey *
-nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
-{
-    NSSLOWKEYPublicKey *pubk;
-    PLArenaPool *arena;
-
-
-    arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-        PORT_SetError (SEC_ERROR_NO_MEMORY);
-        return NULL;
-    }
-
-    switch(privk->keyType) {
-      case NSSLOWKEYRSAKey:
-      case NSSLOWKEYNullKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						sizeof (NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    if (privk->keyType == NSSLOWKEYNullKey) return pubk;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
-				  &privk->u.rsa.modulus);
-	    if (rv == SECSuccess) {
-		rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent,
-				       &privk->u.rsa.publicExponent);
-		if (rv == SECSuccess)
-		    return pubk;
-	    }
-	    nsslowkey_DestroyPublicKey (pubk);
-	} else {
-	    PORT_SetError (SEC_ERROR_NO_MEMORY);
-	}
-	break;
-      case NSSLOWKEYDSAKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
-				  &privk->u.dsa.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
-				  &privk->u.dsa.params.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
-				  &privk->u.dsa.params.subPrime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
-				  &privk->u.dsa.params.base);
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-      case NSSLOWKEYDHKey:
-	pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
-						    sizeof(NSSLOWKEYPublicKey));
-	if (pubk != NULL) {
-	    SECStatus rv;
-
-	    pubk->arena = arena;
-	    pubk->keyType = privk->keyType;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
-				  &privk->u.dh.publicValue);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
-				  &privk->u.dh.prime);
-	    if (rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
-				  &privk->u.dh.base);
-	    if (rv == SECSuccess) return pubk;
-	}
-	break;
-	/* No Fortezza in Low Key implementations (Fortezza keys aren't
-	 * stored in our data base */
-    default:
-	break;
-    }
-
-    PORT_FreeArena (arena, PR_FALSE);
-    return NULL;
-}
-
-NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey)
-{
-    NSSLOWKEYPrivateKey *returnKey = NULL;
-    SECStatus rv = SECFailure;
-    PLArenaPool *poolp;
-
-    if(!privKey) {
-	return NULL;
-    }
-
-    poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(!poolp) {
-	return NULL;
-    }
-
-    returnKey = (NSSLOWKEYPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPrivateKey));
-    if(!returnKey) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    returnKey->keyType = privKey->keyType;
-    returnKey->arena = poolp;
-
-    switch(privKey->keyType) {
-	case NSSLOWKEYRSAKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus), 
-	    				&(privKey->u.rsa.modulus));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version), 
-	    				&(privKey->u.rsa.version));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent), 
-	    				&(privKey->u.rsa.publicExponent));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent), 
-	    				&(privKey->u.rsa.privateExponent));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1), 
-	    				&(privKey->u.rsa.prime1));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2), 
-	    				&(privKey->u.rsa.prime2));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1), 
-	    				&(privKey->u.rsa.exponent1));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2), 
-	    				&(privKey->u.rsa.exponent2));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient), 
-	    				&(privKey->u.rsa.coefficient));
-	    if(rv != SECSuccess) break;
-	    break;
-	case NSSLOWKEYDSAKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue),
-	    				&(privKey->u.dsa.publicValue));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue),
-	    				&(privKey->u.dsa.privateValue));
-	    if(rv != SECSuccess) break;
-	    returnKey->u.dsa.params.arena = poolp;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime),
-					&(privKey->u.dsa.params.prime));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime),
-					&(privKey->u.dsa.params.subPrime));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base),
-					&(privKey->u.dsa.params.base));
-	    if(rv != SECSuccess) break;
-	    break;
-	case NSSLOWKEYDHKey:
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue),
-	    				&(privKey->u.dh.publicValue));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue),
-	    				&(privKey->u.dh.privateValue));
-	    if(rv != SECSuccess) break;
-	    returnKey->u.dsa.params.arena = poolp;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime),
-					&(privKey->u.dh.prime));
-	    if(rv != SECSuccess) break;
-	    rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base),
-					&(privKey->u.dh.base));
-	    if(rv != SECSuccess) break;
-	    break;
-	default:
-	    rv = SECFailure;
-    }
-
-loser:
-
-    if(rv != SECSuccess) {
-	PORT_FreeArena(poolp, PR_TRUE);
-	returnKey = NULL;
-    }
-
-    return returnKey;
-}
diff --git a/security/nss/lib/softoken/lowkeyi.h b/security/nss/lib/softoken/lowkeyi.h
deleted file mode 100644
index e1af7b0d1..000000000
--- a/security/nss/lib/softoken/lowkeyi.h
+++ /dev/null
@@ -1,266 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _LOWKEYI_H_
-#define _LOWKEYI_H_
-
-#include "prtypes.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "pcertt.h"
-#include "lowkeyti.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * See bugzilla bug 125359
- * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
- * all of the templates above that en/decode into integers must be converted
- * from ASN.1's signed integer type.  This is done by marking either the
- * source or destination (encoding or decoding, respectively) type as
- * siUnsignedInteger.
- */
-extern void prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_pqg_params_for_asn1(PQGParams *params);
-extern void prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key);
-extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key);
-
-typedef char * (* NSSLOWKEYDBNameFunc)(void *arg, int dbVersion);
-    
-/*
-** Open a key database.
-*/
-extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
-					   const char *domain,
-					   const char *prefix,
-					   NSSLOWKEYDBNameFunc namecb,
-					   void *cbarg);
-
-
-/*
- * Clear out all the keys in the existing database
- */
-extern SECStatus nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
-** Close the specified key database.
-*/
-extern void nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
- * Get the version number of the database
- */
-extern int nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle);
-
-/*
-** Support a default key database.
-*/
-extern void nsslowkey_SetDefaultKeyDB(NSSLOWKEYDBHandle *handle);
-extern NSSLOWKEYDBHandle *nsslowkey_GetDefaultKeyDB(void);
-
-/* set the alg id of the key encryption algorithm */
-extern void nsslowkey_SetDefaultKeyDBAlg(SECOidTag alg);
-
-/*
- * given a password and salt, produce a hash of the password
- */
-extern SECItem *nsslowkey_HashPassword(char *pw, SECItem *salt);
-
-/*
- * Derive the actual password value for a key database from the
- * password string value.  The derivation uses global salt value
- * stored in the key database.
- */
-extern SECItem *
-nsslowkey_DeriveKeyDBPassword(NSSLOWKEYDBHandle *handle, char *pw);
-
-/*
-** Delete a key from the database
-*/
-extern SECStatus nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, 
-				  SECItem *pubkey);
-
-/*
-** Store a key in the database, indexed by its public key modulus.
-**	"pk" is the private key to store
-**	"f" is a the callback function for getting the password
-**	"arg" is the argument for the callback
-*/
-extern SECStatus nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle, 
-					    NSSLOWKEYPrivateKey *pk,
-					    SECItem *pubKeyData,
-					    char *nickname,
-					    SECItem *arg);
-
-/* does the key for this cert exist in the database filed by modulus */
-extern PRBool nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle,
-					 NSSLOWCERTCertificate *cert);
-
-extern SECStatus nsslowkey_HasKeyDBPassword(NSSLOWKEYDBHandle *handle);
-extern SECStatus nsslowkey_SetKeyDBPassword(NSSLOWKEYDBHandle *handle,
-				     SECItem *pwitem);
-extern SECStatus nsslowkey_CheckKeyDBPassword(NSSLOWKEYDBHandle *handle,
-					   SECItem *pwitem);
-extern SECStatus nsslowkey_ChangeKeyDBPassword(NSSLOWKEYDBHandle *handle,
-					    SECItem *oldpwitem,
-					    SECItem *newpwitem);
-
-/*
-** Destroy a private key object.
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
-
-/*
-** Destroy a public key object.
-**	"key" the object
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
-
-/*
-** Return the modulus length of "pubKey".
-*/
-extern unsigned int nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubKey);
-
-
-/*
-** Return the modulus length of "privKey".
-*/
-extern unsigned int nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privKey);
-
-
-/*
-** Convert a low private key "privateKey" into a public low key
-*/
-extern NSSLOWKEYPublicKey 
-		*nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
-
-/*
- * Set the Key Database password.
- *   handle is a handle to the key database
- *   pwitem is the new password
- *   algorithm is the algorithm by which the key database 
- *   	password is to be encrypted.
- * On failure, SECFailure is returned, otherwise SECSuccess is 
- * returned.
- */
-extern SECStatus 
-nsslowkey_SetKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
-			SECItem *pwitem, 
-			SECOidTag algorithm);
-
-/* Check the key database password.
- *   handle is a handle to the key database
- *   pwitem is the suspect password
- *   algorithm is the algorithm by which the key database 
- *   	password is to be encrypted.
- * The password is checked against plaintext to see if it is the
- * actual password.  If it is not, SECFailure is returned.
- */
-extern SECStatus 
-nsslowkey_CheckKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
-				SECItem *pwitem, 
-				SECOidTag algorithm);
-
-/* Change the key database password and/or algorithm by which
- * the password is stored with.  
- *   handle is a handle to the key database
- *   old_pwitem is the current password
- *   new_pwitem is the new password
- *   old_algorithm is the algorithm by which the key database 
- *   	password is currently encrypted.
- *   new_algorithm is the algorithm with which the new password
- *      is to be encrypted.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus 
-nsslowkey_ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
-			      SECItem *oldpwitem, SECItem *newpwitem,
-			      SECOidTag old_algorithm);
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
-                           NSSLOWKEYPrivateKey *privkey,
-                           SECItem *pubKeyData,
-                           char *nickname,
-                           SECItem *arg);
-
-/* Store key by modulus and specify an encryption algorithm to use.
- *   handle is the pointer to the key database,
- *   privkey is the private key to be stored,
- *   f and arg are the function and arguments to the callback
- *       to get a password,
- *   algorithm is the algorithm which the privKey is to be stored.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus 
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle, 
-			      NSSLOWKEYPrivateKey *privkey, 
-			      SECItem *pubKeyData,
-			      char *nickname,
-			      SECItem *arg,
-			      SECOidTag algorithm,
-                              PRBool update); 
-
-/* Find key by modulus.  This function is the inverse of store key
- * by modulus.  An attempt to locate the key with "modulus" is 
- * performed.  If the key is found, the private key is returned,
- * else NULL is returned.
- *   modulus is the modulus to locate
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus, 
-			  SECItem *arg);
-
-extern char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
-                                        SECItem *modulus, SECItem *pwitem);
-
-
-/* Make a copy of a low private key in it's own arena.
- * a return of NULL indicates an error.
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey);
-
-
-SEC_END_PROTOS
-
-#endif /* _LOWKEYI_H_ */
diff --git a/security/nss/lib/softoken/lowkeyti.h b/security/nss/lib/softoken/lowkeyti.h
deleted file mode 100644
index 48b1837f8..000000000
--- a/security/nss/lib/softoken/lowkeyti.h
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _LOWKEYTI_H_
-#define _LOWKEYTI_H_ 1
-
-#include "blapit.h"
-#include "prtypes.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secasn1t.h"
-#include "secoidt.h"
-/*#include "secmodt.h"
-#include "pkcs11t.h" */
-
-
-/*
- * a key in/for the data base
- */
-struct NSSLOWKEYDBKeyStr {
-    PLArenaPool *arena;
-    int version;
-    char *nickname;
-    SECItem salt;
-    SECItem derPK;
-};
-typedef struct NSSLOWKEYDBKeyStr NSSLOWKEYDBKey;
-
-typedef struct NSSLOWKEYDBHandleStr NSSLOWKEYDBHandle;
-
-#ifdef NSS_USE_KEY4_DB
-#define NSSLOWKEY_DB_FILE_VERSION 4
-#else
-#define NSSLOWKEY_DB_FILE_VERSION 3
-#endif
-
-#define NSSLOWKEY_VERSION	    0	/* what we *create* */
-
-/*
-** Typedef for callback to get a password "key".
-*/
-extern const SEC_ASN1Template nsslowkey_PQGParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyExportTemplate[];
-
-extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
-
-/*
- * PKCS #8 attributes
- */
-struct NSSLOWKEYAttributeStr {
-    SECItem attrType;
-    SECItem *attrValue;
-};
-typedef struct NSSLOWKEYAttributeStr NSSLOWKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECItem version;
-    SECAlgorithmID algorithm;
-    SECItem privateKey;
-    NSSLOWKEYAttribute **attributes;
-};
-typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
-#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION	0	/* what we *create* */
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYEncryptedPrivateKeyInfoStr {
-    PLArenaPool *arena;
-    SECAlgorithmID algorithm;
-    SECItem encryptedData;
-};
-typedef struct NSSLOWKEYEncryptedPrivateKeyInfoStr NSSLOWKEYEncryptedPrivateKeyInfo;
-
-
-typedef enum { 
-    NSSLOWKEYNullKey = 0, 
-    NSSLOWKEYRSAKey = 1, 
-    NSSLOWKEYDSAKey = 2, 
-    NSSLOWKEYDHKey = 4
-} NSSLOWKEYType;
-
-/*
-** An RSA public key object.
-*/
-struct NSSLOWKEYPublicKeyStr {
-    PLArenaPool *arena;
-    NSSLOWKEYType keyType ;
-    union {
-        RSAPublicKey rsa;
-	DSAPublicKey dsa;
-	DHPublicKey  dh;
-    } u;
-};
-typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct NSSLOWKEYPrivateKeyStr {
-    PLArenaPool *arena;
-    NSSLOWKEYType keyType;
-    union {
-        RSAPrivateKey rsa;
-	DSAPrivateKey dsa;
-	DHPrivateKey  dh;
-    } u;
-};
-typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
-
-#endif	/* _LOWKEYTI_H_ */
diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c
deleted file mode 100644
index c858e9719..000000000
--- a/security/nss/lib/softoken/lowpbe.c
+++ /dev/null
@@ -1,1181 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "hasht.h"
-#include "pkcs11t.h"
-#include "blapi.h"
-#include "hasht.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "lowpbe.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "softoken.h"
-#include "secerr.h"
-
-/* template for PKCS 5 PBE Parameter.  This template has been expanded
- * based upon the additions in PKCS 12.  This should eventually be moved
- * if RSA updates PKCS 5.
- */
-static const SEC_ASN1Template NSSPKCS5PBEParameterTemplate[] =
-{
-    { SEC_ASN1_SEQUENCE, 
-	0, NULL, sizeof(NSSPKCS5PBEParameter) },
-    { SEC_ASN1_OCTET_STRING, 
-	offsetof(NSSPKCS5PBEParameter, salt) },
-    { SEC_ASN1_INTEGER,
-	offsetof(NSSPKCS5PBEParameter, iteration) },
-    { 0 }
-};
-
-static const SEC_ASN1Template NSSPKCS5PKCS12V2PBEParameterTemplate[] =
-{   
-    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSPKCS5PBEParameter) },
-    { SEC_ASN1_OCTET_STRING, offsetof(NSSPKCS5PBEParameter, salt) },
-    { SEC_ASN1_INTEGER, offsetof(NSSPKCS5PBEParameter, iteration) },
-    { 0 }
-};
-
-SECStatus
-nsspkcs5_HashBuf(const SECHashObject *hashObj, unsigned char *dest,
-					 unsigned char *src, int len)
-{
-    void *ctx;
-    unsigned int retLen;
-
-    ctx = hashObj->create();
-    if(ctx == NULL) {
-	return SECFailure;
-    }
-    hashObj->begin(ctx);
-    hashObj->update(ctx, src, len);
-    hashObj->end(ctx, dest, &retLen, hashObj->length);
-    hashObj->destroy(ctx, PR_TRUE);
-    return SECSuccess;
-}
-
-/* generate bits using any hash
- */
-static SECItem *
-nsspkcs5_PBKDF1(const SECHashObject *hashObj, SECItem *salt, SECItem *pwd, 
-						int iter, PRBool faulty3DES) 
-{
-    SECItem *hash = NULL, *pre_hash = NULL;
-    SECStatus rv = SECFailure;
-
-    if((salt == NULL) || (pwd == NULL) || (iter < 0)) {
-	return NULL;
-    }
-	
-    hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    pre_hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-
-    if((hash != NULL) && (pre_hash != NULL)) {
-	int i, ph_len;
-
-	ph_len = hashObj->length;
-	if((salt->len + pwd->len) > hashObj->length) {
-	    ph_len = salt->len + pwd->len;
-	}
-
-	rv = SECFailure;
-
-	/* allocate buffers */
-	hash->data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
-	hash->len = hashObj->length;
-	pre_hash->data = (unsigned char *)PORT_ZAlloc(ph_len);
-
-	/* in pbeSHA1TripleDESCBC there was an allocation error that made
-	 * it into the caller.  We do not want to propagate those errors
-	 * further, so we are doing it correctly, but reading the old method.
-	 */
-	if (faulty3DES) {
-	    pre_hash->len = ph_len;
-	} else {
-	    pre_hash->len = salt->len + pwd->len;
-	}
-
-	/* preform hash */
-	if ((hash->data != NULL) && (pre_hash->data != NULL)) {
-	    rv = SECSuccess;
-	    /* check for 0 length password */
-	    if(pwd->len > 0) {
-		PORT_Memcpy(pre_hash->data, pwd->data, pwd->len);
-	    }
-	    if(salt->len > 0) {
-		PORT_Memcpy((pre_hash->data+pwd->len), salt->data, salt->len);
-	    }
-	    for(i = 0; ((i < iter) && (rv == SECSuccess)); i++) {
-		rv = nsspkcs5_HashBuf(hashObj, hash->data, 
-					pre_hash->data, pre_hash->len);
-		if(rv != SECFailure) {
-		    pre_hash->len = hashObj->length;
-		    PORT_Memcpy(pre_hash->data, hash->data, hashObj->length);
-		}
-	    }
-	}
-    }
-
-    if(pre_hash != NULL) {
-	SECITEM_FreeItem(pre_hash, PR_TRUE);
-    }
-
-    if((rv != SECSuccess) && (hash != NULL)) {
-	SECITEM_FreeItem(hash, PR_TRUE);
-	hash = NULL;
-    }
-
-    return hash;
-}
-
-/* this bit generation routine is described in PKCS 12 and the proposed
- * extensions to PKCS 5.  an initial hash is generated following the
- * instructions laid out in PKCS 5.  If the number of bits generated is
- * insufficient, then the method discussed in the proposed extensions to
- * PKCS 5 in PKCS 12 are used.  This extension makes use of the HMAC
- * function.  And the P_Hash function from the TLS standard.
- */
-static SECItem *
-nsspkcs5_PFXPBE(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param,
-				SECItem *init_hash, unsigned int bytes_needed)
-{
-    SECItem *ret_bits = NULL;
-    int hash_size = 0;
-    unsigned int i;
-    unsigned int hash_iter;
-    unsigned int dig_len;
-    SECStatus rv = SECFailure;
-    unsigned char *state = NULL;
-    unsigned int state_len;
-    HMACContext *cx = NULL;
-
-    hash_size = hashObj->length;
-    hash_iter = (bytes_needed + (unsigned int)hash_size - 1) / hash_size;
-
-    /* allocate return buffer */
-    ret_bits = (SECItem  *)PORT_ZAlloc(sizeof(SECItem));
-    if(ret_bits == NULL)
-	return NULL;
-    ret_bits->data = (unsigned char *)PORT_ZAlloc((hash_iter * hash_size) + 1);
-    ret_bits->len = (hash_iter * hash_size);
-    if(ret_bits->data == NULL) {
-	PORT_Free(ret_bits);
-	return NULL;
-    }
-
-    /* allocate intermediate hash buffer.  8 is for the 8 bytes of
-     * data which are added based on iteration number 
-     */
-
-    if ((unsigned int)hash_size > pbe_param->salt.len) {
-	state_len = hash_size;
-    } else {
-	state_len = pbe_param->salt.len;
-    }
-    state = (unsigned char *)PORT_ZAlloc(state_len);
-    if(state == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-    if(pbe_param->salt.len > 0) {
-	PORT_Memcpy(state, pbe_param->salt.data, pbe_param->salt.len);
-    }
-
-    cx = HMAC_Create(hashObj, init_hash->data, init_hash->len);
-    if (cx == NULL) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    for(i = 0; i < hash_iter; i++) { 
-
-	/* generate output bits */
-	HMAC_Begin(cx);
-	HMAC_Update(cx, state, state_len);
-	HMAC_Update(cx, pbe_param->salt.data, pbe_param->salt.len);
-	rv = HMAC_Finish(cx, ret_bits->data + (i * hash_size),
-			 &dig_len, hash_size);
-	if (rv != SECSuccess)
-	    goto loser;
-	PORT_Assert((unsigned int)hash_size == dig_len);
-
-	/* generate new state */
-	HMAC_Begin(cx);
-	HMAC_Update(cx, state, state_len);
-	rv = HMAC_Finish(cx, state, &state_len, state_len);
-	if (rv != SECSuccess)
-	    goto loser;
-	PORT_Assert(state_len == dig_len);
-    }
-
-loser:
-    if (state != NULL)
-	PORT_ZFree(state, state_len);
-    HMAC_Destroy(cx);
-
-    if(rv != SECSuccess) {
-	SECITEM_ZfreeItem(ret_bits, PR_TRUE);
-	ret_bits = NULL;
-    }
-
-    return ret_bits;
-}
-
-/* generate bits for the key and iv determination.  if enough bits
- * are not generated using PKCS 5, then we need to generate more bits
- * based on the extension proposed in PKCS 12
- */
-static SECItem *
-nsspkcs5_PBKDF1Extended(const SECHashObject *hashObj,
-	 NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem, PRBool faulty3DES)
-{
-    SECItem * hash 		= NULL;
-    SECItem * newHash 		= NULL;
-    int       bytes_needed;
-    int       bytes_available;
-    
-    bytes_needed = pbe_param->ivLen + pbe_param->keyLen;
-    bytes_available = hashObj->length;
-    
-    hash = nsspkcs5_PBKDF1(hashObj, &pbe_param->salt, pwitem, 
-						pbe_param->iter, faulty3DES);
-
-    if(hash == NULL) {
-	return NULL;
-    }
-
-    if(bytes_needed <= bytes_available) {
-	return hash;
-    } 
-
-    newHash = nsspkcs5_PFXPBE(hashObj, pbe_param, hash, bytes_needed);
-    if (hash != newHash)
-	SECITEM_FreeItem(hash, PR_TRUE);
-    return newHash;
-}
-
-#ifdef PBKDF2
-
-/*
- * PBDKDF2 is PKCS #5 v2.0 it's currently not used by NSS
- */
-/*
- * We This is safe because hLen for all our
- * HMAC algorithms are multiples of 4.
- */
-static void
-xorbytes(unsigned char *dest, unsigned char *src, int len)
-{
-#ifdef PARANOIA
-    while (len--) {
-    	*dest = *dest ^ *src;
-	dest++;
-	src++;
-    }
-#else
-    PRUInt32 dest32 = (PRUInt32 *)dest;
-    PRUInt32 src32 = (PRUInt32 *)dest;
-    while (len -= sizeof(PRUInt32)) {
-    	*dest32 = *dest32 ^ *src32;
-	dest++;
-	src++;
-    }
-#endif
-}
-
-static SECStatus
-nsspkcs5_PBKFD2_F(const SECHashObject *hashobj, SECItem *pwitem, SECItem *salt,
-			int iterations, unsigned int i, unsigned char *T)
-{
-    int j;
-    HMACContext *cx = NULL;
-    unsigned int hLen = hashObject->length
-    SECStatus rv = SECFailure;
-    unsigned char *last = NULL;
-    int lastLength = salt->len + 4;
-
-    cx=HMAC_Create(hashobj,pwitem->data,pwitem->len);
-    if (cx == NULL) {
-	goto loser;
-    }
-    PORT_Memset(T,0,hLen);
-    realLastLength= MAX(lastLength,hLen);
-    last = PORT_Alloc(realLastLength);
-    if (last == NULL) {
-	goto loser;
-    }
-    PORT_Memcpy(last,salt.data,salt.len);
-    last[salt->len  ] = (i >> 24) & 0xff;
-    last[salt->len+1] = (i >> 16) & 0xff;
-    last[salt->len+2] = (i >> 8) & 0xff;
-    last[salt->len+3] =    i  & 0xff;
-
-    /* NOTE: we need at least one iteration to return success! */
-    for (j=0; j < interations; j++) {
-	rv =HMAC_Begin(cx);
-	if (rv !=SECSuccess) {
-	   break;
-	}
-	HMAC_Update(cx,last,lastLength);
-	rv =HMAC_Finish(cx,last,&lastLength,hLen);
-	if (rv !=SECSuccess) {
-	   break;
-	}
-	do_xor(T,last,hLen);
-    }
-loser:
-    if (cx) {
-	HMAC_DestroyContext(cx);
-    }
-    if (last) {
-	PORT_ZFree(last,reaLastLength);
-    }
-    return rv;
-}
-
-static SECItem *
-nsspkcs5_PBKFD2(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param, 
-							SECItem *pwitem)
-{
-    unsigned int dkLen = bytesNeeded;
-    unsigned int hLen = hashObject->length
-    unsigned int l = (dkLen+hLen-1) / hLen;
-    unsigned char *rp;
-    SECItem *result;
-    SECItem *salt = pbe_param->salt;
-    int interations = pbe_param->iter;
-    int bytesNeeded = pbe_param->keyLen;
-
-    result = SECITEM_AllocItem(NULL,NULL,l*hLen);
-    if (result == NULL) {
-	return NULL;
-    }
-
-    T = PORT_Alloc(hLen);
-    if (T == NULL) {
-	goto loser;
-    }
-
-    for (i=0,rp=results->data; i < l ; i++, rp +=hLen) {
-	rv = nsspkcs5_PBKFD2_F(hashobj,pwitem,salt,iterations,i,T);
-	if (rv != SECSuccess) {
-	    break;
-	}
-	PORT_Memcpy(rp,T,hLen);
-    }
-
-loser:
-    if (T) {
-	PORT_ZFree(T);
-    }
-    if (rv != SECSuccess) {
-	SECITEM_FreeITEM(result,PR_TRUE);
-	result = NULL;
-    } else {
-	result->len = dkLen;
-    }
-	
-    return result;
-}
-#endif
-
-#define HMAC_BUFFER 64
-#define NSSPBE_ROUNDUP(x,y) ((((x)+((y)-1))/(y))*(y))
-#define NSSPBE_MIN(x,y) ((x) < (y) ? (x) : (y))
-/*
- * This is the extended PBE function defined by the final PKCS #12 spec.
- */
-static SECItem *
-nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, 
-		   NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem, 
-		   PBEBitGenID bitGenPurpose, unsigned int bytesNeeded)
-{
-    PRArenaPool *arena = NULL;
-    unsigned int SLen,PLen;
-    unsigned int hashLength = hashObject->length;
-    unsigned char *S, *P;
-    SECItem *A = NULL, B, D, I;
-    SECItem *salt = &pbe_param->salt;
-    unsigned int c,i = 0;
-    unsigned int hashLen, iter;
-    unsigned char *iterBuf;
-    void *hash = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if(!arena) {
-	return NULL;
-    }
-
-    /* how many hash object lengths are needed */
-    c = (bytesNeeded + (hashLength-1))/hashLength;
-
-    /* initialize our buffers */
-    D.len = HMAC_BUFFER;
-    /* B and D are the same length, use one alloc go get both */
-    D.data = (unsigned char*)PORT_ArenaZAlloc(arena, D.len*2);
-    B.len = D.len;
-    B.data = D.data + D.len;
-
-    /* if all goes well, A will be returned, so don't use our temp arena */
-    A = SECITEM_AllocItem(NULL,NULL,c*hashLength);
-    if (A == NULL) {
-	goto loser;
-    }
-    
-    SLen = NSSPBE_ROUNDUP(salt->len,HMAC_BUFFER);
-    PLen = NSSPBE_ROUNDUP(pwitem->len,HMAC_BUFFER);
-    I.len = SLen+PLen;
-    I.data = (unsigned char*)PORT_ArenaZAlloc(arena, I.len);
-    if (I.data == NULL) {
-	goto loser;
-    }
-
-    /* S & P are only used to initialize I */
-    S = I.data;
-    P = S + SLen;
-
-    PORT_Memset(D.data, (char)bitGenPurpose, D.len);
-    if (SLen) {
-	for (i=0; i < SLen; i += salt->len) {
-	    PORT_Memcpy(S+i, salt->data, NSSPBE_MIN(SLen-i,salt->len));
-	}
-    } 
-    if (PLen) {
-	for (i=0; i < PLen; i += pwitem->len) {
-	    PORT_Memcpy(P+i, pwitem->data, NSSPBE_MIN(PLen-i,pwitem->len));
-	}
-    } 
-
-    iterBuf = (unsigned char*)PORT_ArenaZAlloc(arena,hashLength);
-    if (iterBuf == NULL) {
-	goto loser;
-    }
-
-    hash = hashObject->create();
-    if(!hash) {
-	goto loser;
-    }
-    /* calculate the PBE now */
-    for(i = 0; i < c; i++) {
-	int Bidx;	/* must be signed or the for loop won't terminate */
-	unsigned int k, j;
-	unsigned char *Ai = A->data+i*hashLength;
-
-
-	for(iter = 0; iter < pbe_param->iter; iter++) {
-	    hashObject->begin(hash);
-
-	    if (iter) {
-		hashObject->update(hash, iterBuf, hashLen);
-	    } else {
-		hashObject->update(hash, D.data, D.len);
-		hashObject->update(hash, I.data, I.len); 
-	    }
-
-	    hashObject->end(hash, iterBuf, &hashLen, hashObject->length);
-	    if(hashLen != hashObject->length) {
-		break;
-	    }
-	}
-
-	PORT_Memcpy(Ai, iterBuf, hashLength);
-	for (Bidx = 0; Bidx < B.len; Bidx += hashLength) {
-	    PORT_Memcpy(B.data+Bidx,iterBuf,NSSPBE_MIN(B.len-Bidx,hashLength));
-	}
-
-	k = I.len/B.len;
-	for(j = 0; j < k; j++) {
-	    unsigned int q, carryBit;
-	    unsigned char *Ij = I.data + j*B.len;
-
-	    /* (Ij = Ij+B+1) */
-	    for (Bidx = (B.len-1), q=1, carryBit=0; Bidx >= 0; Bidx--,q=0) {
-		q += (unsigned int)Ij[Bidx];
-		q += (unsigned int)B.data[Bidx];
-		q += carryBit;
-
-		carryBit = (q > 0xff);
-		Ij[Bidx] = (unsigned char)(q & 0xff);
-	    }
-	}
-    }
-loser:
-    if (hash) {
-    	hashObject->destroy(hash, PR_TRUE);
-    }
-    if(arena) {
-	PORT_FreeArena(arena, PR_TRUE);
-    }
-
-    /* if i != c, then we didn't complete the loop above and must of failed
-     * somwhere along the way */
-    if (i != c) {
-	SECITEM_ZfreeItem(A,PR_TRUE);
-	A = NULL;
-    } else {
-    	A->len = bytesNeeded;
-    }
-    
-    return A;
-}
-
-/*
- * generate key as per PKCS 5
- */
-SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
-		      SECItem *iv, PRBool faulty3DES)
-{
-    SECItem *hash = NULL, *key = NULL;
-    const SECHashObject *hashObj;
-    PRBool getIV = PR_FALSE;
-
-    if((pbe_param == NULL) || (pwitem == NULL)) {
-	return NULL;
-    }
-
-    key = SECITEM_AllocItem(NULL,NULL,pbe_param->keyLen);
-    if (key == NULL) {
-	return NULL;
-    }
-
-    if ((pbe_param->ivLen) && (iv->data == NULL)) {
-	getIV = PR_TRUE;
-    	iv->data = (unsigned char *)PORT_Alloc(pbe_param->ivLen);
-    	if (iv->data == NULL) {
-	    goto loser;
-	}
-	iv->len = pbe_param->ivLen;
-    }
-
-    hashObj = &SECRawHashObjects[pbe_param->hashType];
-    switch (pbe_param->pbeType) {
-    case NSSPKCS5_PBKDF1:
-	hash = nsspkcs5_PBKDF1Extended(hashObj,pbe_param,pwitem,faulty3DES);
-	if (hash == NULL) {
-	    goto loser;
-	}
-	PORT_Assert(hash->len >= key->len+iv->len);
-	if (getIV) {
-	    PORT_Memcpy(iv->data, hash->data+(hash->len - iv->len),iv->len);
-	}
-    	break;
-#ifdef PBKDF2
-    case NSSPKCS5_PBKDF2:
-	hash = nsspkcs5_PBKDF2(hashObj,pbe_param,pwitem);
-	PORT_Assert(!getIV);
-    	break;
-#endif
-    case NSSPKCS5_PKCS12_V2:
-	if (getIV) {
-	    hash = nsspkcs5_PKCS12PBE(hashObj,pbe_param,pwitem,
-						pbeBitGenCipherIV,iv->len);
-	    if (hash == NULL) {
-		goto loser;
-	    }
-	    PORT_Memcpy(iv->data,hash->data,iv->len);
-	    SECITEM_ZfreeItem(hash,PR_TRUE);
-	    hash = NULL;
-	}
-	hash = nsspkcs5_PKCS12PBE(hashObj,pbe_param,pwitem,
-						pbe_param->keyID,key->len);
-    default:
-	break;
-    }
-
-    if (hash == NULL) {
-	goto loser;
-    }
-
-    if (pbe_param->is2KeyDES) {
-	PORT_Memcpy(key->data, hash->data, (key->len * 2) / 3);
-	PORT_Memcpy(&(key->data[(key->len  * 2) / 3]), key->data,
-		    key->len / 3);
-    } else {
-	PORT_Memcpy(key->data, hash->data, key->len);
-    }
-
-    SECITEM_FreeItem(hash, PR_TRUE);
-    return key;
-
-loser:
-    if (getIV && iv->data) {
-	PORT_ZFree(iv->data,iv->len);
-	iv->data = NULL;
-    }
-
-    SECITEM_ZfreeItem(key, PR_TRUE);
-    return NULL;
-}
-
-static SECStatus
-nsspkcs5_FillInParam(SECOidTag algorithm, NSSPKCS5PBEParameter *pbe_param)
-{
-    PRBool skipType = PR_FALSE;
-
-    pbe_param->keyLen = 5;
-    pbe_param->ivLen = 8;
-    pbe_param->hashType = HASH_AlgSHA1;
-    pbe_param->pbeType = NSSPKCS5_PBKDF1;
-    pbe_param->encAlg = SEC_OID_RC2_CBC;
-    pbe_param->is2KeyDES = PR_FALSE;
-    switch(algorithm) {
-    /* DES3 Algorithms */
-    case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
-	pbe_param->is2KeyDES = PR_TRUE;
-	/* fall through */
-    case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
-	pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
-	/* fall through */
-    case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
-	pbe_param->keyLen = 24;
-	pbe_param->encAlg = SEC_OID_DES_EDE3_CBC;
-	break;
-
-    /* DES Algorithms */
-    case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
-    	pbe_param->hashType = HASH_AlgMD2;
-	goto finish_des;
-    case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
-    	pbe_param->hashType = HASH_AlgMD5;
-	/* fall through */
-    case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
-finish_des:
-	pbe_param->keyLen = 8;
-	pbe_param->encAlg =  SEC_OID_DES_CBC;
-	break;
-
-    /* RC2 Algorithms */
-    case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	pbe_param->keyLen = 16;
-	/* fall through */
-    case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
-	break;
-    case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
-	pbe_param->keyLen = 16;
-	/* fall through */
-    case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
-	break;
-
-    /* RC4 algorithms */
-    case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	skipType = PR_TRUE;
-	/* fall through */
-    case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
-	pbe_param->keyLen = 16;
-	/* fall through */
-    case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
-	if (!skipType) {
-    	    pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
-	}
-	/* fall through */
-    case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
-        pbe_param->ivLen = 0;
-        pbe_param->encAlg =  SEC_OID_RC4;
-        break;
-    default:
-        return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-/* decode the algid and generate a PKCS 5 parameter from it
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator)
-{
-    PRArenaPool *arena = NULL;
-    NSSPKCS5PBEParameter *pbe_param = NULL;
-    SECStatus rv = SECFailure;
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (arena == NULL)
-	return NULL;
-
-    /* allocate memory for the parameter */
-    pbe_param = (NSSPKCS5PBEParameter *)PORT_ArenaZAlloc(arena, 
-	sizeof(NSSPKCS5PBEParameter));
-
-    if (pbe_param == NULL) {
-	goto loser;
-    }
-
-    pbe_param->poolp = arena;
-
-    rv = nsspkcs5_FillInParam(alg, pbe_param);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    pbe_param->iter = iterator;
-    if (salt) {
-	rv = SECITEM_CopyItem(arena,&pbe_param->salt,salt);
-    }
-
-    /* default key gen */
-    pbe_param->keyID = pbeBitGenCipherKey;
-
-loser:
-    if (rv != SECSuccess) {
-	PORT_FreeArena(arena, PR_TRUE);
-	pbe_param = NULL;
-    }
-
-    return pbe_param;
-}
-
-/* decode the algid and generate a PKCS 5 parameter from it
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid)
-{
-    NSSPKCS5PBEParameter *pbe_param = NULL;
-    SECOidTag algorithm;
-    SECStatus rv = SECFailure;
-
-    if (algid == NULL) {
-	return NULL;
-    }
-
-    algorithm = SECOID_GetAlgorithmTag(algid);
-    if (algorithm == SEC_OID_UNKNOWN) {
-	goto loser;
-    }
-
-    pbe_param = nsspkcs5_NewParam(algorithm, NULL, 1);
-    if (pbe_param == NULL) {
-	goto loser;
-    }
-
-    /* decode parameter */
-    rv = SECFailure;
-    switch (pbe_param->pbeType) {
-    case NSSPKCS5_PBKDF1:
-	rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param, 
-	    NSSPKCS5PBEParameterTemplate, &algid->parameters);
-	break;
-    case NSSPKCS5_PKCS12_V2:
-	rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param, 
-		NSSPKCS5PKCS12V2PBEParameterTemplate, &algid->parameters);
-	break;
-    case NSSPKCS5_PBKDF2:
-	break;
-    }
-
-loser:
-    if (rv == SECSuccess) {
-    	pbe_param->iter = DER_GetInteger(&pbe_param->iteration);
-    } else {
-	nsspkcs5_DestroyPBEParameter(pbe_param);
-	pbe_param = NULL;
-    }
-
-    return pbe_param;
-}
-
-/* destroy a pbe parameter.  it assumes that the parameter was 
- * generated using the appropriate create function and therefor
- * contains an arena pool.
- */
-void 
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *pbe_param)
-{
-    if (pbe_param != NULL) {
-	PORT_FreeArena(pbe_param->poolp, PR_TRUE);
-    }
-}
-
-
-/* crypto routines */
-/* perform DES encryption and decryption.  these routines are called
- * by nsspkcs5_CipherData.  In the case of an error, NULL is returned.
- */
-static SECItem *
-sec_pkcs5_des(SECItem *key, SECItem *iv, SECItem *src, PRBool triple_des, 
-								PRBool encrypt)
-{
-    SECItem *dest;
-    SECItem *dup_src;
-    SECStatus rv = SECFailure;
-    int pad;
-
-    if((src == NULL) || (key == NULL) || (iv == NULL))
-	return NULL;
-
-    dup_src = SECITEM_DupItem(src);
-    if(dup_src == NULL) {
-	return NULL;
-    }
-
-    if(encrypt != PR_FALSE) {
-	void *dummy;
-
-	dummy = DES_PadBuffer(NULL, dup_src->data, 
-	    dup_src->len, &dup_src->len);
-	if(dummy == NULL) {
-	    SECITEM_FreeItem(dup_src, PR_TRUE);
-	    return NULL;
-	}
-	dup_src->data = (unsigned char*)dummy;
-    }
-
-    dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(dest != NULL) {
-	/* allocate with over flow */
-	dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
-	if(dest->data != NULL) {
-	    DESContext *ctxt;
-	    ctxt = DES_CreateContext(key->data, iv->data, 
-			(triple_des ? NSS_DES_EDE3_CBC : NSS_DES_CBC), 
-			encrypt);
-	
-	    if(ctxt != NULL) {
-		rv = (encrypt ? DES_Encrypt : DES_Decrypt)(
-			ctxt, dest->data, &dest->len,
-			dup_src->len + 64, dup_src->data, dup_src->len);
-
-		/* remove padding -- assumes 64 bit blocks */
-		if((encrypt == PR_FALSE) && (rv == SECSuccess)) {
-		    pad = dest->data[dest->len-1];
-		    if((pad > 0) && (pad <= 8)) {
-			if(dest->data[dest->len-pad] != pad) {
-			    rv = SECFailure;
-			    PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-			} else {
-			    dest->len -= pad;
-			}
-		    } else {
-			rv = SECFailure;
-			PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-		    }
-		}
-		DES_DestroyContext(ctxt, PR_TRUE);
-	    }
-	}
-    }
-
-    if(rv == SECFailure) {
-	if(dest != NULL) {
-	    SECITEM_FreeItem(dest, PR_TRUE);
-	}
-	dest = NULL;
-    }
-
-    if(dup_src != NULL) {
-	SECITEM_FreeItem(dup_src, PR_TRUE);
-    }
-
-    return dest;
-}
-
-/* perform rc2 encryption/decryption if an error occurs, NULL is returned
- */
-static SECItem *
-sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy, 
-								PRBool encrypt)
-{
-    SECItem *dest;
-    SECItem *dup_src;
-    SECStatus rv = SECFailure;
-    int pad;
-
-    if((src == NULL) || (key == NULL) || (iv == NULL)) {
-	return NULL;
-    }
-
-    dup_src = SECITEM_DupItem(src);
-    if(dup_src == NULL) {
-	return NULL;
-    }
-
-    if(encrypt != PR_FALSE) {
-	void *dummy;
-
-	dummy = DES_PadBuffer(NULL, dup_src->data, 
-			      dup_src->len, &dup_src->len);
-	if(dummy == NULL) {
-	    SECITEM_FreeItem(dup_src, PR_TRUE);
-	    return NULL;
-	}
-	dup_src->data = (unsigned char*)dummy;
-    }
-
-    dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(dest != NULL) {
-	dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
-	if(dest->data != NULL) {
-	    RC2Context *ctxt;
-
-	    ctxt = RC2_CreateContext(key->data, key->len, iv->data,
-					 	NSS_RC2_CBC, key->len);
-
-	    if(ctxt != NULL) {
-		rv = (encrypt ? RC2_Encrypt: RC2_Decrypt)(
-			ctxt, dest->data, &dest->len,
-			dup_src->len + 64, dup_src->data, dup_src->len);
-
-		/* assumes 8 byte blocks  -- remove padding */	
-		if((rv == SECSuccess) && (encrypt != PR_TRUE)) {
-		    pad = dest->data[dest->len-1];
-		    if((pad > 0) && (pad <= 8)) {
-			if(dest->data[dest->len-pad] != pad) {
-			    PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-			    rv = SECFailure;
-			} else {
-			    dest->len -= pad;
-			}
-		    } else {
-			PORT_SetError(SEC_ERROR_BAD_PASSWORD);
-			rv = SECFailure;
-		    }
-		}
-
-	    }
-	}
-    }
-
-    if((rv != SECSuccess) && (dest != NULL)) {
-	SECITEM_FreeItem(dest, PR_TRUE);
-	dest = NULL;
-    }
-
-    if(dup_src != NULL) {
-	SECITEM_FreeItem(dup_src, PR_TRUE);
-    }
-
-    return dest;
-}
-
-/* perform rc4 encryption and decryption */
-static SECItem *
-sec_pkcs5_rc4(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy_op,
-								 PRBool encrypt)
-{
-    SECItem *dest;
-    SECStatus rv = SECFailure;
-
-    if((src == NULL) || (key == NULL) || (iv == NULL)) {
-	return NULL;
-    }
-
-    dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-    if(dest != NULL) {
-	dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
-	    (src->len + 64));
-	if(dest->data != NULL) {
-	    RC4Context *ctxt;
-
-	    ctxt = RC4_CreateContext(key->data, key->len);
-	    if(ctxt) { 
-		rv = (encrypt ? RC4_Encrypt : RC4_Decrypt)(
-				ctxt, dest->data, &dest->len,
-				src->len + 64, src->data, src->len);
-		RC4_DestroyContext(ctxt, PR_TRUE);
-	    }
-	}
-    }
-
-    if((rv != SECSuccess) && (dest)) {
-	SECITEM_FreeItem(dest, PR_TRUE);
-	dest = NULL;
-    }
-
-    return dest;
-}
-/* function pointer template for crypto functions */
-typedef SECItem *(* pkcs5_crypto_func)(SECItem *key, SECItem *iv,
-                                         SECItem *src, PRBool op1, PRBool op2);
-
-/* performs the cipher operation on the src and returns the result.
- * if an error occurs, NULL is returned. 
- *
- * a null length password is allowed.  this corresponds to encrypting
- * the data with ust the salt.
- */
-/* change this to use PKCS 11? */
-SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem, 
-		    SECItem *src, PRBool encrypt, PRBool *update)
-{
-    SECItem *key = NULL, iv;
-    SECItem *dest = NULL;
-    PRBool tripleDES = PR_TRUE;
-    pkcs5_crypto_func cryptof;
-
-    iv.data = NULL;
-
-    if (update) { 
-        *update = PR_FALSE;
-    }
-
-    if ((pwitem == NULL) || (src == NULL)) {
-	return NULL;
-    }
-
-    /* get key, and iv */
-    key = nsspkcs5_ComputeKeyAndIV(pbe_param, pwitem, &iv, PR_FALSE);
-    if(key == NULL) {
-	return NULL;
-    }
-
-    switch(pbe_param->encAlg) {
-    case SEC_OID_DES_EDE3_CBC:
-	cryptof = sec_pkcs5_des;
-	tripleDES = PR_TRUE;
-	break;
-    case SEC_OID_DES_CBC:
-	cryptof = sec_pkcs5_des;
-	tripleDES = PR_FALSE;
-	break;
-    case SEC_OID_RC2_CBC:
-	cryptof = sec_pkcs5_rc2;
-	break;
-    case SEC_OID_RC4:
-	cryptof = sec_pkcs5_rc4;
-	break;
-    default:
-	cryptof = NULL;
-	break;
-    }
-
-    if (cryptof == NULL) {
-	goto loser;
-    }
-
-    dest = (*cryptof)(key, &iv, src, tripleDES, encrypt);
-    /* 
-     * it's possible for some keys and keydb's to claim to
-     * be triple des when they're really des. In this case
-     * we simply try des. If des works we set the update flag
-     * so the key db knows it needs to update all it's entries.
-     *  The case can only happen on decrypted of a 
-     *  SEC_OID_DES_EDE3_CBD.
-     */
-    if ((dest == NULL) && (encrypt == PR_FALSE) && 
-				(pbe_param->encAlg == SEC_OID_DES_EDE3_CBC)) {
-	dest = (*cryptof)(key, &iv, src, PR_FALSE, encrypt);
-	if (update && (dest != NULL)) *update = PR_TRUE;
-    }
-
-loser:
-    if (key != NULL) {
-	SECITEM_ZfreeItem(key, PR_TRUE);
-    }
-    if (iv.data != NULL) {
-	SECITEM_ZfreeItem(&iv, PR_FALSE);
-    }
-
-    return dest;
-}
-
-/* creates a algorithm ID containing the PBE algorithm and appropriate
- * parameters.  the required parameter is the algorithm.  if salt is
- * not specified, it is generated randomly.  if IV is specified, it overrides
- * the PKCS 5 generation of the IV.  
- *
- * the returned SECAlgorithmID should be destroyed using 
- * SECOID_DestroyAlgorithmID
- */
-SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm, 
-					NSSPKCS5PBEParameter *pbe_param)
-{
-    SECAlgorithmID *algid, *ret_algid = NULL;
-    SECItem der_param;
-    SECStatus rv = SECFailure;
-    void *dummy = NULL;
-
-    if (arena == NULL) {
-	return NULL;
-    }
-
-    der_param.data = NULL;
-    der_param.len = 0;
-
-    /* generate the algorithm id */
-    algid = (SECAlgorithmID *)PORT_ArenaZAlloc(arena, sizeof(SECAlgorithmID));
-    if (algid == NULL) {
-	goto loser;
-    }
-
-    if (pbe_param->iteration.data == NULL) {
-	dummy = SEC_ASN1EncodeInteger(pbe_param->poolp,&pbe_param->iteration,
-								pbe_param->iter);
-	if (dummy == NULL) {
-	    goto loser;
-	}
-    }
-    switch (pbe_param->pbeType) {
-    case NSSPKCS5_PBKDF1:
-	dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
-					NSSPKCS5PBEParameterTemplate);
-	break;
-    case NSSPKCS5_PKCS12_V2:
-	dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
-	    				NSSPKCS5PKCS12V2PBEParameterTemplate);
-	break;
-    default:
-	break;
-    }
-
-    if (dummy == NULL) {
-	goto loser;
-    }
-	
-    rv = SECOID_SetAlgorithmID(arena, algid, algorithm, &der_param);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
-    if (ret_algid == NULL) {
-	goto loser;
-    }
-
-    rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
-    if (rv != SECSuccess) {
-	SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
-	ret_algid = NULL;
-    }
-
-loser:	
-
-    return ret_algid;
-}
diff --git a/security/nss/lib/softoken/lowpbe.h b/security/nss/lib/softoken/lowpbe.h
deleted file mode 100644
index 8ddee11a6..000000000
--- a/security/nss/lib/softoken/lowpbe.h
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECPKCS5_H_
-#define _SECPKCS5_H_
-
-#include "plarena.h"
-#include "secitem.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "hasht.h"
-
-typedef SECItem * (* SEC_PKCS5GetPBEPassword)(void *arg);
-
-/* used for V2 PKCS 12 Draft Spec */ 
-typedef enum {
-    pbeBitGenIDNull = 0,
-    pbeBitGenCipherKey = 0x01,
-    pbeBitGenCipherIV = 0x02,
-    pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef enum {
-    NSSPKCS5_PBKDF1 = 0,
-    NSSPKCS5_PBKDF2 = 1,
-    NSSPKCS5_PKCS12_V2 = 2
-} NSSPKCS5PBEType;
-
-typedef struct NSSPKCS5PBEParameterStr NSSPKCS5PBEParameter;
-
-struct NSSPKCS5PBEParameterStr {
-    PRArenaPool *poolp;
-    SECItem	salt;		/* octet string */
-    SECItem	iteration;	/* integer */
-
-    /* used locally */
-    int		iter;
-    int 	keyLen;
-    int		ivLen;
-    HASH_HashType hashType;
-    NSSPKCS5PBEType pbeType;
-    PBEBitGenID	keyID;
-    SECOidTag	encAlg;
-    PRBool	is2KeyDES;
-};
-
-
-SEC_BEGIN_PROTOS
-/* Create a PKCS5 Algorithm ID
- * The algorithm ID is set up using the PKCS #5 parameter structure
- *  algorithm is the PBE algorithm ID for the desired algorithm
- *  pbe is a pbe param block with all the info needed to create the 
- *   algorithm id.
- * If an error occurs or the algorithm specified is not supported 
- * or is not a password based encryption algorithm, NULL is returned.
- * Otherwise, a pointer to the algorithm id is returned.
- */
-extern SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm, 
-						NSSPKCS5PBEParameter *pbe);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator);
-
-
-/* Encrypt/Decrypt data using password based encryption.  
- *  algid is the PBE algorithm identifier,
- *  pwitem is the password,
- *  src is the source for encryption/decryption,
- *  encrypt is PR_TRUE for encryption, PR_FALSE for decryption.
- * The key and iv are generated based upon PKCS #5 then the src
- * is either encrypted or decrypted.  If an error occurs, NULL
- * is returned, otherwise the ciphered contents is returned.
- */
-extern SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *, SECItem *pwitem,
-		    SECItem *src, PRBool encrypt, PRBool *update);
-
-extern SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *, SECItem *pwitem,
-		    			SECItem *iv, PRBool faulty3DES);
-
-/* Destroys PBE parameter */
-extern void
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *param);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/softoken/manifest.mn b/security/nss/lib/softoken/manifest.mn
deleted file mode 100644
index 379481a07..000000000
--- a/security/nss/lib/softoken/manifest.mn
+++ /dev/null
@@ -1,79 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-REQUIRES = dbm
-
-LIBRARY_NAME = softokn
-LIBRARY_VERSION = 3
-MAPFILE = $(OBJDIR)/softokn.def
-
-DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\"
-
-
-EXPORTS = \
-	pkcs11.h \
-	pkcs11f.h \
-	pkcs11p.h \
-	pkcs11t.h \
-	pkcs11n.h \
-	pkcs11u.h \
-	$(NULL)
-
-PRIVATE_EXPORTS = \
-	alghmac.h \
-	pk11pars.h \
-	pkcs11i.h \
-	$(NULL)
-
-CSRCS = \
-	alghmac.c \
-	dbinit.c \
-	fipstest.c \
-	fipstokn.c \
-	keydb.c    \
-	lowcert.c  \
-	lowkey.c   \
-	lowpbe.c   \
-	padbuf.c   \
-	pcertdb.c \
-	pk11db.c \
-	pkcs11.c   \
-	pkcs11c.c  \
-	pkcs11u.c  \
-	rawhash.c \
-	rsawrapr.c  \
-	softkver.c  \
-	$(NULL)
diff --git a/security/nss/lib/softoken/padbuf.c b/security/nss/lib/softoken/padbuf.c
deleted file mode 100644
index a4e28947a..000000000
--- a/security/nss/lib/softoken/padbuf.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "blapit.h"
-#include "secport.h"
-#include "secerr.h"
-
-/*
- * Prepare a buffer for DES encryption, growing to the appropriate boundary,
- * filling with the appropriate padding.
- *
- * NOTE: If arena is non-NULL, we re-allocate from there, otherwise
- * we assume (and use) XP memory (re)allocation.
- */
-unsigned char *
-DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, unsigned int inlen,
-	      unsigned int *outlen)
-{
-    unsigned char *outbuf;
-    unsigned int   des_len;
-    unsigned int   i;
-    unsigned char  des_pad_len;
-
-    /*
-     * We need from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
-     * The extra bytes contain the value of the length of the padding:
-     * if we have 2 bytes of padding, then the padding is "0x02, 0x02".
-     */
-    des_len = (inlen + DES_KEY_LENGTH) & ~(DES_KEY_LENGTH - 1);
-
-    if (arena != NULL) {
-	outbuf = (unsigned char*)PORT_ArenaGrow (arena, inbuf, inlen, des_len);
-    } else {
-	outbuf = (unsigned char*)PORT_Realloc (inbuf, des_len);
-    }
-
-    if (outbuf == NULL) {
-	PORT_SetError (SEC_ERROR_NO_MEMORY);
-	return NULL;
-    }
-
-    des_pad_len = des_len - inlen;
-    for (i = inlen; i < des_len; i++)
-	outbuf[i] = des_pad_len;
-
-    *outlen = des_len;
-    return outbuf;
-}
diff --git a/security/nss/lib/softoken/pcert.h b/security/nss/lib/softoken/pcert.h
deleted file mode 100644
index aa2c6ea3b..000000000
--- a/security/nss/lib/softoken/pcert.h
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PCERTDB_H_
-#define _PCERTDB_H_
-
-#include "plarena.h"
-#include "prlong.h"
-#include "pcertt.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Add a DER encoded certificate to the permanent database.
-**	"derCert" is the DER encoded certificate.
-**	"nickname" is the nickname to use for the cert
-**	"trust" is the trust parameters for the cert
-*/
-SECStatus nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *handle, 
-			NSSLOWCERTCertificate *cert,
-				char *nickname, NSSLOWCERTCertTrust *trust);
-SECStatus nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
-				NSSLOWCERTCertificate *cert, char *nickname);
-
-SECStatus nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert);
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(NSSLOWCERTCertificate *cert,
-                                                   SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-**	"certfunc" is the user function to call for each certificate
-**	"udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
-		      PermCertCallback certfunc,
-		      void *udata );
-
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle);
-
-SECItem *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey,
-				 		char **urlp, PRBool isKRL);
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle,SECItem *derName,
-								PRBool isKRL);
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl ,
-				SECItem *derKey, char *url, PRBool isKRL);
-
-NSSLOWCERTCertDBHandle *nsslowcert_GetDefaultCertDB();
-NSSLOWKEYPublicKey *nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *);
-
-NSSLOWCERTCertificate *
-nsslowcert_NewTempCertificate(NSSLOWCERTCertDBHandle *handle, SECItem *derCert,
-                        char *nickname, PRBool isperm, PRBool copyDER);
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyTrust(NSSLOWCERTTrust *Trust);
-
-/*
- * Lookup a certificate in the databases without locking
- *	"certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey);
-
-/*
- * Lookup trust for a certificate in the databases without locking
- *	"certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database.  Return the cert if found.
-**	"issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database.  Return the cert if found.
-**	"issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTTrust *
-nsslowcert_FindTrustByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-**	"derCert" is the DER encoded certificate
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-
-/* convert an email address to lower case */
-char *nsslowcert_FixupEmailAddr(char *emailAddr);
-
-/*
-** Decode a DER encoded certificate into an NSSLOWCERTCertificate structure
-**      "derSignedCert" is the DER encoded signed certificate
-**      "copyDER" is true if the DER should be copied, false if the
-**              existing copy should be referenced
-**      "nickname" is the nickname to use in the database.  If it is NULL
-**              then a temporary nickname is generated.
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate (SECItem *derSignedCert, PRBool copyDER, char *nickname);
-
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *certHandle,
-							 char *emailAddr);
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry);
-
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
-		const char *domain, const char *prefix,
-                NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
-
-void
-nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle);
-
-/*
- * is certa newer than certb?  If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb);
-
-
-SECStatus
-nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
-		      certDBEntryType type,
-		      SECStatus (* callback)(SECItem *data, SECItem *key,
-					    certDBEntryType type, void *pdata),
-		      void *udata );
-SECStatus
-nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
-				 SECItem *derSubject,
-				 NSSLOWCERTCertCallback cb, void *cbarg);
-int
-nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
-							 SECItem *derSubject);
-SECStatus
-nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
-	 	char *nickname, NSSLOWCERTCertCallback cb, void *cbarg);
-
-int
-nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle, 
-							char *nickname);
-SECStatus
-nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert,
-					 NSSLOWCERTCertTrust *trust);
-
-SECStatus
-nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr, 
-	SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime);
-
-/*
- * Change the trust attributes of a certificate and make them permanent
- * in the database.
- */
-SECStatus
-nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle, 
-	  	NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust);
-
-PRBool
-nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust);
-
-void
-nsslowcert_DestroyGlobalLocks(void);
-
-SEC_END_PROTOS
-
- #endif /* _PCERTDB_H_ */
diff --git a/security/nss/lib/softoken/pcertdb.c b/security/nss/lib/softoken/pcertdb.c
deleted file mode 100644
index 50dbcff15..000000000
--- a/security/nss/lib/softoken/pcertdb.c
+++ /dev/null
@@ -1,4765 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Permanent Certificate database handling code 
- *
- * $Id$
- */
-#include "prtime.h"
-
-#include "lowkeyti.h"
-#include "pcert.h"
-#include "mcom_db.h"
-#include "pcert.h"
-#include "secitem.h"
-#include "secder.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "base64.h"
-#include "sechash.h"
-#include "plhash.h"
-
-#include "cdbhdl.h"
-
-/* forward declaration */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCertNoLocking(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-
-/*
- * the following functions are wrappers for the db library that implement
- * a global lock to make the database thread safe.
- */
-static PZLock *dbLock = NULL;
-
-void
-certdb_InitDBLock(NSSLOWCERTCertDBHandle *handle)
-{
-    if (dbLock == NULL) {
-	nss_InitLock(&dbLock, nssILockCertDB);
-	PORT_Assert(dbLock != NULL);
-    }
-
-    return;
-}
-
-/*
- * Acquire the global lock on the cert database.
- * This lock is currently used for the following operations:
- *	adding or deleting a cert to either the temp or perm databases
- *	converting a temp to perm or perm to temp
- *	changing (maybe just adding!?) the trust of a cert
- *      chaning the DB status checking Configuration
- */
-static void
-nsslowcert_LockDB(NSSLOWCERTCertDBHandle *handle)
-{
-    PZ_EnterMonitor(handle->dbMon);
-    return;
-}
-
-/*
- * Free the global cert database lock.
- */
-static void
-nsslowcert_UnlockDB(NSSLOWCERTCertDBHandle *handle)
-{
-    PRStatus prstat;
-    
-    prstat = PZ_ExitMonitor(handle->dbMon);
-    
-    PORT_Assert(prstat == PR_SUCCESS);
-    
-    return;
-}
-
-static PZLock *certRefCountLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-static void
-nsslowcert_LockCertRefCount(NSSLOWCERTCertificate *cert)
-{
-    if ( certRefCountLock == NULL ) {
-	nss_InitLock(&certRefCountLock, nssILockRefLock);
-	PORT_Assert(certRefCountLock != NULL);
-    }
-    
-    PZ_Lock(certRefCountLock);
-    return;
-}
-
-/*
- * Free the cert reference count lock
- */
-static void
-nsslowcert_UnlockCertRefCount(NSSLOWCERTCertificate *cert)
-{
-    PRStatus prstat;
-
-    PORT_Assert(certRefCountLock != NULL);
-    
-    prstat = PZ_Unlock(certRefCountLock);
-    
-    PORT_Assert(prstat == PR_SUCCESS);
-
-    return;
-}
-
-static PZLock *certTrustLock = NULL;
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-nsslowcert_LockCertTrust(NSSLOWCERTCertificate *cert)
-{
-    if ( certTrustLock == NULL ) {
-	nss_InitLock(&certTrustLock, nssILockCertDB);
-	PORT_Assert(certTrustLock != NULL);
-    }
-    
-    PZ_Lock(certTrustLock);
-    return;
-}
-
-/*
- * Free the cert trust lock
- */
-void
-nsslowcert_UnlockCertTrust(NSSLOWCERTCertificate *cert)
-{
-    PRStatus prstat;
-
-    PORT_Assert(certTrustLock != NULL);
-    
-    prstat = PZ_Unlock(certTrustLock);
-    
-    PORT_Assert(prstat == PR_SUCCESS);
-
-    return;
-}
-
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *c)
-{
-    if (c) {
-	nsslowcert_LockCertRefCount(c);
-	++c->referenceCount;
-	nsslowcert_UnlockCertRefCount(c);
-    }
-    return c;
-}
-
-static int
-certdb_Get(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
-    PRStatus prstat;
-    int ret;
-    
-    PORT_Assert(dbLock != NULL);
-    PZ_Lock(dbLock);
-    
-    ret = (* db->get)(db, key, data, flags);
-
-    prstat = PZ_Unlock(dbLock);
-
-    return(ret);
-}
-
-static int
-certdb_Put(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
-    PRStatus prstat;
-    int ret;
-
-    PORT_Assert(dbLock != NULL);
-    PZ_Lock(dbLock);
-
-    ret = (* db->put)(db, key, data, flags);
-    
-    prstat = PZ_Unlock(dbLock);
-
-    return(ret);
-}
-
-static int
-certdb_Sync(DB *db, unsigned int flags)
-{
-    PRStatus prstat;
-    int ret;
-
-    PORT_Assert(dbLock != NULL);
-    PZ_Lock(dbLock);
-
-    ret = (* db->sync)(db, flags);
-    
-    prstat = PZ_Unlock(dbLock);
-
-    return(ret);
-}
-
-#define DB_NOT_FOUND -30991  /* from DBM 3.2 */
-static int
-certdb_Del(DB *db, DBT *key, unsigned int flags)
-{
-    PRStatus prstat;
-    int ret;
-
-    PORT_Assert(dbLock != NULL);
-    PZ_Lock(dbLock);
-
-    ret = (* db->del)(db, key, flags);
-    
-    prstat = PZ_Unlock(dbLock);
-
-    /* don't fail if the record is already deleted */
-    if (ret == DB_NOT_FOUND) {
-	ret = 0;
-    }
-
-    return(ret);
-}
-
-static int
-certdb_Seq(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
-    PRStatus prstat;
-    int ret;
-    
-    PORT_Assert(dbLock != NULL);
-    PZ_Lock(dbLock);
-    
-    ret = (* db->seq)(db, key, data, flags);
-
-    prstat = PZ_Unlock(dbLock);
-
-    return(ret);
-}
-
-static void
-certdb_Close(DB *db)
-{
-    PRStatus prstat;
-
-    PORT_Assert(dbLock != NULL);
-    PZ_Lock(dbLock);
-
-    (* db->close)(db);
-    
-    prstat = PZ_Unlock(dbLock);
-
-    return;
-}
-
-/* forward references */
-static void nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert);
-
-static SECStatus
-DeleteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryType type, SECItem *dbkey)
-{
-    DBT key;
-    int ret;
-
-    /* init the database key */
-    key.data = dbkey->data;
-    key.size = dbkey->len;
-    
-    dbkey->data[0] = (unsigned char)type;
-
-    /* delete entry from database */
-    ret = certdb_Del(handle->permCertDB, &key, 0 );
-    if ( ret != 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-
-    ret = certdb_Sync(handle->permCertDB, 0);
-    if ( ret ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-
-    return(SECSuccess);
-    
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-ReadDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
-	    SECItem *dbkey, SECItem *dbentry, PRArenaPool *arena)
-{
-    DBT data, key;
-    int ret;
-    unsigned char *buf;
-    
-    /* init the database key */
-    key.data = dbkey->data;
-    key.size = dbkey->len;
-    
-    dbkey->data[0] = (unsigned char)entry->type;
-
-    /* read entry from database */
-    ret = certdb_Get(handle->permCertDB, &key, &data, 0 );
-    if ( ret != 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* validate the entry */
-    if ( data.size < SEC_DB_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    buf = (unsigned char *)data.data;
-    if ( buf[0] != (unsigned char)CERT_DB_FILE_VERSION ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    if ( buf[1] != (unsigned char)entry->type ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-
-    /* copy out header information */
-    entry->version = (unsigned int)buf[0];
-    entry->type = (certDBEntryType)buf[1];
-    entry->flags = (unsigned int)buf[2];
-    
-    /* format body of entry for return to caller */
-    dbentry->len = data.size - SEC_DB_ENTRY_HEADER_LEN;
-    if ( dbentry->len ) {
-	dbentry->data = (unsigned char *)PORT_ArenaAlloc(arena, dbentry->len);
-	if ( dbentry->data == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-    
-	PORT_Memcpy(dbentry->data, &buf[SEC_DB_ENTRY_HEADER_LEN],
-		  dbentry->len);
-    } else {
-	dbentry->data = NULL;
-    }
-    
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/**
- ** Implement low level database access
- **/
-static SECStatus
-WriteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
-	     SECItem *dbkey, SECItem *dbentry)
-{
-    int ret;
-    DBT data, key;
-    unsigned char *buf;
-    
-    data.data = dbentry->data;
-    data.size = dbentry->len;
-    
-    buf = (unsigned char*)data.data;
-    
-    buf[0] = (unsigned char)entry->version;
-    buf[1] = (unsigned char)entry->type;
-    buf[2] = (unsigned char)entry->flags;
-    
-    key.data = dbkey->data;
-    key.size = dbkey->len;
-    
-    dbkey->data[0] = (unsigned char)entry->type;
-
-    /* put the record into the database now */
-    ret = certdb_Put(handle->permCertDB, &key, &data, 0);
-
-    if ( ret != 0 ) {
-	goto loser;
-    }
-
-    ret = certdb_Sync( handle->permCertDB, 0 );
-    
-    if ( ret ) {
-	goto loser;
-    }
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * encode a database cert record
- */
-static SECStatus
-EncodeDBCertEntry(certDBEntryCert *entry, PRArenaPool *arena, SECItem *dbitem)
-{
-    unsigned int nnlen;
-    unsigned char *buf;
-    char *nn;
-    char zbuf = 0;
-    
-    if ( entry->nickname ) {
-	nn = entry->nickname;
-    } else {
-	nn = &zbuf;
-    }
-    nnlen = PORT_Strlen(nn) + 1;
-    
-    /* allocate space for encoded database record, including space
-     * for low level header
-     */
-    dbitem->len = entry->derCert.len + nnlen + DB_CERT_ENTRY_HEADER_LEN +
-	SEC_DB_ENTRY_HEADER_LEN;
-    
-    dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
-    if ( dbitem->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    /* fill in database record */
-    buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-    
-    buf[0] = ( entry->trust.sslFlags >> 8 ) & 0xff;
-    buf[1] = entry->trust.sslFlags & 0xff;
-    buf[2] = ( entry->trust.emailFlags >> 8 ) & 0xff;
-    buf[3] = entry->trust.emailFlags & 0xff;
-    buf[4] = ( entry->trust.objectSigningFlags >> 8 ) & 0xff;
-    buf[5] = entry->trust.objectSigningFlags & 0xff;
-    buf[6] = ( entry->derCert.len >> 8 ) & 0xff;
-    buf[7] = entry->derCert.len & 0xff;
-    buf[8] = ( nnlen >> 8 ) & 0xff;
-    buf[9] = nnlen & 0xff;
-    
-    PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN], entry->derCert.data,
-	      entry->derCert.len);
-
-    PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN + entry->derCert.len],
-	      nn, nnlen);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * encode a database key for a cert record
- */
-static SECStatus
-EncodeDBCertKey(SECItem *certKey, PRArenaPool *arena, SECItem *dbkey)
-{
-    dbkey->len = certKey->len + SEC_DB_KEY_HEADER_LEN;
-    dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
-    if ( dbkey->data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
-	      certKey->data, certKey->len);
-    dbkey->data[0] = certDBEntryTypeCert;
-
-    return(SECSuccess);
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-EncodeDBGenericKey(SECItem *certKey, PRArenaPool *arena, SECItem *dbkey, 
-				certDBEntryType entryType)
-{
-    /*
-     * we only allow _one_ KRL key!
-     */
-    if (entryType == certDBEntryTypeKeyRevocation) {
-	dbkey->len = SEC_DB_KEY_HEADER_LEN;
- 	dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
-	if ( dbkey->data == NULL ) {
-	    goto loser;
-	}
-        dbkey->data[0] = (unsigned char) entryType;
-        return(SECSuccess);
-    }
-    
-
-    dbkey->len = certKey->len + SEC_DB_KEY_HEADER_LEN;
-    dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
-    if ( dbkey->data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
-	      certKey->data, certKey->len);
-    dbkey->data[0] = (unsigned char) entryType;
-
-    return(SECSuccess);
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
-{
-    unsigned int nnlen;
-    unsigned int headerlen;
-    int lenoff;
-
-    /* allow updates of old versions of the database */
-    switch ( entry->common.version ) {
-      case 5:
-	headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
-	lenoff = 3;
-	break;
-      case 6:
-	/* should not get here */
-	PORT_Assert(0);
-	headerlen = DB_CERT_V6_ENTRY_HEADER_LEN;
-	lenoff = 3;
-	break;
-      case 7:
-	headerlen = DB_CERT_ENTRY_HEADER_LEN;
-	lenoff = 6;
-	break;
-      default:
-	/* better not get here */
-	PORT_Assert(0);
-	headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
-	lenoff = 3;
-	break;
-    }
-    
-    /* is record long enough for header? */
-    if ( dbentry->len < headerlen ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* is database entry correct length? */
-    entry->derCert.len = ( ( dbentry->data[lenoff] << 8 ) |
-			  dbentry->data[lenoff+1] );
-    nnlen = ( ( dbentry->data[lenoff+2] << 8 ) | dbentry->data[lenoff+3] );
-    if ( ( entry->derCert.len + nnlen + headerlen )
-	!= dbentry->len) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* copy the dercert */
-    entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
-							   entry->derCert.len);
-    if ( entry->derCert.data == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    PORT_Memcpy(entry->derCert.data, &dbentry->data[headerlen],
-	      entry->derCert.len);
-
-    /* copy the nickname */
-    if ( nnlen > 1 ) {
-	entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena, nnlen);
-	if ( entry->nickname == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->nickname,
-		    &dbentry->data[headerlen +
-				   entry->derCert.len],
-		    nnlen);
-    } else {
-	entry->nickname = NULL;
-    }
-    
-    if ( entry->common.version < 7 ) {
-	/* allow updates of v5 db */
-	entry->trust.sslFlags = dbentry->data[0];
-	entry->trust.emailFlags = dbentry->data[1];
-	entry->trust.objectSigningFlags = dbentry->data[2];
-    } else {
-	entry->trust.sslFlags = ( dbentry->data[0] << 8 ) | dbentry->data[1];
-	entry->trust.emailFlags = ( dbentry->data[2] << 8 ) | dbentry->data[3];
-	entry->trust.objectSigningFlags =
-	    ( dbentry->data[4] << 8 ) | dbentry->data[5];
-    }
-    
-    return(SECSuccess);
-loser:
-    return(SECFailure);
-}
-
-
-/*
- * Create a new certDBEntryCert from existing data
- */
-static certDBEntryCert *
-NewDBCertEntry(SECItem *derCert, char *nickname,
-	       NSSLOWCERTCertTrust *trust, int flags)
-{
-    certDBEntryCert *entry;
-    PRArenaPool *arena = NULL;
-    int nnlen;
-    
-    arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
-    if ( !arena ) {
-	goto loser;
-    }
-	
-    entry = (certDBEntryCert *)PORT_ArenaZAlloc(arena, sizeof(certDBEntryCert));
-
-    if ( entry == NULL ) {
-	goto loser;
-    }
-    
-    /* fill in the dbCert */
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeCert;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.flags = flags;
-    
-    if ( trust ) {
-	entry->trust = *trust;
-    }
-
-    entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, derCert->len);
-    if ( !entry->derCert.data ) {
-	goto loser;
-    }
-    entry->derCert.len = derCert->len;
-    PORT_Memcpy(entry->derCert.data, derCert->data, derCert->len);
-    
-    nnlen = ( nickname ? strlen(nickname) + 1 : 0 );
-    
-    if ( nnlen ) {
-	entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
-	if ( !entry->nickname ) {
-	    goto loser;
-	}
-	PORT_Memcpy(entry->nickname, nickname, nnlen);
-	
-    } else {
-	entry->nickname = 0;
-    }
-
-    return(entry);
-
-loser:
-    
-    /* allocation error, free arena and return */
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    return(0);
-}
-
-/*
- * Decode a version 4 DBCert from the byte stream database format
- * and construct a current database entry struct
- */
-static certDBEntryCert *
-DecodeV4DBCertEntry(unsigned char *buf, int len)
-{
-    certDBEntryCert *entry;
-    int certlen;
-    int nnlen;
-    PRArenaPool *arena;
-    
-    /* make sure length is at least long enough for the header */
-    if ( len < DBCERT_V4_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return(0);
-    }
-
-    /* get other lengths */
-    certlen = buf[3] << 8 | buf[4];
-    nnlen = buf[5] << 8 | buf[6];
-    
-    /* make sure DB entry is the right size */
-    if ( ( certlen + nnlen + DBCERT_V4_HEADER_LEN ) != len ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	return(0);
-    }
-
-    /* allocate arena */
-    arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
-    if ( !arena ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return(0);
-    }
-	
-    /* allocate structure and members */
-    entry = (certDBEntryCert *)  PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
-
-    if ( !entry ) {
-	goto loser;
-    }
-
-    entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, certlen);
-    if ( !entry->derCert.data ) {
-	goto loser;
-    }
-    entry->derCert.len = certlen;
-    
-    if ( nnlen ) {
-	entry->nickname = (char *) PORT_ArenaAlloc(arena, nnlen);
-	if ( !entry->nickname ) {
-	    goto loser;
-	}
-    } else {
-	entry->nickname = 0;
-    }
-
-    entry->common.arena = arena;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.type = certDBEntryTypeCert;
-    entry->common.flags = 0;
-    entry->trust.sslFlags = buf[0];
-    entry->trust.emailFlags = buf[1];
-    entry->trust.objectSigningFlags = buf[2];
-
-    PORT_Memcpy(entry->derCert.data, &buf[DBCERT_V4_HEADER_LEN], certlen);
-    PORT_Memcpy(entry->nickname, &buf[DBCERT_V4_HEADER_LEN + certlen], nnlen);
-
-    if (PORT_Strcmp(entry->nickname,"Server-Cert") == 0) {
-	entry->trust.sslFlags |= CERTDB_USER;
-    }
-
-    return(entry);
-    
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    return(0);
-}
-
-/*
- * Encode a Certificate database entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBCertEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
-{
-    SECItem dbitem, dbkey;
-    PRArenaPool *tmparena = NULL;
-    SECItem tmpitem;
-    SECStatus rv;
-    
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBCertEntry(entry, tmparena, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* get the database key and format it */
-    rv = nsslowcert_KeyFromDERCert(tmparena, &entry->derCert, &tmpitem);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    rv = EncodeDBCertKey(&tmpitem, tmparena, &dbkey);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-    
-    /* now write it to the database */
-    rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    return(SECFailure);
-}
-
-
-/*
- * delete a certificate entry
- */
-static SECStatus
-DeleteDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
-    SECItem dbkey;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-
-    rv = EncodeDBCertKey(certKey, arena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = DeleteDBEntry(handle, certDBEntryTypeCert, &dbkey);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(SECFailure);
-}
-
-/*
- * Read a certificate entry
- */
-static certDBEntryCert *
-ReadDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
-    PRArenaPool *arena = NULL;
-    PRArenaPool *tmparena = NULL;
-    certDBEntryCert *entry;
-    SECItem dbkey;
-    SECItem dbentry;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeCert;
-
-    rv = EncodeDBCertKey(certKey, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    rv = DecodeDBCertEntry(entry, &dbentry);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(entry);
-    
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * encode a database cert record
- */
-static SECStatus
-EncodeDBCrlEntry(certDBEntryRevocation *entry, PRArenaPool *arena, SECItem *dbitem)
-{
-    unsigned int nnlen = 0;
-    unsigned char *buf;
-  
-    if (entry->url) {  
-	nnlen = PORT_Strlen(entry->url) + 1;
-    }
-    
-    /* allocate space for encoded database record, including space
-     * for low level header
-     */
-    dbitem->len = entry->derCrl.len + nnlen 
-		+ SEC_DB_ENTRY_HEADER_LEN + DB_CRL_ENTRY_HEADER_LEN;
-    
-    dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
-    if ( dbitem->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    /* fill in database record */
-    buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-    
-    buf[0] = ( entry->derCrl.len >> 8 ) & 0xff;
-    buf[1] = entry->derCrl.len & 0xff;
-    buf[2] = ( nnlen >> 8 ) & 0xff;
-    buf[3] = nnlen & 0xff;
-    
-    PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN], entry->derCrl.data,
-	      entry->derCrl.len);
-
-    if (nnlen != 0) {
-	PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
-	      entry->url, nnlen);
-    }
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
-{
-    unsigned int nnlen;
-    
-    /* is record long enough for header? */
-    if ( dbentry->len < DB_CRL_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* is database entry correct length? */
-    entry->derCrl.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
-    if ( ( entry->derCrl.len + nnlen + DB_CRL_ENTRY_HEADER_LEN )
-	!= dbentry->len) {
-      /* CRL entry is greater than 64 K. Hack to make this continue to work */
-      if (dbentry->len >= (0xffff - DB_CRL_ENTRY_HEADER_LEN) - nnlen) {
-          entry->derCrl.len = 
-                      (dbentry->len - DB_CRL_ENTRY_HEADER_LEN) - nnlen;
-      } else {
-          PORT_SetError(SEC_ERROR_BAD_DATABASE);
-          goto loser;
-      }    
-    }
-    
-    /* copy the dercert */
-    entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
-							 entry->derCrl.len);
-    if ( entry->derCrl.data == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    PORT_Memcpy(entry->derCrl.data, &dbentry->data[DB_CRL_ENTRY_HEADER_LEN],
-	      entry->derCrl.len);
-
-    /* copy the url */
-    entry->url = NULL;
-    if (nnlen != 0) {
-	entry->url = (char *)PORT_ArenaAlloc(entry->common.arena, nnlen);
-	if ( entry->url == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->url,
-	      &dbentry->data[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
-	      nnlen);
-    }
-    
-    return(SECSuccess);
-loser:
-    return(SECFailure);
-}
-
-/*
- * Create a new certDBEntryRevocation from existing data
- */
-static certDBEntryRevocation *
-NewDBCrlEntry(SECItem *derCrl, char * url, certDBEntryType crlType, int flags)
-{
-    certDBEntryRevocation *entry;
-    PRArenaPool *arena = NULL;
-    int nnlen;
-    
-    arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
-    if ( !arena ) {
-	goto loser;
-    }
-	
-    entry = (certDBEntryRevocation*)
-			PORT_ArenaZAlloc(arena, sizeof(certDBEntryRevocation));
-
-    if ( entry == NULL ) {
-	goto loser;
-    }
-    
-    /* fill in the dbRevolcation */
-    entry->common.arena = arena;
-    entry->common.type = crlType;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.flags = flags;
-    
-
-    entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(arena, derCrl->len);
-    if ( !entry->derCrl.data ) {
-	goto loser;
-    }
-
-    if (url) {
-	nnlen = PORT_Strlen(url) + 1;
-	entry->url  = (char *)PORT_ArenaAlloc(arena, nnlen);
-	if ( !entry->url ) {
-	    goto loser;
-	}
-	PORT_Memcpy(entry->url, url, nnlen);
-    } else {
-	entry->url = NULL;
-    }
-
-	
-    entry->derCrl.len = derCrl->len;
-    PORT_Memcpy(entry->derCrl.data, derCrl->data, derCrl->len);
-
-    return(entry);
-
-loser:
-    
-    /* allocation error, free arena and return */
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    return(0);
-}
-
-
-static SECStatus
-WriteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryRevocation *entry,
-				SECItem *crlKey )
-{
-    SECItem dbkey;
-    PRArenaPool *tmparena = NULL;
-    SECItem encodedEntry;
-    SECStatus rv;
-    
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	goto loser;
-    }
-
-    rv = EncodeDBCrlEntry(entry, tmparena, &encodedEntry);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    rv = EncodeDBGenericKey(crlKey, tmparena, &dbkey, entry->common.type);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-    
-    /* now write it to the database */
-    rv = WriteDBEntry(handle, &entry->common, &dbkey, &encodedEntry);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    return(SECFailure);
-}
-/*
- * delete a crl entry
- */
-static SECStatus
-DeleteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey, 
-						certDBEntryType crlType)
-{
-    SECItem dbkey;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-
-    rv = EncodeDBGenericKey(crlKey, arena, &dbkey, crlType);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = DeleteDBEntry(handle, crlType, &dbkey);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(SECFailure);
-}
-
-/*
- * Read a certificate entry
- */
-static certDBEntryRevocation *
-ReadDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey,
-						certDBEntryType crlType)
-{
-    PRArenaPool *arena = NULL;
-    PRArenaPool *tmparena = NULL;
-    certDBEntryRevocation *entry;
-    SECItem dbkey;
-    SECItem dbentry;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    entry = (certDBEntryRevocation *)
-			PORT_ArenaAlloc(arena, sizeof(certDBEntryRevocation));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = crlType;
-
-    rv = EncodeDBGenericKey(certKey, tmparena, &dbkey, crlType);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    rv = DecodeDBCrlEntry(entry, &dbentry);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(entry);
-    
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * destroy a database entry
- */
-static void
-DestroyDBEntry(certDBEntry *entry)
-{
-    PRArenaPool *arena = entry->common.arena;
-
-    /* Zero out the entry struct, so that any further attempts to use it
-     * will cause an exception (e.g. null pointer reference). */
-    PORT_Memset(&entry->common, 0, sizeof entry->common);
-    PORT_FreeArena(arena, PR_FALSE);
-
-    return;
-}
-
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry)
-{
-    DestroyDBEntry(entry);
-    return;
-}
-
-/*
- * Encode a database nickname record
- */
-static SECStatus
-EncodeDBNicknameEntry(certDBEntryNickname *entry, PRArenaPool *arena,
-		      SECItem *dbitem)
-{
-    unsigned char *buf;
-    
-    /* allocate space for encoded database record, including space
-     * for low level header
-     */
-    dbitem->len = entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN +
-	SEC_DB_ENTRY_HEADER_LEN;
-    
-    dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
-    if ( dbitem->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    /* fill in database record */
-    buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-    
-    buf[0] = ( entry->subjectName.len >> 8 ) & 0xff;
-    buf[1] = entry->subjectName.len & 0xff;
-    
-    PORT_Memcpy(&buf[DB_NICKNAME_ENTRY_HEADER_LEN], entry->subjectName.data,
-	      entry->subjectName.len);
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * Encode a database key for a nickname record
- */
-static SECStatus
-EncodeDBNicknameKey(char *nickname, PRArenaPool *arena,
-		    SECItem *dbkey)
-{
-    unsigned int nnlen;
-    
-    nnlen = PORT_Strlen(nickname) + 1; /* includes null */
-
-    /* now get the database key and format it */
-    dbkey->len = nnlen + SEC_DB_KEY_HEADER_LEN;
-    dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
-    if ( dbkey->data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], nickname, nnlen);
-    dbkey->data[0] = certDBEntryTypeNickname;
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-DecodeDBNicknameEntry(certDBEntryNickname *entry, SECItem *dbentry,
-                      char *nickname)
-{
-    /* is record long enough for header? */
-    if ( dbentry->len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* is database entry correct length? */
-    entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    if (( entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN ) !=
-	dbentry->len ){
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* copy the certkey */
-    entry->subjectName.data =
-	(unsigned char *)PORT_ArenaAlloc(entry->common.arena,
-					 entry->subjectName.len);
-    if ( entry->subjectName.data == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    PORT_Memcpy(entry->subjectName.data,
-	      &dbentry->data[DB_NICKNAME_ENTRY_HEADER_LEN],
-	      entry->subjectName.len);
-    
-    entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena, 
-                                              PORT_Strlen(nickname)+1);
-    if ( entry->nickname ) {
-	PORT_Strcpy(entry->nickname, nickname);
-    }
-    
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * create a new nickname entry
- */
-static certDBEntryNickname *
-NewDBNicknameEntry(char *nickname, SECItem *subjectName, unsigned int flags)
-{
-    PRArenaPool *arena = NULL;
-    certDBEntryNickname *entry;
-    int nnlen;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
-						 sizeof(certDBEntryNickname));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* init common fields */
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeNickname;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.flags = flags;
-
-    /* copy the nickname */
-    nnlen = PORT_Strlen(nickname) + 1;
-    
-    entry->nickname = (char*)PORT_ArenaAlloc(arena, nnlen);
-    if ( entry->nickname == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(entry->nickname, nickname, nnlen);
-    
-    rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    return(entry);
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * delete a nickname entry
- */
-static SECStatus
-DeleteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    SECItem dbkey;
-    
-    if ( nickname == NULL ) {
-	return(SECSuccess);
-    }
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-
-    rv = EncodeDBNicknameKey(nickname, arena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    rv = DeleteDBEntry(handle, certDBEntryTypeNickname, &dbkey);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(SECFailure);
-}
-
-/*
- * Read a nickname entry
- */
-static certDBEntryNickname *
-ReadDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
-    PRArenaPool *arena = NULL;
-    PRArenaPool *tmparena = NULL;
-    certDBEntryNickname *entry;
-    SECItem dbkey;
-    SECItem dbentry;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
-						 sizeof(certDBEntryNickname));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeNickname;
-
-    rv = EncodeDBNicknameKey(nickname, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    /* is record long enough for header? */
-    if ( dbentry.len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-
-    rv = DecodeDBNicknameEntry(entry, &dbentry, nickname);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(entry);
-    
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * Encode a nickname entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryNickname *entry)
-{
-    SECItem dbitem, dbkey;
-    PRArenaPool *tmparena = NULL;
-    SECStatus rv;
-    
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBNicknameEntry(entry, tmparena, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    rv = EncodeDBNicknameKey(entry->nickname, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* now write it to the database */
-    rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    return(SECFailure);
-    
-}
-
-SECStatus
-EncodeDBSMimeEntry(certDBEntrySMime *entry, PRArenaPool *arena,
-		   SECItem *dbitem)
-{
-    unsigned char *buf;
-    
-    /* allocate space for encoded database record, including space
-     * for low level header
-     */
-    dbitem->len = entry->subjectName.len + entry->smimeOptions.len +
-	entry->optionsDate.len +
-	DB_SMIME_ENTRY_HEADER_LEN + SEC_DB_ENTRY_HEADER_LEN;
-    
-    dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
-    if ( dbitem->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    /* fill in database record */
-    buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-    
-    buf[0] = ( entry->subjectName.len >> 8 ) & 0xff;
-    buf[1] = entry->subjectName.len & 0xff;
-    buf[2] = ( entry->smimeOptions.len >> 8 ) & 0xff;
-    buf[3] = entry->smimeOptions.len & 0xff;
-    buf[4] = ( entry->optionsDate.len >> 8 ) & 0xff;
-    buf[5] = entry->optionsDate.len & 0xff;
-
-    /* if no smime options, then there should not be an options date either */
-    PORT_Assert( ! ( ( entry->smimeOptions.len == 0 ) &&
-		    ( entry->optionsDate.len != 0 ) ) );
-    
-    PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN], entry->subjectName.data,
-	      entry->subjectName.len);
-    if ( entry->smimeOptions.len ) {
-	PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN+entry->subjectName.len],
-		    entry->smimeOptions.data,
-		    entry->smimeOptions.len);
-	PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN + entry->subjectName.len +
-			 entry->smimeOptions.len],
-		    entry->optionsDate.data,
-		    entry->optionsDate.len);
-    }
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * Encode a database key for a SMIME record
- */
-static SECStatus
-EncodeDBSMimeKey(char *emailAddr, PRArenaPool *arena,
-		 SECItem *dbkey)
-{
-    unsigned int addrlen;
-    
-    addrlen = PORT_Strlen(emailAddr) + 1; /* includes null */
-
-    /* now get the database key and format it */
-    dbkey->len = addrlen + SEC_DB_KEY_HEADER_LEN;
-    dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
-    if ( dbkey->data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], emailAddr, addrlen);
-    dbkey->data[0] = certDBEntryTypeSMimeProfile;
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * Decode a database SMIME record
- */
-static SECStatus
-DecodeDBSMimeEntry(certDBEntrySMime *entry, SECItem *dbentry, char *emailAddr)
-{
-    /* is record long enough for header? */
-    if ( dbentry->len < DB_SMIME_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* is database entry correct length? */
-    entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    entry->smimeOptions.len = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
-    entry->optionsDate.len = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
-    if (( entry->subjectName.len + entry->smimeOptions.len +
-	 entry->optionsDate.len + DB_SMIME_ENTRY_HEADER_LEN ) != dbentry->len){
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    /* copy the subject name */
-    entry->subjectName.data =
-	(unsigned char *)PORT_ArenaAlloc(entry->common.arena,
-					 entry->subjectName.len);
-    if ( entry->subjectName.data == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    PORT_Memcpy(entry->subjectName.data,
-	      &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN],
-	      entry->subjectName.len);
-
-    /* copy the smime options */
-    if ( entry->smimeOptions.len ) {
-	entry->smimeOptions.data =
-	    (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
-					     entry->smimeOptions.len);
-	if ( entry->smimeOptions.data == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->smimeOptions.data,
-		    &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
-				   entry->subjectName.len],
-		    entry->smimeOptions.len);
-    }
-    if ( entry->optionsDate.len ) {
-	entry->optionsDate.data =
-	    (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
-					     entry->optionsDate.len);
-	if ( entry->optionsDate.data == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->optionsDate.data,
-		    &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
-				   entry->subjectName.len +
-				   entry->smimeOptions.len],
-		    entry->optionsDate.len);
-    }
-
-    /* both options and options date must either exist or not exist */
-    if ( ( ( entry->optionsDate.len == 0 ) ||
-	  ( entry->smimeOptions.len == 0 ) ) &&
-	entry->smimeOptions.len != entry->optionsDate.len ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-
-    entry->emailAddr = (char *)PORT_ArenaAlloc(entry->common.arena,
-						PORT_Strlen(emailAddr)+1);
-    if ( entry->emailAddr ) {
-	PORT_Strcpy(entry->emailAddr, emailAddr);
-    }
-    
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * create a new SMIME entry
- */
-static certDBEntrySMime *
-NewDBSMimeEntry(char *emailAddr, SECItem *subjectName, SECItem *smimeOptions,
-		SECItem *optionsDate, unsigned int flags)
-{
-    PRArenaPool *arena = NULL;
-    certDBEntrySMime *entry;
-    int addrlen;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
-						sizeof(certDBEntrySMime));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* init common fields */
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeSMimeProfile;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.flags = flags;
-
-    /* copy the email addr */
-    addrlen = PORT_Strlen(emailAddr) + 1;
-    
-    entry->emailAddr = (char*)PORT_ArenaAlloc(arena, addrlen);
-    if ( entry->emailAddr == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Memcpy(entry->emailAddr, emailAddr, addrlen);
-    
-    /* copy the subject name */
-    rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* copy the smime options */
-    if ( smimeOptions ) {
-	rv = SECITEM_CopyItem(arena, &entry->smimeOptions, smimeOptions);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    } else {
-	PORT_Assert(optionsDate == NULL);
-	entry->smimeOptions.data = NULL;
-	entry->smimeOptions.len = 0;
-    }
-
-    /* copy the options date */
-    if ( optionsDate ) {
-	rv = SECITEM_CopyItem(arena, &entry->optionsDate, optionsDate);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    } else {
-	PORT_Assert(smimeOptions == NULL);
-	entry->optionsDate.data = NULL;
-	entry->optionsDate.len = 0;
-    }
-    
-    return(entry);
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * delete a SMIME entry
- */
-static SECStatus
-DeleteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
-{
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    SECItem dbkey;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-
-    rv = EncodeDBSMimeKey(emailAddr, arena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    rv = DeleteDBEntry(handle, certDBEntryTypeSMimeProfile, &dbkey);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(SECFailure);
-}
-
-/*
- * Read a SMIME entry
- */
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
-{
-    PRArenaPool *arena = NULL;
-    PRArenaPool *tmparena = NULL;
-    certDBEntrySMime *entry;
-    SECItem dbkey;
-    SECItem dbentry;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
-						sizeof(certDBEntrySMime));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeSMimeProfile;
-
-    rv = EncodeDBSMimeKey(emailAddr, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    /* is record long enough for header? */
-    if ( dbentry.len < DB_SMIME_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-
-    rv = DecodeDBSMimeEntry(entry, &dbentry, emailAddr);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(entry);
-    
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * Encode a SMIME entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySMime *entry)
-{
-    SECItem dbitem, dbkey;
-    PRArenaPool *tmparena = NULL;
-    SECStatus rv;
-    
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBSMimeEntry(entry, tmparena, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    rv = EncodeDBSMimeKey(entry->emailAddr, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* now write it to the database */
-    rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    return(SECFailure);
-    
-}
-
-/*
- * Encode a database subject record
- */
-static SECStatus
-EncodeDBSubjectEntry(certDBEntrySubject *entry, PRArenaPool *arena,
-		     SECItem *dbitem)
-{
-    unsigned char *buf;
-    int len;
-    unsigned int ncerts;
-    unsigned int i;
-    unsigned char *tmpbuf;
-    unsigned int nnlen = 0;
-    unsigned int eaddrlen = 0;
-    int keyidoff;
-    SECItem *certKeys;
-    SECItem *keyIDs;
-    
-    if ( entry->nickname ) {
-	nnlen = PORT_Strlen(entry->nickname) + 1;
-    }
-    if ( entry->emailAddr ) {
-	eaddrlen = PORT_Strlen(entry->emailAddr) + 1;
-    }
-    
-    ncerts = entry->ncerts;
-    
-    /* compute the length of the entry */
-    keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
-    len = keyidoff + 4 * ncerts;
-    for ( i = 0; i < ncerts; i++ ) {
-	len += entry->certKeys[i].len;
-	len += entry->keyIDs[i].len;
-    }
-    
-    /* allocate space for encoded database record, including space
-     * for low level header
-     */
-    dbitem->len = len + SEC_DB_ENTRY_HEADER_LEN;
-    
-    dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
-    if ( dbitem->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    /* fill in database record */
-    buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-    
-    buf[0] = ( ncerts >> 8 ) & 0xff;
-    buf[1] = ncerts & 0xff;
-    buf[2] = ( nnlen >> 8 ) & 0xff;
-    buf[3] = nnlen & 0xff;
-    buf[4] = ( eaddrlen >> 8 ) & 0xff;
-    buf[5] = eaddrlen & 0xff;
-
-    PORT_Memcpy(&buf[DB_SUBJECT_ENTRY_HEADER_LEN], entry->nickname, nnlen);
-    PORT_Memcpy(&buf[DB_SUBJECT_ENTRY_HEADER_LEN+nnlen], entry->emailAddr,
-		eaddrlen);
-    
-    for ( i = 0; i < ncerts; i++ ) {
-
-	certKeys = entry->certKeys;
-	keyIDs = entry->keyIDs;
-
-	buf[keyidoff+i*2] = ( certKeys[i].len >> 8 ) & 0xff;
-	buf[keyidoff+1+i*2] = certKeys[i].len & 0xff;
-	buf[keyidoff+ncerts*2+i*2] = ( keyIDs[i].len >> 8 ) & 0xff;
-	buf[keyidoff+1+ncerts*2+i*2] = keyIDs[i].len & 0xff;
-    }
-    
-    /* temp pointer used to stuff certkeys and keyids into the buffer */
-    tmpbuf = &buf[keyidoff+ncerts*4];
-
-    for ( i = 0; i < ncerts; i++ ) {
-	certKeys = entry->certKeys;
-	PORT_Memcpy(tmpbuf, certKeys[i].data, certKeys[i].len);
-	tmpbuf = tmpbuf + certKeys[i].len;
-    }
-    
-    for ( i = 0; i < ncerts; i++ ) {
-	keyIDs = entry->keyIDs;
-	PORT_Memcpy(tmpbuf, keyIDs[i].data, keyIDs[i].len);
-	tmpbuf = tmpbuf + keyIDs[i].len;
-    }
-
-    PORT_Assert(tmpbuf == &buf[len]);
-    
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * Encode a database key for a subject record
- */
-static SECStatus
-EncodeDBSubjectKey(SECItem *derSubject, PRArenaPool *arena,
-		   SECItem *dbkey)
-{
-    dbkey->len = derSubject->len + SEC_DB_KEY_HEADER_LEN;
-    dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
-    if ( dbkey->data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], derSubject->data,
-	      derSubject->len);
-    dbkey->data[0] = certDBEntryTypeSubject;
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-static SECStatus
-DecodeDBSubjectEntry(certDBEntrySubject *entry, SECItem *dbentry,
-		     SECItem *derSubject)
-{
-    unsigned int ncerts;
-    PRArenaPool *arena;
-    unsigned int len, itemlen;
-    unsigned char *tmpbuf;
-    unsigned int i;
-    SECStatus rv;
-    unsigned int keyidoff;
-    unsigned int nnlen, eaddrlen;
-    
-    arena = entry->common.arena;
-
-    rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* is record long enough for header? */
-    if ( dbentry->len < DB_SUBJECT_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    entry->ncerts = ncerts = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
-    nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
-    eaddrlen = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
-    if ( dbentry->len < ( ncerts * 4 + DB_SUBJECT_ENTRY_HEADER_LEN +
-			 nnlen + eaddrlen) ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena,
-						 sizeof(SECItem) * ncerts);
-    entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena,
-					       sizeof(SECItem) * ncerts);
-
-    if ( ( entry->certKeys == NULL ) || ( entry->keyIDs == NULL ) ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    if ( nnlen > 1 ) { /* null terminator is stored */
-	entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
-	if ( entry->nickname == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->nickname,
-		    &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN],
-		    nnlen);
-    } else {
-	entry->nickname = NULL;
-    }
-    
-    if ( eaddrlen > 1 ) { /* null terminator is stored */
-	entry->emailAddr = (char *)PORT_ArenaAlloc(arena, eaddrlen);
-	if ( entry->emailAddr == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->emailAddr,
-		    &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN+nnlen],
-		    eaddrlen);
-    } else {
-	entry->emailAddr = NULL;
-    }
-    
-    /* collect the lengths of the certKeys and keyIDs, and total the
-     * overall length.
-     */
-    keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
-    len = keyidoff + 4 * ncerts;
-
-    tmpbuf = &dbentry->data[0];
-    
-    for ( i = 0; i < ncerts; i++ ) {
-
-	itemlen = ( tmpbuf[keyidoff + 2*i] << 8 ) | tmpbuf[keyidoff + 1 + 2*i] ;
-	len += itemlen;
-	entry->certKeys[i].len = itemlen;
-
-	itemlen = ( tmpbuf[keyidoff + 2*ncerts + 2*i] << 8 ) |
-	    tmpbuf[keyidoff + 1 + 2*ncerts + 2*i] ;
-	len += itemlen;
-	entry->keyIDs[i].len = itemlen;
-    }
-    
-    /* is database entry correct length? */
-    if ( len != dbentry->len ){
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
-	goto loser;
-    }
-    
-    tmpbuf = &tmpbuf[keyidoff + 4*ncerts];
-    for ( i = 0; i < ncerts; i++ ) {
-	entry->certKeys[i].data =
-	    (unsigned char *)PORT_ArenaAlloc(arena, entry->certKeys[i].len);
-	if ( entry->certKeys[i].data == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->certKeys[i].data, tmpbuf, entry->certKeys[i].len);
-	tmpbuf = &tmpbuf[entry->certKeys[i].len];
-    }
-
-    for ( i = 0; i < ncerts; i++ ) {
-	entry->keyIDs[i].data =
-	    (unsigned char *)PORT_ArenaAlloc(arena, entry->keyIDs[i].len);
-	if ( entry->keyIDs[i].data == NULL ) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    goto loser;
-	}
-	PORT_Memcpy(entry->keyIDs[i].data, tmpbuf, entry->keyIDs[i].len);
-	tmpbuf = &tmpbuf[entry->keyIDs[i].len];
-    }
-    
-    PORT_Assert(tmpbuf == &dbentry->data[dbentry->len]);
-    
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * create a new subject entry with a single cert
- */
-static certDBEntrySubject *
-NewDBSubjectEntry(SECItem *derSubject, SECItem *certKey,
-		  SECItem *keyID, char *nickname, char *emailAddr,
-		  unsigned int flags)
-{
-    PRArenaPool *arena = NULL;
-    certDBEntrySubject *entry;
-    SECStatus rv;
-    unsigned int nnlen;
-    unsigned int eaddrlen;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
-						  sizeof(certDBEntrySubject));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    /* init common fields */
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeSubject;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.flags = flags;
-
-    /* copy the subject */
-    rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    entry->ncerts = 1;
-    /* copy nickname */
-    if ( nickname && ( *nickname != '\0' ) ) {
-	nnlen = PORT_Strlen(nickname) + 1;
-	entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
-	if ( entry->nickname == NULL ) {
-	    goto loser;
-	}
-						  
-	PORT_Memcpy(entry->nickname, nickname, nnlen);
-    } else {
-	entry->nickname = NULL;
-    }
-    
-    /* copy email addr */
-    if ( emailAddr && ( *emailAddr != '\0' ) ) {
-	emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
-	if ( emailAddr == NULL ) {
-	    entry->emailAddr = NULL;
-	    goto loser;
-	}
-	
-	eaddrlen = PORT_Strlen(emailAddr) + 1;
-	entry->emailAddr = (char *)PORT_ArenaAlloc(arena, eaddrlen);
-	if ( entry->emailAddr == NULL ) {
-	    PORT_Free(emailAddr);
-	    goto loser;
-	}
-	
-	PORT_Memcpy(entry->emailAddr, emailAddr, eaddrlen);
-	PORT_Free(emailAddr);
-    } else {
-	entry->emailAddr = NULL;
-    }
-    
-    /* allocate space for certKeys and keyIDs */
-    entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
-    entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
-    if ( ( entry->certKeys == NULL ) || ( entry->keyIDs == NULL ) ) {
-	goto loser;
-    }
-
-    /* copy the certKey and keyID */
-    rv = SECITEM_CopyItem(arena, &entry->certKeys[0], certKey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    rv = SECITEM_CopyItem(arena, &entry->keyIDs[0], keyID);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    return(entry);
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * delete a subject entry
- */
-static SECStatus
-DeleteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
-    SECItem dbkey;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBSubjectKey(derSubject, arena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = DeleteDBEntry(handle, certDBEntryTypeSubject, &dbkey);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(SECFailure);
-}
-
-/*
- * Read the subject entry
- */
-static certDBEntrySubject *
-ReadDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
-    PRArenaPool *arena = NULL;
-    PRArenaPool *tmparena = NULL;
-    certDBEntrySubject *entry;
-    SECItem dbkey;
-    SECItem dbentry;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
-						sizeof(certDBEntrySubject));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeSubject;
-
-    rv = EncodeDBSubjectKey(derSubject, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-
-    rv = DecodeDBSubjectEntry(entry, &dbentry, derSubject);
-    if ( rv == SECFailure ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(entry);
-    
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * Encode a subject name entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySubject *entry)
-{
-    SECItem dbitem, dbkey;
-    PRArenaPool *tmparena = NULL;
-    SECStatus rv;
-    
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBSubjectEntry(entry, tmparena, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBSubjectKey(&entry->derSubject, tmparena, &dbkey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* now write it to the database */
-    rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    return(SECFailure);
-    
-}
-
-static SECStatus
-UpdateSubjectWithEmailAddr(NSSLOWCERTCertDBHandle *dbhandle, 
-					SECItem *derSubject, char *emailAddr)
-{
-    PRBool save = PR_FALSE, delold = PR_FALSE;
-    certDBEntrySubject *entry = NULL;
-    SECStatus rv;
-   
-    if (emailAddr) { 
-	emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
-	if (emailAddr == NULL) {
-	    return SECFailure;
-	}
-    }
-
-    entry = ReadDBSubjectEntry(dbhandle,derSubject);    
-    if (entry == NULL) {
-	goto loser;
-    }
-    
-    if ( entry->emailAddr ) {
-	if ( (emailAddr == NULL) || 
-		(PORT_Strcmp(entry->emailAddr, emailAddr) != 0) ) {
-	    save = PR_TRUE;
-	    delold = PR_TRUE;
-	}
-    } else if (emailAddr) {
-	save = PR_TRUE;
-    }
-
-    if ( delold ) {
-	/* delete the old smime entry, because this cert now has a new
-	 * smime entry pointing to it
-	 */
-	PORT_Assert(save);
-	PORT_Assert(entry->emailAddr != NULL);
-	DeleteDBSMimeEntry(dbhandle, entry->emailAddr);
-    }
-
-    if ( save ) {
-	unsigned int len;
-	
-	PORT_Assert(entry != NULL);
-	if (emailAddr) {
-	    len = PORT_Strlen(emailAddr) + 1;
-	    entry->emailAddr = (char *)PORT_ArenaAlloc(entry->common.arena, len);
-	    if ( entry->emailAddr == NULL ) {
-		goto loser;
-	    }
-	    PORT_Memcpy(entry->emailAddr, emailAddr, len);
-	} else {
-	    entry->emailAddr = NULL;
-	}
-	
-	/* delete the subject entry */
-	DeleteDBSubjectEntry(dbhandle, derSubject);
-
-	/* write the new one */
-	rv = WriteDBSubjectEntry(dbhandle, entry);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-
-    DestroyDBEntry((certDBEntry *)entry);
-    if (emailAddr) PORT_Free(emailAddr);
-    return(SECSuccess);
-
-loser:
-    if (entry) DestroyDBEntry((certDBEntry *)entry);
-    if (emailAddr) PORT_Free(emailAddr);
-    return(SECFailure);
-}
-
-/*
- * writes a nickname to an existing subject entry that does not currently
- * have one
- */
-static SECStatus
-AddNicknameToSubject(NSSLOWCERTCertDBHandle *dbhandle,
-			NSSLOWCERTCertificate *cert, char *nickname)
-{
-    certDBEntrySubject *entry;
-    SECStatus rv;
-    
-    if ( nickname == NULL ) {
-	return(SECFailure);
-    }
-    
-    entry = ReadDBSubjectEntry(dbhandle,&cert->derSubject);
-    PORT_Assert(entry != NULL);
-    if ( entry == NULL ) {
-	goto loser;
-    }
-    
-    PORT_Assert(entry->nickname == NULL);
-    if ( entry->nickname != NULL ) {
-	goto loser;
-    }
-    
-    entry->nickname = (nickname) ? 
-			PORT_ArenaStrdup(entry->common.arena, nickname) : NULL;
-    
-    if ( entry->nickname == NULL ) {
-	goto loser;
-    }
-	
-    /* delete the subject entry */
-    DeleteDBSubjectEntry(dbhandle, &cert->derSubject);
-
-    /* write the new one */
-    rv = WriteDBSubjectEntry(dbhandle, entry);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    return(SECSuccess);
-
-loser:
-    return(SECFailure);
-}
-
-/*
- * create a new version entry
- */
-static certDBEntryVersion *
-NewDBVersionEntry(unsigned int flags)
-{
-    PRArenaPool *arena = NULL;
-    certDBEntryVersion *entry;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
-					       sizeof(certDBEntryVersion));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeVersion;
-    entry->common.version = CERT_DB_FILE_VERSION;
-    entry->common.flags = flags;
-
-    return(entry);
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-/*
- * Read the version entry
- */
-static certDBEntryVersion *
-ReadDBVersionEntry(NSSLOWCERTCertDBHandle *handle)
-{
-    PRArenaPool *arena = NULL;
-    PRArenaPool *tmparena = NULL;
-    certDBEntryVersion *entry;
-    SECItem dbkey;
-    SECItem dbentry;
-    SECStatus rv;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
-						sizeof(certDBEntryVersion));
-    if ( entry == NULL ) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    entry->common.arena = arena;
-    entry->common.type = certDBEntryTypeVersion;
-
-    /* now get the database key and format it */
-    dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
-    dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
-    if ( dbkey.data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
-	      SEC_DB_VERSION_KEY_LEN);
-
-    rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(entry);
-    
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(NULL);
-}
-
-
-/*
- * Encode a version entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBVersionEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryVersion *entry)
-{
-    SECItem dbitem, dbkey;
-    PRArenaPool *tmparena = NULL;
-    SECStatus rv;
-    
-    tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( tmparena == NULL ) {
-	goto loser;
-    }
-    
-    /* allocate space for encoded database record, including space
-     * for low level header
-     */
-    dbitem.len = SEC_DB_ENTRY_HEADER_LEN;
-    
-    dbitem.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbitem.len);
-    if ( dbitem.data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	goto loser;
-    }
-    
-    /* now get the database key and format it */
-    dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
-    dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
-    if ( dbkey.data == NULL ) {
-	goto loser;
-    }
-    PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
-	      SEC_DB_VERSION_KEY_LEN);
-
-    /* now write it to the database */
-    rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    PORT_FreeArena(tmparena, PR_FALSE);
-    return(SECSuccess);
-
-loser:
-    if ( tmparena ) {
-	PORT_FreeArena(tmparena, PR_FALSE);
-    }
-    return(SECFailure);
-}
-
-/*
- * cert is no longer a perm cert, but will remain a temp cert
- */
-static SECStatus
-RemovePermSubjectNode(NSSLOWCERTCertificate *cert)
-{
-    certDBEntrySubject *entry;
-    unsigned int i;
-    SECStatus rv;
-    
-    entry = ReadDBSubjectEntry(cert->dbhandle,&cert->derSubject);
-    if ( entry == NULL ) {
-	return(SECFailure);
-    }
-
-    PORT_Assert(entry->ncerts);
-    rv = SECFailure;
-    
-    if ( entry->ncerts > 1 ) {
-	for ( i = 0; i < entry->ncerts; i++ ) {
-	    if ( SECITEM_CompareItem(&entry->certKeys[i], &cert->certKey) ==
-		SECEqual ) {
-		/* copy rest of list forward one entry */
-		for ( i = i + 1; i < entry->ncerts; i++ ) {
-		    entry->certKeys[i-1] = entry->certKeys[i];
-		    entry->keyIDs[i-1] = entry->keyIDs[i];
-		}
-		entry->ncerts--;
-		DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
-		rv = WriteDBSubjectEntry(cert->dbhandle, entry);
-		break;
-	    }
-	}
-    } else {
-	/* no entries left, delete the perm entry in the DB */
-	if ( entry->emailAddr ) {
-	    /* if the subject had an email record, then delete it too */
-	    DeleteDBSMimeEntry(cert->dbhandle, entry->emailAddr);
-	}
-	
-	DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
-    }
-    DestroyDBEntry((certDBEntry *)entry);
-
-    return(rv);
-}
-
-/*
- * add a cert to the perm subject list
- */
-static SECStatus
-AddPermSubjectNode(certDBEntrySubject *entry, NSSLOWCERTCertificate *cert, 
-								char *nickname)
-{
-    SECItem *newCertKeys, *newKeyIDs;
-    unsigned int i;
-    SECStatus rv;
-    NSSLOWCERTCertificate *cmpcert;
-    unsigned int nnlen;
-    unsigned int ncerts;
-    
-
-    PORT_Assert(entry);    
-    ncerts = entry->ncerts;
-	
-    if ( nickname && entry->nickname ) {
-	/* nicknames must be the same */
-	PORT_Assert(PORT_Strcmp(nickname, entry->nickname) == 0);
-    }
-
-    if ( ( entry->nickname == NULL ) && ( nickname != NULL ) ) {
-	/* copy nickname into the entry */
-	nnlen = PORT_Strlen(nickname) + 1;
-	entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena,nnlen);
-	if ( entry->nickname == NULL ) {
-	    return(SECFailure);
-	}
-	PORT_Memcpy(entry->nickname, nickname, nnlen);
-    }
-	
-    /* a DB entry already exists, so add this cert */
-    newCertKeys = (SECItem *)PORT_ArenaAlloc(entry->common.arena,
-					 sizeof(SECItem) * ( ncerts + 1 ) );
-    newKeyIDs = (SECItem *)PORT_ArenaAlloc(entry->common.arena,
-					 sizeof(SECItem) * ( ncerts + 1 ) );
-
-    if ( ( newCertKeys == NULL ) || ( newKeyIDs == NULL ) ) {
-	    return(SECFailure);
-    }
-
-    for ( i = 0; i < ncerts; i++ ) {
-	cmpcert = nsslowcert_FindCertByKey(cert->dbhandle,
-						  &entry->certKeys[i]);
-	PORT_Assert(cmpcert);
-	if ( nsslowcert_IsNewer(cert, cmpcert) ) {
-	    /* insert before cmpcert */
-	    rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[i],
-				      &cert->certKey);
-	    if ( rv != SECSuccess ) {
-		return(SECFailure);
-	    }
-	    rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[i],
-				      &cert->subjectKeyID);
-	    if ( rv != SECSuccess ) {
-		return(SECFailure);
-	    }
-	    /* copy the rest of the entry */
-	    for ( ; i < ncerts; i++ ) {
-		newCertKeys[i+1] = entry->certKeys[i];
-		newKeyIDs[i+1] = entry->keyIDs[i];
-	    }
-
-	    /* update certKeys and keyIDs */
-	    entry->certKeys = newCertKeys;
-	    entry->keyIDs = newKeyIDs;
-		
-	    /* increment count */
-	    entry->ncerts++;
-	    break;
-	}
-	/* copy this cert entry */
-	newCertKeys[i] = entry->certKeys[i];
-	newKeyIDs[i] = entry->keyIDs[i];
-    }
-
-    if ( entry->ncerts == ncerts ) {
-	/* insert new one at end */
-	rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[ncerts],
-				  &cert->certKey);
-	if ( rv != SECSuccess ) {
-	    return(SECFailure);
-	}
-	rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[ncerts],
-				  &cert->subjectKeyID);
-	if ( rv != SECSuccess ) {
-	    return(SECFailure);
-	}
-
-	/* update certKeys and keyIDs */
-	entry->certKeys = newCertKeys;
-	entry->keyIDs = newKeyIDs;
-		
-	/* increment count */
-	entry->ncerts++;
-    }
-    DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
-    rv = WriteDBSubjectEntry(cert->dbhandle, entry);
-    return(rv);
-}
-
-
-SECStatus
-nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
-				 SECItem *derSubject,
-				 NSSLOWCERTCertCallback cb, void *cbarg)
-{
-    certDBEntrySubject *entry;
-    unsigned int i;
-    NSSLOWCERTCertificate *cert;
-    SECStatus rv = SECSuccess;
-    
-    entry = ReadDBSubjectEntry(handle, derSubject);
-
-    if ( entry == NULL ) {
-	return(SECFailure);
-    }
-    
-    for( i = 0; i < entry->ncerts; i++ ) {
-	cert = nsslowcert_FindCertByKey(handle, &entry->certKeys[i]);
-	rv = (* cb)(cert, cbarg);
-	nsslowcert_DestroyCertificate(cert);
-	if ( rv == SECFailure ) {
-	    break;
-	}
-    }
-
-    DestroyDBEntry((certDBEntry *)entry);
-
-    return(rv);
-}
-
-int
-nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
-							 SECItem *derSubject)
-{
-    certDBEntrySubject *entry;
-    int ret;
-    
-    entry = ReadDBSubjectEntry(handle, derSubject);
-
-    if ( entry == NULL ) {
-	return(SECFailure);
-    }
-
-    ret = entry->ncerts;
-    
-    DestroyDBEntry((certDBEntry *)entry);
-    
-    return(ret);
-}
-
-SECStatus
-nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle,
-		 	char *nickname, NSSLOWCERTCertCallback cb, void *cbarg)
-{
-    certDBEntryNickname *nnentry = NULL;
-    certDBEntrySMime *smentry = NULL;
-    SECStatus rv;
-    SECItem *derSubject = NULL;
-    
-    nnentry = ReadDBNicknameEntry(handle, nickname);
-    if ( nnentry ) {
-	derSubject = &nnentry->subjectName;
-    } else {
-	smentry = nsslowcert_ReadDBSMimeEntry(handle, nickname);
-	if ( smentry ) {
-	    derSubject = &smentry->subjectName;
-	}
-    }
-    
-    if ( derSubject ) {
-	rv = nsslowcert_TraversePermCertsForSubject(handle, derSubject,
-					      cb, cbarg);
-    } else {
-	rv = SECFailure;
-    }
-
-    if ( nnentry ) {
-	DestroyDBEntry((certDBEntry *)nnentry);
-    }
-    if ( smentry ) {
-	DestroyDBEntry((certDBEntry *)smentry);
-    }
-    
-    return(rv);
-}
-
-int
-nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle, 
-								char *nickname)
-{
-    certDBEntryNickname *entry;
-    int ret;
-    
-    entry = ReadDBNicknameEntry(handle, nickname);
-    
-    if ( entry ) {
-	ret = nsslowcert_NumPermCertsForSubject(handle, &entry->subjectName);
-	DestroyDBEntry((certDBEntry *)entry);
-    } else {
-	ret = 0;
-    }
-    return(ret);
-}
-
-/*
- * add a nickname to a cert that doesn't have one
- */
-static SECStatus
-AddNicknameToPermCert(NSSLOWCERTCertDBHandle *dbhandle,
-				NSSLOWCERTCertificate *cert, char *nickname)
-{
-    certDBEntryCert *entry;
-    int rv;
-
-    entry = cert->dbEntry;
-    PORT_Assert(entry != NULL);
-    if ( entry == NULL ) {
-	goto loser;
-    }
-
-    entry->nickname = PORT_ArenaStrdup(entry->common.arena, nickname);
-
-    rv = WriteDBCertEntry(dbhandle, entry);
-    if ( rv ) {
-	goto loser;
-    }
-
-    cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
-    return(SECSuccess);
-    
-loser:
-    return(SECFailure);
-}
-
-/*
- * add a nickname to a cert that is already in the perm database, but doesn't
- * have one yet (it is probably an e-mail cert).
- */
-SECStatus
-nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
-				NSSLOWCERTCertificate *cert, char *nickname)
-{
-    SECStatus rv = SECFailure;
-    certDBEntrySubject *entry = NULL;
-    
-    nsslowcert_LockDB(dbhandle);
-    
-    PORT_Assert(cert->nickname == NULL);
-    
-    if ( cert->nickname != NULL ) {
-	rv = SECSuccess;
-	goto loser;
-    }
-
-    entry = ReadDBSubjectEntry(dbhandle, &cert->derSubject);
-    if (entry == NULL) goto loser;
-
-    if ( entry->nickname == NULL ) {
-        certDBEntryNickname *nicknameEntry = NULL;
-
-	/* no nickname for subject */
-	rv = AddNicknameToSubject(dbhandle, cert, nickname);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-	rv = AddNicknameToPermCert(dbhandle, cert, nickname);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-	nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
-	if ( nicknameEntry == NULL ) {
-	    goto loser;
-	}
-    
-	rv = WriteDBNicknameEntry(dbhandle, nicknameEntry);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    } else {
-	/* subject already has a nickname */
-	rv = AddNicknameToPermCert(dbhandle, cert, entry->nickname);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-    rv = SECSuccess;
-
-loser:
-    if (entry) {
-	DestroyDBEntry((certDBEntry *)entry);
-    }
-    nsslowcert_UnlockDB(dbhandle);
-    return(rv);
-}
-
-static certDBEntryCert *
-AddCertToPermDB(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert,
-		char *nickname, NSSLOWCERTCertTrust *trust)
-{
-    certDBEntryCert *certEntry = NULL;
-    certDBEntryNickname *nicknameEntry = NULL;
-    certDBEntrySubject *subjectEntry = NULL;
-    int state = 0;
-    SECStatus rv;
-    PRBool donnentry = PR_FALSE;
-
-    if ( nickname ) {
-	donnentry = PR_TRUE;
-    }
-
-    subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
-	
-    if ( subjectEntry ) {
-	donnentry = PR_FALSE;
-	nickname = subjectEntry->nickname;
-    }
-    
-    certEntry = NewDBCertEntry(&cert->derCert, nickname, trust, 0);
-    if ( certEntry == NULL ) {
-	goto loser;
-    }
-    
-    if ( donnentry ) {
-	nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
-	if ( nicknameEntry == NULL ) {
-	    goto loser;
-	}
-    }
-    
-    rv = WriteDBCertEntry(handle, certEntry);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    state = 1;
-    
-    if ( nicknameEntry ) {
-	rv = WriteDBNicknameEntry(handle, nicknameEntry);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-    
-    state = 2;
-
-    cert->dbhandle = handle;
-    
-    /* add to or create new subject entry */
-    if ( subjectEntry ) {
-	/* REWRITE BASED ON SUBJECT ENTRY */
-	cert->dbhandle = handle;
-	rv = AddPermSubjectNode(subjectEntry, cert, nickname);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    } else {
-	/* make a new subject entry - this case is only used when updating
-	 * an old version of the database.  This is OK because the oldnickname
-	 * db format didn't allow multiple certs with the same subject.
-	 */
-	/* where does subjectKeyID and certKey come from? */
-	subjectEntry = NewDBSubjectEntry(&cert->derSubject, &cert->certKey,
-					 &cert->subjectKeyID, nickname,
-					 NULL, 0);
-	if ( subjectEntry == NULL ) {
-	    goto loser;
-	}
-	rv = WriteDBSubjectEntry(handle, subjectEntry);
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-    }
-    
-    state = 3;
-    
-    if ( nicknameEntry ) {
-	DestroyDBEntry((certDBEntry *)nicknameEntry);
-    }
-    
-    if ( subjectEntry ) {
-	DestroyDBEntry((certDBEntry *)subjectEntry);
-    }
-
-    return(certEntry);
-
-loser:
-    /* don't leave partial entry in the database */
-    if ( state > 0 ) {
-	rv = DeleteDBCertEntry(handle, &cert->certKey);
-    }
-    if ( ( state > 1 ) && donnentry ) {
-	rv = DeleteDBNicknameEntry(handle, nickname);
-    }
-    if ( state > 2 ) {
-	rv = DeleteDBSubjectEntry(handle, &cert->derSubject);
-    }
-    if ( certEntry ) {
-	DestroyDBEntry((certDBEntry *)certEntry);
-    }
-    if ( nicknameEntry ) {
-	DestroyDBEntry((certDBEntry *)nicknameEntry);
-    }
-    if ( subjectEntry ) {
-	DestroyDBEntry((certDBEntry *)subjectEntry);
-    }
-
-    return(NULL);
-}
-
-/*
- * NOTE - Version 6 DB did not go out to the real world in a release,
- * so we can remove this function in a later release.
- */
-static SECStatus
-UpdateV6DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
-    int ret;
-    DBT key, data;
-    unsigned char *buf, *tmpbuf = NULL;
-    certDBEntryType type;
-    certDBEntryNickname *nnEntry = NULL;
-    certDBEntrySubject *subjectEntry = NULL;
-    certDBEntrySMime *emailEntry = NULL;
-    char *nickname;
-    char *emailAddr;
-    SECStatus rv;
-    
-    /*
-     * Sequence through the old database and copy all of the entries
-     * to the new database.  Subject name entries will have the new
-     * fields inserted into them (with zero length).
-     */
-    ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
-    if ( ret ) {
-	return(SECFailure);
-    }
-
-    do {
-	buf = (unsigned char *)data.data;
-	
-	if ( data.size >= 3 ) {
-	    if ( buf[0] == 6 ) { /* version number */
-		type = (certDBEntryType)buf[1];
-		if ( type == certDBEntryTypeSubject ) {
-		    /* expando subjecto entrieo */
-		    tmpbuf = (unsigned char *)PORT_Alloc(data.size + 4);
-		    if ( tmpbuf ) {
-			/* copy header stuff */
-			PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN + 2);
-			/* insert 4 more bytes of zero'd header */
-			PORT_Memset(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 2],
-				    0, 4);
-			/* copy rest of the data */
-			PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
-				    &buf[SEC_DB_ENTRY_HEADER_LEN + 2],
-				    data.size - (SEC_DB_ENTRY_HEADER_LEN + 2));
-
-			data.data = (void *)tmpbuf;
-			data.size += 4;
-			buf = tmpbuf;
-		    }
-		} else if ( type == certDBEntryTypeCert ) {
-		    /* expando certo entrieo */
-		    tmpbuf = (unsigned char *)PORT_Alloc(data.size + 3);
-		    if ( tmpbuf ) {
-			/* copy header stuff */
-			PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN);
-
-			/* copy trust flage, setting msb's to 0 */
-			tmpbuf[SEC_DB_ENTRY_HEADER_LEN] = 0;
-			tmpbuf[SEC_DB_ENTRY_HEADER_LEN+1] =
-			    buf[SEC_DB_ENTRY_HEADER_LEN];
-			tmpbuf[SEC_DB_ENTRY_HEADER_LEN+2] = 0;
-			tmpbuf[SEC_DB_ENTRY_HEADER_LEN+3] =
-			    buf[SEC_DB_ENTRY_HEADER_LEN+1];
-			tmpbuf[SEC_DB_ENTRY_HEADER_LEN+4] = 0;
-			tmpbuf[SEC_DB_ENTRY_HEADER_LEN+5] =
-			    buf[SEC_DB_ENTRY_HEADER_LEN+2];
-			
-			/* copy rest of the data */
-			PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
-				    &buf[SEC_DB_ENTRY_HEADER_LEN + 3],
-				    data.size - (SEC_DB_ENTRY_HEADER_LEN + 3));
-
-			data.data = (void *)tmpbuf;
-			data.size += 3;
-			buf = tmpbuf;
-		    }
-
-		}
-
-		/* update the record version number */
-		buf[0] = CERT_DB_FILE_VERSION;
-
-		/* copy to the new database */
-		ret = certdb_Put(handle->permCertDB, &key, &data, 0);
-		if ( tmpbuf ) {
-		    PORT_Free(tmpbuf);
-		    tmpbuf = NULL;
-		}
-	    }
-	}
-    } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
-    ret = certdb_Sync(handle->permCertDB, 0);
-
-    ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
-    if ( ret ) {
-	return(SECFailure);
-    }
-
-    do {
-	buf = (unsigned char *)data.data;
-	
-	if ( data.size >= 3 ) {
-	    if ( buf[0] == CERT_DB_FILE_VERSION ) { /* version number */
-		type = (certDBEntryType)buf[1];
-		if ( type == certDBEntryTypeNickname ) {
-		    nickname = &((char *)key.data)[1];
-
-		    /* get the matching nickname entry in the new DB */
-		    nnEntry = ReadDBNicknameEntry(handle, nickname);
-		    if ( nnEntry == NULL ) {
-			goto endloop;
-		    }
-		    
-		    /* find the subject entry pointed to by nickname */
-		    subjectEntry = ReadDBSubjectEntry(handle,
-						      &nnEntry->subjectName);
-		    if ( subjectEntry == NULL ) {
-			goto endloop;
-		    }
-		    
-		    subjectEntry->nickname =
-			(char *)PORT_ArenaAlloc(subjectEntry->common.arena,
-						key.size - 1);
-		    if ( subjectEntry->nickname ) {
-			PORT_Memcpy(subjectEntry->nickname, nickname,
-				    key.size - 1);
-			rv = WriteDBSubjectEntry(handle, subjectEntry);
-		    }
-		} else if ( type == certDBEntryTypeSMimeProfile ) {
-		    emailAddr = &((char *)key.data)[1];
-
-		    /* get the matching smime entry in the new DB */
-		    emailEntry = nsslowcert_ReadDBSMimeEntry(handle, emailAddr);
-		    if ( emailEntry == NULL ) {
-			goto endloop;
-		    }
-		    
-		    /* find the subject entry pointed to by nickname */
-		    subjectEntry = ReadDBSubjectEntry(handle,
-						      &emailEntry->subjectName);
-		    if ( subjectEntry == NULL ) {
-			goto endloop;
-		    }
-		    
-		    subjectEntry->nickname =
-			(char *)PORT_ArenaAlloc(subjectEntry->common.arena,
-						key.size - 1);
-		    if ( subjectEntry->emailAddr ) {
-			PORT_Memcpy(subjectEntry->emailAddr, emailAddr,
-				    key.size - 1);
-			rv = WriteDBSubjectEntry(handle, subjectEntry);
-		    }
-		}
-		
-endloop:
-		if ( subjectEntry ) {
-		    DestroyDBEntry((certDBEntry *)subjectEntry);
-		    subjectEntry = NULL;
-		}
-		if ( nnEntry ) {
-		    DestroyDBEntry((certDBEntry *)nnEntry);
-		    nnEntry = NULL;
-		}
-		if ( emailEntry ) {
-		    DestroyDBEntry((certDBEntry *)emailEntry);
-		    emailEntry = NULL;
-		}
-	    }
-	}
-    } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
-    ret = certdb_Sync(handle->permCertDB, 0);
-
-    (* updatedb->close)(updatedb);
-    return(SECSuccess);
-}
-
-
-static SECStatus
-updateV5Callback(NSSLOWCERTCertificate *cert, SECItem *k, void *pdata)
-{
-    NSSLOWCERTCertDBHandle *handle;
-    certDBEntryCert *entry;
-    NSSLOWCERTCertTrust *trust;
-    
-    handle = (NSSLOWCERTCertDBHandle *)pdata;
-    trust = &cert->dbEntry->trust;
-
-    /* SSL user certs can be used for email if they have an email addr */
-    if ( cert->emailAddr && ( trust->sslFlags & CERTDB_USER ) &&
-	( trust->emailFlags == 0 ) ) {
-	trust->emailFlags = CERTDB_USER;
-    }
-    /* servers didn't set the user flags on the server cert.. */
-    if (PORT_Strcmp(cert->dbEntry->nickname,"Server-Cert") == 0) {
-	trust->sslFlags |= CERTDB_USER;
-    }
-    
-    entry = AddCertToPermDB(handle, cert, cert->dbEntry->nickname,
-			    &cert->dbEntry->trust);
-    if ( entry ) {
-	DestroyDBEntry((certDBEntry *)entry);
-    }
-    
-    return(SECSuccess);
-}
-
-static SECStatus
-UpdateV5DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
-    NSSLOWCERTCertDBHandle updatehandle;
-    SECStatus rv;
-    
-    updatehandle.permCertDB = updatedb;
-    updatehandle.dbMon = PZ_NewMonitor(nssILockCertDB);
-    
-    rv = nsslowcert_TraversePermCerts(&updatehandle, updateV5Callback,
-			       (void *)handle);
-    
-    PZ_DestroyMonitor(updatehandle.dbMon);
-
-    (* updatedb->close)(updatedb);
-    return(SECSuccess);
-}
-
-static PRBool
-isV4DB(DB *db) {
-    DBT key,data;
-    int ret;
-
-    key.data = "Version";
-    key.size = 7;
-
-    ret = (*db->get)(db, &key, &data, 0);
-    if (ret) {
-	return PR_FALSE;
-    }
-
-    if ((data.size == 1) && (*(unsigned char *)data.data <= 4))  {
-	return PR_TRUE;
-    }
-
-    return PR_FALSE;
-}
-
-static SECStatus
-UpdateV4DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
-    DBT key, data;
-    certDBEntryCert *entry, *entry2;
-    SECItem derSubject;
-    int ret;
-    PRArenaPool *arena = NULL;
-    NSSLOWCERTCertificate *cert;
-
-    ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
-
-    if ( ret ) {
-	return(SECFailure);
-    }
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	return(SECFailure);
-    }
-    
-    do {
-	if ( data.size != 1 ) { /* skip version number */
-
-	    /* decode the old DB entry */
-	    entry = (certDBEntryCert *)DecodeV4DBCertEntry((unsigned char*)data.data, data.size);
-	    derSubject.data = NULL;
-	    
-	    if ( entry ) {
-		cert = nsslowcert_DecodeDERCertificate(&entry->derCert, PR_TRUE,
-						 entry->nickname);
-
-		if ( cert != NULL ) {
-		    /* add to new database */
-		    entry2 = AddCertToPermDB(handle, cert, entry->nickname,
-					     &entry->trust);
-		    
-		    nsslowcert_DestroyCertificate(cert);
-		    if ( entry2 ) {
-			DestroyDBEntry((certDBEntry *)entry2);
-		    }
-		}
-		DestroyDBEntry((certDBEntry *)entry);
-	    }
-	}
-    } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
-    PORT_FreeArena(arena, PR_FALSE);
-    (* updatedb->close)(updatedb);
-    return(SECSuccess);
-}
-
-
-/*
- * return true if a database key conflict exists
- */
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle)
-{
-    SECStatus rv;
-    DBT tmpdata;
-    DBT namekey;
-    int ret;
-    SECItem keyitem;
-    PRArenaPool *arena = NULL;
-    SECItem derKey;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-
-    /* get the db key of the cert */
-    rv = nsslowcert_KeyFromDERCert(arena, derCert, &derKey);
-    if ( rv != SECSuccess ) {
-        goto loser;
-    }
-
-    rv = EncodeDBCertKey(&derKey, arena, &keyitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    namekey.data = keyitem.data;
-    namekey.size = keyitem.len;
-    
-    ret = certdb_Get(handle->permCertDB, &namekey, &tmpdata, 0);
-    if ( ret == 0 ) {
-	goto loser;
-    }
-
-    PORT_FreeArena(arena, PR_FALSE);
-    
-    return(PR_FALSE);
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(PR_TRUE);
-}
-
-/*
- * return true if a nickname conflict exists
- * NOTE: caller must have already made sure that this exact cert
- * doesn't exist in the DB
- */
-static PRBool
-nsslowcert_CertNicknameConflict(char *nickname, SECItem *derSubject,
-			 NSSLOWCERTCertDBHandle *handle)
-{
-    PRBool rv;
-    certDBEntryNickname *entry;
-    
-    if ( nickname == NULL ) {
-	return(PR_FALSE);
-    }
-    
-    entry = ReadDBNicknameEntry(handle, nickname);
-
-    if ( entry == NULL ) {
-	/* no entry for this nickname, so no conflict */
-	return(PR_FALSE);
-    }
-
-    rv = PR_TRUE;
-    if ( SECITEM_CompareItem(derSubject, &entry->subjectName) == SECEqual ) {
-	/* if subject names are the same, then no conflict */
-	rv = PR_FALSE;
-    }
-
-    DestroyDBEntry((certDBEntry *)entry);
-    return(rv);
-}
-
-#ifdef DBM_USING_NSPR
-#define NO_RDONLY	PR_RDONLY
-#define NO_RDWR		PR_RDWR
-#define NO_CREATE	(PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE)
-#else
-#define NO_RDONLY	O_RDONLY
-#define NO_RDWR		O_RDWR
-#define NO_CREATE	(O_RDWR | O_CREAT | O_TRUNC)
-#endif
-
-/*
- * Open the certificate database and index databases.  Create them if
- * they are not there or bad.
- */
-static SECStatus
-nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
-		   		const char *appName, const char *prefix,
-				NSSLOWCERTDBNameFunc namecb, void *cbarg)
-{
-    SECStatus rv;
-    int openflags;
-    certDBEntryVersion *versionEntry = NULL;
-    DB *updatedb = NULL;
-    char *tmpname;
-    char *certdbname;
-    PRBool updated = PR_FALSE;
-    PRBool forceUpdate = PR_FALSE;
-    
-    certdbname = (* namecb)(cbarg, CERT_DB_FILE_VERSION);
-    if ( certdbname == NULL ) {
-	return(SECFailure);
-    }
-
-    openflags = readOnly ? NO_RDONLY : NO_RDWR;
-
-    /*
-     * first open the permanent file based database.
-     */
-    if (appName) {
-	handle->permCertDB = rdbopen( appName, prefix, "cert", openflags);
-    } else {
-	handle->permCertDB = dbopen( certdbname, openflags, 0600, DB_HASH, 0 );
-    }
-
-    /* check for correct version number */
-    if ( handle->permCertDB ) {
-	versionEntry = ReadDBVersionEntry(handle);
-
-	if ( versionEntry == NULL ) {
-	    /* no version number */
-	    certdb_Close(handle->permCertDB);
-	    handle->permCertDB = 0;
-	} else if ( versionEntry->common.version != CERT_DB_FILE_VERSION ) {
-	    /* wrong version number, can't update in place */
-	    DestroyDBEntry((certDBEntry *)versionEntry);
-	    PORT_Free(certdbname);
-	    return(SECFailure);
-	} else {
-	    DestroyDBEntry((certDBEntry *)versionEntry);
-	    versionEntry = NULL;
-	}
-    }
-
-    /* if first open fails, try to create a new DB */
-    if ( handle->permCertDB == NULL ) {
-
-	/* don't create if readonly */
-	if ( readOnly ) {
-	    goto loser;
-	}
-	
-	if (appName) {
-	    handle->permCertDB=rdbopen( appName, prefix, "cert", NO_CREATE);
-
-	    updatedb = dbopen(certdbname, NO_RDONLY, 0600, DB_HASH, 0);
-	    if (updatedb) {
-		db_Copy(handle->permCertDB,updatedb);
-		(*updatedb->close)(updatedb);
-		PORT_Free(certdbname);
-		return(SECSuccess);
-	    }
-	} else {
-	    handle->permCertDB=dbopen(certdbname, NO_CREATE, 0600, DB_HASH, 0);
-	}
-
-	/* if create fails then we lose */
-	if ( handle->permCertDB == 0 ) {
-	    goto loser;
-	}
-
-	versionEntry = NewDBVersionEntry(0);
-	if ( versionEntry == NULL ) {
-	    goto loser;
-	}
-	
-	rv = WriteDBVersionEntry(handle, versionEntry);
-
-	DestroyDBEntry((certDBEntry *)versionEntry);
-
-	if ( rv != SECSuccess ) {
-	    goto loser;
-	}
-
-	/* try to upgrade old db here */
-	tmpname = (* namecb)(cbarg, 6);	/* get v6 db name */
-	if ( tmpname ) {
-	    updatedb = dbopen( tmpname, NO_RDONLY, 0600, DB_HASH, 0 );
-	    PORT_Free(tmpname);
-	    if ( updatedb ) {
-		rv = UpdateV6DB(handle, updatedb);
-		if ( rv != SECSuccess ) {
-		    goto loser;
-		}
-		updated = PR_TRUE;
-	    } else { /* no v6 db, so try v5 db */
-		tmpname = (* namecb)(cbarg, 5);	/* get v5 db name */
-		if ( tmpname ) {
-		    updatedb = dbopen( tmpname, NO_RDONLY, 0600, DB_HASH, 0 );
-		    PORT_Free(tmpname);
-		    if ( updatedb ) {
-			rv = UpdateV5DB(handle, updatedb);
-			if ( rv != SECSuccess ) {
-			    goto loser;
-			}
-			updated = PR_TRUE;
-		    } else { /* no v5 db, so try v4 db */
-			/* try to upgrade v4 db */
-			tmpname = (* namecb)(cbarg, 4);	/* get v4 db name */
-			if ( tmpname ) {
-			    updatedb = dbopen( tmpname, NO_RDONLY, 0600, 
-			                       DB_HASH, 0 );
-			    PORT_Free(tmpname);
-			    if ( updatedb ) {
-				/* NES has v5 db's with v4 db names! */
-				if (isV4DB(updatedb)) {
-				    rv = UpdateV4DB(handle, updatedb);
-				} else {
-				    rv = UpdateV5DB(handle, updatedb);
-				}
-				if ( rv != SECSuccess ) {
-				    goto loser;
-				}
-				forceUpdate = PR_TRUE;
-				updated = PR_TRUE;
-			    }
-			}
-		    }
-		}
-	    }
-	}
-
-	/* Root certs are no longer automatically added to the DB. They
-	 * come from and external PKCS #11 file.
-	 */
-    }
-
-    PORT_Free(certdbname);
-    
-    return (SECSuccess);
-    
-loser:
-
-    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-    
-    if ( handle->permCertDB ) {
-	certdb_Close(handle->permCertDB);
-	handle->permCertDB = 0;
-    }
-
-    PORT_Free(certdbname);
-
-    return(SECFailure);
-}
-
-/*
- * delete all DB records associated with a particular certificate
- */
-static SECStatus
-DeletePermCert(NSSLOWCERTCertificate *cert)
-{
-    SECStatus rv;
-    SECStatus ret;
-
-    ret = SECSuccess;
-    
-    rv = DeleteDBCertEntry(cert->dbhandle, &cert->certKey);
-    if ( rv != SECSuccess ) {
-	ret = SECFailure;
-    }
-    
-    if ( cert->nickname ) {
-	rv = DeleteDBNicknameEntry(cert->dbhandle, cert->nickname);
-	if ( rv != SECSuccess ) {
-	    ret = SECFailure;
-	}
-    }
-    
-    rv = RemovePermSubjectNode(cert);
-
-
-    return(ret);
-}
-
-/*
- * Delete a certificate from the permanent database.
- */
-SECStatus
-nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert)
-{
-    SECStatus rv;
-    
-    nsslowcert_LockDB(cert->dbhandle);
-
-    rv = db_BeginTransaction(cert->dbhandle->permCertDB);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    /* delete the records from the permanent database */
-    rv = DeletePermCert(cert);
-
-    /* get rid of dbcert and stuff pointing to it */
-    DestroyDBEntry((certDBEntry *)cert->dbEntry);
-    cert->dbEntry = NULL;
-    cert->trust = NULL;
-
-    db_FinishTransaction(cert->dbhandle->permCertDB,rv != SECSuccess);
-loser:
-	
-    nsslowcert_UnlockDB(cert->dbhandle);
-    return(rv);
-}
-
-/*
- * Traverse all of the entries in the database of a particular type
- * call the given function for each one.
- */
-SECStatus
-nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
-		      certDBEntryType type,
-		      SECStatus (* callback)(SECItem *data, SECItem *key,
-					    certDBEntryType type, void *pdata),
-		      void *udata )
-{
-    DBT data;
-    DBT key;
-    SECStatus rv;
-    int ret;
-    SECItem dataitem;
-    SECItem keyitem;
-    unsigned char *buf;
-    unsigned char *keybuf;
-    
-    ret = certdb_Seq(handle->permCertDB, &key, &data, R_FIRST);
-
-    if ( ret ) {
-	return(SECFailure);
-    }
-    
-    do {
-	buf = (unsigned char *)data.data;
-	
-	if ( buf[1] == (unsigned char)type ) {
-	    dataitem.len = data.size;
-	    dataitem.data = buf;
-            dataitem.type = siBuffer;
-	    keyitem.len = key.size - SEC_DB_KEY_HEADER_LEN;
-	    keybuf = (unsigned char *)key.data;
-	    keyitem.data = &keybuf[SEC_DB_KEY_HEADER_LEN];
-            keyitem.type = siBuffer;
-	    
-	    rv = (* callback)(&dataitem, &keyitem, type, udata);
-	    if ( rv != SECSuccess ) {
-		return(rv);
-	    }
-	}
-    } while ( certdb_Seq(handle->permCertDB, &key, &data, R_NEXT) == 0 );
-
-    return(SECSuccess);
-}
-/*
- * Decode a certificate and enter it into the temporary certificate database.
- * Deal with nicknames correctly
- *
- * This is the private entry point.
- */
-static NSSLOWCERTCertificate *
-DecodeACert(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
-{
-    NSSLOWCERTCertificate *cert = NULL;
-    
-    cert = nsslowcert_DecodeDERCertificate(&entry->derCert, PR_TRUE,
-							 entry->nickname );
-    
-    if ( cert == NULL ) {
-	goto loser;
-    }
-
-    cert->dbhandle = handle;
-    cert->dbEntry = entry;
-    cert->trust = &entry->trust;
-
-    return(cert);
-
-loser:
-    return(0);
-}
-
-static NSSLOWCERTTrust * 
-DecodeTrustEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry,				SECItem *dbKey)
-{
-    NSSLOWCERTTrust *trust = PORT_Alloc(sizeof(NSSLOWCERTTrust));
-    if (trust == NULL) {
-	return trust;
-    }
-    trust->dbhandle = handle;
-    trust->dbEntry = entry;
-    SECITEM_CopyItem(NULL, &trust->dbKey , dbKey);
-    trust->trust = &entry->trust;
-    trust->derCert = &entry->derCert;
-
-    return(trust);
-}
-
-typedef struct {
-    PermCertCallback certfunc;
-    NSSLOWCERTCertDBHandle *handle;
-    void *data;
-} PermCertCallbackState;
-
-/*
- * traversal callback to decode certs and call callers callback
- */
-static SECStatus
-certcallback(SECItem *dbdata, SECItem *dbkey, certDBEntryType type, void *data)
-{
-    PermCertCallbackState *mystate;
-    SECStatus rv;
-    certDBEntryCert *entry;
-    SECItem entryitem;
-    NSSLOWCERTCertificate *cert;
-    PRArenaPool *arena = NULL;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
-    mystate = (PermCertCallbackState *)data;
-    entry->common.version = (unsigned int)dbdata->data[0];
-    entry->common.type = (certDBEntryType)dbdata->data[1];
-    entry->common.flags = (unsigned int)dbdata->data[2];
-    entry->common.arena = arena;
-    
-    entryitem.len = dbdata->len - SEC_DB_ENTRY_HEADER_LEN;
-    entryitem.data = &dbdata->data[SEC_DB_ENTRY_HEADER_LEN];
-    
-    rv = DecodeDBCertEntry(entry, &entryitem);
-    if (rv != SECSuccess ) {
-	goto loser;
-    }
-    entry->derCert.type = siBuffer;
-   
-    /* note: Entry is 'inheritted'.  */
-    cert = DecodeACert(mystate->handle, entry);
-
-    rv = (* mystate->certfunc)(cert, dbkey, mystate->data);
-
-    /* arena stored in entry destroyed by nsslowcert_DestroyCertificate */
-    nsslowcert_DestroyCertificateNoLocking(cert);
-
-    return(rv);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return(SECFailure);
-}
-
-/*
- * Traverse all of the certificates in the permanent database and
- * call the given function for each one; expect the caller to have lock.
- */
-static SECStatus
-TraversePermCertsNoLocking(NSSLOWCERTCertDBHandle *handle,
-			   SECStatus (* certfunc)(NSSLOWCERTCertificate *cert,
-						  SECItem *k,
-						  void *pdata),
-			   void *udata )
-{
-    SECStatus rv;
-    PermCertCallbackState mystate;
-
-    mystate.certfunc = certfunc;
-    mystate.handle = handle;
-    mystate.data = udata;
-    rv = nsslowcert_TraverseDBEntries(handle, certDBEntryTypeCert, certcallback,
-			       (void *)&mystate);
-    
-    return(rv);
-}
-
-/*
- * Traverse all of the certificates in the permanent database and
- * call the given function for each one.
- */
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
-		      SECStatus (* certfunc)(NSSLOWCERTCertificate *cert, SECItem *k,
-					    void *pdata),
-		      void *udata )
-{
-    SECStatus rv;
-
-    nsslowcert_LockDB(handle);
-    rv = TraversePermCertsNoLocking(handle, certfunc, udata);
-    nsslowcert_UnlockDB(handle);
-    
-    return(rv);
-}
-
-
-
-/*
- * Close the database
- */
-void
-nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle)
-{
-    if ( handle ) {
-	if ( handle->permCertDB ) {
-	    certdb_Close( handle->permCertDB );
-	    handle->permCertDB = NULL;
-	}
-	if (handle->dbMon) {
-    	    PZ_DestroyMonitor(handle->dbMon);
-	    handle->dbMon = NULL;
-	}
-    }
-    return;
-}
-
-/*
- * Get the trust attributes from a certificate
- */
-SECStatus
-nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
-{
-    SECStatus rv;
-    
-    nsslowcert_LockCertTrust(cert);
-    
-    if ( cert->trust == NULL ) {
-	rv = SECFailure;
-    } else {
-	*trust = *cert->trust;
-	rv = SECSuccess;
-    }
-    
-    nsslowcert_UnlockCertTrust(cert);
-    return(rv);
-}
-
-/*
- * Change the trust attributes of a certificate and make them permanent
- * in the database.
- */
-SECStatus
-nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle, 
-	 	 	NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
-{
-    certDBEntryCert *entry;
-    int rv;
-    SECStatus ret;
-    
-    nsslowcert_LockDB(handle);
-    nsslowcert_LockCertTrust(cert);
-    /* only set the trust on permanent certs */
-    if ( cert->trust == NULL ) {
-	ret = SECFailure;
-	goto done;
-    }
-
-    *cert->trust = *trust;
-    if ( cert->dbEntry == NULL ) {
-	ret = SECSuccess; /* not in permanent database */
-	goto done;
-    }
-    
-    entry = cert->dbEntry;
-    entry->trust = *trust;
-    
-    rv = WriteDBCertEntry(handle, entry);
-    if ( rv ) {
-	ret = SECFailure;
-	goto done;
-    }
-
-    ret = SECSuccess;
-    
-done:
-    nsslowcert_UnlockCertTrust(cert);
-    nsslowcert_UnlockDB(handle);
-    return(ret);
-}
-
-
-SECStatus
-nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *dbhandle,
-    NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
-{
-    char *oldnn;
-    certDBEntryCert *entry;
-    PRBool conflict;
-    SECStatus ret;
-    SECStatus rv;
-
-    nsslowcert_LockDB(dbhandle);
-    rv = db_BeginTransaction(dbhandle->permCertDB);
-    if (rv != SECSuccess) {
-	nsslowcert_UnlockDB(dbhandle);
-	return SECFailure;
-    }
-    
-    PORT_Assert(!cert->dbEntry);
-
-    /* don't add a conflicting nickname */
-    conflict = nsslowcert_CertNicknameConflict(nickname, &cert->derSubject,
-					dbhandle);
-    if ( conflict ) {
-	ret = SECFailure;
-	goto done;
-    }
-    
-    /* save old nickname so that we can delete it */
-    oldnn = cert->nickname;
-
-    entry = AddCertToPermDB(dbhandle, cert, nickname, trust);
-    
-    if ( entry == NULL ) {
-	ret = SECFailure;
-	goto done;
-    }
-    
-    cert->nickname = (entry->nickname) ? PORT_ArenaStrdup(cert->arena,entry->nickname) : NULL;
-    cert->trust = &entry->trust;
-    cert->dbEntry = entry;
-    
-    ret = SECSuccess;
-done:
-    db_FinishTransaction(dbhandle->permCertDB, ret != SECSuccess);
-    nsslowcert_UnlockDB(dbhandle);
-    return(ret);
-}
-
-/*
- * Open the certificate database and index databases.  Create them if
- * they are not there or bad.
- */
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
-	        const char *appName, const char *prefix,
-		NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
-{
-    int rv;
-
-    certdb_InitDBLock(handle);
-    
-    handle->dbMon = PZ_NewMonitor(nssILockCertDB);
-    PORT_Assert(handle->dbMon != NULL);
-
-    rv = nsslowcert_OpenPermCertDB(handle, readOnly, appName, prefix, 
-							namecb, cbarg);
-    if ( rv ) {
-	goto loser;
-    }
-
-    return (SECSuccess);
-    
-loser:
-
-    PORT_SetError(SEC_ERROR_BAD_DATABASE);
-    return(SECFailure);
-}
-
-
-/*
- * Lookup a certificate in the databases.
- */
-static NSSLOWCERTCertificate *
-FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey, PRBool lockdb)
-{
-    SECItem keyitem;
-    DBT key;
-    SECStatus rv;
-    NSSLOWCERTCertificate *cert = NULL;
-    PRArenaPool *arena = NULL;
-    certDBEntryCert *entry;
-    PRBool locked = PR_FALSE;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBCertKey(certKey, arena, &keyitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    key.data = keyitem.data;
-    key.size = keyitem.len;
-    
-    if ( lockdb ) {
-	locked = PR_TRUE;
-	nsslowcert_LockDB(handle);
-    }
-	
-    /* find in perm database */
-    entry = ReadDBCertEntry(handle, certKey);
-	
-    if ( entry == NULL ) {
- 	goto loser;
-    }
-  
-    /* inherit entry */  
-    cert = DecodeACert(handle, entry);
-
-loser:
-    if (cert == NULL) {
-	if (entry) {
-	    DestroyDBEntry((certDBEntry *)entry);
-	}
-    }
-
-    if ( locked ) {
-	nsslowcert_UnlockDB(handle);
-    }
-
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(cert);
-}
-
-/*
- * Lookup a certificate in the databases.
- */
-static NSSLOWCERTTrust *
-FindTrustByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey, PRBool lockdb)
-{
-    SECItem keyitem;
-    DBT key;
-    SECStatus rv;
-    NSSLOWCERTTrust *trust = NULL;
-    PRArenaPool *arena = NULL;
-    certDBEntryCert *entry;
-    PRBool locked = PR_FALSE;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBCertKey(certKey, arena, &keyitem);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    key.data = keyitem.data;
-    key.size = keyitem.len;
-    
-    if ( lockdb ) {
-	locked = PR_TRUE;
-	nsslowcert_LockDB(handle);
-    }
-	
-    /* find in perm database */
-    entry = ReadDBCertEntry(handle, certKey);
-	
-    if ( entry == NULL ) {
- 	goto loser;
-    }
-
-    if (!nsslowcert_hasTrust(&entry->trust)) {
-	goto loser;
-    }
-  
-    /* inherit entry */  
-    trust = DecodeTrustEntry(handle, entry, certKey);
-
-loser:
-    if (trust == NULL) {
-	if (entry) {
-	    DestroyDBEntry((certDBEntry *)entry);
-	}
-    }
-
-    if ( locked ) {
-	nsslowcert_UnlockDB(handle);
-    }
-
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    
-    return(trust);
-}
-
-/*
- * Lookup a certificate in the databases without locking
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
-    return(FindCertByKey(handle, certKey, PR_FALSE));
-}
-
-/*
- * Lookup a trust object in the databases without locking
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
-    return(FindTrustByKey(handle, certKey, PR_FALSE));
-}
-
-/*
- * Generate a key from an issuerAndSerialNumber, and find the
- * associated cert in the database.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN)
-{
-    SECItem certKey;
-    SECItem *sn = &issuerAndSN->serialNumber;
-    SECItem *issuer = &issuerAndSN->derIssuer;
-    NSSLOWCERTCertificate *cert;
-    int data_left = sn->len-1;
-    int data_len = sn->len;
-    int index = 0;
-
-    /* automatically detect DER encoded serial numbers and remove the der
-     * encoding since the database expects unencoded data. 
-     * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
-    if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
-	/* remove the der encoding of the serial number before generating the
-	 * key.. */
-	data_left = sn->len-2;
-	data_len = sn->data[1];
-	index = 2;
-
-	/* extended length ? (not very likely for a serial number) */
-	if (data_len & 0x80) {
-	    int len_count = data_len & 0x7f;
-
-	    data_len = 0;
-	    data_left -= len_count;
-	    if (data_left > 0) {
-		while (len_count --) {
-		    data_len = (data_len << 8) | sn->data[index++];
-		}
-	    } 
-	}
-	/* XXX leaving any leading zeros on the serial number for backwards
-	 * compatibility
-	 */
-	/* not a valid der, must be just an unlucky serial number value */
-	if (data_len != data_left) {
-	    data_len = sn->len;
-	    index = 0;
-	}
-    }
-
-    certKey.data = (unsigned char*)PORT_Alloc(sn->len + issuer->len);
-    certKey.len = data_len + issuer->len;
-    
-    if ( certKey.data == NULL ) {
-	return(0);
-    }
-
-    /* first try the serial number as hand-decoded above*/
-    /* copy the serialNumber */
-    PORT_Memcpy(certKey.data, &sn->data[index], data_len);
-
-    /* copy the issuer */
-    PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);
-
-    cert = nsslowcert_FindCertByKey(handle, &certKey);
-    if (cert) {
-	PORT_Free(certKey.data);
-	return (cert);
-    }
-
-    /* didn't find it, try by der encoded serial number */
-    /* copy the serialNumber */
-    PORT_Memcpy(certKey.data, sn->data, sn->len);
-
-    /* copy the issuer */
-    PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
-    certKey.len = sn->len + issuer->len;
-
-    cert = nsslowcert_FindCertByKey(handle, &certKey);
-    
-    PORT_Free(certKey.data);
-    
-    return(cert);
-}
-
-/*
- * Generate a key from an issuerAndSerialNumber, and find the
- * associated cert in the database.
- */
-NSSLOWCERTTrust *
-nsslowcert_FindTrustByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, 
-					NSSLOWCERTIssuerAndSN *issuerAndSN)
-{
-    SECItem certKey;
-    SECItem *sn = &issuerAndSN->serialNumber;
-    SECItem *issuer = &issuerAndSN->derIssuer;
-    NSSLOWCERTTrust *trust;
-    int data_left = sn->len-1;
-    int data_len = sn->len;
-    int index = 0;
-
-    /* automatically detect DER encoded serial numbers and remove the der
-     * encoding since the database expects unencoded data. 
-     * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
-    if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
-	/* remove the der encoding of the serial number before generating the
-	 * key.. */
-	data_left = sn->len-2;
-	data_len = sn->data[1];
-	index = 2;
-
-	/* extended length ? (not very likely for a serial number) */
-	if (data_len & 0x80) {
-	    int len_count = data_len & 0x7f;
-
-	    data_len = 0;
-	    data_left -= len_count;
-	    if (data_left > 0) {
-		while (len_count --) {
-		    data_len = (data_len << 8) | sn->data[index++];
-		}
-	    } 
-	}
-	/* XXX leaving any leading zeros on the serial number for backwards
-	 * compatibility
-	 */
-	/* not a valid der, must be just an unlucky serial number value */
-	if (data_len != data_left) {
-	    data_len = sn->len;
-	    index = 0;
-	}
-    }
-
-    certKey.data = (unsigned char*)PORT_Alloc(sn->len + issuer->len);
-    certKey.len = data_len + issuer->len;
-    
-    if ( certKey.data == NULL ) {
-	return(0);
-    }
-
-    /* first try the serial number as hand-decoded above*/
-    /* copy the serialNumber */
-    PORT_Memcpy(certKey.data, &sn->data[index], data_len);
-
-    /* copy the issuer */
-    PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);
-
-    trust = nsslowcert_FindTrustByKey(handle, &certKey);
-    if (trust) {
-	PORT_Free(certKey.data);
-	return (trust);
-    }
-
-    if (index == 0) {
-	PORT_Free(certKey.data);
-	return NULL;
-    }
-
-    /* didn't find it, try by der encoded serial number */
-    /* copy the serialNumber */
-    PORT_Memcpy(certKey.data, sn->data, sn->len);
-
-    /* copy the issuer */
-    PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
-    certKey.len = sn->len + issuer->len;
-
-    trust = nsslowcert_FindTrustByKey(handle, &certKey);
-    
-    PORT_Free(certKey.data);
-    
-    return(trust);
-}
-
-/*
- * look for the given DER certificate in the database
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert)
-{
-    PRArenaPool *arena;
-    SECItem certKey;
-    SECStatus rv;
-    NSSLOWCERTCertificate *cert = NULL;
-    
-    /* create a scratch arena */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	return(NULL);
-    }
-    
-    /* extract the database key from the cert */
-    rv = nsslowcert_KeyFromDERCert(arena, derCert, &certKey);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-
-    /* find the certificate */
-    cert = nsslowcert_FindCertByKey(handle, &certKey);
-    
-loser:
-    PORT_FreeArena(arena, PR_FALSE);
-    return(cert);
-}
-
-static void
-DestroyCertificate(NSSLOWCERTCertificate *cert, PRBool lockdb)
-{
-    int refCount;
-    NSSLOWCERTCertDBHandle *handle;
-    
-    if ( cert ) {
-
-	handle = cert->dbhandle;
-
-	/*
-	 * handle may be NULL, for example if the cert was created with
-	 * nsslowcert_DecodeDERCertificate.
-	 */
-	if ( lockdb && handle ) {
-	    nsslowcert_LockDB(handle);
-	}
-
-        nsslowcert_LockCertRefCount(cert);
-	PORT_Assert(cert->referenceCount > 0);
-	refCount = --cert->referenceCount;
-        nsslowcert_UnlockCertRefCount(cert);
-
-	if ( ( refCount == 0 ) ) {
-	    certDBEntryCert *entry  = cert->dbEntry;
-	    PRArenaPool *    arena  = cert->arena;
-
-	    if ( entry ) {
-		DestroyDBEntry((certDBEntry *)entry);
-            }
-
-	    /* zero cert before freeing. Any stale references to this cert
-	     * after this point will probably cause an exception.  */
-	    PORT_Memset(cert, 0, sizeof *cert);
-
-	    cert = NULL;
-	    
-	    /* free the arena that contains the cert. */
-	    PORT_FreeArena(arena, PR_FALSE);
-        }
-	if ( lockdb && handle ) {
-	    nsslowcert_UnlockDB(handle);
-	}
-    }
-
-    return;
-}
-
-void
-nsslowcert_DestroyTrust(NSSLOWCERTTrust *trust)
-{
-    certDBEntryCert *entry  = trust->dbEntry;
-
-    if ( entry ) {
-	DestroyDBEntry((certDBEntry *)entry);
-    }
-    if (trust->dbKey.data) {
-	PORT_Free(trust->dbKey.data);
-    }
-    PORT_Free(trust);
-
-    return;
-}
-
-void
-nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert)
-{
-    DestroyCertificate(cert, PR_TRUE);
-    return;
-}
-
-static void
-nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert)
-{
-    DestroyCertificate(cert, PR_FALSE);
-    return;
-}
-
-/*
- * Lookup a CRL in the databases. We mirror the same fast caching data base
- *  caching stuff used by certificates....?
- */
-SECItem *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey, 
-		char **url, PRBool isKRL)
-{
-    SECItem keyitem;
-    DBT key;
-    SECStatus rv;
-    SECItem *crl = NULL;
-    PRArenaPool *arena = NULL;
-    certDBEntryRevocation *entry = NULL;
-    certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation  
-					: certDBEntryTypeRevocation;
-    
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;
-    }
-    
-    rv = EncodeDBGenericKey(crlKey, arena, &keyitem, crlType);
-    if ( rv != SECSuccess ) {
-	goto loser;
-    }
-    
-    key.data = keyitem.data;
-    key.size = keyitem.len;
-
-    /* find in perm database */
-    entry = ReadDBCrlEntry(handle, crlKey, crlType);
-	
-    if ( entry == NULL ) {
-	goto loser;
-    }
-
-    if (url && entry->url) {
-	*url = PORT_Strdup(entry->url);
-    }
-    crl = SECITEM_DupItem(&entry->derCrl);
-
-loser:
-    if ( arena ) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    if (entry) {
-	DestroyDBEntry((certDBEntry *)entry);
-    }
-    
-    return(crl);
-}
-
-/*
- * replace the existing URL in the data base with a new one
- */
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl, 
-			SECItem *crlKey, char *url, PRBool isKRL)
-{
-    SECStatus rv = SECFailure;
-    certDBEntryRevocation *entry = NULL;
-    certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation  
-					: certDBEntryTypeRevocation;
-    rv = db_BeginTransaction(handle->permCertDB);
-    if (rv != SECSuccess) {
-	return SECFailure;
-    }
-    DeleteDBCrlEntry(handle, crlKey, crlType);
-
-    /* Write the new entry into the data base */
-    entry = NewDBCrlEntry(derCrl, url, crlType, 0);
-    if (entry == NULL) goto done;
-
-    rv = WriteDBCrlEntry(handle, entry, crlKey);
-    if (rv != SECSuccess) goto done;
-
-done:
-    if (entry) {
-	DestroyDBEntry((certDBEntry *)entry);
-    }
-    db_FinishTransaction(handle->permCertDB, rv != SECSuccess);
-    return rv;
-}
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle, SECItem *derName,
-								 PRBool isKRL)
-{
-    SECStatus rv;
-    certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation  
-					: certDBEntryTypeRevocation;
-    rv = db_BeginTransaction(handle->permCertDB);
-    if (rv != SECSuccess) {
-	return SECFailure;
-    }
-    
-    rv = DeleteDBCrlEntry(handle, derName, crlType);
-    if (rv != SECSuccess) goto done;
-  
-done:
-    db_FinishTransaction(handle->permCertDB, rv != SECSuccess);
-    return rv;
-}
-
-
-PRBool
-nsslowcert_hasTrust(NSSLOWCERTCertTrust *trust)
-{
-    if (trust == NULL) {
-	return PR_FALSE;
-    }
-    return !((trust->sslFlags & CERTDB_TRUSTED_UNKNOWN) && 
-		(trust->emailFlags & CERTDB_TRUSTED_UNKNOWN) && 
-			(trust->objectSigningFlags & CERTDB_TRUSTED_UNKNOWN));
-}
-
-/*
- * This function has the logic that decides if another person's cert and
- * email profile from an S/MIME message should be saved.  It can deal with
- * the case when there is no profile.
- */
-SECStatus
-nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr, 
-	SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime)
-{
-    certDBEntrySMime *entry = NULL;
-    SECStatus rv = SECFailure;;
-
-    rv = db_BeginTransaction(dbhandle->permCertDB);
-    if (rv != SECSuccess) {
-	return SECFailure;
-    }
-
-    /* find our existing entry */
-    entry = nsslowcert_ReadDBSMimeEntry(dbhandle, emailAddr);
-
-    if ( entry ) {
-	/* keep our old db entry consistant for old applications. */
-	if (!SECITEM_ItemsAreEqual(derSubject, &entry->subjectName)) {
-	    UpdateSubjectWithEmailAddr(dbhandle, &entry->subjectName, NULL);
-	} 
-	DestroyDBEntry((certDBEntry *)entry);
-	entry = NULL;
-    }
-
-    /* now save the entry */
-    entry = NewDBSMimeEntry(emailAddr, derSubject, emailProfile,
-				profileTime, 0);
-    if ( entry == NULL ) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    nsslowcert_LockDB(dbhandle);
-
-    rv = DeleteDBSMimeEntry(dbhandle, emailAddr);
-    /* if delete fails, try to write new entry anyway... */
-
-    /* link subject entry back here */
-    rv = UpdateSubjectWithEmailAddr(dbhandle, derSubject, emailAddr);
-    if ( rv != SECSuccess ) {
-	    nsslowcert_UnlockDB(dbhandle);
-	    goto loser;
-    }
-	
-    rv = WriteDBSMimeEntry(dbhandle, entry);
-    if ( rv != SECSuccess ) {
-	    nsslowcert_UnlockDB(dbhandle);
-	    goto loser;
-    }
-
-    nsslowcert_UnlockDB(dbhandle);
-
-    rv = SECSuccess;
-    
-loser:
-    if ( entry ) {
-	DestroyDBEntry((certDBEntry *)entry);
-    }
-    db_FinishTransaction(dbhandle->permCertDB, rv != SECSuccess);
-    return(rv);
-}
-
-void
-nsslowcert_DestroyGlobalLocks()
-{
-    if (dbLock) {
-	PZ_DestroyLock(dbLock);
-	dbLock = NULL;
-    }
-    if (certRefCountLock) {
-	PZ_DestroyLock(certRefCountLock);
-	certRefCountLock = NULL;
-    }
-    if (certTrustLock) {
-	PZ_DestroyLock(certTrustLock);
-	certTrustLock = NULL;
-    }
-}
diff --git a/security/nss/lib/softoken/pcertt.h b/security/nss/lib/softoken/pcertt.h
deleted file mode 100644
index a3c50b25c..000000000
--- a/security/nss/lib/softoken/pcertt.h
+++ /dev/null
@@ -1,444 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _PCERTT_H_
-#define _PCERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-
-/* Non-opaque objects */
-typedef struct NSSLOWCERTCertDBHandleStr               NSSLOWCERTCertDBHandle;
-typedef struct NSSLOWCERTCertKeyStr                    NSSLOWCERTCertKey;
-
-typedef struct NSSLOWCERTTrustStr                      NSSLOWCERTTrust;
-typedef struct NSSLOWCERTCertTrustStr                  NSSLOWCERTCertTrust;
-typedef struct NSSLOWCERTCertificateStr                NSSLOWCERTCertificate;
-typedef struct NSSLOWCERTCertificateListStr            NSSLOWCERTCertificateList;
-typedef struct NSSLOWCERTIssuerAndSNStr                NSSLOWCERTIssuerAndSN;
-typedef struct NSSLOWCERTSignedDataStr                 NSSLOWCERTSignedData;
-typedef struct NSSLOWCERTSubjectPublicKeyInfoStr       NSSLOWCERTSubjectPublicKeyInfo;
-typedef struct NSSLOWCERTValidityStr                   NSSLOWCERTValidity;
-
-/*
-** An X.509 validity object
-*/
-struct NSSLOWCERTValidityStr {
-    PRArenaPool *arena;
-    SECItem notBefore;
-    SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct NSSLOWCERTCertKeyStr {
-    SECItem serialNumber;
-    SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct NSSLOWCERTSignedDataStr {
-    SECItem data;
-    SECAlgorithmID signatureAlgorithm;
-    SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct NSSLOWCERTSubjectPublicKeyInfoStr {
-    PRArenaPool *arena;
-    SECAlgorithmID algorithm;
-    SECItem subjectPublicKey;
-};
-
-typedef struct _certDBEntryCert certDBEntryCert;
-typedef struct _certDBEntryRevocation certDBEntryRevocation;
-
-struct NSSLOWCERTCertTrustStr {
-    unsigned int sslFlags;
-    unsigned int emailFlags;
-    unsigned int objectSigningFlags;
-};
-
-/*
-** PKCS11 Trust representation
-*/
-struct NSSLOWCERTTrustStr {
-    NSSLOWCERTCertDBHandle *dbhandle;
-    SECItem dbKey;			/* database key for this cert */
-    certDBEntryCert *dbEntry;		/* database entry struct */
-    NSSLOWCERTCertTrust *trust;
-    SECItem *derCert;			/* original DER for the cert */
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct NSSLOWCERTCertificateStr {
-    /* the arena is used to allocate any data structures that have the same
-     * lifetime as the cert.  This is all stuff that hangs off of the cert
-     * structure, and is all freed at the same time.  I is used when the
-     * cert is decoded, destroyed, and at some times when it changes
-     * state
-     */
-    PRArenaPool *arena;
-    NSSLOWCERTCertDBHandle *dbhandle;
-
-    SECItem derCert;			/* original DER for the cert */
-    SECItem derIssuer;			/* DER for issuer name */
-    SECItem serialNumber;
-    SECItem derSubject;			/* DER for subject name */
-    NSSLOWCERTSubjectPublicKeyInfo subjectPublicKeyInfo;
-    SECItem certKey;			/* database key for this cert */
-    NSSLOWCERTValidity validity;
-    certDBEntryCert *dbEntry;		/* database entry struct */
-    SECItem subjectKeyID;	/* x509v3 subject key identifier */
-    char *nickname;
-    char *emailAddr;
-    NSSLOWCERTCertTrust *trust;
-
-    /* the reference count is modified whenever someone looks up, dups
-     * or destroys a certificate
-     */
-    int referenceCount;
-};
-#define SEC_CERTIFICATE_VERSION_1		0	/* default created */
-#define SEC_CERTIFICATE_VERSION_2		1	/* v2 */
-#define SEC_CERTIFICATE_VERSION_3		2	/* v3 extensions */
-
-#define SEC_CRL_VERSION_1		0	/* default */
-#define SEC_CRL_VERSION_2		1	/* v2 extensions */
-
-struct NSSLOWCERTIssuerAndSNStr {
-    SECItem derIssuer;
-    SECItem serialNumber;
-};
-
-typedef SECStatus (* NSSLOWCERTCertCallback)(NSSLOWCERTCertificate *cert, void *arg);
-
-/* This is the typedef for the callback passed to nsslowcert_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*NSSLOWCERTDBNameFunc)(void *arg, int dbVersion);
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h"	/* way down here because I expect template stuff to
-			 * move out of here anyway */
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template nsslowcert_CertificateTemplate[];
-extern const SEC_ASN1Template nsslowcert_SignedDataTemplate[];
-extern const SEC_ASN1Template NSSLOWKEY_PublicKeyTemplate[];
-extern const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowcert_ValidityTemplate[];
-
-SEC_END_PROTOS
-
-/*
- * Certificate Database related definitions and data structures
- */
-
-/* version number of certificate database */
-#define CERT_DB_FILE_VERSION		7
-#ifdef USE_NS_ROOTS
-#define CERT_DB_CONTENT_VERSION		28
-#else
-#define CERT_DB_CONTENT_VERSION		2
-#endif
-
-#define SEC_DB_ENTRY_HEADER_LEN		3
-#define SEC_DB_KEY_HEADER_LEN		1
-
-/* All database entries have this form:
- * 	
- *	byte offset	field
- *	-----------	-----
- *	0		version
- *	1		type
- *	2		flags
- */
-
-/* database entry types */
-typedef enum {
-    certDBEntryTypeVersion = 0,
-    certDBEntryTypeCert = 1,
-    certDBEntryTypeNickname = 2,
-    certDBEntryTypeSubject = 3,
-    certDBEntryTypeRevocation = 4,
-    certDBEntryTypeKeyRevocation = 5,
-    certDBEntryTypeSMimeProfile = 6,
-    certDBEntryTypeContentVersion = 7
-} certDBEntryType;
-
-typedef struct {
-    certDBEntryType type;
-    unsigned int version;
-    unsigned int flags;
-    PRArenaPool *arena;
-} certDBEntryCommon;
-
-/*
- * Certificate entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		sslFlags-msb
- *	1		sslFlags-lsb
- *	2		emailFlags-msb
- *	3		emailFlags-lsb
- *	4		objectSigningFlags-msb
- *	5		objectSigningFlags-lsb
- *	6		derCert-len-msb
- *	7		derCert-len-lsb
- *	8		nickname-len-msb
- *	9		nickname-len-lsb
- *	...		derCert
- *	...		nickname
- *
- * NOTE: the nickname string as stored in the database is null terminated,
- *		in other words, the last byte of the db entry is always 0
- *		if a nickname is present.
- * NOTE: if nickname is not present, then nickname-len-msb and
- *		nickname-len-lsb will both be zero.
- */
-struct _certDBEntryCert {
-    certDBEntryCommon common;
-    NSSLOWCERTCertTrust trust;
-    SECItem derCert;
-    char *nickname;
-};
-
-/*
- * Certificate Nickname entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		subjectname-len-msb
- *	1	        subjectname-len-lsb
- *	2...		subjectname
- *
- * The database key for this type of entry is a nickname string
- * The "subjectname" value is the DER encoded DN of the identity
- *   that matches this nickname.
- */
-typedef struct {
-    certDBEntryCommon common;
-    char *nickname;
-    SECItem subjectName;
-} certDBEntryNickname;
-
-#define DB_NICKNAME_ENTRY_HEADER_LEN 2
-
-/*
- * Certificate Subject entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		ncerts-msb
- *	1		ncerts-lsb
- *	2		nickname-msb
- *	3		nickname-lsb
- *	4		emailAddr-msb
- *	5		emailAddr-lsb
- *	...		nickname
- *	...		emailAddr
- *	...+2*i		certkey-len-msb
- *	...+1+2*i       certkey-len-lsb
- *	...+2*ncerts+2*i keyid-len-msb
- *	...+1+2*ncerts+2*i keyid-len-lsb
- *	...		certkeys
- *	...		keyids
- *
- * The database key for this type of entry is the DER encoded subject name
- * The "certkey" value is an array of  certificate database lookup keys that
- *   points to the database entries for the certificates that matche
- *   this subject.
- *
- */
-typedef struct _certDBEntrySubject {
-    certDBEntryCommon common;
-    SECItem derSubject;
-    unsigned int ncerts;
-    char *nickname;
-    char *emailAddr;
-    SECItem *certKeys;
-    SECItem *keyIDs;
-} certDBEntrySubject;
-
-#define DB_SUBJECT_ENTRY_HEADER_LEN 6
-
-/*
- * Certificate SMIME profile entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		subjectname-len-msb
- *	1	        subjectname-len-lsb
- *	2		smimeoptions-len-msb
- *	3		smimeoptions-len-lsb
- *	4		options-date-len-msb
- *	5		options-date-len-lsb
- *	6...		subjectname
- *	...		smimeoptions
- *	...		options-date
- *
- * The database key for this type of entry is the email address string
- * The "subjectname" value is the DER encoded DN of the identity
- *   that matches this nickname.
- * The "smimeoptions" value is a string that represents the algorithm
- *   capabilities on the remote user.
- * The "options-date" is the date that the smime options value was created.
- *   This is generally the signing time of the signed message that contained
- *   the options.  It is a UTCTime value.
- */
-typedef struct {
-    certDBEntryCommon common;
-    char *emailAddr;
-    SECItem subjectName;
-    SECItem smimeOptions;
-    SECItem optionsDate;
-} certDBEntrySMime;
-
-#define DB_SMIME_ENTRY_HEADER_LEN 6
-
-/*
- * Crl/krl entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		derCert-len-msb
- *	1		derCert-len-lsb
- *	2		url-len-msb
- *	3		url-len-lsb
- *	...		derCert
- *	...		url
- *
- * NOTE: the url string as stored in the database is null terminated,
- *		in other words, the last byte of the db entry is always 0
- *		if a nickname is present. 
- * NOTE: if url is not present, then url-len-msb and
- *		url-len-lsb will both be zero.
- */
-#define DB_CRL_ENTRY_HEADER_LEN	4
-struct _certDBEntryRevocation {
-    certDBEntryCommon common;
-    SECItem	derCrl;
-    char	*url;	/* where to load the crl from */
-};
-
-/*
- * Database Version Entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	only the low level header...
- *
- * The database key for this type of entry is the string "Version"
- */
-typedef struct {
-    certDBEntryCommon common;
-} certDBEntryVersion;
-
-#define SEC_DB_VERSION_KEY "Version"
-#define SEC_DB_VERSION_KEY_LEN sizeof(SEC_DB_VERSION_KEY)
-
-/*
- * Database Content Version Entry:
- *
- *	byte offset	field
- *	-----------	-----
- *	0		contentVersion
- *
- * The database key for this type of entry is the string "ContentVersion"
- */
-typedef struct {
-    certDBEntryCommon common;
-    char contentVersion;
-} certDBEntryContentVersion;
-
-#define SEC_DB_CONTENT_VERSION_KEY "ContentVersion"
-#define SEC_DB_CONTENT_VERSION_KEY_LEN sizeof(SEC_DB_CONTENT_VERSION_KEY)
-
-typedef union {
-    certDBEntryCommon common;
-    certDBEntryVersion version;
-    certDBEntryCert cert;
-    certDBEntryNickname nickname;
-    certDBEntrySubject subject;
-    certDBEntryRevocation revocation;
-} certDBEntry;
-
-/* length of the fixed part of a database entry */
-#define DBCERT_V4_HEADER_LEN	7
-#define DB_CERT_V5_ENTRY_HEADER_LEN	7
-#define DB_CERT_V6_ENTRY_HEADER_LEN	7
-#define DB_CERT_ENTRY_HEADER_LEN	10
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER	(1<<0)
-#define CERTDB_TRUSTED		(1<<1)
-#define CERTDB_SEND_WARN	(1<<2)
-#define CERTDB_VALID_CA		(1<<3)
-#define CERTDB_TRUSTED_CA	(1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA	(1<<5)
-#define CERTDB_USER		(1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA	(1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA	(1<<9) /* can do strong crypto in export ver */
-#define CERTDB_NOT_TRUSTED	(1<<10) /* explicitly don't trust this cert */
-#define CERTDB_TRUSTED_UNKNOWN	(1<<11) /* accept trust from another source */
-
-/* bits not affected by the CKO_NETSCAPE_TRUST object */
-#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | CERTDB_VALID_PEER | \
-        CERTDB_NS_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_INVISIBLE_CA | \
-                                        CERTDB_GOVT_APPROVED_CA)
-
-#endif /* _PCERTT_H_ */
diff --git a/security/nss/lib/softoken/pk11db.c b/security/nss/lib/softoken/pk11db.c
deleted file mode 100644
index 5f9d35524..000000000
--- a/security/nss/lib/softoken/pk11db.c
+++ /dev/null
@@ -1,883 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* 
- *  The following code handles the storage of PKCS 11 modules used by the
- * NSS. This file is written to abstract away how the modules are
- * stored so we can deside that later.
- */
-
-#include "pk11pars.h"
-#include "pkcs11i.h"
-#include "mcom_db.h"
-#include "cdbhdl.h"
-
-#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
-
-static void
-secmod_parseTokenFlags(char *tmp, pk11_token_parameters *parsed) { 
-    parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
-    parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
-    parsed->noKeyDB = pk11_argHasFlag("flags","noKeyDB",tmp);
-    parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
-    parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
-    parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp);
-    return;
-}
-
-static void
-secmod_parseFlags(char *tmp, pk11_parameters *parsed) { 
-    parsed->noModDB = pk11_argHasFlag("flags","noModDB",tmp);
-    parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
-    /* keep legacy interface working */
-    parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
-    parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
-    parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
-    parsed->optimizeSpace = pk11_argHasFlag("flags","optimizeSpace",tmp);
-    return;
-}
-
-CK_RV
-secmod_parseTokenParameters(char *param, pk11_token_parameters *parsed) 
-{
-    int next;
-    char *tmp;
-    char *index;
-    index = pk11_argStrip(param);
-
-    while (*index) {
-	PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->certPrefix,"certPrefix=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyPrefix=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
-	PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=", 
-			if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); })
-	PK11_HANDLE_STRING_ARG(index,tmp,"flags=", 
-	   if(tmp) { secmod_parseTokenFlags(param,parsed); PORT_Free(tmp); })
-	PK11_HANDLE_FINAL_ARG(index)
-   }
-   return CKR_OK;
-}
-
-static void
-secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
-{
-    char *tokenIndex;
-    pk11_token_parameters *tokens = NULL;
-    int i=0,count = 0,next;
-
-    if ((tokenParams == NULL) || (*tokenParams == 0))  return;
-
-    /* first count the number of slots */
-    for (tokenIndex = pk11_argStrip(tokenParams); *tokenIndex;
-		tokenIndex = pk11_argStrip(pk11_argSkipParameter(tokenIndex))) {
-	count++;
-    }
-
-    /* get the data structures */
-    tokens = (pk11_token_parameters *) 
-			PORT_ZAlloc(count*sizeof(pk11_token_parameters));
-    if (tokens == NULL) return;
-
-    for (tokenIndex = pk11_argStrip(tokenParams), i = 0;
-					*tokenIndex && i < count ; i++ ) {
-	char *name;
-	name = pk11_argGetName(tokenIndex,&next);
-	tokenIndex += next;
-
-	tokens[i].slotID = pk11_argDecodeNumber(name);
-        tokens[i].readOnly = PR_TRUE;
-	tokens[i].noCertDB = PR_TRUE;
-	tokens[i].noKeyDB = PR_TRUE;
-	if (!pk11_argIsBlank(*tokenIndex)) {
-	    char *args = pk11_argFetchValue(tokenIndex,&next);
-	    tokenIndex += next;
-	    if (args) {
-		secmod_parseTokenParameters(args,&tokens[i]);
-		PORT_Free(args);
-	    }
-	}
-	if (name) PORT_Free(name);
-	tokenIndex = pk11_argStrip(tokenIndex);
-    }
-    parsed->token_count = i;
-    parsed->tokens = tokens;
-    return; 
-}
-
-CK_RV
-secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS) 
-{
-    int next;
-    char *tmp;
-    char *index;
-    char *certPrefix = NULL, *keyPrefix = NULL;
-    char *tokdes = NULL, *ptokdes = NULL;
-    char *slotdes = NULL, *pslotdes = NULL;
-    char *fslotdes = NULL, *fpslotdes = NULL;
-    char *minPW = NULL;
-    index = pk11_argStrip(param);
-
-    PORT_Memset(parsed, 0, sizeof(pk11_parameters));
-
-    while (*index) {
-	PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configDir=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->man,"manufacturerID=",;)
-	PK11_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
-	/* constructed values, used so legacy interfaces still work */
-	PK11_HANDLE_STRING_ARG(index,certPrefix,"certPrefix=",;)
-        PK11_HANDLE_STRING_ARG(index,keyPrefix,"keyPrefix=",;)
-        PK11_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
-        PK11_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
-        PK11_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
-        PK11_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
-        PK11_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
-        PK11_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;)
-	PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;)
-
-	PK11_HANDLE_STRING_ARG(index,tmp,"flags=", 
-		if(tmp) { secmod_parseFlags(param,parsed); PORT_Free(tmp); })
-	PK11_HANDLE_STRING_ARG(index,tmp,"tokens=", 
-		if(tmp) { secmod_parseTokens(tmp,parsed); PORT_Free(tmp); })
-	PK11_HANDLE_FINAL_ARG(index)
-    }
-    if (parsed->tokens == NULL) {
-	int  count = isFIPS ? 1 : 2;
-	int  index = count-1;
-	pk11_token_parameters *tokens = NULL;
-
-	tokens = (pk11_token_parameters *) 
-			PORT_ZAlloc(count*sizeof(pk11_token_parameters));
-	if (tokens == NULL) {
-	    goto loser;
-	}
-	parsed->tokens = tokens;
-    	parsed->token_count = count;
-	tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
-	tokens[index].certPrefix = certPrefix;
-	tokens[index].keyPrefix = keyPrefix;
-	tokens[index].minPW = minPW ? atoi(minPW) : 0;
-	tokens[index].readOnly = parsed->readOnly;
-	tokens[index].noCertDB = parsed->noCertDB;
-	tokens[index].noKeyDB = parsed->noCertDB;
-	tokens[index].forceOpen = parsed->forceOpen;
-	tokens[index].pwRequired = parsed->pwRequired;
-	tokens[index].optimizeSpace = parsed->optimizeSpace;
-	tokens[0].optimizeSpace = parsed->optimizeSpace;
-	certPrefix = NULL;
-	keyPrefix = NULL;
-	if (isFIPS) {
-	    tokens[index].tokdes = fslotdes;
-	    tokens[index].slotdes = fpslotdes;
-	    fslotdes = NULL;
-	    fpslotdes = NULL;
-	} else {
-	    tokens[index].tokdes = ptokdes;
-	    tokens[index].slotdes = pslotdes;
-	    tokens[0].slotID = NETSCAPE_SLOT_ID;
-	    tokens[0].tokdes = tokdes;
-	    tokens[0].slotdes = slotdes;
-	    tokens[0].noCertDB = PR_TRUE;
-	    tokens[0].noKeyDB = PR_TRUE;
-	    ptokdes = NULL;
-	    pslotdes = NULL;
-	    tokdes = NULL;
-	    slotdes = NULL;
-	}
-    }
-
-loser:
-    FREE_CLEAR(certPrefix);
-    FREE_CLEAR(keyPrefix);
-    FREE_CLEAR(tokdes);
-    FREE_CLEAR(ptokdes);
-    FREE_CLEAR(slotdes);
-    FREE_CLEAR(pslotdes);
-    FREE_CLEAR(fslotdes);
-    FREE_CLEAR(fpslotdes);
-    FREE_CLEAR(minPW);
-    return CKR_OK;
-}
-
-void
-secmod_freeParams(pk11_parameters *params)
-{
-    int i;
-
-    for (i=0; i < params->token_count; i++) {
-	FREE_CLEAR(params->tokens[i].configdir);
-	FREE_CLEAR(params->tokens[i].certPrefix);
-	FREE_CLEAR(params->tokens[i].keyPrefix);
-	FREE_CLEAR(params->tokens[i].tokdes);
-	FREE_CLEAR(params->tokens[i].slotdes);
-    }
-
-    FREE_CLEAR(params->configdir);
-    FREE_CLEAR(params->secmodName);
-    FREE_CLEAR(params->man);
-    FREE_CLEAR(params->libdes); 
-    FREE_CLEAR(params->tokens);
-}
-
-
-char *
-secmod_getSecmodName(char *param, char **appName, char **filename,PRBool *rw)
-{
-    int next;
-    char *configdir = NULL;
-    char *secmodName = NULL;
-    char *value = NULL;
-    char *save_params = param;
-    const char *lconfigdir;
-    param = pk11_argStrip(param);
-	
-
-    while (*param) {
-	PK11_HANDLE_STRING_ARG(param,configdir,"configDir=",;)
-	PK11_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
-	PK11_HANDLE_FINAL_ARG(param)
-   }
-
-   *rw = PR_TRUE;
-   if (pk11_argHasFlag("flags","readOnly",save_params) ||
-	pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
-
-   if (!secmodName || *secmodName == '\0') secmodName = PORT_Strdup(SECMOD_DB);
-   *filename = secmodName;
-
-   lconfigdir = pk11_EvaluateConfigDir(configdir, appName);
-
-   if (lconfigdir) {
-	value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName);
-   } else {
-	value = PR_smprintf("%s",secmodName);
-   }
-   if (configdir) PORT_Free(configdir);
-   return value;
-}
-
-/* Construct a database key for a given module */
-static SECStatus secmod_MakeKey(DBT *key, char * module) {
-    int len = 0;
-    char *commonName;
-
-    commonName = pk11_argGetParamValue("name",module);
-    if (commonName == NULL) {
-	commonName = pk11_argGetParamValue("library",module);
-    }
-    if (commonName == NULL) return SECFailure;
-    len = PORT_Strlen(commonName);
-    key->data = commonName;
-    key->size = len;
-    return SECSuccess;
-}
-
-/* free out constructed database key */
-static void 
-secmod_FreeKey(DBT *key) 
-{
-    if (key->data) {
-	PORT_Free(key->data);
-    }
-    key->data = NULL;
-    key->size = 0;
-}
-
-typedef struct secmodDataStr secmodData;
-typedef struct secmodSlotDataStr secmodSlotData;
-struct secmodDataStr {
-    unsigned char major;
-    unsigned char minor;
-    unsigned char nameStart[2];
-    unsigned char slotOffset[2];
-    unsigned char internal;
-    unsigned char fips;
-    unsigned char ssl[8];
-    unsigned char trustOrder[4];
-    unsigned char cipherOrder[4];
-    unsigned char reserved1;
-    unsigned char isModuleDB;
-    unsigned char isModuleDBOnly;
-    unsigned char isCritical;
-    unsigned char reserved[4];
-    unsigned char names[6];	/* enough space for the length fields */
-};
-
-struct secmodSlotDataStr {
-    unsigned char slotID[4];
-    unsigned char defaultFlags[4];
-    unsigned char timeout[4];
-    unsigned char askpw;
-    unsigned char hasRootCerts;
-    unsigned char reserved[18]; /* this makes it a round 32 bytes */
-};
-
-#define SECMOD_DB_VERSION_MAJOR 0
-#define SECMOD_DB_VERSION_MINOR 6
-#define SECMOD_DB_EXT1_VERSION_MAJOR 0
-#define SECMOD_DB_EXT1_VERSION_MINOR 6
-#define SECMOD_DB_NOUI_VERSION_MAJOR 0
-#define SECMOD_DB_NOUI_VERSION_MINOR 4
-
-#define SECMOD_PUTSHORT(dest,src) \
-	(dest)[1] = (unsigned char) ((src)&0xff); \
-	(dest)[0] = (unsigned char) (((src) >> 8) & 0xff);
-#define SECMOD_PUTLONG(dest,src) \
-	(dest)[3] = (unsigned char) ((src)&0xff); \
-	(dest)[2] = (unsigned char) (((src) >> 8) & 0xff); \
-	(dest)[1] = (unsigned char) (((src) >> 16) & 0xff); \
-	(dest)[0] = (unsigned char) (((src) >> 24) & 0xff);
-#define SECMOD_GETSHORT(src) \
-	((unsigned short) (((src)[0] << 8) | (src)[1]))
-#define SECMOD_GETLONG(src) \
-	((unsigned long) (( (unsigned long) (src)[0] << 24) | \
-			( (unsigned long) (src)[1] << 16)  | \
-			( (unsigned long) (src)[2] << 8) | \
-			(unsigned long) (src)[3]))
-
-/*
- * build a data base entry from a module 
- */
-static SECStatus 
-secmod_EncodeData(DBT *data, char * module) 
-{
-    secmodData *encoded = NULL;
-    secmodSlotData *slot;
-    unsigned char *dataPtr;
-    unsigned short len, len2 = 0, len3 = 0;
-    int count = 0;
-    unsigned short offset;
-    int dataLen, i;
-    unsigned long order;
-    unsigned long  ssl[2];
-    char *commonName = NULL , *dllName = NULL, *param = NULL, *nss = NULL;
-    char *slotParams, *ciphers;
-    PK11PreSlotInfo *slotInfo = NULL;
-    SECStatus rv = SECFailure;
-
-    rv = pk11_argParseModuleSpec(module,&dllName,&commonName,&param,&nss);
-    if (rv != SECSuccess) return rv;
-    rv = SECFailure;
-
-    if (commonName == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    len = PORT_Strlen(commonName);
-    if (dllName) {
-    	len2 = PORT_Strlen(dllName);
-    }
-    if (param) {
-	len3 = PORT_Strlen(param);
-    }
-
-    slotParams = pk11_argGetParamValue("slotParams",nss); 
-    slotInfo = pk11_argParseSlotInfo(NULL,slotParams,&count);
-    if (slotParams) PORT_Free(slotParams);
-
-    if (count && slotInfo == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    dataLen = sizeof(secmodData) + len + len2 + len3 + sizeof(unsigned short) +
-				 count*sizeof(secmodSlotData);
-
-    data->data = (unsigned char *) PORT_ZAlloc(dataLen);
-    encoded = (secmodData *)data->data;
-    dataPtr = (unsigned char *) data->data;
-    data->size = dataLen;
-
-    if (encoded == NULL) {
-	/* set error */
-	goto loser;
-    }
-
-    encoded->major = SECMOD_DB_VERSION_MAJOR;
-    encoded->minor = SECMOD_DB_VERSION_MINOR;
-    encoded->internal = (unsigned char) 
-			(pk11_argHasFlag("flags","internal",nss) ? 1 : 0);
-    encoded->fips = (unsigned char) 
-			(pk11_argHasFlag("flags","FIPS",nss) ? 1 : 0);
-    encoded->isModuleDB = (unsigned char) 
-			(pk11_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
-    encoded->isModuleDBOnly = (unsigned char) 
-			(pk11_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
-    encoded->isCritical = (unsigned char) 
-			(pk11_argHasFlag("flags","critical",nss) ? 1 : 0);
-
-    order = pk11_argReadLong("trustOrder",nss, PK11_DEFAULT_TRUST_ORDER, NULL);
-    SECMOD_PUTLONG(encoded->trustOrder,order);
-    order = pk11_argReadLong("cipherOrder",nss,PK11_DEFAULT_CIPHER_ORDER,NULL);
-    SECMOD_PUTLONG(encoded->cipherOrder,order);
-
-   
-    ciphers = pk11_argGetParamValue("ciphers",nss); 
-    pk11_argSetNewCipherFlags(&ssl[0], ciphers);
-    SECMOD_PUTLONG(encoded->ssl,ssl[0]);
-    SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]);
-
-    offset = (unsigned short) &(((secmodData *)0)->names[0]);
-    SECMOD_PUTSHORT(encoded->nameStart,offset);
-    offset = offset + len + len2 + len3 + 3*sizeof(unsigned short);
-    SECMOD_PUTSHORT(encoded->slotOffset,offset);
-
-
-    SECMOD_PUTSHORT(&dataPtr[offset],((unsigned short)count));
-    slot = (secmodSlotData *)(dataPtr+offset+sizeof(unsigned short));
-
-    offset = 0;
-    SECMOD_PUTSHORT(encoded->names,len);
-    offset += sizeof(unsigned short);
-    PORT_Memcpy(&encoded->names[offset],commonName,len);
-    offset += len;
-
-
-    SECMOD_PUTSHORT(&encoded->names[offset],len2);
-    offset += sizeof(unsigned short);
-    if (len2) PORT_Memcpy(&encoded->names[offset],dllName,len2);
-    offset += len2;
-
-    SECMOD_PUTSHORT(&encoded->names[offset],len3);
-    offset += sizeof(unsigned short);
-    if (len3) PORT_Memcpy(&encoded->names[offset],param,len3);
-    offset += len3;
-
-    if (count) {
-	for (i=0; i < count; i++) {
-	    SECMOD_PUTLONG(slot[i].slotID, slotInfo[i].slotID);
-	    SECMOD_PUTLONG(slot[i].defaultFlags,
-					slotInfo[i].defaultFlags);
-	    SECMOD_PUTLONG(slot[i].timeout,slotInfo[i].timeout);
-	    slot[i].askpw = slotInfo[i].askpw;
-	    slot[i].hasRootCerts = slotInfo[i].hasRootCerts;
-	    PORT_Memset(slot[i].reserved, 0, sizeof(slot[i].reserved));
-	}
-    }
-    rv = SECSuccess;
-
-loser:
-    if (commonName) PORT_Free(commonName);
-    if (dllName) PORT_Free(dllName);
-    if (param) PORT_Free(param);
-    if (slotInfo) PORT_Free(slotInfo);
-    return rv;
-
-}
-
-static void 
-secmod_FreeData(DBT *data)
-{
-    if (data->data) {
-	PORT_Free(data->data);
-    }
-}
-
-/*
- * build a module from the data base entry.
- */
-static char *
-secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
-{
-    secmodData *encoded;
-    secmodSlotData *slots;
-    char *commonName = NULL,*dllName = NULL,*parameters = NULL;
-    unsigned char *names;
-    unsigned short len;
-    unsigned long slotCount;
-    unsigned short offset;
-    PRBool isOldVersion  = PR_FALSE;
-    PRBool internal, isFIPS, isModuleDB=PR_FALSE, isModuleDBOnly=PR_FALSE;
-    PRBool extended=PR_FALSE;
-    PRBool hasRootCerts=PR_FALSE,hasRootTrust=PR_FALSE;
-    unsigned long trustOrder=PK11_DEFAULT_TRUST_ORDER, 
-				cipherOrder=PK11_DEFAULT_CIPHER_ORDER;
-    unsigned long ssl0=0, ssl1=0;
-    char **slotStrings = NULL;
-    unsigned long slotID,defaultFlags,timeout;
-    char *nss,*moduleSpec;
-    int i;
-
-    PLArenaPool *arena;
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (arena == NULL) return NULL;
-
-    encoded = (secmodData *)data->data;
-    names = (unsigned char *)data->data;
-    offset = SECMOD_GETSHORT(encoded->slotOffset);
-    slots = (secmodSlotData *) (names + offset + 2);
-    slotCount = SECMOD_GETSHORT(names + offset);
-    names += SECMOD_GETSHORT(encoded->nameStart);
-
-    * retInternal = internal = (encoded->internal != 0) ? PR_TRUE: PR_FALSE;
-    isFIPS = (encoded->fips != 0) ? PR_TRUE: PR_FALSE;
-    len = SECMOD_GETSHORT(names);
-
-    if (internal && (encoded->major == SECMOD_DB_NOUI_VERSION_MAJOR) &&
- 	(encoded->minor <= SECMOD_DB_NOUI_VERSION_MINOR)) {
-	isOldVersion = PR_TRUE;
-    }
-
-    if ((encoded->major == SECMOD_DB_EXT1_VERSION_MAJOR) &&
-	(encoded->minor >= SECMOD_DB_EXT1_VERSION_MINOR)) {
-	trustOrder = SECMOD_GETLONG(encoded->trustOrder);
-	cipherOrder = SECMOD_GETLONG(encoded->cipherOrder);
-	isModuleDB = (encoded->isModuleDB != 0) ? PR_TRUE: PR_FALSE;
-	isModuleDBOnly = (encoded->isModuleDBOnly != 0) ? PR_TRUE: PR_FALSE;
-	extended = PR_TRUE;
-    } 
-
-    if (internal && !extended) {
-	trustOrder = 0;
-	cipherOrder = 100;
-    }
-
-    /* decode the common name */
-    commonName = (char*)PORT_ArenaAlloc(arena,len+1);
-    if (commonName == NULL) {
-	PORT_FreeArena(arena,PR_TRUE);
-	return NULL;
-    }
-    PORT_Memcpy(commonName,&names[2],len);
-    commonName[len] = 0;
-
-    /* decode the DLL name */
-    names += len+2;
-    len = SECMOD_GETSHORT(names);
-    if (len) {
-	dllName = (char*)PORT_ArenaAlloc(arena,len + 1);
-	if (dllName == NULL) {
-	    PORT_FreeArena(arena,PR_TRUE);
-	    return NULL;
-	}
-	PORT_Memcpy(dllName,&names[2],len);
-	dllName[len] = 0;
-    }
-    if (!internal && extended) {
-	names += len+2;
-	len = SECMOD_GETSHORT(names);
-	if (len) {
-	    parameters = (char*)PORT_ArenaAlloc(arena,len + 1);
-	    if (parameters == NULL) {
-		PORT_FreeArena(arena,PR_TRUE);
-		return NULL;
-	    }
-	    PORT_Memcpy(parameters,&names[2],len);
-	    parameters[len] = 0;
-	}
-    }
-    if (internal) {
-	parameters = PORT_ArenaStrdup(arena,defParams);
-    }
-
-    /* decode SSL cipher enable flags */
-    ssl0 = SECMOD_GETLONG(encoded->ssl);
-    ssl1 = SECMOD_GETLONG(&encoded->ssl[4]);
-
-    /*  slotCount; */
-    slotStrings = (char **)PORT_ArenaAlloc(arena, slotCount * sizeof(char *));
-    for (i=0; i < (int) slotCount; i++) {
-	slotID = SECMOD_GETLONG(slots[i].slotID);
-	defaultFlags = SECMOD_GETLONG(slots[i].defaultFlags);
-	if (isOldVersion && internal && (slotID != 2)) {
-		unsigned long internalFlags=
-			pk11_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
-		defaultFlags |= internalFlags;
-	}
-	timeout = SECMOD_GETLONG(slots[i].timeout);
-	hasRootCerts = slots[i].hasRootCerts;
-	if (hasRootCerts && !extended) {
-	    trustOrder = 100;
-	}
-
-	slotStrings[i] = pk11_mkSlotString(slotID, defaultFlags, timeout, 
-	                                   (unsigned char)slots[i].askpw, 
-	                                   (unsigned char)hasRootCerts, 
-	                                   (unsigned char)hasRootTrust);
-    }
-
-    nss = pk11_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB, 
-	isModuleDBOnly, internal, trustOrder, cipherOrder, ssl0, ssl1);
-    moduleSpec = pk11_mkNewModuleSpec(dllName,commonName,parameters,nss);
-    PR_smprintf_free(nss);
-    PORT_FreeArena(arena,PR_TRUE);
-
-    return (moduleSpec);
-}
-
-
-
-static DB *
-secmod_OpenDB(const char *appName, const char *filename, const char *dbName, 
-				PRBool readOnly, PRBool update)
-{
-    DB *pkcs11db = NULL;
-
-
-    if (appName) {
-	char *secname = PORT_Strdup(filename);
-	int len = strlen(secname);
-
-	if (len >= 3 && PORT_Strcmp(&secname[len-3],".db") == 0) {
-	   secname[len-3] = 0;
-	}
-    	pkcs11db=rdbopen(appName, "", secname, readOnly ? NO_RDONLY:NO_CREATE);
-	if (update && !pkcs11db) {
-	    DB *updatedb;
-
-    	    pkcs11db = rdbopen(appName, "", secname, NO_CREATE);
-	    if (!pkcs11db) {
-		PORT_Free(secname);
-		return NULL;
-	    }
-	    updatedb = dbopen(dbName, NO_RDONLY, 0600, DB_HASH, 0);
-	    if (updatedb) {
-		db_Copy(pkcs11db,updatedb);
-		(*updatedb->close)(updatedb);
-	    } else {
-		(*pkcs11db->close)(pkcs11db);
-		PORT_Free(secname);
-		return NULL;
-	   }
-	}
-	PORT_Free(secname);
-	return pkcs11db;
-    }
-  
-    /* I'm sure we should do more checks here sometime... */
-    pkcs11db = dbopen(dbName, readOnly ? NO_RDONLY : NO_RDWR, 0600, DB_HASH, 0);
-
-    /* didn't exist? create it */
-    if (pkcs11db == NULL) {
-	 if (readOnly) 
-	     return NULL;
-
-	 pkcs11db = dbopen( dbName, NO_CREATE, 0600, DB_HASH, 0 );
-	 if (pkcs11db) 
-	     (* pkcs11db->sync)(pkcs11db, 0);
-    }
-    return pkcs11db;
-}
-
-static void 
-secmod_CloseDB(DB *pkcs11db) 
-{
-     (*pkcs11db->close)(pkcs11db);
-}
-
-static char *
-secmod_addEscape(const char *string, char quote)
-{
-    char *newString = 0;
-    int escapes = 0, size = 0;
-    const char *src;
-    char *dest;
-
-    for (src=string; *src ; src++) {
-	if ((*src == quote) || (*src == '\\')) escapes++;
-	size++;
-    }
-
-    newString = PORT_ZAlloc(escapes+size+1); 
-    if (newString == NULL) {
-	return NULL;
-    }
-
-    for (src=string, dest=newString; *src; src++,dest++) {
-	if ((*src == '\\') || (*src == quote)) {
-	    *dest++ = '\\';
-	}
-	*dest = *src;
-    }
-
-    return newString;
-}
-
-#define SECMOD_STEP 10
-#define PK11_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={%s askpw=any timeout=30})\""
-/*
- * Read all the existing modules in
- */
-char **
-secmod_ReadPermDB(const char *appName, const char *filename,
-				const char *dbname, char *params, PRBool rw)
-{
-    DBT key,data;
-    int ret;
-    DB *pkcs11db = NULL;
-    char **moduleList = NULL;
-    int moduleCount = 1;
-    int useCount = SECMOD_STEP;
-
-    moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
-    if (moduleList == NULL) return NULL;
-
-    pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_TRUE,rw);
-    if (pkcs11db == NULL) goto done;
-
-    /* read and parse the file or data base */
-    ret = (*pkcs11db->seq)(pkcs11db, &key, &data, R_FIRST);
-    if (ret)  goto done;
-
-
-    do {
-	char *moduleString;
-	PRBool internal = PR_FALSE;
-	if ((moduleCount+1) >= useCount) {
-	    useCount += SECMOD_STEP;
-	    moduleList = 
-		(char **)PORT_Realloc(moduleList,useCount*sizeof(char *));
-	    if (moduleList == NULL) goto done;
-	    PORT_Memset(&moduleList[moduleCount+1],0,
-						sizeof(char *)*SECMOD_STEP);
-	}
-	moduleString = secmod_DecodeData(params,&data,&internal);
-	if (internal) {
-	    moduleList[0] = moduleString;
-	} else {
-	    moduleList[moduleCount] = moduleString;
-	    moduleCount++;
-	}
-    } while ( (*pkcs11db->seq)(pkcs11db, &key, &data, R_NEXT) == 0);
-
-done:
-    if (!moduleList[0]) {
-	char * newparams = secmod_addEscape(params,'"');
-	if (newparams) {
-	    moduleList[0] = PR_smprintf(PK11_DEFAULT_INTERNAL_INIT,newparams,
-						SECMOD_SLOT_FLAGS);
-	    PORT_Free(newparams);
-	}
-    }
-    /* deal with trust cert db here */
-
-    if (pkcs11db) {
-	secmod_CloseDB(pkcs11db);
-    } else {
-	secmod_AddPermDB(appName,filename,dbname,moduleList[0], rw) ;
-    }
-    return moduleList;
-}
-
-SECStatus
-secmod_ReleasePermDBData(const char *appName, const char *filename, 
-			const char *dbname, char **moduleSpecList, PRBool rw)
-{
-    char **index;
-    for(index = moduleSpecList; *index; index++) {
-	PR_smprintf_free(*index);
-    }
-    PORT_Free(moduleSpecList);
-    return SECSuccess;
-}
-
-/*
- * Delete a module from the Data Base
- */
-SECStatus
-secmod_DeletePermDB(const char *appName, const char *filename, 
-			const char *dbname, char *args, PRBool rw)
-{
-    DBT key;
-    SECStatus rv = SECFailure;
-    DB *pkcs11db = NULL;
-    int ret;
-
-    if (!rw) return SECFailure;
-
-    /* make sure we have a db handle */
-    pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE,PR_FALSE);
-    if (pkcs11db == NULL) {
-	return SECFailure;
-    }
-
-    rv = secmod_MakeKey(&key,args);
-    if (rv != SECSuccess) goto done;
-    rv = SECFailure;
-    ret = (*pkcs11db->del)(pkcs11db, &key, 0);
-    secmod_FreeKey(&key);
-    if (ret != 0) goto done;
-
-
-    ret = (*pkcs11db->sync)(pkcs11db, 0);
-    if (ret == 0) rv = SECSuccess;
-
-done:
-    secmod_CloseDB(pkcs11db);
-    return rv;
-}
-
-/*
- * Add a module to the Data base 
- */
-SECStatus
-secmod_AddPermDB(const char *appName, const char *filename, 
-			const char *dbname, char *module, PRBool rw)
-{
-    DBT key,data;
-    SECStatus rv = SECFailure;
-    DB *pkcs11db = NULL;
-    int ret;
-
-
-    if (!rw) return SECFailure;
-
-    /* make sure we have a db handle */
-    pkcs11db = secmod_OpenDB(appName,filename,dbname,PR_FALSE,PR_FALSE);
-    if (pkcs11db == NULL) {
-	return SECFailure;
-    }
-
-    rv = secmod_MakeKey(&key,module);
-    if (rv != SECSuccess) goto done;
-    rv = secmod_EncodeData(&data,module);
-    if (rv != SECSuccess) {
-	secmod_FreeKey(&key);
-	goto done;
-    }
-    rv = SECFailure;
-    ret = (*pkcs11db->put)(pkcs11db, &key, &data, 0);
-    secmod_FreeKey(&key);
-    secmod_FreeData(&data);
-    if (ret != 0) goto done;
-
-    ret = (*pkcs11db->sync)(pkcs11db, 0);
-    if (ret == 0) rv = SECSuccess;
-
-done:
-    secmod_CloseDB(pkcs11db);
-    return rv;
-}
diff --git a/security/nss/lib/softoken/pk11pars.h b/security/nss/lib/softoken/pk11pars.h
deleted file mode 100644
index 309313f66..000000000
--- a/security/nss/lib/softoken/pk11pars.h
+++ /dev/null
@@ -1,852 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-
-/*
- * this header file contains routines for parsing PKCS #11 module spec
- * strings. It contains 'C' code and should only be included in one module.
- * Currently it is included in both softoken and the wrapper.
- */
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "prprf.h"
-#include "secmodt.h"
-#include "pk11init.h"
-
-#define PK11_ARG_LIBRARY_PARAMETER "library="
-#define PK11_ARG_NAME_PARAMETER "name="
-#define PK11_ARG_MODULE_PARAMETER "parameters="
-#define PK11_ARG_NSS_PARAMETER "NSS="
-#define PK11_ARG_FORTEZZA_FLAG "FORTEZZA"
-#define PK11_ARG_ESCAPE '\\'
-
-struct pk11argSlotFlagTable {
-    char *name;
-    int len;
-    unsigned long value;
-};
-
-#define PK11_DEFAULT_CIPHER_ORDER 0
-#define PK11_DEFAULT_TRUST_ORDER 50
-
-
-#define PK11_ARG_ENTRY(arg,flag) \
-{ #arg , sizeof(#arg)-1, flag }
-static struct pk11argSlotFlagTable pk11_argSlotFlagTable[] = {
-	PK11_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
-	PK11_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
-	PK11_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
-	PK11_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
-	PK11_ARG_ENTRY(DES,SECMOD_DES_FLAG),
-	PK11_ARG_ENTRY(DH,SECMOD_DH_FLAG),
-	PK11_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
-	PK11_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
-	PK11_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
-	PK11_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
-	PK11_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
-	PK11_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
-	PK11_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
-	PK11_ARG_ENTRY(AES,SECMOD_AES_FLAG),
-	PK11_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
-	PK11_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
-};
-
-#define PK11_HANDLE_STRING_ARG(param,target,value,command) \
-    if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
-	param += sizeof(value)-1; \
-	target = pk11_argFetchValue(param,&next); \
-	param += next; \
-	command ;\
-    } else  
-
-#define PK11_HANDLE_FINAL_ARG(param) \
-    { param = pk11_argSkipParameter(param); } param = pk11_argStrip(param);
-	
-
-static int pk11_argSlotFlagTableSize = 
-	sizeof(pk11_argSlotFlagTable)/sizeof(pk11_argSlotFlagTable[0]);
-
-
-static PRBool pk11_argGetPair(char c) {
-    switch (c) {
-    case '\'': return c;
-    case '\"': return c;
-    case '<': return '>';
-    case '{': return '}';
-    case '[': return ']';
-    case '(': return ')';
-    default: break;
-    }
-    return ' ';
-}
-
-static PRBool pk11_argIsBlank(char c) {
-   return isspace(c);
-}
-
-static PRBool pk11_argIsEscape(char c) {
-    return c == '\\';
-}
-
-static PRBool pk11_argIsQuote(char c) {
-    switch (c) {
-    case '\'':
-    case '\"':
-    case '<':
-    case '{': /* } end curly to keep vi bracket matching working */
-    case '(': /* ) */
-    case '[': /* ] */ return PR_TRUE;
-    default: break;
-    }
-    return PR_FALSE;
-}
-
-static PRBool pk11_argHasChar(char *v, char c)
-{
-   for ( ;*v; v++) {
-	if (*v == c) return PR_TRUE;
-   }
-   return PR_FALSE;
-}
-
-static PRBool pk11_argHasBlanks(char *v)
-{
-   for ( ;*v; v++) {
-	if (pk11_argIsBlank(*v)) return PR_TRUE;
-   }
-   return PR_FALSE;
-}
-
-static char *pk11_argStrip(char *c) {
-   while (*c && pk11_argIsBlank(*c)) c++;
-   return c;
-}
-
-static char *
-pk11_argFindEnd(char *string) {
-    char endChar = ' ';
-    PRBool lastEscape = PR_FALSE;
-
-    if (pk11_argIsQuote(*string)) {
-	endChar = pk11_argGetPair(*string);
-	string++;
-    }
-
-    for (;*string; string++) {
-	if (lastEscape) {
-	    lastEscape = PR_FALSE;
-	    continue;
-	}
-	if (pk11_argIsEscape(*string) && !lastEscape) {
-	    lastEscape = PR_TRUE;
-	    continue;
-	} 
-	if ((endChar == ' ') && pk11_argIsBlank(*string)) break;
-	if (*string == endChar) {
-	    break;
-	}
-    }
-
-    return string;
-}
-
-static char *
-pk11_argFetchValue(char *string, int *pcount)
-{
-    char *end = pk11_argFindEnd(string);
-    char *retString, *copyString;
-    PRBool lastEscape = PR_FALSE;
-
-    *pcount = (end - string)+1;
-
-    if (*pcount == 0) return NULL;
-
-    copyString = retString = (char *)PORT_Alloc(*pcount);
-    if (retString == NULL) return NULL;
-
-    if (pk11_argIsQuote(*string)) string++;
-    for (; string < end; string++) {
-	if (pk11_argIsEscape(*string) && !lastEscape) {
-	    lastEscape = PR_TRUE;
-	    continue;
-	}
-	lastEscape = PR_FALSE;
-	*copyString++ = *string;
-    }
-    *copyString = 0;
-    return retString;
-}
-
-static char *
-pk11_argSkipParameter(char *string) 
-{
-     char *end;
-     /* look for the end of the <name>= */
-     for (;*string; string++) {
-	if (*string == '=') { string++; break; }
-	if (pk11_argIsBlank(*string)) return(string); 
-     }
-
-     end = pk11_argFindEnd(string);
-     if (*end) end++;
-     return end;
-}
-
-
-static SECStatus
-pk11_argParseModuleSpec(char *modulespec, char **lib, char **mod, 
-					char **parameters, char **nss)
-{
-    int next;
-    modulespec = pk11_argStrip(modulespec);
-
-    *lib = *mod = *parameters = 0;
-
-    while (*modulespec) {
-	PK11_HANDLE_STRING_ARG(modulespec,*lib,PK11_ARG_LIBRARY_PARAMETER,;)
-	PK11_HANDLE_STRING_ARG(modulespec,*mod,PK11_ARG_NAME_PARAMETER,;)
-	PK11_HANDLE_STRING_ARG(modulespec,*parameters,
-						PK11_ARG_MODULE_PARAMETER,;)
-	PK11_HANDLE_STRING_ARG(modulespec,*nss,PK11_ARG_NSS_PARAMETER,;)
-	PK11_HANDLE_FINAL_ARG(modulespec)
-   }
-   return SECSuccess;
-}
-
-
-static char *
-pk11_argGetParamValue(char *paramName,char *parameters)
-{
-    char searchValue[256];
-    int paramLen = strlen(paramName);
-    char *returnValue = NULL;
-    int next;
-
-    if ((parameters == NULL) || (*parameters == 0)) return NULL;
-
-    PORT_Assert(paramLen+2 < sizeof(searchValue));
-
-    PORT_Strcpy(searchValue,paramName);
-    PORT_Strcat(searchValue,"=");
-    while (*parameters) {
-	if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
-	    parameters += paramLen+1;
-	    returnValue = pk11_argFetchValue(parameters,&next);
-	    break;
-	} else {
-	    parameters = pk11_argSkipParameter(parameters);
-	}
-	parameters = pk11_argStrip(parameters);
-   }
-   return returnValue;
-}
-    
-
-static char *
-pk11_argNextFlag(char *flags)
-{
-    for (; *flags ; flags++) {
-	if (*flags == ',') {
-	    flags++;
-	    break;
-	}
-    }
-    return flags;
-}
-
-static PRBool
-pk11_argHasFlag(char *label, char *flag, char *parameters)
-{
-    char *flags,*index;
-    int len = strlen(flag);
-    PRBool found = PR_FALSE;
-
-    flags = pk11_argGetParamValue(label,parameters);
-    if (flags == NULL) return PR_FALSE;
-
-    for (index=flags; *index; index=pk11_argNextFlag(index)) {
-	if (PORT_Strncasecmp(index,flag,len) == 0) {
-	    found=PR_TRUE;
-	    break;
-	}
-    }
-    PORT_Free(flags);
-    return found;
-}
-
-static void
-pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
-{
-    newCiphers[0] = newCiphers[1] = 0;
-    if ((cipherList == NULL) || (*cipherList == 0)) return;
-
-    for (;*cipherList; cipherList=pk11_argNextFlag(cipherList)) {
-	if (PORT_Strncasecmp(cipherList,PK11_ARG_FORTEZZA_FLAG,
-				sizeof(PK11_ARG_FORTEZZA_FLAG)-1) == 0) {
-	    newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
-	} 
-
-	/* add additional flags here as necessary */
-	/* direct bit mapping escape */
-	if (*cipherList == 0) {
-	   if (cipherList[1] == 'l') {
-		newCiphers[1] |= atoi(&cipherList[2]);
-	   } else {
-		newCiphers[0] |= atoi(&cipherList[2]);
-	   }
-	}
-    }
-}
-
-
-/*
- * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
- */
-static long
-pk11_argDecodeNumber(char *num)
-{
-    int	radix = 10;
-    unsigned long value = 0;
-    long retValue = 0;
-    int sign = 1;
-    int digit;
-
-    if (num == NULL) return retValue;
-
-    num = pk11_argStrip(num);
-
-    if (*num == '-') {
-	sign = -1;
-	num++;
-    }
-
-    if (*num == '0') {
-	radix = 8;
-	num++;
-	if ((*num == 'x') || (*num == 'X')) {
-	    radix = 16;
-	    num++;
-	}
-    }
-
-   
-    for ( ;*num; num++ ) {
-	if (isdigit(*num)) {
-	    digit = *num - '0';
-	} else if ((*num >= 'a') && (*num <= 'f'))  {
-	    digit = *num - 'a' + 10;
-	} else if ((*num >= 'A') && (*num <= 'F'))  {
-	    digit = *num - 'A' + 10;
-	} else {
-	    break;
-	}
-	if (digit >= radix) break;
-	value = value*radix + digit;
-    }
-
-    retValue = ((int) value) * sign;
-    return retValue;
-}
-
-static long
-pk11_argReadLong(char *label,char *params, long defValue, PRBool *isdefault)
-{
-    char *value;
-    long retValue;
-    if (isdefault) *isdefault = PR_FALSE; 
-
-    value = pk11_argGetParamValue(label,params);
-    if (value == NULL) {
-	if (isdefault) *isdefault = PR_TRUE;
-	return defValue;
-    }
-    retValue = pk11_argDecodeNumber(value);
-    if (value) PORT_Free(value);
-
-    return retValue;
-}
-
-
-static unsigned long
-pk11_argSlotFlags(char *label,char *params)
-{
-    char *flags,*index;
-    unsigned long retValue = 0;
-    int i;
-    PRBool all = PR_FALSE;
-
-    flags = pk11_argGetParamValue(label,params);
-    if (flags == NULL) return 0;
-
-    if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
-
-    for (index=flags; *index; index=pk11_argNextFlag(index)) {
-	for (i=0; i < pk11_argSlotFlagTableSize; i++) {
-	    if (all || (PORT_Strncasecmp(index, pk11_argSlotFlagTable[i].name,
-				pk11_argSlotFlagTable[i].len) == 0)) {
-		retValue |= pk11_argSlotFlagTable[i].value;
-	    }
-	}
-    }
-    PORT_Free(flags);
-    return retValue;
-}
-
-
-static void
-pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
-{
-    char *askpw;
-
-    slotInfo->slotID=pk11_argDecodeNumber(name);
-    slotInfo->defaultFlags=pk11_argSlotFlags("slotFlags",params);
-    slotInfo->timeout=pk11_argReadLong("timeout",params, 0, NULL);
-
-    askpw = pk11_argGetParamValue("askpw",params);
-    slotInfo->askpw = 0;
-
-    if (askpw) {
-	if (PORT_Strcasecmp(askpw,"every") == 0) {
-    	    slotInfo->askpw = -1;
-	} else if (PORT_Strcasecmp(askpw,"timeout") == 0) {
-    	    slotInfo->askpw = 1;
-	} 
-	PORT_Free(askpw);
-	slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
-    }
-    slotInfo->hasRootCerts = pk11_argHasFlag("rootFlags","hasRootCerts",params);
-    slotInfo->hasRootTrust = pk11_argHasFlag("rootFlags","hasRootTrust",params);
-}
-
-static char *
-pk11_argGetName(char *inString, int *next) 
-{
-    char *name=NULL;
-    char *string;
-    int len;
-
-    /* look for the end of the <name>= */
-    for (string = inString;*string; string++) {
-	if (*string == '=') { break; }
-	if (pk11_argIsBlank(*string)) break;
-    }
-
-    len = string - inString;
-
-    *next = len; 
-    if (*string == '=') (*next) += 1;
-    if (len > 0) {
-	name = PORT_Alloc(len+1);
-	PORT_Strncpy(name,inString,len);
-	name[len] = 0;
-    }
-    return name;
-}
-
-static PK11PreSlotInfo *
-pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
-{
-    char *slotIndex;
-    PK11PreSlotInfo *slotInfo = NULL;
-    int i=0,count = 0,next;
-
-    *retCount = 0;
-    if ((slotParams == NULL) || (*slotParams == 0))  return NULL;
-
-    /* first count the number of slots */
-    for (slotIndex = pk11_argStrip(slotParams); *slotIndex; 
-		slotIndex = pk11_argStrip(pk11_argSkipParameter(slotIndex))) {
-	count++;
-    }
-
-    /* get the data structures */
-    if (arena) {
-	slotInfo = (PK11PreSlotInfo *) 
-			PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo));
-	PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo));
-    } else {
-	slotInfo = (PK11PreSlotInfo *) 
-			PORT_ZAlloc(count*sizeof(PK11PreSlotInfo));
-    }
-    if (slotInfo == NULL) return NULL;
-
-    for (slotIndex = pk11_argStrip(slotParams), i = 0; 
-					*slotIndex && i < count ; ) {
-	char *name;
-	name = pk11_argGetName(slotIndex,&next);
-	slotIndex += next;
-
-	if (!pk11_argIsBlank(*slotIndex)) {
-	    char *args = pk11_argFetchValue(slotIndex,&next);
-	    slotIndex += next;
-	    if (args) {
-		pk11_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
-		i++;
-		PORT_Free(args);
-	    }
-	}
-	if (name) PORT_Free(name);
-	slotIndex = pk11_argStrip(slotIndex);
-    }
-    *retCount = i;
-    return slotInfo;
-}
-
-static char *pk11_nullString = "";
-
-static char *
-pk11_formatValue(PRArenaPool *arena, char *value, char quote)
-{
-    char *vp,*vp2,*retval;
-    int size = 0, escapes = 0;
-
-    for (vp=value; *vp ;vp++) {
-	if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) escapes++;
-	size++;
-    }
-    if (arena) {
-	retval = PORT_ArenaZAlloc(arena,size+escapes+1);
-    } else {
-	retval = PORT_ZAlloc(size+escapes+1);
-    }
-    if (retval == NULL) return NULL;
-    vp2 = retval;
-    for (vp=value; *vp; vp++) {
-	if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) 
-				*vp2++ = PK11_ARG_ESCAPE;
-	*vp2++ = *vp;
-    }
-    return retval;
-}
-    
-static char *pk11_formatPair(char *name,char *value, char quote)
-{
-    char openQuote = quote;
-    char closeQuote = pk11_argGetPair(quote);
-    char *newValue = NULL;
-    char *returnValue;
-    PRBool need_quote = PR_FALSE;
-
-    if (!value || (*value == 0)) return pk11_nullString;
-
-    if (pk11_argHasBlanks(value) || pk11_argIsQuote(value[0]))
-							 need_quote=PR_TRUE;
-
-    if ((need_quote && pk11_argHasChar(value,closeQuote))
-				 || pk11_argHasChar(value,PK11_ARG_ESCAPE)) {
-	value = newValue = pk11_formatValue(NULL, value,quote);
-	if (newValue == NULL) return pk11_nullString;
-    }
-    if (need_quote) {
-    	returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
-    } else {
-    	returnValue = PR_smprintf("%s=%s",name,value);
-    }
-    if (returnValue == NULL) returnValue = pk11_nullString;
-
-    if (newValue) PORT_Free(newValue);
-
-    return returnValue;
-}
-
-static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long def)
-{
-    char *returnValue;
-
-    if (value == def) return pk11_nullString;
-
-    returnValue = PR_smprintf("%s=%d",name,value);
-
-    return returnValue;
-}
-
-static void
-pk11_freePair(char *pair)
-{
-    if (pair && pair != pk11_nullString) {
-	PR_smprintf_free(pair);
-    }
-}
-
-#define MAX_FLAG_SIZE  sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
-				sizeof("moduleDBOnly")+sizeof("critical")
-static char *
-pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
-		PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
-{
-    char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
-    PRBool first = PR_TRUE;
-
-    PORT_Memset(flags,0,MAX_FLAG_SIZE);
-    if (internal) {
-	PORT_Strcat(flags,"internal");
-	first = PR_FALSE;
-    }
-    if (isFIPS) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"FIPS");
-	first = PR_FALSE;
-    }
-    if (isModuleDB) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"moduleDB");
-	first = PR_FALSE;
-    }
-    if (isModuleDBOnly) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"moduleDBOnly");
-	first = PR_FALSE;
-    }
-    if (isCritical) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"critical");
-	first = PR_FALSE;
-    }
-    return flags;
-}
-
-static char *
-pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
-{
-    char *cipher = NULL;
-    int i;
-
-    for (i=0; i < sizeof(ssl0)*8; i++) {
-	if (ssl0 & (1<<i)) {
-	    char *string;
-	    if ((1<<i) == SECMOD_FORTEZZA_FLAG) {
-		string = PR_smprintf("%s","FORTEZZA");
-	    } else {
-		string = PR_smprintf("0h0x%08x",1<<i);
-	    }
-	    if (cipher) {
-		char *tmp;
-		tmp = PR_smprintf("%s,%s",cipher,string);
-		PR_smprintf_free(cipher);
-		PR_smprintf_free(string);
-		tmp = cipher;
-	    } else {
-		cipher = string;
-	    }
-	}
-    }
-    for (i=0; i < sizeof(ssl0)*8; i++) {
-	if (ssl1 & (1<<i)) {
-	    if (cipher) {
-		char *tmp;
-		tmp = PR_smprintf("%s,0l0x%08",cipher,1<<i);
-		PR_smprintf_free(cipher);
-		tmp = cipher;
-	    } else {
-		cipher = PR_smprintf("0l0x%08x",1<<i);
-	    }
-	}
-    }
-
-    return cipher;
-}
-
-static char *
-pk11_mkSlotFlags(unsigned long defaultFlags)
-{
-    char *flags=NULL;
-    int i,j;
-
-    for (i=0; i < sizeof(defaultFlags)*8; i++) {
-	if (defaultFlags & (1<<i)) {
-	    char *string = NULL;
-
-	    for (j=0; j < pk11_argSlotFlagTableSize; j++) {
-		if (pk11_argSlotFlagTable[j].value == (((unsigned long)1)<<i)) {
-		    string = pk11_argSlotFlagTable[j].name;
-		    break;
-		}
-	    }
-	    if (string) {
-		if (flags) {
-		    char *tmp;
-		    tmp = PR_smprintf("%s,%s",flags,string);
-		    PR_smprintf_free(flags);
-		    flags = tmp;
-		} else {
-		    flags = PR_smprintf("%s",string);
-		}
-	    }
-	}
-    }
-
-    return flags;
-}
-
-#define PK11_MAX_ROOT_FLAG_SIZE  sizeof("hasRootCerts")+sizeof("hasRootTrust")
-
-static char *
-pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
-{
-    char *flags= (char *)PORT_ZAlloc(PK11_MAX_ROOT_FLAG_SIZE);
-    PRBool first = PR_TRUE;
-
-    PORT_Memset(flags,0,PK11_MAX_ROOT_FLAG_SIZE);
-    if (hasRootCerts) {
-	PORT_Strcat(flags,"hasRootCerts");
-	first = PR_FALSE;
-    }
-    if (hasRootTrust) {
-	if (!first) PORT_Strcat(flags,",");
-	PORT_Strcat(flags,"hasRootTrust");
-	first = PR_FALSE;
-    }
-    return flags;
-}
-
-static char *
-pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
-		  unsigned long timeout, unsigned char askpw_in,
-		  unsigned char hasRootCerts, unsigned char hasRootTrust) {
-    char *askpw,*flags,*rootFlags,*slotString;
-    char *flagPair,*rootFlagsPair;
-	
-    switch (askpw_in) {
-    case 0xff:
-	askpw = "every";
-	break;
-    case 1:
-	askpw = "timeout";
-	break;
-    default:
-	askpw = "any";
-	break;
-    }
-    flags = pk11_mkSlotFlags(defaultFlags);
-    rootFlags = pk11_mkRootFlags(hasRootCerts,hasRootTrust);
-    flagPair=pk11_formatPair("slotFlags",flags,'\'');
-    rootFlagsPair=pk11_formatPair("rootFlags",rootFlags,'\'');
-    if (flags) PR_smprintf_free(flags);
-    if (rootFlags) PORT_Free(rootFlags);
-    if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
-    	slotString = PR_smprintf("0x%08x=[%s askpw=%s timeout=%d %s]",slotID,flagPair,askpw,timeout,rootFlagsPair);
-    } else {
-    	slotString = PR_smprintf("0x%08x=[%s %s]",slotID,flagPair,rootFlagsPair);
-    }
-    pk11_freePair(flagPair);
-    pk11_freePair(rootFlagsPair);
-    return slotString;
-}
-
-static char *
-pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
-	  PRBool isModuleDB,  PRBool isModuleDBOnly, PRBool isCritical, 
-	  unsigned long trustOrder, unsigned long cipherOrder,
-				unsigned long ssl0, unsigned long ssl1) {
-    int slotLen, i;
-    char *slotParams, *ciphers, *nss, *nssFlags, *tmp;
-    char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair;
-
-
-    /* now let's build up the string
-     * first the slot infos
-     */
-    slotLen=0;
-    for (i=0; i < (int)slotCount; i++) {
-	slotLen += PORT_Strlen(slotStrings[i])+1;
-    }
-    slotLen += 1; /* space for the final NULL */
-
-    slotParams = (char *)PORT_ZAlloc(slotLen);
-    PORT_Memset(slotParams,0,slotLen);
-    for (i=0; i < (int)slotCount; i++) {
-	PORT_Strcat(slotParams,slotStrings[i]);
-	PORT_Strcat(slotParams," ");
-	PR_smprintf_free(slotStrings[i]);
-	slotStrings[i]=NULL;
-    }
-    
-    /*
-     * now the NSS structure
-     */
-    nssFlags = pk11_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
-							isCritical); 
-	/* for now only the internal module is critical */
-    ciphers = pk11_mkCipherFlags(ssl0, ssl1);
-
-    trustOrderPair=pk11_formatIntPair("trustOrder",trustOrder,
-					PK11_DEFAULT_TRUST_ORDER);
-    cipherOrderPair=pk11_formatIntPair("cipherOrder",cipherOrder,
-					PK11_DEFAULT_CIPHER_ORDER);
-    slotPair=pk11_formatPair("slotParams",slotParams,'{'); /* } */
-    if (slotParams) PORT_Free(slotParams);
-    cipherPair=pk11_formatPair("ciphers",ciphers,'\'');
-    if (ciphers) PR_smprintf_free(ciphers);
-    flagPair=pk11_formatPair("Flags",nssFlags,'\'');
-    if (nssFlags) PORT_Free(nssFlags);
-    nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
-			cipherOrderPair,slotPair,cipherPair,flagPair);
-    pk11_freePair(trustOrderPair);
-    pk11_freePair(cipherOrderPair);
-    pk11_freePair(slotPair);
-    pk11_freePair(cipherPair);
-    pk11_freePair(flagPair);
-    tmp = pk11_argStrip(nss);
-    if (*tmp == '\0') {
-	PR_smprintf_free(nss);
-	nss = NULL;
-    }
-    return nss;
-}
-
-static char *
-pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters, 
-								char *NSS) {
-    char *moduleSpec;
-    char *lib,*name,*param,*nss;
-
-    /*
-     * now the final spec
-     */
-    lib = pk11_formatPair("library",dllName,'\"');
-    name = pk11_formatPair("name",commonName,'\"');
-    param = pk11_formatPair("parameters",parameters,'\"');
-    nss = pk11_formatPair("NSS",NSS,'\"');
-    moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
-    pk11_freePair(lib);
-    pk11_freePair(name);
-    pk11_freePair(param);
-    pk11_freePair(nss);
-    return (moduleSpec);
-}
-
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
deleted file mode 100644
index f7b2813ef..000000000
--- a/security/nss/lib/softoken/pkcs11.c
+++ /dev/null
@@ -1,4384 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *   This implementation has two slots:
- *	slot 1 is our generic crypto support. It does not require login.
- *   It supports Public Key ops, and all they bulk ciphers and hashes. 
- *   It can also support Private Key ops for imported Private keys. It does 
- *   not have any token storage.
- *	slot 2 is our private key support. It requires a login before use. It
- *   can store Private Keys and Certs as token objects. Currently only private
- *   keys and their associated Certificates are saved on the token.
- *
- *   In this implementation, session objects are only visible to the session
- *   that created or generated them.
- */
-#include "seccomon.h"
-#include "secitem.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "softoken.h"
-#include "lowkeyi.h"
-#include "blapi.h"
-#include "secder.h"
-#include "secport.h"
-#include "pcert.h"
-#include "secrng.h"
-
-#include "keydbi.h" 
-
- 
-/*
- * ******************** Static data *******************************
- */
-
-/* The next three strings must be exactly 32 characters long */
-static char *manufacturerID      = "mozilla.org                     ";
-static char manufacturerID_space[33];
-static char *libraryDescription  = "NSS Internal Crypto Services    ";
-static char libraryDescription_space[33];
-
-#define __PASTE(x,y)    x##y
-
-/*
- * we renamed all our internal functions, get the correct
- * definitions for them...
- */ 
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_EXTERN extern
-#define CK_PKCS11_FUNCTION_INFO(func) \
-		CK_RV __PASTE(NS,func)
-#define CK_NEED_ARG_LIST	1
- 
-#include "pkcs11f.h"
- 
- 
- 
-/* build the crypto module table */
-static const CK_FUNCTION_LIST pk11_funcList = {
-    { 1, 10 },
- 
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
- 
-#define CK_PKCS11_FUNCTION_INFO(func) \
-				__PASTE(NS,func),
-#include "pkcs11f.h"
- 
-};
- 
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
- 
- 
-#undef __PASTE
-
-/* List of DES Weak Keys */ 
-typedef unsigned char desKey[8];
-static const desKey  pk11_desWeakTable[] = {
-#ifdef noParity
-    /* weak */
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },
-    { 0xe0, 0xe0, 0xe0, 0xe0, 0xf0, 0xf0, 0xf0, 0xf0 },
-    { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
-    /* semi-weak */
-    { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },
-    { 0xfe, 0x00, 0xfe, 0x00, 0x00, 0xfe, 0x00, 0xfe },
-
-    { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },
-    { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
-
-    { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0x0f, 0x00, 0x0f },
-    { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
-
-    { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
-    { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
-
-    { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },
-    { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },
-
-    { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },
-    { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
-#else
-    /* weak */
-    { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
-    { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e },
-    { 0xe0, 0xe0, 0xe0, 0xe0, 0xf1, 0xf1, 0xf1, 0xf1 },
-    { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
-
-    /* semi-weak */
-    { 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe },
-    { 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01 },
-
-    { 0x1f, 0xe0, 0x1f, 0xe0, 0x0e, 0xf1, 0x0e, 0xf1 },
-    { 0xe0, 0x1f, 0xe0, 0x1f, 0xf1, 0x0e, 0xf1, 0x0e },
-
-    { 0x01, 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1 },
-    { 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1, 0x01 },
-
-    { 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
-    { 0xfe, 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e },
-
-    { 0x01, 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e },
-    { 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e, 0x01 },
-
-    { 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1, 0xfe }, 
-    { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1 }
-#endif
-};
-
-    
-static const int pk11_desWeakTableSize = sizeof(pk11_desWeakTable)/
-						sizeof(pk11_desWeakTable[0]);
-
-/* DES KEY Parity conversion table. Takes each byte/2 as an index, returns
- * that byte with the proper parity bit set */
-static const unsigned char parityTable[256] = {
-/* Even...0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e */
-/* E */   0x01,0x02,0x04,0x07,0x08,0x0b,0x0d,0x0e,
-/* Odd....0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e */
-/* O */   0x10,0x13,0x15,0x16,0x19,0x1a,0x1c,0x1f,
-/* Odd....0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e */
-/* O */   0x20,0x23,0x25,0x26,0x29,0x2a,0x2c,0x2f,
-/* Even...0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e */
-/* E */   0x31,0x32,0x34,0x37,0x38,0x3b,0x3d,0x3e,
-/* Odd....0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e */
-/* O */   0x40,0x43,0x45,0x46,0x49,0x4a,0x4c,0x4f,
-/* Even...0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e */
-/* E */   0x51,0x52,0x54,0x57,0x58,0x5b,0x5d,0x5e,
-/* Even...0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e */
-/* E */   0x61,0x62,0x64,0x67,0x68,0x6b,0x6d,0x6e,
-/* Odd....0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e */
-/* O */   0x70,0x73,0x75,0x76,0x79,0x7a,0x7c,0x7f,
-/* Odd....0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e */
-/* O */   0x80,0x83,0x85,0x86,0x89,0x8a,0x8c,0x8f,
-/* Even...0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e */
-/* E */   0x91,0x92,0x94,0x97,0x98,0x9b,0x9d,0x9e,
-/* Even...0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae */
-/* E */   0xa1,0xa2,0xa4,0xa7,0xa8,0xab,0xad,0xae,
-/* Odd....0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe */
-/* O */   0xb0,0xb3,0xb5,0xb6,0xb9,0xba,0xbc,0xbf,
-/* Even...0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce */
-/* E */   0xc1,0xc2,0xc4,0xc7,0xc8,0xcb,0xcd,0xce,
-/* Odd....0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde */
-/* O */   0xd0,0xd3,0xd5,0xd6,0xd9,0xda,0xdc,0xdf,
-/* Odd....0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee */
-/* O */   0xe0,0xe3,0xe5,0xe6,0xe9,0xea,0xec,0xef,
-/* Even...0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe */
-/* E */   0xf1,0xf2,0xf4,0xf7,0xf8,0xfb,0xfd,0xfe,
-};
-
-/* Mechanisms */
-struct mechanismList {
-    CK_MECHANISM_TYPE	type;
-    CK_MECHANISM_INFO	domestic;
-    PRBool		privkey;
-};
-
-/*
- * the following table includes a complete list of mechanism defined by
- * PKCS #11 version 2.01. Those Mechanisms not supported by this PKCS #11
- * module are ifdef'ed out.
- */
-#define CKF_EN_DE		CKF_ENCRYPT      | CKF_DECRYPT
-#define CKF_WR_UN		CKF_WRAP         | CKF_UNWRAP
-#define CKF_SN_VR		CKF_SIGN         | CKF_VERIFY
-#define CKF_SN_RE		CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER
-
-#define CKF_EN_DE_WR_UN 	CKF_EN_DE       | CKF_WR_UN
-#define CKF_SN_VR_RE		CKF_SN_VR       | CKF_SN_RE
-#define CKF_DUZ_IT_ALL		CKF_EN_DE_WR_UN | CKF_SN_VR_RE
-
-#define CK_MAX 0xffffffff
-
-static const struct mechanismList mechanisms[] = {
-
-     /*
-      * PKCS #11 Mechanism List.
-      *
-      * The first argument is the PKCS #11 Mechanism we support.
-      * The second argument is Mechanism info structure. It includes:
-      *    The minimum key size,
-      *       in bits for RSA, DSA, DH, KEA, RC2 and RC4 * algs.
-      *       in bytes for RC5, AES, and CAST*
-      *       ignored for DES*, IDEA and FORTEZZA based
-      *    The maximum key size,
-      *       in bits for RSA, DSA, DH, KEA, RC2 and RC4 * algs.
-      *       in bytes for RC5, AES, and CAST*
-      *       ignored for DES*, IDEA and FORTEZZA based
-      *     Flags
-      *	      What operations are supported by this mechanism.
-      *  The third argument is a bool which tells if this mechanism is 
-      *    supported in the database token.
-      *
-      */
-
-     /* ------------------------- RSA Operations ---------------------------*/
-     {CKM_RSA_PKCS_KEY_PAIR_GEN,{128,CK_MAX,CKF_GENERATE_KEY_PAIR},PR_TRUE},
-     {CKM_RSA_PKCS,		{128,CK_MAX,CKF_DUZ_IT_ALL},	PR_TRUE},
-#ifdef PK11_RSA9796_SUPPORTED
-     {CKM_RSA_9796,		{128,CK_MAX,CKF_DUZ_IT_ALL},	PR_TRUE}, 
-#endif
-     {CKM_RSA_X_509,		{128,CK_MAX,CKF_DUZ_IT_ALL},	PR_TRUE}, 
-     /* -------------- RSA Multipart Signing Operations -------------------- */
-     {CKM_MD2_RSA_PKCS,		{128,CK_MAX,CKF_SN_VR}, 	PR_TRUE},
-     {CKM_MD5_RSA_PKCS,		{128,CK_MAX,CKF_SN_VR}, 	PR_TRUE},
-     {CKM_SHA1_RSA_PKCS,	{128,CK_MAX,CKF_SN_VR}, 	PR_TRUE},
-     /* ------------------------- DSA Operations --------------------------- */
-     {CKM_DSA_KEY_PAIR_GEN,	{512, 1024, CKF_GENERATE_KEY_PAIR}, PR_TRUE},
-     {CKM_DSA,			{512, 1024, CKF_SN_VR},		PR_TRUE},
-     {CKM_DSA_SHA1,		{512, 1024, CKF_SN_VR},		PR_TRUE},
-     /* -------------------- Diffie Hellman Operations --------------------- */
-     /* no diffie hellman yet */
-     {CKM_DH_PKCS_KEY_PAIR_GEN,	{128, 1024, CKF_GENERATE_KEY_PAIR}, PR_TRUE}, 
-     {CKM_DH_PKCS_DERIVE,	{128, 1024, CKF_DERIVE}, 	PR_TRUE}, 
-     /* ------------------------- RC2 Operations --------------------------- */
-     {CKM_RC2_KEY_GEN,		{1, 128, CKF_GENERATE},		PR_FALSE},
-     {CKM_RC2_ECB,		{1, 128, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_RC2_CBC,		{1, 128, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_RC2_MAC,		{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_RC2_MAC_GENERAL,	{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_RC2_CBC_PAD,		{1, 128, CKF_EN_DE_WR_UN},	PR_TRUE},
-     /* ------------------------- RC4 Operations --------------------------- */
-     {CKM_RC4_KEY_GEN,		{1, 256, CKF_GENERATE},		PR_FALSE},
-     {CKM_RC4,			{1, 256, CKF_EN_DE_WR_UN},	PR_FALSE},
-     /* ------------------------- DES Operations --------------------------- */
-     {CKM_DES_KEY_GEN,		{ 8,  8, CKF_GENERATE},		PR_FALSE},
-     {CKM_DES_ECB,		{ 8,  8, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_DES_CBC,		{ 8,  8, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_DES_MAC,		{ 8,  8, CKF_SN_VR},		PR_FALSE},
-     {CKM_DES_MAC_GENERAL,	{ 8,  8, CKF_SN_VR},		PR_FALSE},
-     {CKM_DES_CBC_PAD,		{ 8,  8, CKF_EN_DE_WR_UN},	PR_TRUE},
-     {CKM_DES2_KEY_GEN,		{24, 24, CKF_GENERATE},		PR_FALSE},
-     {CKM_DES3_KEY_GEN,		{24, 24, CKF_GENERATE},		PR_TRUE },
-     {CKM_DES3_ECB,		{24, 24, CKF_EN_DE_WR_UN},	PR_TRUE },
-     {CKM_DES3_CBC,		{24, 24, CKF_EN_DE_WR_UN},	PR_TRUE },
-     {CKM_DES3_MAC,		{24, 24, CKF_SN_VR},		PR_TRUE },
-     {CKM_DES3_MAC_GENERAL,	{24, 24, CKF_SN_VR},		PR_TRUE },
-     {CKM_DES3_CBC_PAD,		{24, 24, CKF_EN_DE_WR_UN},	PR_TRUE },
-     /* ------------------------- CDMF Operations --------------------------- */
-     {CKM_CDMF_KEY_GEN,		{8,  8, CKF_GENERATE},		PR_FALSE},
-     {CKM_CDMF_ECB,		{8,  8, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_CDMF_CBC,		{8,  8, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_CDMF_MAC,		{8,  8, CKF_SN_VR},		PR_FALSE},
-     {CKM_CDMF_MAC_GENERAL,	{8,  8, CKF_SN_VR},		PR_FALSE},
-     {CKM_CDMF_CBC_PAD,		{8,  8, CKF_EN_DE_WR_UN},	PR_TRUE},
-     /* ------------------------- AES Operations --------------------------- */
-     {CKM_AES_KEY_GEN,		{16, 32, CKF_GENERATE},		PR_FALSE},
-     {CKM_AES_ECB,		{16, 32, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_AES_CBC,		{16, 32, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_AES_MAC,		{16, 32, CKF_SN_VR},		PR_FALSE},
-     {CKM_AES_MAC_GENERAL,	{16, 32, CKF_SN_VR},		PR_FALSE},
-     {CKM_AES_CBC_PAD,		{16, 32, CKF_EN_DE_WR_UN},	PR_TRUE},
-     /* ------------------------- Hashing Operations ----------------------- */
-     {CKM_MD2,			{0,   0, CKF_DIGEST},		PR_FALSE},
-     {CKM_MD2_HMAC,		{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_MD2_HMAC_GENERAL,	{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_MD5,			{0,   0, CKF_DIGEST},		PR_FALSE},
-     {CKM_MD5_HMAC,		{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_MD5_HMAC_GENERAL,	{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_SHA_1,		{0,   0, CKF_DIGEST},		PR_FALSE},
-     {CKM_SHA_1_HMAC,		{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_SHA_1_HMAC_GENERAL,	{1, 128, CKF_SN_VR},		PR_FALSE},
-     {CKM_TLS_PRF_GENERAL,	{0, 512, CKF_SN_VR},		PR_FALSE},
-     /* ------------------------- CAST Operations --------------------------- */
-#ifdef NSS_SOFTOKEN_DOES_CAST
-     /* Cast operations are not supported ( yet? ) */
-     {CKM_CAST_KEY_GEN,		{1,  8, CKF_GENERATE},		PR_FALSE}, 
-     {CKM_CAST_ECB,		{1,  8, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_CAST_CBC,		{1,  8, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_CAST_MAC,		{1,  8, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_CAST_MAC_GENERAL,	{1,  8, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_CAST_CBC_PAD,		{1,  8, CKF_EN_DE_WR_UN},	PR_TRUE}, 
-     {CKM_CAST3_KEY_GEN,	{1, 16, CKF_GENERATE},		PR_FALSE}, 
-     {CKM_CAST3_ECB,		{1, 16, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_CAST3_CBC,		{1, 16, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_CAST3_MAC,		{1, 16, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_CAST3_MAC_GENERAL,	{1, 16, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_CAST3_CBC_PAD,	{1, 16, CKF_EN_DE_WR_UN},	PR_TRUE}, 
-     {CKM_CAST5_KEY_GEN,	{1, 16, CKF_GENERATE},		PR_FALSE}, 
-     {CKM_CAST5_ECB,		{1, 16, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_CAST5_CBC,		{1, 16, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_CAST5_MAC,		{1, 16, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_CAST5_MAC_GENERAL,	{1, 16, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_CAST5_CBC_PAD,	{1, 16, CKF_EN_DE_WR_UN},	PR_TRUE}, 
-#endif
-#if NSS_SOFTOKEN_DOES_RC5
-     /* ------------------------- RC5 Operations --------------------------- */
-     {CKM_RC5_KEY_GEN,		{1, 32, CKF_GENERATE}, 	PR_FALSE},
-     	{CKM_RC5_ECB,		{1, 32, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_RC5_CBC,		{1, 32, CKF_EN_DE_WR_UN},	PR_FALSE},
-     {CKM_RC5_MAC,		{1, 32, CKF_SN_VR},  		PR_FALSE},
-     {CKM_RC5_MAC_GENERAL,	{1, 32, CKF_SN_VR},  		PR_FALSE},
-     {CKM_RC5_CBC_PAD,		{1, 32, CKF_EN_DE_WR_UN}, 	PR_TRUE},
-#endif
-#ifdef NSS_SOFTOKEN_DOES_IDEA
-     /* ------------------------- IDEA Operations -------------------------- */
-     {CKM_IDEA_KEY_GEN,		{16, 16, CKF_GENERATE}, 	PR_FALSE}, 
-     {CKM_IDEA_ECB,		{16, 16, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_IDEA_CBC,		{16, 16, CKF_EN_DE_WR_UN},	PR_FALSE}, 
-     {CKM_IDEA_MAC,		{16, 16, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_IDEA_MAC_GENERAL,	{16, 16, CKF_SN_VR},		PR_FALSE}, 
-     {CKM_IDEA_CBC_PAD,		{16, 16, CKF_EN_DE_WR_UN}, 	PR_TRUE}, 
-#endif
-     /* --------------------- Secret Key Operations ------------------------ */
-     {CKM_GENERIC_SECRET_KEY_GEN,	{1, 32, CKF_GENERATE}, PR_FALSE}, 
-     {CKM_CONCATENATE_BASE_AND_KEY,	{1, 32, CKF_GENERATE}, PR_FALSE}, 
-     {CKM_CONCATENATE_BASE_AND_DATA,	{1, 32, CKF_GENERATE}, PR_FALSE}, 
-     {CKM_CONCATENATE_DATA_AND_BASE,	{1, 32, CKF_GENERATE}, PR_FALSE}, 
-     {CKM_XOR_BASE_AND_DATA,		{1, 32, CKF_GENERATE}, PR_FALSE}, 
-     {CKM_EXTRACT_KEY_FROM_KEY,		{1, 32, CKF_DERIVE},   PR_FALSE}, 
-     /* ---------------------- SSL Key Derivations ------------------------- */
-     {CKM_SSL3_PRE_MASTER_KEY_GEN,	{48, 48, CKF_GENERATE}, PR_FALSE}, 
-     {CKM_SSL3_MASTER_KEY_DERIVE,	{48, 48, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_SSL3_MASTER_KEY_DERIVE_DH,	{8, 128, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_SSL3_KEY_AND_MAC_DERIVE,	{48, 48, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_SSL3_MD5_MAC,			{ 0, 16, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_SSL3_SHA1_MAC,		{ 0, 20, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_MD5_KEY_DERIVATION,		{ 0, 16, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_MD2_KEY_DERIVATION,		{ 0, 16, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_SHA1_KEY_DERIVATION,		{ 0, 20, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_TLS_MASTER_KEY_DERIVE,	{48, 48, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_TLS_MASTER_KEY_DERIVE_DH,	{8, 128, CKF_DERIVE},   PR_FALSE}, 
-     {CKM_TLS_KEY_AND_MAC_DERIVE,	{48, 48, CKF_DERIVE},   PR_FALSE}, 
-     /* ---------------------- PBE Key Derivations  ------------------------ */
-     {CKM_PBE_MD2_DES_CBC,		{8, 8, CKF_DERIVE},   PR_TRUE},
-     {CKM_PBE_MD5_DES_CBC,		{8, 8, CKF_DERIVE},   PR_TRUE},
-     /* ------------------ NETSCAPE PBE Key Derivations  ------------------- */
-     {CKM_NETSCAPE_PBE_SHA1_DES_CBC,	     { 8, 8, CKF_GENERATE}, PR_TRUE},
-     {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBE_SHA1_DES3_EDE_CBC,	     {24,24, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBE_SHA1_DES2_EDE_CBC,	     {24,24, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBE_SHA1_RC2_40_CBC,		     {40,40, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBE_SHA1_RC2_128_CBC,		     {128,128, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBE_SHA1_RC4_40,		     {40,40, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBE_SHA1_RC4_128,		     {128,128, CKF_GENERATE}, PR_TRUE},
-     {CKM_PBA_SHA1_WITH_SHA1_HMAC,	     {20,20, CKF_GENERATE}, PR_TRUE},
-     {CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN,    {20,20, CKF_GENERATE}, PR_TRUE},
-     {CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN,     {16,16, CKF_GENERATE}, PR_TRUE},
-     {CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN,     {16,16, CKF_GENERATE}, PR_TRUE},
-};
-static CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
-
-static char *
-pk11_setStringName(const char *inString, char *buffer, int buffer_length)
-{
-    int full_length, string_length;
-
-    full_length = buffer_length -1;
-    string_length = PORT_Strlen(inString);
-    /* 
-     *  shorten the string, respecting utf8 encoding
-     *  to do so, we work backward from the end 
-     *  bytes looking from the end are either:
-     *    - ascii [0x00,0x7f]
-     *    - the [2-n]th byte of a multibyte sequence 
-     *        [0x3F,0xBF], i.e, most significant 2 bits are '10'
-     *    - the first byte of a multibyte sequence [0xC0,0xFD],
-     *        i.e, most significant 2 bits are '11'
-     *
-     *    When the string is too long, we lop off any trailing '10' bytes,
-     *  if any. When these are all eliminated we lop off
-     *  one additional byte. Thus if we lopped any '10'
-     *  we'll be lopping a '11' byte (the first byte of the multibyte sequence),
-     *  otherwise we're lopping off an ascii character.
-     *
-     *    To test for '10' bytes, we first AND it with 
-     *  11000000 (0xc0) so that we get 10000000 (0x80) if and only if
-     *  the byte starts with 10. We test for equality.
-     */
-    while ( string_length > full_length ) {
-	/* need to shorten */
-	while ( string_length > 0 && 
-	      ((inString[string_length-1]&(char)0xc0) == (char)0x80)) {
-	    /* lop off '10' byte */
-	    string_length--;
-	}
-	/* 
-	 * test string_length in case bad data is received
-	 * and string consisted of all '10' bytes,
-	 * avoiding any infinite loop
-         */
-	if ( string_length ) {
-	    /* remove either '11' byte or an asci byte */
-	    string_length--;
-	}
-    }
-    PORT_Memset(buffer,' ',full_length);
-    buffer[full_length] = 0;
-    PORT_Memcpy(buffer,inString,string_length);
-    return buffer;
-}
-/*
- * Configuration utils
- */
-static CK_RV
-pk11_configure(const char *man, const char *libdes)
-{
-
-    /* make sure the internationalization was done correctly... */
-    if (man) {
-	manufacturerID = pk11_setStringName(man,manufacturerID_space,
-						sizeof(manufacturerID_space));
-    }
-    if (libdes) {
-	libraryDescription = pk11_setStringName(libdes,
-		libraryDescription_space, sizeof(libraryDescription_space));
-    }
-
-    return CKR_OK;
-}
-
-/*
- * ******************** Password Utilities *******************************
- */
-
-/*
- * see if the key DB password is enabled
- */
-PRBool
-pk11_hasNullPassword(NSSLOWKEYDBHandle *keydb,SECItem **pwitem)
-{
-    PRBool pwenabled;
-    
-    pwenabled = PR_FALSE;
-    *pwitem = NULL;
-    if (nsslowkey_HasKeyDBPassword (keydb) == SECSuccess) {
-	*pwitem = nsslowkey_HashPassword("", keydb->global_salt);
-	if ( *pwitem ) {
-	    if (nsslowkey_CheckKeyDBPassword (keydb, *pwitem) == SECSuccess) {
-		pwenabled = PR_TRUE;
-	    } else {
-	    	SECITEM_ZfreeItem(*pwitem, PR_TRUE);
-		*pwitem = NULL;
-	    }
-	}
-    }
-
-    return pwenabled;
-}
-
-/*
- * ******************** Object Creation Utilities ***************************
- */
-
-
-/* Make sure a given attribute exists. If it doesn't, initialize it to
- * value and len
- */
-CK_RV
-pk11_defaultAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *value,
-							unsigned int len)
-{
-    if ( !pk11_hasAttribute(object, type)) {
-	return pk11_AddAttributeType(object,type,value,len);
-    }
-    return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Data Object 
- */
-static CK_RV
-pk11_handleDataObject(PK11Session *session,PK11Object *object)
-{
-    CK_RV crv;
-
-    /* first reject private and token data objects */
-    if (pk11_isTrue(object,CKA_PRIVATE) || pk11_isTrue(object,CKA_TOKEN)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* now just verify the required date fields */
-    crv = pk11_defaultAttribute(object,CKA_APPLICATION,NULL,0);
-    if (crv != CKR_OK) return crv;
-    crv = pk11_defaultAttribute(object,CKA_VALUE,NULL,0);
-    if (crv != CKR_OK) return crv;
-
-    return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Certificate Object 
- */
-static CK_RV
-pk11_handleCertObject(PK11Session *session,PK11Object *object)
-{
-    CK_CERTIFICATE_TYPE type;
-    PK11Attribute *attribute;
-    CK_RV crv;
-
-    /* certificates must have a type */
-    if ( !pk11_hasAttribute(object,CKA_CERTIFICATE_TYPE) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* we can't store any certs private */
-    if (pk11_isTrue(object,CKA_PRIVATE)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-	
-    /* We only support X.509 Certs for now */
-    attribute = pk11_FindAttribute(object,CKA_CERTIFICATE_TYPE);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-    type = *(CK_CERTIFICATE_TYPE *)attribute->attrib.pValue;
-    pk11_FreeAttribute(attribute);
-
-    if (type != CKC_X_509) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* X.509 Certificate */
-
-    /* make sure we have a cert */
-    if ( !pk11_hasAttribute(object,CKA_VALUE) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* in PKCS #11, Subject is a required field */
-    if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* in PKCS #11, Issuer is a required field */
-    if ( !pk11_hasAttribute(object,CKA_ISSUER) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* in PKCS #11, Serial is a required field */
-    if ( !pk11_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* add it to the object */
-    object->objectInfo = NULL;
-    object->infoFree = (PK11Free) NULL;
-    
-    /* now just verify the required date fields */
-    crv = pk11_defaultAttribute(object, CKA_ID, NULL, 0);
-    if (crv != CKR_OK) { return crv; }
-
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	SECItem derCert;
-	NSSLOWCERTCertificate *cert;
- 	NSSLOWCERTCertTrust *trust = NULL;
- 	NSSLOWCERTCertTrust userTrust = 
-		{ CERTDB_USER, CERTDB_USER, CERTDB_USER };
- 	NSSLOWCERTCertTrust defTrust = 
-		{ CERTDB_TRUSTED_UNKNOWN, 
-			CERTDB_TRUSTED_UNKNOWN, CERTDB_TRUSTED_UNKNOWN };
-	char *label = NULL;
-	char *email = NULL;
-	SECStatus rv;
-	PRBool inDB = PR_TRUE;
-
-	if (slot->certDB == NULL) {
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-
-	/* get the der cert */ 
-	attribute = pk11_FindAttribute(object,CKA_VALUE);
-	PORT_Assert(attribute);
-
-	derCert.data = (unsigned char *)attribute->attrib.pValue;
-	derCert.len = attribute->attrib.ulValueLen ;
-
-	label = pk11_getString(object,CKA_LABEL);
-
-	cert =  nsslowcert_FindCertByDERCert(slot->certDB, &derCert);
-        if (cert == NULL) {
-	    cert = nsslowcert_DecodeDERCertificate(&derCert,PR_FALSE,label);
-	    inDB = PR_FALSE;
-	}
-	if (cert == NULL) {
-	    if (label) PORT_Free(label);
-    	    pk11_FreeAttribute(attribute);
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-
-	if (slot->keyDB && nsslowkey_KeyForCertExists(slot->keyDB,cert)) {
-	    trust = &userTrust;
-	}
-	if (!inDB) {
-	    if (!trust) trust = &defTrust;
-	    rv = nsslowcert_AddPermCert(slot->certDB, cert, label, trust);
-	} else {
-	    rv = trust ? nsslowcert_ChangeCertTrust(slot->certDB,cert,trust) :
-				SECSuccess;
-	}
-
-	if (label) PORT_Free(label);
-	pk11_FreeAttribute(attribute);
-
-	if (rv != SECSuccess) {
-	    nsslowcert_DestroyCertificate(cert);
-	    return CKR_DEVICE_ERROR;
-	}
-
-	/*
-	 * Add a NULL S/MIME profile if necessary.
-	 */
-	email = pk11_getString(object,CKA_NETSCAPE_EMAIL);
-	if (email) {
-	    certDBEntrySMime *entry;
-
-	    entry = nsslowcert_ReadDBSMimeEntry(slot->certDB,email);
-	    if (!entry) {
-	    	nsslowcert_SaveSMimeProfile(slot->certDB, email, 
-						&cert->derSubject, NULL, NULL);
-	    } else {
-		 nsslowcert_DestroyDBEntry((certDBEntry *)entry);
-	    }
-	    PORT_Free(email);
-	}
-	object->handle=pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT);
-	nsslowcert_DestroyCertificate(cert);
-    }
-
-    return CKR_OK;
-}
-
-unsigned int
-pk11_MapTrust(CK_TRUST trust, PRBool clientAuth)
-{
-    unsigned int trustCA = clientAuth ? CERTDB_TRUSTED_CLIENT_CA :
-							CERTDB_TRUSTED_CA;
-    switch (trust) {
-    case CKT_NETSCAPE_TRUSTED:
-	return CERTDB_VALID_PEER|CERTDB_TRUSTED;
-    case CKT_NETSCAPE_TRUSTED_DELEGATOR:
-	return CERTDB_VALID_CA|trustCA;
-    case CKT_NETSCAPE_UNTRUSTED:
-	return CERTDB_NOT_TRUSTED;
-    case CKT_NETSCAPE_MUST_VERIFY:
-	return 0;
-    case CKT_NETSCAPE_VALID: /* implies must verify */
-	return CERTDB_VALID_PEER;
-    case CKT_NETSCAPE_VALID_DELEGATOR: /* implies must verify */
-	return CERTDB_VALID_CA;
-    default:
-	break;
-    }
-    return CERTDB_TRUSTED_UNKNOWN;
-}
-    
-	
-/*
- * check the consistancy and initialize a Trust Object 
- */
-static CK_RV
-pk11_handleTrustObject(PK11Session *session,PK11Object *object)
-{
-    NSSLOWCERTIssuerAndSN issuerSN;
-
-    /* we can't store any certs private */
-    if (pk11_isTrue(object,CKA_PRIVATE)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* certificates must have a type */
-    if ( !pk11_hasAttribute(object,CKA_ISSUER) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    if ( !pk11_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    if ( !pk11_hasAttribute(object,CKA_CERT_SHA1_HASH) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    if ( !pk11_hasAttribute(object,CKA_CERT_MD5_HASH) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	PK11Attribute *issuer = NULL;
-	PK11Attribute *serial = NULL;
-	NSSLOWCERTCertificate *cert = NULL;
-	PK11Attribute *trust;
-        CK_TRUST sslTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-        CK_TRUST clientTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-        CK_TRUST emailTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
-        CK_TRUST signTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- 	NSSLOWCERTCertTrust dbTrust;
-	SECStatus rv;
-
-
-	if (slot->certDB == NULL) {
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-	issuer = pk11_FindAttribute(object,CKA_ISSUER);
-	PORT_Assert(issuer);
-	issuerSN.derIssuer.data = (unsigned char *)issuer->attrib.pValue;
-	issuerSN.derIssuer.len = issuer->attrib.ulValueLen ;
-
-	serial = pk11_FindAttribute(object,CKA_SERIAL_NUMBER);
-	PORT_Assert(serial);
-	issuerSN.serialNumber.data = (unsigned char *)serial->attrib.pValue;
-	issuerSN.serialNumber.len = serial->attrib.ulValueLen ;
-
-	cert = nsslowcert_FindCertByIssuerAndSN(slot->certDB,&issuerSN);
-	pk11_FreeAttribute(serial);
-	pk11_FreeAttribute(issuer);
-
-	if (cert == NULL) {
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-	
-	trust = pk11_FindAttribute(object,CKA_TRUST_SERVER_AUTH);
-	if (trust) {
-	    if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
-		PORT_Memcpy(&sslTrust,trust->attrib.pValue, sizeof(sslTrust));
-	    }
-	    pk11_FreeAttribute(trust);
-	}
-	trust = pk11_FindAttribute(object,CKA_TRUST_CLIENT_AUTH);
-	if (trust) {
-	    if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
-		PORT_Memcpy(&clientTrust,trust->attrib.pValue,
-							 sizeof(clientTrust));
-	    }
-	    pk11_FreeAttribute(trust);
-	}
-	trust = pk11_FindAttribute(object,CKA_TRUST_EMAIL_PROTECTION);
-	if (trust) {
-	    if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
-		PORT_Memcpy(&emailTrust,trust->attrib.pValue,
-							sizeof(emailTrust));
-	    }
-	    pk11_FreeAttribute(trust);
-	}
-	trust = pk11_FindAttribute(object,CKA_TRUST_CODE_SIGNING);
-	if (trust) {
-	    if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
-		PORT_Memcpy(&signTrust,trust->attrib.pValue,
-							sizeof(signTrust));
-	    }
-	    pk11_FreeAttribute(trust);
-	}
-
-	/* preserve certain old fields */
-	if (cert->trust) {
-	    dbTrust.sslFlags =
-			  cert->trust->sslFlags & CERTDB_PRESERVE_TRUST_BITS;
-	    dbTrust.emailFlags=
-			cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS;
-	    dbTrust.objectSigningFlags = 
-		cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS;
-	}
-
-	dbTrust.sslFlags = pk11_MapTrust(sslTrust,PR_FALSE);
-	dbTrust.sslFlags |= pk11_MapTrust(clientTrust,PR_TRUE);
-	dbTrust.emailFlags = pk11_MapTrust(emailTrust,PR_FALSE);
-	dbTrust.objectSigningFlags = pk11_MapTrust(signTrust,PR_FALSE);
-
-	rv = nsslowcert_ChangeCertTrust(slot->certDB,cert,&dbTrust);
-	object->handle=pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_TRUST);
-	nsslowcert_DestroyCertificate(cert);
-	if (rv != SECSuccess) {
-	   return CKR_DEVICE_ERROR;
-	}
-    }
-
-    return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object 
- */
-static CK_RV
-pk11_handleSMimeObject(PK11Session *session,PK11Object *object)
-{
-
-    /* we can't store any certs private */
-    if (pk11_isTrue(object,CKA_PRIVATE)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* certificates must have a type */
-    if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    if ( !pk11_hasAttribute(object,CKA_NETSCAPE_EMAIL) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	SECItem derSubj,rawProfile,rawTime,emailKey;
-	SECItem *pRawProfile = NULL;
-	SECItem *pRawTime = NULL;
-	char *email = NULL;
-    	PK11Attribute *subject,*profile,*time;
-	SECStatus rv;
-
-	PORT_Assert(slot);
-	if (slot->certDB == NULL) {
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-
-	/* lookup SUBJECT */
-	subject = pk11_FindAttribute(object,CKA_SUBJECT);
-	PORT_Assert(subject);
-	derSubj.data = (unsigned char *)subject->attrib.pValue;
-	derSubj.len = subject->attrib.ulValueLen ;
-
-	/* lookup VALUE */
-	profile = pk11_FindAttribute(object,CKA_VALUE);
-	if (profile) {
-	    rawProfile.data = (unsigned char *)profile->attrib.pValue;
-	    rawProfile.len = profile->attrib.ulValueLen ;
-	    pRawProfile = &rawProfile;
-	}
-
-	/* lookup Time */
-	time = pk11_FindAttribute(object,CKA_NETSCAPE_SMIME_TIMESTAMP);
-	if (time) {
-	    rawTime.data = (unsigned char *)time->attrib.pValue;
-	    rawTime.len = time->attrib.ulValueLen ;
-	    pRawTime = &rawTime;
-	}
-
-
-	email = pk11_getString(object,CKA_NETSCAPE_EMAIL);
-
-	/* Store CRL by SUBJECT */
-	rv = nsslowcert_SaveSMimeProfile(slot->certDB, email, &derSubj, 
-				pRawProfile,pRawTime);
-
-    	pk11_FreeAttribute(subject);
-    	if (profile) pk11_FreeAttribute(profile);
-    	if (time) pk11_FreeAttribute(time);
-	if (rv != SECSuccess) {
-    	    PORT_Free(email);
-	    return CKR_DEVICE_ERROR;
-	}
-	emailKey.data = (unsigned char *)email;
-	emailKey.len = PORT_Strlen(email)+1;
-
-	object->handle = pk11_mkHandle(slot, &emailKey, PK11_TOKEN_TYPE_SMIME);
-    	PORT_Free(email);
-    }
-
-    return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object 
- */
-static CK_RV
-pk11_handleCrlObject(PK11Session *session,PK11Object *object)
-{
-
-    /* we can't store any certs private */
-    if (pk11_isTrue(object,CKA_PRIVATE)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* certificates must have a type */
-    if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    if ( !pk11_hasAttribute(object,CKA_VALUE) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	PRBool isKRL = PR_FALSE;
-	SECItem derSubj,derCrl;
-	char *url = NULL;
-    	PK11Attribute *subject,*crl;
-	SECStatus rv;
-
-	PORT_Assert(slot);
-	if (slot->certDB == NULL) {
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-
-	/* lookup SUBJECT */
-	subject = pk11_FindAttribute(object,CKA_SUBJECT);
-	PORT_Assert(subject);
-	derSubj.data = (unsigned char *)subject->attrib.pValue;
-	derSubj.len = subject->attrib.ulValueLen ;
-
-	/* lookup VALUE */
-	crl = pk11_FindAttribute(object,CKA_VALUE);
-	PORT_Assert(crl);
-	derCrl.data = (unsigned char *)crl->attrib.pValue;
-	derCrl.len = crl->attrib.ulValueLen ;
-
-
-	url = pk11_getString(object,CKA_NETSCAPE_URL);
-	isKRL = pk11_isTrue(object,CKA_NETSCAPE_KRL);
-
-	/* Store CRL by SUBJECT */
-	rv = nsslowcert_AddCrl(slot->certDB, &derCrl, &derSubj, url, isKRL);
-
-	if (url) {
-	    PORT_Free(url);
-	}
-    	pk11_FreeAttribute(crl);
-	if (rv != SECSuccess) {
-    	    pk11_FreeAttribute(subject);
-	    return CKR_DEVICE_ERROR;
-	}
-
-	object->handle = pk11_mkHandle(slot,&derSubj,
-			isKRL ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL);
-    	pk11_FreeAttribute(subject);
-    }
-
-    return CKR_OK;
-}
-
-NSSLOWKEYPublicKey * pk11_GetPubKey(PK11Object *object,CK_KEY_TYPE key);
-/*
- * check the consistancy and initialize a Public Key Object 
- */
-static CK_RV
-pk11_handlePublicKeyObject(PK11Session *session, PK11Object *object,
-							 CK_KEY_TYPE key_type)
-{
-    CK_BBOOL encrypt = CK_TRUE;
-    CK_BBOOL recover = CK_TRUE;
-    CK_BBOOL wrap = CK_TRUE;
-    CK_BBOOL derive = CK_FALSE;
-    CK_BBOOL verify = CK_TRUE;
-    CK_ATTRIBUTE_TYPE pubKeyAttr = CKA_VALUE;
-    CK_RV crv;
-
-    switch (key_type) {
-    case CKK_RSA:
-	if ( !pk11_hasAttribute(object, CKA_MODULUS)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	pubKeyAttr = CKA_MODULUS;
-	break;
-    case CKK_DSA:
-	if ( !pk11_hasAttribute(object, CKA_SUBPRIME)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-    case CKK_DH:
-	if ( !pk11_hasAttribute(object, CKA_PRIME)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_BASE)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_VALUE)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if (key_type == CKK_DH) {
-	    verify = CK_FALSE;
-	    derive = CK_TRUE;
- 	}
-	encrypt = CK_FALSE;
-	recover = CK_FALSE;
-	wrap = CK_FALSE;
-	break;
-    default:
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-    /* make sure the required fields exist */
-    crv = pk11_defaultAttribute(object,CKA_SUBJECT,NULL,0);
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_ENCRYPT,&encrypt,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_VERIFY,&verify,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_VERIFY_RECOVER,
-						&recover,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_WRAP,&wrap,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_DERIVE,&derive,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-
-    object->objectInfo = pk11_GetPubKey(object,key_type);
-    object->infoFree = (PK11Free) nsslowkey_DestroyPublicKey;
-
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	NSSLOWKEYPrivateKey *priv;
-	SECItem pubKey;
-
-	crv = pk11_Attribute2SSecItem(NULL,&pubKey,object,pubKeyAttr);
-	if (crv != CKR_OK) return crv;
-
-	PORT_Assert(pubKey.data);
-	if (slot->keyDB == NULL) {
-	    PORT_Free(pubKey.data);
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-	if (slot->keyDB->version != 3) {
-	    unsigned char buf[SHA1_LENGTH];
-	    SHA1_HashBuf(buf,pubKey.data,pubKey.len);
-	    PORT_Memcpy(pubKey.data,buf,sizeof(buf));
-	    pubKey.len = sizeof(buf);
-	}
-	/* make sure the associated private key already exists */
-	/* only works if we are logged in */
-	priv = nsslowkey_FindKeyByPublicKey(slot->keyDB, &pubKey,
-							 slot->password);
-	if (priv == NULL) {
-	    PORT_Free(pubKey.data);
-	    return CKR_ATTRIBUTE_VALUE_INVALID;
-	}
-	nsslowkey_DestroyPrivateKey(priv);
-
-	object->handle = pk11_mkHandle(slot, &pubKey, PK11_TOKEN_TYPE_PUB);
-	PORT_Free(pubKey.data);
-    }
-
-    return CKR_OK;
-}
-
-static NSSLOWKEYPrivateKey * pk11_mkPrivKey(PK11Object *object,CK_KEY_TYPE key);
-/*
- * check the consistancy and initialize a Private Key Object 
- */
-static CK_RV
-pk11_handlePrivateKeyObject(PK11Session *session,PK11Object *object,CK_KEY_TYPE key_type)
-{
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL encrypt = CK_TRUE;
-    CK_BBOOL recover = CK_TRUE;
-    CK_BBOOL wrap = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    SECItem mod;
-    CK_RV crv;
-
-    switch (key_type) {
-    case CKK_RSA:
-	if ( !pk11_hasAttribute(object, CKA_MODULUS)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_PRIME_1)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_PRIME_2)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_EXPONENT_1)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_EXPONENT_2)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_COEFFICIENT)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	/* make sure Netscape DB attribute is set correctly */
-	crv = pk11_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
-	if (crv != CKR_OK) return crv;
-	crv = pk11_forceAttribute(object, CKA_NETSCAPE_DB, 
-						pk11_item_expand(&mod));
-	if (mod.data) PORT_Free(mod.data);
-	if (crv != CKR_OK) return crv;
-	
-	break;
-    case CKK_DSA:
-	if ( !pk11_hasAttribute(object, CKA_SUBPRIME)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_NETSCAPE_DB)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-    case CKK_DH:
-	if ( !pk11_hasAttribute(object, CKA_PRIME)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_BASE)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if ( !pk11_hasAttribute(object, CKA_VALUE)) {
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	encrypt = CK_FALSE;
-	recover = CK_FALSE;
-	wrap = CK_FALSE;
-	break;
-    default:
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-    crv = pk11_defaultAttribute(object,CKA_SUBJECT,NULL,0);
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_DECRYPT,&encrypt,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_SIGN,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_SIGN_RECOVER,&recover,
-							     sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_UNWRAP,&wrap,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    /* the next two bits get modified only in the key gen and token cases */
-    crv = pk11_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
-						&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
-						&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-
-    /* should we check the non-token RSA private keys? */
-
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	NSSLOWKEYPrivateKey *privKey;
-	char *label;
-	SECStatus rv = SECSuccess;
-	SECItem pubKey;
-
-	if (slot->keyDB == NULL) {
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-
-	privKey=pk11_mkPrivKey(object,key_type);
-	if (privKey == NULL) return CKR_HOST_MEMORY;
-	label = pk11_getString(object,CKA_LABEL);
-
-	crv = pk11_Attribute2SSecItem(NULL,&pubKey,object,CKA_NETSCAPE_DB);
-	if (crv != CKR_OK) {
-	    if (label) PORT_Free(label);
-	    nsslowkey_DestroyPrivateKey(privKey);
-	    return CKR_TEMPLATE_INCOMPLETE;
-	}
-	if (slot->keyDB->version != 3) {
-	    unsigned char buf[SHA1_LENGTH];
-	    SHA1_HashBuf(buf,pubKey.data,pubKey.len);
-	    PORT_Memcpy(pubKey.data,buf,sizeof(buf));
-	    pubKey.len = sizeof(buf);
-	}
-
-        if (key_type == CKK_RSA) {
-	    rv = RSA_PrivateKeyCheck(&privKey->u.rsa);
-	    if (rv == SECFailure) {
-		goto fail;
-	    }
-	}
-	rv = nsslowkey_StoreKeyByPublicKey(object->slot->keyDB,
-			privKey, &pubKey, label, object->slot->password);
-
-fail:
-	if (label) PORT_Free(label);
-	object->handle = pk11_mkHandle(slot,&pubKey,PK11_TOKEN_TYPE_PRIV);
-	if (pubKey.data) PORT_Free(pubKey.data);
-	nsslowkey_DestroyPrivateKey(privKey);
-	if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-    } else {
-	object->objectInfo = pk11_mkPrivKey(object,key_type);
-	if (object->objectInfo == NULL) return CKR_HOST_MEMORY;
-	object->infoFree = (PK11Free) nsslowkey_DestroyPrivateKey;
-	/* now NULL out the sensitive attributes */
-	if (pk11_isTrue(object,CKA_SENSITIVE)) {
-	    pk11_nullAttribute(object,CKA_PRIVATE_EXPONENT);
-	    pk11_nullAttribute(object,CKA_PRIME_1);
-	    pk11_nullAttribute(object,CKA_PRIME_2);
-	    pk11_nullAttribute(object,CKA_EXPONENT_1);
-	    pk11_nullAttribute(object,CKA_EXPONENT_2);
-	    pk11_nullAttribute(object,CKA_COEFFICIENT);
-	}
-    }
-    return CKR_OK;
-}
-
-/* forward delcare the DES formating function for handleSecretKey */
-void pk11_FormatDESKey(unsigned char *key, int length);
-static NSSLOWKEYPrivateKey *pk11_mkSecretKeyRep(PK11Object *object);
-
-/* Validate secret key data, and set defaults */
-static CK_RV
-validateSecretKey(PK11Session *session, PK11Object *object, 
-					CK_KEY_TYPE key_type, PRBool isFIPS)
-{
-    CK_RV crv;
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    PK11Attribute *attribute = NULL;
-    crv = pk11_defaultAttribute(object,CKA_SENSITIVE,
-				isFIPS?&cktrue:&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_EXTRACTABLE,
-						&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_ENCRYPT,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_DECRYPT,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_SIGN,&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_VERIFY,&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_WRAP,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_UNWRAP,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-
-    if ( !pk11_hasAttribute(object, CKA_VALUE)) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    /* the next two bits get modified only in the key gen and token cases */
-    crv = pk11_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
-						&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
-						&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-
-    /* some types of keys have a value length */
-    crv = CKR_OK;
-    switch (key_type) {
-    /* force CKA_VALUE_LEN to be set */
-    case CKK_GENERIC_SECRET:
-    case CKK_RC2:
-    case CKK_RC4:
-#if NSS_SOFTOKEN_DOES_RC5
-    case CKK_RC5:
-#endif
-#ifdef NSS_SOFTOKEN_DOES_CAST
-    case CKK_CAST:
-    case CKK_CAST3:
-    case CKK_CAST5:
-#endif
-#if NSS_SOFTOKEN_DOES_IDEA
-    case CKK_IDEA:
-#endif
-	attribute = pk11_FindAttribute(object,CKA_VALUE);
-	/* shouldn't happen */
-	if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-	crv = pk11_forceAttribute(object, CKA_VALUE_LEN, 
-			&attribute->attrib.ulValueLen, sizeof(CK_ULONG));
-	pk11_FreeAttribute(attribute);
-	break;
-    /* force the value to have the correct parity */
-    case CKK_DES:
-    case CKK_DES2:
-    case CKK_DES3:
-    case CKK_CDMF:
-	attribute = pk11_FindAttribute(object,CKA_VALUE);
-	/* shouldn't happen */
-	if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-	pk11_FormatDESKey((unsigned char*)attribute->attrib.pValue,
-						 attribute->attrib.ulValueLen);
-	pk11_FreeAttribute(attribute);
-	break;
-    default:
-	break;
-    }
-
-    return crv;
-}
-/*
- * check the consistancy and initialize a Secret Key Object 
- */
-static CK_RV
-pk11_handleSecretKeyObject(PK11Session *session,PK11Object *object,
-					CK_KEY_TYPE key_type, PRBool isFIPS)
-{
-    CK_RV crv;
-    NSSLOWKEYPrivateKey *privKey = NULL;
-    SECItem pubKey;
-    char *label = NULL;
-
-    pubKey.data = 0;
-
-    /* First validate and set defaults */
-    crv = validateSecretKey(session, object, key_type, isFIPS);
-    if (crv != CKR_OK) goto loser;
-
-    /* If the object is a TOKEN object, store in the database */
-    if (pk11_isTrue(object,CKA_TOKEN)) {
-	PK11Slot *slot = session->slot;
-	SECStatus rv = SECSuccess;
-
-	if (slot->keyDB == NULL) {
-	    return CKR_TOKEN_WRITE_PROTECTED;
-	}
-	privKey=pk11_mkSecretKeyRep(object);
-	if (privKey == NULL) return CKR_HOST_MEMORY;
-
-	label = pk11_getString(object,CKA_LABEL);
-
-	crv = pk11_Attribute2SecItem(NULL, &pubKey, object, CKA_ID);  
-						/* Should this be ID? */
-	if (crv != CKR_OK) goto loser;
-
-	PORT_Assert(slot->keyDB);
-	rv = nsslowkey_StoreKeyByPublicKey(slot->keyDB,
-			privKey, &pubKey, label, slot->password);
-	if (rv != SECSuccess) {
-	    crv = CKR_DEVICE_ERROR;
-	    goto loser;
-	}
-
-	object->handle = pk11_mkHandle(slot,&pubKey,PK11_TOKEN_TYPE_KEY);
-    }
-
-loser:
-    if (label) PORT_Free(label);
-    if (privKey) nsslowkey_DestroyPrivateKey(privKey);
-    if (pubKey.data) PORT_Free(pubKey.data);
-
-    return crv;
-}
-
-/*
- * check the consistancy and initialize a Key Object 
- */
-static CK_RV
-pk11_handleKeyObject(PK11Session *session, PK11Object *object)
-{
-    PK11Attribute *attribute;
-    CK_KEY_TYPE key_type;
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_RV crv;
-
-    /* verify the required fields */
-    if ( !pk11_hasAttribute(object,CKA_KEY_TYPE) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* now verify the common fields */
-    crv = pk11_defaultAttribute(object,CKA_ID,NULL,0);
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_START_DATE,NULL,0);
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_END_DATE,NULL,0);
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-    crv = pk11_defaultAttribute(object,CKA_LOCAL,&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-
-    /* get the key type */
-    attribute = pk11_FindAttribute(object,CKA_KEY_TYPE);
-    key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
-    pk11_FreeAttribute(attribute);
-
-    switch (object->objclass) {
-    case CKO_PUBLIC_KEY:
-	return pk11_handlePublicKeyObject(session,object,key_type);
-    case CKO_PRIVATE_KEY:
-	return pk11_handlePrivateKeyObject(session,object,key_type);
-    case CKO_SECRET_KEY:
-	/* make sure the required fields exist */
-	return pk11_handleSecretKeyObject(session,object,key_type,
-			     (PRBool)(session->slot->slotID == FIPS_SLOT_ID));
-    default:
-	break;
-    }
-    return CKR_ATTRIBUTE_VALUE_INVALID;
-}
-
-/*
- * check the consistancy and Verify a DSA Parameter Object 
- */
-static CK_RV
-pk11_handleDSAParameterObject(PK11Session *session, PK11Object *object)
-{
-    PK11Attribute *primeAttr = NULL;
-    PK11Attribute *subPrimeAttr = NULL;
-    PK11Attribute *baseAttr = NULL;
-    PK11Attribute *seedAttr = NULL;
-    PK11Attribute *hAttr = NULL;
-    PK11Attribute *attribute;
-    CK_RV crv = CKR_TEMPLATE_INCOMPLETE;
-    PQGParams params;
-    PQGVerify vfy, *verify = NULL;
-    SECStatus result,rv;
-
-    primeAttr = pk11_FindAttribute(object,CKA_PRIME);
-    if (primeAttr == NULL) goto loser;
-    params.prime.data = primeAttr->attrib.pValue;
-    params.prime.len = primeAttr->attrib.ulValueLen;
-
-    subPrimeAttr = pk11_FindAttribute(object,CKA_SUBPRIME);
-    if (subPrimeAttr == NULL) goto loser;
-    params.subPrime.data = subPrimeAttr->attrib.pValue;
-    params.subPrime.len = subPrimeAttr->attrib.ulValueLen;
-
-    baseAttr = pk11_FindAttribute(object,CKA_BASE);
-    if (baseAttr == NULL) goto loser;
-    params.base.data = baseAttr->attrib.pValue;
-    params.base.len = baseAttr->attrib.ulValueLen;
-
-    attribute = pk11_FindAttribute(object, CKA_NETSCAPE_PQG_COUNTER);
-    if (attribute != NULL) {
-	vfy.counter = *(CK_ULONG *) attribute->attrib.pValue;
-	pk11_FreeAttribute(attribute);
-
-	seedAttr = pk11_FindAttribute(object, CKA_NETSCAPE_PQG_SEED);
-	if (seedAttr == NULL) goto loser;
-	vfy.seed.data = seedAttr->attrib.pValue;
-	vfy.seed.len = seedAttr->attrib.ulValueLen;
-
-	hAttr = pk11_FindAttribute(object, CKA_NETSCAPE_PQG_H);
-	if (hAttr == NULL) goto loser;
-	vfy.h.data = hAttr->attrib.pValue;
-	vfy.h.len = hAttr->attrib.ulValueLen;
-
-	verify = &vfy;
-    }
-
-    crv = CKR_FUNCTION_FAILED;
-    rv = PQG_VerifyParams(&params,verify,&result);
-    if (rv == SECSuccess) {
-	crv = (result== SECSuccess) ? CKR_OK : CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-
-loser:
-    if (hAttr) pk11_FreeAttribute(hAttr);
-    if (seedAttr) pk11_FreeAttribute(seedAttr);
-    if (baseAttr) pk11_FreeAttribute(baseAttr);
-    if (subPrimeAttr) pk11_FreeAttribute(subPrimeAttr);
-    if (primeAttr) pk11_FreeAttribute(primeAttr);
-
-    return crv;
-}
-
-/*
- * check the consistancy and initialize a Key Parameter Object 
- */
-static CK_RV
-pk11_handleKeyParameterObject(PK11Session *session, PK11Object *object)
-{
-    PK11Attribute *attribute;
-    CK_KEY_TYPE key_type;
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_RV crv;
-
-    /* verify the required fields */
-    if ( !pk11_hasAttribute(object,CKA_KEY_TYPE) ) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-
-    /* now verify the common fields */
-    crv = pk11_defaultAttribute(object,CKA_LOCAL,&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK)  return crv; 
-
-    /* get the key type */
-    attribute = pk11_FindAttribute(object,CKA_KEY_TYPE);
-    key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
-    pk11_FreeAttribute(attribute);
-
-    switch (key_type) {
-    case CKK_DSA:
-	return pk11_handleDSAParameterObject(session,object);
-	
-    default:
-	break;
-    }
-    return CKR_KEY_TYPE_INCONSISTENT;
-}
-
-/* 
- * Handle Object does all the object consistancy checks, automatic attribute
- * generation, attribute defaulting, etc. If handleObject succeeds, the object
- * will be assigned an object handle, and the object installed in the session
- * or stored in the DB.
- */
-CK_RV
-pk11_handleObject(PK11Object *object, PK11Session *session)
-{
-    PK11Slot *slot = session->slot;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_BBOOL cktrue = CK_TRUE;
-    PK11Attribute *attribute;
-    CK_RV crv;
-
-    /* make sure all the base object types are defined. If not set the
-     * defaults */
-    crv = pk11_defaultAttribute(object,CKA_TOKEN,&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK) return crv;
-    crv = pk11_defaultAttribute(object,CKA_PRIVATE,&ckfalse,sizeof(CK_BBOOL));
-    if (crv != CKR_OK) return crv;
-    crv = pk11_defaultAttribute(object,CKA_LABEL,NULL,0);
-    if (crv != CKR_OK) return crv;
-    crv = pk11_defaultAttribute(object,CKA_MODIFIABLE,&cktrue,sizeof(CK_BBOOL));
-    if (crv != CKR_OK) return crv;
-
-    /* don't create a private object if we aren't logged in */
-    if ((!slot->isLoggedIn) && (slot->needLogin) &&
-				(pk11_isTrue(object,CKA_PRIVATE))) {
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-
-
-    if (((session->info.flags & CKF_RW_SESSION) == 0) &&
-				(pk11_isTrue(object,CKA_TOKEN))) {
-	return CKR_SESSION_READ_ONLY;
-    }
-	
-    /* PKCS #11 object ID's are unique for all objects on a
-     * token */
-    PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-    object->handle = slot->tokenIDCount++;
-    PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-
-    /* get the object class */
-    attribute = pk11_FindAttribute(object,CKA_CLASS);
-    if (attribute == NULL) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    object->objclass = *(CK_OBJECT_CLASS *)attribute->attrib.pValue;
-    pk11_FreeAttribute(attribute);
-
-    /* now handle the specific. Get a session handle for these functions
-     * to use */
-    switch (object->objclass) {
-    case CKO_DATA:
-	crv = pk11_handleDataObject(session,object);
-	break;
-    case CKO_CERTIFICATE:
-	crv = pk11_handleCertObject(session,object);
-	break;
-    case CKO_NETSCAPE_TRUST:
-	crv = pk11_handleTrustObject(session,object);
-	break;
-    case CKO_NETSCAPE_CRL:
-	crv = pk11_handleCrlObject(session,object);
-	break;
-    case CKO_NETSCAPE_SMIME:
-	crv = pk11_handleSMimeObject(session,object);
-	break;
-    case CKO_PRIVATE_KEY:
-    case CKO_PUBLIC_KEY:
-    case CKO_SECRET_KEY:
-	crv = pk11_handleKeyObject(session,object);
-	break;
-    case CKO_KG_PARAMETERS:
-	crv = pk11_handleKeyParameterObject(session,object);
-	break;
-    default:
-	crv = CKR_ATTRIBUTE_VALUE_INVALID;
-	break;
-    }
-
-    /* can't fail from here on out unless the pk_handlXXX functions have
-     * failed the request */
-    if (crv != CKR_OK) {
-	return crv;
-    }
-
-    /* now link the object into the slot and session structures */
-    if (pk11_isToken(object->handle)) {
-	pk11_convertSessionToToken(object);
-    } else {
-	object->slot = slot;
-	pk11_AddObject(session,object);
-    }
-
-    return CKR_OK;
-}
-
-/*
- * ******************** Public Key Utilities ***************************
- */
-/* Generate a low public key structure from an object */
-NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,CK_KEY_TYPE key_type)
-{
-    NSSLOWKEYPublicKey *pubKey;
-    PLArenaPool *arena;
-    CK_RV crv;
-
-    if (object->objclass != CKO_PUBLIC_KEY) {
-	return NULL;
-    }
-
-    if (pk11_isToken(object->handle)) {
-/* ferret out the token object handle */
-    }
-
-    /* If we already have a key, use it */
-    if (object->objectInfo) {
-	return (NSSLOWKEYPublicKey *)object->objectInfo;
-    }
-
-    /* allocate the structure */
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) return NULL;
-
-    pubKey = (NSSLOWKEYPublicKey *)
-			PORT_ArenaAlloc(arena,sizeof(NSSLOWKEYPublicKey));
-    if (pubKey == NULL) {
-    	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-
-    /* fill in the structure */
-    pubKey->arena = arena;
-    switch (key_type) {
-    case CKK_RSA:
-	pubKey->keyType = NSSLOWKEYRSAKey;
-	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.modulus,
-							object,CKA_MODULUS);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.publicExponent,
-						object,CKA_PUBLIC_EXPONENT);
-	break;
-    case CKK_DSA:
-	pubKey->keyType = NSSLOWKEYDSAKey;
-	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.prime,
-							object,CKA_PRIME);
-    	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.subPrime,
-							object,CKA_SUBPRIME);
-    	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.base,
-							object,CKA_BASE);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.publicValue,
-							object,CKA_VALUE);
-	break;
-    case CKK_DH:
-	pubKey->keyType = NSSLOWKEYDHKey;
-	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.prime,
-							object,CKA_PRIME);
-    	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.base,
-							object,CKA_BASE);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.publicValue,
-							object,CKA_VALUE);
-	break;
-    default:
-	crv = CKR_KEY_TYPE_INCONSISTENT;
-	break;
-    }
-    if (crv != CKR_OK) {
-    	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-
-    object->objectInfo = pubKey;
-    object->infoFree = (PK11Free) nsslowkey_DestroyPublicKey;
-    return pubKey;
-}
-
-/* make a private key from a verified object */
-static NSSLOWKEYPrivateKey *
-pk11_mkPrivKey(PK11Object *object,CK_KEY_TYPE key_type)
-{
-    NSSLOWKEYPrivateKey *privKey;
-    PLArenaPool *arena;
-    CK_RV crv = CKR_OK;
-    SECStatus rv;
-
-    PORT_Assert(!pk11_isToken(object->handle));
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) return NULL;
-
-    privKey = (NSSLOWKEYPrivateKey *)
-			PORT_ArenaZAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
-    if (privKey == NULL)  {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-
-    /* in future this would be a switch on key_type */
-    privKey->arena = arena;
-    switch (key_type) {
-    case CKK_RSA:
-	privKey->keyType = NSSLOWKEYRSAKey;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.modulus,
-							object,CKA_MODULUS);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.publicExponent,object,
-							CKA_PUBLIC_EXPONENT);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.privateExponent,object,
-							CKA_PRIVATE_EXPONENT);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.prime1,object,
-								CKA_PRIME_1);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.prime2,object,
-								CKA_PRIME_2);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.exponent1,
-						object, CKA_EXPONENT_1);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.exponent2,
-							object, CKA_EXPONENT_2);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.coefficient,object,
-							      CKA_COEFFICIENT);
-	if (crv != CKR_OK) break;
-        rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
-                          NSSLOWKEY_VERSION);
-	if (rv != SECSuccess) crv = CKR_HOST_MEMORY;
-	break;
-
-    case CKK_DSA:
-	privKey->keyType = NSSLOWKEYDSAKey;
-	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.prime,
-							object,CKA_PRIME);
-    	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.subPrime,
-							object,CKA_SUBPRIME);
-    	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.base,
-							object,CKA_BASE);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.privateValue,
-							object,CKA_VALUE);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.publicValue,
-							object,CKA_NETSCAPE_DB);
-	/* can't set the public value.... */
-	break;
-
-    case CKK_DH:
-	privKey->keyType = NSSLOWKEYDHKey;
-	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.prime,
-							object,CKA_PRIME);
-    	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.base,
-							object,CKA_BASE);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.privateValue,
-							object,CKA_VALUE);
-    	if (crv != CKR_OK) break;
-    	crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.publicValue,
-							object,CKA_NETSCAPE_DB);
-	break;
-    default:
-	crv = CKR_KEY_TYPE_INCONSISTENT;
-	break;
-    }
-    if (crv != CKR_OK) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-    return privKey;
-}
-
-
-/* Generate a low private key structure from an object */
-NSSLOWKEYPrivateKey *
-pk11_GetPrivKey(PK11Object *object,CK_KEY_TYPE key_type)
-{
-    NSSLOWKEYPrivateKey *priv = NULL;
-
-    if (object->objclass != CKO_PRIVATE_KEY) {
-	return NULL;
-    }
-    if (object->objectInfo) {
-	return (NSSLOWKEYPrivateKey *)object->objectInfo;
-    }
-
-    if (pk11_isToken(object->handle)) {
-	/* grab it from the data base */
-	PK11TokenObject *to = pk11_narrowToTokenObject(object);
-
-	PORT_Assert(to);
-	PORT_Assert(object->slot->keyDB);	
-	priv = nsslowkey_FindKeyByPublicKey(object->slot->keyDB, &to->dbKey,
-				       object->slot->password);
-    } else {
-	priv = pk11_mkPrivKey(object, key_type);
-    }
-    object->objectInfo = priv;
-    object->infoFree = (PK11Free) nsslowkey_DestroyPrivateKey;
-    return priv;
-}
-
-/*
- **************************** Symetric Key utils ************************
- */
-/*
- * set the DES key with parity bits correctly
- */
-void
-pk11_FormatDESKey(unsigned char *key, int length)
-{
-    int i;
-
-    /* format the des key */
-    for (i=0; i < length; i++) {
-	key[i] = parityTable[key[i]>>1];
-    }
-}
-
-/*
- * check a des key (des2 or des3 subkey) for weak keys.
- */
-PRBool
-pk11_CheckDESKey(unsigned char *key)
-{
-    int i;
-
-    /* format the des key with parity  */
-    pk11_FormatDESKey(key, 8);
-
-    for (i=0; i < pk11_desWeakTableSize; i++) {
-	if (PORT_Memcmp(key,pk11_desWeakTable[i],8) == 0) {
-	    return PR_TRUE;
-	}
-    }
-    return PR_FALSE;
-}
-
-/*
- * check if a des or triple des key is weak.
- */
-PRBool
-pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type)
-{
-
-    switch(key_type) {
-    case CKK_DES:
-	return pk11_CheckDESKey(key);
-    case CKM_DES2_KEY_GEN:
-	if (pk11_CheckDESKey(key)) return PR_TRUE;
-	return pk11_CheckDESKey(&key[8]);
-    case CKM_DES3_KEY_GEN:
-	if (pk11_CheckDESKey(key)) return PR_TRUE;
-	if (pk11_CheckDESKey(&key[8])) return PR_TRUE;
-	return pk11_CheckDESKey(&key[16]);
-    default:
-	break;
-    }
-    return PR_FALSE;
-}
-
-
-/* make a fake private key representing a symmetric key */
-static NSSLOWKEYPrivateKey *
-pk11_mkSecretKeyRep(PK11Object *object)
-{
-    NSSLOWKEYPrivateKey *privKey;
-    PLArenaPool *arena = 0;
-    CK_RV crv;
-    SECStatus rv;
-    static unsigned char derZero[1] = { 0 };
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
-    privKey = (NSSLOWKEYPrivateKey *)
-			PORT_ArenaZAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
-    if (privKey == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
-    privKey->arena = arena;
-
-    /* Secret keys are represented in the database as "fake" RSA keys.  The RSA key
-     * is marked as a secret key representation by setting the public exponent field
-     * to 0, which is an invalid RSA exponent.  The other fields are set as follows:
-     *   modulus - CKA_ID value for the secret key
-     *   private exponent - CKA_VALUE (the key itself)
-     *   coefficient - CKA_KEY_TYPE, which indicates what encryption algorithm
-     *      is used for the key.
-     *   all others - set to integer 0
-     */
-    privKey->keyType = NSSLOWKEYRSAKey;
-
-    /* The modulus is set to the key id of the symmetric key */
-    crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.modulus,object,CKA_ID);
-    if (crv != CKR_OK) goto loser;
-
-    /* The public exponent is set to 0 length to indicate a special key */
-    privKey->u.rsa.publicExponent.len = sizeof derZero;
-    privKey->u.rsa.publicExponent.data = derZero;
-
-    /* The private exponent is the actual key value */
-    crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.privateExponent,object,CKA_VALUE);
-    if (crv != CKR_OK) goto loser;
-
-    /* All other fields empty - needs testing */
-    privKey->u.rsa.prime1.len = sizeof derZero;
-    privKey->u.rsa.prime1.data = derZero;
-
-    privKey->u.rsa.prime2.len = sizeof derZero;
-    privKey->u.rsa.prime2.data = derZero;
-
-    privKey->u.rsa.exponent1.len = sizeof derZero;
-    privKey->u.rsa.exponent1.data = derZero;
-
-    privKey->u.rsa.exponent2.len = sizeof derZero;
-    privKey->u.rsa.exponent2.data = derZero;
-
-    /* Coeficient set to KEY_TYPE */
-    crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.coefficient,object,CKA_KEY_TYPE);
-    if (crv != CKR_OK) goto loser;
-
-    /* Private key version field set normally for compatibility */
-    rv = DER_SetUInteger(privKey->arena, 
-			&privKey->u.rsa.version, NSSLOWKEY_VERSION);
-    if (rv != SECSuccess) { crv = CKR_HOST_MEMORY; goto loser; }
-
-loser:
-    if (crv != CKR_OK) {
-	PORT_FreeArena(arena,PR_FALSE);
-	privKey = 0;
-    }
-
-    return privKey;
-}
-
-static PRBool
-isSecretKey(NSSLOWKEYPrivateKey *privKey)
-{
-  if (privKey->keyType == NSSLOWKEYRSAKey && 
-		privKey->u.rsa.publicExponent.len == 1 &&
-      				privKey->u.rsa.publicExponent.data[0] == 0)
-    return PR_TRUE;
-
-  return PR_FALSE;
-}
-
-/**********************************************************************
- *
- *     Start of PKCS 11 functions 
- *
- **********************************************************************/
-
-
-/* return the function list */
-CK_RV NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
-{
-    *pFunctionList = (CK_FUNCTION_LIST_PTR) &pk11_funcList;
-    return CKR_OK;
-}
-
-/* return the function list */
-CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
-{
-    return NSC_GetFunctionList(pFunctionList);
-}
-
-static PLHashNumber
-pk11_HashNumber(const void *key)
-{
-    return (PLHashNumber) key;
-}
-
-/*
- * eventually I'd like to expunge all occurances of XXX_SLOT_ID and
- * just go with the info in the slot. This is one place, however,
- * where it might be a little difficult.
- */
-const char *
-pk11_getDefTokName(CK_SLOT_ID slotID)
-{
-    static char buf[33];
-
-    switch (slotID) {
-    case NETSCAPE_SLOT_ID:
-	return "NSS Generic Crypto Services     ";
-    case PRIVATE_KEY_SLOT_ID:
-	return "NSS Certificate DB              ";
-    case FIPS_SLOT_ID:
-        return "NSS FIPS-140-1 Cerificate DB    ";
-    default:
-	break;
-    }
-    sprintf(buf,"NSS Application Token %08x  ",(unsigned int) slotID);
-    return buf;
-}
-
-const char *
-pk11_getDefSlotName(CK_SLOT_ID slotID)
-{
-    static char buf[65];
-
-    switch (slotID) {
-    case NETSCAPE_SLOT_ID:
-	return 
-	 "NSS Internal Cryptographic Services Version 3.4                 ";
-    case PRIVATE_KEY_SLOT_ID:
-	return 
-	 "NSS User Private Key and Certificate Services                   ";
-    case FIPS_SLOT_ID:
-        return 
-         "Netscape FIPS-140-1 User Private Key Services                   ";
-    default:
-	break;
-    }
-    sprintf(buf,
-     "NSS Application Slot %08x                                   ",
-							(unsigned int) slotID);
-    return buf;
-}
-
-static CK_ULONG nscSlotCount[2] = {0 , 0};
-static CK_SLOT_ID_PTR nscSlotList[2] = {NULL, NULL};
-static CK_ULONG nscSlotListSize[2] = {0, 0};
-static PLHashTable *nscSlotHashTable[2] = {NULL, NULL};
-
-static int
-pk11_GetModuleIndex(CK_SLOT_ID slotID)
-{
-    if ((slotID == FIPS_SLOT_ID) || (slotID > 100)) {
-	return NSC_FIPS_MODULE;
-    }
-    return NSC_NON_FIPS_MODULE;
-}
-
-/* look up a slot structure from the ID (used to be a macro when we only
- * had two slots) */
-PK11Slot *
-pk11_SlotFromID(CK_SLOT_ID slotID)
-{
-    int index = pk11_GetModuleIndex(slotID);
-    return (PK11Slot *)PL_HashTableLookupConst(nscSlotHashTable[index], 
-							(void *)slotID);
-}
-
-PK11Slot *
-pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle)
-{
-    CK_ULONG slotIDIndex = (handle >> 24) & 0x7f;
-    CK_ULONG moduleIndex = (handle >> 31) & 1;
-
-    if (slotIDIndex >= nscSlotCount[moduleIndex]) {
-	return NULL;
-    }
-
-    return pk11_SlotFromID(nscSlotList[moduleIndex][slotIDIndex]);
-}
- 
-PK11Slot * pk11_NewSlotFromID(CK_SLOT_ID slotID, int moduleIndex)
-{
-    PK11Slot *slot = NULL;
-    PLHashEntry *entry;
-    int index;
-
-    index = pk11_GetModuleIndex(slotID);
-
-    /* make sure the slotID for this module is valid */
-    if (moduleIndex != index) {
-	return NULL;
-    }
-
-    if (nscSlotList[index] == NULL) {
-	nscSlotListSize[index] = NSC_SLOT_LIST_BLOCK_SIZE;
-	nscSlotList[index] = (CK_SLOT_ID *)
-		PORT_ZAlloc(nscSlotListSize[index]*sizeof(CK_SLOT_ID));
-	if (nscSlotList[index] == NULL) {
-	    return NULL;
-	}
-    }
-    if (nscSlotCount[index] >= nscSlotListSize[index]) {
-	CK_SLOT_ID* oldNscSlotList = nscSlotList[index];
-	CK_ULONG oldNscSlotListSize = nscSlotListSize[index];
-	nscSlotListSize[index] += NSC_SLOT_LIST_BLOCK_SIZE;
-	nscSlotList[index] = (CK_SLOT_ID *) PORT_Realloc(oldNscSlotList,
-				nscSlotListSize[index]*sizeof(CK_SLOT_ID));
-	if (nscSlotList[index] == NULL) {
-            nscSlotList[index] = oldNscSlotList;
-            nscSlotListSize[index] = oldNscSlotListSize;
-            return NULL;
-	}
-    }
-
-    if (nscSlotHashTable[index] == NULL) {
-	nscSlotHashTable[index] = PL_NewHashTable(64,pk11_HashNumber,
-				PL_CompareValues, PL_CompareValues, NULL, 0);
-	if (nscSlotHashTable[index] == NULL) {
-	    return NULL;
-	}
-    }
-
-    slot = (PK11Slot *) PORT_ZAlloc(sizeof(PK11Slot));
-    if (slot == NULL) {
-	return NULL;
-    }
-
-    entry = PL_HashTableAdd(nscSlotHashTable[index],(void *)slotID,slot);
-    if (entry == NULL) {
-	PORT_Free(slot);
-	return NULL;
-    }
-    slot->index = (nscSlotCount[index] & 0x7f) | ((index << 7) & 0x80);
-    nscSlotList[index][nscSlotCount[index]++] = slotID;
-
-    return slot;
-}
-
-/*
- * initialize one of the slot structures. figure out which by the ID
- */
-CK_RV
-PK11_SlotInit(char *configdir,pk11_token_parameters *params, int moduleIndex)
-{
-    int i;
-    CK_SLOT_ID slotID = params->slotID;
-    PK11Slot *slot = pk11_NewSlotFromID(slotID, moduleIndex);
-    PRBool needLogin = !params->noKeyDB;
-    CK_RV crv;
-
-    if (slot == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    slot->optimizeSpace = params->optimizeSpace;
-    if (slot->optimizeSpace) {
-	slot->tokObjHashSize = SPACE_TOKEN_OBJECT_HASH_SIZE;
-	slot->sessHashSize = SPACE_SESSION_HASH_SIZE;
-	slot->numSessionLocks = 1;
-    } else {
-	slot->tokObjHashSize = TIME_TOKEN_OBJECT_HASH_SIZE;
-	slot->sessHashSize = TIME_SESSION_HASH_SIZE;
-	slot->numSessionLocks = slot->sessHashSize/BUCKETS_PER_SESSION_LOCK;
-    }
-    slot->sessionLockMask = slot->numSessionLocks-1;
-
-#ifdef PKCS11_USE_THREADS
-    slot->slotLock = PZ_NewLock(nssILockSession);
-    if (slot->slotLock == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    slot->sessionLock = (PZLock **)
-			PORT_ZAlloc(slot->numSessionLocks * sizeof(PZLock *));
-    if (slot->sessionLock == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    for (i=0; i < slot->numSessionLocks; i++) {
-        slot->sessionLock[i] = PZ_NewLock(nssILockSession);
-        if (slot->sessionLock[i] == NULL) return CKR_HOST_MEMORY;
-    }
-    slot->objectLock = PZ_NewLock(nssILockObject);
-    if (slot->objectLock == NULL) return CKR_HOST_MEMORY;
-#else
-    slot->slotLock = NULL;
-    slot->sessionLock = (PZLock **)
-			PORT_ZAlloc(slot->numSessionLocks * sizeof(PZLock *));
-    if (slot->sessionLock == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    for (i=0; i < slot->numSessionLocks; i++) {
-        slot->sessionLock[i] = NULL;
-    }
-    slot->objectLock = NULL;
-#endif
-    slot->head = (PK11Session **)
-		PORT_ZAlloc(slot->sessHashSize*sizeof(PK11Session *));
-    if (slot->head == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    slot->tokObjects = (PK11Object **)
-		PORT_ZAlloc(slot->tokObjHashSize*sizeof(PK11Object *));
-    if (slot->tokObjects == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    slot->tokenHashTable = PL_NewHashTable(64,pk11_HashNumber,PL_CompareValues,
-					SECITEM_HashCompare, NULL, 0);
-    if (slot->tokenHashTable == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    slot->password = NULL;
-    slot->hasTokens = PR_FALSE;
-    slot->sessionIDCount = 0;
-    slot->sessionIDConflict = 0;
-    slot->sessionCount = 0;
-    slot->rwSessionCount = 0;
-    slot->tokenIDCount = 1;
-    slot->needLogin = PR_FALSE;
-    slot->isLoggedIn = PR_FALSE;
-    slot->ssoLoggedIn = PR_FALSE;
-    slot->DB_loaded = PR_FALSE;
-    slot->slotID = slotID;
-    slot->certDB = NULL;
-    slot->keyDB = NULL;
-    slot->minimumPinLen = 0;
-    slot->readOnly = params->readOnly;
-    pk11_setStringName(params->tokdes ? params->tokdes : 
-	pk11_getDefTokName(slotID), slot->tokDescription, 
-						sizeof(slot->tokDescription));
-    pk11_setStringName(params->slotdes ? params->slotdes : 
-	pk11_getDefSlotName(slotID), slot->slotDescription, 
-						sizeof(slot->slotDescription));
-
-    if ((!params->noCertDB) || (!params->noKeyDB)) {
-	crv = pk11_DBInit(params->configdir ? params->configdir : configdir,
-		params->certPrefix, params->keyPrefix, params->readOnly,
-		params->noCertDB, params->noKeyDB, params->forceOpen, 
-						&slot->certDB, &slot->keyDB);
-	if (crv != CKR_OK) {
-	    /* shoutdown slot? */
-	    return crv;
-	}
-    }
-    if (needLogin) {
-	/* if the data base is initialized with a null password,remember that */
-	slot->needLogin = 
-		(PRBool)!pk11_hasNullPassword(slot->keyDB,&slot->password);
-	if (params->minPW <= PK11_MAX_PIN) {
-	    slot->minimumPinLen = params->minPW;
-	}
-	if ((slot->minimumPinLen == 0) && (params->pwRequired) && 
-		(slot->minimumPinLen <= PK11_MAX_PIN)) {
-	    slot->minimumPinLen = 1;
-	}
-    }
-    return CKR_OK;
-}
-
-static PRIntn
-pk11_freeHashItem(PLHashEntry* entry, PRIntn index, void *arg)
-{
-    SECItem *item = (SECItem *)entry->value;
-
-    SECITEM_FreeItem(item, PR_TRUE);
-    return HT_ENUMERATE_NEXT;
-}
-
-/*
- * initialize one of the slot structures. figure out which by the ID
- */
-static CK_RV
-pk11_DestroySlotData(PK11Slot *slot)
-{
-    int i;
-
-#ifdef PKCS11_USE_THREADS
-    if (slot->slotLock) {
-	PZ_DestroyLock(slot->slotLock);
-	slot->slotLock = NULL;
-    }
-    if (slot->sessionLock) {
-	for (i=0; i < slot->numSessionLocks; i++) {
-	    if (slot->sessionLock[i]) {
-		PZ_DestroyLock(slot->sessionLock[i]);
-		slot->sessionLock[i] = NULL;
-	    }
-	}
-    }
-    if (slot->objectLock) {
-	PZ_DestroyLock(slot->objectLock);
-	slot->objectLock = NULL;
-    }
-#endif
-    if (slot->sessionLock) {
-	PORT_Free(slot->sessionLock);
-	slot->sessionLock = NULL;
-    }
-
-    if (slot->tokenHashTable) {
-	PL_HashTableEnumerateEntries(slot->tokenHashTable,
-							pk11_freeHashItem,NULL);
-	PL_HashTableDestroy(slot->tokenHashTable);
-	slot->tokenHashTable = NULL;
-    }
-
-    if (slot->tokObjects) {
-	for(i=0; i < slot->tokObjHashSize; i++) {
-	    PK11Object *object = slot->tokObjects[i];
-	    slot->tokObjects[i] = NULL;
-	    if (object) pk11_FreeObject(object);
-	}
-	PORT_Free(slot->tokObjects);
-	slot->tokObjects = NULL;
-    }
-    slot->tokObjHashSize = 0;
-    if (slot->head) {
-	for(i=0; i < slot->sessHashSize; i++) {
-	    PK11Session *session = slot->head[i];
-	    slot->head[i] = NULL;
-	    if (session) pk11_FreeSession(session);
-	}
-	PORT_Free(slot->head);
-	slot->head = NULL;
-    }
-    slot->sessHashSize = 0;
-    pk11_DBShutdown(slot->certDB,slot->keyDB);
-
-    PORT_Free(slot);
-    return CKR_OK;
-}
-
-/*
- * handle the SECMOD.db
- */
-char **
-NSC_ModuleDBFunc(unsigned long function,char *parameters, void *args)
-{
-    char *secmod = NULL;
-    char *appName = NULL;
-    char *filename = NULL;
-    PRBool rw;
-    static char *success="Success";
-    char **rvstr = NULL;
-
-    secmod = secmod_getSecmodName(parameters,&appName,&filename, &rw);
-
-    switch (function) {
-    case SECMOD_MODULE_DB_FUNCTION_FIND:
-	rvstr = secmod_ReadPermDB(appName,filename,secmod,(char *)parameters,rw);
-	break;
-    case SECMOD_MODULE_DB_FUNCTION_ADD:
-	rvstr = (secmod_AddPermDB(appName,filename,secmod,(char *)args,rw) 
-				== SECSuccess) ? &success: NULL;
-	break;
-    case SECMOD_MODULE_DB_FUNCTION_DEL:
-	rvstr = (secmod_DeletePermDB(appName,filename,secmod,(char *)args,rw)
-				 == SECSuccess) ? &success: NULL;
-	break;
-    case SECMOD_MODULE_DB_FUNCTION_RELEASE:
-	rvstr = (secmod_ReleasePermDBData(appName,filename,secmod,
-			(char **)args,rw) == SECSuccess) ? &success: NULL;
-	break;
-    }
-    if (secmod) PR_smprintf_free(secmod);
-    if (appName) PORT_Free(appName);
-    if (filename) PORT_Free(filename);
-    return rvstr;
-}
-
-static void nscFreeAllSlots(int moduleIndex)
-{
-    /* free all the slots */
-    PK11Slot *slot = NULL;
-    CK_SLOT_ID slotID;
-    int i;
-
-    if (nscSlotList[moduleIndex]) {
-	CK_ULONG tmpSlotCount = nscSlotCount[moduleIndex];
-	CK_SLOT_ID_PTR tmpSlotList = nscSlotList[moduleIndex];
-	PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
-
-	/* now clear out the statics */
-	nscSlotList[moduleIndex] = NULL;
-	nscSlotCount[moduleIndex] = 0;
-	nscSlotHashTable[moduleIndex] = NULL;
-	nscSlotListSize[moduleIndex] = 0;
-
-	for (i=0; i < (int) tmpSlotCount; i++) {
-	    slotID = tmpSlotList[i];
-	    slot = (PK11Slot *)
-			PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
-	    PORT_Assert(slot);
-	    if (!slot) continue;
-	    pk11_DestroySlotData(slot);
-	    PL_HashTableRemove(tmpSlotHashTable, (void *)slotID);
-	}
-	PORT_Free(tmpSlotList);
-	PL_HashTableDestroy(tmpSlotHashTable);
-    }
-}
-
-static void
-pk11_closePeer(PRBool isFIPS)
-{
-    CK_SLOT_ID slotID = isFIPS ? PRIVATE_KEY_SLOT_ID: FIPS_SLOT_ID;
-    PK11Slot *slot;
-    int moduleIndex = isFIPS? NSC_NON_FIPS_MODULE : NSC_FIPS_MODULE;
-    PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
-
-    slot = (PK11Slot *) PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
-    if (slot == NULL) {
-	return;
-    }
-    pk11_DBShutdown(slot->certDB,slot->keyDB);
-    slot->certDB = NULL;
-    slot->keyDB = NULL;
-    return;
-}
-
-static PRBool nsc_init = PR_FALSE;
-
-/* NSC_Initialize initializes the Cryptoki library. */
-CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS)
-{
-    CK_RV crv = CKR_OK;
-    SECStatus rv;
-    CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *) pReserved;
-    int i;
-    int moduleIndex = isFIPS? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE;
-
-    rv = RNG_RNGInit();         /* initialize random number generator */
-    if (rv != SECSuccess) {
-	crv = CKR_DEVICE_ERROR;
-	goto loser;
-    }
-    RNG_SystemInfoForRNG();
-
-
-    /* NOTE:
-     * we should be getting out mutexes from this list, not statically binding
-     * them from NSPR. This should happen before we allow the internal to split
-     * off from the rest on NSS.
-     */
-
-    /* initialize the key and cert db's */
-    nsslowkey_SetDefaultKeyDBAlg
-			     (SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC);
-    crv = CKR_ARGUMENTS_BAD;
-    if ((init_args && init_args->LibraryParameters)) {
-	pk11_parameters paramStrings;
-       
-	crv = secmod_parseParameters
-		((char *)init_args->LibraryParameters, &paramStrings, isFIPS);
-	if (crv != CKR_OK) {
-	    return crv;
-	}
-	crv = pk11_configure(paramStrings.man, paramStrings.libdes);
-        if (crv != CKR_OK) {
-	    goto loser;
-	}
-
-	/* if we have a peer already open, have him close his DB's so we
-	 * don't clobber each other. */
-	if ((isFIPS && nsc_init) || (!isFIPS && nsf_init)) {
-	    pk11_closePeer(isFIPS);
-	}
-
-	for (i=0; i < paramStrings.token_count; i++) {
-	    crv = 
-		PK11_SlotInit(paramStrings.configdir, &paramStrings.tokens[i],
-			moduleIndex);
-	    if (crv != CKR_OK) {
-                nscFreeAllSlots(moduleIndex);
-                break;
-            }
-	}
-loser:
-	secmod_freeParams(&paramStrings);
-    }
-
-    return crv;
-}
-
-CK_RV NSC_Initialize(CK_VOID_PTR pReserved)
-{
-    CK_RV crv;
-    if (nsc_init) {
-	return CKR_CRYPTOKI_ALREADY_INITIALIZED;
-    }
-    crv = nsc_CommonInitialize(pReserved,PR_FALSE);
-    nsc_init = (PRBool) (crv == CKR_OK);
-    return crv;
-}
-
-/* NSC_Finalize indicates that an application is done with the 
- * Cryptoki library.*/
-CK_RV nsc_CommonFinalize (CK_VOID_PTR pReserved, PRBool isFIPS)
-{
-    
-
-    nscFreeAllSlots(isFIPS ? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE);
-
-    /* don't muck with the globals is our peer is still initialized */
-    if (isFIPS && nsc_init) {
-	return CKR_OK;
-    }
-    if (!isFIPS && nsf_init) {
-	return CKR_OK;
-    }
-
-    nsslowcert_DestroyGlobalLocks();
-
-#ifdef LEAK_TEST
-    /*
-     * do we really want to throw away all our hard earned entropy here!!?
-     * No we don't! Not calling RNG_RNGShutdown only 'leaks' data on the 
-     * initial call to RNG_Init(). So the only reason to call this is to clean
-     * up leak detection warnings on shutdown. In many cases we *don't* want
-     * to free up the global RNG context because the application has Finalized
-     * simply to swap profiles. We don't want to loose the entropy we've 
-     * already collected.
-     */
-    RNG_RNGShutdown();
-#endif
-
-    pk11_CleanupFreeLists();
-    /* tell freeBL to clean up after itself */
-    BL_Cleanup();
-    nsc_init = PR_FALSE;
-
-    return CKR_OK;
-}
-
-/* NSC_Finalize indicates that an application is done with the 
- * Cryptoki library.*/
-CK_RV NSC_Finalize (CK_VOID_PTR pReserved)
-{
-    CK_RV crv;
-
-    if (!nsc_init) {
-	return CKR_OK;
-    }
-
-    crv = nsc_CommonFinalize (pReserved, PR_FALSE);
-
-    nsc_init = (PRBool) !(crv == CKR_OK);
-
-    return crv;
-}
-
-extern const char __nss_softokn_rcsid[];
-extern const char __nss_softokn_sccsid[];
-
-/* NSC_GetInfo returns general information about Cryptoki. */
-CK_RV  NSC_GetInfo(CK_INFO_PTR pInfo)
-{
-    volatile char c; /* force a reference that won't get optimized away */
-
-    c = __nss_softokn_rcsid[0] + __nss_softokn_sccsid[0]; 
-    pInfo->cryptokiVersion.major = 2;
-    pInfo->cryptokiVersion.minor = 11;
-    PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
-    pInfo->libraryVersion.major = 3;
-    pInfo->libraryVersion.minor = 2;
-    PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
-    pInfo->flags = 0;
-    return CKR_OK;
-}
-
-
-/* NSC_GetSlotList obtains a list of slots in the system. */
-CK_RV nsc_CommonGetSlotList(CK_BBOOL tokenPresent, 
-	CK_SLOT_ID_PTR	pSlotList, CK_ULONG_PTR pulCount, int moduleIndex)
-{
-    *pulCount = nscSlotCount[moduleIndex];
-    if (pSlotList != NULL) {
-	PORT_Memcpy(pSlotList,nscSlotList[moduleIndex],
-				nscSlotCount[moduleIndex]*sizeof(CK_SLOT_ID));
-    }
-    return CKR_OK;
-}
-
-/* NSC_GetSlotList obtains a list of slots in the system. */
-CK_RV NSC_GetSlotList(CK_BBOOL tokenPresent,
-	 		CK_SLOT_ID_PTR	pSlotList, CK_ULONG_PTR pulCount)
-{
-    return nsc_CommonGetSlotList(tokenPresent, pSlotList, pulCount, 
-							NSC_NON_FIPS_MODULE);
-}
-	
-/* NSC_GetSlotInfo obtains information about a particular slot in the system. */
-CK_RV NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
-{
-    PK11Slot *slot = pk11_SlotFromID(slotID);
-    if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
-    pInfo->firmwareVersion.major = 0;
-    pInfo->firmwareVersion.minor = 0;
-    PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
-    PORT_Memcpy(pInfo->slotDescription,slot->slotDescription,64);
-    pInfo->flags = CKF_TOKEN_PRESENT;
-    /* ok we really should read it out of the keydb file. */
-    /* pInfo->hardwareVersion.major = NSSLOWKEY_DB_FILE_VERSION; */
-    pInfo->hardwareVersion.major = 3;
-    pInfo->hardwareVersion.minor = 4;
-    return CKR_OK;
-}
-
-#define CKF_THREAD_SAFE 0x8000 /* for now */
-
-/* NSC_GetTokenInfo obtains information about a particular token in 
- * the system. */
-CK_RV NSC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo)
-{
-    PK11Slot *slot = pk11_SlotFromID(slotID);
-    NSSLOWKEYDBHandle *handle;
-
-    if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
-    PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
-    PORT_Memcpy(pInfo->model,"NSS 3           ",16);
-    PORT_Memcpy(pInfo->serialNumber,"0000000000000000",16);
-    pInfo->ulMaxSessionCount = 0; /* arbitrarily large */
-    pInfo->ulSessionCount = slot->sessionCount;
-    pInfo->ulMaxRwSessionCount = 0; /* arbitarily large */
-    pInfo->ulRwSessionCount = slot->rwSessionCount;
-    pInfo->firmwareVersion.major = 0;
-    pInfo->firmwareVersion.minor = 0;
-    PORT_Memcpy(pInfo->label,slot->tokDescription,32);
-    handle = slot->keyDB;
-    if (handle == NULL) {
-        pInfo->flags= CKF_RNG | CKF_WRITE_PROTECTED | CKF_THREAD_SAFE;
-	pInfo->ulMaxPinLen = 0;
-	pInfo->ulMinPinLen = 0;
-	pInfo->ulTotalPublicMemory = 0;
-	pInfo->ulFreePublicMemory = 0;
-	pInfo->ulTotalPrivateMemory = 0;
-	pInfo->ulFreePrivateMemory = 0;
-	pInfo->hardwareVersion.major = 4;
-	pInfo->hardwareVersion.minor = 0;
-    } else {
-	/*
-	 * we have three possible states which we may be in:
-	 *   (1) No DB password has been initialized. This also means we
-	 *   have no keys in the key db.
-	 *   (2) Password initialized to NULL. This means we have keys, but
-	 *   the user has chosen not use a password.
-	 *   (3) Finally we have an initialized password whicn is not NULL, and
-	 *   we will need to prompt for it.
-	 */
-	if (nsslowkey_HasKeyDBPassword(handle) == SECFailure) {
-	    pInfo->flags = CKF_THREAD_SAFE | CKF_LOGIN_REQUIRED;
-	} else if (!slot->needLogin) {
-	    pInfo->flags = CKF_THREAD_SAFE | CKF_USER_PIN_INITIALIZED;
-	} else {
-	    pInfo->flags = CKF_THREAD_SAFE | 
-				CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED;
-	}
-	pInfo->ulMaxPinLen = PK11_MAX_PIN;
-	pInfo->ulMinPinLen = 0;
-	if (slot->minimumPinLen > 0) {
-	    pInfo->ulMinPinLen = (CK_ULONG)slot->minimumPinLen;
-	}
-	pInfo->ulTotalPublicMemory = 1;
-	pInfo->ulFreePublicMemory = 1;
-	pInfo->ulTotalPrivateMemory = 1;
-	pInfo->ulFreePrivateMemory = 1;
-	pInfo->hardwareVersion.major = CERT_DB_FILE_VERSION;
-	pInfo->hardwareVersion.minor = handle->version;
-    }
-    return CKR_OK;
-}
-
-
-
-/* NSC_GetMechanismList obtains a list of mechanism types 
- * supported by a token. */
-CK_RV NSC_GetMechanismList(CK_SLOT_ID slotID,
-	CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount)
-{
-    int i;
-
-    switch (slotID) {
-    case NETSCAPE_SLOT_ID:
-	*pulCount = mechanismCount;
-	if (pMechanismList != NULL) {
-	    for (i=0; i < (int) mechanismCount; i++) {
-		pMechanismList[i] = mechanisms[i].type;
-	    }
-	}
-	break;
-     default:
-	*pulCount = 0;
-	for (i=0; i < (int) mechanismCount; i++) {
-	    if (mechanisms[i].privkey) {
-		(*pulCount)++;
-		if (pMechanismList != NULL) {
-		    *pMechanismList++ = mechanisms[i].type;
-		}
-	    }
-	}
-	break;
-    }
-    return CKR_OK;
-}
-
-
-/* NSC_GetMechanismInfo obtains information about a particular mechanism 
- * possibly supported by a token. */
-CK_RV NSC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
-    					CK_MECHANISM_INFO_PTR pInfo)
-{
-    PRBool isPrivateKey;
-    int i;
-
-    switch (slotID) {
-    case NETSCAPE_SLOT_ID:
-	isPrivateKey = PR_FALSE;
-	break;
-    default:
-	isPrivateKey = PR_TRUE;
-	break;
-    }
-    for (i=0; i < (int) mechanismCount; i++) {
-        if (type == mechanisms[i].type) {
-	    if (isPrivateKey && !mechanisms[i].privkey) {
-    		return CKR_MECHANISM_INVALID;
-	    }
-	    PORT_Memcpy(pInfo,&mechanisms[i].domestic,
-						sizeof(CK_MECHANISM_INFO));
-	    return CKR_OK;
-	}
-    }
-    return CKR_MECHANISM_INVALID;
-}
-
-static SECStatus
-pk11_TurnOffUser(NSSLOWCERTCertificate *cert, SECItem *k, void *arg)
-{
-   NSSLOWCERTCertTrust trust;
-   SECStatus rv;
-
-   rv = nsslowcert_GetCertTrust(cert,&trust);
-   if (rv == SECSuccess && ((trust.emailFlags & CERTDB_USER) ||
-			    (trust.sslFlags & CERTDB_USER) ||
-			    (trust.objectSigningFlags & CERTDB_USER))) {
-	trust.emailFlags &= ~CERTDB_USER;
-	trust.sslFlags &= ~CERTDB_USER;
-	trust.objectSigningFlags &= ~CERTDB_USER;
-	nsslowcert_ChangeCertTrust(cert->dbhandle,cert,&trust);
-   }
-   return SECSuccess;
-}
-
-/* NSC_InitToken initializes a token. */
-CK_RV NSC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
- 				CK_ULONG ulPinLen,CK_CHAR_PTR pLabel) {
-    PK11Slot *slot = pk11_SlotFromID(slotID);
-    NSSLOWKEYDBHandle *handle;
-    NSSLOWCERTCertDBHandle *certHandle;
-    SECStatus rv;
-    int i;
-    PK11Object *object;
-
-    if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
-    /* don't initialize the database if we aren't talking to a token
-     * that uses the key database.
-     */
-    if (slotID == NETSCAPE_SLOT_ID) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    /* first, delete all our loaded key and cert objects from our 
-     * internal list. */
-    PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-    for (i=0; i < slot->tokObjHashSize; i++) {
-	do {
-	    object = slot->tokObjects[i];
-	    /* hand deque */
-	    /* this duplicates function of NSC_close session functions, but 
-	     * because we know that we are freeing all the sessions, we can
-	     * do more efficient processing */
-	    if (object) {
-		slot->tokObjects[i] = object->next;
-
-		if (object->next) object->next->prev = NULL;
-		object->next = object->prev = NULL;
-	    }
-	    if (object) pk11_FreeObject(object);
-	} while (object != NULL);
-    }
-    slot->DB_loaded = PR_FALSE;
-    PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-
-    /* then clear out the key database */
-    handle = slot->keyDB;
-    if (handle == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    /* what to do on an error here? */
-    rv = nsslowkey_ResetKeyDB(handle);
-
-    /* finally  mark all the user certs as non-user certs */
-    certHandle = slot->certDB;
-    if (certHandle == NULL) return CKR_OK;
-
-    nsslowcert_TraversePermCerts(certHandle,pk11_TurnOffUser, NULL);
-
-    return CKR_OK; /*is this the right function for not implemented*/
-}
-
-
-/* NSC_InitPIN initializes the normal user's PIN. */
-CK_RV NSC_InitPIN(CK_SESSION_HANDLE hSession,
-    					CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
-{
-    PK11Session *sp;
-    PK11Slot *slot;
-    NSSLOWKEYDBHandle *handle;
-    SECItem *newPin;
-    char newPinStr[PK11_MAX_PIN+1];
-    SECStatus rv;
-
-    
-    sp = pk11_SessionFromHandle(hSession);
-    if (sp == NULL) {
-	return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    slot = pk11_SlotFromSession(sp);
-    if (slot == NULL) {
-	pk11_FreeSession(sp);
-	return CKR_SESSION_HANDLE_INVALID;;
-    }
-
-    handle = slot->keyDB;
-    if (handle == NULL) {
-	pk11_FreeSession(sp);
-	return CKR_PIN_LEN_RANGE;
-    }
-
-
-    if (sp->info.state != CKS_RW_SO_FUNCTIONS) {
-	pk11_FreeSession(sp);
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-
-    pk11_FreeSession(sp);
-
-    /* make sure the pins aren't too long */
-    if (ulPinLen > PK11_MAX_PIN) {
-	return CKR_PIN_LEN_RANGE;
-    }
-    if (ulPinLen < (CK_ULONG)slot->minimumPinLen) {
-	return CKR_PIN_LEN_RANGE;
-    }
-
-    if (nsslowkey_HasKeyDBPassword(handle) != SECFailure) {
-	return CKR_DEVICE_ERROR;
-    }
-
-    /* convert to null terminated string */
-    PORT_Memcpy(newPinStr,pPin,ulPinLen);
-    newPinStr[ulPinLen] = 0; 
-
-    /* build the hashed pins which we pass around */
-    newPin = nsslowkey_HashPassword(newPinStr,handle->global_salt);
-    PORT_Memset(newPinStr,0,sizeof(newPinStr));
-
-    /* change the data base */
-    rv = nsslowkey_SetKeyDBPassword(handle,newPin);
-
-    /* Now update our local copy of the pin */
-    if (rv == SECSuccess) {
-	if (slot->password) {
-    	    SECITEM_ZfreeItem(slot->password, PR_TRUE);
-	}
-	slot->password = newPin;
-	if (ulPinLen == 0) slot->needLogin = PR_FALSE;
-	return CKR_OK;
-    }
-    SECITEM_ZfreeItem(newPin, PR_TRUE);
-    return CKR_PIN_INCORRECT;
-}
-
-
-/* NSC_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
-CK_RV NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
-    CK_ULONG ulOldLen, CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
-{
-    PK11Session *sp;
-    PK11Slot *slot;
-    NSSLOWKEYDBHandle *handle;
-    SECItem *newPin;
-    SECItem *oldPin;
-    char newPinStr[PK11_MAX_PIN+1],oldPinStr[PK11_MAX_PIN+1];
-    SECStatus rv;
-
-    
-    sp = pk11_SessionFromHandle(hSession);
-    if (sp == NULL) {
-	return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    slot = pk11_SlotFromSession(sp);
-    if (!slot) {
-	pk11_FreeSession(sp);
-	return CKR_SESSION_HANDLE_INVALID;;
-    }
-
-    handle = slot->keyDB;
-    if (handle == NULL) {
-	pk11_FreeSession(sp);
-	return CKR_PIN_LEN_RANGE;
-    }
-
-    if (slot->needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
-	pk11_FreeSession(sp);
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-
-    pk11_FreeSession(sp);
-
-    /* make sure the pins aren't too long */
-    if ((ulNewLen > PK11_MAX_PIN) || (ulOldLen > PK11_MAX_PIN)) {
-	return CKR_PIN_LEN_RANGE;
-    }
-    if (ulNewLen < (CK_ULONG)slot->minimumPinLen) {
-	return CKR_PIN_LEN_RANGE;
-    }
-
-
-    /* convert to null terminated string */
-    PORT_Memcpy(newPinStr,pNewPin,ulNewLen);
-    newPinStr[ulNewLen] = 0; 
-    PORT_Memcpy(oldPinStr,pOldPin,ulOldLen);
-    oldPinStr[ulOldLen] = 0; 
-
-    /* build the hashed pins which we pass around */
-    newPin = nsslowkey_HashPassword(newPinStr,handle->global_salt);
-    oldPin = nsslowkey_HashPassword(oldPinStr,handle->global_salt);
-    PORT_Memset(newPinStr,0,sizeof(newPinStr));
-    PORT_Memset(oldPinStr,0,sizeof(oldPinStr));
-
-    /* change the data base */
-    rv = nsslowkey_ChangeKeyDBPassword(handle,oldPin,newPin);
-
-    /* Now update our local copy of the pin */
-    SECITEM_ZfreeItem(oldPin, PR_TRUE);
-    if (rv == SECSuccess) {
-	if (slot->password) {
-    	    SECITEM_ZfreeItem(slot->password, PR_TRUE);
-	}
-	slot->password = newPin;
-	slot->needLogin = (PRBool)(ulNewLen != 0);
-	return CKR_OK;
-    }
-    SECITEM_ZfreeItem(newPin, PR_TRUE);
-    return CKR_PIN_INCORRECT;
-}
-
-/* NSC_OpenSession opens a session between an application and a token. */
-CK_RV NSC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
-   CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession)
-{
-    PK11Slot *slot;
-    CK_SESSION_HANDLE sessionID;
-    PK11Session *session;
-    PK11Session *sameID;
-
-    slot = pk11_SlotFromID(slotID);
-    if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
-    /* new session (we only have serial sessions) */
-    session = pk11_NewSession(slotID, Notify, pApplication,
-						 flags | CKF_SERIAL_SESSION);
-    if (session == NULL) return CKR_HOST_MEMORY;
-
-    PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-    if (slot->readOnly && (flags & CKF_RW_SESSION)) {
-	/* NETSCAPE_SLOT_ID is Read ONLY */
-	session->info.flags &= ~CKF_RW_SESSION;
-    }
-    slot->sessionCount++;
-    if (session->info.flags & CKF_RW_SESSION) {
-	slot->rwSessionCount++;
-    }
-    PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-
-    do {
-        do {
-            sessionID = (PR_AtomicIncrement(&slot->sessionIDCount) & 0xffffff)
-                        | (slot->index << 24);
-        } while (sessionID == CK_INVALID_HANDLE);
-        PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,sessionID));)
-        pk11queue_find(sameID, sessionID, slot->head, slot->sessHashSize);
-        if (sameID == NULL) {
-            session->handle = sessionID;
-            pk11_update_state(slot, session);
-            pk11queue_add(session, sessionID, slot->head,slot->sessHashSize);
-        } else {
-            slot->sessionIDConflict++;  /* for debugging */
-        }
-        PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,sessionID));)
-    } while (sameID != NULL);
-
-    *phSession = sessionID;
-    return CKR_OK;
-}
-
-
-/* NSC_CloseSession closes a session between an application and a token. */
-CK_RV NSC_CloseSession(CK_SESSION_HANDLE hSession)
-{
-    PK11Slot *slot;
-    PK11Session *session;
-    SECItem *pw = NULL;
-    PRBool sessionFound;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    slot = pk11_SlotFromSession(session);
-    sessionFound = PR_FALSE;
-
-    /* lock */
-    PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,hSession));)
-    if (pk11queue_is_queued(session,hSession,slot->head,slot->sessHashSize)) {
-	sessionFound = PR_TRUE;
-	pk11queue_delete(session,hSession,slot->head,slot->sessHashSize);
-	session->refCount--; /* can't go to zero while we hold the reference */
-	PORT_Assert(session->refCount > 0);
-    }
-    PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,hSession));)
-
-    PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-    if (sessionFound) {
-	slot->sessionCount--;
-	if (session->info.flags & CKF_RW_SESSION) {
-	    slot->rwSessionCount--;
-	}
-    }
-    if (slot->sessionCount == 0) {
-	pw = slot->password;
-	slot->isLoggedIn = PR_FALSE;
-	slot->password = NULL;
-    }
-    PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-
-    pk11_FreeSession(session);
-    if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-    return CKR_OK;
-}
-
-
-/* NSC_CloseAllSessions closes all sessions with a token. */
-CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID)
-{
-    PK11Slot *slot;
-    SECItem *pw = NULL;
-    PK11Session *session;
-    int i;
-
-    slot = pk11_SlotFromID(slotID);
-    if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
-    /* first log out the card */
-    PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-    pw = slot->password;
-    slot->isLoggedIn = PR_FALSE;
-    slot->password = NULL;
-    PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-    if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-
-    /* now close all the current sessions */
-    /* NOTE: If you try to open new sessions before NSC_CloseAllSessions
-     * completes, some of those new sessions may or may not be closed by
-     * NSC_CloseAllSessions... but any session running when this code starts
-     * will guarrenteed be close, and no session will be partially closed */
-    for (i=0; i < slot->sessHashSize; i++) {
-	do {
-	    PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,i));)
-	    session = slot->head[i];
-	    /* hand deque */
-	    /* this duplicates function of NSC_close session functions, but 
-	     * because we know that we are freeing all the sessions, we can
-	     * do more efficient processing */
-	    if (session) {
-		slot->head[i] = session->next;
-		if (session->next) session->next->prev = NULL;
-		session->next = session->prev = NULL;
-		PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,i));)
-		PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-		slot->sessionCount--;
-		if (session->info.flags & CKF_RW_SESSION) {
-		    slot->rwSessionCount--;
-		}
-		PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-	    } else {
-		PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,i));)
-	    }
-	    if (session) pk11_FreeSession(session);
-	} while (session != NULL);
-    }
-    return CKR_OK;
-}
-
-
-/* NSC_GetSessionInfo obtains information about the session. */
-CK_RV NSC_GetSessionInfo(CK_SESSION_HANDLE hSession,
-    						CK_SESSION_INFO_PTR pInfo)
-{
-    PK11Session *session;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
-    PORT_Memcpy(pInfo,&session->info,sizeof(CK_SESSION_INFO));
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-/* NSC_Login logs a user into a token. */
-CK_RV NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
-				    CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
-{
-    PK11Slot *slot;
-    PK11Session *session;
-    NSSLOWKEYDBHandle *handle;
-    SECItem *pin;
-    char pinStr[PK11_MAX_PIN+1];
-
-
-    /* get the slot */
-    slot = pk11_SlotFromSessionHandle(hSession);
-
-    /* make sure the session is valid */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    }
-    pk11_FreeSession(session);
-
-    /* can't log into the Netscape Slot */
-    if (slot->slotID == NETSCAPE_SLOT_ID)
-	 return CKR_USER_TYPE_INVALID;
-
-    if (slot->isLoggedIn) return CKR_USER_ALREADY_LOGGED_IN;
-    slot->ssoLoggedIn = PR_FALSE;
-
-    if (ulPinLen > PK11_MAX_PIN) return CKR_PIN_LEN_RANGE;
-
-    /* convert to null terminated string */
-    PORT_Memcpy(pinStr,pPin,ulPinLen);
-    pinStr[ulPinLen] = 0; 
-
-    handle = slot->keyDB;
-    if (handle == NULL) {
-	 return CKR_USER_TYPE_INVALID;
-    }
-
-    /*
-     * Deal with bootstrap. We allow the SSO to login in with a NULL
-     * password if and only if we haven't initialized the KEY DB yet.
-     * We only allow this on a RW session.
-     */
-    if (nsslowkey_HasKeyDBPassword(handle) == SECFailure) {
-	/* allow SSO's to log in only if there is not password on the
-	 * key database */
-	if (((userType == CKU_SO) && (session->info.flags & CKF_RW_SESSION))
-	    /* fips always needs to authenticate, even if there isn't a db */
-					|| (slot->slotID == FIPS_SLOT_ID)) {
-	    /* should this be a fixed password? */
-	    if (ulPinLen == 0) {
-		SECItem *pw;
-    		PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-		pw = slot->password;
-		slot->password = NULL;
-		slot->isLoggedIn = PR_TRUE;
-		slot->ssoLoggedIn = (PRBool)(userType == CKU_SO);
-		PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-		pk11_update_all_states(slot);
-		SECITEM_ZfreeItem(pw,PR_TRUE);
-		return CKR_OK;
-	    }
-	    return CKR_PIN_INCORRECT;
-	} 
-	return CKR_USER_TYPE_INVALID;
-    } 
-
-    /* don't allow the SSO to log in if the user is already initialized */
-    if (userType != CKU_USER) { return CKR_USER_TYPE_INVALID; }
-
-
-    /* build the hashed pins which we pass around */
-    pin = nsslowkey_HashPassword(pinStr,handle->global_salt);
-    if (pin == NULL) return CKR_HOST_MEMORY;
-
-    if (nsslowkey_CheckKeyDBPassword(handle,pin) == SECSuccess) {
-	SECItem *tmp;
-	PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-	tmp = slot->password;
-	slot->isLoggedIn = PR_TRUE;
-	slot->password = pin;
-	PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-        if (tmp) SECITEM_ZfreeItem(tmp, PR_TRUE);
-
-	/* update all sessions */
-	pk11_update_all_states(slot);
-	return CKR_OK;
-    }
-
-    SECITEM_ZfreeItem(pin, PR_TRUE);
-    return CKR_PIN_INCORRECT;
-}
-
-/* NSC_Logout logs a user out from a token. */
-CK_RV NSC_Logout(CK_SESSION_HANDLE hSession)
-{
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    SECItem *pw = NULL;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    if (!slot->isLoggedIn) return CKR_USER_NOT_LOGGED_IN;
-
-    PK11_USE_THREADS(PZ_Lock(slot->slotLock);)
-    pw = slot->password;
-    slot->isLoggedIn = PR_FALSE;
-    slot->ssoLoggedIn = PR_FALSE;
-    slot->password = NULL;
-    PK11_USE_THREADS(PZ_Unlock(slot->slotLock);)
-    if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-
-    pk11_update_all_states(slot);
-    return CKR_OK;
-}
-
-
-/* NSC_CreateObject creates a new object. */
-CK_RV NSC_CreateObject(CK_SESSION_HANDLE hSession,
-		CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, 
-					CK_OBJECT_HANDLE_PTR phObject)
-{
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    PK11Object *object;
-    CK_RV crv;
-    int i;
-
-
-    /*
-     * now lets create an object to hang the attributes off of
-     */
-    object = pk11_NewObject(slot); /* fill in the handle later */
-    if (object == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * load the template values into the object
-     */
-    for (i=0; i < (int) ulCount; i++) {
-	crv = pk11_AddAttributeType(object,pk11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) {
-	    pk11_FreeObject(object);
-	    return crv;
-	}
-    }
-
-    /* get the session */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	pk11_FreeObject(object);
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    /*
-     * handle the base object stuff
-     */
-    crv = pk11_handleObject(object,session);
-    *phObject = object->handle;
-    pk11_FreeSession(session);
-    pk11_FreeObject(object);
-
-    return crv;
-}
-
-
-/* NSC_CopyObject copies an object, creating a new object for the copy. */
-CK_RV NSC_CopyObject(CK_SESSION_HANDLE hSession,
-       CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-					CK_OBJECT_HANDLE_PTR phNewObject) 
-{
-    PK11Object *destObject,*srcObject;
-    PK11Session *session;
-    CK_RV crv = CKR_OK;
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    int i;
-
-    /* Get srcObject so we can find the class */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-    srcObject = pk11_ObjectFromHandle(hObject,session);
-    if (srcObject == NULL) {
-	pk11_FreeSession(session);
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-    /*
-     * create an object to hang the attributes off of
-     */
-    destObject = pk11_NewObject(slot); /* fill in the handle later */
-    if (destObject == NULL) {
-	pk11_FreeSession(session);
-        pk11_FreeObject(srcObject);
-	return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * load the template values into the object
-     */
-    for (i=0; i < (int) ulCount; i++) {
-	if (pk11_modifyType(pTemplate[i].type,srcObject->objclass) == PK11_NEVER) {
-	    crv = CKR_ATTRIBUTE_READ_ONLY;
-	    break;
-	}
-	crv = pk11_AddAttributeType(destObject,pk11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) { break; }
-    }
-    if (crv != CKR_OK) {
-	pk11_FreeSession(session);
-        pk11_FreeObject(srcObject);
-	pk11_FreeObject(destObject);
-	return crv;
-    }
-
-    /* sensitive can only be changed to CK_TRUE */
-    if (pk11_hasAttribute(destObject,CKA_SENSITIVE)) {
-	if (!pk11_isTrue(destObject,CKA_SENSITIVE)) {
-	    pk11_FreeSession(session);
-            pk11_FreeObject(srcObject);
-	    pk11_FreeObject(destObject);
-	    return CKR_ATTRIBUTE_READ_ONLY;
-	}
-    }
-
-    /*
-     * now copy the old attributes from the new attributes
-     */
-    /* don't create a token object if we aren't in a rw session */
-    /* we need to hold the lock to copy a consistant version of
-     * the object. */
-    crv = pk11_CopyObject(destObject,srcObject);
-
-    destObject->objclass = srcObject->objclass;
-    pk11_FreeObject(srcObject);
-    if (crv != CKR_OK) {
-	pk11_FreeObject(destObject);
-	pk11_FreeSession(session);
-    }
-
-    crv = pk11_handleObject(destObject,session);
-    *phNewObject = destObject->handle;
-    pk11_FreeSession(session);
-    pk11_FreeObject(destObject);
-    
-    return crv;
-}
-
-
-/* NSC_GetObjectSize gets the size of an object in bytes. */
-CK_RV NSC_GetObjectSize(CK_SESSION_HANDLE hSession,
-    			CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) {
-    *pulSize = 0;
-    return CKR_OK;
-}
-
-
-/* NSC_GetAttributeValue obtains the value of one or more object attributes. */
-CK_RV NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    PK11Object *object;
-    PK11Attribute *attribute;
-    PRBool sensitive;
-    int i;
-
-    /*
-     * make sure we're allowed
-     */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    object = pk11_ObjectFromHandle(hObject,session);
-    pk11_FreeSession(session);
-    if (object == NULL) {
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-
-    /* don't read a private object if we aren't logged in */
-    if ((!slot->isLoggedIn) && (slot->needLogin) &&
-				(pk11_isTrue(object,CKA_PRIVATE))) {
-	pk11_FreeObject(object);
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-
-    sensitive = pk11_isTrue(object,CKA_SENSITIVE);
-    for (i=0; i < (int) ulCount; i++) {
-	/* Make sure that this attribute is retrievable */
-	if (sensitive && pk11_isSensitive(pTemplate[i].type,object->objclass)) {
-	    pk11_FreeObject(object);
-	    return CKR_ATTRIBUTE_SENSITIVE;
-	}
-	attribute = pk11_FindAttribute(object,pTemplate[i].type);
-	if (attribute == NULL) {
-	    pk11_FreeObject(object);
-	    return CKR_ATTRIBUTE_TYPE_INVALID;
-	}
-	if (pTemplate[i].pValue != NULL) {
-	    PORT_Memcpy(pTemplate[i].pValue,attribute->attrib.pValue,
-						attribute->attrib.ulValueLen);
-	}
-	pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
-	pk11_FreeAttribute(attribute);
-    }
-
-    pk11_FreeObject(object);
-    return CKR_OK;
-}
-
-/* NSC_SetAttributeValue modifies the value of one or more object attributes */
-CK_RV NSC_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    PK11Attribute *attribute;
-    PK11Object *object;
-    PRBool isToken;
-    CK_RV crv = CKR_OK;
-    CK_BBOOL legal;
-    int i;
-
-    /*
-     * make sure we're allowed
-     */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    object = pk11_ObjectFromHandle(hObject,session);
-    if (object == NULL) {
-        pk11_FreeSession(session);
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-
-    /* don't modify a private object if we aren't logged in */
-    if ((!slot->isLoggedIn) && (slot->needLogin) &&
-				(pk11_isTrue(object,CKA_PRIVATE))) {
-	pk11_FreeSession(session);
-	pk11_FreeObject(object);
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-
-    /* don't modify a token object if we aren't in a rw session */
-    isToken = pk11_isTrue(object,CKA_TOKEN);
-    if (((session->info.flags & CKF_RW_SESSION) == 0) && isToken) {
-	pk11_FreeSession(session);
-	pk11_FreeObject(object);
-	return CKR_SESSION_READ_ONLY;
-    }
-    pk11_FreeSession(session);
-
-    /* only change modifiable objects */
-    if (!pk11_isTrue(object,CKA_MODIFIABLE)) {
-	pk11_FreeObject(object);
-	return CKR_ATTRIBUTE_READ_ONLY;
-    }
-
-    for (i=0; i < (int) ulCount; i++) {
-	/* Make sure that this attribute is changeable */
-	switch (pk11_modifyType(pTemplate[i].type,object->objclass)) {
-	case PK11_NEVER:
-	case PK11_ONCOPY:
-        default:
-	    crv = CKR_ATTRIBUTE_READ_ONLY;
-	    break;
-
-        case PK11_SENSITIVE:
-	    legal = (pTemplate[i].type == CKA_EXTRACTABLE) ? CK_FALSE : CK_TRUE;
-	    if ((*(CK_BBOOL *)pTemplate[i].pValue) != legal) {
-	        crv = CKR_ATTRIBUTE_READ_ONLY;
-	    }
-	    break;
-        case PK11_ALWAYS:
-	    break;
-	}
-	if (crv != CKR_OK) break;
-
-	/* find the old attribute */
-	attribute = pk11_FindAttribute(object,pTemplate[i].type);
-	if (attribute == NULL) {
-	    crv =CKR_ATTRIBUTE_TYPE_INVALID;
-	    break;
-	}
-    	pk11_FreeAttribute(attribute);
-	crv = pk11_forceAttribute(object,pk11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) break;
-
-    }
-
-    pk11_FreeObject(object);
-    return crv;
-}
-
-/*
- * find any certs that may match the template and load them.
- */
-#define NSC_CERT	0x00000001
-#define NSC_TRUST	0x00000002
-#define NSC_CRL		0x00000004
-#define NSC_SMIME	0x00000008
-#define NSC_PRIVATE	0x00000010
-#define NSC_PUBLIC	0x00000020
-#define NSC_KEY		0x00000040
-
-/*
- * structure to collect key handles.
- */
-typedef struct pk11CrlDataStr {
-    PK11Slot *slot;
-    PK11SearchResults *searchHandles;
-    CK_ATTRIBUTE *template;
-    CK_ULONG templ_count;
-} pk11CrlData;
-
-
-static SECStatus
-pk11_crl_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
-{
-    pk11CrlData *crlData;
-    CK_OBJECT_HANDLE class_handle;
-    PK11Slot *slot;
-    
-    crlData = (pk11CrlData *)arg;
-    slot = crlData->slot;
-
-    class_handle = (type == certDBEntryTypeRevocation) ? PK11_TOKEN_TYPE_CRL :
-							PK11_TOKEN_KRL_HANDLE;
-    if (pk11_tokenMatch(slot, key, class_handle,
-			crlData->template, crlData->templ_count)) {
-	pk11_addHandle(crlData->searchHandles,
-				 pk11_mkHandle(slot,key,class_handle));
-    }
-    return(SECSuccess);
-}
-
-static void
-pk11_searchCrls(PK11Slot *slot, SECItem *derSubject, PRBool isKrl, 
-		unsigned long classFlags, PK11SearchResults *search,
-		CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
-    NSSLOWCERTCertDBHandle *certHandle = NULL;
-
-    certHandle = slot->certDB;
-    if (certHandle == NULL) {
-	return;
-    }
-    if (derSubject->data != NULL)  {
-	SECItem *crl = 
-	    nsslowcert_FindCrlByKey(certHandle,derSubject,NULL,isKrl);
-
-	if (crl != NULL) {
-	    pk11_addHandle(search, pk11_mkHandle(slot,derSubject,
-		isKrl ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL));
-	}
-    } else {
-	pk11CrlData crlData;
-
-	/* traverse */
-	crlData.slot = slot;
-	crlData.searchHandles = search;
-	crlData.template = pTemplate;
-	crlData.templ_count = ulCount;
-	nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeRevocation,
-		pk11_crl_collect, (void *)&crlData);
-	nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeKeyRevocation,
-		pk11_crl_collect, (void *)&crlData);
-    } 
-}
-
-/*
- * structure to collect key handles.
- */
-typedef struct pk11KeyDataStr {
-    PK11Slot *slot;
-    PK11SearchResults *searchHandles;
-    SECItem *id;
-    CK_ATTRIBUTE *template;
-    CK_ULONG templ_count;
-    unsigned long classFlags;
-    PRBool isLoggedIn;
-    PRBool strict;
-} pk11KeyData;
-
-
-static SECStatus
-pk11_key_collect(DBT *key, DBT *data, void *arg)
-{
-    pk11KeyData *keyData;
-    NSSLOWKEYPrivateKey *privKey = NULL;
-    SECItem tmpDBKey;
-    PK11Slot *slot;
-    
-    keyData = (pk11KeyData *)arg;
-    slot = keyData->slot;
-
-    tmpDBKey.data = key->data;
-    tmpDBKey.len = key->size;
-
-    PORT_Assert(slot->keyDB);
-    if (!keyData->strict && keyData->id) {
-	SECItem result;
-	PRBool haveMatch;
-	unsigned char hashKey[SHA1_LENGTH];
-	result.data = hashKey;
-	result.len = sizeof(hashKey);
-
-	if (keyData->id->len == 0) {
-	    haveMatch = PR_TRUE; /* taking any key */
-	    /* Make sure this isn't a NSC_KEY */
-	    privKey = nsslowkey_FindKeyByPublicKey(keyData->slot->keyDB, 
-					&tmpDBKey, keyData->slot->password);
-	    if (privKey) {
-		haveMatch = isSecretKey(privKey) ?
-				(PRBool)(keyData->classFlags & NSC_KEY) != 0:
-				(PRBool)(keyData->classFlags & 
-					      (NSC_PRIVATE|NSC_PUBLIC)) != 0;
-		nsslowkey_DestroyPrivateKey(privKey);
-	    }
-	} else {
-	    SHA1_HashBuf( hashKey, key->data, key->size ); /* match id */
-	    haveMatch = SECITEM_ItemsAreEqual(keyData->id,&result);
-	    if (!haveMatch && ((unsigned char *)key->data)[0] == 0) {
-		/* This is a fix for backwards compatibility.  The key
-		 * database indexes private keys by the public key, and
-		 * versions of NSS prior to 3.4 stored the public key as
-		 * a signed integer.  The public key is now treated as an
-		 * unsigned integer, with no leading zero.  In order to
-		 * correctly compute the hash of an old key, it is necessary
-		 * to fallback and detect the leading zero.
-		 */
-		SHA1_HashBuf(hashKey, 
-		             (unsigned char *)key->data + 1, key->size - 1);
-		haveMatch = SECITEM_ItemsAreEqual(keyData->id,&result);
-	    }
-	}
-	if (haveMatch) {
-	    if (keyData->classFlags & NSC_PRIVATE)  {
-		pk11_addHandle(keyData->searchHandles,
-			pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_PRIV));
-	    }
-	    if (keyData->classFlags & NSC_PUBLIC) {
-		pk11_addHandle(keyData->searchHandles,
-			pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_PUB));
-	    }
-	    /* NSC_KEY Already handled */
-	}
-	return SECSuccess;
-    }
-
-    privKey = nsslowkey_FindKeyByPublicKey(keyData->slot->keyDB, &tmpDBKey, 
-						 keyData->slot->password);
-    if ( privKey == NULL ) {
-	goto loser;
-    }
-
-    if (isSecretKey(privKey)) {
-	if ((keyData->classFlags & NSC_KEY) && 
-		pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_KEY,
-			keyData->template, keyData->templ_count)) {
-	    pk11_addHandle(keyData->searchHandles,
-		pk11_mkHandle(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_KEY));
-	}
-    } else {
-	if ((keyData->classFlags & NSC_PRIVATE) && 
-		pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_PRIV,
-			keyData->template, keyData->templ_count)) {
-	    pk11_addHandle(keyData->searchHandles,
-		pk11_mkHandle(keyData->slot,&tmpDBKey,PK11_TOKEN_TYPE_PRIV));
-	}
-	if ((keyData->classFlags & NSC_PUBLIC) && 
-		pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_PUB,
-			keyData->template, keyData->templ_count)) {
-	    pk11_addHandle(keyData->searchHandles,
-		pk11_mkHandle(keyData->slot, &tmpDBKey,PK11_TOKEN_TYPE_PUB));
-	}
-    }
-
-loser:
-    if ( privKey ) {
-	nsslowkey_DestroyPrivateKey(privKey);
-    }
-    return(SECSuccess);
-}
-
-static void
-pk11_searchKeys(PK11Slot *slot, SECItem *key_id, PRBool isLoggedIn,
-	unsigned long classFlags, PK11SearchResults *search,
-	CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
-    NSSLOWKEYDBHandle *keyHandle = NULL;
-    NSSLOWKEYPrivateKey *privKey;
-    pk11KeyData keyData;
-
-    keyHandle = slot->keyDB;
-    if (keyHandle == NULL) {
-	return;
-    }
-
-    if (key_id->data) {
-	privKey = nsslowkey_FindKeyByPublicKey(keyHandle, key_id, slot->password);
-	if (privKey) {
-	    if ((classFlags & NSC_KEY) && isSecretKey(privKey)) {
-    	        pk11_addHandle(search,
-			pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_KEY));
-	    }
-	    if ((classFlags & NSC_PRIVATE) && !isSecretKey(privKey)) {
-    	        pk11_addHandle(search,
-			pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_PRIV));
-	    }
-	    if ((classFlags & NSC_PUBLIC) && !isSecretKey(privKey)) {
-    	        pk11_addHandle(search,
-			pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_PUB));
-	    }
-    	    nsslowkey_DestroyPrivateKey(privKey);
-	}
-	/* don't do the traversal if we have an up to date db */
-	if (keyHandle->version != 3) {
-	    return;
-	}
-    }
-    keyData.slot = slot;
-    keyData.searchHandles = search;
-    keyData.id = key_id;
-    keyData.template = pTemplate;
-    keyData.templ_count = ulCount;
-    keyData.isLoggedIn = isLoggedIn;
-    keyData.classFlags = classFlags;
-    keyData.strict = NSC_STRICT;
-
-    nsslowkey_TraverseKeys(keyHandle, pk11_key_collect, &keyData);
-}
-
-/*
- * structure to collect certs into
- */
-typedef struct pk11CertDataStr {
-    PK11Slot *slot;
-    int cert_count;
-    int max_cert_count;
-    NSSLOWCERTCertificate **certs;
-    CK_ATTRIBUTE *template;
-    CK_ULONG	templ_count;
-    unsigned long classFlags;
-    PRBool	strict;
-} pk11CertData;
-
-/*
- * collect all the certs from the traverse call.
- */	
-static SECStatus
-pk11_cert_collect(NSSLOWCERTCertificate *cert,void *arg)
-{
-    pk11CertData *cd = (pk11CertData *)arg;
-
-    if (cert == NULL) {
-	return SECSuccess;
-    }
-
-    if (cd->certs == NULL) {
-	return SECFailure;
-    }
-
-    if (cd->strict) {
-	if ((cd->classFlags & NSC_CERT) && !pk11_tokenMatch(cd->slot,
-	  &cert->certKey, PK11_TOKEN_TYPE_CERT, cd->template,cd->templ_count)) {
-	    return SECSuccess;
-	}
-	if ((cd->classFlags & NSC_TRUST) && !pk11_tokenMatch(cd->slot,
-	  &cert->certKey, PK11_TOKEN_TYPE_TRUST, 
-					     cd->template, cd->templ_count)) {
-	    return SECSuccess;
-	}
-    }
-
-    /* allocate more space if we need it. This should only happen in
-     * the general traversal case */
-    if (cd->cert_count >= cd->max_cert_count) {
-	int size;
-	cd->max_cert_count += NSC_CERT_BLOCK_SIZE;
-	size = cd->max_cert_count * sizeof (NSSLOWCERTCertificate *);
-	cd->certs = (NSSLOWCERTCertificate **)PORT_Realloc(cd->certs,size);
-	if (cd->certs == NULL) {
-	    return SECFailure;
-	}
-    }
-
-    cd->certs[cd->cert_count++] = nsslowcert_DupCertificate(cert);
-    return SECSuccess;
-}
-
-/* provide impedence matching ... */
-static SECStatus
-pk11_cert_collect2(NSSLOWCERTCertificate *cert, SECItem *dymmy, void *arg)
-{
-    return pk11_cert_collect(cert, arg);
-}
-
-static void
-pk11_searchSingleCert(pk11CertData *certData,NSSLOWCERTCertificate *cert)
-{
-    if (cert == NULL) {
-	    return;
-    }
-    if (certData->strict && 
-	!pk11_tokenMatch(certData->slot, &cert->certKey, PK11_TOKEN_TYPE_CERT, 
-				certData->template,certData->templ_count)) {
-	nsslowcert_DestroyCertificate(cert);
-	return;
-    }
-    certData->certs = (NSSLOWCERTCertificate **) 
-				PORT_Alloc(sizeof (NSSLOWCERTCertificate *));
-    if (certData->certs == NULL) {
-	nsslowcert_DestroyCertificate(cert);
-	return;
-    }
-    certData->certs[0] = cert;
-    certData->cert_count = 1;
-}
-
-static void
-pk11_CertSetupData(pk11CertData *certData,int count)
-{
-    certData->max_cert_count = count;
-
-    if (certData->max_cert_count <= 0) {
-	return;
-    }
-    certData->certs = (NSSLOWCERTCertificate **)
-			 PORT_Alloc( count * sizeof(NSSLOWCERTCertificate *));
-    return;
-}
-
-static void
-pk11_searchCertsAndTrust(PK11Slot *slot, SECItem *derCert, SECItem *name, 
-			SECItem *derSubject, NSSLOWCERTIssuerAndSN *issuerSN, 
-			SECItem *email,
-			unsigned long classFlags, PK11SearchResults *handles, 
-			CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
-    NSSLOWCERTCertDBHandle *certHandle = NULL;
-    pk11CertData certData;
-    int i;
-
-    certHandle = slot->certDB;
-    if (certHandle == NULL) return;
-
-    certData.slot = slot;
-    certData.max_cert_count = 0;
-    certData.certs = NULL;
-    certData.cert_count = 0;
-    certData.template = pTemplate;
-    certData.templ_count = ulCount;
-    certData.classFlags = classFlags; 
-    certData.strict = NSC_STRICT; 
-
-
-    /*
-     * Find the Cert.
-     */
-    if (derCert->data != NULL) {
-	NSSLOWCERTCertificate *cert = 
-			nsslowcert_FindCertByDERCert(certHandle,derCert);
-	pk11_searchSingleCert(&certData,cert);
-    } else if (name->data != NULL) {
-	char *tmp_name = (char*)PORT_Alloc(name->len+1);
-	int count;
-
-	if (tmp_name == NULL) {
-	    return;
-	}
-	PORT_Memcpy(tmp_name,name->data,name->len);
-	tmp_name[name->len] = 0;
-
-	count= nsslowcert_NumPermCertsForNickname(certHandle,tmp_name);
-	pk11_CertSetupData(&certData,count);
-	nsslowcert_TraversePermCertsForNickname(certHandle,tmp_name,
-				pk11_cert_collect, &certData);
-	PORT_Free(tmp_name);
-    } else if (derSubject->data != NULL) {
-	int count;
-
-	count = nsslowcert_NumPermCertsForSubject(certHandle,derSubject);
-	pk11_CertSetupData(&certData,count);
-	nsslowcert_TraversePermCertsForSubject(certHandle,derSubject,
-				pk11_cert_collect, &certData);
-    } else if ((issuerSN->derIssuer.data != NULL) && 
-			(issuerSN->serialNumber.data != NULL)) {
-        if (classFlags & NSC_CERT) {
-	    NSSLOWCERTCertificate *cert = 
-		nsslowcert_FindCertByIssuerAndSN(certHandle,issuerSN);
-
-	    pk11_searchSingleCert(&certData,cert);
-	}
-	if (classFlags & NSC_TRUST) {
-	    NSSLOWCERTTrust *trust = 
-		nsslowcert_FindTrustByIssuerAndSN(certHandle, issuerSN);
-
-	    if (trust) {
-		pk11_addHandle(handles,
-		    pk11_mkHandle(slot,&trust->dbKey,PK11_TOKEN_TYPE_TRUST));
-		nsslowcert_DestroyTrust(trust);
-	    }
-	}
-    } else if (email->data != NULL) {
-	char *tmp_name = (char*)PORT_Alloc(email->len+1);
-	certDBEntrySMime *entry = NULL;
-
-	if (tmp_name == NULL) {
-	    return;
-	}
-	PORT_Memcpy(tmp_name,email->data,email->len);
-	tmp_name[email->len] = 0;
-
-	entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
-	if (entry) {
-	    int count;
-	    SECItem *subjectName = &entry->subjectName;
-
-	    count = nsslowcert_NumPermCertsForSubject(certHandle, subjectName);
-	    pk11_CertSetupData(&certData,count);
-	    nsslowcert_TraversePermCertsForSubject(certHandle, subjectName, 
-						pk11_cert_collect, &certData);
-
-	    nsslowcert_DestroyDBEntry((certDBEntry *)entry);
-	}
-	PORT_Free(tmp_name);
-    } else {
-	/* we aren't filtering the certs, we are working on all, so turn
-	 * on the strict filters. */
-        certData.strict = PR_TRUE;
-	pk11_CertSetupData(&certData,NSC_CERT_BLOCK_SIZE);
-	nsslowcert_TraversePermCerts(certHandle, pk11_cert_collect2, &certData);
-    }
-
-    /*
-     * build the handles
-     */	
-    for (i=0 ; i < certData.cert_count ; i++) {
-	NSSLOWCERTCertificate *cert = certData.certs[i];
-
-	/* if we filtered it would have been on the stuff above */
-	if (classFlags & NSC_CERT) {
-	    pk11_addHandle(handles,
-		pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT));
-	}
-	if ((classFlags & NSC_TRUST) && nsslowcert_hasTrust(cert->trust)) {
-	    pk11_addHandle(handles,
-		pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_TRUST));
-	}
-	nsslowcert_DestroyCertificate(cert);
-    }
-
-    if (certData.certs) PORT_Free(certData.certs);
-    return;
-}
-
-static void
-pk11_searchSMime(PK11Slot *slot, SECItem *email, PK11SearchResults *handles, 
-			CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
-    NSSLOWCERTCertDBHandle *certHandle = NULL;
-    certDBEntrySMime *entry;
-
-    certHandle = slot->certDB;
-    if (certHandle == NULL) return;
-
-    if (email->data != NULL) {
-	char *tmp_name = (char*)PORT_Alloc(email->len+1);
-
-	if (tmp_name == NULL) {
-	    return;
-	}
-	PORT_Memcpy(tmp_name,email->data,email->len);
-	tmp_name[email->len] = 0;
-
-	entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
-	if (entry) {
-	    SECItem emailKey;
-
-	    emailKey.data = (unsigned char *)tmp_name;
-	    emailKey.len = PORT_Strlen(tmp_name)+1;
-	    pk11_addHandle(handles,
-		pk11_mkHandle(slot,&emailKey,PK11_TOKEN_TYPE_SMIME));
-	    nsslowcert_DestroyDBEntry((certDBEntry *)entry);
-	}
-	PORT_Free(tmp_name);
-    }
-    return;
-}
-
-static CK_RV
-pk11_searchTokenList(PK11Slot *slot, PK11SearchResults *search,
-	 		CK_ATTRIBUTE *pTemplate, CK_LONG ulCount, 
-			PRBool *tokenOnly, PRBool isLoggedIn)
-{
-    int i;
-    PRBool isKrl = PR_FALSE;
-    SECItem derCert = { siBuffer, NULL, 0 };
-    SECItem derSubject = { siBuffer, NULL, 0 };
-    SECItem name = { siBuffer, NULL, 0 };
-    SECItem email = { siBuffer, NULL, 0 };
-    SECItem key_id = { siBuffer, NULL, 0 };
-    SECItem cert_sha1_hash = { siBuffer, NULL, 0 };
-    SECItem cert_md5_hash  = { siBuffer, NULL, 0 };
-    NSSLOWCERTIssuerAndSN issuerSN = {
-	{ siBuffer, NULL, 0 },
-	{ siBuffer, NULL, 0 }
-    };
-    SECItem *copy = NULL;
-    unsigned long classFlags = 
-	NSC_CERT|NSC_TRUST|NSC_PRIVATE|NSC_PUBLIC|NSC_KEY|NSC_SMIME|NSC_CRL;
-
-    /* if we aren't logged in, don't look for private or secret keys */
-    if (!isLoggedIn) {
-	classFlags &= ~(NSC_PRIVATE|NSC_KEY);
-    }
-
-    /*
-     * look for things to search on token objects for. If the right options
-     * are specified, we can use them as direct indeces into the database
-     * (rather than using linear searches. We can also use the attributes to
-     * limit the kinds of objects we are searching for. Later we can use this
-     * array to filter the remaining objects more finely.
-     */
-    for (i=0 ;classFlags && i < (int)ulCount; i++) {
-
-	switch (pTemplate[i].type) {
-	case CKA_SUBJECT:
-	    copy = &derSubject;
-	    classFlags &= (NSC_CERT|NSC_PRIVATE|NSC_PUBLIC|NSC_SMIME|NSC_CRL);
-	    break;
-	case CKA_ISSUER: 
-	    copy = &issuerSN.derIssuer;
-	    classFlags &= (NSC_CERT|NSC_TRUST);
-	    break;
-	case CKA_SERIAL_NUMBER: 
-	    copy = &issuerSN.serialNumber;
-	    classFlags &= (NSC_CERT|NSC_TRUST);
-	    break;
-	case CKA_VALUE:
-	    copy = &derCert;
-	    classFlags &= (NSC_CERT|NSC_CRL|NSC_SMIME);
-	    break;
-	case CKA_LABEL:
-	    copy = &name;
-	    break;
-	case CKA_NETSCAPE_EMAIL:
-	    copy = &email;
-	    classFlags &= NSC_SMIME|NSC_CERT;
-	    break;
-	case CKA_NETSCAPE_SMIME_TIMESTAMP:
-	    classFlags &= NSC_SMIME;
-	    break;
-	case CKA_CLASS:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
-		classFlags = 0;
-		break;;
-	    }
-	    switch (*((CK_OBJECT_CLASS *)pTemplate[i].pValue)) {
-	    case CKO_CERTIFICATE:
-		classFlags &= NSC_CERT;
-		break;
-	    case CKO_NETSCAPE_TRUST:
-		classFlags &= NSC_TRUST;
-		break;
-	    case CKO_NETSCAPE_CRL:
-		classFlags &= NSC_CRL;
-		break;
-	    case CKO_NETSCAPE_SMIME:
-		classFlags &= NSC_SMIME;
-		break;
-	    case CKO_PRIVATE_KEY:
-		classFlags &= NSC_PRIVATE;
-		break;
-	    case CKO_PUBLIC_KEY:
-		classFlags &= NSC_PUBLIC;
-		break;
-	    case CKO_SECRET_KEY:
-		classFlags &= NSC_KEY;
-		break;
-	    default:
-		classFlags = 0;
-		break;
-	    }
-	    break;
-	case CKA_PRIVATE:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
-		classFlags &= (NSC_PRIVATE|NSC_KEY);
-	    } else {
-		classFlags &= ~(NSC_PRIVATE|NSC_KEY);
-	    }
-	    break;
-	case CKA_SENSITIVE:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
-		classFlags &= (NSC_PRIVATE|NSC_KEY);
-	    } else {
-		classFlags = 0;
-	    }
-	    break;
-	case CKA_TOKEN:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
-		*tokenOnly = PR_TRUE;
-	    } else {
-		classFlags = 0;
-	    }
-	    break;
-	case CKA_CERT_SHA1_HASH:
-	    classFlags &= NSC_TRUST;
-	    copy = &cert_sha1_hash; break;
-	case CKA_CERT_MD5_HASH:
-	    classFlags &= NSC_TRUST;
-	    copy = &cert_md5_hash; break;
-	case CKA_CERTIFICATE_TYPE:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_CERTIFICATE_TYPE)) {
-		classFlags = 0;
-	    }
-	    classFlags &= NSC_CERT;
-	    if (*((CK_CERTIFICATE_TYPE *)pTemplate[i].pValue) != CKC_X_509) {
-		classFlags = 0;
-	    }
-	    break;
-	case CKA_ID:
-	    copy = &key_id;
-	    classFlags &= (NSC_CERT|NSC_PRIVATE|NSC_KEY|NSC_PUBLIC);
-	    break;
-	case CKA_NETSCAPE_KRL:
-	    if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
-		classFlags = 0;
-	    }
-	    classFlags &= NSC_CRL;
-	    isKrl = (PRBool)(*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE);
-	    break;
-	case CKA_MODIFIABLE:
-	     break;
-	case CKA_KEY_TYPE:
-	case CKA_DERIVE:
-	    classFlags &= NSC_PUBLIC|NSC_PRIVATE|NSC_KEY;
-	    break;
-	case CKA_VERIFY_RECOVER:
-	    classFlags &= NSC_PUBLIC;
-	    break;
-	case CKA_SIGN_RECOVER:
-	    classFlags &= NSC_PRIVATE;
-	    break;
-	case CKA_ENCRYPT:
-	case CKA_VERIFY:
-	case CKA_WRAP:
-	    classFlags &= NSC_PUBLIC|NSC_KEY;
-	    break;
-	case CKA_DECRYPT:
-	case CKA_SIGN:
-	case CKA_UNWRAP:
-	case CKA_ALWAYS_SENSITIVE:
-	case CKA_EXTRACTABLE:
-	case CKA_NEVER_EXTRACTABLE:
-	    classFlags &= NSC_PRIVATE|NSC_KEY;
-	    break;
-	/* can't be a certificate if it doesn't match one of the above 
-	 * attributes */
-	default: 
-	     classFlags  = 0;
-	     break;
-	}
- 	if (copy) {
-	    copy->data = (unsigned char*)pTemplate[i].pValue;
-	    copy->len = pTemplate[i].ulValueLen;
-	}
-	copy = NULL;
-    }
-
-
-    /* certs */
-    if (classFlags & (NSC_CERT|NSC_TRUST)) {
-	pk11_searchCertsAndTrust(slot,&derCert,&name,&derSubject,
-				 &issuerSN, &email,classFlags,search, 
-				pTemplate, ulCount);
-    }
-
-    /* keys */
-    if (classFlags & (NSC_PRIVATE|NSC_PUBLIC|NSC_KEY)) {
-	pk11_searchKeys(slot, &key_id, isLoggedIn, classFlags, search,
-			pTemplate, ulCount);
-    }
-
-    /* crl's */
-    if (classFlags & NSC_CRL) {
-	pk11_searchCrls(slot, &derSubject, isKrl, classFlags, search,
-			pTemplate, ulCount);
-    }
-    /* Add S/MIME entry stuff */
-    if (classFlags & NSC_SMIME) {
-	pk11_searchSMime(slot, &email, search, pTemplate, ulCount);
-    }
-    return CKR_OK;
-}
-	
-
-/* NSC_FindObjectsInit initializes a search for token and session objects 
- * that match a template. */
-CK_RV NSC_FindObjectsInit(CK_SESSION_HANDLE hSession,
-    			CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount)
-{
-    PK11SearchResults *search = NULL, *freeSearch = NULL;
-    PK11Session *session = NULL;
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    PRBool tokenOnly = PR_FALSE;
-    CK_RV crv = CKR_OK;
-    PRBool isLoggedIn;
-    
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	crv = CKR_SESSION_HANDLE_INVALID;
-	goto loser;
-    }
-   
-    search = (PK11SearchResults *)PORT_Alloc(sizeof(PK11SearchResults));
-    if (search == NULL) {
-	crv = CKR_HOST_MEMORY;
-	goto loser;
-    }
-    search->handles = (CK_OBJECT_HANDLE *)
-		PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
-    if (search->handles == NULL) {
-	crv = CKR_HOST_MEMORY;
-	goto loser;
-    }
-    search->index = 0;
-    search->size = 0;
-    search->array_size = NSC_SEARCH_BLOCK_SIZE;
-    isLoggedIn = (PRBool)((!slot->needLogin) || slot->isLoggedIn);
-
-    crv = pk11_searchTokenList(slot, search, pTemplate, ulCount, &tokenOnly,
-								isLoggedIn);
-    if (crv != CKR_OK) {
-	goto loser;
-    }
-    
-    /* build list of found objects in the session */
-    if (!tokenOnly) {
-	crv = pk11_searchObjectList(search, slot->tokObjects, 
-				slot->tokObjHashSize, slot->objectLock, 
-					pTemplate, ulCount, isLoggedIn);
-    }
-    if (crv != CKR_OK) {
-	goto loser;
-    }
-
-    if ((freeSearch = session->search) != NULL) {
-	session->search = NULL;
-	pk11_FreeSearch(freeSearch);
-    }
-    session->search = search;
-    pk11_FreeSession(session);
-    return CKR_OK;
-
-loser:
-    if (search) {
-	pk11_FreeSearch(search);
-    }
-    if (session) {
-	pk11_FreeSession(session);
-    }
-    return crv;
-}
-
-
-/* NSC_FindObjects continues a search for token and session objects 
- * that match a template, obtaining additional object handles. */
-CK_RV NSC_FindObjects(CK_SESSION_HANDLE hSession,
-    CK_OBJECT_HANDLE_PTR phObject,CK_ULONG ulMaxObjectCount,
-    					CK_ULONG_PTR pulObjectCount)
-{
-    PK11Session *session;
-    PK11SearchResults *search;
-    int	transfer;
-    int left;
-
-    *pulObjectCount = 0;
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    if (session->search == NULL) {
-	pk11_FreeSession(session);
-	return CKR_OK;
-    }
-    search = session->search;
-    left = session->search->size - session->search->index;
-    transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
-    if (transfer > 0) {
-	PORT_Memcpy(phObject,&search->handles[search->index],
-                                        transfer*sizeof(CK_OBJECT_HANDLE_PTR));
-    } else {
-       *phObject = CK_INVALID_HANDLE;
-    }
-
-    search->index += transfer;
-    if (search->index == search->size) {
-	session->search = NULL;
-	pk11_FreeSearch(search);
-    }
-    *pulObjectCount = transfer;
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-/* NSC_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV NSC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
-{
-    PK11Session *session;
-    PK11SearchResults *search;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    search = session->search;
-    session->search = NULL;
-    pk11_FreeSession(session);
-    if (search != NULL) {
-	pk11_FreeSearch(search);
-    }
-    return CKR_OK;
-}
-
-
-
-CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
-							 CK_VOID_PTR pReserved)
-{
-    return CKR_FUNCTION_NOT_SUPPORTED;
-}
diff --git a/security/nss/lib/softoken/pkcs11.h b/security/nss/lib/softoken/pkcs11.h
deleted file mode 100644
index 9b54421e7..000000000
--- a/security/nss/lib/softoken/pkcs11.h
+++ /dev/null
@@ -1,319 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): RSA Labs
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- *
- * The latest version of this header can be found at:
- *    http://www.rsalabs.com/pkcs/pkcs-11/index.html
- */
-#ifndef _PKCS11_H_
-#define _PKCS11_H_ 1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Before including this file (pkcs11.h) (or pkcs11t.h by
- * itself), 6 platform-specific macros must be defined.  These
- * macros are described below, and typical definitions for them
- * are also given.  Be advised that these definitions can depend
- * on both the platform and the compiler used (and possibly also
- * on whether a PKCS #11 library is linked statically or
- * dynamically).
- *
- * In addition to defining these 6 macros, the packing convention
- * for PKCS #11 structures should be set.  The PKCS #11
- * convention on packing is that structures should be 1-byte
- * aligned.
- *
- * In a Win32 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(push, cryptoki, 1)
- *
- * and using the following preprocessor directive after including
- * pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(pop, cryptoki)
- *
- * In a Win16 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(1)
- *
- * In a UNIX environment, you're on your own here.  You might
- * not need to do anything.
- *
- *
- * Now for the macros:
- *
- *
- * 1. CK_PTR: The indirection string for making a pointer to an
- * object.  It can be used like this:
- *
- * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_PTR *
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_PTR far *
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_PTR *
- *
- *
- * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
- * an exportable PKCS #11 library function definition out of a
- * return type and a function name.  It should be used in the
- * following fashion to define the exposed PKCS #11 functions in
- * a PKCS #11 library:
- *
- * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
- *   CK_VOID_PTR pReserved
- * )
- * {
- *   ...
- * }
- *
- * For defining a function in a Win32 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType __declspec(dllexport) name
- *
- * For defining a function in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- *   returnType name
- *
- *
- * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
- * an importable PKCS #11 library function declaration out of a
- * return type and a function name.  It should be used in the
- * following fashion:
- *
- * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
- *   CK_VOID_PTR pReserved
- * );
- *
- * For declaring a function in a Win32 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType __declspec(dllimport) name
- *
- * For declaring a function in a Win16 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- *   returnType name
- *
- *
- * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
- * which makes a PKCS #11 API function pointer declaration or
- * function pointer type declaration out of a return type and a
- * function name.  It should be used in the following fashion:
- *
- * // Define funcPtr to be a pointer to a PKCS #11 API function
- * // taking arguments args and returning CK_RV.
- * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
- *
- * or
- *
- * // Define funcPtrType to be the type of a pointer to a
- * // PKCS #11 API function taking arguments args and returning
- * // CK_RV, and then define funcPtr to be a variable of type
- * // funcPtrType.
- * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
- * funcPtrType funcPtr;
- *
- * For accessing functions in a Win32 PKCS #11 .dll, in might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType __declspec(dllimport) (* name)
- *
- * For accessing functions in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType __export _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- *   returnType (* name)
- *
- *
- * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
- * a function pointer type for an application callback out of
- * a return type for the callback and a name for the callback.
- * It should be used in the following fashion:
- *
- * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
- *
- * to declare a function pointer, myCallback, to a callback
- * which takes arguments args and returns a CK_RV.  It can also
- * be used like this:
- *
- * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
- * myCallbackType myCallback;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType (* name)
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- *   returnType (* name)
- *
- *
- * 6. NULL_PTR: This macro is the value of a NULL pointer.
- *
- * In any ANSI/ISO C environment (and in many others as well),
- * this should be defined by
- *
- * #ifndef NULL_PTR
- * #define NULL_PTR 0
- * #endif
- */
-
-
-/* All the various PKCS #11 types and #define'd values are in the
- * file pkcs11t.h. */
-#include "pkcs11t.h"
-
-#define __PASTE(x,y)      x##y
-
-
-/* packing defines */
-#include "pkcs11p.h"
-/* ==============================================================
- * Define the "extern" form of all the entry points.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST  1
-#define CK_PKCS11_FUNCTION_INFO(name) \
-  CK_DECLARE_FUNCTION(CK_RV, name)
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define the typedef form of all the entry points.  That is, for
- * each PKCS #11 function C_XXX, define a type CK_C_XXX which is
- * a pointer to that kind of function.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST  1
-#define CK_PKCS11_FUNCTION_INFO(name) \
-  typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define structed vector of entry points.  A CK_FUNCTION_LIST
- * contains a CK_VERSION indicating a library's PKCS #11 version
- * and then a whole slew of function pointers to the routines in
- * the library.  This type was declared, but not defined, in
- * pkcs11t.h.
- * ==============================================================
- */
-
-#define CK_PKCS11_FUNCTION_INFO(name) \
-  __PASTE(CK_,name) name;
-  
-struct CK_FUNCTION_LIST {
-
-  CK_VERSION    version;  /* PKCS #11 version */
-
-/* Pile all the function pointers into the CK_FUNCTION_LIST. */
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h" 
-
-};
-
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-/* unpack */
-#include "pkcs11u.h"
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
deleted file mode 100644
index f5107e433..000000000
--- a/security/nss/lib/softoken/pkcs11c.c
+++ /dev/null
@@ -1,5283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *   This implementation has two slots:
- *	slot 1 is our generic crypto support. It does not require login.
- *   It supports Public Key ops, and all they bulk ciphers and hashes. 
- *   It can also support Private Key ops for imported Private keys. It does 
- *   not have any token storage.
- *	slot 2 is our private key support. It requires a login before use. It
- *   can store Private Keys and Certs as token objects. Currently only private
- *   keys and their associated Certificates are saved on the token.
- *
- *   In this implementation, session objects are only visible to the session
- *   that created or generated them.
- */
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "blapi.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "sechash.h"
-#include "secder.h"
-#include "secdig.h"
-#include "lowpbe.h"	/* We do PBE below */
-#include "pkcs11t.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "softoken.h"
-#include "secasn1.h"
-/*#include "secmodi.h" */
-
-#include "pcert.h"
-#include "ssl3prot.h" 	/* for SSL3_RANDOM_LENGTH */
-
-#define __PASTE(x,y)    x##y
-
-/*
- * we renamed all our internal functions, get the correct
- * definitions for them...
- */ 
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_EXTERN extern
-#define CK_PKCS11_FUNCTION_INFO(func) \
-		CK_RV __PASTE(NS,func)
-#define CK_NEED_ARG_LIST	1
- 
-#include "pkcs11f.h"
-
-
-/* forward static declaration. */
-static SECStatus pk11_PRF(const SECItem *secret, const char *label, 
-                          SECItem *seed, SECItem *result);  
-
-#define PK11_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
-
-static void pk11_Null(void *data, PRBool freeit)
-{
-    return;
-} 
-
-/*
- * free routines.... Free local type  allocated data, and convert
- * other free routines to the destroy signature.
- */
-static void
-pk11_FreePrivKey(NSSLOWKEYPrivateKey *key, PRBool freeit)
-{
-    nsslowkey_DestroyPrivateKey(key);
-}
-
-static void
-pk11_HMAC_Destroy(HMACContext *context, PRBool freeit)
-{
-    HMAC_Destroy(context);
-}
-
-static void
-pk11_Space(void *data, PRBool freeit)
-{
-    PORT_Free(data);
-} 
-
-
-/*
- * turn a CDMF key into a des key. CDMF is an old IBM scheme to export DES by
- * Deprecating a full des key to 40 bit key strenth.
- */
-static CK_RV
-pk11_cdmf2des(unsigned char *cdmfkey, unsigned char *deskey)
-{
-    unsigned char key1[8] = { 0xc4, 0x08, 0xb0, 0x54, 0x0b, 0xa1, 0xe0, 0xae };
-    unsigned char key2[8] = { 0xef, 0x2c, 0x04, 0x1c, 0xe6, 0x38, 0x2f, 0xe6 };
-    unsigned char enc_src[8];
-    unsigned char enc_dest[8];
-    unsigned int leng,i;
-    DESContext *descx;
-    SECStatus rv;
-    
-    
-    /* zero the parity bits */
-    for (i=0; i < 8; i++) {
-	enc_src[i] = cdmfkey[i] & 0xfe;
-    }
-
-    /* encrypt with key 1 */
-    descx = DES_CreateContext(key1, NULL, NSS_DES, PR_TRUE);
-    if (descx == NULL) return CKR_HOST_MEMORY;
-    rv = DES_Encrypt(descx, enc_dest, &leng, 8, enc_src, 8);
-    DES_DestroyContext(descx,PR_TRUE);
-    if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-
-    /* xor source with des, zero the parity bits and depricate the key*/
-    for (i=0; i < 8; i++) {
-	if (i & 1) {
-	    enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0xfe;
-	} else {
-	    enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0x0e;
-	}
-    }
-
-    /* encrypt with key 2 */
-    descx = DES_CreateContext(key2, NULL, NSS_DES, PR_TRUE);
-    if (descx == NULL) return CKR_HOST_MEMORY;
-    rv = DES_Encrypt(descx, deskey, &leng, 8, enc_src, 8);
-    DES_DestroyContext(descx,PR_TRUE);
-    if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-
-    /* set the corret parity on our new des key */	
-    pk11_FormatDESKey(deskey, 8);
-    return CKR_OK;
-}
-
-
-static CK_RV
-pk11_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
-		 CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE etype,
-		 PK11ContextType contextType, PRBool isEncrypt);
-/*
- * Calculate a Lynx checksum for CKM_LYNX_WRAP mechanism.
- */
-static CK_RV
-pk11_calcLynxChecksum(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hWrapKey,
-	unsigned char *checksum, unsigned char *key, CK_ULONG len)
-{
-
-    CK_BYTE E[10];
-    CK_ULONG Elen = sizeof (E);
-    CK_BYTE C[8];
-    CK_ULONG Clen = sizeof (C);
-    unsigned short sum1 = 0, sum2 = 0;
-    CK_MECHANISM mech = { CKM_DES_ECB, NULL, 0 };
-    int i;
-    CK_RV crv;
-
-    if (len != 8) return CKR_WRAPPED_KEY_LEN_RANGE;
-    
-    /* zero the parity bits */
-    for (i=0; i < 8; i++) {
-	sum1 = sum1 + key[i];
-	sum2 = sum2 + sum1;
-    }
-
-    /* encrypt with key 1 */
-
-    crv = pk11_CryptInit(hSession,&mech,hWrapKey,CKA_WRAP, PK11_ENCRYPT, 
-								PR_TRUE);
-    if (crv != CKR_OK) return crv;
-
-    crv = NSC_Encrypt(hSession,key,len,E,&Elen);
-    if (crv != CKR_OK) return crv;
-
-    E[8] = (sum2 >> 8) & 0xff;
-    E[9] = sum2 & 0xff;
-
-    crv = pk11_CryptInit(hSession,&mech,hWrapKey,CKA_WRAP, PK11_ENCRYPT, 
-								PR_TRUE);
-    if (crv != CKR_OK) return crv;
-
-    crv = NSC_Encrypt(hSession,&E[2],len,C,&Clen);
-    if (crv != CKR_OK) return crv;
-
-    checksum[0] = C[6];
-    checksum[1] = C[7];
-    
-    return CKR_OK;
-}
-/* NSC_DestroyObject destroys an object. */
-CK_RV
-NSC_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
-{
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    PK11Session *session;
-    PK11Object *object;
-    PK11FreeStatus status;
-
-    /*
-     * This whole block just makes sure we really can destroy the
-     * requested object.
-     */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    object = pk11_ObjectFromHandle(hObject,session);
-    if (object == NULL) {
-	pk11_FreeSession(session);
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-
-    /* don't destroy a private object if we aren't logged in */
-    if ((!slot->isLoggedIn) && (slot->needLogin) &&
-				(pk11_isTrue(object,CKA_PRIVATE))) {
-	pk11_FreeSession(session);
-	pk11_FreeObject(object);
-	return CKR_USER_NOT_LOGGED_IN;
-    }
-
-    /* don't destroy a token object if we aren't in a rw session */
-
-    if (((session->info.flags & CKF_RW_SESSION) == 0) &&
-				(pk11_isTrue(object,CKA_TOKEN))) {
-	pk11_FreeSession(session);
-	pk11_FreeObject(object);
-	return CKR_SESSION_READ_ONLY;
-    }
-
-    pk11_DeleteObject(session,object);
-
-    pk11_FreeSession(session);
-
-    /*
-     * get some indication if the object is destroyed. Note: this is not
-     * 100%. Someone may have an object reference outstanding (though that
-     * should not be the case by here. Also note that the object is "half"
-     * destroyed. Our internal representation is destroyed, but it may still
-     * be in the data base.
-     */
-    status = pk11_FreeObject(object);
-
-    return (status != PK11_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions:     Utilities ************************
- */
-
-
-/* 
- * return a context based on the PK11Context type.
- */
-PK11SessionContext *
-pk11_ReturnContextByType(PK11Session *session, PK11ContextType type)
-{
-    switch (type) {
-	case PK11_ENCRYPT:
-	case PK11_DECRYPT:
-	    return session->enc_context;
-	case PK11_HASH:
-	    return session->hash_context;
-	case PK11_SIGN:
-	case PK11_SIGN_RECOVER:
-	case PK11_VERIFY:
-	case PK11_VERIFY_RECOVER:
-	    return session->hash_context;
-    }
-    return NULL;
-}
-
-/* 
- * change a context based on the PK11Context type.
- */
-void
-pk11_SetContextByType(PK11Session *session, PK11ContextType type, 
-						PK11SessionContext *context)
-{
-    switch (type) {
-	case PK11_ENCRYPT:
-	case PK11_DECRYPT:
-	    session->enc_context = context;
-	    break;
-	case PK11_HASH:
-	    session->hash_context = context;
-	    break;
-	case PK11_SIGN:
-	case PK11_SIGN_RECOVER:
-	case PK11_VERIFY:
-	case PK11_VERIFY_RECOVER:
-	    session->hash_context = context;
-	    break;
-    }
-    return;
-}
-
-/*
- * code to grab the context. Needed by every C_XXXUpdate, C_XXXFinal,
- * and C_XXX function. The function takes a session handle, the context type,
- * and wether or not the session needs to be multipart. It returns the context,
- * and optionally returns the session pointer (if sessionPtr != NULL) if session
- * pointer is returned, the caller is responsible for freeing it.
- */
-static CK_RV
-pk11_GetContext(CK_SESSION_HANDLE handle,PK11SessionContext **contextPtr,
-	PK11ContextType type, PRBool needMulti, PK11Session **sessionPtr)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-
-    session = pk11_SessionFromHandle(handle);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    context = pk11_ReturnContextByType(session,type);
-    /* make sure the context is valid */
-    if((context==NULL)||(context->type!=type)||(needMulti&&!(context->multi))){
-        pk11_FreeSession(session);
-	return CKR_OPERATION_NOT_INITIALIZED;
-    }
-    *contextPtr = context;
-    if (sessionPtr != NULL) {
-	*sessionPtr = session;
-    } else {
-	pk11_FreeSession(session);
-    }
-    return CKR_OK;
-}
-
-/*
- ************** Crypto Functions:     Encrypt ************************
- */
-
-/*
- * All the NSC_InitXXX functions have a set of common checks and processing they
- * all need to do at the beginning. This is done here.
- */
-static CK_RV
-pk11_InitGeneric(PK11Session *session,PK11SessionContext **contextPtr,
-		 PK11ContextType ctype,PK11Object **keyPtr,
-		 CK_OBJECT_HANDLE hKey, CK_KEY_TYPE *keyTypePtr,
-		 CK_OBJECT_CLASS pubKeyType, CK_ATTRIBUTE_TYPE operation)
-{
-    PK11Object *key = NULL;
-    PK11Attribute *att;
-    PK11SessionContext *context;
-
-    /* We can only init if there is not current context active */
-    if (pk11_ReturnContextByType(session,ctype) != NULL) {
-	return CKR_OPERATION_ACTIVE;
-    }
-
-    /* find the key */
-    if (keyPtr) {
-	unsigned int size;
-        key = pk11_ObjectFromHandle(hKey,session);
-        if (key == NULL) {
-	    return CKR_KEY_HANDLE_INVALID;
-    	}
-
-	/* make sure it's a valid  key for this operation */
-	if (((key->objclass != CKO_SECRET_KEY) && (key->objclass != pubKeyType))
-					|| !pk11_isTrue(key,operation)) {
-	    pk11_FreeObject(key);
-	    return CKR_KEY_TYPE_INCONSISTENT;
-	}
-	/* get the key type */
-	att = pk11_FindAttribute(key,CKA_KEY_TYPE);
-	PORT_Assert(att != NULL);
-	size = sizeof(CK_KEY_TYPE);
-	if (att->attrib.ulValueLen < size) {
-	    CK_KEY_TYPE kt;
-	    int i;
-	    int shift;
-#ifdef IS_LITTLE_ENDIAN
-	    shift = 0;
-#else
-	    shift = (att->attrib.ulValueLen - 1) * 8;
-#endif
-	    kt = 0;
-	    for (i=att->attrib.ulValueLen - 1; i>=0; i--) {
-		kt |= ((unsigned char *)att->attrib.pValue)[i] << shift;
-#ifdef IS_LITTLE_ENDIAN
-		shift += 8;
-#else
-		shift -= 8;
-#endif
-	    }
-	    *keyTypePtr = kt;
-	} else {
- 	    *keyTypePtr = *((CK_KEY_TYPE *)att->attrib.pValue);
-	}
-	pk11_FreeAttribute(att);
-	*keyPtr = key;
-    }
-
-    /* allocate the context structure */
-    context = (PK11SessionContext *)PORT_Alloc(sizeof(PK11SessionContext));
-    if (context == NULL) {
-	if (key) pk11_FreeObject(key);
-	return CKR_HOST_MEMORY;
-    }
-    context->type = ctype;
-    context->multi = PR_TRUE;
-    context->cipherInfo = NULL;
-    context->hashInfo = NULL;
-    context->doPad = PR_FALSE;
-    context->padDataLength = 0;
-    context->key = key;
-
-    *contextPtr = context;
-    return CKR_OK;
-}
-
-/* NSC_CryptInit initializes an encryption/Decryption operation. */
-/* This function is used by NSC_EncryptInit and NSC_WrapKey. The only difference
- * in their uses if whether or not etype is CKA_ENCRYPT or CKA_WRAP */
-static CK_RV
-pk11_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
-		 CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE etype,
-		 PK11ContextType contextType, PRBool isEncrypt)
-{
-    PK11Session *session;
-    PK11Object *key;
-    PK11SessionContext *context;
-    PK11Attribute *att;
-    CK_RC2_CBC_PARAMS *rc2_param;
-#if NSS_SOFTOKEN_DOES_RC5
-    CK_RC5_CBC_PARAMS *rc5_param;
-    SECItem rc5Key;
-#endif
-    CK_KEY_TYPE key_type;
-    CK_RV crv = CKR_OK;
-    unsigned effectiveKeyLength;
-    unsigned char newdeskey[8];
-    PRBool useNewKey=PR_FALSE;
-    int t;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
-    crv = pk11_InitGeneric(session,&context,contextType,&key,hKey,&key_type,
-    			isEncrypt ?CKO_PUBLIC_KEY:CKO_PRIVATE_KEY, etype);
-						
-    if (crv != CKR_OK) {
-	pk11_FreeSession(session);
-	return crv;
-    }
-
-    context->doPad = PR_FALSE;
-    switch(pMechanism->mechanism) {
-    case CKM_RSA_PKCS:
-    case CKM_RSA_X_509:
-	if (key_type != CKK_RSA) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	context->multi = PR_FALSE;
-	context->cipherInfo =  isEncrypt ? 
-			(void *)pk11_GetPubKey(key,CKK_RSA) :
-					(void *)pk11_GetPrivKey(key,CKK_RSA);
-	if (context->cipherInfo == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	if (isEncrypt) {
-	    context->update = (PK11Cipher) 
-		(pMechanism->mechanism == CKM_RSA_X_509
-					? RSA_EncryptRaw : RSA_EncryptBlock);
-	} else {
-	    context->update = (PK11Cipher) 
-		(pMechanism->mechanism == CKM_RSA_X_509
-					? RSA_DecryptRaw : RSA_DecryptBlock);
-	}
-	context->destroy = pk11_Null;
-	break;
-    case CKM_RC2_CBC_PAD:
-	context->doPad = PR_TRUE;
-	context->blockSize = 8;
-	/* fall thru */
-    case CKM_RC2_ECB:
-    case CKM_RC2_CBC:
-	if (key_type != CKK_RC2) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	att = pk11_FindAttribute(key,CKA_VALUE);
-	if (att == NULL) {
-	    crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-	rc2_param = (CK_RC2_CBC_PARAMS *)pMechanism->pParameter;
-	effectiveKeyLength = (rc2_param->ulEffectiveBits+7)/8;
-	context->cipherInfo = 
-	    RC2_CreateContext((unsigned char*)att->attrib.pValue,
-			      att->attrib.ulValueLen, rc2_param->iv,
-			      pMechanism->mechanism == CKM_RC2_ECB ? NSS_RC2 :
-			      NSS_RC2_CBC,effectiveKeyLength);
-	pk11_FreeAttribute(att);
-	if (context->cipherInfo == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->update = (PK11Cipher) (isEncrypt ? RC2_Encrypt : RC2_Decrypt);
-	context->destroy = (PK11Destroy) RC2_DestroyContext;
-	break;
-#if NSS_SOFTOKEN_DOES_RC5
-    case CKM_RC5_CBC_PAD:
-	context->doPad = PR_TRUE;
-	/* fall thru */
-    case CKM_RC5_ECB:
-    case CKM_RC5_CBC:
-	if (key_type != CKK_RC5) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	att = pk11_FindAttribute(key,CKA_VALUE);
-	if (att == NULL) {
-	    crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-	rc5_param = (CK_RC5_CBC_PARAMS *)pMechanism->pParameter;
-	if (context->doPad) {
-	   context->blockSize = rc5_param->ulWordsize*2;
-	}
-	rc5Key.data = (unsigned char*)att->attrib.pValue;
-	rc5Key.len = att->attrib.ulValueLen;
-	context->cipherInfo = RC5_CreateContext(&rc5Key,rc5_param->ulRounds,
-	   rc5_param->ulWordsize,rc5_param->pIv,
-		 pMechanism->mechanism == CKM_RC5_ECB ? NSS_RC5 : NSS_RC5_CBC);
-	pk11_FreeAttribute(att);
-	if (context->cipherInfo == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->update = (PK11Cipher) (isEncrypt ? RC5_Encrypt : RC5_Decrypt);
-	context->destroy = (PK11Destroy) RC5_DestroyContext;
-	break;
-#endif
-    case CKM_RC4:
-	if (key_type != CKK_RC4) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	att = pk11_FindAttribute(key,CKA_VALUE);
-	if (att == NULL) {
-	    crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-	context->cipherInfo = 
-	    RC4_CreateContext((unsigned char*)att->attrib.pValue,
-			      att->attrib.ulValueLen);
-	pk11_FreeAttribute(att);
-	if (context->cipherInfo == NULL) {
-	    crv = CKR_HOST_MEMORY;  /* WRONG !!! */
-	    break;
-	}
-	context->update = (PK11Cipher) (isEncrypt ? RC4_Encrypt : RC4_Decrypt);
-	context->destroy = (PK11Destroy) RC4_DestroyContext;
-	break;
-    case CKM_CDMF_CBC_PAD:
-	context->doPad = PR_TRUE;
-	context->blockSize = 8;
-	/* fall thru */
-    case CKM_CDMF_ECB:
-    case CKM_CDMF_CBC:
-	if (key_type != CKK_CDMF) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	t = (pMechanism->mechanism == CKM_CDMF_ECB) ? NSS_DES : NSS_DES_CBC;
-	useNewKey=PR_TRUE;
-	if (crv != CKR_OK) break;
-	goto finish_des;
-    case CKM_DES_ECB:
-	if (key_type != CKK_DES) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	t = NSS_DES;
-	goto finish_des;
-    case CKM_DES_CBC_PAD:
-	context->doPad = PR_TRUE;
-	context->blockSize = 8;
-	/* fall thru */
-    case CKM_DES_CBC:
-	if (key_type != CKK_DES) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	t = NSS_DES_CBC;
-	goto finish_des;
-    case CKM_DES3_ECB:
-	if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	t = NSS_DES_EDE3;
-	goto finish_des;
-    case CKM_DES3_CBC_PAD:
-	context->doPad = PR_TRUE;
-	context->blockSize = 8;
-	/* fall thru */
-    case CKM_DES3_CBC:
-	if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	t = NSS_DES_EDE3_CBC;
-finish_des:
-	att = pk11_FindAttribute(key,CKA_VALUE);
-	if (att == NULL) {
-	    crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-	if (useNewKey) {
-	    crv = pk11_cdmf2des((unsigned char*)att->attrib.pValue,newdeskey);
-	    if (crv != CKR_OK) {
-		pk11_FreeAttribute(att);
-		break;
-	     }
-	}
-	context->cipherInfo = DES_CreateContext(
-		useNewKey ? newdeskey : (unsigned char*)att->attrib.pValue,
-		(unsigned char*)pMechanism->pParameter,t, isEncrypt);
-	pk11_FreeAttribute(att);
-	if (context->cipherInfo == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->update = (PK11Cipher) (isEncrypt ? DES_Encrypt : DES_Decrypt);
-	context->destroy = (PK11Destroy) DES_DestroyContext;
-
-	break;
-    case CKM_AES_CBC_PAD:
-	context->doPad = PR_TRUE;
-	context->blockSize = 16;
-	/* fall thru */
-    case CKM_AES_ECB:
-    case CKM_AES_CBC:
-	if (key_type != CKK_AES) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	att = pk11_FindAttribute(key,CKA_VALUE);
-	if (att == NULL) {
-	    crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-	context->cipherInfo = AES_CreateContext(
-	    (unsigned char*)att->attrib.pValue,
-	    (unsigned char*)pMechanism->pParameter,
-	    pMechanism->mechanism == CKM_AES_ECB ? NSS_AES : NSS_AES_CBC,
-	    isEncrypt, att->attrib.ulValueLen, 16);
-	pk11_FreeAttribute(att);
-	if (context->cipherInfo == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->update = (PK11Cipher) (isEncrypt ? AES_Encrypt : AES_Decrypt);
-	context->destroy = (PK11Destroy) AES_DestroyContext;
-
-	break;
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        pk11_FreeContext(context);
-	pk11_FreeSession(session);
-	return crv;
-    }
-    pk11_SetContextByType(session, contextType, context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-/* NSC_EncryptInit initializes an encryption operation. */
-CK_RV NSC_EncryptInit(CK_SESSION_HANDLE hSession,
-		 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
-    return pk11_CryptInit(hSession, pMechanism, hKey, CKA_ENCRYPT, 
-						PK11_ENCRYPT, PR_TRUE);
-}
-
-/* NSC_EncryptUpdate continues a multiple-part encryption operation. */
-CK_RV NSC_EncryptUpdate(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,	
-					CK_ULONG_PTR pulEncryptedPartLen)
-{
-    PK11SessionContext *context;
-    unsigned int outlen,i;
-    unsigned int padoutlen = 0;
-    unsigned int maxout = *pulEncryptedPartLen;
-    CK_RV crv;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_TRUE,NULL);
-    if (crv != CKR_OK) return crv;
-
-    /* do padding */
-    if (context->doPad) {
-	/* deal with previous buffered data */
-	if (context->padDataLength != 0) {
-	    /* fill in the padded to a full block size */
-	    for (i=context->padDataLength; 
-			(ulPartLen != 0) && i < context->blockSize; i++) {
-		context->padBuf[i] = *pPart++;
-		ulPartLen--;
-		context->padDataLength++;
-	    }
-
-	    /* not enough data to encrypt yet? then return */
-	    if (context->padDataLength != context->blockSize) {
-		*pulEncryptedPartLen = 0;
-		return CKR_OK;
-	    }
-	    /* encrypt the current padded data */
-    	    rv = (*context->update)(context->cipherInfo,pEncryptedPart, 
-		&outlen,context->blockSize,context->padBuf,context->blockSize);
-    	    if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-	    pEncryptedPart += padoutlen;
-	    maxout -= padoutlen;
-	}
-	/* save the residual */
-	context->padDataLength = ulPartLen % context->blockSize;
-	if (context->padDataLength) {
-	    PORT_Memcpy(context->padBuf,
-			&pPart[ulPartLen-context->padDataLength],
-							context->padDataLength);
-	    ulPartLen -= context->padDataLength;
-	}
-	/* if we've exhausted our new buffer, we're done */
-	if (ulPartLen == 0) {
-	    *pulEncryptedPartLen = padoutlen;
-	    return CKR_OK;
-	}
-    }
-	
-
-
-    /* do it: NOTE: this assumes buf size in is >= buf size out! */
-    rv = (*context->update)(context->cipherInfo,pEncryptedPart, 
-					&outlen, maxout, pPart, ulPartLen);
-    *pulEncryptedPartLen = (CK_ULONG) (outlen + padoutlen);
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/* NSC_EncryptFinal finishes a multiple-part encryption operation. */
-CK_RV NSC_EncryptFinal(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen,i;
-    unsigned int maxout = *pulLastEncryptedPartLen;
-    CK_RV crv;
-    SECStatus rv = SECSuccess;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_TRUE,&session);
-    if (crv != CKR_OK) return crv;
-
-    *pulLastEncryptedPartLen = 0;
-
-    /* do padding */
-    if (context->doPad) {
-	unsigned char  padbyte = (unsigned char) 
-				(context->blockSize - context->padDataLength); 
-	/* fill out rest of pad buffer with pad magic*/
-	for (i=context->padDataLength; i < context->blockSize; i++) {
-	    context->padBuf[i] = padbyte;
-	}
-	rv = (*context->update)(context->cipherInfo,pLastEncryptedPart, 
-			&outlen, maxout, context->padBuf, context->blockSize);
-	if (rv == SECSuccess) *pulLastEncryptedPartLen = (CK_ULONG) outlen;
-    }
-
-    /* do it */
-    pk11_SetContextByType(session, PK11_ENCRYPT, NULL);
-    pk11_FreeContext(context);
-    pk11_FreeSession(session);
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Encrypt encrypts single-part data. */
-CK_RV NSC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-    		CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData,
-					 CK_ULONG_PTR pulEncryptedDataLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int maxoutlen = *pulEncryptedDataLen;
-    CK_RV crv;
-    CK_RV crv2;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_FALSE,&session);
-    if (crv != CKR_OK) return crv;
-
-    if (context->doPad) {
-	CK_ULONG finalLen;
-	/* padding is fairly complicated, have the update and final 
-	 * code deal with it */
-        pk11_FreeSession(session);
-	crv = NSC_EncryptUpdate(hSession,pData,ulDataLen,pEncryptedData,
-							pulEncryptedDataLen);
-	if (crv != CKR_OK) *pulEncryptedDataLen = 0;
-	maxoutlen -= *pulEncryptedDataLen;
-	pEncryptedData += *pulEncryptedDataLen;
-	finalLen = maxoutlen;
-	crv2 = NSC_EncryptFinal(hSession, pEncryptedData, &finalLen);
-	if (crv2 == CKR_OK) { *pulEncryptedDataLen += finalLen; }
-	return crv == CKR_OK ? crv2 :crv;
-    }
-	
-
-    /* do it: NOTE: this assumes buf size is big enough. */
-    rv = (*context->update)(context->cipherInfo, pEncryptedData, 
-					&outlen, maxoutlen, pData, ulDataLen);
-    *pulEncryptedDataLen = (CK_ULONG) outlen;
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_ENCRYPT, NULL);
-    pk11_FreeSession(session);
-
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions:     Decrypt ************************
- */
-
-/* NSC_DecryptInit initializes a decryption operation. */
-CK_RV NSC_DecryptInit( CK_SESSION_HANDLE hSession,
-			 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
-    return pk11_CryptInit(hSession, pMechanism, hKey, CKA_DECRYPT,
-						PK11_DECRYPT, PR_FALSE);
-}
-
-/* NSC_DecryptUpdate continues a multiple-part decryption operation. */
-CK_RV NSC_DecryptUpdate(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
-    				CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
-{
-    PK11SessionContext *context;
-    unsigned int padoutlen = 0;
-    unsigned int outlen;
-    unsigned int maxout = *pulPartLen;
-    CK_RV crv;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_TRUE,NULL);
-    if (crv != CKR_OK) return crv;
-
-    if (context->doPad) {
-	/* first decrypt our saved buffer */
-	if (context->padDataLength != 0) {
-    	    rv = (*context->update)(context->cipherInfo, pPart, &padoutlen,
-		 maxout, context->padBuf, context->blockSize);
-    	    if (rv != SECSuccess)  return CKR_DEVICE_ERROR;
-	    pPart += padoutlen;
-	    maxout -= padoutlen;
-	}
-	/* now save the final block for the next decrypt or the final */
-	PORT_Memcpy(context->padBuf,&pEncryptedPart[ulEncryptedPartLen -
-				context->blockSize], context->blockSize);
-	context->padDataLength = context->blockSize;
-	ulEncryptedPartLen -= context->padDataLength;
-    }
-
-    /* do it: NOTE: this assumes buf size in is >= buf size out! */
-    rv = (*context->update)(context->cipherInfo,pPart, &outlen,
-		 maxout, pEncryptedPart, ulEncryptedPartLen);
-    *pulPartLen = (CK_ULONG) (outlen + padoutlen);
-    return (rv == SECSuccess)  ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/* NSC_DecryptFinal finishes a multiple-part decryption operation. */
-CK_RV NSC_DecryptFinal(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int maxout = *pulLastPartLen;
-    CK_RV crv;
-    SECStatus rv = SECSuccess;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_TRUE,&session);
-    if (crv != CKR_OK) return crv;
-
-    *pulLastPartLen = 0;
-    if (context->doPad) {
-	/* decrypt our saved buffer */
-	if (context->padDataLength != 0) {
-	    /* this assumes that pLastPart is big enough to hold the *whole*
-	     * buffer!!! */
-    	    rv = (*context->update)(context->cipherInfo, pLastPart, &outlen,
-		 maxout, context->padBuf, context->blockSize);
-    	    if (rv == SECSuccess) {
-		unsigned int padSize = 
-			    (unsigned int) pLastPart[context->blockSize-1];
-		if ((padSize > context->blockSize) || (padSize == 0)) {
-		    rv = SECFailure;
-		} else {
-		    *pulLastPartLen = outlen - padSize;
-		}
-	    }
-	}
-    }
-
-    /* do it */
-    pk11_SetContextByType(session, PK11_DECRYPT, NULL);
-    pk11_FreeContext(context);
-    pk11_FreeSession(session);
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Decrypt decrypts encrypted data in a single part. */
-CK_RV NSC_Decrypt(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pEncryptedData,CK_ULONG ulEncryptedDataLen,CK_BYTE_PTR pData,
-    						CK_ULONG_PTR pulDataLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int maxoutlen = *pulDataLen;
-    CK_RV crv;
-    CK_RV crv2;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_FALSE,&session);
-    if (crv != CKR_OK) return crv;
-
-    if (context->doPad) {
-	CK_ULONG finalLen;
-	/* padding is fairly complicated, have the update and final 
-	 * code deal with it */
-        pk11_FreeSession(session);
-	crv = NSC_DecryptUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
-							pData, pulDataLen);
-	if (crv != CKR_OK) *pulDataLen = 0;
-	maxoutlen -= *pulDataLen;
-	pData += *pulDataLen;
-	finalLen = maxoutlen;
-	crv2 = NSC_DecryptFinal(hSession, pData, &finalLen);
-	if (crv2 == CKR_OK) { *pulDataLen += finalLen; }
-	return crv == CKR_OK ? crv2 :crv;
-    }
-
-    rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen, 
-					pEncryptedData, ulEncryptedDataLen);
-    *pulDataLen = (CK_ULONG) outlen;
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_DECRYPT, NULL);
-    pk11_FreeSession(session);
-    return (rv == SECSuccess)  ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-
-/*
- ************** Crypto Functions:     Digest (HASH)  ************************
- */
-
-/* NSC_DigestInit initializes a message-digesting operation. */
-CK_RV NSC_DigestInit(CK_SESSION_HANDLE hSession,
-    					CK_MECHANISM_PTR pMechanism)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    MD2Context *md2_context;
-    MD5Context *md5_context;
-    SHA1Context *sha1_context;
-    CK_RV crv = CKR_OK;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    crv = pk11_InitGeneric(session,&context,PK11_HASH,NULL,0,NULL, 0, 0);
-    if (crv != CKR_OK) {
-	pk11_FreeSession(session);
-	return crv;
-    }
-
-    switch(pMechanism->mechanism) {
-    case CKM_MD2:
-	md2_context = MD2_NewContext();
-	context->cipherInfo = (void *)md2_context;
-	context->cipherInfoLen = MD2_FlattenSize(md2_context);
-	context->currentMech = CKM_MD2;
-        if (context->cipherInfo == NULL) {
-	    crv= CKR_HOST_MEMORY;
-	    
-	}
-	context->hashUpdate = (PK11Hash) MD2_Update;
-	context->end = (PK11End) MD2_End;
-	context->destroy = (PK11Destroy) MD2_DestroyContext;
-	MD2_Begin(md2_context);
-	break;
-    case CKM_MD5:
-	md5_context = MD5_NewContext();
-	context->cipherInfo = (void *)md5_context;
-	context->cipherInfoLen = MD5_FlattenSize(md5_context);
-	context->currentMech = CKM_MD5;
-        if (context->cipherInfo == NULL) {
-	    crv= CKR_HOST_MEMORY;
-	    
-	}
-	context->hashUpdate = (PK11Hash) MD5_Update;
-	context->end = (PK11End) MD5_End;
-	context->destroy = (PK11Destroy) MD5_DestroyContext;
-	MD5_Begin(md5_context);
-	break;
-    case CKM_SHA_1:
-	sha1_context = SHA1_NewContext();
-	context->cipherInfo = (void *)sha1_context;
-	context->cipherInfoLen = SHA1_FlattenSize(sha1_context);
-	context->currentMech = CKM_SHA_1;
-        if (context->cipherInfo == NULL) {
-	    crv= CKR_HOST_MEMORY;
-	    break;
-	}
-	context->hashUpdate = (PK11Hash) SHA1_Update;
-	context->end = (PK11End) SHA1_End;
-	context->destroy = (PK11Destroy) SHA1_DestroyContext;
-	SHA1_Begin(sha1_context);
-	break;
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        pk11_FreeContext(context);
-	pk11_FreeSession(session);
-	return crv;
-    }
-    pk11_SetContextByType(session, PK11_HASH, context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-
-/* NSC_Digest digests data in a single part. */
-CK_RV NSC_Digest(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest,
-    						CK_ULONG_PTR pulDigestLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int digestLen;
-    unsigned int maxout = *pulDigestLen;
-    CK_RV crv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_HASH,PR_FALSE,&session);
-    if (crv != CKR_OK) return crv;
-
-    /* do it: */
-    (*context->hashUpdate)(context->cipherInfo, pData, ulDataLen);
-    /*  NOTE: this assumes buf size is bigenough for the algorithm */
-    (*context->end)(context->cipherInfo, pDigest, &digestLen,maxout);
-    *pulDigestLen = digestLen;
-
-    pk11_SetContextByType(session, PK11_HASH, NULL);
-    pk11_FreeContext(context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-
-/* NSC_DigestUpdate continues a multiple-part message-digesting operation. */
-CK_RV NSC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
-					    CK_ULONG ulPartLen)
-{
-    PK11SessionContext *context;
-    CK_RV crv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_HASH,PR_TRUE,NULL);
-    if (crv != CKR_OK) return crv;
-    /* do it: */
-    (*context->hashUpdate)(context->cipherInfo, pPart, ulPartLen);
-    return CKR_OK;
-}
-
-
-/* NSC_DigestFinal finishes a multiple-part message-digesting operation. */
-CK_RV NSC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
-    						CK_ULONG_PTR pulDigestLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int maxout = *pulDigestLen;
-    unsigned int digestLen;
-    CK_RV crv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, &session);
-    if (crv != CKR_OK) return crv;
-
-    if (pDigest != NULL) {
-        (*context->end)(context->cipherInfo, pDigest, &digestLen, maxout);
-        *pulDigestLen = digestLen;
-    } else {
-	*pulDigestLen = 0;
-    }
-
-    pk11_SetContextByType(session, PK11_HASH, NULL);
-    pk11_FreeContext(context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-/*
- * this helper functions are used by Generic Macing and Signing functions
- * that use hashes as part of their operations. 
- */
-static CK_RV
-pk11_doSubMD2(PK11SessionContext *context) {
-	MD2Context *md2_context = MD2_NewContext();
-	context->hashInfo = (void *)md2_context;
-        if (context->hashInfo == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	context->hashUpdate = (PK11Hash) MD2_Update;
-	context->end = (PK11End) MD2_End;
-	context->hashdestroy = (PK11Destroy) MD2_DestroyContext;
-	MD2_Begin(md2_context);
-	return CKR_OK;
-}
-
-static CK_RV
-pk11_doSubMD5(PK11SessionContext *context) {
-	MD5Context *md5_context = MD5_NewContext();
-	context->hashInfo = (void *)md5_context;
-        if (context->hashInfo == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	context->hashUpdate = (PK11Hash) MD5_Update;
-	context->end = (PK11End) MD5_End;
-	context->hashdestroy = (PK11Destroy) MD5_DestroyContext;
-	MD5_Begin(md5_context);
-	return CKR_OK;
-}
-
-static CK_RV
-pk11_doSubSHA1(PK11SessionContext *context) {
-	SHA1Context *sha1_context = SHA1_NewContext();
-	context->hashInfo = (void *)sha1_context;
-        if (context->hashInfo == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	context->hashUpdate = (PK11Hash) SHA1_Update;
-	context->end = (PK11End) SHA1_End;
-	context->hashdestroy = (PK11Destroy) SHA1_DestroyContext;
-	SHA1_Begin(sha1_context);
-	return CKR_OK;
-}
-
-/*
- * HMAC General copies only a portion of the result. This update routine likes
- * the final HMAC output with the signature.
- */
-static SECStatus
-pk11_HMACCopy(CK_ULONG *copyLen,unsigned char *sig,unsigned int *sigLen,
-		unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
-    if (maxLen < *copyLen) return SECFailure;
-    PORT_Memcpy(sig,hash,*copyLen);
-    *sigLen = *copyLen;
-    return SECSuccess;
-}
-
-/* Verify is just a compare for HMAC */
-static SECStatus
-pk11_HMACCmp(CK_ULONG *copyLen,unsigned char *sig,unsigned int sigLen,
-				unsigned char *hash, unsigned int hashLen)
-{
-    return PORT_Memcmp(sig,hash,*copyLen) ? SECSuccess : SECFailure ;
-}
-
-/*
- * common HMAC initalization routine
- */
-static CK_RV
-pk11_doHMACInit(PK11SessionContext *context,HASH_HashType hash,
-					PK11Object *key, CK_ULONG mac_size)
-{
-    PK11Attribute *keyval;
-    HMACContext *HMACcontext;
-    CK_ULONG *intpointer;
-    const SECHashObject *hashObj = &SECRawHashObjects[hash];
-
-    keyval = pk11_FindAttribute(key,CKA_VALUE);
-    if (keyval == NULL) return CKR_KEY_SIZE_RANGE;
-
-    HMACcontext = HMAC_Create(hashObj, 
-		(const unsigned char*)keyval->attrib.pValue,
-						 keyval->attrib.ulValueLen);
-    context->hashInfo = HMACcontext;
-    context->multi = PR_TRUE;
-    pk11_FreeAttribute(keyval);
-    if (context->hashInfo == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    context->hashUpdate = (PK11Hash) HMAC_Update;
-    context->end = (PK11End) HMAC_Finish;
-
-    context->hashdestroy = (PK11Destroy) pk11_HMAC_Destroy;
-    intpointer = (CK_ULONG *) PORT_Alloc(sizeof(CK_ULONG));
-    if (intpointer == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-    *intpointer = mac_size;
-    context->cipherInfo = (void *) intpointer;
-    context->destroy = (PK11Destroy) pk11_Space;
-    context->update = (PK11Cipher) pk11_HMACCopy;
-    context->verify = (PK11Verify) pk11_HMACCmp;
-    HMAC_Begin(HMACcontext);
-    return CKR_OK;
-}
-
-/*
- *  SSL Macing support. SSL Macs are inited, then update with the base
- * hashing algorithm, then finalized in sign and verify
- */
-
-/*
- * FROM SSL:
- * 60 bytes is 3 times the maximum length MAC size that is supported.
- * We probably should have one copy of this table. We still need this table
- * in ssl to 'sign' the handshake hashes.
- */
-static unsigned char ssl_pad_1 [60] = {
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36
-};
-static unsigned char ssl_pad_2 [60] = {
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c
-};
-
-static SECStatus
-pk11_SSLMACSign(PK11SSLMACInfo *info,unsigned char *sig,unsigned int *sigLen,
-		unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
-    unsigned char tmpBuf[PK11_MAX_MAC_LENGTH];
-    unsigned int out;
-
-    info->begin(info->hashContext);
-    info->update(info->hashContext,info->key,info->keySize);
-    info->update(info->hashContext,ssl_pad_2,info->padSize);
-    info->update(info->hashContext,hash,hashLen);
-    info->end(info->hashContext,tmpBuf,&out,PK11_MAX_MAC_LENGTH);
-    PORT_Memcpy(sig,tmpBuf,info->macSize);
-    *sigLen = info->macSize;
-    return SECSuccess;
-}
-
-static SECStatus
-pk11_SSLMACVerify(PK11SSLMACInfo *info,unsigned char *sig,unsigned int sigLen,
-		unsigned char *hash, unsigned int hashLen)
-{
-    unsigned char tmpBuf[PK11_MAX_MAC_LENGTH];
-    unsigned int out;
-
-    info->begin(info->hashContext);
-    info->update(info->hashContext,info->key,info->keySize);
-    info->update(info->hashContext,ssl_pad_2,info->padSize);
-    info->update(info->hashContext,hash,hashLen);
-    info->end(info->hashContext,tmpBuf,&out,PK11_MAX_MAC_LENGTH);
-    return (PORT_Memcmp(sig,tmpBuf,info->macSize) == 0) ? 
-						SECSuccess : SECFailure;
-}
-
-/*
- * common HMAC initalization routine
- */
-static CK_RV
-pk11_doSSLMACInit(PK11SessionContext *context,SECOidTag oid,
-					PK11Object *key, CK_ULONG mac_size)
-{
-    PK11Attribute *keyval;
-    PK11Begin begin;
-    int padSize;
-    PK11SSLMACInfo *sslmacinfo;
-    CK_RV crv = CKR_MECHANISM_INVALID;
-
-    if (oid == SEC_OID_SHA1) {
-	crv = pk11_doSubSHA1(context);
-	begin = (PK11Begin) SHA1_Begin;
-	if (crv != CKR_OK) return crv;
-	padSize = 40;
-    } else {
-	crv = pk11_doSubMD5(context);
-	if (crv != CKR_OK) return crv;
-	begin = (PK11Begin) MD5_Begin;
-	padSize = 48;
-    }
-    context->multi = PR_TRUE;
-
-    keyval = pk11_FindAttribute(key,CKA_VALUE);
-    if (keyval == NULL) return CKR_KEY_SIZE_RANGE;
-
-    context->hashUpdate(context->hashInfo,keyval->attrib.pValue,
-						 keyval->attrib.ulValueLen);
-    context->hashUpdate(context->hashInfo,ssl_pad_1,padSize);
-    sslmacinfo = (PK11SSLMACInfo *) PORT_Alloc(sizeof(PK11SSLMACInfo));
-    if (sslmacinfo == NULL) {
-        pk11_FreeAttribute(keyval);
-	return CKR_HOST_MEMORY;
-    }
-    sslmacinfo->macSize = mac_size;
-    sslmacinfo->hashContext = context->hashInfo;
-    PORT_Memcpy(sslmacinfo->key,keyval->attrib.pValue,
-					keyval->attrib.ulValueLen);
-    sslmacinfo->keySize = keyval->attrib.ulValueLen;
-    sslmacinfo->begin = begin;
-    sslmacinfo->end = context->end;
-    sslmacinfo->update = context->hashUpdate;
-    sslmacinfo->padSize = padSize;
-    pk11_FreeAttribute(keyval);
-    context->cipherInfo = (void *) sslmacinfo;
-    context->destroy = (PK11Destroy) pk11_Space;
-    context->update = (PK11Cipher) pk11_SSLMACSign;
-    context->verify = (PK11Verify) pk11_SSLMACVerify;
-    return CKR_OK;
-}
-
-typedef struct {
-    PRUint32	cxSize;		/* size of allocated block, in bytes.        */
-    PRUint32	cxKeyLen;	/* number of bytes of cxBuf containing key.  */
-    PRUint32	cxDataLen;	/* number of bytes of cxBuf containing data. */
-    SECStatus	cxRv;		/* records failure of void functions.        */
-    unsigned char cxBuf[512];	/* actual size may be larger than 512.       */
-} TLSPRFContext;
-
-static void
-pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data, 
-                        unsigned int data_len)
-{
-    PRUint32 bytesUsed = PK11_OFFSETOF(TLSPRFContext, cxBuf) + 
-                         cx->cxKeyLen + cx->cxDataLen;
-
-    if (cx->cxRv != SECSuccess)	/* function has previously failed. */
-    	return;
-    if (bytesUsed + data_len > cx->cxSize) {
-	/* We don't use realloc here because 
-	** (a) realloc doesn't zero out the old block, and 
-	** (b) if realloc fails, we lose the old block.
-	*/
-	PRUint32 blockSize = bytesUsed + data_len + 512;
-    	TLSPRFContext *new_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
-	if (!new_cx) {
-	   cx->cxRv = SECFailure;
-	   return;
-	}
-	PORT_Memcpy(new_cx, cx, cx->cxSize);
-	new_cx->cxSize = blockSize;
-
-	PORT_ZFree(cx, cx->cxSize);
-	cx = new_cx;
-    }
-    PORT_Memcpy(cx->cxBuf + cx->cxKeyLen + cx->cxDataLen, data, data_len);
-    cx->cxDataLen += data_len;
-}
-
-static void 
-pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
-	 unsigned int *pDigestLen, unsigned int maxDigestLen)
-{
-    *pDigestLen = 0; /* tells Verify that no data has been input yet. */
-}
-
-/* Compute the PRF values from the data previously input. */
-static SECStatus
-pk11_TLSPRFUpdate(TLSPRFContext *cx, 
-                  unsigned char *sig,		/* output goes here. */
-		  unsigned int * sigLen, 	/* how much output.  */
-		  unsigned int   maxLen, 	/* output buffer size */
-		  unsigned char *hash, 		/* unused. */
-		  unsigned int   hashLen)	/* unused. */
-{
-    SECStatus rv;
-    SECItem sigItem;
-    SECItem seedItem;
-    SECItem secretItem;
-
-    if (cx->cxRv != SECSuccess)
-    	return cx->cxRv;
-
-    secretItem.data = cx->cxBuf;
-    secretItem.len  = cx->cxKeyLen;
-
-    seedItem.data = cx->cxBuf + cx->cxKeyLen;
-    seedItem.len  = cx->cxDataLen;
-
-    sigItem.data = sig;
-    sigItem.len  = maxLen;
-
-    rv = pk11_PRF(&secretItem, NULL, &seedItem, &sigItem);
-    if (rv == SECSuccess && sigLen != NULL)
-    	*sigLen = sigItem.len;
-    return rv;
-
-}
-
-static SECStatus
-pk11_TLSPRFVerify(TLSPRFContext *cx, 
-                  unsigned char *sig, 		/* input, for comparison. */
-		  unsigned int   sigLen,	/* length of sig.         */
-		  unsigned char *hash, 		/* data to be verified.   */
-		  unsigned int   hashLen)	/* size of hash data.     */
-{
-    unsigned char * tmp    = (unsigned char *)PORT_Alloc(sigLen);
-    unsigned int    tmpLen = sigLen;
-    SECStatus       rv;
-
-    if (!tmp)
-    	return SECFailure;
-    if (hashLen) {
-    	/* hashLen is non-zero when the user does a one-step verify.
-	** In this case, none of the data has been input yet.
-	*/
-    	pk11_TLSPRFHashUpdate(cx, hash, hashLen);
-    }
-    rv = pk11_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
-    if (rv == SECSuccess) {
-    	rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen));
-    }
-    PORT_ZFree(tmp, sigLen);
-    return rv;
-}
-
-static void
-pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
-{
-    if (freeit)
-	PORT_ZFree(cx, cx->cxSize);
-}
-
-static CK_RV
-pk11_TLSPRFInit(PK11SessionContext *context, 
-		  PK11Object *        key, 
-		  CK_KEY_TYPE         key_type)
-{
-    PK11Attribute * keyVal;
-    TLSPRFContext * prf_cx;
-    CK_RV           crv = CKR_HOST_MEMORY;
-    PRUint32        keySize;
-    PRUint32        blockSize;
-
-    if (key_type != CKK_GENERIC_SECRET)
-    	return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */
-
-    context->multi = PR_TRUE;
-
-    keyVal = pk11_FindAttribute(key, CKA_VALUE);
-    keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
-    blockSize = keySize + sizeof(TLSPRFContext);
-    prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
-    if (!prf_cx) 
-    	goto done;
-    prf_cx->cxSize    = blockSize;
-    prf_cx->cxKeyLen  = keySize;
-    prf_cx->cxDataLen = 0;
-    prf_cx->cxRv        = SECSuccess;
-    if (keySize)
-	PORT_Memcpy(prf_cx->cxBuf, keyVal->attrib.pValue, keySize);
-
-    context->hashInfo    = (void *) prf_cx;
-    context->cipherInfo  = (void *) prf_cx;
-    context->hashUpdate  = (PK11Hash)    pk11_TLSPRFHashUpdate;
-    context->end         = (PK11End)     pk11_TLSPRFEnd;
-    context->update      = (PK11Cipher)  pk11_TLSPRFUpdate;
-    context->verify      = (PK11Verify)  pk11_TLSPRFVerify;
-    context->destroy     = (PK11Destroy) pk11_Null;
-    context->hashdestroy = (PK11Destroy) pk11_TLSPRFHashDestroy;
-    crv = CKR_OK;
-
-done:
-    if (keyVal) 
-	pk11_FreeAttribute(keyVal);
-    return crv;
-}
-
-/*
- ************** Crypto Functions:     Sign  ************************
- */
-
-/*
- * Check if We're using CBCMacing and initialize the session context if we are.
- */
-static CK_RV
-pk11_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
- 	CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE keyUsage,
-						 PK11ContextType contextType)
-	
-{
-    CK_MECHANISM cbc_mechanism;
-    CK_ULONG mac_bytes = PK11_INVALID_MAC_SIZE;
-    CK_RC2_CBC_PARAMS rc2_params;
-#if NSS_SOFTOKEN_DOES_RC5
-    CK_RC5_CBC_PARAMS rc5_params;
-    CK_RC5_MAC_GENERAL_PARAMS *rc5_mac;
-#endif
-    unsigned char ivBlock[PK11_MAX_BLOCK_SIZE];
-    PK11SessionContext *context;
-    CK_RV crv;
-    int blockSize;
-
-    switch (pMechanism->mechanism) {
-    case CKM_RC2_MAC_GENERAL:
-	mac_bytes = 
-	    ((CK_RC2_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
-	/* fall through */
-    case CKM_RC2_MAC:
-	/* this works because ulEffectiveBits is in the same place in both the
-	 * CK_RC2_MAC_GENERAL_PARAMS and CK_RC2_CBC_PARAMS */
-	rc2_params.ulEffectiveBits = ((CK_RC2_MAC_GENERAL_PARAMS *)
-				pMechanism->pParameter)->ulEffectiveBits;
-	PORT_Memset(rc2_params.iv,0,sizeof(rc2_params.iv));
-	cbc_mechanism.mechanism = CKM_RC2_CBC;
-	cbc_mechanism.pParameter = &rc2_params;
-	cbc_mechanism.ulParameterLen = sizeof(rc2_params);
-	blockSize = 8;
-	break;
-#if NSS_SOFTOKEN_DOES_RC5
-    case CKM_RC5_MAC_GENERAL:
-	mac_bytes = 
-	    ((CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
-	/* fall through */
-    case CKM_RC5_MAC:
-	/* this works because ulEffectiveBits is in the same place in both the
-	 * CK_RC5_MAC_GENERAL_PARAMS and CK_RC5_CBC_PARAMS */
-	rc5_mac = (CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter;
-	rc5_params.ulWordsize = rc5_mac->ulWordsize;
-	rc5_params.ulRounds = rc5_mac->ulRounds;
-	rc5_params.pIv = ivBlock;
-	blockSize = rc5_mac->ulWordsize*2;
-	rc5_params.ulIvLen = blockSize;
-	PORT_Memset(ivBlock,0,blockSize);
-	cbc_mechanism.mechanism = CKM_RC5_CBC;
-	cbc_mechanism.pParameter = &rc5_params;
-	cbc_mechanism.ulParameterLen = sizeof(rc5_params);
-	break;
-#endif
-    /* add cast and idea later */
-    case CKM_DES_MAC_GENERAL:
-	mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
-	/* fall through */
-    case CKM_DES_MAC:
-	blockSize = 8;
-	PORT_Memset(ivBlock,0,blockSize);
-	cbc_mechanism.mechanism = CKM_DES_CBC;
-	cbc_mechanism.pParameter = &ivBlock;
-	cbc_mechanism.ulParameterLen = blockSize;
-	break;
-    case CKM_DES3_MAC_GENERAL:
-	mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
-	/* fall through */
-    case CKM_DES3_MAC:
-	blockSize = 8;
-	PORT_Memset(ivBlock,0,blockSize);
-	cbc_mechanism.mechanism = CKM_DES3_CBC;
-	cbc_mechanism.pParameter = &ivBlock;
-	cbc_mechanism.ulParameterLen = blockSize;
-	break;
-    case CKM_CDMF_MAC_GENERAL:
-	mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
-	/* fall through */
-    case CKM_CDMF_MAC:
-	blockSize = 8;
-	PORT_Memset(ivBlock,0,blockSize);
-	cbc_mechanism.mechanism = CKM_CDMF_CBC;
-	cbc_mechanism.pParameter = &ivBlock;
-	cbc_mechanism.ulParameterLen = blockSize;
-	break;
-    case CKM_AES_MAC_GENERAL:
-	mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
-	/* fall through */
-    case CKM_AES_MAC:
-	blockSize = 16;
-	PORT_Memset(ivBlock,0,blockSize);
-	cbc_mechanism.mechanism = CKM_AES_CBC;
-	cbc_mechanism.pParameter = &ivBlock;
-	cbc_mechanism.ulParameterLen = blockSize;
-	break;
-    default:
-	return CKR_FUNCTION_NOT_SUPPORTED;
-    }
-
-    crv = pk11_CryptInit(hSession, &cbc_mechanism, hKey, keyUsage,
-							contextType, PR_TRUE);
-    if (crv != CKR_OK) return crv;
-    crv = pk11_GetContext(hSession,&context,contextType,PR_TRUE,NULL);
-
-    /* this shouldn't happen! */
-    PORT_Assert(crv == CKR_OK);
-    if (crv != CKR_OK) return crv;
-    context->blockSize = blockSize;
-    if (mac_bytes == PK11_INVALID_MAC_SIZE) mac_bytes = blockSize/2;
-    context->macSize = mac_bytes;
-    return CKR_OK;
-}
-
-/*
- * encode RSA PKCS #1 Signature data before signing... 
- */
-static SECStatus
-pk11_HashSign(PK11HashSignInfo *info,unsigned char *sig,unsigned int *sigLen,
-		unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
-    
-    SECStatus rv = SECFailure;
-    SECItem digder;
-    PLArenaPool *arena = NULL;
-    SGNDigestInfo *di = NULL;
-
-    digder.data = NULL;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( !arena ) { goto loser; }
-    
-    /* Construct digest info */
-    di = SGN_CreateDigestInfo(info->hashOid, hash, hashLen);
-    if (!di) { goto loser; }
-
-    /* Der encode the digest as a DigestInfo */
-    rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /*
-    ** Encrypt signature after constructing appropriate PKCS#1 signature
-    ** block
-    */
-    rv = RSA_Sign(info->key,sig,sigLen,maxLen,digder.data,digder.len);
-
-  loser:
-    SGN_DestroyDigestInfo(di);
-    if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-    }
-    return rv;
-}
-
-static SECStatus
-nsc_DSA_Verify_Stub(void *ctx, void *sigBuf, unsigned int sigLen,
-                               void *dataBuf, unsigned int dataLen)
-{
-    SECItem signature, digest;
-    NSSLOWKEYPublicKey *key = (NSSLOWKEYPublicKey *)ctx;
-
-    signature.data = (unsigned char *)sigBuf;
-    signature.len = sigLen;
-    digest.data = (unsigned char *)dataBuf;
-    digest.len = dataLen;
-    return DSA_VerifyDigest(&(key->u.dsa), &signature, &digest);
-}
-
-static SECStatus
-nsc_DSA_Sign_Stub(void *ctx, void *sigBuf,
-                  unsigned int *sigLen, unsigned int maxSigLen,
-                  void *dataBuf, unsigned int dataLen)
-{
-    SECItem signature = { 0 }, digest;
-    SECStatus rv;
-    NSSLOWKEYPrivateKey *key = (NSSLOWKEYPrivateKey *)ctx;
-
-    (void)SECITEM_AllocItem(NULL, &signature, maxSigLen);
-    digest.data = (unsigned char *)dataBuf;
-    digest.len = dataLen;
-    rv = DSA_SignDigest(&(key->u.dsa), &signature, &digest);
-    *sigLen = signature.len;
-    PORT_Memcpy(sigBuf, signature.data, signature.len);
-    SECITEM_FreeItem(&signature, PR_FALSE);
-    return rv;
-}
-
-/* NSC_SignInit setups up the signing operations. There are three basic
- * types of signing:
- *	(1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied
- *  to data in a single Sign operation (which often looks a lot like an
- *  encrypt, with data coming in and data going out).
- *	(2) Hash based signing, where we continually hash the data, then apply
- *  some sort of signature to the end.
- *	(3) Block Encryption CBC MAC's, where the Data is encrypted with a key,
- *  and only the final block is part of the mac.
- *
- *  For case number 3, we initialize a context much like the Encryption Context
- *  (in fact we share code). We detect case 3 in C_SignUpdate, C_Sign, and 
- *  C_Final by the following method... if it's not multi-part, and it's doesn't
- *  have a hash context, it must be a block Encryption CBC MAC.
- *
- *  For case number 2, we initialize a hash structure, as well as make it 
- *  multi-part. Updates are simple calls to the hash update function. Final
- *  calls the hashend, then passes the result to the 'update' function (which
- *  operates as a final signature function). In some hash based MAC'ing (as
- *  opposed to hash base signatures), the update function is can be simply a 
- *  copy (as is the case with HMAC).
- */
-CK_RV NSC_SignInit(CK_SESSION_HANDLE hSession,
-		 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
-    PK11Session *session;
-    PK11Object *key;
-    PK11SessionContext *context;
-    CK_KEY_TYPE key_type;
-    CK_RV crv = CKR_OK;
-    NSSLOWKEYPrivateKey *privKey;
-    PK11HashSignInfo *info = NULL;
-
-    /* Block Cipher MACing Algorithms use a different Context init method..*/
-    crv = pk11_InitCBCMac(hSession, pMechanism, hKey, CKA_SIGN, PK11_SIGN);
-    if (crv != CKR_FUNCTION_NOT_SUPPORTED) return crv;
-
-    /* we're not using a block cipher mac */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    crv = pk11_InitGeneric(session,&context,PK11_SIGN,&key,hKey,&key_type,
-						CKO_PRIVATE_KEY,CKA_SIGN);
-    if (crv != CKR_OK) {
-	pk11_FreeSession(session);
-	return crv;
-    }
-
-    context->multi = PR_FALSE;
-
-    switch(pMechanism->mechanism) {
-    case CKM_MD5_RSA_PKCS:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubMD5(context);
-	if (crv != CKR_OK) break;
-	context->update = (PK11Cipher) pk11_HashSign;
-	info = (PK11HashSignInfo *)PORT_Alloc(sizeof(PK11HashSignInfo));
-	if (info == NULL) {
-	   crv = CKR_HOST_MEMORY;
-	   break;
-	}
-	info->hashOid = SEC_OID_MD5;
-	goto finish_rsa;
-    case CKM_MD2_RSA_PKCS:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubMD2(context);
-	if (crv != CKR_OK) break;
-	context->update = (PK11Cipher) pk11_HashSign;
-	info = (PK11HashSignInfo *)PORT_Alloc(sizeof(PK11HashSignInfo));
-	if (info == NULL) {
-	   crv = CKR_HOST_MEMORY;
-	   break;
-	}
-	info->hashOid = SEC_OID_MD2;
-	goto finish_rsa;
-    case CKM_SHA1_RSA_PKCS:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubSHA1(context);
-	if (crv != CKR_OK) break;
-	context->update = (PK11Cipher) pk11_HashSign;
-	info = (PK11HashSignInfo *)PORT_Alloc(sizeof(PK11HashSignInfo));
-	if (info == NULL) {
-	   crv = CKR_HOST_MEMORY;
-	   break;
-	}
-	info->hashOid = SEC_OID_SHA1;
-	goto finish_rsa;
-    case CKM_RSA_PKCS:
-	context->update = (PK11Cipher) RSA_Sign;
-	goto finish_rsa;
-    case CKM_RSA_X_509:
-	context->update = (PK11Cipher)  RSA_SignRaw;
-finish_rsa:
-	if (key_type != CKK_RSA) {
-	    if (info) PORT_Free(info);
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	context->multi = PR_FALSE;
-	privKey = pk11_GetPrivKey(key,CKK_RSA);
-	if (privKey == NULL) {
-	    if (info) PORT_Free(info);
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	/* OK, info is allocated only if we're doing hash and sign mechanism.
-	 * It's necessary to be able to set the correct OID in the final 
-	 * signature.
-	 */
-	if (info) {
-	    info->key = privKey;
-	    context->cipherInfo = info;
-	    context->destroy = (PK11Destroy)pk11_Space;
-	} else {
-	    context->cipherInfo = privKey;
-	    context->destroy = (PK11Destroy)pk11_Null;
-	}
-	break;
-
-    case CKM_DSA_SHA1:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubSHA1(context);
-	if (crv != CKR_OK) break;
-	/* fall through */
-    case CKM_DSA:
-	if (key_type != CKK_DSA) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	privKey = pk11_GetPrivKey(key,CKK_DSA);
-	if (privKey == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->cipherInfo = privKey;
-	context->update     = (PK11Cipher) nsc_DSA_Sign_Stub;
-	context->destroy    = (privKey == key->objectInfo) ?
-		(PK11Destroy) pk11_Null:(PK11Destroy)pk11_FreePrivKey;
-
-	break;
-    case CKM_MD2_HMAC_GENERAL:
-	crv = pk11_doHMACInit(context,HASH_AlgMD2,key,
-				*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_MD2_HMAC:
-	crv = pk11_doHMACInit(context,HASH_AlgMD2,key,MD2_LENGTH);
-	break;
-    case CKM_MD5_HMAC_GENERAL:
-	crv = pk11_doHMACInit(context,HASH_AlgMD5,key,
-				*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_MD5_HMAC:
-	crv = pk11_doHMACInit(context,HASH_AlgMD5,key,MD5_LENGTH);
-	break;
-    case CKM_SHA_1_HMAC_GENERAL:
-	crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,
-				*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_SHA_1_HMAC:
-	crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,SHA1_LENGTH);
-	break;
-    case CKM_SSL3_MD5_MAC:
-	crv = pk11_doSSLMACInit(context,SEC_OID_MD5,key,
-					*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_SSL3_SHA1_MAC:
-	crv = pk11_doSSLMACInit(context,SEC_OID_SHA1,key,
-					*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_TLS_PRF_GENERAL:
-	crv = pk11_TLSPRFInit(context, key, key_type);
-	break;
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        pk11_FreeContext(context);
-	pk11_FreeSession(session);
-	return crv;
-    }
-    pk11_SetContextByType(session, PK11_SIGN, context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-
-/* MACUpdate is the common implementation for SignUpdate and VerifyUpdate.
- * (sign and verify only very in their setup and final operations) */
-static CK_RV 
-pk11_MACUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
-    					CK_ULONG ulPartLen,PK11ContextType type)
-{
-    unsigned int outlen;
-    PK11SessionContext *context;
-    CK_RV crv;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,type,PR_FALSE,NULL);
-    if (crv != CKR_OK) return crv;
-
-    if (context->hashInfo) {
-	(*context->hashUpdate)(context->hashInfo, pPart, ulPartLen);
-	return CKR_OK;
-    }
-
-    /* must be block cipher macing */
-
-    /* deal with previous buffered data */
-    if (context->padDataLength != 0) {
-	int i;
-	/* fill in the padded to a full block size */
-	for (i=context->padDataLength; (ulPartLen != 0) && 
-					i < (int)context->blockSize; i++) {
-	    context->padBuf[i] = *pPart++;
-	    ulPartLen--;
-	    context->padDataLength++;
-	}
-
-	/* not enough data to encrypt yet? then return */
-	if (context->padDataLength != context->blockSize)  return CKR_OK;
-	/* encrypt the current padded data */
-    	rv = (*context->update)(context->cipherInfo,context->macBuf,&outlen,
-			PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
-    	if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-    }
-
-    /* save the residual */
-    context->padDataLength = ulPartLen % context->blockSize;
-    if (context->padDataLength) {
-	    PORT_Memcpy(context->padBuf,
-			&pPart[ulPartLen-context->padDataLength],
-							context->padDataLength);
-	    ulPartLen -= context->padDataLength;
-    }
-
-    /* if we've exhausted our new buffer, we're done */
-    if (ulPartLen == 0) { return CKR_OK; }
-
-    /* run the data through out encrypter */	
-    while (ulPartLen) {
-    	rv = (*context->update)(context->cipherInfo, context->padBuf, &outlen, 
-			PK11_MAX_BLOCK_SIZE, pPart, context->blockSize);
-	if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-	/* paranoia.. make sure we exit the loop */
-	PORT_Assert(ulPartLen >= context->blockSize);
-	if (ulPartLen < context->blockSize) break;
-	ulPartLen -= context->blockSize;
-    }
-
-    return CKR_OK;
-	
-}
-
-/* NSC_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
-    							CK_ULONG ulPartLen)
-{
-    return pk11_MACUpdate(hSession, pPart, ulPartLen, PK11_SIGN);
-}
-
-
-/* NSC_SignFinal finishes a multiple-part signature operation, 
- * returning the signature. */
-CK_RV NSC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
-					    CK_ULONG_PTR pulSignatureLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int digestLen;
-    unsigned int maxoutlen = *pulSignatureLen;
-    unsigned char tmpbuf[PK11_MAX_MAC_LENGTH];
-    CK_RV crv;
-    SECStatus rv = SECSuccess;
-
-    /* make sure we're legal */
-    *pulSignatureLen = 0;
-    crv = pk11_GetContext(hSession,&context,PK11_SIGN,PR_TRUE,&session);
-    if (crv != CKR_OK) return crv;
-
-    if (context->hashInfo) {
-        (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
-	rv = (*context->update)(context->cipherInfo, pSignature,
-					&outlen, maxoutlen, tmpbuf, digestLen);
-        *pulSignatureLen = (CK_ULONG) outlen;
-    } else {
-	/* deal with the last block if any residual */
-	if (context->padDataLength) {
-	    /* fill out rest of pad buffer with pad magic*/
-	    int i;
-	    for (i=context->padDataLength; i < (int)context->blockSize; i++) {
-		context->padBuf[i] = 0;
-	    }
-	    rv = (*context->update)(context->cipherInfo,context->macBuf,
-		&outlen,PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
-	}
-	if (rv == SECSuccess) {
-	    PORT_Memcpy(pSignature,context->macBuf,context->macSize);
-	    *pulSignatureLen = context->macSize;
-	}
-    }
-
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_SIGN, NULL);
-    pk11_FreeSession(session);
-
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_Sign(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,
-    					CK_ULONG_PTR pulSignatureLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int maxoutlen = *pulSignatureLen;
-    CK_RV crv,crv2;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_SIGN,PR_FALSE,&session);
-    if (crv != CKR_OK) return crv;
-
-    /* multi part Signing are completely implemented by SignUpdate and
-     * sign Final */
-    if (context->multi) {
-        pk11_FreeSession(session);
-	crv = NSC_SignUpdate(hSession,pData,ulDataLen);
-	if (crv != CKR_OK) *pulSignatureLen = 0;
-	crv2 = NSC_SignFinal(hSession, pSignature, pulSignatureLen);
-	return crv == CKR_OK ? crv2 :crv;
-    }
-
-    rv = (*context->update)(context->cipherInfo, pSignature,
-					&outlen, maxoutlen, pData, ulDataLen);
-    *pulSignatureLen = (CK_ULONG) outlen;
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_SIGN, NULL);
-    pk11_FreeSession(session);
-
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions:     Sign Recover  ************************
- */
-/* NSC_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
-CK_RV NSC_SignRecoverInit(CK_SESSION_HANDLE hSession,
-			 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
-    switch (pMechanism->mechanism) {
-    case CKM_RSA_PKCS:
-    case CKM_RSA_X_509:
-	return NSC_SignInit(hSession,pMechanism,hKey);
-    default:
-	break;
-    }
-    return CKR_MECHANISM_INVALID;
-}
-
-
-/* NSC_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature. 
- * E.g. encryption with the user's private key */
-CK_RV NSC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-  CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
-{
-    return NSC_Sign(hSession,pData,ulDataLen,pSignature,pulSignatureLen);
-}
-
-/*
- ************** Crypto Functions:     verify  ************************
- */
-
-/* Handle RSA Signature formating */
-static SECStatus
-pk11_hashCheckSign(PK11HashVerifyInfo *info, unsigned char *sig, 
-	unsigned int sigLen, unsigned char *digest, unsigned int digestLen)
-{
-
-    SECItem it;
-    SGNDigestInfo *di = NULL;
-    SECStatus rv = SECSuccess;
-    
-    it.data = NULL;
-
-    if (info->key == NULL) goto loser;
-
-    it.len = nsslowkey_PublicModulusLen(info->key); 
-    if (!it.len) goto loser;
-
-    it.data = (unsigned char *) PORT_Alloc(it.len);
-    if (it.data == NULL) goto loser;
-
-    /* decrypt the block */
-    rv = RSA_CheckSignRecover(info->key, it.data, &it.len, it.len, sig, sigLen);
-    if (rv != SECSuccess) goto loser;
-
-    di = SGN_DecodeDigestInfo(&it);
-    if (di == NULL) goto loser;
-    if (di->digest.len != digestLen)  goto loser; 
-
-    /* make sure the tag is OK */
-    if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != info->hashOid) {
-	goto loser;
-    }
-    /* Now check the signature */
-    if (PORT_Memcmp(digest, di->digest.data, di->digest.len) == 0) {
-	goto done;
-    }
-
-  loser:
-    rv = SECFailure;
-
-  done:
-    if (it.data != NULL) PORT_Free(it.data);
-    if (di != NULL) SGN_DestroyDigestInfo(di);
-    
-    return rv;
-}
-
-/* NSC_VerifyInit initializes a verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-CK_RV NSC_VerifyInit(CK_SESSION_HANDLE hSession,
-			   CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) 
-{
-    PK11Session *session;
-    PK11Object *key;
-    PK11SessionContext *context;
-    CK_KEY_TYPE key_type;
-    CK_RV crv = CKR_OK;
-    NSSLOWKEYPublicKey *pubKey;
-    PK11HashVerifyInfo *info = NULL;
-
-    /* Block Cipher MACing Algorithms use a different Context init method..*/
-    crv = pk11_InitCBCMac(hSession, pMechanism, hKey, CKA_VERIFY, PK11_VERIFY);
-    if (crv != CKR_FUNCTION_NOT_SUPPORTED) return crv;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    crv = pk11_InitGeneric(session,&context,PK11_VERIFY,&key,hKey,&key_type,
-						CKO_PUBLIC_KEY,CKA_VERIFY);
-    if (crv != CKR_OK) {
-	pk11_FreeSession(session);
-	return crv;
-    }
-
-    context->multi = PR_FALSE;
-
-    switch(pMechanism->mechanism) {
-    case CKM_MD5_RSA_PKCS:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubMD5(context);
-	if (crv != CKR_OK) break;
-	context->verify = (PK11Verify) pk11_hashCheckSign;
-	info = (PK11HashVerifyInfo *)PORT_Alloc(sizeof(PK11HashVerifyInfo));
-	if (info == NULL) {
-	   crv = CKR_HOST_MEMORY;
-	   break;
-	}
-	info->hashOid = SEC_OID_MD5;
-	goto finish_rsa;
-    case CKM_MD2_RSA_PKCS:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubMD2(context);
-	if (crv != CKR_OK) break;
-	context->verify = (PK11Verify) pk11_hashCheckSign;
-	info = (PK11HashVerifyInfo *)PORT_Alloc(sizeof(PK11HashVerifyInfo));
-	if (info == NULL) {
-	   crv = CKR_HOST_MEMORY;
-	   break;
-	}
-	info->hashOid = SEC_OID_MD2;
-	goto finish_rsa;
-    case CKM_SHA1_RSA_PKCS:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubSHA1(context);
-	if (crv != CKR_OK) break;
-	context->verify = (PK11Verify) pk11_hashCheckSign;
-	info = (PK11HashVerifyInfo *)PORT_Alloc(sizeof(PK11HashVerifyInfo));
-	if (info == NULL) {
-	   crv = CKR_HOST_MEMORY;
-	   break;
-	}
-	info->hashOid = SEC_OID_SHA1;
-	goto finish_rsa;
-    case CKM_RSA_PKCS:
-	context->verify = (PK11Verify) RSA_CheckSign;
-	goto finish_rsa;
-    case CKM_RSA_X_509:
-	context->verify = (PK11Verify) RSA_CheckSignRaw;
-finish_rsa:
-	if (key_type != CKK_RSA) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	pubKey = pk11_GetPubKey(key,CKK_RSA);
-	if (pubKey == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	if (info) {
-	    info->key = pubKey;
-	    context->cipherInfo = info;
-	    context->destroy = pk11_Space;
-	} else {
-	    context->cipherInfo = pubKey;
-	    context->destroy = pk11_Null;
-	}
-	break;
-    case CKM_DSA_SHA1:
-        context->multi = PR_TRUE;
-	crv = pk11_doSubSHA1(context);
-	if (crv != CKR_OK) break;
-	/* fall through */
-    case CKM_DSA:
-	if (key_type != CKK_DSA) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	context->multi = PR_FALSE;
-	pubKey = pk11_GetPubKey(key,CKK_DSA);
-	if (pubKey == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->cipherInfo = pubKey;
-	context->verify     = (PK11Verify) nsc_DSA_Verify_Stub;
-	context->destroy    = pk11_Null;
-	break;
-
-    case CKM_MD2_HMAC_GENERAL:
-	crv = pk11_doHMACInit(context,HASH_AlgMD2,key,
-				*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_MD2_HMAC:
-	crv = pk11_doHMACInit(context,HASH_AlgMD2,key,MD2_LENGTH);
-	break;
-    case CKM_MD5_HMAC_GENERAL:
-	crv = pk11_doHMACInit(context,HASH_AlgMD5,key,
-				*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_MD5_HMAC:
-	crv = pk11_doHMACInit(context,HASH_AlgMD5,key,MD5_LENGTH);
-	break;
-    case CKM_SHA_1_HMAC_GENERAL:
-	crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,
-				*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_SHA_1_HMAC:
-	crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,SHA1_LENGTH);
-	break;
-    case CKM_SSL3_MD5_MAC:
-	crv = pk11_doSSLMACInit(context,SEC_OID_MD5,key,
-					*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_SSL3_SHA1_MAC:
-	crv = pk11_doSSLMACInit(context,SEC_OID_SHA1,key,
-					*(CK_ULONG *)pMechanism->pParameter);
-	break;
-    case CKM_TLS_PRF_GENERAL:
-	crv = pk11_TLSPRFInit(context, key, key_type);
-
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        PORT_Free(context);
-	pk11_FreeSession(session);
-	return crv;
-    }
-    pk11_SetContextByType(session, PK11_VERIFY, context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-/* NSC_Verify verifies a signature in a single-part operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-    CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    CK_RV crv;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_VERIFY,PR_FALSE,&session);
-    if (crv != CKR_OK) return crv;
-
-    rv = (*context->verify)(context->cipherInfo,pSignature, ulSignatureLen,
-							 pData, ulDataLen);
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_VERIFY, NULL);
-    pk11_FreeSession(session);
-
-    return (rv == SECSuccess) ? CKR_OK : CKR_SIGNATURE_INVALID;
-
-}
-
-
-/* NSC_VerifyUpdate continues a multiple-part verification operation, 
- * where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
-						CK_ULONG ulPartLen)
-{
-    return pk11_MACUpdate(hSession, pPart, ulPartLen, PK11_VERIFY);
-}
-
-
-/* NSC_VerifyFinal finishes a multiple-part verification operation, 
- * checking the signature. */
-CK_RV NSC_VerifyFinal(CK_SESSION_HANDLE hSession,
-			CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int digestLen;
-    unsigned char tmpbuf[PK11_MAX_MAC_LENGTH];
-    CK_RV crv;
-    SECStatus rv = SECSuccess;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_VERIFY,PR_TRUE,&session);
-    if (crv != CKR_OK) return crv;
-
-    if (context->hashInfo) {
-        (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
-	rv = (*context->verify)(context->cipherInfo, pSignature, 
-					ulSignatureLen, tmpbuf, digestLen);
-    } else {
-	if (context->padDataLength) {
-	    /* fill out rest of pad buffer with pad magic*/
-	    int i;
-	    for (i=context->padDataLength; i < (int)context->blockSize; i++) {
-		context->padBuf[i] = 0;
-	    }
-	    rv = (*context->update)(context->cipherInfo,context->macBuf, 
-		&outlen,PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
-	}
-	if (rv == SECSuccess) {
-	    rv =(PORT_Memcmp(pSignature,context->macBuf,context->macSize) == 0)
-				 ? SECSuccess : SECFailure;
-	}
-    }
-
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_VERIFY, NULL);
-    pk11_FreeSession(session);
-    return (rv == SECSuccess) ? CKR_OK : CKR_SIGNATURE_INVALID;
-
-}
-
-/*
- ************** Crypto Functions:     Verify  Recover ************************
- */
-
-/* NSC_VerifyRecoverInit initializes a signature verification operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
-CK_RV NSC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
-			CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
-    PK11Session *session;
-    PK11Object *key;
-    PK11SessionContext *context;
-    CK_KEY_TYPE key_type;
-    CK_RV crv = CKR_OK;
-    NSSLOWKEYPublicKey *pubKey;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-    crv = pk11_InitGeneric(session,&context,PK11_VERIFY_RECOVER,
-			&key,hKey,&key_type,CKO_PUBLIC_KEY,CKA_VERIFY_RECOVER);
-    if (crv != CKR_OK) {
-	pk11_FreeSession(session);
-	return crv;
-    }
-
-    context->multi = PR_TRUE;
-
-    switch(pMechanism->mechanism) {
-    case CKM_RSA_PKCS:
-    case CKM_RSA_X_509:
-	if (key_type != CKK_RSA) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	context->multi = PR_FALSE;
-	pubKey = pk11_GetPubKey(key,CKK_RSA);
-	if (pubKey == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	context->cipherInfo = pubKey;
-	context->update = (PK11Cipher) (pMechanism->mechanism == CKM_RSA_X_509
-			? RSA_CheckSignRecoverRaw : RSA_CheckSignRecover);
-	context->destroy = pk11_Null;
-	break;
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    if (crv != CKR_OK) {
-        PORT_Free(context);
-	pk11_FreeSession(session);
-	return crv;
-    }
-    pk11_SetContextByType(session, PK11_VERIFY_RECOVER, context);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-
-/* NSC_VerifyRecover verifies a signature in a single-part operation, 
- * where the data is recovered from the signature. 
- * E.g. Decryption with the user's public key */
-CK_RV NSC_VerifyRecover(CK_SESSION_HANDLE hSession,
-		 CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,
-    				CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)
-{
-    PK11Session *session;
-    PK11SessionContext *context;
-    unsigned int outlen;
-    unsigned int maxoutlen = *pulDataLen;
-    CK_RV crv;
-    SECStatus rv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession,&context,PK11_VERIFY_RECOVER,
-							PR_FALSE,&session);
-    if (crv != CKR_OK) return crv;
-
-    rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen, 
-						pSignature, ulSignatureLen);
-    *pulDataLen = (CK_ULONG) outlen;
-    pk11_FreeContext(context);
-    pk11_SetContextByType(session, PK11_VERIFY_RECOVER, NULL);
-    pk11_FreeSession(session);
-    return (rv == SECSuccess)  ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/*
- **************************** Random Functions:  ************************
- */
-
-/* NSC_SeedRandom mixes additional seed material into the token's random number 
- * generator. */
-CK_RV NSC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
-    CK_ULONG ulSeedLen) 
-{
-    SECStatus rv;
-
-    rv = RNG_RandomUpdate(pSeed, ulSeedLen);
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_GenerateRandom generates random data. */
-CK_RV NSC_GenerateRandom(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR	pRandomData, CK_ULONG ulRandomLen)
-{
-    SECStatus rv;
-
-    rv = RNG_GenerateGlobalRandomBytes(pRandomData, ulRandomLen);
-    return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/*
- **************************** Key Functions:  ************************
- */
-
-
-/*
- * generate a password based encryption key. This code uses
- * PKCS5 to do the work.
- */
-static CK_RV
-nsc_pbe_key_gen(NSSPKCS5PBEParameter *pkcs5_pbe, CK_MECHANISM_PTR pMechanism,
-			char *buf, CK_ULONG *key_length, PRBool faulty3DES)
-{
-    SECItem *pbe_key = NULL, iv, pwitem;
-    CK_PBE_PARAMS *pbe_params = NULL;
-
-    *key_length = 0;
-    iv.data = NULL; iv.len = 0;
-
-    pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
-
-    pwitem.data = (unsigned char *)pbe_params->pPassword;
-    pwitem.len = (unsigned int)pbe_params->ulPasswordLen;
-    pbe_key = nsspkcs5_ComputeKeyAndIV(pkcs5_pbe, &pwitem, &iv, faulty3DES);
-    if (pbe_key == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    PORT_Memcpy(buf, pbe_key->data, pbe_key->len);
-    *key_length = pbe_key->len;
-    SECITEM_ZfreeItem(pbe_key, PR_TRUE);
-    pbe_key = NULL;
-
-    if (iv.data && pbe_params->pInitVector != NULL) {
-	PORT_Memcpy(pbe_params->pInitVector, iv.data, iv.len);
-    }
-    return CKR_OK;
-}
-static CK_RV
-nsc_parameter_gen(CK_KEY_TYPE key_type, PK11Object *key)
-{
-    PK11Attribute *attribute;
-    CK_ULONG counter;
-    unsigned int seedBits = 0;
-    unsigned int primeBits;
-    CK_RV crv = CKR_OK;
-    PQGParams *params = NULL;
-    PQGVerify *vfy = NULL;
-    SECStatus rv;
-
-    attribute = pk11_FindAttribute(key, CKA_PRIME_BITS);
-    if (attribute == NULL) {
-	return CKR_TEMPLATE_INCOMPLETE;
-    }
-    primeBits = (unsigned int) *(CK_ULONG *)attribute->attrib.pValue;
-    pk11_FreeAttribute(attribute);
-
-    attribute = pk11_FindAttribute(key, CKA_NETSCAPE_PQG_SEED_BITS);
-    if (attribute != NULL) {
-	seedBits = (unsigned int) *(CK_ULONG *)attribute->attrib.pValue;
-	pk11_FreeAttribute(attribute);
-    }
-
-    pk11_DeleteAttributeType(key,CKA_PRIME_BITS);
-    pk11_DeleteAttributeType(key,CKA_NETSCAPE_PQG_SEED_BITS);
-
-    if (seedBits == 0) {
-	rv = PQG_ParamGen(primeBits, &params, &vfy);
-    } else {
-	rv = PQG_ParamGenSeedLen(primeBits,seedBits/8, &params, &vfy);
-    }
-
-    if (rv != SECSuccess) {
-	return CKR_DEVICE_ERROR;
-    }
-    crv = pk11_AddAttributeType(key,CKA_PRIME,
-				 params->prime.data, params->prime.len);
-    if (crv != CKR_OK) goto loser;
-    crv = pk11_AddAttributeType(key,CKA_SUBPRIME,
-				 params->subPrime.data, params->subPrime.len);
-    if (crv != CKR_OK) goto loser;
-    crv = pk11_AddAttributeType(key,CKA_BASE,
-				 params->base.data, params->base.len);
-    if (crv != CKR_OK) goto loser;
-    counter = vfy->counter;
-    crv = pk11_AddAttributeType(key,CKA_NETSCAPE_PQG_COUNTER,
-				 &counter, sizeof(counter));
-    crv = pk11_AddAttributeType(key,CKA_NETSCAPE_PQG_SEED,
-				 vfy->seed.data, vfy->seed.len);
-    if (crv != CKR_OK) goto loser;
-    crv = pk11_AddAttributeType(key,CKA_NETSCAPE_PQG_H,
-				 vfy->h.data, vfy->h.len);
-    if (crv != CKR_OK) goto loser;
-
-loser:
-    if (params) {
-	PQG_DestroyParams(params);
-    }
-    if (vfy) {
-	PQG_DestroyVerify(vfy);
-    }
-    return crv;
-}
-
-    
-
-    
-
-
-
-static CK_RV
-nsc_SetupBulkKeyGen(CK_MECHANISM_TYPE mechanism, CK_KEY_TYPE *key_type,
-							CK_ULONG *key_length)
-{
-    CK_RV crv = CKR_OK;
-
-    switch (mechanism) {
-    case CKM_RC2_KEY_GEN:
-	*key_type = CKK_RC2;
-	if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
-	break;
-#if NSS_SOFTOKEN_DOES_RC5
-    case CKM_RC5_KEY_GEN:
-	*key_type = CKK_RC5;
-	if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
-	break;
-#endif
-    case CKM_RC4_KEY_GEN:
-	*key_type = CKK_RC4;
-	if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
-	break;
-    case CKM_GENERIC_SECRET_KEY_GEN:
-	*key_type = CKK_GENERIC_SECRET;
-	if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
-	break;
-    case CKM_CDMF_KEY_GEN:
-	*key_type = CKK_CDMF;
-	*key_length = 8;
-	break;
-    case CKM_DES_KEY_GEN:
-	*key_type = CKK_DES;
-	*key_length = 8;
-	break;
-    case CKM_DES2_KEY_GEN:
-	*key_type = CKK_DES2;
-	*key_length = 16;
-	break;
-    case CKM_DES3_KEY_GEN:
-	*key_type = CKK_DES3;
-	*key_length = 24;
-	break;
-    case CKM_AES_KEY_GEN:
-	*key_type = CKK_AES;
-	if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
-	break;
-    default:
-	PORT_Assert(0);
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    return crv;
-}
-
-CK_RV
-nsc_SetupHMACKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe)
-{
-    SECItem  salt;
-    CK_PBE_PARAMS *pbe_params = NULL;
-    NSSPKCS5PBEParameter *params;
-    PRArenaPool *arena = NULL;
-    SECStatus rv;
-
-    *pbe = NULL;
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (arena == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    params = (NSSPKCS5PBEParameter *) PORT_ArenaZAlloc(arena,
-				sizeof(NSSPKCS5PBEParameter));
-    if (params == NULL) {
-	PORT_FreeArena(arena,PR_TRUE);
-	return CKR_HOST_MEMORY;
-    }
-
-    params->poolp = arena;
-    params->ivLen = 0;
-    params->pbeType = NSSPKCS5_PKCS12_V2;
-    params->hashType = HASH_AlgSHA1;
-    params->encAlg = SEC_OID_SHA1; /* any invalid value */
-    params->is2KeyDES = PR_FALSE;
-    params->keyID = pbeBitGenIntegrityKey;
-    pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
-    params->iter = pbe_params->ulIteration;
-
-    salt.data = (unsigned char *)pbe_params->pSalt;
-    salt.len = (unsigned int)pbe_params->ulSaltLen;
-    rv = SECITEM_CopyItem(arena,&params->salt,&salt);
-    if (rv != SECSuccess) {
-	PORT_FreeArena(arena,PR_TRUE);
-	return CKR_HOST_MEMORY;
-    }
-    switch (pMechanism->mechanism) {
-    case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
-    case CKM_PBA_SHA1_WITH_SHA1_HMAC:
-	params->hashType = HASH_AlgSHA1; 
-	params->keyLen = 20;
-	break;
-    case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
-	params->hashType = HASH_AlgMD5; 
-	params->keyLen = 16;
-	break;
-    case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
-	params->hashType = HASH_AlgMD2; 
-	params->keyLen = 16;
-	break;
-    default:
-	PORT_FreeArena(arena,PR_TRUE);
-	return CKR_MECHANISM_INVALID;
-    }
-    *pbe = params;
-    return CKR_OK;
-}
-/* maybe this should be table driven? */
-static CK_RV
-nsc_SetupPBEKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter  **pbe,
-							CK_KEY_TYPE *key_type)
-{
-    CK_RV crv = CKR_OK;
-    SECOidData *oid;
-    CK_PBE_PARAMS *pbe_params;
-    NSSPKCS5PBEParameter *params;
-    SECItem salt;
-
-    *pbe = NULL;
-
-    oid = SECOID_FindOIDByMechanism(pMechanism->mechanism);
-    if (oid == NULL) {
-	return CKR_MECHANISM_INVALID;
-    }
-
-    pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
-    salt.data = (unsigned char *)pbe_params->pSalt;
-    salt.len = (unsigned int)pbe_params->ulSaltLen;
-
-    params=nsspkcs5_NewParam(oid->offset, &salt, pbe_params->ulIteration);
-    if (params == NULL) {
-	return CKR_MECHANISM_INVALID;
-    }
-
-
-    switch (params->encAlg) {
-    case SEC_OID_DES_CBC:
-	*key_type = CKK_DES;
-	break;
-    case SEC_OID_DES_EDE3_CBC:
-	*key_type = params->is2KeyDES ? CKK_DES2 : CKK_DES3;
-	break;
-    case SEC_OID_RC2_CBC:
-	*key_type = CKK_RC2;
-	break;
-    case SEC_OID_RC4:
-	*key_type = CKK_RC4;
-	break;
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	nsspkcs5_DestroyPBEParameter(params);
-	break;
-    }
-    if (crv == CKR_OK) {
-    	*pbe = params;
-    }
-    return crv;
-}
-
-/* NSC_GenerateKey generates a secret key, creating a new key object. */
-CK_RV NSC_GenerateKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
-    						CK_OBJECT_HANDLE_PTR phKey)
-{
-    PK11Object *key;
-    PK11Session *session;
-    PRBool checkWeak = PR_FALSE;
-    CK_ULONG key_length = 0;
-    CK_KEY_TYPE key_type = CKK_INVALID_KEY_TYPE;
-    CK_OBJECT_CLASS objclass = CKO_SECRET_KEY;
-    CK_RV crv = CKR_OK;
-    CK_BBOOL cktrue = CK_TRUE;
-    int i;
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    char buf[MAX_KEY_LEN];
-    enum {nsc_pbe, nsc_ssl, nsc_bulk, nsc_param} key_gen_type;
-    NSSPKCS5PBEParameter *pbe_param;
-    SSL3RSAPreMasterSecret *rsa_pms;
-    CK_VERSION *version;
-    /* in very old versions of NSS, there were implementation errors with key 
-     * generation methods.  We want to beable to read these, but not 
-     * produce them any more.  The affected algorithm was 3DES.
-     */
-    PRBool faultyPBE3DES = PR_FALSE;
-
-
-    /*
-     * now lets create an object to hang the attributes off of
-     */
-    key = pk11_NewObject(slot); /* fill in the handle later */
-    if (key == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * load the template values into the object
-     */
-    for (i=0; i < (int) ulCount; i++) {
-	if (pTemplate[i].type == CKA_VALUE_LEN) {
-	    key_length = *(CK_ULONG *)pTemplate[i].pValue;
-	    continue;
-	}
-
-	crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) break;
-    }
-    if (crv != CKR_OK) {
-	pk11_FreeObject(key);
-	return crv;
-    }
-
-    /* make sure we don't have any class, key_type, or value fields */
-    pk11_DeleteAttributeType(key,CKA_CLASS);
-    pk11_DeleteAttributeType(key,CKA_KEY_TYPE);
-    pk11_DeleteAttributeType(key,CKA_VALUE);
-
-    /* Now Set up the parameters to generate the key (based on mechanism) */
-    key_gen_type = nsc_bulk; /* bulk key by default */
-    switch (pMechanism->mechanism) {
-    case CKM_CDMF_KEY_GEN:
-    case CKM_DES_KEY_GEN:
-    case CKM_DES2_KEY_GEN:
-    case CKM_DES3_KEY_GEN:
-	checkWeak = PR_TRUE;
-    case CKM_RC2_KEY_GEN:
-    case CKM_RC4_KEY_GEN:
-    case CKM_GENERIC_SECRET_KEY_GEN:
-    case CKM_AES_KEY_GEN:
-#if NSS_SOFTOKEN_DOES_RC5
-    case CKM_RC5_KEY_GEN:
-#endif
-	crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length);
-	break;
-    case CKM_SSL3_PRE_MASTER_KEY_GEN:
-	key_type = CKK_GENERIC_SECRET;
-	key_length = 48;
-	key_gen_type = nsc_ssl;
-	break;
-    case CKM_PBA_SHA1_WITH_SHA1_HMAC:
-    case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
-    case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
-    case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
-	key_gen_type = nsc_pbe;
-	key_type = CKK_GENERIC_SECRET;
-	crv = nsc_SetupHMACKeyGen(pMechanism, &pbe_param);
-	break;
-    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
-	faultyPBE3DES = PR_TRUE;
-    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
-    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
-    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
-    case CKM_PBE_SHA1_DES3_EDE_CBC:
-    case CKM_PBE_SHA1_DES2_EDE_CBC:
-    case CKM_PBE_SHA1_RC2_128_CBC:
-    case CKM_PBE_SHA1_RC2_40_CBC:
-    case CKM_PBE_SHA1_RC4_128:
-    case CKM_PBE_SHA1_RC4_40:
-    case CKM_PBE_MD5_DES_CBC:
-    case CKM_PBE_MD2_DES_CBC:
-	key_gen_type = nsc_pbe;
-	crv = nsc_SetupPBEKeyGen(pMechanism,&pbe_param, &key_type);
-	break;
-    case CKM_DSA_PARAMETER_GEN:
-	key_gen_type = nsc_param;
-	key_type = CKK_DSA;
-	objclass = CKO_KG_PARAMETERS;
-	crv = CKR_OK;
-	break;
-    default:
-	crv = CKR_MECHANISM_INVALID;
-	break;
-    }
-
-    /* make sure we aren't going to overflow the buffer */
-    if (sizeof(buf) < key_length) {
-	/* someone is getting pretty optimistic about how big their key can
-	 * be... */
-        crv = CKR_TEMPLATE_INCONSISTENT;
-    }
-
-    if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
-    /* if there was no error,
-     * key_type *MUST* be set in the switch statement above */
-    PORT_Assert( key_type != CKK_INVALID_KEY_TYPE );
-
-    /*
-     * now to the actual key gen.
-     */
-    switch (key_gen_type) {
-    case nsc_pbe:
-	crv = nsc_pbe_key_gen(pbe_param, pMechanism, buf, &key_length,
-			       faultyPBE3DES);
-	nsspkcs5_DestroyPBEParameter(pbe_param);
-	break;
-    case nsc_ssl:
-	rsa_pms = (SSL3RSAPreMasterSecret *)buf;
-	version = (CK_VERSION *)pMechanism->pParameter;
-	rsa_pms->client_version[0] = version->major;
-        rsa_pms->client_version[1] = version->minor;
-        crv = 
-	    NSC_GenerateRandom(0,&rsa_pms->random[0], sizeof(rsa_pms->random));
-	break;
-    case nsc_bulk:
-	/* get the key, check for weak keys and repeat if found */
-	do {
-            crv = NSC_GenerateRandom(0, (unsigned char *)buf, key_length);
-	} while (crv == CKR_OK && checkWeak && 
-			pk11_IsWeakKey((unsigned char *)buf,key_type));
-	break;
-    case nsc_param:
-	/* generate parameters */
-	*buf = 0;
-	crv = nsc_parameter_gen(key_type,key);
-	break;
-    }
-
-    if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
-    /* Add the class, key_type, and value */
-    crv = pk11_AddAttributeType(key,CKA_CLASS,&objclass,sizeof(CK_OBJECT_CLASS));
-    if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-    crv = pk11_AddAttributeType(key,CKA_KEY_TYPE,&key_type,sizeof(CK_KEY_TYPE));
-    if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-    if (key_length != 0) {
-	crv = pk11_AddAttributeType(key,CKA_VALUE,buf,key_length);
-	if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-    }
-
-    /* get the session */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	pk11_FreeObject(key);
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    /*
-     * handle the base object stuff
-     */
-    crv = pk11_handleObject(key,session);
-    pk11_FreeSession(session);
-    if (pk11_isTrue(key,CKA_SENSITIVE)) {
-	pk11_forceAttribute(key,CKA_ALWAYS_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
-    }
-    if (!pk11_isTrue(key,CKA_EXTRACTABLE)) {
-	pk11_forceAttribute(key,CKA_NEVER_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
-    }
-
-    *phKey = key->handle;
-    pk11_FreeObject(key);
-    return crv;
-}
-
-
-
-/* NSC_GenerateKeyPair generates a public-key/private-key pair, 
- * creating new key objects. */
-CK_RV NSC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-    CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-    CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
-    					CK_OBJECT_HANDLE_PTR phPrivateKey)
-{
-    PK11Object *	publicKey,*privateKey;
-    PK11Session *	session;
-    CK_KEY_TYPE 	key_type;
-    CK_RV 		crv 	= CKR_OK;
-    CK_BBOOL 		cktrue 	= CK_TRUE;
-    SECStatus 		rv;
-    CK_OBJECT_CLASS 	pubClass = CKO_PUBLIC_KEY;
-    CK_OBJECT_CLASS 	privClass = CKO_PRIVATE_KEY;
-    int 		i;
-    PK11Slot *		slot 	= pk11_SlotFromSessionHandle(hSession);
-
-    /* RSA */
-    int 		public_modulus_bits = 0;
-    SECItem 		pubExp;
-    RSAPrivateKey *	rsaPriv;
-
-    /* DSA */
-    PQGParams 		pqgParam;
-    DHParams  		dhParam;
-    DSAPrivateKey *	dsaPriv;
-
-    /* Diffie Hellman */
-    int 		private_value_bits = 0;
-    DHPrivateKey *	dhPriv;
-
-    /*
-     * now lets create an object to hang the attributes off of
-     */
-    publicKey = pk11_NewObject(slot); /* fill in the handle later */
-    if (publicKey == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * load the template values into the publicKey
-     */
-    for (i=0; i < (int) ulPublicKeyAttributeCount; i++) {
-	if (pPublicKeyTemplate[i].type == CKA_MODULUS_BITS) {
-	    public_modulus_bits = *(CK_ULONG *)pPublicKeyTemplate[i].pValue;
-	    continue;
-	}
-
-	crv = pk11_AddAttributeType(publicKey,
-				    pk11_attr_expand(&pPublicKeyTemplate[i]));
-	if (crv != CKR_OK) break;
-    }
-
-    if (crv != CKR_OK) {
-	pk11_FreeObject(publicKey);
-	return CKR_HOST_MEMORY;
-    }
-
-    privateKey = pk11_NewObject(slot); /* fill in the handle later */
-    if (privateKey == NULL) {
-	pk11_FreeObject(publicKey);
-	return CKR_HOST_MEMORY;
-    }
-    /*
-     * now load the private key template
-     */
-    for (i=0; i < (int) ulPrivateKeyAttributeCount; i++) {
-	if (pPrivateKeyTemplate[i].type == CKA_VALUE_BITS) {
-	    private_value_bits = *(CK_ULONG *)pPrivateKeyTemplate[i].pValue;
-	    continue;
-	}
-
-	crv = pk11_AddAttributeType(privateKey,
-				    pk11_attr_expand(&pPrivateKeyTemplate[i]));
-	if (crv != CKR_OK) break;
-    }
-
-    if (crv != CKR_OK) {
-	pk11_FreeObject(publicKey);
-	pk11_FreeObject(privateKey);
-	return CKR_HOST_MEMORY;
-    }
-    pk11_DeleteAttributeType(privateKey,CKA_CLASS);
-    pk11_DeleteAttributeType(privateKey,CKA_KEY_TYPE);
-    pk11_DeleteAttributeType(privateKey,CKA_VALUE);
-    pk11_DeleteAttributeType(publicKey,CKA_CLASS);
-    pk11_DeleteAttributeType(publicKey,CKA_KEY_TYPE);
-    pk11_DeleteAttributeType(publicKey,CKA_VALUE);
-
-    /* Now Set up the parameters to generate the key (based on mechanism) */
-    switch (pMechanism->mechanism) {
-    case CKM_RSA_PKCS_KEY_PAIR_GEN:
-	/* format the keys */
-    	pk11_DeleteAttributeType(publicKey,CKA_MODULUS);
-    	pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
-    	pk11_DeleteAttributeType(privateKey,CKA_MODULUS);
-    	pk11_DeleteAttributeType(privateKey,CKA_PRIVATE_EXPONENT);
-    	pk11_DeleteAttributeType(privateKey,CKA_PUBLIC_EXPONENT);
-    	pk11_DeleteAttributeType(privateKey,CKA_PRIME_1);
-    	pk11_DeleteAttributeType(privateKey,CKA_PRIME_2);
-    	pk11_DeleteAttributeType(privateKey,CKA_EXPONENT_1);
-    	pk11_DeleteAttributeType(privateKey,CKA_EXPONENT_2);
-    	pk11_DeleteAttributeType(privateKey,CKA_COEFFICIENT);
-	key_type = CKK_RSA;
-	if (public_modulus_bits == 0) {
-	    crv = CKR_TEMPLATE_INCOMPLETE;
-	    break;
-	}
-
-	/* extract the exponent */
-	crv=pk11_Attribute2SSecItem(NULL,&pubExp,publicKey,CKA_PUBLIC_EXPONENT);
-	if (crv != CKR_OK) break;
-        crv = pk11_AddAttributeType(privateKey,CKA_PUBLIC_EXPONENT,
-				    		    pk11_item_expand(&pubExp));
-	if (crv != CKR_OK) {
-	    PORT_Free(pubExp.data);
-	    break;
-	}
-
-	rsaPriv = RSA_NewKey(public_modulus_bits, &pubExp);
-	PORT_Free(pubExp.data);
-	if (rsaPriv == NULL) {
-	    crv = CKR_DEVICE_ERROR;
-	    break;
-	}
-        /* now fill in the RSA dependent paramenters in the public key */
-        crv = pk11_AddAttributeType(publicKey,CKA_MODULUS,
-			   pk11_item_expand(&rsaPriv->modulus));
-	if (crv != CKR_OK) goto kpg_done;
-        /* now fill in the RSA dependent paramenters in the private key */
-        crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
-			   pk11_item_expand(&rsaPriv->modulus));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_MODULUS,
-			   pk11_item_expand(&rsaPriv->modulus));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_PRIVATE_EXPONENT,
-			   pk11_item_expand(&rsaPriv->privateExponent));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_PRIME_1,
-			   pk11_item_expand(&rsaPriv->prime1));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_PRIME_2,
-			   pk11_item_expand(&rsaPriv->prime2));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_EXPONENT_1,
-			   pk11_item_expand(&rsaPriv->exponent1));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_EXPONENT_2,
-			   pk11_item_expand(&rsaPriv->exponent2));
-	if (crv != CKR_OK) goto kpg_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_COEFFICIENT,
-			   pk11_item_expand(&rsaPriv->coefficient));
-kpg_done:
-	/* Should zeroize the contents first, since this func doesn't. */
-	PORT_FreeArena(rsaPriv->arena, PR_TRUE);
-	break;
-    case CKM_DSA_KEY_PAIR_GEN:
-    	pk11_DeleteAttributeType(publicKey,CKA_VALUE);
-    	pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
-	pk11_DeleteAttributeType(privateKey,CKA_PRIME);
-	pk11_DeleteAttributeType(privateKey,CKA_SUBPRIME);
-	pk11_DeleteAttributeType(privateKey,CKA_BASE);
-	key_type = CKK_DSA;
-
-	/* extract the necessary paramters and copy them to the private key */
-	crv=pk11_Attribute2SSecItem(NULL,&pqgParam.prime,publicKey,CKA_PRIME);
-	if (crv != CKR_OK) break;
-	crv=pk11_Attribute2SSecItem(NULL,&pqgParam.subPrime,publicKey,
-	                            CKA_SUBPRIME);
-	if (crv != CKR_OK) {
-	    PORT_Free(pqgParam.prime.data);
-	    break;
-	}
-	crv=pk11_Attribute2SSecItem(NULL,&pqgParam.base,publicKey,CKA_BASE);
-	if (crv != CKR_OK) {
-	    PORT_Free(pqgParam.prime.data);
-	    PORT_Free(pqgParam.subPrime.data);
-	    break;
-	}
-        crv = pk11_AddAttributeType(privateKey,CKA_PRIME,
-				    pk11_item_expand(&pqgParam.prime));
-	if (crv != CKR_OK) {
-	    PORT_Free(pqgParam.prime.data);
-	    PORT_Free(pqgParam.subPrime.data);
-	    PORT_Free(pqgParam.base.data);
-	    break;
-	}
-        crv = pk11_AddAttributeType(privateKey,CKA_SUBPRIME,
-			    	    pk11_item_expand(&pqgParam.subPrime));
-	if (crv != CKR_OK) {
-	    PORT_Free(pqgParam.prime.data);
-	    PORT_Free(pqgParam.subPrime.data);
-	    PORT_Free(pqgParam.base.data);
-	    break;
-	}
-        crv = pk11_AddAttributeType(privateKey,CKA_BASE,
-			    	    pk11_item_expand(&pqgParam.base));
-	if (crv != CKR_OK) {
-	    PORT_Free(pqgParam.prime.data);
-	    PORT_Free(pqgParam.subPrime.data);
-	    PORT_Free(pqgParam.base.data);
-	    break;
-	}
-
-	/* Generate the key */
-	rv = DSA_NewKey(&pqgParam, &dsaPriv);
-
-	PORT_Free(pqgParam.prime.data);
-	PORT_Free(pqgParam.subPrime.data);
-	PORT_Free(pqgParam.base.data);
-
-	if (rv != SECSuccess) { crv = CKR_DEVICE_ERROR; break; }
-
-	/* store the generated key into the attributes */
-        crv = pk11_AddAttributeType(publicKey,CKA_VALUE,
-			   pk11_item_expand(&dsaPriv->publicValue));
-	if (crv != CKR_OK) goto dsagn_done;
-
-        /* now fill in the RSA dependent paramenters in the private key */
-        crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
-			   pk11_item_expand(&dsaPriv->publicValue));
-	if (crv != CKR_OK) goto dsagn_done;
-        crv = pk11_AddAttributeType(privateKey,CKA_VALUE,
-			   pk11_item_expand(&dsaPriv->privateValue));
-
-dsagn_done:
-	/* should zeroize, since this function doesn't. */
-	PORT_FreeArena(dsaPriv->params.arena, PR_TRUE);
-	break;
-
-    case CKM_DH_PKCS_KEY_PAIR_GEN:
-	pk11_DeleteAttributeType(privateKey,CKA_PRIME);
-	pk11_DeleteAttributeType(privateKey,CKA_BASE);
-	pk11_DeleteAttributeType(privateKey,CKA_VALUE);
-	key_type = CKK_DH;
-
-	/* extract the necessary parameters and copy them to private keys */
-        crv = pk11_Attribute2SSecItem(NULL, &dhParam.prime, publicKey, 
-				      CKA_PRIME);
-	if (crv != CKR_OK) break;
-	crv = pk11_Attribute2SSecItem(NULL, &dhParam.base, publicKey, CKA_BASE);
-	if (crv != CKR_OK) {
-	  PORT_Free(dhParam.prime.data);
-	  break;
-	}
-	crv = pk11_AddAttributeType(privateKey, CKA_PRIME, 
-				    pk11_item_expand(&dhParam.prime));
-	if (crv != CKR_OK) {
-	  PORT_Free(dhParam.prime.data);
-	  PORT_Free(dhParam.base.data);
-	  break;
-	}
-	crv = pk11_AddAttributeType(privateKey, CKA_BASE, 
-				    pk11_item_expand(&dhParam.base));
-	if (crv != CKR_OK) goto dhgn_done;
-
-	rv = DH_NewKey(&dhParam, &dhPriv);
-	PORT_Free(dhParam.prime.data);
-	PORT_Free(dhParam.base.data);
-	if (rv != SECSuccess) { 
-	  crv = CKR_DEVICE_ERROR;
-	  break;
-	}
-
-	crv=pk11_AddAttributeType(publicKey, CKA_VALUE, 
-				pk11_item_expand(&dhPriv->publicValue));
-	if (crv != CKR_OK) goto dhgn_done;
-
-	crv=pk11_AddAttributeType(privateKey, CKA_VALUE, 
-			      pk11_item_expand(&dhPriv->privateValue));
-
-dhgn_done:
-	/* should zeroize, since this function doesn't. */
-	PORT_FreeArena(dhPriv->arena, PR_TRUE);
-	break;
-
-    default:
-	crv = CKR_MECHANISM_INVALID;
-    }
-
-    if (crv != CKR_OK) {
-	pk11_FreeObject(privateKey);
-	pk11_FreeObject(publicKey);
-	return crv;
-    }
-
-
-    /* Add the class, key_type The loop lets us check errors blow out
-     *  on errors and clean up at the bottom */
-    session = NULL; /* make pedtantic happy... session cannot leave the*/
-		    /* loop below NULL unless an error is set... */
-    do {
-	crv = pk11_AddAttributeType(privateKey,CKA_CLASS,&privClass,
-						sizeof(CK_OBJECT_CLASS));
-        if (crv != CKR_OK) break;
-	crv = pk11_AddAttributeType(publicKey,CKA_CLASS,&pubClass,
-						sizeof(CK_OBJECT_CLASS));
-        if (crv != CKR_OK) break;
-	crv = pk11_AddAttributeType(privateKey,CKA_KEY_TYPE,&key_type,
-						sizeof(CK_KEY_TYPE));
-        if (crv != CKR_OK) break;
-	crv = pk11_AddAttributeType(publicKey,CKA_KEY_TYPE,&key_type,
-						sizeof(CK_KEY_TYPE));
-        if (crv != CKR_OK) break;
-        session = pk11_SessionFromHandle(hSession);
-        if (session == NULL) crv = CKR_SESSION_HANDLE_INVALID;
-    } while (0);
-
-    if (crv != CKR_OK) {
-	 pk11_FreeObject(privateKey);
-	 pk11_FreeObject(publicKey);
-	 return crv;
-    }
-
-    /*
-     * handle the base object cleanup for the public Key
-     */
-    crv = pk11_handleObject(privateKey,session);
-    if (crv != CKR_OK) {
-        pk11_FreeSession(session);
-	pk11_FreeObject(privateKey);
-	pk11_FreeObject(publicKey);
-	return crv;
-    }
-
-    /*
-     * handle the base object cleanup for the private Key
-     * If we have any problems, we destroy the public Key we've
-     * created and linked.
-     */
-    crv = pk11_handleObject(publicKey,session);
-    pk11_FreeSession(session);
-    if (crv != CKR_OK) {
-	pk11_FreeObject(publicKey);
-	NSC_DestroyObject(hSession,privateKey->handle);
-	pk11_FreeObject(privateKey);
-	return crv;
-    }
-    if (pk11_isTrue(privateKey,CKA_SENSITIVE)) {
-	pk11_forceAttribute(privateKey,CKA_ALWAYS_SENSITIVE,
-						&cktrue,sizeof(CK_BBOOL));
-    }
-    if (pk11_isTrue(publicKey,CKA_SENSITIVE)) {
-	pk11_forceAttribute(publicKey,CKA_ALWAYS_SENSITIVE,
-						&cktrue,sizeof(CK_BBOOL));
-    }
-    if (!pk11_isTrue(privateKey,CKA_EXTRACTABLE)) {
-	pk11_forceAttribute(privateKey,CKA_NEVER_EXTRACTABLE,
-						&cktrue,sizeof(CK_BBOOL));
-    }
-    if (!pk11_isTrue(publicKey,CKA_EXTRACTABLE)) {
-	pk11_forceAttribute(publicKey,CKA_NEVER_EXTRACTABLE,
-						&cktrue,sizeof(CK_BBOOL));
-    }
-    *phPrivateKey = privateKey->handle;
-    *phPublicKey = publicKey->handle;
-    pk11_FreeObject(publicKey);
-    pk11_FreeObject(privateKey);
-
-    return CKR_OK;
-}
-
-static SECItem *pk11_PackagePrivateKey(PK11Object *key)
-{
-    NSSLOWKEYPrivateKey *lk = NULL;
-    NSSLOWKEYPrivateKeyInfo *pki = NULL;
-    PK11Attribute *attribute = NULL;
-    PLArenaPool *arena = NULL;
-    SECOidTag algorithm = SEC_OID_UNKNOWN;
-    void *dummy, *param = NULL;
-    SECStatus rv = SECSuccess;
-    SECItem *encodedKey = NULL;
-
-    if(!key) {
-	return NULL;
-    }
-
-    attribute = pk11_FindAttribute(key, CKA_KEY_TYPE);
-    if(!attribute) {
-	return NULL;
-    }
-
-    lk = pk11_GetPrivKey(key, *(CK_KEY_TYPE *)attribute->attrib.pValue);
-    pk11_FreeAttribute(attribute);
-    if(!lk) {
-	return NULL;
-    }
-
-    arena = PORT_NewArena(2048); 	/* XXX different size? */
-    if(!arena) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    pki = (NSSLOWKEYPrivateKeyInfo*)PORT_ArenaZAlloc(arena, 
-					sizeof(NSSLOWKEYPrivateKeyInfo));
-    if(!pki) {
-	rv = SECFailure;
-	goto loser;
-    }
-    pki->arena = arena;
-
-    param = NULL;
-    switch(lk->keyType) {
-	case NSSLOWKEYRSAKey:
-	    prepare_low_rsa_priv_key_for_asn1(lk);
-	    dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
-				       nsslowkey_RSAPrivateKeyTemplate);
-	    algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
-	    break;
-	case NSSLOWKEYDSAKey:
-            prepare_low_dsa_priv_key_export_for_asn1(lk);
-	    dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
-				       nsslowkey_DSAPrivateKeyExportTemplate);
-	    prepare_low_pqg_params_for_asn1(&lk->u.dsa.params);
-	    param = SEC_ASN1EncodeItem(NULL, NULL, &(lk->u.dsa.params),
-				       nsslowkey_PQGParamsTemplate);
-	    algorithm = SEC_OID_ANSIX9_DSA_SIGNATURE;
-	    break;
-	case NSSLOWKEYDHKey:
-	default:
-	    dummy = NULL;
-	    break;
-    }
- 
-    if(!dummy || ((lk->keyType == NSSLOWKEYDSAKey) && !param)) {
-	goto loser;
-    }
-
-    rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm, 
-			       (SECItem*)param);
-    if(rv != SECSuccess) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
-				  NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
-    if(!dummy) {
-	rv = SECFailure;
-	goto loser;
-    }
-
-    encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki, 
-				    nsslowkey_PrivateKeyInfoTemplate);
-
-loser:
-    if(arena) {
-	PORT_FreeArena(arena, PR_TRUE);
-    }
-
-    if(lk && (lk != key->objectInfo)) {
-	nsslowkey_DestroyPrivateKey(lk);
-    }
- 
-    if(param) {
-	SECITEM_ZfreeItem((SECItem*)param, PR_TRUE);
-    }
-
-    if(rv != SECSuccess) {
-	return NULL;
-    }
-
-    return encodedKey;
-}
-    
-/* it doesn't matter yet, since we colapse error conditions in the
- * level above, but we really should map those few key error differences */
-CK_RV pk11_mapWrap(CK_RV crv) { return crv; }
-
-/* NSC_WrapKey wraps (i.e., encrypts) a key. */
-CK_RV NSC_WrapKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
-    CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
-					 CK_ULONG_PTR pulWrappedKeyLen)
-{
-    PK11Session *session;
-    PK11Attribute *attribute;
-    PK11Object *key;
-    CK_RV crv;
-    PRBool isLynks = PR_FALSE;
-    CK_ULONG len = 0;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-    	return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    key = pk11_ObjectFromHandle(hKey,session);
-    pk11_FreeSession(session);
-    if (key == NULL) {
-	return CKR_KEY_HANDLE_INVALID;
-    }
-
-    switch(key->objclass) {
-	case CKO_SECRET_KEY:
-	    attribute = pk11_FindAttribute(key,CKA_VALUE);
-
-	    if (attribute == NULL) {
-		crv = CKR_KEY_TYPE_INCONSISTENT;
-		break;
-	    }
-	    if (pMechanism->mechanism == CKM_KEY_WRAP_LYNKS) {
-		isLynks = PR_TRUE;
-		pMechanism->mechanism = CKM_DES_ECB;
-		len = *pulWrappedKeyLen;
-	    }
-     
-	    crv = pk11_CryptInit(hSession, pMechanism, hWrappingKey, 
-					CKA_WRAP, PK11_ENCRYPT, PR_TRUE);
-	    if (crv != CKR_OK) {
-		pk11_FreeAttribute(attribute);
-		break;
-	    }
-	    crv = NSC_Encrypt(hSession, (CK_BYTE_PTR)attribute->attrib.pValue, 
-		    attribute->attrib.ulValueLen,pWrappedKey,pulWrappedKeyLen);
-
-	    if (isLynks && (crv == CKR_OK)) {
-		unsigned char buf[2];
-		crv = pk11_calcLynxChecksum(hSession,hWrappingKey,buf,
-			(unsigned char*)attribute->attrib.pValue,
-			attribute->attrib.ulValueLen);
-		if (len >= 10) {
-		    pWrappedKey[8] = buf[0];
-		    pWrappedKey[9] = buf[1];
-		    *pulWrappedKeyLen = 10;
-		}
-	    }
-	    pk11_FreeAttribute(attribute);
-	    break;
-
-	case CKO_PRIVATE_KEY:
-	    {
-		SECItem *bpki = pk11_PackagePrivateKey(key);
-
-		if(!bpki) {
-		    crv = CKR_KEY_TYPE_INCONSISTENT;
-		    break;
-		}
-
-		crv = pk11_CryptInit(hSession, pMechanism, hWrappingKey,
-					CKA_WRAP, PK11_ENCRYPT, PR_TRUE);
-		if(crv != CKR_OK) {
-		    SECITEM_ZfreeItem(bpki, PR_TRUE);
-		    crv = CKR_KEY_TYPE_INCONSISTENT;
-		    break;
-		}
-
-		crv = NSC_Encrypt(hSession, bpki->data, bpki->len,
-					pWrappedKey, pulWrappedKeyLen);
-		SECITEM_ZfreeItem(bpki, PR_TRUE);
-		break;
-	    }
-
-	default:
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-    }
-    pk11_FreeObject(key);
-
-    return pk11_mapWrap(crv);
-}
-
-/*
- * import a pprivate key info into the desired slot
- */
-static SECStatus
-pk11_unwrapPrivateKey(PK11Object *key, SECItem *bpki)
-{
-    CK_BBOOL cktrue = CK_TRUE; 
-    CK_KEY_TYPE keyType = CKK_RSA;
-    SECStatus rv = SECFailure;
-    const SEC_ASN1Template *keyTemplate, *paramTemplate;
-    void *paramDest = NULL;
-    PLArenaPool *arena;
-    NSSLOWKEYPrivateKey *lpk = NULL;
-    NSSLOWKEYPrivateKeyInfo *pki = NULL;
-    SECItem *ck_id = NULL;
-    CK_RV crv = CKR_KEY_TYPE_INCONSISTENT;
-
-    arena = PORT_NewArena(2048);
-    if(!arena) {
-	return SECFailure;
-    }
-
-    pki = (NSSLOWKEYPrivateKeyInfo*)PORT_ArenaZAlloc(arena, 
-					sizeof(NSSLOWKEYPrivateKeyInfo));
-    if(!pki) {
-	PORT_FreeArena(arena, PR_TRUE);
-	return SECFailure;
-    }
-
-    if(SEC_ASN1DecodeItem(arena, pki, nsslowkey_PrivateKeyInfoTemplate, bpki) 
-				!= SECSuccess) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return SECFailure;
-    }
-
-    lpk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(arena,
-						  sizeof(NSSLOWKEYPrivateKey));
-    if(lpk == NULL) {
-	goto loser;
-    }
-    lpk->arena = arena;
-
-    switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
-	case SEC_OID_PKCS1_RSA_ENCRYPTION:
-	    keyTemplate = nsslowkey_RSAPrivateKeyTemplate;
-	    paramTemplate = NULL;
-	    paramDest = NULL;
-	    lpk->keyType = NSSLOWKEYRSAKey;
-	    prepare_low_rsa_priv_key_for_asn1(lpk);
-	    break;
-	case SEC_OID_ANSIX9_DSA_SIGNATURE:
-	    keyTemplate = nsslowkey_DSAPrivateKeyExportTemplate;
-	    paramTemplate = nsslowkey_PQGParamsTemplate;
-	    paramDest = &(lpk->u.dsa.params);
-	    lpk->keyType = NSSLOWKEYDSAKey;
-	    prepare_low_dsa_priv_key_export_for_asn1(lpk);
-	    prepare_low_pqg_params_for_asn1(&lpk->u.dsa.params);
-	    break;
-	/* case NSSLOWKEYDHKey: */
-	default:
-	    keyTemplate = NULL;
-	    paramTemplate = NULL;
-	    paramDest = NULL;
-	    break;
-    }
-
-    if(!keyTemplate) {
-	goto loser;
-    }
-
-    /* decode the private key and any algorithm parameters */
-    rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
-    if(rv != SECSuccess) {
-	goto loser;
-    }
-    if(paramDest && paramTemplate) {
-	rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate, 
-				 &(pki->algorithm.parameters));
-	if(rv != SECSuccess) {
-	    goto loser;
-	}
-    }
-
-    rv = SECFailure;
-
-    switch (lpk->keyType) {
-        case NSSLOWKEYRSAKey:
-	    keyType = CKK_RSA;
-	    if(pk11_hasAttribute(key, CKA_NETSCAPE_DB)) {
-		pk11_DeleteAttributeType(key, CKA_NETSCAPE_DB);
-	    }
-	    crv = pk11_AddAttributeType(key, CKA_KEY_TYPE, &keyType, 
-					sizeof(keyType));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_UNWRAP, &cktrue, 
-					sizeof(CK_BBOOL));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_DECRYPT, &cktrue, 
-					sizeof(CK_BBOOL));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_SIGN, &cktrue, 
-					sizeof(CK_BBOOL));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue, 
-				    sizeof(CK_BBOOL));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_MODULUS, 
-				pk11_item_expand(&lpk->u.rsa.modulus));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_PUBLIC_EXPONENT, 
-	     			pk11_item_expand(&lpk->u.rsa.publicExponent));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_PRIVATE_EXPONENT, 
-	     			pk11_item_expand(&lpk->u.rsa.privateExponent));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_PRIME_1, 
-				pk11_item_expand(&lpk->u.rsa.prime1));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_PRIME_2, 
-	     			pk11_item_expand(&lpk->u.rsa.prime2));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_EXPONENT_1, 
-	     			pk11_item_expand(&lpk->u.rsa.exponent1));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_EXPONENT_2, 
-	     			pk11_item_expand(&lpk->u.rsa.exponent2));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_COEFFICIENT, 
-	     			pk11_item_expand(&lpk->u.rsa.coefficient));
-	    break;
-        case NSSLOWKEYDSAKey:
-	    keyType = CKK_DSA;
-	    crv = (pk11_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK :
-						CKR_KEY_TYPE_INCONSISTENT;
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_KEY_TYPE, &keyType, 
-						sizeof(keyType));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_SIGN, &cktrue, 
-						sizeof(CK_BBOOL));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue, 
-						sizeof(CK_BBOOL)); 
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_PRIME,    
-				    pk11_item_expand(&lpk->u.dsa.params.prime));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_SUBPRIME,
-				 pk11_item_expand(&lpk->u.dsa.params.subPrime));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_BASE,  
-				    pk11_item_expand(&lpk->u.dsa.params.base));
-	    if(crv != CKR_OK) break;
-	    crv = pk11_AddAttributeType(key, CKA_VALUE, 
-			pk11_item_expand(&lpk->u.dsa.privateValue));
-	    if(crv != CKR_OK) break;
-	    break;
-#ifdef notdef
-        case NSSLOWKEYDHKey:
-	    template = dhTemplate;
-	    templateCount = sizeof(dhTemplate)/sizeof(CK_ATTRIBUTE);
-	    keyType = CKK_DH;
-	    break;
-#endif
-	/* what about fortezza??? */
-	default:
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-    }
-
-loser:
-    if(ck_id) {
-	SECITEM_ZfreeItem(ck_id, PR_TRUE);
-    }
-
-    if(lpk) {
-	nsslowkey_DestroyPrivateKey(lpk);
-    }
-
-    if(crv != CKR_OK) {
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-
-/* NSC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
-CK_RV NSC_UnwrapKey(CK_SESSION_HANDLE hSession,
-    CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
-    CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
-    CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
-						 CK_OBJECT_HANDLE_PTR phKey)
-{
-    PK11Object *key = NULL;
-    PK11Session *session;
-    int key_length = 0;
-    unsigned char * buf = NULL;
-    CK_RV crv = CKR_OK;
-    int i;
-    CK_ULONG bsize = ulWrappedKeyLen;
-    PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
-    SECItem bpki;
-    CK_OBJECT_CLASS target_type = CKO_SECRET_KEY;
-    PRBool isLynks = PR_FALSE;
-
-    /*
-     * now lets create an object to hang the attributes off of
-     */
-    key = pk11_NewObject(slot); /* fill in the handle later */
-    if (key == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * load the template values into the object
-     */
-    for (i=0; i < (int) ulAttributeCount; i++) {
-	if (pTemplate[i].type == CKA_VALUE_LEN) {
-	    key_length = *(CK_ULONG *)pTemplate[i].pValue;
-	    continue;
-	}
-        if (pTemplate[i].type == CKA_CLASS) {
-	    target_type = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
-	}
-	crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) break;
-    }
-    if (crv != CKR_OK) {
-	pk11_FreeObject(key);
-	return crv;
-    }
-
-    /* LYNKS is a special key wrapping mechanism */
-    if (pMechanism->mechanism == CKM_KEY_WRAP_LYNKS) {
-	isLynks = PR_TRUE;
-	pMechanism->mechanism = CKM_DES_ECB;
-	ulWrappedKeyLen -= 2; /* don't decrypt the checksum */
-    }
-
-    crv = pk11_CryptInit(hSession,pMechanism,hUnwrappingKey,CKA_UNWRAP,
-							PK11_DECRYPT, PR_FALSE);
-    if (crv != CKR_OK) {
-	pk11_FreeObject(key);
-	return pk11_mapWrap(crv);
-    }
-
-    /* allocate the buffer to decrypt into 
-     * this assumes the unwrapped key is never larger than the
-     * wrapped key. For all the mechanisms we support this is true */
-    buf = (unsigned char *)PORT_Alloc( ulWrappedKeyLen);
-    bsize = ulWrappedKeyLen;
-
-    crv = NSC_Decrypt(hSession, pWrappedKey, ulWrappedKeyLen, buf, &bsize);
-    if (crv != CKR_OK) {
-	pk11_FreeObject(key);
-	PORT_Free(buf);
-	return pk11_mapWrap(crv);
-    }
-
-    switch(target_type) {
-	case CKO_SECRET_KEY:
-	    if (!pk11_hasAttribute(key,CKA_KEY_TYPE)) {
-		crv = CKR_TEMPLATE_INCOMPLETE;
-		break;
-	    }
-
-	    /* verify the Lynx checksum */
-	    if (isLynks) {
-		unsigned char checkSum[2];
-		crv = pk11_calcLynxChecksum(hSession,hUnwrappingKey,checkSum,
-								buf,bsize);
-		if (crv != CKR_OK) break;
-		if ((ulWrappedKeyLen != 8) || (pWrappedKey[8] != checkSum[0]) 
-			|| (pWrappedKey[9] != checkSum[1])) {
-		    crv = CKR_WRAPPED_KEY_INVALID;
-		    break;
-		}
-	    }
-
-	    if(key_length == 0) {
-		key_length = bsize;
-	    }
-	    if (key_length > MAX_KEY_LEN) {
-		crv = CKR_TEMPLATE_INCONSISTENT;
-		break;
-	    }
-    
-	    /* add the value */
-	    crv = pk11_AddAttributeType(key,CKA_VALUE,buf,key_length);
-	    break;
-	case CKO_PRIVATE_KEY:
-	    bpki.data = (unsigned char *)buf;
-	    bpki.len = bsize;
-	    crv = CKR_OK;
-	    if(pk11_unwrapPrivateKey(key, &bpki) != SECSuccess) {
-		crv = CKR_TEMPLATE_INCOMPLETE;
-	    }
-	    break;
-	default:
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-    }
-
-    PORT_ZFree(buf, bsize);
-    if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
-    /* get the session */
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	pk11_FreeObject(key);
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    /*
-     * handle the base object stuff
-     */
-    crv = pk11_handleObject(key,session);
-    *phKey = key->handle;
-    pk11_FreeSession(session);
-    pk11_FreeObject(key);
-
-    return crv;
-
-}
-
-/*
- * The SSL key gen mechanism create's lots of keys. This function handles the
- * details of each of these key creation.
- */
-static CK_RV
-pk11_buildSSLKey(CK_SESSION_HANDLE hSession, PK11Object *baseKey, 
-    PRBool isMacKey, unsigned char *keyBlock, unsigned int keySize,
-						 CK_OBJECT_HANDLE *keyHandle)
-{
-    PK11Object *key;
-    PK11Session *session;
-    CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
-    CK_BBOOL cktrue = CK_TRUE;
-    CK_BBOOL ckfalse = CK_FALSE;
-    CK_RV crv = CKR_HOST_MEMORY;
-
-    /*
-     * now lets create an object to hang the attributes off of
-     */
-    *keyHandle = CK_INVALID_HANDLE;
-    key = pk11_NewObject(baseKey->slot); 
-    if (key == NULL) return CKR_HOST_MEMORY;
-    pk11_narrowToSessionObject(key)->wasDerived = PR_TRUE;
-
-    crv = pk11_CopyObject(key,baseKey);
-    if (crv != CKR_OK) goto loser;
-    if (isMacKey) {
-	crv = pk11_forceAttribute(key,CKA_KEY_TYPE,&keyType,sizeof(keyType));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_ENCRYPT,&ckfalse,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_DECRYPT,&ckfalse,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_SIGN,&cktrue,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_VERIFY,&cktrue,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_WRAP,&ckfalse,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-	crv = pk11_forceAttribute(key,CKA_UNWRAP,&ckfalse,sizeof(CK_BBOOL));
-	if (crv != CKR_OK) goto loser;
-    }
-    crv = pk11_forceAttribute(key,CKA_VALUE,keyBlock,keySize);
-    if (crv != CKR_OK) goto loser;
-
-    /* get the session */
-    crv = CKR_HOST_MEMORY;
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) { goto loser; }
-
-    crv = pk11_handleObject(key,session);
-    pk11_FreeSession(session);
-    *keyHandle = key->handle;
-loser:
-    if (key) pk11_FreeObject(key);
-    return crv;
-}
-
-/*
- * if there is an error, we need to free the keys we already created in SSL
- * This is the routine that will do it..
- */
-static void
-pk11_freeSSLKeys(CK_SESSION_HANDLE session,
-				CK_SSL3_KEY_MAT_OUT *returnedMaterial ) {
-	if (returnedMaterial->hClientMacSecret != CK_INVALID_HANDLE) {
-	   NSC_DestroyObject(session,returnedMaterial->hClientMacSecret);
-	}
-	if (returnedMaterial->hServerMacSecret != CK_INVALID_HANDLE) {
-	   NSC_DestroyObject(session, returnedMaterial->hServerMacSecret);
-	}
-	if (returnedMaterial->hClientKey != CK_INVALID_HANDLE) {
-	   NSC_DestroyObject(session, returnedMaterial->hClientKey);
-	}
-	if (returnedMaterial->hServerKey != CK_INVALID_HANDLE) {
-	   NSC_DestroyObject(session, returnedMaterial->hServerKey);
-	}
-}
-
-/*
- * when deriving from sensitive and extractable keys, we need to preserve some
- * of the semantics in the derived key. This helper routine maintains these
- * semantics.
- */
-static CK_RV
-pk11_DeriveSensitiveCheck(PK11Object *baseKey,PK11Object *destKey) {
-    PRBool hasSensitive;
-    PRBool sensitive = PR_FALSE;
-    PRBool hasExtractable;
-    PRBool extractable = PR_TRUE;
-    CK_RV crv = CKR_OK;
-    PK11Attribute *att;
-
-    hasSensitive = PR_FALSE;
-    att = pk11_FindAttribute(destKey,CKA_SENSITIVE);
-    if (att) {
-        hasSensitive = PR_TRUE;
-	sensitive = (PRBool) *(CK_BBOOL *)att->attrib.pValue;
-	pk11_FreeAttribute(att);
-    }
-
-    hasExtractable = PR_FALSE;
-    att = pk11_FindAttribute(destKey,CKA_EXTRACTABLE);
-    if (att) {
-        hasExtractable = PR_TRUE;
-	extractable = (PRBool) *(CK_BBOOL *)att->attrib.pValue;
-	pk11_FreeAttribute(att);
-    }
-
-
-    /* don't make a key more accessible */
-    if (pk11_isTrue(baseKey,CKA_SENSITIVE) && hasSensitive && 
-						(sensitive == PR_FALSE)) {
-	return CKR_KEY_FUNCTION_NOT_PERMITTED;
-    }
-    if (!pk11_isTrue(baseKey,CKA_EXTRACTABLE) && hasExtractable && 
-						(extractable == PR_TRUE)) {
-	return CKR_KEY_FUNCTION_NOT_PERMITTED;
-    }
-
-    /* inherit parent's sensitivity */
-    if (!hasSensitive) {
-        att = pk11_FindAttribute(baseKey,CKA_SENSITIVE);
-	if (att == NULL) return CKR_KEY_TYPE_INCONSISTENT;
-	crv = pk11_defaultAttribute(destKey,pk11_attr_expand(&att->attrib));
-	pk11_FreeAttribute(att);
-	if (crv != CKR_OK) return crv;
-    }
-    if (!hasExtractable) {
-        att = pk11_FindAttribute(baseKey,CKA_EXTRACTABLE);
-	if (att == NULL) return CKR_KEY_TYPE_INCONSISTENT;
-	crv = pk11_defaultAttribute(destKey,pk11_attr_expand(&att->attrib));
-	pk11_FreeAttribute(att);
-	if (crv != CKR_OK) return crv;
-    }
-
-    /* we should inherit the parent's always extractable/ never sensitive info,
-     * but handleObject always forces this attributes, so we would need to do
-     * something special. */
-    return CKR_OK;
-}
-
-/*
- * make known fixed PKCS #11 key types to their sizes in bytes
- */	
-static unsigned long
-pk11_MapKeySize(CK_KEY_TYPE keyType) {
-    switch (keyType) {
-    case CKK_CDMF:
-	return 8;
-    case CKK_DES:
-	return 8;
-    case CKK_DES2:
-	return 16;
-    case CKK_DES3:
-	return 24;
-    /* IDEA and CAST need to be added */
-    default:
-	break;
-    }
-    return 0;
-}
-
-#define PHASH_STATE_MAX_LEN 20
-
-/* TLS P_hash function */
-static SECStatus
-pk11_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label, 
-	SECItem *seed, SECItem *result)
-{
-    unsigned char state[PHASH_STATE_MAX_LEN];
-    unsigned char outbuf[PHASH_STATE_MAX_LEN];
-    unsigned int state_len = 0, label_len = 0, outbuf_len = 0, chunk_size;
-    unsigned int remaining;
-    unsigned char *res;
-    SECStatus status;
-    HMACContext *cx;
-    SECStatus rv = SECFailure;
-    const SECHashObject *hashObj = &SECRawHashObjects[hashType];
-
-    PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
-    PORT_Assert((seed != NULL) && (seed->data != NULL));
-    PORT_Assert((result != NULL) && (result->data != NULL));
-
-    remaining = result->len;
-    res = result->data;
-
-    if (label != NULL)
-	label_len = PORT_Strlen(label);
-
-    cx = HMAC_Create(hashObj, secret->data, secret->len);
-    if (cx == NULL)
-	goto loser;
-
-    /* initialize the state = A(1) = HMAC_hash(secret, seed) */
-    HMAC_Begin(cx);
-    HMAC_Update(cx, (unsigned char *)label, label_len);
-    HMAC_Update(cx, seed->data, seed->len);
-    status = HMAC_Finish(cx, state, &state_len, PHASH_STATE_MAX_LEN);
-    if (status != SECSuccess)
-	goto loser;
-
-    /* generate a block at a time until we're done */
-    while (remaining > 0) {
-
-	HMAC_Begin(cx);
-	HMAC_Update(cx, state, state_len);
-	if (label_len)
-	    HMAC_Update(cx, (unsigned char *)label, label_len);
-	HMAC_Update(cx, seed->data, seed->len);
-	status = HMAC_Finish(cx, outbuf, &outbuf_len, PHASH_STATE_MAX_LEN);
-	if (status != SECSuccess)
-	    goto loser;
-
-        /* Update the state = A(i) = HMAC_hash(secret, A(i-1)) */
-	HMAC_Begin(cx); 
-	HMAC_Update(cx, state, state_len); 
-	status = HMAC_Finish(cx, state, &state_len, PHASH_STATE_MAX_LEN);
-	if (status != SECSuccess)
-	    goto loser;
-
-	chunk_size = PR_MIN(outbuf_len, remaining);
-	PORT_Memcpy(res, &outbuf, chunk_size);
-	res += chunk_size;
-	remaining -= chunk_size;
-    }
-
-    rv = SECSuccess;
-
-loser:
-    /* if (cx) HMAC_Destroy(cx); */
-    /* clear out state so it's not left on the stack */
-    if (cx) HMAC_Destroy(cx);
-    PORT_Memset(state, 0, sizeof(state));
-    PORT_Memset(outbuf, 0, sizeof(outbuf));
-    return rv;
-}
-
-static SECStatus
-pk11_PRF(const SECItem *secret, const char *label, SECItem *seed, 
-         SECItem *result)
-{
-    SECStatus rv = SECFailure, status;
-    unsigned int i;
-    SECItem tmp = { siBuffer, NULL, 0};
-    SECItem S1;
-    SECItem S2;
-
-    PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
-    PORT_Assert((seed != NULL) && (seed->data != NULL));
-    PORT_Assert((result != NULL) && (result->data != NULL));
-
-    S1.type = siBuffer;
-    S1.len  = (secret->len / 2) + (secret->len & 1);
-    S1.data = secret->data;
-
-    S2.type = siBuffer;
-    S2.len  = S1.len;
-    S2.data = secret->data + (secret->len - S2.len);
-
-    tmp.data = (unsigned char*)PORT_Alloc(result->len);
-    if (tmp.data == NULL)
-	goto loser;
-    tmp.len = result->len;
-
-    status = pk11_P_hash(HASH_AlgMD5, &S1, label, seed, result);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = pk11_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp);
-    if (status != SECSuccess)
-	goto loser;
-
-    for (i = 0; i < result->len; i++)
-	result->data[i] ^= tmp.data[i];
-
-    rv = SECSuccess;
-
-loser:
-    if (tmp.data != NULL)
-	PORT_ZFree(tmp.data, tmp.len);
-    return rv;
-}
-
-/*
- * SSL Key generation given pre master secret
- */
-#define NUM_MIXERS 9
-static const char * const mixers[NUM_MIXERS] = { 
-    "A", 
-    "BB", 
-    "CCC", 
-    "DDDD", 
-    "EEEEE", 
-    "FFFFFF", 
-    "GGGGGGG",
-    "HHHHHHHH",
-    "IIIIIIIII" };
-#define SSL3_PMS_LENGTH 48
-#define SSL3_MASTER_SECRET_LENGTH 48
-
-
-/* NSC_DeriveKey derives a key from a base key, creating a new key object. */
-CK_RV NSC_DeriveKey( CK_SESSION_HANDLE hSession,
-	 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
-	 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, 
-						CK_OBJECT_HANDLE_PTR phKey)
-{
-    PK11Session *   session;
-    PK11Slot    *   slot	= pk11_SlotFromSessionHandle(hSession);
-    PK11Object  *   key;
-    PK11Object  *   sourceKey;
-    PK11Attribute * att;
-    PK11Attribute * att2;
-    unsigned char * buf;
-    SHA1Context *   sha;
-    MD5Context *    md5;
-    MD2Context *    md2;
-    CK_ULONG        macSize;
-    CK_ULONG        tmpKeySize;
-    CK_ULONG        IVSize;
-    CK_ULONG        keySize	= 0;
-    CK_RV           crv 	= CKR_OK;
-    CK_BBOOL        cktrue	= CK_TRUE;
-    CK_KEY_TYPE     keyType	= CKK_GENERIC_SECRET;
-    CK_OBJECT_CLASS classType	= CKO_SECRET_KEY;
-    CK_KEY_DERIVATION_STRING_DATA *stringPtr;
-    PRBool          isTLS = PR_FALSE;
-    PRBool          isDH = PR_FALSE;
-    SECStatus       rv;
-    int             i;
-    unsigned int    outLen;
-    unsigned char   sha_out[SHA1_LENGTH];
-    unsigned char   key_block[NUM_MIXERS * MD5_LENGTH];
-    unsigned char   key_block2[MD5_LENGTH];
-
-    /*
-     * now lets create an object to hang the attributes off of
-     */
-    if (phKey) *phKey = CK_INVALID_HANDLE;
-
-    key = pk11_NewObject(slot); /* fill in the handle later */
-    if (key == NULL) {
-	return CKR_HOST_MEMORY;
-    }
-
-    /*
-     * load the template values into the object
-     */
-    for (i=0; i < (int) ulAttributeCount; i++) {
-	crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
-	if (crv != CKR_OK) break;
-
-	if (pTemplate[i].type == CKA_KEY_TYPE) {
-	    keyType = *(CK_KEY_TYPE *)pTemplate[i].pValue;
-	}
-	if (pTemplate[i].type == CKA_VALUE_LEN) {
-	    keySize = *(CK_ULONG *)pTemplate[i].pValue;
-	}
-    }
-    if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
-    if (keySize == 0) {
-	keySize = pk11_MapKeySize(keyType);
-    }
-
-    /* Derive can only create SECRET KEY's currently... */
-    classType = CKO_SECRET_KEY;
-    crv = pk11_forceAttribute (key,CKA_CLASS,&classType,sizeof(classType));
-    if (crv != CKR_OK) {
-	pk11_FreeObject(key);
-	return crv;
-    }
-
-    /* look up the base key we're deriving with */ 
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) {
-	pk11_FreeObject(key);
-        return CKR_SESSION_HANDLE_INVALID;
-    }
-
-    sourceKey = pk11_ObjectFromHandle(hBaseKey,session);
-    pk11_FreeSession(session);
-    if (sourceKey == NULL) {
-	pk11_FreeObject(key);
-        return CKR_KEY_HANDLE_INVALID;
-    }
-
-    /* don't use key derive to expose sensitive keys */
-    crv = pk11_DeriveSensitiveCheck(sourceKey,key);
-    if (crv != CKR_OK) {
-	pk11_FreeObject(key);
-	pk11_FreeObject(sourceKey);
-        return crv;
-    }
-
-    /* get the value of the base key */
-    att = pk11_FindAttribute(sourceKey,CKA_VALUE);
-    if (att == NULL) {
-	pk11_FreeObject(key);
-	pk11_FreeObject(sourceKey);
-        return CKR_KEY_HANDLE_INVALID;
-    }
-
-    switch (pMechanism->mechanism) {
-    /*
-     * generate the master secret 
-     */
-    case CKM_TLS_MASTER_KEY_DERIVE:
-    case CKM_TLS_MASTER_KEY_DERIVE_DH:
-	isTLS = PR_TRUE;
-	/* fall thru */
-    case CKM_SSL3_MASTER_KEY_DERIVE:
-    case CKM_SSL3_MASTER_KEY_DERIVE_DH:
-      {
-	CK_SSL3_MASTER_KEY_DERIVE_PARAMS *ssl3_master;
-	SSL3RSAPreMasterSecret *rsa_pms;
-        if ((pMechanism->mechanism == CKM_SSL3_MASTER_KEY_DERIVE_DH) ||
-            (pMechanism->mechanism == CKM_TLS_MASTER_KEY_DERIVE_DH))
-		isDH = PR_TRUE;
-
-	/* first do the consistancy checks */
-	if (!isDH && (att->attrib.ulValueLen != SSL3_PMS_LENGTH)) {
-	    crv = CKR_KEY_TYPE_INCONSISTENT;
-	    break;
-	}
-	att2 = pk11_FindAttribute(sourceKey,CKA_KEY_TYPE);
-	if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
-					CKK_GENERIC_SECRET)) {
-	    if (att2) pk11_FreeAttribute(att2);
-	    crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
-	    break;
-	}
-	pk11_FreeAttribute(att2);
-	if (keyType != CKK_GENERIC_SECRET) {
-	    crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
-	    break;
-	}
-	if ((keySize != 0) && (keySize != SSL3_MASTER_SECRET_LENGTH)) {
-	    crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
-	    break;
-	}
-
-
-	/* finally do the key gen */
-	ssl3_master = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *)
-					pMechanism->pParameter;
-	if (ssl3_master->pVersion) {
-	    PK11SessionObject *sessKey = pk11_narrowToSessionObject(key);
-	    rsa_pms = (SSL3RSAPreMasterSecret *) att->attrib.pValue;
-	    /* don't leak more key material then necessary for SSL to work */
-	    if ((sessKey == NULL) || sessKey->wasDerived) {
-		ssl3_master->pVersion->major = 0xff;
-		ssl3_master->pVersion->minor = 0xff;
-	    } else {
-		ssl3_master->pVersion->major = rsa_pms->client_version[0];
-		ssl3_master->pVersion->minor = rsa_pms->client_version[1];
-	    }
-	}
-	if (ssl3_master->RandomInfo.ulClientRandomLen != SSL3_RANDOM_LENGTH) {
-	   crv = CKR_MECHANISM_PARAM_INVALID;
-	   break;
-	}
-	if (ssl3_master->RandomInfo.ulServerRandomLen != SSL3_RANDOM_LENGTH) {
-	   crv = CKR_MECHANISM_PARAM_INVALID;
-	   break;
-	}
-
-        if (isTLS) {
-	    unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
-	    SECItem crsr = { siBuffer, NULL, 0 };
-	    SECItem master = { siBuffer, NULL, 0 };
-	    SECItem pms = { siBuffer, NULL, 0 };
-	    SECStatus status;
-
-	    pms.data = (unsigned char*)att->attrib.pValue;
-	    pms.len = att->attrib.ulValueLen;
-	    master.data = key_block;
-	    master.len = SSL3_MASTER_SECRET_LENGTH;
-	    crsr.data = crsrdata;
-	    crsr.len = sizeof(crsrdata);
-
-	    PORT_Memcpy(crsrdata, ssl3_master->RandomInfo.pClientRandom,
-							 SSL3_RANDOM_LENGTH);
-	    PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH, 
-		ssl3_master->RandomInfo.pServerRandom, SSL3_RANDOM_LENGTH);
-
-	    status = pk11_PRF(&pms, "master secret", &crsr, &master);
-	    if (status != SECSuccess) {
-	    	crv = CKR_FUNCTION_FAILED;
-		break;
-	    }
-	} else {
-	    /* now allocate the hash contexts */
-	    md5 = MD5_NewContext();
-	    if (md5 == NULL) { 
-		crv = CKR_HOST_MEMORY;
-		break;
-	    }
-	    sha = SHA1_NewContext();
-	    if (sha == NULL) { 
-		PORT_Free(md5);
-		crv = CKR_HOST_MEMORY;
-		break;
-	    }
-            for (i = 0; i < 3; i++) {
-              SHA1_Begin(sha);
-              SHA1_Update(sha, (unsigned char*) mixers[i], strlen(mixers[i]));
-              SHA1_Update(sha, (const unsigned char*)att->attrib.pValue, 
-			  att->attrib.ulValueLen);
-              SHA1_Update(sha, ssl3_master->RandomInfo.pClientRandom,
-				ssl3_master->RandomInfo.ulClientRandomLen);
-              SHA1_Update(sha, ssl3_master->RandomInfo.pServerRandom, 
-				ssl3_master->RandomInfo.ulServerRandomLen);
-              SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
-              PORT_Assert(outLen == SHA1_LENGTH);
-              MD5_Begin(md5);
-              MD5_Update(md5, (const unsigned char*)att->attrib.pValue, 
-			 att->attrib.ulValueLen);
-              MD5_Update(md5, sha_out, outLen);
-              MD5_End(md5, &key_block[i*MD5_LENGTH], &outLen, MD5_LENGTH);
-              PORT_Assert(outLen == MD5_LENGTH);
-            }
-	    PORT_Free(md5);
-	    PORT_Free(sha);
-	}
-
-	/* store the results */
-	crv = pk11_forceAttribute
-			(key,CKA_VALUE,key_block,SSL3_MASTER_SECRET_LENGTH);
-	if (crv != CKR_OK) break;
-	keyType = CKK_GENERIC_SECRET;
-	crv = pk11_forceAttribute (key,CKA_KEY_TYPE,&keyType,sizeof(keyType));
-	if (isTLS) {
-	    /* TLS's master secret is used to "sign" finished msgs with PRF. */
-	    /* XXX This seems like a hack.   But PK11_Derive only accepts 
-	     * one "operation" argument. */
-	    crv = pk11_forceAttribute(key,CKA_SIGN,  &cktrue,sizeof(CK_BBOOL));
-	    if (crv != CKR_OK) break;
-	    crv = pk11_forceAttribute(key,CKA_VERIFY,&cktrue,sizeof(CK_BBOOL));
-	    if (crv != CKR_OK) break;
-	    /* While we're here, we might as well force this, too. */
-	    crv = pk11_forceAttribute(key,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
-	    if (crv != CKR_OK) break;
-	}
-	break;
-      }
-
-    case CKM_TLS_KEY_AND_MAC_DERIVE:
-	isTLS = PR_TRUE;
-	/* fall thru */
-    case CKM_SSL3_KEY_AND_MAC_DERIVE:
-      {
-	CK_SSL3_KEY_MAT_PARAMS *ssl3_keys;
-	CK_SSL3_KEY_MAT_OUT *   ssl3_keys_out;
-	CK_ULONG                effKeySize;
-
-	crv = pk11_DeriveSensitiveCheck(sourceKey,key);
-	if (crv != CKR_OK) break;
-
-	if (att->attrib.ulValueLen != SSL3_MASTER_SECRET_LENGTH) {
-	    crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
-	    break;
-	}
-	att2 = pk11_FindAttribute(sourceKey,CKA_KEY_TYPE);
-	if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
-					CKK_GENERIC_SECRET)) {
-	    if (att2) pk11_FreeAttribute(att2);
-	    crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
-	    break;
-	}
-	pk11_FreeAttribute(att2);
-	md5 = MD5_NewContext();
-	if (md5 == NULL) { 
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	sha = SHA1_NewContext();
-	if (sha == NULL) { 
-	    PORT_Free(md5);
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	ssl3_keys = (CK_SSL3_KEY_MAT_PARAMS *) pMechanism->pParameter;
-	/*
-	 * clear out our returned keys so we can recover on failure
-	 */
-	ssl3_keys_out = ssl3_keys->pReturnedKeyMaterial;
-	ssl3_keys_out->hClientMacSecret = CK_INVALID_HANDLE;
-	ssl3_keys_out->hServerMacSecret = CK_INVALID_HANDLE;
-	ssl3_keys_out->hClientKey       = CK_INVALID_HANDLE;
-	ssl3_keys_out->hServerKey       = CK_INVALID_HANDLE;
-
-	/*
-	 * generate the key material: This looks amazingly similar to the
-	 * PMS code, and is clearly crying out for a function to provide it.
-	 */
-	if (isTLS) {
-	    SECStatus     status;
-	    SECItem       master = { siBuffer, NULL, 0 };
-	    SECItem       srcr   = { siBuffer, NULL, 0 };
-	    SECItem       keyblk = { siBuffer, NULL, 0 };
-	    unsigned char srcrdata[SSL3_RANDOM_LENGTH * 2];
-
-	    master.data = (unsigned char*)att->attrib.pValue;
-	    master.len  = att->attrib.ulValueLen;
-	    srcr.data   = srcrdata;
-	    srcr.len    = sizeof srcrdata;
-	    keyblk.data = key_block;
-	    keyblk.len  = sizeof key_block;
-
-	    PORT_Memcpy(srcrdata, 
-	                ssl3_keys->RandomInfo.pServerRandom,
-			SSL3_RANDOM_LENGTH);
-	    PORT_Memcpy(srcrdata + SSL3_RANDOM_LENGTH, 
-		        ssl3_keys->RandomInfo.pClientRandom, 
-			SSL3_RANDOM_LENGTH);
-
-	    status = pk11_PRF(&master, "key expansion", &srcr, &keyblk);
-	    if (status != SECSuccess) {
-		goto key_and_mac_derive_fail;
-	    }
-	} else {
-	    /* key_block = 
-	     *     MD5(master_secret + SHA('A' + master_secret + 
-	     *                      ServerHello.random + ClientHello.random)) +
-	     *     MD5(master_secret + SHA('BB' + master_secret + 
-	     *                      ServerHello.random + ClientHello.random)) +
-	     *     MD5(master_secret + SHA('CCC' + master_secret + 
-	     *                      ServerHello.random + ClientHello.random)) +
-	     *     [...];
-	     */
-	    for (i = 0; i < NUM_MIXERS; i++) {
-	      SHA1_Begin(sha);
-	      SHA1_Update(sha, (unsigned char*) mixers[i], strlen(mixers[i]));
-	      SHA1_Update(sha, (const unsigned char*)att->attrib.pValue, 
-			  att->attrib.ulValueLen);
-              SHA1_Update(sha, ssl3_keys->RandomInfo.pServerRandom, 
-				ssl3_keys->RandomInfo.ulServerRandomLen);
-              SHA1_Update(sha, ssl3_keys->RandomInfo.pClientRandom,
-				ssl3_keys->RandomInfo.ulClientRandomLen);
-	      SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
-	      PORT_Assert(outLen == SHA1_LENGTH);
-	      MD5_Begin(md5);
-	      MD5_Update(md5, (const unsigned char*)att->attrib.pValue,
-			 att->attrib.ulValueLen);
-	      MD5_Update(md5, sha_out, outLen);
-	      MD5_End(md5, &key_block[i*MD5_LENGTH], &outLen, MD5_LENGTH);
-	      PORT_Assert(outLen == MD5_LENGTH);
-	    }
-	}
-
-	/*
-	 * Put the key material where it goes.
-	 */
-	i = 0;			/* now shows how much consumed */
-	macSize    = ssl3_keys->ulMacSizeInBits/8;
-	effKeySize = ssl3_keys->ulKeySizeInBits/8;
-	IVSize     = ssl3_keys->ulIVSizeInBits/8;
-	if (keySize == 0) {
-	    effKeySize = keySize;
-	}
-
-	/* 
-	 * The key_block is partitioned as follows:
-	 * client_write_MAC_secret[CipherSpec.hash_size]
-	 */
-	crv = pk11_buildSSLKey(hSession,key,PR_TRUE,&key_block[i],macSize,
-					 &ssl3_keys_out->hClientMacSecret);
-	if (crv != CKR_OK)
-	    goto key_and_mac_derive_fail;
-
-	i += macSize;
-
-	/* 
-	 * server_write_MAC_secret[CipherSpec.hash_size]
-	 */
-	crv = pk11_buildSSLKey(hSession,key,PR_TRUE,&key_block[i],macSize,
-					    &ssl3_keys_out->hServerMacSecret);
-	if (crv != CKR_OK) {
-	    goto key_and_mac_derive_fail;
-	}
-	i += macSize;
-
-	if (keySize) {
-	    if (!ssl3_keys->bIsExport) {
-		/* 
-		** Generate Domestic write keys and IVs.
-		** client_write_key[CipherSpec.key_material]
-		*/
-		crv = pk11_buildSSLKey(hSession,key,PR_FALSE,&key_block[i],
-					keySize, &ssl3_keys_out->hClientKey);
-		if (crv != CKR_OK) {
-		    goto key_and_mac_derive_fail;
-		}
-		i += keySize;
-
-		/* 
-		** server_write_key[CipherSpec.key_material]
-		*/
-		crv = pk11_buildSSLKey(hSession,key,PR_FALSE,&key_block[i],
-					keySize, &ssl3_keys_out->hServerKey);
-		if (crv != CKR_OK) {
-		    goto key_and_mac_derive_fail;
-		}
-		i += keySize;
-
-		/* 
-		** client_write_IV[CipherSpec.IV_size]
-		*/
-		PORT_Memcpy(ssl3_keys_out->pIVClient, &key_block[i], IVSize);
-		i += IVSize;
-
-		/* 
-		** server_write_IV[CipherSpec.IV_size]
-		*/
-		PORT_Memcpy(ssl3_keys_out->pIVServer, &key_block[i], IVSize);
-	    	i += IVSize;
-		PORT_Assert(i <= sizeof key_block);
-
-	    } else if (!isTLS) {
-
-		/*
-		** Generate SSL3 Export write keys and IVs.
-		** client_write_key[CipherSpec.key_material]
-		** final_client_write_key = MD5(client_write_key +
-		**                   ClientHello.random + ServerHello.random);
-		*/
-		MD5_Begin(md5);
-		MD5_Update(md5, &key_block[i], effKeySize);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
-				ssl3_keys->RandomInfo.ulClientRandomLen);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom, 
-				ssl3_keys->RandomInfo.ulServerRandomLen);
-		MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
-		i += effKeySize;
-		crv = pk11_buildSSLKey(hSession,key,PR_FALSE,key_block2,
-				 	keySize,&ssl3_keys_out->hClientKey);
-		if (crv != CKR_OK) {
-		    goto key_and_mac_derive_fail;
-		}
-
-		/*
-		** server_write_key[CipherSpec.key_material]
-		** final_server_write_key = MD5(server_write_key +
-		**                    ServerHello.random + ClientHello.random);
-		*/
-		MD5_Begin(md5);
-		MD5_Update(md5, &key_block[i], effKeySize);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom, 
-				ssl3_keys->RandomInfo.ulServerRandomLen);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
-				ssl3_keys->RandomInfo.ulClientRandomLen);
-		MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
-		i += effKeySize;
-		crv = pk11_buildSSLKey(hSession,key,PR_FALSE,key_block2,
-					 keySize,&ssl3_keys_out->hServerKey);
-		if (crv != CKR_OK) {
-		    goto key_and_mac_derive_fail;
-		}
-
-		/*
-		** client_write_IV = 
-		**	MD5(ClientHello.random + ServerHello.random);
-		*/
-		MD5_Begin(md5);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
-				ssl3_keys->RandomInfo.ulClientRandomLen);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom, 
-				ssl3_keys->RandomInfo.ulServerRandomLen);
-		MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
-		PORT_Memcpy(ssl3_keys_out->pIVClient, key_block2, IVSize);
-
-		/*
-		** server_write_IV = 
-		**	MD5(ServerHello.random + ClientHello.random);
-		*/
-		MD5_Begin(md5);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom, 
-				ssl3_keys->RandomInfo.ulServerRandomLen);
-            	MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
-				ssl3_keys->RandomInfo.ulClientRandomLen);
-		MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
-		PORT_Memcpy(ssl3_keys_out->pIVServer, key_block2, IVSize);
-
-	    } else {
-
-		/*
-		** Generate TLS Export write keys and IVs.
-		*/
-		SECStatus     status;
-		SECItem       secret = { siBuffer, NULL, 0 };
-		SECItem       crsr   = { siBuffer, NULL, 0 };
-		SECItem       keyblk = { siBuffer, NULL, 0 };
-		unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
-
-		crsr.data   = crsrdata;
-		crsr.len    = sizeof crsrdata;
-
-		PORT_Memcpy(crsrdata, 
-		            ssl3_keys->RandomInfo.pClientRandom, 
-			    SSL3_RANDOM_LENGTH);
-		PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH, 
-			    ssl3_keys->RandomInfo.pServerRandom,
-			    SSL3_RANDOM_LENGTH);
-
-
-		/*
-		** client_write_key[CipherSpec.key_material]
-		** final_client_write_key = PRF(client_write_key, 
-		**                              "client write key",
-		**                              client_random + server_random);
-		*/
-		secret.data = &key_block[i];
-		secret.len  = effKeySize;
-		i          += effKeySize;
-		keyblk.data = key_block2;
-		keyblk.len  = sizeof key_block2;
-		status = pk11_PRF(&secret, "client write key", &crsr, &keyblk);
-		if (status != SECSuccess) {
-		    goto key_and_mac_derive_fail;
-		}
-		crv = pk11_buildSSLKey(hSession, key, PR_FALSE, key_block2, 
-				       keySize, &ssl3_keys_out->hClientKey);
-		if (crv != CKR_OK) {
-		    goto key_and_mac_derive_fail;
-		}
-
-		/*
-		** server_write_key[CipherSpec.key_material]
-		** final_server_write_key = PRF(server_write_key,
-		**                              "server write key",
-		**                              client_random + server_random);
-		*/
-		secret.data = &key_block[i];
-		secret.len  = effKeySize;
-		i          += effKeySize;
-		keyblk.data = key_block2;
-		keyblk.len  = sizeof key_block2;
-		status = pk11_PRF(&secret, "server write key", &crsr, &keyblk);
-		if (status != SECSuccess) {
-		    goto key_and_mac_derive_fail;
-		}
-		crv = pk11_buildSSLKey(hSession, key, PR_FALSE, key_block2, 
-				       keySize, &ssl3_keys_out->hServerKey);
-		if (crv != CKR_OK) {
-		    goto key_and_mac_derive_fail;
-		}
-
-		/*
-		** iv_block = PRF("", "IV block", 
-		**                    client_random + server_random);
-		** client_write_IV[SecurityParameters.IV_size]
-		** server_write_IV[SecurityParameters.IV_size]
-		*/
-		if (IVSize) {
-		    secret.data = NULL;
-		    secret.len  = 0;
-		    keyblk.data = &key_block[i];
-		    keyblk.len  = 2 * IVSize;
-		    status = pk11_PRF(&secret, "IV block", &crsr, &keyblk);
-		    if (status != SECSuccess) {
-			goto key_and_mac_derive_fail;
-		    }
-		    PORT_Memcpy(ssl3_keys_out->pIVClient, keyblk.data, IVSize);
-		    PORT_Memcpy(ssl3_keys_out->pIVServer, keyblk.data + IVSize,
-                                IVSize);
-		}
-	    }
-	}
-
-	crv = CKR_OK;
-
-	if (0) {
-key_and_mac_derive_fail:
-	    if (crv == CKR_OK)
-	    	crv = CKR_FUNCTION_FAILED;
-	    pk11_freeSSLKeys(hSession, ssl3_keys_out);
-	}
-	MD5_DestroyContext(md5, PR_TRUE);
-	SHA1_DestroyContext(sha, PR_TRUE);
-	pk11_FreeObject(key);
-	key = NULL;
-	break;
-      }
-
-    case CKM_CONCATENATE_BASE_AND_KEY:
-      {
-	PK11Object *newKey;
-
-	crv = pk11_DeriveSensitiveCheck(sourceKey,key);
-	if (crv != CKR_OK) break;
-
-	session = pk11_SessionFromHandle(hSession);
-	if (session == NULL) {
-            crv = CKR_SESSION_HANDLE_INVALID;
-	    break;
-    	}
-
-	newKey = pk11_ObjectFromHandle(*(CK_OBJECT_HANDLE *)
-					pMechanism->pParameter,session);
-	pk11_FreeSession(session);
-	if ( newKey == NULL) {
-            crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-
-	if (pk11_isTrue(newKey,CKA_SENSITIVE)) {
-	    crv = pk11_forceAttribute(newKey,CKA_SENSITIVE,&cktrue,
-							sizeof(CK_BBOOL));
-	    if (crv != CKR_OK) {
-		pk11_FreeObject(newKey);
-		break;
-	    }
-	}
-
-	att2 = pk11_FindAttribute(newKey,CKA_VALUE);
-	if (att2 == NULL) {
-	    pk11_FreeObject(newKey);
-            crv = CKR_KEY_HANDLE_INVALID;
-	    break;
-	}
-	tmpKeySize = att->attrib.ulValueLen+att2->attrib.ulValueLen;
-	if (keySize == 0) keySize = tmpKeySize;
-	if (keySize > tmpKeySize) {
-	    pk11_FreeObject(newKey);
-	    pk11_FreeAttribute(att2);
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	buf = (unsigned char*)PORT_Alloc(tmpKeySize);
-	if (buf == NULL) {
-	    pk11_FreeAttribute(att2);
-	    pk11_FreeObject(newKey);
-	    crv = CKR_HOST_MEMORY;	
-	    break;
-	}
-
-	PORT_Memcpy(buf,att->attrib.pValue,att->attrib.ulValueLen);
-	PORT_Memcpy(buf+att->attrib.ulValueLen,
-				att2->attrib.pValue,att2->attrib.ulValueLen);
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
-	PORT_ZFree(buf,tmpKeySize);
-	pk11_FreeAttribute(att2);
-	pk11_FreeObject(newKey);
-	break;
-      }
-
-    case CKM_CONCATENATE_BASE_AND_DATA:
-	stringPtr = (CK_KEY_DERIVATION_STRING_DATA *) pMechanism->pParameter;
-	tmpKeySize = att->attrib.ulValueLen+stringPtr->ulLen;
-	if (keySize == 0) keySize = tmpKeySize;
-	if (keySize > tmpKeySize) {
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	buf = (unsigned char*)PORT_Alloc(tmpKeySize);
-	if (buf == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-
-	PORT_Memcpy(buf,att->attrib.pValue,att->attrib.ulValueLen);
-	PORT_Memcpy(buf+att->attrib.ulValueLen,stringPtr->pData,
-							stringPtr->ulLen);
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
-	PORT_ZFree(buf,tmpKeySize);
-	break;
-    case CKM_CONCATENATE_DATA_AND_BASE:
-	stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
-	tmpKeySize = att->attrib.ulValueLen+stringPtr->ulLen;
-	if (keySize == 0) keySize = tmpKeySize;
-	if (keySize > tmpKeySize) {
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	buf = (unsigned char*)PORT_Alloc(tmpKeySize);
-	if (buf == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-
-	PORT_Memcpy(buf,stringPtr->pData,stringPtr->ulLen);
-	PORT_Memcpy(buf+stringPtr->ulLen,att->attrib.pValue,
-							att->attrib.ulValueLen);
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
-	PORT_ZFree(buf,tmpKeySize);
-	break;
-    case CKM_XOR_BASE_AND_DATA:
-	stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
-	tmpKeySize = PR_MIN(att->attrib.ulValueLen,stringPtr->ulLen);
-	if (keySize == 0) keySize = tmpKeySize;
-	if (keySize > tmpKeySize) {
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	buf = (unsigned char*)PORT_Alloc(keySize);
-	if (buf == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-
-	
-	PORT_Memcpy(buf,att->attrib.pValue,keySize);
-	for (i=0; i < (int)keySize; i++) {
-	    buf[i] ^= stringPtr->pData[i];
-	}
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
-	PORT_ZFree(buf,keySize);
-	break;
-
-    case CKM_EXTRACT_KEY_FROM_KEY:
-      {
-	/* the following assumes 8 bits per byte */
-	CK_ULONG extract = *(CK_EXTRACT_PARAMS *)pMechanism->pParameter;
-	CK_ULONG shift   = extract & 0x7;      /* extract mod 8 the fast way */
-	CK_ULONG offset  = extract >> 3;       /* extract div 8 the fast way */
-
-	if (keySize == 0)  {
-	    crv = CKR_TEMPLATE_INCOMPLETE;
-	    break;
-	}
-	/* make sure we have enough bits in the original key */
-	if (att->attrib.ulValueLen < 
-			(offset + keySize + ((shift != 0)? 1 :0)) ) {
-	    crv = CKR_MECHANISM_PARAM_INVALID;
-	    break;
-	}
-	buf = (unsigned char*)PORT_Alloc(keySize);
-	if (buf == NULL) {
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-
-	/* copy the bits we need into the new key */	
-	for (i=0; i < (int)keySize; i++) {
-	    unsigned char *value =
-			 ((unsigned char *)att->attrib.pValue)+offset+i;
-	    if (shift) {
-	        buf[i] = (value[0] << (shift)) | (value[1] >> (8 - shift));
-	    } else {
-		buf[i] = value[0];
-	    }
-	}
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
-	PORT_ZFree(buf,keySize);
-	break;
-      }
-    case CKM_MD2_KEY_DERIVATION:
-	if (keySize == 0) keySize = MD2_LENGTH;
-	if (keySize > MD2_LENGTH) {
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	/* now allocate the hash contexts */
-	md2 = MD2_NewContext();
-	if (md2 == NULL) { 
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	MD2_Begin(md2);
-	MD2_Update(md2,(const unsigned char*)att->attrib.pValue,
-		   att->attrib.ulValueLen);
-	MD2_End(md2,key_block,&outLen,MD2_LENGTH);
-	MD2_DestroyContext(md2, PR_TRUE);
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,key_block,keySize);
-	break;
-    case CKM_MD5_KEY_DERIVATION:
-	if (keySize == 0) keySize = MD5_LENGTH;
-	if (keySize > MD5_LENGTH) {
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	/* now allocate the hash contexts */
-	md5 = MD5_NewContext();
-	if (md5 == NULL) { 
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	MD5_Begin(md5);
-	MD5_Update(md5,(const unsigned char*)att->attrib.pValue,
-		   att->attrib.ulValueLen);
-	MD5_End(md5,key_block,&outLen,MD5_LENGTH);
-	MD5_DestroyContext(md5, PR_TRUE);
-
-	crv = pk11_forceAttribute (key,CKA_VALUE,key_block,keySize);
-	break;
-     case CKM_SHA1_KEY_DERIVATION:
-	if (keySize == 0) keySize = SHA1_LENGTH;
-	if (keySize > SHA1_LENGTH) {
-	    crv = CKR_TEMPLATE_INCONSISTENT;
-	    break;
-	}
-	/* now allocate the hash contexts */
-	sha = SHA1_NewContext();
-	if (sha == NULL) { 
-	    crv = CKR_HOST_MEMORY;
-	    break;
-	}
-	SHA1_Begin(sha);
-	SHA1_Update(sha,(const unsigned char*)att->attrib.pValue,
-		    att->attrib.ulValueLen);
-	SHA1_End(sha,key_block,&outLen,SHA1_LENGTH);
-	SHA1_DestroyContext(sha, PR_TRUE);
-
-	crv = pk11_forceAttribute(key,CKA_VALUE,key_block,keySize);
-	break;
-
-    case CKM_DH_PKCS_DERIVE:
-      {
-	SECItem  derived,  dhPublic;
-	SECItem  dhPrime,  dhValue;
-	/* sourceKey - values for the local existing low key */
-	/* get prime and value attributes */
-	crv = pk11_Attribute2SecItem(NULL, &dhPrime, sourceKey, CKA_PRIME); 
-	if (crv != SECSuccess) break;
-	crv = pk11_Attribute2SecItem(NULL, &dhValue, sourceKey, CKA_VALUE); 
-	if (crv != SECSuccess) {
- 	    PORT_Free(dhPrime.data);
-	    break;
-	}
-
-	dhPublic.data = pMechanism->pParameter;
-	dhPublic.len  = pMechanism->ulParameterLen;
-
-	/* calculate private value - oct */
-	rv = DH_Derive(&dhPublic, &dhPrime, &dhValue, &derived, keySize); 
-
-	PORT_Free(dhPrime.data);
-	PORT_Free(dhValue.data);
-     
-	if (rv == SECSuccess) {
-	    pk11_forceAttribute(key, CKA_VALUE, derived.data, derived.len);
-	    PORT_ZFree(derived.data, derived.len);
-	} else
-	    crv = CKR_HOST_MEMORY;
-	    
-	break;
-      }
-
-    default:
-	crv = CKR_MECHANISM_INVALID;
-    }
-    pk11_FreeAttribute(att);
-    pk11_FreeObject(sourceKey);
-    if (crv != CKR_OK) { 
-	if (key) pk11_FreeObject(key);
-	return crv;
-    }
-
-    /* link the key object into the list */
-    if (key) {
-	PK11SessionObject *sessKey = pk11_narrowToSessionObject(key);
-	PORT_Assert(sessKey);
-	/* get the session */
-	sessKey->wasDerived = PR_TRUE;
-	session = pk11_SessionFromHandle(hSession);
-	if (session == NULL) {
-	    pk11_FreeObject(key);
-	    return CKR_HOST_MEMORY;
-	}
-
-	crv = pk11_handleObject(key,session);
-	pk11_FreeSession(session);
-	*phKey = key->handle;
-	pk11_FreeObject(key);
-    }
-    return crv;
-}
-
-
-/* NSC_GetFunctionStatus obtains an updated status of a function running 
- * in parallel with an application. */
-CK_RV NSC_GetFunctionStatus(CK_SESSION_HANDLE hSession)
-{
-    return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/* NSC_CancelFunction cancels a function running in parallel */
-CK_RV NSC_CancelFunction(CK_SESSION_HANDLE hSession)
-{
-    return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/* NSC_GetOperationState saves the state of the cryptographic 
- *operation in a session.
- * NOTE: This code only works for digest functions for now. eventually need
- * to add full flatten/resurect to our state stuff so that all types of state
- * can be saved */
-CK_RV NSC_GetOperationState(CK_SESSION_HANDLE hSession, 
-	CK_BYTE_PTR  pOperationState, CK_ULONG_PTR pulOperationStateLen)
-{
-    PK11SessionContext *context;
-    PK11Session *session;
-    CK_RV crv;
-
-    /* make sure we're legal */
-    crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, &session);
-    if (crv != CKR_OK) return crv;
-
-    *pulOperationStateLen = context->cipherInfoLen + sizeof(CK_MECHANISM_TYPE)
-				+ sizeof(PK11ContextType);
-    if (pOperationState == NULL) {
-        pk11_FreeSession(session);
-	return CKR_OK;
-    }
-    PORT_Memcpy(pOperationState,&context->type,sizeof(PK11ContextType));
-    pOperationState += sizeof(PK11ContextType);
-    PORT_Memcpy(pOperationState,&context->currentMech,
-						sizeof(CK_MECHANISM_TYPE));
-    pOperationState += sizeof(CK_MECHANISM_TYPE);
-    PORT_Memcpy(pOperationState,context->cipherInfo,context->cipherInfoLen);
-    pk11_FreeSession(session);
-    return CKR_OK;
-}
-
-
-#define pk11_Decrement(stateSize,len) \
-	stateSize = ((stateSize) > (CK_ULONG)(len)) ? \
-				((stateSize) - (CK_ULONG)(len)) : 0;
-
-/* NSC_SetOperationState restores the state of the cryptographic 
- * operation in a session. This is coded like it can restore lots of
- * states, but it only works for truly flat cipher structures. */
-CK_RV NSC_SetOperationState(CK_SESSION_HANDLE hSession, 
-	CK_BYTE_PTR  pOperationState, CK_ULONG  ulOperationStateLen,
-        CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
-{
-    PK11SessionContext *context;
-    PK11Session *session;
-    PK11ContextType type;
-    CK_MECHANISM mech;
-    CK_RV crv = CKR_OK;
-
-    while (ulOperationStateLen != 0) {
-	/* get what type of state we're dealing with... */
-	PORT_Memcpy(&type,pOperationState, sizeof(PK11ContextType));
-
-	/* fix up session contexts based on type */
-	session = pk11_SessionFromHandle(hSession);
-	if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-	context = pk11_ReturnContextByType(session, type);
-	pk11_SetContextByType(session, type, NULL);
-	if (context) { 
-	     pk11_FreeContext(context);
-	}
-	pOperationState += sizeof(PK11ContextType);
-	pk11_Decrement(ulOperationStateLen,sizeof(PK11ContextType));
-
-
-	/* get the mechanism structure */
-	PORT_Memcpy(&mech.mechanism,pOperationState,sizeof(CK_MECHANISM_TYPE));
-	pOperationState += sizeof(CK_MECHANISM_TYPE);
-	pk11_Decrement(ulOperationStateLen, sizeof(CK_MECHANISM_TYPE));
-	/* should be filled in... but not necessary for hash */
-	mech.pParameter = NULL;
-	mech.ulParameterLen = 0;
-	switch (type) {
-	case PK11_HASH:
-	    crv = NSC_DigestInit(hSession,&mech);
-	    if (crv != CKR_OK) break;
-	    crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, 
-								NULL);
-	    if (crv != CKR_OK) break;
-	    PORT_Memcpy(context->cipherInfo,pOperationState,
-						context->cipherInfoLen);
-	    pOperationState += context->cipherInfoLen;
-	    pk11_Decrement(ulOperationStateLen,context->cipherInfoLen);
-	    break;
-	default:
-	    /* do sign/encrypt/decrypt later */
-	    crv = CKR_SAVED_STATE_INVALID;
-         }
-         pk11_FreeSession(session);
-	 if (crv != CKR_OK) break;
-    }
-    return crv;
-}
-
-/* Dual-function cryptographic operations */
-
-/* NSC_DigestEncryptUpdate continues a multiple-part digesting and encryption 
- * operation. */
-CK_RV NSC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR  pPart,
-    CK_ULONG  ulPartLen, CK_BYTE_PTR  pEncryptedPart,
-					 CK_ULONG_PTR pulEncryptedPartLen)
-{
-    CK_RV crv;
-
-    crv = NSC_EncryptUpdate(hSession,pPart,ulPartLen, pEncryptedPart,	
-						      pulEncryptedPartLen);
-    if (crv != CKR_OK) return crv;
-    crv = NSC_DigestUpdate(hSession,pPart,ulPartLen);
-
-    return crv;
-}
-
-
-/* NSC_DecryptDigestUpdate continues a multiple-part decryption and 
- * digesting operation. */
-CK_RV NSC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
-    CK_BYTE_PTR  pEncryptedPart, CK_ULONG  ulEncryptedPartLen,
-    				CK_BYTE_PTR  pPart, CK_ULONG_PTR pulPartLen)
-{
-    CK_RV crv;
-
-    crv = NSC_DecryptUpdate(hSession,pEncryptedPart, ulEncryptedPartLen, 
-							pPart,	pulPartLen);
-    if (crv != CKR_OK) return crv;
-    crv = NSC_DigestUpdate(hSession,pPart,*pulPartLen);
-
-    return crv;
-}
-
-
-/* NSC_SignEncryptUpdate continues a multiple-part signing and 
- * encryption operation. */
-CK_RV NSC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR  pPart,
-	 CK_ULONG  ulPartLen, CK_BYTE_PTR  pEncryptedPart,
-					 CK_ULONG_PTR pulEncryptedPartLen)
-{
-    CK_RV crv;
-
-    crv = NSC_EncryptUpdate(hSession,pPart,ulPartLen, pEncryptedPart,	
-						      pulEncryptedPartLen);
-    if (crv != CKR_OK) return crv;
-    crv = NSC_SignUpdate(hSession,pPart,ulPartLen);
-
-    return crv;
-}
-
-
-/* NSC_DecryptVerifyUpdate continues a multiple-part decryption 
- * and verify operation. */
-CK_RV NSC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, 
-	CK_BYTE_PTR  pEncryptedData, CK_ULONG  ulEncryptedDataLen, 
-				CK_BYTE_PTR  pData, CK_ULONG_PTR pulDataLen)
-{
-    CK_RV crv;
-
-    crv = NSC_DecryptUpdate(hSession,pEncryptedData, ulEncryptedDataLen, 
-							pData,	pulDataLen);
-    if (crv != CKR_OK) return crv;
-    crv = NSC_VerifyUpdate(hSession, pData, *pulDataLen);
-
-    return crv;
-}
-
-/* NSC_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-CK_RV NSC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) 
-{
-    PK11Session *session = NULL;
-    PK11Object *key = NULL;
-    PK11Attribute *att;
-    CK_RV crv;
-
-    session = pk11_SessionFromHandle(hSession);
-    if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
-    key = pk11_ObjectFromHandle(hKey,session);
-    pk11_FreeSession(session);
-    if (key == NULL)  return CKR_KEY_HANDLE_INVALID;
-
-    /* PUT ANY DIGEST KEY RESTRICTION CHECKS HERE */
-
-    /* make sure it's a valid  key for this operation */
-    if (key->objclass != CKO_SECRET_KEY) {
-	pk11_FreeObject(key);
-	return CKR_KEY_TYPE_INCONSISTENT;
-    }
-    /* get the key value */
-    att = pk11_FindAttribute(key,CKA_VALUE);
-    pk11_FreeObject(key);
-
-    crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue,
-			   att->attrib.ulValueLen);
-    pk11_FreeAttribute(att);
-    return crv;
-}
diff --git a/security/nss/lib/softoken/pkcs11f.h b/security/nss/lib/softoken/pkcs11f.h
deleted file mode 100644
index 70d34da5e..000000000
--- a/security/nss/lib/softoken/pkcs11f.h
+++ /dev/null
@@ -1,934 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all the */
-/* PKCS #11  function prototypes.  Because this information is */
-/* used for more than just declaring function prototypes, the */
-/* order of the functions appearing herein is important, and */
-/* should not be altered. */
-
-
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_VOID_PTR   pInitArgs  /* if this is not NULL_PTR, it gets
-                            * cast to CK_C_INITIALIZE_ARGS_PTR
-                            * and dereferenced */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the
- * PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_PKCS11_FUNCTION_INFO(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_INFO_PTR   pInfo  /* location that receives information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_FUNCTION_LIST_PTR_PTR ppFunctionList  /* receives pointer to
-                                            * function list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_BBOOL       tokenPresent,  /* only slots with tokens? */
-  CK_SLOT_ID_PTR pSlotList,     /* receives array of slot IDs */
-  CK_ULONG_PTR   pulCount       /* receives number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in
- * the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID       slotID,  /* the ID of the slot */
-  CK_SLOT_INFO_PTR pInfo    /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token
- * in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID        slotID,  /* ID of the token's slot */
-  CK_TOKEN_INFO_PTR pInfo    /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types
- * supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,          /* ID of token's slot */
-  CK_MECHANISM_TYPE_PTR pMechanismList,  /* gets mech. array */
-  CK_ULONG_PTR          pulCount         /* gets # of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular
- * mechanism possibly supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,  /* ID of the token's slot */
-  CK_MECHANISM_TYPE     type,    /* type of mechanism */
-  CK_MECHANISM_INFO_PTR pInfo    /* receives mechanism info */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_PKCS11_FUNCTION_INFO(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
-/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
-  CK_SLOT_ID         slotID,    /* ID of the token's slot */
-  CK_CHAR_PTR        pPin,      /* the SO's initial PIN */
-  CK_ULONG           ulPinLen,  /* length in bytes of the PIN */
-  CK_UTF8CHAR_PTR    pLabel     /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_PKCS11_FUNCTION_INFO(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_CHAR_PTR       pPin,      /* the normal user's PIN */
-  CK_ULONG          ulPinLen   /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of the user who is logged in. */
-CK_PKCS11_FUNCTION_INFO(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_CHAR_PTR       pOldPin,   /* the old PIN */
-  CK_ULONG          ulOldLen,  /* length of the old PIN */
-  CK_CHAR_PTR       pNewPin,   /* the new PIN */
-  CK_ULONG          ulNewLen   /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID            slotID,        /* the slot's ID */
-  CK_FLAGS              flags,         /* from CK_SESSION_INFO */
-  CK_VOID_PTR           pApplication,  /* passed to callback */
-  CK_NOTIFY             Notify,        /* callback function */
-  CK_SESSION_HANDLE_PTR phSession      /* gets session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SLOT_ID     slotID  /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE   hSession,  /* the session's handle */
-  CK_SESSION_INFO_PTR pInfo      /* receives session info */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,             /* session's handle */
-  CK_BYTE_PTR       pOperationState,      /* gets state */
-  CK_ULONG_PTR      pulOperationStateLen  /* gets state length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic
- * operation in a session. */
-CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR      pOperationState,      /* holds state */
-  CK_ULONG         ulOperationStateLen,  /* holds state length */
-  CK_OBJECT_HANDLE hEncryptionKey,       /* en/decryption key */
-  CK_OBJECT_HANDLE hAuthenticationKey    /* sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_PKCS11_FUNCTION_INFO(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_USER_TYPE      userType,  /* the user type */
-  CK_CHAR_PTR       pPin,      /* the user's PIN */
-  CK_ULONG          ulPinLen   /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_PKCS11_FUNCTION_INFO(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_PKCS11_FUNCTION_INFO(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,   /* the object's template */
-  CK_ULONG          ulCount,     /* attributes in template */
-  CK_OBJECT_HANDLE_PTR phObject  /* gets new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the
- * copy. */
-CK_PKCS11_FUNCTION_INFO(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,    /* the session's handle */
-  CK_OBJECT_HANDLE     hObject,     /* the object's handle */
-  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new object */
-  CK_ULONG             ulCount,     /* attributes in template */
-  CK_OBJECT_HANDLE_PTR phNewObject  /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hObject    /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,   /* the object's handle */
-  CK_ULONG_PTR      pulSize    /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
- * attributes. */
-CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs; gets vals */
-  CK_ULONG          ulCount     /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
- * attributes */
-CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs and values */
-  CK_ULONG          ulCount     /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session
- * objects that match a template. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_ATTRIBUTE_PTR  pTemplate,  /* attribute values to match */
-  CK_ULONG          ulCount     /* attrs in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session
- * objects that match a template, obtaining additional object
- * handles. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE    hSession,          /* session's handle */
- CK_OBJECT_HANDLE_PTR phObject,          /* gets obj. handles */
- CK_ULONG             ulMaxObjectCount,  /* max handles to get */
- CK_ULONG_PTR         pulObjectCount     /* actual # returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session
- * objects. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the encryption mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_PKCS11_FUNCTION_INFO(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pData,               /* the plaintext data */
-  CK_ULONG          ulDataLen,           /* bytes of plaintext */
-  CK_BYTE_PTR       pEncryptedData,      /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedDataLen  /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,           /* session's handle */
-  CK_BYTE_PTR       pPart,              /* the plaintext data */
-  CK_ULONG          ulPartLen,          /* plaintext data len */
-  CK_BYTE_PTR       pEncryptedPart,     /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedPartLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,                /* session handle */
-  CK_BYTE_PTR       pLastEncryptedPart,      /* last c-text */
-  CK_ULONG_PTR      pulLastEncryptedPartLen  /* gets last size */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the decryption mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,           /* session's handle */
-  CK_BYTE_PTR       pEncryptedData,     /* ciphertext */
-  CK_ULONG          ulEncryptedDataLen, /* ciphertext length */
-  CK_BYTE_PTR       pData,              /* gets plaintext */
-  CK_ULONG_PTR      pulDataLen          /* gets p-text size */
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* encrypted data */
-  CK_ULONG          ulEncryptedPartLen,  /* input length */
-  CK_BYTE_PTR       pPart,               /* gets plaintext */
-  CK_ULONG_PTR      pulPartLen           /* p-text size */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pLastPart,      /* gets plaintext */
-  CK_ULONG_PTR      pulLastPartLen  /* p-text size */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism  /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_BYTE_PTR       pData,        /* data to be digested */
-  CK_ULONG          ulDataLen,    /* bytes of data to digest */
-  CK_BYTE_PTR       pDigest,      /* gets the message digest */
-  CK_ULONG_PTR      pulDigestLen  /* gets digest length */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* data to be digested */
-  CK_ULONG          ulPartLen  /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting
- * operation, by digesting the value of a secret key as part of
- * the data already digested. */
-CK_PKCS11_FUNCTION_INFO(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_OBJECT_HANDLE  hKey       /* secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_BYTE_PTR       pDigest,      /* gets the message digest */
-  CK_ULONG_PTR      pulDigestLen  /* gets byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
- * operation, where the signature is (will be) an appendix to
- * the data, and plaintext cannot be recovered from the
- *signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the signature mechanism */
-  CK_OBJECT_HANDLE  hKey         /* handle of signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single
- * part, where the signature is (will be) an appendix to the
- * data, and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pData,           /* the data to sign */
-  CK_ULONG          ulDataLen,       /* count of bytes to sign */
-  CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data, 
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* the data to sign */
-  CK_ULONG          ulPartLen  /* count of bytes to sign */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation, 
- * returning the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation, where
- * the data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,   /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism, /* the signature mechanism */
-  CK_OBJECT_HANDLE  hKey        /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation, where the
- * data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pData,           /* the data to sign */
-  CK_ULONG          ulDataLen,       /* count of bytes to sign */
-  CK_BYTE_PTR       pSignature,      /* gets the signature */
-  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation, where the
- * signature is an appendix to the data, and plaintext cannot
- *  cannot be recovered from the signature (e.g. DSA). */
-CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
-  CK_OBJECT_HANDLE  hKey         /* verification key */ 
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation, 
- * where the signature is an appendix to the data, and plaintext
- * cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pData,          /* signed data */
-  CK_ULONG          ulDataLen,      /* length of signed data */
-  CK_BYTE_PTR       pSignature,     /* signature */
-  CK_ULONG          ulSignatureLen  /* signature length*/
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification
- * operation, where the signature is an appendix to the data, 
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pPart,     /* signed data */
-  CK_ULONG          ulPartLen  /* length of signed data */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification
- * operation, checking the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,       /* the session's handle */
-  CK_BYTE_PTR       pSignature,     /* signature to verify */
-  CK_ULONG          ulSignatureLen  /* signature length */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
-  CK_OBJECT_HANDLE  hKey         /* verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_BYTE_PTR       pSignature,      /* signature to verify */
-  CK_ULONG          ulSignatureLen,  /* signature length */
-  CK_BYTE_PTR       pData,           /* gets signed data */
-  CK_ULONG_PTR      pulDataLen       /* gets signed data len */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting
- * and encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pPart,               /* the plaintext data */
-  CK_ULONG          ulPartLen,           /* plaintext length */
-  CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
-  CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
-  CK_BYTE_PTR       pPart,               /* gets plaintext */
-  CK_ULONG_PTR      pulPartLen           /* gets plaintext len */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pPart,               /* the plaintext data */
-  CK_ULONG          ulPartLen,           /* plaintext length */
-  CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
-  CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,            /* session's handle */
-  CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
-  CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
-  CK_BYTE_PTR       pPart,               /* gets plaintext */
-  CK_ULONG_PTR      pulPartLen           /* gets p-text length */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,    /* the session's handle */
-  CK_MECHANISM_PTR     pMechanism,  /* key generation mech. */
-  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new key */
-  CK_ULONG             ulCount,     /* # of attrs in template */
-  CK_OBJECT_HANDLE_PTR phKey        /* gets handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair, 
- * creating new key objects. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,                    /* session
-                                                     * handle */
-  CK_MECHANISM_PTR     pMechanism,                  /* key-gen
-                                                     * mech. */
-  CK_ATTRIBUTE_PTR     pPublicKeyTemplate,          /* template
-                                                     * for pub.
-                                                     * key */
-  CK_ULONG             ulPublicKeyAttributeCount,   /* # pub.
-                                                     * attrs. */
-  CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,         /* template
-                                                     * for priv.
-                                                     * key */
-  CK_ULONG             ulPrivateKeyAttributeCount,  /* # priv.
-                                                     * attrs. */
-  CK_OBJECT_HANDLE_PTR phPublicKey,                 /* gets pub.
-                                                     * key
-                                                     * handle */
-  CK_OBJECT_HANDLE_PTR phPrivateKey                 /* gets
-                                                     * priv. key
-                                                     * handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_PKCS11_FUNCTION_INFO(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,        /* the session's handle */
-  CK_MECHANISM_PTR  pMechanism,      /* the wrapping mechanism */
-  CK_OBJECT_HANDLE  hWrappingKey,    /* wrapping key */
-  CK_OBJECT_HANDLE  hKey,            /* key to be wrapped */
-  CK_BYTE_PTR       pWrappedKey,     /* gets wrapped key */
-  CK_ULONG_PTR      pulWrappedKeyLen /* gets wrapped key size */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
- * key object. */
-CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,          /* session's handle */
-  CK_MECHANISM_PTR     pMechanism,        /* unwrapping mech. */
-  CK_OBJECT_HANDLE     hUnwrappingKey,    /* unwrapping key */
-  CK_BYTE_PTR          pWrappedKey,       /* the wrapped key */
-  CK_ULONG             ulWrappedKeyLen,   /* wrapped key len */
-  CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
-  CK_ULONG             ulAttributeCount,  /* template length */
-  CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE    hSession,          /* session's handle */
-  CK_MECHANISM_PTR     pMechanism,        /* key deriv. mech. */
-  CK_OBJECT_HANDLE     hBaseKey,          /* base key */
-  CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
-  CK_ULONG             ulAttributeCount,  /* template length */
-  CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's
- * random number generator. */
-CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,  /* the session's handle */
-  CK_BYTE_PTR       pSeed,     /* the seed material */
-  CK_ULONG          ulSeedLen  /* length of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession,    /* the session's handle */
-  CK_BYTE_PTR       RandomData,  /* receives the random data */
-  CK_ULONG          ulRandomLen  /* # of bytes to generate */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus is a legacy function; it obtains an
- * updated status of a function running in parallel with an
- * application. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction is a legacy function; it cancels a function
- * running in parallel. */
-CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_SESSION_HANDLE hSession  /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
-  CK_FLAGS flags,        /* blocking/nonblocking flag */
-  CK_SLOT_ID_PTR pSlot,  /* location that receives the slot ID */
-  CK_VOID_PTR pRserved   /* reserved.  Should be NULL_PTR */
-);
-#endif
diff --git a/security/nss/lib/softoken/pkcs11i.h b/security/nss/lib/softoken/pkcs11i.h
deleted file mode 100644
index 2634bac01..000000000
--- a/security/nss/lib/softoken/pkcs11i.h
+++ /dev/null
@@ -1,665 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal data structures and functions used by pkcs11.c
- */
-#ifndef _PKCS11I_H_
-#define _PKCS11I_H_ 1
-
-#include "nssilock.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-#include "pkcs11t.h"
-#include "pcertt.h"
-
-
-/* 
- * Configuration Defines 
- *
- * The following defines affect the space verse speed trade offs of
- * the PKCS #11 module. For the most part the current settings are optimized
- * for web servers, where we want faster speed and lower lock contention at
- * the expense of space.
- */
-
-#define PKCS11_USE_THREADS	/* set to true of you are need threads */
-/* 
- *  Attribute Allocation strategy:
- *
- * 1) static allocation (PKCS11_STATIC_ATTRIBUTES set
- *			 PKCS11_REF_COUNT_ATTRIBUTES not set)
- *   Attributes are pre-allocated as part of the session object and used from
- *   the object array.
- *
- * 2) heap allocation with ref counting (PKCS11_STATIC_ATTRIBUTES not set
- *			 		PKCS11_REF_COUNT_ATTRIBUTES set)
- *   Attributes are allocated from the heap when needed and freed when their
- *   reference count goes to zero.
- *
- * 3) arena allocation (PKCS11_STATIC_ATTRIBUTES  not set
- *			 PKCS11_REF_COUNT_ATTRIBUTE not set)
- *   Attributes are allocated from the arena when needed and freed only when
- *   the object goes away.
- */
-#define PKCS11_STATIC_ATTRIBUTES	
-/*#define   PKCS11_REF_COUNT_ATTRIBUTES		 */
-/* the next two are only active if PKCS11_STATIC_ATTRIBUTES is set */
-#define MAX_OBJS_ATTRS 45	/* number of attributes to preallocate in
-				 * the object (must me the absolute max) */
-#define ATTR_SPACE 50  		/* Maximum size of attribute data before extra
-				 * data needs to be allocated. This is set to
-				 * enough space to hold an SSL MASTER secret */
-
-#define NSC_STRICT      PR_FALSE  /* forces the code to do strict template
-				   * matching when doing C_FindObject on token
-				   * objects. This will slow down search in
-				   * NSS. */
-/* default search block allocations and increments */
-#define NSC_CERT_BLOCK_SIZE     50
-#define NSC_SEARCH_BLOCK_SIZE   5 
-#define NSC_SLOT_LIST_BLOCK_SIZE 10
-
-#define NSC_FIPS_MODULE 1
-#define NSC_NON_FIPS_MODULE 0
-
-/* these are data base storage hashes, not cryptographic hashes.. The define
- * the effective size of the various object hash tables */
-/* clients care more about memory usage than lookup performance on
- * cyrptographic objects. Clients also have less objects around to play with 
- *
- * we eventually should make this configurable at runtime! Especially now that
- * NSS is a shared library.
- */
-#define SPACE_ATTRIBUTE_HASH_SIZE 32 
-#define SPACE_TOKEN_OBJECT_HASH_SIZE 32
-#define SPACE_SESSION_HASH_SIZE 32
-#define TIME_ATTRIBUTE_HASH_SIZE 32
-#define TIME_TOKEN_OBJECT_HASH_SIZE 1024
-#define TIME_SESSION_HASH_SIZE 1024
-#define MAX_OBJECT_LIST_SIZE 800  
-				  /* how many objects to keep on the free list
-				   * before we start freeing them */
-#define MAX_KEY_LEN 256
-
-#define MULTIACCESS "multiaccess:"
-
-/*
- * LOG2_BUCKETS_PER_SESSION_LOCK must be a prime number.
- * With SESSION_HASH_SIZE=1024, LOG2 can be 9, 5, 1, or 0.
- * With SESSION_HASH_SIZE=4096, LOG2 can be 11, 9, 5, 1, or 0.
- *
- * HASH_SIZE   LOG2_BUCKETS_PER   BUCKETS_PER_LOCK  NUMBER_OF_BUCKETS
- * 1024        9                  512               2
- * 1024        5                  32                32
- * 1024        1                  2                 512
- * 1024        0                  1                 1024
- * 4096        11                 2048              2
- * 4096        9                  512               8
- * 4096        5                  32                128
- * 4096        1                  2                 2048
- * 4096        0                  1                 4096
- */
-#define LOG2_BUCKETS_PER_SESSION_LOCK 1
-#define BUCKETS_PER_SESSION_LOCK (1 << (LOG2_BUCKETS_PER_SESSION_LOCK))
-/* NOSPREAD sessionID to hash table index macro has been slower. */
-
-#ifdef PKCS11_USE_THREADS
-#define PK11_USE_THREADS(x) x
-#else
-#define PK11_USE_THREADS(x) 
-#endif
-
-/* define typedefs, double as forward declarations as well */
-typedef struct PK11AttributeStr PK11Attribute;
-typedef struct PK11ObjectListStr PK11ObjectList;
-typedef struct PK11ObjectListElementStr PK11ObjectListElement;
-typedef struct PK11ObjectStr PK11Object;
-typedef struct PK11SessionObjectStr PK11SessionObject;
-typedef struct PK11TokenObjectStr PK11TokenObject;
-typedef struct PK11SessionStr PK11Session;
-typedef struct PK11SlotStr PK11Slot;
-typedef struct PK11SessionContextStr PK11SessionContext;
-typedef struct PK11SearchResultsStr PK11SearchResults;
-typedef struct PK11HashVerifyInfoStr PK11HashVerifyInfo;
-typedef struct PK11HashSignInfoStr PK11HashSignInfo;
-typedef struct PK11SSLMACInfoStr PK11SSLMACInfo;
-
-/* define function pointer typdefs for pointer tables */
-typedef void (*PK11Destroy)(void *, PRBool);
-typedef void (*PK11Begin)(void *);
-typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
-					void *, unsigned int);
-typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*PK11Hash)(void *,void *,unsigned int);
-typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
-typedef void (*PK11Free)(void *);
-
-/* Value to tell if an attribute is modifiable or not.
- *    NEVER: attribute is only set on creation.
- *    ONCOPY: attribute is set on creation and can only be changed on copy.
- *    SENSITIVE: attribute can only be changed to TRUE.
- *    ALWAYS: attribute can always be changed.
- */
-typedef enum {
-	PK11_NEVER = 0,
-	PK11_ONCOPY = 1,
-	PK11_SENSITIVE = 2,
-	PK11_ALWAYS = 3
-} PK11ModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
-	PK11_DestroyFailure,
-	PK11_Destroyed,
-	PK11_Busy
-} PK11FreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct PK11AttributeStr {
-    PK11Attribute  	*next;
-    PK11Attribute  	*prev;
-    PRBool		freeAttr;
-    PRBool		freeData;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    int 		refCount;
-    PZLock 		*refLock;
-#endif
-    /*must be called handle to make pk11queue_find work */
-    CK_ATTRIBUTE_TYPE	handle;
-    CK_ATTRIBUTE 	attrib;
-#ifdef PKCS11_STATIC_ATTRIBUTES
-    unsigned char space[ATTR_SPACE];
-#endif
-};
-
-
-/*
- * doubly link list of objects
- */
-struct PK11ObjectListStr {
-    PK11ObjectList *next;
-    PK11ObjectList *prev;
-    PK11Object	   *parent;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct PK11ObjectStr {
-    PK11Object *next;
-    PK11Object	*prev;
-    CK_OBJECT_CLASS 	objclass;
-    CK_OBJECT_HANDLE	handle;
-    int 		refCount;
-    PZLock 		*refLock;
-    PK11Slot	   	*slot;
-    void 		*objectInfo;
-    PK11Free 		infoFree;
-#ifndef PKCS11_STATIC_ATTRIBUTES
-    PLArenaPool	*arena;
-#endif
-};
-
-struct PK11TokenObjectStr {
-    PK11Object  obj;
-    SECItem	dbKey;
-};
-
-struct PK11SessionObjectStr {
-    PK11Object	   obj;
-    PK11ObjectList sessionList;
-    PZLock		*attributeLock;
-    PK11Session   	*session;
-    PRBool		wasDerived;
-#ifdef PKCS11_STATIC_ATTRIBUTES
-    int nextAttr;
-    PK11Attribute	attrList[MAX_OBJS_ATTRS];
-#endif
-    PRBool		optimizeSpace;
-    unsigned int	hashSize;
-    PK11Attribute 	*head[1];
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct PK11ObjectListElementStr {
-    PK11ObjectListElement	*next;
-    PK11Object 			*object;
-};
-
-/*
- * Area to hold Search results
- */
-struct PK11SearchResultsStr {
-    CK_OBJECT_HANDLE	*handles;
-    int			size;
-    int			index;
-    int			array_size;
-};
-
-
-/* 
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
-    PK11_ENCRYPT,
-    PK11_DECRYPT,
-    PK11_HASH,
-    PK11_SIGN,
-    PK11_SIGN_RECOVER,
-    PK11_VERIFY,
-    PK11_VERIFY_RECOVER
-} PK11ContextType;
-
-
-#define PK11_MAX_BLOCK_SIZE 16
-/* currently SHA1 is the biggest hash length */
-#define PK11_MAX_MAC_LENGTH 20
-#define PK11_INVALID_MAC_SIZE 0xffffffff
-
-struct PK11SessionContextStr {
-    PK11ContextType	type;
-    PRBool		multi; 		/* is multipart */
-    PRBool		doPad; 		/* use PKCS padding for block ciphers */
-    unsigned int	blockSize; 	/* blocksize for padding */
-    unsigned int	padDataLength; 	/* length of the valid data in padbuf */
-    unsigned char	padBuf[PK11_MAX_BLOCK_SIZE];
-    unsigned char	macBuf[PK11_MAX_BLOCK_SIZE];
-    CK_ULONG		macSize;	/* size of a general block cipher mac*/
-    void		*cipherInfo;
-    void		*hashInfo;
-    unsigned int	cipherInfoLen;
-    CK_MECHANISM_TYPE	currentMech;
-    PK11Cipher		update;
-    PK11Hash		hashUpdate;
-    PK11End		end;
-    PK11Destroy		destroy;
-    PK11Destroy		hashdestroy;
-    PK11Verify		verify;
-    unsigned int	maxLen;
-    PK11Object		*key;
-};
-
-/*
- * Sessions (have objects)
- */
-struct PK11SessionStr {
-    PK11Session        *next;
-    PK11Session        *prev;
-    CK_SESSION_HANDLE	handle;
-    int			refCount;
-    PZLock		*objectLock;
-    int			objectIDCount;
-    CK_SESSION_INFO	info;
-    CK_NOTIFY		notify;
-    CK_VOID_PTR		appData;
-    PK11Slot		*slot;
-    PK11SearchResults	*search;
-    PK11SessionContext	*enc_context;
-    PK11SessionContext	*hash_context;
-    PK11SessionContext	*sign_context;
-    PK11ObjectList	*objects[1];
-};
-
-/*
- * slots (have sessions and objects)
- *
- * The array of sessionLock's protect the session hash table (head[])
- * as well as the reference count of session objects in that bucket
- * (head[]->refCount),  objectLock protects all elements of the token
- * object hash table (tokObjects[], tokenIDCount, and tokenHashTable),
- * and slotLock protects the remaining protected elements:
- * password, isLoggedIn, ssoLoggedIn, sessionCount, and rwSessionCount.
- */
-struct PK11SlotStr {
-    CK_SLOT_ID		slotID;
-    PZLock		*slotLock;
-    PZLock		**sessionLock;
-    unsigned int	numSessionLocks;
-    unsigned long	sessionLockMask;
-    PZLock		*objectLock;
-    SECItem		*password;
-    PRBool		hasTokens;
-    PRBool		isLoggedIn;
-    PRBool		ssoLoggedIn;
-    PRBool		needLogin;
-    PRBool		DB_loaded;
-    PRBool		readOnly;
-    PRBool		optimizeSpace;
-    NSSLOWCERTCertDBHandle *certDB;
-    NSSLOWKEYDBHandle	*keyDB;
-    int			minimumPinLen;
-    PRInt32		sessionIDCount;  /* atomically incremented */
-    int			sessionIDConflict;  /* not protected by a lock */
-    int			sessionCount;
-    int			rwSessionCount;
-    int			tokenIDCount;
-    int			index;
-    PLHashTable		*tokenHashTable;
-    PK11Object		**tokObjects;
-    unsigned int	tokObjHashSize;
-    PK11Session		**head;
-    unsigned int	sessHashSize;
-    char		tokDescription[33];
-    char		slotDescription[64];
-};
-
-/*
- * special joint operations Contexts
- */
-struct PK11HashVerifyInfoStr {
-    SECOidTag   	hashOid;
-    NSSLOWKEYPublicKey	*key;
-};
-
-struct PK11HashSignInfoStr {
-    SECOidTag   	hashOid;
-    NSSLOWKEYPrivateKey	*key;
-};
-
-/* context for the Final SSLMAC message */
-struct PK11SSLMACInfoStr {
-    void 		*hashContext;
-    PK11Begin		begin;
-    PK11Hash		update;
-    PK11End		end;
-    CK_ULONG		macSize;
-    int			padSize;
-    unsigned char	key[MAX_KEY_LEN];
-    unsigned int	keySize;
-};
-
-/*
- * session handle modifiers
- */
-#define PK11_SESSION_SLOT_MASK	0xff000000L
-
-/*
- * object handle modifiers
- */
-#define PK11_TOKEN_MASK		0x80000000L
-#define PK11_TOKEN_MAGIC	0x80000000L
-#define PK11_TOKEN_TYPE_MASK	0x70000000L
-/* keydb (high bit == 0) */
-#define PK11_TOKEN_TYPE_PRIV	0x10000000L
-#define PK11_TOKEN_TYPE_PUB	0x20000000L
-#define PK11_TOKEN_TYPE_KEY	0x30000000L
-/* certdb (high bit == 1) */
-#define PK11_TOKEN_TYPE_TRUST	0x40000000L
-#define PK11_TOKEN_TYPE_CRL	0x50000000L
-#define PK11_TOKEN_TYPE_SMIME	0x60000000L
-#define PK11_TOKEN_TYPE_CERT	0x70000000L
-
-#define PK11_TOKEN_KRL_HANDLE	(PK11_TOKEN_MAGIC|PK11_TOKEN_TYPE_CRL|1)
-/* how big a password/pin we can deal with */
-#define PK11_MAX_PIN	255
-
-/* slot ID's */
-#define NETSCAPE_SLOT_ID 1
-#define PRIVATE_KEY_SLOT_ID 2
-#define FIPS_SLOT_ID 3
-
-/* slot helper macros */
-#define pk11_SlotFromSession(sp) ((sp)->slot)
-#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
-
-/* queueing helper macros */
-#define pk11_hash(value,size) ((value) & (size-1))/*size must be a power of 2*/
-#define pk11queue_add(element,id,head,hash_size) \
-	{ int tmp = pk11_hash(id,hash_size); \
-	(element)->next = (head)[tmp]; \
-	(element)->prev = NULL; \
-	if ((head)[tmp]) (head)[tmp]->prev = (element); \
-	(head)[tmp] = (element); }
-#define pk11queue_find(element,id,head,hash_size) \
-	for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
-					 (element) = (element)->next) { \
-	    if ((element)->handle == (id)) { break; } }
-#define pk11queue_is_queued(element,id,head,hash_size) \
-	( ((element)->next) || ((element)->prev) || \
-	 ((head)[pk11_hash(id,hash_size)] == (element)) )
-#define pk11queue_delete(element,id,head,hash_size) \
-	if ((element)->next) (element)->next->prev = (element)->prev; \
-	if ((element)->prev) (element)->prev->next = (element)->next; \
-	   else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
-	(element)->next = NULL; \
-	(element)->prev = NULL; \
-
-/* sessionID (handle) is used to determine session lock bucket */
-#ifdef NOSPREAD
-/* NOSPREAD:	(ID>>L2LPB) & (perbucket-1) */
-#define PK11_SESSION_LOCK(slot,handle) \
-    ((slot)->sessionLock[((handle) >> LOG2_BUCKETS_PER_SESSION_LOCK) \
-        & (slot)->sessionLockMask])
-#else
-/* SPREAD:	ID & (perbucket-1) */
-#define PK11_SESSION_LOCK(slot,handle) \
-    ((slot)->sessionLock[(handle) & (slot)->sessionLockMask])
-#endif
-
-/* expand an attribute & secitem structures out */
-#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define pk11_item_expand(ip) (ip)->data,(ip)->len
-
-typedef struct pk11_token_parametersStr {
-    CK_SLOT_ID slotID;
-    char *configdir;
-    char *certPrefix;
-    char *keyPrefix;
-    char *tokdes;
-    char *slotdes;
-    int minPW; 
-    PRBool readOnly;
-    PRBool noCertDB;
-    PRBool noKeyDB;
-    PRBool forceOpen;
-    PRBool pwRequired;
-    PRBool optimizeSpace;
-} pk11_token_parameters;
-
-typedef struct pk11_parametersStr {
-    char *configdir;
-    char *secmodName;
-    char *man;
-    char *libdes; 
-    PRBool readOnly;
-    PRBool noModDB;
-    PRBool noCertDB;
-    PRBool forceOpen;
-    PRBool pwRequired;
-    PRBool optimizeSpace;
-    pk11_token_parameters *tokens;
-    int token_count;
-} pk11_parameters;
-
-
-/* machine dependent path stuff used by dbinit.c and pk11db.c */
-#ifdef macintosh
-#define PATH_SEPARATOR ":"
-#define SECMOD_DB "Security Modules"
-#define CERT_DB_FMT "%sCertificates%s"
-#define KEY_DB_FMT "%sKey Database%s"
-#else
-#define PATH_SEPARATOR "/"
-#define SECMOD_DB "secmod.db"
-#define CERT_DB_FMT "%scert%s.db"
-#define KEY_DB_FMT "%skey%s.db"
-#endif
-
-SEC_BEGIN_PROTOS
-
-extern int nsf_init;
-extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
-extern CK_RV nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS);
-extern CK_RV nsc_CommonGetSlotList(CK_BBOOL tokPresent, 
-	CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount, int moduleIndex);
-/* shared functions between PKCS11.c and PK11FIPS.c */
-extern CK_RV PK11_SlotInit(char *configdir,pk11_token_parameters *params, 
-							int moduleIndex);
-
-/* internal utility functions used by pkcs11.c */
-extern PK11Attribute *pk11_FindAttribute(PK11Object *object,
-					 CK_ATTRIBUTE_TYPE type);
-extern void pk11_FreeAttribute(PK11Attribute *attribute);
-extern CK_RV pk11_AddAttributeType(PK11Object *object, CK_ATTRIBUTE_TYPE type,
-				   void *valPtr,
-				  CK_ULONG length);
-extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
-				    PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool pk11_hasAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool pk11_isTrue(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern void pk11_DeleteAttributeType(PK11Object *object,
-				     CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
-				    PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
-				     PK11Object *object,
-				     CK_ATTRIBUTE_TYPE type);
-extern PK11ModifyType pk11_modifyType(CK_ATTRIBUTE_TYPE type,
-				      CK_OBJECT_CLASS inClass);
-extern PRBool pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
-extern char *pk11_getString(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern void pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_forceAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
-				 void *value, unsigned int len);
-extern CK_RV pk11_defaultAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
-				   void *value, unsigned int len);
-extern unsigned int pk11_MapTrust(CK_TRUST trust, PRBool clientAuth);
-
-extern PK11Object *pk11_NewObject(PK11Slot *slot);
-extern CK_RV pk11_CopyObject(PK11Object *destObject, PK11Object *srcObject);
-extern PK11FreeStatus pk11_FreeObject(PK11Object *object);
-extern CK_RV pk11_DeleteObject(PK11Session *session, PK11Object *object);
-extern void pk11_ReferenceObject(PK11Object *object);
-extern PK11Object *pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
-					 PK11Session *session);
-extern void pk11_AddSlotObject(PK11Slot *slot, PK11Object *object);
-extern void pk11_AddObject(PK11Session *session, PK11Object *object);
-
-extern CK_RV pk11_searchObjectList(PK11SearchResults *search,
-				   PK11Object **head, unsigned int size,
-				   PZLock *lock, CK_ATTRIBUTE_PTR inTemplate,
-				   int count, PRBool isLoggedIn);
-extern PK11ObjectListElement *pk11_FreeObjectListElement(
-					     PK11ObjectListElement *objectList);
-extern void pk11_FreeObjectList(PK11ObjectListElement *objectList);
-extern void pk11_FreeSearch(PK11SearchResults *search);
-extern CK_RV pk11_handleObject(PK11Object *object, PK11Session *session);
-
-extern PK11Slot *pk11_SlotFromID(CK_SLOT_ID slotID);
-extern PK11Slot *pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
-extern PK11Session *pk11_SessionFromHandle(CK_SESSION_HANDLE handle);
-extern void pk11_FreeSession(PK11Session *session);
-extern PK11Session *pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
-				    CK_VOID_PTR pApplication, CK_FLAGS flags);
-extern void pk11_update_state(PK11Slot *slot,PK11Session *session);
-extern void pk11_update_all_states(PK11Slot *slot);
-extern void pk11_FreeContext(PK11SessionContext *context);
-extern void pk11_CleanupFreeLists(void);
-
-extern NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,
-					  CK_KEY_TYPE key_type);
-extern NSSLOWKEYPrivateKey *pk11_GetPrivKey(PK11Object *object,
-					    CK_KEY_TYPE key_type);
-extern void pk11_FormatDESKey(unsigned char *key, int length);
-extern PRBool pk11_CheckDESKey(unsigned char *key);
-extern PRBool pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
-
-extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed,
-								PRBool isFIPS);
-extern void secmod_freeParams(pk11_parameters *params);
-extern char *secmod_getSecmodName(char *params, char **domain, 
-						char **filename, PRBool *rw);
-extern char ** secmod_ReadPermDB(const char *domain, const char *filename, 
-			const char *dbname, char *params, PRBool rw);
-extern SECStatus secmod_DeletePermDB(const char *domain, const char *filename,
-			const char *dbname, char *args, PRBool rw);
-extern SECStatus secmod_AddPermDB(const char *domain, const char *filename,
-			const char *dbname, char *module, PRBool rw);
-extern SECStatus secmod_ReleasePermDBData(const char *domain, 
-	const char *filename, const char *dbname, char **specList, PRBool rw);
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- *                      "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- *                      "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- *                      Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- *                      PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- *                      be opened.
- */
-CK_RV pk11_DBInit(const char *configdir, const char *certPrefix,
-	 	const char *keyPrefix, PRBool readOnly, PRBool noCertDB, 
-		PRBool noKeyDB, PRBool forceOpen, 
-		NSSLOWCERTCertDBHandle **certDB, NSSLOWKEYDBHandle **keyDB);
-
-void pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle, 
-		     NSSLOWKEYDBHandle *keyHandle);
-
-const char *pk11_EvaluateConfigDir(const char *configdir, char **domain);
-
-/*
- * narrow objects
- */
-PK11SessionObject * pk11_narrowToSessionObject(PK11Object *);
-PK11TokenObject * pk11_narrowToTokenObject(PK11Object *);
-
-/*
- * token object utilities
- */
-void pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle);
-PRBool pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
-                                        CK_ATTRIBUTE_PTR theTemplate,int count);
-CK_OBJECT_HANDLE pk11_mkHandle(PK11Slot *slot, 
-					SECItem *dbKey, CK_OBJECT_HANDLE class);
-PK11Object * pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey, 
-						CK_OBJECT_HANDLE handle);
-PK11TokenObject *pk11_convertSessionToToken(PK11Object *so);
-
-SEC_END_PROTOS
-
-#endif /* _PKCS11I_H_ */
diff --git a/security/nss/lib/softoken/pkcs11n.h b/security/nss/lib/softoken/pkcs11n.h
deleted file mode 100644
index c2b57acab..000000000
--- a/security/nss/lib/softoken/pkcs11n.h
+++ /dev/null
@@ -1,225 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- *      Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PKCS11N_H_
-#define _PKCS11N_H_
-
-#ifdef DEBUG
-static const char CKT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkcs11n.h
- *
- * This file contains the NSS-specific type definitions for Cryptoki
- * (PKCS#11).
- */
-
-/*
- * NSSCK_VENDOR_NETSCAPE
- *
- * Cryptoki reserves the high half of all the number spaces for
- * vendor-defined use.  I'd like to keep all of our Netscape-
- * specific values together, but not in the oh-so-obvious
- * 0x80000001, 0x80000002, etc. area.  So I've picked an offset,
- * and constructed values for the beginnings of our spaces.
- *
- * Note that some "historical" Netscape values don't fall within
- * this range.
- */
-#define NSSCK_VENDOR_NETSCAPE 0x4E534350 /* NSCP */
-
-/*
- * Netscape-defined object classes
- * 
- */
-#define CKO_NETSCAPE (CKO_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKO_NETSCAPE_CRL                (CKO_NETSCAPE + 1)
-#define CKO_NETSCAPE_SMIME              (CKO_NETSCAPE + 2)
-#define CKO_NETSCAPE_TRUST              (CKO_NETSCAPE + 3)
-#define CKO_NETSCAPE_BUILTIN_ROOT_LIST  (CKO_NETSCAPE + 4)
-
-/*
- * Netscape-defined key types
- *
- */
-#define CKK_NETSCAPE (CKK_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKK_NETSCAPE_PKCS8              (CKK_NETSCAPE + 1)
-/*
- * Netscape-defined certificate types
- *
- */
-#define CKC_NETSCAPE (CKC_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/*
- * Netscape-defined object attributes
- *
- */
-#define CKA_NETSCAPE (CKA_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKA_NETSCAPE_URL                (CKA_NETSCAPE +  1)
-#define CKA_NETSCAPE_EMAIL              (CKA_NETSCAPE +  2)
-#define CKA_NETSCAPE_SMIME_INFO         (CKA_NETSCAPE +  3)
-#define CKA_NETSCAPE_SMIME_TIMESTAMP    (CKA_NETSCAPE +  4)
-#define CKA_NETSCAPE_PKCS8_SALT         (CKA_NETSCAPE +  5)
-#define CKA_NETSCAPE_PASSWORD_CHECK     (CKA_NETSCAPE +  6)
-#define CKA_NETSCAPE_EXPIRES            (CKA_NETSCAPE +  7)
-#define CKA_NETSCAPE_KRL                (CKA_NETSCAPE +  8)
-
-#define CKA_NETSCAPE_PQG_COUNTER        (CKA_NETSCAPE +  20)
-#define CKA_NETSCAPE_PQG_SEED           (CKA_NETSCAPE +  21)
-#define CKA_NETSCAPE_PQG_H              (CKA_NETSCAPE +  22)
-#define CKA_NETSCAPE_PQG_SEED_BITS      (CKA_NETSCAPE +  23)
-
-/*
- * Trust attributes:
- *
- * If trust goes standard, these probably will too.  So I'll
- * put them all in one place.
- */
-
-#define CKA_TRUST (CKA_NETSCAPE + 0x2000)
-
-/* "Usage" key information */
-#define CKA_TRUST_DIGITAL_SIGNATURE     (CKA_TRUST +  1)
-#define CKA_TRUST_NON_REPUDIATION       (CKA_TRUST +  2)
-#define CKA_TRUST_KEY_ENCIPHERMENT      (CKA_TRUST +  3)
-#define CKA_TRUST_DATA_ENCIPHERMENT     (CKA_TRUST +  4)
-#define CKA_TRUST_KEY_AGREEMENT         (CKA_TRUST +  5)
-#define CKA_TRUST_KEY_CERT_SIGN         (CKA_TRUST +  6)
-#define CKA_TRUST_CRL_SIGN              (CKA_TRUST +  7)
-
-/* "Purpose" trust information */
-#define CKA_TRUST_SERVER_AUTH           (CKA_TRUST +  8)
-#define CKA_TRUST_CLIENT_AUTH           (CKA_TRUST +  9)
-#define CKA_TRUST_CODE_SIGNING          (CKA_TRUST + 10)
-#define CKA_TRUST_EMAIL_PROTECTION      (CKA_TRUST + 11)
-#define CKA_TRUST_IPSEC_END_SYSTEM      (CKA_TRUST + 12)
-#define CKA_TRUST_IPSEC_TUNNEL          (CKA_TRUST + 13)
-#define CKA_TRUST_IPSEC_USER            (CKA_TRUST + 14)
-#define CKA_TRUST_TIME_STAMPING         (CKA_TRUST + 15)
-#define CKA_CERT_SHA1_HASH	        (CKA_TRUST + 100)
-#define CKA_CERT_MD5_HASH		(CKA_TRUST + 101)
-
-/* Netscape trust stuff */
-/* XXX fgmr new ones here-- step-up, etc. */
-
-/* HISTORICAL: define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB                 0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST              0x80000001L
-
-/*
- * Netscape-defined crypto mechanisms
- *
- */
-#define CKM_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-/*
- * HISTORICAL:
- * Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC           0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC    0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC    0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC   0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4        0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4       0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC   0x80000008L
-#define CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN      0x80000009L
-#define CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN       0x8000000aL
-#define CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN       0x8000000bL
-
-#define CKM_TLS_PRF_GENERAL                     0x80000373L
-
-
-/*
- * Netscape-defined return values
- *
- */
-#define CKR_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/*
- * Trust info
- *
- * This isn't part of the Cryptoki standard (yet), so I'm putting
- * all the definitions here.  Some of this would move to nssckt.h
- * if trust info were made part of the standard.  In view of this
- * possibility, I'm putting my (Netscape) values in the netscape
- * vendor space, like everything else.
- */
-
-typedef CK_ULONG          CK_TRUST;
-
-/* The following trust types are defined: */
-#define CKT_VENDOR_DEFINED     0x80000000
-
-#define CKT_NETSCAPE (CKT_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/* If trust goes standard, these'll probably drop out of vendor space. */
-#define CKT_NETSCAPE_TRUSTED            (CKT_NETSCAPE + 1)
-#define CKT_NETSCAPE_TRUSTED_DELEGATOR  (CKT_NETSCAPE + 2)
-#define CKT_NETSCAPE_UNTRUSTED          (CKT_NETSCAPE + 3)
-#define CKT_NETSCAPE_MUST_VERIFY        (CKT_NETSCAPE + 4)
-#define CKT_NETSCAPE_TRUST_UNKNOWN      (CKT_NETSCAPE + 5) /* default */
-
-/* 
- * These may well remain Netscape-specific; I'm only using them
- * to cache resolution data.
- */
-#define CKT_NETSCAPE_VALID              (CKT_NETSCAPE + 10)
-#define CKT_NETSCAPE_VALID_DELEGATOR    (CKT_NETSCAPE + 11)
-
-
-/*
- * These are not really PKCS #11 values specifically. They are the 'loadable'
- * module spec NSS uses. The are available for others to use as well, but not
- * part of the formal PKCS #11 spec.
- *
- * The function 'FIND' returns an array of PKCS #11 initialization strings
- * The function 'ADD' takes a PKCS #11 initialization string and stores it.
- * The function 'DEL' takes a 'name= library=' value and deletes the associated
- *  string.
- * The function 'RELEASE' frees the array returned by 'FIND'
- */
-#define SECMOD_MODULE_DB_FUNCTION_FIND  0
-#define SECMOD_MODULE_DB_FUNCTION_ADD   1
-#define SECMOD_MODULE_DB_FUNCTION_DEL   2
-#define SECMOD_MODULE_DB_FUNCTION_RELEASE 3 
-typedef char ** (PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
-                                        char *parameters, void *moduleSpec);
-
-#endif /* _PKCS11N_H_ */
diff --git a/security/nss/lib/softoken/pkcs11p.h b/security/nss/lib/softoken/pkcs11p.h
deleted file mode 100644
index 0a30e8ee4..000000000
--- a/security/nss/lib/softoken/pkcs11p.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* these data types are platform/implementation dependent. */
-/*
- * Packing was removed from the shipped RSA header files, even
- * though it's still needed. put in a central file to help merging..
- */
-
-#if defined(_WIN32)
-#pragma warning(disable:4103)
-#pragma pack(push, cryptoki, 1)
-#endif
-
diff --git a/security/nss/lib/softoken/pkcs11t.h b/security/nss/lib/softoken/pkcs11t.h
deleted file mode 100644
index 9ebed9e85..000000000
--- a/security/nss/lib/softoken/pkcs11t.h
+++ /dev/null
@@ -1,1366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* See top of pkcs11.h for information about the macros that
- * must be defined and the structure-packing conventions that
- * must be set before including this file.
- */
-
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-#ifndef CK_FALSE
-#define CK_FALSE             0
-#endif
-
-#ifndef CK_TRUE
-#define CK_TRUE              (!CK_FALSE)
-#endif
-
-#include "prtypes.h"
-
-#define CK_PTR *
-#define CK_NULL_PTR 0
-#define CK_CALLBACK_FUNCTION(rv,func) rv (PR_CALLBACK * func)
-#define CK_DECLARE_FUNCTION(rv,func) PR_EXTERN(rv) func
-#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (PR_CALLBACK * func)
-
-#define CK_INVALID_SESSION	0
-
-/* an unsigned 8-bit value */
-typedef unsigned char     CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE           CK_CHAR;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE           CK_UTF8CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE           CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-/* CK_LONG is new for v2.0 */
-typedef long int          CK_LONG;
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef CK_ULONG          CK_FLAGS;
-
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE    0
-
-
-typedef CK_BYTE     CK_PTR   CK_BYTE_PTR;
-typedef CK_CHAR     CK_PTR   CK_CHAR_PTR;
-typedef CK_UTF8CHAR CK_PTR   CK_UTF8CHAR_PTR;
-typedef CK_ULONG    CK_PTR   CK_ULONG_PTR;
-typedef void        CK_PTR   CK_VOID_PTR;
-
-/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
-typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
-
-
-/* The following value is always invalid if used as a session */
-/* handle or object handle */
-#define CK_INVALID_HANDLE 0
-
-
-/* pack */
-#include "pkcs11p.h"
-
-typedef struct CK_VERSION {
-  CK_BYTE       major;  /* integer portion of version number */
-  CK_BYTE       minor;  /* 1/100ths portion of version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR;
-
-
-typedef struct CK_INFO {
- /* manufacturerID and libraryDecription have been changed from
-  * CK_CHAR to CK_UTF8CHAR for v2.10 */
-  CK_VERSION    cryptokiVersion;     /* PKCS #11 interface ver */
-  CK_UTF8CHAR   manufacturerID[32];  /* blank padded */
-  CK_FLAGS      flags;               /* must be zero */
-
-  /* libraryDescription and libraryVersion are new for v2.0 */
-  CK_UTF8CHAR   libraryDescription[32];  /* blank padded */
-  CK_VERSION    libraryVersion;          /* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR    CK_INFO_PTR;
-
-
-/* CK_NOTIFICATION enumerates the types of notifications that
- * PKCS #11 provides to an application */
-/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
- * for v2.0 */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER       0
-
-
-typedef CK_ULONG          CK_SLOT_ID;
-
-typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot */
-typedef struct CK_SLOT_INFO {
- /* slotDescription and manufacturerID have been changed from
-  * CK_CHAR to CK_UTF8CHAR for v2.10 */
-  CK_UTF8CHAR   slotDescription[64];  /* blank padded */
-  CK_UTF8CHAR   manufacturerID[32];   /* blank padded */
-  CK_FLAGS      flags;
-
-  /* hardwareVersion and firmwareVersion are new for v2.0 */
-  CK_VERSION    hardwareVersion;  /* version of hardware */
-  CK_VERSION    firmwareVersion;  /* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags: bit flags that provide capabilities of the slot
- *      Bit Flag              Mask        Meaning
- */
-#define CKF_TOKEN_PRESENT     0x00000001  /* a token is there */
-#define CKF_REMOVABLE_DEVICE  0x00000002  /* removable devices*/
-#define CKF_HW_SLOT           0x00000004  /* hardware slot */
-
-typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token */
-typedef struct CK_TOKEN_INFO {
- /* label, manufacturerID, and model have been changed from
-  * CK_CHAR to CK_UTF8CHAR for v2.10 */
-  CK_UTF8CHAR   label[32];           /* blank padded */
-  CK_UTF8CHAR   manufacturerID[32];  /* blank padded */
-  CK_UTF8CHAR   model[16];           /* blank padded */
-  CK_CHAR       serialNumber[16];    /* blank padded */
-  CK_FLAGS      flags;               /* see below */
-
-  /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
-   * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
-   * changed from CK_USHORT to CK_ULONG for v2.0 */
-  CK_ULONG      ulMaxSessionCount;     /* max open sessions */
-  CK_ULONG      ulSessionCount;        /* sess. now open */
-  CK_ULONG      ulMaxRwSessionCount;   /* max R/W sessions */
-  CK_ULONG      ulRwSessionCount;      /* R/W sess. now open */
-  CK_ULONG      ulMaxPinLen;           /* in bytes */
-  CK_ULONG      ulMinPinLen;           /* in bytes */
-  CK_ULONG      ulTotalPublicMemory;   /* in bytes */
-  CK_ULONG      ulFreePublicMemory;    /* in bytes */
-  CK_ULONG      ulTotalPrivateMemory;  /* in bytes */
-  CK_ULONG      ulFreePrivateMemory;   /* in bytes */
-
-  /* hardwareVersion, firmwareVersion, and time are new for
-   * v2.0 */
-  CK_VERSION    hardwareVersion;       /* version of hardware */
-  CK_VERSION    firmwareVersion;       /* version of firmware */
-  CK_CHAR       utcTime[16];           /* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- *      Bit Flag                    Mask        Meaning 
- */
-#define CKF_RNG                     0x00000001  /* has random #
-                                                 * generator */
-#define CKF_WRITE_PROTECTED         0x00000002  /* token is
-                                                 * write-
-                                                 * protected */
-#define CKF_LOGIN_REQUIRED          0x00000004  /* user must
-                                                 * login */
-#define CKF_USER_PIN_INITIALIZED    0x00000008  /* normal user's
-                                                 * PIN is set */
-
-/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0.  If it is set,
- * that means that *every* time the state of cryptographic
- * operations of a session is successfully saved, all keys
- * needed to continue those operations are stored in the state */
-#define CKF_RESTORE_KEY_NOT_NEEDED  0x00000020
-
-/* CKF_CLOCK_ON_TOKEN is new for v2.0.  If it is set, that means
- * that the token has some sort of clock.  The time on that
- * clock is returned in the token info structure */
-#define CKF_CLOCK_ON_TOKEN          0x00000040
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0.  If it is
- * set, that means that there is some way for the user to login
- * without sending a PIN through the PKCS #11 library itself */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
-
-/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0.  If it is true,
- * that means that a single session with the token can perform
- * dual simultaneous cryptographic operations (digest and
- * encrypt; decrypt and digest; sign and encrypt; and decrypt
- * and sign) */
-#define CKF_DUAL_CRYPTO_OPERATIONS  0x00000200
-
-/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
- * token has been initialized using C_InitializeToken or an 
- * equivalent mechanism outside the scope of PKCS #11.
- * Calling C_InitializeToken when this flag is set will cause 
- * the token to be reinitialized. */
-#define CKF_TOKEN_INITIALIZED       0x00000400
-
-/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is 
- * true, the token supports secondary authentication for 
- * private key objects. */
-/* DEPRICATED in v2.11 */
-#define CKF_SECONDARY_AUTHENTICATION  0x00000800
-
-/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an 
- * incorrect user login PIN has been entered at least once 
- * since the last successful authentication. */
-#define CKF_USER_PIN_COUNT_LOW       0x00010000
-
-/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
- * supplying an incorrect user PIN will it to become locked. */
-#define CKF_USER_PIN_FINAL_TRY       0x00020000
-
-/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the 
- * user PIN has been locked. User login to the token is not 
- * possible. */
-#define CKF_USER_PIN_LOCKED          0x00040000
-
-/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 
- * the user PIN value is the default value set by token 
- * initialization or manufacturing. */
-#define CKF_USER_PIN_TO_BE_CHANGED   0x00080000
-
-/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an 
- * incorrect SO login PIN has been entered at least once since 
- * the last successful authentication. */
-#define CKF_SO_PIN_COUNT_LOW         0x00100000
-
-/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
- * supplying an incorrect SO PIN will it to become locked. */
-#define CKF_SO_PIN_FINAL_TRY         0x00200000
-
-/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO 
- * PIN has been locked. SO login to the token is not possible.
- */
-#define CKF_SO_PIN_LOCKED            0x00400000
-
-/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, 
- * the SO PIN value is the default value set by token 
- * initialization or manufacturing. */
-#define CKF_SO_PIN_TO_BE_CHANGED     0x00800000
-
-typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a PKCS #11-assigned value that
- * identifies a session */
-typedef CK_ULONG          CK_SESSION_HANDLE;
-
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; 
-
-
-/* CK_USER_TYPE enumerates the types of PKCS #11 users */
-/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
- * v2.0 */
-typedef CK_ULONG          CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO    0
-/* Normal user */
-#define CKU_USER  1
-
-
-/* CK_STATE enumerates the session states */
-/* CK_STATE has been changed from an enum to a CK_ULONG for
- * v2.0 */
-typedef CK_ULONG          CK_STATE;
-#define CKS_RO_PUBLIC_SESSION  0
-#define CKS_RO_USER_FUNCTIONS  1
-#define CKS_RW_PUBLIC_SESSION  2
-#define CKS_RW_USER_FUNCTIONS  3
-#define CKS_RW_SO_FUNCTIONS    4
-
-
-/* CK_SESSION_INFO provides information about a session */
-typedef struct CK_SESSION_INFO {
-  CK_SLOT_ID    slotID;
-  CK_STATE      state;
-  CK_FLAGS      flags;          /* see below */
-
-  /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
-   * v2.0 */
-  CK_ULONG      ulDeviceError;  /* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table:
- *      Bit Flag                Mask        Meaning
- */
-#define CKF_RW_SESSION          0x00000002  /* session is r/w */
-#define CKF_SERIAL_SESSION      0x00000004  /* no parallel */
-
-typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an
- * object  */
-typedef CK_ULONG          CK_OBJECT_HANDLE;
-
-typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or
- * types) of objects that PKCS #11 recognizes.  It is defined
- * as follows: */
-/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG          CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-/* CKO_HW_FEATURE is new for v2.10 */
-/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
-#define CKO_DATA              0x00000000
-#define CKO_CERTIFICATE       0x00000001
-#define CKO_PUBLIC_KEY        0x00000002
-#define CKO_PRIVATE_KEY       0x00000003
-#define CKO_SECRET_KEY        0x00000004
-#define CKO_HW_FEATURE        0x00000005
-#define CKO_DOMAIN_PARAMETERS 0x00000006
-#define CKO_KG_PARAMETERS     0x00000006
-#define CKO_VENDOR_DEFINED    0x80000000
-
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
- * value that identifies the hardware feature type of an object
- * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
-typedef CK_ULONG          CK_HW_FEATURE_TYPE;
- 
-/* The following hardware feature types are defined */
-#define CKH_MONOTONIC_COUNTER  0x00000001
-#define CKH_CLOCK           0x00000002
-#define CKH_VENDOR_DEFINED  0x80000000
-
-/* CK_KEY_TYPE is a value that identifies a key type */
-/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG          CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA             0x00000000
-#define CKK_DSA             0x00000001
-#define CKK_DH              0x00000002
-
-/* CKK_ECDSA and CKK_KEA are new for v2.0 */
-/* CKK_X9_42_DH is new for v2.11 */
-#define CKK_ECDSA           0x00000003 /* deprecated in v2.11 */
-#define CKK_EC              0x00000003
-#define CKK_X9_42_DH	    0x00000004
-#define CKK_KEA             0x00000005
-
-#define CKK_GENERIC_SECRET  0x00000010
-#define CKK_RC2             0x00000011
-#define CKK_RC4             0x00000012
-#define CKK_DES             0x00000013
-#define CKK_DES2            0x00000014
-#define CKK_DES3            0x00000015
-
-/* all these key types are new for v2.0 */
-#define CKK_CAST            0x00000016
-#define CKK_CAST3           0x00000017
-#define CKK_CAST5           0x00000018 /* deprecated in v2.11 */
-#define CKK_CAST128         0x00000018
-#define CKK_RC5             0x00000019
-#define CKK_IDEA            0x0000001A
-#define CKK_SKIPJACK        0x0000001B
-#define CKK_BATON           0x0000001C
-#define CKK_JUNIPER         0x0000001D
-#define CKK_CDMF            0x0000001E
-
-/* all these key types are new for v2.11 */
-#define CKK_AES             0x0000001F
-
-#define CKK_VENDOR_DEFINED  0x80000000
-#define CKK_INVALID_KEY_TYPE 0xffffffff
-
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
- * type */
-/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
- * for v2.0 */
-typedef CK_ULONG          CK_CERTIFICATE_TYPE;
-
-/* The following certificate types are defined: */
-/* CKC_X_509_ATTR_CERT is new for v2.10 */
-#define CKC_X_509           0x00000000
-#define CKC_X_509_ATTR_CERT 0x00000001
-#define CKC_VENDOR_DEFINED  0x80000000
-
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
- * type */
-/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG          CK_ATTRIBUTE_TYPE;
-
-/* The following attribute types are defined: */
-#define CKA_CLASS              0x00000000
-#define CKA_TOKEN              0x00000001
-#define CKA_PRIVATE            0x00000002
-#define CKA_LABEL              0x00000003
-#define CKA_APPLICATION        0x00000010
-#define CKA_VALUE              0x00000011
-
-/* CKA_OBJECT_ID is new for v2.10 */
-#define CKA_OBJECT_ID          0x00000012
-
-#define CKA_CERTIFICATE_TYPE   0x00000080
-#define CKA_ISSUER             0x00000081
-#define CKA_SERIAL_NUMBER      0x00000082
-
-/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new 
- * for v2.10 */
-#define CKA_AC_ISSUER          0x00000083
-#define CKA_OWNER              0x00000084
-#define CKA_ATTR_TYPES         0x00000085
-/* CKA_TRUSTED is new for v2.11 */
-#define CKA_TRUSTED            0x00000086
-
-#define CKA_KEY_TYPE           0x00000100
-#define CKA_SUBJECT            0x00000101
-#define CKA_ID                 0x00000102
-#define CKA_SENSITIVE          0x00000103
-#define CKA_ENCRYPT            0x00000104
-#define CKA_DECRYPT            0x00000105
-#define CKA_WRAP               0x00000106
-#define CKA_UNWRAP             0x00000107
-#define CKA_SIGN               0x00000108
-#define CKA_SIGN_RECOVER       0x00000109
-#define CKA_VERIFY             0x0000010A
-#define CKA_VERIFY_RECOVER     0x0000010B
-#define CKA_DERIVE             0x0000010C
-#define CKA_START_DATE         0x00000110
-#define CKA_END_DATE           0x00000111
-#define CKA_MODULUS            0x00000120
-#define CKA_MODULUS_BITS       0x00000121
-#define CKA_PUBLIC_EXPONENT    0x00000122
-#define CKA_PRIVATE_EXPONENT   0x00000123
-#define CKA_PRIME_1            0x00000124
-#define CKA_PRIME_2            0x00000125
-#define CKA_EXPONENT_1         0x00000126
-#define CKA_EXPONENT_2         0x00000127
-#define CKA_COEFFICIENT        0x00000128
-#define CKA_PRIME              0x00000130
-#define CKA_SUBPRIME           0x00000131
-#define CKA_BASE               0x00000132
-/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
-#define CKA_PRIME_BITS         0x00000133
-#define CKA_SUB_PRIME_BITS     0x00000134
-#define CKA_VALUE_BITS         0x00000160
-#define CKA_VALUE_LEN          0x00000161
-
-/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
- * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
- * and CKA_EC_POINT are new for v2.0 */
-#define CKA_EXTRACTABLE        0x00000162
-#define CKA_LOCAL              0x00000163
-#define CKA_NEVER_EXTRACTABLE  0x00000164
-#define CKA_ALWAYS_SENSITIVE   0x00000165
-/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
-#define CKA_KEY_GEN_MECHANISM  0x00000166
-#define CKA_MODIFIABLE         0x00000170
-#define CKA_ECDSA_PARAMS       0x00000180 /* depricated v2.11 */
-#define CKA_EC_PARAMS          0x00000180
-#define CKA_EC_POINT           0x00000181
-
-/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, 
- * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
- * are new for v2.10 */
-#define CKA_SECONDARY_AUTH     0x00000200 /* depricated v2.11 */
-#define CKA_AUTH_PIN_FLAGS     0x00000201 /* depricated v2.11 */
-#define CKA_HW_FEATURE_TYPE    0x00000300
-#define CKA_RESET_ON_INIT      0x00000301
-#define CKA_HAS_RESET          0x00000302
-
-#define CKA_VENDOR_DEFINED     0x80000000
-
-
-/* CK_ATTRIBUTE is a structure that includes the type, length
- * and value of an attribute */
-typedef struct CK_ATTRIBUTE {
-  CK_ATTRIBUTE_TYPE type;
-  CK_VOID_PTR       pValue;
-
-  /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
-  CK_ULONG          ulValueLen;  /* in bytes */
-} CK_ATTRIBUTE;
-
-typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
-
-
-/* CK_DATE is a structure that defines a date */
-typedef struct CK_DATE{
-  CK_CHAR       year[4];   /* the year ("1900" - "9999") */
-  CK_CHAR       month[2];  /* the month ("01" - "12") */
-  CK_CHAR       day[2];    /* the day   ("01" - "31") */
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism
- * type */
-/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG          CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN      0x00000000
-#define CKM_RSA_PKCS                   0x00000001
-#define CKM_RSA_9796                   0x00000002
-#define CKM_RSA_X_509                  0x00000003
-
-/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
- * are new for v2.0.  They are mechanisms which hash and sign */
-#define CKM_MD2_RSA_PKCS               0x00000004
-#define CKM_MD5_RSA_PKCS               0x00000005
-#define CKM_SHA1_RSA_PKCS              0x00000006
-
-/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS & CKM_RSA_OAEP
- * are new for 2.10 */
-#define CKM_RIPEMD128_RSA_PKCS         0x00000007
-#define CKM_RIPEMD160_RSA_PKCS         0x00000008
-#define CKM_RSA_PKCS_OAEP              0x00000009
-
-/* CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31 & CKM_RSA_X9_31_KEY_PAIR_GEN
- * are new for 2.11 */
-#define CKM_RSA_X9_31_KEY_PAIR_GEN     0x0000000A
-#define CKM_RSA_X9_31                  0x0000000B
-#define CKM_SHA1_RSA_X9_31             0x0000000C
-
-#define CKM_DSA_KEY_PAIR_GEN           0x00000010
-#define CKM_DSA                        0x00000011
-#define CKM_DSA_SHA1                   0x00000012
-#define CKM_DH_PKCS_KEY_PAIR_GEN       0x00000020
-#define CKM_DH_PKCS_DERIVE             0x00000021
-
-/* CKM_X9_42_DH_PKCS_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
- * CKM_X9_42_DH_HYBRID_DERIVE, & CKM_X9_42_MQV_DERIVE
- * are new for v2.11 */
-#define CKM_X9_42_DH_PKCS_KEY_PAIR_GEN 0x00000030
-#define CKM_X9_42_DH_DERIVE            0x00000031
-#define CKM_X9_42_DH_HYBRID_DERIVE     0x00000032
-#define CKM_X9_42_MQV_DERIVE           0x00000033
-
-#define CKM_RC2_KEY_GEN                0x00000100
-#define CKM_RC2_ECB                    0x00000101
-#define CKM_RC2_CBC                    0x00000102
-#define CKM_RC2_MAC                    0x00000103
-
-/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
-#define CKM_RC2_MAC_GENERAL            0x00000104
-#define CKM_RC2_CBC_PAD                0x00000105
-
-#define CKM_RC4_KEY_GEN                0x00000110
-#define CKM_RC4                        0x00000111
-#define CKM_DES_KEY_GEN                0x00000120
-#define CKM_DES_ECB                    0x00000121
-#define CKM_DES_CBC                    0x00000122
-#define CKM_DES_MAC                    0x00000123
-
-/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
-#define CKM_DES_MAC_GENERAL            0x00000124
-#define CKM_DES_CBC_PAD                0x00000125
-
-#define CKM_DES2_KEY_GEN               0x00000130
-#define CKM_DES3_KEY_GEN               0x00000131
-#define CKM_DES3_ECB                   0x00000132
-#define CKM_DES3_CBC                   0x00000133
-#define CKM_DES3_MAC                   0x00000134
-
-/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
- * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
- * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
-#define CKM_DES3_MAC_GENERAL           0x00000135
-#define CKM_DES3_CBC_PAD               0x00000136
-#define CKM_CDMF_KEY_GEN               0x00000140
-#define CKM_CDMF_ECB                   0x00000141
-#define CKM_CDMF_CBC                   0x00000142
-#define CKM_CDMF_MAC                   0x00000143
-#define CKM_CDMF_MAC_GENERAL           0x00000144
-#define CKM_CDMF_CBC_PAD               0x00000145
-
-#define CKM_MD2                        0x00000200
-
-/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
-#define CKM_MD2_HMAC                   0x00000201
-#define CKM_MD2_HMAC_GENERAL           0x00000202
-
-#define CKM_MD5                        0x00000210
-
-/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
-#define CKM_MD5_HMAC                   0x00000211
-#define CKM_MD5_HMAC_GENERAL           0x00000212
-
-#define CKM_SHA_1                      0x00000220
-
-/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
-#define CKM_SHA_1_HMAC                 0x00000221
-#define CKM_SHA_1_HMAC_GENERAL         0x00000222
-
-/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, 
- * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
- * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
-#define CKM_RIPEMD128                  0x00000230
-#define CKM_RIPEMD128_HMAC             0x00000231
-#define CKM_RIPEMD128_HMAC_GENERAL     0x00000232
-#define CKM_RIPEMD160                  0x00000240
-#define CKM_RIPEMD160_HMAC             0x00000241
-#define CKM_RIPEMD160_HMAC_GENERAL     0x00000242
-
-/* All of the following mechanisms are new for v2.0 */
-/* Note that CAST128 and CAST5 are the same algorithm */
-#define CKM_CAST_KEY_GEN               0x00000300
-#define CKM_CAST_ECB                   0x00000301
-#define CKM_CAST_CBC                   0x00000302
-#define CKM_CAST_MAC                   0x00000303
-#define CKM_CAST_MAC_GENERAL           0x00000304
-#define CKM_CAST_CBC_PAD               0x00000305
-#define CKM_CAST3_KEY_GEN              0x00000310
-#define CKM_CAST3_ECB                  0x00000311
-#define CKM_CAST3_CBC                  0x00000312
-#define CKM_CAST3_MAC                  0x00000313
-#define CKM_CAST3_MAC_GENERAL          0x00000314
-#define CKM_CAST3_CBC_PAD              0x00000315
-#define CKM_CAST5_KEY_GEN              0x00000320
-#define CKM_CAST128_KEY_GEN            0x00000320
-#define CKM_CAST5_ECB                  0x00000321
-#define CKM_CAST128_ECB                0x00000321
-#define CKM_CAST5_CBC                  0x00000322
-#define CKM_CAST128_CBC                0x00000322
-#define CKM_CAST5_MAC                  0x00000323
-#define CKM_CAST128_MAC                0x00000323
-#define CKM_CAST5_MAC_GENERAL          0x00000324
-#define CKM_CAST128_MAC_GENERAL        0x00000324
-#define CKM_CAST5_CBC_PAD              0x00000325
-#define CKM_CAST128_CBC_PAD            0x00000325
-#define CKM_RC5_KEY_GEN                0x00000330
-#define CKM_RC5_ECB                    0x00000331
-#define CKM_RC5_CBC                    0x00000332
-#define CKM_RC5_MAC                    0x00000333
-#define CKM_RC5_MAC_GENERAL            0x00000334
-#define CKM_RC5_CBC_PAD                0x00000335
-#define CKM_IDEA_KEY_GEN               0x00000340
-#define CKM_IDEA_ECB                   0x00000341
-#define CKM_IDEA_CBC                   0x00000342
-#define CKM_IDEA_MAC                   0x00000343
-#define CKM_IDEA_MAC_GENERAL           0x00000344
-#define CKM_IDEA_CBC_PAD               0x00000345
-#define CKM_GENERIC_SECRET_KEY_GEN     0x00000350
-#define CKM_CONCATENATE_BASE_AND_KEY   0x00000360
-#define CKM_CONCATENATE_BASE_AND_DATA  0x00000362
-#define CKM_CONCATENATE_DATA_AND_BASE  0x00000363
-#define CKM_XOR_BASE_AND_DATA          0x00000364
-#define CKM_EXTRACT_KEY_FROM_KEY       0x00000365
-#define CKM_SSL3_PRE_MASTER_KEY_GEN    0x00000370
-#define CKM_SSL3_MASTER_KEY_DERIVE     0x00000371
-#define CKM_SSL3_KEY_AND_MAC_DERIVE    0x00000372
-
-/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
- * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE,
- * CKM_TLS_MASTER_KEY_DERIVE_DH, & CKM_SSL3_MASTER_KEY_DERIVE_DH
- * are new for v2.11. */
-#define CKM_SSL3_MASTER_KEY_DERIVE_DH  0x00000373
-#define CKM_TLS_PRE_MASTER_KEY_GEN     0x00000374
-#define CKM_TLS_MASTER_KEY_DERIVE      0x00000375
-#define CKM_TLS_KEY_AND_MAC_DERIVE     0x00000376
-#define CKM_TLS_MASTER_KEY_DERIVE_DH   0x00000377
-
-#define CKM_SSL3_MD5_MAC               0x00000380
-#define CKM_SSL3_SHA1_MAC              0x00000381
-#define CKM_MD5_KEY_DERIVATION         0x00000390
-#define CKM_MD2_KEY_DERIVATION         0x00000391
-#define CKM_SHA1_KEY_DERIVATION        0x00000392
-#define CKM_PBE_MD2_DES_CBC            0x000003A0
-#define CKM_PBE_MD5_DES_CBC            0x000003A1
-#define CKM_PBE_MD5_CAST_CBC           0x000003A2
-#define CKM_PBE_MD5_CAST3_CBC          0x000003A3
-#define CKM_PBE_MD5_CAST5_CBC          0x000003A4
-#define CKM_PBE_MD5_CAST128_CBC        0x000003A4
-#define CKM_PBE_SHA1_CAST5_CBC         0x000003A5
-#define CKM_PBE_SHA1_CAST128_CBC       0x000003A5
-#define CKM_PBE_SHA1_RC4_128           0x000003A6
-#define CKM_PBE_SHA1_RC4_40            0x000003A7
-#define CKM_PBE_SHA1_DES3_EDE_CBC      0x000003A8
-#define CKM_PBE_SHA1_DES2_EDE_CBC      0x000003A9
-#define CKM_PBE_SHA1_RC2_128_CBC       0x000003AA
-#define CKM_PBE_SHA1_RC2_40_CBC        0x000003AB
-
-/* CKM_PKCS5_PBKD2 is new for v2.10 */
-#define CKM_PKCS5_PBKD2                0x000003B0
-
-#define CKM_PBA_SHA1_WITH_SHA1_HMAC    0x000003C0
-#define CKM_KEY_WRAP_LYNKS             0x00000400
-#define CKM_KEY_WRAP_SET_OAEP          0x00000401
-
-/* Fortezza mechanisms */
-#define CKM_SKIPJACK_KEY_GEN           0x00001000
-#define CKM_SKIPJACK_ECB64             0x00001001
-#define CKM_SKIPJACK_CBC64             0x00001002
-#define CKM_SKIPJACK_OFB64             0x00001003
-#define CKM_SKIPJACK_CFB64             0x00001004
-#define CKM_SKIPJACK_CFB32             0x00001005
-#define CKM_SKIPJACK_CFB16             0x00001006
-#define CKM_SKIPJACK_CFB8              0x00001007
-#define CKM_SKIPJACK_WRAP              0x00001008
-#define CKM_SKIPJACK_PRIVATE_WRAP      0x00001009
-#define CKM_SKIPJACK_RELAYX            0x0000100a
-#define CKM_KEA_KEY_PAIR_GEN           0x00001010
-#define CKM_KEA_KEY_DERIVE             0x00001011
-#define CKM_FORTEZZA_TIMESTAMP         0x00001020
-#define CKM_BATON_KEY_GEN              0x00001030
-#define CKM_BATON_ECB128               0x00001031
-#define CKM_BATON_ECB96                0x00001032
-#define CKM_BATON_CBC128               0x00001033
-#define CKM_BATON_COUNTER              0x00001034
-#define CKM_BATON_SHUFFLE              0x00001035
-#define CKM_BATON_WRAP                 0x00001036
-#define CKM_ECDSA_KEY_PAIR_GEN         0x00001040 /* depricated in v2.11 */
-#define CKM_EC_KEY_PAIR_GEN            0x00001040
-#define CKM_ECDSA                      0x00001041
-#define CKM_ECDSA_SHA1                 0x00001042
-
-/* ECDH1 is new for 2.11 */
-#define CKM_ECDH1_DERIVE               0x00001043
-#define CKM_ECDH1_COFACTOR_DERIVE      0x00001044
-#define CKM_ECMQV_DERIVE               0x00001045
-
-#define CKM_JUNIPER_KEY_GEN            0x00001060
-#define CKM_JUNIPER_ECB128             0x00001061
-#define CKM_JUNIPER_CBC128             0x00001062
-#define CKM_JUNIPER_COUNTER            0x00001063
-#define CKM_JUNIPER_SHUFFLE            0x00001064
-#define CKM_JUNIPER_WRAP               0x00001065
-#define CKM_FASTHASH                   0x00001070
-
-/* AES is new for 2.11 */
-#define CKM_AES_KEY_GEN                0x00001080
-#define CKM_AES_ECB                    0x00001081
-#define CKM_AES_CBC                    0x00001082
-#define CKM_AES_MAC                    0x00001083
-#define CKM_AES_MAC_GENERAL            0x00001084
-#define CKM_AES_CBC_PAD                0x00001085
-
-/* CKM_DSA_PARAMETER_GEN, CKM_DH_PKCS_PARAMETER_GEN,
- * and CKM_DH_X9_42_PARAMETER_GEN are new for 2.11 */
-#define CKM_DSA_PARAMETER_GEN          0x00002000
-#define CKM_DH_PKCS_PARAMETER_GEN      0x00002001
-#define CKM_DH_X9_42_PARAMETER_GEN     0x00002002
-
-#define CKM_VENDOR_DEFINED             0x80000000
-
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular
- * mechanism  */
-typedef struct CK_MECHANISM {
-  CK_MECHANISM_TYPE mechanism;
-  CK_VOID_PTR       pParameter;
-
-  /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
-   * v2.0 */
-  CK_ULONG          ulParameterLen;  /* in bytes */
-} CK_MECHANISM;
-
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular
- * mechanism */
-typedef struct CK_MECHANISM_INFO {
-    CK_ULONG    ulMinKeySize;
-    CK_ULONG    ulMaxKeySize;
-    CK_FLAGS    flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows:
- *      Bit Flag               Mask        Meaning */
-#define CKF_HW                 0x00000001  /* performed by HW */
-
-/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
- * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
- * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
- * and CKF_DERIVE are new for v2.0.  They specify whether or not
- * a mechanism can be used for a particular task */
-/* The flags CKF_EC_FP, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
- * CKF_EC_UNCOMPRESS, and  CKF_EC_COMPRESS are new for v2.11 */
-#define CKF_ENCRYPT            0x00000100
-#define CKF_DECRYPT            0x00000200
-#define CKF_DIGEST             0x00000400
-#define CKF_SIGN               0x00000800
-#define CKF_SIGN_RECOVER       0x00001000
-#define CKF_VERIFY             0x00002000
-#define CKF_VERIFY_RECOVER     0x00004000
-#define CKF_GENERATE           0x00008000
-#define CKF_GENERATE_KEY_PAIR  0x00010000
-#define CKF_WRAP               0x00020000
-#define CKF_UNWRAP             0x00040000
-#define CKF_DERIVE             0x00080000
-#define CKF_EC_FP              0x00100000
-#define CKF_EC_F_2M            0x00200000
-#define CKF_EC_ECPARAMETERS    0x00400000
-#define CKF_EC_NAMEDCURVE      0x00800000
-#define CKF_EC_UNCOMPRESS      0x01000000
-#define CKF_EC_COMPRESS        0x02000000
-
-#define CKF_EXTENSION          0x80000000  /* FALSE for 2.01 */
-
-typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
-
-
-/* CK_RV is a value that identifies the return value of a
- * PKCS #11 function */
-/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG          CK_RV;
-
-#define CKR_OK                                0x00000000
-#define CKR_CANCEL                            0x00000001
-#define CKR_HOST_MEMORY                       0x00000002
-#define CKR_SLOT_ID_INVALID                   0x00000003
-
-/* CKR_FLAGS_INVALID was removed for v2.0 */
-
-/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
-#define CKR_GENERAL_ERROR                     0x00000005
-#define CKR_FUNCTION_FAILED                   0x00000006
-
-/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
- * and CKR_CANT_LOCK are new for v2.01 */
-#define CKR_ARGUMENTS_BAD                     0x00000007
-#define CKR_NO_EVENT                          0x00000008
-#define CKR_NEED_TO_CREATE_THREADS            0x00000009
-#define CKR_CANT_LOCK                         0x0000000A
-
-#define CKR_ATTRIBUTE_READ_ONLY               0x00000010
-#define CKR_ATTRIBUTE_SENSITIVE               0x00000011
-#define CKR_ATTRIBUTE_TYPE_INVALID            0x00000012
-#define CKR_ATTRIBUTE_VALUE_INVALID           0x00000013
-#define CKR_DATA_INVALID                      0x00000020
-#define CKR_DATA_LEN_RANGE                    0x00000021
-#define CKR_DEVICE_ERROR                      0x00000030
-#define CKR_DEVICE_MEMORY                     0x00000031
-#define CKR_DEVICE_REMOVED                    0x00000032
-#define CKR_ENCRYPTED_DATA_INVALID            0x00000040
-#define CKR_ENCRYPTED_DATA_LEN_RANGE          0x00000041
-#define CKR_FUNCTION_CANCELED                 0x00000050
-#define CKR_FUNCTION_NOT_PARALLEL             0x00000051
-
-/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
-#define CKR_FUNCTION_NOT_SUPPORTED            0x00000054
-
-#define CKR_KEY_HANDLE_INVALID                0x00000060
-
-/* CKR_KEY_SENSITIVE was removed for v2.0 */
-
-#define CKR_KEY_SIZE_RANGE                    0x00000062
-#define CKR_KEY_TYPE_INCONSISTENT             0x00000063
-
-/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
- * v2.0 */
-#define CKR_KEY_NOT_NEEDED                    0x00000064
-#define CKR_KEY_CHANGED                       0x00000065
-#define CKR_KEY_NEEDED                        0x00000066
-#define CKR_KEY_INDIGESTIBLE                  0x00000067
-#define CKR_KEY_FUNCTION_NOT_PERMITTED        0x00000068
-#define CKR_KEY_NOT_WRAPPABLE                 0x00000069
-#define CKR_KEY_UNEXTRACTABLE                 0x0000006A
-
-/* CKR_KEY_PARAMS_INVALID is new for v2.11 */
-#define CKR_KEY_PARAMS_INVALID                0x0000006B
-
-#define CKR_MECHANISM_INVALID                 0x00000070
-#define CKR_MECHANISM_PARAM_INVALID           0x00000071
-
-/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
- * were removed for v2.0 */
-#define CKR_OBJECT_HANDLE_INVALID             0x00000082
-#define CKR_OPERATION_ACTIVE                  0x00000090
-#define CKR_OPERATION_NOT_INITIALIZED         0x00000091
-#define CKR_PIN_INCORRECT                     0x000000A0
-#define CKR_PIN_INVALID                       0x000000A1
-#define CKR_PIN_LEN_RANGE                     0x000000A2
-
-/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
-#define CKR_PIN_EXPIRED                       0x000000A3
-#define CKR_PIN_LOCKED                        0x000000A4
-
-#define CKR_SESSION_CLOSED                    0x000000B0
-#define CKR_SESSION_COUNT                     0x000000B1
-#define CKR_SESSION_HANDLE_INVALID            0x000000B3
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED    0x000000B4
-#define CKR_SESSION_READ_ONLY                 0x000000B5
-#define CKR_SESSION_EXISTS                    0x000000B6
-
-/* CKR_SESSION_READ_ONLY_EXISTS and
- * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
-#define CKR_SESSION_READ_ONLY_EXISTS          0x000000B7
-#define CKR_SESSION_READ_WRITE_SO_EXISTS      0x000000B8
-
-#define CKR_SIGNATURE_INVALID                 0x000000C0
-#define CKR_SIGNATURE_LEN_RANGE               0x000000C1
-#define CKR_TEMPLATE_INCOMPLETE               0x000000D0
-#define CKR_TEMPLATE_INCONSISTENT             0x000000D1
-#define CKR_TOKEN_NOT_PRESENT                 0x000000E0
-#define CKR_TOKEN_NOT_RECOGNIZED              0x000000E1
-#define CKR_TOKEN_WRITE_PROTECTED             0x000000E2
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID     0x000000F0
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE         0x000000F1
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT  0x000000F2
-#define CKR_USER_ALREADY_LOGGED_IN            0x00000100
-#define CKR_USER_NOT_LOGGED_IN                0x00000101
-#define CKR_USER_PIN_NOT_INITIALIZED          0x00000102
-#define CKR_USER_TYPE_INVALID                 0x00000103
-
-/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
- * are new to v2.01 */
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN    0x00000104
-#define CKR_USER_TOO_MANY_TYPES               0x00000105
-
-#define CKR_WRAPPED_KEY_INVALID               0x00000110
-#define CKR_WRAPPED_KEY_LEN_RANGE             0x00000112
-#define CKR_WRAPPING_KEY_HANDLE_INVALID       0x00000113
-#define CKR_WRAPPING_KEY_SIZE_RANGE           0x00000114
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT    0x00000115
-#define CKR_RANDOM_SEED_NOT_SUPPORTED         0x00000120
-
-/* New for v2.0 */
-#define CKR_RANDOM_NO_RNG                     0x00000121
-
-/* New for v2.11 */
-#define CKR_DOMAIN_PARAMS_INVALID             0x00000130
-
-/* These are new to v2.0 */
-#define CKR_BUFFER_TOO_SMALL                  0x00000150
-#define CKR_SAVED_STATE_INVALID               0x00000160
-#define CKR_INFORMATION_SENSITIVE             0x00000170
-#define CKR_STATE_UNSAVEABLE                  0x00000180
-
-/* These are new to v2.01 */
-#define CKR_CRYPTOKI_NOT_INITIALIZED          0x00000190
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED      0x00000191
-#define CKR_MUTEX_BAD                         0x000001A0
-#define CKR_MUTEX_NOT_LOCKED                  0x000001A1
-
-#define CKR_VENDOR_DEFINED                    0x80000000
-
-
-/* CK_NOTIFY is an application callback that processes events */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
-  CK_SESSION_HANDLE hSession,     /* the session's handle */
-  CK_NOTIFICATION   event,
-  CK_VOID_PTR       pApplication  /* passed to C_OpenSession */
-);
-
-
-/* CK_FUNCTION_LIST is a structure holding a PKCS #11 spec
- * version and pointers of appropriate types to all the
- * PKCS #11 functions */
-/* CK_FUNCTION_LIST is new for v2.0 */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-
-/* CK_CREATEMUTEX is an application callback for creating a
- * mutex object */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
-  CK_VOID_PTR_PTR ppMutex  /* location to receive ptr to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a
- * mutex object */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
-  CK_VOID_PTR pMutex  /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
-  CK_VOID_PTR pMutex  /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a
- * mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
-  CK_VOID_PTR pMutex  /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to
- * C_Initialize */
-typedef struct CK_C_INITIALIZE_ARGS {
-  CK_CREATEMUTEX CreateMutex;
-  CK_DESTROYMUTEX DestroyMutex;
-  CK_LOCKMUTEX LockMutex;
-  CK_UNLOCKMUTEX UnlockMutex;
-  CK_FLAGS flags;
-  CK_CHAR_PTR *LibraryParameters;
-  CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- *      Bit Flag                           Mask       Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
-#define CKF_OS_LOCKING_OK                  0x00000002
-
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK     1
-
-/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. 
- * CK_RSA_PKCS_OAEP_MGF_TYPE  is used to indicate the Message 
- * Generation Function (MGF) applied to a message block when 
- * formatting a message block for the PKCS #1 OAEP encryption 
- * scheme. */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_MGF_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_MGF_TYPE CK_PTR CK_RSA_PKCS_OAEP_MGF_TYPE_PTR;
-
-/* The following MGFs are defined */
-#define CKG_MGF1_SHA1         0x00000001
-
-/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. 
- * CK_RSA_PKCS_OAEP_SOURCE_TYPE  is used to indicate the source
- * of the encoding parameter when formatting a message block 
- * for the PKCS #1 OAEP encryption scheme. */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
-
-/* The following encoding parameter sources are defined */
-#define CKZ_DATA_SPECIFIED    0x00000001
-
-/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
- * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the 
- * CKM_RSA_PKCS_OAEP mechanism. */
-typedef struct CK_RSA_PKCS_OAEP_PARAMS {
-       CK_MECHANISM_TYPE hashAlg;
-       CK_RSA_PKCS_OAEP_MGF_TYPE mgf;
-       CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
-       CK_VOID_PTR pSourceData;
-       CK_ULONG ulSourceDataLen;
-} CK_RSA_PKCS_OAEP_PARAMS;
-
-typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the
- * CKM_KEA_DERIVE mechanism */
-/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
-typedef struct CK_KEA_DERIVE_PARAMS {
-  CK_BBOOL      isSender;
-  CK_ULONG      ulRandomLen;
-  CK_BYTE_PTR   pRandomA;
-  CK_BYTE_PTR   pRandomB;
-  CK_ULONG      ulPublicDataLen;
-  CK_BYTE_PTR   pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
- * CKM_RC2_MAC mechanisms.  An instance of CK_RC2_PARAMS just
- * holds the effective keysize */
-typedef CK_ULONG          CK_RC2_PARAMS;
-
-typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
- * mechanism */
-typedef struct CK_RC2_CBC_PARAMS {
-  /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
-   * v2.0 */
-  CK_ULONG      ulEffectiveBits;  /* effective bits (1-1024) */
-
-  CK_BYTE       iv[8];            /* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
-
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC2_MAC_GENERAL mechanism */
-/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
-  CK_ULONG      ulEffectiveBits;  /* effective bits (1-1024) */
-  CK_ULONG      ulMacLength;      /* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
-  CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
- * CKM_RC5_MAC mechanisms */
-/* CK_RC5_PARAMS is new for v2.0 */
-typedef struct CK_RC5_PARAMS {
-  CK_ULONG      ulWordsize;  /* wordsize in bits */
-  CK_ULONG      ulRounds;    /* number of rounds */
-} CK_RC5_PARAMS;
-
-typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
- * mechanism */
-/* CK_RC5_CBC_PARAMS is new for v2.0 */
-typedef struct CK_RC5_CBC_PARAMS {
-  CK_ULONG      ulWordsize;  /* wordsize in bits */
-  CK_ULONG      ulRounds;    /* number of rounds */
-  CK_BYTE_PTR   pIv;         /* pointer to IV */
-  CK_ULONG      ulIvLen;     /* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC5_MAC_GENERAL mechanism */
-/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
-  CK_ULONG      ulWordsize;   /* wordsize in bits */
-  CK_ULONG      ulRounds;     /* number of rounds */
-  CK_ULONG      ulMacLength;  /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
-  CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
- * ciphers' MAC_GENERAL mechanisms.  Its value is the length of
- * the MAC */
-/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef CK_ULONG          CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
-  CK_ULONG      ulPasswordLen;
-  CK_BYTE_PTR   pPassword;
-  CK_ULONG      ulPublicDataLen;
-  CK_BYTE_PTR   pPublicData;
-  CK_ULONG      ulPAndGLen;
-  CK_ULONG      ulQLen;
-  CK_ULONG      ulRandomLen;
-  CK_BYTE_PTR   pRandomA;
-  CK_BYTE_PTR   pPrimeP;
-  CK_BYTE_PTR   pBaseG;
-  CK_BYTE_PTR   pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
-  CK_SKIPJACK_PRIVATE_WRAP_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism */
-/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
-  CK_ULONG      ulOldWrappedXLen;
-  CK_BYTE_PTR   pOldWrappedX;
-  CK_ULONG      ulOldPasswordLen;
-  CK_BYTE_PTR   pOldPassword;
-  CK_ULONG      ulOldPublicDataLen;
-  CK_BYTE_PTR   pOldPublicData;
-  CK_ULONG      ulOldRandomLen;
-  CK_BYTE_PTR   pOldRandomA;
-  CK_ULONG      ulNewPasswordLen;
-  CK_BYTE_PTR   pNewPassword;
-  CK_ULONG      ulNewPublicDataLen;
-  CK_BYTE_PTR   pNewPublicData;
-  CK_ULONG      ulNewRandomLen;
-  CK_BYTE_PTR   pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
-  CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-
-typedef struct CK_PBE_PARAMS {
-  CK_CHAR_PTR  pInitVector;
-  CK_CHAR_PTR  pPassword;
-  CK_ULONG     ulPasswordLen;
-  CK_CHAR_PTR  pSalt;
-  CK_ULONG     ulSaltLen;
-  CK_ULONG     ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
- * CKM_KEY_WRAP_SET_OAEP mechanism */
-/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
-  CK_BYTE       bBC;     /* block contents byte */
-  CK_BYTE_PTR   pX;      /* extra data */
-  CK_ULONG      ulXLen;  /* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
-  CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_RANDOM_DATA {
-  CK_BYTE_PTR  pClientRandom;
-  CK_ULONG     ulClientRandomLen;
-  CK_BYTE_PTR  pServerRandom;
-  CK_ULONG     ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
-  CK_SSL3_RANDOM_DATA RandomInfo;
-  CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
-  CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
-  CK_OBJECT_HANDLE hClientMacSecret;
-  CK_OBJECT_HANDLE hServerMacSecret;
-  CK_OBJECT_HANDLE hClientKey;
-  CK_OBJECT_HANDLE hServerKey;
-  CK_BYTE_PTR      pIVClient;
-  CK_BYTE_PTR      pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
-  CK_ULONG                ulMacSizeInBits;
-  CK_ULONG                ulKeySizeInBits;
-  CK_ULONG                ulIVSizeInBits;
-  CK_BBOOL                bIsExport;
-  CK_SSL3_RANDOM_DATA     RandomInfo;
-  CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
-  CK_BYTE_PTR pData;
-  CK_ULONG    ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
-  CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-
-/* The CK_EXTRACT_PARAMS is used for the
- * CKM_EXTRACT_KEY_FROM_KEY mechanism.  It specifies which bit
- * of the base key should be used as the first bit of the
- * derived key */
-/* CK_EXTRACT_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
- * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to 
- * indicate the Pseudo-Random Function (PRF) used to generate 
- * key bits using PKCS #5 PBKDF2. */
-typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
-
-typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
-
-/* The following PRFs are defined in PKCS #5 v2.0. */
-#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
-
-
-/* CK_PKCS5_PBKD2_SALT_SOURCE_TYPE is new for v2.10.
- * CK_PKCS5_PBKD2_SALT_SOURCE_TYPE is used to indicate the 
- * source of the salt value when deriving a key using PKCS #5 
- * PBKDF2. */
-typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
-
-typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
-
-/* The following salt value sources are defined in PKCS #5 v2.0. */
-#define CKZ_SALT_SPECIFIED        0x00000001
-
-/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
- * CK_PKCS5_PBKD2_PARAMS is a structure that provides the 
- * parameters to the CKM_PKCS5_PBKD2 mechanism. */
-typedef struct CK_PKCS5_PBKD2_PARAMS {
-       CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
-       CK_VOID_PTR pSaltSourceData;
-       CK_ULONG ulSaltSourceDataLen;
-       CK_ULONG iterations;
-       CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
-       CK_VOID_PTR pPrfData;
-       CK_ULONG ulPrfDataLen;
-} CK_PKCS5_PBKD2_PARAMS;
- 
-typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
-
-/* Netscape Specific defines */
-#include "pkcs11n.h"
-
-/* undo packing */
-#include "pkcs11u.h"
-
-#endif
diff --git a/security/nss/lib/softoken/pkcs11u.c b/security/nss/lib/softoken/pkcs11u.c
deleted file mode 100644
index 43431db01..000000000
--- a/security/nss/lib/softoken/pkcs11u.c
+++ /dev/null
@@ -1,2745 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal PKCS #11 functions. Should only be called by pkcs11.c
- */
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "pcertt.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secasn1.h"
-#include "blapi.h"
-
-/*
- * ******************** Attribute Utilities *******************************
- */
-
-/*
- * create a new attribute with type, value, and length. Space is allocated
- * to hold value.
- */
-static PK11Attribute *
-pk11_NewAttribute(PK11Object *object,
-	CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, CK_ULONG len)
-{
-    PK11Attribute *attribute;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
-    PK11SessionObject *so = pk11_narrowToSessionObject(object);
-    int index;
-
-    if (so == NULL)  {
-	/* allocate new attribute in a buffer */
-	PORT_Assert(0);
-    }
-    /* 
-     * PKCS11_STATIC_ATTRIBUTES attempts to keep down contention on Malloc and Arena locks
-     * by limiting the number of these calls on high traversed paths. this
-     * is done for attributes by 'allocating' them from a pool already allocated
-     * by the parent object.
-     */
-    PK11_USE_THREADS(PZ_Lock(so->attributeLock);)
-    index = so->nextAttr++;
-    PK11_USE_THREADS(PZ_Unlock(so->attributeLock);)
-    PORT_Assert(index < MAX_OBJS_ATTRS);
-    if (index >= MAX_OBJS_ATTRS) return NULL;
-
-    attribute = &so->attrList[index];
-    attribute->attrib.type = type;
-    attribute->freeAttr = PR_FALSE;
-    attribute->freeData = PR_FALSE;
-    if (value) {
-        if (len <= ATTR_SPACE) {
-	    attribute->attrib.pValue = attribute->space;
-	} else {
-	    attribute->attrib.pValue = PORT_Alloc(len);
-    	    attribute->freeData = PR_TRUE;
-	}
-	if (attribute->attrib.pValue == NULL) {
-	    return NULL;
-	}
-	PORT_Memcpy(attribute->attrib.pValue,value,len);
-	attribute->attrib.ulValueLen = len;
-    } else {
-	attribute->attrib.pValue = NULL;
-	attribute->attrib.ulValueLen = 0;
-    }
-#else
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
-    attribute->freeAttr = PR_TRUE;
-#else
-    attribute = (PK11Attribute*)PORT_ArenaAlloc(object->arena,sizeof(PK11Attribute));
-    attribute->freeAttr = PR_FALSE;
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-    if (attribute == NULL) return NULL;
-    attribute->freeData = PR_FALSE;
-
-    if (value) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-	attribute->attrib.pValue = PORT_Alloc(len);
-	attribute->freeData = PR_TRUE;
-#else
-	attribute->attrib.pValue = PORT_ArenaAlloc(object->arena,len);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-	if (attribute->attrib.pValue == NULL) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-	    PORT_Free(attribute);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-	    return NULL;
-	}
-	PORT_Memcpy(attribute->attrib.pValue,value,len);
-	attribute->attrib.ulValueLen = len;
-    } else {
-	attribute->attrib.pValue = NULL;
-	attribute->attrib.ulValueLen = 0;
-    }
-#endif /* PKCS11_STATIC_ATTRIBUTES */
-    attribute->attrib.type = type;
-    attribute->handle = type;
-    attribute->next = attribute->prev = NULL;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    attribute->refCount = 1;
-#ifdef PKCS11_USE_THREADS
-    attribute->refLock = PZ_NewLock(nssILockRefLock);
-    if (attribute->refLock == NULL) {
-	if (attribute->attrib.pValue) PORT_Free(attribute->attrib.pValue);
-	PORT_Free(attribute);
-	return NULL;
-    }
-#else
-    attribute->refLock = NULL;
-#endif
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-    return attribute;
-}
-
-static PK11Attribute *
-pk11_NewTokenAttribute(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value,
-						CK_ULONG len, PRBool copy)
-{
-    PK11Attribute *attribute;
-
-    attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
-
-    if (attribute == NULL) return NULL;
-    attribute->attrib.type = type;
-    attribute->handle = type;
-    attribute->next = attribute->prev = NULL;
-    attribute->freeAttr = PR_TRUE;
-    attribute->freeData = PR_FALSE;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    attribute->refCount = 1;
-#ifdef PKCS11_USE_THREADS
-    attribute->refLock = PZ_NewLock(nssILockRefLock);
-    if (attribute->refLock == NULL) {
-	PORT_Free(attribute);
-	return NULL;
-    }
-#else
-    attribute->refLock = NULL;
-#endif
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-    attribute->attrib.type = type;
-    if (!copy) {
-	attribute->attrib.pValue = value;
-	attribute->attrib.ulValueLen = len;
-	return attribute;
-    }
-
-    if (value) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
-        if (len <= ATTR_SPACE) {
-	    attribute->attrib.pValue = attribute->space;
-	} else {
-	    attribute->attrib.pValue = PORT_Alloc(len);
-	    attribute->freeData = PR_TRUE;
-	}
-#else
-	attribute->attrib.pValue = PORT_Alloc(len);
-	attribute->freeData = PR_TRUE;
-#endif
-	if (attribute->attrib.pValue == NULL) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-	    if (attribute->refLock) {
-		PK11_USE_THREADS(PZ_DestroyLock(attribute->refLock);)
-	    }
-#endif
-	    PORT_Free(attribute);
-	    return NULL;
-	}
-	PORT_Memcpy(attribute->attrib.pValue,value,len);
-	attribute->attrib.ulValueLen = len;
-    } else {
-	attribute->attrib.pValue = NULL;
-	attribute->attrib.ulValueLen = 0;
-    }
-    return attribute;
-}
-
-static PK11Attribute *
-pk11_NewTokenAttributeSigned(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, 
-						CK_ULONG len, PRBool copy)
-{
-    unsigned char * dval = (unsigned char *)value;
-    if (*dval == 0) {
-	dval++;
-	len--;
-    }
-    return pk11_NewTokenAttribute(type,dval,len,copy);
-}
-
-/*
- * Free up all the memory associated with an attribute. Reference count
- * must be zero to call this.
- */
-static void
-pk11_DestroyAttribute(PK11Attribute *attribute)
-{
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    PORT_Assert(attribute->refCount == 0);
-    PK11_USE_THREADS(PZ_DestroyLock(attribute->refLock);)
-#endif
-    if (attribute->freeData) {
-	if (attribute->attrib.pValue) {
-	    /* clear out the data in the attribute value... it may have been
-	     * sensitive data */
-	    PORT_Memset(attribute->attrib.pValue, 0,
-						attribute->attrib.ulValueLen);
-	}
-	PORT_Free(attribute->attrib.pValue);
-    }
-    PORT_Free(attribute);
-}
-
-/*
- * release a reference to an attribute structure
- */
-void
-pk11_FreeAttribute(PK11Attribute *attribute)
-{
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    PRBool destroy = PR_FALSE;
-#endif
-
-    if (attribute->freeAttr) {
-	pk11_DestroyAttribute(attribute);
-	return;
-    }
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    PK11_USE_THREADS(PZ_Lock(attribute->refLock);)
-    if (attribute->refCount == 1) destroy = PR_TRUE;
-    attribute->refCount--;
-    PK11_USE_THREADS(PZ_Unlock(attribute->refLock);)
-
-    if (destroy) pk11_DestroyAttribute(attribute);
-#endif
-}
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-#define PK11_DEF_ATTRIBUTE(value,len) \
-   { NULL, NULL, PR_FALSE, PR_FALSE, 1, NULL, 0, { 0, value, len } }
-
-#else
-#define PK11_DEF_ATTRIBUTE(value,len) \
-   { NULL, NULL, PR_FALSE, PR_FALSE, 0, { 0, value, len } }
-#endif
-
-CK_BBOOL pk11_staticTrueValue = CK_TRUE;
-CK_BBOOL pk11_staticFalseValue = CK_FALSE;
-static const PK11Attribute pk11_StaticTrueAttr = 
-  PK11_DEF_ATTRIBUTE(&pk11_staticTrueValue,sizeof(pk11_staticTrueValue));
-static const PK11Attribute pk11_StaticFalseAttr = 
-  PK11_DEF_ATTRIBUTE(&pk11_staticFalseValue,sizeof(pk11_staticFalseValue));
-static const PK11Attribute pk11_StaticNullAttr = PK11_DEF_ATTRIBUTE(NULL,0);
-
-CK_CERTIFICATE_TYPE pk11_staticX509Value = CKC_X_509;
-static const PK11Attribute pk11_StaticX509Attr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticX509Value, sizeof(pk11_staticX509Value));
-CK_TRUST pk11_staticTrustedValue = CKT_NETSCAPE_TRUSTED;
-CK_TRUST pk11_staticTrustedDelegatorValue = CKT_NETSCAPE_TRUSTED_DELEGATOR;
-CK_TRUST pk11_staticValidDelegatorValue = CKT_NETSCAPE_VALID_DELEGATOR;
-CK_TRUST pk11_staticUnTrustedValue = CKT_NETSCAPE_UNTRUSTED;
-CK_TRUST pk11_staticTrustUnknownValue = CKT_NETSCAPE_TRUST_UNKNOWN;
-CK_TRUST pk11_staticValidPeerValue = CKT_NETSCAPE_VALID;
-CK_TRUST pk11_staticMustVerifyValue = CKT_NETSCAPE_MUST_VERIFY;
-static const PK11Attribute pk11_StaticTrustedAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticTrustedValue,
-				sizeof(pk11_staticTrustedValue));
-static const PK11Attribute pk11_StaticTrustedDelegatorAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticTrustedDelegatorValue,
-				sizeof(pk11_staticTrustedDelegatorValue));
-static const PK11Attribute pk11_StaticValidDelegatorAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticValidDelegatorValue,
-				sizeof(pk11_staticValidDelegatorValue));
-static const PK11Attribute pk11_StaticUnTrustedAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticUnTrustedValue,
-				sizeof(pk11_staticUnTrustedValue));
-static const PK11Attribute pk11_StaticTrustUnknownAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticTrustUnknownValue,
-				sizeof(pk11_staticTrustUnknownValue));
-static const PK11Attribute pk11_StaticValidPeerAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticValidPeerValue,
-				sizeof(pk11_staticValidPeerValue));
-static const PK11Attribute pk11_StaticMustVerifyAttr =
-  PK11_DEF_ATTRIBUTE(&pk11_staticMustVerifyValue,
-				sizeof(pk11_staticMustVerifyValue));
-
-static void pk11_FreeItem(SECItem *item)
-{
-    SECITEM_FreeItem(item, PR_TRUE);
-}
-
-static certDBEntrySMime *
-pk11_getSMime(PK11TokenObject *object)
-{
-    certDBEntrySMime *entry;
-
-    if (object->obj.objclass != CKO_NETSCAPE_SMIME) {
-	return NULL;
-    }
-    if (object->obj.objectInfo) {
-	return (certDBEntrySMime *)object->obj.objectInfo;
-    }
-
-    entry = nsslowcert_ReadDBSMimeEntry(object->obj.slot->certDB,
-						(char *)object->dbKey.data);
-    object->obj.objectInfo = (void *)entry;
-    object->obj.infoFree = (PK11Free) nsslowcert_DestroyDBEntry;
-    return entry;
-}
-
-static SECItem *
-pk11_getCrl(PK11TokenObject *object)
-{
-    SECItem *crl;
-    PRBool isKrl;
-
-    if (object->obj.objclass != CKO_NETSCAPE_CRL) {
-	return NULL;
-    }
-    if (object->obj.objectInfo) {
-	return (SECItem *)object->obj.objectInfo;
-    }
-
-    isKrl = (PRBool) object->obj.handle == PK11_TOKEN_KRL_HANDLE;
-    crl = nsslowcert_FindCrlByKey(object->obj.slot->certDB,&object->dbKey,
-								NULL,isKrl);
-    object->obj.objectInfo = (void *)crl;
-    object->obj.infoFree = (PK11Free) pk11_FreeItem;
-    return crl;
-}
-
-static char *
-pk11_getUrl(PK11TokenObject *object)
-{
-    SECItem *crl;
-    PRBool isKrl;
-    char *url = NULL;
-
-    if (object->obj.objclass != CKO_NETSCAPE_CRL) {
-	return NULL;
-    }
-
-    isKrl = (PRBool) object->obj.handle == PK11_TOKEN_KRL_HANDLE;
-    crl = nsslowcert_FindCrlByKey(object->obj.slot->certDB,&object->dbKey,
-								&url,isKrl);
-    if (object->obj.objectInfo == NULL) {
-	object->obj.objectInfo = (void *)crl;
-	object->obj.infoFree = (PK11Free) pk11_FreeItem;
-    } else {
-	if (crl) SECITEM_FreeItem(crl,PR_TRUE);
-    }
-    return url;
-}
-
-static NSSLOWCERTCertificate *
-pk11_getCert(PK11TokenObject *object)
-{
-    NSSLOWCERTCertificate *cert;
-    CK_OBJECT_CLASS objClass = object->obj.objclass;
-
-    if ((objClass != CKO_CERTIFICATE) && (objClass != CKO_NETSCAPE_TRUST)) {
-	return NULL;
-    }
-    if (objClass == CKO_CERTIFICATE && object->obj.objectInfo) {
-	return (NSSLOWCERTCertificate *)object->obj.objectInfo;
-    }
-    cert = nsslowcert_FindCertByKey(object->obj.slot->certDB,&object->dbKey);
-    if (objClass == CKO_CERTIFICATE) {
-	object->obj.objectInfo = (void *)cert;
-	object->obj.infoFree = (PK11Free) nsslowcert_DestroyCertificate ;
-    }
-    return cert;
-}
-
-static NSSLOWCERTTrust *
-pk11_getTrust(PK11TokenObject *object)
-{
-    NSSLOWCERTTrust *trust;
-
-    if (object->obj.objclass != CKO_NETSCAPE_TRUST) {
-	return NULL;
-    }
-    if (object->obj.objectInfo) {
-	return (NSSLOWCERTTrust *)object->obj.objectInfo;
-    }
-    trust = nsslowcert_FindTrustByKey(object->obj.slot->certDB,&object->dbKey);
-    object->obj.objectInfo = (void *)trust;
-    object->obj.infoFree = (PK11Free) nsslowcert_DestroyTrust ;
-    return trust;
-}
-
-static NSSLOWKEYPublicKey *
-pk11_GetPublicKey(PK11TokenObject *object)
-{
-    NSSLOWKEYPublicKey *pubKey;
-    NSSLOWKEYPrivateKey *privKey;
-
-    if (object->obj.objclass != CKO_PUBLIC_KEY) {
-	return NULL;
-    }
-    if (object->obj.objectInfo) {
-	return (NSSLOWKEYPublicKey *)object->obj.objectInfo;
-    }
-    privKey = nsslowkey_FindKeyByPublicKey(object->obj.slot->keyDB,
-				&object->dbKey, object->obj.slot->password);
-    if (privKey == NULL) {
-	return NULL;
-    }
-    pubKey = nsslowkey_ConvertToPublicKey(privKey);
-    nsslowkey_DestroyPrivateKey(privKey);
-    object->obj.objectInfo = (void *) pubKey;
-    object->obj.infoFree = (PK11Free) nsslowkey_DestroyPublicKey ;
-    return pubKey;
-}
-
-static NSSLOWKEYPrivateKey *
-pk11_GetPrivateKey(PK11TokenObject *object)
-{
-    NSSLOWKEYPrivateKey *privKey;
-
-    if ((object->obj.objclass != CKO_PRIVATE_KEY) && 
-			(object->obj.objclass != CKO_SECRET_KEY)) {
-	return NULL;
-    }
-    if (object->obj.objectInfo) {
-	return (NSSLOWKEYPrivateKey *)object->obj.objectInfo;
-    }
-    privKey = nsslowkey_FindKeyByPublicKey(object->obj.slot->keyDB,
-				&object->dbKey, object->obj.slot->password);
-    if (privKey == NULL) {
-	return NULL;
-    }
-    object->obj.objectInfo = (void *) privKey;
-    object->obj.infoFree = (PK11Free) nsslowkey_DestroyPrivateKey ;
-    return privKey;
-}
-
-/* pk11_GetPubItem returns data associated with the public key.
- * one only needs to free the public key. This comment is here
- * because this sematic would be non-obvious otherwise. All callers
- * should include this comment.
- */
-static SECItem *
-pk11_GetPubItem(NSSLOWKEYPublicKey *pubKey) {
-    SECItem *pubItem = NULL;
-    /* get value to compare from the cert's public key */
-    switch ( pubKey->keyType ) {
-    case NSSLOWKEYRSAKey:
-	    pubItem = &pubKey->u.rsa.modulus;
-	    break;
-    case NSSLOWKEYDSAKey:
-	    pubItem = &pubKey->u.dsa.publicValue;
-	    break;
-    case NSSLOWKEYDHKey:
-	    pubItem = &pubKey->u.dh.publicValue;
-	    break;
-    default:
-	    break;
-    }
-    return pubItem;
-}
-
-static const SEC_ASN1Template pk11_SerialTemplate[] = {
-    { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertificate,serialNumber) },
-    { 0 }
-};
-
-static PK11Attribute *
-pk11_FindRSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
-    unsigned char hash[SHA1_LENGTH];
-    CK_KEY_TYPE keyType = CKK_RSA;
-
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
-    case CKA_ID:
-	SHA1_HashBuf(hash,key->u.rsa.modulus.data,key->u.rsa.modulus.len);
-	return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
-    case CKA_DERIVE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_ENCRYPT:
-    case CKA_VERIFY:
-    case CKA_VERIFY_RECOVER:
-    case CKA_WRAP:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_MODULUS:
-	return pk11_NewTokenAttributeSigned(type,key->u.rsa.modulus.data,
-					key->u.rsa.modulus.len, PR_FALSE);
-    case CKA_PUBLIC_EXPONENT:
-	return pk11_NewTokenAttributeSigned(type,key->u.rsa.publicExponent.data,
-				key->u.rsa.publicExponent.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
-    unsigned char hash[SHA1_LENGTH];
-    CK_KEY_TYPE keyType = CKK_DSA;
-
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
-    case CKA_ID:
-	SHA1_HashBuf(hash,key->u.dsa.publicValue.data,
-						key->u.dsa.publicValue.len);
-	return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
-    case CKA_DERIVE:
-    case CKA_ENCRYPT:
-    case CKA_VERIFY_RECOVER:
-    case CKA_WRAP:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_VERIFY:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_VALUE:
-	return pk11_NewTokenAttributeSigned(type,key->u.dsa.publicValue.data,
-					key->u.dsa.publicValue.len, PR_FALSE);
-    case CKA_PRIME:
-	return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.prime.data,
-					key->u.dsa.params.prime.len, PR_FALSE);
-    case CKA_SUBPRIME:
-	return pk11_NewTokenAttributeSigned(type,
-				key->u.dsa.params.subPrime.data,
-				key->u.dsa.params.subPrime.len, PR_FALSE);
-    case CKA_BASE:
-	return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.base.data,
-					key->u.dsa.params.base.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDHPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
-    unsigned char hash[SHA1_LENGTH];
-    CK_KEY_TYPE keyType = CKK_DH;
-
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
-    case CKA_ID:
-	SHA1_HashBuf(hash,key->u.dh.publicValue.data,key->u.dh.publicValue.len);
-	return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
-    case CKA_DERIVE:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_ENCRYPT:
-    case CKA_VERIFY:
-    case CKA_VERIFY_RECOVER:
-    case CKA_WRAP:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_VALUE:
-	return pk11_NewTokenAttributeSigned(type,key->u.dh.publicValue.data,
-					key->u.dh.publicValue.len, PR_FALSE);
-    case CKA_PRIME:
-	return pk11_NewTokenAttributeSigned(type,key->u.dh.prime.data,
-					key->u.dh.prime.len, PR_FALSE);
-    case CKA_BASE:
-	return pk11_NewTokenAttributeSigned(type,key->u.dh.base.data,
-					key->u.dh.base.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindPublicKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    NSSLOWKEYPublicKey *key;
-    PK11Attribute *att = NULL;
-    char *label;
-
-    switch (type) {
-    case CKA_PRIVATE:
-    case CKA_SENSITIVE:
-    case CKA_ALWAYS_SENSITIVE:
-    case CKA_NEVER_EXTRACTABLE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_MODIFIABLE:
-    case CKA_EXTRACTABLE:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_LABEL:
-        label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
-				&object->dbKey, object->obj.slot->password);
-	if (label == NULL) {
-	   return (PK11Attribute *)&pk11_StaticNullAttr;
-	}
-	att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label), PR_TRUE);
-	PORT_Free(label);
-	return att;
-    default:
-	break;
-    }
-
-    key = pk11_GetPublicKey(object);
-    if (key == NULL) {
-	return NULL;
-    }
-
-    switch (key->keyType) {
-    case NSSLOWKEYRSAKey:
-	return pk11_FindRSAPublicKeyAttribute(key,type);
-    case NSSLOWKEYDSAKey:
-	return pk11_FindDSAPublicKeyAttribute(key,type);
-    case NSSLOWKEYDHKey:
-	return pk11_FindDHPublicKeyAttribute(key,type);
-    default:
-	break;
-    }
-
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindSecretKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    NSSLOWKEYPrivateKey *key;
-    char *label;
-    PK11Attribute *att;
-
-    switch (type) {
-    case CKA_PRIVATE:
-    case CKA_SENSITIVE:
-    case CKA_ALWAYS_SENSITIVE:
-    case CKA_EXTRACTABLE:
-    case CKA_DERIVE:
-    case CKA_ENCRYPT:
-    case CKA_DECRYPT:
-    case CKA_SIGN:
-    case CKA_VERIFY:
-    case CKA_WRAP:
-    case CKA_UNWRAP:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_NEVER_EXTRACTABLE:
-    case CKA_MODIFIABLE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_LABEL:
-        label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
-				&object->dbKey, object->obj.slot->password);
-	if (label == NULL) {
-	   return (PK11Attribute *)&pk11_StaticNullAttr;
-	}
-	att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label), PR_TRUE);
-	PORT_Free(label);
-	return att;
-    default:
-	break;
-    }
-
-    key = pk11_GetPrivateKey(object);
-    if (key == NULL) {
-	return NULL;
-    }
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,key->u.rsa.coefficient.data,
-					key->u.rsa.coefficient.len, PR_FALSE);
-    case CKA_VALUE:
-	return pk11_NewTokenAttribute(type,key->u.rsa.privateExponent.data,
-				key->u.rsa.privateExponent.len, PR_FALSE);
-    }
-
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindRSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key,
-							 CK_ATTRIBUTE_TYPE type)
-{
-    unsigned char hash[SHA1_LENGTH];
-    CK_KEY_TYPE keyType = CKK_RSA;
-
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
-    case CKA_ID:
-	SHA1_HashBuf(hash,key->u.rsa.modulus.data,key->u.rsa.modulus.len);
-	return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
-    case CKA_DERIVE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_DECRYPT:
-    case CKA_SIGN:
-    case CKA_SIGN_RECOVER:
-    case CKA_UNWRAP:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_MODULUS:
-	return pk11_NewTokenAttributeSigned(type,key->u.rsa.modulus.data,
-					key->u.rsa.modulus.len, PR_FALSE);
-    case CKA_PUBLIC_EXPONENT:
-	return pk11_NewTokenAttributeSigned(type,key->u.rsa.publicExponent.data,
-				key->u.rsa.publicExponent.len, PR_FALSE);
-    case CKA_PRIVATE_EXPONENT:
-    case CKA_PRIME_1:
-    case CKA_PRIME_2:
-    case CKA_EXPONENT_1:
-    case CKA_EXPONENT_2:
-    case CKA_COEFFICIENT:
-	return (PK11Attribute *) &pk11_StaticNullAttr;
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, 
-							CK_ATTRIBUTE_TYPE type)
-{
-    unsigned char hash[SHA1_LENGTH];
-    CK_KEY_TYPE keyType = CKK_DSA;
-
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
-    case CKA_ID:
-	SHA1_HashBuf(hash,key->u.dsa.publicValue.data,
-						key->u.dsa.publicValue.len);
-	return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
-    case CKA_DERIVE:
-    case CKA_DECRYPT:
-    case CKA_SIGN_RECOVER:
-    case CKA_UNWRAP:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_SIGN:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_VALUE:
-	return (PK11Attribute *) &pk11_StaticNullAttr;
-    case CKA_PRIME:
-	return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.prime.data,
-					key->u.dsa.params.prime.len, PR_FALSE);
-    case CKA_SUBPRIME:
-	return pk11_NewTokenAttributeSigned(type,
-				key->u.dsa.params.subPrime.data,
-				key->u.dsa.params.subPrime.len, PR_FALSE);
-    case CKA_BASE:
-	return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.base.data,
-					key->u.dsa.params.base.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDHPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type)
-{
-    unsigned char hash[SHA1_LENGTH];
-    CK_KEY_TYPE keyType = CKK_DH;
-
-    switch (type) {
-    case CKA_KEY_TYPE:
-	return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
-    case CKA_ID:
-	SHA1_HashBuf(hash,key->u.dh.publicValue.data,key->u.dh.publicValue.len);
-	return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
-    case CKA_DERIVE:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_DECRYPT:
-    case CKA_SIGN:
-    case CKA_SIGN_RECOVER:
-    case CKA_UNWRAP:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_VALUE:
-	return (PK11Attribute *) &pk11_StaticNullAttr;
-    case CKA_PRIME:
-	return pk11_NewTokenAttributeSigned(type,key->u.dh.prime.data,
-					key->u.dh.prime.len, PR_FALSE);
-    case CKA_BASE:
-	return pk11_NewTokenAttributeSigned(type,key->u.dh.base.data,
-					key->u.dh.base.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindPrivateKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    NSSLOWKEYPrivateKey *key;
-    char *label;
-    PK11Attribute *att;
-
-    switch (type) {
-    case CKA_PRIVATE:
-    case CKA_SENSITIVE:
-    case CKA_ALWAYS_SENSITIVE:
-    case CKA_EXTRACTABLE:
-    case CKA_MODIFIABLE:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_NEVER_EXTRACTABLE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_SUBJECT:
-	   return (PK11Attribute *)&pk11_StaticNullAttr;
-    case CKA_LABEL:
-        label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
-				&object->dbKey, object->obj.slot->password);
-	if (label == NULL) {
-	   return (PK11Attribute *)&pk11_StaticNullAttr;
-	}
-	att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label), PR_TRUE);
-	PORT_Free(label);
-	return att;
-    default:
-	break;
-    }
-    key = pk11_GetPrivateKey(object);
-    if (key == NULL) {
-	return NULL;
-    }
-    switch (key->keyType) {
-    case NSSLOWKEYRSAKey:
-	return pk11_FindRSAPrivateKeyAttribute(key,type);
-    case NSSLOWKEYDSAKey:
-	return pk11_FindDSAPrivateKeyAttribute(key,type);
-    case NSSLOWKEYDHKey:
-	return pk11_FindDHPrivateKeyAttribute(key,type);
-    default:
-	break;
-    }
-
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindSMIMEAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    certDBEntrySMime *entry;
-    switch (type) {
-    case CKA_PRIVATE:
-    case CKA_MODIFIABLE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_NETSCAPE_EMAIL:
-	return pk11_NewTokenAttribute(type,object->dbKey.data,
-						object->dbKey.len-1, PR_FALSE);
-    case CKA_SENSITIVE:
-	return NULL;
-    default:
-	break;
-    }
-    entry = pk11_getSMime(object);
-    if (entry == NULL) {
-	return NULL;
-    }
-    switch (type) {
-    case CKA_NETSCAPE_SMIME_TIMESTAMP:
-	return pk11_NewTokenAttribute(type,entry->optionsDate.data,
-					entry->optionsDate.len, PR_FALSE);
-    case CKA_SUBJECT:
-	return pk11_NewTokenAttribute(type,entry->subjectName.data,
-					entry->subjectName.len, PR_FALSE);
-    case CKA_VALUE:
-	return pk11_NewTokenAttribute(type,entry->smimeOptions.data,
-					entry->smimeOptions.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindTrustAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    NSSLOWCERTTrust *trust;
-    unsigned char hash[SHA1_LENGTH];
-    unsigned int trustFlags;
-
-    switch (type) {
-    case CKA_PRIVATE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_MODIFIABLE:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_SENSITIVE:
-	return NULL;
-    default:
-	break;
-    }
-    trust = pk11_getTrust(object);
-    if (trust == NULL) {
-	return NULL;
-    }
-    switch (type) {
-    case CKA_CERT_SHA1_HASH:
-	SHA1_HashBuf(hash,trust->derCert->data,trust->derCert->len);
-	return pk11_NewTokenAttribute(type, hash, SHA1_LENGTH, PR_TRUE);
-    case CKA_CERT_MD5_HASH:
-	MD5_HashBuf(hash,trust->derCert->data,trust->derCert->len);
-	return pk11_NewTokenAttribute(type, hash, MD5_LENGTH, PR_TRUE);
-    case CKA_TRUST_CLIENT_AUTH:
-	trustFlags = trust->trust->sslFlags & CERTDB_TRUSTED_CLIENT_CA ?
-		trust->trust->sslFlags | CERTDB_TRUSTED_CA : 0 ;
-	goto trust;
-    case CKA_TRUST_SERVER_AUTH:
-	trustFlags = trust->trust->sslFlags;
-	goto trust;
-    case CKA_TRUST_EMAIL_PROTECTION:
-	trustFlags = trust->trust->emailFlags;
-	goto trust;
-    case CKA_TRUST_CODE_SIGNING:
-	trustFlags = trust->trust->objectSigningFlags;
-trust:
-	if (trustFlags & CERTDB_TRUSTED_CA ) {
-	    return (PK11Attribute *)&pk11_StaticTrustedDelegatorAttr;
-	}
-	if (trustFlags & CERTDB_TRUSTED) {
-	    return (PK11Attribute *)&pk11_StaticTrustedAttr;
-	}
-	if (trustFlags & CERTDB_NOT_TRUSTED) {
-	    return (PK11Attribute *)&pk11_StaticUnTrustedAttr;
-	}
-	if (trustFlags & CERTDB_TRUSTED_UNKNOWN) {
-	    return (PK11Attribute *)&pk11_StaticTrustUnknownAttr;
-	}
-	if (trustFlags & CERTDB_VALID_CA) {
-	    return (PK11Attribute *)&pk11_StaticValidDelegatorAttr;
-	}
-	if (trustFlags & CERTDB_VALID_PEER) {
-	    return (PK11Attribute *)&pk11_StaticValidPeerAttr;
-	}
-	return (PK11Attribute *)&pk11_StaticMustVerifyAttr;
-    default:
-	break;
-    }
-
-#ifdef notdef
-    switch (type) {
-    case CKA_ISSUER:
-	cert = pk11_getCertObject(object);
-	if (cert == NULL) break;
-	attr = pk11_NewTokenAttribute(type,cert->derIssuer.data,
-						cert->derIssuer.len, PR_FALSE);
-	
-    case CKA_SERIAL_NUMBER:
-	cert = pk11_getCertObject(object);
-	if (cert == NULL) break;
-	item = SEC_ASN1EncodeItem(NULL,NULL,cert,pk11_SerialTemplate);
-	if (item == NULL) break;
-	attr = pk11_NewTokenAttribute(type, item->data, item->len, PR_TRUE);
-	SECITEM_FreeItem(item,PR_TRUE);
-    }
-    if (cert) {
-	NSSLOWCERTDestroyCertificate(cert);	
-	return attr;
-    }
-#endif
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindCrlAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    SECItem *crl;
-    char *url;
-
-    switch (type) {
-    case CKA_PRIVATE:
-    case CKA_MODIFIABLE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_NETSCAPE_KRL:
-	return (PK11Attribute *) ((object->obj.handle == PK11_TOKEN_KRL_HANDLE) 
-			? &pk11_StaticTrueAttr : &pk11_StaticFalseAttr);
-    case CKA_NETSCAPE_URL:
-	url = pk11_getUrl(object);
-	if (url == NULL) {
-	    return (PK11Attribute *) &pk11_StaticNullAttr;
-	}
-	return pk11_NewTokenAttribute(type, url, PORT_Strlen(url)+1, PR_TRUE);
-    case CKA_VALUE:
-	crl = pk11_getCrl(object);
-	if (crl == NULL) break;
-	return pk11_NewTokenAttribute(type, crl->data, crl->len, PR_FALSE);
-    case CKA_SUBJECT:
-	return pk11_NewTokenAttribute(type,object->dbKey.data,
-						object->dbKey.len, PR_FALSE);
-    default:
-	break;
-    }
-    return NULL;
-}
-
-static PK11Attribute *
-pk11_FindCertAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
-    NSSLOWCERTCertificate *cert;
-    NSSLOWKEYPublicKey  *pubKey;
-    unsigned char hash[SHA1_LENGTH];
-    SECItem *item;
-    PK11Attribute *attr;
-
-    switch (type) {
-    case CKA_PRIVATE:
-	return (PK11Attribute *) &pk11_StaticFalseAttr;
-    case CKA_MODIFIABLE:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_CERTIFICATE_TYPE:
-        /* hardcoding X.509 into here */
-        return (PK11Attribute *)&pk11_StaticX509Attr;
-    case CKA_SENSITIVE:
-	return NULL;
-    default:
-	break;
-    }
-    cert = pk11_getCert(object);
-    if (cert == NULL) {
-	return NULL;
-    }
-    switch (type) {
-    case CKA_VALUE:
-	return pk11_NewTokenAttribute(type,cert->derCert.data,
-						cert->derCert.len,PR_FALSE);
-    case CKA_ID:
-	pubKey = nsslowcert_ExtractPublicKey(cert);
-	if (pubKey == NULL) break;
-	item = pk11_GetPubItem(pubKey);
-	if (item == NULL) {
-	    nsslowkey_DestroyPublicKey(pubKey);
-	    break;
-	}
-	SHA1_HashBuf(hash,item->data,item->len);
-	/* item is imbedded in pubKey, just free the key */
-	nsslowkey_DestroyPublicKey(pubKey);
-	return pk11_NewTokenAttribute(type, hash, SHA1_LENGTH, PR_TRUE);
-    case CKA_LABEL:
-	return cert->nickname ? pk11_NewTokenAttribute(type, cert->nickname,
-				PORT_Strlen(cert->nickname), PR_FALSE) :
-					(PK11Attribute *) &pk11_StaticNullAttr;
-    case CKA_SUBJECT:
-	return pk11_NewTokenAttribute(type,cert->derSubject.data,
-						cert->derSubject.len, PR_FALSE);
-    case CKA_ISSUER:
-	return pk11_NewTokenAttribute(type,cert->derIssuer.data,
-						cert->derIssuer.len, PR_FALSE);
-    case CKA_SERIAL_NUMBER:
-	item = SEC_ASN1EncodeItem(NULL,NULL,cert,pk11_SerialTemplate);
-	if (item == NULL) break;
-	attr = pk11_NewTokenAttribute(type, item->data, item->len, PR_TRUE);
-	SECITEM_FreeItem(item,PR_TRUE);
-	return attr;
-    case CKA_NETSCAPE_EMAIL:
-	return cert->emailAddr ? pk11_NewTokenAttribute(type, cert->emailAddr,
-				PORT_Strlen(cert->emailAddr), PR_FALSE) :
-					(PK11Attribute *) &pk11_StaticNullAttr;
-    default:
-	break;
-    }
-    return NULL;
-}
-    
-static PK11Attribute *    
-pk11_FindTokenAttribute(PK11TokenObject *object,CK_ATTRIBUTE_TYPE type)
-{
-    /* handle the common ones */
-    switch (type) {
-    case CKA_CLASS:
-	return pk11_NewTokenAttribute(type,&object->obj.objclass,
-					sizeof(object->obj.objclass),PR_FALSE);
-    case CKA_TOKEN:
-	return (PK11Attribute *) &pk11_StaticTrueAttr;
-    case CKA_LABEL:
-	if (  (object->obj.objclass == CKO_CERTIFICATE) 
-	   || (object->obj.objclass == CKO_PRIVATE_KEY)
-	   || (object->obj.objclass == CKO_PUBLIC_KEY)
-	   || (object->obj.objclass == CKO_SECRET_KEY)) {
-	    break;
-	}
-	return (PK11Attribute *) &pk11_StaticNullAttr;
-    default:
-	break;
-    }
-    switch (object->obj.objclass) {
-    case CKO_CERTIFICATE:
-	return pk11_FindCertAttribute(object,type);
-    case CKO_NETSCAPE_CRL:
-	return pk11_FindCrlAttribute(object,type);
-    case CKO_NETSCAPE_TRUST:
-	return pk11_FindTrustAttribute(object,type);
-    case CKO_NETSCAPE_SMIME:
-	return pk11_FindSMIMEAttribute(object,type);
-    case CKO_PUBLIC_KEY:
-	return pk11_FindPublicKeyAttribute(object,type);
-    case CKO_PRIVATE_KEY:
-	return pk11_FindPrivateKeyAttribute(object,type);
-    case CKO_SECRET_KEY:
-	return pk11_FindSecretKeyAttribute(object,type);
-    default:
-	break;
-    }
-    PORT_Assert(0);
-    return NULL;
-} 
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when 
- * it is no longer needed.
- */
-PK11Attribute *
-pk11_FindAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-    PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
-    if (sessObject == NULL) {
-	return pk11_FindTokenAttribute(pk11_narrowToTokenObject(object),type);
-    }
-
-    PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
-    pk11queue_find(attribute,type,sessObject->head, sessObject->hashSize);
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-    if (attribute) {
-	/* atomic increment would be nice here */
-	PK11_USE_THREADS(PZ_Lock(attribute->refLock);)
-	attribute->refCount++;
-	PK11_USE_THREADS(PZ_Unlock(attribute->refLock);)
-    }
-#endif
-    PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-
-    return(attribute);
-}
-
-
-
-PRBool
-pk11_hasAttributeToken(PK11TokenObject *object)
-{
-    return PR_FALSE;
-}
-
-/*
- * return true if object has attribute
- */
-PRBool
-pk11_hasAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-    PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
-    if (sessObject == NULL) {
-	return pk11_hasAttributeToken(pk11_narrowToTokenObject(object));
-    }
-
-    PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
-    pk11queue_find(attribute,type,sessObject->head, sessObject->hashSize);
-    PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-
-    return (PRBool)(attribute != NULL);
-}
-
-/*
- * add an attribute to an object
- */
-static void
-pk11_AddAttribute(PK11Object *object,PK11Attribute *attribute)
-{
-    PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
-    if (sessObject == NULL) return;
-    PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
-    pk11queue_add(attribute,attribute->handle,
-				sessObject->head, sessObject->hashSize);
-    PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-}
-
-/* 
- * copy an unsigned attribute into a SECItem. Secitem is allocated in
- * the specified arena.
- */
-CK_RV
-pk11_Attribute2SSecItem(PLArenaPool *arena,SECItem *item,PK11Object *object,
-                                      CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-
-    item->data = NULL;
-
-    attribute = pk11_FindAttribute(object, type);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
-    (void)SECITEM_AllocItem(arena, item, attribute->attrib.ulValueLen);
-    if (item->data == NULL) {
-	pk11_FreeAttribute(attribute);
-	return CKR_HOST_MEMORY;
-    }
-    PORT_Memcpy(item->data, attribute->attrib.pValue, item->len);
-    pk11_FreeAttribute(attribute);
-    return CKR_OK;
-}
-
-
-/*
- * delete an attribute from an object
- */
-static void
-pk11_DeleteAttribute(PK11Object *object, PK11Attribute *attribute)
-{
-    PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
-    if (sessObject == NULL) {
-	return ;
-    }
-    PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
-    if (pk11queue_is_queued(attribute,attribute->handle,
-				sessObject->head, sessObject->hashSize)) {
-	pk11queue_delete(attribute,attribute->handle,
-				sessObject->head, sessObject->hashSize);
-    }
-    PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-    pk11_FreeAttribute(attribute);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-PRBool
-pk11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-    PRBool tok = PR_FALSE;
-
-    attribute=pk11_FindAttribute(object,type);
-    if (attribute == NULL) { return PR_FALSE; }
-    tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
-    pk11_FreeAttribute(attribute);
-
-    return tok;
-}
-
-/*
- * force an attribute to null.
- * this is for sensitive keys which are stored in the database, we don't
- * want to keep this info around in memory in the clear.
- */
-void
-pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-
-    attribute=pk11_FindAttribute(object,type);
-    if (attribute == NULL) return;
-
-    if (attribute->attrib.pValue != NULL) {
-	PORT_Memset(attribute->attrib.pValue,0,attribute->attrib.ulValueLen);
-	if (attribute->freeData) {
-	    PORT_Free(attribute->attrib.pValue);
-	}
-	attribute->freeData = PR_FALSE;
-	attribute->attrib.pValue = NULL;
-	attribute->attrib.ulValueLen = 0;
-    }
-    pk11_FreeAttribute(attribute);
-}
-
-static CK_RV
-pk11_SetCertAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type, 
-						void *value, unsigned int len)
-{
-    NSSLOWCERTCertificate *cert;
-    char *nickname = NULL;
-    SECStatus rv;
-
-    /* we can't change the ID or the EMAIL values, but let the
-     * upper layers feel better about the fact we tried to set these */
-    if ((type == CKA_ID) || (type == CKA_NETSCAPE_EMAIL)) {
-	return CKR_OK;
-    }
-
-    if (to->obj.slot->certDB == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-
-    if (type != CKA_LABEL)  {
-	return CKR_ATTRIBUTE_READ_ONLY;
-    }
-
-    cert = pk11_getCert(to);
-    if (cert == NULL) {
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-
-    if (value != NULL) {
-	nickname = PORT_ZAlloc(len+1);
-	if (nickname == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	PORT_Memcpy(nickname,value,len);
-	nickname[len] = 0;
-    }
-    rv = nsslowcert_AddPermNickname(to->obj.slot->certDB, cert, nickname);
-    if (nickname) PORT_Free(nickname);
-    if (rv != SECSuccess) {
-	return CKR_DEVICE_ERROR;
-    }
-    return CKR_OK;
-}
-
-static CK_RV
-pk11_SetPrivateKeyAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type, 
-						void *value, unsigned int len)
-{
-    NSSLOWKEYPrivateKey *privKey;
-    char *nickname = NULL;
-    SECStatus rv;
-
-    /* we can't change the ID and we don't store the subject, but let the
-     * upper layers feel better about the fact we tried to set these */
-    if ((type == CKA_ID) || (type == CKA_SUBJECT)) {
-	return CKR_OK;
-    }
-
-    if (to->obj.slot->keyDB == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-    if (type != CKA_LABEL) {
-	return CKR_ATTRIBUTE_READ_ONLY;
-    }
-
-    privKey = pk11_GetPrivateKey(to);
-    if (privKey == NULL) {
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-    if (value != NULL) {
-	nickname = PORT_ZAlloc(len+1);
-	if (nickname == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	PORT_Memcpy(nickname,value,len);
-	nickname[len] = 0;
-    }
-    rv = nsslowkey_UpdateNickname(to->obj.slot->keyDB, privKey, &to->dbKey, 
-					nickname, to->obj.slot->password);
-    if (nickname) PORT_Free(nickname);
-    if (rv != SECSuccess) {
-	return CKR_DEVICE_ERROR;
-    }
-    return CKR_OK;
-}
-
-static CK_RV
-pk11_SetTrustAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type, 
-						void *value, unsigned int len)
-{
-    unsigned int flags;
-    CK_TRUST  trust;
-    NSSLOWCERTCertificate *cert;
-    NSSLOWCERTCertTrust dbTrust;
-    SECStatus rv;
-
-    if (to->obj.slot->certDB == NULL) {
-	return CKR_TOKEN_WRITE_PROTECTED;
-    }
-    if (len != sizeof (CK_TRUST)) {
-	return CKR_ATTRIBUTE_VALUE_INVALID;
-    }
-    trust = *(CK_TRUST *)value;
-    flags = pk11_MapTrust(trust, (PRBool) (type == CKA_TRUST_SERVER_AUTH));
-
-    cert = pk11_getCert(to);
-    if (cert == NULL) {
-	return CKR_OBJECT_HANDLE_INVALID;
-    }
-    dbTrust = *cert->trust;
-
-    switch (type) {
-    case CKA_TRUST_EMAIL_PROTECTION:
-	dbTrust.emailFlags = flags |
-		(cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS);
-	break;
-    case CKA_TRUST_CODE_SIGNING:
-	dbTrust.objectSigningFlags = flags |
-		(cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS);
-	break;
-    case CKA_TRUST_CLIENT_AUTH:
-	dbTrust.sslFlags = flags | (cert->trust->sslFlags & 
-				(CERTDB_PRESERVE_TRUST_BITS|CERTDB_TRUSTED_CA));
-	break;
-    case CKA_TRUST_SERVER_AUTH:
-	dbTrust.sslFlags = flags | (cert->trust->sslFlags & 
-			(CERTDB_PRESERVE_TRUST_BITS|CERTDB_TRUSTED_CLIENT_CA));
-	break;
-    default:
-	return CKR_ATTRIBUTE_READ_ONLY;
-    }
-
-    rv = nsslowcert_ChangeCertTrust(to->obj.slot->certDB,cert,&dbTrust);
-    if (rv != SECSuccess) {
-	return CKR_DEVICE_ERROR;
-    }
-    return CKR_OK;
-}
-
-static CK_RV
-pk11_forceTokenAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type, 
-						void *value, unsigned int len)
-{
-    PK11Attribute *attribute;
-    PK11TokenObject *to = pk11_narrowToTokenObject(object);
-    CK_RV crv = CKR_ATTRIBUTE_READ_ONLY;
-
-    PORT_Assert(to);
-    if (to == NULL) {
-	return CKR_DEVICE_ERROR;
-    }
-
-    /* if we are just setting it to the value we already have,
-     * allow it to happen. */
-    attribute=pk11_FindAttribute(object,type);
-    if ((attribute->attrib.ulValueLen == len) &&
-	PORT_Memcmp(attribute->attrib.pValue,value,len) == 0) {
-	pk11_FreeAttribute(attribute);
-	return CKR_OK;
-    }
-
-    switch (object->objclass) {
-    case CKO_CERTIFICATE:
-	/* change NICKNAME, EMAIL,  */
-	crv = pk11_SetCertAttribute(to,type,value,len);
-	break;
-    case CKO_NETSCAPE_CRL:
-	/* change URL */
-	break;
-    case CKO_NETSCAPE_TRUST:
-	crv = pk11_SetTrustAttribute(to,type,value,len);
-	break;
-    case CKO_PRIVATE_KEY:
-    case CKO_SECRET_KEY:
-	crv = pk11_SetPrivateKeyAttribute(to,type,value,len);
-	break;
-    }
-    pk11_FreeAttribute(attribute);
-    return crv;
-}
-	
-/*
- * force an attribute to a spaecif value.
- */
-CK_RV
-pk11_forceAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type, void *value,
-						unsigned int len)
-{
-    PK11Attribute *attribute;
-    void *att_val = NULL;
-    PRBool freeData = PR_FALSE;
-
-    if (pk11_isToken(object->handle)) {
-	return pk11_forceTokenAttribute(object,type,value,len);
-    }
-    attribute=pk11_FindAttribute(object,type);
-    if (attribute == NULL) return pk11_AddAttributeType(object,type,value,len);
-
-
-    if (value) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
-        if (len <= ATTR_SPACE) {
-	    att_val = attribute->space;
-	} else {
-	    att_val = PORT_Alloc(len);
-	    freeData = PR_TRUE;
-	}
-#else
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-	att_val = PORT_Alloc(len);
-	freeData = PR_TRUE;
-#else
-	att_val = PORT_ArenaAlloc(object->arena,len);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-#endif /* PKCS11_STATIC_ATTRIBUTES */
-	if (att_val == NULL) {
-	    return CKR_HOST_MEMORY;
-	}
-	if (attribute->attrib.pValue == att_val) {
-	    PORT_Memset(attribute->attrib.pValue,0,
-					attribute->attrib.ulValueLen);
-	}
-	PORT_Memcpy(att_val,value,len);
-    }
-    if (attribute->attrib.pValue != NULL) {
-	if (attribute->attrib.pValue != att_val) {
-	    PORT_Memset(attribute->attrib.pValue,0,
-					attribute->attrib.ulValueLen);
-	}
-	if (attribute->freeData) {
-	    PORT_Free(attribute->attrib.pValue);
-	}
-	attribute->freeData = PR_FALSE;
-	attribute->attrib.pValue = NULL;
-	attribute->attrib.ulValueLen = 0;
-    }
-    if (att_val) {
-	attribute->attrib.pValue = att_val;
-	attribute->attrib.ulValueLen = len;
-	attribute->freeData = freeData;
-    }
-    pk11_FreeAttribute(attribute);
-    return CKR_OK;
-}
-
-/*
- * return a null terminated string from attribute 'type'. This string
- * is allocated and needs to be freed with PORT_Free() When complete.
- */
-char *
-pk11_getString(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-    char *label = NULL;
-
-    attribute=pk11_FindAttribute(object,type);
-    if (attribute == NULL) return NULL;
-
-    if (attribute->attrib.pValue != NULL) {
-	label = (char *) PORT_Alloc(attribute->attrib.ulValueLen+1);
-	if (label == NULL) {
-    	    pk11_FreeAttribute(attribute);
-	    return NULL;
-	}
-
-	PORT_Memcpy(label,attribute->attrib.pValue,
-						attribute->attrib.ulValueLen);
-	label[attribute->attrib.ulValueLen] = 0;
-    }
-    pk11_FreeAttribute(attribute);
-    return label;
-}
-
-/*
- * decode when a particular attribute may be modified
- * 	PK11_NEVER: This attribute must be set at object creation time and
- *  can never be modified.
- *	PK11_ONCOPY: This attribute may be modified only when you copy the
- *  object.
- *	PK11_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
- *  CK_FALSE to CK_TRUE.
- *	PK11_ALWAYS: This attribute can always be modified.
- * Some attributes vary their modification type based on the class of the 
- *   object.
- */
-PK11ModifyType
-pk11_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
-{
-    /* if we don't know about it, user user defined, always allow modify */
-    PK11ModifyType mtype = PK11_ALWAYS; 
-
-    switch(type) {
-    /* NEVER */
-    case CKA_CLASS:
-    case CKA_CERTIFICATE_TYPE:
-    case CKA_KEY_TYPE:
-    case CKA_MODULUS:
-    case CKA_MODULUS_BITS:
-    case CKA_PUBLIC_EXPONENT:
-    case CKA_PRIVATE_EXPONENT:
-    case CKA_PRIME:
-    case CKA_SUBPRIME:
-    case CKA_BASE:
-    case CKA_PRIME_1:
-    case CKA_PRIME_2:
-    case CKA_EXPONENT_1:
-    case CKA_EXPONENT_2:
-    case CKA_COEFFICIENT:
-    case CKA_VALUE_LEN:
-    case CKA_ALWAYS_SENSITIVE:
-    case CKA_NEVER_EXTRACTABLE:
-    case CKA_NETSCAPE_DB:
-	mtype = PK11_NEVER;
-	break;
-
-    /* ONCOPY */
-    case CKA_TOKEN:
-    case CKA_PRIVATE:
-    case CKA_MODIFIABLE:
-	mtype = PK11_ONCOPY;
-	break;
-
-    /* SENSITIVE */
-    case CKA_SENSITIVE:
-    case CKA_EXTRACTABLE:
-	mtype = PK11_SENSITIVE;
-	break;
-
-    /* ALWAYS */
-    case CKA_LABEL:
-    case CKA_APPLICATION:
-    case CKA_ID:
-    case CKA_SERIAL_NUMBER:
-    case CKA_START_DATE:
-    case CKA_END_DATE:
-    case CKA_DERIVE:
-    case CKA_ENCRYPT:
-    case CKA_DECRYPT:
-    case CKA_SIGN:
-    case CKA_VERIFY:
-    case CKA_SIGN_RECOVER:
-    case CKA_VERIFY_RECOVER:
-    case CKA_WRAP:
-    case CKA_UNWRAP:
-	mtype = PK11_ALWAYS;
-	break;
-
-    /* DEPENDS ON CLASS */
-    case CKA_VALUE:
-	mtype = (inClass == CKO_DATA) ? PK11_ALWAYS : PK11_NEVER;
-	break;
-
-    case CKA_SUBJECT:
-	mtype = (inClass == CKO_CERTIFICATE) ? PK11_NEVER : PK11_ALWAYS;
-	break;
-    default:
-	break;
-    }
-    return mtype;
-}
-
-/* decode if a particular attribute is sensitive (cannot be read
- * back to the user of if the object is set to SENSITIVE) */
-PRBool
-pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
-{
-    switch(type) {
-    /* ALWAYS */
-    case CKA_PRIVATE_EXPONENT:
-    case CKA_PRIME_1:
-    case CKA_PRIME_2:
-    case CKA_EXPONENT_1:
-    case CKA_EXPONENT_2:
-    case CKA_COEFFICIENT:
-	return PR_TRUE;
-
-    /* DEPENDS ON CLASS */
-    case CKA_VALUE:
-	/* PRIVATE and SECRET KEYS have SENSITIVE values */
-	return (PRBool)((inClass == CKO_PRIVATE_KEY) || (inClass == CKO_SECRET_KEY));
-
-    default:
-	break;
-    }
-    return PR_FALSE;
-}
-
-/* 
- * copy an attribute into a SECItem. Secitem is allocated in the specified
- * arena.
- */
-CK_RV
-pk11_Attribute2SecItem(PLArenaPool *arena,SECItem *item,PK11Object *object,
-					CK_ATTRIBUTE_TYPE type)
-{
-    int len;
-    PK11Attribute *attribute;
-
-    attribute = pk11_FindAttribute(object, type);
-    if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
-    len = attribute->attrib.ulValueLen;
-
-    if (arena) {
-    	item->data = (unsigned char *) PORT_ArenaAlloc(arena,len);
-    } else {
-    	item->data = (unsigned char *) PORT_Alloc(len);
-    }
-    if (item->data == NULL) {
-	pk11_FreeAttribute(attribute);
-	return CKR_HOST_MEMORY;
-    }
-    item->len = len;
-    PORT_Memcpy(item->data,attribute->attrib.pValue, len);
-    pk11_FreeAttribute(attribute);
-    return CKR_OK;
-}
-
-void
-pk11_DeleteAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
-    PK11Attribute *attribute;
-    attribute = pk11_FindAttribute(object, type);
-    if (attribute == NULL) return ;
-    pk11_DeleteAttribute(object,attribute);
-    pk11_FreeAttribute(attribute);
-}
-
-CK_RV
-pk11_AddAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *valPtr,
-							CK_ULONG length)
-{
-    PK11Attribute *attribute;
-    attribute = pk11_NewAttribute(object,type,valPtr,length);
-    if (attribute == NULL) { return CKR_HOST_MEMORY; }
-    pk11_AddAttribute(object,attribute);
-    return CKR_OK;
-}
-
-/*
- * ******************** Object Utilities *******************************
- */
-
-static SECStatus
-pk11_deleteTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle)
-{
-   SECItem *item;
-   PRBool rem;
-
-   item = (SECItem *)PL_HashTableLookup(slot->tokenHashTable, (void *)handle);
-   if (item) {
-	SECITEM_FreeItem(item,PR_TRUE);
-   }
-   rem = PL_HashTableRemove(slot->tokenHashTable,(void *)handle) ;
-   return rem ? SECSuccess : SECFailure;
-}
-
-static SECStatus
-pk11_addTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle, SECItem *key)
-{
-    PLHashEntry *entry;
-    SECItem *item;
-
-    item = SECITEM_DupItem(key);
-    if (item == NULL) {
-	return SECFailure;
-    }
-    entry = PL_HashTableAdd(slot->tokenHashTable,(void *)handle,item);
-    if (entry == NULL) {
-	SECITEM_FreeItem(item,PR_TRUE);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static SECItem *
-pk11_lookupTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle)
-{
-    return (SECItem *)PL_HashTableLookup(slot->tokenHashTable, (void *)handle);
-}
-
-/*
- * use the refLock. This operations should be very rare, so the added
- * contention on the ref lock should be lower than the overhead of adding
- * a new lock. We use separate functions for this just in case I'm wrong.
- */
-static void
-pk11_tokenKeyLock(PK11Slot *slot) {
-    PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-}
-
-static void
-pk11_tokenKeyUnlock(PK11Slot *slot) {
-    PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-}
-
-
-/* allocation hooks that allow us to recycle old object structures */
-static PK11Object * objectFreeList = NULL;
-static PZLock *objectLock = NULL;
-static int object_count = 0;
-
-PK11Object *
-pk11_GetObjectFromList(PRBool *hasLocks, PRBool optimizeSpace, 
-						unsigned int hashSize) {
-    PK11Object *object;
-
-    if (!optimizeSpace) {
-	if (objectLock == NULL) {
-	    objectLock = PZ_NewLock(nssILockObject);
-	}
-
-	PK11_USE_THREADS(PZ_Lock(objectLock));
-	object = objectFreeList;
-	if (object) {
-	    objectFreeList = object->next;
-	    object_count--;
-	}    	
-	PK11_USE_THREADS(PZ_Unlock(objectLock));
-	if (object) {
-	    object->next = object->prev = NULL;
-            *hasLocks = PR_TRUE;
-	    return object;
-	}
-    }
-
-    object  = (PK11Object*)PORT_ZAlloc(sizeof(PK11SessionObject) + 
-		hashSize * sizeof(PK11Attribute *));
-    ((PK11SessionObject *)object)->hashSize = hashSize;
-    *hasLocks = PR_FALSE;
-    return object;
-}
-
-static void
-pk11_PutObjectToList(PK11SessionObject *object) {
-    if (!object->optimizeSpace && (object_count < MAX_OBJECT_LIST_SIZE)) {
-	PK11_USE_THREADS(PZ_Lock(objectLock));
-	object->obj.next = objectFreeList;
-	objectFreeList = &object->obj;
-	object_count++;
-	PK11_USE_THREADS(PZ_Unlock(objectLock));
-	return;
-    }
-    PK11_USE_THREADS(PZ_DestroyLock(object->attributeLock);)
-    PK11_USE_THREADS(PZ_DestroyLock(object->obj.refLock);)
-    object->attributeLock = object->obj.refLock = NULL;
-    PORT_Free(object);
-}
-
-static PK11Object *
-pk11_freeObjectData(PK11Object *object) {
-   PK11Object *next = object->next;
-
-   PORT_Free(object);
-   return next;
-}
-   
-void
-pk11_CleanupFreeLists()
-{
-    PK11Object *object;
-
-    if (!objectLock) {
-	return;
-    }
-    PK11_USE_THREADS(PZ_Lock(objectLock));
-    for (object= objectFreeList; object != NULL; 
-					object = pk11_freeObjectData(object)) {
-#ifdef PKCS11_USE_THREADS
-	PZ_DestroyLock(object->refLock);
-	PZ_DestroyLock(((PK11SessionObject *)object)->attributeLock);
-#endif
-    }
-    object_count = 0;
-    objectFreeList = NULL;
-    PK11_USE_THREADS(PZ_Unlock(objectLock));
-    PZ_DestroyLock(objectLock);
-    objectLock = NULL;
-}
-
-
-/*
- * Create a new object
- */
-PK11Object *
-pk11_NewObject(PK11Slot *slot)
-{
-    PK11Object *object;
-    PK11SessionObject *sessObject;
-    PRBool hasLocks = PR_FALSE;
-    int i;
-    unsigned int hashSize = 0;
-
-    hashSize = (slot->optimizeSpace) ? SPACE_ATTRIBUTE_HASH_SIZE :
-				TIME_ATTRIBUTE_HASH_SIZE;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
-    object = pk11_GetObjectFromList(&hasLocks, slot->optimizeSpace, hashSize);
-    if (object == NULL) {
-	return NULL;
-    }
-    sessObject = (PK11SessionObject *)object;
-    sessObject->nextAttr = 0;
-
-    for (i=0; i < MAX_OBJS_ATTRS; i++) {
-	sessObject->attrList[i].attrib.pValue = NULL;
-	sessObject->attrList[i].freeData = PR_FALSE;
-    }
-#else
-    PRArenaPool *arena;
-
-    arena = PORT_NewArena(2048);
-    if (arena == NULL) return NULL;
-
-    object = (PK11Object*)PORT_ArenaAlloc(arena,sizeof(PK11SessionObject)
-		+hashSize * sizeof(PK11Attribute *));
-    if (object == NULL) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-    object->arena = arena;
-
-    sessObject = (PK11SessionObject *)object;
-    sessObject->hashSize = hashSize;
-#endif
-    sessObject->optimizeSpace = slot->optimizeSpace;
-
-    object->handle = 0;
-    object->next = object->prev = NULL;
-    object->slot = slot;
-    object->objclass = 0xffff;
-    object->refCount = 1;
-    sessObject->sessionList.next = NULL;
-    sessObject->sessionList.prev = NULL;
-    sessObject->sessionList.parent = object;
-    sessObject->session = NULL;
-    sessObject->wasDerived = PR_FALSE;
-#ifdef PKCS11_USE_THREADS
-    if (!hasLocks) object->refLock = PZ_NewLock(nssILockRefLock);
-    if (object->refLock == NULL) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
-	PORT_Free(object);
-#else
-	PORT_FreeArena(arena,PR_FALSE);
-#endif
-	return NULL;
-    }
-    if (!hasLocks) sessObject->attributeLock = PZ_NewLock(nssILockAttribute);
-    if (sessObject->attributeLock == NULL) {
-	PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
-#ifdef PKCS11_STATIC_ATTRIBUTES
-	PORT_Free(object);
-#else
-	PORT_FreeArena(arena,PR_FALSE);
-#endif
-	return NULL;
-    }
-#else
-    sessObject->attributeLock = NULL;
-    object->refLock = NULL;
-#endif
-    for (i=0; i < sessObject->hashSize; i++) {
-	sessObject->head[i] = NULL;
-    }
-    object->objectInfo = NULL;
-    object->infoFree = NULL;
-    return object;
-}
-
-static CK_RV
-pk11_DestroySessionObjectData(PK11SessionObject *so)
-{
-	int i;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
-	for (i=0; i < MAX_OBJS_ATTRS; i++) {
-	    unsigned char *value = so->attrList[i].attrib.pValue;
-	    if (value) {
-		PORT_Memset(value,0,so->attrList[i].attrib.ulValueLen);
-		if (so->attrList[i].freeData) {
-		    PORT_Free(value);
-		}
-		so->attrList[i].attrib.pValue = NULL;
-		so->attrList[i].freeData = PR_FALSE;
-	    }
-	}
-#endif
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-	/* clean out the attributes */
-	/* since no one is referencing us, it's safe to walk the chain
-	 * without a lock */
-	for (i=0; i < so->hashSize; i++) {
-	    PK11Attribute *ap,*next;
-	    for (ap = so->head[i]; ap != NULL; ap = next) {
-		next = ap->next;
-		/* paranoia */
-		ap->next = ap->prev = NULL;
-		pk11_FreeAttribute(ap);
-	    }
-	    so->head[i] = NULL;
-	}
-#endif
-/*	PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock));*/
-	return CKR_OK;
-}
-
-/*
- * free all the data associated with an object. Object reference count must
- * be 'zero'.
- */
-static CK_RV
-pk11_DestroyObject(PK11Object *object)
-{
-    CK_RV crv = CKR_OK;
-    PK11SessionObject *so = pk11_narrowToSessionObject(object);
-    PK11TokenObject *to = pk11_narrowToTokenObject(object);
-
-    PORT_Assert(object->refCount == 0);
-
-    /* delete the database value */
-    if (to) {
-	if (to->dbKey.data) {
-	   PORT_Free(to->dbKey.data);
-	   to->dbKey.data = NULL;
-	}
-    } 
-    if (so) {
-	pk11_DestroySessionObjectData(so);
-    }
-    if (object->objectInfo) {
-	(*object->infoFree)(object->objectInfo);
-    }
-#ifdef PKCS11_STATIC_ATTRIBUTES
-    if (so) {
-	pk11_PutObjectToList(so);
-    } else {
-	if (object->refLock) {
-	    PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
-	}
-	PORT_Free(to);
-    }
-#else
-    if (object->refLock) {
-        PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
-    }
-    arena = object->arena;
-    PORT_FreeArena(arena,PR_FALSE);
-#endif
-    return crv;
-}
-
-void
-pk11_ReferenceObject(PK11Object *object)
-{
-    PK11_USE_THREADS(PZ_Lock(object->refLock);)
-    object->refCount++;
-    PK11_USE_THREADS(PZ_Unlock(object->refLock);)
-}
-
-static PK11Object *
-pk11_ObjectFromHandleOnSlot(CK_OBJECT_HANDLE handle, PK11Slot *slot)
-{
-    PK11Object **head;
-    PZLock *lock;
-    PK11Object *object;
-
-    if (pk11_isToken(handle)) {
-	return pk11_NewTokenObject(slot, NULL, handle);
-    }
-
-    head = slot->tokObjects;
-    lock = slot->objectLock;
-
-    PK11_USE_THREADS(PZ_Lock(lock);)
-    pk11queue_find(object,handle,head,slot->tokObjHashSize);
-    if (object) {
-	pk11_ReferenceObject(object);
-    }
-    PK11_USE_THREADS(PZ_Unlock(lock);)
-
-    return(object);
-}
-/*
- * look up and object structure from a handle. OBJECT_Handles only make
- * sense in terms of a given session.  make a reference to that object
- * structure returned.
- */
-PK11Object *
-pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle, PK11Session *session)
-{
-    PK11Slot *slot = pk11_SlotFromSession(session);
-
-    return pk11_ObjectFromHandleOnSlot(handle,slot);
-}
-
-
-/*
- * release a reference to an object handle
- */
-PK11FreeStatus
-pk11_FreeObject(PK11Object *object)
-{
-    PRBool destroy = PR_FALSE;
-    CK_RV crv;
-
-    PK11_USE_THREADS(PZ_Lock(object->refLock);)
-    if (object->refCount == 1) destroy = PR_TRUE;
-    object->refCount--;
-    PK11_USE_THREADS(PZ_Unlock(object->refLock);)
-
-    if (destroy) {
-	crv = pk11_DestroyObject(object);
-	if (crv != CKR_OK) {
-	   return PK11_DestroyFailure;
-	} 
-	return PK11_Destroyed;
-    }
-    return PK11_Busy;
-}
- 
-/*
- * add an object to a slot and session queue. These two functions
- * adopt the object.
- */
-void
-pk11_AddSlotObject(PK11Slot *slot, PK11Object *object)
-{
-    PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-    pk11queue_add(object,object->handle,slot->tokObjects,slot->tokObjHashSize);
-    PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-}
-
-void
-pk11_AddObject(PK11Session *session, PK11Object *object)
-{
-    PK11Slot *slot = pk11_SlotFromSession(session);
-    PK11SessionObject *so = pk11_narrowToSessionObject(object);
-
-    if (so) {
-	PK11_USE_THREADS(PZ_Lock(session->objectLock);)
-	pk11queue_add(&so->sessionList,0,session->objects,0);
-	so->session = session;
-	PK11_USE_THREADS(PZ_Unlock(session->objectLock);)
-    }
-    pk11_AddSlotObject(slot,object);
-    pk11_ReferenceObject(object);
-} 
-
-/*
- * add an object to a slot andsession queue
- */
-CK_RV
-pk11_DeleteObject(PK11Session *session, PK11Object *object)
-{
-    PK11Slot *slot = pk11_SlotFromSession(session);
-    PK11SessionObject *so = pk11_narrowToSessionObject(object);
-    PK11TokenObject *to = pk11_narrowToTokenObject(object);
-    CK_RV crv = CKR_OK;
-    SECStatus rv;
-    NSSLOWCERTCertificate *cert;
-    NSSLOWCERTCertTrust tmptrust;
-    PRBool isKrl;
-
-  /* Handle Token case */
-    if (so && so->session) {
-	PK11Session *session = so->session;
-	PK11_USE_THREADS(PZ_Lock(session->objectLock);)
-	pk11queue_delete(&so->sessionList,0,session->objects,0);
-	PK11_USE_THREADS(PZ_Unlock(session->objectLock);)
-	PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-	pk11queue_delete(object,object->handle,slot->tokObjects,
-						slot->tokObjHashSize);
-	PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-	pk11_FreeObject(object); /* reduce it's reference count */
-    } else {
-	PORT_Assert(to);
-	/* remove the objects from the real data base */
-	switch (object->handle & PK11_TOKEN_TYPE_MASK) {
-	case PK11_TOKEN_TYPE_PRIV:
-	case PK11_TOKEN_TYPE_KEY:
-	    /* KEYID is the public KEY for DSA and DH, and the MODULUS for
-	     *  RSA */
-	    PORT_Assert(slot->keyDB);
-	    rv = nsslowkey_DeleteKey(slot->keyDB, &to->dbKey);
-	    if (rv != SECSuccess) crv= CKR_DEVICE_ERROR;
-	    break;
-	case PK11_TOKEN_TYPE_PUB:
-	    break; /* public keys only exist at the behest of the priv key */
-	case PK11_TOKEN_TYPE_CERT:
-	    cert = nsslowcert_FindCertByKey(slot->certDB,&to->dbKey);
-	    if (cert == NULL) {
-		crv = CKR_DEVICE_ERROR;
-		break;
-	    }
-	    rv = nsslowcert_DeletePermCertificate(cert);
-	    if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
-	    nsslowcert_DestroyCertificate(cert);
-	    break;
-	case PK11_TOKEN_TYPE_CRL:
-	    isKrl = (PRBool) (object->handle == PK11_TOKEN_KRL_HANDLE);
-	    rv = nsslowcert_DeletePermCRL(slot->certDB,&to->dbKey,isKrl);
-	    if (rv == SECFailure) crv = CKR_DEVICE_ERROR;
-	    break;
-	case PK11_TOKEN_TYPE_TRUST:
-	    cert = nsslowcert_FindCertByKey(slot->certDB,&to->dbKey);
-	    if (cert == NULL) {
-		crv = CKR_DEVICE_ERROR;
-		break;
-	    }
-	    tmptrust = *cert->trust;
-	    tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS;
-	    tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS;
-	    tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS;
-	    tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN;
-	    tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN;
-	    tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN;
-	    rv = nsslowcert_ChangeCertTrust(slot->certDB,cert,&tmptrust);
-	    if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
-	    nsslowcert_DestroyCertificate(cert);
-	    break;
-	default:
-	    break;
-	}
-	pk11_tokenKeyLock(object->slot);
-	pk11_deleteTokenKeyByHandle(object->slot,object->handle);
-	pk11_tokenKeyUnlock(object->slot);
-    } 
-    return crv;
-}
-
-/*
- * copy the attributes from one object to another. Don't overwrite existing
- * attributes. NOTE: This is a pretty expensive operation since it
- * grabs the attribute locks for the src object for a *long* time.
- */
-CK_RV
-pk11_CopyObject(PK11Object *destObject,PK11Object *srcObject)
-{
-    PK11Attribute *attribute;
-    PK11SessionObject *src_so = pk11_narrowToSessionObject(srcObject);
-    int i;
-
-    if (src_so == NULL) {
-	return CKR_DEVICE_ERROR; /* can't copy token objects yet */
-    }
-
-    PK11_USE_THREADS(PZ_Lock(src_so->attributeLock);)
-    for(i=0; i < src_so->hashSize; i++) {
-	attribute = src_so->head[i];
-	do {
-	    if (attribute) {
-		if (!pk11_hasAttribute(destObject,attribute->handle)) {
-		    /* we need to copy the attribute since each attribute
-		     * only has one set of link list pointers */
-		    PK11Attribute *newAttribute = pk11_NewAttribute(
-			  destObject,pk11_attr_expand(&attribute->attrib));
-		    if (newAttribute == NULL) {
-			PK11_USE_THREADS(PZ_Unlock(src_so->attributeLock);)
-			return CKR_HOST_MEMORY;
-		    }
-		    pk11_AddAttribute(destObject,newAttribute);
-		}
-		attribute=attribute->next;
-	    }
-	} while (attribute != NULL);
-    }
-    PK11_USE_THREADS(PZ_Unlock(src_so->attributeLock);)
-    return CKR_OK;
-}
-
-/*
- * ******************** Search Utilities *******************************
- */
-
-/* add an object to a search list */
-CK_RV
-AddToList(PK11ObjectListElement **list,PK11Object *object)
-{
-     PK11ObjectListElement *newElem = 
-	(PK11ObjectListElement *)PORT_Alloc(sizeof(PK11ObjectListElement));
-
-     if (newElem == NULL) return CKR_HOST_MEMORY;
-
-     newElem->next = *list;
-     newElem->object = object;
-     pk11_ReferenceObject(object);
-
-    *list = newElem;
-    return CKR_OK;
-}
-
-
-/* return true if the object matches the template */
-PRBool
-pk11_objectMatch(PK11Object *object,CK_ATTRIBUTE_PTR theTemplate,int count)
-{
-    int i;
-
-    for (i=0; i < count; i++) {
-	PK11Attribute *attribute = pk11_FindAttribute(object,theTemplate[i].type);
-	if (attribute == NULL) {
-	    return PR_FALSE;
-	}
-	if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
-	    if (PORT_Memcmp(attribute->attrib.pValue,theTemplate[i].pValue,
-					theTemplate[i].ulValueLen) == 0) {
-        	pk11_FreeAttribute(attribute);
-		continue;
-	    }
-	}
-        pk11_FreeAttribute(attribute);
-	return PR_FALSE;
-    }
-    return PR_TRUE;
-}
-
-/* search through all the objects in the queue and return the template matches
- * in the object list.
- */
-CK_RV
-pk11_searchObjectList(PK11SearchResults *search,PK11Object **head, 
-	unsigned int size, PZLock *lock, CK_ATTRIBUTE_PTR theTemplate, 
-						int count, PRBool isLoggedIn)
-{
-    int i;
-    PK11Object *object;
-    CK_RV crv = CKR_OK;
-
-    for(i=0; i < size; i++) {
-        /* We need to hold the lock to copy a consistant version of
-         * the linked list. */
-        PK11_USE_THREADS(PZ_Lock(lock);)
-	for (object = head[i]; object != NULL; object= object->next) {
-	    if (pk11_objectMatch(object,theTemplate,count)) {
-		/* don't return objects that aren't yet visible */
-		if ((!isLoggedIn) && pk11_isTrue(object,CKA_PRIVATE)) continue;
-		pk11_addHandle(search,object->handle);
-	    }
-	}
-        PK11_USE_THREADS(PZ_Unlock(lock);)
-    }
-    return crv;
-}
-
-/*
- * free a single list element. Return the Next object in the list.
- */
-PK11ObjectListElement *
-pk11_FreeObjectListElement(PK11ObjectListElement *objectList)
-{
-    PK11ObjectListElement *ol = objectList->next;
-
-    pk11_FreeObject(objectList->object);
-    PORT_Free(objectList);
-    return ol;
-}
-
-/* free an entire object list */
-void
-pk11_FreeObjectList(PK11ObjectListElement *objectList)
-{
-    PK11ObjectListElement *ol;
-
-    for (ol= objectList; ol != NULL; ol = pk11_FreeObjectListElement(ol)) {}
-}
-
-/*
- * free a search structure
- */
-void
-pk11_FreeSearch(PK11SearchResults *search)
-{
-    if (search->handles) {
-	PORT_Free(search->handles);
-    }
-    PORT_Free(search);
-}
-
-/*
- * ******************** Session Utilities *******************************
- */
-
-/* update the sessions state based in it's flags and wether or not it's
- * logged in */
-void
-pk11_update_state(PK11Slot *slot,PK11Session *session)
-{
-    if (slot->isLoggedIn) {
-	if (slot->ssoLoggedIn) {
-    	    session->info.state = CKS_RW_SO_FUNCTIONS;
-	} else if (session->info.flags & CKF_RW_SESSION) {
-    	    session->info.state = CKS_RW_USER_FUNCTIONS;
-	} else {
-    	    session->info.state = CKS_RO_USER_FUNCTIONS;
-	}
-    } else {
-	if (session->info.flags & CKF_RW_SESSION) {
-    	    session->info.state = CKS_RW_PUBLIC_SESSION;
-	} else {
-    	    session->info.state = CKS_RO_PUBLIC_SESSION;
-	}
-    }
-}
-
-/* update the state of all the sessions on a slot */
-void
-pk11_update_all_states(PK11Slot *slot)
-{
-    int i;
-    PK11Session *session;
-
-    for (i=0; i < slot->sessHashSize; i++) {
-	PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,i));)
-	for (session = slot->head[i]; session; session = session->next) {
-	    pk11_update_state(slot,session);
-	}
-	PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,i));)
-    }
-}
-
-/*
- * context are cipher and digest contexts that are associated with a session
- */
-void
-pk11_FreeContext(PK11SessionContext *context)
-{
-    if (context->cipherInfo) {
-	(*context->destroy)(context->cipherInfo,PR_TRUE);
-    }
-    if (context->hashInfo) {
-	(*context->hashdestroy)(context->hashInfo,PR_TRUE);
-    }
-    if (context->key) {
-	pk11_FreeObject(context->key);
-	context->key = NULL;
-    }
-    PORT_Free(context);
-}
-
-/*
- * create a new nession. NOTE: The session handle is not set, and the
- * session is not added to the slot's session queue.
- */
-PK11Session *
-pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify, CK_VOID_PTR pApplication,
-							     CK_FLAGS flags)
-{
-    PK11Session *session;
-    PK11Slot *slot = pk11_SlotFromID(slotID);
-
-    if (slot == NULL) return NULL;
-
-    session = (PK11Session*)PORT_Alloc(sizeof(PK11Session));
-    if (session == NULL) return NULL;
-
-    session->next = session->prev = NULL;
-    session->refCount = 1;
-    session->enc_context = NULL;
-    session->hash_context = NULL;
-    session->sign_context = NULL;
-    session->search = NULL;
-    session->objectIDCount = 1;
-#ifdef PKCS11_USE_THREADS
-    session->objectLock = PZ_NewLock(nssILockObject);
-    if (session->objectLock == NULL) {
-	PORT_Free(session);
-	return NULL;
-    }
-#else
-    session->objectLock = NULL;
-#endif
-    session->objects[0] = NULL;
-
-    session->slot = slot;
-    session->notify = notify;
-    session->appData = pApplication;
-    session->info.flags = flags;
-    session->info.slotID = slotID;
-    session->info.ulDeviceError = 0;
-    pk11_update_state(slot,session);
-    return session;
-}
-
-
-/* free all the data associated with a session. */
-static void
-pk11_DestroySession(PK11Session *session)
-{
-    PK11ObjectList *op,*next;
-    PORT_Assert(session->refCount == 0);
-
-    /* clean out the attributes */
-    /* since no one is referencing us, it's safe to walk the chain
-     * without a lock */
-    for (op = session->objects[0]; op != NULL; op = next) {
-        next = op->next;
-        /* paranoia */
-	op->next = op->prev = NULL;
-	pk11_DeleteObject(session,op->parent);
-    }
-    PK11_USE_THREADS(PZ_DestroyLock(session->objectLock);)
-    if (session->enc_context) {
-	pk11_FreeContext(session->enc_context);
-    }
-    if (session->hash_context) {
-	pk11_FreeContext(session->hash_context);
-    }
-    if (session->sign_context) {
-	pk11_FreeContext(session->sign_context);
-    }
-    if (session->search) {
-	pk11_FreeSearch(session->search);
-    }
-    PORT_Free(session);
-}
-
-
-/*
- * look up a session structure from a session handle
- * generate a reference to it.
- */
-PK11Session *
-pk11_SessionFromHandle(CK_SESSION_HANDLE handle)
-{
-    PK11Slot	*slot = pk11_SlotFromSessionHandle(handle);
-    PK11Session *session;
-
-    PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,handle));)
-    pk11queue_find(session,handle,slot->head,slot->sessHashSize);
-    if (session) session->refCount++;
-    PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,handle));)
-
-    return (session);
-}
-
-/*
- * release a reference to a session handle
- */
-void
-pk11_FreeSession(PK11Session *session)
-{
-    PRBool destroy = PR_FALSE;
-    PK11_USE_THREADS(PK11Slot *slot = pk11_SlotFromSession(session);)
-
-    PK11_USE_THREADS(PZ_Lock(PK11_SESSION_LOCK(slot,session->handle));)
-    if (session->refCount == 1) destroy = PR_TRUE;
-    session->refCount--;
-    PK11_USE_THREADS(PZ_Unlock(PK11_SESSION_LOCK(slot,session->handle));)
-
-    if (destroy) pk11_DestroySession(session);
-}
-/*
- * handle Token Object stuff
- */
-static void
-pk11_XORHash(unsigned char *key, unsigned char *dbkey, int len)
-{
-   int i;
-
-   PORT_Memset(key, 0, 4);
-
-   for (i=0; i < len-4; i += 4) {
-	key[0] ^= dbkey[i];
-	key[1] ^= dbkey[i+1];
-	key[2] ^= dbkey[i+2];
-	key[3] ^= dbkey[i+3];
-   }
-}
-
-/* Make a token handle for an object and record it so we can find it again */
-CK_OBJECT_HANDLE
-pk11_mkHandle(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class)
-{
-    unsigned char hashBuf[4];
-    CK_OBJECT_HANDLE handle;
-    SECItem *key;
-
-    handle = class;
-    /* there is only one KRL, use a fixed handle for it */
-    if (handle != PK11_TOKEN_KRL_HANDLE) {
-	pk11_XORHash(hashBuf,dbKey->data,dbKey->len);
-	handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) | 
-					(hashBuf[2] << 8)  | hashBuf[3];
-	handle = PK11_TOKEN_MAGIC | class | 
-			(handle & ~(PK11_TOKEN_TYPE_MASK|PK11_TOKEN_MASK));
-	/* we have a CRL who's handle has randomly matched the reserved KRL
-	 * handle, increment it */
-	if (handle == PK11_TOKEN_KRL_HANDLE) {
-	    handle++;
-	}
-    }
-
-    pk11_tokenKeyLock(slot);
-    while ((key = pk11_lookupTokenKeyByHandle(slot,handle)) != NULL) {
-	if (SECITEM_ItemsAreEqual(key,dbKey)) {
-    	   pk11_tokenKeyUnlock(slot);
-	   return handle;
-	}
-	handle++;
-    }
-    pk11_addTokenKeyByHandle(slot,handle,dbKey);
-    pk11_tokenKeyUnlock(slot);
-    return handle;
-}
-
-void
-pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle)
-{
-    if (search->handles == NULL) {
-	return;
-    }
-    if (search->size >= search->array_size) {
-	search->array_size += NSC_SEARCH_BLOCK_SIZE;
-	search->handles = (CK_OBJECT_HANDLE *) PORT_Realloc(search->handles,
-				 sizeof(CK_OBJECT_HANDLE)* search->array_size);
-	if (search->handles == NULL) {
-	   return;
-	}
-    }
-    search->handles[search->size] = handle;
-    search->size++;
-}
-
-static const CK_OBJECT_HANDLE pk11_classArray[] = {
-    0, CKO_PRIVATE_KEY, CKO_PUBLIC_KEY, CKO_SECRET_KEY,
-    CKO_NETSCAPE_TRUST, CKO_NETSCAPE_CRL, CKO_NETSCAPE_SMIME,
-     CKO_CERTIFICATE };
-
-#define handleToClass(handle) \
-    pk11_classArray[((handle & PK11_TOKEN_TYPE_MASK))>>28]
-
-PK11Object *
-pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE handle)
-{
-    PK11Object *object = NULL;
-    PK11TokenObject *tokObject = NULL;
-    SECStatus rv;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
-    object = (PK11Object *) PORT_ZAlloc(sizeof(PK11TokenObject));
-    if (object == NULL) {
-	return NULL;
-    }
-#else
-    PRArenaPool *arena;
-
-    arena = PORT_NewArena(2048);
-    if (arena == NULL) return NULL;
-
-    object = (PK11Object*)PORT_ArenaZAlloc(arena,sizeof(PK11TokenObject));
-    if (object == NULL) {
-	PORT_FreeArena(arena,PR_FALSE);
-	return NULL;
-    }
-    object->arena = arena;
-#endif
-    tokObject = (PK11TokenObject *) object;
-
-    object->objclass = handleToClass(handle);
-    object->handle = handle;
-    object->slot = slot;
-    object->objectInfo = NULL;
-    object->infoFree = NULL;
-    if (dbKey == NULL) {
-	pk11_tokenKeyLock(slot);
-	dbKey = pk11_lookupTokenKeyByHandle(slot,handle);
-	if (dbKey == NULL) {
-    	    pk11_tokenKeyUnlock(slot);
-	    goto loser;
-	}
-	rv = SECITEM_CopyItem(NULL,&tokObject->dbKey,dbKey);
-	pk11_tokenKeyUnlock(slot);
-    } else {
-	rv = SECITEM_CopyItem(NULL,&tokObject->dbKey,dbKey);
-    }
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-#ifdef PKCS11_USE_THREADS
-    object->refLock = PZ_NewLock(nssILockRefLock);
-    if (object->refLock == NULL) {
-	goto loser;
-    }
-#endif
-    object->refCount = 1;
-
-    return object;
-loser:
-    if (object) {
-	(void) pk11_DestroyObject(object);
-    }
-    return NULL;
-
-}
-
-PRBool
-pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
-					CK_ATTRIBUTE_PTR theTemplate,int count)
-{
-    PK11Object *object;
-    PRBool ret;
-
-    object = pk11_NewTokenObject(slot,dbKey,PK11_TOKEN_MASK|class);
-    if (object == NULL) {
-	return PR_FALSE;
-    }
-
-    ret = pk11_objectMatch(object,theTemplate,count);
-    pk11_FreeObject(object);
-    return ret;
-}
-
-PK11TokenObject *
-pk11_convertSessionToToken(PK11Object *obj)
-{
-    SECItem *key;
-    PK11SessionObject *so = (PK11SessionObject *)obj;
-    PK11TokenObject *to = pk11_narrowToTokenObject(obj);
-    SECStatus rv;
-
-    pk11_DestroySessionObjectData(so);
-    PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock));
-    if (to == NULL) {
-	return NULL;
-    }
-    pk11_tokenKeyLock(so->obj.slot);
-    key = pk11_lookupTokenKeyByHandle(so->obj.slot,so->obj.handle);
-    if (key == NULL) {
-    	pk11_tokenKeyUnlock(so->obj.slot);
-	return NULL;
-    }
-    rv = SECITEM_CopyItem(NULL,&to->dbKey,key);
-    pk11_tokenKeyUnlock(so->obj.slot);
-    if (rv == SECFailure) {
-	return NULL;
-    }
-
-    return to;
-
-}
-
-PK11SessionObject *
-pk11_narrowToSessionObject(PK11Object *obj)
-{
-    return !pk11_isToken(obj->handle) ? (PK11SessionObject *)obj : NULL;
-}
-
-PK11TokenObject *
-pk11_narrowToTokenObject(PK11Object *obj)
-{
-    return pk11_isToken(obj->handle) ? (PK11TokenObject *)obj : NULL;
-}
-
diff --git a/security/nss/lib/softoken/pkcs11u.h b/security/nss/lib/softoken/pkcs11u.h
deleted file mode 100644
index 0addf0f6f..000000000
--- a/security/nss/lib/softoken/pkcs11u.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/*
- * reset any packing set by pkcs11p.h
- */
-
-#if defined (_WIN32)
-#pragma warning(disable:4103)
-#pragma pack(pop, cryptoki)
-#endif
-
diff --git a/security/nss/lib/softoken/rawhash.c b/security/nss/lib/softoken/rawhash.c
deleted file mode 100644
index 9250bf62b..000000000
--- a/security/nss/lib/softoken/rawhash.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "sechash.h"
-#include "blapi.h"	/* below the line */
-
-
-static void *
-null_hash_new_context(void)
-{
-    return NULL;
-}
-
-static void *
-null_hash_clone_context(void *v)
-{
-    PORT_Assert(v == NULL);
-    return NULL;
-}
-
-static void
-null_hash_begin(void *v)
-{
-}
-
-static void
-null_hash_update(void *v, const unsigned char *input, unsigned int length)
-{
-}
-
-static void
-null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
-	      unsigned int maxOut)
-{
-    *outLen = 0;
-}
-
-static void
-null_hash_destroy_context(void *v, PRBool b)
-{
-    PORT_Assert(v == NULL);
-}
-
-
-const SECHashObject SECRawHashObjects[] = {
-  { 0,
-    (void * (*)(void)) null_hash_new_context,
-    (void * (*)(void *)) null_hash_clone_context,
-    (void (*)(void *, PRBool)) null_hash_destroy_context,
-    (void (*)(void *)) null_hash_begin,
-    (void (*)(void *, const unsigned char *, unsigned int)) null_hash_update,
-    (void (*)(void *, unsigned char *, unsigned int *,
-	      unsigned int)) null_hash_end
-  },
-  { MD2_LENGTH,
-    (void * (*)(void)) MD2_NewContext,
-    (void * (*)(void *)) null_hash_clone_context,
-    (void (*)(void *, PRBool)) MD2_DestroyContext,
-    (void (*)(void *)) MD2_Begin,
-    (void (*)(void *, const unsigned char *, unsigned int)) MD2_Update,
-    (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) MD2_End
-  },
-  { MD5_LENGTH,
-    (void * (*)(void)) MD5_NewContext,
-    (void * (*)(void *)) null_hash_clone_context,
-    (void (*)(void *, PRBool)) MD5_DestroyContext,
-    (void (*)(void *)) MD5_Begin,
-    (void (*)(void *, const unsigned char *, unsigned int)) MD5_Update,
-    (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) MD5_End
-  },
-  { SHA1_LENGTH,
-    (void * (*)(void)) SHA1_NewContext,
-    (void * (*)(void *)) null_hash_clone_context,
-    (void (*)(void *, PRBool)) SHA1_DestroyContext,
-    (void (*)(void *)) SHA1_Begin,
-    (void (*)(void *, const unsigned char *, unsigned int)) SHA1_Update,
-    (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) SHA1_End
-  },
-};
-
diff --git a/security/nss/lib/softoken/rsawrapr.c b/security/nss/lib/softoken/rsawrapr.c
deleted file mode 100644
index b17d4fc8e..000000000
--- a/security/nss/lib/softoken/rsawrapr.c
+++ /dev/null
@@ -1,865 +0,0 @@
-/*
- * PKCS#1 encoding and decoding functions.
- * This file is believed to contain no code licensed from other parties.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "blapi.h"
-#include "softoken.h"
-#include "sechash.h"
-
-#include "lowkeyi.h"
-#include "secerr.h"
-
-#define RSA_BLOCK_MIN_PAD_LEN		8
-#define RSA_BLOCK_FIRST_OCTET		0x00
-#define RSA_BLOCK_PRIVATE0_PAD_OCTET	0x00
-#define RSA_BLOCK_PRIVATE_PAD_OCTET	0xff
-#define RSA_BLOCK_AFTER_PAD_OCTET	0x00
-
-#define OAEP_SALT_LEN		8
-#define OAEP_PAD_LEN		8
-#define OAEP_PAD_OCTET		0x00
-
-#define FLAT_BUFSIZE 512	/* bytes to hold flattened SHA1Context. */
-
-static SHA1Context *
-SHA1_CloneContext(SHA1Context *original)
-{
-    SHA1Context *  clone	= NULL;
-    unsigned char *pBuf;
-    int            sha1ContextSize = SHA1_FlattenSize(original);
-    SECStatus      frv;
-    unsigned char  buf[FLAT_BUFSIZE];
-
-    PORT_Assert(sizeof buf >= sha1ContextSize);
-    if (sizeof buf >= sha1ContextSize) {
-    	pBuf = buf;
-    } else {
-        pBuf = PORT_Alloc(sha1ContextSize);
-	if (!pBuf)
-	    goto done;
-    }
-
-    frv = SHA1_Flatten(original, pBuf);
-    if (frv == SECSuccess) {
-	clone = SHA1_Resurrect(pBuf, NULL);
-	memset(pBuf, 0, sha1ContextSize);
-    }
-done:
-    if (pBuf != buf)
-    	PORT_Free(pBuf);
-    return clone;
-}
-
-/*
- * Modify data by XORing it with a special hash of salt.
- */
-static SECStatus
-oaep_xor_with_h1(unsigned char *data, unsigned int datalen,
-		 unsigned char *salt, unsigned int saltlen)
-{
-    SHA1Context *sha1cx;
-    unsigned char *dp, *dataend;
-    unsigned char end_octet;
-
-    sha1cx = SHA1_NewContext();
-    if (sha1cx == NULL) {
-	return SECFailure;
-    }
-
-    /*
-     * Get a hash of salt started; we will use it several times,
-     * adding in a different end octet (x00, x01, x02, ...).
-     */
-    SHA1_Begin (sha1cx);
-    SHA1_Update (sha1cx, salt, saltlen);
-    end_octet = 0;
-
-    dp = data;
-    dataend = data + datalen;
-
-    while (dp < dataend) {
-	SHA1Context *sha1cx_h1;
-	unsigned int sha1len, sha1off;
-	unsigned char sha1[SHA1_LENGTH];
-
-	/*
-	 * Create hash of (salt || end_octet)
-	 */
-	sha1cx_h1 = SHA1_CloneContext (sha1cx);
-	SHA1_Update (sha1cx_h1, &end_octet, 1);
-	SHA1_End (sha1cx_h1, sha1, &sha1len, sizeof(sha1));
-	SHA1_DestroyContext (sha1cx_h1, PR_TRUE);
-	PORT_Assert (sha1len == SHA1_LENGTH);
-
-	/*
-	 * XOR that hash with the data.
-	 * When we have fewer than SHA1_LENGTH octets of data
-	 * left to xor, use just the low-order ones of the hash.
-	 */
-	sha1off = 0;
-	if ((dataend - dp) < SHA1_LENGTH)
-	    sha1off = SHA1_LENGTH - (dataend - dp);
-	while (sha1off < SHA1_LENGTH)
-	    *dp++ ^= sha1[sha1off++];
-
-	/*
-	 * Bump for next hash chunk.
-	 */
-	end_octet++;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * Modify salt by XORing it with a special hash of data.
- */
-static SECStatus
-oaep_xor_with_h2(unsigned char *salt, unsigned int saltlen,
-		 unsigned char *data, unsigned int datalen)
-{
-    unsigned char sha1[SHA1_LENGTH];
-    unsigned char *psalt, *psha1, *saltend;
-    SECStatus rv;
-
-    /*
-     * Create a hash of data.
-     */
-    rv = SHA1_HashBuf (sha1, data, datalen);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-
-    /*
-     * XOR the low-order octets of that hash with salt.
-     */
-    PORT_Assert (saltlen <= SHA1_LENGTH);
-    saltend = salt + saltlen;
-    psalt = salt;
-    psha1 = sha1 + SHA1_LENGTH - saltlen;
-    while (psalt < saltend) {
-	*psalt++ ^= *psha1++;
-    }
-
-    return SECSuccess;
-}
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1.
- */
-static unsigned char *
-rsa_FormatOneBlock(unsigned modulusLen, RSA_BlockType blockType,
-		   SECItem *data)
-{
-    unsigned char *block;
-    unsigned char *bp;
-    int padLen;
-    int i;
-
-    block = (unsigned char *) PORT_Alloc(modulusLen);
-    if (block == NULL)
-	return NULL;
-
-    bp = block;
-
-    /*
-     * All RSA blocks start with two octets:
-     *	0x00 || BlockType
-     */
-    *bp++ = RSA_BLOCK_FIRST_OCTET;
-    *bp++ = (unsigned char) blockType;
-
-    switch (blockType) {
-
-      /*
-       * Blocks intended for private-key operation.
-       */
-      case RSA_BlockPrivate0: /* essentially unused */
-      case RSA_BlockPrivate:	 /* preferred method */
-	/*
-	 * 0x00 || BT || Pad || 0x00 || ActualData
-	 *   1      1   padLen    1      data->len
-	 * Pad is either all 0x00 or all 0xff bytes, depending on blockType.
-	 */
-	padLen = modulusLen - data->len - 3;
-	PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
-	PORT_Memset (bp,
-		   blockType == RSA_BlockPrivate0
-			? RSA_BLOCK_PRIVATE0_PAD_OCTET
-			: RSA_BLOCK_PRIVATE_PAD_OCTET,
-		   padLen);
-	bp += padLen;
-	*bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-	PORT_Memcpy (bp, data->data, data->len);
-	break;
-
-      /*
-       * Blocks intended for public-key operation.
-       */
-      case RSA_BlockPublic:
-
-	/*
-	 * 0x00 || BT || Pad || 0x00 || ActualData
-	 *   1      1   padLen    1      data->len
-	 * Pad is all non-zero random bytes.
-	 */
-	padLen = modulusLen - data->len - 3;
-	PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
-	for (i = 0; i < padLen; i++) {
-	    /* Pad with non-zero random data. */
-	    do {
-		RNG_GenerateGlobalRandomBytes(bp + i, 1);
-	    } while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET);
-	}
-	bp += padLen;
-	*bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-	PORT_Memcpy (bp, data->data, data->len);
-
-	break;
-
-      /*
-       * Blocks intended for public-key operation, using
-       * Optimal Asymmetric Encryption Padding (OAEP).
-       */
-      case RSA_BlockOAEP:
-	/*
-	 * 0x00 || BT || Modified2(Salt) || Modified1(PaddedData)
-	 *   1      1     OAEP_SALT_LEN     OAEP_PAD_LEN + data->len [+ N]
-	 *
-	 * where:
-	 *   PaddedData is "Pad1 || ActualData [|| Pad2]"
-	 *   Salt is random data.
-	 *   Pad1 is all zeros.
-	 *   Pad2, if present, is random data.
-	 *   (The "modified" fields are all the same length as the original
-	 * unmodified values; they are just xor'd with other values.)
-	 *
-	 *   Modified1 is an XOR of PaddedData with a special octet
-	 * string constructed of iterated hashing of Salt (see below).
-	 *   Modified2 is an XOR of Salt with the low-order octets of
-	 * the hash of Modified1 (see farther below ;-).
-	 *
-	 * Whew!
-	 */
-
-
-	/*
-	 * Salt
-	 */
-	RNG_GenerateGlobalRandomBytes(bp, OAEP_SALT_LEN);
-	bp += OAEP_SALT_LEN;
-
-	/*
-	 * Pad1
-	 */
-	PORT_Memset (bp, OAEP_PAD_OCTET, OAEP_PAD_LEN);
-	bp += OAEP_PAD_LEN;
-
-	/*
-	 * Data
-	 */
-	PORT_Memcpy (bp, data->data, data->len);
-	bp += data->len;
-
-	/*
-	 * Pad2
-	 */
-	if (bp < (block + modulusLen))
-	    RNG_GenerateGlobalRandomBytes(bp, block - bp + modulusLen);
-
-	/*
-	 * Now we have the following:
-	 * 0x00 || BT || Salt || PaddedData
-	 * (From this point on, "Pad1 || Data [|| Pad2]" is treated
-	 * as the one entity PaddedData.)
-	 *
-	 * We need to turn PaddedData into Modified1.
-	 */
-	if (oaep_xor_with_h1(block + 2 + OAEP_SALT_LEN,
-			     modulusLen - 2 - OAEP_SALT_LEN,
-			     block + 2, OAEP_SALT_LEN) != SECSuccess) {
-	    PORT_Free (block);
-	    return NULL;
-	}
-
-	/*
-	 * Now we have:
-	 * 0x00 || BT || Salt || Modified1(PaddedData)
-	 *
-	 * The remaining task is to turn Salt into Modified2.
-	 */
-	if (oaep_xor_with_h2(block + 2, OAEP_SALT_LEN,
-			     block + 2 + OAEP_SALT_LEN,
-			     modulusLen - 2 - OAEP_SALT_LEN) != SECSuccess) {
-	    PORT_Free (block);
-	    return NULL;
-	}
-
-	break;
-
-      default:
-	PORT_Assert (0);
-	PORT_Free (block);
-	return NULL;
-    }
-
-    return block;
-}
-
-static SECStatus
-rsa_FormatBlock(SECItem *result, unsigned modulusLen,
-		RSA_BlockType blockType, SECItem *data)
-{
-    /*
-     * XXX For now assume that the data length fits in a single
-     * XXX encryption block; the ASSERTs below force this.
-     * XXX To fix it, each case will have to loop over chunks whose
-     * XXX lengths satisfy the assertions, until all data is handled.
-     * XXX (Unless RSA has more to say about how to handle data
-     * XXX which does not fit in a single encryption block?)
-     * XXX And I do not know what the result is supposed to be,
-     * XXX so the interface to this function may need to change
-     * XXX to allow for returning multiple blocks, if they are
-     * XXX not wanted simply concatenated one after the other.
-     */
-
-    switch (blockType) {
-      case RSA_BlockPrivate0:
-      case RSA_BlockPrivate:
-      case RSA_BlockPublic:
-	/*
-	 * 0x00 || BT || Pad || 0x00 || ActualData
-	 *
-	 * The "3" below is the first octet + the second octet + the 0x00
-	 * octet that always comes just before the ActualData.
-	 */
-	PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
-
-	result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
-	if (result->data == NULL) {
-	    result->len = 0;
-	    return SECFailure;
-	}
-	result->len = modulusLen;
-
-	break;
-
-      case RSA_BlockOAEP:
-	/*
-	 * 0x00 || BT || M1(Salt) || M2(Pad1||ActualData[||Pad2])
-	 *
-	 * The "2" below is the first octet + the second octet.
-	 * (The other fields do not contain the clear values, but are
-	 * the same length as the clear values.)
-	 */
-	PORT_Assert (data->len <= (modulusLen - (2 + OAEP_SALT_LEN
-						 + OAEP_PAD_LEN)));
-
-	result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
-	if (result->data == NULL) {
-	    result->len = 0;
-	    return SECFailure;
-	}
-	result->len = modulusLen;
-
-	break;
-
-      case RSA_BlockRaw:
-	/*
-	 * Pad || ActualData
-	 * Pad is zeros. The application is responsible for recovering
-	 * the actual data.
-	 */
-	result->data = (unsigned char*)PORT_ZAlloc(modulusLen);
-	result->len = modulusLen;
-	PORT_Memcpy(result->data+(modulusLen-data->len),data->data,data->len);
-	break;
-
-      default:
-	PORT_Assert (0);
-	result->data = NULL;
-	result->len = 0;
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_Sign(NSSLOWKEYPrivateKey *key, 
-         unsigned char *      output, 
-	 unsigned int *       output_len,
-         unsigned int         maxOutputLen, 
-	 unsigned char *      input, 
-	 unsigned int         input_len)
-{
-    SECStatus     rv          = SECSuccess;
-    unsigned int  modulus_len = nsslowkey_PrivateModulusLen(key);
-    SECItem       formatted;
-    SECItem       unformatted;
-
-    if (maxOutputLen < modulus_len) 
-    	return SECFailure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	return SECFailure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPrivate,
-			 &unformatted);
-    if (rv != SECSuccess) 
-    	goto done;
-
-    rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
-    *output_len = modulus_len;
-
-    goto done;
-
-done:
-    if (formatted.data != NULL) 
-    	PORT_ZFree(formatted.data, modulus_len);
-    return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSign(NSSLOWKEYPublicKey *key,
-              unsigned char *     sign, 
-	      unsigned int        sign_len, 
-	      unsigned char *     hash, 
-	      unsigned int        hash_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
-    unsigned int    i;
-    unsigned char * buffer;
-
-    modulus_len = nsslowkey_PublicModulusLen(key);
-    if (sign_len != modulus_len) 
-    	goto failure;
-    if (hash_len > modulus_len - 8) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * check the padding that was used
-     */
-    if (buffer[0] != 0 || buffer[1] != 1) 
-    	goto loser;
-    for (i = 2; i < modulus_len - hash_len - 1; i++) {
-	if (buffer[i] == 0) 
-	    break;
-	if (buffer[i] != 0xff) 
-	    goto loser;
-    }
-
-    /*
-     * make sure we get the same results
-     */
-    if (PORT_Memcmp(buffer + modulus_len - hash_len, hash, hash_len) != 0)
-	goto loser;
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecover(NSSLOWKEYPublicKey *key,
-                     unsigned char *     data,
-                     unsigned int *      data_len, 
-		     unsigned int        max_output_len, 
-		     unsigned char *     sign,
-		     unsigned int        sign_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
-    unsigned int    i;
-    unsigned char * buffer;
-
-    if (sign_len != modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-    if (rv != SECSuccess)
-    	goto loser;
-    *data_len = 0;
-
-    /*
-     * check the padding that was used
-     */
-    if (buffer[0] != 0 || buffer[1] != 1) 
-    	goto loser;
-    for (i = 2; i < modulus_len; i++) {
-	if (buffer[i] == 0) {
-	    *data_len = modulus_len - i - 1;
-	    break;
-	}
-	if (buffer[i] != 0xff) 
-	    goto loser;
-    }
-    if (*data_len == 0) 
-    	goto loser;
-    if (*data_len > max_output_len) 
-    	goto loser;
-
-    /*
-     * make sure we get the same results
-     */
-    PORT_Memcpy(data,buffer + modulus_len - *data_len, *data_len);
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptBlock(NSSLOWKEYPublicKey *key, 
-                 unsigned char *     output, 
-		 unsigned int *      output_len,
-                 unsigned int        max_output_len, 
-		 unsigned char *     input, 
-		 unsigned int        input_len)
-{
-    SECStatus     rv;
-    unsigned int  modulus_len = nsslowkey_PublicModulusLen(key);
-    SECItem       formatted;
-    SECItem       unformatted;
-
-    formatted.data = NULL;
-    if (max_output_len < modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPublic,
-			 &unformatted);
-    if (rv != SECSuccess) 
-	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
-    if (rv != SECSuccess) 
-    	goto failure;
-
-    PORT_ZFree(formatted.data, modulus_len);
-    *output_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    if (formatted.data != NULL) 
-	PORT_ZFree(formatted.data, modulus_len);
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, 
-                 unsigned char *      output, 
-		 unsigned int *       output_len,
-                 unsigned int         max_output_len, 
-		 unsigned char *      input, 
-		 unsigned int         input_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PrivateModulusLen(key);
-    unsigned int    i;
-    unsigned char * buffer;
-
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-    if (input_len != modulus_len)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PrivateKeyOp(&key->u.rsa, buffer, input);
-    if (rv != SECSuccess) 
-    	goto loser;
-
-    if (buffer[0] != 0 || buffer[1] != 2) 
-    	goto loser;
-    *output_len = 0;
-    for (i = 2; i < modulus_len; i++) {
-	if (buffer[i] == 0) {
-	    *output_len = modulus_len - i - 1;
-	    break;
-	}
-    }
-    if (*output_len == 0) 
-    	goto loser;
-    if (*output_len > max_output_len) 
-    	goto loser;
-
-    PORT_Memcpy(output, buffer + modulus_len - *output_len, *output_len);
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-/*
- * added to make pkcs #11 happy
- *   RAW is RSA_X_509
- */
-SECStatus
-RSA_SignRaw(NSSLOWKEYPrivateKey *key, 
-            unsigned char *      output, 
-	    unsigned int *       output_len,
-            unsigned int         maxOutputLen, 
-	    unsigned char *      input, 
-	    unsigned int         input_len)
-{
-    SECStatus    rv          = SECSuccess;
-    unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
-    SECItem      formatted;
-    SECItem      unformatted;
-
-    if (maxOutputLen < modulus_len) 
-    	return SECFailure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	return SECFailure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
-    if (rv != SECSuccess) 
-    	goto done;
-
-    rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
-    *output_len = modulus_len;
-
-done:
-    if (formatted.data != NULL) 
-    	PORT_ZFree(formatted.data, modulus_len);
-    return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRaw(NSSLOWKEYPublicKey *key,
-                 unsigned char *     sign, 
-		 unsigned int        sign_len, 
-		 unsigned char *     hash, 
-		 unsigned int        hash_len)
-{
-    SECStatus       rv;
-    unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
-    unsigned char * buffer;
-
-    if (sign_len != modulus_len) 
-    	goto failure;
-    if (hash_len > modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
-    if (!buffer)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-     * make sure we get the same results
-     */
-    /* NOTE: should we verify the leading zeros? */
-    if (PORT_Memcmp(buffer + (modulus_len-hash_len), hash, hash_len) != 0)
-	goto loser;
-
-    PORT_Free(buffer);
-    return SECSuccess;
-
-loser:
-    PORT_Free(buffer);
-failure:
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecoverRaw(NSSLOWKEYPublicKey *key,
-                        unsigned char *     data,
-                        unsigned int *      data_len, 
-			unsigned int        max_output_len, 
-			unsigned char *     sign,
-			unsigned int        sign_len)
-{
-    SECStatus      rv;
-    unsigned int   modulus_len = nsslowkey_PublicModulusLen(key);
-
-    if (sign_len != modulus_len) 
-    	goto failure;
-    if (max_output_len < modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, data, sign);
-    if (rv != SECSuccess)
-	goto failure;
-
-    *data_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    return SECFailure;
-}
-
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptRaw(NSSLOWKEYPublicKey *key, 
-	       unsigned char *     output, 
-	       unsigned int *      output_len,
-               unsigned int        max_output_len, 
-	       unsigned char *     input, 
-	       unsigned int        input_len)
-{
-    SECStatus rv;
-    unsigned int  modulus_len = nsslowkey_PublicModulusLen(key);
-    SECItem       formatted;
-    SECItem       unformatted;
-
-    formatted.data = NULL;
-    if (max_output_len < modulus_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-
-    unformatted.len  = input_len;
-    unformatted.data = input;
-    formatted.data   = NULL;
-    rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
-    if (rv != SECSuccess)
-	goto failure;
-
-    rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
-    if (rv != SECSuccess) 
-    	goto failure;
-
-    PORT_ZFree(formatted.data, modulus_len);
-    *output_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    if (formatted.data != NULL) 
-	PORT_ZFree(formatted.data, modulus_len);
-    return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, 
-               unsigned char *      output, 
-	       unsigned int *       output_len,
-               unsigned int         max_output_len, 
-	       unsigned char *      input, 
-	       unsigned int         input_len)
-{
-    SECStatus     rv;
-    unsigned int  modulus_len = nsslowkey_PrivateModulusLen(key);
-
-    if (modulus_len <= 0) 
-    	goto failure;
-    if (modulus_len > max_output_len) 
-    	goto failure;
-    PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
-    if (key->keyType != NSSLOWKEYRSAKey)
-    	goto failure;
-    if (input_len != modulus_len) 
-    	goto failure;
-
-    rv = RSA_PrivateKeyOp(&key->u.rsa, output, input);
-    if (rv != SECSuccess)
-    	goto failure;
-
-    *output_len = modulus_len;
-    return SECSuccess;
-
-failure:
-    return SECFailure;
-}
diff --git a/security/nss/lib/softoken/softkver.c b/security/nss/lib/softoken/softkver.c
deleted file mode 100644
index 966706f6e..000000000
--- a/security/nss/lib/softoken/softkver.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2002 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-#define _CLIENT_STRING ""
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_softokn_rcsid[] = "$Header: NSS " NSS_VERSION _CLIENT_STRING _DEBUG_STRING
-        "  " __DATE__ " " __TIME__ " $";
-const char __nss_softokn_sccsid[] = "@(#)NSS " NSS_VERSION _CLIENT_STRING _DEBUG_STRING
-        "  " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/softoken/softoken.h b/security/nss/lib/softoken/softoken.h
deleted file mode 100644
index f9fb06222..000000000
--- a/security/nss/lib/softoken/softoken.h
+++ /dev/null
@@ -1,157 +0,0 @@
-/*
- * softoken.h - private data structures and prototypes for the softoken lib
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SOFTOKEN_H_
-#define _SOFTOKEN_H_
-
-#include "blapi.h"
-#include "lowkeyti.h"
-#include "softoknt.h"
-#include "secoidt.h"
-
-#include "pkcs11t.h"     /* CK_RV Required for pk11_fipsPowerUpSelfTest(). */
-
-SEC_BEGIN_PROTOS
-
-/*
-** RSA encryption/decryption. When encrypting/decrypting the output
-** buffer must be at least the size of the public key modulus.
-*/
-
-/*
-** Format some data into a PKCS#1 encryption block, preparing the
-** data for RSA encryption.
-**	"result" where the formatted block is stored (memory is allocated)
-**	"modulusLen" the size of the formatted block
-**	"blockType" what block type to use (SEC_RSABlock*)
-**	"data" the data to format
-*/
-extern SECStatus RSA_FormatBlock(SECItem *result,
-				 unsigned int modulusLen,
-				 RSA_BlockType blockType,
-				 SECItem *data);
-/*
-** Similar, but just returns a pointer to the allocated memory, *and*
-** will *only* format one block, even if we (in the future) modify
-** RSA_FormatBlock() to loop over multiples of modulusLen.
-*/
-extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen,
-					 RSA_BlockType blockType,
-					 SECItem *data);
-
-
-
-/*
- * convenience wrappers for doing single RSA operations. They create the
- * RSA context internally and take care of the formatting
- * requirements. Blinding happens automagically within RSA_SignHash and
- * RSA_DecryptBlock.
- */
-extern
-SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output,
-		       unsigned int *outputLen, unsigned int maxOutputLen,
-		       unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign,
-			    unsigned int signLength, unsigned char *hash,
-			    unsigned int hashLength);
-extern
-SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
-    			    unsigned int *data_len,unsigned int max_output_len, 
-			    unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptBlock(NSSLOWKEYPublicKey *key, unsigned char *output,
-			   unsigned int *outputLen, unsigned int maxOutputLen,
-			   unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, unsigned char *output,
-			   unsigned int *outputLen, unsigned int maxOutputLen,
-			   unsigned char *input, unsigned int inputLen);
-
-/*
- * added to make pkcs #11 happy
- *   RAW is RSA_X_509
- */
-extern
-SECStatus RSA_SignRaw( NSSLOWKEYPrivateKey *key, unsigned char *output,
-			 unsigned int *output_len, unsigned int maxOutputLen,
-			 unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_CheckSignRaw( NSSLOWKEYPublicKey *key, unsigned char *sign, 
-			    unsigned int sign_len, unsigned char *hash, 
-			    unsigned int hash_len);
-extern
-SECStatus RSA_CheckSignRecoverRaw( NSSLOWKEYPublicKey *key, unsigned char *data,
-			    unsigned int *data_len, unsigned int max_output_len,
-			    unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptRaw( NSSLOWKEYPublicKey *key, unsigned char *output,
-			    unsigned int *output_len,
-			    unsigned int max_output_len, 
-			    unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
-			     unsigned int *output_len,
-    			     unsigned int max_output_len,
-			     unsigned char *input, unsigned int input_len);
-
-/*
-** Prepare a buffer for DES encryption, growing to the appropriate boundary,
-** filling with the appropriate padding.
-** We add from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
-** The extra bytes contain the value of the length of the padding:
-** if we have 2 bytes of padding, then the padding is "0x02, 0x02".
-**
-** NOTE: If arena is non-NULL, we re-allocate from there, otherwise
-** we assume (and use) PR memory (re)allocation.
-** Maybe this belongs in util?
-*/
-extern unsigned char * DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, 
-                                     unsigned int inlen, unsigned int *outlen);
-
-
-/****************************************/
-/*
-** Power-Up selftests required for FIPS and invoked only
-** under PKCS #11 FIPS mode.
-*/
-extern CK_RV pk11_fipsPowerUpSelfTest( void ); 
-
-
-SEC_END_PROTOS
-
-#endif /* _SOFTOKEN_H_ */
diff --git a/security/nss/lib/softoken/softokn.def b/security/nss/lib/softoken/softokn.def
deleted file mode 100644
index d851aa34d..000000000
--- a/security/nss/lib/softoken/softokn.def
+++ /dev/null
@@ -1,57 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation.  Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation.  All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s): 
-;+#	Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above.  If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL.  If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+#   1. For all unix platforms, the string ";-"  means "remove this line"
-;+#   2. For all unix platforms, the string " DATA " will be removed from any 
-;+#	line on which it occurs.
-;+#   3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+#      On AIX, lines containing ";+" will be removed.  
-;+#   4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+#   5. For all unix platforms, after the above processing has taken place,
-;+#    all characters after the first ";" on the line will be removed.  
-;+#    And for AIX, the first ";" will also be removed.
-;+#  This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+#   directives are hidden behind ";", ";+", and ";-"
-;+NSS_3.4 {       # NSS 3.4 release
-;+    global:
-LIBRARY softokn3 ;-
-EXPORTS ;-
-C_GetFunctionList; Make this function like a real PKCS #11 module as well
-FC_GetFunctionList;
-NSC_GetFunctionList;
-NSC_ModuleDBFunc;
-;+    local:
-;+       *;
-;+};
diff --git a/security/nss/lib/softoken/softokn.rc b/security/nss/lib/softoken/softokn.rc
deleted file mode 100644
index a6477ed12..000000000
--- a/security/nss/lib/softoken/softokn.rc
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "softoken"
-#ifdef MOZ_CLIENT
-#define CLIENTS " for Clients"
-#else
-#define CLIENTS ""
-#endif
-
-#ifdef REMOTE_DBM
-#define DBM " with Shared Database"
-#else
-#define DBM ""
-#endif
-
-#define MY_FILEDESCRIPTION "NSS PKCS #11 Library" CLIENTS DBM
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
-    BLOCK "StringFileInfo"
-    BEGIN
-        BLOCK "040904B0" // Lang=US English, CharSet=Unicode
-        BEGIN
-            VALUE "CompanyName", "Netscape Communications Corporation\0"
-            VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
-            VALUE "FileVersion", NSS_VERSION "\0"
-            VALUE "InternalName", MY_INTERNAL_NAME "\0"
-            VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
-            VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
-            VALUE "ProductName", "Network Security Services\0"
-            VALUE "ProductVersion", NSS_VERSION "\0"
-        END
-    END
-    BLOCK "VarFileInfo"
-    BEGIN
-        VALUE "Translation", 0x409, 1200
-    END
-END
diff --git a/security/nss/lib/softoken/softoknt.h b/security/nss/lib/softoken/softoknt.h
deleted file mode 100644
index da66c9042..000000000
--- a/security/nss/lib/softoken/softoknt.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * softoknt.h - public data structures for the software token library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SOFTOKNT_H_
-#define _SOFTOKNT_H_
-
-/*
- * RSA block types
- *
- * The actual values are important -- they are fixed, *not* arbitrary.
- * The explicit value assignments are not needed (because C would give
- * us those same values anyway) but are included as a reminder...
- */
-typedef enum {
-    RSA_BlockPrivate0 = 0,	/* unused, really */
-    RSA_BlockPrivate = 1,	/* pad for a private-key operation */
-    RSA_BlockPublic = 2,	/* pad for a public-key operation */
-    RSA_BlockOAEP = 3,		/* use OAEP padding */
-				/* XXX is this only for a public-key
-				   operation? If so, add "Public" */
-    RSA_BlockRaw = 4,		/* simply justify the block appropriately */
-    RSA_BlockTotal
-} RSA_BlockType;
-
-#define NSS_SOFTOKEN_DEFAULT_CHUNKSIZE   2048
-
-#endif /* _SOFTOKNT_H_ */
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
deleted file mode 100644
index 9b652250d..000000000
--- a/security/nss/lib/ssl/Makefile
+++ /dev/null
@@ -1,87 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-CSRCS	+= win32err.c
-DEFINES += -DIN_LIBSSL
-else
-ifeq ($(OS_TARGET),OS2)
-CSRCS	+= os2_err.c
-else
-CSRCS	+= unix_err.c
-endif
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/ssl/authcert.c b/security/nss/lib/ssl/authcert.c
deleted file mode 100644
index bd473f11f..000000000
--- a/security/nss/lib/ssl/authcert.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "prerror.h"
-#include "secitem.h"
-#include "prnetdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "secder.h"
-#include "key.h"
-#include "nss.h"
-#include "ssl.h"
-#include "pk11func.h"	/* for PK11_ function calls */
-
-/*
- * This callback used by SSL to pull client sertificate upon
- * server request
- */
-SECStatus 
-NSS_GetClientAuthData(void *                       arg, 
-                      PRFileDesc *                 socket, 
-		      struct CERTDistNamesStr *    caNames, 
-		      struct CERTCertificateStr ** pRetCert, 
-		      struct SECKEYPrivateKeyStr **pRetKey)
-{
-  CERTCertificate *  cert = NULL;
-  SECKEYPrivateKey * privkey = NULL;
-  char *             chosenNickName = (char *)arg;    /* CONST */
-  void *             proto_win  = NULL;
-  SECStatus          rv         = SECFailure;
-  
-  proto_win = SSL_RevealPinArg(socket);
-  
-  if (chosenNickName) {
-    cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
-    if ( cert ) {
-      privkey = PK11_FindKeyByAnyCert(cert, proto_win);
-      if ( privkey ) {
-	rv = SECSuccess;
-      } else {
-	CERT_DestroyCertificate(cert);
-      }
-    }
-  } else { /* no name given, automatically find the right cert. */
-    CERTCertNicknames * names;
-    int                 i;
-      
-    names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
-				  SEC_CERT_NICKNAMES_USER, proto_win);
-    if (names != NULL) {
-      for (i = 0; i < names->numnicknames; i++) {
-	cert = PK11_FindCertFromNickname(names->nicknames[i],proto_win);
-	if ( !cert )
-	  continue;
-	/* Only check unexpired certs */
-	if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) != 
-	    secCertTimeValid ) {
-	  CERT_DestroyCertificate(cert);
-	  continue;
-	}
-	rv = NSS_CmpCertChainWCANames(cert, caNames);
-	if ( rv == SECSuccess ) {
-	  privkey = PK11_FindKeyByAnyCert(cert, proto_win);
-	  if ( privkey )
-	    break;
-	}
-	rv = SECFailure;
-	CERT_DestroyCertificate(cert);
-      } 
-      CERT_FreeNicknames(names);
-    }
-  }
-  if (rv == SECSuccess) {
-    *pRetCert = cert;
-    *pRetKey  = privkey;
-  }
-  return rv;
-}
-
diff --git a/security/nss/lib/ssl/cmpcert.c b/security/nss/lib/ssl/cmpcert.c
deleted file mode 100644
index 5e557828e..000000000
--- a/security/nss/lib/ssl/cmpcert.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "prerror.h"
-#include "secitem.h"
-#include "prnetdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "secder.h"
-#include "key.h"
-#include "nss.h"
-
-/*
- * Look to see if any of the signers in the cert chain for "cert" are found
- * in the list of caNames.  
- * Returns SECSuccess if so, SECFailure if not.
- */
-SECStatus
-NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
-{
-  SECItem *         caname;
-  CERTCertificate * curcert;
-  CERTCertificate * oldcert;
-  PRInt32           contentlen;
-  int               j;
-  int               headerlen;
-  int               depth;
-  SECStatus         rv;
-  SECItem           issuerName;
-  SECItem           compatIssuerName;
-  
-  depth=0;
-  curcert = CERT_DupCertificate(cert);
-  
-  while( curcert ) {
-    issuerName = curcert->derIssuer;
-    
-    /* compute an alternate issuer name for compatibility with 2.0
-     * enterprise server, which send the CA names without
-     * the outer layer of DER hearder
-     */
-    rv = DER_Lengths(&issuerName, &headerlen, (uint32 *)&contentlen);
-    if ( rv == SECSuccess ) {
-      compatIssuerName.data = &issuerName.data[headerlen];
-      compatIssuerName.len = issuerName.len - headerlen;
-    } else {
-      compatIssuerName.data = NULL;
-      compatIssuerName.len = 0;
-    }
-    
-    for (j = 0; j < caNames->nnames; j++) {
-      caname = &caNames->names[j];
-      if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {
-	rv = SECSuccess;
-	CERT_DestroyCertificate(curcert);
-	goto done;
-      } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) {
-	rv = SECSuccess;
-	CERT_DestroyCertificate(curcert);
-	goto done;
-      }
-    }
-    if ( ( depth <= 20 ) &&
-	 ( SECITEM_CompareItem(&curcert->derIssuer, &curcert->derSubject)
-	   != SECEqual ) ) {
-      oldcert = curcert;
-      curcert = CERT_FindCertByName(curcert->dbhandle,
-				    &curcert->derIssuer);
-      CERT_DestroyCertificate(oldcert);
-      depth++;
-    } else {
-      CERT_DestroyCertificate(curcert);
-      curcert = NULL;
-    }
-  }
-  rv = SECFailure;
-  
-done:
-  return rv;
-}
-
diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk
deleted file mode 100644
index e6f9123f6..000000000
--- a/security/nss/lib/ssl/config.mk
+++ /dev/null
@@ -1,70 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/ssl.res
-RESNAME = ssl.rc
-
-EXTRA_SHARED_LIBS += \
-	$(DIST)/lib/nss3.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
-	$(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
-	$(NULL)
-else
-
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
-	-L$(DIST)/lib/ \
-	-lnss3 \
-	-lplc4 \
-	-lplds4 \
-	-lnspr4 \
-	$(NULL)
-
-ifeq ($(OS_ARCH), BeOS)
-EXTRA_SHARED_LIBS += -lbe
-endif
-
-ifeq ($(OS_ARCH), Darwin)
-EXTRA_SHARED_LIBS += -dylib_file @executable_path/libsoftokn3.dylib:$(DIST)/lib/libsoftokn3.dylib
-endif
-
-endif
diff --git a/security/nss/lib/ssl/emulate.c b/security/nss/lib/ssl/emulate.c
deleted file mode 100644
index 9d5734e5a..000000000
--- a/security/nss/lib/ssl/emulate.c
+++ /dev/null
@@ -1,633 +0,0 @@
-/*
- * Functions that emulate PR_AcceptRead and PR_TransmitFile for SSL sockets.
- * Each Layered NSPR protocol (like SSL) must unfortunately contain its 
- * own implementation of these functions.  This code was taken from NSPR.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nspr.h"
-
-#if defined( XP_UNIX ) || defined( XP_BEOS )
-#include <fcntl.h>
-#endif
-#if defined(WIN32)
-#include <windef.h>
-#include <winbase.h>
-#endif
-#include <string.h>
-
-#define AMASK 7	/* mask for alignment of PRNetAddr */
-
-/*
- * _PR_EmulateAcceptRead
- *
- *  Accept an incoming connection on sd, set *nd to point to the
- *  newly accepted socket, read 'amount' bytes from the accepted
- *  socket.
- *
- *  buf is a buffer of length = amount + (2 * sizeof(PRNetAddr)) + 32
- *  *raddr points to the PRNetAddr of the accepted connection upon
- *  return
- *
- *  return number of bytes read or -1 on error
- *
- */
-PRInt32 
-ssl_EmulateAcceptRead(	PRFileDesc *   sd, 
-			PRFileDesc **  nd,
-			PRNetAddr **   raddr, 
-			void *         buf, 
-			PRInt32        amount, 
-			PRIntervalTime timeout)
-{
-    PRFileDesc *   newsockfd;
-    PRInt32        rv;
-    PRNetAddr      remote;
-
-    if (!(newsockfd = PR_Accept(sd, &remote, PR_INTERVAL_NO_TIMEOUT))) {
-	return -1;
-    }
-
-    rv = PR_Recv(newsockfd, buf, amount, 0, timeout);
-    if (rv >= 0) {
-	ptrdiff_t pNetAddr = (((ptrdiff_t)buf) + amount + AMASK) & ~AMASK;
-
-	*nd = newsockfd;
-	*raddr = (PRNetAddr *)pNetAddr;
-	memcpy((void *)pNetAddr, &remote, sizeof(PRNetAddr));
-	return rv;
-    }
-
-    PR_Close(newsockfd);
-    return -1;
-}
-
-
-#if !defined( XP_UNIX ) && !defined( WIN32 ) && !defined( XP_BEOS )
-/*
- * _PR_EmulateTransmitFile
- *
- *  Send file fd across socket sd. If headers is non-NULL, 'hlen'
- *  bytes of headers is sent before sending the file.
- *
- *  PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- *  return number of bytes sent or -1 on error
- *
- */
-#define _TRANSMITFILE_BUFSIZE	(16 * 1024)
-
-PRInt32 
-ssl_EmulateTransmitFile(    PRFileDesc *        sd, 
-			    PRFileDesc *        fd,
-			    const void *        headers, 
-			    PRInt32             hlen, 
-			    PRTransmitFileFlags flags,
-			    PRIntervalTime      timeout)
-{
-    char *  buf 	= NULL;
-    PRInt32 count 	= 0;
-    PRInt32 rlen;
-    PRInt32 rv;
-
-    buf = PR_MALLOC(_TRANSMITFILE_BUFSIZE);
-    if (buf == NULL) {
-	PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
-	return -1;
-    }
-
-    /*
-     * send headers, first
-     */
-    while (hlen) {
-	rv =  PR_Send(sd, headers, hlen, 0, timeout);
-	if (rv < 0) {
-	    /* PR_Send() has invoked PR_SetError(). */
-	    rv = -1;
-	    goto done;
-	} 
-	count += rv;
-	headers = (const void*) ((const char*)headers + rv);
-	hlen -= rv;
-    }
-    /*
-     * send file, next
-     */
-    while ((rlen = PR_Read(fd, buf, _TRANSMITFILE_BUFSIZE)) > 0) {
-	while (rlen) {
-	    char *bufptr = buf;
-
-	    rv =  PR_Send(sd, bufptr, rlen,0,PR_INTERVAL_NO_TIMEOUT);
-	    if (rv < 0) {
-		/* PR_Send() has invoked PR_SetError(). */
-		rv = -1;
-		goto done;
-	    } 
-	    count += rv;
-	    bufptr = ((char*)bufptr + rv);
-	    rlen -= rv;
-	}
-    }
-    if (rlen == 0) {
-	/*
-	 * end-of-file
-	 */
-	if (flags & PR_TRANSMITFILE_CLOSE_SOCKET)
-	    PR_Close(sd);
-	rv = count;
-    } else {
-	PR_ASSERT(rlen < 0);
-	/* PR_Read() has invoked PR_SetError(). */
-	rv = -1;
-    }
-
-done:
-    if (buf)
-	PR_DELETE(buf);
-    return rv;
-}
-#else
-
-#define TRANSMITFILE_MMAP_CHUNK (256 * 1024)
-
-/*
- * _PR_UnixTransmitFile
- *
- *  Send file fd across socket sd. If headers is non-NULL, 'hlen'
- *  bytes of headers is sent before sending the file.
- *
- *  PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- *  return number of bytes sent or -1 on error
- *
- */
-
-PRInt32 
-ssl_EmulateTransmitFile(    PRFileDesc *        sd, 
-			    PRFileDesc *        fd,
-			    const void *        headers, 
-			    PRInt32             hlen, 
-			    PRTransmitFileFlags flags,
-			    PRIntervalTime      timeout)
-{
-    void *            addr = NULL;
-    PRFileMap *       mapHandle = NULL;
-    PRInt32           count     = 0;
-    PRInt32           index     = 0;
-    PRInt32           len	= 0;
-    PRInt32           rv;
-    struct PRFileInfo info;
-    struct PRIOVec    iov[2];
-
-    /* Get file size */
-    if (PR_SUCCESS != PR_GetOpenFileInfo(fd, &info)) {
-	count = -1;
-	goto done;
-    }
-    if (hlen) {
-	iov[index].iov_base = (char *) headers;
-	iov[index].iov_len  = hlen;
-	index++;
-    }
-    if (info.size > 0) {
-	mapHandle = PR_CreateFileMap(fd, info.size, PR_PROT_READONLY);
-	if (mapHandle == NULL) {
-	    count = -1;
-	    goto done;
-	}
-	/*
-	 * If the file is large, mmap and send the file in chunks so as
-	 * to not consume too much virtual address space
-	 */
-	len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
-	/*
-	 * Map in (part of) file. Take care of zero-length files.
-	 */
-	if (len) {
-	    addr = PR_MemMap(mapHandle, 0, len);
-	    if (addr == NULL) {
-		count = -1;
-		goto done;
-	    }
-	}
-	iov[index].iov_base = (char*)addr;
-	iov[index].iov_len = len;
-	index++;
-    }
-    if (!index)
-    	goto done;
-    rv = PR_Writev(sd, iov, index, timeout);
-    if (len) {
-	PR_MemUnmap(addr, len);
-    }
-    if (rv >= 0) {
-	PR_ASSERT(rv == hlen + len);
-	info.size -= len;
-	count     += rv;
-    } else {
-	count = -1;
-	goto done;
-    }
-    /*
-     * send remaining bytes of the file, if any
-     */
-    len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
-    while (len > 0) {
-	/*
-	 * Map in (part of) file
-	 */
-	PR_ASSERT((count - hlen) % TRANSMITFILE_MMAP_CHUNK == 0);
-	addr = PR_MemMap(mapHandle, count - hlen, len);
-	if (addr == NULL) {
-	    count = -1;
-	    goto done;
-	}
-	rv =  PR_Send(sd, addr, len, 0, timeout);
-	PR_MemUnmap(addr, len);
-	if (rv >= 0) {
-	    PR_ASSERT(rv == len);
-	    info.size -= rv;
-	    count     += rv;
-	    len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
-	} else {
-	    count = -1;
-	    goto done;
-	}
-    }
-done:
-    if ((count >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
-	PR_Close(sd);
-    if (mapHandle != NULL)
-    	PR_CloseFileMap(mapHandle);
-    return count;
-}
-#endif  /* XP_UNIX || WIN32 || XP_BEOS */
-
-
-
-
-#if !defined( XP_UNIX ) && !defined( WIN32 ) && !defined( XP_BEOS )
-/*
- * _PR_EmulateSendFile
- *
- *  Send file sfd->fd across socket sd. The header and trailer buffers
- *  specified in the 'sfd' argument are sent before and after the file,
- *  respectively.
- *
- *  PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- *  return number of bytes sent or -1 on error
- *
- */
-
-PRInt32 
-ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
-                    PRTransmitFileFlags flags, PRIntervalTime timeout)
-{
-    char *       buf = NULL;
-    const void * buffer;
-    PRInt32      rv;
-    PRInt32      count = 0;
-    PRInt32      rlen;
-    PRInt32      buflen;
-    PRInt32      sendbytes;
-    PRInt32      readbytes;
-
-#define _SENDFILE_BUFSIZE   (16 * 1024)
-
-    buf = (char*)PR_MALLOC(_SENDFILE_BUFSIZE);
-    if (buf == NULL) {
-        PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
-        return -1;
-    }
-
-    /*
-     * send header, first
-     */
-    buflen = sfd->hlen;
-    buffer = sfd->header;
-    while (buflen) {
-        rv =  PR_Send(sd, buffer, buflen, 0, timeout);
-        if (rv < 0) {
-            /* PR_Send() has invoked PR_SetError(). */
-            rv = -1;
-            goto done;
-        } else {
-            count += rv;
-            buffer = (const void*) ((const char*)buffer + rv);
-            buflen -= rv;
-        }
-    }
-    /*
-     * send file, next
-     */
-
-    if (PR_Seek(sfd->fd, sfd->file_offset, PR_SEEK_SET) < 0) {
-        rv = -1;
-        goto done;
-    }
-    sendbytes = sfd->file_nbytes;
-    if (sendbytes == 0) {
-        /* send entire file */
-        while ((rlen = PR_Read(sfd->fd, buf, _SENDFILE_BUFSIZE)) > 0) {
-            while (rlen) {
-                char *bufptr = buf;
-
-                rv =  PR_Send(sd, bufptr, rlen, 0, timeout);
-                if (rv < 0) {
-                    /* PR_Send() has invoked PR_SetError(). */
-                    rv = -1;
-                    goto done;
-                } else {
-                    count += rv;
-                    bufptr = ((char*)bufptr + rv);
-                    rlen -= rv;
-                }
-            }
-        }
-        if (rlen < 0) {
-            /* PR_Read() has invoked PR_SetError(). */
-            rv = -1;
-            goto done;
-        }
-    } else {
-        readbytes = PR_MIN(sendbytes, _SENDFILE_BUFSIZE);
-        while (readbytes && ((rlen = PR_Read(sfd->fd, buf, readbytes)) > 0)) {
-            while (rlen) {
-                char *bufptr = buf;
-
-                rv =  PR_Send(sd, bufptr, rlen, 0, timeout);
-                if (rv < 0) {
-                    /* PR_Send() has invoked PR_SetError(). */
-                    rv = -1;
-                    goto done;
-                } else {
-                    count += rv;
-                    sendbytes -= rv;
-                    bufptr = ((char*)bufptr + rv);
-                    rlen -= rv;
-                }
-            }
-	    readbytes = PR_MIN(sendbytes, _SENDFILE_BUFSIZE);
-        }
-        if (rlen < 0) {
-            /* PR_Read() has invoked PR_SetError(). */
-            rv = -1;
-            goto done;
-        } else if (sendbytes != 0) {
-            /*
-             * there are fewer bytes in file to send than specified
-             */
-	    PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
-            rv = -1;
-            goto done;
-        }
-    }
-    /*
-     * send trailer, last
-     */
-    buflen = sfd->tlen;
-    buffer = sfd->trailer;
-    while (buflen) {
-        rv =  PR_Send(sd, buffer, buflen, 0, timeout);
-        if (rv < 0) {
-            /* PR_Send() has invoked PR_SetError(). */
-            rv = -1;
-            goto done;
-        } else {
-            count += rv;
-            buffer = (const void*) ((const char*)buffer + rv);
-            buflen -= rv;
-        }
-    }
-    rv = count;
-
-done:
-    if (buf)
-        PR_DELETE(buf);
-    if ((rv >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
-	PR_Close(sd);
-    return rv;
-}
-
-#else /* UNIX, NT, and BEOS handled below */
-
-/*
- * _PR_UnixSendFile
- *
- *    Send file sfd->fd across socket sd. If header/trailer are specified
- *    they are sent before and after the file, respectively.
- *
- *    PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- *    return number of bytes sent or -1 on error
- *
- */
-#define SENDFILE_MMAP_CHUNK    (256 * 1024)
-
-PRInt32 
-ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
-                    PRTransmitFileFlags flags, PRIntervalTime timeout)
-{
-    void *            addr = NULL;
-    PRFileMap *       mapHandle  	= NULL;
-    PRInt32           count 		= 0;
-    PRInt32           file_bytes;
-    PRInt32           index 		= 0;
-    PRInt32           len;
-    PRInt32           rv;
-    PRUint32          addr_offset;
-    PRUint32          file_mmap_offset;
-    PRUint32          mmap_len;
-    PRUint32          pagesize;
-    struct PRFileInfo info;
-    struct PRIOVec    iov[3];
-
-    /* Get file size */
-    if (PR_SUCCESS != PR_GetOpenFileInfo(sfd->fd, &info)) {
-	count = -1;
-	goto done;
-    }
-    if (sfd->file_nbytes && 
-		(info.size < (sfd->file_offset + sfd->file_nbytes))) {
-        /*
-         * there are fewer bytes in file to send than specified
-         */
-	PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
-        count = -1;
-        goto done;
-    }
-    if (sfd->file_nbytes)
-        file_bytes = sfd->file_nbytes;
-    else
-        file_bytes = info.size - sfd->file_offset;
-
-#if defined(WIN32)
-    {
-        SYSTEM_INFO sysinfo;
-        GetSystemInfo(&sysinfo);
-        pagesize = sysinfo.dwAllocationGranularity;
-    }
-#else
-    pagesize = PR_GetPageSize();
-#endif
-    /*
-     * If the file is large, mmap and send the file in chunks so as
-     * to not consume too much virtual address space
-     */
-    if (!sfd->file_offset || !(sfd->file_offset & (pagesize - 1))) {
-        /*
-         * case 1: page-aligned file offset
-         */
-        mmap_len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
-        len      = mmap_len;
-        file_mmap_offset = sfd->file_offset;
-        addr_offset = 0;
-    } else {
-        /*
-         * case 2: non page-aligned file offset
-         */
-        /* find previous page boundary */
-        file_mmap_offset = (sfd->file_offset & ~(pagesize - 1));
-
-        /* number of initial bytes to skip in mmap'd segment */
-        addr_offset = sfd->file_offset - file_mmap_offset;
-        PR_ASSERT(addr_offset > 0);
-        mmap_len = PR_MIN(file_bytes + addr_offset, SENDFILE_MMAP_CHUNK);
-        len      = mmap_len - addr_offset;
-    }
-    /*
-     * OK I've convinced myself that length has to be possitive (file_bytes is 
-     * negative or  SENDFILE_MMAP_CHUNK is less than pagesize). Just assert 
-     * that this is the case so we catch problems in debug builds.
-     */
-    PR_ASSERT(len >= 0);
-
-    /*
-     * Map in (part of) file. Take care of zero-length files.
-     */
-    if (len > 0) {
-	mapHandle = PR_CreateFileMap(sfd->fd, info.size, PR_PROT_READONLY);
-	if (!mapHandle) {
-	    count = -1;
-	    goto done;
-	}
-	addr = PR_MemMap(mapHandle, file_mmap_offset, mmap_len);
-        if (!addr) {
-            count = -1;
-            goto done;
-        }
-    }
-    /*
-     * send headers, first, followed by the file
-     */
-    if (sfd->hlen) {
-        iov[index].iov_base = (char *) sfd->header;
-        iov[index].iov_len  = sfd->hlen;
-        index++;
-    }
-    if (len) {
-        iov[index].iov_base = (char*)addr + addr_offset;
-        iov[index].iov_len  = len;
-        index++;
-    }
-    if ((file_bytes == len) && (sfd->tlen)) {
-        /*
-         * all file data is mapped in; send the trailer too
-         */
-        iov[index].iov_base = (char *) sfd->trailer;
-        iov[index].iov_len  = sfd->tlen;
-        index++;
-    }
-    rv = PR_Writev(sd, iov, index, timeout);
-    if (len)
-        PR_MemUnmap(addr, mmap_len);
-    if (rv < 0) {
-        count = -1;
-        goto done;
-    }
-
-    PR_ASSERT(rv == sfd->hlen + len + ((len == file_bytes) ? sfd->tlen : 0));
-
-    file_bytes -= len;
-    count      += rv;
-    if (!file_bytes)    /* header, file and trailer are sent */
-	goto done;
-
-    /*
-     * send remaining bytes of the file, if any
-     */
-    len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
-    while (len > 0) {
-	/*
-	 * Map in (part of) file
-	 */
-	file_mmap_offset = sfd->file_offset + count - sfd->hlen;
-	PR_ASSERT((file_mmap_offset % pagesize) == 0);
-
-	addr = PR_MemMap(mapHandle, file_mmap_offset, len);
-        if (!addr) {
-            count = -1;
-            goto done;
-        }
-	rv = PR_Send(sd, addr, len, 0, timeout);
-	PR_MemUnmap(addr, len);
-	if (rv < 0) {
-	    count = -1;
-	    goto done;
-	}
-
-	PR_ASSERT(rv == len);
-	file_bytes -= rv;
-	count      += rv;
-	len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
-    }
-    PR_ASSERT(0 == file_bytes);
-    if (sfd->tlen) {
-        rv =  PR_Send(sd, sfd->trailer, sfd->tlen, 0, timeout);
-        if (rv >= 0) {
-            PR_ASSERT(rv == sfd->tlen);
-            count += rv;
-        } else
-            count = -1;
-    }
-done:
-    if (mapHandle)
-    	PR_CloseFileMap(mapHandle);
-    if ((count >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
-	PR_Close(sd);
-    return count;
-}
-#endif /* UNIX, NT, and BEOS */
diff --git a/security/nss/lib/ssl/manifest.mn b/security/nss/lib/ssl/manifest.mn
deleted file mode 100644
index 066c5620c..000000000
--- a/security/nss/lib/ssl/manifest.mn
+++ /dev/null
@@ -1,83 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-# DEFINES = -DTRACE
-
-
-PRIVATE_EXPORTS = \
-	ssl3prot.h \
-	sslimpl.h \
-	$(NULL)
-
-EXPORTS = \
-	ssl.h \
-	sslt.h \
-	sslerr.h \
-	sslproto.h \
-	preenc.h \
-	$(NULL)
-
-MODULE = security
-MAPFILE = $(OBJDIR)/ssl.def
-
-CSRCS = \
-	emulate.c \
-	prelib.c \
-	ssl3con.c \
-	ssl3gthr.c \
-	sslauth.c \
-	sslcon.c \
-	ssldef.c \
-	sslenum.c \
-	sslerr.c \
-	sslgathr.c \
-	sslmutex.c \
-	sslnonce.c \
-	sslreveal.c \
-	sslsecur.c \
-	sslsnce.c \
-	sslsock.c \
-	ssltrace.c \
-	sslver.c \
-	authcert.c \
-	cmpcert.c \
-	nsskea.c \
-	sslinfo.c \
-	$(NULL)
-
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = ssl
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/ssl/notes.txt b/security/nss/lib/ssl/notes.txt
deleted file mode 100644
index a36f242ee..000000000
--- a/security/nss/lib/ssl/notes.txt
+++ /dev/null
@@ -1,161 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation.  Portions created by Netscape are 
-Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable 
-instead of those above.  If you wish to allow use of your 
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL.  If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-SSL's Buffers: enumerated and explained.
-
----------------------------------------------------------------------------
-incoming:
-
-gs = ss->gather
-hs = ss->ssl3->hs
-
-gs->inbuf	SSL3 only: incoming (encrypted) ssl records are placed here,
-		and then decrypted (or copied) to gs->buf.
-
-gs->buf		SSL2: incoming SSL records are put here, and then decrypted
-		in place.
-		SSL3: ssl3_HandleHandshake puts decrypted ssl records here.
-
-hs.msg_body	(SSL3 only) When an incoming handshake message spans more 
-		than one ssl record, the first part(s) of it are accumulated 
-		here until it all arrives.
-
-hs.msgState	(SSL3 only) an alternative set of pointers/lengths for gs->buf.
-		Used only when a handleHandshake function returns SECWouldBlock.
-		ssl3_HandleHandshake remembers how far it previously got by
-		using these pointers instead of gs->buf when it is called 
-		after a previous SECWouldBlock return.
-
----------------------------------------------------------------------------
-outgoing:
-
-sec = ss->sec
-ci  = ss->sec->ci	/* connect info */
-
-ci->sendBuf	Outgoing handshake messages are appended to this buffer.
-		This buffer will then be sent as a single SSL record.
-
-sec->writeBuf	outgoing ssl records are constructed here and encrypted in 
-		place before being written or copied to pendingBuf.
-
-ss->pendingBuf	contains outgoing ciphertext that was saved after a write
-		attempt to the socket failed, e.g. EWouldBlock. 
-		Generally empty with blocking sockets (should be no incomplete
-		writes).
-
-ss->saveBuf	Used only by socks code.  Intended to be used to buffer 
-		outgoing data until a socks handshake completes.  However,
-		this buffer is always empty.  There is no code to put 
-		anything into it.
-
----------------------------------------------------------------------------
-
-SECWouldBlock means that the function cannot make progress because it is 
-waiting for some event OTHER THAN socket I/O completion (e.g. waiting for 
-user dialog to finish).  It is not the same as EWOULDBLOCK.
-
----------------------------------------------------------------------------
-
-Rank (order) of locks
-
-[ReadLock ->]\ [firstHandshake ->] [ssl3Handshake ->] recvbuf \ -> "spec"
-[WriteLock->]/                                        xmitbuf /
-
-crypto and hash Data that must be protected while turning plaintext into
-ciphertext:
-
-SSL2: 	(in ssl2_Send*)
-	sec->hash*
-	sec->hashcx 	(ptr and data)
-	sec->enc
-	sec->writecx*	(ptr and content)
-	sec->sendSecret*(ptr and content)
-	sec->sendSequence		locked by xmitBufLock
-	sec->blockSize
-	sec->writeBuf*  (ptr & content)	locked by xmitBufLock
-	"in"				locked by xmitBufLock
-
-SSl3:	(in ssl3_SendPlainText)
-	ss->ssl3		    (the pointer)
-	ss->ssl3->current_write*    (the pointer and the data in the spec
-				     and any data referenced by the spec.
-
-	ss->sec->isServer
-	ss->sec->writebuf* (ptr & content) locked by xmitBufLock
-	"buf" 				   locked by xmitBufLock
-
-crypto and hash data that must be protected while turning ciphertext into 
-plaintext:
-
-SSL2:	(in ssl2_GatherData)
-	gs->*				(locked by recvBufLock )
-	sec->dec
-	sec->readcx
-	sec->hash* 		(ptr and data)
-	sec->hashcx 		(ptr and data)
-
-SSL3:	(in ssl3_HandleRecord )
-	ssl3->current_read*	(the pointer and all data refernced)
-	ss->sec->isServer
-
-
-Data that must be protected while being used by a "writer":
-
-ss->pendingBuf.*
-ss->saveBuf.*		(which is dead)
-
-in ssl3_sendPlainText
-
-ss->ssl3->current_write-> (spec)
-ss->sec->writeBuf.*
-ss->sec->isServer 
-
-in SendBlock
-
-ss->sec->hash->length
-ss->sec->blockSize
-ss->sec->writeBuf.*
-ss->sec->sendSecret
-ss->sec->sendSequence
-ss->sec->writecx	*
-ss->pendingBuf
-
---------------------------------------------------------------------------
-
-Data variables (not const) protected by the "sslGlobalDataLock".  
-Note, this really should be a reader/writer lock.
-
-allowedByPolicy		sslcon.c
-maybeAllowedByPolicy	sslcon.c
-chosenPreference	sslcon.c
-policyWasSet		sslcon.c
-
-cipherSuites[] 		ssl3con.c
diff --git a/security/nss/lib/ssl/nsskea.c b/security/nss/lib/ssl/nsskea.c
deleted file mode 100644
index ec7be1735..000000000
--- a/security/nss/lib/ssl/nsskea.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Return SSLKEAType derived from cert's Public Key algorithm info.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"	/* for SSLKEAType */
-#include "secoid.h"
-
-SSLKEAType
-NSS_FindCertKEAType(CERTCertificate * cert)
-{
-  SSLKEAType keaType = kt_null; 
-  int tag;
-  
-  if (!cert) goto loser;
-  
-  tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-  
-  switch (tag) {
-  case SEC_OID_X500_RSA_ENCRYPTION:
-  case SEC_OID_PKCS1_RSA_ENCRYPTION:
-    keaType = kt_rsa;
-    break;
-  case SEC_OID_MISSI_KEA_DSS_OLD:
-  case SEC_OID_MISSI_KEA_DSS:
-  case SEC_OID_MISSI_DSS_OLD:
-  case SEC_OID_MISSI_DSS:
-    keaType = kt_fortezza;
-    break;
-  case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-    keaType = kt_dh;
-    break;
-  default:
-    keaType = kt_null;
-  }
-  
- loser:
-  
-  return keaType;
-
-}
-
diff --git a/security/nss/lib/ssl/os2_err.c b/security/nss/lib/ssl/os2_err.c
deleted file mode 100644
index 77d49df2f..000000000
--- a/security/nss/lib/ssl/os2_err.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes.  We would use 
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- * 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prlog.h"
-#include <errno.h>
-
-
-/*
- * Based on win32err.c
- * OS2TODO Stub everything for now to build. HCT
- */
-
-/* forward declaration. */
-void nss_MD_os2_map_default_error(PRInt32 err);
-
-void nss_MD_os2_map_opendir_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_closedir_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_readdir_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_delete_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-/* The error code for stat() is in errno. */
-void nss_MD_os2_map_stat_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_fstat_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_rename_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-/* The error code for access() is in errno. */
-void nss_MD_os2_map_access_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_mkdir_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_rmdir_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_read_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_transmitfile_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_write_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_lseek_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_fsync_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-/*
- * For both CloseHandle() and closesocket().
- */
-void nss_MD_os2_map_close_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_socket_error(PRInt32 err)
-{
-//  PR_ASSERT(err != WSANOTINITIALISED);
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_recv_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_recvfrom_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_send_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//     case WSAEMSGSIZE: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_sendto_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//    case WSAEMSGSIZE: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_accept_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//    case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-//    case WSAEINVAL: 	prError = PR_INVALID_STATE_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_acceptex_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_connect_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//    case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
-//    case WSAEINVAL: 	prError = PR_ALREADY_INITIATED_ERROR; break;
-//    case WSAETIMEDOUT: 	prError = PR_IO_TIMEOUT_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_bind_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//  case WSAEINVAL: 	prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_listen_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//    case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-//    case WSAEINVAL: 	prError = PR_INVALID_STATE_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_shutdown_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_getsockname_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//    case WSAEINVAL: 	prError = PR_INVALID_STATE_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_getpeername_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_getsockopt_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_setsockopt_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_open_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_gethostname_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-/* Win32 select() only works on sockets.  So in this
-** context, WSAENOTSOCK is equivalent to EBADF on Unix.  
-*/
-void nss_MD_os2_map_select_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-//    case WSAENOTSOCK:	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-    default:		nss_MD_os2_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_lockf_error(PRInt32 err)
-{
-    nss_MD_os2_map_default_error(err);
-}
-
-
-
-void nss_MD_os2_map_default_error(PRInt32 err)
-{
-    PRErrorCode prError;
-
-    switch (err) {
-//    case ENOENT: 		prError = PR_FILE_NOT_FOUND_ERROR; break;
-//    case ERROR_ACCESS_DENIED: 	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-//    case ERROR_ALREADY_EXISTS: 	prError = PR_FILE_EXISTS_ERROR; break;
-//    case ERROR_DISK_CORRUPT: 	prError = PR_IO_ERROR; break;
-//    case ERROR_DISK_FULL: 	prError = PR_NO_DEVICE_SPACE_ERROR; break;
-//    case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
-//    case ERROR_DRIVE_LOCKED: 	prError = PR_FILE_IS_LOCKED_ERROR; break;
-//    case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
-//    case ERROR_FILE_CORRUPT: 	prError = PR_IO_ERROR; break;
-//    case ERROR_FILE_EXISTS: 	prError = PR_FILE_EXISTS_ERROR; break;
-//    case ERROR_FILE_INVALID: 	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#if ERROR_FILE_NOT_FOUND != ENOENT
-//    case ERROR_FILE_NOT_FOUND: 	prError = PR_FILE_NOT_FOUND_ERROR; break;
-#endif
-    default: 			prError = PR_UNKNOWN_ERROR; break;
-    }
-    PR_SetError(prError, err);
-}
-
diff --git a/security/nss/lib/ssl/os2_err.h b/security/nss/lib/ssl/os2_err.h
deleted file mode 100644
index 7f80c0177..000000000
--- a/security/nss/lib/ssl/os2_err.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes.  We would use 
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * This code will continue to need to be replicated.
- * 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/*  NSPR doesn't make these functions public, so we have to duplicate
-**  them in NSS.
-*/
-
-//HCT  Based on Win32err.h
-extern void nss_MD_os2_map_accept_error(PRInt32 err);
-extern void nss_MD_os2_map_acceptex_error(PRInt32 err);
-extern void nss_MD_os2_map_access_error(PRInt32 err);
-extern void nss_MD_os2_map_bind_error(PRInt32 err);
-extern void nss_MD_os2_map_close_error(PRInt32 err);
-extern void nss_MD_os2_map_closedir_error(PRInt32 err);
-extern void nss_MD_os2_map_connect_error(PRInt32 err);
-extern void nss_MD_os2_map_default_error(PRInt32 err);
-extern void nss_MD_os2_map_delete_error(PRInt32 err);
-extern void nss_MD_os2_map_fstat_error(PRInt32 err);
-extern void nss_MD_os2_map_fsync_error(PRInt32 err);
-extern void nss_MD_os2_map_gethostname_error(PRInt32 err);
-extern void nss_MD_os2_map_getpeername_error(PRInt32 err);
-extern void nss_MD_os2_map_getsockname_error(PRInt32 err);
-extern void nss_MD_os2_map_getsockopt_error(PRInt32 err);
-extern void nss_MD_os2_map_listen_error(PRInt32 err);
-extern void nss_MD_os2_map_lockf_error(PRInt32 err);
-extern void nss_MD_os2_map_lseek_error(PRInt32 err);
-extern void nss_MD_os2_map_mkdir_error(PRInt32 err);
-extern void nss_MD_os2_map_open_error(PRInt32 err);
-extern void nss_MD_os2_map_opendir_error(PRInt32 err);
-extern void nss_MD_os2_map_read_error(PRInt32 err);
-extern void nss_MD_os2_map_readdir_error(PRInt32 err);
-extern void nss_MD_os2_map_recv_error(PRInt32 err);
-extern void nss_MD_os2_map_recvfrom_error(PRInt32 err);
-extern void nss_MD_os2_map_rename_error(PRInt32 err);
-extern void nss_MD_os2_map_rmdir_error(PRInt32 err);
-extern void nss_MD_os2_map_select_error(PRInt32 err);
-extern void nss_MD_os2_map_send_error(PRInt32 err);
-extern void nss_MD_os2_map_sendto_error(PRInt32 err);
-extern void nss_MD_os2_map_setsockopt_error(PRInt32 err);
-extern void nss_MD_os2_map_shutdown_error(PRInt32 err);
-extern void nss_MD_os2_map_socket_error(PRInt32 err);
-extern void nss_MD_os2_map_stat_error(PRInt32 err);
-extern void nss_MD_os2_map_transmitfile_error(PRInt32 err);
-extern void nss_MD_os2_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/ssl/preenc.h b/security/nss/lib/ssl/preenc.h
deleted file mode 100644
index 3dfbe1e92..000000000
--- a/security/nss/lib/ssl/preenc.h
+++ /dev/null
@@ -1,161 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
-
-/*
- * Functions and types used by https servers to send (download) pre-encrypted 
- * files over SSL connections that use Fortezza ciphersuites.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prio.h"
-
-typedef struct PEHeaderStr PEHeader;
-
-#define PE_MIME_TYPE "application/pre-encrypted"
-
-
-/*
- * unencrypted header. The 'top' half of this header is generic. The union
- * is type specific, and may include bulk cipher type information
- * (Fortezza supports only Fortezza Bulk encryption). Only fortezza 
- * pre-encrypted is defined.
- */
-typedef struct PEFortezzaHeaderStr PEFortezzaHeader;
-typedef struct PEFortezzaGeneratedHeaderStr PEFortezzaGeneratedHeader;
-typedef struct PEFixedKeyHeaderStr PEFixedKeyHeader;
-typedef struct PERSAKeyHeaderStr PERSAKeyHeader;
-
-struct PEFortezzaHeaderStr {
-    unsigned char key[12];      /* Ks wrapped MEK */
-    unsigned char iv[24];       /* iv for this MEK */
-    unsigned char hash[20];     /* SHA hash of file */
-    unsigned char serial[8];    /* serial number of the card that owns
-                                     * Ks */
-};
-
-struct PEFortezzaGeneratedHeaderStr {
-    unsigned char key[12];      /* TEK wrapped MEK */
-    unsigned char iv[24];       /* iv for this MEK */
-    unsigned char hash[20];     /* SHA hash of file */
-    unsigned char Ra[128];      /* RA to generate TEK */
-    unsigned char Y[128];       /* Y to generate TEK */
-};
-
-struct PEFixedKeyHeaderStr {
-    unsigned char pkcs11Mech[4];  /* Symetric key operation */
-    unsigned char labelLen[2];	  /* length of the token label */
-    unsigned char keyIDLen[2];	  /* length of the token Key ID */
-    unsigned char ivLen[2];	  /* length of IV */
-    unsigned char keyLen[2];	  /* length of key (DES3_ECB encrypted) */
-    unsigned char data[1];	  /* start of data */
-};
-
-struct PERSAKeyHeaderStr {
-    unsigned char pkcs11Mech[4];  /* Symetric key operation */
-    unsigned char issuerLen[2];	  /* length of cert issuer */
-    unsigned char serialLen[2];	  /* length of the cert serial */
-    unsigned char ivLen[2];	  /* length of IV */
-    unsigned char keyLen[2];	  /* length of key (RSA encrypted) */
-    unsigned char data[1];	  /* start of data */
-};
-
-/* macros to get at the variable length data fields */
-#define PEFIXED_Label(header) (header->data)
-#define PEFIXED_KeyID(header) (&header->data[GetInt2(header->labelLen)])
-#define PEFIXED_IV(header) (&header->data[GetInt2(header->labelLen)\
-						+GetInt2(header->keyIDLen)])
-#define PEFIXED_Key(header) (&header->data[GetInt2(header->labelLen)\
-			+GetInt2(header->keyIDLen)+GetInt2(header->keyLen)])
-#define PERSA_Issuer(header) (header->data)
-#define PERSA_Serial(header) (&header->data[GetInt2(header->issuerLen)])
-#define PERSA_IV(header) (&header->data[GetInt2(header->issuerLen)\
-						+GetInt2(header->serialLen)])
-#define PERSA_Key(header) (&header->data[GetInt2(header->issuerLen)\
-			+GetInt2(header->serialLen)+GetInt2(header->keyLen)])
-struct PEHeaderStr {
-    unsigned char magic  [2];		/* always 0xC0DE */
-    unsigned char len    [2];		/* length of PEHeader */
-    unsigned char type   [2];		/* FORTEZZA, DIFFIE-HELMAN, RSA */
-    unsigned char version[2];		/* version number: 1.0 */
-    union {
-        PEFortezzaHeader          fortezza;
-        PEFortezzaGeneratedHeader g_fortezza;
-	PEFixedKeyHeader          fixed;
-	PERSAKeyHeader            rsa;
-    } u;
-};
-
-#define PE_CRYPT_INTRO_LEN 8
-#define PE_INTRO_LEN 4
-#define PE_BASE_HEADER_LEN  8
-
-#define PRE_BLOCK_SIZE 8         /* for decryption blocks */
-
-
-/*
- * Platform neutral encode/decode macros.
- */
-#define GetInt2(c) ((c[0] << 8) | c[1])
-#define GetInt4(c) (((unsigned long)c[0] << 24)|((unsigned long)c[1] << 16)\
-			|((unsigned long)c[2] << 8)| ((unsigned long)c[3]))
-#define PutInt2(c,i) ((c[1] = (i) & 0xff), (c[0] = ((i) >> 8) & 0xff))
-#define PutInt4(c,i) ((c[0]=((i) >> 24) & 0xff),(c[1]=((i) >> 16) & 0xff),\
-			(c[2] = ((i) >> 8) & 0xff), (c[3] = (i) & 0xff))
-
-/*
- * magic numbers.
- */
-#define PRE_MAGIC		0xc0de
-#define PRE_VERSION		0x1010
-#define PRE_FORTEZZA_FILE	0x00ff  /* pre-encrypted file on disk */
-#define PRE_FORTEZZA_STREAM	0x00f5  /* pre-encrypted file in stream */
-#define PRE_FORTEZZA_GEN_STREAM	0x00f6  /* Generated pre-encrypted file */
-#define PRE_FIXED_FILE		0x000f  /* fixed key on disk */
-#define PRE_RSA_FILE		0x001f  /* RSA in file */
-#define PRE_FIXED_STREAM	0x0005  /* fixed key in stream */
-
-/*
- * internal implementation info
- */
-
-
-/* convert an existing stream header to a version with local parameters */
-PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *,
-				       int *headerSize);
-
-/* convert an existing file header to one suitable for streaming out */
-PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *,
-				       int *headerSize);
-
diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c
deleted file mode 100644
index 1c7351a39..000000000
--- a/security/nss/lib/ssl/prelib.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
-
-/*
- * Functions used by https servers to send (download) pre-encrypted files
- * over SSL connections that use Fortezza ciphersuites.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "keyhi.h"
-#include "secitem.h"
-#include "sslimpl.h"
-#include "pkcs11t.h"
-#include "preenc.h"
-#include "pk11func.h"
-
-static unsigned char fromHex(char x) {
-    if ((x >= '0') && (x <= '9')) return x-'0';
-    if ((x >= 'a') && (x <= 'f')) return x-'a'+10;
-    return x-'A'+10;
-}
-
-PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader, 
-								int *headerSize)
-{
-    PK11SymKey *key, *tek, *Ks;
-    sslSocket *ss;
-    PK11SlotInfo *slot;
-    CK_TOKEN_INFO info;
-    int oldHeaderSize;
-    PEHeader *header;
-    SECStatus rv;
-    SECItem item;
-    int i;
-    
-    if (fd == NULL) {
-        /* XXX set an error */
-        return NULL;
-    }
-    
-    ss = ssl_FindSocket(fd);
-    if (ss == NULL) {
-        return NULL;
-    }
-    
-    PORT_Assert(ss->ssl3 != NULL);
-    if (ss->ssl3 == NULL) {
-	return NULL;
-    }
-
-    if (GetInt2(inHeader->magic) != PRE_MAGIC) {
-	return NULL;
-    }
-
-    oldHeaderSize = GetInt2(inHeader->len);
-    header = (PEHeader *) PORT_ZAlloc(oldHeaderSize);
-    if (header == NULL) {
-	return NULL;
-    }
-
-    switch (GetInt2(inHeader->type)) {
-    case PRE_FORTEZZA_FILE:
-    case PRE_FORTEZZA_GEN_STREAM:
-    case PRE_FIXED_FILE:
-    case PRE_RSA_FILE:
-    default:
-	*headerSize = oldHeaderSize;
-	PORT_Memcpy(header,inHeader,oldHeaderSize);
-	return header;
-
-    case PRE_FORTEZZA_STREAM:
-	*headerSize = PE_BASE_HEADER_LEN + sizeof(PEFortezzaHeader);
-        PutInt2(header->magic,PRE_MAGIC);
-	PutInt2(header->len,*headerSize);
-	PutInt2(header->type, PRE_FORTEZZA_FILE);
-	PORT_Memcpy(header->version,inHeader->version,sizeof(header->version));
-	PORT_Memcpy(header->u.fortezza.hash,inHeader->u.fortezza.hash,
-					     sizeof(header->u.fortezza.hash));
-	PORT_Memcpy(header->u.fortezza.iv,inHeader->u.fortezza.iv,
-					      sizeof(header->u.fortezza.iv));
-
-	/* get the kea context from the session */
-	tek = ss->ssl3->fortezza.tek;
-	if (tek == NULL) {
-	    PORT_Free(header);
-	    return NULL;
-	}
-
-
-	/* get the slot and the serial number */
-	slot = PK11_GetSlotFromKey(tek);
-	if (slot == NULL) {
-	    PORT_Free(header);
-	    return NULL;
-	}
-	rv = PK11_GetTokenInfo(slot,&info);
-	if (rv != SECSuccess) {
-	    PORT_Free(header);
-	    PK11_FreeSlot(slot);
-	    return NULL;
-	}
-
-	/* Look up the Token Fixed Key */
-	Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, ss->pkcs11PinArg);
-	PK11_FreeSlot(slot);
-	if (Ks == NULL) {
-	    PORT_Free(header);
-	    return NULL;
-	}
-
-	/* unwrap the key with the TEK */
-	item.data = inHeader->u.fortezza.key;
-	item.len = sizeof(inHeader->u.fortezza.key);
-	key = PK11_UnwrapSymKey(tek,CKM_SKIPJACK_WRAP,
-                        NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-	if (key == NULL) {
-	    PORT_Free(header);
-	    PK11_FreeSymKey(Ks);
-	    return NULL;
-	}
-
-	/* rewrap with the local Ks */
-	item.data = header->u.fortezza.key;
-	item.len = sizeof(header->u.fortezza.key);
-	rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks, key, &item);
-	PK11_FreeSymKey(Ks);
-	PK11_FreeSymKey(key);
-	if (rv != SECSuccess) {
-	    PORT_Free(header);
-	    return NULL;
-	}
-    
-	/* copy our local serial number into header */
-	for (i=0; i < sizeof(header->u.fortezza.serial); i++) {
-	    header->u.fortezza.serial[i] = 
-		(fromHex(info.serialNumber[i*2]) << 4) 	|
-					fromHex(info.serialNumber[i*2 + 1]);
-	}
-	break;
-    case PRE_FIXED_STREAM:
-	/* not implemented yet */
-	PORT_Free(header);
-	return NULL;
-    }
-    
-    return(header);
-}
-
-/*
- * this one needs to allocate space and work for RSA & FIXED key files as well
- */
-PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header, 
-							int *headerSize)
-{
-    PK11SymKey *key, *tek, *Ks;
-    sslSocket *ss;
-    PK11SlotInfo *slot;
-    SECStatus rv;
-    SECItem item;
-    
-    *headerSize = 0; /* hack */
- 
-    if (fd == NULL) {
-        /* XXX set an error */
-        return NULL;
-    }
-    
-    ss = ssl_FindSocket(fd);
-    if (ss == NULL) {
-        return NULL;
-    }
-    
-    PORT_Assert(ss->ssl3 != NULL);
-    if (ss->ssl3 == NULL) {
-	return NULL;
-    }
-
-    /* get the kea context from the session */
-    tek = ss->ssl3->fortezza.tek;
-    if (tek == NULL) {
-	return NULL;
-    }
-
-    slot = PK11_GetSlotFromKey(tek);
-    if (slot == NULL) return NULL;
-    Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, PK11_GetWindow(tek));
-    PK11_FreeSlot(slot);
-    if (Ks == NULL) return NULL;
-
-
-    /* unwrap with the local Ks */
-    item.data = header->u.fortezza.key;
-    item.len = sizeof(header->u.fortezza.key);
-    /* rewrap the key with the TEK */
-    key = PK11_UnwrapSymKey(Ks,CKM_SKIPJACK_WRAP,
-                        NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-    if (key == NULL) {
-        PK11_FreeSymKey(Ks);
-	return NULL;
-    }
-
-    rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, key, &item);
-    PK11_FreeSymKey(Ks);
-    PK11_FreeSymKey(key);
-    if (rv != SECSuccess) {
-	return NULL;
-    }
-    
-    /* copy over our local serial number */
-    PORT_Memset(header->u.fortezza.serial,0,sizeof(header->u.fortezza.serial));
-    
-    /* change type to stream */
-    PutInt2(header->type, PRE_FORTEZZA_STREAM);
-    
-    return(header);
-}
-
-
diff --git a/security/nss/lib/ssl/ssl.def b/security/nss/lib/ssl/ssl.def
deleted file mode 100644
index 7833ae741..000000000
--- a/security/nss/lib/ssl/ssl.def
+++ /dev/null
@@ -1,117 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation.  Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation.  All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above.  If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL.  If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+#   1. For all unix platforms, the string ";-"  means "remove this line"
-;+#   2. For all unix platforms, the string " DATA " will be removed from any 
-;+#     line on which it occurs.
-;+#   3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+#      On AIX, lines containing ";+" will be removed.
-;+#   4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+#   5. For all unix platforms, after the above processing has taken place,
-;+#    all characters after the first ";" on the line will be removed.
-;+#    And for AIX, the first ";" will also be removed.
-;+#  This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+#   directives are hidden behind ";", ";+", and ";-"
-;+
-;+NSS_3.2 {       # NSS 3.2 release
-;+    global:
-LIBRARY ssl3 ;-
-EXPORTS ;-
-SSL_ImplementedCiphers DATA ;
-SSL_NumImplementedCiphers DATA ;
-NSS_CmpCertChainWCANames;
-NSS_FindCertKEAType;
-NSS_GetClientAuthData;
-NSS_SetDomesticPolicy;
-NSS_SetExportPolicy;
-NSS_SetFrancePolicy;
-SSL_AuthCertificate;
-SSL_AuthCertificateHook;
-SSL_BadCertHook;
-SSL_CertDBHandleSet;
-SSL_CipherPolicyGet;
-SSL_CipherPolicySet;
-SSL_CipherPrefGet;
-SSL_CipherPrefGetDefault;
-SSL_CipherPrefSet;
-SSL_CipherPrefSetDefault;
-SSL_ClearSessionCache;
-SSL_ConfigMPServerSIDCache;
-SSL_ConfigSecureServer;
-SSL_ConfigServerSessionIDCache;
-SSL_DataPending;
-SSL_ForceHandshake;
-SSL_GetClientAuthDataHook;
-SSL_GetSessionID;
-SSL_GetStatistics;
-SSL_HandshakeCallback;
-SSL_ImportFD;
-SSL_InheritMPServerSIDCache;
-SSL_InvalidateSession;
-SSL_OptionGet;
-SSL_OptionGetDefault;
-SSL_OptionSet;
-SSL_OptionSetDefault;
-SSL_PeerCertificate;
-SSL_PreencryptedFileToStream;
-SSL_PreencryptedStreamToFile;
-SSL_ReHandshake;
-SSL_ResetHandshake;
-SSL_RestartHandshakeAfterCertReq;
-SSL_RestartHandshakeAfterServerCert;
-SSL_RevealCert;
-SSL_RevealPinArg;
-SSL_RevealURL;
-SSL_SecurityStatus;
-SSL_SetPKCS11PinArg;
-SSL_SetSockPeerID;
-SSL_SetURL;
-;+    local:
-;+*;
-;+};
-;+NSS_3.2.1 {       # NSS 3.2.1 release
-;+    global:
-NSSSSL_VersionCheck;
-;+    local:
-;+*;
-;+};
-;+NSS_3.4 {         # NSS 3.4   release
-;+    global:
-SSL_GetChannelInfo;
-SSL_GetCipherSuiteInfo;
-SSL_GetMaxServerCacheLocks;
-SSL_LocalCertificate;
-SSL_SetMaxServerCacheLocks;
-;+    local:
-;+*;
-;+};
diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h
deleted file mode 100644
index 34f5cbf24..000000000
--- a/security/nss/lib/ssl/ssl.h
+++ /dev/null
@@ -1,439 +0,0 @@
-/*
- * This file contains prototypes for the public SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __ssl_h_
-#define __ssl_h_
-
-#include "prtypes.h"
-#include "prerror.h"
-#include "prio.h"
-#include "seccomon.h"
-#include "cert.h"
-#include "keyt.h"
-
-#include "sslt.h"  /* public ssl data types */
-
-#if defined(_WIN32) && !defined(IN_LIBSSL) && !defined(NSS_USE_STATIC_LIBS)
-#define SSL_IMPORT extern __declspec(dllimport)
-#else
-#define SSL_IMPORT extern
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* constant table enumerating all implemented SSL 2 and 3 cipher suites. */
-SSL_IMPORT const PRUint16 SSL_ImplementedCiphers[];
-
-/* number of entries in the above table. */
-SSL_IMPORT const PRUint16 SSL_NumImplementedCiphers;
-
-/* Macro to tell which ciphers in table are SSL2 vs SSL3/TLS. */
-#define SSL_IS_SSL2_CIPHER(which) (((which) & 0xfff0) == 0xff00)
-
-/*
-** Imports fd into SSL, returning a new socket.  Copies SSL configuration
-** from model.
-*/
-SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
-
-/*
-** Enable/disable an ssl mode
-**
-** 	SSL_SECURITY:
-** 		enable/disable use of SSL security protocol before connect
-**
-** 	SSL_SOCKS:
-** 		enable/disable use of socks before connect
-**		(No longer supported).
-**
-** 	SSL_REQUEST_CERTIFICATE:
-** 		require a certificate during secure connect
-*/
-/* options */
-#define SSL_SECURITY			1
-#define SSL_SOCKS			2
-#define SSL_REQUEST_CERTIFICATE		3
-#define SSL_HANDSHAKE_AS_CLIENT		5 /* force accept to hs as client */
-#define SSL_HANDSHAKE_AS_SERVER		6 /* force connect to hs as server */
-#define SSL_ENABLE_SSL2			7 /* enable ssl v2 (on by default) */
-#define SSL_ENABLE_SSL3		        8 /* enable ssl v3 (on by default) */
-#define SSL_NO_CACHE		        9 /* don't use the session cache */
-#define SSL_REQUIRE_CERTIFICATE        10
-#define SSL_ENABLE_FDX                 11 /* permit simultaneous read/write */
-#define SSL_V2_COMPATIBLE_HELLO        12 /* send v3 client hello in v2 fmt */
-#define SSL_ENABLE_TLS		       13 /* enable TLS (off by default) */
-#define SSL_ROLLBACK_DETECTION         14 /* for compatibility, default: on */
-
-#ifdef SSL_DEPRECATED_FUNCTION 
-/* Old deprecated function names */
-SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
-SSL_IMPORT SECStatus SSL_EnableDefault(int option, PRBool on);
-#endif
-
-/* New function names */
-SSL_IMPORT SECStatus SSL_OptionSet(PRFileDesc *fd, PRInt32 option, PRBool on);
-SSL_IMPORT SECStatus SSL_OptionGet(PRFileDesc *fd, PRInt32 option, PRBool *on);
-SSL_IMPORT SECStatus SSL_OptionSetDefault(PRInt32 option, PRBool on);
-SSL_IMPORT SECStatus SSL_OptionGetDefault(PRInt32 option, PRBool *on);
-SSL_IMPORT SECStatus SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle);
-
-/*
-** Control ciphers that SSL uses. If on is non-zero then the named cipher
-** is enabled, otherwise it is disabled. 
-** The "cipher" values are defined in sslproto.h (the SSL_EN_* values).
-** EnableCipher records user preferences.
-** SetPolicy sets the policy according to the policy module.
-*/
-#ifdef SSL_DEPRECATED_FUNCTION 
-/* Old deprecated function names */
-SSL_IMPORT SECStatus SSL_EnableCipher(long which, PRBool enabled);
-SSL_IMPORT SECStatus SSL_SetPolicy(long which, int policy);
-#endif
-
-/* New function names */
-SSL_IMPORT SECStatus SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 cipher, PRBool enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 cipher, PRBool *enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefSetDefault(PRInt32 cipher, PRBool enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 cipher, PRBool *enabled);
-SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
-SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
-
-/* Values for "policy" argument to SSL_PolicySet */
-/* Values returned by SSL_CipherPolicyGet. */
-#define SSL_NOT_ALLOWED		 0	      /* or invalid or unimplemented */
-#define SSL_ALLOWED		 1
-#define SSL_RESTRICTED		 2	      /* only with "Step-Up" certs. */
-
-/*
-** Reset the handshake state for fd. This will make the complete SSL
-** handshake protocol execute from the ground up on the next i/o
-** operation.
-*/
-SSL_IMPORT SECStatus SSL_ResetHandshake(PRFileDesc *fd, PRBool asServer);
-
-/*
-** Force the handshake for fd to complete immediately.  This blocks until
-** the complete SSL handshake protocol is finished.
-*/
-SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd);
-
-/*
-** Query security status of socket. *on is set to one if security is
-** enabled. *keySize will contain the stream key size used. *issuer will
-** contain the RFC1485 verison of the name of the issuer of the
-** certificate at the other end of the connection. For a client, this is
-** the issuer of the server's certificate; for a server, this is the
-** issuer of the client's certificate (if any). Subject is the subject of
-** the other end's certificate. The pointers can be zero if the desired
-** data is not needed.  All strings returned by this function are owned
-** by SSL, and will be freed when the socket is closed.
-*/
-SSL_IMPORT SECStatus SSL_SecurityStatus(PRFileDesc *fd, int *on, char **cipher,
-			                int *keySize, int *secretKeySize,
-			                char **issuer, char **subject);
-
-/* Values for "on" */
-#define SSL_SECURITY_STATUS_NOOPT	-1
-#define SSL_SECURITY_STATUS_OFF		0
-#define SSL_SECURITY_STATUS_ON_HIGH	1
-#define SSL_SECURITY_STATUS_ON_LOW	2
-#define SSL_SECURITY_STATUS_FORTEZZA	3
-
-/*
-** Return the certificate for our SSL peer. If the client calls this
-** it will always return the server's certificate. If the server calls
-** this, it may return NULL if client authentication is not enabled or
-** if the client had no certificate when asked.
-**	"fd" the socket "file" descriptor
-*/
-SSL_IMPORT CERTCertificate *SSL_PeerCertificate(PRFileDesc *fd);
-
-/*
-** Authenticate certificate hook. Called when a certificate comes in
-** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the
-** certificate.
-*/
-typedef SECStatus (PR_CALLBACK *SSLAuthCertificate)(void *arg, PRFileDesc *fd, 
-                                                    PRBool checkSig,
-                                                    PRBool isServer);
-
-SSL_IMPORT SECStatus SSL_AuthCertificateHook(PRFileDesc *fd, 
-					     SSLAuthCertificate f,
-				             void *arg);
-
-/* An implementation of the certificate authentication hook */
-SSL_IMPORT SECStatus SSL_AuthCertificate(void *arg, PRFileDesc *fd, 
-					 PRBool checkSig, PRBool isServer);
-
-/*
- * Prototype for SSL callback to get client auth data from the application.
- *	arg - application passed argument
- *	caNames - pointer to distinguished names of CAs that the server likes
- *	pRetCert - pointer to pointer to cert, for return of cert
- *	pRetKey - pointer to key pointer, for return of key
- */
-typedef SECStatus (PR_CALLBACK *SSLGetClientAuthData)(void *arg,
-                                PRFileDesc *fd,
-                                CERTDistNames *caNames,
-                                CERTCertificate **pRetCert,/*return */
-                                SECKEYPrivateKey **pRetKey);/* return */
-
-/*
- * Set the client side callback for SSL to retrieve user's private key
- * and certificate.
- *	fd - the file descriptor for the connection in question
- *	f - the application's callback that delivers the key and cert
- *	a - application specific data
- */
-SSL_IMPORT SECStatus SSL_GetClientAuthDataHook(PRFileDesc *fd, 
-			                       SSLGetClientAuthData f, void *a);
-
-
-/*
- * Set the client side argument for SSL to retrieve PKCS #11 pin.
- *	fd - the file descriptor for the connection in question
- *	a - pkcs11 application specific data
- */
-SSL_IMPORT SECStatus SSL_SetPKCS11PinArg(PRFileDesc *fd, void *a);
-
-/*
-** This is a callback for dealing with server certs that are not authenticated
-** by the client.  The client app can decide that it actually likes the
-** cert by some external means and restart the connection.
-*/
-typedef SECStatus (PR_CALLBACK *SSLBadCertHandler)(void *arg, PRFileDesc *fd);
-SSL_IMPORT SECStatus SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f, 
-				     void *arg);
-
-/*
-** Configure ssl for running a secure server. Needs the
-** certificate for the server and the servers private key. The arguments
-** are copied.
-*/
-SSL_IMPORT SECStatus SSL_ConfigSecureServer(
-				PRFileDesc *fd, CERTCertificate *cert,
-				SECKEYPrivateKey *key, SSLKEAType kea);
-
-/*
-** Configure a secure servers session-id cache. Define the maximum number
-** of entries in the cache, the longevity of the entires, and the directory
-** where the cache files will be placed.  These values can be zero, and 
-** if so, the implementation will choose defaults.
-** This version of the function is for use in applications that have only one 
-** process that uses the cache (even if that process has multiple threads).
-*/
-SSL_IMPORT SECStatus SSL_ConfigServerSessionIDCache(int      maxCacheEntries,
-					            PRUint32 timeout,
-					            PRUint32 ssl3_timeout,
-				              const char *   directory);
-/*
-** Like SSL_ConfigServerSessionIDCache, with one important difference.
-** If the application will run multiple processes (as opposed to, or in 
-** addition to multiple threads), then it must call this function, instead
-** of calling SSL_ConfigServerSessionIDCache().
-** This has nothing to do with the number of processORs, only processEs.
-** This function sets up a Server Session ID (SID) cache that is safe for
-** access by multiple processes on the same system.
-*/
-SSL_IMPORT SECStatus SSL_ConfigMPServerSIDCache(int      maxCacheEntries, 
-				                PRUint32 timeout,
-			       	                PRUint32 ssl3_timeout, 
-		                          const char *   directory);
-
-/* Get and set the configured maximum number of mutexes used for the 
-** server's store of SSL sessions.  This value is used by the server 
-** session ID cache initialization functions shown above.  Note that on 
-** some platforms, these mutexes are actually implemented with POSIX 
-** semaphores, or with unnamed pipes.  The default value varies by platform.
-** An attempt to set a too-low maximum will return an error and the 
-** configured value will not be changed.
-*/
-SSL_IMPORT PRUint32  SSL_GetMaxServerCacheLocks(void);
-SSL_IMPORT SECStatus SSL_SetMaxServerCacheLocks(PRUint32 maxLocks);
-
-/* environment variable set by SSL_ConfigMPServerSIDCache, and queried by
- * SSL_InheritMPServerSIDCache when envString is NULL.
- */
-#define SSL_ENV_VAR_NAME            "SSL_INHERITANCE"
-
-/* called in child to inherit SID Cache variables. 
- * If envString is NULL, this function will use the value of the environment
- * variable "SSL_INHERITANCE", otherwise the string value passed in will be 
- * used.
- */
-SSL_IMPORT SECStatus SSL_InheritMPServerSIDCache(const char * envString);
-
-/*
-** Set the callback on a particular socket that gets called when we finish
-** performing a handshake.
-*/
-typedef void (PR_CALLBACK *SSLHandshakeCallback)(PRFileDesc *fd,
-                                                 void *client_data);
-SSL_IMPORT SECStatus SSL_HandshakeCallback(PRFileDesc *fd, 
-			          SSLHandshakeCallback cb, void *client_data);
-
-/*
-** For the server, request a new handshake.  For the client, begin a new
-** handshake.  If flushCache is non-zero, the SSL3 cache entry will be 
-** flushed first, ensuring that a full SSL handshake will be done.
-** If flushCache is zero, and an SSL connection is established, it will 
-** do the much faster session restart handshake.  This will change the 
-** session keys without doing another private key operation.
-*/
-SSL_IMPORT SECStatus SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache);
-
-#ifdef SSL_DEPRECATED_FUNCTION 
-/* deprecated!
-** For the server, request a new handshake.  For the client, begin a new
-** handshake.  Flushes SSL3 session cache entry first, ensuring that a 
-** full handshake will be done.  
-** This call is equivalent to SSL_ReHandshake(fd, PR_TRUE)
-*/
-SSL_IMPORT SECStatus SSL_RedoHandshake(PRFileDesc *fd);
-#endif
-
-/*
- * Allow the application to pass a URL or hostname into the SSL library
- */
-SSL_IMPORT SECStatus SSL_SetURL(PRFileDesc *fd, const char *url);
-
-/*
-** Return the number of bytes that SSL has waiting in internal buffers.
-** Return 0 if security is not enabled.
-*/
-SSL_IMPORT int SSL_DataPending(PRFileDesc *fd);
-
-/*
-** Invalidate the SSL session associated with fd.
-*/
-SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd);
-
-/*
-** Return a SECItem containing the SSL session ID associated with the fd.
-*/
-SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd);
-
-/*
-** Clear out the client's SSL session cache, not the server's session cache.
-*/
-SSL_IMPORT void SSL_ClearSessionCache(void);
-
-/*
-** Set peer information so we can correctly look up SSL session later.
-** You only have to do this if you're tunneling through a proxy.
-*/
-SSL_IMPORT SECStatus SSL_SetSockPeerID(PRFileDesc *fd, char *peerID);
-
-/*
-** Reveal the security information for the peer. 
-*/
-SSL_IMPORT CERTCertificate * SSL_RevealCert(PRFileDesc * socket);
-SSL_IMPORT void * SSL_RevealPinArg(PRFileDesc * socket);
-SSL_IMPORT char * SSL_RevealURL(PRFileDesc * socket);
-
-
-/* This callback may be passed to the SSL library via a call to
- * SSL_GetClientAuthDataHook() for each SSL client socket.
- * It will be invoked when SSL needs to know what certificate and private key
- * (if any) to use to respond to a request for client authentication.
- * If arg is non-NULL, it is a pointer to a NULL-terminated string containing
- * the nickname of the cert/key pair to use.
- * If arg is NULL, this function will search the cert and key databases for 
- * a suitable match and send it if one is found.
- */
-SSL_IMPORT SECStatus
-NSS_GetClientAuthData(void *                       arg,
-                      PRFileDesc *                 socket,
-                      struct CERTDistNamesStr *    caNames,
-                      struct CERTCertificateStr ** pRetCert,
-                      struct SECKEYPrivateKeyStr **pRetKey);
-
-/*
- * Look to see if any of the signers in the cert chain for "cert" are found
- * in the list of caNames.  
- * Returns SECSuccess if so, SECFailure if not.
- * Used by NSS_GetClientAuthData.  May be used by other callback functions.
- */
-SSL_IMPORT SECStatus NSS_CmpCertChainWCANames(CERTCertificate *cert, 
-                                          CERTDistNames *caNames);
-
-/* 
- * Returns key exchange type of the keys in an SSL server certificate.
- */
-SSL_IMPORT SSLKEAType NSS_FindCertKEAType(CERTCertificate * cert);
-
-/* Set cipher policies to a predefined Domestic (U.S.A.) policy.
- * This essentially enables all supported ciphers.
- */
-SSL_IMPORT SECStatus NSS_SetDomesticPolicy(void);
-
-/* Set cipher policies to a predefined Policy that is exportable from the USA
- *   according to present U.S. policies as we understand them.
- * See documentation for the list.
- * Note that your particular application program may be able to obtain
- *   an export license with more or fewer capabilities than those allowed
- *   by this function.  In that case, you should use SSL_SetPolicy()
- *   to explicitly allow those ciphers you may legally export.
- */
-SSL_IMPORT SECStatus NSS_SetExportPolicy(void);
-
-/* Set cipher policies to a predefined Policy that is exportable from the USA
- *   according to present U.S. policies as we understand them, and that the 
- *   nation of France will permit to be imported into their country.
- * See documentation for the list.
- */
-SSL_IMPORT SECStatus NSS_SetFrancePolicy(void);
-
-SSL_IMPORT SSL3Statistics * SSL_GetStatistics(void);
-
-/* Report more information than SSL_SecurityStatus.
-** Caller supplies the info struct.  Function fills it in.
-*/
-SSL_IMPORT SECStatus SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info,
-                                        PRUintn len);
-SSL_IMPORT SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite, 
-                                        SSLCipherSuiteInfo *info, PRUintn len);
-
-/*
-** Return a new reference to the certificate that was most recently sent
-** to the peer on this SSL/TLS connection, or NULL if none has been sent.
-*/
-SSL_IMPORT CERTCertificate * SSL_LocalCertificate(PRFileDesc *fd);
-
-SEC_END_PROTOS
-
-#endif /* __ssl_h_ */
diff --git a/security/nss/lib/ssl/ssl.rc b/security/nss/lib/ssl/ssl.rc
deleted file mode 100644
index 864c94f94..000000000
--- a/security/nss/lib/ssl/ssl.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "ssl"
-#define MY_FILEDESCRIPTION "NSS SSL Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
-    BLOCK "StringFileInfo"
-    BEGIN
-        BLOCK "040904B0" // Lang=US English, CharSet=Unicode
-        BEGIN
-            VALUE "CompanyName", "Netscape Communications Corporation\0"
-            VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
-            VALUE "FileVersion", NSS_VERSION "\0"
-            VALUE "InternalName", MY_INTERNAL_NAME "\0"
-            VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
-            VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
-            VALUE "ProductName", "Network Security Services\0"
-            VALUE "ProductVersion", NSS_VERSION "\0"
-        END
-    END
-    BLOCK "VarFileInfo"
-    BEGIN
-        VALUE "Translation", 0x409, 1200
-    END
-END
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
deleted file mode 100644
index 1e2da2e94..000000000
--- a/security/nss/lib/ssl/ssl3con.c
+++ /dev/null
@@ -1,7967 +0,0 @@
-/*
- * SSL3 Protocol
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "ssl.h"
-#include "cryptohi.h"	/* for DSAU_ stuff */
-#include "keyhi.h"
-#include "secder.h"
-#include "secitem.h"
-
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "sslerr.h"
-#include "prtime.h"
-#include "prinrval.h"
-#include "prerror.h"
-#include "pratom.h"
-#include "prthread.h"
-
-#include "pk11func.h"
-#include "secmod.h"
-#include "nsslocks.h"
-
-#include <stdio.h>
-
-#ifndef PK11_SETATTRS
-#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
-		(x)->pValue=(v); (x)->ulValueLen = (l);
-#endif
-
-static void      ssl3_CleanupPeerCerts(ssl3State *ssl3);
-static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
-                                       PK11SlotInfo * serverKeySlot);
-static SECStatus ssl3_GenerateSessionKeys(sslSocket *ss, const PK11SymKey *pms);
-static SECStatus ssl3_HandshakeFailure(      sslSocket *ss);
-static SECStatus ssl3_InitState(             sslSocket *ss);
-static sslSessionID *ssl3_NewSessionID(      sslSocket *ss, PRBool is_server);
-static SECStatus ssl3_SendCertificate(       sslSocket *ss);
-static SECStatus ssl3_SendEmptyCertificate(  sslSocket *ss);
-static SECStatus ssl3_SendCertificateRequest(sslSocket *ss);
-static SECStatus ssl3_SendFinished(          sslSocket *ss, PRInt32 flags);
-static SECStatus ssl3_SendServerHello(       sslSocket *ss);
-static SECStatus ssl3_SendServerHelloDone(   sslSocket *ss);
-static SECStatus ssl3_SendServerKeyExchange( sslSocket *ss);
-
-static SECStatus Null_Cipher(void *ctx, unsigned char *output, int *outputLen,
-			     int maxOutputLen, const unsigned char *input,
-			     int inputLen);
-
-#define MAX_SEND_BUF_LENGTH 32000 /* watch for 16-bit integer overflow */
-#define MIN_SEND_BUF_LENGTH  4000
-
-#define MAX_CIPHER_SUITES 20
-
-/* This list of SSL3 cipher suites is sorted in descending order of
- * precedence (desirability).  It only includes cipher suites we implement.
- * This table is modified by SSL3_SetPolicy().
- */
-static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
-   /*      cipher_suite                         policy      enabled is_present*/
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 	   SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	   SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_RSA_WITH_AES_256_CBC_SHA,     	   SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,      SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_DHE_DSS_WITH_RC4_128_SHA,           SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_RSA_WITH_AES_128_CBC_SHA,       SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	   SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_WITH_RC4_128_MD5,               SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_RC4_128_SHA,               SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_RSA_WITH_AES_128_CBC_SHA,     	   SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
- { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,      SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,      SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,     SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_3DES_EDE_CBC_SHA,          SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_DHE_RSA_WITH_DES_CBC_SHA,           SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_DHE_DSS_WITH_DES_CBC_SHA,           SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_FIPS_WITH_DES_CBC_SHA,          SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_DES_CBC_SHA,               SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,     SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,    SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_EXPORT_WITH_RC4_40_MD5,         SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,     SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_FORTEZZA_DMS_WITH_NULL_SHA,         SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_NULL_MD5,                  SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}
-};
-
-static const /*SSL3CompressionMethod*/ uint8 compressions [] = {
-    compression_null
-};
-
-static const int compressionMethodsCount =
-		sizeof(compressions) / sizeof(compressions[0]);
-
-static const /*SSL3ClientCertificateType */ uint8 certificate_types [] = {
-    ct_RSA_sign,
-    ct_DSS_sign,
-};
-
-static const /*SSL3ClientCertificateType */ uint8 fortezza_certificate_types [] = {
-    ct_Fortezza,
-};
-
-/*
- * make sure there is room in the write buffer for padding and
- * other compression and cryptographic expansions
- */
-#define SSL3_BUFFER_FUDGE     100
-
-#define SET_ERROR_CODE		/* reminder */
-#define SEND_ALERT		/* reminder */
-#define TEST_FOR_FAILURE	/* reminder */
-#define DEAL_WITH_FAILURE	/* reminder */
-
-#define EXPORT_RSA_KEY_LENGTH 64	/* bytes */
-
-
-/* This is a hack to make sure we don't do double handshakes for US policy */
-PRBool ssl3_global_policy_some_restricted = PR_FALSE;
-
-/* This global item is used only in servers.  It is is initialized by
-** SSL_ConfigSecureServer(), and is used in ssl3_SendCertificateRequest().
-*/
-CERTDistNames *ssl3_server_ca_list = NULL;
-static SSL3Statistics ssl3stats;
-
-/* indexed by SSL3BulkCipher */
-static const ssl3BulkCipherDef bulk_cipher_defs[] = {
-    /* cipher          calg        keySz secretSz  type  ivSz BlkSz keygen */
-    {cipher_null,      calg_null,      0,  0, type_stream,  0, 0, kg_null},
-    {cipher_rc4,       calg_rc4,      16, 16, type_stream,  0, 0, kg_strong},
-    {cipher_rc4_40,    calg_rc4,      16,  5, type_stream,  0, 0, kg_export},
-    {cipher_rc4_56,    calg_rc4,      16,  7, type_stream,  0, 0, kg_export},
-    {cipher_rc2,       calg_rc2,      16, 16, type_block,   8, 8, kg_strong},
-    {cipher_rc2_40,    calg_rc2,      16,  5, type_block,   8, 8, kg_export},
-    {cipher_des,       calg_des,       8,  8, type_block,   8, 8, kg_strong},
-    {cipher_3des,      calg_3des,     24, 24, type_block,   8, 8, kg_strong},
-    {cipher_des40,     calg_des,       8,  5, type_block,   8, 8, kg_export},
-    {cipher_idea,      calg_idea,     16, 16, type_block,   8, 8, kg_strong},
-    {cipher_fortezza,  calg_fortezza, 10, 10, type_block,  24, 8, kg_null},
-    {cipher_aes_128,   calg_aes,      16, 16, type_block,  16,16, kg_strong},
-    {cipher_aes_256,   calg_aes,      32, 32, type_block,  16,16, kg_strong},
-    {cipher_missing,   calg_null,      0,  0, type_stream,  0, 0, kg_null},
-};
-
-static const ssl3KEADef kea_defs[] = { /* indexed by SSL3KeyExchangeAlgorithm */
-    /* kea              exchKeyType signKeyType is_limited limit  tls_keygen */
-    {kea_null,           kt_null,     sign_null, PR_FALSE,   0, PR_FALSE},
-    {kea_rsa,            kt_rsa,      sign_rsa,  PR_FALSE,   0, PR_FALSE},
-    {kea_rsa_export,     kt_rsa,      sign_rsa,  PR_TRUE,  512, PR_FALSE},
-    {kea_rsa_export_1024,kt_rsa,      sign_rsa,  PR_TRUE, 1024, PR_FALSE},
-    {kea_dh_dss,         kt_dh,       sign_dsa,  PR_FALSE,   0, PR_FALSE},
-    {kea_dh_dss_export,  kt_dh,       sign_dsa,  PR_TRUE,  512, PR_FALSE},
-    {kea_dh_rsa,         kt_dh,       sign_rsa,  PR_FALSE,   0, PR_FALSE},
-    {kea_dh_rsa_export,  kt_dh,       sign_rsa,  PR_TRUE,  512, PR_FALSE},
-    {kea_dhe_dss,        kt_dh,       sign_dsa,  PR_FALSE,   0, PR_FALSE},
-    {kea_dhe_dss_export, kt_dh,       sign_dsa,  PR_TRUE,  512, PR_FALSE},
-    {kea_dhe_rsa,        kt_dh,       sign_rsa,  PR_FALSE,   0, PR_FALSE},
-    {kea_dhe_rsa_export, kt_dh,       sign_rsa,  PR_TRUE,  512, PR_FALSE},
-    {kea_dh_anon,        kt_dh,       sign_null, PR_FALSE,   0, PR_FALSE},
-    {kea_dh_anon_export, kt_dh,       sign_null, PR_TRUE,  512, PR_FALSE},
-    {kea_fortezza,       kt_fortezza, sign_dsa,  PR_FALSE,   0, PR_FALSE},
-    {kea_rsa_fips,       kt_rsa,      sign_rsa,  PR_FALSE,   0, PR_TRUE },
-};
-
-/* must use ssl_LookupCipherSuiteDef to access */
-static const ssl3CipherSuiteDef cipher_suite_defs[] = {
-/*  cipher_suite                    bulk_cipher_alg mac_alg key_exchange_alg */
-
-    {SSL_NULL_WITH_NULL_NULL,       cipher_null,   mac_null, kea_null},
-    {SSL_RSA_WITH_NULL_MD5,         cipher_null,   mac_md5, kea_rsa},
-    {SSL_RSA_WITH_NULL_SHA,         cipher_null,   mac_sha, kea_rsa},
-    {SSL_RSA_EXPORT_WITH_RC4_40_MD5,cipher_rc4_40, mac_md5, kea_rsa_export},
-    {SSL_RSA_WITH_RC4_128_MD5,      cipher_rc4,    mac_md5, kea_rsa},
-    {SSL_RSA_WITH_RC4_128_SHA,      cipher_rc4,    mac_sha, kea_rsa},
-    {SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-                                    cipher_rc2_40, mac_md5, kea_rsa_export},
-#if 0 /* not implemented */
-    {SSL_RSA_WITH_IDEA_CBC_SHA,     cipher_idea,   mac_sha, kea_rsa},
-    {SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
-                                    cipher_des40,  mac_sha, kea_rsa_export},
-#endif
-    {SSL_RSA_WITH_DES_CBC_SHA,      cipher_des,    mac_sha, kea_rsa},
-    {SSL_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des,   mac_sha, kea_rsa},
-    {SSL_DHE_DSS_WITH_DES_CBC_SHA,  cipher_des,    mac_sha, kea_dhe_dss},
-    {SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-                                    cipher_3des,   mac_sha, kea_dhe_dss},
-    {TLS_DHE_DSS_WITH_RC4_128_SHA,  cipher_rc4,    mac_sha, kea_dhe_dss},
-#if 0 /* not implemented */
-    {SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
-                                    cipher_des40,  mac_sha, kea_dh_dss_export},
-    {SSL_DH_DSS_DES_CBC_SHA,        cipher_des,    mac_sha, kea_dh_dss},
-    {SSL_DH_DSS_3DES_CBC_SHA,       cipher_3des,   mac_sha, kea_dh_dss},
-    {SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
-                                    cipher_des40,  mac_sha, kea_dh_rsa_export},
-    {SSL_DH_RSA_DES_CBC_SHA,        cipher_des,    mac_sha, kea_dh_rsa},
-    {SSL_DH_RSA_3DES_CBC_SHA,       cipher_3des,   mac_sha, kea_dh_rsa},
-    {SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
-                                    cipher_des40,  mac_sha, kea_dh_dss_export},
-    {SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
-                                    cipher_des40,  mac_sha, kea_dh_rsa_export},
-#endif
-    {SSL_DHE_RSA_WITH_DES_CBC_SHA,  cipher_des,    mac_sha, kea_dhe_rsa},
-    {SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
-                                    cipher_3des,   mac_sha, kea_dhe_rsa},
-#if 0
-    {SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4_40, mac_md5, kea_dh_anon_export},
-    {SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4,    mac_md5, kea_dh_anon_export},
-    {SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA,
-                                    cipher_des40,  mac_sha, kea_dh_anon_export},
-    {SSL_DH_ANON_DES_CBC_SHA,       cipher_des,    mac_sha, kea_dh_anon},
-    {SSL_DH_ANON_3DES_CBC_SHA,      cipher_3des,   mac_sha, kea_dh_anon},
-#endif
-
-    {SSL_FORTEZZA_DMS_WITH_NULL_SHA, cipher_null,  mac_sha, kea_fortezza},
-    {SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
-                                  cipher_fortezza, mac_sha, kea_fortezza},
-    {SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_fortezza},
-
-/* New TLS cipher suites */
-    {TLS_RSA_WITH_AES_128_CBC_SHA,     	cipher_aes_128, mac_sha, kea_rsa},
-    {TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	cipher_aes_128, mac_sha, kea_dhe_dss},
-    {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 	cipher_aes_128, mac_sha, kea_dhe_rsa},
-    {TLS_RSA_WITH_AES_256_CBC_SHA,     	cipher_aes_256, mac_sha, kea_rsa},
-    {TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	cipher_aes_256, mac_sha, kea_dhe_dss},
-    {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 	cipher_aes_256, mac_sha, kea_dhe_rsa},
-#if 0
-    {TLS_DH_DSS_WITH_AES_128_CBC_SHA,  	cipher_aes_128, mac_sha, kea_dh_dss},
-    {TLS_DH_RSA_WITH_AES_128_CBC_SHA,  	cipher_aes_128, mac_sha, kea_dh_rsa},
-    {TLS_DH_ANON_WITH_AES_128_CBC_SHA, 	cipher_aes_128, mac_sha, kea_dh_anon},
-    {TLS_DH_DSS_WITH_AES_256_CBC_SHA,  	cipher_aes_256, mac_sha, kea_dh_dss},
-    {TLS_DH_RSA_WITH_AES_256_CBC_SHA,  	cipher_aes_256, mac_sha, kea_dh_rsa},
-    {TLS_DH_ANON_WITH_AES_256_CBC_SHA, 	cipher_aes_256, mac_sha, kea_dh_anon},
-#endif
-
-    {TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-                                    cipher_des,    mac_sha,kea_rsa_export_1024},
-    {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
-                                    cipher_rc4_56, mac_sha,kea_rsa_export_1024},
-
-    {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips},
-    {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des,    mac_sha, kea_rsa_fips},
-
-};
-
-static const CK_MECHANISM_TYPE kea_alg_defs[] = {
-    0x80000000L,
-    CKM_RSA_PKCS,
-    CKM_DH_PKCS_DERIVE,
-    CKM_KEA_KEY_DERIVE
-};
-
-typedef struct SSLCipher2MechStr {
-    SSLCipherAlgorithm  calg;
-    CK_MECHANISM_TYPE   cmech;
-} SSLCipher2Mech;
-
-static const SSLCipher2Mech alg2Mech[] = {
-    { calg_null     , (CK_MECHANISM_TYPE)0x80000000L	},
-    { calg_rc4      , CKM_RC4				},
-    { calg_rc2      , CKM_RC2_CBC			},
-    { calg_des      , CKM_DES_CBC			},
-    { calg_3des     , CKM_DES3_CBC			},
-    { calg_idea     , CKM_IDEA_CBC			},
-    { calg_fortezza , CKM_SKIPJACK_CBC64		},
-    { calg_aes      , CKM_AES_CBC			},
-/*  { calg_init     , (CK_MECHANISM_TYPE)0x7fffffffL    }  */
-};
-
-#define mmech_null     (CK_MECHANISM_TYPE)0x80000000L
-#define mmech_md5      CKM_SSL3_MD5_MAC
-#define mmech_sha      CKM_SSL3_SHA1_MAC
-#define mmech_md5_hmac CKM_MD5_HMAC
-#define mmech_sha_hmac CKM_SHA_1_HMAC
-
-static const ssl3MACDef mac_defs[] = { /* indexed by SSL3MACAlgorithm */
-    /* mac      mmech       pad_size  mac_size                       */
-    { mac_null, mmech_null,       0,  0          },
-    { mac_md5,  mmech_md5,       48,  MD5_LENGTH },
-    { mac_sha,  mmech_sha,       40,  SHA1_LENGTH},
-    {hmac_md5,  mmech_md5_hmac,  48,  MD5_LENGTH },
-    {hmac_sha,  mmech_sha_hmac,  40,  SHA1_LENGTH},
-};
-
-/* indexed by SSL3BulkCipher */
-const char * const ssl3_cipherName[] = {
-    "NULL",
-    "RC4",
-    "RC4-40",
-    "RC4-56",
-    "RC2-CBC",
-    "RC2-CBC-40",
-    "DES-CBC",
-    "3DES-EDE-CBC",
-    "DES-CBC-40",
-    "IDEA-CBC",
-    "FORTEZZA",
-    "missing"
-};
-
-#if defined(TRACE)
-
-static char *
-ssl3_DecodeHandshakeType(int msgType)
-{
-    char * rv;
-    static char line[40];
-
-    switch(msgType) {
-    case hello_request:	        rv = "hello_request (0)";               break;
-    case client_hello:	        rv = "client_hello  (1)";               break;
-    case server_hello:	        rv = "server_hello  (2)";               break;
-    case certificate:	        rv = "certificate  (11)";               break;
-    case server_key_exchange:	rv = "server_key_exchange (12)";        break;
-    case certificate_request:	rv = "certificate_request (13)";        break;
-    case server_hello_done:	rv = "server_hello_done   (14)";        break;
-    case certificate_verify:	rv = "certificate_verify  (15)";        break;
-    case client_key_exchange:	rv = "client_key_exchange (16)";        break;
-    case finished:	        rv = "finished     (20)";               break;
-    default:
-        sprintf(line, "*UNKNOWN* handshake type! (%d)", msgType);
-	rv = line;
-    }
-    return rv;
-}
-
-static char *
-ssl3_DecodeContentType(int msgType)
-{
-    char * rv;
-    static char line[40];
-
-    switch(msgType) {
-    case content_change_cipher_spec:
-                                rv = "change_cipher_spec (20)";         break;
-    case content_alert:	        rv = "alert      (21)";                 break;
-    case content_handshake:	rv = "handshake  (22)";                 break;
-    case content_application_data:
-                                rv = "application_data (23)";           break;
-    default:
-        sprintf(line, "*UNKNOWN* record type! (%d)", msgType);
-	rv = line;
-    }
-    return rv;
-}
-
-#endif
-
-SSL3Statistics * 
-SSL_GetStatistics(void)
-{
-    return &ssl3stats;
-}
-
-/* return pointer to ssl3CipherSuiteDef for suite, or NULL */
-/* XXX This does a linear search.  A binary search would be better. */
-static const ssl3CipherSuiteDef *
-ssl_LookupCipherSuiteDef(ssl3CipherSuite suite)
-{
-    int cipher_suite_def_len =
-	sizeof(cipher_suite_defs) / sizeof(cipher_suite_defs[0]);
-    int i;
-
-    for (i = 0; i < cipher_suite_def_len; i++) {
-	if (cipher_suite_defs[i].cipher_suite == suite)
-	    return &cipher_suite_defs[i];
-    }
-    PORT_Assert(PR_FALSE);  /* We should never get here. */
-    PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-    return NULL;
-}
-
-/* Find the cipher configuration struct associate with suite */
-/* XXX This does a linear search.  A binary search would be better. */
-static ssl3CipherSuiteCfg *
-ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, ssl3CipherSuiteCfg *suites)
-{
-    int i;
-
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	if (suites[i].cipher_suite == suite)
-	    return &suites[i];
-    }
-    /* return NULL and let the caller handle it.  */
-    PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-    return NULL;
-}
-
-
-/* Initialize the suite->isPresent value for config_match
- * Returns count of enabled ciphers supported by extant tokens,
- * regardless of policy or user preference.
- * If this returns zero, the user cannot do SSL v3.
- */
-int
-ssl3_config_match_init(sslSocket *ss)
-{
-    ssl3CipherSuiteCfg *      suite;
-    const ssl3CipherSuiteDef *cipher_def;
-    SSLCipherAlgorithm        cipher_alg;
-    CK_MECHANISM_TYPE         cipher_mech;
-    SSL3KEAType               exchKeyType;
-    int                       i;
-    int                       numPresent		= 0;
-    int                       numEnabled		= 0;
-    PRBool                    isServer;
-    sslServerCerts           *svrAuth;
-
-    if (!ss->enableSSL3 && !ss->enableTLS) {
-    	return 0;
-    }
-    isServer = (PRBool)( ss && ss->sec.isServer );
-
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	suite = &ss->cipherSuites[i];
-	if (suite->enabled) {
-	    ++numEnabled;
-	    /* We need the cipher defs to see if we have a token that can handle
-	     * this cipher.  It isn't part of the static definition.
-	     */
-	    cipher_def = ssl_LookupCipherSuiteDef(suite->cipher_suite);
-	    if (!cipher_def) {
-	    	suite->isPresent = PR_FALSE;
-		continue;
-	    }
-	    cipher_alg=bulk_cipher_defs[cipher_def->bulk_cipher_alg ].calg;
-	    PORT_Assert(  alg2Mech[cipher_alg].calg == cipher_alg);
-	    cipher_mech = alg2Mech[cipher_alg].cmech;
-	    exchKeyType =
-	    	    kea_defs[cipher_def->key_exchange_alg].exchKeyType;
-	    svrAuth = ss->serverCerts + exchKeyType;
-
-	    /* Mark the suites that are backed by real tokens, certs and keys */
-	    suite->isPresent = (PRBool)
-		(((exchKeyType == kt_null) ||
-		    ((!isServer || (svrAuth->serverKey &&
-				   svrAuth->serverCertChain)) &&
-		    PK11_TokenExists(kea_alg_defs[exchKeyType]))) &&
-		((cipher_alg == calg_null) || PK11_TokenExists(cipher_mech)));
-	    if (suite->isPresent)
-	    	++numPresent;
-	}
-    }
-    PORT_Assert(numPresent > 0 || numEnabled == 0);
-    if (numPresent <= 0) {
-	PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);
-    }
-    return numPresent;
-}
-
-
-/* return PR_TRUE if suite matches policy and enabled state */
-/* It would be a REALLY BAD THING (tm) if we ever permitted the use
-** of a cipher that was NOT_ALLOWED.  So, if this is ever called with
-** policy == SSL_NOT_ALLOWED, report no match.
-*/
-/* adjust suite enabled to the availability of a token that can do the
- * cipher suite. */
-static PRBool
-config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled)
-{
-    PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE);
-    if (policy == SSL_NOT_ALLOWED || !enabled)
-    	return PR_FALSE;
-    return (PRBool)(suite->enabled &&
-                    suite->isPresent &&
-	            suite->policy != SSL_NOT_ALLOWED &&
-		    suite->policy <= policy);
-}
-
-/* return number of cipher suites that match policy and enabled state */
-/* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */
-static int
-count_cipher_suites(sslSocket *ss, int policy, PRBool enabled)
-{
-    int i, count = 0;
-
-    if (!ss->enableSSL3 && !ss->enableTLS) {
-    	return 0;
-    }
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	if (config_match(&ss->cipherSuites[i], policy, enabled))
-	    count++;
-    }
-    if (count <= 0) {
-	PORT_SetError(SSL_ERROR_SSL_DISABLED);
-    }
-    return count;
-}
-
-static PRBool
-anyRestrictedEnabled(sslSocket *ss)
-{
-    int i;
-
-    if (!ss->enableSSL3 && !ss->enableTLS) {
-    	return PR_FALSE;
-    }
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
-	if (suite->policy == SSL_RESTRICTED &&
-	    suite->enabled &&
-	    suite->isPresent)
-	    return PR_TRUE;
-    }
-    return PR_FALSE;
-}
-
-/*
- * Null compression, mac and encryption functions
- */
-
-static SECStatus
-Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
-	    const unsigned char *input, int inputLen)
-{
-    *outputLen = inputLen;
-    if (input != output)
-	PORT_Memcpy(output, input, inputLen);
-    return SECSuccess;
-}
-
-
-/*
- * SSL3 Utility functions
- */
-
-SECStatus
-ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion)
-{
-    SSL3ProtocolVersion version;
-    SSL3ProtocolVersion maxVersion;
-
-    if (ss->enableTLS) {
-	maxVersion = SSL_LIBRARY_VERSION_3_1_TLS;
-    } else if (ss->enableSSL3) {
-	maxVersion = SSL_LIBRARY_VERSION_3_0;
-    } else {
-    	/* what are we doing here? */
-	PORT_Assert(ss->enableSSL3 || ss->enableTLS);
-	PORT_SetError(SSL_ERROR_SSL_DISABLED);
-	return SECFailure;
-    }
-
-    ss->version = version = PR_MIN(maxVersion, peerVersion);
-
-    if ((version == SSL_LIBRARY_VERSION_3_1_TLS && ss->enableTLS) ||
-    	(version == SSL_LIBRARY_VERSION_3_0     && ss->enableSSL3)) {
-	return SECSuccess;
-    }
-
-    PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-    return SECFailure;
-
-}
-
-static SECStatus
-ssl3_GetNewRandom(SSL3Random *random)
-{
-    PRIntervalTime gmt = PR_IntervalToSeconds(PR_IntervalNow());
-    SECStatus rv;
-
-    random->rand[0] = (unsigned char)(gmt >> 24);
-    random->rand[1] = (unsigned char)(gmt >> 16);
-    random->rand[2] = (unsigned char)(gmt >>  8);
-    random->rand[3] = (unsigned char)(gmt);
-
-    /* first 4 bytes are reserverd for time */
-    rv = PK11_GenerateRandom(&random->rand[4], SSL3_RANDOM_LENGTH - 4);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
-    }
-    return rv;
-}
-
-static SECStatus
-ssl3_SignHashes(SSL3Hashes *hash, SECKEYPrivateKey *key, SECItem *buf, 
-                PRBool isTLS)
-{
-    SECStatus rv		= SECFailure;
-    PRBool    doDerEncode       = PR_FALSE;
-    int       signatureLen;
-    SECItem   hashItem;
-
-    buf->data    = NULL;
-    signatureLen = PK11_SignatureLen(key);
-    if (signatureLen <= 0) {
-	PORT_SetError(SEC_ERROR_INVALID_KEY);
-        goto done;
-    }
-
-    buf->len  = (unsigned)signatureLen;
-    buf->data = (unsigned char *)PORT_Alloc(signatureLen + 1);
-    if (!buf->data)
-        goto done;	/* error code was set. */
-
-    switch (key->keyType) {
-    case rsaKey:
-    	hashItem.data = hash->md5;
-    	hashItem.len = sizeof(SSL3Hashes);
-	break;
-    case dsaKey:
-    case fortezzaKey:
-	doDerEncode = isTLS;
-	hashItem.data = hash->sha;
-	hashItem.len = sizeof(hash->sha);
-	break;
-    default:
-	PORT_SetError(SEC_ERROR_INVALID_KEY);
-	goto done;
-    }
-    PRINT_BUF(60, (NULL, "hash(es) to be signed", hashItem.data, hashItem.len));
-
-    rv = PK11_Sign(key, buf, &hashItem);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
-    } else if (doDerEncode) {
-	SECItem   derSig	= {siBuffer, NULL, 0};
-
-    	rv = DSAU_EncodeDerSig(&derSig, buf);
-	if (rv == SECSuccess) {
-	    PORT_Free(buf->data);	/* discard unencoded signature. */
-	    *buf = derSig;		/* give caller encoded signature. */
-	} else if (derSig.data) {
-	    PORT_Free(derSig.data);
-	}
-    }
-
-    PRINT_BUF(60, (NULL, "signed hashes", (unsigned char*)buf->data, buf->len));
-done:
-    if (rv != SECSuccess && buf->data) {
-	PORT_Free(buf->data);
-	buf->data = NULL;
-    }
-    return rv;
-}
-
-
-static SECStatus
-ssl3_VerifySignedHashes(SSL3Hashes *hash, CERTCertificate *cert, 
-                        SECItem *buf, PRBool isTLS, void *pwArg)
-{
-    SECKEYPublicKey * key;
-    SECItem *         signature	= NULL;
-    SECStatus         rv;
-    SECItem           hashItem;
-
-
-    PRINT_BUF(60, (NULL, "check signed hashes",
-                  buf->data, buf->len));
-
-    key = CERT_ExtractPublicKey(cert);
-    if (key == NULL) {
-	/* CERT_ExtractPublicKey doesn't set error code */
-	PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-    	return SECFailure;
-    }
-
-    switch (key->keyType) {
-    case rsaKey:
-    	hashItem.data = hash->md5;
-    	hashItem.len = sizeof(SSL3Hashes);
-	break;
-    case dsaKey:
-    case fortezzaKey:
-	hashItem.data = hash->sha;
-	hashItem.len = sizeof(hash->sha);
-	if (isTLS) {
-	    signature = DSAU_DecodeDerSig(buf);
-	    if (!signature) {
-	    	PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
-		return SECFailure;
-	    }
-	    buf = signature;
-	}
-	break;
-    default:
-    	SECKEY_DestroyPublicKey(key);
-	PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-	return SECFailure;
-    }
-
-    PRINT_BUF(60, (NULL, "hash(es) to be verified",
-                  hashItem.data, hashItem.len));
-
-    rv = PK11_Verify(key, buf, &hashItem, pwArg);
-    SECKEY_DestroyPublicKey(key);
-    if (signature) {
-    	SECITEM_FreeItem(signature, PR_TRUE);
-    }
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
-    }
-    return rv;
-}
-
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeExportRSAKeyHash(SECItem modulus, SECItem publicExponent,
-			     SSL3Random *client_rand, SSL3Random *server_rand,
-			     SSL3Hashes *hashes)
-{
-    PK11Context * md5 		= NULL;
-    PK11Context * sha 		= NULL;
-    PRUint8     * hashBuf;
-    PRUint8     * pBuf;
-    SECStatus     rv 		= SECSuccess;
-    unsigned int  outLen;
-    unsigned int  bufLen;
-    PRUint8       buf[2*SSL3_RANDOM_LENGTH + 2 + 4096/8 + 2 + 4096/8];
-
-    bufLen = 2*SSL3_RANDOM_LENGTH + 2 + modulus.len + 2 + publicExponent.len;
-    if (bufLen <= sizeof buf) {
-    	hashBuf = buf;
-    } else {
-    	hashBuf = PORT_Alloc(bufLen);
-	if (!hashBuf) {
-	    return SECFailure;
-	}
-    }
-
-    md5 = PK11_CreateDigestContext(SEC_OID_MD5);
-    if (md5 == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	rv = SECFailure; /* Caller must set hiLevel error code. */
-	goto done;
-    }
-    sha = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (sha == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	rv = SECFailure; /* Caller must set hiLevel error code. */
-	goto done;
-    }
-
-    memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH); 
-    	pBuf = hashBuf + SSL3_RANDOM_LENGTH;
-    memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
-    	pBuf += SSL3_RANDOM_LENGTH;
-    pBuf[0]  = (PRUint8)(modulus.len >> 8);
-    pBuf[1]  = (PRUint8)(modulus.len);
-    	pBuf += 2;
-    memcpy(pBuf, modulus.data, modulus.len);
-    	pBuf += modulus.len;
-    pBuf[0] = (PRUint8)(publicExponent.len >> 8);
-    pBuf[1] = (PRUint8)(publicExponent.len);
-    	pBuf += 2;
-    memcpy(pBuf, publicExponent.data, publicExponent.len);
-    	pBuf += publicExponent.len;
-    PORT_Assert(pBuf - hashBuf == bufLen);
-
-    rv  = PK11_DigestBegin(md5);
-    rv |= PK11_DigestOp(md5, hashBuf, bufLen);
-    rv |= PK11_DigestFinal(md5, hashes->md5, &outLen, MD5_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLen == MD5_LENGTH);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-    	rv = SECFailure;
-	goto done;
-    }
-
-    rv  = PK11_DigestBegin(sha);
-    rv |= PK11_DigestOp(sha, hashBuf, bufLen);
-    rv |= PK11_DigestFinal(sha, hashes->sha, &outLen, SHA1_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-    	rv = SECFailure;
-	goto done;
-    }
-
-    PRINT_BUF(95, (NULL, "RSAkey hash: ", hashBuf, bufLen));
-    PRINT_BUF(95, (NULL, "RSAkey hash: MD5 result", hashes->md5, MD5_LENGTH));
-    PRINT_BUF(95, (NULL, "RSAkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
-    if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
-    if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
-    if (hashBuf != buf && hashBuf != NULL)
-    	PORT_Free(hashBuf);
-    return rv;
-}
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeDHKeyHash(SECItem dh_p, SECItem dh_g, SECItem dh_Ys,
-			     SSL3Random *client_rand, SSL3Random *server_rand,
-			     SSL3Hashes *hashes)
-{
-    PK11Context * md5 		= NULL;
-    PK11Context * sha 		= NULL;
-    PRUint8     * hashBuf;
-    PRUint8     * pBuf;
-    SECStatus     rv 		= SECSuccess;
-    unsigned int  outLen;
-    unsigned int  bufLen;
-    PRUint8       buf[2*SSL3_RANDOM_LENGTH + 2 + 4096/8 + 2 + 4096/8];
-
-    bufLen = 2*SSL3_RANDOM_LENGTH + 2 + dh_p.len + 2 + dh_g.len + 2 + dh_Ys.len;
-    if (bufLen <= sizeof buf) {
-    	hashBuf = buf;
-    } else {
-    	hashBuf = PORT_Alloc(bufLen);
-	if (!hashBuf) {
-	    return SECFailure;
-	}
-    }
-
-    md5 = PK11_CreateDigestContext(SEC_OID_MD5);
-    if (md5 == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	rv = SECFailure; /* Caller must set hiLevel error code. */
-	goto done;
-    }
-    sha = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (sha == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	rv = SECFailure; /* Caller must set hiLevel error code. */
-	goto done;
-    }
-
-    memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH); 
-    	pBuf = hashBuf + SSL3_RANDOM_LENGTH;
-    memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
-    	pBuf += SSL3_RANDOM_LENGTH;
-    pBuf[0]  = (PRUint8)(dh_p.len >> 8);
-    pBuf[1]  = (PRUint8)(dh_p.len);
-    	pBuf += 2;
-    memcpy(pBuf, dh_p.data, dh_p.len);
-    	pBuf += dh_p.len;
-    pBuf[0] = (PRUint8)(dh_g.len >> 8);
-    pBuf[1] = (PRUint8)(dh_g.len);
-    	pBuf += 2;
-    memcpy(pBuf, dh_g.data, dh_g.len);
-    	pBuf += dh_g.len;
-    pBuf[0] = (PRUint8)(dh_Ys.len >> 8);
-    pBuf[1] = (PRUint8)(dh_Ys.len);
-    	pBuf += 2;
-    memcpy(pBuf, dh_Ys.data, dh_Ys.len);
-    	pBuf += dh_Ys.len;
-    PORT_Assert(pBuf - hashBuf == bufLen);
-
-    rv  = PK11_DigestBegin(md5);
-    rv |= PK11_DigestOp(md5, hashBuf, bufLen);
-    rv |= PK11_DigestFinal(md5, hashes->md5, &outLen, MD5_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLen == MD5_LENGTH);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-    	rv = SECFailure;
-	goto done;
-    }
-
-    rv  = PK11_DigestBegin(sha);
-    rv |= PK11_DigestOp(sha, hashBuf, bufLen);
-    rv |= PK11_DigestFinal(sha, hashes->sha, &outLen, SHA1_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-    	rv = SECFailure;
-	goto done;
-    }
-
-    PRINT_BUF(95, (NULL, "DHkey hash: ", hashBuf, bufLen));
-    PRINT_BUF(95, (NULL, "DHkey hash: MD5 result", hashes->md5, MD5_LENGTH));
-    PRINT_BUF(95, (NULL, "DHkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
-    if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
-    if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
-    if (hashBuf != buf && hashBuf != NULL)
-    	PORT_Free(hashBuf);
-    return rv;
-}
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeFortezzaPublicKeyHash(SECItem publicValue, unsigned char * hash)
-{
-    PK11Context *sha 	= NULL;
-    SECStatus    rv	= SECFailure;
-    unsigned int outLen;
-
-    sha = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (sha == NULL) {
-	return rv; /* Caller must set hiLevel error code. */
-    }
-
-    rv  = PK11_DigestBegin(sha);
-    rv |= PK11_DigestOp(sha, (unsigned char *)publicValue.data, publicValue.len);
-    rv |= PK11_DigestFinal(sha, hash, &outLen, SHA1_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
-    if (rv != SECSuccess)
-    	rv = SECFailure;
-    PK11_DestroyContext(sha, PR_TRUE);
-
-    return rv;
-}
-
-
-static void
-ssl3_BumpSequenceNumber(SSL3SequenceNumber *num)
-{
-    num->low++;
-    if (num->low == 0)
-	num->high++;
-}
-
-/* Called only from ssl3_DestroyCipherSpec (immediately below). */
-static void
-ssl3_CleanupKeyMaterial(ssl3KeyMaterial *mat)
-{
-    if (mat->write_key != NULL) {
-	PK11_FreeSymKey(mat->write_key);
-	mat->write_key = NULL;
-    }
-    if (mat->write_mac_key != NULL) {
-	PK11_FreeSymKey(mat->write_mac_key);
-	mat->write_mac_key = NULL;
-    }
-    if (mat->write_mac_context != NULL) {
-	PK11_DestroyContext(mat->write_mac_context, PR_TRUE);
-	mat->write_mac_context = NULL;
-    }
-}
-
-/* Called from ssl3_SendChangeCipherSpecs() and ssl3_HandleChangeCipherSpecs()
-** Caller must hold SpecWriteLock.
-*/
-static void
-ssl3_DestroyCipherSpec(ssl3CipherSpec *spec)
-{
-
-/*  PORT_Assert( ssl_HaveSpecWriteLock(ss)); Don't have ss! */
-
-    if (spec->destroy) {
-	spec->destroy(spec->encodeContext,PR_TRUE);
-	spec->destroy(spec->decodeContext,PR_TRUE);
-	spec->encodeContext = NULL; /* paranoia */
-	spec->decodeContext = NULL;
-    }
-    if (spec->master_secret != NULL) {
-	PK11_FreeSymKey(spec->master_secret);
-	spec->master_secret = NULL;
-    }
-    ssl3_CleanupKeyMaterial(&spec->client);
-    ssl3_CleanupKeyMaterial(&spec->server);
-    spec->destroy=NULL;
-}
-
-/* Called from ssl3_HandleServerHello(), ssl3_SendServerHello()
-** Caller must hold the ssl3 handshake lock.
-** Acquires & releases SpecWriteLock.
-*/
-static SECStatus
-ssl3_SetupPendingCipherSpec(sslSocket *ss, ssl3State *ssl3)
-{
-    ssl3CipherSpec *          pwSpec;
-    ssl3CipherSpec *          cwSpec;
-    ssl3CipherSuite           suite     = ssl3->hs.cipher_suite;
-    SSL3MACAlgorithm          mac;
-    SSL3BulkCipher            cipher;
-    SSL3KeyExchangeAlgorithm  kea;
-    const ssl3CipherSuiteDef *suite_def;
-    PRBool                    isTLS;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    ssl_GetSpecWriteLock(ss);  /*******************************/
-
-    pwSpec = ssl3->pwSpec;
-    PORT_Assert(pwSpec == ssl3->prSpec);
-
-    /* This hack provides maximal interoperability with SSL 3 servers. */
-    cwSpec = ss->ssl3->cwSpec;
-    if (cwSpec->mac_def->mac == mac_null) {
-	/* SSL records are not being MACed. */
-	cwSpec->version = ss->version;
-    }
-
-    pwSpec->version  = ss->version;
-    isTLS  = (PRBool)(pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    SSL_TRC(3, ("%d: SSL3[%d]: Set XXX Pending Cipher Suite to 0x%04x",
-		SSL_GETPID(), ss->fd, suite));
-
-    suite_def = ssl_LookupCipherSuiteDef(suite);
-    if (suite_def == NULL) {
-	ssl_ReleaseSpecWriteLock(ss);
-	return SECFailure;	/* error code set by ssl_LookupCipherSuiteDef */
-    }
-
-
-    cipher = suite_def->bulk_cipher_alg;
-    kea    = suite_def->key_exchange_alg;
-    mac    = suite_def->mac_alg;
-    if (isTLS)
-	mac += 2;
-
-    ssl3->hs.suite_def = suite_def;
-    ssl3->hs.kea_def   = &kea_defs[kea];
-    PORT_Assert(ssl3->hs.kea_def->kea == kea);
-
-    pwSpec->cipher_def   = &bulk_cipher_defs[cipher];
-    PORT_Assert(pwSpec->cipher_def->cipher == cipher);
-
-    pwSpec->mac_def = &mac_defs[mac];
-    PORT_Assert(pwSpec->mac_def->mac == mac);
-
-
-    ss->sec.keyBits       = pwSpec->cipher_def->key_size        * BPB;
-    ss->sec.secretKeyBits = pwSpec->cipher_def->secret_key_size * BPB;
-    ss->sec.cipherType    = cipher;
-
-    pwSpec->encodeContext = NULL;
-    pwSpec->decodeContext = NULL;
-
-    pwSpec->mac_size = pwSpec->mac_def->mac_size;
-
-    ssl_ReleaseSpecWriteLock(ss);  /*******************************/
-    return SECSuccess;
-}
-
-/*
- * Called from: ssl3_SendClientKeyExchange 	(for Full handshake)
- *              ssl3_HandleClientKeyExchange	(for Full handshake)
- *              ssl3_HandleServerHello		(for session restart)
- *              ssl3_HandleClientHello		(for session restart)
- * Sets error code, but caller probably should override to disambiguate.
- * NULL pms means re-use old master_secret.
- */
-static SECStatus
-ssl3_InitPendingCipherSpec(sslSocket *ss, PK11SymKey *pms)
-{
-      ssl3CipherSpec  *  pwSpec;
-const ssl3BulkCipherDef *cipher_def;
-      PK11Context *      serverContext = NULL;
-      PK11Context *      clientContext = NULL;
-      SECItem *          param;
-      CK_ULONG           macLength;
-      SSLCipherAlgorithm calg;
-      SECStatus          rv;
-      CK_MECHANISM_TYPE  mechanism;
-      CK_MECHANISM_TYPE  mac_mech;
-      SECItem            iv;
-      SECItem            mac_param;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    ssl_GetSpecWriteLock(ss);	/**************************************/
-
-    PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-
-    pwSpec        = ss->ssl3->pwSpec;
-    cipher_def    = pwSpec->cipher_def;
-    macLength     = pwSpec->mac_size;
-
-    /* generate session keys from pms (if pms is not NULL) or ms */
-    rv = ssl3_GenerateSessionKeys(ss, pms);
-    if (rv != SECSuccess) {
-    	goto bail_out;	/* err code set by ssl3_GenerateSessionKeys */
-    }
-
-    pwSpec->client.write_mac_context = NULL;
-    pwSpec->server.write_mac_context = NULL;
-
-    mac_param.data = (unsigned char *)&macLength;
-    mac_param.len  = sizeof(macLength);
-    mac_mech       = pwSpec->mac_def->mmech;
-
-    if (cipher_def->calg == calg_null) {
-	pwSpec->encode  = Null_Cipher;
-	pwSpec->decode  = Null_Cipher;
-        pwSpec->destroy = NULL;
-	pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
-		mac_mech, CKA_SIGN, pwSpec->client.write_mac_key, &mac_param);
-	if (pwSpec->client.write_mac_context == NULL)  {
-	    ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
-	    goto fail;
-	}
-	pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
-		mac_mech, CKA_SIGN, pwSpec->server.write_mac_key, &mac_param);
-	if (pwSpec->server.write_mac_context == NULL) {
-	    ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
-	    goto fail;
-	}
-	goto success;
-    }
-
-    calg = cipher_def->calg;
-    PORT_Assert(alg2Mech[calg].calg == calg);
-    mechanism = alg2Mech[calg].cmech;
-
-    /*
-     * build the server context
-     */
-    iv.data = pwSpec->server.write_iv;
-    iv.len  = cipher_def->iv_size;
-    param = PK11_ParamFromIV(mechanism, &iv);
-    if (param == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
-    	goto fail;
-    }
-    serverContext = PK11_CreateContextBySymKey(mechanism,
-				(ss->sec.isServer ? CKA_ENCRYPT : CKA_DECRYPT),
-				pwSpec->server.write_key, param);
-    iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
-    if (iv.data)
-    	PORT_Memcpy(pwSpec->server.write_iv, iv.data, iv.len);
-    SECITEM_FreeItem(param, PR_TRUE);
-    if (serverContext == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
-    	goto fail;
-    }
-
-    /*
-     * build the client context
-     */
-    iv.data = pwSpec->client.write_iv;
-    iv.len  = cipher_def->iv_size;
-    param = PK11_ParamFromIV(mechanism, &iv);
-    if (param == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
-    	goto fail;
-    }
-    clientContext = PK11_CreateContextBySymKey(mechanism,
-				(ss->sec.isServer ? CKA_DECRYPT : CKA_ENCRYPT),
-				pwSpec->client.write_key, param);
-    iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
-    if (iv.data)
-    	PORT_Memcpy(pwSpec->client.write_iv, iv.data, iv.len);
-    SECITEM_FreeItem(param,PR_TRUE);
-    if (clientContext == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
-    	goto fail;
-    }
-
-    pwSpec->encodeContext = (ss->sec.isServer) ? serverContext : clientContext;
-    pwSpec->decodeContext = (ss->sec.isServer) ? clientContext : serverContext;
-    pwSpec->encode  = (SSLCipher) PK11_CipherOp;
-    pwSpec->decode  = (SSLCipher) PK11_CipherOp;
-    pwSpec->destroy = (SSLDestroy) PK11_DestroyContext;
-
-    serverContext = NULL;
-    clientContext = NULL;
-
-    pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
-		mac_mech,CKA_SIGN, pwSpec->client.write_mac_key,&mac_param);
-    if (pwSpec->client.write_mac_context == NULL)  {
-	ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
-    	goto fail;
-    }
-    pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
-		mac_mech, CKA_SIGN, pwSpec->server.write_mac_key,&mac_param);
-    if (pwSpec->server.write_mac_context == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
-    	goto fail;
-    }
-success:
-    ssl_ReleaseSpecWriteLock(ss);	/******************************/
-    return SECSuccess;
-
-fail:
-    if (serverContext != NULL) PK11_DestroyContext(serverContext, PR_TRUE);
-    if (clientContext != NULL) PK11_DestroyContext(clientContext, PR_TRUE);
-    if (pwSpec->client.write_mac_context != NULL) {
-    	PK11_DestroyContext(pwSpec->client.write_mac_context,PR_TRUE);
-	pwSpec->client.write_mac_context = NULL;
-    }
-    if (pwSpec->server.write_mac_context != NULL) {
-    	PK11_DestroyContext(pwSpec->server.write_mac_context,PR_TRUE);
-	pwSpec->server.write_mac_context = NULL;
-    }
-bail_out:
-    ssl_ReleaseSpecWriteLock(ss);
-    return SECFailure;
-}
-
-/*
- * 60 bytes is 3 times the maximum length MAC size that is supported.
- */
-static const unsigned char mac_pad_1 [60] = {
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36
-};
-static const unsigned char mac_pad_2 [60] = {
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c
-};
-
-/* Called from: ssl3_SendRecord()
-**		ssl3_HandleRecord()
-** Caller must already hold the SpecReadLock. (wish we could assert that!)
-*/
-static SECStatus
-ssl3_ComputeRecordMAC(
-    ssl3CipherSpec *   spec,
-    PK11Context *      mac_context,
-    SSL3ContentType    type,
-    SSL3ProtocolVersion version,
-    SSL3SequenceNumber seq_num,
-    SSL3Opaque *       input,
-    int                inputLength,
-    unsigned char *    outbuf,
-    unsigned int *     outLength)
-{
-    const ssl3MACDef * mac_def;
-    SECStatus          rv;
-    unsigned int       tempLen;
-    unsigned char      temp[MAX_MAC_LENGTH];
-
-/*  ssl_GetSpecReadLock(ss);  Don't have "ss"! */
-
-    mac_def = spec->mac_def;
-    if (mac_def->mac == mac_null) {
-	*outLength = 0;
-/*	ssl_ReleaseSpecReadLock(ss); */
-	return SECSuccess;
-    }
-
-    temp[0] = (unsigned char)(seq_num.high >> 24);
-    temp[1] = (unsigned char)(seq_num.high >> 16);
-    temp[2] = (unsigned char)(seq_num.high >>  8);
-    temp[3] = (unsigned char)(seq_num.high >>  0);
-    temp[4] = (unsigned char)(seq_num.low  >> 24);
-    temp[5] = (unsigned char)(seq_num.low  >> 16);
-    temp[6] = (unsigned char)(seq_num.low  >>  8);
-    temp[7] = (unsigned char)(seq_num.low  >>  0);
-    temp[8] = type;
-
-    /* TLS MAC includes the record's version field, SSL's doesn't.
-    ** We decide which MAC defintion to use based on the version of 
-    ** the protocol that was negotiated when the spec became current,
-    ** NOT based on the version value in the record itself.
-    ** But, we use the record'v version value in the computation.
-    */
-    if (spec->version <= SSL_LIBRARY_VERSION_3_0) {
-	temp[9]  = MSB(inputLength);
-	temp[10] = LSB(inputLength);
-	tempLen  = 11;
-    } else {
-    	/* New TLS hash includes version. */
-	temp[9]  = MSB(version);
-	temp[10] = LSB(version);
-	temp[11] = MSB(inputLength);
-	temp[12] = LSB(inputLength);
-	tempLen  = 13;
-    }
-
-    PRINT_BUF(95, (NULL, "frag hash1: temp", temp, tempLen));
-    PRINT_BUF(95, (NULL, "frag hash1: input", input, inputLength));
-
-    rv  = PK11_DigestBegin(mac_context);
-    rv |= PK11_DigestOp(mac_context, temp, tempLen);
-    rv |= PK11_DigestOp(mac_context, input, inputLength);
-
-    rv |= PK11_DigestFinal(mac_context, outbuf, outLength, spec->mac_size);
-    PORT_Assert(rv != SECSuccess || *outLength == (unsigned)spec->mac_size);
-
-/*  ssl_ReleaseSpecReadLock(ss); */
-
-    PRINT_BUF(95, (NULL, "frag hash2: result", outbuf, *outLength));
-
-    if (rv != SECSuccess) {
-    	rv = SECFailure;
-	ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
-    }
-    return rv;
-}
-
-/* Process the plain text before sending it.
- * Returns the number of bytes of plaintext that were succesfully sent
- * 	plus the number of bytes of plaintext that were copied into the
- *	output (write) buffer.
- * Returns SECFailure on a hard IO error, memory error, or crypto error.
- * Does NOT return SECWouldBlock.
- */
-static PRInt32
-ssl3_SendRecord(   sslSocket *        ss,
-                   SSL3ContentType    type,
-		   const SSL3Opaque * buf,
-		   PRInt32            bytes,
-		   PRInt32            flags)
-{
-    ssl3CipherSpec *          cwSpec;
-    sslBuffer      *          write 	  = &ss->sec.writeBuf;
-    const ssl3BulkCipherDef * cipher_def;
-    SECStatus                 rv;
-    PRUint32                  bufSize     =  0;
-    PRInt32                   sent        =  0;
-    PRInt32                   cipherBytes = -1;
-    PRBool                    isBlocking  = ssl_SocketIsBlocking(ss);
-    PRBool                    ssl3WasNull = PR_FALSE;
-
-    SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s bytes=%d",
-		SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
-		bytes));
-    PRINT_BUF(3, (ss, "Send record (plain text)", buf, bytes));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    if (ss->ssl3 == NULL) {
-	/* This can happen on a server if the very first incoming record
-	** looks like a defective ssl3 record (e.g. too long), and we're
-	** trying to send an alert.
-	*/
-	ssl3WasNull = PR_TRUE;
-	PR_ASSERT(type == content_alert);
-	rv = ssl3_InitState(ss);
-	if (rv != SECSuccess) {
-	    return SECFailure;	/* ssl3_InitState has set the error code. */
-    	}
-    }
-
-    while (bytes > 0) {
-    	PRInt32   count;
-	PRUint32  contentLen;
-	PRUint32  fragLen;
-	PRUint32  macLen;
-
-	contentLen = PR_MIN(bytes, MAX_FRAGMENT_LENGTH);
-	if (write->space < contentLen + SSL3_BUFFER_FUDGE) {
-	    rv = sslBuffer_Grow(write, contentLen + SSL3_BUFFER_FUDGE);
-	    if (rv != SECSuccess) {
-		SSL_DBG(("%d: SSL3[%d]: SendRecord, tried to get %d bytes",
-			 SSL_GETPID(), ss->fd, contentLen + SSL3_BUFFER_FUDGE));
-		return SECFailure; /* sslBuffer_Grow set a memory error code. */
-	    }
-	}
-
-	/* This variable records 
-	 * the actual size of the buffer we allocated above. Some
-	 * algorithms (FORTEZZA) will expand the number of bytes it needs to
-	 * send data. If we only supply the output buffer with the same number
-	 * of bytes as the input buffer, we will fail.
-	 */
-	bufSize = contentLen + SSL3_BUFFER_FUDGE;
-
-	/*
-	 * null compression is easy to do
-	 */
-	PORT_Memcpy(write->buf + SSL3_RECORD_HEADER_LENGTH, buf, contentLen);
-	buf   += contentLen;
-	bytes -= contentLen;
-	PORT_Assert( bytes >= 0 );
-
-	ssl_GetSpecReadLock(ss);	/********************************/
-
-	cwSpec = ss->ssl3->cwSpec;
-	cipher_def = cwSpec->cipher_def;
-	/*
-	 * Add the MAC
-	 */
-	rv = ssl3_ComputeRecordMAC(
-	    cwSpec, (ss->sec.isServer) ? cwSpec->server.write_mac_context
-	                               : cwSpec->client.write_mac_context,
-	    type, cwSpec->version, cwSpec->write_seq_num,
-	    write->buf + SSL3_RECORD_HEADER_LENGTH, contentLen,
-	    write->buf + contentLen + SSL3_RECORD_HEADER_LENGTH, &macLen);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
-	    goto spec_locked_loser;
-	}
-	fragLen = contentLen + macLen;	/* needs to be encrypted */
-	PORT_Assert(fragLen <= MAX_FRAGMENT_LENGTH + 1024);
-
-	/*
-	 * Pad the text (if we're doing a block cipher)
-	 * then Encrypt it
-	 */
-	if (cipher_def->type == type_block) {
-	    int             padding_length;
-	    int             i;
-	    unsigned char * pBuf;
-
-	    /* Assume blockSize is a power of two */
-	    padding_length = cipher_def->block_size - 1 -
-		((fragLen) & (cipher_def->block_size - 1));
-	    fragLen += padding_length + 1;
-	    PORT_Assert((fragLen % cipher_def->block_size) == 0);
-
-	    /* Pad according to TLS rules (also acceptable to SSL3). */
-	    pBuf = &write->buf[fragLen + SSL3_RECORD_HEADER_LENGTH - 1];
-	    for (i = padding_length + 1; i > 0; --i) {
-	    	*pBuf-- = padding_length;
-	    }
-	}
-	rv = cwSpec->encode(
-	    cwSpec->encodeContext, write->buf + SSL3_RECORD_HEADER_LENGTH,
-	    &cipherBytes, bufSize, write->buf + SSL3_RECORD_HEADER_LENGTH,
-	    fragLen);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_ENCRYPTION_FAILURE);
-spec_locked_loser:
-	    ssl_ReleaseSpecReadLock(ss);
-	    return SECFailure;
-	}
-	PORT_Assert(cipherBytes <= MAX_FRAGMENT_LENGTH + 1024);
-
-	/*
-	 * XXX should we zero out our copy of the buffer after compressing
-	 * and encryption ??
-	 */
-
-	ssl3_BumpSequenceNumber(&cwSpec->write_seq_num);
-
-	ssl_ReleaseSpecReadLock(ss); /************************************/
-
-	/* PORT_Assert(fragLen == cipherBytes); */
-	write->len    = cipherBytes + SSL3_RECORD_HEADER_LENGTH;
-	write->buf[0] = type;
-	write->buf[1] = MSB(cwSpec->version);
-	write->buf[2] = LSB(cwSpec->version);
-	write->buf[3] = MSB(cipherBytes);
-	write->buf[4] = LSB(cipherBytes);
-
-	PRINT_BUF(50, (ss, "send (encrypted) record data:", write->buf, write->len));
-
-	/* If there's still some previously saved ciphertext,
-	 * or the caller doesn't want us to send the data yet,
-	 * then add all our new ciphertext to the amount previously saved.
-	 */
-	if ((ss->pendingBuf.len > 0) ||
-	    (flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
-
-	    rv = ssl_SaveWriteData(ss, &ss->pendingBuf,
-				   write->buf, write->len);
-	    if (rv != SECSuccess) {
-		/* presumably a memory error, SEC_ERROR_NO_MEMORY */
-		return SECFailure;
-	    }
-	    write->len = 0;	/* All cipher text is saved away. */
-
-	    if (!(flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
-
-		ss->handshakeBegun = 1;
-		count = ssl_SendSavedWriteData(ss, &ss->pendingBuf,
-		                               &ssl_DefSend);
-		if (count < 0 && PR_GetError() != PR_WOULD_BLOCK_ERROR) {
-		    ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
-		    return SECFailure;
-		}
-	    }
-	} else if (write->len > 0) {
-	    ss->handshakeBegun = 1;
-	    count = ssl_DefSend(ss, write->buf, write->len,
-				flags & ~ssl_SEND_FLAG_MASK);
-	    if (count < 0) {
-		if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
-		    ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
-		    return (sent > 0) ? sent : SECFailure;
-		}
-		/* we got PR_WOULD_BLOCK_ERROR, which means none was sent. */
-		count = 0;
-	    }
-	    /* now take all the remaining unsent newly-generated ciphertext and
-	     * append it to the buffer of previously unsent ciphertext.
-	     */
-	    if ((unsigned)count < write->len) {
-		rv = ssl_SaveWriteData(ss, &ss->pendingBuf,
-				       write->buf + (unsigned)count,
-				       write->len - (unsigned)count);
-		if (rv != SECSuccess) {
-		    /* presumably a memory error, SEC_ERROR_NO_MEMORY */
-		    return SECFailure;
-		}
-	    }
-	    write->len = 0;
-	}
-	sent += contentLen;
-	if ((flags & ssl_SEND_FLAG_NO_BUFFER) &&
-	    (isBlocking || (ss->pendingBuf.len > 0))) {
-	    break;
-	}
-    }
-    return sent;
-}
-
-/* Attempt to send the content of "in" in an SSL application_data record.
- * Returns "len" or SECFailure,   never SECWouldBlock, nor SECSuccess.
- */
-int
-ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
-			 PRInt32 len, PRInt32 flags)
-{
-    PRInt32   sent	= 0;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    while (len > 0) {
-	PRInt32   count;
-
-	if (sent > 0) {
-	    ssl_ReleaseXmitBufLock(ss);
-	    PR_Sleep(PR_INTERVAL_NO_WAIT);	/* PR_Yield(); */
-	    ssl_GetXmitBufLock(ss);
-	}
-	count = ssl3_SendRecord(ss, content_application_data, in, len,
-	                           flags | ssl_SEND_FLAG_NO_BUFFER);
-	if (count < 0) {
-	    return (sent > 0) ? sent : count;
-				    /* error code set by ssl3_SendRecord */
-	}
-	sent += count;
-	len  -= count;
-	in   += count;
-    }
-    return sent;
-}
-
-/* Attempt to send the content of sendBuf buffer in an SSL handshake record.
- * This function returns SECSuccess or SECFailure, never SECWouldBlock.
- * It used to always set sendBuf.len to 0, even when returning SECFailure.
- * Now it does not.
- *
- * Called from SSL3_SendAlert(), ssl3_SendChangeCipherSpecs(),
- *             ssl3_AppendHandshake(), ssl3_SendClientHello(),
- *             ssl3_SendHelloRequest(), ssl3_SendServerHelloDone(),
- *             ssl3_SendFinished(),
- */
-static SECStatus
-ssl3_FlushHandshake(sslSocket *ss, PRInt32 flags)
-{
-    PRInt32 rv;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    if (!ss->sec.ci.sendBuf.buf || !ss->sec.ci.sendBuf.len)
-	return SECSuccess;
-
-    rv = ssl3_SendRecord(ss, content_handshake, ss->sec.ci.sendBuf.buf,
-			 ss->sec.ci.sendBuf.len, flags);
-    if (rv < 0) {
-	return (SECStatus)rv;	/* error code set by ssl3_SendRecord */
-    }
-    ss->sec.ci.sendBuf.len = 0;
-    return SECSuccess;
-}
-
-/*
- * Called from ssl3_HandleAlert and from ssl3_HandleCertificate when
- * the remote client sends a negative response to our certificate request.
- * Returns SECFailure if the application has required client auth.
- *         SECSuccess otherwise.
- */
-static SECStatus
-ssl3_HandleNoCertificate(sslSocket *ss)
-{
-    if (ss->sec.peerCert != NULL) {
-	if (ss->sec.peerKey != NULL) {
-	    SECKEY_DestroyPublicKey(ss->sec.peerKey);
-	    ss->sec.peerKey = NULL;
-	}
-	CERT_DestroyCertificate(ss->sec.peerCert);
-	ss->sec.peerCert = NULL;
-    }
-    ssl3_CleanupPeerCerts(ss->ssl3);
-
-    /* If the server has required client-auth blindly but doesn't
-     * actually look at the certificate it won't know that no
-     * certificate was presented so we shutdown the socket to ensure
-     * an error.  We only do this if we haven't already completed the
-     * first handshake because if we're redoing the handshake we 
-     * know the server is paying attention to the certificate.
-     */
-    if ((ss->requireCertificate == 1) ||
-	(!ss->firstHsDone && (ss->requireCertificate > 1))) {
-	PRFileDesc * lower;
-
-	ss->sec.uncache(ss->sec.ci.sid);
-	SSL3_SendAlert(ss, alert_fatal, bad_certificate);
-
-	lower = ss->fd->lower;
-#ifdef _WIN32
-	lower->methods->shutdown(lower, PR_SHUTDOWN_SEND);
-#else
-	lower->methods->shutdown(lower, PR_SHUTDOWN_BOTH);
-#endif
-	PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/************************************************************************
- * Alerts
- */
-
-/*
-** Acquires both handshake and XmitBuf locks.
-** Called from: ssl3_IllegalParameter	<-
-**              ssl3_HandshakeFailure	<-
-**              ssl3_HandleAlert	<- ssl3_HandleRecord.
-**              ssl3_HandleChangeCipherSpecs <- ssl3_HandleRecord
-**              ssl3_ConsumeHandshakeVariable <-
-**              ssl3_HandleHelloRequest	<-
-**              ssl3_HandleServerHello	<-
-**              ssl3_HandleServerKeyExchange <-
-**              ssl3_HandleCertificateRequest <-
-**              ssl3_HandleServerHelloDone <-
-**              ssl3_HandleClientHello	<-
-**              ssl3_HandleV2ClientHello <-
-**              ssl3_HandleCertificateVerify <-
-**              ssl3_HandleFortezzaClientKeyExchange <-
-**              ssl3_HandleClientKeyExchange <-
-**              ssl3_HandleCertificate	<-
-**              ssl3_HandleFinished	<-
-**              ssl3_HandleHandshakeMessage <-
-**              ssl3_HandleRecord	<-
-**
-*/
-SECStatus
-SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
-{
-    uint8 	bytes[2];
-    SECStatus	rv;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send alert record, level=%d desc=%d",
-		SSL_GETPID(), ss->fd, level, desc));
-
-    bytes[0] = level;
-    bytes[1] = desc;
-
-    ssl_GetSSL3HandshakeLock(ss);
-    if (level == alert_fatal) {
-	if (ss->sec.ci.sid) {
-	    ss->sec.uncache(ss->sec.ci.sid);
-	}
-    }
-    ssl_GetXmitBufLock(ss);
-    rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
-    if (rv == SECSuccess) {
-	PRInt32 sent;
-	sent = ssl3_SendRecord(ss, content_alert, bytes, 2, 0);
-	rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-    }
-    ssl_ReleaseXmitBufLock(ss);
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    return rv;	/* error set by ssl3_FlushHandshake or ssl3_SendRecord */
-}
-
-/*
- * Send illegal_parameter alert.  Set generic error number.
- */
-static SECStatus
-ssl3_IllegalParameter(sslSocket *ss)
-{
-    PRBool isTLS;
-
-    isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-    (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
-    PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
-                                   : SSL_ERROR_BAD_SERVER );
-    return SECFailure;
-}
-
-/*
- * Send handshake_Failure alert.  Set generic error number.
- */
-static SECStatus
-ssl3_HandshakeFailure(sslSocket *ss)
-{
-    (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
-    PORT_SetError( ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
-                                    : SSL_ERROR_BAD_SERVER );
-    return SECFailure;
-}
-
-/*
- * Send handshake_Failure alert.  Set generic error number.
- */
-static SECStatus
-ssl3_DecodeError(sslSocket *ss)
-{
-    (void)SSL3_SendAlert(ss, alert_fatal, 
-		  ss->version > SSL_LIBRARY_VERSION_3_0 ? decode_error 
-							: illegal_parameter);
-    PORT_SetError( ss->sec.isServer ? SSL_ERROR_BAD_CLIENT
-                                    : SSL_ERROR_BAD_SERVER );
-    return SECFailure;
-}
-
-/* Called from ssl3_HandleRecord.
-** Caller must hold both RecvBuf and Handshake locks.
-*/
-static SECStatus
-ssl3_HandleAlert(sslSocket *ss, sslBuffer *buf)
-{
-    SSL3AlertLevel       level;
-    SSL3AlertDescription desc;
-    int                  error;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle alert record", SSL_GETPID(), ss->fd));
-
-    if (buf->len != 2) {
-	(void)ssl3_DecodeError(ss);
-	PORT_SetError(SSL_ERROR_RX_MALFORMED_ALERT);
-	return SECFailure;
-    }
-    level = (SSL3AlertLevel)buf->buf[0];
-    desc  = (SSL3AlertDescription)buf->buf[1];
-    buf->len = 0;
-    SSL_TRC(5, ("%d: SSL3[%d] received alert, level = %d, description = %d",
-        SSL_GETPID(), ss->fd, level, desc));
-
-    switch (desc) {
-    case close_notify:		ss->recvdCloseNotify = 1;
-		        	error = SSL_ERROR_CLOSE_NOTIFY_ALERT;     break;
-    case unexpected_message: 	error = SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT;
-									  break;
-    case bad_record_mac: 	error = SSL_ERROR_BAD_MAC_ALERT; 	  break;
-    case decryption_failed: 	error = SSL_ERROR_DECRYPTION_FAILED_ALERT; 
-    									  break;
-    case record_overflow: 	error = SSL_ERROR_RECORD_OVERFLOW_ALERT;  break;
-    case decompression_failure: error = SSL_ERROR_DECOMPRESSION_FAILURE_ALERT;
-									  break;
-    case handshake_failure: 	error = SSL_ERROR_HANDSHAKE_FAILURE_ALERT;
-			        					  break;
-    case no_certificate: 	error = SSL_ERROR_NO_CERTIFICATE;	  break;
-    case bad_certificate: 	error = SSL_ERROR_BAD_CERT_ALERT; 	  break;
-    case unsupported_certificate:error = SSL_ERROR_UNSUPPORTED_CERT_ALERT;break;
-    case certificate_revoked: 	error = SSL_ERROR_REVOKED_CERT_ALERT; 	  break;
-    case certificate_expired: 	error = SSL_ERROR_EXPIRED_CERT_ALERT; 	  break;
-    case certificate_unknown: 	error = SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT;
-			        					  break;
-    case illegal_parameter: 	error = SSL_ERROR_ILLEGAL_PARAMETER_ALERT;break;
-
-    /* All alerts below are TLS only. */
-    case unknown_ca: 		error = SSL_ERROR_UNKNOWN_CA_ALERT;       break;
-    case access_denied: 	error = SSL_ERROR_ACCESS_DENIED_ALERT;    break;
-    case decode_error: 		error = SSL_ERROR_DECODE_ERROR_ALERT;     break;
-    case decrypt_error: 	error = SSL_ERROR_DECRYPT_ERROR_ALERT;    break;
-    case export_restriction: 	error = SSL_ERROR_EXPORT_RESTRICTION_ALERT; 
-    									  break;
-    case protocol_version: 	error = SSL_ERROR_PROTOCOL_VERSION_ALERT; break;
-    case insufficient_security: error = SSL_ERROR_INSUFFICIENT_SECURITY_ALERT; 
-    									  break;
-    case internal_error: 	error = SSL_ERROR_INTERNAL_ERROR_ALERT;   break;
-    case user_canceled: 	error = SSL_ERROR_USER_CANCELED_ALERT;    break;
-    case no_renegotiation: 	error = SSL_ERROR_NO_RENEGOTIATION_ALERT; break;
-    default: 			error = SSL_ERROR_RX_UNKNOWN_ALERT; 	  break;
-    }
-    if (level == alert_fatal) {
-	ss->sec.uncache(ss->sec.ci.sid);
-	if ((ss->ssl3->hs.ws == wait_server_hello) &&
-	    (desc == handshake_failure)) {
-	    /* XXX This is a hack.  We're assuming that any handshake failure
-	     * XXX on the client hello is a failure to match ciphers.
-	     */
-	    error = SSL_ERROR_NO_CYPHER_OVERLAP;
-	}
-	PORT_SetError(error);
-	return SECFailure;
-    }
-    if ((desc == no_certificate) && (ss->ssl3->hs.ws == wait_client_cert)) {
-    	/* I'm a server. I've requested a client cert. He hasn't got one. */
-	SECStatus rv;
-
-	PORT_Assert(ss->sec.isServer);
-	ss->ssl3->hs.ws = wait_client_key;
-	rv = ssl3_HandleNoCertificate(ss);
-	return rv;
-    }
-    return SECSuccess;
-}
-
-/*
- * Change Cipher Specs
- * Called from ssl3_HandleServerHelloDone,
- *             ssl3_HandleClientHello,
- * and         ssl3_HandleFinished
- *
- * Acquires and releases spec write lock, to protect switching the current
- * and pending write spec pointers.
- */
-
-static SECStatus
-ssl3_SendChangeCipherSpecs(sslSocket *ss)
-{
-    uint8             change = change_cipher_spec_choice;
-    ssl3State *       ssl3   = ss->ssl3;
-    ssl3CipherSpec *  pwSpec;
-    SECStatus         rv;
-    PRInt32           sent;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send change_cipher_spec record",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
-    if (rv != SECSuccess) {
-	return rv;	/* error code set by ssl3_FlushHandshake */
-    }
-    sent = ssl3_SendRecord(ss, content_change_cipher_spec, &change, 1,
-                              ssl_SEND_FLAG_FORCE_INTO_BUFFER);
-    if (sent < 0) {
-	return (SECStatus)sent;	/* error code set by ssl3_SendRecord */
-    }
-
-    /* swap the pending and current write specs. */
-    ssl_GetSpecWriteLock(ss);	/**************************************/
-    pwSpec                     = ss->ssl3->pwSpec;
-    pwSpec->write_seq_num.high = 0;
-    pwSpec->write_seq_num.low  = 0;
-
-    ssl3->pwSpec = ssl3->cwSpec;
-    ssl3->cwSpec = pwSpec;
-
-    SSL_TRC(3, ("%d: SSL3[%d] Set Current Write Cipher Suite to Pending",
-		SSL_GETPID(), ss->fd ));
-
-    /* We need to free up the contexts, keys and certs ! */
-    /* If we are really through with the old cipher spec
-     * (Both the read and write sides have changed) destroy it.
-     */
-    if (ss->ssl3->prSpec == ss->ssl3->pwSpec) {
-    	ssl3_DestroyCipherSpec(ss->ssl3->pwSpec);
-    }
-    ssl_ReleaseSpecWriteLock(ss); /**************************************/
-
-    return SECSuccess;
-}
-
-/* Called from ssl3_HandleRecord.
-** Caller must hold both RecvBuf and Handshake locks.
- *
- * Acquires and releases spec write lock, to protect switching the current
- * and pending write spec pointers.
-*/
-static SECStatus
-ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf)
-{
-    ssl3CipherSpec *           prSpec;
-    SSL3WaitState              ws      = ss->ssl3->hs.ws;
-    SSL3ChangeCipherSpecChoice change;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle change_cipher_spec record",
-		SSL_GETPID(), ss->fd));
-
-    if (ws != wait_change_cipher && ws != wait_cert_verify) {
-	(void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER);
-	return SECFailure;
-    }
-
-    if(buf->len != 1) {
-	(void)ssl3_DecodeError(ss);
-	PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
-	return SECFailure;
-    }
-    change = (SSL3ChangeCipherSpecChoice)buf->buf[0];
-    if (change != change_cipher_spec_choice) {
-	/* illegal_parameter is correct here for both SSL3 and TLS. */
-	(void)ssl3_IllegalParameter(ss);
-	PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
-	return SECFailure;
-    }
-    buf->len = 0;
-
-    /* Swap the pending and current read specs. */
-    ssl_GetSpecWriteLock(ss);   /*************************************/
-    prSpec                    = ss->ssl3->prSpec;
-    prSpec->read_seq_num.high = prSpec->read_seq_num.low = 0;
-
-    ss->ssl3->prSpec  = ss->ssl3->crSpec;
-    ss->ssl3->crSpec  = prSpec;
-    ss->ssl3->hs.ws         = wait_finished;
-
-    SSL_TRC(3, ("%d: SSL3[%d] Set Current Read Cipher Suite to Pending",
-		SSL_GETPID(), ss->fd ));
-
-    /* If we are really through with the old cipher prSpec
-     * (Both the read and write sides have changed) destroy it.
-     */
-    if (ss->ssl3->prSpec == ss->ssl3->pwSpec) {
-    	ssl3_DestroyCipherSpec(ss->ssl3->prSpec);
-    }
-    ssl_ReleaseSpecWriteLock(ss);   /*************************************/
-    return SECSuccess;
-}
-
-/*
- * Key generation given pre master secret, or master secret (if !pms).
- * Sets a useful error code when returning SECFailure.
- *
- * Called only from ssl3_InitPendingCipherSpec(),
- *
- * which in turn is called from
- *              ssl3_SendClientKeyExchange      (for Full handshake)
- *              ssl3_HandleClientKeyExchange    (for Full handshake)
- *              ssl3_HandleServerHello          (for session restart)
- *              ssl3_HandleClientHello          (for session restart)
- * Caller MUST hold the specWriteLock, and SSL3HandshakeLock.
- * ssl3_InitPendingCipherSpec does that.
- */
-static SECStatus
-ssl3_GenerateSessionKeys(sslSocket *ss, const PK11SymKey *pms)
-{
-    ssl3CipherSpec *         pwSpec     = ss->ssl3->pwSpec;
-    const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def;
-    const ssl3KEADef *       kea_def    = ss->ssl3->hs.kea_def;
-    unsigned char *   cr     = (unsigned char *)&ss->ssl3->hs.client_random;
-    unsigned char *   sr     = (unsigned char *)&ss->ssl3->hs.server_random;
-    PK11SymKey *      symKey = NULL;
-    PK11SlotInfo *    slot   = NULL;
-    void *            pwArg  = ss->pkcs11PinArg;
-    PRBool            isTLS  = (PRBool)(kea_def->tls_keygen ||
-                                (pwSpec->version > SSL_LIBRARY_VERSION_3_0));
-    PRBool            skipKeysAndIVs = (PRBool)
-    					((cipher_def->calg == calg_fortezza) ||
-					 (cipher_def->calg == calg_null));
-    PRBool            isDH = (PRBool) (ss->ssl3->hs.kea_def->exchKeyType == kt_dh);
-    CK_MECHANISM_TYPE master_derive;
-    CK_MECHANISM_TYPE key_derive;
-    CK_MECHANISM_TYPE bulk_mechanism;
-    SECItem           params;
-    int               keySize;
-    CK_FLAGS          keyFlags;
-    CK_VERSION        pms_version;
-    CK_SSL3_KEY_MAT_PARAMS key_material_params;
-    CK_SSL3_KEY_MAT_OUT    returnedKeys;
-    CK_SSL3_MASTER_KEY_DERIVE_PARAMS master_params;
-    SSLCipherAlgorithm calg;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-    PORT_Assert( ssl_HaveSpecWriteLock(ss));
-    PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-    if (isTLS) {
-	if(isDH) master_derive = CKM_TLS_MASTER_KEY_DERIVE_DH;
-	else master_derive = CKM_TLS_MASTER_KEY_DERIVE;
-	key_derive    = CKM_TLS_KEY_AND_MAC_DERIVE;
-	keyFlags      = CKF_SIGN | CKF_VERIFY;
-    } else {
-	if (isDH) master_derive = CKM_SSL3_MASTER_KEY_DERIVE_DH;
-	else master_derive = CKM_SSL3_MASTER_KEY_DERIVE;
-	key_derive    = CKM_SSL3_KEY_AND_MAC_DERIVE;
-	keyFlags      = 0;
-    }
-
-    if (pms || !pwSpec->master_secret) {
-	master_params.pVersion                     = &pms_version;
-	master_params.RandomInfo.pClientRandom     = cr;
-	master_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
-	master_params.RandomInfo.pServerRandom     = sr;
-	master_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
-
-	params.data = (unsigned char *) &master_params;
-	params.len  = sizeof master_params;
-    }
-
-    if (pms != NULL) {
-	pwSpec->master_secret = PK11_DeriveWithFlags((PK11SymKey *)pms, 
-					master_derive, &params, key_derive, 
-					CKA_DERIVE, 0, keyFlags);
-	if (!isDH && pwSpec->master_secret && ss->detectRollBack) {
-	    SSL3ProtocolVersion client_version;
-	    client_version = pms_version.major << 8 | pms_version.minor;
-	    if (client_version != ss->clientHelloVersion) {
-		/* Destroy it.  Version roll-back detected. */
-		PK11_FreeSymKey(pwSpec->master_secret);
-	    	pwSpec->master_secret = NULL;
-	    }
-	}
-	if (pwSpec->master_secret == NULL) {
-	    /* Generate a faux master secret in the same slot as the old one. */
-	    PK11SlotInfo * slot = PK11_GetSlotFromKey((PK11SymKey *)pms);
-	    PK11SymKey *   fpms = ssl3_GenerateRSAPMS(ss, pwSpec, slot);
-
-	    PK11_FreeSlot(slot);
-	    if (fpms != NULL) {
-		pwSpec->master_secret = PK11_DeriveWithFlags(fpms, 
-					master_derive, &params, key_derive, 
-					CKA_DERIVE, 0, keyFlags);
-		PK11_FreeSymKey(fpms);
-	    }
-	}
-    }
-    if (pwSpec->master_secret == NULL) {
-	/* Generate a faux master secret from the internal slot. */
-	PK11SlotInfo *  slot = PK11_GetInternalSlot();
-	PK11SymKey *    fpms = ssl3_GenerateRSAPMS(ss, pwSpec, slot);
-
-	PK11_FreeSlot(slot);
-	if (fpms != NULL) {
-	    pwSpec->master_secret = PK11_DeriveWithFlags(fpms, 
-					master_derive, &params, key_derive, 
-					CKA_DERIVE, 0, keyFlags);
-	    if (pwSpec->master_secret == NULL) {
-	    	pwSpec->master_secret = fpms; /* use the fpms as the master. */
-		fpms = NULL;
-	    }
-	}
-	if (fpms) {
-	    PK11_FreeSymKey(fpms);
-    	}
-    }
-    if (pwSpec->master_secret == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
-	return SECFailure;
-    }
-
-    /*
-     * generate the key material
-     */
-    key_material_params.ulMacSizeInBits = pwSpec->mac_size           * BPB;
-    key_material_params.ulKeySizeInBits = cipher_def->secret_key_size* BPB;
-    key_material_params.ulIVSizeInBits  = cipher_def->iv_size        * BPB;
-
-    key_material_params.bIsExport = (CK_BBOOL)(kea_def->is_limited);
-    /* was:	(CK_BBOOL)(cipher_def->keygen_mode != kg_strong); */
-
-    key_material_params.RandomInfo.pClientRandom     = cr;
-    key_material_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
-    key_material_params.RandomInfo.pServerRandom     = sr;
-    key_material_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
-    key_material_params.pReturnedKeyMaterial         = &returnedKeys;
-
-    returnedKeys.pIVClient = pwSpec->client.write_iv;
-    returnedKeys.pIVServer = pwSpec->server.write_iv;
-    keySize                = cipher_def->key_size;
-
-    if (skipKeysAndIVs) {
-	keySize                             = 0;
-        key_material_params.ulKeySizeInBits = 0;
-        key_material_params.ulIVSizeInBits  = 0;
-    	returnedKeys.pIVClient              = NULL;
-    	returnedKeys.pIVServer              = NULL;
-    }
-
-    calg = cipher_def->calg;
-    PORT_Assert(     alg2Mech[calg].calg == calg);
-    bulk_mechanism = alg2Mech[calg].cmech;
-
-    params.data    = (unsigned char *)&key_material_params;
-    params.len     = sizeof(key_material_params);
-
-    /* CKM_SSL3_KEY_AND_MAC_DERIVE is defined to set ENCRYPT, DECRYPT, and
-     * DERIVE by DEFAULT */
-    symKey = PK11_Derive(pwSpec->master_secret, key_derive, &params,
-                         bulk_mechanism, CKA_ENCRYPT, keySize);
-    if (!symKey) {
-	ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
-	return SECFailure;
-    }
-    /* we really should use the actual mac'ing mechanism here, but we
-     * don't because these types are used to map keytype anyway and both
-     * mac's map to the same keytype.
-     */
-    slot  = PK11_GetSlotFromKey(symKey);
-
-    PK11_FreeSlot(slot); /* slot is held until the key is freed */
-    pwSpec->client.write_mac_key =
-    	PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
-	    CKM_SSL3_SHA1_MAC, returnedKeys.hClientMacSecret, PR_TRUE, pwArg);
-    if (pwSpec->client.write_mac_key == NULL ) {
-	goto loser;	/* loser sets err */
-    }
-    pwSpec->server.write_mac_key =
-    	PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
-	    CKM_SSL3_SHA1_MAC, returnedKeys.hServerMacSecret, PR_TRUE, pwArg);
-    if (pwSpec->server.write_mac_key == NULL ) {
-	goto loser;	/* loser sets err */
-    }
-    if (!skipKeysAndIVs) {
-	pwSpec->client.write_key =
-		PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
-		     bulk_mechanism, returnedKeys.hClientKey, PR_TRUE, pwArg);
-	if (pwSpec->client.write_key == NULL ) {
-	    goto loser;	/* loser sets err */
-	}
-	pwSpec->server.write_key =
-		PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
-		     bulk_mechanism, returnedKeys.hServerKey, PR_TRUE, pwArg);
-	if (pwSpec->server.write_key == NULL ) {
-	    goto loser;	/* loser sets err */
-	}
-    }
-    PK11_FreeSymKey(symKey);
-    return SECSuccess;
-
-
-loser:
-    if (symKey) PK11_FreeSymKey(symKey);
-    ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
-    return SECFailure;
-}
-
-/*
- * Handshake messages
- */
-/* Called from	ssl3_AppendHandshake()
-**		ssl3_StartHandshakeHash()
-**		ssl3_HandleV2ClientHello()
-**		ssl3_HandleHandshakeMessage()
-** Caller must hold the ssl3Handshake lock.
-*/
-static SECStatus
-ssl3_UpdateHandshakeHashes(sslSocket *ss, unsigned char *b, unsigned int l)
-{
-    ssl3State *ssl3	= ss->ssl3;
-    SECStatus  rv;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    PRINT_BUF(90, (NULL, "MD5 & SHA handshake hash input:", b, l));
-
-    rv = PK11_DigestOp(ssl3->hs.md5, b, l);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	return rv;
-    }
-    rv = PK11_DigestOp(ssl3->hs.sha, b, l);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	return rv;
-    }
-    return rv;
-}
-
-/**************************************************************************
- * Append Handshake functions.
- * All these functions set appropriate error codes.
- * Most rely on ssl3_AppendHandshake to set the error code.
- **************************************************************************/
-static SECStatus
-ssl3_AppendHandshake(sslSocket *ss, const void *void_src, PRInt32 bytes)
-{
-    unsigned char *  src  = (unsigned char *)void_src;
-    int              room = ss->sec.ci.sendBuf.space - ss->sec.ci.sendBuf.len;
-    SECStatus        rv;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) ); /* protects sendBuf. */
-
-    if (ss->sec.ci.sendBuf.space < MAX_SEND_BUF_LENGTH && room < bytes) {
-	rv = sslBuffer_Grow(&ss->sec.ci.sendBuf, PR_MAX(MIN_SEND_BUF_LENGTH,
-		 PR_MIN(MAX_SEND_BUF_LENGTH, ss->sec.ci.sendBuf.len + bytes)));
-	if (rv != SECSuccess)
-	    return rv;	/* sslBuffer_Grow has set a memory error code. */
-	room = ss->sec.ci.sendBuf.space - ss->sec.ci.sendBuf.len;
-    }
-
-    PRINT_BUF(60, (ss, "Append to Handshake", (unsigned char*)void_src, bytes));
-    rv = ssl3_UpdateHandshakeHashes(ss, src, bytes);
-    if (rv != SECSuccess)
-	return rv;	/* error code set by ssl3_UpdateHandshakeHashes */
-
-    while (bytes > room) {
-	if (room > 0)
-	    PORT_Memcpy(ss->sec.ci.sendBuf.buf + ss->sec.ci.sendBuf.len, src, 
-	                room);
-	ss->sec.ci.sendBuf.len += room;
-	rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
-	if (rv != SECSuccess) {
-	    return rv;	/* error code set by ssl3_FlushHandshake */
-	}
-	bytes -= room;
-	src += room;
-	room = ss->sec.ci.sendBuf.space;
-	PORT_Assert(ss->sec.ci.sendBuf.len == 0);
-    }
-    PORT_Memcpy(ss->sec.ci.sendBuf.buf + ss->sec.ci.sendBuf.len, src, bytes);
-    ss->sec.ci.sendBuf.len += bytes;
-    return SECSuccess;
-}
-
-static SECStatus
-ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num, PRInt32 lenSize)
-{
-    SECStatus rv;
-    uint8     b[4];
-    uint8 *   p = b;
-
-    switch (lenSize) {
-      case 4:
-	*p++ = (num >> 24) & 0xff;
-      case 3:
-	*p++ = (num >> 16) & 0xff;
-      case 2:
-	*p++ = (num >> 8) & 0xff;
-      case 1:
-	*p = num & 0xff;
-    }
-    SSL_TRC(60, ("%d: number:", SSL_GETPID()));
-    rv = ssl3_AppendHandshake(ss, &b[0], lenSize);
-    return rv;	/* error code set by AppendHandshake, if applicable. */
-}
-
-static SECStatus
-ssl3_AppendHandshakeVariable(
-    sslSocket *ss, const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize)
-{
-    SECStatus rv;
-
-    PORT_Assert((bytes < (1<<8) && lenSize == 1) ||
-	      (bytes < (1L<<16) && lenSize == 2) ||
-	      (bytes < (1L<<24) && lenSize == 3));
-
-    SSL_TRC(60,("%d: append variable:", SSL_GETPID()));
-    rv = ssl3_AppendHandshakeNumber(ss, bytes, lenSize);
-    if (rv != SECSuccess) {
-	return rv;	/* error code set by AppendHandshake, if applicable. */
-    }
-    SSL_TRC(60, ("data:"));
-    rv = ssl3_AppendHandshake(ss, src, bytes);
-    return rv;	/* error code set by AppendHandshake, if applicable. */
-}
-
-static SECStatus
-ssl3_AppendHandshakeHeader(sslSocket *ss, SSL3HandshakeType t, PRUint32 length)
-{
-    SECStatus rv;
-
-    SSL_TRC(30,("%d: SSL3[%d]: append handshake header: type %s",
-    	SSL_GETPID(), ss->fd, ssl3_DecodeHandshakeType(t)));
-    PRINT_BUF(60, (ss, "MD5 handshake hash:",
-    	          (unsigned char*)ss->ssl3->hs.md5, MD5_LENGTH));
-    PRINT_BUF(95, (ss, "SHA handshake hash:",
-    	          (unsigned char*)ss->ssl3->hs.sha, SHA1_LENGTH));
-
-    rv = ssl3_AppendHandshakeNumber(ss, t, 1);
-    if (rv != SECSuccess) {
-    	return rv;	/* error code set by AppendHandshake, if applicable. */
-    }
-    rv = ssl3_AppendHandshakeNumber(ss, length, 3);
-    return rv;		/* error code set by AppendHandshake, if applicable. */
-}
-
-/**************************************************************************
- * Consume Handshake functions.
- *
- * All data used in these functions is protected by two locks,
- * the RecvBufLock and the SSL3HandshakeLock
- **************************************************************************/
-
-/* Read up the next "bytes" number of bytes from the (decrypted) input
- * stream "b" (which is *length bytes long). Copy them into buffer "v".
- * Reduces *length by bytes.  Advances *b by bytes.
- *
- * If this function returns SECFailure, it has already sent an alert,
- * and has set a generic error code.  The caller should probably
- * override the generic error code by setting another.
- */
-static SECStatus
-ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes, SSL3Opaque **b,
-		      PRUint32 *length)
-{
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (bytes > *length) {
-	return ssl3_DecodeError(ss);
-    }
-    PORT_Memcpy(v, *b, bytes);
-    PRINT_BUF(60, (ss, "consume bytes:", *b, bytes));
-    *b      += bytes;
-    *length -= bytes;
-    return SECSuccess;
-}
-
-/* Read up the next "bytes" number of bytes from the (decrypted) input
- * stream "b" (which is *length bytes long), and interpret them as an
- * integer in network byte order.  Returns the received value.
- * Reduces *length by bytes.  Advances *b by bytes.
- *
- * Returns SECFailure (-1) on failure.
- * This value is indistinguishable from the equivalent received value.
- * Only positive numbers are to be received this way.
- * Thus, the largest value that may be sent this way is 0x7fffffff.
- * On error, an alert has been sent, and a generic error code has been set.
- */
-static PRInt32
-ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes, SSL3Opaque **b,
-			    PRUint32 *length)
-{
-    PRInt32   num = 0;
-    int       i;
-    SECStatus status;
-    uint8     buf[4];
-
-    status = ssl3_ConsumeHandshake(ss, buf, bytes, b, length);
-    if (status != SECSuccess) {
-	/* ssl3_DecodeError has already been called */
-	return SECFailure;
-    }
-    for (i = 0; i < bytes; i++)
-	num = (num << 8) + buf[i];
-    return num;
-}
-
-/* Read in two values from the incoming decrypted byte stream "b", which is
- * *length bytes long.  The first value is a number whose size is "bytes"
- * bytes long.  The second value is a byte-string whose size is the value
- * of the first number received.  The latter byte-string, and its length,
- * is returned in the SECItem i.
- *
- * Returns SECFailure (-1) on failure.
- * On error, an alert has been sent, and a generic error code has been set.
- */
-static SECStatus
-ssl3_ConsumeHandshakeVariable(sslSocket *ss, SECItem *i, PRInt32 bytes,
-			      SSL3Opaque **b, PRUint32 *length)
-{
-    PRInt32   count;
-    SECStatus rv;
-
-    PORT_Assert(bytes <= 3);
-    i->len  = 0;
-    i->data = NULL;
-    count = ssl3_ConsumeHandshakeNumber(ss, bytes, b, length);
-    if (count < 0) { 		/* Can't test for SECSuccess here. */
-    	return SECFailure;
-    }
-    if (count > 0) {
-	i->data = (unsigned char*)PORT_Alloc(count);
-	if (i->data == NULL) {
-	    /* XXX inconsistent.  In other places, we don't send alerts for
-	     * our own memory failures.  But here we do... */
-	    (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return SECFailure;
-	}
-	i->len = count;
-	rv = ssl3_ConsumeHandshake(ss, i->data, i->len, b, length);
-	if (rv != SECSuccess) {
-	    PORT_Free(i->data);
-	    i->data = NULL;
-	    return rv;	/* alert has already been sent. */
-	}
-    }
-    return SECSuccess;
-}
-
-/**************************************************************************
- * end of Consume Handshake functions.
- **************************************************************************/
-
-/* Extract the hashes of handshake messages to this point.
- * Called from ssl3_SendCertificateVerify
- *             ssl3_SendFinished
- *             ssl3_HandleHandshakeMessage
- *
- * Caller must hold the SSL3HandshakeLock.
- * Caller must hold a read or write lock on the Spec R/W lock.
- *	(There is presently no way to assert on a Read lock.)
- */
-static SECStatus
-ssl3_ComputeHandshakeHashes(sslSocket *     ss,
-                            ssl3CipherSpec *spec,   /* uses ->master_secret */
-			    SSL3Hashes *    hashes, /* output goes here. */
-			    uint32          sender)
-{
-    ssl3State *   ssl3      = ss->ssl3;
-    PK11Context * md5;
-    PK11Context * sha       = NULL;
-    SECStatus     rv        = SECSuccess;
-    unsigned int  outLength;
-    PRBool        isTLS;
-    SSL3Opaque    md5_inner[MAX_MAC_LENGTH];
-    SSL3Opaque    sha_inner[MAX_MAC_LENGTH];
-    unsigned char s[4];
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    isTLS = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0);
-
-    md5 = PK11_CloneContext(ssl3->hs.md5);
-    if (md5 == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-    	return SECFailure;
-    }
-
-    sha = PK11_CloneContext(ssl3->hs.sha);
-    if (sha == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	goto loser;
-    }
-
-    if (!isTLS) {
-	/* compute hashes for SSL3. */
-
-	s[0] = (unsigned char)(sender >> 24);
-	s[1] = (unsigned char)(sender >> 16);
-	s[2] = (unsigned char)(sender >> 8);
-	s[3] = (unsigned char)sender;
-
-	if (sender != 0) {
-	    rv |= PK11_DigestOp(md5, s, 4);
-	    PRINT_BUF(95, (NULL, "MD5 inner: sender", s, 4));
-	}
-
-	PRINT_BUF(95, (NULL, "MD5 inner: MAC Pad 1", mac_pad_1, mac_defs[mac_md5].pad_size));
-
-	rv |= PK11_DigestKey(md5,spec->master_secret);
-	rv |= PK11_DigestOp(md5, mac_pad_1, mac_defs[mac_md5].pad_size);
-	rv |= PK11_DigestFinal(md5, md5_inner, &outLength, MD5_LENGTH);
-	PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	PRINT_BUF(95, (NULL, "MD5 inner: result", md5_inner, outLength));
-
-	if (sender != 0) {
-	    rv |= PK11_DigestOp(sha, s, 4);
-	    PRINT_BUF(95, (NULL, "SHA inner: sender", s, 4));
-	}
-
-	PRINT_BUF(95, (NULL, "SHA inner: MAC Pad 1", mac_pad_1, mac_defs[mac_sha].pad_size));
-
-
-	rv |= PK11_DigestKey(sha, spec->master_secret);
-	rv |= PK11_DigestOp(sha, mac_pad_1, mac_defs[mac_sha].pad_size);
-	rv |= PK11_DigestFinal(sha, sha_inner, &outLength, SHA1_LENGTH);
-	PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-
-	PRINT_BUF(95, (NULL, "SHA inner: result", sha_inner, outLength));
-
-	PRINT_BUF(95, (NULL, "MD5 outer: MAC Pad 2", mac_pad_2, mac_defs[mac_md5].pad_size));
-	PRINT_BUF(95, (NULL, "MD5 outer: MD5 inner", md5_inner, MD5_LENGTH));
-
-	rv |= PK11_DigestBegin(md5);
-	rv |= PK11_DigestKey(md5, spec->master_secret);
-	rv |= PK11_DigestOp(md5, mac_pad_2, mac_defs[mac_md5].pad_size);
-	rv |= PK11_DigestOp(md5, md5_inner, MD5_LENGTH);
-    }
-    rv |= PK11_DigestFinal(md5, hashes->md5, &outLength, MD5_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	rv = SECFailure;
-	goto loser;
-    }
-
-    PRINT_BUF(60, (NULL, "MD5 outer: result", hashes->md5, MD5_LENGTH));
-
-    if (!isTLS) {
-	PRINT_BUF(95, (NULL, "SHA outer: MAC Pad 2", mac_pad_2, mac_defs[mac_sha].pad_size));
-	PRINT_BUF(95, (NULL, "SHA outer: SHA inner", sha_inner, SHA1_LENGTH));
-
-	rv |= PK11_DigestBegin(sha);
-	rv |= PK11_DigestKey(sha,spec->master_secret);
-	rv |= PK11_DigestOp(sha, mac_pad_2, mac_defs[mac_sha].pad_size);
-	rv |= PK11_DigestOp(sha, sha_inner, SHA1_LENGTH);
-    }
-    rv |= PK11_DigestFinal(sha, hashes->sha, &outLength, SHA1_LENGTH);
-    PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	rv = SECFailure;
-	goto loser;
-    }
-
-    PRINT_BUF(60, (NULL, "SHA outer: result", hashes->sha, SHA1_LENGTH));
-
-    rv = SECSuccess;
-
-loser:
-    if (md5) PK11_DestroyContext(md5, PR_TRUE);
-    if (sha) PK11_DestroyContext(sha, PR_TRUE);
-
-    return rv;
-}
-
-/*
- * SSL 2 based implementations pass in the initial outbound buffer
- * so that the handshake hash can contain the included information.
- *
- * Called from ssl2_BeginClientHandshake() in sslcon.c
- */
-SECStatus
-ssl3_StartHandshakeHash(sslSocket *ss, unsigned char * buf, int length)
-{
-    SECStatus rv;
-
-    ssl_GetSSL3HandshakeLock(ss);  /**************************************/
-
-    rv = ssl3_InitState(ss);
-    if (rv != SECSuccess) {
-	goto done;		/* ssl3_InitState has set the error code. */
-    }
-
-    PORT_Memset(&ss->ssl3->hs.client_random, 0, SSL3_RANDOM_LENGTH);
-    PORT_Memcpy(
-	&ss->ssl3->hs.client_random.rand[SSL3_RANDOM_LENGTH - SSL_CHALLENGE_BYTES],
-	&ss->sec.ci.clientChallenge,
-	SSL_CHALLENGE_BYTES);
-
-    rv = ssl3_UpdateHandshakeHashes(ss, buf, length);
-    /* if it failed, ssl3_UpdateHandshakeHashes has set the error code. */
-
-done:
-    ssl_ReleaseSSL3HandshakeLock(ss);  /**************************************/
-    return rv;
-}
-
-/**************************************************************************
- * end of Handshake Hash functions.
- * Begin Send and Handle functions for handshakes.
- **************************************************************************/
-
-/* Called from ssl3_HandleHelloRequest(),
- *             ssl3_HandleFinished() (for step-up)
- *             ssl3_RedoHandshake()
- *             ssl2_BeginClientHandshake (when resuming ssl3 session)
- */
-SECStatus
-ssl3_SendClientHello(sslSocket *ss)
-{
-    sslSessionID *   sid;
-    ssl3CipherSpec * cwSpec;
-    SECStatus        rv;
-    int              i;
-    int              length;
-    int              num_suites;
-    int              actual_count = 0;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(),
-		ss->fd));
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    rv = ssl3_InitState(ss);
-    if (rv != SECSuccess) {
-	return rv;		/* ssl3_InitState has set the error code. */
-    }
-
-    SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",
-	    SSL_GETPID(), ss->fd ));
-    rv = PK11_DigestBegin(ss->ssl3->hs.md5);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	return rv;
-    }
-    rv = PK11_DigestBegin(ss->ssl3->hs.sha);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	return rv;
-    }
-
-    /* We ignore ss->sec.ci.sid here, and use ssl_Lookup because Lookup
-     * handles expired entries and other details.
-     * XXX If we've been called from ssl2_BeginClientHandshake, then
-     * this lookup is duplicative and wasteful.
-     */
-    sid = (ss->noCache) ? NULL
-	    : ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID, ss->url);
-
-    /* We can't resume based on a different token. If the sid exists,
-     * make sure the token that holds the master secret still exists ...
-     * If we previously did client-auth, make sure that the token that holds
-     * the private key still exists, is logged in, hasn't been removed, etc.
-     * Also for fortezza, make sure that the card that holds the session keys
-     * exist as well... */
-    if (sid) {
-	PK11SlotInfo *slot;
-	PRBool sidOK = PR_TRUE;
-	slot = (!sid->u.ssl3.masterValid) ? NULL :
-	                     SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
-	                                       sid->u.ssl3.masterSlotID);
-	if (slot == NULL) {
-	   sidOK = PR_FALSE;
-	} else {
-	    PK11SymKey *wrapKey = NULL;
-	    if (!PK11_IsPresent(slot) ||
-		((wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
-					    sid->u.ssl3.masterWrapMech,
-					    sid->u.ssl3.masterWrapSeries,
-					    ss->pkcs11PinArg)) == NULL) ) {
-		sidOK = PR_FALSE;
-	    }
-	    if (wrapKey) PK11_FreeSymKey(wrapKey);
-	    PK11_FreeSlot(slot);
-	    slot = NULL;
-	}
-	/* do sid-has-FORTEZZA-slot check */
-    	if (sid->u.ssl3.hasFortezza) {
-	    /* do has fortezza check */
-	    if (!PK11_VerifyKeyOK(sid->u.ssl3.tek))
-	    	sidOK = PR_FALSE;
-	}
-
-	/* If we previously did client-auth, make sure that the token that
-	** holds the private key still exists, is logged in, hasn't been
-	** removed, etc.
-	*/
-	if (sidOK && sid->u.ssl3.clAuthValid) {
-	    slot = SECMOD_LookupSlot(sid->u.ssl3.clAuthModuleID,
-	                             sid->u.ssl3.clAuthSlotID);
-	    if (slot == NULL ||
-	        !PK11_IsPresent(slot) ||
-		sid->u.ssl3.clAuthSeries     != PK11_GetSlotSeries(slot) ||
-		sid->u.ssl3.clAuthSlotID     != PK11_GetSlotID(slot)     ||
-		sid->u.ssl3.clAuthModuleID   != PK11_GetModuleID(slot)   ||
-                !PK11_IsLoggedIn(slot, NULL)) {
-	        sidOK = PR_FALSE;
-	    }
-	    if (slot) {
-		PK11_FreeSlot(slot);
-		slot = NULL;
-	    }
-	}
-
-	if (!sidOK) {
-	    ++ssl3stats.sch_sid_cache_not_ok;
-	    (*ss->sec.uncache)(sid);
-	    ssl_FreeSID(sid);
-	    sid = NULL;
-	}
-    }
-
-    if (sid) {
-	++ssl3stats.sch_sid_cache_hits;
-
-	rv = ssl3_NegotiateVersion(ss, sid->version);
-	if (rv != SECSuccess)
-	    return rv;	/* error code was set */
-
-	PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,
-		      sid->u.ssl3.sessionIDLength));
-
-	ss->ssl3->policy = sid->u.ssl3.policy;
-    } else {
-	++ssl3stats.sch_sid_cache_misses;
-
-	rv = ssl3_NegotiateVersion(ss, SSL_LIBRARY_VERSION_3_1_TLS);
-	if (rv != SECSuccess)
-	    return rv;	/* error code was set */
-
-	sid = ssl3_NewSessionID(ss, PR_FALSE);
-	if (!sid) {
-	    return SECFailure;	/* memory error is set */
-        }
-    }
-
-    ssl_GetSpecWriteLock(ss);
-    cwSpec = ss->ssl3->cwSpec;
-    if (cwSpec->mac_def->mac == mac_null) {
-	/* SSL records are not being MACed. */
-	cwSpec->version = ss->version;
-    }
-    ssl_ReleaseSpecWriteLock(ss);
-
-    if (ss->sec.ci.sid != NULL) {
-	ssl_FreeSID(ss->sec.ci.sid);	/* decrement ref count, free if zero */
-    }
-    ss->sec.ci.sid = sid;
-
-    ss->sec.send = ssl3_SendApplicationData;
-
-    /* shouldn't get here if SSL3 is disabled, but ... */
-    PORT_Assert(ss->enableSSL3 || ss->enableTLS);
-    if (!ss->enableSSL3 && !ss->enableTLS) {
-	PORT_SetError(SSL_ERROR_SSL_DISABLED);
-    	return SECFailure;
-    }
-
-    /* how many suites does our PKCS11 support (regardless of policy)? */
-    num_suites = ssl3_config_match_init(ss);
-    if (!num_suites)
-    	return SECFailure;	/* ssl3_config_match_init has set error code. */
-
-    /* how many suites are permitted by policy and user preference? */
-    num_suites = count_cipher_suites(ss, ss->ssl3->policy, PR_TRUE);
-    if (!num_suites)
-    	return SECFailure;	/* count_cipher_suites has set error code. */
-
-    length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH +
-	1 + ((sid == NULL) ? 0 : sid->u.ssl3.sessionIDLength) +
-	2 + num_suites*sizeof(ssl3CipherSuite) +
-	1 + compressionMethodsCount;
-
-    rv = ssl3_AppendHandshakeHeader(ss, client_hello, length);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_AppendHandshake* */
-    }
-
-    ss->clientHelloVersion = ss->version;
-    rv = ssl3_AppendHandshakeNumber(ss, ss->clientHelloVersion, 2);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_AppendHandshake* */
-    }
-    rv = ssl3_GetNewRandom(&ss->ssl3->hs.client_random);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by GetNewRandom. */
-    }
-    rv = ssl3_AppendHandshake(ss, &ss->ssl3->hs.client_random,
-                              SSL3_RANDOM_LENGTH);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_AppendHandshake* */
-    }
-
-    if (sid)
-	rv = ssl3_AppendHandshakeVariable(
-	    ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
-    else
-	rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_AppendHandshake* */
-    }
-
-    rv = ssl3_AppendHandshakeNumber(ss, num_suites*sizeof(ssl3CipherSuite), 2);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_AppendHandshake* */
-    }
-
-
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
-	if (config_match(suite, ss->ssl3->policy, PR_TRUE)) {
-	    actual_count++;
-	    if (actual_count > num_suites) {
-		/* set error card removal/insertion error */
-		PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
-		return SECFailure;
-	    }
-	    rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite,
-					    sizeof(ssl3CipherSuite));
-	    if (rv != SECSuccess) {
-		return rv;	/* err set by ssl3_AppendHandshake* */
-	    }
-	}
-    }
-
-    /* if cards were removed or inserted between count_cipher_suites and
-     * generating our list, detect the error here rather than send it off to
-     * the server.. */
-    if (actual_count != num_suites) {
-	/* Card removal/insertion error */
-	PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
-	return SECFailure;
-    }
-
-    rv = ssl3_AppendHandshakeNumber(ss, compressionMethodsCount, 1);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_AppendHandshake* */
-    }
-    for (i = 0; i < compressionMethodsCount; i++) {
-	rv = ssl3_AppendHandshakeNumber(ss, compressions[i], 1);
-	if (rv != SECSuccess) {
-	    return rv;	/* err set by ssl3_AppendHandshake* */
-	}
-    }
-
-    rv = ssl3_FlushHandshake(ss, 0);
-    if (rv != SECSuccess) {
-	return rv;	/* error code set by ssl3_FlushHandshake */
-    }
-
-    ss->ssl3->hs.ws = wait_server_hello;
-    return rv;
-}
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Hello Request.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHelloRequest(sslSocket *ss)
-{
-    sslSessionID *sid = ss->sec.ci.sid;
-    SECStatus     rv;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle hello_request handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert(ss->ssl3);
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (ss->ssl3->hs.ws == wait_server_hello)
-	return SECSuccess;
-    if (ss->ssl3->hs.ws != idle_handshake || ss->sec.isServer) {
-	(void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
-	return SECFailure;
-    }
-    if (sid) {
-	ss->sec.uncache(sid);
-	ssl_FreeSID(sid);
-	ss->sec.ci.sid = NULL;
-    }
-
-    ssl_GetXmitBufLock(ss);
-    rv = ssl3_SendClientHello(ss);
-    ssl_ReleaseXmitBufLock(ss);
-
-    return rv;
-}
-
-#define UNKNOWN_WRAP_MECHANISM 0x7fffffff
-
-static const CK_MECHANISM_TYPE wrapMechanismList[SSL_NUM_WRAP_MECHS] = {
-    CKM_DES3_ECB,
-    CKM_CAST5_ECB,
-    CKM_DES_ECB,
-    CKM_KEY_WRAP_LYNKS,
-    CKM_IDEA_ECB,
-    CKM_CAST3_ECB,
-    CKM_CAST_ECB,
-    CKM_RC5_ECB,
-    CKM_RC2_ECB,
-    CKM_CDMF_ECB,
-    CKM_SKIPJACK_WRAP,
-    CKM_SKIPJACK_CBC64,
-    UNKNOWN_WRAP_MECHANISM
-};
-
-static int
-ssl_FindIndexByWrapMechanism(CK_MECHANISM_TYPE mech)
-{
-    const CK_MECHANISM_TYPE *pMech = wrapMechanismList;
-
-    while (mech != *pMech && *pMech != UNKNOWN_WRAP_MECHANISM) {
-    	++pMech;
-    }
-    return (*pMech == UNKNOWN_WRAP_MECHANISM) ? -1
-                                              : (pMech - wrapMechanismList);
-}
-
-static PK11SymKey *
-ssl_UnwrapSymWrappingKey(
-	SSLWrappedSymWrappingKey *pWswk,
-	SECKEYPrivateKey *        svrPrivKey,
-	SSL3KEAType               exchKeyType,
-	CK_MECHANISM_TYPE         masterWrapMech,
-	void *                    pwArg)
-{
-    PK11SymKey *             unwrappedWrappingKey  = NULL;
-    SECItem                  wrappedKey;
-
-    /* found the wrapping key on disk. */
-    PORT_Assert(pWswk->symWrapMechanism == masterWrapMech);
-    PORT_Assert(pWswk->exchKeyType      == exchKeyType);
-    if (pWswk->symWrapMechanism != masterWrapMech ||
-	pWswk->exchKeyType      != exchKeyType) {
-	goto loser;
-    }
-    wrappedKey.type = siBuffer;
-    wrappedKey.data = pWswk->wrappedSymmetricWrappingkey;
-    wrappedKey.len  = pWswk->wrappedSymKeyLen;
-    PORT_Assert(wrappedKey.len <= sizeof pWswk->wrappedSymmetricWrappingkey);
-
-    switch (exchKeyType) {
-    PK11SymKey *      Ks;
-    PK11SlotInfo *    slot;
-    SECItem           param;
-
-    case kt_fortezza:
-	/* get the slot that the fortezza server private key is in. */
-	slot = PK11_GetSlotFromPrivateKey(svrPrivKey);
-	if (slot == NULL) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-
-	/* Look up the Token Fixed Key */
-	Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_CBC64, NULL, pwArg);
-	PK11_FreeSlot(slot);
-	if (Ks == NULL) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-
-	/* unwrap client write key with the local Ks and IV */
-	param.type = siBuffer;
-    	param.data = pWswk->wrapIV;
-    	param.len  = pWswk->wrapIVLen;
-	unwrappedWrappingKey =
-	    PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_CBC64, &param, &wrappedKey,
-			      masterWrapMech, CKA_UNWRAP, 0);
-	PK11_FreeSymKey(Ks);
-	break;
-
-    case kt_rsa:
-	unwrappedWrappingKey =
-	    PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
-				 masterWrapMech, CKA_UNWRAP, 0);
-	break;
-    default:
-	/* Assert? */
-	SET_ERROR_CODE
-	goto loser;
-    }
-loser:
-    return unwrappedWrappingKey;
-}
-
-/* Each process sharing the server session ID cache has its own array of
- * SymKey pointers for the symmetric wrapping keys that are used to wrap
- * the master secrets.  There is one key for each KEA type.  These Symkeys
- * correspond to the wrapped SymKeys kept in the server session cache.
- */
-
-typedef struct {
-    PK11SymKey *      symWrapKey[kt_kea_size];
-} ssl3SymWrapKey;
-
-/* Try to get wrapping key for mechanism from in-memory array.
- * If that fails, look for one on disk.
- * If that fails, generate a new one, put the new one on disk,
- * Put the new key in the in-memory array.
- */
-static PK11SymKey *
-getWrappingKey( sslSocket *       ss,
-		PK11SlotInfo *    masterSecretSlot,
-		SSL3KEAType       exchKeyType,
-                CK_MECHANISM_TYPE masterWrapMech,
-	        void *            pwArg)
-{
-    CERTCertificate *        svrCert;
-    SECKEYPrivateKey *       svrPrivKey;
-    SECKEYPublicKey *        svrPubKey             = NULL;
-    PK11SymKey *             unwrappedWrappingKey  = NULL;
-    PK11SymKey **            pSymWrapKey;
-    CK_MECHANISM_TYPE        asymWrapMechanism = CKM_INVALID_MECHANISM;
-    int                      length;
-    int                      symWrapMechIndex;
-    SECStatus                rv;
-    SECItem                  wrappedKey;
-    SSLWrappedSymWrappingKey wswk;
-
-    static PZLock *          symWrapKeysLock;
-    static ssl3SymWrapKey    symWrapKeys[SSL_NUM_WRAP_MECHS];
-
-    svrPrivKey  = ss->serverCerts[exchKeyType].serverKey;
-    PORT_Assert(svrPrivKey != NULL);
-    if (!svrPrivKey) {
-    	return NULL;	/* why are we here?!? */
-    }
-
-    symWrapMechIndex = ssl_FindIndexByWrapMechanism(masterWrapMech);
-    PORT_Assert(symWrapMechIndex >= 0);
-    if (symWrapMechIndex < 0)
-    	return NULL;	/* invalid masterWrapMech. */
-
-    pSymWrapKey = &symWrapKeys[symWrapMechIndex].symWrapKey[exchKeyType];
-
-    /* atomically initialize the lock */
-    if (!symWrapKeysLock)
-	nss_InitLock(&symWrapKeysLock, nssILockOther);
-
-    PZ_Lock(symWrapKeysLock);
-
-    unwrappedWrappingKey = *pSymWrapKey;
-    if (unwrappedWrappingKey != NULL) {
-	if (PK11_VerifyKeyOK(unwrappedWrappingKey)) {
-	    unwrappedWrappingKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
-	    goto done;
-	}
-	/* slot series has changed, so this key is no good any more. */
-	PK11_FreeSymKey(unwrappedWrappingKey);
-	*pSymWrapKey = unwrappedWrappingKey = NULL;
-    }
-
-    /* Try to get wrapped SymWrapping key out of the (disk) cache. */
-    /* Following call fills in wswk on success. */
-    if (ssl_GetWrappingKey(symWrapMechIndex, exchKeyType, &wswk)) {
-    	/* found the wrapped sym wrapping key on disk. */
-	unwrappedWrappingKey =
-	    ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, exchKeyType,
-                                     masterWrapMech, pwArg);
-	if (unwrappedWrappingKey) {
-	    goto install;
-	}
-    }
-
-    if (!masterSecretSlot) 	/* caller doesn't want to create a new one. */
-    	goto loser;
-
-    length = PK11_GetBestKeyLength(masterSecretSlot, masterWrapMech);
-    /* Zero length means fixed key length algorithm, or error.
-     * It's ambiguous.
-     */
-    unwrappedWrappingKey = PK11_KeyGen(masterSecretSlot, masterWrapMech, NULL,
-                                       length, pwArg);
-    if (!unwrappedWrappingKey) {
-    	goto loser;
-    }
-
-    /* Prepare the buffer to receive the wrappedWrappingKey,
-     * the symmetric wrapping key wrapped using the server's pub key.
-     */
-    PORT_Memset(&wswk, 0, sizeof wswk);	/* eliminate UMRs. */
-
-    svrCert         = ss->serverCerts[exchKeyType].serverCert;
-    svrPubKey       = CERT_ExtractPublicKey(svrCert);
-    if (svrPubKey == NULL) {
-	/* CERT_ExtractPublicKey doesn't set error code */
-	PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-    	goto loser;
-    }
-    wrappedKey.type = siBuffer;
-    wrappedKey.len  = SECKEY_PublicKeyStrength(svrPubKey);
-    wrappedKey.data = wswk.wrappedSymmetricWrappingkey;
-
-    PORT_Assert(wrappedKey.len <= sizeof wswk.wrappedSymmetricWrappingkey);
-    if (wrappedKey.len > sizeof wswk.wrappedSymmetricWrappingkey)
-    	goto loser;
-
-    /* wrap symmetric wrapping key in server's public key. */
-    switch (exchKeyType) {
-    PK11SymKey *      Ks;
-    PK11SlotInfo *    fSlot;
-    SECItem           param;
-
-    case kt_fortezza:
-	/* get the slot that the fortezza server private key is in. */
-	fSlot = PK11_GetSlotFromPrivateKey(svrPrivKey);
-	if (fSlot == NULL) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-
-	/* Look up the Token Fixed Key */
-	Ks = PK11_FindFixedKey(fSlot, CKM_SKIPJACK_CBC64, NULL, pwArg);
-	PK11_FreeSlot(fSlot);
-	if (Ks == NULL) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-
-	/* wrap symmetricWrapping key with the local Ks */
-	param.type = siBuffer;
-    	param.data = wswk.wrapIV;
-    	param.len  = sizeof wswk.wrapIV;
-	rv = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &param, Ks,
-	                     unwrappedWrappingKey, &wrappedKey);
-	wswk.wrapIVLen = param.len;
-	PK11_FreeSymKey(Ks);
-	asymWrapMechanism = CKM_SKIPJACK_CBC64;
-	break;
-
-    case kt_rsa:
-	asymWrapMechanism = CKM_RSA_PKCS;
-	rv = PK11_PubWrapSymKey(asymWrapMechanism, svrPubKey,
-	                        unwrappedWrappingKey, &wrappedKey);
-	break;
-
-    default:
-	rv = SECFailure;
-	break;
-    }
-
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    PORT_Assert(asymWrapMechanism != CKM_INVALID_MECHANISM);
-
-    wswk.symWrapMechanism  = masterWrapMech;
-    wswk.symWrapMechIndex  = symWrapMechIndex;
-    wswk.asymWrapMechanism = asymWrapMechanism;
-    wswk.exchKeyType       = exchKeyType;
-    wswk.wrappedSymKeyLen  = wrappedKey.len;
-
-    /* put it on disk. */
-    /* If the wrapping key for this KEA type has already been set, 
-     * then abandon the value we just computed and 
-     * use the one we got from the disk.
-     */
-    if (ssl_SetWrappingKey(&wswk)) {
-    	/* somebody beat us to it.  The original contents of our wswk
-	 * has been replaced with the content on disk.  Now, discard
-	 * the key we just created and unwrap this new one.
-	 */
-    	PK11_FreeSymKey(unwrappedWrappingKey);
-
-	unwrappedWrappingKey =
-	    ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, exchKeyType,
-                                     masterWrapMech, pwArg);
-    }
-
-install:
-    if (unwrappedWrappingKey) {
-	*pSymWrapKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
-    }
-
-loser:
-done:
-    if (svrPubKey) {
-    	SECKEY_DestroyPublicKey(svrPubKey);
-	svrPubKey = NULL;
-    }
-    PZ_Unlock(symWrapKeysLock);
-    return unwrappedWrappingKey;
-}
-
-
-static SECStatus
-ssl3_FortezzaAppendHandshake(sslSocket *ss, unsigned char * data, int len)
-{
-    SSL3FortezzaKeys *fortezza_CKE  = NULL;
-    SECStatus         rv            = SECFailure;
-
-    rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
-	    (sizeof(*fortezza_CKE)-sizeof(fortezza_CKE->y_c)) + 1 + len);
-    if (rv == SECSuccess) {
-        rv = ssl3_AppendHandshakeVariable(ss, data, len, 1);
-    }
-    return rv;	/* err set by ssl3_AppendHandshake* */
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
-    PK11SymKey *	pms 		= NULL;
-    SECStatus           rv    		= SECFailure;
-    SECItem 		enc_pms 	= {siBuffer, NULL, 0};
-    PRBool              isTLS;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-
-    /* Generate the pre-master secret ...  */
-    ssl_GetSpecWriteLock(ss);
-    isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    pms = ssl3_GenerateRSAPMS(ss, ss->ssl3->pwSpec, NULL);
-    ssl_ReleaseSpecWriteLock(ss);
-    if (pms == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    /* Get the wrapped (encrypted) pre-master secret, enc_pms */
-    enc_pms.len  = SECKEY_PublicKeyStrength(svrPubKey);
-    enc_pms.data = (unsigned char*)PORT_Alloc(enc_pms.len);
-    if (enc_pms.data == NULL) {
-	goto loser;	/* err set by PORT_Alloc */
-    }
-
-    /* wrap pre-master secret in server's public key. */
-    rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    rv = ssl3_InitPendingCipherSpec(ss,  pms);
-    PK11_FreeSymKey(pms); pms = NULL;
-
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange, 
-				    isTLS ? enc_pms.len + 2 : enc_pms.len);
-    if (rv != SECSuccess) {
-	goto loser;	/* err set by ssl3_AppendHandshake* */
-    }
-    if (isTLS) {
-    	rv = ssl3_AppendHandshakeVariable(ss, enc_pms.data, enc_pms.len, 2);
-    } else {
-	rv = ssl3_AppendHandshake(ss, enc_pms.data, enc_pms.len);
-    }
-    if (rv != SECSuccess) {
-	goto loser;	/* err set by ssl3_AppendHandshake* */
-    }
-
-    rv = SECSuccess;
-
-loser:
-    if (enc_pms.data != NULL) {
-	PORT_Free(enc_pms.data);
-    }
-    if (pms != NULL) {
-    	PK11_FreeSymKey(pms);
-    }
-    return rv;
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendDHClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
-    PK11SymKey *	pms 		= NULL;
-    SECStatus           rv    		= SECFailure;
-    PRBool              isTLS;
-    CK_MECHANISM_TYPE	target;
-
-    SECKEYDHParams	dhParam;		/* DH parameters */
-    SECKEYPublicKey	*pubKey = NULL;		/* Ephemeral DH key */
-    SECKEYPrivateKey	*privKey = NULL;	/* Ephemeral DH key */
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-
-    isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    /* Copy DH parameters from server key */
-
-    dhParam.prime.data = svrPubKey->u.dh.prime.data;
-    dhParam.prime.len = svrPubKey->u.dh.prime.len;
-    dhParam.base.data = svrPubKey->u.dh.base.data;
-    dhParam.base.len = svrPubKey->u.dh.base.len;
-
-    /* Generate ephemeral DH keypair */
-    privKey = SECKEY_CreateDHPrivateKey(&dhParam, &pubKey, NULL);
-    if (!privKey || !pubKey) {
-	    ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
-	    rv = SECFailure;
-	    goto loser;
-    }
-    PRINT_BUF(50, (ss, "DH public value:",
-					pubKey->u.dh.publicValue.data,
-					pubKey->u.dh.publicValue.len));
-
-    if (isTLS) target = CKM_TLS_MASTER_KEY_DERIVE_DH;
-    else target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
-
-    /* Determine the PMS */
-
-    pms = PK11_PubDerive(privKey, svrPubKey, PR_FALSE, NULL, NULL,
-			    CKM_DH_PKCS_DERIVE, target, CKA_DERIVE, 0, NULL);
-
-    if (pms == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    SECKEY_DestroyPrivateKey(privKey);
-    privKey = NULL;
-
-    rv = ssl3_InitPendingCipherSpec(ss,  pms);
-    PK11_FreeSymKey(pms); pms = NULL;
-
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange, 
-					pubKey->u.dh.publicValue.len + 2);
-    if (rv != SECSuccess) {
-	goto loser;	/* err set by ssl3_AppendHandshake* */
-    }
-    rv = ssl3_AppendHandshakeVariable(ss, 
-					pubKey->u.dh.publicValue.data,
-					pubKey->u.dh.publicValue.len, 2);
-    SECKEY_DestroyPublicKey(pubKey);
-    pubKey = NULL;
-
-    if (rv != SECSuccess) {
-	goto loser;	/* err set by ssl3_AppendHandshake* */
-    }
-
-    rv = SECSuccess;
-
-
-loser:
-
-    if(pms) PK11_FreeSymKey(pms);
-    if(privKey) SECKEY_DestroyPrivateKey(privKey);
-    if(pubKey) SECKEY_DestroyPublicKey(pubKey);
-    return rv;
-}
-
-/* fortezza client-auth portion of ClientKeyExchange message
- * This function appends the KEA public key from the client's  V3 cert
- * (empty for a V1 cert) to the outgoing ClientKeyExchange message.
- * For a V3 cert, it also computes the Fortezza public key hash of that key
- * and signs that hash with the client's signing private key.
- * It also finds and returns the client's KEA private key.
- *
- * Called from sendFortezzaClientKeyExchange <- ssl3_SendClientKeyExchange()
- */
-static SECKEYPrivateKey *
-sendFortezzaCKXClientAuth(sslSocket *ss, SSL3FortezzaKeys * fortezza_CKE)
-{
-    SECKEYPublicKey *	pubKey 		= NULL;
-    SECKEYPrivateKey *	privKeaKey 	= NULL;
-    CERTCertificate *	peerCert 	= ss->sec.peerCert;
-    void *		pwArg 		= ss->pkcs11PinArg;
-    SECStatus 		rv 		= SECFailure;
-    SECItem 		sigItem;
-    SECItem 		hashItem;
-
-    /* extract our own local public key. */
-    pubKey = CERT_ExtractPublicKey(ss->ssl3->clientCertificate);
-    if (!pubKey) {
-	ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-	goto loser;
-    }
-
-    if (pubKey->keyType == fortezzaKey) {
-	/* fortezza clientauth with fortezza V1 certificate */
-	rv = ssl3_FortezzaAppendHandshake(ss, NULL, 0);
-	if (rv != SECSuccess) {
-	    goto loser;	/* err was set by AppendHandshake. */
-	}
-	privKeaKey = PK11_FindKeyByAnyCert(ss->ssl3->clientCertificate, pwArg);
-	if (!privKeaKey) {
-	    ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
-	}
-
-    } else {
-	/* fortezza clientauth w/ V3 certificate or non fortezza cert*/
-	CERTCertificate *   ccert 		= NULL;
-	SECKEYPublicKey *   foundPubKey 	= NULL;
-	unsigned char       hash[SHA1_LENGTH];
-
-	ccert = PK11_FindBestKEAMatch(peerCert, pwArg);
-	if (ccert == NULL) {
-	    PORT_SetError(SSL_ERROR_FORTEZZA_PQG);
-	    goto v3_loser;
-	}
-
-	foundPubKey = CERT_ExtractPublicKey(ccert);
-	if (foundPubKey == NULL) {
-	    ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-	    goto v3_loser;
-	}
-
-	if (foundPubKey->keyType == keaKey) {
-	    rv = ssl3_FortezzaAppendHandshake(ss,
-			    foundPubKey->u.kea.publicValue.data,
-			    foundPubKey->u.kea.publicValue.len);
-	    if (rv != SECSuccess) {
-		goto v3_loser; /* err was set by AppendHandshake. */
-	    }
-
-	    rv = ssl3_ComputeFortezzaPublicKeyHash(
-			    foundPubKey->u.kea.publicValue, hash);
-	    if (rv != SECSuccess) {
-		ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-		goto v3_loser;
-	    }
-	} else {
-	    rv = ssl3_FortezzaAppendHandshake(ss,
-			    foundPubKey->u.fortezza.KEAKey.data,
-			    foundPubKey->u.fortezza.KEAKey.len);
-	    if (rv != SECSuccess) {
-		goto v3_loser; /* err was set by AppendHandshake. */
-	    }
-
-	    rv = ssl3_ComputeFortezzaPublicKeyHash(
-			    foundPubKey->u.fortezza.KEAKey, hash);
-	    if (rv != SECSuccess) {
-		ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-		goto v3_loser;
-	    }
-	}
-
-	hashItem.data = (unsigned char *) hash;
-	hashItem.len  = SHA1_LENGTH;
-
-	sigItem.data  = fortezza_CKE->y_signature;
-	sigItem.len   = sizeof fortezza_CKE->y_signature;
-
-	rv = PK11_Sign(ss->ssl3->clientPrivateKey, &sigItem, &hashItem);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto v3_loser;
-	}
-
-	privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
-	if (!privKeaKey) {
-	    ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
-	}
-
-v3_loser:
-	if (foundPubKey)
-	    SECKEY_DestroyPublicKey(foundPubKey);
-	if (ccert)
-	    CERT_DestroyCertificate(ccert);
-    } /* fortezza clientauth w/ V3 certificate or non fortezza cert*/
-
-loser:
-
-    if (pubKey)
-	SECKEY_DestroyPublicKey(pubKey);
-    return privKeaKey;
-} /* End of fortezza client-auth. */
-
-
-/* fortezza without client-auth */
-/* fortezza client-auth portion of ClientKeyExchange message
- * This function appends the public KEA key from the client's cert
- * to the outgoing ClientKeyExchange message.
- * It also finds and returns the client's KEA private key.
- *
- * Called from sendFortezzaClientKeyExchange <- ssl3_SendClientKeyExchange()
- */
-static SECKEYPrivateKey *
-sendFortezzaCKXNoClientAuth(sslSocket *ss)
-{
-    SECKEYPublicKey *   foundPubKey 	= NULL;
-    SECKEYPrivateKey *	privKeaKey 	= NULL;
-    CERTCertificate *	ccert 		= NULL;
-    CERTCertificate *	peerCert 	= ss->sec.peerCert;
-    void *		pwArg 		= ss->pkcs11PinArg;
-    SECStatus 		rv 		= SECFailure;
-
-    ccert = PK11_FindBestKEAMatch(peerCert, pwArg);
-    if (ccert == NULL) {
-	PORT_SetError(SSL_ERROR_FORTEZZA_PQG);
-	goto loser;
-    }
-
-    foundPubKey = CERT_ExtractPublicKey(ccert);
-    if (foundPubKey == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-	goto loser;
-    }
-
-    if (foundPubKey->keyType == fortezzaKey) {
-	/* fortezza V1 cert */
-	rv = ssl3_FortezzaAppendHandshake(ss,
-				    foundPubKey->u.fortezza.KEAKey.data,
-				    foundPubKey->u.fortezza.KEAKey.len);
-	if (rv != SECSuccess) {
-	    goto loser; /* err was set by AppendHandshake. */
-	}
-	privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
-	if (!privKeaKey) {
-	    ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
-	}
-    } else {
-	/* fortezza V3 cert */
-	rv = ssl3_FortezzaAppendHandshake(ss,
-				    foundPubKey->u.kea.publicValue.data,
-				    foundPubKey->u.kea.publicValue.len);
-	if (rv != SECSuccess) {
-	    goto loser; /* err was set by AppendHandshake. */
-	}
-	privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
-	if (!privKeaKey) {
-	    ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
-	}
-    }
-
-loser:
-    if (foundPubKey)
-	SECKEY_DestroyPublicKey(foundPubKey);
-    if (ccert)
-	CERT_DestroyCertificate(ccert);
-    return privKeaKey;
-}
-
-/* Called from ssl3_SendClientKeyExchange().  */
-static SECStatus
-sendFortezzaClientKeyExchange(sslSocket * ss, SECKEYPublicKey * serverKey)
-{
-    ssl3CipherSpec *	pwSpec = NULL;
-    sslSessionID *	sid 		= ss->sec.ci.sid;
-    PK11SlotInfo *	slot		= NULL;
-    PK11SymKey *	pms 		= NULL;
-    PK11SymKey *	tek		= NULL;
-    PK11SymKey *	client_write_key = NULL;
-    PK11SymKey *	server_write_key = NULL;
-    SECKEYPrivateKey *	privKeaKey 	= NULL;
-    void *		pwArg 		= ss->pkcs11PinArg;
-    SECStatus 		rv 		= SECFailure;
-    CK_VERSION 		version;
-    SECItem 		param;
-    SECItem 		raItem;
-    SECItem 		rbItem;
-    SECItem 		enc_pms;
-    SECItem 		item;
-    SSL3FortezzaKeys	fortezza_CKE;
-    PRBool              releaseSpecWriteLock = PR_FALSE;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    /* first get an appropriate slot for doing MACing.
-     * Note: This slot will NOT be a Fortezza slot because Fortezza
-     * cannot generate an SSL3 pre-master-secret.
-     */
-    slot = PK11_GetBestSlot(CKM_SSL3_PRE_MASTER_KEY_GEN, pwArg);
-    if (slot == NULL) {
-	PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
-	goto loser;
-    }
-
-    /* create a pre-Master secret */
-    version.major = MSB(ss->version);
-    version.minor = LSB(ss->version);
-
-    param.data = (unsigned char *)&version;
-    param.len  = sizeof version;
-
-    pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN,
-			 &param, 0, pwArg);
-    PK11_FreeSlot(slot);
-    slot = NULL;
-    if (pms == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    /* If we don't have a certificate, we need to read out your public key.
-     * This changes a bit when we need to deal with the PQG stuff
-     */
-    PORT_Memset(fortezza_CKE.y_signature, 0, sizeof fortezza_CKE.y_signature);
-
-    /* Send the KEA public key and get the KEA private key. */
-    if (ss->ssl3->clientCertificate != NULL) {
-	/* with client-auth */
-	privKeaKey = sendFortezzaCKXClientAuth(ss, &fortezza_CKE);
-    } else {
-	/* without client-auth */
-	privKeaKey = sendFortezzaCKXNoClientAuth(ss);
-    }
-    if (privKeaKey == NULL) {
-	rv = SECFailure;
-	goto loser;	/* error was already set. */
-    }
-
-    /* Now we derive the TEK, and generate r_c the client's "random" public key.
-     * r_c is generated and filled in by the PubDerive call below.
-     */
-    raItem.data = fortezza_CKE.r_c;
-    raItem.len  = sizeof fortezza_CKE.r_c;
-
-    /* R_s == server's "random" public key, sent in the Server Key Exchange */
-    rbItem.data = ss->ssl3->fortezza.R_s;
-    rbItem.len  = sizeof ss->ssl3->fortezza.R_s;
-
-    tek = PK11_PubDerive(privKeaKey, serverKey, PR_TRUE, /* generate r_c */
-                         &raItem, &rbItem, CKM_KEA_KEY_DERIVE,
-			 CKM_SKIPJACK_WRAP, CKA_WRAP, 0, pwArg);
-    SECKEY_DestroyPrivateKey(privKeaKey);
-    privKeaKey = NULL;
-    if (tek == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(tek); /* can't fail. */
-
-    /* encrypt the pms with the TEK.
-     * NB: PK11_WrapSymKey will generate and output the encrypted PMS
-     *     AND the IV for decrypting the PMS.
-     */
-    param.data   = fortezza_CKE.master_secret_iv;
-    param.len    = sizeof fortezza_CKE.master_secret_iv;
-
-    enc_pms.data = fortezza_CKE.encrypted_preMasterSecret;
-    enc_pms.len  = sizeof fortezza_CKE.encrypted_preMasterSecret;
-
-    rv = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &param, tek, pms, &enc_pms);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-    rv = SECFailure;	/* not there yet. */
-
-    slot = PK11_GetSlotFromKey(tek);
-
-    ssl_GetSpecWriteLock(ss); releaseSpecWriteLock = PR_TRUE;
-
-    pwSpec  = ss->ssl3->pwSpec;
-    pwSpec->client.write_key = client_write_key =
-		    PK11_KeyGen(slot, CKM_SKIPJACK_CBC64, NULL, 0, pwArg);
-    if (client_write_key == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-    /* the -1 is a hack. It's supposed to be key size, but we use it
-     * to tell the wrapper that we're doing a weird PKCS #11 key gen.
-     * Usually the result of key gen is an encrypt key. This is not
-     * the case with SSL, where this key is a decrypt key.
-     */
-    pwSpec->server.write_key = server_write_key =
-		    PK11_KeyGen(slot, CKM_SKIPJACK_CBC64, NULL, -1, pwArg);
-    if (server_write_key == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    rv = ssl3_InitPendingCipherSpec(ss,  pms);
-    PK11_FreeSymKey(pms); pms = NULL;
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    /* copy the keys and IVs out now */
-    item.data = fortezza_CKE.wrapped_client_write_key;
-    item.len  = sizeof fortezza_CKE.wrapped_client_write_key;
-    rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, client_write_key, &item);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    item.data = fortezza_CKE.wrapped_server_write_key;
-    item.len  = sizeof fortezza_CKE.wrapped_server_write_key;
-    rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, server_write_key, &item);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto loser;
-    }
-
-    /* we only get the generated IV's if we're doing skipjack.  */
-    if (pwSpec->cipher_def->calg == calg_fortezza) {
-	PORT_Memcpy(fortezza_CKE.client_write_iv, pwSpec->client.write_iv,
-				    sizeof fortezza_CKE.client_write_iv);
-	PORT_Memcpy(fortezza_CKE.server_write_iv, pwSpec->server.write_iv,
-				    sizeof fortezza_CKE.server_write_iv);
-    } else {
-	/* generate IVs to make old servers happy */
-	rv = PK11_GenerateFortezzaIV(client_write_key,
-	                             fortezza_CKE.client_write_iv,
-	                             sizeof fortezza_CKE.client_write_iv);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto loser;
-	}
-	rv = PK11_GenerateFortezzaIV(server_write_key,
-	                             fortezza_CKE.server_write_iv,
-	                             sizeof fortezza_CKE.server_write_iv);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto loser;
-	}
-    }
-
-    /* NOTE: This technique of writing out the struct, rather than writing
-     * out the individual members works only because all the rest of the
-     * values are fixed-length strings of well-defined byte order.
-     * Add one SECItem or one Number and we will need to break the elements out.
-     */
-    rv = ssl3_AppendHandshake(ss, &fortezza_CKE.r_c,
-			      (sizeof fortezza_CKE - sizeof fortezza_CKE.y_c));
-    if (rv != SECSuccess) {
-	goto loser;	/* err was set by AppendHandshake. */
-    }
-
-    /* now we initialize our contexts */
-    sid->u.ssl3.hasFortezza = PR_TRUE;
-    sid->u.ssl3.tek         = tek; tek = NULL; 	/* adopt.. */
-
-    if (pwSpec->cipher_def->calg == calg_fortezza) {
-	sid->u.ssl3.clientWriteKey =
-			    PK11_ReferenceSymKey(pwSpec->client.write_key);
-	sid->u.ssl3.serverWriteKey=
-			    PK11_ReferenceSymKey(pwSpec->server.write_key);
-
-	PORT_Memcpy(sid->u.ssl3.keys.client_write_iv,
-	            pwSpec->client.write_iv,
-		    sizeof sid->u.ssl3.keys.client_write_iv);
-	PORT_Memcpy(sid->u.ssl3.keys.server_write_iv,
-	            pwSpec->server.write_iv,
-		    sizeof sid->u.ssl3.keys.server_write_iv);
-
-	rv = PK11_SaveContext((PK11Context *)pwSpec->encodeContext,
-			      sid->u.ssl3.clientWriteSave,
-			      &sid->u.ssl3.clientWriteSaveLen,
-			      sizeof sid->u.ssl3.clientWriteSave);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto loser;
-	}
-    } else {
-	PK11_FreeSymKey(client_write_key);
-	pwSpec->client.write_key = client_write_key = NULL;
-
-	PK11_FreeSymKey(server_write_key);
-	pwSpec->server.write_key = server_write_key = NULL;
-
-	rv = SECSuccess;
-    }
-    /* FALL THROUGH */
-
-loser:
-    if (tek)    PK11_FreeSymKey(tek);
-    if (slot)   PK11_FreeSlot(slot);
-    if (pms)    PK11_FreeSymKey(pms);
-    if (rv != SECSuccess) {
-    	if (client_write_key) {
-	    PK11_FreeSymKey(client_write_key);
-	    pwSpec->client.write_key = client_write_key = NULL;
-	}
-    	if (server_write_key) {
-	    PK11_FreeSymKey(server_write_key);
-	    pwSpec->server.write_key = server_write_key = NULL;
-	}
-    }
-    if (releaseSpecWriteLock)
-	ssl_GetSpecWriteLock(ss);
-    return rv;
-}
-
-/* Called from ssl3_HandleServerHelloDone(). */
-static SECStatus
-ssl3_SendClientKeyExchange(sslSocket *ss)
-{
-    SECKEYPublicKey *	serverKey 	= NULL;
-    SECStatus 		rv 		= SECFailure;
-    PRBool              isTLS;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send client_key_exchange handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    if (ss->sec.peerKey == NULL) {
-	serverKey = CERT_ExtractPublicKey(ss->sec.peerCert);
-	if (serverKey == NULL) {
-	    PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-	    return SECFailure;
-	}
-    } else {
-	serverKey = ss->sec.peerKey;
-	ss->sec.peerKey = NULL; /* we're done with it now */
-    }
-
-    isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-    /* enforce limits on kea key sizes. */
-    if (ss->ssl3->hs.kea_def->is_limited) {
-	int keyLen = SECKEY_PublicKeyStrength(serverKey);	/* bytes */
-
-	if (keyLen * BPB > ss->ssl3->hs.kea_def->key_size_limit) {
-	    if (isTLS)
-		(void)SSL3_SendAlert(ss, alert_fatal, export_restriction);
-	    else
-		(void)ssl3_HandshakeFailure(ss);
-	    PORT_SetError(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED);
-	    goto loser;
-	}
-    }
-
-    ss->sec.keaType    = ss->ssl3->hs.kea_def->exchKeyType;
-    ss->sec.keaKeyBits = SECKEY_PublicKeyStrength(serverKey) * BPB;
-
-    switch (ss->ssl3->hs.kea_def->exchKeyType) {
-    case kt_rsa:
-	rv = sendRSAClientKeyExchange(ss, serverKey);
-	break;
-
-    case kt_fortezza:
-	rv = sendFortezzaClientKeyExchange(ss, serverKey);
-	break;
-
-    case kt_dh:
-	rv = sendDHClientKeyExchange(ss, serverKey);
-	break;
-
-    default:
-	/* got an unknown or unsupported Key Exchange Algorithm.  */
-	SEND_ALERT
-	PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-	break;
-    }
-
-    SSL_TRC(3, ("%d: SSL3[%d]: DONE sending client_key_exchange",
-		SSL_GETPID(), ss->fd));
-
-loser:
-    if (serverKey) 
-    	SECKEY_DestroyPublicKey(serverKey);
-    return rv;	/* err code already set. */
-}
-
-/* Called from ssl3_HandleServerHelloDone(). */
-static SECStatus
-ssl3_SendCertificateVerify(sslSocket *ss)
-{
-    ssl3State *   ssl3 		= ss->ssl3;
-    SECStatus     rv		= SECFailure;
-    PRBool        isTLS;
-    SECItem       buf           = {siBuffer, NULL, 0};
-    SSL3Hashes    hashes;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send certificate_verify handshake",
-		SSL_GETPID(), ss->fd));
-
-    ssl_GetSpecReadLock(ss);
-    rv = ssl3_ComputeHandshakeHashes(ss, ssl3->pwSpec, &hashes, 0);
-    ssl_ReleaseSpecReadLock(ss);
-    if (rv != SECSuccess) {
-	goto done;	/* err code was set by ssl3_ComputeHandshakeHashes */
-    }
-
-    isTLS = (PRBool)(ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-    rv = ssl3_SignHashes(&hashes, ssl3->clientPrivateKey, &buf, isTLS);
-    if (rv == SECSuccess) {
-	PK11SlotInfo * slot;
-	sslSessionID * sid   = ss->sec.ci.sid;
-
-    	/* Remember the info about the slot that did the signing.
-	** Later, when doing an SSL restart handshake, verify this.
-	** These calls are mere accessors, and can't fail.
-	*/
-	slot = PK11_GetSlotFromPrivateKey(ss->ssl3->clientPrivateKey);
-	sid->u.ssl3.clAuthSeries     = PK11_GetSlotSeries(slot);
-	sid->u.ssl3.clAuthSlotID     = PK11_GetSlotID(slot);
-	sid->u.ssl3.clAuthModuleID   = PK11_GetModuleID(slot);
-	sid->u.ssl3.clAuthValid      = PR_TRUE;
-	PK11_FreeSlot(slot);
-    }
-    /* If we're doing RSA key exchange, we're all done with the private key
-     * here.  Diffie-Hellman & Fortezza key exchanges need the client's
-     * private key for the key exchange.
-     */
-    if (ssl3->hs.kea_def->exchKeyType == kt_rsa) {
-	SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
-	ssl3->clientPrivateKey = NULL;
-    }
-    if (rv != SECSuccess) {
-	goto done;	/* err code was set by ssl3_SignHashes */
-    }
-
-    rv = ssl3_AppendHandshakeHeader(ss, certificate_verify, buf.len + 2);
-    if (rv != SECSuccess) {
-	goto done;	/* error code set by AppendHandshake */
-    }
-    rv = ssl3_AppendHandshakeVariable(ss, buf.data, buf.len, 2);
-    if (rv != SECSuccess) {
-	goto done;	/* error code set by AppendHandshake */
-    }
-
-done:
-    if (buf.data)
-	PORT_Free(buf.data);
-    return rv;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ServerHello message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    sslSessionID *sid		= ss->sec.ci.sid;
-    PRInt32       temp;		/* allow for consume number failure */
-    PRBool        suite_found   = PR_FALSE;
-    int           i;
-    int           errCode	= SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
-    SECStatus     rv;
-    SECItem       sidBytes 	= {siBuffer, NULL, 0};
-    PRBool        sid_match;
-    PRBool        isTLS		= PR_FALSE;
-    SSL3AlertDescription desc   = illegal_parameter;
-    SSL3ProtocolVersion version;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello handshake",
-    	SSL_GETPID(), ss->fd));
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    rv = ssl3_InitState(ss);
-    if (rv != SECSuccess) {
-	errCode = PORT_GetError(); /* ssl3_InitState has set the error code. */
-	goto alert_loser;
-    }
-    if (ss->ssl3->hs.ws != wait_server_hello) {
-        errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO;
-	desc    = unexpected_message;
-	goto alert_loser;
-    }
-
-    temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
-    if (temp < 0) {
-    	goto loser; 	/* alert has been sent */
-    }
-    version = (SSL3ProtocolVersion)temp;
-
-    /* this is appropriate since the negotiation is complete, and we only
-    ** know SSL 3.x.
-    */
-    if (MSB(version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
-    	desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
-	goto alert_loser;
-    }
-
-    rv = ssl3_NegotiateVersion(ss, version);
-    if (rv != SECSuccess) {
-    	desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
-	errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
-	goto alert_loser;
-    }
-    isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0);
-
-    rv = ssl3_ConsumeHandshake(
-	ss, &ss->ssl3->hs.server_random, SSL3_RANDOM_LENGTH, &b, &length);
-    if (rv != SECSuccess) {
-    	goto loser; 	/* alert has been sent */
-    }
-
-    rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
-    if (rv != SECSuccess) {
-    	goto loser; 	/* alert has been sent */
-    }
-    if (sidBytes.len > SSL3_SESSIONID_BYTES) {
-	if (isTLS)
-	    desc = decode_error;
-	goto alert_loser;	/* malformed. */
-    }
-
-    /* find selected cipher suite in our list. */
-    temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
-    if (temp < 0) {
-    	goto loser; 	/* alert has been sent */
-    }
-    ssl3_config_match_init(ss);
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
-	if ((temp == suite->cipher_suite) &&
-	    (config_match(suite, ss->ssl3->policy, PR_TRUE))) {
-	    suite_found = PR_TRUE;
-	    break;	/* success */
-	}
-    }
-    if (!suite_found) {
-    	desc    = handshake_failure;
-	errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
-	goto alert_loser;
-    }
-    ss->ssl3->hs.cipher_suite = (ssl3CipherSuite)temp;
-    ss->ssl3->hs.suite_def    = ssl_LookupCipherSuiteDef((ssl3CipherSuite)temp);
-    PORT_Assert(ss->ssl3->hs.suite_def);
-    if (!ss->ssl3->hs.suite_def) {
-    	PORT_SetError(errCode = SEC_ERROR_LIBRARY_FAILURE);
-	goto loser;	/* we don't send alerts for our screw-ups. */
-    }
-
-    /* find selected compression method in our list. */
-    temp = ssl3_ConsumeHandshakeNumber(ss, 1, &b, &length);
-    if (temp < 0) {
-    	goto loser; 	/* alert has been sent */
-    }
-    suite_found = PR_FALSE;
-    for (i = 0; i < compressionMethodsCount; i++) {
-	if (temp == compressions[i])  {
-	    suite_found = PR_TRUE;
-	    break;	/* success */
-    	}
-    }
-    if (!suite_found) {
-    	desc    = handshake_failure;
-	errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
-	goto alert_loser;
-    }
-    ss->ssl3->hs.compression = (SSL3CompressionMethod)temp;
-
-    if (length != 0) {	/* malformed */
-	goto alert_loser;
-    }
-
-    /* Any errors after this point are not "malformed" errors. */
-    desc    = handshake_failure;
-
-    /* we need to call ssl3_SetupPendingCipherSpec here so we can check the
-     * key exchange algorithm. */
-    rv = ssl3_SetupPendingCipherSpec(ss, ss->ssl3);
-    if (rv != SECSuccess) {
-	goto alert_loser;	/* error code is set. */
-    }
-
-    /* We may or may not have sent a session id, we may get one back or
-     * not and if so it may match the one we sent.
-     * Attempt to restore the master secret to see if this is so...
-     * Don't consider failure to find a matching SID an error.
-     */
-    sid_match = (PRBool)(sidBytes.len > 0 &&
-	sidBytes.len == sid->u.ssl3.sessionIDLength &&
-	!PORT_Memcmp(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len));
-
-    if (sid_match &&
-	sid->version == ss->version &&
-	sid->u.ssl3.cipherSuite == ss->ssl3->hs.cipher_suite) do {
-	PK11SlotInfo *slot;
-	PK11SymKey *  wrapKey;     /* wrapping key */
-	SECItem       wrappedMS;   /* wrapped master secret. */
-	CK_FLAGS      keyFlags      = 0;
-
-        ss->sec.authAlgorithm = sid->authAlgorithm;
-	ss->sec.authKeyBits   = sid->authKeyBits;
-	ss->sec.keaType       = sid->keaType;
-	ss->sec.keaKeyBits    = sid->keaKeyBits;
-
-	slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
-	                         sid->u.ssl3.masterSlotID);
-	if (slot == NULL) {
-	    break;		/* not considered an error. */
-	}
-	if (!PK11_IsPresent(slot)) {
-	    PK11_FreeSlot(slot);
-	    break;		/* not considered an error. */
-	}
-	wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
-				  sid->u.ssl3.masterWrapMech,
-				  sid->u.ssl3.masterWrapSeries,
-				  ss->pkcs11PinArg);
-	PK11_FreeSlot(slot);
-	if (wrapKey == NULL) {
-	    break;		/* not considered an error. */
-	}
-
-	if (ss->version > SSL_LIBRARY_VERSION_3_0) {	/* isTLS */
-	    keyFlags = CKF_SIGN | CKF_VERIFY;
-	}
-
-        wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
-	wrappedMS.len  = sid->u.ssl3.keys.wrapped_master_secret_len;
-	ss->ssl3->pwSpec->master_secret =
-	    PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech, 
-	    		NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
-		        CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
-	errCode = PORT_GetError();
-	PK11_FreeSymKey(wrapKey);
-	if (ss->ssl3->pwSpec->master_secret == NULL) {
-	    break;	/* errorCode set just after call to UnwrapSymKey. */
-	}
-
-	/* Got a Match */
-	++ssl3stats.hsh_sid_cache_hits;
-	ss->ssl3->hs.ws         = wait_change_cipher;
-	ss->ssl3->hs.isResuming = PR_TRUE;
-
-	/* copy the peer cert from the SID */
-	if (sid->peerCert != NULL) {
-	    ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
-	}
-
-	/* reload the FORTEZZA key material. These keys aren't generated
-	 * by the master secret, but by the key exchange. We restart by
-	 * reusing these keys. */
-	if (sid->u.ssl3.hasFortezza) {
-	    ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(sid->u.ssl3.tek);
-	}
-	if (ss->ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
-	    ss->ssl3->pwSpec->client.write_key =
-	    		PK11_ReferenceSymKey(sid->u.ssl3.clientWriteKey);
-	    ss->ssl3->pwSpec->server.write_key =
-	    		PK11_ReferenceSymKey(sid->u.ssl3.serverWriteKey);
-	    /* add the tek later for pre-encrypted files */
-	    PORT_Memcpy(ss->ssl3->pwSpec->client.write_iv,
-			sid->u.ssl3.keys.client_write_iv,
-			sizeof sid->u.ssl3.keys.client_write_iv);
-	    PORT_Memcpy(ss->ssl3->pwSpec->server.write_iv,
-			sid->u.ssl3.keys.server_write_iv,
-			sizeof sid->u.ssl3.keys.server_write_iv);
-	}
-
-	/* NULL value for PMS signifies re-use of the old MS */
-	rv = ssl3_InitPendingCipherSpec(ss,  NULL);
-	if (rv != SECSuccess) {
-	    goto alert_loser;	/* err code was set by ssl3_InitPendingCipherSpec */
-	}
-	if (ss->ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
-	    rv = PK11_RestoreContext(
-			(PK11Context *)ss->ssl3->pwSpec->encodeContext,
-			sid->u.ssl3.clientWriteSave,
-			sid->u.ssl3.clientWriteSaveLen);
-	    if (rv != SECSuccess) {
-		goto alert_loser;	/* err is set. */
-	    }
-	}
-	SECITEM_ZfreeItem(&sidBytes, PR_FALSE);	
-	return SECSuccess;
-    } while (0);
-
-    if (sid_match)
-	++ssl3stats.hsh_sid_cache_not_ok;
-    else
-	++ssl3stats.hsh_sid_cache_misses;
-
-    /* throw the old one away */
-    sid->u.ssl3.resumable = PR_FALSE;
-    (*ss->sec.uncache)(sid);
-    ssl_FreeSID(sid);
-
-    /* get a new sid */
-    ss->sec.ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE);
-    if (sid == NULL) {
-	goto alert_loser;	/* memory error is set. */
-    }
-
-    sid->version = ss->version;
-    sid->u.ssl3.sessionIDLength = sidBytes.len;
-    PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len);
-    SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
-
-    ss->ssl3->hs.isResuming = PR_FALSE;
-    ss->ssl3->hs.ws         = wait_server_cert;
-    return SECSuccess;
-
-alert_loser:
-    (void)SSL3_SendAlert(ss, alert_fatal, desc);
-
-loser:
-    if (sidBytes.data != NULL)
-	SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
-    errCode = ssl_MapLowLevelError(errCode);
-    return SECFailure;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ServerKeyExchange message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    PRArenaPool *    arena     = NULL;
-    SECKEYPublicKey *peerKey   = NULL;
-    PRBool           isTLS;
-    SECStatus        rv;
-    int              errCode   = SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH;
-    SSL3AlertDescription desc  = illegal_parameter;
-    SECItem          modulus   = {siBuffer, NULL, 0};
-    SECItem          exponent  = {siBuffer, NULL, 0};
-    SECItem          signature = {siBuffer, NULL, 0};
-    SECItem          dh_p      = {siBuffer, NULL, 0};
-    SECItem          dh_g      = {siBuffer, NULL, 0};
-    SECItem          dh_Ys     = {siBuffer, NULL, 0};
-    SSL3Hashes       hashes;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle server_key_exchange handshake",
-		SSL_GETPID(), ss->fd));
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (ss->ssl3->hs.ws != wait_server_key &&
-	ss->ssl3->hs.ws != wait_server_cert) {
-	errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
-	desc    = unexpected_message;
-	goto alert_loser;
-    }
-    if (ss->sec.peerCert == NULL) {
-	errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
-	desc    = unexpected_message;
-	goto alert_loser;
-    }
-
-    isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    switch (ss->ssl3->hs.kea_def->exchKeyType) {
-
-    case kt_rsa:
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &modulus, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &exponent, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	if (length != 0) {
-	    if (isTLS)
-		desc = decode_error;
-	    goto alert_loser;		/* malformed. */
-	}
-
-	/* failures after this point are not malformed handshakes. */
-	/* TLS: send decrypt_error if signature failed. */
-    	desc = isTLS ? decrypt_error : handshake_failure;
-
-    	/*
-     	 *  check to make sure the hash is signed by right guy
-     	 */
-    	rv = ssl3_ComputeExportRSAKeyHash(modulus, exponent,
-					  &ss->ssl3->hs.client_random,
-					  &ss->ssl3->hs.server_random, &hashes);
-        if (rv != SECSuccess) {
-	    errCode =
-	    	ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    goto alert_loser;
-	}
-        rv = ssl3_VerifySignedHashes(&hashes, ss->sec.peerCert, &signature,
-				    isTLS, ss->pkcs11PinArg);
-	if (rv != SECSuccess)  {
-	    errCode =
-	    	ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    goto alert_loser;
-	}
-
-	/*
-	 * we really need to build a new key here because we can no longer
-	 * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
-	 * pkcs11 slots and ID's.
-	 */
-    	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-	    goto no_memory;
-	}
-
-    	peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
-    	if (peerKey == NULL) {
-            PORT_FreeArena(arena, PR_FALSE);
-	    goto no_memory;
-	}
-
-	peerKey->arena              = arena;
-	peerKey->keyType            = rsaKey;
-	peerKey->pkcs11Slot         = NULL;
-	peerKey->pkcs11ID           = CK_INVALID_HANDLE;
-	if (SECITEM_CopyItem(arena, &peerKey->u.rsa.modulus,        &modulus) ||
-	    SECITEM_CopyItem(arena, &peerKey->u.rsa.publicExponent, &exponent))
-	{
-            PORT_FreeArena(arena, PR_FALSE);
-	    goto no_memory;
-        }
-    	ss->sec.peerKey = peerKey;
-	SECITEM_FreeItem(&modulus,   PR_FALSE);
-	SECITEM_FreeItem(&exponent,  PR_FALSE);
-	SECITEM_FreeItem(&signature, PR_FALSE);
-    	ss->ssl3->hs.ws = wait_cert_request;
-    	return SECSuccess;
-
-    case kt_dh:
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &dh_p, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed. */
-	}
-    	if (length != 0) {
-	    if (isTLS)
-		desc = decode_error;
-	    goto alert_loser;		/* malformed. */
-	}
-
-	PRINT_BUF(60, (NULL, "Server DH p", dh_p.data, dh_p.len));
-	PRINT_BUF(60, (NULL, "Server DH g", dh_g.data, dh_g.len));
-	PRINT_BUF(60, (NULL, "Server DH Ys", dh_Ys.data, dh_Ys.len));
-
-	/* failures after this point are not malformed handshakes. */
-	/* TLS: send decrypt_error if signature failed. */
-    	desc = isTLS ? decrypt_error : handshake_failure;
-
-    	/*
-     	 *  check to make sure the hash is signed by right guy
-     	 */
-    	rv = ssl3_ComputeDHKeyHash(dh_p, dh_g, dh_Ys,
-					  &ss->ssl3->hs.client_random,
-					  &ss->ssl3->hs.server_random, &hashes);
-        if (rv != SECSuccess) {
-	    errCode =
-	    	ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    goto alert_loser;
-	}
-        rv = ssl3_VerifySignedHashes(&hashes, ss->sec.peerCert, &signature,
-				    isTLS, ss->pkcs11PinArg);
-	if (rv != SECSuccess)  {
-	    errCode =
-	    	ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    goto alert_loser;
-	}
-
-	/*
-	 * we really need to build a new key here because we can no longer
-	 * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
-	 * pkcs11 slots and ID's.
-	 */
-    	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-	    goto no_memory;
-	}
-
-    	ss->sec.peerKey = peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
-    	if (peerKey == NULL) {
-	    goto no_memory;
-	}
-
-	peerKey->arena              = arena;
-	peerKey->keyType            = dhKey;
-	peerKey->pkcs11Slot         = NULL;
-	peerKey->pkcs11ID           = CK_INVALID_HANDLE;
-
-	if (SECITEM_CopyItem(arena, &peerKey->u.dh.prime,        &dh_p) ||
-	    SECITEM_CopyItem(arena, &peerKey->u.dh.base,         &dh_g) ||
-	    SECITEM_CopyItem(arena, &peerKey->u.dh.publicValue,  &dh_Ys))
-	{
-            PORT_FreeArena(arena, PR_FALSE);
-	    goto no_memory;
-        }
-    	ss->sec.peerKey = peerKey;
-	SECITEM_FreeItem(&dh_p,   PR_FALSE);
-	SECITEM_FreeItem(&dh_g,  PR_FALSE);
-	SECITEM_FreeItem(&dh_Ys, PR_FALSE);
-    	ss->ssl3->hs.ws = wait_cert_request;
-    	return SECSuccess;
-
-    case kt_fortezza:
-
-	/* Fortezza needs *BOTH* a server cert message
-	 * and a server key exchange message.
- 	 */
-	if (ss->ssl3->hs.ws == wait_server_cert) {
-	    errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
-	    desc    = unexpected_message;
-	    goto alert_loser;
-	}
-	/* Get the server's "random" public key. */
-    	rv = ssl3_ConsumeHandshake(ss, ss->ssl3->fortezza.R_s,
-				   sizeof ss->ssl3->fortezza.R_s, &b, &length);
-    	if (rv != SECSuccess) {
-	    goto loser;		/* malformed */
-	}
-
-    	ss->ssl3->hs.ws = wait_cert_request;
-    	return SECSuccess;
-
-    default:
-    	desc    = handshake_failure;
-	errCode = SEC_ERROR_UNSUPPORTED_KEYALG;
-	break;		/* goto alert_loser; */
-    }
-
-alert_loser:
-    (void)SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
-    if (modulus.data   != NULL) SECITEM_FreeItem(&modulus,   PR_FALSE);
-    if (exponent.data  != NULL) SECITEM_FreeItem(&exponent,  PR_FALSE);
-    if (signature.data != NULL) SECITEM_FreeItem(&signature, PR_FALSE);
-    if (dh_p.data != NULL) SECITEM_FreeItem(&dh_p, PR_FALSE);
-    if (dh_g.data != NULL) SECITEM_FreeItem(&dh_g, PR_FALSE);
-    if (dh_Ys.data != NULL) SECITEM_FreeItem(&dh_Ys, PR_FALSE);
-    PORT_SetError( errCode );
-    return SECFailure;
-
-no_memory:	/* no-memory error has already been set. */
-    if (modulus.data   != NULL) SECITEM_FreeItem(&modulus,   PR_FALSE);
-    if (exponent.data  != NULL) SECITEM_FreeItem(&exponent,  PR_FALSE);
-    if (signature.data != NULL) SECITEM_FreeItem(&signature, PR_FALSE);
-    ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-    return SECFailure;
-}
-
-
-typedef struct dnameNode {
-    struct dnameNode *next;
-    SECItem           name;
-} dnameNode;
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate Request message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    ssl3State *          ssl3        = ss->ssl3;
-    PRArenaPool *        arena       = NULL;
-    dnameNode *          node;
-    unsigned char *      data;
-    PRInt32              remaining;
-    PRInt32              len;
-    PRBool               isTLS       = PR_FALSE;
-    int                  i;
-    int                  errCode     = SSL_ERROR_RX_MALFORMED_CERT_REQUEST;
-    int                  nnames      = 0;
-    SECStatus            rv;
-    SSL3AlertDescription desc        = illegal_parameter;
-    SECItem              cert_types  = {siBuffer, NULL, 0};
-    CERTDistNames        ca_list;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_request handshake",
-		SSL_GETPID(), ss->fd));
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (ssl3->hs.ws != wait_cert_request &&
-    	ssl3->hs.ws != wait_server_key) {
-	desc    = unexpected_message;
-	errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
-	goto alert_loser;
-    }
-
-    /* clean up anything left from previous handshake. */
-    if (ssl3->clientCertChain != NULL) {
-       CERT_DestroyCertificateList(ssl3->clientCertChain);
-       ssl3->clientCertChain = NULL;
-    }
-
-    isTLS = (PRBool)(ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-    rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length);
-    if (rv != SECSuccess)
-    	goto loser;		/* malformed, alert has been sent */
-
-    arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-    	goto no_mem;
-
-    remaining = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
-    if (remaining < 0)
-    	goto loser;	 	/* malformed, alert has been sent */
-
-    ca_list.head = node = PORT_ArenaZNew(arena, dnameNode);
-    if (node == NULL)
-    	goto no_mem;
-
-    while (remaining != 0) {
-	if (remaining < 2)
-	    goto alert_loser;	/* malformed */
-
-	node->name.len = len = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
-	if (len < 0)
-	    goto loser;		/* malformed, alert has been sent */
-
-	remaining -= 2;
-	if (remaining < len)
-	    goto alert_loser;	/* malformed */
-
-	data = node->name.data = (unsigned char*)PORT_ArenaAlloc(arena, len);
-	if (data == NULL)
-	    goto no_mem;
-
-	rv = ssl3_ConsumeHandshake(ss, data, len, &b, &length);
-	if (rv != SECSuccess)
-	    goto loser;		/* malformed, alert has been sent */
-
-	remaining -= len;
-	nnames++;
-	if (remaining == 0)
-	    break;		/* success */
-
-	node->next = PORT_ArenaZNew(arena, dnameNode);
-	node = node->next;
-	if (node == NULL)
-	    goto no_mem;
-    }
-
-    ca_list.nnames = nnames;
-    ca_list.names  = (SECItem*)PORT_ArenaAlloc(arena, nnames * sizeof(SECItem));
-    if (ca_list.names == NULL)
-        goto no_mem;
-
-    for(i = 0, node = (dnameNode*)ca_list.head;
-	i < nnames;
-	i++, node = node->next) {
-	ca_list.names[i] = node->name;
-    }
-
-    if (length != 0)
-        goto alert_loser;   	/* malformed */
-
-    desc = no_certificate;
-    ssl3->hs.ws = wait_hello_done;
-
-    if (ss->getClientAuthData == NULL) {
-	rv = SECFailure; /* force it to send a no_certificate alert */
-    } else {
-	/* XXX Should pass cert_types in this call!! */
-	rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg,
-						 ss->fd, &ca_list,
-						 &ssl3->clientCertificate,
-						 &ssl3->clientPrivateKey);
-    }
-    switch (rv) {
-    case SECWouldBlock:	/* getClientAuthData has put up a dialog box. */
-	ssl_SetAlwaysBlock(ss);
-	break;	/* not an error */
-
-    case SECSuccess:
-	/* Setting ssl3->clientCertChain non-NULL will cause
-	 * ssl3_HandleServerHelloDone to call SendCertificate.
-	 */
-	ssl3->clientCertChain = CERT_CertChainFromCert(ssl3->clientCertificate,
-			certUsageSSLClient, PR_FALSE);
-	if (ssl3->clientCertChain == NULL) {
-	    if (ssl3->clientCertificate != NULL) {
-		CERT_DestroyCertificate(ssl3->clientCertificate);
-		ssl3->clientCertificate = NULL;
-	    }
-	    if (ssl3->clientPrivateKey != NULL) {
-		SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
-		ssl3->clientPrivateKey = NULL;
-	    }
-	    goto send_no_certificate;
-	}
-	break;	/* not an error */
-
-    case SECFailure:
-    default:
-send_no_certificate:
-	if (isTLS) {
-	    ssl3->sendEmptyCert = PR_TRUE;
-	} else {
-	    (void)SSL3_SendAlert(ss, alert_warning, no_certificate);
-	}
-	rv = SECSuccess;
-	break;
-    }
-    goto done;
-
-no_mem:
-    rv = SECFailure;
-    PORT_SetError(SEC_ERROR_NO_MEMORY);
-    goto done;
-
-alert_loser:
-    if (isTLS && desc == illegal_parameter)
-    	desc = decode_error;
-    (void)SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
-    PORT_SetError(errCode);
-    rv = SECFailure;
-done:
-    if (arena != NULL)
-    	PORT_FreeArena(arena, PR_FALSE);
-    if (cert_types.data != NULL)
-    	SECITEM_FreeItem(&cert_types, PR_FALSE);
-    return rv;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- *	cert	Client cert chosen by application.
- *		Note: ssl takes this reference, and does not bump the
- *		reference count.  The caller should drop its reference
- *		without calling CERT_DestroyCert after calling this function.
- *
- *	key	Private key associated with cert.  This function makes a
- *		copy of the private key, so the caller remains responsible
- *		for destroying its copy after this function returns.
- *
- *	certChain  DER-encoded certs, client cert and its signers.
- *		Note: ssl takes this reference, and does not copy the chain.
- *		The caller should drop its reference without destroying the
- *		chain.  SSL will free the chain when it is done with it.
- *
- * Return value: XXX
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- *     It does not work on a subsequent handshake (redo).
- *
- * Caller holds 1stHandshakeLock.
- */
-SECStatus
-ssl3_RestartHandshakeAfterCertReq(sslSocket *         ss,
-				CERTCertificate *    cert,
-				SECKEYPrivateKey *   key,
-				CERTCertificateList *certChain)
-{
-    SECStatus        rv          = SECSuccess;
-
-    if (MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0)) {
-	/* XXX This code only works on the initial handshake on a connection,
-	** XXX It does not work on a subsequent handshake (redo).
-	*/
-	if (ss->handshake != 0) {
-	    ss->handshake               = ssl_GatherRecord1stHandshake;
-	    ss->ssl3->clientCertificate = cert;
-	    ss->ssl3->clientCertChain   = certChain;
-	    if (key == NULL) {
-		(void)SSL3_SendAlert(ss, alert_warning, no_certificate);
-		ss->ssl3->clientPrivateKey = NULL;
-	    } else {
-		ss->ssl3->clientPrivateKey = SECKEY_CopyPrivateKey(key);
-	    }
-	    ssl_GetRecvBufLock(ss);
-	    if (ss->ssl3->hs.msgState.buf != NULL) {
-		rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
-	    }
-	    ssl_ReleaseRecvBufLock(ss);
-	}
-    }
-    return rv;
-}
-
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Server Hello Done message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerHelloDone(sslSocket *ss)
-{
-    SECStatus     rv;
-    SSL3WaitState ws          = ss->ssl3->hs.ws;
-    PRBool        send_verify = PR_FALSE;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello_done handshake",
-		SSL_GETPID(), ss->fd));
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (ws != wait_hello_done  &&
-        ws != wait_server_cert &&
-	ws != wait_server_key  &&
-	ws != wait_cert_request) {
-	SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
-	return SECFailure;
-    }
-
-    ssl_GetXmitBufLock(ss);		/*******************************/
-
-    if (ss->ssl3->sendEmptyCert) {
-	ss->ssl3->sendEmptyCert = PR_FALSE;
-	rv = ssl3_SendEmptyCertificate(ss);
-	/* Don't send verify */
-	if (rv != SECSuccess) {
-	    goto loser;	/* error code is set. */
-    	}
-    } else
-    if (ss->ssl3->clientCertChain  != NULL &&
-	ss->ssl3->clientPrivateKey != NULL) {
-	send_verify = PR_TRUE;
-	rv = ssl3_SendCertificate(ss);
-	if (rv != SECSuccess) {
-	    goto loser;	/* error code is set. */
-    	}
-    }
-
-    rv = ssl3_SendClientKeyExchange(ss);
-    if (rv != SECSuccess) {
-    	goto loser;	/* err is set. */
-    }
-
-    if (send_verify) {
-	rv = ssl3_SendCertificateVerify(ss);
-	if (rv != SECSuccess) {
-	    goto loser;	/* err is set. */
-        }
-    }
-    rv = ssl3_SendChangeCipherSpecs(ss);
-    if (rv != SECSuccess) {
-	goto loser;	/* err code was set. */
-    }
-    rv = ssl3_SendFinished(ss, 0);
-    if (rv != SECSuccess) {
-	goto loser;	/* err code was set. */
-    }
-
-    ssl_ReleaseXmitBufLock(ss);		/*******************************/
-
-    ss->ssl3->hs.ws = wait_change_cipher;
-    return SECSuccess;
-
-loser:
-    ssl_ReleaseXmitBufLock(ss);
-    return rv;
-}
-
-/*
- * Routines used by servers
- */
-static SECStatus
-ssl3_SendHelloRequest(sslSocket *ss)
-{
-    SECStatus rv;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send hello_request handshake", SSL_GETPID(),
-		ss->fd));
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    rv = ssl3_AppendHandshakeHeader(ss, hello_request, 0);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake */
-    }
-    rv = ssl3_FlushHandshake(ss, 0);
-    if (rv != SECSuccess) {
-	return rv;	/* error code set by ssl3_FlushHandshake */
-    }
-    ss->ssl3->hs.ws = wait_client_hello;
-    return SECSuccess;
-}
-
-/* Sets memory error when returning NULL.
- * Called from:
- *	ssl3_SendClientHello()
- *	ssl3_HandleServerHello()
- *	ssl3_HandleClientHello()
- *	ssl3_HandleV2ClientHello()
- */
-static sslSessionID *
-ssl3_NewSessionID(sslSocket *ss, PRBool is_server)
-{
-    sslSessionID *sid;
-
-    sid = PORT_ZNew(sslSessionID);
-    if (sid == NULL)
-    	return sid;
-
-    sid->peerID		= (ss->peerID == NULL) ? NULL : PORT_Strdup(ss->peerID);
-    sid->urlSvrName	= (ss->url    == NULL) ? NULL : PORT_Strdup(ss->url);
-    sid->addr           = ss->sec.ci.peer;
-    sid->port           = ss->sec.ci.port;
-    sid->references     = 1;
-    sid->cached         = never_cached;
-    sid->version        = ss->version;
-
-    sid->u.ssl3.resumable      = PR_TRUE;
-    sid->u.ssl3.policy         = SSL_ALLOWED;
-    sid->u.ssl3.hasFortezza    = PR_FALSE;
-    sid->u.ssl3.clientWriteKey = NULL;
-    sid->u.ssl3.serverWriteKey = NULL;
-    sid->u.ssl3.tek            = NULL;
-
-    if (is_server) {
-	SECStatus rv;
-	int       pid = SSL_GETPID();
-
-	sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;
-	sid->u.ssl3.sessionID[0]    = (pid >> 8) & 0xff;
-	sid->u.ssl3.sessionID[1]    =  pid       & 0xff;
-	rv = PK11_GenerateRandom(sid->u.ssl3.sessionID + 2,
-	                         SSL3_SESSIONID_BYTES -2);
-	if (rv != SECSuccess) {
-	    ssl_FreeSID(sid);
-	    ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
-	    return NULL;
-    	}
-    }
-    return sid;
-}
-
-/* Called from:  ssl3_HandleClientHello, ssl3_HandleV2ClientHello */
-static SECStatus
-ssl3_SendServerHelloSequence(sslSocket *ss)
-{
-    const ssl3KEADef *kea_def;
-    SECStatus         rv;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: begin send server_hello sequence",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    rv = ssl3_SendServerHello(ss);
-    if (rv != SECSuccess) {
-	return rv;	/* err code is set. */
-    }
-    rv = ssl3_SendCertificate(ss);
-    if (rv != SECSuccess) {
-	return rv;	/* error code is set. */
-    }
-    /* We have to do this after the call to ssl3_SendServerHello,
-     * because kea_def is set up by ssl3_SendServerHello().
-     */
-    kea_def = ss->ssl3->hs.kea_def;
-    ss->ssl3->hs.usedStepDownKey = PR_FALSE;
-    if (kea_def->kea == kea_fortezza) {
-	rv = ssl3_SendServerKeyExchange(ss);
-	if (rv != SECSuccess) {
-	    return rv;	/* err code was set. */
-	}
-    } else if (kea_def->is_limited && kea_def->exchKeyType == kt_rsa) {
-	/* see if we can legally use the key in the cert. */
-	int keyLen;  /* bytes */
-
-	keyLen = PK11_GetPrivateModulusLen(
-			    ss->serverCerts[kea_def->exchKeyType].serverKey);
-
-	if (keyLen > 0 &&
-	    keyLen * BPB <= kea_def->key_size_limit ) {
-	    /* XXX AND cert is not signing only!! */
-	    /* just fall through and use it. */
-	} else if (ss->stepDownKeyPair != NULL) {
-	    ss->ssl3->hs.usedStepDownKey = PR_TRUE;
-	    rv = ssl3_SendServerKeyExchange(ss);
-	    if (rv != SECSuccess) {
-		return rv;	/* err code was set. */
-	    }
-	} else {
-#ifndef HACKED_EXPORT_SERVER
-	    PORT_SetError(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED);
-	    return rv;
-#endif
-	}
-    }
-
-    if (ss->requestCertificate) {
-	rv = ssl3_SendCertificateRequest(ss);
-	if (rv != SECSuccess) {
-	    return rv;		/* err code is set. */
-	}
-    }
-    rv = ssl3_SendServerHelloDone(ss);
-    if (rv != SECSuccess) {
-	return rv;		/* err code is set. */
-    }
-
-    ss->ssl3->hs.ws = (ss->requestCertificate) ? wait_client_cert
-                                               : wait_client_key;
-    return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Client Hello message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    sslSessionID *      sid      = NULL;
-    ssl3State *         ssl3;
-    PRInt32		tmp;
-    unsigned int        i;
-    int                 j;
-    SECStatus           rv;
-    int                 errCode  = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
-    SSL3AlertDescription desc    = illegal_parameter;
-    SSL3ProtocolVersion version;
-    SECItem             sidBytes = {siBuffer, NULL, 0};
-    SECItem             suites   = {siBuffer, NULL, 0};
-    SECItem             comps    = {siBuffer, NULL, 0};
-    PRBool              haveSpecWriteLock = PR_FALSE;
-    PRBool              haveXmitBufLock   = PR_FALSE;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle client_hello handshake",
-    	SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    /* Get peer name of client */
-    rv = ssl_GetPeerInfo(ss);
-    if (rv != SECSuccess) {
-	return rv;		/* error code is set. */
-    }
-
-    rv = ssl3_InitState(ss);
-    if (rv != SECSuccess) {
-	return rv;		/* ssl3_InitState has set the error code. */
-    }
-    ssl3 = ss->ssl3;
-
-    if ((ssl3->hs.ws != wait_client_hello) &&
-	(ssl3->hs.ws != idle_handshake)) {
-	desc    = unexpected_message;
-	errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
-	goto alert_loser;
-    }
-
-    tmp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
-    if (tmp < 0)
-	goto loser;		/* malformed, alert already sent */
-    ss->clientHelloVersion = version = (SSL3ProtocolVersion)tmp;
-    rv = ssl3_NegotiateVersion(ss, version);
-    if (rv != SECSuccess) {
-    	desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
-	errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
-	goto alert_loser;
-    }
-
-    /* grab the client random data. */
-    rv = ssl3_ConsumeHandshake(
-	ss, &ssl3->hs.client_random, SSL3_RANDOM_LENGTH, &b, &length);
-    if (rv != SECSuccess) {
-	goto loser;		/* malformed */
-    }
-
-    /* grab the client's SID, if present. */
-    rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
-    if (rv != SECSuccess) {
-	goto loser;		/* malformed */
-    }
-
-    if (sidBytes.len > 0) {
-	SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
-                    SSL_GETPID(), ss->fd, ss->sec.ci.peer.pr_s6_addr32[0],
-		    ss->sec.ci.peer.pr_s6_addr32[1], 
-		    ss->sec.ci.peer.pr_s6_addr32[2],
-		    ss->sec.ci.peer.pr_s6_addr32[3]));
-	sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sidBytes.data, sidBytes.len,
-	                        ss->dbHandle);
-    }
-    SECITEM_FreeItem(&sidBytes, PR_FALSE);
-
-    /* grab the list of cipher suites. */
-    rv = ssl3_ConsumeHandshakeVariable(ss, &suites, 2, &b, &length);
-    if (rv != SECSuccess) {
-	goto loser;		/* malformed */
-    }
-
-    /* grab the list of compression methods. */
-    rv = ssl3_ConsumeHandshakeVariable(ss, &comps, 1, &b, &length);
-    if (rv != SECSuccess) {
-	goto loser;		/* malformed */
-    }
-
-    /* It's OK for length to be non-zero here.
-     * Non-zero length means that some new protocol revision has extended
-     * the client hello message.
-     */
-
-    desc = handshake_failure;
-
-    if (sid != NULL) {
-	/* We've found a session cache entry for this client.
-	 * Now, if we're going to require a client-auth cert,
-	 * and we don't already have this client's cert in the session cache,
-	 * and this is the first handshake on this connection (not a redo),
-	 * then drop this old cache entry and start a new session.
-	 */
-	if ((sid->peerCert == NULL) && ss->requestCertificate &&
-	    ((ss->requireCertificate == 1) ||
-	     ((ss->requireCertificate == 2) && !ss->firstHsDone))) {
-
-	    ++ssl3stats.hch_sid_cache_not_ok;
-	    ss->sec.uncache(sid);
-	    ssl_FreeSID(sid);
-	    sid = NULL;
-	}
-    }
-
-    /* Look for a matching cipher suite. */
-    j = ssl3_config_match_init(ss);
-    if (j <= 0) {		/* no ciphers are working/supported by PK11 */
-    	errCode = PORT_GetError();	/* error code is already set. */
-	goto alert_loser;
-    }
-    /* If we already have a session for this client, be sure to pick the
-    ** same cipher suite we picked before.
-    ** This is not a loop, despite appearances.
-    */
-    if (sid) do {
-	ssl3CipherSuiteCfg *suite = ss->cipherSuites;
-	for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) {
-	    if (suite->cipher_suite == sid->u.ssl3.cipherSuite)
-		break;
-	}
-	if (!j)
-	    break;
-	if (!config_match(suite, ssl3->policy, PR_TRUE))
-	    break;
-	for (i = 0; i < suites.len; i += 2) {
-	    if ((suites.data[i]     == MSB(suite->cipher_suite)) &&
-	        (suites.data[i + 1] == LSB(suite->cipher_suite))) {
-
-		ssl3->hs.cipher_suite = suite->cipher_suite;
-		ssl3->hs.suite_def =
-		    ssl_LookupCipherSuiteDef(ssl3->hs.cipher_suite);
-		goto suite_found;
-	    }
-	}
-    } while (0);
-
-    /* Select a cipher suite.
-    ** NOTE: This suite selection algorithm should be the same as the one in
-    ** ssl3_HandleV2ClientHello().  
-    */
-    for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
-	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
-	if (!config_match(suite, ssl3->policy, PR_TRUE))
-	    continue;
-	for (i = 0; i < suites.len; i += 2) {
-	    if ((suites.data[i]     == MSB(suite->cipher_suite)) &&
-	        (suites.data[i + 1] == LSB(suite->cipher_suite))) {
-
-		ssl3->hs.cipher_suite = suite->cipher_suite;
-		ssl3->hs.suite_def =
-		    ssl_LookupCipherSuiteDef(ssl3->hs.cipher_suite);
-		goto suite_found;
-	    }
-	}
-    }
-    errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
-    goto alert_loser;
-
-suite_found:
-    /* Look for a matching compression algorithm. */
-    for (i = 0; i < comps.len; i++) {
-	for (j = 0; j < compressionMethodsCount; j++) {
-	    if (comps.data[i] == compressions[j]) {
-		ssl3->hs.compression = (SSL3CompressionMethod)compressions[j];
-		goto compression_found;
-	    }
-	}
-    }
-    errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
-    				/* null compression must be supported */
-    goto alert_loser;
-
-compression_found:
-    PORT_Free(suites.data);
-    suites.data = NULL;
-    PORT_Free(comps.data);
-    comps.data = NULL;
-
-    ss->sec.send = ssl3_SendApplicationData;
-
-    /* If there are any failures while processing the old sid,
-     * we don't consider them to be errors.  Instead, We just behave
-     * as if the client had sent us no sid to begin with, and make a new one.
-     */
-    if (sid != NULL) do {
-	PK11SlotInfo *  slot;
-	PK11SymKey *    wrapKey; 	/* wrapping key */
-	SECItem         wrappedKey;  	/* wrapped key */
-	ssl3CipherSpec *pwSpec;
-	CK_FLAGS        keyFlags      = 0;
-
-	if (sid->version != ss->version  ||
-	    sid->u.ssl3.cipherSuite != ssl3->hs.cipher_suite) {
-	    break;	/* not an error */
-	}
-
-	if (ss->sec.ci.sid) {
-	    ss->sec.uncache(ss->sec.ci.sid);
-	    PORT_Assert(ss->sec.ci.sid != sid);  /* should be impossible, but ... */
-	    if (ss->sec.ci.sid != sid) {
-		ssl_FreeSID(ss->sec.ci.sid);
-	    }
-	    ss->sec.ci.sid = NULL;
-	}
-	/* we need to resurrect the master secret.... */
-
-	ssl_GetSpecWriteLock(ss);  haveSpecWriteLock = PR_TRUE;
-	pwSpec = ssl3->pwSpec;
-
-	wrapKey = getWrappingKey(ss, NULL, sid->u.ssl3.exchKeyType,
-	                         sid->u.ssl3.masterWrapMech, ss->pkcs11PinArg);
-	if (!wrapKey) {
-	    /* we have a SID cache entry, but no wrapping key for it??? */
-	    break;
-	}
-
-	if (ss->version > SSL_LIBRARY_VERSION_3_0) {	/* isTLS */
-	    keyFlags = CKF_SIGN | CKF_VERIFY;
-	}
-
-        wrappedKey.data = sid->u.ssl3.keys.wrapped_master_secret;
-	wrappedKey.len  = sid->u.ssl3.keys.wrapped_master_secret_len;
-
-	/* unwrap the master secret. */
-	pwSpec->master_secret =
-	    PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech, 
-	    		NULL, &wrappedKey, CKM_SSL3_MASTER_KEY_DERIVE,
-			CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
-	PK11_FreeSymKey(wrapKey);
-	if (pwSpec->master_secret == NULL) {
-	    break;	/* not an error */
-	}
-	ss->sec.ci.sid = sid;
-	if (sid->peerCert != NULL) {
-	    ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
-	}
-
-	/*
-	 * Old SID passed all tests, so resume this old session.
-	 *
-	 * XXX make sure compression still matches
-	 */
-	++ssl3stats.hch_sid_cache_hits;
-	ssl3->hs.isResuming = PR_TRUE;
-
-        ss->sec.authAlgorithm = sid->authAlgorithm;
-	ss->sec.authKeyBits   = sid->authKeyBits;
-	ss->sec.keaType       = sid->keaType;
-	ss->sec.keaKeyBits    = sid->keaKeyBits;
-
-	/* server sids don't remember the server cert we previously sent,
-	** but they do remember the kea type we originally used, so we
-	** can locate it again, provided that the current ssl socket
-	** has had its server certs configured the same as the previous one.
-	*/
-	ss->sec.localCert     = 
-		CERT_DupCertificate(ss->serverCerts[sid->keaType].serverCert);
-
-	ssl_GetXmitBufLock(ss); haveXmitBufLock = PR_TRUE;
-
-	rv = ssl3_SendServerHello(ss);
-	if (rv != SECSuccess) {
-	    errCode = PORT_GetError();
-	    goto loser;
-	}
-
-	/* reload the FORTEZZA key material.
-	 * On Fortezza, the following keys & IVs are generated by the KEA,
-	 * not from the PMS.  Since we're not going to redo the KEA, we
-	 * have to save & restore them for Fortezza.
-	 * use kea because we haven't call InitCipher Specs yet...?
-	 */
-	if (ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
-	    PK11SymKey *      Ks;
-	    SECItem           item;
-
-	    PORT_Memcpy(pwSpec->client.write_iv,
-		sid->u.ssl3.keys.client_write_iv,
-		sizeof sid->u.ssl3.keys.client_write_iv);
-	    PORT_Memcpy(pwSpec->server.write_iv,
-		sid->u.ssl3.keys.server_write_iv,
-		sizeof sid->u.ssl3.keys.server_write_iv);
-
-	    /* Now, unwrap the client and server write keys with Ks */
-
-	    /* get the slot that the fortezza server private key is in. */
-	    slot = PK11_GetSlotFromPrivateKey(
-	                                ss->serverCerts[kt_fortezza].serverKey);
-	    if (slot == NULL) {
-		ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-		goto loser;
-	    }
-
-	    /* Look up the Token Fixed Key */
-	    Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL,
-	                           ss->pkcs11PinArg);
-	    PK11_FreeSlot(slot);
-	    if (Ks == NULL) {
-		ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-		goto loser;
-	    }
-
-	    /* unwrap client write key with the local Ks */
-	    item.data = sid->u.ssl3.keys.wrapped_client_write_key;
-	    item.len  = sizeof sid->u.ssl3.keys.wrapped_client_write_key;
-
-	    pwSpec->client.write_key =
-		    PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_WRAP, NULL, &item,
-				      CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-	    if (pwSpec->client.write_key == NULL) {
-		SEND_ALERT
-		ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
-		goto loser;
-	    }
-
-	    /* unwrap server write key with the local Ks */
-	    item.data = sid->u.ssl3.keys.wrapped_server_write_key;
-	    item.len  = sizeof sid->u.ssl3.keys.wrapped_server_write_key;
-
-	    pwSpec->server.write_key =
-		    PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_WRAP, NULL, &item,
-				      CKM_SKIPJACK_CBC64, CKA_ENCRYPT, 0);
-	    if (pwSpec->server.write_key == NULL) {
-		PK11_FreeSymKey(pwSpec->client.write_key);
-		pwSpec->client.write_key = NULL;
-		SEND_ALERT
-		ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
-		goto loser;
-	    }
-	    /* Set flag that says "generate 8 byte random prefix plaintext." */
-	    PK11_SetFortezzaHack(pwSpec->server.write_key);	/* can't fail */
-
-	}
-
-	if (haveSpecWriteLock) {
-	    ssl_ReleaseSpecWriteLock(ss);
-	    haveSpecWriteLock = PR_FALSE;
-	}
-
-	/* NULL value for PMS signifies re-use of the old MS */
-	rv = ssl3_InitPendingCipherSpec(ss,  NULL);
-	if (rv != SECSuccess) {
-	    errCode = PORT_GetError();
-	    goto loser;
-	}
-
-	rv = ssl3_SendChangeCipherSpecs(ss);
-	if (rv != SECSuccess) {
-	    errCode = PORT_GetError();
-	    goto loser;
-	}
-	rv = ssl3_SendFinished(ss, 0);
-	ssl3->hs.ws = wait_change_cipher;
-	if (rv != SECSuccess) {
-	    errCode = PORT_GetError();
-	    goto loser;
-	}
-
-	if (haveXmitBufLock) {
-	    ssl_ReleaseXmitBufLock(ss);
-	    haveXmitBufLock = PR_FALSE;
-	}
-
-        return SECSuccess;
-    } while (0);
-
-    if (haveSpecWriteLock) {
-	ssl_ReleaseSpecWriteLock(ss);
-	haveSpecWriteLock = PR_FALSE;
-    }
-
-    if (sid) { 	/* we had a sid, but it's no longer valid, free it */
-	++ssl3stats.hch_sid_cache_not_ok;
-	ss->sec.uncache(sid);
-	ssl_FreeSID(sid);
-	sid = NULL;
-    }
-    ++ssl3stats.hch_sid_cache_misses;
-
-    sid = ssl3_NewSessionID(ss, PR_TRUE);
-    if (sid == NULL) {
-	errCode = PORT_GetError();
-	goto loser;	/* memory error is set. */
-    }
-    ss->sec.ci.sid = sid;
-
-    ssl3->hs.isResuming = PR_FALSE;
-    ssl_GetXmitBufLock(ss);
-    rv = ssl3_SendServerHelloSequence(ss);
-    ssl_ReleaseXmitBufLock(ss);
-    if (rv != SECSuccess) {
-	errCode = PORT_GetError();
-	goto loser;
-    }
-
-    if (haveXmitBufLock) {
-	ssl_ReleaseXmitBufLock(ss);
-	haveXmitBufLock = PR_FALSE;
-    }
-
-    return SECSuccess;
-
-alert_loser:
-    if (haveSpecWriteLock) {
-	ssl_ReleaseSpecWriteLock(ss);
-	haveSpecWriteLock = PR_FALSE;
-    }
-    (void)SSL3_SendAlert(ss, alert_fatal, desc);
-    /* FALLTHRU */
-loser:
-    if (haveSpecWriteLock) {
-	ssl_ReleaseSpecWriteLock(ss);
-	haveSpecWriteLock = PR_FALSE;
-    }
-
-    if (sidBytes.data != NULL) SECITEM_FreeItem(&sidBytes, PR_FALSE);
-    if (suites.data   != NULL) SECITEM_FreeItem(&suites,   PR_FALSE);
-    if (comps.data    != NULL) SECITEM_FreeItem(&comps,    PR_FALSE);
-
-    if (haveXmitBufLock) {
-	ssl_ReleaseXmitBufLock(ss);
-	haveXmitBufLock = PR_FALSE;
-    }
-
-    PORT_SetError(errCode);
-    return SECFailure;
-}
-
-/*
- * ssl3_HandleV2ClientHello is used when a V2 formatted hello comes
- * in asking to use the V3 handshake.
- * Called from ssl2_HandleClientHelloMessage() in sslcon.c
- */
-SECStatus
-ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length)
-{
-    sslSessionID *      sid 		= NULL;
-    unsigned char *     suites;
-    unsigned char *     random;
-    SSL3ProtocolVersion version;
-    SECStatus           rv;
-    int                 i;
-    int                 j;
-    int                 sid_length;
-    int                 suite_length;
-    int                 rand_length;
-    int                 errCode  = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
-    SSL3AlertDescription desc    = handshake_failure;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle v2 client_hello", SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
-    ssl_GetSSL3HandshakeLock(ss);
-
-    rv = ssl3_InitState(ss);
-    if (rv != SECSuccess) {
-	ssl_ReleaseSSL3HandshakeLock(ss);
-	return rv;		/* ssl3_InitState has set the error code. */
-    }
-
-    if (ss->ssl3->hs.ws != wait_client_hello) {
-	desc    = unexpected_message;
-	errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
-	goto loser;	/* alert_loser */
-    }
-
-    version      = (buffer[1] << 8) | buffer[2];
-    suite_length = (buffer[3] << 8) | buffer[4];
-    sid_length   = (buffer[5] << 8) | buffer[6];
-    rand_length  = (buffer[7] << 8) | buffer[8];
-    ss->clientHelloVersion = version;
-
-    rv = ssl3_NegotiateVersion(ss, version);
-    if (rv != SECSuccess) {
-	/* send back which ever alert client will understand. */
-    	desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
-	errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
-	goto alert_loser;
-    }
-
-    /* if we get a non-zero SID, just ignore it. */
-    if (length !=
-        SSL_HL_CLIENT_HELLO_HBYTES + suite_length + sid_length + rand_length) {
-	SSL_DBG(("%d: SSL3[%d]: bad v2 client hello message, len=%d should=%d",
-		 SSL_GETPID(), ss->fd, length,
-		 SSL_HL_CLIENT_HELLO_HBYTES + suite_length + sid_length +
-		 rand_length));
-	goto loser;	/* malformed */	/* alert_loser */
-    }
-
-    suites = buffer + SSL_HL_CLIENT_HELLO_HBYTES;
-    random = suites + suite_length + sid_length;
-
-    if (rand_length < SSL_MIN_CHALLENGE_BYTES ||
-	rand_length > SSL_MAX_CHALLENGE_BYTES) {
-	goto loser;	/* malformed */	/* alert_loser */
-    }
-
-    PORT_Assert(SSL_MAX_CHALLENGE_BYTES == SSL3_RANDOM_LENGTH);
-
-    PORT_Memset(&ss->ssl3->hs.client_random, 0, SSL3_RANDOM_LENGTH);
-    PORT_Memcpy(
-	&ss->ssl3->hs.client_random.rand[SSL3_RANDOM_LENGTH - rand_length],
-	random, rand_length);
-
-    PRINT_BUF(60, (ss, "client random:", &ss->ssl3->hs.client_random.rand[0],
-		   SSL3_RANDOM_LENGTH));
-
-    i = ssl3_config_match_init(ss);
-    if (i <= 0) {
-    	errCode = PORT_GetError();	/* error code is already set. */
-	goto alert_loser;
-    }
-
-    /* Select a cipher suite.
-    ** NOTE: This suite selection algorithm should be the same as the one in
-    ** ssl3_HandleClientHello().  
-    */
-    for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
-	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
-	if (!config_match(suite, ss->ssl3->policy, PR_TRUE))
-	    continue;
-	for (i = 0; i < suite_length; i += 3) {
-	    if ((suites[i]   == 0) &&
-		(suites[i+1] == MSB(suite->cipher_suite)) &&
-		(suites[i+2] == LSB(suite->cipher_suite))) {
-
-		ss->ssl3->hs.cipher_suite = suite->cipher_suite;
-		ss->ssl3->hs.suite_def =
-		    ssl_LookupCipherSuiteDef(ss->ssl3->hs.cipher_suite);
-		goto suite_found;
-	    }
-	}
-    }
-    errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
-    goto alert_loser;
-
-suite_found:
-
-    ss->ssl3->hs.compression = compression_null;
-    ss->sec.send            = ssl3_SendApplicationData;
-
-    /* we don't even search for a cache hit here.  It's just a miss. */
-    ++ssl3stats.hch_sid_cache_misses;
-    sid = ssl3_NewSessionID(ss, PR_TRUE);
-    if (sid == NULL) {
-    	errCode = PORT_GetError();
-	goto loser;	/* memory error is set. */
-    }
-    ss->sec.ci.sid = sid;
-    /* do not worry about memory leak of sid since it now belongs to ci */
-
-    /* We have to update the handshake hashes before we can send stuff */
-    rv = ssl3_UpdateHandshakeHashes(ss, buffer, length);
-    if (rv != SECSuccess) {
-    	errCode = PORT_GetError();
-	goto loser;
-    }
-
-    ssl_GetXmitBufLock(ss);
-    rv = ssl3_SendServerHelloSequence(ss);
-    ssl_ReleaseXmitBufLock(ss);
-    if (rv != SECSuccess) {
-    	errCode = PORT_GetError();
-	goto loser;
-    }
-
-    /* XXX_1 	The call stack to here is:
-     * ssl_Do1stHandshake -> ssl2_HandleClientHelloMessage -> here.
-     * ssl2_HandleClientHelloMessage returns whatever we return here.
-     * ssl_Do1stHandshake will continue looping if it gets back either
-     *		SECSuccess or SECWouldBlock.
-     * SECSuccess is preferable here.  See XXX_1 in sslgathr.c.
-     */
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    return SECSuccess;
-
-alert_loser:
-    SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    PORT_SetError(errCode);
-    return SECFailure;
-}
-
-/* The negotiated version number has been already placed in ss->version.
-**
-** Called from:  ssl3_HandleClientHello                     (resuming session),
-** 	ssl3_SendServerHelloSequence <- ssl3_HandleClientHello   (new session),
-** 	ssl3_SendServerHelloSequence <- ssl3_HandleV2ClientHello (new session)
-*/
-static SECStatus
-ssl3_SendServerHello(sslSocket *ss)
-{
-    sslSessionID *sid;
-    SECStatus     rv;
-    PRUint32      length;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send server_hello handshake", SSL_GETPID(),
-		ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-    PORT_Assert( MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0));
-
-    if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
-	PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-	return SECFailure;
-    }
-
-    sid = ss->sec.ci.sid;
-    length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH + 1 +
-             ((sid == NULL) ? 0: SSL3_SESSIONID_BYTES) +
-	     sizeof(ssl3CipherSuite) + 1;
-    rv = ssl3_AppendHandshakeHeader(ss, server_hello, length);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake. */
-    }
-
-    rv = ssl3_AppendHandshakeNumber(ss, ss->version, 2);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake. */
-    }
-    rv = ssl3_GetNewRandom(&ss->ssl3->hs.server_random);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
-	return rv;
-    }
-    rv = ssl3_AppendHandshake(
-	ss, &ss->ssl3->hs.server_random, SSL3_RANDOM_LENGTH);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake. */
-    }
-
-    if (sid)
-	rv = ssl3_AppendHandshakeVariable(
-	    ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
-    else
-	rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake. */
-    }
-
-    rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3->hs.cipher_suite, 2);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake. */
-    }
-    rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3->hs.compression, 1);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by AppendHandshake. */
-    }
-    rv = ssl3_SetupPendingCipherSpec(ss, ss->ssl3);
-    if (rv != SECSuccess) {
-	return rv;	/* err set by ssl3_SetupPendingCipherSpec */
-    }
-
-    return SECSuccess;
-}
-
-
-static SECStatus
-ssl3_SendServerKeyExchange(sslSocket *ss)
-{
-const ssl3KEADef *     kea_def     = ss->ssl3->hs.kea_def;
-    SECStatus          rv          = SECFailure;
-    int                length;
-    PRBool             isTLS;
-    SECItem            signed_hash = {siBuffer, NULL, 0};
-    SSL3Hashes         hashes;
-    SECKEYPublicKey *  sdPub;	/* public key for step-down */
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send server_key_exchange handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    switch (kea_def->exchKeyType) {
-    case kt_rsa:
-	/* Perform SSL Step-Down here. */
-	sdPub = ss->stepDownKeyPair->pubKey;
-	PORT_Assert(sdPub != NULL);
-	if (!sdPub) {
-	    PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    return SECFailure;
-	}
-    	rv = ssl3_ComputeExportRSAKeyHash(sdPub->u.rsa.modulus,
-					  sdPub->u.rsa.publicExponent,
-	                                  &ss->ssl3->hs.client_random,
-	                                  &ss->ssl3->hs.server_random,
-	                                  &hashes);
-        if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    return rv;
-	}
-
-	isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-	rv = ssl3_SignHashes(&hashes, ss->serverCerts[kt_rsa].serverKey, 
-	                     &signed_hash, isTLS);
-        if (rv != SECSuccess) {
-	    goto loser;		/* ssl3_SignHashes has set err. */
-	}
-	if (signed_hash.data == NULL) {
-	    /* how can this happen and rv == SECSuccess ?? */
-	    PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
-	    goto loser;
-	}
-	length = 2 + sdPub->u.rsa.modulus.len +
-	         2 + sdPub->u.rsa.publicExponent.len +
-	         2 + signed_hash.len;
-
-	rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
-	if (rv != SECSuccess) {
-	    goto loser; 	/* err set by AppendHandshake. */
-	}
-
-	rv = ssl3_AppendHandshakeVariable(ss, sdPub->u.rsa.modulus.data,
-					  sdPub->u.rsa.modulus.len, 2);
-	if (rv != SECSuccess) {
-	    goto loser; 	/* err set by AppendHandshake. */
-	}
-
-	rv = ssl3_AppendHandshakeVariable(
-				ss, sdPub->u.rsa.publicExponent.data,
-				sdPub->u.rsa.publicExponent.len, 2);
-	if (rv != SECSuccess) {
-	    goto loser; 	/* err set by AppendHandshake. */
-	}
-
-	rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
-	                                  signed_hash.len, 2);
-	if (rv != SECSuccess) {
-	    goto loser; 	/* err set by AppendHandshake. */
-	}
-	PORT_Free(signed_hash.data);
-	return SECSuccess;
-
-    case kt_fortezza:
-
-	/* Set server's "random" public key R_s to the email value == 1 */
-	PORT_Memset(ss->ssl3->fortezza.R_s, 0, sizeof(ss->ssl3->fortezza.R_s));
-	ss->ssl3->fortezza.R_s[127] = 1;
-
-	/* don't waste time signing the random number */
-	length = sizeof (ss->ssl3->fortezza.R_s) /*+ 2 + signed_hash.len*/;
-
-	rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
-	if (rv != SECSuccess) {
-	    goto loser; 	/* err set by AppendHandshake. */
-	}
-
-	rv = ssl3_AppendHandshake( ss, &ss->ssl3->fortezza.R_s,
-					sizeof(ss->ssl3->fortezza.R_s));
-	if (rv != SECSuccess) {
-	    goto loser; 	/* err set by AppendHandshake. */
-	}
-	return SECSuccess;
-
-    case kt_dh:
-    case kt_null:
-    default:
-	PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-	break;
-    }
-loser:
-    if (signed_hash.data != NULL) 
-    	PORT_Free(signed_hash.data);
-    return SECFailure;
-}
-
-
-static SECStatus
-ssl3_SendCertificateRequest(sslSocket *ss)
-{
-    SECItem *      name;
-    CERTDistNames *ca_list;
-const uint8 *      certTypes;
-    SECItem *      names	= NULL;
-    SECStatus      rv;
-    int            length;
-    int            i;
-    int            calen	= 0;
-    int            nnames	= 0;
-    int            certTypesLength;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send certificate_request handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    /* ssl3->ca_list is initialized to NULL, and never changed. */
-    ca_list = ss->ssl3->ca_list;
-    if (!ca_list) {
-	ca_list = ssl3_server_ca_list;
-    }
-
-    if (ca_list != NULL) {
-	names = ca_list->names;
-	nnames = ca_list->nnames;
-    }
-
-    if (!nnames) {
-	PORT_SetError(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA);
-	return SECFailure;
-    }
-
-    for (i = 0, name = names; i < nnames; i++, name++) {
-	calen += 2 + name->len;
-    }
-
-    if (ss->ssl3->hs.kea_def->exchKeyType == kt_fortezza) {
-	certTypes       = fortezza_certificate_types;
-	certTypesLength = sizeof fortezza_certificate_types;
-    } else {
-	certTypes       = certificate_types;
-	certTypesLength = sizeof certificate_types;
-    }
-
-    length = 1 + certTypesLength + 2 + calen;
-
-    rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length);
-    if (rv != SECSuccess) {
-	return rv; 		/* err set by AppendHandshake. */
-    }
-    rv = ssl3_AppendHandshakeVariable(ss, certTypes, certTypesLength, 1);
-    if (rv != SECSuccess) {
-	return rv; 		/* err set by AppendHandshake. */
-    }
-    rv = ssl3_AppendHandshakeNumber(ss, calen, 2);
-    if (rv != SECSuccess) {
-	return rv; 		/* err set by AppendHandshake. */
-    }
-    for (i = 0, name = names; i < nnames; i++, name++) {
-	rv = ssl3_AppendHandshakeVariable(ss, name->data, name->len, 2);
-	if (rv != SECSuccess) {
-	    return rv; 		/* err set by AppendHandshake. */
-	}
-    }
-
-    return SECSuccess;
-}
-
-static SECStatus
-ssl3_SendServerHelloDone(sslSocket *ss)
-{
-    SECStatus rv;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send server_hello_done handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    rv = ssl3_AppendHandshakeHeader(ss, server_hello_done, 0);
-    if (rv != SECSuccess) {
-	return rv; 		/* err set by AppendHandshake. */
-    }
-    rv = ssl3_FlushHandshake(ss, 0);
-    if (rv != SECSuccess) {
-	return rv;	/* error code set by ssl3_FlushHandshake */
-    }
-    return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate Verify message
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
-			     SSL3Hashes *hashes)
-{
-    SECItem              signed_hash = {siBuffer, NULL, 0};
-    SECStatus            rv;
-    int                  errCode     = SSL_ERROR_RX_MALFORMED_CERT_VERIFY;
-    SSL3AlertDescription desc        = handshake_failure;
-    PRBool               isTLS;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_verify handshake",
-		SSL_GETPID(), ss->fd));
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (ss->ssl3->hs.ws != wait_cert_verify || ss->sec.peerCert == NULL) {
-	desc    = unexpected_message;
-	errCode = SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY;
-	goto alert_loser;
-    }
-
-    rv = ssl3_ConsumeHandshakeVariable(ss, &signed_hash, 2, &b, &length);
-    if (rv != SECSuccess) {
-	goto loser;		/* malformed. */
-    }
-
-    isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    /* XXX verify that the key & kea match */
-    rv = ssl3_VerifySignedHashes(hashes, ss->sec.peerCert, &signed_hash,
-				 isTLS, ss->pkcs11PinArg);
-    if (rv != SECSuccess) {
-    	errCode = PORT_GetError();
-	desc = isTLS ? decrypt_error : handshake_failure;
-	goto alert_loser;
-    }
-
-    PORT_Free(signed_hash.data);
-    signed_hash.data = NULL;
-
-    if (length != 0) {
-	desc    = isTLS ? decode_error : illegal_parameter;
-	goto alert_loser;	/* malformed */
-    }
-    ss->ssl3->hs.ws = wait_change_cipher;
-    return SECSuccess;
-
-alert_loser:
-    SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
-    if (signed_hash.data != NULL) SECITEM_FreeItem(&signed_hash, PR_FALSE);
-    PORT_SetError(errCode);
-    return SECFailure;
-}
-
-/*
-** Called from ssl3_HandleClientKeyExchange()
-*/
-static SECStatus
-ssl3_HandleFortezzaClientKeyExchange(sslSocket *ss, SSL3Opaque *b,
-				     PRUint32 length,
-                                     SECKEYPrivateKey *serverKey)
-{
-    SECKEYPublicKey * pubKey            = NULL;
-    PK11SymKey *      tek               = NULL;
-    PK11SymKey *      pms;
-    PK11SymKey *      Ks		= NULL;
-    sslSessionID *    sid 		= ss->sec.ci.sid;
-    ssl3CipherSpec *  pwSpec 		= ss->ssl3->pwSpec;
-    void *            pwArg             = ss->pkcs11PinArg;
-    SECStatus         rv;
-    SECItem           raItem;
-    SECItem           rbItem;
-    SECItem           param;
-    SECItem           item;
-    SECItem           enc_pms;
-    SSL3FortezzaKeys  fortezza_CKE;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    fortezza_CKE.y_c.data = NULL;
-    rv = ssl3_ConsumeHandshakeVariable(ss, &fortezza_CKE.y_c, 1, &b, &length);
-    if (rv != SECSuccess) {
-	PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH);
-	goto fortezza_loser;
-    }
-    rv = ssl3_ConsumeHandshake(ss, &fortezza_CKE.r_c,
-	                       sizeof fortezza_CKE - sizeof fortezza_CKE.y_c,
-	                       &b, &length);
-    if (rv != SECSuccess) {
-	PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH);
-	goto fortezza_loser;
-    }
-
-    /* Build a Token Encryption key (tek). TEK's can never be unloaded
-     * from the card, but given these parameters, and *OUR* fortezza
-     * card, we can always regenerate the same one on the fly.
-     */
-    if (ss->sec.peerCert != NULL) {
-	/* client-auth case */
-
-	pubKey = CERT_ExtractPublicKey(ss->sec.peerCert);
-	if (pubKey == NULL) {
-	    SEND_ALERT
-	    PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
-	    rv = SECFailure;
-	    goto fortezza_loser;
-	}
-
-	if (pubKey->keyType != fortezzaKey) {
-	    /* handle V3 client-auth case */
-	    SECItem       sigItem;
-	    SECItem       hashItem;
-	    unsigned char hash[SHA1_LENGTH];
-
-	    rv = ssl3_ComputeFortezzaPublicKeyHash(fortezza_CKE.y_c, hash);
-	    if (rv != SECSuccess) {
-		SEND_ALERT
-		ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-		goto fortezza_loser;
-	    }
-	    sigItem.data  = fortezza_CKE.y_signature;
-	    sigItem.len   = sizeof fortezza_CKE.y_signature;
-
-	    hashItem.data = hash;
-	    hashItem.len  = sizeof hash;
-
-	    rv = PK11_Verify(pubKey, &sigItem, &hashItem, pwArg);
-	    if (rv != SECSuccess) {
-		SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
-		ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-		goto fortezza_loser;
-	    }
-	    SECKEY_DestroyPublicKey(pubKey); pubKey = NULL;
-	}
-    }
-    rv = SECFailure;
-
-    /* Make the public key if necessary */
-    if (fortezza_CKE.y_c.len != 0) {
-	if (pubKey != NULL) {
-	    /* The client is not allowed to send the public key
-	     * if it can be extracted from the certificate. */
-	    SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
-	    PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto fortezza_loser;
-	}
-	pubKey = PK11_MakeKEAPubKey(fortezza_CKE.y_c.data,
-				    fortezza_CKE.y_c.len);
-    }
-    if (pubKey == NULL) {
-	/* no public Key in either the cert or the protocol message*/
-	SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
-	PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto fortezza_loser;
-    }
-
-    /* Now we derive the TEK.  r_c is the client's "random" public key. */
-    raItem.data = fortezza_CKE.r_c;
-    raItem.len  = sizeof(fortezza_CKE.r_c);
-
-    /* R_s == server's "random" public key, sent in the Server Key Exchange */
-    rbItem.data = ss->ssl3->fortezza.R_s;
-    rbItem.len  = sizeof ss->ssl3->fortezza.R_s;
-
-    tek = PK11_PubDerive(serverKey, pubKey, PR_FALSE, /* don't gen r_c */
-                         &raItem, &rbItem, CKM_KEA_KEY_DERIVE,
-			 CKM_SKIPJACK_WRAP, CKA_WRAP, 0, pwArg);
-    SECKEY_DestroyPublicKey(pubKey); pubKey = NULL;
-    if (tek == NULL) {
-	SEND_ALERT
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	goto fortezza_loser;
-    }
-
-    ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(tek);
-
-    if (pwSpec->cipher_def->calg == calg_fortezza) {
-	item.data = fortezza_CKE.wrapped_client_write_key;
-	item.len  = sizeof fortezza_CKE.wrapped_client_write_key;
-
-	pwSpec->client.write_key =
-		PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL, &item,
-		                  CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-	if (pwSpec->client.write_key == NULL) {
-	    SEND_ALERT
-	    ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
-	    goto fortezza_loser;
-	}
-
-	item.data = fortezza_CKE.wrapped_server_write_key;
-	item.len  = sizeof fortezza_CKE.wrapped_server_write_key;
-
-	pwSpec->server.write_key =
-		PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL, &item,
-		                  CKM_SKIPJACK_CBC64, CKA_ENCRYPT, 0);
-	if (pwSpec->server.write_key == NULL) {
-	    PK11_FreeSymKey(pwSpec->client.write_key);
-	    pwSpec->client.write_key = NULL;
-	    SEND_ALERT
-	    ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
-	    goto fortezza_loser;
-	}
-	/* Set a flag that says "generate 8 byte random prefix plaintext." */
-	PK11_SetFortezzaHack(pwSpec->server.write_key);	/* can't fail */
-
-	PORT_Memcpy(pwSpec->client.write_iv, fortezza_CKE.client_write_iv,
-		    sizeof fortezza_CKE.client_write_iv);
-	PORT_Memcpy(pwSpec->server.write_iv, fortezza_CKE.server_write_iv,
-		    sizeof fortezza_CKE.server_write_iv);
-
-    }
-
-    /* decrypt the pms with the TEK */
-    enc_pms.data = fortezza_CKE.encrypted_preMasterSecret;
-    enc_pms.len  = sizeof fortezza_CKE.encrypted_preMasterSecret;
-
-    param.data = fortezza_CKE.master_secret_iv;
-    param.len  = sizeof fortezza_CKE.master_secret_iv;
-
-    pms = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &param, &enc_pms,
-			    CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
-    if (pms == NULL) {
-	SEND_ALERT
-	ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
-	goto fortezza_loser;
-    }
-
-    rv = ssl3_InitPendingCipherSpec(ss,  pms);
-    PK11_FreeSymKey(pms);
-    if (rv != SECSuccess) {
-	SEND_ALERT
-	goto fortezza_loser; 	/* err code is set. */
-    }
-
-    if (pwSpec->cipher_def->calg == calg_fortezza) {
-	PK11SlotInfo *    slot;
-
-	sid->u.ssl3.clientWriteKey =
-			    PK11_ReferenceSymKey(pwSpec->client.write_key);
-	sid->u.ssl3.serverWriteKey =
-			    PK11_ReferenceSymKey(pwSpec->server.write_key);
-
-	PORT_Memcpy(sid->u.ssl3.keys.client_write_iv, pwSpec->client.write_iv,
-		    sizeof sid->u.ssl3.keys.client_write_iv);
-	PORT_Memcpy(sid->u.ssl3.keys.server_write_iv, pwSpec->server.write_iv,
-		    sizeof sid->u.ssl3.keys.server_write_iv);
-
-	/* Now, wrap the client and server write keys in Ks for storage
-	 * in the on-disk sid.
-	 */
-
-	slot = PK11_GetSlotFromKey(tek); 	/* get ref to the slot */
-	if (slot == NULL) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto fortezza_loser;
-	}
-
-	/* Look up the Token Fixed Key */
-	Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, ss->pkcs11PinArg);
-	PK11_FreeSlot(slot);
-	if (Ks == NULL) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto fortezza_loser;
-	}
-
-	/* rewrap server write key with the local Ks */
-	item.data = sid->u.ssl3.keys.wrapped_server_write_key;
-	item.len  = sizeof sid->u.ssl3.keys.wrapped_server_write_key;
-	rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks,
-	                     pwSpec->server.write_key, &item);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto fortezza_loser;
-	}
-
-	/* rewrap client write key with the local Ks */
-	item.data = sid->u.ssl3.keys.wrapped_client_write_key;
-	item.len  = sizeof sid->u.ssl3.keys.wrapped_client_write_key;
-	rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks,
-	                     pwSpec->client.write_key, &item);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    goto fortezza_loser;
-	}
-
-	/* wrap the master secret later, when we handle the client's
-	 * finished message.
-	 */
-    }
-
-    sid->u.ssl3.hasFortezza = PR_TRUE;
-    sid->u.ssl3.tek = tek; tek = NULL;
-
-    rv = SECSuccess;
-
-fortezza_loser:
-    if (Ks)  PK11_FreeSymKey(Ks);
-    if (tek) PK11_FreeSymKey(tek);
-    if (pubKey) SECKEY_DestroyPublicKey(pubKey);
-    if (fortezza_CKE.y_c.data != NULL)
-    	SECITEM_FreeItem(&fortezza_CKE.y_c, PR_FALSE);
-    return rv;
-}
-
-/* find a slot that is able to generate a PMS and wrap it with RSA.
- * Then generate and return the PMS.
- * If the serverKeySlot parameter is non-null, this function will use
- * that slot to do the job, otherwise it will find a slot.
- *
- * Called from  ssl3_GenerateSessionKeys()         (above)
- *		sendRSAClientKeyExchange()         (above)
- *		ssl3_HandleRSAClientKeyExchange()  (below)
- * Caller must hold the SpecWriteLock, the SSL3HandshakeLock
- */
-static PK11SymKey *
-ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
-                    PK11SlotInfo * serverKeySlot)
-{
-    PK11SymKey *      pms		= NULL;
-    PK11SlotInfo *    slot		= serverKeySlot;
-    void *	      pwArg 		= ss->pkcs11PinArg;
-    SECItem           param;
-    CK_VERSION 	      version;
-    CK_MECHANISM_TYPE mechanism_array[3];
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (slot == NULL) {
-	SSLCipherAlgorithm calg;
-	/* The specReadLock would suffice here, but we cannot assert on
-	** read locks.  Also, all the callers who call with a non-null
-	** slot already hold the SpecWriteLock.
-	*/
-	PORT_Assert( ssl_HaveSpecWriteLock(ss));
-	PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-
-        calg = spec->cipher_def->calg;
-	PORT_Assert(alg2Mech[calg].calg == calg);
-
-	/* First get an appropriate slot.  */
-	mechanism_array[0] = CKM_SSL3_PRE_MASTER_KEY_GEN;
-	mechanism_array[1] = CKM_RSA_PKCS;
-	mechanism_array[2] = alg2Mech[calg].cmech;
-
-	slot = PK11_GetBestSlotMultiple(mechanism_array, 3, pwArg);
-	if (slot == NULL) {
-	   /* can't find a slot with all three, find a slot with the minimum */
-	    slot = PK11_GetBestSlotMultiple(mechanism_array, 2, pwArg);
-	    if (slot == NULL) {
-		PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
-		return pms;	/* which is NULL */
-	    }
-	}
-    }
-
-    /* Generate the pre-master secret ...  */
-    version.major = MSB(ss->clientHelloVersion);
-    version.minor = LSB(ss->clientHelloVersion);
-
-    param.data = (unsigned char *)&version;
-    param.len  = sizeof version;
-
-    pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN, &param, 0, pwArg);
-    if (!serverKeySlot)
-	PK11_FreeSlot(slot);
-    if (pms == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-    }
-    return pms;
-}
-
-/* Note: The Bleichenbacher attack on PKCS#1 necessitates that we NEVER
- * return any indication of failure of the Client Key Exchange message,
- * where that failure is caused by the content of the client's message.
- * This function must not return SECFailure for any reason that is directly
- * or indirectly caused by the content of the client's encrypted PMS.
- * We must not send an alert and also not drop the connection.
- * Instead, we generate a random PMS.  This will cause a failure
- * in the processing the finished message, which is exactly where
- * the failure must occur.
- *
- * Called from ssl3_HandleClientKeyExchange
- */
-static SECStatus
-ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
-                                SSL3Opaque *b,
-				PRUint32 length,
-				SECKEYPrivateKey *serverKey)
-{
-    PK11SymKey *      pms;
-    SECStatus         rv;
-    SECItem           enc_pms;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    enc_pms.data = b;
-    enc_pms.len  = length;
-
-    if (ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
-	PRInt32 kLen;
-	kLen = ssl3_ConsumeHandshakeNumber(ss, 2, &enc_pms.data, &enc_pms.len);
-	if (kLen < 0) {
-	    PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	    return SECFailure;
-	}
-	if ((unsigned)kLen < enc_pms.len) {
-	    enc_pms.len = kLen;
-	}
-    }
-    /*
-     * decrypt pms out of the incoming buffer
-     * Note: CKM_SSL3_PRE_MASTER_KEY_GEN is NOT the mechanism used to do 
-     *	the unwrap.  Rather, it is the mechanism with which the unwrapped
-     *	pms will be used.
-     */
-    pms = PK11_PubUnwrapSymKey(serverKey, &enc_pms,
-			       CKM_SSL3_PRE_MASTER_KEY_GEN, CKA_DERIVE, 0);
-    if (pms != NULL) {
-	PRINT_BUF(60, (ss, "decrypted premaster secret:",
-		       PK11_GetKeyData(pms)->data,
-		       PK11_GetKeyData(pms)->len));
-    } else {
-	/* unwrap failed.  Generate a bogus pre-master secret and carry on. */
-	PK11SlotInfo *  slot   = PK11_GetSlotFromPrivateKey(serverKey);
-
-	ssl_GetSpecWriteLock(ss);
-	pms = ssl3_GenerateRSAPMS(ss, ss->ssl3->prSpec, slot);
-	ssl_ReleaseSpecWriteLock(ss);
-
-	PK11_FreeSlot(slot);
-    }
-
-    if (pms == NULL) {
-	/* last gasp.  */
-	ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
-	return SECFailure;
-    }
-
-    rv = ssl3_InitPendingCipherSpec(ss,  pms);
-    PK11_FreeSymKey(pms);
-    if (rv != SECSuccess) {
-	SEND_ALERT
-	return SECFailure;	/* error code set by ssl3_InitPendingCipherSpec */
-    }
-    return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ClientKeyExchange message from the remote client
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    SECKEYPrivateKey *serverKey         = NULL;
-    SECStatus         rv;
-const ssl3KEADef *    kea_def;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle client_key_exchange handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (ss->ssl3->hs.ws != wait_client_key) {
-	SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-    	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
-	return SECFailure;
-    }
-
-    kea_def   = ss->ssl3->hs.kea_def;
-
-    serverKey =  (ss->ssl3->hs.usedStepDownKey
-#ifdef DEBUG
-		 && kea_def->is_limited /* XXX OR cert is signing only */
-		 && kea_def->exchKeyType == kt_rsa 
-		 && ss->stepDownKeyPair != NULL
-#endif
-		 ) ? ss->stepDownKeyPair->privKey
-		   : ss->serverCerts[kea_def->exchKeyType].serverKey;
-
-    if (ss->ssl3->hs.usedStepDownKey
-#ifdef DEBUG
-	 && kea_def->is_limited /* XXX OR cert is signing only */
-	 && kea_def->exchKeyType == kt_rsa 
-	 && ss->stepDownKeyPair != NULL
-#endif
-	 ) { 
-    	serverKey = ss->stepDownKeyPair->privKey;
-	ss->sec.keaKeyBits = EXPORT_RSA_KEY_LENGTH * BPB;
-    } else {
-	sslServerCerts * sc = ss->serverCerts + kea_def->exchKeyType;
-	serverKey           = sc->serverKey;
-	ss->sec.keaKeyBits = sc->serverKeyBits;
-    }
-
-    if (serverKey == NULL) {
-    	SEND_ALERT
-	PORT_SetError(SSL_ERROR_NO_SERVER_KEY_FOR_ALG);
-	return SECFailure;
-    }
-
-    ss->sec.keaType    = kea_def->exchKeyType;
-
-    switch (kea_def->exchKeyType) {
-    case kt_rsa:
-	rv = ssl3_HandleRSAClientKeyExchange(ss, b, length, serverKey);
-	if (rv != SECSuccess) {
-	    SEND_ALERT
-	    return SECFailure;	/* error code set by ssl3_InitPendingCipherSpec */
-	}
-	break;
-
-    case kt_fortezza:
-	rv = ssl3_HandleFortezzaClientKeyExchange(ss, b, length, serverKey);
-	if (rv != SECSuccess) {
-	    return SECFailure;	/* error code set */
-	}
-	break;
-
-    default:
-	(void) ssl3_HandshakeFailure(ss);
-	PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-	return SECFailure;
-    }
-    ss->ssl3->hs.ws = ss->sec.peerCert ? wait_cert_verify : wait_change_cipher;
-    return SECSuccess;
-
-}
-
-/* This is TLS's equivalent of sending a no_certificate alert. */
-static SECStatus
-ssl3_SendEmptyCertificate(sslSocket *ss)
-{
-    SECStatus            rv;
-
-    rv = ssl3_AppendHandshakeHeader(ss, certificate, 3);
-    if (rv == SECSuccess) {
-	rv = ssl3_AppendHandshakeNumber(ss, 0, 3);
-    }
-    return rv;	/* error, if any, set by functions called above. */
-}
-
-/*
- * Used by both client and server.
- * Called from HandleServerHelloDone and from SendServerHelloSequence.
- */
-static SECStatus
-ssl3_SendCertificate(sslSocket *ss)
-{
-    SECStatus            rv;
-    CERTCertificateList *certChain;
-    int                  len 		= 0;
-    int                  i;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send certificate handshake",
-		SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    if (ss->sec.localCert)
-    	CERT_DestroyCertificate(ss->sec.localCert);
-    if (ss->sec.isServer) {
-	sslServerCerts * sc = 
-			ss->serverCerts + ss->ssl3->hs.kea_def->exchKeyType;
-	certChain              = sc->serverCertChain;
-	ss->sec.authKeyBits   = sc->serverKeyBits;
-	ss->sec.authAlgorithm = ss->ssl3->hs.kea_def->signKeyType;
-	ss->sec.localCert     = CERT_DupCertificate(sc->serverCert);
-    } else {
-	certChain          = ss->ssl3->clientCertChain;
-	ss->sec.localCert = CERT_DupCertificate(ss->ssl3->clientCertificate);
-    }
-
-    if (certChain) {
-	for (i = 0; i < certChain->len; i++) {
-	    len += certChain->certs[i].len + 3;
-	}
-    }
-
-    rv = ssl3_AppendHandshakeHeader(ss, certificate, len + 3);
-    if (rv != SECSuccess) {
-	return rv; 		/* err set by AppendHandshake. */
-    }
-    rv = ssl3_AppendHandshakeNumber(ss, len, 3);
-    if (rv != SECSuccess) {
-	return rv; 		/* err set by AppendHandshake. */
-    }
-    for (i = 0; i < certChain->len; i++) {
-	rv = ssl3_AppendHandshakeVariable(ss, certChain->certs[i].data,
-					  certChain->certs[i].len, 3);
-	if (rv != SECSuccess) {
-	    return rv; 		/* err set by AppendHandshake. */
-	}
-    }
-
-    return SECSuccess;
-}
-
-/* This is used to delete the CA certificates in the peer certificate chain
- * from the cert database after they've been validated.
- */
-static void
-ssl3_CleanupPeerCerts(ssl3State *ssl3)
-{
-    PRArenaPool * arena = ssl3->peerCertArena;
-    ssl3CertNode *certs = (ssl3CertNode *)ssl3->peerCertChain;
-
-    for (; certs; certs = certs->next) {
-	CERT_DestroyCertificate(certs->cert);
-    }
-    if (arena) PORT_FreeArena(arena, PR_FALSE);
-    ssl3->peerCertArena = NULL;
-    ssl3->peerCertChain = NULL;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    ssl3CertNode *   c;
-    ssl3CertNode *   certs 	= NULL;
-    PRArenaPool *    arena 	= NULL;
-    ssl3State *      ssl3  	= ss->ssl3;
-    CERTCertificate *cert;
-    PRInt32          remaining  = 0;
-    PRInt32          size;
-    SECStatus        rv;
-    PRBool           isServer	= (PRBool)(!!ss->sec.isServer);
-    PRBool           trusted 	= PR_FALSE;
-    PRBool           isTLS;
-    SSL3AlertDescription desc	= bad_certificate;
-    int              errCode    = SSL_ERROR_RX_MALFORMED_CERTIFICATE;
-    SECItem          certItem;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle certificate handshake",
-		SSL_GETPID(), ss->fd));
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if ((ssl3->hs.ws != wait_server_cert) &&
-	(ssl3->hs.ws != wait_client_cert)) {
-	desc    = unexpected_message;
-	errCode = SSL_ERROR_RX_UNEXPECTED_CERTIFICATE;
-	goto alert_loser;
-    }
-
-    if (ss->sec.peerCert != NULL) {
-	if (ss->sec.peerKey) {
-	    SECKEY_DestroyPublicKey(ss->sec.peerKey);
-	    ss->sec.peerKey = NULL;
-	}
-	CERT_DestroyCertificate(ss->sec.peerCert);
-	ss->sec.peerCert = NULL;
-    }
-
-    ssl3_CleanupPeerCerts(ssl3);
-    isTLS = (PRBool)(ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    /* It is reported that some TLS client sends a Certificate message
-    ** with a zero-length message body.  We'll treat that case like a
-    ** normal no_certificates message to maximize interoperability.
-    */
-    if (length) {
-	remaining = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
-	if (remaining < 0)
-	    goto loser;	/* fatal alert already sent by ConsumeHandshake. */
-    }
-
-    if (!remaining) {
-	if (!(isTLS && isServer))
-	    goto alert_loser;
-    	/* This is TLS's version of a no_certificate alert. */
-    	/* I'm a server. I've requested a client cert. He hasn't got one. */
-	rv = ssl3_HandleNoCertificate(ss);
-	if (rv != SECSuccess) {
-	    errCode = PORT_GetError();
-	    goto loser;
-	}
-	goto cert_block;
-    }
-
-    ssl3->peerCertArena = arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if ( arena == NULL ) {
-	goto loser;	/* don't send alerts on memory errors */
-    }
-
-    /* First get the peer cert. */
-    remaining -= 3;
-    if (remaining < 0)
-	goto decode_loser;
-
-    size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
-    if (size < 0)
-	goto loser;	/* fatal alert already sent by ConsumeHandshake. */
-
-    remaining -= size;
-    if (remaining < 0)
-	goto decode_loser;
-
-    certItem.data = (unsigned char*)PORT_ArenaAlloc(arena, size);
-    if (certItem.data == NULL) {
-	goto loser;	/* don't send alerts on memory errors */
-    }
-
-    certItem.len = size;
-    rv = ssl3_ConsumeHandshake(ss, certItem.data, certItem.len, &b, &length);
-    if (rv != SECSuccess)
-	goto loser;	/* fatal alert already sent by ConsumeHandshake. */
-
-    ss->sec.peerCert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
-                                            PR_FALSE, PR_TRUE);
-    if (ss->sec.peerCert == NULL) {
-	/* We should report an alert if the cert was bad, but not if the
-	 * problem was just some local problem, like memory error.
-	 */
-	goto ambiguous_err;
-    }
-
-    /* Now get all of the CA certs. */
-    while (remaining != 0) {
-	remaining -= 3;
-	if (remaining < 0)
-	    goto decode_loser;
-
-	size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
-	if (size < 0)
-	    goto loser;	/* fatal alert already sent by ConsumeHandshake. */
-
-	remaining -= size;
-	if (remaining < 0)
-	    goto decode_loser;
-
-	certItem.data = (unsigned char*)PORT_ArenaAlloc(arena, size);
-	if (certItem.data == NULL) {
-	    goto loser;	/* don't send alerts on memory errors */
-	}
-
-	certItem.len = size;
-	rv = ssl3_ConsumeHandshake(ss, certItem.data, certItem.len,
-				   &b, &length);
-	if (rv != SECSuccess)
-	    goto loser;	/* fatal alert already sent by ConsumeHandshake. */
-
-	c = PORT_ArenaNew(arena, ssl3CertNode);
-	if (c == NULL) {
-	    goto loser;	/* don't send alerts on memory errors */
-	}
-
-	c->cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
-	                                  PR_FALSE, PR_TRUE);
-	if (c->cert == NULL) {
-	    goto ambiguous_err;
-	}
-
-	if (c->cert->trust)
-	    trusted = PR_TRUE;
-
-	c->next = certs;
-	certs = c;
-    }
-
-    if (remaining != 0)
-        goto decode_loser;
-
-    SECKEY_UpdateCertPQG(ss->sec.peerCert);
-
-    /*
-     * We're making a fortezza connection, and the card hasn't unloaded it's
-     * certs, try to  unload those certs now.
-     */
-    if (!trusted) {
-	CERTCertificate *ccert;
-
-	ccert = PK11_FindBestKEAMatch(ss->sec.peerCert, ss->pkcs11PinArg);
-	if (ccert) 
-	    CERT_DestroyCertificate(ccert);
-    }
-
-
-    rv = (SECStatus)(*ss->authCertificate)(ss->authCertificateArg, ss->fd,
-					   PR_TRUE, isServer);
-    if (rv) {
-	errCode = PORT_GetError();
-	if (!ss->handleBadCert) {
-	    goto bad_cert;
-	}
-	rv = (SECStatus)(*ss->handleBadCert)(ss->badCertArg, ss->fd);
-	if ( rv ) {
-	    if ( rv == SECWouldBlock ) {
-		/* someone will handle this connection asynchronously*/
-		SSL_DBG(("%d: SSL3[%d]: go to async cert handler",
-			 SSL_GETPID(), ss->fd));
-		ssl3->peerCertChain = certs;
-		certs               = NULL;
-		ssl_SetAlwaysBlock(ss);
-		goto cert_block;
-	    }
-	    /* cert is bad */
-	    goto bad_cert;
-	}
-	/* cert is good */
-    }
-
-    /* start SSL Step Up, if appropriate */
-    cert = ss->sec.peerCert;
-    if (!isServer &&
-    	ssl3_global_policy_some_restricted &&
-        ssl3->policy == SSL_ALLOWED &&
-	anyRestrictedEnabled(ss) &&
-	SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,
-	                                 PR_FALSE, /* checkSig */
-				         certUsageSSLServerWithStepUp,
-/*XXX*/				         ss->authCertificateArg) ) {
-	ssl3->policy         = SSL_RESTRICTED;
-	ssl3->hs.rehandshake = PR_TRUE;
-    }
-
-    ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-
-    if (!ss->sec.isServer) {
-	/* set the server authentication and key exchange types and sizes
-	** from the value in the cert.  If the key exchange key is different,
-	** it will get fixed when we handle the server key exchange message.
-	*/
-	SECKEYPublicKey * pubKey  = CERT_ExtractPublicKey(cert);
-	ss->sec.authAlgorithm = ssl3->hs.kea_def->signKeyType;
-	ss->sec.keaType       = ssl3->hs.kea_def->exchKeyType;
-	if (pubKey) {
-	    ss->sec.keaKeyBits = ss->sec.authKeyBits =
-			      SECKEY_PublicKeyStrength(pubKey) * BPB;
-	    SECKEY_DestroyPublicKey(pubKey); 
-	    pubKey = NULL;
-    	}
-    }
-
-    ssl3->peerCertChain = certs;  certs = NULL;  arena = NULL;
-
-cert_block:
-    if (ss->sec.isServer) {
-	ssl3->hs.ws = wait_client_key;
-    } else {
-	ssl3->hs.ws = wait_cert_request; /* disallow server_key_exchange */
-	if (ssl3->hs.kea_def->is_limited ||
-	    /* XXX OR server cert is signing only. */
-	    ssl3->hs.kea_def->kea == kea_fortezza ||
-	    ssl3->hs.kea_def->exchKeyType == kt_dh) {
-	    ssl3->hs.ws = wait_server_key; /* allow server_key_exchange */
-	}
-    }
-
-    /* rv must normally be equal to SECSuccess here.  If we called
-     * handleBadCert, it can also be SECWouldBlock.
-     */
-    return rv;
-
-ambiguous_err:
-    errCode = PORT_GetError();
-    switch (errCode) {
-    case PR_OUT_OF_MEMORY_ERROR:
-    case SEC_ERROR_BAD_DATABASE:
-    case SEC_ERROR_NO_MEMORY:
-	if (isTLS) {
-	    desc = internal_error;
-	    goto alert_loser;
-	}
-	goto loser;
-    }
-    /* fall through to bad_cert. */
-
-bad_cert:	/* caller has set errCode. */
-    switch (errCode) {
-    case SEC_ERROR_LIBRARY_FAILURE:     desc = unsupported_certificate; break;
-    case SEC_ERROR_EXPIRED_CERTIFICATE: desc = certificate_expired;     break;
-    case SEC_ERROR_REVOKED_CERTIFICATE: desc = certificate_revoked;     break;
-    case SEC_ERROR_INADEQUATE_KEY_USAGE:
-    case SEC_ERROR_INADEQUATE_CERT_TYPE:
-		                        desc = certificate_unknown;     break;
-    case SEC_ERROR_UNTRUSTED_CERT:
-		    desc = isTLS ? access_denied : certificate_unknown; break;
-    case SEC_ERROR_UNKNOWN_ISSUER:      
-    case SEC_ERROR_UNTRUSTED_ISSUER:    
-		    desc = isTLS ? unknown_ca : certificate_unknown; break;
-    case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
-		    desc = isTLS ? unknown_ca : certificate_expired; break;
-
-    case SEC_ERROR_CERT_NOT_IN_NAME_SPACE:
-    case SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID:
-    case SEC_ERROR_CA_CERT_INVALID:
-    case SEC_ERROR_BAD_SIGNATURE:
-    default:                            desc = bad_certificate;     break;
-    }
-    SSL_DBG(("%d: SSL3[%d]: peer certificate is no good: error=%d",
-	     SSL_GETPID(), ss->fd, errCode));
-
-    goto alert_loser;
-
-decode_loser:
-    desc = isTLS ? decode_error : bad_certificate;
-
-alert_loser:
-    (void)SSL3_SendAlert(ss, alert_fatal, desc);
-
-loser:
-    ssl3->peerCertChain = certs;  certs = NULL;  arena = NULL;
-    ssl3_CleanupPeerCerts(ssl3);
-
-    if (ss->sec.peerCert != NULL) {
-	CERT_DestroyCertificate(ss->sec.peerCert);
-	ss->sec.peerCert = NULL;
-    }
-    (void)ssl_MapLowLevelError(errCode);
-    return SECFailure;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX	Need to document here how an application marks a cert to show that
-**	the application has accepted it (overridden CERT_VerifyCert).
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- *     It does not work on a subsequent handshake (redo).
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
-*/
-int
-ssl3_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
-    CERTCertificate * cert;
-    ssl3State       * ssl3	= ss->ssl3;
-    int               rv	= SECSuccess;
-
-    if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
-	SET_ERROR_CODE
-    	return SECFailure;
-    }
-    if (!ss->ssl3) {
-	SET_ERROR_CODE
-    	return SECFailure;
-    }
-
-    cert = ss->sec.peerCert;
-
-    /* Permit step up if user decided to accept the cert */
-    if (!ss->sec.isServer &&
-    	ssl3_global_policy_some_restricted &&
-        ssl3->policy == SSL_ALLOWED &&
-	anyRestrictedEnabled(ss) &&
-	(SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,
-	                                  PR_FALSE, /* checksig */
-				          certUsageSSLServerWithStepUp,
-/*XXX*/				          ss->authCertificateArg) )) {
-	ssl3->policy         = SSL_RESTRICTED;
-	ssl3->hs.rehandshake = PR_TRUE;
-    }
-
-    if (ss->handshake != NULL) {
-	ss->handshake = ssl_GatherRecord1stHandshake;
-	ss->sec.ci.sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-
-	ssl_GetRecvBufLock(ss);
-	if (ssl3->hs.msgState.buf != NULL) {
-	    rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
-	}
-	ssl_ReleaseRecvBufLock(ss);
-    }
-
-    return rv;
-}
-
-static SECStatus
-ssl3_ComputeTLSFinished(ssl3CipherSpec *spec,
-			PRBool          isServer,
-                const   SSL3Finished *  hashes,
-                        TLSFinished  *  tlsFinished)
-{
-    PK11Context *prf_context;
-    const char * label;
-    unsigned int len;
-    SECStatus    rv;
-    SECItem      param 		= {siBuffer, NULL, 0};
-
-    label = isServer ? "server finished" : "client finished";
-    len   = 15;
-
-    prf_context = 
-	PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN, 
-	                           spec->master_secret, &param);
-    if (!prf_context)
-    	return SECFailure;
-
-    rv  = PK11_DigestBegin(prf_context);
-    rv |= PK11_DigestOp(prf_context, (const unsigned char *) label, len);
-    rv |= PK11_DigestOp(prf_context, hashes->md5, sizeof *hashes);
-    rv |= PK11_DigestFinal(prf_context, tlsFinished->verify_data, 
-                           &len, sizeof *tlsFinished);
-    PORT_Assert(rv != SECSuccess || len == sizeof *tlsFinished);
-
-    PK11_DestroyContext(prf_context, PR_TRUE);
-    return rv;
-}
-
-/* called from ssl3_HandleServerHelloDone
- *             ssl3_HandleClientHello
- *             ssl3_HandleFinished
- */
-static SECStatus
-ssl3_SendFinished(sslSocket *ss, PRInt32 flags)
-{
-    ssl3CipherSpec *cwSpec;
-    PRBool          isTLS;
-    PRBool          isServer = ss->sec.isServer;
-    SECStatus       rv;
-    SSL3Sender      sender = isServer ? sender_server : sender_client;
-    SSL3Finished    hashes;
-    TLSFinished     tlsFinished;
-
-    SSL_TRC(3, ("%d: SSL3[%d]: send finished handshake", SSL_GETPID(), ss->fd));
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss));
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    ssl_GetSpecReadLock(ss);
-    cwSpec = ss->ssl3->cwSpec;
-    isTLS = (PRBool)(cwSpec->version > SSL_LIBRARY_VERSION_3_0);
-    rv = ssl3_ComputeHandshakeHashes(ss, cwSpec, &hashes, sender);
-    if (isTLS && rv == SECSuccess) {
-	rv = ssl3_ComputeTLSFinished(cwSpec, isServer, &hashes, &tlsFinished);
-    }
-    ssl_ReleaseSpecReadLock(ss);
-    if (rv != SECSuccess) {
-	goto fail;	/* err code was set by ssl3_ComputeHandshakeHashes */
-    }
-
-    if (isTLS) {
-	rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof tlsFinished);
-	if (rv != SECSuccess) 
-	    goto fail; 		/* err set by AppendHandshake. */
-	rv = ssl3_AppendHandshake(ss, &tlsFinished, sizeof tlsFinished);
-	if (rv != SECSuccess) 
-	    goto fail; 		/* err set by AppendHandshake. */
-    } else {
-	rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof hashes);
-	if (rv != SECSuccess) 
-	    goto fail; 		/* err set by AppendHandshake. */
-	rv = ssl3_AppendHandshake(ss, &hashes, sizeof hashes);
-	if (rv != SECSuccess) 
-	    goto fail; 		/* err set by AppendHandshake. */
-    }
-    rv = ssl3_FlushHandshake(ss, flags);
-    if (rv != SECSuccess) {
-	goto fail;	/* error code set by ssl3_FlushHandshake */
-    }
-    return SECSuccess;
-
-fail:
-    return rv;
-}
-
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Finished message from the peer.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
-		    const SSL3Hashes *hashes)
-{
-    ssl3State *       ssl3	   = ss->ssl3;
-    sslSessionID *    sid	   = ss->sec.ci.sid;
-    PK11SymKey *      wrappingKey  = NULL;
-    PK11SlotInfo *    symKeySlot;
-    void *            pwArg        = ss->pkcs11PinArg;
-    SECStatus         rv;
-    PRBool            isServer     = ss->sec.isServer;
-    PRBool            isTLS;
-    PRBool            doStepUp;
-    CK_MECHANISM_TYPE mechanism;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    SSL_TRC(3, ("%d: SSL3[%d]: handle finished handshake",
-    	SSL_GETPID(), ss->fd));
-
-    if (ssl3->hs.ws != wait_finished) {
-	SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-    	PORT_SetError(SSL_ERROR_RX_UNEXPECTED_FINISHED);
-	return SECFailure;
-    }
-
-    isTLS = (PRBool)(ssl3->crSpec->version > SSL_LIBRARY_VERSION_3_0);
-    if (isTLS) {
-	TLSFinished tlsFinished;
-
-	if (length != sizeof tlsFinished) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, decode_error);
-	    PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
-	    return SECFailure;
-	}
-	rv = ssl3_ComputeTLSFinished(ssl3->crSpec, !isServer, 
-	                             hashes, &tlsFinished);
-	if (rv != SECSuccess ||
-	    0 != PORT_Memcmp(&tlsFinished, b, length)) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, decrypt_error);
-	    PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
-	    return SECFailure;
-	}
-    } else {
-	if (length != sizeof(SSL3Hashes)) {
-	    (void)ssl3_IllegalParameter(ss);
-	    PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
-	    return SECFailure;
-	}
-
-	if (0 != PORT_Memcmp(hashes, b, length)) {
-	    (void)ssl3_HandshakeFailure(ss);
-	    PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
-	    return SECFailure;
-	}
-    }
-
-    doStepUp = (PRBool)(!isServer && ssl3->hs.rehandshake);
-
-    ssl_GetXmitBufLock(ss);	/*************************************/
-
-    if ((isServer && !ssl3->hs.isResuming) ||
-	(!isServer && ssl3->hs.isResuming)) {
-	PRInt32 flags = 0;
-
-	rv = ssl3_SendChangeCipherSpecs(ss);
-	if (rv != SECSuccess) {
-	    goto xmit_loser;	/* err is set. */
-	}
-	/* If this thread is in SSL_SecureSend (trying to write some data) 
-	** or if it is going to step up, 
-	** then set the ssl_SEND_FLAG_FORCE_INTO_BUFFER flag, so that the 
-	** last two handshake messages (change cipher spec and finished) 
-	** will be sent in the same send/write call as the application data.
-	*/
-	if (doStepUp || ss->writerThread == PR_GetCurrentThread()) {
-	    flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER;
-	}
-	rv = ssl3_SendFinished(ss, flags);
-	if (rv != SECSuccess) {
-	    goto xmit_loser;	/* err is set. */
-	}
-    }
-
-    /* Optimization: don't cache this connection if we're going to step up. */
-    if (doStepUp) {
-	ssl_FreeSID(sid);
-	ss->sec.ci.sid     = sid = NULL;
-	ssl3->hs.rehandshake = PR_FALSE;
-	rv = ssl3_SendClientHello(ss);
-xmit_loser:
-	ssl_ReleaseXmitBufLock(ss);
-	return rv;	/* err code is set if appropriate. */
-    }
-
-    ssl_ReleaseXmitBufLock(ss);	/*************************************/
-
-    /* The first handshake is now completed. */
-    ss->handshake           = NULL;
-    ss->firstHsDone         = PR_TRUE;
-    ss->gs.writeOffset = 0;
-    ss->gs.readOffset  = 0;
-
-  if (sid->cached == never_cached) {
-
-    /* fill in the sid */
-    sid->u.ssl3.cipherSuite = ssl3->hs.cipher_suite;
-    sid->u.ssl3.compression = ssl3->hs.compression;
-    sid->u.ssl3.policy      = ssl3->policy;
-    sid->u.ssl3.exchKeyType = ssl3->hs.kea_def->exchKeyType;
-    sid->version            = ss->version;
-    sid->authAlgorithm      = ss->sec.authAlgorithm;
-    sid->authKeyBits        = ss->sec.authKeyBits;
-    sid->keaType            = ss->sec.keaType;
-    sid->keaKeyBits         = ss->sec.keaKeyBits;
-    sid->lastAccessTime     = sid->creationTime = ssl_Time();
-    sid->expirationTime     = sid->creationTime + ssl3_sid_timeout;
-    sid->localCert          = CERT_DupCertificate(ss->sec.localCert);
-
-    ssl_GetSpecReadLock(ss);	/*************************************/
-    symKeySlot = PK11_GetSlotFromKey(ssl3->crSpec->master_secret);
-    if (!isServer) {
-	int  wrapKeyIndex;
-	int  incarnation;
-
-	/* these next few functions are mere accessors and don't fail. */
-	sid->u.ssl3.masterWrapIndex  = wrapKeyIndex =
-				       PK11_GetCurrentWrapIndex(symKeySlot);
-	PORT_Assert(wrapKeyIndex == 0);	/* array has only one entry! */
-
-	sid->u.ssl3.masterWrapSeries = incarnation =
-				       PK11_GetSlotSeries(symKeySlot);
-	sid->u.ssl3.masterSlotID   = PK11_GetSlotID(symKeySlot);
-	sid->u.ssl3.masterModuleID = PK11_GetModuleID(symKeySlot);
-	sid->u.ssl3.masterValid    = PR_TRUE;
-
-	/* Get the default wrapping key, for wrapping the master secret before
-	 * placing it in the SID cache entry. */
-	wrappingKey = PK11_GetWrapKey(symKeySlot, wrapKeyIndex,
-				      CKM_INVALID_MECHANISM, incarnation,
-				      pwArg);
-	if (wrappingKey) {
-	    mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
-	} else {
-	    int keyLength;
-	    /* if the wrappingKey doesn't exist, attempt to create it.
-	     * Note: we intentionally ignore errors here.  If we cannot
-	     * generate a wrapping key, it is not fatal to this SSL connection,
-	     * but we will not be able to restart this session.
-	     */
-	    mechanism = PK11_GetBestWrapMechanism(symKeySlot);
-	    keyLength = PK11_GetBestKeyLength(symKeySlot, mechanism);
-	    /* Zero length means fixed key length algorithm, or error.
-	     * It's ambiguous.
-	     */
-	    wrappingKey = PK11_KeyGen(symKeySlot, mechanism, NULL,
-                                      keyLength, pwArg);
-	    if (wrappingKey) {
-	    	PK11_SetWrapKey(symKeySlot, wrapKeyIndex, wrappingKey);
-	    }
-	}
-    } else {
-	/* server. */
-	mechanism = PK11_GetBestWrapMechanism(symKeySlot);
-	if (mechanism != CKM_INVALID_MECHANISM) {
-	    wrappingKey =
-	    	getWrappingKey(ss, symKeySlot, ssl3->hs.kea_def->exchKeyType,
-			       mechanism, pwArg);
-	    if (wrappingKey) {
-		mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
-	    }
-	}
-    }
-
-    sid->u.ssl3.masterWrapMech = mechanism;
-    PK11_FreeSlot(symKeySlot);
-
-    rv = SECFailure;
-    if (wrappingKey) {
-	SECItem msItem;
-
-	msItem.data = sid->u.ssl3.keys.wrapped_master_secret;
-	msItem.len  = sizeof sid->u.ssl3.keys.wrapped_master_secret;
-	rv = PK11_WrapSymKey(mechanism, NULL, wrappingKey,
-			     ssl3->crSpec->master_secret, &msItem);
-	/* rv is examined below. */
-	sid->u.ssl3.keys.wrapped_master_secret_len = msItem.len;
-	PK11_FreeSymKey(wrappingKey);
-    }
-    ssl_ReleaseSpecReadLock(ss);  /*************************************/
-
-    /* If the wrap failed, we don't cache the sid.
-     * The connection continues normally however.
-     */
-    if (!ss->noCache && rv == SECSuccess) {
-	(*ss->sec.cache)(sid);
-    }
-  }
-    ss->ssl3->hs.ws = idle_handshake;
-
-    /* Do the handshake callback for sslv3 here. */
-    if (ss->handshakeCallback != NULL) {
-	(ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-    }
-
-    return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshake() when it has gathered a complete ssl3
- * hanshake message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHandshakeMessage(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
-    SECStatus         rv 	= SECSuccess;
-    SSL3HandshakeType type 	= ss->ssl3->hs.msg_type;
-    SSL3Hashes        hashes;	/* computed hashes are put here. */
-    PRUint8           hdr[4];
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-    /*
-     * We have to compute the hashes before we update them with the
-     * current message.
-     */
-    ssl_GetSpecReadLock(ss);	/************************************/
-    if((type == finished) || (type == certificate_verify)) {
-	SSL3Sender      sender = (SSL3Sender)0;
-	ssl3CipherSpec *rSpec  = ss->ssl3->prSpec;
-
-	if (type == finished) {
-	    sender = ss->sec.isServer ? sender_client : sender_server;
-	    rSpec  = ss->ssl3->crSpec;
-	}
-	rv = ssl3_ComputeHandshakeHashes(ss, rSpec, &hashes, sender);
-    }
-    ssl_ReleaseSpecReadLock(ss); /************************************/
-    if (rv != SECSuccess) {
-	return rv;	/* error code was set by ssl3_ComputeHandshakeHashes*/
-    }
-    SSL_TRC(30,("%d: SSL3[%d]: handle handshake message: %s", SSL_GETPID(),
-		ss->fd, ssl3_DecodeHandshakeType(ss->ssl3->hs.msg_type)));
-    PRINT_BUF(60, (ss, "MD5 handshake hash:",
-    	      (unsigned char*)ss->ssl3->hs.md5, MD5_LENGTH));
-    PRINT_BUF(95, (ss, "SHA handshake hash:",
-    	      (unsigned char*)ss->ssl3->hs.sha, SHA1_LENGTH));
-
-    hdr[0] = (PRUint8)ss->ssl3->hs.msg_type;
-    hdr[1] = (PRUint8)(length >> 16);
-    hdr[2] = (PRUint8)(length >>  8);
-    hdr[3] = (PRUint8)(length      );
-
-    /* Start new handshake hashes when we start a new handshake */
-    if (ss->ssl3->hs.msg_type == client_hello) {
-	SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",
-		SSL_GETPID(), ss->fd ));
-	rv = PK11_DigestBegin(ss->ssl3->hs.md5);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	    return rv;
-	}
-	rv = PK11_DigestBegin(ss->ssl3->hs.sha);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	    return rv;
-	}
-    }
-    /* We should not include hello_request messages in the handshake hashes */
-    if (ss->ssl3->hs.msg_type != hello_request) {
-	rv = ssl3_UpdateHandshakeHashes(ss, (unsigned char*) hdr, 4);
-	if (rv != SECSuccess) return rv;	/* err code already set. */
-	rv = ssl3_UpdateHandshakeHashes(ss, b, length);
-	if (rv != SECSuccess) return rv;	/* err code already set. */
-    }
-
-    PORT_SetError(0);	/* each message starts with no error. */
-    switch (ss->ssl3->hs.msg_type) {
-    case hello_request:
-	if (length != 0) {
-	    (void)ssl3_DecodeError(ss);
-	    PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST);
-	    return SECFailure;
-	}
-	if (ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleHelloRequest(ss);
-	break;
-    case client_hello:
-	if (!ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleClientHello(ss, b, length);
-	break;
-    case server_hello:
-	if (ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleServerHello(ss, b, length);
-	break;
-    case certificate:
-	rv = ssl3_HandleCertificate(ss, b, length);
-	break;
-    case server_key_exchange:
-	if (ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleServerKeyExchange(ss, b, length);
-	break;
-    case certificate_request:
-	if (ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleCertificateRequest(ss, b, length);
-	break;
-    case server_hello_done:
-	if (length != 0) {
-	    (void)ssl3_DecodeError(ss);
-	    PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_DONE);
-	    return SECFailure;
-	}
-	if (ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleServerHelloDone(ss);
-	break;
-    case certificate_verify:
-	if (!ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleCertificateVerify(ss, b, length, &hashes);
-	break;
-    case client_key_exchange:
-	if (!ss->sec.isServer) {
-	    (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	    PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
-	    return SECFailure;
-	}
-	rv = ssl3_HandleClientKeyExchange(ss, b, length);
-	break;
-    case finished:
-        rv = ssl3_HandleFinished(ss, b, length, &hashes);
-	break;
-    default:
-	(void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-	PORT_SetError(SSL_ERROR_RX_UNKNOWN_HANDSHAKE);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/* Called only from ssl3_HandleRecord, for each (deciphered) ssl3 record.
- * origBuf is the decrypted ssl record content.
- * Caller must hold the handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
-{
-    /*
-     * There may be a partial handshake message already in the handshake
-     * state. The incoming buffer may contain another portion, or a
-     * complete message or several messages followed by another portion.
-     *
-     * Each message is made contiguous before being passed to the actual
-     * message parser.
-     */
-    ssl3State *ssl3 = ss->ssl3;
-    sslBuffer *buf = &ssl3->hs.msgState; /* do not lose the original buffer pointer */
-    SECStatus rv;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (buf->buf == NULL) {
-	*buf = *origBuf;
-    }
-    while (buf->len > 0) {
-	while (ssl3->hs.header_bytes < 4) {
-	    uint8 t;
-	    t = *(buf->buf++);
-	    buf->len--;
-	    if (ssl3->hs.header_bytes++ == 0)
-		ssl3->hs.msg_type = (SSL3HandshakeType)t;
-	    else
-		ssl3->hs.msg_len = (ssl3->hs.msg_len << 8) + t;
-
-#define MAX_HANDSHAKE_MSG_LEN 0x1ffff	/* 128k - 1 */
-
-	    if (ssl3->hs.header_bytes == 4) {
-		if (ssl3->hs.msg_len > MAX_HANDSHAKE_MSG_LEN) {
-		    (void)ssl3_DecodeError(ss);
-		    PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
-		    return SECFailure;
-		}
-	    }
-#undef MAX_HANDSHAKE_MSG_LEN
-	    if (buf->len == 0 && ssl3->hs.msg_len > 0) {
-		buf->buf = NULL;
-		return SECSuccess;
-	    }
-	}
-
-	/*
-	 * Header has been gathered and there is at least one byte of new
-	 * data available for this message. If it can be done right out
-	 * of the original buffer, then use it from there.
-	 */
-	if (ssl3->hs.msg_body.len == 0 && buf->len >= ssl3->hs.msg_len) {
-	    /* handle it from input buffer */
-	    rv = ssl3_HandleHandshakeMessage(ss, buf->buf, ssl3->hs.msg_len);
-	    if (rv == SECFailure) {
-		/* This test wants to fall through on either
-		 * SECSuccess or SECWouldBlock.
-		 * ssl3_HandleHandshakeMessage MUST set the error code.
-		 */
-		return rv;
-	    }
-	    buf->buf += ssl3->hs.msg_len;
-	    buf->len -= ssl3->hs.msg_len;
-	    ssl3->hs.msg_len = 0;
-	    ssl3->hs.header_bytes = 0;
-	    if (rv != SECSuccess) { /* return if SECWouldBlock. */
-		return rv;
-	    }
-	} else {
-	    /* must be copied to msg_body and dealt with from there */
-	    unsigned int bytes;
-
-	    bytes = PR_MIN(buf->len, ssl3->hs.msg_len);
-
-	    /* Grow the buffer if needed */
-	    if (bytes > ssl3->hs.msg_body.space - ssl3->hs.msg_body.len) {
-		rv = sslBuffer_Grow(&ssl3->hs.msg_body,
-		                  ssl3->hs.msg_body.len + bytes);
-		if (rv != SECSuccess) {
-		    /* sslBuffer_Grow has set a memory error code. */
-		    return SECFailure;
-	    	}
-	    }
-	    PORT_Memcpy(ssl3->hs.msg_body.buf + ssl3->hs.msg_body.len,
-		      buf->buf, buf->len);
-	    buf->buf += bytes;
-	    buf->len -= bytes;
-
-	    /* should not be more than one message in msg_body */
-	    PORT_Assert(ssl3->hs.msg_body.len <= ssl3->hs.msg_len);
-
-	    /* if we have a whole message, do it */
-	    if (ssl3->hs.msg_body.len == ssl3->hs.msg_len) {
-		rv = ssl3_HandleHandshakeMessage(
-		    ss, ssl3->hs.msg_body.buf, ssl3->hs.msg_len);
-		/*
-		 * XXX This appears to be wrong.  This error handling
-		 * should clean up after a SECWouldBlock return, like the
-		 * error handling used 40 lines before/above this one,
-		 */
-		if (rv != SECSuccess) {
-		    /* ssl3_HandleHandshakeMessage MUST set error code. */
-		    return rv;
-		}
-		ssl3->hs.msg_body.len = 0;
-		ssl3->hs.msg_len      = 0;
-		ssl3->hs.header_bytes = 0;
-	    } else {
-		PORT_Assert(buf->len == 0);
-		break;
-	    }
-	}
-    }	/* end loop */
-
-    origBuf->len = 0;	/* So ssl3_GatherAppDataRecord will keep looping. */
-    buf->buf = NULL;	/* not a leak. */
-    return SECSuccess;
-}
-
-/* if cText is non-null, then decipher, check MAC, and decompress the
- * SSL record from cText->buf (typically gs->inbuf)
- * into databuf (typically gs->buf), and any previous contents of databuf
- * is lost.  Then handle databuf according to its SSL record type,
- * unless it's an application record.
- *
- * If cText is NULL, then the ciphertext has previously been deciphered and
- * checked, and is already sitting in databuf.  It is processed as an SSL
- * Handshake message.
- *
- * DOES NOT process the decrypted/decompressed application data.
- * On return, databuf contains the decrypted/decompressed record.
- *
- * Called from ssl3_GatherCompleteHandshake
- *             ssl3_RestartHandshakeAfterCertReq
- *             ssl3_RestartHandshakeAfterServerCert
- *
- * Caller must hold the RecvBufLock.
- *
- * This function aquires and releases the SSL3Handshake Lock, holding the
- * lock around any calls to functions that handle records other than
- * Application Data records.
- */
-SECStatus
-ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf)
-{
-const ssl3BulkCipherDef *cipher_def;
-    ssl3State *          ssl3 			= ss->ssl3;
-    ssl3CipherSpec *     crSpec;
-    SECStatus            rv;
-    unsigned int         hashBytes;
-    unsigned int         padding_length;
-    PRBool               isTLS;
-    SSL3ContentType      rType;
-    SSL3Opaque           hash[MAX_MAC_LENGTH];
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
-    if (ssl3 == NULL) {
-	ssl_GetSSL3HandshakeLock(ss);
-	rv = ssl3_InitState(ss);
-	ssl_ReleaseSSL3HandshakeLock(ss);
-	if (rv != SECSuccess) {
-	    return rv;		/* ssl3_InitState has set the error code. */
-    	}
-    }
-
-    ssl3 = ss->ssl3;
-
-    /* cText is NULL when we're called from ssl3_RestartHandshakeAfterXXX().
-     * This implies that databuf holds a previously deciphered SSL Handshake
-     * message.
-     */
-    if (cText == NULL) {
-	SSL_DBG(("%d: SSL3[%d]: HandleRecord, resuming handshake",
-		 SSL_GETPID(), ss->fd));
-	rType = content_handshake;
-	goto process_it;
-    }
-
-    databuf->len = 0; /* filled in by decode call below. */
-    if (databuf->space < MAX_FRAGMENT_LENGTH) {
-	rv = sslBuffer_Grow(databuf, MAX_FRAGMENT_LENGTH + 2048);
-	if (rv != SECSuccess) {
-	    SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes",
-		     SSL_GETPID(), ss->fd, MAX_FRAGMENT_LENGTH + 2048));
-	    /* sslBuffer_Grow has set a memory error code. */
-	    return SECFailure;
-	}
-    }
-
-    PRINT_BUF(80, (ss, "ciphertext:", cText->buf->buf, cText->buf->len));
-
-    ssl_GetSpecReadLock(ss); /******************************************/
-
-    crSpec = ssl3->crSpec;
-    cipher_def = crSpec->cipher_def;
-    isTLS = (PRBool)(crSpec->version > SSL_LIBRARY_VERSION_3_0);
-
-    if (isTLS && cText->buf->len > (MAX_FRAGMENT_LENGTH + 2048)) {
-	ssl_ReleaseSpecReadLock(ss);
-	SSL3_SendAlert(ss, alert_fatal, record_overflow);
-	PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
-	return SECFailure;
-    }
-    /* decrypt from cText buf to databuf. */
-    rv = crSpec->decode(
-	crSpec->decodeContext, databuf->buf, (int *)&databuf->len,
-	databuf->space, cText->buf->buf, cText->buf->len);
-
-    PRINT_BUF(80, (ss, "cleartext:", databuf->buf, databuf->len));
-    if (rv != SECSuccess) {
-	ssl_ReleaseSpecReadLock(ss);
-	ssl_MapLowLevelError(SSL_ERROR_DECRYPTION_FAILURE);
-	if (isTLS)
-	    (void)SSL3_SendAlert(ss, alert_fatal, decryption_failed);
-	ssl_MapLowLevelError(SSL_ERROR_DECRYPTION_FAILURE);
-	return SECFailure;
-    }
-
-    /* If it's a block cipher, check and strip the padding. */
-    if (cipher_def->type == type_block) {
-	padding_length = *(databuf->buf + databuf->len - 1);
-	/* TLS permits padding to exceed the block size, up to 255 bytes. */
-	if (padding_length + crSpec->mac_size >= databuf->len)
-	    goto bad_pad;
-	/* if TLS, check value of first padding byte. */
-	if (padding_length && isTLS && padding_length != 
-		*(databuf->buf + databuf->len - 1 - padding_length))
-	    goto bad_pad;
-	databuf->len -= padding_length + 1;
-	if (databuf->len <= 0) {
-bad_pad:
-	    /* must not hold spec lock when calling SSL3_SendAlert. */
-	    ssl_ReleaseSpecReadLock(ss);
-	    /* SSL3 doesn't have an alert for bad padding, so use bad mac. */
-	    SSL3_SendAlert(ss, alert_fatal, 
-			   isTLS ? decryption_failed : bad_record_mac);
-	    PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
-	    return SECFailure;
-	}
-    }
-
-    /* Check the MAC. */
-    if (databuf->len < crSpec->mac_size) {
-    	/* record is too short to have a valid mac. */
-	goto bad_mac;
-    }
-    databuf->len -= crSpec->mac_size;
-    rType = cText->type;
-    rv = ssl3_ComputeRecordMAC(
-    	crSpec, (ss->sec.isServer) ? crSpec->client.write_mac_context
-				    : crSpec->server.write_mac_context,
-	rType, cText->version, crSpec->read_seq_num, 
-	databuf->buf, databuf->len, hash, &hashBytes);
-    if (rv != SECSuccess) {
-	ssl_ReleaseSpecReadLock(ss);
-	ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
-	return rv;
-    }
-
-    if (hashBytes != (unsigned)crSpec->mac_size ||
-	PORT_Memcmp(databuf->buf + databuf->len, hash, crSpec->mac_size) != 0) {
-bad_mac:
-	/* must not hold spec lock when calling SSL3_SendAlert. */
-	ssl_ReleaseSpecReadLock(ss);
-	SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
-	PORT_SetError(SSL_ERROR_BAD_MAC_READ);
-
-	SSL_DBG(("%d: SSL3[%d]: mac check failed", SSL_GETPID(), ss->fd));
-
-	return SECFailure;
-    }
-
-    ssl3_BumpSequenceNumber(&crSpec->read_seq_num);
-
-    ssl_ReleaseSpecReadLock(ss); /*****************************************/
-
-    /*
-     * The decrypted data is now in databuf.
-     *
-     * the null decompression routine is right here
-     */
-
-    /*
-    ** Having completed the decompression, check the length again. 
-    */
-    if (isTLS && databuf->len > (MAX_FRAGMENT_LENGTH + 1024)) {
-	SSL3_SendAlert(ss, alert_fatal, record_overflow);
-	PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
-	return SECFailure;
-    }
-
-    /* Application data records are processed by the caller of this
-    ** function, not by this function.
-    */
-    if (rType == content_application_data) {
-    	return SECSuccess;
-    }
-
-    /* It's a record that must be handled by ssl itself, not the application.
-    */
-process_it:
-    /* XXX  Get the xmit lock here.  Odds are very high that we'll be xmiting
-     * data ang getting the xmit lock here prevents deadlocks.
-     */
-    ssl_GetSSL3HandshakeLock(ss);
-
-    /* All the functions called in this switch MUST set error code if
-    ** they return SECFailure or SECWouldBlock.
-    */
-    switch (rType) {
-    case content_change_cipher_spec:
-	rv = ssl3_HandleChangeCipherSpecs(ss, databuf);
-	break;
-    case content_alert:
-	rv = ssl3_HandleAlert(ss, databuf);
-	break;
-    case content_handshake:
-	rv = ssl3_HandleHandshake(ss, databuf);
-	break;
-    case content_application_data:
-	rv = SECSuccess;
-	break;
-    default:
-	SSL_DBG(("%d: SSL3[%d]: bogus content type=%d",
-		 SSL_GETPID(), ss->fd, cText->type));
-	/* XXX Send an alert ???  */
-	PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE);
-	rv = SECFailure;
-	break;
-    }
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    return rv;
-
-}
-
-/*
- * Initialization functions
- */
-
-/* Called from ssl3_InitState, immediately below. */
-/* Caller must hold the SpecWriteLock. */
-static void
-ssl3_InitCipherSpec(sslSocket *ss, ssl3CipherSpec *spec)
-{
-    spec->cipher_def               = &bulk_cipher_defs[cipher_null];
-    PORT_Assert(spec->cipher_def->cipher == cipher_null);
-    spec->mac_def                  = &mac_defs[mac_null];
-    PORT_Assert(spec->mac_def->mac == mac_null);
-    spec->encode                   = Null_Cipher;
-    spec->decode                   = Null_Cipher;
-    spec->destroy                  = NULL;
-    spec->mac_size                 = 0;
-    spec->master_secret            = NULL;
-
-    spec->client.write_key         = NULL;
-    spec->client.write_mac_key     = NULL;
-    spec->client.write_mac_context = NULL;
-
-    spec->server.write_key         = NULL;
-    spec->server.write_mac_key     = NULL;
-    spec->server.write_mac_context = NULL;
-
-    spec->write_seq_num.high       = 0;
-    spec->write_seq_num.low        = 0;
-
-    spec->read_seq_num.high        = 0;
-    spec->read_seq_num.low         = 0;
-
-    spec->version                  = ss->enableTLS
-                                          ? SSL_LIBRARY_VERSION_3_1_TLS
-                                          : SSL_LIBRARY_VERSION_3_0;
-}
-
-/* Called from:	ssl3_SendRecord
-**		ssl3_StartHandshakeHash() <- ssl2_BeginClientHandshake()
-**		ssl3_SendClientHello()
-**		ssl3_HandleServerHello()
-**		ssl3_HandleClientHello()
-**		ssl3_HandleV2ClientHello()
-**		ssl3_HandleRecord()
-**
-** This function should perhaps acquire and release the SpecWriteLock.
-**
-**
-*/
-static SECStatus
-ssl3_InitState(sslSocket *ss)
-{
-    ssl3State *  ssl3 = NULL;
-    PK11Context *md5  = NULL;
-    PK11Context *sha  = NULL;
-    SECStatus    rv;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
-    /* reinitialization for renegotiated sessions XXX */
-    if (ss->ssl3 != NULL)
-	return SECSuccess;
-
-    ssl3 = PORT_ZNew(ssl3State); /* zero on purpose */
-    if (ssl3 == NULL)
-	return SECFailure;	/* PORT_ZAlloc has set memory error code. */
-
-    /* note that entire HandshakeState is zero, including the buffer */
-    ssl3->policy = SSL_ALLOWED;
-
-    ssl_GetSpecWriteLock(ss);
-    ssl3->crSpec = ssl3->cwSpec = &ssl3->specs[0];
-    ssl3->prSpec = ssl3->pwSpec = &ssl3->specs[1];
-    ssl3->hs.rehandshake = PR_FALSE;
-    ssl3_InitCipherSpec(ss, ssl3->crSpec);
-    ssl3_InitCipherSpec(ss, ssl3->prSpec);
-    ssl3->fortezza.tek = NULL;
-
-    ssl3->hs.ws = (ss->sec.isServer) ? wait_client_hello : wait_server_hello;
-    ssl_ReleaseSpecWriteLock(ss);
-
-    /*
-     * note: We should probably lookup an SSL3 slot for these
-     * handshake hashes in hopes that we wind up with the same slots
-     * that the master secret will wind up in ...
-     */
-    SSL_TRC(30,("%d: SSL3[%d]: start handshake hashes", SSL_GETPID(), ss->fd));
-    ssl3->hs.md5 = md5 = PK11_CreateDigestContext(SEC_OID_MD5);
-    if (md5 == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	goto loser;
-    }
-    rv = PK11_DigestBegin(ssl3->hs.md5);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	goto loser;
-    }
-
-    sha = ssl3->hs.sha = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (sha == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	goto loser;
-    }
-    rv = PK11_DigestBegin(ssl3->hs.sha);
-    if (rv != SECSuccess) {
-	ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
-	goto loser;
-    }
-
-    /* Don't hide this from the rest of the world any more. */
-    ss->ssl3 = ssl3;
-
-    return SECSuccess;
-
-loser:
-    if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
-    if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
-    if (ssl3 != NULL) PORT_Free(ssl3);
-    return SECFailure;
-}
-
-/* Returns a reference counted object that contains a key pair.
- * Or NULL on failure.  Initial ref count is 1.
- * Uses the keys in the pair as input.
- */
-ssl3KeyPair *
-ssl3_NewKeyPair( SECKEYPrivateKey * privKey, SECKEYPublicKey * pubKey)
-{
-    ssl3KeyPair * pair;
-
-    if (!privKey || !pubKey) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-    	return NULL;
-    }
-    pair = PORT_ZNew(ssl3KeyPair);
-    if (!pair)
-    	return NULL;			/* error code is set. */
-    pair->refCount = 1;
-    pair->privKey  = privKey;
-    pair->pubKey   = pubKey;
-    return pair;			/* success */
-}
-
-ssl3KeyPair *
-ssl3_GetKeyPairRef(ssl3KeyPair * keyPair)
-{
-    PR_AtomicIncrement(&keyPair->refCount);
-    return keyPair;
-}
-
-void
-ssl3_FreeKeyPair(ssl3KeyPair * keyPair)
-{
-    PRInt32 newCount =  PR_AtomicDecrement(&keyPair->refCount);
-    if (!newCount) {
-	SECKEY_DestroyPrivateKey(keyPair->privKey);
-	SECKEY_DestroyPublicKey( keyPair->pubKey);
-    	PORT_Free(keyPair);
-    }
-}
-
-
-
-/*
- * Creates the public and private RSA keys for SSL Step down.
- * Called from SSL_ConfigSecureServer in sslsecur.c
- */
-SECStatus
-ssl3_CreateRSAStepDownKeys(sslSocket *ss)
-{
-    SECStatus             rv  	 = SECSuccess;
-    SECKEYPrivateKey *    privKey;		/* RSA step down key */
-    SECKEYPublicKey *     pubKey;		/* RSA step down key */
-
-    if (ss->stepDownKeyPair)
-	ssl3_FreeKeyPair(ss->stepDownKeyPair);
-    ss->stepDownKeyPair = NULL;
-#ifndef HACKED_EXPORT_SERVER
-    /* Sigh, should have a get key strength call for private keys */
-    if (PK11_GetPrivateModulusLen(ss->serverCerts[kt_rsa].serverKey) >
-                                                     EXPORT_RSA_KEY_LENGTH) {
-	/* need to ask for the key size in bits */
-	privKey = SECKEY_CreateRSAPrivateKey(EXPORT_RSA_KEY_LENGTH * BPB,
-					     &pubKey, NULL);
-    	if (!privKey || !pubKey ||
-	    !(ss->stepDownKeyPair = ssl3_NewKeyPair(privKey, pubKey))) {
-	    ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
-	    rv = SECFailure;
-	}
-    }
-#endif
-    return rv;
-}
-
-
-/* record the export policy for this cipher suite */
-SECStatus
-ssl3_SetPolicy(ssl3CipherSuite which, int policy)
-{
-    ssl3CipherSuiteCfg *suite;
-
-    suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
-    if (suite == NULL) {
-	return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
-    }
-    suite->policy = policy;
-
-    if (policy == SSL_RESTRICTED) {
-	ssl3_global_policy_some_restricted = PR_TRUE;
-    }
-
-    return SECSuccess;
-}
-
-SECStatus
-ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *oPolicy)
-{
-    ssl3CipherSuiteCfg *suite;
-    PRInt32             policy;
-    SECStatus           rv;
-
-    suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
-    if (suite) {
-    	policy = suite->policy;
-	rv     = SECSuccess;
-    } else {
-    	policy = SSL_NOT_ALLOWED;
-	rv     = SECFailure;	/* err code was set by Lookup. */
-    }
-    *oPolicy = policy;
-    return rv;
-}
-
-/* record the user preference for this suite */
-SECStatus
-ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled)
-{
-    ssl3CipherSuiteCfg *suite;
-
-    suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
-    if (suite == NULL) {
-	return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
-    }
-    suite->enabled = enabled;
-    return SECSuccess;
-}
-
-/* return the user preference for this suite */
-SECStatus
-ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *enabled)
-{
-    ssl3CipherSuiteCfg *suite;
-    PRBool              pref;
-    SECStatus           rv;
-
-    suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
-    if (suite) {
-    	pref   = suite->enabled;
-	rv     = SECSuccess;
-    } else {
-    	pref   = SSL_NOT_ALLOWED;
-	rv     = SECFailure;	/* err code was set by Lookup. */
-    }
-    *enabled = pref;
-    return rv;
-}
-
-SECStatus
-ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool enabled)
-{
-    ssl3CipherSuiteCfg *suite;
-
-    suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
-    if (suite == NULL) {
-	return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
-    }
-    suite->enabled = enabled;
-    return SECSuccess;
-}
-
-SECStatus
-ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *enabled)
-{
-    ssl3CipherSuiteCfg *suite;
-    PRBool              pref;
-    SECStatus           rv;
-
-    suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
-    if (suite) {
-    	pref   = suite->enabled;
-	rv     = SECSuccess;
-    } else {
-    	pref   = SSL_NOT_ALLOWED;
-	rv     = SECFailure;	/* err code was set by Lookup. */
-    }
-    *enabled = pref;
-    return rv;
-}
-
-/* copy global default policy into socket. */
-void
-ssl3_InitSocketPolicy(sslSocket *ss)
-{
-    PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites);
-}
-
-/* ssl3_config_match_init must have already been called by
- * the caller of this function.
- */
-SECStatus
-ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size)
-{
-    int i, count = 0;
-
-    PORT_Assert(ss != 0);
-    if (!ss) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return SECFailure;
-    }
-    if (!ss->enableSSL3 && !ss->enableTLS) {
-    	*size = 0;
-	return SECSuccess;
-    }
-    if (cs == NULL) {
-	*size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE);
-	return SECSuccess;
-    }
-
-    /* ssl3_config_match_init was called by the caller of this function. */
-    for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
-	ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
-	if (config_match(suite, SSL_ALLOWED, PR_TRUE)) {
-	    if (cs != NULL) {
-		*cs++ = 0x00;
-		*cs++ = (suite->cipher_suite >> 8) & 0xFF;
-		*cs++ =  suite->cipher_suite       & 0xFF;
-	    }
-	    count++;
-	}
-    }
-    *size = count;
-    return SECSuccess;
-}
-
-/*
-** If ssl3 socket has completed the first handshake, and is in idle state, 
-** then start a new handshake.
-** If flushCache is true, the SID cache will be flushed first, forcing a
-** "Full" handshake (not a session restart handshake), to be done.
-**
-** called from SSL_RedoHandshake(), which already holds the handshake locks.
-*/
-SECStatus
-ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache)
-{
-    sslSessionID *   sid = ss->sec.ci.sid;
-    SECStatus        rv;
-
-    PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
-    if (!ss->firstHsDone ||
-        ((ss->version >= SSL_LIBRARY_VERSION_3_0) &&
-	 ss->ssl3 && (ss->ssl3->hs.ws != idle_handshake))) {
-	PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED);
-	return SECFailure;
-    }
-    if (sid && flushCache) {
-	ss->sec.uncache(sid);	/* remove it from whichever cache it's in. */
-	ssl_FreeSID(sid);	/* dec ref count and free if zero. */
-	ss->sec.ci.sid = NULL;
-    }
-
-    ssl_GetXmitBufLock(ss);	/**************************************/
-
-    /* start off a new handshake. */
-    rv = (ss->sec.isServer) ? ssl3_SendHelloRequest(ss)
-                            : ssl3_SendClientHello(ss);
-
-    ssl_ReleaseXmitBufLock(ss);	/**************************************/
-    return rv;
-}
-
-/* Called from ssl_FreeSocket() in sslsock.c */
-void
-ssl3_DestroySSL3Info(ssl3State *ssl3)
-{
-    if (ssl3 == NULL)
-	return;		/* success the easy way. */
-
-    if (ssl3->clientCertificate != NULL)
-	CERT_DestroyCertificate(ssl3->clientCertificate);
-
-    if (ssl3->clientPrivateKey != NULL)
-	SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
-
-    if (ssl3->peerCertArena != NULL)
-	ssl3_CleanupPeerCerts(ssl3);
-
-    if (ssl3->clientCertChain != NULL) {
-       CERT_DestroyCertificateList(ssl3->clientCertChain);
-       ssl3->clientCertChain = NULL;
-    }
-
-    /* clean up handshake */
-    if (ssl3->hs.md5) {
-	PK11_DestroyContext(ssl3->hs.md5,PR_TRUE);
-    }
-    if (ssl3->hs.sha) {
-	PK11_DestroyContext(ssl3->hs.sha,PR_TRUE);
-    }
-
-    if (ssl3->fortezza.tek != NULL) {
-	PK11_FreeSymKey(ssl3->fortezza.tek);
-    }
-    /* free the SSL3Buffer (msg_body) */
-    PORT_Free(ssl3->hs.msg_body.buf);
-
-    /* free up the CipherSpecs */
-    ssl3_DestroyCipherSpec(&ssl3->specs[0]);
-    ssl3_DestroyCipherSpec(&ssl3->specs[1]);
-
-    PORT_Free(ssl3);
-}
-
-/* End of ssl3con.c */
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
deleted file mode 100644
index 92e1523b6..000000000
--- a/security/nss/lib/ssl/ssl3gthr.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
- * Gather (Read) entire SSL3 records from socket into buffer.  
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "ssl3prot.h"
-
-/* 
- * Attempt to read in an entire SSL3 record.
- * Blocks here for blocking sockets, otherwise returns -1 with 
- * 	PR_WOULD_BLOCK_ERROR when socket would block.
- *
- * returns  1 if received a complete SSL3 record.
- * returns  0 if recv returns EOF
- * returns -1 if recv returns <0  
- *	(The error value may have already been set to PR_WOULD_BLOCK_ERROR)
- *
- * Caller must hold the recv buf lock.
- *
- * The Gather state machine has 3 states:  GS_INIT, GS_HEADER, GS_DATA.
- * GS_HEADER: waiting for the 5-byte SSL3 record header to come in.
- * GS_DATA:   waiting for the body of the SSL3 record   to come in.
- *
- * This loop returns when either (a) an error or EOF occurs, 
- *	(b) PR_WOULD_BLOCK_ERROR,
- * 	(c) data (entire SSL3 record) has been received.
- */
-static int
-ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags)
-{
-    unsigned char *bp;
-    unsigned char *lbp;
-    int            nb;
-    int            err;
-    int            rv		= 1;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    if (gs->state == GS_INIT) {
-	gs->state       = GS_HEADER;
-	gs->remainder   = 5;
-	gs->offset      = 0;
-	gs->writeOffset = 0;
-	gs->readOffset  = 0;
-	gs->inbuf.len   = 0;
-    }
-    
-    lbp = gs->inbuf.buf;
-    for(;;) {
-	SSL_TRC(30, ("%d: SSL3[%d]: gather state %d (need %d more)",
-		SSL_GETPID(), ss->fd, gs->state, gs->remainder));
-	bp = ((gs->state != GS_HEADER) ? lbp : gs->hdr) + gs->offset;
-	nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
-
-	if (nb > 0) {
-	    PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
-	} else if (nb == 0) {
-	    /* EOF */
-	    SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
-	    rv = 0;
-	    break;
-	} else /* if (nb < 0) */ {
-	    SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
-		     PR_GetError()));
-	    rv = SECFailure;
-	    break;
-	}
-
-	PORT_Assert( nb <= gs->remainder );
-	if (nb > gs->remainder) {
-	    /* ssl_DefRecv is misbehaving!  this error is fatal to SSL. */
-	    gs->state = GS_INIT;         /* so we don't crash next time */
-	    rv = SECFailure;
-	    break;
-	}
-
-	gs->offset    += nb;
-	gs->remainder -= nb;
-	if (gs->state == GS_DATA)
-	    gs->inbuf.len += nb;
-
-	/* if there's more to go, read some more. */
-	if (gs->remainder > 0) {
-	    continue;
-	}
-
-	/* have received entire record header, or entire record. */
-	switch (gs->state) {
-	case GS_HEADER:
-	    /*
-	    ** Have received SSL3 record header in gs->hdr.
-	    ** Now extract the length of the following encrypted data, 
-	    ** and then read in the rest of the SSL3 record into gs->inbuf.
-	    */
-	    gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4];
-
-	    /* This is the max fragment length for an encrypted fragment
-	    ** plus the size of the record header.
-	    */
-	    if(gs->remainder > (MAX_FRAGMENT_LENGTH + 2048 + 5)) {
-		SSL3_SendAlert(ss, alert_fatal, unexpected_message);
-		gs->state = GS_INIT;
-		PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
-		return SECFailure;
-	    }
-
-	    gs->state     = GS_DATA;
-	    gs->offset    = 0;
-	    gs->inbuf.len = 0;
-
-	    if (gs->remainder > gs->inbuf.space) {
-		err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
-		if (err) {	/* realloc has set error code to no mem. */
-		    return err;
-		}
-		lbp = gs->inbuf.buf;
-	    }
-	    break;	/* End this case.  Continue around the loop. */
-
-
-	case GS_DATA:
-	    /* 
-	    ** SSL3 record has been completely received.
-	    */
-	    gs->state = GS_INIT;
-	    return 1;
-	}
-    }
-
-    return rv;
-}
-
-/* Gather in a record and when complete, Handle that record.
- * Repeat this until the handshake is complete, 
- * or until application data is available.
- *
- * Returns  1 when the handshake is completed without error, or 
- *                 application data is available.
- * Returns  0 if ssl3_GatherData hits EOF.
- * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
- *
- * Called from ssl_GatherRecord1stHandshake       in sslcon.c, 
- *    and from SSL_ForceHandshake in sslsecur.c
- *    and from ssl3_GatherAppDataRecord below (<- DoRecv in sslsecur.c).
- *
- * Caller must hold the recv buf lock.
- */
-int
-ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
-{
-    SSL3Ciphertext cText;
-    int            rv;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    do {
-	/* bring in the next sslv3 record. */
-	rv = ssl3_GatherData(ss, &ss->gs, flags);
-	if (rv <= 0) {
-	    return rv;
-	}
-	
-	/* decipher it, and handle it if it's a handshake. 
-	 * If it's application data, ss->gs.buf will not be empty upon return. 
-	 */
-	cText.type    = (SSL3ContentType)ss->gs.hdr[0];
-	cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
-	cText.buf     = &ss->gs.inbuf;
-	rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
-	if (rv < 0) {
-	    return ss->recvdCloseNotify ? 0 : rv;
-	}
-    } while (ss->ssl3->hs.ws != idle_handshake && ss->gs.buf.len == 0);
-
-    ss->gs.readOffset = 0;
-    ss->gs.writeOffset = ss->gs.buf.len;
-    return 1;
-}
-
-/* Repeatedly gather in a record and when complete, Handle that record.
- * Repeat this until some application data is received.
- *
- * Returns  1 when application data is available.
- * Returns  0 if ssl3_GatherData hits EOF.
- * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
- *
- * Called from DoRecv in sslsecur.c
- * Caller must hold the recv buf lock.
- */
-int
-ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
-{
-    int            rv;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    do {
-	rv = ssl3_GatherCompleteHandshake(ss, flags);
-    } while (rv > 0 && ss->gs.buf.len == 0);
-
-    return rv;
-}
diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h
deleted file mode 100644
index d4a603b05..000000000
--- a/security/nss/lib/ssl/ssl3prot.h
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- * Various and sundry protocol constants. DON'T CHANGE THESE. These
- * values are defined by the SSL 3.0 protocol specification.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __ssl3proto_h_
-#define __ssl3proto_h_
-
-typedef uint8 SSL3Opaque;
-
-typedef uint16 SSL3ProtocolVersion;
-/* version numbers are defined in sslproto.h */
-
-typedef uint16 ssl3CipherSuite;
-/* The cipher suites are defined in sslproto.h */
-
-#define MAX_CERT_TYPES			10
-#define MAX_COMPRESSION_METHODS		10
-#define MAX_MAC_LENGTH			64
-#define MAX_PADDING_LENGTH		64
-#define MAX_KEY_LENGTH			64
-#define EXPORT_KEY_LENGTH		 5
-#define SSL3_RANDOM_LENGTH		32
-
-#define SSL3_RECORD_HEADER_LENGTH	 5
-
-#define MAX_FRAGMENT_LENGTH		16384
-     
-typedef enum {
-    content_change_cipher_spec = 20, 
-    content_alert              = 21,
-    content_handshake          = 22, 
-    content_application_data   = 23
-} SSL3ContentType;
-
-typedef struct {
-    SSL3ContentType     type;
-    SSL3ProtocolVersion version;
-    uint16              length;
-    SECItem             fragment;
-} SSL3Plaintext;
-
-typedef struct {
-    SSL3ContentType     type;
-    SSL3ProtocolVersion version;
-    uint16              length;
-    SECItem             fragment;
-} SSL3Compressed;
-
-typedef struct {
-    SECItem    content;
-    SSL3Opaque MAC[MAX_MAC_LENGTH];
-} SSL3GenericStreamCipher;
-
-typedef struct {
-    SECItem    content;
-    SSL3Opaque MAC[MAX_MAC_LENGTH];
-    uint8      padding[MAX_PADDING_LENGTH];
-    uint8      padding_length;
-} SSL3GenericBlockCipher;
-
-typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
-
-typedef struct {
-    SSL3ChangeCipherSpecChoice choice;
-} SSL3ChangeCipherSpec;
-
-typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
-
-typedef enum {
-    close_notify            = 0,
-    unexpected_message      = 10,
-    bad_record_mac          = 20,
-    decryption_failed       = 21,	/* TLS only */
-    record_overflow         = 22,	/* TLS only */
-    decompression_failure   = 30,
-    handshake_failure       = 40,
-    no_certificate          = 41,	/* SSL3 only, NOT TLS */
-    bad_certificate         = 42,
-    unsupported_certificate = 43,
-    certificate_revoked     = 44,
-    certificate_expired     = 45,
-    certificate_unknown     = 46,
-    illegal_parameter       = 47,
-
-/* All alerts below are TLS only. */
-    unknown_ca              = 48,
-    access_denied           = 49,
-    decode_error            = 50,
-    decrypt_error           = 51,
-    export_restriction      = 60,
-    protocol_version        = 70,
-    insufficient_security   = 71,
-    internal_error          = 80,
-    user_canceled           = 90,
-    no_renegotiation        = 100
-
-} SSL3AlertDescription;
-
-typedef struct {
-    SSL3AlertLevel       level;
-    SSL3AlertDescription description;
-} SSL3Alert;
-
-typedef enum {
-    hello_request	= 0, 
-    client_hello	= 1, 
-    server_hello	= 2,
-    certificate 	= 11, 
-    server_key_exchange = 12,
-    certificate_request	= 13, 
-    server_hello_done	= 14,
-    certificate_verify	= 15, 
-    client_key_exchange	= 16, 
-    finished		= 20
-} SSL3HandshakeType;
-
-typedef struct {
-    uint8 empty;
-} SSL3HelloRequest;
-     
-typedef struct {
-    SSL3Opaque rand[SSL3_RANDOM_LENGTH];
-} SSL3Random;
-     
-typedef struct {
-    SSL3Opaque id[32];
-    uint8 length;
-} SSL3SessionID;
-     
-typedef enum { compression_null = 0 } SSL3CompressionMethod;
-     
-typedef struct {
-    SSL3ProtocolVersion   client_version;
-    SSL3Random            random;
-    SSL3SessionID         session_id;
-    SECItem               cipher_suites;
-    uint8                 cm_count;
-    SSL3CompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
-} SSL3ClientHello;
-     
-typedef struct  {
-    SSL3ProtocolVersion   server_version;
-    SSL3Random            random;
-    SSL3SessionID         session_id;
-    ssl3CipherSuite       cipher_suite;
-    SSL3CompressionMethod compression_method;
-} SSL3ServerHello;
-     
-typedef struct {
-    SECItem list;
-} SSL3Certificate;
-
-/* SSL3SignType moved to ssl.h */
-
-/* The SSL key exchange method used */     
-typedef enum {
-    kea_null, 
-    kea_rsa, 
-    kea_rsa_export,
-    kea_rsa_export_1024,
-    kea_dh_dss, 
-    kea_dh_dss_export, 
-    kea_dh_rsa, 
-    kea_dh_rsa_export,
-    kea_dhe_dss, 
-    kea_dhe_dss_export, 
-    kea_dhe_rsa, 
-    kea_dhe_rsa_export,
-    kea_dh_anon, 
-    kea_dh_anon_export, 
-    kea_fortezza, 
-    kea_rsa_fips
-} SSL3KeyExchangeAlgorithm;
-     
-typedef struct {
-    SECItem modulus;
-    SECItem exponent;
-} SSL3ServerRSAParams;
-
-typedef struct {
-    SECItem p;
-    SECItem g;
-    SECItem Ys;
-} SSL3ServerDHParams;
-
-typedef struct {
-    union {
-	SSL3ServerDHParams dh;
-	SSL3ServerRSAParams rsa;
-    } u;
-} SSL3ServerParams;
-
-typedef struct {
-    uint8 md5[16];
-    uint8 sha[20];
-} SSL3Hashes;
-     
-typedef struct {
-    union {
-	SSL3Opaque anonymous;
-	SSL3Hashes certified;
-    } u;
-} SSL3ServerKeyExchange;
-     
-typedef enum {
-    ct_RSA_sign 	=  1, 
-    ct_DSS_sign 	=  2, 
-    ct_RSA_fixed_DH 	=  3,
-    ct_DSS_fixed_DH 	=  4, 
-    ct_RSA_ephemeral_DH =  5, 
-    ct_DSS_ephemeral_DH =  6,
-    ct_Fortezza 	= 20
-} SSL3ClientCertificateType;
-     
-typedef SECItem *SSL3DistinquishedName;
-
-typedef struct {
-    SSL3Opaque client_version[2];
-    SSL3Opaque random[46];
-} SSL3RSAPreMasterSecret;
-     
-typedef SECItem SSL3EncryptedPreMasterSecret;
-
-/* Following struct is the format of a Fortezza ClientKeyExchange message. */
-typedef struct {
-    SECItem    y_c;
-    SSL3Opaque r_c                      [128];
-    SSL3Opaque y_signature              [40];
-    SSL3Opaque wrapped_client_write_key [12];
-    SSL3Opaque wrapped_server_write_key [12];
-    SSL3Opaque client_write_iv          [24];
-    SSL3Opaque server_write_iv          [24];
-    SSL3Opaque master_secret_iv         [24];
-    SSL3Opaque encrypted_preMasterSecret[48];
-} SSL3FortezzaKeys;
-
-typedef SSL3Opaque SSL3MasterSecret[48];
-
-typedef enum { implicit, explicit } SSL3PublicValueEncoding;
-     
-typedef struct {
-    union {
-	SSL3Opaque implicit;
-	SECItem    explicit;
-    } dh_public;
-} SSL3ClientDiffieHellmanPublic;
-     
-typedef struct {
-    union {
-	SSL3EncryptedPreMasterSecret  rsa;
-	SSL3ClientDiffieHellmanPublic diffie_helman;
-	SSL3FortezzaKeys              fortezza;
-    } exchange_keys;
-} SSL3ClientKeyExchange;
-
-typedef SSL3Hashes SSL3PreSignedCertificateVerify;
-
-typedef SECItem SSL3CertificateVerify;
-
-typedef enum {
-    sender_client = 0x434c4e54,
-    sender_server = 0x53525652
-} SSL3Sender;
-
-typedef SSL3Hashes SSL3Finished;   
-
-typedef struct {
-    SSL3Opaque verify_data[12];
-} TLSFinished;
-
-#endif /* __ssl3proto_h_ */
diff --git a/security/nss/lib/ssl/sslauth.c b/security/nss/lib/ssl/sslauth.c
deleted file mode 100644
index 6be86ec9b..000000000
--- a/security/nss/lib/ssl/sslauth.c
+++ /dev/null
@@ -1,272 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-
-/* NEED LOCKS IN HERE.  */
-CERTCertificate *
-SSL_PeerCertificate(PRFileDesc *fd)
-{
-    sslSocket *ss;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
-		 SSL_GETPID(), fd));
-	return 0;
-    }
-    if (ss->useSecurity && ss->sec.peerCert) {
-	return CERT_DupCertificate(ss->sec.peerCert);
-    }
-    return 0;
-}
-
-/* NEED LOCKS IN HERE.  */
-CERTCertificate *
-SSL_LocalCertificate(PRFileDesc *fd)
-{
-    sslSocket *ss;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
-		 SSL_GETPID(), fd));
-	return NULL;
-    }
-    if (ss->useSecurity) {
-    	if (ss->sec.localCert) {
-	    return CERT_DupCertificate(ss->sec.localCert);
-	}
-	if (ss->sec.ci.sid && ss->sec.ci.sid->localCert) {
-	    return CERT_DupCertificate(ss->sec.ci.sid->localCert);
-	}
-    }
-    return NULL;
-}
-
-
-
-/* NEED LOCKS IN HERE.  */
-SECStatus
-SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
-		   char **ip, char **sp)
-{
-    sslSocket *ss;
-    const char *cipherName;
-    PRBool isDes = PR_FALSE;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in SecurityStatus",
-		 SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    if (cp) *cp = 0;
-    if (kp0) *kp0 = 0;
-    if (kp1) *kp1 = 0;
-    if (ip) *ip = 0;
-    if (sp) *sp = 0;
-    if (op) {
-	*op = SSL_SECURITY_STATUS_OFF;
-    }
-
-    if (ss->useSecurity && ss->firstHsDone) {
-
-	if (ss->version < SSL_LIBRARY_VERSION_3_0) {
-	    cipherName = ssl_cipherName[ss->sec.cipherType];
-	} else {
-	    cipherName = ssl3_cipherName[ss->sec.cipherType];
-	}
-	if (cipherName && PORT_Strstr(cipherName, "DES")) isDes = PR_TRUE;
-	/* do same key stuff for fortezza */
-    
-	if (cp) {
-	    *cp = PORT_Strdup(cipherName);
-	}
-
-	if (kp0) {
-	    *kp0 = ss->sec.keyBits;
-	    if (isDes) *kp0 = (*kp0 * 7) / 8;
-	}
-	if (kp1) {
-	    *kp1 = ss->sec.secretKeyBits;
-	    if (isDes) *kp1 = (*kp1 * 7) / 8;
-	}
-	if (op) {
-	    if (ss->sec.keyBits == 0) {
-		*op = SSL_SECURITY_STATUS_OFF;
-	    } else if (ss->sec.secretKeyBits < 90) {
-		*op = SSL_SECURITY_STATUS_ON_LOW;
-
-	    } else {
-		*op = SSL_SECURITY_STATUS_ON_HIGH;
-	    }
-	}
-
-	if (ip || sp) {
-	    CERTCertificate *cert;
-
-	    cert = ss->sec.peerCert;
-	    if (cert) {
-		if (ip) {
-		    *ip = CERT_NameToAscii(&cert->issuer);
-		}
-		if (sp) {
-		    *sp = CERT_NameToAscii(&cert->subject);
-		}
-	    } else {
-		if (ip) {
-		    *ip = PORT_Strdup("no certificate");
-		}
-		if (sp) {
-		    *sp = PORT_Strdup("no certificate");
-		}
-	    }
-	}
-    }
-
-    return SECSuccess;
-}
-
-/************************************************************************/
-
-/* NEED LOCKS IN HERE.  */
-SECStatus
-SSL_AuthCertificateHook(PRFileDesc *s, SSLAuthCertificate func, void *arg)
-{
-    sslSocket *ss;
-    SECStatus rv;
-
-    ss = ssl_FindSocket(s);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in AuthCertificateHook",
-		 SSL_GETPID(), s));
-	return SECFailure;
-    }
-
-    ss->authCertificate = func;
-    ss->authCertificateArg = arg;
-
-    return SECSuccess;
-}
-
-/* NEED LOCKS IN HERE.  */
-SECStatus 
-SSL_GetClientAuthDataHook(PRFileDesc *s, SSLGetClientAuthData func,
-			      void *arg)
-{
-    sslSocket *ss;
-    SECStatus rv;
-
-    ss = ssl_FindSocket(s);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
-		 SSL_GETPID(), s));
-	return SECFailure;
-    }
-
-    ss->getClientAuthData = func;
-    ss->getClientAuthDataArg = arg;
-    return SECSuccess;
-}
-
-/* NEED LOCKS IN HERE.  */
-SECStatus 
-SSL_SetPKCS11PinArg(PRFileDesc *s, void *arg)
-{
-    sslSocket *ss;
-    SECStatus rv;
-
-    ss = ssl_FindSocket(s);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
-		 SSL_GETPID(), s));
-	return SECFailure;
-    }
-
-    ss->pkcs11PinArg = arg;
-    return SECSuccess;
-}
-
-
-/* This is the "default" authCert callback function.  It is called when a 
- * certificate message is received from the peer and the local application
- * has not registered an authCert callback function.
- */
-SECStatus
-SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
-{
-    SECStatus          rv;
-    CERTCertDBHandle * handle;
-    sslSocket *        ss;
-    SECCertUsage       certUsage;
-    const char *             hostname    = NULL;
-    
-    ss = ssl_FindSocket(fd);
-    PORT_Assert(ss != NULL);
-    if (!ss) {
-	return SECFailure;
-    }
-
-    handle = (CERTCertDBHandle *)arg;
-
-    /* this may seem backwards, but isn't. */
-    certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
-    rv = CERT_VerifyCertNow(handle, ss->sec.peerCert, checkSig, certUsage,
-			    ss->pkcs11PinArg);
-
-    if ( rv != SECSuccess || isServer )
-	return rv;
-  
-    /* cert is OK.  This is the client side of an SSL connection.
-     * Now check the name field in the cert against the desired hostname.
-     * NB: This is our only defense against Man-In-The-Middle (MITM) attacks!
-     */
-    hostname = ss->url;
-    if (hostname && hostname[0])
-	rv = CERT_VerifyCertName(ss->sec.peerCert, hostname);
-    else 
-	rv = SECFailure;
-    if (rv != SECSuccess)
-	PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
-
-    return rv;
-}
diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c
deleted file mode 100644
index a1bfb4ce9..000000000
--- a/security/nss/lib/ssl/sslcon.c
+++ /dev/null
@@ -1,3762 +0,0 @@
-/* 
- * SSL v2 handshake functions, and functions common to SSL2 and SSL3.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secitem.h"
-#include "sechash.h"
-#include "cryptohi.h"		/* for SGN_ funcs */
-#include "keyhi.h" 		/* for SECKEY_ high level functions. */
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "ssl3prot.h"
-#include "sslerr.h"
-#include "pk11func.h"
-#include "prinit.h"
-#include "prtime.h" 	/* for PR_Now() */
-
-#define XXX
-static PRBool policyWasSet;
-
-/* This ordered list is indexed by (SSL_CK_xx * 3)   */
-/* Second and third bytes are MSB and LSB of master key length. */
-static const PRUint8 allCipherSuites[] = {
-    0,						0,    0,
-    SSL_CK_RC4_128_WITH_MD5,			0x00, 0x80,
-    SSL_CK_RC4_128_EXPORT40_WITH_MD5,		0x00, 0x80,
-    SSL_CK_RC2_128_CBC_WITH_MD5,		0x00, 0x80,
-    SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5,	0x00, 0x80,
-    SSL_CK_IDEA_128_CBC_WITH_MD5,		0x00, 0x80,
-    SSL_CK_DES_64_CBC_WITH_MD5,			0x00, 0x40,
-    SSL_CK_DES_192_EDE3_CBC_WITH_MD5,		0x00, 0xC0,
-    0,						0,    0
-};
-
-#define ssl2_NUM_SUITES_IMPLEMENTED 6
-
-/* This list is sent back to the client when the client-hello message 
- * contains no overlapping ciphers, so the client can report what ciphers
- * are supported by the server.  Unlike allCipherSuites (above), this list
- * is sorted by descending preference, not by cipherSuite number. 
- */
-static const PRUint8 implementedCipherSuites[ssl2_NUM_SUITES_IMPLEMENTED * 3] = {
-    SSL_CK_RC4_128_WITH_MD5,			0x00, 0x80,
-    SSL_CK_RC2_128_CBC_WITH_MD5,		0x00, 0x80,
-    SSL_CK_DES_192_EDE3_CBC_WITH_MD5,		0x00, 0xC0,
-    SSL_CK_DES_64_CBC_WITH_MD5,			0x00, 0x40,
-    SSL_CK_RC4_128_EXPORT40_WITH_MD5,		0x00, 0x80,
-    SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5,	0x00, 0x80
-};
-
-typedef struct ssl2SpecsStr {
-    PRUint8           nkm; /* do this many hashes to generate key material. */
-    PRUint8           nkd; /* size of readKey and writeKey in bytes. */
-    PRUint8           blockSize;
-    PRUint8           blockShift;
-    CK_MECHANISM_TYPE mechanism;
-    PRUint8           keyLen;	/* cipher symkey size in bytes. */
-    PRUint8           pubLen;	/* publicly reveal this many bytes of key. */
-    PRUint8           ivLen;	/* length of IV data at *ca.	*/
-} ssl2Specs;
-
-static const ssl2Specs ssl_Specs[] = {
-/* NONE                                 */ 
-				{  0,  0, 0, 0, },
-/* SSL_CK_RC4_128_WITH_MD5		*/ 
-				{  2, 16, 1, 0, CKM_RC4,       16,   0, 0, },
-/* SSL_CK_RC4_128_EXPORT40_WITH_MD5	*/ 
-				{  2, 16, 1, 0, CKM_RC4,       16,  11, 0, },
-/* SSL_CK_RC2_128_CBC_WITH_MD5		*/ 
-				{  2, 16, 8, 3, CKM_RC2_CBC,   16,   0, 8, },
-/* SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5	*/ 
-				{  2, 16, 8, 3, CKM_RC2_CBC,   16,  11, 8, },
-/* SSL_CK_IDEA_128_CBC_WITH_MD5		*/ 
-				{  0,  0, 0, 0, },
-/* SSL_CK_DES_64_CBC_WITH_MD5		*/ 
-				{  1,  8, 8, 3, CKM_DES_CBC,    8,   0, 8, },
-/* SSL_CK_DES_192_EDE3_CBC_WITH_MD5	*/ 
-				{  3, 24, 8, 3, CKM_DES3_CBC,  24,   0, 8, },
-};
-
-#define SET_ERROR_CODE	  /* reminder */
-#define TEST_FOR_FAILURE  /* reminder */
-
-/*
-** Put a string tag in the library so that we can examine an executable
-** and see what kind of security it supports.
-*/
-const char *ssl_version = "SECURITY_VERSION:"
-			" +us"
-			" +export"
-#ifdef TRACE
-			" +trace"
-#endif
-#ifdef DEBUG
-			" +debug"
-#endif
-			;
-
-const char * const ssl_cipherName[] = {
-    "unknown",
-    "RC4",
-    "RC4-Export",
-    "RC2-CBC",
-    "RC2-CBC-Export",
-    "IDEA-CBC",
-    "DES-CBC",
-    "DES-EDE3-CBC",
-    "unknown",
-    "Fortezza",
-};
-
-
-/* bit-masks, showing which SSLv2 suites are allowed.
- * lsb corresponds to first cipher suite in allCipherSuites[].
- */
-static PRUint16	allowedByPolicy;          /* all off by default */
-static PRUint16	maybeAllowedByPolicy;     /* all off by default */
-static PRUint16	chosenPreference = 0xff;  /* all on  by default */
-
-/* bit values for the above two bit masks */
-#define SSL_CB_RC4_128_WITH_MD5              (1 << SSL_CK_RC4_128_WITH_MD5)
-#define SSL_CB_RC4_128_EXPORT40_WITH_MD5     (1 << SSL_CK_RC4_128_EXPORT40_WITH_MD5)
-#define SSL_CB_RC2_128_CBC_WITH_MD5          (1 << SSL_CK_RC2_128_CBC_WITH_MD5)
-#define SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5)
-#define SSL_CB_IDEA_128_CBC_WITH_MD5         (1 << SSL_CK_IDEA_128_CBC_WITH_MD5)
-#define SSL_CB_DES_64_CBC_WITH_MD5           (1 << SSL_CK_DES_64_CBC_WITH_MD5)
-#define SSL_CB_DES_192_EDE3_CBC_WITH_MD5     (1 << SSL_CK_DES_192_EDE3_CBC_WITH_MD5)
-#define SSL_CB_IMPLEMENTED \
-   (SSL_CB_RC4_128_WITH_MD5              | \
-    SSL_CB_RC4_128_EXPORT40_WITH_MD5     | \
-    SSL_CB_RC2_128_CBC_WITH_MD5          | \
-    SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 | \
-    SSL_CB_DES_64_CBC_WITH_MD5           | \
-    SSL_CB_DES_192_EDE3_CBC_WITH_MD5)
-
-
-/* Construct a socket's list of cipher specs from the global default values.
- */
-static SECStatus
-ssl2_ConstructCipherSpecs(sslSocket *ss) 
-{
-    PRUint8 *	        cs		= NULL;
-    unsigned int	allowed;
-    unsigned int	count;
-    int 		ssl3_count	= 0;
-    int 		final_count;
-    int 		i;
-    SECStatus 		rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    count = 0;
-    PORT_Assert(ss != 0);
-    allowed = !ss->enableSSL2 ? 0 :
-    	(ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED);
-    while (allowed) {
-    	if (allowed & 1) 
-	    ++count;
-	allowed >>= 1;
-    }
-
-    /* Call ssl3_config_match_init() once here, 
-     * instead of inside ssl3_ConstructV2CipherSpecsHack(),
-     * because the latter gets called twice below, 
-     * and then again in ssl2_BeginClientHandshake().
-     */
-    ssl3_config_match_init(ss);
-
-    /* ask SSL3 how many cipher suites it has. */
-    rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3_count);
-    if (rv < 0) 
-	return rv;
-    count += ssl3_count;
-
-    /* Allocate memory to hold cipher specs */
-    if (count > 0)
-	cs = (PRUint8*) PORT_Alloc(count * 3);
-    else
-	PORT_SetError(SSL_ERROR_SSL_DISABLED);
-    if (cs == NULL)
-    	return SECFailure;
-
-    if (ss->cipherSpecs != NULL) {
-	PORT_Free(ss->cipherSpecs);
-    }
-    ss->cipherSpecs     = cs;
-    ss->sizeCipherSpecs = count * 3;
-
-    /* fill in cipher specs for SSL2 cipher suites */
-    allowed = !ss->enableSSL2 ? 0 :
-    	(ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED);
-    for (i = 0; i < ssl2_NUM_SUITES_IMPLEMENTED * 3; i += 3) {
-	const PRUint8 * hs = implementedCipherSuites + i;
-	int             ok = allowed & (1U << hs[0]);
-	if (ok) {
-	    cs[0] = hs[0];
-	    cs[1] = hs[1];
-	    cs[2] = hs[2];
-	    cs += 3;
-	}
-    }
-
-    /* now have SSL3 add its suites onto the end */
-    rv = ssl3_ConstructV2CipherSpecsHack(ss, cs, &final_count);
-    
-    /* adjust for any difference between first pass and second pass */
-    ss->sizeCipherSpecs -= (ssl3_count - final_count) * 3;
-
-    return rv;
-}
-
-/* This function is called immediately after ssl2_ConstructCipherSpecs()
-** at the beginning of a handshake.  It detects cases where a protocol
-** (e.g. SSL2 or SSL3) is logically enabled, but all its cipher suites
-** for that protocol have been disabled.  If such cases, it clears the 
-** enable bit for the protocol.  If no protocols remain enabled, or
-** if no cipher suites are found, it sets the error code and returns
-** SECFailure, otherwise it returns SECSuccess.
-*/
-static SECStatus
-ssl2_CheckConfigSanity(sslSocket *ss)
-{
-    unsigned int      allowed;
-    int               ssl3CipherCount = 0;
-    SECStatus         rv;
-
-    /* count the SSL2 and SSL3 enabled ciphers.
-     * if either is zero, clear the socket's enable for that protocol.
-     */
-    if (!ss->cipherSpecs)
-    	goto disabled;
-
-    allowed = ss->allowedByPolicy & ss->chosenPreference;
-    if (! allowed)
-	ss->enableSSL2 = PR_FALSE;     /* not really enabled if no ciphers */
-
-    /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */
-    /* Ask how many ssl3 CipherSuites were enabled. */
-    rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount);
-    if (rv != SECSuccess || ssl3CipherCount <= 0) {
-	ss->enableSSL3 = PR_FALSE;     /* not really enabled if no ciphers */
-	ss->enableTLS  = PR_FALSE;
-    }
-
-    if (!ss->enableSSL2 && !ss->enableSSL3 && !ss->enableTLS) {
-	SSL_DBG(("%d: SSL[%d]: Can't handshake! both v2 and v3 disabled.",
-		 SSL_GETPID(), ss->fd));
-disabled:
-	PORT_SetError(SSL_ERROR_SSL_DISABLED);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* 
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this.  Probably want a global lock.
- */
-SECStatus
-ssl2_SetPolicy(PRInt32 which, PRInt32 policy)
-{
-    PRUint32  bitMask;
-    SECStatus rv       = SECSuccess;
-
-    which &= 0x000f;
-    bitMask = 1 << which;
-
-    if (!(bitMask & SSL_CB_IMPLEMENTED)) {
-    	PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-    	return SECFailure;
-    }
-
-    if (policy == SSL_ALLOWED) {
-	allowedByPolicy 	|= bitMask;
-	maybeAllowedByPolicy 	|= bitMask;
-    } else if (policy == SSL_RESTRICTED) {
-    	allowedByPolicy 	&= ~bitMask;
-	maybeAllowedByPolicy 	|= bitMask;
-    } else {
-    	allowedByPolicy 	&= ~bitMask;
-    	maybeAllowedByPolicy 	&= ~bitMask;
-    }
-    allowedByPolicy 		&= SSL_CB_IMPLEMENTED;
-    maybeAllowedByPolicy 	&= SSL_CB_IMPLEMENTED;
-
-    policyWasSet = PR_TRUE;
-    return rv;
-}
-
-SECStatus
-ssl2_GetPolicy(PRInt32 which, PRInt32 *oPolicy)
-{
-    PRUint32     bitMask;
-    PRInt32      policy;
-
-    which &= 0x000f;
-    bitMask = 1 << which;
-
-    /* Caller assures oPolicy is not null. */
-    if (!(bitMask & SSL_CB_IMPLEMENTED)) {
-    	PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-	*oPolicy = SSL_NOT_ALLOWED;
-    	return SECFailure;
-    }
-
-    if (maybeAllowedByPolicy & bitMask) {
-    	policy = (allowedByPolicy & bitMask) ? SSL_ALLOWED : SSL_RESTRICTED;
-    } else {
-	policy = SSL_NOT_ALLOWED;
-    }
-
-    *oPolicy = policy;
-    return SECSuccess;
-}
-
-/* 
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this.  Probably want a global lock.
- * Called from SSL_CipherPrefSetDefault in sslsock.c
- * These changes have no effect on any sslSockets already created. 
- */
-SECStatus
-ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
-{
-    PRUint32     bitMask;
-    
-    which &= 0x000f;
-    bitMask = 1 << which;
-
-    if (!(bitMask & SSL_CB_IMPLEMENTED)) {
-    	PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-    	return SECFailure;
-    }
-
-    if (enabled)
-	chosenPreference |= bitMask;
-    else
-    	chosenPreference &= ~bitMask;
-    chosenPreference &= SSL_CB_IMPLEMENTED;
-
-    return SECSuccess;
-}
-
-SECStatus 
-ssl2_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
-{
-    PRBool       rv       = PR_FALSE;
-    PRUint32     bitMask;
-
-    which &= 0x000f;
-    bitMask = 1 << which;
-
-    if (!(bitMask & SSL_CB_IMPLEMENTED)) {
-    	PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-	*enabled = PR_FALSE;
-    	return SECFailure;
-    }
-
-    rv = (PRBool)((chosenPreference & bitMask) != 0);
-    *enabled = rv;
-    return SECSuccess;
-}
-
-SECStatus 
-ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled)
-{
-    PRUint32     bitMask;
-    
-    which &= 0x000f;
-    bitMask = 1 << which;
-
-    if (!(bitMask & SSL_CB_IMPLEMENTED)) {
-    	PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-    	return SECFailure;
-    }
-
-    if (enabled)
-	ss->chosenPreference |= bitMask;
-    else
-    	ss->chosenPreference &= ~bitMask;
-    ss->chosenPreference &= SSL_CB_IMPLEMENTED;
-
-    return SECSuccess;
-}
-
-SECStatus 
-ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled)
-{
-    PRBool       rv       = PR_FALSE;
-    PRUint32     bitMask;
-
-    which &= 0x000f;
-    bitMask = 1 << which;
-
-    if (!(bitMask & SSL_CB_IMPLEMENTED)) {
-    	PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
-	*enabled = PR_FALSE;
-    	return SECFailure;
-    }
-
-    rv = (PRBool)((ss->chosenPreference & bitMask) != 0);
-    *enabled = rv;
-    return SECSuccess;
-}
-
-
-/* copy global default policy into socket. */
-void      
-ssl2_InitSocketPolicy(sslSocket *ss)
-{
-    ss->allowedByPolicy		= allowedByPolicy;
-    ss->maybeAllowedByPolicy	= maybeAllowedByPolicy;
-    ss->chosenPreference 	= chosenPreference;
-}
-
-
-/************************************************************************/
-
-/* Called from ssl2_CreateSessionCypher(), which already holds handshake lock.
- */
-static SECStatus
-ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey, 
-          int cipherChoice)
-{
-    switch (cipherChoice) {
-
-      case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
-      case SSL_CK_RC2_128_CBC_WITH_MD5:
-      case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
-      case SSL_CK_RC4_128_WITH_MD5:
-      case SSL_CK_DES_64_CBC_WITH_MD5:
-      case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
-	sec->hash = HASH_GetHashObject(HASH_AlgMD5);
-	SECITEM_CopyItem(0, &sec->sendSecret, writeKey);
-	SECITEM_CopyItem(0, &sec->rcvSecret, readKey);
-	break;
-
-      default:
-	PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-	return SECFailure;
-    }
-    sec->hashcx = (*sec->hash->create)();
-    if (sec->hashcx == NULL)
-	return SECFailure;
-    return SECSuccess;
-}
-
-/************************************************************************
- * All the Send functions below must acquire and release the socket's 
- * xmitBufLock.
- */
-
-/* Called from all the Send* functions below. */
-static SECStatus
-ssl2_GetSendBuffer(sslSocket *ss, unsigned int len)
-{
-    SECStatus rv = SECSuccess;
-
-    PORT_Assert(ssl_HaveXmitBufLock(ss));
-
-    if (len < 128) {
-	len = 128;
-    }
-    if (len > ss->sec.ci.sendBuf.space) {
-	rv = sslBuffer_Grow(&ss->sec.ci.sendBuf, len);
-	if (rv != SECSuccess) {
-	    SSL_DBG(("%d: SSL[%d]: ssl2_GetSendBuffer failed, tried to get %d bytes",
-		     SSL_GETPID(), ss->fd, len));
-	    rv = SECFailure;
-	}
-    }
-    return rv;
-}
-
-/* Called from:
- * ssl2_ClientSetupSessionCypher() <- ssl2_HandleServerHelloMessage()
- * ssl2_HandleRequestCertificate()     <- ssl2_HandleMessage() <- 
- 					ssl_Do1stHandshake()
- * ssl2_HandleMessage()                <- ssl_Do1stHandshake()
- * ssl2_HandleServerHelloMessage() <- ssl_Do1stHandshake()
-                                     after ssl2_BeginClientHandshake()
- * ssl2_RestartHandshakeAfterCertReq() <- Called from certdlgs.c in nav.
- * ssl2_HandleClientHelloMessage() <- ssl_Do1stHandshake() 
-                                     after ssl2_BeginServerHandshake()
- * 
- * Acquires and releases the socket's xmitBufLock.
- */	
-int
-ssl2_SendErrorMessage(sslSocket *ss, int error)
-{
-    int rv;
-    PRUint8 msg[SSL_HL_ERROR_HBYTES];
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    msg[0] = SSL_MT_ERROR;
-    msg[1] = MSB(error);
-    msg[2] = LSB(error);
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    SSL_TRC(3, ("%d: SSL[%d]: sending error %d", SSL_GETPID(), ss->fd, error));
-
-    ss->handshakeBegun = 1;
-    rv = (*ss->sec.send)(ss, msg, sizeof(msg), 0);
-    if (rv >= 0) {
-	rv = SECSuccess;
-    }
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/* Called from ssl2_TryToFinish().  
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendClientFinishedMessage(sslSocket *ss)
-{
-    SECStatus        rv    = SECSuccess;
-    int              sent;
-    PRUint8    msg[1 + SSL_CONNECTIONID_BYTES];
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    if (ss->sec.ci.sentFinished == 0) {
-	ss->sec.ci.sentFinished = 1;
-
-	SSL_TRC(3, ("%d: SSL[%d]: sending client-finished",
-		    SSL_GETPID(), ss->fd));
-
-	msg[0] = SSL_MT_CLIENT_FINISHED;
-	PORT_Memcpy(msg+1, ss->sec.ci.connectionID, 
-	            sizeof(ss->sec.ci.connectionID));
-
-	DUMP_MSG(29, (ss, msg, 1 + sizeof(ss->sec.ci.connectionID)));
-	sent = (*ss->sec.send)(ss, msg, 1 + sizeof(ss->sec.ci.connectionID), 0);
-	rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-    }
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/* Called from 
- * ssl2_HandleClientSessionKeyMessage() <- ssl2_HandleClientHelloMessage()
- * ssl2_HandleClientHelloMessage()  <- ssl_Do1stHandshake() 
-                                      after ssl2_BeginServerHandshake()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendServerVerifyMessage(sslSocket *ss)
-{
-    PRUint8 *        msg;
-    int              sendLen;
-    int              sent;
-    SECStatus        rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    sendLen = 1 + SSL_CHALLENGE_BYTES;
-    rv = ssl2_GetSendBuffer(ss, sendLen);
-    if (rv != SECSuccess) {
-	goto done;
-    }
-
-    msg = ss->sec.ci.sendBuf.buf;
-    msg[0] = SSL_MT_SERVER_VERIFY;
-    PORT_Memcpy(msg+1, ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES);
-
-    DUMP_MSG(29, (ss, msg, sendLen));
-    sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-
-    rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-
-done:
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/* Called from ssl2_TryToFinish(). 
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendServerFinishedMessage(sslSocket *ss)
-{
-    sslSessionID *   sid;
-    PRUint8 *        msg;
-    int              sendLen, sent;
-    SECStatus        rv    = SECSuccess;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    if (ss->sec.ci.sentFinished == 0) {
-	ss->sec.ci.sentFinished = 1;
-	PORT_Assert(ss->sec.ci.sid != 0);
-	sid = ss->sec.ci.sid;
-
-	SSL_TRC(3, ("%d: SSL[%d]: sending server-finished",
-		    SSL_GETPID(), ss->fd));
-
-	sendLen = 1 + sizeof(sid->u.ssl2.sessionID);
-	rv = ssl2_GetSendBuffer(ss, sendLen);
-	if (rv != SECSuccess) {
-	    goto done;
-	}
-
-	msg = ss->sec.ci.sendBuf.buf;
-	msg[0] = SSL_MT_SERVER_FINISHED;
-	PORT_Memcpy(msg+1, sid->u.ssl2.sessionID,
-		    sizeof(sid->u.ssl2.sessionID));
-
-	DUMP_MSG(29, (ss, msg, sendLen));
-	sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-
-	if (sent < 0) {
-	    /* If send failed, it is now a bogus  session-id */
-	    (*ss->sec.uncache)(sid);
-	    rv = (SECStatus)sent;
-	} else if (!ss->noCache) {
-	    /* Put the sid in session-id cache, (may already be there) */
-	    (*ss->sec.cache)(sid);
-	    rv = SECSuccess;
-	}
-	ssl_FreeSID(sid);
-	ss->sec.ci.sid = 0;
-    }
-done:
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/* Called from ssl2_ClientSetupSessionCypher() <- 
- *						ssl2_HandleServerHelloMessage() 
- *                                           after ssl2_BeginClientHandshake()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendSessionKeyMessage(sslSocket *ss, int cipher, int keySize,
-		      PRUint8 *ca, int caLen,
-		      PRUint8 *ck, int ckLen,
-		      PRUint8 *ek, int ekLen)
-{
-    PRUint8 *        msg;
-    int              sendLen;
-    int              sent;
-    SECStatus        rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    sendLen = SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen + caLen;
-    rv = ssl2_GetSendBuffer(ss, sendLen);
-    if (rv != SECSuccess) 
-	goto done;
-
-    SSL_TRC(3, ("%d: SSL[%d]: sending client-session-key",
-		SSL_GETPID(), ss->fd));
-
-    msg = ss->sec.ci.sendBuf.buf;
-    msg[0] = SSL_MT_CLIENT_MASTER_KEY;
-    msg[1] = cipher;
-    msg[2] = MSB(keySize);
-    msg[3] = LSB(keySize);
-    msg[4] = MSB(ckLen);
-    msg[5] = LSB(ckLen);
-    msg[6] = MSB(ekLen);
-    msg[7] = LSB(ekLen);
-    msg[8] = MSB(caLen);
-    msg[9] = LSB(caLen);
-    PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES, ck, ckLen);
-    PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES+ckLen, ek, ekLen);
-    PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES+ckLen+ekLen, ca, caLen);
-
-    DUMP_MSG(29, (ss, msg, sendLen));
-    sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-    rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-done:
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/* Called from ssl2_TriggerNextMessage() <- ssl2_HandleMessage() 
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendCertificateRequestMessage(sslSocket *ss)
-{
-    PRUint8 *        msg;
-    int              sent;
-    int              sendLen;
-    SECStatus        rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    sendLen = SSL_HL_REQUEST_CERTIFICATE_HBYTES + SSL_CHALLENGE_BYTES;
-    rv = ssl2_GetSendBuffer(ss, sendLen);
-    if (rv != SECSuccess) 
-	goto done;
-
-    SSL_TRC(3, ("%d: SSL[%d]: sending certificate request",
-		SSL_GETPID(), ss->fd));
-
-    /* Generate random challenge for client to encrypt */
-    PK11_GenerateRandom(ss->sec.ci.serverChallenge, SSL_CHALLENGE_BYTES);
-
-    msg = ss->sec.ci.sendBuf.buf;
-    msg[0] = SSL_MT_REQUEST_CERTIFICATE;
-    msg[1] = SSL_AT_MD5_WITH_RSA_ENCRYPTION;
-    PORT_Memcpy(msg + SSL_HL_REQUEST_CERTIFICATE_HBYTES, 
-                ss->sec.ci.serverChallenge, SSL_CHALLENGE_BYTES);
-
-    DUMP_MSG(29, (ss, msg, sendLen));
-    sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-    rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-done:
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/* Called from ssl2_HandleRequestCertificate() <- ssl2_HandleMessage()
- *             ssl2_RestartHandshakeAfterCertReq() <- (application)
- * Acquires and releases the socket's xmitBufLock.
- */
-static int
-ssl2_SendCertificateResponseMessage(sslSocket *ss, SECItem *cert, 
-                                    SECItem *encCode)
-{
-    PRUint8 *msg;
-    int rv, sendLen;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    sendLen = SSL_HL_CLIENT_CERTIFICATE_HBYTES + encCode->len + cert->len;
-    rv = ssl2_GetSendBuffer(ss, sendLen);
-    if (rv) 
-    	goto done;
-
-    SSL_TRC(3, ("%d: SSL[%d]: sending certificate response",
-		SSL_GETPID(), ss->fd));
-
-    msg = ss->sec.ci.sendBuf.buf;
-    msg[0] = SSL_MT_CLIENT_CERTIFICATE;
-    msg[1] = SSL_CT_X509_CERTIFICATE;
-    msg[2] = MSB(cert->len);
-    msg[3] = LSB(cert->len);
-    msg[4] = MSB(encCode->len);
-    msg[5] = LSB(encCode->len);
-    PORT_Memcpy(msg + SSL_HL_CLIENT_CERTIFICATE_HBYTES, cert->data, cert->len);
-    PORT_Memcpy(msg + SSL_HL_CLIENT_CERTIFICATE_HBYTES + cert->len,
-	      encCode->data, encCode->len);
-
-    DUMP_MSG(29, (ss, msg, sendLen));
-    rv = (*ss->sec.send)(ss, msg, sendLen, 0);
-    if (rv >= 0) {
-	rv = SECSuccess;
-    }
-done:
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-    return rv;
-}
-
-/********************************************************************
-**  Send functions above this line must aquire & release the socket's   
-**	xmitBufLock.  
-** All the ssl2_Send functions below this line are called vis ss->sec.send
-**	and require that the caller hold the xmitBufLock.
-*/
-
-/*
-** Called from ssl2_SendStream, ssl2_SendBlock, but not from ssl2_SendClear.
-*/
-static SECStatus
-ssl2_CalcMAC(PRUint8             * result, 
-	     sslSecurityInfo     * sec,
-	     const PRUint8       * data, 
-	     unsigned int          dataLen,
-	     unsigned int          paddingLen)
-{
-    const PRUint8 *      secret		= sec->sendSecret.data;
-    unsigned int         secretLen	= sec->sendSecret.len;
-    unsigned long        sequenceNumber = sec->sendSequence;
-    unsigned int         nout;
-    PRUint8              seq[4];
-    PRUint8              padding[32];/* XXX max blocksize? */
-
-    if (!sec->hash || !sec->hash->length)
-    	return SECSuccess;
-    if (!sec->hashcx)
-    	return SECFailure;
-
-    /* Reset hash function */
-    (*sec->hash->begin)(sec->hashcx);
-
-    /* Feed hash the data */
-    (*sec->hash->update)(sec->hashcx, secret, secretLen);
-    (*sec->hash->update)(sec->hashcx, data, dataLen);
-    PORT_Memset(padding, paddingLen, paddingLen);
-    (*sec->hash->update)(sec->hashcx, padding, paddingLen);
-
-    seq[0] = (PRUint8) (sequenceNumber >> 24);
-    seq[1] = (PRUint8) (sequenceNumber >> 16);
-    seq[2] = (PRUint8) (sequenceNumber >> 8);
-    seq[3] = (PRUint8) (sequenceNumber);
-
-    PRINT_BUF(60, (0, "calc-mac secret:", secret, secretLen));
-    PRINT_BUF(60, (0, "calc-mac data:", data, dataLen));
-    PRINT_BUF(60, (0, "calc-mac padding:", padding, paddingLen));
-    PRINT_BUF(60, (0, "calc-mac seq:", seq, 4));
-
-    (*sec->hash->update)(sec->hashcx, seq, 4);
-
-    /* Get result */
-    (*sec->hash->end)(sec->hashcx, result, &nout, sec->hash->length);
-
-    return SECSuccess;
-}
-
-/*
-** Maximum transmission amounts. These are tiny bit smaller than they
-** need to be (they account for the MAC length plus some padding),
-** assuming the MAC is 16 bytes long and the padding is a max of 7 bytes
-** long. This gives an additional 9 bytes of slop to work within.
-*/
-#define MAX_STREAM_CYPHER_LEN	0x7fe0
-#define MAX_BLOCK_CYPHER_LEN	0x3fe0
-
-/*
-** Send some data in the clear. 
-** Package up data with the length header and send it.
-**
-** Return count of bytes succesfully written, or negative number (failure).
-*/
-static PRInt32 
-ssl2_SendClear(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
-    PRUint8         * out;
-    int               rv;
-    int               amount;
-    int               count	= 0;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes in the clear",
-		 SSL_GETPID(), ss->fd, len));
-    PRINT_BUF(50, (ss, "clear data:", (PRUint8*) in, len));
-
-    while (len) {
-	amount = PR_MIN( len, MAX_STREAM_CYPHER_LEN );
-	if (amount + 2 > ss->sec.writeBuf.space) {
-	    rv = sslBuffer_Grow(&ss->sec.writeBuf, amount + 2);
-	    if (rv != SECSuccess) {
-		count = rv;
-		break;
-	    }
-	}
-	out = ss->sec.writeBuf.buf;
-
-	/*
-	** Construct message.
-	*/
-	out[0] = 0x80 | MSB(amount);
-	out[1] = LSB(amount);
-	PORT_Memcpy(&out[2], in, amount);
-
-	/* Now send the data */
-	rv = ssl_DefSend(ss, out, amount + 2, flags & ~ssl_SEND_FLAG_MASK);
-	if (rv < 0) {
-	    if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
-		rv = 0;
-	    } else {
-		/* Return short write if some data already went out... */
-		if (count == 0)
-		    count = rv;
-		break;
-	    }
-	}
-
-	if ((unsigned)rv < (amount + 2)) {
-	    /* Short write.  Save the data and return. */
-	    if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
-				   amount + 2 - rv) == SECFailure) {
-		count = SECFailure;
-	    } else {
-		count += amount;
-		ss->sec.sendSequence++;
-	    }
-	    break;
-	}
-
-	ss->sec.sendSequence++;
-	in    += amount;
-	count += amount;
-	len   -= amount;
-    }
-
-    return count;
-}
-
-/*
-** Send some data, when using a stream cipher. Stream ciphers have a
-** block size of 1. Package up the data with the length header
-** and send it.
-*/
-static PRInt32 
-ssl2_SendStream(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
-    PRUint8       *  out;
-    int              rv;
-    int              count	= 0;
-
-    int              amount;
-    PRUint8          macLen;
-    int              nout;
-    int              buflen;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes using stream cipher",
-		 SSL_GETPID(), ss->fd, len));
-    PRINT_BUF(50, (ss, "clear data:", (PRUint8*) in, len));
-
-    while (len) {
-	ssl_GetSpecReadLock(ss);  /*************************************/
-
-	macLen = ss->sec.hash->length;
-	amount = PR_MIN( len, MAX_STREAM_CYPHER_LEN );
-	buflen = amount + 2 + macLen;
-	if (buflen > ss->sec.writeBuf.space) {
-	    rv = sslBuffer_Grow(&ss->sec.writeBuf, buflen);
-	    if (rv != SECSuccess) {
-		goto loser;
-	    }
-	}
-	out    = ss->sec.writeBuf.buf;
-	nout   = amount + macLen;
-	out[0] = 0x80 | MSB(nout);
-	out[1] = LSB(nout);
-
-	/* Calculate MAC */
-	rv = ssl2_CalcMAC(out+2, 		/* put MAC here */
-	                  &ss->sec, 
-		          in, amount, 		/* input addr & length */
-			  0); 			/* no padding */
-	if (rv != SECSuccess) 
-	    goto loser;
-
-	/* Encrypt MAC */
-	rv = (*ss->sec.enc)(ss->sec.writecx, out+2, &nout, macLen, out+2, macLen);
-	if (rv) goto loser;
-
-	/* Encrypt data from caller */
-	rv = (*ss->sec.enc)(ss->sec.writecx, out+2+macLen, &nout, amount, in, amount);
-	if (rv) goto loser;
-
-	ssl_ReleaseSpecReadLock(ss);  /*************************************/
-
-	PRINT_BUF(50, (ss, "encrypted data:", out, buflen));
-
-	rv = ssl_DefSend(ss, out, buflen, flags & ~ssl_SEND_FLAG_MASK);
-	if (rv < 0) {
-	    if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
-		SSL_TRC(50, ("%d: SSL[%d]: send stream would block, "
-			     "saving data", SSL_GETPID(), ss->fd));
-		rv = 0;
-	    } else {
-		SSL_TRC(10, ("%d: SSL[%d]: send stream error %d",
-			     SSL_GETPID(), ss->fd, PORT_GetError()));
-		/* Return short write if some data already went out... */
-		if (count == 0)
-		    count = rv;
-		goto done;
-	    }
-	}
-
-	if ((unsigned)rv < buflen) {
-	    /* Short write.  Save the data and return. */
-	    if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
-				  buflen - rv) == SECFailure) {
-		count = SECFailure;
-	    } else {
-	    	count += amount;
-		ss->sec.sendSequence++;
-	    }
-	    goto done;
-	}
-
-	ss->sec.sendSequence++;
-	in    += amount;
-	count += amount;
-	len   -= amount;
-    }
-
-done:
-    return count;
-
-loser:
-    ssl_ReleaseSpecReadLock(ss);
-    return SECFailure;
-}
-
-/*
-** Send some data, when using a block cipher. Package up the data with
-** the length header and send it.
-*/
-/* XXX assumes blocksize is > 7 */
-static PRInt32
-ssl2_SendBlock(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
-    PRUint8       *  out;  		    /* begining of output buffer.    */
-    PRUint8       *  op;		    /* next output byte goes here.   */
-    int              rv;		    /* value from funcs we called.   */
-    int              count	= 0;        /* this function's return value. */
-
-    unsigned int     hlen;		    /* output record hdr len, 2 or 3 */
-    unsigned int     macLen;		    /* MAC is this many bytes long.  */
-    int              amount;		    /* of plaintext to go in record. */
-    unsigned int     padding;		    /* add this many padding byte.   */
-    int              nout;		    /* ciphertext size after header. */
-    int              buflen;		    /* size of generated record.     */
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
-    SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes using block cipher",
-		 SSL_GETPID(), ss->fd, len));
-    PRINT_BUF(50, (ss, "clear data:", in, len));
-
-    while (len) {
-	ssl_GetSpecReadLock(ss);  /*************************************/
-
-	macLen = ss->sec.hash->length;
-	/* Figure out how much to send, including mac and padding */
-	amount  = PR_MIN( len, MAX_BLOCK_CYPHER_LEN );
-	nout    = amount + macLen;
-	padding = nout & (ss->sec.blockSize - 1);
-	if (padding) {
-	    hlen    = 3;
-	    padding = ss->sec.blockSize - padding;
-	    nout   += padding;
-	} else {
-	    hlen = 2;
-	}
-	buflen = hlen + nout;
-	if (buflen > ss->sec.writeBuf.space) {
-	    rv = sslBuffer_Grow(&ss->sec.writeBuf, buflen);
-	    if (rv != SECSuccess) {
-		goto loser;
-	    }
-	}
-	out = ss->sec.writeBuf.buf;
-
-	/* Construct header */
-	op = out;
-	if (padding) {
-	    *op++ = MSB(nout);
-	    *op++ = LSB(nout);
-	    *op++ = padding;
-	} else {
-	    *op++ = 0x80 | MSB(nout);
-	    *op++ = LSB(nout);
-	}
-
-	/* Calculate MAC */
-	rv = ssl2_CalcMAC(op, 		/* MAC goes here. */
-	                  &ss->sec, 
-		          in, amount, 	/* intput addr, len */
-			  padding);
-	if (rv != SECSuccess) 
-	    goto loser;
-	op += macLen;
-
-	/* Copy in the input data */
-	/* XXX could eliminate the copy by folding it into the encryption */
-	PORT_Memcpy(op, in, amount);
-	op += amount;
-	if (padding) {
-	    PORT_Memset(op, padding, padding);
-	    op += padding;
-	}
-
-	/* Encrypt result */
-	rv = (*ss->sec.enc)(ss->sec.writecx, out+hlen, &nout, buflen-hlen,
-			 out+hlen, op - (out + hlen));
-	if (rv) 
-	    goto loser;
-
-	ssl_ReleaseSpecReadLock(ss);  /*************************************/
-
-	PRINT_BUF(50, (ss, "final xmit data:", out, op - out));
-
-	rv = ssl_DefSend(ss, out, op - out, flags & ~ssl_SEND_FLAG_MASK);
-	if (rv < 0) {
-	    if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
-		rv = 0;
-	    } else {
-		SSL_TRC(10, ("%d: SSL[%d]: send block error %d",
-			     SSL_GETPID(), ss->fd, PORT_GetError()));
-		/* Return short write if some data already went out... */
-		if (count == 0)
-		    count = rv;
-		goto done;
-	    }
-	}
-
-	if (rv < (op - out)) {
-	    /* Short write.  Save the data and return. */
-	    if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
-				  op - out - rv) == SECFailure) {
-		count = SECFailure;
-	    } else {
-		count += amount;
-		ss->sec.sendSequence++;
-	    }
-	    goto done;
-	}
-
-	ss->sec.sendSequence++;
-	in    += amount;
-	count += amount;
-	len   -= amount;
-    }
-
-done:
-    return count;
-
-loser:
-    ssl_ReleaseSpecReadLock(ss);
-    return SECFailure;
-}
-
-/*
-** Called from: ssl2_HandleServerHelloMessage,
-**              ssl2_HandleClientSessionKeyMessage,
-**              ssl2_RestartHandshakeAfterServerCert,
-**              ssl2_HandleClientHelloMessage,
-**              
-*/
-static void
-ssl2_UseEncryptedSendFunc(sslSocket *ss)
-{
-    ssl_GetXmitBufLock(ss);
-    PORT_Assert(ss->sec.hashcx != 0);
-
-    ss->gs.encrypted = 1;
-    ss->sec.send = (ss->sec.blockSize > 1) ? ssl2_SendBlock : ssl2_SendStream;
-    ssl_ReleaseXmitBufLock(ss);
-}
-
-/* Called while initializing socket in ssl_CreateSecurityInfo().
-** This function allows us to keep the name of ssl2_SendClear static.
-*/
-void
-ssl2_UseClearSendFunc(sslSocket *ss)
-{
-    ss->sec.send = ssl2_SendClear;
-}
-
-/************************************************************************
-** 			END of Send functions.                          * 
-*************************************************************************/
-
-/***********************************************************************
- * For SSL3, this gathers in and handles records/messages until either 
- *	the handshake is complete or application data is available.
- *
- * For SSL2, this gathers in only the next SSLV2 record.
- *
- * Called from ssl_Do1stHandshake() via function pointer ss->handshake.
- * Caller must hold handshake lock.
- * This function acquires and releases the RecvBufLock.
- *
- * returns SECSuccess for success.
- * returns SECWouldBlock when that value is returned by ssl2_GatherRecord() or
- *	ssl3_GatherCompleteHandshake().
- * returns SECFailure on all other errors.
- *
- * The gather functions called by ssl_GatherRecord1stHandshake are expected 
- * 	to return values interpreted as follows:
- *  1 : the function completed without error.
- *  0 : the function read EOF.
- * -1 : read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * -2 : the function wants ssl_GatherRecord1stHandshake to be called again 
- *	immediately, by ssl_Do1stHandshake.
- *
- * This code is similar to, and easily confused with, DoRecv() in sslsecur.c
- *
- * This function is called from ssl_Do1stHandshake().  
- * The following functions put ssl_GatherRecord1stHandshake into ss->handshake:
- *	ssl2_HandleMessage
- *	ssl2_HandleVerifyMessage
- *	ssl2_HandleServerHelloMessage
- *	ssl2_BeginClientHandshake	
- *	ssl2_HandleClientSessionKeyMessage
- *	ssl2_RestartHandshakeAfterCertReq 
- *	ssl3_RestartHandshakeAfterCertReq 
- *	ssl2_RestartHandshakeAfterServerCert 
- *	ssl3_RestartHandshakeAfterServerCert 
- *	ssl2_HandleClientHelloMessage
- *	ssl2_BeginServerHandshake
- */
-SECStatus
-ssl_GatherRecord1stHandshake(sslSocket *ss)
-{
-    int rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetRecvBufLock(ss);
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-	/* Wait for handshake to complete, or application data to arrive.  */
-	rv = ssl3_GatherCompleteHandshake(ss, 0);
-    } else {
-	/* See if we have a complete record */
-	rv = ssl2_GatherRecord(ss, 0);
-    }
-    SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d",
-		 SSL_GETPID(), ss->fd, rv));
-
-    ssl_ReleaseRecvBufLock(ss);
-
-    if (rv <= 0) {
-	if (rv == SECWouldBlock) {
-	    /* Progress is blocked waiting for callback completion.  */
-	    SSL_TRC(10, ("%d: SSL[%d]: handshake blocked (need %d)",
-			 SSL_GETPID(), ss->fd, ss->gs.remainder));
-	    return SECWouldBlock;
-	}
-	if (rv == 0) {
-	    /* EOF. Loser  */
-	    PORT_SetError(PR_END_OF_FILE_ERROR);
-	}
-	return SECFailure;	/* rv is < 0 here. */
-    }
-
-    SSL_TRC(10, ("%d: SSL[%d]: got handshake record of %d bytes",
-		 SSL_GETPID(), ss->fd, ss->gs.recordLen));
-
-    ss->handshake = 0;	/* makes ssl_Do1stHandshake call ss->nextHandshake.*/
-    return SECSuccess;
-}
-
-/************************************************************************/
-
-/* Called from ssl2_ServerSetupSessionCypher()
- *             ssl2_ClientSetupSessionCypher()
- */
-static SECStatus
-ssl2_FillInSID(sslSessionID * sid, 
-          int            cipher,
-	  PRUint8       *keyData, 
-	  int            keyLen,
-	  PRUint8       *ca, 
-	  int            caLen,
-	  int            keyBits, 
-	  int            secretKeyBits,
-	  SSLSignType    authAlgorithm,
-	  PRUint32       authKeyBits,
-	  SSLKEAType     keaType,
-	  PRUint32       keaKeyBits)
-{
-    PORT_Assert(sid->references == 1);
-    PORT_Assert(sid->cached == never_cached);
-    PORT_Assert(sid->u.ssl2.masterKey.data == 0);
-    PORT_Assert(sid->u.ssl2.cipherArg.data == 0);
-
-    sid->version = SSL_LIBRARY_VERSION_2;
-
-    sid->u.ssl2.cipherType = cipher;
-    sid->u.ssl2.masterKey.data = (PRUint8*) PORT_Alloc(keyLen);
-    if (!sid->u.ssl2.masterKey.data) {
-	return SECFailure;
-    }
-    PORT_Memcpy(sid->u.ssl2.masterKey.data, keyData, keyLen);
-    sid->u.ssl2.masterKey.len = keyLen;
-    sid->u.ssl2.keyBits       = keyBits;
-    sid->u.ssl2.secretKeyBits = secretKeyBits;
-    sid->authAlgorithm        = authAlgorithm;
-    sid->authKeyBits          = authKeyBits;
-    sid->keaType              = keaType;
-    sid->keaKeyBits           = keaKeyBits;
-    sid->lastAccessTime = sid->creationTime = ssl_Time();
-    sid->expirationTime = sid->creationTime + ssl_sid_timeout;
-
-    if (caLen) {
-	sid->u.ssl2.cipherArg.data = (PRUint8*) PORT_Alloc(caLen);
-	if (!sid->u.ssl2.cipherArg.data) {
-	    return SECFailure;
-	}
-	sid->u.ssl2.cipherArg.len = caLen;
-	PORT_Memcpy(sid->u.ssl2.cipherArg.data, ca, caLen);
-    }
-    return SECSuccess;
-}
-
-/*
-** Construct session keys given the masterKey (tied to the session-id),
-** the client's challenge and the server's nonce.
-**
-** Called from ssl2_CreateSessionCypher() <-
-*/
-static SECStatus
-ssl2_ProduceKeys(sslSocket *    ss, 
-            SECItem *      readKey, 
-	    SECItem *      writeKey,
-	    SECItem *      masterKey, 
-	    PRUint8 *      challenge,
-	    PRUint8 *      nonce, 
-	    int            cipherType)
-{
-    PK11Context * cx        = 0;
-    unsigned      nkm       = 0; /* number of hashes to generate key mat. */
-    unsigned      nkd       = 0; /* size of readKey and writeKey. */
-    unsigned      part;
-    unsigned      i;
-    unsigned      off;
-    SECStatus     rv;
-    PRUint8       countChar;
-    PRUint8       km[3*16];	/* buffer for key material. */
-
-    readKey->data = 0;
-    writeKey->data = 0;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    rv = SECSuccess;
-    cx = PK11_CreateDigestContext(SEC_OID_MD5);
-    if (cx == NULL) {
-	ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	return SECFailure;
-    }
-
-    nkm = ssl_Specs[cipherType].nkm;
-    nkd = ssl_Specs[cipherType].nkd;
-
-    readKey->data = (PRUint8*) PORT_Alloc(nkd);
-    if (!readKey->data) 
-    	goto loser;
-    readKey->len = nkd;
-
-    writeKey->data = (PRUint8*) PORT_Alloc(nkd);
-    if (!writeKey->data) 
-    	goto loser;
-    writeKey->len = nkd;
-
-    /* Produce key material */
-    countChar = '0';
-    for (i = 0, off = 0; i < nkm; i++, off += 16) {
-	rv  = PK11_DigestBegin(cx);
-	rv |= PK11_DigestOp(cx, masterKey->data, masterKey->len);
-	rv |= PK11_DigestOp(cx, &countChar,      1);
-	rv |= PK11_DigestOp(cx, challenge,       SSL_CHALLENGE_BYTES);
-	rv |= PK11_DigestOp(cx, nonce,           SSL_CONNECTIONID_BYTES);
-	rv |= PK11_DigestFinal(cx, km+off, &part, MD5_LENGTH);
-	if (rv != SECSuccess) {
-	    ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
-	    rv = SECFailure;
-	    goto loser;
-	}
-	countChar++;
-    }
-
-    /* Produce keys */
-    PORT_Memcpy(readKey->data,  km,       nkd);
-    PORT_Memcpy(writeKey->data, km + nkd, nkd);
-
-loser:
-    PK11_DestroyContext(cx, PR_TRUE);
-    return rv;
-}
-
-/* Called from ssl2_ServerSetupSessionCypher() 
-**                  <- ssl2_HandleClientSessionKeyMessage()
-**                          <- ssl2_HandleClientHelloMessage()
-** and from    ssl2_ClientSetupSessionCypher() 
-**                  <- ssl2_HandleServerHelloMessage()
-*/
-static SECStatus
-ssl2_CreateSessionCypher(sslSocket *ss, sslSessionID *sid, PRBool isClient)
-{
-    SECItem         * rk = NULL;
-    SECItem         * wk = NULL;
-    SECItem *         param;
-    SECStatus         rv;
-    int               cipherType  = sid->u.ssl2.cipherType;
-    PK11SlotInfo *    slot        = NULL;
-    CK_MECHANISM_TYPE mechanism;
-    SECItem           readKey;
-    SECItem           writeKey;
-
-    void *readcx = 0;
-    void *writecx = 0;
-    readKey.data = 0;
-    writeKey.data = 0;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-    if((ss->sec.ci.sid == 0))
-    	goto sec_loser;	/* don't crash if asserts are off */
-
-    /* Trying to cut down on all these switch statements that should be tables.
-     * So, test cipherType once, here, and then use tables below. 
-     */
-    switch (cipherType) {
-    case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
-    case SSL_CK_RC4_128_WITH_MD5:
-    case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
-    case SSL_CK_RC2_128_CBC_WITH_MD5:
-    case SSL_CK_DES_64_CBC_WITH_MD5:
-    case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
-	break;
-
-    default:
-	SSL_DBG(("%d: SSL[%d]: ssl2_CreateSessionCypher: unknown cipher=%d",
-		 SSL_GETPID(), ss->fd, cipherType));
-	PORT_SetError(isClient ? SSL_ERROR_BAD_SERVER : SSL_ERROR_BAD_CLIENT);
-	goto sec_loser;
-    }
- 
-    rk = isClient ? &readKey  : &writeKey;
-    wk = isClient ? &writeKey : &readKey;
-
-    /* Produce the keys for this session */
-    rv = ssl2_ProduceKeys(ss, &readKey, &writeKey, &sid->u.ssl2.masterKey,
-		     ss->sec.ci.clientChallenge, ss->sec.ci.connectionID,
-		     cipherType);
-    if (rv != SECSuccess) 
-	goto loser;
-    PRINT_BUF(7, (ss, "Session read-key: ", rk->data, rk->len));
-    PRINT_BUF(7, (ss, "Session write-key: ", wk->data, wk->len));
-
-    PORT_Memcpy(ss->sec.ci.readKey, readKey.data, readKey.len);
-    PORT_Memcpy(ss->sec.ci.writeKey, writeKey.data, writeKey.len);
-    ss->sec.ci.keySize = readKey.len;
-
-    /* Setup the MAC */
-    rv = ssl2_CreateMAC(&ss->sec, rk, wk, cipherType);
-    if (rv != SECSuccess) 
-    	goto loser;
-
-    /* First create the session key object */
-    SSL_TRC(3, ("%d: SSL[%d]: using %s", SSL_GETPID(), ss->fd,
-	    ssl_cipherName[cipherType]));
-
-
-    mechanism  = ssl_Specs[cipherType].mechanism;
-
-    /* set destructer before we call loser... */
-    ss->sec.destroy = (void (*)(void*, PRBool)) PK11_DestroyContext;
-    slot = PK11_GetBestSlot(mechanism, ss->pkcs11PinArg);
-    if (slot == NULL)
-	goto loser;
-
-    param = PK11_ParamFromIV(mechanism, &sid->u.ssl2.cipherArg);
-    if (param == NULL)
-	goto loser;
-    readcx = PK11_CreateContextByRawKey(slot, mechanism, PK11_OriginUnwrap,
-					CKA_DECRYPT, rk, param,
-					ss->pkcs11PinArg);
-    SECITEM_FreeItem(param, PR_TRUE);
-    if (readcx == NULL)
-	goto loser;
-
-    /* build the client context */
-    param = PK11_ParamFromIV(mechanism, &sid->u.ssl2.cipherArg);
-    if (param == NULL)
-	goto loser;
-    writecx = PK11_CreateContextByRawKey(slot, mechanism, PK11_OriginUnwrap,
-					 CKA_ENCRYPT, wk, param,
-					 ss->pkcs11PinArg);
-    SECITEM_FreeItem(param,PR_TRUE);
-    if (writecx == NULL)
-	goto loser;
-    PK11_FreeSlot(slot);
-
-    rv = SECSuccess;
-    ss->sec.enc           = (SSLCipher) PK11_CipherOp;
-    ss->sec.dec           = (SSLCipher) PK11_CipherOp;
-    ss->sec.readcx        = (void *) readcx;
-    ss->sec.writecx       = (void *) writecx;
-    ss->sec.blockSize     = ssl_Specs[cipherType].blockSize;
-    ss->sec.blockShift    = ssl_Specs[cipherType].blockShift;
-    ss->sec.cipherType    = sid->u.ssl2.cipherType;
-    ss->sec.keyBits       = sid->u.ssl2.keyBits;
-    ss->sec.secretKeyBits = sid->u.ssl2.secretKeyBits;
-    goto done;
-
-  loser:
-    if (ss->sec.destroy) {
-	if (readcx)  (*ss->sec.destroy)(readcx, PR_TRUE);
-	if (writecx) (*ss->sec.destroy)(writecx, PR_TRUE);
-    }
-    ss->sec.destroy = NULL;
-    if (slot) PK11_FreeSlot(slot);
-
-  sec_loser:
-    rv = SECFailure;
-
-  done:
-    if (rk) {
-	SECITEM_ZfreeItem(rk, PR_FALSE);
-    }
-    if (wk) {
-	SECITEM_ZfreeItem(wk, PR_FALSE);
-    }
-    return rv;
-}
-
-/*
-** Setup the server ciphers given information from a CLIENT-MASTER-KEY
-** message.
-** 	"ss"      pointer to the ssl-socket object
-** 	"cipher"  the cipher type to use
-** 	"keyBits" the size of the final cipher key
-** 	"ck"      the clear-key data
-** 	"ckLen"   the number of bytes of clear-key data
-** 	"ek"      the encrypted-key data
-** 	"ekLen"   the number of bytes of encrypted-key data
-** 	"ca"      the cipher-arg data
-** 	"caLen"   the number of bytes of cipher-arg data
-**
-** The MASTER-KEY is constructed by first decrypting the encrypted-key
-** data. This produces the SECRET-KEY-DATA. The MASTER-KEY is composed by
-** concatenating the clear-key data with the SECRET-KEY-DATA. This code
-** checks to make sure that the client didn't send us an improper amount
-** of SECRET-KEY-DATA (it restricts the length of that data to match the
-** spec).
-**
-** Called from ssl2_HandleClientSessionKeyMessage().
-*/
-static SECStatus
-ssl2_ServerSetupSessionCypher(sslSocket *ss, int cipher, unsigned int keyBits,
-			 PRUint8 *ck, unsigned int ckLen,
-			 PRUint8 *ek, unsigned int ekLen,
-			 PRUint8 *ca, unsigned int caLen)
-{
-    PRUint8           *kk = NULL;
-    sslSessionID *    sid;
-    PRUint8       *   kbuf = 0;	/* buffer for RSA decrypted data. */
-    unsigned int      el1;	/* length of RSA decrypted data in kbuf */
-    unsigned int      keySize;
-    unsigned int      modulusLen;
-    SECStatus         rv;
-    PRUint8           mkbuf[SSL_MAX_MASTER_KEY_BYTES];
-    sslServerCerts  * sc = ss->serverCerts + kt_rsa;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-    PORT_Assert( ssl_HaveRecvBufLock(ss)   );
-    PORT_Assert((sc->serverKey != 0));
-    PORT_Assert((ss->sec.ci.sid != 0));
-    sid = ss->sec.ci.sid;
-
-    keySize = (keyBits + 7) >> 3;
-    /* Is the message just way too big? */
-    if (keySize > SSL_MAX_MASTER_KEY_BYTES) {
-	/* bummer */
-	SSL_DBG(("%d: SSL[%d]: keySize=%d ckLen=%d max session key size=%d",
-		 SSL_GETPID(), ss->fd, keySize, ckLen,
-		 SSL_MAX_MASTER_KEY_BYTES));
-	PORT_SetError(SSL_ERROR_BAD_CLIENT);
-	goto loser;
-    }
-
-
-    /* Trying to cut down on all these switch statements that should be tables.
-     * So, test cipherType once, here, and then use tables below. 
-     */
-    switch (cipher) {
-    case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
-    case SSL_CK_RC4_128_WITH_MD5:
-    case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
-    case SSL_CK_RC2_128_CBC_WITH_MD5:
-    case SSL_CK_DES_64_CBC_WITH_MD5:
-    case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
-	break;
-
-    default:
-	SSL_DBG(("%d: SSL[%d]: ssl2_ServerSetupSessionCypher: unknown cipher=%d",
-		 SSL_GETPID(), ss->fd, cipher));
-	PORT_SetError(SSL_ERROR_BAD_CLIENT);
-	goto loser;
-    }
-
-    /* For export ciphers, make sure they didn't send too much key data. */
-    if (ckLen != ssl_Specs[cipher].pubLen) {
-	SSL_DBG(("%d: SSL[%d]: odd secret key size, keySize=%d ckLen=%d!",
-		 SSL_GETPID(), ss->fd, keySize, ckLen));
-	/* Somebody tried to sneak by a strange secret key */
-	PORT_SetError(SSL_ERROR_BAD_CLIENT);
-	goto loser;
-    }
-
-    /* allocate the buffer to hold the decrypted portion of the key. */
-    /* XXX Haven't done any range check on ekLen. */
-    kbuf = (PRUint8*) PORT_Alloc(ekLen);
-    if (!kbuf) {
-	goto loser;
-    }
-
-    /*
-    ** Decrypt encrypted half of the key. Note that encrypted half has
-    ** been made to match the modulus size of our public key using
-    ** PKCS#1. keySize is the real size of the data that is interesting.
-    ** NOTE: PK11_PubDecryptRaw will barf on a non-RSA key. This is
-    ** desired behavior here.
-    */
-    rv = PK11_PubDecryptRaw(sc->serverKey, kbuf, &el1, ekLen, ek, ekLen);
-    if (rv != SECSuccess) 
-	goto hide_loser;
-
-    modulusLen = PK11_GetPrivateModulusLen(sc->serverKey);
-    if (modulusLen == -1) {
-	/* If the key was really bad, then PK11_pubDecryptRaw
-	 * would have failed, therefore the we must assume that the card
-	 * is just being a pain and not giving us the modulus... but it
-	 * should be the same size as the encrypted key length, so use it
-	 * and keep cranking */
-	modulusLen = ekLen;
-    }
-    /* Is the length of the decrypted data (el1) the expected value? */
-    if (modulusLen != el1) 
-	goto hide_loser;
-
-    /* Cheaply verify that PKCS#1 was used to format the encryption block */
-    kk = kbuf + modulusLen - (keySize - ckLen);
-    if ((kbuf[0] != 0x00) || (kbuf[1] != 0x02) || (kk[-1] != 0x00)) {
-	/* Tsk tsk. */
-	SSL_DBG(("%d: SSL[%d]: strange encryption block",
-		 SSL_GETPID(), ss->fd));
-	PORT_SetError(SSL_ERROR_BAD_CLIENT);
-	goto hide_loser;
-    }
-
-    /* Make sure we're not subject to a version rollback attack. */
-    if (ss->enableSSL3 || ss->enableTLS) {
-	PRUint8 threes[8] = { 0x03, 0x03, 0x03, 0x03,
-			      0x03, 0x03, 0x03, 0x03 };
-	
-	if (PORT_Memcmp(kk - 8 - 1, threes, 8) == 0) {
-	    PORT_SetError(SSL_ERROR_BAD_CLIENT);
-	    goto hide_loser;
-	}
-    }
-    if (0) {
-hide_loser:
-	/* Defense against the Bleichenbacher attack.
-	 * Provide the client with NO CLUES that the decrypted master key
-	 * was erroneous.  Don't send any error messages.
-	 * Instead, Generate a completely bogus master key .
-	 */
-	PK11_GenerateRandom(kbuf, ekLen);
-	if (!kk) {
-	    kk = kbuf + ekLen - (keySize-ckLen);
-	}
-    }
-
-    /*
-    ** Construct master key out of the pieces.
-    */
-    if (ckLen) {
-	PORT_Memcpy(mkbuf, ck, ckLen);
-    }
-    PORT_Memcpy(mkbuf+ckLen, kk, keySize-ckLen);
-
-    /* Fill in session-id */
-    rv = ssl2_FillInSID(sid, cipher, mkbuf, keySize, ca, caLen,
-		   keyBits, keyBits - (ckLen<<3),
-		   ss->sec.authAlgorithm, ss->sec.authKeyBits,
-		   ss->sec.keaType,       ss->sec.keaKeyBits);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /* Create session ciphers */
-    rv = ssl2_CreateSessionCypher(ss, sid, PR_FALSE);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    SSL_TRC(1, ("%d: SSL[%d]: server, using %s cipher, clear=%d total=%d",
-		SSL_GETPID(), ss->fd, ssl_cipherName[cipher],
-		ckLen<<3, keySize<<3));
-    rv = SECSuccess;
-    goto done;
-
-  loser:
-    rv = SECFailure;
-
-  done:
-    PORT_Free(kbuf);
-    return rv;
-}
-
-/************************************************************************/
-
-/*
-** Rewrite the incoming cipher specs, comparing to list of specs we support,
-** (ss->cipherSpecs) and eliminating anything we don't support
-**
-*  Note: Our list may contain SSL v3 ciphers.  
-*  We MUST NOT match on any of those.  
-*  Fortunately, this is easy to detect because SSLv3 ciphers have zero
-*  in the first byte, and none of the SSLv2 ciphers do.
-*
-*  Called from ssl2_HandleClientHelloMessage().
-*/
-static int
-ssl2_QualifyCypherSpecs(sslSocket *ss, 
-                        PRUint8 *  cs, /* cipher specs in client hello msg. */
-		        int        csLen)
-{
-    PRUint8 *    ms;
-    PRUint8 *    hs;
-    PRUint8 *    qs;
-    int          mc;
-    int          hc;
-    PRUint8      qualifiedSpecs[ssl2_NUM_SUITES_IMPLEMENTED * 3];
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-    PORT_Assert( ssl_HaveRecvBufLock(ss)   );
-
-    if (!ss->cipherSpecs) {
-	ssl2_ConstructCipherSpecs(ss);
-    }
-
-    PRINT_BUF(10, (ss, "specs from client:", cs, csLen));
-    qs = qualifiedSpecs;
-    ms = ss->cipherSpecs;
-    for (mc = ss->sizeCipherSpecs; mc > 0; mc -= 3, ms += 3) {
-	if (ms[0] == 0)
-	    continue;
-	for (hs = cs, hc = csLen; hc > 0; hs += 3, hc -= 3) {
-	    if ((hs[0] == ms[0]) &&
-		(hs[1] == ms[1]) &&
-		(hs[2] == ms[2])) {
-		/* Copy this cipher spec into the "keep" section */
-		qs[0] = hs[0];
-		qs[1] = hs[1];
-		qs[2] = hs[2];
-		qs   += 3;
-		break;
-	    }
-	}
-    }
-    hc = qs - qualifiedSpecs;
-    PRINT_BUF(10, (ss, "qualified specs from client:", qualifiedSpecs, hc));
-    PORT_Memcpy(cs, qualifiedSpecs, hc);
-    return hc;
-}
-
-/*
-** Pick the best cipher we can find, given the array of server cipher
-** specs.  Returns cipher number (e.g. SSL_CK_*), or -1 for no overlap.
-** If succesful, stores the master key size (bytes) in *pKeyLen.
-**
-** This is correct only for the client side, but presently
-** this function is only called from 
-**	ssl2_ClientSetupSessionCypher() <- ssl2_HandleServerHelloMessage()
-**
-** Note that most servers only return a single cipher suite in their 
-** ServerHello messages.  So, the code below for finding the "best" cipher
-** suite usually has only one choice.  The client and server should send 
-** their cipher suite lists sorted in descending order by preference.
-*/
-static int
-ssl2_ChooseSessionCypher(sslSocket *ss, 
-                         int        hc,    /* number of cs's in hs. */
-		         PRUint8 *  hs,    /* server hello's cipher suites. */
-		         int *      pKeyLen) /* out: sym key size in bytes. */
-{
-    PRUint8 *       ms;
-    unsigned int    i;
-    int             bestKeySize;
-    int             bestRealKeySize;
-    int             bestCypher;
-    int             keySize;
-    int             realKeySize;
-    PRUint8 *       ohs               = hs;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-    PORT_Assert( ssl_HaveRecvBufLock(ss)   );
-
-    if (!ss->cipherSpecs) {
-	ssl2_ConstructCipherSpecs(ss);
-    }
-
-    if (!ss->preferredCipher) {
-	const PRUint8 * preferred = implementedCipherSuites;
-    	unsigned int    allowed = ss->allowedByPolicy & ss->chosenPreference &
-	                       SSL_CB_IMPLEMENTED;
-	if (allowed) {
-	    for (i = ssl2_NUM_SUITES_IMPLEMENTED; i > 0; --i) {
-		if (0 != (allowed & (1U << preferred[0]))) {
-		    ss->preferredCipher = preferred;
-		    break;
-		}
-		preferred += 3;
-	    }
-	}
-    }
-    /*
-    ** Scan list of ciphers recieved from peer and look for a match in
-    ** our list.  
-    *  Note: Our list may contain SSL v3 ciphers.  
-    *  We MUST NOT match on any of those.  
-    *  Fortunately, this is easy to detect because SSLv3 ciphers have zero
-    *  in the first byte, and none of the SSLv2 ciphers do.
-    */
-    bestKeySize = bestRealKeySize = 0;
-    bestCypher = -1;
-    while (--hc >= 0) {
-	for (i = 0, ms = ss->cipherSpecs; i < ss->sizeCipherSpecs; i += 3, ms += 3) {
-	    if ((hs[0] == ss->preferredCipher[0]) &&
-		(hs[1] == ss->preferredCipher[1]) &&
-		(hs[2] == ss->preferredCipher[2]) &&
-		 hs[0] != 0) {
-		/* Pick this cipher immediately! */
-		*pKeyLen = (((hs[1] << 8) | hs[2]) + 7) >> 3;
-		return hs[0];
-	    }
-	    if ((hs[0] == ms[0]) && (hs[1] == ms[1]) && (hs[2] == ms[2]) &&
-	         hs[0] != 0) {
-		/* Found a match */
-
-		/* Use secret keySize to determine which cipher is best */
-		realKeySize = (hs[1] << 8) | hs[2];
-		switch (hs[0]) {
-		  case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
-		  case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
-		    keySize = 40;
-		    break;
-		  default:
-		    keySize = realKeySize;
-		    break;
-		}
-		if (keySize > bestKeySize) {
-		    bestCypher = hs[0];
-		    bestKeySize = keySize;
-		    bestRealKeySize = realKeySize;
-		}
-	    }
-	}
-	hs += 3;
-    }
-    if (bestCypher < 0) {
-	/*
-	** No overlap between server and client. Re-examine server list
-	** to see what kind of ciphers it does support so that we can set
-	** the error code appropriately.
-	*/
-	if ((ohs[0] == SSL_CK_RC4_128_WITH_MD5) ||
-	    (ohs[0] == SSL_CK_RC2_128_CBC_WITH_MD5)) {
-	    PORT_SetError(SSL_ERROR_US_ONLY_SERVER);
-	} else if ((ohs[0] == SSL_CK_RC4_128_EXPORT40_WITH_MD5) ||
-		   (ohs[0] == SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5)) {
-	    PORT_SetError(SSL_ERROR_EXPORT_ONLY_SERVER);
-	} else {
-	    PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-	}
-	SSL_DBG(("%d: SSL[%d]: no cipher overlap", SSL_GETPID(), ss->fd));
-	goto loser;
-    }
-    *pKeyLen = (bestRealKeySize + 7) >> 3;
-    return bestCypher;
-
-  loser:
-    return -1;
-}
-
-static SECStatus
-ssl2_ClientHandleServerCert(sslSocket *ss, PRUint8 *certData, int certLen)
-{
-    CERTCertificate *cert      = NULL;
-    SECItem          certItem;
-
-    certItem.data = certData;
-    certItem.len  = certLen;
-
-    /* decode the certificate */
-    cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
-				   PR_FALSE, PR_TRUE);
-    
-    if (cert == NULL) {
-	SSL_DBG(("%d: SSL[%d]: decode of server certificate fails",
-		 SSL_GETPID(), ss->fd));
-	PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
-	return SECFailure;
-    }
-
-#ifdef TRACE
-    {
-	if (ssl_trace >= 1) {
-	    char *issuer;
-	    char *subject;
-	    issuer = CERT_NameToAscii(&cert->issuer);
-	    subject = CERT_NameToAscii(&cert->subject);
-	    SSL_TRC(1,("%d: server certificate issuer: '%s'",
-		       SSL_GETPID(), issuer ? issuer : "OOPS"));
-	    SSL_TRC(1,("%d: server name: '%s'",
-		       SSL_GETPID(), subject ? subject : "OOPS"));
-	    PORT_Free(issuer);
-	    PORT_Free(subject);
-	}
-    }
-#endif
-
-    ss->sec.peerCert = cert;
-    return SECSuccess;
-}
-
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1. SSL2 does this itself to handle the
- * rollback detection.
- */
-#define RSA_BLOCK_MIN_PAD_LEN           8
-#define RSA_BLOCK_FIRST_OCTET           0x00
-#define RSA_BLOCK_AFTER_PAD_OCTET       0x00
-#define RSA_BLOCK_PUBLIC_OCTET       	0x02
-unsigned char *
-ssl_FormatSSL2Block(unsigned modulusLen, SECItem *data)
-{
-    unsigned char *block;
-    unsigned char *bp;
-    int padLen;
-    SECStatus rv;
-    int i;
-
-    PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
-    block = (unsigned char *) PORT_Alloc(modulusLen);
-    if (block == NULL)
-	return NULL;
-
-    bp = block;
-
-    /*
-     * All RSA blocks start with two octets:
-     *	0x00 || BlockType
-     */
-    *bp++ = RSA_BLOCK_FIRST_OCTET;
-    *bp++ = RSA_BLOCK_PUBLIC_OCTET;
-
-    /*
-     * 0x00 || BT || Pad || 0x00 || ActualData
-     *   1      1   padLen    1      data->len
-     * Pad is all non-zero random bytes.
-     */
-    padLen = modulusLen - data->len - 3;
-    PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
-    rv = PK11_GenerateRandom(bp, padLen);
-    if (rv == SECFailure) goto loser;
-    /* replace all the 'zero' bytes */
-    for (i = 0; i < padLen; i++) {
-	while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET) {
-    	    rv = PK11_GenerateRandom(bp+i, 1);
-	    if (rv == SECFailure) goto loser;
-	}
-    }
-    bp += padLen;
-    *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-    PORT_Memcpy (bp, data->data, data->len);
-
-    return block;
-loser:
-    if (block) PORT_Free(block);
-    return NULL;
-}
-
-/*
-** Given the server's public key and cipher specs, generate a session key
-** that is ready to use for encrypting/decrypting the byte stream. At
-** the same time, generate the SSL_MT_CLIENT_MASTER_KEY message and
-** send it to the server.
-**
-** Called from ssl2_HandleServerHelloMessage()
-*/
-static SECStatus
-ssl2_ClientSetupSessionCypher(sslSocket *ss, PRUint8 *cs, int csLen)
-{
-    sslSessionID *    sid;
-    PRUint8 *         ca;	/* points to iv data, or NULL if none. */
-    PRUint8 *         ekbuf 		= 0;
-    CERTCertificate * cert 		= 0;
-    SECKEYPublicKey * serverKey 	= 0;
-    unsigned          modulusLen 	= 0;
-    SECStatus         rv;
-    int               cipher;
-    int               keyLen;	/* cipher symkey size in bytes. */
-    int               ckLen;	/* publicly reveal this many bytes of key. */
-    int               caLen;	/* length of IV data at *ca.	*/
-    int               nc;
-
-    unsigned char *eblock;	/* holds unencrypted PKCS#1 formatted key. */
-    SECItem           rek;	/* holds portion of symkey to be encrypted. */
-
-    PRUint8           keyData[SSL_MAX_MASTER_KEY_BYTES];
-    PRUint8           iv     [8];
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    eblock = NULL;
-
-    sid = ss->sec.ci.sid;
-    PORT_Assert(sid != 0);
-
-    cert = ss->sec.peerCert;
-    
-    serverKey = CERT_ExtractPublicKey(cert);
-    if (!serverKey) {
-	SSL_DBG(("%d: SSL[%d]: extract public key failed: error=%d",
-		 SSL_GETPID(), ss->fd, PORT_GetError()));
-	PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
-	rv = SECFailure;
-	goto loser2;
-    }
-
-    ss->sec.authAlgorithm = ssl_sign_rsa;
-    ss->sec.keaType       = ssl_kea_rsa;
-    ss->sec.keaKeyBits    = \
-    ss->sec.authKeyBits   = SECKEY_PublicKeyStrength(serverKey) * BPB;
-
-    /* Choose a compatible cipher with the server */
-    nc = csLen / 3;
-    cipher = ssl2_ChooseSessionCypher(ss, nc, cs, &keyLen);
-    if (cipher < 0) {
-	/* ssl2_ChooseSessionCypher has set error code. */
-	ssl2_SendErrorMessage(ss, SSL_PE_NO_CYPHERS);
-	goto loser;
-    }
-
-    /* Generate the random keys */
-    PK11_GenerateRandom(keyData, sizeof(keyData));
-
-    /*
-    ** Next, carve up the keys into clear and encrypted portions. The
-    ** clear data is taken from the start of keyData and the encrypted
-    ** portion from the remainder. Note that each of these portions is
-    ** carved in half, one half for the read-key and one for the
-    ** write-key.
-    */
-    ca = 0;
-
-    /* We know that cipher is a legit value here, because 
-     * ssl2_ChooseSessionCypher doesn't return bogus values.
-     */
-    ckLen = ssl_Specs[cipher].pubLen;	/* cleartext key length. */
-    caLen = ssl_Specs[cipher].ivLen;	/* IV length.		*/
-    if (caLen) {
-	PORT_Assert(sizeof iv >= caLen);
-    	PK11_GenerateRandom(iv, caLen);
-	ca = iv;
-    }
-
-    /* Fill in session-id */
-    rv = ssl2_FillInSID(sid, cipher, keyData, keyLen,
-		   ca, caLen, keyLen << 3, (keyLen - ckLen) << 3,
-		   ss->sec.authAlgorithm, ss->sec.authKeyBits,
-		   ss->sec.keaType,       ss->sec.keaKeyBits);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    SSL_TRC(1, ("%d: SSL[%d]: client, using %s cipher, clear=%d total=%d",
-		SSL_GETPID(), ss->fd, ssl_cipherName[cipher],
-		ckLen<<3, keyLen<<3));
-
-    /* Now setup read and write ciphers */
-    rv = ssl2_CreateSessionCypher(ss, sid, PR_TRUE);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /*
-    ** Fill in the encryption buffer with some random bytes. Then 
-    ** copy in the portion of the session key we are encrypting.
-    */
-    modulusLen = SECKEY_PublicKeyStrength(serverKey);
-    rek.data   = keyData + ckLen;
-    rek.len    = keyLen  - ckLen;
-    eblock = ssl_FormatSSL2Block(modulusLen, &rek);
-    if (eblock == NULL) 
-    	goto loser;
-
-    /* Set up the padding for version 2 rollback detection. */
-    /* XXX We should really use defines here */
-    if (ss->enableSSL3 || ss->enableTLS) {
-	PORT_Assert((modulusLen - rek.len) > 12);
-	PORT_Memset(eblock + modulusLen - rek.len - 8 - 1, 0x03, 8);
-    }
-    ekbuf = (PRUint8*) PORT_Alloc(modulusLen);
-    if (!ekbuf) 
-	goto loser;
-    PRINT_BUF(10, (ss, "master key encryption block:",
-		   eblock, modulusLen));
-
-    /* Encrypt ekitem */
-    rv = PK11_PubEncryptRaw(serverKey, ekbuf, eblock, modulusLen,
-						ss->pkcs11PinArg);
-    if (rv) 
-    	goto loser;
-
-    /*  Now we have everything ready to send */
-    rv = ssl2_SendSessionKeyMessage(ss, cipher, keyLen << 3, ca, caLen,
-			       keyData, ckLen, ekbuf, modulusLen);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    rv = SECSuccess;
-    goto done;
-
-  loser:
-    rv = SECFailure;
-
-  loser2:
-  done:
-    PORT_Memset(keyData, 0, sizeof(keyData));
-    PORT_ZFree(ekbuf, modulusLen);
-    PORT_ZFree(eblock, modulusLen);
-    SECKEY_DestroyPublicKey(serverKey);
-    return rv;
-}
-
-/************************************************************************/
-
-/* 
- * Called from ssl2_HandleMessage in response to SSL_MT_SERVER_FINISHED message.
- * Caller holds recvBufLock and handshakeLock
- */
-static void
-ssl2_ClientRegSessionID(sslSocket *ss, PRUint8 *s)
-{
-    sslSessionID *sid = ss->sec.ci.sid;
-
-    /* Record entry in nonce cache */
-    if (sid->peerCert == NULL) {
-	PORT_Memcpy(sid->u.ssl2.sessionID, s, sizeof(sid->u.ssl2.sessionID));
-	sid->peerCert = CERT_DupCertificate(ss->sec.peerCert);
-
-    }
-    if (!ss->noCache)
-	(*ss->sec.cache)(sid);
-}
-
-/* Called from ssl2_HandleMessage() */
-static SECStatus
-ssl2_TriggerNextMessage(sslSocket *ss)
-{
-    SECStatus        rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    if ((ss->sec.ci.requiredElements & CIS_HAVE_CERTIFICATE) &&
-	!(ss->sec.ci.sentElements & CIS_HAVE_CERTIFICATE)) {
-	ss->sec.ci.sentElements |= CIS_HAVE_CERTIFICATE;
-	rv = ssl2_SendCertificateRequestMessage(ss);
-	return rv;
-    }
-    return SECSuccess;
-}
-
-/* See if it's time to send our finished message, or if the handshakes are
-** complete.  Send finished message if appropriate.
-** Returns SECSuccess unless anything goes wrong.
-**
-** Called from ssl2_HandleMessage,
-**             ssl2_HandleVerifyMessage 
-**             ssl2_HandleServerHelloMessage
-**             ssl2_HandleClientSessionKeyMessage
-**             ssl2_RestartHandshakeAfterCertReq
-**             ssl2_RestartHandshakeAfterServerCert
-*/
-static SECStatus
-ssl2_TryToFinish(sslSocket *ss)
-{
-    SECStatus        rv;
-    char             e, ef;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    e = ss->sec.ci.elements;
-    ef = e | CIS_HAVE_FINISHED;
-    if ((ef & ss->sec.ci.requiredElements) == ss->sec.ci.requiredElements) {
-	if (ss->sec.isServer) {
-	    /* Send server finished message if we already didn't */
-	    rv = ssl2_SendServerFinishedMessage(ss);
-	} else {
-	    /* Send client finished message if we already didn't */
-	    rv = ssl2_SendClientFinishedMessage(ss);
-	}
-	if (rv != SECSuccess) {
-	    return rv;
-	}
-	if ((e & ss->sec.ci.requiredElements) == ss->sec.ci.requiredElements) {
-	    /* Totally finished */
-	    ss->handshake = 0;
-	    return SECSuccess;
-	}
-    }
-    return SECSuccess;
-}
-
-/*
-** Called from ssl2_HandleRequestCertificate
-**             ssl2_RestartHandshakeAfterCertReq
-*/
-static SECStatus
-ssl2_SignResponse(sslSocket *ss,
-	     SECKEYPrivateKey *key,
-	     SECItem *response)
-{
-    SGNContext *     sgn = NULL;
-    PRUint8 *        challenge;
-    unsigned int     len;
-    SECStatus        rv		= SECFailure;
-    
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    challenge = ss->sec.ci.serverChallenge;
-    len = ss->sec.ci.serverChallengeLen;
-    
-    /* Sign the expected data... */
-    sgn = SGN_NewContext(SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,key);
-    if (!sgn) 
-    	goto done;
-    rv = SGN_Begin(sgn);
-    if (rv != SECSuccess) 
-    	goto done;
-    rv = SGN_Update(sgn, ss->sec.ci.readKey, ss->sec.ci.keySize);
-    if (rv != SECSuccess) 
-    	goto done;
-    rv = SGN_Update(sgn, ss->sec.ci.writeKey, ss->sec.ci.keySize);
-    if (rv != SECSuccess) 
-    	goto done;
-    rv = SGN_Update(sgn, challenge, len);
-    if (rv != SECSuccess) 
-    	goto done;
-    rv = SGN_Update(sgn, ss->sec.peerCert->derCert.data, 
-                         ss->sec.peerCert->derCert.len);
-    if (rv != SECSuccess) 
-    	goto done;
-    rv = SGN_End(sgn, response);
-    if (rv != SECSuccess) 
-    	goto done;
-
-done:
-    SGN_DestroyContext(sgn, PR_TRUE);
-    return rv == SECSuccess ? SECSuccess : SECFailure;
-}
-
-/*
-** Try to handle a request-certificate message. Get client's certificate
-** and private key and sign a message for the server to see.
-** Caller must hold handshakeLock 
-**
-** Called from ssl2_HandleMessage().
-*/
-static int
-ssl2_HandleRequestCertificate(sslSocket *ss)
-{
-    CERTCertificate * cert	= NULL;	/* app-selected client cert. */
-    SECKEYPrivateKey *key	= NULL;	/* priv key for cert. */
-    SECStatus         rv;
-    SECItem           response;
-    int               ret	= 0;
-    PRUint8           authType;
-
-
-    /*
-     * These things all need to be initialized before we can "goto loser".
-     */
-    response.data = NULL;
-
-    /* get challenge info from connectionInfo */
-    authType = ss->sec.ci.authType;
-
-    if (authType != SSL_AT_MD5_WITH_RSA_ENCRYPTION) {
-	SSL_TRC(7, ("%d: SSL[%d]: unsupported auth type 0x%x", SSL_GETPID(),
-		    ss->fd, authType));
-	goto no_cert_error;
-    }
-
-    /* Get certificate and private-key from client */
-    if (!ss->getClientAuthData) {
-	SSL_TRC(7, ("%d: SSL[%d]: client doesn't support client-auth",
-		    SSL_GETPID(), ss->fd));
-	goto no_cert_error;
-    }
-    ret = (*ss->getClientAuthData)(ss->getClientAuthDataArg, ss->fd,
-				   NULL, &cert, &key);
-    if ( ret == SECWouldBlock ) {
-	ssl_SetAlwaysBlock(ss);
-	goto done;
-    }
-
-    if (ret) {
-	goto no_cert_error;
-    }
-
-    rv = ssl2_SignResponse(ss, key, &response);
-    if ( rv != SECSuccess ) {
-	ret = -1;
-	goto loser;
-    }
-
-    /* Send response message */
-    ret = ssl2_SendCertificateResponseMessage(ss, &cert->derCert, &response);
-
-    /* Now, remember the cert we sent. But first, forget any previous one. */
-    if (ss->sec.localCert) {
-	CERT_DestroyCertificate(ss->sec.localCert);
-    }
-    ss->sec.localCert = CERT_DupCertificate(cert);
-    PORT_Assert(!ss->sec.ci.sid->localCert);
-    if (ss->sec.ci.sid->localCert) {
-	CERT_DestroyCertificate(ss->sec.ci.sid->localCert);
-    }
-    ss->sec.ci.sid->localCert = cert;
-    cert = NULL;
-
-    goto done;
-
-  no_cert_error:
-    SSL_TRC(7, ("%d: SSL[%d]: no certificate (ret=%d)", SSL_GETPID(),
-		ss->fd, ret));
-    ret = ssl2_SendErrorMessage(ss, SSL_PE_NO_CERTIFICATE);
-
-  loser:
-  done:
-    if ( cert ) {
-	CERT_DestroyCertificate(cert);
-    }
-    if ( key ) {
-	SECKEY_DestroyPrivateKey(key);
-    }
-    if ( response.data ) {
-	PORT_Free(response.data);
-    }
-    
-    return ret;
-}
-
-/*
-** Called from ssl2_HandleMessage for SSL_MT_CLIENT_CERTIFICATE message.
-** Caller must hold HandshakeLock and RecvBufLock, since cd and response
-** are contained in the gathered input data.
-*/
-static SECStatus
-ssl2_HandleClientCertificate(sslSocket *    ss, 
-                             PRUint8        certType,	/* XXX unused */
-			     PRUint8 *      cd, 
-			     unsigned int   cdLen,
-			     PRUint8 *      response,
-			     unsigned int   responseLen)
-{
-    CERTCertificate *cert	= NULL;
-    SECKEYPublicKey *pubKey	= NULL;
-    VFYContext *     vfy	= NULL;
-    SECItem *        derCert;
-    SECStatus        rv		= SECFailure;
-    SECItem          certItem;
-    SECItem          rep;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-    PORT_Assert( ssl_HaveRecvBufLock(ss)   );
-
-    /* Extract the certificate */
-    certItem.data = cd;
-    certItem.len  = cdLen;
-
-    cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
-			 	   PR_FALSE, PR_TRUE);
-    if (cert == NULL) {
-	goto loser;
-    }
-
-    /* save the certificate, since the auth routine will need it */
-    ss->sec.peerCert = cert;
-
-    /* Extract the public key */
-    pubKey = CERT_ExtractPublicKey(cert);
-    if (!pubKey) 
-    	goto loser;
-    
-    /* Verify the response data... */
-    rep.data = response;
-    rep.len = responseLen;
-    /* SSL 2.0 only supports RSA certs, so we don't have to worry about
-     * DSA here. */
-    vfy = VFY_CreateContext(pubKey, &rep, SEC_OID_PKCS1_RSA_ENCRYPTION,
-			    ss->pkcs11PinArg);
-    if (!vfy) 
-    	goto loser;
-    rv = VFY_Begin(vfy);
-    if (rv) 
-    	goto loser;
-
-    rv = VFY_Update(vfy, ss->sec.ci.readKey, ss->sec.ci.keySize);
-    if (rv) 
-    	goto loser;
-    rv = VFY_Update(vfy, ss->sec.ci.writeKey, ss->sec.ci.keySize);
-    if (rv) 
-    	goto loser;
-    rv = VFY_Update(vfy, ss->sec.ci.serverChallenge, SSL_CHALLENGE_BYTES);
-    if (rv) 
-    	goto loser;
-
-    derCert = &ss->serverCerts[kt_rsa].serverCert->derCert;
-    rv = VFY_Update(vfy, derCert->data, derCert->len);
-    if (rv) 
-    	goto loser;
-    rv = VFY_End(vfy);
-    if (rv) 
-    	goto loser;
-
-    /* Now ask the server application if it likes the certificate... */
-    rv = (SECStatus) (*ss->authCertificate)(ss->authCertificateArg,
-					    ss->fd, PR_TRUE, PR_TRUE);
-    /* Hey, it liked it. */
-    if (SECSuccess == rv) 
-	goto done;
-
-loser:
-    ss->sec.peerCert = NULL;
-    CERT_DestroyCertificate(cert);
-
-done:
-    VFY_DestroyContext(vfy, PR_TRUE);
-    SECKEY_DestroyPublicKey(pubKey);
-    return rv;
-}
-
-/*
-** Handle remaining messages between client/server. Process finished
-** messages from either side and any authentication requests.
-** This should only be called for SSLv2 handshake messages, 
-** not for application data records.
-** Caller must hold handshake lock.
-**
-** Called from ssl_Do1stHandshake().
-** 
-*/
-static SECStatus
-ssl2_HandleMessage(sslSocket *ss)
-{
-    PRUint8 *        data;
-    PRUint8 *        cid;
-    unsigned         len, certType, certLen, responseLen;
-    int              rv;
-    int              rv2;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ssl_GetRecvBufLock(ss);
-
-    data = ss->gs.buf.buf + ss->gs.recordOffset;
-
-    if (ss->gs.recordLen < 1) {
-	goto bad_peer;
-    }
-    SSL_TRC(3, ("%d: SSL[%d]: received %d message",
-		SSL_GETPID(), ss->fd, data[0]));
-    DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
-    switch (data[0]) {
-    case SSL_MT_CLIENT_FINISHED:
-	if (ss->sec.ci.elements & CIS_HAVE_FINISHED) {
-	    SSL_DBG(("%d: SSL[%d]: dup client-finished message",
-		     SSL_GETPID(), ss->fd));
-	    goto bad_peer;
-	}
-
-	/* See if nonce matches */
-	len = ss->gs.recordLen - 1;
-	cid = data + 1;
-	if ((len != sizeof(ss->sec.ci.connectionID)) ||
-	    (PORT_Memcmp(ss->sec.ci.connectionID, cid, len) != 0)) {
-	    SSL_DBG(("%d: SSL[%d]: bad connection-id", SSL_GETPID(), ss->fd));
-	    PRINT_BUF(5, (ss, "sent connection-id",
-			  ss->sec.ci.connectionID, 
-			  sizeof(ss->sec.ci.connectionID)));
-	    PRINT_BUF(5, (ss, "rcvd connection-id", cid, len));
-	    goto bad_peer;
-	}
-
-	SSL_TRC(5, ("%d: SSL[%d]: got client finished, waiting for 0x%d",
-		    SSL_GETPID(), ss->fd, 
-		    ss->sec.ci.requiredElements ^ ss->sec.ci.elements));
-	ss->sec.ci.elements |= CIS_HAVE_FINISHED;
-	break;
-
-    case SSL_MT_SERVER_FINISHED:
-	if (ss->sec.ci.elements & CIS_HAVE_FINISHED) {
-	    SSL_DBG(("%d: SSL[%d]: dup server-finished message",
-		     SSL_GETPID(), ss->fd));
-	    goto bad_peer;
-	}
-
-	if (ss->gs.recordLen - 1 != SSL2_SESSIONID_BYTES) {
-	    SSL_DBG(("%d: SSL[%d]: bad server-finished message, len=%d",
-		     SSL_GETPID(), ss->fd, ss->gs.recordLen));
-	    goto bad_peer;
-	}
-	ssl2_ClientRegSessionID(ss, data+1);
-	SSL_TRC(5, ("%d: SSL[%d]: got server finished, waiting for 0x%d",
-		    SSL_GETPID(), ss->fd, 
-		    ss->sec.ci.requiredElements ^ ss->sec.ci.elements));
-	ss->sec.ci.elements |= CIS_HAVE_FINISHED;
-	break;
-
-    case SSL_MT_REQUEST_CERTIFICATE:
-	len = ss->gs.recordLen - 2;
-	if ((len != SSL_MIN_CHALLENGE_BYTES) ||
-	    (len > SSL_MAX_CHALLENGE_BYTES)) {
-	    /* Bad challenge */
-	    SSL_DBG(("%d: SSL[%d]: bad cert request message: code len=%d",
-		     SSL_GETPID(), ss->fd, len));
-	    goto bad_peer;
-	}
-	
-	/* save auth request info */
-	ss->sec.ci.authType           = data[1];
-	ss->sec.ci.serverChallengeLen = len;
-	PORT_Memcpy(ss->sec.ci.serverChallenge, data + 2, len);
-	
-	rv = ssl2_HandleRequestCertificate(ss);
-	if (rv == SECWouldBlock) {
-	    SSL_TRC(3, ("%d: SSL[%d]: async cert request",
-			SSL_GETPID(), ss->fd));
-	    /* someone is handling this asynchronously */
-	    ssl_ReleaseRecvBufLock(ss);
-	    return SECWouldBlock;
-	}
-	if (rv) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-	break;
-
-    case SSL_MT_CLIENT_CERTIFICATE:
-	if (!ss->authCertificate) {
-	    /* Server asked for authentication and can't handle it */
-	    PORT_SetError(SSL_ERROR_BAD_SERVER);
-	    goto loser;
-	}
-	if (ss->gs.recordLen < SSL_HL_CLIENT_CERTIFICATE_HBYTES) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-	certType    = data[1];
-	certLen     = (data[2] << 8) | data[3];
-	responseLen = (data[4] << 8) | data[5];
-	if (certType != SSL_CT_X509_CERTIFICATE) {
-	    PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
-	    goto loser;
-	}
-	rv = ssl2_HandleClientCertificate(ss, data[1],
-		data + SSL_HL_CLIENT_CERTIFICATE_HBYTES,
-		certLen,
-		data + SSL_HL_CLIENT_CERTIFICATE_HBYTES + certLen,
-		responseLen);
-	if (rv) {
-	    rv2 = ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-	ss->sec.ci.elements |= CIS_HAVE_CERTIFICATE;
-	break;
-
-    case SSL_MT_ERROR:
-	rv = (data[1] << 8) | data[2];
-	SSL_TRC(2, ("%d: SSL[%d]: got error message, error=0x%x",
-		    SSL_GETPID(), ss->fd, rv));
-
-	/* Convert protocol error number into API error number */
-	switch (rv) {
-	  case SSL_PE_NO_CYPHERS:
-	    rv = SSL_ERROR_NO_CYPHER_OVERLAP;
-	    break;
-	  case SSL_PE_NO_CERTIFICATE:
-	    rv = SSL_ERROR_NO_CERTIFICATE;
-	    break;
-	  case SSL_PE_BAD_CERTIFICATE:
-	    rv = SSL_ERROR_BAD_CERTIFICATE;
-	    break;
-	  case SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE:
-	    rv = SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
-	    break;
-	  default:
-	    goto bad_peer;
-	}
-	/* XXX make certificate-request optionally fail... */
-	PORT_SetError(rv);
-	goto loser;
-
-    default:
-	SSL_DBG(("%d: SSL[%d]: unknown message %d",
-		 SSL_GETPID(), ss->fd, data[0]));
-	goto loser;
-    }
-
-    SSL_TRC(3, ("%d: SSL[%d]: handled %d message, required=0x%x got=0x%x",
-		SSL_GETPID(), ss->fd, data[0],
-		ss->sec.ci.requiredElements, ss->sec.ci.elements));
-
-    rv = ssl2_TryToFinish(ss);
-    if (rv != SECSuccess) 
-	goto loser;
-
-    ss->gs.recordLen = 0;
-    ssl_ReleaseRecvBufLock(ss);
-
-    if (ss->handshake == 0) {
-	return SECSuccess;
-    }
-
-    ss->handshake     = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake = ssl2_HandleMessage;
-    return ssl2_TriggerNextMessage(ss);
-
-  bad_peer:
-    PORT_SetError(ss->sec.isServer ? SSL_ERROR_BAD_CLIENT : SSL_ERROR_BAD_SERVER);
-    /* FALL THROUGH */
-
-  loser:
-    ssl_ReleaseRecvBufLock(ss);
-    return SECFailure;
-}
-
-/************************************************************************/
-
-/* Called from ssl_Do1stHandshake, after ssl2_HandleServerHelloMessage or 
-** ssl2_RestartHandshakeAfterServerCert.
-*/
-static SECStatus
-ssl2_HandleVerifyMessage(sslSocket *ss)
-{
-    PRUint8 *        data;
-    SECStatus        rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-    ssl_GetRecvBufLock(ss);
-
-    data = ss->gs.buf.buf + ss->gs.recordOffset;
-    DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-    if ((ss->gs.recordLen != 1 + SSL_CHALLENGE_BYTES) ||
-	(data[0] != SSL_MT_SERVER_VERIFY) ||
-	PORT_Memcmp(data+1, ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES)) {
-	/* Bad server */
-	PORT_SetError(SSL_ERROR_BAD_SERVER);
-	goto loser;
-    }
-    ss->sec.ci.elements |= CIS_HAVE_VERIFY;
-
-    SSL_TRC(5, ("%d: SSL[%d]: got server-verify, required=0x%d got=0x%x",
-		SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements,
-		ss->sec.ci.elements));
-
-    rv = ssl2_TryToFinish(ss);
-    if (rv) 
-	goto loser;
-
-    ss->gs.recordLen = 0;
-    ssl_ReleaseRecvBufLock(ss);
-
-    if (ss->handshake == 0) {
-	return SECSuccess;
-    }
-    ss->handshake         = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake     = ssl2_HandleMessage;
-    return SECSuccess;
-
-
-  loser:
-    ssl_ReleaseRecvBufLock(ss);
-    return SECFailure;
-}
-
-/* Not static because ssl2_GatherData() tests ss->nextHandshake for this value.
- * ICK! 
- * Called from ssl_Do1stHandshake after ssl2_BeginClientHandshake()
- */
-SECStatus
-ssl2_HandleServerHelloMessage(sslSocket *ss)
-{
-    sslSessionID *   sid;
-    PRUint8 *        cert;
-    PRUint8 *        cs;
-    PRUint8 *        data;
-    SECStatus        rv; 
-    int              needed, sidHit, certLen, csLen, cidLen, certType, err;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    if (!ss->enableSSL2) {
-	PORT_SetError(SSL_ERROR_SSL2_DISABLED);
-	return SECFailure;
-    }
-
-    ssl_GetRecvBufLock(ss);
-
-    PORT_Assert(ss->sec.ci.sid != 0);
-    sid = ss->sec.ci.sid;
-
-    data = ss->gs.buf.buf + ss->gs.recordOffset;
-    DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
-    /* Make sure first message has some data and is the server hello message */
-    if ((ss->gs.recordLen < SSL_HL_SERVER_HELLO_HBYTES)
-	|| (data[0] != SSL_MT_SERVER_HELLO)) {
-	if ((data[0] == SSL_MT_ERROR) && (ss->gs.recordLen == 3)) {
-	    err = (data[1] << 8) | data[2];
-	    if (err == SSL_PE_NO_CYPHERS) {
-		PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-		goto loser;
-	    }
-	}
-	goto bad_server;
-    }
-
-    sidHit      = data[1];
-    certType    = data[2];
-    ss->version = (data[3] << 8) | data[4];
-    certLen     = (data[5] << 8) | data[6];
-    csLen       = (data[7] << 8) | data[8];
-    cidLen      = (data[9] << 8) | data[10];
-    cert        = data + SSL_HL_SERVER_HELLO_HBYTES;
-    cs          = cert + certLen;
-
-    SSL_TRC(5,
-	    ("%d: SSL[%d]: server-hello, hit=%d vers=%x certLen=%d csLen=%d cidLen=%d",
-	     SSL_GETPID(), ss->fd, sidHit, ss->version, certLen,
-	     csLen, cidLen));
-    if (ss->version != SSL_LIBRARY_VERSION_2) {
-        if (ss->version < SSL_LIBRARY_VERSION_2) {
-	  SSL_TRC(3, ("%d: SSL[%d]: demoting self (%x) to server version (%x)",
-		      SSL_GETPID(), ss->fd, SSL_LIBRARY_VERSION_2,
-		      ss->version));
-	} else {
-	  SSL_TRC(1, ("%d: SSL[%d]: server version is %x (we are %x)",
-		    SSL_GETPID(), ss->fd, ss->version, SSL_LIBRARY_VERSION_2));
-	  /* server claims to be newer but does not follow protocol */
-	  PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
-	  goto loser;
-	}
-    }
-
-    /* Save connection-id for later */
-    PORT_Memcpy(ss->sec.ci.connectionID, cs + csLen, 
-                sizeof(ss->sec.ci.connectionID));
-
-    /* See if session-id hit */
-    needed = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED | CIS_HAVE_VERIFY;
-    if (sidHit) {
-	if (certLen || csLen) {
-	    /* Uh oh - bogus server */
-	    SSL_DBG(("%d: SSL[%d]: client, huh? hit=%d certLen=%d csLen=%d",
-		     SSL_GETPID(), ss->fd, sidHit, certLen, csLen));
-	    goto bad_server;
-	}
-
-	/* Total winner. */
-	SSL_TRC(1, ("%d: SSL[%d]: client, using nonce for peer=0x%08x "
-		    "port=0x%04x",
-		    SSL_GETPID(), ss->fd, ss->sec.ci.peer, ss->sec.ci.port));
-	ss->sec.peerCert = CERT_DupCertificate(sid->peerCert);
-        ss->sec.authAlgorithm = sid->authAlgorithm;
-	ss->sec.authKeyBits   = sid->authKeyBits;
-	ss->sec.keaType       = sid->keaType;
-	ss->sec.keaKeyBits    = sid->keaKeyBits;
-	rv = ssl2_CreateSessionCypher(ss, sid, PR_TRUE);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    } else {
-	if (certType != SSL_CT_X509_CERTIFICATE) {
-	    PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
-	    goto loser;
-	}
-	if (csLen == 0) {
-	    PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-	    SSL_DBG(("%d: SSL[%d]: no cipher overlap",
-		     SSL_GETPID(), ss->fd));
-	    goto loser;
-	}
-	if (certLen == 0) {
-	    SSL_DBG(("%d: SSL[%d]: client, huh? certLen=%d csLen=%d",
-		     SSL_GETPID(), ss->fd, certLen, csLen));
-	    goto bad_server;
-	}
-
-	if (sid->cached != never_cached) {
-	    /* Forget our session-id - server didn't like it */
-	    SSL_TRC(7, ("%d: SSL[%d]: server forgot me, uncaching session-id",
-			SSL_GETPID(), ss->fd));
-	    (*ss->sec.uncache)(sid);
-	    ssl_FreeSID(sid);
-	    ss->sec.ci.sid = sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
-	    if (!sid) {
-		goto loser;
-	    }
-	    sid->references = 1;
-	    sid->addr = ss->sec.ci.peer;
-	    sid->port = ss->sec.ci.port;
-	}
-
-	/* decode the server's certificate */
-	rv = ssl2_ClientHandleServerCert(ss, cert, certLen);
-	if (rv != SECSuccess) {
-	    if (PORT_GetError() == SSL_ERROR_BAD_CERTIFICATE) {
-		(void) ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
-	    }
-	    goto loser;
-	}
-
-	/* Setup new session cipher */
-	rv = ssl2_ClientSetupSessionCypher(ss, cs, csLen);
-	if (rv != SECSuccess) {
-	    if (PORT_GetError() == SSL_ERROR_BAD_CERTIFICATE) {
-		(void) ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
-	    }
-	    goto loser;
-	}
-    }
-
-    /* Build up final list of required elements */
-    ss->sec.ci.elements         = CIS_HAVE_MASTER_KEY;
-    ss->sec.ci.requiredElements = needed;
-
-  if (!sidHit) {
-    /* verify the server's certificate. if sidHit, don't check signatures */
-    rv = (* ss->authCertificate)(ss->authCertificateArg, ss->fd, 
-				 (PRBool)(!sidHit), PR_FALSE);
-    if (rv) {
-	if (ss->handleBadCert) {
-	    rv = (*ss->handleBadCert)(ss->badCertArg, ss->fd);
-	    if ( rv ) {
-		if ( rv == SECWouldBlock ) {
-		    /* someone will handle this connection asynchronously*/
-
-		    SSL_DBG(("%d: SSL[%d]: go to async cert handler",
-			     SSL_GETPID(), ss->fd));
-		    ssl_ReleaseRecvBufLock(ss);
-		    ssl_SetAlwaysBlock(ss);
-		    return SECWouldBlock;
-		}
-		/* cert is bad */
-		SSL_DBG(("%d: SSL[%d]: server certificate is no good: error=%d",
-			 SSL_GETPID(), ss->fd, PORT_GetError()));
-		goto loser;
-
-	    }
-	    /* cert is good */
-	} else {
-	    SSL_DBG(("%d: SSL[%d]: server certificate is no good: error=%d",
-		     SSL_GETPID(), ss->fd, PORT_GetError()));
-	    goto loser;
-	}
-    }
-  }
-    /*
-    ** At this point we have a completed session key and our session
-    ** cipher is setup and ready to go. Switch to encrypted write routine
-    ** as all future message data is to be encrypted.
-    */
-    ssl2_UseEncryptedSendFunc(ss);
-
-    rv = ssl2_TryToFinish(ss);
-    if (rv != SECSuccess) 
-	goto loser;
-
-    ss->gs.recordLen = 0;
-
-    ssl_ReleaseRecvBufLock(ss);
-
-    if (ss->handshake == 0) {
-	return SECSuccess;
-    }
-
-    SSL_TRC(5, ("%d: SSL[%d]: got server-hello, required=0x%d got=0x%x",
-		SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements, 
-		ss->sec.ci.elements));
-    ss->handshake     = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake = ssl2_HandleVerifyMessage;
-    return SECSuccess;
-
-  bad_server:
-    PORT_SetError(SSL_ERROR_BAD_SERVER);
-    /* FALL THROUGH */
-
-  loser:
-    ssl_ReleaseRecvBufLock(ss);
-    return SECFailure;
-}
-
-/* Sends out the initial client Hello message on the connection.
- * Acquires and releases the socket's xmitBufLock.
- */
-SECStatus
-ssl2_BeginClientHandshake(sslSocket *ss)
-{
-    sslSessionID      *sid;
-    PRUint8           *msg;
-    PRUint8           *cp;
-    PRUint8           *localCipherSpecs = NULL;
-    unsigned int      localCipherSize;
-    unsigned int      i;
-    int               sendLen, sidLen = 0;
-    SECStatus         rv;
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    ss->sec.isServer     = 0;
-    ss->sec.sendSequence = 0;
-    ss->sec.rcvSequence  = 0;
-    ssl_ChooseSessionIDProcs(&ss->sec);
-
-    if (!ss->cipherSpecs) {
-	rv = ssl2_ConstructCipherSpecs(ss);
-	if (rv != SECSuccess)
-	    goto loser;
-    }
-
-    /* count the SSL2 and SSL3 enabled ciphers.
-     * if either is zero, clear the socket's enable for that protocol.
-     */
-    rv = ssl2_CheckConfigSanity(ss);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /* Get peer name of server */
-    rv = ssl_GetPeerInfo(ss);
-    if (rv < 0) {
-#ifdef HPUX11
-        /*
-         * On some HP-UX B.11.00 systems, getpeername() occasionally
-         * fails with ENOTCONN after a successful completion of
-         * non-blocking connect.  I found that if we do a write()
-         * and then retry getpeername(), it will work.
-         */
-        if (PR_GetError() == PR_NOT_CONNECTED_ERROR) {
-            char dummy;
-            (void) PR_Write(ss->fd->lower, &dummy, 0);
-            rv = ssl_GetPeerInfo(ss);
-            if (rv < 0) {
-                goto loser;
-            }
-        }
-#else
-	goto loser;
-#endif
-    }
-
-    SSL_TRC(3, ("%d: SSL[%d]: sending client-hello", SSL_GETPID(), ss->fd));
-
-    /* Try to find server in our session-id cache */
-    if (ss->noCache) {
-	sid = NULL;
-    } else {
-	sid = ssl_LookupSID(&ss->sec.ci.peer, ss->sec.ci.port, ss->peerID, 
-	                    ss->url);
-    }
-    while (sid) {  /* this isn't really a loop */
-	/* if we're not doing this SID's protocol any more, drop it. */
-	if (((sid->version  < SSL_LIBRARY_VERSION_3_0) && !ss->enableSSL2) ||
-	    ((sid->version == SSL_LIBRARY_VERSION_3_0) && !ss->enableSSL3) ||
-	    ((sid->version >  SSL_LIBRARY_VERSION_3_0) && !ss->enableTLS)) {
-	    ss->sec.uncache(sid);
-	    ssl_FreeSID(sid);
-	    sid = NULL;
-	    break;
-	}
-	if (ss->enableSSL2 && sid->version < SSL_LIBRARY_VERSION_3_0) {
-	    /* If the cipher in this sid is not enabled, drop it. */
-	    for (i = 0; i < ss->sizeCipherSpecs; i += 3) {
-		if (ss->cipherSpecs[i] == sid->u.ssl2.cipherType)
-		    break;
-	    }
-	    if (i >= ss->sizeCipherSpecs) {
-		ss->sec.uncache(sid);
-		ssl_FreeSID(sid);
-		sid = NULL;
-		break;
-	    }
-	}
-	sidLen = sizeof(sid->u.ssl2.sessionID);
-	PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl2.sessionID,
-		      sidLen));
-	ss->version = sid->version;
-	PORT_Assert(!ss->sec.localCert);
-	if (ss->sec.localCert) {
-	    CERT_DestroyCertificate(ss->sec.localCert);
-	}
-	ss->sec.localCert     = CERT_DupCertificate(sid->localCert);
-	break;  /* this isn't really a loop */
-    } 
-    if (!sid) {
-	sidLen = 0;
-	sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
-	if (!sid) {
-	    goto loser;
-	}
-	sid->references = 1;
-	sid->cached     = never_cached;
-	sid->addr       = ss->sec.ci.peer;
-	sid->port       = ss->sec.ci.port;
-	if (ss->peerID != NULL) {
-	    sid->peerID = PORT_Strdup(ss->peerID);
-	}
-	if (ss->url != NULL) {
-	    sid->urlSvrName = PORT_Strdup(ss->url);
-	}
-    }
-    ss->sec.ci.sid = sid;
-
-    PORT_Assert(sid != NULL);
-
-    if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->v2CompatibleHello) &&
-        (ss->enableSSL3 || ss->enableTLS)) {
-
-	ss->gs.state      = GS_INIT;
-	ss->handshake     = ssl_GatherRecord1stHandshake;
-
-	/* ssl3_SendClientHello will override this if it succeeds. */
-	ss->version       = SSL_LIBRARY_VERSION_3_0;
-
-	ssl_GetXmitBufLock(ss);    /***************************************/
-	ssl_GetSSL3HandshakeLock(ss);
-	rv =  ssl3_SendClientHello(ss);
-	ssl_ReleaseSSL3HandshakeLock(ss);
-	ssl_ReleaseXmitBufLock(ss); /***************************************/
-
-	return rv;
-    }
-   
-    if (!ss->cipherSpecs) {
-        rv = ssl2_ConstructCipherSpecs(ss);
-	if (rv < 0) {
-	    return rv;
-    	}
-    }
-    localCipherSpecs = ss->cipherSpecs;
-    localCipherSize  = ss->sizeCipherSpecs;
-
-    sendLen = SSL_HL_CLIENT_HELLO_HBYTES + localCipherSize + sidLen +
-	SSL_CHALLENGE_BYTES;
-
-    /* Generate challenge bytes for server */
-    PK11_GenerateRandom(ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES);
-
-    ssl_GetXmitBufLock(ss);    /***************************************/
-
-    rv = ssl2_GetSendBuffer(ss, sendLen);
-    if (rv) 
-    	goto unlock_loser;
-
-    /* Construct client-hello message */
-    cp = msg = ss->sec.ci.sendBuf.buf;
-    msg[0] = SSL_MT_CLIENT_HELLO;
-    if ( ss->enableTLS ) {
-	ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_1_TLS;
-    } else if ( ss->enableSSL3 ) {
-	ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_0;
-    } else {
-	ss->clientHelloVersion = SSL_LIBRARY_VERSION_2;
-    }
-    
-    msg[1] = MSB(ss->clientHelloVersion);
-    msg[2] = LSB(ss->clientHelloVersion);
-    msg[3] = MSB(localCipherSize);
-    msg[4] = LSB(localCipherSize);
-    msg[5] = MSB(sidLen);
-    msg[6] = LSB(sidLen);
-    msg[7] = MSB(SSL_CHALLENGE_BYTES);
-    msg[8] = LSB(SSL_CHALLENGE_BYTES);
-    cp += SSL_HL_CLIENT_HELLO_HBYTES;
-    PORT_Memcpy(cp, localCipherSpecs, localCipherSize);
-    cp += localCipherSize;
-    if (sidLen) {
-	PORT_Memcpy(cp, sid->u.ssl2.sessionID, sidLen);
-	cp += sidLen;
-    }
-    PORT_Memcpy(cp, ss->sec.ci.clientChallenge, SSL_CHALLENGE_BYTES);
-
-    /* Send it to the server */
-    DUMP_MSG(29, (ss, msg, sendLen));
-    ss->handshakeBegun = 1;
-    rv = (*ss->sec.send)(ss, msg, sendLen, 0);
-
-    ssl_ReleaseXmitBufLock(ss);    /***************************************/
-
-    if (rv < 0) {
-	goto loser;
-    }
-
-    rv = ssl3_StartHandshakeHash(ss, msg, sendLen);
-    if (rv < 0) {
-	goto loser;
-    }
-
-    /* Setup to receive servers hello message */
-    ssl_GetRecvBufLock(ss);
-    ss->gs.recordLen = 0;
-    ssl_ReleaseRecvBufLock(ss);
-
-    ss->handshake     = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake = ssl2_HandleServerHelloMessage;
-    return SECSuccess;
-
-unlock_loser:
-    ssl_ReleaseXmitBufLock(ss);
-loser:
-    return SECFailure;
-}
-
-/************************************************************************/
-
-/* Handle the CLIENT-MASTER-KEY message. 
-** Acquires and releases RecvBufLock.
-** Called from ssl2_HandleClientHelloMessage(). 
-*/
-static SECStatus
-ssl2_HandleClientSessionKeyMessage(sslSocket *ss)
-{
-    PRUint8 *        data;
-    unsigned int     caLen;
-    unsigned int     ckLen;
-    unsigned int     ekLen;
-    unsigned int     keySize;
-    int              cipher;
-    SECStatus        rv;
-
-
-    ssl_GetRecvBufLock(ss);
-
-    data = ss->gs.buf.buf + ss->gs.recordOffset;
-    DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
-    if ((ss->gs.recordLen < SSL_HL_CLIENT_MASTER_KEY_HBYTES)
-	|| (data[0] != SSL_MT_CLIENT_MASTER_KEY)) {
-	goto bad_client;
-    }
-    cipher  = data[1];
-    keySize = (data[2] << 8) | data[3];
-    ckLen   = (data[4] << 8) | data[5];
-    ekLen   = (data[6] << 8) | data[7];
-    caLen   = (data[8] << 8) | data[9];
-
-    SSL_TRC(5, ("%d: SSL[%d]: session-key, cipher=%d keySize=%d ckLen=%d ekLen=%d caLen=%d",
-		SSL_GETPID(), ss->fd, cipher, keySize, ckLen, ekLen, caLen));
-
-    if (ss->gs.recordLen < 
-    	    SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen + caLen) {
-	SSL_DBG(("%d: SSL[%d]: protocol size mismatch dataLen=%d",
-		 SSL_GETPID(), ss->fd, ss->gs.recordLen));
-	goto bad_client;
-    }
-
-    /* Use info from client to setup session key */
-    /* XXX should validate cipher&keySize are in our array */
-    rv = ssl2_ServerSetupSessionCypher(ss, cipher, keySize,
-		data + SSL_HL_CLIENT_MASTER_KEY_HBYTES,                 ckLen,
-		data + SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen,         ekLen,
-		data + SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen, caLen);
-    ss->gs.recordLen = 0;	/* we're done with this record. */
-
-    ssl_ReleaseRecvBufLock(ss);
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-    ss->sec.ci.elements |= CIS_HAVE_MASTER_KEY;
-    ssl2_UseEncryptedSendFunc(ss);
-
-    /* Send server verify message now that keys are established */
-    rv = ssl2_SendServerVerifyMessage(ss);
-    if (rv != SECSuccess) 
-	goto loser;
-
-    rv = ssl2_TryToFinish(ss);
-    if (rv != SECSuccess) 
-	goto loser;
-    if (ss->handshake == 0) {
-	return SECSuccess;
-    }
-
-    SSL_TRC(5, ("%d: SSL[%d]: server: waiting for elements=0x%d",
-		SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements ^ ss->sec.ci.elements));
-    ss->handshake         = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake     = ssl2_HandleMessage;
-
-    return ssl2_TriggerNextMessage(ss);
-
-bad_client:
-    ssl_ReleaseRecvBufLock(ss);
-    PORT_SetError(SSL_ERROR_BAD_CLIENT);
-    /* FALLTHROUGH */
-
-loser:
-    return SECFailure;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:  
- *	cert	Client cert chosen by application.
- *	key	Private key associated with cert.  
- *
- * XXX: need to make ssl2 and ssl3 versions of this function agree on whether
- *	they take the reference, or bump the ref count!
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
- */
-int
-ssl2_RestartHandshakeAfterCertReq(sslSocket *          ss,
-				  CERTCertificate *    cert, 
-				  SECKEYPrivateKey *   key)
-{
-    int              ret;
-    SECStatus        rv          = SECSuccess;
-    SECItem          response;
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) 
-    	return SECFailure;
-
-    response.data = NULL;
-
-    /* generate error if no cert or key */
-    if ( ( cert == NULL ) || ( key == NULL ) ) {
-	goto no_cert;
-    }
-    
-    /* generate signed response to the challenge */
-    rv = ssl2_SignResponse(ss, key, &response);
-    if ( rv != SECSuccess ) {
-	goto no_cert;
-    }
-    
-    /* Send response message */
-    ret = ssl2_SendCertificateResponseMessage(ss, &cert->derCert, &response);
-    if (ret) {
-	goto no_cert;
-    }
-
-    /* try to finish the handshake */
-    ret = ssl2_TryToFinish(ss);
-    if (ret) {
-	goto loser;
-    }
-    
-    /* done with handshake */
-    if (ss->handshake == 0) {
-	ret = SECSuccess;
-	goto done;
-    }
-
-    /* continue handshake */
-    ssl_GetRecvBufLock(ss);
-    ss->gs.recordLen = 0;
-    ssl_ReleaseRecvBufLock(ss);
-
-    ss->handshake     = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake = ssl2_HandleMessage;
-    ret = ssl2_TriggerNextMessage(ss);
-    goto done;
-    
-no_cert:
-    /* no cert - send error */
-    ret = ssl2_SendErrorMessage(ss, SSL_PE_NO_CERTIFICATE);
-    goto done;
-    
-loser:
-    ret = SECFailure;
-done:
-    /* free allocated data */
-    if ( response.data ) {
-	PORT_Free(response.data);
-    }
-    
-    return ret;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs 
-** XXX	Need to document here how an application marks a cert to show that
-**	the application has accepted it (overridden CERT_VerifyCert).
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
-*/
-int
-ssl2_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
-    int rv	= SECSuccess;
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) 
-	return SECFailure;
-
-    /* SSL 2
-    ** At this point we have a completed session key and our session
-    ** cipher is setup and ready to go. Switch to encrypted write routine
-    ** as all future message data is to be encrypted.
-    */
-    ssl2_UseEncryptedSendFunc(ss);
-
-    rv = ssl2_TryToFinish(ss);
-    if (rv == SECSuccess && ss->handshake != NULL) {	
-	/* handshake is not yet finished. */
-
-	SSL_TRC(5, ("%d: SSL[%d]: got server-hello, required=0x%d got=0x%x",
-		SSL_GETPID(), ss->fd, ss->sec.ci.requiredElements,
-		ss->sec.ci.elements));
-
-	ssl_GetRecvBufLock(ss);
-	ss->gs.recordLen = 0;	/* mark it all used up. */
-	ssl_ReleaseRecvBufLock(ss);
-
-	ss->handshake     = ssl_GatherRecord1stHandshake;
-	ss->nextHandshake = ssl2_HandleVerifyMessage;
-    }
-
-    return rv;
-}
-
-/*
-** Handle the initial hello message from the client
-**
-** not static because ssl2_GatherData() tests ss->nextHandshake for this value.
-*/
-SECStatus
-ssl2_HandleClientHelloMessage(sslSocket *ss)
-{
-    sslSessionID    *sid;
-    sslServerCerts * sc;
-    CERTCertificate *serverCert;
-    PRUint8         *msg;
-    PRUint8         *data;
-    PRUint8         *cs;
-    PRUint8         *sd;
-    PRUint8         *cert = NULL;
-    PRUint8         *challenge;
-    unsigned int    challengeLen;
-    SECStatus       rv; 
-    int             csLen;
-    int             sendLen;
-    int             sdLen;
-    int             certLen;
-    int             pid;
-    int             sent;
-    int             gotXmitBufLock = 0;
-#if defined(SOLARIS) && defined(i386)
-    volatile PRUint8 hit;
-#else
-    int             hit;
-#endif
-    PRUint8         csImpl[sizeof implementedCipherSuites];
-
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    sc = ss->serverCerts + kt_rsa;
-    serverCert = sc->serverCert;
-
-    ssl_GetRecvBufLock(ss);
-
-
-    data = ss->gs.buf.buf + ss->gs.recordOffset;
-    DUMP_MSG(29, (ss, data, ss->gs.recordLen));
-
-    /* Make sure first message has some data and is the client hello message */
-    if ((ss->gs.recordLen < SSL_HL_CLIENT_HELLO_HBYTES)
-	|| (data[0] != SSL_MT_CLIENT_HELLO)) {
-	goto bad_client;
-    }
-
-    /* Get peer name of client */
-    rv = ssl_GetPeerInfo(ss);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    /* Examine version information */
-    /*
-     * See if this might be a V2 client hello asking to use the V3 protocol
-     */
-    if ((data[0] == SSL_MT_CLIENT_HELLO) && 
-        (data[1] >= MSB(SSL_LIBRARY_VERSION_3_0)) && 
-	(ss->enableSSL3 || ss->enableTLS)) {
-	rv = ssl3_HandleV2ClientHello(ss, data, ss->gs.recordLen);
-	if (rv != SECFailure) { /* Success */
-	    ss->handshake             = NULL;
-	    ss->nextHandshake         = ssl_GatherRecord1stHandshake;
-	    ss->securityHandshake     = NULL;
-	    ss->gs.state              = GS_INIT;
-
-	    /* ssl3_HandleV3ClientHello has set ss->version,
-	    ** and has gotten us a brand new sid.  
-	    */
-	    ss->sec.ci.sid->version  = ss->version;
-	}
-	ssl_ReleaseRecvBufLock(ss);
-	return rv;
-    }
-    /* Previously, there was a test here to see if SSL2 was enabled.
-    ** If not, an error code was set, and SECFailure was returned,
-    ** without sending any error code to the other end of the connection.
-    ** That test has been removed.  If SSL2 has been disabled, there
-    ** should be no SSL2 ciphers enabled, and consequently, the code
-    ** below should send the ssl2 error message SSL_PE_NO_CYPHERS.
-    ** We now believe this is the correct thing to do, even when SSL2
-    ** has been explicitly disabled by the application.
-    */
-
-    /* Extract info from message */
-    ss->version = (data[1] << 8) | data[2];
-
-    /* If some client thinks ssl v2 is 2.0 instead of 0.2, we'll allow it.  */
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-	ss->version = SSL_LIBRARY_VERSION_2;
-    }
-    
-    csLen        = (data[3] << 8) | data[4];
-    sdLen        = (data[5] << 8) | data[6];
-    challengeLen = (data[7] << 8) | data[8];
-    cs           = data + SSL_HL_CLIENT_HELLO_HBYTES;
-    sd           = cs + csLen;
-    challenge    = sd + sdLen;
-    PRINT_BUF(7, (ss, "server, client session-id value:", sd, sdLen));
-
-    if ((unsigned)ss->gs.recordLen != 
-            SSL_HL_CLIENT_HELLO_HBYTES + csLen + sdLen + challengeLen) {
-	SSL_DBG(("%d: SSL[%d]: bad client hello message, len=%d should=%d",
-		 SSL_GETPID(), ss->fd, ss->gs.recordLen,
-		 SSL_HL_CLIENT_HELLO_HBYTES+csLen+sdLen+challengeLen));
-	goto bad_client;
-    }
-
-    SSL_TRC(3, ("%d: SSL[%d]: client version is %x",
-		SSL_GETPID(), ss->fd, ss->version));
-    if (ss->version != SSL_LIBRARY_VERSION_2) {
-	if (ss->version > SSL_LIBRARY_VERSION_2) {
-	    /*
-	    ** Newer client than us. Things are ok because new clients
-	    ** are required to be backwards compatible with old servers.
-	    ** Change version number to our version number so that client
-	    ** knows whats up.
-	    */
-	    ss->version = SSL_LIBRARY_VERSION_2;
-	} else {
-	    SSL_TRC(1, ("%d: SSL[%d]: client version is %x (we are %x)",
-		SSL_GETPID(), ss->fd, ss->version, SSL_LIBRARY_VERSION_2));
-	    PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
-	    goto loser;
-	}
-    }
-
-    /* Qualify cipher specs before returning them to client */
-    csLen = ssl2_QualifyCypherSpecs(ss, cs, csLen);
-    if (csLen == 0) {
-	/* no overlap, send client our list of supported SSL v2 ciphers. */
-        cs    = csImpl;
-	csLen = sizeof implementedCipherSuites;
-    	PORT_Memcpy(cs, implementedCipherSuites, csLen);
-	csLen = ssl2_QualifyCypherSpecs(ss, cs, csLen);
-	if (csLen == 0) {
-	  /* We don't support any SSL v2 ciphers! */
-	  ssl2_SendErrorMessage(ss, SSL_PE_NO_CYPHERS);
-	  PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-	  goto loser;
-	}
-	/* Since this handhsake is going to fail, don't cache it. */
-	ss->noCache = 1; 
-    }
-
-    /* Squirrel away the challenge for later */
-    PORT_Memcpy(ss->sec.ci.clientChallenge, challenge, challengeLen);
-
-    /* Examine message and see if session-id is good */
-    ss->sec.ci.elements = 0;
-    if (sdLen > 0 && !ss->noCache) {
-	SSL_TRC(7, ("%d: SSL[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
-		    SSL_GETPID(), ss->fd, ss->sec.ci.peer.pr_s6_addr32[0],
-		    ss->sec.ci.peer.pr_s6_addr32[1], 
-		    ss->sec.ci.peer.pr_s6_addr32[2],
-		    ss->sec.ci.peer.pr_s6_addr32[3]));
-	sid = (*ssl_sid_lookup)(&ss->sec.ci.peer, sd, sdLen, ss->dbHandle);
-    } else {
-	sid = NULL;
-    }
-    if (sid) {
-	/* Got a good session-id. Short cut! */
-	SSL_TRC(1, ("%d: SSL[%d]: server, using session-id for 0x%08x (age=%d)",
-		    SSL_GETPID(), ss->fd, ss->sec.ci.peer, 
-		    ssl_Time() - sid->creationTime));
-	PRINT_BUF(1, (ss, "session-id value:", sd, sdLen));
-	ss->sec.ci.sid = sid;
-	ss->sec.ci.elements = CIS_HAVE_MASTER_KEY;
-	hit = 1;
-	certLen = 0;
-	csLen = 0;
-
-        ss->sec.authAlgorithm = sid->authAlgorithm;
-	ss->sec.authKeyBits   = sid->authKeyBits;
-	ss->sec.keaType       = sid->keaType;
-	ss->sec.keaKeyBits    = sid->keaKeyBits;
-
-	rv = ssl2_CreateSessionCypher(ss, sid, PR_FALSE);
-	if (rv != SECSuccess) {
-	    goto loser;
-	}
-    } else {
-	SECItem * derCert   = &serverCert->derCert;
-
-	SSL_TRC(7, ("%d: SSL[%d]: server, lookup nonce missed",
-		    SSL_GETPID(), ss->fd));
-	if (!serverCert) {
-	    SET_ERROR_CODE
-	    goto loser;
-	}
-	hit = 0;
-	sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
-	if (!sid) {
-	    goto loser;
-	}
-	sid->references = 1;
-	sid->addr = ss->sec.ci.peer;
-	sid->port = ss->sec.ci.port;
-
-	/* Invent a session-id */
-	ss->sec.ci.sid = sid;
-	PK11_GenerateRandom(sid->u.ssl2.sessionID+2, SSL2_SESSIONID_BYTES-2);
-
-	pid = SSL_GETPID();
-	sid->u.ssl2.sessionID[0] = MSB(pid);
-	sid->u.ssl2.sessionID[1] = LSB(pid);
-	cert    = derCert->data;
-	certLen = derCert->len;
-
-	/* pretend that server sids remember the local cert. */
-	PORT_Assert(!sid->localCert);
-	if (sid->localCert) {
-	    CERT_DestroyCertificate(sid->localCert);
-	}
-	sid->localCert     = CERT_DupCertificate(serverCert);
-
-	ss->sec.authAlgorithm = ssl_sign_rsa;
-	ss->sec.keaType       = ssl_kea_rsa;
-	ss->sec.keaKeyBits    = \
-	ss->sec.authKeyBits   = ss->serverCerts[kt_rsa].serverKeyBits;
-    }
-
-    /* server sids don't remember the local cert, so whether we found
-    ** a sid or not, just "remember" we used the rsa server cert.
-    */
-    if (ss->sec.localCert) {
-	CERT_DestroyCertificate(ss->sec.localCert);
-    }
-    ss->sec.localCert     = CERT_DupCertificate(serverCert);
-
-    /* Build up final list of required elements */
-    ss->sec.ci.requiredElements = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED;
-    if (ss->requestCertificate) {
-	ss->sec.ci.requiredElements |= CIS_HAVE_CERTIFICATE;
-    }
-    ss->sec.ci.sentElements = 0;
-
-    /* Send hello message back to client */
-    sendLen = SSL_HL_SERVER_HELLO_HBYTES + certLen + csLen
-	    + SSL_CONNECTIONID_BYTES;
-
-    ssl_GetXmitBufLock(ss); gotXmitBufLock = 1;
-    rv = ssl2_GetSendBuffer(ss, sendLen);
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    SSL_TRC(3, ("%d: SSL[%d]: sending server-hello (%d)",
-		SSL_GETPID(), ss->fd, sendLen));
-
-    msg = ss->sec.ci.sendBuf.buf;
-    msg[0] = SSL_MT_SERVER_HELLO;
-    msg[1] = hit;
-    msg[2] = SSL_CT_X509_CERTIFICATE;
-    msg[3] = MSB(ss->version);
-    msg[4] = LSB(ss->version);
-    msg[5] = MSB(certLen);
-    msg[6] = LSB(certLen);
-    msg[7] = MSB(csLen);
-    msg[8] = LSB(csLen);
-    msg[9] = MSB(SSL_CONNECTIONID_BYTES);
-    msg[10] = LSB(SSL_CONNECTIONID_BYTES);
-    if (certLen) {
-	PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES, cert, certLen);
-    }
-    if (csLen) {
-	PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES+certLen, cs, csLen);
-    }
-    PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES+certLen+csLen, 
-                ss->sec.ci.connectionID, SSL_CONNECTIONID_BYTES);
-
-    DUMP_MSG(29, (ss, msg, sendLen));
-
-    ss->handshakeBegun = 1;
-    sent = (*ss->sec.send)(ss, msg, sendLen, 0);
-    if (sent < 0) {
-	goto loser;
-    }
-    ssl_ReleaseXmitBufLock(ss); gotXmitBufLock = 0;
-
-    ss->gs.recordLen = 0;
-    ss->handshake = ssl_GatherRecord1stHandshake;
-    if (hit) {
-	/* Old SID Session key is good. Go encrypted */
-	ssl2_UseEncryptedSendFunc(ss);
-
-	/* Send server verify message now that keys are established */
-	rv = ssl2_SendServerVerifyMessage(ss);
-	if (rv != SECSuccess) 
-	    goto loser;
-
-	ss->nextHandshake = ssl2_HandleMessage;
-	ssl_ReleaseRecvBufLock(ss);
-	rv = ssl2_TriggerNextMessage(ss);
-	return rv;
-    }
-    ss->nextHandshake = ssl2_HandleClientSessionKeyMessage;
-    ssl_ReleaseRecvBufLock(ss);
-    return SECSuccess;
-
-  bad_client:
-    PORT_SetError(SSL_ERROR_BAD_CLIENT);
-    /* FALLTHROUGH */
-
-  loser:
-    if (gotXmitBufLock) {
-    	ssl_ReleaseXmitBufLock(ss); gotXmitBufLock = 0;
-    }
-    SSL_TRC(10, ("%d: SSL[%d]: server, wait for client-hello lossage",
-		 SSL_GETPID(), ss->fd));
-    ssl_ReleaseRecvBufLock(ss);
-    return SECFailure;
-}
-
-SECStatus
-ssl2_BeginServerHandshake(sslSocket *ss)
-{
-    SECStatus        rv;
-    sslServerCerts * rsaAuth = ss->serverCerts + kt_rsa;
-
-    ss->sec.isServer = 1;
-    ssl_ChooseSessionIDProcs(&ss->sec);
-    ss->sec.sendSequence = 0;
-    ss->sec.rcvSequence = 0;
-
-    /* don't turn on SSL2 if we don't have an RSA key and cert */
-    if (!rsaAuth->serverKey || !rsaAuth->serverCert) {
-	ss->enableSSL2 = PR_FALSE;
-    }
-
-    if (!ss->cipherSpecs) {
-	rv = ssl2_ConstructCipherSpecs(ss);
-	if (rv != SECSuccess)
-	    goto loser;
-    }
-
-    /* count the SSL2 and SSL3 enabled ciphers.
-     * if either is zero, clear the socket's enable for that protocol.
-     */
-    rv = ssl2_CheckConfigSanity(ss);
-    if (rv != SECSuccess)
-	goto loser;
-
-    /*
-    ** Generate connection-id. Always do this, even if things fail
-    ** immediately. This way the random number generator is always
-    ** rolling around, every time we get a connection.
-    */
-    PK11_GenerateRandom(ss->sec.ci.connectionID, 
-                        sizeof(ss->sec.ci.connectionID));
-
-    ss->gs.recordLen = 0;
-    ss->handshake     = ssl_GatherRecord1stHandshake;
-    ss->nextHandshake = ssl2_HandleClientHelloMessage;
-    return SECSuccess;
-
-loser:
-    return SECFailure;
-}
-
-/* This function doesn't really belong in this file.
-** It's here to keep AIX compilers from optimizing it away, 
-** and not including it in the DSO.
-*/
-
-#include "nss.h"
-extern const char __nss_ssl_rcsid[];
-extern const char __nss_ssl_sccsid[];
-
-PRBool
-NSSSSL_VersionCheck(const char *importedVersion)
-{
-    /*
-     * This is the secret handshake algorithm.
-     *
-     * This release has a simple version compatibility
-     * check algorithm.  This release is not backward
-     * compatible with previous major releases.  It is
-     * not compatible with future major, minor, or
-     * patch releases.
-     */
-    volatile char c; /* force a reference that won't get optimized away */
-
-    c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0]; 
-    return NSS_VersionCheck(importedVersion);
-}
diff --git a/security/nss/lib/ssl/ssldef.c b/security/nss/lib/ssl/ssldef.c
deleted file mode 100644
index bb4883cf3..000000000
--- a/security/nss/lib/ssl/ssldef.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * "Default" SSLSocket methods, used by sockets that do neither SSL nor socks.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-
-#if defined(WIN32)
-#define MAP_ERROR(from,to) if (err == from) { PORT_SetError(to); }
-#define DEFINE_ERROR       PRErrorCode err = PR_GetError();
-#else
-#define MAP_ERROR(from,to)
-#define DEFINE_ERROR
-#endif
-
-int ssl_DefConnect(sslSocket *ss, const PRNetAddr *sa)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->connect(lower, sa, ss->cTimeout);
-    return rv;
-}
-
-int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->bind(lower, addr);
-    return rv;
-}
-
-int ssl_DefListen(sslSocket *ss, int backlog)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->listen(lower, backlog);
-    return rv;
-}
-
-int ssl_DefShutdown(sslSocket *ss, int how)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->shutdown(lower, how);
-    return rv;
-}
-
-int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->recv(lower, (void *)buf, len, flags, ss->rTimeout);
-    if (rv < 0) {
-	DEFINE_ERROR
-	MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
-    } else if (rv > len) {
-	PORT_Assert(rv <= len);
-	PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/* Default (unencrypted) send.
- * Returns SECSuccess or SECFailure,  NOT SECWouldBlock. 
- * Returns positive count if any data was written. 
- * ALWAYS check for a short write after calling ssl_DefSend.
- */
-int ssl_DefSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv, count;
-
-#if NSS_DISABLE_NAGLE_DELAYS
-    /* Although this is overkill, we disable Nagle delays completely for 
-    ** SSL sockets.
-    */
-    if (ss->useSecurity && !ss->delayDisabled) {
-	ssl_EnableNagleDelay(ss, PR_FALSE);   /* ignore error */
-    	ss->delayDisabled = 1;
-    }
-#endif
-    count = 0;
-    for (;;) {
-	rv = lower->methods->send(lower, (const void *)buf, len,
-				 flags, ss->wTimeout);
-	if (rv < 0) {
-	    PRErrorCode err = PR_GetError();
-	    if (err == PR_WOULD_BLOCK_ERROR) {
-		ss->lastWriteBlocked = 1;
-		return count ? count : rv;
-	    }
-	    ss->lastWriteBlocked = 0;
-	    MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
-	    /* Loser */
-	    return rv;
-	}
-	count += rv;
-	if (rv < len) {
-	    /* Short send. Send the rest in the next call */
-	    buf += rv;
-	    len -= rv;
-	    continue;
-	}
-	break;
-    }
-    ss->lastWriteBlocked = 0;
-    return count;
-}
-
-int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->read(lower, (void *)buf, len);
-    if (rv < 0) {
-	DEFINE_ERROR
-	MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
-    }
-    return rv;
-}
-
-int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv, count;
-
-    count = 0;
-    for (;;) {
-	rv = lower->methods->write(lower, (void *)buf, len);
-	if (rv < 0) {
-	    PRErrorCode err = PR_GetError();
-	    if (err == PR_WOULD_BLOCK_ERROR) {
-		ss->lastWriteBlocked = 1;
-		return count ? count : rv;
-	    }
-	    ss->lastWriteBlocked = 0;
-	    MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
-	    /* Loser */
-	    return rv;
-	}
-	count += rv;
-	if (rv != len) {
-	    /* Short write. Send the rest in the next call */
-	    buf += rv;
-	    len -= rv;
-	    continue;
-	}
-	break;
-    }
-    ss->lastWriteBlocked = 0;
-    return count;
-}
-
-int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->getpeername(lower, name);
-    return rv;
-}
-
-int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name)
-{
-    PRFileDesc *lower = ss->fd->lower;
-    int rv;
-
-    rv = lower->methods->getsockname(lower, name);
-    return rv;
-}
-
-int ssl_DefClose(sslSocket *ss)
-{
-    PRFileDesc *fd;
-    PRFileDesc *popped;
-    int         rv;
-
-    fd    = ss->fd;
-
-    /* First, remove the SSL layer PRFileDesc from the socket's stack, 
-    ** then invoke the SSL layer's PRFileDesc destructor.
-    ** This must happen before the next layer down is closed.
-    */
-    PORT_Assert(fd->higher == NULL);
-    if (fd->higher) {
-	PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
-	return SECFailure;
-    }
-    ss->fd = NULL;
-
-    /* PR_PopIOLayer will swap the contents of the top two PRFileDescs on
-    ** the stack, and then remove the second one.  This way, the address
-    ** of the PRFileDesc on the top of the stack doesn't change.
-    */
-    popped = PR_PopIOLayer(fd, PR_TOP_IO_LAYER); 
-    popped->dtor(popped);
-
-    /* fd is now the PRFileDesc for the next layer down.
-    ** Now close the underlying socket. 
-    */
-    rv = fd->methods->close(fd);
-
-    ssl_FreeSocket(ss);
-
-    SSL_TRC(5, ("%d: SSL[%d]: closing, rv=%d errno=%d",
-		SSL_GETPID(), fd, rv, PORT_GetError()));
-    return rv;
-}
diff --git a/security/nss/lib/ssl/sslenum.c b/security/nss/lib/ssl/sslenum.c
deleted file mode 100644
index f055ded54..000000000
--- a/security/nss/lib/ssl/sslenum.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Table enumerating all implemented cipher suites
- * Part of public API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "ssl.h"
-#include "sslproto.h"
-
-const PRUint16 SSL_ImplementedCiphers[] = {
-
-    /* 256-bit */
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
-    TLS_RSA_WITH_AES_256_CBC_SHA,
-
-    /* 128-bit */
-    SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
-    TLS_DHE_DSS_WITH_RC4_128_SHA,
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-    SSL_RSA_WITH_RC4_128_MD5,
-    SSL_RSA_WITH_RC4_128_SHA,
-    TLS_RSA_WITH_AES_128_CBC_SHA,
-
-    /* 112-bit 3DES */
-    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
-    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
-    SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-
-    /* 80 bit skipjack */
-    SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* KEA + SkipJack */
-
-    /* 56-bit DES "domestic" cipher suites */
-    SSL_DHE_RSA_WITH_DES_CBC_SHA,
-    SSL_DHE_DSS_WITH_DES_CBC_SHA,
-    SSL_RSA_FIPS_WITH_DES_CBC_SHA,
-    SSL_RSA_WITH_DES_CBC_SHA,
-
-    /* export ciphersuites with 1024-bit public key exchange keys */
-    TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
-    TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-
-    /* export ciphersuites with 512-bit public key exchange keys */
-    SSL_RSA_EXPORT_WITH_RC4_40_MD5,
-    SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-
-    /* ciphersuites with no encryption */
-    SSL_FORTEZZA_DMS_WITH_NULL_SHA,
-    SSL_RSA_WITH_NULL_MD5,
-
-    /* SSL2 cipher suites. */
-    SSL_EN_RC4_128_WITH_MD5,
-    SSL_EN_RC2_128_CBC_WITH_MD5,
-    SSL_EN_DES_192_EDE3_CBC_WITH_MD5,  /* actually 112, not 192 */
-    SSL_EN_DES_64_CBC_WITH_MD5,
-    SSL_EN_RC4_128_EXPORT40_WITH_MD5,
-    SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,
-
-    0
-
-};
-
-const PRUint16 SSL_NumImplementedCiphers = 
-    (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
-
diff --git a/security/nss/lib/ssl/sslerr.c b/security/nss/lib/ssl/sslerr.c
deleted file mode 100644
index f3e57d44d..000000000
--- a/security/nss/lib/ssl/sslerr.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Function to set error code only when meaningful error has not already 
- * been set.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "seccomon.h"
-
-/* look at the current value of PR_GetError, and evaluate it to see
- * if it is meaningful or meaningless (out of context). 
- * If it is meaningless, replace it with the hiLevelError.
- * Returns the chosen error value.
- */
-int
-ssl_MapLowLevelError(int hiLevelError)
-{
-    int oldErr	= PORT_GetError();
-
-    switch (oldErr) {
-
-    case 0:
-    case PR_IO_ERROR:
-    case SEC_ERROR_IO:
-    case SEC_ERROR_BAD_DATA:
-    case SEC_ERROR_LIBRARY_FAILURE:
-    case SEC_ERROR_EXTENSION_NOT_FOUND:
-    case SSL_ERROR_BAD_CLIENT:
-    case SSL_ERROR_BAD_SERVER:
-    case SSL_ERROR_SESSION_NOT_FOUND:
-    	PORT_SetError(hiLevelError);
-	return hiLevelError;
-
-    default:	/* leave the majority of error codes alone. */
-	return oldErr;
-    }
-}
diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h
deleted file mode 100644
index 3285fb60c..000000000
--- a/security/nss/lib/ssl/sslerr.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- * Enumeration of all SSL-specific error codes.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#ifndef __SSL_ERR_H_
-#define __SSL_ERR_H_
-
-
-#define SSL_ERROR_BASE				(-0x3000)
-#define SSL_ERROR_LIMIT				(SSL_ERROR_BASE + 1000)
-
-#define IS_SSL_ERROR(code) \
-    (((code) >= SSL_ERROR_BASE) && ((code) < SSL_ERROR_LIMIT))
-
-#ifndef NO_SECURITY_ERROR_ENUM
-typedef enum {
-SSL_ERROR_EXPORT_ONLY_SERVER 		= (SSL_ERROR_BASE +  0),
-SSL_ERROR_US_ONLY_SERVER 		= (SSL_ERROR_BASE +  1),
-SSL_ERROR_NO_CYPHER_OVERLAP 		= (SSL_ERROR_BASE +  2),
-/* 
- * Received an alert reporting what we did wrong.  (more alerts below)
- */
-SSL_ERROR_NO_CERTIFICATE /*_ALERT */	= (SSL_ERROR_BASE +  3),
-SSL_ERROR_BAD_CERTIFICATE            	= (SSL_ERROR_BASE +  4),
-					/* error 5 is obsolete */
-SSL_ERROR_BAD_CLIENT 			= (SSL_ERROR_BASE +  6),
-SSL_ERROR_BAD_SERVER 			= (SSL_ERROR_BASE +  7),
-SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	= (SSL_ERROR_BASE +  8),
-SSL_ERROR_UNSUPPORTED_VERSION 		= (SSL_ERROR_BASE +  9),
-					/* error 10 is obsolete */
-SSL_ERROR_WRONG_CERTIFICATE		= (SSL_ERROR_BASE + 11),
-SSL_ERROR_BAD_CERT_DOMAIN 		= (SSL_ERROR_BASE + 12),
-SSL_ERROR_POST_WARNING 			= (SSL_ERROR_BASE + 13),
-SSL_ERROR_SSL2_DISABLED 		= (SSL_ERROR_BASE + 14),
-SSL_ERROR_BAD_MAC_READ 			= (SSL_ERROR_BASE + 15),
-/* 
- * Received an alert reporting what we did wrong.
- * (two more alerts above, and many more below)
- */
-SSL_ERROR_BAD_MAC_ALERT 		= (SSL_ERROR_BASE + 16),
-SSL_ERROR_BAD_CERT_ALERT                = (SSL_ERROR_BASE + 17),
-SSL_ERROR_REVOKED_CERT_ALERT 		= (SSL_ERROR_BASE + 18),
-SSL_ERROR_EXPIRED_CERT_ALERT 		= (SSL_ERROR_BASE + 19),
-
-SSL_ERROR_SSL_DISABLED 			= (SSL_ERROR_BASE + 20),
-SSL_ERROR_FORTEZZA_PQG 			= (SSL_ERROR_BASE + 21),
-SSL_ERROR_UNKNOWN_CIPHER_SUITE		= (SSL_ERROR_BASE + 22),
-SSL_ERROR_NO_CIPHERS_SUPPORTED		= (SSL_ERROR_BASE + 23),
-SSL_ERROR_BAD_BLOCK_PADDING		= (SSL_ERROR_BASE + 24),
-SSL_ERROR_RX_RECORD_TOO_LONG		= (SSL_ERROR_BASE + 25),
-SSL_ERROR_TX_RECORD_TOO_LONG		= (SSL_ERROR_BASE + 26),
-/* 
- * Received a malformed (too long or short) SSL handshake.
- */
-SSL_ERROR_RX_MALFORMED_HELLO_REQUEST	= (SSL_ERROR_BASE + 27),
-SSL_ERROR_RX_MALFORMED_CLIENT_HELLO	= (SSL_ERROR_BASE + 28),
-SSL_ERROR_RX_MALFORMED_SERVER_HELLO	= (SSL_ERROR_BASE + 29),
-SSL_ERROR_RX_MALFORMED_CERTIFICATE	= (SSL_ERROR_BASE + 30),
-SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH	= (SSL_ERROR_BASE + 31),
-SSL_ERROR_RX_MALFORMED_CERT_REQUEST	= (SSL_ERROR_BASE + 32),
-SSL_ERROR_RX_MALFORMED_HELLO_DONE	= (SSL_ERROR_BASE + 33),
-SSL_ERROR_RX_MALFORMED_CERT_VERIFY	= (SSL_ERROR_BASE + 34),
-SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH	= (SSL_ERROR_BASE + 35),
-SSL_ERROR_RX_MALFORMED_FINISHED 	= (SSL_ERROR_BASE + 36),
-/* 
- * Received a malformed (too long or short) SSL record.
- */
-SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER 	= (SSL_ERROR_BASE + 37),
-SSL_ERROR_RX_MALFORMED_ALERT	 	= (SSL_ERROR_BASE + 38),
-SSL_ERROR_RX_MALFORMED_HANDSHAKE 	= (SSL_ERROR_BASE + 39),
-SSL_ERROR_RX_MALFORMED_APPLICATION_DATA	= (SSL_ERROR_BASE + 40),
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST	= (SSL_ERROR_BASE + 41),
-SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO	= (SSL_ERROR_BASE + 42),
-SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO	= (SSL_ERROR_BASE + 43),
-SSL_ERROR_RX_UNEXPECTED_CERTIFICATE	= (SSL_ERROR_BASE + 44),
-SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH	= (SSL_ERROR_BASE + 45),
-SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST	= (SSL_ERROR_BASE + 46),
-SSL_ERROR_RX_UNEXPECTED_HELLO_DONE	= (SSL_ERROR_BASE + 47),
-SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY	= (SSL_ERROR_BASE + 48),
-SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH	= (SSL_ERROR_BASE + 49),
-SSL_ERROR_RX_UNEXPECTED_FINISHED 	= (SSL_ERROR_BASE + 50),
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER 	= (SSL_ERROR_BASE + 51),
-SSL_ERROR_RX_UNEXPECTED_ALERT	 	= (SSL_ERROR_BASE + 52),
-SSL_ERROR_RX_UNEXPECTED_HANDSHAKE 	= (SSL_ERROR_BASE + 53),
-SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA= (SSL_ERROR_BASE + 54),
-/*
- * Received record/message with unknown discriminant.
- */
-SSL_ERROR_RX_UNKNOWN_RECORD_TYPE	= (SSL_ERROR_BASE + 55),
-SSL_ERROR_RX_UNKNOWN_HANDSHAKE 		= (SSL_ERROR_BASE + 56),
-SSL_ERROR_RX_UNKNOWN_ALERT 		= (SSL_ERROR_BASE + 57),
-/* 
- * Received an alert reporting what we did wrong.  (more alerts above)
- */
-SSL_ERROR_CLOSE_NOTIFY_ALERT 		= (SSL_ERROR_BASE + 58),
-SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT 	= (SSL_ERROR_BASE + 59),
-SSL_ERROR_DECOMPRESSION_FAILURE_ALERT 	= (SSL_ERROR_BASE + 60),
-SSL_ERROR_HANDSHAKE_FAILURE_ALERT 	= (SSL_ERROR_BASE + 61),
-SSL_ERROR_ILLEGAL_PARAMETER_ALERT 	= (SSL_ERROR_BASE + 62),
-SSL_ERROR_UNSUPPORTED_CERT_ALERT 	= (SSL_ERROR_BASE + 63),
-SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT 	= (SSL_ERROR_BASE + 64),
-
-SSL_ERROR_GENERATE_RANDOM_FAILURE	= (SSL_ERROR_BASE + 65),
-SSL_ERROR_SIGN_HASHES_FAILURE		= (SSL_ERROR_BASE + 66),
-SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE	= (SSL_ERROR_BASE + 67),
-SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE	= (SSL_ERROR_BASE + 68),
-SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE	= (SSL_ERROR_BASE + 69),
-
-SSL_ERROR_ENCRYPTION_FAILURE		= (SSL_ERROR_BASE + 70),
-SSL_ERROR_DECRYPTION_FAILURE		= (SSL_ERROR_BASE + 71),
-SSL_ERROR_SOCKET_WRITE_FAILURE		= (SSL_ERROR_BASE + 72),
-
-SSL_ERROR_MD5_DIGEST_FAILURE		= (SSL_ERROR_BASE + 73),
-SSL_ERROR_SHA_DIGEST_FAILURE		= (SSL_ERROR_BASE + 74),
-SSL_ERROR_MAC_COMPUTATION_FAILURE	= (SSL_ERROR_BASE + 75),
-SSL_ERROR_SYM_KEY_CONTEXT_FAILURE	= (SSL_ERROR_BASE + 76),
-SSL_ERROR_SYM_KEY_UNWRAP_FAILURE	= (SSL_ERROR_BASE + 77),
-SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED	= (SSL_ERROR_BASE + 78),
-SSL_ERROR_IV_PARAM_FAILURE		= (SSL_ERROR_BASE + 79),
-SSL_ERROR_INIT_CIPHER_SUITE_FAILURE	= (SSL_ERROR_BASE + 80),
-SSL_ERROR_SESSION_KEY_GEN_FAILURE	= (SSL_ERROR_BASE + 81),
-SSL_ERROR_NO_SERVER_KEY_FOR_ALG		= (SSL_ERROR_BASE + 82),
-SSL_ERROR_TOKEN_INSERTION_REMOVAL	= (SSL_ERROR_BASE + 83),
-SSL_ERROR_TOKEN_SLOT_NOT_FOUND		= (SSL_ERROR_BASE + 84),
-SSL_ERROR_NO_COMPRESSION_OVERLAP	= (SSL_ERROR_BASE + 85),
-SSL_ERROR_HANDSHAKE_NOT_COMPLETED	= (SSL_ERROR_BASE + 86),
-SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE	= (SSL_ERROR_BASE + 87),
-SSL_ERROR_CERT_KEA_MISMATCH		= (SSL_ERROR_BASE + 88),
-SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA	= (SSL_ERROR_BASE + 89),
-SSL_ERROR_SESSION_NOT_FOUND		= (SSL_ERROR_BASE + 90),
-
-SSL_ERROR_DECRYPTION_FAILED_ALERT	= (SSL_ERROR_BASE + 91),
-SSL_ERROR_RECORD_OVERFLOW_ALERT		= (SSL_ERROR_BASE + 92),
-SSL_ERROR_UNKNOWN_CA_ALERT		= (SSL_ERROR_BASE + 93),
-SSL_ERROR_ACCESS_DENIED_ALERT		= (SSL_ERROR_BASE + 94),
-SSL_ERROR_DECODE_ERROR_ALERT		= (SSL_ERROR_BASE + 95),
-SSL_ERROR_DECRYPT_ERROR_ALERT		= (SSL_ERROR_BASE + 96),
-SSL_ERROR_EXPORT_RESTRICTION_ALERT	= (SSL_ERROR_BASE + 97),
-SSL_ERROR_PROTOCOL_VERSION_ALERT	= (SSL_ERROR_BASE + 98),
-SSL_ERROR_INSUFFICIENT_SECURITY_ALERT	= (SSL_ERROR_BASE + 99),
-SSL_ERROR_INTERNAL_ERROR_ALERT		= (SSL_ERROR_BASE + 100),
-SSL_ERROR_USER_CANCELED_ALERT		= (SSL_ERROR_BASE + 101),
-SSL_ERROR_NO_RENEGOTIATION_ALERT	= (SSL_ERROR_BASE + 102),
-
-SSL_ERROR_END_OF_LIST	/* let the c compiler determine the value of this. */
-} SSLErrorCodes;
-#endif /* NO_SECURITY_ERROR_ENUM */
-
-#endif /* __SSL_ERR_H_ */
diff --git a/security/nss/lib/ssl/sslgathr.c b/security/nss/lib/ssl/sslgathr.c
deleted file mode 100644
index 9f06a25e3..000000000
--- a/security/nss/lib/ssl/sslgathr.c
+++ /dev/null
@@ -1,476 +0,0 @@
-/*
- * Gather (Read) entire SSL2 records from socket into buffer.  
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-
-/* Forward static declarations */
-static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss);
-
-/*
-** Gather a single record of data from the receiving stream. This code
-** first gathers the header (2 or 3 bytes long depending on the value of
-** the most significant bit in the first byte) then gathers up the data
-** for the record into gs->buf. This code handles non-blocking I/O
-** and is to be called multiple times until ss->sec.recordLen != 0.
-** This function decrypts the gathered record in place, in gs_buf.
- *
- * Caller must hold RecvBufLock. 
- *
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns  0 if it hits EOF.
- * Returns -1 (SECFailure)    on any error
- * Returns -2 (SECWouldBlock) when it gathers an SSL v3 client hello header.
-**
-** The SSL2 Gather State machine has 4 states:
-** GS_INIT   - Done reading in previous record.  Haven't begun to read in
-**             next record.  When ssl2_GatherData is called with the machine
-**             in this state, the machine will attempt to read the first 3
-**             bytes of the SSL2 record header, and will advance the state
-**             to GS_HEADER.
-**
-** GS_HEADER - The machine is in this state while waiting for the completion
-**             of the first 3 bytes of the SSL2 record.  When complete, the
-**             machine will compute the remaining unread length of this record
-**             and will initiate a read of that many bytes.  The machine will
-**             advance to one of two states, depending on whether the record
-**             is encrypted (GS_MAC), or unencrypted (GS_DATA).
-**
-** GS_MAC    - The machine is in this state while waiting for the remainder 
-**             of the SSL2 record to be read in.  When the read is completed,
-**             the machine checks the record for valid length, decrypts it,
-**             and checks and discards the MAC, then advances to GS_INIT.
-**
-** GS_DATA   - The machine is in this state while waiting for the remainder
-**             of the unencrypted SSL2 record to be read in.  Upon completion,
-**             the machine advances to the GS_INIT state and returns the data.
-*/
-int 
-ssl2_GatherData(sslSocket *ss, sslGather *gs, int flags)
-{
-    unsigned char *  bp;
-    unsigned char *  pBuf;
-    int              nb, err, rv;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
-    if (gs->state == GS_INIT) {
-	/* Initialize gathering engine */
-	gs->state         = GS_HEADER;
-	gs->remainder     = 3;
-	gs->count         = 3;
-	gs->offset        = 0;
-	gs->recordLen     = 0;
-	gs->recordPadding = 0;
-	gs->hdr[2]        = 0;
-
-	gs->writeOffset   = 0;
-	gs->readOffset    = 0;
-    }
-    if (gs->encrypted) {
-	PORT_Assert(ss->sec.hash != 0);
-    }
-
-    pBuf = gs->buf.buf;
-    for (;;) {
-	SSL_TRC(30, ("%d: SSL[%d]: gather state %d (need %d more)",
-		     SSL_GETPID(), ss->fd, gs->state, gs->remainder));
-	bp = ((gs->state != GS_HEADER) ? pBuf : gs->hdr) + gs->offset;
-	nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
-	if (nb > 0) {
-	    PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
-	}
-	if (nb == 0) {
-	    /* EOF */
-	    SSL_TRC(30, ("%d: SSL[%d]: EOF", SSL_GETPID(), ss->fd));
-	    rv = 0;
-	    break;
-	}
-	if (nb < 0) {
-	    SSL_DBG(("%d: SSL[%d]: recv error %d", SSL_GETPID(), ss->fd,
-		     PR_GetError()));
-	    rv = SECFailure;
-	    break;
-	}
-
-	gs->offset    += nb;
-	gs->remainder -= nb;
-
-	if (gs->remainder > 0) {
-	    continue;
-	}
-
-	/* Probably finished this piece */
-	switch (gs->state) {
-	case GS_HEADER: 
-	    if ((ss->enableSSL3 || ss->enableTLS) && !ss->firstHsDone) {
-
-		PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-		/* If this looks like an SSL3 handshake record, 
-		** and we're expecting an SSL2 Hello message from our peer, 
-		** handle it here.
-		*/
-		if (gs->hdr[0] == content_handshake) {
-		    if ((ss->nextHandshake == ssl2_HandleClientHelloMessage) ||
-			(ss->nextHandshake == ssl2_HandleServerHelloMessage)) {
-			rv = ssl2_HandleV3HandshakeRecord(ss);
-			if (rv == SECFailure) {
-			    return SECFailure;
-			}
-		    }
-		    /* XXX_1	The call stack to here is:
-		     * ssl_Do1stHandshake -> ssl_GatherRecord1stHandshake -> 
-		     *			ssl2_GatherRecord -> here.
-		     * We want to return all the way out to ssl_Do1stHandshake,
-		     * and have it call ssl_GatherRecord1stHandshake again. 
-		     * ssl_GatherRecord1stHandshake will call 
-		     * ssl3_GatherCompleteHandshake when it is called again.
-		     *
-		     * Returning SECWouldBlock here causes 
-		     * ssl_GatherRecord1stHandshake to return without clearing 
-		     * ss->handshake, ensuring that ssl_Do1stHandshake will 
-		     * call it again immediately.
-		     * 
-		     * If we return 1 here, ssl_GatherRecord1stHandshake will 
-		     * clear ss->handshake before returning, and thus will not 
-		     * be called again by ssl_Do1stHandshake.  
-		     */
-		    return SECWouldBlock;
-		} else if (gs->hdr[0] == content_alert) {
-		    if (ss->nextHandshake == ssl2_HandleServerHelloMessage) {
-			/* XXX This is a hack.  We're assuming that any failure
-			 * XXX on the client hello is a failure to match
-			 * XXX ciphers.
-			 */
-			PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
-			return SECFailure;
-		    }
-		}
-	    }	/* ((ss->enableSSL3 || ss->enableTLS) && !ss->firstHsDone) */
-
-	    /* we've got the first 3 bytes.  The header may be two or three. */
-	    if (gs->hdr[0] & 0x80) {
-		/* This record has a 2-byte header, and no padding */
-		gs->count = ((gs->hdr[0] & 0x7f) << 8) | gs->hdr[1];
-		gs->recordPadding = 0;
-	    } else {
-		/* This record has a 3-byte header that is all read in now. */
-		gs->count = ((gs->hdr[0] & 0x3f) << 8) | gs->hdr[1];
-	    /*  is_escape =  (gs->hdr[0] & 0x40) != 0; */
-		gs->recordPadding = gs->hdr[2];
-	    }
-
-	    if (gs->count > gs->buf.space) {
-		err = sslBuffer_Grow(&gs->buf, gs->count);
-		if (err) {
-		    return err;
-		}
-		pBuf = gs->buf.buf;
-	    }
-
-
-	    if (gs->hdr[0] & 0x80) {
-	    	/* we've already read in the first byte of the body.
-		** Put it into the buffer.
-		*/
-		pBuf[0]        = gs->hdr[2];
-		gs->offset    = 1;
-		gs->remainder = gs->count - 1;
-	    } else {
-		gs->offset    = 0;
-		gs->remainder = gs->count;
-	    }
-
-	    if (gs->encrypted) {
-		gs->state     = GS_MAC;
-		gs->recordLen = gs->count - gs->recordPadding
-		                          - ss->sec.hash->length;
-	    } else {
-		gs->state     = GS_DATA;
-		gs->recordLen = gs->count;
-	    }
-
-	    break;
-
-
-	case GS_MAC:
-	    /* Have read in entire rest of the ciphertext.  
-	    ** Check for valid length.
-	    ** Decrypt it.
-	    ** Check the MAC.
-	    */
-	    PORT_Assert(gs->encrypted);
-
-	  {
-	    unsigned int     macLen;
-	    int              nout;
-	    unsigned char    mac[SSL_MAX_MAC_BYTES];
-
-	    ssl_GetSpecReadLock(ss); /**********************************/
-
-	    /* If this is a stream cipher, blockSize will be 1,
-	     * and this test will always be false.
-	     * If this is a block cipher, this will detect records
-	     * that are not a multiple of the blocksize in length.
-	     */
-	    if (gs->count & (ss->sec.blockSize - 1)) {
-		/* This is an error. Sender is misbehaving */
-		SSL_DBG(("%d: SSL[%d]: sender, count=%d blockSize=%d",
-			 SSL_GETPID(), ss->fd, gs->count,
-			 ss->sec.blockSize));
-		PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
-		rv = SECFailure;
-		goto spec_locked_done;
-	    }
-	    PORT_Assert(gs->count == gs->offset);
-
-	    if (gs->offset == 0) {
-		rv = 0;			/* means EOF. */
-		goto spec_locked_done;
-	    }
-
-	    /* Decrypt the portion of data that we just recieved.
-	    ** Decrypt it in place.
-	    */
-	    rv = (*ss->sec.dec)(ss->sec.readcx, pBuf, &nout, gs->offset,
-			     pBuf, gs->offset);
-	    if (rv != SECSuccess) {
-		goto spec_locked_done;
-	    }
-
-
-	    /* Have read in all the MAC portion of record 
-	    **
-	    ** Prepare MAC by resetting it and feeding it the shared secret
-	    */
-	    macLen = ss->sec.hash->length;
-	    if (gs->offset >= macLen) {
-		uint32           sequenceNumber = ss->sec.rcvSequence++;
-		unsigned char    seq[4];
-
-		seq[0] = (unsigned char) (sequenceNumber >> 24);
-		seq[1] = (unsigned char) (sequenceNumber >> 16);
-		seq[2] = (unsigned char) (sequenceNumber >> 8);
-		seq[3] = (unsigned char) (sequenceNumber);
-
-		(*ss->sec.hash->begin)(ss->sec.hashcx);
-		(*ss->sec.hash->update)(ss->sec.hashcx, ss->sec.rcvSecret.data,
-				        ss->sec.rcvSecret.len);
-		(*ss->sec.hash->update)(ss->sec.hashcx, pBuf + macLen, 
-				        gs->offset - macLen);
-		(*ss->sec.hash->update)(ss->sec.hashcx, seq, 4);
-		(*ss->sec.hash->end)(ss->sec.hashcx, mac, &macLen, macLen);
-	    }
-
-	    PORT_Assert(macLen == ss->sec.hash->length);
-
-	    ssl_ReleaseSpecReadLock(ss);  /******************************/
-
-	    if (PORT_Memcmp(mac, pBuf, macLen) != 0) {
-		/* MAC's didn't match... */
-		SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
-			 SSL_GETPID(), ss->fd, ss->sec.rcvSequence));
-		PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
-		PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
-		PORT_SetError(SSL_ERROR_BAD_MAC_READ);
-		rv = SECFailure;
-		goto cleanup;
-	    }
-
-
-	    PORT_Assert(gs->recordPadding + macLen <= gs->offset);
-	    if (gs->recordPadding + macLen <= gs->offset) {
-		gs->recordOffset  = macLen;
-		gs->readOffset    = macLen;
-		gs->writeOffset   = gs->offset - gs->recordPadding;
-		rv = 1;
-	    } else {
-		PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
-cleanup:
-		/* nothing in the buffer any more. */
-		gs->recordOffset  = 0;
-		gs->readOffset    = 0;
-	    	gs->writeOffset   = 0;
-		rv = SECFailure;
-	    }
-
-	    gs->recordLen     = gs->writeOffset - gs->readOffset;
-	    gs->recordPadding = 0;	/* forget we did any padding. */
-	    gs->state = GS_INIT;
-
-
-	    if (rv > 0) {
-		PRINT_BUF(50, (ss, "recv clear record:", 
-		               pBuf + gs->recordOffset, gs->recordLen));
-	    }
-	    return rv;
-
-spec_locked_done:
-	    ssl_ReleaseSpecReadLock(ss);
-	    return rv;
-	  }
-
-	case GS_DATA:
-	    /* Have read in all the DATA portion of record */
-
-	    gs->recordOffset  = 0;
-	    gs->readOffset    = 0;
-	    gs->writeOffset   = gs->offset;
-	    PORT_Assert(gs->recordLen == gs->writeOffset - gs->readOffset);
-	    gs->recordLen     = gs->offset;
-	    gs->recordPadding = 0;
-	    gs->state         = GS_INIT;
-
-	    ++ss->sec.rcvSequence;
-
-	    PRINT_BUF(50, (ss, "recv clear record:", 
-	                   pBuf + gs->recordOffset, gs->recordLen));
-	    return 1;
-
-	}	/* end switch gs->state */
-    }		/* end gather loop. */
-    return rv;
-}
-
-/*
-** Gather a single record of data from the receiving stream. This code
-** first gathers the header (2 or 3 bytes long depending on the value of
-** the most significant bit in the first byte) then gathers up the data
-** for the record into the readBuf. This code handles non-blocking I/O
-** and is to be called multiple times until ss->sec.recordLen != 0.
- *
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns  0 if it hits EOF.
- * Returns -1 (SECFailure)    on any error
- * Returns -2 (SECWouldBlock) 
- *
- * Called by ssl_GatherRecord1stHandshake in sslcon.c, 
- * and by DoRecv in sslsecur.c
- * Caller must hold RecvBufLock.
- */
-int 
-ssl2_GatherRecord(sslSocket *ss, int flags)
-{
-    return ssl2_GatherData(ss, &ss->gs, flags);
-}
-
-/*
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns  0 if it hits EOF.
- * Returns -1 (SECFailure)    on any error
- * Returns -2 (SECWouldBlock) 
- *
- * Called from SocksStartGather in sslsocks.c
- * Caller must hold RecvBufLock. 
- */
-int 
-ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs, unsigned int count)
-{
-    int rv;
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    gs->state     = GS_DATA;
-    gs->remainder = count;
-    gs->count     = count;
-    gs->offset    = 0;
-    if (count > gs->buf.space) {
-	rv = sslBuffer_Grow(&gs->buf, count);
-	if (rv) {
-	    return rv;
-	}
-    }
-    return ssl2_GatherData(ss, gs, 0);
-}
-
-/* Caller should hold RecvBufLock. */
-SECStatus
-ssl_InitGather(sslGather *gs)
-{
-    SECStatus status;
-
-    gs->state = GS_INIT;
-    gs->writeOffset = 0;
-    gs->readOffset  = 0;
-    status = sslBuffer_Grow(&gs->buf, 4096);
-    return status;
-}
-
-/* Caller must hold RecvBufLock. */
-void 
-ssl_DestroyGather(sslGather *gs)
-{
-    if (gs) {	/* the PORT_*Free functions check for NULL pointers. */
-	PORT_ZFree(gs->buf.buf, gs->buf.space);
-	PORT_Free(gs->inbuf.buf);
-    }
-}
-
-/* Caller must hold RecvBufLock. */
-static SECStatus
-ssl2_HandleV3HandshakeRecord(sslSocket *ss)
-{
-    SECStatus           rv;
-    SSL3ProtocolVersion version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
-
-    PORT_Assert( ssl_HaveRecvBufLock(ss) );
-    PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
-    /* We've read in 3 bytes, there are 2 more to go in an ssl3 header. */
-    ss->gs.remainder         = 2;
-    ss->gs.count             = 0;
-
-    /* Clearing these handshake pointers ensures that 
-     * ssl_Do1stHandshake won't call ssl2_HandleMessage when we return.
-     */
-    ss->nextHandshake     = 0;
-    ss->securityHandshake = 0;
-
-    /* Setting ss->version to an SSL 3.x value will cause 
-    ** ssl_GatherRecord1stHandshake to invoke ssl3_GatherCompleteHandshake() 
-    ** the next time it is called.
-    **/
-    rv = ssl3_NegotiateVersion(ss, version);
-    if (rv != SECSuccess) {
-	return rv;
-    }
-
-    ss->sec.send         = ssl3_SendApplicationData;
-
-    return SECSuccess;
-}
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
deleted file mode 100644
index e9dfe6f31..000000000
--- a/security/nss/lib/ssl/sslimpl.h
+++ /dev/null
@@ -1,1302 +0,0 @@
-/*
- * This file is PRIVATE to SSL and should be the first thing included by
- * any SSL implementation file.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslimpl_h_
-#define __sslimpl_h_
-
-#ifdef DEBUG
-#undef NDEBUG
-#else
-#undef NDEBUG
-#define NDEBUG
-#endif
-#include "secport.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "ssl3prot.h"
-#include "hasht.h"
-#include "nssilock.h"
-#include "pkcs11t.h"
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include "unistd.h"
-#endif
-#include "nssrwlk.h"
-#include "prthread.h"
-
-#include "sslt.h" /* for some formerly private types, now public */
-
-/* to make some of these old enums public without namespace pollution,
-** it was necessary to prepend ssl_ to the names.
-** These #defines preserve compatibility with the old code here in libssl.
-*/
-typedef SSLKEAType      SSL3KEAType;
-typedef SSLMACAlgorithm SSL3MACAlgorithm;
-typedef SSLSignType     SSL3SignType;
-
-#define sign_null	ssl_sign_null
-#define sign_rsa	ssl_sign_rsa
-#define sign_dsa	ssl_sign_dsa
-
-#define calg_null	ssl_calg_null
-#define calg_rc4	ssl_calg_rc4
-#define calg_rc2	ssl_calg_rc2
-#define calg_des	ssl_calg_des
-#define calg_3des	ssl_calg_3des
-#define calg_idea	ssl_calg_idea
-#define calg_fortezza	ssl_calg_fortezza
-#define calg_aes	ssl_calg_aes
-
-#define mac_null	ssl_mac_null
-#define mac_md5 	ssl_mac_md5
-#define mac_sha 	ssl_mac_sha
-#define hmac_md5	ssl_hmac_md5
-#define hmac_sha	ssl_hmac_sha
-
-
-#if defined(DEBUG) || defined(TRACE)
-#ifdef __cplusplus
-#define Debug 1
-#else
-extern int Debug;
-#endif
-#else
-#undef Debug
-#endif
-#if defined(DEBUG)
-#define TRACE
-#endif
-
-#ifdef TRACE
-#define SSL_TRC(a,b) if (ssl_trace >= (a)) ssl_Trace b
-#define PRINT_BUF(a,b) if (ssl_trace >= (a)) ssl_PrintBuf b
-#define DUMP_MSG(a,b) if (ssl_trace >= (a)) ssl_DumpMsg b
-#else
-#define SSL_TRC(a,b)
-#define PRINT_BUF(a,b)
-#define DUMP_MSG(a,b)
-#endif
-
-#ifdef DEBUG
-#define SSL_DBG(b) if (ssl_debug) ssl_Trace b
-#else
-#define SSL_DBG(b)
-#endif
-
-#if defined (DEBUG)
-#ifdef macintosh
-#include "pprthred.h"
-#else
-#include "private/pprthred.h"	/* for PR_InMonitor() */
-#endif
-#define ssl_InMonitor(m) PZ_InMonitor(m)
-#endif
-
-#define LSB(x) ((unsigned char) (x & 0xff))
-#define MSB(x) ((unsigned char) (((unsigned)(x)) >> 8))
-
-/************************************************************************/
-
-typedef enum { SSLAppOpRead = 0,
-	       SSLAppOpWrite,
-	       SSLAppOpRDWR,
-	       SSLAppOpPost,
-	       SSLAppOpHeader
-} SSLAppOperation;
-
-#define SSL_MIN_MASTER_KEY_BYTES	5
-#define SSL_MAX_MASTER_KEY_BYTES	64
-
-#define SSL2_SESSIONID_BYTES		16
-#define SSL3_SESSIONID_BYTES		32
-
-#define SSL_MIN_CHALLENGE_BYTES		16
-#define SSL_MAX_CHALLENGE_BYTES		32
-#define SSL_CHALLENGE_BYTES		16
-
-#define SSL_CONNECTIONID_BYTES		16
-
-#define SSL_MIN_CYPHER_ARG_BYTES	0
-#define SSL_MAX_CYPHER_ARG_BYTES	32
-
-#define SSL_MAX_MAC_BYTES		16
-
-/* number of wrap mechanisms potentially used to wrap master secrets. */
-#define SSL_NUM_WRAP_MECHS              13
-
-/* This makes the cert cache entry exactly 4k. */
-#define SSL_MAX_CACHED_CERT_LEN		4060
-
-#ifndef BPB
-#define BPB 8 /* Bits Per Byte */
-#endif
-
-typedef struct sslBufferStr             sslBuffer;
-typedef struct sslConnectInfoStr        sslConnectInfo;
-typedef struct sslGatherStr             sslGather;
-typedef struct sslSecurityInfoStr       sslSecurityInfo;
-typedef struct sslSessionIDStr          sslSessionID;
-typedef struct sslSocketStr             sslSocket;
-typedef struct sslSocketOpsStr          sslSocketOps;
-
-typedef struct ssl3StateStr             ssl3State;
-typedef struct ssl3CertNodeStr          ssl3CertNode;
-typedef struct ssl3BulkCipherDefStr     ssl3BulkCipherDef;
-typedef struct ssl3MACDefStr            ssl3MACDef;
-typedef struct ssl3KeyPairStr		ssl3KeyPair;
-
-struct ssl3CertNodeStr {
-    struct ssl3CertNodeStr *next;
-    CERTCertificate *       cert;
-};
-
-typedef SECStatus (*sslHandshakeFunc)(sslSocket *ss);
-
-/* This type points to the low layer send func, 
-** e.g. ssl2_SendStream or ssl3_SendPlainText.
-** These functions return the same values as PR_Send, 
-** i.e.  >= 0 means number of bytes sent, < 0 means error.
-*/
-typedef PRInt32       (*sslSendFunc)(sslSocket *ss, const unsigned char *buf,
-			             PRInt32 n, PRInt32 flags);
-
-typedef void          (*sslSessionIDCacheFunc)  (sslSessionID *sid);
-typedef void          (*sslSessionIDUncacheFunc)(sslSessionID *sid);
-typedef sslSessionID *(*sslSessionIDLookupFunc)(const PRIPv6Addr    *addr,
-						unsigned char* sid,
-						unsigned int   sidLen,
-                                                CERTCertDBHandle * dbHandle);
-
-
-/* Socket ops */
-struct sslSocketOpsStr {
-    int         (*connect) (sslSocket *, const PRNetAddr *);
-    PRFileDesc *(*accept)  (sslSocket *, PRNetAddr *);
-    int         (*bind)    (sslSocket *, const PRNetAddr *);
-    int         (*listen)  (sslSocket *, int);
-    int         (*shutdown)(sslSocket *, int);
-    int         (*close)   (sslSocket *);
-
-    int         (*recv)    (sslSocket *, unsigned char *, int, int);
-
-    /* points to the higher-layer send func, e.g. ssl_SecureSend. */
-    int         (*send)    (sslSocket *, const unsigned char *, int, int);
-    int         (*read)    (sslSocket *, unsigned char *, int);
-    int         (*write)   (sslSocket *, const unsigned char *, int);
-
-    int         (*getpeername)(sslSocket *, PRNetAddr *);
-    int         (*getsockname)(sslSocket *, PRNetAddr *);
-};
-
-/* Flags interpreted by ssl send functions. */
-#define ssl_SEND_FLAG_FORCE_INTO_BUFFER	0x40000000
-#define ssl_SEND_FLAG_NO_BUFFER		0x20000000
-#define ssl_SEND_FLAG_MASK		0x7f000000
-
-/*
-** A buffer object.
-*/
-struct sslBufferStr {
-    unsigned char *	buf;
-    unsigned int 	len;
-    unsigned int 	space;
-};
-
-/*
-** SSL3 cipher suite policy and preference struct.
-*/
-typedef struct {
-#if !defined(_WIN32)
-    unsigned int    cipher_suite : 16;
-    unsigned int    policy       :  8;
-    unsigned int    enabled      :  1;
-    unsigned int    isPresent    :  1;
-#else
-    ssl3CipherSuite cipher_suite;
-    PRUint8         policy;
-    unsigned char   enabled   : 1;
-    unsigned char   isPresent : 1;
-#endif
-} ssl3CipherSuiteCfg;
-
-#define ssl_V3_SUITES_IMPLEMENTED 25
-
-typedef struct sslOptionsStr {
-    unsigned int useSecurity		: 1;  /*  1 */
-    unsigned int useSocks		: 1;  /*  2 */
-    unsigned int requestCertificate	: 1;  /*  3 */
-    unsigned int requireCertificate	: 2;  /*  4-5 */
-    unsigned int handshakeAsClient	: 1;  /*  6 */
-    unsigned int handshakeAsServer	: 1;  /*  7 */
-    unsigned int enableSSL2		: 1;  /*  8 */
-    unsigned int enableSSL3		: 1;  /*  9 */
-    unsigned int enableTLS		: 1;  /* 10 */
-    unsigned int noCache		: 1;  /* 11 */
-    unsigned int fdx			: 1;  /* 12 */
-    unsigned int v2CompatibleHello	: 1;  /* 13 */
-    unsigned int detectRollBack  	: 1;  /* 14 */
-} sslOptions;
-
-typedef enum { sslHandshakingUndetermined = 0,
-	       sslHandshakingAsClient,
-	       sslHandshakingAsServer 
-} sslHandshakingType;
-
-typedef struct sslServerCertsStr {
-    /* Configuration state for server sockets */
-    CERTCertificate *     serverCert;
-    CERTCertificateList * serverCertChain;
-    SECKEYPrivateKey *    serverKey;
-    unsigned int          serverKeyBits;
-} sslServerCerts;
-
-
-#define SSL_LOCK_RANK_SPEC 	255
-#define SSL_LOCK_RANK_GLOBAL 	NSS_RWLOCK_RANK_NONE
-
-/* These are the valid values for shutdownHow. 
-** These values are each 1 greater than the NSPR values, and the code
-** depends on that relation to efficiently convert PR_SHUTDOWN values 
-** into ssl_SHUTDOWN values.  These values use one bit for read, and 
-** another bit for write, and can be used as bitmasks.
-*/
-#define ssl_SHUTDOWN_NONE	0	/* NOT shutdown at all */
-#define ssl_SHUTDOWN_RCV	1	/* PR_SHUTDOWN_RCV  +1 */
-#define ssl_SHUTDOWN_SEND	2	/* PR_SHUTDOWN_SEND +1 */
-#define ssl_SHUTDOWN_BOTH	3	/* PR_SHUTDOWN_BOTH +1 */
-
-/*
-** A gather object. Used to read some data until a count has been
-** satisfied. Primarily for support of async sockets.
-** Everything in here is protected by the recvBufLock.
-*/
-struct sslGatherStr {
-    int           state;	/* see GS_ values below. */     /* ssl 2 & 3 */
-
-    /* "buf" holds received plaintext SSL records, after decrypt and MAC check.
-     * SSL2: recv'd ciphertext records are put here, then decrypted in place.
-     * SSL3: recv'd ciphertext records are put in inbuf (see below), then 
-     *       decrypted into buf.
-     */
-    sslBuffer     buf;				/*recvBufLock*/	/* ssl 2 & 3 */
-
-    /* number of bytes previously read into hdr or buf(ssl2) or inbuf (ssl3). 
-    ** (offset - writeOffset) is the number of ciphertext bytes read in but 
-    **     not yet deciphered.
-    */
-    unsigned int  offset;                                       /* ssl 2 & 3 */
-
-    /* number of bytes to read in next call to ssl_DefRecv (recv) */
-    unsigned int  remainder;                                    /* ssl 2 & 3 */
-
-    /* Number of ciphertext bytes to read in after 2-byte SSL record header. */
-    unsigned int  count;					/* ssl2 only */
-
-    /* size of the final plaintext record. 
-    ** == count - (recordPadding + MAC size)
-    */
-    unsigned int  recordLen;					/* ssl2 only */
-
-    /* number of bytes of padding to be removed after decrypting. */
-    /* This value is taken from the record's hdr[2], which means a too large
-     * value could crash us.
-     */
-    unsigned int  recordPadding;				/* ssl2 only */
-
-    /* plaintext DATA begins this many bytes into "buf".  */
-    unsigned int  recordOffset;					/* ssl2 only */
-
-    int           encrypted;    /* SSL2 session is now encrypted.  ssl2 only */
-
-    /* These next two values are used by SSL2 and SSL3.  
-    ** DoRecv uses them to extract application data.
-    ** The difference between writeOffset and readOffset is the amount of 
-    ** data available to the application.   Note that the actual offset of 
-    ** the data in "buf" is recordOffset (above), not readOffset.
-    ** In the current implementation, this is made available before the 
-    ** MAC is checked!!
-    */
-    unsigned int  readOffset;  /* Spot where DATA reader (e.g. application
-                               ** or handshake code) will read next.
-                               ** Always zero for SSl3 application data.
-			       */
-    /* offset in buf/inbuf/hdr into which new data will be read from socket. */
-    unsigned int  writeOffset; 
-
-    /* Buffer for ssl3 to read (encrypted) data from the socket */
-    sslBuffer     inbuf;			/*recvBufLock*/	/* ssl3 only */
-
-    /* The ssl[23]_GatherData functions read data into this buffer, rather
-    ** than into buf or inbuf, while in the GS_HEADER state.  
-    ** The portion of the SSL record header put here always comes off the wire 
-    ** as plaintext, never ciphertext.
-    ** For SSL2, the plaintext portion is two bytes long.  For SSl3 it is 5.
-    */
-    unsigned char hdr[5];					/* ssl 2 & 3 */
-};
-
-/* sslGather.state */
-#define GS_INIT		0
-#define GS_HEADER	1
-#define GS_MAC		2
-#define GS_DATA		3
-#define GS_PAD		4
-
-typedef SECStatus (*SSLCipher)(void *               context, 
-                               unsigned char *      out,
-			       int *                outlen, 
-			       int                  maxout, 
-			       const unsigned char *in,
-			       int                  inlen);
-typedef SECStatus (*SSLDestroy)(void *context, PRBool freeit);
-
-
-
-/*
-** ssl3State and CipherSpec structs
-*/
-
-/* The SSL bulk cipher definition */
-typedef enum {
-    cipher_null,
-    cipher_rc4, 
-    cipher_rc4_40,
-    cipher_rc4_56,
-    cipher_rc2, 
-    cipher_rc2_40,
-    cipher_des, 
-    cipher_3des, 
-    cipher_des40,
-    cipher_idea, 
-    cipher_fortezza,
-    cipher_aes_128,
-    cipher_aes_256,
-    cipher_missing              /* reserved for no such supported cipher */
-} SSL3BulkCipher;
-
-typedef enum { type_stream, type_block } CipherType;
-
-#define MAX_IV_LENGTH 64
-
-/*
- * Do not depend upon 64 bit arithmetic in the underlying machine. 
- */
-typedef struct {
-    uint32         high;
-    uint32         low;
-} SSL3SequenceNumber;
-
-typedef struct {
-    SSL3Opaque write_iv[MAX_IV_LENGTH];
-    PK11SymKey *write_key;
-    PK11SymKey *write_mac_key;
-    PK11Context *write_mac_context;
-} ssl3KeyMaterial;
-
-typedef struct {
-    SSL3Opaque        wrapped_client_write_key[12]; /* wrapped with Ks */
-    SSL3Opaque        wrapped_server_write_key[12]; /* wrapped with Ks */
-    SSL3Opaque        client_write_iv         [24];
-    SSL3Opaque        server_write_iv         [24];
-    SSL3Opaque        wrapped_master_secret   [48];
-    PRUint16          wrapped_master_secret_len;
-} ssl3SidKeys;
-
-/*
-** These are the "specs" in the "ssl3" struct.
-** Access to the pointers to these specs, and all the specs' contents
-** (direct and indirect) is protected by the reader/writer lock ss->specLock.
-*/
-typedef struct {
-    const ssl3BulkCipherDef *cipher_def;
-    const ssl3MACDef * mac_def;
-    int                mac_size;
-    SSLCipher          encode;
-    void *             encodeContext;
-    SSLCipher          decode;
-    void *             decodeContext;
-    SSLDestroy         destroy;
-    PK11SymKey *       master_secret;
-    ssl3KeyMaterial    client;
-    ssl3KeyMaterial    server;
-    SSL3SequenceNumber write_seq_num;
-    SSL3SequenceNumber read_seq_num;
-    SSL3ProtocolVersion version;
-} ssl3CipherSpec;
-
-typedef enum {	never_cached, 
-		in_client_cache, 
-		in_server_cache, 
-		invalid_cache		/* no longer in any cache. */
-} Cached;
-
-struct sslSessionIDStr {
-    sslSessionID *        next;   /* chain used for client sockets, only */
-
-    CERTCertificate *     peerCert;
-    const char *          peerID;     /* client only */
-    const char *          urlSvrName; /* client only */
-    CERTCertificate *     localCert;
-
-    PRIPv6Addr            addr;
-    PRUint16              port;
-
-    SSL3ProtocolVersion   version;
-
-    PRUint32              creationTime;		/* seconds since Jan 1, 1970 */
-    PRUint32              lastAccessTime;	/* seconds since Jan 1, 1970 */
-    PRUint32              expirationTime;	/* seconds since Jan 1, 1970 */
-    Cached                cached;
-    int                   references;
-
-    SSLSignType           authAlgorithm;
-    PRUint32              authKeyBits;
-    SSLKEAType            keaType;
-    PRUint32              keaKeyBits;
-
-    union {
-	struct {
-	    /* the V2 code depends upon the size of sessionID.  */
-	    unsigned char         sessionID[SSL2_SESSIONID_BYTES];
-
-	    /* Stuff used to recreate key and read/write cipher objects */
-	    SECItem               masterKey;
-	    int                   cipherType;
-	    SECItem               cipherArg;
-	    int                   keyBits;
-	    int                   secretKeyBits;
-	} ssl2;
-	struct {
-	    /* values that are copied into the server's on-disk SID cache. */
-	    uint8                 sessionIDLength;
-	    SSL3Opaque            sessionID[SSL3_SESSIONID_BYTES];
-
-	    ssl3CipherSuite       cipherSuite;
-	    SSL3CompressionMethod compression;
-	    PRBool                resumable;
-	    int                   policy;
-	    PRBool                hasFortezza;
-	    ssl3SidKeys           keys;
-	    CK_MECHANISM_TYPE     masterWrapMech;
-				  /* mechanism used to wrap master secret */
-            SSL3KEAType           exchKeyType;
-				  /* key type used in exchange algorithm,
-				   * and to wrap the sym wrapping key. */
-
-	    /* The following values are NOT restored from the server's on-disk
-	     * session cache, but are restored from the client's cache.
-	     */
- 	    PK11SymKey *      clientWriteKey;
-	    PK11SymKey *      serverWriteKey;
-	    PK11SymKey *      tek;
-
-	    /* The following values pertain to the slot that wrapped the 
-	    ** master secret. (used only in client)
-	    */
-	    SECMODModuleID    masterModuleID;
-				    /* what module wrapped the master secret */
-	    CK_SLOT_ID        masterSlotID;
-	    PRUint16	      masterWrapIndex;
-				/* what's the key index for the wrapping key */
-	    PRUint16          masterWrapSeries;
-	                        /* keep track of the slot series, so we don't 
-				 * accidently try to use new keys after the 
-				 * card gets removed and replaced.*/
-
-	    /* The following values pertain to the slot that did the signature
-	    ** for client auth.   (used only in client)
-	    */
-	    SECMODModuleID    clAuthModuleID;
-	    CK_SLOT_ID        clAuthSlotID;
-	    PRUint16          clAuthSeries;
-
-            char              masterValid;
-	    char              clAuthValid;
-
-	    /* the following values are used only in the client, and only 
-	     * with fortezza.
-	     */
-	    SSL3Opaque       clientWriteSave[80]; 
-	    int              clientWriteSaveLen;  
-	} ssl3;
-    } u;
-};
-
-
-typedef struct ssl3CipherSuiteDefStr {
-    ssl3CipherSuite          cipher_suite;
-    SSL3BulkCipher           bulk_cipher_alg;
-    SSL3MACAlgorithm         mac_alg;
-    SSL3KeyExchangeAlgorithm key_exchange_alg;
-} ssl3CipherSuiteDef;
-
-/*
-** There are tables of these, all const.
-*/
-typedef struct {
-    SSL3KeyExchangeAlgorithm kea;
-    SSL3KEAType              exchKeyType;
-    SSL3SignType             signKeyType;
-    PRBool                   is_limited;
-    int                      key_size_limit;
-    PRBool                   tls_keygen;
-} ssl3KEADef;
-
-typedef enum { kg_null, kg_strong, kg_export } SSL3KeyGenMode;
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3BulkCipherDefStr {
-    SSL3BulkCipher  cipher;
-    SSLCipherAlgorithm calg;
-    int             key_size;
-    int             secret_key_size;
-    CipherType      type;
-    int             iv_size;
-    int             block_size;
-    SSL3KeyGenMode  keygen_mode;
-};
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3MACDefStr {
-    SSL3MACAlgorithm mac;
-    CK_MECHANISM_TYPE mmech;
-    int              pad_size;
-    int              mac_size;
-};
-
-typedef enum {
-    wait_client_hello, 
-    wait_client_cert, 
-    wait_client_key,
-    wait_cert_verify, 
-    wait_change_cipher, 
-    wait_finished,
-    wait_server_hello, 
-    wait_server_cert, 
-    wait_server_key,
-    wait_cert_request, 
-    wait_hello_done,
-    idle_handshake
-} SSL3WaitState;
-
-/*
-** This is the "hs" member of the "ssl3" struct.
-** This entire struct is protected by ssl3HandshakeLock
-*/
-typedef struct SSL3HandshakeStateStr {
-    SSL3Random            server_random;
-    SSL3Random            client_random;
-    SSL3WaitState         ws;
-    PK11Context *         md5;            /* handshake running hashes */
-    PK11Context *         sha;
-const ssl3KEADef *        kea_def;
-    ssl3CipherSuite       cipher_suite;
-const ssl3CipherSuiteDef *suite_def;
-    SSL3CompressionMethod compression;
-    sslBuffer             msg_body;    /* protected by recvBufLock */
-                               /* partial handshake message from record layer */
-    unsigned int          header_bytes; 
-                               /* number of bytes consumed from handshake */
-                               /* message for message type and header length */
-    SSL3HandshakeType     msg_type;
-    unsigned long         msg_len;
-    SECItem               ca_list;     /* used only by client */
-    PRBool                isResuming;  /* are we resuming a session */
-    PRBool                rehandshake; /* immediately start another handshake 
-                                        * when this one finishes */
-    PRBool                usedStepDownKey;  /* we did a server key exchange. */
-    sslBuffer             msgState;    /* current state for handshake messages*/
-                                       /* protected by recvBufLock */
-} SSL3HandshakeState;
-
-struct SSL3FortezzaKEAParamsStr {
-    unsigned char R_s[128];		/* server's "random" public key	*/
-    PK11SymKey *  tek;
-};
-
-typedef struct SSL3FortezzaKEAParamsStr SSL3FortezzaKEAParams;
-
-/*
-** This is the "ssl3" struct, as in "ss->ssl3".
-** note:
-** usually,   crSpec == cwSpec and prSpec == pwSpec.  
-** Sometimes, crSpec == pwSpec and prSpec == cwSpec.
-** But there are never more than 2 actual specs.  
-** No spec must ever be modified if either "current" pointer points to it.
-*/
-struct ssl3StateStr {
-
-    /*
-    ** The following Specs and Spec pointers must be protected using the 
-    ** Spec Lock.
-    */
-    ssl3CipherSpec *     crSpec; 	/* current read spec. */
-    ssl3CipherSpec *     prSpec; 	/* pending read spec. */
-    ssl3CipherSpec *     cwSpec; 	/* current write spec. */
-    ssl3CipherSpec *     pwSpec; 	/* pending write spec. */
-    ssl3CipherSpec       specs[2];	/* one is current, one is pending. */
-
-    SSL3HandshakeState   hs;
-
-    CERTCertificate *    clientCertificate;  /* used by client */
-    SECKEYPrivateKey *   clientPrivateKey;   /* used by client */
-    CERTCertificateList *clientCertChain;    /* used by client */
-    PRBool               sendEmptyCert;      /* used by client */
-
-    int                  policy;
-			/* This says what cipher suites we can do, and should 
-			 * be either SSL_ALLOWED or SSL_RESTRICTED 
-			 */
-    PRArenaPool *        peerCertArena;  
-			    /* These are used to keep track of the peer CA */
-    void *               peerCertChain;     
-			    /* chain while we are trying to validate it.   */
-    CERTDistNames *      ca_list; 
-			    /* used by server.  trusted CAs for this socket. */
-    SSL3FortezzaKEAParams fortezza;
-};
-
-typedef struct {
-    SSL3ContentType      type;
-    SSL3ProtocolVersion  version;
-    sslBuffer *          buf;
-} SSL3Ciphertext;
-
-struct ssl3KeyPairStr {
-    SECKEYPrivateKey *    privKey;		/* RSA step down key */
-    SECKEYPublicKey *     pubKey;		/* RSA step down key */
-    PRInt32               refCount;	/* use PR_Atomic calls for this. */
-};
-
-typedef struct SSLWrappedSymWrappingKeyStr {
-    SSL3Opaque        wrappedSymmetricWrappingkey[512];
-    SSL3Opaque        wrapIV[24];
-    CK_MECHANISM_TYPE symWrapMechanism;  
-		    /* unwrapped symmetric wrapping key uses this mechanism */
-    CK_MECHANISM_TYPE asymWrapMechanism; 
-		    /* mechanism used to wrap the SymmetricWrappingKey using
-		     * server's public and/or private keys. */
-    SSL3KEAType       exchKeyType;   /* type of keys used to wrap SymWrapKey*/
-    PRInt32           symWrapMechIndex;
-    PRUint16          wrappedSymKeyLen;
-    PRUint16          wrapIVLen;
-} SSLWrappedSymWrappingKey;
-
-
-
-
-
-
-
-
-
-
-/*
- * SSL2 buffers used in SSL3.
- *     writeBuf in the SecurityInfo maintained by sslsecur.c is used
- *              to hold the data just about to be passed to the kernel
- *     sendBuf in the ConnectInfo maintained by sslcon.c is used
- *              to hold handshake messages as they are accumulated
- */
-
-/*
-** This is "ci", as in "ss->sec->ci".
-**
-** Protection:  All the variables in here are protected by 
-** firstHandshakeLock AND (in ssl3) ssl3HandshakeLock 
-*/
-struct sslConnectInfoStr {
-    /* outgoing handshakes appended to this. */
-    sslBuffer       sendBuf;	                /*xmitBufLock*/ /* ssl 2 & 3 */
-
-    PRIPv6Addr      peer;                                       /* ssl 2 & 3 */
-    unsigned short  port;                                       /* ssl 2 & 3 */
-
-    sslSessionID   *sid;                                        /* ssl 2 & 3 */
-
-    /* see CIS_HAVE defines below for the bit values in *elements. */
-    char            elements;					/* ssl2 only */
-    char            requiredElements;				/* ssl2 only */
-    char            sentElements;                               /* ssl2 only */
-
-    char            sentFinished;                               /* ssl2 only */
-
-    /* Length of server challenge.  Used by client when saving challenge */
-    int             serverChallengeLen;                         /* ssl2 only */
-    /* type of authentication requested by server */
-    unsigned char   authType;                                   /* ssl2 only */
-
-    /* Challenge sent by client to server in client-hello message */
-    /* SSL3 gets a copy of this.  See ssl3_StartHandshakeHash().  */
-    unsigned char   clientChallenge[SSL_MAX_CHALLENGE_BYTES];   /* ssl 2 & 3 */
-
-    /* Connection-id sent by server to client in server-hello message */
-    unsigned char   connectionID[SSL_CONNECTIONID_BYTES];	/* ssl2 only */
-
-    /* Challenge sent by server to client in request-certificate message */
-    unsigned char   serverChallenge[SSL_MAX_CHALLENGE_BYTES];	/* ssl2 only */
-
-    /* Information kept to handle a request-certificate message */
-    unsigned char   readKey[SSL_MAX_MASTER_KEY_BYTES];		/* ssl2 only */
-    unsigned char   writeKey[SSL_MAX_MASTER_KEY_BYTES];		/* ssl2 only */
-    unsigned        keySize;					/* ssl2 only */
-};
-
-/* bit values for ci->elements, ci->requiredElements, sentElements. */
-#define CIS_HAVE_MASTER_KEY		0x01
-#define CIS_HAVE_CERTIFICATE		0x02
-#define CIS_HAVE_FINISHED		0x04
-#define CIS_HAVE_VERIFY			0x08
-
-/* Note: The entire content of this struct and whatever it points to gets
- * blown away by SSL_ResetHandshake().  This is "sec" as in "ss->sec".
- *
- * Unless otherwise specified below, the contents of this struct are 
- * protected by firstHandshakeLock AND (in ssl3) ssl3HandshakeLock.
- */
-struct sslSecurityInfoStr {
-    sslSendFunc      send;			/*xmitBufLock*/	/* ssl 2 & 3 */
-    int              isServer;			/* Spec Lock?*/	/* ssl 2 & 3 */
-    sslBuffer        writeBuf;			/*xmitBufLock*/	/* ssl 2 & 3 */
-
-    int              cipherType;				/* ssl 2 & 3 */
-    int              keyBits;					/* ssl 2 & 3 */
-    int              secretKeyBits;				/* ssl 2 & 3 */
-    CERTCertificate *localCert;					/* ssl 2 & 3 */
-    CERTCertificate *peerCert;					/* ssl 2 & 3 */
-    SECKEYPublicKey *peerKey;					/* ssl3 only */
-
-    SSLSignType      authAlgorithm;
-    PRUint32         authKeyBits;
-    SSLKEAType       keaType;
-    PRUint32         keaKeyBits;
-
-    /*
-    ** Procs used for SID cache (nonce) management. 
-    ** Different implementations exist for clients/servers 
-    ** The lookup proc is only used for servers.  Baloney!
-    */
-    sslSessionIDCacheFunc     cache;				/* ssl 2 & 3 */
-    sslSessionIDUncacheFunc   uncache;				/* ssl 2 & 3 */
-
-    /*
-    ** everything below here is for ssl2 only.
-    ** This stuff is equivalent to SSL3's "spec", and is protected by the 
-    ** same "Spec Lock" as used for SSL3's specs.
-    */
-    uint32           sendSequence;		/*xmitBufLock*/	/* ssl2 only */
-    uint32           rcvSequence;		/*recvBufLock*/	/* ssl2 only */
-
-    /* Hash information; used for one-way-hash functions (MD2, MD5, etc.) */
-    const SECHashObject   *hash;		/* Spec Lock */ /* ssl2 only */
-    void            *hashcx;			/* Spec Lock */	/* ssl2 only */
-
-    SECItem          sendSecret;		/* Spec Lock */	/* ssl2 only */
-    SECItem          rcvSecret;			/* Spec Lock */	/* ssl2 only */
-
-    /* Session cypher contexts; one for each direction */
-    void            *readcx;			/* Spec Lock */	/* ssl2 only */
-    void            *writecx;			/* Spec Lock */	/* ssl2 only */
-    SSLCipher        enc;			/* Spec Lock */	/* ssl2 only */
-    SSLCipher        dec;			/* Spec Lock */	/* ssl2 only */
-    void           (*destroy)(void *, PRBool);	/* Spec Lock */	/* ssl2 only */
-
-    /* Blocking information for the session cypher */
-    int              blockShift;		/* Spec Lock */	/* ssl2 only */
-    int              blockSize;			/* Spec Lock */	/* ssl2 only */
-
-    /* These are used during a connection handshake */
-    sslConnectInfo   ci;					/* ssl 2 & 3 */
-
-};
-
-
-/*
-** SSL Socket struct
-**
-** Protection:  XXX
-*/
-struct sslSocketStr {
-    PRFileDesc *	fd;
-
-    /* Pointer to operations vector for this socket */
-    const sslSocketOps * ops;
-
-    /* State flags */
-    unsigned int     useSocks		: 1;
-    unsigned int     useSecurity	: 1;
-    unsigned int     requestCertificate	: 1;
-    unsigned int     requireCertificate	: 2;
-    unsigned int     handshakeAsClient	: 1;
-    unsigned int     handshakeAsServer	: 1;
-    unsigned int     enableSSL2		: 1;
-
-    unsigned int     enableSSL3		: 1;
-    unsigned int     enableTLS		: 1;
-    unsigned int     clientAuthRequested: 1;
-    unsigned int     noCache		: 1;
-    unsigned int     fdx		: 1; /* simultaneous R/W threads */
-    unsigned int     v2CompatibleHello	: 1; /* Send v3+ client hello in v2 format */
-    unsigned int     detectRollBack   	: 1; /* Detect rollback to SSL v3 */
-    unsigned int     firstHsDone	: 1; /* first handshake is complete. */
-
-    unsigned int     recvdCloseNotify	: 1; /* received SSL EOF. */
-    unsigned int     lastWriteBlocked   : 1;
-    unsigned int     TCPconnected       : 1;
-    unsigned int     handshakeBegun     : 1;
-    unsigned int     delayDisabled      : 1; /* Nagle delay disabled */
-
-    /* version of the protocol to use */
-    SSL3ProtocolVersion version;
-    SSL3ProtocolVersion clientHelloVersion; /* version sent in client hello. */
-
-    sslSecurityInfo  sec;		/* not a pointer any more */
-
-    /* protected by firstHandshakeLock AND (in ssl3) ssl3HandshakeLock. */
-    const char      *url;				/* ssl 2 & 3 */
-
-    /* Gather object used for gathering data */
-    sslGather        gs;				/*recvBufLock*/
-
-    sslHandshakeFunc handshake;				/*firstHandshakeLock*/
-    sslHandshakeFunc nextHandshake;			/*firstHandshakeLock*/
-    sslHandshakeFunc securityHandshake;			/*firstHandshakeLock*/
-
-    sslBuffer        saveBuf;				/*xmitBufLock*/
-    sslBuffer        pendingBuf;			/*xmitBufLock*/
-
-    /* the following variable is only used with socks or other proxies. */
-    char *           peerID;	/* String uniquely identifies target server. */
-
-    ssl3State *      ssl3;
-    unsigned char *  cipherSpecs;
-    unsigned int     sizeCipherSpecs;
-const unsigned char *  preferredCipher;
-
-    /* Configuration state for server sockets */
-    /* server cert and key for each KEA type */
-    sslServerCerts        serverCerts[kt_kea_size];
-
-    ssl3KeyPair *         stepDownKeyPair;	/* RSA step down keys */
-
-    /* Callbacks */
-    SSLAuthCertificate        authCertificate;
-    void                     *authCertificateArg;
-    SSLGetClientAuthData      getClientAuthData;
-    void                     *getClientAuthDataArg;
-    SSLBadCertHandler         handleBadCert;
-    void                     *badCertArg;
-    SSLHandshakeCallback      handshakeCallback;
-    void                     *handshakeCallbackData;
-    void                     *pkcs11PinArg;
-
-    PRIntervalTime            rTimeout; /* timeout for NSPR I/O */
-    PRIntervalTime            wTimeout; /* timeout for NSPR I/O */
-    PRIntervalTime            cTimeout; /* timeout for NSPR I/O */
-
-    PZLock *      recvLock;	/* lock against multiple reader threads. */
-    PZLock *      sendLock;	/* lock against multiple sender threads. */
-
-    PZMonitor *   recvBufLock;	/* locks low level recv buffers. */
-    PZMonitor *   xmitBufLock;	/* locks low level xmit buffers. */
-
-    /* Only one thread may operate on the socket until the initial handshake
-    ** is complete.  This Monitor ensures that.  Since SSL2 handshake is
-    ** only done once, this is also effectively the SSL2 handshake lock.
-    */
-    PZMonitor *   firstHandshakeLock; 
-
-    /* This monitor protects the ssl3 handshake state machine data.
-    ** Only one thread (reader or writer) may be in the ssl3 handshake state
-    ** machine at any time.  */
-    PZMonitor *   ssl3HandshakeLock;
-
-    /* reader/writer lock, protects the secret data needed to encrypt and MAC
-    ** outgoing records, and to decrypt and MAC check incoming ciphertext 
-    ** records.  */
-    NSSRWLock *   specLock;
-
-    /* handle to perm cert db (and implicitly to the temp cert db) used 
-    ** with this socket. 
-    */
-    CERTCertDBHandle * dbHandle;
-
-    PRThread *  writerThread;   /* thread holds SSL_LOCK_WRITER lock */
-
-    PRUint16	shutdownHow; 	/* See ssl_SHUTDOWN defines below. */
-
-    PRUint16	allowedByPolicy;          /* copy of global policy bits. */
-    PRUint16	maybeAllowedByPolicy;     /* copy of global policy bits. */
-    PRUint16	chosenPreference;         /* SSL2 cipher preferences. */
-
-    sslHandshakingType handshaking;
-
-    ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED];
-
-};
-
-
-
-/* All the global data items declared here should be protected using the 
-** ssl_global_data_lock, which is a reader/writer lock.
-*/
-extern NSSRWLock *             ssl_global_data_lock;
-extern char                    ssl_debug;
-extern char                    ssl_trace;
-extern CERTDistNames *         ssl3_server_ca_list;
-extern PRUint32                ssl_sid_timeout;
-extern PRUint32                ssl3_sid_timeout;
-extern PRBool                  ssl3_global_policy_some_restricted;
-
-extern const char * const      ssl_cipherName[];
-extern const char * const      ssl3_cipherName[];
-
-extern sslSessionIDLookupFunc  ssl_sid_lookup;
-extern sslSessionIDCacheFunc   ssl_sid_cache;
-extern sslSessionIDUncacheFunc ssl_sid_uncache;
-
-/************************************************************************/
-
-SEC_BEGIN_PROTOS
-
-/* Implementation of ops for default (non socks, non secure) case */
-extern int ssl_DefConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_DefAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr);
-extern int ssl_DefListen(sslSocket *ss, int backlog);
-extern int ssl_DefShutdown(sslSocket *ss, int how);
-extern int ssl_DefClose(sslSocket *ss);
-extern int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
-extern int ssl_DefSend(sslSocket *ss, const unsigned char *buf,
-		       int len, int flags);
-extern int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len);
-extern int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name);
-extern int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name);
-extern int ssl_DefGetsockopt(sslSocket *ss, PRSockOption optname,
-			     void *optval, PRInt32 *optlen);
-extern int ssl_DefSetsockopt(sslSocket *ss, PRSockOption optname,
-			     const void *optval, PRInt32 optlen);
-
-/* Implementation of ops for socks only case */
-extern int ssl_SocksConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SocksAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_SocksBind(sslSocket *ss, const PRNetAddr *addr);
-extern int ssl_SocksListen(sslSocket *ss, int backlog);
-extern int ssl_SocksGetsockname(sslSocket *ss, PRNetAddr *name);
-extern int ssl_SocksRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
-extern int ssl_SocksSend(sslSocket *ss, const unsigned char *buf,
-			 int len, int flags);
-extern int ssl_SocksRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_SocksWrite(sslSocket *ss, const unsigned char *buf, int len);
-
-/* Implementation of ops for secure only case */
-extern int ssl_SecureConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SecureAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_SecureRecv(sslSocket *ss, unsigned char *buf,
-			  int len, int flags);
-extern int ssl_SecureSend(sslSocket *ss, const unsigned char *buf,
-			  int len, int flags);
-extern int ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len);
-extern int ssl_SecureShutdown(sslSocket *ss, int how);
-extern int ssl_SecureClose(sslSocket *ss);
-
-/* Implementation of ops for secure socks case */
-extern int ssl_SecureSocksConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SecureSocksAccept(sslSocket *ss, PRNetAddr *addr);
-extern PRFileDesc *ssl_FindTop(sslSocket *ss);
-
-/* Gather funcs. */
-extern sslGather * ssl_NewGather(void);
-extern SECStatus   ssl_InitGather(sslGather *gs);
-extern void        ssl_DestroyGather(sslGather *gs);
-extern int         ssl2_GatherData(sslSocket *ss, sslGather *gs, int flags);
-extern int         ssl2_GatherRecord(sslSocket *ss, int flags);
-extern SECStatus   ssl_GatherRecord1stHandshake(sslSocket *ss);
-
-extern SECStatus   ssl2_HandleClientHelloMessage(sslSocket *ss);
-extern SECStatus   ssl2_HandleServerHelloMessage(sslSocket *ss);
-extern int         ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs, 
-                                         unsigned int count);
-
-extern SECStatus   ssl_CreateSecurityInfo(sslSocket *ss);
-extern SECStatus   ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os);
-extern void        ssl_ResetSecurityInfo(sslSecurityInfo *sec);
-extern void        ssl_DestroySecurityInfo(sslSecurityInfo *sec);
-
-extern sslSocket * ssl_DupSocket(sslSocket *old);
-
-extern void        ssl_PrintBuf(sslSocket *ss, const char *msg, const void *cp, int len);
-extern void        ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len);
-
-extern int         ssl_SendSavedWriteData(sslSocket *ss, sslBuffer *buf,
-				          sslSendFunc fp);
-extern SECStatus ssl_SaveWriteData(sslSocket *ss, sslBuffer *buf, 
-                                   const void* p, unsigned int l);
-extern SECStatus ssl2_BeginClientHandshake(sslSocket *ss);
-extern SECStatus ssl2_BeginServerHandshake(sslSocket *ss);
-extern int       ssl_Do1stHandshake(sslSocket *ss);
-
-extern SECStatus sslBuffer_Grow(sslBuffer *b, unsigned int newLen);
-
-extern void      ssl2_UseClearSendFunc(sslSocket *ss);
-extern void      ssl_ChooseSessionIDProcs(sslSecurityInfo *sec);
-
-extern sslSessionID *ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, 
-                                   const char *peerID, const char *urlSvrName);
-extern void      ssl_FreeSID(sslSessionID *sid);
-
-extern int       ssl3_SendApplicationData(sslSocket *ss, const PRUint8 *in,
-				          int len, int flags);
-
-extern PRBool    ssl_FdIsBlocking(PRFileDesc *fd);
-
-extern PRBool    ssl_SocketIsBlocking(sslSocket *ss);
-
-extern void      ssl_SetAlwaysBlock(sslSocket *ss);
-
-extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
-
-#define SSL_LOCK_READER(ss)		if (ss->recvLock) PZ_Lock(ss->recvLock)
-#define SSL_UNLOCK_READER(ss)	if (ss->recvLock) PZ_Unlock(ss->recvLock)
-#define SSL_LOCK_WRITER(ss)		if (ss->sendLock) PZ_Lock(ss->sendLock)
-#define SSL_UNLOCK_WRITER(ss)	if (ss->sendLock) PZ_Unlock(ss->sendLock)
-
-#define ssl_Get1stHandshakeLock(ss)    PZ_EnterMonitor((ss)->firstHandshakeLock)
-#define ssl_Release1stHandshakeLock(ss) PZ_ExitMonitor((ss)->firstHandshakeLock)
-#define ssl_Have1stHandshakeLock(ss)	PZ_InMonitor(  (ss)->firstHandshakeLock)
-
-#define ssl_GetSSL3HandshakeLock(ss)	PZ_EnterMonitor((ss)->ssl3HandshakeLock)
-#define ssl_ReleaseSSL3HandshakeLock(ss) PZ_ExitMonitor((ss)->ssl3HandshakeLock)
-#define ssl_HaveSSL3HandshakeLock(ss)	PZ_InMonitor(   (ss)->ssl3HandshakeLock)
-
-#define ssl_GetSpecReadLock(ss)		NSSRWLock_LockRead(     (ss)->specLock)
-#define ssl_ReleaseSpecReadLock(ss)	NSSRWLock_UnlockRead(   (ss)->specLock)
-
-#define ssl_GetSpecWriteLock(ss)	NSSRWLock_LockWrite(  (ss)->specLock)
-#define ssl_ReleaseSpecWriteLock(ss)	NSSRWLock_UnlockWrite((ss)->specLock)
-#define ssl_HaveSpecWriteLock(ss)	NSSRWLock_HaveWriteLock((ss)->specLock)
-
-#define ssl_GetRecvBufLock(ss)		PZ_EnterMonitor((ss)->recvBufLock)
-#define ssl_ReleaseRecvBufLock(ss)	PZ_ExitMonitor( (ss)->recvBufLock)
-#define ssl_HaveRecvBufLock(ss)		PZ_InMonitor(   (ss)->recvBufLock)
-
-#define ssl_GetXmitBufLock(ss)		PZ_EnterMonitor((ss)->xmitBufLock)
-#define ssl_ReleaseXmitBufLock(ss)	PZ_ExitMonitor( (ss)->xmitBufLock)
-#define ssl_HaveXmitBufLock(ss)		PZ_InMonitor(   (ss)->xmitBufLock)
-
-
-/* These functions are called from secnav, even though they're "private". */
-
-extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error);
-extern int SSL_RestartHandshakeAfterServerCert(struct sslSocketStr *ss);
-extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss,
-					    CERTCertificate *cert,
-					    SECKEYPrivateKey *key,
-					    CERTCertificateList *certChain);
-extern sslSocket *ssl_FindSocket(PRFileDesc *fd);
-extern void ssl_FreeSocket(struct sslSocketStr *ssl);
-extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level,
-				SSL3AlertDescription desc);
-
-extern int ssl2_RestartHandshakeAfterCertReq(sslSocket *          ss,
-					     CERTCertificate *    cert, 
-					     SECKEYPrivateKey *   key);
-
-extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket *    ss,
-					     CERTCertificate *    cert, 
-					     SECKEYPrivateKey *   key,
-					     CERTCertificateList *certChain);
-
-extern int ssl2_RestartHandshakeAfterServerCert(sslSocket *ss);
-extern int ssl3_RestartHandshakeAfterServerCert(sslSocket *ss);
-
-/*
- * for dealing with SSL 3.0 clients sending SSL 2.0 format hellos
- */
-extern SECStatus ssl3_HandleV2ClientHello(
-    sslSocket *ss, unsigned char *buffer, int length);
-extern SECStatus ssl3_StartHandshakeHash(
-    sslSocket *ss, unsigned char *buf, int length);
-
-/*
- * SSL3 specific routines
- */
-SECStatus ssl3_SendClientHello(sslSocket *ss);
-
-/*
- * input into the SSL3 machinery from the actualy network reading code
- */
-SECStatus ssl3_HandleRecord(
-    sslSocket *ss, SSL3Ciphertext *cipher, sslBuffer *out);
-
-int ssl3_GatherAppDataRecord(sslSocket *ss, int flags);
-int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags);
-/*
- * When talking to export clients or using export cipher suites, servers 
- * with public RSA keys larger than 512 bits need to use a 512-bit public
- * key, signed by the larger key.  The smaller key is a "step down" key.
- * Generate that key pair and keep it around.
- */
-extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss);
-
-extern SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool on);
-extern SECStatus ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *on);
-extern SECStatus ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled);
-extern SECStatus ssl2_CipherPrefGetDefault(PRInt32 which, PRBool *enabled);
-
-extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool on);
-extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *on);
-extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled);
-extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled);
-
-extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy);
-extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy);
-extern SECStatus ssl2_SetPolicy(PRInt32 which, PRInt32 policy);
-extern SECStatus ssl2_GetPolicy(PRInt32 which, PRInt32 *policy);
-
-extern void      ssl2_InitSocketPolicy(sslSocket *ss);
-extern void      ssl3_InitSocketPolicy(sslSocket *ss);
-
-extern SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss,
-						 unsigned char *cs, int *size);
-
-extern SECStatus ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache);
-
-extern void ssl3_DestroySSL3Info(ssl3State *ssl3);
-
-extern SECStatus ssl3_NegotiateVersion(sslSocket *ss, 
-                                       SSL3ProtocolVersion peerVersion);
-
-extern SECStatus ssl_GetPeerInfo(sslSocket *ss);
-
-/* Construct a new NSPR socket for the app to use */
-extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd);
-extern void ssl_FreePRSocket(PRFileDesc *fd);
-
-/* Internal config function so SSL2 can initialize the present state of 
- * various ciphers */
-extern int ssl3_config_match_init(sslSocket *);
-
-
-/* Create a new ref counted key pair object from two keys. */
-extern ssl3KeyPair * ssl3_NewKeyPair( SECKEYPrivateKey * privKey, 
-                                      SECKEYPublicKey * pubKey);
-
-/* get a new reference (bump ref count) to an ssl3KeyPair. */
-extern ssl3KeyPair * ssl3_GetKeyPairRef(ssl3KeyPair * keyPair);
-
-/* Decrement keypair's ref count and free if zero. */
-extern void ssl3_FreeKeyPair(ssl3KeyPair * keyPair);
-
-/* calls for accessing wrapping keys across processes. */
-extern PRBool
-ssl_GetWrappingKey( PRInt32                   symWrapMechIndex,
-                    SSL3KEAType               exchKeyType, 
-		    SSLWrappedSymWrappingKey *wswk);
-
-/* The caller passes in the new value it wants
- * to set.  This code tests the wrapped sym key entry in the file on disk.  
- * If it is uninitialized, this function writes the caller's value into 
- * the disk entry, and returns false.  
- * Otherwise, it overwrites the caller's wswk with the value obtained from 
- * the disk, and returns PR_TRUE.  
- * This is all done while holding the locks/semaphores necessary to make 
- * the operation atomic.
- */
-extern PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk);
-
-/********************** misc calls *********************/
-
-extern int ssl_MapLowLevelError(int hiLevelError);
-
-extern PRUint32 ssl_Time(void);
-
-/* emulation of NSPR routines. */
-extern PRInt32 
-ssl_EmulateAcceptRead(	PRFileDesc *   sd, 
-			PRFileDesc **  nd,
-			PRNetAddr **   raddr, 
-			void *         buf, 
-			PRInt32        amount, 
-			PRIntervalTime timeout);
-extern PRInt32 
-ssl_EmulateTransmitFile(    PRFileDesc *        sd, 
-			    PRFileDesc *        fd,
-			    const void *        headers, 
-			    PRInt32             hlen, 
-			    PRTransmitFileFlags flags,
-			    PRIntervalTime      timeout);
-extern PRInt32 
-ssl_EmulateSendFile( PRFileDesc *        sd, 
-		     PRSendFileData *    sfd,
-                     PRTransmitFileFlags flags, 
-		     PRIntervalTime      timeout);
-
-#ifdef TRACE
-#define SSL_TRACE(msg) ssl_Trace msg
-#else
-#define SSL_TRACE(msg)
-#endif
-
-void ssl_Trace(const char *format, ...);
-
-SEC_END_PROTOS
-
-#ifdef XP_OS2_VACPP
-#include <process.h>
-#endif
-
-#if defined(XP_UNIX) || defined(XP_OS2) || defined(XP_BEOS)
-#define SSL_GETPID getpid
-#elif defined(_WIN32_WCE)
-#define SSL_GETPID GetCurrentProcessId
-#elif defined(WIN32)
-extern int __cdecl _getpid(void);
-#define SSL_GETPID _getpid
-#else
-#define SSL_GETPID() 0
-#endif
-
-#endif /* __sslimpl_h_ */
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
deleted file mode 100644
index 98b4f21d2..000000000
--- a/security/nss/lib/ssl/sslinfo.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All 
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-
-SECStatus 
-SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
-{
-    sslSocket *      ss;
-    SSLChannelInfo   inf;
-    sslSessionID *   sid;
-
-    if (!info || len < sizeof inf.length) { 
-    	return SECSuccess;
-    }
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo",
-		 SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    memset(&inf, 0, sizeof inf);
-    inf.length = PR_MIN(sizeof inf, len);
-
-    if (ss->useSecurity && ss->firstHsDone) {
-        sid = ss->sec.ci.sid;
-	inf.protocolVersion  = ss->version;
-	inf.authKeyBits      = ss->sec.authKeyBits;
-	inf.keaKeyBits       = ss->sec.keaKeyBits;
-	if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */
-	    inf.cipherSuite      = ss->sec.cipherType | 0xff00;
-	} else if (ss->ssl3) { 		/* SSL3 and TLS */
-
-	    /* XXX  These should come from crSpec */
-	    inf.cipherSuite      = ss->ssl3->hs.cipher_suite;
-#if 0
-	    /* misc */
-	    inf.isFIPS =  (inf.symCipher == ssl_calg_des   || inf.symCipher == ssl_calg_3des)
-		       && (inf.macAlgorithm == ssl_mac_sha || inf.macAlgorithm == ssl_hmac_sha)
-		       && (inf.protocolVersion > SSL_LIBRARY_VERSION_3_0 ||
-		           inf.cipherSuite >= 0xfef0);
-#endif
-	}
-	if (sid) {
-	    inf.creationTime   = sid->creationTime;
-	    inf.lastAccessTime = sid->lastAccessTime;
-	    inf.expirationTime = sid->expirationTime;
-	    if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */
-	        inf.sessionIDLength = SSL2_SESSIONID_BYTES;
-		memcpy(inf.sessionID, sid->u.ssl2.sessionID, SSL2_SESSIONID_BYTES);
-	    } else {
-		unsigned int sidLen = sid->u.ssl3.sessionIDLength;
-	        sidLen = PR_MIN(sidLen, sizeof inf.sessionID);
-	        inf.sessionIDLength = sidLen;
-		memcpy(inf.sessionID, sid->u.ssl3.sessionID, sidLen);
-	    }
-	}
-    }
-
-    memcpy(info, &inf, inf.length);
-
-    return SECSuccess;
-}
-
-#define kt_kea kt_fortezza
-#define calg_sj calg_fortezza
-
-#define CS(x) x, #x
-#define CK(x) x | 0xff00, #x
-
-#define S_DSA   "DSA", ssl_auth_dsa
-#define S_RSA	"RSA", ssl_auth_rsa
-#define S_KEA   "KEA", ssl_auth_kea
-
-#define K_DHE	"DHE", kt_dh
-#define K_RSA	"RSA", kt_rsa
-#define K_KEA	"KEA", kt_kea
-
-#define C_AES	"AES", calg_aes
-#define C_RC4	"RC4", calg_rc4
-#define C_RC2	"RC2", calg_rc2
-#define C_DES	"DES", calg_des
-#define C_3DES	"3DES", calg_3des
-#define C_NULL  "NULL", calg_null
-#define C_SJ 	"SKIPJACK", calg_sj
-
-#define B_256	256, 256, 256
-#define B_128	128, 128, 128
-#define B_3DES  192, 156, 112
-#define B_SJ     96,  80,  80
-#define B_DES    64,  56,  56
-#define B_56    128,  56,  56
-#define B_40    128,  40,  40
-#define B_0  	  0,   0,   0
-
-#define M_SHA	"SHA1", ssl_mac_sha, 160
-#define M_MD5	"MD5",  ssl_mac_md5, 128
-
-static const SSLCipherSuiteInfo suiteInfo[] = {
-/* <------ Cipher suite --------------------> <auth> <KEA>  <bulk cipher> <MAC> <FIPS> */
-{0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA),      S_RSA, K_DHE, C_AES, B_256, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_DSS_WITH_AES_256_CBC_SHA),      S_DSA, K_DHE, C_AES, B_256, M_SHA, 0, 0, 0, },
-{0,CS(TLS_RSA_WITH_AES_256_CBC_SHA),          S_RSA, K_RSA, C_AES, B_256, M_SHA, 0, 0, 0, },
-
-{0,CS(SSL_FORTEZZA_DMS_WITH_RC4_128_SHA),     S_KEA, K_KEA, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_DSS_WITH_RC4_128_SHA),          S_DSA, K_DHE, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA),      S_RSA, K_DHE, C_AES, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA),      S_DSA, K_DHE, C_AES, B_128, M_SHA, 0, 0, 0, },
-{0,CS(SSL_RSA_WITH_RC4_128_MD5),              S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, 0, 0, },
-{0,CS(SSL_RSA_WITH_RC4_128_SHA),              S_RSA, K_RSA, C_RC4, B_128, M_SHA, 0, 0, 0, },
-{0,CS(TLS_RSA_WITH_AES_128_CBC_SHA),          S_RSA, K_RSA, C_AES, B_128, M_SHA, 0, 0, 0, },
-
-{0,CS(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA),     S_RSA, K_DHE, C_3DES,B_3DES,M_SHA, 0, 0, 0, },
-{0,CS(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA),     S_DSA, K_DHE, C_3DES,B_3DES,M_SHA, 0, 0, 0, },
-{0,CS(SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA),    S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, 0, 1, },
-{0,CS(SSL_RSA_WITH_3DES_EDE_CBC_SHA),         S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, 0, 0, },
-
-{0,CS(SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),S_KEA, K_KEA, C_SJ,  B_SJ,  M_SHA, 1, 0, 0, },
-{0,CS(SSL_DHE_RSA_WITH_DES_CBC_SHA),          S_RSA, K_DHE, C_DES, B_DES, M_SHA, 0, 0, 0, },
-{0,CS(SSL_DHE_DSS_WITH_DES_CBC_SHA),          S_DSA, K_DHE, C_DES, B_DES, M_SHA, 0, 0, 0, },
-{0,CS(SSL_RSA_FIPS_WITH_DES_CBC_SHA),         S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, 0, 1, },
-{0,CS(SSL_RSA_WITH_DES_CBC_SHA),              S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, 0, 0, },
-
-{0,CS(TLS_RSA_EXPORT1024_WITH_RC4_56_SHA),    S_RSA, K_RSA, C_RC4, B_56,  M_SHA, 0, 1, 0, },
-{0,CS(TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA),   S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, 1, 0, },
-{0,CS(SSL_RSA_EXPORT_WITH_RC4_40_MD5),        S_RSA, K_RSA, C_RC4, B_40,  M_MD5, 0, 1, 0, },
-{0,CS(SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5),    S_RSA, K_RSA, C_RC2, B_40,  M_MD5, 0, 1, 0, },
-{0,CS(SSL_FORTEZZA_DMS_WITH_NULL_SHA),        S_KEA, K_KEA, C_NULL,B_0,   M_SHA, 0, 1, 0, },
-{0,CS(SSL_RSA_WITH_NULL_MD5),                 S_RSA, K_RSA, C_NULL,B_0,   M_MD5, 0, 1, 0, },
-
-/* SSL 2 table */
-{0,CK(SSL_CK_RC4_128_WITH_MD5),               S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_RC2_128_CBC_WITH_MD5),           S_RSA, K_RSA, C_RC2, B_128, M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_DES_192_EDE3_CBC_WITH_MD5),      S_RSA, K_RSA, C_3DES,B_3DES,M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_DES_64_CBC_WITH_MD5),            S_RSA, K_RSA, C_DES, B_DES, M_MD5, 0, 0, 0, },
-{0,CK(SSL_CK_RC4_128_EXPORT40_WITH_MD5),      S_RSA, K_RSA, C_RC4, B_40,  M_MD5, 0, 1, 0, },
-{0,CK(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5),  S_RSA, K_RSA, C_RC2, B_40,  M_MD5, 0, 1, 0, }
-};
-
-#define NUM_SUITEINFOS ((sizeof suiteInfo) / (sizeof suiteInfo[0]))
-
-
-SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite, 
-                                 SSLCipherSuiteInfo *info, PRUintn len)
-{
-    unsigned int i;
-
-    len = PR_MIN(len, sizeof suiteInfo[0]);
-    if (!info || len < sizeof suiteInfo[0].length) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-    	return SECFailure;
-    }
-    for (i = 0; i < NUM_SUITEINFOS; i++) {
-    	if (suiteInfo[i].cipherSuite == cipherSuite) {
-	    memcpy(info, &suiteInfo[i], len);
-	    info->length = len;
-	    return SECSuccess;
-	}
-    }
-    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-    return SECFailure;
-}
diff --git a/security/nss/lib/ssl/sslmutex.c b/security/nss/lib/ssl/sslmutex.c
deleted file mode 100644
index 85d6e88c2..000000000
--- a/security/nss/lib/ssl/sslmutex.c
+++ /dev/null
@@ -1,662 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-/* This ifdef should match the one in sslsnce.c */
-#if (defined(XP_UNIX) || defined(XP_WIN32) || defined (XP_OS2) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-
-#include "sslmutex.h"
-#include "prerr.h"
-
-static SECStatus single_process_sslMutex_Init(sslMutex* pMutex)
-{
-    PR_ASSERT(pMutex != 0 && pMutex->u.sslLock == 0 );
-    
-    pMutex->u.sslLock = PR_NewLock();
-    if (!pMutex->u.sslLock) {
-        return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Destroy(sslMutex* pMutex)
-{
-    PR_ASSERT(pMutex != 0);
-    PR_ASSERT(pMutex->u.sslLock!= 0);
-    if (!pMutex->u.sslLock) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;
-    }
-    PR_DestroyLock(pMutex->u.sslLock);
-    return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Unlock(sslMutex* pMutex)
-{
-    PR_ASSERT(pMutex != 0 );
-    PR_ASSERT(pMutex->u.sslLock !=0);
-    if (!pMutex->u.sslLock) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;
-    }
-    PR_Unlock(pMutex->u.sslLock);
-    return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Lock(sslMutex* pMutex)
-{
-    PR_ASSERT(pMutex != 0);
-    PR_ASSERT(pMutex->u.sslLock != 0 );
-    if (!pMutex->u.sslLock) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;
-    }
-    PR_Lock(pMutex->u.sslLock);
-    return SECSuccess;
-}
-
-#if defined(LINUX) || defined(AIX) || defined(VMS) || defined(BEOS) || defined(BSDI) || defined(NETBSD) || defined(OPENBSD)
-
-#include <unistd.h>
-#include <fcntl.h>
-#include <string.h>
-#include <errno.h>
-#include "unix_err.h"
-#include "pratom.h"
-
-#define SSL_MUTEX_MAGIC 0xfeedfd
-#define NONBLOCKING_POSTS 1	/* maybe this is faster */
-
-#if NONBLOCKING_POSTS
-
-#ifndef FNONBLOCK
-#define FNONBLOCK O_NONBLOCK
-#endif
-
-static int
-setNonBlocking(int fd, int nonBlocking)
-{
-    int flags;
-    int err;
-
-    flags = fcntl(fd, F_GETFL, 0);
-    if (0 > flags)
-	return flags;
-    if (nonBlocking)
-	flags |= FNONBLOCK;
-    else
-	flags &= ~FNONBLOCK;
-    err = fcntl(fd, F_SETFL, flags);
-    return err;
-}
-#endif
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
-    int  err;
-    PR_ASSERT(pMutex);
-    pMutex->isMultiProcess = (PRBool)(shared != 0);
-    if (!shared) {
-        return single_process_sslMutex_Init(pMutex);
-    }
-    pMutex->u.pipeStr.mPipes[0] = -1;
-    pMutex->u.pipeStr.mPipes[1] = -1;
-    pMutex->u.pipeStr.mPipes[2] = -1;
-    pMutex->u.pipeStr.nWaiters  =  0;
-
-    err = pipe(pMutex->u.pipeStr.mPipes);
-    if (err) {
-	return err;
-    }
-    /* close-on-exec is false by default */
-    if (!shared) {
-	err = fcntl(pMutex->u.pipeStr.mPipes[0], F_SETFD, FD_CLOEXEC);
-	if (err) 
-	    goto loser;
-
-	err = fcntl(pMutex->u.pipeStr.mPipes[1], F_SETFD, FD_CLOEXEC);
-	if (err) 
-	    goto loser;
-    }
-
-#if NONBLOCKING_POSTS
-    err = setNonBlocking(pMutex->u.pipeStr.mPipes[1], 1);
-    if (err)
-	goto loser;
-#endif
-
-    pMutex->u.pipeStr.mPipes[2] = SSL_MUTEX_MAGIC;
-
-#if defined(LINUX) && defined(i386)
-    /* Pipe starts out empty */
-    return SECSuccess;
-#else
-    /* Pipe starts with one byte. */
-    return sslMutex_Unlock(pMutex);
-#endif
-
-loser:
-    nss_MD_unix_map_default_error(errno);
-    close(pMutex->u.pipeStr.mPipes[0]);
-    close(pMutex->u.pipeStr.mPipes[1]);
-    return SECFailure;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Destroy(pMutex);
-    }
-    if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return SECFailure;
-    }
-    close(pMutex->u.pipeStr.mPipes[0]);
-    close(pMutex->u.pipeStr.mPipes[1]);
-
-    pMutex->u.pipeStr.mPipes[0] = -1;
-    pMutex->u.pipeStr.mPipes[1] = -1;
-    pMutex->u.pipeStr.mPipes[2] = -1;
-    pMutex->u.pipeStr.nWaiters  =  0;
-
-    return SECSuccess;
-}
-
-#if defined(LINUX) && defined(i386)
-/* No memory barrier needed for this platform */
-
-SECStatus 
-sslMutex_Unlock(sslMutex *pMutex)
-{
-    PRInt32 oldValue;
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Unlock(pMutex);
-    }
-
-    if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return SECFailure;
-    }
-    /* Do Memory Barrier here. */
-    oldValue = PR_AtomicDecrement(&pMutex->u.pipeStr.nWaiters);
-    if (oldValue > 1) {
-	int  cc;
-	char c  = 1;
-	do {
-	    cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
-	} while (cc < 0 && (errno == EINTR || errno == EAGAIN));
-	if (cc != 1) {
-	    if (cc < 0)
-		nss_MD_unix_map_default_error(errno);
-	    else
-		PORT_SetError(PR_UNKNOWN_ERROR);
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-sslMutex_Lock(sslMutex *pMutex)
-{
-    PRInt32 oldValue;
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Lock(pMutex);
-    }
-
-    if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return SECFailure;
-    }
-    oldValue = PR_AtomicDecrement(&pMutex->u.pipeStr.nWaiters);
-    /* Do Memory Barrier here. */
-    if (oldValue > 0) {
-	int   cc;
-	char  c;
-	do {
-	    cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
-	} while (cc < 0 && errno == EINTR);
-	if (cc != 1) {
-	    if (cc < 0)
-		nss_MD_unix_map_default_error(errno);
-	    else
-		PORT_SetError(PR_UNKNOWN_ERROR);
-	    return SECFailure;
-	}
-    }
-    return SECSuccess;
-}
-
-#else
-
-/* Using Atomic operations requires the use of a memory barrier instruction 
-** on PowerPC, Sparc, and Alpha.  NSPR's PR_Atomic functions do not perform
-** them, and NSPR does not provide a function that does them (e.g. PR_Barrier).
-** So, we don't use them on those platforms. 
-*/
-
-SECStatus 
-sslMutex_Unlock(sslMutex *pMutex)
-{
-    int  cc;
-    char c  = 1;
-
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Unlock(pMutex);
-    }
-
-    if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return SECFailure;
-    }
-    do {
-	cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
-    } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
-    if (cc != 1) {
-	if (cc < 0)
-	    nss_MD_unix_map_default_error(errno);
-	else
-	    PORT_SetError(PR_UNKNOWN_ERROR);
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-SECStatus 
-sslMutex_Lock(sslMutex *pMutex)
-{
-    int   cc;
-    char  c;
-
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Lock(pMutex);
-    }
- 
-    if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return SECFailure;
-    }
-
-    do {
-	cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
-    } while (cc < 0 && errno == EINTR);
-    if (cc != 1) {
-	if (cc < 0)
-	    nss_MD_unix_map_default_error(errno);
-	else
-	    PORT_SetError(PR_UNKNOWN_ERROR);
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-#endif
-
-#elif defined(WIN32)
-
-#include "win32err.h"
-
-/* on Windows, we need to find the optimal type of locking mechanism to use
- for the sslMutex.
-
- There are 3 cases :
- 1) single-process, use a PRLock, as for all other platforms
- 2) Win95 multi-process, use a Win32 mutex
- 3) on WINNT multi-process, use a PRLock + a Win32 mutex
-
-*/
-
-#ifdef WINNT
-
-SECStatus sslMutex_2LevelInit(sslMutex *sem)
-{
-    /*  the following adds a PRLock to sslMutex . This is done in each
-        process of a multi-process server and is only needed on WINNT, if
-        using fibers. We can't tell if native threads or fibers are used, so
-        we always do it on WINNT
-    */
-    PR_ASSERT(sem);
-    if (sem) {
-        /* we need to reset the sslLock in the children or the single_process init
-           function below will assert */
-        sem->u.sslLock = NULL;
-    }
-    return single_process_sslMutex_Init(sem);
-}
-
-static SECStatus sslMutex_2LevelDestroy(sslMutex *sem)
-{
-    return single_process_sslMutex_Destroy(sem);
-}
-
-#endif
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
-    SECStatus retvalue;
-    HANDLE hMutex;
-    SECURITY_ATTRIBUTES attributes =
-                                { sizeof(SECURITY_ATTRIBUTES), NULL, TRUE };
-
-    PR_ASSERT(pMutex != 0 && (pMutex->u.sslMutx == 0 || 
-              pMutex->u.sslMutx == INVALID_HANDLE_VALUE) );
-    
-    pMutex->isMultiProcess = (PRBool)(shared != 0);
-    
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Init(pMutex);
-    }
-    
-#ifdef WINNT
-    /*  we need a lock on WINNT for fibers in the parent process */
-    retvalue = sslMutex_2LevelInit(pMutex);
-    if (SECSuccess != retvalue)
-        return SECFailure;
-#endif
-    
-    if (!pMutex || ((hMutex = pMutex->u.sslMutx) != 0 && 
-        hMutex != INVALID_HANDLE_VALUE)) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;
-    }
-    attributes.bInheritHandle = (shared ? TRUE : FALSE);
-    hMutex = CreateMutex(&attributes, FALSE, NULL);
-    if (hMutex == NULL) {
-        hMutex = INVALID_HANDLE_VALUE;
-        nss_MD_win32_map_default_error(GetLastError());
-        return SECFailure;
-    }
-    pMutex->u.sslMutx = hMutex;
-    return SECSuccess;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
-    HANDLE hMutex;
-    int    rv;
-    int retvalue = SECSuccess;
-
-    PR_ASSERT(pMutex != 0);
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Destroy(pMutex);
-    }
-
-    /*  multi-process mode */    
-#ifdef WINNT
-    /* on NT, get rid of the PRLock used for fibers within a process */
-    retvalue = sslMutex_2LevelDestroy(pMutex);
-#endif
-    
-    PR_ASSERT( pMutex->u.sslMutx != 0 && 
-               pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
-    if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 
-        || hMutex == INVALID_HANDLE_VALUE) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;
-    }
-    
-    rv = CloseHandle(hMutex); /* ignore error */
-    if (rv) {
-        pMutex->u.sslMutx = hMutex = INVALID_HANDLE_VALUE;
-    } else {
-        nss_MD_win32_map_default_error(GetLastError());
-        retvalue = SECFailure;
-    }
-    return retvalue;
-}
-
-int 
-sslMutex_Unlock(sslMutex *pMutex)
-{
-    BOOL   success = FALSE;
-    HANDLE hMutex;
-
-    PR_ASSERT(pMutex != 0 );
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Unlock(pMutex);
-    }
-    
-    PR_ASSERT(pMutex->u.sslMutx != 0 && 
-              pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
-    if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 ||
-        hMutex == INVALID_HANDLE_VALUE) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;
-    }
-    success = ReleaseMutex(hMutex);
-    if (!success) {
-        nss_MD_win32_map_default_error(GetLastError());
-        return SECFailure;
-    }
-#ifdef WINNT
-    return single_process_sslMutex_Unlock(pMutex);
-    /* release PRLock for other fibers in the process */
-#else
-    return SECSuccess;
-#endif
-}
-
-int 
-sslMutex_Lock(sslMutex *pMutex)
-{
-    HANDLE    hMutex;
-    DWORD     event;
-    DWORD     lastError;
-    SECStatus rv;
-    SECStatus retvalue = SECSuccess;
-    PR_ASSERT(pMutex != 0);
-
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Lock(pMutex);
-    }
-#ifdef WINNT
-    /* lock first to preserve from other threads/fibers
-       in the same process */
-    retvalue = single_process_sslMutex_Lock(pMutex);
-#endif
-    PR_ASSERT(pMutex->u.sslMutx != 0 && 
-              pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
-    if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 || 
-        hMutex == INVALID_HANDLE_VALUE) {
-        PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-        return SECFailure;      /* what else ? */
-    }
-    /* acquire the mutex to be the only owner accross all other processes */
-    event = WaitForSingleObject(hMutex, INFINITE);
-    switch (event) {
-    case WAIT_OBJECT_0:
-    case WAIT_ABANDONED:
-        rv = SECSuccess;
-        break;
-
-    case WAIT_TIMEOUT:
-#if defined(WAIT_IO_COMPLETION)
-    case WAIT_IO_COMPLETION:
-#endif
-    default:            /* should never happen. nothing we can do. */
-        PR_ASSERT(!("WaitForSingleObject returned invalid value."));
-	PORT_SetError(PR_UNKNOWN_ERROR);
-	rv = SECFailure;
-	break;
-
-    case WAIT_FAILED:           /* failure returns this */
-        rv = SECFailure;
-        lastError = GetLastError();     /* for debugging */
-        nss_MD_win32_map_default_error(lastError);
-        break;
-    }
-
-    if (! (SECSuccess == retvalue && SECSuccess == rv)) {
-        return SECFailure;
-    }
-    
-    return SECSuccess;
-}
-
-#elif defined(XP_UNIX)
-
-#include <errno.h>
-#include "unix_err.h"
-
-SECStatus 
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
-    int rv;
-    PR_ASSERT(pMutex);
-    pMutex->isMultiProcess = (PRBool)(shared != 0);
-    if (!shared) {
-        return single_process_sslMutex_Init(pMutex);
-    }
-    do {
-        rv = sem_init(&pMutex->u.sem, shared, 1);
-    } while (rv < 0 && errno == EINTR);
-    if (rv < 0) {
-        nss_MD_unix_map_default_error(errno);
-        return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-sslMutex_Destroy(sslMutex *pMutex)
-{
-    int rv;
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Destroy(pMutex);
-    }
-    do {
-	rv = sem_destroy(&pMutex->u.sem);
-    } while (rv < 0 && errno == EINTR);
-    if (rv < 0) {
-	nss_MD_unix_map_default_error(errno);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-sslMutex_Unlock(sslMutex *pMutex)
-{
-    int rv;
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Unlock(pMutex);
-    }
-    do {
-	rv = sem_post(&pMutex->u.sem);
-    } while (rv < 0 && errno == EINTR);
-    if (rv < 0) {
-	nss_MD_unix_map_default_error(errno);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-SECStatus 
-sslMutex_Lock(sslMutex *pMutex)
-{
-    int rv;
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Lock(pMutex);
-    }
-    do {
-	rv = sem_wait(&pMutex->u.sem);
-    } while (rv < 0 && errno == EINTR);
-    if (rv < 0) {
-	nss_MD_unix_map_default_error(errno);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-#else
-
-SECStatus 
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
-    PR_ASSERT(pMutex);
-    pMutex->isMultiProcess = (PRBool)(shared != 0);
-    if (!shared) {
-        return single_process_sslMutex_Init(pMutex);
-    }
-    PORT_Assert(!("sslMutex_Init not implemented for multi-process applications !"));
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return SECFailure;
-}
-
-SECStatus 
-sslMutex_Destroy(sslMutex *pMutex)
-{
-    PR_ASSERT(pMutex);
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Destroy(pMutex);
-    }
-    PORT_Assert(!("sslMutex_Destroy not implemented for multi-process applications !"));
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return SECFailure;
-}
-
-SECStatus 
-sslMutex_Unlock(sslMutex *pMutex)
-{
-    PR_ASSERT(pMutex);
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Unlock(pMutex);
-    }
-    PORT_Assert(!("sslMutex_Unlock not implemented for multi-process applications !"));
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return SECFailure;
-}
-
-SECStatus 
-sslMutex_Lock(sslMutex *pMutex)
-{
-    PR_ASSERT(pMutex);
-    if (PR_FALSE == pMutex->isMultiProcess) {
-        return single_process_sslMutex_Lock(pMutex);
-    }
-    PORT_Assert(!("sslMutex_Lock not implemented for multi-process applications !"));
-    PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-    return SECFailure;
-}
-
-#endif
-
-#endif
diff --git a/security/nss/lib/ssl/sslmutex.h b/security/nss/lib/ssl/sslmutex.h
deleted file mode 100644
index 97115782f..000000000
--- a/security/nss/lib/ssl/sslmutex.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#ifndef __SSLMUTEX_H_
-#define __SSLMUTEX_H_ 1
-
-/* What SSL really wants is portable process-shared unnamed mutexes in 
- * shared memory, that have the property that if the process that holds
- * them dies, they are released automatically, and that (unlike fcntl 
- * record locking) lock to the thread, not to the process.  
- * NSPR doesn't provide that.  
- * Windows has mutexes that meet that description, but they're not portable.  
- * POSIX mutexes are not automatically released when the holder dies, 
- * and other processes/threads cannot release the mutex on behalf of the 
- * dead holder.  
- * POSIX semaphores can be used to accomplish this on systems that implement 
- * process-shared unnamed POSIX semaphores, because a watchdog thread can 
- * discover and release semaphores that were held by a dead process.  
- * On systems that do not support process-shared POSIX unnamed semaphores, 
- * they can be emulated using pipes.  
- * The performance cost of doing that is not yet measured.
- *
- * So, this API looks a lot like POSIX pthread mutexes.
- */
-
-#include "prtypes.h"
-#include "prlock.h"
-
-#if defined(WIN32)
-
-#include <wtypes.h>
-
-typedef struct 
-{
-    PRBool isMultiProcess;
-#ifdef WINNT
-    /* on WINNT we need both the PRLock and the Win32 mutex for fibers */
-    struct {
-#else
-    union {
-#endif
-        PRLock* sslLock;
-        HANDLE sslMutx;
-    } u;
-} sslMutex;
-
-typedef int    sslPID;
-
-#elif defined(LINUX) || defined(AIX) || defined(VMS) || defined(BEOS) || defined(BSDI) || defined(NETBSD) || defined(OPENBSD)
-
-#include <sys/types.h>
-#include "prtypes.h"
-
-typedef struct { 
-    PRBool isMultiProcess;
-    union {
-        PRLock* sslLock;
-        struct {
-            int      mPipes[3]; 
-            PRInt32  nWaiters;
-        } pipeStr;
-    } u;
-} sslMutex;
-typedef pid_t sslPID;
-
-#elif defined(XP_UNIX) /* other types of Unix */
-
-#include <sys/types.h>	/* for pid_t */
-#include <semaphore.h>  /* for sem_t, and sem_* functions */
-
-typedef struct
-{
-    PRBool isMultiProcess;
-    union {
-        PRLock* sslLock;
-        sem_t  sem;
-    } u;
-} sslMutex;
-
-typedef pid_t sslPID;
-
-#else
-
-/* what platform is this ?? */
-
-typedef struct { 
-    PRBool isMultiProcess;
-    union {
-        PRLock* sslLock;
-        /* include cross-process locking mechanism here */
-    } u;
-} sslMutex;
-
-typedef int sslPID;
-
-#endif
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-extern SECStatus sslMutex_Init(sslMutex *sem, int shared);
-
-extern SECStatus sslMutex_Destroy(sslMutex *sem);
-
-extern SECStatus sslMutex_Unlock(sslMutex *sem);
-
-extern SECStatus sslMutex_Lock(sslMutex *sem);
-
-#ifdef WINNT
-
-extern SECStatus sslMutex_2LevelInit(sslMutex *sem);
-
-#endif
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
deleted file mode 100644
index ac79c6d66..000000000
--- a/security/nss/lib/ssl/sslnonce.c
+++ /dev/null
@@ -1,365 +0,0 @@
-/* 
- * This file implements the CLIENT Session ID cache.  
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secitem.h"
-#include "ssl.h"
-
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "nssilock.h"
-#include "nsslocks.h"
-#if (defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-#include <time.h>
-#endif
-
-PRUint32 ssl_sid_timeout = 100;
-PRUint32 ssl3_sid_timeout = 86400L; /* 24 hours */
-
-static sslSessionID *cache;
-static PZLock *      cacheLock;
-
-/* sids can be in one of 4 states:
- *
- * never_cached, 	created, but not yet put into cache. 
- * in_client_cache, 	in the client cache's linked list.
- * in_server_cache, 	entry came from the server's cache file.
- * invalid_cache	has been removed from the cache. 
- */
-
-#define LOCK_CACHE 	lock_cache()
-#define UNLOCK_CACHE	PZ_Unlock(cacheLock)
-
-static void 
-lock_cache(void)
-{
-    /* XXX Since the client session cache has no init function, we must
-     * XXX init the cacheLock on the first call.  Fix in NSS 3.0.
-     */
-    if (!cacheLock)
-	nss_InitLock(&cacheLock, nssILockCache);
-    PZ_Lock(cacheLock);
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * If the unreferenced sid is not in the cache, Free sid and its contents.
- */
-static void
-ssl_DestroySID(sslSessionID *sid)
-{
-    SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached));
-    PORT_Assert((sid->references == 0));
-
-    if (sid->cached == in_client_cache)
-    	return;	/* it will get taken care of next time cache is traversed. */
-
-    if (sid->version < SSL_LIBRARY_VERSION_3_0) {
-	SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE);
-	SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE);
-    }
-    if (sid->peerID != NULL)
-	PORT_Free((void *)sid->peerID);		/* CONST */
-
-    if (sid->urlSvrName != NULL)
-	PORT_Free((void *)sid->urlSvrName);	/* CONST */
-
-    if ( sid->peerCert ) {
-	CERT_DestroyCertificate(sid->peerCert);
-    }
-    if ( sid->localCert ) {
-	CERT_DestroyCertificate(sid->localCert);
-    }
-    
-    PORT_ZFree(sid, sizeof(sslSessionID));
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * Decrement reference count, and 
- *    free sid if ref count is zero, and sid is not in the cache. 
- * Does NOT remove from the cache first.  
- * If the sid is still in the cache, it is left there until next time
- * the cache list is traversed.
- */
-static void 
-ssl_FreeLockedSID(sslSessionID *sid)
-{
-    PORT_Assert(sid->references >= 1);
-    if (--sid->references == 0) {
-	ssl_DestroySID(sid);
-    }
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * Decrement reference count, and 
- *    free sid if ref count is zero, and sid is not in the cache. 
- * Does NOT remove from the cache first.  
- * These locks are necessary because the sid _might_ be in the cache list.
- */
-void
-ssl_FreeSID(sslSessionID *sid)
-{
-    LOCK_CACHE;
-    ssl_FreeLockedSID(sid);
-    UNLOCK_CACHE;
-}
-
-/************************************************************************/
-
-/*
-**  Lookup sid entry in cache by Address, port, and peerID string.
-**  If found, Increment reference count, and return pointer to caller.
-**  If it has timed out or ref count is zero, remove from list and free it.
-*/
-
-sslSessionID *
-ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, const char *peerID, 
-              const char * urlSvrName)
-{
-    sslSessionID **sidp;
-    sslSessionID * sid;
-    PRUint32       now;
-
-    if (!urlSvrName)
-    	return NULL;
-    now = ssl_Time();
-    LOCK_CACHE;
-    sidp = &cache;
-    while ((sid = *sidp) != 0) {
-	PORT_Assert(sid->cached == in_client_cache);
-	PORT_Assert(sid->references >= 1);
-
-	SSL_TRC(8, ("SSL: Lookup1: sid=0x%x", sid));
-
-	if (sid->expirationTime < now || !sid->references) {
-	    /*
-	    ** This session-id timed out, or was orphaned.
-	    ** Don't even care who it belongs to, blow it out of our cache.
-	    */
-	    SSL_TRC(7, ("SSL: lookup1, throwing sid out, age=%d refs=%d",
-			now - sid->creationTime, sid->references));
-
-	    *sidp = sid->next; 			/* delink it from the list. */
-	    sid->cached = invalid_cache;	/* mark not on list. */
-	    if (!sid->references)
-	    	ssl_DestroySID(sid);
-	    else
-		ssl_FreeLockedSID(sid);		/* drop ref count, free. */
-
-	} else if (!memcmp(&sid->addr, addr, sizeof(PRIPv6Addr)) && /* server IP addr matches */
-	           (sid->port == port) && /* server port matches */
-		   /* proxy (peerID) matches */
-		   (((peerID == NULL) && (sid->peerID == NULL)) ||
-		    ((peerID != NULL) && (sid->peerID != NULL) &&
-		     PORT_Strcmp(sid->peerID, peerID) == 0)) &&
-		   /* is cacheable */
-		   (sid->version < SSL_LIBRARY_VERSION_3_0 ||
-		    sid->u.ssl3.resumable) &&
-		   /* server hostname matches. */
-	           (sid->urlSvrName != NULL) &&
-		   ((0 == PORT_Strcmp(urlSvrName, sid->urlSvrName)) ||
-		    ((sid->peerCert != NULL) && (SECSuccess == 
-		      CERT_VerifyCertName(sid->peerCert, urlSvrName))) )
-		  ) {
-	    /* Hit */
-	    sid->lastAccessTime = now;
-	    sid->references++;
-	    break;
-	} else {
-	    sidp = &sid->next;
-	}
-    }
-    UNLOCK_CACHE;
-    return sid;
-}
-
-/*
-** Add an sid to the cache or return a previously cached entry to the cache.
-** Although this is static, it is called via ss->sec.cache().
-*/
-static void 
-CacheSID(sslSessionID *sid)
-{
-    PRUint32  expirationPeriod;
-    SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
-		"time=%x cached=%d",
-		sid, sid->cached, sid->addr.pr_s6_addr32[0], 
-		sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2],
-		sid->addr.pr_s6_addr32[3],  sid->port, sid->creationTime,
-		sid->cached));
-
-    if (sid->cached == in_client_cache)
-	return;
-
-    /* XXX should be different trace for version 2 vs. version 3 */
-    if (sid->version < SSL_LIBRARY_VERSION_3_0) {
-	expirationPeriod = ssl_sid_timeout;
-	PRINT_BUF(8, (0, "sessionID:",
-		  sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID)));
-	PRINT_BUF(8, (0, "masterKey:",
-		  sid->u.ssl2.masterKey.data, sid->u.ssl2.masterKey.len));
-	PRINT_BUF(8, (0, "cipherArg:",
-		  sid->u.ssl2.cipherArg.data, sid->u.ssl2.cipherArg.len));
-    } else {
-	if (sid->u.ssl3.sessionIDLength == 0) 
-	    return;
-	expirationPeriod = ssl3_sid_timeout;
-	PRINT_BUF(8, (0, "sessionID:",
-		      sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength));
-    }
-    PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
-    if (!sid->creationTime)
-	sid->lastAccessTime = sid->creationTime = ssl_Time();
-    if (!sid->expirationTime)
-	sid->expirationTime = sid->creationTime + expirationPeriod;
-
-    /*
-     * Put sid into the cache.  Bump reference count to indicate that
-     * cache is holding a reference. Uncache will reduce the cache
-     * reference.
-     */
-    LOCK_CACHE;
-    sid->references++;
-    sid->cached = in_client_cache;
-    sid->next   = cache;
-    cache       = sid;
-    UNLOCK_CACHE;
-}
-
-/* 
- * If sid "zap" is in the cache,
- *    removes sid from cache, and decrements reference count.
- * Caller must hold cache lock.
- */
-static void
-UncacheSID(sslSessionID *zap)
-{
-    sslSessionID **sidp = &cache;
-    sslSessionID *sid;
-
-    if (zap->cached != in_client_cache) {
-	return;
-    }
-
-    SSL_TRC(8,("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
-	       "time=%x cipher=%d",
-	       zap, zap->cached, zap->addr.pr_s6_addr32[0],
-	       zap->addr.pr_s6_addr32[1], zap->addr.pr_s6_addr32[2],
-	       zap->addr.pr_s6_addr32[3], zap->port, zap->creationTime,
-	       zap->u.ssl2.cipherType));
-    if (zap->version < SSL_LIBRARY_VERSION_3_0) {
-	PRINT_BUF(8, (0, "sessionID:",
-		      zap->u.ssl2.sessionID, sizeof(zap->u.ssl2.sessionID)));
-	PRINT_BUF(8, (0, "masterKey:",
-		      zap->u.ssl2.masterKey.data, zap->u.ssl2.masterKey.len));
-	PRINT_BUF(8, (0, "cipherArg:",
-		      zap->u.ssl2.cipherArg.data, zap->u.ssl2.cipherArg.len));
-    }
-
-    /* See if it's in the cache, if so nuke it */
-    while ((sid = *sidp) != 0) {
-	if (sid == zap) {
-	    /*
-	    ** Bingo. Reduce reference count by one so that when
-	    ** everyone is done with the sid we can free it up.
-	    */
-	    *sidp = zap->next;
-	    zap->cached = invalid_cache;
-	    ssl_FreeLockedSID(zap);
-	    return;
-	}
-	sidp = &sid->next;
-    }
-}
-
-/* If sid "zap" is in the cache,
- *    removes sid from cache, and decrements reference count.
- * Although this function is static, it is called externally via 
- *    ss->sec.uncache().
- */
-static void
-LockAndUncacheSID(sslSessionID *zap)
-{
-    LOCK_CACHE;
-    UncacheSID(zap);
-    UNLOCK_CACHE;
-
-}
-
-/* choose client or server cache functions for this sslsocket. */
-void 
-ssl_ChooseSessionIDProcs(sslSecurityInfo *sec)
-{
-    if (sec->isServer) {
-	sec->cache   = ssl_sid_cache;
-	sec->uncache = ssl_sid_uncache;
-    } else {
-	sec->cache   = CacheSID;
-	sec->uncache = LockAndUncacheSID;
-    }
-}
-
-/* wipe out the entire client session cache. */
-void
-SSL_ClearSessionCache(void)
-{
-    LOCK_CACHE;
-    while(cache != NULL)
-	UncacheSID(cache);
-    UNLOCK_CACHE;
-}
-
-/* returns an unsigned int containing the number of seconds in PR_Now() */
-PRUint32
-ssl_Time(void)
-{
-    PRUint32 myTime;
-#if (defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-    myTime = time(NULL);	/* accurate until the year 2038. */
-#else
-    /* portable, but possibly slower */
-    PRTime now;
-    PRInt64 ll;
-
-    now = PR_Now();
-    LL_I2L(ll, 1000000L);
-    LL_DIV(now, now, ll);
-    LL_L2UI(myTime, now);
-#endif
-    return myTime;
-}
-
diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h
deleted file mode 100644
index 408f2b2a4..000000000
--- a/security/nss/lib/ssl/sslproto.h
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * Various and sundry protocol constants. DON'T CHANGE THESE. These values 
- * are mostly defined by the SSL2, SSL3, or TLS protocol specifications.
- * Cipher kinds and ciphersuites are part of the public API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslproto_h_
-#define __sslproto_h_
-
-/* All versions less than 3_0 are treated as SSL version 2 */
-#define SSL_LIBRARY_VERSION_2			0x0002
-#define SSL_LIBRARY_VERSION_3_0			0x0300
-#define SSL_LIBRARY_VERSION_3_1_TLS		0x0301
-
-/* Header lengths of some of the messages */
-#define SSL_HL_ERROR_HBYTES			3
-#define SSL_HL_CLIENT_HELLO_HBYTES		9
-#define SSL_HL_CLIENT_MASTER_KEY_HBYTES		10
-#define SSL_HL_CLIENT_FINISHED_HBYTES		1
-#define SSL_HL_SERVER_HELLO_HBYTES		11
-#define SSL_HL_SERVER_VERIFY_HBYTES		1
-#define SSL_HL_SERVER_FINISHED_HBYTES		1
-#define SSL_HL_REQUEST_CERTIFICATE_HBYTES	2
-#define SSL_HL_CLIENT_CERTIFICATE_HBYTES	6
-
-/* Security handshake protocol codes */
-#define SSL_MT_ERROR				0
-#define SSL_MT_CLIENT_HELLO			1
-#define SSL_MT_CLIENT_MASTER_KEY		2
-#define SSL_MT_CLIENT_FINISHED			3
-#define SSL_MT_SERVER_HELLO			4
-#define SSL_MT_SERVER_VERIFY			5
-#define SSL_MT_SERVER_FINISHED			6
-#define SSL_MT_REQUEST_CERTIFICATE		7
-#define SSL_MT_CLIENT_CERTIFICATE		8
-
-/* Certificate types */
-#define SSL_CT_X509_CERTIFICATE			0x01
-#if 0 /* XXX Not implemented yet */
-#define SSL_PKCS6_CERTIFICATE			0x02
-#endif
-#define SSL_AT_MD5_WITH_RSA_ENCRYPTION		0x01
-
-/* Error codes */
-#define SSL_PE_NO_CYPHERS			0x0001
-#define SSL_PE_NO_CERTIFICATE			0x0002
-#define SSL_PE_BAD_CERTIFICATE			0x0004
-#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE	0x0006
-
-/* Cypher kinds (not the spec version!) */
-#define SSL_CK_RC4_128_WITH_MD5			0x01
-#define SSL_CK_RC4_128_EXPORT40_WITH_MD5	0x02
-#define SSL_CK_RC2_128_CBC_WITH_MD5		0x03
-#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5	0x04
-#define SSL_CK_IDEA_128_CBC_WITH_MD5		0x05
-#define SSL_CK_DES_64_CBC_WITH_MD5		0x06
-#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5	0x07
-
-/* Cipher enables.  These are used only for SSL_EnableCipher 
- * These values define the SSL2 suites, and do not colide with the 
- * SSL3 Cipher suites defined below.
- */
-#define SSL_EN_RC4_128_WITH_MD5			0xFF01
-#define SSL_EN_RC4_128_EXPORT40_WITH_MD5	0xFF02
-#define SSL_EN_RC2_128_CBC_WITH_MD5		0xFF03
-#define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5	0xFF04
-#define SSL_EN_IDEA_128_CBC_WITH_MD5		0xFF05
-#define SSL_EN_DES_64_CBC_WITH_MD5		0xFF06
-#define SSL_EN_DES_192_EDE3_CBC_WITH_MD5	0xFF07
-
-/* SSL v3 Cipher Suites */
-#define SSL_NULL_WITH_NULL_NULL			0x0000
-
-#define SSL_RSA_WITH_NULL_MD5			0x0001
-#define SSL_RSA_WITH_NULL_SHA			0x0002
-#define SSL_RSA_EXPORT_WITH_RC4_40_MD5		0x0003
-#define SSL_RSA_WITH_RC4_128_MD5		0x0004
-#define SSL_RSA_WITH_RC4_128_SHA		0x0005
-#define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5	0x0006
-#define SSL_RSA_WITH_IDEA_CBC_SHA		0x0007
-#define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0008
-#define SSL_RSA_WITH_DES_CBC_SHA		0x0009
-#define SSL_RSA_WITH_3DES_EDE_CBC_SHA		0x000a
-						       
-#define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA	0x000b
-#define SSL_DH_DSS_WITH_DES_CBC_SHA		0x000c
-#define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA	0x000d
-#define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA	0x000e
-#define SSL_DH_RSA_WITH_DES_CBC_SHA		0x000f
-#define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA	0x0010
-						       
-#define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA	0x0011
-#define SSL_DHE_DSS_WITH_DES_CBC_SHA		0x0012
-#define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA	0x0013
-#define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA	0x0014
-#define SSL_DHE_RSA_WITH_DES_CBC_SHA		0x0015
-#define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA	0x0016
-						       
-#define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5	0x0017
-#define SSL_DH_ANON_WITH_RC4_128_MD5		0x0018
-#define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA	0x0019
-#define SSL_DH_ANON_WITH_DES_CBC_SHA		0x001a
-#define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA	0x001b
-
-#define SSL_FORTEZZA_DMS_WITH_NULL_SHA		0x001c
-#define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA	0x001d
-#define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA	0x001e
-
-/* New TLS cipher suites */
-#define TLS_RSA_WITH_AES_128_CBC_SHA      	0x002F
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA   	0x0030
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA   	0x0031
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA  	0x0032
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA  	0x0033
-#define TLS_DH_ANON_WITH_AES_128_CBC_SHA  	0x0034
-
-#define TLS_RSA_WITH_AES_256_CBC_SHA      	0x0035
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA   	0x0036
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA   	0x0037
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA  	0x0038
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA  	0x0039
-#define TLS_DH_ANON_WITH_AES_256_CBC_SHA  	0x003A
-
-#define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     0x0062
-#define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      0x0064
-
-#define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063
-#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  0x0065
-#define TLS_DHE_DSS_WITH_RC4_128_SHA            0x0066
-
-/* Netscape "experimental" cipher suites. */
-#define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA	0xffe0
-#define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA	0xffe1
-
-/* New non-experimental openly spec'ed versions of those cipher suites. */
-#define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 	0xfeff
-#define SSL_RSA_FIPS_WITH_DES_CBC_SHA      	0xfefe
-
-#endif /* __sslproto_h_ */
diff --git a/security/nss/lib/ssl/sslreveal.c b/security/nss/lib/ssl/sslreveal.c
deleted file mode 100644
index 44ae47810..000000000
--- a/security/nss/lib/ssl/sslreveal.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* 
- * Accessor functions for SSLSocket private members.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "certt.h"
-#include "sslimpl.h"
-
-/* given PRFileDesc, returns a copy of certificate associated with the socket
- * the caller should delete the cert when done with SSL_DestroyCertificate
- */
-CERTCertificate * 
-SSL_RevealCert(PRFileDesc * fd)
-{
-  CERTCertificate * cert = NULL;
-  sslSocket * sslsocket = NULL;
-
-  sslsocket = ssl_FindSocket(fd);
-  
-  /* CERT_DupCertificate increases reference count and returns pointer to 
-   * the same cert
-   */
-  if (sslsocket && sslsocket->sec.peerCert)
-    cert = CERT_DupCertificate(sslsocket->sec.peerCert);
-  
-  return cert;
-}
-
-/* given PRFileDesc, returns a pointer to PinArg associated with the socket
- */
-void * 
-SSL_RevealPinArg(PRFileDesc * fd)
-{
-  sslSocket * sslsocket = NULL;
-  void * PinArg = NULL;
-  
-  sslsocket = ssl_FindSocket(fd);
-  
-  /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
-  if (sslsocket)
-    PinArg = sslsocket->pkcs11PinArg;
-  
-  return PinArg;
-}
-
-
-/* given PRFileDesc, returns a pointer to the URL associated with the socket
- * the caller should free url when done  
- */
-char * 
-SSL_RevealURL(PRFileDesc * fd)
-{
-  sslSocket * sslsocket = NULL;
-  char * url = NULL;
-
-  sslsocket = ssl_FindSocket(fd);
-  
-  if (sslsocket && sslsocket->url)
-    url = PL_strdup(sslsocket->url);
-  
-  return url;
-}
-
diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c
deleted file mode 100644
index e5c2bc136..000000000
--- a/security/nss/lib/ssl/sslsecur.c
+++ /dev/null
@@ -1,1282 +0,0 @@
-/*
- * Various SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "secitem.h"
-#include "keyhi.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "secoid.h"	/* for SECOID_GetALgorithmTag */
-#include "pk11func.h"	/* for PK11_GenerateRandom */
-
-#define MAX_BLOCK_CYPHER_SIZE	32
-
-#define TEST_FOR_FAILURE	/* reminder */
-#define SET_ERROR_CODE		/* reminder */
-
-/* Returns a SECStatus: SECSuccess or SECFailure, NOT SECWouldBlock. 
- * 
- * Currently, the list of functions called through ss->handshake is:
- * 
- * In sslsocks.c:
- *  SocksGatherRecord
- *  SocksHandleReply	
- *  SocksStartGather
- *
- * In sslcon.c:
- *  ssl_GatherRecord1stHandshake
- *  ssl2_HandleClientSessionKeyMessage
- *  ssl2_HandleMessage
- *  ssl2_HandleVerifyMessage
- *  ssl2_BeginClientHandshake
- *  ssl2_BeginServerHandshake
- *  ssl2_HandleClientHelloMessage
- *  ssl2_HandleServerHelloMessage
- * 
- * The ss->handshake function returns SECWouldBlock under these conditions:
- * 1.	ssl_GatherRecord1stHandshake called ssl2_GatherData which read in 
- *	the beginning of an SSL v3 hello message and returned SECWouldBlock 
- *	to switch to SSL v3 handshake processing.
- *
- * 2.	ssl2_HandleClientHelloMessage discovered version 3.0 in the incoming
- *	v2 client hello msg, and called ssl3_HandleV2ClientHello which 
- *	returned SECWouldBlock.
- *
- * 3.   SECWouldBlock was returned by one of the callback functions, via
- *	one of these paths:
- * -	ssl2_HandleMessage() -> ssl2_HandleRequestCertificate() -> ss->getClientAuthData()
- *
- * -	ssl2_HandleServerHelloMessage() -> ss->handleBadCert()
- *
- * -	ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() -> 
- *	ssl3_HandleRecord() -> ssl3_HandleHandshake() -> 
- *	ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificate() -> 
- *	ss->handleBadCert()
- *
- * -	ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() -> 
- *	ssl3_HandleRecord() -> ssl3_HandleHandshake() -> 
- *	ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificateRequest() -> 
- *	ss->getClientAuthData()
- *
- * Called from: SSL_ForceHandshake	(below), 
- *              ssl_SecureRecv 		(below) and
- *              ssl_SecureSend		(below)
- *	  from: WaitForResponse 	in sslsocks.c
- *	        ssl_SocksRecv   	in sslsocks.c
- *              ssl_SocksSend   	in sslsocks.c
- *
- * Caller must hold the (write) handshakeLock.
- */
-int 
-ssl_Do1stHandshake(sslSocket *ss)
-{
-    int rv        = SECSuccess;
-    int loopCount = 0;
-
-    do {
-	PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-	PORT_Assert( !ssl_HaveRecvBufLock(ss)   );
-	PORT_Assert( !ssl_HaveXmitBufLock(ss)   );
-
-	if (ss->handshake == 0) {
-	    /* Previous handshake finished. Switch to next one */
-	    ss->handshake = ss->nextHandshake;
-	    ss->nextHandshake = 0;
-	}
-	if (ss->handshake == 0) {
-	    /* Previous handshake finished. Switch to security handshake */
-	    ss->handshake = ss->securityHandshake;
-	    ss->securityHandshake = 0;
-	}
-	if (ss->handshake == 0) {
-	    ssl_GetRecvBufLock(ss);
-	    ss->gs.recordLen = 0;
-	    ssl_ReleaseRecvBufLock(ss);
-
-	    SSL_TRC(3, ("%d: SSL[%d]: handshake is completed",
-			SSL_GETPID(), ss->fd));
-            /* call handshake callback for ssl v2 */
-	    /* for v3 this is done in ssl3_HandleFinished() */
-	    if ((ss->handshakeCallback != NULL) && /* has callback */
-		(!ss->firstHsDone) &&              /* only first time */
-		(ss->version < SSL_LIBRARY_VERSION_3_0)) {  /* not ssl3 */
-		ss->firstHsDone     = PR_TRUE;
-		(ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-	    }
-	    ss->firstHsDone         = PR_TRUE;
-	    ss->gs.writeOffset = 0;
-	    ss->gs.readOffset  = 0;
-	    break;
-	}
-	rv = (*ss->handshake)(ss);
-	++loopCount;
-    /* This code must continue to loop on SECWouldBlock, 
-     * or any positive value.	See XXX_1 comments.
-     */
-    } while (rv != SECFailure);  	/* was (rv >= 0); XXX_1 */
-
-    PORT_Assert( !ssl_HaveRecvBufLock(ss)   );
-    PORT_Assert( !ssl_HaveXmitBufLock(ss)   );
-
-    if (rv == SECWouldBlock) {
-	PORT_SetError(PR_WOULD_BLOCK_ERROR);
-	rv = SECFailure;
-    }
-    return rv;
-}
-
-/*
- * Handshake function that blocks.  Used to force a
- * retry on a connection on the next read/write.
- */
-static SECStatus
-AlwaysBlock(sslSocket *ss)
-{
-    PORT_SetError(PR_WOULD_BLOCK_ERROR);	/* perhaps redundant. */
-    return SECWouldBlock;
-}
-
-/*
- * set the initial handshake state machine to block
- */
-void
-ssl_SetAlwaysBlock(sslSocket *ss)
-{
-    if (!ss->firstHsDone) {
-	ss->handshake = AlwaysBlock;
-	ss->nextHandshake = 0;
-    }
-}
-
-/* Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
-{
-    sslSocket *ss;
-    SECStatus status;
-    PRNetAddr addr;
-
-    ss = ssl_FindSocket(s);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in ResetHandshake", SSL_GETPID(), s));
-	return SECFailure;
-    }
-
-    /* Don't waste my time */
-    if (!ss->useSecurity)
-	return SECSuccess;
-
-    SSL_LOCK_READER(ss);
-    SSL_LOCK_WRITER(ss);
-
-    /* Reset handshake state */
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-
-    ss->firstHsDone = PR_FALSE;
-    if ( asServer ) {
-	ss->handshake = ssl2_BeginServerHandshake;
-	ss->handshaking = sslHandshakingAsServer;
-    } else {
-	ss->handshake = ssl2_BeginClientHandshake;
-	ss->handshaking = sslHandshakingAsClient;
-    }
-    ss->nextHandshake       = 0;
-    ss->securityHandshake   = 0;
-
-    ssl_GetRecvBufLock(ss);
-    status = ssl_InitGather(&ss->gs);
-    ssl_ReleaseRecvBufLock(ss);
-
-    /*
-    ** Blow away old security state and get a fresh setup.
-    */
-    ssl_GetXmitBufLock(ss); 
-    ssl_ResetSecurityInfo(&ss->sec);
-    status = ssl_CreateSecurityInfo(ss);
-    ssl_ReleaseXmitBufLock(ss); 
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    ssl_Release1stHandshakeLock(ss);
-
-    if (!ss->TCPconnected)
-	ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
-
-    SSL_UNLOCK_WRITER(ss);
-    SSL_UNLOCK_READER(ss);
-
-    return status;
-}
-
-/* For SSLv2, does nothing but return an error.
-** For SSLv3, flushes SID cache entry (if requested),
-** and then starts new client hello or hello request.
-** Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
-{
-    sslSocket *ss;
-    SECStatus  rv;
-    
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    if (!ss->useSecurity)
-	return SECSuccess;
-    
-    ssl_Get1stHandshakeLock(ss);
-
-    /* SSL v2 protocol does not support subsequent handshakes. */
-    if (ss->version < SSL_LIBRARY_VERSION_3_0) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	rv = SECFailure;
-    } else {
-	ssl_GetSSL3HandshakeLock(ss);
-	rv = ssl3_RedoHandshake(ss, flushCache); /* force full handshake. */
-	ssl_ReleaseSSL3HandshakeLock(ss);
-    }
-
-    ssl_Release1stHandshakeLock(ss);
-
-    return rv;
-}
-
-SECStatus
-SSL_RedoHandshake(PRFileDesc *fd)
-{
-    return SSL_ReHandshake(fd, PR_TRUE);
-}
-
-/* Register an application callback to be called when SSL handshake completes.
-** Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
-		      void *client_data)
-{
-    sslSocket *ss;
-    
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback",
-		 SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    if (!ss->useSecurity) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-
-    ss->handshakeCallback     = cb;
-    ss->handshakeCallbackData = client_data;
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    ssl_Release1stHandshakeLock(ss);
-
-    return SECSuccess;
-}
-
-/* Try to make progress on an SSL handshake by attempting to read the 
-** next handshake from the peer, and sending any responses.
-** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK  if it cannot 
-** read the next handshake from the underlying socket.
-** For SSLv2, returns when handshake is complete or fatal error occurs.
-** For SSLv3, returns when handshake is complete, or application data has
-** arrived that must be taken by application before handshake can continue, 
-** or a fatal error occurs.
-** Application should use handshake completion callback to tell which. 
-*/
-SECStatus
-SSL_ForceHandshake(PRFileDesc *fd)
-{
-    sslSocket *ss;
-    SECStatus  rv = SECFailure;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in ForceHandshake",
-		 SSL_GETPID(), fd));
-	return rv;
-    }
-
-    /* Don't waste my time */
-    if (!ss->useSecurity) 
-    	return SECSuccess;
-
-    ssl_Get1stHandshakeLock(ss);
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-	int gatherResult;
-
-    	ssl_GetRecvBufLock(ss);
-	gatherResult = ssl3_GatherCompleteHandshake(ss, 0);
-	ssl_ReleaseRecvBufLock(ss);
-	if (gatherResult > 0) {
-	    rv = SECSuccess;
-	} else if (gatherResult == 0) {
-	    PORT_SetError(PR_END_OF_FILE_ERROR);
-	} else if (gatherResult == SECWouldBlock) {
-	    PORT_SetError(PR_WOULD_BLOCK_ERROR);
-	}
-    } else if (!ss->firstHsDone) {
-	rv = ssl_Do1stHandshake(ss);
-    } else {
-	/* tried to force handshake on an SSL 2 socket that has 
-	** already completed the handshake. */
-    	rv = SECSuccess;	/* just pretend we did it. */
-    }
-
-    ssl_Release1stHandshakeLock(ss);
-
-    return rv;
-}
-
-/************************************************************************/
-
-/*
-** Grow a buffer to hold newLen bytes of data.
-** Called for both recv buffers and xmit buffers.
-** Caller must hold xmitBufLock or recvBufLock, as appropriate.
-*/
-SECStatus
-sslBuffer_Grow(sslBuffer *b, unsigned int newLen)
-{
-    if (newLen > b->space) {
-	if (b->buf) {
-	    b->buf = (unsigned char *) PORT_Realloc(b->buf, newLen);
-	} else {
-	    b->buf = (unsigned char *) PORT_Alloc(newLen);
-	}
-	if (!b->buf) {
-	    return SECFailure;
-	}
-	SSL_TRC(10, ("%d: SSL: grow buffer from %d to %d",
-		     SSL_GETPID(), b->space, newLen));
-	b->space = newLen;
-    }
-    return SECSuccess;
-}
-
-/*
-** Save away write data that is trying to be written before the security
-** handshake has been completed. When the handshake is completed, we will
-** flush this data out.
-** Caller must hold xmitBufLock
-*/
-SECStatus 
-ssl_SaveWriteData(sslSocket *ss, sslBuffer *buf, const void *data, 
-                      unsigned int len)
-{
-    unsigned int newlen;
-    SECStatus    rv;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-    newlen = buf->len + len;
-    if (newlen > buf->space) {
-	rv = sslBuffer_Grow(buf, newlen);
-	if (rv) {
-	    return rv;
-	}
-    }
-    SSL_TRC(5, ("%d: SSL[%d]: saving %d bytes of data (%d total saved so far)",
-		 SSL_GETPID(), ss->fd, len, newlen));
-    PORT_Memcpy(buf->buf + buf->len, data, len);
-    buf->len = newlen;
-    return SECSuccess;
-}
-
-/*
-** Send saved write data. This will flush out data sent prior to a
-** complete security handshake. Hopefully there won't be too much of it.
-** Returns count of the bytes sent, NOT a SECStatus.
-** Caller must hold xmitBufLock
-*/
-int 
-ssl_SendSavedWriteData(sslSocket *ss, sslBuffer *buf, sslSendFunc send)
-{
-    int rv	= 0;
-    int len	= buf->len;
-
-    PORT_Assert( ssl_HaveXmitBufLock(ss) );
-    if (len != 0) {
-	SSL_TRC(5, ("%d: SSL[%d]: sending %d bytes of saved data",
-		     SSL_GETPID(), ss->fd, len));
-	rv = (*send)(ss, buf->buf, len, 0);
-	if (rv < 0) {
-	    return rv;
-	} 
-	if (rv < len) {
-	    /* UGH !! This shifts the whole buffer down by copying it, and 
-	    ** it depends on PORT_Memmove doing overlapping moves correctly!
-	    ** It should advance the pointer offset instead !!
-	    */
-	    PORT_Memmove(buf->buf, buf->buf + rv, len - rv);
-	    buf->len = len - rv;
-	} else {
-	    buf->len = 0;
-    	}
-    }
-    return rv;
-}
-
-/************************************************************************/
-
-/*
-** Receive some application data on a socket.  Reads SSL records from the input
-** stream, decrypts them and then copies them to the output buffer.
-** Called from ssl_SecureRecv() below.
-**
-** Caller does NOT hold 1stHandshakeLock because that handshake is over.
-** Caller doesn't call this until initial handshake is complete.
-** For SSLv2, there is no subsequent handshake.
-** For SSLv3, the call to ssl3_GatherAppDataRecord may encounter handshake
-** messages from a subsequent handshake.
-**
-** This code is similar to, and easily confused with, 
-**   ssl_GatherRecord1stHandshake() in sslcon.c
-*/
-static int 
-DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
-{
-    int              rv;
-    int              amount;
-    int              available;
-
-    ssl_GetRecvBufLock(ss);
-
-    available = ss->gs.writeOffset - ss->gs.readOffset;
-    if (available == 0) {
-	/* Get some more data */
-	if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-	    /* Wait for application data to arrive.  */
-	    rv = ssl3_GatherAppDataRecord(ss, 0);
-	} else {
-	    /* See if we have a complete record */
-	    rv = ssl2_GatherRecord(ss, 0);
-	}
-	if (rv <= 0) {
-	    if (rv == 0) {
-		/* EOF */
-		SSL_TRC(10, ("%d: SSL[%d]: ssl_recv EOF",
-			     SSL_GETPID(), ss->fd));
-		goto done;
-	    }
-	    if ((rv != SECWouldBlock) && 
-	        (PR_GetError() != PR_WOULD_BLOCK_ERROR)) {
-		/* Some random error */
-		goto done;
-	    }
-
-	    /*
-	    ** Gather record is blocked waiting for more record data to
-	    ** arrive. Try to process what we have already received
-	    */
-	} else {
-	    /* Gather record has finished getting a complete record */
-	}
-
-	/* See if any clear data is now available */
-	available = ss->gs.writeOffset - ss->gs.readOffset;
-	if (available == 0) {
-	    /*
-	    ** No partial data is available. Force error code to
-	    ** EWOULDBLOCK so that caller will try again later. Note
-	    ** that the error code is probably EWOULDBLOCK already,
-	    ** but if it isn't (for example, if we received a zero
-	    ** length record) then this will force it to be correct.
-	    */
-	    PORT_SetError(PR_WOULD_BLOCK_ERROR);
-	    rv = SECFailure;
-	    goto done;
-	}
-	SSL_TRC(30, ("%d: SSL[%d]: partial data ready, available=%d",
-		     SSL_GETPID(), ss->fd, available));
-    }
-
-    /* Dole out clear data to reader */
-    amount = PR_MIN(len, available);
-    PORT_Memcpy(out, ss->gs.buf.buf + ss->gs.readOffset, amount);
-    if (!(flags & PR_MSG_PEEK)) {
-	ss->gs.readOffset += amount;
-    }
-    rv = amount;
-
-    SSL_TRC(30, ("%d: SSL[%d]: amount=%d available=%d",
-		 SSL_GETPID(), ss->fd, amount, available));
-    PRINT_BUF(4, (ss, "DoRecv receiving plaintext:", out, amount));
-
-done:
-    ssl_ReleaseRecvBufLock(ss);
-    return rv;
-}
-
-/************************************************************************/
-
-SSLKEAType
-ssl_FindCertKEAType(CERTCertificate * cert)
-{
-  SSLKEAType keaType = kt_null; 
-  int tag;
-  
-  if (!cert) goto loser;
-  
-  tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-  
-  switch (tag) {
-  case SEC_OID_X500_RSA_ENCRYPTION:
-  case SEC_OID_PKCS1_RSA_ENCRYPTION:
-    keaType = kt_rsa;
-    break;
-  case SEC_OID_MISSI_KEA_DSS_OLD:
-  case SEC_OID_MISSI_KEA_DSS:
-  case SEC_OID_MISSI_DSS_OLD:
-  case SEC_OID_MISSI_DSS:
-    keaType = kt_fortezza;
-    break;
-  case SEC_OID_X942_DIFFIE_HELMAN_KEY:
-    keaType = kt_dh;
-    break;
-  default:
-    keaType = kt_null;
-  }
-  
- loser:
-  
-  return keaType;
-
-}
-
-
-/* XXX need to protect the data that gets changed here.!! */
-
-SECStatus
-SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert,
-		       SECKEYPrivateKey *key, SSL3KEAType kea)
-{
-    SECStatus rv;
-    sslSocket *ss;
-    sslServerCerts  *sc;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	return SECFailure;
-    }
-
-    /* Both key and cert must have a value or be NULL */
-    /* Passing a value of NULL will turn off key exchange algorithms that were
-     * previously turned on */
-    if (!cert != !key) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    /* make sure the key exchange is recognized */
-    if ((kea >= kt_kea_size) || (kea < kt_null)) {
-	PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-	return SECFailure;
-    }
-
-    if (kea != ssl_FindCertKEAType(cert)) {
-    	PORT_SetError(SSL_ERROR_CERT_KEA_MISMATCH);
-	return SECFailure;
-    }
-
-    sc = ss->serverCerts + kea;
-    /* load the server certificate */
-    if (sc->serverCert != NULL) {
-	CERT_DestroyCertificate(sc->serverCert);
-    	sc->serverCert = NULL;
-    }
-    if (cert) {
-	SECKEYPublicKey * pubKey;
-	sc->serverCert = CERT_DupCertificate(cert);
-	if (!sc->serverCert)
-	    goto loser;
-    	/* get the size of the cert's public key, and remember it */
-	pubKey = CERT_ExtractPublicKey(cert);
-	if (!pubKey) 
-	    goto loser;
-	sc->serverKeyBits = SECKEY_PublicKeyStrength(pubKey) * BPB;
-	SECKEY_DestroyPublicKey(pubKey); 
-	pubKey = NULL;
-    }
-
-
-    /* load the server cert chain */
-    if (sc->serverCertChain != NULL) {
-	CERT_DestroyCertificateList(sc->serverCertChain);
-    	sc->serverCertChain = NULL;
-    }
-    if (cert) {
-	sc->serverCertChain = CERT_CertChainFromCert(
-			    sc->serverCert, certUsageSSLServer, PR_TRUE);
-	if (sc->serverCertChain == NULL)
-	     goto loser;
-    }
-
-    /* load the private key */
-    if (sc->serverKey != NULL) {
-	SECKEY_DestroyPrivateKey(sc->serverKey);
-    	sc->serverKey = NULL;
-    }
-    if (key) {
-	sc->serverKey = SECKEY_CopyPrivateKey(key);
-	if (sc->serverKey == NULL)
-	    goto loser;
-    }
-
-    if (kea == kt_rsa) {
-        rv = ssl3_CreateRSAStepDownKeys(ss);
-	if (rv != SECSuccess) {
-	    return SECFailure;	/* err set by ssl3_CreateRSAStepDownKeys */
-	}
-    }
-
-    /* Only do this once because it's global. */
-    if (ssl3_server_ca_list == NULL)
-	ssl3_server_ca_list = CERT_GetSSLCACerts(ss->dbHandle);
-
-    return SECSuccess;
-
-loser:
-    if (sc->serverCert != NULL) {
-	CERT_DestroyCertificate(sc->serverCert);
-	sc->serverCert = NULL;
-    }
-    if (sc->serverCertChain != NULL) {
-	CERT_DestroyCertificateList(sc->serverCertChain);
-	sc->serverCertChain = NULL;
-    }
-    if (sc->serverKey != NULL) {
-	SECKEY_DestroyPrivateKey(sc->serverKey);
-	sc->serverKey = NULL;
-    }
-    return SECFailure;
-}
-
-/************************************************************************/
-
-SECStatus
-ssl_CreateSecurityInfo(sslSocket *ss)
-{
-    SECStatus status;
-
-    /* initialize sslv2 socket to send data in the clear. */
-    ssl2_UseClearSendFunc(ss);
-
-    ss->sec.blockSize  = 1;
-    ss->sec.blockShift = 0;
-
-    ssl_GetXmitBufLock(ss); 
-    status = sslBuffer_Grow(&ss->sec.writeBuf, 4096);
-    ssl_ReleaseXmitBufLock(ss); 
-
-    return status;
-}
-
-SECStatus
-ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os)
-{
-    int rv;
-
-    ss->sec.send 		= os->sec.send;
-    ss->sec.isServer 		= os->sec.isServer;
-    ss->sec.keyBits    		= os->sec.keyBits;
-    ss->sec.secretKeyBits 	= os->sec.secretKeyBits;
-
-    ss->sec.peerCert   		= CERT_DupCertificate(os->sec.peerCert);
-    if (os->sec.peerCert && !ss->sec.peerCert)
-    	goto loser;
-
-    ss->sec.cache      		= os->sec.cache;
-    ss->sec.uncache    		= os->sec.uncache;
-
-    /* we don't dup the connection info. */
-
-    ss->sec.sendSequence 	= os->sec.sendSequence;
-    ss->sec.rcvSequence 	= os->sec.rcvSequence;
-
-    if (os->sec.hash && os->sec.hashcx) {
-	ss->sec.hash 		= os->sec.hash;
-	ss->sec.hashcx 		= os->sec.hash->clone(os->sec.hashcx);
-	if (os->sec.hashcx && !ss->sec.hashcx)
-	    goto loser;
-    } else {
-	ss->sec.hash 		= NULL;
-	ss->sec.hashcx 		= NULL;
-    }
-
-    SECITEM_CopyItem(0, &ss->sec.sendSecret, &os->sec.sendSecret);
-    if (os->sec.sendSecret.data && !ss->sec.sendSecret.data)
-    	goto loser;
-    SECITEM_CopyItem(0, &ss->sec.rcvSecret,  &os->sec.rcvSecret);
-    if (os->sec.rcvSecret.data && !ss->sec.rcvSecret.data)
-    	goto loser;
-
-    /* XXX following code is wrong if either cx != 0 */
-    PORT_Assert(os->sec.readcx  == 0);
-    PORT_Assert(os->sec.writecx == 0);
-    ss->sec.readcx     		= os->sec.readcx;
-    ss->sec.writecx    		= os->sec.writecx;
-    ss->sec.destroy    		= 0;	
-
-    ss->sec.enc        		= os->sec.enc;
-    ss->sec.dec        		= os->sec.dec;
-
-    ss->sec.blockShift 		= os->sec.blockShift;
-    ss->sec.blockSize  		= os->sec.blockSize;
-
-    return SECSuccess;
-
-loser:
-    return SECFailure;
-}
-
-/* Reset sec back to its initial state.
-** Caller holds any relevant locks.
-*/
-void 
-ssl_ResetSecurityInfo(sslSecurityInfo *sec)
-{
-    /* Destroy MAC */
-    if (sec->hash && sec->hashcx) {
-	(*sec->hash->destroy)(sec->hashcx, PR_TRUE);
-	sec->hashcx = NULL;
-	sec->hash = NULL;
-    }
-    SECITEM_ZfreeItem(&sec->sendSecret, PR_FALSE);
-    SECITEM_ZfreeItem(&sec->rcvSecret, PR_FALSE);
-
-    /* Destroy ciphers */
-    if (sec->destroy) {
-	(*sec->destroy)(sec->readcx, PR_TRUE);
-	(*sec->destroy)(sec->writecx, PR_TRUE);
-	sec->readcx = NULL;
-	sec->writecx = NULL;
-    } else {
-	PORT_Assert(sec->readcx == 0);
-	PORT_Assert(sec->writecx == 0);
-    }
-    sec->readcx = 0;
-    sec->writecx = 0;
-
-    if (sec->localCert) {
-	CERT_DestroyCertificate(sec->localCert);
-	sec->localCert = NULL;
-    }
-    if (sec->peerCert) {
-	CERT_DestroyCertificate(sec->peerCert);
-	sec->peerCert = NULL;
-    }
-    if (sec->peerKey) {
-	SECKEY_DestroyPublicKey(sec->peerKey);
-	sec->peerKey = NULL;
-    }
-
-    /* cleanup the ci */
-    if (sec->ci.sid != NULL) {
-	ssl_FreeSID(sec->ci.sid);
-    }
-    PORT_ZFree(sec->ci.sendBuf.buf, sec->ci.sendBuf.space);
-    memset(&sec->ci, 0, sizeof sec->ci);
-}
-
-/*
-** Called from SSL_ResetHandshake (above), and 
-**        from ssl_FreeSocket     in sslsock.c
-** Caller should hold relevant locks (e.g. XmitBufLock)
-*/
-void 
-ssl_DestroySecurityInfo(sslSecurityInfo *sec)
-{
-    ssl_ResetSecurityInfo(sec);
-
-    PORT_ZFree(sec->writeBuf.buf, sec->writeBuf.space);
-    sec->writeBuf.buf = 0;
-
-    memset(sec, 0, sizeof *sec);
-}
-
-/************************************************************************/
-
-int 
-ssl_SecureConnect(sslSocket *ss, const PRNetAddr *sa)
-{
-    PRFileDesc *osfd = ss->fd->lower;
-    int rv;
-
-    if ( ss->handshakeAsServer ) {
-	ss->securityHandshake = ssl2_BeginServerHandshake;
-	ss->handshaking = sslHandshakingAsServer;
-    } else {
-	ss->securityHandshake = ssl2_BeginClientHandshake;
-	ss->handshaking = sslHandshakingAsClient;
-    }
-
-    /* connect to server */
-    rv = osfd->methods->connect(osfd, sa, ss->cTimeout);
-    if (rv == PR_SUCCESS) {
-	ss->TCPconnected = 1;
-    } else {
-	int err = PR_GetError();
-	SSL_DBG(("%d: SSL[%d]: connect failed, errno=%d",
-		 SSL_GETPID(), ss->fd, err));
-	if (err == PR_IS_CONNECTED_ERROR) {
-	    ss->TCPconnected = 1;
-	} 
-    }
-
-    SSL_TRC(5, ("%d: SSL[%d]: secure connect completed, rv == %d",
-		SSL_GETPID(), ss->fd, rv));
-    return rv;
-}
-
-int
-ssl_SecureClose(sslSocket *ss)
-{
-    int rv;
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0 	&&
-    	ss->firstHsDone 			&& 
-	!(ss->shutdownHow & ssl_SHUTDOWN_SEND)	&&
-	!ss->recvdCloseNotify                   &&
-	(ss->ssl3 != NULL)) {
-
-	/* We don't want the final alert to be Nagle delayed. */
-	if (!ss->delayDisabled) {
-	    ssl_EnableNagleDelay(ss, PR_FALSE);
-	    ss->delayDisabled = 1;
-	}
-
-	(void) SSL3_SendAlert(ss, alert_warning, close_notify);
-    }
-    rv = ssl_DefClose(ss);
-    return rv;
-}
-
-/* Caller handles all locking */
-int
-ssl_SecureShutdown(sslSocket *ss, int nsprHow)
-{
-    PRFileDesc *osfd = ss->fd->lower;
-    int 	rv;
-    PRIntn	sslHow	= nsprHow + 1;
-
-    if ((unsigned)nsprHow > PR_SHUTDOWN_BOTH) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-    	return PR_FAILURE;
-    }
-
-    if ((sslHow & ssl_SHUTDOWN_SEND) != 0 		&&
-	!(ss->shutdownHow & ssl_SHUTDOWN_SEND)		&&
-    	(ss->version >= SSL_LIBRARY_VERSION_3_0)	&&
-	ss->firstHsDone 				&& 
-	!ss->recvdCloseNotify                   	&&
-	(ss->ssl3 != NULL)) {
-
-	(void) SSL3_SendAlert(ss, alert_warning, close_notify);
-    }
-
-    rv = osfd->methods->shutdown(osfd, nsprHow);
-
-    ss->shutdownHow |= sslHow;
-
-    return rv;
-}
-
-/************************************************************************/
-
-
-int
-ssl_SecureRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
-{
-    sslSecurityInfo *sec;
-    int              rv   = 0;
-
-    sec = &ss->sec;
-
-    if (ss->shutdownHow & ssl_SHUTDOWN_RCV) {
-	PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
-    	return PR_FAILURE;
-    }
-    if (flags & ~PR_MSG_PEEK) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-    	return PR_FAILURE;
-    }
-
-    if (!ssl_SocketIsBlocking(ss) && !ss->fdx) {
-	ssl_GetXmitBufLock(ss);
-	if (ss->pendingBuf.len != 0) {
-	    rv = ssl_SendSavedWriteData(ss, &ss->pendingBuf, ssl_DefSend);
-	    if ((rv < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
-		ssl_ReleaseXmitBufLock(ss);
-		return SECFailure;
-	    }
-	    /* XXX short write? */
-	}
-	ssl_ReleaseXmitBufLock(ss);
-    }
-    
-    rv = 0;
-    /* If any of these is non-zero, the initial handshake is not done. */
-    if (!ss->firstHsDone) {
-	ssl_Get1stHandshakeLock(ss);
-	if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
-	    rv = ssl_Do1stHandshake(ss);
-	}
-	ssl_Release1stHandshakeLock(ss);
-    }
-    if (rv < 0) {
-	return rv;
-    }
-
-    if (len == 0) return 0;
-
-    rv = DoRecv(ss, (unsigned char*) buf, len, flags);
-    SSL_TRC(2, ("%d: SSL[%d]: recving %d bytes securely (errno=%d)",
-		SSL_GETPID(), ss->fd, rv, PORT_GetError()));
-    return rv;
-}
-
-int
-ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
-{
-    return ssl_SecureRecv(ss, buf, len, 0);
-}
-
-/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
-int
-ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
-{
-    int              rv		= 0;
-
-    if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
-	PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
-    	return PR_FAILURE;
-    }
-    if (flags) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-    	return PR_FAILURE;
-    }
-
-    ssl_GetXmitBufLock(ss);
-    if (ss->pendingBuf.len != 0) {
-	PORT_Assert(ss->pendingBuf.len > 0);
-	rv = ssl_SendSavedWriteData(ss, &ss->pendingBuf, ssl_DefSend);
-	if (rv >= 0 && ss->pendingBuf.len != 0) {
-	    PORT_Assert(ss->pendingBuf.len > 0);
-	    PORT_SetError(PR_WOULD_BLOCK_ERROR);
-	    rv = SECFailure;
-	}
-    }
-    ssl_ReleaseXmitBufLock(ss);
-    if (rv < 0) {
-	return rv;
-    }
-
-    if (len > 0) 
-    	ss->writerThread = PR_GetCurrentThread();
-    /* If any of these is non-zero, the initial handshake is not done. */
-    if (!ss->firstHsDone) {
-	ssl_Get1stHandshakeLock(ss);
-	if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
-	    rv = ssl_Do1stHandshake(ss);
-	}
-	ssl_Release1stHandshakeLock(ss);
-    }
-    if (rv < 0) {
-    	ss->writerThread = NULL;
-	return rv;
-    }
-
-    /* Check for zero length writes after we do housekeeping so we make forward
-     * progress.
-     */
-    if (len == 0) {
-    	return 0;
-    }
-    PORT_Assert(buf != NULL);
-    
-    SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
-		SSL_GETPID(), ss->fd, len));
-
-    /* Send out the data using one of these functions:
-     *	ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock, 
-     *  ssl3_SendApplicationData
-     */
-    ssl_GetXmitBufLock(ss);
-    rv = (*ss->sec.send)(ss, buf, len, flags);
-    ssl_ReleaseXmitBufLock(ss);
-    ss->writerThread = NULL;
-    return rv;
-}
-
-int
-ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len)
-{
-    return ssl_SecureSend(ss, buf, len, 0);
-}
-
-SECStatus
-SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f, void *arg)
-{
-    sslSocket *ss;
-    SECStatus rv;
-    
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in SSLBadCertHook",
-		 SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    ss->handleBadCert = f;
-    ss->badCertArg = arg;
-
-    return SECSuccess;
-}
-
-/*
- * Allow the application to pass the url or hostname into the SSL library
- * so that we can do some checking on it.
- */
-SECStatus
-SSL_SetURL(PRFileDesc *fd, const char *url)
-{
-    sslSocket *   ss = ssl_FindSocket(fd);
-    SECStatus     rv = SECSuccess;
-
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in SSLSetURL",
-		 SSL_GETPID(), fd));
-	return SECFailure;
-    }
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-
-    if ( ss->url ) {
-	PORT_Free((void *)ss->url);	/* CONST */
-    }
-
-    ss->url = (const char *)PORT_Strdup(url);
-    if ( ss->url == NULL ) {
-	rv = SECFailure;
-    }
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    ssl_Release1stHandshakeLock(ss);
-
-    return rv;
-}
-
-/*
-** Returns Negative number on error, zero or greater on success.
-** Returns the amount of data immediately available to be read.
-*/
-int
-SSL_DataPending(PRFileDesc *fd)
-{
-    sslSocket *ss;
-    int        rv  = 0;
-
-    ss = ssl_FindSocket(fd);
-
-    if (ss && ss->useSecurity) {
-
-	ssl_Get1stHandshakeLock(ss);
-	ssl_GetSSL3HandshakeLock(ss);
-
-	ssl_GetRecvBufLock(ss);
-	rv = ss->gs.writeOffset - ss->gs.readOffset;
-	ssl_ReleaseRecvBufLock(ss);
-
-	ssl_ReleaseSSL3HandshakeLock(ss);
-	ssl_Release1stHandshakeLock(ss);
-    }
-
-    return rv;
-}
-
-SECStatus
-SSL_InvalidateSession(PRFileDesc *fd)
-{
-    sslSocket *   ss = ssl_FindSocket(fd);
-    SECStatus     rv = SECFailure;
-
-    if (ss) {
-	ssl_Get1stHandshakeLock(ss);
-	ssl_GetSSL3HandshakeLock(ss);
-
-	if (ss->sec.ci.sid) {
-	    ss->sec.uncache(ss->sec.ci.sid);
-	    rv = SECSuccess;
-	}
-
-	ssl_ReleaseSSL3HandshakeLock(ss);
-	ssl_Release1stHandshakeLock(ss);
-    }
-    return rv;
-}
-
-SECItem *
-SSL_GetSessionID(PRFileDesc *fd)
-{
-    sslSocket *    ss;
-    SECItem *      item = NULL;
-
-    ss = ssl_FindSocket(fd);
-    if (ss) {
-	ssl_Get1stHandshakeLock(ss);
-	ssl_GetSSL3HandshakeLock(ss);
-
-	if (ss->useSecurity && ss->firstHsDone && ss->sec.ci.sid) {
-	    item = (SECItem *)PORT_Alloc(sizeof(SECItem));
-	    if (item) {
-		sslSessionID * sid = ss->sec.ci.sid;
-		if (sid->version < SSL_LIBRARY_VERSION_3_0) {
-		    item->len = SSL2_SESSIONID_BYTES;
-		    item->data = (unsigned char*)PORT_Alloc(item->len);
-		    PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
-		} else {
-		    item->len = sid->u.ssl3.sessionIDLength;
-		    item->data = (unsigned char*)PORT_Alloc(item->len);
-		    PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
-		}
-	    }
-	}
-
-	ssl_ReleaseSSL3HandshakeLock(ss);
-	ssl_Release1stHandshakeLock(ss);
-    }
-    return item;
-}
-
-SECStatus
-SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle)
-{
-    sslSocket *    ss;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss)
-    	return SECFailure;
-    if (!dbHandle) {
-    	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    ss->dbHandle = dbHandle;
-    return SECSuccess;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:  
- *	cert	Client cert chosen by application.
- *		Note: ssl takes this reference, and does not bump the 
- *		reference count.  The caller should drop its reference
- *		without calling CERT_DestroyCert after calling this function.
- *
- *	key	Private key associated with cert.  This function makes a 
- *		copy of the private key, so the caller remains responsible 
- *		for destroying its copy after this function returns.
- *
- *	certChain  Chain of signers for cert.  
- *		Note: ssl takes this reference, and does not copy the chain.
- *		The caller should drop its reference without destroying the 
- *		chain.  SSL will free the chain when it is done with it.
- *
- * Return value: XXX
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- *     It does not work on a subsequent handshake (redo).
- */
-int
-SSL_RestartHandshakeAfterCertReq(sslSocket *         ss,
-				CERTCertificate *    cert, 
-				SECKEYPrivateKey *   key,
-				CERTCertificateList *certChain)
-{
-    int              ret;
-
-    ssl_Get1stHandshakeLock(ss);   /************************************/
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-	ret = ssl3_RestartHandshakeAfterCertReq(ss, cert, key, certChain);
-    } else {
-    	ret = ssl2_RestartHandshakeAfterCertReq(ss, cert, key);
-    }
-
-    ssl_Release1stHandshakeLock(ss);  /************************************/
-    return ret;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs 
-** XXX	Need to document here how an application marks a cert to show that
-**	the application has accepted it (overridden CERT_VerifyCert).
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- *     It does not work on a subsequent handshake (redo).
- *
- * Return value: XXX
-*/
-int
-SSL_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
-    int rv	= SECSuccess;
-
-    ssl_Get1stHandshakeLock(ss); 
-
-    if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-	rv = ssl3_RestartHandshakeAfterServerCert(ss);
-    } else {
-	rv = ssl2_RestartHandshakeAfterServerCert(ss);
-    }
-
-    ssl_Release1stHandshakeLock(ss);
-    return rv;
-}
diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c
deleted file mode 100644
index f4d4d08d3..000000000
--- a/security/nss/lib/ssl/sslsnce.c
+++ /dev/null
@@ -1,1623 +0,0 @@
-/* This file implements the SERVER Session ID cache. 
- * NOTE:  The contents of this file are NOT used by the client.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server 
- * cache sids!
- *
- * About record locking among different server processes:
- *
- * All processes that are part of the same conceptual server (serving on 
- * the same address and port) MUST share a common SSL session cache. 
- * This code makes the content of the shared cache accessible to all
- * processes on the same "server".  This code works on Unix and Win32 only.
- *
- * We use NSPR anonymous shared memory and move data to & from shared memory.
- * We must do explicit locking of the records for all reads and writes.
- * The set of Cache entries are divided up into "sets" of 128 entries. 
- * Each set is protected by a lock.  There may be one or more sets protected
- * by each lock.  That is, locks to sets are 1:N.
- * There is one lock for the entire cert cache.
- * There is one lock for the set of wrapped sym wrap keys.
- *
- * The anonymous shared memory is laid out as if it were declared like this:
- *
- * struct {
- *     cacheDescriptor          desc;
- *     sidCacheLock             sidCacheLocks[ numSIDCacheLocks];
- *     sidCacheLock             keyCacheLock;
- *     sidCacheLock             certCacheLock;
- *     sidCacheSet              sidCacheSets[ numSIDCacheSets ];
- *     sidCacheEntry            sidCacheData[ numSIDCacheEntries];
- *     certCacheEntry           certCacheData[numCertCacheEntries];
- *     SSLWrappedSymWrappingKey keyCacheData[kt_kea_size][SSL_NUM_WRAP_MECHS];
- * } sharedMemCacheData;
- */
-#include "nssrenam.h"
-#include "seccomon.h"
-
-#if (defined(XP_UNIX) || defined(XP_WIN32) || defined (XP_OS2) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-#include "base64.h"
-
-#include <stdio.h>
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-
-#include <syslog.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <signal.h>
-#include "unix_err.h"
-
-#else
-
-#ifdef XP_WIN32
-#include <wtypes.h>
-#include "win32err.h"
-#endif
-
-#endif 
-#include <sys/types.h>
-
-#define SET_ERROR_CODE /* reminder */
-
-#include "nspr.h"
-#include "nsslocks.h"
-#include "sslmutex.h"
-
-#ifdef XP_OS2_VACPP
-#pragma pack(1)
-#endif
-
-/*
-** Format of a cache entry in the shared memory.
-*/ 
-struct sidCacheEntryStr {
-/* 16 */    PRIPv6Addr  addr;	/* client's IP address */
-/*  4 */    PRUint32    creationTime;
-/*  4 */    PRUint32    lastAccessTime;	
-/*  4 */    PRUint32    expirationTime;
-/*  2 */    PRUint16	version;
-/*  1 */    PRUint8	valid;
-/*  1 */    PRUint8     sessionIDLength;
-/* 32 */    PRUint8     sessionID[SSL3_SESSIONID_BYTES];
-/*  2 */    PRUint16    authAlgorithm;
-/*  2 */    PRUint16    authKeyBits;
-/*  2 */    PRUint16    keaType;
-/*  2 */    PRUint16    keaKeyBits;
-/* 72  - common header total */
-
-    union {
-	struct {
-/* 64 */    PRUint8	masterKey[SSL_MAX_MASTER_KEY_BYTES];
-/* 32 */    PRUint8	cipherArg[SSL_MAX_CYPHER_ARG_BYTES];
-
-/*  1 */    PRUint8	cipherType;
-/*  1 */    PRUint8	masterKeyLen;
-/*  1 */    PRUint8	keyBits;
-/*  1 */    PRUint8	secretKeyBits;
-/*  1 */    PRUint8	cipherArgLen;
-/*101 */} ssl2;
-
-	struct {
-/*  2 */    ssl3CipherSuite  cipherSuite;
-/*  2 */    PRUint16    compression; 	/* SSL3CompressionMethod */
-
-/*122 */    ssl3SidKeys keys;	/* keys and ivs, wrapped as needed. */
-/*  1 */    PRUint8     hasFortezza;
-/*  1 */    PRUint8     resumable;
-
-/*  4 */    PRUint32    masterWrapMech; 
-/*  4 */    SSL3KEAType exchKeyType;
-/*  4 */    PRInt32     certIndex;
-/*140 */} ssl3;
-#if defined(LINUX)
-	struct {
-	    PRUint8     filler[144];	
-	} forceSize;
-#endif
-    } u;
-};
-typedef struct sidCacheEntryStr sidCacheEntry;
-
-/* The length of this struct is supposed to be a power of 2, e.g. 4KB */
-struct certCacheEntryStr {
-    PRUint16    certLength;				/*    2 */
-    PRUint16    sessionIDLength;			/*    2 */
-    PRUint8 	sessionID[SSL3_SESSIONID_BYTES];	/*   32 */
-    PRUint8 	cert[SSL_MAX_CACHED_CERT_LEN];		/* 4060 */
-};						/* total   4096 */
-typedef struct certCacheEntryStr certCacheEntry;
-
-struct sidCacheLockStr {
-    PRUint32	timeStamp;
-    sslMutex	mutex;
-    sslPID	pid;
-};
-typedef struct sidCacheLockStr sidCacheLock;
-
-struct sidCacheSetStr {
-    PRIntn	next;
-};
-typedef struct sidCacheSetStr sidCacheSet;
-
-struct cacheDescStr {
-
-    PRUint32            sharedMemSize;
-
-    PRUint32		numSIDCacheLocks;
-    PRUint32		numSIDCacheSets;
-    PRUint32		numSIDCacheSetsPerLock;
-
-    PRUint32            numSIDCacheEntries; 
-    PRUint32            sidCacheSize;
-
-    PRUint32            numCertCacheEntries;
-    PRUint32            certCacheSize;
-
-    PRUint32            numKeyCacheEntries;
-    PRUint32            keyCacheSize;
-
-    PRUint32		ssl2Timeout;
-    PRUint32		ssl3Timeout;
-
-    /* These values are volatile, and are accessed through sharedCache-> */
-    PRUint32		nextCertCacheEntry;	/* certCacheLock protects */
-    PRBool      	stopPolling;
-
-    /* The private copies of these values are pointers into shared mem */
-    /* The copies of these values in shared memory are merely offsets */
-    sidCacheLock    *          sidCacheLocks;
-    sidCacheLock    *          keyCacheLock;
-    sidCacheLock    *          certCacheLock;
-    sidCacheSet     *          sidCacheSets;
-    sidCacheEntry   *          sidCacheData;
-    certCacheEntry  *          certCacheData;
-    SSLWrappedSymWrappingKey * keyCacheData;
-
-    /* Only the private copies of these pointers are valid */
-    char *                     sharedMem;
-    struct cacheDescStr *      sharedCache;  /* shared copy of this struct */
-    PRFileMap *                cacheMemMap;
-    PRThread  *                poller;
-};
-typedef struct cacheDescStr cacheDesc;
-
-static cacheDesc globalCache;
-
-static const char envVarName[] = { SSL_ENV_VAR_NAME };
-
-static PRBool isMultiProcess  = PR_FALSE;
-
-
-#define DEF_SID_CACHE_ENTRIES  10000
-#define DEF_CERT_CACHE_ENTRIES 250
-#define MIN_CERT_CACHE_ENTRIES 125 /* the effective size in old releases. */
-#define DEF_KEY_CACHE_ENTRIES  250
-
-#define SID_CACHE_ENTRIES_PER_SET  128
-#define SID_ALIGNMENT          16
-
-#define DEF_SSL2_TIMEOUT	100   /* seconds */
-#define MAX_SSL2_TIMEOUT	100   /* seconds */
-#define MIN_SSL2_TIMEOUT	  5   /* seconds */
-
-#define DEF_SSL3_TIMEOUT      86400L  /* 24 hours */
-#define MAX_SSL3_TIMEOUT      86400L  /* 24 hours */
-#define MIN_SSL3_TIMEOUT          5   /* seconds  */
-
-#if defined(AIX) || defined(LINUX) || defined(VMS)
-#define MAX_SID_CACHE_LOCKS 8	/* two FDs per lock */
-#elif defined(OSF1)
-#define MAX_SID_CACHE_LOCKS 16	/* one FD per lock */
-#else
-#define MAX_SID_CACHE_LOCKS 256
-#endif
-
-#define SID_HOWMANY(val, size) (((val) + ((size) - 1)) / (size))
-#define SID_ROUNDUP(val, size) ((size) * SID_HOWMANY((val), (size)))
-
-
-static sslPID myPid;
-static PRUint32  ssl_max_sid_cache_locks = MAX_SID_CACHE_LOCKS;
-
-/* forward static function declarations */
-static void IOError(int rv, char *type);
-static PRUint32 SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl);
-static SECStatus LaunchLockPoller(cacheDesc *cache);
-
-
-
-
-struct inheritanceStr {
-    PRUint32 sharedMemSize;
-    PRUint16 fmStrLen;
-};
-
-typedef struct inheritanceStr inheritance;
-
-#if defined(_WIN32) || defined(XP_OS2)
-
-#define DEFAULT_CACHE_DIRECTORY "\\temp"
-
-#endif /* _win32 */
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-
-#define DEFAULT_CACHE_DIRECTORY "/tmp"
-
-#endif /* XP_UNIX || XP_BEOS */
-
-
-/************************************************************************/
-
-static void 
-IOError(int rv, char *type)
-{
-#if defined(XP_UNIX) || defined(XP_BEOS)
-    syslog(LOG_ALERT,
-	   "SSL: %s error with session-id cache, pid=%d, rv=%d, error='%m'",
-	   type, myPid, rv);
-#else /* XP_WIN32 */
-    /* wish win32 had something like syslog() */
-#endif /* XP_UNIX */
-}
-
-static PRUint32
-LockSidCacheLock(sidCacheLock *lock, PRUint32 now)
-{
-    SECStatus      rv      = sslMutex_Lock(&lock->mutex);
-    if (rv != SECSuccess)
-    	return 0;
-    if (!now)
-	now  = ssl_Time();
-    lock->timeStamp = now;
-    lock->pid       = myPid;
-    return now;
-}
-
-static SECStatus
-UnlockSidCacheLock(sidCacheLock *lock)
-{
-    SECStatus      rv;
-
-    lock->pid = 0;
-    rv        = sslMutex_Unlock(&lock->mutex);
-    return rv;
-}
-
-/* returns the value of ssl_Time on success, zero on failure. */
-static PRUint32
-LockSet(cacheDesc *cache, PRUint32 set, PRUint32 now)
-{
-    PRUint32       lockNum = set % cache->numSIDCacheLocks;
-    sidCacheLock * lock    = cache->sidCacheLocks + lockNum;
-
-    return LockSidCacheLock(lock, now);
-}
-
-static SECStatus
-UnlockSet(cacheDesc *cache, PRUint32 set)
-{
-    PRUint32       lockNum = set % cache->numSIDCacheLocks;
-    sidCacheLock * lock    = cache->sidCacheLocks + lockNum;
-
-    return UnlockSidCacheLock(lock);
-}
-
-/************************************************************************/
-
-
-/* Put a certificate in the cache.  Update the cert index in the sce.
-*/
-static PRUint32
-CacheCert(cacheDesc * cache, CERTCertificate *cert, sidCacheEntry *sce)
-{
-    PRUint32        now;
-    certCacheEntry  cce;
-
-    if ((cert->derCert.len > SSL_MAX_CACHED_CERT_LEN) ||
-        (cert->derCert.len <= 0) ||
-	(cert->derCert.data == NULL)) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return 0;
-    }
-
-    cce.sessionIDLength = sce->sessionIDLength;
-    PORT_Memcpy(cce.sessionID, sce->sessionID, cce.sessionIDLength);
-
-    cce.certLength = cert->derCert.len;
-    PORT_Memcpy(cce.cert, cert->derCert.data, cce.certLength);
-
-    /* get lock on cert cache */
-    now = LockSidCacheLock(cache->certCacheLock, 0);
-    if (now) {
-
-	/* Find where to place the next cert cache entry. */
-	cacheDesc * sharedCache = cache->sharedCache;
-	PRUint32    ndx         = sharedCache->nextCertCacheEntry;
-
-	/* write the entry */
-	cache->certCacheData[ndx] = cce;
-
-	/* remember where we put it. */
-	sce->u.ssl3.certIndex = ndx;
-
-	/* update the "next" cache entry index */
-	sharedCache->nextCertCacheEntry = 
-					(ndx + 1) % cache->numCertCacheEntries;
-
-	UnlockSidCacheLock(cache->certCacheLock);
-    }
-    return now;
-
-}
-
-/*
-** Convert local SID to shared memory one
-*/
-static void 
-ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
-{
-    to->valid   = 1;
-    to->version = from->version;
-    to->addr    = from->addr;
-    to->creationTime    = from->creationTime;
-    to->lastAccessTime  = from->lastAccessTime;
-    to->expirationTime  = from->expirationTime;
-    to->authAlgorithm	= from->authAlgorithm;
-    to->authKeyBits	= from->authKeyBits;
-    to->keaType		= from->keaType;
-    to->keaKeyBits	= from->keaKeyBits;
-
-    if (from->version < SSL_LIBRARY_VERSION_3_0) {
-	if ((from->u.ssl2.masterKey.len > SSL_MAX_MASTER_KEY_BYTES) ||
-	    (from->u.ssl2.cipherArg.len > SSL_MAX_CYPHER_ARG_BYTES)) {
-	    SSL_DBG(("%d: SSL: masterKeyLen=%d cipherArgLen=%d",
-		     myPid, from->u.ssl2.masterKey.len,
-		     from->u.ssl2.cipherArg.len));
-	    to->valid = 0;
-	    return;
-	}
-
-	to->u.ssl2.cipherType    = from->u.ssl2.cipherType;
-	to->u.ssl2.masterKeyLen  = from->u.ssl2.masterKey.len;
-	to->u.ssl2.cipherArgLen  = from->u.ssl2.cipherArg.len;
-	to->u.ssl2.keyBits       = from->u.ssl2.keyBits;
-	to->u.ssl2.secretKeyBits = from->u.ssl2.secretKeyBits;
-	to->sessionIDLength      = SSL2_SESSIONID_BYTES;
-	PORT_Memcpy(to->sessionID, from->u.ssl2.sessionID, SSL2_SESSIONID_BYTES);
-	PORT_Memcpy(to->u.ssl2.masterKey, from->u.ssl2.masterKey.data,
-		  from->u.ssl2.masterKey.len);
-	PORT_Memcpy(to->u.ssl2.cipherArg, from->u.ssl2.cipherArg.data,
-		  from->u.ssl2.cipherArg.len);
-#ifdef DEBUG
-	PORT_Memset(to->u.ssl2.masterKey+from->u.ssl2.masterKey.len, 0,
-		  sizeof(to->u.ssl2.masterKey) - from->u.ssl2.masterKey.len);
-	PORT_Memset(to->u.ssl2.cipherArg+from->u.ssl2.cipherArg.len, 0,
-		  sizeof(to->u.ssl2.cipherArg) - from->u.ssl2.cipherArg.len);
-#endif
-	SSL_TRC(8, ("%d: SSL: ConvertSID: masterKeyLen=%d cipherArgLen=%d "
-		    "time=%d addr=0x%08x%08x%08x%08x cipherType=%d", myPid,
-		    to->u.ssl2.masterKeyLen, to->u.ssl2.cipherArgLen,
-		    to->creationTime, to->addr.pr_s6_addr32[0],
-		    to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
-		    to->addr.pr_s6_addr32[3], to->u.ssl2.cipherType));
-    } else {
-	/* This is an SSL v3 session */
-
-	to->u.ssl3.cipherSuite      = from->u.ssl3.cipherSuite;
-	to->u.ssl3.compression      = (uint16)from->u.ssl3.compression;
-	to->u.ssl3.resumable        = from->u.ssl3.resumable;
-	to->u.ssl3.hasFortezza      = from->u.ssl3.hasFortezza;
-	to->u.ssl3.keys             = from->u.ssl3.keys;
-	to->u.ssl3.masterWrapMech   = from->u.ssl3.masterWrapMech;
-	to->u.ssl3.exchKeyType      = from->u.ssl3.exchKeyType;
-	to->sessionIDLength         = from->u.ssl3.sessionIDLength;
-	to->u.ssl3.certIndex        = -1;
-
-	PORT_Memcpy(to->sessionID, from->u.ssl3.sessionID,
-		    to->sessionIDLength);
-
-	SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x "
-	            "cipherSuite=%d",
-		    myPid, to->creationTime, to->addr.pr_s6_addr32[0],
-		    to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
-		    to->addr.pr_s6_addr32[3], to->u.ssl3.cipherSuite));
-    }
-}
-
-/*
-** Convert shared memory cache-entry to local memory based one
-** This is only called from ServerSessionIDLookup().
-** Caller must hold cache lock when calling this.
-*/
-static sslSessionID *
-ConvertToSID(sidCacheEntry *from, certCacheEntry *pcce, 
-             CERTCertDBHandle * dbHandle)
-{
-    sslSessionID *to;
-    uint16 version = from->version;
-
-    to = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
-    if (!to) {
-	return 0;
-    }
-
-    if (version < SSL_LIBRARY_VERSION_3_0) {
-	/* This is an SSL v2 session */
-	to->u.ssl2.masterKey.data =
-	    (unsigned char*) PORT_Alloc(from->u.ssl2.masterKeyLen);
-	if (!to->u.ssl2.masterKey.data) {
-	    goto loser;
-	}
-	if (from->u.ssl2.cipherArgLen) {
-	    to->u.ssl2.cipherArg.data = 
-	    	(unsigned char*)PORT_Alloc(from->u.ssl2.cipherArgLen);
-	    if (!to->u.ssl2.cipherArg.data) {
-		goto loser;
-	    }
-	    PORT_Memcpy(to->u.ssl2.cipherArg.data, from->u.ssl2.cipherArg,
-		        from->u.ssl2.cipherArgLen);
-	}
-
-	to->u.ssl2.cipherType    = from->u.ssl2.cipherType;
-	to->u.ssl2.masterKey.len = from->u.ssl2.masterKeyLen;
-	to->u.ssl2.cipherArg.len = from->u.ssl2.cipherArgLen;
-	to->u.ssl2.keyBits       = from->u.ssl2.keyBits;
-	to->u.ssl2.secretKeyBits = from->u.ssl2.secretKeyBits;
-/*	to->sessionIDLength      = SSL2_SESSIONID_BYTES; */
-	PORT_Memcpy(to->u.ssl2.sessionID, from->sessionID, SSL2_SESSIONID_BYTES);
-	PORT_Memcpy(to->u.ssl2.masterKey.data, from->u.ssl2.masterKey,
-		    from->u.ssl2.masterKeyLen);
-
-	SSL_TRC(8, ("%d: SSL: ConvertToSID: masterKeyLen=%d cipherArgLen=%d "
-		    "time=%d addr=0x%08x%08x%08x%08x cipherType=%d",
-		    myPid, to->u.ssl2.masterKey.len,
-		    to->u.ssl2.cipherArg.len, to->creationTime,
-		    to->addr.pr_s6_addr32[0], to->addr.pr_s6_addr32[1],
-		    to->addr.pr_s6_addr32[2], to->addr.pr_s6_addr32[3],
-		    to->u.ssl2.cipherType));
-    } else {
-	/* This is an SSL v3 session */
-
-	to->u.ssl3.sessionIDLength  = from->sessionIDLength;
-	to->u.ssl3.cipherSuite      = from->u.ssl3.cipherSuite;
-	to->u.ssl3.compression      = (SSL3CompressionMethod)from->u.ssl3.compression;
-	to->u.ssl3.resumable        = from->u.ssl3.resumable;
-	to->u.ssl3.hasFortezza      = from->u.ssl3.hasFortezza;
-	to->u.ssl3.keys             = from->u.ssl3.keys;
-	to->u.ssl3.masterWrapMech   = from->u.ssl3.masterWrapMech;
-	to->u.ssl3.exchKeyType      = from->u.ssl3.exchKeyType;
-
-	PORT_Memcpy(to->u.ssl3.sessionID, from->sessionID, from->sessionIDLength);
-
-	/* the portions of the SID that are only restored on the client
-	 * are set to invalid values on the server.
-	 */
-	to->u.ssl3.clientWriteKey   = NULL;
-	to->u.ssl3.serverWriteKey   = NULL;
-	to->u.ssl3.tek              = NULL;
-	to->urlSvrName              = NULL;
-
-	to->u.ssl3.masterModuleID   = (SECMODModuleID)-1; /* invalid value */
-	to->u.ssl3.masterSlotID     = (CK_SLOT_ID)-1;     /* invalid value */
-	to->u.ssl3.masterWrapIndex  = 0;
-	to->u.ssl3.masterWrapSeries = 0;
-	to->u.ssl3.masterValid      = PR_FALSE;
-
-	to->u.ssl3.clAuthModuleID   = (SECMODModuleID)-1; /* invalid value */
-	to->u.ssl3.clAuthSlotID     = (CK_SLOT_ID)-1;     /* invalid value */
-	to->u.ssl3.clAuthSeries     = 0;
-	to->u.ssl3.clAuthValid      = PR_FALSE;
-
-	to->u.ssl3.clientWriteSaveLen = 0;
-
-	if (from->u.ssl3.certIndex != -1 && pcce) {
-	    SECItem          derCert;
-
-	    derCert.len  = pcce->certLength;
-	    derCert.data = pcce->cert;
-
-	    to->peerCert = CERT_NewTempCertificate(dbHandle, &derCert, NULL,
-					           PR_FALSE, PR_TRUE);
-	    if (to->peerCert == NULL)
-		goto loser;
-	}
-    }
-
-    to->version         = from->version;
-    to->creationTime    = from->creationTime;
-    to->lastAccessTime  = from->lastAccessTime;
-    to->expirationTime  = from->expirationTime;
-    to->cached          = in_server_cache;
-    to->addr            = from->addr;
-    to->references      = 1;
-    to->authAlgorithm	= from->authAlgorithm;
-    to->authKeyBits	= from->authKeyBits;
-    to->keaType		= from->keaType;
-    to->keaKeyBits	= from->keaKeyBits;
-    
-    return to;
-
-  loser:
-    if (to) {
-	if (version < SSL_LIBRARY_VERSION_3_0) {
-	    if (to->u.ssl2.masterKey.data)
-		PORT_Free(to->u.ssl2.masterKey.data);
-	    if (to->u.ssl2.cipherArg.data)
-		PORT_Free(to->u.ssl2.cipherArg.data);
-	}
-	PORT_Free(to);
-    }
-    return NULL;
-}
-
-
-
-/*
-** Perform some mumbo jumbo on the ip-address and the session-id value to
-** compute a hash value.
-*/
-static PRUint32 
-SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl)
-{
-    PRUint32 rv;
-    PRUint32 x[8];
-
-    memset(x, 0, sizeof x);
-    if (nl > sizeof x)
-    	nl = sizeof x;
-    memcpy(x, s, nl);
-
-    rv = (addr->pr_s6_addr32[0] ^ addr->pr_s6_addr32[1] ^
-	  addr->pr_s6_addr32[2] ^ addr->pr_s6_addr32[3] ^
-          x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4] ^ x[5] ^ x[6] ^ x[7])
-	  % cache->numSIDCacheSets;
-    return rv;
-}
-
-
-
-/*
-** Look something up in the cache. This will invalidate old entries
-** in the process. Caller has locked the cache set!
-** Returns PR_TRUE if found a valid match.  PR_FALSE otherwise.
-*/
-static sidCacheEntry *
-FindSID(cacheDesc *cache, PRUint32 setNum, PRUint32 now,
-        const PRIPv6Addr *addr, unsigned char *sessionID,
-	unsigned sessionIDLength)
-{
-    PRUint32      ndx   = cache->sidCacheSets[setNum].next;
-    int           i;
-
-    sidCacheEntry * set = cache->sidCacheData + 
-    			 (setNum * SID_CACHE_ENTRIES_PER_SET);
-
-    for (i = SID_CACHE_ENTRIES_PER_SET; i > 0; --i) {
-	sidCacheEntry * sce;
-
-	ndx  = (ndx - 1) % SID_CACHE_ENTRIES_PER_SET;
-	sce = set + ndx;
-
-	if (!sce->valid)
-	    continue;
-
-	if (now > sce->expirationTime) {
-	    /* SessionID has timed out. Invalidate the entry. */
-	    SSL_TRC(7, ("%d: timed out sid entry addr=%08x%08x%08x%08x now=%x "
-			"time+=%x",
-			myPid, sce->addr.pr_s6_addr32[0],
-			sce->addr.pr_s6_addr32[1], sce->addr.pr_s6_addr32[2],
-			sce->addr.pr_s6_addr32[3], now,
-			sce->expirationTime ));
-	    sce->valid = 0;
-	    continue;
-	}
-
-	/*
-	** Next, examine specific session-id/addr data to see if the cache
-	** entry matches our addr+session-id value
-	*/
-	if (sessionIDLength == sce->sessionIDLength      &&
-	    !memcmp(&sce->addr, addr, sizeof(PRIPv6Addr)) &&
-	    !memcmp(sce->sessionID, sessionID, sessionIDLength)) {
-	    /* Found it */
-	    return sce;
-	}
-    }
-
-    PORT_SetError(SSL_ERROR_SESSION_NOT_FOUND);
-    return NULL;
-}
-
-/************************************************************************/
-
-/* This is the primary function for finding entries in the server's sid cache.
- * Although it is static, this function is called via the global function 
- * pointer ssl_sid_lookup.
- */
-static sslSessionID *
-ServerSessionIDLookup(const PRIPv6Addr *addr,
-			unsigned char *sessionID,
-			unsigned int   sessionIDLength,
-                        CERTCertDBHandle * dbHandle)
-{
-    sslSessionID *  sid      = 0;
-    sidCacheEntry * psce;
-    certCacheEntry *pcce     = 0;
-    cacheDesc *     cache    = &globalCache;
-    PRUint32        now;
-    PRUint32        set;
-    PRInt32         cndx;
-    sidCacheEntry   sce;
-    certCacheEntry  cce;
-
-    set = SIDindex(cache, addr, sessionID, sessionIDLength);
-    now = LockSet(cache, set, 0);
-    if (!now)
-    	return NULL;
-
-    psce = FindSID(cache, set, now, addr, sessionID, sessionIDLength);
-    if (psce) {
-	if (psce->version >= SSL_LIBRARY_VERSION_3_0 && 
-	    (cndx = psce->u.ssl3.certIndex) != -1) {
-
-	    PRUint32 gotLock = LockSidCacheLock(cache->certCacheLock, now);
-	    if (gotLock) {
-		pcce = &cache->certCacheData[cndx];
-
-		/* See if the cert's session ID matches the sce cache. */
-		if ((pcce->sessionIDLength == psce->sessionIDLength) &&
-		    !PORT_Memcmp(pcce->sessionID, psce->sessionID, 
-		                 pcce->sessionIDLength)) {
-		    cce = *pcce;
-		} else {
-		    /* The cert doesen't match the SID cache entry, 
-		    ** so invalidate the SID cache entry. 
-		    */
-		    psce->valid = 0;
-		    psce = 0;
-		    pcce = 0;
-		}
-		UnlockSidCacheLock(cache->certCacheLock);
-	    } else {
-		/* what the ??.  Didn't get the cert cache lock.
-		** Don't invalidate the SID cache entry, but don't find it.
-		*/
-		PORT_Assert(!("Didn't get cert Cache Lock!"));
-		psce = 0;
-		pcce = 0;
-	    }
-	}
-	if (psce) {
-	    psce->lastAccessTime = now;
-	    sce = *psce;	/* grab a copy while holding the lock */
-    	}
-    }
-    UnlockSet(cache, set);
-    if (psce) {
-	/* sce conains a copy of the cache entry.
-	** Convert shared memory format to local format 
-	*/
-	sid = ConvertToSID(&sce, pcce ? &cce : 0, dbHandle);
-    }
-    return sid;
-}
-
-/*
-** Place a sid into the cache, if it isn't already there. 
-*/
-static void 
-ServerSessionIDCache(sslSessionID *sid)
-{
-    sidCacheEntry sce;
-    PRUint32      now     = 0;
-    uint16        version = sid->version;
-    cacheDesc *   cache   = &globalCache;
-
-    if ((version >= SSL_LIBRARY_VERSION_3_0) &&
-	(sid->u.ssl3.sessionIDLength == 0)) {
-	return;
-    }
-
-    if (sid->cached == never_cached || sid->cached == invalid_cache) {
-	PRUint32 set;
-
-	PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
-	if (!sid->creationTime)
-	    sid->lastAccessTime = sid->creationTime = ssl_Time();
-	if (version < SSL_LIBRARY_VERSION_3_0) {
-	    if (!sid->expirationTime)
-		sid->expirationTime = sid->creationTime + ssl_sid_timeout;
-	    SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
-			"cipher=%d", myPid, sid->cached,
-			sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
-			sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
-			sid->creationTime, sid->u.ssl2.cipherType));
-	    PRINT_BUF(8, (0, "sessionID:", sid->u.ssl2.sessionID,
-			  SSL2_SESSIONID_BYTES));
-	    PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data,
-			  sid->u.ssl2.masterKey.len));
-	    PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data,
-			  sid->u.ssl2.cipherArg.len));
-
-	} else {
-	    if (!sid->expirationTime)
-		sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
-	    SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
-			"cipherSuite=%d", myPid, sid->cached,
-			sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
-			sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
-			sid->creationTime, sid->u.ssl3.cipherSuite));
-	    PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID,
-			  sid->u.ssl3.sessionIDLength));
-	}
-
-	ConvertFromSID(&sce, sid);
-
-	if ((version >= SSL_LIBRARY_VERSION_3_0) && 
-	    (sid->peerCert != NULL)) {
-	    now = CacheCert(cache, sid->peerCert, &sce);
-	}
-
-	set = SIDindex(cache, &sce.addr, sce.sessionID, sce.sessionIDLength);
-	now = LockSet(cache, set, now);
-	if (now) {
-	    PRUint32  next = cache->sidCacheSets[set].next;
-	    PRUint32  ndx  = set * SID_CACHE_ENTRIES_PER_SET + next;
-
-	    /* Write out new cache entry */
-	    cache->sidCacheData[ndx] = sce;
-
-	    cache->sidCacheSets[set].next = 
-	    				(next + 1) % SID_CACHE_ENTRIES_PER_SET;
-
-	    UnlockSet(cache, set);
-	    sid->cached = in_server_cache;
-	}
-    }
-}
-
-/*
-** Although this is static, it is called from ssl via global function pointer
-**	ssl_sid_uncache.  This invalidates the referenced cache entry.
-*/
-static void 
-ServerSessionIDUncache(sslSessionID *sid)
-{
-    cacheDesc *    cache   = &globalCache;
-    PRUint8 *      sessionID;
-    unsigned int   sessionIDLength;
-    PRErrorCode    err;
-    PRUint32       set;
-    PRUint32       now;
-    sidCacheEntry *psce;
-
-    if (sid == NULL) 
-    	return;
-    
-    /* Uncaching a SID should never change the error code. 
-    ** So save it here and restore it before exiting.
-    */
-    err = PR_GetError();
-
-    if (sid->version < SSL_LIBRARY_VERSION_3_0) {
-	sessionID       = sid->u.ssl2.sessionID;
-	sessionIDLength = SSL2_SESSIONID_BYTES;
-	SSL_TRC(8, ("%d: SSL: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
-		    "cipher=%d", myPid, sid->cached,
-		    sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
-		    sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
-		    sid->creationTime, sid->u.ssl2.cipherType));
-	PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
-	PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data,
-		      sid->u.ssl2.masterKey.len));
-	PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data,
-		      sid->u.ssl2.cipherArg.len));
-    } else {
-	sessionID       = sid->u.ssl3.sessionID;
-	sessionIDLength = sid->u.ssl3.sessionIDLength;
-	SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
-		    "cipherSuite=%d", myPid, sid->cached,
-		    sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
-		    sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
-		    sid->creationTime, sid->u.ssl3.cipherSuite));
-	PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
-    }
-    set = SIDindex(cache, &sid->addr, sessionID, sessionIDLength);
-    now = LockSet(cache, set, 0);
-    if (now) {
-	psce = FindSID(cache, set, now, &sid->addr, sessionID, sessionIDLength);
-	if (psce) {
-	    psce->valid = 0;
-	}
-	UnlockSet(cache, set);
-    }
-    sid->cached = invalid_cache;
-    PORT_SetError(err);
-}
-
-#ifdef XP_OS2
-
-#define INCL_DOSPROCESS
-#include <os2.h>
-
-long gettid(void)
-{
-    PTIB ptib;
-    PPIB ppib;
-    DosGetInfoBlocks(&ptib, &ppib);
-    return ((long)ptib->tib_ordinal); /* thread id */
-}
-#endif
-
-static SECStatus
-InitCache(cacheDesc *cache, int maxCacheEntries, PRUint32 ssl2_timeout, 
-          PRUint32 ssl3_timeout, const char *directory)
-{
-    ptrdiff_t     ptr;
-    sidCacheLock *pLock;
-    char *        sharedMem;
-    PRFileMap *   cacheMemMap;
-    char *        cfn = NULL;	/* cache file name */
-    int           locks_initialized = 0;
-    int           locks_to_initialize = 0;
-    PRUint32      init_time;
-
-    if (cache->sharedMem) {
-	/* Already done */
-	return SECSuccess;
-    }
-
-    cache->numSIDCacheEntries = maxCacheEntries ? maxCacheEntries 
-                                                : DEF_SID_CACHE_ENTRIES;
-    cache->numSIDCacheSets    = 
-    	SID_HOWMANY(cache->numSIDCacheEntries, SID_CACHE_ENTRIES_PER_SET);
-
-    cache->numSIDCacheEntries = 
-    	cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET;
-
-    cache->numSIDCacheLocks   = 
-    	PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks);
-
-    cache->numSIDCacheSetsPerLock = 
-    	SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks);
-
-    /* compute size of shared memory, and offsets of all pointers */
-    ptr = 0;
-    cache->sharedMem     = (char *)ptr;
-    ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT);
-
-    cache->sidCacheLocks = (sidCacheLock *)ptr;
-    cache->keyCacheLock  = cache->sidCacheLocks + cache->numSIDCacheLocks;
-    cache->certCacheLock = cache->keyCacheLock  + 1;
-    ptr = (ptrdiff_t)(cache->certCacheLock + 1);
-    ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
-    cache->sidCacheSets  = (sidCacheSet *)ptr;
-    ptr = (ptrdiff_t)(cache->sidCacheSets + cache->numSIDCacheSets);
-    ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
-    cache->sidCacheData  = (sidCacheEntry *)ptr;
-    ptr = (ptrdiff_t)(cache->sidCacheData + cache->numSIDCacheEntries);
-    ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
-    cache->certCacheData = (certCacheEntry *)ptr;
-    cache->sidCacheSize  = 
-    	(char *)cache->certCacheData - (char *)cache->sidCacheData;
-
-    /* This is really a poor way to computer this! */
-    cache->numCertCacheEntries = cache->sidCacheSize / sizeof(certCacheEntry);
-    if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES)
-    	cache->numCertCacheEntries = MIN_CERT_CACHE_ENTRIES;
-    ptr = (ptrdiff_t)(cache->certCacheData + cache->numCertCacheEntries);
-    ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
-    cache->keyCacheData  = (SSLWrappedSymWrappingKey *)ptr;
-    cache->certCacheSize = 
-    	(char *)cache->keyCacheData - (char *)cache->certCacheData;
-
-    cache->numKeyCacheEntries = kt_kea_size * SSL_NUM_WRAP_MECHS;
-    ptr = (ptrdiff_t)(cache->keyCacheData + cache->numKeyCacheEntries);
-    ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
-    cache->sharedMemSize = ptr;
-
-    cache->keyCacheSize  = (char *)ptr - (char *)cache->keyCacheData;
-
-    if (ssl2_timeout) {   
-	if (ssl2_timeout > MAX_SSL2_TIMEOUT) {
-	    ssl2_timeout = MAX_SSL2_TIMEOUT;
-	}
-	if (ssl2_timeout < MIN_SSL2_TIMEOUT) {
-	    ssl2_timeout = MIN_SSL2_TIMEOUT;
-	}
-	cache->ssl2Timeout = ssl2_timeout;
-    } else {
-	cache->ssl2Timeout = DEF_SSL2_TIMEOUT;
-    }
-
-    if (ssl3_timeout) {   
-	if (ssl3_timeout > MAX_SSL3_TIMEOUT) {
-	    ssl3_timeout = MAX_SSL3_TIMEOUT;
-	}
-	if (ssl3_timeout < MIN_SSL3_TIMEOUT) {
-	    ssl3_timeout = MIN_SSL3_TIMEOUT;
-	}
-	cache->ssl3Timeout = ssl3_timeout;
-    } else {
-	cache->ssl3Timeout = DEF_SSL3_TIMEOUT;
-    }
-
-    /* Create file names */
-#if defined(XP_UNIX) || defined(XP_BEOS)
-    /* there's some confusion here about whether PR_OpenAnonFileMap wants
-    ** a directory name or a file name for its first argument.
-    cfn = PR_smprintf("%s/.sslsvrcache.%d", directory, myPid);
-    */
-    cfn = PR_smprintf("%s", directory);
-#endif
- 
-#ifdef XP_WIN32
-    cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid, 
-    			GetCurrentThreadId());
-#endif
-
-#ifdef XP_OS2
-    cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid, 
-    			gettid());
-#endif
-    if (!cfn) {
-	goto loser;
-    }
-
-    /* Create cache */
-    cacheMemMap = PR_OpenAnonFileMap(cfn, cache->sharedMemSize, 
-                                            PR_PROT_READWRITE);
-    PR_smprintf_free(cfn);
-    if(! cacheMemMap) {
-	goto loser;
-    }
-    sharedMem = PR_MemMap(cacheMemMap, 0, cache->sharedMemSize);
-    if (! sharedMem) {
-	goto loser;
-    }
-
-    /* Initialize shared memory. This may not be necessary on all platforms */
-    memset(sharedMem, 0, cache->sharedMemSize);
-
-    /* Copy cache descriptor header into shared memory */
-    memcpy(sharedMem, cache, sizeof *cache);
-
-    /* save private copies of these values */
-    cache->cacheMemMap = cacheMemMap;
-    cache->sharedMem   = sharedMem;
-    cache->sharedCache = (cacheDesc *)sharedMem;
-
-    /* Fix pointers in our private copy of cache descriptor to point to 
-    ** spaces in shared memory 
-    */
-    ptr = (ptrdiff_t)cache->sharedMem;
-    *(ptrdiff_t *)(&cache->sidCacheLocks) += ptr;
-    *(ptrdiff_t *)(&cache->keyCacheLock ) += ptr;
-    *(ptrdiff_t *)(&cache->certCacheLock) += ptr;
-    *(ptrdiff_t *)(&cache->sidCacheSets ) += ptr;
-    *(ptrdiff_t *)(&cache->sidCacheData ) += ptr;
-    *(ptrdiff_t *)(&cache->certCacheData) += ptr;
-    *(ptrdiff_t *)(&cache->keyCacheData ) += ptr;
-
-    /* initialize the locks */
-    init_time = ssl_Time();
-    pLock = cache->sidCacheLocks;
-    for (locks_to_initialize = cache->numSIDCacheLocks + 2;
-         locks_initialized < locks_to_initialize; 
-	 ++locks_initialized, ++pLock ) {
-
-	SECStatus err = sslMutex_Init(&pLock->mutex, isMultiProcess);
-	if (err)
-	    goto loser;
-        pLock->timeStamp = init_time;
-	pLock->pid       = 0;
-    }
-
-    return SECSuccess;
-
-loser:
-    if (cache->cacheMemMap) {
-	if (cache->sharedMem) {
-	    if (locks_initialized > 0) {
-		pLock = cache->sidCacheLocks;
-		for (; locks_initialized > 0; --locks_initialized, ++pLock ) {
-		    sslMutex_Destroy(&pLock->mutex);
-		}
-	    }
-	    PR_MemUnmap(cache->sharedMem, cache->sharedMemSize);
-	    cache->sharedMem = NULL;
-	}
-    	PR_CloseFileMap(cache->cacheMemMap);
-	cache->cacheMemMap = NULL;
-    }
-    return SECFailure;
-}
-
-PRUint32
-SSL_GetMaxServerCacheLocks(void)
-{
-    return ssl_max_sid_cache_locks + 2;
-    /* The extra two are the cert cache lock and the key cache lock. */
-}
-
-SECStatus
-SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
-{
-    /* Minimum is 1 sid cache lock, 1 cert cache lock and 1 key cache lock.
-    ** We'd like to test for a maximum value, but not all platforms' header
-    ** files provide a symbol or function or other means of determining
-    ** the maximum, other than trial and error.
-    */
-    if (maxLocks < 3) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    ssl_max_sid_cache_locks = maxLocks - 2;
-    /* The extra two are the cert cache lock and the key cache lock. */
-    return SECSuccess;
-}
-
-SECStatus
-SSL_ConfigServerSessionIDCacheInstance(	cacheDesc *cache,
-                                int      maxCacheEntries, 
-				PRUint32 ssl2_timeout,
-			       	PRUint32 ssl3_timeout, 
-			  const char *   directory)
-{
-    SECStatus rv;
-
-#if defined(DEBUG_nelsonb)
-    printf("sizeof(sidCacheEntry) == %u\n", sizeof(sidCacheEntry));
-#endif
-#if !(defined(SOLARIS) && defined(i386))
-#ifndef XP_OS2
-    PORT_Assert(sizeof(sidCacheEntry) % 8 == 0);
-#endif
-#endif
-    PORT_Assert(sizeof(certCacheEntry) == 4096);
-
-    myPid = SSL_GETPID();
-    if (!directory) {
-	directory = DEFAULT_CACHE_DIRECTORY;
-    }
-    rv = InitCache(cache, maxCacheEntries, ssl2_timeout, ssl3_timeout, 
-                   directory);
-    if (rv) {
-	SET_ERROR_CODE
-    	return SECFailure;
-    }
-
-    ssl_sid_lookup  = ServerSessionIDLookup;
-    ssl_sid_cache   = ServerSessionIDCache;
-    ssl_sid_uncache = ServerSessionIDUncache;
-    return SECSuccess;
-}
-
-SECStatus
-SSL_ConfigServerSessionIDCache(	int      maxCacheEntries, 
-				PRUint32 ssl2_timeout,
-			       	PRUint32 ssl3_timeout, 
-			  const char *   directory)
-{
-    return SSL_ConfigServerSessionIDCacheInstance(&globalCache, 
-    		maxCacheEntries, ssl2_timeout, ssl3_timeout, directory);
-}
-
-/* Use this function, instead of SSL_ConfigServerSessionIDCache,
- * if the cache will be shared by multiple processes.
- */
-SECStatus
-SSL_ConfigMPServerSIDCache(	int      maxCacheEntries, 
-				PRUint32 ssl2_timeout,
-			       	PRUint32 ssl3_timeout, 
-		          const char *   directory)
-{
-    char *	envValue;
-    char *	inhValue;
-    cacheDesc * cache         = &globalCache;
-    PRUint32    fmStrLen;
-    SECStatus 	result;
-    PRStatus 	prStatus;
-    SECStatus	putEnvFailed;
-    inheritance inherit;
-    char        fmString[PR_FILEMAP_STRING_BUFSIZE];
-
-    isMultiProcess = PR_TRUE;
-    result = SSL_ConfigServerSessionIDCacheInstance(cache, maxCacheEntries, 
-					ssl2_timeout, ssl3_timeout, directory);
-    if (result != SECSuccess) 
-        return result;
-
-    prStatus = PR_ExportFileMapAsString(cache->cacheMemMap, 
-                                        sizeof fmString, fmString);
-    if ((prStatus != PR_SUCCESS) || !(fmStrLen = strlen(fmString))) {
-	SET_ERROR_CODE
-	return SECFailure;
-    }
-
-    inherit.sharedMemSize	= cache->sharedMemSize;
-    inherit.fmStrLen            = fmStrLen;
-
-    inhValue = BTOA_DataToAscii((unsigned char *)&inherit, sizeof inherit);
-    if (!inhValue || !strlen(inhValue)) {
-	SET_ERROR_CODE
-	return SECFailure;
-    }
-    envValue = PR_smprintf("%s,%s", inhValue, fmString);
-    if (!envValue || !strlen(envValue)) {
-	SET_ERROR_CODE
-	return SECFailure;
-    }
-    PORT_Free(inhValue);
-
-    putEnvFailed = (SECStatus)NSS_PutEnv(envVarName, envValue);
-    PR_smprintf_free(envValue);
-    if (putEnvFailed) {
-        SET_ERROR_CODE
-        result = SECFailure;
-    }
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-    /* Launch thread to poll cache for expired locks on Unix */
-    LaunchLockPoller(cache);
-#endif
-    return result;
-}
-
-SECStatus
-SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char * envString)
-{
-    unsigned char * decoString = NULL;
-    char *          fmString   = NULL;
-    unsigned int    decoLen;
-    ptrdiff_t       ptr;
-    inheritance     inherit;
-    cacheDesc       my;
-#ifdef WINNT
-    sidCacheLock* newLocks;
-    int           locks_initialized = 0;
-    int           locks_to_initialize = 0;
-#endif
-
-    myPid = SSL_GETPID();
-
-    /* If this child was created by fork(), and not by exec() on unix,
-    ** then isMultiProcess will already be set.
-    ** If not, we'll set it below.
-    */
-    if (isMultiProcess)
-    	return SECSuccess;	/* already done. */
-
-    ssl_sid_lookup  = ServerSessionIDLookup;
-    ssl_sid_cache   = ServerSessionIDCache;
-    ssl_sid_uncache = ServerSessionIDUncache;
-
-    if (!envString) {
-    	envString  = getenv(envVarName);
-	if (!envString) {
-	    SET_ERROR_CODE
-	    return SECFailure;
-	}
-    }
-    envString = PORT_Strdup(envString);
-    if (!envString) 
-	return SECFailure;
-    fmString = strchr(envString, ',');
-    if (!fmString) 
-    	goto loser;
-    *fmString++ = 0;
-
-    decoString = ATOB_AsciiToData(envString, &decoLen);
-    if (!decoString) {
-    	SET_ERROR_CODE
-	goto loser;
-    }
-    if (decoLen != sizeof inherit) {
-    	SET_ERROR_CODE
-    	goto loser;
-    }
-
-    PORT_Memcpy(&inherit, decoString, sizeof inherit);
-
-    if (strlen(fmString)  != inherit.fmStrLen ) {
-    	goto loser;
-    }
-
-    memset(&my, 0, sizeof my);
-    my.sharedMemSize	= inherit.sharedMemSize;
-
-    /* Create cache */
-    my.cacheMemMap = PR_ImportFileMapFromString(fmString);
-    if(! my.cacheMemMap) {
-	goto loser;
-    }
-    my.sharedMem = PR_MemMap(my.cacheMemMap, 0, my.sharedMemSize);
-    if (! my.sharedMem) {
-	goto loser;
-    }
-    my.sharedCache   = (cacheDesc *)my.sharedMem;
-
-    if (my.sharedCache->sharedMemSize != my.sharedMemSize) {
-	SET_ERROR_CODE
-    	goto loser;
-    }
-
-    memcpy(cache, my.sharedCache, sizeof *cache);
-    cache->cacheMemMap = my.cacheMemMap;
-    cache->sharedMem   = my.sharedMem;
-    cache->sharedCache = my.sharedCache;
-
-    /* Fix pointers in our private copy of cache descriptor to point to 
-    ** spaces in shared memory 
-    */
-    ptr = (ptrdiff_t)cache->sharedMem;
-    *(ptrdiff_t *)(&cache->sidCacheLocks) += ptr;
-    *(ptrdiff_t *)(&cache->keyCacheLock ) += ptr;
-    *(ptrdiff_t *)(&cache->certCacheLock) += ptr;
-    *(ptrdiff_t *)(&cache->sidCacheSets ) += ptr;
-    *(ptrdiff_t *)(&cache->sidCacheData ) += ptr;
-    *(ptrdiff_t *)(&cache->certCacheData) += ptr;
-    *(ptrdiff_t *)(&cache->keyCacheData ) += ptr;
-
-#ifdef WINNT
-    /*  On Windows NT we need to "fix" the sidCacheLocks here to support fibers
-        When NT fibers are used in a multi-process server, a second level of
-        locking is needed to prevent a deadlock, in case a fiber acquires the
-        cross-process mutex, yields, and another fiber is later scheduled on
-        the same native thread and tries to acquire the cross-process mutex.
-        We do this by using a PRLock in the sslMutex. However, it is stored in
-        shared memory as part of sidCacheLocks, and we don't want to overwrite
-        the PRLock of the parent process. So we need to make new, private
-        copies of sidCacheLocks before modifying the sslMutex with our own
-        PRLock
-    */
-    
-    newLocks = (sidCacheLock*)PORT_Alloc(sizeof(sidCacheLock)*(cache->numSIDCacheLocks + 2));
-    /* note from jpierre : this should be free'd in child processes when
-       a function is added to delete the SSL session cache in the future */
-    /* fix the locks */		
-    for (locks_to_initialize = cache->numSIDCacheLocks + 2;
-         locks_initialized < locks_to_initialize; 
-         ++locks_initialized) {
-        /* copy the old lock */
-        memcpy(&newLocks[locks_initialized], &cache->sidCacheLocks[locks_initialized], sizeof(sidCacheLock));
-        /* now, make a local PRLock in this sslMutex for this child process */
-        sslMutex_2LevelInit(&newLocks[locks_initialized].mutex);
-    }
-    
-    /* then, make our cache object point to our new private sidCacheLocks */
-    /* first the session cache */
-    cache->sidCacheLocks = newLocks;
-    /* also fix the key and cert cache which use the last 2 lock entries */
-    cache->keyCacheLock  = cache->sidCacheLocks + cache->numSIDCacheLocks;
-    cache->certCacheLock = cache->keyCacheLock  + 1;
-#endif
-
-    PORT_Free(decoString);
-    isMultiProcess = PR_TRUE;
-    return SECSuccess;
-
-loser:
-    if (decoString) 
-	PORT_Free(decoString);
-    return SECFailure;
-
-}
-
-SECStatus
-SSL_InheritMPServerSIDCache(const char * envString)
-{
-    return SSL_InheritMPServerSIDCacheInstance(&globalCache, envString);
-}
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-
-#define SID_LOCK_EXPIRATION_TIMEOUT  30 /* seconds */
-
-static void
-LockPoller(void * arg)
-{
-    cacheDesc *    cache         = (cacheDesc *)arg;
-    cacheDesc *    sharedCache   = cache->sharedCache;
-    sidCacheLock * pLock;
-    const char *   timeoutString;
-    PRIntervalTime timeout;
-    PRUint32       now;
-    PRUint32       then;
-    int            locks_polled  = 0;
-    int            locks_to_poll = cache->numSIDCacheLocks + 2;
-    PRUint32       expiration    = SID_LOCK_EXPIRATION_TIMEOUT;
-
-    timeoutString = getenv("NSS_SSL_SERVER_CACHE_MUTEX_TIMEOUT");
-    if (timeoutString) {
-	long newTime = strtol(timeoutString, 0, 0);
-	if (newTime == 0) 
-	    return;  /* application doesn't want this function */
-	if (newTime > 0)
-	    expiration = (PRUint32)newTime;
-	/* if error (newTime < 0) ignore it and use default */
-    }
-
-    timeout = PR_SecondsToInterval(expiration);
-    while(!sharedCache->stopPolling) {
-    	PR_Sleep(timeout);
-	if (sharedCache->stopPolling)
-	    break;
-
-	now   = ssl_Time();
-	then  = now - expiration;
-	for (pLock = cache->sidCacheLocks, locks_polled = 0;
-	     locks_to_poll > locks_polled && !sharedCache->stopPolling; 
-	     ++locks_polled, ++pLock ) {
-	    pid_t pid;
-
-	    if (pLock->timeStamp   < then && 
-	        pLock->timeStamp   != 0 && 
-		(pid = pLock->pid) != 0) {
-
-	    	/* maybe we should try the lock? */
-		int result = kill(pid, 0);
-		if (result < 0 && errno == ESRCH) {
-		    SECStatus rv;
-		    /* No process exists by that pid any more.
-		    ** Treat this mutex as abandoned.
-		    */
-		    pLock->timeStamp = now;
-		    pLock->pid       = 0;
-		    rv = sslMutex_Unlock(&pLock->mutex);
-		    if (rv != SECSuccess) {
-		    	/* Now what? */
-		    }
-		}
-	    }
-	} /* end of loop over locks */
-    } /* end of entire polling loop */
-}
-
-/* Launch thread to poll cache for expired locks */
-static SECStatus 
-LaunchLockPoller(cacheDesc *cache)
-{
-    PRThread * pollerThread;
-
-    pollerThread = 
-	PR_CreateThread(PR_USER_THREAD, LockPoller, cache, PR_PRIORITY_NORMAL, 
-	                PR_GLOBAL_THREAD, PR_UNJOINABLE_THREAD, 0);
-    if (!pollerThread) {
-    	return SECFailure;
-    }
-    cache->poller = pollerThread;
-    return SECSuccess;
-}
-#endif
-
-/************************************************************************
- *  Code dealing with shared wrapped symmetric wrapping keys below      *
- ************************************************************************/
-
-/* If now is zero, it implies that the lock is not held, and must be 
-** aquired here.  
-*/
-static PRBool
-getSvrWrappingKey(PRInt32                symWrapMechIndex,
-               SSL3KEAType               exchKeyType, 
-               SSLWrappedSymWrappingKey *wswk, 
-	       cacheDesc *               cache,
-	       PRUint32                  lockTime)
-{
-    PRUint32  ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
-    SSLWrappedSymWrappingKey * pwswk = cache->keyCacheData + ndx;
-    PRUint32  now = 0;
-    PRBool    rv  = PR_FALSE;
-
-    if (!lockTime) {
-	lockTime = now = LockSidCacheLock(cache->keyCacheLock, now);
-	if (!lockTime) {
-	    return rv;
-	}
-    }
-    if (pwswk->exchKeyType      == exchKeyType && 
-	pwswk->symWrapMechIndex == symWrapMechIndex &&
-	pwswk->wrappedSymKeyLen != 0) {
-	*wswk = *pwswk;
-	rv = PR_TRUE;
-    }
-    if (now) {
-	UnlockSidCacheLock(cache->keyCacheLock);
-    }
-    return rv;
-}
-
-PRBool
-ssl_GetWrappingKey( PRInt32                   symWrapMechIndex,
-                    SSL3KEAType               exchKeyType, 
-		    SSLWrappedSymWrappingKey *wswk)
-{
-    PRBool rv;
-
-    PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
-    PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
-    if ((unsigned)exchKeyType < kt_kea_size &&
-        (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS) {
-	rv = getSvrWrappingKey(symWrapMechIndex, exchKeyType, wswk, 
-	                       &globalCache, 0);
-    } else {
-    	rv = PR_FALSE;
-    }
-
-    return rv;
-}
-
-/* The caller passes in the new value it wants
- * to set.  This code tests the wrapped sym key entry in the shared memory.
- * If it is uninitialized, this function writes the caller's value into 
- * the disk entry, and returns false.  
- * Otherwise, it overwrites the caller's wswk with the value obtained from 
- * the disk, and returns PR_TRUE.  
- * This is all done while holding the locks/mutexes necessary to make 
- * the operation atomic.
- */
-PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
-{
-    cacheDesc *   cache            = &globalCache;
-    PRBool        rv               = PR_FALSE;
-    SSL3KEAType   exchKeyType      = wswk->exchKeyType;   
-                                /* type of keys used to wrap SymWrapKey*/
-    PRInt32       symWrapMechIndex = wswk->symWrapMechIndex;
-    PRUint32      ndx;
-    PRUint32      now = 0;
-    SSLWrappedSymWrappingKey myWswk;
-
-    PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
-    if ((unsigned)exchKeyType >= kt_kea_size)
-    	return 0;
-
-    PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
-    if ((unsigned)symWrapMechIndex >=  SSL_NUM_WRAP_MECHS)
-    	return 0;
-
-    ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
-    PORT_Memset(&myWswk, 0, sizeof myWswk);	/* eliminate UMRs. */
-
-    now = LockSidCacheLock(cache->keyCacheLock, now);
-    if (now) {
-	rv = getSvrWrappingKey(wswk->symWrapMechIndex, wswk->exchKeyType, 
-	                       &myWswk, cache, now);
-	if (rv) {
-	    /* we found it on disk, copy it out to the caller. */
-	    PORT_Memcpy(wswk, &myWswk, sizeof *wswk);
-	} else {
-	    /* Wasn't on disk, and we're still holding the lock, so write it. */
-	    cache->keyCacheData[ndx] = *wswk;
-	}
-	UnlockSidCacheLock(cache->keyCacheLock);
-    }
-    return rv;
-}
-
-#else  /* MAC version or other platform */
-
-#include "seccomon.h"
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-
-SECStatus
-SSL_ConfigServerSessionIDCache(	int      maxCacheEntries, 
-				PRUint32 ssl2_timeout,
-			       	PRUint32 ssl3_timeout, 
-			  const char *   directory)
-{
-    PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigServerSessionIDCache)");    
-    return SECFailure;
-}
-
-SECStatus
-SSL_ConfigMPServerSIDCache(	int      maxCacheEntries, 
-				PRUint32 ssl2_timeout,
-			       	PRUint32 ssl3_timeout, 
-		          const char *   directory)
-{
-    PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigMPServerSIDCache)");    
-    return SECFailure;
-}
-
-SECStatus
-SSL_InheritMPServerSIDCache(const char * envString)
-{
-    PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_InheritMPServerSIDCache)");    
-    return SECFailure;
-}
-
-PRBool
-ssl_GetWrappingKey( PRInt32                   symWrapMechIndex,
-                    SSL3KEAType               exchKeyType, 
-		    SSLWrappedSymWrappingKey *wswk)
-{
-    PRBool rv = PR_FALSE;
-    PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_GetWrappingKey)");    
-    return rv;
-}
-
-/* This is a kind of test-and-set.  The caller passes in the new value it wants
- * to set.  This code tests the wrapped sym key entry in the shared memory.
- * If it is uninitialized, this function writes the caller's value into 
- * the disk entry, and returns false.  
- * Otherwise, it overwrites the caller's wswk with the value obtained from 
- * the disk, and returns PR_TRUE.  
- * This is all done while holding the locks/mutexes necessary to make 
- * the operation atomic.
- */
-PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
-{
-    PRBool        rv = PR_FALSE;
-    PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_SetWrappingKey)");
-    return rv;
-}
-
-PRUint32  
-SSL_GetMaxServerCacheLocks(void)
-{
-    PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_GetMaxServerCacheLocks)");
-    return -1;
-}
-
-SECStatus 
-SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
-{
-    PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_SetMaxServerCacheLocks)");
-    return SECFailure;
-}
-
-#endif /* XP_UNIX || XP_WIN32 */
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
deleted file mode 100644
index 1025cc609..000000000
--- a/security/nss/lib/ssl/sslsock.c
+++ /dev/null
@@ -1,1912 +0,0 @@
-/*
- * vtables (and methods that call through them) for the 4 types of 
- * SSLSockets supported.  Only one type is still supported.
- * Various other functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s): 
- *	Dr Stephen Henson <stephen.henson@gemplus.com>
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "seccomon.h"
-#include "cert.h"
-#include "keyhi.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "nspr.h"
-
-#define SET_ERROR_CODE   /* reminder */
-
-struct cipherPolicyStr {
-	int		cipher;
-	unsigned char 	export;	/* policy value for export policy */
-	unsigned char 	france;	/* policy value for france policy */
-};
-
-typedef struct cipherPolicyStr cipherPolicy;
-
-/* This table contains two preconfigured policies: Export and France.
-** It is used only by the functions SSL_SetDomesticPolicy, 
-** SSL_SetExportPolicy, and SSL_SetFrancyPolicy.
-** Order of entries is not important.
-*/
-static cipherPolicy ssl_ciphers[] = {	   /*   Export           France   */
- {  SSL_EN_RC4_128_WITH_MD5,		    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_EN_RC4_128_EXPORT40_WITH_MD5,	    SSL_ALLOWED,     SSL_ALLOWED },
- {  SSL_EN_RC2_128_CBC_WITH_MD5,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,   SSL_ALLOWED,     SSL_ALLOWED },
- {  SSL_EN_DES_64_CBC_WITH_MD5,		    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_EN_DES_192_EDE3_CBC_WITH_MD5,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,      SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_RSA_WITH_RC4_128_MD5,		    SSL_RESTRICTED,  SSL_NOT_ALLOWED },
- {  SSL_RSA_WITH_RC4_128_SHA,		    SSL_RESTRICTED,  SSL_NOT_ALLOWED },
- {  SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_RSA_WITH_3DES_EDE_CBC_SHA,	    SSL_RESTRICTED,  SSL_NOT_ALLOWED },
- {  SSL_RSA_FIPS_WITH_DES_CBC_SHA,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_RSA_WITH_DES_CBC_SHA,		    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_RSA_EXPORT_WITH_RC4_40_MD5,	    SSL_ALLOWED,     SSL_ALLOWED },
- {  SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,	    SSL_ALLOWED,     SSL_ALLOWED },
- {  SSL_FORTEZZA_DMS_WITH_NULL_SHA,	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_DHE_RSA_WITH_DES_CBC_SHA,           SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_DHE_DSS_WITH_DES_CBC_SHA,           SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,      SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,      SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_DHE_DSS_WITH_RC4_128_SHA,           SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  SSL_RSA_WITH_NULL_MD5,		    SSL_ALLOWED,     SSL_ALLOWED },
- {  TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_DHE_RSA_WITH_AES_128_CBC_SHA,       SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_RSA_WITH_AES_128_CBC_SHA,     	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_DHE_RSA_WITH_AES_256_CBC_SHA,       SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_RSA_WITH_AES_256_CBC_SHA,     	    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- {  TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,    SSL_ALLOWED,     SSL_NOT_ALLOWED },
- {  TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,     SSL_ALLOWED,     SSL_NOT_ALLOWED },
- {  0,					    SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }
-};
-
-static const sslSocketOps ssl_default_ops = {	/* No SSL. */
-    ssl_DefConnect,
-    NULL,
-    ssl_DefBind,
-    ssl_DefListen,
-    ssl_DefShutdown,
-    ssl_DefClose,
-    ssl_DefRecv,
-    ssl_DefSend,
-    ssl_DefRead,
-    ssl_DefWrite,
-    ssl_DefGetpeername,
-    ssl_DefGetsockname
-};
-
-static const sslSocketOps ssl_secure_ops = {	/* SSL. */
-    ssl_SecureConnect,
-    NULL,
-    ssl_DefBind,
-    ssl_DefListen,
-    ssl_SecureShutdown,
-    ssl_SecureClose,
-    ssl_SecureRecv,
-    ssl_SecureSend,
-    ssl_SecureRead,
-    ssl_SecureWrite,
-    ssl_DefGetpeername,
-    ssl_DefGetsockname
-};
-
-/*
-** default settings for socket enables
-*/
-static sslOptions ssl_defaults = {
-    PR_TRUE, 	/* useSecurity        */
-    PR_FALSE,	/* useSocks           */
-    PR_FALSE,	/* requestCertificate */
-    2,	        /* requireCertificate */
-    PR_FALSE,	/* handshakeAsClient  */
-    PR_FALSE,	/* handshakeAsServer  */
-    PR_TRUE,	/* enableSSL2         */
-    PR_TRUE,	/* enableSSL3         */
-    PR_TRUE, 	/* enableTLS          */ /* now defaults to on in NSS 3.0 */
-    PR_FALSE,	/* noCache            */
-    PR_FALSE,	/* fdx                */
-    PR_TRUE,	/* v2CompatibleHello  */
-    PR_TRUE,	/* detectRollBack     */
-};
-
-sslSessionIDLookupFunc  ssl_sid_lookup;
-sslSessionIDCacheFunc   ssl_sid_cache;
-sslSessionIDUncacheFunc ssl_sid_uncache;
-
-static PRBool ssl_inited = PR_FALSE;
-static PRDescIdentity ssl_layer_id;
-
-int                     ssl_lock_readers	= 1;	/* default true. */
-char                    ssl_debug;
-char                    ssl_trace;
-
-
-/* forward declarations. */
-static sslSocket *ssl_NewSocket(void);
-static PRStatus   ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, 
-                                  PRDescIdentity id);
-
-/************************************************************************/
-
-/*
-** Lookup a socket structure from a file descriptor.
-** Only functions called through the PRIOMethods table should use this.
-** Other app-callable functions should use ssl_FindSocket.
-*/
-static sslSocket *
-ssl_GetPrivate(PRFileDesc *fd)
-{
-    sslSocket *ss;
-
-    PORT_Assert(fd != NULL);
-    PORT_Assert(fd->methods->file_type == PR_DESC_LAYERED);
-    PORT_Assert(fd->identity == ssl_layer_id);
-
-    ss = (sslSocket *)fd->secret;
-    ss->fd = fd;
-    return ss;
-}
-
-sslSocket *
-ssl_FindSocket(PRFileDesc *fd)
-{
-    PRFileDesc *layer;
-    sslSocket *ss;
-
-    PORT_Assert(fd != NULL);
-    PORT_Assert(ssl_layer_id != 0);
-
-    layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
-    if (layer == NULL) {
-	PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
-	return NULL;
-    }
-
-    ss = (sslSocket *)layer->secret;
-    ss->fd = layer;
-    return ss;
-}
-
-sslSocket *
-ssl_DupSocket(sslSocket *os)
-{
-    sslSocket *ss;
-    SECStatus rv;
-
-    ss = ssl_NewSocket();
-    if (ss) {
-	ss->useSocks           = PR_FALSE;
-	ss->useSecurity        = os->useSecurity;
-	ss->requestCertificate = os->requestCertificate;
-	ss->requireCertificate = os->requireCertificate;
-	ss->handshakeAsClient  = os->handshakeAsClient;
-	ss->handshakeAsServer  = os->handshakeAsServer;
-	ss->enableSSL2         = os->enableSSL2;
-	ss->enableSSL3         = os->enableSSL3;
-	ss->enableTLS          = os->enableTLS;
-	ss->noCache            = os->noCache;
-	ss->fdx                = os->fdx;
-	ss->v2CompatibleHello  = os->v2CompatibleHello;
-	ss->detectRollBack     = os->detectRollBack;
-
-	ss->peerID             = !os->peerID ? NULL : PORT_Strdup(os->peerID);
-	ss->url                = !os->url    ? NULL : PORT_Strdup(os->url);
-
-	ss->ops      = os->ops;
-	ss->rTimeout = os->rTimeout;
-	ss->wTimeout = os->wTimeout;
-	ss->cTimeout = os->cTimeout;
-	ss->dbHandle = os->dbHandle;
-
-	/* copy ssl2&3 policy & prefs, even if it's not selected (yet) */
-	ss->allowedByPolicy	= os->allowedByPolicy;
-	ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy;
-	ss->chosenPreference 	= os->chosenPreference;
-	PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites);
-
-	if (os->cipherSpecs) {
-	    ss->cipherSpecs  = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs);
-	    if (ss->cipherSpecs) 
-	    	PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs, 
-		            os->sizeCipherSpecs);
-	    ss->sizeCipherSpecs    = os->sizeCipherSpecs;
-	    ss->preferredCipher    = os->preferredCipher;
-	} else {
-	    ss->cipherSpecs        = NULL;  /* produced lazily */
-	    ss->sizeCipherSpecs    = 0;
-	    ss->preferredCipher    = NULL;
-	}
-	if (ss->useSecurity) {
-	    /* This int should be SSLKEAType, but CC on Irix complains,
-	     * during the for loop.
-	     */
-	    int i;
-	    sslServerCerts * oc = os->serverCerts;
-	    sslServerCerts * sc = ss->serverCerts;
-
-	    for (i=kt_null; i < kt_kea_size; i++, oc++, sc++) {
-		if (oc->serverCert && oc->serverCertChain) {
-		    sc->serverCert      = CERT_DupCertificate(oc->serverCert);
-		    sc->serverCertChain = CERT_DupCertList(oc->serverCertChain);
-		    if (!sc->serverCertChain) 
-		    	goto loser;
-		} else {
-		    sc->serverCert      = NULL;
-		    sc->serverCertChain = NULL;
-		}
-		sc->serverKey = oc->serverKey ?
-				SECKEY_CopyPrivateKey(oc->serverKey) : NULL;
-		if (oc->serverKey && !sc->serverKey)
-		    goto loser;
-	        sc->serverKeyBits = oc->serverKeyBits;
-	    }
-	    ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
-		                  ssl3_GetKeyPairRef(os->stepDownKeyPair);
-/*
- * XXX the preceeding CERT_ and SECKEY_ functions can fail and return NULL.
- * XXX We should detect this, and not just march on with NULL pointers.
- */
-	    ss->authCertificate       = os->authCertificate;
-	    ss->authCertificateArg    = os->authCertificateArg;
-	    ss->getClientAuthData     = os->getClientAuthData;
-	    ss->getClientAuthDataArg  = os->getClientAuthDataArg;
-	    ss->handleBadCert         = os->handleBadCert;
-	    ss->badCertArg            = os->badCertArg;
-	    ss->handshakeCallback     = os->handshakeCallback;
-	    ss->handshakeCallbackData = os->handshakeCallbackData;
-	    ss->pkcs11PinArg          = os->pkcs11PinArg;
-    
-	    /* Create security data */
-	    rv = ssl_CopySecurityInfo(ss, os);
-	    if (rv != SECSuccess) {
-		goto loser;
-	    }
-	}
-    }
-    return ss;
-
-loser:
-    ssl_FreeSocket(ss);
-    return NULL;
-}
-
-static void
-ssl_DestroyLocks(sslSocket *ss)
-{
-
-    /* Destroy locks. */
-    if (ss->firstHandshakeLock) {
-    	PZ_DestroyMonitor(ss->firstHandshakeLock);
-	ss->firstHandshakeLock = NULL;
-    }
-    if (ss->ssl3HandshakeLock) {
-    	PZ_DestroyMonitor(ss->ssl3HandshakeLock);
-	ss->ssl3HandshakeLock = NULL;
-    }
-    if (ss->specLock) {
-    	NSSRWLock_Destroy(ss->specLock);
-	ss->specLock = NULL;
-    }
-
-    if (ss->recvLock) {
-    	PZ_DestroyLock(ss->recvLock);
-	ss->recvLock = NULL;
-    }
-    if (ss->sendLock) {
-    	PZ_DestroyLock(ss->sendLock);
-	ss->sendLock = NULL;
-    }
-    if (ss->xmitBufLock) {
-    	PZ_DestroyMonitor(ss->xmitBufLock);
-	ss->xmitBufLock = NULL;
-    }
-    if (ss->recvBufLock) {
-    	PZ_DestroyMonitor(ss->recvBufLock);
-	ss->recvBufLock = NULL;
-    }
-}
-
-/* Caller holds any relevant locks */
-static void
-ssl_DestroySocketContents(sslSocket *ss)
-{
-    /* "i" should be of type SSLKEAType, but CC on IRIX complains during
-     * the for loop.
-     */
-    int        i;
-
-    /* Free up socket */
-    ssl_DestroySecurityInfo(&ss->sec);
-
-    ssl3_DestroySSL3Info(ss->ssl3);
-
-    PORT_Free(ss->saveBuf.buf);
-    PORT_Free(ss->pendingBuf.buf);
-    ssl_DestroyGather(&ss->gs);
-
-    if (ss->peerID != NULL)
-	PORT_Free(ss->peerID);
-    if (ss->url != NULL)
-	PORT_Free((void *)ss->url);	/* CONST */
-    if (ss->cipherSpecs) {
-	PORT_Free(ss->cipherSpecs);
-	ss->cipherSpecs     = NULL;
-	ss->sizeCipherSpecs = 0;
-    }
-
-    /* Clean up server configuration */
-    for (i=kt_null; i < kt_kea_size; i++) {
-	sslServerCerts * sc = ss->serverCerts + i;
-	if (sc->serverCert != NULL)
-	    CERT_DestroyCertificate(sc->serverCert);
-	if (sc->serverCertChain != NULL)
-	    CERT_DestroyCertificateList(sc->serverCertChain);
-	if (sc->serverKey != NULL)
-	    SECKEY_DestroyPrivateKey(sc->serverKey);
-    }
-    if (ss->stepDownKeyPair) {
-	ssl3_FreeKeyPair(ss->stepDownKeyPair);
-	ss->stepDownKeyPair = NULL;
-    }
-}
-
-/*
- * free an sslSocket struct, and all the stuff that hangs off of it
- */
-void
-ssl_FreeSocket(sslSocket *ss)
-{
-#ifdef DEBUG
-    sslSocket *fs;
-    sslSocket  lSock;
-#endif
-
-/* Get every lock you can imagine!
-** Caller already holds these:
-**  SSL_LOCK_READER(ss);
-**  SSL_LOCK_WRITER(ss);
-*/
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetRecvBufLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-    ssl_GetXmitBufLock(ss);
-    ssl_GetSpecWriteLock(ss);
-
-#ifdef DEBUG
-    fs = &lSock;
-    *fs = *ss;				/* Copy the old socket structure, */
-    PORT_Memset(ss, 0x1f, sizeof *ss);  /* then blast the old struct ASAP. */
-#else
-#define fs ss
-#endif
-
-    ssl_DestroySocketContents(fs);
-
-    /* Release all the locks acquired above.  */
-    SSL_UNLOCK_READER(fs);
-    SSL_UNLOCK_WRITER(fs);
-    ssl_Release1stHandshakeLock(fs);
-    ssl_ReleaseRecvBufLock(fs);
-    ssl_ReleaseSSL3HandshakeLock(fs);
-    ssl_ReleaseXmitBufLock(fs);
-    ssl_ReleaseSpecWriteLock(fs);
-
-    ssl_DestroyLocks(fs);
-
-    PORT_Free(ss);	/* free the caller's copy, not ours. */
-    return;
-}
-#undef fs
-
-/************************************************************************/
-SECStatus 
-ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled)
-{
-    PRFileDesc *       osfd = ss->fd->lower;
-    int 	       rv;
-    PRSocketOptionData opt;
-
-    opt.option         = PR_SockOpt_NoDelay;
-    opt.value.no_delay = (PRBool)!enabled;
-
-    rv = osfd->methods->setsocketoption(osfd, &opt);
-
-    return rv;
-}
-
-static void
-ssl_ChooseOps(sslSocket *ss)
-{
-    ss->ops = ss->useSecurity ? &ssl_secure_ops       : &ssl_default_ops;
-}
-
-/* Called from SSL_Enable (immediately below) */
-static SECStatus
-PrepareSocket(sslSocket *ss)
-{
-    SECStatus     rv = SECSuccess;
-
-    ssl_ChooseOps(ss);
-    return rv;
-}
-
-SECStatus
-SSL_Enable(PRFileDesc *fd, int which, PRBool on)
-{
-    return SSL_OptionSet(fd, which, on);
-}
-
-SECStatus
-SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
-{
-    sslSocket *ss = ssl_FindSocket(fd);
-    SECStatus  rv = SECSuccess;
-
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-
-    switch (which) {
-      case SSL_SOCKS:
-	ss->useSocks = PR_FALSE;
-	rv = PrepareSocket(ss);
-	if (on) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    rv = SECFailure;
-	}
-	break;
-
-      case SSL_SECURITY:
-	ss->useSecurity = on;
-	rv = PrepareSocket(ss);
-	break;
-
-      case SSL_REQUEST_CERTIFICATE:
-	ss->requestCertificate = on;
-	break;
-
-      case SSL_REQUIRE_CERTIFICATE:
-	ss->requireCertificate = on;
-	break;
-
-      case SSL_HANDSHAKE_AS_CLIENT:
-	if ( ss->handshakeAsServer && on ) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    rv = SECFailure;
-	    break;
-	}
-	ss->handshakeAsClient = on;
-	break;
-
-      case SSL_HANDSHAKE_AS_SERVER:
-	if ( ss->handshakeAsClient && on ) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    rv = SECFailure;
-	    break;
-	}
-	ss->handshakeAsServer = on;
-	break;
-
-      case SSL_ENABLE_TLS:
-	ss->enableTLS           = on;
-	ss->preferredCipher     = NULL;
-	if (ss->cipherSpecs) {
-	    PORT_Free(ss->cipherSpecs);
-	    ss->cipherSpecs     = NULL;
-	    ss->sizeCipherSpecs = 0;
-	}
-	break;
-
-      case SSL_ENABLE_SSL3:
-	ss->enableSSL3          = on;
-	ss->preferredCipher     = NULL;
-	if (ss->cipherSpecs) {
-	    PORT_Free(ss->cipherSpecs);
-	    ss->cipherSpecs     = NULL;
-	    ss->sizeCipherSpecs = 0;
-	}
-	break;
-
-      case SSL_ENABLE_SSL2:
-	ss->enableSSL2          = on;
-	if (on) {
-	    ss->v2CompatibleHello = on;
-	}
-	ss->preferredCipher     = NULL;
-	if (ss->cipherSpecs) {
-	    PORT_Free(ss->cipherSpecs);
-	    ss->cipherSpecs     = NULL;
-	    ss->sizeCipherSpecs = 0;
-	}
-	break;
-
-      case SSL_NO_CACHE:
-	ss->noCache = on;
-	break;
-
-      case SSL_ENABLE_FDX:
-      	ss->fdx = on;
-	break;
-
-      case SSL_V2_COMPATIBLE_HELLO:
-      	ss->v2CompatibleHello = on;
-	if (!on) {
-	    ss->enableSSL2    = on;
-	}
-	break;
-
-      case SSL_ROLLBACK_DETECTION:  
-	ss->detectRollBack = on;
-        break;
-
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	rv = SECFailure;
-    }
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    ssl_Release1stHandshakeLock(ss);
-
-    return rv;
-}
-
-SECStatus
-SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
-{
-    sslSocket *ss = ssl_FindSocket(fd);
-    SECStatus  rv = SECSuccess;
-    PRBool     on = PR_FALSE;
-
-    if (!pOn) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
-	*pOn = PR_FALSE;
-	return SECFailure;
-    }
-
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-
-    switch (which) {
-    case SSL_SOCKS:               on = PR_FALSE;               break;
-    case SSL_SECURITY:            on = ss->useSecurity;        break;
-    case SSL_REQUEST_CERTIFICATE: on = ss->requestCertificate; break;
-    case SSL_REQUIRE_CERTIFICATE: on = ss->requireCertificate; break;
-    case SSL_HANDSHAKE_AS_CLIENT: on = ss->handshakeAsClient;  break;
-    case SSL_HANDSHAKE_AS_SERVER: on = ss->handshakeAsServer;  break;
-    case SSL_ENABLE_TLS:          on = ss->enableTLS;          break;
-    case SSL_ENABLE_SSL3:         on = ss->enableSSL3;         break;
-    case SSL_ENABLE_SSL2:         on = ss->enableSSL2;         break;
-    case SSL_NO_CACHE:            on = ss->noCache;            break;
-    case SSL_ENABLE_FDX:          on = ss->fdx;                break;
-    case SSL_V2_COMPATIBLE_HELLO: on = ss->v2CompatibleHello;  break;
-    case SSL_ROLLBACK_DETECTION:  on = ss->detectRollBack;     break;
-
-    default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	rv = SECFailure;
-    }
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    ssl_Release1stHandshakeLock(ss);
-
-    *pOn = on;
-    return rv;
-}
-
-SECStatus
-SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
-{
-    SECStatus  rv = SECSuccess;
-    PRBool     on = PR_FALSE;
-
-    if (!pOn) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    switch (which) {
-    case SSL_SOCKS:               on = PR_FALSE;                        break;
-    case SSL_SECURITY:            on = ssl_defaults.useSecurity;        break;
-    case SSL_REQUEST_CERTIFICATE: on = ssl_defaults.requestCertificate; break;
-    case SSL_REQUIRE_CERTIFICATE: on = ssl_defaults.requireCertificate; break;
-    case SSL_HANDSHAKE_AS_CLIENT: on = ssl_defaults.handshakeAsClient;  break;
-    case SSL_HANDSHAKE_AS_SERVER: on = ssl_defaults.handshakeAsServer;  break;
-    case SSL_ENABLE_TLS:          on = ssl_defaults.enableTLS;          break;
-    case SSL_ENABLE_SSL3:         on = ssl_defaults.enableSSL3;         break;
-    case SSL_ENABLE_SSL2:         on = ssl_defaults.enableSSL2;         break;
-    case SSL_NO_CACHE:            on = ssl_defaults.noCache;		break;
-    case SSL_ENABLE_FDX:          on = ssl_defaults.fdx;                break;
-    case SSL_V2_COMPATIBLE_HELLO: on = ssl_defaults.v2CompatibleHello;  break;
-    case SSL_ROLLBACK_DETECTION:  on = ssl_defaults.detectRollBack;     break;
-
-    default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	rv = SECFailure;
-    }
-
-    *pOn = on;
-    return rv;
-}
-
-/* XXX Use Global Lock to protect this stuff. */
-SECStatus
-SSL_EnableDefault(int which, PRBool on)
-{
-    return SSL_OptionSetDefault(which, on);
-}
-
-SECStatus
-SSL_OptionSetDefault(PRInt32 which, PRBool on)
-{
-    switch (which) {
-      case SSL_SOCKS:
-	ssl_defaults.useSocks = PR_FALSE;
-	if (on) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    return SECFailure;
-	}
-	break;
-
-      case SSL_SECURITY:
-	ssl_defaults.useSecurity = on;
-	break;
-
-      case SSL_REQUEST_CERTIFICATE:
-	ssl_defaults.requestCertificate = on;
-	break;
-
-      case SSL_REQUIRE_CERTIFICATE:
-	ssl_defaults.requireCertificate = on;
-	break;
-
-      case SSL_HANDSHAKE_AS_CLIENT:
-	if ( ssl_defaults.handshakeAsServer && on ) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    return SECFailure;
-	}
-	ssl_defaults.handshakeAsClient = on;
-	break;
-
-      case SSL_HANDSHAKE_AS_SERVER:
-	if ( ssl_defaults.handshakeAsClient && on ) {
-	    PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	    return SECFailure;
-	}
-	ssl_defaults.handshakeAsServer = on;
-	break;
-
-      case SSL_ENABLE_TLS:
-	ssl_defaults.enableTLS = on;
-	break;
-
-      case SSL_ENABLE_SSL3:
-	ssl_defaults.enableSSL3 = on;
-	break;
-
-      case SSL_ENABLE_SSL2:
-	ssl_defaults.enableSSL2 = on;
-	if (on) {
-	    ssl_defaults.v2CompatibleHello = on;
-	}
-	break;
-
-      case SSL_NO_CACHE:
-	ssl_defaults.noCache = on;
-	break;
-
-      case SSL_ENABLE_FDX:
-      	ssl_defaults.fdx = on;
-
-      case SSL_V2_COMPATIBLE_HELLO:
-      	ssl_defaults.v2CompatibleHello = on;
-	if (!on) {
-	    ssl_defaults.enableSSL2    = on;
-	}
-	break;
-
-      case SSL_ROLLBACK_DETECTION:  
-	ssl_defaults.detectRollBack = on;
-	break;
-
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-/* Part of the public NSS API.
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this.  Probably want a global lock.
- */
-SECStatus
-SSL_SetPolicy(long which, int policy)
-{
-    if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
-    	/* one of the two old FIPS ciphers */
-	if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) 
-	    which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
-	else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
-	    which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
-    }
-    return SSL_CipherPolicySet(which, policy);
-}
-
-SECStatus
-SSL_CipherPolicySet(PRInt32 which, PRInt32 policy)
-{
-    SECStatus rv;
-
-    if (SSL_IS_SSL2_CIPHER(which)) {
-	rv = ssl2_SetPolicy(which, policy);
-    } else {
-	rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy);
-    }
-    return rv;
-}
-
-SECStatus
-SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy)
-{
-    SECStatus rv;
-
-    if (!oPolicy) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    if (SSL_IS_SSL2_CIPHER(which)) {
-	rv = ssl2_GetPolicy(which, oPolicy);
-    } else {
-	rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy);
-    }
-    return rv;
-}
-
-/* Part of the public NSS API.
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this.  Probably want a global lock.
- * These changes have no effect on any sslSockets already created. 
- */
-SECStatus
-SSL_EnableCipher(long which, PRBool enabled)
-{
-    if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
-    	/* one of the two old FIPS ciphers */
-	if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) 
-	    which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
-	else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
-	    which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
-    }
-    return SSL_CipherPrefSetDefault(which, enabled);
-}
-
-SECStatus
-SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
-{
-    SECStatus rv;
-    
-    if (SSL_IS_SSL2_CIPHER(which)) {
-	rv = ssl2_CipherPrefSetDefault(which, enabled);
-    } else {
-	rv = ssl3_CipherPrefSetDefault((ssl3CipherSuite)which, enabled);
-    }
-    return rv;
-}
-
-SECStatus 
-SSL_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
-{
-    SECStatus  rv;
-    
-    if (!enabled) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    if (SSL_IS_SSL2_CIPHER(which)) {
-	rv = ssl2_CipherPrefGetDefault(which, enabled);
-    } else {
-	rv = ssl3_CipherPrefGetDefault((ssl3CipherSuite)which, enabled);
-    }
-    return rv;
-}
-
-SECStatus
-SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
-{
-    SECStatus rv;
-    sslSocket *ss = ssl_FindSocket(fd);
-    
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-    if (SSL_IS_SSL2_CIPHER(which)) {
-	rv = ssl2_CipherPrefSet(ss, which, enabled);
-    } else {
-	rv = ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
-    }
-    return rv;
-}
-
-SECStatus 
-SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
-{
-    SECStatus  rv;
-    sslSocket *ss = ssl_FindSocket(fd);
-    
-    if (!enabled) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
-	*enabled = PR_FALSE;
-	return SECFailure;
-    }
-    if (SSL_IS_SSL2_CIPHER(which)) {
-	rv = ssl2_CipherPrefGet(ss, which, enabled);
-    } else {
-	rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled);
-    }
-    return rv;
-}
-
-SECStatus
-NSS_SetDomesticPolicy(void)
-{
-#ifndef EXPORT_VERSION
-    SECStatus      status = SECSuccess;
-    cipherPolicy * policy;
-
-    for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
-	status = SSL_SetPolicy(policy->cipher, SSL_ALLOWED);
-	if (status != SECSuccess)
-	    break;
-    }
-    return status;
-#else
-    return NSS_SetExportPolicy();
-#endif
-}
-
-SECStatus
-NSS_SetExportPolicy(void)
-{
-    SECStatus      status = SECSuccess;
-    cipherPolicy * policy;
-
-    for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
-	status = SSL_SetPolicy(policy->cipher, policy->export);
-	if (status != SECSuccess)
-	    break;
-    }
-    return status;
-}
-
-SECStatus
-NSS_SetFrancePolicy(void)
-{
-    SECStatus      status = SECSuccess;
-    cipherPolicy * policy;
-
-    for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
-	status = SSL_SetPolicy(policy->cipher, policy->france);
-	if (status != SECSuccess)
-	    break;
-    }
-    return status;
-}
-
-
-
-/* LOCKS ??? XXX */
-PRFileDesc *
-SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
-{
-    sslSocket * ns = NULL;
-    PRStatus    rv;
-    PRNetAddr   addr;
-
-    if (model == NULL) {
-	/* Just create a default socket if we're given NULL for the model */
-	ns = ssl_NewSocket();
-    } else {
-	sslSocket * ss = ssl_FindSocket(model);
-	if (ss == NULL) {
-	    SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD", 
-	    	      SSL_GETPID(), model));
-	    return NULL;
-	}
-	ns = ssl_DupSocket(ss);
-    }
-    if (ns == NULL)
-    	return NULL;
-
-    rv = ssl_PushIOLayer(ns, fd, PR_TOP_IO_LAYER);
-    if (rv != PR_SUCCESS) {
-	ssl_FreeSocket(ns);
-	SET_ERROR_CODE
-	return NULL;
-    }
-#ifdef _WIN32
-    PR_Sleep(PR_INTERVAL_NO_WAIT);     /* workaround NT winsock connect bug. */
-#endif
-    ns = ssl_FindSocket(fd);
-    PORT_Assert(ns);
-    if (ns)
-	ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
-    return fd;
-}
-
-/************************************************************************/
-/* The following functions are the TOP LEVEL SSL functions.
-** They all get called through the NSPRIOMethods table below.
-*/
-
-static PRFileDesc * PR_CALLBACK
-ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout)
-{
-    sslSocket  *ss;
-    sslSocket  *ns 	= NULL;
-    PRFileDesc *newfd 	= NULL;
-    PRFileDesc *osfd;
-    PRStatus    status;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in accept", SSL_GETPID(), fd));
-	return NULL;
-    }
-
-    /* IF this is a listen socket, there shouldn't be any I/O going on */
-    SSL_LOCK_READER(ss);
-    SSL_LOCK_WRITER(ss);
-    ssl_Get1stHandshakeLock(ss);
-    ssl_GetSSL3HandshakeLock(ss);
-
-    ss->cTimeout = timeout;
-
-    osfd = ss->fd->lower;
-
-    /* First accept connection */
-    newfd = osfd->methods->accept(osfd, sockaddr, timeout);
-    if (newfd == NULL) {
-	SSL_DBG(("%d: SSL[%d]: accept failed, errno=%d",
-		 SSL_GETPID(), ss->fd, PORT_GetError()));
-    } else {
-	/* Create ssl module */
-	ns = ssl_DupSocket(ss);
-    }
-
-    ssl_ReleaseSSL3HandshakeLock(ss);
-    ssl_Release1stHandshakeLock(ss);
-    SSL_UNLOCK_WRITER(ss);
-    SSL_UNLOCK_READER(ss);			/* ss isn't used below here. */
-
-    if (ns == NULL)
-	goto loser;
-
-    /* push ssl module onto the new socket */
-    status = ssl_PushIOLayer(ns, newfd, PR_TOP_IO_LAYER);
-    if (status != PR_SUCCESS)
-	goto loser;
-
-    /* Now start server connection handshake with client.
-    ** Don't need locks here because nobody else has a reference to ns yet.
-    */
-    if ( ns->useSecurity ) {
-	if ( ns->handshakeAsClient ) {
-	    ns->handshake = ssl2_BeginClientHandshake;
-	    ss->handshaking = sslHandshakingAsClient;
-	} else {
-	    ns->handshake = ssl2_BeginServerHandshake;
-	    ss->handshaking = sslHandshakingAsServer;
-	}
-    }
-    ns->TCPconnected = 1;
-    return newfd;
-
-loser:
-    if (ns != NULL)
-	ssl_FreeSocket(ns);
-    if (newfd != NULL)
-	PR_Close(newfd);
-    return NULL;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Connect(PRFileDesc *fd, const PRNetAddr *sockaddr, PRIntervalTime timeout)
-{
-    sslSocket *ss;
-    PRStatus   rv;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in connect", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-
-    /* IF this is a listen socket, there shouldn't be any I/O going on */
-    SSL_LOCK_READER(ss);
-    SSL_LOCK_WRITER(ss);
-
-    ss->cTimeout = timeout;
-    rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr);
-#ifdef _WIN32
-    PR_Sleep(PR_INTERVAL_NO_WAIT);     /* workaround NT winsock connect bug. */
-#endif
-
-    SSL_UNLOCK_WRITER(ss);
-    SSL_UNLOCK_READER(ss);
-
-    return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Bind(PRFileDesc *fd, const PRNetAddr *addr)
-{
-    sslSocket * ss = ssl_GetPrivate(fd);
-    PRStatus    rv;
-
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in bind", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-    SSL_LOCK_READER(ss);
-    SSL_LOCK_WRITER(ss);
-
-    rv = (PRStatus)(*ss->ops->bind)(ss, addr);
-
-    SSL_UNLOCK_WRITER(ss);
-    SSL_UNLOCK_READER(ss);
-    return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Listen(PRFileDesc *fd, PRIntn backlog)
-{
-    sslSocket * ss = ssl_GetPrivate(fd);
-    PRStatus    rv;
-
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in listen", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-    SSL_LOCK_READER(ss);
-    SSL_LOCK_WRITER(ss);
-
-    rv = (PRStatus)(*ss->ops->listen)(ss, backlog);
-
-    SSL_UNLOCK_WRITER(ss);
-    SSL_UNLOCK_READER(ss);
-    return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Shutdown(PRFileDesc *fd, PRIntn how)
-{
-    sslSocket * ss = ssl_GetPrivate(fd);
-    PRStatus    rv;
-
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in shutdown", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-    if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
-    	SSL_LOCK_READER(ss);
-    }
-    if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
-    	SSL_LOCK_WRITER(ss);
-    }
-
-    rv = (PRStatus)(*ss->ops->shutdown)(ss, how);
-
-    if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
-    	SSL_UNLOCK_WRITER(ss);
-    }
-    if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
-    	SSL_UNLOCK_READER(ss);
-    }
-    return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Close(PRFileDesc *fd)
-{
-    sslSocket *ss;
-    PRStatus   rv;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in close", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-
-    /* There must not be any I/O going on */
-    SSL_LOCK_READER(ss);
-    SSL_LOCK_WRITER(ss);
-
-    /* By the time this function returns, 
-    ** ss is an invalid pointer, and the locks to which it points have 
-    ** been unlocked and freed.  So, this is the ONE PLACE in all of SSL
-    ** where the LOCK calls and the corresponding UNLOCK calls are not in
-    ** the same function scope.  The unlock calls are in ssl_FreeSocket().
-    */
-    rv = (PRStatus)(*ss->ops->close)(ss);
-
-    return rv;
-}
-
-static int PR_CALLBACK
-ssl_Recv(PRFileDesc *fd, void *buf, PRInt32 len, PRIntn flags,
-	 PRIntervalTime timeout)
-{
-    sslSocket *ss;
-    int        rv;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in recv", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-    SSL_LOCK_READER(ss);
-    ss->rTimeout = timeout;
-    if (!ss->fdx)
-	ss->wTimeout = timeout;
-    rv = (*ss->ops->recv)(ss, (unsigned char*)buf, len, flags);
-    SSL_UNLOCK_READER(ss);
-    return rv;
-}
-
-static int PR_CALLBACK
-ssl_Send(PRFileDesc *fd, const void *buf, PRInt32 len, PRIntn flags,
-	 PRIntervalTime timeout)
-{
-    sslSocket *ss;
-    int        rv;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in send", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-    SSL_LOCK_WRITER(ss);
-    ss->wTimeout = timeout;
-    if (!ss->fdx)
-	ss->rTimeout = timeout;
-    rv = (*ss->ops->send)(ss, (const unsigned char*)buf, len, flags);
-    SSL_UNLOCK_WRITER(ss);
-    return rv;
-}
-
-static int PR_CALLBACK
-ssl_Read(PRFileDesc *fd, void *buf, PRInt32 len)
-{
-    sslSocket *ss;
-    int        rv;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in read", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-    SSL_LOCK_READER(ss);
-    ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
-    if (!ss->fdx)
-	ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
-    rv = (*ss->ops->read)(ss, (unsigned char*)buf, len);
-    SSL_UNLOCK_READER(ss);
-    return rv;
-}
-
-static int PR_CALLBACK
-ssl_Write(PRFileDesc *fd, const void *buf, PRInt32 len)
-{
-    sslSocket *ss;
-    int        rv;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in write", SSL_GETPID(), fd));
-	return SECFailure;
-    }
-    SSL_LOCK_WRITER(ss);
-    ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
-    if (!ss->fdx)
-	ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
-    rv = (*ss->ops->write)(ss, (const unsigned char*)buf, len);
-    SSL_UNLOCK_WRITER(ss);
-    return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_GetPeerName(PRFileDesc *fd, PRNetAddr *addr)
-{
-    sslSocket *ss;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in getpeername", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-    return (PRStatus)(*ss->ops->getpeername)(ss, addr);
-}
-
-/*
-*/
-SECStatus
-ssl_GetPeerInfo(sslSocket *ss)
-{
-    PRFileDesc *      osfd;
-    int               rv;
-    PRNetAddr         sin;
-
-    osfd = ss->fd->lower;
-
-    PORT_Memset(&sin, 0, sizeof(sin));
-    rv = osfd->methods->getpeername(osfd, &sin);
-    if (rv < 0) {
-	return SECFailure;
-    }
-    ss->TCPconnected = 1;
-    if (sin.inet.family == PR_AF_INET) {
-        PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ss->sec.ci.peer);
-	ss->sec.ci.port = sin.inet.port;
-    } else if (sin.ipv6.family == PR_AF_INET6) {
-	ss->sec.ci.peer = sin.ipv6.ip;
-	ss->sec.ci.port = sin.ipv6.port;
-    } else {
-	PORT_SetError(PR_ADDRESS_NOT_SUPPORTED_ERROR);
-    	return SECFailure;
-    }
-    return SECSuccess;
-}
-
-static PRStatus PR_CALLBACK
-ssl_GetSockName(PRFileDesc *fd, PRNetAddr *name)
-{
-    sslSocket *ss;
-
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in getsockname", SSL_GETPID(), fd));
-	return PR_FAILURE;
-    }
-    return (PRStatus)(*ss->ops->getsockname)(ss, name);
-}
-
-SECStatus PR_CALLBACK
-SSL_SetSockPeerID(PRFileDesc *fd, char *peerID)
-{
-    sslSocket *ss;
-
-    ss = ssl_FindSocket(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCacheIndex",
-		 SSL_GETPID(), fd));
-	return SECFailure;
-    }
-
-    ss->peerID = PORT_Strdup(peerID);
-    return SECSuccess;
-}
-
-#define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ)
-
-static PRInt16 PR_CALLBACK
-ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
-{
-    sslSocket *ss;
-    PRInt16    new_flags = how_flags;	/* should select on these flags. */
-    PRNetAddr  addr;
-
-    *p_out_flags = 0;
-    ss = ssl_GetPrivate(fd);
-    if (!ss) {
-	SSL_DBG(("%d: SSL[%d]: bad socket in SSL_Poll",
-		 SSL_GETPID(), fd));
-	return 0;	/* don't poll on this socket */
-    }
-
-    if (ss->useSecurity && 
-	ss->handshaking != sslHandshakingUndetermined &&
-        !ss->firstHsDone &&
-	(how_flags & PR_POLL_RW)) {
-	if (!ss->TCPconnected) {
-	    ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
-	}
-	/* If it's not connected, then presumably the application is polling
-	** on read or write appropriately, so don't change it. 
-	*/
-	if (ss->TCPconnected) {
-	    if (!ss->handshakeBegun) {
-		/* If the handshake has not begun, poll on read or write 
-		** based on the local application's role in the handshake,
-		** not based on what the application requested.
-		*/
-		new_flags &= ~PR_POLL_RW;
-		if (ss->handshaking == sslHandshakingAsClient) {
-		    new_flags |= PR_POLL_WRITE;
-		} else { /* handshaking as server */
-		    new_flags |= PR_POLL_READ;
-		}
-	    } else 
-	    /* First handshake is in progress */
-	    if (ss->lastWriteBlocked) {
-		if (new_flags & PR_POLL_READ) {
-		    /* The caller is waiting for data to be received, 
-		    ** but the initial handshake is blocked on write, or the 
-		    ** client's first handshake record has not been written.
-		    ** The code should select on write, not read.
-		    */
-		    new_flags ^=  PR_POLL_READ;	   /* don't select on read. */
-		    new_flags |=  PR_POLL_WRITE;   /* do    select on write. */
-		}
-	    } else if (new_flags & PR_POLL_WRITE) {
-		    /* The caller is trying to write, but the handshake is 
-		    ** blocked waiting for data to read, and the first 
-		    ** handshake has been sent.  so do NOT to poll on write.
-		    */
-		    new_flags ^=  PR_POLL_WRITE;   /* don't select on write. */
-		    new_flags |=  PR_POLL_READ;	   /* do    select on read. */
-	    }
-	}
-    } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
-	*p_out_flags = PR_POLL_READ;	/* it's ready already. */
-	return new_flags;
-    } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) &&
-	       (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */
-	new_flags |=  PR_POLL_WRITE;   /* also select on write. */
-    } 
-    if (new_flags && (fd->lower->methods->poll != NULL)) {
-	PRInt16    lower_out_flags = 0;
-	PRInt16    lower_new_flags;
-        lower_new_flags = fd->lower->methods->poll(fd->lower, new_flags, 
-					           &lower_out_flags);
-	if ((lower_new_flags & lower_out_flags) && (how_flags != new_flags)) {
-	    PRInt16 out_flags = lower_out_flags & ~PR_POLL_RW;
-	    if (lower_out_flags & PR_POLL_READ) 
-		out_flags |= PR_POLL_WRITE;
-	    if (lower_out_flags & PR_POLL_WRITE) 
-		out_flags |= PR_POLL_READ;
-	    *p_out_flags = out_flags;
-	    new_flags = how_flags;
-	} else {
-	    *p_out_flags = lower_out_flags;
-	    new_flags    = lower_new_flags;
-	}
-    }
-
-    return new_flags;
-}
-
-
-PRBool
-ssl_FdIsBlocking(PRFileDesc *fd)
-{
-    PRSocketOptionData opt;
-    PRStatus           status;
-
-    opt.option             = PR_SockOpt_Nonblocking;
-    opt.value.non_blocking = PR_FALSE;
-    status = PR_GetSocketOption(fd, &opt);
-    if (status != PR_SUCCESS)
-	return PR_FALSE;
-    return (PRBool)!opt.value.non_blocking;
-}
-
-PRBool
-ssl_SocketIsBlocking(sslSocket *ss)
-{
-    return ssl_FdIsBlocking(ss->fd);
-}
-
-PRInt32  sslFirstBufSize = 8 * 1024;
-PRInt32  sslCopyLimit    = 1024;
-
-static PRInt32 PR_CALLBACK
-ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors, 
-           PRIntervalTime timeout)
-{
-    PRInt32            bufLen;
-    PRInt32            left;
-    PRInt32            rv;
-    PRInt32            sent      =  0;
-    const PRInt32      first_len = sslFirstBufSize;
-    const PRInt32      limit     = sslCopyLimit;
-    PRBool             blocking;
-    PRIOVec            myIov	 = { 0, 0 };
-    char               buf[MAX_FRAGMENT_LENGTH];
-
-    if (vectors > PR_MAX_IOVECTOR_SIZE) {
-    	PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
-	return -1;
-    }
-    blocking = ssl_FdIsBlocking(fd);
-
-#define K16 sizeof(buf)
-#define KILL_VECTORS while (vectors && !iov->iov_len) { ++iov; --vectors; }
-#define GET_VECTOR   do { myIov = *iov++; --vectors; KILL_VECTORS } while (0)
-#define HANDLE_ERR(rv, len) \
-    if (rv != len) { \
-	if (rv < 0) { \
-	    if (!blocking \
-		&& (PR_GetError() == PR_WOULD_BLOCK_ERROR) \
-		&& (sent > 0)) { \
-		return sent; \
-	    } else { \
-		return -1; \
-	    } \
-	} \
-	/* Only a nonblocking socket can have partial sends */ \
-	PR_ASSERT(!blocking); \
-	return sent; \
-    } 
-#define SEND(bfr, len) \
-    do { \
-	rv = ssl_Send(fd, bfr, len, 0, timeout); \
-	HANDLE_ERR(rv, len) \
-	sent += len; \
-    } while (0)
-
-    /* Make sure the first write is at least 8 KB, if possible. */
-    KILL_VECTORS
-    if (!vectors)
-	return ssl_Send(fd, 0, 0, 0, timeout);
-    GET_VECTOR;
-    if (!vectors) {
-	return ssl_Send(fd, myIov.iov_base, myIov.iov_len, 0, timeout);
-    }
-    if (myIov.iov_len < first_len) {
-	PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
-	bufLen = myIov.iov_len;
-	left = first_len - bufLen;
-	while (vectors && left) {
-	    int toCopy;
-	    GET_VECTOR;
-	    toCopy = PR_MIN(left, myIov.iov_len);
-	    PORT_Memcpy(buf + bufLen, myIov.iov_base, toCopy);
-	    bufLen         += toCopy;
-	    left           -= toCopy;
-	    myIov.iov_base += toCopy;
-	    myIov.iov_len  -= toCopy;
-	}
-	SEND( buf, bufLen );
-    }
-
-    while (vectors || myIov.iov_len) {
-	PRInt32   addLen;
-	if (!myIov.iov_len) {
-	    GET_VECTOR;
-	}
-	while (myIov.iov_len >= K16) {
-	    SEND(myIov.iov_base, K16);
-	    myIov.iov_base += K16;
-	    myIov.iov_len  -= K16;
-	}
-	if (!myIov.iov_len)
-	    continue;
-
-	if (!vectors || myIov.iov_len > limit) {
-	    addLen = 0;
-	} else if ((addLen = iov->iov_len % K16) + myIov.iov_len <= limit) {
-	    /* Addlen is already computed. */;
-	} else if (vectors > 1 && 
-	     iov[1].iov_len % K16 + addLen + myIov.iov_len <= 2 * limit) {
-	     addLen = limit - myIov.iov_len;
-	} else 
-	    addLen = 0;
-
-	if (!addLen) {
-	    SEND( myIov.iov_base, myIov.iov_len );
-	    myIov.iov_len = 0;
-	    continue;
-	}
-	PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
-	bufLen = myIov.iov_len;
-	do {
-	    GET_VECTOR;
-	    PORT_Memcpy(buf + bufLen, myIov.iov_base, addLen);
-	    myIov.iov_base += addLen;
-	    myIov.iov_len  -= addLen;
-	    bufLen         += addLen;
-
-	    left = PR_MIN( limit, K16 - bufLen);
-	    if (!vectors 		/* no more left */
-	    ||  myIov.iov_len > 0	/* we didn't use that one all up */
-	    ||  bufLen >= K16		/* it's full. */
-	    ) {
-		addLen = 0;
-	    } else if ((addLen = iov->iov_len % K16) <= left) {
-		/* Addlen is already computed. */;
-	    } else if (vectors > 1 && 
-		 iov[1].iov_len % K16 + addLen <= left + limit) {
-		 addLen = left;
-	    } else 
-		addLen = 0;
-
-	} while (addLen);
-	SEND( buf, bufLen );
-    } 
-    return sent;
-}
-
-/*
- * These functions aren't implemented.
- */
-
-static PRInt32 PR_CALLBACK
-ssl_Available(PRFileDesc *fd)
-{
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return SECFailure;
-}
-
-static PRInt64 PR_CALLBACK
-ssl_Available64(PRFileDesc *fd)
-{
-    PRInt64 res;
-
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    LL_I2L(res, -1L);
-    return res;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FSync(PRFileDesc *fd)
-{
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return PR_FAILURE;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_Seek(PRFileDesc *fd, PRInt32 offset, PRSeekWhence how) {
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return SECFailure;
-}
-
-static PRInt64 PR_CALLBACK
-ssl_Seek64(PRFileDesc *fd, PRInt64 offset, PRSeekWhence how) {
-    PRInt64 res;
-
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    LL_I2L(res, -1L);
-    return res;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FileInfo(PRFileDesc *fd, PRFileInfo *info)
-{
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return PR_FAILURE;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FileInfo64(PRFileDesc *fd, PRFileInfo64 *info)
-{
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return PR_FAILURE;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_RecvFrom(PRFileDesc *fd, void *buf, PRInt32 amount, PRIntn flags,
-	     PRNetAddr *addr, PRIntervalTime timeout)
-{
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return SECFailure;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_SendTo(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags,
-	   const PRNetAddr *addr, PRIntervalTime timeout)
-{
-    PORT_Assert(0);
-    PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
-    return SECFailure;
-}
-
-static const PRIOMethods ssl_methods = {
-    PR_DESC_LAYERED,
-    ssl_Close,           	/* close        */
-    ssl_Read,            	/* read         */
-    ssl_Write,           	/* write        */
-    ssl_Available,       	/* available    */
-    ssl_Available64,     	/* available64  */
-    ssl_FSync,           	/* fsync        */
-    ssl_Seek,            	/* seek         */
-    ssl_Seek64,          	/* seek64       */
-    ssl_FileInfo,        	/* fileInfo     */
-    ssl_FileInfo64,      	/* fileInfo64   */
-    ssl_WriteV,          	/* writev       */
-    ssl_Connect,         	/* connect      */
-    ssl_Accept,          	/* accept       */
-    ssl_Bind,            	/* bind         */
-    ssl_Listen,          	/* listen       */
-    ssl_Shutdown,        	/* shutdown     */
-    ssl_Recv,            	/* recv         */
-    ssl_Send,            	/* send         */
-    ssl_RecvFrom,        	/* recvfrom     */
-    ssl_SendTo,          	/* sendto       */
-    ssl_Poll,            	/* poll         */
-    ssl_EmulateAcceptRead,      /* acceptread   */
-    ssl_EmulateTransmitFile,    /* transmitfile */
-    ssl_GetSockName,     	/* getsockname  */
-    ssl_GetPeerName,     	/* getpeername  */
-    NULL,                	/* getsockopt   OBSOLETE */
-    NULL,                	/* setsockopt   OBSOLETE */
-    NULL,                	/* getsocketoption   */
-    NULL,                	/* setsocketoption   */
-    ssl_EmulateSendFile, 	/* Send a (partial) file with header/trailer*/
-    NULL,                	/* reserved for future use */
-    NULL,                	/* reserved for future use */
-    NULL,                	/* reserved for future use */
-    NULL,                	/* reserved for future use */
-    NULL                 	/* reserved for future use */
-};
-
-
-static PRIOMethods combined_methods;
-
-static void
-ssl_SetupIOMethods(void)
-{
-          PRIOMethods *new_methods  = &combined_methods;
-    const PRIOMethods *nspr_methods = PR_GetDefaultIOMethods();
-    const PRIOMethods *my_methods   = &ssl_methods;
-
-    *new_methods = *nspr_methods;
-
-    new_methods->file_type         = my_methods->file_type;
-    new_methods->close             = my_methods->close;
-    new_methods->read              = my_methods->read;
-    new_methods->write             = my_methods->write;
-    new_methods->available         = my_methods->available;
-    new_methods->available64       = my_methods->available64;
-    new_methods->fsync             = my_methods->fsync;
-    new_methods->seek              = my_methods->seek;
-    new_methods->seek64            = my_methods->seek64;
-    new_methods->fileInfo          = my_methods->fileInfo;
-    new_methods->fileInfo64        = my_methods->fileInfo64;
-    new_methods->writev            = my_methods->writev;
-    new_methods->connect           = my_methods->connect;
-    new_methods->accept            = my_methods->accept;
-    new_methods->bind              = my_methods->bind;
-    new_methods->listen            = my_methods->listen;
-    new_methods->shutdown          = my_methods->shutdown;
-    new_methods->recv              = my_methods->recv;
-    new_methods->send              = my_methods->send;
-    new_methods->recvfrom          = my_methods->recvfrom;
-    new_methods->sendto            = my_methods->sendto;
-    new_methods->poll              = my_methods->poll;
-    new_methods->acceptread        = my_methods->acceptread;
-    new_methods->transmitfile      = my_methods->transmitfile;
-    new_methods->getsockname       = my_methods->getsockname;
-    new_methods->getpeername       = my_methods->getpeername;
-/*  new_methods->getsocketoption   = my_methods->getsocketoption;	*/
-/*  new_methods->setsocketoption   = my_methods->setsocketoption;	*/
-    new_methods->sendfile          = my_methods->sendfile;
-
-}
-
-static PRCallOnceType initIoLayerOnce;
-
-static PRStatus  
-ssl_InitIOLayer(void)
-{
-    ssl_layer_id = PR_GetUniqueIdentity("SSL");
-    ssl_SetupIOMethods();
-    ssl_inited = PR_TRUE;
-    return PR_SUCCESS;
-}
-
-static PRStatus
-ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, PRDescIdentity id)
-{
-    PRFileDesc *layer	= NULL;
-    PRStatus    status;
-
-    if (!ssl_inited) {
-	PR_CallOnce(&initIoLayerOnce, &ssl_InitIOLayer);
-    }
-
-    if (ns == NULL)
-	goto loser;
-
-    layer = PR_CreateIOLayerStub(ssl_layer_id, &combined_methods);
-    if (layer == NULL)
-	goto loser;
-    layer->secret = (PRFilePrivate *)ns;
-
-    /* Here, "stack" points to the PRFileDesc on the top of the stack.
-    ** "layer" points to a new FD that is to be inserted into the stack.
-    ** If layer is being pushed onto the top of the stack, then 
-    ** PR_PushIOLayer switches the contents of stack and layer, and then
-    ** puts stack on top of layer, so that after it is done, the top of 
-    ** stack is the same "stack" as it was before, and layer is now the 
-    ** FD for the former top of stack.
-    ** After this call, stack always points to the top PRFD on the stack.
-    ** If this function fails, the contents of stack and layer are as 
-    ** they were before the call.
-    */
-    status = PR_PushIOLayer(stack, id, layer);
-    if (status != PR_SUCCESS)
-	goto loser;
-
-    ns->fd = (id == PR_TOP_IO_LAYER) ? stack : layer;
-    return PR_SUCCESS;
-
-loser:
-    if (layer) {
-	layer->dtor(layer); /* free layer */
-    }
-    return PR_FAILURE;
-}
-
-/*
-** Create a newsocket structure for a file descriptor.
-*/
-static sslSocket *
-ssl_NewSocket(void)
-{
-    sslSocket *ss;
-#ifdef DEBUG
-#if (defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS)) && !defined(_WIN32_WCE)
-    static int firsttime = 1;
-
-    if (firsttime) {
-	firsttime = 0;
-	{
-	    char *ev = getenv("SSLDEBUG");
-	    if (ev && ev[0]) {
-		ssl_debug = atoi(ev);
-		SSL_TRACE(("SSL: debugging set to %d", ssl_debug));
-	    }
-	}
-#ifdef TRACE
-	{
-	    char *ev = getenv("SSLTRACE");
-	    if (ev && ev[0]) {
-		ssl_trace = atoi(ev);
-		SSL_TRACE(("SSL: tracing set to %d", ssl_trace));
-	    }
-	}
-#endif /* TRACE */
-    }
-#endif /* XP_UNIX || XP_WIN32 */
-#endif /* DEBUG */
-
-    /* Make a new socket and get it ready */
-    ss = (sslSocket*) PORT_ZAlloc(sizeof(sslSocket));
-    if (ss) {
-        /* This should be of type SSLKEAType, but CC on IRIX
-	 * complains during the for loop.
-	 */
-	int i;
-	SECStatus status;
- 
-	ss->useSecurity        = ssl_defaults.useSecurity;
-	ss->useSocks           = PR_FALSE;
-	ss->requestCertificate = ssl_defaults.requestCertificate;
-	ss->requireCertificate = ssl_defaults.requireCertificate;
-	ss->handshakeAsClient  = ssl_defaults.handshakeAsClient;
-	ss->handshakeAsServer  = ssl_defaults.handshakeAsServer;
-	ss->enableSSL2         = ssl_defaults.enableSSL2;
-	ss->enableSSL3         = ssl_defaults.enableSSL3;
-	ss->enableTLS          = ssl_defaults.enableTLS ;
-	ss->fdx                = ssl_defaults.fdx;
-	ss->v2CompatibleHello  = ssl_defaults.v2CompatibleHello;
-	ss->detectRollBack     = ssl_defaults.detectRollBack;
-	ss->noCache            = ssl_defaults.noCache;
-	ss->peerID             = NULL;
-	ss->rTimeout	       = PR_INTERVAL_NO_TIMEOUT;
-	ss->wTimeout	       = PR_INTERVAL_NO_TIMEOUT;
-	ss->cTimeout	       = PR_INTERVAL_NO_TIMEOUT;
-	ss->cipherSpecs        = NULL;
-        ss->sizeCipherSpecs    = 0;  /* produced lazily */
-        ss->preferredCipher    = NULL;
-        ss->url                = NULL;
-
-	for (i=kt_null; i < kt_kea_size; i++) {
-	    sslServerCerts * sc = ss->serverCerts + i;
-	    sc->serverCert      = NULL;
-	    sc->serverCertChain = NULL;
-	    sc->serverKey       = NULL;
-	    sc->serverKeyBits   = 0;
-	}
-	ss->stepDownKeyPair    = NULL;
-	ss->dbHandle           = CERT_GetDefaultCertDB();
-
-	/* Provide default implementation of hooks */
-	ss->authCertificate    = SSL_AuthCertificate;
-	ss->authCertificateArg = (void *)ss->dbHandle;
-	ss->getClientAuthData  = NULL;
-	ss->handleBadCert      = NULL;
-	ss->badCertArg         = NULL;
-	ss->pkcs11PinArg       = NULL;
-
-	ssl_ChooseOps(ss);
-	ssl2_InitSocketPolicy(ss);
-	ssl3_InitSocketPolicy(ss);
-
-	ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL);
-	if (!ss->firstHandshakeLock) goto loser;
-	ss->ssl3HandshakeLock  = PZ_NewMonitor(nssILockSSL);
-	if (!ss->ssl3HandshakeLock) goto loser;
-	ss->specLock           = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
-	if (!ss->specLock) goto loser;
-	ss->recvBufLock        = PZ_NewMonitor(nssILockSSL);
-	if (!ss->recvBufLock) goto loser;
-	ss->xmitBufLock        = PZ_NewMonitor(nssILockSSL);
-	if (!ss->xmitBufLock) goto loser;
-	ss->writerThread       = NULL;
-	if (ssl_lock_readers) {
-	    ss->recvLock       = PZ_NewLock(nssILockSSL);
-	    if (!ss->recvLock) goto loser;
-	    ss->sendLock       = PZ_NewLock(nssILockSSL);
-	    if (!ss->sendLock) goto loser;
-	}
-	status = ssl_CreateSecurityInfo(ss);
-	if (status != SECSuccess) goto loser;
-	status = ssl_InitGather(&ss->gs);
-	if (status != SECSuccess) {
-loser:
-	    ssl_DestroySocketContents(ss);
-	    ssl_DestroyLocks(ss);
-	    PORT_Free(ss);
-	    ss = NULL;
-	}
-    }
-    return ss;
-}
-
diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h
deleted file mode 100644
index a60c1cd8d..000000000
--- a/security/nss/lib/ssl/sslt.h
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * This file contains prototypes for the public SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslt_h_
-#define __sslt_h_
-
-#include "prtypes.h"
-
-typedef struct SSL3StatisticsStr {
-    /* statistics from ssl3_SendClientHello (sch) */
-    long sch_sid_cache_hits;
-    long sch_sid_cache_misses;
-    long sch_sid_cache_not_ok;
-
-    /* statistics from ssl3_HandleServerHello (hsh) */
-    long hsh_sid_cache_hits;
-    long hsh_sid_cache_misses;
-    long hsh_sid_cache_not_ok;
-
-    /* statistics from ssl3_HandleClientHello (hch) */
-    long hch_sid_cache_hits;
-    long hch_sid_cache_misses;
-    long hch_sid_cache_not_ok;
-} SSL3Statistics;
-
-/* Key Exchange algorithm values */
-typedef enum {
-    ssl_kea_null     = 0,
-    ssl_kea_rsa      = 1,
-    ssl_kea_dh       = 2,
-    ssl_kea_fortezza = 3,
-    ssl_kea_size		/* number of ssl_kea_ algorithms */
-} SSLKEAType;
-
-/* The following defines are for backwards compatibility.
-** They will be removed in a forthcoming release to reduce namespace pollution.
-** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
-** soon.
-*/
-#define kt_null   	ssl_kea_null
-#define kt_rsa   	ssl_kea_rsa
-#define kt_dh   	ssl_kea_dh
-#define kt_fortezza	ssl_kea_fortezza
-#define kt_kea_size	ssl_kea_size
-
-typedef enum {
-    ssl_sign_null   = 0, 
-    ssl_sign_rsa    = 1,
-    ssl_sign_dsa    = 2
-} SSLSignType;
-
-typedef enum {
-    ssl_auth_null   = 0, 
-    ssl_auth_rsa    = 1,
-    ssl_auth_dsa    = 2,
-    ssl_auth_kea    = 3
-} SSLAuthType;
-
-typedef enum {
-    ssl_calg_null     = 0,
-    ssl_calg_rc4      = 1,
-    ssl_calg_rc2      = 2,
-    ssl_calg_des      = 3,
-    ssl_calg_3des     = 4,
-    ssl_calg_idea     = 5,
-    ssl_calg_fortezza = 6,      /* skipjack */
-    ssl_calg_aes      = 7       /* coming soon */
-} SSLCipherAlgorithm;
-
-typedef enum { 
-    ssl_mac_null      = 0, 
-    ssl_mac_md5       = 1, 
-    ssl_mac_sha       = 2, 
-    ssl_hmac_md5      = 3, 	/* TLS HMAC version of mac_md5 */
-    ssl_hmac_sha      = 4 	/* TLS HMAC version of mac_sha */
-} SSLMACAlgorithm;
-
-typedef struct SSLChannelInfoStr {
-    PRUint32             length;
-    PRUint16             protocolVersion;
-    PRUint16             cipherSuite;
-
-    /* server authentication info */
-    PRUint32             authKeyBits;
-
-    /* key exchange algorithm info */
-    PRUint32             keaKeyBits;
-
-    /* session info */
-    PRUint32             creationTime;		/* seconds since Jan 1, 1970 */
-    PRUint32             lastAccessTime;	/* seconds since Jan 1, 1970 */
-    PRUint32             expirationTime;	/* seconds since Jan 1, 1970 */
-    PRUint32             sessionIDLength;	/* up to 32 */
-    PRUint8              sessionID    [32];
-} SSLChannelInfo;
-
-typedef struct SSLCipherSuiteInfoStr {
-    PRUint16             length;
-    PRUint16             cipherSuite;
-
-    /* Cipher Suite Name */
-    const char *         cipherSuiteName;
-
-    /* server authentication info */
-    const char *         authAlgorithmName;
-    SSLAuthType          authAlgorithm;
-
-    /* key exchange algorithm info */
-    const char *         keaTypeName;
-    SSLKEAType           keaType;
-
-    /* symmetric encryption info */
-    const char *         symCipherName;
-    SSLCipherAlgorithm   symCipher;
-    PRUint16             symKeyBits;
-    PRUint16             symKeySpace;
-    PRUint16             effectiveKeyBits;
-
-    /* MAC info */
-    const char *         macAlgorithmName;
-    SSLMACAlgorithm      macAlgorithm;
-    PRUint16             macBits;
-
-    PRUintn              isFIPS       : 1;
-    PRUintn              isExportable : 1;
-    PRUintn              nonStandard  : 1;
-    PRUintn              reservedBits :29;
-
-} SSLCipherSuiteInfo;
-
-#endif /* __sslt_h_ */
diff --git a/security/nss/lib/ssl/ssltrace.c b/security/nss/lib/ssl/ssltrace.c
deleted file mode 100644
index 15f064813..000000000
--- a/security/nss/lib/ssl/ssltrace.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * Functions to trace SSL protocol behavior in DEBUG builds.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include <stdarg.h>
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "prprf.h"
-
-#if defined(DEBUG) || defined(TRACE)
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
-	"................"	/* 0x */
-	"................"	/* 1x */
-	" !\"#$%&'()*+,-./"	/* 2x */
-	"0123456789:;<=>?"	/* 3x */
-	"@ABCDEFGHIJKLMNO"	/* 4x */
-	"PQRSTUVWXYZ[\\]^_"	/* 5x */
-	"`abcdefghijklmno"	/* 6x */
-	"pqrstuvwxyz{|}~."	/* 7x */
-	"................"	/* 8x */
-	"................"	/* 9x */
-	"................"	/* ax */
-	"................"	/* bx */
-	"................"	/* cx */
-	"................"	/* dx */
-	"................"	/* ex */
-	"................"	/* fx */
-};
-
-void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len)
-{
-    const unsigned char *cp = (const unsigned char *)vp;
-    char buf[80];
-    char *bp;
-    char *ap;
-
-    if (ss) {
-	SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,
-		   msg, len));
-    } else {
-	SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));
-    }
-    memset(buf, ' ', sizeof buf);
-    bp = buf;
-    ap = buf + 50;
-    while (--len >= 0) {
-	unsigned char ch = *cp++;
-	*bp++ = hex[(ch >> 4) & 0xf];
-	*bp++ = hex[ch & 0xf];
-	*bp++ = ' ';
-	*ap++ = printable[ch];
-	if (ap - buf >= 66) {
-	    *ap = 0;
-	    SSL_TRACE(("   %s", buf));
-	    memset(buf, ' ', sizeof buf);
-	    bp = buf;
-	    ap = buf + 50;
-	}
-    }
-    if (bp > buf) {
-	*ap = 0;
-	SSL_TRACE(("   %s", buf));
-    }
-}
-
-#define LEN(cp)		(((cp)[0] << 8) | ((cp)[1]))
-
-static void PrintType(sslSocket *ss, char *msg)
-{
-    if (ss) {
-	SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,
-		   msg));
-    } else {
-	SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));
-    }
-}
-
-static void PrintInt(sslSocket *ss, char *msg, unsigned v)
-{
-    if (ss) {
-	SSL_TRACE(("%d: SSL[%d]:           %s=%u", SSL_GETPID(), ss->fd,
-		   msg, v));
-    } else {
-	SSL_TRACE(("%d: SSL:           %s=%u", SSL_GETPID(), msg, v));
-    }
-}
-
-/* PrintBuf is just like ssl_PrintBuf above, except that:
- * a) It prefixes each line of the buffer with "XX: SSL[xxx]           "
- * b) It dumps only hex, not ASCII.
- */
-static void PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len)
-{
-    char buf[80];
-    char *bp;
-
-    if (ss) {
-	SSL_TRACE(("%d: SSL[%d]:           %s [Len: %d]", 
-		   SSL_GETPID(), ss->fd, msg, len));
-    } else {
-	SSL_TRACE(("%d: SSL:           %s [Len: %d]", 
-		   SSL_GETPID(), msg, len));
-    }
-    bp = buf;
-    while (--len >= 0) {
-	unsigned char ch = *cp++;
-	*bp++ = hex[(ch >> 4) & 0xf];
-	*bp++ = hex[ch & 0xf];
-	*bp++ = ' ';
-	if (bp + 4 > buf + 50) {
-	    *bp = 0;
-	    if (ss) {
-		SSL_TRACE(("%d: SSL[%d]:             %s",
-			   SSL_GETPID(), ss->fd, buf));
-	    } else {
-		SSL_TRACE(("%d: SSL:             %s", SSL_GETPID(), buf));
-	    }
-	    bp = buf;
-	}
-    }
-    if (bp > buf) {
-	*bp = 0;
-	if (ss) {
-	    SSL_TRACE(("%d: SSL[%d]:             %s",
-		       SSL_GETPID(), ss->fd, buf));
-	} else {
-	    SSL_TRACE(("%d: SSL:             %s", SSL_GETPID(), buf));
-	}
-    }
-}
-
-void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len)
-{
-    switch (bp[0]) {
-      case SSL_MT_ERROR:
-	PrintType(ss, "Error");
-	PrintInt(ss, "error", LEN(bp+1));
-	break;
-
-      case SSL_MT_CLIENT_HELLO:
-	{
-	    unsigned lcs = LEN(bp+3);
-	    unsigned ls  = LEN(bp+5);
-	    unsigned lc  = LEN(bp+7);
-
-	    PrintType(ss, "Client-Hello");
-
-	    PrintInt(ss, "version (Major)",                   bp[1]);
-	    PrintInt(ss, "version (minor)",                   bp[2]);
-
-	    PrintBuf(ss, "cipher-specs",         bp+9,        lcs);
-	    PrintBuf(ss, "session-id",           bp+9+lcs,    ls);
-	    PrintBuf(ss, "challenge",            bp+9+lcs+ls, lc);
-	}
-	break;
-      case SSL_MT_CLIENT_MASTER_KEY:
-	{
-	    unsigned lck = LEN(bp+4);
-	    unsigned lek = LEN(bp+6);
-	    unsigned lka = LEN(bp+8);
-
-	    PrintType(ss, "Client-Master-Key");
-
-	    PrintInt(ss, "cipher-choice",                       bp[1]);
-	    PrintInt(ss, "key-length",                          LEN(bp+2));
-
-	    PrintBuf(ss, "clear-key",            bp+10,         lck);
-	    PrintBuf(ss, "encrypted-key",        bp+10+lck,     lek);
-	    PrintBuf(ss, "key-arg",              bp+10+lck+lek, lka);
-	}
-	break;
-      case SSL_MT_CLIENT_FINISHED:
-	PrintType(ss, "Client-Finished");
-	PrintBuf(ss, "connection-id",            bp+1,          len-1);
-	break;
-      case SSL_MT_SERVER_HELLO:
-	{
-	    unsigned lc = LEN(bp+5);
-	    unsigned lcs = LEN(bp+7);
-	    unsigned lci = LEN(bp+9);
-
-	    PrintType(ss, "Server-Hello");
-
-	    PrintInt(ss, "session-id-hit",                     bp[1]);
-	    PrintInt(ss, "certificate-type",                   bp[2]);
-	    PrintInt(ss, "version (Major)",                    bp[3]);
-	    PrintInt(ss, "version (minor)",                    bp[3]);
-	    PrintBuf(ss, "certificate",          bp+11,        lc);
-	    PrintBuf(ss, "cipher-specs",         bp+11+lc,     lcs);
-	    PrintBuf(ss, "connection-id",        bp+11+lc+lcs, lci);
-	}
-	break;
-      case SSL_MT_SERVER_VERIFY:
-	PrintType(ss, "Server-Verify");
-	PrintBuf(ss, "challenge",                bp+1,         len-1);
-	break;
-      case SSL_MT_SERVER_FINISHED:
-	PrintType(ss, "Server-Finished");
-	PrintBuf(ss, "session-id",               bp+1,         len-1);
-	break;
-      case SSL_MT_REQUEST_CERTIFICATE:
-	PrintType(ss, "Request-Certificate");
-	PrintInt(ss, "authentication-type",                    bp[1]);
-	PrintBuf(ss, "certificate-challenge",    bp+2,         len-2);
-	break;
-      case SSL_MT_CLIENT_CERTIFICATE:
-	{
-	    unsigned lc = LEN(bp+2);
-	    unsigned lr = LEN(bp+4);
-	    PrintType(ss, "Client-Certificate");
-	    PrintInt(ss, "certificate-type",                   bp[1]);
-	    PrintBuf(ss, "certificate",          bp+6,         lc);
-	    PrintBuf(ss, "response",             bp+6+lc,      lr);
-	}
-	break;
-      default:
-	ssl_PrintBuf(ss, "sending *unknown* message type", bp, len);
-	return;
-    }
-}
-
-void
-ssl_Trace(const char *format, ... )
-{
-    char buf[2000]; 
-
-    va_list args;
-    va_start(args, format);
-    PR_vsnprintf(buf, sizeof(buf), format, args);
-    va_end(args);
-    puts(buf);
-}
-#endif
diff --git a/security/nss/lib/ssl/sslver.c b/security/nss/lib/ssl/sslver.c
deleted file mode 100644
index 58bcdd858..000000000
--- a/security/nss/lib/ssl/sslver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2001 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_ssl_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__ " $";
-const char __nss_ssl_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
-        "  " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/ssl/unix_err.c b/security/nss/lib/ssl/unix_err.c
deleted file mode 100644
index 7e125c880..000000000
--- a/security/nss/lib/ssl/unix_err.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes.  We would use 
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- * 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#if 0
-#include "primpl.h"
-#else
-#define _PR_POLL_AVAILABLE 1
-#include "prerror.h"
-#endif
-
-#if defined (__bsdi__) || defined(NTO) || defined(DARWIN) || defined(BEOS)
-#undef _PR_POLL_AVAILABLE
-#endif
-
-#if defined(_PR_POLL_AVAILABLE)
-#include <poll.h>
-#endif
-#include <errno.h>
-
-/* forward declarations. */
-void nss_MD_unix_map_default_error(int err);
-
-void nss_MD_unix_map_opendir_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_closedir_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_readdir_error(int err)
-{
-    PRErrorCode prError;
-
-    switch (err) {
-    case ENOENT:	prError = PR_NO_MORE_FILES_ERROR; break;
-#ifdef EOVERFLOW
-    case EOVERFLOW:	prError = PR_IO_ERROR; break;
-#endif
-    case EINVAL:	prError = PR_IO_ERROR; break;
-    case ENXIO:		prError = PR_IO_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_unlink_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EPERM:		prError = PR_IS_DIRECTORY_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_stat_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_fstat_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_rename_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EEXIST:	prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_access_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_mkdir_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_rmdir_error(int err)
-{
-    PRErrorCode prError;
-
-    switch (err) {
-    case EEXIST:	prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
-    case EINVAL:	prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_read_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_INVALID_METHOD_ERROR; break;
-    case ENXIO:		prError = PR_INVALID_ARGUMENT_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_write_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_INVALID_METHOD_ERROR; break;
-    case ENXIO:		prError = PR_INVALID_METHOD_ERROR; break;
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_lseek_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_fsync_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    case EINVAL:	prError = PR_INVALID_METHOD_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_close_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_socket_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_socketavailable_error(int err)
-{
-    PR_SetError(PR_BAD_DESCRIPTOR_ERROR, err);
-}
-
-void nss_MD_unix_map_recv_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_recvfrom_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_send_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_sendto_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_writev_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_accept_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ENODEV:	prError = PR_NOT_TCP_SOCKET_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_connect_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EACCES:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-#if defined(UNIXWARE) || defined(SNI) || defined(NEC)
-    /*
-     * On some platforms, if we connect to a port on the local host 
-     * (the loopback address) that no process is listening on, we get 
-     * EIO instead of ECONNREFUSED.
-     */
-    case EIO:		prError = PR_CONNECT_REFUSED_ERROR; break;
-#endif
-    case ELOOP:		prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case ENOENT:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case ENXIO:		prError = PR_IO_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_bind_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
-        /*
-         * UNIX domain sockets are not supported in NSPR
-         */
-    case EIO:		prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case EISDIR:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case ELOOP:		prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case ENOENT:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case ENOTDIR:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case EROFS:		prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_listen_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_shutdown_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_socketpair_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getsockname_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getpeername_error(int err)
-{
-    PRErrorCode prError;
-
-    switch (err) {
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getsockopt_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_BUFFER_OVERFLOW_ERROR; break;
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_setsockopt_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_BUFFER_OVERFLOW_ERROR; break;
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_open_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EAGAIN:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case EBUSY:		prError = PR_IO_ERROR; break;
-    case ENODEV:	prError = PR_FILE_NOT_FOUND_ERROR; break;
-    case ENOMEM:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case ETIMEDOUT:	prError = PR_REMOTE_FILE_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_mmap_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EAGAIN:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case EMFILE:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case ENODEV:	prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
-    case ENXIO:		prError = PR_INVALID_ARGUMENT_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_gethostname_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_select_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-
-#ifdef _PR_POLL_AVAILABLE
-void nss_MD_unix_map_poll_error(int err)
-{
-    PRErrorCode prError;
-
-    switch (err) {
-    case EAGAIN:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_poll_revents_error(int err)
-{
-    if (err & POLLNVAL)
-        PR_SetError(PR_BAD_DESCRIPTOR_ERROR, EBADF);
-    else if (err & POLLHUP)
-        PR_SetError(PR_CONNECT_RESET_ERROR, EPIPE);
-    else if (err & POLLERR)
-        PR_SetError(PR_IO_ERROR, EIO);
-    else
-        PR_SetError(PR_UNKNOWN_ERROR, err);
-}
-#endif /* _PR_POLL_AVAILABLE */
-
-
-void nss_MD_unix_map_flock_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EINVAL:	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-    case EWOULDBLOCK:	prError = PR_FILE_IS_LOCKED_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_lockf_error(int err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case EACCES:	prError = PR_FILE_IS_LOCKED_ERROR; break;
-    case EDEADLK:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    default:		nss_MD_unix_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-#ifdef HPUX11
-void nss_MD_hpux_map_sendfile_error(int err)
-{
-    nss_MD_unix_map_default_error(err);
-}
-#endif /* HPUX11 */
-
-
-void nss_MD_unix_map_default_error(int err)
-{
-    PRErrorCode prError;
-    switch (err ) {
-    case EACCES:	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-    case EADDRINUSE:	prError = PR_ADDRESS_IN_USE_ERROR; break;
-    case EADDRNOTAVAIL:	prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
-    case EAFNOSUPPORT:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case EAGAIN:	prError = PR_WOULD_BLOCK_ERROR; break;
-    /*
-     * On QNX and Neutrino, EALREADY is defined as EBUSY.
-     */
-#if EALREADY != EBUSY
-    case EALREADY:	prError = PR_ALREADY_INITIATED_ERROR; break;
-#endif
-    case EBADF:		prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#ifdef EBADMSG
-    case EBADMSG:	prError = PR_IO_ERROR; break;
-#endif
-    case EBUSY:		prError = PR_FILESYSTEM_MOUNTED_ERROR; break;
-    case ECONNREFUSED:	prError = PR_CONNECT_REFUSED_ERROR; break;
-    case ECONNRESET:	prError = PR_CONNECT_RESET_ERROR; break;
-    case EDEADLK:	prError = PR_DEADLOCK_ERROR; break;
-#ifdef EDIRCORRUPTED
-    case EDIRCORRUPTED:	prError = PR_DIRECTORY_CORRUPTED_ERROR; break;
-#endif
-#ifdef EDQUOT
-    case EDQUOT:	prError = PR_NO_DEVICE_SPACE_ERROR; break;
-#endif
-    case EEXIST:	prError = PR_FILE_EXISTS_ERROR; break;
-    case EFAULT:	prError = PR_ACCESS_FAULT_ERROR; break;
-    case EFBIG:		prError = PR_FILE_TOO_BIG_ERROR; break;
-    case EINPROGRESS:	prError = PR_IN_PROGRESS_ERROR; break;
-    case EINTR:		prError = PR_PENDING_INTERRUPT_ERROR; break;
-    case EINVAL:	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case EIO:		prError = PR_IO_ERROR; break;
-    case EISCONN:	prError = PR_IS_CONNECTED_ERROR; break;
-    case EISDIR:	prError = PR_IS_DIRECTORY_ERROR; break;
-    case ELOOP:		prError = PR_LOOP_ERROR; break;
-    case EMFILE:	prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
-    case EMLINK:	prError = PR_MAX_DIRECTORY_ENTRIES_ERROR; break;
-    case EMSGSIZE:	prError = PR_INVALID_ARGUMENT_ERROR; break;
-#ifdef EMULTIHOP
-    case EMULTIHOP:	prError = PR_REMOTE_FILE_ERROR; break;
-#endif
-    case ENAMETOOLONG:	prError = PR_NAME_TOO_LONG_ERROR; break;
-    case ENETUNREACH:	prError = PR_NETWORK_UNREACHABLE_ERROR; break;
-    case ENFILE:	prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
-#if !defined(SCO)
-    case ENOBUFS:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-#endif
-    case ENODEV:	prError = PR_FILE_NOT_FOUND_ERROR; break;
-    case ENOENT:	prError = PR_FILE_NOT_FOUND_ERROR; break;
-    case ENOLCK:	prError = PR_FILE_IS_LOCKED_ERROR; break;
-#ifdef ENOLINK 
-    case ENOLINK:	prError = PR_REMOTE_FILE_ERROR; break;
-#endif
-    case ENOMEM:	prError = PR_OUT_OF_MEMORY_ERROR; break;
-    case ENOPROTOOPT:	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case ENOSPC:	prError = PR_NO_DEVICE_SPACE_ERROR; break;
-#ifdef ENOSR 
-    case ENOSR:		prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-#endif
-    case ENOTCONN:	prError = PR_NOT_CONNECTED_ERROR; break;
-    case ENOTDIR:	prError = PR_NOT_DIRECTORY_ERROR; break;
-    case ENOTSOCK:	prError = PR_NOT_SOCKET_ERROR; break;
-    case ENXIO:		prError = PR_FILE_NOT_FOUND_ERROR; break;
-    case EOPNOTSUPP:	prError = PR_NOT_TCP_SOCKET_ERROR; break;
-#ifdef EOVERFLOW
-    case EOVERFLOW:	prError = PR_BUFFER_OVERFLOW_ERROR; break;
-#endif
-    case EPERM:		prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-    case EPIPE:		prError = PR_CONNECT_RESET_ERROR; break;
-#ifdef EPROTO
-    case EPROTO:	prError = PR_IO_ERROR; break;
-#endif
-    case EPROTONOSUPPORT: prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
-    case EPROTOTYPE:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case ERANGE:	prError = PR_INVALID_METHOD_ERROR; break;
-    case EROFS:		prError = PR_READ_ONLY_FILESYSTEM_ERROR; break;
-    case ESPIPE:	prError = PR_INVALID_METHOD_ERROR; break;
-    case ETIMEDOUT:	prError = PR_IO_TIMEOUT_ERROR; break;
-#if EWOULDBLOCK != EAGAIN
-    case EWOULDBLOCK:	prError = PR_WOULD_BLOCK_ERROR; break;
-#endif
-    case EXDEV:		prError = PR_NOT_SAME_DEVICE_ERROR; break;
-
-    default:		prError = PR_UNKNOWN_ERROR; break;
-    }
-    PR_SetError(prError, err);
-}
diff --git a/security/nss/lib/ssl/unix_err.h b/security/nss/lib/ssl/unix_err.h
deleted file mode 100644
index 2611baf81..000000000
--- a/security/nss/lib/ssl/unix_err.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes.  We would use 
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- * 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/*  NSPR doesn't make these functions public, so we have to duplicate
-**  them in NSS.
-*/
-extern void nss_MD_hpux_map_sendfile_error(int err);
-extern void nss_MD_unix_map_accept_error(int err);
-extern void nss_MD_unix_map_access_error(int err);
-extern void nss_MD_unix_map_bind_error(int err);
-extern void nss_MD_unix_map_close_error(int err);
-extern void nss_MD_unix_map_closedir_error(int err);
-extern void nss_MD_unix_map_connect_error(int err);
-extern void nss_MD_unix_map_default_error(int err);
-extern void nss_MD_unix_map_flock_error(int err);
-extern void nss_MD_unix_map_fstat_error(int err);
-extern void nss_MD_unix_map_fsync_error(int err);
-extern void nss_MD_unix_map_gethostname_error(int err);
-extern void nss_MD_unix_map_getpeername_error(int err);
-extern void nss_MD_unix_map_getsockname_error(int err);
-extern void nss_MD_unix_map_getsockopt_error(int err);
-extern void nss_MD_unix_map_listen_error(int err);
-extern void nss_MD_unix_map_lockf_error(int err);
-extern void nss_MD_unix_map_lseek_error(int err);
-extern void nss_MD_unix_map_mkdir_error(int err);
-extern void nss_MD_unix_map_mmap_error(int err);
-extern void nss_MD_unix_map_open_error(int err);
-extern void nss_MD_unix_map_opendir_error(int err);
-extern void nss_MD_unix_map_poll_error(int err);
-extern void nss_MD_unix_map_poll_revents_error(int err);
-extern void nss_MD_unix_map_read_error(int err);
-extern void nss_MD_unix_map_readdir_error(int err);
-extern void nss_MD_unix_map_recv_error(int err);
-extern void nss_MD_unix_map_recvfrom_error(int err);
-extern void nss_MD_unix_map_rename_error(int err);
-extern void nss_MD_unix_map_rmdir_error(int err);
-extern void nss_MD_unix_map_select_error(int err);
-extern void nss_MD_unix_map_send_error(int err);
-extern void nss_MD_unix_map_sendto_error(int err);
-extern void nss_MD_unix_map_setsockopt_error(int err);
-extern void nss_MD_unix_map_shutdown_error(int err);
-extern void nss_MD_unix_map_socket_error(int err);
-extern void nss_MD_unix_map_socketavailable_error(int err);
-extern void nss_MD_unix_map_socketpair_error(int err);
-extern void nss_MD_unix_map_stat_error(int err);
-extern void nss_MD_unix_map_unlink_error(int err);
-extern void nss_MD_unix_map_write_error(int err);
-extern void nss_MD_unix_map_writev_error(int err);
diff --git a/security/nss/lib/ssl/win32err.c b/security/nss/lib/ssl/win32err.c
deleted file mode 100644
index 4f55f280c..000000000
--- a/security/nss/lib/ssl/win32err.c
+++ /dev/null
@@ -1,376 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes.  We would use 
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- * 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#if !defined(_WIN32_WCE)
-
-#include "prerror.h"
-#include "prlog.h"
-#include <errno.h>
-#include <windows.h>
-
-/*
- * On Win32, we map three kinds of error codes:
- * - GetLastError(): for Win32 functions
- * - WSAGetLastError(): for Winsock functions
- * - errno: for standard C library functions
- *
- * We do not check for WSAEINPROGRESS and WSAEINTR because we do not
- * use blocking Winsock 1.1 calls.
- *
- * Except for the 'socket' call, we do not check for WSAEINITIALISED.
- * It is assumed that if Winsock is not initialized, that fact will
- * be detected at the time we create new sockets.
- */
-
-/* forward declaration. */
-void nss_MD_win32_map_default_error(PRInt32 err);
-
-void nss_MD_win32_map_opendir_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_closedir_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_readdir_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_delete_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-/* The error code for stat() is in errno. */
-void nss_MD_win32_map_stat_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_fstat_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_rename_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-/* The error code for access() is in errno. */
-void nss_MD_win32_map_access_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_mkdir_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_rmdir_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_read_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_transmitfile_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_write_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_lseek_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_fsync_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-/*
- * For both CloseHandle() and closesocket().
- */
-void nss_MD_win32_map_close_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_socket_error(PRInt32 err)
-{
-    PR_ASSERT(err != WSANOTINITIALISED);
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_recv_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_recvfrom_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_send_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEMSGSIZE: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_sendto_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEMSGSIZE: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_accept_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-    case WSAEINVAL: 	prError = PR_INVALID_STATE_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_acceptex_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_connect_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
-    case WSAEINVAL: 	prError = PR_ALREADY_INITIATED_ERROR; break;
-    case WSAETIMEDOUT: 	prError = PR_IO_TIMEOUT_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_bind_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEINVAL: 	prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_listen_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-    case WSAEINVAL: 	prError = PR_INVALID_STATE_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_shutdown_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_getsockname_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAEINVAL: 	prError = PR_INVALID_STATE_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_getpeername_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_getsockopt_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_setsockopt_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_open_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_gethostname_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-/* Win32 select() only works on sockets.  So in this
-** context, WSAENOTSOCK is equivalent to EBADF on Unix.  
-*/
-void nss_MD_win32_map_select_error(PRInt32 err)
-{
-    PRErrorCode prError;
-    switch (err) {
-    case WSAENOTSOCK:	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-    default:		nss_MD_win32_map_default_error(err); return;
-    }
-    PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_lockf_error(PRInt32 err)
-{
-    nss_MD_win32_map_default_error(err);
-}
-
-
-
-void nss_MD_win32_map_default_error(PRInt32 err)
-{
-    PRErrorCode prError;
-
-    switch (err) {
-    case EACCES: 		prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-    case ENOENT: 		prError = PR_FILE_NOT_FOUND_ERROR; break;
-    case ERROR_ACCESS_DENIED: 	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-    case ERROR_ALREADY_EXISTS: 	prError = PR_FILE_EXISTS_ERROR; break;
-    case ERROR_DISK_CORRUPT: 	prError = PR_IO_ERROR; break;
-    case ERROR_DISK_FULL: 	prError = PR_NO_DEVICE_SPACE_ERROR; break;
-    case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
-    case ERROR_DRIVE_LOCKED: 	prError = PR_FILE_IS_LOCKED_ERROR; break;
-    case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
-    case ERROR_FILE_CORRUPT: 	prError = PR_IO_ERROR; break;
-    case ERROR_FILE_EXISTS: 	prError = PR_FILE_EXISTS_ERROR; break;
-    case ERROR_FILE_INVALID: 	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#if ERROR_FILE_NOT_FOUND != ENOENT
-    case ERROR_FILE_NOT_FOUND: 	prError = PR_FILE_NOT_FOUND_ERROR; break;
-#endif
-    case ERROR_HANDLE_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-    case ERROR_INVALID_ADDRESS: prError = PR_ACCESS_FAULT_ERROR; break;
-    case ERROR_INVALID_HANDLE: 	prError = PR_BAD_DESCRIPTOR_ERROR; break;
-    case ERROR_INVALID_NAME: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case ERROR_INVALID_PARAMETER: prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case ERROR_INVALID_USER_BUFFER: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case ERROR_LOCKED:	 	prError = PR_FILE_IS_LOCKED_ERROR; break;
-    case ERROR_NETNAME_DELETED: prError = PR_CONNECT_RESET_ERROR; break;
-    case ERROR_NOACCESS: 	prError = PR_ACCESS_FAULT_ERROR; break;
-    case ERROR_NOT_ENOUGH_MEMORY: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case ERROR_NOT_ENOUGH_QUOTA: prError = PR_OUT_OF_MEMORY_ERROR; break;
-    case ERROR_NOT_READY: 	prError = PR_IO_ERROR; break;
-    case ERROR_NO_MORE_FILES: 	prError = PR_NO_MORE_FILES_ERROR; break;
-    case ERROR_OPEN_FAILED: 	prError = PR_IO_ERROR; break;
-    case ERROR_OPEN_FILES: 	prError = PR_IO_ERROR; break;
-    case ERROR_OUTOFMEMORY: 	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case ERROR_PATH_BUSY: 	prError = PR_IO_ERROR; break;
-    case ERROR_PATH_NOT_FOUND: 	prError = PR_FILE_NOT_FOUND_ERROR; break;
-    case ERROR_SEEK_ON_DEVICE: 	prError = PR_IO_ERROR; break;
-    case ERROR_SHARING_VIOLATION: prError = PR_FILE_IS_BUSY_ERROR; break;
-    case ERROR_STACK_OVERFLOW: 	prError = PR_ACCESS_FAULT_ERROR; break;
-    case ERROR_TOO_MANY_OPEN_FILES: prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
-    case ERROR_WRITE_PROTECT: 	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-    case WSAEACCES: 		prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-    case WSAEADDRINUSE: 	prError = PR_ADDRESS_IN_USE_ERROR; break;
-    case WSAEADDRNOTAVAIL: 	prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
-    case WSAEAFNOSUPPORT: 	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-    case WSAEALREADY: 		prError = PR_ALREADY_INITIATED_ERROR; break;
-    case WSAEBADF: 		prError = PR_BAD_DESCRIPTOR_ERROR; break;
-    case WSAECONNABORTED: 	prError = PR_CONNECT_ABORTED_ERROR; break;
-    case WSAECONNREFUSED: 	prError = PR_CONNECT_REFUSED_ERROR; break;
-    case WSAECONNRESET: 	prError = PR_CONNECT_RESET_ERROR; break;
-    case WSAEDESTADDRREQ: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case WSAEFAULT: 		prError = PR_ACCESS_FAULT_ERROR; break;
-    case WSAEHOSTUNREACH: 	prError = PR_HOST_UNREACHABLE_ERROR; break;
-    case WSAEINVAL: 		prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case WSAEISCONN: 		prError = PR_IS_CONNECTED_ERROR; break;
-    case WSAEMFILE: 		prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
-    case WSAEMSGSIZE: 		prError = PR_BUFFER_OVERFLOW_ERROR; break;
-    case WSAENETDOWN: 		prError = PR_NETWORK_DOWN_ERROR; break;
-    case WSAENETRESET: 		prError = PR_CONNECT_ABORTED_ERROR; break;
-    case WSAENETUNREACH: 	prError = PR_NETWORK_UNREACHABLE_ERROR; break;
-    case WSAENOBUFS: 		prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-    case WSAENOPROTOOPT: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case WSAENOTCONN: 		prError = PR_NOT_CONNECTED_ERROR; break;
-    case WSAENOTSOCK: 		prError = PR_NOT_SOCKET_ERROR; break;
-    case WSAEOPNOTSUPP: 	prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
-    case WSAEPROTONOSUPPORT: 	prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
-    case WSAEPROTOTYPE: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case WSAESHUTDOWN: 		prError = PR_SOCKET_SHUTDOWN_ERROR; break;
-    case WSAESOCKTNOSUPPORT: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
-    case WSAETIMEDOUT: 		prError = PR_CONNECT_ABORTED_ERROR; break;
-    case WSAEWOULDBLOCK: 	prError = PR_WOULD_BLOCK_ERROR; break;
-    default: 			prError = PR_UNKNOWN_ERROR; break;
-    }
-    PR_SetError(prError, err);
-}
-
-#endif
diff --git a/security/nss/lib/ssl/win32err.h b/security/nss/lib/ssl/win32err.h
deleted file mode 100644
index b87dfefd4..000000000
--- a/security/nss/lib/ssl/win32err.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes.  We would use 
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * This code will continue to need to be replicated.
- * 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/*  NSPR doesn't make these functions public, so we have to duplicate
-**  them in NSS.
-*/
-extern void nss_MD_win32_map_accept_error(PRInt32 err);
-extern void nss_MD_win32_map_acceptex_error(PRInt32 err);
-extern void nss_MD_win32_map_access_error(PRInt32 err);
-extern void nss_MD_win32_map_bind_error(PRInt32 err);
-extern void nss_MD_win32_map_close_error(PRInt32 err);
-extern void nss_MD_win32_map_closedir_error(PRInt32 err);
-extern void nss_MD_win32_map_connect_error(PRInt32 err);
-extern void nss_MD_win32_map_default_error(PRInt32 err);
-extern void nss_MD_win32_map_delete_error(PRInt32 err);
-extern void nss_MD_win32_map_fstat_error(PRInt32 err);
-extern void nss_MD_win32_map_fsync_error(PRInt32 err);
-extern void nss_MD_win32_map_gethostname_error(PRInt32 err);
-extern void nss_MD_win32_map_getpeername_error(PRInt32 err);
-extern void nss_MD_win32_map_getsockname_error(PRInt32 err);
-extern void nss_MD_win32_map_getsockopt_error(PRInt32 err);
-extern void nss_MD_win32_map_listen_error(PRInt32 err);
-extern void nss_MD_win32_map_lockf_error(PRInt32 err);
-extern void nss_MD_win32_map_lseek_error(PRInt32 err);
-extern void nss_MD_win32_map_mkdir_error(PRInt32 err);
-extern void nss_MD_win32_map_open_error(PRInt32 err);
-extern void nss_MD_win32_map_opendir_error(PRInt32 err);
-extern void nss_MD_win32_map_read_error(PRInt32 err);
-extern void nss_MD_win32_map_readdir_error(PRInt32 err);
-extern void nss_MD_win32_map_recv_error(PRInt32 err);
-extern void nss_MD_win32_map_recvfrom_error(PRInt32 err);
-extern void nss_MD_win32_map_rename_error(PRInt32 err);
-extern void nss_MD_win32_map_rmdir_error(PRInt32 err);
-extern void nss_MD_win32_map_select_error(PRInt32 err);
-extern void nss_MD_win32_map_send_error(PRInt32 err);
-extern void nss_MD_win32_map_sendto_error(PRInt32 err);
-extern void nss_MD_win32_map_setsockopt_error(PRInt32 err);
-extern void nss_MD_win32_map_shutdown_error(PRInt32 err);
-extern void nss_MD_win32_map_socket_error(PRInt32 err);
-extern void nss_MD_win32_map_stat_error(PRInt32 err);
-extern void nss_MD_win32_map_transmitfile_error(PRInt32 err);
-extern void nss_MD_win32_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/util/Makefile b/security/nss/lib/util/Makefile
deleted file mode 100644
index 0236afefa..000000000
--- a/security/nss/lib/util/Makefile
+++ /dev/null
@@ -1,88 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-# include $(CORE_DEPTH)/coreconf/arch.mk
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-ifeq ($(OS_TARGET),HP-UX)
-ifneq ($(OS_TEST),ia64)
-	ASFILES += ret_cr16.s
-endif
-endif
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-tests:: $(OBJDIR)/test_utf8
-
-$(OBJDIR)/test_utf8: utf8.c
-	@$(MAKE_OBJDIR)
-	$(CCF) -o $(OBJDIR)/test_utf8 -DTEST_UTF8 utf8.c $(OS_LIBS)
diff --git a/security/nss/lib/util/base64.h b/security/nss/lib/util/base64.h
deleted file mode 100644
index 92dc54d7c..000000000
--- a/security/nss/lib/util/base64.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * base64.h - prototypes for base64 encoding/decoding
- * Note: These functions are deprecated; see nssb64.h for new routines.
- *
- * $Id$
- */
-#ifndef _BASE64_H_
-#define _BASE64_H_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Return an PORT_Alloc'd ascii string which is the base64 encoded
-** version of the input string.
-*/
-extern char *BTOA_DataToAscii(const unsigned char *data, unsigned int len);
-
-/*
-** Return an PORT_Alloc'd string which is the base64 decoded version
-** of the input string; set *lenp to the length of the returned data.
-*/
-extern unsigned char *ATOB_AsciiToData(const char *string, unsigned int *lenp);
- 
-/*
-** Convert from ascii to binary encoding of an item.
-*/
-extern SECStatus ATOB_ConvertAsciiToItem(SECItem *binary_item, char *ascii);
-
-/*
-** Convert from binary encoding of an item to ascii.
-*/
-extern char *BTOA_ConvertItemToAscii(SECItem *binary_item);
-
-SEC_END_PROTOS
-
-#endif /* _BASE64_H_ */
diff --git a/security/nss/lib/util/ciferfam.h b/security/nss/lib/util/ciferfam.h
deleted file mode 100644
index fd2f3bd0f..000000000
--- a/security/nss/lib/util/ciferfam.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ciferfam.h - cipher familie IDs used for configuring ciphers for export
- *              control
- *
- * $Id$
- */
-
-#ifndef _CIFERFAM_H_
-#define _CIFERFAM_H_
-
-/* Cipher Suite "Families" */
-#define CIPHER_FAMILY_PKCS12			"PKCS12"
-#define CIPHER_FAMILY_SMIME			"SMIME"
-#define CIPHER_FAMILY_SSL2			"SSLv2"
-#define CIPHER_FAMILY_SSL3			"SSLv3"
-#define CIPHER_FAMILY_SSL			"SSL"
-#define CIPHER_FAMILY_ALL			""
-#define CIPHER_FAMILY_UNKNOWN			"UNKNOWN"
-
-#define CIPHER_FAMILYID_MASK			0xFFFF0000L
-#define CIPHER_FAMILYID_SSL			0x00000000L
-#define CIPHER_FAMILYID_SMIME			0x00010000L
-#define CIPHER_FAMILYID_PKCS12			0x00020000L
-
-/* SMIME "Cipher Suites" */
-/*
- * Note that it is assumed that the cipher number itself can be used
- * as a bit position in a mask, and that mask is currently 32 bits wide.
- * So, if you want to add a cipher that is greater than 0033, secmime.c
- * needs to be made smarter at the same time.
- */
-#define	SMIME_RC2_CBC_40		(CIPHER_FAMILYID_SMIME | 0001)
-#define	SMIME_RC2_CBC_64		(CIPHER_FAMILYID_SMIME | 0002)
-#define	SMIME_RC2_CBC_128		(CIPHER_FAMILYID_SMIME | 0003)
-#define	SMIME_DES_CBC_56		(CIPHER_FAMILYID_SMIME | 0011)
-#define	SMIME_DES_EDE3_168		(CIPHER_FAMILYID_SMIME | 0012)
-#define	SMIME_RC5PAD_64_16_40		(CIPHER_FAMILYID_SMIME | 0021)
-#define	SMIME_RC5PAD_64_16_64		(CIPHER_FAMILYID_SMIME | 0022)
-#define	SMIME_RC5PAD_64_16_128		(CIPHER_FAMILYID_SMIME | 0023)
-#define	SMIME_FORTEZZA			(CIPHER_FAMILYID_SMIME | 0031)
-
-/* PKCS12 "Cipher Suites" */
-
-#define	PKCS12_RC2_CBC_40		(CIPHER_FAMILYID_PKCS12 | 0001)
-#define	PKCS12_RC2_CBC_128		(CIPHER_FAMILYID_PKCS12 | 0002)
-#define	PKCS12_RC4_40			(CIPHER_FAMILYID_PKCS12 | 0011)
-#define	PKCS12_RC4_128			(CIPHER_FAMILYID_PKCS12 | 0012)
-#define	PKCS12_DES_56			(CIPHER_FAMILYID_PKCS12 | 0021)
-#define	PKCS12_DES_EDE3_168		(CIPHER_FAMILYID_PKCS12 | 0022)
-
-/* SMIME version numbers are negative, to avoid colliding with SSL versions */
-#define SMIME_LIBRARY_VERSION_1_0			-0x0100
-
-#endif /* _CIFERFAM_H_ */
diff --git a/security/nss/lib/util/config.mk b/security/nss/lib/util/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/util/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-#  Override TARGETS variable so that only static libraries
-#  are specifed as dependencies within rules.mk.
-#
-
-TARGETS        = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM        =
-
diff --git a/security/nss/lib/util/derdec.c b/security/nss/lib/util/derdec.c
deleted file mode 100644
index 914701e33..000000000
--- a/security/nss/lib/util/derdec.c
+++ /dev/null
@@ -1,552 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include "secerr.h"
-
-static uint32
-der_indefinite_length(unsigned char *buf, unsigned char *end)
-{
-    uint32 len, ret, dataLen;
-    unsigned char tag, lenCode;
-    int dataLenLen;
-
-    len = 0;
-    while ( 1 ) {
-	if ((buf + 2) > end) {
-	    return(0);
-	}
-	
-	tag = *buf++;
-	lenCode = *buf++;
-	len += 2;
-	
-	if ( ( tag == 0 ) && ( lenCode == 0 ) ) {
-	    return(len);
-	}
-	
-	if ( lenCode == 0x80 ) {	/* indefinite length */
-	    ret = der_indefinite_length(buf, end); /* recurse to find length */
-	    if (ret == 0)
-		return 0;
-	    len += ret;
-	    buf += ret;
-	} else {			/* definite length */
-	    if (lenCode & 0x80) {
-		/* Length of data is in multibyte format */
-		dataLenLen = lenCode & 0x7f;
-		switch (dataLenLen) {
-		  case 1:
-		    dataLen = buf[0];
-		    break;
-		  case 2:
-		    dataLen = (buf[0]<<8)|buf[1];
-		    break;
-		  case 3:
-		    dataLen = ((unsigned long)buf[0]<<16)|(buf[1]<<8)|buf[2];
-		    break;
-		  case 4:
-		    dataLen = ((unsigned long)buf[0]<<24)|
-			((unsigned long)buf[1]<<16)|(buf[2]<<8)|buf[3];
-		    break;
-		  default:
-		    PORT_SetError(SEC_ERROR_BAD_DER);
-		    return SECFailure;
-		}
-	    } else {
-		/* Length of data is in single byte */
-		dataLen = lenCode;
-		dataLenLen = 0;
-	    }
-
-	    /* skip this item */
-	    buf = buf + dataLenLen + dataLen;
-	    len = len + dataLenLen + dataLen;
-	}
-    }
-}
-
-/*
-** Capture the next thing in the buffer.
-** Returns the length of the header and the length of the contents.
-*/
-static SECStatus
-der_capture(unsigned char *buf, unsigned char *end,
-	    int *header_len_p, uint32 *contents_len_p)
-{
-    unsigned char *bp;
-    unsigned char whole_tag;
-    uint32 contents_len;
-    int tag_number;
-
-    if ((buf + 2) > end) {
-	*header_len_p = 0;
-	*contents_len_p = 0;
-	if (buf == end)
-	    return SECSuccess;
-	return SECFailure;
-    }
-
-    bp = buf;
-
-    /* Get tag and verify that it is ok. */
-    whole_tag = *bp++;
-    tag_number = whole_tag & DER_TAGNUM_MASK;
-
-    /*
-     * XXX This code does not (yet) handle the high-tag-number form!
-     */
-    if (tag_number == DER_HIGH_TAG_NUMBER) {
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return SECFailure;
-    }
-
-    if ((whole_tag & DER_CLASS_MASK) == DER_UNIVERSAL) {
-	/* Check that the universal tag number is one we implement.  */
-	switch (tag_number) {
-	  case DER_BOOLEAN:
-	  case DER_INTEGER:
-	  case DER_BIT_STRING:
-	  case DER_OCTET_STRING:
-	  case DER_NULL:
-	  case DER_OBJECT_ID:
-	  case DER_SEQUENCE:
-	  case DER_SET:
-	  case DER_PRINTABLE_STRING:
-	  case DER_T61_STRING:
-	  case DER_IA5_STRING:
-	  case DER_VISIBLE_STRING:
-	  case DER_UTC_TIME:
-	  case 0:			/* end-of-contents tag */
-	    break;
-	  default:
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return SECFailure;
-	}
-    }
-
-    /*
-     * Get first byte of length code (might contain entire length, might not).
-     */
-    contents_len = *bp++;
-
-    /*
-     * If the high bit is set, then the length is in multibyte format,
-     * or the thing has an indefinite-length.
-     */
-    if (contents_len & 0x80) {
-	int bytes_of_encoded_len;
-
-	bytes_of_encoded_len = contents_len & 0x7f;
-	contents_len = 0;
-
-	switch (bytes_of_encoded_len) {
-	  case 4:
-	    contents_len |= *bp++;
-	    contents_len <<= 8;
-	    /* fallthru */
-	  case 3:
-	    contents_len |= *bp++;
-	    contents_len <<= 8;
-	    /* fallthru */
-	  case 2:
-	    contents_len |= *bp++;
-	    contents_len <<= 8;
-	    /* fallthru */
-	  case 1:
-	    contents_len |= *bp++;
-	    break;
-
-	  case 0:
-	    contents_len = der_indefinite_length (bp, end);
-	    if (contents_len)
-		break;
-	    /* fallthru */
-	  default:
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return SECFailure;
-	}
-    }
-
-    if ((bp + contents_len) > end) {
-	/* Ran past end of buffer */
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return SECFailure;
-    }
-
-    *header_len_p = bp - buf;
-    *contents_len_p = contents_len;
-
-    return SECSuccess;
-}
-
-static unsigned char *
-der_decode(PRArenaPool *arena, void *dest, DERTemplate *dtemplate,
-	   unsigned char *buf, int header_len, uint32 contents_len)
-{
-    unsigned char *orig_buf, *end;
-    unsigned long encode_kind, under_kind;
-    PRBool explicit, optional, universal, check_tag;
-    SECItem *item;
-    SECStatus rv;
-    PRBool indefinite_length, explicit_indefinite_length;
-
-    encode_kind = dtemplate->kind;
-    explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
-    optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
-    universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-
-    PORT_Assert (!(explicit && universal));	/* bad templates */
-
-    if (header_len == 0) {
-	if (optional || (encode_kind & DER_ANY))
-	    return buf;
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return NULL;
-    }
-
-    if (encode_kind & DER_POINTER) {
-	void *place, **placep;
-	int offset;
-
-	if (dtemplate->sub != NULL) {
-	    dtemplate = dtemplate->sub;
-	    under_kind = dtemplate->kind;
-	    if (universal) {
-		encode_kind = under_kind;
-	    }
-	    place = PORT_ArenaZAlloc(arena, dtemplate->arg);
-	    offset = dtemplate->offset;
-	} else {
-	    if (universal) {
-		under_kind = encode_kind & ~DER_POINTER;
-	    } else {
-		under_kind = dtemplate->arg;
-	    }
-	    place = PORT_ArenaZAlloc(arena, sizeof(SECItem));
-	    offset = 0;
-	}
-	if (place == NULL) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return NULL;		/* Out of memory */
-	}
-	placep = (void **)dest;
-	*placep = place;
-	dest = (void *)((char *)place + offset);
-    } else if (encode_kind & DER_INLINE) {
-	PORT_Assert (dtemplate->sub != NULL);
-	dtemplate = dtemplate->sub;
-	under_kind = dtemplate->kind;
-	if (universal) {
-	    encode_kind = under_kind;
-	}
-	dest = (void *)((char *)dest + dtemplate->offset);
-    } else if (universal) {
-	under_kind = encode_kind;
-    } else {
-	under_kind = dtemplate->arg;
-    }
-
-    orig_buf = buf;
-    end = buf + header_len + contents_len;
-
-    explicit_indefinite_length = PR_FALSE;
-
-    if (explicit) {
-	/*
-	 * This tag is expected to match exactly.
-	 * (The template has all of the bits specified.)
-	 */
-	if (*buf != (encode_kind & DER_TAG_MASK)) {
-	    if (optional)
-		return buf;
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return NULL;
-	}
-	if ((header_len == 2) && (*(buf + 1) == 0x80))
-	    explicit_indefinite_length = PR_TRUE;
-	buf += header_len;
-	rv = der_capture (buf, end, &header_len, &contents_len);
-	if (rv != SECSuccess)
-	    return NULL;
-	if (header_len == 0) {		/* XXX is this right? */
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return NULL;
-	}
-	optional = PR_FALSE;		/* can no longer be optional */
-	encode_kind = under_kind;
-    }
-
-    check_tag = PR_TRUE;
-    if (encode_kind & (DER_DERPTR | DER_ANY | DER_FORCE | DER_SKIP)) {
-	PORT_Assert ((encode_kind & DER_ANY) || !optional);
-	encode_kind = encode_kind & (~DER_FORCE);
-	under_kind = under_kind & (~DER_FORCE);
-	check_tag = PR_FALSE;
-    }
-
-    if (check_tag) {
-	PRBool wrong;
-	unsigned char expect_tag, expect_num;
-
-	/*
-	 * This tag is expected to match, but the simple types
-	 * may or may not have the constructed bit set, so we
-	 * have to have all this extra logic.
-	 */
-	wrong = PR_TRUE;
-	expect_tag = encode_kind & DER_TAG_MASK;
-	expect_num = expect_tag & DER_TAGNUM_MASK;
-	if (expect_num == DER_SET || expect_num == DER_SEQUENCE) {
-	    if (*buf == (expect_tag | DER_CONSTRUCTED))
-		wrong = PR_FALSE;
-	} else {
-	    if (*buf == expect_tag)
-		wrong = PR_FALSE;
-	    else if (*buf == (expect_tag | DER_CONSTRUCTED))
-		wrong = PR_FALSE;
-	}
-	if (wrong) {
-	    if (optional)
-		return buf;
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return NULL;
-	}
-    }
-
-    if (under_kind & DER_DERPTR) {
-	item = (SECItem *)dest;
-	if (under_kind & DER_OUTER) {
-	    item->data = buf;
-	    item->len = header_len + contents_len;
-	} else {
-	    item->data = buf + header_len;
-	    item->len = contents_len;
-	}
-	return orig_buf;
-    }
-
-    if (encode_kind & DER_ANY) {
-	contents_len += header_len;
-	header_len = 0;
-    }
-
-    if ((header_len == 2) && (*(buf + 1) == 0x80))
-	indefinite_length = PR_TRUE;
-    else
-	indefinite_length = PR_FALSE;
-
-    buf += header_len;
-
-    if (contents_len == 0)
-	return buf;
-
-    under_kind &= ~DER_OPTIONAL;
-
-    if (under_kind & DER_INDEFINITE) {
-	int count, thing_size;
-	unsigned char *sub_buf;
-	DERTemplate *tmpt;
-	void *things, **indp, ***placep;
-
-	under_kind &= ~DER_INDEFINITE;
-
-	/*
-	 * Count items.
-	 */
-	count = 0;
-	sub_buf = buf;
-	while (sub_buf < end) {
-	    if (indefinite_length && sub_buf[0] == 0 && sub_buf[1] == 0) {
-		break; 
-	    }
-	    rv = der_capture (sub_buf, end, &header_len, &contents_len);
-	    if (rv != SECSuccess)
-		return NULL;
-	    count++;
-	    sub_buf += header_len + contents_len;
-	}
-
-	/*
-	 * Allocate an array of pointers to items; extra one is for a NULL.
-	 */
-	indp = (void**)PORT_ArenaZAlloc(arena, (count + 1) * sizeof(void *));
-	if (indp == NULL) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return NULL;
-	}
-
-	/*
-	 * Prepare.
-	 */
-	if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
-	    tmpt = dtemplate->sub;
-	    PORT_Assert (tmpt != NULL);
-	    thing_size = tmpt->arg;
-	    PORT_Assert (thing_size != 0);
-	} else {
-	    tmpt = NULL;
-	    thing_size = sizeof(SECItem);
-	}
-
-	/*
-	 * Allocate the items themselves.
-	 */
-	things = PORT_ArenaZAlloc(arena, count * thing_size);
-	if (things == NULL) {
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    return NULL;
-	}
-
-	placep = (void ***)dest;
-	*placep = indp;
-
-	while (count) {
-	    /* ignore return value because we already did whole thing above */
-	    (void) der_capture (buf, end, &header_len, &contents_len);
-	    if (tmpt != NULL) {
-		void *sub_thing;
-
-		sub_thing = (void *)((char *)things + tmpt->offset);
-		buf = der_decode (arena, sub_thing, tmpt,
-				  buf, header_len, contents_len);
-		if (buf == NULL)
-		    return NULL;
-	    } else {
-		item = (SECItem *)things;
-		if (under_kind == DER_ANY) {
-		    contents_len += header_len;
-		    header_len = 0;
-		}
-		buf += header_len;
-		if (under_kind == DER_BIT_STRING) {
-		    item->data = buf + 1;
-		    item->len = ((contents_len - 1) << 3) - *buf;
-		} else {
-		    item->data = buf;
-		    item->len = contents_len;
-		}
-		buf += contents_len;
-	    }
-	    *indp++ = things;
-	    things = (void *)((char *)things + thing_size);
-	    count--;
-	}
-
-	*indp = NULL;
-
-	goto der_decode_done;
-    }
-
-    switch (under_kind) {
-      case DER_SEQUENCE:
-      case DER_SET:
-	{
-	    DERTemplate *tmpt;
-	    void *sub_dest;
-
-	    for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
-		sub_dest = (void *)((char *)dest + tmpt->offset);
-		rv = der_capture (buf, end, &header_len, &contents_len);
-		if (rv != SECSuccess)
-		    return NULL;
-		buf = der_decode (arena, sub_dest, tmpt,
-				  buf, header_len, contents_len);
-		if (buf == NULL)
-		    return NULL;
-	    }
-	}
-	break;
-
-      case DER_BIT_STRING:
-	item = (SECItem *)dest;
-	item->data = buf + 1;
-	item->len = ((contents_len - 1) << 3) - *buf;
-	buf += contents_len;
-	break;
-
-      case DER_SKIP:
-	buf += contents_len;
-	break;
-
-      default:
-	item = (SECItem *)dest;
-	item->data = buf;
-	item->len = contents_len;
-	buf += contents_len;
-	break;
-    }
-
-der_decode_done:
-
-    if (indefinite_length && buf[0] == 0 && buf[1] == 0) {
-	buf += 2;
-    }
-
-    if (explicit_indefinite_length && buf[0] == 0 && buf[1] == 0) {
-	buf += 2;
-    }
-
-    return buf;
-}
-
-SECStatus
-DER_Decode(PRArenaPool *arena, void *dest, DERTemplate *dtemplate, SECItem *src)
-{
-    unsigned char *buf;
-    uint32 buf_len, contents_len;
-    int header_len;
-    SECStatus rv;
-
-    buf = src->data;
-    buf_len = src->len;
-
-    rv = der_capture (buf, buf + buf_len, &header_len, &contents_len);
-    if (rv != SECSuccess)
-	return rv;
-
-    dest = (void *)((char *)dest + dtemplate->offset);
-    buf = der_decode (arena, dest, dtemplate, buf, header_len, contents_len);
-    if (buf == NULL)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-SECStatus
-DER_Lengths(SECItem *item, int *header_len_p, uint32 *contents_len_p)
-{
-    return(der_capture(item->data, &item->data[item->len], header_len_p,
-		       contents_len_p));
-}
diff --git a/security/nss/lib/util/derenc.c b/security/nss/lib/util/derenc.c
deleted file mode 100644
index 191b00528..000000000
--- a/security/nss/lib/util/derenc.c
+++ /dev/null
@@ -1,504 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include "secerr.h"
-/*
- * Generic templates for individual/simple items.
- */
-
-DERTemplate SECAnyTemplate[] = {
-    { DER_ANY,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECBitStringTemplate[] = {
-    { DER_BIT_STRING,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECBooleanTemplate[] = {
-    { DER_BOOLEAN,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECIA5StringTemplate[] = {
-    { DER_IA5_STRING,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECIntegerTemplate[] = {
-    { DER_INTEGER,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECNullTemplate[] = {
-    { DER_NULL,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECObjectIDTemplate[] = {
-    { DER_OBJECT_ID,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECOctetStringTemplate[] = {
-    { DER_OCTET_STRING,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECPrintableStringTemplate[] = {
-    { DER_PRINTABLE_STRING,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECT61StringTemplate[] = {
-    { DER_T61_STRING,
-	  0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECUTCTimeTemplate[] = {
-    { DER_UTC_TIME,
-	  0, NULL, sizeof(SECItem) }
-};
-
-
-static int
-header_length(DERTemplate *dtemplate, uint32 contents_len)
-{
-    uint32 len;
-    unsigned long encode_kind, under_kind;
-    PRBool explicit, optional, universal;
-
-    encode_kind = dtemplate->kind;
-
-    explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
-    optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
-    universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-
-    PORT_Assert (!(explicit && universal));	/* bad templates */
-
-    if (encode_kind & DER_POINTER) {
-	if (dtemplate->sub != NULL) {
-	    under_kind = dtemplate->sub->kind;
-	    if (universal) {
-		encode_kind = under_kind;
-	    }
-	} else if (universal) {
-	    under_kind = encode_kind & ~DER_POINTER;
-	} else {
-	    under_kind = dtemplate->arg;
-	}
-    } else if (encode_kind & DER_INLINE) {
-	under_kind = dtemplate->sub->kind;
-	if (universal) {
-	    encode_kind = under_kind;
-	}
-    } else if (universal) {
-	under_kind = encode_kind;
-    } else {
-	under_kind = dtemplate->arg;
-    }
-
-    /* This is only used in decoding; it plays no part in encoding.  */
-    if (under_kind & DER_DERPTR)
-	return 0;
-
-    /* No header at all for an "empty" optional.  */
-    if ((contents_len == 0) && optional)
-	return 0;
-
-    /* And no header for a full DER_ANY.  */
-    if (encode_kind & DER_ANY)
-	return 0;
-
-    /*
-     * The common case: one octet for identifier and as many octets
-     * as necessary to hold the content length.
-     */
-    len = 1 + DER_LengthLength(contents_len);
-
-    /* Account for the explicit wrapper, if necessary.  */
-    if (explicit) {
-#if 0		/*
-		 * Well, I was trying to do something useful, but these
-		 * assertions are too restrictive on valid templates.
-		 * I wanted to make sure that the top-level "kind" of
-		 * a template does not also specify DER_EXPLICIT, which
-		 * should only modify a component field.  Maybe later
-		 * I can figure out a better way to detect such a problem,
-		 * but for now I must remove these checks altogether.
-		 */
-	/*
-	 * This modifier applies only to components of a set or sequence;
-	 * it should never be used on a set/sequence itself -- confirm.
-	 */
-	PORT_Assert (under_kind != DER_SEQUENCE);
-	PORT_Assert (under_kind != DER_SET);
-#endif
-
-	len += 1 + DER_LengthLength(len + contents_len);
-    }
-
-    return len;
-}
-
-
-static uint32
-contents_length(DERTemplate *dtemplate, void *src)
-{
-    uint32 len;
-    unsigned long encode_kind, under_kind;
-    PRBool universal;
-
-
-    PORT_Assert (src != NULL);
-
-    encode_kind = dtemplate->kind;
-
-    universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-    encode_kind &= ~DER_OPTIONAL;
-
-    if (encode_kind & DER_POINTER) {
-	src = *(void **)src;
-	if (src == NULL) {
-	    return 0;
-	}
-	if (dtemplate->sub != NULL) {
-	    dtemplate = dtemplate->sub;
-	    under_kind = dtemplate->kind;
-	    src = (void *)((char *)src + dtemplate->offset);
-	} else if (universal) {
-	    under_kind = encode_kind & ~DER_POINTER;
-	} else {
-	    under_kind = dtemplate->arg;
-	}
-    } else if (encode_kind & DER_INLINE) {
-	PORT_Assert (dtemplate->sub != NULL);
-	dtemplate = dtemplate->sub;
-	under_kind = dtemplate->kind;
-	src = (void *)((char *)src + dtemplate->offset);
-    } else if (universal) {
-	under_kind = encode_kind;
-    } else {
-	under_kind = dtemplate->arg;
-    }
-
-    /* Having any of these bits is not expected here...  */
-    PORT_Assert ((under_kind & (DER_EXPLICIT | DER_INLINE | DER_OPTIONAL
-				| DER_POINTER | DER_SKIP)) == 0);
-
-    /* This is only used in decoding; it plays no part in encoding.  */
-    if (under_kind & DER_DERPTR)
-	return 0;
-
-    if (under_kind & DER_INDEFINITE) {
-	uint32 sub_len;
-	void **indp;
-
-	indp = *(void ***)src;
-	if (indp == NULL)
-	    return 0;
-
-	len = 0;
-	under_kind &= ~DER_INDEFINITE;
-
-	if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
-	    DERTemplate *tmpt;
-	    void *sub_src;
-
-	    tmpt = dtemplate->sub;
-
-	    for (; *indp != NULL; indp++) {
-		sub_src = (void *)((char *)(*indp) + tmpt->offset);
-		sub_len = contents_length (tmpt, sub_src);
-		len += sub_len + header_length (tmpt, sub_len);
-	    }
-	} else {
-	    /*
-	     * XXX Lisa is not sure this code (for handling, for example,
-	     * DER_INDEFINITE | DER_OCTET_STRING) is right.
-	     */
-	    for (; *indp != NULL; indp++) {
-		SECItem *item;
-		item = (SECItem *)(*indp);
-		sub_len = item->len;
-		if (under_kind == DER_BIT_STRING) {
-		    sub_len = (sub_len + 7) >> 3;
-		    /* bit string contents involve an extra octet */
-		    if (sub_len)
-			sub_len++;
-		}
-		if (under_kind != DER_ANY)
-		    len += 1 + DER_LengthLength (sub_len);
-	    }
-	}
-
-	return len;
-    }
-
-    switch (under_kind) {
-      case DER_SEQUENCE:
-      case DER_SET:
-	{
-	    DERTemplate *tmpt;
-	    void *sub_src;
-	    uint32 sub_len;
-
-	    len = 0;
-	    for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
-		sub_src = (void *)((char *)src + tmpt->offset);
-		sub_len = contents_length (tmpt, sub_src);
-		len += sub_len + header_length (tmpt, sub_len);
-	    }
-	}
-	break;
-
-      case DER_BIT_STRING:
-	len = (((SECItem *)src)->len + 7) >> 3;
-	/* bit string contents involve an extra octet */
-	if (len)
-	    len++;
-	break;
-
-      default:
-	len = ((SECItem *)src)->len;
-	break;
-    }
-
-    return len;
-}
-
-
-static unsigned char *
-der_encode(unsigned char *buf, DERTemplate *dtemplate, void *src)
-{
-    int header_len;
-    uint32 contents_len;
-    unsigned long encode_kind, under_kind;
-    PRBool explicit, optional, universal;
-
-
-    /*
-     * First figure out how long the encoding will be.  Do this by
-     * traversing the template from top to bottom and accumulating
-     * the length of each leaf item.
-     */
-    contents_len = contents_length (dtemplate, src);
-    header_len = header_length (dtemplate, contents_len);
-
-    /*
-     * Enough smarts was involved already, so that if both the
-     * header and the contents have a length of zero, then we
-     * are not doing any encoding for this element.
-     */
-    if (header_len == 0 && contents_len == 0)
-	return buf;
-
-    encode_kind = dtemplate->kind;
-
-    explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
-    optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~DER_OPTIONAL;
-    universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-
-    if (encode_kind & DER_POINTER) {
-	if (contents_len) {
-	    src = *(void **)src;
-	    PORT_Assert (src != NULL);
-	}
-	if (dtemplate->sub != NULL) {
-	    dtemplate = dtemplate->sub;
-	    under_kind = dtemplate->kind;
-	    if (universal) {
-		encode_kind = under_kind;
-	    }
-	    src = (void *)((char *)src + dtemplate->offset);
-	} else if (universal) {
-	    under_kind = encode_kind & ~DER_POINTER;
-	} else {
-	    under_kind = dtemplate->arg;
-	}
-    } else if (encode_kind & DER_INLINE) {
-	dtemplate = dtemplate->sub;
-	under_kind = dtemplate->kind;
-	if (universal) {
-	    encode_kind = under_kind;
-	}
-	src = (void *)((char *)src + dtemplate->offset);
-    } else if (universal) {
-	under_kind = encode_kind;
-    } else {
-	under_kind = dtemplate->arg;
-    }
-
-    if (explicit) {
-	buf = DER_StoreHeader (buf, encode_kind,
-			       (1 + DER_LengthLength(contents_len)
-				+ contents_len));
-	encode_kind = under_kind;
-    }
-
-    if ((encode_kind & DER_ANY) == 0) {	/* DER_ANY already contains header */
-	buf = DER_StoreHeader (buf, encode_kind, contents_len);
-    }
-
-    /* If no real contents to encode, then we are done.  */
-    if (contents_len == 0)
-	return buf;
-
-    if (under_kind & DER_INDEFINITE) {
-	void **indp;
-
-	indp = *(void ***)src;
-	PORT_Assert (indp != NULL);
-
-	under_kind &= ~DER_INDEFINITE;
-	if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
-	    DERTemplate *tmpt;
-	    void *sub_src;
-
-	    tmpt = dtemplate->sub;
-	    for (; *indp != NULL; indp++) {
-		sub_src = (void *)((char *)(*indp) + tmpt->offset);
-		buf = der_encode (buf, tmpt, sub_src);
-	    }
-	} else {
-	    for (; *indp != NULL; indp++) {
-		SECItem *item;
-		int sub_len;
-
-		item = (SECItem *)(*indp);
-		sub_len = item->len;
-		if (under_kind == DER_BIT_STRING) {
-		    if (sub_len) {
-			int rem;
-
-			sub_len = (sub_len + 7) >> 3;
-			buf = DER_StoreHeader (buf, under_kind, sub_len + 1);
-			rem = (sub_len << 3) - item->len;
-			*buf++ = rem;		/* remaining bits */
-		    } else {
-			buf = DER_StoreHeader (buf, under_kind, 0);
-		    }
-		} else if (under_kind != DER_ANY) {
-		    buf = DER_StoreHeader (buf, under_kind, sub_len);
-		}
-		PORT_Memcpy (buf, item->data, sub_len);
-		buf += sub_len;
-	    }
-	}
-	return buf;
-    }
-
-    switch (under_kind) {
-      case DER_SEQUENCE:
-      case DER_SET:
-	{
-	    DERTemplate *tmpt;
-	    void *sub_src;
-
-	    for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
-		sub_src = (void *)((char *)src + tmpt->offset);
-		buf = der_encode (buf, tmpt, sub_src);
-	    }
-	}
-	break;
-
-      case DER_BIT_STRING:
-	{
-	    SECItem *item;
-	    int rem;
-
-	    /*
-	     * The contents length includes our extra octet; subtract
-	     * it off so we just have the real string length there.
-	     */
-	    contents_len--;
-	    item = (SECItem *)src;
-	    PORT_Assert (contents_len == ((item->len + 7) >> 3));
-	    rem = (contents_len << 3) - item->len;
-	    *buf++ = rem;		/* remaining bits */
-	    PORT_Memcpy (buf, item->data, contents_len);
-	    buf += contents_len;
-	}
-	break;
-
-      default:
-	{
-	    SECItem *item;
-
-	    item = (SECItem *)src;
-	    PORT_Assert (contents_len == item->len);
-	    PORT_Memcpy (buf, item->data, contents_len);
-	    buf += contents_len;
-	}
-	break;
-    }
-
-    return buf;
-}
-
-
-SECStatus
-DER_Encode(PRArenaPool *arena, SECItem *dest, DERTemplate *dtemplate, void *src)
-{
-    unsigned int contents_len, header_len;
-
-    src = (void **)((char *)src + dtemplate->offset);
-
-    /*
-     * First figure out how long the encoding will be. Do this by
-     * traversing the template from top to bottom and accumulating
-     * the length of each leaf item.
-     */
-    contents_len = contents_length (dtemplate, src);
-    header_len = header_length (dtemplate, contents_len);
-
-    dest->len = contents_len + header_len;
-
-    /* Allocate storage to hold the encoding */
-    dest->data = (unsigned char*) PORT_ArenaAlloc(arena, dest->len);
-    if (dest->data == NULL) {
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-	return SECFailure;
-    }
-
-    /* Now encode into the buffer */
-    (void) der_encode (dest->data, dtemplate, src);
-
-    return SECSuccess;
-}
diff --git a/security/nss/lib/util/dersubr.c b/security/nss/lib/util/dersubr.c
deleted file mode 100644
index a61eee760..000000000
--- a/security/nss/lib/util/dersubr.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include <limits.h>
-#include "secerr.h"
-
-int
-DER_LengthLength(uint32 len)
-{
-    if (len > 127) {
-	if (len > 255) {
-	    if (len > 65535L) {
-		if (len > 16777215L) {
-		    return 5;
-		} else {
-		    return 4;
-		}
-	    } else {
-		return 3;
-	    }
-	} else {
-	    return 2;
-	}
-    } else {
-	return 1;
-    }
-}
-
-unsigned char *
-DER_StoreHeader(unsigned char *buf, unsigned int code, uint32 len)
-{
-    unsigned char b[4];
-
-    b[0] = (unsigned char)(len >> 24);
-    b[1] = (unsigned char)(len >> 16);
-    b[2] = (unsigned char)(len >> 8);
-    b[3] = (unsigned char)len;
-    if ((code & DER_TAGNUM_MASK) == DER_SET
-	|| (code & DER_TAGNUM_MASK) == DER_SEQUENCE)
-	code |= DER_CONSTRUCTED;
-    *buf++ = code;
-    if (len > 127) {
-	if (len > 255) {
-	    if (len > 65535) {
-		if (len > 16777215) {
-		    *buf++ = 0x84;
-		    *buf++ = b[0];
-		    *buf++ = b[1];
-		    *buf++ = b[2];
-		    *buf++ = b[3];
-		} else {
-		    *buf++ = 0x83;
-		    *buf++ = b[1];
-		    *buf++ = b[2];
-		    *buf++ = b[3];
-		}
-	    } else {
-		*buf++ = 0x82;
-		*buf++ = b[2];
-		*buf++ = b[3];
-	    }
-	} else {
-	    *buf++ = 0x81;
-	    *buf++ = b[3];
-	}
-    } else {
-	*buf++ = b[3];
-    }
-    return buf;
-}
-
-/*
- * XXX This should be rewritten, generalized, to take a long instead
- * of an int32.
- */
-SECStatus
-DER_SetInteger(PRArenaPool *arena, SECItem *it, int32 i)
-{
-    unsigned char bb[4];
-    unsigned len;
-
-    bb[0] = (unsigned char) (i >> 24);
-    bb[1] = (unsigned char) (i >> 16);
-    bb[2] = (unsigned char) (i >> 8);
-    bb[3] = (unsigned char) (i);
-
-    /*
-    ** Small integers are encoded in a single byte. Larger integers
-    ** require progressively more space.
-    */
-    if (i < -128) {
-	if (i < -32768L) {
-	    if (i < -8388608L) {
-		len = 4;
-	    } else {
-		len = 3;
-	    }
-	} else {
-	    len = 2;
-	}
-    } else if (i > 127) {
-	if (i > 32767L) {
-	    if (i > 8388607L) {
-		len = 4;
-	    } else {
-		len = 3;
-	    }
-	} else {
-	    len = 2;
-	}
-    } else {
-	len = 1;
-    }
-    it->data = (unsigned char*) PORT_ArenaAlloc(arena, len);
-    if (!it->data) {
-	return SECFailure;
-    }
-    it->len = len;
-    PORT_Memcpy(it->data, bb + (4 - len), len);
-    return SECSuccess;
-}
-
-/*
- * XXX This should be rewritten, generalized, to take an unsigned long instead
- * of a uint32.
- */
-SECStatus
-DER_SetUInteger(PRArenaPool *arena, SECItem *it, uint32 ui)
-{
-    unsigned char bb[5];
-    int len;
-
-    bb[0] = 0;
-    bb[1] = (unsigned char) (ui >> 24);
-    bb[2] = (unsigned char) (ui >> 16);
-    bb[3] = (unsigned char) (ui >> 8);
-    bb[4] = (unsigned char) (ui);
-
-    /*
-    ** Small integers are encoded in a single byte. Larger integers
-    ** require progressively more space.
-    */
-    if (ui > 0x7f) {
-	if (ui > 0x7fff) {
-	    if (ui > 0x7fffffL) {
-		if (ui >= 0x80000000L) {
-		    len = 5;
-		} else {
-		    len = 4;
-		}
-	    } else {
-		len = 3;
-	    }
-	} else {
-	    len = 2;
-	}
-    } else {
-	len = 1;
-    }
-
-    it->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
-    if (it->data == NULL) {
-	return SECFailure;
-    }
-
-    it->len = len;
-    PORT_Memcpy(it->data, bb + (sizeof(bb) - len), len);
-
-    return SECSuccess;
-}
-
-/*
-** Convert a der encoded *signed* integer into a machine integral value.
-** If an underflow/overflow occurs, sets error code and returns min/max.
-*/
-long
-DER_GetInteger(SECItem *it)
-{
-    long ival = 0;
-    unsigned len = it->len;
-    unsigned char *cp = it->data;
-    unsigned long overflow = ((unsigned long)0xffL) << ((sizeof(ival) - 1)*8);
-
-    while (len) {
-	if (ival & overflow) {
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    if (ival < 0) {
-		return LONG_MIN;
-	    }
-	    return LONG_MAX;
-	}
-	ival = ival << 8;
-	ival |= *cp++;
-	--len;
-    }
-    return ival;
-}
-
-/*
-** Convert a der encoded *unsigned* integer into a machine integral value.
-** If an underflow/overflow occurs, sets error code and returns min/max.
-*/
-unsigned long
-DER_GetUInteger(SECItem *it)
-{
-    unsigned long ival = 0;
-    unsigned len = it->len;
-    unsigned char *cp = it->data;
-    unsigned long overflow = ((unsigned long)0xffL) << ((sizeof(ival) - 1)*8);
-
-    /* Cannot put a negative value into an unsigned container. */
-    if (*cp & 0x80) {
-	PORT_SetError(SEC_ERROR_BAD_DER);
-	return 0;
-    }
-
-    while (len) {
-	if (ival & overflow) {
-	    PORT_SetError(SEC_ERROR_BAD_DER);
-	    return ULONG_MAX;
-	}
-	ival = ival << 8;
-	ival |= *cp++;
-	--len;
-    }
-    return ival;
-}
diff --git a/security/nss/lib/util/dertime.c b/security/nss/lib/util/dertime.c
deleted file mode 100644
index 5fbdca656..000000000
--- a/security/nss/lib/util/dertime.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "secder.h"
-#include "prlong.h"
-#include "secerr.h"
-
-#define HIDIGIT(v) (((v) / 10) + '0')
-#define LODIGIT(v) (((v) % 10) + '0')
-
-#define C_SINGLE_QUOTE '\047'
-
-#define DIGITHI(dig) (((dig) - '0') * 10)
-#define DIGITLO(dig) ((dig) - '0')
-#define ISDIGIT(dig) (((dig) >= '0') && ((dig) <= '9'))
-#define CAPTURE(var,p,label)				  \
-{							  \
-    if (!ISDIGIT((p)[0]) || !ISDIGIT((p)[1])) goto label; \
-    (var) = ((p)[0] - '0') * 10 + ((p)[1] - '0');	  \
-}
-
-#define SECMIN ((time_t) 60L)
-#define SECHOUR (60L*SECMIN)
-#define SECDAY (24L*SECHOUR)
-#define SECYEAR (365L*SECDAY)
-
-static long monthToDayInYear[12] = {
-    0,
-    31,
-    31+28,
-    31+28+31,
-    31+28+31+30,
-    31+28+31+30+31,
-    31+28+31+30+31+30,
-    31+28+31+30+31+30+31,
-    31+28+31+30+31+30+31+31,
-    31+28+31+30+31+30+31+31+30,
-    31+28+31+30+31+30+31+31+30+31,
-    31+28+31+30+31+30+31+31+30+31+30,
-};
-
-/* gmttime must contains UTC time in micro-seconds unit */
-SECStatus
-DER_TimeToUTCTime(SECItem *dst, int64 gmttime)
-{
-    PRExplodedTime printableTime;
-    unsigned char *d;
-
-    dst->len = 13;
-    dst->data = d = (unsigned char*) PORT_Alloc(13);
-    if (!d) {
-	return SECFailure;
-    }
-
-    /* Convert an int64 time to a printable format.  */
-    PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
-
-    /* The month in UTC time is base one */
-    printableTime.tm_month++;
-
-    /* UTC time does not handle the years before 1950 */
-    if (printableTime.tm_year < 1950)
-	    return SECFailure;
-
-    /* remove the century since it's added to the tm_year by the 
-       PR_ExplodeTime routine, but is not needed for UTC time */
-    printableTime.tm_year %= 100; 
-
-    d[0] = HIDIGIT(printableTime.tm_year);
-    d[1] = LODIGIT(printableTime.tm_year);
-    d[2] = HIDIGIT(printableTime.tm_month);
-    d[3] = LODIGIT(printableTime.tm_month);
-    d[4] = HIDIGIT(printableTime.tm_mday);
-    d[5] = LODIGIT(printableTime.tm_mday);
-    d[6] = HIDIGIT(printableTime.tm_hour);
-    d[7] = LODIGIT(printableTime.tm_hour);
-    d[8] = HIDIGIT(printableTime.tm_min);
-    d[9] = LODIGIT(printableTime.tm_min);
-    d[10] = HIDIGIT(printableTime.tm_sec);
-    d[11] = LODIGIT(printableTime.tm_sec);
-    d[12] = 'Z';
-    return SECSuccess;
-}
-
-SECStatus
-DER_AsciiToTime(int64 *dst, char *string)
-{
-    long year, month, mday, hour, minute, second, hourOff, minOff, days;
-    int64 result, tmp1, tmp2;
-    
-    /* Verify time is formatted properly and capture information */
-    second = 0;
-    hourOff = 0;
-    minOff = 0;
-    CAPTURE(year,string+0,loser);
-    if (year < 50) {
-	/* ASSUME that year # is in the 2000's, not the 1900's */
-	year += 100;
-    }
-    CAPTURE(month,string+2,loser);
-    if ((month == 0) || (month > 12)) goto loser;
-    CAPTURE(mday,string+4,loser);
-    if ((mday == 0) || (mday > 31)) goto loser;
-    CAPTURE(hour,string+6,loser);
-    if (hour > 23) goto loser;
-    CAPTURE(minute,string+8,loser);
-    if (minute > 59) goto loser;
-    if (ISDIGIT(string[10])) {
-	CAPTURE(second,string+10,loser);
-	if (second > 59) goto loser;
-	string += 2;
-    }
-    if (string[10] == '+') {
-	CAPTURE(hourOff,string+11,loser);
-	if (hourOff > 23) goto loser;
-	CAPTURE(minOff,string+13,loser);
-	if (minOff > 59) goto loser;
-    } else if (string[10] == '-') {
-	CAPTURE(hourOff,string+11,loser);
-	if (hourOff > 23) goto loser;
-	hourOff = -hourOff;
-	CAPTURE(minOff,string+13,loser);
-	if (minOff > 59) goto loser;
-	minOff = -minOff;
-    } else if (string[10] != 'Z') {
-	goto loser;
-    }
-    
-    
-    /* Convert pieces back into a single value year  */
-    LL_I2L(tmp1, (year-70L));
-    LL_I2L(tmp2, SECYEAR);
-    LL_MUL(result, tmp1, tmp2);
-    
-    LL_I2L(tmp1, ( (mday-1L)*SECDAY + hour*SECHOUR + minute*SECMIN -
-		  hourOff*SECHOUR - minOff*SECMIN + second ) );
-    LL_ADD(result, result, tmp1);
-
-    /*
-    ** Have to specially handle the day in the month and the year, to
-    ** take into account leap days. The return time value is in
-    ** seconds since January 1st, 12:00am 1970, so start examining
-    ** the time after that. We can't represent a time before that.
-    */
-
-    /* Using two digit years, we can only represent dates from 1970
-       to 2069. As a result, we cannot run into the leap year rule
-       that states that 1700, 2100, etc. are not leap years (but 2000
-       is). In other words, there are no years in the span of time
-       that we can represent that are == 0 mod 4 but are not leap
-       years. Whew.
-       */
-
-    days = monthToDayInYear[month-1];
-    days += (year - 68)/4;
-
-    if (((year % 4) == 0) && (month < 3)) {
-	days--;
-    }
-   
-    LL_I2L(tmp1, (days * SECDAY) );
-    LL_ADD(result, result, tmp1 );
-
-    /* convert to micro seconds */
-    LL_I2L(tmp1, PR_USEC_PER_SEC);
-    LL_MUL(result, result, tmp1);
-
-    *dst = result;
-    return SECSuccess;
-
-  loser:
-    PORT_SetError(SEC_ERROR_INVALID_TIME);
-    return SECFailure;
-	
-}
-
-SECStatus
-DER_UTCTimeToTime(int64 *dst, SECItem *time)
-{
-    return DER_AsciiToTime(dst, (char*) time->data);
-}
-
-/*
-   gmttime must contains UTC time in micro-seconds unit.
-   Note: the caller should make sure that Generalized time
-   should only be used for certifiate validities after the
-   year 2049.  Otherwise, UTC time should be used.  This routine
-   does not check this case, since it can be used to encode
-   certificate extension, which does not have this restriction. 
- */
-SECStatus
-DER_TimeToGeneralizedTime(SECItem *dst, int64 gmttime)
-{
-    PRExplodedTime printableTime;
-    unsigned char *d;
-
-    dst->len = 15;
-    dst->data = d = (unsigned char*) PORT_Alloc(15);
-    if (!d) {
-	return SECFailure;
-    }
-
-    /*Convert a int64 time to a printable format. This is a temporary call
-	  until we change to NSPR 2.0
-     */
-    PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
-
-    /* The month in Generalized time is base one */
-    printableTime.tm_month++;
-
-    d[0] = (printableTime.tm_year /1000) + '0';
-    d[1] = ((printableTime.tm_year % 1000) / 100) + '0';
-    d[2] = ((printableTime.tm_year % 100) / 10) + '0';
-    d[3] = (printableTime.tm_year % 10) + '0';
-    d[4] = HIDIGIT(printableTime.tm_month);
-    d[5] = LODIGIT(printableTime.tm_month);
-    d[6] = HIDIGIT(printableTime.tm_mday);
-    d[7] = LODIGIT(printableTime.tm_mday);
-    d[8] = HIDIGIT(printableTime.tm_hour);
-    d[9] = LODIGIT(printableTime.tm_hour);
-    d[10] = HIDIGIT(printableTime.tm_min);
-    d[11] = LODIGIT(printableTime.tm_min);
-    d[12] = HIDIGIT(printableTime.tm_sec);
-    d[13] = LODIGIT(printableTime.tm_sec);
-    d[14] = 'Z';
-    return SECSuccess;
-}
-
-/*
-    The caller should make sure that the generalized time should only
-    be used for the certificate validity after the year 2051; otherwise,
-    the certificate should be consider invalid!?
- */
-SECStatus
-DER_GeneralizedTimeToTime(int64 *dst, SECItem *time)
-{
-    PRExplodedTime genTime;
-    char *string;
-    long hourOff, minOff;
-    uint16 century;
-
-    string = (char *)time->data;
-    PORT_Memset (&genTime, 0, sizeof (genTime));
-
-    /* Verify time is formatted properly and capture information */
-    hourOff = 0;
-    minOff = 0;
-
-    CAPTURE(century, string+0, loser);
-    century *= 100;
-    CAPTURE(genTime.tm_year,string+2,loser);
-    genTime.tm_year += century;
-
-    CAPTURE(genTime.tm_month,string+4,loser);
-    if ((genTime.tm_month == 0) || (genTime.tm_month > 12)) goto loser;
-
-    /* NSPR month base is 0 */
-    --genTime.tm_month;
-    
-    CAPTURE(genTime.tm_mday,string+6,loser);
-    if ((genTime.tm_mday == 0) || (genTime.tm_mday > 31)) goto loser;
-    
-    CAPTURE(genTime.tm_hour,string+8,loser);
-    if (genTime.tm_hour > 23) goto loser;
-    
-    CAPTURE(genTime.tm_min,string+10,loser);
-    if (genTime.tm_min > 59) goto loser;
-    
-    if (ISDIGIT(string[12])) {
-	CAPTURE(genTime.tm_sec,string+12,loser);
-	if (genTime.tm_sec > 59) goto loser;
-	string += 2;
-    }
-    if (string[12] == '+') {
-	CAPTURE(hourOff,string+13,loser);
-	if (hourOff > 23) goto loser;
-	CAPTURE(minOff,string+15,loser);
-	if (minOff > 59) goto loser;
-    } else if (string[12] == '-') {
-	CAPTURE(hourOff,string+13,loser);
-	if (hourOff > 23) goto loser;
-	hourOff = -hourOff;
-	CAPTURE(minOff,string+15,loser);
-	if (minOff > 59) goto loser;
-	minOff = -minOff;
-    } else if (string[12] != 'Z') {
-	goto loser;
-    }
-
-    /* Since the values of hourOff and minOff are small, there will
-       be no loss of data by the conversion to int8 */
-    /* Convert the GMT offset to seconds and save it it genTime
-       for the implode time process */
-    genTime.tm_params.tp_gmt_offset = (PRInt32)((hourOff * 60L + minOff) * 60L);
-    *dst = PR_ImplodeTime (&genTime);
-    return SECSuccess;
-
-  loser:
-    PORT_SetError(SEC_ERROR_INVALID_TIME);
-    return SECFailure;
-	
-}
diff --git a/security/nss/lib/util/manifest.mn b/security/nss/lib/util/manifest.mn
deleted file mode 100644
index fc9a38094..000000000
--- a/security/nss/lib/util/manifest.mn
+++ /dev/null
@@ -1,92 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
-	base64.h \
-	ciferfam.h \
-	nssb64.h \
-	nssb64t.h \
-	nsslocks.h \
-	nssilock.h \
-	nssilckt.h \
-	nssrwlk.h \
-	nssrwlkt.h \
-	portreg.h \
-	pqgutil.h \
-	secasn1.h \
-	secasn1t.h \
-	seccomon.h \
-	secder.h \
-	secdert.h \
-	secdig.h \
-	secdigt.h \
-	secitem.h \
-	secoid.h \
-	secoidt.h \
-	secport.h \
-	secerr.h \
-	watcomfx.h \
-	$(NULL)
-
-CSRCS = \
-	secdig.c \
-	derdec.c \
-	derenc.c \
-	dersubr.c \
-	dertime.c \
-	nssb64d.c \
-	nssb64e.c \
-	nssrwlk.c \
-	nssilock.c \
-	nsslocks.c \
-	portreg.c \
-	pqgutil.c \
-	secalgid.c \
-	secasn1d.c \
-	secasn1e.c \
-	secasn1u.c \
-	secitem.c \
-	secoid.c \
-	sectime.c \
-	secport.c \
-	secinit.c \
-	utf8.c \
-	$(NULL)
-
-MODULE = security
-
-# don't duplicate module name in REQUIRES
-REQUIRES = dbm
-
-LIBRARY_NAME = secutil
diff --git a/security/nss/lib/util/nssb64.h b/security/nss/lib/util/nssb64.h
deleted file mode 100644
index 1a813f3ea..000000000
--- a/security/nss/lib/util/nssb64.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public prototypes for base64 encoding/decoding.
- *
- * $Id$
- */
-#ifndef _NSSB64_H_
-#define _NSSB64_H_
-
-#include "seccomon.h"
-#include "nssb64t.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * Functions to start a base64 decoding/encoding context.
- */
-
-extern NSSBase64Decoder *
-NSSBase64Decoder_Create (PRInt32 (*output_fn) (void *, const unsigned char *,
-					       PRInt32),
-			 void *output_arg);
-
-extern NSSBase64Encoder *
-NSSBase64Encoder_Create (PRInt32 (*output_fn) (void *, const char *, PRInt32),
-			 void *output_arg);
-
-/*
- * Push data through the decoder/encoder, causing the output_fn (provided
- * to Create) to be called with the decoded/encoded data.
- */
-
-extern SECStatus
-NSSBase64Decoder_Update (NSSBase64Decoder *data, const char *buffer,
-			 PRUint32 size);
-
-extern SECStatus
-NSSBase64Encoder_Update (NSSBase64Encoder *data, const unsigned char *buffer,
-			 PRUint32 size);
-
-/*
- * When you're done processing, call this to close the context.
- * If "abort_p" is false, then calling this may cause the output_fn
- * to be called one last time (as the last buffered data is flushed out).
- */
-
-extern SECStatus
-NSSBase64Decoder_Destroy (NSSBase64Decoder *data, PRBool abort_p);
-
-extern SECStatus
-NSSBase64Encoder_Destroy (NSSBase64Encoder *data, PRBool abort_p);
-
-/*
- * Perform base64 decoding from an ascii string "inStr" to an Item.
- * The length of the input must be provided as "inLen".  The Item
- * may be provided (as "outItemOpt"); you can also pass in a NULL
- * and the Item will be allocated for you.
- *
- * In any case, the data within the Item will be allocated for you.
- * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
- * If "arenaOpt" is NULL, standard allocation (heap) will be used and
- * you will want to free the result via SECITEM_FreeItem.
- *
- * Return value is NULL on error, the Item (allocated or provided) otherwise.
- */
-extern SECItem *
-NSSBase64_DecodeBuffer (PRArenaPool *arenaOpt, SECItem *outItemOpt,
-			const char *inStr, unsigned int inLen);
-
-/*
- * Perform base64 encoding of binary data "inItem" to an ascii string.
- * The output buffer may be provided (as "outStrOpt"); you can also pass
- * in a NULL and the buffer will be allocated for you.  The result will
- * be null-terminated, and if the buffer is provided, "maxOutLen" must
- * specify the maximum length of the buffer and will be checked to
- * supply sufficient space space for the encoded result.  (If "outStrOpt"
- * is NULL, "maxOutLen" is ignored.)
- *
- * If "outStrOpt" is NULL, allocation will happen out of the passed-in
- * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
- * will be used.
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-extern char *
-NSSBase64_EncodeItem (PRArenaPool *arenaOpt, char *outStrOpt,
-		      unsigned int maxOutLen, SECItem *inItem);
-
-SEC_END_PROTOS
-
-#endif /* _NSSB64_H_ */
diff --git a/security/nss/lib/util/nssb64d.c b/security/nss/lib/util/nssb64d.c
deleted file mode 100644
index c49e38f87..000000000
--- a/security/nss/lib/util/nssb64d.c
+++ /dev/null
@@ -1,861 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Base64 decoding (ascii to binary).
- *
- * $Id$
- */
-
-#include "nssb64.h"
-#include "nspr.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/*
- * XXX We want this basic support to go into NSPR (the PL part).
- * Until that can happen, the PL interface is going to be kept entirely
- * internal here -- all static functions and opaque data structures.
- * When someone can get it moved over into NSPR, that should be done:
- *    - giving everything names that are accepted by the NSPR module owners
- *	(though I tried to choose ones that would work without modification)
- *    - exporting the functions (remove static declarations and add
- *	PR_IMPLEMENT as necessary)
- *    - put prototypes into appropriate header file (probably replacing
- *	the entire current lib/libc/include/plbase64.h in NSPR)
- *	along with a typedef for the context structure (which should be
- *	kept opaque -- definition in the source file only, but typedef
- *	ala "typedef struct PLBase64FooStr PLBase64Foo;" in header file)
- *    - modify anything else as necessary to conform to NSPR required style
- *	(I looked but found no formatting guide to follow)
- *
- * You will want to move over everything from here down to the comment
- * which says "XXX End of base64 decoding code to be moved into NSPR",
- * into a new file in NSPR.
- */
-
-/*
- **************************************************************
- * XXX Beginning of base64 decoding code to be moved into NSPR.
- */
-
-/*
- * This typedef would belong in the NSPR header file (i.e. plbase64.h).
- */
-typedef struct PLBase64DecoderStr PLBase64Decoder;
-
-/*
- * The following implementation of base64 decoding was based on code
- * found in libmime (specifically, in mimeenc.c).  It has been adapted to
- * use PR types and naming as well as to provide other necessary semantics
- * (like buffer-in/buffer-out in addition to "streaming" without undue
- * performance hit of extra copying if you made the buffer versions
- * use the output_fn).  It also incorporates some aspects of the current
- * NSPR base64 decoding code.  As such, you may find similarities to
- * both of those implementations.  I tried to use names that reflected
- * the original code when possible.  For this reason you may find some
- * inconsistencies -- libmime used lots of "in" and "out" whereas the
- * NSPR version uses "src" and "dest"; sometimes I changed one to the other
- * and sometimes I left them when I thought the subroutines were at least
- * self-consistent.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Opaque object used by the decoder to store state.
- */
-struct PLBase64DecoderStr {
-    /* Current token (or portion, if token_size < 4) being decoded. */
-    unsigned char token[4];
-    int token_size;
-
-    /*
-     * Where to write the decoded data (used when streaming, not when
-     * doing all in-memory (buffer) operations).
-     *
-     * Note that this definition is chosen to be compatible with PR_Write.
-     */
-    PRInt32 (*output_fn) (void *output_arg, const unsigned char *buf,
-			  PRInt32 size);
-    void *output_arg;
-
-    /*
-     * Where the decoded output goes -- either temporarily (in the streaming
-     * case, staged here before it goes to the output function) or what will
-     * be the entire buffered result for users of the buffer version.
-     */
-    unsigned char *output_buffer;
-    PRUint32 output_buflen;	/* the total length of allocated buffer */
-    PRUint32 output_length;	/* the length that is currently populated */
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Table to convert an ascii "code" to its corresponding binary value.
- * For ease of use, the binary values in the table are the actual values
- * PLUS ONE.  This is so that the special value of zero can denote an
- * invalid mapping; that was much easier than trying to fill in the other
- * values with some value other than zero, and to check for it.
- * Just remember to SUBTRACT ONE when using the value retrieved.
- */
-static unsigned char base64_codetovaluep1[256] = {
-/*   0: */	  0,	  0,	  0,	  0,	  0,	  0,	  0,	  0,
-/*   8: */	  0,	  0,	  0,	  0,	  0,	  0,	  0,	  0,
-/*  16: */	  0,	  0,	  0,	  0,	  0,	  0,	  0,	  0,
-/*  24: */	  0,	  0,	  0,	  0,	  0,	  0,	  0,	  0,
-/*  32: */	  0,	  0,	  0,	  0,	  0,	  0,	  0,	  0,
-/*  40: */	  0,	  0,	  0,	 63,	  0,	  0,	  0,	 64,
-/*  48: */	 53,	 54,	 55,	 56,	 57,	 58,	 59,	 60,
-/*  56: */	 61,	 62,	  0,	  0,	  0,	  0,	  0,	  0,
-/*  64: */	  0,	  1,	  2,	  3,	  4,	  5,	  6,	  7,
-/*  72: */	  8,	  9,	 10,	 11,	 12,	 13,	 14,	 15,
-/*  80: */	 16,	 17,	 18,	 19,	 20,	 21,	 22,	 23,
-/*  88: */	 24,	 25,	 26,	  0,	  0,	  0,	  0,	  0,
-/*  96: */	  0,	 27,	 28,	 29,	 30,	 31,	 32,	 33,
-/* 104: */	 34,	 35,	 36,	 37,	 38,	 39,	 40,	 41,
-/* 112: */	 42,	 43,	 44,	 45,	 46,	 47,	 48,	 49,
-/* 120: */	 50,	 51,	 52,	  0,	  0,	  0,	  0,	  0,
-/* 128: */	  0,	  0,	  0,	  0,	  0,	  0,	  0,	  0
-/* and rest are all zero as well */
-};
-
-#define B64_PAD	'='
-
-
-/*
- * Reads 4; writes 3 (known, or expected, to have no trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_4to3 (const unsigned char *in, unsigned char *out)
-{
-    int j;
-    PRUint32 num = 0;
-    unsigned char bits;
-
-    for (j = 0; j < 4; j++) {
-	bits = base64_codetovaluep1[in[j]];
-	if (bits == 0)
-	    return -1;
-	num = (num << 6) | (bits - 1);
-    }
-
-    out[0] = (unsigned char) (num >> 16);
-    out[1] = (unsigned char) ((num >> 8) & 0xFF);
-    out[2] = (unsigned char) (num & 0xFF);
-
-    return 3;
-}
-
-/*
- * Reads 3; writes 2 (caller already confirmed EOF or trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_3to2 (const unsigned char *in, unsigned char *out)
-{
-    PRUint32 num = 0;
-    unsigned char bits1, bits2, bits3;
-
-    bits1 = base64_codetovaluep1[in[0]];
-    bits2 = base64_codetovaluep1[in[1]];
-    bits3 = base64_codetovaluep1[in[2]];
-
-    if ((bits1 == 0) || (bits2 == 0) || (bits3 == 0))
-	return -1;
-
-    num = ((PRUint32)(bits1 - 1)) << 10;
-    num |= ((PRUint32)(bits2 - 1)) << 4;
-    num |= ((PRUint32)(bits3 - 1)) >> 2;
-
-    out[0] = (unsigned char) (num >> 8);
-    out[1] = (unsigned char) (num & 0xFF);
-
-    return 2;
-}
-
-/*
- * Reads 2; writes 1 (caller already confirmed EOF or trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_2to1 (const unsigned char *in, unsigned char *out)
-{
-    PRUint32 num = 0;
-    unsigned char bits1, bits2;
-
-    bits1 = base64_codetovaluep1[in[0]];
-    bits2 = base64_codetovaluep1[in[1]];
-
-    if ((bits1 == 0) || (bits2 == 0))
-	return -1;
-
-    num = ((PRUint32)(bits1 - 1)) << 2;
-    num |= ((PRUint32)(bits2 - 1)) >> 4;
-
-    out[0] = (unsigned char) num;
-
-    return 1;
-}
-
-/*
- * Reads 4; writes 0-3.  Returns bytes written or -1 on error.
- * (Writes less than 3 only at (presumed) EOF.)
- */
-static int
-pl_base64_decode_token (const unsigned char *in, unsigned char *out)
-{
-    if (in[3] != B64_PAD)
-	return pl_base64_decode_4to3 (in, out);
-
-    if (in[2] == B64_PAD)
-	return pl_base64_decode_2to1 (in, out);
-
-    return pl_base64_decode_3to2 (in, out);
-}
-
-static PRStatus
-pl_base64_decode_buffer (PLBase64Decoder *data, const unsigned char *in,
-			 PRUint32 length)
-{
-    unsigned char *out = data->output_buffer;
-    unsigned char *token = data->token;
-    int i, n = 0;
-
-    i = data->token_size;
-    data->token_size = 0;
-
-    while (length > 0) {
-	while (i < 4 && length > 0) {
-	    /*
-	     * XXX Note that the following simply ignores any unexpected
-	     * characters.  This is exactly what the original code in
-	     * libmime did, and I am leaving it.  We certainly want to skip
-	     * over whitespace (we must); this does much more than that.
-	     * I am not confident changing it, and I don't want to slow
-	     * the processing down doing more complicated checking, but
-	     * someone else might have different ideas in the future.
-	     */
-	    if (base64_codetovaluep1[*in] > 0 || *in == B64_PAD)
-		token[i++] = *in;
-	    in++;
-	    length--;
-	}
-
-	if (i < 4) {
-	    /* Didn't get enough for a complete token. */
-	    data->token_size = i;
-	    break;
-	}
-	i = 0;
-
-	PR_ASSERT((out - data->output_buffer + 3) <= data->output_buflen);
-
-	/*
-	 * Assume we are not at the end; the following function only works
-	 * for an internal token (no trailing padding characters) but is
-	 * faster that way.  If it hits an invalid character (padding) it
-	 * will return an error; we break out of the loop and try again
-	 * calling the routine that will handle a final token.
-	 * Note that we intentionally do it this way rather than explicitly
-	 * add a check for padding here (because that would just slow down
-	 * the normal case) nor do we rely on checking whether we have more
-	 * input to process (because that would also slow it down but also
-	 * because we want to allow trailing garbage, especially white space
-	 * and cannot tell that without read-ahead, also a slow proposition).
-	 * Whew.  Understand?
-	 */
-	n = pl_base64_decode_4to3 (token, out);
-	if (n < 0)
-	    break;
-
-	/* Advance "out" by the number of bytes just written to it. */
-	out += n;
-	n = 0;
-    }
-
-    /*
-     * See big comment above, before call to pl_base64_decode_4to3.
-     * Here we check if we error'd out of loop, and allow for the case
-     * that we are processing the last interesting token.  If the routine
-     * which should handle padding characters also fails, then we just
-     * have bad input and give up.
-     */
-    if (n < 0) {
-	n = pl_base64_decode_token (token, out);
-	if (n < 0)
-	    return PR_FAILURE;
-
-	out += n;
-    }
-
-    /*
-     * As explained above, we can get here with more input remaining, but
-     * it should be all characters we do not care about (i.e. would be
-     * ignored when transferring from "in" to "token" in loop above,
-     * except here we choose to ignore extraneous pad characters, too).
-     * Swallow it, performing that check.  If we find more characters that
-     * we would expect to decode, something is wrong.
-     */
-    while (length > 0) {
-	if (base64_codetovaluep1[*in] > 0)
-	    return PR_FAILURE;
-	in++;
-	length--;
-    }
-
-    /* Record the length of decoded data we have left in output_buffer. */
-    data->output_length = (PRUint32) (out - data->output_buffer);
-    return PR_SUCCESS;
-}
-
-/*
- * Flush any remaining buffered characters.  Given well-formed input,
- * this will have nothing to do.  If the input was missing the padding
- * characters at the end, though, there could be 1-3 characters left
- * behind -- we will tolerate that by adding the padding for them.
- */
-static PRStatus
-pl_base64_decode_flush (PLBase64Decoder *data)
-{
-    int count;
-
-    /*
-     * If no remaining characters, or all are padding (also not well-formed
-     * input, but again, be tolerant), then nothing more to do.  (And, that
-     * is considered successful.)
-     */
-    if (data->token_size == 0 || data->token[0] == B64_PAD)
-	return PR_SUCCESS;
-
-    /*
-     * Assume we have all the interesting input except for some expected
-     * padding characters.  Add them and decode the resulting token.
-     */
-    while (data->token_size < 4)
-	data->token[data->token_size++] = B64_PAD;
-
-    data->token_size = 0;	/* so a subsequent flush call is a no-op */
-
-    count = pl_base64_decode_token (data->token,
-				    data->output_buffer + data->output_length);
-    if (count < 0)
-	return PR_FAILURE;
-
-    /*
-     * If there is an output function, call it with this last bit of data.
-     * Otherwise we are doing all buffered output, and the decoded bytes
-     * are now there, we just need to reflect that in the length.
-     */
-    if (data->output_fn != NULL) {
-	PRInt32 output_result;
-
-	PR_ASSERT(data->output_length == 0);
-	output_result = data->output_fn (data->output_arg,
-					 data->output_buffer,
-					 (PRInt32) count);
-	if (output_result < 0)
-	    return  PR_FAILURE;
-    } else {
-	data->output_length += count;
-    }
-
-    return PR_SUCCESS;
-}
-
-
-/*
- * The maximum space needed to hold the output of the decoder given
- * input data of length "size".
- */
-static PRUint32
-PL_Base64MaxDecodedLength (PRUint32 size)
-{
-    return ((size * 3) / 4);
-}
-
-
-/*
- * A distinct internal creation function for the buffer version to use.
- * (It does not want to specify an output_fn, and we want the normal
- * Create function to require that.)  If more common initialization
- * of the decoding context needs to be done, it should be done *here*.
- */
-static PLBase64Decoder *
-pl_base64_create_decoder (void)
-{
-    return PR_NEWZAP(PLBase64Decoder);
-}
-
-/*
- * Function to start a base64 decoding context.
- * An "output_fn" is required; the "output_arg" parameter to that is optional.
- */
-static PLBase64Decoder *
-PL_CreateBase64Decoder (PRInt32 (*output_fn) (void *, const unsigned char *,
-					      PRInt32),
-			void *output_arg)
-{
-    PLBase64Decoder *data;
-
-    if (output_fn == NULL) {
-	PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
-	return NULL;
-    }
-
-    data = pl_base64_create_decoder ();
-    if (data != NULL) {
-	data->output_fn = output_fn;
-	data->output_arg = output_arg;
-    }
-    return data;
-}
-
-
-/*
- * Push data through the decoder, causing the output_fn (provided to Create)
- * to be called with the decoded data.
- */
-static PRStatus
-PL_UpdateBase64Decoder (PLBase64Decoder *data, const char *buffer,
-			PRUint32 size)
-{
-    PRUint32 need_length;
-    PRStatus status;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL || buffer == NULL || size == 0) {
-	PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
-	return PR_FAILURE;
-    }
-
-    /*
-     * How much space could this update need for decoding?
-     */
-    need_length = PL_Base64MaxDecodedLength (size + data->token_size);
-
-    /*
-     * Make sure we have at least that much.  If not, (re-)allocate.
-     */
-    if (need_length > data->output_buflen) {
-	unsigned char *output_buffer = data->output_buffer;
-
-	if (output_buffer != NULL)
-	    output_buffer = (unsigned char *) PR_Realloc(output_buffer,
-							 need_length);
-	else
-	    output_buffer = (unsigned char *) PR_Malloc(need_length);
-
-	if (output_buffer == NULL)
-	    return PR_FAILURE;
-
-	data->output_buffer = output_buffer;
-	data->output_buflen = need_length;
-    }
-
-    /* There should not have been any leftover output data in the buffer. */
-    PR_ASSERT(data->output_length == 0);
-    data->output_length = 0;
-
-    status = pl_base64_decode_buffer (data, (const unsigned char *) buffer,
-				      size);
-
-    /* Now that we have some decoded data, write it. */
-    if (status == PR_SUCCESS && data->output_length > 0) {
-	PRInt32 output_result;
-
-	PR_ASSERT(data->output_fn != NULL);
-	output_result = data->output_fn (data->output_arg,
-					 data->output_buffer,
-					 (PRInt32) data->output_length);
-	if (output_result < 0)
-	    status = PR_FAILURE;
-    }
-
-    data->output_length = 0;
-    return status;
-}
-
-
-/*
- * When you're done decoding, call this to free the data.  If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-static PRStatus
-PL_DestroyBase64Decoder (PLBase64Decoder *data, PRBool abort_p)
-{
-    PRStatus status = PR_SUCCESS;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL) {
-	PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
-	return PR_FAILURE;
-    }
-
-    /* Flush out the last few buffered characters. */
-    if (!abort_p)
-	status = pl_base64_decode_flush (data);
-
-    if (data->output_buffer != NULL)
-	PR_Free(data->output_buffer);
-    PR_Free(data);
-
-    return status;
-}
-
-
-/*
- * Perform base64 decoding from an input buffer to an output buffer.
- * The output buffer can be provided (as "dest"); you can also pass in
- * a NULL and this function will allocate a buffer large enough for you,
- * and return it.  If you do provide the output buffer, you must also
- * provide the maximum length of that buffer (as "maxdestlen").
- * The actual decoded length of output will be returned to you in
- * "output_destlen".
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-static unsigned char *
-PL_Base64DecodeBuffer (const char *src, PRUint32 srclen, unsigned char *dest,
-		       PRUint32 maxdestlen, PRUint32 *output_destlen)
-{
-    PRUint32 need_length;
-    unsigned char *output_buffer = NULL;
-    PLBase64Decoder *data = NULL;
-    PRStatus status;
-
-    PR_ASSERT(srclen > 0);
-    if (srclen == 0)
-	return dest;
-
-    /*
-     * How much space could we possibly need for decoding this input?
-     */
-    need_length = PL_Base64MaxDecodedLength (srclen);
-
-    /*
-     * Make sure we have at least that much, if output buffer provided.
-     * If no output buffer provided, then we allocate that much.
-     */
-    if (dest != NULL) {
-	PR_ASSERT(maxdestlen >= need_length);
-	if (maxdestlen < need_length) {
-	    PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
-	    goto loser;
-	}
-	output_buffer = dest;
-    } else {
-	output_buffer = (unsigned char *) PR_Malloc(need_length);
-	if (output_buffer == NULL)
-	    goto loser;
-	maxdestlen = need_length;
-    }
-
-    data = pl_base64_create_decoder();
-    if (data == NULL)
-	goto loser;
-
-    data->output_buflen = maxdestlen;
-    data->output_buffer = output_buffer;
-
-    status = pl_base64_decode_buffer (data, (const unsigned char *) src,
-				      srclen);
-
-    /*
-     * We do not wait for Destroy to flush, because Destroy will also
-     * get rid of our decoder context, which we need to look at first!
-     */
-    if (status == PR_SUCCESS)
-	status = pl_base64_decode_flush (data);
-
-    /* Must clear this or Destroy will free it. */
-    data->output_buffer = NULL;
-
-    if (status == PR_SUCCESS) {
-	*output_destlen = data->output_length;
-	status = PL_DestroyBase64Decoder (data, PR_FALSE);
-	data = NULL;
-	if (status == PR_FAILURE)
-	    goto loser;
-	return output_buffer;
-    }
-
-loser:
-    if (dest == NULL && output_buffer != NULL)
-	PR_Free(output_buffer);
-    if (data != NULL)
-	(void) PL_DestroyBase64Decoder (data, PR_TRUE);
-    return NULL;
-}
-
-
-/*
- * XXX End of base64 decoding code to be moved into NSPR.
- ********************************************************
- */
-
-/*
- * This is the beginning of the NSS cover functions.  These will
- * provide the interface we want to expose as NSS-ish.  For example,
- * they will operate on our Items, do any special handling or checking
- * we want to do, etc.
- */
-
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A boring cover structure for now.  Perhaps someday it will include
- * some more interesting fields.
- */
-struct NSSBase64DecoderStr {
-    PLBase64Decoder *pl_data;
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Function to start a base64 decoding context.
- */
-NSSBase64Decoder *
-NSSBase64Decoder_Create (PRInt32 (*output_fn) (void *, const unsigned char *,
-					       PRInt32),
-			 void *output_arg)
-{
-    PLBase64Decoder *pl_data;
-    NSSBase64Decoder *nss_data;
-
-    nss_data = PORT_ZNew(NSSBase64Decoder);
-    if (nss_data == NULL)
-	return NULL;
-
-    pl_data = PL_CreateBase64Decoder (output_fn, output_arg);
-    if (pl_data == NULL) {
-	PORT_Free(nss_data);
-	return NULL;
-    }
-
-    nss_data->pl_data = pl_data;
-    return nss_data;
-}
-
-
-/*
- * Push data through the decoder, causing the output_fn (provided to Create)
- * to be called with the decoded data.
- */
-SECStatus
-NSSBase64Decoder_Update (NSSBase64Decoder *data, const char *buffer,
-			 PRUint32 size)
-{
-    PRStatus pr_status;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    pr_status = PL_UpdateBase64Decoder (data->pl_data, buffer, size);
-    if (pr_status == PR_FAILURE)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-
-/*
- * When you're done decoding, call this to free the data.  If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-SECStatus
-NSSBase64Decoder_Destroy (NSSBase64Decoder *data, PRBool abort_p)
-{
-    PRStatus pr_status;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    pr_status = PL_DestroyBase64Decoder (data->pl_data, abort_p);
-
-    PORT_Free(data);
-
-    if (pr_status == PR_FAILURE)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-
-/*
- * Perform base64 decoding from an ascii string "inStr" to an Item.
- * The length of the input must be provided as "inLen".  The Item
- * may be provided (as "outItemOpt"); you can also pass in a NULL
- * and the Item will be allocated for you.
- *
- * In any case, the data within the Item will be allocated for you.
- * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
- * If "arenaOpt" is NULL, standard allocation (heap) will be used and
- * you will want to free the result via SECITEM_FreeItem.
- *
- * Return value is NULL on error, the Item (allocated or provided) otherwise.
- */
-SECItem *
-NSSBase64_DecodeBuffer (PRArenaPool *arenaOpt, SECItem *outItemOpt,
-			const char *inStr, unsigned int inLen)
-{
-    SECItem *out_item = outItemOpt;
-    PRUint32 max_out_len = PL_Base64MaxDecodedLength (inLen);
-    PRUint32 out_len;
-    void *mark = NULL;
-    unsigned char *dummy;
-
-    PORT_Assert(outItemOpt == NULL || outItemOpt->data == NULL);
-
-    if (arenaOpt != NULL)
-	mark = PORT_ArenaMark (arenaOpt);
-
-    out_item = SECITEM_AllocItem (arenaOpt, outItemOpt, max_out_len);
-    if (out_item == NULL) {
-	if (arenaOpt != NULL)
-	    PORT_ArenaRelease (arenaOpt, mark);
-	return NULL;
-    }
-
-    dummy = PL_Base64DecodeBuffer (inStr, inLen, out_item->data,
-				   max_out_len, &out_len);
-    if (dummy == NULL) {
-	if (arenaOpt != NULL) {
-	    PORT_ArenaRelease (arenaOpt, mark);
-	    if (outItemOpt != NULL) {
-		outItemOpt->data = NULL;
-		outItemOpt->len = 0;
-	    }
-	} else {
-	    SECITEM_FreeItem (out_item,
-			      (outItemOpt == NULL) ? PR_TRUE : PR_FALSE);
-	}
-	return NULL;
-    }
-
-    if (arenaOpt != NULL)
-	PORT_ArenaUnmark (arenaOpt, mark);
-    out_item->len = out_len;
-    return out_item;
-}
-
-
-/*
- * XXX Everything below is deprecated.  If you add new stuff, put it
- * *above*, not below.
- */
-
-/*
- * XXX The following "ATOB" functions are provided for backward compatibility
- * with current code.  They should be considered strongly deprecated.
- * When we can convert all our code over to using the new NSSBase64Decoder_
- * functions defined above, we should get rid of these altogether.  (Remove
- * protoypes from base64.h as well -- actually, remove that file completely).
- * If someone thinks either of these functions provides such a very useful
- * interface (though, as shown, the same functionality can already be
- * obtained by calling NSSBase64_DecodeBuffer directly), fine -- but then
- * that API should be provided with a nice new NSSFoo name and using
- * appropriate types, etc.
- */
-
-#include "base64.h"
-
-/*
-** Return an PORT_Alloc'd string which is the base64 decoded version
-** of the input string; set *lenp to the length of the returned data.
-*/
-unsigned char *
-ATOB_AsciiToData(const char *string, unsigned int *lenp)
-{
-    SECItem binary_item, *dummy;
-
-    binary_item.data = NULL;
-    binary_item.len = 0;
-
-    dummy = NSSBase64_DecodeBuffer (NULL, &binary_item, string,
-				    (PRUint32) PORT_Strlen(string));
-    if (dummy == NULL)
-	return NULL;
-
-    PORT_Assert(dummy == &binary_item);
-
-    *lenp = dummy->len;
-    return dummy->data;
-}
- 
-/*
-** Convert from ascii to binary encoding of an item.
-*/
-SECStatus
-ATOB_ConvertAsciiToItem(SECItem *binary_item, char *ascii)
-{
-    SECItem *dummy;
-
-    if (binary_item == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    /*
-     * XXX Would prefer to assert here if data is non-null (actually,
-     * don't need to, just let NSSBase64_DecodeBuffer do it), so as to
-     * to catch unintended memory leaks, but callers are not clean in
-     * this respect so we need to explicitly clear here to avoid the
-     * assert in NSSBase64_DecodeBuffer.
-     */
-    binary_item->data = NULL;
-    binary_item->len = 0;
-
-    dummy = NSSBase64_DecodeBuffer (NULL, binary_item, ascii,
-				    (PRUint32) PORT_Strlen(ascii));
-
-    if (dummy == NULL)
-	return SECFailure;
-
-    return SECSuccess;
-}
diff --git a/security/nss/lib/util/nssb64e.c b/security/nss/lib/util/nssb64e.c
deleted file mode 100644
index 9c802abcd..000000000
--- a/security/nss/lib/util/nssb64e.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Base64 encoding (binary to ascii).
- *
- * $Id$
- */
-
-#include "nssb64.h"
-#include "nspr.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/*
- * XXX See the big comment at the top of nssb64d.c about moving the
- * bulk of this code over into NSPR (the PL part).  It all applies
- * here but I didn't want to duplicate it, to avoid divergence problems.
- */ 
-
-/*
- **************************************************************
- * XXX Beginning of base64 encoding code to be moved into NSPR.
- */
-
-
-struct PLBase64EncodeStateStr {
-    unsigned chunks;
-    unsigned saved;
-    unsigned char buf[3];
-};
-
-/*
- * This typedef would belong in the NSPR header file (i.e. plbase64.h).
- */
-typedef struct PLBase64EncoderStr PLBase64Encoder;
-
-/*
- * The following implementation of base64 encoding was based on code
- * found in libmime (specifically, in mimeenc.c).  It has been adapted to
- * use PR types and naming as well as to provide other necessary semantics
- * (like buffer-in/buffer-out in addition to "streaming" without undue
- * performance hit of extra copying if you made the buffer versions
- * use the output_fn).  It also incorporates some aspects of the current
- * NSPR base64 encoding code.  As such, you may find similarities to
- * both of those implementations.  I tried to use names that reflected
- * the original code when possible.  For this reason you may find some
- * inconsistencies -- libmime used lots of "in" and "out" whereas the
- * NSPR version uses "src" and "dest"; sometimes I changed one to the other
- * and sometimes I left them when I thought the subroutines were at least
- * self-consistent.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Opaque object used by the encoder to store state.
- */
-struct PLBase64EncoderStr {
-    /*
-     * The one or two bytes pending.  (We need 3 to create a "token",
-     * and hold the leftovers here.  in_buffer_count is *only* ever
-     * 0, 1, or 2.
-     */
-    unsigned char in_buffer[2];
-    int in_buffer_count;
-
-    /*
-     * If the caller wants linebreaks added, line_length specifies
-     * where they come out.  It must be a multiple of 4; if the caller
-     * provides one that isn't, we round it down to the nearest
-     * multiple of 4.
-     *
-     * The value of current_column counts how many characters have been
-     * added since the last linebreaks (or since the beginning, on the
-     * first line).  It is also always a multiple of 4; it is unused when
-     * line_length is 0.
-     */ 
-    PRUint32 line_length;
-    PRUint32 current_column;
-
-    /*
-     * Where to write the encoded data (used when streaming, not when
-     * doing all in-memory (buffer) operations).
-     *
-     * Note that this definition is chosen to be compatible with PR_Write.
-     */
-    PRInt32 (*output_fn) (void *output_arg, const char *buf, PRInt32 size);
-    void *output_arg;
-
-    /*
-     * Where the encoded output goes -- either temporarily (in the streaming
-     * case, staged here before it goes to the output function) or what will
-     * be the entire buffered result for users of the buffer version.
-     */
-    char *output_buffer;
-    PRUint32 output_buflen;	/* the total length of allocated buffer */
-    PRUint32 output_length;	/* the length that is currently populated */
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Table to convert a binary value to its corresponding ascii "code".
- */
-static unsigned char base64_valuetocode[64] =
-    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-#define B64_PAD	'='
-#define B64_CR	'\r'
-#define B64_LF	'\n'
-
-static PRStatus
-pl_base64_encode_buffer (PLBase64Encoder *data, const unsigned char *in,
-			 PRUint32 size)
-{
-    const unsigned char *end = in + size;
-    char *out = data->output_buffer + data->output_length;
-    int i = data->in_buffer_count;
-    PRUint32 n = 0;
-    int off;
-    PRUint32 output_threshold;
-
-    /* If this input buffer is too small, wait until next time. */
-    if (size < (3 - i)) {
-	data->in_buffer[i++] = in[0];
-	if (size > 1)
-	    data->in_buffer[i++] = in[1];
-	PR_ASSERT(i < 3);
-	data->in_buffer_count = i;
-	return PR_SUCCESS;
-    }
-
-    /* If there are bytes that were put back last time, take them now. */
-    if (i > 0) {
-	n = data->in_buffer[0];
-	if (i > 1)
-	    n = (n << 8) | data->in_buffer[1];
-	data->in_buffer_count = 0;
-    }
-
-    /* If our total is not a multiple of three, put one or two bytes back. */
-    off = (size + i) % 3;
-    if (off > 0) {
-	size -= off;
-	data->in_buffer[0] = in[size];
-	if (off > 1)
-	    data->in_buffer[1] = in[size + 1];
-	data->in_buffer_count = off;
-	end -= off;
-    }
-
-    output_threshold = data->output_buflen - 3;
-
-    /*
-     * Populate the output buffer with base64 data, one line (or buffer)
-     * at a time.
-     */
-    while (in < end) {
-	int j, k;
-
-	while (i < 3) {
-	    n = (n << 8) | *in++;
-	    i++;
-	}
-	i = 0;
-
-	if (data->line_length > 0) {
-	    if (data->current_column >= data->line_length) {
-		data->current_column = 0;
-		*out++ = B64_CR;
-		*out++ = B64_LF;
-		data->output_length += 2;
-	    }
-	    data->current_column += 4;	/* the bytes we are about to add */
-	}
-
-	for (j = 18; j >= 0; j -= 6) {
-	    k = (n >> j) & 0x3F;
-	    *out++ = base64_valuetocode[k];
-	}
-	n = 0;
-	data->output_length += 4;
-
-	if (data->output_length >= output_threshold) {
-	    PR_ASSERT(data->output_length <= data->output_buflen);
-	    if (data->output_fn != NULL) {
-		PRInt32 output_result;
-
-		output_result = data->output_fn (data->output_arg,
-						 data->output_buffer,
-						 (PRInt32) data->output_length);
-		if (output_result < 0)
-		    return PR_FAILURE;
-
-		out = data->output_buffer;
-		data->output_length = 0;
-	    } else {
-		/*
-		 * Check that we are about to exit the loop.  (Since we
-		 * are over the threshold, there isn't enough room in the
-		 * output buffer for another trip around.)
-		 */
-		PR_ASSERT(in == end);
-		if (in < end) {
-		    PR_SetError (PR_BUFFER_OVERFLOW_ERROR, 0);
-		    return PR_FAILURE;
-		}
-	    }
-	}
-    }
-
-    return PR_SUCCESS;
-}
-
-static PRStatus
-pl_base64_encode_flush (PLBase64Encoder *data)
-{
-    int i = data->in_buffer_count;
-
-    if (i == 0 && data->output_length == 0)
-	return PR_SUCCESS;
-
-    if (i > 0) {
-	char *out = data->output_buffer + data->output_length;
-	PRUint32 n;
-	int j, k;
-
-	n = ((PRUint32) data->in_buffer[0]) << 16;
-	if (i > 1)
-	    n |= ((PRUint32) data->in_buffer[1] << 8);
-
-	data->in_buffer_count = 0;
-
-	if (data->line_length > 0) {
-	    if (data->current_column >= data->line_length) {
-		data->current_column = 0;
-		*out++ = B64_CR;
-		*out++ = B64_LF;
-		data->output_length += 2;
-	    }
-	}
-
-	/*
-	 * This will fill in more than we really have data for, but the
-	 * valid parts will end up in the correct position and the extras
-	 * will be over-written with pad characters below.
-	 */
-	for (j = 18; j >= 0; j -= 6) {
-	    k = (n >> j) & 0x3F;
-	    *out++ = base64_valuetocode[k];
-	}
-
-	/* Pad with equal-signs. */
-	if (i == 1)
-	    out[-2] = B64_PAD;
-	out[-1] = B64_PAD;
-
-	data->output_length += 4;
-    }
-
-    if (data->output_fn != NULL) {
-	PRInt32 output_result;
-
-	output_result = data->output_fn (data->output_arg, data->output_buffer,
-					 (PRInt32) data->output_length);
-	data->output_length = 0;
-
-	if (output_result < 0)
-	    return PR_FAILURE;
-    }
-
-    return PR_SUCCESS;
-}
-
-
-/*
- * The maximum space needed to hold the output of the encoder given input
- * data of length "size", and allowing for CRLF added at least every
- * line_length bytes (we will add it at nearest lower multiple of 4).
- * There is no trailing CRLF.
- */
-static PRUint32
-PL_Base64MaxEncodedLength (PRUint32 size, PRUint32 line_length)
-{
-    PRUint32 tokens, tokens_per_line, full_lines, line_break_chars, remainder;
-
-    tokens = (size + 2) / 3;
-
-    if (line_length == 0)
-	return tokens * 4;
-
-    if (line_length < 4)	/* too small! */
-	line_length = 4;
-
-    tokens_per_line = line_length / 4;
-    full_lines = tokens / tokens_per_line;
-    remainder = (tokens - (full_lines * tokens_per_line)) * 4;
-    line_break_chars = full_lines * 2;
-    if (remainder == 0)
-	line_break_chars -= 2;
-
-    return (full_lines * tokens_per_line * 4) + line_break_chars + remainder;
-}
-
-
-/*
- * A distinct internal creation function for the buffer version to use.
- * (It does not want to specify an output_fn, and we want the normal
- * Create function to require that.)  All common initialization of the
- * encoding context should be done *here*.
- *
- * Save "line_length", rounded down to nearest multiple of 4 (if not
- * already even multiple).  Allocate output_buffer, if not provided --
- * based on given size if specified, otherwise based on line_length.
- */
-static PLBase64Encoder *
-pl_base64_create_encoder (PRUint32 line_length, char *output_buffer,
-			  PRUint32 output_buflen)
-{
-    PLBase64Encoder *data;
-    PRUint32 line_tokens;
-
-    data = PR_NEWZAP(PLBase64Encoder);
-    if (data == NULL)
-	return NULL;
-
-    if (line_length > 0 && line_length < 4)	/* too small! */
-	line_length = 4;
-
-    line_tokens = line_length / 4;
-    data->line_length = line_tokens * 4;
-
-    if (output_buffer == NULL) {
-	if (output_buflen == 0) {
-	    if (data->line_length > 0)	/* need to include room for CRLF */
-		output_buflen = data->line_length + 2;
-	    else
-		output_buflen = 64;		/* XXX what is a good size? */
-	}
-
-	output_buffer = (char *) PR_Malloc(output_buflen);
-	if (output_buffer == NULL) {
-	    PR_Free(data);
-	    return NULL;
-	}
-    }
-
-    data->output_buffer = output_buffer;
-    data->output_buflen = output_buflen;
-    return data;
-}
-
-/*
- * Function to start a base64 encoding context.
- * An "output_fn" is required; the "output_arg" parameter to that is optional.
- * If linebreaks in the encoded output are desired, "line_length" specifies
- * where to place them -- it will be rounded down to the nearest multiple of 4
- * (if it is not already an even multiple of 4).  If it is zero, no linebreaks
- * will be added.  (FYI, a linebreak is CRLF -- two characters.)
- */
-static PLBase64Encoder *
-PL_CreateBase64Encoder (PRInt32 (*output_fn) (void *, const char *, PRInt32),
-			void *output_arg, PRUint32 line_length)
-{
-    PLBase64Encoder *data;
-
-    if (output_fn == NULL) {
-	PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
-	return NULL;
-    }
-
-    data = pl_base64_create_encoder (line_length, NULL, 0);
-    if (data == NULL)
-	return NULL;
-
-    data->output_fn = output_fn;
-    data->output_arg = output_arg;
-
-    return data;
-}
-
-
-/*
- * Push data through the encoder, causing the output_fn (provided to Create)
- * to be called with the encoded data.
- */
-static PRStatus
-PL_UpdateBase64Encoder (PLBase64Encoder *data, const unsigned char *buffer,
-			PRUint32 size)
-{
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL || buffer == NULL || size == 0) {
-	PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
-	return PR_FAILURE;
-    }
-
-    return pl_base64_encode_buffer (data, buffer, size);
-}
-
-
-/*
- * When you're done encoding, call this to free the data.  If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-static PRStatus
-PL_DestroyBase64Encoder (PLBase64Encoder *data, PRBool abort_p)
-{
-    PRStatus status = PR_SUCCESS;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL) {
-	PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
-	return PR_FAILURE;
-    }
-
-    /* Flush out the last few buffered characters. */
-    if (!abort_p)
-	status = pl_base64_encode_flush (data);
-
-    if (data->output_buffer != NULL)
-	PR_Free(data->output_buffer);
-    PR_Free(data);
-
-    return status;
-}
-
-
-/*
- * Perform base64 encoding from an input buffer to an output buffer.
- * The output buffer can be provided (as "dest"); you can also pass in
- * a NULL and this function will allocate a buffer large enough for you,
- * and return it.  If you do provide the output buffer, you must also
- * provide the maximum length of that buffer (as "maxdestlen").
- * The actual encoded length of output will be returned to you in
- * "output_destlen".
- *
- * If linebreaks in the encoded output are desired, "line_length" specifies
- * where to place them -- it will be rounded down to the nearest multiple of 4
- * (if it is not already an even multiple of 4).  If it is zero, no linebreaks
- * will be added.  (FYI, a linebreak is CRLF -- two characters.)
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-static char *
-PL_Base64EncodeBuffer (const unsigned char *src, PRUint32 srclen,
-		       PRUint32 line_length, char *dest, PRUint32 maxdestlen,
-		       PRUint32 *output_destlen)
-{
-    PRUint32 need_length;
-    PLBase64Encoder *data = NULL;
-    PRStatus status;
-
-    PR_ASSERT(srclen > 0);
-    if (srclen == 0)
-	return dest;
-
-    /*
-     * How much space could we possibly need for encoding this input?
-     */
-    need_length = PL_Base64MaxEncodedLength (srclen, line_length);
-
-    /*
-     * Make sure we have at least that much, if output buffer provided.
-     */
-    if (dest != NULL) {
-	PR_ASSERT(maxdestlen >= need_length);
-	if (maxdestlen < need_length) {
-	    PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
-	    return NULL;
-	}
-    } else {
-	maxdestlen = need_length;
-    }
-
-    data = pl_base64_create_encoder(line_length, dest, maxdestlen);
-    if (data == NULL)
-	return NULL;
-
-    status = pl_base64_encode_buffer (data, src, srclen);
-
-    /*
-     * We do not wait for Destroy to flush, because Destroy will also
-     * get rid of our encoder context, which we need to look at first!
-     */
-    if (status == PR_SUCCESS)
-	status = pl_base64_encode_flush (data);
-
-    if (status != PR_SUCCESS) {
-	(void) PL_DestroyBase64Encoder (data, PR_TRUE);
-	return NULL;
-    }
-
-    dest = data->output_buffer;
-
-    /* Must clear this or Destroy will free it. */
-    data->output_buffer = NULL;
-
-    *output_destlen = data->output_length;
-    status = PL_DestroyBase64Encoder (data, PR_FALSE);
-    if (status == PR_FAILURE) {
-	PR_Free(dest);
-	return NULL;
-    }
-
-    return dest;
-}
-
-/*
- * XXX End of base64 encoding code to be moved into NSPR.
- ********************************************************
- */
-
-/*
- * This is the beginning of the NSS cover functions.  These will
- * provide the interface we want to expose as NSS-ish.  For example,
- * they will operate on our Items, do any special handling or checking
- * we want to do, etc.
- */
-
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A boring cover structure for now.  Perhaps someday it will include
- * some more interesting fields.
- */
-struct NSSBase64EncoderStr {
-    PLBase64Encoder *pl_data;
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Function to start a base64 encoding context.
- */
-NSSBase64Encoder *
-NSSBase64Encoder_Create (PRInt32 (*output_fn) (void *, const char *, PRInt32),
-			 void *output_arg)
-{
-    PLBase64Encoder *pl_data;
-    NSSBase64Encoder *nss_data;
-
-    nss_data = PORT_ZNew(NSSBase64Encoder);
-    if (nss_data == NULL)
-	return NULL;
-
-    pl_data = PL_CreateBase64Encoder (output_fn, output_arg, 64);
-    if (pl_data == NULL) {
-	PORT_Free(nss_data);
-	return NULL;
-    }
-
-    nss_data->pl_data = pl_data;
-    return nss_data;
-}
-
-
-/*
- * Push data through the encoder, causing the output_fn (provided to Create)
- * to be called with the encoded data.
- */
-SECStatus
-NSSBase64Encoder_Update (NSSBase64Encoder *data, const unsigned char *buffer,
-			 PRUint32 size)
-{
-    PRStatus pr_status;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    pr_status = PL_UpdateBase64Encoder (data->pl_data, buffer, size);
-    if (pr_status == PR_FAILURE)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-
-/*
- * When you're done encoding, call this to free the data.  If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-SECStatus
-NSSBase64Encoder_Destroy (NSSBase64Encoder *data, PRBool abort_p)
-{
-    PRStatus pr_status;
-
-    /* XXX Should we do argument checking only in debug build? */
-    if (data == NULL) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    pr_status = PL_DestroyBase64Encoder (data->pl_data, abort_p);
-
-    PORT_Free(data);
-
-    if (pr_status == PR_FAILURE)
-	return SECFailure;
-
-    return SECSuccess;
-}
-
-
-/*
- * Perform base64 encoding of binary data "inItem" to an ascii string.
- * The output buffer may be provided (as "outStrOpt"); you can also pass
- * in a NULL and the buffer will be allocated for you.  The result will
- * be null-terminated, and if the buffer is provided, "maxOutLen" must
- * specify the maximum length of the buffer and will be checked to
- * supply sufficient space space for the encoded result.  (If "outStrOpt"
- * is NULL, "maxOutLen" is ignored.)
- *
- * If "outStrOpt" is NULL, allocation will happen out of the passed-in
- * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
- * will be used.
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-char *
-NSSBase64_EncodeItem (PRArenaPool *arenaOpt, char *outStrOpt,
-		      unsigned int maxOutLen, SECItem *inItem)
-{
-    char *out_string = outStrOpt;
-    PRUint32 max_out_len;
-    PRUint32 out_len;
-    void *mark = NULL;
-    char *dummy;
-
-    PORT_Assert(inItem != NULL && inItem->data != NULL && inItem->len != 0);
-    if (inItem == NULL || inItem->data == NULL || inItem->len == 0) {
-	PORT_SetError (SEC_ERROR_INVALID_ARGS);
-	return NULL;
-    }
-
-    max_out_len = PL_Base64MaxEncodedLength (inItem->len, 64);
-
-    if (arenaOpt != NULL)
-	mark = PORT_ArenaMark (arenaOpt);
-
-    if (out_string == NULL) {
-	if (arenaOpt != NULL)
-	    out_string = PORT_ArenaAlloc (arenaOpt, max_out_len + 1);
-	else
-	    out_string = PORT_Alloc (max_out_len + 1);
-
-	if (out_string == NULL) {
-	    if (arenaOpt != NULL)
-		PORT_ArenaRelease (arenaOpt, mark);
-	    return NULL;
-	}
-    } else {
-	if ((max_out_len + 1) > maxOutLen) {
-	    PORT_SetError (SEC_ERROR_OUTPUT_LEN);
-	    return NULL;
-	}
-	max_out_len = maxOutLen;
-    }
-
-
-    dummy = PL_Base64EncodeBuffer (inItem->data, inItem->len, 64,
-				   out_string, max_out_len, &out_len);
-    if (dummy == NULL) {
-	if (arenaOpt != NULL) {
-	    PORT_ArenaRelease (arenaOpt, mark);
-	} else {
-	    PORT_Free (out_string);
-	}
-	return NULL;
-    }
-
-    if (arenaOpt != NULL)
-	PORT_ArenaUnmark (arenaOpt, mark);
-
-    out_string[out_len] = '\0';
-    return out_string;
-}
-
-
-/*
- * XXX Everything below is deprecated.  If you add new stuff, put it
- * *above*, not below.
- */
-
-/*
- * XXX The following "BTOA" functions are provided for backward compatibility
- * with current code.  They should be considered strongly deprecated.
- * When we can convert all our code over to using the new NSSBase64Encoder_
- * functions defined above, we should get rid of these altogether.  (Remove
- * protoypes from base64.h as well -- actually, remove that file completely).
- * If someone thinks either of these functions provides such a very useful
- * interface (though, as shown, the same functionality can already be
- * obtained by calling NSSBase64_EncodeItem directly), fine -- but then
- * that API should be provided with a nice new NSSFoo name and using
- * appropriate types, etc.
- */
-
-#include "base64.h"
-
-/*
-** Return an PORT_Alloc'd ascii string which is the base64 encoded
-** version of the input string.
-*/
-char *
-BTOA_DataToAscii(const unsigned char *data, unsigned int len)
-{
-    SECItem binary_item;
-
-    binary_item.data = (unsigned char *)data;
-    binary_item.len = len;
-
-    return NSSBase64_EncodeItem (NULL, NULL, 0, &binary_item);
-}
-
-/*
-** Convert from binary encoding of an item to ascii.
-*/
-char *
-BTOA_ConvertItemToAscii (SECItem *binary_item)
-{
-    return NSSBase64_EncodeItem (NULL, NULL, 0, binary_item);
-}
diff --git a/security/nss/lib/util/nssb64t.h b/security/nss/lib/util/nssb64t.h
deleted file mode 100644
index b7b079d8c..000000000
--- a/security/nss/lib/util/nssb64t.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public data structures for base64 encoding/decoding.
- *
- * $Id$
- */
-#ifndef _NSSB64T_H_
-#define _NSSB64T_H_
-
-typedef struct NSSBase64DecoderStr NSSBase64Decoder;
-typedef struct NSSBase64EncoderStr NSSBase64Encoder;
-
-#endif /* _NSSB64T_H_ */
diff --git a/security/nss/lib/util/nssilckt.h b/security/nss/lib/util/nssilckt.h
deleted file mode 100644
index e0b49902f..000000000
--- a/security/nss/lib/util/nssilckt.h
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** nssilock.h - Instrumented locking functions for NSS
-**
-** Description:
-**    nssilock provides instrumentation for locks and monitors in
-**    the NSS libraries. The instrumentation, when enabled, causes
-**    each call to the instrumented function to record data about
-**    the call to an external file. The external file
-**    subsequently used to extract performance data and other
-**    statistical information about the operation of locks used in
-**    the nss library.
-**     
-**    To enable compilation with instrumentation, build NSS with 
-**    the compile time switch NEED_NSS_ILOCK defined.
-**
-**    say:  "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
-**
-**    At runtime, to enable recording from nssilock, one or more
-**    environment variables must be set. For each nssILockType to
-**    be recorded, an environment variable of the form NSS_ILOCK_x
-**    must be set to 1. For example:
-**
-**       set NSS_ILOCK_Cert=1
-**
-**    nssilock uses PRLOG is used to record to trace data. The
-**    PRLogModule name associated with nssilock data is: "nssilock".
-**    To enable recording of nssilock data you will need to set the
-**    environment variable NSPR_LOG_MODULES to enable
-**    recording for the nssilock log module. Similarly, you will
-**    need to set the environment variable NSPR_LOG_FILE to specify
-**    the filename to receive the recorded data. See prlog.h for usage.
-**    Example:
-**
-**        export NSPR_LOG_MODULES=nssilock:6
-**        export NSPR_LOG_FILE=xxxLogfile
-**
-** Operation:
-**    nssilock wraps calls to NSPR's PZLock and PZMonitor functions
-**    with similarly named functions: PZ_NewLock(), etc. When NSS is
-**    built with lock instrumentation enabled, the PZ* functions are
-**    compiled into NSS; when lock instrumentation is disabled,
-**    calls to PZ* functions are directly mapped to PR* functions
-**    and the instrumentation arguments to the PZ* functions are
-**    compiled away.
-**
-**
-** File Format:
-**    The format of the external file is implementation
-**    dependent. Where NSPR's PR_LOG() function is used, the file
-**    contains data defined for PR_LOG() plus the data written by
-**    the wrapped function. On some platforms and under some
-**    circumstances, platform dependent logging or
-**    instrumentation probes may be used. In any case, the
-**    relevant data provided by the lock instrumentation is:
-**    
-**      lockType, func, address, duration, line, file [heldTime]
-** 
-**    where:
-**    
-**       lockType: a character representation of nssILockType for the
-**       call. e.g. ... "cert"
-**    
-**       func: the function doing the tracing. e.g. "NewLock"
-**    
-**       address: address of the instrumented lock or monitor
-**    
-**       duration: is how long was spent in the instrumented function,
-**       in PRIntervalTime "ticks".
-**    
-**       line: the line number within the calling function
-**    
-**       file: the file from which the call was made
-**    
-**       heldTime: how long the lock/monitor was held. field
-**       present only for PZ_Unlock() and PZ_ExitMonitor().
-**    
-** Design Notes:
-**    The design for lock instrumentation was influenced by the
-**    need to gather performance data on NSS 3.x. It is intended
-**    that the effort to modify NSS to use lock instrumentation
-**    be minimized. Existing calls to locking functions need only
-**    have their names changed to the instrumentation function
-**    names.
-**    
-** Private NSS Interface:
-**    nssilock.h defines a private interface for use by NSS.
-**    nssilock.h is experimental in nature and is subject to
-**    change or revocation without notice. ... Don't mess with
-**    it.
-**    
-*/
-
-/*
- * $Id:
- */
-
-#ifndef _NSSILCKT_H_
-#define _NSSILCKT_H_
-
-#include "prtypes.h"
-#include "prmon.h"
-#include "prlock.h"
-#include "prcvar.h"
-
-typedef enum {
-    nssILockArena = 0,
-    nssILockSession = 1,
-    nssILockObject = 2,
-    nssILockRefLock = 3,
-    nssILockCert = 4,
-    nssILockCertDB = 5,
-    nssILockDBM = 6,
-    nssILockCache = 7,
-    nssILockSSL = 8,
-    nssILockList = 9,
-    nssILockSlot = 10,
-    nssILockFreelist = 11,
-    nssILockOID = 12,
-    nssILockAttribute = 13,
-    nssILockPK11cxt = 14,  /* pk11context */
-    nssILockRWLock = 15,
-    nssILockOther = 16,
-    nssILockSelfServ = 17,
-    nssILockLast  /* don't use this one! */
-} nssILockType;
-
-/*
-** Declare operation type enumerator
-** enumerations identify the function being performed
-*/
-typedef enum  {
-    FlushTT = 0,
-    NewLock = 1,
-    Lock = 2,
-    Unlock = 3,
-    DestroyLock = 4,
-    NewCondVar = 5,
-    WaitCondVar = 6,
-    NotifyCondVar = 7,
-    NotifyAllCondVar = 8,
-    DestroyCondVar = 9,
-    NewMonitor = 10,
-    EnterMonitor = 11,
-    ExitMonitor = 12,
-    Notify = 13,
-    NotifyAll = 14,
-    Wait = 15,
-    DestroyMonitor = 16
-} nssILockOp;
-
-/*
-** Declare the trace record
-*/
-struct pzTrace_s {
-    PRUint32        threadID; /* PR_GetThreadID() */
-    nssILockOp      op;       /* operation being performed */
-    nssILockType    ltype;    /* lock type identifier */
-    PRIntervalTime  callTime; /* time spent in function */
-    PRIntervalTime  heldTime; /* lock held time, or -1 */
-    void            *lock;    /* address of lock structure */    
-    PRIntn          line;     /* line number */
-    char            file[24]; /* filename */
-};
-
-PR_BEGIN_EXTERN_C
-/*
-** conditionally compile in nssilock features
-*/
-#if defined(NEED_NSS_ILOCK)
-
-/*
-** declare opaque types. See: nssilock.c
-*/
-typedef struct pzlock_s PZLock;
-typedef struct pzcondvar_s PZCondVar;
-typedef struct pzmonitor_s PZMonitor;
-
-#else /* NEED_NSS_ILOCK */
-
-#define PZLock                  PRLock
-#define PZCondVar               PRCondVar
-#define PZMonitor               PRMonitor
-    
-#endif /* NEED_NSS_ILOCK */
-
-PR_END_EXTERN_C
-#endif /* _NSSILCKT_H_ */
diff --git a/security/nss/lib/util/nssilock.c b/security/nss/lib/util/nssilock.c
deleted file mode 100644
index 056ee6e73..000000000
--- a/security/nss/lib/util/nssilock.c
+++ /dev/null
@@ -1,519 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nssilock.c - NSS lock instrumentation wrapper functions
- *
- * NOTE - These are not public interfaces
- *
- * Implementation Notes:
- * I've tried to make the instrumentation relatively non-intrusive.
- * To do this, I have used a single PR_LOG() call in each
- * instrumented function. There's room for improvement.
- *
- *
- */
-
-#include "prinit.h"
-#include "prerror.h"
-#include "prlock.h"
-#include "prmem.h"
-#include "prenv.h"
-#include "prcvar.h"
-#include "prio.h"
-
-#if defined(NEED_NSS_ILOCK)
-#include "prlog.h"
-#include "nssilock.h"
-
-/*
-** Declare the instrumented PZLock 
-*/
-struct pzlock_s {
-    PRLock *lock;  /* the PZLock to be instrumented */
-    PRIntervalTime time; /* timestamp when the lock was aquired */
-    nssILockType ltype;
-};
-
-/*
-** Declare the instrumented PZMonitor 
-*/
-struct pzmonitor_s {
-    PRMonitor *mon;   /* the PZMonitor to be instrumented */
-    PRIntervalTime time; /* timestamp when the monitor was aquired */
-    nssILockType ltype;
-};
-
-/*
-** Declare the instrumented PZCondVar
-*/
-struct pzcondvar_s  {
-    PRCondVar   *cvar;  /* the PZCondVar to be instrumented */
-    nssILockType ltype;
-};
-
-
-/*
-** Define a CallOnce type to ensure serialized self-initialization
-*/
-static PRCallOnceType coNssILock;     /* CallOnce type */
-static PRIntn  nssILockInitialized;   /* initialization done when 1 */
-static PRLogModuleInfo *nssILog;      /* Log instrumentation to this handle */
-
-
-#define NUM_TT_ENTRIES 6000000
-static PRInt32  traceIndex = -1;      /* index into trace table */
-static struct pzTrace_s *tt;          /* pointer to trace table */
-static PRInt32  ttBufSize = (NUM_TT_ENTRIES * sizeof(struct pzTrace_s ));
-static PRCondVar *ttCVar;
-static PRLock    *ttLock;
-static PRFileDesc *ttfd;              /* trace table file */
-
-/*
-** Vtrace() -- Trace events, write events to external media
-**
-** Vtrace() records traced events in an in-memory trace table
-** when the trace table fills, Vtrace writes the entire table
-** to a file.
-**
-** data can be lost!
-**
-*/
-static void Vtrace(
-    nssILockOp      op,
-    nssILockType    ltype,
-    PRIntervalTime  callTime,
-    PRIntervalTime  heldTime,
-    void            *lock,
-    PRIntn          line,
-    char            *file
-)  {
-    PRInt32 idx;
-    struct pzTrace_s *tp;
-
-RetryTrace:
-    idx = PR_AtomicIncrement( &traceIndex );
-    while( NUM_TT_ENTRIES <= idx || op == FlushTT ) {
-        if( NUM_TT_ENTRIES == idx  || op == FlushTT )  {
-            int writeSize = idx * sizeof(struct pzTrace_s);
-            PR_Lock(ttLock);
-            PR_Write( ttfd, tt, writeSize );
-            traceIndex = -1;
-            PR_NotifyAllCondVar( ttCVar );
-            PR_Unlock(ttLock);
-            goto RetryTrace;
-        } else {
-            PR_Lock(ttLock);
-            while( NUM_TT_ENTRIES < idx )
-                PR_WaitCondVar(ttCVar, PR_INTERVAL_NO_WAIT);
-            PR_Unlock(ttLock);
-            goto RetryTrace;
-        }
-    } /* end while() */
-
-    /* create the trace entry */
-    tp = tt + idx;
-    tp->threadID = PR_GetThreadID(PR_GetCurrentThread());
-    tp->op = op;
-    tp->ltype = ltype;
-    tp->callTime = callTime;
-    tp->heldTime = heldTime;
-    tp->lock = lock;
-    tp ->line = line;
-    strcpy(tp->file, file );
-    return;
-} /* --- end Vtrace() --- */
-
-/*
-** pz_TraceFlush() -- Force trace table write to file
-**
-*/
-extern void pz_TraceFlush( void )
-{
-    Vtrace( FlushTT, nssILockSelfServ, 0, 0, NULL, 0, "" );
-    return;
-} /* --- end pz_TraceFlush() --- */
-
-/*
-** nssILockInit() -- Initialization for nssilock
-**
-** This function is called from the CallOnce mechanism.
-*/
-static PRStatus
-    nssILockInit( void ) 
-{   
-    int i;
-    nssILockInitialized = 1;
-
-    /* new log module */
-    nssILog = PR_NewLogModule("nssilock");
-    if ( NULL == nssILog )  {
-        return(PR_FAILURE);
-    }
-
-    tt = PR_Calloc( NUM_TT_ENTRIES, sizeof(struct pzTrace_s));
-    if (NULL == tt ) {
-        fprintf(stderr, "nssilock: can't allocate trace table\n");
-        exit(1);
-    }
-
-    ttfd = PR_Open( "xxxTTLog", PR_CREATE_FILE | PR_WRONLY, 0666 );
-    if ( NULL == ttfd )  {
-        fprintf( stderr, "Oh Drat! Can't open 'xxxTTLog'\n");
-        exit(1);
-    }
-
-    ttLock = PR_NewLock();
-    ttCVar = PR_NewCondVar(ttLock);
-
-    return(PR_SUCCESS);
-} /* --- end nssILockInit() --- */
-
-extern PZLock * pz_NewLock( 
-    nssILockType ltype,
-    char *file,  
-    PRIntn line )
-{
-    PRStatus rc;
-    PZLock  *lock;
-    
-    /* Self Initialize the nssILock feature */
-    if (!nssILockInitialized)  {
-        rc = PR_CallOnce( &coNssILock, nssILockInit );
-        if ( PR_FAILURE == rc ) {
-            PR_SetError( PR_UNKNOWN_ERROR, 0 );
-            return( NULL );
-        }
-    }
-
-    lock = PR_NEWZAP( PZLock );
-    if ( NULL != lock )  {
-        lock->lock = PR_NewLock();
-        if ( NULL == lock->lock )  {
-            PR_DELETE( lock );
-            lock = NULL;
-        }
-    }
-    lock->ltype = ltype;
-
-    Vtrace( NewLock, ltype, 0, 0, lock, line, file );
-    return(lock);
-} /* --- end pz_NewLock() --- */
-
-extern void
-    pz_Lock(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    )
-{            
-    PRIntervalTime callTime;
-
-    callTime = PR_IntervalNow();
-    PR_Lock( lock->lock );
-    lock->time = PR_IntervalNow();
-    callTime = lock->time - callTime;
-
-    Vtrace( Lock, lock->ltype, callTime, 0, lock, line, file );
-    return;
-} /* --- end  pz_Lock() --- */
-
-extern PRStatus
-    pz_Unlock(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    ) 
-{
-    PRStatus rc;
-    PRIntervalTime callTime, now, heldTime;
-
-    callTime = PR_IntervalNow();
-    rc = PR_Unlock( lock->lock );
-    now = PR_IntervalNow(); 
-    callTime = now - callTime;
-    heldTime = now - lock->time;
-    Vtrace( Unlock, lock->ltype, callTime, heldTime, lock, line, file );
-    return( rc );
-} /* --- end  pz_Unlock() --- */
-
-extern void
-    pz_DestroyLock(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    )
-{
-    Vtrace( DestroyLock, lock->ltype, 0, 0, lock, line, file );
-    PR_DestroyLock( lock->lock );
-    PR_DELETE( lock );
-    return;
-} /* --- end  pz_DestroyLock() --- */
-
-
-
-extern PZCondVar *
-    pz_NewCondVar(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    )
-{
-    PZCondVar *cvar;
-
-    cvar = PR_NEWZAP( PZCondVar );
-    if ( NULL == cvar ) return(NULL);
-   
-    cvar->ltype = lock->ltype; 
-    cvar->cvar = PR_NewCondVar( lock->lock );
-    if ( NULL == cvar->cvar )  {
-        PR_DELETE( cvar );
-    }
-    Vtrace( NewCondVar, cvar->ltype, 0, 0, cvar, line, file );
-    return( cvar );
-} /* --- end  pz_NewCondVar() --- */
-
-extern void
-    pz_DestroyCondVar(
-        PZCondVar *cvar,
-        char *file,
-        PRIntn line
-    )
-{
-    Vtrace( DestroyCondVar, cvar->ltype, 0, 0, cvar, line, file );
-    PR_DestroyCondVar( cvar->cvar );
-    PR_DELETE( cvar );
-} /* --- end  pz_DestroyCondVar() --- */
-
-extern PRStatus
-    pz_WaitCondVar(
-        PZCondVar *cvar,
-        PRIntervalTime timeout,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus    rc;
-    PRIntervalTime callTime;
-
-    callTime = PR_IntervalNow();
-    rc = PR_WaitCondVar( cvar->cvar, timeout );
-    callTime = PR_IntervalNow() - callTime;
-    
-    Vtrace( WaitCondVar, cvar->ltype, callTime, 0, cvar, line, file );
-    return(rc);
-} /* --- end  pz_WaitCondVar() --- */
-
-extern PRStatus
-    pz_NotifyCondVar(
-        PZCondVar *cvar,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus    rc;
-    
-    rc = PR_NotifyCondVar( cvar->cvar );
-    
-    Vtrace( NotifyCondVar, cvar->ltype, 0, 0, cvar, line, file );
-    return(rc);
-} /* --- end  pz_NotifyCondVar() --- */
-
-extern PRStatus
-    pz_NotifyAllCondVar(
-        PZCondVar *cvar,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus    rc;
-    
-    rc = PR_NotifyAllCondVar( cvar->cvar );
-    
-    Vtrace( NotifyAllCondVar, cvar->ltype, 0, 0, cvar, line, file );
-    return(rc);
-} /* --- end  pz_NotifyAllCondVar() --- */
-
-extern PZMonitor *
-    pz_NewMonitor( 
-        nssILockType ltype,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus rc;
-    PZMonitor   *mon;
-
-    /* Self Initialize the nssILock feature */
-    if (!nssILockInitialized)  {
-        rc = PR_CallOnce( &coNssILock, nssILockInit );
-        if ( PR_FAILURE == rc ) {
-            PR_SetError( PR_UNKNOWN_ERROR, 0 );
-            return( NULL );
-        }
-    }
-
-    mon = PR_NEWZAP( PZMonitor );
-    if ( NULL != mon )  {
-        mon->mon = PR_NewMonitor();
-        if ( NULL == mon->mon )  {
-            PR_DELETE( mon );
-            return NULL;
-        }
-    }
-    mon->ltype = ltype;
-
-    Vtrace( NewMonitor, mon->ltype, 0, 0, mon, line, file );
-    return(mon);
-} /* --- end  pz_NewMonitor() --- */
-
-extern void
-    pz_DestroyMonitor(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    )
-{
-    Vtrace( DestroyMonitor, mon->ltype, 0, 0, mon, line, file );
-    PR_DestroyMonitor( mon->mon );
-    PR_DELETE( mon );
-    return;                
-} /* --- end  pz_DestroyMonitor() --- */
-
-extern void
-    pz_EnterMonitor(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    )
-{
-    PRIntervalTime callTime, now;
-
-    callTime = PR_IntervalNow();
-    PR_EnterMonitor( mon->mon );
-    now = PR_IntervalNow();
-    callTime = now - callTime;
-    if ( PR_GetMonitorEntryCount(mon->mon) == 1 )  {
-        mon->time = now;
-    }
-    Vtrace( EnterMonitor, mon->ltype, callTime, 0, mon, line, file );
-    return;
-} /* --- end  pz_EnterMonitor() --- */
-
-extern PRStatus
-    pz_ExitMonitor(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus rc;
-    PRIntervalTime callTime, now, heldTime;
-    PRIntn  mec = PR_GetMonitorEntryCount( mon->mon );
-   
-    heldTime = (PRIntervalTime)-1; 
-    callTime = PR_IntervalNow();
-    rc = PR_ExitMonitor( mon->mon );
-    now = PR_IntervalNow();
-    callTime = now - callTime;
-    if ( mec == 1 )
-        heldTime = now - mon->time;
-    Vtrace( ExitMonitor, mon->ltype, callTime, heldTime, mon, line, file );
-    return( rc );
-} /* --- end  pz_ExitMonitor() --- */
-
-extern PRIntn
-    pz_GetMonitorEntryCount(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    )
-{
-    return( PR_GetMonitorEntryCount(mon->mon));
-} /* --- end pz_GetMonitorEntryCount() --- */
-
-
-extern PRStatus
-    pz_Wait(
-        PZMonitor *mon,
-        PRIntervalTime ticks,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus rc;
-    PRIntervalTime callTime;
-
-    callTime = PR_IntervalNow();
-    rc = PR_Wait( mon->mon, ticks );
-    callTime = PR_IntervalNow() - callTime;
-    Vtrace( Wait, mon->ltype, callTime, 0, mon, line, file );
-    return( rc );
-} /* --- end  pz_Wait() --- */
-
-extern PRStatus
-    pz_Notify(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus rc;
-    PRIntervalTime callTime;
-
-    callTime = PR_IntervalNow();
-    rc = PR_Notify( mon->mon );
-    callTime = PR_IntervalNow() - callTime;
-    Vtrace( Notify, mon->ltype, callTime, 0, mon, line, file );
-    return( rc );
-} /* --- end  pz_Notify() --- */
-
-extern PRStatus
-    pz_NotifyAll(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    )
-{
-    PRStatus rc;
-    PRIntervalTime callTime;
-
-    callTime = PR_IntervalNow();
-    rc = PR_NotifyAll( mon->mon );
-    callTime = PR_IntervalNow() - callTime;
-    Vtrace( NotifyAll, mon->ltype, callTime, 0, mon, line, file );
-    return( rc );
-} /* --- end  pz_NotifyAll() --- */
-
-#endif /* NEED_NSS_ILOCK */
-/* --- end nssilock.c --------------------------------- */
diff --git a/security/nss/lib/util/nssilock.h b/security/nss/lib/util/nssilock.h
deleted file mode 100644
index 38b457387..000000000
--- a/security/nss/lib/util/nssilock.h
+++ /dev/null
@@ -1,316 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** nssilock.h - Instrumented locking functions for NSS
-**
-** Description:
-**    nssilock provides instrumentation for locks and monitors in
-**    the NSS libraries. The instrumentation, when enabled, causes
-**    each call to the instrumented function to record data about
-**    the call to an external file. The external file
-**    subsequently used to extract performance data and other
-**    statistical information about the operation of locks used in
-**    the nss library.
-**     
-**    To enable compilation with instrumentation, build NSS with 
-**    the compile time switch NEED_NSS_ILOCK defined.
-**
-**    say:  "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
-**
-**    At runtime, to enable recording from nssilock, one or more
-**    environment variables must be set. For each nssILockType to
-**    be recorded, an environment variable of the form NSS_ILOCK_x
-**    must be set to 1. For example:
-**
-**       set NSS_ILOCK_Cert=1
-**
-**    nssilock uses PRLOG is used to record to trace data. The
-**    PRLogModule name associated with nssilock data is: "nssilock".
-**    To enable recording of nssilock data you will need to set the
-**    environment variable NSPR_LOG_MODULES to enable
-**    recording for the nssilock log module. Similarly, you will
-**    need to set the environment variable NSPR_LOG_FILE to specify
-**    the filename to receive the recorded data. See prlog.h for usage.
-**    Example:
-**
-**        export NSPR_LOG_MODULES=nssilock:6
-**        export NSPR_LOG_FILE=xxxLogfile
-**
-** Operation:
-**    nssilock wraps calls to NSPR's PZLock and PZMonitor functions
-**    with similarly named functions: PZ_NewLock(), etc. When NSS is
-**    built with lock instrumentation enabled, the PZ* functions are
-**    compiled into NSS; when lock instrumentation is disabled,
-**    calls to PZ* functions are directly mapped to PR* functions
-**    and the instrumentation arguments to the PZ* functions are
-**    compiled away.
-**
-**
-** File Format:
-**    The format of the external file is implementation
-**    dependent. Where NSPR's PR_LOG() function is used, the file
-**    contains data defined for PR_LOG() plus the data written by
-**    the wrapped function. On some platforms and under some
-**    circumstances, platform dependent logging or
-**    instrumentation probes may be used. In any case, the
-**    relevant data provided by the lock instrumentation is:
-**    
-**      lockType, func, address, duration, line, file [heldTime]
-** 
-**    where:
-**    
-**       lockType: a character representation of nssILockType for the
-**       call. e.g. ... "cert"
-**    
-**       func: the function doing the tracing. e.g. "NewLock"
-**    
-**       address: address of the instrumented lock or monitor
-**    
-**       duration: is how long was spent in the instrumented function,
-**       in PRIntervalTime "ticks".
-**    
-**       line: the line number within the calling function
-**    
-**       file: the file from which the call was made
-**    
-**       heldTime: how long the lock/monitor was held. field
-**       present only for PZ_Unlock() and PZ_ExitMonitor().
-**    
-** Design Notes:
-**    The design for lock instrumentation was influenced by the
-**    need to gather performance data on NSS 3.x. It is intended
-**    that the effort to modify NSS to use lock instrumentation
-**    be minimized. Existing calls to locking functions need only
-**    have their names changed to the instrumentation function
-**    names.
-**    
-** Private NSS Interface:
-**    nssilock.h defines a private interface for use by NSS.
-**    nssilock.h is experimental in nature and is subject to
-**    change or revocation without notice. ... Don't mess with
-**    it.
-**    
-*/
-
-/*
- * $Id:
- */
-
-#ifndef _NSSILOCK_H_
-#define _NSSILOCK_H_
-
-#include "prtypes.h"
-#include "prmon.h"
-#include "prlock.h"
-#include "prcvar.h"
-
-#include "nssilckt.h"
-
-PR_BEGIN_EXTERN_C
-
-#if defined(NEED_NSS_ILOCK)
-
-#define PZ_NewLock(t) pz_NewLock((t),__FILE__,__LINE__)
-extern PZLock * 
-    pz_NewLock(
-        nssILockType ltype,
-        char *file,
-        PRIntn  line
-    );
-
-#define PZ_Lock(k)  pz_Lock((k),__FILE__,__LINE__)
-extern void
-    pz_Lock(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_Unlock(k) pz_Unlock((k),__FILE__,__LINE__)
-extern PRStatus
-    pz_Unlock(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_DestroyLock(k) pz_DestroyLock((k),__FILE__,__LINE__)
-extern void
-    pz_DestroyLock(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    );
-
-
-#define PZ_NewCondVar(l)        pz_NewCondVar((l),__FILE__,__LINE__)
-extern PZCondVar *
-    pz_NewCondVar(
-        PZLock *lock,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_DestroyCondVar(v)    pz_DestroyCondVar((v),__FILE__,__LINE__)
-extern void
-    pz_DestroyCondVar(
-        PZCondVar *cvar,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_WaitCondVar(v,t)       pz_WaitCondVar((v),(t),__FILE__,__LINE__)
-extern PRStatus
-    pz_WaitCondVar(
-        PZCondVar *cvar,
-        PRIntervalTime timeout,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_NotifyCondVar(v)     pz_NotifyCondVar((v),__FILE__,__LINE__)
-extern PRStatus
-    pz_NotifyCondVar(
-        PZCondVar *cvar,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_NotifyAllCondVar(v)  pz_NotifyAllCondVar((v),__FILE__,__LINE__)
-extern PRStatus
-    pz_NotifyAllCondVar(
-        PZCondVar *cvar,
-        char *file,
-        PRIntn line
-    );
-
-
-#define PZ_NewMonitor(t) pz_NewMonitor((t),__FILE__,__LINE__)
-extern PZMonitor *
-    pz_NewMonitor( 
-        nssILockType ltype,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_DestroyMonitor(m) pz_DestroyMonitor((m),__FILE__,__LINE__)
-extern void
-    pz_DestroyMonitor(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_EnterMonitor(m) pz_EnterMonitor((m),__FILE__,__LINE__)
-extern void
-    pz_EnterMonitor(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    );
-
-
-#define PZ_ExitMonitor(m) pz_ExitMonitor((m),__FILE__,__LINE__)
-extern PRStatus
-    pz_ExitMonitor(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_InMonitor(m)  (PZ_GetMonitorEntryCount(m) > 0 )
-#define PZ_GetMonitorEntryCount(m) pz_GetMonitorEntryCount((m),__FILE__,__LINE__)
-extern PRIntn
-    pz_GetMonitorEntryCount(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_Wait(m,i) pz_Wait((m),((i)),__FILE__,__LINE__)
-extern PRStatus
-    pz_Wait(
-        PZMonitor *mon,
-        PRIntervalTime ticks,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_Notify(m) pz_Notify((m),__FILE__,__LINE__)
-extern PRStatus
-    pz_Notify(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_NotifyAll(m) pz_NotifyAll((m),__FILE__,__LINE__)
-extern PRStatus
-    pz_NotifyAll(
-        PZMonitor *mon,
-        char *file,
-        PRIntn line
-    );
-
-#define PZ_TraceFlush() pz_TraceFlush()
-extern void pz_TraceFlush( void );
-
-#else /* NEED_NSS_ILOCK */
-
-#define PZ_NewLock(t)           PR_NewLock()
-#define PZ_DestroyLock(k)       PR_DestroyLock((k))
-#define PZ_Lock(k)              PR_Lock((k))
-#define PZ_Unlock(k)            PR_Unlock((k))
-
-#define PZ_NewCondVar(l)        PR_NewCondVar((l))
-#define PZ_DestroyCondVar(v)    PR_DestroyCondVar((v))
-#define PZ_WaitCondVar(v,t)     PR_WaitCondVar((v),(t))
-#define PZ_NotifyCondVar(v)     PR_NotifyCondVar((v))
-#define PZ_NotifyAllCondVar(v)  PR_NotifyAllCondVar((v))
-
-#define PZ_NewMonitor(t)        PR_NewMonitor()
-#define PZ_DestroyMonitor(m)    PR_DestroyMonitor((m))
-#define PZ_EnterMonitor(m)      PR_EnterMonitor((m))
-#define PZ_ExitMonitor(m)       PR_ExitMonitor((m))
-#define PZ_InMonitor(m)         PR_InMonitor((m))
-#define PZ_Wait(m,t)            PR_Wait(((m)),((t)))
-#define PZ_Notify(m)            PR_Notify((m))
-#define PZ_NotifyAll(m)         PR_Notify((m))
-#define PZ_TraceFlush()         /* nothing */
-
-    
-#endif /* NEED_NSS_ILOCK */
-
-PR_END_EXTERN_C
-#endif /* _NSSILOCK_H_ */
diff --git a/security/nss/lib/util/nsslocks.c b/security/nss/lib/util/nsslocks.c
deleted file mode 100644
index ce9072c68..000000000
--- a/security/nss/lib/util/nsslocks.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nsslocks.h - threadsafe functions to initialize lock pointers.
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "nsslocks.h"
-#include "pratom.h"
-#include "prthread.h"
-
-/* Given the address of a (global) pointer to a PZLock, 
- * atomicly create the lock and initialize the (global) pointer, 
- * if it is not already created/initialized.
- */
-
-SECStatus 
-__nss_InitLock(   PZLock    **ppLock, nssILockType ltype )
-{
-    static PRInt32  initializers;
-
-    PORT_Assert( ppLock != NULL);
-
-    /* atomically initialize the lock */
-    while (!*ppLock) {
-        PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
-        if (myAttempt == 1) {
-	    *ppLock = PZ_NewLock(ltype);
-            (void) PR_AtomicDecrement(&initializers);
-            break;
-        }
-        PR_Sleep(PR_INTERVAL_NO_WAIT);          /* PR_Yield() */
-        (void) PR_AtomicDecrement(&initializers);
-    }
-
-    return (*ppLock != NULL) ? SECSuccess : SECFailure;
-}
-
-SECStatus 
-nss_InitLock(   PZLock    **ppLock, nssILockType ltype )
-{
-    return __nss_InitLock(ppLock, ltype);
-}
-
-/* Given the address of a (global) pointer to a PZMonitor, 
- * atomicly create the monitor and initialize the (global) pointer, 
- * if it is not already created/initialized.
- */
-
-SECStatus 
-nss_InitMonitor(PZMonitor **ppMonitor, nssILockType ltype )
-{
-    static PRInt32  initializers;
-
-    PORT_Assert( ppMonitor != NULL);
-
-    /* atomically initialize the lock */
-    while (!*ppMonitor) {
-        PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
-        if (myAttempt == 1) {
-	    *ppMonitor = PZ_NewMonitor(ltype);
-            (void) PR_AtomicDecrement(&initializers);
-            break;
-        }
-        PR_Sleep(PR_INTERVAL_NO_WAIT);          /* PR_Yield() */
-        (void) PR_AtomicDecrement(&initializers);
-    }
-
-    return (*ppMonitor != NULL) ? SECSuccess : SECFailure;
-}
diff --git a/security/nss/lib/util/nsslocks.h b/security/nss/lib/util/nsslocks.h
deleted file mode 100644
index 8510cf6b8..000000000
--- a/security/nss/lib/util/nsslocks.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nsslocks.h - threadsafe functions to initialize lock pointers.
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#ifndef _NSSLOCKS_H_
-#define _NSSLOCKS_H_
-
-#include "seccomon.h"
-#include "nssilock.h"
-#include "prmon.h"
-
-SEC_BEGIN_PROTOS
-
-/* Given the address of a (global) pointer to a PZLock, 
- * atomicly create the lock and initialize the (global) pointer, 
- * if it is not already created/initialized.
- */
-
-extern SECStatus nss_InitLock(   PZLock    **ppLock, nssILockType ltype );
-
-/* Given the address of a (global) pointer to a PZMonitor, 
- * atomicly create the monitor and initialize the (global) pointer, 
- * if it is not already created/initialized.
- */
-
-extern SECStatus nss_InitMonitor(PZMonitor **ppMonitor, nssILockType ltype );
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/util/nssrwlk.c b/security/nss/lib/util/nssrwlk.c
deleted file mode 100644
index 6913b4165..000000000
--- a/security/nss/lib/util/nssrwlk.c
+++ /dev/null
@@ -1,509 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrwlk.h"
-#include "nspr.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Reader-writer lock
- */
-struct nssRWLockStr {
-    PZLock *        rw_lock;
-    char   *        rw_name;            /* lock name                    */
-    PRUint32        rw_rank;            /* rank of the lock             */
-    PRInt32         rw_writer_locks;    /* ==  0, if unlocked           */
-    PRInt32         rw_reader_locks;    /* ==  0, if unlocked           */
-                                        /* > 0  , # of read locks       */
-    PRUint32        rw_waiting_readers; /* number of waiting readers    */
-    PRUint32        rw_waiting_writers; /* number of waiting writers    */
-    PZCondVar *     rw_reader_waitq;    /* cvar for readers             */
-    PZCondVar *     rw_writer_waitq;    /* cvar for writers             */
-    PRThread  *     rw_owner;           /* lock owner for write-lock    */
-                                        /* Non-null if write lock held. */
-};
-
-PR_END_EXTERN_C
-
-#include <string.h>
-
-#ifdef DEBUG_RANK_ORDER
-#define NSS_RWLOCK_RANK_ORDER_DEBUG /* enable deadlock detection using
-                                       rank-order for locks
-                                    */
-#endif
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-static PRUintn  nss_thread_rwlock_initialized;
-static PRUintn  nss_thread_rwlock;               /* TPD key for lock stack */
-static PRUintn  nss_thread_rwlock_alloc_failed;
-
-#define _NSS_RWLOCK_RANK_ORDER_LIMIT 10
-
-typedef struct thread_rwlock_stack {
-    PRInt32     trs_index;                                  /* top of stack */
-    NSSRWLock    *trs_stack[_NSS_RWLOCK_RANK_ORDER_LIMIT];  /* stack of lock
-                                                               pointers */
-} thread_rwlock_stack;
-
-/* forward static declarations. */
-static PRUint32 nssRWLock_GetThreadRank(PRThread *me);
-static void     nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock);
-static void     nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock);
-static void     nssRWLock_ReleaseLockStack(void *lock_stack);
-
-#endif
-
-#define UNTIL(x) while(!(x))
-
-/*
- * Reader/Writer Locks
- */
-
-/*
- * NSSRWLock_New
- *      Create a reader-writer lock, with the given lock rank and lock name
- *
- */
-
-PR_IMPLEMENT(NSSRWLock *)
-NSSRWLock_New(PRUint32 lock_rank, const char *lock_name)
-{
-    NSSRWLock *rwlock;
-
-    rwlock = PR_NEWZAP(NSSRWLock);
-    if (rwlock == NULL)
-        return NULL;
-
-    rwlock->rw_lock = PZ_NewLock(nssILockRWLock);
-    if (rwlock->rw_lock == NULL) {
-	goto loser;
-    }
-    rwlock->rw_reader_waitq = PZ_NewCondVar(rwlock->rw_lock);
-    if (rwlock->rw_reader_waitq == NULL) {
-	goto loser;
-    }
-    rwlock->rw_writer_waitq = PZ_NewCondVar(rwlock->rw_lock);
-    if (rwlock->rw_writer_waitq == NULL) {
-	goto loser;
-    }
-    if (lock_name != NULL) {
-        rwlock->rw_name = (char*) PR_Malloc(strlen(lock_name) + 1);
-        if (rwlock->rw_name == NULL) {
-	    goto loser;
-        }
-        strcpy(rwlock->rw_name, lock_name);
-    } else {
-        rwlock->rw_name = NULL;
-    }
-    rwlock->rw_rank            = lock_rank;
-    rwlock->rw_waiting_readers = 0;
-    rwlock->rw_waiting_writers = 0;
-    rwlock->rw_reader_locks    = 0;
-    rwlock->rw_writer_locks    = 0;
-
-    return rwlock;
-
-loser:
-    NSSRWLock_Destroy(rwlock);
-    return(NULL);
-}
-
-/*
-** Destroy the given RWLock "lock".
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_Destroy(NSSRWLock *rwlock)
-{
-    PR_ASSERT(rwlock != NULL);
-    PR_ASSERT(rwlock->rw_waiting_readers == 0);
-
-    /* XXX Shouldn't we lock the PZLock before destroying this?? */
-
-    if (rwlock->rw_name)
-    	PR_Free(rwlock->rw_name);
-    if (rwlock->rw_reader_waitq)
-    	PZ_DestroyCondVar(rwlock->rw_reader_waitq);
-    if (rwlock->rw_writer_waitq)
-	PZ_DestroyCondVar(rwlock->rw_writer_waitq);
-    if (rwlock->rw_lock)
-	PZ_DestroyLock(rwlock->rw_lock);
-    PR_DELETE(rwlock);
-}
-
-/***********************************************************************
-**  Given the address of a NULL pointer to a NSSRWLock, 
-**  atomically initializes that pointer to a newly created NSSRWLock.
-**  Returns the value placed into that pointer, or NULL.
-**   If the lock cannot be created because of resource constraints, 
-**   the pointer will be left NULL.
-**  
-***********************************************************************/
-PR_IMPLEMENT(NSSRWLock *)
-nssRWLock_AtomicCreate( NSSRWLock  ** prwlock, 
-			PRUint32      lock_rank, 
-			const char *  lock_name)
-{
-    NSSRWLock  *    rwlock;
-    static PRInt32  initializers;
-
-    PR_ASSERT(prwlock != NULL);
-
-    /* atomically initialize the lock */
-    while (NULL == (rwlock = *prwlock)) {
-        PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
-        if (myAttempt == 1) {
-	    *prwlock = rwlock = NSSRWLock_New(lock_rank, lock_name);
-            (void) PR_AtomicDecrement(&initializers);
-            break;
-        }
-        PR_Sleep(PR_INTERVAL_NO_WAIT);          /* PR_Yield() */
-        (void) PR_AtomicDecrement(&initializers);
-    }
-
-    return rwlock;
-}
-
-/*
-** Read-lock the RWLock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_LockRead(NSSRWLock *rwlock)
-{
-    PRThread *me = PR_GetCurrentThread();
-
-    PZ_Lock(rwlock->rw_lock);
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-    /*
-     * assert that rank ordering is not violated; the rank of 'rwlock' should
-     * be equal to or greater than the highest rank of all the locks held by
-     * the thread.
-     */
-    PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
-              (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
-#endif
-    /*
-     * wait if write-locked or if a writer is waiting; preference for writers
-     */
-    UNTIL ( (rwlock->rw_owner == me) ||		  /* I own it, or        */
-	   ((rwlock->rw_owner == NULL) &&	  /* no-one owns it, and */
-	    (rwlock->rw_waiting_writers == 0))) { /* no-one is waiting to own */
-
-	rwlock->rw_waiting_readers++;
-	PZ_WaitCondVar(rwlock->rw_reader_waitq, PR_INTERVAL_NO_TIMEOUT);
-	rwlock->rw_waiting_readers--;
-    }
-    rwlock->rw_reader_locks++; 		/* Increment read-lock count */
-
-    PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-    nssRWLock_SetThreadRank(me, rwlock);/* update thread's lock rank */
-#endif
-}
-
-/* Unlock a Read lock held on this RW lock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_UnlockRead(NSSRWLock *rwlock)
-{
-    PZ_Lock(rwlock->rw_lock);
-
-    PR_ASSERT(rwlock->rw_reader_locks > 0); /* lock must be read locked */
-
-    if ((  rwlock->rw_reader_locks  > 0)  &&	/* caller isn't screwey */
-        (--rwlock->rw_reader_locks == 0)  &&	/* not read locked any more */
-	(  rwlock->rw_owner        == NULL) &&	/* not write locked */
-	(  rwlock->rw_waiting_writers > 0)) {	/* someone's waiting. */
-
-	PZ_NotifyCondVar(rwlock->rw_writer_waitq); /* wake him up. */
-    }
-
-    PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-    /*
-     * update thread's lock rank
-     */
-    nssRWLock_UnsetThreadRank(me, rwlock);
-#endif
-    return;
-}
-
-/*
-** Write-lock the RWLock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_LockWrite(NSSRWLock *rwlock)
-{
-    PRThread *me = PR_GetCurrentThread();
-
-    PZ_Lock(rwlock->rw_lock);
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-    /*
-     * assert that rank ordering is not violated; the rank of 'rwlock' should
-     * be equal to or greater than the highest rank of all the locks held by
-     * the thread.
-     */
-    PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
-                    (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
-#endif
-    /*
-     * wait if read locked or write locked.
-     */
-    PR_ASSERT(rwlock->rw_reader_locks >= 0);
-    PR_ASSERT(me != NULL);
-
-    UNTIL ( (rwlock->rw_owner == me) ||           /* I own write lock, or */
-	   ((rwlock->rw_owner == NULL) &&	  /* no writer   and */
-	    (rwlock->rw_reader_locks == 0))) {    /* no readers, either. */
-
-        rwlock->rw_waiting_writers++;
-        PZ_WaitCondVar(rwlock->rw_writer_waitq, PR_INTERVAL_NO_TIMEOUT);
-        rwlock->rw_waiting_writers--;
-	PR_ASSERT(rwlock->rw_reader_locks >= 0);
-    }
-
-    PR_ASSERT(rwlock->rw_reader_locks == 0);
-    /*
-     * apply write lock
-     */
-    rwlock->rw_owner = me;
-    rwlock->rw_writer_locks++; 		/* Increment write-lock count */
-
-    PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-    /*
-     * update thread's lock rank
-     */
-    nssRWLock_SetThreadRank(me,rwlock);
-#endif
-}
-
-/* Unlock a Read lock held on this RW lock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_UnlockWrite(NSSRWLock *rwlock)
-{
-    PRThread *me = PR_GetCurrentThread();
-
-    PZ_Lock(rwlock->rw_lock);
-    PR_ASSERT(rwlock->rw_owner == me); /* lock must be write-locked by me.  */
-    PR_ASSERT(rwlock->rw_writer_locks > 0); /* lock must be write locked */
-
-    if (  rwlock->rw_owner        == me  &&	/* I own it, and            */
-          rwlock->rw_writer_locks  > 0   &&	/* I own it, and            */
-        --rwlock->rw_writer_locks == 0) {	/* I'm all done with it     */
-
-	rwlock->rw_owner = NULL;		/* I don't own it any more. */
-
-	if (rwlock->rw_reader_locks == 0) { /* no readers, wake up somebody. */
-	    /* Give preference to waiting writers. */
-	    if (rwlock->rw_waiting_writers > 0) 
-		PZ_NotifyCondVar(rwlock->rw_writer_waitq);
-	    else if (rwlock->rw_waiting_readers > 0)
-		PZ_NotifyAllCondVar(rwlock->rw_reader_waitq);
-	}
-    }
-    PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-    /*
-     * update thread's lock rank
-     */
-    nssRWLock_UnsetThreadRank(me, rwlock);
-#endif
-    return;
-}
-
-/* This is primarily for debugging, i.e. for inclusion in ASSERT calls. */
-PR_IMPLEMENT(PRBool)
-NSSRWLock_HaveWriteLock(NSSRWLock *rwlock) {
-    PRBool ownWriteLock;
-    PRThread *me = PR_GetCurrentThread();
-
-    /* This lock call isn't really necessary.
-    ** If this thread is the owner, that fact cannot change during this call,
-    ** because this thread is in this call.
-    ** If this thread is NOT the owner, the owner could change, but it 
-    ** could not become this thread.  
-    */
-#if UNNECESSARY
-    PZ_Lock(rwlock->rw_lock);	
-#endif
-    ownWriteLock = (PRBool)(me == rwlock->rw_owner);
-#if UNNECESSARY
-    PZ_Unlock(rwlock->rw_lock);
-#endif
-    return ownWriteLock;
-}
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-/*
- * nssRWLock_SetThreadRank
- *      Set a thread's lock rank, which is the highest of the ranks of all
- *      the locks held by the thread. Pointers to the locks are added to a
- *      per-thread list, which is anchored off a thread-private data key.
- */
-
-static void
-nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock)
-{
-    thread_rwlock_stack *lock_stack;
-    PRStatus rv;
-
-    /*
-     * allocated thread-private-data for rwlock list, if not already allocated
-     */
-    if (!nss_thread_rwlock_initialized) {
-        /*
-         * allocate tpd, only if not failed already
-         */
-        if (!nss_thread_rwlock_alloc_failed) {
-            if (PR_NewThreadPrivateIndex(&nss_thread_rwlock,
-                                        nssRWLock_ReleaseLockStack)
-                                                == PR_FAILURE) {
-                nss_thread_rwlock_alloc_failed = 1;
-                return;
-            }
-        } else
-            return;
-    }
-    /*
-     * allocate a lock stack
-     */
-    if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL) {
-        lock_stack = (thread_rwlock_stack *)
-                        PR_CALLOC(1 * sizeof(thread_rwlock_stack));
-        if (lock_stack) {
-            rv = PR_SetThreadPrivate(nss_thread_rwlock, lock_stack);
-            if (rv == PR_FAILURE) {
-                PR_DELETE(lock_stack);
-                nss_thread_rwlock_alloc_failed = 1;
-                return;
-            }
-        } else {
-            nss_thread_rwlock_alloc_failed = 1;
-            return;
-        }
-    }
-    /*
-     * add rwlock to lock stack, if limit is not exceeded
-     */
-    if (lock_stack) {
-        if (lock_stack->trs_index < _NSS_RWLOCK_RANK_ORDER_LIMIT)
-            lock_stack->trs_stack[lock_stack->trs_index++] = rwlock;
-    }
-    nss_thread_rwlock_initialized = 1;
-}
-
-static void
-nssRWLock_ReleaseLockStack(void *lock_stack)
-{
-    PR_ASSERT(lock_stack);
-    PR_DELETE(lock_stack);
-}
-
-/*
- * nssRWLock_GetThreadRank
- *
- *      return thread's lock rank. If thread-private-data for the lock
- *      stack is not allocated, return NSS_RWLOCK_RANK_NONE.
- */
-
-static PRUint32
-nssRWLock_GetThreadRank(PRThread *me)
-{
-    thread_rwlock_stack *lock_stack;
-
-    if (nss_thread_rwlock_initialized) {
-        if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL)
-            return (NSS_RWLOCK_RANK_NONE);
-        else
-            return(lock_stack->trs_stack[lock_stack->trs_index - 1]->rw_rank);
-
-    } else
-            return (NSS_RWLOCK_RANK_NONE);
-}
-
-/*
- * nssRWLock_UnsetThreadRank
- *
- *      remove the rwlock from the lock stack. Since locks may not be
- *      unlocked in a FIFO order, the entire lock stack is searched.
- */
-
-static void
-nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock)
-{
-    thread_rwlock_stack *lock_stack;
-    int new_index = 0, index, done = 0;
-
-    if (!nss_thread_rwlock_initialized)
-        return;
-
-    lock_stack = PR_GetThreadPrivate(nss_thread_rwlock);
-
-    PR_ASSERT(lock_stack != NULL);
-
-    index = lock_stack->trs_index - 1;
-    while (index-- >= 0) {
-        if ((lock_stack->trs_stack[index] == rwlock) && !done)  {
-            /*
-             * reset the slot for rwlock
-             */
-            lock_stack->trs_stack[index] = NULL;
-            done = 1;
-        }
-        /*
-         * search for the lowest-numbered empty slot, above which there are
-         * no non-empty slots
-         */
-        if ((lock_stack->trs_stack[index] != NULL) && !new_index)
-            new_index = index + 1;
-        if (done && new_index)
-            break;
-    }
-    /*
-     * set top of stack to highest numbered empty slot
-     */
-    lock_stack->trs_index = new_index;
-
-}
-
-#endif  /* NSS_RWLOCK_RANK_ORDER_DEBUG */
diff --git a/security/nss/lib/util/nssrwlk.h b/security/nss/lib/util/nssrwlk.h
deleted file mode 100644
index 3cad4b72d..000000000
--- a/security/nss/lib/util/nssrwlk.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File:		nsrwlock.h
-** Description:	API to basic reader-writer lock functions of NSS.
-**	These are re-entrant reader writer locks; that is,
-**	If I hold the write lock, I can ask for it and get it again.
-**	If I hold the write lock, I can also ask for and get a read lock.
-**      I can then release the locks in any order (read or write).
-**	I must release each lock type as many times as I acquired it.
-**	Otherwise, these are normal reader/writer locks.
-**
-** For deadlock detection, locks should be ranked, and no lock may be aquired
-** while I hold a lock of higher rank number.
-** If you don't want that feature, always use NSS_RWLOCK_RANK_NONE.
-** Lock name is for debugging, and is optional (may be NULL)
-**/
-
-#ifndef nssrwlk_h___
-#define nssrwlk_h___
-
-#include "prtypes.h"
-#include "nssrwlkt.h"
-
-#define	NSS_RWLOCK_RANK_NONE	0
-
-/* SEC_BEGIN_PROTOS */
-PR_BEGIN_EXTERN_C
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_New
-** DESCRIPTION:
-**  Returns a pointer to a newly created reader-writer lock object.
-** INPUTS:      Lock rank
-**		Lock name
-** OUTPUTS:     void
-** RETURN:      NSSRWLock*
-**   If the lock cannot be created because of resource constraints, NULL
-**   is returned.
-**  
-***********************************************************************/
-PR_EXTERN(NSSRWLock*) NSSRWLock_New(PRUint32 lock_rank, const char *lock_name);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_AtomicCreate
-** DESCRIPTION:
-**  Given the address of a NULL pointer to a NSSRWLock, 
-**  atomically initializes that pointer to a newly created NSSRWLock.
-**  Returns the value placed into that pointer, or NULL.
-**
-** INPUTS:      address of NSRWLock pointer
-**              Lock rank
-**		Lock name
-** OUTPUTS:     NSSRWLock*
-** RETURN:      NSSRWLock*
-**   If the lock cannot be created because of resource constraints, 
-**   the pointer will be left NULL.
-**  
-***********************************************************************/
-PR_EXTERN(NSSRWLock *)
-nssRWLock_AtomicCreate( NSSRWLock  ** prwlock, 
-			PRUint32      lock_rank, 
-			const char *  lock_name);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_Destroy
-** DESCRIPTION:
-**  Destroys a given RW lock object.
-** INPUTS:      NSSRWLock *lock - Lock to be freed.
-** OUTPUTS:     void
-** RETURN:      None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_Destroy(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_LockRead
-** DESCRIPTION:
-**  Apply a read lock (non-exclusive) on a RWLock
-** INPUTS:      NSSRWLock *lock - Lock to be read-locked.
-** OUTPUTS:     void
-** RETURN:      None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_LockRead(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_LockWrite
-** DESCRIPTION:
-**  Apply a write lock (exclusive) on a RWLock
-** INPUTS:      NSSRWLock *lock - Lock to write-locked.
-** OUTPUTS:     void
-** RETURN:      None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_LockWrite(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_UnlockRead
-** DESCRIPTION:
-**  Release a Read lock. Unlocking an unlocked lock has undefined results.
-** INPUTS:      NSSRWLock *lock - Lock to unlocked.
-** OUTPUTS:     void
-** RETURN:      void
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_UnlockRead(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_UnlockWrite
-** DESCRIPTION:
-**  Release a Write lock. Unlocking an unlocked lock has undefined results.
-** INPUTS:      NSSRWLock *lock - Lock to unlocked.
-** OUTPUTS:     void
-** RETURN:      void
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_UnlockWrite(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION:    NSSRWLock_HaveWriteLock
-** DESCRIPTION:
-**  Tells caller whether the current thread holds the write lock, or not.
-** INPUTS:      NSSRWLock *lock - Lock to test.
-** OUTPUTS:     void
-** RETURN:      PRBool	PR_TRUE IFF the current thread holds the write lock.
-***********************************************************************/
-
-PR_EXTERN(PRBool) NSSRWLock_HaveWriteLock(NSSRWLock *rwlock);
-
-/* SEC_END_PROTOS */
-PR_END_EXTERN_C
-
-#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/nssrwlkt.h b/security/nss/lib/util/nssrwlkt.h
deleted file mode 100644
index e4bd37c4a..000000000
--- a/security/nss/lib/util/nssrwlkt.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef nssrwlkt_h___
-#define nssrwlkt_h___
-#include "nssilock.h"
-/*
- * NSSRWLock --
- *
- *	The reader writer lock, NSSRWLock, is an opaque object to the clients
- *	of NSS.  All routines operate on a pointer to this opaque entity.
- */
-
-typedef struct nssRWLockStr NSSRWLock;
-
-
-#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/portreg.c b/security/nss/lib/util/portreg.c
deleted file mode 100644
index 79d13d67c..000000000
--- a/security/nss/lib/util/portreg.c
+++ /dev/null
@@ -1,317 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* 
- * shexp.c: shell-like wildcard match routines
- *
- *
- * See shexp.h for public documentation.
- *
- */
-
-#include "seccomon.h"
-#include "portreg.h"
-
-/* ----------------------------- shexp_valid ------------------------------ */
-
-
-static int 
-_valid_subexp(char *exp, char stop) 
-{
-    register int x,y,t;
-    int nsc,np,tld;
-
-    x=0;nsc=0;tld=0;
-
-    while(exp[x] && (exp[x] != stop)) {
-        switch(exp[x]) {
-          case '~':
-            if(tld) return INVALID_SXP;
-            else ++tld;
-          case '*':
-          case '?':
-          case '^':
-          case '$':
-            ++nsc;
-            break;
-          case '[':
-            ++nsc;
-            if((!exp[++x]) || (exp[x] == ']'))
-                return INVALID_SXP;
-            for(++x;exp[x] && (exp[x] != ']');++x)
-                if(exp[x] == '\\')
-                    if(!exp[++x])
-                        return INVALID_SXP;
-            if(!exp[x])
-                return INVALID_SXP;
-            break;
-          case '(':
-            ++nsc;np = 0;
-            while(1) {
-                if(exp[++x] == ')')
-                    return INVALID_SXP;
-                for(y=x;(exp[y]) && (exp[y] != '|') && (exp[y] != ')');++y)
-                    if(exp[y] == '\\')
-                        if(!exp[++y])
-                            return INVALID_SXP;
-                if(!exp[y])
-                    return INVALID_SXP;
-                if(exp[y] == '|')
-                    ++np;
-                t = _valid_subexp(&exp[x],exp[y]);
-                if(t == INVALID_SXP)
-                    return INVALID_SXP;
-                x+=t;
-                if(exp[x] == ')') {
-                    if(!np)
-                        return INVALID_SXP;
-                    break;
-                }
-            }
-            break;
-          case ')':
-          case ']':
-            return INVALID_SXP;
-          case '\\':
-            if(!exp[++x])
-                return INVALID_SXP;
-          default:
-            break;
-        }
-        ++x;
-    }
-    if((!stop) && (!nsc))
-        return NON_SXP;
-    return ((exp[x] == stop) ? x : INVALID_SXP);
-}
-
-int 
-PORT_RegExpValid(char *exp) 
-{
-    int x;
-
-    x = _valid_subexp(exp, '\0');
-    return (x < 0 ? x : VALID_SXP);
-}
-
-
-/* ----------------------------- shexp_match ----------------------------- */
-
-
-#define MATCH 0
-#define NOMATCH 1
-#define ABORTED -1
-
-static int _shexp_match(char *str, char *exp, PRBool case_insensitive);
-
-static int 
-_handle_union(char *str, char *exp, PRBool case_insensitive) 
-{
-    char *e2 = (char *) PORT_Alloc(sizeof(char)*strlen(exp));
-    register int t,p2,p1 = 1;
-    int cp;
-
-    while(1) {
-        for(cp=1;exp[cp] != ')';cp++)
-            if(exp[cp] == '\\')
-                ++cp;
-        for(p2 = 0;(exp[p1] != '|') && (p1 != cp);p1++,p2++) {
-            if(exp[p1] == '\\')
-                e2[p2++] = exp[p1++];
-            e2[p2] = exp[p1];
-        }
-        for (t=cp+1; ((e2[p2] = exp[t]) != 0); ++t,++p2) {}
-        if(_shexp_match(str,e2, case_insensitive) == MATCH) {
-            PORT_Free(e2);
-            return MATCH;
-        }
-        if(p1 == cp) {
-            PORT_Free(e2);
-            return NOMATCH;
-        }
-        else ++p1;
-    }
-}
-
-
-static int 
-_shexp_match(char *str, char *exp, PRBool case_insensitive) 
-{
-    register int x,y;
-    int ret,neg;
-
-    ret = 0;
-    for(x=0,y=0;exp[y];++y,++x) {
-        if((!str[x]) && (exp[y] != '(') && (exp[y] != '$') && (exp[y] != '*'))
-            ret = ABORTED;
-        else {
-            switch(exp[y]) {
-              case '$':
-                if( (str[x]) )
-                    ret = NOMATCH;
-                else
-                    --x;             /* we don't want loop to increment x */
-                break;
-              case '*':
-                while(exp[++y] == '*'){}
-                if(!exp[y])
-                    return MATCH;
-                while(str[x]) {
-                    switch(_shexp_match(&str[x++],&exp[y], case_insensitive)) {
-                    case NOMATCH:
-                        continue;
-                    case ABORTED:
-                        ret = ABORTED;
-                        break;
-                    default:
-                        return MATCH;
-                    }
-                    break;
-                }
-                if((exp[y] == '$') && (exp[y+1] == '\0') && (!str[x]))
-                    return MATCH;
-                else
-                    ret = ABORTED;
-                break;
-              case '[':
-              	neg = ((exp[++y] == '^') && (exp[y+1] != ']'));
-                if (neg)
-                    ++y;
-                
-                if ((isalnum(exp[y])) && (exp[y+1] == '-') && 
-                   (isalnum(exp[y+2])) && (exp[y+3] == ']'))
-                    {
-                        int start = exp[y], end = exp[y+2];
-                        
-                        /* no safeguards here */
-                        if(neg ^ ((str[x] < start) || (str[x] > end))) {
-                            ret = NOMATCH;
-                            break;
-                        }
-                        y+=3;
-                    }
-                else {
-                    int matched;
-                    
-                    for (matched=0;exp[y] != ']';y++)
-                        matched |= (str[x] == exp[y]);
-                    if (neg ^ (!matched))
-                        ret = NOMATCH;
-                }
-                break;
-              case '(':
-                return _handle_union(&str[x],&exp[y], case_insensitive);
-                break;
-              case '?':
-                break;
-              case '\\':
-                ++y;
-              default:
-				if(case_insensitive)
-				  {
-                    if(toupper(str[x]) != toupper(exp[y]))
-                        ret = NOMATCH;
-				  }
-				else
-				  {
-                    if(str[x] != exp[y])
-                        ret = NOMATCH;
-				  }
-                break;
-            }
-        }
-        if(ret)
-            break;
-    }
-    return (ret ? ret : (str[x] ? NOMATCH : MATCH));
-}
-
-int 
-PORT_RegExpMatch(char *str, char *xp, PRBool case_insensitive) {
-    register int x;
-    char *exp = 0;
-
-    exp = PORT_Strdup(xp);
-
-    if(!exp)
-	return 1;
-
-    for(x=strlen(exp)-1;x;--x) {
-        if((exp[x] == '~') && (exp[x-1] != '\\')) {
-            exp[x] = '\0';
-            if(_shexp_match(str,&exp[++x], case_insensitive) == MATCH)
-                goto punt;
-            break;
-        }
-    }
-    if(_shexp_match(str,exp, PR_FALSE) == MATCH) {
-        PORT_Free(exp);
-        return 0;
-    }
-
-  punt:
-    PORT_Free(exp);
-    return 1;
-}
-
-
-/* ------------------------------ shexp_cmp ------------------------------- */
-
-int 
-PORT_RegExpSearch(char *str, char *exp)
-{
-    switch(PORT_RegExpValid(exp)) 
-	  {
-        case INVALID_SXP:
-            return -1;
-        case NON_SXP:
-            return (strcmp(exp,str) ? 1 : 0);
-        default:
-            return PORT_RegExpMatch(str, exp, PR_FALSE);
-      }
-}
-
-int
-PORT_RegExpCaseSearch(char *str, char *exp)
-{
-    switch(PORT_RegExpValid(exp))
-      {
-        case INVALID_SXP:
-            return -1;
-        case NON_SXP:
-            return (strcmp(exp,str) ? 1 : 0);
-        default:
-            return PORT_RegExpMatch(str, exp, PR_TRUE);
-      }
-}
-
diff --git a/security/nss/lib/util/portreg.h b/security/nss/lib/util/portreg.h
deleted file mode 100644
index 39a2df9d5..000000000
--- a/security/nss/lib/util/portreg.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * shexp.h: Defines and prototypes for shell exp. match routines
- * 
- *
- * This routine will match a string with a shell expression. The expressions
- * accepted are based loosely on the expressions accepted by zsh.
- * 
- * o * matches anything
- * o ? matches one character
- * o \ will escape a special character
- * o $ matches the end of the string
- * o [abc] matches one occurence of a, b, or c. The only character that needs
- *         to be escaped in this is ], all others are not special.
- * o [a-z] matches any character between a and z
- * o [^az] matches any character except a or z
- * o ~ followed by another shell expression will remove any pattern
- *     matching the shell expression from the match list
- * o (foo|bar) will match either the substring foo, or the substring bar.
- *             These can be shell expressions as well.
- * 
- * The public interface to these routines is documented below.
- * 
- */
- 
-#ifndef SHEXP_H
-#define SHEXP_H
-
-/*
- * Requires that the macro MALLOC be set to a "safe" malloc that will 
- * exit if no memory is available. 
- */
-
-
-/* --------------------------- Public routines ---------------------------- */
-
-
-/*
- * shexp_valid takes a shell expression exp as input. It returns:
- * 
- *  NON_SXP      if exp is a standard string
- *  INVALID_SXP  if exp is a shell expression, but invalid
- *  VALID_SXP    if exp is a valid shell expression
- */
-
-#define NON_SXP -1
-#define INVALID_SXP -2
-#define VALID_SXP 1
-
-SEC_BEGIN_PROTOS
-
-extern int PORT_RegExpValid(char *exp);
-
-/* same as above but uses case insensitive search
- */
-extern int PORT_RegExpCaseSearch(char *str, char *exp);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/util/pqgutil.c b/security/nss/lib/util/pqgutil.c
deleted file mode 100644
index 24e1f62fb..000000000
--- a/security/nss/lib/util/pqgutil.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "pqgutil.h"
-#include "prerror.h"
-#include "secitem.h"
-
-#define PQG_DEFAULT_CHUNKSIZE 2048	/* bytes */
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- *                                                                        *
- **************************************************************************/
-
-PQGParams *
-PQG_DupParams(const PQGParams *src)
-{
-    PRArenaPool *arena;
-    PQGParams *dest;
-    SECStatus status;
-
-    if (src == NULL) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return NULL;
-    }
-
-    arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	goto loser;
-
-    dest = (PQGParams*)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
-    if (dest == NULL)
-	goto loser;
-
-    dest->arena = arena;
-
-    status = SECITEM_CopyItem(arena, &dest->prime, &src->prime);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = SECITEM_CopyItem(arena, &dest->subPrime, &src->subPrime);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = SECITEM_CopyItem(arena, &dest->base, &src->base);
-    if (status != SECSuccess)
-	goto loser;
-
-    return dest;
-
-loser:
-    if (arena != NULL)
-	PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-
-PQGParams *
-PQG_NewParams(const SECItem * prime, const SECItem * subPrime, 
-              const SECItem * base)
-{
-    PQGParams *  dest;
-    PQGParams    src;
-
-    src.arena    = NULL;
-    src.prime    = *prime;
-    src.subPrime = *subPrime;
-    src.base     = *base;
-    dest         = PQG_DupParams(&src);
-    return dest;
-}
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime)
-{
-    return SECITEM_CopyItem(NULL, prime, &params->prime);
-}
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime)
-{
-    return SECITEM_CopyItem(NULL, subPrime, &params->subPrime);
-}
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetBaseFromParams(const PQGParams *params, SECItem * base)
-{
-    return SECITEM_CopyItem(NULL, base, &params->base);
-}
-
-/**************************************************************************
- *  Free the PQGParams struct and the things it points to.                *
- **************************************************************************/
-void
-PQG_DestroyParams(PQGParams *params)
-{
-    if (params == NULL) 
-    	return;
-    if (params->arena != NULL) {
-	PORT_FreeArena(params->arena, PR_FALSE);	/* don't zero it */
-    } else {
-	SECITEM_FreeItem(&params->prime,    PR_FALSE); /* don't free prime */
-	SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
-	SECITEM_FreeItem(&params->base,     PR_FALSE); /* don't free base */
-	PORT_Free(params);
-    }
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- **************************************************************************/
-
-PQGVerify *
-PQG_DupVerify(const PQGVerify *src)
-{
-    PRArenaPool *arena;
-    PQGVerify *  dest;
-    SECStatus    status;
-
-    if (src == NULL) {
-	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
-	return NULL;
-    }
-
-    arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
-    if (arena == NULL)
-	goto loser;
-
-    dest = (PQGVerify*)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
-    if (dest == NULL)
-	goto loser;
-
-    dest->arena   = arena;
-    dest->counter = src->counter;
-
-    status = SECITEM_CopyItem(arena, &dest->seed, &src->seed);
-    if (status != SECSuccess)
-	goto loser;
-
-    status = SECITEM_CopyItem(arena, &dest->h, &src->h);
-    if (status != SECSuccess)
-	goto loser;
-
-    return dest;
-
-loser:
-    if (arena != NULL)
-	PORT_FreeArena(arena, PR_FALSE);
-    return NULL;
-}
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-
-PQGVerify *
-PQG_NewVerify(unsigned int counter, const SECItem * seed, const SECItem * h)
-{
-    PQGVerify *  dest;
-    PQGVerify    src;
-
-    src.arena    = NULL;
-    src.counter  = counter;
-    src.seed     = *seed;
-    src.h        = *h;
-    dest         = PQG_DupVerify(&src);
-    return dest;
-}
-
-/**************************************************************************
- * Returns the "counter" value from the PQGVerify.
- **************************************************************************/
-unsigned int
-PQG_GetCounterFromVerify(const PQGVerify *verify)
-{
-    return verify->counter;
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem * seed)
-{
-    return SECITEM_CopyItem(NULL, seed, &verify->seed);
-}
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
- **************************************************************************/
-SECStatus
-PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h)
-{
-    return SECITEM_CopyItem(NULL, h, &verify->h);
-}
-
-/**************************************************************************
- *  Free the PQGVerify struct and the things it points to.                *
- **************************************************************************/
-
-void
-PQG_DestroyVerify(PQGVerify *vfy)
-{
-    if (vfy == NULL) 
-    	return;
-    if (vfy->arena != NULL) {
-	PORT_FreeArena(vfy->arena, PR_FALSE);	/* don't zero it */
-    } else {
-	SECITEM_FreeItem(&vfy->seed,   PR_FALSE); /* don't free seed */
-	SECITEM_FreeItem(&vfy->h,      PR_FALSE); /* don't free h */
-	PORT_Free(vfy);
-    }
-}
diff --git a/security/nss/lib/util/pqgutil.h b/security/nss/lib/util/pqgutil.h
deleted file mode 100644
index 1ceb87803..000000000
--- a/security/nss/lib/util/pqgutil.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _PQGUTIL_H_
-#define _PQGUTIL_H_ 1
-
-#include "blapi.h"
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- **************************************************************************/
-extern PQGParams * PQG_DupParams(const PQGParams *src);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGParams struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGParams * PQG_NewParams(const SECItem * prime, 
-                                 const SECItem * subPrime, 
-                                 const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetPrimeFromParams(const PQGParams *params, 
-                                        SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetSubPrimeFromParams(const PQGParams *params, 
-                                           SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetBaseFromParams(const PQGParams *params, SECItem *base);
-
-
-/**************************************************************************
- *  Free the PQGParams struct and the things it points to.                *
- **************************************************************************/
-extern void PQG_DestroyParams(PQGParams *params);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is a duplicate of     *
- *  the one passed as an argument.                                        *
- *  Return NULL on failure, or if NULL was passed in.                     *
- **************************************************************************/
-extern PQGVerify * PQG_DupVerify(const PQGVerify *src);
-
-
-/**************************************************************************
- *  Return a pointer to a new PQGVerify struct that is constructed from   *
- *  copies of the arguments passed in.                                    *
- *  Return NULL on failure.                                               *
- **************************************************************************/
-extern PQGVerify * PQG_NewVerify(unsigned int counter, const SECItem * seed, 
-                                 const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed);
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);	
- **************************************************************************/
-extern SECStatus PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-
-/**************************************************************************
- *  Free the PQGVerify struct and the things it points to.                *
- **************************************************************************/
-extern void PQG_DestroyVerify(PQGVerify *vfy);
-
-
-#endif
diff --git a/security/nss/lib/util/ret_cr16.s b/security/nss/lib/util/ret_cr16.s
deleted file mode 100644
index d1fffc577..000000000
--- a/security/nss/lib/util/ret_cr16.s
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef __LP64__
-        .LEVEL   2.0W
-#else
-        .LEVEL   1.1
-#endif
-
-	.CODE	; equivalent to the following two lines
-;       .SPACE   $TEXT$,SORT=8
-;       .SUBSPA  $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
-
-ret_cr16
-	.PROC
-	.CALLINFO 	FRAME=0, NO_CALLS
-	.EXPORT 	ret_cr16,ENTRY
-	.ENTER
-;	BV		%r0(%rp)
-	BV		0(%rp)
-	MFCTL		%cr16,%ret0
-        .LEAVE
-        .PROCEND
-        .END
diff --git a/security/nss/lib/util/secalgid.c b/security/nss/lib/util/secalgid.c
deleted file mode 100644
index a9ef62d95..000000000
--- a/security/nss/lib/util/secalgid.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secoid.h"
-#include "secder.h"	/* XXX remove this when remove the DERTemplate */
-#include "secasn1.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/* XXX Old template; want to expunge it eventually. */
-DERTemplate SECAlgorithmIDTemplate[] = {
-    { DER_SEQUENCE,
-	  0, NULL, sizeof(SECAlgorithmID) },
-    { DER_OBJECT_ID,
-	  offsetof(SECAlgorithmID,algorithm), },
-    { DER_OPTIONAL | DER_ANY,
-	  offsetof(SECAlgorithmID,parameters), },
-    { 0, }
-};
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SECAlgorithmID) },
-    { SEC_ASN1_OBJECT_ID,
-	  offsetof(SECAlgorithmID,algorithm), },
-    { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
-	  offsetof(SECAlgorithmID,parameters), },
-    { 0, }
-};
-
-SECOidTag
-SECOID_GetAlgorithmTag(SECAlgorithmID *id)
-{
-    if (id == NULL || id->algorithm.data == NULL)
-	return SEC_OID_UNKNOWN;
-
-    return SECOID_FindOIDTag (&(id->algorithm));
-}
-
-SECStatus
-SECOID_SetAlgorithmID(PRArenaPool *arena, SECAlgorithmID *id, SECOidTag which,
-		      SECItem *params)
-{
-    SECOidData *oiddata;
-    PRBool add_null_param;
-
-    oiddata = SECOID_FindOIDByTag(which);
-    if ( !oiddata ) {
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	return SECFailure;
-    }
-
-    if (SECITEM_CopyItem(arena, &id->algorithm, &oiddata->oid))
-	return SECFailure;
-
-    switch (which) {
-      case SEC_OID_MD2:
-      case SEC_OID_MD4:
-      case SEC_OID_MD5:
-      case SEC_OID_SHA1:
-      case SEC_OID_PKCS1_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
-      case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
-	add_null_param = PR_TRUE;
-	break;
-      default:
-	add_null_param = PR_FALSE;
-	break;
-    }
-
-    if (params) {
-	/*
-	 * I am specifically *not* enforcing the following assertion
-	 * (by following it up with an error and a return of failure)
-	 * because I do not want to introduce any change in the current
-	 * behavior.  But I do want for us to notice if the following is
-	 * ever true, because I do not think it should be so and probably
-	 * signifies an error/bug somewhere.
-	 */
-	PORT_Assert(!add_null_param || (params->len == 2
-					&& params->data[0] == SEC_ASN1_NULL
-					&& params->data[1] == 0));
-	if (SECITEM_CopyItem(arena, &id->parameters, params)) {
-	    return SECFailure;
-	}
-    } else {
-	/*
-	 * Again, this is not considered an error.  But if we assume
-	 * that nobody tries to set the parameters field themselves
-	 * (but always uses this routine to do that), then we should
-	 * not hit the following assertion.  Unless they forgot to zero
-	 * the structure, which could also be a bad (and wrong) thing.
-	 */
-	PORT_Assert(id->parameters.data == NULL);
-
-	if (add_null_param) {
-	    (void) SECITEM_AllocItem(arena, &id->parameters, 2);
-	    if (id->parameters.data == NULL) {
-		return SECFailure;
-	    }
-	    id->parameters.data[0] = SEC_ASN1_NULL;
-	    id->parameters.data[1] = 0;
-	}
-    }
-
-    return SECSuccess;
-}
-
-SECStatus
-SECOID_CopyAlgorithmID(PRArenaPool *arena, SECAlgorithmID *to, SECAlgorithmID *from)
-{
-    SECStatus rv;
-
-    rv = SECITEM_CopyItem(arena, &to->algorithm, &from->algorithm);
-    if (rv) return rv;
-    rv = SECITEM_CopyItem(arena, &to->parameters, &from->parameters);
-    return rv;
-}
-
-void SECOID_DestroyAlgorithmID(SECAlgorithmID *algid, PRBool freeit)
-{
-    SECITEM_FreeItem(&algid->parameters, PR_FALSE);
-    SECITEM_FreeItem(&algid->algorithm, PR_FALSE);
-    if(freeit == PR_TRUE)
-        PORT_Free(algid);
-}
-
-SECComparison
-SECOID_CompareAlgorithmID(SECAlgorithmID *a, SECAlgorithmID *b)
-{
-    SECComparison rv;
-
-    rv = SECITEM_CompareItem(&a->algorithm, &b->algorithm);
-    if (rv) return rv;
-    rv = SECITEM_CompareItem(&a->parameters, &b->parameters);
-    return rv;
-}
-
-/* This functions simply returns the address of the above-declared template. */
-SEC_ASN1_CHOOSER_IMPLEMENT(SECOID_AlgorithmIDTemplate)
-
diff --git a/security/nss/lib/util/secasn1.h b/security/nss/lib/util/secasn1.h
deleted file mode 100644
index 4d5c9971c..000000000
--- a/security/nss/lib/util/secasn1.h
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
- * Encoding Rules).  The routines are found in and used extensively by the
- * security library, but exported for other use.
- *
- * $Id$
- */
-
-#ifndef _SECASN1_H_
-#define _SECASN1_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secasn1t.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * XXX These function prototypes need full, explanatory comments.
- */
-
-/*
-** Decoding.
-*/
-
-extern SEC_ASN1DecoderContext *SEC_ASN1DecoderStart(PRArenaPool *pool,
-						    void *dest,
-						    const SEC_ASN1Template *t);
-
-/* XXX char or unsigned char? */
-extern SECStatus SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
-				       const char *buf,
-				       unsigned long len);
-
-extern SECStatus SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx);
-
-extern void SEC_ASN1DecoderSetFilterProc(SEC_ASN1DecoderContext *cx,
-					 SEC_ASN1WriteProc fn,
-					 void *arg, PRBool no_store);
-
-extern void SEC_ASN1DecoderClearFilterProc(SEC_ASN1DecoderContext *cx);
-
-extern void SEC_ASN1DecoderSetNotifyProc(SEC_ASN1DecoderContext *cx,
-					 SEC_ASN1NotifyProc fn,
-					 void *arg);
-
-extern void SEC_ASN1DecoderClearNotifyProc(SEC_ASN1DecoderContext *cx);
-
-extern SECStatus SEC_ASN1Decode(PRArenaPool *pool, void *dest,
-				const SEC_ASN1Template *t,
-				const char *buf, long len);
-
-extern SECStatus SEC_ASN1DecodeItem(PRArenaPool *pool, void *dest,
-				    const SEC_ASN1Template *t,
-				    SECItem *item);
-/*
-** Encoding.
-*/
-
-extern SEC_ASN1EncoderContext *SEC_ASN1EncoderStart(void *src,
-						    const SEC_ASN1Template *t,
-						    SEC_ASN1WriteProc fn,
-						    void *output_arg);
-
-/* XXX char or unsigned char? */
-extern SECStatus SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
-				       const char *buf,
-				       unsigned long len);
-
-extern void SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
-					 SEC_ASN1NotifyProc fn,
-					 void *arg);
-
-extern void SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx);
-
-extern void sec_ASN1EncoderSetDER(SEC_ASN1EncoderContext *cx);
-
-extern void sec_ASN1EncoderClearDER(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx);
-
-extern SECStatus SEC_ASN1Encode(void *src, const SEC_ASN1Template *t,
-				SEC_ASN1WriteProc output_proc,
-				void *output_arg);
-
-extern SECItem * SEC_ASN1EncodeItem(PRArenaPool *pool, SECItem *dest,
-				    void *src, const SEC_ASN1Template *t);
-
-extern SECItem * SEC_ASN1EncodeInteger(PRArenaPool *pool,
-				       SECItem *dest, long value);
-
-extern SECItem * SEC_ASN1EncodeUnsignedInteger(PRArenaPool *pool,
-					       SECItem *dest,
-					       unsigned long value);
-
-extern SECStatus SEC_ASN1DecodeInteger(SECItem *src,
-				       unsigned long *value);
-
-/*
-** Utilities.
-*/
-
-/*
- * We have a length that needs to be encoded; how many bytes will the
- * encoding take?
- */
-extern int SEC_ASN1LengthLength (unsigned long len);
-
-/* encode the length and return the number of bytes we encoded. Buffer
- * must be pre allocated  */
-extern int SEC_ASN1EncodeLength(unsigned char *buf,int value);
-
-/*
- * Find the appropriate subtemplate for the given template.
- * This may involve calling a "chooser" function, or it may just
- * be right there.  In either case, it is expected to *have* a
- * subtemplate; this is asserted in debug builds (in non-debug
- * builds, NULL will be returned).
- *
- * "thing" is a pointer to the structure being encoded/decoded
- * "encoding", when true, means that we are in the process of encoding
- *	(as opposed to in the process of decoding)
- */
-extern const SEC_ASN1Template *
-SEC_ASN1GetSubtemplate (const SEC_ASN1Template *inTemplate, void *thing,
-			PRBool encoding);
-
-/************************************************************************/
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- *	- a pointer to each one of those
- *	- a set of each one of those
- *	- a sequence of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-extern const SEC_ASN1Template SEC_AnyTemplate[];
-extern const SEC_ASN1Template SEC_BitStringTemplate[];
-extern const SEC_ASN1Template SEC_BMPStringTemplate[];
-extern const SEC_ASN1Template SEC_BooleanTemplate[];
-extern const SEC_ASN1Template SEC_EnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_GeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_IA5StringTemplate[];
-extern const SEC_ASN1Template SEC_IntegerTemplate[];
-extern const SEC_ASN1Template SEC_NullTemplate[];
-extern const SEC_ASN1Template SEC_ObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_OctetStringTemplate[];
-extern const SEC_ASN1Template SEC_PrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_T61StringTemplate[];
-extern const SEC_ASN1Template SEC_UniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_UTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_UTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_VisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_PointerToAnyTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBitStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBooleanTemplate[];
-extern const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_PointerToIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToIntegerTemplate[];
-extern const SEC_ASN1Template SEC_PointerToNullTemplate[];
-extern const SEC_ASN1Template SEC_PointerToObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_PointerToOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToT61StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_SequenceOfAnyTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfNullTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_SetOfAnyTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBitStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBooleanTemplate[];
-extern const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_SetOfIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfIntegerTemplate[];
-extern const SEC_ASN1Template SEC_SetOfNullTemplate[];
-extern const SEC_ASN1Template SEC_SetOfObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_SetOfOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfT61StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[];
-
-/*
- * Template for skipping a subitem; this only makes sense when decoding.
- */
-extern const SEC_ASN1Template SEC_SkipTemplate[];
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs.  Sigh.
-*/
-SEC_ASN1_CHOOSER_DECLARE(SEC_AnyTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BMPStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BooleanTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BitStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_GeneralizedTimeTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_IA5StringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_IntegerTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_NullTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_ObjectIDTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_UTCTimeTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_UTF8StringTemplate)
-
-SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToAnyTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToOctetStringTemplate)
-
-SEC_ASN1_CHOOSER_DECLARE(SEC_SetOfAnyTemplate)
-
-SEC_END_PROTOS
-#endif /* _SECASN1_H_ */
diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c
deleted file mode 100644
index 4bb0e7d3f..000000000
--- a/security/nss/lib/util/secasn1d.c
+++ /dev/null
@@ -1,3027 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for DEcoding ASN.1 data based on BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#include "secasn1.h"
-#include "secerr.h"
-
-typedef enum {
-    beforeIdentifier,
-    duringIdentifier,
-    afterIdentifier,
-    beforeLength,
-    duringLength,
-    afterLength,
-    beforeBitString,
-    duringBitString,
-    duringConstructedString,
-    duringGroup,
-    duringLeaf,
-    duringSaveEncoding,
-    duringSequence,
-    afterConstructedString,
-    afterGroup,
-    afterExplicit,
-    afterImplicit,
-    afterInline,
-    afterPointer,
-    afterSaveEncoding,
-    beforeEndOfContents,
-    duringEndOfContents,
-    afterEndOfContents,
-    beforeChoice,
-    duringChoice,
-    afterChoice,
-    notInUse
-} sec_asn1d_parse_place;
-
-#ifdef DEBUG_ASN1D_STATES
-static const char *place_names[] = {
-    "beforeIdentifier",
-    "duringIdentifier",
-    "afterIdentifier",
-    "beforeLength",
-    "duringLength",
-    "afterLength",
-    "beforeBitString",
-    "duringBitString",
-    "duringConstructedString",
-    "duringGroup",
-    "duringLeaf",
-    "duringSaveEncoding",
-    "duringSequence",
-    "afterConstructedString",
-    "afterGroup",
-    "afterExplicit",
-    "afterImplicit",
-    "afterInline",
-    "afterPointer",
-    "afterSaveEncoding",
-    "beforeEndOfContents",
-    "duringEndOfContents",
-    "afterEndOfContents",
-    "beforeChoice",
-    "duringChoice",
-    "afterChoice",
-    "notInUse"
-};
-#endif /* DEBUG_ASN1D_STATES */
-
-typedef enum {
-    allDone,
-    decodeError,
-    keepGoing,
-    needBytes
-} sec_asn1d_parse_status;
-
-struct subitem {
-    const void *data;
-    unsigned long len;		/* only used for substrings */
-    struct subitem *next;
-};
-
-typedef struct sec_asn1d_state_struct {
-    SEC_ASN1DecoderContext *top;
-    const SEC_ASN1Template *theTemplate;
-    void *dest;
-
-    void *our_mark;	/* free on completion */
-
-    struct sec_asn1d_state_struct *parent;	/* aka prev */
-    struct sec_asn1d_state_struct *child;	/* aka next */
-
-    sec_asn1d_parse_place place;
-
-    /*
-     * XXX explain the next fields as clearly as possible...
-     */
-    unsigned char found_tag_modifiers;
-    unsigned char expect_tag_modifiers;
-    unsigned long check_tag_mask;
-    unsigned long found_tag_number;
-    unsigned long expect_tag_number;
-    unsigned long underlying_kind;
-
-    unsigned long contents_length;
-    unsigned long pending;
-    unsigned long consumed;
-
-    int depth;
-
-    /*
-     * Bit strings have their length adjusted -- the first octet of the
-     * contents contains a value between 0 and 7 which says how many bits
-     * at the end of the octets are not actually part of the bit string;
-     * when parsing bit strings we put that value here because we need it
-     * later, for adjustment of the length (when the whole string is done).
-     */
-    unsigned int bit_string_unused_bits;
-
-    /*
-     * The following are used for indefinite-length constructed strings.
-     */
-    struct subitem *subitems_head;
-    struct subitem *subitems_tail;
-
-    PRPackedBool
-	allocate,	/* when true, need to allocate the destination */
-	endofcontents,	/* this state ended up parsing end-of-contents octets */
-	explicit,	/* we are handling an explicit header */
-	indefinite,	/* the current item has indefinite-length encoding */
-	missing,	/* an optional field that was not present */
-	optional,	/* the template says this field may be omitted */
-	substring;	/* this is a substring of a constructed string */
-
-} sec_asn1d_state;
-
-#define IS_HIGH_TAG_NUMBER(n)	((n) == SEC_ASN1_HIGH_TAG_NUMBER)
-#define LAST_TAG_NUMBER_BYTE(b)	(((b) & 0x80) == 0)
-#define TAG_NUMBER_BITS		7
-#define TAG_NUMBER_MASK		0x7f
-
-#define LENGTH_IS_SHORT_FORM(b)	(((b) & 0x80) == 0)
-#define LONG_FORM_LENGTH(b)	((b) & 0x7f)
-
-#define HIGH_BITS(field,cnt)	((field) >> ((sizeof(field) * 8) - (cnt)))
-
-
-/*
- * An "outsider" will have an opaque pointer to this, created by calling
- * SEC_ASN1DecoderStart().  It will be passed back in to all subsequent
- * calls to SEC_ASN1DecoderUpdate(), and when done it is passed to
- * SEC_ASN1DecoderFinish().
- */
-struct sec_DecoderContext_struct {
-    PRArenaPool *our_pool;		/* for our internal allocs */
-    PRArenaPool *their_pool;		/* for destination structure allocs */
-#ifdef SEC_ASN1D_FREE_ON_ERROR		/*
-					 * XXX see comment below (by same
-					 * ifdef) that explains why this
-					 * does not work (need more smarts
-					 * in order to free back to mark)
-					 */
-    /*
-     * XXX how to make their_mark work in the case where they do NOT
-     * give us a pool pointer?
-     */
-    void *their_mark;			/* free on error */
-#endif
-
-    sec_asn1d_state *current;
-    sec_asn1d_parse_status status;
-
-    SEC_ASN1NotifyProc notify_proc;	/* call before/after handling field */
-    void *notify_arg;			/* argument to notify_proc */
-    PRBool during_notify;		/* true during call to notify_proc */
-
-    SEC_ASN1WriteProc filter_proc;	/* pass field bytes to this  */
-    void *filter_arg;			/* argument to that function */
-    PRBool filter_only;			/* do not allocate/store fields */
-};
-
-
-/*
- * XXX this is a fairly generic function that may belong elsewhere
- */
-static void *
-sec_asn1d_alloc (PRArenaPool *poolp, unsigned long len)
-{
-    void *thing;
-
-    if (poolp != NULL) {
-	/*
-	 * Allocate from the pool.
-	 */
-	thing = PORT_ArenaAlloc (poolp, len);
-    } else {
-	/*
-	 * Allocate generically.
-	 */
-	thing = PORT_Alloc (len);
-    }
-
-    return thing;
-}
-
-
-/*
- * XXX this is a fairly generic function that may belong elsewhere
- */
-static void *
-sec_asn1d_zalloc (PRArenaPool *poolp, unsigned long len)
-{
-    void *thing;
-
-    thing = sec_asn1d_alloc (poolp, len);
-    if (thing != NULL)
-	PORT_Memset (thing, 0, len);
-    return thing;
-}
-
-
-static sec_asn1d_state *
-sec_asn1d_push_state (SEC_ASN1DecoderContext *cx,
-		      const SEC_ASN1Template *theTemplate,
-		      void *dest, PRBool new_depth)
-{
-    sec_asn1d_state *state, *new_state;
-
-    state = cx->current;
-
-    PORT_Assert (state == NULL || state->child == NULL);
-
-    if (state != NULL) {
-	PORT_Assert (state->our_mark == NULL);
-	state->our_mark = PORT_ArenaMark (cx->our_pool);
-    }
-
-    new_state = (sec_asn1d_state*)sec_asn1d_zalloc (cx->our_pool, 
-						    sizeof(*new_state));
-    if (new_state == NULL) {
-	cx->status = decodeError;
-	if (state != NULL) {
-	    PORT_ArenaRelease(cx->our_pool, state->our_mark);
-	    state->our_mark = NULL;
-	}
-	return NULL;
-    }
-
-    new_state->top         = cx;
-    new_state->parent      = state;
-    new_state->theTemplate = theTemplate;
-    new_state->place       = notInUse;
-    if (dest != NULL)
-	new_state->dest = (char *)dest + theTemplate->offset;
-
-    if (state != NULL) {
-	new_state->depth = state->depth;
-	if (new_depth)
-	    new_state->depth++;
-	state->child = new_state;
-    }
-
-    cx->current = new_state;
-    return new_state;
-}
-
-
-static void
-sec_asn1d_scrub_state (sec_asn1d_state *state)
-{
-    /*
-     * Some default "scrubbing".
-     * XXX right set of initializations?
-     */
-    state->place = beforeIdentifier;
-    state->endofcontents = PR_FALSE;
-    state->indefinite = PR_FALSE;
-    state->missing = PR_FALSE;
-    PORT_Assert (state->consumed == 0);
-}
-
-
-static void
-sec_asn1d_notify_before (SEC_ASN1DecoderContext *cx, void *dest, int depth)
-{
-    if (cx->notify_proc == NULL)
-	return;
-
-    cx->during_notify = PR_TRUE;
-    (* cx->notify_proc) (cx->notify_arg, PR_TRUE, dest, depth);
-    cx->during_notify = PR_FALSE;
-}
-
-
-static void
-sec_asn1d_notify_after (SEC_ASN1DecoderContext *cx, void *dest, int depth)
-{
-    if (cx->notify_proc == NULL)
-	return;
-
-    cx->during_notify = PR_TRUE;
-    (* cx->notify_proc) (cx->notify_arg, PR_FALSE, dest, depth);
-    cx->during_notify = PR_FALSE;
-}
-
-
-static sec_asn1d_state *
-sec_asn1d_init_state_based_on_template (sec_asn1d_state *state)
-{
-    PRBool explicit, optional, universal;
-    unsigned char expect_tag_modifiers;
-    unsigned long encode_kind, under_kind;
-    unsigned long check_tag_mask, expect_tag_number;
-
-
-    /* XXX Check that both of these tests are really needed/appropriate. */
-    if (state == NULL || state->top->status == decodeError)
-	return state;
-
-    encode_kind = state->theTemplate->kind;
-
-    if (encode_kind & SEC_ASN1_SAVE) {
-	/*
-	 * This is a "magic" field that saves away all bytes, allowing
-	 * the immediately following field to still be decoded from this
-	 * same spot -- sort of a fork.
-	 */
-	/* check that there are no extraneous bits */
-	PORT_Assert (encode_kind == SEC_ASN1_SAVE);
-	if (state->top->filter_only) {
-	    /*
-	     * If we are not storing, then we do not do the SAVE field
-	     * at all.  Just move ahead to the "real" field instead,
-	     * doing the appropriate notify calls before and after.
-	     */
-	    sec_asn1d_notify_after (state->top, state->dest, state->depth);
-	    /*
-	     * Since we are not storing, allow for our current dest value
-	     * to be NULL.  (This might not actually occur, but right now I
-	     * cannot convince myself one way or the other.)  If it is NULL,
-	     * assume that our parent dest can help us out.
-	     */
-	    if (state->dest == NULL)
-		state->dest = state->parent->dest;
-	    else
-		state->dest = (char *)state->dest - state->theTemplate->offset;
-	    state->theTemplate++;
-	    if (state->dest != NULL)
-		state->dest = (char *)state->dest + state->theTemplate->offset;
-	    sec_asn1d_notify_before (state->top, state->dest, state->depth);
-	    encode_kind = state->theTemplate->kind;
-	    PORT_Assert ((encode_kind & SEC_ASN1_SAVE) == 0);
-	} else {
-	    sec_asn1d_scrub_state (state);
-	    state->place = duringSaveEncoding;
-	    state = sec_asn1d_push_state (state->top, SEC_AnyTemplate,
-					  state->dest, PR_FALSE);
-	    if (state != NULL)
-		state = sec_asn1d_init_state_based_on_template (state);
-	    return state;
-	}
-    }
-
-
-    universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-
-    explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_EXPLICIT;
-
-    optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_OPTIONAL;
-
-    PORT_Assert (!(explicit && universal));	/* bad templates */
-
-    encode_kind &= ~SEC_ASN1_DYNAMIC;
-    encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
-    if( encode_kind & SEC_ASN1_CHOICE ) {
-#if 0	/* XXX remove? */
-      sec_asn1d_state *child = sec_asn1d_push_state(state->top, state->theTemplate, state->dest, PR_FALSE);
-      if( (sec_asn1d_state *)NULL == child ) {
-        return (sec_asn1d_state *)NULL;
-      }
-
-      child->allocate = state->allocate;
-      child->place = beforeChoice;
-      return child;
-#else
-      state->place = beforeChoice;
-      return state;
-#endif
-    }
-
-    if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal
-							      && !explicit)) {
-	const SEC_ASN1Template *subt;
-	void *dest;
-	PRBool child_allocate;
-
-	PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
-
-	sec_asn1d_scrub_state (state);
-	child_allocate = PR_FALSE;
-
-	if (encode_kind & SEC_ASN1_POINTER) {
-	    /*
-	     * A POINTER means we need to allocate the destination for
-	     * this field.  But, since it may also be an optional field,
-	     * we defer the allocation until later; we just record that
-	     * it needs to be done.
-	     *
-	     * There are two possible scenarios here -- one is just a
-	     * plain POINTER (kind of like INLINE, except with allocation)
-	     * and the other is an implicitly-tagged POINTER.  We don't
-	     * need to do anything special here for the two cases, but
-	     * since the template definition can be tricky, we do check
-	     * that there are no extraneous bits set in encode_kind.
-	     *
-	     * XXX The same conditions which assert should set an error.
-	     */
-	    if (universal) {
-		/*
-		 * "universal" means this entry is a standalone POINTER;
-		 * there should be no other bits set in encode_kind.
-		 */
-		PORT_Assert (encode_kind == SEC_ASN1_POINTER);
-	    } else {
-		/*
-		 * If we get here we have an implicitly-tagged field
-		 * that needs to be put into a POINTER.  The subtemplate
-		 * will determine how to decode the field, but encode_kind
-		 * describes the (implicit) tag we are looking for.
-		 * The non-tag bits of encode_kind will be ignored by
-		 * the code below; none of them should be set, however,
-		 * except for the POINTER bit itself -- so check that.
-		 */
-		PORT_Assert ((encode_kind & ~SEC_ASN1_TAG_MASK)
-			     == SEC_ASN1_POINTER);
-	    }
-	    if (!state->top->filter_only)
-		child_allocate = PR_TRUE;
-	    dest = NULL;
-	    state->place = afterPointer;
-	} else {
-	    dest = state->dest;
-	    if (encode_kind & SEC_ASN1_INLINE) {
-		/* check that there are no extraneous bits */
-		PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
-		state->place = afterInline;
-	    } else {
-		state->place = afterImplicit;
-	    }
-	}
-
-	state->optional = optional;
-	subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->dest, PR_FALSE);
-	state = sec_asn1d_push_state (state->top, subt, dest, PR_FALSE);
-	if (state == NULL)
-	    return NULL;
-
-	state->allocate = child_allocate;
-
-	if (universal) {
-	    state = sec_asn1d_init_state_based_on_template (state);
-	    if (state != NULL) {
-		/*
-		 * If this field is optional, we need to record that on
-		 * the pushed child so it won't fail if the field isn't
-		 * found.  I can't think of a way that this new state
-		 * could already have optional set (which we would wipe
-		 * out below if our local optional is not set) -- but
-		 * just to be sure, assert that it isn't set.
-		 */
-		PORT_Assert (!state->optional);
-		state->optional = optional;
-	    }
-	    return state;
-	}
-
-	under_kind = state->theTemplate->kind;
-	under_kind &= ~SEC_ASN1_MAY_STREAM;
-    } else if (explicit) {
-	/*
-	 * For explicit, we only need to match the encoding tag next,
-	 * then we will push another state to handle the entire inner
-	 * part.  In this case, there is no underlying kind which plays
-	 * any part in the determination of the outer, explicit tag.
-	 * So we just set under_kind to 0, which is not a valid tag,
-	 * and the rest of the tag matching stuff should be okay.
-	 */
-	under_kind = 0;
-    } else {
-	/*
-	 * Nothing special; the underlying kind and the given encoding
-	 * information are the same.
-	 */
-	under_kind = encode_kind;
-    }
-
-    /* XXX is this the right set of bits to test here? */
-    PORT_Assert ((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
-				| SEC_ASN1_MAY_STREAM
-				| SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
-
-    if (encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) {
-	PORT_Assert (encode_kind == under_kind);
-	if (encode_kind & SEC_ASN1_SKIP) {
-	    PORT_Assert (!optional);
-	    PORT_Assert (encode_kind == SEC_ASN1_SKIP);
-	    state->dest = NULL;
-	}
-	check_tag_mask = 0;
-	expect_tag_modifiers = 0;
-	expect_tag_number = 0;
-    } else {
-	check_tag_mask = SEC_ASN1_TAG_MASK;
-	expect_tag_modifiers = encode_kind & SEC_ASN1_TAG_MASK
-				& ~SEC_ASN1_TAGNUM_MASK;
-	/*
-	 * XXX This assumes only single-octet identifiers.  To handle
-	 * the HIGH TAG form we would need to do some more work, especially
-	 * in how to specify them in the template, because right now we
-	 * do not provide a way to specify more *tag* bits in encode_kind.
-	 */
-	expect_tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
-	switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
-	  case SEC_ASN1_SET:
-	    /*
-	     * XXX A plain old SET (as opposed to a SET OF) is not implemented.
-	     * If it ever is, remove this assert...
-	     */
-	    PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
-	    /* fallthru */
-	  case SEC_ASN1_SEQUENCE:
-	    expect_tag_modifiers |= SEC_ASN1_CONSTRUCTED;
-	    break;
-	  case SEC_ASN1_BIT_STRING:
-	  case SEC_ASN1_BMP_STRING:
-	  case SEC_ASN1_GENERALIZED_TIME:
-	  case SEC_ASN1_IA5_STRING:
-	  case SEC_ASN1_OCTET_STRING:
-	  case SEC_ASN1_PRINTABLE_STRING:
-	  case SEC_ASN1_T61_STRING:
-	  case SEC_ASN1_UNIVERSAL_STRING:
-	  case SEC_ASN1_UTC_TIME:
-	  case SEC_ASN1_UTF8_STRING:
-	  case SEC_ASN1_VISIBLE_STRING:
-	    check_tag_mask &= ~SEC_ASN1_CONSTRUCTED;
-	    break;
-	}
-    }
-
-    state->check_tag_mask = check_tag_mask;
-    state->expect_tag_modifiers = expect_tag_modifiers;
-    state->expect_tag_number = expect_tag_number;
-    state->underlying_kind = under_kind;
-    state->explicit = explicit;
-    state->optional = optional;
-
-    sec_asn1d_scrub_state (state);
-
-    return state;
-}
-
-
-static unsigned long
-sec_asn1d_parse_identifier (sec_asn1d_state *state,
-			    const char *buf, unsigned long len)
-{
-    unsigned char byte;
-    unsigned char tag_number;
-
-    PORT_Assert (state->place == beforeIdentifier);
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    byte = (unsigned char) *buf;
-    tag_number = byte & SEC_ASN1_TAGNUM_MASK;
-
-    if (IS_HIGH_TAG_NUMBER (tag_number)) {
-	state->place = duringIdentifier;
-	state->found_tag_number = 0;
-	/*
-	 * Actually, we have no idea how many bytes are pending, but we
-	 * do know that it is at least 1.  That is all we know; we have
-	 * to look at each byte to know if there is another, etc.
-	 */
-	state->pending = 1;
-    } else {
-	if (byte == 0 && state->parent != NULL &&
-		    (state->parent->indefinite ||
-			(
-			    (state->parent->place == afterImplicit ||
-			     state->parent->place == afterPointer)
-			    && state->parent->parent != NULL && state->parent->parent->indefinite
-			)
-		    )
-	    ) {
-	    /*
-	     * Our parent has indefinite-length encoding, and the
-	     * entire tag found is 0, so it seems that we have hit the
-	     * end-of-contents octets.  To handle this, we just change
-	     * our state to that which expects to get the bytes of the
-	     * end-of-contents octets and let that code re-read this byte
-	     * so that our categorization of field types is correct.
-	     * After that, our parent will then deal with everything else.
-	     */
-	    state->place = duringEndOfContents;
-	    state->pending = 2;
-	    state->found_tag_number = 0;
-	    state->found_tag_modifiers = 0;
-	    /*
-	     * We might be an optional field that is, as we now find out,
-	     * missing.  Give our parent a clue that this happened.
-	     */
-	    if (state->optional)
-		state->missing = PR_TRUE;
-	    return 0;
-	}
-	state->place = afterIdentifier;
-	state->found_tag_number = tag_number;
-    }
-    state->found_tag_modifiers = byte & ~SEC_ASN1_TAGNUM_MASK;
-
-    return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_identifier (sec_asn1d_state *state,
-				 const char *buf, unsigned long len)
-{
-    unsigned char byte;
-    int count;
-
-    PORT_Assert (state->pending == 1);
-    PORT_Assert (state->place == duringIdentifier);
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    count = 0;
-
-    while (len && state->pending) {
-	if (HIGH_BITS (state->found_tag_number, TAG_NUMBER_BITS) != 0) {
-	    /*
-	     * The given high tag number overflows our container;
-	     * just give up.  This is not likely to *ever* happen.
-	     */
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	    return 0;
-	}
-
-	state->found_tag_number <<= TAG_NUMBER_BITS;
-
-	byte = (unsigned char) buf[count++];
-	state->found_tag_number |= (byte & TAG_NUMBER_MASK);
-
-	len--;
-	if (LAST_TAG_NUMBER_BYTE (byte))
-	    state->pending = 0;
-    }
-
-    if (state->pending == 0)
-	state->place = afterIdentifier;
-
-    return count;
-}
-
-
-static void
-sec_asn1d_confirm_identifier (sec_asn1d_state *state)
-{
-    PRBool match;
-
-    PORT_Assert (state->place == afterIdentifier);
-
-    match = (PRBool)(((state->found_tag_modifiers & state->check_tag_mask)
-	     == state->expect_tag_modifiers)
-	    && ((state->found_tag_number & state->check_tag_mask)
-		== state->expect_tag_number));
-    if (match) {
-	state->place = beforeLength;
-    } else {
-	if (state->optional) {
-	    state->missing = PR_TRUE;
-	    state->place = afterEndOfContents;
-	} else {
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	}
-    }
-}
-
-
-static unsigned long
-sec_asn1d_parse_length (sec_asn1d_state *state,
-			const char *buf, unsigned long len)
-{
-    unsigned char byte;
-
-    PORT_Assert (state->place == beforeLength);
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    /*
-     * The default/likely outcome.  It may get adjusted below.
-     */
-    state->place = afterLength;
-
-    byte = (unsigned char) *buf;
-
-    if (LENGTH_IS_SHORT_FORM (byte)) {
-	state->contents_length = byte;
-    } else {
-	state->contents_length = 0;
-	state->pending = LONG_FORM_LENGTH (byte);
-	if (state->pending == 0) {
-	    state->indefinite = PR_TRUE;
-	} else {
-	    state->place = duringLength;
-	}
-    }
-
-    return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_length (sec_asn1d_state *state,
-			     const char *buf, unsigned long len)
-{
-    int count;
-
-    PORT_Assert (state->pending > 0);
-    PORT_Assert (state->place == duringLength);
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    count = 0;
-
-    while (len && state->pending) {
-	if (HIGH_BITS (state->contents_length, 8) != 0) {
-	    /*
-	     * The given full content length overflows our container;
-	     * just give up.
-	     */
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	    return 0;
-	}
-
-	state->contents_length <<= 8;
-	state->contents_length |= (unsigned char) buf[count++];
-
-	len--;
-	state->pending--;
-    }
-
-    if (state->pending == 0)
-	state->place = afterLength;
-
-    return count;
-}
-
-
-static void
-sec_asn1d_prepare_for_contents (sec_asn1d_state *state)
-{
-    SECItem *item;
-    PRArenaPool *poolp;
-    unsigned long alloc_len;
-
-
-    /*
-     * XXX I cannot decide if this allocation should exclude the case
-     *     where state->endofcontents is true -- figure it out!
-     */
-    if (state->allocate) {
-	void *dest;
-
-	PORT_Assert (state->dest == NULL);
-	/*
-	 * We are handling a POINTER or a member of a GROUP, and need to
-	 * allocate for the data structure.
-	 */
-	dest = sec_asn1d_zalloc (state->top->their_pool,
-				 state->theTemplate->size);
-	if (dest == NULL) {
-	    state->top->status = decodeError;
-	    return;
-	}
-	state->dest = (char *)dest + state->theTemplate->offset;
-
-	/*
-	 * For a member of a GROUP, our parent will later put the
-	 * pointer wherever it belongs.  But for a POINTER, we need
-	 * to record the destination now, in case notify or filter
-	 * procs need access to it -- they cannot find it otherwise,
-	 * until it is too late (for one-pass processing).
-	 */
-	if (state->parent->place == afterPointer) {
-	    void **placep;
-
-	    placep = state->parent->dest;
-	    *placep = dest;
-	}
-    }
-
-    /*
-     * Remember, length may be indefinite here!  In that case,
-     * both contents_length and pending will be zero.
-     */
-    state->pending = state->contents_length;
-
-    /*
-     * An EXPLICIT is nothing but an outer header, which we have
-     * already parsed and accepted.  Now we need to do the inner
-     * header and its contents.
-     */
-    if (state->explicit) {
-	state->place = afterExplicit;
-	state = sec_asn1d_push_state (state->top,
-				      SEC_ASN1GetSubtemplate(state->theTemplate,
-							     state->dest,
-							     PR_FALSE),
-				      state->dest, PR_TRUE);
-	if (state != NULL)
-	    state = sec_asn1d_init_state_based_on_template (state);
-	return;
-    }
-
-    /*
-     * For GROUP (SET OF, SEQUENCE OF), even if we know the length here
-     * we cannot tell how many items we will end up with ... so push a
-     * state that can keep track of "children" (the individual members
-     * of the group; we will allocate as we go and put them all together
-     * at the end.
-     */
-    if (state->underlying_kind & SEC_ASN1_GROUP) {
-	/* XXX If this assertion holds (should be able to confirm it via
-	 * inspection, too) then move this code into the switch statement
-	 * below under cases SET_OF and SEQUENCE_OF; it will be cleaner.
-	 */
-	PORT_Assert (state->underlying_kind == SEC_ASN1_SET_OF
-	   || state->underlying_kind == SEC_ASN1_SEQUENCE_OF
-	   || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF|SEC_ASN1_DYNAMIC)
-	   || state->underlying_kind == (SEC_ASN1_SEQUENCE_OF|SEC_ASN1_DYNAMIC)
-		     );
-	if (state->contents_length != 0 || state->indefinite) {
-	    const SEC_ASN1Template *subt;
-
-	    state->place = duringGroup;
-	    subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->dest,
-					   PR_FALSE);
-	    state = sec_asn1d_push_state (state->top, subt, NULL, PR_TRUE);
-	    if (state != NULL) {
-		if (!state->top->filter_only)
-		    state->allocate = PR_TRUE;	/* XXX propogate this? */
-		/*
-		 * Do the "before" field notification for next in group.
-		 */
-		sec_asn1d_notify_before (state->top, state->dest, state->depth);
-		state = sec_asn1d_init_state_based_on_template (state);
-	    }
-	} else {
-	    /*
-	     * A group of zero; we are done.
-	     * XXX Should we store a NULL here?  Or set state to
-	     * afterGroup and let that code do it?
-	     */
-	    state->place = afterEndOfContents;
-	}
-	return;
-    }
-
-    switch (state->underlying_kind) {
-      case SEC_ASN1_SEQUENCE:
-	/*
-	 * We need to push a child to handle the individual fields.
-	 */
-	state->place = duringSequence;
-	state = sec_asn1d_push_state (state->top, state->theTemplate + 1,
-				      state->dest, PR_TRUE);
-	if (state != NULL) {
-	    /*
-	     * Do the "before" field notification.
-	     */
-	    sec_asn1d_notify_before (state->top, state->dest, state->depth);
-	    state = sec_asn1d_init_state_based_on_template (state);
-	}
-	break;
-
-      case SEC_ASN1_SET:	/* XXX SET is not really implemented */
-	/*
-	 * XXX A plain SET requires special handling; scanning of a
-	 * template to see where a field should go (because by definition,
-	 * they are not in any particular order, and you have to look at
-	 * each tag to disambiguate what the field is).  We may never
-	 * implement this because in practice, it seems to be unused.
-	 */
-	PORT_Assert(0);
-	state->top->status = decodeError;
-	break;
-
-      case SEC_ASN1_NULL:
-	/*
-	 * The NULL type, by definition, is "nothing", content length of zero.
-	 * An indefinite-length encoding is not alloweed.
-	 */
-	if (state->contents_length || state->indefinite) {
-	    state->top->status = decodeError;
-	    break;
-	}
-	if (state->dest != NULL) {
-	    item = (SECItem *)(state->dest);
-	    item->data = NULL;
-	    item->len = 0;
-	}
-	state->place = afterEndOfContents;
-	break;
-
-      case SEC_ASN1_BMP_STRING:
-	/* Error if length is not divisable by 2 */
-	if (state->contents_length % 2) {
-	   state->top->status = decodeError;
-	   break;
-	}   
-	/* otherwise, handle as other string types */
-	goto regular_string_type;
-
-      case SEC_ASN1_UNIVERSAL_STRING:
-	/* Error if length is not divisable by 4 */
-	if (state->contents_length % 4) {
-	   state->top->status = decodeError;
-	   break;
-	}   
-	/* otherwise, handle as other string types */
-	goto regular_string_type;
-
-      case SEC_ASN1_SKIP:
-      case SEC_ASN1_ANY:
-      case SEC_ASN1_ANY_CONTENTS:
-	/*
-	 * These are not (necessarily) strings, but they need nearly
-	 * identical handling (especially when we need to deal with
-	 * constructed sub-pieces), so we pretend they are.
-	 */
-	/* fallthru */
-regular_string_type:
-      case SEC_ASN1_BIT_STRING:
-      case SEC_ASN1_IA5_STRING:
-      case SEC_ASN1_OCTET_STRING:
-      case SEC_ASN1_PRINTABLE_STRING:
-      case SEC_ASN1_T61_STRING:
-      case SEC_ASN1_UTC_TIME:
-      case SEC_ASN1_UTF8_STRING:
-      case SEC_ASN1_VISIBLE_STRING:
-	/*
-	 * We are allocating for a primitive or a constructed string.
-	 * If it is a constructed string, it may also be indefinite-length.
-	 * If it is primitive, the length can (legally) be zero.
-	 * Our first order of business is to allocate the memory for
-	 * the string, if we can (if we know the length).
-	 */
-	item = (SECItem *)(state->dest);
-
-	/*
-	 * If the item is a definite-length constructed string, then
-	 * the contents_length is actually larger than what we need
-	 * (because it also counts each intermediate header which we
-	 * will be throwing away as we go), but it is a perfectly good
-	 * upper bound that we just allocate anyway, and then concat
-	 * as we go; we end up wasting a few extra bytes but save a
-	 * whole other copy.
-	 */
-	alloc_len = state->contents_length;
-	poolp = NULL;	/* quiet compiler warnings about unused... */
-
-	if (item == NULL || state->top->filter_only) {
-	    if (item != NULL) {
-		item->data = NULL;
-		item->len = 0;
-	    }
-	    alloc_len = 0;
-	} else if (state->substring) {
-	    /*
-	     * If we are a substring of a constructed string, then we may
-	     * not have to allocate anything (because our parent, the
-	     * actual constructed string, did it for us).  If we are a
-	     * substring and we *do* have to allocate, that means our
-	     * parent is an indefinite-length, so we allocate from our pool;
-	     * later our parent will copy our string into the aggregated
-	     * whole and free our pool allocation.
-	     */
-	    if (item->data == NULL) {
-		PORT_Assert (item->len == 0);
-		poolp = state->top->our_pool;
-	    } else {
-		alloc_len = 0;
-	    }
-	} else {
-	    item->len = 0;
-	    item->data = NULL;
-	    poolp = state->top->their_pool;
-	}
-
-	if (alloc_len || ((! state->indefinite)
-			  && (state->subitems_head != NULL))) {
-	    struct subitem *subitem;
-	    int len;
-
-	    PORT_Assert (item->len == 0 && item->data == NULL);
-	    /*
-	     * Check for and handle an ANY which has stashed aside the
-	     * header (identifier and length) bytes for us to include
-	     * in the saved contents.
-	     */
-	    if (state->subitems_head != NULL) {
-		PORT_Assert (state->underlying_kind == SEC_ASN1_ANY);
-		for (subitem = state->subitems_head;
-		     subitem != NULL; subitem = subitem->next)
-		    alloc_len += subitem->len;
-	    }
-
-	    item->data = (unsigned char*)sec_asn1d_zalloc (poolp, alloc_len);
-	    if (item->data == NULL) {
-		state->top->status = decodeError;
-		break;
-	    }
-
-	    len = 0;
-	    for (subitem = state->subitems_head;
-		 subitem != NULL; subitem = subitem->next) {
-		PORT_Memcpy (item->data + len, subitem->data, subitem->len);
-		len += subitem->len;
-	    }
-	    item->len = len;
-
-	    /*
-	     * Because we use arenas and have a mark set, we later free
-	     * everything we have allocated, so this does *not* present
-	     * a memory leak (it is just temporarily left dangling).
-	     */
-	    state->subitems_head = state->subitems_tail = NULL;
-	}
-
-	if (state->contents_length == 0 && (! state->indefinite)) {
-	    /*
-	     * A zero-length simple or constructed string; we are done.
-	     */
-	    state->place = afterEndOfContents;
-	} else if (state->found_tag_modifiers & SEC_ASN1_CONSTRUCTED) {
-	    const SEC_ASN1Template *sub;
-
-	    switch (state->underlying_kind) {
-	      case SEC_ASN1_ANY:
-	      case SEC_ASN1_ANY_CONTENTS:
-		sub = SEC_AnyTemplate;
-		break;
-	      case SEC_ASN1_BIT_STRING:
-		sub = SEC_BitStringTemplate;
-		break;
-	      case SEC_ASN1_BMP_STRING:
-		sub = SEC_BMPStringTemplate;
-		break;
-	      case SEC_ASN1_GENERALIZED_TIME:
-		sub = SEC_GeneralizedTimeTemplate;
-		break;
-	      case SEC_ASN1_IA5_STRING:
-		sub = SEC_IA5StringTemplate;
-		break;
-	      case SEC_ASN1_OCTET_STRING:
-		sub = SEC_OctetStringTemplate;
-		break;
-	      case SEC_ASN1_PRINTABLE_STRING:
-		sub = SEC_PrintableStringTemplate;
-		break;
-	      case SEC_ASN1_T61_STRING:
-		sub = SEC_T61StringTemplate;
-		break;
-	      case SEC_ASN1_UNIVERSAL_STRING:
-		sub = SEC_UniversalStringTemplate;
-		break;
-	      case SEC_ASN1_UTC_TIME:
-		sub = SEC_UTCTimeTemplate;
-		break;
-	      case SEC_ASN1_UTF8_STRING:
-		sub = SEC_UTF8StringTemplate;
-		break;
-	      case SEC_ASN1_VISIBLE_STRING:
-		sub = SEC_VisibleStringTemplate;
-		break;
-	      case SEC_ASN1_SKIP:
-		sub = SEC_SkipTemplate;
-		break;
-	      default:		/* redundant given outer switch cases, but */
-		PORT_Assert(0);	/* the compiler does not seem to know that, */
-		sub = NULL;	/* so just do enough to quiet it. */
-		break;
-	    }
-
-	    state->place = duringConstructedString;
-	    state = sec_asn1d_push_state (state->top, sub, item, PR_TRUE);
-	    if (state != NULL) {
-		state->substring = PR_TRUE;	/* XXX propogate? */
-		state = sec_asn1d_init_state_based_on_template (state);
-	    }
-	} else if (state->indefinite) {
-	    /*
-	     * An indefinite-length string *must* be constructed!
-	     */
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	} else {
-	    /*
-	     * A non-zero-length simple string.
-	     */
-	    if (state->underlying_kind == SEC_ASN1_BIT_STRING)
-		state->place = beforeBitString;
-	    else
-		state->place = duringLeaf;
-	}
-	break;
-
-      default:
-	/*
-	 * We are allocating for a simple leaf item.
-	 */
-	if (state->contents_length) {
-	    if (state->dest != NULL) {
-		item = (SECItem *)(state->dest);
-		item->len = 0;
-		if (state->top->filter_only) {
-		    item->data = NULL;
-		} else {
-		    item->data = (unsigned char*)
-		                  sec_asn1d_zalloc (state->top->their_pool,
-						   state->contents_length);
-		    if (item->data == NULL) {
-			state->top->status = decodeError;
-			return;
-		    }
-		}
-	    }
-	    state->place = duringLeaf;
-	} else {
-	    /*
-	     * An indefinite-length or zero-length item is not allowed.
-	     * (All legal cases of such were handled above.)
-	     */
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	}
-    }
-}
-
-
-static void
-sec_asn1d_free_child (sec_asn1d_state *state, PRBool error)
-{
-    if (state->child != NULL) {
-	PORT_Assert (error || state->child->consumed == 0);
-	PORT_Assert (state->our_mark != NULL);
-	PORT_ArenaRelease (state->top->our_pool, state->our_mark);
-	if (error && state->top->their_pool == NULL) {
-	    /*
-	     * XXX We need to free anything allocated.
-	     */
-	    PORT_Assert (0);
-	}
-	state->child = NULL;
-	state->our_mark = NULL;
-    } else {
-	/*
-	 * It is important that we do not leave a mark unreleased/unmarked.
-	 * But I do not think we should ever have one set in this case, only
-	 * if we had a child (handled above).  So check for that.  If this
-	 * assertion should ever get hit, then we probably need to add code
-	 * here to release back to our_mark (and then set our_mark to NULL).
-	 */
-	PORT_Assert (state->our_mark == NULL);
-    }
-    state->place = beforeEndOfContents;
-}
-
-
-static void
-sec_asn1d_reuse_encoding (sec_asn1d_state *state)
-{
-    sec_asn1d_state *child;
-    unsigned long consumed;
-    SECItem *item;
-    void *dest;
-
-
-    child = state->child;
-    PORT_Assert (child != NULL);
-
-    consumed = child->consumed;
-    child->consumed = 0;
-
-    item = (SECItem *)(state->dest);
-    PORT_Assert (item != NULL);
-
-    PORT_Assert (item->len == consumed);
-
-    /*
-     * Free any grandchild.
-     */
-    sec_asn1d_free_child (child, PR_FALSE);
-
-    /*
-     * Notify after the SAVE field.
-     */
-    sec_asn1d_notify_after (state->top, state->dest, state->depth);
-
-    /*
-     * Adjust to get new dest and move forward.
-     */
-    dest = (char *)state->dest - state->theTemplate->offset;
-    state->theTemplate++;
-    child->dest = (char *)dest + state->theTemplate->offset;
-    child->theTemplate = state->theTemplate;
-
-    /*
-     * Notify before the "real" field.
-     */
-    PORT_Assert (state->depth == child->depth);
-    sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
-    /*
-     * This will tell DecoderUpdate to return when it is done.
-     */
-    state->place = afterSaveEncoding;
-
-    /*
-     * We already have a child; "push" it by making it current.
-     */
-    state->top->current = child;
-
-    /*
-     * And initialize it so it is ready to parse.
-     */
-    (void) sec_asn1d_init_state_based_on_template(child);
-
-    /*
-     * Now parse that out of our data.
-     */
-    if (SEC_ASN1DecoderUpdate (state->top,
-			       (char *) item->data, item->len) != SECSuccess)
-	return;
-
-    PORT_Assert (state->top->current == state);
-    PORT_Assert (state->child == child);
-
-    /*
-     * That should have consumed what we consumed before.
-     */
-    PORT_Assert (consumed == child->consumed);
-    child->consumed = 0;
-
-    /*
-     * Done.
-     */
-    state->consumed += consumed;
-    child->place = notInUse;
-    state->place = afterEndOfContents;
-}
-
-
-static unsigned long
-sec_asn1d_parse_leaf (sec_asn1d_state *state,
-		      const char *buf, unsigned long len)
-{
-    SECItem *item;
-    unsigned long bufLen;
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    if (state->pending < len)
-	len = state->pending;
-
-    bufLen = len;
-
-    item = (SECItem *)(state->dest);
-    if (item != NULL && item->data != NULL) {
-	/* Strip leading zeroes when target is unsigned integer */
-	if (state->underlying_kind == SEC_ASN1_INTEGER && /* INTEGER   */
-	    item->len == 0 &&                             /* MSB       */
-	    item->type == siUnsignedInteger)              /* unsigned  */
-	{
-	    while (len > 1 && buf[0] == 0) {              /* leading 0 */
-		buf++;
-		len--;
-	    }
-	}
-	PORT_Memcpy (item->data + item->len, buf, len);
-	item->len += len;
-    }
-    state->pending -= bufLen;
-    if (state->pending == 0)
-	state->place = beforeEndOfContents;
-
-    return bufLen;
-}
-
-
-static unsigned long
-sec_asn1d_parse_bit_string (sec_asn1d_state *state,
-			    const char *buf, unsigned long len)
-{
-    unsigned char byte;
-
-    /*PORT_Assert (state->pending > 0); */
-    PORT_Assert (state->place == beforeBitString);
-
-    if (state->pending == 0) {
-	if (state->dest != NULL) {
-	    SECItem *item = (SECItem *)(state->dest);
-	    item->data = NULL;
-	    item->len = 0;
-	    state->place = beforeEndOfContents;
-	    return 0;
-	}
-    }
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    byte = (unsigned char) *buf;
-    if (byte > 7) {
-	PORT_SetError (SEC_ERROR_BAD_DER);
-	state->top->status = decodeError;
-	return 0;
-    }
-
-    state->bit_string_unused_bits = byte;
-    state->place = duringBitString;
-    state->pending -= 1;
-
-    return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_bit_string (sec_asn1d_state *state,
-				 const char *buf, unsigned long len)
-{
-    PORT_Assert (state->pending > 0);
-    PORT_Assert (state->place == duringBitString);
-
-    len = sec_asn1d_parse_leaf (state, buf, len);
-    if (state->place == beforeEndOfContents && state->dest != NULL) {
-	SECItem *item;
-
-	item = (SECItem *)(state->dest);
-	if (item->len)
-	    item->len = (item->len << 3) - state->bit_string_unused_bits;
-    }
-
-    return len;
-}
-
-
-/*
- * XXX All callers should be looking at return value to detect
- * out-of-memory errors (and stop!).
- */
-static struct subitem *
-sec_asn1d_add_to_subitems (sec_asn1d_state *state,
-			   const void *data, unsigned long len,
-			   PRBool copy_data)
-{
-    struct subitem *thing;
-
-    thing = (struct subitem*)sec_asn1d_zalloc (state->top->our_pool,
-				sizeof (struct subitem));
-    if (thing == NULL) {
-	state->top->status = decodeError;
-	return NULL;
-    }
-
-    if (copy_data) {
-	void *copy;
-	copy = sec_asn1d_alloc (state->top->our_pool, len);
-	if (copy == NULL) {
-	    state->top->status = decodeError;
-	    return NULL;
-	}
-	PORT_Memcpy (copy, data, len);
-	thing->data = copy;
-    } else {
-	thing->data = data;
-    }
-    thing->len = len;
-    thing->next = NULL;
-
-    if (state->subitems_head == NULL) {
-	PORT_Assert (state->subitems_tail == NULL);
-	state->subitems_head = state->subitems_tail = thing;
-    } else {
-	state->subitems_tail->next = thing;
-	state->subitems_tail = thing;
-    }
-
-    return thing;
-}
-
-
-static void
-sec_asn1d_record_any_header (sec_asn1d_state *state,
-			     const char *buf,
-			     unsigned long len)
-{
-    SECItem *item;
-
-    item = (SECItem *)(state->dest);
-    if (item != NULL && item->data != NULL) {
-	PORT_Assert (state->substring);
-	PORT_Memcpy (item->data + item->len, buf, len);
-	item->len += len;
-    } else {
-	sec_asn1d_add_to_subitems (state, buf, len, PR_TRUE);
-    }
-}
-
-
-/*
- * We are moving along through the substrings of a constructed string,
- * and have just finished parsing one -- we need to save our child data
- * (if the child was not already writing directly into the destination)
- * and then move forward by one.
- *
- * We also have to detect when we are done:
- *	- a definite-length encoding stops when our pending value hits 0
- *	- an indefinite-length encoding stops when our child is empty
- *	  (which means it was the end-of-contents octets)
- */
-static void
-sec_asn1d_next_substring (sec_asn1d_state *state)
-{
-    sec_asn1d_state *child;
-    SECItem *item;
-    unsigned long child_consumed;
-    PRBool done;
-
-    PORT_Assert (state->place == duringConstructedString);
-    PORT_Assert (state->child != NULL);
-
-    child = state->child;
-
-    child_consumed = child->consumed;
-    child->consumed = 0;
-    state->consumed += child_consumed;
-
-    done = PR_FALSE;
-
-    if (state->pending) {
-	PORT_Assert (!state->indefinite);
-	if( child_consumed > state->pending ) {
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	    return;
-	}
-
-	state->pending -= child_consumed;
-	if (state->pending == 0)
-	    done = PR_TRUE;
-    } else {
-	PORT_Assert (state->indefinite);
-
-	item = (SECItem *)(child->dest);
-	if (item != NULL && item->data != NULL) {
-	    /*
-	     * Save the string away for later concatenation.
-	     */
-	    PORT_Assert (item->data != NULL);
-	    sec_asn1d_add_to_subitems (state, item->data, item->len, PR_FALSE);
-	    /*
-	     * Clear the child item for the next round.
-	     */
-	    item->data = NULL;
-	    item->len = 0;
-	}
-
-	/*
-	 * If our child was just our end-of-contents octets, we are done.
-	 */
-	if (child->endofcontents)
-	    done = PR_TRUE;
-    }
-
-    /*
-     * Stop or do the next one.
-     */
-    if (done) {
-	child->place = notInUse;
-	state->place = afterConstructedString;
-    } else {
-	sec_asn1d_scrub_state (child);
-	state->top->current = child;
-    }
-}
-
-
-/*
- * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
- */
-static void
-sec_asn1d_next_in_group (sec_asn1d_state *state)
-{
-    sec_asn1d_state *child;
-    unsigned long child_consumed;
-
-    PORT_Assert (state->place == duringGroup);
-    PORT_Assert (state->child != NULL);
-
-    child = state->child;
-
-    child_consumed = child->consumed;
-    child->consumed = 0;
-    state->consumed += child_consumed;
-
-    /*
-     * If our child was just our end-of-contents octets, we are done.
-     */
-    if (child->endofcontents) {
-	/* XXX I removed the PORT_Assert (child->dest == NULL) because there
-	 * was a bug in that a template that was a sequence of which also had
-	 * a child of a sequence of, in an indefinite group was not working 
-	 * properly.  This fix seems to work, (added the if statement below),
-	 * and nothing appears broken, but I am putting this note here just
-	 * in case. */
-	/*
-	 * XXX No matter how many times I read that comment,
-	 * I cannot figure out what case he was fixing.  I believe what he
-	 * did was deliberate, so I am loathe to touch it.  I need to
-	 * understand how it could ever be that child->dest != NULL but
-	 * child->endofcontents is true, and why it is important to check
-	 * that state->subitems_head is NULL.  This really needs to be
-	 * figured out, as I am not sure if the following code should be
-	 * compensating for "offset", as is done a little farther below
-	 * in the more normal case.
-	 */
-	PORT_Assert (state->indefinite);
-	PORT_Assert (state->pending == 0);
-	if(child->dest && !state->subitems_head) {
-	    sec_asn1d_add_to_subitems (state, child->dest, 0, PR_FALSE);
-	    child->dest = NULL;
-	}
-
-	child->place = notInUse;
-	state->place = afterGroup;
-	return;
-    }
-
-    /* 
-     * Do the "after" field notification for next in group.
-     */
-    sec_asn1d_notify_after (state->top, child->dest, child->depth);
-
-    /*
-     * Save it away (unless we are not storing).
-     */
-    if (child->dest != NULL) {
-	void *dest;
-
-	dest = child->dest;
-	dest = (char *)dest - child->theTemplate->offset;
-	sec_asn1d_add_to_subitems (state, dest, 0, PR_FALSE);
-	child->dest = NULL;
-    }
-
-    /*
-     * Account for those bytes; see if we are done.
-     */
-    if (state->pending) {
-	PORT_Assert (!state->indefinite);
-	if( child_consumed > state->pending ) {
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	    return;
-	}
-
-	state->pending -= child_consumed;
-	if (state->pending == 0) {
-	    child->place = notInUse;
-	    state->place = afterGroup;
-	    return;
-	}
-    }
-
-    /*
-     * Do the "before" field notification for next item in group.
-     */
-    sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
-    /*
-     * Now we do the next one.
-     */
-    sec_asn1d_scrub_state (child);
-
-    /* Initialize child state from the template */
-    sec_asn1d_init_state_based_on_template(child);
-
-    state->top->current = child;
-}
-
-
-/*
- * We are moving along through a sequence; move forward by one,
- * (detecting end-of-sequence when it happens).
- * XXX The handling of "missing" is ugly.  Fix it.
- */
-static void
-sec_asn1d_next_in_sequence (sec_asn1d_state *state)
-{
-    sec_asn1d_state *child;
-    unsigned long child_consumed;
-    PRBool child_missing;
-
-    PORT_Assert (state->place == duringSequence);
-    PORT_Assert (state->child != NULL);
-
-    child = state->child;
-
-    /*
-     * Do the "after" field notification.
-     */
-    sec_asn1d_notify_after (state->top, child->dest, child->depth);
-
-    child_missing = (PRBool) child->missing;
-    child_consumed = child->consumed;
-    child->consumed = 0;
-
-    /*
-     * Take care of accounting.
-     */
-    if (child_missing) {
-	PORT_Assert (child->optional);
-    } else {
-	state->consumed += child_consumed;
-	/*
-	 * Free any grandchild.
-	 */
-	sec_asn1d_free_child (child, PR_FALSE);
-	if (state->pending) {
-	    PORT_Assert (!state->indefinite);
-	    if( child_consumed > state->pending ) {
-		PORT_SetError (SEC_ERROR_BAD_DER);
-		state->top->status = decodeError;
-		return;
-	    }
-	    state->pending -= child_consumed;
-	    if (state->pending == 0) {
-		child->theTemplate++;
-		while (child->theTemplate->kind != 0) {
-		    if ((child->theTemplate->kind & SEC_ASN1_OPTIONAL) == 0) {
-			PORT_SetError (SEC_ERROR_BAD_DER);
-			state->top->status = decodeError;
-			return;
-		    }
-		    child->theTemplate++;
-		}
-		child->place = notInUse;
-		state->place = afterEndOfContents;
-		return;
-	    }
-	}
-    }
-
-    /*
-     * Move forward.
-     */
-    child->theTemplate++;
-    if (child->theTemplate->kind == 0) {
-	/*
-	 * We are done with this sequence.
-	 */
-	child->place = notInUse;
-	if (state->pending) {
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	} else if (child_missing) {
-	    /*
-	     * We got to the end, but have a child that started parsing
-	     * and ended up "missing".  The only legitimate reason for
-	     * this is that we had one or more optional fields at the
-	     * end of our sequence, and we were encoded indefinite-length,
-	     * so when we went looking for those optional fields we
-	     * found our end-of-contents octets instead.
-	     * (Yes, this is ugly; dunno a better way to handle it.)
-	     * So, first confirm the situation, and then mark that we
-	     * are done.
-	     */
-	    if (state->indefinite && child->endofcontents) {
-		PORT_Assert (child_consumed == 2);
-		if( child_consumed != 2 ) {
-		    PORT_SetError (SEC_ERROR_BAD_DER);
-		    state->top->status = decodeError;
-		} else {
-		    state->consumed += child_consumed;
-		    state->place = afterEndOfContents;
-		}
-	    } else {
-		PORT_SetError (SEC_ERROR_BAD_DER);
-		state->top->status = decodeError;
-	    }
-	} else {
-	    /*
-	     * We have to finish out, maybe reading end-of-contents octets;
-	     * let the normal logic do the right thing.
-	     */
-	    state->place = beforeEndOfContents;
-	}
-    } else {
-	unsigned char child_found_tag_modifiers = 0;
-	unsigned long child_found_tag_number = 0;
-
-	/*
-	 * Reset state and push.
-	 */
-	if (state->dest != NULL)
-	    child->dest = (char *)state->dest + child->theTemplate->offset;
-
-	/*
-	 * Do the "before" field notification.
-	 */
-	sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
-	if (child_missing) { /* if previous child was missing, copy the tag data we already have */
-	    child_found_tag_modifiers = child->found_tag_modifiers;
-	    child_found_tag_number = child->found_tag_number;
-	}
-	state->top->current = child;
-	child = sec_asn1d_init_state_based_on_template (child);
-	if (child_missing) {
-	    child->place = afterIdentifier;
-	    child->found_tag_modifiers = child_found_tag_modifiers;
-	    child->found_tag_number = child_found_tag_number;
-	    child->consumed = child_consumed;
-	    if (child->underlying_kind == SEC_ASN1_ANY
-		&& !child->top->filter_only) {
-		/*
-		 * If the new field is an ANY, and we are storing, then
-		 * we need to save the tag out.  We would have done this
-		 * already in the normal case, but since we were looking
-		 * for an optional field, and we did not find it, we only
-		 * now realize we need to save the tag.
-		 */
-		unsigned char identifier;
-
-		/*
-		 * Check that we did not end up with a high tag; for that
-		 * we need to re-encode the tag into multiple bytes in order
-		 * to store it back to look like what we parsed originally.
-		 * In practice this does not happen, but for completeness
-		 * sake it should probably be made to work at some point.
-		 */
-		PORT_Assert (child_found_tag_number < SEC_ASN1_HIGH_TAG_NUMBER);
-		identifier = child_found_tag_modifiers | child_found_tag_number;
-		sec_asn1d_record_any_header (child, (char *) &identifier, 1);
-	    }
-	}
-    }
-}
-
-
-static void
-sec_asn1d_concat_substrings (sec_asn1d_state *state)
-{
-    PORT_Assert (state->place == afterConstructedString);
-
-    if (state->subitems_head != NULL) {
-	struct subitem *substring;
-	unsigned long alloc_len, item_len;
-	unsigned char *where;
-	SECItem *item;
-	PRBool is_bit_string;
-
-	item_len = 0;
-	is_bit_string = (state->underlying_kind == SEC_ASN1_BIT_STRING)
-			? PR_TRUE : PR_FALSE;
-
-	substring = state->subitems_head;
-	while (substring != NULL) {
-	    /*
-	     * All bit-string substrings except the last one should be
-	     * a clean multiple of 8 bits.
-	     */
-	    if (is_bit_string && (substring->next == NULL)
-			      && (substring->len & 0x7)) {
-		PORT_SetError (SEC_ERROR_BAD_DER);
-		state->top->status = decodeError;
-		return;
-	    }
-	    item_len += substring->len;
-	    substring = substring->next;
-	}
-
-	if (is_bit_string) {
-#ifdef XP_WIN16		/* win16 compiler gets an internal error otherwise */
-	    alloc_len = (((long)item_len + 7) / 8);
-#else
-	    alloc_len = ((item_len + 7) >> 3);
-#endif
-	} else {
-	    /*
-	     * Add 2 for the end-of-contents octets of an indefinite-length
-	     * ANY that is *not* also an INNER.  Because we zero-allocate
-	     * below, all we need to do is increase the length here.
-	     */
-	    if (state->underlying_kind == SEC_ASN1_ANY && state->indefinite)
-		item_len += 2; 
-	    alloc_len = item_len;
-	}
-
-	item = (SECItem *)(state->dest);
-	PORT_Assert (item != NULL);
-	PORT_Assert (item->data == NULL);
-	item->data = (unsigned char*)sec_asn1d_zalloc (state->top->their_pool, 
-						       alloc_len);
-	if (item->data == NULL) {
-	    state->top->status = decodeError;
-	    return;
-	}
-	item->len = item_len;
-
-	where = item->data;
-	substring = state->subitems_head;
-	while (substring != NULL) {
-	    if (is_bit_string)
-		item_len = (substring->len + 7) >> 3;
-	    else
-		item_len = substring->len;
-	    PORT_Memcpy (where, substring->data, item_len);
-	    where += item_len;
-	    substring = substring->next;
-	}
-
-	/*
-	 * Because we use arenas and have a mark set, we later free
-	 * everything we have allocated, so this does *not* present
-	 * a memory leak (it is just temporarily left dangling).
-	 */
-	state->subitems_head = state->subitems_tail = NULL;
-    }
-
-    state->place = afterEndOfContents;
-}
-
-
-static void
-sec_asn1d_concat_group (sec_asn1d_state *state)
-{
-    const void ***placep;
-
-    PORT_Assert (state->place == afterGroup);
-
-    placep = (const void***)state->dest;
-    if (state->subitems_head != NULL) {
-	struct subitem *item;
-	const void **group;
-	int count;
-
-	count = 0;
-	item = state->subitems_head;
-	while (item != NULL) {
-	    PORT_Assert (item->next != NULL || item == state->subitems_tail);
-	    count++;
-	    item = item->next;
-	}
-
-	group = (const void**)sec_asn1d_zalloc (state->top->their_pool,
-				  (count + 1) * (sizeof(void *)));
-	if (group == NULL) {
-	    state->top->status = decodeError;
-	    return;
-	}
-
-	PORT_Assert (placep != NULL);
-	*placep = group;
-
-	item = state->subitems_head;
-	while (item != NULL) {
-	    *group++ = item->data;
-	    item = item->next;
-	}
-	*group = NULL;
-
-	/*
-	 * Because we use arenas and have a mark set, we later free
-	 * everything we have allocated, so this does *not* present
-	 * a memory leak (it is just temporarily left dangling).
-	 */
-	state->subitems_head = state->subitems_tail = NULL;
-    } else if (placep != NULL) {
-	*placep = NULL;
-    }
-
-    state->place = afterEndOfContents;
-}
-
-
-/*
- * For those states that push a child to handle a subtemplate,
- * "absorb" that child (transfer necessary information).
- */
-static void
-sec_asn1d_absorb_child (sec_asn1d_state *state)
-{
-    /*
-     * There is absolutely supposed to be a child there.
-     */
-    PORT_Assert (state->child != NULL);
-
-    /*
-     * Inherit the missing status of our child, and do the ugly
-     * backing-up if necessary.
-     * (Only IMPLICIT or POINTER should encounter such; all other cases
-     * should have confirmed a tag *before* pushing a child.)
-     */
-    state->missing = state->child->missing;
-    if (state->missing) {
-	PORT_Assert (state->place == afterImplicit
-		     || state->place == afterPointer);
-	state->found_tag_number = state->child->found_tag_number;
-	state->found_tag_modifiers = state->child->found_tag_modifiers;
-	state->endofcontents = state->child->endofcontents;
-    }
-
-    /*
-     * Add in number of bytes consumed by child.
-     * (Only EXPLICIT should have already consumed bytes itself.)
-     */
-    PORT_Assert (state->place == afterExplicit || state->consumed == 0);
-    state->consumed += state->child->consumed;
-
-    /*
-     * Subtract from bytes pending; this only applies to a definite-length
-     * EXPLICIT field.
-     */
-    if (state->pending) {
-	PORT_Assert (!state->indefinite);
-	PORT_Assert (state->place == afterExplicit);
-
-	/*
-	 * If we had a definite-length explicit, then what the child
-	 * consumed should be what was left pending.
-	 */
-	if (state->pending != state->child->consumed) {
-	    if (state->pending < state->child->consumed) {
-		PORT_SetError (SEC_ERROR_BAD_DER);
-		state->top->status = decodeError;
-		return;
-	    }
-	    /*
-	     * Okay, this is a hack.  It *should* be an error whether
-	     * pending is too big or too small, but it turns out that
-	     * we had a bug in our *old* DER encoder that ended up
-	     * counting an explicit header twice in the case where
-	     * the underlying type was an ANY.  So, because we cannot
-	     * prevent receiving these (our own certificate server can
-	     * send them to us), we need to be lenient and accept them.
-	     * To do so, we need to pretend as if we read all of the
-	     * bytes that the header said we would find, even though
-	     * we actually came up short.
-	     */
-	    state->consumed += (state->pending - state->child->consumed);
-	}
-	state->pending = 0;
-    }
-
-    /*
-     * Indicate that we are done with child.
-     */
-    state->child->consumed = 0;
-
-    /*
-     * And move on to final state.
-     * (Technically everybody could move to afterEndOfContents except
-     * for an indefinite-length EXPLICIT; for simplicity though we assert
-     * that but let the end-of-contents code do the real determination.)
-     */
-    PORT_Assert (state->place == afterExplicit || (! state->indefinite));
-    state->place = beforeEndOfContents;
-}
-
-
-static void
-sec_asn1d_prepare_for_end_of_contents (sec_asn1d_state *state)
-{
-    PORT_Assert (state->place == beforeEndOfContents);
-
-    if (state->indefinite) {
-	state->place = duringEndOfContents;
-	state->pending = 2;
-    } else {
-	state->place = afterEndOfContents;
-    }
-}
-
-
-static unsigned long
-sec_asn1d_parse_end_of_contents (sec_asn1d_state *state,
-				 const char *buf, unsigned long len)
-{
-    int i;
-
-    PORT_Assert (state->pending <= 2);
-    PORT_Assert (state->place == duringEndOfContents);
-
-    if (len == 0) {
-	state->top->status = needBytes;
-	return 0;
-    }
-
-    if (state->pending < len)
-	len = state->pending;
-
-    for (i = 0; i < len; i++) {
-	if (buf[i] != 0) {
-	    /*
-	     * We expect to find only zeros; if not, just give up.
-	     */
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    state->top->status = decodeError;
-	    return 0;
-	}
-    }
-
-    state->pending -= len;
-
-    if (state->pending == 0) {
-	state->place = afterEndOfContents;
-	state->endofcontents = PR_TRUE;
-    }
-
-    return len;
-}
-
-
-static void
-sec_asn1d_pop_state (sec_asn1d_state *state)
-{
-#if 0	/* XXX I think this should always be handled explicitly by parent? */
-    /*
-     * Account for our child.
-     */
-    if (state->child != NULL) {
-	state->consumed += state->child->consumed;
-	if (state->pending) {
-	    PORT_Assert (!state->indefinite);
-	    if( state->child->consumed > state->pending ) {
-		PORT_SetError (SEC_ERROR_BAD_DER);
-		state->top->status = decodeError;
-	    } else {
-		state->pending -= state->child->consumed;
-	    }
-	}
-	state->child->consumed = 0;
-    }
-#endif	/* XXX */
-
-    /*
-     * Free our child.
-     */
-    sec_asn1d_free_child (state, PR_FALSE);
-
-    /*
-     * Just make my parent be the current state.  It will then clean
-     * up after me and free me (or reuse me).
-     */
-    state->top->current = state->parent;
-}
-
-static sec_asn1d_state *
-sec_asn1d_before_choice
-(
-  sec_asn1d_state *state
-)
-{
-  sec_asn1d_state *child;
-
-  if( state->allocate ) {
-    void *dest;
-
-    dest = sec_asn1d_zalloc(state->top->their_pool, state->theTemplate->size);
-    if( (void *)NULL == dest ) {
-      state->top->status = decodeError;
-      return (sec_asn1d_state *)NULL;
-    }
-
-    state->dest = (char *)dest + state->theTemplate->offset;
-  }
-
-  child = sec_asn1d_push_state(state->top, state->theTemplate + 1, 
-                               state->dest, PR_FALSE);
-  if( (sec_asn1d_state *)NULL == child ) {
-    return (sec_asn1d_state *)NULL;
-  }
-
-  sec_asn1d_scrub_state(child);
-  child = sec_asn1d_init_state_based_on_template(child);
-  if( (sec_asn1d_state *)NULL == child ) {
-    return (sec_asn1d_state *)NULL;
-  }
-
-  child->optional = PR_TRUE;
-
-  state->place = duringChoice;
-
-  return child;
-}
-
-static sec_asn1d_state *
-sec_asn1d_during_choice
-(
-  sec_asn1d_state *state
-)
-{
-  sec_asn1d_state *child = state->child;
-  
-  PORT_Assert((sec_asn1d_state *)NULL != child);
-
-  if( child->missing ) {
-    unsigned char child_found_tag_modifiers = 0;
-    unsigned long child_found_tag_number = 0;
-
-    child->theTemplate++;
-
-    if( 0 == child->theTemplate->kind ) {
-      /* Ran out of choices */
-      PORT_SetError(SEC_ERROR_BAD_DER);
-      state->top->status = decodeError;
-      return (sec_asn1d_state *)NULL;
-    }
-
-    state->consumed += child->consumed;
-
-    /* cargo'd from next_in_sequence innards */
-    if( state->pending ) {
-      PORT_Assert(!state->indefinite);
-      if( child->consumed > state->pending ) {
-	PORT_SetError (SEC_ERROR_BAD_DER);
-	state->top->status = decodeError;
-	return NULL;
-      }
-      state->pending -= child->consumed;
-      if( 0 == state->pending ) {
-        /* XXX uh.. not sure if I should have stopped this
-         * from happening before. */
-        PORT_Assert(0);
-        PORT_SetError(SEC_ERROR_BAD_DER);
-        state->top->status = decodeError;
-        return (sec_asn1d_state *)NULL;
-      }
-    }
-
-    child->consumed = 0;
-    sec_asn1d_scrub_state(child);
-
-    /* move it on top again */
-    state->top->current = child;
-
-    child_found_tag_modifiers = child->found_tag_modifiers;
-    child_found_tag_number = child->found_tag_number;
-
-    child = sec_asn1d_init_state_based_on_template(child);
-    if( (sec_asn1d_state *)NULL == child ) {
-      return (sec_asn1d_state *)NULL;
-    }
-
-    /* copy our findings to the new top */
-    child->found_tag_modifiers = child_found_tag_modifiers;
-    child->found_tag_number = child_found_tag_number;
-
-    child->optional = PR_TRUE;
-    child->place = afterIdentifier;
-
-    return child;
-  } else {
-    if( (void *)NULL != state->dest ) {
-      /* Store the enum */
-      int *which = (int *)((char *)state->dest + state->theTemplate->offset);
-      *which = (int)child->theTemplate->size;
-    }
-
-    child->place = notInUse;
-
-    state->place = afterChoice;
-    return state;
-  }
-}
-
-static void
-sec_asn1d_after_choice
-(
-  sec_asn1d_state *state
-)
-{
-  state->consumed += state->child->consumed;
-  state->child->consumed = 0;
-  state->place = afterEndOfContents;
-  sec_asn1d_pop_state(state);
-}
-
-unsigned long
-sec_asn1d_uinteger(SECItem *src)
-{
-    unsigned long value;
-    int len;
-
-    if (src->len > 5 || (src->len > 4 && src->data[0] == 0))
-	return 0;
-
-    value = 0;
-    len = src->len;
-    while (len) {
-	value <<= 8;
-	value |= src->data[--len];
-    }
-    return value;
-}
-
-SECStatus
-SEC_ASN1DecodeInteger(SECItem *src, unsigned long *value)
-{
-    unsigned long v;
-    int i;
-    
-    if (src == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    if (src->len > sizeof(unsigned long)) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-	return SECFailure;
-    }
-
-    if (src->data == NULL) {
-	PORT_SetError(SEC_ERROR_INVALID_ARGS);
-    	return SECFailure;
-    }
-
-    if (src->data[0] & 0x80)
-	v = -1;		/* signed and negative - start with all 1's */
-    else
-	v = 0;
-
-    for (i= 0; i < src->len; i++) {
-	/* shift in next byte */
-	v <<= 8;
-	v |= src->data[i];
-    }
-    *value = v;
-    return SECSuccess;
-}
-
-#ifdef DEBUG_ASN1D_STATES
-static void
-dump_states
-(
-  SEC_ASN1DecoderContext *cx
-)
-{
-  sec_asn1d_state *state;
-
-  for( state = cx->current; state->parent; state = state->parent ) {
-    ;
-  }
-
-  for( ; state; state = state->child ) {
-    int i;
-    for( i = 0; i < state->depth; i++ ) {
-      printf("  ");
-    }
-
-    printf("%s: template[0]->kind = 0x%02x, expect tag number = 0x%02x\n",
-           (state == cx->current) ? "STATE" : "State",
-           state->theTemplate->kind, state->expect_tag_number);
-  }
-
-  return;
-}
-#endif /* DEBUG_ASN1D_STATES */
-
-SECStatus
-SEC_ASN1DecoderUpdate (SEC_ASN1DecoderContext *cx,
-		       const char *buf, unsigned long len)
-{
-    sec_asn1d_state *state = NULL;
-    unsigned long consumed;
-    SEC_ASN1EncodingPart what;
-    sec_asn1d_state *stateEnd = cx->current;
-
-    if (cx->status == needBytes)
-	cx->status = keepGoing;
-
-    while (cx->status == keepGoing) {
-	state = cx->current;
-	what = SEC_ASN1_Contents;
-	consumed = 0;
-#ifdef DEBUG_ASN1D_STATES
-        printf("\nPLACE = %s, next byte = 0x%02x\n",
-               (state->place >= 0 && state->place <= notInUse) ?
-               place_names[ state->place ] : "(undefined)",
-               (unsigned int)((unsigned char *)buf)[ consumed ]);
-        dump_states(cx);
-#endif /* DEBUG_ASN1D_STATES */
-	switch (state->place) {
-	  case beforeIdentifier:
-	    consumed = sec_asn1d_parse_identifier (state, buf, len);
-	    what = SEC_ASN1_Identifier;
-	    break;
-	  case duringIdentifier:
-	    consumed = sec_asn1d_parse_more_identifier (state, buf, len);
-	    what = SEC_ASN1_Identifier;
-	    break;
-	  case afterIdentifier:
-	    sec_asn1d_confirm_identifier (state);
-	    break;
-	  case beforeLength:
-	    consumed = sec_asn1d_parse_length (state, buf, len);
-	    what = SEC_ASN1_Length;
-	    break;
-	  case duringLength:
-	    consumed = sec_asn1d_parse_more_length (state, buf, len);
-	    what = SEC_ASN1_Length;
-	    break;
-	  case afterLength:
-	    sec_asn1d_prepare_for_contents (state);
-	    break;
-	  case beforeBitString:
-	    consumed = sec_asn1d_parse_bit_string (state, buf, len);
-	    break;
-	  case duringBitString:
-	    consumed = sec_asn1d_parse_more_bit_string (state, buf, len);
-	    break;
-	  case duringConstructedString:
-	    sec_asn1d_next_substring (state);
-	    break;
-	  case duringGroup:
-	    sec_asn1d_next_in_group (state);
-	    break;
-	  case duringLeaf:
-	    consumed = sec_asn1d_parse_leaf (state, buf, len);
-	    break;
-	  case duringSaveEncoding:
-	    sec_asn1d_reuse_encoding (state);
-	    break;
-	  case duringSequence:
-	    sec_asn1d_next_in_sequence (state);
-	    break;
-	  case afterConstructedString:
-	    sec_asn1d_concat_substrings (state);
-	    break;
-	  case afterExplicit:
-	  case afterImplicit:
-	  case afterInline:
-	  case afterPointer:
-	    sec_asn1d_absorb_child (state);
-	    break;
-	  case afterGroup:
-	    sec_asn1d_concat_group (state);
-	    break;
-	  case afterSaveEncoding:
-	    /* XXX comment! */
-	    return SECSuccess;
-	  case beforeEndOfContents:
-	    sec_asn1d_prepare_for_end_of_contents (state);
-	    break;
-	  case duringEndOfContents:
-	    consumed = sec_asn1d_parse_end_of_contents (state, buf, len);
-	    what = SEC_ASN1_EndOfContents;
-	    break;
-	  case afterEndOfContents:
-	    sec_asn1d_pop_state (state);
-	    break;
-          case beforeChoice:
-            state = sec_asn1d_before_choice(state);
-            break;
-          case duringChoice:
-            state = sec_asn1d_during_choice(state);
-            break;
-          case afterChoice:
-            sec_asn1d_after_choice(state);
-            break;
-	  case notInUse:
-	  default:
-	    /* This is not an error, but rather a plain old BUG! */
-	    PORT_Assert (0);
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    cx->status = decodeError;
-	    break;
-	}
-
-	if (cx->status == decodeError)
-	    break;
-
-	/* We should not consume more than we have.  */
-	PORT_Assert (consumed <= len);
-	if( consumed > len ) {
-	    PORT_SetError (SEC_ERROR_BAD_DER);
-	    cx->status = decodeError;
-	    break;
-	}
-
-	/* It might have changed, so we have to update our local copy.  */
-	state = cx->current;
-
-	/* If it is NULL, we have popped all the way to the top.  */
-	if (state == NULL) {
-	    PORT_Assert (consumed == 0);
-#if 0	/* XXX I want this here, but it seems that we have situations (like
-	 * downloading a pkcs7 cert chain from some issuers) that give us a
-	 * length which is greater than the entire encoding.  So, we cannot
-	 * have this be an error.
-	 */
-	    if (len > 0)
-		cx->status = decodeError;
-	    else
-#endif
-		cx->status = allDone;
-	    break;
-	}
-	else if (state->theTemplate->kind == SEC_ASN1_SKIP_REST) {
-	    cx->status = allDone;
-	    break;
-	}
-	  
-	if (consumed == 0)
-	    continue;
-
-	/*
-	 * The following check is specifically looking for an ANY
-	 * that is *not* also an INNER, because we need to save aside
-	 * all bytes in that case -- the contents parts will get
-	 * handled like all other contents, and the end-of-contents
-	 * bytes are added by the concat code, but the outer header
-	 * bytes need to get saved too, so we do them explicitly here.
-	 */
-	if (state->underlying_kind == SEC_ASN1_ANY
-	    && !cx->filter_only && (what == SEC_ASN1_Identifier
-				    || what == SEC_ASN1_Length)) {
-	    sec_asn1d_record_any_header (state, buf, consumed);
-	}
-
-	/*
-	 * We had some number of good, accepted bytes.  If the caller
-	 * has registered to see them, pass them along.
-	 */
-	if (state->top->filter_proc != NULL) {
-	    int depth;
-
-	    depth = state->depth;
-	    if (what == SEC_ASN1_EndOfContents && !state->indefinite) {
-		PORT_Assert (state->parent != NULL
-			     && state->parent->indefinite);
-		depth--;
-		PORT_Assert (depth == state->parent->depth);
-	    }
-	    (* state->top->filter_proc) (state->top->filter_arg,
-					 buf, consumed, depth, what);
-	}
-
-	state->consumed += consumed;
-	buf += consumed;
-	len -= consumed;
-    }
-
-    if (cx->status == decodeError) {
-	while (state != NULL && stateEnd->parent!=state) {
-	    sec_asn1d_free_child (state, PR_TRUE);
-	    state = state->parent;
-	}
-#ifdef SEC_ASN1D_FREE_ON_ERROR	/*
-				 * XXX This does not work because we can
-				 * end up leaving behind dangling pointers
-				 * to stuff that was allocated.  In order
-				 * to make this really work (which would
-				 * be a good thing, I think), we need to
-				 * keep track of every place/pointer that
-				 * was allocated and make sure to NULL it
-				 * out before we then free back to the mark.	
-				 */
-	if (cx->their_pool != NULL) {
-	    PORT_Assert (cx->their_mark != NULL);
-	    PORT_ArenaRelease (cx->their_pool, cx->their_mark);
-	}
-#endif
-	return SECFailure;
-    }
-
-#if 0	/* XXX This is what I want, but cannot have because it seems we
-	 * have situations (like when downloading a pkcs7 cert chain from
-	 * some issuers) that give us a total length which is greater than
-	 * the entire encoding.  So, we have to allow allDone to have a
-	 * remaining length greater than zero.  I wanted to catch internal
-	 * bugs with this, noticing when we do not have the right length.
-	 * Oh well.
-	 */
-    PORT_Assert (len == 0
-		 && (cx->status == needBytes || cx->status == allDone));
-#else
-    PORT_Assert ((len == 0 && cx->status == needBytes)
-		 || cx->status == allDone);
-#endif
-    return SECSuccess;
-}
-
-
-SECStatus
-SEC_ASN1DecoderFinish (SEC_ASN1DecoderContext *cx)
-{
-    SECStatus rv;
-
-    if (cx->status == needBytes) {
-	PORT_SetError (SEC_ERROR_BAD_DER);
-	rv = SECFailure;
-    } else {
-	rv = SECSuccess;
-    }
-
-    /*
-     * XXX anything else that needs to be finished?
-     */
-
-    PORT_FreeArena (cx->our_pool, PR_FALSE);
-
-    return rv;
-}
-
-
-SEC_ASN1DecoderContext *
-SEC_ASN1DecoderStart (PRArenaPool *their_pool, void *dest,
-		      const SEC_ASN1Template *theTemplate)
-{
-    PRArenaPool *our_pool;
-    SEC_ASN1DecoderContext *cx;
-
-    our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (our_pool == NULL)
-	return NULL;
-
-    cx = (SEC_ASN1DecoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
-    if (cx == NULL) {
-	PORT_FreeArena (our_pool, PR_FALSE);
-	return NULL;
-    }
-
-    cx->our_pool = our_pool;
-    if (their_pool != NULL) {
-	cx->their_pool = their_pool;
-#ifdef SEC_ASN1D_FREE_ON_ERROR
-	cx->their_mark = PORT_ArenaMark (their_pool);
-#endif
-    }
-
-    cx->status = needBytes;
-
-    if (sec_asn1d_push_state(cx, theTemplate, dest, PR_FALSE) == NULL
-	|| sec_asn1d_init_state_based_on_template (cx->current) == NULL) {
-	/*
-	 * Trouble initializing (probably due to failed allocations)
-	 * requires that we just give up.
-	 */
-	PORT_FreeArena (our_pool, PR_FALSE);
-	return NULL;
-    }
-
-    return cx;
-}
-
-
-void
-SEC_ASN1DecoderSetFilterProc (SEC_ASN1DecoderContext *cx,
-			      SEC_ASN1WriteProc fn, void *arg,
-			      PRBool only)
-{
-    /* check that we are "between" fields here */
-    PORT_Assert (cx->during_notify);
-
-    cx->filter_proc = fn;
-    cx->filter_arg = arg;
-    cx->filter_only = only;
-}
-
-
-void
-SEC_ASN1DecoderClearFilterProc (SEC_ASN1DecoderContext *cx)
-{
-    /* check that we are "between" fields here */
-    PORT_Assert (cx->during_notify);
-
-    cx->filter_proc = NULL;
-    cx->filter_arg = NULL;
-    cx->filter_only = PR_FALSE;
-}
-
-
-void
-SEC_ASN1DecoderSetNotifyProc (SEC_ASN1DecoderContext *cx,
-			      SEC_ASN1NotifyProc fn, void *arg)
-{
-    cx->notify_proc = fn;
-    cx->notify_arg = arg;
-}
-
-
-void
-SEC_ASN1DecoderClearNotifyProc (SEC_ASN1DecoderContext *cx)
-{
-    cx->notify_proc = NULL;
-    cx->notify_arg = NULL;	/* not necessary; just being clean */
-}
-
-
-SECStatus
-SEC_ASN1Decode (PRArenaPool *poolp, void *dest,
-		const SEC_ASN1Template *theTemplate,
-		const char *buf, long len)
-{
-    SEC_ASN1DecoderContext *dcx;
-    SECStatus urv, frv;
-
-    dcx = SEC_ASN1DecoderStart (poolp, dest, theTemplate);
-    if (dcx == NULL)
-	return SECFailure;
-
-    urv = SEC_ASN1DecoderUpdate (dcx, buf, len);
-    frv = SEC_ASN1DecoderFinish (dcx);
-
-    if (urv != SECSuccess)
-	return urv;
-
-    return frv;
-}
-
-
-SECStatus
-SEC_ASN1DecodeItem (PRArenaPool *poolp, void *dest,
-		    const SEC_ASN1Template *theTemplate,
-		    SECItem *item)
-{
-    return SEC_ASN1Decode (poolp, dest, theTemplate,
-			   (char *) item->data, item->len);
-}
-
-
-/*
- * Generic templates for individual/simple items and pointers to
- * and sets of same.
- *
- * If you need to add a new one, please note the following:
- *	 - For each new basic type you should add *four* templates:
- *	one plain, one PointerTo, one SequenceOf and one SetOf.
- *	 - If the new type can be constructed (meaning, it is a
- *	*string* type according to BER/DER rules), then you should
- *	or-in SEC_ASN1_MAY_STREAM to the type in the basic template.
- *	See the definition of the OctetString template for an example.
- *	 - It may not be obvious, but these are in *alphabetical*
- *	order based on the SEC_ASN1_XXX name; so put new ones in
- *	the appropriate place.
- */
-
-const SEC_ASN1Template SEC_AnyTemplate[] = {
-    { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToAnyTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfAnyTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfAnyTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_BitStringTemplate[] = {
-    { SEC_ASN1_BIT_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBitStringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBitStringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_BMPStringTemplate[] = {
-    { SEC_ASN1_BMP_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBMPStringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBMPStringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_BooleanTemplate[] = {
-    { SEC_ASN1_BOOLEAN, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBooleanTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBooleanTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_EnumeratedTemplate[] = {
-    { SEC_ASN1_ENUMERATED, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_GeneralizedTimeTemplate[] = {
-    { SEC_ASN1_GENERALIZED_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_IA5StringTemplate[] = {
-    { SEC_ASN1_IA5_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToIA5StringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfIA5StringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_IntegerTemplate[] = {
-    { SEC_ASN1_INTEGER, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToIntegerTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfIntegerTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_NullTemplate[] = {
-    { SEC_ASN1_NULL, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToNullTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfNullTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfNullTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_ObjectIDTemplate[] = {
-    { SEC_ASN1_OBJECT_ID, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToObjectIDTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfObjectIDTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_OctetStringTemplate[] = {
-    { SEC_ASN1_OCTET_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToOctetStringTemplate[] = {
-    { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfOctetStringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_PrintableStringTemplate[] = {
-    { SEC_ASN1_PRINTABLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_T61StringTemplate[] = {
-    { SEC_ASN1_T61_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToT61StringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfT61StringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_UniversalStringTemplate[] = {
-    { SEC_ASN1_UNIVERSAL_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_UTCTimeTemplate[] = {
-    { SEC_ASN1_UTC_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_UTF8StringTemplate[] = {
-    { SEC_ASN1_UTF8_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_VisibleStringTemplate[] = {
-    { SEC_ASN1_VISIBLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[] = {
-    { SEC_ASN1_POINTER, 0, SEC_VisibleStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[] = {
-    { SEC_ASN1_SEQUENCE_OF, 0, SEC_VisibleStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[] = {
-    { SEC_ASN1_SET_OF, 0, SEC_VisibleStringTemplate }
-};
-
-
-/*
- * Template for skipping a subitem.
- *
- * Note that it only makes sense to use this for decoding (when you want
- * to decode something where you are only interested in one or two of
- * the fields); you cannot encode a SKIP!
- */
-const SEC_ASN1Template SEC_SkipTemplate[] = {
-    { SEC_ASN1_SKIP }
-};
-
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs.  Sigh.
-*/
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_AnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BMPStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BooleanTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BitStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IA5StringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_GeneralizedTimeTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IntegerTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_NullTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_ObjectIDTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToAnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToOctetStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SetOfAnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTCTimeTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTF8StringTemplate)
-
diff --git a/security/nss/lib/util/secasn1e.c b/security/nss/lib/util/secasn1e.c
deleted file mode 100644
index 4a23bcbba..000000000
--- a/security/nss/lib/util/secasn1e.c
+++ /dev/null
@@ -1,1567 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#include "secasn1.h"
-
-typedef enum {
-    beforeHeader,
-    duringContents,
-    duringGroup,
-    duringSequence,
-    afterContents,
-    afterImplicit,
-    afterInline,
-    afterPointer,
-    afterChoice,
-    notInUse
-} sec_asn1e_parse_place;
-
-typedef enum {
-    allDone,
-    encodeError,
-    keepGoing,
-    needBytes
-} sec_asn1e_parse_status;
-
-typedef struct sec_asn1e_state_struct {
-    SEC_ASN1EncoderContext *top;
-    const SEC_ASN1Template *theTemplate;
-    void *src;
-
-    struct sec_asn1e_state_struct *parent;	/* aka prev */
-    struct sec_asn1e_state_struct *child;	/* aka next */
-
-    sec_asn1e_parse_place place;	/* where we are in encoding process */
-
-    /*
-     * XXX explain the next fields as clearly as possible...
-     */
-    unsigned char tag_modifiers;
-    unsigned char tag_number;
-    unsigned long underlying_kind;
-
-    int depth;
-
-    PRBool explicit,		/* we are handling an explicit header */
-	   indefinite,		/* need end-of-contents */
-	   is_string,		/* encoding a simple string or an ANY */
-	   may_stream,		/* when streaming, do indefinite encoding */
-	   optional,		/* omit field if it has no contents */
-	   ignore_stream;	/* ignore streaming value of sub-template */	
-} sec_asn1e_state;
-
-/*
- * An "outsider" will have an opaque pointer to this, created by calling
- * SEC_ASN1EncoderStart().  It will be passed back in to all subsequent
- * calls to SEC_ASN1EncoderUpdate() and related routines, and when done
- * it is passed to SEC_ASN1EncoderFinish().
- */
-struct sec_EncoderContext_struct {
-    PRArenaPool *our_pool;		/* for our internal allocs */
-
-    sec_asn1e_state *current;
-    sec_asn1e_parse_status status;
-
-    PRBool streaming;
-    PRBool from_buf;
-
-    SEC_ASN1NotifyProc notify_proc;	/* call before/after handling field */
-    void *notify_arg;			/* argument to notify_proc */
-    PRBool during_notify;		/* true during call to notify_proc */
-
-    SEC_ASN1WriteProc output_proc;	/* pass encoded bytes to this  */
-    void *output_arg;			/* argument to that function */
-};
-
-
-static sec_asn1e_state *
-sec_asn1e_push_state (SEC_ASN1EncoderContext *cx,
-		      const SEC_ASN1Template *theTemplate,
-		      void *src, PRBool new_depth)
-{
-    sec_asn1e_state *state, *new_state;
-
-    state = cx->current;
-
-    new_state = (sec_asn1e_state*)PORT_ArenaZAlloc (cx->our_pool, 
-						    sizeof(*new_state));
-    if (new_state == NULL) {
-	cx->status = encodeError;
-	return NULL;
-    }
-
-    new_state->top = cx;
-    new_state->parent = state;
-    new_state->theTemplate = theTemplate;
-    new_state->place = notInUse;
-    if (src != NULL)
-	new_state->src = (char *)src + theTemplate->offset;
-
-    if (state != NULL) {
-	new_state->depth = state->depth;
-	if (new_depth)
-	    new_state->depth++;
-	state->child = new_state;
-    }
-
-    cx->current = new_state;
-    return new_state;
-}
-
-
-static void
-sec_asn1e_scrub_state (sec_asn1e_state *state)
-{
-    /*
-     * Some default "scrubbing".
-     * XXX right set of initializations?
-     */
-    state->place = beforeHeader;
-    state->indefinite = PR_FALSE;
-}
-
-
-static void
-sec_asn1e_notify_before (SEC_ASN1EncoderContext *cx, void *src, int depth)
-{
-    if (cx->notify_proc == NULL)
-	return;
-
-    cx->during_notify = PR_TRUE;
-    (* cx->notify_proc) (cx->notify_arg, PR_TRUE, src, depth);
-    cx->during_notify = PR_FALSE;
-}
-
-
-static void
-sec_asn1e_notify_after (SEC_ASN1EncoderContext *cx, void *src, int depth)
-{
-    if (cx->notify_proc == NULL)
-	return;
-
-    cx->during_notify = PR_TRUE;
-    (* cx->notify_proc) (cx->notify_arg, PR_FALSE, src, depth);
-    cx->during_notify = PR_FALSE;
-}
-
-
-static sec_asn1e_state *
-sec_asn1e_init_state_based_on_template (sec_asn1e_state *state)
-{
-    PRBool explicit, is_string, may_stream, optional, universal, ignore_stream;
-    unsigned char tag_modifiers;
-    unsigned long encode_kind, under_kind;
-    unsigned long tag_number;
-
-
-    encode_kind = state->theTemplate->kind;
-
-    universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-
-    explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_EXPLICIT;
-
-    optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_OPTIONAL;
-
-    PORT_Assert (!(explicit && universal));	/* bad templates */
-
-    may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
-    ignore_stream = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_NO_STREAM;
-
-    /* Just clear this to get it out of the way; we do not need it here */
-    encode_kind &= ~SEC_ASN1_DYNAMIC;
-
-    if( encode_kind & SEC_ASN1_CHOICE ) {
-      under_kind = SEC_ASN1_CHOICE;
-    } else
-
-    if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal
-							      && !explicit)) {
-	const SEC_ASN1Template *subt;
-	void *src;
-
-	PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
-
-	sec_asn1e_scrub_state (state);
-
-	if (encode_kind & SEC_ASN1_POINTER) {
-	    /*
-	     * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER);
-	     * but that was too restrictive.  This needs to be fixed,
-	     * probably copying what the decoder now checks for, and
-	     * adding a big comment here to explain what the checks mean.
-	     */
-	    src = *(void **)state->src;
-	    state->place = afterPointer;
-	    if (src == NULL) {
-		/*
-		 * If this is optional, but NULL, then the field does
-		 * not need to be encoded.  In this case we are done;
-		 * we do not want to push a subtemplate.
-		 */
-		if (optional)
-		    return state;
-
-		/*
-		 * XXX this is an error; need to figure out
-		 * how to handle this
-		 */
-	    }
-	} else {
-	    src = state->src;
-	    if (encode_kind & SEC_ASN1_INLINE) {
-		/* check that there are no extraneous bits */
-		PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
-		state->place = afterInline;
-	    } else {
-		/*
-		 * Save the tag modifiers and tag number here before moving
-		 * on to the next state in case this is a member of a
-		 * SEQUENCE OF
-		 */
-		state->tag_modifiers = encode_kind & SEC_ASN1_TAG_MASK
-					& ~SEC_ASN1_TAGNUM_MASK;
-		state->tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-		
-		state->place = afterImplicit;
-		state->optional = optional;
-	    }
-	}
-
-	subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, PR_TRUE);
-	state = sec_asn1e_push_state (state->top, subt, src, PR_FALSE);
-	if (state == NULL)
-	    return NULL;
-
-	if (universal) {
-	    /*
-	     * This is a POINTER or INLINE; just init based on that
-	     * and we are done.
-	     */
-	    return sec_asn1e_init_state_based_on_template (state);
-	}
-
-	/*
-	 * This is an implicit, non-universal (meaning, application-private
-	 * or context-specific) field.  This results in a "magic" tag but
-	 * encoding based on the underlying type.  We pushed a new state
-	 * that is based on the subtemplate (the underlying type), but
-	 * now we will sort of alias it to give it some of our properties
-	 * (tag, optional status, etc.).
-	 */
-
-	under_kind = state->theTemplate->kind;
-	if (under_kind & SEC_ASN1_MAY_STREAM) {
-	    if (!ignore_stream)
-	      may_stream = PR_TRUE;
-	    under_kind &= ~SEC_ASN1_MAY_STREAM;
-	}
-    } else {
-	under_kind = encode_kind;
-    }
-
-    /*
-     * Sanity check that there are no unwanted bits marked in under_kind.
-     * These bits were either removed above (after we recorded them) or
-     * they simply should not be found (signalling a bad/broken template).
-     * XXX is this the right set of bits to test here? (i.e. need to add
-     * or remove any?)
-     */
-    PORT_Assert ((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
-				| SEC_ASN1_SKIP | SEC_ASN1_INNER
-				| SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
-				| SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
-
-    if (encode_kind & SEC_ASN1_ANY) {
-	PORT_Assert (encode_kind == under_kind);
-	tag_modifiers = 0;
-	tag_number = 0;
-	is_string = PR_TRUE;
-    } else {
-	tag_modifiers = encode_kind & SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK;
-	/*
-	 * XXX This assumes only single-octet identifiers.  To handle
-	 * the HIGH TAG form we would need to do some more work, especially
-	 * in how to specify them in the template, because right now we
-	 * do not provide a way to specify more *tag* bits in encode_kind.
-	 */
-	tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
-	is_string = PR_FALSE;
-	switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
-	  case SEC_ASN1_SET:
-	    /*
-	     * XXX A plain old SET (as opposed to a SET OF) is not implemented.
-	     * If it ever is, remove this assert...
-	     */
-	    PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
-	    /* fallthru */
-	  case SEC_ASN1_SEQUENCE:
-	    tag_modifiers |= SEC_ASN1_CONSTRUCTED;
-	    break;
-	  case SEC_ASN1_BIT_STRING:
-	  case SEC_ASN1_BMP_STRING: 
-	  case SEC_ASN1_GENERALIZED_TIME:
-	  case SEC_ASN1_IA5_STRING:
-	  case SEC_ASN1_OCTET_STRING:
-	  case SEC_ASN1_PRINTABLE_STRING:
-	  case SEC_ASN1_T61_STRING:
-	  case SEC_ASN1_UNIVERSAL_STRING: 
-	  case SEC_ASN1_UTC_TIME:
-	  case SEC_ASN1_UTF8_STRING:
-	  case SEC_ASN1_VISIBLE_STRING: 
-	    /*
-	     * We do not yet know if we will be constructing the string,
-	     * so we have to wait to do this final tag modification.
-	     */
-	    is_string = PR_TRUE;
-	    break;
-	}
-    }
-
-    state->tag_modifiers = tag_modifiers;
-    state->tag_number = tag_number;
-    state->underlying_kind = under_kind;
-    state->explicit = explicit;
-    state->may_stream = may_stream;
-    state->is_string = is_string;
-    state->optional = optional;
-    state->ignore_stream = ignore_stream;
-
-    sec_asn1e_scrub_state (state);
-
-    return state;
-}
-
-
-static void
-sec_asn1e_write_part (sec_asn1e_state *state,
-		      const char *buf, unsigned long len,
-		      SEC_ASN1EncodingPart part)
-{
-    SEC_ASN1EncoderContext *cx;
-
-    cx = state->top;
-    (* cx->output_proc) (cx->output_arg, buf, len, state->depth, part);
-}
-
-
-/*
- * XXX This assumes only single-octet identifiers.  To handle
- * the HIGH TAG form we would need to modify this interface and
- * teach it to properly encode the special form.
- */
-static void
-sec_asn1e_write_identifier_bytes (sec_asn1e_state *state, unsigned char value)
-{
-    char byte;
-
-    byte = (char) value;
-    sec_asn1e_write_part (state, &byte, 1, SEC_ASN1_Identifier);
-}
-
-int
-SEC_ASN1EncodeLength(unsigned char *buf,int value) {
-    int lenlen;
-
-    lenlen = SEC_ASN1LengthLength (value);
-    if (lenlen == 1) {
-	buf[0] = value;
-    } else {
-	int i;
-
-	i = lenlen - 1;
-	buf[0] = 0x80 | i;
-	while (i) {
-	    buf[i--] = value;
-	    value >>= 8;
-	}
-        PORT_Assert (value == 0);
-    }
-    return lenlen;
-}
-
-static void
-sec_asn1e_write_length_bytes (sec_asn1e_state *state, unsigned long value,
-			      PRBool indefinite)
-{
-    int lenlen;
-    unsigned char buf[sizeof(unsigned long) + 1];
-
-    if (indefinite) {
-	PORT_Assert (value == 0);
-	buf[0] = 0x80;
-	lenlen = 1;
-    } else {
-	lenlen = SEC_ASN1EncodeLength(buf,value);
-    }
-
-    sec_asn1e_write_part (state, (char *) buf, lenlen, SEC_ASN1_Length);
-}
-
-
-static void
-sec_asn1e_write_contents_bytes (sec_asn1e_state *state,
-				const char *buf, unsigned long len)
-{
-    sec_asn1e_write_part (state, buf, len, SEC_ASN1_Contents);
-}
-
-
-static void
-sec_asn1e_write_end_of_contents_bytes (sec_asn1e_state *state)
-{
-    const char eoc[2] = {0, 0};
-
-    sec_asn1e_write_part (state, eoc, 2, SEC_ASN1_EndOfContents);
-}
-
-static int
-sec_asn1e_which_choice
-(
-  void *src,
-  const SEC_ASN1Template *theTemplate
-)
-{
-  int rv;
-  int which = *(int *)((char *)src + theTemplate->offset);
-
-  for( rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++ ) {
-    if( which == theTemplate->size ) {
-      return rv;
-    }
-  }
-
-  return 0;
-}
-
-static unsigned long
-sec_asn1e_contents_length (const SEC_ASN1Template *theTemplate, void *src,
-			   PRBool ignoresubstream, PRBool *noheaderp)
-{
-    unsigned long encode_kind, underlying_kind;
-    PRBool explicit, optional, universal, may_stream;
-    unsigned long len;
-
-    /*
-     * This function currently calculates the length in all cases
-     * except the following: when writing out the contents of a 
-     * template that belongs to a state where it was a sub-template
-     * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the
-     * optional bit set.  The information that the parent is optional
-     * and that we should return the length of 0 when that length is 
-     * present since that means the optional field is no longer present.
-     * So we add the ignoresubstream flag which is passed in when
-     * writing the contents, but for all recursive calls to 
-     * sec_asn1e_contents_length, we pass PR_FALSE, because this
-     * function correctly calculates the length for children templates
-     * from that point on.  Confused yet?  At least you didn't have
-     * to figure it out.  ;)  -javi
-     */
-    encode_kind = theTemplate->kind;
-
-    universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
-		? PR_TRUE : PR_FALSE;
-
-    explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_EXPLICIT;
-
-    optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_OPTIONAL;
-
-    PORT_Assert (!(explicit && universal));	/* bad templates */
-
-    may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
-    encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
-    /* Just clear this to get it out of the way; we do not need it here */
-    encode_kind &= ~SEC_ASN1_DYNAMIC;
-    encode_kind &= ~SEC_ASN1_NO_STREAM;
-
-    if( encode_kind & SEC_ASN1_CHOICE ) {
-      void *src2;
-      int indx = sec_asn1e_which_choice(src, theTemplate);
-      if( 0 == indx ) {
-        /* XXX set an error? "choice not found" */
-        /* state->top->status = encodeError; */
-        return 0;
-      }
-
-      src2 = (void *)((char *)src + theTemplate[indx].offset);
-
-      return sec_asn1e_contents_length(&theTemplate[indx], src2, 
-                                       PR_FALSE, noheaderp);
-    }
-
-    if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) {
-
-	/* XXX any bits we want to disallow (PORT_Assert against) here? */
-
-	theTemplate = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
-
-	if (encode_kind & SEC_ASN1_POINTER) {
-	    /*
-	     * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER);
-	     * but that was too restrictive.  This needs to be fixed,
-	     * probably copying what the decoder now checks for, and
-	     * adding a big comment here to explain what the checks mean.
-	     * Alternatively, the check here could be omitted altogether
-	     * just letting sec_asn1e_init_state_based_on_template
-	     * do it, since that routine can do better error handling, too.
-	     */
-	    src = *(void **)src;
-	    if (src == NULL) {
-		if (optional)
-		    *noheaderp = PR_TRUE;
-		else 
-		    *noheaderp = PR_FALSE;
-		return 0;
-	    }
-	} else if (encode_kind & SEC_ASN1_INLINE) {
-	    /* check that there are no extraneous bits */
-	    PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
-	}
-
-	src = (char *)src + theTemplate->offset;
-
-	if (explicit) {
-	    len = sec_asn1e_contents_length (theTemplate, src, PR_FALSE,
-                                             noheaderp);
-	    if (len == 0 && optional) {
-		*noheaderp = PR_TRUE;
-	    } else if (*noheaderp) {
-		/* Okay, *we* do not want to add in a header, but our caller still does. */
-		*noheaderp = PR_FALSE;
-	    } else {
-		/* if the inner content exists, our length is
-		 * len(identifier) + len(length) + len(innercontent)
-		 * XXX we currently assume len(identifier) == 1;
-		 * to support a high-tag-number this would need to be smarter.
-		 */
-		len += 1 + SEC_ASN1LengthLength (len);
-	    }
-	    return len;
-	}
-
-	underlying_kind = theTemplate->kind;
-	underlying_kind &= ~SEC_ASN1_MAY_STREAM;
-
-	/* XXX Should we recurse here? */
-    } else {
-	underlying_kind = encode_kind;
-    }
-
-    /* This is only used in decoding; it plays no part in encoding.  */
-    if (underlying_kind & SEC_ASN1_SAVE) {
-	/* check that there are no extraneous bits */
-	PORT_Assert (underlying_kind == SEC_ASN1_SAVE);
-	*noheaderp = PR_TRUE;
-	return 0;
-    }
-
-    /* Having any of these bits is not expected here...  */
-    PORT_Assert ((underlying_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
-				     | SEC_ASN1_INLINE | SEC_ASN1_POINTER
-				     | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
-				     | SEC_ASN1_SAVE | SEC_ASN1_SKIP)) == 0);
-
-    if( underlying_kind & SEC_ASN1_CHOICE ) {
-      void *src2;
-      int indx = sec_asn1e_which_choice(src, theTemplate);
-      if( 0 == indx ) {
-        /* XXX set an error? "choice not found" */
-        /* state->top->status = encodeError; */
-        return 0;
-      }
-
-      src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);
-      len = sec_asn1e_contents_length(&theTemplate[indx], src2, PR_FALSE,
-                                      noheaderp);
-    } else
-
-    switch (underlying_kind) {
-      case SEC_ASN1_SEQUENCE_OF:
-      case SEC_ASN1_SET_OF:
-	{
-	    const SEC_ASN1Template *tmpt;
-	    void *sub_src;
-	    unsigned long sub_len;
-	    void **group;
-
-	    len = 0;
-
-	    group = *(void ***)src;
-	    if (group == NULL)
-		break;
-
-	    tmpt = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
-
-	    for (; *group != NULL; group++) {
-		sub_src = (char *)(*group) + tmpt->offset;
-		sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE,
-                                                     noheaderp);
-		len += sub_len;
-		/*
-		 * XXX The 1 below is the presumed length of the identifier;
-		 * to support a high-tag-number this would need to be smarter.
-		 */
-		if (!*noheaderp)
-		    len += 1 + SEC_ASN1LengthLength (sub_len);
-	    }
-	}
-	break;
-
-      case SEC_ASN1_SEQUENCE:
-      case SEC_ASN1_SET:
-	{
-	    const SEC_ASN1Template *tmpt;
-	    void *sub_src;
-	    unsigned long sub_len;
-
-	    len = 0;
-	    for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) {
-		sub_src = (char *)src + tmpt->offset;
-		sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE,
-                                                     noheaderp);
-		len += sub_len;
-		/*
-		 * XXX The 1 below is the presumed length of the identifier;
-		 * to support a high-tag-number this would need to be smarter.
-		 */
-		if (!*noheaderp)
-		    len += 1 + SEC_ASN1LengthLength (sub_len);
-	    }
-	}
-	break;
-
-      case SEC_ASN1_BIT_STRING:
-	/* convert bit length to byte */
-	len = (((SECItem *)src)->len + 7) >> 3;
-	/* bit string contents involve an extra octet */
-	if (len)
-	    len++;
-	break;
-
-      case SEC_ASN1_INTEGER:
-	/* ASN.1 INTEGERs are signed.
-	 * If the source is an unsigned integer, the encoder will need 
-	 * to handle the conversion here.
-	 */
-	{
-	    unsigned char *buf = ((SECItem *)src)->data;
-	    SECItemType integerType = ((SECItem *)src)->type;
-	    len = ((SECItem *)src)->len;
-	    while (len > 0) {
-		if (*buf != 0) {
-		    if (*buf & 0x80 && integerType == siUnsignedInteger) {
-			len++; /* leading zero needed to make number signed */
-		    }
-		    break; /* reached beginning of number */
-		}
-		if (len == 1) {
-		    break; /* the number 0 */
-		}
-		if (buf[1] & 0x80) {
-		    break; /* leading zero already present */
-		} 
-		/* extraneous leading zero, keep going */
-		buf++;
-		len--;
-	    }
-	}
-	break;
-
-      default:
-	len = ((SECItem *)src)->len;
-	if (may_stream && len == 0 && !ignoresubstream)
-	    len = 1;	/* if we're streaming, we may have a secitem w/len 0 as placeholder */
-	break;
-    }
-
-    if ((len == 0 && optional) || underlying_kind == SEC_ASN1_ANY)
-	*noheaderp = PR_TRUE;
-    else 
-	*noheaderp = PR_FALSE;
-
-    return len;
-}
-
-
-static void
-sec_asn1e_write_header (sec_asn1e_state *state)
-{
-    unsigned long contents_length;
-    unsigned char tag_number, tag_modifiers;
-    PRBool noheader;
-
-    PORT_Assert (state->place == beforeHeader);
-
-    tag_number = state->tag_number;
-    tag_modifiers = state->tag_modifiers;
-
-    if (state->underlying_kind == SEC_ASN1_ANY) {
-	state->place = duringContents;
-	return;
-    }
-
-    if( state->underlying_kind & SEC_ASN1_CHOICE ) {
-      int indx = sec_asn1e_which_choice(state->src, state->theTemplate);
-      if( 0 == indx ) {
-        /* XXX set an error? "choice not found" */
-        state->top->status = encodeError;
-        return;
-      }
-
-      state->place = afterChoice;
-      state = sec_asn1e_push_state(state->top, &state->theTemplate[indx],
-                                   state->src, PR_TRUE);
-
-      if( (sec_asn1e_state *)NULL != state ) {
-        /*
-         * Do the "before" field notification.
-         */
-        sec_asn1e_notify_before (state->top, state->src, state->depth);
-        state = sec_asn1e_init_state_based_on_template (state);
-      }
-      
-      return;
-    }
-
-    /*
-     * We are doing a definite-length encoding.  First we have to
-     * walk the data structure to calculate the entire contents length.
-     */
-    contents_length = sec_asn1e_contents_length (state->theTemplate,
-						 state->src, 
-                                                 state->ignore_stream,
-                                                 &noheader);
-    /*
-     * We might be told explicitly not to put out a header.
-     * But it can also be the case, via a pushed subtemplate, that
-     * sec_asn1e_contents_length could not know that this field is
-     * really optional.  So check for that explicitly, too.
-     */
-    if (noheader || (contents_length == 0 && state->optional)) {
-	state->place = afterContents;
-	if (state->top->streaming && state->may_stream && state->top->from_buf)
-	    /* we did not find an optional indefinite string, so we don't encode it.
-	     * However, if TakeFromBuf is on, we stop here anyway to give our caller
-	     * a chance to intercept at the same point where we would stop if the
-	     * field were present. */
-	    state->top->status = needBytes;
-	return;
-    }
-
-    if (state->top->streaming && state->may_stream
-			      && (state->top->from_buf || !state->is_string)) {
-	/*
-	 * We need to put out an indefinite-length encoding.
-	 */
-	state->indefinite = PR_TRUE;
-	/*
-	 * The only universal types that can be constructed are SETs,
-	 * SEQUENCEs, and strings; so check that it is one of those,
-	 * or that it is not universal (e.g. context-specific).
-	 */
-	PORT_Assert ((tag_number == SEC_ASN1_SET)
-		     || (tag_number == SEC_ASN1_SEQUENCE)
-		     || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0)
-		     || state->is_string);
-	tag_modifiers |= SEC_ASN1_CONSTRUCTED;
-	contents_length = 0;
-    }
-
-    sec_asn1e_write_identifier_bytes (state, tag_number | tag_modifiers);
-    sec_asn1e_write_length_bytes (state, contents_length, state->indefinite);
-
-    if (contents_length == 0 && !state->indefinite) {
-	/*
-	 * If no real contents to encode, then we are done with this field.
-	 */
-	state->place = afterContents;
-	return;
-    }
-
-    /*
-     * An EXPLICIT is nothing but an outer header, which we have already
-     * written.  Now we need to do the inner header and contents.
-     */
-    if (state->explicit) {
-	state->place = afterContents;
-	state = sec_asn1e_push_state (state->top,
-				      SEC_ASN1GetSubtemplate(state->theTemplate,
-							     state->src,
-							     PR_TRUE),
-				      state->src, PR_TRUE);
-	if (state != NULL)
-	    state = sec_asn1e_init_state_based_on_template (state);
-	return;
-    }
-
-    switch (state->underlying_kind) {
-      case SEC_ASN1_SET_OF:
-      case SEC_ASN1_SEQUENCE_OF:
-	/*
-	 * We need to push a child to handle each member.
-	 */
-	{
-	    void **group;
-	    const SEC_ASN1Template *subt;
-
-	    group = *(void ***)state->src;
-	    if (group == NULL || *group == NULL) {
-		/*
-		 * Group is empty; we are done.
-		 */
-		state->place = afterContents;
-		return;
-	    }
-	    state->place = duringGroup;
-	    subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src,
-					   PR_TRUE);
-	    state = sec_asn1e_push_state (state->top, subt, *group, PR_TRUE);
-	    if (state != NULL)
-		state = sec_asn1e_init_state_based_on_template (state);
-	}
-	break;
-
-      case SEC_ASN1_SEQUENCE:
-      case SEC_ASN1_SET:
-	/*
-	 * We need to push a child to handle the individual fields.
-	 */
-	state->place = duringSequence;
-	state = sec_asn1e_push_state (state->top, state->theTemplate + 1,
-				      state->src, PR_TRUE);
-	if (state != NULL) {
-	    /*
-	     * Do the "before" field notification.
-	     */
-	    sec_asn1e_notify_before (state->top, state->src, state->depth);
-	    state = sec_asn1e_init_state_based_on_template (state);
-	}
-	break;
-
-      default:
-	/*
-	 * I think we do not need to do anything else.
-	 * XXX Correct?
-	 */
-	state->place = duringContents;
-	break;
-    }
-}
-
-
-static void
-sec_asn1e_write_contents (sec_asn1e_state *state,
-			  const char *buf, unsigned long len)
-{
-    PORT_Assert (state->place == duringContents);
-
-    if (state->top->from_buf) {
-	/*
-	 * Probably they just turned on "take from buf", but have not
-	 * yet given us any bytes.  If there is nothing in the buffer
-	 * then we have nothing to do but return and wait.
-	 */
-	if (buf == NULL || len == 0) {
-	    state->top->status = needBytes;
-	    return;
-	}
-	/*
-	 * We are streaming, reading from a passed-in buffer.
-	 * This means we are encoding a simple string or an ANY.
-	 * For the former, we need to put out a substring, with its
-	 * own identifier and length.  For an ANY, we just write it
-	 * out as is (our caller is required to ensure that it
-	 * is a properly encoded entity).
-	 */
-	PORT_Assert (state->is_string);		/* includes ANY */
-	if (state->underlying_kind != SEC_ASN1_ANY) {
-	    unsigned char identifier;
-
-	    /*
-	     * Create the identifier based on underlying_kind.  We cannot
-	     * use tag_number and tag_modifiers because this can be an
-	     * implicitly encoded field.  In that case, the underlying
-	     * substrings *are* encoded with their real tag.
-	     */
-	    identifier = state->underlying_kind & SEC_ASN1_TAG_MASK;
-	    /*
-	     * The underlying kind should just be a simple string; there
-	     * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set.
-	     */
-	    PORT_Assert ((identifier & SEC_ASN1_TAGNUM_MASK) == identifier);
-	    /*
-	     * Write out the tag and length for the substring.
-	     */
-	    sec_asn1e_write_identifier_bytes (state, identifier);
-	    if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
-		char byte;
-		/*
-		 * Assume we have a length in bytes but we need to output
-		 * a proper bit string.  This interface only works for bit
-		 * strings that are full multiples of 8.  If support for
-		 * real, variable length bit strings is needed then the
-		 * caller will have to know to pass in a bit length instead
-		 * of a byte length and then this code will have to
-		 * perform the encoding necessary (length written is length
-		 * in bytes plus 1, and the first octet of string is the
-		 * number of bits remaining between the end of the bit
-		 * string and the next byte boundary).
-		 */
-		sec_asn1e_write_length_bytes (state, len + 1, PR_FALSE);
-		byte = 0;
-		sec_asn1e_write_contents_bytes (state, &byte, 1);
-	    } else {
-		sec_asn1e_write_length_bytes (state, len, PR_FALSE);
-	    }
-	}
-	sec_asn1e_write_contents_bytes (state, buf, len);
-	state->top->status = needBytes;
-    } else {
-	switch (state->underlying_kind) {
-	  case SEC_ASN1_SET:
-	  case SEC_ASN1_SEQUENCE:
-	    PORT_Assert (0);
-	    break;
-
-	  case SEC_ASN1_BIT_STRING:
-	    {
-		SECItem *item;
-		char rem;
-
-		item = (SECItem *)state->src;
-		len = (item->len + 7) >> 3;
-		rem = (len << 3) - item->len;	/* remaining bits */
-		sec_asn1e_write_contents_bytes (state, &rem, 1);
-		sec_asn1e_write_contents_bytes (state, (char *) item->data,
-						len);
-	    }
-	    break;
-
-	  case SEC_ASN1_BMP_STRING:
-	    /* The number of bytes must be divisable by 2 */
-	    if ((((SECItem *)state->src)->len) % 2) {
-		SEC_ASN1EncoderContext *cx;
-
-		cx = state->top;
-		cx->status = encodeError;
-		break;
-	    }
-	    /* otherwise, fall through to write the content */
-	    goto process_string;
-
-	  case SEC_ASN1_UNIVERSAL_STRING:
-	    /* The number of bytes must be divisable by 4 */
-	    if ((((SECItem *)state->src)->len) % 4) {
-		SEC_ASN1EncoderContext *cx;
-
-		cx = state->top;
-		cx->status = encodeError;
-		break;
-	    }
-	    /* otherwise, fall through to write the content */
-	    goto process_string;
-
-	  case SEC_ASN1_INTEGER:
-	   /* ASN.1 INTEGERs are signed.  If the source is an unsigned
-	    * integer, the encoder will need to handle the conversion here.
-	    */
-	    {
-		unsigned int blen;
-		unsigned char *buf;
-		SECItemType integerType;
-		blen = ((SECItem *)state->src)->len;
-		buf = ((SECItem *)state->src)->data;
-		integerType = ((SECItem *)state->src)->type;
-		while (blen > 0) {
-		    if (*buf & 0x80 && integerType == siUnsignedInteger) {
-			char zero = 0; /* write a leading 0 */
-			sec_asn1e_write_contents_bytes(state, &zero, 1);
-			/* and then the remaining buffer */
-			sec_asn1e_write_contents_bytes(state, 
-			                               (char *)buf, blen); 
-			break;
-		    } 
-		    /* Check three possibilities:
-		     * 1.  No leading zeros, msb of MSB is not 1;
-		     * 2.  The number is zero itself;
-		     * 3.  Encoding a signed integer with a leading zero,
-		     *     keep the zero so that the number is positive.
-		     */
-		    if (*buf != 0 || 
-		         blen == 1 || 
-		         (buf[1] & 0x80 && integerType != siUnsignedInteger) ) 
-		    {
-			sec_asn1e_write_contents_bytes(state, 
-			                               (char *)buf, blen); 
-			break;
-		    }
-		    /* byte is 0, continue */
-		    buf++;
-		    blen--;
-		}
-	    }
-	    /* done with this content */
-	    break;
-			
-process_string:			
-	  default:
-	    {
-		SECItem *item;
-
-		item = (SECItem *)state->src;
-		sec_asn1e_write_contents_bytes (state, (char *) item->data,
-						item->len);
-	    }
-	    break;
-	}
-	state->place = afterContents;
-    }
-}
-
-
-/*
- * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
- */
-static void
-sec_asn1e_next_in_group (sec_asn1e_state *state)
-{
-    sec_asn1e_state *child;
-    void **group;
-    void *member;
-
-    PORT_Assert (state->place == duringGroup);
-    PORT_Assert (state->child != NULL);
-
-    child = state->child;
-
-    group = *(void ***)state->src;
-
-    /*
-     * Find placement of current item.
-     */
-    member = (char *)(state->child->src) - child->theTemplate->offset;
-    while (*group != member)
-	group++;
-
-    /*
-     * Move forward to next item.
-     */
-    group++;
-    if (*group == NULL) {
-	/*
-	 * That was our last one; we are done now.
-	 */
-	child->place = notInUse;
-	state->place = afterContents;
-	return;
-    }
-    child->src = (char *)(*group) + child->theTemplate->offset;
-
-    /*
-     * Re-"push" child.
-     */
-    sec_asn1e_scrub_state (child);
-    state->top->current = child;
-}
-
-
-/*
- * We are moving along through a sequence; move forward by one,
- * (detecting end-of-sequence when it happens).
- */
-static void
-sec_asn1e_next_in_sequence (sec_asn1e_state *state)
-{
-    sec_asn1e_state *child;
-
-    PORT_Assert (state->place == duringSequence);
-    PORT_Assert (state->child != NULL);
-
-    child = state->child;
-
-    /*
-     * Do the "after" field notification.
-     */
-    sec_asn1e_notify_after (state->top, child->src, child->depth);
-
-    /*
-     * Move forward.
-     */
-    child->theTemplate++;
-    if (child->theTemplate->kind == 0) {
-	/*
-	 * We are done with this sequence.
-	 */
-	child->place = notInUse;
-	state->place = afterContents;
-	return;
-    }
-
-    /*
-     * Reset state and push.
-     */
-
-    child->src = (char *)state->src + child->theTemplate->offset;
-
-    /*
-     * Do the "before" field notification.
-     */
-    sec_asn1e_notify_before (state->top, child->src, child->depth);
-
-    state->top->current = child;
-    (void) sec_asn1e_init_state_based_on_template (child);
-}
-
-
-static void
-sec_asn1e_after_contents (sec_asn1e_state *state)
-{
-    PORT_Assert (state->place == afterContents);
-
-    if (state->indefinite)
-	sec_asn1e_write_end_of_contents_bytes (state);
-
-    /*
-     * Just make my parent be the current state.  It will then clean
-     * up after me and free me (or reuse me).
-     */
-    state->top->current = state->parent;
-}
-
-
-/*
- * This function is called whether or not we are streaming; if we
- * *are* streaming, our caller can also instruct us to take bytes
- * from the passed-in buffer (at buf, for length len, which is likely
- * bytes but could even mean bits if the current field is a bit string).
- * If we have been so instructed, we will gobble up bytes from there
- * (rather than from our src structure) and output them, and then
- * we will just return, expecting to be called again -- either with
- * more bytes or after our caller has instructed us that we are done
- * (for now) with the buffer.
- */
-SECStatus
-SEC_ASN1EncoderUpdate (SEC_ASN1EncoderContext *cx,
-		       const char *buf, unsigned long len)
-{
-    sec_asn1e_state *state;
-
-    if (cx->status == needBytes) {
-	PORT_Assert (buf != NULL && len != 0);
-	cx->status = keepGoing;
-    }
-
-    while (cx->status == keepGoing) {
-	state = cx->current;
-	switch (state->place) {
-	  case beforeHeader:
-	    sec_asn1e_write_header (state);
-	    break;
-	  case duringContents:
-	    sec_asn1e_write_contents (state, buf, len);
-	    break;
-	  case duringGroup:
-	    sec_asn1e_next_in_group (state);
-	    break;
-	  case duringSequence:
-	    sec_asn1e_next_in_sequence (state);
-	    break;
-	  case afterContents:
-	    sec_asn1e_after_contents (state);
-	    break;
-	  case afterImplicit:
-	  case afterInline:
-	  case afterPointer:
-	  case afterChoice:
-	    /*
-	     * These states are more documentation than anything.
-	     * They just need to force a pop.
-	     */
-	    PORT_Assert (!state->indefinite);
-	    state->place = afterContents;
-	    break;
-	  case notInUse:
-	  default:
-	    /* This is not an error, but rather a plain old BUG! */
-	    PORT_Assert (0);
-	    cx->status = encodeError;
-	    break;
-	}
-
-	if (cx->status == encodeError)
-	    break;
-
-	/* It might have changed, so we have to update our local copy.  */
-	state = cx->current;
-
-	/* If it is NULL, we have popped all the way to the top.  */
-	if (state == NULL) {
-	    cx->status = allDone;
-	    break;
-	}
-    }
-
-    if (cx->status == encodeError) {
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-
-void
-SEC_ASN1EncoderFinish (SEC_ASN1EncoderContext *cx)
-{
-    /*
-     * XXX anything else that needs to be finished?
-     */
-
-    PORT_FreeArena (cx->our_pool, PR_FALSE);
-}
-
-
-SEC_ASN1EncoderContext *
-SEC_ASN1EncoderStart (void *src, const SEC_ASN1Template *theTemplate,
-		      SEC_ASN1WriteProc output_proc, void *output_arg)
-{
-    PRArenaPool *our_pool;
-    SEC_ASN1EncoderContext *cx;
-
-    our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if (our_pool == NULL)
-	return NULL;
-
-    cx = (SEC_ASN1EncoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
-    if (cx == NULL) {
-	PORT_FreeArena (our_pool, PR_FALSE);
-	return NULL;
-    }
-
-    cx->our_pool = our_pool;
-    cx->output_proc = output_proc;
-    cx->output_arg = output_arg;
-
-    cx->status = keepGoing;
-
-    if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL
-	|| sec_asn1e_init_state_based_on_template (cx->current) == NULL) {
-	/*
-	 * Trouble initializing (probably due to failed allocations)
-	 * requires that we just give up.
-	 */
-	PORT_FreeArena (our_pool, PR_FALSE);
-	return NULL;
-    }
-
-    return cx;
-}
-
-
-/*
- * XXX Do we need a FilterProc, too?
- */
-
-
-void
-SEC_ASN1EncoderSetNotifyProc (SEC_ASN1EncoderContext *cx,
-			      SEC_ASN1NotifyProc fn, void *arg)
-{
-    cx->notify_proc = fn;
-    cx->notify_arg = arg;
-}
-
-
-void
-SEC_ASN1EncoderClearNotifyProc (SEC_ASN1EncoderContext *cx)
-{
-    cx->notify_proc = NULL;
-    cx->notify_arg = NULL;	/* not necessary; just being clean */
-}
-
-
-void
-SEC_ASN1EncoderSetStreaming (SEC_ASN1EncoderContext *cx)
-{
-    /* XXX is there a way to check that we are "between" fields here? */
-
-    cx->streaming = PR_TRUE;
-}
-
-
-void
-SEC_ASN1EncoderClearStreaming (SEC_ASN1EncoderContext *cx)
-{
-    /* XXX is there a way to check that we are "between" fields here? */
-
-    cx->streaming = PR_FALSE;
-}
-
-
-void
-SEC_ASN1EncoderSetTakeFromBuf (SEC_ASN1EncoderContext *cx)
-{
-    /* 
-     * XXX is there a way to check that we are "between" fields here?  this
-     * needs to include a check for being in between groups of items in
-     * a SET_OF or SEQUENCE_OF.
-     */
-    PORT_Assert (cx->streaming);
-
-    cx->from_buf = PR_TRUE;
-}
-
-
-void
-SEC_ASN1EncoderClearTakeFromBuf (SEC_ASN1EncoderContext *cx)
-{
-    /* we should actually be taking from buf *now* */
-    PORT_Assert (cx->from_buf);
-    if (! cx->from_buf)		/* if not, just do nothing */
-	return;
-
-    cx->from_buf = PR_FALSE;
-
-    if (cx->status == needBytes) {
-	cx->status = keepGoing;
-	cx->current->place = afterContents;
-    }
-}
-
-
-SECStatus
-SEC_ASN1Encode (void *src, const SEC_ASN1Template *theTemplate,
-		SEC_ASN1WriteProc output_proc, void *output_arg)
-{
-    SEC_ASN1EncoderContext *ecx;
-    SECStatus rv;
-
-    ecx = SEC_ASN1EncoderStart (src, theTemplate, output_proc, output_arg);
-    if (ecx == NULL)
-	return SECFailure;
-
-    rv = SEC_ASN1EncoderUpdate (ecx, NULL, 0);
-
-    SEC_ASN1EncoderFinish (ecx);
-    return rv;
-}
-
-
-/*
- * XXX depth and data_kind are unused; is there a PC way to silence warnings?
- * (I mean "politically correct", not anything to do with intel/win platform) 
- */
-static void
-sec_asn1e_encode_item_count (void *arg, const char *buf, unsigned long len,
-			     int depth, SEC_ASN1EncodingPart data_kind)
-{
-    unsigned long *count;
-
-    count = (unsigned long*)arg;
-    PORT_Assert (count != NULL);
-
-    *count += len;
-}
-
-
-/* XXX depth and data_kind are unused; is there a PC way to silence warnings? */
-static void
-sec_asn1e_encode_item_store (void *arg, const char *buf, unsigned long len,
-			     int depth, SEC_ASN1EncodingPart data_kind)
-{
-    SECItem *dest;
-
-    dest = (SECItem*)arg;
-    PORT_Assert (dest != NULL);
-
-    PORT_Memcpy (dest->data + dest->len, buf, len);
-    dest->len += len;
-}
-
-
-/*
- * Allocate an entire SECItem, or just the data part of it, to hold
- * "len" bytes of stuff.  Allocate from the given pool, if specified,
- * otherwise just do a vanilla PORT_Alloc.
- *
- * XXX This seems like a reasonable general-purpose function (for SECITEM_)?
- */
-static SECItem *
-sec_asn1e_allocate_item (PRArenaPool *poolp, SECItem *dest, unsigned long len)
-{
-    if (poolp != NULL) {
-	void *release;
-
-	release = PORT_ArenaMark (poolp);
-	if (dest == NULL)
-	    dest = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
-	if (dest != NULL) {
-	    dest->data = (unsigned char*)PORT_ArenaAlloc (poolp, len);
-	    if (dest->data == NULL) {
-		dest = NULL;
-	    }
-	}
-	if (dest == NULL) {
-	    /* one or both allocations failed; release everything */
-	    PORT_ArenaRelease (poolp, release);
-	} else {
-	    /* everything okay; unmark the arena */
-	    PORT_ArenaUnmark (poolp, release);
-	}
-    } else {
-	SECItem *indest;
-
-	indest = dest;
-	if (dest == NULL)
-	    dest = (SECItem*)PORT_Alloc (sizeof(SECItem));
-	if (dest != NULL) {
-	    dest->data = (unsigned char*)PORT_Alloc (len);
-	    if (dest->data == NULL) {
-		if (indest == NULL)
-		    PORT_Free (dest);
-		dest = NULL;
-	    }
-	}
-    }
-
-    return dest;
-}
-
-
-SECItem *
-SEC_ASN1EncodeItem (PRArenaPool *poolp, SECItem *dest, void *src,
-		    const SEC_ASN1Template *theTemplate)
-{
-    unsigned long encoding_length;
-    SECStatus rv;
-
-    PORT_Assert (dest == NULL || dest->data == NULL);
-
-    encoding_length = 0;
-    rv = SEC_ASN1Encode (src, theTemplate,
-			 sec_asn1e_encode_item_count, &encoding_length);
-    if (rv != SECSuccess)
-	return NULL;
-
-    dest = sec_asn1e_allocate_item (poolp, dest, encoding_length);
-    if (dest == NULL)
-	return NULL;
-
-    /* XXX necessary?  This really just checks for a bug in the allocate fn */
-    PORT_Assert (dest->data != NULL);
-    if (dest->data == NULL)
-	return NULL;
-
-    dest->len = 0;
-    (void) SEC_ASN1Encode (src, theTemplate, sec_asn1e_encode_item_store, dest);
-
-    PORT_Assert (encoding_length == dest->len);
-    return dest;
-}
-
-
-static SECItem *
-sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
-		  PRBool make_unsigned)
-{
-    unsigned long copy;
-    unsigned char sign;
-    int len = 0;
-
-    /*
-     * Determine the length of the encoded value (minimum of 1).
-     */
-    copy = value;
-    do {
-	len++;
-	sign = copy & 0x80;
-	copy >>= 8;
-    } while (copy);
-
-    /*
-     * If this is an unsigned encoding, and the high bit of the last
-     * byte we counted was set, we need to add one to the length so
-     * we put a high-order zero byte in the encoding.
-     */
-    if (sign && make_unsigned)
-	len++;
-
-    /*
-     * Allocate the item (if necessary) and the data pointer within.
-     */
-    dest = sec_asn1e_allocate_item (poolp, dest, len);
-    if (dest == NULL)
-	return NULL;
-
-    /*
-     * Store the value, byte by byte, in the item.
-     */
-    dest->len = len;
-    while (len) {
-	dest->data[--len] = value;
-	value >>= 8;
-    }
-    PORT_Assert (value == 0);
-
-    return dest;
-}
-
-
-SECItem *
-SEC_ASN1EncodeInteger(PRArenaPool *poolp, SECItem *dest, long value)
-{
-    return sec_asn1e_integer (poolp, dest, (unsigned long) value, PR_FALSE);
-}
-
-
-extern SECItem *
-SEC_ASN1EncodeUnsignedInteger(PRArenaPool *poolp,
-			      SECItem *dest, unsigned long value)
-{
-    return sec_asn1e_integer (poolp, dest, value, PR_TRUE);
-}
diff --git a/security/nss/lib/util/secasn1t.h b/security/nss/lib/util/secasn1t.h
deleted file mode 100644
index cb56a0bd7..000000000
--- a/security/nss/lib/util/secasn1t.h
+++ /dev/null
@@ -1,287 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Types for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#ifndef _SECASN1T_H_
-#define _SECASN1T_H_
-
-/*
-** An array of these structures defines a BER/DER encoding for an object.
-**
-** The array usually starts with a dummy entry whose kind is SEC_ASN1_SEQUENCE;
-** such an array is terminated with an entry where kind == 0.  (An array
-** which consists of a single component does not require a second dummy
-** entry -- the array is only searched as long as previous component(s)
-** instruct it.)
-*/
-typedef struct sec_ASN1Template_struct {
-    /*
-    ** Kind of item being decoded/encoded, including tags and modifiers.
-    */
-    unsigned long kind;
-
-    /*
-    ** The value is the offset from the base of the structure to the
-    ** field that holds the value being decoded/encoded.
-    */
-    unsigned long offset;
-
-    /*
-    ** When kind suggests it (SEC_ASN1_POINTER, SEC_ASN1_GROUP, SEC_ASN1_INLINE,
-    ** or a component that is *not* a SEC_ASN1_UNIVERSAL), this points to
-    ** a sub-template for nested encoding/decoding,
-    ** OR, iff SEC_ASN1_DYNAMIC is set, then this is a pointer to a pointer
-    ** to a function which will return the appropriate template when called
-    ** at runtime.  NOTE! that explicit level of indirection, which is
-    ** necessary because ANSI does not allow you to store a function
-    ** pointer directly as a "void *" so we must store it separately and
-    ** dereference it to get at the function pointer itself.
-    */
-    const void *sub;
-
-    /*
-    ** In the first element of a template array, the value is the size
-    ** of the structure to allocate when this template is being referenced
-    ** by another template via SEC_ASN1_POINTER or SEC_ASN1_GROUP.
-    ** In all other cases, the value is ignored.
-    */
-    unsigned int size;
-} SEC_ASN1Template;
-
-
-/* default size used for allocation of encoding/decoding stuff */
-/* XXX what is the best value here? */
-#define SEC_ASN1_DEFAULT_ARENA_SIZE	(2048)
-
-/*
-** BER/DER values for ASN.1 identifier octets.
-*/
-#define SEC_ASN1_TAG_MASK		0xff
-
-/*
- * BER/DER universal type tag numbers.
- * The values are defined by the X.208 standard; do not change them!
- * NOTE: if you add anything to this list, you must add code to secasn1d.c
- * to accept the tag, and probably also to secasn1e.c to encode it.
- * XXX It appears some have been added recently without being added to
- * the code; so need to go through the list now and double-check them all.
- * (Look especially at those added in revision 1.10.)
- */
-#define SEC_ASN1_TAGNUM_MASK		0x1f
-#define SEC_ASN1_BOOLEAN		0x01
-#define SEC_ASN1_INTEGER		0x02
-#define SEC_ASN1_BIT_STRING		0x03
-#define SEC_ASN1_OCTET_STRING		0x04
-#define SEC_ASN1_NULL			0x05
-#define SEC_ASN1_OBJECT_ID		0x06
-#define SEC_ASN1_OBJECT_DESCRIPTOR      0x07
-/* External type and instance-of type   0x08 */
-#define SEC_ASN1_REAL                   0x09
-#define SEC_ASN1_ENUMERATED		0x0a
-#define SEC_ASN1_EMBEDDED_PDV           0x0b
-#define SEC_ASN1_UTF8_STRING		0x0c
-#define SEC_ASN1_SEQUENCE		0x10
-#define SEC_ASN1_SET			0x11
-#define SEC_ASN1_NUMERIC_STRING         0x12
-#define SEC_ASN1_PRINTABLE_STRING	0x13
-#define SEC_ASN1_T61_STRING		0x14
-#define SEC_ASN1_TELETEX_STRING SEC_ASN1_T61_STRING
-#define SEC_ASN1_VIDEOTEX_STRING        0x15
-#define SEC_ASN1_IA5_STRING		0x16
-#define SEC_ASN1_UTC_TIME		0x17
-#define SEC_ASN1_GENERALIZED_TIME	0x18
-#define SEC_ASN1_GRAPHIC_STRING         0x19
-#define SEC_ASN1_VISIBLE_STRING		0x1a
-#define SEC_ASN1_GENERAL_STRING         0x1b
-#define SEC_ASN1_UNIVERSAL_STRING	0x1c
-/*                                      0x1d */
-#define SEC_ASN1_BMP_STRING		0x1e
-#define SEC_ASN1_HIGH_TAG_NUMBER	0x1f
-
-/*
-** Modifiers to type tags.  These are also specified by a/the
-** standard, and must not be changed.
-*/
-
-#define SEC_ASN1_METHOD_MASK		0x20
-#define SEC_ASN1_PRIMITIVE		0x00
-#define SEC_ASN1_CONSTRUCTED		0x20
-
-#define SEC_ASN1_CLASS_MASK		0xc0
-#define SEC_ASN1_UNIVERSAL		0x00
-#define SEC_ASN1_APPLICATION		0x40
-#define SEC_ASN1_CONTEXT_SPECIFIC	0x80
-#define SEC_ASN1_PRIVATE		0xc0
-
-/*
-** Our additions, used for templates.
-** These are not defined by any standard; the values are used internally only.
-** Just be careful to keep them out of the low 8 bits.
-** XXX finish comments
-*/
-#define SEC_ASN1_OPTIONAL	0x00100
-#define SEC_ASN1_EXPLICIT	0x00200
-#define SEC_ASN1_ANY		0x00400
-#define SEC_ASN1_INLINE		0x00800
-#define SEC_ASN1_POINTER	0x01000
-#define SEC_ASN1_GROUP		0x02000	/* with SET or SEQUENCE means
-					 * SET OF or SEQUENCE OF */
-#define SEC_ASN1_DYNAMIC	0x04000 /* subtemplate is found by calling
-					 * a function at runtime */
-#define SEC_ASN1_SKIP		0x08000 /* skip a field; only for decoding */
-#define SEC_ASN1_INNER		0x10000	/* with ANY means capture the
-					 * contents only (not the id, len,
-					 * or eoc); only for decoding */
-#define SEC_ASN1_SAVE		0x20000 /* stash away the encoded bytes first;
-					 * only for decoding */
-#define SEC_ASN1_MAY_STREAM	0x40000	/* field or one of its sub-fields may
-					 * stream in and so should encode as
-					 * indefinite-length when streaming
-					 * has been indicated; only for
-					 * encoding */
-#define SEC_ASN1_SKIP_REST	0x80000	/* skip all following fields;
-					   only for decoding */
-#define SEC_ASN1_CHOICE        0x100000 /* pick one from a template */
-#define SEC_ASN1_NO_STREAM     0X200000 /* This entry will not stream
-                                           even if the sub-template says
-                                           streaming is possible.  Helps
-                                           to solve ambiguities with potential
-                                           streaming entries that are 
-                                           optional */
-                                          
-
-/* Shorthand/Aliases */
-#define SEC_ASN1_SEQUENCE_OF	(SEC_ASN1_GROUP | SEC_ASN1_SEQUENCE)
-#define SEC_ASN1_SET_OF		(SEC_ASN1_GROUP | SEC_ASN1_SET)
-#define SEC_ASN1_ANY_CONTENTS	(SEC_ASN1_ANY | SEC_ASN1_INNER)
-
-
-/*
-** Function used for SEC_ASN1_DYNAMIC.
-** "arg" is a pointer to the structure being encoded/decoded
-** "enc", when true, means that we are encoding (false means decoding)
-*/
-typedef const SEC_ASN1Template * SEC_ASN1TemplateChooser(void *arg, PRBool enc);
-typedef SEC_ASN1TemplateChooser * SEC_ASN1TemplateChooserPtr;
-
-#if defined(_WIN32)
-#define SEC_ASN1_GET(x)        NSS_Get_##x(NULL, PR_FALSE)
-#define SEC_ASN1_SUB(x)        &p_NSS_Get_##x
-#define SEC_ASN1_XTRN          SEC_ASN1_DYNAMIC
-#define SEC_ASN1_MKSUB(x) \
-static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x;
-#else
-#define SEC_ASN1_GET(x)        x
-#define SEC_ASN1_SUB(x)        x
-#define SEC_ASN1_XTRN          0
-#define SEC_ASN1_MKSUB(x) 
-#endif
-
-#define SEC_ASN1_CHOOSER_DECLARE(x) \
-extern const SEC_ASN1Template * NSS_Get_##x (void *arg, PRBool enc);
-
-#define SEC_ASN1_CHOOSER_IMPLEMENT(x) \
-const SEC_ASN1Template * NSS_Get_##x(void * arg, PRBool enc) \
-{ return x; }
-
-/*
-** Opaque object used by the decoder to store state.
-*/
-typedef struct sec_DecoderContext_struct SEC_ASN1DecoderContext;
-
-/*
-** Opaque object used by the encoder to store state.
-*/
-typedef struct sec_EncoderContext_struct SEC_ASN1EncoderContext;
-
-/*
- * This is used to describe to a filter function the bytes that are
- * being passed to it.  This is only useful when the filter is an "outer"
- * one, meaning it expects to get *all* of the bytes not just the
- * contents octets.
- */
-typedef enum {
-    SEC_ASN1_Identifier = 0,
-    SEC_ASN1_Length = 1,
-    SEC_ASN1_Contents = 2,
-    SEC_ASN1_EndOfContents = 3
-} SEC_ASN1EncodingPart;
-
-/*
- * Type of the function pointer used either for decoding or encoding,
- * when doing anything "funny" (e.g. manipulating the data stream)
- */ 
-typedef void (* SEC_ASN1NotifyProc)(void *arg, PRBool before,
-				    void *dest, int real_depth);
-
-/*
- * Type of the function pointer used for grabbing encoded bytes.
- * This can be used during either encoding or decoding, as follows...
- *
- * When decoding, this can be used to filter the encoded bytes as they
- * are parsed.  This is what you would do if you wanted to process the data
- * along the way (like to decrypt it, or to perform a hash on it in order
- * to do a signature check later).  See SEC_ASN1DecoderSetFilterProc().
- * When processing only part of the encoded bytes is desired, you "watch"
- * for the field(s) you are interested in with a "notify proc" (see
- * SEC_ASN1DecoderSetNotifyProc()) and for even finer granularity (e.g. to
- * ignore all by the contents bytes) you pay attention to the "data_kind"
- * parameter.
- *
- * When encoding, this is the specification for the output function which
- * will receive the bytes as they are encoded.  The output function can
- * perform any postprocessing necessary (like hashing (some of) the data
- * to create a digest that gets included at the end) as well as shoving
- * the data off wherever it needs to go.  (In order to "tune" any processing,
- * you can set a "notify proc" as described above in the decoding case.)
- *
- * The parameters:
- * - "arg" is an opaque pointer that you provided at the same time you
- *   specified a function of this type
- * - "data" is a buffer of length "len", containing the encoded bytes
- * - "depth" is how deep in a nested encoding we are (it is not usually
- *   valuable, but can be useful sometimes so I included it)
- * - "data_kind" tells you if these bytes are part of the ASN.1 encoded
- *   octets for identifier, length, contents, or end-of-contents
- */ 
-typedef void (* SEC_ASN1WriteProc)(void *arg,
-				   const char *data, unsigned long len,
-				   int depth, SEC_ASN1EncodingPart data_kind);
-
-#endif /* _SECASN1T_H_ */
diff --git a/security/nss/lib/util/secasn1u.c b/security/nss/lib/util/secasn1u.c
deleted file mode 100644
index 83673ca0b..000000000
--- a/security/nss/lib/util/secasn1u.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Utility routines to complement the ASN.1 encoding and decoding functions.
- *
- * $Id$
- */
-
-#include "secasn1.h"
-
-
-/*
- * We have a length that needs to be encoded; how many bytes will the
- * encoding take?
- *
- * The rules are that 0 - 0x7f takes one byte (the length itself is the
- * entire encoding); everything else takes one plus the number of bytes
- * in the length.
- */
-int
-SEC_ASN1LengthLength (unsigned long len)
-{
-    int lenlen = 1;
-
-    if (len > 0x7f) {
-	do {
-	    lenlen++;
-	    len >>= 8;
-	} while (len);
-    }
-
-    return lenlen;
-}
-
-
-/*
- * XXX Move over (and rewrite as appropriate) the rest of the
- * stuff in dersubr.c!
- */
-
-
-/*
- * Find the appropriate subtemplate for the given template.
- * This may involve calling a "chooser" function, or it may just
- * be right there.  In either case, it is expected to *have* a
- * subtemplate; this is asserted in debug builds (in non-debug
- * builds, NULL will be returned).
- *
- * "thing" is a pointer to the structure being encoded/decoded
- * "encoding", when true, means that we are in the process of encoding
- *	(as opposed to in the process of decoding)
- */
-const SEC_ASN1Template *
-SEC_ASN1GetSubtemplate (const SEC_ASN1Template *theTemplate, void *thing,
-			PRBool encoding)
-{
-    const SEC_ASN1Template *subt = NULL;
-
-    PORT_Assert (theTemplate->sub != NULL);
-    if (theTemplate->sub != NULL) {
-	if (theTemplate->kind & SEC_ASN1_DYNAMIC) {
-	    SEC_ASN1TemplateChooserPtr chooserp;
-
-	    chooserp = *(SEC_ASN1TemplateChooserPtr *) theTemplate->sub;
-	    if (chooserp) {
-		if (thing != NULL)
-		    thing = (char *)thing - theTemplate->offset;
-		subt = (* chooserp)(thing, encoding);
-	    }
-	} else {
-	    subt = (SEC_ASN1Template*)theTemplate->sub;
-	}
-    }
-    return subt;
-}
diff --git a/security/nss/lib/util/seccomon.h b/security/nss/lib/util/seccomon.h
deleted file mode 100644
index f55f1311d..000000000
--- a/security/nss/lib/util/seccomon.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * seccomon.h - common data structures for security libraries
- *
- * This file should have lowest-common-denominator datastructures
- * for security libraries.  It should not be dependent on any other
- * headers, and should not require linking with any libraries.
- *
- * $Id$
- */
-
-#ifndef _SECCOMMON_H_
-#define _SECCOMMON_H_
-
-#include "prtypes.h"
-
-
-#ifdef __cplusplus 
-# define SEC_BEGIN_PROTOS extern "C" {
-# define SEC_END_PROTOS }
-#else
-# define SEC_BEGIN_PROTOS
-# define SEC_END_PROTOS
-#endif
-
-#include "secport.h"
-
-typedef enum {
-    siBuffer = 0,
-    siClearDataBuffer = 1,
-    siCipherDataBuffer = 2,
-    siDERCertBuffer = 3,
-    siEncodedCertBuffer = 4,
-    siDERNameBuffer = 5,
-    siEncodedNameBuffer = 6,
-    siAsciiNameString = 7,
-    siAsciiString = 8,
-    siDEROID = 9,
-    siUnsignedInteger = 10
-} SECItemType;
-
-typedef struct SECItemStr SECItem;
-
-struct SECItemStr {
-    SECItemType type;
-    unsigned char *data;
-    unsigned int len;
-};
-
-/*
-** A status code. Status's are used by procedures that return status
-** values. Again the motivation is so that a compiler can generate
-** warnings when return values are wrong. Correct testing of status codes:
-**
-**	SECStatus rv;
-**	rv = some_function (some_argument);
-**	if (rv != SECSuccess)
-**		do_an_error_thing();
-**
-*/
-typedef enum _SECStatus {
-    SECWouldBlock = -2,
-    SECFailure = -1,
-    SECSuccess = 0
-} SECStatus;
-
-/*
-** A comparison code. Used for procedures that return comparision
-** values. Again the motivation is so that a compiler can generate
-** warnings when return values are wrong.
-*/
-typedef enum _SECComparison {
-    SECLessThan = -1,
-    SECEqual = 0,
-    SECGreaterThan = 1
-} SECComparison;
-
-#endif /* _SECCOMMON_H_ */
diff --git a/security/nss/lib/util/secder.h b/security/nss/lib/util/secder.h
deleted file mode 100644
index fdd43b1de..000000000
--- a/security/nss/lib/util/secder.h
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECDER_H_
-#define _SECDER_H_
-
-/*
- * secder.h - public data structures and prototypes for the DER encoding and
- *	      decoding utilities library
- *
- * $Id$
- */
-
-#if defined(_WIN32_WCE)
-#else
-#include <time.h>
-#endif
-
-#include "plarena.h"
-#include "prlong.h"
-
-#include "seccomon.h"
-#include "secdert.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Decode a piece of der encoded data.
-** 	"dest" points to a structure that will be filled in with the
-**	   decoding results.  (NOTE: it should be zeroed before calling;
-**	   optional/missing fields are not zero-filled by DER_Decode.)
-**	"t" is a template structure which defines the shape of the
-**	   expected data.
-**	"src" is the der encoded data.
-** NOTE: substructures of "dest" will be allocated as needed from
-** "arena", but data subfields will point directly into the buffer
-** passed in as src->data.  That is, the resulting "dest" structure
-** will contain pointers back into src->data, which must remain
-** active (allocated) and unmodified for as long as "dest" is active.
-** If this is a potential problem, you may want to just dup the buffer
-** (allocated from "arena", probably) and pass *that* in instead.
-*/
-extern SECStatus DER_Decode(PRArenaPool *arena, void *dest, DERTemplate *t,
-			   SECItem *src);
-
-/*
-** Encode a data structure into DER.
-**	"dest" will be filled in (and memory allocated) to hold the der
-**	   encoded structure in "src"
-**	"t" is a template structure which defines the shape of the
-**	   stored data
-**	"src" is a pointer to the structure that will be encoded
-*/
-extern SECStatus DER_Encode(PRArenaPool *arena, SECItem *dest, DERTemplate *t,
-			   void *src);
-
-extern SECStatus DER_Lengths(SECItem *item, int *header_len_p, uint32 *contents_len_p);
-
-/*
-** Lower level der subroutine that stores the standard header into "to".
-** The header is of variable length, based on encodingLen.
-** The return value is the new value of "to" after skipping over the header.
-**	"to" is where the header will be stored
-**	"code" is the der code to write
-**	"encodingLen" is the number of bytes of data that will follow
-**	   the header
-*/
-extern unsigned char *DER_StoreHeader(unsigned char *to, unsigned int code,
-				      uint32 encodingLen);
-
-/*
-** Return the number of bytes it will take to hold a der encoded length.
-*/
-extern int DER_LengthLength(uint32 len);
-
-/*
-** Store a der encoded *signed* integer (whose value is "src") into "dst".
-** XXX This should really be enhanced to take a long.
-*/
-extern SECStatus DER_SetInteger(PRArenaPool *arena, SECItem *dst, int32 src);
-
-/*
-** Store a der encoded *unsigned* integer (whose value is "src") into "dst".
-** XXX This should really be enhanced to take an unsigned long.
-*/
-extern SECStatus DER_SetUInteger(PRArenaPool *arena, SECItem *dst, uint32 src);
-
-/*
-** Decode a der encoded *signed* integer that is stored in "src".
-** If "-1" is returned, then the caller should check the error in
-** XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
-*/
-extern long DER_GetInteger(SECItem *src);
-
-/*
-** Decode a der encoded *unsigned* integer that is stored in "src".
-** If the ULONG_MAX is returned, then the caller should check the error
-** in XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
-*/
-extern unsigned long DER_GetUInteger(SECItem *src);
-
-/*
-** Convert a "UNIX" time value to a der encoded time value.
-**	"result" is the der encoded time (memory is allocated)
-**	"time" is the "UNIX" time value (Since Jan 1st, 1970).
-** The caller is responsible for freeing up the buffer which
-** result->data points to upon a successfull operation.
-*/
-extern SECStatus DER_TimeToUTCTime(SECItem *result, int64 time);
-
-/*
-** Convert an ascii encoded time value (according to DER rules) into
-** a UNIX time value.
-**	"result" the resulting "UNIX" time
-**	"string" the der notation ascii value to decode
-*/
-extern SECStatus DER_AsciiToTime(int64 *result, char *string);
-
-/*
-** Same as DER_AsciiToTime except takes an SECItem instead of a string
-*/
-extern SECStatus DER_UTCTimeToTime(int64 *result, SECItem *time);
-
-/*
-** Convert a DER encoded UTC time to an ascii time representation
-** "utctime" is the DER encoded UTC time to be converted. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *DER_UTCTimeToAscii(SECItem *utcTime);
-
-/*
-** Convert a DER encoded UTC time to an ascii time representation, but only
-** include the day, not the time.
-**	"utctime" is the DER encoded UTC time to be converted.
-** The caller is responsible for deallocating the returned buffer.
-*/
-extern char *DER_UTCDayToAscii(SECItem *utctime);
-
-/*
-** Convert a int64 time to a DER encoded Generalized time
-*/
-extern SECStatus DER_TimeToGeneralizedTime(SECItem *dst, int64 gmttime);
-
-/*
-** Convert a DER encoded Generalized time value into a UNIX time value.
-**	"dst" the resulting "UNIX" time
-**	"string" the der notation ascii value to decode
-*/
-extern SECStatus DER_GeneralizedTimeToTime(int64 *dst, SECItem *time);
-
-/*
-** Convert from a int64 UTC time value to a formatted ascii value. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *CERT_UTCTime2FormattedAscii (int64 utcTime, char *format);
-
-
-/*
-** Convert from a int64 Generalized time value to a formatted ascii value. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *CERT_GenTime2FormattedAscii (int64 genTime, char *format);
-
-SEC_END_PROTOS
-
-#endif /* _SECDER_H_ */
-
diff --git a/security/nss/lib/util/secdert.h b/security/nss/lib/util/secdert.h
deleted file mode 100644
index 86f3451cf..000000000
--- a/security/nss/lib/util/secdert.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECDERT_H_
-#define _SECDERT_H_
-/*
- * secdert.h - public data structures for the DER encoding and
- *	       decoding utilities library
- *
- * $Id$
- */
-
-typedef struct DERTemplateStr DERTemplate;
-
-/*
-** An array of these structures defines an encoding for an object using DER.
-** The array usually starts with a dummy entry whose kind is DER_SEQUENCE;
-** such an array is terminated with an entry where kind == 0.  (An array
-** which consists of a single component does not require a second dummy
-** entry -- the array is only searched as long as previous component(s)
-** instruct it.)
-*/
-struct DERTemplateStr {
-    /*
-    ** Kind of item being decoded/encoded, including tags and modifiers.
-    */
-    unsigned long kind;
-
-    /*
-    ** Offset from base of structure to field that holds the value
-    ** being decoded/encoded.
-    */
-    unsigned int offset;
-
-    /*
-    ** When kind suggests it (DER_POINTER, DER_INDEFINITE, DER_INLINE),
-    ** this points to a sub-template for nested encoding/decoding.
-    */
-    DERTemplate *sub;
-
-    /*
-    ** Argument value, dependent on "kind" and/or template placement
-    ** within an array of templates:
-    **	- In the first element of a template array, the value is the
-    **	  size of the structure to allocate when this template is being
-    **	  referenced by another template via DER_POINTER or DER_INDEFINITE.
-    **  - In a component of a DER_SET or DER_SEQUENCE which is *not* a
-    **	  DER_UNIVERSAL type (that is, it has a class tag for either
-    **	  DER_APPLICATION, DER_CONTEXT_SPECIFIC, or DER_PRIVATE), the
-    **	  value is the underlying type of item being decoded/encoded.
-    */
-    unsigned long arg;
-};
-
-/************************************************************************/
-
-/* default chunksize for arenas used for DER stuff */
-#define DER_DEFAULT_CHUNKSIZE (2048)
-
-/*
-** BER/DER values for ASN.1 identifier octets.
-*/
-#define DER_TAG_MASK		0xff
-
-/*
- * BER/DER universal type tag numbers.
- * The values are defined by the X.208 standard; do not change them!
- * NOTE: if you add anything to this list, you must add code to derdec.c
- * to accept the tag, and probably also to derenc.c to encode it.
- */
-#define DER_TAGNUM_MASK		0x1f
-#define DER_BOOLEAN		0x01
-#define DER_INTEGER		0x02
-#define DER_BIT_STRING		0x03
-#define DER_OCTET_STRING	0x04
-#define DER_NULL		0x05
-#define DER_OBJECT_ID		0x06
-#define DER_SEQUENCE		0x10
-#define DER_SET			0x11
-#define DER_PRINTABLE_STRING	0x13
-#define DER_T61_STRING		0x14
-#define DER_IA5_STRING		0x16
-#define DER_UTC_TIME		0x17
-#define DER_VISIBLE_STRING	0x1a
-#define DER_HIGH_TAG_NUMBER	0x1f
-
-/*
-** Modifiers to type tags.  These are also specified by a/the
-** standard, and must not be changed.
-*/
-
-#define DER_METHOD_MASK		0x20
-#define DER_PRIMITIVE		0x00
-#define DER_CONSTRUCTED		0x20
-
-#define DER_CLASS_MASK		0xc0
-#define DER_UNIVERSAL		0x00
-#define DER_APPLICATION		0x40
-#define DER_CONTEXT_SPECIFIC	0x80
-#define DER_PRIVATE		0xc0
-
-/*
-** Our additions, used for templates.
-** These are not defined by any standard; the values are used internally only.
-** Just be careful to keep them out of the low 8 bits.
-*/
-#define DER_OPTIONAL		0x00100
-#define DER_EXPLICIT		0x00200
-#define DER_ANY			0x00400
-#define DER_INLINE		0x00800
-#define DER_POINTER		0x01000
-#define DER_INDEFINITE		0x02000
-#define DER_DERPTR		0x04000
-#define DER_SKIP		0x08000
-#define DER_FORCE		0x10000
-#define DER_OUTER		0x40000 /* for DER_DERPTR */
-
-/*
-** Macro to convert der decoded bit string into a decoded octet
-** string. All it needs to do is fiddle with the length code.
-*/
-#define DER_ConvertBitString(item)	  \
-{					  \
-    (item)->len = ((item)->len + 7) >> 3; \
-}
-
-extern DERTemplate SECAnyTemplate[];
-extern DERTemplate SECBitStringTemplate[];
-extern DERTemplate SECBooleanTemplate[];
-extern DERTemplate SECIA5StringTemplate[];
-extern DERTemplate SECIntegerTemplate[];
-extern DERTemplate SECNullTemplate[];
-extern DERTemplate SECObjectIDTemplate[];
-extern DERTemplate SECOctetStringTemplate[];
-extern DERTemplate SECPrintableStringTemplate[];
-extern DERTemplate SECT61StringTemplate[];
-extern DERTemplate SECUTCTimeTemplate[];
-extern DERTemplate SECAlgorithmIDTemplate[];
-
-#endif /* _SECDERT_H_ */
diff --git a/security/nss/lib/util/secdig.c b/security/nss/lib/util/secdig.c
deleted file mode 100644
index 056068222..000000000
--- a/security/nss/lib/util/secdig.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "secdig.h"
-
-#include "secoid.h"
-#include "secasn1.h" 
-#include "secerr.h"
-
-/*
- * XXX OLD Template.  Once all uses have been switched over to new one,
- * remove this.
- */
-DERTemplate SGNDigestInfoTemplate[] = {
-    { DER_SEQUENCE,
-	  0, NULL, sizeof(SGNDigestInfo) },
-    { DER_INLINE,
-	  offsetof(SGNDigestInfo,digestAlgorithm),
-	  SECAlgorithmIDTemplate, },
-    { DER_OCTET_STRING,
-	  offsetof(SGNDigestInfo,digest), },
-    { 0, }
-};
-
-/* XXX See comment below about SGN_DecodeDigestInfo -- keep this static! */
-/* XXX Changed from static -- need to change name? */
-const SEC_ASN1Template sgn_DigestInfoTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(SGNDigestInfo) },
-    { SEC_ASN1_INLINE,
-	  offsetof(SGNDigestInfo,digestAlgorithm),
-	  SECOID_AlgorithmIDTemplate },
-    { SEC_ASN1_OCTET_STRING,
-	  offsetof(SGNDigestInfo,digest) },
-    { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(sgn_DigestInfoTemplate)
-
-/*
- * XXX Want to have a SGN_DecodeDigestInfo, like:
- *	SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
- * that creates a pool and allocates from it and decodes didata into
- * the newly allocated DigestInfo structure.  Then fix secvfy.c (it
- * will no longer need an arena itself) to call this and then call
- * DestroyDigestInfo when it is done, then can remove the old template
- * above and keep our new template static and "hidden".
- */
-
-/*
- * XXX It might be nice to combine the following two functions (create
- * and encode).  I think that is all anybody ever wants to do anyway.
- */
-
-SECItem *
-SGN_EncodeDigestInfo(PRArenaPool *poolp, SECItem *dest, SGNDigestInfo *diginfo)
-{
-    return SEC_ASN1EncodeItem (poolp, dest, diginfo, sgn_DigestInfoTemplate);
-}
-
-SGNDigestInfo *
-SGN_CreateDigestInfo(SECOidTag algorithm, unsigned char *sig, unsigned len)
-{
-    SGNDigestInfo *di;
-    SECStatus rv;
-    PRArenaPool *arena;
-    SECItem *null_param;
-    SECItem dummy_value;
-
-    switch (algorithm) {
-      case SEC_OID_MD2:
-      case SEC_OID_MD5:
-      case SEC_OID_SHA1:
-	break;
-      default:
-	PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
-	return NULL;
-    }
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    if (arena == NULL) {
-	return NULL;
-    }
-
-    di = (SGNDigestInfo *) PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
-    if (di == NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
-	return NULL;
-    }
-
-    di->arena = arena;
-
-    /*
-     * PKCS #1 specifies that the AlgorithmID must have a NULL parameter
-     * (as opposed to no parameter at all).
-     */
-    dummy_value.data = NULL;
-    dummy_value.len = 0;
-    null_param = SEC_ASN1EncodeItem(NULL, NULL, &dummy_value, SEC_NullTemplate);
-    if (null_param == NULL) {
-	goto loser;
-    }
-
-    rv = SECOID_SetAlgorithmID(arena, &di->digestAlgorithm, algorithm,
-			       null_param);
-
-    SECITEM_FreeItem(null_param, PR_TRUE);
-
-    if (rv != SECSuccess) {
-	goto loser;
-    }
-
-    di->digest.data = (unsigned char *) PORT_ArenaAlloc(arena, len);
-    if (di->digest.data == NULL) {
-	goto loser;
-    }
-
-    di->digest.len = len;
-    PORT_Memcpy(di->digest.data, sig, len);
-    return di;
-
-  loser:
-    SGN_DestroyDigestInfo(di);
-    return NULL;
-}
-
-SGNDigestInfo *
-SGN_DecodeDigestInfo(SECItem *didata)
-{
-    PRArenaPool *arena;
-    SGNDigestInfo *di;
-    SECStatus rv = SECFailure;
-
-    arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
-    if(arena == NULL)
-	return NULL;
-
-    di = (SGNDigestInfo *)PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
-    if(di != NULL)
-    {
-	di->arena = arena;
-	rv = SEC_ASN1DecodeItem(arena, di, sgn_DigestInfoTemplate, didata);
-    }
-	
-    if((di == NULL) || (rv != SECSuccess))
-    {
-	PORT_FreeArena(arena, PR_TRUE);
-	di = NULL;
-    }
-
-    return di;
-}
-
-void
-SGN_DestroyDigestInfo(SGNDigestInfo *di)
-{
-    if (di && di->arena) {
-	PORT_FreeArena(di->arena, PR_FALSE);
-    }
-
-    return;
-}
-
-SECStatus 
-SGN_CopyDigestInfo(PRArenaPool *poolp, SGNDigestInfo *a, SGNDigestInfo *b)
-{
-    SECStatus rv;
-    void *mark;
-
-    if((poolp == NULL) || (a == NULL) || (b == NULL))
-	return SECFailure;
-
-    mark = PORT_ArenaMark(poolp);
-    a->arena = poolp;
-    rv = SECOID_CopyAlgorithmID(poolp, &a->digestAlgorithm, 
-	&b->digestAlgorithm);
-    if (rv == SECSuccess)
-	rv = SECITEM_CopyItem(poolp, &a->digest, &b->digest);
-
-    if (rv != SECSuccess) {
-	PORT_ArenaRelease(poolp, mark);
-    } else {
-	PORT_ArenaUnmark(poolp, mark);
-    }
-
-    return rv;
-}
-
-SECComparison
-SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b)
-{
-    SECComparison rv;
-
-    /* Check signature algorithm's */
-    rv = SECOID_CompareAlgorithmID(&a->digestAlgorithm, &b->digestAlgorithm);
-    if (rv) return rv;
-
-    /* Compare signature block length's */
-    rv = SECITEM_CompareItem(&a->digest, &b->digest);
-    return rv;
-}
diff --git a/security/nss/lib/util/secdig.h b/security/nss/lib/util/secdig.h
deleted file mode 100644
index 048604554..000000000
--- a/security/nss/lib/util/secdig.h
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SECDIG_H_
-#define _SECDIG_H_
-
-#include "secdigt.h"
-
-#include "seccomon.h"
-#include "secasn1t.h" 
-#include "secdert.h"
-
-SEC_BEGIN_PROTOS
-
-
-extern const SEC_ASN1Template sgn_DigestInfoTemplate[];
-
-SEC_ASN1_CHOOSER_DECLARE(sgn_DigestInfoTemplate)
-
-extern DERTemplate SGNDigestInfoTemplate[];
-
-
-/****************************************/
-/*
-** Digest-info functions
-*/
-
-/*
-** Create a new digest-info object
-** 	"algorithm" one of SEC_OID_MD2, SEC_OID_MD5, or SEC_OID_SHA1
-** 	"sig" the raw signature data (from MD2 or MD5)
-** 	"sigLen" the length of the signature data
-**
-** NOTE: this is a low level routine used to prepare some data for PKCS#1
-** digital signature formatting.
-**
-** XXX It might be nice to combine the create and encode functions.
-** I think that is all anybody ever wants to do anyway.
-*/
-extern SGNDigestInfo *SGN_CreateDigestInfo(SECOidTag algorithm,
-					   unsigned char *sig,
-					   unsigned int sigLen);
-
-/*
-** Destroy a digest-info object
-*/
-extern void SGN_DestroyDigestInfo(SGNDigestInfo *info);
-
-/*
-** Encode a digest-info object
-**	"poolp" is where to allocate the result from; it can be NULL in
-**		which case generic heap allocation (XP_ALLOC) will be used
-**	"dest" is where to store the result; it can be NULL, in which case
-**		it will be allocated (from poolp or heap, as explained above)
-**	"diginfo" is the object to be encoded
-** The return value is NULL if any error occurred, otherwise it is the
-** resulting SECItem (either allocated or the same as the "dest" parameter).
-**
-** XXX It might be nice to combine the create and encode functions.
-** I think that is all anybody ever wants to do anyway.
-*/
-extern SECItem *SGN_EncodeDigestInfo(PRArenaPool *poolp, SECItem *dest,
-				     SGNDigestInfo *diginfo);
-
-/*
-** Decode a DER encoded digest info objct.
-**  didata is thr source of the encoded digest.  
-** The return value is NULL if an error occurs.  Otherwise, a
-** digest info object which is allocated within it's own
-** pool is returned.  The digest info should be deleted
-** by later calling SGN_DestroyDigestInfo.
-*/
-extern SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
-
-
-/*
-** Copy digest info.
-**  poolp is the arena to which the digest will be copied.
-**  a is the destination digest, it must be non-NULL.
-**  b is the source digest
-** This function is for copying digests.  It allows digests
-** to be copied into a specified pool.  If the digest is in
-** the same pool as other data, you do not want to delete
-** the digest by calling SGN_DestroyDigestInfo.  
-** A return value of SECFailure indicates an error.  A return
-** of SECSuccess indicates no error occured.
-*/
-extern SECStatus  SGN_CopyDigestInfo(PRArenaPool *poolp,
-					SGNDigestInfo *a, 
-					SGNDigestInfo *b);
-
-/*
-** Compare two digest-info objects, returning the difference between
-** them.
-*/
-extern SECComparison SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECDIG_H_ */
diff --git a/security/nss/lib/util/secdigt.h b/security/nss/lib/util/secdigt.h
deleted file mode 100644
index fea6daa99..000000000
--- a/security/nss/lib/util/secdigt.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * secdigt.h - public data structures for digestinfos from the util lib.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SECDIGT_H_
-#define _SECDIGT_H_
-
-#include "plarena.h"
-#include "secoidt.h"
-#include "secitem.h"
-
-/*
-** A PKCS#1 digest-info object
-*/
-struct SGNDigestInfoStr {
-    PLArenaPool *  arena;
-    SECAlgorithmID digestAlgorithm;
-    SECItem        digest;
-};
-typedef struct SGNDigestInfoStr SGNDigestInfo;
-
-
-
-#endif /* _SECDIGT_H_ */
diff --git a/security/nss/lib/util/secerr.h b/security/nss/lib/util/secerr.h
deleted file mode 100644
index 0742d7386..000000000
--- a/security/nss/lib/util/secerr.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __SEC_ERR_H_
-#define __SEC_ERR_H_
-
-
-#define SEC_ERROR_BASE				(-0x2000)
-#define SEC_ERROR_LIMIT				(SEC_ERROR_BASE + 1000)
-
-#define IS_SEC_ERROR(code) \
-    (((code) >= SEC_ERROR_BASE) && ((code) < SEC_ERROR_LIMIT))
-
-#ifndef NO_SECURITY_ERROR_ENUM
-typedef enum {
-SEC_ERROR_IO 				    =	SEC_ERROR_BASE + 0,
-SEC_ERROR_LIBRARY_FAILURE 		    =	SEC_ERROR_BASE + 1,
-SEC_ERROR_BAD_DATA 			    =	SEC_ERROR_BASE + 2,
-SEC_ERROR_OUTPUT_LEN 			    =	SEC_ERROR_BASE + 3,
-SEC_ERROR_INPUT_LEN 			    =	SEC_ERROR_BASE + 4,
-SEC_ERROR_INVALID_ARGS 			    =	SEC_ERROR_BASE + 5,
-SEC_ERROR_INVALID_ALGORITHM 		    =	SEC_ERROR_BASE + 6,
-SEC_ERROR_INVALID_AVA 			    =	SEC_ERROR_BASE + 7,
-SEC_ERROR_INVALID_TIME 			    =	SEC_ERROR_BASE + 8,
-SEC_ERROR_BAD_DER 			    =	SEC_ERROR_BASE + 9,
-SEC_ERROR_BAD_SIGNATURE 		    =	SEC_ERROR_BASE + 10,
-SEC_ERROR_EXPIRED_CERTIFICATE 		    =	SEC_ERROR_BASE + 11,
-SEC_ERROR_REVOKED_CERTIFICATE 		    =	SEC_ERROR_BASE + 12,
-SEC_ERROR_UNKNOWN_ISSUER 		    =	SEC_ERROR_BASE + 13,
-SEC_ERROR_BAD_KEY 			    =	SEC_ERROR_BASE + 14,
-SEC_ERROR_BAD_PASSWORD 			    =	SEC_ERROR_BASE + 15,
-SEC_ERROR_RETRY_PASSWORD 		    =	SEC_ERROR_BASE + 16,
-SEC_ERROR_NO_NODELOCK 			    =	SEC_ERROR_BASE + 17,
-SEC_ERROR_BAD_DATABASE 			    =	SEC_ERROR_BASE + 18,
-SEC_ERROR_NO_MEMORY 			    =	SEC_ERROR_BASE + 19,
-SEC_ERROR_UNTRUSTED_ISSUER 		    =	SEC_ERROR_BASE + 20,
-SEC_ERROR_UNTRUSTED_CERT 		    =	SEC_ERROR_BASE + 21,
-SEC_ERROR_DUPLICATE_CERT 		    =	(SEC_ERROR_BASE + 22),
-SEC_ERROR_DUPLICATE_CERT_NAME 		    =	(SEC_ERROR_BASE + 23),
-SEC_ERROR_ADDING_CERT 			    =	(SEC_ERROR_BASE + 24),
-SEC_ERROR_FILING_KEY 			    =	(SEC_ERROR_BASE + 25),
-SEC_ERROR_NO_KEY 			    =	(SEC_ERROR_BASE + 26),
-SEC_ERROR_CERT_VALID 			    =	(SEC_ERROR_BASE + 27),
-SEC_ERROR_CERT_NOT_VALID 		    =	(SEC_ERROR_BASE + 28),
-SEC_ERROR_CERT_NO_RESPONSE 		    =	(SEC_ERROR_BASE + 29),
-SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE 	    =	(SEC_ERROR_BASE + 30),
-SEC_ERROR_CRL_EXPIRED 			    =	(SEC_ERROR_BASE + 31),
-SEC_ERROR_CRL_BAD_SIGNATURE 		    =	(SEC_ERROR_BASE + 32),
-SEC_ERROR_CRL_INVALID 			    =	(SEC_ERROR_BASE + 33),
-SEC_ERROR_EXTENSION_VALUE_INVALID 	    = 	(SEC_ERROR_BASE + 34),
-SEC_ERROR_EXTENSION_NOT_FOUND 		    = 	(SEC_ERROR_BASE + 35),
-SEC_ERROR_CA_CERT_INVALID 		    = 	(SEC_ERROR_BASE + 36),
-SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID 	    = 	(SEC_ERROR_BASE + 37),
-SEC_ERROR_CERT_USAGES_INVALID 		    = 	(SEC_ERROR_BASE + 38),
-SEC_INTERNAL_ONLY 			    =	(SEC_ERROR_BASE + 39),
-SEC_ERROR_INVALID_KEY 			    =	(SEC_ERROR_BASE + 40),
-SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION 	    = 	(SEC_ERROR_BASE + 41),
-SEC_ERROR_OLD_CRL 			    =	(SEC_ERROR_BASE + 42),
-SEC_ERROR_NO_EMAIL_CERT 		    =	(SEC_ERROR_BASE + 43),
-SEC_ERROR_NO_RECIPIENT_CERTS_QUERY 	    =	(SEC_ERROR_BASE + 44),
-SEC_ERROR_NOT_A_RECIPIENT 		    =	(SEC_ERROR_BASE + 45),
-SEC_ERROR_PKCS7_KEYALG_MISMATCH 	    =	(SEC_ERROR_BASE + 46),
-SEC_ERROR_PKCS7_BAD_SIGNATURE 		    =	(SEC_ERROR_BASE + 47),
-SEC_ERROR_UNSUPPORTED_KEYALG 		    =	(SEC_ERROR_BASE + 48),
-SEC_ERROR_DECRYPTION_DISALLOWED 	    =	(SEC_ERROR_BASE + 49),
-/* Fortezza Alerts */
-XP_SEC_FORTEZZA_BAD_CARD 		    =	(SEC_ERROR_BASE + 50),
-XP_SEC_FORTEZZA_NO_CARD 		    =	(SEC_ERROR_BASE + 51),
-XP_SEC_FORTEZZA_NONE_SELECTED 		    =	(SEC_ERROR_BASE + 52),
-XP_SEC_FORTEZZA_MORE_INFO 		    =	(SEC_ERROR_BASE + 53),
-XP_SEC_FORTEZZA_PERSON_NOT_FOUND 	    =	(SEC_ERROR_BASE + 54),
-XP_SEC_FORTEZZA_NO_MORE_INFO 		    =	(SEC_ERROR_BASE + 55),
-XP_SEC_FORTEZZA_BAD_PIN 		    =	(SEC_ERROR_BASE + 56),
-XP_SEC_FORTEZZA_PERSON_ERROR 		    =	(SEC_ERROR_BASE + 57),
-SEC_ERROR_NO_KRL 			    =	(SEC_ERROR_BASE + 58),
-SEC_ERROR_KRL_EXPIRED 			    =	(SEC_ERROR_BASE + 59),
-SEC_ERROR_KRL_BAD_SIGNATURE 		    =	(SEC_ERROR_BASE + 60),
-SEC_ERROR_REVOKED_KEY 			    =	(SEC_ERROR_BASE + 61),
-SEC_ERROR_KRL_INVALID 			    =	(SEC_ERROR_BASE + 62),
-SEC_ERROR_NEED_RANDOM 			    =	(SEC_ERROR_BASE + 63),
-SEC_ERROR_NO_MODULE 			    =	(SEC_ERROR_BASE + 64),
-SEC_ERROR_NO_TOKEN 			    =	(SEC_ERROR_BASE + 65),
-SEC_ERROR_READ_ONLY 			    =	(SEC_ERROR_BASE + 66),
-SEC_ERROR_NO_SLOT_SELECTED 		    =	(SEC_ERROR_BASE + 67),
-SEC_ERROR_CERT_NICKNAME_COLLISION 	    =	(SEC_ERROR_BASE + 68),
-SEC_ERROR_KEY_NICKNAME_COLLISION 	    =	(SEC_ERROR_BASE + 69),
-SEC_ERROR_SAFE_NOT_CREATED 		    =	(SEC_ERROR_BASE + 70),
-SEC_ERROR_BAGGAGE_NOT_CREATED 		    =	(SEC_ERROR_BASE + 71),
-XP_JAVA_REMOVE_PRINCIPAL_ERROR 		    =	(SEC_ERROR_BASE + 72),
-XP_JAVA_DELETE_PRIVILEGE_ERROR 		    =	(SEC_ERROR_BASE + 73),
-XP_JAVA_CERT_NOT_EXISTS_ERROR 		    =	(SEC_ERROR_BASE + 74),
-SEC_ERROR_BAD_EXPORT_ALGORITHM 		    =	(SEC_ERROR_BASE + 75),
-SEC_ERROR_EXPORTING_CERTIFICATES 	    =	(SEC_ERROR_BASE + 76),
-SEC_ERROR_IMPORTING_CERTIFICATES 	    =	(SEC_ERROR_BASE + 77),
-SEC_ERROR_PKCS12_DECODING_PFX 		    =	(SEC_ERROR_BASE + 78),
-SEC_ERROR_PKCS12_INVALID_MAC 		    =	(SEC_ERROR_BASE + 79),
-SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM  =	(SEC_ERROR_BASE + 80),
-SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE =	(SEC_ERROR_BASE + 81),
-SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE 	    =	(SEC_ERROR_BASE + 82),
-SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM  = 	(SEC_ERROR_BASE + 83),
-SEC_ERROR_PKCS12_UNSUPPORTED_VERSION 	    =	(SEC_ERROR_BASE + 84),
-SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT =	(SEC_ERROR_BASE + 85),
-SEC_ERROR_PKCS12_CERT_COLLISION 	    =	(SEC_ERROR_BASE + 86),
-SEC_ERROR_USER_CANCELLED 		    =	(SEC_ERROR_BASE + 87),
-SEC_ERROR_PKCS12_DUPLICATE_DATA 	    =	(SEC_ERROR_BASE + 88),
-SEC_ERROR_MESSAGE_SEND_ABORTED 		    =	(SEC_ERROR_BASE + 89),
-SEC_ERROR_INADEQUATE_KEY_USAGE 		    =	(SEC_ERROR_BASE + 90),
-SEC_ERROR_INADEQUATE_CERT_TYPE 		    =	(SEC_ERROR_BASE + 91),
-SEC_ERROR_CERT_ADDR_MISMATCH 		    =	(SEC_ERROR_BASE + 92),
-SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY 	    =	(SEC_ERROR_BASE + 93),
-SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN 	    =	(SEC_ERROR_BASE + 94),
-SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME = (SEC_ERROR_BASE + 95),
-SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY 	    =	(SEC_ERROR_BASE + 96),
-SEC_ERROR_PKCS12_UNABLE_TO_WRITE 	    = 	(SEC_ERROR_BASE + 97),
-SEC_ERROR_PKCS12_UNABLE_TO_READ 	    =	(SEC_ERROR_BASE + 98),
-SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED 	 = (SEC_ERROR_BASE + 99),
-SEC_ERROR_KEYGEN_FAIL 			    =	(SEC_ERROR_BASE + 100),
-SEC_ERROR_INVALID_PASSWORD 		    =	(SEC_ERROR_BASE + 101),
-SEC_ERROR_RETRY_OLD_PASSWORD 		    =	(SEC_ERROR_BASE + 102),
-SEC_ERROR_BAD_NICKNAME 			    =	(SEC_ERROR_BASE + 103),
-SEC_ERROR_NOT_FORTEZZA_ISSUER 		    = 	(SEC_ERROR_BASE + 104),
-SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY         =   (SEC_ERROR_BASE + 105),
-SEC_ERROR_JS_INVALID_MODULE_NAME 	    =	(SEC_ERROR_BASE + 106),
-SEC_ERROR_JS_INVALID_DLL 		    =	(SEC_ERROR_BASE + 107),
-SEC_ERROR_JS_ADD_MOD_FAILURE 		    =	(SEC_ERROR_BASE + 108),
-SEC_ERROR_JS_DEL_MOD_FAILURE 		    =	(SEC_ERROR_BASE + 109),
-SEC_ERROR_OLD_KRL 			    =	(SEC_ERROR_BASE + 110),
-SEC_ERROR_CKL_CONFLICT 			    =	(SEC_ERROR_BASE + 111),
-SEC_ERROR_CERT_NOT_IN_NAME_SPACE 	    =	(SEC_ERROR_BASE + 112),
-SEC_ERROR_KRL_NOT_YET_VALID 		    =	(SEC_ERROR_BASE + 113),
-SEC_ERROR_CRL_NOT_YET_VALID 		    =	(SEC_ERROR_BASE + 114),
-SEC_ERROR_UNKNOWN_CERT 			    =	(SEC_ERROR_BASE + 115),
-SEC_ERROR_UNKNOWN_SIGNER 		    =	(SEC_ERROR_BASE + 116),
-SEC_ERROR_CERT_BAD_ACCESS_LOCATION 	    =	(SEC_ERROR_BASE + 117),
-SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE 	    =	(SEC_ERROR_BASE + 118),
-SEC_ERROR_OCSP_BAD_HTTP_RESPONSE 	    =	(SEC_ERROR_BASE + 119),
-SEC_ERROR_OCSP_MALFORMED_REQUEST 	    =	(SEC_ERROR_BASE + 120),
-SEC_ERROR_OCSP_SERVER_ERROR 		    =	(SEC_ERROR_BASE + 121),
-SEC_ERROR_OCSP_TRY_SERVER_LATER 	    =	(SEC_ERROR_BASE + 122),
-SEC_ERROR_OCSP_REQUEST_NEEDS_SIG 	    =	(SEC_ERROR_BASE + 123),
-SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST 	    =	(SEC_ERROR_BASE + 124),
-SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS 	    =	(SEC_ERROR_BASE + 125),
-SEC_ERROR_OCSP_UNKNOWN_CERT 		    =	(SEC_ERROR_BASE + 126),
-SEC_ERROR_OCSP_NOT_ENABLED 		    =	(SEC_ERROR_BASE + 127),
-SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER 	    =	(SEC_ERROR_BASE + 128),
-SEC_ERROR_OCSP_MALFORMED_RESPONSE 	    =	(SEC_ERROR_BASE + 129),
-SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE 	    =	(SEC_ERROR_BASE + 130),
-SEC_ERROR_OCSP_FUTURE_RESPONSE 		    =	(SEC_ERROR_BASE + 131),
-SEC_ERROR_OCSP_OLD_RESPONSE 		    =	(SEC_ERROR_BASE + 132),
-/* smime stuff */
-SEC_ERROR_DIGEST_NOT_FOUND		    =	(SEC_ERROR_BASE + 133),
-SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE	    =	(SEC_ERROR_BASE + 134),
-SEC_ERROR_MODULE_STUCK			    =	(SEC_ERROR_BASE + 135)
-
-} SECErrorCodes;
-#endif /* NO_SECURITY_ERROR_ENUM */
-
-#endif /* __SEC_ERR_H_ */
diff --git a/security/nss/lib/util/secinit.c b/security/nss/lib/util/secinit.c
deleted file mode 100644
index a18b1243b..000000000
--- a/security/nss/lib/util/secinit.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "secport.h"
-
-static int sec_inited = 0;
-
-void 
-SEC_Init(void)
-{
-    /* PR_Init() must be called before SEC_Init() */
-#if !defined(SERVER_BUILD)
-    PORT_Assert(PR_Initialized() == PR_TRUE);
-#endif
-    if (sec_inited)
-	return;
-
-    sec_inited = 1;
-}
diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c
deleted file mode 100644
index 9144818da..000000000
--- a/security/nss/lib/util/secitem.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for SECItem data structure.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "base64.h"
-#include "secerr.h"
-
-SECItem *
-SECITEM_AllocItem(PRArenaPool *arena, SECItem *item, unsigned int len)
-{
-    SECItem *result = NULL;
-    void *mark = NULL;
-
-    if (arena != NULL) {
-	mark = PORT_ArenaMark(arena);
-    }
-
-    if (item == NULL) {
-	if (arena != NULL) {
-	    result = PORT_ArenaZAlloc(arena, sizeof(SECItem));
-	} else {
-	    result = PORT_ZAlloc(sizeof(SECItem));
-	}
-	if (result == NULL) {
-	    goto loser;
-	}
-    } else {
-	PORT_Assert(item->data == NULL);
-	result = item;
-    }
-
-    result->len = len;
-    if (len) {
-	if (arena != NULL) {
-	    result->data = PORT_ArenaAlloc(arena, len);
-	} else {
-	    result->data = PORT_Alloc(len);
-	}
-    }
-
-    if (mark) {
-	PORT_ArenaUnmark(arena, mark);
-    }
-    return(result);
-
-loser:
-    if ( arena != NULL ) {
-	if (mark) {
-	    PORT_ArenaRelease(arena, mark);
-	}
-	if (item != NULL) {
-	    item->data = NULL;
-	    item->len = 0;
-	}
-    } else {
-	if (result != NULL) {
-	    SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE);
-	}
-    }
-    return(NULL);
-}
-
-SECStatus
-SECITEM_ReallocItem(PRArenaPool *arena, SECItem *item, unsigned int oldlen,
-		    unsigned int newlen)
-{
-    PORT_Assert(item != NULL);
-    if (item == NULL) {
-	/* XXX Set error.  But to what? */
-	return SECFailure;
-    }
-
-    /*
-     * If no old length, degenerate to just plain alloc.
-     */
-    if (oldlen == 0) {
-	PORT_Assert(item->data == NULL || item->len == 0);
-	if (newlen == 0) {
-	    /* Nothing to do.  Weird, but not a failure.  */
-	    return SECSuccess;
-	}
-	item->len = newlen;
-	if (arena != NULL) {
-	    item->data = PORT_ArenaAlloc(arena, newlen);
-	} else {
-	    item->data = PORT_Alloc(newlen);
-	}
-    } else {
-	if (arena != NULL) {
-	    item->data = PORT_ArenaGrow(arena, item->data, oldlen, newlen);
-	} else {
-	    item->data = PORT_Realloc(item->data, newlen);
-	}
-    }
-
-    if (item->data == NULL) {
-	return SECFailure;
-    }
-
-    return SECSuccess;
-}
-
-SECComparison
-SECITEM_CompareItem(const SECItem *a, const SECItem *b)
-{
-    unsigned m;
-    SECComparison rv;
-
-    m = ( ( a->len < b->len ) ? a->len : b->len );
-    
-    rv = (SECComparison) PORT_Memcmp(a->data, b->data, m);
-    if (rv) {
-	return rv;
-    }
-    if (a->len < b->len) {
-	return SECLessThan;
-    }
-    if (a->len == b->len) {
-	return SECEqual;
-    }
-    return SECGreaterThan;
-}
-
-PRBool
-SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b)
-{
-    if (SECITEM_CompareItem(a, b) == SECEqual)
-	return PR_TRUE;
-
-    return PR_FALSE;
-}
-
-SECItem *
-SECITEM_DupItem(const SECItem *from)
-{
-    SECItem *to;
-    
-    if ( from == NULL ) {
-	return(NULL);
-    }
-    
-    to = (SECItem *)PORT_Alloc(sizeof(SECItem));
-    if ( to == NULL ) {
-	return(NULL);
-    }
-
-    to->data = (unsigned char *)PORT_Alloc(from->len);
-    if ( to->data == NULL ) {
-	PORT_Free(to);
-	return(NULL);
-    }
-
-    to->len = from->len;
-    PORT_Memcpy(to->data, from->data, to->len);
-    
-    return(to);
-}
-
-SECStatus
-SECITEM_CopyItem(PRArenaPool *arena, SECItem *to, const SECItem *from)
-{
-    to->type = from->type;
-    if (from->data && from->len) {
-	if ( arena ) {
-	    to->data = (unsigned char*) PORT_ArenaAlloc(arena, from->len);
-	} else {
-	    to->data = (unsigned char*) PORT_Alloc(from->len);
-	}
-	
-	if (!to->data) {
-	    return SECFailure;
-	}
-	PORT_Memcpy(to->data, from->data, from->len);
-	to->len = from->len;
-    } else {
-	to->data = 0;
-	to->len = 0;
-    }
-    return SECSuccess;
-}
-
-void
-SECITEM_FreeItem(SECItem *zap, PRBool freeit)
-{
-    if (zap) {
-	PORT_Free(zap->data);
-	zap->data = 0;
-	zap->len = 0;
-	if (freeit) {
-	    PORT_Free(zap);
-	}
-    }
-}
-
-void
-SECITEM_ZfreeItem(SECItem *zap, PRBool freeit)
-{
-    if (zap) {
-	PORT_ZFree(zap->data, zap->len);
-	zap->data = 0;
-	zap->len = 0;
-	if (freeit) {
-	    PORT_ZFree(zap, sizeof(SECItem));
-	}
-    }
-}
-/* these reroutines were taken from pkix oid.c, which is supposed to
- * replace this file some day */
-/*
- * This is the hash function.  We simply XOR the encoded form with
- * itself in sizeof(PLHashNumber)-byte chunks.  Improving this
- * routine is left as an excercise for the more mathematically
- * inclined student.
- */
-PLHashNumber PR_CALLBACK
-SECITEM_Hash ( const void *key)
-{
-    const SECItem *item = (const SECItem *)key;
-    PLHashNumber rv = 0;
-
-    PRUint8 *data = (PRUint8 *)item->data;
-    PRUint32 i;
-    PRUint8 *rvc = (PRUint8 *)&rv;
-
-    for( i = 0; i < item->len; i++ ) {
-        rvc[ i % sizeof(rv) ] ^= *data;
-        data++;
-    }
-
-    return rv;
-}
-
-/*
- * This is the key-compare function.  It simply does a lexical
- * comparison on the item data.  This does not result in
- * quite the same ordering as the "sequence of numbers" order,
- * but heck it's only used internally by the hash table anyway.
- */
-PRIntn PR_CALLBACK
-SECITEM_HashCompare ( const void *k1, const void *k2)
-{
-    const SECItem *i1 = (const SECItem *)k1;
-    const SECItem *i2 = (const SECItem *)k2;
-
-    return SECITEM_ItemsAreEqual(i1,i2);
-}
diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h
deleted file mode 100644
index 76a5d16fb..000000000
--- a/security/nss/lib/util/secitem.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECITEM_H_
-#define _SECITEM_H_
-/*
- * secitem.h - public data structures and prototypes for handling
- *	       SECItems
- *
- * $Id$
- */
-
-#include "plarena.h"
-#include "plhash.h"
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Allocate an item.  If "arena" is not NULL, then allocate from there,
-** otherwise allocate from the heap.  If "item" is not NULL, allocate
-** only the data for the item, not the item itself.  The item structure
-** is allocated zero-filled; the data buffer is not zeroed.
-**
-** The resulting item is returned; NULL if any error occurs.
-**
-** XXX This probably should take a SECItemType, but since that is mostly
-** unused and our improved APIs (aka Stan) are looming, I left it out.
-*/
-extern SECItem *SECITEM_AllocItem(PRArenaPool *arena, SECItem *item,
-				  unsigned int len);
-
-/*
-** Reallocate the data for the specified "item".  If "arena" is not NULL,
-** then reallocate from there, otherwise reallocate from the heap.
-** In the case where oldlen is 0, the data is allocated (not reallocated).
-** In any case, "item" is expected to be a valid SECItem pointer;
-** SECFailure is returned if it is not.  If the allocation succeeds,
-** SECSuccess is returned.
-*/
-extern SECStatus SECITEM_ReallocItem(PRArenaPool *arena, SECItem *item,
-				     unsigned int oldlen, unsigned int newlen);
-
-/*
-** Compare two items returning the difference between them.
-*/
-extern SECComparison SECITEM_CompareItem(const SECItem *a, const SECItem *b);
-
-/*
-** Compare two items -- if they are the same, return true; otherwise false.
-*/
-extern PRBool SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b);
-
-/*
-** Copy "from" to "to"
-*/
-extern SECStatus SECITEM_CopyItem(PRArenaPool *arena, SECItem *to, 
-                                  const SECItem *from);
-
-/*
-** Allocate an item and copy "from" into it.
-*/
-extern SECItem *SECITEM_DupItem(const SECItem *from);
-
-/*
-** Free "zap". If freeit is PR_TRUE then "zap" itself is freed.
-*/
-extern void SECITEM_FreeItem(SECItem *zap, PRBool freeit);
-
-/*
-** Zero and then free "zap". If freeit is PR_TRUE then "zap" itself is freed.
-*/
-extern void SECITEM_ZfreeItem(SECItem *zap, PRBool freeit);
-
-PLHashNumber PR_CALLBACK SECITEM_Hash ( const void *key);
-
-PRIntn PR_CALLBACK SECITEM_HashCompare ( const void *k1, const void *k2);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECITEM_H_ */
diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c
deleted file mode 100644
index 3339d1e86..000000000
--- a/security/nss/lib/util/secoid.c
+++ /dev/null
@@ -1,1326 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secoid.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "plhash.h"
-
-/* MISSI Mosaic Object ID space */
-#define USGOV                   0x60, 0x86, 0x48, 0x01, 0x65
-#define MISSI	                USGOV, 0x02, 0x01, 0x01
-#define MISSI_OLD_KEA_DSS	MISSI, 0x0c
-#define MISSI_OLD_DSS		MISSI, 0x02
-#define MISSI_KEA_DSS		MISSI, 0x14
-#define MISSI_DSS		MISSI, 0x13
-#define MISSI_KEA               MISSI, 0x0a
-#define MISSI_ALT_KEA           MISSI, 0x16
-
-#define NISTALGS    USGOV, 3, 4
-#define AES         NISTALGS, 1
-
-/**
- ** The Netscape OID space is allocated by Terry Hayes.  If you need
- ** a piece of the space, contact him at thayes@netscape.com.
- **/
-
-/* Netscape Communications Corporation Object ID space */
-/* { 2 16 840 1 113730 } */
-#define NETSCAPE_OID	          0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42
-#define NETSCAPE_CERT_EXT 	  NETSCAPE_OID, 0x01
-#define NETSCAPE_DATA_TYPE 	  NETSCAPE_OID, 0x02
-/* netscape directory oid - owned by Mark Smith (mcs@netscape.com) */
-#define NETSCAPE_DIRECTORY 	  NETSCAPE_OID, 0x03
-#define NETSCAPE_POLICY 	  NETSCAPE_OID, 0x04
-#define NETSCAPE_CERT_SERVER 	  NETSCAPE_OID, 0x05
-#define NETSCAPE_ALGS 		  NETSCAPE_OID, 0x06 /* algorithm OIDs */
-#define NETSCAPE_NAME_COMPONENTS  NETSCAPE_OID, 0x07
-
-#define NETSCAPE_CERT_EXT_AIA     NETSCAPE_CERT_EXT, 0x10
-#define NETSCAPE_CERT_SERVER_CRMF NETSCAPE_CERT_SERVER, 0x01
-
-/* these are old and should go away soon */
-#define OLD_NETSCAPE		0x60, 0x86, 0x48, 0xd8, 0x6a
-#define NS_CERT_EXT		OLD_NETSCAPE, 0x01
-#define NS_FILE_TYPE		OLD_NETSCAPE, 0x02
-#define NS_IMAGE_TYPE		OLD_NETSCAPE, 0x03
-
-/* RSA OID name space */
-#define RSADSI			0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d
-#define PKCS			RSADSI, 0x01
-#define DIGEST			RSADSI, 0x02
-#define CIPHER			RSADSI, 0x03
-#define PKCS1			PKCS, 0x01
-#define PKCS5			PKCS, 0x05
-#define PKCS7			PKCS, 0x07
-#define PKCS9			PKCS, 0x09
-#define PKCS12			PKCS, 0x0c
-
-/* Fortezza algorithm OID space: { 2 16 840 1 101 2 1 1 } */
-/* ### mwelch -- Is this just for algorithms, or all of Fortezza? */
-#define FORTEZZA_ALG 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01
-
-/* Other OID name spaces */
-#define ALGORITHM		0x2b, 0x0e, 0x03, 0x02
-#define X500			0x55
-#define X520_ATTRIBUTE_TYPE	X500, 0x04
-#define X500_ALG		X500, 0x08
-#define X500_ALG_ENCRYPTION	X500_ALG, 0x01
-
-/** X.509 v3 Extension OID 
- ** {joint-iso-ccitt (2) ds(5) 29}
- **/
-#define	ID_CE_OID 		X500, 0x1d
-
-#define RFC1274_ATTR_TYPE  0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x1
-/* #define RFC2247_ATTR_TYPE  0x09, 0x92, 0x26, 0xf5, 0x98, 0x1e, 0x64, 0x1 this is WRONG! */
-
-/* PKCS #12 name spaces */
-#define PKCS12_MODE_IDS		PKCS12, 0x01
-#define PKCS12_ESPVK_IDS	PKCS12, 0x02
-#define PKCS12_BAG_IDS		PKCS12, 0x03
-#define PKCS12_CERT_BAG_IDS	PKCS12, 0x04
-#define PKCS12_OIDS		PKCS12, 0x05
-#define PKCS12_PBE_IDS		PKCS12_OIDS, 0x01
-#define PKCS12_ENVELOPING_IDS	PKCS12_OIDS, 0x02
-#define PKCS12_SIGNATURE_IDS	PKCS12_OIDS, 0x03
-#define PKCS12_V2_PBE_IDS	PKCS12, 0x01
-#define PKCS9_CERT_TYPES	PKCS9, 0x16
-#define PKCS9_CRL_TYPES		PKCS9, 0x17
-#define PKCS9_SMIME_IDS		PKCS9, 0x10
-#define PKCS9_SMIME_ATTRS	PKCS9_SMIME_IDS, 2
-#define PKCS9_SMIME_ALGS	PKCS9_SMIME_IDS, 3
-#define PKCS12_VERSION1		PKCS12, 0x0a
-#define PKCS12_V1_BAG_IDS	PKCS12_VERSION1, 1
-
-/* for DSA algorithm */
-/* { iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) } */
-#define ANSI_X9_ALGORITHM  0x2a, 0x86, 0x48, 0xce, 0x38, 0x4
-
-/* for DH algorithm */
-/* { iso(1) member-body(2) us(840) x9-57(10046) number-type(2) } */
-/* need real OID person to look at this, copied the above line
- * and added 6 to second to last value (and changed '4' to '2' */
-#define ANSI_X942_ALGORITHM  0x2a, 0x86, 0x48, 0xce, 0x3e, 0x2
-
-#define VERISIGN 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45
-
-#define PKIX 			0x2b, 0x06, 0x01, 0x05, 0x05, 0x07
-#define PKIX_CERT_EXTENSIONS    PKIX, 1
-#define PKIX_POLICY_QUALIFIERS  PKIX, 2
-#define PKIX_KEY_USAGE 		PKIX, 3
-#define PKIX_ACCESS_DESCRIPTION PKIX, 0x30
-#define PKIX_OCSP 		PKIX_ACCESS_DESCRIPTION, 1
-
-#define PKIX_ID_PKIP     	PKIX, 5
-#define PKIX_ID_REGCTRL  	PKIX_ID_PKIP, 1 
-#define PKIX_ID_REGINFO  	PKIX_ID_PKIP, 2
-
-#define CONST_OID static const unsigned char
-
-CONST_OID md2[]        				= { DIGEST, 0x02 };
-CONST_OID md4[]        				= { DIGEST, 0x04 };
-CONST_OID md5[]        				= { DIGEST, 0x05 };
-
-CONST_OID rc2cbc[]     				= { CIPHER, 0x02 };
-CONST_OID rc4[]        				= { CIPHER, 0x04 };
-CONST_OID desede3cbc[] 				= { CIPHER, 0x07 };
-CONST_OID rc5cbcpad[]  				= { CIPHER, 0x09 };
-
-CONST_OID desecb[]                           = { ALGORITHM, 0x06 };
-CONST_OID descbc[]                           = { ALGORITHM, 0x07 };
-CONST_OID desofb[]                           = { ALGORITHM, 0x08 };
-CONST_OID descfb[]                           = { ALGORITHM, 0x09 };
-CONST_OID desmac[]                           = { ALGORITHM, 0x0a };
-CONST_OID sdn702DSASignature[]               = { ALGORITHM, 0x0c };
-CONST_OID isoSHAWithRSASignature[]           = { ALGORITHM, 0x0f };
-CONST_OID desede[]                           = { ALGORITHM, 0x11 };
-CONST_OID sha1[]                             = { ALGORITHM, 0x1a };
-CONST_OID bogusDSASignaturewithSHA1Digest[]  = { ALGORITHM, 0x1b };
-
-CONST_OID pkcs1RSAEncryption[]         		= { PKCS1, 0x01 };
-CONST_OID pkcs1MD2WithRSAEncryption[]  		= { PKCS1, 0x02 };
-CONST_OID pkcs1MD4WithRSAEncryption[]  		= { PKCS1, 0x03 };
-CONST_OID pkcs1MD5WithRSAEncryption[]  		= { PKCS1, 0x04 };
-CONST_OID pkcs1SHA1WithRSAEncryption[] 		= { PKCS1, 0x05 };
-
-CONST_OID pkcs5PbeWithMD2AndDEScbc[]  		= { PKCS5, 0x01 };
-CONST_OID pkcs5PbeWithMD5AndDEScbc[]  		= { PKCS5, 0x03 };
-CONST_OID pkcs5PbeWithSha1AndDEScbc[] 		= { PKCS5, 0x0a };
-
-CONST_OID pkcs7[]                     		= { PKCS7 };
-CONST_OID pkcs7Data[]                 		= { PKCS7, 0x01 };
-CONST_OID pkcs7SignedData[]           		= { PKCS7, 0x02 };
-CONST_OID pkcs7EnvelopedData[]        		= { PKCS7, 0x03 };
-CONST_OID pkcs7SignedEnvelopedData[]  		= { PKCS7, 0x04 };
-CONST_OID pkcs7DigestedData[]         		= { PKCS7, 0x05 };
-CONST_OID pkcs7EncryptedData[]        		= { PKCS7, 0x06 };
-
-CONST_OID pkcs9EmailAddress[]                  = { PKCS9, 0x01 };
-CONST_OID pkcs9UnstructuredName[]              = { PKCS9, 0x02 };
-CONST_OID pkcs9ContentType[]                   = { PKCS9, 0x03 };
-CONST_OID pkcs9MessageDigest[]                 = { PKCS9, 0x04 };
-CONST_OID pkcs9SigningTime[]                   = { PKCS9, 0x05 };
-CONST_OID pkcs9CounterSignature[]              = { PKCS9, 0x06 };
-CONST_OID pkcs9ChallengePassword[]             = { PKCS9, 0x07 };
-CONST_OID pkcs9UnstructuredAddress[]           = { PKCS9, 0x08 };
-CONST_OID pkcs9ExtendedCertificateAttributes[] = { PKCS9, 0x09 };
-CONST_OID pkcs9SMIMECapabilities[]             = { PKCS9, 15 };
-CONST_OID pkcs9FriendlyName[]                  = { PKCS9, 20 };
-CONST_OID pkcs9LocalKeyID[]                    = { PKCS9, 21 };
-
-CONST_OID pkcs9X509Certificate[]        	= { PKCS9_CERT_TYPES, 1 };
-CONST_OID pkcs9SDSICertificate[]        	= { PKCS9_CERT_TYPES, 2 };
-CONST_OID pkcs9X509CRL[]                	= { PKCS9_CRL_TYPES, 1 };
-
-/* RFC2630 (CMS) OIDs */
-CONST_OID cmsESDH[]     			= { PKCS9_SMIME_ALGS, 5 };
-CONST_OID cms3DESwrap[] 			= { PKCS9_SMIME_ALGS, 6 };
-CONST_OID cmsRC2wrap[]  			= { PKCS9_SMIME_ALGS, 7 };
-
-/* RFC2633 SMIME message attributes */
-CONST_OID smimeEncryptionKeyPreference[] 	= { PKCS9_SMIME_ATTRS, 11 };
-
-CONST_OID x520CommonName[]          		= { X520_ATTRIBUTE_TYPE, 3 };
-CONST_OID x520CountryName[]         		= { X520_ATTRIBUTE_TYPE, 6 };
-CONST_OID x520LocalityName[]        		= { X520_ATTRIBUTE_TYPE, 7 };
-CONST_OID x520StateOrProvinceName[] 		= { X520_ATTRIBUTE_TYPE, 8 };
-CONST_OID x520OrgName[]             		= { X520_ATTRIBUTE_TYPE, 10 };
-CONST_OID x520OrgUnitName[]         		= { X520_ATTRIBUTE_TYPE, 11 };
-CONST_OID x520DnQualifier[]         		= { X520_ATTRIBUTE_TYPE, 46 };
-
-CONST_OID nsTypeGIF[]          			= { NETSCAPE_DATA_TYPE, 0x01 };
-CONST_OID nsTypeJPEG[]         			= { NETSCAPE_DATA_TYPE, 0x02 };
-CONST_OID nsTypeURL[]          			= { NETSCAPE_DATA_TYPE, 0x03 };
-CONST_OID nsTypeHTML[]         			= { NETSCAPE_DATA_TYPE, 0x04 };
-CONST_OID nsTypeCertSeq[]      			= { NETSCAPE_DATA_TYPE, 0x05 };
-
-CONST_OID missiCertKEADSSOld[] 			= { MISSI_OLD_KEA_DSS };
-CONST_OID missiCertDSSOld[]    			= { MISSI_OLD_DSS };
-CONST_OID missiCertKEADSS[]    			= { MISSI_KEA_DSS };
-CONST_OID missiCertDSS[]       			= { MISSI_DSS };
-CONST_OID missiCertKEA[]       			= { MISSI_KEA };
-CONST_OID missiCertAltKEA[]    			= { MISSI_ALT_KEA };
-CONST_OID x500RSAEncryption[]  			= { X500_ALG_ENCRYPTION, 0x01 };
-
-/* added for alg 1485 */
-CONST_OID rfc1274Uid[]             		= { RFC1274_ATTR_TYPE, 1 };
-CONST_OID rfc1274Mail[]            		= { RFC1274_ATTR_TYPE, 3 };
-CONST_OID rfc2247DomainComponent[] 		= { RFC1274_ATTR_TYPE, 25 };
-
-/* Netscape private certificate extensions */
-CONST_OID nsCertExtNetscapeOK[]  		= { NS_CERT_EXT, 1 };
-CONST_OID nsCertExtIssuerLogo[]  		= { NS_CERT_EXT, 2 };
-CONST_OID nsCertExtSubjectLogo[] 		= { NS_CERT_EXT, 3 };
-CONST_OID nsExtCertType[]        		= { NETSCAPE_CERT_EXT, 0x01 };
-CONST_OID nsExtBaseURL[]         		= { NETSCAPE_CERT_EXT, 0x02 };
-CONST_OID nsExtRevocationURL[]   		= { NETSCAPE_CERT_EXT, 0x03 };
-CONST_OID nsExtCARevocationURL[] 		= { NETSCAPE_CERT_EXT, 0x04 };
-CONST_OID nsExtCACRLURL[]        		= { NETSCAPE_CERT_EXT, 0x05 };
-CONST_OID nsExtCACertURL[]       		= { NETSCAPE_CERT_EXT, 0x06 };
-CONST_OID nsExtCertRenewalURL[]  		= { NETSCAPE_CERT_EXT, 0x07 };
-CONST_OID nsExtCAPolicyURL[]     		= { NETSCAPE_CERT_EXT, 0x08 };
-CONST_OID nsExtHomepageURL[]     		= { NETSCAPE_CERT_EXT, 0x09 };
-CONST_OID nsExtEntityLogo[]      		= { NETSCAPE_CERT_EXT, 0x0a };
-CONST_OID nsExtUserPicture[]     		= { NETSCAPE_CERT_EXT, 0x0b };
-CONST_OID nsExtSSLServerName[]   		= { NETSCAPE_CERT_EXT, 0x0c };
-CONST_OID nsExtComment[]         		= { NETSCAPE_CERT_EXT, 0x0d };
-
-/* the following 2 extensions are defined for and used by Cartman(NSM) */
-CONST_OID nsExtLostPasswordURL[] 		= { NETSCAPE_CERT_EXT, 0x0e };
-CONST_OID nsExtCertRenewalTime[] 		= { NETSCAPE_CERT_EXT, 0x0f };
-
-CONST_OID nsExtAIACertRenewal[]    	= { NETSCAPE_CERT_EXT_AIA, 0x01 };
-CONST_OID nsExtCertScopeOfUse[]    	= { NETSCAPE_CERT_EXT, 0x11 };
-/* Reserved Netscape (2 16 840 1 113730 1 18) = { NETSCAPE_CERT_EXT, 0x12 }; */
-
-/* Netscape policy values */
-CONST_OID nsKeyUsageGovtApproved[] 	= { NETSCAPE_POLICY, 0x01 };
-
-/* Netscape other name types */
-CONST_OID netscapeNickname[] 		= { NETSCAPE_NAME_COMPONENTS, 0x01};
-/* Reserved Netscape REF605437
-   (2 16 840 1 113730 7 2) = { NETSCAPE_NAME_COMPONENTS, 0x02 }; */
-
-/* OIDs needed for cert server */
-CONST_OID netscapeRecoveryRequest[] 	= { NETSCAPE_CERT_SERVER_CRMF, 0x01 };
-
-
-/* Standard x.509 v3 Certificate Extensions */
-CONST_OID x509SubjectDirectoryAttr[]  		= { ID_CE_OID,  9 };
-CONST_OID x509SubjectKeyID[]          		= { ID_CE_OID, 14 };
-CONST_OID x509KeyUsage[]              		= { ID_CE_OID, 15 };
-CONST_OID x509PrivateKeyUsagePeriod[] 		= { ID_CE_OID, 16 };
-CONST_OID x509SubjectAltName[]        		= { ID_CE_OID, 17 };
-CONST_OID x509IssuerAltName[]         		= { ID_CE_OID, 18 };
-CONST_OID x509BasicConstraints[]      		= { ID_CE_OID, 19 };
-CONST_OID x509NameConstraints[]       		= { ID_CE_OID, 30 };
-CONST_OID x509CRLDistPoints[]         		= { ID_CE_OID, 31 };
-CONST_OID x509CertificatePolicies[]   		= { ID_CE_OID, 32 };
-CONST_OID x509PolicyMappings[]        		= { ID_CE_OID, 33 };
-CONST_OID x509PolicyConstraints[]     		= { ID_CE_OID, 34 };
-CONST_OID x509AuthKeyID[]             		= { ID_CE_OID, 35 };
-CONST_OID x509ExtKeyUsage[]           		= { ID_CE_OID, 37 };
-CONST_OID x509AuthInfoAccess[]        		= { PKIX_CERT_EXTENSIONS, 1 };
-
-/* Standard x.509 v3 CRL Extensions */
-CONST_OID x509CrlNumber[]                    	= { ID_CE_OID, 20};
-CONST_OID x509ReasonCode[]                   	= { ID_CE_OID, 21};
-CONST_OID x509InvalidDate[]                  	= { ID_CE_OID, 24};
-
-/* pkcs 12 additions */
-CONST_OID pkcs12[]                           = { PKCS12 };
-CONST_OID pkcs12ModeIDs[]                    = { PKCS12_MODE_IDS };
-CONST_OID pkcs12ESPVKIDs[]                   = { PKCS12_ESPVK_IDS };
-CONST_OID pkcs12BagIDs[]                     = { PKCS12_BAG_IDS };
-CONST_OID pkcs12CertBagIDs[]                 = { PKCS12_CERT_BAG_IDS };
-CONST_OID pkcs12OIDs[]                       = { PKCS12_OIDS };
-CONST_OID pkcs12PBEIDs[]                     = { PKCS12_PBE_IDS };
-CONST_OID pkcs12EnvelopingIDs[]              = { PKCS12_ENVELOPING_IDS };
-CONST_OID pkcs12SignatureIDs[]               = { PKCS12_SIGNATURE_IDS };
-CONST_OID pkcs12PKCS8KeyShrouding[]          = { PKCS12_ESPVK_IDS, 0x01 };
-CONST_OID pkcs12KeyBagID[]                   = { PKCS12_BAG_IDS, 0x01 };
-CONST_OID pkcs12CertAndCRLBagID[]            = { PKCS12_BAG_IDS, 0x02 };
-CONST_OID pkcs12SecretBagID[]                = { PKCS12_BAG_IDS, 0x03 };
-CONST_OID pkcs12X509CertCRLBag[]             = { PKCS12_CERT_BAG_IDS, 0x01 };
-CONST_OID pkcs12SDSICertBag[]                = { PKCS12_CERT_BAG_IDS, 0x02 };
-CONST_OID pkcs12PBEWithSha1And128BitRC4[]    = { PKCS12_PBE_IDS, 0x01 };
-CONST_OID pkcs12PBEWithSha1And40BitRC4[]     = { PKCS12_PBE_IDS, 0x02 };
-CONST_OID pkcs12PBEWithSha1AndTripleDESCBC[] = { PKCS12_PBE_IDS, 0x03 };
-CONST_OID pkcs12PBEWithSha1And128BitRC2CBC[] = { PKCS12_PBE_IDS, 0x04 };
-CONST_OID pkcs12PBEWithSha1And40BitRC2CBC[]  = { PKCS12_PBE_IDS, 0x05 };
-CONST_OID pkcs12RSAEncryptionWith128BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x01 };
-CONST_OID pkcs12RSAEncryptionWith40BitRC4[]  = { PKCS12_ENVELOPING_IDS, 0x02 };
-CONST_OID pkcs12RSAEncryptionWithTripleDES[] = { PKCS12_ENVELOPING_IDS, 0x03 }; 
-CONST_OID pkcs12RSASignatureWithSHA1Digest[] = { PKCS12_SIGNATURE_IDS, 0x01 };
-
-/* pkcs 12 version 1.0 ids */
-CONST_OID pkcs12V2PBEWithSha1And128BitRC4[]       = { PKCS12_V2_PBE_IDS, 0x01 };
-CONST_OID pkcs12V2PBEWithSha1And40BitRC4[]        = { PKCS12_V2_PBE_IDS, 0x02 };
-CONST_OID pkcs12V2PBEWithSha1And3KeyTripleDEScbc[]= { PKCS12_V2_PBE_IDS, 0x03 };
-CONST_OID pkcs12V2PBEWithSha1And2KeyTripleDEScbc[]= { PKCS12_V2_PBE_IDS, 0x04 };
-CONST_OID pkcs12V2PBEWithSha1And128BitRC2cbc[]    = { PKCS12_V2_PBE_IDS, 0x05 };
-CONST_OID pkcs12V2PBEWithSha1And40BitRC2cbc[]     = { PKCS12_V2_PBE_IDS, 0x06 };
-
-CONST_OID pkcs12SafeContentsID[]                  = { PKCS12_BAG_IDS, 0x04 };
-CONST_OID pkcs12PKCS8ShroudedKeyBagID[]           = { PKCS12_BAG_IDS, 0x05 };
-
-CONST_OID pkcs12V1KeyBag[]              	= { PKCS12_V1_BAG_IDS, 0x01 };
-CONST_OID pkcs12V1PKCS8ShroudedKeyBag[] 	= { PKCS12_V1_BAG_IDS, 0x02 };
-CONST_OID pkcs12V1CertBag[]             	= { PKCS12_V1_BAG_IDS, 0x03 };
-CONST_OID pkcs12V1CRLBag[]              	= { PKCS12_V1_BAG_IDS, 0x04 };
-CONST_OID pkcs12V1SecretBag[]           	= { PKCS12_V1_BAG_IDS, 0x05 };
-CONST_OID pkcs12V1SafeContentsBag[]     	= { PKCS12_V1_BAG_IDS, 0x06 };
-
-CONST_OID pkcs12KeyUsageAttr[]          	= { 2, 5, 29, 15 };
-
-CONST_OID ansix9DSASignature[]               	= { ANSI_X9_ALGORITHM, 0x01 };
-CONST_OID ansix9DSASignaturewithSHA1Digest[] 	= { ANSI_X9_ALGORITHM, 0x03 };
-
-/* verisign OIDs */
-CONST_OID verisignUserNotices[]     		= { VERISIGN, 1, 7, 1, 1 };
-
-/* pkix OIDs */
-CONST_OID pkixCPSPointerQualifier[] 		= { PKIX_POLICY_QUALIFIERS, 1 };
-CONST_OID pkixUserNoticeQualifier[] 		= { PKIX_POLICY_QUALIFIERS, 2 };
-
-CONST_OID pkixOCSP[]				= { PKIX_OCSP };
-CONST_OID pkixOCSPBasicResponse[]		= { PKIX_OCSP, 1 };
-CONST_OID pkixOCSPNonce[]			= { PKIX_OCSP, 2 };
-CONST_OID pkixOCSPCRL[] 			= { PKIX_OCSP, 3 };
-CONST_OID pkixOCSPResponse[]			= { PKIX_OCSP, 4 };
-CONST_OID pkixOCSPNoCheck[]			= { PKIX_OCSP, 5 };
-CONST_OID pkixOCSPArchiveCutoff[]		= { PKIX_OCSP, 6 };
-CONST_OID pkixOCSPServiceLocator[]		= { PKIX_OCSP, 7 };
-
-CONST_OID pkixRegCtrlRegToken[]       		= { PKIX_ID_REGCTRL, 1};
-CONST_OID pkixRegCtrlAuthenticator[]  		= { PKIX_ID_REGCTRL, 2};
-CONST_OID pkixRegCtrlPKIPubInfo[]     		= { PKIX_ID_REGCTRL, 3};
-CONST_OID pkixRegCtrlPKIArchOptions[] 		= { PKIX_ID_REGCTRL, 4};
-CONST_OID pkixRegCtrlOldCertID[]      		= { PKIX_ID_REGCTRL, 5};
-CONST_OID pkixRegCtrlProtEncKey[]     		= { PKIX_ID_REGCTRL, 6};
-CONST_OID pkixRegInfoUTF8Pairs[]      		= { PKIX_ID_REGINFO, 1};
-CONST_OID pkixRegInfoCertReq[]        		= { PKIX_ID_REGINFO, 2};
-
-CONST_OID pkixExtendedKeyUsageServerAuth[]    	= { PKIX_KEY_USAGE, 1 };
-CONST_OID pkixExtendedKeyUsageClientAuth[]    	= { PKIX_KEY_USAGE, 2 };
-CONST_OID pkixExtendedKeyUsageCodeSign[]      	= { PKIX_KEY_USAGE, 3 };
-CONST_OID pkixExtendedKeyUsageEMailProtect[]  	= { PKIX_KEY_USAGE, 4 };
-CONST_OID pkixExtendedKeyUsageTimeStamp[]     	= { PKIX_KEY_USAGE, 8 };
-CONST_OID pkixOCSPResponderExtendedKeyUsage[] 	= { PKIX_KEY_USAGE, 9 };
-
-/* OIDs for Netscape defined algorithms */
-CONST_OID netscapeSMimeKEA[] 			= { NETSCAPE_ALGS, 0x01 };
-
-/* Fortezza algorithm OIDs */
-CONST_OID skipjackCBC[] 			= { FORTEZZA_ALG, 0x04 };
-CONST_OID dhPublicKey[] 			= { ANSI_X942_ALGORITHM, 0x1 };
-
-CONST_OID aes128_ECB[] 				= { AES, 1 };
-CONST_OID aes128_CBC[] 				= { AES, 2 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes128_OFB[] 				= { AES, 3 };
-CONST_OID aes128_CFB[] 				= { AES, 4 };
-#endif
-
-CONST_OID aes192_ECB[] 				= { AES, 21 };
-CONST_OID aes192_CBC[] 				= { AES, 22 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes192_OFB[] 				= { AES, 23 };
-CONST_OID aes192_CFB[] 				= { AES, 24 };
-#endif
-
-CONST_OID aes256_ECB[] 				= { AES, 41 };
-CONST_OID aes256_CBC[] 				= { AES, 42 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes256_OFB[] 				= { AES, 43 };
-CONST_OID aes256_CFB[] 				= { AES, 44 };
-#endif
-
-#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
-#ifndef SECOID_NO_STRINGS
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
-#else
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, 0, mech, ext }
-#endif
-
-/*
- * NOTE: the order of these entries must mach the SECOidTag enum in secoidt.h!
- */
-const static SECOidData oids[] = {
-    { { siDEROID, NULL, 0 }, SEC_OID_UNKNOWN,
-	"Unknown OID", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION },
-    OD( md2, SEC_OID_MD2, "MD2", CKM_MD2, INVALID_CERT_EXTENSION ),
-    OD( md4, SEC_OID_MD4,
-	"MD4", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( md5, SEC_OID_MD5, "MD5", CKM_MD5, INVALID_CERT_EXTENSION ),
-    OD( sha1, SEC_OID_SHA1, "SHA-1", CKM_SHA_1, INVALID_CERT_EXTENSION ),
-    OD( rc2cbc, SEC_OID_RC2_CBC,
-	"RC2-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION ),
-    OD( rc4, SEC_OID_RC4, "RC4", CKM_RC4, INVALID_CERT_EXTENSION ),
-    OD( desede3cbc, SEC_OID_DES_EDE3_CBC,
-	"DES-EDE3-CBC", CKM_DES3_CBC, INVALID_CERT_EXTENSION ),
-    OD( rc5cbcpad, SEC_OID_RC5_CBC_PAD,
-	"RC5-CBCPad", CKM_RC5_CBC, INVALID_CERT_EXTENSION ),
-    OD( desecb, SEC_OID_DES_ECB,
-	"DES-ECB", CKM_DES_ECB, INVALID_CERT_EXTENSION ),
-    OD( descbc, SEC_OID_DES_CBC,
-	"DES-CBC", CKM_DES_CBC, INVALID_CERT_EXTENSION ),
-    OD( desofb, SEC_OID_DES_OFB,
-	"DES-OFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( descfb, SEC_OID_DES_CFB,
-	"DES-CFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( desmac, SEC_OID_DES_MAC,
-	"DES-MAC", CKM_DES_MAC, INVALID_CERT_EXTENSION ),
-    OD( desede, SEC_OID_DES_EDE,
-	"DES-EDE", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( isoSHAWithRSASignature, SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE,
-	"ISO SHA with RSA Signature", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs1RSAEncryption, SEC_OID_PKCS1_RSA_ENCRYPTION,
-	"PKCS #1 RSA Encryption", CKM_RSA_PKCS, INVALID_CERT_EXTENSION ),
-
-    /* the following Signing mechanisms should get new CKM_ values when
-     * values for CKM_RSA_WITH_MDX and CKM_RSA_WITH_SHA_1 get defined in
-     * PKCS #11.
-     */
-    OD( pkcs1MD2WithRSAEncryption, SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION,
-	"PKCS #1 MD2 With RSA Encryption", CKM_MD2_RSA_PKCS,
-	INVALID_CERT_EXTENSION ),
-    OD( pkcs1MD4WithRSAEncryption, SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION,
-	"PKCS #1 MD4 With RSA Encryption", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs1MD5WithRSAEncryption, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,
-	"PKCS #1 MD5 With RSA Encryption", CKM_MD5_RSA_PKCS,
-	INVALID_CERT_EXTENSION ),
-    OD( pkcs1SHA1WithRSAEncryption, SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION,
-	"PKCS #1 SHA-1 With RSA Encryption", CKM_SHA1_RSA_PKCS,
-	INVALID_CERT_EXTENSION ),
-
-    OD( pkcs5PbeWithMD2AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC,
-	"PKCS #5 Password Based Encryption with MD2 and DES CBC",
-	CKM_PBE_MD2_DES_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs5PbeWithMD5AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC,
-	"PKCS #5 Password Based Encryption with MD5 and DES CBC",
-	CKM_PBE_MD5_DES_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs5PbeWithSha1AndDEScbc, SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
-	"PKCS #5 Password Based Encryption with SHA1 and DES CBC", 
-	CKM_NETSCAPE_PBE_SHA1_DES_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs7, SEC_OID_PKCS7,
-	"PKCS #7", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs7Data, SEC_OID_PKCS7_DATA,
-	"PKCS #7 Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs7SignedData, SEC_OID_PKCS7_SIGNED_DATA,
-	"PKCS #7 Signed Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs7EnvelopedData, SEC_OID_PKCS7_ENVELOPED_DATA,
-	"PKCS #7 Enveloped Data", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs7SignedEnvelopedData, SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA,
-	"PKCS #7 Signed And Enveloped Data", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs7DigestedData, SEC_OID_PKCS7_DIGESTED_DATA,
-	"PKCS #7 Digested Data", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs7EncryptedData, SEC_OID_PKCS7_ENCRYPTED_DATA,
-	"PKCS #7 Encrypted Data", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9EmailAddress, SEC_OID_PKCS9_EMAIL_ADDRESS,
-	"PKCS #9 Email Address", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9UnstructuredName, SEC_OID_PKCS9_UNSTRUCTURED_NAME,
-	"PKCS #9 Unstructured Name", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9ContentType, SEC_OID_PKCS9_CONTENT_TYPE,
-	"PKCS #9 Content Type", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9MessageDigest, SEC_OID_PKCS9_MESSAGE_DIGEST,
-	"PKCS #9 Message Digest", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9SigningTime, SEC_OID_PKCS9_SIGNING_TIME,
-	"PKCS #9 Signing Time", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9CounterSignature, SEC_OID_PKCS9_COUNTER_SIGNATURE,
-	"PKCS #9 Counter Signature", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9ChallengePassword, SEC_OID_PKCS9_CHALLENGE_PASSWORD,
-	"PKCS #9 Challenge Password", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9UnstructuredAddress, SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS,
-	"PKCS #9 Unstructured Address", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9ExtendedCertificateAttributes,
-	SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES,
-	"PKCS #9 Extended Certificate Attributes", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9SMIMECapabilities, SEC_OID_PKCS9_SMIME_CAPABILITIES,
-	"PKCS #9 S/MIME Capabilities", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520CommonName, SEC_OID_AVA_COMMON_NAME,
-	"X520 Common Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520CountryName, SEC_OID_AVA_COUNTRY_NAME,
-	"X520 Country Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520LocalityName, SEC_OID_AVA_LOCALITY,
-	"X520 Locality Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520StateOrProvinceName, SEC_OID_AVA_STATE_OR_PROVINCE,
-	"X520 State Or Province Name", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520OrgName, SEC_OID_AVA_ORGANIZATION_NAME,
-	"X520 Organization Name", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520OrgUnitName, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME,
-	"X520 Organizational Unit Name", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( x520DnQualifier, SEC_OID_AVA_DN_QUALIFIER,
-	"X520 DN Qualifier", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( rfc2247DomainComponent, SEC_OID_AVA_DC,
-	"RFC 2247 Domain Component", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    OD( nsTypeGIF, SEC_OID_NS_TYPE_GIF,
-	"GIF", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( nsTypeJPEG, SEC_OID_NS_TYPE_JPEG,
-	"JPEG", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( nsTypeURL, SEC_OID_NS_TYPE_URL,
-	"URL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( nsTypeHTML, SEC_OID_NS_TYPE_HTML,
-	"HTML", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( nsTypeCertSeq, SEC_OID_NS_TYPE_CERT_SEQUENCE,
-	"Certificate Sequence", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( missiCertKEADSSOld, SEC_OID_MISSI_KEA_DSS_OLD, 
-	"MISSI KEA and DSS Algorithm (Old)",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( missiCertDSSOld, SEC_OID_MISSI_DSS_OLD, 
-	"MISSI DSS Algorithm (Old)",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( missiCertKEADSS, SEC_OID_MISSI_KEA_DSS, 
-	"MISSI KEA and DSS Algorithm",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( missiCertDSS, SEC_OID_MISSI_DSS, 
-	"MISSI DSS Algorithm",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( missiCertKEA, SEC_OID_MISSI_KEA, 
-	"MISSI KEA Algorithm",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( missiCertAltKEA, SEC_OID_MISSI_ALT_KEA, 
-	"MISSI Alternate KEA Algorithm",
-          CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    /* Netscape private extensions */
-    OD( nsCertExtNetscapeOK, SEC_OID_NS_CERT_EXT_NETSCAPE_OK,
-	"Netscape says this cert is OK",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsCertExtIssuerLogo, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
-	"Certificate Issuer Logo",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsCertExtSubjectLogo, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
-	"Certificate Subject Logo",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsExtCertType, SEC_OID_NS_CERT_EXT_CERT_TYPE,
-	"Certificate Type",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtBaseURL, SEC_OID_NS_CERT_EXT_BASE_URL,
-	"Certificate Extension Base URL",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtRevocationURL, SEC_OID_NS_CERT_EXT_REVOCATION_URL,
-	"Certificate Revocation URL",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtCARevocationURL, SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL,
-	"Certificate Authority Revocation URL",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtCACRLURL, SEC_OID_NS_CERT_EXT_CA_CRL_URL,
-	"Certificate Authority CRL Download URL",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsExtCACertURL, SEC_OID_NS_CERT_EXT_CA_CERT_URL,
-	"Certificate Authority Certificate Download URL",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsExtCertRenewalURL, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL,
-	"Certificate Renewal URL", 
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ), 
-    OD( nsExtCAPolicyURL, SEC_OID_NS_CERT_EXT_CA_POLICY_URL,
-	"Certificate Authority Policy URL",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtHomepageURL, SEC_OID_NS_CERT_EXT_HOMEPAGE_URL,
-	"Certificate Homepage URL", 
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsExtEntityLogo, SEC_OID_NS_CERT_EXT_ENTITY_LOGO,
-	"Certificate Entity Logo", 
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsExtUserPicture, SEC_OID_NS_CERT_EXT_USER_PICTURE,
-	"Certificate User Picture", 
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( nsExtSSLServerName, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME,
-	"Certificate SSL Server Name", 
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtComment, SEC_OID_NS_CERT_EXT_COMMENT,
-	"Certificate Comment", 
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtLostPasswordURL, SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL,
-        "Lost Password URL", 
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsExtCertRenewalTime, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME, 
-	"Certificate Renewal Time", 
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( nsKeyUsageGovtApproved, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED,
-	"Strong Crypto Export Approved",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-
-
-    /* x.509 v3 certificate extensions */
-    OD( x509SubjectDirectoryAttr, SEC_OID_X509_SUBJECT_DIRECTORY_ATTR,
-	"Certificate Subject Directory Attributes",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
-    OD( x509SubjectKeyID, SEC_OID_X509_SUBJECT_KEY_ID, 
-	"Certificate Subject Key ID",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509KeyUsage, SEC_OID_X509_KEY_USAGE, 
-	"Certificate Key Usage",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509PrivateKeyUsagePeriod, SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD,
-	"Certificate Private Key Usage Period",
-        CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( x509SubjectAltName, SEC_OID_X509_SUBJECT_ALT_NAME, 
-	"Certificate Subject Alt Name",
-        CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509IssuerAltName, SEC_OID_X509_ISSUER_ALT_NAME, 
-	"Certificate Issuer Alt Name",
-        CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( x509BasicConstraints, SEC_OID_X509_BASIC_CONSTRAINTS, 
-	"Certificate Basic Constraints",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509NameConstraints, SEC_OID_X509_NAME_CONSTRAINTS, 
-	"Certificate Name Constraints",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509CRLDistPoints, SEC_OID_X509_CRL_DIST_POINTS, 
-	"CRL Distribution Points",
-	CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( x509CertificatePolicies, SEC_OID_X509_CERTIFICATE_POLICIES,
-	"Certificate Policies",
-        CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( x509PolicyMappings, SEC_OID_X509_POLICY_MAPPINGS, 
-	"Certificate Policy Mappings",
-        CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( x509PolicyConstraints, SEC_OID_X509_POLICY_CONSTRAINTS, 
-	"Certificate Policy Constraints",
-        CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-    OD( x509AuthKeyID, SEC_OID_X509_AUTH_KEY_ID, 
-	"Certificate Authority Key Identifier",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509ExtKeyUsage, SEC_OID_X509_EXT_KEY_USAGE, 
-	"Extended Key Usage",
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509AuthInfoAccess, SEC_OID_X509_AUTH_INFO_ACCESS, 
-	"Authority Information Access",
-        CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-
-    /* x.509 v3 CRL extensions */
-    OD( x509CrlNumber, SEC_OID_X509_CRL_NUMBER, 
-	"CRL Number", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509ReasonCode, SEC_OID_X509_REASON_CODE, 
-	"CRL reason code", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( x509InvalidDate, SEC_OID_X509_INVALID_DATE, 
-	"Invalid Date", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-	
-    OD( x500RSAEncryption, SEC_OID_X500_RSA_ENCRYPTION,
-	"X500 RSA Encryption", CKM_RSA_X_509, INVALID_CERT_EXTENSION ),
-
-    /* added for alg 1485 */
-    OD( rfc1274Uid, SEC_OID_RFC1274_UID,
-	"RFC1274 User Id", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( rfc1274Mail, SEC_OID_RFC1274_MAIL,
-	"RFC1274 E-mail Address", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    /* pkcs 12 additions */
-    OD( pkcs12, SEC_OID_PKCS12,
-	"PKCS #12", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12ModeIDs, SEC_OID_PKCS12_MODE_IDS,
-	"PKCS #12 Mode IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12ESPVKIDs, SEC_OID_PKCS12_ESPVK_IDS,
-	"PKCS #12 ESPVK IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12BagIDs, SEC_OID_PKCS12_BAG_IDS,
-	"PKCS #12 Bag IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12CertBagIDs, SEC_OID_PKCS12_CERT_BAG_IDS,
-	"PKCS #12 Cert Bag IDs", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12OIDs, SEC_OID_PKCS12_OIDS,
-	"PKCS #12 OIDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PBEIDs, SEC_OID_PKCS12_PBE_IDS,
-	"PKCS #12 PBE IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12SignatureIDs, SEC_OID_PKCS12_SIGNATURE_IDS,
-	"PKCS #12 Signature IDs", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12EnvelopingIDs, SEC_OID_PKCS12_ENVELOPING_IDS,
-	"PKCS #12 Enveloping IDs", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PKCS8KeyShrouding, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING,
-	"PKCS #12 Key Shrouding", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12KeyBagID, SEC_OID_PKCS12_KEY_BAG_ID,
-	"PKCS #12 Key Bag ID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12CertAndCRLBagID, SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
-	"PKCS #12 Cert And CRL Bag ID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12SecretBagID, SEC_OID_PKCS12_SECRET_BAG_ID,
-	"PKCS #12 Secret Bag ID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12X509CertCRLBag, SEC_OID_PKCS12_X509_CERT_CRL_BAG,
-	"PKCS #12 X509 Cert CRL Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12SDSICertBag, SEC_OID_PKCS12_SDSI_CERT_BAG,
-	"PKCS #12 SDSI Cert Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PBEWithSha1And128BitRC4,
-	SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4,
-	"PKCS #12 PBE With Sha1 and 128 Bit RC4", 
-	CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PBEWithSha1And40BitRC4,
-	SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4,
-	"PKCS #12 PBE With Sha1 and 40 Bit RC4", 
-	CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PBEWithSha1AndTripleDESCBC,
-	SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC,
-	"PKCS #12 PBE With Sha1 and Triple DES CBC", 
-	CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PBEWithSha1And128BitRC2CBC,
-	SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
-	"PKCS #12 PBE With Sha1 and 128 Bit RC2 CBC", 
-	CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PBEWithSha1And40BitRC2CBC,
-	SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
-	"PKCS #12 PBE With Sha1 and 40 Bit RC2 CBC", 
-	CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12RSAEncryptionWith128BitRC4,
-	SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4,
-	"PKCS #12 RSA Encryption with 128 Bit RC4",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12RSAEncryptionWith40BitRC4,
-	SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4,
-	"PKCS #12 RSA Encryption with 40 Bit RC4",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12RSAEncryptionWithTripleDES,
-	SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES,
-	"PKCS #12 RSA Encryption with Triple DES",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12RSASignatureWithSHA1Digest,
-	SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST,
-	"PKCS #12 RSA Encryption with Triple DES",
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    /* DSA signatures */
-    OD( ansix9DSASignature, SEC_OID_ANSIX9_DSA_SIGNATURE,
-	"ANSI X9.57 DSA Signature", CKM_DSA, INVALID_CERT_EXTENSION ),
-    OD( ansix9DSASignaturewithSHA1Digest,
-        SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST,
-	"ANSI X9.57 DSA Signature with SHA1 Digest", 
-	CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-    OD( bogusDSASignaturewithSHA1Digest,
-        SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST,
-	"FORTEZZA DSA Signature with SHA1 Digest", 
-	CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-
-    /* verisign oids */
-    OD( verisignUserNotices, SEC_OID_VERISIGN_USER_NOTICES,
-	"Verisign User Notices", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    /* pkix oids */
-    OD( pkixCPSPointerQualifier, SEC_OID_PKIX_CPS_POINTER_QUALIFIER,
-	"PKIX CPS Pointer Qualifier", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixUserNoticeQualifier, SEC_OID_PKIX_USER_NOTICE_QUALIFIER,
-	"PKIX User Notice Qualifier", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    OD( pkixOCSP, SEC_OID_PKIX_OCSP,
-	"PKIX Online Certificate Status Protocol", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixOCSPBasicResponse, SEC_OID_PKIX_OCSP_BASIC_RESPONSE,
-	"OCSP Basic Response", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixOCSPNonce, SEC_OID_PKIX_OCSP_NONCE,
-	"OCSP Nonce Extension", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixOCSPCRL, SEC_OID_PKIX_OCSP_CRL,
-	"OCSP CRL Reference Extension", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixOCSPResponse, SEC_OID_PKIX_OCSP_RESPONSE,
-	"OCSP Response Types Extension", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixOCSPNoCheck, SEC_OID_PKIX_OCSP_NO_CHECK,
-	"OCSP No Check Extension", 
-	CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-    OD( pkixOCSPArchiveCutoff, SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF,
-	"OCSP Archive Cutoff Extension", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixOCSPServiceLocator, SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
-	"OCSP Service Locator Extension", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    OD( pkixRegCtrlRegToken, SEC_OID_PKIX_REGCTRL_REGTOKEN,
-        "PKIX CRMF Registration Control, Registration Token", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixRegCtrlAuthenticator, SEC_OID_PKIX_REGCTRL_AUTHENTICATOR,
-        "PKIX CRMF Registration Control, Registration Authenticator", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkixRegCtrlPKIPubInfo, SEC_OID_PKIX_REGCTRL_PKIPUBINFO,
-        "PKIX CRMF Registration Control, PKI Publication Info", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixRegCtrlPKIArchOptions,
-        SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
-        "PKIX CRMF Registration Control, PKI Archive Options", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixRegCtrlOldCertID, SEC_OID_PKIX_REGCTRL_OLD_CERT_ID,
-        "PKIX CRMF Registration Control, Old Certificate ID", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixRegCtrlProtEncKey, SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY,
-        "PKIX CRMF Registration Control, Protocol Encryption Key", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixRegInfoUTF8Pairs, SEC_OID_PKIX_REGINFO_UTF8_PAIRS,
-        "PKIX CRMF Registration Info, UTF8 Pairs", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixRegInfoCertReq, SEC_OID_PKIX_REGINFO_CERT_REQUEST,
-        "PKIX CRMF Registration Info, Certificate Request", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixExtendedKeyUsageServerAuth,
-        SEC_OID_EXT_KEY_USAGE_SERVER_AUTH,
-        "TLS Web Server Authentication Certificate",
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixExtendedKeyUsageClientAuth,
-        SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH,
-        "TLS Web Client Authentication Certificate",
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixExtendedKeyUsageCodeSign, SEC_OID_EXT_KEY_USAGE_CODE_SIGN,
-        "Code Signing Certificate",
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixExtendedKeyUsageEMailProtect,
-        SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT,
-        "E-Mail Protection Certificate",
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixExtendedKeyUsageTimeStamp,
-        SEC_OID_EXT_KEY_USAGE_TIME_STAMP,
-        "Time Stamping Certifcate",
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-    OD( pkixOCSPResponderExtendedKeyUsage, SEC_OID_OCSP_RESPONDER,
-          "OCSP Responder Certificate",
-          CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-
-    /* Netscape Algorithm OIDs */
-
-    OD( netscapeSMimeKEA, SEC_OID_NETSCAPE_SMIME_KEA,
-	"Netscape S/MIME KEA", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-      /* Skipjack OID -- ### mwelch temporary */
-    OD( skipjackCBC, SEC_OID_FORTEZZA_SKIPJACK,
-	"Skipjack CBC64", CKM_SKIPJACK_CBC64, INVALID_CERT_EXTENSION ),
-
-    /* pkcs12 v2 oids */
-    OD( pkcs12V2PBEWithSha1And128BitRC4,
-        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4,
-	"PKCS12 V2 PBE With SHA1 And 128 Bit RC4", 
-	CKM_PBE_SHA1_RC4_128, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V2PBEWithSha1And40BitRC4,
-        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4,
-	"PKCS12 V2 PBE With SHA1 And 40 Bit RC4", 
-	CKM_PBE_SHA1_RC4_40, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V2PBEWithSha1And3KeyTripleDEScbc,
-        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
-	"PKCS12 V2 PBE With SHA1 And 3KEY Triple DES-cbc", 
-	CKM_PBE_SHA1_DES3_EDE_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V2PBEWithSha1And2KeyTripleDEScbc,
-        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC,
-	"PKCS12 V2 PBE With SHA1 And 2KEY Triple DES-cbc", 
-	CKM_PBE_SHA1_DES2_EDE_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V2PBEWithSha1And128BitRC2cbc,
-        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
-	"PKCS12 V2 PBE With SHA1 And 128 Bit RC2 CBC", 
-	CKM_PBE_SHA1_RC2_128_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V2PBEWithSha1And40BitRC2cbc,
-        SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
-	"PKCS12 V2 PBE With SHA1 And 40 Bit RC2 CBC", 
-	CKM_PBE_SHA1_RC2_40_CBC, INVALID_CERT_EXTENSION ),
-    OD( pkcs12SafeContentsID, SEC_OID_PKCS12_SAFE_CONTENTS_ID,
-	"PKCS #12 Safe Contents ID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12PKCS8ShroudedKeyBagID,
-	SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID,
-	"PKCS #12 Safe Contents ID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V1KeyBag, SEC_OID_PKCS12_V1_KEY_BAG_ID,
-	"PKCS #12 V1 Key Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V1PKCS8ShroudedKeyBag,
-	SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID,
-	"PKCS #12 V1 PKCS8 Shrouded Key Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V1CertBag, SEC_OID_PKCS12_V1_CERT_BAG_ID,
-	"PKCS #12 V1 Cert Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V1CRLBag, SEC_OID_PKCS12_V1_CRL_BAG_ID,
-	"PKCS #12 V1 CRL Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V1SecretBag, SEC_OID_PKCS12_V1_SECRET_BAG_ID,
-	"PKCS #12 V1 Secret Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs12V1SafeContentsBag, SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
-	"PKCS #12 V1 Safe Contents Bag", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    OD( pkcs9X509Certificate, SEC_OID_PKCS9_X509_CERT,
-	"PKCS #9 X509 Certificate", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9SDSICertificate, SEC_OID_PKCS9_SDSI_CERT,
-	"PKCS #9 SDSI Certificate", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9X509CRL, SEC_OID_PKCS9_X509_CRL,
-	"PKCS #9 X509 CRL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9FriendlyName, SEC_OID_PKCS9_FRIENDLY_NAME,
-	"PKCS #9 Friendly Name", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( pkcs9LocalKeyID, SEC_OID_PKCS9_LOCAL_KEY_ID,
-	"PKCS #9 Local Key ID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ), 
-    OD( pkcs12KeyUsageAttr, SEC_OID_PKCS12_KEY_USAGE,
-	"PKCS 12 Key Usage", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-    OD( dhPublicKey, SEC_OID_X942_DIFFIE_HELMAN_KEY,
-	"Diffie-Helman Public Key", CKM_DH_PKCS_DERIVE,
-	INVALID_CERT_EXTENSION ),
-    OD( netscapeNickname, SEC_OID_NETSCAPE_NICKNAME,
-	"Netscape Nickname", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    /* Cert Server specific OIDs */
-    OD( netscapeRecoveryRequest, SEC_OID_NETSCAPE_RECOVERY_REQUEST,
-        "Recovery Request OID", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    OD( nsExtAIACertRenewal, SEC_OID_CERT_RENEWAL_LOCATOR,
-        "Certificate Renewal Locator OID", CKM_INVALID_MECHANISM,
-        INVALID_CERT_EXTENSION ), 
-
-    OD( nsExtCertScopeOfUse, SEC_OID_NS_CERT_EXT_SCOPE_OF_USE,
-        "Certificate Scope-of-Use Extension", CKM_INVALID_MECHANISM,
-        SUPPORTED_CERT_EXTENSION ),
-
-    /* CMS stuff */
-    OD( cmsESDH, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN,
-        "Ephemeral-Static Diffie-Hellman", CKM_INVALID_MECHANISM /* XXX */,
-        INVALID_CERT_EXTENSION ),
-    OD( cms3DESwrap, SEC_OID_CMS_3DES_KEY_WRAP,
-        "CMS 3DES Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
-        INVALID_CERT_EXTENSION ),
-    OD( cmsRC2wrap, SEC_OID_CMS_RC2_KEY_WRAP,
-        "CMS RC2 Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
-        INVALID_CERT_EXTENSION ),
-    OD( smimeEncryptionKeyPreference, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE,
-	"S/MIME Encryption Key Preference", 
-	CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
-    /* AES algorithm OIDs */
-    OD( aes128_ECB, SEC_OID_AES_128_ECB,
-	"AES-128-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
-    OD( aes128_CBC, SEC_OID_AES_128_CBC,
-	"AES-128-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
-    OD( aes192_ECB, SEC_OID_AES_192_ECB,
-	"AES-192-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
-    OD( aes192_CBC, SEC_OID_AES_192_CBC,
-	"AES-192-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
-    OD( aes256_ECB, SEC_OID_AES_256_ECB,
-	"AES-256-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
-    OD( aes256_CBC, SEC_OID_AES_256_CBC,
-	"AES-256-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
-
-    /* More bogus DSA OIDs */
-    OD( sdn702DSASignature, SEC_OID_SDN702_DSA_SIGNATURE, 
-	"SDN.702 DSA Signature", CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-};
-
-/*
- * now the dynamic table. The dynamic table gets build at init time.
- *  and gets modified if the user loads new crypto modules.
- */
-
-static PLHashTable *oid_d_hash = 0;
-static SECOidData **secoidDynamicTable = NULL;
-static int secoidDynamicTableSize = 0;
-static int secoidLastDynamicEntry = 0;
-static int secoidLastHashEntry = 0;
-
-static SECStatus
-secoid_DynamicRehash(void)
-{
-    SECOidData *oid;
-    PLHashEntry *entry;
-    int i;
-    int last = secoidLastDynamicEntry;
-
-    if (!oid_d_hash) {
-        oid_d_hash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
-			PL_CompareValues, NULL, NULL);
-    }
-
-
-    if ( !oid_d_hash ) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	return(SECFailure);
-    }
-
-    for ( i = secoidLastHashEntry; i < last; i++ ) {
-	oid = secoidDynamicTable[i];
-
-	entry = PL_HashTableAdd( oid_d_hash, &oid->oid, oid );
-	if ( entry == NULL ) {
-	    return(SECFailure);
-	}
-    }
-    secoidLastHashEntry = last;
-    return(SECSuccess);
-}
-
-
-
-/*
- * Lookup a Dynamic OID. Dynamic OID's still change slowly, so it's
- * cheaper to rehash the table when it changes than it is to do the loop
- * each time. Worry: what about thread safety here? Global Static data with
- * no locks.... (sigh).
- */
-static SECOidData *
-secoid_FindDynamic(SECItem *key) {
-    SECOidData *ret = NULL;
-    if (secoidDynamicTable == NULL) {
-	/* PORT_SetError! */
-	return NULL;
-    }
-    if (secoidLastHashEntry != secoidLastDynamicEntry) {
-	SECStatus rv = secoid_DynamicRehash();
-	if ( rv != SECSuccess ) {
-	    return NULL;
-	}
-    }
-    ret = (SECOidData *)PL_HashTableLookup (oid_d_hash, key);
-    return ret;
-	
-}
-
-static SECOidData *
-secoid_FindDynamicByTag(SECOidTag tagnum)
-{
-    int tagNumDiff;
-
-    if (secoidDynamicTable == NULL) {
-	return NULL;
-    }
-
-    if (tagnum < SEC_OID_TOTAL) {
-	return NULL;
-    }
-
-    tagNumDiff = tagnum - SEC_OID_TOTAL;
-    if (tagNumDiff >= secoidLastDynamicEntry) {
-	return NULL;
-    }
-
-    return(secoidDynamicTable[tagNumDiff]);
-}
-
-/*
- * this routine is definately not thread safe. It is only called out
- * of the UI, or at init time. If we want to call it any other time,
- * we need to make it thread safe.
- */
-SECStatus
-SECOID_AddEntry(SECItem *oid, char *description, unsigned long mech) {
-    SECOidData *oiddp = (SECOidData *)PORT_Alloc(sizeof(SECOidData));
-    int last = secoidLastDynamicEntry;
-    int tableSize = secoidDynamicTableSize;
-    int next = last++;
-    SECOidData **newTable = secoidDynamicTable;
-    SECOidData **oldTable = NULL;
-
-    if (oid == NULL) {
-	return SECFailure;
-    }
-
-    /* fill in oid structure */
-    if (SECITEM_CopyItem(NULL,&oiddp->oid,oid) != SECSuccess) {
-	PORT_Free(oiddp);
-	return SECFailure;
-    }
-    oiddp->offset = (SECOidTag)(next + SEC_OID_TOTAL);
-    /* may we should just reference the copy passed to us? */
-    oiddp->desc = PORT_Strdup(description);
-    oiddp->mechanism = mech;
-
-
-    if (last > tableSize) {
-	int oldTableSize = tableSize;
-	tableSize += 10;
-	oldTable = newTable;
-	newTable = (SECOidData **)PORT_ZAlloc(sizeof(SECOidData *)*tableSize);
-	if (newTable == NULL) {
-	   PORT_Free(oiddp->oid.data);
-	   PORT_Free(oiddp);
-	   return SECFailure;
-	}
-	PORT_Memcpy(newTable,oldTable,sizeof(SECOidData *)*oldTableSize);
-	PORT_Free(oldTable);
-    }
-
-    newTable[next] = oiddp;
-    secoidDynamicTable = newTable;
-    secoidDynamicTableSize = tableSize;
-    secoidLastDynamicEntry= last;
-    return SECSuccess;
-}
-	
-
-/* normal static table processing */
-static PLHashTable *oidhash     = NULL;
-static PLHashTable *oidmechhash = NULL;
-
-static PLHashNumber
-secoid_HashNumber(const void *key)
-{
-    return (PLHashNumber) key;
-}
-
-
-static SECStatus
-InitOIDHash(void)
-{
-    PLHashEntry *entry;
-    const SECOidData *oid;
-    int i;
-    
-    oidhash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
-			PL_CompareValues, NULL, NULL);
-    oidmechhash = PL_NewHashTable(0, secoid_HashNumber, PL_CompareValues,
-			PL_CompareValues, NULL, NULL);
-
-    if ( !oidhash || !oidmechhash) {
-	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- 	PORT_Assert(0); /*This function should never fail. */
-	return(SECFailure);
-    }
-
-    for ( i = 0; i < ( sizeof(oids) / sizeof(SECOidData) ); i++ ) {
-	oid = &oids[i];
-
-	PORT_Assert ( oid->offset == i );
-
-	entry = PL_HashTableAdd( oidhash, &oid->oid, (void *)oid );
-	if ( entry == NULL ) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-            PORT_Assert(0); /*This function should never fail. */
-	    return(SECFailure);
-	}
-
-	if ( oid->mechanism != CKM_INVALID_MECHANISM ) {
-	    entry = PL_HashTableAdd( oidmechhash, 
-					(void *)oid->mechanism, (void *)oid );
-	    if ( entry == NULL ) {
-	        PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-                PORT_Assert(0); /* This function should never fail. */
-		return(SECFailure);
-	    }
-	}
-    }
-
-    PORT_Assert (i == SEC_OID_TOTAL);
-
-    return(SECSuccess);
-}
-
-SECOidData *
-SECOID_FindOIDByMechanism(unsigned long mechanism)
-{
-    SECOidData *ret;
-    int rv;
-
-    if ( !oidhash ) {
-        rv = InitOIDHash();
-	if ( rv != SECSuccess ) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	    return NULL;
-	}
-    }
-    ret = PL_HashTableLookupConst ( oidmechhash, (void *)mechanism);
-    if ( ret == NULL ) {
-        PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-    }
-
-    return (ret);
-}
-
-SECOidData *
-SECOID_FindOID(SECItem *oid)
-{
-    SECOidData *ret;
-    int rv;
-    
-    if ( !oidhash ) {
-	rv = InitOIDHash();
-	if ( rv != SECSuccess ) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	    return NULL;
-	}
-    }
-    
-    ret = PL_HashTableLookupConst ( oidhash, oid );
-    if ( ret == NULL ) {
-	ret  = secoid_FindDynamic(oid);
-	if (ret == NULL) {
-	    PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
-	}
-    }
-
-    return(ret);
-}
-
-SECOidTag
-SECOID_FindOIDTag(SECItem *oid)
-{
-    SECOidData *oiddata;
-
-    oiddata = SECOID_FindOID (oid);
-    if (oiddata == NULL)
-	return SEC_OID_UNKNOWN;
-
-    return oiddata->offset;
-}
-
-/* This really should return const. */
-SECOidData *
-SECOID_FindOIDByTag(SECOidTag tagnum)
-{
-
-    if (tagnum >= SEC_OID_TOTAL) {
-	return secoid_FindDynamicByTag(tagnum);
-    }
-
-    PORT_Assert((unsigned int)tagnum < (sizeof(oids) / sizeof(SECOidData)));
-    return (SECOidData *)(&oids[tagnum]);
-}
-
-PRBool SECOID_KnownCertExtenOID (SECItem *extenOid)
-{
-    SECOidData * oidData;
-
-    oidData = SECOID_FindOID (extenOid);
-    if (oidData == (SECOidData *)NULL)
-	return (PR_FALSE);
-    return ((oidData->supportedExtension == SUPPORTED_CERT_EXTENSION) ?
-            PR_TRUE : PR_FALSE);
-}
-
-
-const char *
-SECOID_FindOIDTagDescription(SECOidTag tagnum)
-{
-  const SECOidData *oidData = SECOID_FindOIDByTag(tagnum);
-  return oidData ? oidData->desc : 0;
-}
-
-/*
- * free up the oid tables.
- */
-SECStatus
-SECOID_Shutdown(void)
-{
-    int i;
-
-    if (oidhash) {
-	PL_HashTableDestroy(oidhash);
-	oidhash = NULL;
-    }
-    if (oidmechhash) {
-	PL_HashTableDestroy(oidmechhash);
-	oidmechhash = NULL;
-    }
-    if (oid_d_hash) {
-	PL_HashTableDestroy(oid_d_hash);
-	oid_d_hash = NULL;
-    }
-    if (secoidDynamicTable) {
-	for (i=0; i < secoidLastDynamicEntry; i++) {
-	    PORT_Free(secoidDynamicTable[i]);
-	}
-	PORT_Free(secoidDynamicTable);
-	secoidDynamicTable = NULL;
-	secoidDynamicTableSize = 0;
-	secoidLastDynamicEntry = 0;
-	secoidLastHashEntry = 0;
-    }
-    return SECSuccess;
-}
diff --git a/security/nss/lib/util/secoid.h b/security/nss/lib/util/secoid.h
deleted file mode 100644
index a77bc60ba..000000000
--- a/security/nss/lib/util/secoid.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECOID_H_
-#define _SECOID_H_
-/*
- * secoid.h - public data structures and prototypes for ASN.1 OID functions
- *
- * $Id$
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template SECOID_AlgorithmIDTemplate[];
-
-/* This functions simply returns the address of the above-declared template. */
-SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate)
-
-/*
- * OID handling routines
- */
-extern SECOidData *SECOID_FindOID(SECItem *oid);
-extern SECOidTag SECOID_FindOIDTag(SECItem *oid);
-extern SECOidData *SECOID_FindOIDByTag(SECOidTag tagnum);
-extern SECOidData *SECOID_FindOIDByMechanism(unsigned long mechanism);
-
-/****************************************/
-/*
-** Algorithm id handling operations
-*/
-
-/*
-** Fill in an algorithm-ID object given a tag and some parameters.
-** 	"aid" where the DER encoded algorithm info is stored (memory
-**	   is allocated)
-**	"tag" the tag defining the algorithm (SEC_OID_*)
-**	"params" if not NULL, the parameters to go with the algorithm
-*/
-extern SECStatus SECOID_SetAlgorithmID(PRArenaPool *arena, SECAlgorithmID *aid,
-				   SECOidTag tag, SECItem *params);
-
-/*
-** Copy the "src" object to "dest". Memory is allocated in "dest" for
-** each of the appropriate sub-objects. Memory in "dest" is not freed
-** before memory is allocated (use SECOID_DestroyAlgorithmID(dest, PR_FALSE)
-** to do that).
-*/
-extern SECStatus SECOID_CopyAlgorithmID(PRArenaPool *arena, SECAlgorithmID *dest,
-				    SECAlgorithmID *src);
-
-/*
-** Get the SEC_OID_* tag for the given algorithm-id object.
-*/
-extern SECOidTag SECOID_GetAlgorithmTag(SECAlgorithmID *aid);
-
-/*
-** Destroy an algorithm-id object.
-**	"aid" the certificate-request to destroy
-**	"freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SECOID_DestroyAlgorithmID(SECAlgorithmID *aid, PRBool freeit);
-
-/*
-** Compare two algorithm-id objects, returning the difference between
-** them.
-*/
-extern SECComparison SECOID_CompareAlgorithmID(SECAlgorithmID *a,
-					   SECAlgorithmID *b);
-
-extern PRBool SECOID_KnownCertExtenOID (SECItem *extenOid);
-
-/* Given a SEC_OID_* tag, return a string describing it.
- */
-extern const char *SECOID_FindOIDTagDescription(SECOidTag tagnum);
-
-/*
- * free up the oid data structures.
- */
-extern SECStatus SECOID_Shutdown(void);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECOID_H_ */
diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h
deleted file mode 100644
index 7ce1f4cf4..000000000
--- a/security/nss/lib/util/secoidt.h
+++ /dev/null
@@ -1,320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECOIDT_H_
-#define _SECOIDT_H_
-/*
- * secoidt.h - public data structures for ASN.1 OID functions
- *
- * $Id$
- */
-
-#include "secitem.h"
-
-typedef struct SECOidDataStr SECOidData;
-typedef struct SECAlgorithmIDStr SECAlgorithmID;
-
-/*
-** An X.500 algorithm identifier
-*/
-struct SECAlgorithmIDStr {
-    SECItem algorithm;
-    SECItem parameters;
-};
-
-/*
- * Misc object IDs - these numbers are for convenient handling.
- * They are mapped into real object IDs
- *
- * NOTE: the order of these entries must mach the array "oids" of SECOidData
- * in util/secoid.c.
- */
-typedef enum {
-    SEC_OID_UNKNOWN = 0,
-    SEC_OID_MD2 = 1,
-    SEC_OID_MD4 = 2,
-    SEC_OID_MD5 = 3,
-    SEC_OID_SHA1 = 4,
-    SEC_OID_RC2_CBC = 5,
-    SEC_OID_RC4 = 6,
-    SEC_OID_DES_EDE3_CBC = 7,
-    SEC_OID_RC5_CBC_PAD = 8,
-    SEC_OID_DES_ECB = 9,
-    SEC_OID_DES_CBC = 10,
-    SEC_OID_DES_OFB = 11,
-    SEC_OID_DES_CFB = 12,
-    SEC_OID_DES_MAC = 13,
-    SEC_OID_DES_EDE = 14,
-    SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE = 15,
-    SEC_OID_PKCS1_RSA_ENCRYPTION = 16,
-    SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = 17,
-    SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = 18,
-    SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = 19,
-    SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = 20,
-    SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = 21,
-    SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = 22,
-    SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = 23,
-    SEC_OID_PKCS7 = 24,
-    SEC_OID_PKCS7_DATA = 25,
-    SEC_OID_PKCS7_SIGNED_DATA = 26,
-    SEC_OID_PKCS7_ENVELOPED_DATA = 27,
-    SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA = 28,
-    SEC_OID_PKCS7_DIGESTED_DATA = 29,
-    SEC_OID_PKCS7_ENCRYPTED_DATA = 30,
-    SEC_OID_PKCS9_EMAIL_ADDRESS = 31,
-    SEC_OID_PKCS9_UNSTRUCTURED_NAME = 32,
-    SEC_OID_PKCS9_CONTENT_TYPE = 33,
-    SEC_OID_PKCS9_MESSAGE_DIGEST = 34,
-    SEC_OID_PKCS9_SIGNING_TIME = 35,
-    SEC_OID_PKCS9_COUNTER_SIGNATURE = 36,
-    SEC_OID_PKCS9_CHALLENGE_PASSWORD = 37,
-    SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS = 38,
-    SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = 39,
-    SEC_OID_PKCS9_SMIME_CAPABILITIES = 40,
-    SEC_OID_AVA_COMMON_NAME = 41,
-    SEC_OID_AVA_COUNTRY_NAME = 42,
-    SEC_OID_AVA_LOCALITY = 43,
-    SEC_OID_AVA_STATE_OR_PROVINCE = 44,
-    SEC_OID_AVA_ORGANIZATION_NAME = 45,
-    SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME = 46,
-    SEC_OID_AVA_DN_QUALIFIER = 47,
-    SEC_OID_AVA_DC = 48,
-
-    SEC_OID_NS_TYPE_GIF = 49,
-    SEC_OID_NS_TYPE_JPEG = 50,
-    SEC_OID_NS_TYPE_URL = 51,
-    SEC_OID_NS_TYPE_HTML = 52,
-    SEC_OID_NS_TYPE_CERT_SEQUENCE = 53,
-    SEC_OID_MISSI_KEA_DSS_OLD = 54,
-    SEC_OID_MISSI_DSS_OLD = 55,
-    SEC_OID_MISSI_KEA_DSS = 56,
-    SEC_OID_MISSI_DSS = 57,
-    SEC_OID_MISSI_KEA = 58,
-    SEC_OID_MISSI_ALT_KEA = 59,
-
-    /* Netscape private certificate extensions */
-    SEC_OID_NS_CERT_EXT_NETSCAPE_OK = 60,
-    SEC_OID_NS_CERT_EXT_ISSUER_LOGO = 61,
-    SEC_OID_NS_CERT_EXT_SUBJECT_LOGO = 62,
-    SEC_OID_NS_CERT_EXT_CERT_TYPE = 63,
-    SEC_OID_NS_CERT_EXT_BASE_URL = 64,
-    SEC_OID_NS_CERT_EXT_REVOCATION_URL = 65,
-    SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL = 66,
-    SEC_OID_NS_CERT_EXT_CA_CRL_URL = 67,
-    SEC_OID_NS_CERT_EXT_CA_CERT_URL = 68,
-    SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL = 69,
-    SEC_OID_NS_CERT_EXT_CA_POLICY_URL = 70,
-    SEC_OID_NS_CERT_EXT_HOMEPAGE_URL = 71,
-    SEC_OID_NS_CERT_EXT_ENTITY_LOGO = 72,
-    SEC_OID_NS_CERT_EXT_USER_PICTURE = 73,
-    SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME = 74,
-    SEC_OID_NS_CERT_EXT_COMMENT = 75,
-    SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL = 76,
-    SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME = 77,
-    SEC_OID_NS_KEY_USAGE_GOVT_APPROVED = 78,
-
-    /* x.509 v3 Extensions */
-    SEC_OID_X509_SUBJECT_DIRECTORY_ATTR = 79,
-    SEC_OID_X509_SUBJECT_KEY_ID = 80,
-    SEC_OID_X509_KEY_USAGE = 81,
-    SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD = 82,
-    SEC_OID_X509_SUBJECT_ALT_NAME = 83,
-    SEC_OID_X509_ISSUER_ALT_NAME = 84,
-    SEC_OID_X509_BASIC_CONSTRAINTS = 85,
-    SEC_OID_X509_NAME_CONSTRAINTS = 86,
-    SEC_OID_X509_CRL_DIST_POINTS = 87,
-    SEC_OID_X509_CERTIFICATE_POLICIES = 88,
-    SEC_OID_X509_POLICY_MAPPINGS = 89,
-    SEC_OID_X509_POLICY_CONSTRAINTS = 90,
-    SEC_OID_X509_AUTH_KEY_ID = 91,
-    SEC_OID_X509_EXT_KEY_USAGE = 92,
-    SEC_OID_X509_AUTH_INFO_ACCESS = 93,
-
-    SEC_OID_X509_CRL_NUMBER = 94,
-    SEC_OID_X509_REASON_CODE = 95,
-    SEC_OID_X509_INVALID_DATE = 96,
-    /* End of x.509 v3 Extensions */    
-
-    SEC_OID_X500_RSA_ENCRYPTION = 97,
-
-    /* alg 1485 additions */
-    SEC_OID_RFC1274_UID = 98,
-    SEC_OID_RFC1274_MAIL = 99,
-
-    /* PKCS 12 additions */
-    SEC_OID_PKCS12 = 100,
-    SEC_OID_PKCS12_MODE_IDS = 101,
-    SEC_OID_PKCS12_ESPVK_IDS = 102,
-    SEC_OID_PKCS12_BAG_IDS = 103,
-    SEC_OID_PKCS12_CERT_BAG_IDS = 104,
-    SEC_OID_PKCS12_OIDS = 105,
-    SEC_OID_PKCS12_PBE_IDS = 106,
-    SEC_OID_PKCS12_SIGNATURE_IDS = 107,
-    SEC_OID_PKCS12_ENVELOPING_IDS = 108,
-   /* SEC_OID_PKCS12_OFFLINE_TRANSPORT_MODE,
-    SEC_OID_PKCS12_ONLINE_TRANSPORT_MODE, */
-    SEC_OID_PKCS12_PKCS8_KEY_SHROUDING = 109,
-    SEC_OID_PKCS12_KEY_BAG_ID = 110,
-    SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID = 111,
-    SEC_OID_PKCS12_SECRET_BAG_ID = 112,
-    SEC_OID_PKCS12_X509_CERT_CRL_BAG = 113,
-    SEC_OID_PKCS12_SDSI_CERT_BAG = 114,
-    SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = 115,
-    SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = 116,
-    SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC = 117,
-    SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 118,
-    SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 119,
-    SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 = 120,
-    SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 = 121,
-    SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES = 122,
-    SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST = 123,
-    /* end of PKCS 12 additions */
-
-    /* DSA signatures */
-    SEC_OID_ANSIX9_DSA_SIGNATURE = 124,
-    SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = 125,
-    SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = 126,
-
-    /* Verisign OIDs */
-    SEC_OID_VERISIGN_USER_NOTICES = 127,
-
-    /* PKIX OIDs */
-    SEC_OID_PKIX_CPS_POINTER_QUALIFIER = 128,
-    SEC_OID_PKIX_USER_NOTICE_QUALIFIER = 129,
-    SEC_OID_PKIX_OCSP = 130,
-    SEC_OID_PKIX_OCSP_BASIC_RESPONSE = 131,
-    SEC_OID_PKIX_OCSP_NONCE = 132,
-    SEC_OID_PKIX_OCSP_CRL = 133,
-    SEC_OID_PKIX_OCSP_RESPONSE = 134,
-    SEC_OID_PKIX_OCSP_NO_CHECK = 135,
-    SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF = 136,
-    SEC_OID_PKIX_OCSP_SERVICE_LOCATOR = 137,
-    SEC_OID_PKIX_REGCTRL_REGTOKEN = 138,
-    SEC_OID_PKIX_REGCTRL_AUTHENTICATOR = 139,
-    SEC_OID_PKIX_REGCTRL_PKIPUBINFO = 140,
-    SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = 141,
-    SEC_OID_PKIX_REGCTRL_OLD_CERT_ID = 142,
-    SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = 143,
-    SEC_OID_PKIX_REGINFO_UTF8_PAIRS = 144,
-    SEC_OID_PKIX_REGINFO_CERT_REQUEST = 145,
-    SEC_OID_EXT_KEY_USAGE_SERVER_AUTH = 146,
-    SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH = 147,
-    SEC_OID_EXT_KEY_USAGE_CODE_SIGN = 148,
-    SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT = 149,
-    SEC_OID_EXT_KEY_USAGE_TIME_STAMP = 150,
-    SEC_OID_OCSP_RESPONDER = 151,
-
-    /* Netscape Algorithm OIDs */
-    SEC_OID_NETSCAPE_SMIME_KEA = 152,
-
-    /* Skipjack OID -- ### mwelch temporary */
-    SEC_OID_FORTEZZA_SKIPJACK = 153,
-
-    /* PKCS 12 V2 oids */
-    SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 = 154,
-    SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 = 155,
-    SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC = 156,
-    SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC = 157,
-    SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 158,
-    SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 159,
-    SEC_OID_PKCS12_SAFE_CONTENTS_ID = 160,
-    SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID = 161,
-
-    SEC_OID_PKCS12_V1_KEY_BAG_ID = 162,
-    SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID = 163,
-    SEC_OID_PKCS12_V1_CERT_BAG_ID = 164,
-    SEC_OID_PKCS12_V1_CRL_BAG_ID = 165,
-    SEC_OID_PKCS12_V1_SECRET_BAG_ID = 166,
-    SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID = 167,
-    SEC_OID_PKCS9_X509_CERT = 168,
-    SEC_OID_PKCS9_SDSI_CERT = 169,
-    SEC_OID_PKCS9_X509_CRL = 170,
-    SEC_OID_PKCS9_FRIENDLY_NAME = 171,
-    SEC_OID_PKCS9_LOCAL_KEY_ID = 172,
-    SEC_OID_PKCS12_KEY_USAGE = 173,
-
-    /*Diffe Helman OIDS */
-    SEC_OID_X942_DIFFIE_HELMAN_KEY = 174,
-
-    /* Netscape other name types */
-    SEC_OID_NETSCAPE_NICKNAME = 175,
-
-    /* Cert Server OIDS */
-    SEC_OID_NETSCAPE_RECOVERY_REQUEST = 176,
-
-    /* New PSM certificate management OIDs */
-    SEC_OID_CERT_RENEWAL_LOCATOR = 177,
-    SEC_OID_NS_CERT_EXT_SCOPE_OF_USE = 178,
-    
-    /* CMS (RFC2630) OIDs */
-    SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = 179,
-    SEC_OID_CMS_3DES_KEY_WRAP = 180,
-    SEC_OID_CMS_RC2_KEY_WRAP = 181,
-
-    /* SMIME attributes */
-    SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE = 182,
-
-    /* AES OIDs */
-    SEC_OID_AES_128_ECB 	= 183,
-    SEC_OID_AES_128_CBC 	= 184,
-    SEC_OID_AES_192_ECB 	= 185,
-    SEC_OID_AES_192_CBC 	= 186,
-    SEC_OID_AES_256_ECB 	= 187,
-    SEC_OID_AES_256_CBC 	= 188,
-
-    SEC_OID_SDN702_DSA_SIGNATURE = 189,
-
-    SEC_OID_TOTAL
-} SECOidTag;
-
-/* fake OID for DSS sign/verify */
-#define SEC_OID_SHA SEC_OID_MISS_DSS
-
-typedef enum {
-    INVALID_CERT_EXTENSION = 0,
-    UNSUPPORTED_CERT_EXTENSION = 1,
-    SUPPORTED_CERT_EXTENSION = 2
-} SECSupportExtenTag;
-
-struct SECOidDataStr {
-    SECItem            oid;
-    SECOidTag          offset;
-    const char *       desc;
-    unsigned long      mechanism;
-    SECSupportExtenTag supportedExtension;	
-    				/* only used for x.509 v3 extensions, so
-				   that we can print the names of those
-				   extensions that we don't even support */
-};
-
-#endif /* _SECOIDT_H_ */
diff --git a/security/nss/lib/util/secplcy.c b/security/nss/lib/util/secplcy.c
deleted file mode 100644
index b7f42080d..000000000
--- a/security/nss/lib/util/secplcy.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secplcy.h"
-#include "prmem.h"
-
-SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
-				  secCPStruct *policy,
-				  long *ciphers)
-{
-  SECCipherFind *find = PR_NEWZAP(SECCipherFind);
-  if (find)
-    {
-      find->policy = policy;
-      find->ciphers = ciphers;
-      find->onlyAllowed = onlyAllowed;
-      find->index = -1;
-    }
-  return find;
-}
-
-long sec_CipherFindNext(SECCipherFind *find)
-{
-  char *policy;
-  long rv = -1;
-  secCPStruct *policies = (secCPStruct *) find->policy;
-  long *ciphers = (long *) find->ciphers;
-  long numCiphers = policies->num_ciphers;
-
-  find->index++;
-  while((find->index < numCiphers) && (rv == -1))
-    {
-      /* Translate index to cipher. */
-      rv = ciphers[find->index];
-
-      /* If we're only looking for allowed ciphers, and if this
-	 cipher isn't allowed, loop around.*/
-      if (find->onlyAllowed)
-	{
-	  /* Find the appropriate policy flag. */
-	  policy = (&(policies->begin_ciphers)) + find->index + 1;
-
-	  /* If this cipher isn't allowed by policy, continue. */
-	  if (! (*policy))
-	    {
-	      rv = -1;
-	      find->index++;
-	    }
-	}
-    }
-
-  return rv;
-}
-
-char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
-			 long *ciphers)
-{
-  char result = SEC_CIPHER_NOT_ALLOWED; /* our default answer */
-  long numCiphers = policies->num_ciphers;
-  char *policy;
-  int i;
-  
-  /* Convert the cipher number into a policy flag location. */
-  for (i=0, policy=(&(policies->begin_ciphers) + 1);
-       i<numCiphers;
-       i++, policy++)
-    {
-      if (cipher == ciphers[i])
-	break;
-    }
-
-  if (i < numCiphers)
-    {
-      /* Found the cipher, get the policy value. */
-      result = *policy;
-    }
-
-  return result;
-}
-
-void sec_CipherFindEnd(SECCipherFind *find)
-{
-  PR_FREEIF(find);
-}
diff --git a/security/nss/lib/util/secplcy.h b/security/nss/lib/util/secplcy.h
deleted file mode 100644
index add5d8fac..000000000
--- a/security/nss/lib/util/secplcy.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __secplcy_h__
-#define __secplcy_h__
-
-#include "prtypes.h"
-
-/*
-** Cipher policy enforcement. This code isn't very pretty, but it accomplishes
-** the purpose of obscuring policy information from potential fortifiers. :-)
-**
-** The following routines are generic and intended for anywhere where cipher
-** policy enforcement is to be done, e.g. SSL and PKCS7&12.
-*/
-
-#define SEC_CIPHER_NOT_ALLOWED 0
-#define SEC_CIPHER_ALLOWED 1
-#define SEC_CIPHER_RESTRICTED 2 /* cipher is allowed in limited cases 
-				   e.g. step-up */
-
-/* The length of the header string for each cipher table. 
-   (It's the same regardless of whether we're using md5 strings or not.) */
-#define SEC_POLICY_HEADER_LENGTH 48
-
-/* If we're testing policy stuff, we may want to use the plaintext version */
-#define SEC_POLICY_USE_MD5_STRINGS 1
-
-#define SEC_POLICY_THIS_IS_THE \
-    "\x2a\x3a\x51\xbf\x2f\x71\xb7\x73\xaa\xca\x6b\x57\x70\xcd\xc8\x9f"
-#define SEC_POLICY_STRING_FOR_THE \
-    "\x97\x15\xe2\x70\xd2\x8a\xde\xa9\xe7\xa7\x6a\xe2\x83\xe5\xb1\xf6"
-#define SEC_POLICY_SSL_TAIL \
-    "\x70\x16\x25\xc0\x2a\xb2\x4a\xca\xb6\x67\xb1\x89\x20\xdf\x87\xca"
-#define SEC_POLICY_SMIME_TAIL \
-    "\xdf\xd4\xe7\x2a\xeb\xc4\x1b\xb5\xd8\xe5\xe0\x2a\x16\x9f\xc4\xb9"
-#define SEC_POLICY_PKCS12_TAIL \
-    "\x1c\xf8\xa4\x85\x4a\xc6\x8a\xfe\xe6\xca\x03\x72\x50\x1c\xe2\xc8"
-
-#if defined(SEC_POLICY_USE_MD5_STRINGS)
-
-/* We're not testing. 
-   Use md5 checksums of the strings. */
-
-#define SEC_POLICY_SSL_HEADER \
-    SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SSL_TAIL
-
-#define SEC_POLICY_SMIME_HEADER \
-    SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SMIME_TAIL
-
-#define SEC_POLICY_PKCS12_HEADER \
-    SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_PKCS12_TAIL
-
-#else
-
-/* We're testing. 
-   Use plaintext versions of the strings, for testing purposes. */
-#define SEC_POLICY_SSL_HEADER \
-    "This is the string for the SSL policy table.    "
-#define SEC_POLICY_SMIME_HEADER \
-    "This is the string for the PKCS7 policy table.  "
-#define SEC_POLICY_PKCS12_HEADER \
-    "This is the string for the PKCS12 policy table. "
-
-#endif
-
-/* Local cipher tables have to have these members at the top. */
-typedef struct _sec_cp_struct
-{
-  char policy_string[SEC_POLICY_HEADER_LENGTH];
-  long unused; /* placeholder for max keybits in pkcs12 struct */
-  char num_ciphers;
-  char begin_ciphers;
-  /* cipher policy settings follow. each is a char. */
-} secCPStruct;
-
-struct SECCipherFindStr
-{
-  /* (policy) and (ciphers) are opaque to the outside world */
-  void *policy;
-  void *ciphers;
-  long index;
-  PRBool onlyAllowed;
-};
-
-typedef struct SECCipherFindStr SECCipherFind;
-
-SEC_BEGIN_PROTOS
-
-SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
-				  secCPStruct *policy,
-				  long *ciphers);
-
-long sec_CipherFindNext(SECCipherFind *find);
-
-char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
-			 long *ciphers);
-
-void sec_CipherFindEnd(SECCipherFind *find);
-
-SEC_END_PROTOS
-
-#endif /* __SECPLCY_H__ */
diff --git a/security/nss/lib/util/secport.c b/security/nss/lib/util/secport.c
deleted file mode 100644
index 276cf6208..000000000
--- a/security/nss/lib/util/secport.c
+++ /dev/null
@@ -1,581 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- * 
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "secport.h"
-#include "prvrsion.h"
-#include "prenv.h"
-
-#ifdef DEBUG
-#define THREADMARK
-#endif /* DEBUG */
-
-#ifdef THREADMARK
-#include "prthread.h"
-#endif /* THREADMARK */
-
-#if defined(XP_UNIX) || defined(XP_MAC) || defined(XP_OS2) || defined(XP_BEOS)
-#include <stdlib.h>
-#else
-#include "wtypes.h"
-#endif
-
-#define SET_ERROR_CODE	/* place holder for code to set PR error code. */
-
-#ifdef THREADMARK
-typedef struct threadmark_mark_str {
-  struct threadmark_mark_str *next;
-  void *mark;
-} threadmark_mark;
-
-#endif /* THREADMARK */
-
-/* The value of this magic must change each time PORTArenaPool changes. */
-#define ARENAPOOL_MAGIC 0xB8AC9BDF 
-
-typedef struct PORTArenaPool_str {
-  PLArenaPool arena;
-  PRUint32    magic;
-  PRLock *    lock;
-#ifdef THREADMARK
-  PRThread *marking_thread;
-  threadmark_mark *first_mark;
-#endif
-} PORTArenaPool;
-
-
-/* count of allocation failures. */
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.  
- * XXX is this the appropriate location?  or should they be
- *     moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc  ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
-    void *rv;
-
-    /* Always allocate a non-zero amount of bytes */
-    rv = (void *)PR_Malloc(bytes ? bytes : 1);
-    if (!rv) {
-	++port_allocFailures;
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-    return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
-    void *rv;
-
-    rv = (void *)PR_Realloc(oldptr, bytes);
-    if (!rv) {
-	++port_allocFailures;
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-    return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
-    void *rv;
-
-    /* Always allocate a non-zero amount of bytes */
-    rv = (void *)PR_Calloc(1, bytes ? bytes : 1);
-    if (!rv) {
-	++port_allocFailures;
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-    return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
-    if (ptr) {
-	PR_Free(ptr);
-    }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
-    if (ptr) {
-	memset(ptr, 0, len);
-	PR_Free(ptr);
-    }
-}
-
-char *
-PORT_Strdup(const char *str)
-{
-    size_t len = PORT_Strlen(str)+1;
-    char *newstr;
-
-    newstr = (char *)PORT_Alloc(len);
-    if (newstr) {
-        PORT_Memcpy(newstr, str, len);
-    }
-    return newstr;
-}
-
-void
-PORT_SetError(int value)
-{	
-    PR_SetError(value, 0);
-    return;
-}
-
-int
-PORT_GetError(void)
-{
-    return(PR_GetError());
-}
-
-/********************* Arena code follows *****************************/
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
-    PORTArenaPool *pool;
-    
-    pool = PORT_ZNew(PORTArenaPool);
-    if (!pool) {
-	return NULL;
-    }
-    pool->magic = ARENAPOOL_MAGIC;
-    pool->lock = PZ_NewLock(nssILockArena);
-    if (!pool->lock) {
-	++port_allocFailures;
-	PORT_Free(pool);
-	return NULL;
-    }
-    PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
-    return(&pool->arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
-    void *p;
-
-    PORTArenaPool *pool = (PORTArenaPool *)arena;
-
-    /* Is it one of ours?  Assume so and check the magic */
-    if (ARENAPOOL_MAGIC == pool->magic ) {
-	PZ_Lock(pool->lock);
-#ifdef THREADMARK
-        /* Most likely one of ours.  Is there a thread id? */
-	if (pool->marking_thread  &&
-	    pool->marking_thread != PR_GetCurrentThread() ) {
-	    /* Another thread holds a mark in this arena */
-	    PZ_Unlock(pool->lock);
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    PORT_Assert(0);
-	    return NULL;
-	} /* tid != null */
-#endif /* THREADMARK */
-	PL_ARENA_ALLOCATE(p, arena, size);
-	PZ_Unlock(pool->lock);
-    } else {
-	PL_ARENA_ALLOCATE(p, arena, size);
-    }
-
-    if (!p) {
-	++port_allocFailures;
-	PORT_SetError(SEC_ERROR_NO_MEMORY);
-    }
-
-    return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
-    void *p = PORT_ArenaAlloc(arena, size);
-
-    if (p) {
-	PORT_Memset(p, 0, size);
-    }
-
-    return(p);
-}
-
-/* XXX - need to zeroize!! - jsw */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
-    PORTArenaPool *pool = (PORTArenaPool *)arena;
-    PRLock *       lock = (PRLock *)0;
-    size_t         len  = sizeof *arena;
-    extern const PRVersionDescription * libVersionPoint(void);
-    static const PRVersionDescription * pvd;
-    static PRBool  doFreeArenaPool = PR_FALSE;
-
-    if (ARENAPOOL_MAGIC == pool->magic ) {
-	len  = sizeof *pool;
-	lock = pool->lock;
-	PZ_Lock(lock);
-    }
-    if (!pvd) {
-	/* Each of NSPR's DLLs has a function libVersionPoint().
-	** We could do a lot of extra work to be sure we're calling the
-	** one in the DLL that holds PR_FreeArenaPool, but instead we
-	** rely on the fact that ALL NSPR DLLs in the same directory
-	** must be from the same release, and we call which ever one we get. 
-	*/
-	/* no need for thread protection here */
-	pvd = libVersionPoint();
-	if ((pvd->vMajor > 4) || 
-	    (pvd->vMajor == 4 && pvd->vMinor > 1) ||
-	    (pvd->vMajor == 4 && pvd->vMinor == 1 && pvd->vPatch >= 1)) {
-	    const char *ev = PR_GetEnv("NSS_DISABLE_ARENA_FREE_LIST");
-	    if (!ev) doFreeArenaPool = PR_TRUE;
-	}
-    }
-    if (doFreeArenaPool) {
-	PL_FreeArenaPool(arena);
-    } else {
-	PL_FinishArenaPool(arena);
-    }
-    PORT_ZFree(arena, len);
-    if (lock) {
-	PZ_Unlock(lock);
-	PZ_DestroyLock(lock);
-    }
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
-    PORTArenaPool *pool = (PORTArenaPool *)arena;
-    PORT_Assert(newsize >= oldsize);
-    
-    if (ARENAPOOL_MAGIC == pool->magic ) {
-	PZ_Lock(pool->lock);
-	/* Do we do a THREADMARK check here? */
-	PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-	PZ_Unlock(pool->lock);
-    } else {
-	PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-    }
-    
-    return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
-    void * result;
-
-    PORTArenaPool *pool = (PORTArenaPool *)arena;
-    if (ARENAPOOL_MAGIC == pool->magic ) {
-	PZ_Lock(pool->lock);
-#ifdef THREADMARK
-	{
-	  threadmark_mark *tm, **pw;
-	  PRThread * currentThread = PR_GetCurrentThread();
-
-	    if (! pool->marking_thread ) {
-		/* First mark */
-		pool->marking_thread = currentThread;
-	    } else if (currentThread != pool->marking_thread ) {
-		PZ_Unlock(pool->lock);
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		PORT_Assert(0);
-		return NULL;
-	    }
-
-	    result = PL_ARENA_MARK(arena);
-	    PL_ARENA_ALLOCATE(tm, arena, sizeof(threadmark_mark));
-	    if (!tm) {
-		PZ_Unlock(pool->lock);
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		return NULL;
-	    }
-
-	    tm->mark = result;
-	    tm->next = (threadmark_mark *)NULL;
-
-	    pw = &pool->first_mark;
-	    while( *pw ) {
-		 pw = &(*pw)->next;
-	    }
-
-	    *pw = tm;
-	}
-#else /* THREADMARK */
-	result = PL_ARENA_MARK(arena);
-#endif /* THREADMARK */
-	PZ_Unlock(pool->lock);
-    } else {
-	/* a "pure" NSPR arena */
-	result = PL_ARENA_MARK(arena);
-    }
-    return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
-    PORTArenaPool *pool = (PORTArenaPool *)arena;
-    if (ARENAPOOL_MAGIC == pool->magic ) {
-	PZ_Lock(pool->lock);
-#ifdef THREADMARK
-	{
-	    threadmark_mark **pw, *tm;
-
-	    if (PR_GetCurrentThread() != pool->marking_thread ) {
-		PZ_Unlock(pool->lock);
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		PORT_Assert(0);
-		return /* no error indication available */ ;
-	    }
-
-	    pw = &pool->first_mark;
-	    while( *pw && (mark != (*pw)->mark) ) {
-		pw = &(*pw)->next;
-	    }
-
-	    if (! *pw ) {
-		/* bad mark */
-		PZ_Unlock(pool->lock);
-		PORT_SetError(SEC_ERROR_NO_MEMORY);
-		PORT_Assert(0);
-		return /* no error indication available */ ;
-	    }
-
-	    tm = *pw;
-	    *pw = (threadmark_mark *)NULL;
-
-	    PL_ARENA_RELEASE(arena, mark);
-
-	    if (! pool->first_mark ) {
-		pool->marking_thread = (PRThread *)NULL;
-	    }
-	}
-#else /* THREADMARK */
-	PL_ARENA_RELEASE(arena, mark);
-#endif /* THREADMARK */
-	PZ_Unlock(pool->lock);
-    } else {
-	PL_ARENA_RELEASE(arena, mark);
-    }
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
-#ifdef THREADMARK
-    PORTArenaPool *pool = (PORTArenaPool *)arena;
-    if (ARENAPOOL_MAGIC == pool->magic ) {
-	threadmark_mark **pw, *tm;
-
-	PZ_Lock(pool->lock);
-
-	if (PR_GetCurrentThread() != pool->marking_thread ) {
-	    PZ_Unlock(pool->lock);
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    PORT_Assert(0);
-	    return /* no error indication available */ ;
-	}
-
-	pw = &pool->first_mark;
-	while( ((threadmark_mark *)NULL != *pw) && (mark != (*pw)->mark) ) {
-	    pw = &(*pw)->next;
-	}
-
-	if ((threadmark_mark *)NULL == *pw ) {
-	    /* bad mark */
-	    PZ_Unlock(pool->lock);
-	    PORT_SetError(SEC_ERROR_NO_MEMORY);
-	    PORT_Assert(0);
-	    return /* no error indication available */ ;
-	}
-
-	tm = *pw;
-	*pw = (threadmark_mark *)NULL;
-
-	if (! pool->first_mark ) {
-	    pool->marking_thread = (PRThread *)NULL;
-	}
-
-	PZ_Unlock(pool->lock);
-    }
-#endif /* THREADMARK */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena, const char *str) {
-    int len = PORT_Strlen(str)+1;
-    char *newstr;
-
-    newstr = (char*)PORT_ArenaAlloc(arena,len);
-    if (newstr) {
-        PORT_Memcpy(newstr,str,len);
-    }
-    return newstr;
-}
-
-/********************** end of arena functions ***********************/
-
-/****************** unicode conversion functions ***********************/
-/*
- * NOTE: These conversion functions all assume that the multibyte
- * characters are going to be in NETWORK BYTE ORDER, not host byte
- * order.  This is because the only time we deal with UCS-2 and UCS-4
- * are when the data was received from or is going to be sent out
- * over the wire (in, e.g. certificates).
- */
-
-void
-PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
-{ 
-    ucs4Utf8ConvertFunc = convFunc;
-}
-
-void
-PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc)
-{ 
-    ucs2AsciiConvertFunc = convFunc;
-}
-
-void
-PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
-{ 
-    ucs2Utf8ConvertFunc = convFunc;
-}
-
-PRBool 
-PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
-			 unsigned int inBufLen, unsigned char *outBuf,
-			 unsigned int maxOutBufLen, unsigned int *outBufLen)
-{
-    if(!ucs4Utf8ConvertFunc) {
-      return sec_port_ucs4_utf8_conversion_function(toUnicode,
-        inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
-    }
-
-    return (*ucs4Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf, 
-				  maxOutBufLen, outBufLen);
-}
-
-PRBool 
-PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
-			 unsigned int inBufLen, unsigned char *outBuf,
-			 unsigned int maxOutBufLen, unsigned int *outBufLen)
-{
-    if(!ucs2Utf8ConvertFunc) {
-      return sec_port_ucs2_utf8_conversion_function(toUnicode,
-        inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
-    }
-
-    return (*ucs2Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf, 
-				  maxOutBufLen, outBufLen);
-}
-
-PRBool 
-PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
-			  unsigned int inBufLen, unsigned char *outBuf,
-			  unsigned int maxOutBufLen, unsigned int *outBufLen,
-			  PRBool swapBytes)
-{
-    if(!ucs2AsciiConvertFunc) {
-	return PR_FALSE;
-    }
-
-    return (*ucs2AsciiConvertFunc)(toUnicode, inBuf, inBufLen, outBuf, 
-				  maxOutBufLen, outBufLen, swapBytes);
-}
-
-
-/* Portable putenv.  Creates/replaces an environment variable of the form
- *  envVarName=envValue
- */
-int
-NSS_PutEnv(const char * envVarName, const char * envValue)
-{
-#if  defined(XP_MAC) || defined(_WIN32_WCE)
-    return SECFailure;
-#else
-    SECStatus result = SECSuccess;
-    char *    encoded;
-    int       putEnvFailed;
-#ifdef _WIN32
-    PRBool      setOK;
-
-    setOK = SetEnvironmentVariable(envVarName, envValue);
-    if (!setOK) {
-        SET_ERROR_CODE
-        return SECFailure;
-    }
-#endif
-
-    encoded = (char *)PORT_ZAlloc(strlen(envVarName) + 2 + strlen(envValue));
-    strcpy(encoded, envVarName);
-    strcat(encoded, "=");
-    strcat(encoded, envValue);
-
-    putEnvFailed = putenv(encoded); /* adopt. */
-    if (putEnvFailed) {
-        SET_ERROR_CODE
-        result = SECFailure;
-        PORT_Free(encoded);
-    }
-    return result;
-#endif
-}
-
diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h
deleted file mode 100644
index b154c0915..000000000
--- a/security/nss/lib/util/secport.h
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * secport.h - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- * 
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#ifndef _SECPORT_H_
-#define _SECPORT_H_
-
-/*
- * define XP_MAC, XP_WIN, XP_BEOS, or XP_UNIX, in case they are not defined
- * by anyone else
- */
-#ifdef macintosh
-# ifndef XP_MAC
-# define XP_MAC 1
-# endif
-#endif
-
-#ifdef _WINDOWS
-# ifndef XP_WIN
-# define XP_WIN
-# endif
-#if defined(_WIN32) || defined(WIN32)
-# ifndef XP_WIN32
-# define XP_WIN32
-# endif
-#else
-# ifndef XP_WIN16
-# define XP_WIN16
-# endif
-#endif
-#endif
-
-#ifdef __BEOS__
-# ifndef XP_BEOS
-# define XP_BEOS
-# endif
-#endif
-
-#ifdef unix
-# ifndef XP_UNIX
-# define XP_UNIX
-# endif
-#endif
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#include "watcomfx.h"
-#endif
-
-#if defined(_WIN32_WCE)
-#include <windef.h>
-#include <types.h>
-#elif defined( XP_MAC ) 
-#include <types.h>
-#include <time.h> /* for time_t below */
-#else
-#include <sys/types.h>
-#endif
-
-#ifdef notdef
-#ifdef XP_MAC
-#include "NSString.h"
-#endif
-#endif
-
-#include <ctype.h>
-#include <string.h>
-#if defined(_WIN32_WCE)
-#include <stdlib.h>	/* WinCE puts some stddef symbols here. */
-#else
-#include <stddef.h>
-#endif
-#include <stdlib.h>
-#include "prtypes.h"
-#include "prlog.h"	/* for PR_ASSERT */
-#include "plarena.h"
-#include "plstr.h"
-
-/*
- * HACK for NSS 2.8 to allow Admin to compile without source changes.
- */
-#ifndef SEC_BEGIN_PROTOS
-#include "seccomon.h"
-#endif
-
-SEC_BEGIN_PROTOS
-
-extern void *PORT_Alloc(size_t len);
-extern void *PORT_Realloc(void *old, size_t len);
-extern void *PORT_AllocBlock(size_t len);
-extern void *PORT_ReallocBlock(void *old, size_t len);
-extern void PORT_FreeBlock(void *ptr);
-extern void *PORT_ZAlloc(size_t len);
-extern void PORT_Free(void *ptr);
-extern void PORT_ZFree(void *ptr, size_t len);
-extern time_t PORT_Time(void);
-extern void PORT_SetError(int value);
-extern int PORT_GetError(void);
-
-extern PLArenaPool *PORT_NewArena(unsigned long chunksize);
-extern void *PORT_ArenaAlloc(PLArenaPool *arena, size_t size);
-extern void *PORT_ArenaZAlloc(PLArenaPool *arena, size_t size);
-extern void PORT_FreeArena(PLArenaPool *arena, PRBool zero);
-extern void *PORT_ArenaGrow(PLArenaPool *arena, void *ptr,
-			    size_t oldsize, size_t newsize);
-extern void *PORT_ArenaMark(PLArenaPool *arena);
-extern void PORT_ArenaRelease(PLArenaPool *arena, void *mark);
-extern void PORT_ArenaUnmark(PLArenaPool *arena, void *mark);
-extern char *PORT_ArenaStrdup(PLArenaPool *arena, const char *str);
-
-#ifdef __cplusplus
-}
-#endif
-
-#define PORT_Assert PR_ASSERT
-#define PORT_ZNew(type) (type*)PORT_ZAlloc(sizeof(type))
-#define PORT_New(type) (type*)PORT_Alloc(sizeof(type))
-#define PORT_ArenaNew(poolp, type)	\
-		(type*) PORT_ArenaAlloc(poolp, sizeof(type))
-#define PORT_ArenaZNew(poolp, type)	\
-		(type*) PORT_ArenaZAlloc(poolp, sizeof(type))
-#define PORT_NewArray(type, num)	\
-		(type*) PORT_Alloc (sizeof(type)*(num))
-#define PORT_ZNewArray(type, num)	\
-		(type*) PORT_ZAlloc (sizeof(type)*(num))
-#define PORT_ArenaNewArray(poolp, type, num)	\
-		(type*) PORT_ArenaAlloc (poolp, sizeof(type)*(num))
-#define PORT_ArenaZNewArray(poolp, type, num)	\
-		(type*) PORT_ArenaZAlloc (poolp, sizeof(type)*(num))
-
-/* Please, keep these defines sorted alphbetically.  Thanks! */
-
-#ifdef XP_STRING_FUNCS
-
-#define PORT_Atoi 	XP_ATOI
-
-#define PORT_Memcmp 	XP_MEMCMP
-#define PORT_Memcpy 	XP_MEMCPY
-#define PORT_Memmove 	XP_MEMMOVE
-#define PORT_Memset 	XP_MEMSET
-
-#define PORT_Strcasecmp XP_STRCASECMP
-#define PORT_Strcat 	XP_STRCAT
-#define PORT_Strchr 	XP_STRCHR
-#define PORT_Strrchr	XP_STRRCHR
-#define PORT_Strcmp 	XP_STRCMP
-#define PORT_Strcpy 	XP_STRCPY
-#define PORT_Strdup 	XP_STRDUP
-#define PORT_Strlen(s) 	XP_STRLEN(s)
-#define PORT_Strncasecmp XP_STRNCASECMP
-#define PORT_Strncat 	strncat
-#define PORT_Strncmp 	XP_STRNCMP
-#define PORT_Strncpy 	strncpy
-#define PORT_Strstr 	XP_STRSTR
-#define PORT_Strtok 	XP_STRTOK_R
-
-#define PORT_Tolower 	XP_TO_LOWER
-
-#else /* XP_STRING_FUNCS */
-
-#define PORT_Atoi 	atoi
-
-#define PORT_Memcmp 	memcmp
-#define PORT_Memcpy 	memcpy
-#ifndef SUNOS4
-#define PORT_Memmove 	memmove
-#else /*SUNOS4*/
-#define PORT_Memmove(s,ct,n)    bcopy ((ct), (s), (n))
-#endif/*SUNOS4*/
-#define PORT_Memset 	memset
-
-#define PORT_Strcasecmp PL_strcasecmp
-#define PORT_Strcat 	strcat
-#define PORT_Strchr 	strchr
-#define PORT_Strrchr    strrchr
-#define PORT_Strcmp 	strcmp
-#define PORT_Strcpy 	strcpy
-extern char *PORT_Strdup(const char *s);
-#define PORT_Strlen(s) 	strlen(s)
-#define PORT_Strncasecmp PL_strncasecmp
-#define PORT_Strncat 	strncat
-#define PORT_Strncmp 	strncmp
-#define PORT_Strncpy 	strncpy
-#define PORT_Strstr 	strstr
-#define PORT_Strtok 	strtok
-
-#define PORT_Tolower 	tolower
-
-#endif /* XP_STRING_FUNCS */
-
-typedef PRBool (PR_CALLBACK * PORTCharConversionWSwapFunc) (PRBool toUnicode,
-			unsigned char *inBuf, unsigned int inBufLen,
-			unsigned char *outBuf, unsigned int maxOutBufLen,
-			unsigned int *outBufLen, PRBool swapBytes);
-
-typedef PRBool (PR_CALLBACK * PORTCharConversionFunc) (PRBool toUnicode,
-			unsigned char *inBuf, unsigned int inBufLen,
-			unsigned char *outBuf, unsigned int maxOutBufLen,
-			unsigned int *outBufLen);
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
-void PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc);
-PRBool PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
-			unsigned int inBufLen, unsigned char *outBuf,
-			unsigned int maxOutBufLen, unsigned int *outBufLen);
-PRBool PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
-			unsigned int inBufLen, unsigned char *outBuf,
-			unsigned int maxOutBufLen, unsigned int *outBufLen,
-			PRBool swapBytes);
-void PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
-PRBool PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
-			unsigned int inBufLen, unsigned char *outBuf,
-			unsigned int maxOutBufLen, unsigned int *outBufLen);
-
-PR_EXTERN(PRBool)
-sec_port_ucs4_utf8_conversion_function
-(
-  PRBool toUnicode,
-  unsigned char *inBuf,
-  unsigned int inBufLen,
-  unsigned char *outBuf,
-  unsigned int maxOutBufLen,
-  unsigned int *outBufLen
-);
-
-PR_EXTERN(PRBool)
-sec_port_ucs2_utf8_conversion_function
-(
-  PRBool toUnicode,
-  unsigned char *inBuf,
-  unsigned int inBufLen,
-  unsigned char *outBuf,
-  unsigned int maxOutBufLen,
-  unsigned int *outBufLen
-);
-
-extern int NSS_PutEnv(const char * envVarName, const char * envValue);
-
-SEC_END_PROTOS
-
-#endif /* _SECPORT_H_ */
diff --git a/security/nss/lib/util/sectime.c b/security/nss/lib/util/sectime.c
deleted file mode 100644
index d3cca6f87..000000000
--- a/security/nss/lib/util/sectime.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prlong.h"
-#include "prtime.h"
-#include "secder.h"
-#include "cert.h"
-#include "secitem.h"
-
-const SEC_ASN1Template CERT_ValidityTemplate[] = {
-    { SEC_ASN1_SEQUENCE,
-	  0, NULL, sizeof(CERTValidity) },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTValidity,notBefore) },
-    { SEC_ASN1_UTC_TIME,
-	  offsetof(CERTValidity,notAfter) },
-    { 0 }
-};
-
-DERTemplate CERTValidityTemplate[] = {
-    { DER_SEQUENCE,
-	  0, NULL, sizeof(CERTValidity) },
-    { DER_UTC_TIME,
-	  offsetof(CERTValidity,notBefore), },
-    { DER_UTC_TIME,
-	  offsetof(CERTValidity,notAfter), },
-    { 0, }
-};
-
-static char *DecodeUTCTime2FormattedAscii (SECItem *utcTimeDER, char *format);
-
-/* convert DER utc time to ascii time string */
-char *
-DER_UTCTimeToAscii(SECItem *utcTime)
-{
-    return (DecodeUTCTime2FormattedAscii (utcTime, "%a %b %d %H:%M:%S %Y"));
-}
-
-/* convert DER utc time to ascii time string, only include day, not time */
-char *
-DER_UTCDayToAscii(SECItem *utctime)
-{
-    return (DecodeUTCTime2FormattedAscii (utctime, "%a %b %d, %Y"));
-}
-
-CERTValidity *
-CERT_CreateValidity(int64 notBefore, int64 notAfter)
-{
-    CERTValidity *v;
-    int rv;
-    PRArenaPool *arena;
-
-    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    
-    if ( !arena ) {
-	return(0);
-    }
-    
-    v = (CERTValidity*) PORT_ArenaZAlloc(arena, sizeof(CERTValidity));
-    if (v) {
-	v->arena = arena;
-	rv = DER_TimeToUTCTime(&v->notBefore, notBefore);
-	if (rv) goto loser;
-	rv = DER_TimeToUTCTime(&v->notAfter, notAfter);
-	if (rv) goto loser;
-    }
-    return v;
-
-  loser:
-    CERT_DestroyValidity(v);
-    return 0;
-}
-
-SECStatus
-CERT_CopyValidity(PRArenaPool *arena, CERTValidity *to, CERTValidity *from)
-{
-    SECStatus rv;
-
-    CERT_DestroyValidity(to);
-    to->arena = arena;
-    
-    rv = SECITEM_CopyItem(arena, &to->notBefore, &from->notBefore);
-    if (rv) return rv;
-    rv = SECITEM_CopyItem(arena, &to->notAfter, &from->notAfter);
-    return rv;
-}
-
-void
-CERT_DestroyValidity(CERTValidity *v)
-{
-    if (v && v->arena) {
-	PORT_FreeArena(v->arena, PR_FALSE);
-    }
-    return;
-}
-
-char *
-CERT_UTCTime2FormattedAscii (int64 utcTime, char *format)
-{
-    PRExplodedTime printableTime; 
-    char *timeString;
-   
-    /* Converse time to local time and decompose it into components */
-    PR_ExplodeTime(utcTime, PR_LocalTimeParameters, &printableTime);
-    
-    timeString = (char *)PORT_Alloc(100);
-
-    if ( timeString ) {
-        PR_FormatTime( timeString, 100, format, &printableTime );
-    }
-    
-    return (timeString);
-}
-
-char *CERT_GenTime2FormattedAscii (int64 genTime, char *format)
-{
-    PRExplodedTime printableTime; 
-    char *timeString;
-   
-    /* Decompose time into components */
-    PR_ExplodeTime(genTime, PR_GMTParameters, &printableTime);
-    
-    timeString = (char *)PORT_Alloc(100);
-
-    if ( timeString ) {
-        PR_FormatTime( timeString, 100, format, &printableTime );
-    }
-    
-    return (timeString);
-}
-
-
-/* convert DER utc time to ascii time string, The format of the time string
-   depends on the input "format"
- */
-static char *
-DecodeUTCTime2FormattedAscii (SECItem *utcTimeDER,  char *format)
-{
-    int64 utcTime;
-    int rv;
-   
-    rv = DER_UTCTimeToTime(&utcTime, utcTimeDER);
-    if (rv) {
-        return(NULL);
-    }
-    return (CERT_UTCTime2FormattedAscii (utcTime, format));
-}
diff --git a/security/nss/lib/util/utf8.c b/security/nss/lib/util/utf8.c
deleted file mode 100644
index 7a3c3954d..000000000
--- a/security/nss/lib/util/utf8.c
+++ /dev/null
@@ -1,2061 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "seccomon.h"
-#include "secport.h"
-
-/*
- * Define this if you want to support UTF-16 in UCS-2
- */
-#define UTF16
-
-/*
- * From RFC 2044:
- *
- * UCS-4 range (hex.)           UTF-8 octet sequence (binary)
- * 0000 0000-0000 007F   0xxxxxxx
- * 0000 0080-0000 07FF   110xxxxx 10xxxxxx
- * 0000 0800-0000 FFFF   1110xxxx 10xxxxxx 10xxxxxx
- * 0001 0000-001F FFFF   11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0020 0000-03FF FFFF   111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0400 0000-7FFF FFFF   1111110x 10xxxxxx ... 10xxxxxx
- */  
-
-/*
- * From http://www.imc.org/draft-hoffman-utf16
- *
- * For U on [0x00010000,0x0010FFFF]:  Let U' = U - 0x00010000
- *
- * U' = yyyyyyyyyyxxxxxxxxxx
- * W1 = 110110yyyyyyyyyy
- * W2 = 110111xxxxxxxxxx
- */
-
-/*
- * This code is assuming NETWORK BYTE ORDER for the 16- and 32-bit
- * character values.  If you wish to use this code for working with
- * host byte order values, define the following:
- *
- * #if IS_BIG_ENDIAN
- * #define L_0 0
- * #define L_1 1
- * #define L_2 2
- * #define L_3 3
- * #define H_0 0
- * #define H_1 1
- * #else / * not everyone has elif * /
- * #if IS_LITTLE_ENDIAN
- * #define L_0 3
- * #define L_1 2
- * #define L_2 1
- * #define L_3 0
- * #define H_0 1
- * #define H_1 0
- * #else
- * #error "PDP and NUXI support deferred"
- * #endif / * IS_LITTLE_ENDIAN * /
- * #endif / * IS_BIG_ENDIAN * /
- */
-
-#define L_0 0
-#define L_1 1
-#define L_2 2
-#define L_3 3
-#define H_0 0
-#define H_1 1
-
-PR_IMPLEMENT(PRBool)
-sec_port_ucs4_utf8_conversion_function
-(
-  PRBool toUnicode,
-  unsigned char *inBuf,
-  unsigned int inBufLen,
-  unsigned char *outBuf,
-  unsigned int maxOutBufLen,
-  unsigned int *outBufLen
-)
-{
-#ifndef TEST_UTF8
-  PORT_Assert((unsigned int *)NULL != outBufLen);
-#endif /* TEST_UTF8 */
-
-  if( toUnicode ) {
-    unsigned int i, len = 0;
-
-    for( i = 0; i < inBufLen; ) {
-      if( (inBuf[i] & 0x80) == 0x00 ) i += 1;
-      else if( (inBuf[i] & 0xE0) == 0xC0 ) i += 2;
-      else if( (inBuf[i] & 0xF0) == 0xE0 ) i += 3;
-      else if( (inBuf[i] & 0xF8) == 0xF0 ) i += 4;
-      else if( (inBuf[i] & 0xFC) == 0xF8 ) i += 5;
-      else if( (inBuf[i] & 0xFE) == 0xFC ) i += 6;
-      else return PR_FALSE;
-
-      len += 4;
-    }
-
-    if( len > maxOutBufLen ) {
-      *outBufLen = len;
-      return PR_FALSE;
-    }
-
-    len = 0;
-
-    for( i = 0; i < inBufLen; ) {
-      if( (inBuf[i] & 0x80) == 0x00 ) {
-        /* 0000 0000-0000 007F <- 0xxxxxx */
-        /* 0abcdefg -> 
-           00000000 00000000 00000000 0abcdefg */
-
-        outBuf[len+L_0] = 0x00;
-        outBuf[len+L_1] = 0x00;
-        outBuf[len+L_2] = 0x00;
-        outBuf[len+L_3] = inBuf[i+0] & 0x7F;
-
-        i += 1;
-      } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0000 0080-0000 07FF <- 110xxxxx 10xxxxxx */
-        /* 110abcde 10fghijk ->
-           00000000 00000000 00000abc defghijk */
-
-        outBuf[len+L_0] = 0x00;
-        outBuf[len+L_1] = 0x00;
-        outBuf[len+L_2] = ((inBuf[i+0] & 0x1C) >> 2);
-        outBuf[len+L_3] = ((inBuf[i+0] & 0x03) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-
-        i += 2;
-      } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0000 0800-0000 FFFF <- 1110xxxx 10xxxxxx 10xxxxxx */
-        /* 1110abcd 10efghij 10klmnop ->
-           00000000 00000000 abcdefgh ijklmnop */
-
-        outBuf[len+L_0] = 0x00;
-        outBuf[len+L_1] = 0x00;
-        outBuf[len+L_2] = ((inBuf[i+0] & 0x0F) << 4) | ((inBuf[i+1] & 0x3C) >> 2);
-        outBuf[len+L_3] = ((inBuf[i+1] & 0x03) << 6) | ((inBuf[i+2] & 0x3F) >> 0);
-
-        i += 3;
-      } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0001 0000-001F FFFF <- 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
-        /* 11110abc 10defghi 10jklmno 10pqrstu -> 
-           00000000 000abcde fghijklm nopqrstu */
-           
-        outBuf[len+L_0] = 0x00;
-        outBuf[len+L_1] = ((inBuf[i+0] & 0x07) << 2) | ((inBuf[i+1] & 0x30) >> 4);
-        outBuf[len+L_2] = ((inBuf[i+1] & 0x0F) << 4) | ((inBuf[i+2] & 0x3C) >> 2);
-        outBuf[len+L_3] = ((inBuf[i+2] & 0x03) << 6) | ((inBuf[i+3] & 0x3F) >> 0);
-
-        i += 4;
-      } else if( (inBuf[i] & 0xFC) == 0xF8 ) {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+4] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0020 0000-03FF FFFF <- 111110xx 10xxxxxx ... 10xxxxxx */
-        /* 111110ab 10cdefgh 10ijklmn 10opqrst 10uvwxyz -> 
-           000000ab cdefghij klmnopqr stuvwxyz */
-
-        outBuf[len+L_0] = inBuf[i+0] & 0x03;
-        outBuf[len+L_1] = ((inBuf[i+1] & 0x3F) << 2) | ((inBuf[i+2] & 0x30) >> 4);
-        outBuf[len+L_2] = ((inBuf[i+2] & 0x0F) << 4) | ((inBuf[i+3] & 0x3C) >> 2);
-        outBuf[len+L_3] = ((inBuf[i+3] & 0x03) << 6) | ((inBuf[i+4] & 0x3F) >> 0);
-
-        i += 5;
-      } else /* if( (inBuf[i] & 0xFE) == 0xFC ) */ {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+4] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+5] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0400 0000-7FFF FFFF <- 1111110x 10xxxxxx ... 10xxxxxx */
-        /* 1111110a 10bcdefg 10hijklm 10nopqrs 10tuvwxy 10zABCDE -> 
-           0abcdefg hijklmno pqrstuvw xyzABCDE */
-
-        outBuf[len+L_0] = ((inBuf[i+0] & 0x01) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-        outBuf[len+L_1] = ((inBuf[i+2] & 0x3F) << 2) | ((inBuf[i+3] & 0x30) >> 4);
-        outBuf[len+L_2] = ((inBuf[i+3] & 0x0F) << 4) | ((inBuf[i+4] & 0x3C) >> 2);
-        outBuf[len+L_3] = ((inBuf[i+4] & 0x03) << 6) | ((inBuf[i+5] & 0x3F) >> 0);
-
-        i += 6;
-      }
-
-      len += 4;
-    }
-
-    *outBufLen = len;
-    return PR_TRUE;
-  } else {
-    unsigned int i, len = 0;
-
-    for( i = 0; i < inBufLen; i += 4 ) {
-      if( inBuf[i+L_0] >= 0x04 ) len += 6;
-      else if( (inBuf[i+L_0] > 0x00) || (inBuf[i+L_1] >= 0x20) ) len += 5;
-      else if( inBuf[i+L_1] >= 0x01 ) len += 4;
-      else if( inBuf[i+L_2] >= 0x08 ) len += 3;
-      else if( (inBuf[i+L_2] > 0x00) || (inBuf[i+L_3] >= 0x80) ) len += 2;
-      else len += 1;
-    }
-
-    if( len > maxOutBufLen ) {
-      *outBufLen = len;
-      return PR_FALSE;
-    }
-
-    len = 0;
-
-    for( i = 0; i < inBufLen; i += 4 ) {
-      if( inBuf[i+L_0] >= 0x04 ) {
-        /* 0400 0000-7FFF FFFF -> 1111110x 10xxxxxx ... 10xxxxxx */
-        /* 0abcdefg hijklmno pqrstuvw xyzABCDE ->
-           1111110a 10bcdefg 10hijklm 10nopqrs 10tuvwxy 10zABCDE */
-
-        outBuf[len+0] = 0xFC | ((inBuf[i+L_0] & 0x40) >> 6);
-        outBuf[len+1] = 0x80 | ((inBuf[i+L_0] & 0x3F) >> 0);
-        outBuf[len+2] = 0x80 | ((inBuf[i+L_1] & 0xFC) >> 2);
-        outBuf[len+3] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
-                             | ((inBuf[i+L_2] & 0xF0) >> 4);
-        outBuf[len+4] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
-                             | ((inBuf[i+L_3] & 0xC0) >> 6);
-        outBuf[len+5] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
-        len += 6;
-      } else if( (inBuf[i+L_0] > 0x00) || (inBuf[i+L_1] >= 0x20) ) {
-        /* 0020 0000-03FF FFFF -> 111110xx 10xxxxxx ... 10xxxxxx */
-        /* 000000ab cdefghij klmnopqr stuvwxyz ->
-           111110ab 10cdefgh 10ijklmn 10opqrst 10uvwxyz */
-
-        outBuf[len+0] = 0xF8 | ((inBuf[i+L_0] & 0x03) >> 0);
-        outBuf[len+1] = 0x80 | ((inBuf[i+L_1] & 0xFC) >> 2);
-        outBuf[len+2] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
-                             | ((inBuf[i+L_2] & 0xF0) >> 4);
-        outBuf[len+3] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
-                             | ((inBuf[i+L_3] & 0xC0) >> 6);
-        outBuf[len+4] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
-        len += 5;
-      } else if( inBuf[i+L_1] >= 0x01 ) {
-        /* 0001 0000-001F FFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
-        /* 00000000 000abcde fghijklm nopqrstu ->
-           11110abc 10defghi 10jklmno 10pqrstu */
-
-        outBuf[len+0] = 0xF0 | ((inBuf[i+L_1] & 0x1C) >> 2);
-        outBuf[len+1] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
-                             | ((inBuf[i+L_2] & 0xF0) >> 4);
-        outBuf[len+2] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
-                             | ((inBuf[i+L_3] & 0xC0) >> 6);
-        outBuf[len+3] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
-        len += 4;
-      } else if( inBuf[i+L_2] >= 0x08 ) {
-        /* 0000 0800-0000 FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
-        /* 00000000 00000000 abcdefgh ijklmnop ->
-           1110abcd 10efghij 10klmnop */
-
-        outBuf[len+0] = 0xE0 | ((inBuf[i+L_2] & 0xF0) >> 4);
-        outBuf[len+1] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
-                             | ((inBuf[i+L_3] & 0xC0) >> 6);
-        outBuf[len+2] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
-        len += 3;
-      } else if( (inBuf[i+L_2] > 0x00) || (inBuf[i+L_3] >= 0x80) ) {
-        /* 0000 0080-0000 07FF -> 110xxxxx 10xxxxxx */
-        /* 00000000 00000000 00000abc defghijk ->
-           110abcde 10fghijk */
-
-        outBuf[len+0] = 0xC0 | ((inBuf[i+L_2] & 0x07) << 2)
-                             | ((inBuf[i+L_3] & 0xC0) >> 6);
-        outBuf[len+1] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
-        len += 2;
-      } else {
-        /* 0000 0000-0000 007F -> 0xxxxxx */
-        /* 00000000 00000000 00000000 0abcdefg ->
-           0abcdefg */
-
-        outBuf[len+0] = (inBuf[i+L_3] & 0x7F);
-
-        len += 1;
-      }
-    }
-                            
-    *outBufLen = len;
-    return PR_TRUE;
-  }
-}
-
-PR_IMPLEMENT(PRBool)
-sec_port_ucs2_utf8_conversion_function
-(
-  PRBool toUnicode,
-  unsigned char *inBuf,
-  unsigned int inBufLen,
-  unsigned char *outBuf,
-  unsigned int maxOutBufLen,
-  unsigned int *outBufLen
-)
-{
-#ifndef TEST_UTF8
-  PORT_Assert((unsigned int *)NULL != outBufLen);
-#endif /* TEST_UTF8 */
-
-  if( toUnicode ) {
-    unsigned int i, len = 0;
-
-    for( i = 0; i < inBufLen; ) {
-      if( (inBuf[i] & 0x80) == 0x00 ) {
-        i += 1;
-        len += 2;
-      } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-        i += 2;
-        len += 2;
-      } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-        i += 3;
-        len += 2;
-#ifdef UTF16
-      } else if( (inBuf[i] & 0xF8) == 0xF0 ) { 
-        i += 4;
-        len += 4;
-
-        if( (inBuf[i] & 0x04) && 
-            ((inBuf[i] & 0x03) || (inBuf[i+1] & 0x30)) ) {
-          /* Not representable as UTF16 */
-          return PR_FALSE;
-        }
-
-#endif /* UTF16 */
-      } else return PR_FALSE;
-    }
-
-    if( len > maxOutBufLen ) {
-      *outBufLen = len;
-      return PR_FALSE;
-    }
-
-    len = 0;
-
-    for( i = 0; i < inBufLen; ) {
-      if( (inBuf[i] & 0x80) == 0x00 ) {
-        /* 0000-007F <- 0xxxxxx */
-        /* 0abcdefg -> 00000000 0abcdefg */
-
-        outBuf[len+H_0] = 0x00;
-        outBuf[len+H_1] = inBuf[i+0] & 0x7F;
-
-        i += 1;
-        len += 2;
-      } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0080-07FF <- 110xxxxx 10xxxxxx */
-        /* 110abcde 10fghijk -> 00000abc defghijk */
-
-        outBuf[len+H_0] = ((inBuf[i+0] & 0x1C) >> 2);
-        outBuf[len+H_1] = ((inBuf[i+0] & 0x03) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-
-        i += 2;
-        len += 2;
-      } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0800-FFFF <- 1110xxxx 10xxxxxx 10xxxxxx */
-        /* 1110abcd 10efghij 10klmnop -> abcdefgh ijklmnop */
-
-        outBuf[len+H_0] = ((inBuf[i+0] & 0x0F) << 4) | ((inBuf[i+1] & 0x3C) >> 2);
-        outBuf[len+H_1] = ((inBuf[i+1] & 0x03) << 6) | ((inBuf[i+2] & 0x3F) >> 0);
-
-        i += 3;
-        len += 2;
-#ifdef UTF16
-      } else if( (inBuf[i] & 0xF8) == 0xF0 ) { 
-        int abcde, BCDE;
-
-        if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-        if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-
-        /* 0001 0000-001F FFFF <- 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
-        /* 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx -> [D800-DBFF] [DC00-DFFF] */
-           
-        /* 11110abc 10defghi 10jklmno 10pqrstu -> 
-           { Let 0BCDE = abcde - 1 }
-           110110BC DEfghijk 110111lm nopqrstu */
-
-        abcde = ((inBuf[i+0] & 0x07) << 2) | ((inBuf[i+1] & 0x30) >> 4);
-        BCDE = abcde - 1;
-
-#ifndef TEST_UTF8
-        PORT_Assert(BCDE < 0x10); /* should have been caught above */
-#endif /* TEST_UTF8 */
-
-        outBuf[len+0+H_0] = 0xD8 | ((BCDE & 0x0C) >> 2);
-        outBuf[len+0+H_1] = ((BCDE & 0x03) << 6) 
-                      | ((inBuf[i+1] & 0x0F) << 2)
-                      | ((inBuf[i+2] & 0x30) >> 4);
-        outBuf[len+2+H_0] = 0xDC | ((inBuf[i+2] & 0x0C) >> 2);
-        outBuf[len+2+H_1] = ((inBuf[i+2] & 0x03) << 6) | ((inBuf[i+3] & 0x3F) >> 0);
-
-        i += 4;
-        len += 4;
-#endif /* UTF16 */
-      } else return PR_FALSE;
-    }
-
-    *outBufLen = len;
-    return PR_TRUE;
-  } else {
-    unsigned int i, len = 0;
-
-    for( i = 0; i < inBufLen; i += 2 ) {
-      if( (inBuf[i+H_0] == 0x00) && ((inBuf[i+H_0] & 0x80) == 0x00) ) len += 1;
-      else if( inBuf[i+H_0] < 0x08 ) len += 2;
-#ifdef UTF16
-      else if( ((inBuf[i+0+H_0] & 0xDC) == 0xD8) ) {
-        if( ((inBuf[i+2+H_0] & 0xDC) == 0xDC) && ((inBufLen - i) > 2) ) {
-          i += 2;
-          len += 4;
-        } else {
-          return PR_FALSE;
-        }
-      }
-#endif /* UTF16 */
-      else len += 3;
-    }
-
-    if( len > maxOutBufLen ) {
-      *outBufLen = len;
-      return PR_FALSE;
-    }
-
-    len = 0;
-
-    for( i = 0; i < inBufLen; i += 2 ) {
-      if( (inBuf[i+H_0] == 0x00) && ((inBuf[i+H_1] & 0x80) == 0x00) ) {
-        /* 0000-007F -> 0xxxxxx */
-        /* 00000000 0abcdefg -> 0abcdefg */
-
-        outBuf[len] = inBuf[i+H_1] & 0x7F;
-
-        len += 1;
-      } else if( inBuf[i+H_0] < 0x08 ) {
-        /* 0080-07FF -> 110xxxxx 10xxxxxx */
-        /* 00000abc defghijk -> 110abcde 10fghijk */
-
-        outBuf[len+0] = 0xC0 | ((inBuf[i+H_0] & 0x07) << 2) 
-                             | ((inBuf[i+H_1] & 0xC0) >> 6);
-        outBuf[len+1] = 0x80 | ((inBuf[i+H_1] & 0x3F) >> 0);
-
-        len += 2;
-#ifdef UTF16
-      } else if( (inBuf[i+H_0] & 0xDC) == 0xD8 ) {
-        int abcde, BCDE;
-
-#ifndef TEST_UTF8
-        PORT_Assert(((inBuf[i+2+H_0] & 0xDC) == 0xDC) && ((inBufLen - i) > 2));
-#endif /* TEST_UTF8 */
-
-        /* D800-DBFF DC00-DFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
-        /* 110110BC DEfghijk 110111lm nopqrstu ->
-           { Let abcde = BCDE + 1 }
-           11110abc 10defghi 10jklmno 10pqrstu */
-
-        BCDE = ((inBuf[i+H_0] & 0x03) << 2) | ((inBuf[i+H_1] & 0xC0) >> 6);
-        abcde = BCDE + 1;
-
-        outBuf[len+0] = 0xF0 | ((abcde & 0x1C) >> 2);
-        outBuf[len+1] = 0x80 | ((abcde & 0x03) << 4) 
-                             | ((inBuf[i+0+H_1] & 0x3C) >> 2);
-        outBuf[len+2] = 0x80 | ((inBuf[i+0+H_1] & 0x03) << 4)
-                             | ((inBuf[i+2+H_0] & 0x03) << 2)
-                             | ((inBuf[i+2+H_1] & 0xC0) >> 6);
-        outBuf[len+3] = 0x80 | ((inBuf[i+2+H_1] & 0x3F) >> 0);
-
-        i += 2;
-        len += 4;
-#endif /* UTF16 */
-      } else {
-        /* 0800-FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
-        /* abcdefgh ijklmnop -> 1110abcd 10efghij 10klmnop */
-
-        outBuf[len+0] = 0xE0 | ((inBuf[i+H_0] & 0xF0) >> 4);
-        outBuf[len+1] = 0x80 | ((inBuf[i+H_0] & 0x0F) << 2) 
-                             | ((inBuf[i+H_1] & 0xC0) >> 6);
-        outBuf[len+2] = 0x80 | ((inBuf[i+H_1] & 0x3F) >> 0);
-
-        len += 3;
-      }
-    }
-
-    *outBufLen = len;
-    return PR_TRUE;
-  }
-}
-
-#ifdef TEST_UTF8
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <netinet/in.h> /* for htonl and htons */
-
-/*
- * UCS-4 vectors
- */
-
-struct ucs4 {
-  PRUint32 c;
-  char *utf8;
-};
-
-/*
- * UCS-2 vectors
- */
-
-struct ucs2 {
-  PRUint16 c;
-  char *utf8;
-};
-
-#ifdef UTF16
-/*
- * UTF-16 vectors
- */
-
-struct utf16 {
-  PRUint32 c;
-  PRUint16 w[2];
-};
-#endif /* UTF16 */
-
-
-/*
- * UCS-4 vectors
- */
-
-struct ucs4 ucs4[] = {
-  { 0x00000001, "\x01" },
-  { 0x00000002, "\x02" },
-  { 0x00000003, "\x03" },
-  { 0x00000004, "\x04" },
-  { 0x00000007, "\x07" },
-  { 0x00000008, "\x08" },
-  { 0x0000000F, "\x0F" },
-  { 0x00000010, "\x10" },
-  { 0x0000001F, "\x1F" },
-  { 0x00000020, "\x20" },
-  { 0x0000003F, "\x3F" },
-  { 0x00000040, "\x40" },
-  { 0x0000007F, "\x7F" },
-          
-  { 0x00000080, "\xC2\x80" },
-  { 0x00000081, "\xC2\x81" },
-  { 0x00000082, "\xC2\x82" },
-  { 0x00000084, "\xC2\x84" },
-  { 0x00000088, "\xC2\x88" },
-  { 0x00000090, "\xC2\x90" },
-  { 0x000000A0, "\xC2\xA0" },
-  { 0x000000C0, "\xC3\x80" },
-  { 0x000000FF, "\xC3\xBF" },
-  { 0x00000100, "\xC4\x80" },
-  { 0x00000101, "\xC4\x81" },
-  { 0x00000102, "\xC4\x82" },
-  { 0x00000104, "\xC4\x84" },
-  { 0x00000108, "\xC4\x88" },
-  { 0x00000110, "\xC4\x90" },
-  { 0x00000120, "\xC4\xA0" },
-  { 0x00000140, "\xC5\x80" },
-  { 0x00000180, "\xC6\x80" },
-  { 0x000001FF, "\xC7\xBF" },
-  { 0x00000200, "\xC8\x80" },
-  { 0x00000201, "\xC8\x81" },
-  { 0x00000202, "\xC8\x82" },
-  { 0x00000204, "\xC8\x84" },
-  { 0x00000208, "\xC8\x88" },
-  { 0x00000210, "\xC8\x90" },
-  { 0x00000220, "\xC8\xA0" },
-  { 0x00000240, "\xC9\x80" },
-  { 0x00000280, "\xCA\x80" },
-  { 0x00000300, "\xCC\x80" },
-  { 0x000003FF, "\xCF\xBF" },
-  { 0x00000400, "\xD0\x80" },
-  { 0x00000401, "\xD0\x81" },
-  { 0x00000402, "\xD0\x82" },
-  { 0x00000404, "\xD0\x84" },
-  { 0x00000408, "\xD0\x88" },
-  { 0x00000410, "\xD0\x90" },
-  { 0x00000420, "\xD0\xA0" },
-  { 0x00000440, "\xD1\x80" },
-  { 0x00000480, "\xD2\x80" },
-  { 0x00000500, "\xD4\x80" },
-  { 0x00000600, "\xD8\x80" },
-  { 0x000007FF, "\xDF\xBF" },
-          
-  { 0x00000800, "\xE0\xA0\x80" },
-  { 0x00000801, "\xE0\xA0\x81" },
-  { 0x00000802, "\xE0\xA0\x82" },
-  { 0x00000804, "\xE0\xA0\x84" },
-  { 0x00000808, "\xE0\xA0\x88" },
-  { 0x00000810, "\xE0\xA0\x90" },
-  { 0x00000820, "\xE0\xA0\xA0" },
-  { 0x00000840, "\xE0\xA1\x80" },
-  { 0x00000880, "\xE0\xA2\x80" },
-  { 0x00000900, "\xE0\xA4\x80" },
-  { 0x00000A00, "\xE0\xA8\x80" },
-  { 0x00000C00, "\xE0\xB0\x80" },
-  { 0x00000FFF, "\xE0\xBF\xBF" },
-  { 0x00001000, "\xE1\x80\x80" },
-  { 0x00001001, "\xE1\x80\x81" },
-  { 0x00001002, "\xE1\x80\x82" },
-  { 0x00001004, "\xE1\x80\x84" },
-  { 0x00001008, "\xE1\x80\x88" },
-  { 0x00001010, "\xE1\x80\x90" },
-  { 0x00001020, "\xE1\x80\xA0" },
-  { 0x00001040, "\xE1\x81\x80" },
-  { 0x00001080, "\xE1\x82\x80" },
-  { 0x00001100, "\xE1\x84\x80" },
-  { 0x00001200, "\xE1\x88\x80" },
-  { 0x00001400, "\xE1\x90\x80" },
-  { 0x00001800, "\xE1\xA0\x80" },
-  { 0x00001FFF, "\xE1\xBF\xBF" },
-  { 0x00002000, "\xE2\x80\x80" },
-  { 0x00002001, "\xE2\x80\x81" },
-  { 0x00002002, "\xE2\x80\x82" },
-  { 0x00002004, "\xE2\x80\x84" },
-  { 0x00002008, "\xE2\x80\x88" },
-  { 0x00002010, "\xE2\x80\x90" },
-  { 0x00002020, "\xE2\x80\xA0" },
-  { 0x00002040, "\xE2\x81\x80" },
-  { 0x00002080, "\xE2\x82\x80" },
-  { 0x00002100, "\xE2\x84\x80" },
-  { 0x00002200, "\xE2\x88\x80" },
-  { 0x00002400, "\xE2\x90\x80" },
-  { 0x00002800, "\xE2\xA0\x80" },
-  { 0x00003000, "\xE3\x80\x80" },
-  { 0x00003FFF, "\xE3\xBF\xBF" },
-  { 0x00004000, "\xE4\x80\x80" },
-  { 0x00004001, "\xE4\x80\x81" },
-  { 0x00004002, "\xE4\x80\x82" },
-  { 0x00004004, "\xE4\x80\x84" },
-  { 0x00004008, "\xE4\x80\x88" },
-  { 0x00004010, "\xE4\x80\x90" },
-  { 0x00004020, "\xE4\x80\xA0" },
-  { 0x00004040, "\xE4\x81\x80" },
-  { 0x00004080, "\xE4\x82\x80" },
-  { 0x00004100, "\xE4\x84\x80" },
-  { 0x00004200, "\xE4\x88\x80" },
-  { 0x00004400, "\xE4\x90\x80" },
-  { 0x00004800, "\xE4\xA0\x80" },
-  { 0x00005000, "\xE5\x80\x80" },
-  { 0x00006000, "\xE6\x80\x80" },
-  { 0x00007FFF, "\xE7\xBF\xBF" },
-  { 0x00008000, "\xE8\x80\x80" },
-  { 0x00008001, "\xE8\x80\x81" },
-  { 0x00008002, "\xE8\x80\x82" },
-  { 0x00008004, "\xE8\x80\x84" },
-  { 0x00008008, "\xE8\x80\x88" },
-  { 0x00008010, "\xE8\x80\x90" },
-  { 0x00008020, "\xE8\x80\xA0" },
-  { 0x00008040, "\xE8\x81\x80" },
-  { 0x00008080, "\xE8\x82\x80" },
-  { 0x00008100, "\xE8\x84\x80" },
-  { 0x00008200, "\xE8\x88\x80" },
-  { 0x00008400, "\xE8\x90\x80" },
-  { 0x00008800, "\xE8\xA0\x80" },
-  { 0x00009000, "\xE9\x80\x80" },
-  { 0x0000A000, "\xEA\x80\x80" },
-  { 0x0000C000, "\xEC\x80\x80" },
-  { 0x0000FFFF, "\xEF\xBF\xBF" },
-          
-  { 0x00010000, "\xF0\x90\x80\x80" },
-  { 0x00010001, "\xF0\x90\x80\x81" },
-  { 0x00010002, "\xF0\x90\x80\x82" },
-  { 0x00010004, "\xF0\x90\x80\x84" },
-  { 0x00010008, "\xF0\x90\x80\x88" },
-  { 0x00010010, "\xF0\x90\x80\x90" },
-  { 0x00010020, "\xF0\x90\x80\xA0" },
-  { 0x00010040, "\xF0\x90\x81\x80" },
-  { 0x00010080, "\xF0\x90\x82\x80" },
-  { 0x00010100, "\xF0\x90\x84\x80" },
-  { 0x00010200, "\xF0\x90\x88\x80" },
-  { 0x00010400, "\xF0\x90\x90\x80" },
-  { 0x00010800, "\xF0\x90\xA0\x80" },
-  { 0x00011000, "\xF0\x91\x80\x80" },
-  { 0x00012000, "\xF0\x92\x80\x80" },
-  { 0x00014000, "\xF0\x94\x80\x80" },
-  { 0x00018000, "\xF0\x98\x80\x80" },
-  { 0x0001FFFF, "\xF0\x9F\xBF\xBF" },
-  { 0x00020000, "\xF0\xA0\x80\x80" },
-  { 0x00020001, "\xF0\xA0\x80\x81" },
-  { 0x00020002, "\xF0\xA0\x80\x82" },
-  { 0x00020004, "\xF0\xA0\x80\x84" },
-  { 0x00020008, "\xF0\xA0\x80\x88" },
-  { 0x00020010, "\xF0\xA0\x80\x90" },
-  { 0x00020020, "\xF0\xA0\x80\xA0" },
-  { 0x00020040, "\xF0\xA0\x81\x80" },
-  { 0x00020080, "\xF0\xA0\x82\x80" },
-  { 0x00020100, "\xF0\xA0\x84\x80" },
-  { 0x00020200, "\xF0\xA0\x88\x80" },
-  { 0x00020400, "\xF0\xA0\x90\x80" },
-  { 0x00020800, "\xF0\xA0\xA0\x80" },
-  { 0x00021000, "\xF0\xA1\x80\x80" },
-  { 0x00022000, "\xF0\xA2\x80\x80" },
-  { 0x00024000, "\xF0\xA4\x80\x80" },
-  { 0x00028000, "\xF0\xA8\x80\x80" },
-  { 0x00030000, "\xF0\xB0\x80\x80" },
-  { 0x0003FFFF, "\xF0\xBF\xBF\xBF" },
-  { 0x00040000, "\xF1\x80\x80\x80" },
-  { 0x00040001, "\xF1\x80\x80\x81" },
-  { 0x00040002, "\xF1\x80\x80\x82" },
-  { 0x00040004, "\xF1\x80\x80\x84" },
-  { 0x00040008, "\xF1\x80\x80\x88" },
-  { 0x00040010, "\xF1\x80\x80\x90" },
-  { 0x00040020, "\xF1\x80\x80\xA0" },
-  { 0x00040040, "\xF1\x80\x81\x80" },
-  { 0x00040080, "\xF1\x80\x82\x80" },
-  { 0x00040100, "\xF1\x80\x84\x80" },
-  { 0x00040200, "\xF1\x80\x88\x80" },
-  { 0x00040400, "\xF1\x80\x90\x80" },
-  { 0x00040800, "\xF1\x80\xA0\x80" },
-  { 0x00041000, "\xF1\x81\x80\x80" },
-  { 0x00042000, "\xF1\x82\x80\x80" },
-  { 0x00044000, "\xF1\x84\x80\x80" },
-  { 0x00048000, "\xF1\x88\x80\x80" },
-  { 0x00050000, "\xF1\x90\x80\x80" },
-  { 0x00060000, "\xF1\xA0\x80\x80" },
-  { 0x0007FFFF, "\xF1\xBF\xBF\xBF" },
-  { 0x00080000, "\xF2\x80\x80\x80" },
-  { 0x00080001, "\xF2\x80\x80\x81" },
-  { 0x00080002, "\xF2\x80\x80\x82" },
-  { 0x00080004, "\xF2\x80\x80\x84" },
-  { 0x00080008, "\xF2\x80\x80\x88" },
-  { 0x00080010, "\xF2\x80\x80\x90" },
-  { 0x00080020, "\xF2\x80\x80\xA0" },
-  { 0x00080040, "\xF2\x80\x81\x80" },
-  { 0x00080080, "\xF2\x80\x82\x80" },
-  { 0x00080100, "\xF2\x80\x84\x80" },
-  { 0x00080200, "\xF2\x80\x88\x80" },
-  { 0x00080400, "\xF2\x80\x90\x80" },
-  { 0x00080800, "\xF2\x80\xA0\x80" },
-  { 0x00081000, "\xF2\x81\x80\x80" },
-  { 0x00082000, "\xF2\x82\x80\x80" },
-  { 0x00084000, "\xF2\x84\x80\x80" },
-  { 0x00088000, "\xF2\x88\x80\x80" },
-  { 0x00090000, "\xF2\x90\x80\x80" },
-  { 0x000A0000, "\xF2\xA0\x80\x80" },
-  { 0x000C0000, "\xF3\x80\x80\x80" },
-  { 0x000FFFFF, "\xF3\xBF\xBF\xBF" },
-  { 0x00100000, "\xF4\x80\x80\x80" },
-  { 0x00100001, "\xF4\x80\x80\x81" },
-  { 0x00100002, "\xF4\x80\x80\x82" },
-  { 0x00100004, "\xF4\x80\x80\x84" },
-  { 0x00100008, "\xF4\x80\x80\x88" },
-  { 0x00100010, "\xF4\x80\x80\x90" },
-  { 0x00100020, "\xF4\x80\x80\xA0" },
-  { 0x00100040, "\xF4\x80\x81\x80" },
-  { 0x00100080, "\xF4\x80\x82\x80" },
-  { 0x00100100, "\xF4\x80\x84\x80" },
-  { 0x00100200, "\xF4\x80\x88\x80" },
-  { 0x00100400, "\xF4\x80\x90\x80" },
-  { 0x00100800, "\xF4\x80\xA0\x80" },
-  { 0x00101000, "\xF4\x81\x80\x80" },
-  { 0x00102000, "\xF4\x82\x80\x80" },
-  { 0x00104000, "\xF4\x84\x80\x80" },
-  { 0x00108000, "\xF4\x88\x80\x80" },
-  { 0x00110000, "\xF4\x90\x80\x80" },
-  { 0x00120000, "\xF4\xA0\x80\x80" },
-  { 0x00140000, "\xF5\x80\x80\x80" },
-  { 0x00180000, "\xF6\x80\x80\x80" },
-  { 0x001FFFFF, "\xF7\xBF\xBF\xBF" },
-          
-  { 0x00200000, "\xF8\x88\x80\x80\x80" },
-  { 0x00200001, "\xF8\x88\x80\x80\x81" },
-  { 0x00200002, "\xF8\x88\x80\x80\x82" },
-  { 0x00200004, "\xF8\x88\x80\x80\x84" },
-  { 0x00200008, "\xF8\x88\x80\x80\x88" },
-  { 0x00200010, "\xF8\x88\x80\x80\x90" },
-  { 0x00200020, "\xF8\x88\x80\x80\xA0" },
-  { 0x00200040, "\xF8\x88\x80\x81\x80" },
-  { 0x00200080, "\xF8\x88\x80\x82\x80" },
-  { 0x00200100, "\xF8\x88\x80\x84\x80" },
-  { 0x00200200, "\xF8\x88\x80\x88\x80" },
-  { 0x00200400, "\xF8\x88\x80\x90\x80" },
-  { 0x00200800, "\xF8\x88\x80\xA0\x80" },
-  { 0x00201000, "\xF8\x88\x81\x80\x80" },
-  { 0x00202000, "\xF8\x88\x82\x80\x80" },
-  { 0x00204000, "\xF8\x88\x84\x80\x80" },
-  { 0x00208000, "\xF8\x88\x88\x80\x80" },
-  { 0x00210000, "\xF8\x88\x90\x80\x80" },
-  { 0x00220000, "\xF8\x88\xA0\x80\x80" },
-  { 0x00240000, "\xF8\x89\x80\x80\x80" },
-  { 0x00280000, "\xF8\x8A\x80\x80\x80" },
-  { 0x00300000, "\xF8\x8C\x80\x80\x80" },
-  { 0x003FFFFF, "\xF8\x8F\xBF\xBF\xBF" },
-  { 0x00400000, "\xF8\x90\x80\x80\x80" },
-  { 0x00400001, "\xF8\x90\x80\x80\x81" },
-  { 0x00400002, "\xF8\x90\x80\x80\x82" },
-  { 0x00400004, "\xF8\x90\x80\x80\x84" },
-  { 0x00400008, "\xF8\x90\x80\x80\x88" },
-  { 0x00400010, "\xF8\x90\x80\x80\x90" },
-  { 0x00400020, "\xF8\x90\x80\x80\xA0" },
-  { 0x00400040, "\xF8\x90\x80\x81\x80" },
-  { 0x00400080, "\xF8\x90\x80\x82\x80" },
-  { 0x00400100, "\xF8\x90\x80\x84\x80" },
-  { 0x00400200, "\xF8\x90\x80\x88\x80" },
-  { 0x00400400, "\xF8\x90\x80\x90\x80" },
-  { 0x00400800, "\xF8\x90\x80\xA0\x80" },
-  { 0x00401000, "\xF8\x90\x81\x80\x80" },
-  { 0x00402000, "\xF8\x90\x82\x80\x80" },
-  { 0x00404000, "\xF8\x90\x84\x80\x80" },
-  { 0x00408000, "\xF8\x90\x88\x80\x80" },
-  { 0x00410000, "\xF8\x90\x90\x80\x80" },
-  { 0x00420000, "\xF8\x90\xA0\x80\x80" },
-  { 0x00440000, "\xF8\x91\x80\x80\x80" },
-  { 0x00480000, "\xF8\x92\x80\x80\x80" },
-  { 0x00500000, "\xF8\x94\x80\x80\x80" },
-  { 0x00600000, "\xF8\x98\x80\x80\x80" },
-  { 0x007FFFFF, "\xF8\x9F\xBF\xBF\xBF" },
-  { 0x00800000, "\xF8\xA0\x80\x80\x80" },
-  { 0x00800001, "\xF8\xA0\x80\x80\x81" },
-  { 0x00800002, "\xF8\xA0\x80\x80\x82" },
-  { 0x00800004, "\xF8\xA0\x80\x80\x84" },
-  { 0x00800008, "\xF8\xA0\x80\x80\x88" },
-  { 0x00800010, "\xF8\xA0\x80\x80\x90" },
-  { 0x00800020, "\xF8\xA0\x80\x80\xA0" },
-  { 0x00800040, "\xF8\xA0\x80\x81\x80" },
-  { 0x00800080, "\xF8\xA0\x80\x82\x80" },
-  { 0x00800100, "\xF8\xA0\x80\x84\x80" },
-  { 0x00800200, "\xF8\xA0\x80\x88\x80" },
-  { 0x00800400, "\xF8\xA0\x80\x90\x80" },
-  { 0x00800800, "\xF8\xA0\x80\xA0\x80" },
-  { 0x00801000, "\xF8\xA0\x81\x80\x80" },
-  { 0x00802000, "\xF8\xA0\x82\x80\x80" },
-  { 0x00804000, "\xF8\xA0\x84\x80\x80" },
-  { 0x00808000, "\xF8\xA0\x88\x80\x80" },
-  { 0x00810000, "\xF8\xA0\x90\x80\x80" },
-  { 0x00820000, "\xF8\xA0\xA0\x80\x80" },
-  { 0x00840000, "\xF8\xA1\x80\x80\x80" },
-  { 0x00880000, "\xF8\xA2\x80\x80\x80" },
-  { 0x00900000, "\xF8\xA4\x80\x80\x80" },
-  { 0x00A00000, "\xF8\xA8\x80\x80\x80" },
-  { 0x00C00000, "\xF8\xB0\x80\x80\x80" },
-  { 0x00FFFFFF, "\xF8\xBF\xBF\xBF\xBF" },
-  { 0x01000000, "\xF9\x80\x80\x80\x80" },
-  { 0x01000001, "\xF9\x80\x80\x80\x81" },
-  { 0x01000002, "\xF9\x80\x80\x80\x82" },
-  { 0x01000004, "\xF9\x80\x80\x80\x84" },
-  { 0x01000008, "\xF9\x80\x80\x80\x88" },
-  { 0x01000010, "\xF9\x80\x80\x80\x90" },
-  { 0x01000020, "\xF9\x80\x80\x80\xA0" },
-  { 0x01000040, "\xF9\x80\x80\x81\x80" },
-  { 0x01000080, "\xF9\x80\x80\x82\x80" },
-  { 0x01000100, "\xF9\x80\x80\x84\x80" },
-  { 0x01000200, "\xF9\x80\x80\x88\x80" },
-  { 0x01000400, "\xF9\x80\x80\x90\x80" },
-  { 0x01000800, "\xF9\x80\x80\xA0\x80" },
-  { 0x01001000, "\xF9\x80\x81\x80\x80" },
-  { 0x01002000, "\xF9\x80\x82\x80\x80" },
-  { 0x01004000, "\xF9\x80\x84\x80\x80" },
-  { 0x01008000, "\xF9\x80\x88\x80\x80" },
-  { 0x01010000, "\xF9\x80\x90\x80\x80" },
-  { 0x01020000, "\xF9\x80\xA0\x80\x80" },
-  { 0x01040000, "\xF9\x81\x80\x80\x80" },
-  { 0x01080000, "\xF9\x82\x80\x80\x80" },
-  { 0x01100000, "\xF9\x84\x80\x80\x80" },
-  { 0x01200000, "\xF9\x88\x80\x80\x80" },
-  { 0x01400000, "\xF9\x90\x80\x80\x80" },
-  { 0x01800000, "\xF9\xA0\x80\x80\x80" },
-  { 0x01FFFFFF, "\xF9\xBF\xBF\xBF\xBF" },
-  { 0x02000000, "\xFA\x80\x80\x80\x80" },
-  { 0x02000001, "\xFA\x80\x80\x80\x81" },
-  { 0x02000002, "\xFA\x80\x80\x80\x82" },
-  { 0x02000004, "\xFA\x80\x80\x80\x84" },
-  { 0x02000008, "\xFA\x80\x80\x80\x88" },
-  { 0x02000010, "\xFA\x80\x80\x80\x90" },
-  { 0x02000020, "\xFA\x80\x80\x80\xA0" },
-  { 0x02000040, "\xFA\x80\x80\x81\x80" },
-  { 0x02000080, "\xFA\x80\x80\x82\x80" },
-  { 0x02000100, "\xFA\x80\x80\x84\x80" },
-  { 0x02000200, "\xFA\x80\x80\x88\x80" },
-  { 0x02000400, "\xFA\x80\x80\x90\x80" },
-  { 0x02000800, "\xFA\x80\x80\xA0\x80" },
-  { 0x02001000, "\xFA\x80\x81\x80\x80" },
-  { 0x02002000, "\xFA\x80\x82\x80\x80" },
-  { 0x02004000, "\xFA\x80\x84\x80\x80" },
-  { 0x02008000, "\xFA\x80\x88\x80\x80" },
-  { 0x02010000, "\xFA\x80\x90\x80\x80" },
-  { 0x02020000, "\xFA\x80\xA0\x80\x80" },
-  { 0x02040000, "\xFA\x81\x80\x80\x80" },
-  { 0x02080000, "\xFA\x82\x80\x80\x80" },
-  { 0x02100000, "\xFA\x84\x80\x80\x80" },
-  { 0x02200000, "\xFA\x88\x80\x80\x80" },
-  { 0x02400000, "\xFA\x90\x80\x80\x80" },
-  { 0x02800000, "\xFA\xA0\x80\x80\x80" },
-  { 0x03000000, "\xFB\x80\x80\x80\x80" },
-  { 0x03FFFFFF, "\xFB\xBF\xBF\xBF\xBF" },
-          
-  { 0x04000000, "\xFC\x84\x80\x80\x80\x80" },
-  { 0x04000001, "\xFC\x84\x80\x80\x80\x81" },
-  { 0x04000002, "\xFC\x84\x80\x80\x80\x82" },
-  { 0x04000004, "\xFC\x84\x80\x80\x80\x84" },
-  { 0x04000008, "\xFC\x84\x80\x80\x80\x88" },
-  { 0x04000010, "\xFC\x84\x80\x80\x80\x90" },
-  { 0x04000020, "\xFC\x84\x80\x80\x80\xA0" },
-  { 0x04000040, "\xFC\x84\x80\x80\x81\x80" },
-  { 0x04000080, "\xFC\x84\x80\x80\x82\x80" },
-  { 0x04000100, "\xFC\x84\x80\x80\x84\x80" },
-  { 0x04000200, "\xFC\x84\x80\x80\x88\x80" },
-  { 0x04000400, "\xFC\x84\x80\x80\x90\x80" },
-  { 0x04000800, "\xFC\x84\x80\x80\xA0\x80" },
-  { 0x04001000, "\xFC\x84\x80\x81\x80\x80" },
-  { 0x04002000, "\xFC\x84\x80\x82\x80\x80" },
-  { 0x04004000, "\xFC\x84\x80\x84\x80\x80" },
-  { 0x04008000, "\xFC\x84\x80\x88\x80\x80" },
-  { 0x04010000, "\xFC\x84\x80\x90\x80\x80" },
-  { 0x04020000, "\xFC\x84\x80\xA0\x80\x80" },
-  { 0x04040000, "\xFC\x84\x81\x80\x80\x80" },
-  { 0x04080000, "\xFC\x84\x82\x80\x80\x80" },
-  { 0x04100000, "\xFC\x84\x84\x80\x80\x80" },
-  { 0x04200000, "\xFC\x84\x88\x80\x80\x80" },
-  { 0x04400000, "\xFC\x84\x90\x80\x80\x80" },
-  { 0x04800000, "\xFC\x84\xA0\x80\x80\x80" },
-  { 0x05000000, "\xFC\x85\x80\x80\x80\x80" },
-  { 0x06000000, "\xFC\x86\x80\x80\x80\x80" },
-  { 0x07FFFFFF, "\xFC\x87\xBF\xBF\xBF\xBF" },
-  { 0x08000000, "\xFC\x88\x80\x80\x80\x80" },
-  { 0x08000001, "\xFC\x88\x80\x80\x80\x81" },
-  { 0x08000002, "\xFC\x88\x80\x80\x80\x82" },
-  { 0x08000004, "\xFC\x88\x80\x80\x80\x84" },
-  { 0x08000008, "\xFC\x88\x80\x80\x80\x88" },
-  { 0x08000010, "\xFC\x88\x80\x80\x80\x90" },
-  { 0x08000020, "\xFC\x88\x80\x80\x80\xA0" },
-  { 0x08000040, "\xFC\x88\x80\x80\x81\x80" },
-  { 0x08000080, "\xFC\x88\x80\x80\x82\x80" },
-  { 0x08000100, "\xFC\x88\x80\x80\x84\x80" },
-  { 0x08000200, "\xFC\x88\x80\x80\x88\x80" },
-  { 0x08000400, "\xFC\x88\x80\x80\x90\x80" },
-  { 0x08000800, "\xFC\x88\x80\x80\xA0\x80" },
-  { 0x08001000, "\xFC\x88\x80\x81\x80\x80" },
-  { 0x08002000, "\xFC\x88\x80\x82\x80\x80" },
-  { 0x08004000, "\xFC\x88\x80\x84\x80\x80" },
-  { 0x08008000, "\xFC\x88\x80\x88\x80\x80" },
-  { 0x08010000, "\xFC\x88\x80\x90\x80\x80" },
-  { 0x08020000, "\xFC\x88\x80\xA0\x80\x80" },
-  { 0x08040000, "\xFC\x88\x81\x80\x80\x80" },
-  { 0x08080000, "\xFC\x88\x82\x80\x80\x80" },
-  { 0x08100000, "\xFC\x88\x84\x80\x80\x80" },
-  { 0x08200000, "\xFC\x88\x88\x80\x80\x80" },
-  { 0x08400000, "\xFC\x88\x90\x80\x80\x80" },
-  { 0x08800000, "\xFC\x88\xA0\x80\x80\x80" },
-  { 0x09000000, "\xFC\x89\x80\x80\x80\x80" },
-  { 0x0A000000, "\xFC\x8A\x80\x80\x80\x80" },
-  { 0x0C000000, "\xFC\x8C\x80\x80\x80\x80" },
-  { 0x0FFFFFFF, "\xFC\x8F\xBF\xBF\xBF\xBF" },
-  { 0x10000000, "\xFC\x90\x80\x80\x80\x80" },
-  { 0x10000001, "\xFC\x90\x80\x80\x80\x81" },
-  { 0x10000002, "\xFC\x90\x80\x80\x80\x82" },
-  { 0x10000004, "\xFC\x90\x80\x80\x80\x84" },
-  { 0x10000008, "\xFC\x90\x80\x80\x80\x88" },
-  { 0x10000010, "\xFC\x90\x80\x80\x80\x90" },
-  { 0x10000020, "\xFC\x90\x80\x80\x80\xA0" },
-  { 0x10000040, "\xFC\x90\x80\x80\x81\x80" },
-  { 0x10000080, "\xFC\x90\x80\x80\x82\x80" },
-  { 0x10000100, "\xFC\x90\x80\x80\x84\x80" },
-  { 0x10000200, "\xFC\x90\x80\x80\x88\x80" },
-  { 0x10000400, "\xFC\x90\x80\x80\x90\x80" },
-  { 0x10000800, "\xFC\x90\x80\x80\xA0\x80" },
-  { 0x10001000, "\xFC\x90\x80\x81\x80\x80" },
-  { 0x10002000, "\xFC\x90\x80\x82\x80\x80" },
-  { 0x10004000, "\xFC\x90\x80\x84\x80\x80" },
-  { 0x10008000, "\xFC\x90\x80\x88\x80\x80" },
-  { 0x10010000, "\xFC\x90\x80\x90\x80\x80" },
-  { 0x10020000, "\xFC\x90\x80\xA0\x80\x80" },
-  { 0x10040000, "\xFC\x90\x81\x80\x80\x80" },
-  { 0x10080000, "\xFC\x90\x82\x80\x80\x80" },
-  { 0x10100000, "\xFC\x90\x84\x80\x80\x80" },
-  { 0x10200000, "\xFC\x90\x88\x80\x80\x80" },
-  { 0x10400000, "\xFC\x90\x90\x80\x80\x80" },
-  { 0x10800000, "\xFC\x90\xA0\x80\x80\x80" },
-  { 0x11000000, "\xFC\x91\x80\x80\x80\x80" },
-  { 0x12000000, "\xFC\x92\x80\x80\x80\x80" },
-  { 0x14000000, "\xFC\x94\x80\x80\x80\x80" },
-  { 0x18000000, "\xFC\x98\x80\x80\x80\x80" },
-  { 0x1FFFFFFF, "\xFC\x9F\xBF\xBF\xBF\xBF" },
-  { 0x20000000, "\xFC\xA0\x80\x80\x80\x80" },
-  { 0x20000001, "\xFC\xA0\x80\x80\x80\x81" },
-  { 0x20000002, "\xFC\xA0\x80\x80\x80\x82" },
-  { 0x20000004, "\xFC\xA0\x80\x80\x80\x84" },
-  { 0x20000008, "\xFC\xA0\x80\x80\x80\x88" },
-  { 0x20000010, "\xFC\xA0\x80\x80\x80\x90" },
-  { 0x20000020, "\xFC\xA0\x80\x80\x80\xA0" },
-  { 0x20000040, "\xFC\xA0\x80\x80\x81\x80" },
-  { 0x20000080, "\xFC\xA0\x80\x80\x82\x80" },
-  { 0x20000100, "\xFC\xA0\x80\x80\x84\x80" },
-  { 0x20000200, "\xFC\xA0\x80\x80\x88\x80" },
-  { 0x20000400, "\xFC\xA0\x80\x80\x90\x80" },
-  { 0x20000800, "\xFC\xA0\x80\x80\xA0\x80" },
-  { 0x20001000, "\xFC\xA0\x80\x81\x80\x80" },
-  { 0x20002000, "\xFC\xA0\x80\x82\x80\x80" },
-  { 0x20004000, "\xFC\xA0\x80\x84\x80\x80" },
-  { 0x20008000, "\xFC\xA0\x80\x88\x80\x80" },
-  { 0x20010000, "\xFC\xA0\x80\x90\x80\x80" },
-  { 0x20020000, "\xFC\xA0\x80\xA0\x80\x80" },
-  { 0x20040000, "\xFC\xA0\x81\x80\x80\x80" },
-  { 0x20080000, "\xFC\xA0\x82\x80\x80\x80" },
-  { 0x20100000, "\xFC\xA0\x84\x80\x80\x80" },
-  { 0x20200000, "\xFC\xA0\x88\x80\x80\x80" },
-  { 0x20400000, "\xFC\xA0\x90\x80\x80\x80" },
-  { 0x20800000, "\xFC\xA0\xA0\x80\x80\x80" },
-  { 0x21000000, "\xFC\xA1\x80\x80\x80\x80" },
-  { 0x22000000, "\xFC\xA2\x80\x80\x80\x80" },
-  { 0x24000000, "\xFC\xA4\x80\x80\x80\x80" },
-  { 0x28000000, "\xFC\xA8\x80\x80\x80\x80" },
-  { 0x30000000, "\xFC\xB0\x80\x80\x80\x80" },
-  { 0x3FFFFFFF, "\xFC\xBF\xBF\xBF\xBF\xBF" },
-  { 0x40000000, "\xFD\x80\x80\x80\x80\x80" },
-  { 0x40000001, "\xFD\x80\x80\x80\x80\x81" },
-  { 0x40000002, "\xFD\x80\x80\x80\x80\x82" },
-  { 0x40000004, "\xFD\x80\x80\x80\x80\x84" },
-  { 0x40000008, "\xFD\x80\x80\x80\x80\x88" },
-  { 0x40000010, "\xFD\x80\x80\x80\x80\x90" },
-  { 0x40000020, "\xFD\x80\x80\x80\x80\xA0" },
-  { 0x40000040, "\xFD\x80\x80\x80\x81\x80" },
-  { 0x40000080, "\xFD\x80\x80\x80\x82\x80" },
-  { 0x40000100, "\xFD\x80\x80\x80\x84\x80" },
-  { 0x40000200, "\xFD\x80\x80\x80\x88\x80" },
-  { 0x40000400, "\xFD\x80\x80\x80\x90\x80" },
-  { 0x40000800, "\xFD\x80\x80\x80\xA0\x80" },
-  { 0x40001000, "\xFD\x80\x80\x81\x80\x80" },
-  { 0x40002000, "\xFD\x80\x80\x82\x80\x80" },
-  { 0x40004000, "\xFD\x80\x80\x84\x80\x80" },
-  { 0x40008000, "\xFD\x80\x80\x88\x80\x80" },
-  { 0x40010000, "\xFD\x80\x80\x90\x80\x80" },
-  { 0x40020000, "\xFD\x80\x80\xA0\x80\x80" },
-  { 0x40040000, "\xFD\x80\x81\x80\x80\x80" },
-  { 0x40080000, "\xFD\x80\x82\x80\x80\x80" },
-  { 0x40100000, "\xFD\x80\x84\x80\x80\x80" },
-  { 0x40200000, "\xFD\x80\x88\x80\x80\x80" },
-  { 0x40400000, "\xFD\x80\x90\x80\x80\x80" },
-  { 0x40800000, "\xFD\x80\xA0\x80\x80\x80" },
-  { 0x41000000, "\xFD\x81\x80\x80\x80\x80" },
-  { 0x42000000, "\xFD\x82\x80\x80\x80\x80" },
-  { 0x44000000, "\xFD\x84\x80\x80\x80\x80" },
-  { 0x48000000, "\xFD\x88\x80\x80\x80\x80" },
-  { 0x50000000, "\xFD\x90\x80\x80\x80\x80" },
-  { 0x60000000, "\xFD\xA0\x80\x80\x80\x80" },
-  { 0x7FFFFFFF, "\xFD\xBF\xBF\xBF\xBF\xBF" }
-};
-
-/*
- * UCS-2 vectors
- */
-
-struct ucs2 ucs2[] = {
-  { 0x0001, "\x01" },
-  { 0x0002, "\x02" },
-  { 0x0003, "\x03" },
-  { 0x0004, "\x04" },
-  { 0x0007, "\x07" },
-  { 0x0008, "\x08" },
-  { 0x000F, "\x0F" },
-  { 0x0010, "\x10" },
-  { 0x001F, "\x1F" },
-  { 0x0020, "\x20" },
-  { 0x003F, "\x3F" },
-  { 0x0040, "\x40" },
-  { 0x007F, "\x7F" },
-          
-  { 0x0080, "\xC2\x80" },
-  { 0x0081, "\xC2\x81" },
-  { 0x0082, "\xC2\x82" },
-  { 0x0084, "\xC2\x84" },
-  { 0x0088, "\xC2\x88" },
-  { 0x0090, "\xC2\x90" },
-  { 0x00A0, "\xC2\xA0" },
-  { 0x00C0, "\xC3\x80" },
-  { 0x00FF, "\xC3\xBF" },
-  { 0x0100, "\xC4\x80" },
-  { 0x0101, "\xC4\x81" },
-  { 0x0102, "\xC4\x82" },
-  { 0x0104, "\xC4\x84" },
-  { 0x0108, "\xC4\x88" },
-  { 0x0110, "\xC4\x90" },
-  { 0x0120, "\xC4\xA0" },
-  { 0x0140, "\xC5\x80" },
-  { 0x0180, "\xC6\x80" },
-  { 0x01FF, "\xC7\xBF" },
-  { 0x0200, "\xC8\x80" },
-  { 0x0201, "\xC8\x81" },
-  { 0x0202, "\xC8\x82" },
-  { 0x0204, "\xC8\x84" },
-  { 0x0208, "\xC8\x88" },
-  { 0x0210, "\xC8\x90" },
-  { 0x0220, "\xC8\xA0" },
-  { 0x0240, "\xC9\x80" },
-  { 0x0280, "\xCA\x80" },
-  { 0x0300, "\xCC\x80" },
-  { 0x03FF, "\xCF\xBF" },
-  { 0x0400, "\xD0\x80" },
-  { 0x0401, "\xD0\x81" },
-  { 0x0402, "\xD0\x82" },
-  { 0x0404, "\xD0\x84" },
-  { 0x0408, "\xD0\x88" },
-  { 0x0410, "\xD0\x90" },
-  { 0x0420, "\xD0\xA0" },
-  { 0x0440, "\xD1\x80" },
-  { 0x0480, "\xD2\x80" },
-  { 0x0500, "\xD4\x80" },
-  { 0x0600, "\xD8\x80" },
-  { 0x07FF, "\xDF\xBF" },
-          
-  { 0x0800, "\xE0\xA0\x80" },
-  { 0x0801, "\xE0\xA0\x81" },
-  { 0x0802, "\xE0\xA0\x82" },
-  { 0x0804, "\xE0\xA0\x84" },
-  { 0x0808, "\xE0\xA0\x88" },
-  { 0x0810, "\xE0\xA0\x90" },
-  { 0x0820, "\xE0\xA0\xA0" },
-  { 0x0840, "\xE0\xA1\x80" },
-  { 0x0880, "\xE0\xA2\x80" },
-  { 0x0900, "\xE0\xA4\x80" },
-  { 0x0A00, "\xE0\xA8\x80" },
-  { 0x0C00, "\xE0\xB0\x80" },
-  { 0x0FFF, "\xE0\xBF\xBF" },
-  { 0x1000, "\xE1\x80\x80" },
-  { 0x1001, "\xE1\x80\x81" },
-  { 0x1002, "\xE1\x80\x82" },
-  { 0x1004, "\xE1\x80\x84" },
-  { 0x1008, "\xE1\x80\x88" },
-  { 0x1010, "\xE1\x80\x90" },
-  { 0x1020, "\xE1\x80\xA0" },
-  { 0x1040, "\xE1\x81\x80" },
-  { 0x1080, "\xE1\x82\x80" },
-  { 0x1100, "\xE1\x84\x80" },
-  { 0x1200, "\xE1\x88\x80" },
-  { 0x1400, "\xE1\x90\x80" },
-  { 0x1800, "\xE1\xA0\x80" },
-  { 0x1FFF, "\xE1\xBF\xBF" },
-  { 0x2000, "\xE2\x80\x80" },
-  { 0x2001, "\xE2\x80\x81" },
-  { 0x2002, "\xE2\x80\x82" },
-  { 0x2004, "\xE2\x80\x84" },
-  { 0x2008, "\xE2\x80\x88" },
-  { 0x2010, "\xE2\x80\x90" },
-  { 0x2020, "\xE2\x80\xA0" },
-  { 0x2040, "\xE2\x81\x80" },
-  { 0x2080, "\xE2\x82\x80" },
-  { 0x2100, "\xE2\x84\x80" },
-  { 0x2200, "\xE2\x88\x80" },
-  { 0x2400, "\xE2\x90\x80" },
-  { 0x2800, "\xE2\xA0\x80" },
-  { 0x3000, "\xE3\x80\x80" },
-  { 0x3FFF, "\xE3\xBF\xBF" },
-  { 0x4000, "\xE4\x80\x80" },
-  { 0x4001, "\xE4\x80\x81" },
-  { 0x4002, "\xE4\x80\x82" },
-  { 0x4004, "\xE4\x80\x84" },
-  { 0x4008, "\xE4\x80\x88" },
-  { 0x4010, "\xE4\x80\x90" },
-  { 0x4020, "\xE4\x80\xA0" },
-  { 0x4040, "\xE4\x81\x80" },
-  { 0x4080, "\xE4\x82\x80" },
-  { 0x4100, "\xE4\x84\x80" },
-  { 0x4200, "\xE4\x88\x80" },
-  { 0x4400, "\xE4\x90\x80" },
-  { 0x4800, "\xE4\xA0\x80" },
-  { 0x5000, "\xE5\x80\x80" },
-  { 0x6000, "\xE6\x80\x80" },
-  { 0x7FFF, "\xE7\xBF\xBF" },
-  { 0x8000, "\xE8\x80\x80" },
-  { 0x8001, "\xE8\x80\x81" },
-  { 0x8002, "\xE8\x80\x82" },
-  { 0x8004, "\xE8\x80\x84" },
-  { 0x8008, "\xE8\x80\x88" },
-  { 0x8010, "\xE8\x80\x90" },
-  { 0x8020, "\xE8\x80\xA0" },
-  { 0x8040, "\xE8\x81\x80" },
-  { 0x8080, "\xE8\x82\x80" },
-  { 0x8100, "\xE8\x84\x80" },
-  { 0x8200, "\xE8\x88\x80" },
-  { 0x8400, "\xE8\x90\x80" },
-  { 0x8800, "\xE8\xA0\x80" },
-  { 0x9000, "\xE9\x80\x80" },
-  { 0xA000, "\xEA\x80\x80" },
-  { 0xC000, "\xEC\x80\x80" },
-  { 0xFFFF, "\xEF\xBF\xBF" }
-
-};
-
-#ifdef UTF16
-/*
- * UTF-16 vectors
- */
-
-struct utf16 utf16[] = {
-  { 0x00010000, { 0xD800, 0xDC00 } },
-  { 0x00010001, { 0xD800, 0xDC01 } },
-  { 0x00010002, { 0xD800, 0xDC02 } },
-  { 0x00010003, { 0xD800, 0xDC03 } },
-  { 0x00010004, { 0xD800, 0xDC04 } },
-  { 0x00010007, { 0xD800, 0xDC07 } },
-  { 0x00010008, { 0xD800, 0xDC08 } },
-  { 0x0001000F, { 0xD800, 0xDC0F } },
-  { 0x00010010, { 0xD800, 0xDC10 } },
-  { 0x0001001F, { 0xD800, 0xDC1F } },
-  { 0x00010020, { 0xD800, 0xDC20 } },
-  { 0x0001003F, { 0xD800, 0xDC3F } },
-  { 0x00010040, { 0xD800, 0xDC40 } },
-  { 0x0001007F, { 0xD800, 0xDC7F } },
-  { 0x00010080, { 0xD800, 0xDC80 } },
-  { 0x00010081, { 0xD800, 0xDC81 } },
-  { 0x00010082, { 0xD800, 0xDC82 } },
-  { 0x00010084, { 0xD800, 0xDC84 } },
-  { 0x00010088, { 0xD800, 0xDC88 } },
-  { 0x00010090, { 0xD800, 0xDC90 } },
-  { 0x000100A0, { 0xD800, 0xDCA0 } },
-  { 0x000100C0, { 0xD800, 0xDCC0 } },
-  { 0x000100FF, { 0xD800, 0xDCFF } },
-  { 0x00010100, { 0xD800, 0xDD00 } },
-  { 0x00010101, { 0xD800, 0xDD01 } },
-  { 0x00010102, { 0xD800, 0xDD02 } },
-  { 0x00010104, { 0xD800, 0xDD04 } },
-  { 0x00010108, { 0xD800, 0xDD08 } },
-  { 0x00010110, { 0xD800, 0xDD10 } },
-  { 0x00010120, { 0xD800, 0xDD20 } },
-  { 0x00010140, { 0xD800, 0xDD40 } },
-  { 0x00010180, { 0xD800, 0xDD80 } },
-  { 0x000101FF, { 0xD800, 0xDDFF } },
-  { 0x00010200, { 0xD800, 0xDE00 } },
-  { 0x00010201, { 0xD800, 0xDE01 } },
-  { 0x00010202, { 0xD800, 0xDE02 } },
-  { 0x00010204, { 0xD800, 0xDE04 } },
-  { 0x00010208, { 0xD800, 0xDE08 } },
-  { 0x00010210, { 0xD800, 0xDE10 } },
-  { 0x00010220, { 0xD800, 0xDE20 } },
-  { 0x00010240, { 0xD800, 0xDE40 } },
-  { 0x00010280, { 0xD800, 0xDE80 } },
-  { 0x00010300, { 0xD800, 0xDF00 } },
-  { 0x000103FF, { 0xD800, 0xDFFF } },
-  { 0x00010400, { 0xD801, 0xDC00 } },
-  { 0x00010401, { 0xD801, 0xDC01 } },
-  { 0x00010402, { 0xD801, 0xDC02 } },
-  { 0x00010404, { 0xD801, 0xDC04 } },
-  { 0x00010408, { 0xD801, 0xDC08 } },
-  { 0x00010410, { 0xD801, 0xDC10 } },
-  { 0x00010420, { 0xD801, 0xDC20 } },
-  { 0x00010440, { 0xD801, 0xDC40 } },
-  { 0x00010480, { 0xD801, 0xDC80 } },
-  { 0x00010500, { 0xD801, 0xDD00 } },
-  { 0x00010600, { 0xD801, 0xDE00 } },
-  { 0x000107FF, { 0xD801, 0xDFFF } },
-  { 0x00010800, { 0xD802, 0xDC00 } },
-  { 0x00010801, { 0xD802, 0xDC01 } },
-  { 0x00010802, { 0xD802, 0xDC02 } },
-  { 0x00010804, { 0xD802, 0xDC04 } },
-  { 0x00010808, { 0xD802, 0xDC08 } },
-  { 0x00010810, { 0xD802, 0xDC10 } },
-  { 0x00010820, { 0xD802, 0xDC20 } },
-  { 0x00010840, { 0xD802, 0xDC40 } },
-  { 0x00010880, { 0xD802, 0xDC80 } },
-  { 0x00010900, { 0xD802, 0xDD00 } },
-  { 0x00010A00, { 0xD802, 0xDE00 } },
-  { 0x00010C00, { 0xD803, 0xDC00 } },
-  { 0x00010FFF, { 0xD803, 0xDFFF } },
-  { 0x00011000, { 0xD804, 0xDC00 } },
-  { 0x00011001, { 0xD804, 0xDC01 } },
-  { 0x00011002, { 0xD804, 0xDC02 } },
-  { 0x00011004, { 0xD804, 0xDC04 } },
-  { 0x00011008, { 0xD804, 0xDC08 } },
-  { 0x00011010, { 0xD804, 0xDC10 } },
-  { 0x00011020, { 0xD804, 0xDC20 } },
-  { 0x00011040, { 0xD804, 0xDC40 } },
-  { 0x00011080, { 0xD804, 0xDC80 } },
-  { 0x00011100, { 0xD804, 0xDD00 } },
-  { 0x00011200, { 0xD804, 0xDE00 } },
-  { 0x00011400, { 0xD805, 0xDC00 } },
-  { 0x00011800, { 0xD806, 0xDC00 } },
-  { 0x00011FFF, { 0xD807, 0xDFFF } },
-  { 0x00012000, { 0xD808, 0xDC00 } },
-  { 0x00012001, { 0xD808, 0xDC01 } },
-  { 0x00012002, { 0xD808, 0xDC02 } },
-  { 0x00012004, { 0xD808, 0xDC04 } },
-  { 0x00012008, { 0xD808, 0xDC08 } },
-  { 0x00012010, { 0xD808, 0xDC10 } },
-  { 0x00012020, { 0xD808, 0xDC20 } },
-  { 0x00012040, { 0xD808, 0xDC40 } },
-  { 0x00012080, { 0xD808, 0xDC80 } },
-  { 0x00012100, { 0xD808, 0xDD00 } },
-  { 0x00012200, { 0xD808, 0xDE00 } },
-  { 0x00012400, { 0xD809, 0xDC00 } },
-  { 0x00012800, { 0xD80A, 0xDC00 } },
-  { 0x00013000, { 0xD80C, 0xDC00 } },
-  { 0x00013FFF, { 0xD80F, 0xDFFF } },
-  { 0x00014000, { 0xD810, 0xDC00 } },
-  { 0x00014001, { 0xD810, 0xDC01 } },
-  { 0x00014002, { 0xD810, 0xDC02 } },
-  { 0x00014004, { 0xD810, 0xDC04 } },
-  { 0x00014008, { 0xD810, 0xDC08 } },
-  { 0x00014010, { 0xD810, 0xDC10 } },
-  { 0x00014020, { 0xD810, 0xDC20 } },
-  { 0x00014040, { 0xD810, 0xDC40 } },
-  { 0x00014080, { 0xD810, 0xDC80 } },
-  { 0x00014100, { 0xD810, 0xDD00 } },
-  { 0x00014200, { 0xD810, 0xDE00 } },
-  { 0x00014400, { 0xD811, 0xDC00 } },
-  { 0x00014800, { 0xD812, 0xDC00 } },
-  { 0x00015000, { 0xD814, 0xDC00 } },
-  { 0x00016000, { 0xD818, 0xDC00 } },
-  { 0x00017FFF, { 0xD81F, 0xDFFF } },
-  { 0x00018000, { 0xD820, 0xDC00 } },
-  { 0x00018001, { 0xD820, 0xDC01 } },
-  { 0x00018002, { 0xD820, 0xDC02 } },
-  { 0x00018004, { 0xD820, 0xDC04 } },
-  { 0x00018008, { 0xD820, 0xDC08 } },
-  { 0x00018010, { 0xD820, 0xDC10 } },
-  { 0x00018020, { 0xD820, 0xDC20 } },
-  { 0x00018040, { 0xD820, 0xDC40 } },
-  { 0x00018080, { 0xD820, 0xDC80 } },
-  { 0x00018100, { 0xD820, 0xDD00 } },
-  { 0x00018200, { 0xD820, 0xDE00 } },
-  { 0x00018400, { 0xD821, 0xDC00 } },
-  { 0x00018800, { 0xD822, 0xDC00 } },
-  { 0x00019000, { 0xD824, 0xDC00 } },
-  { 0x0001A000, { 0xD828, 0xDC00 } },
-  { 0x0001C000, { 0xD830, 0xDC00 } },
-  { 0x0001FFFF, { 0xD83F, 0xDFFF } },
-  { 0x00020000, { 0xD840, 0xDC00 } },
-  { 0x00020001, { 0xD840, 0xDC01 } },
-  { 0x00020002, { 0xD840, 0xDC02 } },
-  { 0x00020004, { 0xD840, 0xDC04 } },
-  { 0x00020008, { 0xD840, 0xDC08 } },
-  { 0x00020010, { 0xD840, 0xDC10 } },
-  { 0x00020020, { 0xD840, 0xDC20 } },
-  { 0x00020040, { 0xD840, 0xDC40 } },
-  { 0x00020080, { 0xD840, 0xDC80 } },
-  { 0x00020100, { 0xD840, 0xDD00 } },
-  { 0x00020200, { 0xD840, 0xDE00 } },
-  { 0x00020400, { 0xD841, 0xDC00 } },
-  { 0x00020800, { 0xD842, 0xDC00 } },
-  { 0x00021000, { 0xD844, 0xDC00 } },
-  { 0x00022000, { 0xD848, 0xDC00 } },
-  { 0x00024000, { 0xD850, 0xDC00 } },
-  { 0x00028000, { 0xD860, 0xDC00 } },
-  { 0x0002FFFF, { 0xD87F, 0xDFFF } },
-  { 0x00030000, { 0xD880, 0xDC00 } },
-  { 0x00030001, { 0xD880, 0xDC01 } },
-  { 0x00030002, { 0xD880, 0xDC02 } },
-  { 0x00030004, { 0xD880, 0xDC04 } },
-  { 0x00030008, { 0xD880, 0xDC08 } },
-  { 0x00030010, { 0xD880, 0xDC10 } },
-  { 0x00030020, { 0xD880, 0xDC20 } },
-  { 0x00030040, { 0xD880, 0xDC40 } },
-  { 0x00030080, { 0xD880, 0xDC80 } },
-  { 0x00030100, { 0xD880, 0xDD00 } },
-  { 0x00030200, { 0xD880, 0xDE00 } },
-  { 0x00030400, { 0xD881, 0xDC00 } },
-  { 0x00030800, { 0xD882, 0xDC00 } },
-  { 0x00031000, { 0xD884, 0xDC00 } },
-  { 0x00032000, { 0xD888, 0xDC00 } },
-  { 0x00034000, { 0xD890, 0xDC00 } },
-  { 0x00038000, { 0xD8A0, 0xDC00 } },
-  { 0x0003FFFF, { 0xD8BF, 0xDFFF } },
-  { 0x00040000, { 0xD8C0, 0xDC00 } },
-  { 0x00040001, { 0xD8C0, 0xDC01 } },
-  { 0x00040002, { 0xD8C0, 0xDC02 } },
-  { 0x00040004, { 0xD8C0, 0xDC04 } },
-  { 0x00040008, { 0xD8C0, 0xDC08 } },
-  { 0x00040010, { 0xD8C0, 0xDC10 } },
-  { 0x00040020, { 0xD8C0, 0xDC20 } },
-  { 0x00040040, { 0xD8C0, 0xDC40 } },
-  { 0x00040080, { 0xD8C0, 0xDC80 } },
-  { 0x00040100, { 0xD8C0, 0xDD00 } },
-  { 0x00040200, { 0xD8C0, 0xDE00 } },
-  { 0x00040400, { 0xD8C1, 0xDC00 } },
-  { 0x00040800, { 0xD8C2, 0xDC00 } },
-  { 0x00041000, { 0xD8C4, 0xDC00 } },
-  { 0x00042000, { 0xD8C8, 0xDC00 } },
-  { 0x00044000, { 0xD8D0, 0xDC00 } },
-  { 0x00048000, { 0xD8E0, 0xDC00 } },
-  { 0x0004FFFF, { 0xD8FF, 0xDFFF } },
-  { 0x00050000, { 0xD900, 0xDC00 } },
-  { 0x00050001, { 0xD900, 0xDC01 } },
-  { 0x00050002, { 0xD900, 0xDC02 } },
-  { 0x00050004, { 0xD900, 0xDC04 } },
-  { 0x00050008, { 0xD900, 0xDC08 } },
-  { 0x00050010, { 0xD900, 0xDC10 } },
-  { 0x00050020, { 0xD900, 0xDC20 } },
-  { 0x00050040, { 0xD900, 0xDC40 } },
-  { 0x00050080, { 0xD900, 0xDC80 } },
-  { 0x00050100, { 0xD900, 0xDD00 } },
-  { 0x00050200, { 0xD900, 0xDE00 } },
-  { 0x00050400, { 0xD901, 0xDC00 } },
-  { 0x00050800, { 0xD902, 0xDC00 } },
-  { 0x00051000, { 0xD904, 0xDC00 } },
-  { 0x00052000, { 0xD908, 0xDC00 } },
-  { 0x00054000, { 0xD910, 0xDC00 } },
-  { 0x00058000, { 0xD920, 0xDC00 } },
-  { 0x00060000, { 0xD940, 0xDC00 } },
-  { 0x00070000, { 0xD980, 0xDC00 } },
-  { 0x0007FFFF, { 0xD9BF, 0xDFFF } },
-  { 0x00080000, { 0xD9C0, 0xDC00 } },
-  { 0x00080001, { 0xD9C0, 0xDC01 } },
-  { 0x00080002, { 0xD9C0, 0xDC02 } },
-  { 0x00080004, { 0xD9C0, 0xDC04 } },
-  { 0x00080008, { 0xD9C0, 0xDC08 } },
-  { 0x00080010, { 0xD9C0, 0xDC10 } },
-  { 0x00080020, { 0xD9C0, 0xDC20 } },
-  { 0x00080040, { 0xD9C0, 0xDC40 } },
-  { 0x00080080, { 0xD9C0, 0xDC80 } },
-  { 0x00080100, { 0xD9C0, 0xDD00 } },
-  { 0x00080200, { 0xD9C0, 0xDE00 } },
-  { 0x00080400, { 0xD9C1, 0xDC00 } },
-  { 0x00080800, { 0xD9C2, 0xDC00 } },
-  { 0x00081000, { 0xD9C4, 0xDC00 } },
-  { 0x00082000, { 0xD9C8, 0xDC00 } },
-  { 0x00084000, { 0xD9D0, 0xDC00 } },
-  { 0x00088000, { 0xD9E0, 0xDC00 } },
-  { 0x0008FFFF, { 0xD9FF, 0xDFFF } },
-  { 0x00090000, { 0xDA00, 0xDC00 } },
-  { 0x00090001, { 0xDA00, 0xDC01 } },
-  { 0x00090002, { 0xDA00, 0xDC02 } },
-  { 0x00090004, { 0xDA00, 0xDC04 } },
-  { 0x00090008, { 0xDA00, 0xDC08 } },
-  { 0x00090010, { 0xDA00, 0xDC10 } },
-  { 0x00090020, { 0xDA00, 0xDC20 } },
-  { 0x00090040, { 0xDA00, 0xDC40 } },
-  { 0x00090080, { 0xDA00, 0xDC80 } },
-  { 0x00090100, { 0xDA00, 0xDD00 } },
-  { 0x00090200, { 0xDA00, 0xDE00 } },
-  { 0x00090400, { 0xDA01, 0xDC00 } },
-  { 0x00090800, { 0xDA02, 0xDC00 } },
-  { 0x00091000, { 0xDA04, 0xDC00 } },
-  { 0x00092000, { 0xDA08, 0xDC00 } },
-  { 0x00094000, { 0xDA10, 0xDC00 } },
-  { 0x00098000, { 0xDA20, 0xDC00 } },
-  { 0x000A0000, { 0xDA40, 0xDC00 } },
-  { 0x000B0000, { 0xDA80, 0xDC00 } },
-  { 0x000C0000, { 0xDAC0, 0xDC00 } },
-  { 0x000D0000, { 0xDB00, 0xDC00 } },
-  { 0x000FFFFF, { 0xDBBF, 0xDFFF } },
-  { 0x0010FFFF, { 0xDBFF, 0xDFFF } }
-
-};
-#endif /* UTF16 */
-
-static void
-dump_utf8
-(
-  char *word,
-  unsigned char *utf8,
-  char *end
-)
-{
-  fprintf(stdout, "%s ", word);
-  for( ; *utf8; utf8++ ) {
-    fprintf(stdout, "%02.2x ", (unsigned int)*utf8);
-  }
-  fprintf(stdout, "%s", end);
-}
-
-static PRBool
-test_ucs4_chars
-(
-  void
-)
-{
-  PRBool rv = PR_TRUE;
-  int i;
-
-  for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
-    struct ucs4 *e = &ucs4[i];
-    PRBool result;
-    unsigned char utf8[8];
-    unsigned int len = 0;
-    PRUint32 back = 0;
-
-    (void)memset(utf8, 0, sizeof(utf8));
-    
-    result = sec_port_ucs4_utf8_conversion_function(PR_FALSE, 
-      (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
-    if( !result ) {
-      fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8\n", e->c);
-      rv = PR_FALSE;
-      continue;
-    }
-
-    if( (len >= sizeof(utf8)) ||
-        (strlen(e->utf8) != len) ||
-        (utf8[len] = '\0', 0 != strcmp(e->utf8, utf8)) ) {
-      fprintf(stdout, "Wrong conversion of UCS-4 0x%08.8x to UTF-8: ", e->c);
-      dump_utf8("expected", e->utf8, ", ");
-      dump_utf8("received", utf8, "\n");
-      rv = PR_FALSE;
-      continue;
-    }
-
-    result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
-      utf8, len, (unsigned char *)&back, sizeof(back), &len);
-
-    if( !result ) {
-      dump_utf8("Failed to convert UTF-8", utf8, "to UCS-4\n");
-      rv = PR_FALSE;
-      continue;
-    }
-
-    if( (sizeof(back) != len) || (e->c != back) ) {
-      dump_utf8("Wrong conversion of UTF-8", utf8, " to UCS-4:");
-      fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back);
-      rv = PR_FALSE;
-      continue;
-    }
-  }
-
-  return rv;
-}
-
-static PRBool
-test_ucs2_chars
-(
-  void
-)
-{
-  PRBool rv = PR_TRUE;
-  int i;
-
-  for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
-    struct ucs2 *e = &ucs2[i];
-    PRBool result;
-    unsigned char utf8[8];
-    unsigned int len = 0;
-    PRUint16 back = 0;
-
-    (void)memset(utf8, 0, sizeof(utf8));
-    
-    result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
-      (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
-    if( !result ) {
-      fprintf(stdout, "Failed to convert UCS-2 0x%04.4x to UTF-8\n", e->c);
-      rv = PR_FALSE;
-      continue;
-    }
-
-    if( (len >= sizeof(utf8)) ||
-        (strlen(e->utf8) != len) ||
-        (utf8[len] = '\0', 0 != strcmp(e->utf8, utf8)) ) {
-      fprintf(stdout, "Wrong conversion of UCS-2 0x%04.4x to UTF-8: ", e->c);
-      dump_utf8("expected", e->utf8, ", ");
-      dump_utf8("received", utf8, "\n");
-      rv = PR_FALSE;
-      continue;
-    }
-
-    result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
-      utf8, len, (unsigned char *)&back, sizeof(back), &len);
-
-    if( !result ) {
-      dump_utf8("Failed to convert UTF-8", utf8, "to UCS-2\n");
-      rv = PR_FALSE;
-      continue;
-    }
-
-    if( (sizeof(back) != len) || (e->c != back) ) {
-      dump_utf8("Wrong conversion of UTF-8", utf8, "to UCS-2:");
-      fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back);
-      rv = PR_FALSE;
-      continue;
-    }
-  }
-
-  return rv;
-}
-
-#ifdef UTF16
-static PRBool
-test_utf16_chars
-(
-  void
-)
-{
-  PRBool rv = PR_TRUE;
-  int i;
-
-  for( i = 0; i < sizeof(utf16)/sizeof(utf16[0]); i++ ) {
-    struct utf16 *e = &utf16[i];
-    PRBool result;
-    unsigned char utf8[8];
-    unsigned int len = 0;
-    PRUint32 back32 = 0;
-    PRUint16 back[2];
-
-    (void)memset(utf8, 0, sizeof(utf8));
-    
-    result = sec_port_ucs2_utf8_conversion_function(PR_FALSE, 
-      (unsigned char *)&e->w[0], sizeof(e->w), utf8, sizeof(utf8), &len);
-
-    if( !result ) {
-      fprintf(stdout, "Failed to convert UTF-16 0x%04.4x 0x%04.4x to UTF-8\n", 
-              e->w[0], e->w[1]);
-      rv = PR_FALSE;
-      continue;
-    }
-
-    result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
-      utf8, len, (unsigned char *)&back32, sizeof(back32), &len);
-
-    if( 4 != len ) {
-      fprintf(stdout, "Failed to convert UTF-16 0x%04.4x 0x%04.4x to UTF-8: "
-              "unexpected len %d\n", e->w[0], e->w[1], len);
-      rv = PR_FALSE;
-      continue;
-    }
-
-    utf8[len] = '\0'; /* null-terminate for printing */
-
-    if( !result ) {
-      dump_utf8("Failed to convert UTF-8", utf8, "to UCS-4 (utf-16 test)\n");
-      rv = PR_FALSE;
-      continue;
-    }
-
-    if( (sizeof(back32) != len) || (e->c != back32) ) {
-      fprintf(stdout, "Wrong conversion of UTF-16 0x%04.4x 0x%04.4x ", 
-              e->w[0], e->w[1]);
-      dump_utf8("to UTF-8", utf8, "and then to UCS-4: ");
-      if( sizeof(back32) != len ) {
-        fprintf(stdout, "len is %d\n", len);
-      } else {
-        fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back32);
-      }
-      rv = PR_FALSE;
-      continue;
-    }
-
-    (void)memset(utf8, 0, sizeof(utf8));
-    back[0] = back[1] = 0;
-
-    result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
-      (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
-    if( !result ) {
-      fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8 (utf-16 test)\n",
-              e->c);
-      rv = PR_FALSE;
-      continue;
-    }
-
-    result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
-      utf8, len, (unsigned char *)&back[0], sizeof(back), &len);
-
-    if( 4 != len ) {
-      fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8: "
-              "unexpected len %d\n", e->c, len);
-      rv = PR_FALSE;
-      continue;
-    }
-
-    utf8[len] = '\0'; /* null-terminate for printing */
-
-    if( !result ) {
-      dump_utf8("Failed to convert UTF-8", utf8, "to UTF-16\n");
-      rv = PR_FALSE;
-      continue;
-    }
-
-    if( (sizeof(back) != len) || (e->w[0] != back[0]) || (e->w[1] != back[1]) ) {
-      fprintf(stdout, "Wrong conversion of UCS-4 0x%08.8x to UTF-8", e->c);
-      dump_utf8("", utf8, "and then to UTF-16:");
-      if( sizeof(back) != len ) {
-        fprintf(stdout, "len is %d\n", len);
-      } else {
-        fprintf(stdout, "expected 0x%04.4x 0x%04.4x, received 0x%04.4x 0x%04.4xx\n",
-                e->w[0], e->w[1], back[0], back[1]);
-      }
-      rv = PR_FALSE;
-      continue;
-    }
-  }
-
-  return rv;
-}
-#endif /* UTF16 */
-
-static PRBool
-test_zeroes
-(
-  void
-)
-{
-  PRBool rv = PR_TRUE;
-  PRBool result;
-  PRUint32 lzero = 0;
-  PRUint16 szero = 0;
-  unsigned char utf8[8];
-  unsigned int len = 0;
-  PRUint32 lback = 1;
-  PRUint16 sback = 1;
-
-  (void)memset(utf8, 1, sizeof(utf8));
-
-  result = sec_port_ucs4_utf8_conversion_function(PR_FALSE, 
-    (unsigned char *)&lzero, sizeof(lzero), utf8, sizeof(utf8), &len);
-
-  if( !result ) {
-    fprintf(stdout, "Failed to convert UCS-4 0x00000000 to UTF-8\n");
-    rv = PR_FALSE;
-  } else if( 1 != len ) {
-    fprintf(stdout, "Wrong conversion of UCS-4 0x00000000: len = %d\n", len);
-    rv = PR_FALSE;
-  } else if( '\0' != *utf8 ) {
-    fprintf(stdout, "Wrong conversion of UCS-4 0x00000000: expected 00 ,"
-            "received %02.2x\n", (unsigned int)*utf8);
-    rv = PR_FALSE;
-  }
-
-  result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
-    "", 1, (unsigned char *)&lback, sizeof(lback), &len);
-
-  if( !result ) {
-    fprintf(stdout, "Failed to convert UTF-8 00 to UCS-4\n");
-    rv = PR_FALSE;
-  } else if( 4 != len ) {
-    fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-4: len = %d\n", len);
-    rv = PR_FALSE;
-  } else if( 0 != lback ) {
-    fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-4: "
-            "expected 0x00000000, received 0x%08.8x\n", lback);
-    rv = PR_FALSE;
-  }
-
-  (void)memset(utf8, 1, sizeof(utf8));
-
-  result = sec_port_ucs2_utf8_conversion_function(PR_FALSE, 
-    (unsigned char *)&szero, sizeof(szero), utf8, sizeof(utf8), &len);
-
-  if( !result ) {
-    fprintf(stdout, "Failed to convert UCS-2 0x0000 to UTF-8\n");
-    rv = PR_FALSE;
-  } else if( 1 != len ) {
-    fprintf(stdout, "Wrong conversion of UCS-2 0x0000: len = %d\n", len);
-    rv = PR_FALSE;
-  } else if( '\0' != *utf8 ) {
-    fprintf(stdout, "Wrong conversion of UCS-2 0x0000: expected 00 ,"
-            "received %02.2x\n", (unsigned int)*utf8);
-    rv = PR_FALSE;
-  }
-
-  result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
-    "", 1, (unsigned char *)&sback, sizeof(sback), &len);
-
-  if( !result ) {
-    fprintf(stdout, "Failed to convert UTF-8 00 to UCS-2\n");
-    rv = PR_FALSE;
-  } else if( 2 != len ) {
-    fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-2: len = %d\n", len);
-    rv = PR_FALSE;
-  } else if( 0 != sback ) {
-    fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-2: "
-            "expected 0x0000, received 0x%04.4x\n", sback);
-    rv = PR_FALSE;
-  }
-
-  return rv;
-}
-
-static PRBool
-test_multichars
-(
-  void
-)
-{
-  int i;
-  unsigned int len, lenout;
-  PRUint32 *ucs4s;
-  char *ucs4_utf8;
-  PRUint16 *ucs2s;
-  char *ucs2_utf8;
-  void *tmp;
-  PRBool result;
-
-  ucs4s = (PRUint32 *)calloc(sizeof(ucs4)/sizeof(ucs4[0]), sizeof(PRUint32));
-  ucs2s = (PRUint16 *)calloc(sizeof(ucs2)/sizeof(ucs2[0]), sizeof(PRUint16));
-
-  if( ((PRUint32 *)NULL == ucs4s) || ((PRUint16 *)NULL == ucs2s) ) {
-    fprintf(stderr, "out of memory\n");
-    exit(1);
-  }
-
-  len = 0;
-  for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
-    ucs4s[i] = ucs4[i].c;
-    len += strlen(ucs4[i].utf8);
-  }
-
-  ucs4_utf8 = (char *)malloc(len);
-
-  len = 0;
-  for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
-    ucs2s[i] = ucs2[i].c;
-    len += strlen(ucs2[i].utf8);
-  }
-
-  ucs2_utf8 = (char *)malloc(len);
-
-  if( ((char *)NULL == ucs4_utf8) || ((char *)NULL == ucs2_utf8) ) {
-    fprintf(stderr, "out of memory\n");
-    exit(1);
-  }
-
-  *ucs4_utf8 = '\0';
-  for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
-    strcat(ucs4_utf8, ucs4[i].utf8);
-  }
-
-  *ucs2_utf8 = '\0';
-  for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
-    strcat(ucs2_utf8, ucs2[i].utf8);
-  }
-
-  /* UTF-8 -> UCS-4 */
-  len = sizeof(ucs4)/sizeof(ucs4[0]) * sizeof(PRUint32);
-  tmp = calloc(len, 1);
-  if( (void *)NULL == tmp ) {
-    fprintf(stderr, "out of memory\n");
-    exit(1);
-  }
-
-  result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
-    ucs4_utf8, strlen(ucs4_utf8), tmp, len, &lenout);
-  if( !result ) {
-    fprintf(stdout, "Failed to convert much UTF-8 to UCS-4\n");
-    goto done;
-  }
-
-  if( lenout != len ) {
-    fprintf(stdout, "Unexpected length converting much UTF-8 to UCS-4\n");
-    goto loser;
-  }
-
-  if( 0 != memcmp(ucs4s, tmp, len) ) {
-    fprintf(stdout, "Wrong conversion of much UTF-8 to UCS-4\n");
-    goto loser;
-  }
-
-  free(tmp); tmp = (void *)NULL;
-
-  /* UCS-4 -> UTF-8 */
-  len = strlen(ucs4_utf8);
-  tmp = calloc(len, 1);
-  if( (void *)NULL == tmp ) {
-    fprintf(stderr, "out of memory\n");
-    exit(1);
-  }
-
-  result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
-    (unsigned char *)ucs4s, sizeof(ucs4)/sizeof(ucs4[0]) * sizeof(PRUint32), 
-    tmp, len, &lenout);
-  if( !result ) {
-    fprintf(stdout, "Failed to convert much UCS-4 to UTF-8\n");
-    goto done;
-  }
-
-  if( lenout != len ) {
-    fprintf(stdout, "Unexpected length converting much UCS-4 to UTF-8\n");
-    goto loser;
-  }
-
-  if( 0 != strncmp(ucs4_utf8, tmp, len) ) {
-    fprintf(stdout, "Wrong conversion of much UCS-4 to UTF-8\n");
-    goto loser;
-  }
-
-  free(tmp); tmp = (void *)NULL;
-
-  /* UTF-8 -> UCS-2 */
-  len = sizeof(ucs2)/sizeof(ucs2[0]) * sizeof(PRUint16);
-  tmp = calloc(len, 1);
-  if( (void *)NULL == tmp ) {
-    fprintf(stderr, "out of memory\n");
-    exit(1);
-  }
-
-  result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
-    ucs2_utf8, strlen(ucs2_utf8), tmp, len, &lenout);
-  if( !result ) {
-    fprintf(stdout, "Failed to convert much UTF-8 to UCS-2\n");
-    goto done;
-  }
-
-  if( lenout != len ) {
-    fprintf(stdout, "Unexpected length converting much UTF-8 to UCS-2\n");
-    goto loser;
-  }
-
-  if( 0 != memcmp(ucs2s, tmp, len) ) {
-    fprintf(stdout, "Wrong conversion of much UTF-8 to UCS-2\n");
-    goto loser;
-  }
-
-  free(tmp); tmp = (void *)NULL;
-
-  /* UCS-2 -> UTF-8 */
-  len = strlen(ucs2_utf8);
-  tmp = calloc(len, 1);
-  if( (void *)NULL == tmp ) {
-    fprintf(stderr, "out of memory\n");
-    exit(1);
-  }
-
-  result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
-    (unsigned char *)ucs2s, sizeof(ucs2)/sizeof(ucs2[0]) * sizeof(PRUint16), 
-    tmp, len, &lenout);
-  if( !result ) {
-    fprintf(stdout, "Failed to convert much UCS-2 to UTF-8\n");
-    goto done;
-  }
-
-  if( lenout != len ) {
-    fprintf(stdout, "Unexpected length converting much UCS-2 to UTF-8\n");
-    goto loser;
-  }
-
-  if( 0 != strncmp(ucs2_utf8, tmp, len) ) {
-    fprintf(stdout, "Wrong conversion of much UCS-2 to UTF-8\n");
-    goto loser;
-  }
-
-#ifdef UTF16
-  /* implement me */
-#endif /* UTF16 */
-
-  result = PR_TRUE;
-  goto done;
-
- loser:
-  result = PR_FALSE;
- done:
-  free(ucs4s);
-  free(ucs4_utf8);
-  free(ucs2s);
-  free(ucs2_utf8);
-  if( (void *)NULL != tmp ) free(tmp);
-  return result;
-}
-
-void
-byte_order
-(
-  void
-)
-{
-  /*
-   * The implementation (now) expects the 16- and 32-bit characters
-   * to be in network byte order, not host byte order.  Therefore I
-   * have to byteswap all those test vectors above.  hton[ls] may be
-   * functions, so I have to do this dynamically.  If you want to 
-   * use this code to do host byte order conversions, just remove
-   * the call in main() to this function.
-   */
-
-  int i;
-
-  for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
-    struct ucs4 *e = &ucs4[i];
-    e->c = htonl(e->c);
-  }
-
-  for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
-    struct ucs2 *e = &ucs2[i];
-    e->c = htons(e->c);
-  }
-
-#ifdef UTF16
-  for( i = 0; i < sizeof(utf16)/sizeof(utf16[0]); i++ ) {
-    struct utf16 *e = &utf16[i];
-    e->c = htonl(e->c);
-    e->w[0] = htons(e->w[0]);
-    e->w[1] = htons(e->w[1]);
-  }
-#endif /* UTF16 */
-
-  return;
-}
-
-int
-main
-(
-  int argc,
-  char *argv[]
-)
-{
-  byte_order();
-
-  if( test_ucs4_chars() &&
-      test_ucs2_chars() &&
-#ifdef UTF16
-      test_utf16_chars() &&
-#endif /* UTF16 */
-      test_zeroes() &&
-      test_multichars() &&
-      PR_TRUE ) {
-    fprintf(stderr, "PASS\n");
-    return 1;
-  } else {
-    fprintf(stderr, "FAIL\n");
-    return 0;
-  }
-}
-
-#endif /* TEST_UTF8 */
diff --git a/security/nss/lib/util/watcomfx.h b/security/nss/lib/util/watcomfx.h
deleted file mode 100644
index bc1d20f72..000000000
--- a/security/nss/lib/util/watcomfx.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#ifndef __WATCOM_FIX_H__
-#define __WATCOM_FIX_H__ 1
-/*
- * WATCOM's C compiler doesn't default to "__cdecl" conventions for external
- * symbols and functions.  Rather than adding an explicit __cdecl modifier to 
- * every external symbol and function declaration and definition, we use the 
- * following pragma to (attempt to) change WATCOM c's default to __cdecl.
- * These pragmas were taken from pages 180-181, 266 & 269 of the 
- * Watcom C/C++ version 11 User's Guide, 3rd edition.
- */
-#if defined(XP_WIN16) || defined(WIN16) 
-#pragma aux default "_*" \
-	parm caller [] \
-	value struct float struct routine [ax] \
-	modify [ax bx cx dx es]
-#else
-#pragma aux default "_*" \
-	parm caller [] \
-	value struct float struct routine [eax] \
-	modify [eax ecx edx]
-#endif
-#pragma aux default far
-
-#endif /* once */
-#endif /* WATCOM compiler */
diff --git a/security/nss/macbuild/LoadableRoots.mcp.exp b/security/nss/macbuild/LoadableRoots.mcp.exp
deleted file mode 100644
index 562ecea21..000000000
--- a/security/nss/macbuild/LoadableRoots.mcp.exp
+++ /dev/null
@@ -1 +0,0 @@
-C_GetFunctionList
diff --git a/security/nss/macbuild/LoadableRoots.xml b/security/nss/macbuild/LoadableRoots.xml
deleted file mode 100644
index 5f3682970..000000000
--- a/security/nss/macbuild/LoadableRoots.xml
+++ /dev/null
@@ -1,2664 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>NSSckbi.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:builtins:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>NSSckbi.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>25ps6an5jceai[&#213;&#224;&#177;&#176;(</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSSCKBI</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckbi.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>mozz</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>anchor.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>constants.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bfind.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>binst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bobject.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bsession.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>btoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSSckfw.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>LoadableRoots.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>anchor.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>constants.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bfind.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>binst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bobject.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bsession.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>btoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSSckfw.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>LoadableRoots.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>NSSckbiDebug.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:builtins:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>NSSckbiDebug.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>25ps6an5jceai[&#213;&#224;&#177;&#176;(</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSSCKBI</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckbiDebug.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>mozz</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>anchor.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>constants.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bfind.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>binst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bobject.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bsession.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>btoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSSckfwDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>LoadableRoots.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>anchor.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>constants.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bfind.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>binst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bobject.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bsession.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>bslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>btoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSSckfwDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>macstubs.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>LoadableRoots.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>NSSckbi.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>NSSckbiDebug.shlb</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <GROUP><NAME>Libraries</NAME>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSLibraryStartup.o</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <GROUP><NAME>Optimized</NAME>
-                <FILEREF>
-                    <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSSckfw.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <GROUP><NAME>Debug</NAME>
-                <FILEREF>
-                    <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSSckfwDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSSckbiDebug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-        </GROUP>
-        <GROUP><NAME>NSS Base</NAME>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>arena.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>error.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>errorval.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>hashops.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>libc.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>tracker.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>utf8.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>whatnspr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>anchor.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>certdata.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>constants.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>bfind.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>binst.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>bobject.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>bsession.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>bslot.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>btoken.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>macstubs.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckbi.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>LoadableRoots.mcp.exp</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/NSS.Prefix b/security/nss/macbuild/NSS.Prefix
deleted file mode 100755
index 9a088a3b1..000000000
--- a/security/nss/macbuild/NSS.Prefix
+++ /dev/null
@@ -1,3 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix.h"
-#include "NSSCommon.h"
diff --git a/security/nss/macbuild/NSS.xml b/security/nss/macbuild/NSS.xml
deleted file mode 100644
index a9aefb197..000000000
--- a/security/nss/macbuild/NSS.xml
+++ /dev/null
@@ -1,4408 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>NSS3Debug.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>NSS3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE>no connections avaiable</VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>253yj7s53gi3a[&#213;&#224;&#177;&#176;(</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSS3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSS3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg1485.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certv3.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certxutl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>genname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>polcyxtn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>stanpcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xauthkid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xbsconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>item.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ckhelper.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devmod.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devtoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asymmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certificate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cryptocontext.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pki3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkibase.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkistore.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>symmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tdcache.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>trustdomain.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhigh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhtml.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crlv2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ocsp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xcrldist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dev3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11cert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11err.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11kea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11load.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pars.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pk12.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11sdr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11skey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11util.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsautil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sechash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>seckey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secsign.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utilDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBMDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>Softoken3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg1485.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certv3.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certxutl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>genname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>polcyxtn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>stanpcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xauthkid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xbsconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>item.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ckhelper.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devmod.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devtoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asymmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certificate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cryptocontext.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pki3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkibase.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkistore.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>symmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tdcache.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>trustdomain.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhigh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhtml.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crlv2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ocsp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xcrldist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dev3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11cert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11err.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11kea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11load.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pars.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pk12.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11sdr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11skey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11util.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsautil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sechash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>seckey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secsign.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utilDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBMDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>Softoken3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>NSS3.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:asn1:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:smime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:certdb:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:certhigh:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:crmf:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:cryptohi:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:fortcrypt:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:freebl:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:jar:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:nss:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pk11wrap:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs12:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs7:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pki1:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ssl:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:softoken:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:dev:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pki:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MacOS Support:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:MSL:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>NSS3.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>253yj7s53gi3a[&#213;&#224;&#177;&#176;(</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>NSS3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSS3.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg1485.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certv3.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certxutl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>genname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>polcyxtn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>stanpcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xauthkid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xbsconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>item.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ckhelper.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devmod.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devtoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asymmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certificate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cryptocontext.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pki3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkibase.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkistore.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>symmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tdcache.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>trustdomain.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhigh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhtml.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crlv2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ocsp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xcrldist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dev3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11cert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11err.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11kea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11load.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pars.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pk12.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11sdr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11skey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11util.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsautil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sechash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>seckey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secsign.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>util.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBM.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>Softoken3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg1485.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certv3.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certxutl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>genname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>polcyxtn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secname.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>stanpcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xauthkid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xbsconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xconst.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arena.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>error.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>errorval.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hashops.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>item.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>libc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tracker.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>whatnspr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ckhelper.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devmod.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devslot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devtoken.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>devutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asymmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certificate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cryptocontext.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pki3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkibase.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkistore.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>symmkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>tdcache.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>trustdomain.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhigh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certhtml.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crlv2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ocsp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>xcrldist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dev3hack.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11cert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11err.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11kea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11list.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11load.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pars.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pk12.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11sdr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11skey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11util.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsautil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sechash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>seckey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secsign.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secvfy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>util.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBM.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>Softoken3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>NSS3Debug.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>NSS3.shlb</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <GROUP><NAME>Rescued Items</NAME>
-        </GROUP>
-        <GROUP><NAME>Libraries</NAME>
-            <GROUP><NAME>Optimized</NAME>
-                <FILEREF>
-                    <TARGETNAME>NSS3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>util.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBM.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>Softoken3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <GROUP><NAME>Debug</NAME>
-                <FILEREF>
-                    <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utilDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBMDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>Softoken3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSStdLibStubs</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSLibraryStartup.o</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>asn1</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>asn1.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>base</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>arena.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>error.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>errorval.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>hashops.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>item.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>libc.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>list.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>tracker.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>whatnspr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>hash.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>utf8.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>certdb</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>alg1485.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certdb.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certv3.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certxutl.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>crl.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>genname.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>polcyxtn.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>secname.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>stanpcertdb.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>xauthkid.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>xbsconst.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>xconst.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>certhigh</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certhigh.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certhtml.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certreq.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certvfy.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>crlv2.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ocsp.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>xcrldist.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>cryptohi</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>dsautil.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sechash.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>seckey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>secsign.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>secvfy.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>dev</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ckhelper.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>devmod.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>devslot.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>devtoken.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>devutil.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>nss</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>nssinit.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>nssver.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>pk11wrap</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>dev3hack.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11cert.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11err.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11kea.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11list.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11load.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11pars.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11pbe.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11pk12.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11pqg.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11sdr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11skey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11slot.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11util.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>pki</NAME>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>asymmkey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certdecode.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certificate.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cryptocontext.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pki3hack.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pkibase.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pkistore.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>symmkey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>tdcache.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>trustdomain.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <FILEREF>
-            <TARGETNAME>NSS3Debug.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>NSS.mcp.exp</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/NSSCommon.h b/security/nss/macbuild/NSSCommon.h
deleted file mode 100755
index 83a54d7e3..000000000
--- a/security/nss/macbuild/NSSCommon.h
+++ /dev/null
@@ -1,6 +0,0 @@
-/* Defines common to all versions of NSS */
-
-#define NSPR20 1
-#define MP_API_COMPATIBLE 1
-#define NSS_3_4_CODE 1 /* Remove this when we start building NSS 4.0 by default */
-#define SHLIB_SUFFIX "shlb"
diff --git a/security/nss/macbuild/NSSDebug.Prefix b/security/nss/macbuild/NSSDebug.Prefix
deleted file mode 100755
index 967b0889c..000000000
--- a/security/nss/macbuild/NSSDebug.Prefix
+++ /dev/null
@@ -1,3 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix_debug.h"
-#include "NSSCommon.h"
diff --git a/security/nss/macbuild/NSSckfw.xml b/security/nss/macbuild/NSSckfw.xml
deleted file mode 100644
index 247e8e720..000000000
--- a/security/nss/macbuild/NSSckfw.xml
+++ /dev/null
@@ -1,2232 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>NSSckfw.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>NSSckfw.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>263jyj7n63jgi32p&#211;&#191;H</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level3</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckfw.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>find.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>instance.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mechanism.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>object.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>session.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sessobj.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>token.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>wrap.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>find.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>instance.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mechanism.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>object.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>session.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sessobj.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>token.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>wrap.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>NSSckfwDebug.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ckfw:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:base:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>NSSckfwDebug.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>263jyj7n63jgi32p&#211;&#191;H</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>10</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DLGX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>NSSckfwDebug.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>find.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>instance.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mechanism.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>object.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>session.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sessobj.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>token.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>wrap.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>find.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>hash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>instance.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mechanism.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>object.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>session.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sessobj.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>slot.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>token.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>wrap.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>NSSckfw.o</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>NSSckfwDebug.o</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>find.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>hash.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>instance.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>mechanism.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>mutex.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>object.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>session.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>sessobj.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>slot.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>token.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>NSSckfw.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>wrap.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/Softoken.Prefix b/security/nss/macbuild/Softoken.Prefix
deleted file mode 100644
index 977efc8e2..000000000
--- a/security/nss/macbuild/Softoken.Prefix
+++ /dev/null
@@ -1,4 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix.h"
-#include "NSSCommon.h"
-#include "SoftokenCommon.h"
\ No newline at end of file
diff --git a/security/nss/macbuild/SoftokenCommon.h b/security/nss/macbuild/SoftokenCommon.h
deleted file mode 100644
index c80b1d31b..000000000
--- a/security/nss/macbuild/SoftokenCommon.h
+++ /dev/null
@@ -1 +0,0 @@
-#define RIJNDAEL_INCLUDE_TABLES 1
\ No newline at end of file
diff --git a/security/nss/macbuild/SoftokenDebug.Prefix b/security/nss/macbuild/SoftokenDebug.Prefix
deleted file mode 100644
index d0303ca71..000000000
--- a/security/nss/macbuild/SoftokenDebug.Prefix
+++ /dev/null
@@ -1,4 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix_debug.h"
-#include "NSSCommon.h"
-#include "SoftokenCommon.h"
\ No newline at end of file
diff --git a/security/nss/macbuild/crmf.xml b/security/nss/macbuild/crmf.xml
deleted file mode 100644
index 299a49281..000000000
--- a/security/nss/macbuild/crmf.xml
+++ /dev/null
@@ -1,2394 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>crmfDebug.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:crmf:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>crmfDebug.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0SA@</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>crmfDebug.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1cmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>challcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfchal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfrec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfresp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfcont.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfpop.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmftmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>encutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>servget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1cmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>challcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfchal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfrec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfresp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfcont.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfpop.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmftmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>encutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>servget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>crmf.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:crmf:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>crmf.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>0SA@</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>crmf.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1cmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>challcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfchal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfrec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfresp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfcont.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfpop.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmftmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>encutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>servget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>asn1cmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>challcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfchal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfrec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmmfresp.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfcont.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfpop.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmfreq.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>crmftmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>encutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcli.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>respcmn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>servget.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>crmfDebug.o</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>crmf.o</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>asn1cmn.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>challcli.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>cmmfasn1.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>cmmfchal.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>cmmfrec.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>cmmfresp.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmfcont.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmfdec.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmfenc.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmfget.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmfpop.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmfreq.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>crmftmpl.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>encutil.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>respcli.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>respcmn.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>crmfDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>servget.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/macstubs.c b/security/nss/macbuild/macstubs.c
deleted file mode 100644
index 98613cd06..000000000
--- a/security/nss/macbuild/macstubs.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
- 
- /*
-  * This file is meant only to make the Mac version of the 
-  * loadable root certs not have to build the nsprstub for NSS
-  * which causes 2 versions of the PR_* functions to be loaded.
-  * Very bad potentially.
-  */
-  
-  #include "pkcs11t.h"
-  
-  void
-  nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs) {}
-  
\ No newline at end of file
diff --git a/security/nss/macbuild/smime.xml b/security/nss/macbuild/smime.xml
deleted file mode 100644
index 9671a3b56..000000000
--- a/security/nss/macbuild/smime.xml
+++ /dev/null
@@ -1,3250 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>SMIME3Debug.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs12:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs7:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:smime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>SMIME3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SMIME3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SMIME3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12creat.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12dec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12plcy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12tmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certread.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7common.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7create.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7decode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7encode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secmime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsarray.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsattr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscipher.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsenvdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsmessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmspubkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsrecinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsreclist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssiginfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimemessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimeutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimever.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smime.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12creat.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12dec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12plcy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12tmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certread.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7common.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7create.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7decode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7encode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secmime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsarray.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsattr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscipher.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsenvdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsmessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmspubkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsrecinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsreclist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssiginfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimemessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimeutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimever.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smime.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>SMIME3.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs12:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:pkcs7:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:smime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>SMIME3.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SMIME3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SMIME3.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12creat.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12dec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12plcy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12tmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certread.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7common.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7create.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7decode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7encode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secmime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsarray.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsattr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscipher.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsenvdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsmessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmspubkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsrecinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsreclist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssiginfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimemessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimeutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimever.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smime.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12creat.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12dec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12plcy.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p12tmpl.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>certread.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7common.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7create.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7decode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7encode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>p7local.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secmime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsarray.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsasn1.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsattr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmscipher.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdecode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsdigest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsencode.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsenvdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsmessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmspubkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsrecinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsreclist.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssigdata.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmssiginfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmsutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimemessage.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimeutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smimever.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>smime.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>SMIME3Debug.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>SMIME3.shlb</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <GROUP><NAME>pkcs7</NAME>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>certread.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p7common.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p7create.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p7decode.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p7encode.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p7local.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>secmime.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>pkcs12</NAME>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12creat.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12d.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12dec.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12e.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12local.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12plcy.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>p12tmpl.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>smime</NAME>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsarray.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsasn1.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsattr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmscinfo.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmscipher.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsdecode.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsdigdata.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsdigest.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsencdata.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsencode.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsenvdata.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsmessage.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmspubkey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsrecinfo.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsreclist.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmssigdata.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmssiginfo.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmsutil.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>smimemessage.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>smimeutil.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>smimever.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>Libraries</NAME>
-            <GROUP><NAME>Debug</NAME>
-                <FILEREF>
-                    <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <GROUP><NAME>Optimized</NAME>
-                <FILEREF>
-                    <TARGETNAME>SMIME3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SMIME3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SMIME3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SMIME3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <FILEREF>
-                <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSLibraryStartup.o</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <FILEREF>
-            <TARGETNAME>SMIME3Debug.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>smime.mcp.exp</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/softoken.xml b/security/nss/macbuild/softoken.xml
deleted file mode 100644
index 9ac1eefb2..000000000
--- a/security/nss/macbuild/softoken.xml
+++ /dev/null
@@ -1,3434 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>Softoken3Debug.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:freebl:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:softoken:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>Softoken3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>SoftokenDebug.prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>Softoken3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>Softoken3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utilDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg2268.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfive.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfour.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>des.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>desblapi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ldvector.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md5.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prng_fips1861.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rijndael.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sha_fast.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sysrand.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mplogic.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpmontg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpprime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alghmac.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dbinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstokn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>keydb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowpbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>padbuf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11c.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rawhash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsawrapr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBMDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softoken.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softkver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utilDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg2268.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfive.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfour.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>des.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>desblapi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ldvector.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md5.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prng_fips1861.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rijndael.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sha_fast.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sysrand.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mplogic.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpmontg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpprime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alghmac.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dbinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstokn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>keydb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowpbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>padbuf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11c.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rawhash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsawrapr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBMDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softoken.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softkver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>Softoken3.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:freebl:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:softoken:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dbm:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>Softoken3.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>Softoken.prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>Softoken3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>Softoken3.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg2268.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfive.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfour.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>des.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>desblapi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ldvector.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md5.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prng_fips1861.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rijndael.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sha_fast.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sysrand.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mplogic.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpmontg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpprime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alghmac.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dbinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstokn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>keydb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowpbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>padbuf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11c.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rawhash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsawrapr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>util.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBM.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softoken.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softkver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alg2268.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfive.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>arcfour.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>des.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>desblapi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dh.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ldvector.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md2.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>md5.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prng_fips1861.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rijndael.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsa.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sha_fast.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sysrand.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpi.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mplogic.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpmontg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>mpprime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>alghmac.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dbinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstest.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>fipstokn.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>keydb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowkey.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>lowpbe.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>padbuf.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pcertdb.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pk11db.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11c.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pkcs11u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rawhash.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>rsawrapr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>InterfacesStubs</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>util.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBM.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softoken.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>softkver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>Softoken3Debug.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>Softoken3.shlb</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <GROUP><NAME>freebl</NAME>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>alg2268.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>arcfive.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>arcfour.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>des.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>desblapi.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>dh.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>dsa.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ldvector.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>md2.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>md5.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pqg.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>prng_fips1861.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>rijndael.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>rsa.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sha_fast.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sysrand.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>mpi.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>mplogic.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>mpmontg.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>mpprime.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>softoken</NAME>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>alghmac.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>dbinit.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>fipstest.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>fipstokn.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>keydb.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>lowcert.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>lowkey.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>lowpbe.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>padbuf.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pcertdb.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pk11db.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pkcs11.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pkcs11c.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>pkcs11u.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>rawhash.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>rsawrapr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>softkver.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>Libraries</NAME>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSLibraryStartup.o</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>InterfacesStubs</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <GROUP><NAME>Optimized</NAME>
-                <FILEREF>
-                    <TARGETNAME>Softoken3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>util.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBM.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <GROUP><NAME>Debug</NAME>
-                <FILEREF>
-                    <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utilDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>DBMDebug.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-        </GROUP>
-        <FILEREF>
-            <TARGETNAME>Softoken3Debug.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>softoken.mcp.exp</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/ssl.xml b/security/nss/macbuild/ssl.xml
deleted file mode 100644
index b6eed8118..000000000
--- a/security/nss/macbuild/ssl.xml
+++ /dev/null
@@ -1,2816 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>SSL3Debug.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ssl:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>SSL3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE>no connections avaiable</VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SSL3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SSL3Debug.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>authcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmpcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>emulate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsskea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prelib.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3con.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3gthr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslauth.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslcon.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssldef.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslenum.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslerr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslgathr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslmutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslnonce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslreveal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsecur.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsnce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssltrace.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>authcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmpcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>emulate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsskea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prelib.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3con.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3gthr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslauth.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslcon.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssldef.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslenum.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslerr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslgathr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslmutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslnonce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslreveal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsecur.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsnce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssltrace.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>SSL3.shlb</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:ssl:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::nsprpub:macbuild:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSRuntime:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::lib:mac:NSStdLib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>SSL3.shlb</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE>no connections avaiable</VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE>__NSInitialize</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE>__NSTerminate</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>File</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE>SSL3</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>SharedLibrary</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>SSL3.shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>MOZZ</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>shlb</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>authcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmpcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>emulate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsskea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prelib.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3con.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3gthr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslauth.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslcon.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssldef.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslenum.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslerr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslgathr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslmutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslnonce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslreveal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsecur.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsnce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssltrace.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Library</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS>Debug</FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>authcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>cmpcert.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>emulate.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsskea.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>prelib.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3con.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl3gthr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslauth.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslcon.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssldef.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslenum.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslerr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslgathr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslinfo.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslmutex.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslnonce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslreveal.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsecur.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsnce.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslsock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssltrace.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sslver.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSLibraryStartup.o</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>ssl.mcp.exp</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>SSL3Debug.shlb</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>SSL3.shlb</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <GROUP><NAME>ssl</NAME>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>authcert.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>cmpcert.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>emulate.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>nsskea.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>prelib.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ssl3con.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ssl3gthr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslauth.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslcon.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ssldef.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslenum.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslerr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslgathr.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslinfo.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslmutex.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslnonce.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslreveal.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslsecur.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslsnce.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslsock.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>ssltrace.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>sslver.c</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-        </GROUP>
-        <GROUP><NAME>Libraries</NAME>
-            <FILEREF>
-                <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                <PATHTYPE>Name</PATHTYPE>
-                <PATH>NSLibraryStartup.o</PATH>
-                <PATHFORMAT>MacOS</PATHFORMAT>
-            </FILEREF>
-            <GROUP><NAME>Optimized</NAME>
-                <FILEREF>
-                    <TARGETNAME>SSL3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SSL3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SSL3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntime.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SSL3.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLib.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-            <GROUP><NAME>Debug</NAME>
-                <FILEREF>
-                    <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSS3Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSPR20Debug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSRuntimeDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>NSStdLibDebug.shlb</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </GROUP>
-        </GROUP>
-        <FILEREF>
-            <TARGETNAME>SSL3Debug.shlb</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>ssl.mcp.exp</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/macbuild/util.xml b/security/nss/macbuild/util.xml
deleted file mode 100644
index 2b7186624..000000000
--- a/security/nss/macbuild/util.xml
+++ /dev/null
@@ -1,2584 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<?codewarrior exportversion="1.0.1" ideversion="4.2" ?>
-
-<!DOCTYPE PROJECT [
-<!ELEMENT PROJECT (TARGETLIST, TARGETORDER, GROUPLIST, DESIGNLIST?)>
-<!ELEMENT TARGETLIST (TARGET+)>
-<!ELEMENT TARGET (NAME, SETTINGLIST, FILELIST?, LINKORDER?, SEGMENTLIST?, OVERLAYGROUPLIST?, SUBTARGETLIST?, SUBPROJECTLIST?, FRAMEWORKLIST)>
-<!ELEMENT NAME (#PCDATA)>
-<!ELEMENT USERSOURCETREETYPE (#PCDATA)>
-<!ELEMENT PATH (#PCDATA)>
-<!ELEMENT FILELIST (FILE*)>
-<!ELEMENT FILE (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?, ROOTFILEREF?, FILEKIND?, FILEFLAGS?)>
-<!ELEMENT PATHTYPE (#PCDATA)>
-<!ELEMENT PATHROOT (#PCDATA)>
-<!ELEMENT ACCESSPATH (#PCDATA)>
-<!ELEMENT PATHFORMAT (#PCDATA)>
-<!ELEMENT ROOTFILEREF (PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT FILEKIND (#PCDATA)>
-<!ELEMENT FILEFLAGS (#PCDATA)>
-<!ELEMENT FILEREF (TARGETNAME?, PATHTYPE, PATHROOT?, ACCESSPATH?, PATH, PATHFORMAT?)>
-<!ELEMENT TARGETNAME (#PCDATA)>
-<!ELEMENT SETTINGLIST ((SETTING|PANELDATA)+)>
-<!ELEMENT SETTING (NAME?, (VALUE|(SETTING+)))>
-<!ELEMENT PANELDATA (NAME, VALUE)>
-<!ELEMENT VALUE (#PCDATA)>
-<!ELEMENT LINKORDER (FILEREF*)>
-<!ELEMENT SEGMENTLIST (SEGMENT+)>
-<!ELEMENT SEGMENT (NAME, ATTRIBUTES?, FILEREF*)>
-<!ELEMENT ATTRIBUTES (#PCDATA)>
-<!ELEMENT OVERLAYGROUPLIST (OVERLAYGROUP+)>
-<!ELEMENT OVERLAYGROUP (NAME, BASEADDRESS, OVERLAY*)>
-<!ELEMENT BASEADDRESS (#PCDATA)>
-<!ELEMENT OVERLAY (NAME, FILEREF*)>
-<!ELEMENT SUBTARGETLIST (SUBTARGET+)>
-<!ELEMENT SUBTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT SUBPROJECTLIST (SUBPROJECT+)>
-<!ELEMENT SUBPROJECT (FILEREF, SUBPROJECTTARGETLIST)>
-<!ELEMENT SUBPROJECTTARGETLIST (SUBPROJECTTARGET*)>
-<!ELEMENT SUBPROJECTTARGET (TARGETNAME, ATTRIBUTES?, FILEREF?)>
-<!ELEMENT FRAMEWORKLIST (FRAMEWORK+)>
-<!ELEMENT FRAMEWORK (FILEREF, LIBRARYFILE?, VERSION?)>
-<!ELEMENT LIBRARYFILE (FILEREF)>
-<!ELEMENT VERSION (#PCDATA)>
-<!ELEMENT TARGETORDER (ORDEREDTARGET|ORDEREDDESIGN)*>
-<!ELEMENT ORDEREDTARGET (NAME)>
-<!ELEMENT ORDEREDDESIGN (NAME, ORDEREDTARGET+)>
-<!ELEMENT GROUPLIST (GROUP|FILEREF)*>
-<!ELEMENT GROUP (NAME, (GROUP|FILEREF)*)>
-<!ELEMENT DESIGNLIST (DESIGN+)>
-<!ELEMENT DESIGN (NAME, DESIGNDATA)>
-<!ELEMENT DESIGNDATA (#PCDATA)>
-]>
-
-<PROJECT>
-    <TARGETLIST>
-        <TARGET>
-            <NAME>utilDebug.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>utilDebug.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSSDebug.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>264mqj7w64m8i3ap&#163;H</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>utilDebug.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dersubr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dertime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssilock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsslocks.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssrwlk.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>portreg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqgutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secalgid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secdig.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secitem.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secoid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secport.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sectime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dersubr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dertime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssilock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsslocks.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssrwlk.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>portreg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqgutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secalgid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secdig.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secitem.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secoid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secport.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sectime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-        <TARGET>
-            <NAME>util.o</NAME>
-            <SETTINGLIST>
-
-                <!-- Settings for "Source Trees" panel -->
-                <SETTING><NAME>UserSourceTrees</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Access Paths" panel -->
-                <SETTING><NAME>AlwaysSearchUserPaths</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>InterpretDOSAndUnixPaths</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>RequireFrameworkStyleIncludes</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>UserSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:util:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:nspr:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:config:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::::dist:mac:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>::lib:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-                <SETTING><NAME>SystemSearchPaths</NAME>
-                    <SETTING>
-                        <SETTING><NAME>SearchPath</NAME>
-                            <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                            <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                            <SETTING><NAME>PathRoot</NAME><VALUE>CodeWarrior</VALUE></SETTING>
-                        </SETTING>
-                        <SETTING><NAME>Recursive</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>FrameworkPath</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>HostFlags</NAME><VALUE>All</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Runtime" panel -->
-                <SETTING><NAME>MWRuntimeSettings_WorkingDirectory</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_CommandLine</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRuntimeSettings_HostApplication</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWRuntimeSettings_EnvVars</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Target Settings" panel -->
-                <SETTING><NAME>Linker</NAME><VALUE>MacOS PPC Linker</VALUE></SETTING>
-                <SETTING><NAME>PreLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>PostLinker</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>Targetname</NAME><VALUE>util.o</VALUE></SETTING>
-                <SETTING><NAME>OutputDirectory</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>SaveEntriesUsingRelativePaths</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "File Mappings" panel -->
-                <SETTING><NAME>FileMappings</NAME>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>APPL</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>Appl</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MMLB</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MPLF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Lib Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>MWCD</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>RSRC</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.arr</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.bh</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Balloon Help</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.c++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.cpp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.exp</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.h</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.idl</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>xpidl</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.pch++</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>MW C/C++ PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>C/C++</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.plist</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.r</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE>Rez</VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>TEXT</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.s</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PPCAsm</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>XCOF</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>docu</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>rsrc</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>shlb</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileType</NAME><VALUE>stub</VALUE></SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>PEF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.doc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>true</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.o</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE>XCOFF Import PPC</VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.ppob</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                    <SETTING>
-                        <SETTING><NAME>FileExtension</NAME><VALUE>.rsrc</VALUE></SETTING>
-                        <SETTING><NAME>Compiler</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>EditLanguage</NAME><VALUE></VALUE></SETTING>
-                        <SETTING><NAME>Precompile</NAME><VALUE>false</VALUE></SETTING>
-                        <SETTING><NAME>Launchable</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>ResourceFile</NAME><VALUE>true</VALUE></SETTING>
-                        <SETTING><NAME>IgnoredByMake</NAME><VALUE>false</VALUE></SETTING>
-                    </SETTING>
-                </SETTING>
-
-                <!-- Settings for "Build Extras" panel -->
-                <SETTING><NAME>CacheModDates</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>ActivateBrowser</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>DumpBrowserInfo</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>CacheSubprojects</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>UseThirdPartyDebugger</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>DebuggerAppPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>DebuggerCmdLineArgs</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DebuggerWorkingDir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Debugger Target" panel -->
-                <SETTING><NAME>LogSystemMessages</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>AutoTargetDLLs</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>StopAtWatchpoints</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PauseWhileRunning</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PauseInterval</NAME><VALUE>5</VALUE></SETTING>
-                <SETTING><NAME>PauseUIFlags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>AltExePath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE></VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>Generic</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Absolute</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>StopAtTempBPOnLaunch</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>CacheSymbolics</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>TempBPFunctionName</NAME><VALUE>main</VALUE></SETTING>
-                <SETTING><NAME>TempBPType</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Remote Debug" panel -->
-                <SETTING><NAME>Enabled</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ConnectionName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>DownloadPath</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>LaunchRemoteApp</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>RemoteAppPath</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Auto-target" panel -->
-                <SETTING><NAME>OtherExecutables</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Custom Keywords" panel -->
-                <SETTING><NAME>CustomColor1</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor2</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor3</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>CustomColor4</NAME>
-                    <SETTING><NAME>Red</NAME><VALUE>0</VALUE></SETTING>
-                    <SETTING><NAME>Green</NAME><VALUE>32767</VALUE></SETTING>
-                    <SETTING><NAME>Blue</NAME><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "C/C++ Compiler" panel -->
-                <SETTING><NAME>MWFrontEnd_C_cplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_checkprotos</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_arm</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_trigraphs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_onlystdkeywords</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enumsalwaysint</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwpointerstyle</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_prefixname</NAME><VALUE>NSS.Prefix</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ansistrict</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_mpwcnewline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_wchar_type</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_enableexceptions</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontreusestrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_poolstrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_dontinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_useRTTI</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_multibyteaware</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_unsignedchars</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_autoinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_booltruefalse</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_direct_to_som</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_som_env_check</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_alwaysinline</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_inlinelevel</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_ecplusplus</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_objective_c</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFrontEnd_C_defer_codegen</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "C/C++ Warnings" panel -->
-                <SETTING><NAME>MWWarning_C_warn_illpragma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_emptydecl</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_possunwant</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedvar</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_unusedarg</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_extracomma</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_pedantic</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warningerrors</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_hidevirtual</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_implicitconv</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_notinlined</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWWarning_C_warn_structclass</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "FTP Panel" panel -->
-                <SETTING><NAME>MWFTP_Post_hostName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_username</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_password</NAME><VALUE>264mqj7w64m8i3ap&#163;H</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_remoteDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_uploadDir</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ftp_port</NAME><VALUE>21</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_SendBin</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWFTP_Post_ShouldLog</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Command Line" panel -->
-                <SETTING><NAME>MWCommandLine_Java_clsName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWCommandLine_Java_args</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PJavaDebugging" panel -->
-                <SETTING><NAME>MWVJavaDebugging_Protocol</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_JDKVersion</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_TimeOut</NAME><VALUE>25</VALUE></SETTING>
-                <SETTING><NAME>MWVJavaDebugging_SupportSlowDevices</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java Language" panel -->
-                <SETTING><NAME>MWJava_Language_optimize</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_warnDeprecated</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitMap</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileNames</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_strictFileHierarchy</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_1_1_Compatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_emitHeaders</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_headerType</NAME><VALUE>JNINativeHeaders</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_packageFilter</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genComments</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Language_genHeaders</NAME><VALUE>false</VALUE></SETTING>
-
-                <!-- Settings for "Java MRJAppBuilder" panel -->
-                <SETTING><NAME>MWJava_MRJAppBuilder_outFile</NAME><VALUE>MRJApplication</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_merge</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_quitMenu</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_grow</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinType</NAME><VALUE>Console</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_appIconFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_splashScreenPICTFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_aboutName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdoutAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrFile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stderrAppend</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinPTree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_MRJAppBuilder_stdinFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Java Output" panel -->
-                <SETTING><NAME>MWJava_Output_outputtype</NAME><VALUE>JarFile</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_outfile</NAME><VALUE>JavaClasses.jar</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_ftype</NAME><VALUE>1514754080</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_fcreator</NAME><VALUE>1297570384</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_genManifest</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_trunctype</NAME><VALUE>Front</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_deleteClasses</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Output_consoleApp</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "Java Project" panel -->
-                <SETTING><NAME>MWJava_Proj_projtype</NAME><VALUE>Applet</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_mainClassName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppCreator</NAME><VALUE>1463898714</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathVersion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathType</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_PathFormat</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_tree</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_HTMLAppWin32Name</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_compress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_useVM</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmarguments</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_vmName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJava_Proj_simPropFile</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "JavaDoc Project" panel -->
-                <SETTING><NAME>MWJavaDoc_Proj_Version</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Depricated</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Author</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Index</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Tree</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_SunResolveToSame</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Shortnames</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_Folder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_GenerateAPILinks</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_scope</NAME><VALUE>Public</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_fcreator</NAME><VALUE>1297303877</VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_encodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_decodingName</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWJavaDoc_Proj_javaPackagePath</NAME><VALUE>http://java.sun.com/products/jdk/1.1/docs/api/</VALUE></SETTING>
-
-                <!-- Settings for "MacOS Merge Panel" panel -->
-                <SETTING><NAME>MWMerge_MacOS_projectType</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputName</NAME><VALUE>Merge Out</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputCreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_outputType</NAME><VALUE>APPL</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_suppressWarning</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyFragments</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_copyResources</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flattenResource</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileName</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWMerge_MacOS_flatFileOutputPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMerge_MacOS_skipResources</NAME>
-                    <SETTING><VALUE>DGLX</VALUE></SETTING>
-                    <SETTING><VALUE>ckid</VALUE></SETTING>
-                    <SETTING><VALUE>Proj</VALUE></SETTING>
-                    <SETTING><VALUE>WSPC</VALUE></SETTING>
-                    <SETTING><VALUE>mcvs</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "Output Flags" panel -->
-                <SETTING><NAME>FileLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>ResourcesMapIsReadOnly</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PrinterDriverIsMultiFinderCompatible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Invisible</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBundle</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>NameLocked</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Stationery</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasCustomIcon</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Shared</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>HasBeenInited</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>Label</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>Comments</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "Packager Panel" panel -->
-                <SETTING><NAME>MWMacOSPackager_UsePackager</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_FolderToPackage</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreateClassicAlias</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasMethod</NAME><VALUE>UseTargetOutput</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_ClassicAliasPath</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWMacOSPackager_CreatePkgInfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgCreatorType</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWMacOSPackager_PkgFileType</NAME><VALUE>APPL</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_PPC_structalignment</NAME><VALUE>MC68K</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_tocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vectortocdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_PPC_vrsave</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC CodeGen Mach-O" panel -->
-                <SETTING><NAME>MWCodeGen_MachO_structalignment</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_tracebacktables</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_readonlystrings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_profiler</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_fpcontract</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_schedule</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_peephole</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_processorspecific</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_altivec</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_vrsave</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_common</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_MachO_implicit_templates</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Disassembler" panel -->
-                <SETTING><NAME>MWDisassembler_PPC_showcode</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_extended</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_mix</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_nohex</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showdata</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showexceptions</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_showsym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWDisassembler_PPC_shownames</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "PPC Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_PPC_optimizationlevel</NAME><VALUE>Level4</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_PPC_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "PPC Linker" panel -->
-                <SETTING><NAME>MWLinker_PPC_linksym</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_symfullpath</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmap</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_nolinkwarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_dontdeadstripinitcode</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_permitmultdefs</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_linkmode</NAME><VALUE>Fast</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_initname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_mainname</NAME><VALUE>__start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_PPC_termname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Linker" panel -->
-                <SETTING><NAME>MWLinker_MachO_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_mainname</NAME><VALUE>start</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_compatibleversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_symfullpath</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_supresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_multisymerror</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_prebind</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_deadstrip</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_objectivecsemantics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whichfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_whyfileloaded</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_readonlyrelocs</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_undefinedsymbols</NAME><VALUE>Errors</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_twolevelnamespace</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_MachO_stripdebugsymbols</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Mach-O Target" panel -->
-                <SETTING><NAME>MWProject_MachO_type</NAME><VALUE>Executable</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_outfile</NAME><VALUE>a.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_filetype</NAME><VALUE>MEXE</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stacksize</NAME><VALUE>64</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_stackaddress</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrc</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcfilename</NAME><VALUE>a.rsrc</VALUE></SETTING>
-                <SETTING><NAME>MWProject_MachO_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_MachO_installpath</NAME><VALUE>./</VALUE></SETTING>
-
-                <!-- Settings for "PPC PEF" panel -->
-                <SETTING><NAME>MWPEF_exports</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_libfolder</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sortcode</NAME><VALUE>None</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_expandbss</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_sharedata</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_olddefversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_oldimpversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_currentversion</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWPEF_fragmentname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWPEF_collapsereloads</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "PPC Project" panel -->
-                <SETTING><NAME>MWProject_PPC_type</NAME><VALUE>Library</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_outfile</NAME><VALUE>util.o</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filecreator</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_filetype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_size</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_minsize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_stacksize</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_symfilename</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcheader</NAME><VALUE>Native</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrctype</NAME><VALUE>????</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcflags</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcstore</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_rsrcmerge</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrc</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcoutputdir</NAME>
-                    <SETTING><NAME>Path</NAME><VALUE>:</VALUE></SETTING>
-                    <SETTING><NAME>PathFormat</NAME><VALUE>MacOS</VALUE></SETTING>
-                    <SETTING><NAME>PathRoot</NAME><VALUE>Project</VALUE></SETTING>
-                </SETTING>
-                <SETTING><NAME>MWProject_PPC_flatrsrcfilename</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "PPCAsm Panel" panel -->
-                <SETTING><NAME>MWAssembler_PPC_auxheader</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_symmode</NAME><VALUE>Mac</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_dialect</NAME><VALUE>PPC</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_prefixfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_typecheck</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_warnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWAssembler_PPC_casesensitive</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "Rez Compiler" panel -->
-                <SETTING><NAME>MWRez_Language_maxwidth</NAME><VALUE>80</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_script</NAME><VALUE>Roman</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_alignment</NAME><VALUE>Align1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filtermode</NAME><VALUE>FilterSkip</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_suppresswarnings</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_escapecontrolchars</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_prefixname</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWRez_Language_filteredtypes</NAME><VALUE>'CODE' 'DATA' 'PICT'</VALUE></SETTING>
-
-                <!-- Settings for "WinRC Compiler" panel -->
-                <SETTING><NAME>MWWinRC_prefixname</NAME><VALUE></VALUE></SETTING>
-
-                <!-- Settings for "x86 CodeGen" panel -->
-                <SETTING><NAME>MWCodeGen_X86_processor</NAME><VALUE>Generic</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_alignment</NAME><VALUE>bytes8</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_exceptions</NAME><VALUE>ZeroOverhead</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_mmx</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_3dnow</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_use_mmx_3dnow_convention</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_machinecodelisting</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_intrinsics</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_syminfo</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_codeviewinfo</NAME><VALUE>1</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_cmov_fcomi</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWCodeGen_X86_extinst_sse</NAME><VALUE>0</VALUE></SETTING>
-
-                <!-- Settings for "x86 Disassembler" panel -->
-                <SETTING><NAME>PDisasmX86_showHeaders</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSymTab</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showCode</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showSource</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showHex</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRelocation</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showComments</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showDebug</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showExceptions</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showData</NAME><VALUE>true</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_showRaw</NAME><VALUE>false</VALUE></SETTING>
-                <SETTING><NAME>PDisasmX86_verbose</NAME><VALUE>true</VALUE></SETTING>
-
-                <!-- Settings for "x86 Exceptions Panel" panel -->
-                <SETTING><NAME>MWDebugger_X86_Exceptions</NAME>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                    <SETTING><VALUE>0</VALUE></SETTING>
-                </SETTING>
-
-                <!-- Settings for "x86 Global Optimizer" panel -->
-                <SETTING><NAME>GlobalOptimizer_X86_optimizationlevel</NAME><VALUE>Level0</VALUE></SETTING>
-                <SETTING><NAME>GlobalOptimizer_X86_optfor</NAME><VALUE>Speed</VALUE></SETTING>
-
-                <!-- Settings for "x86 Linker" panel -->
-                <SETTING><NAME>MWLinker_X86_entrypointusage</NAME><VALUE>Default</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_entrypoint</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsystem</NAME><VALUE>WinGUI</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysmajorid</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_subsysminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrmajorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_usrminorid</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_commandfile</NAME><VALUE></VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_generatemap</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linksym</NAME><VALUE>0</VALUE></SETTING>
-                <SETTING><NAME>MWLinker_X86_linkCV</NAME><VALUE>1</VALUE></SETTING>
-
-                <!-- Settings for "x86 Project" panel -->
-                <SETTING><NAME>MWProject_X86_type</NAME><VALUE>Application</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_outfile</NAME><VALUE>noname.exe</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_baseaddress</NAME><VALUE>4194304</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_maxstacksize</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minstacksize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_size</NAME><VALUE>1024</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_minsize</NAME><VALUE>4</VALUE></SETTING>
-                <SETTING><NAME>MWProject_X86_importlib</NAME><VALUE></VALUE></SETTING>
-                <PANELDATA><NAME>xpidl Settings</NAME><VALUE>
-                    0001000101000000000000000000000000000000000000000000000000000000
-                    0000000000000000
-                </VALUE></PANELDATA>
-            </SETTINGLIST>
-            <FILELIST>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dersubr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dertime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssilock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsslocks.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssrwlk.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>portreg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqgutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secalgid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secdig.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secitem.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secoid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secport.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sectime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-                <FILE>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                    <FILEKIND>Text</FILEKIND>
-                    <FILEFLAGS></FILEFLAGS>
-                </FILE>
-            </FILELIST>
-            <LINKORDER>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derdec.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>derenc.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dersubr.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>dertime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssb64e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssilock.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nsslocks.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>nssrwlk.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>portreg.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>pqgutil.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secalgid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1d.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1e.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secasn1u.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secdig.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secinit.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secitem.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secoid.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>secport.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>sectime.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-                <FILEREF>
-                    <PATHTYPE>Name</PATHTYPE>
-                    <PATH>utf8.c</PATH>
-                    <PATHFORMAT>MacOS</PATHFORMAT>
-                </FILEREF>
-            </LINKORDER>
-        </TARGET>
-    </TARGETLIST>
-
-    <TARGETORDER>
-        <ORDEREDTARGET><NAME>utilDebug.o</NAME></ORDEREDTARGET>
-        <ORDEREDTARGET><NAME>util.o</NAME></ORDEREDTARGET>
-    </TARGETORDER>
-
-    <GROUPLIST>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>derdec.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>derenc.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>dersubr.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>dertime.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>nssb64d.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>nssb64e.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>nssilock.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>nsslocks.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>nssrwlk.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>portreg.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>pqgutil.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secalgid.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secasn1d.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secasn1e.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secasn1u.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secdig.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secinit.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secitem.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secoid.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>secport.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>sectime.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-        <FILEREF>
-            <TARGETNAME>utilDebug.o</TARGETNAME>
-            <PATHTYPE>Name</PATHTYPE>
-            <PATH>utf8.c</PATH>
-            <PATHFORMAT>MacOS</PATHFORMAT>
-        </FILEREF>
-    </GROUPLIST>
-
-</PROJECT>
diff --git a/security/nss/makefile.win b/security/nss/makefile.win
deleted file mode 100644
index 332059a3f..000000000
--- a/security/nss/makefile.win
+++ /dev/null
@@ -1,100 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# An NMAKE file to set up and adjust NSS's build system for
-# Client build.  Client build should invoke NMAKE on this file
-# instead of invoking gmake directly.
-#
-
-DEPTH = ..\..
-include <$(DEPTH)\config\config.mak>
-
-GMAKE = gmake.exe
-
-GMAKE_FLAGS = OBJDIR_NAME=$(OBJDIR) MOZILLA_CLIENT=1
-GMAKE_FLAGS = $(GMAKE_FLAGS) MOZILLA_INCLUDES="-I$(MOZ_SRC:\=/)/mozilla/dist/include/nspr -I$(MOZ_SRC:\=/)/mozilla/dist/include/dbm"
-
-#
-# The Client's debug build uses MSVC's debug runtime library (/MDd).
-#
-
-!ifndef MOZ_DEBUG
-GMAKE_FLAGS = $(GMAKE_FLAGS) BUILD_OPT=1
-!endif
-
-!if "$(MOZ_BITS)" == "16"
-GMAKE_FLAGS = $(GMAKE_FLAGS) OS_TARGET=WIN16
-!else
-
-GMAKE_FLAGS = $(GMAKE_FLAGS) OS_TARGET=WIN95
-!ifdef MOZ_DEBUG
-!ifndef MOZ_NO_DEBUG_RTL
-GMAKE_FLAGS = $(GMAKE_FLAGS) USE_DEBUG_RTL=1
-!endif
-!endif
-
-!endif
- 
-#
-# The rules.  Simply invoke gmake with the same target.
-# The default target is 'all'.  For Win16, set up the
-# environment to use the Watcom compiler, Watcom headers,
-# and Watcom libs.
-#
-
-all:: export libs install
-
-install:: moz_import install_roots
-
-depend::
-	$(GMAKE) -C lib $(GMAKE_FLAGS) clean
-
-export libs install clobber clobber_all clean::
-!if "$(MOZ_BITS)" == "16"
-	set PATH=%WATCPATH%
-	set INCLUDE=%WATC_INC%
-	set LIB=%WATC_LIB%
-!endif
-	$(GMAKE) -C lib $(GMAKE_FLAGS) $@
-!if "$(MOZ_BITS)" == "16"
-	set PATH=%MSVCPATH%
-	set INCLUDE=%MSVC_INC%
-	set LIB=%MSVC_LIB%
-!endif
-
-moz_import::
-	copy $(DIST)\lib\dbm32.lib $(DIST)\lib\dbm.lib
-
-install_roots::
-	$(MAKE_INSTALL) $(DIST)\lib\nssckbi.dll $(DIST)\bin
diff --git a/security/nss/manifest.mn b/security/nss/manifest.mn
deleted file mode 100644
index 97533f29e..000000000
--- a/security/nss/manifest.mn
+++ /dev/null
@@ -1,44 +0,0 @@
-# 
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ..
-DEPTH      = ..
-
-IMPORTS =	nspr20/v4.2 \
-		dbm/DBM_1_61_RTM \
-		$(NULL)
-
-RELEASE = security
-
-DIRS = lib cmd
-
-
diff --git a/security/nss/relnotes.txt b/security/nss/relnotes.txt
deleted file mode 100644
index c0998655b..000000000
--- a/security/nss/relnotes.txt
+++ /dev/null
@@ -1,284 +0,0 @@
-HCL Users,
-
-HCL 1.5.7 has been released.  It fixes a very small list of bugs that
-were found since HCL 1.5.6 was released, and contains no new features or 
-public API changes.  The list of bugs fixed in HCL 1.5.7 is below.  
-The release notes for HCL 1.5.6 are appended to these notes.  
-
-ALL SERVERS should abandon HCL 1.5.6 and switch to HCL 1.5.7 ASAP.
-The reasons for this strong recommendation should be self apparent after
-reading the list of bugs fixed.
-
-We recommend that all sources that include HCL headers be recompiled 
-with the new HCL 1.5.7 headers.  This is only a precaution.
-
-
-Security Library 1.57
-Build Date: 19980902
-
-****************************************************************
-**
-**  NOTE:  THIS RELEASE IS NOT BINARY COMPATIBLE WITH 1.55
-**  	   AND ANY APPLICATION CODE WILL HAVE TO BE RECOMPILED
-**
-****************************************************************
-
-
-****************************************************************
-**
-**  Directory organization of this release
-**
-****************************************************************
-
-This release consists of the following:
-- a JAR file, xpheader.jar, that contains all of the public header files.
-
-- <platform> directories: where <platform> is of the form
-  <os-name><os-version>[_<compiler>][_<implementation strategy>]_<DBG/OPT>.OBJ
-  For example,
-      IRIX6.2_DBG.OBJ (debug build)
-      SunOS5.5.1_OPT.OBJ (optimized build)
-      SunOS5.5.1_gcc_DBG.OBJ (built using the non-native compiler gcc)
-      OSF1V4.0_PTH_DBG.OBJ (PTH means the implementation uses pthreads.)
-      AIX4.1_PTH_USER_DBG.OBJ (PTH_USER means the implementation is
-          a combination of user-level threads and pthreads.)
-
-  Under each <platform> directory, is the file, mdbinary.jar.  This is a
-  JAR file containing the compiled libraries.
-
-
-************************************************************
-**
-**  Platforms supported
-**
-************************************************************
-
-The following platforms are supported:
-- Solaris on sparc: 2.5.1, 2.6 (built with cc) 
-- IRIX: 6.2, 6.3 (built with cc)
-- HP-UX: B.10.10, B10.20, B11.00 (built with cc)
-- OSF1: V4.0D (built with cc)
-- AIX: 4.2 (built with compiler xlC_r).
-- Linux: 2.1.108
-- WINNT: 4.0 (Visual C++ 4.2 built with and without debug runtime)
-
-
-************************************************************
-**
-**  How to build the libraries yourself
-**
-************************************************************
-This release of HCL depends on NSPR version 19980529A and 
-DBM version DBM_1_53.
-
-To build the libraries yourself, execute the following instructions.
-
-On UNIX machines:
-	cvs co -r HCL_157 ns/security
-	cvs co -r HCL_157 ns/coreconf
-	cd ns/coreconf
-	source ./.cshrc
-	gmake [BUILD_OPT=1]
-	cd ..
-	cd security
-	gmake [BUILD_OPT=1] import
-	gmake [BUILD_OPT=1]
-
-On Windows NT machines:
-	cvs co -r HCL_157 ns/security
-	cvs co -r HCL_157 ns/coreconf
-	cd ns/security
-	gmake [BUILD_OPT=1] import
-	gmake [BUILD_OPT=1]
-
-For IRIX builds using -n32 flag with pthreads:
-	cvs co -r HCL_157 ns/security
-	cvs co -r HCL_157 ns/coreconf
-	cd ns/coreconf
-	source ./.cshrc
-	gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1]
-	cd ..
-	cd security
-	gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1] import
-	gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1]
-
-	
-************************************************************
-**
-**  Web site, mailing lists, questions, bug reports
-**
-************************************************************
-
-You can find information about the Security Libraries at the Hardcore Web
-site: http://warp/projects/hardcore/
-
-If you have any questions regarding SSL or the HCL libraries, please refer to the 
-following documents:  
-	http://twain.mcom.com/developer/security/nss/ssl/index.htm
-	http://twain.mcom.com/developer/security/nss/index.htm
-
-There is a mailing list for HCL issues:
-  - hcl: the developers of HCL.
-
-Please use BugSplat on scopus (http://scopus/bugsplat) to report
-bugs.  Choose product "Security Library", version "1.5".
-
-
-Here's how/where to get HCL 1.5.7:
-
-bits are available at
-/m/dist/security/19980902  a.k.a.  /m/dist/security/HCL_1_57
-
-\\helium\dist\security\19980902  or \\helium\dist\security\HCL_1_57
-
-
-Here is the list of bugs fixed in HCL 1.5.7:
-a) Thread safety-related crash in cert lib.
-
-b) Thread safety-related problems in NSPR's PL_Arena code.  
-   Worked around by surrounding all HCL's PL_Arena calls with a lock/unlock.
-   Applications that make their own calls to NSPR's PL_Arena functions or 
-   that use other non-HCL libraries that use PL_Arenas may continue to have 
-   thread-safety issues with PL_Arenas.
-
-c) Fixed a regression in PKCS#11 in HCL 1.5.6 that caused a crash the 
-   first time a server received a bleichenbacker attack ("million question")
-   message.
-
-See the HCL 1.5.6 release notes below for the list of known bugs in 1.5.7.
-
-
-Here is a list of the bugs fixed in HCL 1.5.6:
-
-312467 SSL3 uses global pointers for step-down keys, leaks keys  
-314392 CERT_DestroyCertificate locking code causes nested locking  
-314571 Memory leak in SSL  
-314574 HCL Leaks in PKCS #11.  
-314576 Memory leak in pseudo-prime test in libcrypto  
-314585 SSL's PR_AcceptRead returns non-aligned PRNetAddr  
-314592 pkcs5 leaks two memory blocks for each RSA private key op  
-314596 random number generator causes Unitialized Memory Reads  
-
-------------------------------------------------------------------------
-                   HCL 1.5.6 Readme (release notes)
-------------------------------------------------------------------------
-
-This file summarizes enhancements, fixed and known bugs in HCL 1.5.6.
-
-For detailed instructions on setting up your environment to run the
-sample code in the samples directory, see Chapter 2, "Getting Started
-with SSL" (doc/ssl/gtstd.htm) of the SSL Reference (doc/ssl/index.htm).
-
-
-ENHANCEMENTS SINCE NSS 1.5.4
-
-1. SSL returns much more detailed error messages; for details, see 
-doc/ssl/sslerr.htm
-
-SSL BUGS FIXED SINCE HCL 1.5.4
-
-1. The "million question" bug in SSL has been fixed.
-
-2.  A potential problem (on Unix only) with SSL_InitSessionIDCache has
-been fixed.  The application chooses the directory into which the SSL
-library places the server session cache.  If the application doesn't
-specify a directory explicitly, the code defaults to using the system
-default "temporary" directory, which is generally world-writable.  The
-problem that was fixed occured only when the application chose to put
-the session cache files into a directory writable by untrusted users.
-If the application put the cache files in a directory that has
-appropriate limits on access, there was no problem.  But if the
-application put the cache files into a directory that was world
-writable, it was possible for a rogue program to try to substitute a
-file it already had open for the server's cache file, and it would
-succeed some of the time.  When it succeeded, it had access to the
-content of the session ID cache, which enabled it to do various bad
-things, such as masquerade as one of the remote clients whose session
-was in the cache.
-
-The above problem with the Unix version of SSL_InitSessionIDCachehas
-been fixed, and rogue programs cannot succeed in substituting their own
-files for the server's files any more.
-
-3.  Client no longer rejects SSL ServerKeyExchange when server's
-certificate key size is 512 bits.
-
-4.  Server no longer crashes in SSL after required client authentication
-fails.
-
-5.  A problem that was causing crashes when multiple threads
-simultaneously requested client authentication on their respective
-server sockets has been fixed.
-
-6.  The following functions now work with SSL sockets:
-
-   PR_Write
-   PR_TransmitFile
-   PR_AcceptRead
-
-7. SSL now accepts client hellos that are too long.
- 
-8.  A problem that produced bad results when multiple threads
-simultaneously used the random number generator has been fixed.
-
-
-
-KNOWN BUGS IN HCL 1.5.6:
-
-1.  A crash may occur when multiple processes attempt to share a server
-session ID cache.  Because of this bug, an application that handshakes
-as a server is limited to conducting all SSL calls in a single process.
-
-2. Removing a token does not invalidate the client-side session cache.
-
-3.  While a handshake is in progress on an SSL socket, it is not safe
-for two threads to attempt simultaneous read and write calls (PR_Recv
-and PR_Send) on that socket.  Workaround: ensure that only one thread
-uses an SSL socket at a time.
-
-We expect the above 3 bugs will be fixed in a forthcoming release.
-
-SSL v2 issues in HCL 1.5.x:
-
-1.  SSL_RedoHandshake only works on SSL3 connections, not SSL2.  The
-SSL2 protocol does not permit additional handshakes on the connection
-after the first one is done.  Ergo, if a client certificate is to be
-requested in an SSL2 connection, it must be requested on the initial
-handshake.
-
-2.  HCL's SSL2 ignores the setting of the SSL_REQUIRE_CERTIFICATE
-enable.  When SSL_REQUEST_CERTIFICATE is enabled, SSL2 behaves as if
-SSL_REQUIRE_CERTIFICATE is also enabled, regardless of the actual
-setting of the SSL_REQUIRE_CERTIFICATE enable.
-
-3.  HCL's SSL2 server code doesn't call the bad cert handler callback
-when the authCert callback returns an error.  The ssl2 client code DOES
-use the badcerthandler callback, but the ssl2 server code does not.
-This means that if the server's authCert callback returns SECFailure,
-rejecting the client cert received on an SSL2 connection, the
-badCerthandler cannot override it.
-
-4.  HCL's SSL2 server code never caches the client cert.  Consequently,
-if an SSL2 server is configured to request the client cert, it must ask
-the client for the client cert on every connection, not just on the
-first connection in the "session".   The SSL2 client must provide the
-cert in every SSL2 connection that requests it.  If the user has set the
-"ask me every time" option for his certs, he will get prompted a LOT.
-
-Item 1 above is not a bug.  That's the way ssl2 is defined.  Items 2-4
-are limitations of our implementation.  TomW says client auth in ssl2
-was never officially supported (although it is mostly implemented).
-
-Recommended workaround for SSL2 issues:
-
-a) Don't expect client auth to work for SSL2 users.
-b) Don't request client auth in the initial handshake.  Request it in a
-subsequent handshake (e.g. set SSL_REQUEST_CERTIFICATE and call 
-SSL_RedoHandshake() on SSL3 connections.  This will completely avoid 
-client auth problems with SSL2.  
-
-For some time now, we've been suggesting that servers request client
-auth on a second handshake, not the first handshake in the connection.
-If they do that, then they will never get client certs from ssl2
-clients.  That is a good thing.  
-
diff --git a/security/nss/tests/all.sh b/security/nss/tests/all.sh
deleted file mode 100755
index 7fabc4863..000000000
--- a/security/nss/tests/all.sh
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/all.sh
-#
-# Script to start all available NSS QA suites on one machine
-# this script is called or sourced by nssqa which runs on all required 
-# platforms
-#
-# needs to work on all Unix and Windows platforms
-#
-# currently available NSS QA suites:
-# --------------------------------------------------
-#   cert.sh   - exercises certutil and creates certs necessary for all 
-#               other tests
-#   ssl.sh    - tests SSL V2 SSL V3 and TLS
-#   smime.sh  - S/MIME testing
-#   sdr.sh    - test NSS SDR
-#   cipher.sh - test NSS ciphers
-#   perf.sh   - Nightly performance measurments
-#   tools.sh  - Tests the majority of the NSS tools
-#   fips.sh   - Tests basic functionallity of NSS in FIPS-compliant mode
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-# NOTE:
-# -----
-#    Unlike the old QA this is based on files sourcing each other
-#    This is done to save time, since a great portion of time is lost
-#    in calling and sourcing the same things multiple times over the
-#    network. Also, this way all scripts have all shell function  available
-#    and a completely common environment
-#
-# file tells the test suite that the output is going to a log, so any
-#  forked() children need to redirect their output to prevent them from
-#  being over written.
-#
-########################################################################
-
-TESTS="cert ssl sdr cipher smime perf tools fips dbtests"
-SCRIPTNAME=all.sh
-CLEANUP="${SCRIPTNAME}"
-cd `dirname $0`	# will cause problems if sourced 
-
-#all.sh should be the first one to try to source the init 
-if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-    cd common
-    . ./init.sh
-fi
-
-if [ -z "O_CRON" -o "$O_CRON" != "ON" ]
-then
-    tail -f ${LOGFILE}  &
-    TAILPID=$!
-fi
-
-for i in ${TESTS}
-do
-    SCRIPTNAME=${i}.sh
-    echo "Running Tests for $i"
-    (cd ${QADIR}/$i ; . ./$SCRIPTNAME all file >> ${LOGFILE} 2>&1)
-done
-
-SCRIPTNAME=all.sh
-
-if [ -z "O_CRON" -o "$O_CRON" != "ON" ]
-then
-    kill ${TAILPID}
-    if [ -n "$os_name" -a "$os_name" = "Windows" ]
-    then
-        echo "MKS special - killing the tail -f"
-        kill `ps | grep "tail -f ${LOGFILE}" | grep -v grep | 
-            sed -e "s/^ *//" -e "s/ .*//"`
-    fi
-fi
-
-. ${QADIR}/common/cleanup.sh
diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh
deleted file mode 100755
index 05e602d38..000000000
--- a/security/nss/tests/cert/cert.sh
+++ /dev/null
@@ -1,638 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-########################################################################
-#
-# mozilla/security/nss/tests/cert/rcert.sh
-#
-# Certificate generating and handeling for NSS QA, can be included 
-# multiple times from all.sh and the individual scripts
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-#   all.sh
-#   ssl.sh
-#   smime.sh
-#   tools.sh
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-# FIXME - Netscape - NSS
-########################################################################
-
-############################## cert_init ###############################
-# local shell function to initialize this script
-########################################################################
-cert_init()
-{
-  SCRIPTNAME="cert.sh"
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-  if [ -z "${INIT_SOURCED}" ] ; then
-      cd ../common
-      . ./init.sh
-  fi
-  SCRIPTNAME="cert.sh"
-  html_head "Certutil Tests"
-
-  ################## Generate noise for our CA cert. ######################
-  # NOTE: these keys are only suitable for testing, as this whole thing 
-  # bypasses the entropy gathering. Don't use this method to generate 
-  # keys and certs for product use or deployment.
-  #
-  ps -efl > ${NOISE_FILE} 2>&1
-  ps aux >> ${NOISE_FILE} 2>&1
-  noise
-
-}
-
-cert_log() ######################    write the cert_status file
-{
-    echo "$SCRIPTNAME $*"
-    echo $* >>${CERT_LOG_FILE}
-}
-
-################################ noise ##################################
-# Generate noise for our certs
-#
-# NOTE: these keys are only suitable for testing, as this whole thing bypasses
-# the entropy gathering. Don't use this method to generate keys and certs for
-# product use or deployment.
-#########################################################################
-noise()
-{
-    #netstat >> ${NOISE_FILE} 2>&1
-    date >> ${NOISE_FILE} 2>&1
-}
-
-################################ certu #################################
-# local shell function to call certutil, also: writes action and options to
-# stdout, sets variable RET and writes results to the html file results
-########################################################################
-certu()
-{
-    echo "$SCRIPTNAME: ${CU_ACTION} --------------------------"
-
-    if [ -n "${CU_SUBJECT}" ]; then
-        #the subject of the cert contains blanks, and the shell 
-        #will strip the quotes off the string, if called otherwise...
-        echo "certutil -s \"${CU_SUBJECT}\" $*"
-        certutil -s "${CU_SUBJECT}" $*
-        RET=$?
-        CU_SUBJECT=""
-    else
-        echo "certutil $*"
-        certutil $*
-        RET=$?
-    fi
-    if [ "$RET" -ne 0 ]; then
-        CERTFAILED=$RET
-        html_failed "<TR><TD>${CU_ACTION} ($RET) " 
-        cert_log "ERROR: ${CU_ACTION} failed $RET"
-    else
-        html_passed "<TR><TD>${CU_ACTION}"
-    fi
-
-    # echo "Contine?"
-    # cat > /dev/null
-    return $RET
-}
-
-############################# cert_init_cert ##########################
-# local shell function to initialize creation of client and server certs
-########################################################################
-cert_init_cert()
-{
-    CERTDIR="$1"
-    CERTNAME="$2"
-    CERTSERIAL="$3"
-    DOMAIN="$4"
-
-    if [ ! -d "${CERTDIR}" ]; then
-        mkdir -p "${CERTDIR}"
-    else
-        echo "$SCRIPTNAME: WARNING - ${CERTDIR} exists"
-    fi
-    cd "${CERTDIR}"
-    CERTDIR="." 
-
-    PROFILEDIR=${CERTDIR}
-    if [ -n "${MULTIACCESS_DBM}" ]; then
-	PROFILEDIR="multiaccess:${DOMAIN}"
-    fi
-
-    noise
-}
-
-############################# hw_acc #################################
-# local shell function to add hw accelerator modules to the db
-########################################################################
-hw_acc()
-{
-    HW_ACC_RET=0
-    HW_ACC_ERR=""
-    if [ -n "$O_HWACC" -a "$O_HWACC" = ON -a -z "$USE_64" ] ; then
-        echo "creating $CERTNAME s cert with hwaccelerator..."
-        #case $ACCELERATOR in
-        #rainbow)
-   
-
-        echo "modutil -add rainbow -libfile /usr/lib/libcryptoki22.so "
-        echo "         -dbdir ${PROFILEDIR} 2>&1 "
-        echo | modutil -add rainbow -libfile /usr/lib/libcryptoki22.so \
-            -dbdir ${PROFILEDIR} 2>&1 
-        if [ "$?" -ne 0 ]; then
-            echo "modutil -add rainbow failed in `pwd`"
-            HW_ACC_RET=1
-            HW_ACC_ERR="modutil -add rainbow"
-        fi
-    
-        echo "modutil -add ncipher "
-        echo "         -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so "
-        echo "         -dbdir ${PROFILEDIR} 2>&1 "
-        echo | modutil -add ncipher \
-            -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so \
-            -dbdir ${PROFILEDIR} 2>&1 
-        if [ "$?" -ne 0 ]; then
-            echo "modutil -add ncipher failed in `pwd`"
-            HW_ACC_RET=`expr $HW_ACC_RET + 2`
-            HW_ACC_ERR="$HW_ACC_ERR,modutil -add ncipher"
-        fi
-        if [ "$HW_ACC_RET" -ne 0 ]; then
-            html_failed "<TR><TD>Adding HW accelerators to certDB for ${CERTNAME} ($HW_ACC_RET) " 
-        else
-            html_passed "<TR><TD>Adding HW accelerators to certDB for ${CERTNAME}"
-        fi
-
-    fi
-    return $HW_ACC_RET
-}
-
-############################# cert_create_cert #########################
-# local shell function to create client certs 
-#     initialize DB, import
-#     root cert
-#     add cert to DB
-########################################################################
-cert_create_cert()
-{
-    cert_init_cert "$1" "$2" "$3" "$4"
-
-    CU_ACTION="Initializing ${CERTNAME}'s Cert DB"
-    certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-    if [ "$RET" -ne 0 ]; then
-        return $RET
-    fi
-    hw_acc
-    CU_ACTION="Import Root CA for $CERTNAME"
-    certu -A -n "TestCA" -t "TC,TC,TC" -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-          -i "${R_CADIR}/root.cert" 2>&1
-    if [ "$RET" -ne 0 ]; then
-        return $RET
-    fi
-    cert_add_cert
-    return $?
-}
-
-############################# cert_add_cert ############################
-# local shell function to add client certs to an existing CERT DB
-#     generate request
-#     sign request
-#     import Cert
-#
-########################################################################
-cert_add_cert()
-{
-
-    CU_ACTION="Generate Cert Request for $CERTNAME"
-    CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-    certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-    if [ "$RET" -ne 0 ]; then
-        return $RET
-    fi
-
-    CU_ACTION="Sign ${CERTNAME}'s Request"
-    certu -C -c "TestCA" -m "$CERTSERIAL" -v 60 -d "${P_R_CADIR}" \
-          -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1
-    if [ "$RET" -ne 0 ]; then
-        return $RET
-    fi
-
-    CU_ACTION="Import $CERTNAME's Cert"
-    certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-          -i "${CERTNAME}.cert" 2>&1
-    if [ "$RET" -ne 0 ]; then
-        return $RET
-    fi
-
-    cert_log "SUCCESS: $CERTNAME's Cert Created"
-    return 0
-}
-
-################################# cert_all_CA ################################
-# local shell function to build the additional Temp. Certificate Authority (CA)
-# used for the "real life" ssl test with 2 different CA's in the
-# client and in teh server's dir
-##########################################################################
-cert_all_CA()
-{
-    echo nss > ${PWFILE}
-
-    ALL_CU_SUBJECT="CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-    cert_CA $CADIR TestCA -x "CTu,CTu,CTu" ${D_CA}
-
-    ALL_CU_SUBJECT="CN=NSS Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
-    cert_CA $SERVER_CADIR serverCA -x "Cu,Cu,Cu" ${D_SERVER_CA}
-    ALL_CU_SUBJECT="CN=NSS Chain1 Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
-    cert_CA $SERVER_CADIR chain-1-serverCA "-c serverCA" "u,u,u" ${D_SERVER_CA}
-    ALL_CU_SUBJECT="CN=NSS Chain2 Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
-    cert_CA $SERVER_CADIR chain-2-serverCA "-c chain-1-serverCA" "u,u,u" ${D_SERVER_CA}
-
-
-
-    ALL_CU_SUBJECT="CN=NSS Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
-    cert_CA $CLIENT_CADIR clientCA -x "Tu,Cu,Cu" ${D_CLIENT_CA}
-    ALL_CU_SUBJECT="CN=NSS Chain1 Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
-    cert_CA $CLIENT_CADIR chain-1-clientCA "-c clientCA" "u,u,u" ${D_CLIENT_CA}
-    ALL_CU_SUBJECT="CN=NSS Chain2 Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US"
-    cert_CA $CLIENT_CADIR chain-2-clientCA "-c chain-1-clientCA" "u,u,u" ${D_CLIENT_CA}
-
-    rm $CLIENT_CADIR/root.cert $SERVER_CADIR/root.cert
-    # root.cert in $CLIENT_CADIR and in $SERVER_CADIR is the one of the last 
-    # in the chain
-}
-
-################################# cert_CA ################################
-# local shell function to build the Temp. Certificate Authority (CA)
-# used for testing purposes, creating  a CA Certificate and a root cert
-##########################################################################
-cert_CA()
-{
-  CUR_CADIR=$1
-  NICKNAME=$2
-  SIGNER=$3
-  TRUSTARG=$4
-  DOMAIN=$5
-
-  echo "$SCRIPTNAME: Creating a CA Certificate $NICKNAME =========================="
-
-  if [ ! -d "${CUR_CADIR}" ]; then
-      mkdir -p "${CUR_CADIR}"
-  fi
-  cd ${CUR_CADIR}
-  pwd
-
-  LPROFILE=.
-  if [ -n "${MULTIACCESS_DBM}" ]; then
-	LPROFILE="multiaccess:${DOMAIN}"
-  fi
-
-  if [ "$SIGNER" = "-x" ] ; then # self signed -> create DB
-      CU_ACTION="Creating CA Cert DB"
-      certu -N -d ${LPROFILE} -f ${R_PWFILE} 2>&1
-      if [ "$RET" -ne 0 ]; then
-          Exit 5 "Fatal - failed to create CA $NICKNAME "
-      fi
-      echo "$SCRIPTNAME: Certificate initialized ----------"
-  fi
-
-
-  ################# Creating CA Cert ######################################
-  #
-  CU_ACTION="Creating CA Cert $NICKNAME "
-  CU_SUBJECT=$ALL_CU_SUBJECT
-  certu -S -n $NICKNAME -t $TRUSTARG -v 60 $SIGNER -d ${LPROFILE} -1 -2 -5 \
-        -f ${R_PWFILE} -z ${R_NOISE_FILE} 2>&1 <<CERTSCRIPT
-5
-9
-n
-y
--1
-n
-5
-6
-7
-9
-n
-CERTSCRIPT
-
-  if [ "$RET" -ne 0 ]; then
-      echo "return value is $RET"
-      Exit 6 "Fatal - failed to create CA cert"
-  fi
-
-  ################# Exporting Root Cert ###################################
-  #
-  CU_ACTION="Exporting Root Cert"
-  certu -L -n  $NICKNAME -r -d ${LPROFILE} -o root.cert 
-  if [ "$RET" -ne 0 ]; then
-      Exit 7 "Fatal - failed to export root cert"
-  fi
-  cp root.cert ${NICKNAME}.ca.cert
-}
-
-############################## cert_smime_client #############################
-# local shell function to create client Certificates for S/MIME tests 
-##############################################################################
-cert_smime_client()
-{
-  CERTFAILED=0
-  echo "$SCRIPTNAME: Creating Client CA Issued Certificates =============="
-
-  cert_create_cert ${ALICEDIR} "Alice" 3 ${D_ALICE}
-  cert_create_cert ${BOBDIR} "Bob" 4  ${D_BOB}
-
-  echo "$SCRIPTNAME: Creating Dave's Certificate -------------------------"
-  cert_create_cert "${DAVEDIR}" Dave 5 ${D_DAVE}
-  #echo "************* Copying CA files to ${SERVERDIR}"
-  #cp ${CADIR}/*.db .
-  #hw_acc
-
-  #########################################################################
-  #
-  #cd ${CERTDIR}
-  #CU_ACTION="Creating ${CERTNAME}'s Server Cert"
-  #CU_SUBJECT="CN=${CERTNAME}, E=${CERTNAME}@bogus.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US"
-  #certu -S -n "${CERTNAME}" -c "TestCA" -t "u,u,u" -m "$CERTSERIAL" \
-  #	-d ${PROFILEDIR} -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1
-
-  #CU_ACTION="Export Dave's Cert"
-  #cd ${DAVEDIR}
-  #certu -L -n "Dave" -r -d ${P_R_DAVE} -o Dave.cert
-
-  ################# Importing Certificates for S/MIME tests ###############
-  #
-  echo "$SCRIPTNAME: Importing Certificates =============================="
-  CU_ACTION="Import Alices's cert into Bob's db"
-  certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \
-        -i ${R_ALICEDIR}/Alice.cert 2>&1
-
-  CU_ACTION="Import Bob's cert into Alice's db"
-  certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \
-        -i ${R_BOBDIR}/Bob.cert 2>&1
-
-  CU_ACTION="Import Dave's cert into Alice's DB"
-  certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \
-        -i ${R_DAVEDIR}/Dave.cert 2>&1
-
-  CU_ACTION="Import Dave's cert into Bob's DB"
-  certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \
-        -i ${R_DAVEDIR}/Dave.cert 2>&1
-
-  if [ "$CERTFAILED" != 0 ] ; then
-      cert_log "ERROR: SMIME failed $RET"
-  else
-      cert_log "SUCCESS: SMIME passed"
-  fi
-}
-
-############################## cert_ssl ################################
-# local shell function to create client + server certs for extended SSL test
-########################################################################
-cert_extended_ssl()
-{
-  ################# Creating Certs for extended SSL test ####################
-  #
-  CERTFAILED=0
-  echo "$SCRIPTNAME: Creating Certificates, issued by the last ==============="
-  echo "     of a chain of CA's which are not in the same database============"
-
-  echo "Server Cert"
-  cert_init_cert ${EXT_SERVERDIR} "${HOSTADDR}" 1 ${D_EXT_SERVER}
-
-  CU_ACTION="Initializing ${CERTNAME}'s Cert DB (ext.)"
-  certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-
-  CU_ACTION="Generate Cert Request for $CERTNAME (ext)"
-  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
-  CU_ACTION="Sign ${CERTNAME}'s Request (ext)"
-  cp ${CERTDIR}/req ${SERVER_CADIR}
-  certu -C -c "chain-2-serverCA" -m "$CERTSERIAL" -v 60 -d "${P_SERVER_CADIR}" \
-        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1
-
-  CU_ACTION="Import $CERTNAME's Cert  -t u,u,u (ext)"
-  certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-        -i "${CERTNAME}.cert" 2>&1
-
-  CU_ACTION="Import Client Root CA -t T,, for $CERTNAME (ext.)"
-  certu -A -n "clientCA" -t "T,," -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-          -i "${CLIENT_CADIR}/clientCA.ca.cert" 2>&1
-  echo "Importing all the server's own CA chain into the servers DB"
-  for CA in `find ${SERVER_CADIR} -name "?*.ca.cert"` ;
-  do
-      N=`basename $CA | sed -e "s/.ca.cert//"`
-      if [ $N = "serverCA" ] ; then
-          T="-t C,C,C"
-      else
-          T="-t u,u,u"
-      fi
-      CU_ACTION="Import $N CA $T for $CERTNAME (ext.) "
-      certu -A -n $N  $T -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-          -i "${CA}" 2>&1
-  done
-#============
-  echo "Client Cert"
-  cert_init_cert ${EXT_CLIENTDIR} ExtendedSSLUser 1 ${D_EXT_CLIENT}
-
-  CU_ACTION="Initializing ${CERTNAME}'s Cert DB (ext.)"
-  certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1
-
-  CU_ACTION="Generate Cert Request for $CERTNAME (ext)"
-  CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
-  certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
-
-  CU_ACTION="Sign ${CERTNAME}'s Request (ext)"
-  cp ${CERTDIR}/req ${CLIENT_CADIR}
-  certu -C -c "chain-2-clientCA" -m "$CERTSERIAL" -v 60 -d "${P_CLIENT_CADIR}" \
-        -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1
-
-  CU_ACTION="Import $CERTNAME's Cert -t u,u,u (ext)"
-  certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \
-        -i "${CERTNAME}.cert" 2>&1
-  CU_ACTION="Import Server Root CA -t C,C,C for $CERTNAME (ext.)"
-  certu -A -n "serverCA" -t "C,C,C" -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-          -i "${SERVER_CADIR}/serverCA.ca.cert" 2>&1
-  echo "Importing all the client's own CA chain into the servers DB"
-  for CA in `find ${CLIENT_CADIR} -name "?*.ca.cert"` ;
-  do
-      N=`basename $CA | sed -e "s/.ca.cert//"`
-      if [ $N = "clientCA" ] ; then
-          T="-t T,C,C"
-      else
-          T="-t u,u,u"
-      fi
-      CU_ACTION="Import $N CA $T for $CERTNAME (ext.)"
-      certu -A -n $N  $T -f "${R_PWFILE}" -d "${PROFILEDIR}" \
-          -i "${CA}" 2>&1
-  done
-  if [ "$CERTFAILED" != 0 ] ; then
-      cert_log "ERROR: EXT failed $RET"
-  else
-      cert_log "SUCCESS: EXT passed"
-  fi
-}
-
-############################## cert_ssl ################################
-# local shell function to create client + server certs for SSL test
-########################################################################
-cert_ssl()
-{
-  ################# Creating Certs for SSL test ###########################
-  #
-  CERTFAILED=0
-  echo "$SCRIPTNAME: Creating Client CA Issued Certificates ==============="
-  cert_create_cert ${CLIENTDIR} "TestUser" 6 ${D_CLIENT}
-
-  echo "$SCRIPTNAME: Creating Server CA Issued Certificate for \\"
-  echo "             ${HOSTADDR} ------------------------------------"
-  cert_create_cert ${SERVERDIR} "${HOSTADDR}" 1 ${D_SERVER}
-  certu -M -n "TestCA" -t "TC,TC,TC" -d ${PROFILEDIR}
-#  cert_init_cert ${SERVERDIR} "${HOSTADDR}" 1 ${D_SERVER}
-#  echo "************* Copying CA files to ${SERVERDIR}"
-#  cp ${CADIR}/*.db .
-#  hw_acc
-#  CU_ACTION="Creating ${CERTNAME}'s Server Cert"
-#  CU_SUBJECT="CN=${CERTNAME}, O=BOGUS Netscape, L=Mountain View, ST=California, C=US"
-#  certu -S -n "${CERTNAME}" -c "TestCA" -t "Pu,Pu,Pu" -d ${PROFILEDIR} \
-#	 -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1
-
-  if [ "$CERTFAILED" != 0 ] ; then
-      cert_log "ERROR: SSL failed $RET"
-  else
-      cert_log "SUCCESS: SSL passed"
-  fi
-}
-############################## cert_stresscerts ################################
-# local shell function to create client certs for SSL stresstest
-########################################################################
-cert_stresscerts()
-{
-
-  ############### Creating Certs for SSL stress test #######################
-  #
-  CERTDIR="$CLIENTDIR"
-  cd "${CERTDIR}"
-
-  PROFILEDIR=${CERTDIR}
-  if [ -n "${MULTIACCESS_DBM}" ]; then
-     PROFILEDIR="multiaccess:${D_CLIENT}"
-  fi
-  CERTFAILED=0
-  echo "$SCRIPTNAME: Creating Client CA Issued Certificates ==============="
-
-  CONTINUE=$GLOB_MAX_CERT
-  CERTSERIAL=10
-
-  while [ $CONTINUE -ge $GLOB_MIN_CERT ]
-  do
-      CERTNAME="TestUser$CONTINUE"
-      cert_add_cert ${CLIENTDIR} "TestUser$CONTINUE" $CERTSERIAL
-      CERTSERIAL=`expr $CERTSERIAL + 1 `
-      CONTINUE=`expr $CONTINUE - 1 `
-  done
-  if [ "$CERTFAILED" != 0 ] ; then
-      cert_log "ERROR: StressCert failed $RET"
-  else
-      cert_log "SUCCESS: StressCert passed"
-  fi
-}
-
-############################## cert_fips #####################################
-# local shell function to create certificates for FIPS tests 
-##############################################################################
-cert_fips()
-{
-  CERTFAILED=0
-  echo "$SCRIPTNAME: Creating FIPS 140-1 DSA Certificates =============="
-  cert_init_cert "${FIPSDIR}" "FIPS PUB 140-1 Test Certificate" 1000 "${D_FIPS}"
-
-  CU_ACTION="Initializing ${CERTNAME}'s Cert DB"
-  certu -N -d "${PROFILEDIR}" -f "${R_FIPSPWFILE}" 2>&1
-
-  echo "$SCRIPTNAME: Enable FIPS mode on database -----------------------"
-  modutil -dbdir ${PROFILEDIR} -fips true 2>&1 <<MODSCRIPT
-y
-MODSCRIPT
-  CU_ACTION="Enable FIPS mode on database for ${CERTNAME}"
-  if [ "$?" -ne 0 ]; then
-    html_failed "<TR><TD>${CU_ACTION} ($?) " 
-    cert_log "ERROR: ${CU_ACTION} failed $?"
-  else
-    html_passed "<TR><TD>${CU_ACTION}"
-  fi
-
-  CU_ACTION="Generate Certificate for ${CERTNAME}"
-  CU_SUBJECT="CN=${CERTNAME}, E=fips@bogus.com, O=BOGUS NSS, OU=FIPS PUB 140-1, L=Mountain View, ST=California, C=US"
-  certu -S -n ${FIPSCERTNICK} -x -t "Cu,Cu,Cu" -d "${PROFILEDIR}" -f "${R_FIPSPWFILE}" -k dsa -m ${CERTSERIAL} -z "${R_NOISE_FILE}" 2>&1
-  if [ "$RET" -eq 0 ]; then
-    cert_log "SUCCESS: FIPS passed"
-  fi
-}
-
-############################## cert_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cert_cleanup()
-{
-  cert_log "$SCRIPTNAME: finished $SCRIPTNAME"
-  html "</TABLE><BR>" 
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-################## main #################################################
-
-cert_init 
-cert_all_CA
-cert_extended_ssl 
-cert_ssl 
-cert_smime_client        
-cert_fips
-if [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
-    cert_stresscerts 
-    #following lines to be used when databases are to be reused
-    #cp -r /u/sonmi/tmp/stress/kentuckyderby.13/* $HOSTDIR
-    #cp -r $HOSTDIR/../${HOST}.2/* $HOSTDIR
-
-fi
-cert_cleanup
diff --git a/security/nss/tests/cipher/cipher.sh b/security/nss/tests/cipher/cipher.sh
deleted file mode 100755
index a90a9dbe4..000000000
--- a/security/nss/tests/cipher/cipher.sh
+++ /dev/null
@@ -1,115 +0,0 @@
-#! /bin/sh  
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/cipher/cipher.sh
-#
-# Script to test NSS ciphers
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## cipher_init #############################
-# local shell function to initialize this script
-########################################################################
-cipher_init()
-{
-  SCRIPTNAME="cipher.sh"
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-  if [ -z "${INIT_SOURCED}" ] ; then
-      cd ../common
-      . ./init.sh
-  fi
-  SCRIPTNAME="cipher.sh"
-  html_head "Cipher Tests"
-
-  CIPHERDIR=${HOSTDIR}/cipher
-  CIPHERTESTDIR=${QADIR}/../cmd/bltest
-  D_CIPHER="Cipher.$version"
-
-  CIPHER_TXT=${QADIR}/cipher/cipher.txt
-
-  mkdir -p ${CIPHERDIR}
-
-  cd ${CIPHERTESTDIR}
-  P_CIPHER=.
-  if [ -n "${MULTIACCESS_DBM}" ]; then
-    P_CIPHER="multiaccess:${D_CIPHER}"
-  fi
-}
-
-############################## cipher_main #############################
-# local shell function to test NSS ciphers
-########################################################################
-cipher_main()
-{
-  cat ${CIPHER_TXT} | while read EXP_RET PARAM TESTNAME
-  do
-      if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
-          PARAM=`echo $PARAM | sed -e "s/_-/ -/g"`
-          TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
-          echo "$SCRIPTNAME: $TESTNAME --------------------------------"
-          echo "bltest -T -m $PARAM -d ${P_CIPHER}"
-
-          bltest -T -m $PARAM -d ${P_CIPHER} 
-          html_msg $? $EXP_RET "$TESTNAME"
-      fi
-  done
-}
-
-############################## cipher_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cipher_cleanup()
-{
-  html "</TABLE><BR>"
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-################## main #################################################
-
-cipher_init
-cipher_main
-cipher_cleanup
diff --git a/security/nss/tests/cipher/cipher.txt b/security/nss/tests/cipher/cipher.txt
deleted file mode 100644
index 6965aa4d1..000000000
--- a/security/nss/tests/cipher/cipher.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# This file defines the cipher tests
-#
-# expected
-#   return	bltest		Test Case name
-#    value	params
-#  -------	----------	---------------
-	0	des_ecb_-E	DES_ECB_Encrypt
-	0	des_ecb_-D	DES_ECB_Decrypt
-	0	des_cbc_-E	DES_CBC_Encrypt
-	0	des_cbc_-D	DES_CBC_Decrypt
-	0	des3_ecb_-E	DES3_ECB_Encrypt
-	0	des3_ecb_-D	DES3_ECB_Decrypt
-	0	des3_cbc_-E	DES3_CBC_Encrypt
-	0	des3_cbc_-D	DES3_CBC_Decrypt
-	0	aes_ecb_-E	AES_ECB_Encrypt
-	0	aes_ecb_-D	AES_ECB_Decrypt
-	0	aes_cbc_-E	AES_CBC_Encrypt
-	0	aes_cbc_-D	AES_CBC_Decrypt
-	0	rc2_ecb_-E	RC2_ECB_Encrypt
-	0	rc2_ecb_-D	RC2_ECB_Decrypt
-	0	rc2_cbc_-E	RC2_CBC_Encrypt
-	0	rc2_cbc_-D	RC2_CBC_Decrypt
-	0	rc4_-E		RC4_Encrypt
-	0	rc4_-D		RC4_Decrypt
-	0	rsa_-E		RSA_Encrypt
-	0	rsa_-D		RSA_Decrypt
-	0	dsa_-S		DSA_Sign
-	0	dsa_-V		DSA_Verify
-	0	md2_-H		MD2_Hash
-	0	md5_-H		MD5_Hash
-	0	sha1_-H		SHA1_Hash
-	
diff --git a/security/nss/tests/cipher/dsa.txt b/security/nss/tests/cipher/dsa.txt
deleted file mode 100644
index 257d7ffe0..000000000
--- a/security/nss/tests/cipher/dsa.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the dsa performance tests
-#
-#
-# mode     keysize   bufsize   repetitions cxrepetitions
-  dsa        64         20         200         5
-  dsa        96         20         200         3
-  dsa       128         20         200         3
diff --git a/security/nss/tests/cipher/hash.txt b/security/nss/tests/cipher/hash.txt
deleted file mode 100644
index 17c6a41a1..000000000
--- a/security/nss/tests/cipher/hash.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the cryptographic hash performance tests
-#
-#
-# mode      bufsize   repetitions
-  md2        1024         1000
-  md5        1024         100000
-  sha1       1024         10000
diff --git a/security/nss/tests/cipher/performance.sh b/security/nss/tests/cipher/performance.sh
deleted file mode 100755
index 2a9e1258b..000000000
--- a/security/nss/tests/cipher/performance.sh
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/bin/sh  
-#
-# This is just a quick script so we can still run our testcases.
-# Longer term we need a scriptable test environment..
-#
-. ../common/init.sh
-CURDIR=`pwd`
-
-CIPHERDIR=${HOSTDIR}/cipher
-SKTESTS=${CURDIR}/symmkey.txt
-RSATESTS=${CURDIR}/rsa.txt
-DSATESTS=${CURDIR}/dsa.txt
-HASHTESTS=${CURDIR}/hash.txt
-SKPERFOUT=${CIPHERDIR}/skperfout.data
-RSAPERFOUT=${CIPHERDIR}/rsaperfout.data
-DSAPERFOUT=${CIPHERDIR}/dsaperfout.data
-HASHPERFOUT=${CIPHERDIR}/hashperfout.data
-PERFRESULTS=${HOSTDIR}/performance.html
-
-echo "<HTML><BODY>" >> ${PERFRESULTS}
-
-mkdir -p ${CIPHERDIR}
-cd ${CIPHERDIR}
-
-if [ -z $1 ]; then
-    TESTSET="all"
-else
-    TESTSET=$1
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "symmkey" ]; then
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>Symmetric Key Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>SYMMETRIC KEY SIZE (bits)</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-
-cat ${SKTESTS} | while read mode keysize bufsize reps cxreps
-do
-    if [ $mode != "#" ]; then
-	echo "bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps"
-	bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps >> ${SKPERFOUT}
-	mv "tmp.in" "$mode.in"
-	mv tmp.key $mode.key
-	if [ -f tmp.iv ]; then
-	    mv tmp.iv $mode.iv
-	fi
-	echo "bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.out"
-	bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.out >> ${SKPERFOUT}
-	echo "bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.inv"
-	bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.inv >> ${SKPERFOUT}
-    fi
-done
-
-cat ${SKPERFOUT} | while read md buf sk rps cxrps cx op
-do
-    if [ $md != "#" ]; then
-	echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$sk</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
-    fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "rsa" ]; then
-cat ${RSATESTS} | while read mode keysize bufsize exp reps cxreps
-do
-    if [ $mode != "#" ]; then
-	echo "bltest -N -m $mode -b $bufsize -e $exp -g $keysize -u $cxreps"
-	bltest -N -m $mode -b $bufsize -e $exp -g $keysize -u $cxreps >> ${RSAPERFOUT}
-	mv "tmp.in" "$mode.in"
-	mv tmp.key $mode.key
-	echo "bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out"
-	bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out >> ${RSAPERFOUT}
-	echo "bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.inv"
-	bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.inv >> ${RSAPERFOUT}
-    fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=7>RSA Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>KEY SIZE (bits)</TH><TH>PUBLIC EXPONENT</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${RSAPERFOUT} | while read md buf mod pe rps cxrps cx op
-do
-    if [ $md != "#" ]; then
-	echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$mod</TD><TD align=right>$pe</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
-    fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "dsa" ]; then
-cat ${DSATESTS} | while read mode keysize bufsize reps cxreps
-do
-    if [ $mode != "#" ]; then
-	echo "bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps"
-	bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps >> ${DSAPERFOUT}
-	mv "tmp.in" "$mode.in"
-	mv tmp.key $mode.key
-	echo "bltest -S -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out"
-	bltest -S -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out >> ${DSAPERFOUT}
-	echo "bltest -V -m $mode -f ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -i ${CIPHERDIR}/$mode.in -o ${CIPHERDIR}/$mode.out"
-	bltest -V -m $mode -f ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -i ${CIPHERDIR}/$mode.in -o ${CIPHERDIR}/$mode.out >> ${DSAPERFOUT}
-    fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>DSA Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>KEY SIZE (bits)</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${DSAPERFOUT} | while read md buf mod rps cxrps cx op
-do
-    if [ $md != "#" ]; then
-	echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$mod</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
-    fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "hash" ]; then
-cat ${HASHTESTS} | while read mode bufsize reps
-do
-    if [ $mode != "#" ]; then
-	echo "bltest -N -m $mode -b $bufsize"
-	bltest -N -m $mode -b $bufsize
-	mv "tmp.in" "$mode.in"
-	echo "bltest -H -m $mode -i ${CIPHERDIR}/$mode.in -p $reps -o ${CIPHERDIR}/$mode.out"
-	bltest -H -m $mode -i ${CIPHERDIR}/$mode.in -p $reps -o ${CIPHERDIR}/$mode.out >> ${HASHPERFOUT}
-    fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>Hash Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>REPETITIONS</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${HASHPERFOUT} | while read md buf rps cxrps cx op
-do
-    if [ $md != "#" ]; then
-	echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$rps</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
-    fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-#rm -f ${TEMPFILES}
-cd ${CURDIR}
-
-echo "</BODY></HTML>" >> ${PERFRESULTS}
diff --git a/security/nss/tests/cipher/rsa.txt b/security/nss/tests/cipher/rsa.txt
deleted file mode 100644
index 5508971e9..000000000
--- a/security/nss/tests/cipher/rsa.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the rsa performance tests
-#
-#
-# mode     keysize   bufsize   exponent  repetitions cxrepetitions
-  rsa        32         32       17          1000        5 
-  rsa        64         64        3          500         3 
-  rsa       128        128      65537        200         3 
diff --git a/security/nss/tests/cipher/symmkey.txt b/security/nss/tests/cipher/symmkey.txt
deleted file mode 100644
index 741f86880..000000000
--- a/security/nss/tests/cipher/symmkey.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# This file enables test coverage of the symmetric key performance tests
-#
-#
-# mode     keysize   bufsize   repetitions cxrepetitions
- des_ecb      8       8192       1000         100000
- des_cbc      8       8192       1000         100000
- des3_ecb    24       8192       1000         100000
- des3_cbc    24       8192       1000         100000
- rc2_ecb      5       8192       1000         100000
- rc2_ecb      8       8192       1000         100000
- rc2_ecb     16       8192       1000         100000
- rc2_cbc      5       8192       1000         100000
- rc2_cbc      8       8192       1000         100000
- rc2_cbc     16       8192       1000         100000
- rc4          5       8192       10000        100000
- rc4          8       8192       10000        100000
- rc4         16       8192       10000        100000
- rc4         24       8192       10000        100000
diff --git a/security/nss/tests/clean_tbx b/security/nss/tests/clean_tbx
deleted file mode 100755
index 4de955576..000000000
--- a/security/nss/tests/clean_tbx
+++ /dev/null
@@ -1,172 +0,0 @@
-#! /bin/perl
-
-#######################################################################
-#
-# /u/sonmi/bin/clean_tbx.pl
-#
-# this script is supposed to remove tinderbox  QA if:
-# QA has passed, there are 2+ newer QA dirs of the same machine and 
-#     platform (32/64) and it is older than 2 hours
-# QA has failed, there are 2+ newer QA dirsof the same machine and 
-#     platform (32/64) with _identical failures and it is older than 
-#     2 hours
-# directory is older than 48 hours
-#
-#######################################################################
-
-use Time::Local;
-
-$ANY_TBX_KEEP_HOURS=48;
-$NOT_FAILED_TBX_KEEP_HOURS=24;
-$PASSED_TBX_KEEP_HOURS=2;
-$IF_TBX_KEEP_HOURS=2;
-$PASSED_NEWER_DIRS=2;
-$IF_NEWER_DIRS=2;
-$verbose = 1;
-
-$TBX_TESTDIR="/share/builds/mccrel3/nss/nsstip/tinderbox/tests_results/security";
-$FTP_STAGE="/u/sonmi/tmp/ftp_stage/tinderbox";
-
-@tbx_dirs = ();  
-
-$eANY_TBX_KEEP=$ANY_TBX_KEEP_HOURS*60*60;
-$ePASSED_TBX_KEEP=$PASSED_TBX_KEEP_HOURS*60*60;
-$eIF_TBX_KEEP=$IF_TBX_KEEP_HOURS*60*60;
-$eNOT_FAILED_TBX_KEEP=$NOT_FAILED_TBX_KEEP_HOURS*60*60;
-
-$year, $month, $days, $hours, $minutes, $seconds;
-$efulldate=0;
-
-$fulldate=0;
-
-$no_bits="";
-$last_no_bits="";
-
-$host="";
-$last_host="";
-
-@tbx_dirs = `ls -r $TBX_TESTDIR`; #sort first by host, 
-                               #then 64, 
-                               #then newest - oldest
-debug ("found $#tbx_dirs directories ");
-
-($seconds, $minutes, $hours, $days, $month, $year) = localtime; 
-
-debug ("$seconds, $minutes, $hours, $days, $month, $year");
-
-$enow = timelocal(localtime);
-
-sub debug;
-sub warning;
-sub error;
-sub msg;
-sub init;
-sub check_tbx_dirs;
-
-sub check_tbx_dirs
-{
-    my $platform_idx=0; # counts directories per platform, newest 
-                        # to oldest (ignores incomplete)
-    my $passed_idx=0;   # counts passed  directories newest to oldest
-    my $QAstatus="unknown";
-    foreach $tbx_dir  (@tbx_dirs) {
-        $tbx_dir =~ s/\n//g;
-        $fulldate = $tbx_dir;
-        $fulldate =~ s/^.*-(20.*-..\...$)/$1/;
-        $day = $month = $year = $hour = $min = $fulldate;
-        $host = $tbx_dir;
-        $host =~ s/-20.*//;
-        $no_bits = $host;
-        $host =~ s/64$//;
-        $no_bits =~ s/.*64$/64/;
-        $no_bits =~ s/^[^6].*/other/;
-        $year =~ s/(....).*/$1/;
-        $month =~ s/....(..).*/$1/;
-        $day =~ s/......(..).*/$1/;
-        $hour =~ s/........-(..).*/$1/;
-        $min =~ s/.*\.(..)$/$1/;
-        
-
-        if ( -f "$TBX_TESTDIR/$tbx_dir/QAstatus" ) {
-            $QAstatus=`cat $TBX_TESTDIR/$tbx_dir/QAstatus 2>/dev/null`;
-            $QAstatus =~ s/\n$//g;
-        } else {
-            $QAstatus="unknown";
-        }
-
-        $efulldate = timelocal( 0, $min, $hour, $day, $month-1, $year-1900);
-        if ( "$host" !~ "$last_host" || "$no_bits" !~ "$last_no_bits" ) {
-            if ( $QAstatus !~ "QA running" ) {
-                $platform_idx = 0;
-            } else {
-                $platform_idx = -1;
-            }
-            $passed_idx = 0;
-
-            $last_host = $host;
-            $last_no_bits = $no_bits;
-        } else {
-            $platform_idx ++;
-            $passed_idx++ if ( $QAstatus =~ "QA passed" ) ;
-        }
-
-        debug ("$tbx_dir host $host date $fulldate bits $no_bits $year/$month/$day  $hour:$min QAstatus $QAstatus pli $platform_idx pai $passed_idx");
-
-        if ( $passed_idx > $PASSED_NEWER_DIRS && $QAstatus =~ "QA passed" ) {
-            $ekeeptime=$efulldate + $ePASSED_TBX_KEEP;
-            #($s, $m, $h, $d, $mo, $y) = localtime($ekeeptime);
-            #debug ("$passed_idx > $PASSED_NEWER_DIRS ekeeptime ($s, $m, $h, $d, $mo, $y) == $ekeeptime");
-             rm_tbx ("Passed $PASSED_TBX_KEEP_HOURS +  hours old") if ( $ekeeptime <= $enow );
-        } elsif ( $QAstatus !~ "QA failed" ) {
-            $ekeeptime=$efulldate + $eNOT_FAILED_TBX_KEEP;
-            rm_tbx ("Not failed $NOT_FAILED_TBX_KEEP_HOURS + hours old") if ( $ekeeptime <= $enow );
-	} else {
-            $ekeeptime=$efulldate + $eANY_TBX_KEEP;
-             rm_tbx ("Passed 2+ hours old") if ( $ekeeptime <= $enow );
-        }
-        if  ( $QAstatus =~ "QA failed" ) {
-            $ekeeptime=$efulldate + $eIF_TBX_KEEP;
-            #FIXME - compare to the previous failure by filtering and 
-            #FIXME diffing the results.html files (first grep failed)
-        }
-    }
-
-}
-
-sub rm_tbx()
-{
-
-debug ("DELETING $tbx_dir... (@_[0]) ");
-system("rm -rf $TBX_TESTDIR/$tbx_dir");
-#debug ("rm -rf $TBX_TESTDIR/$tbx_dir");
-
-}
-
-sub msg
-{
-    my $i;
-    for ($i = 0; $i <= $#_ ; $i++ ) {
-        print "@_[$i] ";
-    }
-    print "\n";
-
-}
-sub error
-{
-    msg ("ERROR:  " ,@_ );
-}
-
-sub warning
-{
-    msg ("WARNING:" ,@_ );
-}
-sub debug
-{
-    if ( $verbose == 1 ) {
-        msg ("DEBUG:  " ,@_ );
-    } elsif ( $verbose == 2 ) {
-        msg (@_ );
-    }
-}
-
-check_tbx_dirs;
diff --git a/security/nss/tests/common/Makefile b/security/nss/tests/common/Makefile
deleted file mode 100644
index 1d14e4233..000000000
--- a/security/nss/tests/common/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH	= ../../..
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-objdir_name:
-	@echo $(OBJDIR_NAME)
-
-os_arch:
-	@echo $(OS_ARCH)
diff --git a/security/nss/tests/common/cleanup.sh b/security/nss/tests/common/cleanup.sh
deleted file mode 100755
index 57d71dc48..000000000
--- a/security/nss/tests/common/cleanup.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/common/cleanup.sh
-#
-# Script to clean up after NSS QA suites
-# needs to work on all Unix and Windows platforms
-#
-########################################################################
-
-
-if [ -z "${CLEANUP}" -o "${CLEANUP}" = "${SCRIPTNAME}" ]; then
-    html "</BODY></HTML>" 
-    rm -f ${TEMPFILES} 2>/dev/null
-fi
diff --git a/security/nss/tests/common/init.sh b/security/nss/tests/common/init.sh
deleted file mode 100644
index 529cbef02..000000000
--- a/security/nss/tests/common/init.sh
+++ /dev/null
@@ -1,459 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/common/init.sh
-#
-# initialization for NSS QA, can be included multiple times
-# from all.sh and the individual scripts
-#
-# variables, utilities and shellfunctions global to NSS QA
-# needs to work on all Unix and Windows platforms
-#
-# included from 
-# -------------
-#   all.sh
-#   ssl.sh
-#   sdr.sh
-#   cipher.sh
-#   perf.sh
-#   cert.sh
-#   smime.sh
-#   tools.sh
-#   fips.sh
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-# NOTE:
-# -----
-#    Unlike the old QA this is based on files sourcing each other
-#    This is done to save time, since a great portion of time is lost
-#    in calling and sourcing the same things multiple times over the
-#    network. Also, this way all scripts have all shell function  available
-#    and a completely common environment
-#
-########################################################################
-
-
-if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-
-# Exit shellfunction to clean up at exit (error, regular or signal)
-    Exit()
-    {
-        if [ -n "$1" ] ; then
-            echo "$SCRIPTNAME: Exit: $*"
-            html_failed "<TR><TD>$*"
-        fi
-        echo "</TABLE><BR>" >> ${RESULTS}
-        if [ -n "${TAILPID}" ]; then
-            ${KILL} "${TAILPID}"
-        fi
-        if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then
-            ${KILL} `cat ${SERVERPID}`
-        fi
-        CLEANUP=${SCRIPTNAME}
-        cd ${QADIR}
-        . common/cleanup.sh
-        case $1 in
-            [0-4][0-9]|[0-9])
-                exit $1;
-                ;;
-            *)
-                exit 1
-                ;;
-        esac
-    }
-
-#html functions to give the resultfiles a consistant look
-    html() #########################    write the results.html file
-    {      # 3 functions so we can put targets in the output.log easier
-        echo $* >>${RESULTS}
-    }
-    html_passed()
-    {
-        html "$* ${HTML_PASSED}"
-    }
-    html_failed()
-    {
-        html "$* ${HTML_FAILED}"
-    }
-    html_head()
-    {
-        html "<TABLE BORDER=1><TR><TH COLSPAN=3>$*</TH></TR>"
-        html "<TR><TH width=500>Test Case</TH><TH width=50>Result</TH></TR>" 
-        echo "$SCRIPTNAME: $* ==============================="
-    }
-    html_msg()
-    {
-        if [ "$1" -ne "$2" ] ; then
-            html_failed "<TR><TD>$3"
-            if [ -n "$4" ] ; then
-                echo "$SCRIPTNAME: $3 $4 FAILED"
-            fi
-        else
-            html_passed "<TR><TD>$3"
-            if [ -n "$4" ] ; then
-                echo "$SCRIPTNAME: $3 $4 PASSED"
-            fi
-        fi
-    }
-    HTML_FAILED='</TD><TD bgcolor=red>Failed</TD><TR>'
-    HTML_PASSED='</TD><TD bgcolor=lightGreen>Passed</TD><TR>'
-
-
-#directory name init
-    SCRIPTNAME=init.sh
-
-    mozilla_root=`(cd ../../../..; pwd)`
-    MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root}
-
-    qadir=`(cd ..; pwd)`
-    QADIR=${QADIR-$qadir}
-
-    common=${QADIR}/common
-    COMMON=${TEST_COMMON-$common}
-    export COMMON
-
-    DIST=${DIST-${MOZILLA_ROOT}/dist}
-    SECURITY_ROOT=${SECURITY_ROOT-${MOZILLA_ROOT}/security/nss}
-    TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
-    OBJDIR=`(cd $COMMON; gmake objdir_name)`
-    OS_ARCH=`(cd $COMMON; gmake os_arch)`
-    OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//"`
-
-#in case of backward comp. tests the calling scripts set the
-#PATH and LD_LIBRARY_PATH and do not want them to be changed
-    if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then
-        if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME"  != "CYGWIN_NT" ]; then
-            PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH
-            PATH=`perl ../path_uniq -d ';' "$PATH"`
-        else
-            PATH=.:/bin:/usr/bin:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:$PATH
-            # added /bin and /usr/bin in the beginning so a local perl will 
-            # be used
-            PATH=`perl ../path_uniq -d ':' "$PATH"`
-        fi
-
-        LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib
-        SHLIB_PATH=${DIST}/${OBJDIR}/lib
-        LIBPATH=${DIST}/${OBJDIR}/lib
-        DYLD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib
-    fi
-
-    if [ ! -d "${TESTDIR}" ]; then
-        echo "$SCRIPTNAME init: Creating ${TESTDIR}"
-        mkdir -p ${TESTDIR}
-    fi
-
-#HOST and DOMSUF are needed for the server cert 
-    case $HOST in
-        *\.*)
-            HOST=`echo $HOST | sed -e "s/\..*//"`
-            ;;
-        ?*)
-            ;;
-        *)
-            HOST=`uname -n`
-            case $HOST in
-                *\.*)
-                    HOST=`echo $HOST | sed -e "s/\..*//"`
-                    ;;
-                ?*)
-                    ;;
-                *)
-                    echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
-                    exit 1 #does not need to be Exit, very early in script
-                    ;;
-            esac
-            ;;
-    esac
-
-    if [ -z "${DOMSUF}" ]; then
-        DOMSUF=`domainname`
-        if  [ -z "${DOMSUF}" ]; then
-            echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
-            exit 1 #does not need to be Exit, very early in script
-        fi
-    fi
-#HOSTADDR was a workaround for the dist. stress test, and is probably 
-#not needed anymore (purpose: be able to use IP address for the server 
-#cert instead of PC name which was not in the DNS because of dyn IP address
-    if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
-        HOSTADDR=${HOST}.${DOMSUF}
-    else
-        HOSTADDR=${IP_ADDRESS}
-    fi
-
-#if running remote side of the distributed stress test we need to use 
-#the files that the server side gives us...
-    if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
-        for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
-            sed -e "s/.*${HOST}.//"` ; do
-                version=$w
-        done
-        HOSTDIR=${TESTDIR}/${HOST}.$version
-        echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR"
-        echo $HOSTDIR
-        if [ ! -d $HOSTDIR ] ; then
-            echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test "
-            echo "       - server HOSTDIR $HOSTDIR does not exist"
-            exit 1 #does not need to be Exit, very early in script
-        fi
-    fi
-
-#find the HOSTDIR, where the results are supposed to go
-    if [ -n "${HOSTDIR}" ]; then
-        version=`echo $HOSTDIR | sed  -e "s/.*${HOST}.//"` 
-    else
-        if [ -f "${TESTDIR}/${HOST}" ]; then
-            version=`cat ${TESTDIR}/${HOST}`
-        else
-            version=1
-        fi
-#file has a tendency to disappear, messing up the rest of QA - 
-#workaround to find the next higher number if version file is not there
-        if [ -z "${version}" ]; then    # for some strange reason this file
-                                        # gets truncated at times... Windos
-            for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
-                sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do
-                version=`expr $w + 1`
-            done
-            if [ -z "${version}" ]; then
-                version=1
-            fi
-        fi
-        expr $version + 1 > ${TESTDIR}/${HOST}
-
-        HOSTDIR=${TESTDIR}/${HOST}'.'$version
-
-        mkdir -p ${HOSTDIR}
-    fi
-
-#result and log file and filename init,
-    if [ -z "${LOGFILE}" ]; then
-        LOGFILE=${HOSTDIR}/output.log
-    fi
-    if [ ! -f "${LOGFILE}" ]; then
-        touch ${LOGFILE}
-    fi
-    if [ -z "${RESULTS}" ]; then
-        RESULTS=${HOSTDIR}/results.html
-    fi
-    if [ ! -f "${RESULTS}" ]; then
-        cp ${COMMON}/results_header.html ${RESULTS}
-        html "<H4>Platform: ${OBJDIR}<BR>" 
-        html "Test Run: ${HOST}.$version</H4>" 
-        html "${BC_ACTION}"
-        html "<HR><BR>" 
-        html "<HTML><BODY>" 
-
-        echo "********************************************" | tee ${LOGFILE}
-        echo "   Platform: ${OBJDIR}" | tee ${LOGFILE}
-        echo "   Results: ${HOST}.$version" | tee ${LOGFILE}
-        echo "********************************************" | tee ${LOGFILE}
-	echo "$BC_ACTION" | tee ${LOGFILE}
-    #if running remote side of the distributed stress test let the user know who it is...
-    elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
-        echo "********************************************" | tee ${LOGFILE}
-        echo "   Platform: ${OBJDIR}" | tee ${LOGFILE}
-        echo "   Results: ${HOST}.$version" | tee ${LOGFILE}
-        echo "   remote side of distributed stress test " | tee ${LOGFILE}
-        echo "   `uname -n -s`" | tee ${LOGFILE}
-        echo "********************************************" | tee ${LOGFILE}
-    fi
-
-    echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |
-        tee ${LOGFILE}
-
-    KILL="kill"
-    if  [ "${OS_ARCH}" = "Linux" ]; then
-#on linux the selfserv needs up to 30 seconds to fully die and free
-#the socket
-        SLEEP="sleep 30" # taking the chance and trying on the tinderboxes
-    fi
-
-    if [ `uname -s` = "SunOS" ]; then
-        PS="/usr/5bin/ps"
-    else
-        PS="ps"
-    fi
-#found 3 rsh's so far that do not work as expected - cygnus mks6 
-#(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it
-#needs to be set in the environ.ksh
-    if [ -z "$RSH" ]; then
-        if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME"  = "CYGWIN_NT" ]; then
-            RSH=/cygdrive/c/winnt/system32/rsh
-        elif [ "${OS_ARCH}" = "WINNT" ]; then
-            RSH=c:/winnt/system32/rsh
-        else
-            RSH=rsh
-        fi
-    fi
-   
-
-#more filename and directoryname init
-    CURDIR=`pwd`
-
-    CU_ACTION='Unknown certutil action'
-
-    # would like to preserve some tmp files, also easier to see if there 
-    # are "leftovers" - another possibility ${HOSTDIR}/tmp
-
-    TMP=${HOSTDIR}      #TMP=${TMP-/tmp}
-    TEMP=${TMP}
-    TMPDIR=${TMP}
-
-    CADIR=${HOSTDIR}/CA
-    SERVERDIR=${HOSTDIR}/server
-    CLIENTDIR=${HOSTDIR}/client
-    ALICEDIR=${HOSTDIR}/alicedir
-    BOBDIR=${HOSTDIR}/bobdir
-    DAVEDIR=${HOSTDIR}/dave
-    FIPSDIR=${HOSTDIR}/fips
-
-    SERVER_CADIR=${HOSTDIR}/serverCA
-    CLIENT_CADIR=${HOSTDIR}/clientCA
-    EXT_SERVERDIR=${HOSTDIR}/ext_server
-    EXT_CLIENTDIR=${HOSTDIR}/ext_client
-
-    PWFILE=${TMP}/tests.pw.$$
-    NOISE_FILE=${TMP}/tests_noise.$$
-
-    FIPSPWFILE=${TMP}/tests.fipspw.$$
-    FIPSBADPWFILE=${TMP}/tests.fipsbadpw.$$
-    FIPSP12PWFILE=${TMP}/tests.fipsp12pw.$$
-    FIPSCERTNICK="FIPS_PUB_140-1_Test_Certificate"
-
-    # domains to handle ipc based access to databases
-    D_CA="TestCA.$version"
-    D_ALICE="Alice.$version"
-    D_BOB="Bob.$version"
-    D_DAVE="Dave.$version"
-    D_SERVER_CA="ServerCA.$version"
-    D_CLIENT_CA="ClientCA.$version"
-    D_SERVER="Server.$version"
-    D_CLIENT="Client.$version"
-    D_FIPS="FIPS.$version"
-    D_EXT_SERVER="ExtendedServer.$version"
-    D_EXT_CLIENT="ExtendedClient.$version"
-
-    # we need relative pathnames of these files abd directories, since our 
-    # tools can't handle the unix style absolut pathnames on cygnus
-
-    R_CADIR=../CA
-    R_SERVERDIR=../server
-    R_CLIENTDIR=../client
-    R_ALICEDIR=../alicedir
-    R_BOBDIR=../bobdir
-    R_DAVEDIR=../dave
-    R_EXT_SERVERDIR=../ext_server
-    R_EXT_CLIENTDIR=../ext_client
-
-    #
-    # profiles are either paths or domains depending on the setting of
-    # MULTIACCESS_DBM
-    #
-    P_R_CADIR=${R_CADIR}
-    P_R_ALICEDIR=${R_ALICEDIR}
-    P_R_BOBDIR=${R_BOBDIR}
-    P_R_DAVEDIR=${R_DAVEDIR}
-    P_R_SERVERDIR=${R_SERVERDIR}
-    P_R_CLIENTDIR=${R_CLIENTDIR}
-    P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR}
-    P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR}
-    P_SERVER_CADIR=${SERVER_CADIR}
-    P_CLIENT_CADIR=${CLIENT_CADIR}
-    if [ -n "${MULTIACCESS_DBM}" ]; then
-	P_R_CADIR="multiaccess:${D_CA}"
-	P_R_ALICEDIR="multiaccess:${D_ALICE}"
-	P_R_BOBDIR="multiaccess:${D_BOB}"
-	P_R_DAVEDIR="multiaccess:${D_DAVE}"
-	P_R_SERVERDIR="multiaccess:${D_SERVER}"
-	P_R_CLIENTDIR="multiaccess:${D_CLIENT}"
-	P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}"
-	P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}"
-	P_SERVER_CADIR="multiaccess:${D_SERVER_CA}"
-	P_CLIENT_CADIR="multiaccess:${D_CLIENT_CA}"
-    fi
-
-    R_PWFILE=../tests.pw.$$
-    R_NOISE_FILE=../tests_noise.$$
-
-    R_FIPSPWFILE=../tests.fipspw.$$
-    R_FIPSBADPWFILE=../tests.fipsbadpw.$$
-    R_FIPSP12PWFILE=../tests.fipsp12pw.$$
-
-    echo "fips140" > ${FIPSPWFILE}
-    echo "fips104" > ${FIPSBADPWFILE}
-    echo "pkcs12fips140" > ${FIPSP12PWFILE}
-
-    # a new log file, short - fast to search, mostly for tools to
-    # see if their portion of the cert has succeeded, also for me -
-    CERT_LOG_FILE=${HOSTDIR}/cert.log      #the output.log is so crowded...
-
-    TEMPFILES="${PWFILE} ${NOISE_FILE}"
-    trap "Exit $0 Signal_caught" 2 3
-
-    export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH DYLD_LIBRARY_PATH
-    export DOMSUF HOSTADDR
-    export KILL SLEEP PS
-    export MOZILLA_ROOT SECURITY_ROOT DIST TESTDIR OBJDIR HOSTDIR QADIR
-    export LOGFILE SCRIPTNAME
-
-#used for the distributed stress test, the server generates certificates 
-#from GLOB_MIN_CERT to GLOB_MAX_CERT 
-# NOTE - this variable actually gets initialized by directly by the 
-# ssl_dist_stress.shs sl_ds_init() before init is called - need to change 
-# in  both places. speaking of data encapsulatioN...
-
-    if [ -z "$GLOB_MIN_CERT" ] ; then
-        GLOB_MIN_CERT=0
-    fi
-    if [ -z "$GLOB_MAX_CERT" ] ; then
-        GLOB_MAX_CERT=200
-    fi
-    if [ -z "$MIN_CERT" ] ; then
-        MIN_CERT=$GLOB_MIN_CERT
-    fi
-    if [ -z "$MAX_CERT" ] ; then
-        MAX_CERT=$GLOB_MAX_CERT
-    fi
-
-    SCRIPTNAME=$0
-    INIT_SOURCED=TRUE   #whatever one does - NEVER export this one please
-fi
diff --git a/security/nss/tests/common/results_header.html b/security/nss/tests/common/results_header.html
deleted file mode 100644
index c09685b11..000000000
--- a/security/nss/tests/common/results_header.html
+++ /dev/null
@@ -1,6 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>Test Report for NSS</TITLE>
-</HEAD>
-<BODY BGCOLOR="#FFFFFF">
-<CENTER><H3>Test Report for NSS</H3></CENTER>
diff --git a/security/nss/tests/core_watch b/security/nss/tests/core_watch
deleted file mode 100755
index a627983a3..000000000
--- a/security/nss/tests/core_watch
+++ /dev/null
@@ -1,45 +0,0 @@
-#############################################################
-# script to watch for cores during QA runs, so they won't overwrite one
-# another
-# Not activated for efficiency reasons, and problems on MKS, us
-# only when needed and remember to remove afterwards
-#############################################################
-
-#############################################################
-# to activate put the following into all.sh (after the HOSTDIR 
-# has been exported
-#############################################################
-# sh `dirname $0`/core_watch $HOSTDIR ${HOSTDIR} &    
-# CORE_WATCH_PID=$!
-# if [ -n "${KILLPIDS}" ]
-# then
-#     echo $CORE_WATCH_PID >>"${KILLPIDS}"            
-# fi
-#############################################################
-
-#############################################################
-# or put the following into nssqa to watch the whole RESULTDIR
-# start it shortly before run_all
-#
-# NOTE: the more efficient way is above, this is potentially going
-# thru 1000ds of files every 30 seconds
-#############################################################
-# sh `dirname $0`/core_watch $RESULTDIR &    
-# echo $! >>"${KILLPIDS}"        #so Exit() can hopefully kill the core_watch
-#############################################################
-
-# in both cases remember to kill the process when done, since 
-# the PIDs that end up in ${KILLPIDS} might not work for all OS
-# something like "kill_by_name core_watch
-
-echo $$ >>"${KILLPIDS}"     #so Exit() can hopefully kill this shell
-while [ 1 ]
-do
-    for w in `find $1 -name "core" -print`
-    do
-        echo "Found core $w"
-        mv $w $w.`date +%H%M%S`
-    done
-    sleep 30
-done
-
diff --git a/security/nss/tests/dbtests/dbtests.sh b/security/nss/tests/dbtests/dbtests.sh
deleted file mode 100755
index 5ae5f6269..000000000
--- a/security/nss/tests/dbtests/dbtests.sh
+++ /dev/null
@@ -1,223 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# Sonja Mirtitsch Sun Microsystems
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-########################################################################
-#
-# mozilla/security/nss/tests/dbtest/dbtest.sh
-#
-# Certificate generating and handeling for NSS QA, can be included 
-# multiple times from all.sh and the individual scripts
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-#   all.sh
-#   ssl.sh
-#   smime.sh
-#   tools.sh
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-# FIXME - Netscape - NSS
-########################################################################
-
-############################## dbtest_init ###############################
-# local shell function to initialize this script
-########################################################################
-dbtest_init()
-{
-  SCRIPTNAME="dbtests.sh"
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-  if [ -z "${INIT_SOURCED}" ] ; then
-      cd ../common
-      . ./init.sh
-  fi
-  if [ ! -r $CERT_LOG_FILE ]; then  # we need certificates here
-      cd ../cert
-      . ./cert.sh
-  fi
-
-  SCRIPTNAME="dbtests.sh"
-  DBTEST_LOG=${HOSTDIR}/dbtest.log    #we don't want all the errormessages 
-         # in the output.log, otherwise we can't tell what's a real error
-  RONLY_DIR=${HOSTDIR}/ronlydir
-  EMPTY_DIR=${HOSTDIR}/emptydir
-  grep "SUCCESS: SSL passed" $CERT_LOG_FILE >/dev/null || {
-      html_head "SSL Test failure"
-      Exit : "Fatal - SSL of cert.sh needs to pass first"
-  }
-
-  html_head "CERT and Key DB Tests"
-
-}
-
-############################## dbtest_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-dbtest_cleanup()
-{
-  html "</TABLE><BR>" 
-  cd ${QADIR}
-  chmod a+rw $RONLY_DIR
-  . common/cleanup.sh
-}
-
-Echo()
-{
-    echo
-    echo "---------------------------------------------------------------"
-    echo "| $*"
-    echo "---------------------------------------------------------------"
-}
-dbtest_main()
-{
-    cd ${HOSTDIR}
-
-    
-    Echo "test opening the database readonly in a nonexisting directory"
-    certutil -L -X -d ./non_existant_dir
-    ret=$?
-    if [ $ret -ne 255 ]; then
-      html_failed "<TR><TD> Certutil succeeded in a nonexisting directory $ret"
-    else
-      html_passed "<TR><TD> Certutil failed in a nonexisting dir $ret" 
-    fi
-    dbtest -r -d ./non_existant_dir
-    ret=$?
-    if [ $ret -ne 46 ]; then
-      html_failed "<TR><TD> Dbtest readonly succeeded in a nonexisting directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest readonly failed in a nonexisting dir $ret" 
-    fi
-
-    Echo "test force opening the database in a nonexisting directory"
-    dbtest -f -d ./non_existant_dir
-    ret=$?
-    if [ $ret -ne 0 ]; then
-      html_failed "<TR><TD> Dbtest force failed in a nonexisting directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest force succeeded in a nonexisting dir $ret"
-    fi
-
-    Echo "test opening the database readonly in an empty directory"
-    mkdir $EMPTY_DIR
-    tstclnt -h  ${HOST}  -d $EMPTY_DIR 
-    ret=$?
-    if [ $ret -ne 1 ]; then
-      html_failed "<TR><TD> Tstclnt succeded in an empty directory $ret"
-    else
-      html_passed "<TR><TD> Tstclnt failed in an empty dir $ret"
-    fi
-    dbtest -r -d $EMPTY_DIR
-    ret=$?
-    if [ $ret -ne 46 ]; then
-      html_failed "<TR><TD> Dbtest readonly succeeded in an empty directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest readonly failed in an empty dir $ret" 
-    fi
-    rm -rf $EMPTY_DIR/* 2>/dev/null
-    certutil -D -n xxxx -d $EMPTY_DIR #created DB
-    ret=$?
-    if [ $ret -ne 255 ]; then 
-        html_failed "<TR><TD> Certutil succeeded in deleting a cert in an empty directory $ret"
-    else
-        html_passed "<TR><TD> Certutil failed in an empty dir $ret"
-    fi
-    rm -rf $EMPTY_DIR/* 2>/dev/null
-    Echo "test force opening the database  readonly in a empty directory"
-    dbtest -r -f -d $EMPTY_DIR
-    ret=$?
-    if [ $ret -ne 0 ]; then
-      html_failed "<TR><TD> Dbtest force readonly failed in an empty directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest force readonly succeeded in an empty dir $ret"
-    fi
-
-    Echo "test opening the database r/w in a readonly directory"
-    mkdir $RONLY_DIR
-    cp -r ${CLIENTDIR}/* $RONLY_DIR
-    chmod -w $RONLY_DIR $RONLY_DIR/*
-
-    dbtest -d $RONLY_DIR
-    ret=$?
-    if [ $ret -ne 46 ]; then
-      html_failed "<TR><TD> Dbtest r/w succeeded in an readonly directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest r/w failed in an readonly dir $ret" 
-    fi
-    certutil -D -n "TestUser" -d .
-    ret=$?
-    if [ $ret -ne 255 ]; then
-      html_failed "<TR><TD> Certutil succeeded in deleting a cert in an readonly directory $ret"
-    else
-        html_passed "<TR><TD> Certutil failed in an readonly dir $ret"
-    fi
-    
-    Echo "test opening the database ronly in a readonly directory"
-
-    dbtest -d $RONLY_DIR -r
-    ret=$?
-    if [ $ret -ne 0 ]; then
-      html_failed "<TR><TD> Dbtest readonly failed in a readonly directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest readonly succeeded in a readonly dir $ret" 
-    fi
-
-    Echo "test force opening the database  r/w in a readonly directory"
-    dbtest -d $RONLY_DIR -f
-    ret=$?
-    if [ $ret -ne 0 ]; then
-      html_failed "<TR><TD> Dbtest force failed in a readonly directory $ret"
-    else
-      html_passed "<TR><TD> Dbtest force succeeded in a readonly dir $ret"
-    fi
-
-    Echo "ls -l $RONLY_DIR"
-    ls -ld $RONLY_DIR $RONLY_DIR/*
-
-}
-
-################## main #################################################
-
-dbtest_init 
-dbtest_main >$DBTEST_LOG 2>&1
-dbtest_cleanup
diff --git a/security/nss/tests/dll_version.sh b/security/nss/tests/dll_version.sh
deleted file mode 100755
index 79a128585..000000000
--- a/security/nss/tests/dll_version.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-
-# version controll for DLLs
-# ToDo: make version parameter or find version from first occurance of 3.x
-# make the 3 a variable..., include the header
-
-#OS=`uname -s`
-#DSO_SUFFIX=so
-#if [ "$OS" = "HP-UX" ]; then
-    #DSO_SUFFIX=sl
-#fi
-#what libnss3.$DSO_SUFFIX | grep NSS
-#what libsmime3.$DSO_SUFFIX | grep NSS
-#what libssl3.$DSO_SUFFIX | grep NSS
-#ident libnss3.$DSO_SUFFIX | grep NSS
-#ident libsmime3.$DSO_SUFFIX | grep NSS
-#ident libssl3.$DSO_SUFFIX | grep NSS
-
-for w in `find . -name "libnss3.s[ol]" ; find . -name "libsmime3.s[ol]"; find .  -name "libssl3.s[ol]"`
-do
-        NOWHAT=FALSE
-        NOIDENT=FALSE
-        echo $w
-        what $w | grep NSS || NOWHAT=TRUE
-        ident $w | grep NSS || NOIDENT=TRUE
-        if [ $NOWHAT = TRUE ]
-        then
-                echo "ERROR what $w does not contain NSS"
-        fi
-        if [ $NOIDENT = TRUE ]
-        then
-                echo "ERROR ident $w does not contain NSS"
-        fi
-done
-#for w in `find . -name "libnss3.s[ol]" ; find . -name "libsmime3.s[ol]"; find .
-#-name "libssl3.s[ol]"`
-#do
-        #NOWHAT=FALSE
-        #NOIDENT=FALSE
-        #echo $w
-        #what $w | grep NSS || NOWHAT=TRUE
-        #ident $w | grep NSS || NOIDENT=TRUE
-        #if [ $NOWHAT = TRUE -a $NOIDENT = TRUE ]
-        #then
-                #echo "WARNING what and ident $w does not contain NSS"
-                #strings $w  | grep NSS | grep '3.2' || echo "ERROR strings does
-#not either..."
-        #fi
-#done
-
diff --git a/security/nss/tests/doc/clean.gif b/security/nss/tests/doc/clean.gif
deleted file mode 100644
index 08781cb2b..000000000
--- a/security/nss/tests/doc/clean.gif
+++ /dev/null
diff --git a/security/nss/tests/doc/nssqa.txt b/security/nss/tests/doc/nssqa.txt
deleted file mode 100755
index 34fa0955b..000000000
--- a/security/nss/tests/doc/nssqa.txt
+++ /dev/null
@@ -1,108 +0,0 @@
-The new QA wrapper consistst mainly of 2 scripts, nssqa and qa_stat, both 
-include a common header (header) and a common environment (set_environment). 
-Also used is mksymlinks and path_uniq.
-
-The scripts that are used on a daily basis are located in /u/sonmi/bin. 
-
-Parameters and Options are the same for both scripts.
-
-Parameters
-----------
-	nssversion (supported: 30b, 31, tip)
-	builddate (default - today, format mmdd)
-
-Options
--------
-	-y answer all questions with y - use at your own risk... ignores warnings 
-	-s silent (only usefull with -y)
-	-h, -? -help you guessed right - displays the usage
-	-d debug 
-	-f <filename> - write the (error)output to filename
-	-m <mailinglist> - send filename to mailinglist (csl) only useful
-		with -f on nssqa
-	-l <mozroot> run on a local build - does not work at this time
-	-cron equivalient to -y -s -d -f $RESULTDIR/$HOST.<scriptname>
-
-nssqa and qa_stat are Beta at the most
---------------------------
-Please be aware that 
-
--) machinenames are still hardcoded --FIXED
--) other very iPlanet specific environments and features are being used.
-
--d Debug option will be removed from cron in a few weeks - or maybe not
--l QA on local build is not fully implemented yet
-
-Please do not use on Windows 95 and 98, ME platforms yet. 
-
-use -d if script behaves strange or exits unexpectedly
-
-How to use QA
--------------
-To test a build, first run nssqa on the required QA platforms (some 
-buildplatforms require QA to be run on additional platforms - for 
-example Solaris 2.6 has to be tested on 2.8 32 and 64bit) If QA has 
-been run on multiple or all required platforms it makes sense to run 
-qa_stat on the output of nssqa as well.
-Before used on a new system (even if the same platform has been 
-tested before) please use completely interactive, to see what the 
-variables are being initialized to, and read the warnings. Same is 
-true if being run from a different user account than svbld.
-
-In any case, if you are using it, please let me know the results.
-
-Pseudocode Description of nssqa:
---------------------------------
-not quite up to date
-
-	header:init (global)
-		set flags and variables to default values
-		signal trap (for interupts and kills)
-		set HOST and DOMSUF variables if running from cron
-		parse parameters and options
-		determine os and set up the environment (espec. PATH)
-		set the directories to run in (influenced by parameters and -l option)
-		set and initialize the tmp / debugging / output files
-
-	nssqa:init (local)
-		locking: if nssqa is already running on this systems (yes-exit, 
-			no-lockfile)
-		set HOST and DOMSUF variables if running interavtively
-		set flag to kill remaining selfserv processes during cleanup
-		if QA platform different from build platform create neccessary 
-			symbolic links
-		wait for the build to finish (max of 5h)
-
-	main:
-		repeated per test (optimized, debug, 32, 64 bit)
-			set flags for this run of all.sh (optimized, debug, 32, 64 bit)
-			set the DIST directory (where the binaries reside)
-			kill running selfservers (sorry - just don't use the svbld 
-				account if you need to do your own testing... I will fix 
-				selfserv as soon as I can - but it hangs too often and 
-				disturbs all following QA)
-			run all.sh 
-		
-	header:exit (global)
-		remove temporary files
-		kill remaining selfservers
-		send email to the list
-		
-		
-	errorhandling
-		Option / Parameter errors: Exit with usage information
-
-		Severe errors: Exit wit errormessage 
-			example: directory in which all.sh resides does not exist
-				can't create files or directories
-				build not done after 5 hours
-				is already running
-				
-		Other errors: User is prompted with the "errormessage - continue (y/n)?"
-			example: local DIST dir does not exist (continues with next all.sh)
-				outputdirectory does not exist (user can specify other)
-
-		Signals 2, 3, 15 are treated as severe errors
-		
-	
-
diff --git a/security/nss/tests/doc/platform_specific_problems b/security/nss/tests/doc/platform_specific_problems
deleted file mode 100644
index 92a22ca03..000000000
--- a/security/nss/tests/doc/platform_specific_problems
+++ /dev/null
@@ -1,110 +0,0 @@
-I will, eventually convert all files here to html - just right now I have no
-time to do it. Anyone who'd like to - please feel free, mail me the file and 
-I will check it in 
-sonmi@netscape.com
-
-
-The NSS 3.1 SSL Stress Tests fail for me on FreeBSD 3.5.  The end of the output
-of './ssl.sh stress' looks like this:
-
-********************* Stress Test  ****************************
-********************* Stress SSL2 RC4 128 with MD5 ****************************
-selfserv -p 8443 -d
-/local/llennox/NSS-PSM/mozilla/tests_results/security/conrail.20/server -n
-conrail.cs.columbia.edu -w nss   -i /tmp/tests_pid.5505  & strsclnt -p 8443 -d . -w nss -c 1000 -C A  conrail.cs.columbia.edu 
-strsclnt: -- SSL: Server Certificate Validated.
-strsclnt: PR_NewTCPSocket returned error -5974:
-Insufficient system resources.
-Terminated 
-********************* Stress SSL3 RC4 128 with MD5 ****************************
-selfserv -p 8443 -d
-/local/llennox/NSS-PSM/mozilla/tests_results/security/conrail.20/server -n
-conrail.cs.columbia.edu -w nss   -i /tmp/tests_pid.5505  & strsclnt -p 8443 -d . -w nss -c 1000 -C c  conrail.cs.columbia.edu 
-strsclnt: -- SSL: Server Certificate Validated.
-strsclnt: PR_NewTCPSocket returned error -5974:
-Insufficient system resources.
-Terminated 
-
-Running ktrace on the process (ktrace is a system-call tracer, the equivalent of
-Linux's strace) reveals that socket() failed with ENOBUFS after it was called
-for the 953rd time for the first test, and it failed after the 27th time it was
-called for the second test.
-
-The failure is consistent, both for debug and optimized builds; I haven't tested
-to see whether the count of socket() failures is consistent.
-
-All the other NSS tests pass successfully.
-
-
-------- Additional Comments From Nelson Bolyard 2000-11-01 23:08 -------
-
-I see no indication of any error on NSS's part from this description.
-It sounds like an OS kernel configuration problem on the 
-submittor's system.  The stress test is just that.  It stresses
-the server by pounding it with SSL connections.  Apparently this 
-test exhausts some kernel resource on the submittor's system.
-
-The only change to NSS that might be beneficial to this test 
-would be to respond to this error by waiting and trying again
-for some limited number of times, rather than immediately 
-treating it as a fatal error.  
-
-However, while such a change might make the test appear to pass,
-it would merely be hiding a very serious problem, namely,
-chronic system resource exhaustion.
-
-So, I suggest that, in this case, the failure serves the useful
-purpose of revealing the system problem, which needs to be 
-cured apart from any changes to NSS.
-
-I'll leave this bug open for a few more days, to give others
-a chance to persuade me that some NSS change would and should
-solve this problem.  
-
-
-------- Additional Comments From Jonathan Lennox 2000-11-02 13:13 -------
-
-Okay, some more investigation leads me to agree with you.  What's happening is
-that the TCP connections from the stress test stick around in TIME_WAIT for two
-minutes; my kernel is only configured to support 1064 simultaneous open sockets,
-which isn't enough for the 2K sockets opened by the stress test plus the 100 or
-so normally in use on my system.
-
-So I'd just suggest adding a note to the NSS test webpage to the effect of "The
-SSL stress test opens 2,048 TCP connections in quick succession.  Kernel data
-structures may remain allocated for these connections for up to two minutes. 
-Some systems may not be configured to allow this many simulatenous connections
-by default; if the stress tests fail, try increasing the number of simultaneous
-sockets supported."
-
-On FreeBSD, you can display the number of simultaneous sockets with the command
-	sysctl kern.ipc.maxsockets
-which on my system returns 1064.
-
-It looks like this can be fixed with the kernel config option
-	options NMBCLUSTERS=[something-large]
-or by increasing the 'maxusers' parameter.
-
-It looks like more recent FreeBSD implementations still have this limitation,
-and the same solutions apply, plus you can alternatively specify the maxsockets
-parameter in the boot loader.
-
-
----------------------------------
-
-hpux HP-UX hp64 B.11.00 A 9000/800 2014971275 two-user license
-
-we had to change following kernelparameters to make our tests pass
-
-1. maxfiles.  old value = 60.  new value = 100.
-2. nkthread.  old value = 499.  new value = 1328.
-3. max_thread_proc.  old value = 64.  new value = 512.
-4. maxusers.  old value = 32.  new value = 64.
-5. maxuprc.  old value = 75.  new value = 512.
-6. nproc.  old formula = 20+8*MAXUSERS, which evaluated to 276.
-   new value (note: not a formula) = 750.
-
-A few other kernel parameters were also changed automatically
-as a result of the above changes.
-
-
diff --git a/security/nss/tests/doc/qa_wrapper.html b/security/nss/tests/doc/qa_wrapper.html
deleted file mode 100755
index 755cca236..000000000
--- a/security/nss/tests/doc/qa_wrapper.html
+++ /dev/null
@@ -1,269 +0,0 @@
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
-   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-   <meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; U; SunOS 5.8 sun4u) [Netscape]">
-</head>
-<body text="#000000" bgcolor="#FFFFFF" link="#0000EE" vlink="#551A8B" alink="#FF0000">
-
-<h3>
-<b><font face="Times New Roman,Times">Author Sonja Mirtitsch</font></b></h3>
-
-<h3>
-<b><font face="Times New Roman,Times">Last updated: 4/4/2001</font></b></h3>
-
-<h1>
-<b><font face="Times New Roman,Times">NSS 3.2.QA Wrapper</font></b></h1>
-
-<p><br>The QA&nbsp; wrapper tests the nightly builds of NSS. The actual
-tests are being run are called from the QA script all.sh. I will add documentation
-for the actual QA soon. The main purpose of the wrapper is: find out which
-build (NSS version, date, Build Platform) to test on which machine (OS,
-OS version) and construct a summary report, which is then mailed to the
-nss developers (aka mailing list nss-qa-report@netscape.com). Please see
-also the <a href="#advertisement">feature</a> section.
-<p><a href="#nssqa">nssqa</a>&nbsp; - the script that calls the actual
-qa script all.sh
-<br><a href="#qa_stat">qa_stat</a> - sends out status reports
-<br><a href="#qaclean">qaclean</a>&nbsp; - if everything else fails
-<p>Sample <a href="/u/sonmi/doc/publish/glob_result.html">global result</a>,
-<a href="/u/sonmi/doc/publish/results.html">individual result </a>and <a href="/u/sonmi/doc/publish/output.log">log
-files</a>
-<p>The QA wrapper consistst mainly of scripts, most located in security/nss/tests
-and subdirectories, but run from /u/sonmi/bin
-<p>nssqa and qa_stat, the main scripts both include a common header (<a href="../header">header</a>)
-and a common environment (<a href="../set_environment">set_environment</a>).
-<br>Also used is <a href="../mksymlinks">mksymlinks</a> and <a href="../path_uniq">path_uniq</a>
-and <a href="#qaclean">qaclean</a>.
-<p>The scripts that are used on a daily basis are located in /u/sonmi/bin
-and checked into security/nss/tests
-<p>Parameters and Options are the same for most scripts.
-<p><a NAME="Parameters"></a><b><u><font size=+1>Parameters</font></u></b>
-<br>&nbsp;&nbsp;&nbsp; nssversion (supported: 30b, 31, tip, default tip)
-<br>&nbsp;&nbsp;&nbsp; builddate (default - today, format mmdd)
-<p><a NAME="Options"></a><b><u><font size=+1>Options</font></u></b>
-<br>&nbsp;&nbsp;&nbsp; -y answer all questions with y - use at your own
-risk... ignores warnings
-<br>&nbsp;&nbsp;&nbsp; -s silent (only usefull with -y)
-<br>&nbsp;&nbsp;&nbsp; -h, -? -help you guessed right - displays the usage
-<br>&nbsp;&nbsp;&nbsp; -d debug
-<br>&nbsp;&nbsp;&nbsp; -f &lt;filename> - write the (error)output to filename
-<br>&nbsp;&nbsp;&nbsp; -fcron writes resultfile in the same location as
-would the -cron
-<br>&nbsp;&nbsp;&nbsp; -m &lt;mailinglist> - send filename to mailinglist
-(csl) only useful
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; with -f on nssqa
-<br>&nbsp;&nbsp;&nbsp; -l &lt;mozroot> run on a local build - does not
-work at this time
-<br>&nbsp;&nbsp;&nbsp; -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.&lt;scriptname>
-<br>&nbsp;
-<p>Please be aware that some iPlanet specific environments and features
-are being used.
-<p>-d Debug option might be removed from cron in a few weeks - or maybe
-not
-<br>-l QA on local build is not fully implemented yet - will not be implemented,
-all.sh can be called directly instead
-<p>Please do not use on Windows 95 and 98, ME platforms yet.
-<p>use -d if script behaves strange or exits unexpectedly
-<p><b><font size=+1>How to use the QA-wrapper</font></b>
-<br>To test a build, first run nssqa on the required QA platforms (some
-buildplatforms require QA to be run on additional platforms - for example
-Solaris 2.6 has to be tested on 2.8 32 and 64bit) If QA has been run on
-multiple or all required platforms it makes sense to run qa_stat on the
-output of nssqa as well.
-<br>Before used on a new system (even if the same platform has been tested
-before) please use completely interactive, to see what the variables are
-being initialized to, and read the warnings. Same is true if being run
-from a different user account than svbld.
-<p>In any case, if you are using it, please let me know the results.
-<p><a NAME="nssqa"></a><b><u><font size=+1>nssqa:</font></u></b>
-<p>the script that calls the actual qa script all.sh
-<p>nssqa <a href="#Parameters">parameters</a> and&nbsp; <a href="#Options">options</a>
-<p><a href="../nssqa">view the script</a>
-<p><b><u><font size=+1>Pseudocode Description of nssqa</font></u></b>
-<br>not quite up to date
-<p>&nbsp;&nbsp;&nbsp; header:init (global)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set flags and variables
-to default values
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; signal trap (for interupts
-and kills)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set HOST and DOMSUF variables
-if running from cron
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; parse parameters and options
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; determine os and set up
-the environment (espec. PATH)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set the directories to run
-in (influenced by parameters and -l option)<br>
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set the directories for backward
-compatibility testing
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set and initialize the tmp
-/ debugging / output files
-<p>&nbsp;&nbsp;&nbsp; nssqa:init (local)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; locking: if nssqa is already
-running on this systems (yes-exit,
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-no-lockfile)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set HOST and DOMSUF variables
-if running interavtively
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set flag to kill remaining
-selfserv processes during cleanup
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if QA platform different
-from build platform create neccessary
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-symbolic links
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; wait for the build to finish
-(max of 5h)
-<p>&nbsp;&nbsp;&nbsp; main:
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; repeated per test (optimized,
-debug, 32, 64 bit)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-set flags for this run of all.sh (optimized, debug, 32, 64 bit)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-set the DIST directory (where the binaries reside)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-kill running selfservers (sorry - just don't use the svbld
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-account if you need to do your own testing... I will fix
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-selfserv as soon as I can - but it hangs too often and
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-disturbs all following QA)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-run all.sh
-<p>&nbsp;&nbsp;&nbsp; header:exit (global)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; remove temporary files
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; kill remaining selfservers
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; send email to the list
-<br>&nbsp;
-<p>&nbsp;&nbsp;&nbsp; errorhandling
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Option / Parameter errors:
-Exit with usage information
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Severe errors: Exit wit errormessage
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-example: directory in which all.sh resides does not exist
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-can't create files or directories
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-build not done after 5 hours
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-is already running
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Other errors: User is prompted
-with the "errormessage - continue (y/n)?"
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-example: local DIST dir does not exist (continues with next all.sh)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-outputdirectory does not exist (user can specify other)
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Signals 2, 3, 15 are treated
-as severe errors
-<br>&nbsp;
-<br>&nbsp;
-<br>&nbsp;
-<p><img SRC="clean.gif" height=129 width=92 align=LEFT><a NAME="qaclean"></a><b><u><font size=+2>qaclean:</font></u></b>/u/sonmi/bin/qaclean
-<br>&nbsp;
-<p>Use qaclean as user "svbld" to get the propper permissions. It is supposed
-to clean up after a "hanging" QA and will also brutally kill, interupt
-and disturb any other nss related test or performance meassurement on the
-named machine. NT and 2000 might require an additional reboot, since the
-ps is not so good about telling us the actual programmname - so we can't
-kill them... Please note that this is a brute force script, it should not
-be used on a regular basis, file a bug whenever you have to use it, since
-hanging QA is nothing that should occur frequently
-<p>&nbsp;<a href="../qaclean">view the script</a>
-<p>What it does:
-<ol>
-<li>
-see if there is a lockfile (/tmp/nssqa.$$ or $TMP/nssqa.$$)</li>
-
-<br>if yes:
-<ol>kill the process of the lockfile <font color="#666666">(future expansion
-and if possible it's children )</font>
-<br>rm the lockfile</ol>
-
-<li>
-kill selfservers</li>
-
-<li>
-kill whatever other qa related processes might be hanging</li>
-
-<li>
-clean up tmp files</li>
-</ol>
-<b>QAClean Parameters:</b>
-<br>&nbsp;&nbsp;&nbsp; machinename.
-<br>&nbsp;&nbsp;&nbsp; for example
-<br>&nbsp;&nbsp;&nbsp; qaclean kentuckyderby
-<br>&nbsp;&nbsp;&nbsp; started on any machine, will clean up on kentuckyderby
-<p><a NAME="qa_stat"></a><b><u><font size=+2>qa_stat</font></u></b>
-<p>qa_stat is the script that is being started from the svbld cron on kentuckyderby
-every morning at 10:00 and runs some (very primitive) analysis on the qa
-results.
-<br>I'd like to rewrite the whole thing in perl, and in a few weeks I might
-just do this...
-<p>&nbsp;<a href="../qa_stat">view the script</a>
-<p>qa_stat <a href="#Parameters">parameters</a> and&nbsp; <a href="#Options">options</a>
-<p><a NAME="advertisement"></a><b><u><font size=+1>Why we need the QA wrapper</font></u></b>
-<p>We need the new QA wrapper, because we have to test on so many platforms,
-that running the tests and evaluating the results for the nightly builds
-took about an average workday.
-<p><b><font size=+1>New Features:</font></b>
-<ul>
-<li>
-runs from <b>cron</b> / rsh or <b>interactive</b> if desired</li>
-
-<li>
-generates <b>summary</b> (no need to look through 60-90 directories)</li>
-
-<li>
-sends <b>email</b> about results</li>
-
-<li>
-automatically <b>recognizes common errors</b> and problems and conflicts
-and corrects them</li>
-
-<br>(or attempts to correct them :-)
-<li>
-automatically determines <b>which build </b>to test (waits if build in
-progress, exits if no build)</li>
-
-<li>
-runs on <b>all required platforms</b> (Windows 98 and before not functional
-yet)</li>
-
-<li>
-Windows version runs on <b>free Cygnus</b> as well as on MKS</li>
-
-<li>
-debug mode, normal mode and silent mode</li>
-
-<li>
-<b>locking</b> mechanism so it won't run twice</li>
-
-<li>
-<b>cleanup</b> after being killed and most errors (no remaining selfservers,
-tmpfiles, lock files)</li>
-</ul>
-The 1st script is started via cron between 5:00 and 8:00 am on different
-systems, and starts QA on the nightly build. At 10:00 the next script is
-started, and sends a QA summary to the nss developers.
-<p><b>Cygnus Advantages</b>:
-<ul>
-<li>
-<b>free</b></li>
-
-<li>
-better handling of <b>processes</b> (background, processIDs, Signals)</li>
-
-<li>
-Unix / Linux <b>compatible</b> sh / bash</li>
-</ul>
-<b>Disadvantages</b>
-<ul>
-<li>
-MKS functionality needs to be preserved (makes <b>8 Windows platforms</b>
-instead of 4 for the QA suites - makes 32 testruns on Windows alone)</li>
-
-<br>In certain functionality's <b>slow</b>
-<br><b></b>&nbsp;</ul>
-<b>Porting the windows QA&nbsp;to Uwin as well is also being considered</b>
-</body>
-</html>
diff --git a/security/nss/tests/fips/fips.sh b/security/nss/tests/fips/fips.sh
deleted file mode 100755
index cf94db945..000000000
--- a/security/nss/tests/fips/fips.sh
+++ /dev/null
@@ -1,186 +0,0 @@
-#! /bin/sh  
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/fips/fips.sh
-#
-# Script to test basic functionallity of NSS in FIPS-compliant mode
-#
-# needs to work on all Unix and Windows platforms
-#
-# tests implemented:
-#
-# special strings
-# ---------------
-#
-########################################################################
-
-############################## fips_init ##############################
-# local shell function to initialize this script 
-########################################################################
-fips_init()
-{
-  SCRIPTNAME=fips.sh      # sourced - $0 would point to all.sh
-
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-
-  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-      cd ../common
-      . ./init.sh
-  fi
-  if [ ! -r $CERT_LOG_FILE ]; then  # we need certificates here
-      cd ../cert
-      . ./cert.sh
-  fi
-  SCRIPTNAME=fips.sh
-  html_head "FIPS 140-1 Compliance Tests"
-
-  grep "SUCCESS: FIPS passed" $CERT_LOG_FILE >/dev/null || {
-      Exit 15 "Fatal - FIPS of cert.sh needs to pass first"
-  }
-
-  COPYDIR=${FIPSDIR}/copydir
-
-  R_FIPSDIR=../fips
-  P_R_FIPSDIR=../fips
-  R_COPYDIR=../fips/copydir
-
-  if [ -n "${MULTIACCESS_DBM}" ]; then
-     P_R_FIPSDIR="multiaccess:${D_FIPS}"
-  fi
-
-  mkdir -p ${FIPSDIR}
-  mkdir -p ${COPYDIR}
-
-  cd ${FIPSDIR}
-}
-
-############################## fips_140_1 ##############################
-# local shell function to test basic functionality of NSS while in
-# FIPS 140-1 compliant mode
-########################################################################
-fips_140_1()
-{
-  echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
-  echo "certutil -d ${P_R_FIPSDIR} -L"
-  certutil -d ${P_R_FIPSDIR} -L 2>&1
-  html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
-  echo "$SCRIPTNAME: List the FIPS module keys -------------------------"
-  echo "certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
-  certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
-  html_msg $? 0 "List the FIPS module keys (certutil -K)"
-
-  echo "$SCRIPTNAME: Attempt to list FIPS module keys with incorrect password"
-  echo "certutil -d ${P_R_FIPSDIR} -K -f ${FIPSBADPWFILE}"
-  certutil -d ${P_R_FIPSDIR} -K -f ${FIPSBADPWFILE} 2>&1
-  RET=$?
-  html_msg $RET 255 "Attempt to list FIPS module keys with incorrect password (certutil -K)"
-  echo "certutil -K returned $RET"
-
-  echo "$SCRIPTNAME: Validate the certificate --------------------------"
-  echo "certutil -d ${P_R_FIPSDIR} -V -n ${FIPSCERTNICK} -u SR -e -f ${R_FIPSPWFILE}"
-  certutil -d ${P_R_FIPSDIR} -V -n ${FIPSCERTNICK} -u SR -e -f ${R_FIPSPWFILE}
-  html_msg $? 0 "Validate the certificate (certutil -V -e)"
-
-  echo "$SCRIPTNAME: Export the certificate and key as a PKCS#12 file --"
-  echo "pk12util -d ${P_R_FIPSDIR} -o fips140.p12 -n ${FIPSCERTNICK} -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE}"
-  pk12util -d ${P_R_FIPSDIR} -o fips140.p12 -n ${FIPSCERTNICK} -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE} 2>&1
-  html_msg $? 0 "Export the certificate and key as a PKCS#12 file (pk12util -o)"
-
-  echo "$SCRIPTNAME: Export the certificate as a DER-encoded file ------"
-  echo "certutil -d ${P_R_FIPSDIR} -L -n ${FIPSCERTNICK} -r -o fips140.crt"
-  certutil -d ${P_R_FIPSDIR} -L -n ${FIPSCERTNICK} -r -o fips140.crt 2>&1
-  html_msg $? 0 "Export the certificate as a DER (certutil -L -r)"
-
-  echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
-  echo "certutil -d ${P_R_FIPSDIR} -L"
-  certutil -d ${P_R_FIPSDIR} -L 2>&1
-  html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
-  echo "$SCRIPTNAME: Delete the certificate and key from the FIPS module"
-  echo "certutil -d ${P_R_FIPSDIR} -F -n ${FIPSCERTNICK} -f ${R_FIPSPWFILE}"
-  certutil -d ${P_R_FIPSDIR} -F -n ${FIPSCERTNICK} -f ${R_FIPSPWFILE} 2>&1
-  html_msg $? 0 "Delete the certificate and key from the FIPS module (certutil -D)"
-
-
-  echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
-  echo "certutil -d ${P_R_FIPSDIR} -L"
-  certutil -d ${P_R_FIPSDIR} -L 2>&1
-  html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
-  echo "$SCRIPTNAME: List the FIPS module keys."
-  echo "certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
-  certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
-  # certutil -K now returns a failure if no keys are found. This verifies that
-  # our delete succeded.
-  html_msg $? 255 "List the FIPS module keys (certutil -K)"
-
-  echo "$SCRIPTNAME: Import the certificate and key from the PKCS#12 file"
-  echo "pk12util -d ${P_R_FIPSDIR} -i fips140.p12 -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE}"
-  pk12util -d ${P_R_FIPSDIR} -i fips140.p12 -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE} 2>&1
-  html_msg $? 0 "Import the certificate and key from the PKCS#12 file (pk12util -i)"
-
-  echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
-  echo "certutil -d ${P_R_FIPSDIR} -L"
-  certutil -d ${P_R_FIPSDIR} -L 2>&1
-  html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
-  echo "$SCRIPTNAME: List the FIPS module keys --------------------------"
-  echo "certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
-  certutil -d ${P_R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
-  html_msg $? 0 "List the FIPS module keys (certutil -K)"
-}
-
-############################## fips_cleanup ############################
-# local shell function to finish this script (no exit since it might be 
-# sourced)
-########################################################################
-fips_cleanup()
-{
-  html "</TABLE><BR>"
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-################## main #################################################
-
-fips_init
-
-fips_140_1
-fips_cleanup
-
diff --git a/security/nss/tests/header b/security/nss/tests/header
deleted file mode 100644
index b5d117b2d..000000000
--- a/security/nss/tests/header
+++ /dev/null
@@ -1,1623 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/header - /u/svbld/bin/init/nss/header
-#
-# variables, utilities and shellfunctions global to NSS QA
-# needs to work on all Unix platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-#   qa_stat
-#   mksymlinks 
-#   nssqa 
-#
-# parameters
-# ----------
-#   nssversion (supported: 30b, 31, 332, tip 32)
-#   builddate (default - today)
-#
-# options
-# -------
-#   -y answer all questions with y - use at your own risk... ignores warnings 
-#   -s silent (only usefull with -y)
-#   -h, -? - you guessed right - displays this text
-#   -d debug
-#   -f <filename> - write the (error)output to filename
-#   -fcronfile produces the resultfiles in the same locations
-#       as would have been produced with -cron
-#   -m <mailinglist> - send filename to mailinglist (csl) only useful
-#       with -f
-#   -ml <mailinglist> - send link to filename to mailinglist (csl) 
-#       only useful with -f
-#   -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.<scriptname>
-#   -t  run on a tinderbox build that means: local, from the startlocation
-#   -l <mozroot directory>  run on a local build mozroot
-#   -ln <mozroot> copy a networkbuild to a local directory mozroot, 
-#        used for networkindipendend QA
-#   -lt try to copy a networkbuild to a local directory, if not possible
-#        run on the network
-#        used for networkindipendend QA
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-# moduls (not yet)
-# ----------------
-#   --# INIT
-#   --# USERCOM
-#   --# UTILS
-#
-# FIXME - split in init / usercom / utils
-#
-########################################################################
-
-#------------------------------# INIT #------------------------------
-
-# below the option flags get initialized
-
-if [ -z "$QASCRIPT_DIR" ]
-then
-    QASCRIPT_DIR=`dirname $0`
-    if [ "$QASCRIPT_DIR" = '.' ]
-    then
-        QASCRIPT_DIR=`pwd`
-    fi
-fi
-export QASCRIPT_DIR
-
-O_HWACC=OFF
-if [ -z "$O_ALWAYS_YES" ] ; then
-    O_ALWAYS_YES=OFF    # turned on by -y answer all questions with y 
-fi
-
-if [ -z "$O_INIT" ] # header is global, some including scripts may not
-then                # want the init to run, the others don't need to bother
-    O_INIT=ON
-fi
-if [ -z "$O_PARAM" ] # header is global, some including scripts may not
-then                 # require parameters, the others don't need to bother
-    O_PARAM=ON
-fi
-if [ -z "$O_OPTIONS" ] # header is global, some including scripts may not
-then                # permit options, they don't need to bother
-    O_OPTIONS=OFF
-fi
-O_SILENT=OFF        # turned on by -s silent (only usefull with -y)
-if  [ -z "$O_DEBUG" ] ; then
-    O_DEBUG=OFF     # turned on by -d - calls to Debug produce output when ON
-fi
-O_FILE=OFF          # turned on by -f echo all output to a file $FILENAME
-O_CRON=OFF          # turned on by -cron cron use only
-O_CRONFILE=OFF      # turned on by -cron cron and -fcron
-O_LOCAL=OFF         # turned on by -l* run on a local build in $LOCAL_MOZROOT
-O_LN=OFF            # turned on by -ln and -lt, test a networkbuild locally
-O_MAIL=OFF          # turned on by -m - sends email
-O_MAIL_LINK=OFF     # turned on by -ml - sends email
-O_TBX=OFF           # turned on by -t run on a tinderbox build
-                    # that means: local, from the startlocation
-
-if  [ -z "$DOMSUF" ]
-then
-    
-    DOMSUF=red.iplanet.com
-    DS_WAS_SET=FALSE
-else
-    DS_WAS_SET=TRUE
-fi
-
-TMPFILES=""
-
-WAIT_FOR=600  # if waiting for an event sleep n seconds before rechecking 
-              # recomended value 10 minutes 600
-WAIT_TIMES=30 # recheck n times before giving up - recomended 30 - total of 5h
-
-if [ -z "$QAYEAR" ]   # may I introduce - the y2k+1 bug? QA for last year 
-then                  # might not work
-    QAYEAR=`date +%Y`
-fi
-
-if [ -z "$TMP" ]        
-then
-    if [  -z "$TEMP" ]
-    then
-        TMP="/tmp"
-    else
-        TMP=$TEMP
-    fi
-fi
-if [ ! -w "$TMP" ]        
-then
-    echo "Can't write to tmp directory $TMP - exiting"
-    echo "Can't write to tmp directory $TMP - exiting" >&2
-    exit 1
-fi
-
-KILLPIDS="$TMP/killpids.$$"
-export KILLERPIDS
-TMPFILES="$TMPFILES $KILLPIDS"
-
-KILL_SELFSERV=OFF   # if sourcing script sets this to on cleanup will also 
-                    # kill the running selfserv processes
-
-                    # Set the masterbuilds 
-if [ -z "$UX_MASTERBUILD" ]
-then                     
-    UX_MASTERBUILD=booboo_Solaris8
-    #if [ ! -d $UX_MASTERBUILD ] ; then
-        #UX_MASTERBUILD=booboo_Solaris8_forte6
-    #fi
-    UX_MB_WAS_SET=FALSE
-else
-    UX_MB_WAS_SET=TRUE
-fi
-if [ -z "$NT_MASTERBUILD" ]
-then                     
-    NT_MASTERBUILD=blowfish_NT4.0_Win95
-    NT_MB_WAS_SET=FALSE      # in this case later functions can override if
-                             # they find a different build that looks like NT
-else
-    NT_MB_WAS_SET=TRUE
-fi
-if [ -z "$MASTERBUILD" ]    
-then
-    MASTERBUILD=$UX_MASTERBUILD
-fi
-
-                    # Set the default build
-if [ -z "$BUILDNUMBER" ]    
-then
-    BUILDNUMBER=1
-fi
-export BUILDNUMBER
-O_LDIR=OFF          #local QA dir for NT, temporary
-
-if [ -z "$WIN_WAIT_FOREVER" ]    # header is global, some including scripts 
-then                # want the init to wait forever for directories to
-                    # appear (windows only) if OFF exit, if ON wait forever
-    WIN_WAIT_FOREVER=OFF
-fi
-
-                          # NOTE: following variables have to change 
-                          # from release to release
-if [ -z "$BC_MASTER" ]    # master directory for backwardscompatibility testing
-then
-    RH="NO"
-    grep 7.1 /etc/redhat-release > /dev/null 2>/dev/null && RH="YES"
-    grep 7.2 /etc/redhat-release > /dev/null 2>/dev/null && RH="YES"
-
-    if [ "$RH" = "YES" ] 
-    then                      # NSS-3-3-1RTM
-        BC_UX_MASTER=nss331/builds/20010928.2.331-RTM/booboo_Solaris8
-        BC_NT_MASTER=nss331/builds/20010928.2.331-RTM/blowfish_NT4.0_Win95
-    else                      # NSS-3-2-2RTM
-        BC_UX_MASTER=nss322/builds/20010820.1/y2sun2_Solaris8
-        BC_NT_MASTER=nss322/builds/20010820.1/blowfish_NT4.0_Win95
-    fi
-    BC_MASTER=$BC_UX_MASTER
-    BC_MASTER_WAS_SET=FALSE
-else
-    BC_MASTER_WAS_SET=TRUE
-fi
-BC_RELEASE=3.2
-export BC_RELEASE
-
-EARLY_EXIT=TRUE     #before the report file has been created, causes Exit to 
-                    #create it
-
-UX_D0=/share/builds/mccrel3/nss
-
-################################### glob_init ##########################
-# global shell function, main initialisation function
-########################################################################
-glob_init()
-{
-    if [ $O_PARAM = "ON" ] ; then
-        eval_opts $*    # parse parameters and options - set flags
-    fi
-                        # if running from cron HOST needs to be known early, 
-    init_host            # so the output file name can be constructed. 
-    Debug "Setting up environment...( $QASCRIPT_DIR/set_environment) "
-    . $QASCRIPT_DIR/set_environment #finds out if we are running on Windows
-    Debug "OPerating system: $os_name $os_full"
-    umask 0    
-    init_dirs
-    init_files
-    init_vars
-}
-
-################################### init_vars ###########################
-# global shell function, sets the environment variables, part of init 
-########################################################################
-init_vars()
-{
-    if [ -z "$LOGNAME" ]
-    then
-        if [ $O_WIN = "ON" ]
-        then
-            LOGNAME=$USERNAME
-        else
-            LOGNAME=$USER
-        fi
-        if [ -z "$LOGNAME" ]
-        then
-            LOGNAME=$UNAME
-            if [ -z "$LOGNAME" ]
-            then
-                LOGNAME=`basename $HOME`
-            fi
-        fi
-    fi
-    if [ -z "$LOGNAME" ]
-    then
-        Exit "Can't determine current user"
-    fi
-    case $HOST in
-        iws-perf)
-            O_HWACC=ON
-            HWACC_LIST="rainbow ncipher"
-            #MODUTIL="-add rainbow -libfile /usr/lib/libcryptoki22.so"
-            export HWACC_LIST
-            ;;
-        *)
-            O_HWACC=OFF
-            ;;
-    esac
-   export O_HWACC
-}
-
-########################################################################
-# functions below deal with setting up the directories and PATHs for
-# all different flavors of OS (Unix, Linux, NT MKS, NT Cygnus) and QA
-# (Standard, local tinderbox)
-########################################################################
-
-########################## find_nt_masterbuild #########################
-# global shell function, sets the nt masterbuild directories, part of init 
-########################################################################
-find_nt_masterbuild()
-{
-    NT_MASTERDIR=${DAILY_BUILD}/${NT_MASTERBUILD}
-    if [ "${NT_MB_WAS_SET}" = "FALSE" -a ! -d $NT_MASTERDIR ] ; then
-        if [ -d ${DAILY_BUILD}/*NT4* ] ; then
-            NT_MASTERBUILD=` cd ${DAILY_BUILD}; ls -d *NT4* `
-            Debug "NT_MASTERBUILD $NT_MASTERBUILD"
-            NT_MASTERDIR=${DAILY_BUILD}/${NT_MASTERBUILD}
-        fi
-    fi
-    Debug "NT_MASTERDIR $NT_MASTERDIR"
-}
-
-################################### set_daily_build_dirs ###########################
-# global shell function, sets directories 
-########################################################################
-set_daily_build_dirs()
-{
-    if [ "$O_LOCAL" = "ON" -a "$O_LN" = "OFF" ] ; then
-        DAILY_BUILD=${LOCAL_MOZROOT}        # on local builds NSS_VER_DIR and DAILY_BUILD are 
-                             # set to the LOCAL_MOZROOT, since it is not sure
-                             # if ../.. (DAILY_BUILD) even exists
-        LOCALDIST=${LOCAL_MOZROOT}/dist
-    elif [ "$O_TBX" = "ON" ] ; then
-        DAILY_BUILD="$TBX_DAILY_BUILD"
-        LOCALDIST=${UXDIST}
-    else
-        DAILY_BUILD=${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.${BUILDNUMBER}
-        LOCALDIST=${DAILY_BUILD}/${MASTERBUILD}/mozilla/dist
-    fi
-}
-
-map_os64()
-{
-  IS_64=""
-  case `uname -s` in
-      #OSF1) has been done already - always 64 bit
-      SunOS)
-          MAPPED_OS=Solaris*8
-          IS_64=`(isainfo -v | grep 64)>/dev/null 2>/dev/null && echo 64 bit`
-          if [ "$O_TBX" = "OFF" ] ; then
-              set_osdir
-              if [ -n "$IS_64" ]
-              then #Wait for the 64 bit build to finish...
-                  Debug Testing build for $MAPPED_OS in $OSDIR
-                  Wait ${OSDIR}/SVbuild.InProgress.1 0
-              fi
-          fi
-          ;;
-      AIX)
-          IS_64=`lslpp -l | grep "bos.64bit"> /dev/null && echo 64 bit`
-          ;;
-      HP-UX)
-          IS_64=`getconf KERNEL_BITS | grep 64 >/dev/null && echo 64 bit`
-          ;;
-  esac
-  Debug "Mapped OS to $MAPPED_OS"
-}
-
-
-
-################################### copy_to_local ########################
-# global shell function, copies the necessary directories from the 
-# daily build aerea to the local disk
-########################################################################
-copy_to_local()
-{
-    Debug "Copy network directories to local directories"
-    C2L_ERROR=0
-    if [ ! -d ${LOCAL_MOZROOT}/dist ] ; then
-        mkdir -p ${LOCAL_MOZROOT}/dist || C2L_ERROR=1
-    fi
-    if [ ! -d ${LOCAL_MOZROOT}/security/nss ] ; then
-        mkdir -p ${LOCAL_MOZROOT}/security/nss || C2L_ERROR=2
-    fi
-    if [ $C2L_ERROR != 0 ] ; then
-        Exit "copy_to_local: Can t make necesssary directories ($C2L_ERROR ) "
-    fi
-    if [ ! -d ${LOCAL_MOZROOT}/security/nss/tests ] ; then
-        cp -r ${TESTSCRIPTDIR} ${LOCAL_MOZROOT}/security/nss || C2L_ERROR=1
-    fi
-    if [ ! -d ${LOCAL_MOZROOT}/security/coreconf ] ; then
-        cp -r ${MOZILLA_ROOT}/security/coreconf ${LOCAL_MOZROOT}/security || C2L_ERROR=2
-    fi
-    
-    NO_DIRS=0;
-    if [ "$O_WIN" = "ON" ] ; then
-        OS_TARGET=WINNT;export OS_TARGET
-    fi
-    unset BUILD_OPT;export BUILD_OPT;
-    unset USE_64;export USE_64;
-#FIXME only tested on 64 bit Solaris and only got 32 bit builds
-    while [ $NO_DIRS -lt 4 ] ; do
-                                                  # first time thru: Debug 32 bit NT
-        set_objdir
-        Debug "Copying ${OBJDIR}..."
-        if [ ! -d ${LOCAL_MOZROOT}/dist/${OBJDIR} ] ; then
-            cp -r ${LOCALDIST}/${OBJDIR} ${LOCAL_MOZROOT}/dist || C2L_ERROR=3
-        fi
-        NO_DIRS=`expr $NO_DIRS + 1`
-        if [ $NO_DIRS = 1 ] ; then                # 2nd time: OPT 32 bit NT
-            BUILD_OPT=1; export BUILD_OPT;
-        elif [ $NO_DIRS = 2 ] ; then              # 3rd time: OPT, either 64 bit or Win95 or force exit
-            if [ "$O_WIN" = "ON" ] ; then
-                OS_TARGET=WIN95;export OS_TARGET
-            else
-                map_os64
-                if [ -z "$IS_64" ] ; then #32 bit platform
-                    NO_DIRS=4
-                else
-                    USE_64=1; export USE_64
-                fi
-            fi
-        elif [ $NO_DIRS = 3 ] ; then              # 4th time:  Debug either 64 bit or Win95
-            unset BUILD_OPT;export BUILD_OPT;
-        fi
-     
-            
-    done
-    if [ $C2L_ERROR != 0 ] ; then
-        Exit "copy_to_local: Can t copy necesssary directories ($C2L_ERROR ) "
-    fi
-    unset TESTSCRIPTDIR
-    unset TESTDIR
-    unset RESULTDIR
-    O_LN=OFF       #from here on pretend it is regular -l local QA FIXME, might cause 
-                   #problems with the backwardcompatibility tests
-    Debug "Successfully copied network directories to local directories"
-}
-
-################################### local_dirs ###########################
-# global shell function, sets the directories for local QA
-########################################################################
-local_dirs()
-{
-    Debug "Set directories for local QA"
-    #if [ "$O_WIN" = "ON" ] ; then
-        #win_set_tmp
-    #fi
-    NSS_VER_DIR=${LOCAL_MOZROOT}        # on local builds NSS_VER_DIR and DAILY_BUILD are 
-                         # set to the LOCAL_MOZROOT, since it is not sure
-                         # if ../../../.. (NSS_VER_DIR) even exists
-    if [ -z "${RESULTDIR}" ] ; then # needs to be local as well
-        Debug "Setting RESULTDIR for local QA"
-        RESULTDIR="${LOCAL_MOZROOT}/tests_results/security/${HOST}-`date +%Y%m%d-%H.%M`"
-    fi
-    set_daily_build_dirs
-    UX_MASTERDIR=`dirname ${LOCAL_MOZROOT}`
-    NT_MASTERDIR=$UX_MASTERDIR
-    MOZILLA_ROOT=${LOCAL_MOZROOT}
-
-    UXDIST=${MOZILLA_ROOT}/dist
-    NTDIST=${UXDIST}
-
-    if [ -z "${TESTDIR}" ] ; then 
-        Debug "Setting TESTDIR for local QA"
-        TESTDIR=${RESULTDIR}
-    fi
-    if [ -n "$TESTDIR" ] ; then
-        if [ ! -d $TESTDIR ] ; then
-            Debug "Making TESTDIR for local QA"
-            mkdir -p $TESTDIR
-        fi
-    fi
-    export TESTDIR
-    Debug "RESULTDIR $RESULTDIR TESTDIR $TESTDIR"
-
-    TESTSCRIPTDIR=${LOCAL_MOZROOT}/security/nss/tests
-    COMMON=${TESTSCRIPTDIR}/common
-
-    set_objdir
-    debug_dirs
-    export_dirs
-}
-
-
-################################### tbx_dirs ###########################
-# global shell function, sets the directories for tinderbox QA
-########################################################################
-tbx_dirs()
-{
-    Debug "Set directories for tinderbox"
-    if [ "$O_WIN" = "ON" ] ; then
-        win_set_d1 # we need the NSS_VER_DIR later
-    else
-        NSS_VER_DIR="$UX_D0"/nss$NSSVER
-    fi
-    if [ -z "${RESULTDIR}" ] ; then # needs to be different for tinderbox
-        Debug "Setting RESULTDIR for tinderbox"
-        TBX_NOBITS=""
-        echo $QASCRIPT_DIR | grep 64  >/dev/null && TBX_NOBITS=64
-        TRD="${HOST}${TBX_NOBITS}-`date +%Y%m%d-%H.%M`"
-        RESULTDIR="${NSS_VER_DIR}/tinderbox/tests_results/security/${TRD}"
-    fi
-    TBX_DAILY_BUILD=`cd ../../../../..;pwd`
-    NSS_VER_DIR="${TBX_DAILY_BUILD}/../.." 
-    TBX_LOGFILE_DIR=`ls ${NSS_VER_DIR}/logs/tinderbox | sed -e 's/ .*//g'`
-    if [ -z "$TBX_LOGFILE_DIR" ] ; then
-        TBX_LOGFILE_DIR=`ls ${NSS_VER_DIR}/logs/tbx | sed -e 's/ .*//g'`
-        TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tbx/${TBX_LOGFILE_DIR}"
-    else
-        TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/${TBX_LOGFILE_DIR}"
-    fi
-    Debug "Set TBX_LOGFILE_DIR ${TBX_LOGFILE_DIR}"
-    
-    set_daily_build_dirs
-    UX_MASTERDIR=`cd ../../../..;pwd`
-    NT_MASTERDIR=$UX_MASTERDIR
-    MOZILLA_ROOT=$UX_MASTERDIR/mozilla
-
-    UXDIST=${MOZILLA_ROOT}/dist
-    NTDIST=${UXDIST}
-
-    if [ -z "${TESTDIR}" ] ; then 
-        Debug "Setting TESTDIR for tinderbox"
-        TESTDIR=${RESULTDIR}
-    fi
-    if [ -n "$TESTDIR" ] ; then
-        if [ ! -d $TESTDIR ] ; then
-            Debug "Making TESTDIR for tinderbox"
-            mkdir -p $TESTDIR
-        fi
-    fi
-    Debug "Making QAstatus file"
-    echo "QA running" >${TESTDIR}/QAstatus
-    export TESTDIR
-    Debug "RESULTDIR $RESULTDIR TESTDIR $TESTDIR"
-
-    TESTSCRIPTDIR=`pwd`
-    COMMON=${TESTSCRIPTDIR}/common
-
-    set_objdir
-    debug_dirs
-    export_dirs
-}
-
-################################### init_mcom ###########################
-# global shell function, sets domain specific variables for AOL's 
-# domains according to Bishakah's instructions
-########################################################################
-init_mcom()
-{
-    Debug "Running in mcom or netscape domain - changing directories..."
-    if [ "${UX_MB_WAS_SET}" = "FALSE" ] ; then #in case it was set
-        # before script was called use these values 
-        UX_MASTERBUILD=spd04_Solaris8
-    fi
-    if [ "${NT_MB_WAS_SET}" = "FALSE" ] ; then 
-        UX_MASTERBUILD=spd06_NT4
-    fi
-    MASTERBUILD=$UX_MASTERBUILD
-    if [ "${BC_MASTER_WAS_SET}" = "FALSE" ] ; then
-        BC_UX_MASTER=nss332/builds/20011213.1/spd04_Solaris8
-        BC_UX_MASTER=nss332/builds/20011213.1/spd06_NT4
-        BC_MASTER=$BC_UX_MASTER
-    fi
-    UX_D0=/share/builds/components2/mccrel/nss
-}
-################################### init_dirs ###########################
-# global shell function, sets the directories for standard QA
-# calls special functions for tinderbox, windows or local QA, part of init 
-########################################################################
-init_dirs()
-{
-    if [ ${DOMSUF} = "mcom.com" -o  ${DOMSUF} = "netscape.com" ] ; then
-        init_mcom
-    fi
-    if [ $O_WIN = "ON" ] ; then
-        win_set_tmp
-        write_to_tmpfile
-        MASTERBUILD=$NT_MASTERBUILD
-        BC_MASTER=$BC_NT_MASTER
-    fi
-    if [ "$O_LOCAL" = "ON" -a $O_LN = "OFF" ] ; then  # if it is a LN we need to know
-                       # all the directories off the network first to copy them
-        local_dirs     # O_LOCAL alone assumes that all the directories are already there 
-        return
-    elif [ "$O_TBX" = "ON" ] ; then
-        tbx_dirs
-        return
-    elif [ "$O_WIN" = "ON" ] ; then
-        win_set_d1
-    else
-        NSS_VER_DIR="$UX_D0"/nss$NSSVER
-    fi
-    #set -x
-
-    set_daily_build_dirs
-
-    if [ -z "${BCDIST}" ] ; then
-        #BCDIST=/share/builds/mccrel3/nss/${BC_MASTER}/mozilla/dist
-        BCDIST=${NSS_VER_DIR}/../${BC_MASTER}/mozilla/dist
-        if [ ! -d $BCDIST -a `basename $0` != jssqa ] ; then
-            ask "Backward compatibility directory $BCDIST does not exist, continue" "y" "n" || Exit
-        fi
-    fi
-
-    UX_MASTERDIR=${DAILY_BUILD}/${UX_MASTERBUILD}
-    find_nt_masterbuild
-
-    if [ "$O_WIN" = "ON" ]
-    then
-        MOZILLA_ROOT=${NT_MASTERDIR}/mozilla
-    else
-        MOZILLA_ROOT=${UX_MASTERDIR}/mozilla
-    fi
-
-    UXDIST=${UX_MASTERDIR}/mozilla/dist
-    NTDIST=${NT_MASTERDIR}/mozilla/dist
-
-    if [ -z "${RESULTDIR}" ] ; then 
-        RESULTDIR=${UX_MASTERDIR}/mozilla/tests_results/security
-    fi
-
-    if [ -n "$PRODUCT_TO_TEST" -a "$PRODUCT_TO_TEST" = "JSS" ] ; then
-
-        if [ "$O_WIN" = "ON" ] ; then
-            JSS_NSS_SRC_DIR=$JSS_NSS_NT_SRC_DIR
-        fi
-        TESTSCRIPTDIR=${NSS_VER_DIR}/../${JSS_NSS_SRC_DIR}/mozilla/security/nss/tests
-    else
-        TESTSCRIPTDIR=${MOZILLA_ROOT}/security/nss/tests
-    fi
-
-    if [ ! -d $TESTSCRIPTDIR -a `basename $0` != jssqa ] ; then
-        if [ "$O_WIN" = "ON" -a "$WIN_WAIT_FOREVER" = "ON" ]
-        then
-            WaitForever $TESTSCRIPTDIR/all.sh 1
-        else
-            Exit "Test directory $TESTSCRIPTDIR does not exist"
-        fi
-    fi
-
-    COMMON=${TESTSCRIPTDIR}/common
-    if [ "$O_LOCAL" = "ON" -a $O_LN = "ON" ] ; then  # if it is a LN we need to know
-                       # all the directories off the network first to copy them
-        copy_to_local
-        local_dirs     
-    fi
-    #set +x
-
-
-    set_objdir
-    debug_dirs
-    export_dirs
-}
-
-debug_dirs()
-{
-    Debug "NTDIST $NTDIST"
-    Debug "UXDIST $UXDIST"
-    Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-    Debug "RESULTDIR $RESULTDIR"
-    Debug "TMP $TMP"
-    Debug "LOCALDIST_BIN $LOCALDIST_BIN"
-    Debug "COMMON $COMMON"
-    Debug "MOZILLA_ROOT $MOZILLA_ROOT"
-    Debug "BCDIST $BCDIST"
-}
-
-export_dirs()
-{
-    export NSS_VER_DIR DAILY_BUILD NTDIST UXDIST RESULTDIR TESTSCRIPTDIR BCDIST
-    export UX_MASTERDIR NT_MASTERDIR COMMON MOZILLA_ROOT
-}
-
-set_osdir()
-{
-    OSDIR=${DAILY_BUILD}/*${MAPPED_OS}*
-}
-
-################################### init_files ###########################
-# global shell function, sets filenames, initializes files, part of init 
-########################################################################
-init_files()
-{
-    if [ $O_CRONFILE = "ON" ]
-    then
-        Debug "attempting to create resultfiles"
-        if [ "$O_TBX" = "ON" ] ; then
-            NEWFILENAME=${TBX_LOGFILE_DIR}/qa.log
-            if [ ! -w ${TBX_LOGFILE_DIR} ] ; then
-                Exit "can't touch $NEWFILENAME"
-            fi
-        else
-            NEWFILENAME=$RESULTDIR/$HOST.`basename $0`
-        fi
-        if [ ! -d $RESULTDIR ]
-        then
-            mkdir -p $RESULTDIR || Exit "Error: can't make $RESULTDIR"
-        fi
-        if [ ! -w $RESULTDIR ] ; then
-            Exit "can't touch $NEWFILENAME"
-        fi
-        Debug "About to touch $NEWFILENAME "
-        touch $NEWFILENAME || Exit "Error: can't touch $NEWFILENAME"
-        if [ "$O_TBX" = "ON" ] ; then
-             echo "QA results in $RESULTDIR" >>$NEWFILENAME || Exit "Error: can't write to $NEWFILENAME"
-        fi
-        Debug "About to cat $FILENAME >>$NEWFILENAME "
-        cat $FILENAME >>$NEWFILENAME || Exit "Error: can't append $FILENAME to $NEWFILENAME"
-        TMPFILES="$TMPFILES $FILENAME"
-        FILENAME=$NEWFILENAME
-        Debug "Writing output to $FILENAME"
-    fi
-
-}
-
-################################### write_to_tmpfile ##########################
-# global shell function, for NT and cron operation, first a tmpfile 
-# needs to be created
-########################################################################
-write_to_tmpfile()
-{
-    O_CRONFILE=ON
-    O_FILE=ON
-    FILENAME=${TMP}/nsstmp.$$    # for now write to the temporary file
-                                 # since we don't know the hostname yet
-                                 # will be inserted to the real file later
-    TMPFILES="$TMPFILES nsstmp.$$"        
-    touch $FILENAME || Exit "Error: can't touch $FILENAME"
-    Debug "Writing output to $FILENAME"
-}
-
-############################# turn_on_cronoptions ######################
-# global shell function, turns on options needed for cron and tinderbox
-########################################################################
-turn_on_cronoptions()
-{
-    O_CRON=ON
-    O_SILENT=ON
-    O_DEBUG=ON                # FIXME take out!
-    O_ALWAYS_YES=ON
-    write_to_tmpfile
-}
-
-########################## test_mozroot ##########################
-# global shell function, determines if the variable LOCAL_MOZROOT is set, 
-# and is usable as mozilla root diretory for a local QA
-###################################################################
-test_mozroot()
-{
-  PWD=`pwd`
-  Debug "LOCAL_MOZROOT = $LOCAL_MOZROOT"
-  case "$LOCAL_MOZROOT" in
-      [0-9-]*|tip)
-          glob_usage "Error: -"$1" requires a directoryname to follow (start with a letter) "
-          ;;
-      \.\.)
-          LOCAL_MOZROOT=`dirname $PWD`
-          ;;
-      \.)
-          LOCAL_MOZROOT=$PWD
-          ;;
-      \.\/*)
-          LOCAL_MOZROOT=`echo $LOCAL_MOZROOT | sed -e "s/^\.//"`
-          LOCAL_MOZROOT="${PWD}${LOCAL_MOZROOT}"
-          ;;
-      \.\.\/*)
-          LOCAL_MOZROOT="${PWD}/${LOCAL_MOZROOT}"
-          ;;
-      \/*|[a-zA-Z]:\/*)
-          ;;
-      ?*)
-          LOCAL_MOZROOT="${PWD}/${LOCAL_MOZROOT}"
-          ;;
-      *)
-          glob_usage "Error: -"$1" requires a directoryname to follow"
-          ;;
-  esac
-  Debug "Reformated MOZROOT to $LOCAL_MOZROOT"
-  if [ "$1" = "ln" ] ; then
-      LOCAL_MOZROOT_PARENT=`dirname $LOCAL_MOZROOT`
-      if [ ! -d $LOCAL_MOZROOT_PARENT -o ! -w $LOCAL_MOZROOT_PARENT -o \
-           ! -x $LOCAL_MOZROOT_PARENT ] ; then
-              Exit "Error: Can't create $LOCAL_MOZROOT (permissions)"
-      fi
-      if [ ! -d "$LOCAL_MOZROOT" ] ; then
-          mkdir $LOCAL_MOZROOT ||
-              Exit "Error: Can't create mozroot $LOCAL_MOZROOT (mkdir failed)"
-      else
-          ask "mozroot $LOCAL_MOZROOT exists - continue (y will remove dir) ?" \
-               "y" "n" || Exit
-          rm -rf $LOCAL_MOZROOT/dist $LOCAL_MOZROOT/security $LOCAL_MOZROOT/tests_results ||
-              Exit "Error: Can't clean mozroot $LOCAL_MOZROOT"
-      fi
-  fi
-  if [ ! -d "$LOCAL_MOZROOT" ] ; then
-      glob_usage "Error: mozilla root $LOCAL_MOZROOT not a valid directory"
-  fi
-}
-
-################################### eval_opts ##########################
-# global shell function, evapuates options and parameters, sets flags
-# variables and defaults
-########################################################################
-eval_opts()
-{
-  while [ -n "$1" ]
-  do
-    case $1 in
-        -cron)
-            turn_on_cronoptions
-            ;;
-        -T*|-t*)
-            O_TBX=ON
-            turn_on_cronoptions
-            O_SILENT=OFF	#FIXME debug only
-            ;;
-        -S*|-s*)
-            O_SILENT=ON
-            ;;
-        -Y*|-y)
-            Debug "Option -y dedectet"
-            O_ALWAYS_YES=ON
-            ;;
-        -d*|-D)
-            O_DEBUG=ON
-            #set -x
-            ;;
-        -ml|-ML)
-            O_MAIL_LINK=ON
-            shift
-            MAILINGLIST=$1
-            if [ -z "$MAILINGLIST" ]
-            then
-                glob_usage "Error: -m requires a mailinglist to follow, for example sonmi,wtc,nelsonb "
-            fi
-            Debug "Sending link to result to $MAILINGLIST"
-            ;;
-        -m|-M)
-            O_MAIL=ON
-            shift
-            MAILINGLIST=$1
-            if [ -z "$MAILINGLIST" ]
-            then
-                glob_usage "Error: -m requires a mailinglist to follow, for example sonmi,wtc,nelsonb "
-            fi
-            Debug "Sending result to $MAILINGLIST"
-            ;;
-        -fcron*|-F[Cc][Rr][Oo][Nn]*)
-            write_to_tmpfile
-            ;;
-        -f|-F)
-            O_FILE=ON
-            shift
-            FILENAME=$1
-            if [ -z "$FILENAME" ]
-            then
-                glob_usage "Error: -f requires a filename to follow"
-            fi
-            #rm -f $FILENAME 2>/dev/null
-            touch $FILENAME || Exit "Error: can't touch $FILENAME"
-                                    #NOTE we append rather that creating
-            Debug "Writing output to $FILENAME"
-            ;;
-        -h|-help|"-?")
-            glob_usage
-            ;;
-        -ln)
-            if [ `basename $0` != nssqa ] ; then
-                glob_usage "Error: Can't handle option $1"
-            fi
-            O_LOCAL=ON
-            O_LN=ON
-            shift
-            LOCAL_MOZROOT=$1
-            test_mozroot ln
-            ;;
-        -lt)
-            if [ `basename $0` != nssqa ] ; then
-                glob_usage "Error: Can't handle option $1"
-            fi
-            O_LN=ON
-            O_LOCAL=ON
-            ;;
-        -l)
-            if [ `basename $0` != nssqa ] ; then
-                glob_usage "Error: Can't handle option $1"
-            fi
-            O_LOCAL=ON
-            shift
-            LOCAL_MOZROOT=$1
-            test_mozroot l
-            ;;
-        -p)
-            shift
-            PORT=$1
-            export PORT
-            ;;
-        -*)
-            glob_usage "Error: Can't handle option $1"
-            ;;
-        tip|3.|3..)
-            NSSVER=$1
-            if [ -z "$NSSVER" ] ; then
-                glob_usage "Error: illegal parameter"
-            fi
-            ;;
-        [01][0-9][0123][0-9])
-            BUILDDATE=$1
-            if [ -z "$BUILDDATE" ] ; then
-                glob_usage "Error: illegal parameter"
-            fi
-            ;;
-        ?*)
-            glob_usage "Error: Can't handle parameter $1"
-            ;;
-    esac
-    shift
-  done
-
-  if [ -z "$PORT" -a "$O_TBX" = "ON" ] ; then
-      PORT=8444
-      export PORT
-      if [ -z "$NSSVER" ] ; then
-          NSSVER="tip"
-          Debug "NSS Version: Parameters missing - defaulting to tip!"
-      fi
-  elif [ -z "$NSSVER" ] ; then
-      NSSVER="341"
-      Debug "NSS Version: Parameters missing - defaulting to 341!"
-  fi
-  if [ -z "$BUILDDATE" ] ; then
-      BUILDDATE=`date +%m%d`
-      Debug "Builddate: Parameters missing - defaulting to today!"
-  fi
-  
-  Debug "Builddate $BUILDDATE NssVersion $NSSVER"
-  export BUILDDATE NSSVER
-  export O_CRON O_SILENT O_DEBUG O_ALWAYS_YES O_TBX
-}
-
-win_set_tmp()
-{
-    TMP=`echo "$TMP" | sed -e 's/	/\/t/g' -e 's//\/b/' -e 's/\\\/\//g'`
-    Debug "TMP reformated to $TMP"
-}
-
-######################### win_set_d1 ################################
-# global shell function, interactively finds the directories in case
-# windows can't get to the default
-########################################################################
-win_set_d1()
-{
-    Debug "set Windows Directories..."
-    #win_set_tmp
-    if [ "$O_CYGNUS" = ON ]
-    then
-        NSS_VER_DIR=/cygdrive/w/nss/nss$NSSVER
-    else
-        NSS_VER_DIR=w:/nss/nss$NSSVER
-    fi
-    if [ ! -w $NSS_VER_DIR ]
-    then
-        Echo "Windows special... can't write in $NSS_VER_DIR"
-        if [ "$O_CYGNUS" = ON ]
-        then
-            NSS_VER_DIR=/cygdrive/u/nss/nss$NSSVER
-        else
-            NSS_VER_DIR="u:/nss/nss$NSSVER"
-        fi
-    else
-        Debug "NSS_VER_DIR set to $NSS_VER_DIR"
-        return
-    fi
-
-    while [ ! -w $NSS_VER_DIR ]
-    do
-        if [ "$O_CRONFILE" = "ON" ] 
-        then
-            Exit "cant write in $NSS_VER_DIR" 
-        fi
-        Warning "cant write in $NSS_VER_DIR" 
-        Echo "input start directory (u:/nss, d:/src/nss, f:/shared/nss) "
-        read D
-        if [ -n "$D" ]
-        then
-            NSS_VER_DIR=$D/nss$NSSVER
-        fi
-    done
-    Debug "NSS_VER_DIR set to $NSS_VER_DIR"
-}
-
-########################### init_host ##################################
-# global shell function, sets required variables HOST and DOMSUF, and asks
-# the user if it has been set right
-########################################################################
-set_host()
-{
-    init_host
-}
-init_host()
-{
-    if [ `basename $0` != nssqa ] ; then
-        return
-    fi
-
-    init_host_done=0
-
-    if [ $DS_WAS_SET = FALSE ] #give chance to overwrite, espec. for NT
-    then
-        Debug "Domainname was not set..."
-        DOMSUF=`domainname 2>/dev/null`
-        if [ -z "$DOMSUF" ]
-        then
-            Debug "domainname command did not work ..."
-            DOMSUF=`echo $HOST | grep '\.' | sed -e "s/[^\.]*\.//"`
-    
-            if [ -z "$DOMSUF" ]
-            then
-                Debug "Domainname not part of the hostname"
-                DOMSUF=`cat /etc/defaultdomain 2>/dev/null`
-                if [ -z "$DOMSUF" ]
-                then
-                    Debug "Domainname needs to be hardcoded to red.iplanet.com"
-                    DOMSUF="red.iplanet.com"
-                fi
-            fi
-        fi
-    fi
-    case $HOST in
-        *\.*)
-            Debug "HOSTNAME $HOST contains Dot"
-            HOST=`echo $HOST | sed -e "s/\..*//"`
-            ;;
-    esac
-    if [ -z "$HOST" ]
-    then
-        HOST=`uname -n`
-        case $HOST in
-            *\.*)
-                Debug "HOSTNAME $HOST contains Dot"
-                HOST=`echo $HOST | sed -e "s/\..*//"`
-                ;;
-        esac
-    fi
-    if [ $O_DEBUG = "ON" ]
-    then
-        while [ $init_host_done -eq 0 ]
-        do
-            Echo
-            ask "DOMSUF=$DOMSUF, HOST=$HOST - OK", "y" "n" &&
-                init_host_done=1
-            if [ $init_host_done -eq 0 ]
-            then
-                Echo "input DOMSUF: "
-                read D
-                if [ -n "$D" ]
-                then
-                    DOMSUF=$D
-                fi
-                Echo "input HOST: "
-                read H
-                if [ -n "$H" ]
-                then
-                    HOST=$H
-                fi
-            fi
-        done
-    fi
-    export HOST DOMSUF
-    Debug "HOST: $HOST, DOMSUF: $DOMSUF"
-}
-
-#-----------------------------# UTILS #----------------------------------
-
-########################### qa_stat_get_sysinfo ########################
-# local shell function, tries to determine the QA operating system
-########################################################################
-qa_stat_get_sysinfo()
-{
-    case $1 in
-        ?*) REM_SYS=$1
-            GET_SYSINFO="rsh $1"
-            ;;
-        *)  REM_SYS=""
-            GET_SYSINFO=""
-            ;;
-    esac
-    QA_SYS=`$GET_SYSINFO uname -sr`
-    echo $QA_SYS | grep Linux >/dev/null &&
-              QA_RHVER=`$GET_SYSINFO cat /etc/redhat-release`
-    if [ -n "$QA_RHVER" ]
-    then
-        QA_OS=`echo $REM_SYS $QA_RHVER | sed -e "s/Red Hat /RH /" \
-                    -e "s/ release//"`
-    else
-        case $QA_SYS in
-            *SunOS*5.[89]*)
-                ISAINFO=`$GET_SYSINFO isainfo -v`
-                IS_64=`echo $ISAINFO | grep 64 >/dev/null && \
-                    echo 64 bit`
-                IS_I386=`echo $ISAINFO | grep i386 >/dev/null && \
-                    echo i86pc`
-                if [ -n "$IS_I386" ] ; then IS_64="$IS_I386"; fi;
-                if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
-                ;;
-            *HP*)
-                IS_64=`$GET_SYSINFO getconf KERNEL_BITS |
-                    grep 64 >/dev/null && echo 64 bit`
-                if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
-                ;;
-            *AIX*)
-                IS_64=`$GET_SYSINFO lslpp -l |
-                    grep "bos.64bit"> /dev/null && echo 64 bit`
-                if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
-                ;;
-        esac
-        QA_OS=`echo "$REM_SYS $QA_SYS $IS_64"`
-    fi
-    if [ "$O_SILENT" != ON ] ; then
-        echo $QA_OS
-    fi
-    QA_OS_STRING=`echo $QA_OS | sed -e "s/^[_ ]//" -e "s/ /_/g"`
-}
-
-################################### set_objdir #########################
-# global shell function, sets the object directories and DIST
-########################################################################
-set_objdir()
-{
-    Debug "set object dir"
-    OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
-    OS_ARCH=`cd ${TESTSCRIPTDIR}/common; gmake os_arch`
-    
-    #at this point $MASTERBUILD needs to be either NT or unix
-
-    set_daily_build_dirs
-    LOCALDIST_BIN=${LOCALDIST}/${OBJDIR}/bin
-    DIST=$LOCALDIST
-
-    if [ -z "${TEST_LEVEL}" ] ; then 
-        TEST_LEVEL=0
-    fi
-    bc ${TEST_LEVEL}   #set the path for the backward compatibility test
-
-    PATH_CONTAINS_BIN="TRUE"
-    export PATH_CONTAINS_BIN
-
-    export OBJDIR OS_ARCH LOCALDIST LOCALDIST_BIN DIST PATH 
-}
-
-########################### bc #########################################
-# global shell function , sets paths for the backward compatibility test
-########################################################################
-bc()
-{
-  if [ -n "$PRODUCT_TO_TEST" -a "$PRODUCT_TO_TEST" = "JSS" ] ; then
-      TESTDIR=${RESULTDIR}
-      BC_ACTION=""
-      DON_T_SET_PATHS="FALSE" #let init.sh override - FIXME - check if necessary
-      return
-  fi
-  DON_T_SET_PATHS="TRUE"
-  case $1 in
-    0)
-      #unset TESTDIR
-      TESTDIR=${RESULTDIR}
-      if [ "$O_WIN" = "ON" -a "$O_CYGNUS" != ON ] ; then
-          PATH="$TESTSCRIPTDIR;$LOCALDIST_BIN;$BASEPATH"
-      else
-          PATH=$TESTSCRIPTDIR:$LOCALDIST_BIN:$BASEPATH
-      fi
-      BC_ACTION=""
-      DON_T_SET_PATHS="FALSE" #let init.sh override - FIXME - check if necessary
-      ;;
-    *)
-      if [ "$O_LOCAL" = "ON" ] ; then
-          Exit "FIXME Can't run backwardcompatibility tests locally yet"
-      fi
-      TESTSCRIPTDIR=${BCDIST}/../security/nss/tests
-      COMMON=${TESTSCRIPTDIR}/common
-      TESTDIR=${RESULTDIR}/bct
-      BC_ACTION="backward compatibility of binaries in $BC_MASTER to new libs"
-      BCDIST_BIN=${BCDIST}/${OBJDIR}/bin
-      LD_LIBRARY_PATH=${LOCALDIST}/${OBJDIR}/lib
-      if [ "$O_WIN" = "ON" ] ; then
-          if [ "$O_CYGNUS" = ON ] ; then
-              PATH=$TESTSCRIPTDIR:$BCDIST_BIN:$BASEPATH:$LD_LIBRARY_PATH
-          else
-              PATH="$TESTSCRIPTDIR;$BCDIST_BIN;$BASEPATH;$LD_LIBRARY_PATH"
-          fi
-      else
-          PATH=$TESTSCRIPTDIR:$BCDIST_BIN:$BASEPATH
-      fi
-      Debug "1st stage of backward compatibility test"
-      ;;
-  esac
-  if [ -n "$TESTDIR" ] ; then
-      if [ ! -d $TESTDIR ] ; then
-          mkdir -p $TESTDIR
-      fi
-      export TESTDIR
-  fi
-  SHLIB_PATH=${LD_LIBRARY_PATH}
-  LIBPATH=${LD_LIBRARY_PATH}
-  Debug "PATH $PATH"
-  Debug "LD_LIBRARY_PATH $LD_LIBRARY_PATH"
-  export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
-  export DON_T_SET_PATHS BC_ACTION
-  export TESTSCRIPTDIR COMMON
-}
-
-########################### Ps #########################################
-# global shell function , attempts a platform specific ps
-########################################################################
-Ps()
-{
-#AIX, OSF ps -ef, solaris /usr/5bin/ps -ef, win ps -ef but no user id
-#linux ps -ef, HP
-
-    if [ $os_name = "SunOS" ]
-    then
-        /usr/5bin/ps -ef
-    else
-        ps -ef
-    fi
-}
-
-########################### kill_by_name ################################
-# global shell function , kills the process whose name is given as 
-# parameter 
-########################################################################
-kill_by_name()
-{
-    for PID in `Ps | grep "$1" | grep -v grep | \
-        sed -e "s/^ *//g" -e "s/^[^ ]* //" -e "s/^ *//g" -e "s/ .*//g"`
-    do
-        if [ $O_WIN = "ON" -a $O_CYGNUS = "ON" ]
-        then
-            ask "Do you want to kill Process $PID (`Ps | grep $PID | \
-                grep -v grep | awk '{ print $1, $2, $6, $7, $8, $9 }' | \
-                sed -e "s/[0-9]:[0-6][0-9]//g" | grep $PID `)" \
-                "y" "n" && {
-                kill $PID
-                sleep 1
-                kill -9 $PID 2>/dev/null
-            }
-        else
-            ask "Do you want to kill Process $PID (`Ps | grep $PID | \
-                grep -v grep | awk '{ print $1, $2, $8, $9, $10, $11 }' | \
-                sed -e "s/[0-9]:[0-6][0-9]//g" | grep $PID `)" \
-                "y" "n" && {
-                kill $PID
-                sleep 1
-                kill -9 $PID 2>/dev/null
-            }
-        fi
-    done
-}
-
-############################### early_exit ###################################
-# global shell function , attempts a little more usefull user notification
-# of a complete failure
-########################################################################
-
-early_exit()
-{
-    if [ -z "$DOCDIR" ]
-    then
-        DOCDIR=`dirname $0`/../doc
-    fi
-    if [ -f $DOCDIR/QAerror.html ]
-    then
-        Debug "Found QA errorheader"
-        rm ${FILENAME}.err 2>/dev/null
-        cp $DOCDIR/QAerror.html ${FILENAME}.err
-        echo "$1" >>${FILENAME}.err
-        echo '</font></b></h1>' >>${FILENAME}.err
-        if [ -n "$FILENAME" -a -f "$FILENAME" ]
-        then
-            cat $FILENAME | sed -e "s/^/<br>/" >>${FILENAME}.err
-        fi
-        echo '</body></html>' >>${FILENAME}.err
-        cat ${FILENAME}.err | $RMAIL $MAILINGLIST
-        
-        rm ${FILENAME}.err 2>/dev/null
-        #echo "cat ${FILENAME}.err | $RMAIL $MAILINGLIST "
-    fi
-}
-
-############################### Exit ###################################
-# global shell function , central exiting point
-# cleanup: temporary files, kill the remaining selfservers if sourcing
-# script sets KILL_SELFSERV 
-########################################################################
-Exit()
-{
-    Echo $1    
-    if [ "$O_CRON" = "OFF" ] 
-    then
-        echo $1 >&2
-    fi
-    if [ -f "${KILLPIDS}" ]
-    then
-        Debug "Attempting to kill background processes...`cat ${KILLPIDS}`"
-        kill `cat "${KILLPIDS}"` 
-        sleep 1
-        kill -9  `cat "${KILLPIDS}"`
-    fi
-    if [ -n "${TMPFILES}" ]
-    then
-        Debug "rm -f ${TMPFILES}"
-        rm -f $TMPFILES 2>/dev/null
-    fi
-    O_ALWAYS_YES=ON # set to non-interactive - don't ask anymore questions here
-    if [ $KILL_SELFSERV = "ON" ]
-    then
-        kill_by_name selfserv
-    fi
-    if [ $O_MAIL_LINK = "ON" -a $O_FILE = "ON" ]
-    then
-        if [ $EARLY_EXIT = TRUE ]    #before the report file has been created
-        then
-            early_exit "$1"
-        else
-            head -3  $FILENAME >$ML_FILE
-            echo "Content-Type: text/plain; charset=us-ascii; format=flowed
-    Content-Transfer-Encoding: 7bit
-
-" >>$ML_FILE
-            echo $HREF_TMP_HTML_FILE >>$ML_FILE
-            cat $ML_FILE | $RMAIL $MAILINGLIST
-        fi
-
-#FIXME - early exit etc
-    elif [ $O_MAIL = "ON" -a $O_FILE = "ON" ]
-    then
-        if [ $EARLY_EXIT = TRUE ]    #before the report file has been created
-        then
-            early_exit "$1"
-        elif [ -n "$FILENAME" -a -f "$FILENAME" ]
-        then
-            cat $FILENAME | $RMAIL $MAILINGLIST
-        fi
-        #rm $FILENAME 2>/dev/null
-    elif  [ $O_MAIL = "ON" -a $EARLY_EXIT = TRUE ]
-    then
-        early_exit "$1"
-        rm $FILENAME 2>/dev/null
-    fi
-    #chmod a+rw ${RESULTDIR} ${RESULTDIR}/* ${RESULTDIR}/*/* &
-    if [ -n "$O_TBX" -a "$O_TBX" = "ON" ] ; then
-        rm ${TESTDIR}/QAstatus
-
-        if [ "$1" = "killed... cleaning up..." ] ; then
-            echo "QA killed" >${TESTDIR}/QAstatus
-        elif [ "$TBX_EXIT" = 0 ] ; then
-            echo "QA passed" >${TESTDIR}/QAstatus
-        else
-            echo "QA failed" >${TESTDIR}/QAstatus
-        fi
-
-        exit $TBX_EXIT
-         
-    else
-        exit
-    fi
-}
-
-trap "rm -f ${TMPFILES} 2>/dev/null; Exit 'killed... cleaning up...'" 2 3 15
-
-################################ Wait ##################################
-# global shell function to wait for an event to happen, 1st parameter
-# filename to watch, 2nd parameter 0 - wait for it to disappear, 1 wait
-# for it to be created.
-# uses the variables WAIT_FOR and WAIT_TIMES
-# WAIT_FOR: if waiting for an event sleep n seconds before rechecking 
-#     recomended value 10 minutes 600
-# WAIT_TIMES: recheck n times before giving up to prevent endless loop
-#     recomended 30 - total of 5h
-########################################################################
-
-Wait()
-{
-    i=0
-    Debug "Waiting for $1"
-    while [ $i -lt $WAIT_TIMES ]
-    do
-        i=`expr $i + 1`
-        if [ -f "$1" -a $2 -eq 1 ]   # if file exists and is supposed to 
-        then
-            return
-        fi
-        if [ ! -f "$1" -a $2 -eq 0 ] # not exists and not supposed to exist
-        then
-            return
-        fi
-        Debug "Waiting for $1, loop #$i, about to sleep $WAIT_FOR seconds zzzz..."
-        sleep $WAIT_FOR
-    done
-    TOTAL=`expr $WAIT_TIMES \* $WAIT_FOR / 60`
-    Exit "I HAVE WAITED LONG ENOUGH FOR $1 NOW, I'M GONE! (THAT WAS A TOTAL OF $TOTAL MINUTES) I have better things to do... "
-}
-
-################################ WaitForever ##################################
-# global shell function to wait for an event to happen, 1st parameter
-# filename to watch, 2nd parameter 0 - wait for it to disappear, 1 wait
-# for it to be created.
-# because we daon't have any relyable cron on NT...
-########################################################################
-
-WaitForever()
-{
-    i=0
-    Debug "Waiting for $1"
-    TOTAL=0
-    while [ 1 ]
-    do
-        i=`expr $i + 1`
-        if [ -f "$1" -a $2 -eq 1 ] # if file exists and is supposed to 
-        then
-            return
-        fi
-        if [ ! -f "$1" -a $2 -eq 0 ] # not exists and not supposed to exist
-        then
-            return
-        fi
-        Debug "Waiting for $1, loop #$i, about to sleep $WAIT_FOR seconds Total $TOTAL"
-        sleep $WAIT_FOR
-        TOTAL=`expr $i \* $WAIT_FOR / 60`
-        if [ -n "$MAX_FOREVER" ] # we are cheating. Forever can be very short...
-        then
-            if [ "$TOTAL" -gt "$MAX_FOREVER" ] 
-            then
-                Exit "I HAVE WAITED LONG ENOUGH FOR $1 NOW, I'M GONE! (THAT WAS A TOTAL OF $TOTAL MINUTES) I have better things to do... "
-            fi
-        fi
-    done
-}
-################################### is_running #########################
-# global shell function , implements primitive locking mechanism
-# filename is passed as a parameter, if filename.* exists we assume calling
-# script is running already and exit, otherwise filename.processid is 
-# created 
-########################################################################
-is_running()
-{
-    Debug "Testing if $0 is already running... file ${1} - ${1}.$$"
-    if [ -f ${1}.* ]
-    then
-        Exit "$0 seems to be running already ($1 exists) - Exiting"
-    fi
-    TMPFILES="$TMPFILES ${1}.$$"
-    echo "running $0 on `date` PID $$" >${1}.$$
-    Debug "wrote \"running $0 on `date` PID $$\" to ${1}.$$"
-    
-}
-
-#---------------------------# USERCOM #---------------------------------
-############################## Echo #####################################
-# global shell function , depending on the options the output gets written 
-# to a file, or is being discarded
-# FIXME  \n and \c are mistreates by differnet shells, and linux has /bin/echo
-# instead of /usr/bin/echo
-########################################################################
-Echo ()
-{
-    if [ $O_SILENT = OFF ]
-    then
-        echo "$*"
-        #/usr/bin/echo "$*"
-    fi
-    if [ $O_FILE = ON ]
-    then
-        echo "$*" >>$FILENAME
-    fi
-}
-
-################################### ask ################################
-# global shell function, Asks the a question, and gives the returns 0
-# on the 1st choice, 1 on the 2nd choice
-#
-# PARAMETERS:
-#    $1 question text
-#    $2 1st choice
-#    $3 2nd choice
-#
-# MODIFIERS:
-#    -y O_ALWAYS_YES will assume a first choice always (not neccessaryly "y")
-#
-# RETURN:
-#    0 - User picked 1st choice
-#    1 - User picked 2nd choice
-#
-# EXAMPLE
-#    ask "Would you like to continue" "y" "n" || Exit
-#        will produce the string "Would you like to continue (y/n) ?",
-#        read input from keyboard (or assume a yes with option -y)
-#        - on a yes it will return 0, on a no it will return 1, the 
-#        shell interprets it as error and the || Exit will be executed
-#
-# NOTE: NEVER use "n" as the second parameter - it will mess up -y
-#    don't ask "Continue" "n" "y" || Exit # it will Exit on a "y"
-#
-########################################################################
-Ask()
-{
-    ask $*
-}
-
-ask()
-{
-    if [ $O_ALWAYS_YES = ON ]
-    then
-        Echo "$1 ($2/$3) ?"
-        Echo "YES!"
-        return 0
-    fi
-    A=""
-    while [ 1 ]
-    do
-    
-        Echo "$1 ($2/$3) ?"
-        read A
-        if [ -n "$A" ]
-        then
-            if [ $A = $2 ]
-            then
-                return 0
-            elif [ $A = $3 ]
-            then
-                return 1
-            fi
-        fi
-    done
-    return 0
-}
-
-################################### Warning ############################
-# global shell function, Asks the user a "... continue? (y/n)" question, 
-# and exits when the user answers with no
-# NOTE -y will answer the warnings always with yes
-########################################################################
-Warning ()
-{
-    ask "WARNING: $0: \n $* continue " "y" "n" || Exit 
-}
-
-################################### Debug ############################
-# global shell function, when option -d Debugging output is written
-########################################################################
-Debug()
-{
-    if [ $O_DEBUG = ON ]
-    then
-        Echo "DEBUG: (`date +%H:%M`) $0: $*"
-    fi
-}
-
-################################### line ###############################
-# global shell function, supposed to make output more readable...
-########################################################################
-line()
-{
-Echo
-#Echo "======================================================================="
-#Echo
-}
-
-################################### opt_usage ##########################
-# global shell function, tells user about available options
-########################################################################
-opt_usage()
-{
-  if [ $O_OPTIONS = "ON" ]
-  then
-    Echo
-    line
-    Echo
-    Echo "    -y answer all questions with y - use at your own risk..."
-    Echo "    -s silent (only usefull with -y)"
-    Echo "    -h, -? - you guessed right - displays this text"
-    Echo "    -d debug"
-    Echo "    -f <filename> - write the (error)output to filename"
-    Echo "    -fcronfile produces the resultfiles in the same locations"
-    Echo "        as would have been produced with -cron"
-    Echo "    -m <mailinglist> - send filename to mailinglist (csl "
-    Echo "         example sonmi,nelsonb,wtc) only useful with -f"
-    Echo "    -ml <mailinglist> - send link to filename to mailinglist "
-    Echo "         (csl example sonmi,nelsonb,wtc) only useful with -f"
-    Echo "    -cron equivalient to -y -s -d -f \$RESULTDIR/\$HOST.nssqa"
-    Echo "    -t run on a tinderbox build (included -cron)"
-    if [ `basename $0` = nssqa ] ; then
-        Echo "    -l <mozroot> run on a local build"
-        Echo "    -ln <mozroot> copy a networkbuild to a local directory "
-        Echo "        mozroot,  used for networkindipendend QA "
-        Echo "    -lt try to copy a networkbuild to a local directory, if"
-        Echo "        not possible run on the network
-        Echo "        used for networkindipendend QA
-    fi
-#
-# special strings
-  fi
-    
-}
-
-################################### glob_usage #########################
-# global shell function, how to use the calling script (parameters, options)
-########################################################################
-glob_usage()
-{
-    line
-    Echo $1
-    Echo
-    if [ $O_OPTIONS = "ON" ]
-    then
-        Echo "usage $0 [options] nssversion builddate"
-    else
-        Echo "usage $0 nssversion builddate"
-    fi
-        
-    Echo " for example: $0 30b 0926"
-    Echo "     $0 31 1002"
-    opt_usage
-    Echo
-    Exit "$1"
-}
-
-tell()
-{
-    if [ $O_SILENT = OFF ]
-    then
-        line
-        pwd
-        ls -CF
-        line
-    fi
-    if [ $O_FILE = ON ]
-    then
-        line
-        pwd >>$FILENAME
-        ls -CF >>$FILENAME
-        line 
-    fi
-}
-
-if [ $O_INIT = "ON" ]
-then
-    glob_init $*
-fi
-EARLY_EXIT=FALSE
diff --git a/security/nss/tests/jss_dll_version.sh b/security/nss/tests/jss_dll_version.sh
deleted file mode 100755
index cb29c4a1a..000000000
--- a/security/nss/tests/jss_dll_version.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-
-# version controll for DLLs
-# ToDo: make version parameter or find version from first occurance of 3.x
-# make the 3 a variable..., include the header
-
-for w in `find . -name "libjss3.s[ol]"`
-do
-        NOWHAT=FALSE
-        NOIDENT=FALSE
-        echo $w
-        what $w | grep JSS || NOWHAT=TRUE
-        ident $w | grep JSS || NOIDENT=TRUE
-        if [ $NOWHAT = TRUE ]
-        then
-                echo "ERROR what $w does not contain JSS"
-        fi
-        if [ $NOIDENT = TRUE ]
-        then
-                echo "ERROR ident $w does not contain JSS"
-        fi
-done
diff --git a/security/nss/tests/jssdir b/security/nss/tests/jssdir
deleted file mode 100755
index 1609fbfcf..000000000
--- a/security/nss/tests/jssdir
+++ /dev/null
@@ -1,28 +0,0 @@
-if ( "$2" == ""  ) then
-	setenv BUILDDATE `date +%m%d`
-else
-	setenv BUILDDATE $2
-endif
-
-if ( "$1" == ""  ) then
-	setenv JSSVER tip
-else
-	setenv JSSVER $1
-endif
-
-if ( ! ${?QAYEAR} ) then 
-        setenv QAYEAR `date +%Y`
-else if ( "$QAYEAR" == ""  ) then
-	setenv QAYEAR `date +%Y`
-	
-endif
-
-setenv JSS_VER_DIR /share/builds/mccrel3/jss/jss$JSSVER
-setenv NTDIST ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/blowfish_NT4.0_Win95/mozilla/dist
-setenv UXDIST ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/dist
-setenv TESTSCRIPTDIR ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/security/jss/tests
-setenv RESULTDIR ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/tests_results/security
-
-cd ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8
-pwd
-ls
diff --git a/security/nss/tests/jssqa b/security/nss/tests/jssqa
deleted file mode 100755
index 79566a2f9..000000000
--- a/security/nss/tests/jssqa
+++ /dev/null
@@ -1,216 +0,0 @@
-#! /bin/sh  
-
-########################################################################
-#
-# /u/sonmi/bin/jssqa
-#
-# this script is supposed to automatically run - now a sanity test, later QA for 
-# JSS on all required Unix and Windows (NT and 2000) platforms
-#
-# parameters
-# ----------
-#   jssversion  (supported: 31, tip)
-#   builddate   (default - today)
-#
-# options
-# -------
-#   -y answer all questions with y - use at your own risk...ignores warnings
-#   -s silent (only usefull with -y)
-#   -h, -? - you guessed right - displays this text
-#   -d debug
-#   -f <filename> - write the (error)output to filename
-#   -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.nssqa
-#
-########################################################################
-
-O_OPTIONS=ON            # accept options (see above for listing)
-WIN_WAIT_FOREVER=OFF    # don't wait for the NSS testdir
-PRODUCT_TO_TEST="JSS"
-JSS_NSPR_DIR="/share/builds/components/nspr20/v4.1.2"
-JSS_NSS_DIR="/share/builds/components/nss/NSS_3_3_1_RTM"
-JSS_NSS_UX_SRC_DIR="nss331/builds/20010928.2.331-RTM/booboo_Solaris8"
-JSS_NSS_NT_SRC_DIR="nss331/builds/20010928.2.331-RTM/blowfish_NT4.0_Win95"
-JSS_NSS_SRC_DIR=$JSS_NSS_UX_SRC_DIR
-NATIVE_FLAG=""
-
-. `dirname $0`/header   # utilities, shellfunctions etc, global to NSS and JSS QA
-
-if [ -z "$O_TBX" -o "$O_TBX" != "ON" ] ; then
-    is_running ${TMP}/jssqa
-                        # checks if the file exists, if yes Exits, if not
-                        # creates to implement a primitive locking mechanism
-fi
-
-INTERNAL_TOKEN="NSS Certificate DB"
-SIGTEST_INTERNAL_TOKEN="Internal Key Storage Token"
-
-################################ jss_init #########################
-# 
-# Most of the procedure is setting up the test environment.
-# set all necessary dir and file variables, set all paths, copy the shared libs 
-# Put all the shared libraries into a lib directory, <libdir>.
-# including the libjss3.so that was built by the build process.
-# set LD_LIBRARY PATH and CLASSPATH
-# The xpclass.jar produced by the JSS build needs to be in the classpath.
-# The classpath must also include the current directory so we can run our test
-# programs.
-################################################################################
-
-jss_init()
-{
-  Debug "Jss init"
-  #correct all directories that the header has set...
-  NTDIST=`echo $NTDIST | sed -e 's/nss/jss/g'`
-  UXDIST=`echo $UXDIST | sed -e 's/nss/jss/g'`
-  RESULTDIR=`echo $RESULTDIR | sed -e 's/nss/jss/g'`
-  mkdir -p ${RESULTDIR} 2>/dev/null
-  JSS_LOGFILE=${RESULTDIR}/${HOST}.txt
-  FILENAME=$JSS_LOGFILE
-  O_FILE=ON
-
-  MOZILLA_ROOT=`echo $MOZILLA_ROOT | sed -e 's/nss/jss/g'`
-
-  JSS_SAMPLES="$MOZILLA_ROOT/security/jss/samples"
-  JSS_CLASSPATH=`echo $MOZILLA_ROOT | 
-      sed -e "s/jss$NSSVER.builds/jss$NSSVER\/ships/g" -e "s/mozilla/jss\/${QAYEAR}${BUILDDATE}/"`
-  Debug "JSS_CLASSPATH=$JSS_CLASSPATH"
-  Debug "JSS_SAMPLES=$JSS_SAMPLES"
-
-  if [ ! -d $JSS_SAMPLES ] ; then
-      if [ "$O_WIN" = "ON" -a "$WIN_WAIT_FOREVER" = "ON" ]
-      then
-          WaitForever $JSS_SAMPLES/TestKeyGen.java 1
-      else
-          Exit "Test directory $JSS_SAMPLES does not exist"
-      fi
-  fi
-
-  PWFILE="$JSS_SAMPLES/passwd"
-  EMPTYFILE="$JSS_SAMPLES/emptyfile"
-  rm $PWFILE $EMPTYFILE 2>/dev/null
-  echo "jss" >$PWFILE
-  echo "" >$EMPTYFILE
-  echo "" >>$EMPTYFILE
-  echo "" >>$EMPTYFILE
-
-  INIT_PATH=$PATH
-  INIT_LD_LIBRARY_PATH=$LD_LIBRARY_PATH
-}
-
-
-jss_mode_init()
-{
-  OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
-
-  LOCALDIST_BIN=`echo $LOCALDIST_BIN | sed -e 's/nss/jss/g'`
-  LOCALDIST_LIB=$LOCALDIST_BIN/../lib
-  debug_dirs
-
-  #make testdir/libdir
-
-  JSS_LIBDIR=${RESULTDIR}/${HOST}.libdir/${OBJDIR}
-  mkdir -p ${JSS_LIBDIR} 2>/dev/null
-  Debug "JSS_LIBDIR=$JSS_LIBDIR"
-
-  #Put all the shared libraries into a lib directory
-  Debug "copy all needed libs to ${JSS_LIBDIR}"
-  cp $JSS_NSPR_DIR/${OBJDIR}/lib/* ${JSS_LIBDIR}
-  cp $JSS_NSS_DIR/${OBJDIR}/lib/* ${JSS_LIBDIR}
-  cp $LOCALDIST_LIB/libjss3.*  ${JSS_LIBDIR}
-  #FIXME uncomment above
-
-  if [ $O_DEBUG = ON ] ; then
-      Debug "ls $JSS_LIBDIR"
-      ls $JSS_LIBDIR
-  fi
-
-  #LD_LIBRARY_PATH=$INIT_LD_LIBRARY_PATH:${JSS_LIBDIR}
-  LD_LIBRARY_PATH=${JSS_LIBDIR} #remove to avoid HP coredump
-  CLASSPATH="$JSS_CLASSPATH/xpclass.jar:."
-
-  SHLIB_PATH=${LD_LIBRARY_PATH}
-  LIBPATH=${LD_LIBRARY_PATH}
-
-  PATH=$JSS_NSPR_DIR/${OBJDIR}/bin:$JSS_NSS_DIR/${OBJDIR}//bin:$INIT_PATH
-  Debug "PATH $PATH"
-  Debug "LD_LIBRARY_PATH $LD_LIBRARY_PATH"
-  Debug "CLASSPATH=$CLASSPATH"
-
-  export CLASSPATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
-  export TESTSCRIPTDIR COMMON
-  export_dirs
-}
-
-  
-################################ jss_test #########################
-# 
-# go into the build tree. cd to mozilla/security/jss/samples.
-# Create NSS directories in this directory with modutil and set the password
-#
-#6. Create an alias for the "java" and "javac" commands. You'll need to set
-#it to whatever version of the JDK you used to build on this platform. For
-#example, 
-      #alias java /share/builds/components/cms_jdk/AIX/1.3.0/jre/bin/java
-        #alias javac /share/builds/components/cms_jdk/AIX/1.3.0/bin/javac
-# instead $JAVA and $JAVAC
-# 7. Compile the tests.
-#####################################################################
-jss_test()
-{
-  O_FILE=OFF
-  Debug "JSS main test"
-  #set -x
-  cd $JSS_SAMPLES
-
-  Debug "Cleaning  $JSS_SAMPLES"
-  rm cert7.db key3.db 2>/dev/null
-
-  Debug "echo | modutil -dbdir . -create -force"
-  echo | modutil -dbdir . -create -force
-  Debug "modutil returned $?"
-
-  modutil -dbdir . -list
-
-  Debug "echo | modutil -dbdir . -changepw \"$INTERNAL_TOKEN\" -newpwfile $PWFILE -force"
-  modutil -dbdir . -changepw "$INTERNAL_TOKEN" -newpwfile $PWFILE  -force <$EMPTYFILE
-  #modutil -dbdir . -changepw "$INTERNAL_TOKEN" -pwfile $PWFILE -newpwfile $PWFILE <$EMPTYFILE
-  Debug "modutil returned $?"
-
-  Debug "$JAVAC TestKeyGen.java"
-  $JAVAC TestKeyGen.java
-  Debug "$JAVAC TestKeyGen.java returned $?"
-
-  Debug "$JAVAC SigTest.java"
-  $JAVAC SigTest.java
-  Debug "$JAVAC SigTest.java returned $?"
-          
-  echo "Starting new jss test on $HOST"  
-  date
-
-  # Run the actual tests
-
-  Debug "$JAVA $NATIVE_FLAG TestKeyGen ." 
-  $JAVA $NATIVE_FLAG TestKeyGen . 
-  Debug "$JAVA TestKeyGen returned $?"
-
-  Debug "$JAVA $NATIVE_FLAG SigTest . \"$SIGTEST_INTERNAL_TOKEN\""
-  $JAVA $NATIVE_FLAG SigTest . "$SIGTEST_INTERNAL_TOKEN"
-  Debug "$JAVA SigTest returned $?"
-
-  O_FILE=ON
-}
-
-jss_init
-jss_mode_init
-if [ -z "O_CRON" -o "$O_CRON" != "ON" -a  "$O_WIN" != "ON" ]
-then
-    tail -f ${JSS_LOGFILE}  &
-    TAILPID=$!
-fi
-
-jss_test >>$JSS_LOGFILE  2>&1
-BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
-jss_mode_init
-jss_test >>$JSS_LOGFILE  2>&1
-kill $TAILPID
-Exit "jssqa completed. Done `uname -n` $QA_OS_STRING"
diff --git a/security/nss/tests/mksymlinks b/security/nss/tests/mksymlinks
deleted file mode 100755
index 18f252521..000000000
--- a/security/nss/tests/mksymlinks
+++ /dev/null
@@ -1,106 +0,0 @@
-#! /bin/sh
-
-O_OPTIONS=OFF
-. `dirname $0`/header
-
-if [ $O_DEBUG = ON ] ; then
-        Debug "NTDIST $NTDIST"
-        Debug "UXDIST $UXDIST"
-        Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-fi
-
-if [ -d "$NSS_VER_DIR" ] ; then
-    cd $NSS_VER_DIR
-else
-    glob_usage "cant cd to $NSS_VER_DIR Exiting"
-fi
-
-if [ -d "$NTDIST" ] ; then
-    cd $NTDIST
-    if [  ! -h WINNT5.0_DBG.OBJ -a ! -d WINNT5.0_DBG.OBJ ] ; then 
-        ln -s WINNT4.0_DBG.OBJ WINNT5.0_DBG.OBJ
-    fi
-    if [  ! -h WINNT5.0_DBG.OBJD -a ! -d WINNT5.0_DBG.OBJD ] ; then 
-        ln -s WINNT4.0_DBG.OBJD WINNT5.0_DBG.OBJD
-    fi
-    if [  ! -h WINNT5.0_OPT.OBJ -a ! -d WINNT5.0_OPT.OBJ ] ; then 
-        ln -s WINNT4.0_OPT.OBJ WINNT5.0_OPT.OBJ
-    fi
-    
-    if [ $O_DEBUG = ON ] ; then
-        tell
-    fi
-else
-    if [ $O_DEBUG = ON ] ; then
-        Debug "WARNING!!! cant cd to $NTDIST "
-    fi
-fi
-
-if [ -d "$UXDIST" ]
-then
-    cd $UXDIST
-else
-    glob_usage "Error!!! cant cd to $UXDIST "
-fi
-
-ErrorFlag=0
-
-#if [  ! -h OSF1V5.1_DBG.OBJ -a ! -d OSF1V5.1_DBG.OBJ ] ; then 
-    #ln -s OSF1V4.0D_DBG.OBJ OSF1V5.1_DBG.OBJ || ErrorFlag=1
-#fi
-#if [  ! -h OSF1V5.1_OPT.OBJ -a ! -d OSF1V5.1_OPT.OBJ ] ; then 
-    #ln -s OSF1V4.0D_OPT.OBJ OSF1V5.1_OPT.OBJ || ErrorFlag=1
-#fi
-#if [  ! -h OSF1V5.0_DBG.OBJ -a ! -d OSF1V5.0_DBG.OBJ ] ; then 
-    #ln -s OSF1V4.0D_DBG.OBJ OSF1V5.0_DBG.OBJ || ErrorFlag=1
-#fi
-#if [  ! -h OSF1V5.0_OPT.OBJ -a ! -d OSF1V5.0_OPT.OBJ ] ; then 
-    #ln -s OSF1V4.0D_OPT.OBJ OSF1V5.0_OPT.OBJ || ErrorFlag=1
-#fi
-if [  ! -h SunOS5.9_64_DBG.OBJ  -a ! -d  SunOS5.9_64_DBG.OBJ ] ; then 
-    ln -s SunOS5.8_64_DBG.OBJ SunOS5.9_64_DBG.OBJ || ErrorFlag=1
-fi
-if [  ! -h SunOS5.9_64_OPT.OBJ  -a ! -d  SunOS5.9_64_OPT.OBJ ] ; then 
-    ln -s SunOS5.8_64_OPT.OBJ SunOS5.9_64_OPT.OBJ || ErrorFlag=1
-fi
-if [  ! -h SunOS5.9_DBG.OBJ  -a ! -d  SunOS5.9_DBG.OBJ ] ; then 
-    ln -s SunOS5.8_DBG.OBJ SunOS5.9_DBG.OBJ || ErrorFlag=1
-fi
-if [  ! -h SunOS5.9_OPT.OBJ  -a ! -d  SunOS5.9_OPT.OBJ ] ; then 
-    ln -s SunOS5.8_OPT.OBJ SunOS5.9_OPT.OBJ || ErrorFlag=1
-fi
-#sonmi - still leaving the section in there so 3.3 and 3.2 will not break
-#since 5.8 is the masterbuild it should never be executed
-#additionally: only creat link if the slave build is present, but 
-#master is not
-#if [  ! -h SunOS5.8_DBG.OBJ -a ! -d  SunOS5.8_DBG.OBJ ]  ; then 
-    #if [ -d SunOS5.6_DBG.OBJ ] ; then
-        #ln -s SunOS5.6_DBG.OBJ SunOS5.8_DBG.OBJ || ErrorFlag=1
-    #fi
-#fi
-#if [  ! -h SunOS5.8_OPT.OBJ -a ! -d  SunOS5.8_OPT.OBJ ] ; then 
-    #if [ -d SunOS5.6_OPT.OBJ ] ; then
-        #ln -s SunOS5.6_OPT.OBJ SunOS5.8_OPT.OBJ || ErrorFlag=1
-    #fi
-#fi
-#if [ ! -h Linux2.4_x86_glibc_PTH_DBG.OBJ -a ! -d Linux2.4_x86_glibc_PTH_DBG.OBJ]
-#then
-    #ln -s Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.4_x86_glibc_PTH_DBG.OBJ || ErrorFlag=1
-#fi
-#if [ ! -h Linux2.4_x86_glibc_PTH_OPT.OBJ -a ! -d Linux2.4_x86_glibc_PTH_OPT.OBJ]
-#then
-    #ln -s Linux2.2_x86_glibc_PTH_OPT.OBJ Linux2.4_x86_glibc_PTH_OPT.OBJ || ErrorFlag=1
-#fi
-
-if [  ! -h SunOS5.9_i86pc_DBG.OBJ  -a ! -d SunOS5.9_i86pc_DBG.OBJ ] ; then 
-    ln -s SunOS5.8_i86pc_DBG.OBJ SunOS5.9_i86pc_DBG.OBJ || ErrorFlag=1
-fi
-if [  ! -h SunOS5.9_i86pc_OPT.OBJ  -a ! -d SunOS5.9_i86pc_OPT.OBJ ] ; then 
-    ln -s SunOS5.8_i86pc_OPT.OBJ SunOS5.9_i86pc_OPT.OBJ || ErrorFlag=1
-fi
-
-if [ $O_DEBUG = ON ] ; then
-    tell
-fi
-
-exit $ErrorFlag #no cleanup here, no tempfiles
diff --git a/security/nss/tests/nssdir b/security/nss/tests/nssdir
deleted file mode 100755
index 884c299f5..000000000
--- a/security/nss/tests/nssdir
+++ /dev/null
@@ -1,28 +0,0 @@
-if ( "$2" == ""  ) then
-	setenv BUILDDATE `date +%m%d`
-else
-	setenv BUILDDATE $2
-endif
-
-if ( "$1" == ""  ) then
-	setenv NSSVER tip
-else
-	setenv NSSVER $1
-endif
-
-if ( ! ${?QAYEAR} ) then 
-        setenv QAYEAR `date +%Y`
-else if ( "$QAYEAR" == ""  ) then
-	setenv QAYEAR `date +%Y`
-	
-endif
-
-setenv NSS_VER_DIR /share/builds/mccrel3/nss/nss$NSSVER
-setenv NTDIST ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/blowfish_NT4.0_Win95/mozilla/dist
-setenv UXDIST ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/dist
-setenv TESTSCRIPTDIR ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/security/nss/tests
-setenv RESULTDIR ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/tests_results/security
-
-cd ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8
-pwd
-ls
diff --git a/security/nss/tests/nsspath b/security/nss/tests/nsspath
deleted file mode 100755
index 5d5ececc6..000000000
--- a/security/nss/tests/nsspath
+++ /dev/null
@@ -1,12 +0,0 @@
-#! /bin/tcsh
-
-set PWD=`pwd`
-source /u/sonmi/bin/nssdir $*
-set OBJDIR=`(cd mozilla/security/nss/tests/common; gmake objdir_name)`
-setenv PATH `perl /u/sonmi/bin/path_uniq -s "${PATH}:${UXDIST}/${OBJDIR}/bin"`
-if ( `uname -n` == "iws-perf" ) then
-    setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib:/opt/nfast/toolkits/pkcs11"
-else
-    setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib"
-endif
-cd $PWD
diff --git a/security/nss/tests/nssqa b/security/nss/tests/nssqa
deleted file mode 100755
index 84c8b8f60..000000000
--- a/security/nss/tests/nssqa
+++ /dev/null
@@ -1,283 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/nssqa - /u/svbld/bin/init/nss/nssqa
-#
-# this script is supposed to automatically run QA for NSS on all required
-# Unix and Windows (NT and 2000) platforms
-#
-# parameters
-# ----------
-#   nssversion  (supported: 30b, 31, tip)
-#   builddate   (default - today)
-#
-# options
-# -------
-#   -y answer all questions with y - use at your own risk...ignores warnings
-#   -s silent (only usefull with -y)
-#   -h, -? - you guessed right - displays this text
-#   -d debug
-#   -f <filename> - write the (error)output to filename
-#   -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.nssqa
-# 
-# 12/1/00
-# took out the (unused) local directory for releasebuild QA on NT
-# cleaned up 32 - 64 bit issues
-# took hardcoded machinenames out
-########################################################################
-
-O_OPTIONS=ON            # accept options (see above for listing)
-WIN_WAIT_FOREVER=ON     # first we wait forever for a TESTDIR to appear, than 
-                        # we wait forever for the build to finish...
-
-TBX_EXIT=50             # in case we are running on a tinderbox build, any 
-                        # early exit needs to return an error
-. `dirname $0`/header   # utilities, shellfunctions etc, global to NSS QA
-
-if [ -z "$O_TBX" -o "$O_TBX" != "ON" ] ; then
-    is_running ${TMP}/nssqa 
-                        # checks if the file exists, if yes Exits, if not 
-                        # creates to implement a primitive locking mechanism
-fi
-
-KILL_SELFSERV=OFF       # cleanup will also kill the leftover selfserv processes
-
-################################ check_distdir #########################
-# local shell function to check if the DIST directory exists, if not there 
-# is no use to continue the test
-########################################################################
-check_distdir()
-{
-    set_objdir
-
-    if [ ! -d "$LOCALDIST_BIN" ]
-    then
-        Debug "Dist $DIST"
-        Warning "$LOCALDIST_BIN (the dist binaries dir) does not exist"
-        return 1
-    fi
-
-    if [ ! -d "$LOCALDIST" -a ! -h "$LOCALDIST" ]
-    then
-        Debug "Dist $DIST"
-        Warning "$LOCALDIST (the dist directory) does not exist"
-        return 1
-    fi
-
-    Debug "LOCALDIST_BIN $LOCALDIST_BIN"
-    Debug "Dist $DIST"
-    return 0
-}
-
-################################ run_all ###############################
-# local shell function to start the all.sh after asking user and redirect 
-# the output apropriately
-########################################################################
-run_all()        
-{
-    check_distdir || return 1
-    #kill_by_name selfserv
-    ask "Testing $OBJDIR continue with all.sh" "y" "n" || Exit
-
-    Debug "running all.sh in `pwd`"
-    if [ $O_SILENT = ON ]
-    then
-        if [ $O_DEBUG = ON -a $O_FILE = ON ]
-        then
-            all.sh >>$FILENAME 2>>$FILENAME
-        else
-            all.sh >/dev/null 2>/dev/null
-        fi
-    else
-        all.sh
-    fi
-    Debug "Done with all.sh "
-    line
-}
-
-all_sh()
-{
-    echo
-}
-
-
-########################### wait_for_build #############################
-# local shell function to wait until the build is finished
-########################################################################
-wait_for_build()
-{
-  if [ $O_WIN = "ON" ]
-  then
-      WaitForever ${OSDIR}/SVbuild.InProgress.1 0 
-                     #Wait for the build to finish Windows a lot longer
-      OS_TARGET=WINNT;export OS_TARGET;Debug "OS_TARGET set to $OS_TARGET"
-      QA_OS_NAME=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name | \
-          sed -e "s/WINNT4.0.*/Windows-NT-4.0/" -e "s/WINNT5.0.*/Windows-2000/"`
-      Echo "WINDOWS-OS-LINE: $QA_OS_NAME"
-  else
-      Wait ${OSDIR}/SVbuild.InProgress.1 0     
-                     #Wait for the build to finish... Unix a few hours
-      qa_stat_get_sysinfo
-      Echo "UNIX-OS-LINE: $QA_OS"
-  fi
-  find_nt_masterbuild
-}
-
-
-########################### map_os #############################
-# local shell function: From the operatingsystem figure out the name of 
-#     the build ; needed to detemine if the build finished, passed and for
-#     the directory names
-########################################################################
-map_os32()
-{
-    case `uname -s` in
-        SunOS)
-            S_REL=`uname -r | sed -e "s/^[^\.]*\.//g"`
-            if [ `uname -p` = "i386" ] ; then
-                MAPPED_OS=Solaris8_x86
-            elif [ "$S_REL" -lt 8 ] ; then
-                MAPPED_OS=Solaris2.6
-            else
-                MAPPED_OS=Solaris8_forte6
-            fi
-            ;;
-        OSF1)
-            MAPPED_OS=OSF1V4.0
-            ;;
-        AIX)
-            MAPPED_OS=AIX4.3
-            ;;
-        Linux)
-            RH_MR=`cat /etc/redhat-release | sed \
-                -e "s/Red Hat Linux release //" -e "s/ .*//g" \
-                -e "s/\..*//g"`
-            
-            if [ "$RH_MR" = "6" ] ; then
-                MAPPED_OS=Linux2.2
-            else
-                MAPPED_OS=Linux2.4
-                LD_ASSUME_KERNEL="2.2.5"
-                export LD_ASSUME_KERNEL
-            fi
-            ;;
-        HP-UX)
-            MAPPED_OS=HPUX11.00
-            ;;
-        *)
-            if [ "$os_name" = "Windows" ]
-            then
-                MAPPED_OS=NT4.0
-            else
-                Exit "Sorry, operating system `uname -s` is not supported yet"
-            fi
-            ;;
-    esac
-    set_osdir
-    Debug "Mapped OS to $MAPPED_OS"
-}
-
-############################# nssqa_main ###############################
-# local shell function main controlling function of the nss qa
-########################################################################
-nssqa_main()
-{
-  Debug "In function nssqa_main"
-
-  if [ $O_WIN = "OFF" -a "$O_TBX" = "OFF" -a $O_LOCAL = "OFF" ] ; then
-      if [ ! -h ${NTDIST}/WINNT5.0_DBG.OBJ -o \
-              ! -h ${UXDIST}/SunOS5.8_OPT.OBJ -o \
-              ! -h ${UXDIST}/OSF1V5.0_DBG.OBJ ] ; then
-          # determine if all needed symbolic links are present, in case
-          # we build on one platform and QA on another
-          # create the symbolic links
-          #mksymlinks $* ||
-          `dirname $0`/mksymlinks  $NSSVER $BUILDDATE ||
-              Warning "Can't make the neccessary symbolic links"
-      fi
-  fi
-
-  if [ -d $TESTSCRIPTDIR ]    #the directory mozilla/security/nss/tests, 
-  then            # where all.sh lives
-      cd $TESTSCRIPTDIR
-  else
-      Exit "cant cd to $TESTSCRIPTDIR Exiting"
-  fi
-
-  Debug "Testing from `pwd`"
-  line
-  Debug "HOST: $HOST, DOMSUF: $DOMSUF"
-
-  if [  "$O_TBX" = "OFF" ] ; then
-      map_os32 # From the operatingsystem figure out the name of the build 
-      Debug Testing build for $MAPPED_OS in $OSDIR
-      wait_for_build
-  fi
-  run_all
-  BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
-  run_all
-  
-  # now for the 64 bit build!
-  map_os64 # From the operatingsystem figure out the name of the build 
-  if [ -n "$IS_64" ] ; then #Wait for the 64 bit build to finish...
-      Debug "This is a $IS_64 platform"
-      USE_64=1;export USE_64;Debug "Use_64 set to $USE_64"
-      unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
-
-      run_all
-      BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
-      run_all
-  elif [ "$O_WIN" = "ON" ] ; then
-      OS_TARGET=WIN95;export OS_TARGET
-      Debug "OS_TARGET set to $OS_TARGET"
-      #Echo "WINDOWS-OS-LINE: $os_name $os_full $OS_TARGET"
-      unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
-      #if [ "$TEST_LEVEL" = "0" ] ; then
-          #QA_OS_NAME=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name | \
-              #sed -e "s/WINNT4.0.*/Windows-NT-4.0/" -e \
-                     #"s/WINNT5.0.*/Windows-2000/"`
-          #Echo "WINDOWS-OS-LINE: $QA_OS_NAME $OS_TARGET"
-      #fi
-      run_all
-      BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
-      run_all
-  else
-      Debug "This is a 32 bit platform"
-  fi
-}
-  
-TEST_LEVEL=0
-
-while [ $TEST_LEVEL -lt 2 ] ; do 
-    export TEST_LEVEL
-    unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
-    unset USE_64;export USE_64;Debug "USE_64 $USE_64"
-    bc $TEST_LEVEL
-    Debug "About to start nssqa_main"
-    if [ $O_FILE = ON -a "$O_WIN" != "ON" ] ; then
-        nssqa_main 2>>$FILENAME
-    else
-        nssqa_main
-    fi
-    if [  "$O_TBX" = "ON" ] ; then      # do not do backward compatibility 
-         TEST_LEVEL=3                   # testing on tinderbox
-    else
-         TEST_LEVEL=`expr $TEST_LEVEL + 1 `
-    fi
-done
-
-if [  "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
-#FIXME - maybe it should be copied back to the networkdrive later (-ln)
-    if [ -n "${TMPFILES}" ] ; then #caused problems on tinderbox machines
-        Debug "rm -f ${TMPFILES}"
-        rm -f $TMPFILES 2>/dev/null
-    fi
-    Debug "running qa_stat"
-    . `dirname $0`/qa_stat
-fi
-
-  
-qa_stat_get_sysinfo
-
-Exit "nssqa completed. Done `uname -n` $QA_OS_STRING"
diff --git a/security/nss/tests/path_uniq b/security/nss/tests/path_uniq
deleted file mode 100755
index f29f60a00..000000000
--- a/security/nss/tests/path_uniq
+++ /dev/null
@@ -1,107 +0,0 @@
-#! /bin/perl
-
-########################################################################
-#
-# /u/sonmi/bin/path_uniq
-#
-# this script makes components of a PATH like string unique cand prints
-# it to stdout
-#
-# parameters
-# ----------
-#    PATH
-#
-# options
-# -------
-#     -d delimiter - default : 
-#     -s shortens the path
-#
-# usefull enhancements: in the usage part, try to guess what was meant as 
-# a path and echo it to stdout to not break for PATHs with blanks
-#
-########################################################################
-
-sub usage {
-    print STDERR "usage $0 [-s] [-d <delimiter>] PATH\n";
-    print STDERR "    this script makes components of the PATH unique, if you\n";
-    print STDERR "    pass in a searchpath A:B:C:A:B:E it will print A:B:C:E to\n";
-    print STDERR "    the stdout\n\n";
-    print STDERR "    -s will mercylessly cut components from the path, \n";
-    print STDERR "    use at your own risk\n\n";
-    print STDERR "    the parameters you gave were: \n";
-    for ( $i = 0; $i <= $#ARGV; $i++ ) {
-        print STDERR "        $ARGV[$i]\n";
-    }
-    exit ;
-}
-
-
-$i = 0;
-$j = 0;
-$delimiter = ":";
-$searchpath = "";
-@pathcomponents;
-$found=0;
-$newpath="";
-$shorten=0;
-
-for ( $i=0; $i <= $#ARGV; $i++) {
-    if ( $ARGV[$i] eq '-d' ) {
-        $delimiter = $ARGV[++$i];
-    } elsif  ( $ARGV[$i] eq '-s' ) {
-        $shorten=1;
-    } else {
-        $searchpath = $ARGV[$i];
-    }
-}
-if ( $searchpath eq "" ) {
-    usage;
-}
-#print STDERR "delimiter $delimiter\n";
-#print STDERR "shorten $shorten\n";
-#print STDERR "searchpath $searchpath\n";
-
-@pathcomponents=split($delimiter, $searchpath);
-
-for ( $i = 0; $i <= $#pathcomponents; $i++ ) {
-    $found=0;
-    if ( $shorten == 1 ) {
-        if ( "\/tools\/ns-arch\/sparc_sun_solaris2\.4\/lib\/sparcworks\/SUNWspro/bin" eq $pathcomponents[$i] ||
-              "\/h\/tortoise\/export\/share\/builds\/tools\/sparc_sun_solaris2\.5\.1\/perl5\.004\/bin" eq $pathcomponents[$i] ||
-              "\/usr\/dist\/local\/exe" eq $pathcomponents[$i] ||
-              "\/opt\/SUNWspro\/bin" eq $pathcomponents[$i] ||
-              "\/opt\/SUNWwabi\/bin" eq $pathcomponents[$i] ||
-              "\/u\/svbld\/bin" eq $pathcomponents[$i] ||
-              "\/usr\/demos" eq $pathcomponents[$i] ||
-              "\/usr\/audio\/bin" eq $pathcomponents[$i] ||
-              "\/usr\/openwin\/demo" eq $pathcomponents[$i] ||
-              "\/tools\/contrib\/bin" eq $pathcomponents[$i] ||
-              "\/usr\/etc\/" eq $pathcomponents[$i] ||
-              "\/usr\/demos\/bin" eq $pathcomponents[$i] ) {
-
-            
-            #print "dumped: $pathcomponents[$i]\n";
-            next;
-        }
-            #print "keep: $pathcomponents[$i]\n";
-    }
-    for ( $j = 0; $j < $i; $j++ ) {
-        if ( $pathcomponents[$j] eq $pathcomponents[$i] ) {
-            #print "$i and $j match - $pathcomponents[$i] - $pathcomponents[$j]\n";
-            $found=1;
-            last;
-        }
-    }
-    if ( $found == 0 ) {
-        #print "$pathcomponents[$i]:";
-        if ($i == 0) {
-            $newpath = $pathcomponents[$i];
-        } else {
-            $newpath=join($delimiter, $newpath,$pathcomponents[$i]);
-        }
-    }
-}
-print "$newpath\n";
-exit;
-
-
diff --git a/security/nss/tests/perf/perf.sh b/security/nss/tests/perf/perf.sh
deleted file mode 100755
index 7c7b1d1a0..000000000
--- a/security/nss/tests/perf/perf.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#! /bin/sh  
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/perf/perf.sh
-#
-# script run from the nightly NSS QA to measure nss performance
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-########################################################################
-#
-############################## perf_init ##############################
-# local shell function to initialize this script
-########################################################################
-perf_init()
-{
-  SCRIPTNAME="perf.sh"
-  if [ -z "${INIT_SOURCED}" ] ; then
-      cd ../common
-      . ./init.sh
-  fi
-  SCRIPTNAME="perf.sh"
-  PERFDIR=${HOSTDIR}/perf
-  mkdir -p ${PERFDIR}
-}
-
-perf_init
-RSAPERF_OUT=`rsaperf -i 300 -s -n none`
-RSAPERF_OUT=`echo $RSAPERF_OUT | sed \
-                -e "s/^/RSAPERF: $OBJDIR /" \
-                -e 's/microseconds/us/' \
-                -e 's/milliseconds/ms/' \
-                -e 's/seconds/s/' \
-                -e 's/ minutes, and /_min_/'`
-
-echo "$RSAPERF_OUT"
-
-
-
-#FIXME
-#export RSAPERF_OUT
-#
-#perl -e '
-
-#@rsaperf=split(/ /, $ENV{RSAPERF_OUT});
-
-#echo "${RSAPERF_OUT}" | read IT_NUM T1 T2 TOT_TIM TOT_TIM_U \
-    #T3 T4 T5 AVRG_TIM AVRG_TIM_U
-
-#300 iterations in 8.881 seconds one operation every 29606 microseconds
diff --git a/security/nss/tests/pkcs11/netscape/suites/Makefile b/security/nss/tests/pkcs11/netscape/suites/Makefile
deleted file mode 100644
index 093ef5244..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-# include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/config.mk b/security/nss/tests/pkcs11/netscape/suites/config.mk
deleted file mode 100644
index 0c29b9e0e..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/config.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-all::
-
-release:: release_security abort_rule
-
-release_security:
-	@echo "cd security; $(MAKE) release"
-	$(MAKE) -C security release
-
-abort_rule:
-	@"Security Complete. (Don't worry about this, it really should abort here!)"
diff --git a/security/nss/tests/pkcs11/netscape/suites/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/manifest.mn
deleted file mode 100644
index 119fd5509..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../..
- 
-# MODULE = sectools
- 
-# IMPORTS =       nspr20/19971209C      \
-#                dbm/DBM_1_5           \
-#                security/HCL_1_5      \
-#                sectools/bin/19971218 \
-#                sectools/lib/19971218 \
-#                $(NULL)
- 
-DIRS =  security \
-        $(NULL)
- 
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/Makefile
deleted file mode 100644
index 1c76a8833..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/config.mk
deleted file mode 100644
index 006fcb713..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/config.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-all::
-
-release:: release_des release_des3 release_sha1 release_dsa abort_rule
-
-release_des:
-	@echo "cd des; $(MAKE) release"
-	$(MAKE) -C des release
-
-release_des3:
-	@echo "cd des3; $(MAKE) release"
-	$(MAKE) -C des3 release
-
-release_sha1:
-	@echo "cd sha1; $(MAKE) release"
-	$(MAKE) -C sha1 release
-
-release_dsa:
-	@echo "cd dsa; $(MAKE) release"
-	$(MAKE) -C dsa release
-
-abort_rule:
-	@"Security Suites Complete. (Don't worry about this, it really should abort here!)"
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
deleted file mode 100644
index a95b03c93..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../../..
-
-#MODULE = sectools
-
-DIRS =	pkcs11 \
-	ssl \
-	$(NULL)
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
deleted file mode 100644
index 611fef3d6..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
- 
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-include $(CORE_DEPTH)/nss/cmd/platlibs.mk
-include $(CORE_DEPTH)/nss/cmd/platrules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-include rules.mk
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
deleted file mode 100644
index 4b50e62e6..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# Adjust specific variables for all platforms                         #
-#######################################################################
-
-OS_CFLAGS += -DNSPR20=1
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all     #
-# library names, and all special system linking options               #
-#######################################################################
-
-LDFLAGS = $(LDOPTS) $(LIBSECMOD) $(LIBHASH) $(LIBCERT) $(LIBKEY) \
-$(LIBCRYPTO) $(LIBSECUTIL) $(LIBDBM) $(LIBPLC) $(LIBPLDS) $(LIBPR) \
-$(LIBSECTOOLS) $(DLLSYSTEM)
-
-# These are the libraries from the PKCS #5 suite:
-#LDFLAGS = $(LDOPTS) $(LIBSECTOOLS) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBSECMOD) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBHASH) $(LIBDBM) $(LIBPLDS) $(LIBPLC) $(LIBPR) $(DLLSYSTEM)
-
-#######################################################################
-# Set the TARGETS value to build one executable from each object file #
-#######################################################################
-
-# TARGETS = $(OBJS:$(OBJ_SUFFIX)=$(PROG_SUFFIX))
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
deleted file mode 100644
index 1d3d7a4b5..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH=../../../../../../..
-
-#MODULE = sectools
-
-CSRCS = pk11test.c
-
-PROGRAM = pk11test
-
-REQUIRES = seccmd dbm security
-
-REGRESSION_SPEC = pkcs11.reg
-
-RESULTS_SUBDIR = security/pkcs11
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
deleted file mode 100644
index e011e8059..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
+++ /dev/null
@@ -1,1360 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define VERSION_MAJOR 1
-#define VERSION_MINOR 0
-#define VERSION_POINT 7
-/* Standard C includes */
-#include <stdlib.h>
-#include <stdio.h>
-
-/* NSPR includes */
-#include <prio.h>
-#include <prprf.h>
-#include <plarena.h>
-#include <prinit.h>
-#include <prmem.h>
-
-/* security includes */
-#include <pkcs11t.h>
-#include <secmodt.h>
-#include <pk11func.h>
-#include <secmod.h>
-#include <secutil.h>
-#include <keyt.h>
-
-/* replacer header file */
-#include "pk11test.h"
-
-#include "pkcs11.h"
-
-void SEC_Init(void);
-
-PRStatus InitCrypto(char*);
-int TestUserManagement();
-int TestCrypto();
-MechInfo* GetMechInfo(CK_MECHANISM_TYPE type);
-int TestEncrypt(CK_MECHANISM_TYPE mech);
-int TestSign(CK_MECHANISM_TYPE mech);
-int TestDigest(CK_MECHANISM_TYPE mech);
-int TestHMAC(CK_MECHANISM_TYPE mech);
-int TestSymmetricEncrypt(CK_MECHANISM_TYPE mech);
-int TestPKEncrypt(CK_MECHANISM_TYPE mech);
-
-
-static char* userpw = NULL;
-static int secerror=0;
-/* PK11SymKey *symkey=NULL;*/
-PK11SlotInfo *slot=NULL;
-
-/* Errors */
-enum {
-	NO_ERROR_AT_ALL=0,
-	NO_SUCH_SLOT=1,
-	KEY_GEN_FAILED,
-	CREATE_CONTEXT_FAILED,
-	INTERNAL_RNG_FAILED,
-	MECH_NOT_FOUND,
-	INPUT_FILE_ERROR,
-	KEY_COPY_FAILED,
-	CIPHER_OP_FAILED,
-	FINALIZE_FAILED,
-	RESULTS_DONT_MATCH,
-	PARAM_GEN_FAILED,
-	PLAINTEXT_DOESNT_MATCH,
-	ENCRYPTION_IS_NOOP,
-	WRAP_PRIVKEY_FAILED,
-	WRAP_SYMKEY_FAILED,
-	UNWRAP_SYMKEY_FAILED,
-	UNWRAPPED_KEY_DOESNT_MATCH,
-	UNWRAP_PRIVKEY_FAILED,
-	SIGNATURE_FAILED,
-	SIGNATURE_DOESNT_VERIFY,
-	AUTHENTICATION_FAILED,
-	AUTHENTICATION_SUCCEEDED,
-	MODDB_ACCESS
-};
-
-static char* errString[] = {
-	"No error",
-	"No such slot",
-	"Failed to generate key",
-	"Failed to create a cryptographic context",
-	"Failed to generate random bytes",
-	"Mechanism was not found",
-	"Error in input file",
-	"Failed to copy key from internal to external module",
-	"Cipher operation failed",
-	"Cipher finalization failed",
-	"Internal module produced a different result than the target module",
-	"Failed to generate cryptographic parameters",
-	"Recovered plaintext does not match original plaintext",
-	"Ciphertext is the same as plaintext",
-	"Unable to wrap private key",
-	"Unable to wrap symmetric key",
-	"Unable to unwrap symmetric key",
-	"Unwrapped key does not match original key",
-	"Unable to unwrap private key",
-	"Signing operation failed",
-	"Incorrect signature: doesn't verify",
-	"Failed to authenticate to slot",
-	"Authenticated to slot with incorrect password",
-	"Unable to access security module database"
-};
-
-/***********************************************************************
- *
- * R e a d I n p u t F i l e
- *
- * Read tokenname and module name from the file with the indicated name.
- * Pass in the addresses of pointers.  They will be set to point at
- * dynamically-allocated memory.
- *
- * Returns 0 on success, -1 on error with file.
- */
-int
-ReadInputFile(char *filename, char**tokenname, char**moddbname, char **userpw)
-{
-	PRFileDesc* file=NULL;
-	char readbuf[1025];
-	int numbytes=0;
-	char *cp;
-
-	*tokenname = NULL;
-	*moddbname = NULL;
-
-	/* Open file */
-	file = PR_Open(filename, PR_RDONLY, 0);
-	if(!file) {
-		return -1;
-	}
-
-	/* Read in everything */
-	numbytes = PR_Read(file, readbuf, 1024);
-	if(numbytes==-1) {
-		goto loser;
-	}
-	readbuf[numbytes] = '\0'; /* make sure we're null-terminated */
-
-	/* Get tokenname */
-	cp = strtok(readbuf, "\r\n");
-	if(cp == NULL) {
-		goto loser;
-	}
-	*tokenname = PR_Malloc(strlen(cp)+1);
-	strcpy(*tokenname, cp);
-
-	/* get moddbname */
-	cp = strtok(NULL, "\r\n");
-	if(cp == NULL) {
-		goto loser;
-	}
-	*moddbname = PR_Malloc(strlen(cp)+1);
-	strcpy(*moddbname, cp);
-
-	/* Get module PIN */
-	cp = strtok(NULL, "\r\n");
-	if(cp == NULL) {
-		goto loser;
-	}
-	*userpw = PR_Malloc(strlen(cp)+1);
-	strcpy(*userpw, cp);
-
-	PR_Close(file);
-	return 0;
-
-loser:
-	if(file) {
-		PR_Close(file);
-	}
-	if(*tokenname) {
-		PR_Free(*tokenname);
-		*tokenname = NULL;
-	}
-	if(*moddbname) {
-		PR_Free(*moddbname);
-		*moddbname = NULL;
-	}
-	return -1;
-}
-
-static PRBool supplyPassword=PR_TRUE;
-char*
-PasswordFunc(PK11SlotInfo *slot, PRBool loadcerts, void *wincx)
-{
-	if(supplyPassword) {
-		/*PR_fprintf(PR_STDOUT, "Feeding password: |%s|\n", userpw);*/
-		supplyPassword = PR_FALSE;
-		return PL_strdup(userpw);
-	} else  {
-		/*PR_fprintf(PR_STDOUT, "PasswordFunc supplying NULL.\n");*/
-		return NULL;
-	}
-}
-	
-
-/**********************************************************************
- *
- * m a i n
- *
- */
-int
-main(int argc, char *argv[])
-{
-	char *tokenname=NULL;
-	char *moddbname=NULL;
-	int errcode;
-
-	if(argc < 3) {
-		PR_fprintf(PR_STDERR,
-"\nPKCS #11 Test Suite Version %d.%d.%d\n\
-Usage: pkcs11 testid configfile\n",VERSION_MAJOR,VERSION_MINOR,VERSION_POINT);
-		return -1;
-	}
-
-	testId = atoi(argv[1]);
-	if(ReadInputFile(argv[2], &tokenname, &moddbname, &userpw)) {
-		errcode = INPUT_FILE_ERROR;
-		goto loser;
-	}
-
-	PR_fprintf(PR_STDOUT, "testId=%d\n", testId);
-	PR_fprintf(PR_STDOUT, "tokenname=%s\n", tokenname);
-	PR_fprintf(PR_STDOUT, "moddbname=%s\n", moddbname);
-
-	PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- 	if( InitCrypto(moddbname) != PR_SUCCESS ) {
-		errcode = MODDB_ACCESS;
-		goto loser;
-	}
-
-	slot = PK11_FindSlotByName(tokenname);
-	if(!slot) {
-		errcode = NO_SUCH_SLOT;
-		goto loser;
-	}
-
-	if(!REP_USE_CORRECT_PIN && userpw) {
-		/* don't use the pin passed in */
-		userpw[0]++;
-	}
-	PK11_SetPasswordFunc(PasswordFunc);
-	if(PK11_NeedLogin(slot)) {
-		SECStatus result;
-		supplyPassword = PR_TRUE;
-		result = PK11_Authenticate(slot, PR_FALSE, NULL);
-		/* If we just did an invalid login, login correctly so we don't
-		 * cause the token to lock us out */
-		if(!REP_USE_CORRECT_PIN) {
-			userpw[0]--;
-			supplyPassword = PR_TRUE;
-			PK11_Authenticate(slot, PR_FALSE, NULL);
-		}
-		if(REP_USE_CORRECT_PIN && result!=SECSuccess) {
-			errcode =  AUTHENTICATION_FAILED;
-			goto loser;
-		} else if(!REP_USE_CORRECT_PIN && result==SECSuccess) {
-			errcode = AUTHENTICATION_SUCCEEDED;
-			goto loser;
-		}
-	}
-
-	errcode = TestCrypto();
-
-loser:
-	if(tokenname) {
-		PR_Free(tokenname); tokenname = NULL;
-	}
-	if(moddbname) {
-		PR_Free(moddbname); moddbname = NULL;
-	}
-	if(errcode) {
-	    PR_fprintf(PR_STDOUT, "Exiting with error: %s.\n\n", errString[errcode]);
-	} else {
-		PR_fprintf(PR_STDOUT, "Test was successful\n\n");
-	}
-	return errcode;
-}
-
-/**********************************************************************
- *
- * I n i t C r y p t o
- *
- */
-PRStatus
-InitCrypto(char *moddbname)
-{
-	SEC_Init();
-
-	if( PR_Access(moddbname, PR_ACCESS_EXISTS) != PR_SUCCESS) {
-		PR_fprintf(PR_STDERR, "Error: %s does not exist.\n", moddbname);
-		return PR_FAILURE;
-	}
-	if( PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-		PR_fprintf(PR_STDERR, "Error: %s is not readable.\n",
-			moddbname);
-		return PR_FAILURE;
-	}
-
-	SECMOD_init(moddbname);
-	return PR_SUCCESS;
-}
-
-/**********************************************************************
- *
- * T e s t C r y p t o
- *
- */
-int
-TestCrypto()
-{
-	MechInfo *mechInfo;
-	int errcode;
-	unsigned short testcount=0;
-
-	if(!PK11_DoesMechanism(slot, REP_MECHANISM)) {
-		return 0;
-	}
-
-	mechInfo = GetMechInfo(REP_MECHANISM);
-	/*PR_fprintf(PR_STDOUT, "Using mechanism %x.\n", REP_MECHANISM);*/
-	if(!mechInfo) {
-		PR_fprintf(PR_STDERR, "Unable to find mech %x\n",
-			REP_MECHANISM);
-		return MECH_NOT_FOUND;
-	}
-
-	if(mechInfo->op & ENCRYPT_OP) {
-		testcount++;
-		errcode = TestEncrypt(REP_MECHANISM);
-		if(errcode) return errcode;
-	}
-
-	if(mechInfo->op & SIGN_OP) {
-		testcount++;
-		errcode = TestSign(REP_MECHANISM);
-		if(errcode) return errcode;
-	}
-
-#if 0
-	if(mechInfo->op & DIGEST_OP) {
-		testcount++;
-		errcode = TestDigest(REP_MECHANISM);
-		if(errcode) return errcode;
-	}
-
-	if(mechInfo->op & HMAC_OP) {
-		testcount++;
-		errcode = TestHMAC(REP_MECHANISM);
-		if(errcode) return errcode;
-	}
-#endif
-
-	return 0;
-}
-
-/**********************************************************************
- *
- * I s S y m m e t r i c
- *
- */
-int
-IsSymmetric(CK_MECHANISM_TYPE mech)
-{
-	switch(mech) {
-	case CKM_RC2_ECB:
-	case CKM_RC2_CBC:
-	case CKM_RC2_CBC_PAD:
-	case CKM_RC4:
-	case CKM_RC5_ECB:
-	case CKM_RC5_CBC:
-	case CKM_RC5_CBC_PAD:
-	case CKM_DES_ECB:
-	case CKM_DES_CBC:
-	case CKM_DES_CBC_PAD:
-	case CKM_DES3_ECB:
-	case CKM_DES3_CBC:
-	case CKM_DES3_CBC_PAD:
-	case CKM_CAST_ECB:
-	case CKM_CAST_CBC:
-	case CKM_CAST_CBC_PAD:
-	case CKM_CAST3_ECB:
-	case CKM_CAST3_CBC:
-	case CKM_CAST3_CBC_PAD:
-	case CKM_CAST5_ECB:
-	case CKM_CAST5_CBC:
-	case CKM_CAST5_CBC_PAD:
-	case CKM_IDEA_ECB:
-	case CKM_IDEA_CBC:
-	case CKM_IDEA_CBC_PAD:
-	case CKM_CDMF_ECB:
-	case CKM_CDMF_CBC:
-	case CKM_CDMF_CBC_PAD:
-	case CKM_SKIPJACK_ECB64:
-	case CKM_SKIPJACK_CBC64:
-	case CKM_SKIPJACK_OFB64:
-	case CKM_SKIPJACK_CFB64:
-	case CKM_SKIPJACK_CFB32:
-	case CKM_SKIPJACK_CFB16:
-	case CKM_SKIPJACK_CFB8:
-	case CKM_BATON_ECB128:
-	case CKM_BATON_ECB96:
-	case CKM_BATON_CBC128:
-	case CKM_BATON_COUNTER:
-	case CKM_BATON_SHUFFLE:
-	case CKM_JUNIPER_ECB128:
-	case CKM_JUNIPER_CBC128:
-	case CKM_JUNIPER_COUNTER:
-	case CKM_JUNIPER_SHUFFLE:
-		return 1;
-	default:
-		return 0;
-	}
-}
-
-/**********************************************************************
- *
- * T e s t E n c r y p t
- *
- */
-int
-TestEncrypt(CK_MECHANISM_TYPE mech)
-{
-
-	/*PR_fprintf(PR_STDOUT, "Inside TestEncrypt\n");*/
-	if(!PK11_DoesMechanism(slot, mech)) {
-		/* Can't test if the slot doesn't do this mechanism */
-		PR_fprintf(PR_STDERR, "Slot doesn't do this mechanism.\n");
-		return 0;
-	}
-
-	if(IsSymmetric(mech)) {
-		/*PR_fprintf(PR_STDOUT, "Is a symmetric algorithm\n");*/
-		return TestSymmetricEncrypt(mech);
-	} else {
-		/*PR_fprintf(PR_STDOUT, "Is not a symmetric algorithm\n");*/
-		return TestPKEncrypt(mech);
-	}
-
-	return 0;
-}
-
-/**********************************************************************
- *
- * G e n e r a t e P K P a r a m s
- *
- */
-void*
-GeneratePKParams(CK_MECHANISM_TYPE mech)
-{
-
-	/* FIPS preprocessor directives for DSA.                        */
-	#define FIPS_DSA_TYPE                           siBuffer
-	#define FIPS_DSA_DIGEST_LENGTH                  20  /* 160-bits */
-	#define FIPS_DSA_SUBPRIME_LENGTH                20  /* 160-bits */
-	#define FIPS_DSA_SIGNATURE_LENGTH               40  /* 320-bits */
-	#define FIPS_DSA_PRIME_LENGTH                   64  /* 512-bits */
-	#define FIPS_DSA_BASE_LENGTH                    64  /* 512-bits */
-
-
-	CK_MECHANISM_TYPE keygenMech;
-	PK11RSAGenParams *rsaparams;
-	PQGParams *dsa_pqg;
-	unsigned char *dsa_P = (unsigned char *)
-                           "\x8d\xf2\xa4\x94\x49\x22\x76\xaa"
-                           "\x3d\x25\x75\x9b\xb0\x68\x69\xcb"
-                           "\xea\xc0\xd8\x3a\xfb\x8d\x0c\xf7"
-                           "\xcb\xb8\x32\x4f\x0d\x78\x82\xe5"
-                           "\xd0\x76\x2f\xc5\xb7\x21\x0e\xaf"
-                           "\xc2\xe9\xad\xac\x32\xab\x7a\xac"
-                           "\x49\x69\x3d\xfb\xf8\x37\x24\xc2"
-                           "\xec\x07\x36\xee\x31\xc8\x02\x91";
-	unsigned char *dsa_Q = (unsigned char *)
-                           "\xc7\x73\x21\x8c\x73\x7e\xc8\xee"
-                           "\x99\x3b\x4f\x2d\xed\x30\xf4\x8e"
-                           "\xda\xce\x91\x5f";
-	unsigned char *dsa_G = (unsigned char *)
-                           "\x62\x6d\x02\x78\x39\xea\x0a\x13"
-                           "\x41\x31\x63\xa5\x5b\x4c\xb5\x00"
-                           "\x29\x9d\x55\x22\x95\x6c\xef\xcb"
-                           "\x3b\xff\x10\xf3\x99\xce\x2c\x2e"
-                           "\x71\xcb\x9d\xe5\xfa\x24\xba\xbf"
-                           "\x58\xe5\xb7\x95\x21\x92\x5c\x9c"
-                           "\xc4\x2e\x9f\x6f\x46\x4b\x08\x8c"
-                           "\xc5\x72\xaf\x53\xe6\xd7\x88\x02";
-
-
-	keygenMech = PK11_GetKeyGen(mech);
-
-	switch(keygenMech) {
-	case CKM_RSA_PKCS_KEY_PAIR_GEN:
-		rsaparams = PR_Malloc(sizeof(PK11RSAGenParams));
-		rsaparams->keySizeInBits = REP_PK_KEY_SIZE;
-		rsaparams->pe = 65537L;
-		return (void*) rsaparams;
-	case CKM_ECDSA_KEY_PAIR_GEN:
-	case CKM_DSA_KEY_PAIR_GEN:
-
-		/* Allocate PQG memory */
-		dsa_pqg = PORT_ZAlloc(sizeof(PQGParams));
-		dsa_pqg->prime.data = (unsigned char*)
-			PORT_ZAlloc(FIPS_DSA_PRIME_LENGTH);
-		dsa_pqg->subPrime.data = (unsigned char*)
-			PORT_ZAlloc(FIPS_DSA_SUBPRIME_LENGTH);
-		dsa_pqg->base.data = (unsigned char*)
-			PORT_ZAlloc(FIPS_DSA_BASE_LENGTH);
-
-		dsa_pqg->prime.type = FIPS_DSA_TYPE;
-		PORT_Memcpy(dsa_pqg->prime.data, dsa_P, FIPS_DSA_PRIME_LENGTH);
-		dsa_pqg->prime.len = FIPS_DSA_PRIME_LENGTH;
-
-		dsa_pqg->subPrime.type = FIPS_DSA_TYPE;
-		PORT_Memcpy( dsa_pqg->subPrime.data, dsa_Q,
-			FIPS_DSA_SUBPRIME_LENGTH );
-		dsa_pqg->subPrime.len = FIPS_DSA_SUBPRIME_LENGTH;
-
-		dsa_pqg->base.type = FIPS_DSA_TYPE;
-		PORT_Memcpy( dsa_pqg->base.data, dsa_G, FIPS_DSA_BASE_LENGTH );
-		dsa_pqg->base.len = FIPS_DSA_BASE_LENGTH;
-
-		return (void*) dsa_pqg;
-
-	case CKM_DH_PKCS_KEY_PAIR_GEN:
-	case CKM_KEA_KEY_PAIR_GEN:
-	default:
-		return NULL;
-	}
-	return NULL;
-}
-
-/**********************************************************************
- *
- * F r e e P K P a r a m s
- *
- */
-void
-FreePKParams(void* p, CK_MECHANISM_TYPE mech)
-{
-
-	switch(PK11_GetKeyGen(mech)) {
-	case CKM_RSA_PKCS_KEY_PAIR_GEN:
-		PR_Free( (PK11RSAGenParams*)p);
-		break;
-	case CKM_ECDSA_KEY_PAIR_GEN:
-	case CKM_DSA_KEY_PAIR_GEN:
-		PR_Free( (PQGParams*)p);
-		break;
-	}
-}
-
-
-/**********************************************************************
- *
- * T e s t P K E n c r y p t
- *
- */
-int
-TestPKEncrypt(CK_MECHANISM_TYPE mech)
-{
-	PK11SlotInfo *internal;
-	SECStatus status;
-	int errcode;
-	SECItem *kgparams;
-	SECKEYPublicKey *pubk=NULL;
-	SECKEYPrivateKey *refPrivk=NULL, *testPrivk=NULL;
-	PK11SymKey *refSymKey=NULL, *testSymKey=NULL, *recoveredSymKey=NULL;
-	SECItem refWrappedKey, testWrappedKey;
-	SECItem *refSymkeyData=NULL, *testSymkeyData=NULL;
-	SECItem wrapParams;
-	int testSymKeySize;
-    CK_ATTRIBUTE_TYPE usages[] = { CKA_UNWRAP };
-    int usageCount = 1;
-
-	wrapParams.data = "aaaaaaaa";
-	wrapParams.len = 8;
-
-	refWrappedKey.len = 1024;
-	refWrappedKey.data = PR_Malloc(1024);
-	testWrappedKey.len = 1024;
-	testWrappedKey.data = PR_Malloc(1024);
-
-	internal = PK11_GetInternalSlot();
-
-	/* Generate keygen parameter */
-	kgparams = GeneratePKParams(mech);
-	if(!kgparams) {
-		errcode = PARAM_GEN_FAILED;
-		goto loser;
-	}
-
-    /*
-     * Generate the keypair, either on the target module or on the internal
-     * module.
-     */
-	if(REP_KEYGEN_ON_TARGET) {
-		refPrivk = PK11_GenerateKeyPair(slot, PK11_GetKeyGen(mech),
-			kgparams, &pubk,
-			(slot==internal) ? PR_FALSE : PR_TRUE /*isPerm*/,
-			PR_FALSE /*isSensitive*/,
-			NULL/*wincx*/);
-	} else {
-		refPrivk = PK11_GenerateKeyPair(internal, PK11_GetKeyGen(mech),
-			kgparams, &pubk,
-			PR_FALSE/*isPerm*/, PR_FALSE /*isSensitive*/,
-			NULL/*wincx*/);
-	}
-	if(!refPrivk) {
-		secerror = PORT_GetError();
-		errcode = KEY_GEN_FAILED;
-		goto loser;
-	}
-
-	/*
-	 * Generate symmetric key, either on the target module or on the internal
-     * module.
-	 */
-	if(REP_KEYGEN_ON_TARGET) {
-		refSymKey = PK11_KeyGen(slot, CKM_DES_CBC_PAD, NULL,
-			REP_SYMKEY_SIZE, NULL);
-	} else {
-		refSymKey = PK11_KeyGen(internal, CKM_DES_CBC_PAD, NULL,
-			REP_SYMKEY_SIZE, NULL);
-	}
-	if(!refSymKey) {
-		secerror = PORT_GetError();
-		errcode = KEY_GEN_FAILED;
-		goto loser;
-	}
-
-	/*
-     * If we generated the keys on the internal module, we have to
-     * transfer them from the internal module to the target module, unless
-     * the target module is the internal module.
-	 */
-	if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
-		SECItem empty;
-		SECItem label;
-		empty.len=0;
-		empty.data=NULL;
-		label.data = "foobar";
-		label.len = 6;
-
-		/* Copy the symmetric key to the target token*/
-		testSymKey = pk11_CopyToSlot(slot,
-					     CKM_DES_CBC_PAD,
-					     CKA_UNWRAP,
-					     refSymKey);
-		if(testSymKey==NULL) {
-			secerror = PORT_GetError();
-			errcode = KEY_COPY_FAILED;
-			goto loser;
-		}
-
-		/* Copy the private key to the target token */
-		status = PK11_WrapPrivKey(internal,
-					  refSymKey,
-					  refPrivk,
-					  CKM_DES_CBC_PAD,
-					  &wrapParams,
-					  &refWrappedKey,
-					  NULL /*wincx*/);
-		if(status != SECSuccess) {
-			secerror = PORT_GetError();
-			errcode = WRAP_PRIVKEY_FAILED;
-			goto loser;
-		}
-
-		testPrivk = PK11_UnwrapPrivKey(slot,
-						 testSymKey,
-						 CKM_DES_CBC_PAD,
-						 &wrapParams,
-						 &refWrappedKey,
-						 &label /*label*/,
-						 &empty /*ID Value*/,
-						 PR_TRUE /*perm*/,
-						 PR_TRUE /*sensitive*/,
-                         PK11_GetKeyType(mech, 0),
-                         usages, usageCount,
-						 NULL /*wincx*/);
-		if(testPrivk==NULL) {
-			secerror = PORT_GetError();
-			errcode = UNWRAP_PRIVKEY_FAILED;
-			goto loser;
-		}
-	} else {
-		testPrivk=refPrivk; refPrivk = NULL;
-		testSymKey=refSymKey; refSymKey = NULL;
-	}
-
-	/* Wrap the symmetric key with the public key */
-    /* !!! Which mech do we use here, the symmetric or the PK? */
-	status = PK11_PubWrapSymKey(mech, pubk, testSymKey, &testWrappedKey);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = WRAP_SYMKEY_FAILED;
-		goto loser;
-	}
-	testSymKeySize = PK11_GetKeyLength(testSymKey);
-
-	/*
-	 * Unless we are testing the internal slot, do the same wrap operation
-	 * on the internal slot and compare with the wrap done on the module
-	 * under test.  If we did the keygen on the target module, we don't
-     * have the keys on the internal module so we can't compare.
-	 */
-	if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
-		status = PK11_PubWrapSymKey(mech, pubk, refSymKey,
-				&refWrappedKey);
-		if(status != SECSuccess) {
-			secerror = PORT_GetError();
-			errcode = WRAP_SYMKEY_FAILED;
-			goto loser;
-		}
-
-		if( (testWrappedKey.len != refWrappedKey.len) ||
-		    memcmp(testWrappedKey.data, refWrappedKey.data, 
-			testWrappedKey.len) ) {
-			/* Wrapped Keys don't match */
-			/* !!! There's random data in these encryptions, so they'll never
-             * match. */
-			/*errcode = RESULTS_DONT_MATCH;*/
-			/*goto loser;*/
-		}
-	}
-
-	/* Get the data of the symmetric key */
-    /* Extracting the key value may not work, depending on the token.  If
-     * it doesn't work, we won't be able to do the comparison later */
-    PK11_ExtractKeyValue(testSymKey);
-	testSymkeyData = PK11_GetKeyData(testSymKey);
-    if(testSymkeyData->data == NULL) {
-        /* couldn't extract key data */
-        testSymkeyData = NULL;
-    } else {
-	    testSymkeyData = SECITEM_DupItem(testSymkeyData);
-    }
-
-	/* Destroy the symmetric key everywhere */
-	if(refSymKey) {
-		PK11_FreeSymKey(refSymKey); refSymKey = NULL;
-	}
-	if(testSymKey) {
-		PK11_FreeSymKey(testSymKey); testSymKey = NULL;
-	}
-
-	/*
-	 * Unwrap the key and make sure we get the same thing back. Can only
-     * do this if we were able to get the key data from the test token.
-	 */
-    if(testSymkeyData != NULL) {
-	    refSymKey = PK11_PubUnwrapSymKey(testPrivk, &testWrappedKey,
-			    CKM_DES_CBC_PAD, CKA_WRAP, testSymKeySize);
-	    if(refSymKey==NULL) {
-		    secerror = PORT_GetError();
-		    errcode = UNWRAP_SYMKEY_FAILED;
-		    goto loser;
-	    }
-        /* We should always be able to get the key data from the internal
-         * module */
-		PK11_ExtractKeyValue(refSymKey);
-	    refSymkeyData = PK11_GetKeyData(refSymKey);
-        PR_ASSERT(refSymkeyData!=NULL && refSymkeyData->data!=NULL);
-        PR_ASSERT(testSymkeyData!=NULL && testSymkeyData->data!=NULL);
-	    if(SECITEM_CompareItem(refSymkeyData, testSymkeyData) != SECEqual) {
-		    errcode = UNWRAPPED_KEY_DOESNT_MATCH;
-		    goto loser;
-	    }
-    }
-
-#ifdef DEBUG
-	PR_fprintf(PR_STDOUT, "Successfully finished TestPKEncrypt!\n");
-#endif
-
-	errcode = 0;
-
-loser:
-	if(refPrivk) {
-		SECKEY_DestroyPrivateKey(refPrivk);
-	}
-	SECITEM_FreeItem(&refWrappedKey, PR_FALSE);
-	SECITEM_FreeItem(&testWrappedKey, PR_FALSE);
-	if(refSymkeyData) {
-		/* do nothing, it's a copy */
-	}
-	if(testSymkeyData) {
-		SECITEM_FreeItem(testSymkeyData, PR_TRUE);
-	}
-	if(pubk) {
-		SECKEY_DestroyPublicKey(pubk);
-	}
-	if(testPrivk) {
-		SECKEY_DestroyPrivateKey(testPrivk);
-	}
-	if(refSymKey) {
-		PK11_FreeSymKey(refSymKey);
-	} 
-	if(testSymKey) {
-		PK11_FreeSymKey(testSymKey);
-	}
-	if(recoveredSymKey) {
-		PK11_FreeSymKey(recoveredSymKey);
-	}
-	return errcode;
-	
-
-}
-
-/**********************************************************************
- *
- * T e s t S y m m e t r i c E n c r y p t
- *
- */
-int
-TestSymmetricEncrypt(CK_MECHANISM_TYPE mech)
-{
-	PK11Context *refcontext=NULL, *testcontext=NULL;
-	PK11SlotInfo *internal;
-	SECStatus status;
-	PK11SymKey* intkey=NULL, *extkey=NULL;
-	int errcode;
-	unsigned char *ptext=NULL;
-	int maxclen = REP_PLAINTEXT_LEN + 128;
-	unsigned char *refctext=NULL, *testctext=NULL;
-	int refclen, testclen;
-	unsigned char *recovered=NULL;
-	int reclen;
-	SECItem iv, *param=NULL;
-
-	internal = PK11_GetInternalSlot();
-
-	ptext = PR_Malloc(REP_PLAINTEXT_LEN);
-	refctext = PR_Malloc(maxclen);
-	testctext = PR_Malloc(maxclen);
-	recovered = PR_Malloc(maxclen);
-
-    /* Generate random plaintext */
-	status = RNG_GenerateGlobalRandomBytes(ptext, REP_PLAINTEXT_LEN);
-	if(status != SECSuccess) {
-		errcode = INTERNAL_RNG_FAILED;
-		goto loser;
-	}
-
-	/* Generate mechanism parameter */
-	iv.len = 8;
-	iv.data = "aaaaaaaa"; /* !!! does this need to be random? Maybe a
-                            * replacer variable ? */
-	param = PK11_ParamFromIV(mech, &iv);
-	if(!param) {
-		errcode = PARAM_GEN_FAILED;
-		goto loser;
-	}
-
-	/*
-     * Generate the key, either on the target module or the internal module.
-	 */
-	if(REP_KEYGEN_ON_TARGET) {
-		intkey = PK11_KeyGen(slot, mech, NULL, REP_SYMKEY_SIZE,
-			NULL);
-	} else {
-		intkey = PK11_KeyGen(internal, mech, NULL, REP_SYMKEY_SIZE,
-			NULL);
-	}
-	if(!intkey) {
-		secerror = PORT_GetError();
-		errcode = KEY_GEN_FAILED;
-		goto loser;
-	}
-
-	if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
-		/* Copy the key to the target token if it isn't there already */
-		extkey = pk11_CopyToSlot(slot, mech, CKA_ENCRYPT, intkey);
-		if(!extkey) {
-			secerror = PORT_GetError();
-			errcode = KEY_COPY_FAILED;
-			goto loser;
-		}
-	} else {
-		extkey = intkey;
-		intkey = NULL;
-	}
-
-	/* Create an encryption context */
-	testcontext = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, extkey,
-						param);
-	if(!testcontext) {
-		secerror = PORT_GetError();
-		errcode = CREATE_CONTEXT_FAILED;
-		goto loser;
-	}
-
-	/* Do the encryption */
-	status = PK11_CipherOp(testcontext, testctext, &testclen,
-				maxclen, ptext, REP_PLAINTEXT_LEN);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = CIPHER_OP_FAILED;
-		goto loser;
-	}
-	status = PK11_Finalize(testcontext);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = FINALIZE_FAILED;
-		goto loser;
-	}
-
-	/* Free the encryption context */
-	PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
-	testcontext = NULL;
-
-	/* Make sure the encryption did something */
-	if(!memcmp(ptext, testctext,
-		REP_PLAINTEXT_LEN > testclen ? testclen : REP_PLAINTEXT_LEN)) {
-		errcode = ENCRYPTION_IS_NOOP;
-		goto loser;
-	}
-
-    /*
-	 * Now do everything on the internal module and compare the results. 
-     * If the key was generated on the target module, it doesn't exist on
-     * the internal module so we can't compare.
-     */
-	if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
-		/* Create encryption context */
-		refcontext = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT,
-			intkey, param);
-		if(!refcontext) {
-			secerror = PORT_GetError();
-			errcode = CREATE_CONTEXT_FAILED;
-			goto loser;
-		}
-
-		/* Perform the encryption */
-		status = PK11_CipherOp(refcontext, refctext, &refclen,
-				maxclen, ptext, REP_PLAINTEXT_LEN);
-		if(status != SECSuccess) {
-			secerror = PORT_GetError();
-			errcode = CIPHER_OP_FAILED;
-			goto loser;
-		}
-		status = PK11_Finalize(refcontext);
-		if(status != SECSuccess) {
-			secerror = PORT_GetError();
-			errcode = FINALIZE_FAILED;
-			goto loser;
-		}
-
-		/* Free the context */
-		PK11_DestroyContext(refcontext, PR_TRUE /*freeit*/);
-		refcontext = NULL;
-
-
-		/* Compare the ciphertext from the target module and the
-		 * internal module
-		 */
-		if( (testclen != refclen) ||
-		  (memcmp(testctext, refctext, testclen)) ) {
-			errcode = RESULTS_DONT_MATCH;
-			goto loser;
-		}
-	}
-
-	/*
-	 * Decrypt the ciphertext and make sure we get back the original
-	 * ptext
-	 */
-
-	/* Create the decryption context */
-	testcontext = PK11_CreateContextBySymKey(mech, CKA_DECRYPT, extkey,
-				param);
-	if(!testcontext) {
-		secerror = PORT_GetError();
-		errcode = CREATE_CONTEXT_FAILED;
-		goto loser;
-	}
-
-	/* Do the decryption */
-	status = PK11_CipherOp(testcontext, recovered, &reclen,
-				maxclen, testctext, testclen);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = CIPHER_OP_FAILED;
-		goto loser;
-	}
-	status = PK11_Finalize(testcontext);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = FINALIZE_FAILED;
-		goto loser;
-	}
-
-
-	/* Free the encryption context */
-	PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
-	testcontext = NULL;
-
-
-	/* Compare the recovered text to the plaintext */
-	if( (reclen != REP_PLAINTEXT_LEN) || 
-		(memcmp(recovered, ptext, reclen)) ) {
-			errcode = PLAINTEXT_DOESNT_MATCH;
-			goto loser;
-	}
-	
-
-#ifdef DEBUG
-	PR_fprintf(PR_STDOUT, "Successfully finished TestSymmetricEncrypt!\n");
-#endif
-
-	errcode = 0;
-
-loser:
-	if(ptext) {
-		PR_Free(ptext); ptext = NULL;
-	}
-	if(refctext) {
-		PR_Free(refctext); refctext = NULL;
-	}
-	if(testctext) {
-		PR_Free(testctext); testctext = NULL;
-	}
-	if(intkey) {
-		PK11_FreeSymKey(intkey); intkey = NULL;
-	}
-	if(extkey) {
-		PK11_FreeSymKey(extkey); extkey = NULL;
-	}
-	if(testcontext) {
-		PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
-	}
-	if(refcontext) {
-		PK11_DestroyContext(refcontext, PR_TRUE /*freeit*/);
-	}
-	if(param) {
-		SECITEM_FreeItem(param, PR_TRUE);
-		param = NULL;
-	}
-	if(recovered) {
-		PR_Free(recovered); recovered = NULL;
-	}
-	return errcode;
-}
-
-/**********************************************************************
- *
- * T e s t S i g n
- *
- */
-int
-TestSign(CK_MECHANISM_TYPE mech)
-{
-	PK11SlotInfo *internal;
-	SECStatus status;
-	int errcode;
-	SECItem *kgparams;
-	SECKEYPublicKey *pubk=NULL;
-	SECKEYPrivateKey *refPrivk=NULL, *testPrivk=NULL;
-	PK11SymKey *refSymKey=NULL, *testSymKey=NULL, *recoveredSymKey=NULL;
-	SECItem refWrappedKey, testWrappedKey;
-	SECItem ptext, refSignature, testSignature;
-	SECItem wrapParam;
-    CK_ATTRIBUTE_TYPE usages[] = { CKA_SIGN };
-    int usageCount = 1;
-
-	refWrappedKey.len = 1024;
-	refWrappedKey.data = PR_Malloc(1024);
-	testWrappedKey.len = 1024;
-	testWrappedKey.data = PR_Malloc(1024);
-	refSignature.len = 1024;
-	refSignature.data = PR_Malloc(1024);
-	testSignature.len = 1024;
-	testSignature.data = PR_Malloc(1024);
-	wrapParam.data = "aaaaaaaa";
-	wrapParam.len = 8;
-
-	internal = PK11_GetInternalSlot();
-
-	/* Generate random ptext */
-	ptext.data = PR_Malloc(20);
-	ptext.len = 20;
-	status = RNG_GenerateGlobalRandomBytes(ptext.data, 8);
-	if(status != SECSuccess) {
-		errcode = INTERNAL_RNG_FAILED;
-		goto loser;
-	}
-
-	/* Generate keygen parameter */
-	kgparams = GeneratePKParams(mech);
-	if(!kgparams) {
-		errcode = PARAM_GEN_FAILED;
-		goto loser;
-	}
-
-	/*
-     * Generate the keypair, on the target module or the internal module.
-	 */
-	if(REP_KEYGEN_ON_TARGET) {
-		refPrivk = PK11_GenerateKeyPair(slot, PK11_GetKeyGen(mech),
-			kgparams, &pubk, (slot==internal) ? PR_FALSE :
-			PR_TRUE /*isPerm*/,
-			PR_FALSE /*isSensitive*/, NULL/*wincx*/);
-	} else {
-		refPrivk = PK11_GenerateKeyPair(internal, PK11_GetKeyGen(mech),
-			kgparams, &pubk, PR_FALSE /*isPerm*/,
-			PR_FALSE /*isSensitive*/, NULL/*wincx*/);
-	}
-	if(!refPrivk) {
-		secerror = PORT_GetError();
-		errcode = KEY_GEN_FAILED;
-		goto loser;
-	}
-
-	/*
-	 * Generate symmetric key, on the target module or the internal module.
-	 */
-	if(REP_KEYGEN_ON_TARGET) {
-		refSymKey = PK11_KeyGen(slot, CKM_DES_CBC_PAD, NULL,
-			REP_SYMKEY_SIZE, NULL);
-	} else {
-		refSymKey = PK11_KeyGen(internal, CKM_DES_CBC_PAD, NULL,
-			REP_SYMKEY_SIZE, NULL);
-	}
-	if(!refSymKey) {
-		secerror = PORT_GetError();
-		errcode = KEY_GEN_FAILED;
-		goto loser;
-	}
-
-	/*
-     * If the key was generated on the internal module, copy it to the
-     * target module, unless the target module is the internal module.
-	 */
-	if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
-		SECItem empty;
-		SECItem label;
-		SECItem *pubValue;
-		empty.len=0;
-		empty.data=NULL;
-		label.len=6;
-		label.data = "foobar";
-
-		/* Copy the symmetric key to the target token*/
-		testSymKey = pk11_CopyToSlot(slot,
-					     CKM_DES_CBC_PAD,
-					     CKA_WRAP,
-					     refSymKey);
-		if(testSymKey==NULL) {
-			secerror = PORT_GetError();
-			errcode = KEY_COPY_FAILED;
-			goto loser;
-		}
-
-		/* Copy the private key to the target token */
-		status = PK11_WrapPrivKey(internal,
-					  refSymKey,
-					  refPrivk,
-					  CKM_DES_CBC_PAD,
-					  &wrapParam,
-					  &refWrappedKey,
-					  NULL /*wincx*/);
-		if(status != SECSuccess) {
-			secerror = PORT_GetError();
-			errcode = WRAP_PRIVKEY_FAILED;
-			goto loser;
-		}
-
-		switch(pubk->keyType) {
-		case dsaKey:
-			pubValue = SECITEM_DupItem(&pubk->u.dsa.publicValue);
-			break;
-		case rsaKey:
-			pubValue = SECITEM_DupItem(&pubk->u.rsa.modulus);
-			break;
-		default:
-			pubValue = NULL;
-		}
-		testPrivk = PK11_UnwrapPrivKey(slot,
-						 testSymKey,
-						 CKM_DES_CBC_PAD,
-						 &wrapParam,
-						 &refWrappedKey,
-						 &label /*label*/,
-						 pubValue /*ID Value*/,
-						 PR_TRUE /*perm*/,
-						 PR_TRUE /*sensitive*/,
-                         PK11_GetKeyType(mech, 0),
-                         usages, usageCount,
-						 NULL /*wincx*/);
-		if(pubValue) {
-			SECITEM_FreeItem(pubValue, PR_TRUE);
-			pubValue = NULL;
-		}
-		if(testPrivk==NULL) {
-			secerror = PORT_GetError();
-			errcode = UNWRAP_PRIVKEY_FAILED;
-			goto loser;
-		}
-	} else {
-		testPrivk=refPrivk; refPrivk = NULL;
-		testSymKey=refSymKey; refSymKey = NULL;
-	}
-
-	/* Sign the data with the private key */
-	status = PK11_Sign(testPrivk, &testSignature, &ptext);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = SIGNATURE_FAILED;
-		goto loser;
-	}
-
-	/*
-	 * Unless we are testing the internal slot, do the same wrap operation
-	 * on the internal slot and compare with the signature done on the
-	 * module under test
-	 * Also, DSA signatures contain random data, so comparing them
-	 * is useless (I suppose if they are the same something is wrong!).
-	 */
-	if( (slot != internal) && !REP_KEYGEN_ON_TARGET
-		&& mech != CKM_DSA && mech != CKM_DSA_SHA1) {
-		status = PK11_Sign(refPrivk, &refSignature, &ptext);
-		if(status != SECSuccess) {
-			secerror = PORT_GetError();
-			errcode = SIGNATURE_FAILED;
-			goto loser;
-		}
-
-		if( SECITEM_CompareItem(&refSignature, &testSignature)
-			!=  SECEqual) {
-			errcode = RESULTS_DONT_MATCH;
-			goto loser;
-		}
-	}
-
-
-	/*
-	 * Verify the signature.
-	 */
-	status = PK11_Verify(pubk, &testSignature, &ptext, NULL /*wincx*/);
-	if(status != SECSuccess) {
-		secerror = PORT_GetError();
-		errcode = SIGNATURE_DOESNT_VERIFY;
-		goto loser;
-	}
-
-
-#ifdef DEBUG
-	PR_fprintf(PR_STDOUT, "Successfully finished TestSign!\n");
-#endif
-
-	errcode = 0;
-
-loser:
-	SECITEM_FreeItem(&refWrappedKey, PR_FALSE);
-	SECITEM_FreeItem(&testWrappedKey, PR_FALSE);
-	SECITEM_FreeItem(&ptext, PR_FALSE);
-	SECITEM_FreeItem(&refSignature, PR_FALSE);
-	SECITEM_FreeItem(&testSignature, PR_FALSE);
-	if(refPrivk) {
-		SECKEY_DestroyPrivateKey(refPrivk);
-	}
-	if(pubk) {
-		SECKEY_DestroyPublicKey(pubk);
-	}
-	if(testPrivk) {
-		SECKEY_DestroyPrivateKey(testPrivk);
-	}
-	if(refSymKey) {
-		PK11_FreeSymKey(refSymKey);
-	} 
-	if(testSymKey) {
-		PK11_FreeSymKey(testSymKey);
-	}
-	if(recoveredSymKey) {
-		PK11_FreeSymKey(recoveredSymKey);
-	}
-	return errcode;
-	
-
-}
-
-/**********************************************************************
- *
- * T e s t D i g e s t
- *
- */
-int
-TestDigest(CK_MECHANISM_TYPE mech)
-{
-	return 0;
-}
-
-/**********************************************************************
- *
- * T e s t H M A C
- *
- */
-int
-TestHMAC(CK_MECHANISM_TYPE mech)
-{
-	return 0;
-}
-
-/**********************************************************************
- *
- * G e t M e c h I n f o
- *
- */
-MechInfo*
-GetMechInfo(CK_MECHANISM_TYPE type)
-{
-	/* mechInfo array is sorted by type, so we can do a binary search
-	   l is the left-most possible matching index
-	   r is the rightmost possible matching index
-	   mid is approximately the middle point between l and r */
-	int l, r, mid;
-
-	l = 0; r = numMechs-1;
-
-	while(l <= r) {
-		mid = (l+r)/2;
-		if(mechInfo[mid].type == type) {
-			return &(mechInfo[mid]);
-		} else if(mechInfo[mid].type < type) {
-			l = mid+1;
-		} else {
-			r = mid-1;
-		}
-	}
-
-	/* If l > r, the pointers have crossed without finding the element. */
-	return NULL;
-}
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
deleted file mode 100755
index f14de494f..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PK11TEST_H
-#define PK11TEST_H
-
-#define REP_SYMKEY_MECHANISM CKM_DES_KEY_GEN
-
-/* symmetric key size in bytes */
-#define REP_SYMKEY_SIZE 8
-
-#define REP_PK_KEY_SIZE 1024
-#define REP_PLAINTEXT_LEN 8
-#define REP_MECHANISM mechanism[testId/2/2%46]
-#define REP_USE_CORRECT_PIN UseCorrectPin[testId%2]
-#define REP_KEYGEN_ON_TARGET KeyGenOnTarget[testId/2%2]
-#define CKM_NO_OP 0x80001111
-
-int testId = 0;
-
-PRBool UseCorrectPin[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool KeyGenOnTarget[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-CK_MECHANISM_TYPE mechanism[] = {
-	CKM_NO_OP,
-	CKM_RSA_PKCS,
-	CKM_RSA_9796,
-	CKM_RSA_X_509,
-	CKM_MD2_RSA_PKCS,
-	CKM_MD5_RSA_PKCS,
-	CKM_SHA1_RSA_PKCS,
-	CKM_DSA,
-	CKM_DSA_SHA1,
-	CKM_ECDSA,
-	CKM_ECDSA_SHA1,
-	CKM_RC2_ECB,
-	CKM_RC2_CBC,
-	CKM_RC4,
-	CKM_RC5_ECB,
-	CKM_RC5_CBC,
-	CKM_DES_ECB,
-	CKM_DES_CBC,
-	CKM_DES3_ECB,
-	CKM_DES3_CBC,
-	CKM_CAST_ECB,
-	CKM_CAST_CBC,
-	CKM_CAST3_ECB,
-	CKM_CAST3_CBC,
-	CKM_CAST5_ECB,
-	CKM_CAST5_CBC,
-	CKM_IDEA_ECB,
-	CKM_IDEA_CBC,
-	CKM_CDMF_ECB,
-	CKM_CDMF_CBC,
-	CKM_SKIPJACK_ECB64,
-	CKM_SKIPJACK_CBC64,
-	CKM_SKIPJACK_OFB64,
-	CKM_SKIPJACK_CFB64,
-	CKM_SKIPJACK_CFB32,
-	CKM_SKIPJACK_CFB16,
-	CKM_SKIPJACK_CFB8,
-	CKM_BATON_ECB128,
-	CKM_BATON_ECB96,
-	CKM_BATON_CBC128,
-	CKM_BATON_COUNTER,
-	CKM_BATON_SHUFFLE,
-	CKM_JUNIPER_ECB128,
-	CKM_JUNIPER_CBC128,
-	CKM_JUNIPER_COUNTER,
-	CKM_JUNIPER_SHUFFLE
-};
-
-
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
deleted file mode 100644
index bf78cf6ce..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PK11TEST_H
-#define PK11TEST_H
-
-#define REP_SYMKEY_MECHANISM CKM_DES_KEY_GEN
-
-/* symmetric key size in bytes */
-#define REP_SYMKEY_SIZE 8
-
-#define REP_PK_KEY_SIZE 1024
-#define REP_PLAINTEXT_LEN 8
-#define REP_MECHANISM $[mechanism]
-#define REP_USE_CORRECT_PIN $[UseCorrectPin]
-#define REP_KEYGEN_ON_TARGET $[KeyGenOnTarget]
-#define CKM_NO_OP 0x80001111
-
-$[DATA-TO-TEST]
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
deleted file mode 100644
index ae3a933d4..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PKCS11_H
-#define PKCS11_H
-
-#define NULL_OP		0x00
-#define ENCRYPT_OP	0x01
-#define SIGN_OP		0x02
-#define KEYGEN_OP	0x04
-#define DIGEST_OP	0x08
-#define HMAC_OP		0x10
-
-typedef struct {
-	CK_MECHANISM_TYPE	type;
-	int			op;
-	CK_MECHANISM_TYPE	keygenMech;
-} MechInfo;
-
-static int numMechs=118;
-static MechInfo mechInfo[] = {
-	{CKM_RSA_PKCS_KEY_PAIR_GEN,
-				KEYGEN_OP,	CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_RSA_PKCS,		ENCRYPT_OP | SIGN_OP,
-						CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_RSA_9796,		SIGN_OP,	CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_RSA_X_509,		ENCRYPT_OP | SIGN_OP,
-						CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_MD2_RSA_PKCS,	SIGN_OP,	CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_MD5_RSA_PKCS,	SIGN_OP,	CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_SHA1_RSA_PKCS,	SIGN_OP,	CKM_RSA_PKCS_KEY_PAIR_GEN},
-	{CKM_DSA_KEY_PAIR_GEN,	KEYGEN_OP,	CKM_DSA_KEY_PAIR_GEN},
-	{CKM_DSA,		SIGN_OP,	CKM_DSA_KEY_PAIR_GEN},
-	{CKM_DSA_SHA1,		SIGN_OP,	CKM_DSA_KEY_PAIR_GEN},
-	{CKM_DH_PKCS_KEY_PAIR_GEN,
-				KEYGEN_OP,	CKM_DH_PKCS_KEY_PAIR_GEN},
-	{CKM_DH_PKCS_DERIVE,	NULL_OP,	0},
-	{CKM_RC2_KEY_GEN,	KEYGEN_OP,	CKM_RC2_KEY_GEN},
-	{CKM_RC2_ECB,		ENCRYPT_OP,	CKM_RC2_KEY_GEN},
-	{CKM_RC2_CBC,		ENCRYPT_OP,	CKM_RC2_KEY_GEN},
-	{CKM_RC2_MAC,		NULL_OP,	CKM_RC2_KEY_GEN},
-	{CKM_RC2_MAC_GENERAL,	NULL_OP,	CKM_RC2_KEY_GEN},
-	{CKM_RC2_CBC_PAD,	NULL_OP,	CKM_RC2_KEY_GEN},
-	{CKM_RC4_KEY_GEN,	KEYGEN_OP,	CKM_RC4_KEY_GEN},
-	{CKM_RC4,		ENCRYPT_OP,	CKM_RC4_KEY_GEN},
-	{CKM_DES_KEY_GEN,	KEYGEN_OP,	CKM_DES_KEY_GEN},
-	{CKM_DES_ECB,		ENCRYPT_OP,	CKM_DES_KEY_GEN},
-	{CKM_DES_CBC,		ENCRYPT_OP,	CKM_DES_KEY_GEN},
-	{CKM_DES_MAC,		NULL_OP,	CKM_DES_KEY_GEN},
-	{CKM_DES_MAC_GENERAL,	NULL_OP,	CKM_DES_KEY_GEN},
-	{CKM_DES_CBC_PAD,	NULL_OP,	CKM_DES_KEY_GEN},
-	{CKM_DES2_KEY_GEN,	KEYGEN_OP,	CKM_DES2_KEY_GEN},
-	{CKM_DES3_KEY_GEN,	KEYGEN_OP,	CKM_DES3_KEY_GEN},
-	{CKM_DES3_ECB,		ENCRYPT_OP,	CKM_DES3_KEY_GEN},
-	{CKM_DES3_CBC,		ENCRYPT_OP,	CKM_DES3_KEY_GEN},
-	{CKM_DES3_MAC,		NULL_OP,	CKM_DES3_KEY_GEN},
-	{CKM_DES3_MAC_GENERAL,	NULL_OP,	CKM_DES3_KEY_GEN},
-	{CKM_DES3_CBC_PAD,	NULL_OP,	CKM_DES3_KEY_GEN},
-	{CKM_CDMF_KEY_GEN,	KEYGEN_OP,	CKM_CDMF_KEY_GEN},
-	{CKM_CDMF_ECB,		ENCRYPT_OP,	CKM_CDMF_KEY_GEN},
-	{CKM_CDMF_CBC,		ENCRYPT_OP,	CKM_CDMF_KEY_GEN},
-	{CKM_CDMF_MAC,		NULL_OP,	CKM_CDMF_KEY_GEN},
-	{CKM_CDMF_MAC_GENERAL,	NULL_OP,	CKM_CDMF_KEY_GEN},
-	{CKM_CDMF_CBC_PAD,	NULL_OP,	CKM_CDMF_KEY_GEN},
-	{CKM_MD2,		DIGEST_OP,	0},
-	{CKM_MD2_HMAC,		HMAC_OP,	0},
-	{CKM_MD2_HMAC_GENERAL,	HMAC_OP,	0},
-	{CKM_MD5,		DIGEST_OP,	0},
-	{CKM_MD5_HMAC,		HMAC_OP,	0},
-	{CKM_MD5_HMAC_GENERAL,	HMAC_OP,	0},
-	{CKM_SHA_1,		DIGEST_OP,	0},
-	{CKM_SHA_1_HMAC,	HMAC_OP,	0},
-	{CKM_SHA_1_HMAC_GENERAL,HMAC_OP,	0},
-	{CKM_CAST_KEY_GEN,	KEYGEN_OP,	CKM_CAST_KEY_GEN},
-	{CKM_CAST_ECB,		ENCRYPT_OP,	CKM_CAST_KEY_GEN},
-	{CKM_CAST_CBC,		ENCRYPT_OP,	CKM_CAST_KEY_GEN},
-	{CKM_CAST_MAC,		NULL_OP,	CKM_CAST_KEY_GEN},
-	{CKM_CAST_MAC_GENERAL,	NULL_OP,	CKM_CAST_KEY_GEN},
-	{CKM_CAST_CBC_PAD,	NULL_OP,	CKM_CAST_KEY_GEN},
-	{CKM_CAST3_KEY_GEN,	KEYGEN_OP,	CKM_CAST3_KEY_GEN},
-	{CKM_CAST3_ECB,		ENCRYPT_OP,	CKM_CAST3_KEY_GEN},
-	{CKM_CAST3_CBC,		ENCRYPT_OP,	CKM_CAST3_KEY_GEN},
-	{CKM_CAST3_MAC,		NULL_OP,	CKM_CAST3_KEY_GEN},
-	{CKM_CAST3_MAC_GENERAL,	NULL_OP,	CKM_CAST3_KEY_GEN},
-	{CKM_CAST3_CBC_PAD,	NULL_OP,	CKM_CAST3_KEY_GEN},
-	{CKM_CAST5_KEY_GEN,	KEYGEN_OP,	CKM_CAST5_KEY_GEN},
-	{CKM_CAST5_ECB,		ENCRYPT_OP,	CKM_CAST5_KEY_GEN},
-	{CKM_CAST5_CBC,		ENCRYPT_OP,	CKM_CAST5_KEY_GEN},
-	{CKM_CAST5_MAC,		NULL_OP,	CKM_CAST5_KEY_GEN},
-	{CKM_CAST5_MAC_GENERAL,	NULL_OP,	CKM_CAST5_KEY_GEN},
-	{CKM_CAST5_CBC_PAD,	NULL_OP,	CKM_CAST5_KEY_GEN},
-	{CKM_RC5_KEY_GEN,	KEYGEN_OP,	CKM_RC5_KEY_GEN},
-	{CKM_RC5_ECB,		ENCRYPT_OP,	CKM_RC5_KEY_GEN},
-	{CKM_RC5_CBC,		ENCRYPT_OP,	CKM_RC5_KEY_GEN},
-	{CKM_RC5_MAC,		NULL_OP,	CKM_RC5_KEY_GEN},
-	{CKM_RC5_MAC_GENERAL,	NULL_OP,	CKM_RC5_KEY_GEN},
-	{CKM_RC5_CBC_PAD,	NULL_OP,	CKM_RC5_KEY_GEN},
-	{CKM_IDEA_KEY_GEN,	KEYGEN_OP,	CKM_IDEA_KEY_GEN},
-	{CKM_IDEA_ECB,		ENCRYPT_OP,	CKM_IDEA_KEY_GEN},
-	{CKM_IDEA_CBC,		ENCRYPT_OP,	CKM_IDEA_KEY_GEN},
-	{CKM_IDEA_MAC,		NULL_OP,	CKM_IDEA_KEY_GEN},
-	{CKM_IDEA_MAC_GENERAL,	NULL_OP,	CKM_IDEA_KEY_GEN},
-	{CKM_IDEA_CBC_PAD,	NULL_OP,	CKM_IDEA_KEY_GEN},
-	{CKM_GENERIC_SECRET_KEY_GEN,
-				KEYGEN_OP,	CKM_GENERIC_SECRET_KEY_GEN},
-/* SSL mechanisms?
-	{CKM_SSL3_PRE_MASTER_KEY_GEN},
-	{CKM_SSL3_MASTER_KEY_DERIVE},
-	{CKM_SSL3_KEY_AND_MAC_DERIVE},
-	{CKM_SSL3_MD5_MAC},
-	{CKM_SSL3_SHA1_MAC},
-*/
-	{CKM_PBE_MD2_DES_CBC,	KEYGEN_OP,	0},
-	{CKM_PBE_MD5_DES_CBC,	KEYGEN_OP,	0},
-	{CKM_PBE_MD5_CAST_CBC,	KEYGEN_OP,	0},
-	{CKM_PBE_MD5_CAST3_CBC,	KEYGEN_OP,	0},
-	{CKM_PBE_MD5_CAST5_CBC,	KEYGEN_OP,	0},
-	{CKM_PBE_MD5_CAST128_CBC,
-				KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_CAST5_CBC,KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_CAST128_CBC,
-				KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_RC4_128,	KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_RC4_40,	KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_DES3_EDE_CBC,
-				KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_DES2_EDE_CBC,
-				KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_RC2_128_CBC,
-				KEYGEN_OP,	0},
-	{CKM_PBE_SHA1_RC2_40_CBC,
-				KEYGEN_OP,	0},
-	{CKM_PBA_SHA1_WITH_SHA1_HMAC,
-				KEYGEN_OP,	0},
-	{CKM_SKIPJACK_KEY_GEN,	KEYGEN_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_ECB64,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_CBC64,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_OFB64,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_CFB64,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_CFB32,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_CFB16,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_SKIPJACK_CFB8,	ENCRYPT_OP,	CKM_SKIPJACK_KEY_GEN},
-	{CKM_KEA_KEY_PAIR_GEN,	KEYGEN_OP,	0},
-	{CKM_BATON_KEY_GEN,	KEYGEN_OP,	CKM_BATON_KEY_GEN},
-	{CKM_BATON_ECB128,	ENCRYPT_OP,	CKM_BATON_KEY_GEN},
-	{CKM_BATON_ECB96,	ENCRYPT_OP,	CKM_BATON_KEY_GEN},
-	{CKM_BATON_CBC128,	ENCRYPT_OP,	CKM_BATON_KEY_GEN},
-	{CKM_BATON_COUNTER,	ENCRYPT_OP,	CKM_BATON_KEY_GEN},
-	{CKM_BATON_SHUFFLE,	ENCRYPT_OP,	CKM_BATON_KEY_GEN},
-	{CKM_ECDSA_KEY_PAIR_GEN,KEYGEN_OP,	CKM_ECDSA_KEY_PAIR_GEN},
-	{CKM_ECDSA,		SIGN_OP,	CKM_ECDSA_KEY_PAIR_GEN},
-	{CKM_ECDSA_SHA1,	SIGN_OP,	CKM_ECDSA_KEY_PAIR_GEN},
-	{CKM_JUNIPER_KEY_GEN,	KEYGEN_OP,	CKM_JUNIPER_KEY_GEN},
-	{CKM_JUNIPER_ECB128,	ENCRYPT_OP,	CKM_JUNIPER_KEY_GEN},
-	{CKM_JUNIPER_CBC128,	ENCRYPT_OP,	CKM_JUNIPER_KEY_GEN},
-	{CKM_JUNIPER_COUNTER,	ENCRYPT_OP,	CKM_JUNIPER_KEY_GEN},
-	{CKM_JUNIPER_SHUFFLE,	ENCRYPT_OP,	CKM_JUNIPER_KEY_GEN},
-	{CKM_FASTHASH,		DIGEST_OP,	0}
-};
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
deleted file mode 100644
index e0a433552..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
+++ /dev/null
@@ -1,960 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-mut=PKCS11
-mutversion=1.0
-htmlout=NOW
-reporterSpec=NOW
-program=pk11test
-globalArgs=internal
-
-[Test-1]
-
-testId=0
-testname=Use supplied pin, Generate keys on target token, NO OP, 
-
-[Test-2]
-
-testId=4
-testname=Use supplied pin, Generate keys on target token, RSA PKCS, 
-
-[Test-3]
-
-testId=8
-testname=Use supplied pin, Generate keys on target token, RSA 9796, 
-
-[Test-4]
-
-testId=12
-testname=Use supplied pin, Generate keys on target token, RSA X.509, 
-
-[Test-5]
-
-testId=16
-testname=Use supplied pin, Generate keys on target token, MD2 RSA PKCS, 
-
-[Test-6]
-
-testId=20
-testname=Use supplied pin, Generate keys on target token, MD5 RSA PKCS, 
-
-[Test-7]
-
-testId=24
-testname=Use supplied pin, Generate keys on target token, SHA1 RSA PKCS, 
-
-[Test-8]
-
-testId=28
-testname=Use supplied pin, Generate keys on target token, DSA, 
-
-[Test-9]
-
-testId=32
-testname=Use supplied pin, Generate keys on target token, DSA SHA1, 
-
-[Test-10]
-
-testId=36
-testname=Use supplied pin, Generate keys on target token, ECDSA, 
-
-[Test-11]
-
-testId=40
-testname=Use supplied pin, Generate keys on target token, ECDSA SHA1, 
-
-[Test-12]
-
-testId=44
-testname=Use supplied pin, Generate keys on target token, RC2 ECB, 
-
-[Test-13]
-
-testId=48
-testname=Use supplied pin, Generate keys on target token, RC2 CBC, 
-
-[Test-14]
-
-testId=52
-testname=Use supplied pin, Generate keys on target token, RC4, 
-
-[Test-15]
-
-testId=56
-testname=Use supplied pin, Generate keys on target token, RC5 ECB, 
-
-[Test-16]
-
-testId=60
-testname=Use supplied pin, Generate keys on target token, RC5 CBC, 
-
-[Test-17]
-
-testId=64
-testname=Use supplied pin, Generate keys on target token, DES ECB, 
-
-[Test-18]
-
-testId=68
-testname=Use supplied pin, Generate keys on target token, DES CBC, 
-
-[Test-19]
-
-testId=72
-testname=Use supplied pin, Generate keys on target token, DES3 ECB, 
-
-[Test-20]
-
-testId=76
-testname=Use supplied pin, Generate keys on target token, DES3 CBC, 
-
-[Test-21]
-
-testId=80
-testname=Use supplied pin, Generate keys on target token, CAST ECB, 
-
-[Test-22]
-
-testId=84
-testname=Use supplied pin, Generate keys on target token, CAST CBC, 
-
-[Test-23]
-
-testId=88
-testname=Use supplied pin, Generate keys on target token, CAST3 ECB, 
-
-[Test-24]
-
-testId=92
-testname=Use supplied pin, Generate keys on target token, CAST3 CBC, 
-
-[Test-25]
-
-testId=96
-testname=Use supplied pin, Generate keys on target token, CAST5 ECB, 
-
-[Test-26]
-
-testId=100
-testname=Use supplied pin, Generate keys on target token, CAST5 CBC, 
-
-[Test-27]
-
-testId=104
-testname=Use supplied pin, Generate keys on target token, IDEA ECB, 
-
-[Test-28]
-
-testId=108
-testname=Use supplied pin, Generate keys on target token, IDEA CBC, 
-
-[Test-29]
-
-testId=112
-testname=Use supplied pin, Generate keys on target token, CDMF ECB, 
-
-[Test-30]
-
-testId=116
-testname=Use supplied pin, Generate keys on target token, CDMF CBC, 
-
-[Test-31]
-
-testId=120
-testname=Use supplied pin, Generate keys on target token, SKIPJACK ECB64, 
-
-[Test-32]
-
-testId=124
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CBC64, 
-
-[Test-33]
-
-testId=128
-testname=Use supplied pin, Generate keys on target token, SKIPJACK OFB64, 
-
-[Test-34]
-
-testId=132
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB64, 
-
-[Test-35]
-
-testId=136
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB32, 
-
-[Test-36]
-
-testId=140
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB16, 
-
-[Test-37]
-
-testId=144
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB8, 
-
-[Test-38]
-
-testId=148
-testname=Use supplied pin, Generate keys on target token, BATON ECB128, 
-
-[Test-39]
-
-testId=152
-testname=Use supplied pin, Generate keys on target token, BATON ECB96, 
-
-[Test-40]
-
-testId=156
-testname=Use supplied pin, Generate keys on target token, BATON CBC128, 
-
-[Test-41]
-
-testId=160
-testname=Use supplied pin, Generate keys on target token, BATON counter, 
-
-[Test-42]
-
-testId=164
-testname=Use supplied pin, Generate keys on target token, BATON shuffle, 
-
-[Test-43]
-
-testId=168
-testname=Use supplied pin, Generate keys on target token, JUNIPER ECB128, 
-
-[Test-44]
-
-testId=172
-testname=Use supplied pin, Generate keys on target token, JUNIPER CBC128, 
-
-[Test-45]
-
-testId=176
-testname=Use supplied pin, Generate keys on target token, JUNIPER counter, 
-
-[Test-46]
-
-testId=180
-testname=Use supplied pin, Generate keys on target token, JUNIPER shuffle, 
-
-[Test-47]
-
-testId=2
-testname=Use supplied pin, Generate keys on internal module, NO OP, 
-
-[Test-48]
-
-testId=6
-testname=Use supplied pin, Generate keys on internal module, RSA PKCS, 
-
-[Test-49]
-
-testId=10
-testname=Use supplied pin, Generate keys on internal module, RSA 9796, 
-
-[Test-50]
-
-testId=14
-testname=Use supplied pin, Generate keys on internal module, RSA X.509, 
-
-[Test-51]
-
-testId=18
-testname=Use supplied pin, Generate keys on internal module, MD2 RSA PKCS, 
-
-[Test-52]
-
-testId=22
-testname=Use supplied pin, Generate keys on internal module, MD5 RSA PKCS, 
-
-[Test-53]
-
-testId=26
-testname=Use supplied pin, Generate keys on internal module, SHA1 RSA PKCS, 
-
-[Test-54]
-
-testId=30
-testname=Use supplied pin, Generate keys on internal module, DSA, 
-
-[Test-55]
-
-testId=34
-testname=Use supplied pin, Generate keys on internal module, DSA SHA1, 
-
-[Test-56]
-
-testId=38
-testname=Use supplied pin, Generate keys on internal module, ECDSA, 
-
-[Test-57]
-
-testId=42
-testname=Use supplied pin, Generate keys on internal module, ECDSA SHA1, 
-
-[Test-58]
-
-testId=46
-testname=Use supplied pin, Generate keys on internal module, RC2 ECB, 
-
-[Test-59]
-
-testId=50
-testname=Use supplied pin, Generate keys on internal module, RC2 CBC, 
-
-[Test-60]
-
-testId=54
-testname=Use supplied pin, Generate keys on internal module, RC4, 
-
-[Test-61]
-
-testId=58
-testname=Use supplied pin, Generate keys on internal module, RC5 ECB, 
-
-[Test-62]
-
-testId=62
-testname=Use supplied pin, Generate keys on internal module, RC5 CBC, 
-
-[Test-63]
-
-testId=66
-testname=Use supplied pin, Generate keys on internal module, DES ECB, 
-
-[Test-64]
-
-testId=70
-testname=Use supplied pin, Generate keys on internal module, DES CBC, 
-
-[Test-65]
-
-testId=74
-testname=Use supplied pin, Generate keys on internal module, DES3 ECB, 
-
-[Test-66]
-
-testId=78
-testname=Use supplied pin, Generate keys on internal module, DES3 CBC, 
-
-[Test-67]
-
-testId=82
-testname=Use supplied pin, Generate keys on internal module, CAST ECB, 
-
-[Test-68]
-
-testId=86
-testname=Use supplied pin, Generate keys on internal module, CAST CBC, 
-
-[Test-69]
-
-testId=90
-testname=Use supplied pin, Generate keys on internal module, CAST3 ECB, 
-
-[Test-70]
-
-testId=94
-testname=Use supplied pin, Generate keys on internal module, CAST3 CBC, 
-
-[Test-71]
-
-testId=98
-testname=Use supplied pin, Generate keys on internal module, CAST5 ECB, 
-
-[Test-72]
-
-testId=102
-testname=Use supplied pin, Generate keys on internal module, CAST5 CBC, 
-
-[Test-73]
-
-testId=106
-testname=Use supplied pin, Generate keys on internal module, IDEA ECB, 
-
-[Test-74]
-
-testId=110
-testname=Use supplied pin, Generate keys on internal module, IDEA CBC, 
-
-[Test-75]
-
-testId=114
-testname=Use supplied pin, Generate keys on internal module, CDMF ECB, 
-
-[Test-76]
-
-testId=118
-testname=Use supplied pin, Generate keys on internal module, CDMF CBC, 
-
-[Test-77]
-
-testId=122
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK ECB64, 
-
-[Test-78]
-
-testId=126
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CBC64, 
-
-[Test-79]
-
-testId=130
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK OFB64, 
-
-[Test-80]
-
-testId=134
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB64, 
-
-[Test-81]
-
-testId=138
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB32, 
-
-[Test-82]
-
-testId=142
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB16, 
-
-[Test-83]
-
-testId=146
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB8, 
-
-[Test-84]
-
-testId=150
-testname=Use supplied pin, Generate keys on internal module, BATON ECB128, 
-
-[Test-85]
-
-testId=154
-testname=Use supplied pin, Generate keys on internal module, BATON ECB96, 
-
-[Test-86]
-
-testId=158
-testname=Use supplied pin, Generate keys on internal module, BATON CBC128, 
-
-[Test-87]
-
-testId=162
-testname=Use supplied pin, Generate keys on internal module, BATON counter, 
-
-[Test-88]
-
-testId=166
-testname=Use supplied pin, Generate keys on internal module, BATON shuffle, 
-
-[Test-89]
-
-testId=170
-testname=Use supplied pin, Generate keys on internal module, JUNIPER ECB128, 
-
-[Test-90]
-
-testId=174
-testname=Use supplied pin, Generate keys on internal module, JUNIPER CBC128, 
-
-[Test-91]
-
-testId=178
-testname=Use supplied pin, Generate keys on internal module, JUNIPER counter, 
-
-[Test-92]
-
-testId=182
-testname=Use supplied pin, Generate keys on internal module, JUNIPER shuffle, 
-
-[Test-93]
-
-testId=1
-testname=Use different (incorrect) pin, Generate keys on target token, NO OP, 
-
-[Test-94]
-
-testId=5
-testname=Use different (incorrect) pin, Generate keys on target token, RSA PKCS, 
-
-[Test-95]
-
-testId=9
-testname=Use different (incorrect) pin, Generate keys on target token, RSA 9796, 
-
-[Test-96]
-
-testId=13
-testname=Use different (incorrect) pin, Generate keys on target token, RSA X.509, 
-
-[Test-97]
-
-testId=17
-testname=Use different (incorrect) pin, Generate keys on target token, MD2 RSA PKCS, 
-
-[Test-98]
-
-testId=21
-testname=Use different (incorrect) pin, Generate keys on target token, MD5 RSA PKCS, 
-
-[Test-99]
-
-testId=25
-testname=Use different (incorrect) pin, Generate keys on target token, SHA1 RSA PKCS, 
-
-[Test-100]
-
-testId=29
-testname=Use different (incorrect) pin, Generate keys on target token, DSA, 
-
-[Test-101]
-
-testId=33
-testname=Use different (incorrect) pin, Generate keys on target token, DSA SHA1, 
-
-[Test-102]
-
-testId=37
-testname=Use different (incorrect) pin, Generate keys on target token, ECDSA, 
-
-[Test-103]
-
-testId=41
-testname=Use different (incorrect) pin, Generate keys on target token, ECDSA SHA1, 
-
-[Test-104]
-
-testId=45
-testname=Use different (incorrect) pin, Generate keys on target token, RC2 ECB, 
-
-[Test-105]
-
-testId=49
-testname=Use different (incorrect) pin, Generate keys on target token, RC2 CBC, 
-
-[Test-106]
-
-testId=53
-testname=Use different (incorrect) pin, Generate keys on target token, RC4, 
-
-[Test-107]
-
-testId=57
-testname=Use different (incorrect) pin, Generate keys on target token, RC5 ECB, 
-
-[Test-108]
-
-testId=61
-testname=Use different (incorrect) pin, Generate keys on target token, RC5 CBC, 
-
-[Test-109]
-
-testId=65
-testname=Use different (incorrect) pin, Generate keys on target token, DES ECB, 
-
-[Test-110]
-
-testId=69
-testname=Use different (incorrect) pin, Generate keys on target token, DES CBC, 
-
-[Test-111]
-
-testId=73
-testname=Use different (incorrect) pin, Generate keys on target token, DES3 ECB, 
-
-[Test-112]
-
-testId=77
-testname=Use different (incorrect) pin, Generate keys on target token, DES3 CBC, 
-
-[Test-113]
-
-testId=81
-testname=Use different (incorrect) pin, Generate keys on target token, CAST ECB, 
-
-[Test-114]
-
-testId=85
-testname=Use different (incorrect) pin, Generate keys on target token, CAST CBC, 
-
-[Test-115]
-
-testId=89
-testname=Use different (incorrect) pin, Generate keys on target token, CAST3 ECB, 
-
-[Test-116]
-
-testId=93
-testname=Use different (incorrect) pin, Generate keys on target token, CAST3 CBC, 
-
-[Test-117]
-
-testId=97
-testname=Use different (incorrect) pin, Generate keys on target token, CAST5 ECB, 
-
-[Test-118]
-
-testId=101
-testname=Use different (incorrect) pin, Generate keys on target token, CAST5 CBC, 
-
-[Test-119]
-
-testId=105
-testname=Use different (incorrect) pin, Generate keys on target token, IDEA ECB, 
-
-[Test-120]
-
-testId=109
-testname=Use different (incorrect) pin, Generate keys on target token, IDEA CBC, 
-
-[Test-121]
-
-testId=113
-testname=Use different (incorrect) pin, Generate keys on target token, CDMF ECB, 
-
-[Test-122]
-
-testId=117
-testname=Use different (incorrect) pin, Generate keys on target token, CDMF CBC, 
-
-[Test-123]
-
-testId=121
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK ECB64, 
-
-[Test-124]
-
-testId=125
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CBC64, 
-
-[Test-125]
-
-testId=129
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK OFB64, 
-
-[Test-126]
-
-testId=133
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB64, 
-
-[Test-127]
-
-testId=137
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB32, 
-
-[Test-128]
-
-testId=141
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB16, 
-
-[Test-129]
-
-testId=145
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB8, 
-
-[Test-130]
-
-testId=149
-testname=Use different (incorrect) pin, Generate keys on target token, BATON ECB128, 
-
-[Test-131]
-
-testId=153
-testname=Use different (incorrect) pin, Generate keys on target token, BATON ECB96, 
-
-[Test-132]
-
-testId=157
-testname=Use different (incorrect) pin, Generate keys on target token, BATON CBC128, 
-
-[Test-133]
-
-testId=161
-testname=Use different (incorrect) pin, Generate keys on target token, BATON counter, 
-
-[Test-134]
-
-testId=165
-testname=Use different (incorrect) pin, Generate keys on target token, BATON shuffle, 
-
-[Test-135]
-
-testId=169
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER ECB128, 
-
-[Test-136]
-
-testId=173
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER CBC128, 
-
-[Test-137]
-
-testId=177
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER counter, 
-
-[Test-138]
-
-testId=181
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER shuffle, 
-
-[Test-139]
-
-testId=3
-testname=Use different (incorrect) pin, Generate keys on internal module, NO OP, 
-
-[Test-140]
-
-testId=7
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA PKCS, 
-
-[Test-141]
-
-testId=11
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA 9796, 
-
-[Test-142]
-
-testId=15
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA X.509, 
-
-[Test-143]
-
-testId=19
-testname=Use different (incorrect) pin, Generate keys on internal module, MD2 RSA PKCS, 
-
-[Test-144]
-
-testId=23
-testname=Use different (incorrect) pin, Generate keys on internal module, MD5 RSA PKCS, 
-
-[Test-145]
-
-testId=27
-testname=Use different (incorrect) pin, Generate keys on internal module, SHA1 RSA PKCS, 
-
-[Test-146]
-
-testId=31
-testname=Use different (incorrect) pin, Generate keys on internal module, DSA, 
-
-[Test-147]
-
-testId=35
-testname=Use different (incorrect) pin, Generate keys on internal module, DSA SHA1, 
-
-[Test-148]
-
-testId=39
-testname=Use different (incorrect) pin, Generate keys on internal module, ECDSA, 
-
-[Test-149]
-
-testId=43
-testname=Use different (incorrect) pin, Generate keys on internal module, ECDSA SHA1, 
-
-[Test-150]
-
-testId=47
-testname=Use different (incorrect) pin, Generate keys on internal module, RC2 ECB, 
-
-[Test-151]
-
-testId=51
-testname=Use different (incorrect) pin, Generate keys on internal module, RC2 CBC, 
-
-[Test-152]
-
-testId=55
-testname=Use different (incorrect) pin, Generate keys on internal module, RC4, 
-
-[Test-153]
-
-testId=59
-testname=Use different (incorrect) pin, Generate keys on internal module, RC5 ECB, 
-
-[Test-154]
-
-testId=63
-testname=Use different (incorrect) pin, Generate keys on internal module, RC5 CBC, 
-
-[Test-155]
-
-testId=67
-testname=Use different (incorrect) pin, Generate keys on internal module, DES ECB, 
-
-[Test-156]
-
-testId=71
-testname=Use different (incorrect) pin, Generate keys on internal module, DES CBC, 
-
-[Test-157]
-
-testId=75
-testname=Use different (incorrect) pin, Generate keys on internal module, DES3 ECB, 
-
-[Test-158]
-
-testId=79
-testname=Use different (incorrect) pin, Generate keys on internal module, DES3 CBC, 
-
-[Test-159]
-
-testId=83
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST ECB, 
-
-[Test-160]
-
-testId=87
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST CBC, 
-
-[Test-161]
-
-testId=91
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST3 ECB, 
-
-[Test-162]
-
-testId=95
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST3 CBC, 
-
-[Test-163]
-
-testId=99
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST5 ECB, 
-
-[Test-164]
-
-testId=103
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST5 CBC, 
-
-[Test-165]
-
-testId=107
-testname=Use different (incorrect) pin, Generate keys on internal module, IDEA ECB, 
-
-[Test-166]
-
-testId=111
-testname=Use different (incorrect) pin, Generate keys on internal module, IDEA CBC, 
-
-[Test-167]
-
-testId=115
-testname=Use different (incorrect) pin, Generate keys on internal module, CDMF ECB, 
-
-[Test-168]
-
-testId=119
-testname=Use different (incorrect) pin, Generate keys on internal module, CDMF CBC, 
-
-[Test-169]
-
-testId=123
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK ECB64, 
-
-[Test-170]
-
-testId=127
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CBC64, 
-
-[Test-171]
-
-testId=131
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK OFB64, 
-
-[Test-172]
-
-testId=135
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB64, 
-
-[Test-173]
-
-testId=139
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB32, 
-
-[Test-174]
-
-testId=143
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB16, 
-
-[Test-175]
-
-testId=147
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB8, 
-
-[Test-176]
-
-testId=151
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON ECB128, 
-
-[Test-177]
-
-testId=155
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON ECB96, 
-
-[Test-178]
-
-testId=159
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON CBC128, 
-
-[Test-179]
-
-testId=163
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON counter, 
-
-[Test-180]
-
-testId=167
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON shuffle, 
-
-[Test-181]
-
-testId=171
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER ECB128, 
-
-[Test-182]
-
-testId=175
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER CBC128, 
-
-[Test-183]
-
-testId=179
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER counter, 
-
-[Test-184]
-
-testId=183
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER shuffle, 
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
deleted file mode 100644
index c1f688ec3..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
+++ /dev/null
@@ -1,157 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-mut=PKCS11
-mutversion=1.0
-cTemplate=pk11test.htp
-testPrefix=pk11test
-testSuffix=.h
-#timeout=
-regressSpecfile=pkcs11.reg
-regressOutput=NOW
-reporterOutput=NOW
-singleSource=TRUE
-firstExitCode=100
-
-[UseCorrectPin]
-IMPORTANCE=HIGH
-TYPE=PRBool
-Use supplied pin,		=PR_TRUE
-Use different (incorrect) pin,	=PR_FALSE
-
-[KeyGenOnTarget]
-IMPORTANCE=HIGH
-TYPE=PRBool
-Generate keys on target token,	= PR_TRUE
-Generate keys on internal module, = PR_FALSE
-
-[mechanism]
-IMPORTANCE=HIGH
-TYPE = CK_MECHANISM_TYPE
-NO OP,			= CKM_NO_OP
-RSA PKCS,		= CKM_RSA_PKCS
-RSA 9796,		= CKM_RSA_9796
-RSA X.509,		= CKM_RSA_X_509
-MD2 RSA PKCS,		= CKM_MD2_RSA_PKCS
-MD5 RSA PKCS,		= CKM_MD5_RSA_PKCS
-SHA1 RSA PKCS,		= CKM_SHA1_RSA_PKCS
-DSA,			= CKM_DSA
-DSA SHA1,		= CKM_DSA_SHA1
-ECDSA,			= CKM_ECDSA
-ECDSA SHA1,		= CKM_ECDSA_SHA1
-RC2 ECB,		= CKM_RC2_ECB
-RC2 CBC,		= CKM_RC2_CBC
-#RC2 CBC PAD,		= CKM_RC2_CBC_PAD
-#RC2 MAC general,	= CKM_RC2_MAC_GENERAL
-#RC2 MAC,		= CKM_RC2_MAC
-RC4,			= CKM_RC4
-RC5 ECB,		= CKM_RC5_ECB
-RC5 CBC,		= CKM_RC5_CBC
-#RC5 CBC PAD,		= CKM_RC5_CBC_PAD
-#RC5 MAC general,	= CKM_RC5_MAC_GENERAL
-#RC5 MAC,		= CKM_RC5_MAC
-DES ECB,		= CKM_DES_ECB
-DES CBC,		= CKM_DES_CBC
-#DES CBC PAD,		= CKM_DES_CBC_PAD
-#DES MAC general,	= CKM_DES_MAC_GENERAL
-#DES MAC,		= CKM_DES_MAC
-#DES2 keygen,		= CKM_DES2_KEY_GEN
-DES3 ECB,		= CKM_DES3_ECB
-DES3 CBC,		= CKM_DES3_CBC
-#DES3 CBC pad,		= CKM_DES3_CBC_PAD
-#DES3 MAC general,	= CKM_DES3_MAC_GENERAL
-#DES3 MAC,		= CKM_DES3_MAC
-CAST ECB,		= CKM_CAST_ECB
-CAST CBC,		= CKM_CAST_CBC
-#CAST CBC PAD,		= CKM_CAST_CBC_PAD
-#CAST MAC general,	= CKM_CAST_MAC_GENERAL
-#CAST MAC,		= CKM_CAST_MAC
-CAST3 ECB,		= CKM_CAST3_ECB
-CAST3 CBC,		= CKM_CAST3_CBC
-#CAST3 CBC PAD,		= CKM_CAST3_CBC_PAD
-#CAST3 MAC general,	= CKM_CAST3_MAC_GENERAL
-#CAST3 MAC, 		= CKM_CAST3_MAC
-CAST5 ECB,		= CKM_CAST5_ECB
-CAST5 CBC,		= CKM_CAST5_CBC
-#CAST5 CBC PAD,		= CKM_CAST5_CBC_PAD
-#CAST5 MAC general,	= CKM_CAST5_MAC_GENERAL
-#CAST5 MAC,		= CKM_CAST5_MAC
-IDEA ECB,		= CKM_IDEA_ECB
-IDEA CBC,		= CKM_IDEA_CBC
-#IDEA CBC PAD,		= CKM_IDEA_CBC_PAD
-#IDEA MAC general,	= CKM_IDEA_MAC_GENERAL
-#IDEA MAC,		= CKM_IDEA_MAC
-CDMF ECB,		= CKM_CDMF_ECB
-CDMF CBC,		= CKM_CDMF_CBC
-#CDMF CBC PAD,		= CKM_CDMF_CBC_PAD
-#CDMF MAC general,	= CKM_CDMF_MAC_GENERAL
-#CDMF MAC,		= CKM_CDMF_MAC
-SKIPJACK ECB64,		= CKM_SKIPJACK_ECB64
-SKIPJACK CBC64,		= CKM_SKIPJACK_CBC64
-SKIPJACK OFB64,		= CKM_SKIPJACK_OFB64
-SKIPJACK CFB64,		= CKM_SKIPJACK_CFB64
-SKIPJACK CFB32,		= CKM_SKIPJACK_CFB32
-SKIPJACK CFB16,		= CKM_SKIPJACK_CFB16
-SKIPJACK CFB8,		= CKM_SKIPJACK_CFB8
-BATON ECB128,		= CKM_BATON_ECB128
-BATON ECB96,		= CKM_BATON_ECB96
-BATON CBC128,		= CKM_BATON_CBC128
-BATON counter,		= CKM_BATON_COUNTER
-BATON shuffle,		= CKM_BATON_SHUFFLE
-JUNIPER ECB128,		= CKM_JUNIPER_ECB128
-JUNIPER CBC128,		= CKM_JUNIPER_CBC128
-JUNIPER counter,	= CKM_JUNIPER_COUNTER
-JUNIPER shuffle,	= CKM_JUNIPER_SHUFFLE
-#MD2 digest,		= CKM_MD2
-#MD2 HMAC general,	= CKM_MD2_HMAC_GENERAL
-#MD2 HMAC,		= CKM_MD2_HMAC
-#MD5 digest,		= CKM_MD5
-#MD5 HMAC general,	= CKM_MD5_HMAC_GENERAL
-#MD5 HMAC,		= CKM_MD5_HMAC
-#SHA1 digest,		= CKM_SHA_1
-#SHA1 HMAC general,	= CKM_SHA_1_HMAC_GENERAL
-#SHA1 HMAC,		= CKM_SHA_1_HMAC
-#Fasthash,		= CKM_FASTHASH
-#CKM_PBE_MD2_DES_CBC 	= CKM_PBE_MD2_DES_CBC
-#CKM_PBE_MD5_DES_CBC	= CKM_PBE_MD5_DES_CBC
-#CKM_PBE_MD5_CAST_CBC	= CKM_PBE_MD5_CAST_CBC
-#CKM_PBE_MD5_CAST3_CBC	= CKM_PBE_MD5_CAST3_CBC
-#CKM_PBE_MD5_CAST5_CBC	= CKM_PBE_MD5_CAST5_CBC
-#CKM_PBE_SHA1_CAST5_CBC	= CKM_PBE_SHA1_CAST5_CBC
-#CKM_PBE_SHA1_RC4_128	= CKM_PBE_SHA1_RC4_128
-#CKM_PBE_SHA1_RC4_40	= CKM_PBE_SHA1_RC4_40
-#CKM_PBE_SHA1_DES3_EDE_CBC = CKM_PBE_SHA1_DES3_EDE_CBC
-#CKM_PBE_SHA1_DES2_EDE_CBC = CKM_PBE_SHA1_DES2_EDE_CBC
-#CKM_PBE_SHA1_RC2_128_CBC = CKM_PBE_SHA1_RC2_128_CBC
-#CKM_PBE_SHA1_RC2_40_CBC	= CKM_PBE_SHA1_RC2_40_CBC
-#CKM_PBA_SHA1_WITH_SHA1_HMAC = CKM_PBA_SHA1_WITH_SHA1_HMAC
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
deleted file mode 100644
index 8e1d62337..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-pk11test.c: pk11test.h pkcs11.h
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
deleted file mode 100644
index 48f5c0f06..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY).   #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL)          #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL)       #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL).      #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL)                              #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL)                           #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-include $(CORE_DEPTH)/nss/cmd/platlibs.mk
-include $(CORE_DEPTH)/nss/cmd/platrules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL).                              #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/README b/security/nss/tests/pkcs11/netscape/suites/security/ssl/README
deleted file mode 100644
index 80d14de16..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/README
+++ /dev/null
@@ -1,11 +0,0 @@
-
-sslt.rep : Replacer specfile
-sslt.c   : Main source code file for test
-sslt.htp : Replacer template for header file
-sslt.h   : Replacer-generated header file
-sslc.c   : Ciphersuite-related data structures and code
-ssls.c   : Data buffer for transmitting data
-ssls.h   : Data structures and defines for the main code
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db b/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
deleted file mode 100644
index 02f36ae28..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
+++ /dev/null
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
deleted file mode 100644
index 46e820866..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all     #
-# library names, and all special system linking options               #
-#######################################################################
-
-LDFLAGS = \
-	$(DYNAMIC_LIB_PATH) \
-	$(LDOPTS) \
-	$(LIBSECTOOLS) \
-	$(LIBSSL) \
-	$(LIBPKCS7) \
-	$(LIBCERT) \
-	$(LIBKEY) \
-	$(LIBSECMOD) \
-	$(LIBCRYPTO) \
-	$(LIBSECUTIL) \
-	$(LIBHASH) \
-	$(LIBDBM) \
-	$(LIBPLC) \
-	$(LIBPLDS) \
-	$(LIBPR) \
-	$(DLLSYSTEM)
-
-#######################################################################
-# Adjust specific variables for all platforms                         #
-#######################################################################
- 
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db b/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
deleted file mode 100644
index 1c015a4a2..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
+++ /dev/null
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
deleted file mode 100644
index 532bb61dd..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../../../..
-
-#MODULE = sectools
-
-EXPORTS = 
-
-CSRCS = sslt.c \
-	ssls.c \
-	sslc.c \
-	$(NULL)
-
-PROGRAM =  sslt
-
-#IMPORTS = nspr20/19980120   \
-#          sectools/bin/STP_1_51  \
-#	  sectools/lib/STP_1_51  \
-#          security/HCL_1_51 \
-#	  dbm/DBM_1_5   \
-#	  $(NULL)
-
-REQUIRES = security dbm seccmd
-
-DEFINES = -DNSPR20 -DREPLACER
-
-REGRESSION_SPEC = ssl.reg
-
-RESULTS_SUBDIR = security/ssl
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
deleted file mode 100755
index cc273f126..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
+++ /dev/null
@@ -1,49194 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-
-mut=SSL
-mutversion=1.0
-htmlout=NOW
-reporterSpec=NOW
-program=sslt
-failonly=1
-globalArgs=-p netscape -n SSLServer
-
-[Test-1]
-
-testId=32
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2]
-
-testId=16384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3]
-
-testId=8192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4]
-
-testId=24608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5]
-
-testId=4096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6]
-
-testId=20512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7]
-
-testId=12336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8]
-
-testId=28672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-9]
-
-testId=2096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-10]
-
-testId=18464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-11]
-
-testId=10288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-12]
-
-testId=26672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-13]
-
-testId=6192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-14]
-
-testId=22576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-15]
-
-testId=14352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-16]
-
-testId=30752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-17]
-
-testId=1072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-18]
-
-testId=17456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-19]
-
-testId=9232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-20]
-
-testId=25616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-21]
-
-testId=5136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-22]
-
-testId=21520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-23]
-
-testId=13360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-24]
-
-testId=29696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-25]
-
-testId=3088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-26]
-
-testId=19456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-27]
-
-testId=11296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-28]
-
-testId=27696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-29]
-
-testId=7200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-30]
-
-testId=23552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-31]
-
-testId=15360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-32]
-
-testId=31792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-33]
-
-testId=512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-34]
-
-testId=16912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-35]
-
-testId=8752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-36]
-
-testId=25136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-37]
-
-testId=4608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-38]
-
-testId=21040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-39]
-
-testId=12832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-40]
-
-testId=29184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-41]
-
-testId=2592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-42]
-
-testId=18960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-43]
-
-testId=10768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-44]
-
-testId=27168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-45]
-
-testId=6672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-46]
-
-testId=23040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-47]
-
-testId=14864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-48]
-
-testId=31264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-49]
-
-testId=1584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-50]
-
-testId=17920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-51]
-
-testId=9728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-52]
-
-testId=26144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-53]
-
-testId=5632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-54]
-
-testId=22064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-55]
-
-testId=13872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-56]
-
-testId=30208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-57]
-
-testId=3632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-58]
-
-testId=19984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-59]
-
-testId=11776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-60]
-
-testId=28192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-61]
-
-testId=7728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-62]
-
-testId=24096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-63]
-
-testId=15872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-64]
-
-testId=32256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-65]
-
-testId=304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-66]
-
-testId=16656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-67]
-
-testId=8448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-68]
-
-testId=24848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-69]
-
-testId=4384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-70]
-
-testId=20784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-71]
-
-testId=12592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-72]
-
-testId=28976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-73]
-
-testId=2320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-74]
-
-testId=18720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-75]
-
-testId=10512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-76]
-
-testId=26896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-77]
-
-testId=6400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-78]
-
-testId=22800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-79]
-
-testId=14624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-80]
-
-testId=30976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-81]
-
-testId=1312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-82]
-
-testId=17680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-83]
-
-testId=9520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-84]
-
-testId=25888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-85]
-
-testId=5408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-86]
-
-testId=21760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-87]
-
-testId=13616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-88]
-
-testId=29984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-89]
-
-testId=3328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-90]
-
-testId=19744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-91]
-
-testId=11568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-92]
-
-testId=27952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-93]
-
-testId=7440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-94]
-
-testId=23808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-95]
-
-testId=15664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-96]
-
-testId=32032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-97]
-
-testId=768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-98]
-
-testId=17184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-99]
-
-testId=8992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-100]
-
-testId=25360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-101]
-
-testId=4880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-102]
-
-testId=21296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-103]
-
-testId=13104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-104]
-
-testId=29472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-105]
-
-testId=2848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-106]
-
-testId=19232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-107]
-
-testId=11040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-108]
-
-testId=27440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-109]
-
-testId=6928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-110]
-
-testId=23296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-111]
-
-testId=15136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-112]
-
-testId=31520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-113]
-
-testId=1792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-114]
-
-testId=18192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-115]
-
-testId=10000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-116]
-
-testId=26384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-117]
-
-testId=5936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-118]
-
-testId=22304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-119]
-
-testId=14080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-120]
-
-testId=30480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-121]
-
-testId=3856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-122]
-
-testId=20240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-123]
-
-testId=12048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-124]
-
-testId=28432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-125]
-
-testId=7968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-126]
-
-testId=24368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-127]
-
-testId=16176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-128]
-
-testId=32544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-129]
-
-testId=160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-130]
-
-testId=16528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-131]
-
-testId=8368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-132]
-
-testId=24704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-133]
-
-testId=4256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-134]
-
-testId=20624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-135]
-
-testId=12464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-136]
-
-testId=28848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-137]
-
-testId=2176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-138]
-
-testId=18592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-139]
-
-testId=10416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-140]
-
-testId=26752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-141]
-
-testId=6272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-142]
-
-testId=22704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-143]
-
-testId=14512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-144]
-
-testId=30848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-145]
-
-testId=1152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-146]
-
-testId=17584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-147]
-
-testId=9376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-148]
-
-testId=25744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-149]
-
-testId=5296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-150]
-
-testId=21632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-151]
-
-testId=13472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-152]
-
-testId=29872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-153]
-
-testId=3248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-154]
-
-testId=19616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-155]
-
-testId=11408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-156]
-
-testId=27792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-157]
-
-testId=7296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-158]
-
-testId=23696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-159]
-
-testId=15536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-160]
-
-testId=31888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-161]
-
-testId=640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-162]
-
-testId=17056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-163]
-
-testId=8832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-164]
-
-testId=25248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-165]
-
-testId=4784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-166]
-
-testId=21152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-167]
-
-testId=12976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-168]
-
-testId=29360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-169]
-
-testId=2704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-170]
-
-testId=19088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-171]
-
-testId=10896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-172]
-
-testId=27280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-173]
-
-testId=6832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-174]
-
-testId=23184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-175]
-
-testId=14976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-176]
-
-testId=31392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-177]
-
-testId=1696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-178]
-
-testId=18080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-179]
-
-testId=9856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-180]
-
-testId=26240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-181]
-
-testId=5776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-182]
-
-testId=22144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-183]
-
-testId=13984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-184]
-
-testId=30368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-185]
-
-testId=3712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-186]
-
-testId=20128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-187]
-
-testId=11920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-188]
-
-testId=28304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-189]
-
-testId=7840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-190]
-
-testId=24208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-191]
-
-testId=16000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-192]
-
-testId=32384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-193]
-
-testId=416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-194]
-
-testId=16816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-195]
-
-testId=8592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-196]
-
-testId=24960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-197]
-
-testId=4496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-198]
-
-testId=20864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-199]
-
-testId=12672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-200]
-
-testId=29088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-201]
-
-testId=2432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-202]
-
-testId=18864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-203]
-
-testId=10640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-204]
-
-testId=27024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-205]
-
-testId=6560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-206]
-
-testId=22944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-207]
-
-testId=14752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-208]
-
-testId=31152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-209]
-
-testId=1456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-210]
-
-testId=17840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-211]
-
-testId=9632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-212]
-
-testId=26032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-213]
-
-testId=5520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-214]
-
-testId=21920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-215]
-
-testId=13712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-216]
-
-testId=30128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-217]
-
-testId=3488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-218]
-
-testId=19856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-219]
-
-testId=11664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-220]
-
-testId=28080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-221]
-
-testId=7600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-222]
-
-testId=23936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-223]
-
-testId=15776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-224]
-
-testId=32128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-225]
-
-testId=928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-226]
-
-testId=17328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-227]
-
-testId=9088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-228]
-
-testId=25488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-229]
-
-testId=5040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-230]
-
-testId=21424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-231]
-
-testId=13200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-232]
-
-testId=29584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-233]
-
-testId=2976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-234]
-
-testId=19376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-235]
-
-testId=11136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-236]
-
-testId=27552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-237]
-
-testId=7040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-238]
-
-testId=23456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-239]
-
-testId=15232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-240]
-
-testId=31664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-241]
-
-testId=1968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-242]
-
-testId=18336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-243]
-
-testId=10160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-244]
-
-testId=26496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-245]
-
-testId=6064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-246]
-
-testId=22432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-247]
-
-testId=14240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-248]
-
-testId=30640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-249]
-
-testId=3968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-250]
-
-testId=20368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-251]
-
-testId=12160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-252]
-
-testId=28592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-253]
-
-testId=8080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-254]
-
-testId=24480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-255]
-
-testId=16288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-256]
-
-testId=32672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-257]
-
-testId=112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-258]
-
-testId=16464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-259]
-
-testId=8272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-260]
-
-testId=24688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-261]
-
-testId=4208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-262]
-
-testId=20544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-263]
-
-testId=12400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-264]
-
-testId=28784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-265]
-
-testId=2160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-266]
-
-testId=18544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-267]
-
-testId=10352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-268]
-
-testId=26688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-269]
-
-testId=6240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-270]
-
-testId=22640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-271]
-
-testId=14400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-272]
-
-testId=30832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-273]
-
-testId=1136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-274]
-
-testId=17504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-275]
-
-testId=9296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-276]
-
-testId=25680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-277]
-
-testId=5232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-278]
-
-testId=21600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-279]
-
-testId=13376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-280]
-
-testId=29792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-281]
-
-testId=3152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-282]
-
-testId=19552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-283]
-
-testId=11328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-284]
-
-testId=27760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-285]
-
-testId=7248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-286]
-
-testId=23632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-287]
-
-testId=15424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-288]
-
-testId=31808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-289]
-
-testId=576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-290]
-
-testId=16976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-291]
-
-testId=8784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-292]
-
-testId=25168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-293]
-
-testId=4704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-294]
-
-testId=21104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-295]
-
-testId=12880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-296]
-
-testId=29248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-297]
-
-testId=2624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-298]
-
-testId=19008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-299]
-
-testId=10816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-300]
-
-testId=27216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-301]
-
-testId=6752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-302]
-
-testId=23152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-303]
-
-testId=14944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-304]
-
-testId=31328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-305]
-
-testId=1616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-306]
-
-testId=18000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-307]
-
-testId=9840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-308]
-
-testId=26176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-309]
-
-testId=5728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-310]
-
-testId=22128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-311]
-
-testId=13904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-312]
-
-testId=30320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-313]
-
-testId=3696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-314]
-
-testId=20048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-315]
-
-testId=11856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-316]
-
-testId=28240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-317]
-
-testId=7760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-318]
-
-testId=24176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-319]
-
-testId=15968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-320]
-
-testId=32320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-321]
-
-testId=352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-322]
-
-testId=16720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-323]
-
-testId=8560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-324]
-
-testId=24912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-325]
-
-testId=4448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-326]
-
-testId=20832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-327]
-
-testId=12624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-328]
-
-testId=28992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-329]
-
-testId=2384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-330]
-
-testId=18784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-331]
-
-testId=10592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-332]
-
-testId=26976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-333]
-
-testId=6496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-334]
-
-testId=22896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-335]
-
-testId=14656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-336]
-
-testId=31040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-337]
-
-testId=1344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-338]
-
-testId=17776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-339]
-
-testId=9552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-340]
-
-testId=25968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-341]
-
-testId=5456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-342]
-
-testId=21872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-343]
-
-testId=13680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-344]
-
-testId=30064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-345]
-
-testId=3424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-346]
-
-testId=19776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-347]
-
-testId=11616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-348]
-
-testId=27968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-349]
-
-testId=7536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-350]
-
-testId=23872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-351]
-
-testId=15680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-352]
-
-testId=32096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-353]
-
-testId=832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-354]
-
-testId=17232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-355]
-
-testId=9024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-356]
-
-testId=25408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-357]
-
-testId=4928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-358]
-
-testId=21328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-359]
-
-testId=13120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-360]
-
-testId=29536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-361]
-
-testId=2896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-362]
-
-testId=19312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-363]
-
-testId=11072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-364]
-
-testId=27472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-365]
-
-testId=6992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-366]
-
-testId=23360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-367]
-
-testId=15216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-368]
-
-testId=31600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-369]
-
-testId=1904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-370]
-
-testId=18272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-371]
-
-testId=10096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-372]
-
-testId=26464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-373]
-
-testId=5968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-374]
-
-testId=22352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-375]
-
-testId=14192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-376]
-
-testId=30544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-377]
-
-testId=3936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-378]
-
-testId=20336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-379]
-
-testId=12128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-380]
-
-testId=28496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-381]
-
-testId=8048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-382]
-
-testId=24400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-383]
-
-testId=16192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-384]
-
-testId=32608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-385]
-
-testId=240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-386]
-
-testId=16576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-387]
-
-testId=8400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-388]
-
-testId=24816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-389]
-
-testId=4336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-390]
-
-testId=20720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-391]
-
-testId=12512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-392]
-
-testId=28912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-393]
-
-testId=2272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-394]
-
-testId=18656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-395]
-
-testId=10464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-396]
-
-testId=26848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-397]
-
-testId=6336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-398]
-
-testId=22768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-399]
-
-testId=14544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-400]
-
-testId=30960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-401]
-
-testId=1248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-402]
-
-testId=17616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-403]
-
-testId=9408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-404]
-
-testId=25792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-405]
-
-testId=5360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-406]
-
-testId=21712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-407]
-
-testId=13520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-408]
-
-testId=29904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-409]
-
-testId=3264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-410]
-
-testId=19664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-411]
-
-testId=11456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-412]
-
-testId=27872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-413]
-
-testId=7408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-414]
-
-testId=23760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-415]
-
-testId=15600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-416]
-
-testId=31984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-417]
-
-testId=752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-418]
-
-testId=17088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-419]
-
-testId=8928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-420]
-
-testId=25296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-421]
-
-testId=4848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-422]
-
-testId=21216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-423]
-
-testId=13024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-424]
-
-testId=29376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-425]
-
-testId=2800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-426]
-
-testId=19136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-427]
-
-testId=10992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-428]
-
-testId=27328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-429]
-
-testId=6848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-430]
-
-testId=23232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-431]
-
-testId=15056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-432]
-
-testId=31440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-433]
-
-testId=1744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-434]
-
-testId=18128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-435]
-
-testId=9920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-436]
-
-testId=26352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-437]
-
-testId=5824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-438]
-
-testId=22208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-439]
-
-testId=14016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-440]
-
-testId=30400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-441]
-
-testId=3808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-442]
-
-testId=20176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-443]
-
-testId=12016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-444]
-
-testId=28384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-445]
-
-testId=7888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-446]
-
-testId=24288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-447]
-
-testId=16096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-448]
-
-testId=32480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-449]
-
-testId=480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-450]
-
-testId=16848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-451]
-
-testId=8672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-452]
-
-testId=25072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-453]
-
-testId=4544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-454]
-
-testId=20928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-455]
-
-testId=12784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-456]
-
-testId=29168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-457]
-
-testId=2496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-458]
-
-testId=18912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-459]
-
-testId=10736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-460]
-
-testId=27072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-461]
-
-testId=6608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-462]
-
-testId=23024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-463]
-
-testId=14784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-464]
-
-testId=31168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-465]
-
-testId=1472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-466]
-
-testId=17904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-467]
-
-testId=9696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-468]
-
-testId=26096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-469]
-
-testId=5616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-470]
-
-testId=22000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-471]
-
-testId=13760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-472]
-
-testId=30176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-473]
-
-testId=3520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-474]
-
-testId=19936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-475]
-
-testId=11744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-476]
-
-testId=28096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-477]
-
-testId=7632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-478]
-
-testId=24048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-479]
-
-testId=15856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-480]
-
-testId=32224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-481]
-
-testId=1008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-482]
-
-testId=17392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-483]
-
-testId=9152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-484]
-
-testId=25568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-485]
-
-testId=5104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-486]
-
-testId=21440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-487]
-
-testId=13296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-488]
-
-testId=29648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-489]
-
-testId=3008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-490]
-
-testId=19440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-491]
-
-testId=11200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-492]
-
-testId=27600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-493]
-
-testId=7136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-494]
-
-testId=23536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-495]
-
-testId=15296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-496]
-
-testId=31680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-497]
-
-testId=2000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-498]
-
-testId=18384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-499]
-
-testId=10208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-500]
-
-testId=26592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-501]
-
-testId=6080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-502]
-
-testId=22496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-503]
-
-testId=14320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-504]
-
-testId=30704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-505]
-
-testId=4048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-506]
-
-testId=20432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-507]
-
-testId=12224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-508]
-
-testId=28640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-509]
-
-testId=8160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-510]
-
-testId=24512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-511]
-
-testId=16352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-512]
-
-testId=32752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-513]
-
-testId=40
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-514]
-
-testId=16424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-515]
-
-testId=8200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-516]
-
-testId=24600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-517]
-
-testId=4120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-518]
-
-testId=20520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-519]
-
-testId=12312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-520]
-
-testId=28680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-521]
-
-testId=2056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-522]
-
-testId=18488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-523]
-
-testId=10264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-524]
-
-testId=26632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-525]
-
-testId=6152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-526]
-
-testId=22552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-527]
-
-testId=14344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-528]
-
-testId=30760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-529]
-
-testId=1048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-530]
-
-testId=17416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-531]
-
-testId=9256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-532]
-
-testId=25640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-533]
-
-testId=5176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-534]
-
-testId=21560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-535]
-
-testId=13368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-536]
-
-testId=29752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-537]
-
-testId=3080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-538]
-
-testId=19512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-539]
-
-testId=11320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-540]
-
-testId=27656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-541]
-
-testId=7208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-542]
-
-testId=23560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-543]
-
-testId=15384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-544]
-
-testId=31768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-545]
-
-testId=568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-546]
-
-testId=16920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-547]
-
-testId=8712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-548]
-
-testId=25144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-549]
-
-testId=4616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-550]
-
-testId=21016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-551]
-
-testId=12840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-552]
-
-testId=29208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-553]
-
-testId=2568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-554]
-
-testId=19000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-555]
-
-testId=10808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-556]
-
-testId=27160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-557]
-
-testId=6664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-558]
-
-testId=23048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-559]
-
-testId=14904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-560]
-
-testId=31272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-561]
-
-testId=1576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-562]
-
-testId=17976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-563]
-
-testId=9736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-564]
-
-testId=26152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-565]
-
-testId=5688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-566]
-
-testId=22024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-567]
-
-testId=13880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-568]
-
-testId=30248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-569]
-
-testId=3640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-570]
-
-testId=19992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-571]
-
-testId=11832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-572]
-
-testId=28216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-573]
-
-testId=7704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-574]
-
-testId=24072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-575]
-
-testId=15880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-576]
-
-testId=32264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-577]
-
-testId=264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-578]
-
-testId=16696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-579]
-
-testId=8456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-580]
-
-testId=24840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-581]
-
-testId=4408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-582]
-
-testId=20792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-583]
-
-testId=12600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-584]
-
-testId=28984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-585]
-
-testId=2312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-586]
-
-testId=18696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-587]
-
-testId=10504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-588]
-
-testId=26920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-589]
-
-testId=6424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-590]
-
-testId=22808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-591]
-
-testId=14632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-592]
-
-testId=31000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-593]
-
-testId=1336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-594]
-
-testId=17720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-595]
-
-testId=9480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-596]
-
-testId=25896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-597]
-
-testId=5400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-598]
-
-testId=21768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-599]
-
-testId=13624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-600]
-
-testId=29976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-601]
-
-testId=3384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-602]
-
-testId=19752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-603]
-
-testId=11544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-604]
-
-testId=27912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-605]
-
-testId=7480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-606]
-
-testId=23832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-607]
-
-testId=15672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-608]
-
-testId=32040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-609]
-
-testId=824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-610]
-
-testId=17208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-611]
-
-testId=8968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-612]
-
-testId=25400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-613]
-
-testId=4872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-614]
-
-testId=21272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-615]
-
-testId=13112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-616]
-
-testId=29464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-617]
-
-testId=2840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-618]
-
-testId=19208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-619]
-
-testId=11064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-620]
-
-testId=27432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-621]
-
-testId=6920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-622]
-
-testId=23352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-623]
-
-testId=15112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-624]
-
-testId=31512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-625]
-
-testId=1832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-626]
-
-testId=18232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-627]
-
-testId=10008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-628]
-
-testId=26376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-629]
-
-testId=5912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-630]
-
-testId=22312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-631]
-
-testId=14088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-632]
-
-testId=30520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-633]
-
-testId=3848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-634]
-
-testId=20264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-635]
-
-testId=12072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-636]
-
-testId=28440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-637]
-
-testId=7992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-638]
-
-testId=24344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-639]
-
-testId=16168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-640]
-
-testId=32520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-641]
-
-testId=152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-642]
-
-testId=16552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-643]
-
-testId=8360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-644]
-
-testId=24744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-645]
-
-testId=4280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-646]
-
-testId=20664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-647]
-
-testId=12424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-648]
-
-testId=28840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-649]
-
-testId=2184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-650]
-
-testId=18568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-651]
-
-testId=10392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-652]
-
-testId=26792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-653]
-
-testId=6328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-654]
-
-testId=22696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-655]
-
-testId=14488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-656]
-
-testId=30856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-657]
-
-testId=1208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-658]
-
-testId=17560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-659]
-
-testId=9368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-660]
-
-testId=25752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-661]
-
-testId=5272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-662]
-
-testId=21672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-663]
-
-testId=13464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-664]
-
-testId=29880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-665]
-
-testId=3240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-666]
-
-testId=19608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-667]
-
-testId=11448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-668]
-
-testId=27816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-669]
-
-testId=7320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-670]
-
-testId=23704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-671]
-
-testId=15544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-672]
-
-testId=31880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-673]
-
-testId=664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-674]
-
-testId=17048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-675]
-
-testId=8888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-676]
-
-testId=25272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-677]
-
-testId=4792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-678]
-
-testId=21176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-679]
-
-testId=12952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-680]
-
-testId=29336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-681]
-
-testId=2728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-682]
-
-testId=19096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-683]
-
-testId=10936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-684]
-
-testId=27272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-685]
-
-testId=6840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-686]
-
-testId=23192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-687]
-
-testId=15016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-688]
-
-testId=31416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-689]
-
-testId=1672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-690]
-
-testId=18056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-691]
-
-testId=9912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-692]
-
-testId=26264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-693]
-
-testId=5816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-694]
-
-testId=22168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-695]
-
-testId=14008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-696]
-
-testId=30392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-697]
-
-testId=3736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-698]
-
-testId=20104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-699]
-
-testId=11928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-700]
-
-testId=28296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-701]
-
-testId=7816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-702]
-
-testId=24232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-703]
-
-testId=16040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-704]
-
-testId=32440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-705]
-
-testId=408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-706]
-
-testId=16824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-707]
-
-testId=8600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-708]
-
-testId=25000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-709]
-
-testId=4504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-710]
-
-testId=20920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-711]
-
-testId=12680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-712]
-
-testId=29080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-713]
-
-testId=2440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-714]
-
-testId=18824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-715]
-
-testId=10664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-716]
-
-testId=27048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-717]
-
-testId=6584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-718]
-
-testId=22936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-719]
-
-testId=14760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-720]
-
-testId=31128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-721]
-
-testId=1432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-722]
-
-testId=17800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-723]
-
-testId=9656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-724]
-
-testId=26040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-725]
-
-testId=5512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-726]
-
-testId=21896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-727]
-
-testId=13752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-728]
-
-testId=30104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-729]
-
-testId=3464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-730]
-
-testId=19896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-731]
-
-testId=11672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-732]
-
-testId=28088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-733]
-
-testId=7592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-734]
-
-testId=23992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-735]
-
-testId=15800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-736]
-
-testId=32168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-737]
-
-testId=904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-738]
-
-testId=17288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-739]
-
-testId=9144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-740]
-
-testId=25512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-741]
-
-testId=5016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-742]
-
-testId=21384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-743]
-
-testId=13192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-744]
-
-testId=29624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-745]
-
-testId=3000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-746]
-
-testId=19352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-747]
-
-testId=11144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-748]
-
-testId=27576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-749]
-
-testId=7080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-750]
-
-testId=23480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-751]
-
-testId=15288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-752]
-
-testId=31624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-753]
-
-testId=1928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-754]
-
-testId=18360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-755]
-
-testId=10168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-756]
-
-testId=26504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-757]
-
-testId=6040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-758]
-
-testId=22440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-759]
-
-testId=14248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-760]
-
-testId=30616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-761]
-
-testId=3992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-762]
-
-testId=20408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-763]
-
-testId=12216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-764]
-
-testId=28584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-765]
-
-testId=8088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-766]
-
-testId=24504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-767]
-
-testId=16296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-768]
-
-testId=32664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-769]
-
-testId=120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-770]
-
-testId=16504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-771]
-
-testId=8312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-772]
-
-testId=24664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-773]
-
-testId=4168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-774]
-
-testId=20600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-775]
-
-testId=12392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-776]
-
-testId=28760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-777]
-
-testId=2136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-778]
-
-testId=18520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-779]
-
-testId=10312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-780]
-
-testId=26744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-781]
-
-testId=6264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-782]
-
-testId=22600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-783]
-
-testId=14456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-784]
-
-testId=30840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-785]
-
-testId=1128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-786]
-
-testId=17496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-787]
-
-testId=9336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-788]
-
-testId=25672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-789]
-
-testId=5240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-790]
-
-testId=21608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-791]
-
-testId=13416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-792]
-
-testId=29800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-793]
-
-testId=3144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-794]
-
-testId=19528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-795]
-
-testId=11336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-796]
-
-testId=27752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-797]
-
-testId=7240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-798]
-
-testId=23672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-799]
-
-testId=15448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-800]
-
-testId=31848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-801]
-
-testId=616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-802]
-
-testId=16968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-803]
-
-testId=8776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-804]
-
-testId=25208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-805]
-
-testId=4680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-806]
-
-testId=21112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-807]
-
-testId=12872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-808]
-
-testId=29288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-809]
-
-testId=2648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-810]
-
-testId=19032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-811]
-
-testId=10840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-812]
-
-testId=27224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-813]
-
-testId=6776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-814]
-
-testId=23112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-815]
-
-testId=14968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-816]
-
-testId=31320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-817]
-
-testId=1608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-818]
-
-testId=17992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-819]
-
-testId=9832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-820]
-
-testId=26200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-821]
-
-testId=5752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-822]
-
-testId=22136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-823]
-
-testId=13896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-824]
-
-testId=30296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-825]
-
-testId=3672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-826]
-
-testId=20072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-827]
-
-testId=11864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-828]
-
-testId=28280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-829]
-
-testId=7768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-830]
-
-testId=24168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-831]
-
-testId=15992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-832]
-
-testId=32328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-833]
-
-testId=344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-834]
-
-testId=16760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-835]
-
-testId=8568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-836]
-
-testId=24904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-837]
-
-testId=4472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-838]
-
-testId=20808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-839]
-
-testId=12664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-840]
-
-testId=29016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-841]
-
-testId=2408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-842]
-
-testId=18776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-843]
-
-testId=10616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-844]
-
-testId=26984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-845]
-
-testId=6504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-846]
-
-testId=22872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-847]
-
-testId=14696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-848]
-
-testId=31064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-849]
-
-testId=1400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-850]
-
-testId=17752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-851]
-
-testId=9576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-852]
-
-testId=25928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-853]
-
-testId=5480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-854]
-
-testId=21848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-855]
-
-testId=13688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-856]
-
-testId=30040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-857]
-
-testId=3448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-858]
-
-testId=19816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-859]
-
-testId=11608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-860]
-
-testId=28024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-861]
-
-testId=7512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-862]
-
-testId=23928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-863]
-
-testId=15720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-864]
-
-testId=32120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-865]
-
-testId=888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-866]
-
-testId=17256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-867]
-
-testId=9064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-868]
-
-testId=25432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-869]
-
-testId=4936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-870]
-
-testId=21352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-871]
-
-testId=13144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-872]
-
-testId=29528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-873]
-
-testId=2920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-874]
-
-testId=19272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-875]
-
-testId=11080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-876]
-
-testId=27512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-877]
-
-testId=7016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-878]
-
-testId=23416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-879]
-
-testId=15176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-880]
-
-testId=31560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-881]
-
-testId=1864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-882]
-
-testId=18248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-883]
-
-testId=10056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-884]
-
-testId=26472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-885]
-
-testId=6008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-886]
-
-testId=22360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-887]
-
-testId=14200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-888]
-
-testId=30584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-889]
-
-testId=3944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-890]
-
-testId=20328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-891]
-
-testId=12152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-892]
-
-testId=28520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-893]
-
-testId=8024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-894]
-
-testId=24408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-895]
-
-testId=16232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-896]
-
-testId=32600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-897]
-
-testId=216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-898]
-
-testId=16600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-899]
-
-testId=8408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-900]
-
-testId=24824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-901]
-
-testId=4344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-902]
-
-testId=20696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-903]
-
-testId=12504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-904]
-
-testId=28872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-905]
-
-testId=2296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-906]
-
-testId=18648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-907]
-
-testId=10472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-908]
-
-testId=26840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-909]
-
-testId=6376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-910]
-
-testId=22728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-911]
-
-testId=14568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-912]
-
-testId=30936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-913]
-
-testId=1256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-914]
-
-testId=17656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-915]
-
-testId=9432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-916]
-
-testId=25800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-917]
-
-testId=5336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-918]
-
-testId=21720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-919]
-
-testId=13528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-920]
-
-testId=29896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-921]
-
-testId=3304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-922]
-
-testId=19656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-923]
-
-testId=11464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-924]
-
-testId=27864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-925]
-
-testId=7384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-926]
-
-testId=23800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-927]
-
-testId=15592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-928]
-
-testId=31944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-929]
-
-testId=728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-930]
-
-testId=17144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-931]
-
-testId=8920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-932]
-
-testId=25336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-933]
-
-testId=4840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-934]
-
-testId=21208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-935]
-
-testId=13000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-936]
-
-testId=29416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-937]
-
-testId=2792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-938]
-
-testId=19192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-939]
-
-testId=10952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-940]
-
-testId=27336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-941]
-
-testId=6888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-942]
-
-testId=23288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-943]
-
-testId=15080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-944]
-
-testId=31432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-945]
-
-testId=1784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-946]
-
-testId=18136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-947]
-
-testId=9944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-948]
-
-testId=26360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-949]
-
-testId=5832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-950]
-
-testId=22216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-951]
-
-testId=14056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-952]
-
-testId=30456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-953]
-
-testId=3784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-954]
-
-testId=20216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-955]
-
-testId=11992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-956]
-
-testId=28408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-957]
-
-testId=7896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-958]
-
-testId=24280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-959]
-
-testId=16088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-960]
-
-testId=32504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-961]
-
-testId=504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-962]
-
-testId=16840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-963]
-
-testId=8664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-964]
-
-testId=25048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-965]
-
-testId=4552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-966]
-
-testId=20936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-967]
-
-testId=12760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-968]
-
-testId=29144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-969]
-
-testId=2504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-970]
-
-testId=18920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-971]
-
-testId=10696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-972]
-
-testId=27112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-973]
-
-testId=6648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-974]
-
-testId=23016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-975]
-
-testId=14808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-976]
-
-testId=31224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-977]
-
-testId=1528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-978]
-
-testId=17896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-979]
-
-testId=9704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-980]
-
-testId=26072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-981]
-
-testId=5624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-982]
-
-testId=21960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-983]
-
-testId=13768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-984]
-
-testId=30152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-985]
-
-testId=3528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-986]
-
-testId=19960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-987]
-
-testId=11752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-988]
-
-testId=28136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-989]
-
-testId=7656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-990]
-
-testId=24040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-991]
-
-testId=15832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-992]
-
-testId=32248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-993]
-
-testId=984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-994]
-
-testId=17400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-995]
-
-testId=9176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-996]
-
-testId=25560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-997]
-
-testId=5080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-998]
-
-testId=21496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-999]
-
-testId=13256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1000]
-
-testId=29640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1001]
-
-testId=3064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1002]
-
-testId=19416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1003]
-
-testId=11208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1004]
-
-testId=27624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1005]
-
-testId=7144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1006]
-
-testId=23544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1007]
-
-testId=15320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1008]
-
-testId=31688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1009]
-
-testId=2040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1010]
-
-testId=18408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1011]
-
-testId=10200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1012]
-
-testId=26568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1013]
-
-testId=6088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1014]
-
-testId=22488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1015]
-
-testId=14296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1016]
-
-testId=30680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1017]
-
-testId=4088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1018]
-
-testId=20472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1019]
-
-testId=12248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1020]
-
-testId=28632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1021]
-
-testId=8152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1022]
-
-testId=24552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1023]
-
-testId=16344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1024]
-
-testId=32728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1025]
-
-testId=20
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1026]
-
-testId=16388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1027]
-
-testId=8244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1028]
-
-testId=24612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1029]
-
-testId=4116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1030]
-
-testId=20484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1031]
-
-testId=12324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1032]
-
-testId=28708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1033]
-
-testId=2084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1034]
-
-testId=18484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1035]
-
-testId=10292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1036]
-
-testId=26628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1037]
-
-testId=6164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1038]
-
-testId=22548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1039]
-
-testId=14372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1040]
-
-testId=30740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1041]
-
-testId=1076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1042]
-
-testId=17412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1043]
-
-testId=9220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1044]
-
-testId=25604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1045]
-
-testId=5172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1046]
-
-testId=21524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1047]
-
-testId=13332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1048]
-
-testId=29716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1049]
-
-testId=3108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1050]
-
-testId=19492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1051]
-
-testId=11316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1052]
-
-testId=27684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1053]
-
-testId=7220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1054]
-
-testId=23556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1055]
-
-testId=15412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1056]
-
-testId=31780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1057]
-
-testId=548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1058]
-
-testId=16916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1059]
-
-testId=8740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1060]
-
-testId=25108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1061]
-
-testId=4644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1062]
-
-testId=20996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1063]
-
-testId=12820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1064]
-
-testId=29236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1065]
-
-testId=2596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1066]
-
-testId=18964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1067]
-
-testId=10804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1068]
-
-testId=27156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1069]
-
-testId=6660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1070]
-
-testId=23076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1071]
-
-testId=14884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1072]
-
-testId=31236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1073]
-
-testId=1556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1074]
-
-testId=17924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1075]
-
-testId=9780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1076]
-
-testId=26132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1077]
-
-testId=5636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1078]
-
-testId=22036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1079]
-
-testId=13876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1080]
-
-testId=30244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1081]
-
-testId=3636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1082]
-
-testId=19988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1083]
-
-testId=11780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1084]
-
-testId=28196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1085]
-
-testId=7732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1086]
-
-testId=24100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1087]
-
-testId=15924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1088]
-
-testId=32276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1089]
-
-testId=292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1090]
-
-testId=16676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1091]
-
-testId=8484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1092]
-
-testId=24852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1093]
-
-testId=4356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1094]
-
-testId=20772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1095]
-
-testId=12564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1096]
-
-testId=28980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1097]
-
-testId=2308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1098]
-
-testId=18708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1099]
-
-testId=10516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1100]
-
-testId=26932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1101]
-
-testId=6404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1102]
-
-testId=22804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1103]
-
-testId=14628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1104]
-
-testId=30980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1105]
-
-testId=1284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1106]
-
-testId=17716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1107]
-
-testId=9524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1108]
-
-testId=25908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1109]
-
-testId=5412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1110]
-
-testId=21796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1111]
-
-testId=13604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1112]
-
-testId=29956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1113]
-
-testId=3380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1114]
-
-testId=19732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1115]
-
-testId=11540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1116]
-
-testId=27908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1117]
-
-testId=7476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1118]
-
-testId=23812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1119]
-
-testId=15668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1120]
-
-testId=32036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1121]
-
-testId=772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1122]
-
-testId=17172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1123]
-
-testId=9012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1124]
-
-testId=25348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1125]
-
-testId=4884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1126]
-
-testId=21300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1127]
-
-testId=13108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1128]
-
-testId=29460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1129]
-
-testId=2868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1130]
-
-testId=19252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1131]
-
-testId=11028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1132]
-
-testId=27396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1133]
-
-testId=6932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1134]
-
-testId=23300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1135]
-
-testId=15124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1136]
-
-testId=31540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1137]
-
-testId=1812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1138]
-
-testId=18228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1139]
-
-testId=10020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1140]
-
-testId=26372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1141]
-
-testId=5924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1142]
-
-testId=22292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1143]
-
-testId=14100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1144]
-
-testId=30484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1145]
-
-testId=3844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1146]
-
-testId=20228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1147]
-
-testId=12036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1148]
-
-testId=28420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1149]
-
-testId=7988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1150]
-
-testId=24372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1151]
-
-testId=16148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1152]
-
-testId=32564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1153]
-
-testId=164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1154]
-
-testId=16516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1155]
-
-testId=8372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1156]
-
-testId=24740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1157]
-
-testId=4244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1158]
-
-testId=20644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1159]
-
-testId=12452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1160]
-
-testId=28804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1161]
-
-testId=2228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1162]
-
-testId=18564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1163]
-
-testId=10388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1164]
-
-testId=26756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1165]
-
-testId=6292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1166]
-
-testId=22692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1167]
-
-testId=14500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1168]
-
-testId=30852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1169]
-
-testId=1204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1170]
-
-testId=17540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1171]
-
-testId=9396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1172]
-
-testId=25780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1173]
-
-testId=5268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1174]
-
-testId=21684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1175]
-
-testId=13492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1176]
-
-testId=29844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1177]
-
-testId=3204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1178]
-
-testId=19604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1179]
-
-testId=11428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1180]
-
-testId=27812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1181]
-
-testId=7348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1182]
-
-testId=23684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1183]
-
-testId=15508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1184]
-
-testId=31908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1185]
-
-testId=692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1186]
-
-testId=17076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1187]
-
-testId=8868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1188]
-
-testId=25268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1189]
-
-testId=4772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1190]
-
-testId=21140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1191]
-
-testId=12964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1192]
-
-testId=29348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1193]
-
-testId=2708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1194]
-
-testId=19092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1195]
-
-testId=10900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1196]
-
-testId=27300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1197]
-
-testId=6788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1198]
-
-testId=23172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1199]
-
-testId=15012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1200]
-
-testId=31380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1201]
-
-testId=1668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1202]
-
-testId=18084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1203]
-
-testId=9860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1204]
-
-testId=26276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1205]
-
-testId=5780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1206]
-
-testId=22180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1207]
-
-testId=13988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1208]
-
-testId=30388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1209]
-
-testId=3764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1210]
-
-testId=20100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1211]
-
-testId=11956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1212]
-
-testId=28292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1213]
-
-testId=7860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1214]
-
-testId=24228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1215]
-
-testId=16052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1216]
-
-testId=32404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1217]
-
-testId=404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1218]
-
-testId=16772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1219]
-
-testId=8580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1220]
-
-testId=24964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1221]
-
-testId=4516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1222]
-
-testId=20900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1223]
-
-testId=12676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1224]
-
-testId=29092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1225]
-
-testId=2436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1226]
-
-testId=18836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1227]
-
-testId=10628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1228]
-
-testId=27012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1229]
-
-testId=6532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1230]
-
-testId=22932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1231]
-
-testId=14740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1232]
-
-testId=31108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1233]
-
-testId=1428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1234]
-
-testId=17844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1235]
-
-testId=9636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1236]
-
-testId=26004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1237]
-
-testId=5540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1238]
-
-testId=21892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1239]
-
-testId=13700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1240]
-
-testId=30132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1241]
-
-testId=3460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1242]
-
-testId=19876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1243]
-
-testId=11700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1244]
-
-testId=28036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1245]
-
-testId=7588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1246]
-
-testId=23988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1247]
-
-testId=15764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1248]
-
-testId=32164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1249]
-
-testId=900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1250]
-
-testId=17300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1251]
-
-testId=9092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1252]
-
-testId=25524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1253]
-
-testId=5028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1254]
-
-testId=21412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1255]
-
-testId=13220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1256]
-
-testId=29604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1257]
-
-testId=2948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1258]
-
-testId=19380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1259]
-
-testId=11156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1260]
-
-testId=27540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1261]
-
-testId=7092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1262]
-
-testId=23444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1263]
-
-testId=15284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1264]
-
-testId=31668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1265]
-
-testId=1940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1266]
-
-testId=18308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1267]
-
-testId=10164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1268]
-
-testId=26532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1269]
-
-testId=6052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1270]
-
-testId=22452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1271]
-
-testId=14260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1272]
-
-testId=30628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1273]
-
-testId=4020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1274]
-
-testId=20404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1275]
-
-testId=12164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1276]
-
-testId=28548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1277]
-
-testId=8068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1278]
-
-testId=24468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1279]
-
-testId=16260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1280]
-
-testId=32644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1281]
-
-testId=68
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1282]
-
-testId=16484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1283]
-
-testId=8292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1284]
-
-testId=24644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1285]
-
-testId=4180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1286]
-
-testId=20580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1287]
-
-testId=12372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1288]
-
-testId=28756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1289]
-
-testId=2132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1290]
-
-testId=18516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1291]
-
-testId=10324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1292]
-
-testId=26740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1293]
-
-testId=6260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1294]
-
-testId=22644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1295]
-
-testId=14436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1296]
-
-testId=30820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1297]
-
-testId=1124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1298]
-
-testId=17492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1299]
-
-testId=9300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1300]
-
-testId=25668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1301]
-
-testId=5204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1302]
-
-testId=21572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1303]
-
-testId=13428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1304]
-
-testId=29812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1305]
-
-testId=3172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1306]
-
-testId=19540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1307]
-
-testId=11332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1308]
-
-testId=27716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1309]
-
-testId=7236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1310]
-
-testId=23636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1311]
-
-testId=15476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1312]
-
-testId=31828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1313]
-
-testId=580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1314]
-
-testId=16980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1315]
-
-testId=8820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1316]
-
-testId=25204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1317]
-
-testId=4724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1318]
-
-testId=21076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1319]
-
-testId=12916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1320]
-
-testId=29268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1321]
-
-testId=2676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1322]
-
-testId=19028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1323]
-
-testId=10852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1324]
-
-testId=27204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1325]
-
-testId=6724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1326]
-
-testId=23108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1327]
-
-testId=14932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1328]
-
-testId=31332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1329]
-
-testId=1636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1330]
-
-testId=17988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1331]
-
-testId=9812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1332]
-
-testId=26180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1333]
-
-testId=5700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1334]
-
-testId=22116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1335]
-
-testId=13940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1336]
-
-testId=30308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1337]
-
-testId=3668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1338]
-
-testId=20052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1339]
-
-testId=11844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1340]
-
-testId=28260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1341]
-
-testId=7796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1342]
-
-testId=24180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1343]
-
-testId=15972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1344]
-
-testId=32340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1345]
-
-testId=356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1346]
-
-testId=16740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1347]
-
-testId=8564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1348]
-
-testId=24916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1349]
-
-testId=4452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1350]
-
-testId=20852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1351]
-
-testId=12628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1352]
-
-testId=29012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1353]
-
-testId=2388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1354]
-
-testId=18788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1355]
-
-testId=10596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1356]
-
-testId=26980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1357]
-
-testId=6516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1358]
-
-testId=22852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1359]
-
-testId=14692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1360]
-
-testId=31076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1361]
-
-testId=1348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1362]
-
-testId=17732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1363]
-
-testId=9540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1364]
-
-testId=25924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1365]
-
-testId=5444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1366]
-
-testId=21860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1367]
-
-testId=13636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1368]
-
-testId=30052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1369]
-
-testId=3412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1370]
-
-testId=19812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1371]
-
-testId=11620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1372]
-
-testId=28020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1373]
-
-testId=7492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1374]
-
-testId=23924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1375]
-
-testId=15700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1376]
-
-testId=32100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1377]
-
-testId=852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1378]
-
-testId=17252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1379]
-
-testId=9076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1380]
-
-testId=25460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1381]
-
-testId=4932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1382]
-
-testId=21364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1383]
-
-testId=13156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1384]
-
-testId=29508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1385]
-
-testId=2932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1386]
-
-testId=19300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1387]
-
-testId=11124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1388]
-
-testId=27476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1389]
-
-testId=7028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1390]
-
-testId=23412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1391]
-
-testId=15172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1392]
-
-testId=31556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1393]
-
-testId=1876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1394]
-
-testId=18244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1395]
-
-testId=10100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1396]
-
-testId=26468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1397]
-
-testId=6004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1398]
-
-testId=22388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1399]
-
-testId=14196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1400]
-
-testId=30548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1401]
-
-testId=3924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1402]
-
-testId=20340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1403]
-
-testId=12100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1404]
-
-testId=28516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1405]
-
-testId=8052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1406]
-
-testId=24436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1407]
-
-testId=16212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1408]
-
-testId=32612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1409]
-
-testId=244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1410]
-
-testId=16612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1411]
-
-testId=8420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1412]
-
-testId=24820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1413]
-
-testId=4308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1414]
-
-testId=20708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1415]
-
-testId=12500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1416]
-
-testId=28900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1417]
-
-testId=2244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1418]
-
-testId=18644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1419]
-
-testId=10436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1420]
-
-testId=26868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1421]
-
-testId=6372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1422]
-
-testId=22724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1423]
-
-testId=14548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1424]
-
-testId=30932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1425]
-
-testId=1268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1426]
-
-testId=17636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1427]
-
-testId=9412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1428]
-
-testId=25844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1429]
-
-testId=5364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1430]
-
-testId=21700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1431]
-
-testId=13508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1432]
-
-testId=29892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1433]
-
-testId=3268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1434]
-
-testId=19700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1435]
-
-testId=11492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1436]
-
-testId=27892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1437]
-
-testId=7396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1438]
-
-testId=23748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1439]
-
-testId=15556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1440]
-
-testId=31940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1441]
-
-testId=740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1442]
-
-testId=17092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1443]
-
-testId=8948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1444]
-
-testId=25332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1445]
-
-testId=4836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1446]
-
-testId=21220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1447]
-
-testId=13012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1448]
-
-testId=29412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1449]
-
-testId=2756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1450]
-
-testId=19172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1451]
-
-testId=10964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1452]
-
-testId=27348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1453]
-
-testId=6900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1454]
-
-testId=23284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1455]
-
-testId=15076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1456]
-
-testId=31428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1457]
-
-testId=1764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1458]
-
-testId=18164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1459]
-
-testId=9924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1460]
-
-testId=26340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1461]
-
-testId=5844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1462]
-
-testId=22260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1463]
-
-testId=14020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1464]
-
-testId=30420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1465]
-
-testId=3780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1466]
-
-testId=20212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1467]
-
-testId=12020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1468]
-
-testId=28388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1469]
-
-testId=7908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1470]
-
-testId=24276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1471]
-
-testId=16084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1472]
-
-testId=32452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1473]
-
-testId=452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1474]
-
-testId=16836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1475]
-
-testId=8660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1476]
-
-testId=25044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1477]
-
-testId=4596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1478]
-
-testId=20932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1479]
-
-testId=12756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1480]
-
-testId=29124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1481]
-
-testId=2500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1482]
-
-testId=18884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1483]
-
-testId=10724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1484]
-
-testId=27108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1485]
-
-testId=6612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1486]
-
-testId=22996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1487]
-
-testId=14820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1488]
-
-testId=31172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1489]
-
-testId=1476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1490]
-
-testId=17860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1491]
-
-testId=9684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1492]
-
-testId=26084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1493]
-
-testId=5620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1494]
-
-testId=21956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1495]
-
-testId=13796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1496]
-
-testId=30196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1497]
-
-testId=3524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1498]
-
-testId=19956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1499]
-
-testId=11748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1500]
-
-testId=28116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1501]
-
-testId=7668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1502]
-
-testId=24052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1503]
-
-testId=15828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1504]
-
-testId=32212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1505]
-
-testId=964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1506]
-
-testId=17396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1507]
-
-testId=9172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1508]
-
-testId=25588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1509]
-
-testId=5060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1510]
-
-testId=21460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1511]
-
-testId=13252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1512]
-
-testId=29668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1513]
-
-testId=3044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1514]
-
-testId=19412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1515]
-
-testId=11204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1516]
-
-testId=27588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1517]
-
-testId=7124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1518]
-
-testId=23492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1519]
-
-testId=15332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1520]
-
-testId=31716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1521]
-
-testId=1988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1522]
-
-testId=18388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1523]
-
-testId=10180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1524]
-
-testId=26612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1525]
-
-testId=6084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1526]
-
-testId=22468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1527]
-
-testId=14276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1528]
-
-testId=30692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1529]
-
-testId=4052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1530]
-
-testId=20452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1531]
-
-testId=12244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1532]
-
-testId=28612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1533]
-
-testId=8180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1534]
-
-testId=24548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1535]
-
-testId=16356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1536]
-
-testId=32740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1537]
-
-testId=60
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1538]
-
-testId=16396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1539]
-
-testId=8252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1540]
-
-testId=24604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1541]
-
-testId=4124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1542]
-
-testId=20508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1543]
-
-testId=12316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1544]
-
-testId=28716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1545]
-
-testId=2108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1546]
-
-testId=18444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1547]
-
-testId=10284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1548]
-
-testId=26684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1549]
-
-testId=6188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1550]
-
-testId=22556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1551]
-
-testId=14348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1552]
-
-testId=30764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1553]
-
-testId=1036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1554]
-
-testId=17436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1555]
-
-testId=9244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1556]
-
-testId=25612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1557]
-
-testId=5164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1558]
-
-testId=21516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1559]
-
-testId=13356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1560]
-
-testId=29708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1561]
-
-testId=3116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1562]
-
-testId=19484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1563]
-
-testId=11308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1564]
-
-testId=27660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1565]
-
-testId=7196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1566]
-
-testId=23580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1567]
-
-testId=15404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1568]
-
-testId=31756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1569]
-
-testId=572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1570]
-
-testId=16956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1571]
-
-testId=8748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1572]
-
-testId=25132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1573]
-
-testId=4652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1574]
-
-testId=21036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1575]
-
-testId=12844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1576]
-
-testId=29244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1577]
-
-testId=2604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1578]
-
-testId=19004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1579]
-
-testId=10812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1580]
-
-testId=27164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1581]
-
-testId=6716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1582]
-
-testId=23100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1583]
-
-testId=14892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1584]
-
-testId=31244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1585]
-
-testId=1596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1586]
-
-testId=17948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1587]
-
-testId=9788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1588]
-
-testId=26124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1589]
-
-testId=5660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1590]
-
-testId=22044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1591]
-
-testId=13852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1592]
-
-testId=30236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1593]
-
-testId=3612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1594]
-
-testId=19996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1595]
-
-testId=11820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1596]
-
-testId=28172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1597]
-
-testId=7708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1598]
-
-testId=24092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1599]
-
-testId=15900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1600]
-
-testId=32268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1601]
-
-testId=268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1602]
-
-testId=16684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1603]
-
-testId=8508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1604]
-
-testId=24844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1605]
-
-testId=4412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1606]
-
-testId=20780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1607]
-
-testId=12604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1608]
-
-testId=28972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1609]
-
-testId=2332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1610]
-
-testId=18716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1611]
-
-testId=10508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1612]
-
-testId=26924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1613]
-
-testId=6428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1614]
-
-testId=22828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1615]
-
-testId=14652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1616]
-
-testId=31036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1617]
-
-testId=1340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1618]
-
-testId=17676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1619]
-
-testId=9532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1620]
-
-testId=25868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1621]
-
-testId=5420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1622]
-
-testId=21788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1623]
-
-testId=13612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1624]
-
-testId=29996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1625]
-
-testId=3372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1626]
-
-testId=19724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1627]
-
-testId=11564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1628]
-
-testId=27916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1629]
-
-testId=7452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1630]
-
-testId=23868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1631]
-
-testId=15660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1632]
-
-testId=32044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1633]
-
-testId=828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1634]
-
-testId=17212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1635]
-
-testId=8972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1636]
-
-testId=25372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1637]
-
-testId=4908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1638]
-
-testId=21292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1639]
-
-testId=13116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1640]
-
-testId=29452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1641]
-
-testId=2860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1642]
-
-testId=19212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1643]
-
-testId=11036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1644]
-
-testId=27452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1645]
-
-testId=6924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1646]
-
-testId=23340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1647]
-
-testId=15148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1648]
-
-testId=31516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1649]
-
-testId=1820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1650]
-
-testId=18204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1651]
-
-testId=10012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1652]
-
-testId=26428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1653]
-
-testId=5916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1654]
-
-testId=22300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1655]
-
-testId=14124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1656]
-
-testId=30476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1657]
-
-testId=3852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1658]
-
-testId=20236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1659]
-
-testId=12092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1660]
-
-testId=28460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1661]
-
-testId=7948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1662]
-
-testId=24332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1663]
-
-testId=16172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1664]
-
-testId=32572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1665]
-
-testId=156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1666]
-
-testId=16572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1667]
-
-testId=8364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1668]
-
-testId=24764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1669]
-
-testId=4284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1670]
-
-testId=20620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1671]
-
-testId=12460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1672]
-
-testId=28860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1673]
-
-testId=2236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1674]
-
-testId=18604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1675]
-
-testId=10428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1676]
-
-testId=26780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1677]
-
-testId=6300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1678]
-
-testId=22668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1679]
-
-testId=14508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1680]
-
-testId=30876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1681]
-
-testId=1164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1682]
-
-testId=17564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1683]
-
-testId=9356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1684]
-
-testId=25740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1685]
-
-testId=5308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1686]
-
-testId=21644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1687]
-
-testId=13484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1688]
-
-testId=29868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1689]
-
-testId=3260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1690]
-
-testId=19628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1691]
-
-testId=11404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1692]
-
-testId=27820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1693]
-
-testId=7356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1694]
-
-testId=23692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1695]
-
-testId=15548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1696]
-
-testId=31932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1697]
-
-testId=684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1698]
-
-testId=17036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1699]
-
-testId=8892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1700]
-
-testId=25276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1701]
-
-testId=4748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1702]
-
-testId=21164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1703]
-
-testId=12956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1704]
-
-testId=29340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1705]
-
-testId=2716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1706]
-
-testId=19116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1707]
-
-testId=10892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1708]
-
-testId=27324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1709]
-
-testId=6844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1710]
-
-testId=23228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1711]
-
-testId=15036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1712]
-
-testId=31388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1713]
-
-testId=1692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1714]
-
-testId=18076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1715]
-
-testId=9868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1716]
-
-testId=26268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1717]
-
-testId=5772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1718]
-
-testId=22188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1719]
-
-testId=14012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1720]
-
-testId=30396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1721]
-
-testId=3740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1722]
-
-testId=20156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1723]
-
-testId=11964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1724]
-
-testId=28332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1725]
-
-testId=7836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1726]
-
-testId=24204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1727]
-
-testId=16012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1728]
-
-testId=32412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1729]
-
-testId=396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1730]
-
-testId=16812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1731]
-
-testId=8620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1732]
-
-testId=25004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1733]
-
-testId=4540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1734]
-
-testId=20924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1735]
-
-testId=12700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1736]
-
-testId=29116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1737]
-
-testId=2444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1738]
-
-testId=18828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1739]
-
-testId=10684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1740]
-
-testId=27020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1741]
-
-testId=6540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1742]
-
-testId=22972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1743]
-
-testId=14780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1744]
-
-testId=31164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1745]
-
-testId=1468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1746]
-
-testId=17804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1747]
-
-testId=9628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1748]
-
-testId=25996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1749]
-
-testId=5548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1750]
-
-testId=21932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1751]
-
-testId=13724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1752]
-
-testId=30092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1753]
-
-testId=3500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1754]
-
-testId=19900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1755]
-
-testId=11692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1756]
-
-testId=28044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1757]
-
-testId=7596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1758]
-
-testId=23980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1759]
-
-testId=15788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1760]
-
-testId=32188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1761]
-
-testId=908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1762]
-
-testId=17340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1763]
-
-testId=9148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1764]
-
-testId=25500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1765]
-
-testId=5004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1766]
-
-testId=21420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1767]
-
-testId=13244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1768]
-
-testId=29580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1769]
-
-testId=2988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1770]
-
-testId=19388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1771]
-
-testId=11180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1772]
-
-testId=27548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1773]
-
-testId=7100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1774]
-
-testId=23452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1775]
-
-testId=15276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1776]
-
-testId=31628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1777]
-
-testId=1964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1778]
-
-testId=18316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1779]
-
-testId=10156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1780]
-
-testId=26508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1781]
-
-testId=6076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1782]
-
-testId=22412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1783]
-
-testId=14236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1784]
-
-testId=30620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1785]
-
-testId=3980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1786]
-
-testId=20412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1787]
-
-testId=12188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1788]
-
-testId=28556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1789]
-
-testId=8124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1790]
-
-testId=24508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1791]
-
-testId=16284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1792]
-
-testId=32684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1793]
-
-testId=124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1794]
-
-testId=16508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1795]
-
-testId=8268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1796]
-
-testId=24652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1797]
-
-testId=4172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1798]
-
-testId=20556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1799]
-
-testId=12412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1800]
-
-testId=28748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1801]
-
-testId=2172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1802]
-
-testId=18540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1803]
-
-testId=10332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1804]
-
-testId=26716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1805]
-
-testId=6252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1806]
-
-testId=22620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1807]
-
-testId=14428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1808]
-
-testId=30828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1809]
-
-testId=1116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1810]
-
-testId=17516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1811]
-
-testId=9324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1812]
-
-testId=25708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1813]
-
-testId=5228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1814]
-
-testId=21596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1815]
-
-testId=13436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1816]
-
-testId=29772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1817]
-
-testId=3148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1818]
-
-testId=19580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1819]
-
-testId=11372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1820]
-
-testId=27740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1821]
-
-testId=7292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1822]
-
-testId=23660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1823]
-
-testId=15452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1824]
-
-testId=31820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1825]
-
-testId=604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1826]
-
-testId=17020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1827]
-
-testId=8780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1828]
-
-testId=25212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1829]
-
-testId=4700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1830]
-
-testId=21116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1831]
-
-testId=12892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1832]
-
-testId=29276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1833]
-
-testId=2652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1834]
-
-testId=19052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1835]
-
-testId=10828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1836]
-
-testId=27260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1837]
-
-testId=6764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1838]
-
-testId=23132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1839]
-
-testId=14972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1840]
-
-testId=31356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1841]
-
-testId=1612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1842]
-
-testId=18012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1843]
-
-testId=9820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1844]
-
-testId=26204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1845]
-
-testId=5708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1846]
-
-testId=22140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1847]
-
-testId=13916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1848]
-
-testId=30300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1849]
-
-testId=3676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1850]
-
-testId=20092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1851]
-
-testId=11900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1852]
-
-testId=28284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1853]
-
-testId=7756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1854]
-
-testId=24188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1855]
-
-testId=15980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1856]
-
-testId=32364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1857]
-
-testId=364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1858]
-
-testId=16764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1859]
-
-testId=8524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1860]
-
-testId=24940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1861]
-
-testId=4444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1862]
-
-testId=20812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1863]
-
-testId=12636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1864]
-
-testId=29052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1865]
-
-testId=2428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1866]
-
-testId=18764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1867]
-
-testId=10620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1868]
-
-testId=27004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1869]
-
-testId=6476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1870]
-
-testId=22876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1871]
-
-testId=14684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1872]
-
-testId=31100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1873]
-
-testId=1388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1874]
-
-testId=17788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1875]
-
-testId=9548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1876]
-
-testId=25980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1877]
-
-testId=5468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1878]
-
-testId=21852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1879]
-
-testId=13660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1880]
-
-testId=30028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1881]
-
-testId=3436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1882]
-
-testId=19804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1883]
-
-testId=11596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1884]
-
-testId=27996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1885]
-
-testId=7516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1886]
-
-testId=23932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1887]
-
-testId=15708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1888]
-
-testId=32108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1889]
-
-testId=844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1890]
-
-testId=17260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1891]
-
-testId=9036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1892]
-
-testId=25468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1893]
-
-testId=4956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1894]
-
-testId=21324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1895]
-
-testId=13132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1896]
-
-testId=29516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1897]
-
-testId=2940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1898]
-
-testId=19276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1899]
-
-testId=11084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1900]
-
-testId=27468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1901]
-
-testId=7004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1902]
-
-testId=23388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1903]
-
-testId=15180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1904]
-
-testId=31612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1905]
-
-testId=1868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1906]
-
-testId=18268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1907]
-
-testId=10060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1908]
-
-testId=26476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1909]
-
-testId=5964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1910]
-
-testId=22380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1911]
-
-testId=14204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1912]
-
-testId=30572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1913]
-
-testId=3932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1914]
-
-testId=20348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1915]
-
-testId=12140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1916]
-
-testId=28492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1917]
-
-testId=8028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1918]
-
-testId=24444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1919]
-
-testId=16204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1920]
-
-testId=32620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1921]
-
-testId=220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1922]
-
-testId=16620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1923]
-
-testId=8396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1924]
-
-testId=24828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1925]
-
-testId=4316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1926]
-
-testId=20732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1927]
-
-testId=12492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1928]
-
-testId=28892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1929]
-
-testId=2284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1930]
-
-testId=18684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1931]
-
-testId=10444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1932]
-
-testId=26876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1933]
-
-testId=6380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1934]
-
-testId=22732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1935]
-
-testId=14572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1936]
-
-testId=30940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1937]
-
-testId=1276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1938]
-
-testId=17660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1939]
-
-testId=9420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1940]
-
-testId=25852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1941]
-
-testId=5372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1942]
-
-testId=21708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1943]
-
-testId=13532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1944]
-
-testId=29932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1945]
-
-testId=3292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1946]
-
-testId=19660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1947]
-
-testId=11468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1948]
-
-testId=27868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1949]
-
-testId=7420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1950]
-
-testId=23788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1951]
-
-testId=15596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1952]
-
-testId=31964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1953]
-
-testId=748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1954]
-
-testId=17116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1955]
-
-testId=8940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1956]
-
-testId=25324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1957]
-
-testId=4828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1958]
-
-testId=21212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1959]
-
-testId=13004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1960]
-
-testId=29388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1961]
-
-testId=2796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1962]
-
-testId=19180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1963]
-
-testId=10972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1964]
-
-testId=27372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1965]
-
-testId=6860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1966]
-
-testId=23260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1967]
-
-testId=15052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1968]
-
-testId=31436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1969]
-
-testId=1788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1970]
-
-testId=18140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1971]
-
-testId=9932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1972]
-
-testId=26364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1973]
-
-testId=5884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1974]
-
-testId=22268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1975]
-
-testId=14076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1976]
-
-testId=30444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1977]
-
-testId=3788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1978]
-
-testId=20220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1979]
-
-testId=12012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1980]
-
-testId=28380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1981]
-
-testId=7900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1982]
-
-testId=24300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1983]
-
-testId=16108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1984]
-
-testId=32476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1985]
-
-testId=476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1986]
-
-testId=16844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1987]
-
-testId=8668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1988]
-
-testId=25068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1989]
-
-testId=4604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1990]
-
-testId=20940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1991]
-
-testId=12764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1992]
-
-testId=29132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1993]
-
-testId=2508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1994]
-
-testId=18892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1995]
-
-testId=10716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1996]
-
-testId=27100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1997]
-
-testId=6652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1998]
-
-testId=23004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-1999]
-
-testId=14844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2000]
-
-testId=31180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2001]
-
-testId=1516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2002]
-
-testId=17900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2003]
-
-testId=9708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2004]
-
-testId=26092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2005]
-
-testId=5628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2006]
-
-testId=21964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2007]
-
-testId=13804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2008]
-
-testId=30204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2009]
-
-testId=3564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2010]
-
-testId=19948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2011]
-
-testId=11772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2012]
-
-testId=28156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2013]
-
-testId=7660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2014]
-
-testId=24012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2015]
-
-testId=15852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2016]
-
-testId=32220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2017]
-
-testId=972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2018]
-
-testId=17388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2019]
-
-testId=9164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2020]
-
-testId=25548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2021]
-
-testId=5068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2022]
-
-testId=21500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2023]
-
-testId=13260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2024]
-
-testId=29676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2025]
-
-testId=3052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2026]
-
-testId=19436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2027]
-
-testId=11212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2028]
-
-testId=27644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2029]
-
-testId=7132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2030]
-
-testId=23516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2031]
-
-testId=15324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2032]
-
-testId=31724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2033]
-
-testId=2044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2034]
-
-testId=18396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2035]
-
-testId=10236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2036]
-
-testId=26588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2037]
-
-testId=6140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2038]
-
-testId=22476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2039]
-
-testId=14332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2040]
-
-testId=30668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2041]
-
-testId=4060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2042]
-
-testId=20444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2043]
-
-testId=12236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2044]
-
-testId=28652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2045]
-
-testId=8172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2046]
-
-testId=24524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2047]
-
-testId=16364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2048]
-
-testId=32764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2049]
-
-testId=2
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2050]
-
-testId=16402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2051]
-
-testId=8242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2052]
-
-testId=24594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2053]
-
-testId=4098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2054]
-
-testId=20482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2055]
-
-testId=12322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2056]
-
-testId=28722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2057]
-
-testId=2066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2058]
-
-testId=18466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2059]
-
-testId=10258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2060]
-
-testId=26674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2061]
-
-testId=6194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2062]
-
-testId=22578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2063]
-
-testId=14386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2064]
-
-testId=30738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2065]
-
-testId=1058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2066]
-
-testId=17458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2067]
-
-testId=9218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2068]
-
-testId=25634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2069]
-
-testId=5122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2070]
-
-testId=21506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2071]
-
-testId=13314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2072]
-
-testId=29730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2073]
-
-testId=3122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2074]
-
-testId=19458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2075]
-
-testId=11266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2076]
-
-testId=27650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2077]
-
-testId=7218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2078]
-
-testId=23554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2079]
-
-testId=15378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2080]
-
-testId=31762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2081]
-
-testId=562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2082]
-
-testId=16930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2083]
-
-testId=8754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2084]
-
-testId=25106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2085]
-
-testId=4658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2086]
-
-testId=20994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2087]
-
-testId=12802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2088]
-
-testId=29186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2089]
-
-testId=2562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2090]
-
-testId=18994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2091]
-
-testId=10786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2092]
-
-testId=27186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2093]
-
-testId=6706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2094]
-
-testId=23042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2095]
-
-testId=14850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2096]
-
-testId=31250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2097]
-
-testId=1538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2098]
-
-testId=17954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2099]
-
-testId=9778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2100]
-
-testId=26114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2101]
-
-testId=5650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2102]
-
-testId=22034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2103]
-
-testId=13842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2104]
-
-testId=30242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2105]
-
-testId=3618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2106]
-
-testId=20002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2107]
-
-testId=11826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2108]
-
-testId=28178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2109]
-
-testId=7682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2110]
-
-testId=24114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2111]
-
-testId=15906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2112]
-
-testId=32306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2113]
-
-testId=306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2114]
-
-testId=16674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2115]
-
-testId=8450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2116]
-
-testId=24866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2117]
-
-testId=4402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2118]
-
-testId=20738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2119]
-
-testId=12546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2120]
-
-testId=28962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2121]
-
-testId=2338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2122]
-
-testId=18706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2123]
-
-testId=10514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2124]
-
-testId=26930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2125]
-
-testId=6434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2126]
-
-testId=22818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2127]
-
-testId=14610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2128]
-
-testId=30994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2129]
-
-testId=1314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2130]
-
-testId=17682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2131]
-
-testId=9490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2132]
-
-testId=25890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2133]
-
-testId=5410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2134]
-
-testId=21762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2135]
-
-testId=13570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2136]
-
-testId=29986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2137]
-
-testId=3346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2138]
-
-testId=19762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2139]
-
-testId=11554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2140]
-
-testId=27906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2141]
-
-testId=7426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2142]
-
-testId=23842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2143]
-
-testId=15650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2144]
-
-testId=32018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2145]
-
-testId=818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2146]
-
-testId=17186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2147]
-
-testId=8962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2148]
-
-testId=25378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2149]
-
-testId=4914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2150]
-
-testId=21298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2151]
-
-testId=13058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2152]
-
-testId=29458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2153]
-
-testId=2834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2154]
-
-testId=19202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2155]
-
-testId=11058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2156]
-
-testId=27394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2157]
-
-testId=6946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2158]
-
-testId=23346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2159]
-
-testId=15154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2160]
-
-testId=31522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2161]
-
-testId=1826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2162]
-
-testId=18210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2163]
-
-testId=10018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2164]
-
-testId=26402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2165]
-
-testId=5906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2166]
-
-testId=22290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2167]
-
-testId=14098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2168]
-
-testId=30482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2169]
-
-testId=3858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2170]
-
-testId=20226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2171]
-
-testId=12082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2172]
-
-testId=28434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2173]
-
-testId=7954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2174]
-
-testId=24338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2175]
-
-testId=16146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2176]
-
-testId=32514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2177]
-
-testId=162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2178]
-
-testId=16546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2179]
-
-testId=8322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2180]
-
-testId=24738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2181]
-
-testId=4226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2182]
-
-testId=20626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2183]
-
-testId=12434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2184]
-
-testId=28834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2185]
-
-testId=2210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2186]
-
-testId=18562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2187]
-
-testId=10418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2188]
-
-testId=26770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2189]
-
-testId=6274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2190]
-
-testId=22674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2191]
-
-testId=14482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2192]
-
-testId=30882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2193]
-
-testId=1202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2194]
-
-testId=17586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2195]
-
-testId=9346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2196]
-
-testId=25746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2197]
-
-testId=5266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2198]
-
-testId=21682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2199]
-
-testId=13474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2200]
-
-testId=29874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2201]
-
-testId=3202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2202]
-
-testId=19618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2203]
-
-testId=11426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2204]
-
-testId=27794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2205]
-
-testId=7346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2206]
-
-testId=23714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2207]
-
-testId=15490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2208]
-
-testId=31922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2209]
-
-testId=674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2210]
-
-testId=17074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2211]
-
-testId=8882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2212]
-
-testId=25234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2213]
-
-testId=4738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2214]
-
-testId=21138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2215]
-
-testId=12946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2216]
-
-testId=29346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2217]
-
-testId=2690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2218]
-
-testId=19106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2219]
-
-testId=10914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2220]
-
-testId=27298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2221]
-
-testId=6834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2222]
-
-testId=23218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2223]
-
-testId=14978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2224]
-
-testId=31394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2225]
-
-testId=1682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2226]
-
-testId=18066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2227]
-
-testId=9858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2228]
-
-testId=26242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2229]
-
-testId=5778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2230]
-
-testId=22178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2231]
-
-testId=13986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2232]
-
-testId=30338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2233]
-
-testId=3762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2234]
-
-testId=20114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2235]
-
-testId=11954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2236]
-
-testId=28306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2237]
-
-testId=7810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2238]
-
-testId=24226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2239]
-
-testId=16002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2240]
-
-testId=32418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2241]
-
-testId=402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2242]
-
-testId=16802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2243]
-
-testId=8626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2244]
-
-testId=24962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2245]
-
-testId=4498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2246]
-
-testId=20866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2247]
-
-testId=12722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2248]
-
-testId=29106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2249]
-
-testId=2482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2250]
-
-testId=18866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2251]
-
-testId=10658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2252]
-
-testId=27026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2253]
-
-testId=6578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2254]
-
-testId=22946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2255]
-
-testId=14754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2256]
-
-testId=31138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2257]
-
-testId=1442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2258]
-
-testId=17794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2259]
-
-testId=9618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2260]
-
-testId=26034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2261]
-
-testId=5522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2262]
-
-testId=21938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2263]
-
-testId=13730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2264]
-
-testId=30098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2265]
-
-testId=3506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2266]
-
-testId=19874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2267]
-
-testId=11682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2268]
-
-testId=28034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2269]
-
-testId=7570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2270]
-
-testId=23954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2271]
-
-testId=15794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2272]
-
-testId=32146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2273]
-
-testId=898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2274]
-
-testId=17314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2275]
-
-testId=9122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2276]
-
-testId=25506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2277]
-
-testId=4994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2278]
-
-testId=21394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2279]
-
-testId=13202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2280]
-
-testId=29618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2281]
-
-testId=2994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2282]
-
-testId=19362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2283]
-
-testId=11138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2284]
-
-testId=27554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2285]
-
-testId=7090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2286]
-
-testId=23426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2287]
-
-testId=15234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2288]
-
-testId=31618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2289]
-
-testId=1938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2290]
-
-testId=18338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2291]
-
-testId=10114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2292]
-
-testId=26530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2293]
-
-testId=6018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2294]
-
-testId=22402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2295]
-
-testId=14242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2296]
-
-testId=30626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2297]
-
-testId=4018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2298]
-
-testId=20354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2299]
-
-testId=12178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2300]
-
-testId=28578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2301]
-
-testId=8098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2302]
-
-testId=24498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2303]
-
-testId=16290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2304]
-
-testId=32690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2305]
-
-testId=114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2306]
-
-testId=16482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2307]
-
-testId=8290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2308]
-
-testId=24690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2309]
-
-testId=4162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2310]
-
-testId=20562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2311]
-
-testId=12354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2312]
-
-testId=28786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2313]
-
-testId=2146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2314]
-
-testId=18546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2315]
-
-testId=10322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2316]
-
-testId=26706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2317]
-
-testId=6242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2318]
-
-testId=22594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2319]
-
-testId=14434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2320]
-
-testId=30786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2321]
-
-testId=1090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2322]
-
-testId=17490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2323]
-
-testId=9282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2324]
-
-testId=25714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2325]
-
-testId=5186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2326]
-
-testId=21570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2327]
-
-testId=13378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2328]
-
-testId=29810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2329]
-
-testId=3170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2330]
-
-testId=19570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2331]
-
-testId=11362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2332]
-
-testId=27762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2333]
-
-testId=7266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2334]
-
-testId=23650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2335]
-
-testId=15426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2336]
-
-testId=31810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2337]
-
-testId=578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2338]
-
-testId=16978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2339]
-
-testId=8818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2340]
-
-testId=25154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2341]
-
-testId=4690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2342]
-
-testId=21074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2343]
-
-testId=12866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2344]
-
-testId=29298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2345]
-
-testId=2626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2346]
-
-testId=19010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2347]
-
-testId=10834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2348]
-
-testId=27234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2349]
-
-testId=6722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2350]
-
-testId=23106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2351]
-
-testId=14962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2352]
-
-testId=31346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2353]
-
-testId=1602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2354]
-
-testId=18034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2355]
-
-testId=9842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2356]
-
-testId=26194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2357]
-
-testId=5730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2358]
-
-testId=22130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2359]
-
-testId=13938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2360]
-
-testId=30274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2361]
-
-testId=3682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2362]
-
-testId=20034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2363]
-
-testId=11890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2364]
-
-testId=28274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2365]
-
-testId=7794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2366]
-
-testId=24178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2367]
-
-testId=15938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2368]
-
-testId=32370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2369]
-
-testId=338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2370]
-
-testId=16738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2371]
-
-testId=8546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2372]
-
-testId=24946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2373]
-
-testId=4434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2374]
-
-testId=20818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2375]
-
-testId=12642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2376]
-
-testId=29010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2377]
-
-testId=2402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2378]
-
-testId=18802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2379]
-
-testId=10610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2380]
-
-testId=26994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2381]
-
-testId=6482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2382]
-
-testId=22898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2383]
-
-testId=14658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2384]
-
-testId=31058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2385]
-
-testId=1362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2386]
-
-testId=17730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2387]
-
-testId=9538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2388]
-
-testId=25954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2389]
-
-testId=5490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2390]
-
-testId=21858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2391]
-
-testId=13634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2392]
-
-testId=30066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2393]
-
-testId=3410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2394]
-
-testId=19778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2395]
-
-testId=11634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2396]
-
-testId=28018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2397]
-
-testId=7538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2398]
-
-testId=23906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2399]
-
-testId=15698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2400]
-
-testId=32114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2401]
-
-testId=850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2402]
-
-testId=17234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2403]
-
-testId=9074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2404]
-
-testId=25458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2405]
-
-testId=4978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2406]
-
-testId=21362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2407]
-
-testId=13170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2408]
-
-testId=29522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2409]
-
-testId=2882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2410]
-
-testId=19298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2411]
-
-testId=11122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2412]
-
-testId=27474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2413]
-
-testId=6994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2414]
-
-testId=23362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2415]
-
-testId=15202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2416]
-
-testId=31570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2417]
-
-testId=1890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2418]
-
-testId=18258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2419]
-
-testId=10050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2420]
-
-testId=26434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2421]
-
-testId=5986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2422]
-
-testId=22386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2423]
-
-testId=14194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2424]
-
-testId=30562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2425]
-
-testId=3922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2426]
-
-testId=20322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2427]
-
-testId=12114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2428]
-
-testId=28482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2429]
-
-testId=8018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2430]
-
-testId=24386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2431]
-
-testId=16210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2432]
-
-testId=32626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2433]
-
-testId=226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2434]
-
-testId=16594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2435]
-
-testId=8434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2436]
-
-testId=24770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2437]
-
-testId=4306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2438]
-
-testId=20674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2439]
-
-testId=12498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2440]
-
-testId=28898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2441]
-
-testId=2258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2442]
-
-testId=18674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2443]
-
-testId=10450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2444]
-
-testId=26834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2445]
-
-testId=6386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2446]
-
-testId=22770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2447]
-
-testId=14546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2448]
-
-testId=30914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2449]
-
-testId=1250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2450]
-
-testId=17602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2451]
-
-testId=9442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2452]
-
-testId=25826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2453]
-
-testId=5330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2454]
-
-testId=21714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2455]
-
-testId=13522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2456]
-
-testId=29938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2457]
-
-testId=3282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2458]
-
-testId=19698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2459]
-
-testId=11506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2460]
-
-testId=27890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2461]
-
-testId=7378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2462]
-
-testId=23762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2463]
-
-testId=15570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2464]
-
-testId=31954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2465]
-
-testId=706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2466]
-
-testId=17106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2467]
-
-testId=8946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2468]
-
-testId=25330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2469]
-
-testId=4834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2470]
-
-testId=21186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2471]
-
-testId=13042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2472]
-
-testId=29426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2473]
-
-testId=2770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2474]
-
-testId=19154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2475]
-
-testId=10994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2476]
-
-testId=27346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2477]
-
-testId=6882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2478]
-
-testId=23266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2479]
-
-testId=15042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2480]
-
-testId=31458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2481]
-
-testId=1730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2482]
-
-testId=18162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2483]
-
-testId=9938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2484]
-
-testId=26354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2485]
-
-testId=5826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2486]
-
-testId=22226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2487]
-
-testId=14066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2488]
-
-testId=30434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2489]
-
-testId=3794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2490]
-
-testId=20162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2491]
-
-testId=11970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2492]
-
-testId=28354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2493]
-
-testId=7906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2494]
-
-testId=24306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2495]
-
-testId=16098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2496]
-
-testId=32498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2497]
-
-testId=450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2498]
-
-testId=16834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2499]
-
-testId=8642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2500]
-
-testId=25026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2501]
-
-testId=4546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2502]
-
-testId=20962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2503]
-
-testId=12754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2504]
-
-testId=29122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2505]
-
-testId=2498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2506]
-
-testId=18914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2507]
-
-testId=10738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2508]
-
-testId=27074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2509]
-
-testId=6626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2510]
-
-testId=22978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2511]
-
-testId=14802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2512]
-
-testId=31202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2513]
-
-testId=1522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2514]
-
-testId=17874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2515]
-
-testId=9682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2516]
-
-testId=26098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2517]
-
-testId=5570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2518]
-
-testId=21970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2519]
-
-testId=13794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2520]
-
-testId=30162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2521]
-
-testId=3538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2522]
-
-testId=19906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2523]
-
-testId=11762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2524]
-
-testId=28130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2525]
-
-testId=7666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2526]
-
-testId=24050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2527]
-
-testId=15826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2528]
-
-testId=32226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2529]
-
-testId=1010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2530]
-
-testId=17362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2531]
-
-testId=9154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2532]
-
-testId=25554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2533]
-
-testId=5106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2534]
-
-testId=21490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2535]
-
-testId=13282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2536]
-
-testId=29666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2537]
-
-testId=3026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2538]
-
-testId=19426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2539]
-
-testId=11202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2540]
-
-testId=27634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2541]
-
-testId=7106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2542]
-
-testId=23538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2543]
-
-testId=15298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2544]
-
-testId=31714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2545]
-
-testId=2034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2546]
-
-testId=18402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2547]
-
-testId=10194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2548]
-
-testId=26578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2549]
-
-testId=6114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2550]
-
-testId=22482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2551]
-
-testId=14274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2552]
-
-testId=30690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2553]
-
-testId=4034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2554]
-
-testId=20434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2555]
-
-testId=12258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2556]
-
-testId=28626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2557]
-
-testId=8178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2558]
-
-testId=24530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2559]
-
-testId=16370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2560]
-
-testId=32738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2561]
-
-testId=42
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2562]
-
-testId=16426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2563]
-
-testId=8234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2564]
-
-testId=24602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2565]
-
-testId=4106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2566]
-
-testId=20506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2567]
-
-testId=12298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2568]
-
-testId=28714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2569]
-
-testId=2058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2570]
-
-testId=18442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2571]
-
-testId=10282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2572]
-
-testId=26666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2573]
-
-testId=6186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2574]
-
-testId=22570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2575]
-
-testId=14362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2576]
-
-testId=30746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2577]
-
-testId=1050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2578]
-
-testId=17418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2579]
-
-testId=9274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2580]
-
-testId=25642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2581]
-
-testId=5146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2582]
-
-testId=21546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2583]
-
-testId=13370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2584]
-
-testId=29738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2585]
-
-testId=3098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2586]
-
-testId=19482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2587]
-
-testId=11306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2588]
-
-testId=27674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2589]
-
-testId=7226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2590]
-
-testId=23594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2591]
-
-testId=15402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2592]
-
-testId=31754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2593]
-
-testId=570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2594]
-
-testId=16906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2595]
-
-testId=8762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2596]
-
-testId=25130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2597]
-
-testId=4666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2598]
-
-testId=21002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2599]
-
-testId=12842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2600]
-
-testId=29226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2601]
-
-testId=2586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2602]
-
-testId=19002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2603]
-
-testId=10762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2604]
-
-testId=27178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2605]
-
-testId=6698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2606]
-
-testId=23082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2607]
-
-testId=14890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2608]
-
-testId=31258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2609]
-
-testId=1594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2610]
-
-testId=17946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2611]
-
-testId=9754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2612]
-
-testId=26170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2613]
-
-testId=5642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2614]
-
-testId=22058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2615]
-
-testId=13834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2616]
-
-testId=30250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2617]
-
-testId=3626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2618]
-
-testId=19994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2619]
-
-testId=11818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2620]
-
-testId=28186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2621]
-
-testId=7706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2622]
-
-testId=24122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2623]
-
-testId=15882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2624]
-
-testId=32266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2625]
-
-testId=282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2626]
-
-testId=16698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2627]
-
-testId=8490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2628]
-
-testId=24874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2629]
-
-testId=4362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2630]
-
-testId=20762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2631]
-
-testId=12586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2632]
-
-testId=28954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2633]
-
-testId=2330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2634]
-
-testId=18714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2635]
-
-testId=10538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2636]
-
-testId=26938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2637]
-
-testId=6426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2638]
-
-testId=22810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2639]
-
-testId=14602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2640]
-
-testId=30986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2641]
-
-testId=1338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2642]
-
-testId=17690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2643]
-
-testId=9530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2644]
-
-testId=25882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2645]
-
-testId=5418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2646]
-
-testId=21786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2647]
-
-testId=13610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2648]
-
-testId=29994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2649]
-
-testId=3386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2650]
-
-testId=19770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2651]
-
-testId=11562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2652]
-
-testId=27930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2653]
-
-testId=7482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2654]
-
-testId=23850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2655]
-
-testId=15642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2656]
-
-testId=32042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2657]
-
-testId=810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2658]
-
-testId=17178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2659]
-
-testId=9018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2660]
-
-testId=25386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2661]
-
-testId=4922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2662]
-
-testId=21274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2663]
-
-testId=13098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2664]
-
-testId=29498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2665]
-
-testId=2874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2666]
-
-testId=19258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2667]
-
-testId=11050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2668]
-
-testId=27450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2669]
-
-testId=6954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2670]
-
-testId=23354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2671]
-
-testId=15114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2672]
-
-testId=31546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2673]
-
-testId=1850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2674]
-
-testId=18186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2675]
-
-testId=10026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2676]
-
-testId=26410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2677]
-
-testId=5898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2678]
-
-testId=22330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2679]
-
-testId=14106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2680]
-
-testId=30490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2681]
-
-testId=3882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2682]
-
-testId=20282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2683]
-
-testId=12074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2684]
-
-testId=28458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2685]
-
-testId=7994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2686]
-
-testId=24362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2687]
-
-testId=16186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2688]
-
-testId=32538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2689]
-
-testId=170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2690]
-
-testId=16538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2691]
-
-testId=8346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2692]
-
-testId=24730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2693]
-
-testId=4234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2694]
-
-testId=20650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2695]
-
-testId=12474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2696]
-
-testId=28842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2697]
-
-testId=2218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2698]
-
-testId=18586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2699]
-
-testId=10410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2700]
-
-testId=26794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2701]
-
-testId=6282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2702]
-
-testId=22698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2703]
-
-testId=14490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2704]
-
-testId=30874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2705]
-
-testId=1178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2706]
-
-testId=17562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2707]
-
-testId=9386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2708]
-
-testId=25770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2709]
-
-testId=5274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2710]
-
-testId=21690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2711]
-
-testId=13498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2712]
-
-testId=29850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2713]
-
-testId=3242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2714]
-
-testId=19626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2715]
-
-testId=11402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2716]
-
-testId=27786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2717]
-
-testId=7354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2718]
-
-testId=23738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2719]
-
-testId=15498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2720]
-
-testId=31914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2721]
-
-testId=682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2722]
-
-testId=17066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2723]
-
-testId=8858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2724]
-
-testId=25274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2725]
-
-testId=4778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2726]
-
-testId=21130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2727]
-
-testId=12938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2728]
-
-testId=29322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2729]
-
-testId=2730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2730]
-
-testId=19082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2731]
-
-testId=10922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2732]
-
-testId=27274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2733]
-
-testId=6810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2734]
-
-testId=23210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2735]
-
-testId=15034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2736]
-
-testId=31418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2737]
-
-testId=1690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2738]
-
-testId=18106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2739]
-
-testId=9866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2740]
-
-testId=26282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2741]
-
-testId=5802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2742]
-
-testId=22170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2743]
-
-testId=13962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2744]
-
-testId=30378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2745]
-
-testId=3770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2746]
-
-testId=20122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2747]
-
-testId=11946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2748]
-
-testId=28298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2749]
-
-testId=7818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2750]
-
-testId=24250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2751]
-
-testId=16042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2752]
-
-testId=32442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2753]
-
-testId=426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2754]
-
-testId=16794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2755]
-
-testId=8618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2756]
-
-testId=25002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2757]
-
-testId=4490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2758]
-
-testId=20922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2759]
-
-testId=12730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2760]
-
-testId=29114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2761]
-
-testId=2490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2762]
-
-testId=18858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2763]
-
-testId=10650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2764]
-
-testId=27066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2765]
-
-testId=6554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2766]
-
-testId=22954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2767]
-
-testId=14778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2768]
-
-testId=31162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2769]
-
-testId=1418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2770]
-
-testId=17834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2771]
-
-testId=9658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2772]
-
-testId=26010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2773]
-
-testId=5546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2774]
-
-testId=21946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2775]
-
-testId=13706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2776]
-
-testId=30122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2777]
-
-testId=3498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2778]
-
-testId=19850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2779]
-
-testId=11706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2780]
-
-testId=28042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2781]
-
-testId=7562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2782]
-
-testId=23962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2783]
-
-testId=15770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2784]
-
-testId=32138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2785]
-
-testId=906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2786]
-
-testId=17290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2787]
-
-testId=9098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2788]
-
-testId=25514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2789]
-
-testId=5034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2790]
-
-testId=21402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2791]
-
-testId=13194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2792]
-
-testId=29578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2793]
-
-testId=2954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2794]
-
-testId=19386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2795]
-
-testId=11146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2796]
-
-testId=27578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2797]
-
-testId=7066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2798]
-
-testId=23450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2799]
-
-testId=15290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2800]
-
-testId=31658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2801]
-
-testId=1978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2802]
-
-testId=18346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2803]
-
-testId=10170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2804]
-
-testId=26506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2805]
-
-testId=6058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2806]
-
-testId=22458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2807]
-
-testId=14234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2808]
-
-testId=30618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2809]
-
-testId=3994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2810]
-
-testId=20394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2811]
-
-testId=12218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2812]
-
-testId=28586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2813]
-
-testId=8090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2814]
-
-testId=24506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2815]
-
-testId=16298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2816]
-
-testId=32650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2817]
-
-testId=122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2818]
-
-testId=16490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2819]
-
-testId=8314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2820]
-
-testId=24666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2821]
-
-testId=4218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2822]
-
-testId=20570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2823]
-
-testId=12410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2824]
-
-testId=28794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2825]
-
-testId=2170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2826]
-
-testId=18506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2827]
-
-testId=10346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2828]
-
-testId=26714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2829]
-
-testId=6250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2830]
-
-testId=22650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2831]
-
-testId=14410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2832]
-
-testId=30842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2833]
-
-testId=1130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2834]
-
-testId=17498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2835]
-
-testId=9290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2836]
-
-testId=25706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2837]
-
-testId=5210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2838]
-
-testId=21610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2839]
-
-testId=13434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2840]
-
-testId=29818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2841]
-
-testId=3146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2842]
-
-testId=19546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2843]
-
-testId=11338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2844]
-
-testId=27770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2845]
-
-testId=7274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2846]
-
-testId=23674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2847]
-
-testId=15466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2848]
-
-testId=31818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2849]
-
-testId=634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2850]
-
-testId=17018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2851]
-
-testId=8826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2852]
-
-testId=25210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2853]
-
-testId=4682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2854]
-
-testId=21114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2855]
-
-testId=12922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2856]
-
-testId=29258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2857]
-
-testId=2634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2858]
-
-testId=19050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2859]
-
-testId=10842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2860]
-
-testId=27226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2861]
-
-testId=6778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2862]
-
-testId=23162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2863]
-
-testId=14938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2864]
-
-testId=31306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2865]
-
-testId=1626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2866]
-
-testId=18026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2867]
-
-testId=9818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2868]
-
-testId=26234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2869]
-
-testId=5722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2870]
-
-testId=22090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2871]
-
-testId=13898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2872]
-
-testId=30298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2873]
-
-testId=3674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2874]
-
-testId=20042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2875]
-
-testId=11882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2876]
-
-testId=28282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2877]
-
-testId=7786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2878]
-
-testId=24170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2879]
-
-testId=15962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2880]
-
-testId=32346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2881]
-
-testId=378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2882]
-
-testId=16714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2883]
-
-testId=8570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2884]
-
-testId=24954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2885]
-
-testId=4426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2886]
-
-testId=20858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2887]
-
-testId=12666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2888]
-
-testId=29034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2889]
-
-testId=2410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2890]
-
-testId=18794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2891]
-
-testId=10602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2892]
-
-testId=27002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2893]
-
-testId=6522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2894]
-
-testId=22858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2895]
-
-testId=14714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2896]
-
-testId=31082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2897]
-
-testId=1354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2898]
-
-testId=17786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2899]
-
-testId=9546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2900]
-
-testId=25946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2901]
-
-testId=5466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2902]
-
-testId=21882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2903]
-
-testId=13658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2904]
-
-testId=30074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2905]
-
-testId=3434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2906]
-
-testId=19802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2907]
-
-testId=11642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2908]
-
-testId=28010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2909]
-
-testId=7530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2910]
-
-testId=23898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2911]
-
-testId=15706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2912]
-
-testId=32074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2913]
-
-testId=858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2914]
-
-testId=17258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2915]
-
-testId=9082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2916]
-
-testId=25466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2917]
-
-testId=4954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2918]
-
-testId=21338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2919]
-
-testId=13162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2920]
-
-testId=29546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2921]
-
-testId=2922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2922]
-
-testId=19322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2923]
-
-testId=11082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2924]
-
-testId=27514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2925]
-
-testId=7002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2926]
-
-testId=23370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2927]
-
-testId=15194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2928]
-
-testId=31594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2929]
-
-testId=1882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2930]
-
-testId=18266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2931]
-
-testId=10074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2932]
-
-testId=26474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2933]
-
-testId=5978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2934]
-
-testId=22362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2935]
-
-testId=14202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2936]
-
-testId=30586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2937]
-
-testId=3962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2938]
-
-testId=20330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2939]
-
-testId=12106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2940]
-
-testId=28506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2941]
-
-testId=8010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2942]
-
-testId=24426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2943]
-
-testId=16218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2944]
-
-testId=32634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2945]
-
-testId=234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2946]
-
-testId=16618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2947]
-
-testId=8442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2948]
-
-testId=24810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2949]
-
-testId=4346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2950]
-
-testId=20714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2951]
-
-testId=12538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2952]
-
-testId=28874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2953]
-
-testId=2298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2954]
-
-testId=18682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2955]
-
-testId=10442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2956]
-
-testId=26842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2957]
-
-testId=6394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2958]
-
-testId=22778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2959]
-
-testId=14554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2960]
-
-testId=30922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2961]
-
-testId=1226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2962]
-
-testId=17610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2963]
-
-testId=9466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2964]
-
-testId=25802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2965]
-
-testId=5370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2966]
-
-testId=21738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2967]
-
-testId=13562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2968]
-
-testId=29914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2969]
-
-testId=3274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2970]
-
-testId=19690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2971]
-
-testId=11514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2972]
-
-testId=27866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2973]
-
-testId=7386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2974]
-
-testId=23754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2975]
-
-testId=15578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2976]
-
-testId=31978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2977]
-
-testId=730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2978]
-
-testId=17114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2979]
-
-testId=8922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2980]
-
-testId=25290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2981]
-
-testId=4858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2982]
-
-testId=21226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2983]
-
-testId=13034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2984]
-
-testId=29418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2985]
-
-testId=2810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2986]
-
-testId=19194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2987]
-
-testId=10986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2988]
-
-testId=27370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2989]
-
-testId=6874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2990]
-
-testId=23242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2991]
-
-testId=15098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2992]
-
-testId=31466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2993]
-
-testId=1754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2994]
-
-testId=18122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2995]
-
-testId=9930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2996]
-
-testId=26346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2997]
-
-testId=5882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2998]
-
-testId=22234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-2999]
-
-testId=14074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3000]
-
-testId=30426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3001]
-
-testId=3818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3002]
-
-testId=20186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3003]
-
-testId=11978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3004]
-
-testId=28410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3005]
-
-testId=7914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3006]
-
-testId=24298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3007]
-
-testId=16106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3008]
-
-testId=32506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3009]
-
-testId=490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3010]
-
-testId=16874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3011]
-
-testId=8698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3012]
-
-testId=25050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3013]
-
-testId=4602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3014]
-
-testId=20970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3015]
-
-testId=12778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3016]
-
-testId=29146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3017]
-
-testId=2538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3018]
-
-testId=18890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3019]
-
-testId=10730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3020]
-
-testId=27098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3021]
-
-testId=6618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3022]
-
-testId=22986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3023]
-
-testId=14794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3024]
-
-testId=31210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3025]
-
-testId=1514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3026]
-
-testId=17866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3027]
-
-testId=9706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3028]
-
-testId=26106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3029]
-
-testId=5578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3030]
-
-testId=21994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3031]
-
-testId=13802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3032]
-
-testId=30170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3033]
-
-testId=3530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3034]
-
-testId=19914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3035]
-
-testId=11770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3036]
-
-testId=28154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3037]
-
-testId=7674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3038]
-
-testId=24058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3039]
-
-testId=15834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3040]
-
-testId=32218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3041]
-
-testId=1018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3042]
-
-testId=17354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3043]
-
-testId=9210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3044]
-
-testId=25562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3045]
-
-testId=5098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3046]
-
-testId=21450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3047]
-
-testId=13274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3048]
-
-testId=29690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3049]
-
-testId=3034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3050]
-
-testId=19434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3051]
-
-testId=11226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3052]
-
-testId=27610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3053]
-
-testId=7162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3054]
-
-testId=23530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3055]
-
-testId=15306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3056]
-
-testId=31722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3057]
-
-testId=2042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3058]
-
-testId=18426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3059]
-
-testId=10202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3060]
-
-testId=26586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3061]
-
-testId=6106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3062]
-
-testId=22474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3063]
-
-testId=14330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3064]
-
-testId=30666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3065]
-
-testId=4074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3066]
-
-testId=20474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3067]
-
-testId=12250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3068]
-
-testId=28650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3069]
-
-testId=8170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3070]
-
-testId=24522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3071]
-
-testId=16362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3072]
-
-testId=32746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3073]
-
-testId=6
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3074]
-
-testId=16390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3075]
-
-testId=8246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3076]
-
-testId=24598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3077]
-
-testId=4134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3078]
-
-testId=20518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3079]
-
-testId=12294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3080]
-
-testId=28694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3081]
-
-testId=2054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3082]
-
-testId=18470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3083]
-
-testId=10262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3084]
-
-testId=26646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3085]
-
-testId=6182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3086]
-
-testId=22566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3087]
-
-testId=14358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3088]
-
-testId=30774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3089]
-
-testId=1078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3090]
-
-testId=17462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3091]
-
-testId=9222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3092]
-
-testId=25654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3093]
-
-testId=5126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3094]
-
-testId=21510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3095]
-
-testId=13318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3096]
-
-testId=29750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3097]
-
-testId=3126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3098]
-
-testId=19510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3099]
-
-testId=11270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3100]
-
-testId=27654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3101]
-
-testId=7174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3102]
-
-testId=23558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3103]
-
-testId=15414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3104]
-
-testId=31798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3105]
-
-testId=566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3106]
-
-testId=16902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3107]
-
-testId=8742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3108]
-
-testId=25094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3109]
-
-testId=4646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3110]
-
-testId=21014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3111]
-
-testId=12806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3112]
-
-testId=29238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3113]
-
-testId=2614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3114]
-
-testId=18950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3115]
-
-testId=10806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3116]
-
-testId=27174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3117]
-
-testId=6694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3118]
-
-testId=23078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3119]
-
-testId=14886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3120]
-
-testId=31286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3121]
-
-testId=1574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3122]
-
-testId=17926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3123]
-
-testId=9782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3124]
-
-testId=26134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3125]
-
-testId=5686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3126]
-
-testId=22070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3127]
-
-testId=13862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3128]
-
-testId=30262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3129]
-
-testId=3590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3130]
-
-testId=19974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3131]
-
-testId=11798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3132]
-
-testId=28214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3133]
-
-testId=7718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3134]
-
-testId=24118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3135]
-
-testId=15894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3136]
-
-testId=32262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3137]
-
-testId=262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3138]
-
-testId=16646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3139]
-
-testId=8486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3140]
-
-testId=24870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3141]
-
-testId=4406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3142]
-
-testId=20790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3143]
-
-testId=12550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3144]
-
-testId=28950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3145]
-
-testId=2358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3146]
-
-testId=18710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3147]
-
-testId=10550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3148]
-
-testId=26886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3149]
-
-testId=6422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3150]
-
-testId=22806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3151]
-
-testId=14630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3152]
-
-testId=30982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3153]
-
-testId=1318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3154]
-
-testId=17670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3155]
-
-testId=9526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3156]
-
-testId=25862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3157]
-
-testId=5382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3158]
-
-testId=21782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3159]
-
-testId=13622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3160]
-
-testId=29974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3161]
-
-testId=3382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3162]
-
-testId=19750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3163]
-
-testId=11558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3164]
-
-testId=27942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3165]
-
-testId=7462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3166]
-
-testId=23862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3167]
-
-testId=15622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3168]
-
-testId=32054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3169]
-
-testId=774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3170]
-
-testId=17174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3171]
-
-testId=9014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3172]
-
-testId=25350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3173]
-
-testId=4918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3174]
-
-testId=21254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3175]
-
-testId=13094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3176]
-
-testId=29494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3177]
-
-testId=2838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3178]
-
-testId=19238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3179]
-
-testId=11014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3180]
-
-testId=27430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3181]
-
-testId=6934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3182]
-
-testId=23302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3183]
-
-testId=15142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3184]
-
-testId=31542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3185]
-
-testId=1830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3186]
-
-testId=18182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3187]
-
-testId=9990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3188]
-
-testId=26374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3189]
-
-testId=5894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3190]
-
-testId=22310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3191]
-
-testId=14102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3192]
-
-testId=30486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3193]
-
-testId=3846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3194]
-
-testId=20230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3195]
-
-testId=12070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3196]
-
-testId=28422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3197]
-
-testId=7942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3198]
-
-testId=24358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3199]
-
-testId=16166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3200]
-
-testId=32534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3201]
-
-testId=166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3202]
-
-testId=16518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3203]
-
-testId=8358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3204]
-
-testId=24726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3205]
-
-testId=4262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3206]
-
-testId=20662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3207]
-
-testId=12454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3208]
-
-testId=28806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3209]
-
-testId=2182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3210]
-
-testId=18582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3211]
-
-testId=10374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3212]
-
-testId=26774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3213]
-
-testId=6278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3214]
-
-testId=22678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3215]
-
-testId=14486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3216]
-
-testId=30886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3217]
-
-testId=1174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3218]
-
-testId=17558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3219]
-
-testId=9350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3220]
-
-testId=25782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3221]
-
-testId=5302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3222]
-
-testId=21638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3223]
-
-testId=13478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3224]
-
-testId=29878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3225]
-
-testId=3206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3226]
-
-testId=19638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3227]
-
-testId=11414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3228]
-
-testId=27782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3229]
-
-testId=7318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3230]
-
-testId=23734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3231]
-
-testId=15510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3232]
-
-testId=31894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3233]
-
-testId=678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3234]
-
-testId=17046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3235]
-
-testId=8838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3236]
-
-testId=25270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3237]
-
-testId=4790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3238]
-
-testId=21126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3239]
-
-testId=12950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3240]
-
-testId=29366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3241]
-
-testId=2694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3242]
-
-testId=19110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3243]
-
-testId=10886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3244]
-
-testId=27286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3245]
-
-testId=6790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3246]
-
-testId=23190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3247]
-
-testId=14982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3248]
-
-testId=31414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3249]
-
-testId=1718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3250]
-
-testId=18102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3251]
-
-testId=9894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3252]
-
-testId=26278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3253]
-
-testId=5798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3254]
-
-testId=22198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3255]
-
-testId=14006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3256]
-
-testId=30342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3257]
-
-testId=3750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3258]
-
-testId=20102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3259]
-
-testId=11926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3260]
-
-testId=28326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3261]
-
-testId=7846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3262]
-
-testId=24214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3263]
-
-testId=16054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3264]
-
-testId=32422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3265]
-
-testId=406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3266]
-
-testId=16790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3267]
-
-testId=8598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3268]
-
-testId=24998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3269]
-
-testId=4502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3270]
-
-testId=20870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3271]
-
-testId=12678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3272]
-
-testId=29078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3273]
-
-testId=2454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3274]
-
-testId=18822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3275]
-
-testId=10662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3276]
-
-testId=27030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3277]
-
-testId=6566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3278]
-
-testId=22950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3279]
-
-testId=14774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3280]
-
-testId=31142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3281]
-
-testId=1446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3282]
-
-testId=17830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3283]
-
-testId=9654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3284]
-
-testId=26022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3285]
-
-testId=5526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3286]
-
-testId=21910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3287]
-
-testId=13702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3288]
-
-testId=30118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3289]
-
-testId=3510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3290]
-
-testId=19846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3291]
-
-testId=11702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3292]
-
-testId=28054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3293]
-
-testId=7606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3294]
-
-testId=23974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3295]
-
-testId=15766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3296]
-
-testId=32182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3297]
-
-testId=902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3298]
-
-testId=17286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3299]
-
-testId=9110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3300]
-
-testId=25526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3301]
-
-testId=5030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3302]
-
-testId=21414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3303]
-
-testId=13206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3304]
-
-testId=29606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3305]
-
-testId=2998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3306]
-
-testId=19382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3307]
-
-testId=11174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3308]
-
-testId=27558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3309]
-
-testId=7094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3310]
-
-testId=23462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3311]
-
-testId=15270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3312]
-
-testId=31670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3313]
-
-testId=1942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3314]
-
-testId=18310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3315]
-
-testId=10118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3316]
-
-testId=26502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3317]
-
-testId=6054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3318]
-
-testId=22422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3319]
-
-testId=14214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3320]
-
-testId=30614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3321]
-
-testId=4022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3322]
-
-testId=20358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3323]
-
-testId=12182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3324]
-
-testId=28566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3325]
-
-testId=8102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3326]
-
-testId=24454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3327]
-
-testId=16310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3328]
-
-testId=32678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3329]
-
-testId=70
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3330]
-
-testId=16454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3331]
-
-testId=8294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3332]
-
-testId=24678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3333]
-
-testId=4166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3334]
-
-testId=20598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3335]
-
-testId=12358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3336]
-
-testId=28742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3337]
-
-testId=2166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3338]
-
-testId=18534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3339]
-
-testId=10326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3340]
-
-testId=26726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3341]
-
-testId=6246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3342]
-
-testId=22630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3343]
-
-testId=14438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3344]
-
-testId=30806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3345]
-
-testId=1110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3346]
-
-testId=17494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3347]
-
-testId=9318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3348]
-
-testId=25670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3349]
-
-testId=5206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3350]
-
-testId=21590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3351]
-
-testId=13398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3352]
-
-testId=29766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3353]
-
-testId=3142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3354]
-
-testId=19526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3355]
-
-testId=11334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3356]
-
-testId=27718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3357]
-
-testId=7238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3358]
-
-testId=23638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3359]
-
-testId=15478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3360]
-
-testId=31830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3361]
-
-testId=582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3362]
-
-testId=16998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3363]
-
-testId=8790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3364]
-
-testId=25190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3365]
-
-testId=4710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3366]
-
-testId=21078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3367]
-
-testId=12918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3368]
-
-testId=29254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3369]
-
-testId=2678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3370]
-
-testId=19062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3371]
-
-testId=10822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3372]
-
-testId=27238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3373]
-
-testId=6742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3374]
-
-testId=23110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3375]
-
-testId=14966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3376]
-
-testId=31302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3377]
-
-testId=1654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3378]
-
-testId=18038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3379]
-
-testId=9830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3380]
-
-testId=26230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3381]
-
-testId=5718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3382]
-
-testId=22086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3383]
-
-testId=13926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3384]
-
-testId=30294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3385]
-
-testId=3702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3386]
-
-testId=20038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3387]
-
-testId=11894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3388]
-
-testId=28278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3389]
-
-testId=7798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3390]
-
-testId=24166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3391]
-
-testId=15974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3392]
-
-testId=32358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3393]
-
-testId=342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3394]
-
-testId=16710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3395]
-
-testId=8550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3396]
-
-testId=24934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3397]
-
-testId=4470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3398]
-
-testId=20822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3399]
-
-testId=12662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3400]
-
-testId=28998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3401]
-
-testId=2390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3402]
-
-testId=18790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3403]
-
-testId=10598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3404]
-
-testId=26966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3405]
-
-testId=6518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3406]
-
-testId=22854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3407]
-
-testId=14662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3408]
-
-testId=31094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3409]
-
-testId=1366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3410]
-
-testId=17766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3411]
-
-testId=9542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3412]
-
-testId=25926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3413]
-
-testId=5494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3414]
-
-testId=21878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3415]
-
-testId=13670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3416]
-
-testId=30022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3417]
-
-testId=3414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3418]
-
-testId=19830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3419]
-
-testId=11622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3420]
-
-testId=27974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3421]
-
-testId=7510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3422]
-
-testId=23878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3423]
-
-testId=15702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3424]
-
-testId=32118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3425]
-
-testId=854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3426]
-
-testId=17254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3427]
-
-testId=9030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3428]
-
-testId=25414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3429]
-
-testId=4950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3430]
-
-testId=21334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3431]
-
-testId=13142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3432]
-
-testId=29526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3433]
-
-testId=2934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3434]
-
-testId=19302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3435]
-
-testId=11094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3436]
-
-testId=27478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3437]
-
-testId=7014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3438]
-
-testId=23382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3439]
-
-testId=15190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3440]
-
-testId=31558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3441]
-
-testId=1910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3442]
-
-testId=18294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3443]
-
-testId=10102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3444]
-
-testId=26470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3445]
-
-testId=5958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3446]
-
-testId=22342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3447]
-
-testId=14166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3448]
-
-testId=30566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3449]
-
-testId=3926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3450]
-
-testId=20310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3451]
-
-testId=12150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3452]
-
-testId=28518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3453]
-
-testId=8022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3454]
-
-testId=24422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3455]
-
-testId=16198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3456]
-
-testId=32630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3457]
-
-testId=246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3458]
-
-testId=16598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3459]
-
-testId=8406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3460]
-
-testId=24806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3461]
-
-testId=4326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3462]
-
-testId=20694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3463]
-
-testId=12486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3464]
-
-testId=28870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3465]
-
-testId=2294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3466]
-
-testId=18662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3467]
-
-testId=10486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3468]
-
-testId=26822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3469]
-
-testId=6374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3470]
-
-testId=22726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3471]
-
-testId=14550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3472]
-
-testId=30934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3473]
-
-testId=1238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3474]
-
-testId=17606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3475]
-
-testId=9462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3476]
-
-testId=25830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3477]
-
-testId=5334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3478]
-
-testId=21718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3479]
-
-testId=13510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3480]
-
-testId=29910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3481]
-
-testId=3318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3482]
-
-testId=19670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3483]
-
-testId=11510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3484]
-
-testId=27846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3485]
-
-testId=7366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3486]
-
-testId=23782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3487]
-
-testId=15574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3488]
-
-testId=31990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3489]
-
-testId=726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3490]
-
-testId=17142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3491]
-
-testId=8934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3492]
-
-testId=25318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3493]
-
-testId=4838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3494]
-
-testId=21238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3495]
-
-testId=12998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3496]
-
-testId=29414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3497]
-
-testId=2806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3498]
-
-testId=19174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3499]
-
-testId=10966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3500]
-
-testId=27366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3501]
-
-testId=6854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3502]
-
-testId=23254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3503]
-
-testId=15062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3504]
-
-testId=31462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3505]
-
-testId=1750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3506]
-
-testId=18118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3507]
-
-testId=9974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3508]
-
-testId=26326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3509]
-
-testId=5830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3510]
-
-testId=22230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3511]
-
-testId=14038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3512]
-
-testId=30438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3513]
-
-testId=3782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3514]
-
-testId=20198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3515]
-
-testId=11974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3516]
-
-testId=28358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3517]
-
-testId=7894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3518]
-
-testId=24262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3519]
-
-testId=16118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3520]
-
-testId=32470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3521]
-
-testId=486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3522]
-
-testId=16854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3523]
-
-testId=8694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3524]
-
-testId=25030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3525]
-
-testId=4566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3526]
-
-testId=20950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3527]
-
-testId=12774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3528]
-
-testId=29126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3529]
-
-testId=2534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3530]
-
-testId=18918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3531]
-
-testId=10742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3532]
-
-testId=27110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3533]
-
-testId=6630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3534]
-
-testId=22998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3535]
-
-testId=14838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3536]
-
-testId=31190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3537]
-
-testId=1478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3538]
-
-testId=17894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3539]
-
-testId=9686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3540]
-
-testId=26086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3541]
-
-testId=5590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3542]
-
-testId=21974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3543]
-
-testId=13766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3544]
-
-testId=30182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3545]
-
-testId=3574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3546]
-
-testId=19910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3547]
-
-testId=11734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3548]
-
-testId=28118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3549]
-
-testId=7622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3550]
-
-testId=24022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3551]
-
-testId=15814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3552]
-
-testId=32230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3553]
-
-testId=982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3554]
-
-testId=17350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3555]
-
-testId=9190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3556]
-
-testId=25590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3557]
-
-testId=5078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3558]
-
-testId=21462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3559]
-
-testId=13286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3560]
-
-testId=29670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3561]
-
-testId=3030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3562]
-
-testId=19398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3563]
-
-testId=11222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3564]
-
-testId=27606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3565]
-
-testId=7126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3566]
-
-testId=23542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3567]
-
-testId=15302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3568]
-
-testId=31718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3569]
-
-testId=2038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3570]
-
-testId=18422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3571]
-
-testId=10214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3572]
-
-testId=26614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3573]
-
-testId=6102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3574]
-
-testId=22486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3575]
-
-testId=14326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3576]
-
-testId=30710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3577]
-
-testId=4086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3578]
-
-testId=20422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3579]
-
-testId=12278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3580]
-
-testId=28662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3581]
-
-testId=8166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3582]
-
-testId=24550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3583]
-
-testId=16374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3584]
-
-testId=32742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3585]
-
-testId=14
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3586]
-
-testId=16398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3587]
-
-testId=8238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3588]
-
-testId=24622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3589]
-
-testId=4158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3590]
-
-testId=20494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3591]
-
-testId=12302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3592]
-
-testId=28702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3593]
-
-testId=2110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3594]
-
-testId=18446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3595]
-
-testId=10286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3596]
-
-testId=26654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3597]
-
-testId=6206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3598]
-
-testId=22542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3599]
-
-testId=14398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3600]
-
-testId=30766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3601]
-
-testId=1054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3602]
-
-testId=17438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3603]
-
-testId=9262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3604]
-
-testId=25614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3605]
-
-testId=5182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3606]
-
-testId=21550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3607]
-
-testId=13358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3608]
-
-testId=29710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3609]
-
-testId=3118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3610]
-
-testId=19470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3611]
-
-testId=11294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3612]
-
-testId=27710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3613]
-
-testId=7198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3614]
-
-testId=23582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3615]
-
-testId=15374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3616]
-
-testId=31758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3617]
-
-testId=542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3618]
-
-testId=16926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3619]
-
-testId=8766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3620]
-
-testId=25150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3621]
-
-testId=4622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3622]
-
-testId=21006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3623]
-
-testId=12862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3624]
-
-testId=29230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3625]
-
-testId=2574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3626]
-
-testId=18990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3627]
-
-testId=10782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3628]
-
-testId=27166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3629]
-
-testId=6718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3630]
-
-testId=23070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3631]
-
-testId=14878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3632]
-
-testId=31246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3633]
-
-testId=1598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3634]
-
-testId=17966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3635]
-
-testId=9742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3636]
-
-testId=26126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3637]
-
-testId=5646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3638]
-
-testId=22078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3639]
-
-testId=13886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3640]
-
-testId=30254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3641]
-
-testId=3630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3642]
-
-testId=20030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3643]
-
-testId=11838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3644]
-
-testId=28222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3645]
-
-testId=7710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3646]
-
-testId=24078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3647]
-
-testId=15902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3648]
-
-testId=32270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3649]
-
-testId=302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3650]
-
-testId=16654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3651]
-
-testId=8462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3652]
-
-testId=24862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3653]
-
-testId=4366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3654]
-
-testId=20798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3655]
-
-testId=12606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3656]
-
-testId=28990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3657]
-
-testId=2334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3658]
-
-testId=18750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3659]
-
-testId=10542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3660]
-
-testId=26894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3661]
-
-testId=6430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3662]
-
-testId=22830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3663]
-
-testId=14654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3664]
-
-testId=30990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3665]
-
-testId=1342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3666]
-
-testId=17726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3667]
-
-testId=9518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3668]
-
-testId=25870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3669]
-
-testId=5406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3670]
-
-testId=21822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3671]
-
-testId=13598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3672]
-
-testId=29998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3673]
-
-testId=3342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3674]
-
-testId=19742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3675]
-
-testId=11566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3676]
-
-testId=27934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3677]
-
-testId=7454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3678]
-
-testId=23838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3679]
-
-testId=15678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3680]
-
-testId=32030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3681]
-
-testId=782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3682]
-
-testId=17166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3683]
-
-testId=9022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3684]
-
-testId=25374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3685]
-
-testId=4910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3686]
-
-testId=21310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3687]
-
-testId=13070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3688]
-
-testId=29454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3689]
-
-testId=2862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3690]
-
-testId=19262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3691]
-
-testId=11038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3692]
-
-testId=27406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3693]
-
-testId=6974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3694]
-
-testId=23358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3695]
-
-testId=15166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3696]
-
-testId=31502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3697]
-
-testId=1806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3698]
-
-testId=18222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3699]
-
-testId=10030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3700]
-
-testId=26430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3701]
-
-testId=5950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3702]
-
-testId=22318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3703]
-
-testId=14142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3704]
-
-testId=30526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3705]
-
-testId=3854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3706]
-
-testId=20286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3707]
-
-testId=12046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3708]
-
-testId=28446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3709]
-
-testId=7998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3710]
-
-testId=24382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3711]
-
-testId=16190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3712]
-
-testId=32558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3713]
-
-testId=174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3714]
-
-testId=16542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3715]
-
-testId=8382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3716]
-
-testId=24718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3717]
-
-testId=4238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3718]
-
-testId=20670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3719]
-
-testId=12430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3720]
-
-testId=28814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3721]
-
-testId=2190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3722]
-
-testId=18574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3723]
-
-testId=10414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3724]
-
-testId=26814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3725]
-
-testId=6318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3726]
-
-testId=22718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3727]
-
-testId=14478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3728]
-
-testId=30862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3729]
-
-testId=1214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3730]
-
-testId=17550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3731]
-
-testId=9358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3732]
-
-testId=25790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3733]
-
-testId=5294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3734]
-
-testId=21694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3735]
-
-testId=13502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3736]
-
-testId=29838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3737]
-
-testId=3262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3738]
-
-testId=19614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3739]
-
-testId=11422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3740]
-
-testId=27790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3741]
-
-testId=7358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3742]
-
-testId=23694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3743]
-
-testId=15502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3744]
-
-testId=31934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3745]
-
-testId=654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3746]
-
-testId=17038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3747]
-
-testId=8862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3748]
-
-testId=25230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3749]
-
-testId=4766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3750]
-
-testId=21182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3751]
-
-testId=12942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3752]
-
-testId=29374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3753]
-
-testId=2734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3754]
-
-testId=19134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3755]
-
-testId=10894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3756]
-
-testId=27278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3757]
-
-testId=6846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3758]
-
-testId=23198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3759]
-
-testId=15006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3760]
-
-testId=31406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3761]
-
-testId=1694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3762]
-
-testId=18110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3763]
-
-testId=9902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3764]
-
-testId=26302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3765]
-
-testId=5790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3766]
-
-testId=22174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3767]
-
-testId=13982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3768]
-
-testId=30366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3769]
-
-testId=3726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3770]
-
-testId=20110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3771]
-
-testId=11950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3772]
-
-testId=28318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3773]
-
-testId=7870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3774]
-
-testId=24254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3775]
-
-testId=16014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3776]
-
-testId=32446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3777]
-
-testId=430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3778]
-
-testId=16798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3779]
-
-testId=8638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3780]
-
-testId=25006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3781]
-
-testId=4526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3782]
-
-testId=20894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3783]
-
-testId=12734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3784]
-
-testId=29102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3785]
-
-testId=2462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3786]
-
-testId=18830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3787]
-
-testId=10654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3788]
-
-testId=27038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3789]
-
-testId=6590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3790]
-
-testId=22926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3791]
-
-testId=14782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3792]
-
-testId=31118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3793]
-
-testId=1454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3794]
-
-testId=17838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3795]
-
-testId=9614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3796]
-
-testId=26046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3797]
-
-testId=5550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3798]
-
-testId=21902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3799]
-
-testId=13742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3800]
-
-testId=30110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3801]
-
-testId=3486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3802]
-
-testId=19854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3803]
-
-testId=11662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3804]
-
-testId=28094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3805]
-
-testId=7598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3806]
-
-testId=23950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3807]
-
-testId=15774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3808]
-
-testId=32174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3809]
-
-testId=926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3810]
-
-testId=17326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3811]
-
-testId=9134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3812]
-
-testId=25486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3813]
-
-testId=5054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3814]
-
-testId=21406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3815]
-
-testId=13246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3816]
-
-testId=29630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3817]
-
-testId=2974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3818]
-
-testId=19390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3819]
-
-testId=11182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3820]
-
-testId=27582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3821]
-
-testId=7086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3822]
-
-testId=23470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3823]
-
-testId=15294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3824]
-
-testId=31630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3825]
-
-testId=1950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3826]
-
-testId=18366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3827]
-
-testId=10126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3828]
-
-testId=26542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3829]
-
-testId=6078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3830]
-
-testId=22446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3831]
-
-testId=14238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3832]
-
-testId=30638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3833]
-
-testId=4030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3834]
-
-testId=20414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3835]
-
-testId=12174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3836]
-
-testId=28606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3837]
-
-testId=8126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3838]
-
-testId=24494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3839]
-
-testId=16318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3840]
-
-testId=32686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3841]
-
-testId=126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3842]
-
-testId=16510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3843]
-
-testId=8270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3844]
-
-testId=24702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3845]
-
-testId=4174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3846]
-
-testId=20558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3847]
-
-testId=12366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3848]
-
-testId=28798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3849]
-
-testId=2142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3850]
-
-testId=18526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3851]
-
-testId=10366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3852]
-
-testId=26718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3853]
-
-testId=6254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3854]
-
-testId=22638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3855]
-
-testId=14462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3856]
-
-testId=30798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3857]
-
-testId=1134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3858]
-
-testId=17534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3859]
-
-testId=9310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3860]
-
-testId=25710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3861]
-
-testId=5230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3862]
-
-testId=21630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3863]
-
-testId=13406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3864]
-
-testId=29806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3865]
-
-testId=3166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3866]
-
-testId=19582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3867]
-
-testId=11390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3868]
-
-testId=27758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3869]
-
-testId=7278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3870]
-
-testId=23646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3871]
-
-testId=15454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3872]
-
-testId=31870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3873]
-
-testId=606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3874]
-
-testId=17022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3875]
-
-testId=8814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3876]
-
-testId=25214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3877]
-
-testId=4734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3878]
-
-testId=21070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3879]
-
-testId=12894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3880]
-
-testId=29262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3881]
-
-testId=2638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3882]
-
-testId=19070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3883]
-
-testId=10862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3884]
-
-testId=27230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3885]
-
-testId=6750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3886]
-
-testId=23118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3887]
-
-testId=14958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3888]
-
-testId=31326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3889]
-
-testId=1630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3890]
-
-testId=17998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3891]
-
-testId=9838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3892]
-
-testId=26222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3893]
-
-testId=5726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3894]
-
-testId=22142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3895]
-
-testId=13902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3896]
-
-testId=30318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3897]
-
-testId=3678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3898]
-
-testId=20062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3899]
-
-testId=11870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3900]
-
-testId=28254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3901]
-
-testId=7790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3902]
-
-testId=24158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3903]
-
-testId=15982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3904]
-
-testId=32366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3905]
-
-testId=350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3906]
-
-testId=16718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3907]
-
-testId=8558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3908]
-
-testId=24958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3909]
-
-testId=4430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3910]
-
-testId=20830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3911]
-
-testId=12654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3912]
-
-testId=29006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3913]
-
-testId=2382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3914]
-
-testId=18814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3915]
-
-testId=10622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3916]
-
-testId=26990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3917]
-
-testId=6494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3918]
-
-testId=22894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3919]
-
-testId=14686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3920]
-
-testId=31102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3921]
-
-testId=1358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3922]
-
-testId=17790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3923]
-
-testId=9566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3924]
-
-testId=25934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3925]
-
-testId=5454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3926]
-
-testId=21886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3927]
-
-testId=13694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3928]
-
-testId=30062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3929]
-
-testId=3406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3930]
-
-testId=19838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3931]
-
-testId=11646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3932]
-
-testId=27998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3933]
-
-testId=7534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3934]
-
-testId=23886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3935]
-
-testId=15742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3936]
-
-testId=32094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3937]
-
-testId=862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3938]
-
-testId=17262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3939]
-
-testId=9086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3940]
-
-testId=25422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3941]
-
-testId=4958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3942]
-
-testId=21358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3943]
-
-testId=13134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3944]
-
-testId=29550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3945]
-
-testId=2910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3946]
-
-testId=19294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3947]
-
-testId=11118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3948]
-
-testId=27518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3949]
-
-testId=6990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3950]
-
-testId=23390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3951]
-
-testId=15182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3952]
-
-testId=31566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3953]
-
-testId=1902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3954]
-
-testId=18270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3955]
-
-testId=10078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3956]
-
-testId=26478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3957]
-
-testId=5982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3958]
-
-testId=22366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3959]
-
-testId=14206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3960]
-
-testId=30590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3961]
-
-testId=3934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3962]
-
-testId=20350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3963]
-
-testId=12158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3964]
-
-testId=28542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3965]
-
-testId=8062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3966]
-
-testId=24414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3967]
-
-testId=16222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3968]
-
-testId=32622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3969]
-
-testId=222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3970]
-
-testId=16622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3971]
-
-testId=8430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3972]
-
-testId=24782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3973]
-
-testId=4318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3974]
-
-testId=20718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3975]
-
-testId=12526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3976]
-
-testId=28878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3977]
-
-testId=2302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3978]
-
-testId=18654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3979]
-
-testId=10494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3980]
-
-testId=26846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3981]
-
-testId=6382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3982]
-
-testId=22750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3983]
-
-testId=14542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3984]
-
-testId=30926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3985]
-
-testId=1278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3986]
-
-testId=17662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3987]
-
-testId=9454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3988]
-
-testId=25854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3989]
-
-testId=5374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3990]
-
-testId=21726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3991]
-
-testId=13518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3992]
-
-testId=29902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3993]
-
-testId=3294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3994]
-
-testId=19662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3995]
-
-testId=11502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3996]
-
-testId=27870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3997]
-
-testId=7390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3998]
-
-testId=23790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-3999]
-
-testId=15582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4000]
-
-testId=31966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4001]
-
-testId=750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4002]
-
-testId=17150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4003]
-
-testId=8910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4004]
-
-testId=25310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4005]
-
-testId=4830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4006]
-
-testId=21230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4007]
-
-testId=13022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4008]
-
-testId=29390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4009]
-
-testId=2766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4010]
-
-testId=19166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4011]
-
-testId=10974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4012]
-
-testId=27390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4013]
-
-testId=6878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4014]
-
-testId=23246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4015]
-
-testId=15054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4016]
-
-testId=31438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4017]
-
-testId=1758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4018]
-
-testId=18174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4019]
-
-testId=9982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4020]
-
-testId=26366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4021]
-
-testId=5870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4022]
-
-testId=22222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4023]
-
-testId=14078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4024]
-
-testId=30446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4025]
-
-testId=3822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4026]
-
-testId=20206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4027]
-
-testId=12014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4028]
-
-testId=28366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4029]
-
-testId=7918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4030]
-
-testId=24270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4031]
-
-testId=16126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4032]
-
-testId=32510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4033]
-
-testId=462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4034]
-
-testId=16846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4035]
-
-testId=8654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4036]
-
-testId=25054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4037]
-
-testId=4574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4038]
-
-testId=20974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4039]
-
-testId=12766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4040]
-
-testId=29166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4041]
-
-testId=2558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4042]
-
-testId=18926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4043]
-
-testId=10702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4044]
-
-testId=27086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4045]
-
-testId=6606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4046]
-
-testId=23038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4047]
-
-testId=14846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4048]
-
-testId=31182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4049]
-
-testId=1534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4050]
-
-testId=17902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4051]
-
-testId=9726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4052]
-
-testId=26094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4053]
-
-testId=5614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4054]
-
-testId=21998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4055]
-
-testId=13774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4056]
-
-testId=30206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4057]
-
-testId=3550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4058]
-
-testId=19934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4059]
-
-testId=11726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4060]
-
-testId=28110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4061]
-
-testId=7646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4062]
-
-testId=24014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4063]
-
-testId=15870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4064]
-
-testId=32222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4065]
-
-testId=974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4066]
-
-testId=17358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4067]
-
-testId=9198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4068]
-
-testId=25550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4069]
-
-testId=5118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4070]
-
-testId=21502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4071]
-
-testId=13310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4072]
-
-testId=29662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4073]
-
-testId=3054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4074]
-
-testId=19438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4075]
-
-testId=11262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4076]
-
-testId=27598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4077]
-
-testId=7134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4078]
-
-testId=23502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4079]
-
-testId=15310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4080]
-
-testId=31726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4081]
-
-testId=2014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4082]
-
-testId=18430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4083]
-
-testId=10222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4084]
-
-testId=26574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4085]
-
-testId=6110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4086]
-
-testId=22526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4087]
-
-testId=14286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4088]
-
-testId=30670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4089]
-
-testId=4094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4090]
-
-testId=20446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4091]
-
-testId=12270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4092]
-
-testId=28670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4093]
-
-testId=8190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4094]
-
-testId=24526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4095]
-
-testId=16350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4096]
-
-testId=32718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4097]
-
-testId=33
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4098]
-
-testId=16433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4099]
-
-testId=8193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4100]
-
-testId=24609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4101]
-
-testId=4113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4102]
-
-testId=20513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4103]
-
-testId=12321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4104]
-
-testId=28673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4105]
-
-testId=2049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4106]
-
-testId=18449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4107]
-
-testId=10289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4108]
-
-testId=26625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4109]
-
-testId=6145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4110]
-
-testId=22529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4111]
-
-testId=14353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4112]
-
-testId=30753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4113]
-
-testId=1073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4114]
-
-testId=17441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4115]
-
-testId=9233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4116]
-
-testId=25601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4117]
-
-testId=5169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4118]
-
-testId=21537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4119]
-
-testId=13313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4120]
-
-testId=29745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4121]
-
-testId=3121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4122]
-
-testId=19473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4123]
-
-testId=11281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4124]
-
-testId=27649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4125]
-
-testId=7169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4126]
-
-testId=23553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4127]
-
-testId=15409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4128]
-
-testId=31793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4129]
-
-testId=513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4130]
-
-testId=16897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4131]
-
-testId=8705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4132]
-
-testId=25105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4133]
-
-testId=4609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4134]
-
-testId=21041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4135]
-
-testId=12833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4136]
-
-testId=29185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4137]
-
-testId=2561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4138]
-
-testId=18961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4139]
-
-testId=10785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4140]
-
-testId=27169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4141]
-
-testId=6657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4142]
-
-testId=23089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4143]
-
-testId=14881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4144]
-
-testId=31249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4145]
-
-testId=1569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4146]
-
-testId=17921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4147]
-
-testId=9745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4148]
-
-testId=26145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4149]
-
-testId=5681
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4150]
-
-testId=22017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4151]
-
-testId=13841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4152]
-
-testId=30209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4153]
-
-testId=3585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4154]
-
-testId=19969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4155]
-
-testId=11825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4156]
-
-testId=28193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4157]
-
-testId=7713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4158]
-
-testId=24113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4159]
-
-testId=15921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4160]
-
-testId=32257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4161]
-
-testId=289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4162]
-
-testId=16689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4163]
-
-testId=8481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4164]
-
-testId=24865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4165]
-
-testId=4401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4166]
-
-testId=20753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4167]
-
-testId=12561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4168]
-
-testId=28945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4169]
-
-testId=2321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4170]
-
-testId=18705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4171]
-
-testId=10513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4172]
-
-testId=26929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4173]
-
-testId=6449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4174]
-
-testId=22785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4175]
-
-testId=14609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4176]
-
-testId=30993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4177]
-
-testId=1329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4178]
-
-testId=17713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4179]
-
-testId=9489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4180]
-
-testId=25905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4181]
-
-testId=5425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4182]
-
-testId=21777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4183]
-
-testId=13617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4184]
-
-testId=29985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4185]
-
-testId=3329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4186]
-
-testId=19745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4187]
-
-testId=11553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4188]
-
-testId=27937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4189]
-
-testId=7425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4190]
-
-testId=23841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4191]
-
-testId=15617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4192]
-
-testId=32001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4193]
-
-testId=785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4194]
-
-testId=17201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4195]
-
-testId=8993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4196]
-
-testId=25345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4197]
-
-testId=4881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4198]
-
-testId=21297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4199]
-
-testId=13073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4200]
-
-testId=29473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4201]
-
-testId=2849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4202]
-
-testId=19249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4203]
-
-testId=11009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4204]
-
-testId=27425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4205]
-
-testId=6945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4206]
-
-testId=23313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4207]
-
-testId=15105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4208]
-
-testId=31489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4209]
-
-testId=1793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4210]
-
-testId=18177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4211]
-
-testId=10017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4212]
-
-testId=26401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4213]
-
-testId=5905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4214]
-
-testId=22273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4215]
-
-testId=14129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4216]
-
-testId=30497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4217]
-
-testId=3857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4218]
-
-testId=20241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4219]
-
-testId=12065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4220]
-
-testId=28417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4221]
-
-testId=7937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4222]
-
-testId=24337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4223]
-
-testId=16177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4224]
-
-testId=32545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4225]
-
-testId=177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4226]
-
-testId=16545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4227]
-
-testId=8337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4228]
-
-testId=24705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4229]
-
-testId=4225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4230]
-
-testId=20609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4231]
-
-testId=12449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4232]
-
-testId=28817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4233]
-
-testId=2209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4234]
-
-testId=18577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4235]
-
-testId=10401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4236]
-
-testId=26753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4237]
-
-testId=6321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4238]
-
-testId=22689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4239]
-
-testId=14497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4240]
-
-testId=30897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4241]
-
-testId=1153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4242]
-
-testId=17569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4243]
-
-testId=9377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4244]
-
-testId=25729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4245]
-
-testId=5265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4246]
-
-testId=21633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4247]
-
-testId=13441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4248]
-
-testId=29841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4249]
-
-testId=3233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4250]
-
-testId=19633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4251]
-
-testId=11441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4252]
-
-testId=27825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4253]
-
-testId=7297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4254]
-
-testId=23729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4255]
-
-testId=15537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4256]
-
-testId=31889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4257]
-
-testId=657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4258]
-
-testId=17041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4259]
-
-testId=8881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4260]
-
-testId=25249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4261]
-
-testId=4785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4262]
-
-testId=21153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4263]
-
-testId=12945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4264]
-
-testId=29313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4265]
-
-testId=2689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4266]
-
-testId=19089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4267]
-
-testId=10881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4268]
-
-testId=27313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4269]
-
-testId=6817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4270]
-
-testId=23201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4271]
-
-testId=15025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4272]
-
-testId=31377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4273]
-
-testId=1665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4274]
-
-testId=18065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4275]
-
-testId=9905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4276]
-
-testId=26241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4277]
-
-testId=5761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4278]
-
-testId=22145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4279]
-
-testId=13985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4280]
-
-testId=30337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4281]
-
-testId=3713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4282]
-
-testId=20097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4283]
-
-testId=11905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4284]
-
-testId=28289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4285]
-
-testId=7809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4286]
-
-testId=24193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4287]
-
-testId=16049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4288]
-
-testId=32401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4289]
-
-testId=417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4290]
-
-testId=16769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4291]
-
-testId=8593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4292]
-
-testId=25009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4293]
-
-testId=4481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4294]
-
-testId=20897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4295]
-
-testId=12721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4296]
-
-testId=29073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4297]
-
-testId=2449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4298]
-
-testId=18849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4299]
-
-testId=10641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4300]
-
-testId=27057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4301]
-
-testId=6545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4302]
-
-testId=22961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4303]
-
-testId=14721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4304]
-
-testId=31137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4305]
-
-testId=1441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4306]
-
-testId=17841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4307]
-
-testId=9617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4308]
-
-testId=26001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4309]
-
-testId=5505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4310]
-
-testId=21889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4311]
-
-testId=13697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4312]
-
-testId=30113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4313]
-
-testId=3473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4314]
-
-testId=19889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4315]
-
-testId=11665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4316]
-
-testId=28033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4317]
-
-testId=7553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4318]
-
-testId=23985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4319]
-
-testId=15761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4320]
-
-testId=32177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4321]
-
-testId=913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4322]
-
-testId=17329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4323]
-
-testId=9105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4324]
-
-testId=25489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4325]
-
-testId=5009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4326]
-
-testId=21377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4327]
-
-testId=13185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4328]
-
-testId=29617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4329]
-
-testId=2993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4330]
-
-testId=19329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4331]
-
-testId=11169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4332]
-
-testId=27553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4333]
-
-testId=7041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4334]
-
-testId=23457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4335]
-
-testId=15233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4336]
-
-testId=31633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4337]
-
-testId=1969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4338]
-
-testId=18305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4339]
-
-testId=10129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4340]
-
-testId=26513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4341]
-
-testId=6065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4342]
-
-testId=22433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4343]
-
-testId=14209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4344]
-
-testId=30625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4345]
-
-testId=4001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4346]
-
-testId=20385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4347]
-
-testId=12161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4348]
-
-testId=28593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4349]
-
-testId=8113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4350]
-
-testId=24465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4351]
-
-testId=16257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4352]
-
-testId=32641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4353]
-
-testId=113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4354]
-
-testId=16481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4355]
-
-testId=8289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4356]
-
-testId=24673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4357]
-
-testId=4177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4358]
-
-testId=20577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4359]
-
-testId=12385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4360]
-
-testId=28753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4361]
-
-testId=2129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4362]
-
-testId=18529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4363]
-
-testId=10353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4364]
-
-testId=26737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4365]
-
-testId=6225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4366]
-
-testId=22641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4367]
-
-testId=14401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4368]
-
-testId=30833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4369]
-
-testId=1137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4370]
-
-testId=17521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4371]
-
-testId=9329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4372]
-
-testId=25713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4373]
-
-testId=5201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4374]
-
-testId=21617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4375]
-
-testId=13409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4376]
-
-testId=29761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4377]
-
-testId=3137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4378]
-
-testId=19537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4379]
-
-testId=11361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4380]
-
-testId=27729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4381]
-
-testId=7249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4382]
-
-testId=23665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4383]
-
-testId=15457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4384]
-
-testId=31809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4385]
-
-testId=609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4386]
-
-testId=17009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4387]
-
-testId=8801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4388]
-
-testId=25169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4389]
-
-testId=4705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4390]
-
-testId=21089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4391]
-
-testId=12897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4392]
-
-testId=29297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4393]
-
-testId=2673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4394]
-
-testId=19057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4395]
-
-testId=10865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4396]
-
-testId=27249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4397]
-
-testId=6769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4398]
-
-testId=23153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4399]
-
-testId=14913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4400]
-
-testId=31297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4401]
-
-testId=1633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4402]
-
-testId=18017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4403]
-
-testId=9825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4404]
-
-testId=26177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4405]
-
-testId=5713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4406]
-
-testId=22129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4407]
-
-testId=13905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4408]
-
-testId=30321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4409]
-
-testId=3665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4410]
-
-testId=20033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4411]
-
-testId=11857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4412]
-
-testId=28273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4413]
-
-testId=7777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4414]
-
-testId=24129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4415]
-
-testId=15969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4416]
-
-testId=32337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4417]
-
-testId=369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4418]
-
-testId=16721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4419]
-
-testId=8561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4420]
-
-testId=24897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4421]
-
-testId=4449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4422]
-
-testId=20833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4423]
-
-testId=12609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4424]
-
-testId=29041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4425]
-
-testId=2417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4426]
-
-testId=18769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4427]
-
-testId=10593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4428]
-
-testId=26961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4429]
-
-testId=6497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4430]
-
-testId=22865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4431]
-
-testId=14705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4432]
-
-testId=31089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4433]
-
-testId=1393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4434]
-
-testId=17777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4435]
-
-testId=9569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4436]
-
-testId=25969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4437]
-
-testId=5473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4438]
-
-testId=21841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4439]
-
-testId=13633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4440]
-
-testId=30033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4441]
-
-testId=3409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4442]
-
-testId=19793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4443]
-
-testId=11617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4444]
-
-testId=28017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4445]
-
-testId=7521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4446]
-
-testId=23905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4447]
-
-testId=15729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4448]
-
-testId=32097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4449]
-
-testId=865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4450]
-
-testId=17265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4451]
-
-testId=9073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4452]
-
-testId=25441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4453]
-
-testId=4977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4454]
-
-testId=21361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4455]
-
-testId=13121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4456]
-
-testId=29553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4457]
-
-testId=2929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4458]
-
-testId=19313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4459]
-
-testId=11089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4460]
-
-testId=27457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4461]
-
-testId=7025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4462]
-
-testId=23393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4463]
-
-testId=15217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4464]
-
-testId=31601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4465]
-
-testId=1889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4466]
-
-testId=18289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4467]
-
-testId=10049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4468]
-
-testId=26433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4469]
-
-testId=5969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4470]
-
-testId=22337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4471]
-
-testId=14145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4472]
-
-testId=30561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4473]
-
-testId=3937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4474]
-
-testId=20321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4475]
-
-testId=12113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4476]
-
-testId=28529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4477]
-
-testId=8033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4478]
-
-testId=24385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4479]
-
-testId=16241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4480]
-
-testId=32577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4481]
-
-testId=209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4482]
-
-testId=16577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4483]
-
-testId=8401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4484]
-
-testId=24801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4485]
-
-testId=4289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4486]
-
-testId=20705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4487]
-
-testId=12481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4488]
-
-testId=28865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4489]
-
-testId=2257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4490]
-
-testId=18641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4491]
-
-testId=10449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4492]
-
-testId=26817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4493]
-
-testId=6385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4494]
-
-testId=22737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4495]
-
-testId=14545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4496]
-
-testId=30929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4497]
-
-testId=1265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4498]
-
-testId=17617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4499]
-
-testId=9425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4500]
-
-testId=25793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4501]
-
-testId=5345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4502]
-
-testId=21713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4503]
-
-testId=13537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4504]
-
-testId=29937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4505]
-
-testId=3297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4506]
-
-testId=19697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4507]
-
-testId=11473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4508]
-
-testId=27873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4509]
-
-testId=7361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4510]
-
-testId=23777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4511]
-
-testId=15601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4512]
-
-testId=31953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4513]
-
-testId=753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4514]
-
-testId=17105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4515]
-
-testId=8945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4516]
-
-testId=25313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4517]
-
-testId=4833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4518]
-
-testId=21201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4519]
-
-testId=13025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4520]
-
-testId=29425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4521]
-
-testId=2769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4522]
-
-testId=19169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4523]
-
-testId=10977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4524]
-
-testId=27361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4525]
-
-testId=6865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4526]
-
-testId=23249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4527]
-
-testId=15089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4528]
-
-testId=31425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4529]
-
-testId=1745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4530]
-
-testId=18161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4531]
-
-testId=9921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4532]
-
-testId=26353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4533]
-
-testId=5841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4534]
-
-testId=22209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4535]
-
-testId=14049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4536]
-
-testId=30401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4537]
-
-testId=3825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4538]
-
-testId=20193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4539]
-
-testId=11969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4540]
-
-testId=28385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4541]
-
-testId=7873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4542]
-
-testId=24257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4543]
-
-testId=16081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4544]
-
-testId=32481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4545]
-
-testId=449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4546]
-
-testId=16865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4547]
-
-testId=8689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4548]
-
-testId=25073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4549]
-
-testId=4577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4550]
-
-testId=20945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4551]
-
-testId=12753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4552]
-
-testId=29121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4553]
-
-testId=2497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4554]
-
-testId=18929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4555]
-
-testId=10705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4556]
-
-testId=27105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4557]
-
-testId=6609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4558]
-
-testId=22977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4559]
-
-testId=14801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4560]
-
-testId=31185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4561]
-
-testId=1473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4562]
-
-testId=17857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4563]
-
-testId=9665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4564]
-
-testId=26065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4565]
-
-testId=5601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4566]
-
-testId=22001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4567]
-
-testId=13793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4568]
-
-testId=30145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4569]
-
-testId=3553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4570]
-
-testId=19905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4571]
-
-testId=11745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4572]
-
-testId=28097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4573]
-
-testId=7649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4574]
-
-testId=24017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4575]
-
-testId=15841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4576]
-
-testId=32225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4577]
-
-testId=961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4578]
-
-testId=17377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4579]
-
-testId=9185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4580]
-
-testId=25537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4581]
-
-testId=5057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4582]
-
-testId=21441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4583]
-
-testId=13281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4584]
-
-testId=29649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4585]
-
-testId=3041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4586]
-
-testId=19409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4587]
-
-testId=11249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4588]
-
-testId=27585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4589]
-
-testId=7105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4590]
-
-testId=23505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4591]
-
-testId=15329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4592]
-
-testId=31729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4593]
-
-testId=1985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4594]
-
-testId=18385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4595]
-
-testId=10177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4596]
-
-testId=26561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4597]
-
-testId=6097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4598]
-
-testId=22497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4599]
-
-testId=14321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4600]
-
-testId=30689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4601]
-
-testId=4065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4602]
-
-testId=20449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4603]
-
-testId=12225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4604]
-
-testId=28625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4605]
-
-testId=8129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4606]
-
-testId=24513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4607]
-
-testId=16321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4608]
-
-testId=32737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4609]
-
-testId=9
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4610]
-
-testId=16425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4611]
-
-testId=8233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4612]
-
-testId=24617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4613]
-
-testId=4121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4614]
-
-testId=20489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4615]
-
-testId=12329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4616]
-
-testId=28729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4617]
-
-testId=2057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4618]
-
-testId=18441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4619]
-
-testId=10249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4620]
-
-testId=26665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4621]
-
-testId=6153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4622]
-
-testId=22569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4623]
-
-testId=14393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4624]
-
-testId=30761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4625]
-
-testId=1049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4626]
-
-testId=17465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4627]
-
-testId=9257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4628]
-
-testId=25641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4629]
-
-testId=5145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4630]
-
-testId=21529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4631]
-
-testId=13369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4632]
-
-testId=29753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4633]
-
-testId=3113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4634]
-
-testId=19513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4635]
-
-testId=11273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4636]
-
-testId=27689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4637]
-
-testId=7177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4638]
-
-testId=23577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4639]
-
-testId=15417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4640]
-
-testId=31785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4641]
-
-testId=521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4642]
-
-testId=16953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4643]
-
-testId=8761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4644]
-
-testId=25113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4645]
-
-testId=4665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4646]
-
-testId=21001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4647]
-
-testId=12825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4648]
-
-testId=29225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4649]
-
-testId=2601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4650]
-
-testId=18953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4651]
-
-testId=10809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4652]
-
-testId=27193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4653]
-
-testId=6665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4654]
-
-testId=23081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4655]
-
-testId=14889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4656]
-
-testId=31273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4657]
-
-testId=1545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4658]
-
-testId=17961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4659]
-
-testId=9753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4660]
-
-testId=26153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4661]
-
-testId=5657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4662]
-
-testId=22073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4663]
-
-testId=13865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4664]
-
-testId=30217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4665]
-
-testId=3593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4666]
-
-testId=19977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4667]
-
-testId=11801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4668]
-
-testId=28217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4669]
-
-testId=7737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4670]
-
-testId=24121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4671]
-
-testId=15881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4672]
-
-testId=32313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4673]
-
-testId=265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4674]
-
-testId=16649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4675]
-
-testId=8505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4676]
-
-testId=24857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4677]
-
-testId=4409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4678]
-
-testId=20793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4679]
-
-testId=12569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4680]
-
-testId=28969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4681]
-
-testId=2361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4682]
-
-testId=18729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4683]
-
-testId=10505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4684]
-
-testId=26889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4685]
-
-testId=6441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4686]
-
-testId=22793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4687]
-
-testId=14601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4688]
-
-testId=31017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4689]
-
-testId=1289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4690]
-
-testId=17689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4691]
-
-testId=9481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4692]
-
-testId=25865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4693]
-
-testId=5433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4694]
-
-testId=21817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4695]
-
-testId=13625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4696]
-
-testId=30009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4697]
-
-testId=3353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4698]
-
-testId=19737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4699]
-
-testId=11577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4700]
-
-testId=27961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4701]
-
-testId=7465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4702]
-
-testId=23849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4703]
-
-testId=15625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4704]
-
-testId=32009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4705]
-
-testId=777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4706]
-
-testId=17161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4707]
-
-testId=9017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4708]
-
-testId=25401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4709]
-
-testId=4889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4710]
-
-testId=21273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4711]
-
-testId=13065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4712]
-
-testId=29449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4713]
-
-testId=2873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4714]
-
-testId=19241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4715]
-
-testId=11033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4716]
-
-testId=27417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4717]
-
-testId=6921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4718]
-
-testId=23305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4719]
-
-testId=15113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4720]
-
-testId=31497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4721]
-
-testId=1817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4722]
-
-testId=18201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4723]
-
-testId=10025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4724]
-
-testId=26393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4725]
-
-testId=5945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4726]
-
-testId=22313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4727]
-
-testId=14137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4728]
-
-testId=30505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4729]
-
-testId=3865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4730]
-
-testId=20249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4731]
-
-testId=12041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4732]
-
-testId=28473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4733]
-
-testId=7961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4734]
-
-testId=24345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4735]
-
-testId=16169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4736]
-
-testId=32553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4737]
-
-testId=137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4738]
-
-testId=16521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4739]
-
-testId=8329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4740]
-
-testId=24745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4741]
-
-testId=4249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4742]
-
-testId=20649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4743]
-
-testId=12425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4744]
-
-testId=28841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4745]
-
-testId=2185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4746]
-
-testId=18569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4747]
-
-testId=10393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4748]
-
-testId=26793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4749]
-
-testId=6313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4750]
-
-testId=22713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4751]
-
-testId=14521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4752]
-
-testId=30857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4753]
-
-testId=1193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4754]
-
-testId=17577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4755]
-
-testId=9385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4756]
-
-testId=25753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4757]
-
-testId=5289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4758]
-
-testId=21689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4759]
-
-testId=13449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4760]
-
-testId=29849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4761]
-
-testId=3257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4762]
-
-testId=19641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4763]
-
-testId=11401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4764]
-
-testId=27833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4765]
-
-testId=7305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4766]
-
-testId=23689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4767]
-
-testId=15497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4768]
-
-testId=31897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4769]
-
-testId=697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4770]
-
-testId=17033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4771]
-
-testId=8857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4772]
-
-testId=25257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4773]
-
-testId=4777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4774]
-
-testId=21129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4775]
-
-testId=12937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4776]
-
-testId=29337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4777]
-
-testId=2713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4778]
-
-testId=19081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4779]
-
-testId=10905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4780]
-
-testId=27305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4781]
-
-testId=6793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4782]
-
-testId=23177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4783]
-
-testId=14985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4784]
-
-testId=31417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4785]
-
-testId=1673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4786]
-
-testId=18089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4787]
-
-testId=9913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4788]
-
-testId=26281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4789]
-
-testId=5801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4790]
-
-testId=22153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4791]
-
-testId=13993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4792]
-
-testId=30345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4793]
-
-testId=3753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4794]
-
-testId=20121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4795]
-
-testId=11929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4796]
-
-testId=28329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4797]
-
-testId=7865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4798]
-
-testId=24249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4799]
-
-testId=16057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4800]
-
-testId=32409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4801]
-
-testId=441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4802]
-
-testId=16793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4803]
-
-testId=8617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4804]
-
-testId=25017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4805]
-
-testId=4489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4806]
-
-testId=20873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4807]
-
-testId=12713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4808]
-
-testId=29065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4809]
-
-testId=2489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4810]
-
-testId=18857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4811]
-
-testId=10665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4812]
-
-testId=27049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4813]
-
-testId=6585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4814]
-
-testId=22953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4815]
-
-testId=14777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4816]
-
-testId=31113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4817]
-
-testId=1417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4818]
-
-testId=17849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4819]
-
-testId=9625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4820]
-
-testId=26041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4821]
-
-testId=5529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4822]
-
-testId=21945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4823]
-
-testId=13721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4824]
-
-testId=30121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4825]
-
-testId=3481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4826]
-
-testId=19865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4827]
-
-testId=11689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4828]
-
-testId=28057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4829]
-
-testId=7593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4830]
-
-testId=23993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4831]
-
-testId=15753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4832]
-
-testId=32185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4833]
-
-testId=921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4834]
-
-testId=17321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4835]
-
-testId=9113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4836]
-
-testId=25529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4837]
-
-testId=5017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4838]
-
-testId=21385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4839]
-
-testId=13241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4840]
-
-testId=29625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4841]
-
-testId=3001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4842]
-
-testId=19385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4843]
-
-testId=11161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4844]
-
-testId=27561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4845]
-
-testId=7097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4846]
-
-testId=23433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4847]
-
-testId=15241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4848]
-
-testId=31641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4849]
-
-testId=1977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4850]
-
-testId=18345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4851]
-
-testId=10153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4852]
-
-testId=26537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4853]
-
-testId=6073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4854]
-
-testId=22409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4855]
-
-testId=14265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4856]
-
-testId=30601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4857]
-
-testId=4025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4858]
-
-testId=20409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4859]
-
-testId=12217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4860]
-
-testId=28553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4861]
-
-testId=8089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4862]
-
-testId=24489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4863]
-
-testId=16313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4864]
-
-testId=32665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4865]
-
-testId=73
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4866]
-
-testId=16489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4867]
-
-testId=8281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4868]
-
-testId=24665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4869]
-
-testId=4201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4870]
-
-testId=20601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4871]
-
-testId=12393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4872]
-
-testId=28745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4873]
-
-testId=2169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4874]
-
-testId=18553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4875]
-
-testId=10313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4876]
-
-testId=26729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4877]
-
-testId=6249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4878]
-
-testId=22617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4879]
-
-testId=14425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4880]
-
-testId=30793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4881]
-
-testId=1097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4882]
-
-testId=17513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4883]
-
-testId=9321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4884]
-
-testId=25689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4885]
-
-testId=5225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4886]
-
-testId=21577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4887]
-
-testId=13401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4888]
-
-testId=29817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4889]
-
-testId=3145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4890]
-
-testId=19561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4891]
-
-testId=11385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4892]
-
-testId=27769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4893]
-
-testId=7289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4894]
-
-testId=23657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4895]
-
-testId=15433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4896]
-
-testId=31849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4897]
-
-testId=617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4898]
-
-testId=16969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4899]
-
-testId=8793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4900]
-
-testId=25193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4901]
-
-testId=4713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4902]
-
-testId=21065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4903]
-
-testId=12905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4904]
-
-testId=29257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4905]
-
-testId=2665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4906]
-
-testId=19065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4907]
-
-testId=10873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4908]
-
-testId=27257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4909]
-
-testId=6729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4910]
-
-testId=23113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4911]
-
-testId=14921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4912]
-
-testId=31353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4913]
-
-testId=1625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4914]
-
-testId=18025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4915]
-
-testId=9849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4916]
-
-testId=26185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4917]
-
-testId=5737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4918]
-
-testId=22089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4919]
-
-testId=13945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4920]
-
-testId=30329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4921]
-
-testId=3705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4922]
-
-testId=20057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4923]
-
-testId=11897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4924]
-
-testId=28281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4925]
-
-testId=7801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4926]
-
-testId=24169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4927]
-
-testId=15993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4928]
-
-testId=32345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4929]
-
-testId=329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4930]
-
-testId=16761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4931]
-
-testId=8537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4932]
-
-testId=24905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4933]
-
-testId=4457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4934]
-
-testId=20841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4935]
-
-testId=12633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4936]
-
-testId=29017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4937]
-
-testId=2409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4938]
-
-testId=18777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4939]
-
-testId=10601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4940]
-
-testId=26969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4941]
-
-testId=6505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4942]
-
-testId=22873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4943]
-
-testId=14713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4944]
-
-testId=31097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4945]
-
-testId=1353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4946]
-
-testId=17785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4947]
-
-testId=9593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4948]
-
-testId=25961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4949]
-
-testId=5497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4950]
-
-testId=21849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4951]
-
-testId=13657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4952]
-
-testId=30041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4953]
-
-testId=3433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4954]
-
-testId=19801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4955]
-
-testId=11625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4956]
-
-testId=27977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4957]
-
-testId=7529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4958]
-
-testId=23913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4959]
-
-testId=15705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4960]
-
-testId=32089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4961]
-
-testId=873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4962]
-
-testId=17273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4963]
-
-testId=9081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4964]
-
-testId=25433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4965]
-
-testId=4969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4966]
-
-testId=21337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4967]
-
-testId=13177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4968]
-
-testId=29561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4969]
-
-testId=2937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4970]
-
-testId=19289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4971]
-
-testId=11129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4972]
-
-testId=27465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4973]
-
-testId=7001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4974]
-
-testId=23369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4975]
-
-testId=15209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4976]
-
-testId=31609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4977]
-
-testId=1865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4978]
-
-testId=18249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4979]
-
-testId=10089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4980]
-
-testId=26457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4981]
-
-testId=5993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4982]
-
-testId=22361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4983]
-
-testId=14201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4984]
-
-testId=30537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4985]
-
-testId=3929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4986]
-
-testId=20313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4987]
-
-testId=12137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4988]
-
-testId=28537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4989]
-
-testId=8057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4990]
-
-testId=24441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4991]
-
-testId=16201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4992]
-
-testId=32633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4993]
-
-testId=201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4994]
-
-testId=16617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4995]
-
-testId=8409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4996]
-
-testId=24793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4997]
-
-testId=4297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4998]
-
-testId=20729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-4999]
-
-testId=12505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5000]
-
-testId=28873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5001]
-
-testId=2297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5002]
-
-testId=18665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5003]
-
-testId=10489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5004]
-
-testId=26841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5005]
-
-testId=6345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5006]
-
-testId=22761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5007]
-
-testId=14537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5008]
-
-testId=30921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5009]
-
-testId=1241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5010]
-
-testId=17657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5011]
-
-testId=9465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5012]
-
-testId=25817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5013]
-
-testId=5337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5014]
-
-testId=21721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5015]
-
-testId=13529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5016]
-
-testId=29913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5017]
-
-testId=3273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5018]
-
-testId=19689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5019]
-
-testId=11481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5020]
-
-testId=27865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5021]
-
-testId=7385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5022]
-
-testId=23785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5023]
-
-testId=15561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5024]
-
-testId=31945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5025]
-
-testId=745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5026]
-
-testId=17129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5027]
-
-testId=8937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5028]
-
-testId=25321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5029]
-
-testId=4857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5030]
-
-testId=21225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5031]
-
-testId=13049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5032]
-
-testId=29385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5033]
-
-testId=2793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5034]
-
-testId=19193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5035]
-
-testId=10969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5036]
-
-testId=27337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5037]
-
-testId=6905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5038]
-
-testId=23273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5039]
-
-testId=15081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5040]
-
-testId=31449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5041]
-
-testId=1785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5042]
-
-testId=18153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5043]
-
-testId=9977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5044]
-
-testId=26329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5045]
-
-testId=5833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5046]
-
-testId=22217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5047]
-
-testId=14073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5048]
-
-testId=30441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5049]
-
-testId=3817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5050]
-
-testId=20217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5051]
-
-testId=12025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5052]
-
-testId=28361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5053]
-
-testId=7929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5054]
-
-testId=24265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5055]
-
-testId=16089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5056]
-
-testId=32505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5057]
-
-testId=505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5058]
-
-testId=16841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5059]
-
-testId=8665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5060]
-
-testId=25049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5061]
-
-testId=4569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5062]
-
-testId=20937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5063]
-
-testId=12745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5064]
-
-testId=29129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5065]
-
-testId=2537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5066]
-
-testId=18937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5067]
-
-testId=10697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5068]
-
-testId=27097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5069]
-
-testId=6617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5070]
-
-testId=23033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5071]
-
-testId=14809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5072]
-
-testId=31193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5073]
-
-testId=1513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5074]
-
-testId=17913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5075]
-
-testId=9673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5076]
-
-testId=26057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5077]
-
-testId=5625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5078]
-
-testId=21993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5079]
-
-testId=13801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5080]
-
-testId=30201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5081]
-
-testId=3545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5082]
-
-testId=19945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5083]
-
-testId=11737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5084]
-
-testId=28105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5085]
-
-testId=7641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5086]
-
-testId=24057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5087]
-
-testId=15849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5088]
-
-testId=32233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5089]
-
-testId=969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5090]
-
-testId=17369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5091]
-
-testId=9161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5092]
-
-testId=25545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5093]
-
-testId=5097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5094]
-
-testId=21497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5095]
-
-testId=13289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5096]
-
-testId=29641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5097]
-
-testId=3017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5098]
-
-testId=19417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5099]
-
-testId=11209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5100]
-
-testId=27641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5101]
-
-testId=7129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5102]
-
-testId=23529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5103]
-
-testId=15337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5104]
-
-testId=31689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5105]
-
-testId=2041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5106]
-
-testId=18377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5107]
-
-testId=10185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5108]
-
-testId=26585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5109]
-
-testId=6089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5110]
-
-testId=22521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5111]
-
-testId=14281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5112]
-
-testId=30665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5113]
-
-testId=4073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5114]
-
-testId=20473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5115]
-
-testId=12281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5116]
-
-testId=28649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5117]
-
-testId=8137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5118]
-
-testId=24553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5119]
-
-testId=16345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5120]
-
-testId=32729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5121]
-
-testId=53
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5122]
-
-testId=16437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5123]
-
-testId=8197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5124]
-
-testId=24613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5125]
-
-testId=4133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5126]
-
-testId=20501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5127]
-
-testId=12309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5128]
-
-testId=28693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5129]
-
-testId=2053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5130]
-
-testId=18437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5131]
-
-testId=10277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5132]
-
-testId=26677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5133]
-
-testId=6165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5134]
-
-testId=22581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5135]
-
-testId=14389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5136]
-
-testId=30773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5137]
-
-testId=1077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5138]
-
-testId=17429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5139]
-
-testId=9269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5140]
-
-testId=25637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5141]
-
-testId=5141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5142]
-
-testId=21509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5143]
-
-testId=13317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5144]
-
-testId=29701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5145]
-
-testId=3125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5146]
-
-testId=19477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5147]
-
-testId=11285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5148]
-
-testId=27685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5149]
-
-testId=7205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5150]
-
-testId=23605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5151]
-
-testId=15413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5152]
-
-testId=31765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5153]
-
-testId=533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5154]
-
-testId=16901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5155]
-
-testId=8709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5156]
-
-testId=25141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5157]
-
-testId=4629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5158]
-
-testId=21029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5159]
-
-testId=12805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5160]
-
-testId=29237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5161]
-
-testId=2613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5162]
-
-testId=18949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5163]
-
-testId=10805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5164]
-
-testId=27141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5165]
-
-testId=6677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5166]
-
-testId=23093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5167]
-
-testId=14885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5168]
-
-testId=31237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5169]
-
-testId=1541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5170]
-
-testId=17925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5171]
-
-testId=9781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5172]
-
-testId=26117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5173]
-
-testId=5637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5174]
-
-testId=22069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5175]
-
-testId=13829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5176]
-
-testId=30229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5177]
-
-testId=3589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5178]
-
-testId=19989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5179]
-
-testId=11797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5180]
-
-testId=28181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5181]
-
-testId=7733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5182]
-
-testId=24101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5183]
-
-testId=15893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5184]
-
-testId=32261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5185]
-
-testId=261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5186]
-
-testId=16661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5187]
-
-testId=8453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5188]
-
-testId=24837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5189]
-
-testId=4373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5190]
-
-testId=20789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5191]
-
-testId=12549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5192]
-
-testId=28933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5193]
-
-testId=2325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5194]
-
-testId=18725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5195]
-
-testId=10517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5196]
-
-testId=26933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5197]
-
-testId=6421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5198]
-
-testId=22789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5199]
-
-testId=14613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5200]
-
-testId=31013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5201]
-
-testId=1285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5202]
-
-testId=17717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5203]
-
-testId=9493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5204]
-
-testId=25893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5205]
-
-testId=5413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5206]
-
-testId=21781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5207]
-
-testId=13605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5208]
-
-testId=29989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5209]
-
-testId=3333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5210]
-
-testId=19765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5211]
-
-testId=11573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5212]
-
-testId=27909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5213]
-
-testId=7429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5214]
-
-testId=23845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5215]
-
-testId=15637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5216]
-
-testId=32037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5217]
-
-testId=805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5218]
-
-testId=17173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5219]
-
-testId=8997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5220]
-
-testId=25397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5221]
-
-testId=4901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5222]
-
-testId=21301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5223]
-
-testId=13061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5224]
-
-testId=29477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5225]
-
-testId=2837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5226]
-
-testId=19237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5227]
-
-testId=11045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5228]
-
-testId=27397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5229]
-
-testId=6965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5230]
-
-testId=23333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5231]
-
-testId=15125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5232]
-
-testId=31509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5233]
-
-testId=1797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5234]
-
-testId=18213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5235]
-
-testId=10005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5236]
-
-testId=26421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5237]
-
-testId=5909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5238]
-
-testId=22309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5239]
-
-testId=14117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5240]
-
-testId=30501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5241]
-
-testId=3861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5242]
-
-testId=20229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5243]
-
-testId=12053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5244]
-
-testId=28453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5245]
-
-testId=7973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5246]
-
-testId=24325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5247]
-
-testId=16133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5248]
-
-testId=32517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5249]
-
-testId=165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5250]
-
-testId=16533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5251]
-
-testId=8341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5252]
-
-testId=24757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5253]
-
-testId=4277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5254]
-
-testId=20613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5255]
-
-testId=12469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5256]
-
-testId=28837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5257]
-
-testId=2213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5258]
-
-testId=18581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5259]
-
-testId=10421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5260]
-
-testId=26773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5261]
-
-testId=6277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5262]
-
-testId=22693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5263]
-
-testId=14517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5264]
-
-testId=30869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5265]
-
-testId=1157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5266]
-
-testId=17589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5267]
-
-testId=9349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5268]
-
-testId=25749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5269]
-
-testId=5301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5270]
-
-testId=21653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5271]
-
-testId=13445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5272]
-
-testId=29845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5273]
-
-testId=3253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5274]
-
-testId=19589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5275]
-
-testId=11445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5276]
-
-testId=27813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5277]
-
-testId=7301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5278]
-
-testId=23701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5279]
-
-testId=15541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5280]
-
-testId=31877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5281]
-
-testId=693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5282]
-
-testId=17061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5283]
-
-testId=8885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5284]
-
-testId=25221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5285]
-
-testId=4789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5286]
-
-testId=21173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5287]
-
-testId=12933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5288]
-
-testId=29333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5289]
-
-testId=2741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5290]
-
-testId=19125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5291]
-
-testId=10885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5292]
-
-testId=27269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5293]
-
-testId=6821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5294]
-
-testId=23189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5295]
-
-testId=15029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5296]
-
-testId=31413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5297]
-
-testId=1669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5298]
-
-testId=18053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5299]
-
-testId=9893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5300]
-
-testId=26245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5301]
-
-testId=5781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5302]
-
-testId=22181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5303]
-
-testId=13989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5304]
-
-testId=30357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5305]
-
-testId=3733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5306]
-
-testId=20117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5307]
-
-testId=11925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5308]
-
-testId=28341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5309]
-
-testId=7829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5310]
-
-testId=24245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5311]
-
-testId=16037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5312]
-
-testId=32389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5313]
-
-testId=421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5314]
-
-testId=16805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5315]
-
-testId=8597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5316]
-
-testId=24981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5317]
-
-testId=4517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5318]
-
-testId=20885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5319]
-
-testId=12693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5320]
-
-testId=29061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5321]
-
-testId=2453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5322]
-
-testId=18837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5323]
-
-testId=10645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5324]
-
-testId=27045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5325]
-
-testId=6533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5326]
-
-testId=22933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5327]
-
-testId=14773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5328]
-
-testId=31125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5329]
-
-testId=1445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5330]
-
-testId=17813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5331]
-
-testId=9621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5332]
-
-testId=26005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5333]
-
-testId=5525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5334]
-
-testId=21925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5335]
-
-testId=13749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5336]
-
-testId=30133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5337]
-
-testId=3461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5338]
-
-testId=19845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5339]
-
-testId=11701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5340]
-
-testId=28085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5341]
-
-testId=7605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5342]
-
-testId=23957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5343]
-
-testId=15749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5344]
-
-testId=32149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5345]
-
-testId=901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5346]
-
-testId=17301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5347]
-
-testId=9109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5348]
-
-testId=25509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5349]
-
-testId=5029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5350]
-
-testId=21429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5351]
-
-testId=13205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5352]
-
-testId=29573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5353]
-
-testId=2997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5354]
-
-testId=19349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5355]
-
-testId=11141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5356]
-
-testId=27573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5357]
-
-testId=7093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5358]
-
-testId=23445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5359]
-
-testId=15285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5360]
-
-testId=31653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5361]
-
-testId=1941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5362]
-
-testId=18325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5363]
-
-testId=10149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5364]
-
-testId=26517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5365]
-
-testId=6069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5366]
-
-testId=22421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5367]
-
-testId=14245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5368]
-
-testId=30629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5369]
-
-testId=3989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5370]
-
-testId=20389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5371]
-
-testId=12213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5372]
-
-testId=28565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5373]
-
-testId=8085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5374]
-
-testId=24485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5375]
-
-testId=16293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5376]
-
-testId=32645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5377]
-
-testId=117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5378]
-
-testId=16501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5379]
-
-testId=8293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5380]
-
-testId=24645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5381]
-
-testId=4181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5382]
-
-testId=20549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5383]
-
-testId=12405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5384]
-
-testId=28741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5385]
-
-testId=2117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5386]
-
-testId=18501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5387]
-
-testId=10341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5388]
-
-testId=26725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5389]
-
-testId=6245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5390]
-
-testId=22597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5391]
-
-testId=14453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5392]
-
-testId=30805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5393]
-
-testId=1109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5394]
-
-testId=17509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5395]
-
-testId=9333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5396]
-
-testId=25685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5397]
-
-testId=5205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5398]
-
-testId=21605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5399]
-
-testId=13429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5400]
-
-testId=29765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5401]
-
-testId=3157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5402]
-
-testId=19525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5403]
-
-testId=11365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5404]
-
-testId=27765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5405]
-
-testId=7237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5406]
-
-testId=23621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5407]
-
-testId=15477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5408]
-
-testId=31861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5409]
-
-testId=581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5410]
-
-testId=16981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5411]
-
-testId=8805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5412]
-
-testId=25157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5413]
-
-testId=4725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5414]
-
-testId=21109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5415]
-
-testId=12901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5416]
-
-testId=29253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5417]
-
-testId=2645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5418]
-
-testId=19029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5419]
-
-testId=10869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5420]
-
-testId=27253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5421]
-
-testId=6757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5422]
-
-testId=23157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5423]
-
-testId=14949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5424]
-
-testId=31301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5425]
-
-testId=1637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5426]
-
-testId=18037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5427]
-
-testId=9813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5428]
-
-testId=26213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5429]
-
-testId=5733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5430]
-
-testId=22101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5431]
-
-testId=13925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5432]
-
-testId=30325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5433]
-
-testId=3701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5434]
-
-testId=20037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5435]
-
-testId=11845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5436]
-
-testId=28245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5437]
-
-testId=7797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5438]
-
-testId=24149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5439]
-
-testId=15989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5440]
-
-testId=32373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5441]
-
-testId=373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5442]
-
-testId=16709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5443]
-
-testId=8549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5444]
-
-testId=24901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5445]
-
-testId=4421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5446]
-
-testId=20837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5447]
-
-testId=12645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5448]
-
-testId=29029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5449]
-
-testId=2405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5450]
-
-testId=18773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5451]
-
-testId=10565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5452]
-
-testId=26997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5453]
-
-testId=6485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5454]
-
-testId=22853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5455]
-
-testId=14693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5456]
-
-testId=31061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5457]
-
-testId=1381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5458]
-
-testId=17733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5459]
-
-testId=9557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5460]
-
-testId=25941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5461]
-
-testId=5477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5462]
-
-testId=21861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5463]
-
-testId=13669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5464]
-
-testId=30037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5465]
-
-testId=3445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5466]
-
-testId=19781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5467]
-
-testId=11637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5468]
-
-testId=28005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5469]
-
-testId=7509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5470]
-
-testId=23909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5471]
-
-testId=15717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5472]
-
-testId=32117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5473]
-
-testId=869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5474]
-
-testId=17237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5475]
-
-testId=9029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5476]
-
-testId=25413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5477]
-
-testId=4965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5478]
-
-testId=21365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5479]
-
-testId=13157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5480]
-
-testId=29541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5481]
-
-testId=2885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5482]
-
-testId=19285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5483]
-
-testId=11077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5484]
-
-testId=27493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5485]
-
-testId=6981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5486]
-
-testId=23381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5487]
-
-testId=15205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5488]
-
-testId=31557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5489]
-
-testId=1909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5490]
-
-testId=18245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5491]
-
-testId=10069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5492]
-
-testId=26469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5493]
-
-testId=6005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5494]
-
-testId=22357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5495]
-
-testId=14181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5496]
-
-testId=30549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5497]
-
-testId=3941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5498]
-
-testId=20341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5499]
-
-testId=12117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5500]
-
-testId=28533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5501]
-
-testId=8053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5502]
-
-testId=24405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5503]
-
-testId=16213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5504]
-
-testId=32581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5505]
-
-testId=213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5506]
-
-testId=16581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5507]
-
-testId=8437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5508]
-
-testId=24773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5509]
-
-testId=4325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5510]
-
-testId=20709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5511]
-
-testId=12485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5512]
-
-testId=28901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5513]
-
-testId=2293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5514]
-
-testId=18629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5515]
-
-testId=10469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5516]
-
-testId=26853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5517]
-
-testId=6357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5518]
-
-testId=22741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5519]
-
-testId=14533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5520]
-
-testId=30917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5521]
-
-testId=1269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5522]
-
-testId=17621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5523]
-
-testId=9413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5524]
-
-testId=25845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5525]
-
-testId=5365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5526]
-
-testId=21749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5527]
-
-testId=13509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5528]
-
-testId=29909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5529]
-
-testId=3301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5530]
-
-testId=19669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5531]
-
-testId=11509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5532]
-
-testId=27877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5533]
-
-testId=7381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5534]
-
-testId=23749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5535]
-
-testId=15605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5536]
-
-testId=31957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5537]
-
-testId=757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5538]
-
-testId=17125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5539]
-
-testId=8901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5540]
-
-testId=25333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5541]
-
-testId=4805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5542]
-
-testId=21189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5543]
-
-testId=13045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5544]
-
-testId=29381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5545]
-
-testId=2773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5546]
-
-testId=19173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5547]
-
-testId=10981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5548]
-
-testId=27365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5549]
-
-testId=6869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5550]
-
-testId=23253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5551]
-
-testId=15077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5552]
-
-testId=31429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5553]
-
-testId=1765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5554]
-
-testId=18165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5555]
-
-testId=9973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5556]
-
-testId=26341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5557]
-
-testId=5845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5558]
-
-testId=22229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5559]
-
-testId=14053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5560]
-
-testId=30453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5561]
-
-testId=3797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5562]
-
-testId=20213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5563]
-
-testId=12005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5564]
-
-testId=28389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5565]
-
-testId=7925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5566]
-
-testId=24309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5567]
-
-testId=16101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5568]
-
-testId=32469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5569]
-
-testId=485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5570]
-
-testId=16885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5571]
-
-testId=8661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5572]
-
-testId=25045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5573]
-
-testId=4581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5574]
-
-testId=20933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5575]
-
-testId=12757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5576]
-
-testId=29125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5577]
-
-testId=2517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5578]
-
-testId=18901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5579]
-
-testId=10725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5580]
-
-testId=27077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5581]
-
-testId=6613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5582]
-
-testId=23013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5583]
-
-testId=14837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5584]
-
-testId=31189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5585]
-
-testId=1493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5586]
-
-testId=17893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5587]
-
-testId=9701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5588]
-
-testId=26053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5589]
-
-testId=5605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5590]
-
-testId=21957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5591]
-
-testId=13813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5592]
-
-testId=30197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5593]
-
-testId=3541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5594]
-
-testId=19909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5595]
-
-testId=11749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5596]
-
-testId=28117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5597]
-
-testId=7637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5598]
-
-testId=24005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5599]
-
-testId=15829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5600]
-
-testId=32213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5601]
-
-testId=997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5602]
-
-testId=17397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5603]
-
-testId=9189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5604]
-
-testId=25573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5605]
-
-testId=5077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5606]
-
-testId=21461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5607]
-
-testId=13301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5608]
-
-testId=29669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5609]
-
-testId=3045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5610]
-
-testId=19445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5611]
-
-testId=11221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5612]
-
-testId=27589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5613]
-
-testId=7157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5614]
-
-testId=23509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5615]
-
-testId=15317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5616]
-
-testId=31685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5617]
-
-testId=2021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5618]
-
-testId=18405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5619]
-
-testId=10229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5620]
-
-testId=26613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5621]
-
-testId=6117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5622]
-
-testId=22469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5623]
-
-testId=14325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5624]
-
-testId=30677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5625]
-
-testId=4037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5626]
-
-testId=20421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5627]
-
-testId=12245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5628]
-
-testId=28661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5629]
-
-testId=8165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5630]
-
-testId=24533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5631]
-
-testId=16325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5632]
-
-testId=32757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5633]
-
-testId=61
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5634]
-
-testId=16445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5635]
-
-testId=8237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5636]
-
-testId=24605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5637]
-
-testId=4141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5638]
-
-testId=20493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5639]
-
-testId=12317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5640]
-
-testId=28701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5641]
-
-testId=2061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5642]
-
-testId=18477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5643]
-
-testId=10269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5644]
-
-testId=26669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5645]
-
-testId=6205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5646]
-
-testId=22573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5647]
-
-testId=14397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5648]
-
-testId=30765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5649]
-
-testId=1053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5650]
-
-testId=17421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5651]
-
-testId=9261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5652]
-
-testId=25629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5653]
-
-testId=5165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5654]
-
-testId=21533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5655]
-
-testId=13357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5656]
-
-testId=29741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5657]
-
-testId=3101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5658]
-
-testId=19485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5659]
-
-testId=11325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5660]
-
-testId=27693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5661]
-
-testId=7229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5662]
-
-testId=23565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5663]
-
-testId=15373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5664]
-
-testId=31805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5665]
-
-testId=525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5666]
-
-testId=16957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5667]
-
-testId=8765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5668]
-
-testId=25133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5669]
-
-testId=4653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5670]
-
-testId=21053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5671]
-
-testId=12829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5672]
-
-testId=29213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5673]
-
-testId=2621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5674]
-
-testId=19005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5675]
-
-testId=10765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5676]
-
-testId=27197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5677]
-
-testId=6685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5678]
-
-testId=23053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5679]
-
-testId=14861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5680]
-
-testId=31277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5681]
-
-testId=1597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5682]
-
-testId=17949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5683]
-
-testId=9773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5684]
-
-testId=26157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5685]
-
-testId=5693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5686]
-
-testId=22045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5687]
-
-testId=13853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5688]
-
-testId=30237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5689]
-
-testId=3613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5690]
-
-testId=20029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5691]
-
-testId=11821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5692]
-
-testId=28189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5693]
-
-testId=7725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5694]
-
-testId=24125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5695]
-
-testId=15885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5696]
-
-testId=32301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5697]
-
-testId=269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5698]
-
-testId=16685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5699]
-
-testId=8509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5700]
-
-testId=24877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5701]
-
-testId=4397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5702]
-
-testId=20765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5703]
-
-testId=12573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5704]
-
-testId=28973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5705]
-
-testId=2349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5706]
-
-testId=18701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5707]
-
-testId=10509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5708]
-
-testId=26925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5709]
-
-testId=6413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5710]
-
-testId=22797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5711]
-
-testId=14605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5712]
-
-testId=30989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5713]
-
-testId=1293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5714]
-
-testId=17725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5715]
-
-testId=9501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5716]
-
-testId=25901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5717]
-
-testId=5389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5718]
-
-testId=21789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5719]
-
-testId=13613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5720]
-
-testId=29981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5721]
-
-testId=3341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5722]
-
-testId=19757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5723]
-
-testId=11549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5724]
-
-testId=27949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5725]
-
-testId=7485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5726]
-
-testId=23837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5727]
-
-testId=15677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5728]
-
-testId=32045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5729]
-
-testId=829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5730]
-
-testId=17181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5731]
-
-testId=9005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5732]
-
-testId=25373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5733]
-
-testId=4877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5734]
-
-testId=21293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5735]
-
-testId=13069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5736]
-
-testId=29469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5737]
-
-testId=2877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5738]
-
-testId=19213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5739]
-
-testId=11069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5740]
-
-testId=27437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5741]
-
-testId=6925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5742]
-
-testId=23341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5743]
-
-testId=15117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5744]
-
-testId=31533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5745]
-
-testId=1821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5746]
-
-testId=18205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5747]
-
-testId=10029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5748]
-
-testId=26429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5749]
-
-testId=5949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5750]
-
-testId=22285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5751]
-
-testId=14125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5752]
-
-testId=30509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5753]
-
-testId=3869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5754]
-
-testId=20285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5755]
-
-testId=12093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5756]
-
-testId=28461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5757]
-
-testId=7997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5758]
-
-testId=24365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5759]
-
-testId=16141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5760]
-
-testId=32525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5761]
-
-testId=141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5762]
-
-testId=16573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5763]
-
-testId=8365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5764]
-
-testId=24749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5765]
-
-testId=4253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5766]
-
-testId=20669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5767]
-
-testId=12429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5768]
-
-testId=28845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5769]
-
-testId=2237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5770]
-
-testId=18589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5771]
-
-testId=10381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5772]
-
-testId=26813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5773]
-
-testId=6333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5774]
-
-testId=22669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5775]
-
-testId=14509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5776]
-
-testId=30877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5777]
-
-testId=1197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5778]
-
-testId=17597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5779]
-
-testId=9405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5780]
-
-testId=25757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5781]
-
-testId=5309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5782]
-
-testId=21661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5783]
-
-testId=13453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5784]
-
-testId=29853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5785]
-
-testId=3213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5786]
-
-testId=19629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5787]
-
-testId=11405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5788]
-
-testId=27805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5789]
-
-testId=7325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5790]
-
-testId=23741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5791]
-
-testId=15533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5792]
-
-testId=31901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5793]
-
-testId=653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5794]
-
-testId=17085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5795]
-
-testId=8845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5796]
-
-testId=25229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5797]
-
-testId=4797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5798]
-
-testId=21133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5799]
-
-testId=12989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5800]
-
-testId=29341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5801]
-
-testId=2717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5802]
-
-testId=19101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5803]
-
-testId=10925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5804]
-
-testId=27309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5805]
-
-testId=6845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5806]
-
-testId=23229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5807]
-
-testId=15021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5808]
-
-testId=31405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5809]
-
-testId=1693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5810]
-
-testId=18093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5811]
-
-testId=9869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5812]
-
-testId=26269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5813]
-
-testId=5821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5814]
-
-testId=22157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5815]
-
-testId=13997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5816]
-
-testId=30381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5817]
-
-testId=3725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5818]
-
-testId=20109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5819]
-
-testId=11965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5820]
-
-testId=28301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5821]
-
-testId=7869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5822]
-
-testId=24221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5823]
-
-testId=16045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5824]
-
-testId=32429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5825]
-
-testId=413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5826]
-
-testId=16829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5827]
-
-testId=8637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5828]
-
-testId=24973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5829]
-
-testId=4541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5830]
-
-testId=20893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5831]
-
-testId=12717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5832]
-
-testId=29101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5833]
-
-testId=2461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5834]
-
-testId=18861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5835]
-
-testId=10653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5836]
-
-testId=27021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5837]
-
-testId=6541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5838]
-
-testId=22973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5839]
-
-testId=14765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5840]
-
-testId=31149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5841]
-
-testId=1469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5842]
-
-testId=17837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5843]
-
-testId=9613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5844]
-
-testId=26013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5845]
-
-testId=5565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5846]
-
-testId=21917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5847]
-
-testId=13709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5848]
-
-testId=30125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5849]
-
-testId=3517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5850]
-
-testId=19869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5851]
-
-testId=11677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5852]
-
-testId=28093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5853]
-
-testId=7597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5854]
-
-testId=23965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5855]
-
-testId=15805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5856]
-
-testId=32189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5857]
-
-testId=957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5858]
-
-testId=17309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5859]
-
-testId=9117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5860]
-
-testId=25533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5861]
-
-testId=5053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5862]
-
-testId=21421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5863]
-
-testId=13229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5864]
-
-testId=29613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5865]
-
-testId=2957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5866]
-
-testId=19373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5867]
-
-testId=11181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5868]
-
-testId=27533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5869]
-
-testId=7101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5870]
-
-testId=23437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5871]
-
-testId=15245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5872]
-
-testId=31661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5873]
-
-testId=1949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5874]
-
-testId=18349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5875]
-
-testId=10173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5876]
-
-testId=26509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5877]
-
-testId=6045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5878]
-
-testId=22461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5879]
-
-testId=14253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5880]
-
-testId=30621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5881]
-
-testId=3997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5882]
-
-testId=20365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5883]
-
-testId=12205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5884]
-
-testId=28605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5885]
-
-testId=8077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5886]
-
-testId=24477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5887]
-
-testId=16317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5888]
-
-testId=32701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5889]
-
-testId=109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5890]
-
-testId=16493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5891]
-
-testId=8269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5892]
-
-testId=24685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5893]
-
-testId=4189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5894]
-
-testId=20557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5895]
-
-testId=12413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5896]
-
-testId=28765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5897]
-
-testId=2125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5898]
-
-testId=18557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5899]
-
-testId=10333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5900]
-
-testId=26749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5901]
-
-testId=6237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5902]
-
-testId=22621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5903]
-
-testId=14429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5904]
-
-testId=30845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5905]
-
-testId=1133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5906]
-
-testId=17485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5907]
-
-testId=9341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5908]
-
-testId=25677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5909]
-
-testId=5229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5910]
-
-testId=21613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5911]
-
-testId=13405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5912]
-
-testId=29805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5913]
-
-testId=3181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5914]
-
-testId=19549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5915]
-
-testId=11357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5916]
-
-testId=27773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5917]
-
-testId=7277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5918]
-
-testId=23645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5919]
-
-testId=15453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5920]
-
-testId=31853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5921]
-
-testId=637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5922]
-
-testId=17005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5923]
-
-testId=8797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5924]
-
-testId=25181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5925]
-
-testId=4717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5926]
-
-testId=21101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5927]
-
-testId=12909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5928]
-
-testId=29277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5929]
-
-testId=2669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5930]
-
-testId=19021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5931]
-
-testId=10877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5932]
-
-testId=27229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5933]
-
-testId=6733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5934]
-
-testId=23133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5935]
-
-testId=14957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5936]
-
-testId=31357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5937]
-
-testId=1613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5938]
-
-testId=18029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5939]
-
-testId=9805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5940]
-
-testId=26221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5941]
-
-testId=5709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5942]
-
-testId=22109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5943]
-
-testId=13901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5944]
-
-testId=30317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5945]
-
-testId=3693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5946]
-
-testId=20045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5947]
-
-testId=11885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5948]
-
-testId=28285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5949]
-
-testId=7789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5950]
-
-testId=24173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5951]
-
-testId=15997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5952]
-
-testId=32365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5953]
-
-testId=365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5954]
-
-testId=16765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5955]
-
-testId=8557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5956]
-
-testId=24941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5957]
-
-testId=4461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5958]
-
-testId=20829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5959]
-
-testId=12653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5960]
-
-testId=29021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5961]
-
-testId=2381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5962]
-
-testId=18765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5963]
-
-testId=10605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5964]
-
-testId=26957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5965]
-
-testId=6493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5966]
-
-testId=22877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5967]
-
-testId=14701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5968]
-
-testId=31101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5969]
-
-testId=1405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5970]
-
-testId=17789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5971]
-
-testId=9565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5972]
-
-testId=25981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5973]
-
-testId=5453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5974]
-
-testId=21853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5975]
-
-testId=13677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5976]
-
-testId=30077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5977]
-
-testId=3405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5978]
-
-testId=19837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5979]
-
-testId=11645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5980]
-
-testId=28013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5981]
-
-testId=7517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5982]
-
-testId=23901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5983]
-
-testId=15725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5984]
-
-testId=32077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5985]
-
-testId=845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5986]
-
-testId=17261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5987]
-
-testId=9085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5988]
-
-testId=25437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5989]
-
-testId=4989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5990]
-
-testId=21357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5991]
-
-testId=13149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5992]
-
-testId=29565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5993]
-
-testId=2909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5994]
-
-testId=19325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5995]
-
-testId=11117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5996]
-
-testId=27485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5997]
-
-testId=7021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5998]
-
-testId=23373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-5999]
-
-testId=15197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6000]
-
-testId=31613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6001]
-
-testId=1917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6002]
-
-testId=18285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6003]
-
-testId=10093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6004]
-
-testId=26461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6005]
-
-testId=5981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6006]
-
-testId=22349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6007]
-
-testId=14189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6008]
-
-testId=30573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6009]
-
-testId=3965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6010]
-
-testId=20349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6011]
-
-testId=12125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6012]
-
-testId=28509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6013]
-
-testId=8045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6014]
-
-testId=24413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6015]
-
-testId=16205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6016]
-
-testId=32589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6017]
-
-testId=205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6018]
-
-testId=16605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6019]
-
-testId=8397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6020]
-
-testId=24797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6021]
-
-testId=4349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6022]
-
-testId=20717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6023]
-
-testId=12493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6024]
-
-testId=28877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6025]
-
-testId=2253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6026]
-
-testId=18669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6027]
-
-testId=10493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6028]
-
-testId=26829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6029]
-
-testId=6381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6030]
-
-testId=22749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6031]
-
-testId=14573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6032]
-
-testId=30941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6033]
-
-testId=1245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6034]
-
-testId=17629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6035]
-
-testId=9437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6036]
-
-testId=25837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6037]
-
-testId=5357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6038]
-
-testId=21725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6039]
-
-testId=13549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6040]
-
-testId=29901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6041]
-
-testId=3309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6042]
-
-testId=19677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6043]
-
-testId=11485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6044]
-
-testId=27869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6045]
-
-testId=7389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6046]
-
-testId=23789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6047]
-
-testId=15597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6048]
-
-testId=31981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6049]
-
-testId=717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6050]
-
-testId=17101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6051]
-
-testId=8941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6052]
-
-testId=25293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6053]
-
-testId=4845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6054]
-
-testId=21229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6055]
-
-testId=13021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6056]
-
-testId=29389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6057]
-
-testId=2781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6058]
-
-testId=19165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6059]
-
-testId=11005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6060]
-
-testId=27389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6061]
-
-testId=6893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6062]
-
-testId=23293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6063]
-
-testId=15069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6064]
-
-testId=31453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6065]
-
-testId=1789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6066]
-
-testId=18125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6067]
-
-testId=9965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6068]
-
-testId=26317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6069]
-
-testId=5853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6070]
-
-testId=22237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6071]
-
-testId=14061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6072]
-
-testId=30445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6073]
-
-testId=3789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6074]
-
-testId=20189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6075]
-
-testId=12013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6076]
-
-testId=28413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6077]
-
-testId=7885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6078]
-
-testId=24285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6079]
-
-testId=16125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6080]
-
-testId=32509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6081]
-
-testId=461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6082]
-
-testId=16877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6083]
-
-testId=8701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6084]
-
-testId=25053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6085]
-
-testId=4605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6086]
-
-testId=20957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6087]
-
-testId=12749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6088]
-
-testId=29181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6089]
-
-testId=2525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6090]
-
-testId=18909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6091]
-
-testId=10749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6092]
-
-testId=27101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6093]
-
-testId=6621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6094]
-
-testId=23005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6095]
-
-testId=14813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6096]
-
-testId=31229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6097]
-
-testId=1533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6098]
-
-testId=17869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6099]
-
-testId=9677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6100]
-
-testId=26077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6101]
-
-testId=5613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6102]
-
-testId=21981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6103]
-
-testId=13805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6104]
-
-testId=30173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6105]
-
-testId=3581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6106]
-
-testId=19917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6107]
-
-testId=11757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6108]
-
-testId=28109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6109]
-
-testId=7629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6110]
-
-testId=24061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6111]
-
-testId=15869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6112]
-
-testId=32237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6113]
-
-testId=1005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6114]
-
-testId=17357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6115]
-
-testId=9181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6116]
-
-testId=25565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6117]
-
-testId=5117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6118]
-
-testId=21485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6119]
-
-testId=13277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6120]
-
-testId=29661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6121]
-
-testId=3021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6122]
-
-testId=19437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6123]
-
-testId=11229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6124]
-
-testId=27629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6125]
-
-testId=7133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6126]
-
-testId=23501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6127]
-
-testId=15325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6128]
-
-testId=31741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6129]
-
-testId=2013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6130]
-
-testId=18397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6131]
-
-testId=10205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6132]
-
-testId=26605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6133]
-
-testId=6093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6134]
-
-testId=22509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6135]
-
-testId=14285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6136]
-
-testId=30669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6137]
-
-testId=4077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6138]
-
-testId=20445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6139]
-
-testId=12285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6140]
-
-testId=28637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6141]
-
-testId=8189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6142]
-
-testId=24541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6143]
-
-testId=16349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6144]
-
-testId=32733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6145]
-
-testId=51
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6146]
-
-testId=16403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6147]
-
-testId=8211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6148]
-
-testId=24611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6149]
-
-testId=4131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6150]
-
-testId=20483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6151]
-
-testId=12307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6152]
-
-testId=28723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6153]
-
-testId=2067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6154]
-
-testId=18435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6155]
-
-testId=10275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6156]
-
-testId=26675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6157]
-
-testId=6179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6158]
-
-testId=22579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6159]
-
-testId=14387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6160]
-
-testId=30755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6161]
-
-testId=1075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6162]
-
-testId=17459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6163]
-
-testId=9251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6164]
-
-testId=25619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6165]
-
-testId=5155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6166]
-
-testId=21555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6167]
-
-testId=13363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6168]
-
-testId=29731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6169]
-
-testId=3123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6170]
-
-testId=19491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6171]
-
-testId=11299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6172]
-
-testId=27699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6173]
-
-testId=7203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6174]
-
-testId=23571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6175]
-
-testId=15379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6176]
-
-testId=31747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6177]
-
-testId=531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6178]
-
-testId=16899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6179]
-
-testId=8707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6180]
-
-testId=25091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6181]
-
-testId=4627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6182]
-
-testId=20995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6183]
-
-testId=12851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6184]
-
-testId=29219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6185]
-
-testId=2563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6186]
-
-testId=18963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6187]
-
-testId=10803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6188]
-
-testId=27171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6189]
-
-testId=6707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6190]
-
-testId=23043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6191]
-
-testId=14867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6192]
-
-testId=31283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6193]
-
-testId=1539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6194]
-
-testId=17939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6195]
-
-testId=9731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6196]
-
-testId=26147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6197]
-
-testId=5651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6198]
-
-testId=22019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6199]
-
-testId=13827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6200]
-
-testId=30211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6201]
-
-testId=3587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6202]
-
-testId=19971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6203]
-
-testId=11827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6204]
-
-testId=28163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6205]
-
-testId=7715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6206]
-
-testId=24067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6207]
-
-testId=15923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6208]
-
-testId=32291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6209]
-
-testId=259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6210]
-
-testId=16659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6211]
-
-testId=8451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6212]
-
-testId=24883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6213]
-
-testId=4403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6214]
-
-testId=20739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6215]
-
-testId=12579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6216]
-
-testId=28931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6217]
-
-testId=2339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6218]
-
-testId=18691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6219]
-
-testId=10499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6220]
-
-testId=26899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6221]
-
-testId=6419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6222]
-
-testId=22819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6223]
-
-testId=14595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6224]
-
-testId=31027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6225]
-
-testId=1299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6226]
-
-testId=17683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6227]
-
-testId=9523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6228]
-
-testId=25859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6229]
-
-testId=5395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6230]
-
-testId=21811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6231]
-
-testId=13571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6232]
-
-testId=29971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6233]
-
-testId=3331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6234]
-
-testId=19715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6235]
-
-testId=11555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6236]
-
-testId=27907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6237]
-
-testId=7443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6238]
-
-testId=23843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6239]
-
-testId=15635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6240]
-
-testId=32051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6241]
-
-testId=803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6242]
-
-testId=17187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6243]
-
-testId=8979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6244]
-
-testId=25395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6245]
-
-testId=4899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6246]
-
-testId=21283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6247]
-
-testId=13107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6248]
-
-testId=29475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6249]
-
-testId=2851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6250]
-
-testId=19219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6251]
-
-testId=11043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6252]
-
-testId=27395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6253]
-
-testId=6947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6254]
-
-testId=23315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6255]
-
-testId=15107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6256]
-
-testId=31539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6257]
-
-testId=1795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6258]
-
-testId=18211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6259]
-
-testId=10003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6260]
-
-testId=26387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6261]
-
-testId=5939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6262]
-
-testId=22323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6263]
-
-testId=14083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6264]
-
-testId=30515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6265]
-
-testId=3891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6266]
-
-testId=20243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6267]
-
-testId=12035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6268]
-
-testId=28419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6269]
-
-testId=7955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6270]
-
-testId=24323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6271]
-
-testId=16147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6272]
-
-testId=32531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6273]
-
-testId=131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6274]
-
-testId=16531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6275]
-
-testId=8339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6276]
-
-testId=24723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6277]
-
-testId=4259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6278]
-
-testId=20643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6279]
-
-testId=12419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6280]
-
-testId=28803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6281]
-
-testId=2227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6282]
-
-testId=18595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6283]
-
-testId=10371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6284]
-
-testId=26771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6285]
-
-testId=6323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6286]
-
-testId=22707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6287]
-
-testId=14515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6288]
-
-testId=30851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6289]
-
-testId=1187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6290]
-
-testId=17587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6291]
-
-testId=9395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6292]
-
-testId=25763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6293]
-
-testId=5251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6294]
-
-testId=21635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6295]
-
-testId=13459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6296]
-
-testId=29875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6297]
-
-testId=3235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6298]
-
-testId=19619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6299]
-
-testId=11411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6300]
-
-testId=27795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6301]
-
-testId=7315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6302]
-
-testId=23699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6303]
-
-testId=15539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6304]
-
-testId=31907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6305]
-
-testId=691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6306]
-
-testId=17027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6307]
-
-testId=8835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6308]
-
-testId=25251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6309]
-
-testId=4771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6310]
-
-testId=21155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6311]
-
-testId=12979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6312]
-
-testId=29363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6313]
-
-testId=2739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6314]
-
-testId=19107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6315]
-
-testId=10931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6316]
-
-testId=27283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6317]
-
-testId=6803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6318]
-
-testId=23219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6319]
-
-testId=15027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6320]
-
-testId=31379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6321]
-
-testId=1683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6322]
-
-testId=18051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6323]
-
-testId=9875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6324]
-
-testId=26243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6325]
-
-testId=5763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6326]
-
-testId=22195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6327]
-
-testId=14003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6328]
-
-testId=30355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6329]
-
-testId=3747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6330]
-
-testId=20147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6331]
-
-testId=11955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6332]
-
-testId=28307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6333]
-
-testId=7827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6334]
-
-testId=24195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6335]
-
-testId=16003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6336]
-
-testId=32387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6337]
-
-testId=403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6338]
-
-testId=16803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6339]
-
-testId=8627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6340]
-
-testId=25011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6341]
-
-testId=4483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6342]
-
-testId=20867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6343]
-
-testId=12707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6344]
-
-testId=29075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6345]
-
-testId=2435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6346]
-
-testId=18835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6347]
-
-testId=10675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6348]
-
-testId=27027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6349]
-
-testId=6531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6350]
-
-testId=22947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6351]
-
-testId=14771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6352]
-
-testId=31123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6353]
-
-testId=1459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6354]
-
-testId=17827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6355]
-
-testId=9651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6356]
-
-testId=26019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6357]
-
-testId=5507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6358]
-
-testId=21923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6359]
-
-testId=13747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6360]
-
-testId=30131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6361]
-
-testId=3507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6362]
-
-testId=19875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6363]
-
-testId=11683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6364]
-
-testId=28067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6365]
-
-testId=7555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6366]
-
-testId=23939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6367]
-
-testId=15747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6368]
-
-testId=32179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6369]
-
-testId=899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6370]
-
-testId=17331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6371]
-
-testId=9123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6372]
-
-testId=25507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6373]
-
-testId=5011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6374]
-
-testId=21395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6375]
-
-testId=13187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6376]
-
-testId=29603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6377]
-
-testId=2947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6378]
-
-testId=19379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6379]
-
-testId=11155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6380]
-
-testId=27539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6381]
-
-testId=7043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6382]
-
-testId=23459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6383]
-
-testId=15267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6384]
-
-testId=31667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6385]
-
-testId=1971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6386]
-
-testId=18355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6387]
-
-testId=10147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6388]
-
-testId=26547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6389]
-
-testId=6035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6390]
-
-testId=22403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6391]
-
-testId=14211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6392]
-
-testId=30595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6393]
-
-testId=3987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6394]
-
-testId=20355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6395]
-
-testId=12211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6396]
-
-testId=28595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6397]
-
-testId=8099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6398]
-
-testId=24483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6399]
-
-testId=16307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6400]
-
-testId=32659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6401]
-
-testId=99
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6402]
-
-testId=16499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6403]
-
-testId=8259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6404]
-
-testId=24659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6405]
-
-testId=4179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6406]
-
-testId=20579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6407]
-
-testId=12387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6408]
-
-testId=28787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6409]
-
-testId=2163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6410]
-
-testId=18515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6411]
-
-testId=10323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6412]
-
-testId=26707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6413]
-
-testId=6227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6414]
-
-testId=22627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6415]
-
-testId=14451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6416]
-
-testId=30835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6417]
-
-testId=1091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6418]
-
-testId=17523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6419]
-
-testId=9299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6420]
-
-testId=25699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6421]
-
-testId=5235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6422]
-
-testId=21603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6423]
-
-testId=13427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6424]
-
-testId=29795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6425]
-
-testId=3155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6426]
-
-testId=19571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6427]
-
-testId=11331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6428]
-
-testId=27747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6429]
-
-testId=7235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6430]
-
-testId=23667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6431]
-
-testId=15475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6432]
-
-testId=31843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6433]
-
-testId=579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6434]
-
-testId=17011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6435]
-
-testId=8771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6436]
-
-testId=25155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6437]
-
-testId=4707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6438]
-
-testId=21075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6439]
-
-testId=12883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6440]
-
-testId=29299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6441]
-
-testId=2659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6442]
-
-testId=19011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6443]
-
-testId=10851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6444]
-
-testId=27235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6445]
-
-testId=6739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6446]
-
-testId=23139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6447]
-
-testId=14947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6448]
-
-testId=31347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6449]
-
-testId=1635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6450]
-
-testId=18003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6451]
-
-testId=9827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6452]
-
-testId=26179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6453]
-
-testId=5747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6454]
-
-testId=22115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6455]
-
-testId=13891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6456]
-
-testId=30323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6457]
-
-testId=3651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6458]
-
-testId=20051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6459]
-
-testId=11891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6460]
-
-testId=28243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6461]
-
-testId=7763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6462]
-
-testId=24147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6463]
-
-testId=15939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6464]
-
-testId=32323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6465]
-
-testId=371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6466]
-
-testId=16755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6467]
-
-testId=8531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6468]
-
-testId=24899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6469]
-
-testId=4467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6470]
-
-testId=20803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6471]
-
-testId=12643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6472]
-
-testId=29011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6473]
-
-testId=2403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6474]
-
-testId=18771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6475]
-
-testId=10579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6476]
-
-testId=26963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6477]
-
-testId=6483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6478]
-
-testId=22851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6479]
-
-testId=14691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6480]
-
-testId=31075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6481]
-
-testId=1395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6482]
-
-testId=17731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6483]
-
-testId=9571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6484]
-
-testId=25955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6485]
-
-testId=5475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6486]
-
-testId=21859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6487]
-
-testId=13667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6488]
-
-testId=30067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6489]
-
-testId=3443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6490]
-
-testId=19795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6491]
-
-testId=11587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6492]
-
-testId=28003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6493]
-
-testId=7491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6494]
-
-testId=23923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6495]
-
-testId=15683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6496]
-
-testId=32115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6497]
-
-testId=883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6498]
-
-testId=17219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6499]
-
-testId=9043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6500]
-
-testId=25427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6501]
-
-testId=4963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6502]
-
-testId=21347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6503]
-
-testId=13155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6504]
-
-testId=29539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6505]
-
-testId=2915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6506]
-
-testId=19283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6507]
-
-testId=11091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6508]
-
-testId=27491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6509]
-
-testId=6995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6510]
-
-testId=23411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6511]
-
-testId=15203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6512]
-
-testId=31571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6513]
-
-testId=1875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6514]
-
-testId=18243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6515]
-
-testId=10099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6516]
-
-testId=26483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6517]
-
-testId=5987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6518]
-
-testId=22339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6519]
-
-testId=14179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6520]
-
-testId=30579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6521]
-
-testId=3907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6522]
-
-testId=20339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6523]
-
-testId=12147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6524]
-
-testId=28499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6525]
-
-testId=8003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6526]
-
-testId=24403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6527]
-
-testId=16227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6528]
-
-testId=32579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6529]
-
-testId=211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6530]
-
-testId=16595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6531]
-
-testId=8387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6532]
-
-testId=24771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6533]
-
-testId=4323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6534]
-
-testId=20691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6535]
-
-testId=12483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6536]
-
-testId=28867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6537]
-
-testId=2291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6538]
-
-testId=18675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6539]
-
-testId=10451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6540]
-
-testId=26851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6541]
-
-testId=6371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6542]
-
-testId=22739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6543]
-
-testId=14531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6544]
-
-testId=30947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6545]
-
-testId=1267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6546]
-
-testId=17603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6547]
-
-testId=9459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6548]
-
-testId=25811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6549]
-
-testId=5347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6550]
-
-testId=21747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6551]
-
-testId=13507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6552]
-
-testId=29891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6553]
-
-testId=3267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6554]
-
-testId=19699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6555]
-
-testId=11459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6556]
-
-testId=27891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6557]
-
-testId=7379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6558]
-
-testId=23763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6559]
-
-testId=15571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6560]
-
-testId=31955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6561]
-
-testId=707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6562]
-
-testId=17091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6563]
-
-testId=8899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6564]
-
-testId=25331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6565]
-
-testId=4819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6566]
-
-testId=21187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6567]
-
-testId=13011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6568]
-
-testId=29379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6569]
-
-testId=2755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6570]
-
-testId=19155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6571]
-
-testId=10963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6572]
-
-testId=27347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6573]
-
-testId=6867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6574]
-
-testId=23283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6575]
-
-testId=15043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6576]
-
-testId=31459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6577]
-
-testId=1779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6578]
-
-testId=18131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6579]
-
-testId=9923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6580]
-
-testId=26339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6581]
-
-testId=5827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6582]
-
-testId=22259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6583]
-
-testId=14035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6584]
-
-testId=30435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6585]
-
-testId=3795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6586]
-
-testId=20163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6587]
-
-testId=12003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6588]
-
-testId=28371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6589]
-
-testId=7923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6590]
-
-testId=24275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6591]
-
-testId=16067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6592]
-
-testId=32467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6593]
-
-testId=467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6594]
-
-testId=16867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6595]
-
-testId=8659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6596]
-
-testId=25043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6597]
-
-testId=4563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6598]
-
-testId=20947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6599]
-
-testId=12739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6600]
-
-testId=29139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6601]
-
-testId=2515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6602]
-
-testId=18899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6603]
-
-testId=10723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6604]
-
-testId=27075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6605]
-
-testId=6611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6606]
-
-testId=23027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6607]
-
-testId=14803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6608]
-
-testId=31171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6609]
-
-testId=1491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6610]
-
-testId=17859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6611]
-
-testId=9667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6612]
-
-testId=26051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6613]
-
-testId=5603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6614]
-
-testId=21971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6615]
-
-testId=13795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6616]
-
-testId=30179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6617]
-
-testId=3523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6618]
-
-testId=19923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6619]
-
-testId=11747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6620]
-
-testId=28147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6621]
-
-testId=7651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6622]
-
-testId=24035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6623]
-
-testId=15827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6624]
-
-testId=32243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6625]
-
-testId=979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6626]
-
-testId=17363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6627]
-
-testId=9171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6628]
-
-testId=25571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6629]
-
-testId=5107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6630]
-
-testId=21459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6631]
-
-testId=13251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6632]
-
-testId=29667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6633]
-
-testId=3059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6634]
-
-testId=19443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6635]
-
-testId=11235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6636]
-
-testId=27587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6637]
-
-testId=7155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6638]
-
-testId=23491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6639]
-
-testId=15299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6640]
-
-testId=31683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6641]
-
-testId=2035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6642]
-
-testId=18419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6643]
-
-testId=10179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6644]
-
-testId=26563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6645]
-
-testId=6099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6646]
-
-testId=22483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6647]
-
-testId=14275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6648]
-
-testId=30675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6649]
-
-testId=4067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6650]
-
-testId=20419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6651]
-
-testId=12259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6652]
-
-testId=28659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6653]
-
-testId=8131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6654]
-
-testId=24531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6655]
-
-testId=16323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6656]
-
-testId=32723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6657]
-
-testId=59
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6658]
-
-testId=16427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6659]
-
-testId=8251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6660]
-
-testId=24619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6661]
-
-testId=4107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6662]
-
-testId=20539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6663]
-
-testId=12315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6664]
-
-testId=28699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6665]
-
-testId=2091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6666]
-
-testId=18491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6667]
-
-testId=10299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6668]
-
-testId=26667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6669]
-
-testId=6187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6670]
-
-testId=22539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6671]
-
-testId=14395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6672]
-
-testId=30747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6673]
-
-testId=1035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6674]
-
-testId=17435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6675]
-
-testId=9243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6676]
-
-testId=25611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6677]
-
-testId=5147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6678]
-
-testId=21515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6679]
-
-testId=13339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6680]
-
-testId=29755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6681]
-
-testId=3083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6682]
-
-testId=19467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6683]
-
-testId=11307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6684]
-
-testId=27707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6685]
-
-testId=7211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6686]
-
-testId=23595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6687]
-
-testId=15403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6688]
-
-testId=31803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6689]
-
-testId=555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6690]
-
-testId=16955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6691]
-
-testId=8731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6692]
-
-testId=25115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6693]
-
-testId=4635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6694]
-
-testId=21019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6695]
-
-testId=12811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6696]
-
-testId=29211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6697]
-
-testId=2619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6698]
-
-testId=18987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6699]
-
-testId=10811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6700]
-
-testId=27179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6701]
-
-testId=6667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6702]
-
-testId=23067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6703]
-
-testId=14907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6704]
-
-testId=31243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6705]
-
-testId=1579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6706]
-
-testId=17979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6707]
-
-testId=9739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6708]
-
-testId=26123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6709]
-
-testId=5659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6710]
-
-testId=22043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6711]
-
-testId=13883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6712]
-
-testId=30267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6713]
-
-testId=3611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6714]
-
-testId=20027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6715]
-
-testId=11835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6716]
-
-testId=28171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6717]
-
-testId=7739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6718]
-
-testId=24075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6719]
-
-testId=15915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6720]
-
-testId=32315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6721]
-
-testId=267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6722]
-
-testId=16699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6723]
-
-testId=8507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6724]
-
-testId=24875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6725]
-
-testId=4379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6726]
-
-testId=20747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6727]
-
-testId=12555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6728]
-
-testId=28939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6729]
-
-testId=2315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6730]
-
-testId=18699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6731]
-
-testId=10539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6732]
-
-testId=26891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6733]
-
-testId=6411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6734]
-
-testId=22795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6735]
-
-testId=14603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6736]
-
-testId=31003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6737]
-
-testId=1323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6738]
-
-testId=17675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6739]
-
-testId=9483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6740]
-
-testId=25915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6741]
-
-testId=5435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6742]
-
-testId=21771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6743]
-
-testId=13595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6744]
-
-testId=29963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6745]
-
-testId=3355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6746]
-
-testId=19771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6747]
-
-testId=11547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6748]
-
-testId=27963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6749]
-
-testId=7435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6750]
-
-testId=23867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6751]
-
-testId=15659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6752]
-
-testId=32043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6753]
-
-testId=795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6754]
-
-testId=17195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6755]
-
-testId=8971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6756]
-
-testId=25371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6757]
-
-testId=4875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6758]
-
-testId=21291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6759]
-
-testId=13115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6760]
-
-testId=29451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6761]
-
-testId=2875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6762]
-
-testId=19227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6763]
-
-testId=11019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6764]
-
-testId=27403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6765]
-
-testId=6923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6766]
-
-testId=23355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6767]
-
-testId=15147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6768]
-
-testId=31515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6769]
-
-testId=1835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6770]
-
-testId=18203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6771]
-
-testId=10011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6772]
-
-testId=26395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6773]
-
-testId=5915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6774]
-
-testId=22315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6775]
-
-testId=14107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6776]
-
-testId=30475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6777]
-
-testId=3883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6778]
-
-testId=20251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6779]
-
-testId=12059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6780]
-
-testId=28427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6781]
-
-testId=7963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6782]
-
-testId=24347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6783]
-
-testId=16155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6784]
-
-testId=32571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6785]
-
-testId=171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6786]
-
-testId=16523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6787]
-
-testId=8379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6788]
-
-testId=24747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6789]
-
-testId=4267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6790]
-
-testId=20651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6791]
-
-testId=12459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6792]
-
-testId=28843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6793]
-
-testId=2187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6794]
-
-testId=18619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6795]
-
-testId=10379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6796]
-
-testId=26779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6797]
-
-testId=6299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6798]
-
-testId=22683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6799]
-
-testId=14523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6800]
-
-testId=30875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6801]
-
-testId=1179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6802]
-
-testId=17547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6803]
-
-testId=9387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6804]
-
-testId=25739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6805]
-
-testId=5307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6806]
-
-testId=21659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6807]
-
-testId=13451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6808]
-
-testId=29867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6809]
-
-testId=3243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6810]
-
-testId=19627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6811]
-
-testId=11435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6812]
-
-testId=27819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6813]
-
-testId=7339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6814]
-
-testId=23707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6815]
-
-testId=15531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6816]
-
-testId=31931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6817]
-
-testId=667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6818]
-
-testId=17083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6819]
-
-testId=8843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6820]
-
-testId=25259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6821]
-
-testId=4763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6822]
-
-testId=21179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6823]
-
-testId=12971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6824]
-
-testId=29323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6825]
-
-testId=2747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6826]
-
-testId=19131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6827]
-
-testId=10923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6828]
-
-testId=27291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6829]
-
-testId=6827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6830]
-
-testId=23227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6831]
-
-testId=15035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6832]
-
-testId=31403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6833]
-
-testId=1723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6834]
-
-testId=18059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6835]
-
-testId=9915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6836]
-
-testId=26267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6837]
-
-testId=5787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6838]
-
-testId=22187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6839]
-
-testId=14011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6840]
-
-testId=30347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6841]
-
-testId=3723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6842]
-
-testId=20107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6843]
-
-testId=11947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6844]
-
-testId=28315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6845]
-
-testId=7851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6846]
-
-testId=24219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6847]
-
-testId=16043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6848]
-
-testId=32427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6849]
-
-testId=427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6850]
-
-testId=16779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6851]
-
-testId=8619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6852]
-
-testId=24971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6853]
-
-testId=4539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6854]
-
-testId=20907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6855]
-
-testId=12683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6856]
-
-testId=29067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6857]
-
-testId=2475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6858]
-
-testId=18875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6859]
-
-testId=10651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6860]
-
-testId=27051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6861]
-
-testId=6539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6862]
-
-testId=22923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6863]
-
-testId=14763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6864]
-
-testId=31147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6865]
-
-testId=1419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6866]
-
-testId=17819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6867]
-
-testId=9611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6868]
-
-testId=26027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6869]
-
-testId=5547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6870]
-
-testId=21915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6871]
-
-testId=13723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6872]
-
-testId=30107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6873]
-
-testId=3483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6874]
-
-testId=19899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6875]
-
-testId=11675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6876]
-
-testId=28059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6877]
-
-testId=7595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6878]
-
-testId=23995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6879]
-
-testId=15755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6880]
-
-testId=32139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6881]
-
-testId=939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6882]
-
-testId=17323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6883]
-
-testId=9131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6884]
-
-testId=25499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6885]
-
-testId=5003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6886]
-
-testId=21387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6887]
-
-testId=13195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6888]
-
-testId=29579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6889]
-
-testId=2987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6890]
-
-testId=19339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6891]
-
-testId=11163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6892]
-
-testId=27547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6893]
-
-testId=7067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6894]
-
-testId=23451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6895]
-
-testId=15243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6896]
-
-testId=31675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6897]
-
-testId=1979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6898]
-
-testId=18363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6899]
-
-testId=10139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6900]
-
-testId=26523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6901]
-
-testId=6043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6902]
-
-testId=22443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6903]
-
-testId=14267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6904]
-
-testId=30603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6905]
-
-testId=4027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6906]
-
-testId=20363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6907]
-
-testId=12187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6908]
-
-testId=28555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6909]
-
-testId=8107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6910]
-
-testId=24491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6911]
-
-testId=16299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6912]
-
-testId=32683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6913]
-
-testId=107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6914]
-
-testId=16491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6915]
-
-testId=8315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6916]
-
-testId=24667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6917]
-
-testId=4219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6918]
-
-testId=20587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6919]
-
-testId=12379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6920]
-
-testId=28779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6921]
-
-testId=2155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6922]
-
-testId=18507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6923]
-
-testId=10315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6924]
-
-testId=26715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6925]
-
-testId=6251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6926]
-
-testId=22635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6927]
-
-testId=14427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6928]
-
-testId=30827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6929]
-
-testId=1099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6930]
-
-testId=17531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6931]
-
-testId=9291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6932]
-
-testId=25723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6933]
-
-testId=5227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6934]
-
-testId=21627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6935]
-
-testId=13403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6936]
-
-testId=29819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6937]
-
-testId=3179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6938]
-
-testId=19531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6939]
-
-testId=11387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6940]
-
-testId=27771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6941]
-
-testId=7275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6942]
-
-testId=23659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6943]
-
-testId=15451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6944]
-
-testId=31867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6945]
-
-testId=603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6946]
-
-testId=16971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6947]
-
-testId=8779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6948]
-
-testId=25179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6949]
-
-testId=4715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6950]
-
-testId=21099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6951]
-
-testId=12891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6952]
-
-testId=29307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6953]
-
-testId=2667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6954]
-
-testId=19067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6955]
-
-testId=10843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6956]
-
-testId=27259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6957]
-
-testId=6779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6958]
-
-testId=23163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6959]
-
-testId=14955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6960]
-
-testId=31355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6961]
-
-testId=1643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6962]
-
-testId=18011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6963]
-
-testId=9851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6964]
-
-testId=26187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6965]
-
-testId=5707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6966]
-
-testId=22123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6967]
-
-testId=13915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6968]
-
-testId=30283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6969]
-
-testId=3659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6970]
-
-testId=20075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6971]
-
-testId=11851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6972]
-
-testId=28267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6973]
-
-testId=7787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6974]
-
-testId=24139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6975]
-
-testId=15995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6976]
-
-testId=32363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6977]
-
-testId=331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6978]
-
-testId=16747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6979]
-
-testId=8571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6980]
-
-testId=24955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6981]
-
-testId=4427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6982]
-
-testId=20859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6983]
-
-testId=12619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6984]
-
-testId=29003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6985]
-
-testId=2427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6986]
-
-testId=18795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6987]
-
-testId=10587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6988]
-
-testId=27003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6989]
-
-testId=6523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6990]
-
-testId=22875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6991]
-
-testId=14715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6992]
-
-testId=31051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6993]
-
-testId=1387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6994]
-
-testId=17771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6995]
-
-testId=9547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6996]
-
-testId=25947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6997]
-
-testId=5451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6998]
-
-testId=21835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-6999]
-
-testId=13691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7000]
-
-testId=30059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7001]
-
-testId=3435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7002]
-
-testId=19819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7003]
-
-testId=11643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7004]
-
-testId=28027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7005]
-
-testId=7531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7006]
-
-testId=23915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7007]
-
-testId=15691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7008]
-
-testId=32075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7009]
-
-testId=891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7010]
-
-testId=17275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7011]
-
-testId=9067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7012]
-
-testId=25419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7013]
-
-testId=4955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7014]
-
-testId=21339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7015]
-
-testId=13131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7016]
-
-testId=29515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7017]
-
-testId=2907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7018]
-
-testId=19275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7019]
-
-testId=11131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7020]
-
-testId=27483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7021]
-
-testId=7019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7022]
-
-testId=23387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7023]
-
-testId=15195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7024]
-
-testId=31611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7025]
-
-testId=1915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7026]
-
-testId=18251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7027]
-
-testId=10091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7028]
-
-testId=26459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7029]
-
-testId=5963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7030]
-
-testId=22379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7031]
-
-testId=14187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7032]
-
-testId=30555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7033]
-
-testId=3963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7034]
-
-testId=20331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7035]
-
-testId=12107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7036]
-
-testId=28491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7037]
-
-testId=8043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7038]
-
-testId=24395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7039]
-
-testId=16219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7040]
-
-testId=32635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7041]
-
-testId=235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7042]
-
-testId=16603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7043]
-
-testId=8443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7044]
-
-testId=24779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7045]
-
-testId=4347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7046]
-
-testId=20715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7047]
-
-testId=12539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7048]
-
-testId=28891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7049]
-
-testId=2299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7050]
-
-testId=18683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7051]
-
-testId=10475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7052]
-
-testId=26827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7053]
-
-testId=6347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7054]
-
-testId=22747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7055]
-
-testId=14539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7056]
-
-testId=30971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7057]
-
-testId=1243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7058]
-
-testId=17659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7059]
-
-testId=9451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7060]
-
-testId=25835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7061]
-
-testId=5371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7062]
-
-testId=21755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7063]
-
-testId=13515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7064]
-
-testId=29931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7065]
-
-testId=3291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7066]
-
-testId=19675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7067]
-
-testId=11515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7068]
-
-testId=27867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7069]
-
-testId=7371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7070]
-
-testId=23803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7071]
-
-testId=15595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7072]
-
-testId=31947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7073]
-
-testId=747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7074]
-
-testId=17099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7075]
-
-testId=8939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7076]
-
-testId=25323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7077]
-
-testId=4811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7078]
-
-testId=21211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7079]
-
-testId=13003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7080]
-
-testId=29419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7081]
-
-testId=2763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7082]
-
-testId=19147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7083]
-
-testId=10955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7084]
-
-testId=27387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7085]
-
-testId=6875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7086]
-
-testId=23259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7087]
-
-testId=15067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7088]
-
-testId=31467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7089]
-
-testId=1755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7090]
-
-testId=18171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7091]
-
-testId=9963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7092]
-
-testId=26315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7093]
-
-testId=5835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7094]
-
-testId=22219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7095]
-
-testId=14075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7096]
-
-testId=30411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7097]
-
-testId=3803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7098]
-
-testId=20203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7099]
-
-testId=11995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7100]
-
-testId=28411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7101]
-
-testId=7883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7102]
-
-testId=24283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7103]
-
-testId=16075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7104]
-
-testId=32491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7105]
-
-testId=491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7106]
-
-testId=16843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7107]
-
-testId=8651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7108]
-
-testId=25035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7109]
-
-testId=4587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7110]
-
-testId=20971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7111]
-
-testId=12795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7112]
-
-testId=29163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7113]
-
-testId=2523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7114]
-
-testId=18891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7115]
-
-testId=10715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7116]
-
-testId=27115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7117]
-
-testId=6635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7118]
-
-testId=23035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7119]
-
-testId=14811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7120]
-
-testId=31195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7121]
-
-testId=1483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7122]
-
-testId=17899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7123]
-
-testId=9707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7124]
-
-testId=26091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7125]
-
-testId=5627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7126]
-
-testId=22011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7127]
-
-testId=13803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7128]
-
-testId=30203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7129]
-
-testId=3579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7130]
-
-testId=19931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7131]
-
-testId=11755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7132]
-
-testId=28107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7133]
-
-testId=7627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7134]
-
-testId=24027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7135]
-
-testId=15867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7136]
-
-testId=32235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7137]
-
-testId=1003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7138]
-
-testId=17371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7139]
-
-testId=9179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7140]
-
-testId=25595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7141]
-
-testId=5099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7142]
-
-testId=21499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7143]
-
-testId=13307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7144]
-
-testId=29659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7145]
-
-testId=3035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7146]
-
-testId=19451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7147]
-
-testId=11243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7148]
-
-testId=27611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7149]
-
-testId=7131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7150]
-
-testId=23531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7151]
-
-testId=15355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7152]
-
-testId=31707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7153]
-
-testId=2043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7154]
-
-testId=18379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7155]
-
-testId=10219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7156]
-
-testId=26619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7157]
-
-testId=6107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7158]
-
-testId=22475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7159]
-
-testId=14283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7160]
-
-testId=30667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7161]
-
-testId=4075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7162]
-
-testId=20427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7163]
-
-testId=12251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7164]
-
-testId=28667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7165]
-
-testId=8155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7166]
-
-testId=24555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7167]
-
-testId=16331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7168]
-
-testId=32747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7169]
-
-testId=55
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7170]
-
-testId=16423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7171]
-
-testId=8231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7172]
-
-testId=24599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7173]
-
-testId=4135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7174]
-
-testId=20487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7175]
-
-testId=12311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7176]
-
-testId=28711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7177]
-
-testId=2071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7178]
-
-testId=18455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7179]
-
-testId=10279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7180]
-
-testId=26679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7181]
-
-testId=6151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7182]
-
-testId=22551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7183]
-
-testId=14391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7184]
-
-testId=30727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7185]
-
-testId=1079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7186]
-
-testId=17447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7187]
-
-testId=9255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7188]
-
-testId=25607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7189]
-
-testId=5159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7190]
-
-testId=21527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7191]
-
-testId=13335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7192]
-
-testId=29751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7193]
-
-testId=3111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7194]
-
-testId=19463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7195]
-
-testId=11287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7196]
-
-testId=27703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7197]
-
-testId=7175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7198]
-
-testId=23559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7199]
-
-testId=15383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7200]
-
-testId=31783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7201]
-
-testId=567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7202]
-
-testId=16903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7203]
-
-testId=8727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7204]
-
-testId=25111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7205]
-
-testId=4647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7206]
-
-testId=21015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7207]
-
-testId=12807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7208]
-
-testId=29223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7209]
-
-testId=2583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7210]
-
-testId=18999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7211]
-
-testId=10775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7212]
-
-testId=27191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7213]
-
-testId=6663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7214]
-
-testId=23063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7215]
-
-testId=14887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7216]
-
-testId=31255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7217]
-
-testId=1543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7218]
-
-testId=17927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7219]
-
-testId=9783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7220]
-
-testId=26119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7221]
-
-testId=5687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7222]
-
-testId=22071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7223]
-
-testId=13847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7224]
-
-testId=30215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7225]
-
-testId=3623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7226]
-
-testId=20007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7227]
-
-testId=11831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7228]
-
-testId=28183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7229]
-
-testId=7703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7230]
-
-testId=24087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7231]
-
-testId=15927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7232]
-
-testId=32279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7233]
-
-testId=311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7234]
-
-testId=16663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7235]
-
-testId=8471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7236]
-
-testId=24855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7237]
-
-testId=4375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7238]
-
-testId=20743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7239]
-
-testId=12567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7240]
-
-testId=28967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7241]
-
-testId=2343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7242]
-
-testId=18727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7243]
-
-testId=10535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7244]
-
-testId=26903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7245]
-
-testId=6455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7246]
-
-testId=22807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7247]
-
-testId=14615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7248]
-
-testId=31015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7249]
-
-testId=1319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7250]
-
-testId=17719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7251]
-
-testId=9495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7252]
-
-testId=25863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7253]
-
-testId=5431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7254]
-
-testId=21799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7255]
-
-testId=13575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7256]
-
-testId=29991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7257]
-
-testId=3351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7258]
-
-testId=19767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7259]
-
-testId=11575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7260]
-
-testId=27943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7261]
-
-testId=7447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7262]
-
-testId=23863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7263]
-
-testId=15671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7264]
-
-testId=32023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7265]
-
-testId=807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7266]
-
-testId=17175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7267]
-
-testId=8967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7268]
-
-testId=25399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7269]
-
-testId=4903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7270]
-
-testId=21271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7271]
-
-testId=13095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7272]
-
-testId=29447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7273]
-
-testId=2855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7274]
-
-testId=19223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7275]
-
-testId=11063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7276]
-
-testId=27431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7277]
-
-testId=6919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7278]
-
-testId=23335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7279]
-
-testId=15143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7280]
-
-testId=31543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7281]
-
-testId=1799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7282]
-
-testId=18183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7283]
-
-testId=10007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7284]
-
-testId=26423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7285]
-
-testId=5943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7286]
-
-testId=22311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7287]
-
-testId=14087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7288]
-
-testId=30487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7289]
-
-testId=3863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7290]
-
-testId=20231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7291]
-
-testId=12071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7292]
-
-testId=28439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7293]
-
-testId=7959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7294]
-
-testId=24375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7295]
-
-testId=16167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7296]
-
-testId=32551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7297]
-
-testId=183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7298]
-
-testId=16567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7299]
-
-testId=8375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7300]
-
-testId=24743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7301]
-
-testId=4231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7302]
-
-testId=20631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7303]
-
-testId=12423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7304]
-
-testId=28823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7305]
-
-testId=2215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7306]
-
-testId=18599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7307]
-
-testId=10391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7308]
-
-testId=26807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7309]
-
-testId=6311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7310]
-
-testId=22679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7311]
-
-testId=14503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7312]
-
-testId=30887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7313]
-
-testId=1191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7314]
-
-testId=17543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7315]
-
-testId=9351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7316]
-
-testId=25783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7317]
-
-testId=5303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7318]
-
-testId=21671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7319]
-
-testId=13463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7320]
-
-testId=29863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7321]
-
-testId=3255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7322]
-
-testId=19623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7323]
-
-testId=11447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7324]
-
-testId=27799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7325]
-
-testId=7335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7326]
-
-testId=23735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7327]
-
-testId=15511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7328]
-
-testId=31895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7329]
-
-testId=679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7330]
-
-testId=17079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7331]
-
-testId=8871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7332]
-
-testId=25255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7333]
-
-testId=4759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7334]
-
-testId=21175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7335]
-
-testId=12951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7336]
-
-testId=29367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7337]
-
-testId=2727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7338]
-
-testId=19095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7339]
-
-testId=10887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7340]
-
-testId=27303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7341]
-
-testId=6823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7342]
-
-testId=23175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7343]
-
-testId=15015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7344]
-
-testId=31415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7345]
-
-testId=1671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7346]
-
-testId=18103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7347]
-
-testId=9911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7348]
-
-testId=26279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7349]
-
-testId=5799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7350]
-
-testId=22151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7351]
-
-testId=14007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7352]
-
-testId=30391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7353]
-
-testId=3719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7354]
-
-testId=20135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7355]
-
-testId=11943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7356]
-
-testId=28327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7357]
-
-testId=7831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7358]
-
-testId=24199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7359]
-
-testId=16055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7360]
-
-testId=32391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7361]
-
-testId=439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7362]
-
-testId=16823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7363]
-
-testId=8631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7364]
-
-testId=24983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7365]
-
-testId=4503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7366]
-
-testId=20887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7367]
-
-testId=12711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7368]
-
-testId=29111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7369]
-
-testId=2455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7370]
-
-testId=18823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7371]
-
-testId=10679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7372]
-
-testId=27031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7373]
-
-testId=6583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7374]
-
-testId=22919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7375]
-
-testId=14743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7376]
-
-testId=31111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7377]
-
-testId=1415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7378]
-
-testId=17815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7379]
-
-testId=9623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7380]
-
-testId=26007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7381]
-
-testId=5559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7382]
-
-testId=21927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7383]
-
-testId=13751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7384]
-
-testId=30103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7385]
-
-testId=3495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7386]
-
-testId=19879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7387]
-
-testId=11703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7388]
-
-testId=28055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7389]
-
-testId=7591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7390]
-
-testId=23943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7391]
-
-testId=15783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7392]
-
-testId=32151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7393]
-
-testId=919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7394]
-
-testId=17319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7395]
-
-testId=9111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7396]
-
-testId=25479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7397]
-
-testId=5047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7398]
-
-testId=21415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7399]
-
-testId=13207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7400]
-
-testId=29607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7401]
-
-testId=2967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7402]
-
-testId=19335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7403]
-
-testId=11175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7404]
-
-testId=27559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7405]
-
-testId=7063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7406]
-
-testId=23431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7407]
-
-testId=15271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7408]
-
-testId=31655
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7409]
-
-testId=1975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7410]
-
-testId=18343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7411]
-
-testId=10135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7412]
-
-testId=26551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7413]
-
-testId=6039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7414]
-
-testId=22407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7415]
-
-testId=14231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7416]
-
-testId=30631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7417]
-
-testId=4007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7418]
-
-testId=20359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7419]
-
-testId=12183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7420]
-
-testId=28599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7421]
-
-testId=8087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7422]
-
-testId=24487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7423]
-
-testId=16295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7424]
-
-testId=32647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7425]
-
-testId=87
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7426]
-
-testId=16503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7427]
-
-testId=8295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7428]
-
-testId=24695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7429]
-
-testId=4215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7430]
-
-testId=20599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7431]
-
-testId=12391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7432]
-
-testId=28759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7433]
-
-testId=2135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7434]
-
-testId=18503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7435]
-
-testId=10327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7436]
-
-testId=26711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7437]
-
-testId=6215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7438]
-
-testId=22615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7439]
-
-testId=14423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7440]
-
-testId=30823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7441]
-
-testId=1095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7442]
-
-testId=17511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7443]
-
-testId=9319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7444]
-
-testId=25671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7445]
-
-testId=5207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7446]
-
-testId=21623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7447]
-
-testId=13383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7448]
-
-testId=29783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7449]
-
-testId=3191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7450]
-
-testId=19559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7451]
-
-testId=11335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7452]
-
-testId=27719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7453]
-
-testId=7255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7454]
-
-testId=23671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7455]
-
-testId=15479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7456]
-
-testId=31831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7457]
-
-testId=631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7458]
-
-testId=16983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7459]
-
-testId=8823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7460]
-
-testId=25175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7461]
-
-testId=4695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7462]
-
-testId=21111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7463]
-
-testId=12887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7464]
-
-testId=29303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7465]
-
-testId=2631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7466]
-
-testId=19015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7467]
-
-testId=10823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7468]
-
-testId=27255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7469]
-
-testId=6727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7470]
-
-testId=23127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7471]
-
-testId=14935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7472]
-
-testId=31335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7473]
-
-testId=1607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7474]
-
-testId=17991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7475]
-
-testId=9799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7476]
-
-testId=26231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7477]
-
-testId=5719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7478]
-
-testId=22087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7479]
-
-testId=13943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7480]
-
-testId=30279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7481]
-
-testId=3703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7482]
-
-testId=20039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7483]
-
-testId=11879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7484]
-
-testId=28263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7485]
-
-testId=7751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7486]
-
-testId=24167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7487]
-
-testId=15943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7488]
-
-testId=32375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7489]
-
-testId=359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7490]
-
-testId=16743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7491]
-
-testId=8567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7492]
-
-testId=24935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7493]
-
-testId=4455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7494]
-
-testId=20807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7495]
-
-testId=12663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7496]
-
-testId=28999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7497]
-
-testId=2407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7498]
-
-testId=18775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7499]
-
-testId=10583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7500]
-
-testId=26951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7501]
-
-testId=6487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7502]
-
-testId=22855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7503]
-
-testId=14695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7504]
-
-testId=31047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7505]
-
-testId=1367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7506]
-
-testId=17735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7507]
-
-testId=9575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7508]
-
-testId=25975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7509]
-
-testId=5447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7510]
-
-testId=21831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7511]
-
-testId=13687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7512]
-
-testId=30055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7513]
-
-testId=3415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7514]
-
-testId=19815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7515]
-
-testId=11639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7516]
-
-testId=28023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7517]
-
-testId=7511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7518]
-
-testId=23927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7519]
-
-testId=15703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7520]
-
-testId=32119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7521]
-
-testId=887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7522]
-
-testId=17239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7523]
-
-testId=9079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7524]
-
-testId=25431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7525]
-
-testId=4967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7526]
-
-testId=21367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7527]
-
-testId=13175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7528]
-
-testId=29527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7529]
-
-testId=2903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7530]
-
-testId=19303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7531]
-
-testId=11079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7532]
-
-testId=27479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7533]
-
-testId=7031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7534]
-
-testId=23383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7535]
-
-testId=15207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7536]
-
-testId=31559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7537]
-
-testId=1879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7538]
-
-testId=18247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7539]
-
-testId=10103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7540]
-
-testId=26471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7541]
-
-testId=5959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7542]
-
-testId=22359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7543]
-
-testId=14151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7544]
-
-testId=30567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7545]
-
-testId=3959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7546]
-
-testId=20295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7547]
-
-testId=12135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7548]
-
-testId=28535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7549]
-
-testId=8007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7550]
-
-testId=24423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7551]
-
-testId=16231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7552]
-
-testId=32631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7553]
-
-testId=215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7554]
-
-testId=16583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7555]
-
-testId=8439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7556]
-
-testId=24823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7557]
-
-testId=4295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7558]
-
-testId=20711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7559]
-
-testId=12487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7560]
-
-testId=28903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7561]
-
-testId=2279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7562]
-
-testId=18679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7563]
-
-testId=10455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7564]
-
-testId=26839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7565]
-
-testId=6391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7566]
-
-testId=22743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7567]
-
-testId=14583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7568]
-
-testId=30967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7569]
-
-testId=1223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7570]
-
-testId=17607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7571]
-
-testId=9463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7572]
-
-testId=25815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7573]
-
-testId=5351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7574]
-
-testId=21751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7575]
-
-testId=13559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7576]
-
-testId=29895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7577]
-
-testId=3287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7578]
-
-testId=19671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7579]
-
-testId=11479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7580]
-
-testId=27847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7581]
-
-testId=7399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7582]
-
-testId=23799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7583]
-
-testId=15607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7584]
-
-testId=31959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7585]
-
-testId=727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7586]
-
-testId=17127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7587]
-
-testId=8951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7588]
-
-testId=25287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7589]
-
-testId=4855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7590]
-
-testId=21223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7591]
-
-testId=13015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7592]
-
-testId=29431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7593]
-
-testId=2775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7594]
-
-testId=19159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7595]
-
-testId=10983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7596]
-
-testId=27367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7597]
-
-testId=6903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7598]
-
-testId=23255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7599]
-
-testId=15063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7600]
-
-testId=31479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7601]
-
-testId=1783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7602]
-
-testId=18119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7603]
-
-testId=9975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7604]
-
-testId=26359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7605]
-
-testId=5863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7606]
-
-testId=22215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7607]
-
-testId=14023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7608]
-
-testId=30407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7609]
-
-testId=3831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7610]
-
-testId=20199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7611]
-
-testId=11991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7612]
-
-testId=28359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7613]
-
-testId=7911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7614]
-
-testId=24311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7615]
-
-testId=16087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7616]
-
-testId=32455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7617]
-
-testId=503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7618]
-
-testId=16871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7619]
-
-testId=8663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7620]
-
-testId=25063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7621]
-
-testId=4551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7622]
-
-testId=20983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7623]
-
-testId=12791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7624]
-
-testId=29159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7625]
-
-testId=2503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7626]
-
-testId=18935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7627]
-
-testId=10695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7628]
-
-testId=27095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7629]
-
-testId=6631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7630]
-
-testId=23015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7631]
-
-testId=14807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7632]
-
-testId=31191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7633]
-
-testId=1511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7634]
-
-testId=17879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7635]
-
-testId=9703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7636]
-
-testId=26055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7637]
-
-testId=5607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7638]
-
-testId=21975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7639]
-
-testId=13815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7640]
-
-testId=30167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7641]
-
-testId=3527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7642]
-
-testId=19959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7643]
-
-testId=11719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7644]
-
-testId=28151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7645]
-
-testId=7639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7646]
-
-testId=24007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7647]
-
-testId=15863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7648]
-
-testId=32231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7649]
-
-testId=1015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7650]
-
-testId=17367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7651]
-
-testId=9207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7652]
-
-testId=25543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7653]
-
-testId=5079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7654]
-
-testId=21479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7655]
-
-testId=13271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7656]
-
-testId=29687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7657]
-
-testId=3047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7658]
-
-testId=19415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7659]
-
-testId=11207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7660]
-
-testId=27623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7661]
-
-testId=7143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7662]
-
-testId=23543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7663]
-
-testId=15335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7664]
-
-testId=31735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7665]
-
-testId=2007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7666]
-
-testId=18407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7667]
-
-testId=10215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7668]
-
-testId=26567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7669]
-
-testId=6103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7670]
-
-testId=22487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7671]
-
-testId=14327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7672]
-
-testId=30711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7673]
-
-testId=4055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7674]
-
-testId=20439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7675]
-
-testId=12263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7676]
-
-testId=28663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7677]
-
-testId=8183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7678]
-
-testId=24567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7679]
-
-testId=16359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7680]
-
-testId=32743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7681]
-
-testId=15
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7682]
-
-testId=16447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7683]
-
-testId=8207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7684]
-
-testId=24623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7685]
-
-testId=4127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7686]
-
-testId=20511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7687]
-
-testId=12319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7688]
-
-testId=28687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7689]
-
-testId=2111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7690]
-
-testId=18463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7691]
-
-testId=10255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7692]
-
-testId=26687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7693]
-
-testId=6207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7694]
-
-testId=22559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7695]
-
-testId=14351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7696]
-
-testId=30735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7697]
-
-testId=1055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7698]
-
-testId=17439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7699]
-
-testId=9247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7700]
-
-testId=25631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7701]
-
-testId=5151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7702]
-
-testId=21535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7703]
-
-testId=13343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7704]
-
-testId=29759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7705]
-
-testId=3135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7706]
-
-testId=19487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7707]
-
-testId=11279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7708]
-
-testId=27711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7709]
-
-testId=7183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7710]
-
-testId=23615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7711]
-
-testId=15391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7712]
-
-testId=31775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7713]
-
-testId=575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7714]
-
-testId=16927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7715]
-
-testId=8751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7716]
-
-testId=25135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7717]
-
-testId=4671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7718]
-
-testId=21007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7719]
-
-testId=12847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7720]
-
-testId=29247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7721]
-
-testId=2591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7722]
-
-testId=18991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7723]
-
-testId=10783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7724]
-
-testId=27151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7725]
-
-testId=6671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7726]
-
-testId=23087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7727]
-
-testId=14911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7728]
-
-testId=31247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7729]
-
-testId=1583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7730]
-
-testId=17951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7731]
-
-testId=9759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7732]
-
-testId=26143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7733]
-
-testId=5663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7734]
-
-testId=22031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7735]
-
-testId=13871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7736]
-
-testId=30271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7737]
-
-testId=3615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7738]
-
-testId=20015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7739]
-
-testId=11839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7740]
-
-testId=28191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7741]
-
-testId=7711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7742]
-
-testId=24079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7743]
-
-testId=15935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7744]
-
-testId=32319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7745]
-
-testId=319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7746]
-
-testId=16671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7747]
-
-testId=8495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7748]
-
-testId=24863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7749]
-
-testId=4383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7750]
-
-testId=20751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7751]
-
-testId=12575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7752]
-
-testId=28991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7753]
-
-testId=2319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7754]
-
-testId=18719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7755]
-
-testId=10559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7756]
-
-testId=26927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7757]
-
-testId=6431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7758]
-
-testId=22799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7759]
-
-testId=14639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7760]
-
-testId=31023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7761]
-
-testId=1311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7762]
-
-testId=17711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7763]
-
-testId=9535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7764]
-
-testId=25887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7765]
-
-testId=5391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7766]
-
-testId=21807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7767]
-
-testId=13583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7768]
-
-testId=29999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7769]
-
-testId=3391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7770]
-
-testId=19775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7771]
-
-testId=11567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7772]
-
-testId=27951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7773]
-
-testId=7439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7774]
-
-testId=23871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7775]
-
-testId=15631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7776]
-
-testId=32015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7777]
-
-testId=799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7778]
-
-testId=17215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7779]
-
-testId=9007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7780]
-
-testId=25391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7781]
-
-testId=4895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7782]
-
-testId=21295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7783]
-
-testId=13071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7784]
-
-testId=29503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7785]
-
-testId=2847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7786]
-
-testId=19231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7787]
-
-testId=11055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7788]
-
-testId=27407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7789]
-
-testId=6959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7790]
-
-testId=23359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7791]
-
-testId=15151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7792]
-
-testId=31551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7793]
-
-testId=1807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7794]
-
-testId=18207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7795]
-
-testId=10031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7796]
-
-testId=26431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7797]
-
-testId=5903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7798]
-
-testId=22303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7799]
-
-testId=14143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7800]
-
-testId=30495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7801]
-
-testId=3871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7802]
-
-testId=20287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7803]
-
-testId=12079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7804]
-
-testId=28431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7805]
-
-testId=7951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7806]
-
-testId=24351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7807]
-
-testId=16143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7808]
-
-testId=32527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7809]
-
-testId=191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7810]
-
-testId=16527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7811]
-
-testId=8383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7812]
-
-testId=24751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7813]
-
-testId=4239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7814]
-
-testId=20623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7815]
-
-testId=12463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7816]
-
-testId=28863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7817]
-
-testId=2223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7818]
-
-testId=18575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7819]
-
-testId=10431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7820]
-
-testId=26799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7821]
-
-testId=6287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7822]
-
-testId=22671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7823]
-
-testId=14527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7824]
-
-testId=30879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7825]
-
-testId=1199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7826]
-
-testId=17551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7827]
-
-testId=9375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7828]
-
-testId=25791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7829]
-
-testId=5279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7830]
-
-testId=21647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7831]
-
-testId=13503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7832]
-
-testId=29855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7833]
-
-testId=3215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7834]
-
-testId=19647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7835]
-
-testId=11439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7836]
-
-testId=27823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7837]
-
-testId=7327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7838]
-
-testId=23711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7839]
-
-testId=15551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7840]
-
-testId=31919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7841]
-
-testId=687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7842]
-
-testId=17087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7843]
-
-testId=8847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7844]
-
-testId=25263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7845]
-
-testId=4783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7846]
-
-testId=21183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7847]
-
-testId=12991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7848]
-
-testId=29359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7849]
-
-testId=2735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7850]
-
-testId=19135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7851]
-
-testId=10927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7852]
-
-testId=27295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7853]
-
-testId=6799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7854]
-
-testId=23183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7855]
-
-testId=15007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7856]
-
-testId=31391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7857]
-
-testId=1695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7858]
-
-testId=18063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7859]
-
-testId=9919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7860]
-
-testId=26271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7861]
-
-testId=5775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7862]
-
-testId=22159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7863]
-
-testId=13999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7864]
-
-testId=30351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7865]
-
-testId=3759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7866]
-
-testId=20127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7867]
-
-testId=11951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7868]
-
-testId=28351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7869]
-
-testId=7823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7870]
-
-testId=24255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7871]
-
-testId=16047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7872]
-
-testId=32415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7873]
-
-testId=415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7874]
-
-testId=16815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7875]
-
-testId=8607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7876]
-
-testId=25023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7877]
-
-testId=4543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7878]
-
-testId=20911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7879]
-
-testId=12687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7880]
-
-testId=29071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7881]
-
-testId=2447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7882]
-
-testId=18831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7883]
-
-testId=10687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7884]
-
-testId=27023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7885]
-
-testId=6591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7886]
-
-testId=22975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7887]
-
-testId=14735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7888]
-
-testId=31151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7889]
-
-testId=1455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7890]
-
-testId=17855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7891]
-
-testId=9663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7892]
-
-testId=26031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7893]
-
-testId=5551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7894]
-
-testId=21935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7895]
-
-testId=13711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7896]
-
-testId=30111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7897]
-
-testId=3519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7898]
-
-testId=19871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7899]
-
-testId=11663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7900]
-
-testId=28063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7901]
-
-testId=7615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7902]
-
-testId=23951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7903]
-
-testId=15759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7904]
-
-testId=32191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7905]
-
-testId=943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7906]
-
-testId=17327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7907]
-
-testId=9119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7908]
-
-testId=25519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7909]
-
-testId=5055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7910]
-
-testId=21391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7911]
-
-testId=13247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7912]
-
-testId=29583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7913]
-
-testId=3007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7914]
-
-testId=19391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7915]
-
-testId=11167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7916]
-
-testId=27551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7917]
-
-testId=7071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7918]
-
-testId=23487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7919]
-
-testId=15247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7920]
-
-testId=31647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7921]
-
-testId=1983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7922]
-
-testId=18351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7923]
-
-testId=10127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7924]
-
-testId=26559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7925]
-
-testId=6031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7926]
-
-testId=22447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7927]
-
-testId=14223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7928]
-
-testId=30607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7929]
-
-testId=3983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7930]
-
-testId=20367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7931]
-
-testId=12191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7932]
-
-testId=28591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7933]
-
-testId=8079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7934]
-
-testId=24463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7935]
-
-testId=16287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7936]
-
-testId=32671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7937]
-
-testId=79
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7938]
-
-testId=16495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7939]
-
-testId=8271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7940]
-
-testId=24671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7941]
-
-testId=4207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7942]
-
-testId=20575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7943]
-
-testId=12383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7944]
-
-testId=28783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7945]
-
-testId=2143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7946]
-
-testId=18511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7947]
-
-testId=10335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7948]
-
-testId=26751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7949]
-
-testId=6239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7950]
-
-testId=22639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7951]
-
-testId=14415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7952]
-
-testId=30815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7953]
-
-testId=1103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7954]
-
-testId=17487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7955]
-
-testId=9343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7956]
-
-testId=25711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7957]
-
-testId=5215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7958]
-
-testId=21615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7959]
-
-testId=13439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7960]
-
-testId=29807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7961]
-
-testId=3183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7962]
-
-testId=19583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7963]
-
-testId=11343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7964]
-
-testId=27759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7965]
-
-testId=7263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7966]
-
-testId=23663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7967]
-
-testId=15455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7968]
-
-testId=31855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7969]
-
-testId=623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7970]
-
-testId=16991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7971]
-
-testId=8815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7972]
-
-testId=25215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7973]
-
-testId=4703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7974]
-
-testId=21087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7975]
-
-testId=12895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7976]
-
-testId=29279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7977]
-
-testId=2687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7978]
-
-testId=19071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7979]
-
-testId=10863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7980]
-
-testId=27215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7981]
-
-testId=6767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7982]
-
-testId=23151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7983]
-
-testId=14959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7984]
-
-testId=31359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7985]
-
-testId=1615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7986]
-
-testId=18031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7987]
-
-testId=9807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7988]
-
-testId=26191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7989]
-
-testId=5759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7990]
-
-testId=22143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7991]
-
-testId=13935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7992]
-
-testId=30287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7993]
-
-testId=3679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7994]
-
-testId=20095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7995]
-
-testId=11903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7996]
-
-testId=28239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7997]
-
-testId=7775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7998]
-
-testId=24159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-7999]
-
-testId=15983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8000]
-
-testId=32367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8001]
-
-testId=367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8002]
-
-testId=16767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8003]
-
-testId=8527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8004]
-
-testId=24959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8005]
-
-testId=4447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8006]
-
-testId=20815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8007]
-
-testId=12639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8008]
-
-testId=29055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8009]
-
-testId=2383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8010]
-
-testId=18815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8011]
-
-testId=10607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8012]
-
-testId=26959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8013]
-
-testId=6479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8014]
-
-testId=22863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8015]
-
-testId=14671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8016]
-
-testId=31055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8017]
-
-testId=1407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8018]
-
-testId=17743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8019]
-
-testId=9567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8020]
-
-testId=25983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8021]
-
-testId=5471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8022]
-
-testId=21871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8023]
-
-testId=13695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8024]
-
-testId=30079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8025]
-
-testId=3439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8026]
-
-testId=19791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8027]
-
-testId=11615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8028]
-
-testId=28031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8029]
-
-testId=7519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8030]
-
-testId=23903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8031]
-
-testId=15695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8032]
-
-testId=32127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8033]
-
-testId=879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8034]
-
-testId=17279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8035]
-
-testId=9071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8036]
-
-testId=25439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8037]
-
-testId=4943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8038]
-
-testId=21327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8039]
-
-testId=13151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8040]
-
-testId=29535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8041]
-
-testId=2895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8042]
-
-testId=19295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8043]
-
-testId=11103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8044]
-
-testId=27487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8045]
-
-testId=7023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8046]
-
-testId=23375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8047]
-
-testId=15231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8048]
-
-testId=31615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8049]
-
-testId=1919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8050]
-
-testId=18303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8051]
-
-testId=10063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8052]
-
-testId=26495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8053]
-
-testId=6015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8054]
-
-testId=22399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8055]
-
-testId=14207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8056]
-
-testId=30543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8057]
-
-testId=3919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8058]
-
-testId=20319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8059]
-
-testId=12159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8060]
-
-testId=28527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8061]
-
-testId=8015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8062]
-
-testId=24399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8063]
-
-testId=16207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8064]
-
-testId=32623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8065]
-
-testId=207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8066]
-
-testId=16639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8067]
-
-testId=8399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8068]
-
-testId=24815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8069]
-
-testId=4351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8070]
-
-testId=20719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8071]
-
-testId=12495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8072]
-
-testId=28879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8073]
-
-testId=2287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8074]
-
-testId=18671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8075]
-
-testId=10479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8076]
-
-testId=26879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8077]
-
-testId=6367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8078]
-
-testId=22767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8079]
-
-testId=14591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8080]
-
-testId=30959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8081]
-
-testId=1263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8082]
-
-testId=17663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8083]
-
-testId=9471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8084]
-
-testId=25839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8085]
-
-testId=5359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8086]
-
-testId=21743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8087]
-
-testId=13567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8088]
-
-testId=29919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8089]
-
-testId=3295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8090]
-
-testId=19695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8091]
-
-testId=11487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8092]
-
-testId=27887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8093]
-
-testId=7375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8094]
-
-testId=23807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8095]
-
-testId=15615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8096]
-
-testId=31951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8097]
-
-testId=719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8098]
-
-testId=17119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8099]
-
-testId=8911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8100]
-
-testId=25343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8101]
-
-testId=4863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8102]
-
-testId=21215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8103]
-
-testId=13007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8104]
-
-testId=29391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8105]
-
-testId=2815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8106]
-
-testId=19199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8107]
-
-testId=11007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8108]
-
-testId=27359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8109]
-
-testId=6911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8110]
-
-testId=23295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8111]
-
-testId=15071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8112]
-
-testId=31439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8113]
-
-testId=1791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8114]
-
-testId=18143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8115]
-
-testId=9983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8116]
-
-testId=26319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8117]
-
-testId=5871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8118]
-
-testId=22271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8119]
-
-testId=14063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8120]
-
-testId=30447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8121]
-
-testId=3839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8122]
-
-testId=20175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8123]
-
-testId=11999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8124]
-
-testId=28383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8125]
-
-testId=7903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8126]
-
-testId=24271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8127]
-
-testId=16079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8128]
-
-testId=32511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8129]
-
-testId=511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8130]
-
-testId=16879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8131]
-
-testId=8703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8132]
-
-testId=25071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8133]
-
-testId=4591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8134]
-
-testId=20991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8135]
-
-testId=12799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8136]
-
-testId=29183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8137]
-
-testId=2559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8138]
-
-testId=18895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8139]
-
-testId=10719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8140]
-
-testId=27087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8141]
-
-testId=6655
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8142]
-
-testId=23039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8143]
-
-testId=14847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8144]
-
-testId=31183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8145]
-
-testId=1503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8146]
-
-testId=17919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8147]
-
-testId=9679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8148]
-
-testId=26095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8149]
-
-testId=5615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8150]
-
-testId=21983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8151]
-
-testId=13807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8152]
-
-testId=30207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8153]
-
-testId=3535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8154]
-
-testId=19967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8155]
-
-testId=11727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8156]
-
-testId=28143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8157]
-
-testId=7679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8158]
-
-testId=24015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8159]
-
-testId=15855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8160]
-
-testId=32207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8161]
-
-testId=975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8162]
-
-testId=17407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8163]
-
-testId=9183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8164]
-
-testId=25599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8165]
-
-testId=5119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8166]
-
-testId=21455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8167]
-
-testId=13295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8168]
-
-testId=29663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8169]
-
-testId=3023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8170]
-
-testId=19407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8171]
-
-testId=11263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8172]
-
-testId=27599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8173]
-
-testId=7167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8174]
-
-testId=23519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8175]
-
-testId=15327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8176]
-
-testId=31743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8177]
-
-testId=2031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8178]
-
-testId=18383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8179]
-
-testId=10223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8180]
-
-testId=26575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8181]
-
-testId=6143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8182]
-
-testId=22527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8183]
-
-testId=14287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8184]
-
-testId=30719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8185]
-
-testId=4047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8186]
-
-testId=20447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8187]
-
-testId=12287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8188]
-
-testId=28639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8189]
-
-testId=8159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8190]
-
-testId=24527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8191]
-
-testId=16351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
-[Test-8192]
-
-testId=32735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA 
-timeout=9
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
deleted file mode 100644
index 48457fe42..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* include replacer-generated variables file */
-
-
-#include "ssl.h"
-#include "sslproto.h"
-
-#include "sslt.h"
-#include "sslc.h"
-#include "ssls.h"
-
-#include "pk11func.h"
-
-#define MAX_CIPHERS 100
-
-struct cipherspec cipher_array[MAX_CIPHERS];
-int cipher_array_size=0;
-char *password = "";
-char *nickname = "SSLServer";
-char *client_nick = "SSLClient";
-
-void InitCiphers() {
-  int i=0;
-
-/* These ciphers are listed in priority order. */
-  DIPHER(2,SSL_ALLOWED,128,40,     "RC2-CBC-Export", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
-    CIPHER(2,SSL_NOT_ALLOWED,128,128,"RC4",            EN_RC4_128_WITH_MD5)
-    CIPHER(2,SSL_ALLOWED,128,40,     "RC4-Export",     EN_RC4_128_EXPORT40_WITH_MD5)
-    DIPHER(2,SSL_NOT_ALLOWED,128,128,"RC2-CBC",        EN_RC2_128_CBC_WITH_MD5)
-    DIPHER(2,SSL_ALLOWED,128,40,     "RC2-CBC-40", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
-    DIPHER(2,SSL_NOT_ALLOWED,128,128,"IDEA-CBC",       EN_IDEA_128_CBC_WITH_MD5)
-    DIPHER(2,SSL_NOT_ALLOWED,56,56,  "DES-CBC",        EN_DES_64_CBC_WITH_MD5)
-    CIPHER(2,SSL_NOT_ALLOWED,168,168,"DES-EDE3-CBC",   EN_DES_192_EDE3_CBC_WITH_MD5)
-  /* SSL 3 suites */
-
-    CIPHER(3,SSL_RESTRICTED,128,128, "RC4",            RSA_WITH_RC4_128_MD5)
-    DIPHER(3,SSL_RESTRICTED,128,128, "RC4",            RSA_WITH_RC4_128_SHA)
-    CIPHER(3,SSL_RESTRICTED,168,168, "3DES-EDE-CBC",   RSA_WITH_3DES_EDE_CBC_SHA)
-    CIPHER(3,SSL_NOT_ALLOWED,56,56,"DES-CBC",        RSA_WITH_DES_CBC_SHA)
-    CIPHER(3,SSL_ALLOWED,128,40,     "RC4-40",         RSA_EXPORT_WITH_RC4_40_MD5)
-    CIPHER(3,SSL_ALLOWED,128,40,     "RC2-CBC-40",     RSA_EXPORT_WITH_RC2_CBC_40_MD5)
-
-    DIPHER(3,SSL_ALLOWED,0,0,        "NULL",           NULL_WITH_NULL_NULL)
-    DIPHER(3,SSL_ALLOWED,0,0,        "NULL",           RSA_WITH_NULL_MD5)
-    DIPHER(3,SSL_ALLOWED,0,0,        "NULL",           RSA_WITH_NULL_SHA)
-
-#if 0
-    DIPHER(3,SSL_NOT_ALLOWED,0,0,    "IDEA-CBC",       RSA_WITH_IDEA_CBC_SHA)
-    DIPHER(3,SSL_ALLOWED,128,40,     "DES-CBC-40",     RSA_EXPORT_WITH_DES40_CBC_SHA)
-#endif
-
-  /*
-    
-  CIPHER(DH_DSS_EXPORT_WITH_DES40_CBC_SHA),
-  CIPHER(DH_DSS_WITH_DES_CBC_SHA),
-  CIPHER(DH_DSS_WITH_3DES_EDE_CBC_SHA),
-  CIPHER(DH_RSA_EXPORT_WITH_DES40_CBC_SHA),
-  CIPHER(DH_RSA_WITH_DES_CBC_SHA),
-  CIPHER(DH_RSA_WITH_3DES_EDE_CBC_SHA),
-  CIPHER(DHE_DSS_EXPORT_WITH_DES40_CBC_SHA),
-  CIPHER(DHE_DSS_WITH_DES_CBC_SHA),
-  CIPHER(DHE_DSS_WITH_3DES_EDE_CBC_SHA),
-  CIPHER(DHE_RSA_EXPORT_WITH_DES40_CBC_SHA),
-  CIPHER(DHE_RSA_WITH_DES_CBC_SHA),
-  CIPHER(DHE_RSA_WITH_3DES_EDE_CBC_SHA),
-
-  CIPHER(DH_ANON_EXPORT_WITH_RC4_40_MD5),
-  CIPHER(DH_ANON_WITH_RC4_128_MD5),
-  CIPHER(DH_ANON_WITH_DES_CBC_SHA),
-  CIPHER(DH_ANON_WITH_3DES_EDE_CBC_SHA),
-
-  CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza",        FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),
-  CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza",        FORTEZZA_DMS_WITH_RC4_128_SHA),
-
-  */
-
-    DIPHER(3,SSL_NOT_ALLOWED,192,192,"3DES-EDE-CBC",RSA_FIPS_WITH_3DES_EDE_CBC_SHA)
-    DIPHER(3,SSL_NOT_ALLOWED,64,64,  "DES-CBC",       RSA_FIPS_WITH_DES_CBC_SHA)
-    
-    cipher_array_size =i;
-}
-
-
-
-/* ClearCiphers()
- *   Clear out all ciphers */
-
-void ClearCiphers(struct ThreadData *td) {
-int i;
-
-for (i=0;i<cipher_array_size;i++) {
-SSL_EnableCipher(cipher_array[i].enableid,0);
-}
-}
-
-
-/* EnableCiphers
- *   enable only those ciphers set for this test */
-
-void EnableCiphers(struct ThreadData *td) {
-  int i;
-
-  for (i=0;i<cipher_array_size;i++) {
-    if (cipher_array[i].on) {
-      SSL_EnableCipher(cipher_array[i].enableid,1);
-    }
-  }
-}
-
-/* SetPolicy */
-
-void SetPolicy() {
-  int i;
-
-  for (i=0;i<cipher_array_size;i++) {
-    if (REP_Policy == POLICY_DOMESTIC) {
-      SSL_SetPolicy(cipher_array[i].enableid,SSL_ALLOWED);
-    }
-    else {
-      SSL_SetPolicy(cipher_array[i].enableid,cipher_array[i].exportable);
-    }
-  }
-}
-
-char *MyPWFunc(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
-    static PRBool called=PR_FALSE;
-    if(called) {
-	return NULL;
-    } else {
-	called = PR_TRUE;
-	return PL_strdup(password);
-    }
-}
-
-/* 
- * VersionEnables
- *  errors (40-49)
- */
-
-int Version2Enable(PRFileDesc *s, int v) {
-  if (SSL_Enable(s, SSL_ENABLE_SSL2, 1) <0) return Error(43);
-  else return 0;
-}
-
-int Version3Enable(PRFileDesc *s) {
-    if (SSL_Enable(s, SSL_ENABLE_SSL3, 1) <0) return Error(42);
-    else return 0;
-}
-
-int Version23Clear(PRFileDesc *s) {
-  if (SSL_Enable(s,SSL_ENABLE_SSL2,0) <0) return Error(40);
-  if (SSL_Enable(s,SSL_ENABLE_SSL3,0) <0) return Error(41);
-  return 0;
-}
-
-
-
-char *nicknames[MAX_NICKNAME];
-
-void SetupNickNames() {
-  nicknames[CLIENT_CERT_VERISIGN]        = "CLIENT_CERT_VERISIGN";
-  nicknames[CLIENT_CERT_HARDCOREII_1024] = "CLIENT_CERT_HARDCOREII_1024";
-  nicknames[CLIENT_CERT_HARDCOREII_512]  = "CLIENT_CERT_HARDCOREII_512";
-  nicknames[CLIENT_CERT_SPARK]           = "CLIENT_CERT_SPARK";
-  nicknames[SERVER_CERT_HARDCOREII_512]  = nickname;
-  /* nicknames[SERVER_CERT_HARDCOREII_512]  = "SERVER_CERT_HARDCOREII_512"; */
-  nicknames[SERVER_CERT_VERISIGN_REGULAR]= "SERVER_CERT_VERISIGN_REGULAR";
-  nicknames[SERVER_CERT_VERISIGN_STEPUP] = "SERVER_CERT_VERISIGN_STEPUP";
-  nicknames[SERVER_CERT_SPARK]           = "SERVER_CERT_SPARK";
-}
-
-
-
-
-
-
-
-/* 
- * SetServerSecParms
- * errors(10-19)
- */
-
-int SetServerSecParms(struct ThreadData *td) {
-  int rv;
-  SECKEYPrivateKey *privKey;
-  PRFileDesc *s;
-
-  s = td->r;
-
-  rv = SSL_Enable(s, SSL_SECURITY, 1);     /* Enable security on this socket */
-  if (rv < 0)  return Error(10);
-
-  if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
-    rv = SSL_Enable(s, SSL_REQUEST_CERTIFICATE, 1);
-    if (rv < 0)  return Error(11);
-    }
-
-  ClearCiphers(td);
-  EnableCiphers(td);
-
-  PK11_SetPasswordFunc(MyPWFunc);
-  SSL_SetPKCS11PinArg(s,(void*) MyPWFunc);
-
-
-  /* Find the certificates we are going to use from the database */
-
-
-  /* Test for dummy certificate, which shouldn't exist */
-  td->cert = PK11_FindCertFromNickname("XXXXXX_CERT_HARDCOREII_1024",NULL);
-  if (td->cert != NULL) return Error(16);
-
-
-  td->cert = NULL;
-  if (NO_CERT != REP_ServerCert) {
-    td->cert = PK11_FindCertFromNickname(nicknames[REP_ServerCert],NULL);
-  }
-
-
-  /* Note: if we're set to use NO_CERT as the server cert, then we'll
-   * just essentially skip the rest of this (except for session ID cache setup)
-   */
-
-  
-  if ( (NULL == td->cert)  && ( NO_CERT != REP_ServerCert )) {
-    PR_fprintf(PR_STDERR, "Can't find certificate %s\n", nicknames[REP_ServerCert]);
-    PR_fprintf(PR_STDERR, "Server: Seclib error: %s\n",
-	       SECU_ErrorString ((int16) PR_GetError()));
-    return Error(12);
-  }
-  
-
-  if ((NO_CERT != REP_ServerCert)) {
-    privKey = PK11_FindKeyByAnyCert(td->cert, NULL);
-    if (privKey == NULL) {
-      dbmsg((PR_STDERR, "Can't find key for this certificate\n"));
-      return Error(13);
-    }
-    
-    rv = SSL_ConfigSecureServer(s,td->cert,privKey, kt_rsa);
-    if (rv != PR_SUCCESS) {
-      dbmsg((PR_STDERR, "Can't config server error(%d) \n",rv));
-      return Error(14);
-    }
-  }
-  
-  rv = SSL_ConfigServerSessionIDCache(10, 0, 0, ".");
-  if (rv != 0) {    
-    dbmsg((PR_STDERR, "Can't config server session ID cache (%d) \n",rv));
-    return Error(15);
-  }
-
-  return 0;
-}
-
-
-
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
deleted file mode 100644
index 58af6b14e..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLC_H
-#define SSLC_H
-
-#include "ssls.h"
-
-struct cipherspec {
-  int sslversion;  /* either 2 or 3 */
-  int exportable;  /* 0=domestic cipher,  1=exportable */
-  int ks,sks;      /* key size, secret key size (bits) */
-  char *name;      /* name expected from SecurityStatus */
-  int enableid;    /* the cipher id used by SSL_EnableCipher */
-  int on;          /* 0= do not enable this cipher, 1 = enable */
-};
-
-
-/* Ugly way to generate code to fill in cipher_array struct */
-/* I wanted to make this part of the static structure initialization,
-   but some compilers complain that the .on field is not constant */
-
-#define CIPHER(p_sslversion,p_policy,p_ks,p_sks,p_name,p_x) {\
- cipher_array[i].sslversion = p_sslversion; \
- cipher_array[i].exportable = p_policy;     \
- cipher_array[i].ks         = p_ks;         \
- cipher_array[i].sks        = p_sks;        \
- cipher_array[i].name       = p_name;       \
- cipher_array[i].enableid   = SSL_ ## p_x;  \
- cipher_array[i].on         = REP_Cipher_ ## p_x; \
- i++; }
-
-/* A DIPHER is a disabled-cipher (don't run the test suite) */
-#define DIPHER(sslversion,policy,ks,sks,name,x)  ;
-
-
-/* These constants are indexes into the 'nicknames' array */
-
-#define NO_CERT                       -1
-#define CLIENT_CERT_VERISIGN          1
-#define CLIENT_CERT_HARDCOREII_1024   2
-#define CLIENT_CERT_HARDCOREII_512    3
-#define CLIENT_CERT_SPARK             4
-#define SERVER_CERT_HARDCOREII_512    5
-#define SERVER_CERT_VERISIGN_REGULAR  6
-#define SERVER_CERT_VERISIGN_STEPUP   7
-#define SERVER_CERT_SPARK             8
-#define MAX_NICKNAME                  10
-
-extern struct cipherspec cipher_array[];
-extern int cipher_array_size;
-
-extern void ClearCiphers();
-extern void EnableCiphers();
-extern void SetPolicy();
-extern int  Version2Enable();
-extern int  Version3Enable();
-extern int  Version23Clear();
-extern char *nicknames[];
-extern void SetupNickNames();
-extern int  SetServerSecParms(struct ThreadData *td);
-
-
-#endif
-/* SSLC_H */
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
deleted file mode 100644
index b406f335f..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "ssls.h"
-
-#include <ssl.h>
-#include <sslproto.h>
-
-/* 21 lines x 8 chars = 168 bytes */
-
-
-#if 1
-unsigned char data[] = {
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
-  0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08
-};
-
-#else
-
-unsigned char data[] = {
-  0x2e, 0x86, 0x53, 0x10, 0x4f, 0x38, 0x34, 0xea,
-  0x4b, 0xd3, 0x88, 0xff, 0x6c, 0xd8, 0x1d, 0x4f,
-  0x20, 0xb9, 0xe7, 0x67, 0xb2, 0xfb, 0x14, 0x56,
-  0x55, 0x57, 0x93, 0x80, 0xd7, 0x71, 0x38, 0xef,
-
-  0x6c, 0xc5, 0xde, 0xfa, 0xaf, 0x04, 0x51, 0x2f,
-  0x0d, 0x9f, 0x27, 0x9b, 0xa5, 0xd8, 0x72, 0x60,
-  0xd9, 0x03, 0x1b, 0x02, 0x71, 0xbd, 0x5a, 0x0a,
-  0x42, 0x42, 0x50, 0xb3, 0x7c, 0x3d, 0xd9, 0x51,
-
-  0xb8, 0x06, 0x1b, 0x7e, 0xcd, 0x9a, 0x21, 0xe5,
-  0xf1, 0x5d, 0x0f, 0x28, 0x6b, 0x65, 0xbd, 0x28,
-  0xad, 0xd0, 0xcc, 0x8d, 0x6e, 0x5d, 0xeb, 0xa1,
-  0xe6, 0xd5, 0xf8, 0x27, 0x52, 0xad, 0x63, 0xd1,
-
-  0xec, 0xbf, 0xe3, 0xbd, 0x3f, 0x59, 0x1a, 0x5e,
-  0xf3, 0x56, 0x83, 0x43, 0x79, 0xd1, 0x65, 0xcd,
-  0x2b, 0x9f, 0x98, 0x2f, 0x20, 0x03, 0x7f, 0xa9,
-  0x88, 0x9d, 0xe0, 0x68, 0xa1, 0x6f, 0x0b, 0xe6,
-
-  0xe1, 0x9e, 0x27, 0x5d, 0x84, 0x6a, 0x12, 0x98,
-  0x32, 0x9a, 0x8e, 0xd5, 0x23, 0xd7, 0x1a, 0xec,
-  0xe7, 0xfc, 0xe2, 0x25, 0x57, 0xd2, 0x3c, 0x97,
-  0x12, 0xa9, 0xf5, 0x81, 0x7f, 0xf2, 0xd6, 0x5d,
-
-  0xa4, 0x84, 0xc3, 0xad, 0x38, 0xdc, 0x9c, 0x19
-};
-#endif
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
deleted file mode 100644
index deb3fc1ff..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLS_H
-#define SSLS_H
-
-#include <prinit.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prmem.h>
-#include <plstr.h>
-#include <prnetdb.h>
-#include <prinrval.h>
-
-
-#include <cert.h>
-
-extern struct CipherPolicy ciphers[];
-extern struct CipherPair policy[];
-
-extern unsigned char data[];
-
-#define BUFSIZE 3955   /* some arbitrary size not a multiple of 2^x */
-
-struct ThreadData {     /* place to put thread-local data. */
-
-  PRFileDesc *fd;             /* NSPR File Desc        */
-  PRFileDesc *s;             /* The secure File Desc  */
-  PRFileDesc *r;             /* Rendezvous socket (not used right now */
-  PRPollDesc pd;
-  CERTCertificate  *cert;
-  CERTCertificate  *peercert;
-
-  struct ThreadData *peer;
-
-  PRNetAddr  na;
-  PRThread   *subthread;
-  
-  int   peerport;
-  int   client;
-
-  char  sendbuf[BUFSIZE];
-  char  recvbuf[BUFSIZE];
-  int   data_read;
-  int   data_sent;
-  int   data_tosend;
-  int   state;
-  unsigned char  xor_reading;
-  unsigned char  xor_writing;
-  
-  int   exit_code;
-  int   secerr_flag;
-  int   secerr;
-
-
-#define SSLT_INITIAL_FORCE 1
-#define SSLT_FIRST_IO      2
-#define SSLT_REDO          4
-
-  int   status_on;
-  char *status_cipher;
-  int   status_keysize;
-  int   status_skeysize;
-  char *status_issuer;
-  char *status_subject;
-
-};
-
-
-#define POLICY_DOMESTIC 0
-#define POLICY_EXPORT 1
-
-
-extern int VerifyBuffer(char *recvbuf,int bufsize,int done, char xor);
-extern void FillBuffer(char *sendbuf,int bufsize, int offset, char xor);
-extern void HandshakeCallback(PRFileDesc *s, void *td);
-
-
-#define DATABUFSIZE 168
-#define CLIENTXOR   0xA5
-
-#define BLOCKING      0
-#define NON_BLOCKING  1
-
-#define STATE_BEFORE_INITIAL_HANDSHAKE  0
-#define STATE_BEFORE_REDO_HANDSHAKE     1
-#define STATE_STATUS_COLLECTED          2
-#define STATE_DONE_WRITING              3
-#define STATE_DONE_READING              4
-#define STATE_DONE                      5
-
-#define SSLT_CLIENTAUTH_OFF     1
-#define SSLT_CLIENTAUTH_REDO    2
-#define SSLT_CLIENTAUTH_INITIAL 3
-
-
-#endif
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
deleted file mode 100755
index 760aecdbc..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
+++ /dev/null
@@ -1,1183 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define VERION_MAJOR 1
-#define VERION_MINOR 0
-#define VERSION_POINT 7
-/* NSPR header files */
-#include <prinit.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prmem.h>
-#include <plstr.h>
-#include <prnetdb.h>
-#include <prinrval.h>
-#include <prmon.h>
-#include <prlock.h>
-
-/* Security library files */
-#include "cert.h"
-#include "key.h"
-#include "secmod.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-/* SSL Header Files */
-#include "ssl.h"
-#include "sslproto.h"
-
-#define EXIT_OOPS 14
-
-#include "ssls.h"
-#include "sslc.h"
-
-#ifdef XP_PC
-/* Windows VC++ 6.0 Header File required to define EXCEPTION_EXECUTE_HANDLER. */
-#include "excpt.h"
-#endif
-
-#ifndef DEBUG_stevep
-#define dbmsg(x) if (debug) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-
-/* Prototypes */
-
-PRInt32 ServerThread(PRInt32 argc,char **argv);
-void ClientThread(void *arg);
-void SetupNickNames(void );
-int OpenDBs(void);
-int ConfigServerSocket(void);
-int DoIO(struct ThreadData *);
-int Client(void);
-int SetClientSecParams(void);
-int CreateClientSocket(void);
-
-#ifdef XP_PC
-extern char getopt(int, char**, char*);
-#endif
-extern int Version2Enable(PRFileDesc *s);
-extern int Version3Enable(PRFileDesc *s);
-extern int Version23Clear(PRFileDesc *s);
-extern void SetupNickNames();
-extern int AuthCertificate(void *arg,PRFileDesc *fd,
-			   PRBool checkSig, PRBool isServer);
-extern char *MyPWFunc(void *slot, PRBool retry, void *arg);
-
-extern char *nicknames[];
-extern char *client_nick;
-extern char *password, *nickname;
-
-/* Shared condition variables */
-
-int rc;            /* rc is the error the process should return */
-PRMonitor *rcmon;  /* rcmon protects rc, since it can be set by the client */
-                   /* or server thread */
-
-/***** Read-only global variables (initialized in Server Thread)   ****/
-
-PRInt32 debug   = 0;
-PRInt32 verbose = 0;
-CERTCertDBHandle *cert_db_handle = NULL;
-
-struct ThreadData cl,svr;
-
-/* Include Replacer-generated variables file */
-
-/* INSERT_TABLES is a special parameter to sslt.h which inserts the
-   replacer-generated tables. We only want this table to be included
-   once in the executable, but this header file gets use in several
-   places */
-
-#define INSERT_TABLES
-#include "sslt.h"
-#include "nss.h"
-
-
-
-/*
- *
- * OpenDBs()   -  open databases
- * errors(30-39)
- */
-
-int OpenDBs() {
-  int r;
-
-  NSS_Init(".");
-  return 0;
-}
-
-
-
-
-
-/* 
- * CreateServerSocket
- * errors (20-29)
- */
-
-
-int CreateServerSocket(struct ThreadData *td) {
-  /* Create server socket s */
-
-  td->fd = PR_NewTCPSocket();
-  if (td->fd == NULL) return Error(20);
-
-  td->r = SSL_ImportFD(NULL, td->fd);
-  if (td->r == NULL) return Error(21);
-
-  return 0;
-} 
-
-
-int ConfigServerSocket() {
-
-  /* Set up Net address to bind to 'any' */
-  int r;
- 
-  r = PR_InitializeNetAddr(PR_IpAddrAny,0,&svr.na);
-  if (PR_SUCCESS != r) return Error(2);
-
-  
-  r = PR_Bind(svr.r,&svr.na);     /* bind to an IP address */
-  if (PR_SUCCESS != r) return Error(3);
-
-
-  r = PR_Listen(svr.r,5);
-  if (PR_SUCCESS != r) return Error(4);
-
-
-  r = PR_GetSockName(svr.r,&svr.na);
-  if (PR_SUCCESS != r) return Error(5);
-  return r;
-}
-
-
-/* 
- * main 
- *   returns 255 if 'coredump'-type crash occurs on winNT
- *
- */
-
-PRIntn main(PRIntn ac, char **av, char **ev) {
-  int r;
-  extern char *optarg;	
-  extern int optind;
-  int c;
-  
-
-  if( ac == 1 ) {
-     PR_fprintf(PR_STDERR,
-"\nSSL Test Suite Version %d.%d.%d\n\
-All Rights Reserved\n\
-Usage: sslt [-c client_nickname] [-n server_nickname] [-p passwd] [-d] testid\n",
-VERION_MAJOR, VERION_MINOR, VERSION_POINT);
-
-    exit(0);
-  }
-
-  for (c = 1; c<ac; c++) {
-	if (!PL_strcmp(av[c],"-c")) {
-	
-		  c++;
-		  if (c < ac) {
-			client_nick = av[c];
-		  }
-		  else {
-			  PR_fprintf(PR_STDOUT,"must supply argument for -c\n");
-			  exit(0);
-		  }
-	}
-
-	else if (!PL_strcmp(av[c],"-n")) {
-	
-		  c++;
-		  if (c < ac) {
-			nickname = av[c];
-		  }
-		  else {
-			  PR_fprintf(PR_STDOUT,"must supply argument for -n\n");
-			  exit(0);
-		  }
-      }
-	  else if (!PL_strcmp(av[c],"-p")) {
-
-		  c++;
-		  if (c < ac) {
-			password = av[c];
-		  }
-		  else {
-			  PR_fprintf(PR_STDOUT,"must supply argument for -p\n");
-			  exit(0);
-		  }
-      }
-	else if (!PL_strcmp(av[c],"-d")) {
-		  c++;
-		  debug++;
-      }
-	else 
-		testId = atoi(av[c]);
-  }
-
-
-
-#ifdef XP_PC
-    __try {
-#endif
- 
-  r = PR_Initialize(ServerThread,ac,av,400);         /* is 400 enough? */
-
-  /* returncode 99 means 'no error' */
-  if (99 == r)  r = 0;
-
-#ifdef XP_PC
-    } __except( PR_fprintf(PR_STDERR, "\nCERT-TEST crashed\n"), EXCEPTION_EXECUTE_HANDLER ) {
-        r = 255;
-    }
-#endif
-
-  return r;
-
-}
-
-
-
-/* 
- * ServerThread
- * (errors 1-9,150-159)
- */
-
-
-PRInt32 ServerThread(PRInt32 argc,char **argv) {
-
-  PRNetAddr na;
-
-  PRStatus r;
-  SECStatus rv;
-  
-  CERTCertDBHandle *cert_db_handle;
-  PRInt32 i,j;
-  struct ThreadData * td;
-
-  
-  /*   if (InvalidTestHack() == PR_TRUE) {
-    return 0;
-  }
-  */
-
-  rcmon = PR_NewMonitor();
-  if (NULL == rcmon) return Error(140);
-
-  PR_EnterMonitor(rcmon);
-  rc = 0;
-  PR_ExitMonitor(rcmon);
-
-  InitCiphers();
-  SetPolicy();
-  SetupNickNames();
-  
-  cl.peer = &svr;
-  svr.peer = &cl;
-
-
-  r = OpenDBs();            /* open databases and set defaults */
-  if (PR_SUCCESS != r) return r;
-
-
-  r = CreateServerSocket(&svr);
-  if (PR_SUCCESS != r) return r;
-
-  r = ConfigServerSocket();
-  if (PR_SUCCESS != r) return r;
-
-  cl.peerport = svr.na.inet.port;
-
-
-  r = SetServerSecParms(&svr);  /* configure server socket
-                                   sid cache, certificate etc. */
-  if (r) return r;
-
-  r = SSL_HandshakeCallback(svr.r, HandshakeCallback, &svr);
-  if (PR_SUCCESS != r) return Error(150);
-
-  r = SSL_AuthCertificateHook(svr.r,AuthCertificate,&svr);
-  if (PR_SUCCESS !=r ) return Error(151);
-
-  /* The server socket is now set up. Now, we must start
-     the client thread */
-
-  svr.subthread =
-    PR_CreateThread(PR_SYSTEM_THREAD,   /* Thread Type      */
-		    ClientThread,       /* Start Function   */
-		    NULL,               /* Argument         */
-		    PR_PRIORITY_NORMAL, /* Priority         */
-		    PR_GLOBAL_THREAD,   /* Scheduling scope */
-		    PR_JOINABLE_THREAD, /* Thread State     */
-		    0          /* Stacksize (0=use default) */
-		    );
-  if (svr.subthread == NULL) return Error(6);
-
-
-  
-  /* Wait for incoming connection from client thread */
-
-  svr.s = PR_Accept(svr.r, NULL, PR_SecondsToInterval(100)); /* timeout */
-  if (NULL == svr.s) {
-    r = PR_GetError();
-    if (r) {
-      return Error(7);
-    }
-  }
-
-  td = &svr;
-  td->client = PR_FALSE;
-  td->xor_reading = CLIENTXOR;
-  td->xor_writing = 0;
-  
-  r = DoIO(td);
-  dbmsg((PR_STDERR,"Server IO complete - returned %d\n",r));
-  dbmsg((PR_STDERR,"PR_GetError() = %d\n",PR_GetError()));
-
-
-  /* WHY IS THIS HERE???? */
-  r = 0;
-  if (r) return r;
-  
-
-  /* c = SSL_PeerCertificate(s); */
-
-  r = PR_Close(svr.s);   /* close the SSL Socket */
-  if (r != PR_SUCCESS) return Error(8);
-
-  dbmsg((PR_STDERR,"PR_Close(svr.s) - returned %d\n",r));
-
-  r = PR_Close(svr.r);  /* Close the rendezvous socket */
-  if (r != PR_SUCCESS) return Error(8);
-
-  dbmsg((PR_STDERR,"PR_Close(svr.r) - returned %d\n",r));
-
-  r = PR_JoinThread(svr.subthread);
-  if (r != PR_SUCCESS)  return Error(9);
-
-  PR_EnterMonitor(rcmon);
-  r = rc;
-  PR_ExitMonitor(rcmon);
-  
-  dbmsg((PR_STDERR,"Client Thread Joined. client's returncode=%d\n",r));
-  dbmsg((PR_STDERR,"Server Thread closing down.\n"));
-
-  return r;
-  
-  }
-
-
-/*
- * Get security status for this socket
- *
- */ 
-
-int GetSecStatus(struct ThreadData *td) {
-  int r;
-
-  r = SSL_SecurityStatus(td->s,
-			 &td->status_on,
-			 &td->status_cipher,
-			 &td->status_keysize,
-			 &td->status_skeysize,
-			 &td->status_issuer,
-			 &td->status_subject
-			 );
-
-  return r;
-  /* SSL_PeerCertificate(); */
-
-}
- 
-
-
-
-/* Signal an error code for the process to return.
-   If the peer aborted before us, returns 0.
-   If the peer did not abort before us, returns the calling argument
-   (to be used as a returncode) */
-int Error(int s)
-{
-  int r;
-
-  PR_EnterMonitor(rcmon);
-  r = rc;
-  if (0 == rc) { 
-    rc = s;
-  }    
-  PR_ExitMonitor(rcmon);
-
-  if (r) return s;
-  else return 0;
-}
-
-
-
-#define ALLOWEDBYPROTOCOL    1
-#define ALLOWEDBYPOLICY      2
-#define ALLOWEDBYCIPHERSUITE 4
-
-/* This returns 0 if the status is what was expected at this point, else a returncode */
-
-
-int VerifyStatus(struct ThreadData *td)
-{
-  int i,j;
-  int matched =0;
-
-  /* Go through all the ciphers until we find the first one that satisfies */
-  /* all the criteria. The ciphers are listed in preferred order. So, the first */
-  /* that matches should be the one. */
-
-  /* because of bug 107086, I have to fudge this. If it weren't for this
-     bug, SSL2 ciphers may get chosen in preference to SSL3 cipher,
-     if they were stronger */
-
-
-  for (i=0;i<cipher_array_size;i++) {
-
-  /* IF */
-
-    if (
-
-	/* bug 107086. If SSL2 and SSL3 are enabled, ignore the SSL2 ciphers */
-	(!( /* see above */
-	  (REP_SSLVersion2 && REP_SSLVersion3) && cipher_array[i].sslversion == 2)
-	 )
-
-	&&
-
-
-	(  /* Cipher is the right kind for the protocol? */
-	 ((cipher_array[i].sslversion == 2) && REP_SSLVersion2) ||
-	 ((cipher_array[i].sslversion == 3) && REP_SSLVersion3) 
-	 )
-	
-	&&  /* Cipher is switched on */
-
-	((cipher_array[i].on == 1) ||
-	 ((cipher_array[i].on == 2) &&
-	  (REP_ServerCert == SERVER_CERT_VERISIGN_STEPUP)))
-
-	&&  /* Is this cipher enabled under this policy */
-    
-	(
-	 (REP_Policy == POLICY_DOMESTIC) ||
-	 ((REP_Policy == POLICY_EXPORT)  && 
-	  (cipher_array[i].exportable == SSL_ALLOWED)))
-	)
-
-  /* THEN */
-      {
-	/* This is the cipher the SSL library should have chosen */
-	
-	matched = 1;
-	break;	
-      }
-  }
-
-GetSecStatus(td);
-
-
-#define SSLT_STATUS_CORRECT           0 /* The status is correct. Continue with test */
-#define SSLT_STATUS_WRONG_KEYSIZE     1 /* The reported keysize is incorrect. abort */
-#define SSLT_STATUS_WRONG_SKEYSIZE    2 /* The reported secret keysize is incorrect. abort */
-#define SSLT_STATUS_WRONG_DESCRIPTION 3 /* The reported description is incorrect. abort*/
-#define SSLT_STATUS_WRONG_ERRORCODE   4 /* sec. library error - but wrong one - abort */
-#define SSLT_STATUS_CORRECT_ERRORCODE 5 /* security library error - right one - abort with err 99 */
-
-  if (matched) {
-    if (td->status_keysize  != cipher_array[i].ks) {
-      PR_fprintf(PR_STDERR,"wrong keysize. seclib: %d,  expected %d\n",
-		 td->status_keysize,cipher_array[i].ks);
-      return  SSLT_STATUS_WRONG_KEYSIZE;
-    }
-    if (td->status_skeysize != cipher_array[i].sks) return SSLT_STATUS_WRONG_SKEYSIZE;
-    if (PL_strcmp(td->status_cipher,cipher_array[i].name)) {
-      PR_fprintf(PR_STDERR,"wrong cipher description.  seclib: %s, expected: %s\n",
-	     td->status_cipher,cipher_array[i].name);
-      return SSLT_STATUS_WRONG_DESCRIPTION;
-    }
-
-    /* Should also check status_issuer and status_subject */
-  
-    return SSLT_STATUS_CORRECT;
-  }
-
-  else {
-    /* if SSL wasn't enabled, security library should have returned a failure with
-       SSL_ERROR_SSL_DISABLED 
-       */
-
-    /* Since we cannot set the client and server ciphersuites independently,
-       there's not point in checking for NO_CYPHER_OVERLAP. That's why some
-       of this is commented out.
-       */
-
-#if 0
-	if (PR_FALSE == REP_SSLVersion2 &&
-	    PR_FALSE == REP_SSLVersion3)
-{
-if ( (td->secerr_flag == PR_FALSE ) ||
-          ((td->secerr_flag == PR_TRUE) && 
-	     !((td->secerr == SSL_ERROR_SSL_DISABLED) ||
-	      (td->secerr == SSL_ERROR_NO_CYPHER_OVERLAP))
-   	)) {
-       return SSLT_STATUS_WRONG_ERRORCODE;
-     }
-     else
-  return SSLT_STATUS_CORRECT_ERRORCODE;
-   }
-
-	else {
-
-	  /* If SSL was enabled, and we get here, then no ciphers were compatible
-	     (matched == 0). So, security library should have returned the error
-	     SSL_ERROR_NO_CYPHER_OVERLAP */
-
-	  if ((td->secerr_flag == PR_FALSE) ||
-	      ((td->secerr_flag == PR_TRUE) && (td->secerr != SSL_ERROR_NO_CYPHER_OVERLAP))) {
-	    return SSLT_STATUS_WRONG_ERRORCODE;
-	  }
-	  else return SSLT_STATUS_CORRECT_ERRORCODE;
-	}
-#endif
-  }
-	return SSLT_STATUS_CORRECT_ERRORCODE;
-}
-
-
-/* 
- *  DoRedoHandshake()
- *
- * errors(90-99)
- *  99 means exit gracefully
- */
-
-int DoRedoHandshake(struct ThreadData *td) {
-  int r;
-
-
-  /* figure out if we really should do the RedoHandshake */
-  if ((td->client  && (PR_TRUE== REP_ClientRedoHandshake)) ||
-	(!td->client && (PR_TRUE== REP_ServerRedoHandshake))) {
-
-    if ((!td->client && (SSLT_CLIENTAUTH_REDO==REP_ServerDoClientAuth))) {
-       r = SSL_Enable(td->s, SSL_REQUEST_CERTIFICATE, 1);
-    }
-
-    r = SSL_RedoHandshake(td->s);          /* .. and redo the handshake */      
-    if (PR_SUCCESS == r) {                  /* If the handshake succeeded,  */
-                                            /* make sure that shouldn't have failed... */
-
-	/*** 
-	   If the server is doing ClientAuth
-           and the wrong certificate in the
-	   client, then the handshake should fail (but it succeeded)
-	   ***/
-      
-#if 0
-      if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
-	if ((CLIENT_CERT_SPARK == REP_ClientCert) ||
-	    (SERVER_CERT_HARDCOREII_512       == REP_ClientCert) ||
-	    (NO_CERT                           == REP_ClientCert)
-	    ) 
-	  return Error(90);
-
-      }
-#endif
-      
-    }
-    
-    else {  /* PR_FAILURE:            Make sure the handshake shouldn't have succeeded */
-      
-      /* First, abort the peer, since it cannot continue */
-      r = Error(91);
-      if (0==r) return 0;  /* peer aborted first */
-      else {
-      /***
-	If the server is doing clientauth and
-	a valid certificate was presented, the handshake
-	should have succeeded (but it failed)
-	***/
-      
-	if (PR_TRUE == REP_ServerDoClientAuth) {
-	  if ((CLIENT_CERT_HARDCOREII_512         == REP_ClientCert) ||
-	      (CLIENT_CERT_HARDCOREII_1024        == REP_ClientCert) ||
-	      (CLIENT_CERT_VERISIGN               == REP_ClientCert) ||
-	      (SERVER_CERT_HARDCOREII_512         == REP_ClientCert)
-	      ) 
-	    return Error(91);
-	}
-      }
-    }
-  }
-}
-
-
-
-/* There is a independent State Machine for each of client and server.
-   They have the following states:
-
-   1. STATE_BEFORE_INITIAL_HANDSHAKE
-      In this state at the very start. No I/O has been done on the socket,
-      and no status has been collected. Once I/O has been done, we move on
-      to state 2.
-
-   2. STATE_BEFORE_REDO_HANDSHAKE
-      If we won't be doing a redohandshake, move immediately to state3.
-      Check security status to make sure selected cipher is correct.
-      If we are doing a redohandshake, adjust the security parameters for
-      the redo, and move to state 3.
-   3. STATE_STATUS_COLLECTED
-      When we move to this state, check security status.
-      Remain in this state until either reading or writing is complete
-   4. STATE_DONE_WRITING
-      Come here when writing is complete. When reading is complete move
-      to state 6.
-   5. STATE_DONE_READING
-      Come here when reading is complete. When writing is complete move
-      to state 6.
-   6. STATE_DONE
-      We're done. Check that the appropriate callbacks were called at the
-      appropriate times.
-      */
-    
-/* 
- * State Machine
- *
- * errors(80-89)
- */
-
-int NextState(struct ThreadData *td,
-	       int finishedReading,
-	       int finishedWriting) {
-  int r;
-
-
-
-  /* if we were in STATE_BEFORE_INITIAL_HANDSHAKE, and we came here, we must
-     have just completed a handshake, so we can get status and move on
-     to next state.  */
-
-  if (STATE_BEFORE_INITIAL_HANDSHAKE == td->state ) {
-    
-    td->state = STATE_BEFORE_REDO_HANDSHAKE;  /* first set next state */
-    
-    r = GetSecStatus(td);
-    if (PR_SUCCESS != r) {
-      return Error(80);
-    }
-    
-#if 0
-    r = VerifyStatus(td);   /* Call VerifyStatus to make sure that the connection is
-			       what was expected */
-    if (PR_SUCCESS != r) return r;
-#endif
-
-      
-  }
-  
-  if (STATE_BEFORE_REDO_HANDSHAKE == td->state) {
-    /* If we're not going to do a redohandshake, we can just skip over this state */
-    if (td->client) {
-      if (PR_FALSE  == REP_ClientRedoHandshake) td->state = STATE_STATUS_COLLECTED;
-    }
-    else {
-      if (PR_FALSE == REP_ServerRedoHandshake) td->state = STATE_STATUS_COLLECTED;
-    }
-    r = DoRedoHandshake(td);
-    if (PR_SUCCESS != r) return r;
-    td->state = STATE_STATUS_COLLECTED;
-  }
-		  
-
-  switch (td->state) {
-  case STATE_STATUS_COLLECTED:
-    if (finishedWriting) td->state = STATE_DONE_WRITING;
-    if (finishedReading) td->state = STATE_DONE_READING;
-    break;
-  case STATE_DONE_WRITING:
-    if (finishedReading) td->state = STATE_DONE;
-    break;
-  case STATE_DONE_READING:
-    if (finishedWriting) td->state = STATE_DONE;
-    break;
-  default:
-    return PR_SUCCESS;
-  }
-}
-
-
-/* CheckSSLEnabled:
-   If there was an I/O, and SSL was disabled, then check the error
-   code to make sure that the correct error was returned.
-   The parameter passed in is the returncode from PR_Read or PR_Write
-   */
-
-int CheckSSLEnabled(int j) {
-  if (PR_FALSE == REP_SSLVersion2 &&
-      PR_FALSE == REP_SSLVersion3) {
-    if (( -1 != j ) ||
-	(( -1 == j) && (PR_GetError() != SSL_ERROR_SSL_DISABLED))) {
-      return 52;
-    }
-    else return 99;
-  }
-  else return 0;
-}
-
-
-
-/* 
- * Do I/O
- *
- * Errors 50-69
- */
- 
-int DoIO(struct ThreadData *td) {
-
-int i,j,r;
-
-  td->pd.fd        = td->s;
-  td->pd.in_flags  = PR_POLL_READ | PR_POLL_WRITE | PR_POLL_EXCEPT;
-  td->data_read    = 0;
-  td->data_sent    = 0;
-
-  td->data_tosend = REP_ServerIOSessionLength;
-  
-  td->state = STATE_BEFORE_INITIAL_HANDSHAKE;
-
-
-  while (PR_TRUE) {
-    dbmsg((PR_STDERR,"%s: DoIO loop\n",
-	       &svr==td ? "Server" : "Client"));
-
-    /* pd = polldescriptor, 1 = number of descriptors, 5 = timeout in seconds */
-    r = PR_Poll(&td->pd,1,PR_SecondsToInterval(5));
-
-    /* Check if peer has already signalled an error condition */ 
-
-    PR_EnterMonitor(rcmon);
-    if (0 != rc) {
-      /* got here? - means peer wants to stop. It has set the
-	 exit code */
-      PR_ExitMonitor(rcmon);
-      dbmsg((PR_STDERR,"%s: Peer has aborted (error code %d). We should too\n",
-	     &svr==td ? "Server" : "Client",rc));
-      
-      return 0;
-    }
-    else {
-      PR_ExitMonitor(rcmon);
-    }
-
-    if (0 == r) ;   /* timeout occurred */
-
-    if (td->pd.out_flags & PR_POLL_EXCEPT) return Error(50);
-
-    /*******   Process incoming data   *******/
-    
-    if (! (STATE_DONE == td->state || STATE_DONE_READING == td->state)) {
-      if (td->pd.out_flags & PR_POLL_READ) {
-
-	td->secerr = 0;
-	i = PR_Read(td->s, td->recvbuf, BUFSIZE);
-
-	if (i < 0) {
-	  td->secerr_flag = 1;
-	  td->secerr = PR_GetError();
-	}
-	else td->secerr_flag =0;
-
-	r = VerifyStatus(td);
-
-	switch (r) {
-	case SSLT_STATUS_CORRECT:
-	  break;
-	case SSLT_STATUS_CORRECT_ERRORCODE:
-	  return Error(99);
-	default:
-	  return Error(60+r);
-	}
-	
-	r = VerifyBuffer(td->recvbuf, i, td->data_read, td->xor_reading);
-	if (r) return r;
-	td->data_read += i;
-	
-	/* Invoke State Machine */
-
-	NextState(td, 0==i, 0);  /* if i is zero, signal 'finishedreading' */
-
-      }
-    }
-    
-    if (! (STATE_DONE == td->state || STATE_DONE_WRITING == td->state)) {
-      if (td->pd.out_flags & PR_POLL_WRITE) {
-	FillBuffer(td->sendbuf,BUFSIZE,td->data_sent,td->xor_writing);
-
-	i = td->data_tosend - td->data_sent;
-	if (i > BUFSIZE) i = BUFSIZE;  /* figure out how much
-					  data to send */
-	td->secerr = 0;
-	j = PR_Write(td->s, td->sendbuf, i);
-
-
-	if (j < 0) {
-	  td->secerr_flag = 1;
-	  td->secerr = PR_GetError();
-	}
-	else td->secerr_flag =0;
-
-	r = VerifyStatus(td);
-
-	switch (r) {
-	case SSLT_STATUS_CORRECT:
-	  break;
-	case SSLT_STATUS_CORRECT_ERRORCODE:
-	  return Error(99);
-	default:
-	  return Error(60+r);
-	}
-
-      }
-      if (j == -1) return Error(53);        /* Error on socket (Not an error
-				        if nonblocking IO enabled, and
-				        Error is Would Block */
-      
-      if (j != i) return Error(54);         /* We didn't write the
-                                        amount we should have */
-      
-      td->data_sent += j;
-      
-      if (td->data_sent == td->data_tosend) {
-	PR_Shutdown(td->s,PR_SHUTDOWN_SEND);
-      }
-      
-      /* next state of state machine */
-
-      NextState(td,
-		0,
-		td->data_sent == td->data_tosend  /* finishedwriting */
-		);      
-    }
-
-
-
-    if (STATE_DONE == td->state) break;
-
-  } /* while (1) */
-    
-    dbmsg((PR_STDERR,"%s: DoIO loop:returning 0\n",
-	       &svr==td ? "Server" : "Client"));
-
-    return 0;
-    
-}
-
-
-
-
-/* This is the start of the client thread code */
-/* Client Thread errors(100-200) */
-
-
-/* 
- * CreateClientSocket()
- * errors (120-129)
- */
-
-
-int CreateClientSocket() {
-  /* Create client socket s */
-
-  cl.fd = PR_NewTCPSocket();
-  if (cl.fd == NULL) return Error(120);  
-
-  cl.s = SSL_ImportFD(NULL, cl.fd);
-  if (cl.s == NULL) return Error(121);
-
-  return 0;
-}  
-
-
-
-/* 
- * SetClientSecParms
- * errors(130-139)
- */
-
-int SetClientSecParams()  {
-  int rv;
-  /* SSL Enables */
-  
-  rv = SSL_Enable(cl.s, SSL_SECURITY, 1);
-  if (rv < 0)  return Error(130);
-
-  rv = Version23Clear(cl.s);
-  if (rv) return rv;
-
-  if (REP_SSLVersion2) {
-    rv = Version2Enable(cl.s);
-    if (rv) return rv;
-  }
-  if (REP_SSLVersion3) {
-    rv = Version3Enable(cl.s);
-    if (rv) return rv;
-  }
-
-  SSL_SetPKCS11PinArg(cl.s,(void*)MyPWFunc);
-
-  if (REP_ClientCert == NO_CERT) {
-    return 0;
-  }
-  else {
-    cl.cert = PK11_FindCertFromNickname(client_nick,NULL);
-  }
-  if (cl.cert == NULL) return Error(131);
-  
-  return 0;
-}
-
-
-/*
- * Client()
- * errors (100-120)
- */
-
-int Client() {
-  int r;
-
-  r = CreateClientSocket();
-  if (r) return r;
-
-  r = SetClientSecParams();
-  if (r) return r;
-
-  /* Set address to connect to: localhost */
-
-  r = PR_InitializeNetAddr(PR_IpAddrLoopback,0,&cl.na);
-  cl.na.inet.port = cl.peerport;
-  if (PR_FAILURE == r) return Error(101);
-
-  r = SSL_AuthCertificateHook(cl.s,AuthCertificate,&cl);
-  if (r) return Error(102);
-  r = SSL_HandshakeCallback(cl.s,HandshakeCallback,&cl);
-  if (r) return Error(103);
-
-  r = PR_Connect(cl.s, &cl.na, PR_SecondsToInterval(50));
-  if (PR_FAILURE == r) {
-    dbmsg((PR_STDERR, "Client: Seclib error: %s\n",SECU_ErrorString ((int16) PR_GetError())));
-    return Error(104);
-  }
-
-
-  if (PR_TRUE == REP_ClientForceHandshake) {
-    r = SSL_ForceHandshake(cl.s);
-    if (PR_FAILURE == r) {
-      dbmsg((PR_STDERR, "Client: Seclib error: %s\n",
-	     SECU_ErrorString ((int16) PR_GetError())));
-      return Error(105);
-    }
-  }
-
-  cl.client = PR_TRUE;
-  cl.xor_reading = 0;
-  cl.xor_writing = CLIENTXOR;
-  
-  r = DoIO(&cl);
-
-  dbmsg((PR_STDERR,"Client Thread done with IO. Returned %d\n",r));
-
-
-  if (PR_SUCCESS != r) return r;
-
-  r = PR_Close(cl.s);
-
-  dbmsg((PR_STDERR,"Client Socket closing. Returned %d\n",r));
-
-  return Error(r);
-  
-}
-
-
-
- void ClientThread(void *arg) {
-   int r;
-
-   Error(Client());
-
-   dbmsg((PR_STDERR,"Client Thread returning %d\n",r));
-   
-   
- }
-
-   
-
-
-
-
- /* VerifyBuffer() */
-
-/* verify the data in the buffer. Returns 0 if valid  */
-/* recvbuf = start of data to verify
- * bufsize = amount of data to verify
- * done    = how to offset the reference data. How much 
-             data we have done in previous sessions
- * xor     = xor character 
-
- * errors 70-79
-
- */
- 
- int VerifyBuffer(char *recvbuf,int bufsize,int done, char xor) {
-  int i,j,k;
-
-  while (bufsize) {
-    i = done % DATABUFSIZE;
-
-    k = DATABUFSIZE;
-    if (bufsize < k) {
-      k = bufsize;
-    }
-    for (j = i; j < k ; j++) {
-      if ((data[j] ^ xor) != (*recvbuf)) {
-	return 71;
-      }
-      
-      recvbuf++;
-    }
-    done += k-i;
-    bufsize -= (k - i);
-    if (bufsize < 0) return 73;
-  }
-  return (0);
-}
-
-
-/* fill the buffer.  */
-
- void FillBuffer(char *sendbuf,int bufsize, int offset, char xor) {
-   int done=0,i,j;
-   
-   while (done < bufsize) {
-    i = offset % DATABUFSIZE;
-    for (j = i; j < DATABUFSIZE ; j++) {
-      *sendbuf = (data[j] ^ xor);
-      sendbuf++;
-    }
-    done += (DATABUFSIZE - i);
-    offset += (DATABUFSIZE - i);
-   }
- }
- 
- 
- 
- 
-/******     CALLBACKS      *******/
- 
-
-
-/* HandshakeCallback
-   This function gets called when a handshake has just completed.
-   (maybe gets called more than once for example if we RedoHandshake)
-   */
-
- void HandshakeCallback(PRFileDesc *s, void *td)   {
-   int r;
-
-   /*   1. Get status of connection */
-
-   r = GetSecStatus(td);
-   if (PR_SUCCESS != r) {
-     /* Abort */
-   }
-   else {
-
-   /*   2. Verify status of connection */
-
-#if 0   
-  r =VerifyStatus(td); 
-     if (PR_SUCCESS != r) {
-       /* Abort */
-     }
-#endif
-   }
-
- }
- 
-
-
-/* This function gets called by the client thread's SSL code to verify
-   the server's certificate. We cannot use the default AuthCertificate
-   code because the certificates are used on multiple hosts, so
-   CERT_VerifyCertNow() would fail with an IP address mismatch error
-   */
-
-int
-AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
-{
-    SECStatus rv;
-    CERTCertDBHandle *handle;
-    /*    PRFileDesc *ss; */
-    SECCertUsage certUsage;
-    
-    /*     ss = ssl_FindSocket(fd);
-    PORT_Assert(ss != NULL); */
-
-    handle = (CERTCertDBHandle *)arg;
-
-    if ( isServer ) {
-	certUsage = certUsageSSLClient;
-    } else {
-	certUsage = certUsageSSLServer;
-    }
-    
-    /*     rv = CERT_VerifyCertNow(handle, ss->sec->peerCert, checkSig, certUsage, arg); */
-
-    return((int)PR_SUCCESS);
-}
-
-
-
-
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
deleted file mode 100755
index e792755cc..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLT_H
-#define SSLT_H
-
-
-extern int Error(int);
-#ifndef DEBUG_stevep
-#define dbmsg(x) if (debug) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-extern PRInt32 debug;
-
-#ifdef INSERT_TABLES
-int testId = 0;
-
-int ClientCert[] = {
-	NO_CERT,
-	CLIENT_CERT_HARDCOREII_1024
-};
-
-int ServerCert[] = {
-	SERVER_CERT_HARDCOREII_512
-};
-
-int Policy[] = {
-	POLICY_EXPORT,
-	POLICY_DOMESTIC
-};
-
-int SSLVersion2[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-int SSLVersion3[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-int ClientIOSessionLength[] = {
-	0,
-	1024
-};
-
-int ServerIOSessionLength[] = {
-	0,
-	1024
-};
-
-int ServerDoClientAuth[] = {
-	SSLT_CLIENTAUTH_OFF
-};
-
-PRBool ClientForceHandshake[] = {
-	PR_FALSE
-};
-
-PRBool ServerForceHandshake[] = {
-	PR_TRUE
-};
-
-PRBool ClientRedoHandshake[] = {
-	PR_FALSE
-};
-
-PRBool ServerRedoHandshake[] = {
-	PR_FALSE
-};
-
-PRBool Cipher_EN_RC4_128_WITH_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_RC4_128_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_DES_CBC_SHA[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[] = {
-	PR_TRUE,
-	PR_FALSE
-};
-
-
-#else
-extern int ClientCert[];
-extern int ServerCert[];
-extern int Policy[];
-extern int SSLVersion2[];
-extern int SSLVersion3[];
-extern int ClientIOSessionLength[];
-extern int ServerIOSessionLength[];
-extern int ServerDoClientAuth[];
-extern PRBool ClientForceHandshake[];
-extern PRBool ServerForceHandshake[];
-extern PRBool ClientRedoHandshake[];
-extern PRBool ServerRedoHandshake[];
-extern PRBool Cipher_EN_RC4_128_WITH_MD5[];
-extern PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[];
-extern PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[];
-extern PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[];
-extern PRBool Cipher_RSA_WITH_RC4_128_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[];
-extern PRBool Cipher_RSA_WITH_DES_CBC_SHA[];
-extern PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[];
-extern int testId;
-#endif
-
-
-#define REP_ClientCert            ClientCert[testId%2]
-#define REP_ServerCert            ServerCert[testId/2%1]
-#define REP_Policy                Policy[testId/2/1%2]
-#define REP_SSLVersion2           SSLVersion2[testId/2/1/2%2]
-#define REP_SSLVersion3           SSLVersion3[testId/2/1/2/2%2]
-#define REP_ClientIOSessionLength ClientIOSessionLength[testId/2/1/2/2/2%2]
-#define REP_ServerIOSessionLength ServerIOSessionLength[testId/2/1/2/2/2/2%2]
-#define REP_ServerDoClientAuth    ServerDoClientAuth[testId/2/1/2/2/2/2/2%1]
-#define REP_ClientForceHandshake  ClientForceHandshake[testId/2/1/2/2/2/2/2/1%1]
-#define REP_ServerForceHandshake  ServerForceHandshake[testId/2/1/2/2/2/2/2/1/1%1]
-#define REP_ClientRedoHandshake   ClientRedoHandshake[testId/2/1/2/2/2/2/2/1/1/1%1]
-#define REP_ServerRedoHandshake   ServerRedoHandshake[testId/2/1/2/2/2/2/2/1/1/1/1%1]
-
-
-#define REP_Cipher_EN_RC4_128_WITH_MD5                    Cipher_EN_RC4_128_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1%2]
-#define REP_Cipher_EN_RC4_128_EXPORT40_WITH_MD5           Cipher_EN_RC4_128_EXPORT40_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2%2]
-#define REP_Cipher_EN_RC2_128_CBC_WITH_MD5                Cipher_EN_RC2_128_CBC_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2%2]
-#ifdef undef
-#define REP_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5       $[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_IDEA_128_CBC_WITH_MD5               $[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#define REP_Cipher_EN_DES_64_CBC_WITH_MD5                 $[Cipher_EN_DES_64_CBC_WITH_MD5
-#define REP_Cipher_RSA_WITH_NULL_SHA                      $[Cipher_RSA_WITH_NULL_SHA]
-#define REP_Cipher_RSA_WITH_RC4_128_SHA                   $[Cipher_RSA_WITH_RC4_128_SHA]
-#define REP_Cipher_RSA_WITH_IDEA_CBC_SHA                  $[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#define REP_Cipher_NULL_WITH_NULL_NULL                    $[Cipher_NULL_WITH_NULL_NULL]
-#define REP_Cipher_RSA_WITH_NULL_MD5                      $[Cipher_RSA_WITH_NULL_MD5]
-#endif
-#define REP_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5           Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2%2]
-#define REP_Cipher_RSA_EXPORT_WITH_RC4_40_MD5             Cipher_RSA_EXPORT_WITH_RC4_40_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_RC4_128_MD5                   Cipher_RSA_WITH_RC4_128_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2%2]
-#define REP_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5         Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_DES_CBC_SHA                   Cipher_RSA_WITH_DES_CBC_SHA[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_3DES_EDE_CBC_SHA              Cipher_RSA_WITH_3DES_EDE_CBC_SHA[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2/2/2%2]
-
-#ifdef undef
-#define REP_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA          $[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-
-#define REP_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA       [Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_DES_CBC_SHA                [Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA           [Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA       [Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_DES_CBC_SHA                [Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA           [Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA      [Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_DES_CBC_SHA               [Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA          [Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA      [Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_DES_CBC_SHA               [Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA          [Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5         [Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_DH_ANON_WITH_RC4_128_MD5               [Cipher_DH_ANON_WITH_RC4_128_MD5]
-#define REP_Cipher_DH_ANON_WITH_DES_CBC_SHA               [Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA          [Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA     $[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA          $[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#endif
-#define REP_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA         $[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_RSA_FIPS_WITH_DES_CBC_SHA              $[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-
-
-#endif
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
deleted file mode 100644
index 06e55d176..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is the Netscape security libraries.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLT_H
-#define SSLT_H
-
-
-extern int Error(int);
-#ifndef DEBUG_stevep
-#define dbmsg(x) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-
-#ifdef INSERT_TABLES
-$[DATA-TO-TEST]
-#else
-extern int ClientCert[];
-extern int ServerCert[];
-extern int Policy[];
-extern int SSLVersion2[];
-extern int SSLVersion3[];
-extern int ClientIOSessionLength[];
-extern int ServerIOSessionLength[];
-extern int ServerDoClientAuth[];
-extern PRBool ClientForceHandshake[];
-extern PRBool ServerForceHandshake[];
-extern PRBool ClientRedoHandshake[];
-extern PRBool ServerRedoHandshake[];
-extern PRBool Cipher_EN_RC4_128_WITH_MD5[];
-extern PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[];
-extern PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[];
-extern PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[];
-extern PRBool Cipher_RSA_WITH_RC4_128_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[];
-extern PRBool Cipher_RSA_WITH_DES_CBC_SHA[];
-extern PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[];
-extern int testId;
-#endif
-
-
-#define REP_ClientCert            $[ClientCert]
-#define REP_ServerCert            $[ServerCert]
-#define REP_Policy                $[Policy]
-#define REP_SSLVersion2           $[SSLVersion2]
-#define REP_SSLVersion3           $[SSLVersion3]
-#define REP_ClientIOSessionLength $[ClientIOSessionLength]
-#define REP_ServerIOSessionLength $[ServerIOSessionLength]
-#define REP_ServerDoClientAuth    $[ServerDoClientAuth]
-#define REP_ClientForceHandshake  $[ClientForceHandshake]
-#define REP_ServerForceHandshake  $[ServerForceHandshake]
-#define REP_ClientRedoHandshake   $[ClientRedoHandshake]
-#define REP_ServerRedoHandshake   $[ServerRedoHandshake]
-
-
-#define REP_Cipher_EN_RC4_128_WITH_MD5                    $[Cipher_EN_RC4_128_WITH_MD5]
-#define REP_Cipher_EN_RC4_128_EXPORT40_WITH_MD5           $[Cipher_EN_RC4_128_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_RC2_128_CBC_WITH_MD5                $[Cipher_EN_RC2_128_CBC_WITH_MD5]
-#ifdef undef
-#define REP_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5       $[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_IDEA_128_CBC_WITH_MD5               $[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#define REP_Cipher_EN_DES_64_CBC_WITH_MD5                 $[Cipher_EN_DES_64_CBC_WITH_MD5
-#define REP_Cipher_RSA_WITH_NULL_SHA                      $[Cipher_RSA_WITH_NULL_SHA]
-#define REP_Cipher_RSA_WITH_RC4_128_SHA                   $[Cipher_RSA_WITH_RC4_128_SHA]
-#define REP_Cipher_RSA_WITH_IDEA_CBC_SHA                  $[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#define REP_Cipher_NULL_WITH_NULL_NULL                    $[Cipher_NULL_WITH_NULL_NULL]
-#define REP_Cipher_RSA_WITH_NULL_MD5                      $[Cipher_RSA_WITH_NULL_MD5]
-#endif
-#define REP_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5           $[Cipher_EN_DES_192_EDE3_CBC_WITH_MD5]
-#define REP_Cipher_RSA_EXPORT_WITH_RC4_40_MD5             $[Cipher_RSA_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_RSA_WITH_RC4_128_MD5                   $[Cipher_RSA_WITH_RC4_128_MD5]
-#define REP_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5         $[Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
-#define REP_Cipher_RSA_WITH_DES_CBC_SHA                   $[Cipher_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_RSA_WITH_3DES_EDE_CBC_SHA              $[Cipher_RSA_WITH_3DES_EDE_CBC_SHA]
-
-#ifdef undef
-#define REP_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA          $[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-
-#define REP_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA       [Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_DES_CBC_SHA                [Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA           [Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA       [Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_DES_CBC_SHA                [Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA           [Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA      [Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_DES_CBC_SHA               [Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA          [Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA      [Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_DES_CBC_SHA               [Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA          [Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5         [Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_DH_ANON_WITH_RC4_128_MD5               [Cipher_DH_ANON_WITH_RC4_128_MD5]
-#define REP_Cipher_DH_ANON_WITH_DES_CBC_SHA               [Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA          [Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA     $[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA          $[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#endif
-#define REP_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA         $[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_RSA_FIPS_WITH_DES_CBC_SHA              $[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-
-
-#endif
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
deleted file mode 100644
index 278412826..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
+++ /dev/null
@@ -1,417 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-cTemplate       =   sslt.htp
-makeTemplate    =   ssl.mtp
-path            =   .
-testPrefix	=   sslt
-testSuffix	=   .h
-regressSpecfile =   ssl.reg
-regressOutput   =   ssl.html
-mut             =   SSL
-mutversion      =   1.0
-timeout         =   6
-makefileOutput  =   Makefile
-reporterOutput  =   ssl.rpt
-singleSource    =   TRUE
-
-
-
-# The names given for the Client and Server Certificates are
-# nicknames from the database
-
-[ClientCert]
-IMPORTANCE = HIGH
-TYPE = int
-ClientCert_none   = NO_CERT
-ClientCert_one    = CLIENT_CERT_HARDCOREII_1024
-#ClientCert_oneb   = CLIENT_CERT_HARDCOREII_512
-#ClientCert_two    = CLIENT_CERT_SPARK
-#ClientCert_three  = SERVER_CERT_HARDCOREII_1024
-#ClientCert_four   = CLIENT_CERT_VERISIGN
-
-[ServerCert]
-IMPORTANCE = HIGH
-TYPE = int
-#ServerCert_none   = NO_CERT
-ServerCert_one    = SERVER_CERT_HARDCOREII_512
-#ServerCert_two    = CLIENT_CERT_HARDCOREII_512
-#ServerCert_three  = SERVER_CERT_SPARK
-#ServerCert_four   = SERVER_CERT_VERISIGN_REGULAR
-#ServerCert_five   = SERVER_CERT_VERISIGN_STEPUP
-
-
-#####  POLICY  ####
-#
-# (right now, policy can only be set globally. When bug #102853 is
-#  fixed, I'll be able to bring ClientPolicy and ServerPolicy back)
-#
-
-[Policy]
-IMPORTANCE = HIGH
-TYPE = int
-ExportPolicy   = POLICY_EXPORT
-DomesticPolicy = POLICY_DOMESTIC
-
-#[ClientPolicy]
-#IMPORTANCE = HIGH
-#TYPE = int
-#ExportPolicy   = POLICY_EXPORT
-#DomesticPolicy = POLICY_DOMESTIC
-
-#[ServerPolicy]
-#IMPORTANCE = HIGH
-#TYPE = int
-#ServerExportPolicy   = POLICY_EXPORT
-#ServerDomesticPolicy = POLICY_DOMESTIC
-
-# Which SSL version to enable. Like the policy, this is a global
-# setting, affecting both client and server sockets
-
-[SSLVersion2]
-IMPORTANCE = HIGH
-TYPE = int
-SSLVersion2    = PR_TRUE
-NO_SSLVersion2 = PR_FALSE
-
-[SSLVersion3]
-IMPORTANCE = HIGH
-TYPE = int
-SSLVersion3     = PR_TRUE
-NO_SSLVersion3  = PR_FALSE
-
-#[ClientIOModel]
-#IMPORTANCE = LOW
-#TYPE = int
-#ClientIOBlocking = 0
-#ClientIONonBlocking = 1
-
-#[ServerIOModel]
-#IMPORTANCE = LOW
-#TYPE = int
-#ServerIOBlocking = BLOCKING
-#ServerIONonBlocking = NON_BLOCKING
-
-[ClientIOSessionLength]
-IMPORTANCE = LOW
-TYPE = int
-ClientIOLength0 = 0
-ClientIOLength1K = 1024
-#ClientIOLength256K = 262144
-#ClientIOLength5M = 5242880
-
-[ServerIOSessionLength]
-IMPORTANCE = LOW
-TYPE = int
-ServerIOLength0 = 0
-ServerIOLength1K = 1024
-#ServerIOLength256K = 262144
-#ServerIOLength5M = 5242880
-
-[ServerDoClientAuth]
-IMPORTANCE = LOW
-TYPE = int
-#ClientAuthOnInitial = SSLT_CLIENTAUTH_INITIAL
-#ClientAuthOnRedo    = SSLT_CLIENTAUTH_REDO
-ClientAuthOff       = SSLT_CLIENTAUTH_OFF
-
-[ClientForceHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ClientForceHandshake = PR_TRUE
-ClientNoForceHandshake = PR_FALSE
-
-[ServerForceHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-ServerForceHandshake = PR_TRUE
-#ServerNoForceHandshake = PR_FALSE
-
-[ClientRedoHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ClientRedoHandshake = PR_TRUE
-ClientNoRedoHandshake = PR_FALSE
-
-[ServerRedoHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ServerRedoHandshake = PR_TRUE
-ServerNoRedoHandshake = PR_FALSE
-
-
-
-###########################################################################
-#
-#              C i p h e r     S p e c s
-#
-###########################################################################
-
-
-[Cipher_EN_RC4_128_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC4_128_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC4_128_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_RC4_128_EXPORT40_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_RC2_128_CBC_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_DES_64_CBC_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_DES_64_CBC_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_DES_64_CBC_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_DES_192_EDE3_CBC_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_TRUE
-No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_FALSE
-
-# SSL v3 Cipher Suites
-#[Cipher_NULL_WITH_NULL_NULL]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_NULL_WITH_NULL_NULL = PR_TRUE
-#No_Cipher_NULL_WITH_NULL_NULL = PR_FALSE
-
-#[Cipher_RSA_WITH_NULL_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_NULL_MD5 = PR_TRUE
-#No_Cipher_RSA_WITH_NULL_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_NULL_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_NULL_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_NULL_SHA = PR_FALSE
-
-[Cipher_RSA_EXPORT_WITH_RC4_40_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_TRUE
-No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_FALSE
-
-[Cipher_RSA_WITH_RC4_128_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_RC4_128_MD5 = PR_TRUE
-No_Cipher_RSA_WITH_RC4_128_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_RC4_128_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_RC4_128_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_RC4_128_SHA = PR_FALSE
-
-[Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_TRUE
-No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_IDEA_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_IDEA_CBC_SHA = PR_FALSE
-
-#[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-[Cipher_RSA_WITH_DES_CBC_SHA]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_DES_CBC_SHA = PR_TRUE
-No_Cipher_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-[Cipher_RSA_WITH_3DES_EDE_CBC_SHA]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-                                                       
-#[Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-                                                       
-#[Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-                                                       
-#[Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_TRUE
-#No_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_FALSE
-
-#[Cipher_DH_ANON_WITH_RC4_128_MD5]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_TRUE
-#No_Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_FALSE
-
-###define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA   0x0019
-
-#[Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_TRUE
-#No_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_FALSE
-
-#[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_TRUE
-#No_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_FALSE
-
- 
-#[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_FALSE
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/.cvsignore b/security/nss/tests/pkcs11/netscape/trivial/.cvsignore
deleted file mode 100644
index e3884c884..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/.cvsignore
+++ /dev/null
@@ -1,6 +0,0 @@
-Makefile
-config.cache
-config.h
-config.log
-config.status
-trivial*.tar.gz
diff --git a/security/nss/tests/pkcs11/netscape/trivial/Makefile.in b/security/nss/tests/pkcs11/netscape/trivial/Makefile.in
deleted file mode 100644
index 7f9488350..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/Makefile.in
+++ /dev/null
@@ -1,175 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is a trivial PKCS#11 test program.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corp.  Portions created by Netscape are 
-# Copyright (C) 2000.  All Rights Reserved.
-# 
-# Contributor(s): 
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-MAKEFILE_IN_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-SHELL = /bin/sh
-.SUFFIXES:
-.SUFFIXES: .c .o .h .in .a .so
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-includedir = @includedir@
-bindir = @bindir@
-@SET_MAKE@
-INSTALL = @INSTALL@
-RANLIB = @RANLIB@
-AR = @AR@
-CC = @CC@
-LD = @LD@
-RM = @RM@
-TAR = @TAR@
-
-CPPFLAGS = @CPPFLAGS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
-
-INSTALL_PROGRAM = $(INSTALL) -m 0500
-
-all:: program
-
-# Standard Netscape/Mozilla targets:
-# import import_xp export private_export libs program install all clobber 
-# clobber_all release release_xp alltags
-
-# Standard GNU targets:
-# all install uninstall install-strip clean distclean mostlyclean 
-# maintainer-clean TAGS info dvi dist check installcheck installdirs
-
-# === The actual targets and the real commands that make them ===
-program:: trivial
-
-trivial: trivial.c config.h Makefile
-	$(CC) -I. -I${srcdir} $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LDFLAGS) $(LIBS)
-
-# Now, various standard targets, some that do stuff, some that are no-ops
-
-import::
-
-export:: install
-
-private_export::
-
-program::
-
-clobber:: clean
-
-clobber_all:: maintainer-clean
-
-alltags:: TAGS
-
-RESULTS =						\
-    $(DESTDIR)$(bindir)/trivial	\
-    $(NULL)
-
-install:: $(RESULTS)
-
-$(DESTDIR)$(bindir)/trivial: trivial
-	$(INSTALL_PROGRAM) trivial $(DESTDIR)$(bindir)/trivial
-
-# "rm -f" with no arguments bites on some platforms.
-# There should be an autoconf check and maybe a more 
-# general $(FORCEDREMOVE) command
-
-uninstall::
-	$(RM) -f $(RESULTS)
-
-install-strip::
-	$(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s ' install
-
-clean::
-	$(RM) -f *~ core trivial.o trivial
-
-distclean:: clean
-	$(RM) -f Makefile config.cache config.h config.log config.status stamp-h stamp-h.in
-
-mostlyclean:: clean
-
-maintainer-clean:: distclean
-	$(RM) -f TAGS trivial*.tar.gz
-
-TAGS::
-
-DISTFILES =		 \
-    .cvsignore	 \
-    README.txt	 \
-    Makefile.in	 \
-	acconfig.h	 \
-	config.h.in	 \
-	configure	 \
-	configure.in \
-	install-sh	 \
-	trivial.c	 \
-	$(NULL)
-
-dist:: trivial.tar.gz
-
-# There must be an easier and more portable way of doing this..
-trivial.tar.gz: $(DISTFILES)
-	echo $(DISTFILES) | tr ' ' '\n' | sed "s^.*^`( cd ${srcdir}; pwd ) | xargs basename`/&^" | xargs tar czf $@ -C ${srcdir}/..
-
-# other "standard" but irrelevant targets
-info::
-
-dvi::
-
-check::
-
-installcheck::
-
-installdirs::
-
-# Include dependancies
-
-
-# autoheader might not change config.h.in, so touch a stamp file
-${srcdir}/config.h.in: stamp-h.in
-${srcdir}/stamp-h.in: configure.in acconfig.h
-	cd ${srcdir} && autoheader
-	echo timestamp > ${srcdir}/stamp-h.in
-
-# Remake the configuration
-${srcdir}/configure: configure.in
-	cd ${srcdir} && autoconf
-
-config.h: stamp-h
-stamp-h: config.h.in config.status
-	./config.status
-
-Makefile: Makefile.in config.status
-	./config.status
-
-config.status: configure
-	./config.status --recheck
diff --git a/security/nss/tests/pkcs11/netscape/trivial/README.txt b/security/nss/tests/pkcs11/netscape/trivial/README.txt
deleted file mode 100644
index 5c18a5089..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/README.txt
+++ /dev/null
@@ -1,56 +0,0 @@
-This is a very trivial program that loads and excercises a PKCS#11
-module, trying basic operations.  I used it as a basic check that
-my data-only modules for NSS worked, and I'm including it here as
-a first sample test program.
-
-
-This program uses GNU autoconf: run ./configure --help for info.
-In addition to the standard options, the configure script accepts
-the following:
-
-  --with-nspr[=path]      specify location of NSPR
-  --with-nss-dist[=path]  specify path to NSS dist directory
-  --with-nss-hdrs[=path]  or, specify path to installed NSS headers
-  --with-rsa-hdrs[=path]  if not using NSS, specify path to RSA headers
-  --disable-debug         default is enabled
-
-This program uses NSPR; you may specify the path to your NSPR 
-installation by using the "--with-nspr" option.  The specified
-directory should be the one containing "include" and "lib."
-If this option is not given, the default is the usual prefix
-directories; see ./configure --help for more info.
-
-This program requires either the pkcs11*.h files from RSA, or
-the NSS equivalents.  To specify their location, you must
-specify one of --with-nss-dist, --with-nss-hdrs, or --with-rsa-hdrs.
-
-If you have an NSS build tree, specify --with-nss-dist and provide
-the path to the mozilla/dist/*.OBJ directory.  (If you got this
-package by checking it out from mozilla, it should be about six
-directories up, once you've built NSS.)
-
-Alternatively, if you have an NSS installation (including "private"
-files, e.g. "ck.h") you may point directly to the directory containing
-the headers with --with-nss-hdrs.
-
-If you would rather use the RSA-provided header files, or your own
-versions of them, specify their location with --with-rsa-hdrs.
-
-The flag --disable-debug doesn't really do much here other than
-exclude the CVS_ID info from the binary.
-
-
-To run the program, specify the name of the .so (or your platform's
-equivalent) containing the module to be tested, e.g.: 
-
-  ./trivial ../../../../../../dist/*.OBJ/lib/libnssckbi.so
-
-
-If you're using NSS, and using our experimental "installer's
-arguments" fields in CK_C_INITIALIZE_ARGS, you can specify an
-"installer argument" with the -i flag:
-
-  ./trivial -i ~/.netscape/certs.db [...]/libnssckdb.so
-
-
-Share and enjoy.
diff --git a/security/nss/tests/pkcs11/netscape/trivial/acconfig.h b/security/nss/tests/pkcs11/netscape/trivial/acconfig.h
deleted file mode 100644
index 36f98f87a..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/acconfig.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is a trivial PKCS#11 test program.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Define to use NSS header files instead of the regular RSA ones */
-#undef WITH_NSS
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/config.h.in b/security/nss/tests/pkcs11/netscape/trivial/config.h.in
deleted file mode 100644
index bf5d5f3b5..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/config.h.in
+++ /dev/null
@@ -1,28 +0,0 @@
-/* config.h.in.  Generated automatically from configure.in by autoheader.  */
-
-/* Define to empty if the keyword does not work.  */
-#undef const
-
-/* Define to use NSS header files instead of the regular RSA ones */
-#undef WITH_NSS
-
-/* Define if you have the memset function.  */
-#undef HAVE_MEMSET
-
-/* Define if you have the strlen function.  */
-#undef HAVE_STRLEN
-
-/* Define if you have the <ck.h> header file.  */
-#undef HAVE_CK_H
-
-/* Define if you have the <nspr.h> header file.  */
-#undef HAVE_NSPR_H
-
-/* Define if you have the <pkcs11.h> header file.  */
-#undef HAVE_PKCS11_H
-
-/* Define if you have the <pkcs11t.h> header file.  */
-#undef HAVE_PKCS11T_H
-
-/* Define if you have the nspr4 library (-lnspr4).  */
-#undef HAVE_LIBNSPR4
diff --git a/security/nss/tests/pkcs11/netscape/trivial/configure b/security/nss/tests/pkcs11/netscape/trivial/configure
deleted file mode 100755
index d9571ccdd..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/configure
+++ /dev/null
@@ -1,1906 +0,0 @@
-#! /bin/sh
-
-# Guess values for system-dependent variables and create Makefiles.
-# Generated automatically using autoconf version 2.13 
-# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-
-# Defaults:
-ac_help=
-ac_default_prefix=/usr/local
-# Any additions from configure.in:
-ac_help="$ac_help
-  --with-nspr[=path]      specify location of NSPR"
-ac_help="$ac_help
-  --with-nss-dist[=path]  specify path to NSS dist directory"
-ac_help="$ac_help
-  --with-nss-hdrs[=path]  or, specify path to installed NSS headers"
-ac_help="$ac_help
-  --with-rsa-hdrs[=path]  if not using NSS, specify path to RSA headers"
-ac_help="$ac_help
-  --disable-debug         default is enabled"
-
-# Initialize some variables set by options.
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-build=NONE
-cache_file=./config.cache
-exec_prefix=NONE
-host=NONE
-no_create=
-nonopt=NONE
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-target=NONE
-verbose=
-x_includes=NONE
-x_libraries=NONE
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datadir='${prefix}/share'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-libdir='${exec_prefix}/lib'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-infodir='${prefix}/info'
-mandir='${prefix}/man'
-
-# Initialize some other variables.
-subdirs=
-MFLAGS= MAKEFLAGS=
-SHELL=${CONFIG_SHELL-/bin/sh}
-# Maximum number of lines to put in a shell here document.
-ac_max_here_lines=12
-
-ac_prev=
-for ac_option
-do
-
-  # If the previous option needs an argument, assign it.
-  if test -n "$ac_prev"; then
-    eval "$ac_prev=\$ac_option"
-    ac_prev=
-    continue
-  fi
-
-  case "$ac_option" in
-  -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
-  *) ac_optarg= ;;
-  esac
-
-  # Accept the important Cygnus configure options, so we can diagnose typos.
-
-  case "$ac_option" in
-
-  -bindir | --bindir | --bindi | --bind | --bin | --bi)
-    ac_prev=bindir ;;
-  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
-    bindir="$ac_optarg" ;;
-
-  -build | --build | --buil | --bui | --bu)
-    ac_prev=build ;;
-  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
-    build="$ac_optarg" ;;
-
-  -cache-file | --cache-file | --cache-fil | --cache-fi \
-  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
-    ac_prev=cache_file ;;
-  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
-  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
-    cache_file="$ac_optarg" ;;
-
-  -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
-    ac_prev=datadir ;;
-  -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
-  | --da=*)
-    datadir="$ac_optarg" ;;
-
-  -disable-* | --disable-*)
-    ac_feature=`echo $ac_option|sed -e 's/-*disable-//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then
-      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
-    fi
-    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
-    eval "enable_${ac_feature}=no" ;;
-
-  -enable-* | --enable-*)
-    ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then
-      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
-    fi
-    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
-    case "$ac_option" in
-      *=*) ;;
-      *) ac_optarg=yes ;;
-    esac
-    eval "enable_${ac_feature}='$ac_optarg'" ;;
-
-  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
-  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
-  | --exec | --exe | --ex)
-    ac_prev=exec_prefix ;;
-  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
-  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
-  | --exec=* | --exe=* | --ex=*)
-    exec_prefix="$ac_optarg" ;;
-
-  -gas | --gas | --ga | --g)
-    # Obsolete; use --with-gas.
-    with_gas=yes ;;
-
-  -help | --help | --hel | --he)
-    # Omit some internal or obsolete options to make the list less imposing.
-    # This message is too long to be a string in the A/UX 3.1 sh.
-    cat << EOF
-Usage: configure [options] [host]
-Options: [defaults in brackets after descriptions]
-Configuration:
-  --cache-file=FILE       cache test results in FILE
-  --help                  print this message
-  --no-create             do not create output files
-  --quiet, --silent       do not print \`checking...' messages
-  --version               print the version of autoconf that created configure
-Directory and file names:
-  --prefix=PREFIX         install architecture-independent files in PREFIX
-                          [$ac_default_prefix]
-  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
-                          [same as prefix]
-  --bindir=DIR            user executables in DIR [EPREFIX/bin]
-  --sbindir=DIR           system admin executables in DIR [EPREFIX/sbin]
-  --libexecdir=DIR        program executables in DIR [EPREFIX/libexec]
-  --datadir=DIR           read-only architecture-independent data in DIR
-                          [PREFIX/share]
-  --sysconfdir=DIR        read-only single-machine data in DIR [PREFIX/etc]
-  --sharedstatedir=DIR    modifiable architecture-independent data in DIR
-                          [PREFIX/com]
-  --localstatedir=DIR     modifiable single-machine data in DIR [PREFIX/var]
-  --libdir=DIR            object code libraries in DIR [EPREFIX/lib]
-  --includedir=DIR        C header files in DIR [PREFIX/include]
-  --oldincludedir=DIR     C header files for non-gcc in DIR [/usr/include]
-  --infodir=DIR           info documentation in DIR [PREFIX/info]
-  --mandir=DIR            man documentation in DIR [PREFIX/man]
-  --srcdir=DIR            find the sources in DIR [configure dir or ..]
-  --program-prefix=PREFIX prepend PREFIX to installed program names
-  --program-suffix=SUFFIX append SUFFIX to installed program names
-  --program-transform-name=PROGRAM
-                          run sed PROGRAM on installed program names
-EOF
-    cat << EOF
-Host type:
-  --build=BUILD           configure for building on BUILD [BUILD=HOST]
-  --host=HOST             configure for HOST [guessed]
-  --target=TARGET         configure for TARGET [TARGET=HOST]
-Features and packages:
-  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
-  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
-  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
-  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
-  --x-includes=DIR        X include files are in DIR
-  --x-libraries=DIR       X library files are in DIR
-EOF
-    if test -n "$ac_help"; then
-      echo "--enable and --with options recognized:$ac_help"
-    fi
-    exit 0 ;;
-
-  -host | --host | --hos | --ho)
-    ac_prev=host ;;
-  -host=* | --host=* | --hos=* | --ho=*)
-    host="$ac_optarg" ;;
-
-  -includedir | --includedir | --includedi | --included | --include \
-  | --includ | --inclu | --incl | --inc)
-    ac_prev=includedir ;;
-  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
-  | --includ=* | --inclu=* | --incl=* | --inc=*)
-    includedir="$ac_optarg" ;;
-
-  -infodir | --infodir | --infodi | --infod | --info | --inf)
-    ac_prev=infodir ;;
-  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
-    infodir="$ac_optarg" ;;
-
-  -libdir | --libdir | --libdi | --libd)
-    ac_prev=libdir ;;
-  -libdir=* | --libdir=* | --libdi=* | --libd=*)
-    libdir="$ac_optarg" ;;
-
-  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
-  | --libexe | --libex | --libe)
-    ac_prev=libexecdir ;;
-  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
-  | --libexe=* | --libex=* | --libe=*)
-    libexecdir="$ac_optarg" ;;
-
-  -localstatedir | --localstatedir | --localstatedi | --localstated \
-  | --localstate | --localstat | --localsta | --localst \
-  | --locals | --local | --loca | --loc | --lo)
-    ac_prev=localstatedir ;;
-  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
-  | --localstate=* | --localstat=* | --localsta=* | --localst=* \
-  | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
-    localstatedir="$ac_optarg" ;;
-
-  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
-    ac_prev=mandir ;;
-  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
-    mandir="$ac_optarg" ;;
-
-  -nfp | --nfp | --nf)
-    # Obsolete; use --without-fp.
-    with_fp=no ;;
-
-  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
-  | --no-cr | --no-c)
-    no_create=yes ;;
-
-  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
-  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
-    no_recursion=yes ;;
-
-  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
-  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
-  | --oldin | --oldi | --old | --ol | --o)
-    ac_prev=oldincludedir ;;
-  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
-  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
-  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
-    oldincludedir="$ac_optarg" ;;
-
-  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
-    ac_prev=prefix ;;
-  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
-    prefix="$ac_optarg" ;;
-
-  -program-prefix | --program-prefix | --program-prefi | --program-pref \
-  | --program-pre | --program-pr | --program-p)
-    ac_prev=program_prefix ;;
-  -program-prefix=* | --program-prefix=* | --program-prefi=* \
-  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
-    program_prefix="$ac_optarg" ;;
-
-  -program-suffix | --program-suffix | --program-suffi | --program-suff \
-  | --program-suf | --program-su | --program-s)
-    ac_prev=program_suffix ;;
-  -program-suffix=* | --program-suffix=* | --program-suffi=* \
-  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
-    program_suffix="$ac_optarg" ;;
-
-  -program-transform-name | --program-transform-name \
-  | --program-transform-nam | --program-transform-na \
-  | --program-transform-n | --program-transform- \
-  | --program-transform | --program-transfor \
-  | --program-transfo | --program-transf \
-  | --program-trans | --program-tran \
-  | --progr-tra | --program-tr | --program-t)
-    ac_prev=program_transform_name ;;
-  -program-transform-name=* | --program-transform-name=* \
-  | --program-transform-nam=* | --program-transform-na=* \
-  | --program-transform-n=* | --program-transform-=* \
-  | --program-transform=* | --program-transfor=* \
-  | --program-transfo=* | --program-transf=* \
-  | --program-trans=* | --program-tran=* \
-  | --progr-tra=* | --program-tr=* | --program-t=*)
-    program_transform_name="$ac_optarg" ;;
-
-  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
-  | -silent | --silent | --silen | --sile | --sil)
-    silent=yes ;;
-
-  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
-    ac_prev=sbindir ;;
-  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
-  | --sbi=* | --sb=*)
-    sbindir="$ac_optarg" ;;
-
-  -sharedstatedir | --sharedstatedir | --sharedstatedi \
-  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
-  | --sharedst | --shareds | --shared | --share | --shar \
-  | --sha | --sh)
-    ac_prev=sharedstatedir ;;
-  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
-  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
-  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
-  | --sha=* | --sh=*)
-    sharedstatedir="$ac_optarg" ;;
-
-  -site | --site | --sit)
-    ac_prev=site ;;
-  -site=* | --site=* | --sit=*)
-    site="$ac_optarg" ;;
-
-  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
-    ac_prev=srcdir ;;
-  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
-    srcdir="$ac_optarg" ;;
-
-  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
-  | --syscon | --sysco | --sysc | --sys | --sy)
-    ac_prev=sysconfdir ;;
-  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
-  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
-    sysconfdir="$ac_optarg" ;;
-
-  -target | --target | --targe | --targ | --tar | --ta | --t)
-    ac_prev=target ;;
-  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
-    target="$ac_optarg" ;;
-
-  -v | -verbose | --verbose | --verbos | --verbo | --verb)
-    verbose=yes ;;
-
-  -version | --version | --versio | --versi | --vers)
-    echo "configure generated by autoconf version 2.13"
-    exit 0 ;;
-
-  -with-* | --with-*)
-    ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then
-      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
-    fi
-    ac_package=`echo $ac_package| sed 's/-/_/g'`
-    case "$ac_option" in
-      *=*) ;;
-      *) ac_optarg=yes ;;
-    esac
-    eval "with_${ac_package}='$ac_optarg'" ;;
-
-  -without-* | --without-*)
-    ac_package=`echo $ac_option|sed -e 's/-*without-//'`
-    # Reject names that are not valid shell variable names.
-    if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then
-      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
-    fi
-    ac_package=`echo $ac_package| sed 's/-/_/g'`
-    eval "with_${ac_package}=no" ;;
-
-  --x)
-    # Obsolete; use --with-x.
-    with_x=yes ;;
-
-  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
-  | --x-incl | --x-inc | --x-in | --x-i)
-    ac_prev=x_includes ;;
-  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
-  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
-    x_includes="$ac_optarg" ;;
-
-  -x-libraries | --x-libraries | --x-librarie | --x-librari \
-  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
-    ac_prev=x_libraries ;;
-  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
-  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
-    x_libraries="$ac_optarg" ;;
-
-  -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
-    ;;
-
-  *)
-    if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
-      echo "configure: warning: $ac_option: invalid host type" 1>&2
-    fi
-    if test "x$nonopt" != xNONE; then
-      { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; }
-    fi
-    nonopt="$ac_option"
-    ;;
-
-  esac
-done
-
-if test -n "$ac_prev"; then
-  { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; }
-fi
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-# File descriptor usage:
-# 0 standard input
-# 1 file creation
-# 2 errors and warnings
-# 3 some systems may open it to /dev/tty
-# 4 used on the Kubota Titan
-# 6 checking for... messages and results
-# 5 compiler messages saved in config.log
-if test "$silent" = yes; then
-  exec 6>/dev/null
-else
-  exec 6>&1
-fi
-exec 5>./config.log
-
-echo "\
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-" 1>&5
-
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Also quote any args containing shell metacharacters.
-ac_configure_args=
-for ac_arg
-do
-  case "$ac_arg" in
-  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
-  | --no-cr | --no-c) ;;
-  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
-  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;;
-  *" "*|*"	"*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
-  ac_configure_args="$ac_configure_args '$ac_arg'" ;;
-  *) ac_configure_args="$ac_configure_args $ac_arg" ;;
-  esac
-done
-
-# NLS nuisances.
-# Only set these to C if already set.  These must not be set unconditionally
-# because not all systems understand e.g. LANG=C (notably SCO).
-# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
-# Non-C LC_CTYPE values break the ctype check.
-if test "${LANG+set}"   = set; then LANG=C;   export LANG;   fi
-if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
-if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
-if test "${LC_CTYPE+set}"    = set; then LC_CTYPE=C;    export LC_CTYPE;    fi
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -rf conftest* confdefs.h
-# AIX cpp loses on an empty file, so make sure it contains at least a newline.
-echo > confdefs.h
-
-# A filename unique to this package, relative to the directory that
-# configure is in, which we can look for to find out if srcdir is correct.
-ac_unique_file=trivial.c
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
-  ac_srcdir_defaulted=yes
-  # Try the directory containing this script, then its parent.
-  ac_prog=$0
-  ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'`
-  test "x$ac_confdir" = "x$ac_prog" && ac_confdir=.
-  srcdir=$ac_confdir
-  if test ! -r $srcdir/$ac_unique_file; then
-    srcdir=..
-  fi
-else
-  ac_srcdir_defaulted=no
-fi
-if test ! -r $srcdir/$ac_unique_file; then
-  if test "$ac_srcdir_defaulted" = yes; then
-    { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; }
-  else
-    { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; }
-  fi
-fi
-srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'`
-
-# Prefer explicitly selected file to automatically selected ones.
-if test -z "$CONFIG_SITE"; then
-  if test "x$prefix" != xNONE; then
-    CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
-  else
-    CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
-  fi
-fi
-for ac_site_file in $CONFIG_SITE; do
-  if test -r "$ac_site_file"; then
-    echo "loading site script $ac_site_file"
-    . "$ac_site_file"
-  fi
-done
-
-if test -r "$cache_file"; then
-  echo "loading cache $cache_file"
-  . $cache_file
-else
-  echo "creating cache $cache_file"
-  > $cache_file
-fi
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-ac_exeext=
-ac_objext=o
-if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
-  # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu.
-  if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
-    ac_n= ac_c='
-' ac_t='	'
-  else
-    ac_n=-n ac_c= ac_t=
-  fi
-else
-  ac_n= ac_c='\c' ac_t=
-fi
-
-
-
-echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6
-echo "configure:537: checking whether ${MAKE-make} sets \${MAKE}" >&5
-set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftestmake <<\EOF
-all:
-	@echo 'ac_maketemp="${MAKE}"'
-EOF
-# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
-eval `${MAKE-make} -f conftestmake 2>/dev/null | grep temp=`
-if test -n "$ac_maketemp"; then
-  eval ac_cv_prog_make_${ac_make}_set=yes
-else
-  eval ac_cv_prog_make_${ac_make}_set=no
-fi
-rm -f conftestmake
-fi
-if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-  SET_MAKE=
-else
-  echo "$ac_t""no" 1>&6
-  SET_MAKE="MAKE=${MAKE-make}"
-fi
-
-
-# Check whether --with-nspr or --without-nspr was given.
-if test "${with_nspr+set}" = set; then
-  withval="$with_nspr"
-   case "$withval" in
-  no)
-    { echo "configure: error: NSPR is required" 1>&2; exit 1; };;
-  yes)
-    NSPR_INCLUDE="$includedir"
-    NSPR_LIBPATH="$libdir"
-    ;;
-  *)
-    NSPR_INCLUDE="$withval/include"
-    NSPR_LIBPATH="$withval/lib"
-    ;;
-  esac 
-else
-   NSPR_INCLUDE="$includedir"
-  NSPR_LIBPATH="$libdir" 
-
-fi
-
-
-NSPR_CFLAGS="-I$NSPR_INCLUDE"
-NSPR_LDFLAGS="-L$NSPR_LIBPATH -lnspr4 -lplc4 -lplds4"
-
-
-# Check whether --with-nss-dist or --without-nss-dist was given.
-if test "${with_nss_dist+set}" = set; then
-  withval="$with_nss_dist"
-   case "$withval" in
-  no)
-    NSS_CFLAGS=""
-    nss="0"
-    ;;
-  yes)
-    { echo "configure: error: You have to specify a path for --with-nss-dist" 1>&2; exit 1; }
-    ;;
-  *)
-    NSS_CFLAGS="-I$withval/private/security -I$withval/public/security"
-    nss="1"
-    ;;
-  esac 
-fi
-
-
-# Check whether --with-nss-hdrs or --without-nss-hdrs was given.
-if test "${with_nss_hdrs+set}" = set; then
-  withval="$with_nss_hdrs"
-   if test "x$nss" != "x"; then
-    { echo "configure: error: Only specify --with-nss-hdrs or --with-nss-dist" 1>&2; exit 1; }
-  fi
-  case "$withval" in
-  no)
-    NSS_CFLAGS=""
-    nss="0"
-    ;;
-  yes)
-    NSS_CFLAGS="-I$includedir"
-    nss="1"
-    ;;
-  *)
-    NSS_CFLAGS="-I$withval"
-    nss="1"
-    ;;
-  esac 
-fi
-
-
-# Check whether --with-rsa-hdrs or --without-rsa-hdrs was given.
-if test "${with_rsa_hdrs+set}" = set; then
-  withval="$with_rsa_hdrs"
-   if test "x$nss" != "x"; then
-    { echo "configure: error: Only specify --with-nss-{hdrs" 1>&2; exit 1; }
-  fi
-  case "$withval" in
-  no)
-    rsa="0"
-    ;;
-  yes)
-    RSA_INCLUDE="$includedir"
-    rsa="1"
-    ;;
-  *)
-    RSA_INCLUDE="$withval"
-    rsa="1"
-    ;;
-  esac 
-fi
-
-
-if test "x$nss" = "x"; then
-  if test "x$rsa" = "x"; then
-    RSA_INCLUDE="$includedir"
-  fi
-  RSA_CFLAGS="-I$RSA_INCLUDE"
-fi
-
-if test "x$nss" = "x1"; then
-  cat >> confdefs.h <<\EOF
-#define WITH_NSS 1
-EOF
-
-fi
-
-
-
-if test "x$rsa" = "x1"; then
-  RSA_CFLAGS-"-I$RSA_INCLUDE"
-fi
-
-# Check whether --enable-debug or --disable-debug was given.
-if test "${enable_debug+set}" = set; then
-  enableval="$enable_debug"
-   case "$enableval" in
-  no)
-    DEBUG_CFLAGS="";;
-  yes)
-    DEBUG_CFLAGS="-DDEBUG";;
-  *)
-    DEBUG_CFLAGS="-DDEBUG";;
-  esac 
-else
-  DEBUG_CFLAGS="-DDEBUG"
-fi
-
-
-# Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:693: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_CC="gcc"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
-  echo "$ac_t""$CC" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-if test -z "$CC"; then
-  # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:723: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_prog_rejected=no
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
-        ac_prog_rejected=yes
-	continue
-      fi
-      ac_cv_prog_CC="cc"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-if test $ac_prog_rejected = yes; then
-  # We found a bogon in the path, so make sure we never use it.
-  set dummy $ac_cv_prog_CC
-  shift
-  if test $# -gt 0; then
-    # We chose a different compiler from the bogus one.
-    # However, it has the same basename, so the bogon will be chosen
-    # first if we set CC to just the basename; use the full file name.
-    shift
-    set dummy "$ac_dir/$ac_word" "$@"
-    shift
-    ac_cv_prog_CC="$@"
-  fi
-fi
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
-  echo "$ac_t""$CC" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-  if test -z "$CC"; then
-    case "`uname -s`" in
-    *win32* | *WIN32*)
-      # Extract the first word of "cl", so it can be a program name with args.
-set dummy cl; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:774: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_CC="cl"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
-  echo "$ac_t""$CC" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
- ;;
-    esac
-  fi
-  test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
-fi
-
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:806: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-cat > conftest.$ac_ext << EOF
-
-#line 817 "configure"
-#include "confdefs.h"
-
-main(){return(0);}
-EOF
-if { (eval echo configure:822: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  ac_cv_prog_cc_works=yes
-  # If we can't run a trivial program, we are probably using a cross compiler.
-  if (./conftest; exit) 2>/dev/null; then
-    ac_cv_prog_cc_cross=no
-  else
-    ac_cv_prog_cc_cross=yes
-  fi
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  ac_cv_prog_cc_works=no
-fi
-rm -fr conftest*
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
-if test $ac_cv_prog_cc_works = no; then
-  { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
-fi
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:848: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
-echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:853: checking whether we are using GNU C" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.c <<EOF
-#ifdef __GNUC__
-  yes;
-#endif
-EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:862: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
-  ac_cv_prog_gcc=yes
-else
-  ac_cv_prog_gcc=no
-fi
-fi
-
-echo "$ac_t""$ac_cv_prog_gcc" 1>&6
-
-if test $ac_cv_prog_gcc = yes; then
-  GCC=yes
-else
-  GCC=
-fi
-
-ac_test_CFLAGS="${CFLAGS+set}"
-ac_save_CFLAGS="$CFLAGS"
-CFLAGS=
-echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:881: checking whether ${CC-cc} accepts -g" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  echo 'void f(){}' > conftest.c
-if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
-  ac_cv_prog_cc_g=yes
-else
-  ac_cv_prog_cc_g=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$ac_cv_prog_cc_g" 1>&6
-if test "$ac_test_CFLAGS" = set; then
-  CFLAGS="$ac_save_CFLAGS"
-elif test $ac_cv_prog_cc_g = yes; then
-  if test "$GCC" = yes; then
-    CFLAGS="-g -O2"
-  else
-    CFLAGS="-g"
-  fi
-else
-  if test "$GCC" = yes; then
-    CFLAGS="-O2"
-  else
-    CFLAGS=
-  fi
-fi
-
-echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:913: checking how to run the C preprocessor" >&5
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
-  CPP=
-fi
-if test -z "$CPP"; then
-if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-    # This must be in double quotes, not single quotes, because CPP may get
-  # substituted into the Makefile and "${CC-cc}" will confuse make.
-  CPP="${CC-cc} -E"
-  # On the NeXT, cc -E runs the code through the compiler's parser,
-  # not just through cpp.
-  cat > conftest.$ac_ext <<EOF
-#line 928 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:934: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
-  :
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  CPP="${CC-cc} -E -traditional-cpp"
-  cat > conftest.$ac_ext <<EOF
-#line 945 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:951: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
-  :
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  CPP="${CC-cc} -nologo -E"
-  cat > conftest.$ac_ext <<EOF
-#line 962 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:968: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
-  :
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  CPP=/lib/cpp
-fi
-rm -f conftest*
-fi
-rm -f conftest*
-fi
-rm -f conftest*
-  ac_cv_prog_CPP="$CPP"
-fi
-  CPP="$ac_cv_prog_CPP"
-else
-  ac_cv_prog_CPP="$CPP"
-fi
-echo "$ac_t""$CPP" 1>&6
-
-ac_aux_dir=
-for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
-  if test -f $ac_dir/install-sh; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/install-sh -c"
-    break
-  elif test -f $ac_dir/install.sh; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/install.sh -c"
-    break
-  fi
-done
-if test -z "$ac_aux_dir"; then
-  { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; }
-fi
-ac_config_guess=$ac_aux_dir/config.guess
-ac_config_sub=$ac_aux_dir/config.sub
-ac_configure=$ac_aux_dir/configure # This should be Cygnus configure.
-
-# Find a good install program.  We prefer a C program (faster),
-# so one script is as good as another.  But avoid the broken or
-# incompatible versions:
-# SysV /etc/install, /usr/sbin/install
-# SunOS /usr/etc/install
-# IRIX /sbin/install
-# AIX /bin/install
-# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
-# AFS /usr/afsws/bin/install, which mishandles nonexistent args
-# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
-# ./install, which can be erroneously created by make from ./install.sh.
-echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:1023: checking for a BSD compatible install" >&5
-if test -z "$INSTALL"; then
-if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-    IFS="${IFS= 	}"; ac_save_IFS="$IFS"; IFS=":"
-  for ac_dir in $PATH; do
-    # Account for people who put trailing slashes in PATH elements.
-    case "$ac_dir/" in
-    /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;;
-    *)
-      # OSF1 and SCO ODT 3.0 have their own names for install.
-      # Don't use installbsd from OSF since it installs stuff as root
-      # by default.
-      for ac_prog in ginstall scoinst install; do
-        if test -f $ac_dir/$ac_prog; then
-	  if test $ac_prog = install &&
-            grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then
-	    # AIX install.  It has an incompatible calling convention.
-	    :
-	  else
-	    ac_cv_path_install="$ac_dir/$ac_prog -c"
-	    break 2
-	  fi
-	fi
-      done
-      ;;
-    esac
-  done
-  IFS="$ac_save_IFS"
-
-fi
-  if test "${ac_cv_path_install+set}" = set; then
-    INSTALL="$ac_cv_path_install"
-  else
-    # As a last resort, use the slow shell script.  We don't cache a
-    # path for INSTALL within a source directory, because that will
-    # break other packages using the cache if that directory is
-    # removed, or if the path is relative.
-    INSTALL="$ac_install_sh"
-  fi
-fi
-echo "$ac_t""$INSTALL" 1>&6
-
-# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
-# It thinks the first close brace ends the variable substitution.
-test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
-
-test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}'
-
-test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-
-# Extract the first word of "ranlib", so it can be a program name with args.
-set dummy ranlib; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1078: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$RANLIB"; then
-  ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_RANLIB="ranlib"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-  test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":"
-fi
-fi
-RANLIB="$ac_cv_prog_RANLIB"
-if test -n "$RANLIB"; then
-  echo "$ac_t""$RANLIB" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "ar", so it can be a program name with args.
-set dummy ar; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1108: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_AR'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$AR"; then
-  ac_cv_prog_AR="$AR" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_AR="ar"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-AR="$ac_cv_prog_AR"
-if test -n "$AR"; then
-  echo "$ac_t""$AR" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "ld", so it can be a program name with args.
-set dummy ld; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1137: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_LD'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$LD"; then
-  ac_cv_prog_LD="$LD" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_LD="ld"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-LD="$ac_cv_prog_LD"
-if test -n "$LD"; then
-  echo "$ac_t""$LD" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "rm", so it can be a program name with args.
-set dummy rm; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1166: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RM'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$RM"; then
-  ac_cv_prog_RM="$RM" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_RM="rm"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-RM="$ac_cv_prog_RM"
-if test -n "$RM"; then
-  echo "$ac_t""$RM" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "tar", so it can be a program name with args.
-set dummy tar; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1195: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_TAR'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  if test -n "$TAR"; then
-  ac_cv_prog_TAR="$TAR" # Let the user override the test.
-else
-  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
-  ac_dummy="$PATH"
-  for ac_dir in $ac_dummy; do
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$ac_word; then
-      ac_cv_prog_TAR="tar"
-      break
-    fi
-  done
-  IFS="$ac_save_ifs"
-fi
-fi
-TAR="$ac_cv_prog_TAR"
-if test -n "$TAR"; then
-  echo "$ac_t""$TAR" 1>&6
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-
-
-CPPFLAGS="$CFLAGS $NSPR_CFLAGS $NSS_CFLAGS $RSA_CFLAGS $DEBUG_CFLAGS"
-LIBS="$NSPR_LDFLAGS $LIBS"
-
-
-
-echo $ac_n "checking for PR_Init in -lnspr4""... $ac_c" 1>&6
-echo "configure:1229: checking for PR_Init in -lnspr4" >&5
-ac_lib_var=`echo nspr4'_'PR_Init | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  ac_save_LIBS="$LIBS"
-LIBS="-lnspr4  $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 1237 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char PR_Init();
-
-int main() {
-PR_Init()
-; return 0; }
-EOF
-if { (eval echo configure:1248: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_lib=HAVE_LIB`echo nspr4 | sed -e 's/[^a-zA-Z0-9_]/_/g' \
-    -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
-  LIBS="-lnspr4 $LIBS"
-
-else
-  echo "$ac_t""no" 1>&6
-fi
-
-
-for ac_hdr in nspr.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1280: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1285 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1290: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-
-if test "x$nss" = "x1"; then
-  for ac_hdr in ck.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1323: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1328 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1333: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-fi
-
-if test "x$rsa" = "x1"; then
-  for ac_hdr in pkcs11t.h pkcs11.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1366: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1371 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1376: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=yes"
-else
-  echo "$ac_err" >&5
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-fi
-
-
-
-echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:1407: checking for working const" >&5
-if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1412 "configure"
-#include "confdefs.h"
-
-int main() {
-
-/* Ultrix mips cc rejects this.  */
-typedef int charset[2]; const charset x;
-/* SunOS 4.1.1 cc rejects this.  */
-char const *const *ccp;
-char **p;
-/* NEC SVR4.0.2 mips cc rejects this.  */
-struct point {int x, y;};
-static struct point const zero = {0,0};
-/* AIX XL C 1.02.0.0 rejects this.
-   It does not let you subtract one const X* pointer from another in an arm
-   of an if-expression whose if-part is not a constant expression */
-const char *g = "string";
-ccp = &g + (g ? g-g : 0);
-/* HPUX 7.0 cc rejects these. */
-++ccp;
-p = (char**) ccp;
-ccp = (char const *const *) p;
-{ /* SCO 3.2v4 cc rejects this.  */
-  char *t;
-  char const *s = 0 ? (char *) 0 : (char const *) 0;
-
-  *t++ = 0;
-}
-{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this.  */
-  int x[] = {25, 17};
-  const int *foo = &x[0];
-  ++foo;
-}
-{ /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
-  typedef const int *iptr;
-  iptr p = 0;
-  ++p;
-}
-{ /* AIX XL C 1.02.0.0 rejects this saying
-     "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
-  struct s { int j; const int *ap[3]; };
-  struct s *b; b->j = 5;
-}
-{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
-  const int foo = 10;
-}
-
-; return 0; }
-EOF
-if { (eval echo configure:1461: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
-  rm -rf conftest*
-  ac_cv_c_const=yes
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  ac_cv_c_const=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_c_const" 1>&6
-if test $ac_cv_c_const = no; then
-  cat >> confdefs.h <<\EOF
-#define const 
-EOF
-
-fi
-
-
-
-for ac_func in memset strlen
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:1486: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
-  echo $ac_n "(cached) $ac_c" 1>&6
-else
-  cat > conftest.$ac_ext <<EOF
-#line 1491 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $ac_func(); below.  */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error.  */
-/* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:1514: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=yes"
-else
-  echo "configure: failed program was:" >&5
-  cat conftest.$ac_ext >&5
-  rm -rf conftest*
-  eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
-  echo "$ac_t""yes" 1>&6
-    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
-  cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
- 
-else
-  echo "$ac_t""no" 1>&6
-fi
-done
-
-
-trap '' 1 2 15
-cat > confcache <<\EOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs.  It is not useful on other systems.
-# If it contains results you don't want to keep, you may remove or edit it.
-#
-# By default, configure uses ./config.cache as the cache file,
-# creating it if it does not exist already.  You can give configure
-# the --cache-file=FILE option to use a different cache file; that is
-# what configure does when it calls configure scripts in
-# subdirectories, so they share the cache.
-# Giving --cache-file=/dev/null disables caching, for debugging configure.
-# config.status only pays attention to the cache file if you give it the
-# --recheck option to rerun configure.
-#
-EOF
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, don't put newlines in cache variables' values.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(set) 2>&1 |
-  case `(ac_space=' '; set | grep ac_space) 2>&1` in
-  *ac_space=\ *)
-    # `set' does not quote correctly, so add quotes (double-quote substitution
-    # turns \\\\ into \\, and sed turns \\ into \).
-    sed -n \
-      -e "s/'/'\\\\''/g" \
-      -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p"
-    ;;
-  *)
-    # `set' quotes correctly as required by POSIX, so do not add quotes.
-    sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p'
-    ;;
-  esac >> confcache
-if cmp -s $cache_file confcache; then
-  :
-else
-  if test -w $cache_file; then
-    echo "updating cache $cache_file"
-    cat confcache > $cache_file
-  else
-    echo "not updating unwritable cache $cache_file"
-  fi
-fi
-rm -f confcache
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-# Any assignment to VPATH causes Sun make to only execute
-# the first set of double-colon rules, so remove it if not needed.
-# If there is a colon in the path, we need to keep it.
-if test "x$srcdir" = x.; then
-  ac_vpsub='/^[ 	]*VPATH[ 	]*=[^:]*$/d'
-fi
-
-trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15
-
-DEFS=-DHAVE_CONFIG_H
-
-# Without the "./", some shells look in PATH for config.status.
-: ${CONFIG_STATUS=./config.status}
-
-echo creating $CONFIG_STATUS
-rm -f $CONFIG_STATUS
-cat > $CONFIG_STATUS <<EOF
-#! /bin/sh
-# Generated automatically by configure.
-# Run this file to recreate the current configuration.
-# This directory was configured as follows,
-# on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
-#
-# $0 $ac_configure_args
-#
-# Compiler output produced by configure, useful for debugging
-# configure, is in ./config.log if it exists.
-
-ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]"
-for ac_option
-do
-  case "\$ac_option" in
-  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
-    echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion"
-    exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;;
-  -version | --version | --versio | --versi | --vers | --ver | --ve | --v)
-    echo "$CONFIG_STATUS generated by autoconf version 2.13"
-    exit 0 ;;
-  -help | --help | --hel | --he | --h)
-    echo "\$ac_cs_usage"; exit 0 ;;
-  *) echo "\$ac_cs_usage"; exit 1 ;;
-  esac
-done
-
-ac_given_srcdir=$srcdir
-ac_given_INSTALL="$INSTALL"
-
-trap 'rm -fr `echo "Makefile config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-# Protect against being on the right side of a sed subst in config.status.
-sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
- s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
-$ac_vpsub
-$extrasub
-s%@SHELL@%$SHELL%g
-s%@CFLAGS@%$CFLAGS%g
-s%@CPPFLAGS@%$CPPFLAGS%g
-s%@CXXFLAGS@%$CXXFLAGS%g
-s%@FFLAGS@%$FFLAGS%g
-s%@DEFS@%$DEFS%g
-s%@LDFLAGS@%$LDFLAGS%g
-s%@LIBS@%$LIBS%g
-s%@exec_prefix@%$exec_prefix%g
-s%@prefix@%$prefix%g
-s%@program_transform_name@%$program_transform_name%g
-s%@bindir@%$bindir%g
-s%@sbindir@%$sbindir%g
-s%@libexecdir@%$libexecdir%g
-s%@datadir@%$datadir%g
-s%@sysconfdir@%$sysconfdir%g
-s%@sharedstatedir@%$sharedstatedir%g
-s%@localstatedir@%$localstatedir%g
-s%@libdir@%$libdir%g
-s%@includedir@%$includedir%g
-s%@oldincludedir@%$oldincludedir%g
-s%@infodir@%$infodir%g
-s%@mandir@%$mandir%g
-s%@SET_MAKE@%$SET_MAKE%g
-s%@WITH_NSS@%$WITH_NSS%g
-s%@CC@%$CC%g
-s%@CPP@%$CPP%g
-s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
-s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g
-s%@INSTALL_DATA@%$INSTALL_DATA%g
-s%@RANLIB@%$RANLIB%g
-s%@AR@%$AR%g
-s%@LD@%$LD%g
-s%@RM@%$RM%g
-s%@TAR@%$TAR%g
-s%@CC INSTALL RANLIB AR LD RM TAR@%$CC INSTALL RANLIB AR LD RM TAR%g
-s%@HAVE_NSPR_H@%$HAVE_NSPR_H%g
-s%@HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H@%$HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H%g
-s%@const@%$const%g
-s%@HAVE_MEMSET HAVE_STRLEN@%$HAVE_MEMSET HAVE_STRLEN%g
-
-CEOF
-EOF
-
-cat >> $CONFIG_STATUS <<\EOF
-
-# Split the substitutions into bite-sized pieces for seds with
-# small command number limits, like on Digital OSF/1 and HP-UX.
-ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script.
-ac_file=1 # Number of current file.
-ac_beg=1 # First line for current file.
-ac_end=$ac_max_sed_cmds # Line after last line for current file.
-ac_more_lines=:
-ac_sed_cmds=""
-while $ac_more_lines; do
-  if test $ac_beg -gt 1; then
-    sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file
-  else
-    sed "${ac_end}q" conftest.subs > conftest.s$ac_file
-  fi
-  if test ! -s conftest.s$ac_file; then
-    ac_more_lines=false
-    rm -f conftest.s$ac_file
-  else
-    if test -z "$ac_sed_cmds"; then
-      ac_sed_cmds="sed -f conftest.s$ac_file"
-    else
-      ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file"
-    fi
-    ac_file=`expr $ac_file + 1`
-    ac_beg=$ac_end
-    ac_end=`expr $ac_end + $ac_max_sed_cmds`
-  fi
-done
-if test -z "$ac_sed_cmds"; then
-  ac_sed_cmds=cat
-fi
-EOF
-
-cat >> $CONFIG_STATUS <<EOF
-
-CONFIG_FILES=\${CONFIG_FILES-"Makefile"}
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
-  # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
-  case "$ac_file" in
-  *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
-       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
-  *) ac_file_in="${ac_file}.in" ;;
-  esac
-
-  # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories.
-
-  # Remove last slash and all that follows it.  Not all systems have dirname.
-  ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
-  if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
-    # The file is in a subdirectory.
-    test ! -d "$ac_dir" && mkdir "$ac_dir"
-    ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`"
-    # A "../" for each directory in $ac_dir_suffix.
-    ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'`
-  else
-    ac_dir_suffix= ac_dots=
-  fi
-
-  case "$ac_given_srcdir" in
-  .)  srcdir=.
-      if test -z "$ac_dots"; then top_srcdir=.
-      else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
-  /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
-  *) # Relative path.
-    srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
-    top_srcdir="$ac_dots$ac_given_srcdir" ;;
-  esac
-
-  case "$ac_given_INSTALL" in
-  [/$]*) INSTALL="$ac_given_INSTALL" ;;
-  *) INSTALL="$ac_dots$ac_given_INSTALL" ;;
-  esac
-
-  echo creating "$ac_file"
-  rm -f "$ac_file"
-  configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
-  case "$ac_file" in
-  *Makefile*) ac_comsub="1i\\
-# $configure_input" ;;
-  *) ac_comsub= ;;
-  esac
-
-  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
-  sed -e "$ac_comsub
-s%@configure_input@%$configure_input%g
-s%@srcdir@%$srcdir%g
-s%@top_srcdir@%$top_srcdir%g
-s%@INSTALL@%$INSTALL%g
-" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file
-fi; done
-rm -f conftest.s*
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s%^\([ 	]*\)#\([ 	]*define[ 	][ 	]*\)'
-ac_dB='\([ 	][ 	]*\)[^ 	]*%\1#\2'
-ac_dC='\3'
-ac_dD='%g'
-# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE".
-ac_uA='s%^\([ 	]*\)#\([ 	]*\)undef\([ 	][ 	]*\)'
-ac_uB='\([ 	]\)%\1#\2define\3'
-ac_uC=' '
-ac_uD='\4%g'
-# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_eA='s%^\([ 	]*\)#\([ 	]*\)undef\([ 	][ 	]*\)'
-ac_eB='$%\1#\2define\3'
-ac_eC=' '
-ac_eD='%g'
-
-if test "${CONFIG_HEADERS+set}" != set; then
-EOF
-cat >> $CONFIG_STATUS <<EOF
-  CONFIG_HEADERS="config.h"
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-fi
-for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then
-  # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
-  case "$ac_file" in
-  *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
-       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
-  *) ac_file_in="${ac_file}.in" ;;
-  esac
-
-  echo creating $ac_file
-
-  rm -f conftest.frag conftest.in conftest.out
-  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
-  cat $ac_file_inputs > conftest.in
-
-EOF
-
-# Transform confdefs.h into a sed script conftest.vals that substitutes
-# the proper values into config.h.in to produce config.h.  And first:
-# Protect against being on the right side of a sed subst in config.status.
-# Protect against being in an unquoted here document in config.status.
-rm -f conftest.vals
-cat > conftest.hdr <<\EOF
-s/[\\&%]/\\&/g
-s%[\\$`]%\\&%g
-s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp
-s%ac_d%ac_u%gp
-s%ac_u%ac_e%gp
-EOF
-sed -n -f conftest.hdr confdefs.h > conftest.vals
-rm -f conftest.hdr
-
-# This sed command replaces #undef with comments.  This is necessary, for
-# example, in the case of _POSIX_SOURCE, which is predefined and required
-# on some systems where configure will not decide to define it.
-cat >> conftest.vals <<\EOF
-s%^[ 	]*#[ 	]*undef[ 	][ 	]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */%
-EOF
-
-# Break up conftest.vals because some shells have a limit on
-# the size of here documents, and old seds have small limits too.
-
-rm -f conftest.tail
-while :
-do
-  ac_lines=`grep -c . conftest.vals`
-  # grep -c gives empty output for an empty file on some AIX systems.
-  if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi
-  # Write a limited-size here document to conftest.frag.
-  echo '  cat > conftest.frag <<CEOF' >> $CONFIG_STATUS
-  sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS
-  echo 'CEOF
-  sed -f conftest.frag conftest.in > conftest.out
-  rm -f conftest.in
-  mv conftest.out conftest.in
-' >> $CONFIG_STATUS
-  sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail
-  rm -f conftest.vals
-  mv conftest.tail conftest.vals
-done
-rm -f conftest.vals
-
-cat >> $CONFIG_STATUS <<\EOF
-  rm -f conftest.frag conftest.h
-  echo "/* $ac_file.  Generated automatically by configure.  */" > conftest.h
-  cat conftest.in >> conftest.h
-  rm -f conftest.in
-  if cmp -s $ac_file conftest.h 2>/dev/null; then
-    echo "$ac_file is unchanged"
-    rm -f conftest.h
-  else
-    # Remove last slash and all that follows it.  Not all systems have dirname.
-      ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
-      if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
-      # The file is in a subdirectory.
-      test ! -d "$ac_dir" && mkdir "$ac_dir"
-    fi
-    rm -f $ac_file
-    mv conftest.h $ac_file
-  fi
-fi; done
-
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-echo timestamp > stamp-h
-exit 0
-EOF
-chmod +x $CONFIG_STATUS
-rm -fr confdefs* $ac_clean_files
-test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/configure.in b/security/nss/tests/pkcs11/netscape/trivial/configure.in
deleted file mode 100644
index 76374882e..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/configure.in
+++ /dev/null
@@ -1,180 +0,0 @@
-dnl
-dnl The contents of this file are subject to the Mozilla Public
-dnl License Version 1.1 (the "License"); you may not use this file
-dnl except in compliance with the License. You may obtain a copy of
-dnl the License at http://www.mozilla.org/MPL/
-dnl 
-dnl Software distributed under the License is distributed on an "AS
-dnl IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-dnl implied. See the License for the specific language governing
-dnl rights and limitations under the License.
-dnl 
-dnl The Original Code is a trivial PKCS#11 test program.
-dnl 
-dnl The Initial Developer of the Original Code is Netscape
-dnl Communications Corp.  Portions created by Netscape are 
-dnl Copyright (C) 2000.  All Rights Reserved.
-dnl 
-dnl Contributor(s): 
-dnl
-dnl Alternatively, the contents of this file may be used under the
-dnl terms of the GNU General Public License Version 2 or later (the
-dnl "GPL"), in which case the provisions of the GPL are applicable 
-dnl instead of those above.  If you wish to allow use of your 
-dnl version of this file only under the terms of the GPL and not to
-dnl allow others to use your version of this file under the MPL,
-dnl indicate your decision by deleting the provisions above and
-dnl replace them with the notice and other provisions required by
-dnl the GPL.  If you do not delete the provisions above, a recipient
-dnl may use your version of this file under either the MPL or the
-dnl GPL.
-dnl
-
-dnl My revision info: "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-dnl Don't use AC_REVISION; it's broken
-
-AC_INIT(trivial.c)
-AC_CONFIG_HEADER(config.h)
-AC_PROG_MAKE_SET
-
-AC_ARG_WITH(nspr, [  --with-nspr[=path]      specify location of NSPR],
-[ case "$withval" in
-  no)
-    AC_MSG_ERROR(NSPR is required);;
-  yes)
-    NSPR_INCLUDE="$includedir"
-    NSPR_LIBPATH="$libdir"
-    ;;
-  *)
-    NSPR_INCLUDE="$withval/include"
-    NSPR_LIBPATH="$withval/lib"
-    ;;
-  esac ],
-[ NSPR_INCLUDE="$includedir"
-  NSPR_LIBPATH="$libdir" ]
-)
-
-NSPR_CFLAGS="-I$NSPR_INCLUDE"
-NSPR_LDFLAGS="-L$NSPR_LIBPATH -lnspr4 -lplc4 -lplds4"
-
-dnl This isn't optimum, but the mozilla build system and autoconf don't really mesh well..
-
-AC_ARG_WITH(nss-dist,    [  --with-nss-dist[=path]  specify path to NSS dist directory],
-[ case "$withval" in
-  no)
-    NSS_CFLAGS=""
-    nss="0"
-    ;;
-  yes)
-    AC_MSG_ERROR(You have to specify a path for --with-nss-dist)
-    ;;
-  *)
-    NSS_CFLAGS="-I$withval/private/security -I$withval/public/security"
-    nss="1"
-    ;;
-  esac ])
-
-AC_ARG_WITH(nss-hdrs, [  --with-nss-hdrs[=path]  or, specify path to installed NSS headers],
-[ if test "x$nss" != "x"; then
-    AC_MSG_ERROR(Only specify --with-nss-hdrs or --with-nss-dist, not both)
-  fi
-  case "$withval" in
-  no)
-    NSS_CFLAGS=""
-    nss="0"
-    ;;
-  yes)
-    NSS_CFLAGS="-I$includedir"
-    nss="1"
-    ;;
-  *)
-    NSS_CFLAGS="-I$withval"
-    nss="1"
-    ;;
-  esac ])
-
-AC_ARG_WITH(rsa-hdrs, [  --with-rsa-hdrs[=path]  if not using NSS, specify path to RSA headers],
-[ if test "x$nss" != "x"; then
-    AC_MSG_ERROR(Only specify --with-nss-{hdrs,dist} or --with-rsa-hdrs, not both)
-  fi
-  case "$withval" in
-  no)
-    rsa="0"
-    ;;
-  yes)
-    RSA_INCLUDE="$includedir"
-    rsa="1"
-    ;;
-  *)
-    RSA_INCLUDE="$withval"
-    rsa="1"
-    ;;
-  esac ])
-
-if test "x$nss" = "x"; then
-  if test "x$rsa" = "x"; then
-    RSA_INCLUDE="$includedir"
-  fi
-  RSA_CFLAGS="-I$RSA_INCLUDE"
-fi
-
-if test "x$nss" = "x1"; then
-  AC_DEFINE(WITH_NSS,1)
-fi
-
-AC_SUBST(WITH_NSS)
-
-if test "x$rsa" = "x1"; then
-  RSA_CFLAGS-"-I$RSA_INCLUDE"
-fi
-
-AC_ARG_ENABLE(debug, [  --disable-debug         default is enabled],
-[ case "$enableval" in
-  no)
-    DEBUG_CFLAGS="";;
-  yes)
-    DEBUG_CFLAGS="-DDEBUG";;
-  *)
-    DEBUG_CFLAGS="-DDEBUG";;
-  esac ], DEBUG_CFLAGS="-DDEBUG")
-
-dnl Checks for programs.
-AC_PROG_CC
-AC_PROG_CPP
-AC_PROG_INSTALL
-AC_PROG_RANLIB
-AC_CHECK_PROG(AR, ar, ar)
-AC_CHECK_PROG(LD, ld, ld)
-AC_CHECK_PROG(RM, rm, rm)
-AC_CHECK_PROG(TAR, tar, tar)
-AC_SUBST(CC INSTALL RANLIB AR LD RM TAR)
-
-CPPFLAGS="$CFLAGS $NSPR_CFLAGS $NSS_CFLAGS $RSA_CFLAGS $DEBUG_CFLAGS"
-LIBS="$NSPR_LDFLAGS $LIBS"
-
-AC_SUBST(CFLAGS)
-
-dnl Checks for libraries.
-AC_CHECK_LIB(nspr4, PR_Init)
-
-dnl Checks for header files.
-AC_CHECK_HEADERS(nspr.h)
-AC_SUBST(HAVE_NSPR_H)
-
-if test "x$nss" = "x1"; then
-  AC_CHECK_HEADERS(ck.h)
-fi
-
-if test "x$rsa" = "x1"; then
-  AC_CHECK_HEADERS(pkcs11t.h pkcs11.h)
-fi
-
-AC_SUBST(HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H)
-
-dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_SUBST(const)
-
-AC_CHECK_FUNCS(memset strlen)
-AC_SUBST(HAVE_MEMSET HAVE_STRLEN)
-AC_OUTPUT(Makefile, [echo timestamp > stamp-h])
diff --git a/security/nss/tests/pkcs11/netscape/trivial/install-sh b/security/nss/tests/pkcs11/netscape/trivial/install-sh
deleted file mode 100755
index e9de23842..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/install-sh
+++ /dev/null
@@ -1,251 +0,0 @@
-#!/bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
-#
-# Copyright 1991 by the Massachusetts Institute of Technology
-#
-# Permission to use, copy, modify, distribute, and sell this software and its
-# documentation for any purpose is hereby granted without fee, provided that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission.  M.I.T. makes no representations about the
-# suitability of this software for any purpose.  It is provided "as is"
-# without express or implied warranty.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch.  It can only install one file at a time, a restriction
-# shared with many OS's install programs.
-
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
-    case $1 in
-	-c) instcmd="$cpprog"
-	    shift
-	    continue;;
-
-	-d) dir_arg=true
-	    shift
-	    continue;;
-
-	-m) chmodcmd="$chmodprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-o) chowncmd="$chownprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-g) chgrpcmd="$chgrpprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-s) stripcmd="$stripprog"
-	    shift
-	    continue;;
-
-	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
-	    shift
-	    continue;;
-
-	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
-	    shift
-	    continue;;
-
-	*)  if [ x"$src" = x ]
-	    then
-		src=$1
-	    else
-		# this colon is to work around a 386BSD /bin/sh bug
-		:
-		dst=$1
-	    fi
-	    shift
-	    continue;;
-    esac
-done
-
-if [ x"$src" = x ]
-then
-	echo "install:	no input file specified"
-	exit 1
-else
-	true
-fi
-
-if [ x"$dir_arg" != x ]; then
-	dst=$src
-	src=""
-	
-	if [ -d $dst ]; then
-		instcmd=:
-		chmodcmd=""
-	else
-		instcmd=mkdir
-	fi
-else
-
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad 
-# if $src (and thus $dsttmp) contains '*'.
-
-	if [ -f $src -o -d $src ]
-	then
-		true
-	else
-		echo "install:  $src does not exist"
-		exit 1
-	fi
-	
-	if [ x"$dst" = x ]
-	then
-		echo "install:	no destination specified"
-		exit 1
-	else
-		true
-	fi
-
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
-	if [ -d $dst ]
-	then
-		dst="$dst"/`basename $src`
-	else
-		true
-	fi
-fi
-
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
-
-# Make sure that the destination directory exists.
-#  this part is taken from Noah Friedman's mkinstalldirs script
-
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='	
-'
-IFS="${IFS-${defaultIFS}}"
-
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
-IFS="${oIFS}"
-
-pathcomp=''
-
-while [ $# -ne 0 ] ; do
-	pathcomp="${pathcomp}${1}"
-	shift
-
-	if [ ! -d "${pathcomp}" ] ;
-        then
-		$mkdirprog "${pathcomp}"
-	else
-		true
-	fi
-
-	pathcomp="${pathcomp}/"
-done
-fi
-
-if [ x"$dir_arg" != x ]
-then
-	$doit $instcmd $dst &&
-
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
-else
-
-# If we're going to rename the final executable, determine the name now.
-
-	if [ x"$transformarg" = x ] 
-	then
-		dstfile=`basename $dst`
-	else
-		dstfile=`basename $dst $transformbasename | 
-			sed $transformarg`$transformbasename
-	fi
-
-# don't allow the sed command to completely eliminate the filename
-
-	if [ x"$dstfile" = x ] 
-	then
-		dstfile=`basename $dst`
-	else
-		true
-	fi
-
-# Make a temp file name in the proper directory.
-
-	dsttmp=$dstdir/#inst.$$#
-
-# Move or copy the file name to the temp name
-
-	$doit $instcmd $src $dsttmp &&
-
-	trap "rm -f ${dsttmp}" 0 &&
-
-# and set any options; do chmod last to preserve setuid bits
-
-# If any of these fail, we abort the whole thing.  If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
-
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
-
-# Now rename the file to the real destination.
-
-	$doit $rmcmd -f $dstdir/$dstfile &&
-	$doit $mvcmd $dsttmp $dstdir/$dstfile 
-
-fi &&
-
-
-exit 0
diff --git a/security/nss/tests/pkcs11/netscape/trivial/trivial.c b/security/nss/tests/pkcs11/netscape/trivial/trivial.c
deleted file mode 100644
index ea9ceb596..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/trivial.c
+++ /dev/null
@@ -1,1313 +0,0 @@
-/* 
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- * 
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- * 
- * The Original Code is a trivial PKCS#11 test program.
- * 
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation.  Portions created by Netscape are 
- * Copyright (C) 2000 Netscape Communications Corporation.  All
- * Rights Reserved.
- * 
- * Contributor(s):
- * 
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable 
- * instead of those above.  If you wish to allow use of your 
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL.  If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * This is a very trivial program I wrote for testing out a 
- * couple data-only Cryptoki modules for NSS.  It's not a "real"
- * test program that prints out nice "PASS" or "FAIL" messages;
- * it just makes calls and dumps data.
- */
-
-#include "config.h"
-
-#ifdef HAVE_NSPR_H
-#include "nspr.h"
-#else
-#error "NSPR is required."
-#endif
-
-#ifdef WITH_NSS
-#define FGMR 1
-#include "ck.h"
-#else
-#include "pkcs11t.h"
-#include "pkcs11.h"
-#endif
-
-/* The RSA versions are sloppier with namespaces */
-#ifndef CK_TRUE
-#define CK_TRUE TRUE
-#endif
-
-#ifndef CK_FALSE
-#define CK_FALSE FALSE
-#endif
-
-int
-rmain
-(
-  int argc,
-  char *argv[]
-);
-
-int
-main
-(
-  int argc,
-  char *argv[]
-)
-{
-  int rv = 0;
-
-  PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 14);
-  rv = rmain(argc, argv);
-  PR_Cleanup();
-
-  return rv;
-}
-
-static CK_ATTRIBUTE_TYPE all_known_attribute_types[] = {
-  CKA_CLASS,
-  CKA_TOKEN,
-  CKA_PRIVATE,
-  CKA_LABEL,
-  CKA_APPLICATION,
-  CKA_VALUE,
-  CKA_CERTIFICATE_TYPE,
-  CKA_ISSUER,
-  CKA_SERIAL_NUMBER,
-  CKA_KEY_TYPE,
-  CKA_SUBJECT,
-  CKA_ID,
-  CKA_SENSITIVE,
-  CKA_ENCRYPT,
-  CKA_DECRYPT,
-  CKA_WRAP,
-  CKA_UNWRAP,
-  CKA_SIGN,
-  CKA_SIGN_RECOVER,
-  CKA_VERIFY,
-  CKA_VERIFY_RECOVER,
-  CKA_DERIVE,
-  CKA_START_DATE,
-  CKA_END_DATE,
-  CKA_MODULUS,
-  CKA_MODULUS_BITS,
-  CKA_PUBLIC_EXPONENT,
-  CKA_PRIVATE_EXPONENT,
-  CKA_PRIME_1,
-  CKA_PRIME_2,
-  CKA_EXPONENT_1,
-  CKA_EXPONENT_2,
-  CKA_COEFFICIENT,
-  CKA_PRIME,
-  CKA_SUBPRIME,
-  CKA_BASE,
-  CKA_VALUE_BITS,
-  CKA_VALUE_LEN,
-  CKA_EXTRACTABLE,
-  CKA_LOCAL,
-  CKA_NEVER_EXTRACTABLE,
-  CKA_ALWAYS_SENSITIVE,
-  CKA_MODIFIABLE,
-#ifdef CKA_NETSCAPE
-  CKA_NETSCAPE_URL,
-  CKA_NETSCAPE_EMAIL,
-  CKA_NETSCAPE_SMIME_INFO,
-  CKA_NETSCAPE_SMIME_TIMESTAMP,
-  CKA_NETSCAPE_PKCS8_SALT,
-  CKA_NETSCAPE_PASSWORD_CHECK,
-  CKA_NETSCAPE_EXPIRES,
-#endif /* CKA_NETSCAPE */
-#ifdef CKA_TRUST
-  CKA_TRUST_DIGITAL_SIGNATURE,
-  CKA_TRUST_NON_REPUDIATION,
-  CKA_TRUST_KEY_ENCIPHERMENT,
-  CKA_TRUST_DATA_ENCIPHERMENT,
-  CKA_TRUST_KEY_AGREEMENT,
-  CKA_TRUST_KEY_CERT_SIGN,
-  CKA_TRUST_CRL_SIGN,
-  CKA_TRUST_SERVER_AUTH,
-  CKA_TRUST_CLIENT_AUTH,
-  CKA_TRUST_CODE_SIGNING,
-  CKA_TRUST_EMAIL_PROTECTION,
-  CKA_TRUST_IPSEC_END_SYSTEM,
-  CKA_TRUST_IPSEC_TUNNEL,
-  CKA_TRUST_IPSEC_USER,
-  CKA_TRUST_TIME_STAMPING,
-#endif /* CKA_TRUST */
-};
-
-static number_of_all_known_attribute_types = 
-  (sizeof(all_known_attribute_types)/sizeof(all_known_attribute_types[0]));
-
-int
-usage
-(
-  char *argv0
-)
-{
-  PR_fprintf(PR_STDERR, "Usage: %s [-i {string|--}] <library>.so\n", argv0);
-  return 1;
-}
-
-int
-rmain
-(
-  int argc,
-  char *argv[]
-)
-{
-  char *argv0 = argv[0];
-  PRLibrary *lib;
-  CK_C_GetFunctionList gfl;
-  CK_FUNCTION_LIST_PTR epv = (CK_FUNCTION_LIST_PTR)NULL;
-  CK_RV ck_rv;
-  CK_INFO info;
-  CK_ULONG nSlots;
-  CK_SLOT_ID *pSlots;
-  CK_ULONG i;
-  CK_C_INITIALIZE_ARGS ia, *iap;
-
-  (void)memset(&ia, 0, sizeof(CK_C_INITIALIZE_ARGS));
-  iap = (CK_C_INITIALIZE_ARGS *)NULL;
-  while( argv++, --argc ) {
-    if( '-' == argv[0][0] ) {
-      switch( argv[0][1] ) {
-      case 'i':
-        iap = &ia;
-        if( ((char *)NULL != argv[1]) && ('-' != argv[1][0]) ) {
-#ifdef WITH_NSS
-          ia.pConfig = argv[1];
-          ia.ulConfigLen = strlen(argv[1]);
-          argv++, --argc;
-#else
-          return usage(argv0);
-#endif /* WITH_NSS */
-        }
-        break;
-      case '-':
-        argv++, --argc;
-        goto endargs;
-      default:
-        return usage(argv0);
-      }
-    } else {
-      break;
-    }
-  }
- endargs:;
-
-  if( 1 != argc ) {
-    return usage(argv0);
-  }
-
-  lib = PR_LoadLibrary(argv[0]);
-  if( (PRLibrary *)NULL == lib ) {
-    PR_fprintf(PR_STDERR, "Can't load %s: %ld, %ld\n", argv[1], PR_GetError(), PR_GetOSError());
-    return 1;
-  }
-
-  gfl = (CK_C_GetFunctionList)PR_FindSymbol(lib, "C_GetFunctionList");
-  if( (CK_C_GetFunctionList)NULL == gfl ) {
-    PR_fprintf(PR_STDERR, "Can't find C_GetFunctionList in %s: %ld, %ld\n", argv[1], 
-               PR_GetError(), PR_GetOSError());
-    return 1;
-  }
-
-  ck_rv = (*gfl)(&epv);
-  if( CKR_OK != ck_rv ) {
-    PR_fprintf(PR_STDERR, "CK_GetFunctionList returned 0x%08x\n", ck_rv);
-    return 1;
-  }
-
-  PR_fprintf(PR_STDOUT, "Module %s loaded, epv = 0x%08x.\n\n", argv[1], (CK_ULONG)epv);
-
-  /* C_Initialize */
-  ck_rv = epv->C_Initialize(iap);
-  if( CKR_OK != ck_rv ) {
-    PR_fprintf(PR_STDERR, "C_Initialize returned 0x%08x\n", ck_rv);
-    return 1;
-  }
-
-  /* C_GetInfo */
-  (void)memset(&info, 0, sizeof(CK_INFO));
-  ck_rv = epv->C_GetInfo(&info);
-  if( CKR_OK != ck_rv ) {
-    PR_fprintf(PR_STDERR, "C_GetInfo returned 0x%08x\n", ck_rv);
-    return 1;
-  }
-
-  PR_fprintf(PR_STDOUT, "Module Info:\n");
-  PR_fprintf(PR_STDOUT, "    cryptokiVersion = %lu.%02lu\n", 
-             (PRUint32)info.cryptokiVersion.major, (PRUint32)info.cryptokiVersion.minor);
-  PR_fprintf(PR_STDOUT, "    manufacturerID = \"%.32s\"\n", info.manufacturerID);
-  PR_fprintf(PR_STDOUT, "    flags = 0x%08lx\n", info.flags);
-  PR_fprintf(PR_STDOUT, "    libraryDescription = \"%.32s\"\n", info.libraryDescription);
-  PR_fprintf(PR_STDOUT, "    libraryVersion = %lu.%02lu\n", 
-             (PRUint32)info.libraryVersion.major, (PRUint32)info.libraryVersion.minor);
-  PR_fprintf(PR_STDOUT, "\n");
-
-  /* C_GetSlotList */
-  nSlots = 0;
-  ck_rv = epv->C_GetSlotList(CK_FALSE, (CK_SLOT_ID_PTR)CK_NULL_PTR, &nSlots);
-  switch( ck_rv ) {
-  case CKR_BUFFER_TOO_SMALL:
-  case CKR_OK:
-    break;
-  default:
-    PR_fprintf(PR_STDERR, "C_GetSlotList(FALSE, NULL, ) returned 0x%08x\n", ck_rv);
-    return 1;
-  }
-
-  PR_fprintf(PR_STDOUT, "There are %lu slots.\n", nSlots);
-
-  pSlots = (CK_SLOT_ID_PTR)PR_Calloc(nSlots, sizeof(CK_SLOT_ID));
-  if( (CK_SLOT_ID_PTR)NULL == pSlots ) {
-    PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", nSlots * sizeof(CK_SLOT_ID));
-    return 1;
-  }
-
-  ck_rv = epv->C_GetSlotList(CK_FALSE, pSlots, &nSlots);
-  if( CKR_OK != ck_rv ) {
-    PR_fprintf(PR_STDERR, "C_GetSlotList(FALSE, , ) returned 0x%08x\n", ck_rv);
-    return 1;
-  }
-
-  for( i = 0; i < nSlots; i++ ) {
-    PR_fprintf(PR_STDOUT, "    [%lu]: CK_SLOT_ID = %lu\n", (i+1), pSlots[i]);
-  }
-
-  PR_fprintf(PR_STDOUT, "\n");
-
-  /* C_GetSlotInfo */
-  for( i = 0; i < nSlots; i++ ) {
-    CK_SLOT_INFO sinfo;
-
-    PR_fprintf(PR_STDOUT, "[%lu]: CK_SLOT_ID = %lu\n", (i+1), pSlots[i]);
-
-    (void)memset(&sinfo, 0, sizeof(CK_SLOT_INFO));
-    ck_rv = epv->C_GetSlotInfo(pSlots[i], &sinfo);
-    if( CKR_OK != ck_rv ) {
-      PR_fprintf(PR_STDERR, "C_GetSlotInfo(%lu, ) returned 0x%08x\n", pSlots[i], ck_rv);
-      return 1;
-    }
-
-    PR_fprintf(PR_STDOUT, "    Slot Info:\n");
-    PR_fprintf(PR_STDOUT, "        slotDescription = \"%.64s\"\n", sinfo.slotDescription);
-    PR_fprintf(PR_STDOUT, "        manufacturerID = \"%.32s\"\n", sinfo.manufacturerID);
-    PR_fprintf(PR_STDOUT, "        flags = 0x%08lx\n", sinfo.flags);
-    PR_fprintf(PR_STDOUT, "            -> TOKEN PRESENT = %s\n", 
-               sinfo.flags & CKF_TOKEN_PRESENT ? "TRUE" : "FALSE");
-    PR_fprintf(PR_STDOUT, "            -> REMOVABLE DEVICE = %s\n",
-               sinfo.flags & CKF_REMOVABLE_DEVICE ? "TRUE" : "FALSE");
-    PR_fprintf(PR_STDOUT, "            -> HW SLOT = %s\n", 
-               sinfo.flags & CKF_HW_SLOT ? "TRUE" : "FALSE");
-    PR_fprintf(PR_STDOUT, "        hardwareVersion = %lu.%02lu\n", 
-               (PRUint32)sinfo.hardwareVersion.major, (PRUint32)sinfo.hardwareVersion.minor);
-    PR_fprintf(PR_STDOUT, "        firmwareVersion = %lu.%02lu\n",
-               (PRUint32)sinfo.firmwareVersion.major, (PRUint32)sinfo.firmwareVersion.minor);
-
-    if( sinfo.flags & CKF_TOKEN_PRESENT ) {
-      CK_TOKEN_INFO tinfo;
-      CK_MECHANISM_TYPE *pMechanismList;
-      CK_ULONG nMechanisms = 0;
-      CK_ULONG j;
-
-      (void)memset(&tinfo, 0, sizeof(CK_TOKEN_INFO));
-      ck_rv = epv->C_GetTokenInfo(pSlots[i], &tinfo);
-      if( CKR_OK != ck_rv ) {
-        PR_fprintf(PR_STDERR, "C_GetTokenInfo(%lu, ) returned 0x%08x\n", pSlots[i], ck_rv);
-        return 1;
-      }
-
-      PR_fprintf(PR_STDOUT, "    Token Info:\n");
-      PR_fprintf(PR_STDOUT, "        label = \"%.32s\"\n", tinfo.label);
-      PR_fprintf(PR_STDOUT, "        manufacturerID = \"%.32s\"\n", tinfo.manufacturerID);
-      PR_fprintf(PR_STDOUT, "        model = \"%.16s\"\n", tinfo.model);
-      PR_fprintf(PR_STDOUT, "        serialNumber = \"%.16s\"\n", tinfo.serialNumber);
-      PR_fprintf(PR_STDOUT, "        flags = 0x%08lx\n", tinfo.flags);
-      PR_fprintf(PR_STDOUT, "            -> RNG = %s\n",
-                 tinfo.flags & CKF_RNG ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "            -> WRITE PROTECTED = %s\n",
-                 tinfo.flags & CKF_WRITE_PROTECTED ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "            -> LOGIN REQUIRED = %s\n",
-                 tinfo.flags & CKF_LOGIN_REQUIRED ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "            -> USER PIN INITIALIZED = %s\n",
-                 tinfo.flags & CKF_USER_PIN_INITIALIZED ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "            -> RESTORE KEY NOT NEEDED = %s\n",
-                 tinfo.flags & CKF_RESTORE_KEY_NOT_NEEDED ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "            -> CLOCK ON TOKEN = %s\n",
-                 tinfo.flags & CKF_CLOCK_ON_TOKEN ? "TRUE" : "FALSE");
-#ifdef CKF_SUPPORTS_PARALLEL
-      PR_fprintf(PR_STDOUT, "            -> SUPPORTS PARALLEL = %s\n",
-                 tinfo.flags & CKF_SUPPORTS_PARALLEL ? "TRUE" : "FALSE");
-#endif /* CKF_SUPPORTS_PARALLEL */
-      PR_fprintf(PR_STDOUT, "            -> PROTECTED AUTHENTICATION PATH = %s\n",
-                 tinfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "            -> DUAL_CRYPTO_OPERATIONS = %s\n", 
-                 tinfo.flags & CKF_DUAL_CRYPTO_OPERATIONS ? "TRUE" : "FALSE");
-      PR_fprintf(PR_STDOUT, "        ulMaxSessionCount = %lu\n", tinfo.ulMaxSessionCount);
-      PR_fprintf(PR_STDOUT, "        ulSessionCount = %lu\n", tinfo.ulSessionCount);
-      PR_fprintf(PR_STDOUT, "        ulMaxRwSessionCount = %lu\n", tinfo.ulMaxRwSessionCount);
-      PR_fprintf(PR_STDOUT, "        ulRwSessionCount = %lu\n", tinfo.ulRwSessionCount);
-      PR_fprintf(PR_STDOUT, "        ulMaxPinLen = %lu\n", tinfo.ulMaxPinLen);
-      PR_fprintf(PR_STDOUT, "        ulMinPinLen = %lu\n", tinfo.ulMinPinLen);
-      PR_fprintf(PR_STDOUT, "        ulTotalPublicMemory = %lu\n", tinfo.ulTotalPublicMemory);
-      PR_fprintf(PR_STDOUT, "        ulFreePublicMemory = %lu\n", tinfo.ulFreePublicMemory);
-      PR_fprintf(PR_STDOUT, "        ulTotalPrivateMemory = %lu\n", tinfo.ulTotalPrivateMemory);
-      PR_fprintf(PR_STDOUT, "        ulFreePrivateMemory = %lu\n", tinfo.ulFreePrivateMemory);
-      PR_fprintf(PR_STDOUT, "        hardwareVersion = %lu.%02lu\n", 
-                 (PRUint32)tinfo.hardwareVersion.major, (PRUint32)tinfo.hardwareVersion.minor);
-      PR_fprintf(PR_STDOUT, "        firmwareVersion = %lu.%02lu\n",
-                 (PRUint32)tinfo.firmwareVersion.major, (PRUint32)tinfo.firmwareVersion.minor);
-      PR_fprintf(PR_STDOUT, "        utcTime = \"%.16s\"\n", tinfo.utcTime);
-
-
-      ck_rv = epv->C_GetMechanismList(pSlots[i], (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR, &nMechanisms);
-      switch( ck_rv ) {
-      case CKR_BUFFER_TOO_SMALL:
-      case CKR_OK:
-        break;
-      default:
-        PR_fprintf(PR_STDERR, "C_GetMechanismList(%lu, NULL, ) returned 0x%08x\n", pSlots[i], ck_rv);
-        return 1;
-      }
-
-      PR_fprintf(PR_STDOUT, "    %lu mechanisms:\n", nMechanisms);
-
-      pMechanismList = (CK_MECHANISM_TYPE_PTR)PR_Calloc(nMechanisms, sizeof(CK_MECHANISM_TYPE));
-      if( (CK_MECHANISM_TYPE_PTR)NULL == pMechanismList ) {
-        PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", 
-                   nMechanisms * sizeof(CK_MECHANISM_TYPE));
-        return 1;
-      }
-
-      ck_rv = epv->C_GetMechanismList(pSlots[i], pMechanismList, &nMechanisms);
-      if( CKR_OK != ck_rv ) {
-        PR_fprintf(PR_STDERR, "C_GetMechanismList(%lu, , ) returned 0x%08x\n", pSlots[i], ck_rv);
-        return 1;
-      }
-
-      for( j = 0; j < nMechanisms; j++ ) {
-        PR_fprintf(PR_STDOUT, "        {%lu}: CK_MECHANISM_TYPE = %lu\n", (j+1), pMechanismList[j]);
-      }
-
-      PR_fprintf(PR_STDOUT, "\n");
-
-      for( j = 0; j < nMechanisms; j++ ) {
-        CK_MECHANISM_INFO minfo;
-
-        (void)memset(&minfo, 0, sizeof(CK_MECHANISM_INFO));
-        ck_rv = epv->C_GetMechanismInfo(pSlots[i], pMechanismList[j], &minfo);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_GetMechanismInfo(%lu, %lu, ) returned 0x%08x\n", pSlots[i], 
-                     pMechanismList[j]);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    [%lu]: CK_MECHANISM_TYPE = %lu\n", (j+1), pMechanismList[j]);
-        PR_fprintf(PR_STDOUT, "    ulMinKeySize = %lu\n", minfo.ulMinKeySize);
-        PR_fprintf(PR_STDOUT, "    ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
-        PR_fprintf(PR_STDOUT, "    flags = 0x%08x\n", minfo.flags);
-        PR_fprintf(PR_STDOUT, "        -> HW = %s\n", minfo.flags & CKF_HW ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> SIGN = %s\n", minfo.flags & CKF_SIGN ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> SIGN_RECOVER = %s\n", minfo.flags & CKF_SIGN_RECOVER ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> VERIFY_RECOVER = %s\n", minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> GENERATE_KEY_PAIR = %s\n", minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> WRAP = %s\n", minfo.flags & CKF_WRAP ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "        -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? "TRUE" : "FALSE");
-
-        PR_fprintf(PR_STDOUT, "\n");
-      }
-
-      if( tinfo.flags & CKF_LOGIN_REQUIRED ) {
-        PR_fprintf(PR_STDERR, "*** LOGIN REQUIRED but not yet implemented ***\n");
-        /* all the stuff about logging in as SO and setting the user pin if needed, etc. */
-        return 2;
-      }
-
-      /* session to find objects */
-      {
-        CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
-        CK_SESSION_INFO sinfo;
-        CK_ATTRIBUTE_PTR pTemplate;
-        CK_ULONG tnObjects = 0;
-
-        ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Opened a session: handle = 0x%08x\n", h);
-
-        (void)memset(&sinfo, 0, sizeof(CK_SESSION_INFO));
-        ck_rv = epv->C_GetSessionInfo(h, &sinfo);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDOUT, "C_GetSessionInfo(%lu, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    SESSION INFO:\n");
-        PR_fprintf(PR_STDOUT, "        slotID = %lu\n", sinfo.slotID);
-        PR_fprintf(PR_STDOUT, "        state = %lu\n", sinfo.state);
-        PR_fprintf(PR_STDOUT, "        flags = 0x%08x\n", sinfo.flags);
-#ifdef CKF_EXCLUSIVE_SESSION
-        PR_fprintf(PR_STDOUT, "            -> EXCLUSIVE SESSION = %s\n", sinfo.flags & CKF_EXCLUSIVE_SESSION ? "TRUE" : "FALSE");
-#endif /* CKF_EXCLUSIVE_SESSION */
-        PR_fprintf(PR_STDOUT, "            -> RW SESSION = %s\n", sinfo.flags & CKF_RW_SESSION ? "TRUE" : "FALSE");
-        PR_fprintf(PR_STDOUT, "            -> SERIAL SESSION = %s\n", sinfo.flags & CKF_SERIAL_SESSION ? "TRUE" : "FALSE");
-#ifdef CKF_INSERTION_CALLBACK
-        PR_fprintf(PR_STDOUT, "            -> INSERTION CALLBACK = %s\n", sinfo.flags & CKF_INSERTION_CALLBACK ? "TRUE" : "FALSE");
-#endif /* CKF_INSERTION_CALLBACK */
-        PR_fprintf(PR_STDOUT, "        ulDeviceError = %lu\n", sinfo.ulDeviceError);
-        PR_fprintf(PR_STDOUT, "\n");
-
-        ck_rv = epv->C_FindObjectsInit(h, (CK_ATTRIBUTE_PTR)CK_NULL_PTR, 0);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDOUT, "C_FindObjectsInit(%lu, NULL_PTR, 0) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        pTemplate = (CK_ATTRIBUTE_PTR)PR_Calloc(number_of_all_known_attribute_types, sizeof(CK_ATTRIBUTE));
-        if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
-          PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", 
-                     number_of_all_known_attribute_types * sizeof(CK_ATTRIBUTE));
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    All objects:\n");
-
-        while(1) {
-          CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
-          CK_ULONG nObjects = 0;
-          CK_ULONG k;
-          CK_ULONG nAttributes = 0;
-          CK_ATTRIBUTE_PTR pT2;
-          CK_ULONG l;
-
-          ck_rv = epv->C_FindObjects(h, &o, 1, &nObjects);
-          if( CKR_OK != ck_rv ) {
-            PR_fprintf(PR_STDERR, "C_FindObjects(%lu, , 1, ) returned 0x%08x\n", h, ck_rv);
-            return 1;
-          }
-
-          if( 0 == nObjects ) {
-            PR_fprintf(PR_STDOUT, "\n");
-            break;
-          }
-
-          tnObjects++;
-
-          PR_fprintf(PR_STDOUT, "        OBJECT HANDLE %lu:\n", o);
-
-          for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
-            pTemplate[k].type = all_known_attribute_types[k];
-            pTemplate[k].pValue = (CK_VOID_PTR)CK_NULL_PTR;
-            pTemplate[k].ulValueLen = 0;
-          }
-
-          ck_rv = epv->C_GetAttributeValue(h, o, pTemplate, number_of_all_known_attribute_types);
-          switch( ck_rv ) {
-          case CKR_OK:
-          case CKR_ATTRIBUTE_SENSITIVE:
-          case CKR_ATTRIBUTE_TYPE_INVALID:
-          case CKR_BUFFER_TOO_SMALL:
-            break;
-          default:
-            PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, {all attribute types}, %lu) returned 0x%08x\n",
-                       h, o, number_of_all_known_attribute_types, ck_rv);
-            return 1;
-          }
-
-          for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
-            if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
-              nAttributes++;
-            }
-          }
-
-          if( 1 ) {
-            PR_fprintf(PR_STDOUT, "            %lu attributes:\n", nAttributes);
-            for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
-              if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
-                PR_fprintf(PR_STDOUT, "                0x%08x (len = %lu)\n", pTemplate[k].type, 
-                           pTemplate[k].ulValueLen);
-              }
-            }
-            PR_fprintf(PR_STDOUT, "\n");
-          }
-
-          pT2 = (CK_ATTRIBUTE_PTR)PR_Calloc(nAttributes, sizeof(CK_ATTRIBUTE));
-          if( (CK_ATTRIBUTE_PTR)NULL == pT2 ) {
-            PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", 
-                       nAttributes * sizeof(CK_ATTRIBUTE));
-            return 1;
-          }
-
-          for( l = 0, k = 0; k < number_of_all_known_attribute_types; k++ ) {
-            if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
-              pT2[l].type = pTemplate[k].type;
-              pT2[l].ulValueLen = pTemplate[k].ulValueLen;
-              pT2[l].pValue = (CK_VOID_PTR)PR_Malloc(pT2[l].ulValueLen);
-              if( (CK_VOID_PTR)NULL == pT2[l].pValue ) {
-                PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", pT2[l].ulValueLen);
-                return 1;
-              }
-              l++;
-            }
-          }
-
-          PR_ASSERT( l == nAttributes );
-
-          ck_rv = epv->C_GetAttributeValue(h, o, pT2, nAttributes);
-          switch( ck_rv ) {
-          case CKR_OK:
-          case CKR_ATTRIBUTE_SENSITIVE:
-          case CKR_ATTRIBUTE_TYPE_INVALID:
-          case CKR_BUFFER_TOO_SMALL:
-            break;
-          default:
-            PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, {existant attribute types}, %lu) returned 0x%08x\n",
-                       h, o, nAttributes, ck_rv);
-            return 1;
-          }
-
-          for( l = 0; l < nAttributes; l++ ) {
-            PR_fprintf(PR_STDOUT, "            type = 0x%08x, len = %ld", pT2[l].type, (CK_LONG)pT2[l].ulValueLen);
-            if( -1 == (CK_LONG)pT2[l].ulValueLen ) {
-              ;
-            } else {
-              CK_ULONG m;
-
-              if( pT2[l].ulValueLen <= 8 ) {
-                PR_fprintf(PR_STDOUT, ", value = ");
-              } else {
-                PR_fprintf(PR_STDOUT, ", value = \n                ");
-              }
-
-              for( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
-                PR_fprintf(PR_STDOUT, "%02x", (CK_ULONG)(0xff & ((CK_CHAR_PTR)pT2[l].pValue)[m]));
-              }
-
-              PR_fprintf(PR_STDOUT, " ");
-
-              for( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
-                CK_CHAR c = ((CK_CHAR_PTR)pT2[l].pValue)[m];
-                if( (c < 0x20) || (c >= 0x7f) ) {
-                  c = '.';
-                }
-                PR_fprintf(PR_STDOUT, "%c", c);
-              }
-            }
-
-            PR_fprintf(PR_STDOUT, "\n");
-          }
-          
-          PR_fprintf(PR_STDOUT, "\n");
-
-          for( l = 0; l < nAttributes; l++ ) {
-            PR_Free(pT2[l].pValue);
-          }
-          PR_Free(pT2);
-        } /* while(1) */
-
-        ck_rv = epv->C_FindObjectsFinal(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    (%lu objects total)\n", tnObjects);
-
-        ck_rv = epv->C_CloseSession(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CloseSession(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-      } /* session to find objects */
-
-      /* session to create, find, and delete a couple session objects */
-      {
-        CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
-        CK_ATTRIBUTE one[7], two[7], three[7], delta[1], mask[1];
-        CK_OBJECT_CLASS cko_data = CKO_DATA;
-        CK_BBOOL false = CK_FALSE, true = CK_TRUE;
-        char *key = "TEST PROGRAM";
-        CK_ULONG key_len = strlen(key);
-        CK_OBJECT_HANDLE hOneIn = (CK_OBJECT_HANDLE)0, hTwoIn = (CK_OBJECT_HANDLE)0, 
-          hThreeIn = (CK_OBJECT_HANDLE)0, hDeltaIn = (CK_OBJECT_HANDLE)0;
-        CK_OBJECT_HANDLE found[10];
-        CK_ULONG nFound;
-
-        ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Opened a session: handle = 0x%08x\n", h);
-
-        one[0].type = CKA_CLASS;
-        one[0].pValue = &cko_data;
-        one[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        one[1].type = CKA_TOKEN;
-        one[1].pValue = &false;
-        one[1].ulValueLen = sizeof(CK_BBOOL);
-        one[2].type = CKA_PRIVATE;
-        one[2].pValue = &false;
-        one[2].ulValueLen = sizeof(CK_BBOOL);
-        one[3].type = CKA_MODIFIABLE;
-        one[3].pValue = &true;
-        one[3].ulValueLen = sizeof(CK_BBOOL);
-        one[4].type = CKA_LABEL;
-        one[4].pValue = "Test data object one";
-        one[4].ulValueLen = strlen(one[4].pValue);
-        one[5].type = CKA_APPLICATION;
-        one[5].pValue = key;
-        one[5].ulValueLen = key_len;
-        one[6].type = CKA_VALUE;
-        one[6].pValue = "Object one";
-        one[6].ulValueLen = strlen(one[6].pValue);
-
-        two[0].type = CKA_CLASS;
-        two[0].pValue = &cko_data;
-        two[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        two[1].type = CKA_TOKEN;
-        two[1].pValue = &false;
-        two[1].ulValueLen = sizeof(CK_BBOOL);
-        two[2].type = CKA_PRIVATE;
-        two[2].pValue = &false;
-        two[2].ulValueLen = sizeof(CK_BBOOL);
-        two[3].type = CKA_MODIFIABLE;
-        two[3].pValue = &true;
-        two[3].ulValueLen = sizeof(CK_BBOOL);
-        two[4].type = CKA_LABEL;
-        two[4].pValue = "Test data object two";
-        two[4].ulValueLen = strlen(two[4].pValue);
-        two[5].type = CKA_APPLICATION;
-        two[5].pValue = key;
-        two[5].ulValueLen = key_len;
-        two[6].type = CKA_VALUE;
-        two[6].pValue = "Object two";
-        two[6].ulValueLen = strlen(two[6].pValue);
-
-        three[0].type = CKA_CLASS;
-        three[0].pValue = &cko_data;
-        three[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        three[1].type = CKA_TOKEN;
-        three[1].pValue = &false;
-        three[1].ulValueLen = sizeof(CK_BBOOL);
-        three[2].type = CKA_PRIVATE;
-        three[2].pValue = &false;
-        three[2].ulValueLen = sizeof(CK_BBOOL);
-        three[3].type = CKA_MODIFIABLE;
-        three[3].pValue = &true;
-        three[3].ulValueLen = sizeof(CK_BBOOL);
-        three[4].type = CKA_LABEL;
-        three[4].pValue = "Test data object three";
-        three[4].ulValueLen = strlen(three[4].pValue);
-        three[5].type = CKA_APPLICATION;
-        three[5].pValue = key;
-        three[5].ulValueLen = key_len;
-        three[6].type = CKA_VALUE;
-        three[6].pValue = "Object three";
-        three[6].ulValueLen = strlen(three[6].pValue);
-
-        ck_rv = epv->C_CreateObject(h, one, 7, &hOneIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, one, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created object one: handle = %lu\n", hOneIn);
-
-        ck_rv = epv->C_CreateObject(h, two, 7, &hTwoIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, two, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created object two: handle = %lu\n", hTwoIn);
-
-        ck_rv = epv->C_CreateObject(h, three, 7, &hThreeIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, three, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created object three: handle = %lu\n", hThreeIn);
-
-        delta[0].type = CKA_VALUE;
-        delta[0].pValue = "Copied object";
-        delta[0].ulValueLen = strlen(delta[0].pValue);
-
-        ck_rv = epv->C_CopyObject(h, hThreeIn, delta, 1, &hDeltaIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CopyObject(%lu, %lu, delta, 1, ) returned 0x%08x\n", 
-                     h, hThreeIn, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Copied object three: new handle = %lu\n", hDeltaIn);
-
-        mask[0].type = CKA_APPLICATION;
-        mask[0].pValue = key;
-        mask[0].ulValueLen = key_len;
-
-        ck_rv = epv->C_FindObjectsInit(h, mask, 1);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        (void)memset(&found, 0, sizeof(found));
-        nFound = 0;
-        ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        if( 4 != nFound ) {
-          PR_fprintf(PR_STDERR, "Found %lu objects, not 4.\n", nFound);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Found 4 objects: %lu, %lu, %lu, %lu\n", 
-                   found[0], found[1], found[2], found[3]);
-
-        ck_rv = epv->C_FindObjectsFinal(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        ck_rv = epv->C_DestroyObject(h, hThreeIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, hThreeIn, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Destroyed object three (handle = %lu)\n", hThreeIn);
-
-        delta[0].type = CKA_APPLICATION;
-        delta[0].pValue = "Changed application";
-        delta[0].ulValueLen = strlen(delta[0].pValue);
-
-        ck_rv = epv->C_SetAttributeValue(h, hTwoIn, delta, 1);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n", 
-                     h, hTwoIn, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Changed object two (handle = %lu).\n", hTwoIn);
-
-        /* Can another session find these session objects? */
-        {
-          CK_SESSION_HANDLE h2 = (CK_SESSION_HANDLE)0;
-
-          ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h2);
-          if( CKR_OK != ck_rv ) {
-            PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
-            return 1;
-          }
-
-          PR_fprintf(PR_STDOUT, "    Opened a second session: handle = 0x%08x\n", h2);
-
-          /* mask is still the same */
-
-          ck_rv = epv->C_FindObjectsInit(h2, mask, 1);
-          if( CKR_OK != ck_rv ) {
-            PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n", 
-                       h2, ck_rv);
-            return 1;
-          }
-
-          (void)memset(&found, 0, sizeof(found));
-          nFound = 0;
-          ck_rv = epv->C_FindObjects(h2, found, 10, &nFound);
-          if( CKR_OK != ck_rv ) {
-            PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n", 
-                       h2, ck_rv);
-            return 1;
-          }
-
-          if( 2 != nFound ) {
-            PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
-            return 1;
-          }
-
-          PR_fprintf(PR_STDOUT, "    Found 2 objects: %lu, %lu\n", 
-                     found[0], found[1]);
-
-          ck_rv = epv->C_FindObjectsFinal(h2);
-          if( CKR_OK != ck_rv ) {
-            PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h2, ck_rv);
-            return 1;
-          }
-
-          /* Leave the session hanging open, we'll CloseAllSessions later */
-        } /* Can another session find these session objects? */
-
-        ck_rv = epv->C_CloseAllSessions(pSlots[i]);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CloseAllSessions(%lu) returned 0x%08x\n", pSlots[i], ck_rv);
-          return 1;
-        }
-      } /* session to create, find, and delete a couple session objects */
-
-      /* Might be interesting to do a find here to verify that all session objects are gone. */
-
-      if( tinfo.flags & CKF_WRITE_PROTECTED ) {
-        PR_fprintf(PR_STDOUT, "Token is write protected, skipping token-object tests.\n");
-      } else {
-        CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
-        CK_ATTRIBUTE tobj[7], tsobj[7], stobj[7], delta[1], mask[2];
-        CK_OBJECT_CLASS cko_data = CKO_DATA;
-        CK_BBOOL false = CK_FALSE, true = CK_TRUE;
-        char *key = "TEST PROGRAM";
-        CK_ULONG key_len = strlen(key);
-        CK_OBJECT_HANDLE hTIn = (CK_OBJECT_HANDLE)0, hTSIn = (CK_OBJECT_HANDLE)0, 
-          hSTIn = (CK_OBJECT_HANDLE)0, hDeltaIn = (CK_OBJECT_HANDLE)0;
-        CK_OBJECT_HANDLE found[10];
-        CK_ULONG nFound;
-
-        ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Opened a session: handle = 0x%08x\n", h);
-
-        tobj[0].type = CKA_CLASS;
-        tobj[0].pValue = &cko_data;
-        tobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        tobj[1].type = CKA_TOKEN;
-        tobj[1].pValue = &true;
-        tobj[1].ulValueLen = sizeof(CK_BBOOL);
-        tobj[2].type = CKA_PRIVATE;
-        tobj[2].pValue = &false;
-        tobj[2].ulValueLen = sizeof(CK_BBOOL);
-        tobj[3].type = CKA_MODIFIABLE;
-        tobj[3].pValue = &true;
-        tobj[3].ulValueLen = sizeof(CK_BBOOL);
-        tobj[4].type = CKA_LABEL;
-        tobj[4].pValue = "Test data object token";
-        tobj[4].ulValueLen = strlen(tobj[4].pValue);
-        tobj[5].type = CKA_APPLICATION;
-        tobj[5].pValue = key;
-        tobj[5].ulValueLen = key_len;
-        tobj[6].type = CKA_VALUE;
-        tobj[6].pValue = "Object token";
-        tobj[6].ulValueLen = strlen(tobj[6].pValue);
-
-        tsobj[0].type = CKA_CLASS;
-        tsobj[0].pValue = &cko_data;
-        tsobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        tsobj[1].type = CKA_TOKEN;
-        tsobj[1].pValue = &true;
-        tsobj[1].ulValueLen = sizeof(CK_BBOOL);
-        tsobj[2].type = CKA_PRIVATE;
-        tsobj[2].pValue = &false;
-        tsobj[2].ulValueLen = sizeof(CK_BBOOL);
-        tsobj[3].type = CKA_MODIFIABLE;
-        tsobj[3].pValue = &true;
-        tsobj[3].ulValueLen = sizeof(CK_BBOOL);
-        tsobj[4].type = CKA_LABEL;
-        tsobj[4].pValue = "Test data object token->session";
-        tsobj[4].ulValueLen = strlen(tsobj[4].pValue);
-        tsobj[5].type = CKA_APPLICATION;
-        tsobj[5].pValue = key;
-        tsobj[5].ulValueLen = key_len;
-        tsobj[6].type = CKA_VALUE;
-        tsobj[6].pValue = "Object token->session";
-        tsobj[6].ulValueLen = strlen(tsobj[6].pValue);
-
-        stobj[0].type = CKA_CLASS;
-        stobj[0].pValue = &cko_data;
-        stobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        stobj[1].type = CKA_TOKEN;
-        stobj[1].pValue = &false;
-        stobj[1].ulValueLen = sizeof(CK_BBOOL);
-        stobj[2].type = CKA_PRIVATE;
-        stobj[2].pValue = &false;
-        stobj[2].ulValueLen = sizeof(CK_BBOOL);
-        stobj[3].type = CKA_MODIFIABLE;
-        stobj[3].pValue = &true;
-        stobj[3].ulValueLen = sizeof(CK_BBOOL);
-        stobj[4].type = CKA_LABEL;
-        stobj[4].pValue = "Test data object session->token";
-        stobj[4].ulValueLen = strlen(stobj[4].pValue);
-        stobj[5].type = CKA_APPLICATION;
-        stobj[5].pValue = key;
-        stobj[5].ulValueLen = key_len;
-        stobj[6].type = CKA_VALUE;
-        stobj[6].pValue = "Object session->token";
-        stobj[6].ulValueLen = strlen(stobj[6].pValue);
-
-        ck_rv = epv->C_CreateObject(h, tobj, 7, &hTIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created object token: handle = %lu\n", hTIn);
-
-        ck_rv = epv->C_CreateObject(h, tsobj, 7, &hTSIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created object token->session: handle = %lu\n", hTSIn);
-        ck_rv = epv->C_CreateObject(h, stobj, 7, &hSTIn);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created object session->token: handle = %lu\n", hSTIn);
-
-        /* I've created two token objects and one session object; find the two */
-
-        mask[0].type = CKA_APPLICATION;
-        mask[0].pValue = key;
-        mask[0].ulValueLen = key_len;
-        mask[1].type = CKA_TOKEN;
-        mask[1].pValue = &true;
-        mask[1].ulValueLen = sizeof(CK_BBOOL);
-
-        ck_rv = epv->C_FindObjectsInit(h, mask, 2);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        (void)memset(&found, 0, sizeof(found));
-        nFound = 0;
-        ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        if( 2 != nFound ) {
-          PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Found 2 objects: %lu, %lu\n", 
-                   found[0], found[1]);
-
-        ck_rv = epv->C_FindObjectsFinal(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        /* Convert a token to session object */
-
-        delta[0].type = CKA_TOKEN;
-        delta[0].pValue = &false;
-        delta[0].ulValueLen = sizeof(CK_BBOOL);
-
-        ck_rv = epv->C_SetAttributeValue(h, hTSIn, delta, 1);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n", 
-                     h, hTSIn, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Changed object from token to session (handle = %lu).\n", hTSIn);
-
-        /* Now find again; there should be one */
-
-        mask[0].type = CKA_APPLICATION;
-        mask[0].pValue = key;
-        mask[0].ulValueLen = key_len;
-        mask[1].type = CKA_TOKEN;
-        mask[1].pValue = &true;
-        mask[1].ulValueLen = sizeof(CK_BBOOL);
-
-        ck_rv = epv->C_FindObjectsInit(h, mask, 2);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        (void)memset(&found, 0, sizeof(found));
-        nFound = 0;
-        ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        if( 1 != nFound ) {
-          PR_fprintf(PR_STDERR, "Found %lu objects, not 1.\n", nFound);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Found 1 objects: %lu\n", 
-                   found[0]);
-
-        ck_rv = epv->C_FindObjectsFinal(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        /* Convert a session to a token object */
-
-        delta[0].type = CKA_TOKEN;
-        delta[0].pValue = &true;
-        delta[0].ulValueLen = sizeof(CK_BBOOL);
-
-        ck_rv = epv->C_SetAttributeValue(h, hSTIn, delta, 1);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n", 
-                     h, hSTIn, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Changed object from session to token (handle = %lu).\n", hSTIn);
-
-        /* Now find again; there should be two again */
-
-        mask[0].type = CKA_APPLICATION;
-        mask[0].pValue = key;
-        mask[0].ulValueLen = key_len;
-        mask[1].type = CKA_TOKEN;
-        mask[1].pValue = &true;
-        mask[1].ulValueLen = sizeof(CK_BBOOL);
-
-        ck_rv = epv->C_FindObjectsInit(h, mask, 2);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        (void)memset(&found, 0, sizeof(found));
-        nFound = 0;
-        ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        if( 2 != nFound ) {
-          PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Found 2 objects: %lu, %lu\n", 
-                   found[0], found[1]);
-
-        ck_rv = epv->C_FindObjectsFinal(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        /* Delete the two (found) token objects to clean up */
-
-        ck_rv = epv->C_DestroyObject(h, found[0]);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, found[0], ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Destroyed token object (handle = %lu)\n", found[0]);
-
-        ck_rv = epv->C_DestroyObject(h, found[1]);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, found[1], ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Destroyed token object (handle = %lu)\n", found[1]);
-        
-        /* Close the session and all objects should be gone */
-
-        ck_rv = epv->C_CloseSession(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CloseSession(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-      } /* if( tinfo.flags & CKF_WRITE_PROTECTED ) */
-
-      if( tinfo.flags & CKF_WRITE_PROTECTED ) {
-        PR_fprintf(PR_STDOUT, "Token is write protected, skipping leaving a record.\n");
-      } else {
-        CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
-        CK_ATTRIBUTE record[7], mask[2];
-        CK_OBJECT_CLASS cko_data = CKO_DATA;
-        CK_BBOOL false = CK_FALSE, true = CK_TRUE;
-        char *key = "TEST RECORD";
-        CK_ULONG key_len = strlen(key);
-        CK_OBJECT_HANDLE hin = (CK_OBJECT_HANDLE)0;
-        char timebuffer[256];
-
-        ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Opened a session: handle = 0x%08x\n", h);
-
-        /* I can't believe how hard NSPR makes this operation */
-        {
-          time_t now = 0;
-          struct tm *tm;
-          time(&now);
-          tm = localtime(&now);
-          strftime(timebuffer, sizeof(timebuffer), "%Y-%m-%d %T %Z", tm);
-        }
-
-        record[0].type = CKA_CLASS;
-        record[0].pValue = &cko_data;
-        record[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        record[1].type = CKA_TOKEN;
-        record[1].pValue = &true;
-        record[1].ulValueLen = sizeof(CK_BBOOL);
-        record[2].type = CKA_PRIVATE;
-        record[2].pValue = &false;
-        record[2].ulValueLen = sizeof(CK_BBOOL);
-        record[3].type = CKA_MODIFIABLE;
-        record[3].pValue = &true;
-        record[3].ulValueLen = sizeof(CK_BBOOL);
-        record[4].type = CKA_LABEL;
-        record[4].pValue = "Test record";
-        record[4].ulValueLen = strlen(record[4].pValue);
-        record[5].type = CKA_APPLICATION;
-        record[5].pValue = key;
-        record[5].ulValueLen = key_len;
-        record[6].type = CKA_VALUE;
-        record[6].pValue = timebuffer;
-        record[6].ulValueLen = strlen(timebuffer)+1;
-
-        PR_fprintf(PR_STDOUT, "    Timestamping with \"%s\"\n", timebuffer);
-
-        ck_rv = epv->C_CreateObject(h, record, 7, &hin);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-
-        PR_fprintf(PR_STDOUT, "    Created record object: handle = %lu\n", hin);
-        
-        PR_fprintf(PR_STDOUT, "   == All test timestamps ==\n");
-
-        mask[0].type = CKA_CLASS;
-        mask[0].pValue = &cko_data;
-        mask[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
-        mask[1].type = CKA_APPLICATION;
-        mask[1].pValue = key;
-        mask[1].ulValueLen = key_len;
-
-        ck_rv = epv->C_FindObjectsInit(h, mask, 2);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n", 
-                     h, ck_rv);
-          return 1;
-        }
-
-        while( 1 ) {
-          CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
-          CK_ULONG nObjects = 0;
-          CK_ATTRIBUTE value[1];
-          char buffer[1024];
-
-          ck_rv = epv->C_FindObjects(h, &o, 1, &nObjects);
-          if( CKR_OK != ck_rv ) {
-            PR_fprintf(PR_STDERR, "C_FindObjects(%lu, , 1, ) returned 0x%08x\n", h, ck_rv);
-            return 1;
-          }
-
-          if( 0 == nObjects ) {
-            PR_fprintf(PR_STDOUT, "\n");
-            break;
-          }
-
-          value[0].type = CKA_VALUE;
-          value[0].pValue = buffer;
-          value[0].ulValueLen = sizeof(buffer);
-
-          ck_rv = epv->C_GetAttributeValue(h, o, value, 1);
-          switch( ck_rv ) {
-          case CKR_OK:
-            PR_fprintf(PR_STDOUT, "    %s\n", value[0].pValue);
-            break;
-          case CKR_ATTRIBUTE_SENSITIVE:
-            PR_fprintf(PR_STDOUT, "    [Sensitive???]\n");
-            break;
-          case CKR_ATTRIBUTE_TYPE_INVALID:
-            PR_fprintf(PR_STDOUT, "    [Invalid attribute???]\n");
-            break;
-          case CKR_BUFFER_TOO_SMALL:
-            PR_fprintf(PR_STDOUT, "    (result > 1k (%lu))\n", value[0].ulValueLen);
-            break;
-          default:
-            PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, CKA_VALUE, 1) returned 0x%08x\n",
-                       h, o);
-            return 1;
-          }
-        } /* while */
-
-        ck_rv = epv->C_FindObjectsFinal(h);
-        if( CKR_OK != ck_rv ) {
-          PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
-          return 1;
-        }
-      } /* "leaving a record" else clause */
-
-    }
-
-    PR_fprintf(PR_STDOUT, "\n");
-  }
-
-  return 0;
-}
diff --git a/security/nss/tests/platformlist b/security/nss/tests/platformlist
deleted file mode 100644
index ee3b5261e..000000000
--- a/security/nss/tests/platformlist
+++ /dev/null
@@ -1,13 +0,0 @@
-AIX_3_64_bit
-HP-UX_B.11.00_64_bit
-OSF1_V5.0
-RH_Linux_6.2_(Zoot)
-RH_Linux_7.1_(Seawolf)
-SunOS_5.6
-SunOS_5.8_32_bit
-SunOS_5.8_64_bit
-Windows-2000
-Windows-NT-4.0
-SunOS_5.8_i86pc
-SunOS_5.9_i86pc
-
diff --git a/security/nss/tests/platformlist.tbx b/security/nss/tests/platformlist.tbx
deleted file mode 100644
index 435284cff..000000000
--- a/security/nss/tests/platformlist.tbx
+++ /dev/null
@@ -1,14 +0,0 @@
-AIX_3_32_bit AIX4.3_DBG.OBJ AIX4.3_OPT.OBJ
-AIX_3_64_bit AIX4.3_DBG.OBJ AIX4.3_OPT.OBJ AIX4.3_64_DBG.OBJ AIX4.3_64_OPT.OBJ
-HP-UX_B.11.00_32_bit  HP-UXB.11.00_DBG.OBJ HP-UXB.11.00_OPT.OBJ
-HP-UX_B.11.00_64_bit  HP-UXB.11.00_DBG.OBJ HP-UXB.11.00_OPT.OBJ 
-OSF1_V4.0 OSF1V4.0D_DBG.OBJ OSF1V4.0D_OPT.OBJ
-OSF1_V5.0 OSF1V5.0_DBG.OBJ OSF1V5.0_OPT.OBJ
-RH_Linux_6.2_(Zoot) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-RH_Linux_6.1_(Cartman) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-RH_Linux_6.0_(Hedwig) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-SunOS_5.6 SunOS5.6_DBG.OBJ SunOS5.6_OPT.OBJ
-SunOS_5.8_32_bit 
-SunOS_5.8_64_bit 
-Windows-2000 WINNT5.0_DBG.OBJ WINNT5.0_OPT.OBJ WIN954.0_DBG.OBJ WIN954.0_OPT.OBJ
-Windows-NT-4.0 WIN954.0_DBG.OBJ WIN954.0_OPT.OBJ WINNT4.0_DBG.OBJ WINNT4.0_OPT.OBJ
diff --git a/security/nss/tests/qa_stage b/security/nss/tests/qa_stage
deleted file mode 100755
index f0960c845..000000000
--- a/security/nss/tests/qa_stage
+++ /dev/null
@@ -1,336 +0,0 @@
-#! /bin/sh 
-########################################################################
-#
-# /u/sonmi/bin/qa_stage - /u/svbld/bin/init/nss/qa_stage
-#
-# this script is supposed to convert the tinderbox and daily QA files
-# for use on mozilla.org
-#
-# parameters
-# ----------
-#   nssversion  (supported: 30b, 31, tip)
-#   builddate   (default - today)
-#
-########################################################################
-
-if [ -z "$BUILDNUMBER" ]
-then
-    BUILDNUMBER=1
-fi
-if [ `uname` = "Linux" ] ; then
-    PATH=".:/u/sonmi/bin:/u/sonmi/bin/linux:/usr/bsd:/usr/ucb/:/bin:/usr/bin:/usr/ccs/bin:/usr/sbin:/usr/bin/X11:/usr/etc:/etc:/usr/demos:/usr/demos/bin:/usr/local/bin:/usr/local/X11/bin:/tools/ns/bin"
-    export PATH
-fi
-
-Echo()
-{
-    if [ "$O_SILENT" = "OFF" ] ; then
-        echo $*
-    fi
-}
-
-################################### qa_stage_init ##########################
-# 
-########################################################################
-qa_stage_init()
-{
-    umask 000
-
-    eval_opts $*
-
-    if [ -z "${QAYEAR}" ] ; then 
-        QAYEAR=`date +%Y`
-    elif [ "$QAYEAR" = ""  ] ; then
-        QAYEAR=`date +%Y`
-    fi
-
-    Echo "Init..."
-    DAYBUILD=${QAYEAR}${BUILDDATE}.${BUILDNUMBER}
-    NSS_D0=/share/builds/mccrel3/nss
-    NSS_VER_DIR=${NSS_D0}/nss${NSSVER}
-    NTDIST=${NSS_VER_DIR}/builds/${DAYBUILD}/blowfish_NT4.0_Win95/mozilla/dist
-    UXDIST=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/dist
-    TESTSCRIPTDIR=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/security/nss/tests
-    RESULTDIR=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/tests_results/security
-    TBX_RESULTDIR=${NSS_D0}/nsstip/tinderbox/tests_results/security
-
-    MOZ_D0=/pub/security/nss
-    MOZ_RESULTDIR=${MOZ_D0}/daily_qa/${DAYBUILD}
-    MOZ_TBX_RESULTDIR=${MOZ_D0}/tinderbox
-    
-    export BUILDDATE NSSVER QAYEAR NTDIST UXDIST TESTSCRIPTDIR RESULTDIR 
-
-
-    IPLANET_TBX_URL="http://cindercone.red.iplanet.com${TBX_RESULTDIR}"
-    IPLANET_DQA_URL="http://cindercone.red.iplanet.com${RESULTDIR}"
-
-    MOZ_TBX_URL="ftp://ftp.mozilla.org${MOZ_TBX_RESULTDIR}"
-    MOZ_DQA_URL="ftp://ftp.mozilla.org${MOZ_RESULTDIR}"
-
-    export IPLANET_TBX_URL IPLANET_DQA_URL MOZ_TBX_URL MOZ_DQA_URL
-    STAGE_1=/u/sonmi/tmp/ftp_stage
-    
-    if [ ! -d  $STAGE_1 ] ; then
-        Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
-        exit 1
-    fi
-    cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
-    rm all.tar* 2>/dev/null
-    TBX_STAGE=$STAGE_1/tinderbox
-    DQA_STAGE=$STAGE_1/daily_qa/${DAYBUILD}
-    Echo "Staging area tbx: $TBX_STAGE"
-    Echo "Staging area daily QA (DQA): $DQA_STAGE"
-    Echo "Resultdir (sourcedir) for daily QA (RESULTDIR): $RESULTDIR"
-}
-
-################################### qa_stage_dqa ##########################
-# 
-########################################################################
-qa_stage_dqa()
-{
-    Echo "DQA:..."
-    Echo "Resultdir (sourcedir) for daily QA (RESULTDIR): $RESULTDIR"
-#set -x
-    if [ ! -d  $RESULTDIR ] ; then
-        Echo "Resultdir $RESULTDIR does not exist, can't push daily QA"
-        return
-    fi
-    cd $RESULTDIR || return
-    #for w in `find . -name "result*html"`
-    for w in `find . -name "result.html"`
-    do
-        if [ ! -d $DQA_STAGE/`dirname $w` ] ; then
-            mkdir -p $DQA_STAGE/`dirname $w`
-        fi
-        rm $DQA_STAGE/$w 2>/dev/null
-        cat $w | reformat_qa >$DQA_STAGE/$w
-    done
-    for w in `find . -name "output.log" -o  -name "results.html"`
-    do
-#echo $w
-        if [ ! -d $DQA_STAGE/`dirname $w` ] ; then
-            mkdir -p $DQA_STAGE/`dirname $w`
-        fi
-        cp $w $DQA_STAGE/$w
-    done
-}
-
-
-################################### qa_stage_tbx ##########################
-# 
-########################################################################
-qa_stage_tbx()
-{
-    Echo "tbx: "
-    if [ ! -d  $TBX_RESULTDIR ] ; then
-        Echo "TBX_RESULTDIR $TBX_RESULTDIR does not exist"
-        return
-    fi
-    cd $TBX_RESULTDIR || return
-    Echo "find from $TBX_FIND_FROM"
-    for w in `find $TBX_FIND_FROM  -name "result.html"`
-    do
-        if [ ! -d "$TBX_STAGE/`dirname $w`" ] ; then
-            mkdir -p $TBX_STAGE/`dirname $w`
-        fi
-        rm $TBX_STAGE/$w 2>/dev/null
-        cat $w | reformat_qa >$TBX_STAGE/$w
-    done
-    for w in `find $TBX_FIND_FROM -name "output.log" -o  -name "results.html"`
-    do
-        if [ ! -d $TBX_STAGE/`dirname $w` ] ; then
-            mkdir -p $TBX_STAGE/`dirname $w`
-        fi
-        cp $w $TBX_STAGE/$w
-    done
-}
-
-match_tbxdirs()
-{
-    YY=`date +%Y`
-    DD=`date +%d`
-    MM=`date +%m`
-    HH=`date +%H`
-
-    TBX_FIND_FROM="*-$YY$MM$DD-$HH.*"
-    i=$1
-    while [ $i -gt 0 ] ; do
-        i=`expr $i - 1`
-        HH=`expr $HH - 1`
-        if [ $HH -lt 0 ] ; then
-            HH=23
-            DD=`expr $DD - 1`
-            if [ $DD  -eq 0 ] ; then
-                MM=`expr $MM - 1`
-                case $MM in
-                    0)
-                        YY=`expr $YY - 1`
-                        MM=12
-                        DD=31
-                        ;;
-                    [13578]|10|12)
-                        DD=31
-                        ;;
-                    2)
-                        DD=28
-                        ;;
-                    [469]|11)
-                        DD=30
-                        ;;
-                esac
-            fi
-        fi
-        case $MM in
-            [123456789])
-               MM=0$MM
-               ;;
-        esac
-        case $DD in
-            [123456789])
-               DD=0$DD
-               ;;
-        esac
-        case $HH in
-            [0123456789])
-               HH=0$HH
-               ;;
-        esac
-        TBX_FIND_FROM="$TBX_FIND_FROM *-$YY$MM$DD-$HH.*"
-    done
-}
-
-################################### eval_opts ##########################
-# global shell function, evapuates options and parameters, sets flags
-# variables and defaults
-########################################################################
-eval_opts()
-{
-  DO_TBX=OFF
-  DO_DQA=OFF
-  DO_CLEAN=OFF
-  O_SILENT=OFF
-  O_INCREMENTAL=OFF
-  O_MAIL=OFF
-  BUILDDATE=`date +%m%d`
-  NSSVER=tip
-
-  TBX_FIND_FROM="."
-
-  while [ -n "$1" ]
-  do
-    case $1 in
-        -d)
-            DO_DQA=ON
-            ;;
-        -m)
-            O_MAIL=ON
-            shift
-            MAILINGLIST=$1
-            if [ -z "$MAILINGLIST" ]
-            then
-                echo "Error: -m requires a mailinglist to follow, for example sonmi@iplanet.com"
-                exit
-            fi
-            ;;
-        -ti)
-            DO_TBX=ON
-            match_tbxdirs 2
-            O_INCREMENTAL=ON
-            ;;
-        -t)
-            DO_TBX=ON
-            ;;
-        -c)
-            DO_CLEAN=ON
-            ;;
-        -s)
-            O_SILENT=ON
-            ;;
-
-        tip|3[0-9]*)
-            NSSVER=$1
-            ;;
-        [01][0-9][0-3][0-9])
-            BUILDDATE=$1
-            ;;
-    esac
-    shift
-  done
-}
-
-qa_stage_init $*
-
-if [ "$DO_CLEAN" = "ON" ] ; then
-    Echo "Cleaning old stuff"
-    if [ ! -d  $STAGE_1 ] ; then
-        Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
-        exit 1
-    fi
-    cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
-    if [ -n "$TBX_STAGE" -a -d "$TBX_STAGE" ] ; then
-        rm -rf $TBX_STAGE/*
-    else
-        Echo "nothing here to clean..."
-    fi
-fi
-if [ "$DO_DQA" = "ON" ] ; then
-    qa_stage_dqa 
-    if [ "$O_MAIL" = "ON" -a -f "$DQA_STAGE/result.html" ] ; then
-         cat $DQA_STAGE/result.html | /usr/sbin/sendmail $MAILINGLIST 
-    fi
-fi
-if [ "$DO_TBX" = "ON" ] ; then
-    qa_stage_tbx
-fi
-if [ ! -d  $STAGE_1 ] ; then
-    Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
-    exit 1
-fi
-cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
-Echo "tar..."
-if [ "$O_SILENT" = "ON" ] ; then
-    TARPARAM=cf
-else
-    TARPARAM=cvf
-fi
-
-
-if [ "$DO_DQA" = "ON" -a "$DO_TBX" = "ON" ] ; then
-        Echo "tar $TARPARAM all.tar daily_qa        tinderbox"
-        tar $TARPARAM all.tar daily_qa        tinderbox
-elif [ "$DO_DQA" = "ON" ] ; then
-        Echo "tar $TARPARAM all.tar daily_qa"
-        tar $TARPARAM all.tar daily_qa
-else
-        Echo "tar $TARPARAM all.tar tinderbox"
-        tar $TARPARAM all.tar tinderbox
-fi
-gzip all.tar
-# ssh-agent > /u/sonmi/.ssh/ssh-agent.info
-# setenv like it says in that file
-# ssh-add
-
-SSH_AUTH_SOCK=`grep SSH_AUTH_SOCK /u/sonmi/.ssh/ssh-agent.info | sed -e 's/setenv SSH_AUTH_SOCK //' -e 's/;//'`
-SSH_AGENT_PID=`grep SSH_AGENT_PID /u/sonmi/.ssh/ssh-agent.info | sed -e 's/setenv SSH_AGENT_PID //' -e 's/;//'`
-export SSH_AUTH_SOCK SSH_AGENT_PID
-if [ "$O_SILENT" = "OFF" ] ; then
-   set -x
-   scp all.tar.gz sonmi@stage.mozilla.org:/home/ftp/pub/security/nss
-   ssh -l sonmi stage.mozilla.org '/home/sonmi/bin/nssqa_stage '
-else
-   scp all.tar.gz sonmi@stage.mozilla.org:/home/ftp/pub/security/nss >/dev/null 2>/dev/null 
-   ssh -l sonmi stage.mozilla.org '/home/sonmi/bin/nssqa_stage ' >/dev/null 2>/dev/null 
-fi
-
-#" rlogin huey "
-#" sftp  sonmi@stage.mozilla.org"
-#" cd /home/ftp/pub/security/nss"
-#" lcd tmp/ftp_stage"
-#" put all.tar.gz"
-#" quit "
-#" ssh -l sonmi stage.mozilla.org"
-#" cd /home/ftp/pub/security/nss"
-#" gunzip all.tar.gz"
-#" tar xvf all.tar"
-#" rm all.tar"
-
diff --git a/security/nss/tests/qa_stat b/security/nss/tests/qa_stat
deleted file mode 100755
index aa3e4bb88..000000000
--- a/security/nss/tests/qa_stat
+++ /dev/null
@@ -1,935 +0,0 @@
-#! /bin/sh 
-########################################################################
-#
-# /u/sonmi/bin/qa_stat - /u/svbld/bin/init/nss/qa_stat
-#
-# this script is supposed to automatically run QA for NSS on all required
-# Unix platforms
-#
-# parameters
-# ----------
-#    nssversion (supported: 30b, 31, tip)
-#    builddate  (default - today)
-#
-# options
-# -------
-#    -y answer all questions with y - use at your own risk...ignores warnings
-#    -s silent (only usefull with -y)
-#    -h, -? - you guessed right - displays this text
-#    -d debug
-#    -f <filename> - write the (error)output to filename
-#    -m <mailinglist> - send filename to mailinglist (csl) only useful
-#        with -f
-#    -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.qa_stat
-#
-########################################################################
-
-O_OPTIONS=ON
-
-TBX_EXIT=49          # in case we are running on a tinderbox build, any
-                          # early exit needs to return an error
-if [ -z "$O_TBX" -o "$O_TBX" = "OFF" ] ; then
-    if [ -z "$O_LOCAL" -o "$O_LOCAL" = "OFF" ] ; then
-        . `dirname $0`/header
-    fi
-fi
-Debug "Sourced header O_TBX=$O_TBX O_LOCAL=$O_LOCAL"
-TBX_EXIT=48
-EARLY_EXIT=TRUE
-
-URL="cindercone.red.iplanet.com"
-
-DOCDIR=/u/sonmi/doc
-
-HTML_ERRORCOLOR=\"#FF0000\"
-HTML_ERRORMSG=Failed
-
-HTML_MISSINGCOLOR=\"#FFFFCC\"
-HTML_MISSINGMSG=Missing
-
-HTML_INCOMPLETECOLOR=$HTML_MISSINGCOLOR
-HTML_INCOMPLETEMSG=Incomplete
-
-HTML_PASSEDCOLOR=\"#66FF99\"
-HTML_PASSEDMSG=Passed
-
-# this file is used to deal with hanging rsh - a new shell is started 
-# for each rsh, and a function is called after it is finished - they
-# communicate with this file
-
-RSH_FILE=$TMP/rsh.$$
-echo >$RSH_FILE
-TMPFILES="$TMPFILES $WARNINGLIST $RSH_FILE "
-RSH_WAIT_TIME=80 #maximum time allowed for the 2 rsh to finish...
-#TOTAL_TESTS=106
-TOTAL_TESTS=244 #3.4
-#TOTAL_TESTS=123 #3.3.2
-BCT_TOTAL_TESTS=122 #3.2.2
-#TOTAL_TESTS=133 #tip
-
-Debug "NTDIST $NTDIST"
-Debug "UXDIST $UXDIST"
-Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-Debug "RESULTDIR $RESULTDIR"
-
-############################### watch_rsh ##############################
-# local shell function, deals with a hanging rsh (kills it...)
-# this function is started as a backgroundprocess before the rsh is started,
-# and writes info to the RSH_FILE, after the rsh is finished it writes finish
-# info to the same file (this time called as a function, forground). 
-# the backgroundprocess stays around for RSH_WAIT_TIME, if then the finish 
-# information is not there attempts to kill the rsh
-#
-# watch_rsh start qa_computername &
-# watch_rsh stop qa_computername 
-#
-########################################################################
-watch_rsh()
-{
-    case $1 in
-        start)
-            echo "$2 started" >>$RSH_FILE
-            sleep $RSH_WAIT_TIME
-            O_ALWAYS_YES=ON # may modify global flags because this is a 
-                            # forked off bg process - kill_by_name otherwise
-                            # will ask the user if it really should be killed 
-            grep "$2 finished" $RSH_FILE >/dev/null || kill_by_name "rsh $2"
-            exit
-            ;;
-        stop)
-            echo "$2 finished" >>$RSH_FILE
-            ;;
-    esac
-}
-
-############################### find_qa_systems ########################
-# local shell function, tries to determine the QA operating system
-# works remotely, and for Windows machines
-########################################################################
-find_qa_systems()
-{
-for QA_SYS in `ls $RESULTDIR | grep '\.1$' | sed -e "s/\..*//" | sort -u`
-do
-    NO_RSH="FALSE"
-    QA_OS=""
-    QA_RHVER=""
-    IS_64=""
-    IS_WIN=""
-
-    grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa >/dev/null && NO_RSH=TRUE
-
-    if [ "$NO_RSH" = "TRUE" ]
-    then
-
-        QA_OS=`grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
-            -e "s/.*-OS-LINE: /${QA_SYS}/"`
-        QA_OS_STRING=`echo $QA_OS | sed -e "s/^[_ ]//" -e "s/ /_/g"`
-        echo $QA_OS_STRING >>$PLATFORMLIST
-        if [ "$O_SILENT" != ON ] ; then
-            echo $QA_OS
-        fi
-
-        #grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
-             #-e "s/.*-OS-LINE: /${QA_SYS}_/" >>$PLATFORMLIST
-        #if [ "$O_SILENT" != ON ] ; then
-            #grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
-                 #-e "s/.*-OS-LINE:/${QA_SYS}/" 
-        #fi
-    else
-        REM_SYSNAME=$QA_SYS
-        watch_rsh start $REM_SYSNAME &
-        qa_stat_get_sysinfo $QA_SYS
-        watch_rsh stop $REM_SYSNAME 
-        echo $QA_OS_STRING >>$PLATFORMLIST
-                          # use later for missing list
-    fi
-done
-
-}
-
-################################### qa_stat_init ##########################
-# local shell function, sets the name of the resultfile to:
-#    <filename> if option -f <filename>
-#    $RESULTDIR/result if write permission 
-#        (mozilla/tests_results/security/result)
-#    $HOME/resultNSS${NSSVER}-${BUILDDATE} if no write permission in $RESULTDIR
-########################################################################
-qa_stat_init()
-{
-    if [ $O_FILE = ON -a $O_CRON = OFF ]    # if -f was specified write there 
-    then
-        RFILE=$FILENAME    
-    else
-        RFILE=${RESULTDIR}/result.$$
-        if [ ! -w $RESULTDIR ]
-        then
-            RFILE=$HOME/resultNSS${NSSVER}-${BUILDDATE}.$$
-            Debug "Using alternate resultfile $RFILE"
-        #elif [ $O_CRON = ON ]
-        #then
-             ##find ${RESULTDIR} -exec chmod a+rw {} \;    #FIXME - umask 
-                            ##doesn't seem to work - this is a tmp workaround
-        fi
-    
-        if [ ! -x $RESULTDIR -o ! -r  $RESULTDIR -o ! -w $RESULTDIR ]
-        then
-            glob_usage "$RESULTDIR does not have the right permissions `ls -l $RESULTDIR`"
-        fi
-        if [ -d $RESULTDIR ]
-        then
-            cd $RESULTDIR
-        else
-            glob_usage "$RESULTDIR does not exist"
-        fi
-    fi
-
-    ERRORLIST=${RFILE}.E
-    PLATFORMLIST=${RFILE}.P
-    PERFLIST=${RFILE}.PE
-    TMP_HTML_FILE=${RFILE}.html
-    HTML_FILE=${RESULTDIR}/result.html
-    WARNINGLIST=${RFILE}.W
-    BCMISSINGLIST=${RFILE}.BCM
-    BCERRORLIST=${RFILE}.BCE
-    TMPFILE=${RFILE}.T
-    ML_FILE=${RFILE}.ML
-
-    TMPFILES="$TMPFILES $TMPFILE"
-    TMPFILES="$TMPFILES $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
-       $BCMISSINGLIST $BCERRORLIST $ML_FILE" #FIXME uncomment
-
-    FILENAME=$RFILE        #we might want to mail it...later switch to html file
-    O_FILE="ON"
-
-    rm $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
-       $BCMISSINGLIST $BCERRORLIST $TMP_HTML_FILE  2>/dev/null
-    touch $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
-       $BCMISSINGLIST $BCERRORLIST $TMP_HTML_FILE  2>/dev/null
-
-    if [  $O_WIN = "ON" -a "$O_TBX" = "ON" ] ; then
-        HTML_PATH="http://${URL}${UX_D0}/nss${NSSVER}/tinderbox/tests_results/security/`basename $RESULTDIR`"
-    else
-        HTML_PATH="http://${URL}${RESULTDIR}"
-    fi
-    HREF_TMP_HTML_FILE="${HTML_PATH}/`basename $HTML_FILE`"
-
-    write_qa_header_html >$TMP_HTML_FILE
-}
-
-################################# html_footer #########################
-# local shell function, writes end of the html body
-#######################################################################
-write_qa_header_html()
-{
-echo 'Subject: QA Report ' $NSSVER $BUILDDATE '
-From: sonmi@iplanet.com
-Reply-To: sonmi@iplanet.com
-Content-Type: text/html; charset=us-ascii
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
-   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-   <meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; U; SunOS 5.8 sun4u) [N
-etscape]">
-</head>
-<body>
-<br>
-&nbsp;
-<br>&nbsp;
-<h2>
-<a href="http://tinderbox.mozilla.org/showbuilds.cgi?tree=NSS">Tinderbox</a
-><br>
-<a href="http://cindercone.red.iplanet.com/share/builds/mccrel3/nss/nsstip/tinderbox/tests_results/security/">Tinderbox QA&nbsp;result</a><br>
-<a href="ftp://ftp.mozilla.org/pub/security/nss/daily_qa">Mozilla Daily NSS QA&nbsp;result</a></h2>
-&nbsp;
-
-&nbsp;
-<br>&nbsp;
-<center>
-<h1>
-<a NAME="Top"></a><b><font size=+2>QA&nbsp;Results</font></b></h1></center>
-
-
-<table BORDER WIDTH="100%" NOSAVE >
-<tr>
-<td>&nbsp;<b><font size=+1>Build-OS and version</font></b></td>
-<td><b><font size=+1>QA-OS</font></b></td>
-<td><b><font size=+1>Systemname</font></b></td>
-<td><b><font size=+1>P/F</font></b></td>
-<td><b><font size=+1>result</font></b></td>
-<td><b><font size=+1>output</font></b></td>
-<td><b><font size=+1>errors</font></b></td>
-<td><b><font size=+1>QA time / #</font></b></td>
-</tr>
-'
-}
-
-################################# html_footer #########################
-# local shell function, writes end of the html body
-#######################################################################
-html_footer()
-{
-  echo '</body>'
-  echo '</html>'
-}
-
-################################# setQAsysvars #########################
-# local shell function, sets system specific variables
-########################################################################
-setQAsysvars()
-{
-    if [ "$MACHINE" != "0" ]
-    then
-        MACHINE=`echo $MACHINE | sed -e 's/^bct.//g'`
-        TESTDATE=`ls -ld $MACHINE | awk '{ print $6, $7, $8 }'`
-        TESTNUMBER=`echo $MACHINE | sed -e 's/.*\.//'`
-        SYSNAME=`echo $MACHINE | sed -e 's/\..*//'`
-        Debug "SYSNAME= $SYSNAME"
-
-        if [  "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
-            QA_SYS_OS=$QA_OS
-        else
-            QA_SYS_OS=`grep $SYSNAME $PLATFORMLIST |
-                sed -e 's/
//' | \
-                sort | uniq | sed  -e "s/$SYSNAME//" \
-                -e "s/^_//" | sort | uniq`
-        fi
-        Debug "QA_SYS_OS= $QA_SYS_OS"
-    fi
-    BUILD_SYS=`echo $BUILDPLATFORM | sed -e 's/\.OBJ//' -e 's/_DBG/ Debug/' \
-            -e 's/_OPT/ Optimized/'  -e 's/_64/ 64bit/' -e 's/_glibc_PTH//' \
-            -e 's/_/ /'`
-    Debug "BUILD_SYS=$BUILD_SYS"
-    if [ -f "${RESULTDIR}/${MACHINE}/results.html" ] ; then
-        RESULT="${HTML_PATH}/${MACHINE}/results.html"
-    else
-        RESULT="0"
-    fi
-    if [ -f "${RESULTDIR}/bct/${MACHINE}/results.html" ] ; then
-        BCB_RESULT="${HTML_PATH}/bct/${MACHINE}/results.html"
-    else
-      BCB_RESULT="0"
-    fi
-
-    if [ -f "${RESULTDIR}/${MACHINE}/output.log" ] ; then
-        LOG="${HTML_PATH}/${MACHINE}/output.log"
-    else
-        LOG="0"
-    fi
-    if [ -f "${RESULTDIR}/bct/${MACHINE}/output.log" ] ; then
-        BCB_LOG="${HTML_PATH}/bct/${MACHINE}/output.log"
-    else
-        BCB_LOG="0"
-    fi
-}
-
-################################# html_line() #########################
-# local shell function, writes a line in the html table
-########################################################################
-html_line()
-{
-  echo '<tr NOSAVE>'
-  echo '<td NOSAVE>'$BUILD_SYS'</td>'
-  echo ''
-  if [ "$QA_SYS_OS" != "0" ] ; then
-      echo '<td NOSAVE>'$QA_SYS_OS'</td>'
-  else
-      echo '<td></td>'
-  fi
-  echo ''
-  if [ "$SYSNAME" != "0" ] ; then
-      echo '<td>'$SYSNAME'</td>'
-  else
-      echo '<td></td>'
-  fi
-  #echo '<td>'$SYSNAME $TESTNUMBER $TESTDATE'</td>'
-  echo ''
-  # hopefully we never run more different tests on a tinderbox build...
-  # on win some shells can not handle exit codes greater then 52 (64???)
-  # so for very early exits the codes are set 50-45, for failures later
-  # in the process the higher the number, the more failures
-  if [ "$O_TBX" = "ON" -a "$TBX_EXIT" -gt 45 ] ; then
-      TBX_EXIT=0
-  fi
-  if [ "$1" = "failed" ]
-  then
-      TBX_EXIT=`expr $TBX_EXIT + 1`
-      echo '<td BGCOLOR='$HTML_ERRORCOLOR' NOSAVE><b>'$HTML_ERRORMSG'</b></td>'
-  elif [ "$1" = "passed" ]
-  then
-      echo '<td BGCOLOR='$HTML_PASSEDCOLOR' NOSAVE>'$HTML_PASSEDMSG'</td>'
-  elif [ "$1" = "incomplete" ]
-  then
-      TBX_EXIT=`expr $TBX_EXIT + 1`
-      echo '<td BGCOLOR='$HTML_INCOMPLETECOLOR' NOSAVE>'$HTML_INCOMPLETEMSG'</td>'
-  else
-      TBX_EXIT=`expr $TBX_EXIT + 1`
-      echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'    
-  fi
-  if [ "$CURRENT_TABLE" != "BC" ] ; then
-      if [ "$RESULT" = "0" ] ; then
-          echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
-      else
-          echo '<td>&nbsp;<a href="'$RESULT'">result</a>&nbsp;</td>'
-      fi
-      if [ "$LOG" = "0" ] ; then
-          echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
-      else
-          echo '<td>&nbsp;<a href="'$LOG'">log</a>&nbsp;</td>'
-      fi
-      if [ "$1" = "failed" ] ; then
-          echo '<td>&nbsp;<a href="'${HREF_TMP_HTML_FILE}'#errorlist">error</a>&nbsp;</td>'
-      else
-          echo '<td></td>'
-      fi
-  else
-     #<td><b><font size=+1>errors</font></b></td>
-     #<td><b><font size=+1>P/F</font></b></td>
-     #<td><b><font size=+1>P/F</font></b></td>
-
-     #echo '<td><b><font size=+1>All Current</font></b></td>'
-     #echo '<td><b><font size=+1>old dlls</font></b></td>'
-     #echo '<td><b><font size=+1>old executables</font></b></td>'
-      #if [ "$RESULT" != "0" -a "$LOG" != "0" ] ; then
-          #echo '<td><a href="'$RESULT'">result</a>, <a href="'$LOG'">log</td>'
-      #elif [ "$RESULT" = "0" -a "$LOG" != "0" ] ; then
-          #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$LOG'">log</a></td>'
-      #elif [ "$RESULT" != "0" -a "$LOG" = "0" ] ; then
-          #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$RESULT'">result</a></td>'
-      #else
-          #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
-      #fi
-      #if [ "$BCB_RESULT" != "0" -a "$BCB_LOG" != "0" ] ; then
-          #echo '<td><a href="'$BCB_RESULT'">result</a>, <a href="'$BCB_LOG'"> log</td>'
-      #elif [ "$BCB_RESULT" = "0" -a "$BCB_LOG" != "0" ] ; then
-          #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$BCB_LOG'">log</a></td>'
-      #elif [ "$BCB_RESULT" != "0" -a "$BCB_LOG" = "0" ] ; then
-          #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$BCB_RESULT'">result</a></td>'
-      #else
-          #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
-      #fi
-      if [ "$BCB_RESULT" = "0" ] ; then
-          echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
-      else
-          echo '<td>&nbsp;<a href="'$BCB_RESULT'">result</a>&nbsp;</td>'
-      fi
-      if [ "$BCB_LOG" = "0" ] ; then
-          echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
-      else
-          echo '<td>&nbsp;<a href="'$BCB_LOG'">log</a>&nbsp;</td>'
-      fi
-  fi
-  echo '<td>'$TESTDATE $TESTNUMBER'</td>'
-  echo '</tr>'
-}
-
-################################# qa_errorlist #########################
-# local shell function, finds problems in the previously run QA
-# linux:the gnu grep, on Linux can output 10 lines above and 3 lines below 
-# the errormessage
-########################################################################
-qa_errorlist()
-{
-    grep "bgcolor=red" ${MACHINES_TO_CHECK}*/results.html | 
-        sed -e 's/.results.html:<TR><TD>/ /' -e 's/<[^>]*>/ /g'
-    grep 'cache hits; .* cache misses, .* cache not reusable' \
-        ${MACHINES_TO_CHECK}*/output.log | 
-        grep strsclnt |
-        grep -v '0 cache hits; 0 cache misses, 0 cache not reusable' | 
-        grep -v ' cache hits; 1 cache misses, 0 cache not reusable'
-    grep -vi "write to SSL socket" ${MACHINES_TO_CHECK}*/output.log |
-        grep -vi "HDX PR_Read returned error" |
-        grep -vi "no error" |
-        grep -vi "12285" |
-        grep -i  $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP error 
-        #grep -vi "5938" |  needed for -v option
-        #grep -vi "HDX PR_Read hit EOF" | 
-    grep  -vi "write to SSL socket" ${MACHINES_TO_CHECK}*/output.log |
-        grep -vi "peer cannot verify" |
-        grep -vi "error" |
-        grep -vi "fatal" |
-        grep -vi "TCP Connection aborted" |
-        grep -vi "TCP connection reset" |
-        grep  $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP  -i failed  
-    grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "segmentation violation" \
-        ${MACHINES_TO_CHECK}*/output.log
-    grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "memory fault" \
-        ${MACHINES_TO_CHECK}*/output.log
-    grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "bus error" \
-        ${MACHINES_TO_CHECK}*/output.log
-    grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "core dumped" \
-        ${MACHINES_TO_CHECK}*/output.log
-    grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP fatal \
-        ${MACHINES_TO_CHECK}*/output.log
-    grep -i  $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i\
-        "PKCS12 decode not verified"   ${MACHINES_TO_CHECK}*/output.log
-
-    if [ -n "${MACHINES_TO_CHECK}" ] ; then
-        find ${MACHINES_TO_CHECK}* -name core -print 2>/dev/null |
-            grep -v bct 
-    else
-        find . -name core -print 2>/dev/null |
-            grep -v bct 
-    fi
-}
-
-tbx_missing_platforms ()
-{
-    QA_MISSING="QA report missing"
-    MACHINE="0"
-
-    if [ "$QA_OS_STRING" = "WINNT4.0" ] ; then
-        QA_OS_STRING="Windows-NT-4.0"
-    fi
-    for BUILDPLATFORM in `grep $QA_OS_STRING $TESTSCRIPTDIR/platformlist.tbx`
-    do
-        if [ "$BUILDPLATFORM" != "$QA_OS_STRING" ] ; then
-            Debug  "BUILDPLATFORM = $BUILDPLATFORM QA_OS_STRING = $QA_OS_STRING"
-            grep $BUILDPLATFORM ${MACHINES_TO_CHECK}*/results.html \
-                >/dev/null || {
-                setQAsysvars
-                html_line missing >>$TMP_HTML_FILE
-            }
-        fi
-    done
-}
-
-############################ platform _list ###########################
-# local shell function, generate pass/fail information for each Platform
-########################################################################
-platformlist()
-{
-    grep Platform ${MACHINES_TO_CHECK}*/results.html | 
-        sed -e 's/.results.html:<H4>Platform: /---/' \
-            -e 's/<BR>//' >$TMPFILE
-    # this is done a little complicated to avoid starting a subshell in 
-    # a while read that gets the input from a pipeline, and variables set 
-    #in or underneath this function get unset after done...
-    for  MB in `cat $TMPFILE` ; do
-        MACHINE=`echo $MB | sed -e "s/---.*//"`
-        BUILDPLATFORM=`echo $MB | sed -e "s/.*---//"`
-        grep "${MACHINE}[^0-9]" $ERRORLIST >/dev/null
-        ret=$?
-        setQAsysvars
-        if [ $ret -eq 0 ]
-        then
-            echo "Failed $MACHINE $BUILDPLATFORM" >>$RFILE
-            html_line failed >>$TMP_HTML_FILE
-        else
-            echo "Passed $MACHINE $BUILDPLATFORM" >>$RFILE
-            html_line passed >>$TMP_HTML_FILE
-        fi
-    done 
-}
-
-############################ missing_platforms ###########################
-# local shell function, finds out if we ran on all required platforms
-########################################################################
-missing_platforms()
-{
-    QA_MISSING="QA report missing"
-    MACHINE="0"
-    SYSNAME="0"
-    QA_SYS_OS="0"
-
-    for BUILDPLATFORM in `cat $TESTSCRIPTDIR/platformlist`
-    do
-        grep $BUILDPLATFORM $PLATFORMLIST > /dev/null || {
-            setQAsysvars
-            html_line missing >>$TMP_HTML_FILE
-        }
-    done
-}
-
-############################ incomplete_results ###########################
-# local shell function, finds out if all qa runs were complete
-########################################################################
-incomplete_results ()
-{
-    
-    for w in `ls ${MACHINES_TO_CHECK}*/results.html`
-    do
-      grep bgcolor=red $w || {
-        PASSED_LINES=""
-        PASSED_LINES=`grep bgcolor=lightGreen $w | wc -l`
-        if [ -n "$PASSED_LINES" -a "$PASSED_LINES" -lt "$TOTAL_TESTS" ] ; then
-            BUILDPLATFORM=`grep Platform $w | sed -e 's/<H4>Platform:/    /'                   -e 's/<BR>//'` 
-            MACHINE=`echo $w | sed -e "s/.results.html//"`
-            #MACHINE=`echo $w | sed -e "s/\.[0-9]*.results.html//"`
-            setQAsysvars
-            html_line incomplete >>$TMP_HTML_FILE
-        elif [ "$PASSED_LINES" -gt "$TOTAL_TESTS" ] ; then
-            echo "WARNING - more tests than expected on $w ($PASSED_LINES)" >>$WARNINGLIST
-	fi
-      }
-    done
-}
-
-qa_stat_table()
-{
-    echo '&nbsp;'
-    echo '<br>&nbsp;'
-    echo '<center>'
-    echo '<h1>'
-    echo '<a NAME="'$1'"></a>'$1'</h1></center>'
-    echo '&nbsp;'
-    echo '<table BORDER WIDTH="100%" NOSAVE >'
-    echo '<tr NOSAVE>'
-}
-
-############################### psaperf ########################
-# local shell function, copies results of the daily performance test
-# into a table in the QA report
-########################################################################
-rsaperf()
-{
-    grep RSAPERF */output.log | grep -v "_DBG" > $PERFLIST
-    
-    qa_stat_table "Performance list"
-
-    echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
-    echo '<td><b><font size=+1>Systemname</font></b></td>'
-    echo '<td><b><font size=+1># of iterations</font></b></td>'
-    echo '<td><b><font size=+1>average for one op</font></b></td>'
-    echo '<td><b><font size=+1>Total</font></b></td>'
-    echo '<td><b><font size=+1>QA time / #</font></b></td>'
-    echo '</tr>'
-    cat $PERFLIST | 
-    while read MACHINE BUILDPLATFORM no_iter t1 t2 total total_unit t3 \
-               t4 t5 average average_unit
-    do
-        #caution subshell, variables local to this loop
-        BUILD_SYS=`echo $BUILDPLATFORM | sed -e 's/\.OBJ//' \
-            -e 's/_DBG/ Debug/' \
-            -e 's/_OPT/ Optimized/'  -e 's/_64/ 64bit/' -e 's/_glibc_PTH//' \
-            -e 's/_/ /'`
-        TESTNUMBER=`echo $MACHINE | sed -e 's/[^\.]*\.//' -e 's/\/.*//'`
-        MACHINE=`echo $MACHINE | sed -e 's/\..*//'`
-        TESTDATE=`ls -ld ${MACHINE}.${TESTNUMBER} | awk '{ print $6, $7, $8 }'`
-        echo '<tr>'
-        echo '<td>'$BUILD_SYS'</td>'
-        echo ''
-        echo '<td>'$MACHINE'</td>'
-        echo ''
-        echo '<td>'$no_iter'</td>'
-        echo ''
-        echo '<td>'$average' '$average_unit'</td>'
-        echo ''
-        echo '<td>'$total' '$total_unit'</td>'
-        echo ''
-        echo '<td>'$TESTDATE $TESTNUMBER'</td>'
-        echo ''
-        echo '</tr>'
-    done
-    echo '</table>'
-}
-
-############################### qa_stat_cleanup ########################
-# local shell function, finishes html file, sets variables for global Exit
-########################################################################
-qa_stat_cleanup()
-{
-
-    html_footer >>$TMP_HTML_FILE
-
-    O_DEBUG=OFF
-
-    EARLY_EXIT=FALSE
-    cp $TMP_HTML_FILE $HTML_FILE
-    FILENAME=$HTML_FILE        #we might want to mail it...
-    Exit
-}
-
-
-############################### bc_test ########################
-# local shell function, evaluates the results of the backward u
-# compatibility tests
-########################################################################
-bc_header()
-{
-CURRENT_TABLE="BC"   #so html_line can determine which fields to write
-  
-  qa_stat_table "Backward Compatibility Test"
-  echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
-  echo '<td><b><font size=+1>QA-OS</font></b></td>'
-  echo '<td><b><font size=+1>Systemname</font></b></td>'
-  echo '<td><b><font size=+1>P/F</font></b></td>'
-  #echo '<td><b><font size=+1>All Current</font></b></td>'
-  #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
-  echo '<td><b><font size=+1>result</font></b></td>'
-  echo '<td><b><font size=+1>output</font></b></td>'
-  echo '<td><b><font size=+1>QA time / #</font></b></td>'
-  echo '</tr>'
-
-}
-
-old_bc_test()
-{
-CURRENT_TABLE="BC"   #so html_line can determine which fields to write
-  
-  qa_stat_table "Backward Compatibility Test"
-  echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
-  echo '<td><b><font size=+1>QA-OS</font></b></td>'
-  echo '<td><b><font size=+1>Systemname</font></b></td>'
-  echo '<td><b><font size=+1>P/F</font></b></td>'
-  #echo '<td><b><font size=+1>All Current</font></b></td>'
-  #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
-  echo '<td><b><font size=+1>result</font></b></td>'
-  echo '<td><b><font size=+1>output</font></b></td>'
-  echo '<td><b><font size=+1>QA time / #</font></b></td>'
-  echo '</tr>'
-
-  for w in `ls */results.html`
-  do
-      TMP_RESULT="`dirname $w`/results.tmp"
-      TMP_BC_RESULT="`dirname bct/$w`/results.tmp"
-      rm $TMP_RESULT $TMP_BC_RESULT 2>/dev/null
-      cat $w | sed -e 's/<[^>]*>//g'  -e 's/ /_/g' \
-                   -e 's/signtool_-[vw]/signtool_-vw/' |
-               grep '_[PF]a[si][sl]ed' >$TMP_RESULT
-      cat bct/$w   | sed -e 's/<[^>]*>//g'  -e 's/ /_/g' \
-                         -e 's/signtool_-[vw]/signtool_-vw/' |
-                     grep '_[PF]a[si][sl]ed' >$TMP_BC_RESULT
-      diff $TMP_RESULT $TMP_BC_RESULT    2>>$BCMISSINGLIST |
-           grep -v "Create_objsign_cert_.signtool_-G.*Passed" |
-           grep -v "porting_Alice.s_email_cert" |
-           grep -v "^[0-9,cad]*$" | grep -v "^---$" | grep -v "^---.$" |
-           grep -v "Can.t_run_pk12util_tests_for_NSS_3.2"  >/dev/null && (
-                echo "$w differs" >> $BCMISSINGLIST
-                echo "========================================="
-                echo "diff $w bct/$w"
-                echo "========================================="
-                diff $TMP_RESULT $TMP_BC_RESULT 2>&1 |
-                     grep -v "Create_objsign_cert_.signtool_-G.*Passed" |
-                     grep -v "porting_Alice.s_email_cert" |
-                     grep -v "Can.t_run_pk12util_tests_for_NSS_3.2"  
-           )  2>&1 >>$BCERRORLIST
-
-      #diff -b $w bct/$w  2>>$BCMISSINGLIST | 
-           #grep -v "Create objsign cert .signtool -G.*Passed" |
-           #grep -v "Listing signed files in jar .signtool -v.*Passed" |
-           #grep -v "Listing signed files in jar .signtool -w.*Passed" |
-           #grep -v "backward compatibility" |
-           #grep -v "Can.t run pk12util tests for NSS 3.2" |
-           #grep -v "porting Alice.s email cert " |
-           #grep -v "^---$" | grep -v "^[<> ] $" | 
-           #grep -v "^---.$" | grep -v "^[<> ] .$" | 
-           #grep -v '< </BODY></HTML>' |
-           #grep -v "^[0-9,cad]*$" 2>>$BCMISSINGLIST >/dev/null &&  (
-                #echo "$w differs" >> $BCMISSINGLIST
-                #echo "========================================="
-                #echo "diff $w bct/$w"
-                #echo "========================================="
-                #diff -b $w bct/$w 2>&1 | 
-                     #grep -v "Listing signed files in jar .signtool -v.*Passed" |
-                     #grep -v "Listing signed files in jar .signtool -w.*Passed" |
-                     #grep -v "backward compatibility" |
-                     #grep -v "Can.t run pk12util tests for NSS 3.2" |
-                     #grep -v "porting Alice.s email cert " |
-                     #grep -v "^---$" | grep -v "^[<> ] $" | 
-                     #grep -v "^---.$" | grep -v "^[<> ] .$" | 
-                     #grep -v '< </BODY></HTML>' |
-                     #grep -v "^[0-9,cad]*$" \
-           #)  2>&1 >>$BCERRORLIST
-      rm $TMP_RESULT $TMP_BC_RESULT 2>/dev/null
-  done
-  rm $ERRORLIST
-  cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
-                    -e "s/.results.html.*/\/results.html/" | 
-                sort -u > $ERRORLIST
-
-  platformlist  
-  echo '</table>' >>$TMP_HTML_FILE
-
-  head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/" 
-}
-
-bc_test()
-{
-CURRENT_TABLE="BC"   #so html_line can determine which fields to write
-  
-  qa_stat_table "Backward Compatibility Test"
-  echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
-  echo '<td><b><font size=+1>QA-OS</font></b></td>'
-  echo '<td><b><font size=+1>Systemname</font></b></td>'
-  echo '<td><b><font size=+1>P/F</font></b></td>'
-  #echo '<td><b><font size=+1>All Current</font></b></td>'
-  #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
-  echo '<td><b><font size=+1>result</font></b></td>'
-  echo '<td><b><font size=+1>output</font></b></td>'
-  echo '<td><b><font size=+1>QA time / #</font></b></td>'
-  echo '</tr>'
-
-set -x
-  for w in `ls */results.html`
-  do
-      BCT_DIR=`dirname "bct/$w"`
-      BCT_RESULT="bct/$w"
-      BCT_LOG="$BCT_DIR/output.log"
-      grep "bgcolor=red" $BCT_RESULT | 
-           sed -e 's/.results.html:<TR><TD>/ /' -e 's/<[^>]*>/ /g'
-      grep 'cache hits; .* cache misses, .* cache not reusable' \
-        $BCT_LOG |
-        grep -v selfserv |
-        grep -v '0 cache hits; 1 cache misses, 0 cache not reusable' |
-        grep -v '0 cache hits; 0 cache misses, 0 cache not reusable' |
-        grep -v ' cache hits; 1 cache misses, 0 cache not reusable'
-      grep -vi "write to SSL socket" $BCT_LOG |
-        grep -vi "HDX PR_Read returned error" |
-        grep -vi "no error" |
-        grep -vi "12285" |
-        grep -i  $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP error
-      grep  -vi "write to SSL socket" $BCT_LOG |
-        grep -vi "peer cannot verify" |
-        grep -vi "TCP Connection aborted" |
-        grep -vi "error" |
-        grep -vi "fatal" |
-        grep -vi "TCP connection reset" |
-        grep  $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP  -i failed $BCT_LOG
-      grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "segmentation violation"  $BCT_LOG
-      grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "memory fault" $BCT_LOG
-      grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "bus error" $BCT_LOG
-      grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "core dumped" $BCT_LOG
-      grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP fatal  $BCT_LOG
-      grep -i  $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i "PKCS12 decode not verified"   $BCT_LOG
-      find ${BTC_DIR} -name core -print
-
-  done 2>&1 >>$BCERRORLIST
-  rm $ERRORLIST
-  cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
-                    -e "s/.results.html.*/\/results.html/" | 
-                sort -u > $ERRORLIST
-
-  platformlist  
-  echo '</table>' >>$TMP_HTML_FILE
-
-  head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/" 
-}
-
-
-############################### bc_test ########################
-# local shell function, evaluates the results of the backward u
-# compatibility tests
-# move the whole function to old to tests a new solution
-########################################################################
-bc_test_old()
-{
-CURRENT_TABLE="BC"   #so html_line can determine which fields to write
-  
-  qa_stat_table "Backward Compatibility Test"
-  echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
-  echo '<td><b><font size=+1>QA-OS</font></b></td>'
-  echo '<td><b><font size=+1>Systemname</font></b></td>'
-  echo '<td><b><font size=+1>P/F</font></b></td>'
-  #echo '<td><b><font size=+1>All Current</font></b></td>'
-  #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
-  echo '<td><b><font size=+1>result</font></b></td>'
-  echo '<td><b><font size=+1>output</font></b></td>'
-  echo '<td><b><font size=+1>QA time / #</font></b></td>'
-  echo '</tr>'
-
-  for w in `ls */results.html`
-  do
-      diff -b $w bct/$w  2>>$BCMISSINGLIST | 
-           grep -v "Create objsign cert .signtool -G.*Passed" |
-           grep -v "Listing signed files in jar .signtool -v.*Passed" |
-           grep -v "Listing signed files in jar .signtool -w.*Passed" |
-           grep -v "backward compatibility" |
-           grep -v "Can.t run pk12util tests for NSS 3.2" |
-           grep -v "porting Alice.s email cert " |
-           grep -v "^---$" | grep -v "^[<> ] $" | 
-           grep -v "^---.$" | grep -v "^[<> ] .$" | 
-           grep -v '< </BODY></HTML>' |
-           grep -v "^[0-9,cad]*$" 2>>$BCMISSINGLIST >/dev/null &&  (
-                echo "$w differs" >> $BCMISSINGLIST
-                echo "========================================="
-                echo "diff $w bct/$w"
-                echo "========================================="
-                diff -b $w bct/$w 2>&1 | 
-                     grep -v "Listing signed files in jar .signtool -v.*Passed" |
-                     grep -v "Listing signed files in jar .signtool -w.*Passed" |
-                     grep -v "backward compatibility" |
-                     grep -v "Can.t run pk12util tests for NSS 3.2" |
-                     grep -v "porting Alice.s email cert " |
-                     grep -v "^---$" | grep -v "^[<> ] $" | 
-                     grep -v "^---.$" | grep -v "^[<> ] .$" | 
-                     grep -v '< </BODY></HTML>' |
-                     grep -v "^[0-9,cad]*$" \
-           )  2>&1 >>$BCERRORLIST
-  done
-  rm $ERRORLIST
-  cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
-                    -e "s/.results.html.*/\/results.html/" | 
-                sort -u > $ERRORLIST
-
-  platformlist  
-  echo '</table>' >>$TMP_HTML_FILE
-
-  head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/" 
-
-}
-
-############################### tbx_main ########################
-# local shell function, tinderbox variation of the qa status script
-########################################################################
-tbx_main()
-{
-    TBX_EXIT=47
-    qa_stat_get_sysinfo # find out the OS we are running and all required tests
-                        # on this OS
-    
-    MACHINES_TO_CHECK=$HOST  #`uname -n` only search the local tests for errors
-    qa_errorlist > $ERRORLIST        # 
-    platformlist 
-    #tbx_missing_platforms  #temp. taken out until we find a better way to
-    #determine if all necessary QA ran - right now we run different 
-    #tinderboxes on one machine
-    incomplete_results 
-    echo '</table>' >>$TMP_HTML_FILE
-    echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
-    cat $ERRORLIST  | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
-
-}
-
-############################### qa_stat_main ########################
-# local shell function, main flow of the qa status script
-########################################################################
-qa_stat_main()
-{
-    find_qa_systems 2>/dev/null
-    MACHINES_TO_CHECK=""   # check all founf qa runs
-    qa_errorlist > $ERRORLIST
-    platformlist 
-    missing_platforms 
-    incomplete_results 
-    echo '</table>' >>$TMP_HTML_FILE
-    echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
-    cat $ERRORLIST  | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
-    cat $WARNINGLIST 2>/dev/null | sed -e "s/^/<br>/" >>$TMP_HTML_FILE 2>/dev/null
-    rsaperf >>$TMP_HTML_FILE
-    bc_header >>$TMP_HTML_FILE
-    MACHINES_TO_CHECK="bct/"
-    TOTAL_TESTS=$BCT_TOTAL_TESTS
-    BEFORE_CONTEXT_GREP="" #WORKAROUND - errors in one outputlog within the first 
-    AFTER_CONTEXT_GREP=""  # or last lines will show up in the next/previos file
-    qa_errorlist > $ERRORLIST
-    platformlist 
-    missing_platforms 
-    incomplete_results 
-    echo '</table>' >>$TMP_HTML_FILE
-    echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
-    cat $ERRORLIST  | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
-    cat $WARNINGLIST 2>/dev/null | sed -e "s/^/<br>/" >>$TMP_HTML_FILE 2>/dev/null
-    #bc_test >>$TMP_HTML_FILE
-}
-
-CURRENT_TABLE="Standard"
-qa_stat_init
-
-if [  "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
-    tbx_main
-else
-    qa_stat_main
-fi
-
-qa_stat_cleanup
diff --git a/security/nss/tests/qaclean b/security/nss/tests/qaclean
deleted file mode 100755
index 14c71f390..000000000
--- a/security/nss/tests/qaclean
+++ /dev/null
@@ -1,144 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/qaclean
-#
-# is supposed to clean up after a "hanging" QA
-#
-# 1) see if there is a lockfile 
-#    if yes: 
-#    1a) kill the process of the lockfile and if possible it's children
-#    1b) rm the lockfile
-# 2) kill selfservers
-# 3) clean up old tmp files
-#
-########################################################################
-
-if [ -z "$TMP" ]
-then
-    if [  -z "$TEMP" ]
-    then
-        TMP="/tmp"
-    else
-        TMP=$TEMP
-    fi
-fi
-if [ ! -w "$TMP" ]
-then
-    echo "Can't write to tmp directory $TMP - exiting"
-    echo "Can't write to tmp directory $TMP - exiting" >&2
-    exit 1
-fi
-
-########################### Ps #########################################
-# platform specific ps
-########################################################################
-Ps()
-{
-    if [ `uname -s` = "SunOS" ]
-    then
-        /usr/5bin/ps -e
-    else
-        ps -e
-    fi
-}
-
-Kill()
-{
-    if [ "$1" = "$$" ]
-    then
-        return
-    fi
-    echo "Killing PID $1"
-    kill $1
-    sleep 1
-    kill -9 $1 2>/dev/null
-}
-
-########################### kill_by_name ################################
-# like killall, only without permissionproblems, kills the process whose 
-# name is given as parameter
-########################################################################
-kill_by_name()
-{
-    echo "Killing all $1"
- 
-    for PID in `Ps | grep "$1" | grep -v grep | \
-        sed -e "s/^[     ]*//g" -e "s/[     ].*//"`
-    do
-        Kill $PID
-    done
-}
-
-kill_the_rest()
-{
-i=0
-while [ $i -lt $1 ]
-do
-    kill_by_name nssqa
-    kill_by_name selfserv
-    kill_by_name strsclnt
-    kill_by_name all.sh
-    kill_by_name sdr.sh
-    kill_by_name ssl.sh
-    kill_by_name smime.sh
-    i=`expr $i + 1`
-done
-}
-
-nt_warning()
-{
-os_name=`uname -s`
-case $os_name in
-    CYGWIN*|WIN*|Win*)
-        echo
-        echo
-        echo
-        echo "Another Windows problem... If you have not already done so"
-        echo "after this script completes, please reboot, and log in as"
-        echo "user svbld again"
-        echo
-        echo
-        echo
-        ;;
-esac
-}
-
-nt_warning
-case $1 in 
-    -all)
-        for w in tommy booboo kentuckyderby galileo shame axilla columbus \
-                 smarch charm hp64 biggayal orville kwyjibo hbombaix raven \
-                 jordan hornet phaedrus louie box dbldog huey washer dryer \
-                 shabadoo trex bummer compaqtor jellyfish sjsu
-        do
-                echo $w
-                ping $w && rsh $w '/u/sonmi/bin/qaclean'
-        done
-
-        ;;
-    ?*)
-        rsh $1 '/u/sonmi/bin/qaclean'
-        exit
-        ;;
-esac
-
-uname -a
-echo
-
-if [ -f ${TMP}/nssqa.* ]
-then
-    echo "nssqa seems to be running ${TMP}/nssqa.*"
-    #cat ${TMP}/nssqa.*
-    NSSQA_PID=`ls ${TMP}/nssqa.* | sed -e 's/[^.]*\.//'`
-    Kill $NSSQA_PID
-    rm ${TMP}/nssqa.*
-fi
-
-kill_the_rest 3
-ls -l ${TMP}/nsstmp.*
-rm ${TMP}/nsstmp.* 2>/dev/null
-rm ${TMP}/certutilout.* 2>/dev/null
-rm ${TMP}/Pk12*
-nt_warning
diff --git a/security/nss/tests/sdr/sdr.sh b/security/nss/tests/sdr/sdr.sh
deleted file mode 100755
index 36c0f40ae..000000000
--- a/security/nss/tests/sdr/sdr.sh
+++ /dev/null
@@ -1,127 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/sdr/sdr.sh
-#
-# Script to start test basic functionallity of NSS sdr
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## sdr_init ################################
-# local shell function to initialize this script
-########################################################################
-sdr_init()
-{
-  SCRIPTNAME=sdr.sh
-  if [ -z "${CLEANUP}" ] ; then
-      CLEANUP="${SCRIPTNAME}"
-  fi
-  
-  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-      cd ../common
-      . ./init.sh
-  fi
-  SCRIPTNAME=sdr.sh
-
-  #temporary files
-  VALUE1=$HOSTDIR/tests.v1.$$
-  VALUE2=$HOSTDIR/tests.v2.$$
-
-  T1="Test1"
-  T2="The quick brown fox jumped over the lazy dog"
-
-  SDRDIR=${HOSTDIR}/SDR
-  D_SDR="SDR.$version"
-  if [ ! -d ${SDRDIR} ]; then
-    mkdir -p ${SDRDIR}
-  fi
-
-  PROFILE=.
-  if [ -n "${MULTIACCESS_DBM}" ]; then
-     PROFILE="multiaccess:${D_SDR}"
-  fi
-
-  cd ${SDRDIR}
-  html_head "SDR Tests"
-}
-
-############################## sdr_main ################################
-# local shell function to test NSS SDR
-########################################################################
-sdr_main()
-{
-  echo "$SCRIPTNAME: Creating an SDR key/Encrypt"
-  echo "sdrtest -d ${PROFILE} -o ${VALUE1} -t Test1"
-  sdrtest -d ${PROFILE} -o ${VALUE1} -t Test1
-  html_msg $? 0 "Creating SDR Key"
-
-  echo "$SCRIPTNAME: SDR Encrypt - Second Value"
-  echo "sdrtest -d ${PROFILE} -o ${VALUE2} -t '${T2}'"
-  sdrtest -d ${PROFILE} -o ${VALUE2} -t "${T2}"
-  html_msg $? 0 "Encrypt - Value 2"
-
-  echo "$SCRIPTNAME: Decrypt - Value 1"
-  echo "sdrtest -d ${PROFILE} -i ${VALUE1} -t Test1"
-  sdrtest -d ${PROFILE} -i ${VALUE1} -t Test1
-  html_msg $? 0 "Decrypt - Value 1"
-
-  echo "$SCRIPTNAME: Decrypt - Value 2"
-  echo "sdrtest -d ${PROFILE} -i ${VALUE2} -t ${T2}"
-  sdrtest -d ${PROFILE} -i ${VALUE2} -t "${T2}"
-  html_msg $? 0 "Decrypt - Value 2"
-}
-
-############################## sdr_cleanup #############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-sdr_cleanup()
-{
-  html "</TABLE><BR>"
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-sdr_init
-sdr_main
-sdr_cleanup
diff --git a/security/nss/tests/set_environment b/security/nss/tests/set_environment
deleted file mode 100644
index 5a3515cca..000000000
--- a/security/nss/tests/set_environment
+++ /dev/null
@@ -1,234 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/set_environment
-#
-# sourced from the header if running from cron to get the full environment
-# to run nssqa    - also used to unify all nssqa environments
-#
-# This is derived from the .cshrc file for the svbld account.  
-#
-########################################################################
-
-if [ -z "$HOME" ] 
-then
-    HOME=/u/svbld
-fi
-if [ -z "$QASCRIPT_DIR" ]
-then
-    QASCRIPT_DIR=`dirname $0`
-fi
-
-os_name=`uname -s`
-if [ "$os_name" != "Windows_95" -a \
-    "$os_name" != "Windows_NT" -a \
-    "$os_name" != "WINNT" -a \
-    "$os_name" != "Windows" -a \
-    "$os_name" != "Windows_98" -a \
-    "$os_name" != "CYGWIN_NT-4.0" -a \
-    "$os_name" != "CYGWIN_NT-5.0" -a \
-    "$os_name" != "CYGWIN_95-4.0" -a \
-    "$os_name" != "CYGWIN_98-4.10" ]
-then
-    PATH=.:$HOME/bin:/tools/ns/bin:/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/dist/local/exe:/usr/bin/X11:/usr/audio/bin:/u/sonmi/bin:$PATH
-    JAVA_HOME="D:/i386/jdk1.2.2"
-    JAVA_HOME14="R:/jdk/1.4.0/WINNT"
-fi
-
-CVSROOT=:pserver:svbld@redcvs.red.iplanet.com:/m/src
-
-os_name=`uname -s`
-os_version=`uname -r`
-#os_p=`uname -p`
-os_full=""
-
-if [ -f /u/svbld/bin/nsarch  ]
-then
-    os_full=`/u/svbld/bin/nsarch -f`    #FIXME
-fi
-
-MANPATH=/usr/share/man:/usr/openwin/man:/usr/local/man
-
-RMAIL=rmail
-BEFORE_CONTEXT_GREP=""
-AFTER_CONTEXT_GREP=""
-
-export CVSROOT HOME os_name os_version os_full MANPATH
-
-
-if [ "$os_name" = "HP-UX" ]
-then
-    PATH=$PATH:/usr/local/bin:/opt/aCC/bin:/usr/local/bin/audio:/tools/ns/bin:/etc:/usr/contrib/bin:/usr/contrib/bin/X11:/usr/local/hpux/bin:/nfs/iapp1/hphome/bin:/etc:/u/svbld/bin/HP/perl/bin
-    JAVA_HOME="/share/builds/components/cms_jdk/HP-UX/1.2.2.04"
-    JAVA_HOME14=$JAVA_HOME
-#    JAVA_HOME="/share/builds/components/cms_jdk/HP-UX/1.3.0.00"
-elif [ "$os_name" = "SunOS" ]
-then
-    NATIVE_FLAG="-native"
-    XAPPLRESDIR=/usr/openwin/lib/app-defaults:/usr/local/lib/X11/app-defaults
-    OPENWINHOME=/usr/openwin
-    LD_LIBRARY_PATH=$OPENWINHOME/lib
-    if [ "$os_full" = "SOLARISx86 2.8" -o "$os_full" = "SOLARISx86 2.9" ] 
-    then
-        #PATH=/usr/ucb:/opt/usr/local/bin:$PATH
-        JAVA_HOME="/usr/java1.2"
-	JAVA_HOME14=/share/builds/components/jdk/1.4.0/SunOS_x86
-        PATH=".:/usr/dist/share/forte_dev_i386,v6.2/SUNWspro/bin:/opt/usr/local/perl5/bin:/opt/SUNWspro/bin:/opt/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/dist/local/exe:/usr/ccs/bin:/usr/ucb/bin:/usr/ucb:/opt/SUNWwabi/bin:/usr/local/bin:/tools/ns/bin:/etc:/tools/contrib/bin"
-    else
-        PATH=/usr/ucb:$PATH
-        JAVA_HOME="/share/builds/components/jdk/1.2.2/SunOS"
-	JAVA_HOME14=/share/builds/components/jdk/1.4.0/SunOS64
-        PATH=/tools/ns/bin:$PATH:/opt/SUNWspro/bin:/usr/bin/X11:/usr/openwin/bin:/usr/openwin/demo
-    
-        if [ "$os_version" = "5.8" -o "$os_version" = "5.7" -o \
-             "$os_version" = "5.9" ]
-        then
-            PATH=$PATH:/usr/dist/pkgs/forte_dev,v6.2/SUNWspro/bin:/tools/ns/workshop/bin
-        else
-            PATH=$PATH:/usr/dist/share/devpro,v5.0/5.x-sparc/bin:/tools/ns/workshop/bin
-        fi
-        PATH=$PATH:/usr/ccs/bin:/usr/ucb/bin:/opt/SUNWwabi/bin:/usr/local/bin:/tools/ns/bin:/etc:/tools/contrib/bin
-     fi
-    export XAPPLRESDIR  OPENWINHOME LD_LIBRARY_PATH
-
-elif [ "$os_name" = "IRIX" ]
-then
-    PATH=$PATH:/tools/ns/bin:/usr/local/bin:/etc:/usr/bsd
-    MANPATH=/tools/ns/man:/usr/local/man
-    JAVA_HOME="/share/builds/components/jdk/1.2.2/IRIX"
-    JAVA_HOME14=$JAVA_HOME
-elif [ "$os_name" = "IRIX64" ]
-then
-    PATH=$PATH:/tools/ns/bin:/usr/local/bin:/etc:/usr/bsd
-    MANPATH=/tools/ns/man:/usr/local/man
-    JAVA_HOME="/share/builds/components/jdk/1.2.2/IRIX"
-    JAVA_HOME14=$JAVA_HOME
-elif [ "$os_name" = "Linux" ]
-then
-    PATH=/lib:/usr/lib:/bin:/sbin:/usr/bin:/usr/sbin:$PATH
-    RMAIL=sendmail
-    #the gnu grep, on Linux can output 10 lines above and 3 lines below 
-    #the errormessage
-    BEFORE_CONTEXT_GREP="--before-context=10"
-    AFTER_CONTEXT_GREP="--after-context=3"
-    JAVA_HOME="/share/builds/components/jdk/1.2.2/Linux"
-    JAVA_HOME14=/share/builds/components/jdk/1.4.0/Linux
-elif [ "$os_name" = "AIX" ]
-then
-    PATH=$PATH:/tools/contrib/bin:/usr/local/bin 
-    TERM=vt100
-    export TERM
-    JAVA_HOME="/share/builds/components/cms_jdk/AIX/1.3.0"
-    JAVA_HOME14=$JAVA_HOME
-elif [ "$os_name" = "OSF1" ]
-then
-    PATH=$PATH:/usr/local/bin
-    JAVA_HOME="/share/builds/components/jdk/1.2.2/OSF1"
-    JAVA_HOME14=$JAVA_HOME
-fi
-
-if [ "$os_name" = "IRIX" ]
-then
-    PATH=/tools/ns-arch/soft/perl-5.004_04/run/default/mips_sgi_irix5.3/bin:$PATH
-elif [ "$os_name" = "IRIX64" ]
-then
-    PATH=/tools/ns-arch/soft/perl-5.004_04/run/default/mips_sgi_irix5.3/bin:$PATH
-fi
-
-O_CYGNUS=OFF
-O_MKS=OFF
-O_WIN=OFF
-
-if [ "$os_name" = "CYGWIN_NT-4.0" -o \
-    "$os_name" = "CYGWIN_NT-5.0" -o \
-    "$os_name" = "CYGWIN_95-4.0" -o \
-    "$os_name" = "CYGWIN_98-4.10" ]
-then
-    #FIXME net use, mount the neccessary pnetwork drives and partitiones first
-    #FIXME - take MKS out of the PATH
-    os_full=$os_name
-    os_name="Windows"
-    O_CYGNUS=ON
-    O_WIN=ON
-    PATH="`dirname $0`:.:/cygdrive/c/cygwin/bin:/cygdrive/z/nstools/bin:/cygdrive/z/nstools/perl5:/cygdrive/z/bin:/cygdrive/c/WINNT/System32:/cygdrive/c/WINNT"
-    RM=/cygdrive/c/cygwin/bin/rm.exe    #FIXME - in case we cant cporrect 
-                                        #these with the PATH alone
-    PATH=`perl $QASCRIPT_DIR/path_uniq "$PATH"`
-    RSH=/cygdrive/c/winnt/system32/rsh
-elif [ "$os_name" = "Windows_95" -o \
-    "$os_name" = "Windows_NT" -o \
-    "$os_name" = "WINNT" -o \
-    "$os_name" = "Windows" -o \
-    "$os_name" = "Windows_98" ]
-then
-    #FIXME net use, mount the neccessary pnetwork drives and partitiones first
-    PATH=`echo $SHELL | sed -e "s/.[kK][sS][Hh].[Ee][Xx][Ee]//g"  \
-				-e "s/.[sS][Hh].[Ee][Xx][Ee]//g"`
-    MOZTOOLS_IN_PATH=NO
-    if [ -n "$MOZ_TOOLS" -a -d  "$MOZ_TOOLS" ] ; then
-        MOZ_TOOLS=`ls -d "$MOZ_TOOLS" | sed -e 's/\\\/\//g'`
-        #echo "MOZ_TOOLS reformated to $MOZ_TOOLS"
-        if [ -d "$MOZ_TOOLS" ] ; then #still exist after reformating?
-            MOZTOOLS_IN_PATH=OK
-        fi
-    fi
-    if [ -n "$MOZTOOLS_IN_PATH" -a "$MOZTOOLS_IN_PATH" = "OK" ] ; then
-        #echo "Use MOZTOOLS in PATH"
-        PATH="$MOZ_TOOLS/bin;$MOZ_TOOLS/perl5;$PATH"
-    elif [ -d Z:/nstools/bin ] ; then
-        PATH="Z:/nstools/bin;Z:/nstools/perl5;$PATH"
-    elif [ -d C:/nstools/bin ] ; then
-        PATH="C:/nstools/bin;C:/nstools/perl5;$PATH"
-    elif [ -d D:/nstools/bin ] ; then
-        PATH="D:/nstools/bin;D:/nstools/perl5;$PATH"
-    elif [ -d D:/i386/nstools/bin ] ; then
-        PATH="D:/i386/nstools/bin;D:/i386/nstools/perl5;$PATH"
-    else
-        echo "FATAL: Can't find nstools"
-        exit
-    fi
-
-    if [  "$os_name" = "Windows_NT" -o \
-        "$os_name" = "WINNT" ]
-    then
-        PATH="${PATH};C:/WINNT/System32;C:/WINNT;.;"
-    fi
-    PATH="`dirname $0`;$PATH"
-    
-    PATH=`perl $QASCRIPT_DIR/path_uniq -d ';' "$PATH"`
-    echo $PATH
-    os_full=$os_name
-    os_name="Windows"
-    O_MKS=ON
-    O_WIN=ON
-    if [ -z $RSH ] ; then 
-        RSH=c:/winnt/system32/rsh
-    fi
-    
-else
-    EDITOR=vi
-    EMACSLOADPATH=/u/svbld/emacs
-    PYTHONPATH=.:/tools/ns/lib/python1.4
-    PAGER=less
-    XMCD_LIBDIR=/usr/local/lib/xmcd
-    DISPLAY=:0.0
-    PATH=`perl $QASCRIPT_DIR/path_uniq "$PATH"`
-    RSH=rsh
-fi
-
-BASEPATH=$PATH    # in  case we we set and reset DIST directories the PATH 
-                # needs to change accordingly
-export PATH EDITOR EMACSLOADPATH PYTHONPATH PAGER XMCD_LIBDIR DISPLAY MANPATH os_full os_name BASEPATH RSH O_WIN
-
-umask 022
-
-system=`uname -n`        # name of this system.
-
-JAVAC=$JAVA_HOME/bin/javac
-JAVA=$JAVA_HOME/bin/java
-JAVAC14=$JAVA_HOME14/bin/javac
-JAVA14=$JAVA_HOME14/bin/java
-#JAVA=$JAVA_HOME/jre/bin/java
-export JAVAC JAVA JAVA_HOME JAVAC14 JAVA_HOME14 JAVA14
-
diff --git a/security/nss/tests/smime/alice.txt b/security/nss/tests/smime/alice.txt
deleted file mode 100644
index 0378db464..000000000
--- a/security/nss/tests/smime/alice.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT)
-From: alice@bogus.com
-Subject: message Alice --> Bob
-To: bob@bogus.com
-
-This is a test message from Alice to Bob.
diff --git a/security/nss/tests/smime/bob.txt b/security/nss/tests/smime/bob.txt
deleted file mode 100644
index 330b2c94d..000000000
--- a/security/nss/tests/smime/bob.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT)
-From: bob@bogus.com
-Subject: message Bob --> Alice
-To: alice@bogus.com
-
-This is a test message from Bob to Alice.
diff --git a/security/nss/tests/smime/smime.sh b/security/nss/tests/smime/smime.sh
deleted file mode 100755
index 64726e558..000000000
--- a/security/nss/tests/smime/smime.sh
+++ /dev/null
@@ -1,198 +0,0 @@
-#! /bin/sh  
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above.  If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/smime/smime.sh
-#
-# Script to test NSS smime
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## smime_init ##############################
-# local shell function to initialize this script
-########################################################################
-smime_init()
-{
-  SCRIPTNAME=smime.sh      # sourced - $0 would point to all.sh
-
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-
-  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-      cd ../common
-      . ./init.sh
-  fi
-  if [ ! -r $CERT_LOG_FILE ]; then  # we need certificates here
-      cd ../cert
-      . ./cert.sh
-  fi
-  SCRIPTNAME=smime.sh
-  html_head "S/MIME Tests"
-
-  grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
-      Exit 11 "Fatal - S/MIME of cert.sh needs to pass first"
-  }
-
-  SMIMEDIR=${HOSTDIR}/smime
-  R_SMIMEDIR=../smime
-  mkdir -p ${SMIMEDIR}
-  cd ${SMIMEDIR}
-  cp ${QADIR}/smime/alice.txt ${SMIMEDIR}
-}
-
-
-############################## smime_main ##############################
-# local shell function to test basic signed and enveloped messages 
-# from 1 --> 2"
-########################################################################
-smime_main()
-{
-
-  echo "$SCRIPTNAME: Signing Attached Message ------------------------------"
-  echo "cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig"
-  cmsutil -S -N Alice -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.sig
-  html_msg $? 0 "Create Signature Alice" "."
-
-  echo "cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1"
-  cmsutil -D -i alice.sig -d ${P_R_BOBDIR} -o alice.data1
-  html_msg $? 0 "Decode Alice's Signature" "."
-
-  echo "diff alice.txt alice.data1"
-  diff alice.txt alice.data1
-  html_msg $? 0 "Compare Decoded Signature and Original" "."
-
-  echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------"
-  echo "cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss \\"
-  echo "        -o alice.env"
-  cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.env
-  html_msg $? 0 "Create Enveloped Data Alice" "."
-
-
-  echo "cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1"
-  cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1
-  html_msg $? 0 "Decode Enveloped Data Alice" "."
-
-  echo "diff alice.txt alice.data1"
-  diff alice.txt alice.data1
-  html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
-
-  # multiple recip
-  echo "$SCRIPTNAME: Testing multiple recipients ------------------------------"
-  echo "cmsutil -E -i alicecc.txt -d ${P_R_ALICEDIR} -o alicecc.env \\"
-  echo "        -r bob@bogus.com,dave@bogus.com"
-  cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \
-          -r bob@bogus.com,dave@bogus.com
-  ret=$?
-  html_msg $ret 0 "Create Multiple Recipients Enveloped Data Alice" "."
-  if [ $ret != 0 ] ; then
-        i=0
-        echo "cp -r ${R_ALICEDIR} ${R_ALICEDIR}.trouble"
-        cp -r ${R_ALICEDIR} ${R_ALICEDIR}.trouble
-        while [ $i -lt 100 ] ; do
-            echo "will attempt to list the certs in the db `expr 100 - $i` more times"
-	    echo "certutil -L -d ${P_R_ALICEDIR}"
-	    certutil -L -d ${P_R_ALICEDIR}
-	    echo "certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com"
-	    certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com
-            sleep 30
-            i=`expr $i + 1`
-        done
-  fi
-
-  echo "cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2"
-  cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2
-  html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Bob" "."
-
-  echo "cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data2"
-  cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3
-  html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Dave" "."
-
-  diff alice.txt alice.data2
-  html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Bob" "."
-
-  diff alice.txt alice.data3
-  html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Dave" "."
-  
-  echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------"
-  echo "cmsutil -O -r \"Alice,bob@bogus.com,dave@bogus.com\" \\"
-  echo "        -d ${P_R_ALICEDIR} > co.der"
-  cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" -d ${P_R_ALICEDIR} > co.der
-  html_msg $? 0 "Create Certs-Only Alice" "."
-
-  echo "cmsutil -D -i co.der -d ${P_R_BOBDIR}"
-  cmsutil -D -i co.der -d ${P_R_BOBDIR}
-  html_msg $? 0 "Verify Certs-Only by CA" "."
-
-  echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------"
-  echo "cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \\"
-  echo "        -r \"bob@bogus.com\" > alice.enc"
-  cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \
-          -r "bob@bogus.com" > alice.enc
-  html_msg $? 0 "Create Encrypted-Data" "."
-
-  echo "cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss \\"
-  echo "        -o alice.data2"
-  cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss -o alice.data2
-  html_msg $? 0 "Decode Encrypted-Data" "."
-
-  diff alice.txt alice.data2
-  html_msg $? 0 "Compare Decoded and Original Data" "."
-}
-  
-############################## smime_cleanup ###########################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-smime_cleanup()
-{
-  html "</TABLE><BR>"
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-################## main #################################################
-
-smime_init
-smime_main
-smime_cleanup
-
diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh
deleted file mode 100755
index 2db98b457..000000000
--- a/security/nss/tests/ssl/ssl.sh
+++ /dev/null
@@ -1,340 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/ssl/ssl.sh
-#
-# Script to test NSS SSL
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## ssl_init ################################
-# local shell function to initialize this script
-########################################################################
-ssl_init()
-{
-  SCRIPTNAME=ssl.sh      # sourced - $0 would point to all.sh
-
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-  
-  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-      cd ../common
-      . ./init.sh
-  fi
-  if [ ! -r $CERT_LOG_FILE ]; then  # we need certificates here
-      cd ../cert
-      . ./cert.sh
-  fi
-  SCRIPTNAME=ssl.sh
-  echo "$SCRIPTNAME: SSL tests ==============================="
-
-  grep "SUCCESS: SSL passed" $CERT_LOG_FILE >/dev/null || {
-      html_head "SSL Test failure"
-      Exit 8 "Fatal - SSL of cert.sh needs to pass first"
-  }
-
-  PORT=${PORT-8443}
-
-  # Test case files
-  SSLCOV=${QADIR}/ssl/sslcov.txt
-  SSLAUTH=${QADIR}/ssl/sslauth.txt
-  SSLSTRESS=${QADIR}/ssl/sslstress.txt
-  REQUEST_FILE=${QADIR}/ssl/sslreq.txt
-
-  #temparary files
-  SERVEROUTFILE=${TMP}/tests_server.$$
-  SERVERPID=${TMP}/tests_pid.$$
-
-  R_SERVERPID=../tests_pid.$$
-
-  TEMPFILES="$TMPFILES ${SERVEROUTFILE}  ${SERVERPID}"
-
-  fileout=0 #FIXME, looks like all.sh tried to turn this on but actually didn't
-  #fileout=1
-  #verbose="-v" #FIXME - see where this is usefull
-
-  USER_NICKNAME=TestUser
-  NORM_EXT=""
-
-  cd ${CLIENTDIR}
-}
-
-########################### is_selfserv_alive ##########################
-# local shell function to exit with a fatal error if selfserver is not
-# running
-########################################################################
-is_selfserv_alive()
-{
-  if [ ! -f "${SERVERPID}" ]; then
-      echo "$SCRIPTNAME: Error - selfserv PID file ${SERVERPID} doesn't exist"
-      sleep 5
-      if [ ! -f "${SERVERPID}" ]; then
-          Exit 9 "Fatal - selfserv pid file ${SERVERPID} does not exist"
-      fi
-  fi
-  PID=`cat ${SERVERPID}`
-  #if  [ "${OS_ARCH}" = "Linux" ]; then
-      kill -0 $PID >/dev/null 2>/dev/null || Exit 10 "Fatal - selfserv process not detectable"
-  #else
-      #$PS -e | grep $PID >/dev/null || \
-          #Exit 10 "Fatal - selfserv process not detectable"
-  #fi
-}
-
-########################### wait_for_selfserv ##########################
-# local shell function to wait until selfserver is running and initialized
-########################################################################
-wait_for_selfserv()
-{
-  echo "tstclnt -p ${PORT} -h ${HOST} -q "
-  echo "        -d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \\"
-  #echo "tstclnt -q started at `date`"
-  tstclnt -p ${PORT} -h ${HOST} -q -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}
-  if [ $? -ne 0 ]; then
-      html_failed "<TR><TD> Wait for Server "
-      echo "RETRY: tstclnt -p ${PORT} -h ${HOST} -q \\"
-      echo "               -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}"
-      tstclnt -p ${PORT} -h ${HOST} -q -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}
-  elif [ sparam = "-c ABCDEFabcdefghijklmnvy" ] ; then # "$1" = "cov" ] ; then
-      html_passed "<TR><TD> Wait for Server"
-  fi
-  is_selfserv_alive
-}
-
-########################### kill_selfserv ##############################
-# local shell function to kill the selfserver after the tests are done
-########################################################################
-kill_selfserv()
-{
-  ${KILL} `cat ${SERVERPID}`
-  wait `cat ${SERVERPID}`
-  if [ ${fileout} -eq 1 ]; then
-      cat ${SERVEROUTFILE}
-  fi
-  ${SLEEP}  #FIXME linux waits 30 seconds - find a shorter way (sockets free)
-  rm ${SERVERPID}
-}
-
-########################### start_selfserv #############################
-# local shell function to start the selfserver with the parameters required 
-# for this test and log information (parameters, start time)
-# also: wait until the server is up and running
-########################################################################
-start_selfserv()
-{
-  if [ -n "$testname" ] ; then
-      echo "$SCRIPTNAME: $testname ----"
-  fi
-  sparam=`echo $sparam | sed -e 's;_; ;g'`
-  echo "selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} \\"
-  echo "         -w nss ${sparam} -i ${R_SERVERPID} $verbose &"
-  echo "selfserv started at `date`"
-  if [ ${fileout} -eq 1 ]; then
-      selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} \
-               -w nss ${sparam} -i ${R_SERVERPID} $verbose \
-               > ${SERVEROUTFILE} 2>&1 &
-  else
-      selfserv -D -p ${PORT} -d ${P_R_SERVERDIR} -n ${HOSTADDR} \
-               -w nss ${sparam} -i ${R_SERVERPID} $verbose &
-  fi
-  wait_for_selfserv
-}
-
-############################## ssl_cov #################################
-# local shell function to perform SSL Cipher Coverage tests
-########################################################################
-ssl_cov()
-{
-  html_head "SSL Cipher Coverage $NORM_EXT"
-
-  testname=""
-  sparam="-c ABCDEFabcdefghijklmnvy"
-  start_selfserv # Launch the server
-               
-  p=""
-
-  cat ${SSLCOV} | while read tls param testname
-  do
-      p=`echo "$testname" | sed -e "s/ .*//"`   #sonmi, only run extended test on SSL3 and TLS
-      
-      if [ "$p" = "SSL2" -a "$NORM_EXT" = "Extended test" ] ; then
-          echo "$SCRIPTNAME: skipping  $testname for $NORM_EXT"
-      elif [ "$tls" != "#" ] ; then
-          echo "$SCRIPTNAME: running $testname ----------------------------"
-          TLS_FLAG=-T
-          if [ $tls = "TLS" ]; then
-              TLS_FLAG=""
-          fi
-          sparam=""
-          if [ ${param} = "i" ]; then
-              sparam='-c i'
-          fi
-
-          is_selfserv_alive
-          echo "tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} \\"
-          echo "        -f -d ${P_R_CLIENTDIR} < ${REQUEST_FILE}"
-
-          rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
-          tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} -f \
-                  -d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \
-                  >${TMP}/$HOST.tmp.$$  2>&1
-          ret=$?
-          cat ${TMP}/$HOST.tmp.$$ 
-          rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
-          html_msg $ret 0 "${testname}"
-      fi
-  done
-
-  kill_selfserv
-  html "</TABLE><BR>"
-}
-
-############################## ssl_auth ################################
-# local shell function to perform SSL  Client Authentication tests
-########################################################################
-ssl_auth()
-{
-  html_head "SSL Client Authentication $NORM_EXT"
-
-  cat ${SSLAUTH} | while read value sparam cparam testname
-  do
-      if [ $value != "#" ]; then
-          cparam=`echo $cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" `
-          start_selfserv
-
-          echo "tstclnt -p ${PORT} -h ${HOST} -f -d ${P_R_CLIENTDIR} \\"
-	  echo "        ${cparam}  < ${REQUEST_FILE}"
-          rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
-          tstclnt -p ${PORT} -h ${HOST} -f ${cparam} \
-                  -d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \
-                  >${TMP}/$HOST.tmp.$$  2>&1
-          ret=$?
-          cat ${TMP}/$HOST.tmp.$$ 
-          rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
-
-          html_msg $ret $value "${testname}" \
-                   "produced a returncode of $ret, expected is $value"
-          kill_selfserv
-      fi
-  done
-
-  html "</TABLE><BR>"
-}
-
-
-############################## ssl_stress ##############################
-# local shell function to perform SSL stress test
-########################################################################
-ssl_stress()
-{
-  html_head "SSL Stress Test $NORM_EXT"
-
-  cat ${SSLSTRESS} | while read value sparam cparam testname
-  do
-      p=`echo "$testname" | sed -e "s/Stress //" -e "s/ .*//"`   #sonmi, only run extended test on SSL3 and TLS
-      if [ "$p" = "SSL2" -a "$NORM_EXT" = "Extended test" ] ; then
-          echo "$SCRIPTNAME: skipping  $testname for $NORM_EXT"
-      elif [ $value != "#" ]; then
-          cparam=`echo $cparam | sed -e 's;_; ;g'`
-          start_selfserv
-          if [ `uname -n` = "sjsu" ] ; then
-              echo "debugging disapering selfserv... ps -ef | grep selfserv"
-              ps -ef | grep selfserv
-          fi
-
-          echo "strsclnt -q -p ${PORT} -d ${P_R_CLIENTDIR} -w nss $cparam \\"
-          echo "         $verbose ${HOSTADDR}"
-          echo "strsclnt started at `date`"
-          strsclnt -q -p ${PORT} -d ${P_R_CLIENTDIR} -w nss $cparam \
-                   $verbose ${HOSTADDR}
-          ret=$?
-          echo "strsclnt completed at `date`"
-          html_msg $ret $value "${testname}"
-          if [ `uname -n` = "sjsu" ] ; then
-              echo "debugging disapering selfserv... ps -ef | grep selfserv"
-              ps -ef | grep selfserv
-          fi
-          kill_selfserv
-      fi
-  done
-
-  html "</TABLE><BR>"
-}
-
-
-############################## ssl_cleanup #############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-ssl_cleanup()
-{
-  rm $SERVERPID 2>/dev/null
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-################## main #################################################
-
-#this script may be sourced from the distributed stress test - in this case do nothing...
-
-if [ -z  "$DO_REM_ST" -a -z  "$DO_DIST_ST" ] ; then
-    ssl_init
-    ssl_cov
-    ssl_auth
-    ssl_stress
-
-    SERVERDIR=$EXT_SERVERDIR
-    CLIENTDIR=$EXT_CLIENTDIR
-    R_SERVERDIR=$R_EXT_SERVERDIR
-    R_CLIENTDIR=$R_EXT_CLIENTDIR
-    P_R_SERVERDIR=$P_R_EXT_SERVERDIR
-    P_R_CLIENTDIR=$P_R_EXT_CLIENTDIR
-    USER_NICKNAME=ExtendedSSLUser
-    NORM_EXT="Extended test"
-    cd ${CLIENTDIR}
-    ssl_cov
-    ssl_auth
-    ssl_stress
-    ssl_cleanup
-fi
diff --git a/security/nss/tests/ssl/ssl_dist_stress.sh b/security/nss/tests/ssl/ssl_dist_stress.sh
deleted file mode 100755
index e9b328e4b..000000000
--- a/security/nss/tests/ssl/ssl_dist_stress.sh
+++ /dev/null
@@ -1,344 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/ssl/ssl_dist_stress.sh
-#
-# Script to test NSS SSL - distributed stresstest - this script needs to 
-# source the regular ssl.sh (for shellfunctions, certs and variables 
-# initialisation)
-# create certs
-# start server
-# start itself via rsh on different systems to connect back to the server
-# 
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-# FIXME _ don't know yet how long to wait until the server needs to be killed
-# especially on NT
-#
-########################################################################
-
-############################## ssl_ds_init #############################
-# local shell function to initialize this script
-########################################################################
-ssl_ds_init()
-{
-  if [ -z "$GLOB_MIN_CERT" ] ; then
-      GLOB_MIN_CERT=0
-  fi
-  if [ -z "$GLOB_MAX_CERT" ] ; then
-      GLOB_MAX_CERT=200
-  fi
-  IP_PARAM=""
-  CD_QADIR_SSL=""
-
-
-  if [ -n "$1" ] ; then
-      ssl_ds_eval_opts $*
-  fi
-  SCRIPTNAME=ssl_dist_stress.sh      # sourced - $0 would point to all.sh
-
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-  
-  ssl_init  # let some other script do the hard work (initialize, generate certs, ...
-
-  SCRIPTNAME=ssl_dist_stress.sh
-  echo "$SCRIPTNAME: SSL distributed stress tests ==============================="
-
-}
-
-######################### ssl_ds_usage #################################
-# local shell function to explain the usage
-########################################################################
-ssl_ds_usage()
-{
-  echo "Usage: `basename $1`"
-  echo "        -host hostname "
-  echo "           ...host who runs the server, for distributed stress test"
-  echo "        -stress "
-  echo "           ...runs the server sider of the distributed stress test"
-  echo "        -dir unixdirectory "
-  echo "           ...lets the server side of the distributed stress test"
-  echo "              know where to find the scritp to start on the remote side"
-  echo "        -certnum start-end"
-  echo "           ... provides the range of certs for distributed stress test"
-  echo "               for example -certnum 10-20 will connect 10 times"
-  echo "               no blanks in the range string (not 10 - 20)"
-  echo "               valid range ${GLOB_MIN_CERT}-${GLOB_MAX_CERT}"
-  echo "        -? ...prints this text"
-  exit 1 #does not need to be Exit, very early in script
-}
-
-######################### ssl_ds_eval_opts #############################
-# local shell function to deal with options and parameters
-########################################################################
-ssl_ds_eval_opts()
-{
-    #use $0 not $SCRIPTNAM<E, too early, SCRIPTNAME not yet set
-
-  while [ -n "$1" ]
-  do
-    case $1 in
-        -host)
-            BUILD_OPT=1
-            export BUILD_OPT
-            DO_REM_ST="TRUE"
-            shift
-            SERVERHOST=$1
-            HOST=$1
-            if [ -z $SERVERHOST ] ; then
-                echo "$0 `uname -n`: -host requires hostname"
-                ssl_ds_usage
-            fi
-            echo "$0 `uname -n`: host $HOST ($1)"
-            ;;
-        -certn*)
-            shift
-            rangeOK=`echo $1  | sed -e 's/[0-9][0-9]*-[0-9][0-9]*/OK/'`
-            MIN_CERT=`echo $1 | sed -e 's/-[0-9][0-9]*//' -e 's/^00*//'`
-            MAX_CERT=`echo $1 | sed -e 's/[0-9][0-9]*-//' -e 's/^00*//'`
-            if [ -z "$rangeOK" -o "$rangeOK" != "OK" -o \
-                         -z "$MIN_CERT" -o -z "$MAX_CERT" -o \
-                        "$MIN_CERT" -gt "$MAX_CERT" -o \
-                        "$MIN_CERT" -lt "$GLOB_MIN_CERT" -o \
-                        "$MAX_CERT" -gt "$GLOB_MAX_CERT" ] ; then
-                echo "$0 `uname -n`: -certn range not valid"
-                ssl_ds_usage
-            fi
-            echo "$0 `uname -n`: will use certs from $MIN_CERT to $MAX_CERT"
-            ;;
-        -server|-stress|-dist*st*)
-            BUILD_OPT=1
-            export BUILD_OPT
-            DO_DIST_ST="TRUE"
-            ;;
-        -dir|-unixdir|-uxdir|-qadir)
-            shift
-            UX_DIR=$1
-	    #FIXME - we need a default unixdir
-            if [ -z "$UX_DIR" ] ; then # -o ! -d "$UX_DIR" ] ; then can't do, Win doesn't know...
-                echo "$0 `uname -n`: -dir requires directoryname "
-                ssl_ds_usage
-            fi
-            CD_QADIR_SSL="cd $UX_DIR"
-            ;;
-        -ip*)
-            shift
-            IP_ADDRESS=$1
-            if [ -z "$IP_ADDRESS" ] ; then
-                echo "$0 `uname -n`: -ip requires ip-address "
-                ssl_ds_usage
-            fi
-            USE_IP=TRUE
-            IP_PARAM="-ip $IP_ADDRESS"
-            ;;
-        -h|-help|"-?"|*)
-            ssl_ds_usage
-            ;;
-    esac
-    shift
-  done
-}
-
-############################## ssl_ds_rem_stress #######################
-# local shell function to perform the client part of the SSL stress test
-########################################################################
-
-ssl_ds_rem_stress()
-{
-  testname="SSL remote part of Stress test (`uname -n`)"
-  echo "$SCRIPTNAME `uname -n`: $testname"
-
-  #cp -r "${CLIENTDIR}" /tmp/ssl_ds.$$ #FIXME
-  #cd /tmp/ssl_ds.$$
-  #verbose="-v"
-
-  cd ${CLIENTDIR}
-
-  CONTINUE=$MAX_CERT
-  while [ $CONTINUE -ge $MIN_CERT ]
-  do
-      echo "strsclnt -D -p ${PORT} -d ${P_R_CLIENTDIR} -w nss -c 1 $verbose  "
-      echo "         -n TestUser$CONTINUE ${HOSTADDR} #`uname -n`"
-      strsclnt -D -p ${PORT} -d . -w nss -c 1 $verbose  \
-               -n "TestUser$CONTINUE" ${HOSTADDR} &
-               #${HOSTADDR} &
-      CONTINUE=`expr $CONTINUE - 1 `
-      #sleep 4 #give process time to start up
-  done
-
-  html_msg 0 0 "${testname}" #FIXME
-}
-
-######################### ssl_ds_dist_stress ###########################
-# local shell function to perform the server part of the new, distributed 
-# SSL stress test
-########################################################################
-
-ssl_ds_dist_stress()
-{
-  max_clientlist=" 
-               box-200
-               washer-200
-               dryer-200
-               hornet-50
-               shabadoo-50
-               y2sun2-10
-               galileo-10
-               shame-10
-               axilla-10
-               columbus-10
-               smarch-10
-               nugget-10
-               charm-10
-               hp64-10
-               biggayal-10
-               orville-10
-               kwyjibo-10
-               hbombaix-10
-               raven-10
-               jordan-10
-               phaedrus-10
-               louie-10
-               trex-10
-               compaqtor-10"
-
-  #clientlist=" huey-2 dewey-2 hornet-2 shabadoo-2" #FIXME ADJUST
-  clientlist="  box-200 washer-200 huey-200 dewey-200 hornet-200 shabadoo-200 louie-200"
-  #clientlist="  box-2 huey-2 "
-  #clientlist="washer-200 huey-200 dewey-200 hornet-200 "
-
-  html_head "SSL Distributed Stress Test"
-
-  testname="SSL distributed Stress test"
-
-  echo cd "${CLIENTDIR}"
-  cd "${CLIENTDIR}"
-  if [ -z "CD_QADIR_SSL" ] ; then
-      CD_QADIR_SSL="cd $QADIR/ssl"
-  else
-      cp -r $HOSTDIR $HOSTDIR/../../../../../booboo_Solaris8/mozilla/tests_results/security
-  fi
-
-  #sparam=" -t 128 -D -r "
-  sparam=" -t 16 -D -r -r -y "
-  start_selfserv
-
-  for c in $clientlist
-  do
-      client=`echo $c | sed -e "s/-.*//"`
-      number=`echo $c | sed -e "s/.*-//"`
-      CLIENT_OK="TRUE"
-      echo $client
-      ping $client >/dev/null || CLIENT_OK="FALSE"
-      if [ "$CLIENT_OK" = "FALSE" ] ; then
-          echo "$SCRIPTNAME `uname -n`: $client can't be reached - skipping"
-      else
-          get_certrange $number
-          echo "$SCRIPTNAME `uname -n`: $RSH $client -l svbld \\ "
-          echo "       \" $CD_QADIR_SSL ;ssl_dist_stress.sh \\"
-          echo "            -host $HOST -certnum $CERTRANGE $IP_PARAM \" "
-          $RSH $client -l svbld \
-               " $CD_QADIR_SSL;ssl_dist_stress.sh -host $HOST -certnum $CERTRANGE $IP_PARAM " &
-      fi
-  done
-
-  echo cd "${CLIENTDIR}"
-  cd "${CLIENTDIR}"
-
-  sleep 500 # give the clients time to finish #FIXME ADJUST
- 
-  echo "GET /stop HTTP/1.0\n\n" > stdin.txt #check to make sure it has /r/n
-  echo "tstclnt -h $HOSTADDR -p  8443 -d ${P_R_CLIENTDIR} -n TestUser0 "
-  echo "        -w nss -f < stdin.txt"
-  tstclnt -h $HOSTADDR -p  8443 -d ${P_R_CLIENTDIR} -n TestUser0 \
-	  -w nss -f < stdin.txt
-  
-  html_msg 0 0 "${testname}"
-  html "</TABLE><BR>"
-}
-
-############################ get_certrange #############################
-# local shell function to find the range of certs that the next remote 
-# client is supposed to use (only for server side of the dist stress test
-########################################################################
-get_certrange()
-{
-  rangeOK=`echo $1  | sed -e 's/[0-9][0-9]*/OK/'`
-  if [ -z "$rangeOK" -o "$rangeOK" != "OK" -o $1 = "OK" ] ; then
-      range=10
-      echo "$SCRIPTNAME `uname -n`: $1 is not a valid number of certs "
-      echo "        defaulting to 10 for $client"
-  else
-      range=$1
-      if [ $range -gt $GLOB_MAX_CERT ] ; then
-          range=$GLOB_MAX_CERT
-      fi
-  fi
-  if [ -z "$FROM_CERT" ] ; then    # start new on top of the cert stack
-      FROM_CERT=$GLOB_MAX_CERT
-  elif [ `expr $FROM_CERT - $range + 1 ` -lt  0 ] ; then 
-          FROM_CERT=$GLOB_MAX_CERT # dont let it fall below 0 on the TO_CERT
-
-  fi
-  TO_CERT=`expr $FROM_CERT - $range + 1 `
-  if [ $TO_CERT -lt 0 ] ; then     # it's not that I'm bad in math, I just 
-      TO_CERT=0                    # don't trust expr...
-  fi
-  CERTRANGE="${TO_CERT}-${FROM_CERT}"
-  FROM_CERT=`expr ${TO_CERT} - 1 ` #start the next  client one below 
-}
-
-
-################## main #################################################
-
-DO_DIST_ST="TRUE"
-. ./ssl.sh
-ssl_ds_init $*
-if [ -n  "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
-    ssl_ds_rem_stress
-    exit 0 #no cleanup on purpose
-elif [ -n  "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
-    ssl_ds_dist_stress
-fi
-ssl_cleanup
diff --git a/security/nss/tests/ssl/sslauth.txt b/security/nss/tests/ssl/sslauth.txt
deleted file mode 100644
index 173312774..000000000
--- a/security/nss/tests/ssl/sslauth.txt
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# This file defines the tests for client auth.
-#
-# expected
-#  return  server     client                         Test Case name
-#   value  params     params
-#  ------  ------     ------                         ---------------
-     0       -r           -w_nss                   TLS Request don't require client auth (client does not provide auth)
-     0       -r           -w_bogus_-n_TestUser     TLS Request don't require client auth (bad password)
-     0       -r           -w_nss_-n_TestUser       TLS Request don't require client auth (client auth)
-     0       -r_-r        -w_nss                   TLS Require client auth (client does not provide auth)
-    254      -r_-r        -w_bogus_-n_TestUser     TLS Require client auth (bad password)
-     0       -r_-r        -w_nss_-n_TestUser_      TLS Require client auth (client auth)
-     0       -r           -T_-w_nss                SSL3 Request don't require client auth (client does not provide auth)
-     0       -r           -T_-n_TestUser_-w_bogus  SSL3 Request don't require client auth (bad password)
-     0       -r           -T_-n_TestUser_-w_nss    SSL3 Request don't require client auth (client auth)
-     0       -r_-r        -T_-w_nss                SSL3 Require client auth (client does not provide auth)
-    254      -r_-r        -T_-n_TestUser_-w_bogus  SSL3 Require client auth (bad password)
-     0       -r_-r        -T_-n_TestUser_-w_nss    SSL3 Require client auth (client auth)
-     0       -r_-r_-r     -w_nss                   TLS Request don't require client auth on 2nd hs (client does not provide auth)
-     0       -r_-r_-r     -w_bogus_-n_TestUser     TLS Request don't require client auth on 2nd hs (bad password)
-     0       -r_-r_-r     -w_nss_-n_TestUser       TLS Request don't require client auth on 2nd hs (client auth)
-     0       -r_-r_-r_-r  -w_nss                   TLS Require client auth on 2nd hs (client does not provide auth)
-     1       -r_-r_-r_-r  -w_bogus_-n_TestUser     TLS Require client auth on 2nd hs (bad password)
-     0       -r_-r_-r_-r  -w_nss_-n_TestUser_      TLS Require client auth on 2nd hs (client auth)
-     0       -r_-r_-r     -T_-w_nss                SSL3 Request don't require client auth on 2nd hs (client does not provide auth)
-     0       -r_-r_-r     -T_-n_TestUser_-w_bogus  SSL3 Request don't require client auth on 2nd hs (bad password)
-     0       -r_-r_-r     -T_-n_TestUser_-w_nss    SSL3 Request don't require client auth on 2nd hs (client auth)
-     0       -r_-r_-r_-r  -T_-w_nss                SSL3 Require client auth on 2nd hs (client does not provide auth)
-     1       -r_-r_-r_-r  -T_-n_TestUser_-w_bogus  SSL3 Require client auth on 2nd hs (bad password)
-     0       -r_-r_-r_-r  -T_-n_TestUser_-w_nss    SSL3 Require client auth on 2nd hs (client auth)
diff --git a/security/nss/tests/ssl/sslcov.txt b/security/nss/tests/ssl/sslcov.txt
deleted file mode 100644
index e60e06d28..000000000
--- a/security/nss/tests/ssl/sslcov.txt
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# This file enables test coverage of the various SSL ciphers
-#
-# NOTE: SSL2 ciphers are independent of whether TLS is enabled or not. We
-# mix up the enable functions so we can tests boths paths.
-#
-# Enable Cipher Test Name 
-#  TLS
-#
-  noTLS   A    SSL2 RC4 128 WITH MD5
-   TLS    B    SSL2 RC4 128 EXPORT40 WITH MD5
-   TLS    C    SSL2 RC2 128 CBC WITH MD5
-  noTLS   D    SSL2 RC2 128 CBC EXPORT40 WITH MD5
-   TLS    E    SSL2 DES 64 CBC WITH MD5
-  noTLS   F    SSL2 DES 192 EDE3 CBC WITH MD5
-  noTLS   c    SSL3 RSA WITH RC4 128 MD5
-  noTLS   d    SSL3 RSA WITH 3DES EDE CBC SHA
-  noTLS   e    SSL3 RSA WITH DES CBC SHA
-  noTLS   f    SSL3 RSA EXPORT WITH RC4 40 MD5
-  noTLS   g    SSL3 RSA EXPORT WITH RC2 CBC 40 MD5
-  noTLS   j    SSL3 RSA FIPS WITH 3DES EDE CBC SHA
-  noTLS   k    SSL3 RSA FIPS WITH DES CBC SHA
-  noTLS   l    SSL3 RSA EXPORT WITH DES CBC SHA   (new)
-  noTLS   m    SSL3 RSA EXPORT WITH RC4 56 SHA    (new)
-   TLS    c    TLS RSA WITH RC4 128 MD5
-   TLS    d    TLS RSA WITH 3DES EDE CBC SHA
-   TLS    e    TLS RSA WITH DES CBC SHA
-   TLS    f    TLS RSA EXPORT WITH RC4 40 MD5
-   TLS    g    TLS RSA EXPORT WITH RC2 CBC 40 MD5
-   TLS    j    TLS RSA FIPS WITH 3DES EDE CBC SHA
-   TLS    k    TLS RSA FIPS WITH DES CBC SHA
-   TLS    l    TLS RSA EXPORT WITH DES CBC SHA   (new)
-   TLS    m    TLS RSA EXPORT WITH RC4 56 SHA    (new)
-# The NULL ciphers have to be last because we need to restart selfserve
-# (NULL is not enabled by default)
-   TLS    i    TLS RSA WITH NULL MD5
-  noTLS   i    SSL3 RSA WITH NULL MD5
-# added on nelson's request
-   TLS    n    TLS RSA WITH RC4 128 SHA
-  noTLS   n    SSL3 RSA WITH RC4 128 SHA
-   TLS    v    TLS RSA WITH AES 128 CBC SHA
-  noTLS   v    SSL3 RSA WITH AES 128 CBC SHA
-   TLS    y    TLS RSA WITH AES 256 CBC SHA
-  noTLS   y    SSL3 RSA WITH AES 256 CBC SHA
diff --git a/security/nss/tests/ssl/sslreq.txt b/security/nss/tests/ssl/sslreq.txt
deleted file mode 100644
index 16a750fbf..000000000
--- a/security/nss/tests/ssl/sslreq.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-GET / HTTP/1.0
-
-
diff --git a/security/nss/tests/ssl/sslstress.txt b/security/nss/tests/ssl/sslstress.txt
deleted file mode 100644
index ad3ecd03d..000000000
--- a/security/nss/tests/ssl/sslstress.txt
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# This file defines the tests for client auth.
-#
-# expected
-#  return  server     client                         Test Case name
-#   value  params     params
-#  ------  ------     ------                         ---------------
-     0      _     -c_1000_-C_A             Stress SSL2 RC4 128 with MD5
-     0      _     -c_1000_-C_c             Stress SSL3 RC4 128 with MD5
-     0      _     -c_1000_-C_c             Stress TLS  RC4 128 with MD5
-#
-# add client auth versions here...
-#
-#     0       -r  -w_bogus_-n_"Test_User"     TLS Request don't require client auth (bad password)
diff --git a/security/nss/tests/tools/sign.html b/security/nss/tests/tools/sign.html
deleted file mode 100644
index b85d51571..000000000
--- a/security/nss/tests/tools/sign.html
+++ /dev/null
@@ -1,5 +0,0 @@
-<html>
-<body>
-Sign this javascriptless page.
-</body>
-</html>
diff --git a/security/nss/tests/tools/signjs.html b/security/nss/tests/tools/signjs.html
deleted file mode 100644
index f073131ed..000000000
--- a/security/nss/tests/tools/signjs.html
+++ /dev/null
@@ -1,8 +0,0 @@
-<html>
-<body>
-<script language="JavaScript">
-document.write("<h3>Sign this javascript</h3>");
-</script>
-Here's some plain content.
-</body>
-</html>
diff --git a/security/nss/tests/tools/tools.sh b/security/nss/tests/tools/tools.sh
deleted file mode 100644
index b301fc72b..000000000
--- a/security/nss/tests/tools/tools.sh
+++ /dev/null
@@ -1,189 +0,0 @@
-#! /bin/sh  
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-# 
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-# 
-# The Original Code is the Netscape security libraries.
-# 
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation.  Portions created by Netscape are 
-# Copyright (C) 1994-2000 Netscape Communications Corporation.  All
-# Rights Reserved.
-# 
-# Contributor(s):
-# 
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable 
-# instead of those above.  If you wish to allow use of your 
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL.  If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/tools/tools.sh
-#
-# Script to test basic functionallity of NSS tools 
-#
-# needs to work on all Unix and Windows platforms
-#
-# tests implemented:
-#    pk12util
-#    signtool
-#
-# special strings
-# ---------------
-#   FIXME ... known problems, search for this string
-#   NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## tools_init ##############################
-# local shell function to initialize this script 
-########################################################################
-tools_init()
-{
-  SCRIPTNAME=tools.sh      # sourced - $0 would point to all.sh
-
-  if [ -z "${CLEANUP}" ] ; then     # if nobody else is responsible for
-      CLEANUP="${SCRIPTNAME}"       # cleaning this script will do it
-  fi
-
-  if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-      cd ../common
-      . ./init.sh
-  fi
-  if [ ! -r $CERT_LOG_FILE ]; then  # we need certificates here
-      cd ../cert
-      . ./cert.sh
-  fi
-  SCRIPTNAME=tools.sh
-  html_head "Tools Tests"
-
-  grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
-      Exit 15 "Fatal - S/MIME of cert.sh needs to pass first"
-  }
-
-  TOOLSDIR=${HOSTDIR}/tools
-  COPYDIR=${TOOLSDIR}/copydir
-
-  R_TOOLSDIR=../tools
-  R_COPYDIR=../tools/copydir
-  P_R_COPYDIR=${R_COPYDIR}
-  if [ -n "${MULTIACCESS_DBM}" ]; then
-    P_R_COPYDIR="multiaccess:Tools.$version"
-  fi
-
-  mkdir -p ${TOOLSDIR}
-  mkdir -p ${COPYDIR}
-  mkdir -p ${TOOLSDIR}/html
-  cp ${QADIR}/tools/sign*.html ${TOOLSDIR}/html
-
-  cd ${TOOLSDIR}
-}
-
-############################## tools_p12 ###############################
-# local shell function to test basic functionality of pk12util
-########################################################################
-tools_p12()
-{
-  echo "$SCRIPTNAME: Exporting Alice's email cert & key------------------"
-  echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \\"
-  echo "         -w ${R_PWFILE}"
-  pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \
-           -w ${R_PWFILE} 2>&1 
-  ret=$?
-  html_msg $ret 0 "Exporting Alice's email cert & key (pk12util -o)"
-  check_tmpfile
-
-  echo "$SCRIPTNAME: Importing Alice's email cert & key -----------------"
-  echo "pk12util -i Alice.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
-  pk12util -i Alice.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
-  ret=$?
-  html_msg $ret 0 "Importing Alice's email cert & key (pk12util -i)"
-  check_tmpfile
-}
-
-############################## tools_sign ##############################
-# local shell function pk12util uses a hardcoded tmp file, if this exists
-# and is owned by another user we don't get reasonable errormessages 
-########################################################################
-check_tmpfile()
-{
-  if [ $ret != "0" -a -f /tmp/Pk12uTemp ] ; then
-      echo "Error: pk12util temp file exists. Please remove this file and"
-      echo "       rerun the test (/tmp/Pk12uTemp) "
-  fi
-}
-
-############################## tools_sign ##############################
-# local shell function to test basic functionality of signtool
-########################################################################
-tools_sign()
-{
-  echo "$SCRIPTNAME: Create objsign cert -------------------------------"
-  echo "signtool -G \"objectsigner\" -d ${P_R_ALICEDIR} -p \"nss\""
-  signtool -G "objsigner" -d ${P_R_ALICEDIR} -p "nss" 2>&1 <<SIGNSCRIPT
-y
-TEST
-MOZ
-NSS
-NY
-US
-liz
-liz@moz.org
-SIGNSCRIPT
-  html_msg $? 0 "Create objsign cert (signtool -G)"
-
-  echo "$SCRIPTNAME: Signing a set of files ----------------------------"
-  echo "signtool -Z nojs.jar -d ${P_R_ALICEDIR} -p \"nss\" -k objsigner \\"
-  echo "         ${R_TOOLSDIR}/html"
-  signtool -Z nojs.jar -d ${P_R_ALICEDIR} -p "nss" -k objsigner \
-           ${R_TOOLSDIR}/html
-  html_msg $? 0 "Signing a set of files (signtool -Z)"
-
-  echo "$SCRIPTNAME: Listing signed files in jar ----------------------"
-  echo "signtool -v nojs.jar -d ${P_R_ALICEDIR} -p nss -k objsigner"
-  signtool -v nojs.jar -d ${P_R_ALICEDIR} -p nss -k objsigner
-  html_msg $? 0 "Listing signed files in jar (signtool -v)"
-  
-  echo "$SCRIPTNAME: Show who signed jar ------------------------------"
-  echo "signtool -w nojs.jar -d ${P_R_ALICEDIR}"
-  signtool -w nojs.jar -d ${P_R_ALICEDIR}
-  html_msg $? 0 "Show who signed jar (signtool -w)"
-}
-
-############################## tools_cleanup ###########################
-# local shell function to finish this script (no exit since it might be 
-# sourced)
-########################################################################
-tools_cleanup()
-{
-  html "</TABLE><BR>"
-  cd ${QADIR}
-  . common/cleanup.sh
-}
-
-################## main #################################################
-
-tools_init
-
-tools_p12
-
-tools_sign
-tools_cleanup
-
-
diff --git a/security/nss/trademarks.txt b/security/nss/trademarks.txt
deleted file mode 100755
index 6d1819b6e..000000000
--- a/security/nss/trademarks.txt
+++ /dev/null
@@ -1,130 +0,0 @@
-The follow may be trademarked by their respective organizations.
-
-3DES            Triple Data Encryption Standard
-AIX
-ANSI            American National Standards Institute
-ASCII           American Standard Code for Information Interchange
-ASN.1           Abstract Syntax Notation 1
-BATON
-BER             Basic Encoding Rules
-BMP             Basic Multilingual Plane
-British Telecom
-CAST
-CAST128
-CAST3
-CAST5
-CCITT           Comité Consultatif International Téléphonique et Télégraphique
-CDMF
-CER             Canonical Encoding Rules
-CRMF            Certificate Request Message Format
-ctags           ctags(1)
-Columbia University
-Cryptoki
-DER             Distinguished Encoding Rules
-DES             Data Encryption Standard
-DES2            Data Encryption Standard (2 key)
-DES3            Data Encryption Standard (3 key / triple)
-DH              Diffie-Hellman
-DICOM
-DLL             Dynamically Loadable Library
-DSA             Digital Signature Algorithm
-Department of Defense
-E.163-4
-ECDSA
-ECMA            European Computers Manufacturing Association
-EDI             Electronic Data Interchange
-emacs           emacs(1)
-EWOS            European Workshop on Open Systems
-Entrust
-Example.com
-FORTEZZA
-GIF             Graphical Interchange Format
-HP		Hewlett Packard
-HPUX
-HTML            Hypertext Markup Language
-IANA            Internet Assigned Numbers Authority
-IBM		International Business Machine
-IDEA
-IEEE
-IPSEC
-IRIX
-ISO             International Organization for Standardization
-ITU             International Telecommunication Union
-Java
-JPEG            Joint Photographic Experts Group
-JUNIPER
-KEA             Key Encryption Algorithm
-LDAP            Lightweight Directory Access Protocol
-LWER            Lightweight Encoding Rules
-Macintosh
-MD2
-MD5
-MIME            Multipurpose Internet Mail Extensions
-MISSI
-Microsoft
-NATO            North Atlantic Treaty Organization
-NSPR            Netscape Portable Runtime
-NSS             Network Security Services
-Netscape
-Netscape Certificate Server
-Netscape Directory
-Nordunet
-OAEP
-OCSP            Online Certificate Status Protocol
-OID             Object Identifier
-OSI             Open Systems Interconnection
-OSF		Open Software Foundation
-OSF1
-PERL            Practical Extraction and Report Language
-PGP             Pretty Good Privacy
-PHG
-PKCS            Public Key Cryptography Standards
-PKIX            Public Key Infrastructure (X.509)
-POSIX
-PTHREADS        Posix Threads
-PURIFY
-RC2
-RC4
-RC5
-RFC
-RSA
-RSA Data Security
-RSA Security
-SHA1            Secure Hashing Algorithm
-SITA            Societe Internationale de Telecommunications Aeronautiques
-SKIPJACK
-SMIME           Secure MIME
-SMPTE           Society of Motion Picture and Television Engineers
-SNMP            Simple Network Management Protocol
-SGI		Silicon Graphics Incorporated
-SSL             Secure Sockets Layer
-Sun
-SunOS
-Solaris
-TLS             Transport Layer Security
-Teletex
-Teletrust
-Telex
-Thawte
-UCS-4           Universal Coded Character Set
-UNIX
-URI             Uniform Resource Identifier
-URL             Uniform Resource Locator
-UTF-8           Unicode Transformation Format
-Unisys
-Verisign
-WIN16           Windows
-WIN32           Windows
-WINNT           Windows NT
-Windows
-WordPerfect
-X.121
-X.25
-X.400
-X.509
-X.520
-X9.42
-X9.57
-XAPIA
-Z39.50
-